Address pr comments, skoll, etc.

This commit is contained in:
Thomas Cook
2026-06-09 04:33:23 -04:00
parent 8945f2bde8
commit edda2d3a47
2 changed files with 24 additions and 17 deletions
+7 -10
View File
@@ -1754,29 +1754,27 @@ int wolfSSL_GetHmacMaxSize(void)
const byte* localSalt; /* either points to user input or tmp */
word32 hashSz;
if (out == NULL || (inKey == NULL && inKeySz > 0)) {
if (out == NULL || (inKey == NULL && inKeySz > 0))
return BAD_FUNC_ARG;
}
#ifdef WOLF_CRYPTO_CB
/* Try crypto callback first */
if (devId != INVALID_DEVID) {
ret = wc_CryptoCb_Hkdf_Extract(type, salt, saltSz, inKey, inKeySz,
out, devId);
ret = wc_CryptoCb_Hkdf_Extract(type, salt, saltSz, inKey, inKeySz,
out, devId);
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
return ret;
}
#endif
ret = wc_HmacSizeByType(type);
if (ret < 0) {
if (ret < 0)
return ret;
}
hashSz = (word32)ret;
WC_ALLOC_VAR_EX(myHmac, Hmac, 1, NULL, DYNAMIC_TYPE_HMAC,
return MEMORY_E);
hashSz = (word32)ret;
localSalt = salt;
if (localSalt == NULL) {
XMEMSET(tmp, 0, hashSz);
@@ -1832,7 +1830,7 @@ int wolfSSL_GetHmacMaxSize(void)
word32 hashSz;
byte n = 0x1;
if (inKey == NULL || out == NULL)
if (out == NULL || (inKey == NULL && inKeySz > 0))
return BAD_FUNC_ARG;
ret = wc_HmacSizeByType(type);
@@ -1947,9 +1945,8 @@ int wolfSSL_GetHmacMaxSize(void)
#endif
ret = wc_HmacSizeByType(type);
if (ret < 0) {
if (ret < 0)
return ret;
}
hashSz = (word32)ret;
ret = wc_HKDF_Extract_ex(type, salt, saltSz, inKey, inKeySz, prk, heap,
+17 -7
View File
@@ -34800,7 +34800,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
#ifndef HAVE_FIPS
/* fips can't have key size under 14 bytes, salt is key too */
L = (int)sizeof(okm1);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(7,0))
#if !defined(HAVE_SELFTEST)
ret = wc_HKDF_ex(WC_SHA, ikm1, 11, salt1, (word32)sizeof(salt1), info1,
(word32)sizeof(info1), okm1, (word32)L, HEAP_HINT, devId);
#else
@@ -34812,7 +34812,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
if (XMEMCMP(okm1, res2, (unsigned long)L) != 0)
return WC_TEST_RET_ENC_NC;
#endif /* HAVE_FIPS */
#endif /* !HAVE_FIPS */
#endif /* !NO_SHA */
#ifndef NO_SHA256
@@ -34845,7 +34845,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
if (XMEMCMP(okm1, res4, (unsigned long)L) != 0)
return WC_TEST_RET_ENC_NC;
#endif /* HAVE_FIPS */
#endif /* !HAVE_FIPS */
#endif /* !NO_SHA256 */
#ifndef NO_SHA
@@ -34873,7 +34873,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
#ifndef HAVE_FIPS
/* fips can't have key size under 14 bytes, salt is key too */
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(7,0))
#if !defined(HAVE_SELFTEST)
ret = wc_HKDF_Extract_ex(WC_SHA, salt1, (word32)sizeof(salt1), ikm1, 11,
prk, HEAP_HINT, devId);
#else
@@ -34882,7 +34882,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
if (ret != 0)
return WC_TEST_RET_ENC_EC(ret);
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(7,0))
#if !defined(HAVE_SELFTEST)
ret = wc_HKDF_Expand_ex(WC_SHA, prk, WC_SHA_DIGEST_SIZE, info1,
(word32)sizeof(info1), okm1, (word32)L, HEAP_HINT, devId);
#else
@@ -34894,7 +34894,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
if (XMEMCMP(okm1, res2, (unsigned long)L) != 0)
return WC_TEST_RET_ENC_NC;
#endif /* HAVE_FIPS */
#endif /* !HAVE_FIPS */
#endif /* !NO_SHA */
#ifndef NO_SHA256
@@ -34944,7 +34944,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
if (XMEMCMP(okm1, res4, (unsigned long)L) != 0)
return WC_TEST_RET_ENC_NC;
#endif /* HAVE_FIPS */
#endif /* !HAVE_FIPS */
#endif /* !NO_SHA256 */
#endif /* !NO_SHA || !NO_SHA256 */
@@ -34958,6 +34958,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
ret = wc_HKDF_Extract(WC_SHA256, NULL, 0, NULL, 5, okm1);
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return WC_TEST_RET_ENC_EC(ret);
/* wc_HKDF_Expand bad arg: NULL out */
ret = wc_HKDF_Expand(WC_SHA256, prk, WC_SHA256_DIGEST_SIZE, info1,
(word32)sizeof(info1), NULL, (word32)L);
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return WC_TEST_RET_ENC_EC(ret);
/* wc_HKDF_Expand bad arg: NULL inKey with non-zero inKeySz */
ret = wc_HKDF_Expand(WC_SHA256, NULL, WC_SHA256_DIGEST_SIZE, info1,
(word32)sizeof(info1), okm1, (word32)L);
if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG))
return WC_TEST_RET_ENC_EC(ret);
#endif /* !NO_SHA256 && !HAVE_SELFTEST && */
/* (!HAVE_FIPS || FIPS_VERSION3_GE(7,0,0)) */