wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2026-02-01 07:29:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

SRTP fixes:

Browse Source 
* in wolfssl/ssl.h, add missing arg names to wolfSSL_CTX_set_tlsext_use_srtp(), wolfSSL_set_tlsext_use_srtp(), and wolfSSL_export_dtls_srtp_keying_material();
* in wolfcrypt/src/kdf.c, call wc_AesFree if and only if wc_AesInit() succeeded;
* in src/ssl.c:DtlsSrtpSelProfiles(), fix bugprone-inc-dec-in-conditions;
* in tests/suites.c:execute_test_case(), fix several -Wdeclaration-after-statement and -Wmissing-field-initializers;
* in wolfcrypt/test/test.c, fix a shiftTooManyBitsSigned warning in srtpkdf_test(), and fix a typo (kaSz/ksSz).
This commit is contained in:
Daniel Pouzzner
2023-12-15 14:06:36 -06:00
parent 8f2a48c676
commit ef14176b7f
5 changed files with 40 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
wolfcrypt/src/kdf.c
View File

@@ -1006,6 +1006,7 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
#else
Aes aes[1];
#endif
int aes_inited = 0;
/* Validate parameters. */
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
@@ -1031,6 +1032,7 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
ret = wc_AesInit(aes, NULL, INVALID_DEVID);
}
if (ret == 0) {
aes_inited = 1;
ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
}
@@ -1056,8 +1058,8 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
WC_SRTP_LABEL_SALT, key3, key3Sz, aes);
}
/* AES object memset so can always free. */
wc_AesFree(aes);
if (aes_inited)
wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
#endif
@@ -1099,6 +1101,7 @@ int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
#else
Aes aes[1];
#endif
int aes_inited = 0;
/* Validate parameters. */
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
@@ -1124,6 +1127,7 @@ int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
ret = wc_AesInit(aes, NULL, INVALID_DEVID);
}
if (ret == 0) {
aes_inited = 1;
ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
}
@@ -1149,8 +1153,8 @@ int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
WC_SRTCP_LABEL_SALT, key3, key3Sz, aes);
}
/* AES object memset so can always free. */
wc_AesFree(aes);
if (aes_inited)
wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
#endif
@@ -1189,6 +1193,7 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
#else
Aes aes[1];
#endif
int aes_inited = 0;
/* Validate parameters. */
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
@@ -1215,6 +1220,7 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
ret = wc_AesInit(aes, NULL, INVALID_DEVID);
}
if (ret == 0) {
aes_inited = 1;
ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
}
@@ -1229,8 +1235,8 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
outKeySz, aes);
}
/* AES object memset so can always free. */
wc_AesFree(aes);
if (aes_inited)
wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
#endif
@@ -1270,6 +1276,7 @@ int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt,
#else
Aes aes[1];
#endif
int aes_inited = 0;
/* Validate parameters. */
if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
@@ -1296,6 +1303,7 @@ int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt,
ret = wc_AesInit(aes, NULL, INVALID_DEVID);
}
if (ret == 0) {
aes_inited = 1;
ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
}
@@ -1310,8 +1318,8 @@ int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt,
outKeySz, aes);
}
/* AES object memset so can always free. */
wc_AesFree(aes);
if (aes_inited)
wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
#endif