mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 06:40:48 +02:00
Fixes for warnings with possible use of uninitialized variable in async with DES3 and AES.
This commit is contained in:
@@ -13179,6 +13179,9 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
|
||||
ctx->lastUsed = 0;
|
||||
ctx->flags = 0;
|
||||
}
|
||||
|
||||
XMEMSET(&ctx->cipher, 0, sizeof(ctx->cipher));
|
||||
|
||||
#ifndef NO_AES
|
||||
#ifdef HAVE_AES_CBC
|
||||
#ifdef WOLFSSL_AES_128
|
||||
@@ -14251,6 +14254,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
|
||||
XMEMCPY(&key[DES_BLOCK_SIZE * 2], *ks3, DES_BLOCK_SIZE);
|
||||
lb_sz = sz%DES_BLOCK_SIZE;
|
||||
blk = sz/DES_BLOCK_SIZE;
|
||||
|
||||
/* OpenSSL compat, no ret */
|
||||
wc_Des3Init(&des, NULL, INVALID_DEVID);
|
||||
|
||||
if (enc) {
|
||||
wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_ENCRYPTION);
|
||||
wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
|
||||
@@ -14269,6 +14276,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
|
||||
XMEMCPY(output+sz-lb_sz, lastblock, lb_sz);
|
||||
}
|
||||
}
|
||||
wc_Des3Free(&des);
|
||||
}
|
||||
|
||||
|
||||
|
||||
+60
-32
@@ -5525,10 +5525,13 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
|
||||
(ivSz != AES_BLOCK_SIZE) )
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_ENCRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCbcEncrypt(&aes, out, in, inSz);
|
||||
|
||||
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_ENCRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCbcEncrypt(&aes, out, in, inSz);
|
||||
wc_AesFree(&aes);
|
||||
}
|
||||
break;
|
||||
#ifdef HAVE_AESGCM
|
||||
#ifdef WOLFSSL_AES_128
|
||||
@@ -5545,10 +5548,14 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
|
||||
if (authTag == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_AesGcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesGcmEncrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_AesGcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesGcmEncrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
wc_AesFree(&aes);
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
#endif /* HAVE_AESGCM */
|
||||
@@ -5567,10 +5574,14 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
|
||||
if (authTag == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_AesCcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCcmEncrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_AesCcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCcmEncrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
wc_AesFree(&aes);
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
#endif /* HAVE_AESCCM */
|
||||
@@ -5590,10 +5601,13 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
|
||||
if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_Des3_SetKey(&des3, key, iv, DES_ENCRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des3_CbcEncrypt(&des3, out, in, inSz);
|
||||
|
||||
ret = wc_Des3Init(&des3, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_Des3_SetKey(&des3, key, iv, DES_ENCRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des3_CbcEncrypt(&des3, out, in, inSz);
|
||||
wc_Des3Free(&des3);
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
@@ -5652,11 +5666,13 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
|
||||
#endif
|
||||
(ivSz != AES_BLOCK_SIZE) )
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_DECRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCbcDecrypt(&aes, out, in, inSz);
|
||||
|
||||
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_DECRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCbcDecrypt(&aes, out, in, inSz);
|
||||
wc_AesFree(&aes);
|
||||
}
|
||||
break;
|
||||
#ifdef HAVE_AESGCM
|
||||
#ifdef WOLFSSL_AES_128
|
||||
@@ -5673,10 +5689,14 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
|
||||
if (authTag == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_AesGcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesGcmDecrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_AesGcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesGcmDecrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
wc_AesFree(&aes);
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
#endif /* HAVE_AESGCM */
|
||||
@@ -5695,10 +5715,14 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
|
||||
if (authTag == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_AesCcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCcmDecrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_AesCcmSetKey(&aes, key, keySz);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCcmDecrypt(&aes, out, in, inSz, iv, ivSz,
|
||||
authTag, authTagSz, aad, aadSz);
|
||||
wc_AesFree(&aes);
|
||||
}
|
||||
break;
|
||||
#endif
|
||||
#endif /* HAVE_AESCCM */
|
||||
@@ -5717,9 +5741,13 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
|
||||
if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_Des3_SetKey(&des3, key, iv, DES_DECRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des3_CbcDecrypt(&des3, out, in, inSz);
|
||||
ret = wc_Des3Init(&des3, NULL, INVALID_DEVID);
|
||||
if (ret == 0) {
|
||||
ret = wc_Des3_SetKey(&des3, key, iv, DES_DECRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des3_CbcDecrypt(&des3, out, in, inSz);
|
||||
wc_Des3Free(&des3);
|
||||
}
|
||||
|
||||
break;
|
||||
#endif
|
||||
|
||||
+20
-7
@@ -5081,6 +5081,14 @@ int des3_test(void)
|
||||
};
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
|
||||
|
||||
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0)
|
||||
return -4750;
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0)
|
||||
return -4751;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
/* 128 key tests */
|
||||
ret = wc_AesSetKey(&enc, key1, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
|
||||
@@ -5238,14 +5246,12 @@ static int aes_key_size_test(void)
|
||||
word32 keySize;
|
||||
#endif
|
||||
|
||||
#ifdef WC_INITAES_H
|
||||
ret = wc_InitAes_h(NULL, NULL);
|
||||
ret = wc_AesInit(NULL, HEAP_HINT, devId);
|
||||
if (ret != BAD_FUNC_ARG)
|
||||
return -4800;
|
||||
ret = wc_InitAes_h(&aes, NULL);
|
||||
ret = wc_AesInit(&aes, HEAP_HINT, devId);
|
||||
if (ret != 0)
|
||||
return -4801;
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
/* Parameter Validation testing. */
|
||||
@@ -5909,12 +5915,10 @@ int aes_test(void)
|
||||
byte key[] = "0123456789abcdef "; /* align */
|
||||
byte iv[] = "1234567890abcdef "; /* align */
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0)
|
||||
return -5400;
|
||||
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0)
|
||||
return -5401;
|
||||
#endif
|
||||
|
||||
ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
|
||||
if (ret != 0)
|
||||
@@ -6621,7 +6625,10 @@ Aes dec;
|
||||
XMEMSET(resultP, 0, sizeof(resultP));
|
||||
|
||||
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0) {
|
||||
return -5700;
|
||||
return -4700;
|
||||
}
|
||||
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0) {
|
||||
return -4700;
|
||||
}
|
||||
|
||||
result = wc_AesGcmSetKey(&enc, key, keySz);
|
||||
@@ -9880,6 +9887,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
|
||||
|
||||
ret = 0;
|
||||
exit_rsa_pss:
|
||||
FREE_VAR(sig, HEAP_HINT);
|
||||
FREE_VAR(in, HEAP_HINT);
|
||||
FREE_VAR(out, HEAP_HINT);
|
||||
|
||||
@@ -19343,6 +19351,11 @@ static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
|
||||
} else {
|
||||
/* KTRI or KARI recipient types */
|
||||
|
||||
ret = wc_PKCS7_Init(pkcs7, pkcs7->heap, pkcs7->devId);
|
||||
if (ret != 0) {
|
||||
return -9321;
|
||||
}
|
||||
|
||||
ret = wc_PKCS7_InitWithCert(pkcs7, testVectors[i].cert,
|
||||
(word32)testVectors[i].certSz);
|
||||
if (ret != 0) {
|
||||
|
||||
Reference in New Issue
Block a user