Fixes for warnings with possible use of uninitialized variable in async with DES3 and AES.

This commit is contained in:
David Garske
2018-11-08 15:39:52 -08:00
parent da76fb6861
commit fcb40570e2
3 changed files with 88 additions and 39 deletions
+8
View File
@@ -13179,6 +13179,9 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ctx->lastUsed = 0;
ctx->flags = 0;
}
XMEMSET(&ctx->cipher, 0, sizeof(ctx->cipher));
#ifndef NO_AES
#ifdef HAVE_AES_CBC
#ifdef WOLFSSL_AES_128
@@ -14251,6 +14254,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
XMEMCPY(&key[DES_BLOCK_SIZE * 2], *ks3, DES_BLOCK_SIZE);
lb_sz = sz%DES_BLOCK_SIZE;
blk = sz/DES_BLOCK_SIZE;
/* OpenSSL compat, no ret */
wc_Des3Init(&des, NULL, INVALID_DEVID);
if (enc) {
wc_Des3_SetKey(&des, key, (const byte*)ivec, DES_ENCRYPTION);
wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
@@ -14269,6 +14276,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
XMEMCPY(output+sz-lb_sz, lastblock, lb_sz);
}
}
wc_Des3Free(&des);
}
+60 -32
View File
@@ -5525,10 +5525,13 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
(ivSz != AES_BLOCK_SIZE) )
return BAD_FUNC_ARG;
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_ENCRYPTION);
if (ret == 0)
ret = wc_AesCbcEncrypt(&aes, out, in, inSz);
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_ENCRYPTION);
if (ret == 0)
ret = wc_AesCbcEncrypt(&aes, out, in, inSz);
wc_AesFree(&aes);
}
break;
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
@@ -5545,10 +5548,14 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
if (authTag == NULL)
return BAD_FUNC_ARG;
ret = wc_AesGcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesGcmEncrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesGcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesGcmEncrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
wc_AesFree(&aes);
}
break;
#endif
#endif /* HAVE_AESGCM */
@@ -5567,10 +5574,14 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
if (authTag == NULL)
return BAD_FUNC_ARG;
ret = wc_AesCcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesCcmEncrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesCcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesCcmEncrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
wc_AesFree(&aes);
}
break;
#endif
#endif /* HAVE_AESCCM */
@@ -5590,10 +5601,13 @@ static int wc_PKCS7_EncryptContent(int encryptOID, byte* key, int keySz,
if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE)
return BAD_FUNC_ARG;
ret = wc_Des3_SetKey(&des3, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des3_CbcEncrypt(&des3, out, in, inSz);
ret = wc_Des3Init(&des3, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_Des3_SetKey(&des3, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des3_CbcEncrypt(&des3, out, in, inSz);
wc_Des3Free(&des3);
}
break;
#endif
default:
@@ -5652,11 +5666,13 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
#endif
(ivSz != AES_BLOCK_SIZE) )
return BAD_FUNC_ARG;
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_DECRYPTION);
if (ret == 0)
ret = wc_AesCbcDecrypt(&aes, out, in, inSz);
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesSetKey(&aes, key, keySz, iv, AES_DECRYPTION);
if (ret == 0)
ret = wc_AesCbcDecrypt(&aes, out, in, inSz);
wc_AesFree(&aes);
}
break;
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
@@ -5673,10 +5689,14 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
if (authTag == NULL)
return BAD_FUNC_ARG;
ret = wc_AesGcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesGcmDecrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesGcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesGcmDecrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
wc_AesFree(&aes);
}
break;
#endif
#endif /* HAVE_AESGCM */
@@ -5695,10 +5715,14 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
if (authTag == NULL)
return BAD_FUNC_ARG;
ret = wc_AesCcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesCcmDecrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesCcmSetKey(&aes, key, keySz);
if (ret == 0)
ret = wc_AesCcmDecrypt(&aes, out, in, inSz, iv, ivSz,
authTag, authTagSz, aad, aadSz);
wc_AesFree(&aes);
}
break;
#endif
#endif /* HAVE_AESCCM */
@@ -5717,9 +5741,13 @@ static int wc_PKCS7_DecryptContent(int encryptOID, byte* key, int keySz,
if (keySz != DES3_KEYLEN || ivSz != DES_BLOCK_SIZE)
return BAD_FUNC_ARG;
ret = wc_Des3_SetKey(&des3, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des3_CbcDecrypt(&des3, out, in, inSz);
ret = wc_Des3Init(&des3, NULL, INVALID_DEVID);
if (ret == 0) {
ret = wc_Des3_SetKey(&des3, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des3_CbcDecrypt(&des3, out, in, inSz);
wc_Des3Free(&des3);
}
break;
#endif
+20 -7
View File
@@ -5081,6 +5081,14 @@ int des3_test(void)
};
#endif /* WOLFSSL_AES_256 */
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0)
return -4750;
#ifdef HAVE_AES_DECRYPT
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0)
return -4751;
#endif
#ifdef WOLFSSL_AES_128
/* 128 key tests */
ret = wc_AesSetKey(&enc, key1, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
@@ -5238,14 +5246,12 @@ static int aes_key_size_test(void)
word32 keySize;
#endif
#ifdef WC_INITAES_H
ret = wc_InitAes_h(NULL, NULL);
ret = wc_AesInit(NULL, HEAP_HINT, devId);
if (ret != BAD_FUNC_ARG)
return -4800;
ret = wc_InitAes_h(&aes, NULL);
ret = wc_AesInit(&aes, HEAP_HINT, devId);
if (ret != 0)
return -4801;
#endif
#ifndef HAVE_FIPS
/* Parameter Validation testing. */
@@ -5909,12 +5915,10 @@ int aes_test(void)
byte key[] = "0123456789abcdef "; /* align */
byte iv[] = "1234567890abcdef "; /* align */
#ifdef WOLFSSL_ASYNC_CRYPT
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0)
return -5400;
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0)
return -5401;
#endif
ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
if (ret != 0)
@@ -6621,7 +6625,10 @@ Aes dec;
XMEMSET(resultP, 0, sizeof(resultP));
if (wc_AesInit(&enc, HEAP_HINT, devId) != 0) {
return -5700;
return -4700;
}
if (wc_AesInit(&dec, HEAP_HINT, devId) != 0) {
return -4700;
}
result = wc_AesGcmSetKey(&enc, key, keySz);
@@ -9880,6 +9887,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
ret = 0;
exit_rsa_pss:
FREE_VAR(sig, HEAP_HINT);
FREE_VAR(in, HEAP_HINT);
FREE_VAR(out, HEAP_HINT);
@@ -19343,6 +19351,11 @@ static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
} else {
/* KTRI or KARI recipient types */
ret = wc_PKCS7_Init(pkcs7, pkcs7->heap, pkcs7->devId);
if (ret != 0) {
return -9321;
}
ret = wc_PKCS7_InitWithCert(pkcs7, testVectors[i].cert,
(word32)testVectors[i].certSz);
if (ret != 0) {