diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index b0001f198..a44ee72b3 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -926,7 +926,7 @@ #ifdef NEED_AES_TABLES -static const word32 rcon[] = { +static const FLASH_QUALIFIER word32 rcon[] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000, @@ -934,7 +934,7 @@ static const word32 rcon[] = { }; #ifndef WOLFSSL_AES_SMALL_TABLES -static const word32 Te[4][256] = { +static const FLASH_QUALIFIER word32 Te[4][256] = { { 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, @@ -1202,7 +1202,7 @@ static const word32 Te[4][256] = { }; #ifdef HAVE_AES_DECRYPT -static const word32 Td[4][256] = { +static const FLASH_QUALIFIER word32 Td[4][256] = { { 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, @@ -1475,7 +1475,7 @@ static const word32 Td[4][256] = { #ifdef HAVE_AES_DECRYPT #if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) \ || defined(WOLFSSL_AES_DIRECT) -static const byte Td4[256] = +static const FLASH_QUALIFIER byte Td4[256] = { 0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U, 0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU, diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index aae0418ec..9201ae576 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -6089,6 +6089,32 @@ int ExtractDate(const unsigned char* date, unsigned char format, certTime->tm_year *= 100; } +#ifdef AVR + /* Extract the time from the struct tm and adjust tm_year, tm_mon */ + /* AVR libc stores these as uint8_t instead of int */ + /* AVR time_t also offsets from midnight 1 Jan 2000 */ + int tm_year = certTime->tm_year - 2000; + int tm_mon = certTime->tm_mon - 1; + int tm_mday = certTime->tm_mday; + int tm_hour = certTime->tm_hour; + int tm_min = certTime->tm_min; + int tm_sec = certTime->tm_sec; + + if (GetTime(&tm_year, date, idx) != 0) return 0; + if (GetTime(&tm_mon , date, idx) != 0) return 0; + if (GetTime(&tm_mday, date, idx) != 0) return 0; + if (GetTime(&tm_hour, date, idx) != 0) return 0; + if (GetTime(&tm_min , date, idx) != 0) return 0; + if (GetTime(&tm_sec , date, idx) != 0) return 0; + + /* Re-populate certTime with computed values */ + certTime->tm_year = tm_year; + certTime->tm_mon = tm_mon; + certTime->tm_mday = tm_mday; + certTime->tm_hour = tm_hour; + certTime->tm_min = tm_min; + certTime->tm_sec = tm_sec; +#else /* adjust tm_year, tm_mon */ if (GetTime(&certTime->tm_year, date, idx) != 0) return 0; certTime->tm_year -= 1900; @@ -6098,6 +6124,7 @@ int ExtractDate(const unsigned char* date, unsigned char format, if (GetTime(&certTime->tm_hour, date, idx) != 0) return 0; if (GetTime(&certTime->tm_min , date, idx) != 0) return 0; if (GetTime(&certTime->tm_sec , date, idx) != 0) return 0; +#endif return 1; } diff --git a/wolfcrypt/src/des3.c b/wolfcrypt/src/des3.c index 9daa195eb..a6548dc5d 100644 --- a/wolfcrypt/src/des3.c +++ b/wolfcrypt/src/des3.c @@ -1170,7 +1170,7 @@ #ifdef NEED_SOFT_DES /* permuted choice table (key) */ - static const byte pc1[] = { + static const FLASH_QUALIFIER byte pc1[] = { 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, @@ -1183,12 +1183,12 @@ }; /* number left rotations of pc1 */ - static const byte totrot[] = { + static const FLASH_QUALIFIER byte totrot[] = { 1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28 }; /* permuted choice key (table) */ - static const byte pc2[] = { + static const FLASH_QUALIFIER byte pc2[] = { 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, @@ -1202,11 +1202,11 @@ /* End of DES-defined tables */ /* bit 0 is left-most in byte */ - static const int bytebit[] = { + static const FLASH_QUALIFIER int bytebit[] = { 0200,0100,040,020,010,04,02,01 }; - static const word32 Spbox[8][64] = { + static const FLASH_QUALIFIER word32 Spbox[8][64] = { { 0x01010400,0x00000000,0x00010000,0x01010404, 0x01010004,0x00010404,0x00000004,0x00010000, 0x00000400,0x01010400,0x01010404,0x00000400, diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c index ac7838b0d..decb1b37e 100644 --- a/wolfcrypt/src/integer.c +++ b/wolfcrypt/src/integer.c @@ -1988,7 +1988,7 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, calls/ifs) */ #ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C if (((P->used * 2 + 1) < (int)MP_WARRAY) && - P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + P->used < (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { redux = fast_mp_montgomery_reduce; } else #endif @@ -2234,7 +2234,7 @@ int mp_exptmod_base_2(mp_int * X, mp_int * P, mp_int * Y) calls/ifs) */ #ifdef BN_FAST_MP_MONTGOMERY_REDUCE_C if (((P->used * 2 + 1) < (int)MP_WARRAY) && - P->used < (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + P->used < (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { redux = fast_mp_montgomery_reduce; } else #endif @@ -2594,7 +2594,7 @@ int mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) digs = n->used * 2 + 1; if ((digs < (int)MP_WARRAY) && n->used < - (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { return fast_mp_montgomery_reduce (x, n, rho); } @@ -3041,7 +3041,7 @@ int mp_mul (mp_int * a, mp_int * b, mp_int * c) if ((digs < (int)MP_WARRAY) && MIN(a->used, b->used) <= - (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { res = fast_s_mp_mul_digs (a, b, c, digs); } else #endif @@ -3504,7 +3504,7 @@ int s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) /* can we use the fast multiplier? */ if ((digs < (int)MP_WARRAY) && MIN (a->used, b->used) < - (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { return fast_s_mp_mul_digs (a, b, c, digs); } @@ -4012,7 +4012,7 @@ int s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) #ifdef BN_FAST_S_MP_MUL_HIGH_DIGS_C if (((a->used + b->used + 1) < (int)MP_WARRAY) && MIN (a->used, b->used) < - (1 << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { + (1L << ((CHAR_BIT * sizeof (mp_word)) - (2 * DIGIT_BIT)))) { return fast_s_mp_mul_high_digs (a, b, c, digs); } #endif @@ -4543,7 +4543,7 @@ int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c) #if defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || !defined(NO_DSA) || !defined(NO_RSA) -const mp_digit ltm_prime_tab[PRIME_SIZE] = { +const FLASH_QUALIFIER mp_digit ltm_prime_tab[PRIME_SIZE] = { 0x0002, 0x0003, 0x0005, 0x0007, 0x000B, 0x000D, 0x0011, 0x0013, 0x0017, 0x001D, 0x001F, 0x0025, 0x0029, 0x002B, 0x002F, 0x0035, 0x003B, 0x003D, 0x0043, 0x0047, 0x0049, 0x004F, 0x0053, 0x0059, diff --git a/wolfcrypt/src/port/atmel/atmel.c b/wolfcrypt/src/port/atmel/atmel.c index 27da811a1..cb287b124 100644 --- a/wolfcrypt/src/port/atmel/atmel.c +++ b/wolfcrypt/src/port/atmel/atmel.c @@ -336,6 +336,7 @@ int atmel_get_enc_key_default(byte* enckey, word16 keysize) /** * \brief Write enc key before. */ +#if defined(WOLFSSL_ATECC_ECDH_ENC) || defined(WOLFSSL_ATECC_ECDH_IOENC) static int atmel_init_enc_key(void) { int ret; @@ -370,6 +371,7 @@ static int atmel_init_enc_key(void) return ret; } +#endif int atmel_get_rev_info(word32* revision) { @@ -516,6 +518,7 @@ int atmel_init(void) device_init_default(); #endif +#if defined(WOLFSSL_ATECC_ECDH_ENC) || defined(WOLFSSL_ATECC_ECDH_IOENC) /* Init the I2C pipe encryption key. */ /* Value is generated/stored during pair for the ATECC508A and stored on micro flash */ @@ -524,6 +527,7 @@ int atmel_init(void) WOLFSSL_MSG("Failed to initialize transport key"); return WC_HW_E; } +#endif mAtcaInitDone = 1; } diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index afed0a4bb..dfec75316 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -1107,20 +1107,20 @@ exit_rng_ht: } -const byte seedA[] = { +const FLASH_QUALIFIER byte seedA_data[] = { 0x63, 0x36, 0x33, 0x77, 0xe4, 0x1e, 0x86, 0x46, 0x8d, 0xeb, 0x0a, 0xb4, 0xa8, 0xed, 0x68, 0x3f, 0x6a, 0x13, 0x4e, 0x47, 0xe0, 0x14, 0xc7, 0x00, 0x45, 0x4e, 0x81, 0xe9, 0x53, 0x58, 0xa5, 0x69, 0x80, 0x8a, 0xa3, 0x8f, 0x2a, 0x72, 0xa6, 0x23, 0x59, 0x91, 0x5a, 0x9f, 0x8a, 0x04, 0xca, 0x68 }; -const byte reseedSeedA[] = { +const FLASH_QUALIFIER byte reseedSeedA_data[] = { 0xe6, 0x2b, 0x8a, 0x8e, 0xe8, 0xf1, 0x41, 0xb6, 0x98, 0x05, 0x66, 0xe3, 0xbf, 0xe3, 0xc0, 0x49, 0x03, 0xda, 0xd4, 0xac, 0x2c, 0xdf, 0x9f, 0x22, 0x80, 0x01, 0x0a, 0x67, 0x39, 0xbc, 0x83, 0xd3 }; -const byte outputA[] = { +const FLASH_QUALIFIER byte outputA_data[] = { 0x04, 0xee, 0xc6, 0x3b, 0xb2, 0x31, 0xdf, 0x2c, 0x63, 0x0a, 0x1a, 0xfb, 0xe7, 0x24, 0x94, 0x9d, 0x00, 0x5a, 0x58, 0x78, 0x51, 0xe1, 0xaa, 0x79, 0x5e, 0x47, 0x73, 0x47, 0xc8, 0xb0, 0x56, 0x62, 0x1c, 0x18, 0xbd, 0xdc, @@ -1134,7 +1134,7 @@ const byte outputA[] = { 0xa1, 0x80, 0x18, 0x3a, 0x07, 0xdf, 0xae, 0x17 }; -const byte seedB[] = { +const FLASH_QUALIFIER byte seedB_data[] = { 0xa6, 0x5a, 0xd0, 0xf3, 0x45, 0xdb, 0x4e, 0x0e, 0xff, 0xe8, 0x75, 0xc3, 0xa2, 0xe7, 0x1f, 0x42, 0xc7, 0x12, 0x9d, 0x62, 0x0f, 0xf5, 0xc1, 0x19, 0xa9, 0xef, 0x55, 0xf0, 0x51, 0x85, 0xe0, 0xfb, /* nonce next */ @@ -1142,7 +1142,7 @@ const byte seedB[] = { 0xdb, 0xcb, 0xcc, 0x2e }; -const byte outputB[] = { +const FLASH_QUALIFIER byte outputB_data[] = { 0xd3, 0xe1, 0x60, 0xc3, 0x5b, 0x99, 0xf3, 0x40, 0xb2, 0x62, 0x82, 0x64, 0xd1, 0x75, 0x10, 0x60, 0xe0, 0x04, 0x5d, 0xa3, 0x83, 0xff, 0x57, 0xa5, 0x7d, 0x73, 0xa6, 0x73, 0xd2, 0xb8, 0xd8, 0x0d, 0xaa, 0xf6, 0xa6, 0xc3, @@ -1175,17 +1175,65 @@ static int wc_RNG_HealthTestLocal(int reseed) #endif if (reseed) { - ret = wc_RNG_HealthTest(1, seedA, sizeof(seedA), - reseedSeedA, sizeof(reseedSeedA), +#ifdef WOLFSSL_USE_FLASHMEM + byte* seedA = (byte*)XMALLOC(sizeof(seedA_data), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + byte* reseedSeedA = (byte*)XMALLOC(sizeof(reseedSeedA_data), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + byte* outputA = (byte*)XMALLOC(sizeof(outputA_data), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + + if (!seedA || !reseedSeedA || !outputA) { + XFREE(seedA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(reseedSeedA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(outputA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + ret = MEMORY_E; + } + else { + XMEMCPY_P(seedA, seedA_data, sizeof(seedA_data)); + XMEMCPY_P(reseedSeedA, reseedSeedA_data, sizeof(reseedSeedA_data)); + XMEMCPY_P(outputA, outputA_data, sizeof(outputA_data)); +#else + const byte* seedA = seedA_data; + const byte* reseedSeedA = reseedSeedA_data; + const byte* outputA = outputA_data; +#endif + ret = wc_RNG_HealthTest(1, seedA, sizeof(seedA_data), + reseedSeedA, sizeof(reseedSeedA_data), check, RNG_HEALTH_TEST_CHECK_SIZE); if (ret == 0) { if (ConstantCompare(check, outputA, RNG_HEALTH_TEST_CHECK_SIZE) != 0) ret = -1; } + +#ifdef WOLFSSL_USE_FLASHMEM + XFREE(seedA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(reseedSeedA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(outputA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } +#endif } else { - ret = wc_RNG_HealthTest(0, seedB, sizeof(seedB), +#ifdef WOLFSSL_USE_FLASHMEM + byte* seedB = (byte*)XMALLOC(sizeof(seedB_data), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + byte* outputB = (byte*)XMALLOC(sizeof(outputB_data), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + + if (!seedB || !outputB) { + XFREE(seedB, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(outputB, NULL, DYNAMIC_TYPE_TMP_BUFFER); + ret = MEMORY_E; + } + else { + XMEMCPY_P(seedB, seedB_data, sizeof(seedB_data)); + XMEMCPY_P(outputB, outputB_data, sizeof(outputB_data)); +#else + const byte* seedB = seedB_data; + const byte* outputB = outputB_data; +#endif + ret = wc_RNG_HealthTest(0, seedB, sizeof(seedB_data), NULL, 0, check, RNG_HEALTH_TEST_CHECK_SIZE); if (ret == 0) { @@ -1200,16 +1248,22 @@ static int wc_RNG_HealthTestLocal(int reseed) * byte 32, feed them into the health test separately. */ if (ret == 0) { ret = wc_RNG_HealthTest_ex(0, - seedB + 32, sizeof(seedB) - 32, + seedB + 32, sizeof(seedB_data) - 32, seedB, 32, NULL, 0, check, RNG_HEALTH_TEST_CHECK_SIZE, NULL, INVALID_DEVID); if (ret == 0) { - if (ConstantCompare(check, outputB, sizeof(outputB)) != 0) + if (ConstantCompare(check, outputB, sizeof(outputB_data)) != 0) ret = -1; } } + +#ifdef WOLFSSL_USE_FLASHMEM + XFREE(seedB, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(outputB, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } +#endif } #ifdef WOLFSSL_SMALL_STACK diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 48b0ffe8a..2b2521bbd 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -709,7 +709,7 @@ static int InitSha256(wc_Sha256* sha256) #ifdef NEED_SOFT_SHA256 - static const ALIGN32 word32 K[64] = { + static const FLASH_QUALIFIER ALIGN32 word32 K[64] = { 0x428A2F98L, 0x71374491L, 0xB5C0FBCFL, 0xE9B5DBA5L, 0x3956C25BL, 0x59F111F1L, 0x923F82A4L, 0xAB1C5ED5L, 0xD807AA98L, 0x12835B01L, 0x243185BEL, 0x550C7DC3L, 0x72BE5D74L, 0x80DEB1FEL, 0x9BDC06A7L, diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index a4cab4376..d0abe090b 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -2541,7 +2541,7 @@ struct DhKey; typedef int (*CallbackDhAgree)(WOLFSSL* ssl, struct DhKey* key, const unsigned char* priv, unsigned int privSz, const unsigned char* otherPubKeyDer, unsigned int otherPubKeySz, - unsigned char* out, unsigned int* outlen, + unsigned char* out, word32* outlen, void* ctx); WOLFSSL_API void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX*, CallbackDhAgree); WOLFSSL_API void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx); @@ -2639,7 +2639,7 @@ WOLFSSL_API void* wolfSSL_GetX448SharedSecretCtx(WOLFSSL* ssl); #ifndef NO_RSA typedef int (*CallbackRsaSign)(WOLFSSL* ssl, const unsigned char* in, unsigned int inSz, - unsigned char* out, unsigned int* outSz, + unsigned char* out, word32* outSz, const unsigned char* keyDer, unsigned int keySz, void* ctx); WOLFSSL_API void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX*, CallbackRsaSign); @@ -2684,7 +2684,7 @@ WOLFSSL_API void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl); /* RSA Public Encrypt cb */ typedef int (*CallbackRsaEnc)(WOLFSSL* ssl, const unsigned char* in, unsigned int inSz, - unsigned char* out, unsigned int* outSz, + unsigned char* out, word32* outSz, const unsigned char* keyDer, unsigned int keySz, void* ctx); WOLFSSL_API void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX*, CallbackRsaEnc); diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 87f1ab396..3ee4a7dbc 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -388,7 +388,9 @@ #ifdef WOLFSSL_ATECC508A /* backwards compatibility */ +#ifndef WOLFSSL_ATECC_NO_ECDH_ENC #define WOLFSSL_ATECC_ECDH_ENC +#endif #ifdef WOLFSSL_ATECC508A_DEBUG #define WOLFSSL_ATECC_DEBUG #endif @@ -919,6 +921,19 @@ extern void uITRON4_free(void *p) ; #define TFM_TIMING_RESISTANT #endif +/* To support storing some of the large constant tables in flash memory rather than SRAM. + Useful for processors that have limited SRAM, such as the AVR family of microtrollers. */ +#ifdef WOLFSSL_USE_FLASHMEM + /* This is supported on the avr-gcc compiler, for more information see: + https://gcc.gnu.org/onlinedocs/gcc/Named-Address-Spaces.html */ + #define FLASH_QUALIFIER __flash + + /* Copy data out of flash memory and into SRAM */ + #define XMEMCPY_P(pdest, psrc, size) memcpy_P((pdest), (psrc), (size)) +#else + #define FLASH_QUALIFIER +#endif + #ifdef FREESCALE_MQX_5_0 /* use normal Freescale MQX port, but with minor changes for 5.0 */ #define FREESCALE_MQX diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 362784b38..c5329164a 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -342,9 +342,9 @@ #else /* just use plain C stdlib stuff if desired */ #include - #define XMALLOC(s, h, t) malloc((s)) + #define XMALLOC(s, h, t) malloc((size_t)(s)) #define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));} - #define XREALLOC(p, n, h, t) realloc((p), (n)) + #define XREALLOC(p, n, h, t) realloc((p), (size_t)(n)) #endif #elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \ && !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \