When DIGIT_BIT is less than SIZEOF_LONG * CHAR_BIT, ASN1_INTEGER_get() can
return invalid value. For example, with trailing program, ASN1_INTEGER_get()
unexpectedly returns -268435449 (0xf0000007) on i386.
On the i386 platform (DIGIT_BIT=28), the input value 0x7fffffff is separated
into 0xfffffff and 0x7 and stored in the dp array of mp_int. Previously,
wolfSSL_BN_get_word_1() returned 0xfffffff shifted by 28 bits plus 0x7, so this
patch fixed it to return 0xfffffff plus 0x7 shifted by 28 bits.
int main(void)
{
ASN1_INTEGER *a;
long val;
int ret;
a = ASN1_INTEGER_new();
val = 0x7fffffff;
ret = ASN1_INTEGER_set(a, val);
if (ret != 1) {
printf("ret=%d\n", ret);
}
if (ASN1_INTEGER_get(a) != val) {
printf("ASN1_INTEGER_get=%ld\n", ASN1_INTEGER_get(a));
}
ASN1_INTEGER_free(a);
return 0;
}
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
./configure --with-liboqs --enable-all --disable-psk --enable-intelasm --enable-aesni --enable-sp-math-all --enable-sp-asm CFLAGS="-O3"
Yeilds the following erorr:
src/internal.c: In function ‘DoServerKeyExchange’:
src/internal.c:24487:28: error: ‘sigAlgo’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
24487 | if (sigAlgo == ed448_sa_algo &&
| ^
This fixes it.
If NULL is passed as the digest argument of wc_DsaSign(), mp_clear() will be
called before mp_init() is called. This can cause segmentation fault.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
test_wc_DsaSignVerify() passes the tests but causes an error.
free(): invalid pointer
If NULL is passed as the digest argument of wc_DsaVerify(), mp_clear() will be
called before mp_init() is called. On qemu-i386, the dp field of the mp_int
structure is non-null by default, which causes a segmentation fault when calling
mp_clear(). However, if WOLFSSL_SMALL_STACK is enabled, this problem does not
occur.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Make `wc_PRF` return an error if it doesn't find a corresponding hash for the
passed in hash type. Currently, if `wc_PRF_TLS` is called with `NO_OLD_TLS`
defined, it will do nothing but still return success. Make it return an error
instead. These problems were uncovered when running the wolfEngine unit tests
with wolfSSL 5.0.0 FIPS Ready, which defines `NO_MD5` and `NO_OLD_TLS`.
