From 0775baa2e1cf780acb025813d9f1937654dd5885 Mon Sep 17 00:00:00 2001 From: gojimmypi Date: Fri, 23 Feb 2024 17:52:20 -0800 Subject: [PATCH 1/9] Introduce SHA256/SHA512 interleave, HAVE_DSA; revised ERROR_OUT, cleanup --- src/pk.c | 2 +- wolfcrypt/src/port/Espressif/esp32_sha.c | 9 +- wolfcrypt/test/test.c | 578 +++++++++++++++++++---- wolfssl/wolfcrypt/settings.h | 22 +- 4 files changed, 500 insertions(+), 111 deletions(-) diff --git a/src/pk.c b/src/pk.c index 4518766463..d7d32dd528 100644 --- a/src/pk.c +++ b/src/pk.c @@ -8499,7 +8499,7 @@ int wolfSSL_DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* otherPub, word32 keySz = 0; int pubSz = MAX_DHKEY_SZ; int privSz = MAX_DHKEY_SZ; - int sz; + int sz = 0; #ifdef WOLFSSL_SMALL_STACK unsigned char* pub = NULL; unsigned char* priv = NULL; diff --git a/wolfcrypt/src/port/Espressif/esp32_sha.c b/wolfcrypt/src/port/Espressif/esp32_sha.c index f6ad645c73..af2c9439b6 100644 --- a/wolfcrypt/src/port/Espressif/esp32_sha.c +++ b/wolfcrypt/src/port/Espressif/esp32_sha.c @@ -2244,14 +2244,18 @@ int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc) #if defined(WOLFSSL_ESP32_CRYPT) && defined(WOLFSSL_HW_METRICS) int esp_sw_sha256_count_add(void) { + int ret = 0; +#if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) esp_sha256_sw_fallback_usage_ct++; - return esp_sha256_sw_fallback_usage_ct; + ret = esp_sha256_sw_fallback_usage_ct; +#endif + return ret; } int esp_hw_show_sha_metrics(void) { int ret = 0; -#ifdef WOLFSSL_ESP32_CRYPT +#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) ESP_LOGI(TAG, "--------------------------------------------------------"); ESP_LOGI(TAG, "------------- wolfSSL ESP HW SHA Metrics----------------"); ESP_LOGI(TAG, "--------------------------------------------------------"); @@ -2280,7 +2284,6 @@ int esp_hw_show_sha_metrics(void) ret = 0; #endif /* HW_MATH_ENABLED */ - return ret; } #endif /* WOLFSSL_ESP32_CRYPT and WOLFSSL_HW_METRICS */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 0b1a93c595..ce15b76057 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -134,7 +134,8 @@ const byte const_byte_array[] = "A+Gd\0\0\0"; #include #include #include - #include /* */ + #include + #define ESPIDF_TAG "wc_test" #elif defined(WOLFSSL_ZEPHYR) #include @@ -728,19 +729,33 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void); /* General big buffer size for many tests. */ #define FOURK_BUF 4096 +/* If not defined in user_settings, the ERROR_OUT pause is 120 seconds. */ +#ifndef WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION + #define WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION 120 +#endif #if defined(WOLFSSL_ESPIDF_ERROR_PAUSE) + #if defined(CONFIG_FREERTOS_HZ) + #define WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION_TICKS \ + (WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION * CONFIG_FREERTOS_HZ) + #else + /* If not defined, assume RTOS is 1000 ticks per second. */ + #define WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION_TICKS \ + (WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION * 1000) + #endif /* When defined, pause at error condition rather than exit with error. */ - #define ERROR_OUT(err, eLabel) \ - do { \ - ret = (err); \ - esp_ShowExtendedSystemInfo(); \ - ESP_LOGE("wolfcrypt_test", "ESP Error! ret = %d ", err); \ - while (1) { \ - vTaskDelay(60000); \ - } \ - /* Just to appease compiler, don't actually go to eLabel */ \ - goto eLabel; \ - } while (0) + #define ERROR_OUT(err, eLabel) \ + do { \ + ret = (err); \ + ESP_LOGE(ESPIDF_TAG, "Failed: Error = %d during %s, line %d", \ + err, __FUNCTION__, __LINE__); \ + ESP_LOGI(ESPIDF_TAG, "Extended system info:"); \ + esp_ShowExtendedSystemInfo(); \ + ESP_LOGW(ESPIDF_TAG, "Paused for %d seconds! " \ + "WOLFSSL_ESPIDF_ERROR_PAUSE is enabled.", \ + WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION); \ + vTaskDelay(WOLFSSL_ESPIDF_ERROR_PAUSE_DURATION_TICKS); \ + goto eLabel; \ + } while (0) #else #define ERROR_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0) #endif @@ -1920,10 +1935,17 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\ if (args) ((func_args*)args)->return_code = ret; +/* If hardware acceleration and respective metrics tracked, show results: */ +#ifdef WOLFSSL_HW_METRICS + #if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI) && defined(WOLFSSL_HW_METRICS) + esp_hw_show_mp_metrics(); + #endif +#endif + TEST_PASS("Test complete\n"); EXIT_TEST(ret); -} +} /* end of wolfcrypt_test() */ #ifndef NO_MAIN_DRIVER @@ -1960,7 +1982,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\ #endif #ifdef WOLFSSL_APACHE_MYNEWT #ifdef ARCH_sim - mcu_sim_parse_args(argc, argv); + mcu_sim_parse_args(argc, argv); #endif sysinit(); @@ -2017,19 +2039,19 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\ err_sys("Error with wolfCrypt_Init!\n", WC_TEST_RET_ENC_EC(ret)); } - #ifdef HAVE_WC_INTROSPECTION +#ifdef HAVE_WC_INTROSPECTION printf("Math: %s\n", wc_GetMathInfo()); - #endif +#endif #ifdef WC_RNG_SEED_CB - wc_SetSeed_Cb(wc_GenerateSeed); + wc_SetSeed_Cb(wc_GenerateSeed); #endif - #ifdef HAVE_STACK_SIZE +#ifdef HAVE_STACK_SIZE StackSizeCheck(&args, wolfcrypt_test); - #else +#else wolfcrypt_test(&args); - #endif +#endif if ((ret = wolfCrypt_Cleanup()) != 0) { printf("wolfCrypt_Cleanup failed %d\n", (int)ret); @@ -2049,7 +2071,14 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\ while (1); #endif +#if defined(WOLFSSL_ESPIDF) + /* ESP_LOGI to print takes up a lot less memory than printf */ + ESP_LOGI(ESPIDF_TAG, "Exiting main with return code: % d\n", + args.return_code); +#else + /* gate this for target platforms wishing to avoid printf reference */ printf("Exiting main with return code: %ld\n", (long int)args.return_code); +#endif return args.return_code; } /* wolfcrypt_test_main or wolf_test_task */ @@ -2147,6 +2176,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void) /* Ensure a valid error code's string matches an invalid code's. * The string is that error strings are not available. */ + WOLFSSL_ENTER("error_test NO_ERROR_STRINGS"); errStr = wc_GetErrorString(OPEN_RAN_E); wc_ErrorString(OPEN_RAN_E, out); if (XSTRCMP(errStr, unknownStr) != 0) @@ -2159,6 +2189,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void) /* Values that are not or no longer error codes. */ int missing[] = { -124, -128, -129, -159, -163, -164, -165, -166, -167, -168, -169, -233, 0 }; + WOLFSSL_ENTER("error_test !NO_ERROR_STRINGS"); /* Check that all errors have a string and it's the same through the two * APIs. Check that the values that are not errors map to the unknown @@ -2169,14 +2200,22 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void) wc_ErrorString(i, out); if (i != missing[j]) { - if (XSTRCMP(errStr, unknownStr) == 0) + if (XSTRCMP(errStr, unknownStr) == 0) { + WOLFSSL_MSG("errStr unknown"); return WC_TEST_RET_ENC_NC; - if (XSTRCMP(out, unknownStr) == 0) + } + if (XSTRCMP(out, unknownStr) == 0) { + WOLFSSL_MSG("out unknown"); return WC_TEST_RET_ENC_NC; - if (XSTRCMP(errStr, out) != 0) + } + if (XSTRCMP(errStr, out) != 0) { + WOLFSSL_MSG("errStr does not match output"); return WC_TEST_RET_ENC_NC; - if (XSTRLEN(errStr) >= WOLFSSL_MAX_ERROR_SZ) + } + if (XSTRLEN(errStr) >= WOLFSSL_MAX_ERROR_SZ) { + WOLFSSL_MSG("errStr too long"); return WC_TEST_RET_ENC_NC; + } } else { j++; @@ -2226,6 +2265,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base64_test(void) "0123456789+/;"; byte charTest[] = "A+Gd\0\0\0"; int i; + WOLFSSL_ENTER("base64_test"); /* Good Base64 encodings. */ outLen = sizeof(out); @@ -2357,6 +2397,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base16_test(void) word32 encodedLen; byte plain[40]; word32 len; + WOLFSSL_ENTER("base16_test"); /* length returned includes null termination */ encodedLen = sizeof(encoded); @@ -2400,6 +2441,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t asn_test(void) struct tm timearg; time_t now; #endif + WOLFSSL_ENTER("asn_test"); ret = wc_GetDateInfo(dateBuf, (int)sizeof(dateBuf), &datePart, &format, &length); @@ -2441,6 +2483,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md2_test(void) testVector a, b, c, d, e, f, g; testVector test_md2[7]; int times = sizeof(test_md2) / sizeof(testVector), i; + WOLFSSL_ENTER("md2_test"); a.input = ""; a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" @@ -2529,6 +2572,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md5_test(void) testVector a, b, c, d, e, f; testVector test_md5[6]; int times = sizeof(test_md5) / sizeof(testVector), i; + WOLFSSL_ENTER("md5_test"); a.input = ""; a.output = "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42" @@ -2658,6 +2702,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md4_test(void) testVector a, b, c, d, e, f, g; testVector test_md4[7]; int times = sizeof(test_md4) / sizeof(testVector), i; + WOLFSSL_ENTER("md4_test"); a.input = ""; a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" @@ -2737,6 +2782,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha_test(void) testVector a, b, c, d, e; testVector test_sha[5]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + WOLFSSL_ENTER("sha_test"); a.input = ""; a.output = "\xda\x39\xa3\xee\x5e\x6b\x4b\x0d\x32\x55\xbf\xef\x95\x60\x18" @@ -2867,6 +2913,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ripemd_test(void) testVector a, b, c, d; testVector test_ripemd[4]; int times = sizeof(test_ripemd) / sizeof(struct testVector), i; + WOLFSSL_ENTER("ripemd_test"); a.input = "abc"; a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" @@ -2971,6 +3018,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2b_test(void) byte digest[64]; byte input[64]; int i, ret; + WOLFSSL_ENTER("blake2b_test"); for (i = 0; i < (int)sizeof(input); i++) input[i] = (byte)i; @@ -3032,6 +3080,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2s_test(void) byte digest[32]; byte input[64]; int i, ret; + WOLFSSL_ENTER("blake2s_test"); for (i = 0; i < (int)sizeof(input); i++) input[i] = (byte)i; @@ -3070,6 +3119,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha224_test(void) testVector a, b, c; testVector test_sha[3]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + WOLFSSL_ENTER("sha224_test"); a.input = ""; a.output = "\xd1\x4a\x02\x8c\x2a\x3a\x2b\xc9\x47\x61\x02\xbb\x28\x82\x34" @@ -3141,9 +3191,17 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) byte hashcopy[WC_SHA256_DIGEST_SIZE]; wc_test_ret_t ret = 0; - testVector a, b, c; - testVector test_sha[3]; + testVector a, b, c, d; + testVector test_sha[4]; +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + byte i_hash[WC_SHA256_DIGEST_SIZE]; + byte i_hashcopy[WC_SHA256_DIGEST_SIZE]; + testVector interleave_test_sha[4]; + wc_Sha256 i_sha, i_shaCopy; +#endif + int times = sizeof(test_sha) / sizeof(struct testVector), i; + WOLFSSL_ENTER("sha256_test"); a.input = ""; a.output = "\xe3\xb0\xc4\x42\x98\xfc\x1c\x14\x9a\xfb\xf4\xc8\x99\x6f\xb9" @@ -3166,18 +3224,49 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) c.inLen = XSTRLEN(c.input); c.outLen = WC_SHA256_DIGEST_SIZE; + d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaa"; /* this is BLOCKSIZE length */ + d.output = "\xFF\xE0\x54\xFE\x7A\xE0\xCB\x6D\xC6\x5C\x3A\xF9\xB6\x1D\x52" + "\x09\xF4\x39\x85\x1D\xB4\x3D\x0B\xA5\x99\x73\x37\xDF\x15\x46" + "\x68\xEB"; + d.inLen = XSTRLEN(d.input); + d.outLen = WC_SHA256_DIGEST_SIZE; + test_sha[0] = a; test_sha[1] = b; test_sha[2] = c; + test_sha[3] = d; + +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + interleave_test_sha[0] = a; + interleave_test_sha[1] = b; + interleave_test_sha[2] = c; + interleave_test_sha[3] = d; +#endif ret = wc_InitSha256_ex(&sha, HEAP_HINT, devId); if (ret != 0) return WC_TEST_RET_ENC_EC(ret); + +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + ret = wc_InitSha256_ex(&i_sha, HEAP_HINT, devId); + if (ret != 0) + return WC_TEST_RET_ENC_EC(ret); +#endif + ret = wc_InitSha256_ex(&shaCopy, HEAP_HINT, devId); if (ret != 0) { wc_Sha256Free(&sha); return WC_TEST_RET_ENC_EC(ret); } +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + ret = wc_InitSha256_ex(&i_shaCopy, HEAP_HINT, devId); + if (ret != 0) { + wc_Sha256Free(&sha); + wc_Sha256Free(&i_sha); + return WC_TEST_RET_ENC_EC(ret); + } +#endif for (i = 0; i < times; ++i) { ret = wc_Sha256Update(&sha, (byte*)test_sha[i].input, @@ -3185,21 +3274,67 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); } +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + ret = wc_Sha256Update(&i_sha, (byte*)interleave_test_sha[i].input, + (word32)interleave_test_sha[i].inLen); + if (ret != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } +#endif + ret = wc_Sha256GetHash(&sha, hashcopy); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + ret = wc_Sha256GetHash(&i_sha, i_hashcopy); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#endif + ret = wc_Sha256Copy(&sha, &shaCopy); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + ret = wc_Sha256Copy(&i_sha, &i_shaCopy); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#endif + ret = wc_Sha256Final(&sha, hash); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + ret = wc_Sha256Final(&i_sha, i_hash); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#endif + wc_Sha256Free(&shaCopy); +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + wc_Sha256Free(&i_shaCopy); +#endif - if (XMEMCMP(hash, test_sha[i].output, WC_SHA256_DIGEST_SIZE) != 0) + if (XMEMCMP(hash, test_sha[i].output, WC_SHA256_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } + if (XMEMCMP(hash, hashcopy, WC_SHA256_DIGEST_SIZE) != 0) { ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); - if (XMEMCMP(hash, hashcopy, WC_SHA256_DIGEST_SIZE) != 0) + } +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + if (XMEMCMP(i_hash, interleave_test_sha[i].output, + WC_SHA256_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } + if (XMEMCMP(i_hash, i_hashcopy, WC_SHA256_DIGEST_SIZE) != 0) { ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } + if (XMEMCMP(i_hash, test_sha[i].output, WC_SHA256_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } + if (XMEMCMP(i_hash, hashcopy, WC_SHA256_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } +#endif } #ifndef NO_LARGE_HASH_TEST @@ -3243,7 +3378,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) wc_Sha256Free(&sha); wc_Sha256Free(&shaCopy); - +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + wc_Sha256Free(&i_sha); + wc_Sha256Free(&i_shaCopy); +#endif return ret; } #endif @@ -3262,7 +3400,15 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) testVector a, b, c; testVector test_sha[3]; +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + wc_Sha512 i_sha, i_shaCopy; + byte i_hash[WC_SHA512_DIGEST_SIZE]; + byte i_hashcopy[WC_SHA512_DIGEST_SIZE]; + testVector interleave_test_sha[3]; +#endif + int times = sizeof(test_sha) / sizeof(struct testVector), i; + WOLFSSL_ENTER("sha512_test"); a.input = ""; a.output = "\xcf\x83\xe1\x35\x7e\xef\xb8\xbd\xf1\x54\x28\x50\xd6\x6d\x80" @@ -3296,35 +3442,99 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) test_sha[1] = b; test_sha[2] = c; +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + interleave_test_sha[0] = a; + interleave_test_sha[1] = b; + interleave_test_sha[2] = c; +#endif + ret = wc_InitSha512_ex(&sha, HEAP_HINT, devId); if (ret != 0) return WC_TEST_RET_ENC_EC(ret); +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + ret = wc_InitSha512_ex(&i_sha, HEAP_HINT, devId); + if (ret != 0) + return WC_TEST_RET_ENC_EC(ret); +#endif + ret = wc_InitSha512_ex(&shaCopy, HEAP_HINT, devId); if (ret != 0) { wc_Sha512Free(&sha); return WC_TEST_RET_ENC_EC(ret); } +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + ret = wc_InitSha512_ex(&i_shaCopy, HEAP_HINT, devId); + if (ret != 0) { + wc_Sha512Free(&sha); + wc_Sha512Free(&i_sha); + return WC_TEST_RET_ENC_EC(ret); + } +#endif for (i = 0; i < times; ++i) { ret = wc_Sha512Update(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + ret = wc_Sha512Update(&i_sha, (byte*)interleave_test_sha[i].input, + (word32)interleave_test_sha[i].inLen); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#endif + ret = wc_Sha512GetHash(&sha, hashcopy); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + ret = wc_Sha512GetHash(&i_sha, i_hashcopy); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#endif + ret = wc_Sha512Copy(&sha, &shaCopy); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + ret = wc_Sha512Copy(&i_sha, &i_shaCopy); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#endif + ret = wc_Sha512Final(&sha, hash); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + ret = wc_Sha512Final(&i_sha, i_hash); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#endif + wc_Sha512Free(&shaCopy); +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + wc_Sha512Free(&i_shaCopy); +#endif if (XMEMCMP(hash, test_sha[i].output, WC_SHA512_DIGEST_SIZE) != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); if (XMEMCMP(hash, hashcopy, WC_SHA512_DIGEST_SIZE) != 0) ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); +#ifndef NO_WOLFSSL_SHA512_INTERLEAVE + if (XMEMCMP(i_hash, interleave_test_sha[i].output, + WC_SHA512_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } + if (XMEMCMP(i_hash, i_hashcopy, WC_SHA512_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } + if (XMEMCMP(i_hash, test_sha[i].output, WC_SHA512_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } + if (XMEMCMP(i_hash, hashcopy, WC_SHA512_DIGEST_SIZE) != 0) { + ERROR_OUT(WC_TEST_RET_ENC_I(i), exit); + } +#endif + } #ifndef NO_LARGE_HASH_TEST @@ -3380,7 +3590,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) exit: wc_Sha512Free(&sha); wc_Sha512Free(&shaCopy); - +#ifndef NO_WOLFSSL_SHA256_INTERLEAVE + wc_Sha512Free(&i_sha); + wc_Sha512Free(&i_shaCopy); +#endif return ret; } @@ -3402,6 +3615,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_224_test(void) testVector a, b, c; testVector test_sha[3]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + WOLFSSL_ENTER("sha512_224_test"); a.input = ""; a.output = "\x6e\xd0\xdd\x02" @@ -3553,6 +3767,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_256_test(void) testVector a, b, c; testVector test_sha[3]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + WOLFSSL_ENTER("sha512_256_test"); a.input = ""; a.output = "\xc6\x72\xb8\xd1" "\xef\x56\xed\x28" @@ -3700,6 +3915,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha384_test(void) testVector a, b, c; testVector test_sha[3]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + WOLFSSL_ENTER("sha384_test"); a.input = ""; @@ -4246,6 +4462,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha3_test(void) wc_test_ret_t ret; (void)ret; + WOLFSSL_ENTER("sha3_test"); #ifndef WOLFSSL_NOSHA3_224 if ((ret = sha3_224_test()) != 0) @@ -4479,6 +4696,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake128_test(void) "\x70\xd4\x7c\x19\x01\x1f\x6d\x37\xba\x7b\x74\xc2\xbc\xb6\xbc\x74" "\xa3\x66\x6c\x9b\x11\x84\x9d\x4a\x36\xbc\x8a\x0d\x4c\xe3\x39\xfa" "\xfa\x1b"; + WOLFSSL_ENTER("shake128_test"); /* @@ -4819,6 +5037,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake256_test(void) "\x8c\x68\xb7\xfb\xac\x55\x8a\x9b\x4d\x91\xe4\x9f\x72\xbb\x6e\x38" "\xaf\x21\x7d\x21\xaa\x98\x4e\x75\xc4\xb4\x1c\x7c\x50\x45\x54\xf9" "\xea\x26"; + + WOLFSSL_ENTER("shake256_test"); /* ** https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHAKE256_Msg0.pdf */ @@ -4969,6 +5189,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm3_test(void) byte hashGet[WC_SM3_DIGEST_SIZE]; byte hashCopy[WC_SM3_DIGEST_SIZE]; wc_test_ret_t ret = 0; + WOLFSSL_ENTER("sm3_test"); testVector a, b, c; testVector test_sm3[3]; @@ -5182,6 +5403,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) WC_HASH_TYPE_BLAKE2B, WC_HASH_TYPE_NONE }; + WOLFSSL_ENTER("hash_test"); + /* Parameter Validation testing. */ ret = wc_HashInit(NULL, WC_HASH_TYPE_SHA256); if (ret != BAD_FUNC_ARG) @@ -5450,6 +5673,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void) wc_test_ret_t ret; int times = sizeof(test_hmac) / sizeof(testVector), i; + WOLFSSL_ENTER("hmac_md5_test"); a.input = "Hi There"; a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" @@ -5534,6 +5758,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void) wc_test_ret_t ret; int times = sizeof(test_hmac) / sizeof(testVector), i; + WOLFSSL_ENTER("hmac_sha_test"); a.input = "Hi There"; a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" @@ -5622,6 +5847,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void) wc_test_ret_t ret; int times = sizeof(test_hmac) / sizeof(testVector), i; + WOLFSSL_ENTER("hmac_sha224_test"); a.input = "Hi There"; a.output = "\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3" @@ -5714,6 +5940,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void) wc_test_ret_t ret; int times = sizeof(test_hmac) / sizeof(testVector), i; + WOLFSSL_ENTER("hmac_sha256_test"); a.input = "Hi There"; a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" @@ -5827,6 +6054,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void) wc_test_ret_t ret; int times = sizeof(test_hmac) / sizeof(testVector), i; + WOLFSSL_ENTER("hmac_sha384_test"); a.input = "Hi There"; a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" @@ -5934,6 +6162,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void) wc_test_ret_t ret; int times = sizeof(test_hmac) / sizeof(testVector), i; + WOLFSSL_ENTER("hmac_sha512_test"); a.input = "Hi There"; a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c" @@ -6145,8 +6374,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void) }; int i = 0, iMax = sizeof(input) / sizeof(input[0]), - j, jMax = sizeof(hashType) / sizeof(hashType[0]), - ret; + j, jMax = sizeof(hashType) / sizeof(hashType[0]); + int ret; + WOLFSSL_ENTER("hmac_sha3_test"); #ifdef HAVE_FIPS /* FIPS requires a minimum length for HMAC keys, and "Jefe" is too @@ -6515,6 +6745,7 @@ static wc_test_ret_t rc2_cbc_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rc2_test(void) { wc_test_ret_t ret = 0; + WOLFSSL_ENTER("rc2_test"); ret = rc2_ecb_test(); if (ret != 0) { @@ -6545,6 +6776,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t arc4_test(void) testVector test_arc4[4]; int times = sizeof(test_arc4) / sizeof(testVector), i; + WOLFSSL_ENTER("arc4_test"); a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96"; @@ -6807,6 +7039,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha_test(void) test_chacha[2] = c; test_chacha[3] = d; + WOLFSSL_ENTER("chacha_test"); + #ifndef BENCH_EMBEDDED #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) cipher_big = (byte*)XMALLOC(CHACHA_BIG_TEST_SIZE, HEAP_HINT, @@ -7003,8 +7237,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha_test(void) #ifdef HAVE_POLY1305 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t poly1305_test(void) { - wc_test_ret_t ret = 0; - int i; byte tag[16]; Poly1305 enc; @@ -7162,6 +7394,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t poly1305_test(void) const byte* keys[] = {key, key, key2, key2, key5, key}; const byte* tests[] = {correct0, correct1, correct2, correct3, correct5, correct6}; + int i; + wc_test_ret_t ret = 0; + WOLFSSL_ENTER("poly1305_test"); for (i = 0; i < 6; i++) { ret = wc_Poly1305SetKey(&enc, keys[i], 32); @@ -7377,7 +7612,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha20_poly1305_aead_test(void) byte generatedCiphertext[265]; /* max plaintext2/cipher2 */ byte generatedPlaintext[265]; /* max plaintext2/cipher2 */ byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; - wc_test_ret_t err; ChaChaPoly_Aead aead; @@ -7386,9 +7620,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha20_poly1305_aead_test(void) #else #define TEST_SMALL_CHACHA_CHUNKS 64 #endif - #ifdef TEST_SMALL_CHACHA_CHUNKS + +#ifdef TEST_SMALL_CHACHA_CHUNKS word32 testLen; - #endif +#endif + wc_test_ret_t err; + + WOLFSSL_ENTER("chacha20_poly1305_aead_test"); XMEMSET(generatedCiphertext, 0, sizeof(generatedCiphertext)); XMEMSET(generatedAuthTag, 0, sizeof(generatedAuthTag)); @@ -7763,6 +8001,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des_test(void) }; wc_test_ret_t ret; + WOLFSSL_ENTER("des_test"); ret = wc_Des_SetKey(&enc, key, iv, DES_ENCRYPTION); if (ret != 0) @@ -7865,7 +8104,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void) #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY) size_t i; #endif - + WOLFSSL_ENTER("des3_test"); ret = wc_Des3Init(&enc, HEAP_HINT, devId); if (ret != 0) @@ -8164,22 +8403,24 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, }; #endif /* WOLFSSL_AES_192 */ -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) Aes *enc = NULL; -#else + #else Aes enc[1]; -#endif + #endif byte cipher[AES_BLOCK_SIZE * 4]; #ifdef HAVE_AES_DECRYPT -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - Aes *dec = NULL; -#else - Aes dec[1]; -#endif + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + Aes *dec = NULL; + #else + Aes dec[1]; + #endif byte plain [AES_BLOCK_SIZE * 4]; #endif wc_test_ret_t ret = 0; + WOLFSSL_ENTER("aesofb_test"); + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL) ERROR_OUT(-1, out); @@ -11365,6 +11606,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void) byte key[] = "0123456789abcdef "; /* align */ #endif WOLFSSL_SMALL_STACK_STATIC const byte iv[] = "1234567890abcdef "; /* align */ + WOLFSSL_ENTER("aes_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT) @@ -11410,8 +11652,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void) #endif if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); - if (XMEMCMP(cipher, verify_ecb, AES_BLOCK_SIZE)) + if (XMEMCMP(cipher, verify_ecb, AES_BLOCK_SIZE)) { + WOLFSSL_MSG("aes_test cipher vs verify_ecb mismatch!"); ERROR_OUT(WC_TEST_RET_ENC_NC, out); + } #ifdef HAVE_AES_DECRYPT XMEMSET(plain, 0, AES_BLOCK_SIZE * 4); ret = wc_AesEcbDecrypt(dec, plain, cipher, AES_BLOCK_SIZE); @@ -11439,16 +11683,22 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void) #if defined(WOLFSSL_ASYNC_CRYPT) ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE); #endif - if (ret != 0) + if (ret != 0) { + WOLFSSL_MSG("failed wc_AesCbcDecrypt"); ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + } - if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) + if (XMEMCMP(plain, msg, AES_BLOCK_SIZE)) { + WOLFSSL_MSG("wc_AesCbcDecrypt failed plain compare"); ERROR_OUT(WC_TEST_RET_ENC_NC, out); + } #endif /* HAVE_AES_DECRYPT */ /* skipped because wrapped key use in case of renesas sm */ #ifndef HAVE_RENESAS_SYNC - if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) + if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE)) { + WOLFSSL_MSG("wc_AesCbcDecrypt failed cipher-verify compare"); ERROR_OUT(WC_TEST_RET_ENC_NC, out); + } #endif #endif /* WOLFSSL_AES_128 */ @@ -11708,9 +11958,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void) if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(plain + AES_BLOCK_SIZE, msg2 + AES_BLOCK_SIZE, - AES_BLOCK_SIZE)) + AES_BLOCK_SIZE)) { + WOLFSSL_MSG("wc_AesCbcDecrypt failed plain-msg2 compare"); ERROR_OUT(WC_TEST_RET_ENC_NC, out); - + } #endif /* HAVE_AES_DECRYPT */ } #endif /* WOLFSSL_AES_128 && !HAVE_RENESAS_SYNC */ @@ -11835,6 +12086,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void) { int ret; + WOLFSSL_ENTER("aes_cfb_test"); + ret = aescfb_test_0(); if (ret != 0) return ret; @@ -11855,6 +12108,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cfb_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_xts_test(void) { int ret = 0; + WOLFSSL_ENTER("aes_xts_test"); + #ifdef WOLFSSL_AES_128 ret = aes_xts_128_test(); if (ret != 0) @@ -11926,6 +12181,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }; + WOLFSSL_ENTER("aes192_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL) @@ -11975,6 +12231,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); if (XMEMCMP(plain, msg, (int) sizeof(plain))) { + WOLFSSL_MSG("failed wc_AesCbcDecrypt plain-msg compare"); ERROR_OUT(WC_TEST_RET_ENC_NC, out); } #endif @@ -12058,6 +12315,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void) 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07, 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F }; + WOLFSSL_ENTER("aes256_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL) @@ -12440,6 +12698,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_default_test(void) }; wc_test_ret_t ret; + WOLFSSL_ENTER("aesgcm_default_test"); + ret = aesgcm_default_test_helper(key1, sizeof(key1), iv1, sizeof(iv1), plain1, sizeof(plain1), cipher1, sizeof(cipher1), aad1, sizeof(aad1), tag1, sizeof(tag1)); @@ -12643,6 +12903,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) byte resultP[sizeof(p) + AES_BLOCK_SIZE]; byte resultC[sizeof(p) + AES_BLOCK_SIZE]; wc_test_ret_t ret = 0; + #ifdef WOLFSSL_AES_256 #if !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC)) int alen; @@ -12680,6 +12941,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) XMEMSET(large_output, 0, BENCH_AESGCM_LARGE + AES_BLOCK_SIZE); XMEMSET(large_outdec, 0, BENCH_AESGCM_LARGE); #endif + WOLFSSL_ENTER("aesgcm_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL) @@ -13302,12 +13564,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) #ifdef WOLFSSL_AES_128 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t gmac_test(void) { - wc_test_ret_t ret; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) Gmac *gmac; #else Gmac gmac[1]; #endif + wc_test_ret_t ret; WOLFSSL_SMALL_STACK_STATIC const byte k1[] = { @@ -13358,6 +13620,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t gmac_test(void) #endif byte tag[16]; + WOLFSSL_ENTER("gmac_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((gmac = (Gmac *)XMALLOC(sizeof *gmac, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL) @@ -13805,6 +14068,8 @@ static wc_test_ret_t aesccm_128_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesccm_test(void) { wc_test_ret_t ret = 0; + WOLFSSL_ENTER("aesccm_test"); + #ifdef WOLFSSL_AES_128 if (ret == 0) ret = aesccm_128_test(); @@ -13916,9 +14181,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void) WOLFSSL_SMALL_STACK_STATIC byte ciphertext[sizeof(vectors[0].ct)]; WOLFSSL_SMALL_STACK_STATIC byte authtag[sizeof(vectors[0].tag)]; - wc_test_ret_t ret; int i; int len; + wc_test_ret_t ret; + WOLFSSL_ENTER("aes_eax_test"); + for (i = 0; i < (int)(sizeof(vectors)/sizeof(vectors[0])); i++) { @@ -14144,6 +14411,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aeskeywrap_test(void) {k6, d6, v6, sizeof(k6), sizeof(d6), sizeof(v6)} #endif }; + + WOLFSSL_ENTER("aeskeywrap_test"); + testSz = sizeof(test_wrap) / sizeof(keywrapVector); XMEMSET(output, 0, sizeof(output)); @@ -14194,7 +14464,6 @@ void printOutput(const char *strName, unsigned char *data, unsigned int dataSz) WOLFSSL_TEST_SUBROUTINE int ariagcm_test(MC_ALGID algo) { - int ret = 0; byte data[] = TEST_STRING; word32 dataSz = TEST_STRING_SZ; @@ -14207,6 +14476,9 @@ WOLFSSL_TEST_SUBROUTINE int ariagcm_test(MC_ALGID algo) word32 keySz, adSz = 256, authTagSz = sizeof(authTag); wc_Aria aria; + int ret = 0; + WOLFSSL_ENTER("ariagcm_test"); + XMEMSET((void *)&aria, 0, sizeof(aria)); ret = wc_AriaInitCrypt(&aria, algo); if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); } @@ -14382,7 +14654,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t camellia_test(void) byte out[CAMELLIA_BLOCK_SIZE]; Camellia cam; - int i, testsSz, ret; WOLFSSL_SMALL_STACK_STATIC const test_vector_t testVectors[] = { {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114}, @@ -14398,6 +14669,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t camellia_test(void) {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124}, {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125} }; + int i, testsSz; + int ret; + WOLFSSL_ENTER("camellia_test"); testsSz = sizeof(testVectors)/sizeof(test_vector_t); for (i = 0; i < testsSz; i++) { @@ -14960,6 +15234,7 @@ static int sm4_ccm_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm4_test(void) { wc_test_ret_t ret; + WOLFSSL_ENTER("sm4_test"); #ifdef WOLFSSL_SM4_ECB ret = sm4_ecb_test(); @@ -14993,7 +15268,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm4_test(void) #ifdef HAVE_XCHACHA WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha_test(void) { - wc_test_ret_t ret; WOLFSSL_SMALL_STACK_STATIC const byte Plaintext[] = { 0x54, 0x68, 0x65, 0x20, 0x64, 0x68, 0x6f, 0x6c, 0x65, 0x20, 0x28, 0x70, 0x72, 0x6f, 0x6e, 0x6f, /* The dhole (prono */ @@ -15048,17 +15322,21 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha_test(void) { 0x93, 0xb9, 0x31, 0x11, 0xc1, 0xa5, 0x5d, 0xd7, 0x42, 0x1a, 0x10, 0x18, 0x49, 0x74, 0xc7, 0xc5 }; + wc_test_ret_t ret; + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) struct ChaCha *chacha = (struct ChaCha *)XMALLOC(sizeof *chacha, HEAP_HINT, DYNAMIC_TYPE_CIPHER); byte *buf1 = (byte *)XMALLOC(sizeof Plaintext, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); byte *buf2 = (byte *)XMALLOC(sizeof Plaintext, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WOLFSSL_ENTER("XChaCha_test"); if ((chacha == NULL) || (buf1 == NULL) || (buf2 == NULL)) ERROR_OUT(WC_TEST_RET_ENC_NC, out); #else struct ChaCha chacha[1]; byte buf1[sizeof Plaintext]; byte buf2[sizeof Plaintext]; + WOLFSSL_ENTER("XChaCha_test"); #endif ret = wc_XChacha_SetKey(chacha, Key, sizeof Key, IV, sizeof IV, 0); @@ -15100,7 +15378,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha_test(void) { #if defined(HAVE_XCHACHA) && defined(HAVE_POLY1305) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void) { - wc_test_ret_t ret; WOLFSSL_SMALL_STACK_STATIC const byte Plaintext[] = { 0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, /* Ladies and Gentl */ @@ -15137,15 +15414,20 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void) { 0xc0, 0x87, 0x59, 0x24, 0xc1, 0xc7, 0x98, 0x79, 0x47, 0xde, 0xaf, 0xd8, 0x78, 0x0a, 0xcf, 0x49 }; + wc_test_ret_t ret; + + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) byte *buf1 = (byte *)XMALLOC(sizeof Ciphertext + sizeof Tag, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); byte *buf2 = (byte *)XMALLOC(sizeof Plaintext, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WOLFSSL_ENTER("XChaCha20Poly1305_test"); if ((buf1 == NULL) || (buf2 == NULL)) ERROR_OUT(WC_TEST_RET_ENC_NC, out); #else byte buf1[sizeof Ciphertext + sizeof Tag]; byte buf2[sizeof Plaintext]; + WOLFSSL_ENTER("XChaCha20Poly1305_test"); #endif ret = wc_XChaCha20Poly1305_Encrypt(buf1, sizeof Ciphertext + sizeof Tag, @@ -15416,6 +15698,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void) byte output[WC_SHA256_DIGEST_SIZE * 4]; wc_test_ret_t ret; + WOLFSSL_ENTER("random_test"); ret = wc_RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0, output, sizeof(output)); @@ -15482,6 +15765,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void) { + WOLFSSL_ENTER("random_test"); + /* Basic RNG generate block test */ return random_rng_test(); } @@ -15555,6 +15840,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void) { wc_test_ret_t ret = 0; word32 j = 0; /* used in embedded const pointer test */ + WOLFSSL_ENTER("memory_test"); #if defined(COMPLEX_MEM_TEST) || defined(WOLFSSL_STATIC_MEMORY) int i; @@ -16099,6 +16385,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cert_test(void) size_t bytes; XFILE file; wc_test_ret_t ret; + WOLFSSL_ENTER("cert_test"); + tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) @@ -16201,6 +16489,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void) /* created from rsa_test : cert.der */ byte kid_ca[] = "\x33\xD8\x45\x66\xD7\x68\x87\x18\x7E\x54" "\x0D\x70\x27\x91\xC7\x26\xD7\x85\x65\xC0"; + WOLFSSL_ENTER("certext_test"); tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (tmp == NULL) @@ -16371,6 +16660,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void) FILE* file; byte* der; word32 derSz; + WOLFSSL_ENTER("decodedCertCache_test"); derSz = FOURK_BUF; der = (byte *)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -17587,6 +17877,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void) WC_ALLOC_VAR(key, RsaKey, 1, HEAP_HINT); WC_ALLOC_VAR(out, byte, RSA_TEST_BYTES, HEAP_HINT); WC_ALLOC_VAR(plain, byte, RSA_TEST_BYTES, HEAP_HINT); + WOLFSSL_ENTER("rsa_no_pad_test"); #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC if (key == NULL || out == NULL || plain == NULL) @@ -19008,6 +19299,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) WC_ALLOC_VAR(in, byte, TEST_STRING_SZ, HEAP_HINT); WC_ALLOC_VAR(out, byte, RSA_TEST_BYTES, HEAP_HINT); WC_ALLOC_VAR(plain, byte, RSA_TEST_BYTES, HEAP_HINT); + WOLFSSL_ENTER("rsa_test"); #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC if (in == NULL || out == NULL || plain == NULL) @@ -20292,6 +20584,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dh_test(void) #endif #endif /* !WC_NO_RNG */ + WOLFSSL_ENTER("dh_test"); + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if (key == NULL || key2 == NULL || tmp == NULL) { ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done); @@ -20700,6 +20994,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void) DsaKey *derIn = (DsaKey *)XMALLOC(sizeof *derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); DsaKey *genKey = (DsaKey *)XMALLOC(sizeof *genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif + WOLFSSL_ENTER("dsa_test"); + if ((tmp == NULL) || (key == NULL) @@ -21040,6 +21336,7 @@ static wc_test_ret_t srp_test_digest(SrpType dgstType) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void) { wc_test_ret_t ret; + WOLFSSL_ENTER("srp_test"); #ifndef NO_SHA ret = srp_test_digest(SRP_TYPE_SHA); @@ -22040,6 +22337,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void) EVP_MD_CTX md_ctx; testVector a, b, c, d, e, f; byte hash[WC_SHA256_DIGEST_SIZE*2]; /* max size */ + WOLFSSL_ENTER("openssl_test"); a.inLen = 0; b.inLen = c.inLen = d.inLen = e.inLen = f.inLen = a.inLen; @@ -23227,6 +23525,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openSSL_evpMD_test(void) #if !defined(NO_SHA256) && !defined(NO_SHA) WOLFSSL_EVP_MD_CTX* ctx; WOLFSSL_EVP_MD_CTX* ctx2; + WOLFSSL_ENTER("openSSL_evpMD_test"); ctx = EVP_MD_CTX_create(); ctx2 = EVP_MD_CTX_create(); @@ -23340,9 +23639,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void) XFILE keypubFile; char cliKey[] = "./certs/client-key.der"; char cliKeypub[] = "./certs/client-keyPub.der"; - #endif + WOLFSSL_ENTER("openssl_pkey0_test"); + prvTmp = (byte*)XMALLOC(FOURK_BUFF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (prvTmp == NULL) return WC_TEST_RET_ENC_ERRNO; @@ -23575,6 +23875,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void) unsigned char plain[RSA_TEST_BYTES]; #endif + WOLFSSL_ENTER("openssl_pkey1_test"); + #if defined(USE_CERT_BUFFERS_1024) XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024); cliKeySz = (long)sizeof_client_key_der_1024; @@ -23760,12 +24062,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void) unsigned int count; wc_test_ret_t ret, ret1, ret2; - #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) XFILE keyFile; XFILE keypubFile; char cliKey[] = "./certs/client-key.der"; char cliKeypub[] = "./certs/client-keyPub.der"; - #endif +#endif + WOLFSSL_ENTER("openssl_evpSig_test"); prvTmp = (byte*)XMALLOC(FOURK_BUFF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (prvTmp == NULL) @@ -23996,6 +24299,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void) 0xcb, 0xf4, 0x5c, 0x6f, 0xa7, 0x7a, 0x41, 0xa4 }; #endif + WOLFSSL_ENTER("scrypt_test"); ret = wc_scrypt(derived, NULL, 0, NULL, 0, 4, 1, 1, sizeof(verify1)); if (ret != 0) @@ -24035,6 +24339,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void) if (XMEMCMP(derived, verify4, sizeof(verify4)) != 0) return WC_TEST_RET_ENC_NC; #endif +#else + (void)verify4; #endif /* !BENCH_EMBEDDED && !defined(WOLFSSL_LINUXKM) && !HAVE_INTEL_QA */ #if !defined(BENCH_EMBEDDED) @@ -24079,9 +24385,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void) int id = 1; int kLen = 24; int iterations = 1; - wc_test_ret_t ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, - iterations, kLen, WC_SHA256, id); + wc_test_ret_t ret; + WOLFSSL_ENTER("pkcs12_test"); + ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, + iterations, kLen, WC_SHA256, id); if (ret < 0) return WC_TEST_RET_ENC_EC(ret); @@ -24120,8 +24428,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void) 0x2d, 0xd4, 0xf9, 0x37, 0xd4, 0x95, 0x16, 0xa7, 0x2a, 0x9a, 0x21, 0xd1 }; - wc_test_ret_t ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt, - (int)sizeof(salt), iterations, kLen, WC_SHA256, HEAP_HINT, devId); + wc_test_ret_t ret; + WOLFSSL_ENTER("pbkdf2_test"); + + ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), + salt, (int)sizeof(salt), iterations, + kLen, WC_SHA256, HEAP_HINT, devId); if (ret != 0) return ret; @@ -24147,9 +24459,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void) 0xAF, 0x10, 0xEB, 0xFB, 0x4A, 0x3D, 0x2A, 0x20 }; - wc_test_ret_t ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd, - (int)XSTRLEN(passwd), salt, (int)sizeof(salt), iterations, WC_SHA, - HEAP_HINT); + wc_test_ret_t ret; + WOLFSSL_ENTER("pbkdf1_test"); + + ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd, + (int)XSTRLEN(passwd), salt, (int)sizeof(salt), iterations, WC_SHA, + HEAP_HINT); if (ret != 0) return ret; @@ -24162,29 +24477,30 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void) WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void) { - wc_test_ret_t ret = 0; + wc_test_ret_t ret = 0; + WOLFSSL_ENTER("pwdbased_test"); #if defined(HAVE_PBKDF1) && !defined(NO_SHA) - ret = pbkdf1_test(); - if (ret != 0) - return ret; + ret = pbkdf1_test(); + if (ret != 0) + return ret; #endif #if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC) - ret = pbkdf2_test(); - if (ret != 0) - return ret; + ret = pbkdf2_test(); + if (ret != 0) + return ret; #endif #ifdef HAVE_PKCS12 - ret = pkcs12_test(); - if (ret != 0) - return ret; + ret = pkcs12_test(); + if (ret != 0) + return ret; #endif #ifdef HAVE_SCRYPT - ret = scrypt_test(); - if (ret != 0) - return ret; + ret = scrypt_test(); + if (ret != 0) + return ret; #endif - return ret; + return ret; } #endif /* NO_PWDBASED */ @@ -24246,6 +24562,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void) 0x58, 0x65 }; #endif #endif /* !NO_SHA256 */ + WOLFSSL_ENTER("hkdf_test"); XMEMSET(okm1, 0, sizeof(okm1)); L = (int)sizeof(okm1); @@ -24428,13 +24745,14 @@ static const SshKdfTestVector sshKdfTestVectors[] = { WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sshkdf_test(void) { - wc_test_ret_t result = 0; + byte cKey[32]; /* Greater of SHA256_DIGEST_SIZE and AES_BLOCK_SIZE */ word32 i; word32 tc = sizeof(sshKdfTestVectors)/sizeof(SshKdfTestVector); const SshKdfTestVector* tv = NULL; - byte cKey[32]; /* Greater of SHA256_DIGEST_SIZE and AES_BLOCK_SIZE */ - /* sId - Session ID, eKey - Expected Key, cKey - Calculated Key */ + wc_test_ret_t result = 0; + WOLFSSL_ENTER("sshkdf_test"); + /* sId - Session ID, eKey - Expected Key, cKey - Calculated Key */ for (i = 0, tv = sshKdfTestVectors; i < tc; i++, tv++) { result = wc_SSH_KDF(tv->hashId, tv->keyId, cKey, tv->expectedKeySz, @@ -25019,6 +25337,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls13_kdf_test(void) word32 i; word32 tc = sizeof(tls13KdfTestVectors)/sizeof(Tls13KdfTestVector); const Tls13KdfTestVector* tv = NULL; + WOLFSSL_ENTER("tls13_kdf_test"); for (i = 0, tv = tls13KdfTestVectors; i < tc; i++, tv++) { byte output[WC_MAX_DIGEST_SIZE]; @@ -25256,6 +25575,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t x963kdf_test(void) }; #endif + WOLFSSL_ENTER("x963kdf_test"); + #ifndef NO_SHA ret = wc_X963_KDF(WC_HASH_TYPE_SHA, Z, sizeof(Z), NULL, 0, kek, sizeof(verify)); @@ -25405,6 +25726,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hpke_test(void) { wc_test_ret_t ret = 0; Hpke hpke[1]; + WOLFSSL_ENTER("hpke_test"); #if defined(HAVE_ECC) #if defined(WOLFSSL_SHA224) || !defined(NO_SHA256) @@ -25687,6 +26009,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void) unsigned char keyE[32]; unsigned char keyA[20]; unsigned char keyS[14]; + WOLFSSL_ENTER("srtpkdf_test"); for (i = 0; (ret == 0) && (i < SRTP_TV_CNT); i++) { #ifndef WOLFSSL_AES_128 @@ -27805,6 +28128,7 @@ static wc_test_ret_t ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerif static wc_test_ret_t ecc_test_curve(WC_RNG* rng, int keySize, int curve_id) { wc_test_ret_t ret; + WOLFSSL_MSG_EX("ecc_test_curve keySize = %d", keySize); ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT, curve_id, NULL); @@ -30203,6 +30527,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void) { wc_test_ret_t ret; WC_RNG rng; + WOLFSSL_ENTER("ecc_test"); +#if defined(ECC_MIN_KEY_SZ) + WOLFSSL_MSG_EX("ecc_test ECC_MIN_KEY_SZ = %d\n", ECC_MIN_KEY_SZ); +#else + WOLFSSL_MSG("ecc_test ECC_MIN_KEY_SZ not defined."); +#endif #if defined(WOLFSSL_CERT_EXT) && \ (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256 @@ -31087,6 +31417,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_encrypt_test(void) ecc_key userA[1]; ecc_key userB[1]; #endif + WOLFSSL_ENTER("ecc_encrypt_test"); #ifndef HAVE_FIPS ret = wc_InitRng_ex(&rng, HEAP_HINT, devId); @@ -31259,6 +31590,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test_buffers(void) byte plain[256]; int verify = 0; word32 x; + WOLFSSL_ENTER("ecc_test_buffers"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((cliKey == NULL) || (servKey == NULL) || (tmpKey == NULL)) @@ -31825,6 +32157,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) #endif /* HAVE_CURVE25519_SHARED_SECRET */ (void)x; + WOLFSSL_ENTER("curve25519_test"); #ifndef HAVE_FIPS ret = wc_InitRng_ex(&rng, HEAP_HINT, devId); @@ -32801,6 +33134,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) #if !defined(NO_ASN) && defined(HAVE_ED25519_SIGN) ed25519_key key3; #endif + WOLFSSL_ENTER("ed25519_test"); /* create ed25519 keys */ #ifndef HAVE_FIPS @@ -33200,6 +33534,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve448_test(void) #endif /* HAVE_CURVE448_SHARED_SECRET */ (void)x; + WOLFSSL_ENTER("curve448_test"); #ifndef HAVE_FIPS ret = wc_InitRng_ex(&rng, HEAP_HINT, devId); @@ -34258,6 +34593,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void) ed448_key key3[1]; #endif #endif + WOLFSSL_ENTER("ed448_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) key = (ed448_key *)XMALLOC(sizeof(*key), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -36581,6 +36917,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t kyber_test(void) KYBER1024_CIPHER_TEXT_SIZE }, #endif }; + WOLFSSL_ENTER("kyber_test"); #ifndef HAVE_FIPS ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID); @@ -36699,8 +37036,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test(void) { int i = 0; int j = 0; - int ret = -1; - int ret2 = -1; XmssKey signingKey; XmssKey verifyKey; WC_RNG rng; @@ -36722,6 +37057,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test(void) const char * param = "XMSSMT-SHA2_60/12_256"; #endif byte * sig = NULL; + int ret2 = -1; + int ret = -1; + WOLFSSL_ENTER("xmss_test"); #ifndef HAVE_FIPS ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID); @@ -37209,13 +37547,14 @@ static /* not const */ byte xmss_sig[2500] = WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test_verify_only(void) { - int ret = -1; - int ret2 = -1; - int j = 0; XmssKey verifyKey; - word32 pkSz = 0; + word32 pkSz = 0; word32 sigSz = 0; const char * param = "XMSS-SHA2_10_256"; + int j = 0; + int ret2 = -1; + int ret = -1; + WOLFSSL_ENTER("xmss_test_verify_only"); ret = wc_XmssKey_Init(&verifyKey, NULL, INVALID_DEVID); if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); } @@ -37342,6 +37681,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test(void) #else byte sig[WC_TEST_LMS_SIG_LEN]; #endif + WOLFSSL_ENTER("lms_test"); XMEMSET(priv, 0, sizeof(priv)); XMEMSET(old_priv, 0, sizeof(old_priv)); @@ -37688,6 +38028,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test_verify_only(void) int levels = 0; int height = 0; int winternitz = 0; + WOLFSSL_ENTER("lms_test_verify_only"); ret = wc_LmsKey_Init(&verifyKey, NULL, INVALID_DEVID); if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); } @@ -38688,6 +39029,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t eccsi_test(void) EccsiKey* pub = NULL; mp_int* ssk = NULL; ecc_point* pvt = NULL; + WOLFSSL_ENTER("eccsi_test"); priv = (EccsiKey*)XMALLOC(sizeof(EccsiKey), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -39843,6 +40185,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sakke_test(void) SakkeKey* pub = NULL; SakkeKey* key = NULL; ecc_point* rsk = NULL; + WOLFSSL_ENTER("sakke_test"); priv = (SakkeKey*)XMALLOC(sizeof(SakkeKey), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -40107,6 +40450,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cmac_test(void) const CMAC_Test_Case* tc; word32 i, tagSz; wc_test_ret_t ret; + WOLFSSL_ENTER("cmac_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((cmac = (Cmac *)XMALLOC(sizeof *cmac, HEAP_HINT, DYNAMIC_TYPE_CMAC)) == NULL) @@ -40431,6 +40775,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t siphash_test(void) unsigned char res[SIPHASH_MAC_SIZE_16]; unsigned char tmp[SIPHASH_MAC_SIZE_8]; SipHash siphash; + WOLFSSL_ENTER("siphash_test (1)"); for (i = 0; i < 64; i++) { ret = wc_InitSipHash(&siphash, siphash_key, SIPHASH_MAC_SIZE_8); @@ -40468,6 +40813,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t siphash_test(void) if (XMEMCMP(res, siphash_r16[i], SIPHASH_MAC_SIZE_16) != 0) return WC_TEST_RET_ENC_I(i); } +#else + WOLFSSL_ENTER("siphash_test (1)"); #endif /* Testing bad parameters. */ @@ -40790,6 +41137,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t compress_test(void) word32 cSz = (dSz + (word32)(dSz * 0.001) + 12); byte *c; byte *d; + WOLFSSL_ENTER("compress_test"); c = (byte *)XMALLOC(cSz * sizeof(byte), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); d = (byte *)XMALLOC(dSz * sizeof(byte), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -41914,6 +42262,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7enveloped_test(void) byte* eccPrivKey = NULL; word32 eccCertSz = 0; word32 eccPrivKeySz = 0; + WOLFSSL_ENTER("pkcs7enveloped_test"); #ifndef NO_RSA /* read client RSA cert and key in DER format */ @@ -42620,6 +42969,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7authenveloped_test(void) byte* eccPrivKey = NULL; word32 eccCertSz = 0; word32 eccPrivKeySz = 0; + WOLFSSL_ENTER("pkcs7authenveloped_test"); #ifndef NO_RSA /* read client RSA cert and key in DER format */ @@ -43081,6 +43431,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7callback_test(byte* cert, word32 cert wc_test_ret_t ret = 0; word32 derSz; byte *derBuf = (byte *)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WOLFSSL_ENTER("pkcs7callback_test"); if (! derBuf) ERROR_OUT(WC_TEST_RET_ENC_NC, out); @@ -43277,6 +43628,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void) #endif #endif /* !NO_AES && HAVE_AES_CBC */ }; + WOLFSSL_ENTER("pkcs7encrypted_test"); encrypted = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); decoded = (byte *)XMALLOC(PKCS7_BUF_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -43453,6 +43805,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7compressed_test(void) ERROR_OUT(MEMORY_E, out); } #endif + WOLFSSL_ENTER("pkcs7compressed_test"); testSz = sizeof(testVectors) / sizeof(pkcs7CompressedVector); @@ -44635,6 +44988,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7signed_test(void) word32 rsaServerPrivKeyBufSz = 0; word32 rsaCaPrivKeyBufSz = 0; word32 eccClientPrivKeyBufSz = 0; + WOLFSSL_ENTER("pkcs7signed_test"); #ifndef NO_RSA /* read client RSA cert and key in DER format */ @@ -47437,6 +47791,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void) #endif mp_digit d = 0; #endif + #ifdef WOLFSSL_SMALL_STACK mp_int *a = (mp_int *)XMALLOC(sizeof(mp_int), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER), @@ -47459,6 +47814,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void) #else mp_int a[1], b[1], r1[1], r2[1], p[1]; #endif + WOLFSSL_ENTER("mp_test"); ret = mp_init_multi(a, b, r1, r2, NULL, NULL); if (ret != 0) @@ -47512,8 +47868,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void) ret = mp_mulmod(a, a, p, r2); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done); - if (mp_cmp(r1, r2) != 0) + if (mp_cmp(r1, r2) != 0) { + WOLFSSL_MSG("Fail: mp_mulmod result does not match mp_sqrmod!"); ERROR_OUT(WC_TEST_RET_ENC_NC, done); + } #endif #if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY) @@ -47953,6 +48311,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void) wc_test_ret_t ret; int isPrime = 0; WC_RNG rng; + WOLFSSL_ENTER("prime_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) if ((n == NULL) || @@ -48138,6 +48497,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void) { good4_in, sizeof(good4_in), good4_out, sizeof(good4_out) }, { good5_in, sizeof(good5_in), good5_in , sizeof(good5_in ) }, }; + WOLFSSL_ENTER("berder_test"); for (i = 0; i < (int)(sizeof(testData) / sizeof(*testData)); i++) { ret = wc_BerToDer(testData[i].in, testData[i].inSz, NULL, &len); @@ -48217,6 +48577,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void) byte a[8] = { 1, 2, 3, 4, 5, 6, 7, 8 }; byte b[256]; int i; + WOLFSSL_ENTER("logging_test (debug)"); for (i = 0; i < (int)sizeof(b); i++) b[i] = i; @@ -48263,6 +48624,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void) (void)b; #else + WOLFSSL_ENTER("logging_test"); ret = wolfSSL_Debugging_ON(); if (ret != NOT_COMPILED_IN) return WC_TEST_RET_ENC_EC(ret); @@ -48287,20 +48649,23 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mutex_test(void) !defined(WOLFSSL_USER_MUTEX) && defined(WOLFSSL_STATIC_MEMORY)) wc_test_ret_t ret; #endif + #if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_USER_MUTEX) - #ifndef WOLFSSL_STATIC_MEMORY - wolfSSL_Mutex *mm = wc_InitAndAllocMutex(); - #else - wolfSSL_Mutex *mm = (wolfSSL_Mutex*) XMALLOC(sizeof(wolfSSL_Mutex), + #ifndef WOLFSSL_STATIC_MEMORY + wolfSSL_Mutex *mm = wc_InitAndAllocMutex(); + WOLFSSL_ENTER("[wolfcrypt_]mutex_test (1)"); + #else + wolfSSL_Mutex *mm = (wolfSSL_Mutex*) XMALLOC(sizeof(wolfSSL_Mutex), HEAP_HINT, DYNAMIC_TYPE_MUTEX); - if (mm != NULL) { - ret = wc_InitMutex(mm); - if (ret != 0) { - WOLFSSL_MSG("Init Mutex failed"); - XFREE(mm, HEAP_HINT, DYNAMIC_TYPE_MUTEX); - return WC_TEST_RET_ENC_EC(ret); + WOLFSSL_ENTER("[wolfcrypt_]mutex_test (2)"); + if (mm != NULL) { + ret = wc_InitMutex(mm); + if (ret != 0) { + WOLFSSL_MSG("Init Mutex failed"); + XFREE(mm, HEAP_HINT, DYNAMIC_TYPE_MUTEX); + return WC_TEST_RET_ENC_EC(ret); + } } - } #endif if (mm == NULL) return WC_TEST_RET_ENC_ERRNO; @@ -48419,6 +48784,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memcb_test(void) wolfSSL_Malloc_cb mc; wolfSSL_Free_cb fc; wolfSSL_Realloc_cb rc; + WOLFSSL_ENTER("memcb_test"); /* Save existing memory callbacks */ ret = wolfSSL_GetAllocators(&mc, &fc, &rc); @@ -48504,7 +48870,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blob_test(void) 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 }; - + WOLFSSL_ENTER("blob_test"); XMEMSET(blob, 0, sizeof(blob)); XMEMSET(out, 0, sizeof(out)); @@ -49723,6 +50089,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void) wc_test_ret_t ret = 0; int origDevId = devId; myCryptoDevCtx myCtx; + WOLFSSL_ENTER("cryptocb_test"); /* example data for callback */ myCtx.exampleVar = 1; @@ -49860,6 +50227,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certpiv_test(void) 0x71, 0x01, 0x04, /* Cert Info */ 0xFE, 0x00, /* Error Detection */ }; + WOLFSSL_ENTER("certpiv_test"); XMEMSET(&piv, 0, sizeof(piv)); /* Test with Identiv 0x0A, 0x0B and 0x0C markers */ @@ -49929,6 +50297,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t time_test(void) { time_t t; wc_test_ret_t ret; + WOLFSSL_ENTER("time_test"); ret = wc_SetTimeCb(time_cb); if (ret != 0) @@ -50052,6 +50421,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_siv_test(void) byte computedPlaintext[82]; byte siv[AES_BLOCK_SIZE]; wc_test_ret_t ret = 0; + WOLFSSL_ENTER("aes_siv_test"); for (i = 0; i < AES_SIV_TEST_VECTORS; ++i) { ret = wc_AesSivEncrypt(testVectors[i].key, testVectors[i].keySz, diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h index 38f6ba290c..db65fc3439 100644 --- a/wolfssl/wolfcrypt/settings.h +++ b/wolfssl/wolfcrypt/settings.h @@ -444,6 +444,8 @@ #define TFM_TIMING_RESISTANT #define ECC_TIMING_RESISTANT + + /* WC_RSA_BLINDING takes up extra space! */ #define WC_RSA_BLINDING #define WC_NO_CACHE_RESISTANT #endif /* !WOLFSSL_ESPIDF_NO_DEFAULT */ @@ -997,7 +999,8 @@ extern void uITRON4_free(void *p) ; #define XFREE(p, h, type) ((void)(h), (void)(type), vPortFree((p))) #if defined(WOLFSSL_ESPIDF) /* In IDF, realloc(p, n) is equivalent to - * heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */ + * heap_caps_realloc(p, s, MALLOC_CAP_8BIT) + * there's no pvPortRealloc available */ #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), realloc((p), (n))) /* FreeRTOS pvPortRealloc() implementation can be found here: * https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */ @@ -1019,8 +1022,10 @@ extern void uITRON4_free(void *p) ; #define NO_DH #endif #endif - #ifndef NO_DSA - #define NO_DSA + #ifndef HAVE_DSA + #ifndef NO_DSA + #define NO_DSA + #endif #endif #ifndef SINGLE_THREADED @@ -3410,6 +3415,17 @@ extern void uITRON4_free(void *p) ; #error "Found both ESPIDF and ARDUINO. Pick one." #endif +#if defined(WOLFSSL_CAAM_BLOB) + #ifndef WOLFSSL_CAAM + #error "WOLFSSL_CAAM_BLOB requires WOLFSSL_CAAM" + #endif +#endif + +#if defined(HAVE_ED25519) + #ifndef WOLFSSL_SHA512 + #error "HAVE_ED25519 requires WOLFSSL_SHA512" + #endif +#endif #ifdef __cplusplus } /* extern "C" */ From 05138154a9e49f5318ee1523a1203e80969b47fe Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 1 Mar 2024 22:57:10 +0700 Subject: [PATCH 2/9] check trailing 0's in signeeds check case --- wolfcrypt/src/pkcs7.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 5cfdfe8093..130560919c 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -6012,12 +6012,10 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf, } } - if (ret < 0) - break; - #ifndef NO_PKCS7_STREAM /* make sure that terminating zero's follow */ - if (ret >= 0 && pkcs7->stream->indefLen == 1) { + if ((ret == PKCS7_SIGNEEDS_CHECK || ret >= 0) && + pkcs7->stream->indefLen == 1) { int i; for (i = 0; i < 3 * ASN_INDEF_END_SZ; i++) { if (pkiMsg2[idx + i] != 0) { @@ -6026,9 +6024,11 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf, } } } + #endif /* NO_PKCS7_STREAM */ + if (ret < 0) break; - #endif /* NO_PKCS7_STREAM */ + ret = 0; /* success */ #ifndef NO_PKCS7_STREAM From 90b28b5cef16baeff731505bc306af9254e607dc Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 1 Mar 2024 23:43:46 +0700 Subject: [PATCH 3/9] add test case for verify of stream signed PKCS7 bundle --- certs/renewcerts.sh | 4 ++ certs/test-stream-sign.p7b | Bin 0 -> 6228 bytes tests/api.c | 76 ++++++++++++++++++++++++++++++++++++- 3 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 certs/test-stream-sign.p7b diff --git a/certs/renewcerts.sh b/certs/renewcerts.sh index 5485656b66..d2482f5103 100755 --- a/certs/renewcerts.sh +++ b/certs/renewcerts.sh @@ -854,6 +854,10 @@ run_renewcerts(){ echo "" openssl crl2pkcs7 -nocrl -certfile ./client-cert.pem -out test-degenerate.p7b -outform DER check_result $? "" + + openssl smime -sign -in ./ca-cert.pem -out test-stream-sign.p7b -signer ./ca-cert.pem -nodetach -nocerts -binary -outform DER -stream -inkey ./ca-key.pem + check_result $? "" + echo "End of section" echo "---------------------------------------------------------------------" diff --git a/certs/test-stream-sign.p7b b/certs/test-stream-sign.p7b new file mode 100644 index 0000000000000000000000000000000000000000..05f6643c1b4679b77375ab3db0facb0d69e3a3c9 GIT binary patch literal 6228 zcmc&&dyFgBUB0{bmFwJ_n<`ZrK|`zxi8OnAeP+fpo;hUO%#6pc^<({7uUGt$d3x>j zW7i&gY!lGE7ZC-~7XC=76a*wvkxEgEC>0_oLZvOBiY6$cwEtA0NC8@iswzc|2&C|x z+1&nu_<>zmZ8_P>e+*NYr!lfsl z&MdiS&n+*VKSLIbmY%=yvp3G&y8n#s4*j;*woTuqktqI>rf=>)v9}F(IBF02G%7?N zB~$*xp$VI)y2G~FjTXl}%N-usvnfHK@i^s7YRXiyDdDJVQ%|B2p&m~Ygo+#`CXL(F z;V2iUo=Gj6x(ZeuZQpM7O@BOeqiVM`7`FZG9*vH+OK1#2`^PM@CO5b8*g>I>Vy7h-1Xc2 z*0rc!#6S=P*MmXV8;!cx?LqHa6ieG()p3UIXoUH8-y1x!U~t=y4YS*J+WzeJ0Lw~o z;72vr8w_0bC9ZnmdbTk*DJwvM{+&-r>kRp{Oi(><=YB*z_aVltv%rNnDOvZU3kz z_YI>cxijvLN5{`RoFs%=9wj!lP0Bm0|14zHrE;9cc`91ecBmjz&ZF^#dvLg#{fj1! zJ2W9u4h_vwOQM2E6^}X|+cV)%B2Y!9jzCTOWFH)t*+>#~UCNtm6Gx^NVQVE!C8!vu z#A5qnpJPpN=m*a+A7nypnDLY+)J;&^rg6C8(zwXBvK5-ZeM_9YgTPbQWDYAxh(#rZ zipT?Dj`1G5x*nnssVy@1PV_;>Dr8KeoJC!aN(m}qA#OgQagMDukqYdOS>fazOze-- z33WnTNJvy9Q~*F&%mG)XM5eq=6F>*&lpPY(#9EWeVbyqrayCo5onT8C+}O+$9D&c1 zqkxS=;|Skobw~A)F~VW>4u!v?8Vw9!+qpA$f~>=m9t{ zum|)B>nkKgV&y)u7FO6o7Dq)Kjo1_HbVXrpfN&IK7>wevXZw_nLc&o>*mDxQL1uzo z6NH0XkMX@K9m6W6w58v8>jUo@|;laiqDwt z4*G5%5G{$KkYIGm5kj~l_}UbSG7+Ng)OY)gbngJLgXu$n4UyHshG1_-dUqYjC#Y<& zcsY(H;#3ba&n2mlq6R*JKLXVRs>W#&>B0!1hDZ&WCdFfW9h|F<{cT3Xvwci|x083= zS=*uiSLZXxOSXqav**&7zFM!wsPFjB02Wl4*0a~d&aid|5?(T$Su}a;k+1u^9`$8tW9zBpT zAdkd#g8#Ua&M;UjI<6Czygo8p&@RX9Sc+=-YP8{6Oc72XR#=~~u7sjQ4_~`It#{iP zzGFJvtomNGUKBtFaPt%jA_H7lE_EcT0Lgg@Vv;3x$Ju4)8CHN+U=M&g@*dEJ4#g!0 zvV-b?`?AayGr&dtKn9Rzakd3OLoczFx{?;j3R7kCV4N6aRBfa-x9U{s95Atm5WoH+%1fcH`S z$O;%i0!|{4h(FW}EXfkfGgbn|VIxC?zyRP6PFY-!oMS(xx{zwfo$$^;e1NWi-HZ-F zJQibO#Ge4OB0-Df7nj%x4Ai0EpfZ4GE+cJ_1FHi54}Ae$;9hzFY?JAoBma?1$Pz}Z zp$r2ULd*cVSzVDr;C!6As2|z^#X}acUCbH*;%)t?c&1E~;fCAJNKc(Ap|b^|_kUTEz`bZPwK8 zMy*g$gJi3j+$fi`N!2M@yhxf2aeHArgK<4#3AVf~`3Z z_Y(JF*pXA?K6mSU>Rn=A3_bE*VqXlM^@5h|s70-{v$ws|PAdV?P~()UmUOi&t889x zt>M{FC&7FzU#ZSAgNojeNjyV_vq){TUY4yU*H>a|Ub)mH(%e;fYrHneG)Eb3ta0VM zk!zv0$-L1{_UA^-t!xT8yKm2=(Ox++=DSrxEll>-OB+)!oo{xVR)TjXyPBqTO|sTo zDRqN)vu?2V zO>R_3NzeL#ZP;-P#ooZFs>P1K_h9sx|gnIEg@Mpa%!bnHXCBkBHD4=X0{%AR|r$XWY#pb z9;kt##pbHbPR~>fBUMvtt(M=7xapK{r>EWU^rmfifvT!C)d>x&btBbL>sqTd)LKSL zE8D18GrJZvHLYCF07rw!oj?hkOtxBvrs{&cQp=eW-*n1@ak|#C+X1KgvuU}X*{aRw z&263EG3-dGTIuhKxngc*x6#_}#SAN#+|6>%b|Tx~N}GDii5amCzdb7Civ4PTR<7j> z`QfHnQk#~PSt&%U4zFffTBB;oV!XIJ$jdcFEm@UTWmu^WeZD>ti@BU&3?y&5RVhz0 zQp=x?CZ&<-<{Z7*j|8z&XWIyfS}7;JN>iF;N8NmXT%H@|wBD&oJA7gi+bMO1_SU5C zjU}nm=~#*d(9QBvH=d37rR-j1(C-X~C8CX$j@uI*!S0XLotUsyQ2SbXz z@rwGcmQ~a?KM+Z8WU5|Pi|l0$QW`gc4abnX_FmBPEx)I?HX57K#xCE__?wfFYC1)6 z*lWi+_0@f7Q<$9I7pWMe@ z?zw#N;2X^0$i>SS55CE8?;}^4P2}=Dhu>(p2gv)_(7l%&}JFUury;hz29z0Y1m zW)Gj2mzU4nKsZP5OHYuC7tXKTcXs*W@$pAl)CWJEFX2b>bGMexq`v#L%$LPW&wTKq z$>v+e@`aE8{b&BU^qa5zTKeTby7=1815bSMdmsCidq2Cm`|RWP55E1a-}>AazV-{( zpW1w&_}t&TaI^YnKYab#pS;rEc>HI6&wA`9AAi;T+#}bQSAn@-N%7ZSc;!EGPrdy^ zzy4ouS~ov!C8po{!S7x;^X$L>_UFBSDZcY>-?;IKKY0DoXI^|`pe&t_R6hD#|9ijR zx$pe{od5Hmds=?xiuu(){poj<54`y!`k@!Ee)lWC{GYFV=gQ8N`G-ICa`j*T;<5Ti zzv+5^`*!m$f9dP%KlX8wiOz7u^_`LXfN8(;eQ`aeDXJ5PP7D}DM? ok(xRGN&FMVo$5cl^WxySf2@DI_SJ_U`So8Ep0xk&!hR?JFXBYH-~a#s literal 0 HcmV?d00001 diff --git a/tests/api.c b/tests/api.c index 6bf2cb801d..7c768d4e09 100644 --- a/tests/api.c +++ b/tests/api.c @@ -26945,7 +26945,7 @@ static int test_wc_PKCS7_EncodeSignedData(void) int certSz; int keySz; - ExpectTrue((fp = XOPEN("./certs/client-ecc-cert.der", "rb")) != + ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) != XBADFILE); ExpectIntGT(certSz = (int)XFREAD(cert, 1, ONEK_BUF, fp), 0); if (fp != XBADFILE) { @@ -27099,6 +27099,7 @@ static int test_wc_PKCS7_EncodeSignedData(void) wc_PKCS7_Free(pkcs7); DoExpectIntEQ(wc_FreeRng(&rng), 0); + #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_EncodeSignedData */ @@ -28008,6 +28009,79 @@ static int test_wc_PKCS7_VerifySignedData_RSA(void) #endif /* !NO_PKCS7_STREAM */ #endif /* !NO_RSA */ +#if defined(ASN_BER_TO_DER) && !defined(NO_PKCS7_STREAM) && \ + !defined(NO_FILESYSTEM) + { + XFILE signedBundle = XBADFILE; + int signedBundleSz = 0; + int chunkSz = 1; + int i, rc; + byte* buf = NULL; + + ExpectTrue((signedBundle = XFOPEN("./certs/test-stream-sign.p7b", + "rb")) != XBADFILE); + ExpectTrue(XFSEEK(signedBundle, 0, XSEEK_END) == 0); + ExpectIntGT(signedBundleSz = (int)XFTELL(signedBundle), 0); + ExpectTrue(XFSEEK(signedBundle, 0, XSEEK_SET) == 0); + ExpectNotNull(buf = (byte*)XMALLOC(signedBundleSz, HEAP_HINT, + DYNAMIC_TYPE_FILE)); + if (buf != NULL) { + ExpectIntEQ(XFREAD(buf, 1, signedBundleSz, signedBundle), + signedBundleSz); + } + if (signedBundle != XBADFILE) { + XFCLOSE(signedBundle); + signedBundle = XBADFILE; + } + + ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); + ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); + for (i = 0; i < signedBundleSz;) { + int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : + chunkSz; + rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); + if (rc < 0 ) { + if (rc == WC_PKCS7_WANT_READ_E) { + i += sz; + continue; + } + break; + } + else { + break; + } + } + ExpectIntEQ(rc, PKCS7_SIGNEEDS_CHECK); + wc_PKCS7_Free(pkcs7); + pkcs7 = NULL; + + + /* now try with malformed bundle */ + ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); + ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); + buf[signedBundleSz - 2] = buf[signedBundleSz - 2] + 1; + for (i = 0; i < signedBundleSz;) { + int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : + chunkSz; + rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); + if (rc < 0 ) { + if (rc == WC_PKCS7_WANT_READ_E) { + i += sz; + continue; + } + break; + } + else { + break; + } + } + ExpectIntEQ(rc, ASN_PARSE_E); + wc_PKCS7_Free(pkcs7); + pkcs7 = NULL; + if (buf != NULL) + XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE); + } +#endif /* BER and stream */ #endif return EXPECT_RESULT(); } /* END test_wc_PKCS7_VerifySignedData()_RSA */ From 065bfb017291fe1934923712de0d16435bddc230 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Sat, 2 Mar 2024 00:12:01 +0700 Subject: [PATCH 4/9] add new test file to make dist --- certs/include.am | 1 + 1 file changed, 1 insertion(+) diff --git a/certs/include.am b/certs/include.am index 637b6b2d71..de8d2edf08 100644 --- a/certs/include.am +++ b/certs/include.am @@ -51,6 +51,7 @@ EXTRA_DIST += \ certs/server-revoked-key.pem \ certs/wolfssl-website-ca.pem \ certs/test-degenerate.p7b \ + certs/test-stream-sign.p7b \ certs/test-ber-exp02-05-2022.p7b \ certs/test-servercert.p12 \ certs/test-servercert-rc2.p12 \ From 7c836c837139ec1eccdcb3072a7ce025d59b70a2 Mon Sep 17 00:00:00 2001 From: David Garske Date: Tue, 9 Jan 2024 15:45:36 -0800 Subject: [PATCH 5/9] Thumb2 AES GCM support for GCM_SMALL. ZD 17225 --- wolfcrypt/src/port/arm/armv8-aes.c | 76 +++++++++++++++++++++++------- 1 file changed, 60 insertions(+), 16 deletions(-) diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c index 455d30bba3..871d6b38af 100644 --- a/wolfcrypt/src/port/arm/armv8-aes.c +++ b/wolfcrypt/src/port/arm/armv8-aes.c @@ -16493,9 +16493,11 @@ extern void AES_CBC_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv); extern void AES_CTR_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr); +#if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT) /* in pre-C2x C, constness conflicts for dimensioned arrays can't be resolved. */ extern void GCM_gmult_len(byte* x, /* const */ byte m[32][AES_BLOCK_SIZE], const unsigned char* data, unsigned long len); +#endif extern void AES_GCM_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr); @@ -16992,6 +16994,7 @@ static WC_INLINE void RIGHTSHIFTX(byte* x) x[0] ^= borrow; } +#if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT) void GenerateM0(Gcm* gcm) { int i; @@ -17047,6 +17050,7 @@ void GenerateM0(Gcm* gcm) m32[3] = ByteReverseWord32(m32[3]); } } +#endif /* GCM_TABLE */ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len) { @@ -17067,7 +17071,9 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len) if (ret == 0) { AES_ECB_encrypt(iv, aes->gcm.H, AES_BLOCK_SIZE, (const unsigned char*)aes->key, aes->rounds); - GenerateM0(&aes->gcm); + #if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT) + GenerateM0(&aes->gcm); + #endif /* GCM_TABLE */ } return ret; @@ -17101,6 +17107,44 @@ static WC_INLINE void FlattenSzInBits(byte* buf, word32 sz) buf[7] = sz & 0xff; } +#if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT) + /* GCM_gmult_len implementation in armv8-32-aes-asm or thumb2-aes-asm */ + #define GCM_GMULT_LEN(aes, x, a, len) GCM_gmult_len(x, aes->gcm.M0, a, len) +#elif defined(GCM_SMALL) + static void GCM_gmult_len(byte* x, const byte* h, + const unsigned char* a, unsigned long len) + { + byte Z[AES_BLOCK_SIZE]; + byte V[AES_BLOCK_SIZE]; + int i, j; + + while (len >= AES_BLOCK_SIZE) { + xorbuf(x, a, AES_BLOCK_SIZE); + + XMEMSET(Z, 0, AES_BLOCK_SIZE); + XMEMCPY(V, x, AES_BLOCK_SIZE); + for (i = 0; i < AES_BLOCK_SIZE; i++) { + byte y = h[i]; + for (j = 0; j < 8; j++) { + if (y & 0x80) { + xorbuf(Z, V, AES_BLOCK_SIZE); + } + + RIGHTSHIFTX(V); + y = y << 1; + } + } + XMEMCPY(x, Z, AES_BLOCK_SIZE); + + len -= AES_BLOCK_SIZE; + a += AES_BLOCK_SIZE; + } + } + #define GCM_GMULT_LEN(aes, x, a, len) GCM_gmult_len(x, aes->gcm.H, a, len) +#else + #error ARMv8 AES only supports GCM_TABLE or GCM_TABLE_4BIT or GCM_SMALL +#endif /* GCM_TABLE */ + static void gcm_ghash_arm32(Aes* aes, const byte* a, word32 aSz, const byte* c, word32 cSz, byte* s, word32 sSz) { @@ -17119,13 +17163,13 @@ static void gcm_ghash_arm32(Aes* aes, const byte* a, word32 aSz, const byte* c, blocks = aSz / AES_BLOCK_SIZE; partial = aSz % AES_BLOCK_SIZE; if (blocks > 0) { - GCM_gmult_len(x, aes->gcm.M0, a, blocks * AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, a, blocks * AES_BLOCK_SIZE); a += blocks * AES_BLOCK_SIZE; } if (partial != 0) { XMEMSET(scratch, 0, AES_BLOCK_SIZE); XMEMCPY(scratch, a, partial); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); } } @@ -17134,20 +17178,20 @@ static void gcm_ghash_arm32(Aes* aes, const byte* a, word32 aSz, const byte* c, blocks = cSz / AES_BLOCK_SIZE; partial = cSz % AES_BLOCK_SIZE; if (blocks > 0) { - GCM_gmult_len(x, aes->gcm.M0, c, blocks * AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, c, blocks * AES_BLOCK_SIZE); c += blocks * AES_BLOCK_SIZE; } if (partial != 0) { XMEMSET(scratch, 0, AES_BLOCK_SIZE); XMEMCPY(scratch, c, partial); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); } } /* Hash in the lengths of A and C in bits */ FlattenSzInBits(&scratch[0], aSz); FlattenSzInBits(&scratch[8], cSz); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); /* Copy the result into s. */ XMEMCPY(s, x, sSz); @@ -17198,13 +17242,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, blocks = authInSz / AES_BLOCK_SIZE; partial = authInSz % AES_BLOCK_SIZE; if (blocks > 0) { - GCM_gmult_len(x, aes->gcm.M0, authIn, blocks * AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, authIn, blocks * AES_BLOCK_SIZE); authIn += blocks * AES_BLOCK_SIZE; } if (partial != 0) { XMEMSET(scratch, 0, AES_BLOCK_SIZE); XMEMCPY(scratch, authIn, partial); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); } } @@ -17214,7 +17258,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, if (blocks > 0) { AES_GCM_encrypt(in, out, blocks * AES_BLOCK_SIZE, (const unsigned char*)aes->key, aes->rounds, counter); - GCM_gmult_len(x, aes->gcm.M0, out, blocks * AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, out, blocks * AES_BLOCK_SIZE); in += blocks * AES_BLOCK_SIZE; out += blocks * AES_BLOCK_SIZE; } @@ -17227,14 +17271,14 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, XMEMSET(scratch, 0, AES_BLOCK_SIZE); XMEMCPY(scratch, out, partial); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); } /* Hash in the lengths of A and C in bits */ XMEMSET(scratch, 0, AES_BLOCK_SIZE); FlattenSzInBits(&scratch[0], authInSz); FlattenSzInBits(&scratch[8], sz); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); if (authTagSz > AES_BLOCK_SIZE) { XMEMCPY(authTag, x, AES_BLOCK_SIZE); } @@ -17286,13 +17330,13 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, blocks = authInSz / AES_BLOCK_SIZE; partial = authInSz % AES_BLOCK_SIZE; if (blocks > 0) { - GCM_gmult_len(x, aes->gcm.M0, authIn, blocks * AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, authIn, blocks * AES_BLOCK_SIZE); authIn += blocks * AES_BLOCK_SIZE; } if (partial != 0) { XMEMSET(scratch, 0, AES_BLOCK_SIZE); XMEMCPY(scratch, authIn, partial); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); } } @@ -17300,7 +17344,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, partial = sz % AES_BLOCK_SIZE; /* do as many blocks as possible */ if (blocks > 0) { - GCM_gmult_len(x, aes->gcm.M0, in, blocks * AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, in, blocks * AES_BLOCK_SIZE); AES_GCM_encrypt(in, out, blocks * AES_BLOCK_SIZE, (const unsigned char*)aes->key, aes->rounds, counter); @@ -17310,7 +17354,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, if (partial != 0) { XMEMSET(scratch, 0, AES_BLOCK_SIZE); XMEMCPY(scratch, in, partial); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); AES_GCM_encrypt(in, scratch, AES_BLOCK_SIZE, (const unsigned char*)aes->key, aes->rounds, counter); @@ -17320,7 +17364,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, XMEMSET(scratch, 0, AES_BLOCK_SIZE); FlattenSzInBits(&scratch[0], authInSz); FlattenSzInBits(&scratch[8], sz); - GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE); + GCM_GMULT_LEN(aes, x, scratch, AES_BLOCK_SIZE); AES_ECB_encrypt(initialCounter, scratch, AES_BLOCK_SIZE, (const unsigned char*)aes->key, aes->rounds); xorbuf(x, scratch, authTagSz); From b1edb08119c78acd4deb58007c7be83418a7a6e2 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 1 Mar 2024 14:55:37 -0600 Subject: [PATCH 6/9] linuxkm/linuxkm_wc_port.h: * fix WC_LINUXKM_ROUND_UP_P_OF_2() to not round up values that are already powers of 2, nor values larger than 8192. linuxkm/lkcapi_glue.c: * fix gating on km_AesSetKeyCommon(). * small stack refactors of Aes objects in self-test routines. * change kmalloc/free to malloc/free in self-test routines. * fix error-path "return"s to "goto exit"s in self-test routines. * fix memory leak around large_input in aes_xts_128_test(). wolfcrypt/benchmark/benchmark.c: * smallstack refactors in bench_chacha() and bench_chacha20_poly1305_aead(). * add error handling in bench_chacha(). wolfcrypt/src/chacha20_poly1305.c: smallstack refactor for wc_ChaCha20Poly1305_Encrypt() and wc_ChaCha20Poly1305_Decrypt(). --- linuxkm/linuxkm_wc_port.h | 12 +- linuxkm/lkcapi_glue.c | 208 ++++++++++++++++++------------ wolfcrypt/benchmark/benchmark.c | 36 ++++-- wolfcrypt/src/chacha20_poly1305.c | 52 ++++++-- 4 files changed, 199 insertions(+), 109 deletions(-) diff --git a/linuxkm/linuxkm_wc_port.h b/linuxkm/linuxkm_wc_port.h index b94957fcf6..b847cbabbb 100644 --- a/linuxkm/linuxkm_wc_port.h +++ b/linuxkm/linuxkm_wc_port.h @@ -809,11 +809,13 @@ /* fun fact: since linux commit 59bb47985c, kmalloc with power-of-2 size is * aligned to the size. */ - #define WC_LINUXKM_ROUND_UP_P_OF_2(x) ( \ - { \ - size_t _alloc_sz = (x); \ - _alloc_sz = 1UL << ((sizeof(_alloc_sz) * 8UL) - __builtin_clzl(_alloc_sz)); \ - _alloc_sz; \ + #define WC_LINUXKM_ROUND_UP_P_OF_2(x) ( \ + { \ + size_t _alloc_sz = (x); \ + if (_alloc_sz < 8192) \ + _alloc_sz = 1UL << \ + ((sizeof(_alloc_sz) * 8UL) - __builtin_clzl(_alloc_sz - 1)); \ + _alloc_sz; \ }) #ifdef HAVE_KVMALLOC #define malloc(size) kvmalloc_node(WC_LINUXKM_ROUND_UP_P_OF_2(size), GFP_KERNEL, NUMA_NO_NODE) diff --git a/linuxkm/lkcapi_glue.c b/linuxkm/lkcapi_glue.c index c780a17842..7fe91afee3 100644 --- a/linuxkm/lkcapi_glue.c +++ b/linuxkm/lkcapi_glue.c @@ -175,6 +175,10 @@ static void km_AesExitCommon(struct km_AesCtx * ctx) } } +#if defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESCBC) || \ + defined(LINUXKM_LKCAPI_REGISTER_AESCFB) + static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key, unsigned int key_len, const char * name) { @@ -201,10 +205,6 @@ static int km_AesSetKeyCommon(struct km_AesCtx * ctx, const u8 *in_key, return 0; } -#if defined(LINUXKM_LKCAPI_REGISTER_ALL) || \ - defined(LINUXKM_LKCAPI_REGISTER_AESCBC) || \ - defined(LINUXKM_LKCAPI_REGISTER_AESCFB) - static void km_AesExit(struct crypto_skcipher *tfm) { struct km_AesCtx * ctx = crypto_skcipher_ctx(tfm); @@ -964,11 +964,12 @@ static int xtsAesAlg_loaded = 0; static int linuxkm_test_aescbc(void) { - int ret = 0; + int ret = 0; struct crypto_skcipher * tfm = NULL; struct skcipher_request * req = NULL; struct scatterlist src, dst; - Aes aes; + Aes *aes; + int aes_inited = 0; static const byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, @@ -1000,25 +1001,30 @@ static int linuxkm_test_aescbc(void) u8 * enc2 = NULL; u8 * dec2 = NULL; + aes = (Aes *)malloc(sizeof(*aes)); + if (aes == NULL) + return -ENOMEM; + XMEMSET(enc, 0, sizeof(enc)); XMEMSET(dec, 0, sizeof(enc)); - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret) { pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return ret; + goto test_cbc_end; } + aes_inited = 1; - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); + ret = wc_AesSetKey(aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); if (ret) { pr_err("wolfcrypt wc_AesSetKey failed with return code %d\n", ret); - return ret; + goto test_cbc_end; } - ret = wc_AesCbcEncrypt(&aes, enc, p_vector, sizeof(p_vector)); + ret = wc_AesCbcEncrypt(aes, enc, p_vector, sizeof(p_vector)); if (ret) { pr_err("wolfcrypt wc_AesCbcEncrypt failed with return code %d\n", ret); - return ret; + goto test_cbc_end; } if (XMEMCMP(enc, c_vector, sizeof(c_vector)) != 0) { @@ -1027,42 +1033,44 @@ static int linuxkm_test_aescbc(void) } /* Re init for decrypt and set flag. */ - wc_AesFree(&aes); + wc_AesFree(aes); + aes_inited = 0; - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret) { pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return ret; + goto test_cbc_end; } + aes_inited = 1; - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_DECRYPTION); + ret = wc_AesSetKey(aes, key32, AES_BLOCK_SIZE * 2, iv, AES_DECRYPTION); if (ret) { pr_err("wolfcrypt wc_AesSetKey failed with return code %d.\n", ret); - return ret; + goto test_cbc_end; } - ret = wc_AesCbcDecrypt(&aes, dec, enc, sizeof(p_vector)); + ret = wc_AesCbcDecrypt(aes, dec, enc, sizeof(p_vector)); if (ret) { pr_err("wolfcrypt wc_AesCbcDecrypt failed with return code %d\n", ret); - return ret; + goto test_cbc_end; } ret = XMEMCMP(p_vector, dec, sizeof(p_vector)); if (ret) { pr_err("error: p_vector and dec do not match: %d\n", ret); - return ret; + goto test_cbc_end; } /* now the kernel crypto part */ - enc2 = kmalloc(sizeof(p_vector), GFP_KERNEL); + enc2 = malloc(sizeof(p_vector)); if (!enc2) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_cbc_end; } - dec2 = kmalloc(sizeof(p_vector), GFP_KERNEL); + dec2 = malloc(sizeof(p_vector)); if (!dec2) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_cbc_end; } @@ -1142,10 +1150,14 @@ static int linuxkm_test_aescbc(void) test_cbc_end: - if (enc2) { kfree(enc2); enc2 = NULL; } - if (dec2) { kfree(dec2); dec2 = NULL; } - if (req) { skcipher_request_free(req); req = NULL; } - if (tfm) { crypto_free_skcipher(tfm); tfm = NULL; } + if (enc2) { free(enc2); } + if (dec2) { free(dec2); } + if (req) { skcipher_request_free(req); } + if (tfm) { crypto_free_skcipher(tfm); } + + if (aes_inited) + wc_AesFree(aes); + free(aes); return ret; } @@ -1160,11 +1172,12 @@ static int linuxkm_test_aescbc(void) static int linuxkm_test_aescfb(void) { - int ret = 0; + int ret = 0; struct crypto_skcipher * tfm = NULL; struct skcipher_request * req = NULL; struct scatterlist src, dst; - Aes aes; + Aes *aes; + int aes_inited = 0; static const byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, @@ -1194,25 +1207,30 @@ static int linuxkm_test_aescfb(void) u8 * enc2 = NULL; u8 * dec2 = NULL; + aes = (Aes *)malloc(sizeof(*aes)); + if (aes == NULL) + return -ENOMEM; + XMEMSET(enc, 0, sizeof(enc)); XMEMSET(dec, 0, sizeof(enc)); - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret) { pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return ret; + goto test_cfb_end; } + aes_inited = 1; - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); + ret = wc_AesSetKey(aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); if (ret) { pr_err("wolfcrypt wc_AesSetKey failed with return code %d\n", ret); - return ret; + goto test_cfb_end; } - ret = wc_AesCfbEncrypt(&aes, enc, p_vector, sizeof(p_vector)); + ret = wc_AesCfbEncrypt(aes, enc, p_vector, sizeof(p_vector)); if (ret) { pr_err("wolfcrypt wc_AesCfbEncrypt failed with return code %d\n", ret); - return ret; + goto test_cfb_end; } if (XMEMCMP(enc, c_vector, sizeof(c_vector)) != 0) { @@ -1221,42 +1239,44 @@ static int linuxkm_test_aescfb(void) } /* Re init for decrypt and set flag. */ - wc_AesFree(&aes); + wc_AesFree(aes); + aes_inited = 0; - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret) { pr_err("wolfcrypt wc_AesInit failed with return code %d.\n", ret); - return ret; + goto test_cfb_end; } + aes_inited = 1; - ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); + ret = wc_AesSetKey(aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION); if (ret) { pr_err("wolfcrypt wc_AesSetKey failed with return code %d.\n", ret); - return ret; + goto test_cfb_end; } - ret = wc_AesCfbDecrypt(&aes, dec, enc, sizeof(p_vector)); + ret = wc_AesCfbDecrypt(aes, dec, enc, sizeof(p_vector)); if (ret) { pr_err("wolfcrypt wc_AesCfbDecrypt failed with return code %d\n", ret); - return ret; + goto test_cfb_end; } ret = XMEMCMP(p_vector, dec, sizeof(p_vector)); if (ret) { pr_err("error: p_vector and dec do not match: %d\n", ret); - return ret; + goto test_cfb_end; } /* now the kernel crypto part */ - enc2 = kmalloc(sizeof(p_vector), GFP_KERNEL); + enc2 = malloc(sizeof(p_vector)); if (!enc2) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_cfb_end; } - dec2 = kmalloc(sizeof(p_vector), GFP_KERNEL); + dec2 = malloc(sizeof(p_vector)); if (!dec2) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_cfb_end; } @@ -1336,10 +1356,14 @@ static int linuxkm_test_aescfb(void) test_cfb_end: - if (enc2) { kfree(enc2); enc2 = NULL; } - if (dec2) { kfree(dec2); dec2 = NULL; } - if (req) { skcipher_request_free(req); req = NULL; } - if (tfm) { crypto_free_skcipher(tfm); tfm = NULL; } + if (enc2) { free(enc2); } + if (dec2) { free(dec2); } + if (req) { skcipher_request_free(req); } + if (tfm) { crypto_free_skcipher(tfm); } + + if (aes_inited) + wc_AesFree(aes); + free(aes); return ret; } @@ -1359,7 +1383,8 @@ static int linuxkm_test_aesgcm(void) struct aead_request * req = NULL; struct scatterlist * src = NULL; struct scatterlist * dst = NULL; - Aes aes; + Aes *aes; + int aes_inited = 0; static const byte key32[] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, @@ -1407,27 +1432,32 @@ static int linuxkm_test_aesgcm(void) XMEMSET(dec, 0, sizeof(p_vector)); XMEMSET(authTag, 0, AES_BLOCK_SIZE); - ret = wc_AesInit(&aes, NULL, INVALID_DEVID); + aes = (Aes *)malloc(sizeof(*aes)); + if (aes == NULL) + return -ENOMEM; + + ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret) { pr_err("error: wc_AesInit failed with return code %d.\n", ret); goto test_gcm_end; } + aes_inited = 1; - ret = wc_AesGcmInit(&aes, key32, sizeof(key32)/sizeof(byte), ivstr, + ret = wc_AesGcmInit(aes, key32, sizeof(key32)/sizeof(byte), ivstr, AES_BLOCK_SIZE); if (ret) { pr_err("error: wc_AesGcmInit failed with return code %d.\n", ret); goto test_gcm_end; } - ret = wc_AesGcmEncryptUpdate(&aes, NULL, NULL, 0, assoc, sizeof(assoc)); + ret = wc_AesGcmEncryptUpdate(aes, NULL, NULL, 0, assoc, sizeof(assoc)); if (ret) { pr_err("error: wc_AesGcmEncryptUpdate failed with return code %d\n", ret); goto test_gcm_end; } - ret = wc_AesGcmEncryptUpdate(&aes, enc, p_vector, sizeof(p_vector), NULL, 0); + ret = wc_AesGcmEncryptUpdate(aes, enc, p_vector, sizeof(p_vector), NULL, 0); if (ret) { pr_err("error: wc_AesGcmEncryptUpdate failed with return code %d\n", ret); @@ -1440,7 +1470,7 @@ static int linuxkm_test_aesgcm(void) goto test_gcm_end; } - ret = wc_AesGcmEncryptFinal(&aes, authTag, AES_BLOCK_SIZE); + ret = wc_AesGcmEncryptFinal(aes, authTag, AES_BLOCK_SIZE); if (ret) { pr_err("error: wc_AesGcmEncryptFinal failed with return code %d\n", ret); @@ -1453,14 +1483,14 @@ static int linuxkm_test_aesgcm(void) goto test_gcm_end; } - ret = wc_AesGcmInit(&aes, key32, sizeof(key32)/sizeof(byte), ivstr, + ret = wc_AesGcmInit(aes, key32, sizeof(key32)/sizeof(byte), ivstr, AES_BLOCK_SIZE); if (ret) { pr_err("error: wc_AesGcmInit failed with return code %d.\n", ret); goto test_gcm_end; } - ret = wc_AesGcmDecryptUpdate(&aes, dec, enc, sizeof(p_vector), + ret = wc_AesGcmDecryptUpdate(aes, dec, enc, sizeof(p_vector), assoc, sizeof(assoc)); if (ret) { pr_err("error: wc_AesGcmDecryptUpdate failed with return code %d\n", @@ -1468,7 +1498,7 @@ static int linuxkm_test_aesgcm(void) goto test_gcm_end; } - ret = wc_AesGcmDecryptFinal(&aes, authTag, AES_BLOCK_SIZE); + ret = wc_AesGcmDecryptFinal(aes, authTag, AES_BLOCK_SIZE); if (ret) { pr_err("error: wc_AesGcmEncryptFinal failed with return code %d\n", ret); @@ -1482,31 +1512,31 @@ static int linuxkm_test_aesgcm(void) } /* now the kernel crypto part */ - assoc2 = kmalloc(sizeof(assoc), GFP_KERNEL); + assoc2 = malloc(sizeof(assoc)); if (IS_ERR(assoc2)) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_gcm_end; } memset(assoc2, 0, sizeof(assoc)); memcpy(assoc2, assoc, sizeof(assoc)); - iv = kmalloc(AES_BLOCK_SIZE, GFP_KERNEL); + iv = malloc(AES_BLOCK_SIZE); if (IS_ERR(iv)) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_gcm_end; } memset(iv, 0, AES_BLOCK_SIZE); memcpy(iv, ivstr, AES_BLOCK_SIZE); - enc2 = kmalloc(decryptLen, GFP_KERNEL); + enc2 = malloc(decryptLen); if (IS_ERR(enc2)) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_gcm_end; } - dec2 = kmalloc(decryptLen, GFP_KERNEL); + dec2 = malloc(decryptLen); if (IS_ERR(dec2)) { - pr_err("error: kmalloc failed\n"); + pr_err("error: malloc failed\n"); goto test_gcm_end; } @@ -1552,11 +1582,11 @@ static int linuxkm_test_aesgcm(void) goto test_gcm_end; } - src = kmalloc(sizeof(struct scatterlist) * 2, GFP_KERNEL); - dst = kmalloc(sizeof(struct scatterlist) * 2, GFP_KERNEL); + src = malloc(sizeof(struct scatterlist) * 2); + dst = malloc(sizeof(struct scatterlist) * 2); if (IS_ERR(src) || IS_ERR(dst)) { - pr_err("error: kmalloc src or dst failed: %ld, %ld\n", + pr_err("error: malloc src or dst failed: %ld, %ld\n", PTR_ERR(src), PTR_ERR(dst)); goto test_gcm_end; } @@ -1614,14 +1644,18 @@ static int linuxkm_test_aesgcm(void) if (req) { aead_request_free(req); req = NULL; } if (tfm) { crypto_free_aead(tfm); tfm = NULL; } - if (src) { kfree(src); src = NULL; } - if (dst) { kfree(dst); dst = NULL; } + if (src) { free(src); src = NULL; } + if (dst) { free(dst); dst = NULL; } + + if (dec2) { free(dec2); dec2 = NULL; } + if (enc2) { free(enc2); enc2 = NULL; } - if (dec2) { kfree(dec2); dec2 = NULL; } - if (enc2) { kfree(enc2); enc2 = NULL; } + if (assoc2) { free(assoc2); assoc2 = NULL; } + if (iv) { free(iv); iv = NULL; } - if (assoc2) { kfree(assoc2); assoc2 = NULL; } - if (iv) { kfree(iv); iv = NULL; } + if (aes_inited) + wc_AesFree(aes); + free(aes); return ret; } @@ -1653,6 +1687,7 @@ static int aes_xts_128_test(void) struct crypto_skcipher *tfm = NULL; struct skcipher_request *req = NULL; u8 iv[AES_BLOCK_SIZE]; + byte* large_input = NULL; /* 128 key tests */ static const unsigned char k1[] = { @@ -1946,14 +1981,15 @@ static int aes_xts_128_test(void) { #define LARGE_XTS_SZ 1024 - byte* large_input = (byte *)XMALLOC(LARGE_XTS_SZ, NULL, - DYNAMIC_TYPE_TMP_BUFFER); int i; int j; - if (large_input == NULL) + large_input = (byte *)XMALLOC(LARGE_XTS_SZ, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (large_input == NULL) { ret = MEMORY_E; - goto out; + goto out; + } for (i = 0; i < (int)LARGE_XTS_SZ; i++) large_input[i] = (byte)i; @@ -1981,19 +2017,18 @@ static int aes_xts_128_test(void) } } } - XFREE(large_input, NULL, DYNAMIC_TYPE_TMP_BUFFER); } /* now the kernel crypto part */ - enc2 = XMALLOC(sizeof(p1), NULL, DYNAMIC_TYPE_AES); + enc2 = XMALLOC(sizeof(pp), NULL, DYNAMIC_TYPE_AES); if (!enc2) { pr_err("error: malloc failed\n"); ret = -ENOMEM; goto test_xts_end; } - dec2 = XMALLOC(sizeof(p1), NULL, DYNAMIC_TYPE_AES); + dec2 = XMALLOC(sizeof(pp), NULL, DYNAMIC_TYPE_AES); if (!dec2) { pr_err("error: malloc failed\n"); ret = -ENOMEM; @@ -2164,6 +2199,9 @@ static int aes_xts_128_test(void) out: + if (large_input) + XFREE(large_input, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (aes_inited) wc_AesXtsFree(aes); diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index e8ebccfe9c..6f6dcd257a 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -5755,19 +5755,29 @@ void bench_arc4(int useDeviceID) #ifdef HAVE_CHACHA void bench_chacha(void) { - ChaCha enc; + WC_DECLARE_VAR(enc, ChaCha, 1, HEAP_HINT); double start; - int i, count; + int ret, i, count; DECLARE_MULTI_VALUE_STATS_VARS() - XMEMSET(&enc, 0, sizeof(enc)); - wc_Chacha_SetKey(&enc, bench_key, 16); + WC_ALLOC_VAR(enc, ChaCha, 1, HEAP_HINT); + + XMEMSET(enc, 0, sizeof(ChaCha)); + wc_Chacha_SetKey(enc, bench_key, 16); bench_stats_start(&count, &start); do { for (i = 0; i < numBlocks; i++) { - wc_Chacha_SetIV(&enc, bench_iv, 0); - wc_Chacha_Process(&enc, bench_cipher, bench_plain, bench_size); + ret = wc_Chacha_SetIV(enc, bench_iv, 0); + if (ret < 0) { + printf("wc_Chacha_SetIV error: %d\n", ret); + goto exit; + } + ret = wc_Chacha_Process(enc, bench_cipher, bench_plain, bench_size); + if (ret < 0) { + printf("wc_Chacha_Process error: %d\n", ret); + goto exit; + } RECORD_MULTI_VALUE_STATS(); } count += i; @@ -5781,6 +5791,9 @@ void bench_chacha(void) #ifdef MULTI_VALUE_STATISTICS bench_multi_value_stats(max, min, sum, squareSum, runs); #endif + +exit: + WC_FREE_VAR(enc, HEAP_HINT); } #endif /* HAVE_CHACHA*/ @@ -5791,8 +5804,9 @@ void bench_chacha20_poly1305_aead(void) int ret = 0, i, count; DECLARE_MULTI_VALUE_STATS_VARS() - byte authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; - XMEMSET(authTag, 0, sizeof(authTag)); + WC_DECLARE_VAR(authTag, byte, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, HEAP_HINT); + WC_ALLOC_VAR(authTag, byte, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, HEAP_HINT); + XMEMSET(authTag, 0, CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE); bench_stats_start(&count, &start); do { @@ -5801,7 +5815,7 @@ void bench_chacha20_poly1305_aead(void) bench_plain, bench_size, bench_cipher, authTag); if (ret < 0) { printf("wc_ChaCha20Poly1305_Encrypt error: %d\n", ret); - break; + goto exit; } RECORD_MULTI_VALUE_STATS(); } @@ -5816,6 +5830,10 @@ void bench_chacha20_poly1305_aead(void) #ifdef MULTI_VALUE_STATISTICS bench_multi_value_stats(max, min, sum, squareSum, runs); #endif + +exit: + + WC_FREE_VAR(authTag, HEAP_HINT); } #endif /* HAVE_CHACHA && HAVE_POLY1305 */ diff --git a/wolfcrypt/src/chacha20_poly1305.c b/wolfcrypt/src/chacha20_poly1305.c index 0c37de747a..df4147c879 100644 --- a/wolfcrypt/src/chacha20_poly1305.c +++ b/wolfcrypt/src/chacha20_poly1305.c @@ -57,7 +57,11 @@ int wc_ChaCha20Poly1305_Encrypt( byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]) { int ret; - ChaChaPoly_Aead aead; +#ifdef WOLFSSL_SMALL_STACK + ChaChaPoly_Aead *aead = NULL; +#else + ChaChaPoly_Aead aead[1]; +#endif /* Validate function arguments */ if (!inKey || !inIV || @@ -68,15 +72,27 @@ int wc_ChaCha20Poly1305_Encrypt( return BAD_FUNC_ARG; } - ret = wc_ChaCha20Poly1305_Init(&aead, inKey, inIV, +#ifdef WOLFSSL_SMALL_STACK + aead = (ChaChaPoly_Aead *)XMALLOC(sizeof(*aead), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (aead == NULL) + return MEMORY_E; +#endif + + ret = wc_ChaCha20Poly1305_Init(aead, inKey, inIV, CHACHA20_POLY1305_AEAD_ENCRYPT); if (ret == 0) - ret = wc_ChaCha20Poly1305_UpdateAad(&aead, inAAD, inAADLen); + ret = wc_ChaCha20Poly1305_UpdateAad(aead, inAAD, inAADLen); if (ret == 0) - ret = wc_ChaCha20Poly1305_UpdateData(&aead, inPlaintext, outCiphertext, + ret = wc_ChaCha20Poly1305_UpdateData(aead, inPlaintext, outCiphertext, inPlaintextLen); if (ret == 0) - ret = wc_ChaCha20Poly1305_Final(&aead, outAuthTag); + ret = wc_ChaCha20Poly1305_Final(aead, outAuthTag); + +#ifdef WOLFSSL_SMALL_STACK + XFREE(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } @@ -90,7 +106,11 @@ int wc_ChaCha20Poly1305_Decrypt( byte* outPlaintext) { int ret; - ChaChaPoly_Aead aead; +#ifdef WOLFSSL_SMALL_STACK + ChaChaPoly_Aead *aead = NULL; +#else + ChaChaPoly_Aead aead[1]; +#endif byte calculatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; /* Validate function arguments */ @@ -102,19 +122,31 @@ int wc_ChaCha20Poly1305_Decrypt( return BAD_FUNC_ARG; } +#ifdef WOLFSSL_SMALL_STACK + aead = (ChaChaPoly_Aead *)XMALLOC(sizeof(*aead), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (aead == NULL) + return MEMORY_E; +#endif + XMEMSET(calculatedAuthTag, 0, sizeof(calculatedAuthTag)); - ret = wc_ChaCha20Poly1305_Init(&aead, inKey, inIV, + ret = wc_ChaCha20Poly1305_Init(aead, inKey, inIV, CHACHA20_POLY1305_AEAD_DECRYPT); if (ret == 0) - ret = wc_ChaCha20Poly1305_UpdateAad(&aead, inAAD, inAADLen); + ret = wc_ChaCha20Poly1305_UpdateAad(aead, inAAD, inAADLen); if (ret == 0) - ret = wc_ChaCha20Poly1305_UpdateData(&aead, inCiphertext, outPlaintext, + ret = wc_ChaCha20Poly1305_UpdateData(aead, inCiphertext, outPlaintext, inCiphertextLen); if (ret == 0) - ret = wc_ChaCha20Poly1305_Final(&aead, calculatedAuthTag); + ret = wc_ChaCha20Poly1305_Final(aead, calculatedAuthTag); if (ret == 0) ret = wc_ChaCha20Poly1305_CheckTag(inAuthTag, calculatedAuthTag); + +#ifdef WOLFSSL_SMALL_STACK + XFREE(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } From 7fbb209684be2fd80b7dc8915ef6dc796f07587a Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 1 Mar 2024 17:51:24 -0600 Subject: [PATCH 7/9] ssl.c: in wolfSSL_Init(), fix cppcheck identicalInnerCondition warning on non-FIPS configurations. --- src/ssl.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index ad514d27ae..52547e2dba 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -6244,20 +6244,20 @@ int wolfSSL_Init(void) return BAD_MUTEX_E; } - if ((ret == WOLFSSL_SUCCESS) && (initRefCount == 0)) { - /* Initialize crypto for use with TLS connection */ - #if FIPS_VERSION_GE(5,1) + if ((ret == WOLFSSL_SUCCESS) && (initRefCount == 0)) { ret = wolfCrypt_SetPrivateKeyReadEnable_fips(1, WC_KEYTYPE_ALL); if (ret == 0) ret = WOLFSSL_SUCCESS; + } #endif - if (ret == WOLFSSL_SUCCESS) { - if (wolfCrypt_Init() != 0) { - WOLFSSL_MSG("Bad wolfCrypt Init"); - ret = WC_INIT_E; - } + if ((ret == WOLFSSL_SUCCESS) && (initRefCount == 0)) { + /* Initialize crypto for use with TLS connection */ + + if (wolfCrypt_Init() != 0) { + WOLFSSL_MSG("Bad wolfCrypt Init"); + ret = WC_INIT_E; } #if defined(HAVE_GLOBAL_RNG) && !defined(WOLFSSL_MUTEX_INITIALIZER) From 2708062d395e2b4044a9f69c0d9a38aef6ca345e Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Mon, 4 Mar 2024 07:33:21 -0700 Subject: [PATCH 8/9] add sanity check for null buffer after malloc in test case --- tests/api.c | 76 ++++++++++++++++++++++++++++------------------------- 1 file changed, 40 insertions(+), 36 deletions(-) diff --git a/tests/api.c b/tests/api.c index 7c768d4e09..1dc77fa83a 100644 --- a/tests/api.c +++ b/tests/api.c @@ -28034,50 +28034,54 @@ static int test_wc_PKCS7_VerifySignedData_RSA(void) signedBundle = XBADFILE; } - ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); - ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); - for (i = 0; i < signedBundleSz;) { - int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : - chunkSz; - rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); - if (rc < 0 ) { - if (rc == WC_PKCS7_WANT_READ_E) { - i += sz; - continue; + if (buf != NULL) { + ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); + ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); + for (i = 0; i < signedBundleSz;) { + int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : + chunkSz; + rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); + if (rc < 0 ) { + if (rc == WC_PKCS7_WANT_READ_E) { + i += sz; + continue; + } + break; + } + else { + break; } - break; - } - else { - break; } + ExpectIntEQ(rc, PKCS7_SIGNEEDS_CHECK); + wc_PKCS7_Free(pkcs7); + pkcs7 = NULL; } - ExpectIntEQ(rc, PKCS7_SIGNEEDS_CHECK); - wc_PKCS7_Free(pkcs7); - pkcs7 = NULL; - /* now try with malformed bundle */ - ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); - ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); - buf[signedBundleSz - 2] = buf[signedBundleSz - 2] + 1; - for (i = 0; i < signedBundleSz;) { - int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : - chunkSz; - rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); - if (rc < 0 ) { - if (rc == WC_PKCS7_WANT_READ_E) { - i += sz; - continue; + if (buf != NULL) { + ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId)); + ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0); + buf[signedBundleSz - 2] = buf[signedBundleSz - 2] + 1; + for (i = 0; i < signedBundleSz;) { + int sz = (i + chunkSz > signedBundleSz)? signedBundleSz - i : + chunkSz; + rc = wc_PKCS7_VerifySignedData(pkcs7, buf + i, sz); + if (rc < 0 ) { + if (rc == WC_PKCS7_WANT_READ_E) { + i += sz; + continue; + } + break; + } + else { + break; } - break; - } - else { - break; } + ExpectIntEQ(rc, ASN_PARSE_E); + wc_PKCS7_Free(pkcs7); + pkcs7 = NULL; } - ExpectIntEQ(rc, ASN_PARSE_E); - wc_PKCS7_Free(pkcs7); - pkcs7 = NULL; + if (buf != NULL) XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE); } From 321a72c906d5f57da2aebce6c6af84b8a75a6229 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Tue, 5 Mar 2024 17:44:33 -0600 Subject: [PATCH 9/9] misc fixes: wolfcrypt/test/test.c: fix gating for verify4 in scrypt_test(), and fix WOLFSSL_SMALL_STACK -Wframe-larger-than=2048 warnings in sha256_test() and sha512_test(). src/ssl.c: fix for true-but-benign nullPointerRedundantCheck in ProcessBufferTryDecodeEd25519(). tests/api.c: fix for -Wmaybe-uninitialized in test_wc_PKCS7_VerifySignedData_RSA() identified via cross-m68k-all-asm. --- src/ssl.c | 2 +- tests/api.c | 2 +- wolfcrypt/test/test.c | 68 +++++++++++++++++++++++++++++++++++-------- 3 files changed, 58 insertions(+), 14 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 52547e2dba..1d501f8ade 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -6805,7 +6805,7 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl, ssl->buffers.keyType = ed25519_sa_algo; ssl->buffers.keySz = *keySz; } - else if (ctx) { + else { ctx->privateKeyType = ed25519_sa_algo; ctx->privateKeySz = *keySz; } diff --git a/tests/api.c b/tests/api.c index 1dc77fa83a..8f903aee99 100644 --- a/tests/api.c +++ b/tests/api.c @@ -28015,7 +28015,7 @@ static int test_wc_PKCS7_VerifySignedData_RSA(void) XFILE signedBundle = XBADFILE; int signedBundleSz = 0; int chunkSz = 1; - int i, rc; + int i, rc = 0; byte* buf = NULL; ExpectTrue((signedBundle = XFOPEN("./certs/test-stream-sign.p7b", diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 31cf01e00d..09bc0959df 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -3198,6 +3198,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) byte i_hashcopy[WC_SHA256_DIGEST_SIZE]; testVector interleave_test_sha[4]; wc_Sha256 i_sha, i_shaCopy; +#endif +#ifndef NO_LARGE_HASH_TEST +#define LARGE_HASH_TEST_INPUT_SZ 1024 +#ifdef WOLFSSL_SMALL_STACK + byte *large_input = NULL; +#else + byte large_input[LARGE_HASH_TEST_INPUT_SZ]; +#endif #endif int times = sizeof(test_sha) / sizeof(struct testVector), i; @@ -3339,17 +3347,26 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) #ifndef NO_LARGE_HASH_TEST /* BEGIN LARGE HASH TEST */ { - byte large_input[1024]; #ifdef HASH_SIZE_LIMIT - const char* large_digest = + WOLFSSL_SMALL_STACK_STATIC const char* large_digest = "\xa4\x75\x9e\x7a\xa2\x03\x38\x32\x88\x66\xa2\xea\x17\xea\xf8\xc7" "\xfe\x4e\xc6\xbb\xe3\xbb\x71\xce\xe7\xdf\x7c\x04\x61\xb3\xc2\x2f"; #else - const char* large_digest = + WOLFSSL_SMALL_STACK_STATIC const char* large_digest = "\x27\x78\x3e\x87\x96\x3a\x4e\xfb\x68\x29\xb5\x31\xc9\xba\x57\xb4" "\x4f\x45\x79\x7f\x67\x70\xbd\x63\x7f\xbf\x0d\x80\x7c\xbd\xba\xe0"; #endif - for (i = 0; i < (int)sizeof(large_input); i++) { + +#ifdef WOLFSSL_SMALL_STACK + large_input = (byte *)XMALLOC(LARGE_HASH_TEST_INPUT_SZ, HEAP_HINT, + DYNAMIC_TYPE_TMP_BUFFER); + + if (large_input == NULL) { + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit); + } +#endif + + for (i = 0; i < LARGE_HASH_TEST_INPUT_SZ; i++) { large_input[i] = (byte)(i & 0xFF); } #ifdef HASH_SIZE_LIMIT @@ -3358,11 +3375,11 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) times = 100; #endif #ifdef WOLFSSL_PIC32MZ_HASH - wc_Sha256SizeSet(&sha, times * sizeof(large_input)); + wc_Sha256SizeSet(&sha, times * LARGE_HASH_TEST_INPUT_SZ); #endif for (i = 0; i < times; ++i) { ret = wc_Sha256Update(&sha, (byte*)large_input, - (word32)sizeof(large_input)); + LARGE_HASH_TEST_INPUT_SZ); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit); } @@ -3372,10 +3389,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) if (XMEMCMP(hash, large_digest, WC_SHA256_DIGEST_SIZE) != 0) ERROR_OUT(WC_TEST_RET_ENC_NC, exit); } /* END LARGE HASH TEST */ +#undef LARGE_HASH_TEST_INPUT_SZ #endif /* NO_LARGE_HASH_TEST */ exit: +#if !defined(NO_LARGE_HASH_TEST) && defined(WOLFSSL_SMALL_STACK) + XFREE(large_input, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); +#endif wc_Sha256Free(&sha); wc_Sha256Free(&shaCopy); #ifndef NO_WOLFSSL_SHA256_INTERLEAVE @@ -3405,6 +3426,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) byte i_hash[WC_SHA512_DIGEST_SIZE]; byte i_hashcopy[WC_SHA512_DIGEST_SIZE]; testVector interleave_test_sha[3]; +#endif +#ifndef NO_LARGE_HASH_TEST +#define LARGE_HASH_TEST_INPUT_SZ 1024 +#ifdef WOLFSSL_SMALL_STACK + byte *large_input = NULL; +#else + byte large_input[LARGE_HASH_TEST_INPUT_SZ]; +#endif #endif int times = sizeof(test_sha) / sizeof(struct testVector), i; @@ -3539,22 +3568,30 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) #ifndef NO_LARGE_HASH_TEST /* BEGIN LARGE HASH TEST */ { - byte large_input[1024]; #ifdef HASH_SIZE_LIMIT - const char* large_digest = + WOLFSSL_SMALL_STACK_STATIC const char* large_digest = "\x30\x9B\x96\xA6\xE9\x43\x78\x30\xA3\x71\x51\x61\xC1\xEB\xE1\xBE" "\xC8\xA5\xF9\x13\x5A\xD6\x6D\x9E\x46\x31\x31\x67\x8D\xE2\xC0\x0B" "\x2A\x1A\x03\xE1\xF3\x48\xA7\x33\xBD\x49\xF8\xFF\xF1\xC2\xC2\x95" "\xCB\xF0\xAF\x87\x61\x85\x58\x63\x6A\xCA\x70\x9C\x8B\x83\x3F\x5D"; #else - const char* large_digest = + WOLFSSL_SMALL_STACK_STATIC const char* large_digest = "\x5a\x1f\x73\x90\xbd\x8c\xe4\x63\x54\xce\xa0\x9b\xef\x32\x78\x2d" "\x2e\xe7\x0d\x5e\x2f\x9d\x15\x1b\xdd\x2d\xde\x65\x0c\x7b\xfa\x83" "\x5e\x80\x02\x13\x84\xb8\x3f\xff\x71\x62\xb5\x09\x89\x63\xe1\xdc" "\xa5\xdc\xfc\xfa\x9d\x1a\x4d\xc0\xfa\x3a\x14\xf6\x01\x51\x90\xa4"; #endif - for (i = 0; i < (int)sizeof(large_input); i++) { +#ifdef WOLFSSL_SMALL_STACK + large_input = (byte *)XMALLOC(LARGE_HASH_TEST_INPUT_SZ, HEAP_HINT, + DYNAMIC_TYPE_TMP_BUFFER); + + if (large_input == NULL) { + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit); + } +#endif + + for (i = 0; i < LARGE_HASH_TEST_INPUT_SZ; i++) { large_input[i] = (byte)(i & 0xFF); } #ifdef HASH_SIZE_LIMIT @@ -3564,7 +3601,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) #endif for (i = 0; i < times; ++i) { ret = wc_Sha512Update(&sha, (byte*)large_input, - (word32)sizeof(large_input)); + LARGE_HASH_TEST_INPUT_SZ); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit); } @@ -3578,16 +3615,21 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) /* Unaligned memory access test */ for (i = 1; i < 16; i++) { ret = wc_Sha512Update(&sha, (byte*)large_input + i, - (word32)sizeof(large_input) - i); + LARGE_HASH_TEST_INPUT_SZ - i); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit); ret = wc_Sha512Final(&sha, hash); } #endif } /* END LARGE HASH TEST */ +#undef LARGE_HASH_TEST_INPUT_SZ #endif /* NO_LARGE_HASH_TEST */ exit: + +#if !defined(NO_LARGE_HASH_TEST) && defined(WOLFSSL_SMALL_STACK) + XFREE(large_input, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); +#endif wc_Sha512Free(&sha); wc_Sha512Free(&shaCopy); #ifndef NO_WOLFSSL_SHA256_INTERLEAVE @@ -24356,7 +24398,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void) return WC_TEST_RET_ENC_NC; #endif #else +#ifdef SCRYPT_TEST_ALL (void)verify4; +#endif #endif /* !BENCH_EMBEDDED && !defined(WOLFSSL_LINUXKM) && !HAVE_INTEL_QA */ #if !defined(BENCH_EMBEDDED)