mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

More changes to minimize dynamic memory usage.

Browse Source 
Change define to WOLFSSL_MEMORY_LOG.
Fix for ED25519 server certificate - single cert to allow comparison
with ECC dynamic memory usage.
Free memory earlier to reduce maximum memory usage in a connection.
Make MAX_ENCODED_SIG_SZ only as big as necessary.
Change memory allocation type in sha256 from RNG to DIGEST.
If we know the key type use it in decoding private key
This commit is contained in:
Sean Parkinson 2018-08-21 09:03:11 +10:00
parent 506c858ed6
commit 1ab17ac827
15 changed files with 495 additions and 341 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
certs/ed25519/include.am
View File

@ -23,6 +23,7 @@ EXTRA_DIST += \
certs/ed25519/root-ed25519-priv.pem \
certs/ed25519/server-ed25519.der \
certs/ed25519/server-ed25519.pem \
certs/ed25519/server-ed25519-cert.pem \
certs/ed25519/server-ed25519-key.der \
certs/ed25519/server-ed25519-key.pem \
certs/ed25519/server-ed25519-priv.der \

15
certs/ed25519/server-ed25519-cert.pem Normal file
View File

@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICUjCCAgSgAwIBAgIQAM3yL77cB/q7ZQPi/+pqmTAFBgMrZXAwgZ0xCzAJBgNV
BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMQswCQYD
VQQEDAJDQTEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUxOTEYMBYG
A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
c2wuY29tMCIYDzIwMTgwNDEyMTYyMjE3WhgPMjAyMTAxMDcxNTIyMTdaMIGfMQsw
CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEN
MAsGA1UEBAwETGVhZjEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwHRUQyNTUx
OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
QHdvbGZzc2wuY29tMCowBQYDK2VwAyEAYV3st0WTyYR7aCFKTfQEi73NbF09t2Is
LSXDIknIhvKjUjBQMB0GA1UdDgQWBBQzyChjjPRX7h6wxxISdoqAMDrLEDAfBgNV
HSMEGDAWgBSSP5ZyAvphHCFtiN3r3TybF8SftzAOBgNVHQ8BAf8EBAMCBsAwBQYD
K2VwA0EAFYiG/GbR4PbPyQlG0FDiAV33z1e4upCEy/EkS++llX1pkoioiWPMkEDC
QTpAdrEtqKiXyXPHgjAkYbCqyqpoAA==
-----END CERTIFICATE-----

15
configure.ac
View File

@ -657,7 +657,7 @@ AC_ARG_ENABLE([lowresource],
if test "$ENABLED_LOWRESOURCE" = "yes"
then
# low memory / flash flags
AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE -DRSA_LOW_MEM -DGCM_SMALL -DCURVE25519_SMALL -DED25519_SMALL"
AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE -DRSA_LOW_MEM -DALT_ECC_SIZE -DGCM_SMALL -DCURVE25519_SMALL -DED25519_SMALL"
# low flash flags
AM_CFLAGS="$AM_CFLAGS -DUSE_SLOW_SHA -DUSE_SLOW_SHA256 -DUSE_SLOW_SHA512"
@ -1620,6 +1620,19 @@ then
fi
fi
# MEMORY usage logging
AC_ARG_ENABLE([memorylog],
[AS_HELP_STRING([--enable-memorylog],[Enable dynamic memory logging (default: disabled)])],
[ ENABLED_MEMORYLOG=$enableval ],
[ ENABLED_MEMORYLOG=no ]
)
if test "$ENABLED_MEMORYLOG" = "yes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_MEMORY_LOG"
fi
# RSA
AC_ARG_ENABLE([rsa],

240
src/internal.c
View File

@ -4688,12 +4688,14 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
return MEMORY_E;
}
XMEMSET(ssl->arrays, 0, sizeof(Arrays));
#if defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER)
ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN, ssl->heap,
DYNAMIC_TYPE_SECRET);
if (ssl->arrays->preMasterSecret == NULL) {
return MEMORY_E;
}
XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN);
#endif
#ifdef SINGLE_THREADED
if (ctx->suites == NULL)
@ -5357,9 +5359,8 @@ void FreeHandshakeResources(WOLFSSL* ssl)
#ifdef HAVE_ECC
FreeKey(ssl, DYNAMIC_TYPE_ECC, (void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
#ifdef HAVE_CURVE25519
if (ssl->ecdhCurveOID != ECC_X25519_OID)
#endif /* HAVE_CURVE25519 */
#endif
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
{
int dtype;
#ifdef HAVE_ECC
@ -5381,8 +5382,7 @@ void FreeHandshakeResources(WOLFSSL* ssl)
#ifdef HAVE_CURVE25519
FreeKey(ssl, DYNAMIC_TYPE_CURVE25519, (void**)&ssl->peerX25519Key);
ssl->peerX25519KeyPresent = 0;
#endif /* HAVE_CURVE25519 */
#endif /* HAVE_ECC */
#endif
#ifndef NO_DH
if (ssl->buffers.serverDH_Priv.buffer) {
@ -10531,6 +10531,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
IsAtLeastTLSv1_3(ssl->version)) {
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
}
}
#endif
break;
@ -10599,6 +10603,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
if (ssl->options.resuming || !ssl->options.verifyPeer || \
!IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) {
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
}
}
#endif
break;
@ -10629,6 +10637,9 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
SendAlert(ssl, alert_fatal, decode_error);
ret = DECODE_E;
}
if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag) {
ShrinkInputBuffer(ssl, NO_FORCED_FREE);
}
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
/* if async, offset index so this msg will be processed again */
@ -16488,37 +16499,39 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
}
#ifndef NO_RSA
ssl->hsType = DYNAMIC_TYPE_RSA;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
if (ret != 0) {
goto exit_dpk;
}
WOLFSSL_MSG("Trying RSA private key");
/* Set start of data to beginning of buffer. */
idx = 0;
/* Decode the key assuming it is an RSA private key. */
ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
(RsaKey*)ssl->hsKey, ssl->buffers.key->length);
if (ret == 0) {
WOLFSSL_MSG("Using RSA private key");
/* It worked so check it meets minimum key size requirements. */
keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey);
if (keySz < 0) { /* check if keySz has error case */
ERROR_OUT(keySz, exit_dpk);
if (ssl->buffers.keyType == rsa_sa_algo || ssl->buffers.keyType == 0) {
ssl->hsType = DYNAMIC_TYPE_RSA;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
if (ret != 0) {
goto exit_dpk;
}
if (keySz < ssl->options.minRsaKeySz) {
WOLFSSL_MSG("RSA key size too small");
ERROR_OUT(RSA_KEY_SIZE_E, exit_dpk);
WOLFSSL_MSG("Trying RSA private key");
/* Set start of data to beginning of buffer. */
idx = 0;
/* Decode the key assuming it is an RSA private key. */
ret = wc_RsaPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
(RsaKey*)ssl->hsKey, ssl->buffers.key->length);
if (ret == 0) {
WOLFSSL_MSG("Using RSA private key");
/* It worked so check it meets minimum key size requirements. */
keySz = wc_RsaEncryptSize((RsaKey*)ssl->hsKey);
if (keySz < 0) { /* check if keySz has error case */
ERROR_OUT(keySz, exit_dpk);
}
if (keySz < ssl->options.minRsaKeySz) {
WOLFSSL_MSG("RSA key size too small");
ERROR_OUT(RSA_KEY_SIZE_E, exit_dpk);
}
/* Return the maximum signature length. */
*length = (word16)keySz;
goto exit_dpk;
}
/* Return the maximum signature length. */
*length = (word16)keySz;
goto exit_dpk;
}
#endif /* !NO_RSA */
@ -16527,38 +16540,40 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey);
#endif /* !NO_RSA */
ssl->hsType = DYNAMIC_TYPE_ECC;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
if (ret != 0) {
goto exit_dpk;
}
#ifndef NO_RSA
WOLFSSL_MSG("Trying ECC private key, RSA didn't work");
#else
WOLFSSL_MSG("Trying ECC private key");
#endif
/* Set start of data to beginning of buffer. */
idx = 0;
/* Decode the key assuming it is an ECC private key. */
ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
(ecc_key*)ssl->hsKey,
ssl->buffers.key->length);
if (ret == 0) {
WOLFSSL_MSG("Using ECC private key");
/* Check it meets the minimum ECC key size requirements. */
keySz = wc_ecc_size((ecc_key*)ssl->hsKey);
if (keySz < ssl->options.minEccKeySz) {
WOLFSSL_MSG("ECC key size too small");
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0) {
ssl->hsType = DYNAMIC_TYPE_ECC;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
if (ret != 0) {
goto exit_dpk;
}
/* Return the maximum signature length. */
*length = (word16)wc_ecc_sig_size((ecc_key*)ssl->hsKey);
#ifndef NO_RSA
WOLFSSL_MSG("Trying ECC private key, RSA didn't work");
#else
WOLFSSL_MSG("Trying ECC private key");
#endif
goto exit_dpk;
/* Set start of data to beginning of buffer. */
idx = 0;
/* Decode the key assuming it is an ECC private key. */
ret = wc_EccPrivateKeyDecode(ssl->buffers.key->buffer, &idx,
(ecc_key*)ssl->hsKey,
ssl->buffers.key->length);
if (ret == 0) {
WOLFSSL_MSG("Using ECC private key");
/* Check it meets the minimum ECC key size requirements. */
keySz = wc_ecc_size((ecc_key*)ssl->hsKey);
if (keySz < ssl->options.minEccKeySz) {
WOLFSSL_MSG("ECC key size too small");
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
}
/* Return the maximum signature length. */
*length = (word16)wc_ecc_sig_size((ecc_key*)ssl->hsKey);
goto exit_dpk;
}
}
#endif
#ifdef HAVE_ED25519
@ -16566,39 +16581,41 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey);
#endif
ssl->hsType = DYNAMIC_TYPE_ED25519;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
if (ret != 0) {
goto exit_dpk;
}
#ifdef HAVE_ECC
WOLFSSL_MSG("Trying ED25519 private key, ECC didn't work");
#elif !defined(NO_RSA)
WOLFSSL_MSG("Trying ED25519 private key, RSA didn't work");
#else
WOLFSSL_MSG("Trying ED25519 private key");
#endif
/* Set start of data to beginning of buffer. */
idx = 0;
/* Decode the key assuming it is an ED25519 private key. */
ret = wc_Ed25519PrivateKeyDecode(ssl->buffers.key->buffer, &idx,
(ed25519_key*)ssl->hsKey,
ssl->buffers.key->length);
if (ret == 0) {
WOLFSSL_MSG("Using ED25519 private key");
/* Check it meets the minimum ECC key size requirements. */
if (ED25519_KEY_SIZE < ssl->options.minEccKeySz) {
WOLFSSL_MSG("ED25519 key size too small");
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
if (ssl->buffers.keyType == ed25519_sa_algo || ssl->buffers.keyType == 0) {
ssl->hsType = DYNAMIC_TYPE_ED25519;
ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
if (ret != 0) {
goto exit_dpk;
}
/* Return the maximum signature length. */
*length = ED25519_SIG_SIZE;
#ifdef HAVE_ECC
WOLFSSL_MSG("Trying ED25519 private key, ECC didn't work");
#elif !defined(NO_RSA)
WOLFSSL_MSG("Trying ED25519 private key, RSA didn't work");
#else
WOLFSSL_MSG("Trying ED25519 private key");
#endif
goto exit_dpk;
/* Set start of data to beginning of buffer. */
idx = 0;
/* Decode the key assuming it is an ED25519 private key. */
ret = wc_Ed25519PrivateKeyDecode(ssl->buffers.key->buffer, &idx,
(ed25519_key*)ssl->hsKey,
ssl->buffers.key->length);
if (ret == 0) {
WOLFSSL_MSG("Using ED25519 private key");
/* Check it meets the minimum ECC key size requirements. */
if (ED25519_KEY_SIZE < ssl->options.minEccKeySz) {
WOLFSSL_MSG("ED25519 key size too small");
ERROR_OUT(ECC_KEY_SIZE_E, exit_dpk);
}
/* Return the maximum signature length. */
*length = ED25519_SIG_SIZE;
goto exit_dpk;
}
}
#endif /* HAVE_ED25519 */
@ -19204,6 +19221,14 @@ int SendClientKeyExchange(WOLFSSL* ssl)
if (args->encSecret == NULL) {
ERROR_OUT(MEMORY_E, exit_scke);
}
if (ssl->arrays->preMasterSecret == NULL) {
ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN,
ssl->heap, DYNAMIC_TYPE_SECRET);
if (ssl->arrays->preMasterSecret == NULL) {
ERROR_OUT(MEMORY_E, exit_scke);
}
XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN);
}
switch(ssl->specs.kea)
{
@ -19594,6 +19619,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END
);
if (ret == 0) {
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
}
break;
}
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
@ -19639,7 +19669,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END
);
if (ret == 0) {
if (ret == 0 && !ssl->specs.static_ecdh) {
FreeKey(ssl, DYNAMIC_TYPE_CURVE25519,
(void**)&ssl->peerX25519Key);
ssl->peerX25519KeyPresent = 0;
@ -19658,6 +19688,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END
);
if (ret == 0 && !ssl->specs.static_ecdh) {
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
}
#endif
break;
@ -24201,6 +24236,15 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
#endif
if (ssl->arrays->preMasterSecret == NULL) {
ssl->arrays->preMasterSecret = (byte*)XMALLOC(ENCRYPT_LEN,
ssl->heap, DYNAMIC_TYPE_SECRET);
if (ssl->arrays->preMasterSecret == NULL) {
ERROR_OUT(MEMORY_E, exit_dcke);
}
XMEMSET(ssl->arrays->preMasterSecret, 0, ENCRYPT_LEN);
}
switch (ssl->specs.kea) {
#ifndef NO_RSA
case rsa_kea:
@ -24886,6 +24930,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&ssl->arrays->preMasterSz,
WOLFSSL_SERVER_END
);
if (ret == 0) {
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
}
#endif
break;
}
@ -24946,6 +24995,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
WOLFSSL_SERVER_END
);
if (ret == 0 && !ssl->specs.static_ecdh) {
FreeKey(ssl, DYNAMIC_TYPE_ECC,
(void**)&ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
}
break;
}
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */

3
src/keys.c
View File

@ -3291,6 +3291,9 @@ static int CleanPreMaster(WOLFSSL* ssl)
for (i = 0; i < sz; i++)
ssl->arrays->preMasterSecret[i] = 0;
XFREE(ssl->arrays->preMasterSecret, ssl->heap, DYNAMIC_TYPE_SECRET);
ssl->arrays->preMasterSecret = NULL;
return 0;
}

41
src/ssl.c
View File

@ -26132,6 +26132,30 @@ int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa,
#ifdef HAVE_ECC
#ifdef ALT_ECC_SIZE
static int SetIndividualInternalEcc(WOLFSSL_BIGNUM* bn, mp_int* mpi)
{
WOLFSSL_MSG("Entering SetIndividualInternal");
if (bn == NULL || bn->internal == NULL) {
WOLFSSL_MSG("bn NULL error");
return WOLFSSL_FATAL_ERROR;
}
if (mpi == NULL) {
WOLFSSL_MSG("mpi NULL error");
return WOLFSSL_FATAL_ERROR;
}
if (mp_copy((mp_int*)bn->internal, mpi) != MP_OKAY) {
WOLFSSL_MSG("mp_copy error");
return WOLFSSL_FATAL_ERROR;
}
return WOLFSSL_SUCCESS;
}
#endif /* ALT_ECC_SIZE */
/* EC_POINT Openssl -> WolfSSL */
static int SetECPointInternal(WOLFSSL_EC_POINT *p)
{
@ -26145,6 +26169,7 @@ static int SetECPointInternal(WOLFSSL_EC_POINT *p)
point = (ecc_point*)p->internal;
#ifndef ALT_ECC_SIZE
if (p->X != NULL && SetIndividualInternal(p->X, point->x) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ecc point X error");
return WOLFSSL_FATAL_ERROR;
@ -26159,6 +26184,22 @@ static int SetECPointInternal(WOLFSSL_EC_POINT *p)
WOLFSSL_MSG("ecc point Z error");
return WOLFSSL_FATAL_ERROR;
}
#else
if (p->X != NULL && SetIndividualInternalEcc(p->X, point->x) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ecc point X error");
return WOLFSSL_FATAL_ERROR;
}
if (p->Y != NULL && SetIndividualInternalEcc(p->Y, point->y) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ecc point Y error");
return WOLFSSL_FATAL_ERROR;
}
if (p->Z != NULL && SetIndividualInternalEcc(p->Z, point->z) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ecc point Z error");
return WOLFSSL_FATAL_ERROR;
}
#endif
p->inSet = 1;

4
src/tls.c
View File

@ -6383,7 +6383,7 @@ static int TLSX_KeyShare_ProcessDh(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
#ifdef WOLFSSL_ASYNC_CRYPT
/* TODO: Make this function non-blocking */
if (ret == WC_PENDING_E) {
ret = wc_AsyncWait(ret, dhKey.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, dhKey->asyncDev, WC_ASYNC_FLAG_NONE);
}
#endif
/* RFC 8446 Section 7.4.1:
@ -6397,7 +6397,7 @@ static int TLSX_KeyShare_ProcessDh(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
ssl->arrays->preMasterSz = params->p_len;
}
wc_FreeDhKey(&dhKey);
wc_FreeDhKey(dhKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
#endif

18
src/tls13.c
View File

@ -5293,9 +5293,9 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
#ifndef NO_RSA
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
/* build encoded signature buffer */
sig->length = MAX_ENCODED_SIG_SZ;
sig->length = WC_MAX_DIGEST_SIZE;
sig->buffer = (byte*)XMALLOC(sig->length, ssl->heap,
DYNAMIC_TYPE_SIGNATURE);
DYNAMIC_TYPE_SIGNATURE);
if (sig->buffer == NULL) {
ERROR_OUT(MEMORY_E, exit_scv);
}
@ -7095,6 +7095,17 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
case server_hello:
WOLFSSL_MSG("processing server hello");
ret = DoTls13ServerHello(ssl, input, inOutIdx, size, &type);
#if !defined(WOLFSSL_NO_CLIENT_AUTH) && defined(HAVE_ED25519) && \
!defined(NO_ED25519_CLIENT_AUTH)
if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
IsAtLeastTLSv1_3(ssl->version)) {
ssl->options.cacheMessages = 0;
if (ssl->hsHashes->messages != NULL) {
XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
ssl->hsHashes->messages = NULL;
}
}
#endif
break;
case encrypted_extensions:
@ -7169,6 +7180,9 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
type != key_update) {
ret = HashInput(ssl, input + inIdx, size);
}
if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag) {
ShrinkInputBuffer(ssl, NO_FORCED_FREE);
}
if (ret == BUFFER_ERROR || ret == MISSING_HANDSHAKE_DATA)
SendAlert(ssl, alert_fatal, decode_error);

33
wolfcrypt/src/memory.c
View File

@ -71,6 +71,10 @@ Possible memory options:
}
}
#endif
#if defined(WOLFSSL_MALLOC_CHECK) || defined(WOLFSSL_TRACK_MEMORY_FULL) || \
defined(WOLFSSL_MEMORY_LOG)
#include <stdio.h>
#endif
/* Set these to default values initially. */
@ -992,9 +996,9 @@ void XFREE(void *p, void* heap, int type)
#endif /* HAVE_IO_POOL */
#ifdef WOLFSSL_MEMORY_TRACKING
#ifdef WOLFSSL_MEMORY_LOG
void *xmalloc(size_t n, void* heap, int type, const char* func,
unsigned int line)
const char* file, unsigned int line)
{
void* p;
word32* p32;
@ -1007,23 +1011,25 @@ void *xmalloc(size_t n, void* heap, int type, const char* func,
p32[0] = n;
p = (void*)(p32 + 4);
fprintf(stderr, "Alloc: %p -> %u (%d) at %s:%d\n", p, (word32)n, type, func,
line);
fprintf(stderr, "Alloc: %p -> %u (%d) at %s:%s:%d\n", p, (word32)n, type,
func, file, line);
(void)heap;
return p;
}
void *xrealloc(void *p, size_t n, void* heap, int type, const char* func,
unsigned int line)
const char* file, unsigned int line)
{
void* newp = NULL;
word32* p32;
word32* oldp32 = NULL;
word32 oldLen;
if (p != NULL) {
oldp32 = (word32*)p;
oldp32 -= 4;
oldLen = oldp32[0];
}
if (realloc_function)
@ -1035,11 +1041,11 @@ void *xrealloc(void *p, size_t n, void* heap, int type, const char* func,
p32[0] = n;
newp = (void*)(p32 + 4);
fprintf(stderr, "Alloc: %p -> %u (%d) at %s:%d\n", newp, (word32)n,
type, func, line);
fprintf(stderr, "Alloc: %p -> %u (%d) at %s:%s:%d\n", newp, (word32)n,
type, func, file, line);
if (p != NULL) {
fprintf(stderr, "Free: %p -> %u (%d) at %s:%d\n", p, oldp32[0],
type, func, line);
fprintf(stderr, "Free: %p -> %u (%d) at %s:%s:%d\n", p, oldLen,
type, func, file, line);
}
}
@ -1047,15 +1053,16 @@ void *xrealloc(void *p, size_t n, void* heap, int type, const char* func,
return newp;
}
void xfree(void *p, void* heap, int type, const char* func, unsigned int line)
void xfree(void *p, void* heap, int type, const char* func, const char* file,
unsigned int line)
{
word32* p32 = (word32*)p;
if (p != NULL) {
p32 -= 4;
fprintf(stderr, "Free: %p -> %u (%d) at %s:%d\n", p, p32[0], type, func,
line);
fprintf(stderr, "Free: %p -> %u (%d) at %s:%s:%d\n", p, p32[0], type,
func, file, line);
if (free_function)
free_function(p32);
@ -1065,5 +1072,5 @@ void xfree(void *p, void* heap, int type, const char* func, unsigned int line)
(void)heap;
}
#endif /* WOLFSSL_MEMORY_TRACKING */
#endif /* WOLFSSL_MEMORY_LOG */

6
wolfcrypt/src/sha256.c
View File

@ -531,7 +531,7 @@ static int InitSha256(wc_Sha256* sha256)
word32* W = sha256->W;
if (W == NULL) {
W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
DYNAMIC_TYPE_RNG);
DYNAMIC_TYPE_DIGEST);
if (W == NULL)
return MEMORY_E;
sha256->W = W;
@ -2708,7 +2708,7 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha224->W != NULL) {
XFREE(sha224->W, NULL, DYNAMIC_TYPE_RNG);
XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST);
sha224->W = NULL;
}
#endif
@ -2736,7 +2736,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha256->W != NULL) {
XFREE(sha256->W, NULL, DYNAMIC_TYPE_RNG);
XFREE(sha256->W, NULL, DYNAMIC_TYPE_DIGEST);
sha256->W = NULL;
}
#endif

6
wolfcrypt/src/sp_c32.c
View File

@ -8704,7 +8704,7 @@ static int sp_256_ecc_mulmod_10(sp_point* r, sp_point* g, sp_digit* k,
(void)heap;
td = (sp_point*)XMALLOC(sizeof(sp_point) * 3, heap, DYNAMIC_TYPE_TMP_ECC);
td = (sp_point*)XMALLOC(sizeof(sp_point) * 3, heap, DYNAMIC_TYPE_ECC);
if (td == NULL)
err = MEMORY_E;
tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 10 * 5, heap,
@ -8764,11 +8764,11 @@ static int sp_256_ecc_mulmod_10(sp_point* r, sp_point* g, sp_digit* k,
if (tmp != NULL) {
XMEMSET(tmp, 0, sizeof(sp_digit) * 2 * 10 * 5);
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_ECC);
XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
}
if (td != NULL) {
XMEMSET(td, 0, sizeof(sp_point) * 3);
XFREE(td, NULL, DYNAMIC_TYPE_TMP_ECC);
XFREE(td, NULL, DYNAMIC_TYPE_ECC);
}
return err;

6
wolfcrypt/src/sp_c64.c
View File

@ -7926,7 +7926,7 @@ static int sp_256_ecc_mulmod_5(sp_point* r, sp_point* g, sp_digit* k,
(void)heap;
td = (sp_point*)XMALLOC(sizeof(sp_point) * 3, heap, DYNAMIC_TYPE_TMP_ECC);
td = (sp_point*)XMALLOC(sizeof(sp_point) * 3, heap, DYNAMIC_TYPE_ECC);
if (td == NULL)
err = MEMORY_E;
tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 5 * 5, heap,
@ -7986,11 +7986,11 @@ static int sp_256_ecc_mulmod_5(sp_point* r, sp_point* g, sp_digit* k,
if (tmp != NULL) {
XMEMSET(tmp, 0, sizeof(sp_digit) * 2 * 5 * 5);
XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_ECC);
XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
}
if (td != NULL) {
XMEMSET(td, 0, sizeof(sp_point) * 3);
XFREE(td, NULL, DYNAMIC_TYPE_TMP_ECC);
XFREE(td, NULL, DYNAMIC_TYPE_ECC);
}
return err;

2
wolfssl/test.h
View File

@ -272,7 +272,7 @@
#define cliEccCertFile "certs/client-ecc-cert.pem"
#define caEccCertFile "certs/ca-ecc-cert/pem"
#define crlPemDir "certs/crl"
#define edCertFile "certs/ed25519/server-ed25519.pem"
#define edCertFile "certs/ed25519/server-ed25519-cert.pem"
#define edKeyFile "certs/ed25519/server-ed25519-priv.pem"
#define cliEdCertFile "certs/ed25519/client-ed25519.pem"
#define cliEdKeyFile "certs/ed25519/client-ed25519-priv.pem"

6
wolfssl/wolfcrypt/asn.h
View File

@ -167,7 +167,13 @@ enum Misc_ASN {
MIN_DATE_SIZE = 13,
MAX_DATE_SIZE = 32,
ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */
#ifndef NO_RSA
MAX_ENCODED_SIG_SZ = 512,
#elif defined(HAVE_ECC)
MAX_ENCODED_SIG_SZ = 140,
#else
MAX_ENCODED_SIG_SZ = 64,
#endif
MAX_SIG_SZ = 256,
MAX_ALGO_SZ = 20,
MAX_SHORT_SZ = 6, /* asn int + byte len + 4 byte length */

440
wolfssl/wolfcrypt/types.h
View File

@ -26,92 +26,92 @@
#ifndef WOLF_CRYPT_TYPES_H
#define WOLF_CRYPT_TYPES_H
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#ifdef __cplusplus
extern "C" {
#endif
#ifdef __cplusplus
extern "C" {
#endif
#if defined(WORDS_BIGENDIAN)
#define BIG_ENDIAN_ORDER
#endif
#if defined(WORDS_BIGENDIAN)
#define BIG_ENDIAN_ORDER
#endif
#ifndef BIG_ENDIAN_ORDER
#define LITTLE_ENDIAN_ORDER
#endif
#ifndef BIG_ENDIAN_ORDER
#define LITTLE_ENDIAN_ORDER
#endif
#ifndef WOLFSSL_TYPES
#ifndef byte
typedef unsigned char byte;
#endif
typedef unsigned short word16;
typedef unsigned int word32;
typedef byte word24[3];
#endif
#ifndef WOLFSSL_TYPES
#ifndef byte
typedef unsigned char byte;
#endif
typedef unsigned short word16;
typedef unsigned int word32;
typedef byte word24[3];
#endif
/* try to set SIZEOF_LONG or LONG_LONG if user didn't */
#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__)
#if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
#if (defined(__alpha__) || defined(__ia64__) || \
defined(_ARCH_PPC64) || defined(__mips64) || \
defined(__x86_64__) || \
((defined(sun) || defined(__sun)) && \
(defined(LP64) || defined(_LP64))))
/* long should be 64bit */
#define SIZEOF_LONG 8
#elif defined(__i386__) || defined(__CORTEX_M3__)
/* long long should be 64bit */
#define SIZEOF_LONG_LONG 8
#endif
#endif
#endif
/* try to set SIZEOF_LONG or LONG_LONG if user didn't */
#if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) && !defined(__EMSCRIPTEN__)
#if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG)
#if (defined(__alpha__) || defined(__ia64__) || \
defined(_ARCH_PPC64) || defined(__mips64) || \
defined(__x86_64__) || \
((defined(sun) || defined(__sun)) && \
(defined(LP64) || defined(_LP64))))
/* long should be 64bit */
#define SIZEOF_LONG 8
#elif defined(__i386__) || defined(__CORTEX_M3__)
/* long long should be 64bit */
#define SIZEOF_LONG_LONG 8
#endif
#endif
#endif
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ui64
typedef unsigned __int64 word64;
#elif defined(__EMSCRIPTEN__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ull
typedef unsigned long long word64;
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long word64;
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#endif
#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ui64
typedef unsigned __int64 word64;
#elif defined(__EMSCRIPTEN__)
#define WORD64_AVAILABLE
#define W64LIT(x) x##ull
typedef unsigned long long word64;
#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long word64;
#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8
#define WORD64_AVAILABLE
#define W64LIT(x) x##LL
typedef unsigned long long word64;
#endif
#if !defined(NO_64BIT) && defined(WORD64_AVAILABLE)
/* These platforms have 64-bit CPU registers. */
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \
/* These platforms have 64-bit CPU registers. */
#if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \
defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) || \
defined(__aarch64__) || defined(__sparc64__)
typedef word64 wolfssl_word;
typedef word64 wolfssl_word;
#define WC_64BIT_CPU
#elif (defined(sun) || defined(__sun)) && \
#elif (defined(sun) || defined(__sun)) && \
(defined(LP64) || defined(_LP64))
/* LP64 with GNU GCC compiler is reserved for when long int is 64 bits
* and int uses 32 bits. When using Solaris Studio sparc and __sparc are
* available for 32 bit detection but __sparc64__ could be missed. This
* uses LP64 for checking 64 bit CPU arch. */
typedef word64 wolfssl_word;
typedef word64 wolfssl_word;
#define WC_64BIT_CPU
#else
typedef word32 wolfssl_word;
#ifdef WORD64_AVAILABLE
#define WOLFCRYPT_SLOW_WORD64
#endif
#endif
typedef word32 wolfssl_word;
#ifdef WORD64_AVAILABLE
#define WOLFCRYPT_SLOW_WORD64
#endif
#endif
#else
#undef WORD64_AVAILABLE
typedef word32 wolfssl_word;
@ -119,36 +119,36 @@
mp_digit, no 64 bit type so make mp_digit 16 bit */
#endif
enum {
WOLFSSL_WORD_SIZE = sizeof(wolfssl_word),
WOLFSSL_BIT_SIZE = 8,
WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
};
enum {
WOLFSSL_WORD_SIZE = sizeof(wolfssl_word),
WOLFSSL_BIT_SIZE = 8,
WOLFSSL_WORD_BITS = WOLFSSL_WORD_SIZE * WOLFSSL_BIT_SIZE
};
#define WOLFSSL_MAX_16BIT 0xffffU
#define WOLFSSL_MAX_16BIT 0xffffU
/* use inlining if compiler allows */
#ifndef WC_INLINE
#ifndef NO_INLINE
#ifdef _MSC_VER
#define WC_INLINE __inline
#elif defined(__GNUC__)
/* use inlining if compiler allows */
#ifndef WC_INLINE
#ifndef NO_INLINE
#ifdef _MSC_VER
#define WC_INLINE __inline
#elif defined(__GNUC__)
#ifdef WOLFSSL_VXWORKS
#define WC_INLINE __inline__
#else
#define WC_INLINE inline
#endif
#elif defined(__IAR_SYSTEMS_ICC__)
#define WC_INLINE inline
#elif defined(THREADX)
#define WC_INLINE _Inline
#else
#define WC_INLINE
#endif
#else
#define WC_INLINE
#endif
#endif
#elif defined(__IAR_SYSTEMS_ICC__)
#define WC_INLINE inline
#elif defined(THREADX)
#define WC_INLINE _Inline
#else
#define WC_INLINE
#endif
#else
#define WC_INLINE
#endif
#endif
#if defined(HAVE_FIPS) || defined(HAVE_SELFTEST)
#define INLINE WC_INLINE
@ -170,19 +170,19 @@
#endif
/* set up thread local storage if available */
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
#elif defined(FREERTOS) || defined(FREERTOS_TCP)
#define THREAD_LS_T
#else
#define THREAD_LS_T __thread
#endif
#else
#define THREAD_LS_T
#endif
/* set up thread local storage if available */
#ifdef HAVE_THREAD_LS
#if defined(_MSC_VER)
#define THREAD_LS_T __declspec(thread)
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
#elif defined(FREERTOS) || defined(FREERTOS_TCP)
#define THREAD_LS_T
#else
#define THREAD_LS_T __thread
#endif
#else
#define THREAD_LS_T
#endif
/* GCC 7 has new switch() fall-through detection */
#if defined(__GNUC__)
@ -194,23 +194,23 @@
#define FALL_THROUGH
#endif
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
!defined(FREERTOS_TCP) && !defined(EBSNET) && \
/* Micrium will use Visual Studio for compilation but not the Win32 API */
#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \
!defined(FREERTOS_TCP) && !defined(EBSNET) && \
!defined(WOLFSSL_UTASKER) && !defined(INTIME_RTOS)
#define USE_WINDOWS_API
#endif
#define USE_WINDOWS_API
#endif
/* idea to add global alloc override by Moises Guimaraes */
/* default to libc stuff */
/* XREALLOC is used once in normal math lib, not in fast math lib */
/* XFREE on some embedded systems doesn't like free(0) so test */
#if defined(HAVE_IO_POOL)
WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
WOLFSSL_API void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)
/* idea to add global alloc override by Moises Guimaraes */
/* default to libc stuff */
/* XREALLOC is used once in normal math lib, not in fast math lib */
/* XFREE on some embedded systems doesn't like free(0) so test */
#if defined(HAVE_IO_POOL)
WOLFSSL_API void* XMALLOC(size_t n, void* heap, int type);
WOLFSSL_API void* XREALLOC(void *p, size_t n, void* heap, int type);
WOLFSSL_API void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_INTEL_QA)
#include <wolfssl/wolfcrypt/port/intel/quickassist_mem.h>
#undef USE_WOLFSSL_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY
@ -223,61 +223,61 @@
#define XREALLOC(p, n, h, t) IntelQaRealloc((p), (n), (h), (t))
#endif /* WOLFSSL_DEBUG_MEMORY */
#elif defined(XMALLOC_USER)
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_MEMORY_TRACKING)
#define XMALLOC(n, h, t) xmalloc(n, h, t, __FILE__, __LINE__)
#define XREALLOC(p, n, h, t) xrealloc(p, n, h, t, __FILE__, __LINE__)
#define XFREE(p, h, t) xfree(p, h, t, __FILE__, __LINE__)
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
extern void *XMALLOC(size_t n, void* heap, int type);
extern void *XREALLOC(void *p, size_t n, void* heap, int type);
extern void XFREE(void *p, void* heap, int type);
#elif defined(WOLFSSL_MEMORY_LOG)
#define XMALLOC(n, h, t) xmalloc(n, h, t, __func__, __FILE__, __LINE__)
#define XREALLOC(p, n, h, t) xrealloc(p, n, h, t, __func__, __FILE__, __LINE__)
#define XFREE(p, h, t) xfree(p, h, t, __func__, __FILE__, __LINE__)
/* prototypes for user heap override functions */
#include <stddef.h> /* for size_t */
#include <stdlib.h>
extern void *xmalloc(size_t n, void* heap, int type, const char* func,
unsigned int line);
const char* file, unsigned int line);
extern void *xrealloc(void *p, size_t n, void* heap, int type,
const char* func, unsigned int line);
const char* func, const char* file, unsigned int line);
extern void xfree(void *p, void* heap, int type, const char* func,
unsigned int line);
const char* file, unsigned int line);
#elif defined(XMALLOC_OVERRIDE)
/* override the XMALLOC, XFREE and XREALLOC macros */
#elif defined(NO_WOLFSSL_MEMORY)
/* just use plain C stdlib stuff if desired */
#include <stdlib.h>
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
#elif defined(NO_WOLFSSL_MEMORY)
/* just use plain C stdlib stuff if desired */
#include <stdlib.h>
#define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#define XREALLOC(p, n, h, t) realloc((p), (n))
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
&& !defined(FREESCALE_KSDK_MQX) && !defined(FREESCALE_FREE_RTOS) \
&& !defined(WOLFSSL_LEANPSK) && !defined(WOLFSSL_uITRON4)
/* default C runtime, can install different routines at runtime via cbs */
#include <wolfssl/wolfcrypt/memory.h>
/* default C runtime, can install different routines at runtime via cbs */
#include <wolfssl/wolfcrypt/memory.h>
#ifdef WOLFSSL_STATIC_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
#else
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
#endif /* WOLFSSL_DEBUG_MEMORY */
#elif !defined(FREERTOS) && !defined(FREERTOS_TCP)
#ifdef WOLFSSL_DEBUG_MEMORY
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s), __func__, __LINE__))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
#else
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
#define XMALLOC(s, h, t) ((void)h, (void)t, wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
#endif /* WOLFSSL_DEBUG_MEMORY */
#endif /* WOLFSSL_STATIC_MEMORY */
#endif
#endif
/* declare/free variable handling for async */
#ifdef WOLFSSL_ASYNC_CRYPT
@ -322,21 +322,21 @@
#define USE_WOLF_STRSEP
#endif
#ifndef STRING_USER
#include <string.h>
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
#ifndef STRING_USER
#include <string.h>
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
#define XMEMSET(b,c,l) memset((b),(c),(l))
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
#define XMEMMOVE(d,s,l) memmove((d),(s),(l))
#define XSTRLEN(s1) strlen((s1))
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
/* strstr, strncmp, and strncat only used by wolfSSL proper,
#define XSTRLEN(s1) strlen((s1))
#define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
/* strstr, strncmp, and strncat only used by wolfSSL proper,
* not required for wolfCrypt only */
#define XSTRSTR(s1,s2) strstr((s1),(s2))
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#define XSTRSTR(s1,s2) strstr((s1),(s2))
#define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
#define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n))
#ifdef USE_WOLF_STRSEP
#define XSTRSEP(s1,d) wc_strsep((s1),(d))
@ -348,14 +348,14 @@
/* XC32 does not support strncasecmp, so use case sensitive one */
#define XSTRNCASECMP(s1,s2,n) strncmp((s1),(s2),(n))
#elif defined(USE_WINDOWS_API) || defined(FREERTOS_TCP_WINSIM)
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
#define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n))
#else
#if defined(HAVE_STRINGS_H) && defined(WOLF_C99) && \
!defined(WOLFSSL_SGX)
#include <strings.h>
#endif
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#endif
#define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
#endif
/* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
debugging is turned on */
@ -381,7 +381,7 @@
#define XSTRTOK(s1,d,ptr) strtok_r((s1),(d),(ptr))
#endif
#endif
#endif
#endif
#ifdef USE_WOLF_STRTOK
WOLFSSL_API char* wc_strtok(char *str, const char *delim, char **nextp);
@ -398,20 +398,20 @@
#endif
#endif /* OPENSSL_EXTRA */
#ifndef CTYPE_USER
#include <ctype.h>
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
#ifndef CTYPE_USER
#include <ctype.h>
#if defined(HAVE_ECC) || defined(HAVE_OCSP) || \
defined(WOLFSSL_KEY_GEN) || !defined(NO_DSA)
#define XTOUPPER(c) toupper((c))
#define XISALPHA(c) isalpha((c))
#endif
/* needed by wolfSSL_check_domain_name() */
#define XTOLOWER(c) tolower((c))
#endif
#define XTOUPPER(c) toupper((c))
#define XISALPHA(c) isalpha((c))
#endif
/* needed by wolfSSL_check_domain_name() */
#define XTOLOWER(c) tolower((c))
#endif
/* memory allocation types for user hints */
enum {
/* memory allocation types for user hints */
enum {
DYNAMIC_TYPE_CA = 1,
DYNAMIC_TYPE_CERT = 2,
DYNAMIC_TYPE_KEY = 3,
@ -502,17 +502,17 @@
DYNAMIC_TYPE_HASH_TMP = 88,
DYNAMIC_TYPE_BLOB = 89,
DYNAMIC_TYPE_NAME_ENTRY = 90,
};
};
/* max error buffer string size */
/* max error buffer string size */
#ifndef WOLFSSL_MAX_ERROR_SZ
#define WOLFSSL_MAX_ERROR_SZ 80
#define WOLFSSL_MAX_ERROR_SZ 80
#endif
/* stack protection */
enum {
MIN_STACK_BUFFER = 8
};
/* stack protection */
enum {
MIN_STACK_BUFFER = 8
};
/* Algorithm Types */
@ -579,39 +579,39 @@
};
/* settings detection for compile vs runtime math incompatibilities */
enum {
#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x0
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x1
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x2
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x4
#elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x8
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x10
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x20
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x40
#else
#error "bad math long / long long settings"
#endif
};
/* settings detection for compile vs runtime math incompatibilities */
enum {
#if !defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x0
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x1
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x2
#elif !defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x4
#elif defined(USE_FAST_MATH) && !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
CTC_SETTINGS = 0x8
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG) && (SIZEOF_LONG == 8)
CTC_SETTINGS = 0x10
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 8)
CTC_SETTINGS = 0x20
#elif defined(USE_FAST_MATH) && defined(SIZEOF_LONG_LONG) && (SIZEOF_LONG_LONG == 4)
CTC_SETTINGS = 0x40
#else
#error "bad math long / long long settings"
#endif
};
WOLFSSL_API word32 CheckRunTimeSettings(void);
WOLFSSL_API word32 CheckRunTimeSettings(void);
/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
types need to match at compile time and run time, CheckCtcSettings will
return 1 if a match otherwise 0 */
#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
/* If user uses RSA, DH, DSA, or ECC math lib directly then fast math and long
types need to match at compile time and run time, CheckCtcSettings will
return 1 if a match otherwise 0 */
#define CheckCtcSettings() (CTC_SETTINGS == CheckRunTimeSettings())
/* invalid device id */
#define INVALID_DEVID -2
/* invalid device id */
#define INVALID_DEVID -2
/* AESNI requires alignment and ARMASM gains some performance from it */
@ -734,8 +734,8 @@
#define WC_MP_TO_RADIX
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLF_CRYPT_TYPES_H */