mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #4975 from cconlon/smallStack

Browse Source 
smallstack cleanup for OpenSSL Compatibility Functions
This commit is contained in:
JacobBarthelmeh 2022-03-25 17:06:59 -06:00 committed by GitHub
commit 25d5a624d2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 545 additions and 144 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

436
src/ssl.c
View File

@ -9798,7 +9798,11 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
WOLFSSL_X509_EXTENSION* ext = NULL;
WOLFSSL_ASN1_INTEGER* a;
WOLFSSL_STACK* sk;
DecodedCert cert;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
WOLFSSL_ENTER("wolfSSL_X509_set_ext");
@ -9825,9 +9829,18 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
return NULL;
}
InitDecodedCert( &cert, rawCert, (word32)outSz, 0);
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT);
if (cert == NULL) {
WOLFSSL_MSG("Failed to allocate memory for DecodedCert");
wolfSSL_X509_EXTENSION_free(ext);
return NULL;
}
#endif
if (ParseCert(&cert,
InitDecodedCert(cert, rawCert, (word32)outSz, 0);
if (ParseCert(cert,
#ifdef WOLFSSL_CERT_REQ
x509->isCSR ? CERTREQ_TYPE :
#endif
@ -9835,17 +9848,23 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
NO_VERIFY, NULL) < 0) {
WOLFSSL_MSG("\tCertificate parsing failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
input = cert.extensions;
sz = cert.extensionsSz;
input = cert->extensions;
sz = cert->extensionsSz;
if (input == NULL || sz == 0) {
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
@ -9856,14 +9875,20 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (input[idx++] != ASN_EXTENSIONS) {
WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
if (GetLength(input, &idx, &length, sz) < 0) {
WOLFSSL_MSG("\tfail: invalid length");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
}
@ -9871,7 +9896,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (GetSequence(input, &idx, &length, sz) < 0) {
WOLFSSL_MSG("\tfail: should be a SEQUENCE (1)");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
@ -9881,7 +9909,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (GetSequence(input, &idx, &length, sz) < 0) {
WOLFSSL_MSG("\tfail: should be a SEQUENCE");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
@ -9890,7 +9921,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ret < 0) {
WOLFSSL_MSG("\tfail: OBJECT ID");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
idx = tmpIdx;
@ -9909,7 +9943,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ext->obj == NULL) {
WOLFSSL_MSG("\tfail: Invalid OBJECT");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
ext->obj->nid = nid;
@ -9922,7 +9959,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
a = wolfSSL_ASN1_INTEGER_new();
if (a == NULL) {
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
a->length = x509->pathLength;
@ -9944,7 +9984,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (sk == NULL) {
WOLFSSL_MSG("Failed to malloc stack");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
@ -9958,7 +10001,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
WOLFSSL_MSG("Error creating ASN1 object");
wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
obj->obj = (byte*)x509->authInfoCaIssuer;
@ -9972,7 +10018,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
wolfSSL_ASN1_OBJECT_free(obj);
wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
}
@ -9987,7 +10036,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
WOLFSSL_MSG("Error creating ASN1 object");
wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
obj->obj = x509->authInfo;
@ -10001,7 +10053,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
wolfSSL_ASN1_OBJECT_free(obj);
wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
}
@ -10018,7 +10073,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set() failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
ext->crit = x509->authKeyIdCrit;
@ -10033,7 +10091,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set() failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
ext->crit = x509->subjKeyIdCrit;
@ -10054,7 +10115,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set() failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
ext->crit = x509->keyUsageCrit;
@ -10069,7 +10133,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set() failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
ext->crit = x509->keyUsageCrit;
@ -10094,7 +10161,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ret != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set() failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
#endif
@ -10104,7 +10174,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
DYNAMIC_TYPE_ASN1);
if (sk == NULL) {
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
XMEMSET(sk, 0, sizeof(WOLFSSL_GENERAL_NAMES));
@ -10119,8 +10192,11 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (gn == NULL) {
WOLFSSL_MSG("Error creating GENERAL_NAME");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
@ -10130,9 +10206,12 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
gn->d.ia5->length) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ASN1_STRING_set failed");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
@ -10143,9 +10222,12 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing onto stack");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
}
@ -10154,9 +10236,12 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Error pushing onto stack");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
wolfSSL_GENERAL_NAME_free(gn);
wolfSSL_sk_pop_free(sk, NULL);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
}
@ -10175,7 +10260,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (GetASNObjectId(input, &idx, &length, sz) != 0) {
WOLFSSL_MSG("Failed to Get ASN Object Id");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
oidBuf = (byte*)XMALLOC(length+1+MAX_LENGTH_SZ, NULL,
@ -10183,7 +10271,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (oidBuf == NULL) {
WOLFSSL_MSG("Failed to malloc tmp buffer");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
oidBuf[0] = ASN_OBJECT_ID;
@ -10201,8 +10292,11 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ext->obj->obj == NULL) {
wolfSSL_ASN1_OBJECT_free(ext->obj);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
ext->obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
@ -10223,7 +10317,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
WOLFSSL_MSG("Error decoding unknown extension data");
wolfSSL_ASN1_OBJECT_free(ext->obj);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
@ -10231,7 +10328,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
WOLFSSL_MSG("Error: Invalid Input Length.");
wolfSSL_ASN1_OBJECT_free(ext->obj);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
ext->value.data = (char*)XMALLOC(length, NULL, DYNAMIC_TYPE_ASN1);
@ -10239,7 +10339,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (ext->value.data == NULL) {
WOLFSSL_MSG("Failed to malloc ASN1_STRING data");
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return NULL;
}
XMEMCPY(ext->value.data,input+tmpIdx,length);
@ -10258,7 +10361,10 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
if (x509->ext_sk != NULL)
wolfSSL_sk_X509_EXTENSION_push(x509->ext_sk, ext);
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return ext;
}
@ -40235,7 +40341,11 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
WOLFSSL_BN_CTX *ctx)
{
mp_digit mp;
mp_int modulus;
#ifdef WOLFSSL_SMALL_STACK
mp_int* modulus = NULL;
#else
mp_int modulus[1];
#endif
(void)ctx;
WOLFSSL_ENTER("wolfSSL_EC_POINT_get_affine_coordinates_GFp");
@ -40250,39 +40360,65 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
return WOLFSSL_FAILURE;
}
#ifdef WOLFSSL_SMALL_STACK
modulus = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (modulus == NULL) {
return WOLFSSL_FAILURE;
}
#endif
if (!wolfSSL_BN_is_one(point->Z)) {
if (mp_init(&modulus) != MP_OKAY) {
if (mp_init(modulus) != MP_OKAY) {
WOLFSSL_MSG("mp_init failed");
#ifdef WOLFSSL_SMALL_STACK
XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
/* Map the Jacobian point back to affine space */
if (mp_read_radix(&modulus, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX) != MP_OKAY) {
if (mp_read_radix(modulus, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX) != MP_OKAY) {
WOLFSSL_MSG("mp_read_radix failed");
mp_clear(&modulus);
mp_clear(modulus);
#ifdef WOLFSSL_SMALL_STACK
XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
if (mp_montgomery_setup(&modulus, &mp) != MP_OKAY) {
if (mp_montgomery_setup(modulus, &mp) != MP_OKAY) {
WOLFSSL_MSG("mp_montgomery_setup failed");
mp_clear(&modulus);
mp_clear(modulus);
#ifdef WOLFSSL_SMALL_STACK
XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
if (ecc_map((ecc_point*)point->internal, &modulus, mp) != MP_OKAY) {
if (ecc_map((ecc_point*)point->internal, modulus, mp) != MP_OKAY) {
WOLFSSL_MSG("ecc_map failed");
mp_clear(&modulus);
mp_clear(modulus);
#ifdef WOLFSSL_SMALL_STACK
XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
if (SetECPointExternal((WOLFSSL_EC_POINT *)point) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("SetECPointExternal failed");
mp_clear(&modulus);
mp_clear(modulus);
#ifdef WOLFSSL_SMALL_STACK
XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
mp_clear(&modulus);
mp_clear(modulus);
}
BN_copy(x, point->X);
BN_copy(y, point->Y);
#ifdef WOLFSSL_SMALL_STACK
XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_SUCCESS;
}
#endif
@ -40481,7 +40617,12 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
const WOLFSSL_BIGNUM *n, const WOLFSSL_EC_POINT *q,
const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx)
{
mp_int a, prime;
#ifdef WOLFSSL_SMALL_STACK
mp_int* a = NULL;
mp_int* prime = NULL;
#else
mp_int a[1], prime[1];
#endif
int ret = WOLFSSL_FAILURE;
ecc_point* result = NULL;
ecc_point* tmp = NULL;
@ -40495,13 +40636,25 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
return WOLFSSL_FAILURE;
}
#ifdef WOLFSSL_SMALL_STACK
a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (a == NULL) {
return WOLFSSL_FAILURE;
}
prime = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (prime == NULL) {
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
return WOLFSSL_FAILURE;
}
#endif
if (!(result = wc_ecc_new_point())) {
WOLFSSL_MSG("wolfSSL_EC_POINT_new error");
return WOLFSSL_FAILURE;
}
/* read the curve prime and a */
if (mp_init_multi(&prime, &a, NULL, NULL, NULL, NULL) != MP_OKAY) {
if (mp_init_multi(prime, a, NULL, NULL, NULL, NULL) != MP_OKAY) {
WOLFSSL_MSG("mp_init_multi error");
goto cleanup;
}
@ -40511,13 +40664,13 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
goto cleanup;
}
if (mp_read_radix(&prime, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX)
if (mp_read_radix(prime, ecc_sets[group->curve_idx].prime, MP_RADIX_HEX)
!= MP_OKAY) {
WOLFSSL_MSG("mp_read_radix prime error");
goto cleanup;
}
if (mp_read_radix(&a, ecc_sets[group->curve_idx].Af, MP_RADIX_HEX)
if (mp_read_radix(a, ecc_sets[group->curve_idx].Af, MP_RADIX_HEX)
!= MP_OKAY) {
WOLFSSL_MSG("mp_read_radix a error");
goto cleanup;
@ -40555,14 +40708,14 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
#ifdef ECC_SHAMIR
if (ecc_mul2add(result, (mp_int*)n->internal,
(ecc_point*)q->internal, (mp_int*)m->internal,
result, &a, &prime, NULL)
result, a, prime, NULL)
!= MP_OKAY) {
WOLFSSL_MSG("ecc_mul2add error");
goto cleanup;
}
#else
mp_digit mp = 0;
if (mp_montgomery_setup(&prime, &mp) != MP_OKAY) {
if (mp_montgomery_setup(prime, &mp) != MP_OKAY) {
WOLFSSL_MSG("mp_montgomery_setup nqm error");
goto cleanup;
}
@ -40571,24 +40724,24 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
goto cleanup;
}
/* r = generator * n */
if (wc_ecc_mulmod((mp_int*)n->internal, result, result, &a, &prime, 0)
if (wc_ecc_mulmod((mp_int*)n->internal, result, result, a, prime, 0)
!= MP_OKAY) {
WOLFSSL_MSG("wc_ecc_mulmod nqm error");
goto cleanup;
}
/* tmp = q * m */
if (wc_ecc_mulmod((mp_int*)m->internal, (ecc_point*)q->internal,
tmp, &a, &prime, 0) != MP_OKAY) {
tmp, a, prime, 0) != MP_OKAY) {
WOLFSSL_MSG("wc_ecc_mulmod nqm error");
goto cleanup;
}
/* result = result + tmp */
if (ecc_projective_add_point(tmp, result, result, &a, &prime, mp)
if (ecc_projective_add_point(tmp, result, result, a, prime, mp)
!= MP_OKAY) {
WOLFSSL_MSG("wc_ecc_mulmod nqm error");
goto cleanup;
}
if (ecc_map(result, &prime, mp) != MP_OKAY) {
if (ecc_map(result, prime, mp) != MP_OKAY) {
WOLFSSL_MSG("ecc_map nqm error");
goto cleanup;
}
@ -40596,7 +40749,7 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
}
else if (n) {
/* r = generator * n */
if (wc_ecc_mulmod((mp_int*)n->internal, result, result, &a, &prime, 1)
if (wc_ecc_mulmod((mp_int*)n->internal, result, result, a, prime, 1)
!= MP_OKAY) {
WOLFSSL_MSG("wc_ecc_mulmod gn error");
goto cleanup;
@ -40605,7 +40758,7 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
else if (q && m) {
/* r = q * m */
if (wc_ecc_mulmod((mp_int*)m->internal, (ecc_point*)q->internal,
result, &a, &prime, 1) != MP_OKAY) {
result, a, prime, 1) != MP_OKAY) {
WOLFSSL_MSG("wc_ecc_mulmod qm error");
goto cleanup;
}
@ -40624,10 +40777,14 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
ret = WOLFSSL_SUCCESS;
cleanup:
mp_clear(&a);
mp_clear(&prime);
mp_clear(a);
mp_clear(prime);
wc_ecc_del_point(result);
wc_ecc_del_point(tmp);
#ifdef WOLFSSL_SMALL_STACK
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return ret;
}
#endif /* !WOLFSSL_ATECC508A && !WOLFSSL_ATECC608A && !HAVE_SELFTEST &&
@ -40638,7 +40795,11 @@ int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *a,
WOLFSSL_BN_CTX *ctx)
{
ecc_point* p;
mp_int prime;
#ifdef WOLFSSL_SMALL_STACK
mp_int* prime = NULL;
#else
mp_int prime[1];
#endif
(void)ctx;
@ -40650,22 +40811,42 @@ int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *a,
p = (ecc_point*)a->internal;
#ifdef WOLFSSL_SMALL_STACK
prime = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (prime == NULL) {
return WOLFSSL_FAILURE;
}
#endif
/* read the curve prime and a */
if (mp_init_multi(&prime, NULL, NULL, NULL, NULL, NULL) != MP_OKAY) {
if (mp_init_multi(prime, NULL, NULL, NULL, NULL, NULL) != MP_OKAY) {
WOLFSSL_MSG("mp_init_multi error");
#ifdef WOLFSSL_SMALL_STACK
XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
if (mp_sub(&prime, p->y, p->y) != MP_OKAY) {
if (mp_sub(prime, p->y, p->y) != MP_OKAY) {
WOLFSSL_MSG("mp_sub error");
#ifdef WOLFSSL_SMALL_STACK
XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
if (SetECPointExternal(a) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("SetECPointExternal error");
#ifdef WOLFSSL_SMALL_STACK
XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_SUCCESS;
}
@ -40897,9 +41078,15 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
WC_RNG* rng = NULL;
#ifdef WOLFSSL_SMALL_STACK
WC_RNG* tmpRNG = NULL;
byte* out = NULL;
mp_int* sig_r = NULL;
mp_int* sig_s = NULL;
#else
WC_RNG tmpRNG[1];
byte out[ECC_BUFSIZE];
mp_int sig_r[1], sig_s[1];
#endif
word32 outlen = ECC_BUFSIZE;
WOLFSSL_ENTER("wolfSSL_ECDSA_do_sign");
@ -40923,6 +41110,24 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG);
if (tmpRNG == NULL)
return NULL;
out = (byte*)XMALLOC(outlen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (out == NULL) {
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);
return NULL;
}
sig_r = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (sig_r == NULL) {
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);
return NULL;
}
sig_s = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (sig_s == NULL) {
XFREE(sig_r, NULL, DYNAMIC_TYPE_BIGINT);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);
return NULL;
}
#endif
if (wc_InitRng(tmpRNG) == 0) {
@ -40938,31 +41143,28 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
}
if (rng) {
byte out[ECC_BUFSIZE];
word32 outlen = ECC_BUFSIZE;
/* use wc_ecc_sign_hash because it supports crypto callbacks */
if (wc_ecc_sign_hash(d, dlen, out, &outlen, rng,
(ecc_key*)key->internal) == 0) {
mp_int sig_r, sig_s;
if (mp_init_multi(&sig_r, &sig_s, NULL, NULL, NULL, NULL) == MP_OKAY) {
if (mp_init_multi(sig_r, sig_s, NULL, NULL, NULL, NULL) == MP_OKAY) {
/* put signature blob in ECDSA structure */
if (DecodeECC_DSA_Sig(out, outlen, &sig_r, &sig_s) == 0) {
if (DecodeECC_DSA_Sig(out, outlen, sig_r, sig_s) == 0) {
sig = wolfSSL_ECDSA_SIG_new();
if (sig == NULL)
WOLFSSL_MSG("wolfSSL_ECDSA_SIG_new failed");
else if (SetIndividualExternal(&sig->r, &sig_r) != WOLFSSL_SUCCESS) {
else if (SetIndividualExternal(&sig->r, sig_r) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("ecdsa r key error");
wolfSSL_ECDSA_SIG_free(sig);
sig = NULL;
}
else if (SetIndividualExternal(&sig->s, &sig_s)!=WOLFSSL_SUCCESS){
else if (SetIndividualExternal(&sig->s, sig_s)!=WOLFSSL_SUCCESS){
WOLFSSL_MSG("ecdsa s key error");
wolfSSL_ECDSA_SIG_free(sig);
sig = NULL;
}
}
mp_free(&sig_r);
mp_free(&sig_s);
mp_free(sig_r);
mp_free(sig_s);
}
}
else {
@ -40973,6 +41175,9 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *d, int dlen,
if (initTmpRng)
wc_FreeRng(tmpRNG);
#ifdef WOLFSSL_SMALL_STACK
XFREE(sig_s, NULL, DYNAMIC_TYPE_BIGINT);
XFREE(sig_r, NULL, DYNAMIC_TYPE_BIGINT);
XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);
#endif
@ -45285,7 +45490,11 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
unsigned char **in, long length)
{
WOLFSSL_X509_NAME* tmp = NULL;
DecodedCert cert;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* cert = NULL;
#else
DecodedCert cert[1];
#endif
WOLFSSL_ENTER("wolfSSL_d2i_X509_NAME");
@ -45294,12 +45503,20 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
return NULL;
}
#ifdef WOLFSSL_SMALL_STACK
cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
DYNAMIC_TYPE_DCERT);
if (cert == NULL) {
return NULL;
}
#endif
/* Set the X509_NAME buffer as the input data for cert.
* in is NOT a full certificate. Just the name. */
InitDecodedCert(&cert, *in, (word32)length, NULL);
InitDecodedCert(cert, *in, (word32)length, NULL);
/* Parse the X509 subject name */
if (GetName(&cert, SUBJECT, (int)length) != 0) {
if (GetName(cert, SUBJECT, (int)length) != 0) {
WOLFSSL_MSG("WOLFSSL_X509_NAME parse error");
goto cleanup;
}
@ -45309,7 +45526,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
goto cleanup;
}
if (wolfSSL_X509_NAME_copy((WOLFSSL_X509_NAME*)cert.subjectName,
if (wolfSSL_X509_NAME_copy((WOLFSSL_X509_NAME*)cert->subjectName,
tmp) != WOLFSSL_SUCCESS) {
wolfSSL_X509_NAME_free(tmp);
tmp = NULL;
@ -45319,7 +45536,10 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
if (name)
*name = tmp;
cleanup:
FreeDecodedCert(&cert);
FreeDecodedCert(cert);
#ifdef WOLFSSL_SMALL_STACK
XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
#endif
return tmp;
}
@ -53872,7 +54092,11 @@ int SetIndividualInternal(WOLFSSL_BIGNUM* bn, mp_int* mpi)
WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
WOLFSSL_BIGNUM *bn)
{
mp_int mpi;
#ifdef WOLFSSL_SMALL_STACK
mp_int* mpi = NULL;
#else
mp_int mpi[1];
#endif
word32 idx = 0;
int ret;
@ -53882,29 +54106,49 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
return NULL;
}
ret = GetInt(&mpi, ai->data, &idx, ai->dataMax);
#ifdef WOLFSSL_SMALL_STACK
mpi = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (mpi == NULL) {
return NULL;
}
#endif
ret = GetInt(mpi, ai->data, &idx, ai->dataMax);
if (ret != 0) {
#if defined(WOLFSSL_QT) || defined(WOLFSSL_HAPROXY)
ret = mp_init(&mpi); /* must init mpi */
ret = mp_init(mpi); /* must init mpi */
if (ret != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(mpi, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return NULL;
}
/* Serial number in QT starts at index 0 of data */
if (mp_read_unsigned_bin(&mpi, (byte*)ai->data, ai->length) != 0) {
mp_clear(&mpi);
if (mp_read_unsigned_bin(mpi, (byte*)ai->data, ai->length) != 0) {
mp_clear(mpi);
#ifdef WOLFSSL_SMALL_STACK
XFREE(mpi, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return NULL;
}
#else
/* expecting ASN1 format for INTEGER */
WOLFSSL_LEAVE("wolfSSL_ASN1_INTEGER_to_BN", ret);
#ifdef WOLFSSL_SMALL_STACK
XFREE(mpi, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return NULL;
#endif
}
/* mp_clear needs called because mpi is copied and causes memory leak with
* --disable-fastmath */
ret = SetIndividualExternal(&bn, &mpi);
mp_clear(&mpi);
ret = SetIndividualExternal(&bn, mpi);
mp_clear(mpi);
#ifdef WOLFSSL_SMALL_STACK
XFREE(mpi, NULL, DYNAMIC_TYPE_BIGINT);
#endif
if (ret != WOLFSSL_SUCCESS) {
return NULL;
@ -57509,27 +57753,47 @@ int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey,
const WOLFSSL_EVP_MD *md)
{
int ret;
#ifdef WOLFSSL_SMALL_STACK
byte* der = NULL;
#else
byte der[2048];
int derSz = sizeof(der);
#endif
int derSz = 2048;
if (req == NULL || pkey == NULL || md == NULL) {
WOLFSSL_LEAVE("wolfSSL_X509_REQ_sign", BAD_FUNC_ARG);
return WOLFSSL_FAILURE;
}
#ifdef WOLFSSL_SMALL_STACK
der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL) {
return WOLFSSL_FAILURE;
}
#endif
/* Create a Cert that has the certificate request fields. */
req->sigOID = wolfSSL_sigTypeFromPKEY((WOLFSSL_EVP_MD*)md, pkey);
ret = wolfssl_x509_make_der(req, 1, der, &derSz, 0);
if (ret != WOLFSSL_SUCCESS) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
WOLFSSL_MSG("Unable to make DER for X509");
WOLFSSL_LEAVE("wolfSSL_X509_REQ_sign", ret);
return WOLFSSL_FAILURE;
}
if (wolfSSL_X509_resign_cert(req, 1, der, sizeof(der), derSz,
if (wolfSSL_X509_resign_cert(req, 1, der, 2048, derSz,
(WOLFSSL_EVP_MD*)md, pkey) <= 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return WOLFSSL_FAILURE;
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return WOLFSSL_SUCCESS;
}

160
wolfcrypt/src/ecc.c
View File

@ -8104,13 +8104,35 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
#if !defined(WOLFSSL_SP_MATH)
{
int did_init = 0;
mp_int t1, t2;
#ifdef WOLFSSL_SMALL_STACK
mp_int* t1 = NULL;
mp_int* t2 = NULL;
#else
mp_int t1[1], t2[1];
#endif
DECLARE_CURVE_SPECS(3);
ALLOC_CURVE_SPECS(3, err);
#ifdef WOLFSSL_SMALL_STACK
if (err == MP_OKAY) {
if (mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL) != MP_OKAY)
t1 = (mp_int*)XMALLOC(sizeof(mp_int), NULL,
DYNAMIC_TYPE_BIGINT);
if (t1 == NULL) {
err = MEMORY_E;
}
}
if (err == MP_OKAY) {
t2 = (mp_int*)XMALLOC(sizeof(mp_int), NULL,
DYNAMIC_TYPE_BIGINT);
if (t2 == NULL) {
err = MEMORY_E;
}
}
#endif
if (err == MP_OKAY) {
if (mp_init_multi(t1, t2, NULL, NULL, NULL, NULL) != MP_OKAY)
err = MEMORY_E;
else
did_init = 1;
@ -8135,42 +8157,51 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
/* compute x^3 */
if (err == MP_OKAY)
err = mp_sqr(point->x, &t1);
err = mp_sqr(point->x, t1);
if (err == MP_OKAY)
err = mp_mulmod(&t1, point->x, curve->prime, &t1);
err = mp_mulmod(t1, point->x, curve->prime, t1);
/* compute x^3 + a*x */
if (err == MP_OKAY)
err = mp_mulmod(curve->Af, point->x, curve->prime, &t2);
err = mp_mulmod(curve->Af, point->x, curve->prime, t2);
if (err == MP_OKAY)
err = mp_add(&t1, &t2, &t1);
err = mp_add(t1, t2, t1);
/* compute x^3 + a*x + b */
if (err == MP_OKAY)
err = mp_add(&t1, curve->Bf, &t1);
err = mp_add(t1, curve->Bf, t1);
/* compute sqrt(x^3 + a*x + b) */
if (err == MP_OKAY)
err = mp_sqrtmod_prime(&t1, curve->prime, &t2);
err = mp_sqrtmod_prime(t1, curve->prime, t2);
/* adjust y */
if (err == MP_OKAY) {
if ((mp_isodd(&t2) == MP_YES &&
if ((mp_isodd(t2) == MP_YES &&
pointType == ECC_POINT_COMP_ODD) ||
(mp_isodd(&t2) == MP_NO &&
(mp_isodd(t2) == MP_NO &&
pointType == ECC_POINT_COMP_EVEN)) {
err = mp_mod(&t2, curve->prime, point->y);
err = mp_mod(t2, curve->prime, point->y);
}
else {
err = mp_submod(curve->prime, &t2, curve->prime, point->y);
err = mp_submod(curve->prime, t2, curve->prime, point->y);
}
}
if (did_init) {
mp_clear(&t2);
mp_clear(&t1);
mp_clear(t2);
mp_clear(t1);
}
#ifdef WOLFSSL_SMALL_STACK
if (t1 != NULL) {
XFREE(t1, NULL, DYNAMIC_TYPE_BIGINT);
}
if (t2 != NULL) {
XFREE(t2, NULL, DYNAMIC_TYPE_BIGINT);
}
#endif
wc_ecc_curve_free(curve);
FREE_CURVE_SPECS();
}
@ -9254,14 +9285,33 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
#ifdef HAVE_COMP_KEY
if (err == MP_OKAY && compressed == 1) { /* build y */
#if !defined(WOLFSSL_SP_MATH)
mp_int t1, t2;
#ifdef WOLFSSL_SMALL_STACK
mp_int* t1 = NULL;
mp_int* t2 = NULL;
#else
mp_int t1[1], t2[1];
#endif
int did_init = 0;
DECLARE_CURVE_SPECS(3);
ALLOC_CURVE_SPECS(3, err);
#ifdef WOLFSSL_SMALL_STACK
if (err == MP_OKAY) {
if (mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL) != MP_OKAY)
t1 = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (t1 == NULL) {
err = MEMORY_E;
}
}
if (err == MP_OKAY) {
t2 = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (t2 == NULL) {
err = MEMORY_E;
}
}
#endif
if (err == MP_OKAY) {
if (mp_init_multi(t1, t2, NULL, NULL, NULL, NULL) != MP_OKAY)
err = MEMORY_E;
else
did_init = 1;
@ -9286,41 +9336,49 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
/* compute x^3 */
if (err == MP_OKAY)
err = mp_sqr(key->pubkey.x, &t1);
err = mp_sqr(key->pubkey.x, t1);
if (err == MP_OKAY)
err = mp_mulmod(&t1, key->pubkey.x, curve->prime, &t1);
err = mp_mulmod(t1, key->pubkey.x, curve->prime, t1);
/* compute x^3 + a*x */
if (err == MP_OKAY)
err = mp_mulmod(curve->Af, key->pubkey.x, curve->prime, &t2);
err = mp_mulmod(curve->Af, key->pubkey.x, curve->prime, t2);
if (err == MP_OKAY)
err = mp_add(&t1, &t2, &t1);
err = mp_add(t1, t2, t1);
/* compute x^3 + a*x + b */
if (err == MP_OKAY)
err = mp_add(&t1, curve->Bf, &t1);
err = mp_add(t1, curve->Bf, t1);
/* compute sqrt(x^3 + a*x + b) */
if (err == MP_OKAY)
err = mp_sqrtmod_prime(&t1, curve->prime, &t2);
err = mp_sqrtmod_prime(t1, curve->prime, t2);
/* adjust y */
if (err == MP_OKAY) {
if ((mp_isodd(&t2) == MP_YES && pointType == ECC_POINT_COMP_ODD) ||
(mp_isodd(&t2) == MP_NO && pointType == ECC_POINT_COMP_EVEN)) {
err = mp_mod(&t2, curve->prime, &t2);
if ((mp_isodd(t2) == MP_YES && pointType == ECC_POINT_COMP_ODD) ||
(mp_isodd(t2) == MP_NO && pointType == ECC_POINT_COMP_EVEN)) {
err = mp_mod(t2, curve->prime, t2);
}
else {
err = mp_submod(curve->prime, &t2, curve->prime, &t2);
err = mp_submod(curve->prime, t2, curve->prime, t2);
}
if (err == MP_OKAY)
err = mp_copy(&t2, key->pubkey.y);
err = mp_copy(t2, key->pubkey.y);
}
if (did_init) {
mp_clear(&t2);
mp_clear(&t1);
mp_clear(t2);
mp_clear(t1);
}
#ifdef WOLFSSL_SMALL_STACK
if (t1 != NULL) {
XFREE(t1, NULL, DYNAMIC_TYPE_BIGINT);
}
if (t2 != NULL) {
XFREE(t2, NULL, DYNAMIC_TYPE_BIGINT);
}
#endif
wc_ecc_curve_free(curve);
FREE_CURVE_SPECS();
@ -12943,7 +13001,12 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
*/
int mp_jacobi(mp_int* a, mp_int* n, int* c)
{
mp_int a1, n1;
#ifdef WOLFSSL_SMALL_STACK
mp_int* a1 = NULL;
mp_int* n1 = NULL;
#else
mp_int a1[1], n1[1];
#endif
int res;
int s = 1;
int k;
@ -12961,22 +13024,38 @@ int mp_jacobi(mp_int* a, mp_int* n, int* c)
return MP_VAL;
}
if ((res = mp_init_multi(&a1, &n1, NULL, NULL, NULL, NULL)) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
a1 = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (a1 == NULL) {
return MP_MEM;
}
n1 = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (n1 == NULL) {
XFREE(a1, NULL, DYNAMIC_TYPE_BIGINT);
return MP_MEM;
}
#endif
if ((res = mp_init_multi(a1, n1, NULL, NULL, NULL, NULL)) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(a1, NULL, DYNAMIC_TYPE_BIGINT);
XFREE(n1, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return res;
}
SAVE_VECTOR_REGISTERS(return _svr_ret;);
if ((res = mp_mod(a, n, &a1)) != MP_OKAY) {
if ((res = mp_mod(a, n, a1)) != MP_OKAY) {
goto done;
}
if ((res = mp_copy(n, &n1)) != MP_OKAY) {
if ((res = mp_copy(n, n1)) != MP_OKAY) {
goto done;
}
t[0] = &a1;
t[1] = &n1;
t[0] = a1;
t[1] = n1;
/* Keep reducing until first number is 0. */
while (!mp_iszero(t[0])) {
@ -13026,9 +13105,14 @@ done:
RESTORE_VECTOR_REGISTERS();
/* cleanup */
mp_clear(&n1);
mp_clear(&a1);
/* cleanup */
mp_clear(n1);
mp_clear(a1);
#ifdef WOLFSSL_SMALL_STACK
XFREE(a1, NULL, DYNAMIC_TYPE_BIGINT);
XFREE(n1, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return res;
}

93
wolfcrypt/src/evp.c
View File

@ -8225,12 +8225,26 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
int wsz;
word32 i;
unsigned long exponent = 0;
mp_int a;
#ifdef WOLFSSL_SMALL_STACK
mp_int* a = NULL;
#else
mp_int a[1];
#endif
char line[32] = { 0 };
(void)pctx;
if( mp_init(&a) != 0) {
#ifdef WOLFSSL_SMALL_STACK
a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (a == NULL) {
return WOLFSSL_FAILURE;
}
#endif
if( mp_init(a) != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
if (indent < 0) {
@ -8255,10 +8269,10 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
break;
}
if (mp_set_int(&a, bitlen) != 0) {
if (mp_set_int(a, bitlen) != 0) {
break;
}
if (mp_todecimal(&a, (char*)buff) != 0) {
if (mp_todecimal(a, (char*)buff) != 0) {
break;
}
wsz = (int)XSTRLEN((const char*)buff);
@ -8298,10 +8312,10 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
}
XMEMSET(buff, 0, sizeof(buff));
if (mp_set_int(&a, exponent) != 0) {
if (mp_set_int(a, exponent) != 0) {
break;
}
if (mp_todecimal(&a, (char*)buff) != 0) {
if (mp_todecimal(a, (char*)buff) != 0) {
break;
}
wsz = (int)XSTRLEN((const char*)buff);
@ -8314,7 +8328,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
break;
}
XMEMSET(buff, 0, sizeof(buff));
if (mp_tohex(&a, (char*)buff) != 0) {
if (mp_tohex(a, (char*)buff) != 0) {
break;
}
if (wolfSSL_BIO_write(out, buff, (int)XSTRLEN((char*)buff)) <= 0) {
@ -8328,7 +8342,10 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
res = WOLFSSL_SUCCESS;
} while (0);
mp_free(&a);
mp_free(a);
#ifdef WOLFSSL_SMALL_STACK
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return res;
}
#endif /* !NO_RSA */
@ -8557,11 +8574,26 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
int pSz, qSz, gSz, ySz;
int idx;
int wsz;
mp_int a;
#ifdef WOLFSSL_SMALL_STACK
mp_int* a = NULL;
#else
mp_int a[1];
#endif
char line[32] = { 0 };
if( mp_init(&a) != 0)
#ifdef WOLFSSL_SMALL_STACK
a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (a == NULL) {
return WOLFSSL_FAILURE;
}
#endif
if( mp_init(a) != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
inOutIdx = 0;
(void)pctx;
@ -8667,10 +8699,10 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
break;
}
if (mp_set_int(&a, bitlen) != 0) {
if (mp_set_int(a, bitlen) != 0) {
break;
}
if (mp_todecimal(&a, (char*)buff) != 0) {
if (mp_todecimal(a, (char*)buff) != 0) {
break;
}
wsz = (int)XSTRLEN((const char*)buff);
@ -8721,7 +8753,10 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
res = WOLFSSL_SUCCESS;
} while (0);
mp_free(&a);
mp_free(a);
#ifdef WOLFSSL_SMALL_STACK
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return res;
}
#endif /* !NO_DSA */
@ -8757,11 +8792,26 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
int wsz;
word32 outSz;
byte outHex[3];
mp_int a;
#ifdef WOLFSSL_SMALL_STACK
mp_int* a = NULL;
#else
mp_int a[1];
#endif
char line[32] = { 0 };
if( mp_init(&a) != 0)
#ifdef WOLFSSL_SMALL_STACK
a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT);
if (a == NULL) {
return WOLFSSL_FAILURE;
}
#endif
if( mp_init(a) != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return WOLFSSL_FAILURE;
}
inOutIdx = 0;
(void)pctx;
@ -8855,10 +8905,10 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
break;
}
if (mp_set_int(&a, bitlen) != 0) {
if (mp_set_int(a, bitlen) != 0) {
break;
}
if (mp_todecimal(&a, (char*)buff) != 0) {
if (mp_todecimal(a, (char*)buff) != 0) {
break;
}
wsz = (int)XSTRLEN((const char*)buff);
@ -8894,10 +8944,10 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
break;
}
if (mp_set_int(&a, generator) != 0) {
if (mp_set_int(a, generator) != 0) {
break;
}
if (mp_todecimal(&a, (char*)buff) != 0) {
if (mp_todecimal(a, (char*)buff) != 0) {
break;
}
wsz = (int)XSTRLEN((const char*)buff);
@ -8929,7 +8979,10 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
res = WOLFSSL_SUCCESS;
} while (0);
mp_free(&a);
mp_free(a);
#ifdef WOLFSSL_SMALL_STACK
XFREE(a, NULL, DYNAMIC_TYPE_BIGINT);
#endif
return res;
}
#endif /* WOLFSSL_DH_EXTRA */