mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* Exposed useful sizes MAX_X509_HEADER_SZ and PEM_LINE_SZ

Browse Source 
* Refactor the PEM saving code in `test.c`, so its not using large 4K buffer and calculates based on DER.
* Enable ECC key generation test even without `WOLFSSL_KEY_GEN`.
* Added `ECC_KEYGEN_SIZE` macro for ECC key generation testing.
* Refactor ECC DER key generation to use `ECC_BUFSIZE`.
This commit is contained in:
David Garske 2020-04-23 16:11:54 -07:00
parent 81f959336b
commit 28b686a8ca
4 changed files with 89 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wolfcrypt/src/asn.c
View File

@ -9798,9 +9798,8 @@ void wc_FreeDer(DerBuffer** pDer)
#if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
/* Max X509 header length indicates the max length + 2 ('\n', '\0') */
#define MAX_X509_HEADER_SZ (37 + 2)
/* Note: If items added make sure MAX_X509_HEADER_SZ is
updated to reflect maximum length */
wcchar BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
wcchar END_CERT = "-----END CERTIFICATE-----";
#ifdef WOLFSSL_CERT_REQ

2
wolfcrypt/src/coding.c
View File

@ -29,6 +29,7 @@
#ifndef NO_CODING
#include <wolfssl/wolfcrypt/coding.h>
#include <wolfssl/wolfcrypt/asn.h> /* For PEM_LINE_SZ */
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
@ -36,7 +37,6 @@
enum {
BAD = 0xFF, /* invalid encoding */
PAD = '=',
PEM_LINE_SZ = 64,
BASE64_MIN = 0x2B,
BASE16_MIN = 0x30,
};

236
wolfcrypt/test/test.c
View File

@ -120,11 +120,7 @@
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/types.h>
#if defined(WOLFSSL_TEST_CERT) || defined(ASN_BER_TO_DER)
#include <wolfssl/wolfcrypt/asn.h>
#else
#include <wolfssl/wolfcrypt/asn_public.h>
#endif
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/md2.h>
#include <wolfssl/wolfcrypt/md5.h>
#include <wolfssl/wolfcrypt/md4.h>
@ -1286,18 +1282,17 @@ initDefaultName();
#endif /* NO_MAIN_DRIVER */
/* helper to save DER, convert to PEM and save PEM */
#if !defined(NO_ASN) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \
(defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN))
#if !defined(NO_ASN) && \
((!defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)) || defined(HAVE_ECC))
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
#define SaveDerAndPem(d, dSz, p, pSz, fD, fP, pT, eB) _SaveDerAndPem(d, dSz, p, pSz, fD, fP, pT, eB)
#define SaveDerAndPem(d, dSz, fD, fP, pT, eB) _SaveDerAndPem(d, dSz, fD, fP, pT, eB)
#else
#define SaveDerAndPem(d, dSz, p, pSz, fD, fP, pT, eB) _SaveDerAndPem(d, dSz, p, pSz, NULL, NULL, pT, eB)
#define SaveDerAndPem(d, dSz, fD, fP, pT, eB) _SaveDerAndPem(d, dSz, NULL, NULL, pT, eB)
#endif
static int _SaveDerAndPem(const byte* der, int derSz,
byte* pem, int pemSz, const char* fileDer,
const char* filePem, int pemType, int errBase)
const char* fileDer, const char* filePem, int pemType, int errBase)
{
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
int ret;
@ -1314,32 +1309,50 @@ static int _SaveDerAndPem(const byte* der, int derSz,
}
#endif
if (pem && filePem) {
#ifdef WOLFSSL_DER_TO_PEM
if (filePem) {
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
XFILE pemFile;
#endif
#ifdef WOLFSSL_DER_TO_PEM
byte* pem;
int pemSz;
/* calculate PEM size */
pemSz = wc_DerToPem(der, derSz, NULL, 0, pemType);
if (pemSz < 0) {
return pemSz;
}
pem = XMALLOC(pemSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
return MEMORY_E;
}
/* Convert to PEM */
pemSz = wc_DerToPem(der, derSz, pem, pemSz, pemType);
if (pemSz < 0) {
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return errBase + 2;
}
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
pemFile = XFOPEN(filePem, "wb");
if (!pemFile) {
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return errBase + 3;
}
ret = (int)XFWRITE(pem, 1, pemSz, pemFile);
XFCLOSE(pemFile);
if (ret != pemSz) {
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return errBase + 4;
}
#endif
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* WOLFSSL_DER_TO_PEM */
/* suppress unused variable warnings */
(void)filePem;
(void)fileDer;
(void)pemType;
return 0;
}
@ -10357,12 +10370,10 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
static const char* certEccRsaPemFile = CERT_PREFIX "certeccrsa.pem";
static const char* certEccRsaDerFile = CERT_PREFIX "certeccrsa.der";
#endif
#ifdef WOLFSSL_KEY_GEN
static const char* eccCaKeyPemFile = CERT_PREFIX "ecc-key.pem";
static const char* eccPubKeyDerFile = CERT_PREFIX "ecc-public-key.der";
static const char* eccCaKeyTempFile = CERT_PREFIX "ecc-key.der";
static const char* eccPkcs8KeyDerFile = CERT_PREFIX "ecc-key-pkcs8.der";
#endif
#if defined(WOLFSSL_CERT_GEN) || \
(defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT))
static const char* certEccDerFile = CERT_PREFIX "certecc.der";
@ -12229,7 +12240,6 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
{
RsaKey caKey;
byte* der;
byte* pem = NULL;
int ret;
Cert* myCert = NULL;
int certSz;
@ -12255,10 +12265,6 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
if (der == NULL) {
ERROR_OUT(-7619, exit_rsa);
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
ERROR_OUT(-7620, exit_rsa);
}
myCert = (Cert*)XMALLOC(sizeof(Cert), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (myCert == NULL) {
ERROR_OUT(-7621, exit_rsa);
@ -12337,8 +12343,8 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
FreeDecodedCert(&decode);
#endif
ret = SaveDerAndPem(der, certSz, pem, FOURK_BUF, certDerFile,
certPemFile, CERT_TYPE, -5578);
ret = SaveDerAndPem(der, certSz, certDerFile, certPemFile,
CERT_TYPE, -5578);
if (ret != 0) {
goto exit_rsa;
}
@ -12500,8 +12506,8 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
FreeDecodedCert(&decode);
#endif
ret = SaveDerAndPem(der, certSz, pem, FOURK_BUF, otherCertDerFile,
otherCertPemFile, CERT_TYPE, -5598);
ret = SaveDerAndPem(der, certSz, otherCertDerFile, otherCertPemFile,
CERT_TYPE, -5598);
if (ret != 0) {
goto exit_rsa;
}
@ -12510,7 +12516,6 @@ exit_rsa:
wc_FreeRsaKey(&caKey);
XFREE(myCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
@ -12525,7 +12530,6 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
ecc_key caEccKey;
ecc_key caEccKeyPub;
byte* der;
byte* pem = NULL;
Cert* myCert = NULL;
int certSz;
size_t bytes3;
@ -12547,10 +12551,6 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
if (der == NULL) {
ERROR_OUT(-7645, exit_rsa);
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
ERROR_OUT(-7646, exit_rsa);
}
myCert = (Cert*)XMALLOC(sizeof(Cert), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (myCert == NULL) {
ERROR_OUT(-7647, exit_rsa);
@ -12697,8 +12697,8 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
FreeDecodedCert(&decode);
#endif
ret = SaveDerAndPem(der, certSz, pem, FOURK_BUF, certEccRsaDerFile,
certEccRsaPemFile, CERT_TYPE, -5616);
ret = SaveDerAndPem(der, certSz, certEccRsaDerFile, certEccRsaPemFile,
CERT_TYPE, -5616);
if (ret != 0) {
goto exit_rsa;
}
@ -12710,8 +12710,6 @@ exit_rsa:
XFREE(myCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
myCert = NULL;
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
pem = NULL;
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
der = NULL;
@ -12727,7 +12725,6 @@ static int rsa_keygen_test(WC_RNG* rng)
RsaKey genKey;
int ret;
byte* der = NULL;
byte* pem = NULL;
word32 idx = 0;
int derSz = 0;
#if !defined(WOLFSSL_SP_MATH) && !defined(HAVE_FIPS)
@ -12766,17 +12763,13 @@ static int rsa_keygen_test(WC_RNG* rng)
if (der == NULL) {
ERROR_OUT(-7665, exit_rsa);
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
ERROR_OUT(-7666, exit_rsa);
}
derSz = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
if (derSz < 0) {
ERROR_OUT(-7667, exit_rsa);
}
ret = SaveDerAndPem(der, derSz, pem, FOURK_BUF, keyDerFile, keyPemFile,
ret = SaveDerAndPem(der, derSz, keyDerFile, keyPemFile,
PRIVATEKEY_TYPE, -5555);
if (ret != 0) {
goto exit_rsa;
@ -12798,10 +12791,6 @@ static int rsa_keygen_test(WC_RNG* rng)
exit_rsa:
wc_FreeRsaKey(&genKey);
if (pem != NULL) {
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
pem = NULL;
}
if (der != NULL) {
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
der = NULL;
@ -12816,7 +12805,6 @@ int rsa_test(void)
int ret;
byte* tmp;
byte* der = NULL;
byte* pem = NULL;
size_t bytes;
WC_RNG rng;
RsaKey key;
@ -13698,10 +13686,6 @@ int rsa_test(void)
if (der == NULL) {
ERROR_OUT(-7758, exit_rsa);
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
ERROR_OUT(-7759, exit_rsa);
}
certSz = wc_MakeNtruCert(&myCert, der, FOURK_BUF, public_key,
public_key_len, &rng);
@ -13735,8 +13719,8 @@ int rsa_test(void)
FreeDecodedCert(&decode);
#endif
ret = SaveDerAndPem(der, certSz, pem, FOURK_BUF, "./ntru-cert.der",
"./ntru-cert.pem", CERT_TYPE, -5637);
ret = SaveDerAndPem(der, certSz, "./ntru-cert.der", "./ntru-cert.pem",
CERT_TYPE, -5637);
if (ret != 0) {
goto exit_rsa;
}
@ -13753,8 +13737,6 @@ int rsa_test(void)
}
#endif
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
pem = NULL;
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
der = NULL;
}
@ -13768,10 +13750,6 @@ int rsa_test(void)
if (der == NULL) {
ERROR_OUT(-7765, exit_rsa);
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
ERROR_OUT(-7766, exit_rsa);
}
if (wc_InitCert(&req)) {
ERROR_OUT(-7767, exit_rsa);
@ -13846,8 +13824,8 @@ int rsa_test(void)
}
derSz = ret;
ret = SaveDerAndPem(der, derSz, pem, FOURK_BUF, certReqDerFile,
certReqPemFile, CERTREQ_TYPE, -5650);
ret = SaveDerAndPem(der, derSz, certReqDerFile, certReqPemFile,
CERTREQ_TYPE, -5650);
if (ret != 0) {
goto exit_rsa;
}
@ -13857,8 +13835,6 @@ int rsa_test(void)
ERROR_OUT(-7776, exit_rsa);
}
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
pem = NULL;
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
der = NULL;
}
@ -13878,7 +13854,6 @@ exit_rsa:
wc_FreeRsaKey(&caKey);
#endif
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeRng(&rng);
@ -14606,7 +14581,6 @@ int dsa_test(void)
#ifdef WOLFSSL_KEY_GEN
{
byte* der;
byte* pem;
int derSz = 0;
DsaKey derIn;
DsaKey genKey;
@ -14631,25 +14605,17 @@ int dsa_test(void)
wc_FreeDsaKey(&genKey);
return -8011;
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeDsaKey(&genKey);
return -8012;
}
derSz = wc_DsaKeyToDer(&genKey, der, FOURK_BUF);
if (derSz < 0) {
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -8013;
}
ret = SaveDerAndPem(der, derSz, pem, FOURK_BUF, keyDerFile,
keyPemFile, DSA_PRIVATEKEY_TYPE, -5814);
ret = SaveDerAndPem(der, derSz, keyDerFile, keyPemFile,
DSA_PRIVATEKEY_TYPE, -5814);
if (ret != 0) {
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeDsaKey(&genKey);
return ret;
}
@ -14657,7 +14623,6 @@ int dsa_test(void)
ret = wc_InitDsaKey(&derIn);
if (ret != 0) {
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeDsaKey(&genKey);
return -8014;
}
@ -14666,7 +14631,6 @@ int dsa_test(void)
ret = wc_DsaPrivateKeyDecode(der, &idx, &derIn, derSz);
if (ret != 0) {
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeDsaKey(&derIn);
wc_FreeDsaKey(&genKey);
return -8015;
@ -14674,7 +14638,6 @@ int dsa_test(void)
wc_FreeDsaKey(&derIn);
wc_FreeDsaKey(&genKey);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* WOLFSSL_KEY_GEN */
@ -17714,6 +17677,10 @@ int x963kdf_test(void)
#ifdef HAVE_ECC
#ifndef ECC_KEYGEN_SIZE
/* size to use for ECC key gen tests */
#define ECC_KEYGEN_SIZE 32
#endif
#ifdef BENCH_EMBEDDED
#define ECC_SHARED_SIZE 128
#else
@ -18212,9 +18179,9 @@ done:
static int ecc_test_make_pub(WC_RNG* rng)
{
ecc_key key;
unsigned char* exportBuf;
unsigned char* tmp;
unsigned char msg[] = "test wolfSSL ECC public gen";
byte exportBuf[ECC_BUFSIZE];
byte tmp[ECC_BUFSIZE];
const byte* msg = (const byte*)"test wolfSSL ECC public gen";
word32 x, tmpSz;
int ret = 0;
ecc_point* pubPoint = NULL;
@ -18231,33 +18198,15 @@ static int ecc_test_make_pub(WC_RNG* rng)
wc_ecc_init_ex(&key, HEAP_HINT, devId);
#ifdef USE_CERT_BUFFERS_256
tmp = (byte*)XMALLOC((size_t)sizeof_ecc_key_der_256, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
return -9613;
}
exportBuf = (byte*)XMALLOC((size_t)sizeof_ecc_key_der_256, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (exportBuf == NULL) {
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -9614;
}
XMEMCPY(tmp, ecc_key_der_256, (size_t)sizeof_ecc_key_der_256);
tmpSz = (size_t)sizeof_ecc_key_der_256;
#else
tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp == NULL) {
return -9615;
}
exportBuf = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (exportBuf == NULL) {
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -9616;
}
file = XFOPEN(eccKeyDerFile, "rb");
if (!file) {
ERROR_OUT(-9617, done);
}
tmpSz = (word32)XFREAD(tmp, 1, FOURK_BUF, file);
tmpSz = (word32)XFREAD(tmp, 1, sizeof(tmp), file);
XFCLOSE(file);
#endif /* USE_CERT_BUFFERS_256 */
@ -18279,7 +18228,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
}
#ifdef HAVE_ECC_KEY_EXPORT
x = FOURK_BUF;
x = sizeof(exportBuf);
ret = wc_ecc_export_private_only(&key, exportBuf, &x);
if (ret != 0) {
ERROR_OUT(-9621, done);
@ -18293,7 +18242,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
ERROR_OUT(-9622, done);
}
x = FOURK_BUF;
x = sizeof(exportBuf);
ret = wc_ecc_export_x963_ex(&key, exportBuf, &x, 0);
if (ret == 0) {
ERROR_OUT(-9623, done);
@ -18321,7 +18270,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
#ifdef HAVE_ECC_KEY_EXPORT
/* export should still fail, is private only key */
x = FOURK_BUF;
x = sizeof(exportBuf);
ret = wc_ecc_export_x963_ex(&key, exportBuf, &x, 0);
if (ret == 0) {
ERROR_OUT(-9627, done);
@ -18329,13 +18278,13 @@ static int ecc_test_make_pub(WC_RNG* rng)
#endif /* HAVE_ECC_KEY_EXPORT */
#if defined(WOLFSSL_CRYPTOCELL)
/* create a new key since building private key from public key is unsupported */
ret = wc_ecc_make_key(rng, 32, &key);
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &key);
if (ret == 0) {
ERROR_OUT(-9628, done);
}
#endif
#ifdef HAVE_ECC_SIGN
tmpSz = FOURK_BUF;
tmpSz = sizeof(tmp);
ret = 0;
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
@ -18369,7 +18318,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
TEST_SLEEP();
#ifdef HAVE_ECC_KEY_EXPORT
/* exporting the public part should now work */
x = FOURK_BUF;
x = sizeof(exportBuf);
ret = wc_ecc_export_x963_ex(&key, exportBuf, &x, 0);
if (ret != 0) {
ERROR_OUT(-9632, done);
@ -18381,7 +18330,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
#if defined(HAVE_ECC_DHE) && defined(HAVE_ECC_KEY_EXPORT)
/* now test private only key with creating a shared secret */
x = FOURK_BUF;
x = sizeof(exportBuf);
ret = wc_ecc_export_private_only(&key, exportBuf, &x);
if (ret != 0) {
ERROR_OUT(-9633, done);
@ -18396,7 +18345,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
}
/* check that public export fails with private only key */
x = FOURK_BUF;
x = sizeof(exportBuf);
ret = wc_ecc_export_x963_ex(&key, exportBuf, &x, 0);
if (ret == 0) {
ERROR_OUT(-9635, done);
@ -18404,7 +18353,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
/* make public key for shared secret */
wc_ecc_init_ex(&pub, HEAP_HINT, devId);
ret = wc_ecc_make_key(rng, 32, &pub);
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &pub);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &pub.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -18413,7 +18362,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
}
TEST_SLEEP();
x = FOURK_BUF;
x = sizeof(exportBuf);
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
@ -18433,9 +18382,6 @@ static int ecc_test_make_pub(WC_RNG* rng)
done:
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(exportBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_ecc_del_point_h(pubPoint, HEAP_HINT);
wc_ecc_free(&key);
@ -18492,7 +18438,6 @@ static int ecc_test_key_decode(WC_RNG* rng, int keySize)
}
#endif /* HAVE_ECC_KEY_IMPORT */
#ifdef WOLFSSL_KEY_GEN
static int ecc_test_key_gen(WC_RNG* rng, int keySize)
{
int ret = 0;
@ -18500,20 +18445,9 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
#ifdef HAVE_PKCS8
word32 pkcs8Sz;
#endif
byte* der;
byte* pem;
byte der[ECC_BUFSIZE];
ecc_key userA;
der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL) {
return -9638;
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return -9639;
}
ret = wc_ecc_init_ex(&userA, HEAP_HINT, devId);
if (ret != 0)
goto done;
@ -18531,19 +18465,19 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
goto done;
TEST_SLEEP();
derSz = wc_EccKeyToDer(&userA, der, FOURK_BUF);
derSz = wc_EccKeyToDer(&userA, der, sizeof(der));
if (derSz < 0) {
ERROR_OUT(derSz, done);
}
ret = SaveDerAndPem(der, derSz, pem, FOURK_BUF, eccCaKeyTempFile,
eccCaKeyPemFile, ECC_PRIVATEKEY_TYPE, -8347);
ret = SaveDerAndPem(der, derSz, eccCaKeyTempFile, eccCaKeyPemFile,
ECC_PRIVATEKEY_TYPE, -8347);
if (ret != 0) {
goto done;
}
/* test export of public key */
derSz = wc_EccPublicKeyToDer(&userA, der, FOURK_BUF, 1);
derSz = wc_EccPublicKeyToDer(&userA, der, sizeof(der), 1);
if (derSz < 0) {
ERROR_OUT(derSz, done);
}
@ -18551,8 +18485,7 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
ERROR_OUT(-9640, done);
}
ret = SaveDerAndPem(der, derSz, NULL, 0, eccPubKeyDerFile,
NULL, 0, -8348);
ret = SaveDerAndPem(der, derSz, eccPubKeyDerFile, NULL, 0, -8348);
if (ret != 0) {
goto done;
}
@ -18569,8 +18502,7 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
ERROR_OUT(-9641, done);
}
ret = SaveDerAndPem(der, derSz, NULL, 0, eccPkcs8KeyDerFile,
NULL, 0, -8349);
ret = SaveDerAndPem(der, derSz, eccPkcs8KeyDerFile, NULL, 0, -8349);
if (ret != 0) {
goto done;
}
@ -18578,13 +18510,10 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
done:
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_ecc_free(&userA);
return ret;
}
#endif /* WOLFSSL_KEY_GEN */
static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
int curve_id, const ecc_set_type* dp)
@ -18959,7 +18888,6 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
}
#endif
#ifdef WOLFSSL_KEY_GEN
ret = ecc_test_key_decode(rng, keySize);
if (ret < 0) {
if (ret == ECC_CURVE_OID_E) {
@ -18981,7 +18909,6 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
return ret;
}
}
#endif
return 0;
}
@ -19491,7 +19418,7 @@ static int ecc_def_curve_test(WC_RNG *rng)
goto done;
}
ret = wc_ecc_make_key(rng, 32, &key);
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &key);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -19813,22 +19740,23 @@ static int ecc_test_cert_gen(WC_RNG* rng)
#ifdef WOLFSSL_TEST_CERT
DecodedCert decode;
#endif
byte* der;
byte* pem = NULL;
#ifdef WOLFSSL_SMALL_STACK
byte* der = NULL;
#else
byte der[FOURK_BUF];
#endif
ecc_key caEccKey;
ecc_key certPubKey;
XMEMSET(&caEccKey, 0, sizeof(caEccKey));
XMEMSET(&certPubKey, 0, sizeof(certPubKey));
#ifdef WOLFSSL_SMALL_STACK
der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (der == NULL) {
ERROR_OUT(-9817, exit);
}
pem = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (pem == NULL) {
ERROR_OUT(-9818, exit);
}
#endif
/* Get cert private key */
#ifdef ENABLE_ECC384_CERT_GEN_TEST
@ -19879,7 +19807,7 @@ static int ecc_test_cert_gen(WC_RNG* rng)
ERROR_OUT(-9823, exit);
}
ret = wc_ecc_make_key(rng, 32, &certPubKey);
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &certPubKey);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &certPubKey.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -19979,19 +19907,19 @@ static int ecc_test_cert_gen(WC_RNG* rng)
FreeDecodedCert(&decode);
#endif
ret = SaveDerAndPem(der, certSz, pem, FOURK_BUF, certEccDerFile,
certEccPemFile, CERT_TYPE, -6735);
ret = SaveDerAndPem(der, certSz, certEccDerFile, certEccPemFile,
CERT_TYPE, -6735);
if (ret != 0) {
goto exit;
}
exit:
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
wc_ecc_free(&certPubKey);
wc_ecc_free(&caEccKey);
XFREE(pem, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
#endif /* WOLFSSL_CERT_GEN */
@ -20008,7 +19936,7 @@ static int ecc_test_allocator(WC_RNG* rng)
ERROR_OUT(-9833, exit);
}
ret = wc_ecc_make_key(rng, 32, key);
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, key);
if (ret != 0) {
ERROR_OUT(-9834, exit);
}
@ -20208,7 +20136,7 @@ int ecc_encrypt_test(void)
if (ret != 0)
goto done;
ret = wc_ecc_make_key(&rng, 32, &userA);
ret = wc_ecc_make_key(&rng, ECC_KEYGEN_SIZE, &userA);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &userA.asyncDev, WC_ASYNC_FLAG_NONE);
#endif
@ -20216,7 +20144,7 @@ int ecc_encrypt_test(void)
ret = -10001; goto done;
}
ret = wc_ecc_make_key(&rng, 32, &userB);
ret = wc_ecc_make_key(&rng, ECC_KEYGEN_SIZE, &userB);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &userB.asyncDev, WC_ASYNC_FLAG_NONE);
#endif

5
wolfssl/wolfcrypt/asn.h
View File

@ -326,6 +326,8 @@ enum Misc_ASN {
/* Maximum DER digest size */
MAX_DER_DIGEST_ASN_SZ = MAX_ENCODED_DIG_ASN_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ,
/* Maximum DER digest ASN header size */
/* Max X509 header length indicates the max length + 2 ('\n', '\0') */
MAX_X509_HEADER_SZ = (37 + 2), /* Maximum PEM Header/Footer Size */
#ifdef WOLFSSL_CERT_GEN
#ifdef WOLFSSL_CERT_REQ
/* Max encoded cert req attributes length */
@ -377,7 +379,8 @@ enum Misc_ASN {
PKCS5_SALT_SZ = 8,
PEM_LINE_LEN = 80, /* PEM line max + fudge */
PEM_LINE_SZ = 64, /* Length of Base64 encoded line, not including new line */
PEM_LINE_LEN = PEM_LINE_SZ + 12, /* PEM line max + fudge */
};