ssl: refactoring CyaSSL_DH_generate_key to reduce stack usage:

--- variable tmpRNG moved to the heap (sizeof(RNG) saved)
--- variable pub moved to the heap (1024 bytes saved)
--- variable priv moved to the heap (1024 bytes saved)
This commit is contained in:
Moisés Guimarães 2014-09-12 14:05:33 -03:00
parent 6b7dbb9f2a
commit 5605a24e4f

123
src/ssl.c
View File

@ -10500,70 +10500,87 @@ int CyaSSL_DH_size(CYASSL_DH* dh)
/* return SSL_SUCCESS on ok, else 0 */ /* return SSL_SUCCESS on ok, else 0 */
int CyaSSL_DH_generate_key(CYASSL_DH* dh) int CyaSSL_DH_generate_key(CYASSL_DH* dh)
{ {
unsigned char pub [768]; int ret = 0;
unsigned char priv[768]; word32 pubSz = 768;
word32 pubSz = sizeof(pub); word32 privSz = 768;
word32 privSz = sizeof(priv); RNG* rng = NULL;
RNG tmpRNG; #ifdef CYASSL_SMALL_STACK
RNG* rng = &tmpRNG; unsigned char* pub = NULL;
unsigned char* priv = NULL;
RNG* tmpRNG = NULL;
#else
unsigned char pub [768];
unsigned char priv[768];
RNG tmpRNG[1];
#endif
CYASSL_MSG("CyaSSL_DH_generate_key"); CYASSL_MSG("CyaSSL_DH_generate_key");
if (dh == NULL || dh->p == NULL || dh->g == NULL) { #ifdef CYASSL_SMALL_STACK
tmpRNG = (RNG*)XMALLOC(sizeof(RNG), NULL, DYNAMIC_TYPE_TMP_BUFFER);
pub = (unsigned char*)XMALLOC(pubSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
priv = (unsigned char*)XMALLOC(privSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (tmpRNG == NULL || pub == NULL || priv == NULL) {
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
#endif
if (dh == NULL || dh->p == NULL || dh->g == NULL)
CYASSL_MSG("Bad function arguments"); CYASSL_MSG("Bad function arguments");
return 0; else if (dh->inSet == 0 && SetDhInternal(dh) < 0)
}
if (dh->inSet == 0) {
if (SetDhInternal(dh) < 0) {
CYASSL_MSG("Bad DH set internal"); CYASSL_MSG("Bad DH set internal");
return 0; else if (InitRng(tmpRNG) == 0)
} rng = tmpRNG;
} else {
if ( (InitRng(&tmpRNG)) != 0) {
CYASSL_MSG("Bad RNG Init, trying global"); CYASSL_MSG("Bad RNG Init, trying global");
if (initGlobalRNG == 0) { if (initGlobalRNG == 0)
CYASSL_MSG("Global RNG no Init"); CYASSL_MSG("Global RNG no Init");
return 0; else
rng = &globalRNG;
}
if (rng) {
if (DhGenerateKeyPair((DhKey*)dh->internal, rng, priv, &privSz,
pub, &pubSz) < 0)
CYASSL_MSG("Bad DhGenerateKeyPair");
else {
if (dh->pub_key)
CyaSSL_BN_free(dh->pub_key);
dh->pub_key = CyaSSL_BN_new();
if (dh->pub_key == NULL)
CYASSL_MSG("Bad DH new pub");
if (dh->priv_key)
CyaSSL_BN_free(dh->priv_key);
dh->priv_key = CyaSSL_BN_new();
if (dh->priv_key == NULL)
CYASSL_MSG("Bad DH new priv");
if (dh->pub_key && dh->priv_key) {
if (CyaSSL_BN_bin2bn(pub, pubSz, dh->pub_key) == NULL)
CYASSL_MSG("Bad DH bn2bin error pub");
else if (CyaSSL_BN_bin2bn(priv, privSz, dh->priv_key) == NULL)
CYASSL_MSG("Bad DH bn2bin error priv");
else
ret = SSL_SUCCESS;
}
} }
rng = &globalRNG;
} }
if (DhGenerateKeyPair((DhKey*)dh->internal, rng, priv, &privSz, #ifdef CYASSL_SMALL_STACK
pub, &pubSz) < 0) { XFREE(tmpRNG, NULL, DYNAMIC_TYPE_TMP_BUFFER);
CYASSL_MSG("Bad DhGenerateKeyPair"); XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return 0; XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
} #endif
if (dh->pub_key) return ret;
CyaSSL_BN_free(dh->pub_key);
dh->pub_key = CyaSSL_BN_new();
if (dh->pub_key == NULL) {
CYASSL_MSG("Bad DH new pub");
return 0;
}
if (dh->priv_key)
CyaSSL_BN_free(dh->priv_key);
dh->priv_key = CyaSSL_BN_new();
if (dh->priv_key == NULL) {
CYASSL_MSG("Bad DH new priv");
return 0;
}
if (CyaSSL_BN_bin2bn(pub, pubSz, dh->pub_key) == NULL) {
CYASSL_MSG("Bad DH bn2bin error pub");
return 0;
}
if (CyaSSL_BN_bin2bn(priv, privSz, dh->priv_key) == NULL) {
CYASSL_MSG("Bad DH bn2bin error priv");
return 0;
}
CYASSL_MSG("CyaSSL_generate_key success");
return SSL_SUCCESS;
} }