mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #4736 from douzzer/20220107-cppcheck-hygiene

Browse Source 
cppcheck sweep
This commit is contained in:
David Garske 2022-01-10 12:52:22 -08:00 committed by GitHub
commit 5910ada93d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
38 changed files with 1316 additions and 1062 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -227,6 +227,7 @@ IDE/MDK-ARM/LPC43xx/LPC43xx/
!linuxkm/Makefile
/Kbuild
linuxkm/*.ko
linuxkm/*.ko.signed
linuxkm/Module.symvers
linuxkm/built-in.a
linuxkm/modules.order

1
configure.ac
View File

@ -7738,6 +7738,7 @@ echo " * MEMORY: $ENABLED_MEMORY"
echo " * I/O POOL: $ENABLED_IOPOOL"
echo " * wolfSentry: $ENABLED_WOLFSENTRY"
echo " * LIGHTY: $ENABLED_LIGHTY"
echo " * WPA Supplicant: $ENABLED_WPAS"
echo " * HAPROXY: $ENABLED_HAPROXY"
echo " * STUNNEL: $ENABLED_STUNNEL"
echo " * tcpdump: $ENABLED_TCPDUMP"

2
linuxkm/Kbuild
View File

@ -29,7 +29,7 @@ ifeq "$(WOLFSSL_CFLAGS)" ""
$(error $$WOLFSSL_CFLAGS is unset.)
endif
WOLFSSL_CFLAGS += -ffreestanding -Wframe-larger-than=$(MAX_STACK_FRAME_SIZE)
WOLFSSL_CFLAGS += -ffreestanding -Wframe-larger-than=$(MAX_STACK_FRAME_SIZE) -isystem $(shell $(CC) -print-file-name=include)
ifeq "$(KERNEL_ARCH)" "x86"
WOLFSSL_CFLAGS += -mpreferred-stack-boundary=4

4
linuxkm/include.am
View File

@ -10,4 +10,6 @@ EXTRA_DIST += m4/ax_linuxkm.m4 \
linuxkm/module_exports.c.template \
linuxkm/pie_first.c \
linuxkm/pie_redirect_table.c \
linuxkm/pie_last.c
linuxkm/pie_last.c \
linuxkm/linuxkm_memory.c \
linuxkm/linuxkm_wc_port.h

307
linuxkm/linuxkm_memory.c Normal file
View File

@ -0,0 +1,307 @@
/* linuxkm_memory.c
*
* Copyright (C) 2006-2021 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* included by wolfcrypt/src/memory.c */
#if defined(WOLFSSL_LINUXKM_SIMD_X86)
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
static union fpregs_state **wolfcrypt_linuxkm_fpu_states = NULL;
#else
static struct fpstate **wolfcrypt_linuxkm_fpu_states = NULL;
#endif
#else
static unsigned int *wolfcrypt_linuxkm_fpu_states = NULL;
#endif
static WARN_UNUSED_RESULT inline int am_in_hard_interrupt_handler(void)
{
return (preempt_count() & (NMI_MASK | HARDIRQ_MASK)) != 0;
}
WARN_UNUSED_RESULT int allocate_wolfcrypt_linuxkm_fpu_states(void)
{
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
wolfcrypt_linuxkm_fpu_states =
(union fpregs_state **)kzalloc(nr_cpu_ids
* sizeof(struct fpu_state *),
GFP_KERNEL);
#else
wolfcrypt_linuxkm_fpu_states =
(struct fpstate **)kzalloc(nr_cpu_ids
* sizeof(struct fpstate *),
GFP_KERNEL);
#endif
#else
wolfcrypt_linuxkm_fpu_states =
(unsigned int *)kzalloc(nr_cpu_ids * sizeof(unsigned int),
GFP_KERNEL);
#endif
if (! wolfcrypt_linuxkm_fpu_states) {
pr_err("warning, allocation of %lu bytes for "
"wolfcrypt_linuxkm_fpu_states failed.\n",
nr_cpu_ids * sizeof(struct fpu_state *));
return MEMORY_E;
}
#ifdef LINUXKM_SIMD_IRQ
{
typeof(nr_cpu_ids) i;
for (i=0; i<nr_cpu_ids; ++i) {
_Static_assert(sizeof(union fpregs_state) <= PAGE_SIZE,
"union fpregs_state is larger than expected.");
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
wolfcrypt_linuxkm_fpu_states[i] =
(union fpregs_state *)kzalloc(PAGE_SIZE
/* sizeof(union fpregs_state) */,
GFP_KERNEL);
#else
wolfcrypt_linuxkm_fpu_states[i] =
(struct fpstate *)kzalloc(PAGE_SIZE
/* sizeof(struct fpstate) */,
GFP_KERNEL);
#endif
if (! wolfcrypt_linuxkm_fpu_states[i])
break;
/* double-check that the allocation is 64-byte-aligned as needed
* for xsave.
*/
if ((unsigned long)wolfcrypt_linuxkm_fpu_states[i] & 63UL) {
pr_err("warning, allocation for wolfcrypt_linuxkm_fpu_states "
"was not properly aligned (%px).\n",
wolfcrypt_linuxkm_fpu_states[i]);
kfree(wolfcrypt_linuxkm_fpu_states[i]);
wolfcrypt_linuxkm_fpu_states[i] = 0;
break;
}
}
if (i < nr_cpu_ids) {
pr_err("warning, only %u/%u allocations succeeded for "
"wolfcrypt_linuxkm_fpu_states.\n",
i, nr_cpu_ids);
return MEMORY_E;
}
}
#endif /* LINUXKM_SIMD_IRQ */
return 0;
}
void free_wolfcrypt_linuxkm_fpu_states(void)
{
if (wolfcrypt_linuxkm_fpu_states) {
#ifdef LINUXKM_SIMD_IRQ
typeof(nr_cpu_ids) i;
for (i=0; i<nr_cpu_ids; ++i) {
if (wolfcrypt_linuxkm_fpu_states[i])
kfree(wolfcrypt_linuxkm_fpu_states[i]);
}
#endif /* LINUXKM_SIMD_IRQ */
kfree(wolfcrypt_linuxkm_fpu_states);
wolfcrypt_linuxkm_fpu_states = 0;
}
}
WARN_UNUSED_RESULT int save_vector_registers_x86(void)
{
int processor_id;
preempt_disable();
processor_id = smp_processor_id();
{
static int _warned_on_null = -1;
if ((wolfcrypt_linuxkm_fpu_states == NULL)
#ifdef LINUXKM_SIMD_IRQ
|| (wolfcrypt_linuxkm_fpu_states[processor_id] == NULL)
#endif
)
{
preempt_enable();
if (_warned_on_null < processor_id) {
_warned_on_null = processor_id;
pr_err("save_vector_registers_x86 called for cpu id %d "
"with null context buffer.\n", processor_id);
}
return BAD_STATE_E;
}
}
if (! irq_fpu_usable()) {
#ifdef LINUXKM_SIMD_IRQ
if (am_in_hard_interrupt_handler()) {
/* allow for nested calls */
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] != 0) {
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 255) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1];
return 0;
}
}
/* note, fpregs_lock() is not needed here, because
* interrupts/preemptions are already disabled here.
*/
{
/* save_fpregs_to_fpstate() only accesses fpu->state, which
* has stringent alignment requirements (64 byte cache
* line), but takes a pointer to the parent struct. work
* around this.
*/
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
struct fpu *fake_fpu_pointer =
(struct fpu *)(((char *)wolfcrypt_linuxkm_fpu_states[processor_id])
- offsetof(struct fpu, state));
copy_fpregs_to_fpstate(fake_fpu_pointer);
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
struct fpu *fake_fpu_pointer =
(struct fpu *)(((char *)wolfcrypt_linuxkm_fpu_states[processor_id])
- offsetof(struct fpu, state));
save_fpregs_to_fpstate(fake_fpu_pointer);
#else
struct fpu *fake_fpu_pointer =
(struct fpu *)(((char *)wolfcrypt_linuxkm_fpu_states[processor_id])
- offsetof(struct fpu, fpstate));
save_fpregs_to_fpstate(fake_fpu_pointer);
#endif
}
/* mark the slot as used. */
((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] = 1;
/* note, not preempt_enable()ing, mirroring kernel_fpu_begin()
* semantics, even though routine will have been entered already
* non-preemptable.
*/
return 0;
} else
#endif /* LINUXKM_SIMD_IRQ */
{
preempt_enable();
return BAD_STATE_E;
}
} else {
/* allow for nested calls */
#ifdef LINUXKM_SIMD_IRQ
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] != 0) {
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 255) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1];
return 0;
}
}
kernel_fpu_begin();
preempt_enable(); /* kernel_fpu_begin() does its own
* preempt_disable(). decrement ours.
*/
((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] = 1;
#else /* !LINUXKM_SIMD_IRQ */
if (wolfcrypt_linuxkm_fpu_states[processor_id] != 0) {
if (wolfcrypt_linuxkm_fpu_states[processor_id] == ~0U) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++wolfcrypt_linuxkm_fpu_states[processor_id];
return 0;
}
}
kernel_fpu_begin();
preempt_enable(); /* kernel_fpu_begin() does its own
* preempt_disable(). decrement ours.
*/
wolfcrypt_linuxkm_fpu_states[processor_id] = 1;
#endif /* !LINUXKM_SIMD_IRQ */
return 0;
}
}
void restore_vector_registers_x86(void)
{
int processor_id = smp_processor_id();
if ((wolfcrypt_linuxkm_fpu_states == NULL)
#ifdef LINUXKM_SIMD_IRQ
|| (wolfcrypt_linuxkm_fpu_states[processor_id] == NULL)
#endif
)
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"with null context buffer.\n", processor_id);
return;
}
#ifdef LINUXKM_SIMD_IRQ
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 0)
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"without saved context.\n", processor_id);
return;
}
if (--((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] > 0) {
preempt_enable(); /* preempt_disable count will still be nonzero after this decrement. */
return;
}
if (am_in_hard_interrupt_handler()) {
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
copy_kernel_to_fpregs(wolfcrypt_linuxkm_fpu_states[processor_id]);
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
__restore_fpregs_from_fpstate(wolfcrypt_linuxkm_fpu_states[processor_id],
xfeatures_mask_all);
#else
restore_fpregs_from_fpstate(wolfcrypt_linuxkm_fpu_states[processor_id],
fpu_kernel_cfg.max_features);
#endif
preempt_enable();
} else {
kernel_fpu_end();
}
#else /* !LINUXKM_SIMD_IRQ */
if (wolfcrypt_linuxkm_fpu_states[processor_id] == 0)
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"without saved context.\n", processor_id);
return;
}
if (--wolfcrypt_linuxkm_fpu_states[processor_id] > 0) {
preempt_enable(); /* preempt_disable count will still be nonzero after this decrement. */
return;
}
kernel_fpu_end();
#endif /* !LINUXKM_SIMD_IRQ */
return;
}
#endif /* WOLFSSL_LINUXKM_SIMD_X86 && WOLFSSL_LINUXKM_SIMD_X86_IRQ_ALLOWED */

623
linuxkm/linuxkm_wc_port.h Normal file
View File

@ -0,0 +1,623 @@
/* linuxkm_wc_port.h
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* included by wolfssl/wolfcrypt/wc_port.h */
#ifndef LINUXKM_WC_PORT_H
#define LINUXKM_WC_PORT_H
#ifdef HAVE_CONFIG_H
#ifndef PACKAGE_NAME
#error wc_port.h included before config.h
#endif
/* config.h is autogenerated without gating, and is subject to repeat
* inclusions, so gate it out here to keep autodetection masking
* intact:
*/
#undef HAVE_CONFIG_H
#endif
#ifdef BUILDING_WOLFSSL
#if defined(CONFIG_MIPS) && defined(HAVE_LINUXKM_PIE_SUPPORT)
/* __ZBOOT__ disables some unhelpful macros around the mem*() funcs in
* legacy arch/mips/include/asm/string.h
*/
#define __ZBOOT__
#define memcmp __builtin_memcmp
#define __ARCH_MEMCMP_NO_REDIRECT
#define __ARCH_MEMCPY_NO_REDIRECT
#define __builtin_memcpy memcpy
extern void *memcpy(void *dest, const void *src, unsigned int n);
#define __ARCH_MEMCPY_NO_REDIRECT
#define __builtin_memset memset
extern void *memset(void *dest, int c, unsigned int n);
#endif
_Pragma("GCC diagnostic push");
/* we include all the needed kernel headers with these masked out. else
* there are profuse warnings.
*/
_Pragma("GCC diagnostic ignored \"-Wunused-parameter\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-arith\"");
_Pragma("GCC diagnostic ignored \"-Wshadow\"");
_Pragma("GCC diagnostic ignored \"-Wnested-externs\"");
_Pragma("GCC diagnostic ignored \"-Wredundant-decls\"");
_Pragma("GCC diagnostic ignored \"-Wsign-compare\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-sign\"");
_Pragma("GCC diagnostic ignored \"-Wbad-function-cast\"");
_Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\"");
_Pragma("GCC diagnostic ignored \"-Wtype-limits\"");
_Pragma("GCC diagnostic ignored \"-Wswitch-enum\"");
/* suppress inclusion of stdint-gcc.h to avoid conflicts with Linux native include/linux/types.h: */
#define _GCC_STDINT_H
#define WC_PTR_TYPE uintptr_t
#include <linux/kconfig.h>
#include <linux/kernel.h>
#include <linux/version.h>
#include <linux/ctype.h>
#include <linux/init.h>
#include <linux/module.h>
#ifdef __PIE__
/* without this, mm.h brings in static, but not inline, pmd_to_page(),
* with direct references to global vmem variables.
*/
#undef USE_SPLIT_PMD_PTLOCKS
#define USE_SPLIT_PMD_PTLOCKS 0
#endif
#include <linux/mm.h>
#ifndef SINGLE_THREADED
#include <linux/kthread.h>
#endif
#include <linux/net.h>
#include <linux/slab.h>
#if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_SP_X86_64_ASM)
#ifndef CONFIG_X86
#error X86 SIMD extensions requested, but CONFIG_X86 is not set.
#endif
#define WOLFSSL_LINUXKM_SIMD
#define WOLFSSL_LINUXKM_SIMD_X86
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#include <asm/i387.h>
#else
#include <asm/simd.h>
#endif
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 0, 0)
#include <asm/fpu/internal.h>
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 16, 0)
#error LINUXKM_SIMD_IRQ is unavailable on linux >= 5.16 (missing exports around fpregs)
/*
* #include <asm/fpu/sched.h>
* #include <asm/fpu/signal.h>
*/
#endif
#endif
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_x86(); if (_svr_ret != 0) { fail_clause } }
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_x86()
#endif
#elif defined(WOLFSSL_ARMASM) || defined(WOLFSSL_SP_ARM32_ASM) || \
defined(WOLFSSL_SP_ARM64_ASM) || defined(WOLFSSL_SP_ARM_THUMB_ASM) ||\
defined(WOLFSSL_SP_ARM_CORTEX_M_ASM)
#if !defined(CONFIG_ARM) && !defined(CONFIG_ARM64)
#error ARM SIMD extensions requested, but CONFIG_ARM* is not set.
#endif
#define WOLFSSL_LINUXKM_SIMD
#define WOLFSSL_LINUXKM_SIMD_ARM
#include <asm/fpsimd.h>
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_arm(); if (_svr_ret != 0) { fail_clause } }
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_arm()
#endif
#ifdef LINUXKM_SIMD_IRQ
#error LINUXKM_SIMD_IRQ is unavailable on ARM (not implemented)
#endif
#else
#ifndef WOLFSSL_NO_ASM
#define WOLFSSL_NO_ASM
#endif
#endif
_Pragma("GCC diagnostic pop");
/* the kernel uses -std=c89, but not -pedantic, and makes full use of anon
* structs/unions, so we should too.
*/
#define HAVE_ANONYMOUS_INLINE_AGGREGATES 1
#define NO_THREAD_LS
#define NO_ATTRIBUTE_CONSTRUCTOR
/* kvmalloc()/kvfree() and friends added in linux commit a7c3e901 */
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
#define HAVE_KVMALLOC
#endif
#ifdef HAVE_FIPS
extern int wolfCrypt_FIPS_first(void);
extern int wolfCrypt_FIPS_last(void);
#endif
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
/* work around backward dependency of asn.c on ssl.c. */
struct Signer;
struct Signer *GetCA(void *signers, unsigned char *hash);
#ifndef NO_SKID
struct Signer *GetCAByName(void* signers, unsigned char *hash);
#endif
#endif
#if defined(__PIE__) && !defined(USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE)
#error "compiling -fPIE without PIE support."
#endif
#if defined(HAVE_FIPS) && !defined(HAVE_LINUXKM_PIE_SUPPORT)
#error "FIPS build requires PIE support."
#endif
#ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE
#ifdef CONFIG_MIPS
#undef __ARCH_MEMCMP_NO_REDIRECT
#undef memcmp
extern int memcmp(const void *s1, const void *s2, size_t n);
#endif
struct wolfssl_linuxkm_pie_redirect_table {
#ifndef __ARCH_MEMCMP_NO_REDIRECT
typeof(memcmp) *memcmp;
#endif
#ifndef __ARCH_MEMCPY_NO_REDIRECT
typeof(memcpy) *memcpy;
#endif
#ifndef __ARCH_MEMSET_NO_REDIRECT
typeof(memset) *memset;
#endif
#ifndef __ARCH_MEMMOVE_NO_REDIRECT
typeof(memmove) *memmove;
#endif
#ifndef __ARCH_STRNCMP_NO_REDIRECT
typeof(strncmp) *strncmp;
#endif
#ifndef __ARCH_STRLEN_NO_REDIRECT
typeof(strlen) *strlen;
#endif
#ifndef __ARCH_STRSTR_NO_REDIRECT
typeof(strstr) *strstr;
#endif
#ifndef __ARCH_STRNCPY_NO_REDIRECT
typeof(strncpy) *strncpy;
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
typeof(strncat) *strncat;
#endif
#ifndef __ARCH_STRNCASECMP_NO_REDIRECT
typeof(strncasecmp) *strncasecmp;
#endif
typeof(kstrtoll) *kstrtoll;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)
typeof(_printk) *_printk;
#else
typeof(printk) *printk;
#endif
typeof(snprintf) *snprintf;
const unsigned char *_ctype;
typeof(kmalloc) *kmalloc;
typeof(kfree) *kfree;
typeof(ksize) *ksize;
typeof(krealloc) *krealloc;
#ifdef HAVE_KVMALLOC
typeof(kvmalloc_node) *kvmalloc_node;
typeof(kvfree) *kvfree;
#endif
typeof(is_vmalloc_addr) *is_vmalloc_addr;
typeof(kmem_cache_alloc_trace) *kmem_cache_alloc_trace;
typeof(kmalloc_order_trace) *kmalloc_order_trace;
typeof(get_random_bytes) *get_random_bytes;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(getnstimeofday) *getnstimeofday;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
typeof(current_kernel_time64) *current_kernel_time64;
#else
typeof(ktime_get_coarse_real_ts64) *ktime_get_coarse_real_ts64;
#endif
struct task_struct *(*get_current)(void);
int (*preempt_count)(void);
#ifdef WOLFSSL_LINUXKM_SIMD_X86
typeof(irq_fpu_usable) *irq_fpu_usable;
/* kernel_fpu_begin() replaced by kernel_fpu_begin_mask() in commit e4512289,
* released in kernel 5.11, backported to 5.4.93
*/
#ifdef kernel_fpu_begin
typeof(kernel_fpu_begin_mask) *kernel_fpu_begin_mask;
#else
typeof(kernel_fpu_begin) *kernel_fpu_begin;
#endif
typeof(kernel_fpu_end) *kernel_fpu_end;
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
typeof(copy_fpregs_to_fpstate) *copy_fpregs_to_fpstate;
typeof(copy_kernel_to_fpregs) *copy_kernel_to_fpregs;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
typeof(save_fpregs_to_fpstate) *save_fpregs_to_fpstate;
typeof(__restore_fpregs_from_fpstate) *__restore_fpregs_from_fpstate;
typeof(xfeatures_mask_all) *xfeatures_mask_all;
/*
* #else
* typeof(save_fpregs_to_fpstate) *save_fpregs_to_fpstate;
* typeof(restore_fpregs_from_fpstate) *restore_fpregs_from_fpstate;
* typeof(fpu_kernel_cfg) *fpu_kernel_cfg;
*/
#endif
#endif
typeof(cpu_number) *cpu_number;
typeof(nr_cpu_ids) *nr_cpu_ids;
#endif /* WOLFSSL_LINUXKM_SIMD_X86 */
typeof(__mutex_init) *__mutex_init;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(mutex_lock_nested) *mutex_lock_nested;
#else
typeof(mutex_lock) *mutex_lock;
#endif
typeof(mutex_unlock) *mutex_unlock;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(mutex_destroy) *mutex_destroy;
#endif
#ifdef HAVE_FIPS
typeof(wolfCrypt_FIPS_first) *wolfCrypt_FIPS_first;
typeof(wolfCrypt_FIPS_last) *wolfCrypt_FIPS_last;
#endif
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
typeof(GetCA) *GetCA;
#ifndef NO_SKID
typeof(GetCAByName) *GetCAByName;
#endif
#endif
const void *_last_slot;
};
extern const struct wolfssl_linuxkm_pie_redirect_table *wolfssl_linuxkm_get_pie_redirect_table(void);
#ifdef __PIE__
#ifndef __ARCH_MEMCMP_NO_REDIRECT
#define memcmp (wolfssl_linuxkm_get_pie_redirect_table()->memcmp)
#endif
#ifndef __ARCH_MEMCPY_NO_REDIRECT
#define memcpy (wolfssl_linuxkm_get_pie_redirect_table()->memcpy)
#endif
#ifndef __ARCH_MEMSET_NO_REDIRECT
#define memset (wolfssl_linuxkm_get_pie_redirect_table()->memset)
#endif
#ifndef __ARCH_MEMMOVE_NO_REDIRECT
#define memmove (wolfssl_linuxkm_get_pie_redirect_table()->memmove)
#endif
#ifndef __ARCH_STRNCMP_NO_REDIRECT
#define strncmp (wolfssl_linuxkm_get_pie_redirect_table()->strncmp)
#endif
#ifndef __ARCH_STRLEN_NO_REDIRECT
#define strlen (wolfssl_linuxkm_get_pie_redirect_table()->strlen)
#endif
#ifndef __ARCH_STRSTR_NO_REDIRECT
#define strstr (wolfssl_linuxkm_get_pie_redirect_table()->strstr)
#endif
#ifndef __ARCH_STRNCPY_NO_REDIRECT
#define strncpy (wolfssl_linuxkm_get_pie_redirect_table()->strncpy)
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
#define strncat (wolfssl_linuxkm_get_pie_redirect_table()->strncat)
#endif
#ifndef __ARCH_STRNCASECMP_NO_REDIRECT
#define strncasecmp (wolfssl_linuxkm_get_pie_redirect_table()->strncasecmp)
#endif
#define kstrtoll (wolfssl_linuxkm_get_pie_redirect_table()->kstrtoll)
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)
#define _printk (wolfssl_linuxkm_get_pie_redirect_table()->_printk)
#else
#define printk (wolfssl_linuxkm_get_pie_redirect_table()->printk)
#endif
#define snprintf (wolfssl_linuxkm_get_pie_redirect_table()->snprintf)
#define _ctype (wolfssl_linuxkm_get_pie_redirect_table()->_ctype)
#define kmalloc (wolfssl_linuxkm_get_pie_redirect_table()->kmalloc)
#define kfree (wolfssl_linuxkm_get_pie_redirect_table()->kfree)
#define ksize (wolfssl_linuxkm_get_pie_redirect_table()->ksize)
#define krealloc (wolfssl_linuxkm_get_pie_redirect_table()->krealloc)
#define kzalloc(size, flags) kmalloc(size, (flags) | __GFP_ZERO)
#ifdef HAVE_KVMALLOC
#define kvmalloc_node (wolfssl_linuxkm_get_pie_redirect_table()->kvmalloc_node)
#define kvfree (wolfssl_linuxkm_get_pie_redirect_table()->kvfree)
#endif
#define is_vmalloc_addr (wolfssl_linuxkm_get_pie_redirect_table()->is_vmalloc_addr)
#define kmem_cache_alloc_trace (wolfssl_linuxkm_get_pie_redirect_table()->kmem_cache_alloc_trace)
#define kmalloc_order_trace (wolfssl_linuxkm_get_pie_redirect_table()->kmalloc_order_trace)
#define get_random_bytes (wolfssl_linuxkm_get_pie_redirect_table()->get_random_bytes)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define getnstimeofday (wolfssl_linuxkm_get_pie_redirect_table()->getnstimeofday)
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
#define current_kernel_time64 (wolfssl_linuxkm_get_pie_redirect_table()->current_kernel_time64)
#else
#define ktime_get_coarse_real_ts64 (wolfssl_linuxkm_get_pie_redirect_table()->ktime_get_coarse_real_ts64)
#endif
#undef get_current
#define get_current (wolfssl_linuxkm_get_pie_redirect_table()->get_current)
#undef preempt_count
#define preempt_count (wolfssl_linuxkm_get_pie_redirect_table()->preempt_count)
#ifdef WOLFSSL_LINUXKM_SIMD_X86
#define irq_fpu_usable (wolfssl_linuxkm_get_pie_redirect_table()->irq_fpu_usable)
#ifdef kernel_fpu_begin
#define kernel_fpu_begin_mask (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_begin_mask)
#else
#define kernel_fpu_begin (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_begin)
#endif
#define kernel_fpu_end (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_end)
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
#define copy_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->copy_fpregs_to_fpstate)
#define copy_kernel_to_fpregs (wolfssl_linuxkm_get_pie_redirect_table()->copy_kernel_to_fpregs)
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
#define save_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->save_fpregs_to_fpstate)
#define __restore_fpregs_from_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->__restore_fpregs_from_fpstate)
#define xfeatures_mask_all (*(wolfssl_linuxkm_get_pie_redirect_table()->xfeatures_mask_all))
/*
* #else
* #define save_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->save_fpregs_to_fpstate)
* #define restore_fpregs_from_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->restore_fpregs_from_fpstate)
* #define fpu_kernel_cfg (*(wolfssl_linuxkm_get_pie_redirect_table()->fpu_kernel_cfg))
*/
#endif
#endif
#define cpu_number (*(wolfssl_linuxkm_get_pie_redirect_table()->cpu_number))
#define nr_cpu_ids (*(wolfssl_linuxkm_get_pie_redirect_table()->nr_cpu_ids))
#endif
#define __mutex_init (wolfssl_linuxkm_get_pie_redirect_table()->__mutex_init)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define mutex_lock_nested (wolfssl_linuxkm_get_pie_redirect_table()->mutex_lock_nested)
#else
#define mutex_lock (wolfssl_linuxkm_get_pie_redirect_table()->mutex_lock)
#endif
#define mutex_unlock (wolfssl_linuxkm_get_pie_redirect_table()->mutex_unlock)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define mutex_destroy (wolfssl_linuxkm_get_pie_redirect_table()->mutex_destroy)
#endif
/* per linux/ctype.h, tolower() and toupper() are macros bound to static inlines
* that use macros that bring in the _ctype global. for __PIE__, this needs to
* be masked out.
*/
#undef tolower
#undef toupper
#define tolower(c) (islower(c) ? (c) : ((c) + ('a'-'A')))
#define toupper(c) (isupper(c) ? (c) : ((c) - ('a'-'A')))
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
#define GetCA (wolfssl_linuxkm_get_pie_redirect_table()->GetCA)
#ifndef NO_SKID
#define GetCAByName (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByName)
#endif
#endif
#endif /* __PIE__ */
#endif /* USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE */
#ifdef WOLFSSL_LINUXKM_SIMD
#ifdef WOLFSSL_LINUXKM_SIMD_X86
extern __must_check int allocate_wolfcrypt_linuxkm_fpu_states(void);
extern void free_wolfcrypt_linuxkm_fpu_states(void);
extern __must_check int save_vector_registers_x86(void);
extern void restore_vector_registers_x86(void);
#elif defined(CONFIG_ARM) || defined(CONFIG_ARM64)
#error kernel module ARM SIMD is not yet tested or usable.
static WARN_UNUSED_RESULT inline int save_vector_registers_arm(void)
{
preempt_disable();
if (! may_use_simd()) {
preempt_enable();
return BAD_STATE_E;
} else {
fpsimd_preserve_current_state();
return 0;
}
}
static inline void restore_vector_registers_arm(void)
{
fpsimd_restore_current_state();
preempt_enable();
}
#endif
#endif /* WOLFSSL_LINUXKM_SIMD */
/* Linux headers define these using C expressions, but we need
* them to be evaluable by the preprocessor, for use in sp_int.h.
*/
#if BITS_PER_LONG == 64
_Static_assert(sizeof(ULONG_MAX) == 8, "BITS_PER_LONG is 64, but ULONG_MAX is not.");
#undef UCHAR_MAX
#define UCHAR_MAX 255
#undef USHRT_MAX
#define USHRT_MAX 65535
#undef UINT_MAX
#define UINT_MAX 4294967295U
#undef ULONG_MAX
#define ULONG_MAX 18446744073709551615UL
#undef ULLONG_MAX
#define ULLONG_MAX ULONG_MAX
#undef INT_MAX
#define INT_MAX 2147483647
#undef LONG_MAX
#define LONG_MAX 9223372036854775807L
#undef LLONG_MAX
#define LLONG_MAX LONG_MAX
#elif BITS_PER_LONG == 32
_Static_assert(sizeof(ULONG_MAX) == 4, "BITS_PER_LONG is 32, but ULONG_MAX is not.");
#undef UCHAR_MAX
#define UCHAR_MAX 255
#undef USHRT_MAX
#define USHRT_MAX 65535
#undef UINT_MAX
#define UINT_MAX 4294967295U
#undef ULONG_MAX
#define ULONG_MAX 4294967295UL
#undef INT_MAX
#define INT_MAX 2147483647
#undef LONG_MAX
#define LONG_MAX 2147483647L
#undef ULLONG_MAX
#undef LLONG_MAX
#if BITS_PER_LONG_LONG == 64
#define ULLONG_MAX 18446744073709551615UL
#define LLONG_MAX 9223372036854775807L
#else
#undef NO_64BIT
#define NO_64BIT
#define ULLONG_MAX ULONG_MAX
#define LLONG_MAX LONG_MAX
#endif
#else
#error unexpected BITS_PER_LONG value.
#endif
/* remove this multifariously conflicting macro, picked up from
* Linux arch/<arch>/include/asm/current.h.
*/
#ifndef WOLFSSL_NEED_LINUX_CURRENT
#undef current
#endif
/* prevent gcc's mm_malloc.h from being included, since it unconditionally
* includes stdlib.h, which is kernel-incompatible.
*/
#define _MM_MALLOC_H_INCLUDED
#ifdef HAVE_KVMALLOC
#define malloc(x) kvmalloc_node(x, GFP_KERNEL, NUMA_NO_NODE)
#define free(x) kvfree(x)
void *lkm_realloc(void *ptr, size_t newsize);
#define realloc(x, y) lkm_realloc(x, y)
#else
#define malloc(x) kmalloc(x, GFP_KERNEL)
#define free(x) kfree(x)
#define realloc(x,y) krealloc(x, y, GFP_KERNEL)
#endif
/* min() and max() in linux/kernel.h over-aggressively type-check, producing
* myriad spurious -Werrors throughout the codebase.
*/
#undef min
#undef max
/* work around namespace conflict between wolfssl/internal.h (enum HandShakeType)
* and linux/key.h (extern int()).
*/
#define key_update wc_key_update
#define lkm_printf(format, args...) printk(KERN_INFO "wolfssl: %s(): " format, __func__, ## args)
#define printf(...) lkm_printf(__VA_ARGS__)
#ifdef HAVE_FIPS
extern void fipsEntry(void);
#endif
/* suppress false-positive "writing 1 byte into a region of size 0" warnings
* building old kernels with new gcc:
*/
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
_Pragma("GCC diagnostic ignored \"-Wstringop-overflow\"");
#endif
/* includes are all above, with incompatible warnings masked out. */
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 0)
typedef __kernel_time_t time_t;
#else
typedef __kernel_time64_t time_t;
#endif
extern time_t time(time_t * timer);
#define XTIME time
#define WOLFSSL_GMTIME
#define XGMTIME(c, t) gmtime(c)
#define NO_TIMEVAL 1
#endif /* BUILDING_WOLFSSL */
#define XMALLOC(s, h, t) ({(void)(h); (void)(t); kmalloc(s, GFP_KERNEL);})
#define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) kfree(_xp);})
#define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); krealloc((p), (n), GFP_KERNEL);})
/* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
#define XSNPRINTF snprintf
/* the rigmarole around kstrtoll() here is to accommodate its warn-unused-result attribute. */
/* also needed to suppress inclusion of stdlib.h in wolfssl/wolfcrypt/types.h */
#define XATOI(s) ({ \
long long _xatoi_res = 0; \
int _xatoi_ret = kstrtoll(s, 10, &_xatoi_res); \
if (_xatoi_ret != 0) { \
_xatoi_res = 0; \
} \
(int)_xatoi_res; \
})
#define WOLFSSL_KTHREADS
typedef struct mutex wolfSSL_Mutex;
#endif /* LINUXKM_WC_PORT_H */

9
linuxkm/module_exports.c.template
View File

@ -31,8 +31,10 @@
#endif
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/ssl.h>
#include <wolfssl/internal.h>
#ifndef WOLFCRYPT_ONLY
#include <wolfssl/ssl.h>
#include <wolfssl/internal.h>
#endif
#ifndef NO_CRYPT_TEST
#include <wolfcrypt/test/test.h>
#include <linux/delay.h>
@ -110,6 +112,9 @@
#ifdef HAVE_PKCS7
#include <wolfssl/wolfcrypt/pkcs7.h>
#endif
#ifdef HAVE_PKCS12
#include <wolfssl/wolfcrypt/pkcs12.h>
#endif
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips.h>
#include <wolfssl/wolfcrypt/fips_test.h>

36
linuxkm/module_hooks.c
View File

@ -33,13 +33,17 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/ssl.h>
#ifdef WOLFCRYPT_ONLY
#include <wolfssl/version.h>
#else
#include <wolfssl/ssl.h>
#endif
#ifdef HAVE_FIPS
#include <wolfssl/wolfcrypt/fips_test.h>
#include <wolfssl/wolfcrypt/fips_test.h>
#endif
#ifndef NO_CRYPT_TEST
#include <wolfcrypt/test/test.h>
#include <linux/delay.h>
#include <wolfcrypt/test/test.h>
#include <linux/delay.h>
#endif
static int libwolfssl_cleanup(void) {
@ -170,7 +174,7 @@ static int wolfssl_init(void)
text_hash = 0;
}
if ((pie_rodata_start < pie_rodata_end) &&
if ((pie_rodata_start < pie_rodata_end) && // cppcheck-suppress comparePointers
(pie_rodata_start >= (char *)THIS_MODULE_BASE + THIS_MODULE_TEXT_SIZE) &&
(pie_rodata_end - (char *)THIS_MODULE_BASE <= THIS_MODULE_RO_SIZE))
{
@ -414,13 +418,21 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
kernel_fpu_begin;
#endif
wolfssl_linuxkm_pie_redirect_table.kernel_fpu_end = kernel_fpu_end;
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
wolfssl_linuxkm_pie_redirect_table.copy_fpregs_to_fpstate = my_copy_fpregs_to_fpstate;
wolfssl_linuxkm_pie_redirect_table.copy_kernel_to_fpregs = my_copy_kernel_to_fpregs;
#else
wolfssl_linuxkm_pie_redirect_table.save_fpregs_to_fpstate = save_fpregs_to_fpstate;
wolfssl_linuxkm_pie_redirect_table.__restore_fpregs_from_fpstate = __restore_fpregs_from_fpstate;
wolfssl_linuxkm_pie_redirect_table.xfeatures_mask_all = &xfeatures_mask_all;
#ifdef LINUXKM_SIMD_IRQ
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
wolfssl_linuxkm_pie_redirect_table.copy_fpregs_to_fpstate = my_copy_fpregs_to_fpstate;
wolfssl_linuxkm_pie_redirect_table.copy_kernel_to_fpregs = my_copy_kernel_to_fpregs;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 16, 0)
wolfssl_linuxkm_pie_redirect_table.save_fpregs_to_fpstate = save_fpregs_to_fpstate;
wolfssl_linuxkm_pie_redirect_table.__restore_fpregs_from_fpstate = __restore_fpregs_from_fpstate;
wolfssl_linuxkm_pie_redirect_table.xfeatures_mask_all = &xfeatures_mask_all;
/*
* #else
* wolfssl_linuxkm_pie_redirect_table.save_fpregs_to_fpstate = save_fpregs_to_fpstate;
* wolfssl_linuxkm_pie_redirect_table.restore_fpregs_from_fpstate = restore_fpregs_from_fpstate;
* wolfssl_linuxkm_pie_redirect_table.fpu_kernel_cfg = &fpu_kernel_cfg;
*/
#endif
#endif
wolfssl_linuxkm_pie_redirect_table.cpu_number = &cpu_number;
wolfssl_linuxkm_pie_redirect_table.nr_cpu_ids = &nr_cpu_ids;

27
src/internal.c
View File

@ -1641,7 +1641,7 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf,
word16 length = 0;
int version = 0;
int ret = 0;
int optSz;
int optSz = 0;
int rc;
byte validProto = 0; /* did we find a valid protocol */
@ -1825,8 +1825,8 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf,
#ifndef WOLFSSL_AEAD_ONLY
/* set hmac function to use when verifying */
if (ssl->options.tls == 1 || ssl->options.tls1_1 == 1 ||
ssl->options.dtls == 1) {
if (ret == 0 && (ssl->options.tls == 1 || ssl->options.tls1_1 == 1 ||
ssl->options.dtls == 1)) {
#if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
!defined(WOLFSSL_RENESAS_TSIP_TLS)
ssl->hmac = TLS_hmac;
@ -4318,7 +4318,7 @@ int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
int hashAlgo, RsaKey* key, buffer* keyBufInfo)
{
int ret;
int ret = SIG_VERIFY_E;
#ifdef HAVE_PK_CALLBACKS
const byte* keyBuf = NULL;
@ -4592,7 +4592,7 @@ int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
RsaKey* key, buffer* keyBufInfo)
{
int ret;
int ret = BAD_FUNC_ARG;
#ifdef HAVE_PK_CALLBACKS
const byte* keyBuf = NULL;
word32 keySz = 0;
@ -4710,7 +4710,7 @@ int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
word32 outSz, ecc_key* key, buffer* keyBufInfo)
{
int ret;
int ret = SIG_VERIFY_E;
#ifdef HAVE_PK_CALLBACKS
const byte* keyBuf = NULL;
word32 keySz = 0;
@ -5751,12 +5751,14 @@ int InitSSL_Suites(WOLFSSL* ssl)
#ifndef NO_PSK
havePSK = (byte)ssl->options.havePSK;
#endif /* NO_PSK */
#if !defined(NO_CERTS) && !defined(WOLFSSL_SESSION_EXPORT)
#ifdef HAVE_ANON
haveAnon = (byte)ssl->options.haveAnon;
#endif /* HAVE_ANON*/
#ifdef WOLFSSL_MULTICAST
haveMcast = (byte)ssl->options.haveMcast;
#endif /* WOLFSSL_MULTICAST */
#endif /* !NO_CERTS && !WOLFSSL_SESSION_EXPORT */
#ifdef WOLFSSL_EARLY_DATA
if (ssl->options.side == WOLFSSL_SERVER_END)
@ -21475,9 +21477,6 @@ const char* GetCipherEncStr(char n[][MAX_SEGMENT_SZ]) {
int IsCipherAEAD(char n[][MAX_SEGMENT_SZ])
{
const char *n1,*n2,*n3;
n1 = n[1];
n2 = n[2];
n3 = n[3];
WOLFSSL_ENTER("IsCipherAEAD");
@ -21486,6 +21485,10 @@ int IsCipherAEAD(char n[][MAX_SEGMENT_SZ])
return 0;
}
n1 = n[1];
n2 = n[2];
n3 = n[3];
if ((XSTRNCMP(n2,"GCM",3) == 0) || (XSTRNCMP(n3,"GCM",3) == 0) ||
(XSTRNCMP(n1,"CCM",3) == 0) ||
(XSTRNCMP(n2,"CCM",3) == 0) || (XSTRNCMP(n3,"CCM",3) == 0) ||
@ -22820,9 +22823,7 @@ exit_dpk:
byte *output;
word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
int sendSz;
int idSz = ssl->options.resuming
? ssl->session.sessionIDSz
: 0;
int idSz;
int ret;
word16 extSz = 0;
@ -22830,6 +22831,8 @@ exit_dpk:
return BAD_FUNC_ARG;
}
idSz = ssl->options.resuming ? ssl->session.sessionIDSz : 0;
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version))
return SendTls13ClientHello(ssl);

2
src/sniffer.c
View File

@ -364,7 +364,7 @@ static const char* const msgTable[] =
static void GetError(int idx, char* str)
{
if (str == NULL ||
idx < 0 || idx > (int)(sizeof(msgTable)/sizeof(const char* const)))
idx <= 0 || idx > (int)(sizeof(msgTable)/sizeof(const char* const)))
return;
XSTRNCPY(str, msgTable[idx - 1], MAX_ERROR_LEN-1);
str[MAX_ERROR_LEN-1] = '\0';

72
src/ssl.c
View File

@ -5457,12 +5457,12 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
(void)devId;
if (ctx == NULL && ssl == NULL)
ret = BAD_FUNC_ARG;
return BAD_FUNC_ARG;
if (!der || !keySz || !idx || !resetSuites || !keyFormat)
ret = BAD_FUNC_ARG;
return BAD_FUNC_ARG;
#ifndef NO_RSA
if (ret == 0 && (*keyFormat == 0 || *keyFormat == RSAk)) {
if ((*keyFormat == 0 || *keyFormat == RSAk)) {
/* make sure RSA key can be used */
#ifdef WOLFSSL_SMALL_STACK
RsaKey* key;
@ -5530,10 +5530,12 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, heap, DYNAMIC_TYPE_RSA);
#endif
if (ret != 0)
return ret;
}
#endif
#ifdef HAVE_ECC
if (ret == 0 && (*keyFormat == 0 || *keyFormat == ECDSAk)) {
if ((*keyFormat == 0 || *keyFormat == ECDSAk)) {
/* make sure ECC key can be used */
#ifdef WOLFSSL_SMALL_STACK
ecc_key* key;
@ -5593,10 +5595,12 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, heap, DYNAMIC_TYPE_ECC);
#endif
if (ret != 0)
return ret;
}
#endif /* HAVE_ECC */
#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
if (ret == 0 && (*keyFormat == 0 || *keyFormat == ED25519k)) {
if ((*keyFormat == 0 || *keyFormat == ED25519k)) {
/* make sure Ed25519 key can be used */
#ifdef WOLFSSL_SMALL_STACK
ed25519_key* key;
@ -5662,10 +5666,12 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, heap, DYNAMIC_TYPE_ED25519);
#endif
if (ret != 0)
return ret;
}
#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_IMPORT */
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
if (ret == 0 && (*keyFormat == 0 || *keyFormat == ED448k)) {
if ((*keyFormat == 0 || *keyFormat == ED448k)) {
/* make sure Ed448 key can be used */
#ifdef WOLFSSL_SMALL_STACK
ed448_key* key = NULL;
@ -5720,11 +5726,13 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, heap, DYNAMIC_TYPE_ED448);
#endif
if (ret != 0)
return ret;
}
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_PQC
if (ret == 0 && ((*keyFormat == 0) || (*keyFormat == FALCON_LEVEL1k) ||
(*keyFormat == FALCON_LEVEL5k))) {
if (((*keyFormat == 0) || (*keyFormat == FALCON_LEVEL1k) ||
(*keyFormat == FALCON_LEVEL5k))) {
/* make sure Falcon key can be used */
falcon_key* key = (falcon_key*)XMALLOC(sizeof(falcon_key), heap,
DYNAMIC_TYPE_FALCON);
@ -5768,7 +5776,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
}
ssl->buffers.keySz = *keySz;
}
else if (ctx) {
else {
if (*keyFormat == FALCON_LEVEL1k) {
ctx->privateKeyType = falcon_level1_sa_algo;
}
@ -5785,6 +5793,8 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
wc_falcon_free(key);
}
XFREE(key, heap, DYNAMIC_TYPE_FALCON);
if (ret != 0)
return ret;
}
#endif /* HAVE_PQC */
return ret;
@ -7154,7 +7164,7 @@ int wolfSSL_CTX_DisableOCSPMustStaple(WOLFSSL_CTX* ctx)
#define GET_VERIFY_SETTING_CTX(ctx) \
(ctx && ctx->verifyNone ? NO_VERIFY : VERIFY)
#define GET_VERIFY_SETTING_SSL(ssl) \
(ssl && ssl->options.verifyNone ? NO_VERIFY : VERIFY)
(ssl->options.verifyNone ? NO_VERIFY : VERIFY)
#ifndef NO_FILESYSTEM
@ -15423,7 +15433,9 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
#endif
return ret;
}
session = NULL; /* invalidate the provided session, only use ssl->session */
/* don't use the provided session pointer from here to end of func, only use
* ssl->session.
*/
#ifdef OPENSSL_EXTRA
/* check for application context id */
@ -15977,12 +15989,12 @@ int wolfSSL_get_session_stats(word32* active, word32* total, word32* peak,
&peak, &maxSessions);
if (ret != WOLFSSL_SUCCESS)
return ret;
printf("Total Sessions Seen = %d\n", totalSessionsSeen);
printf("Total Sessions Now = %d\n", totalSessionsNow);
printf("Total Sessions Seen = %u\n", totalSessionsSeen);
printf("Total Sessions Now = %u\n", totalSessionsNow);
#ifdef WOLFSSL_PEAK_SESSIONS
printf("Peak Sessions = %d\n", peak);
printf("Peak Sessions = %u\n", peak);
#endif
printf("Max Sessions = %d\n", maxSessions);
printf("Max Sessions = %u\n", maxSessions);
E = (double)totalSessionsSeen / SESSION_ROWS;
@ -18691,7 +18703,7 @@ int wolfSSL_CTX_get_max_proto_version(WOLFSSL_CTX* ctx)
options = wolfSSL_CTX_get_options(ctx);
}
if (ctx->maxProto) {
if ((ctx != NULL) && ctx->maxProto) {
ret = 0;
}
else {
@ -25197,7 +25209,7 @@ int wolfSSL_X509_cmp(const WOLFSSL_X509 *a, const WOLFSSL_X509 *b)
#endif
}
XSNPRINTF(tmp, sizeof(tmp) - 1,
"\n Exponent: %d (0x%x)\n",idx, idx);
"\n Exponent: %u (0x%x)\n",idx, idx);
if (wolfSSL_BIO_write(bio, tmp,
(int)XSTRLEN(tmp)) <= 0) {
XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -32056,13 +32068,15 @@ end:
int wolfSSL_SESSION_has_ticket(const WOLFSSL_SESSION* sess)
{
WOLFSSL_ENTER("wolfSSL_SESSION_has_ticket");
sess = GetSessionPtr(sess);
#ifdef HAVE_SESSION_TICKET
sess = GetSessionPtr(sess);
if (sess) {
if ((sess->ticketLen > 0) && (sess->ticket != NULL)) {
return WOLFSSL_SUCCESS;
}
}
#else
(void)sess;
#endif
return WOLFSSL_FAILURE;
}
@ -40969,7 +40983,7 @@ int wolfSSL_RSA_print(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa, int offset)
idx = ByteReverseWord32(idx);
#endif
}
XSNPRINTF(tmp, sizeof(tmp) - 1, "\nExponent: %d (0x%x)", idx, idx);
XSNPRINTF(tmp, sizeof(tmp) - 1, "\nExponent: %u (0x%x)", idx, idx);
if (wolfSSL_BIO_write(bio, tmp, (int)XSTRLEN(tmp)) <= 0) {
XFREE(rawKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
@ -44851,6 +44865,8 @@ err:
if (pemBio)
wolfSSL_BIO_free(pemBio);
return WOLFSSL_FAILURE;
#else /* ! (WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM) */
return WOLFSSL_FAILURE;
#endif /* WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM */
}
@ -55213,7 +55229,7 @@ int wolfSSL_PEM_write_bio_PKCS8PrivateKey(WOLFSSL_BIO* bio,
int algId;
const byte* curveOid;
word32 oidSz;
int encAlgId;
int encAlgId = 0;
if (bio == NULL || pkey == NULL)
return -1;
@ -62189,7 +62205,7 @@ int wolfSSL_i2d_PKCS7(PKCS7 *p7, unsigned char **out)
WOLFSSL_MSG("wc_InitRng error");
return WOLFSSL_FAILURE;
}
p7->rng = &rng;
p7->rng = &rng; // cppcheck-suppress autoVariables
}
if ((len = wc_PKCS7_EncodeSignedData(p7, NULL, 0)) < 0) {
@ -62536,13 +62552,13 @@ WOLFSSL_API PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
size_t boundLen = 0;
char* boundary = NULL;
static const char* kContType = "Content-Type";
static const char* kCTE = "Content-Transfer-Encoding";
static const char* kMultSigned = "multipart/signed";
static const char* kAppPkcsSign = "application/pkcs7-signature";
static const char* kAppXPkcsSign = "application/x-pkcs7-signature";
static const char* kAppPkcs7Mime = "application/pkcs7-mime";
static const char* kAppXPkcs7Mime = "application/x-pkcs7-mime";
static const char kContType[] = "Content-Type";
static const char kCTE[] = "Content-Transfer-Encoding";
static const char kMultSigned[] = "multipart/signed";
static const char kAppPkcsSign[] = "application/pkcs7-signature";
static const char kAppXPkcsSign[] = "application/x-pkcs7-signature";
static const char kAppPkcs7Mime[] = "application/pkcs7-mime";
static const char kAppXPkcs7Mime[] = "application/x-pkcs7-mime";
if (in == NULL || bcont == NULL) {

4
src/wolfio.c
View File

@ -1234,7 +1234,7 @@ int wolfIO_HttpProcessResponse(int sfd, const char** appStrList,
}
/* read data if no \r\n or first time */
if (end == NULL) {
if ((start == NULL) || (end == NULL)) {
result = wolfIO_Recv(sfd, (char*)httpBuf+len, httpBufSz-len-1, 0);
if (result > 0) {
len += result;
@ -2577,7 +2577,7 @@ int LwIPNativeReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx)
WOLFSSL_LWIP_NATIVE_STATE* nlwip;
int ret = 0;
if (nlwip == NULL || ctx == NULL) {
if (ctx == NULL) {
return WOLFSSL_CBIO_ERR_GENERAL;
}
nlwip = (WOLFSSL_LWIP_NATIVE_STATE*)ctx;

2
tests/api.c
View File

@ -4314,7 +4314,9 @@ static int nonblocking_accept_read(void* args, WOLFSSL* ssl, SOCKET_T* sockfd)
loop_count = ((func_args*)args)->argc;
#ifdef WOLFSSL_ASYNC_CRYPT
err = 0; /* Reset error */
#endif
do {
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {

74
wolfcrypt/src/asn.c
View File

@ -5508,7 +5508,7 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
DECL_ASNGETDATA(dataASN, rsaKeyASN_Length);
int ret = 0;
byte i;
byte version;
byte version = (byte)-1;
#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
word32 algId = 0;
#endif
@ -5674,13 +5674,15 @@ int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz,
int ret = 0;
word32 oid = 9;
byte version;
word32 idx = *inOutIdx;
word32 idx;
/* Check validity of parameters. */
if (input == NULL || inOutIdx == NULL) {
ret = BAD_FUNC_ARG;
return BAD_FUNC_ARG;
}
idx = *inOutIdx;
CALLOC_ASNGETDATA(dataASN, pkcs8KeyASN_Length, ret, NULL);
if (ret == 0) {
@ -7649,7 +7651,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
#else
DECL_ASNSETDATA(dataASN, p8EncPbes1ASN_Length);
int ret = 0;
int sz;
int sz = 0;
int version;
int id;
int blockSz = 0;
@ -8651,7 +8653,7 @@ int wc_DhParamsToDer(DhKey* key, byte* output, word32* outSz)
#else
ASNSetData dataASN[dhParamASN_Length];
int ret = 0;
int sz;
int sz = 0;
WOLFSSL_ENTER("wc_DhParamsToDer");
@ -9391,7 +9393,7 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header)
DECL_ASNSETDATA(dataASN, dsaPubKeyASN_Length);
int ret = 0;
int i;
int sz;
int sz = 0;
const ASNItem *data = NULL;
int count = 0;
@ -9542,7 +9544,7 @@ static int DsaKeyIntsToDer(DsaKey* key, byte* output, word32* inLen,
DECL_ASNSETDATA(dataASN, dsaKeyASN_Length);
int ret = 0;
int i;
int sz;
int sz = 0;
(void)ints;
@ -10802,8 +10804,8 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
/* store IP addresses as a string */
if (entry->len == WOLFSSL_IP4_ADDR_LEN) {
XSNPRINTF(tmpName, sizeof(tmpName), "%u.%u.%u.%u", 0xFF & ip[0],
0xFF & ip[1], 0xFF & ip[2], 0xFF & ip[3]);
XSNPRINTF(tmpName, sizeof(tmpName), "%u.%u.%u.%u", 0xFFu & ip[0],
0xFFu & ip[1], 0xFFu & ip[2], 0xFFu & ip[3]);
}
if (entry->len == WOLFSSL_IP6_ADDR_LEN) {
@ -20484,7 +20486,7 @@ static int SetRsaPublicKey(byte* output, RsaKey* key, int outLen,
return idx;
#else
DECL_ASNSETDATA(dataASN, rsaPublicKeyASN_Length);
int sz;
int sz = 0;
int ret = 0;
int o = 0;
@ -20646,7 +20648,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
#else
DECL_ASNSETDATA(dataASN, rsaKeyASN_Length);
byte i;
int sz;
int sz = 0;
int ret = 0;
if ((key == NULL) || (key->type != RSA_PRIVATE)) {
@ -21113,21 +21115,20 @@ static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
CALLOC_ASNSETDATA(dataASN, eccPublicKeyASN_Length, ret, key->heap);
if (ret == 0) {
/* Set the key type OID. */
SetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], ECDSAk,
oidKeyType);
/* Set the curve OID. */
SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID],
key->dp->oid, key->dp->oidSz);
/* Don't try to write out explicit parameters. */
dataASN[ECCPUBLICKEYASN_IDX_ALGOID_PARAMS].noOut = 1;
/* Set size of public point to ensure space is made for it. */
SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_PUBKEY], NULL, pubSz);
/* Calculate size of ECC public key. */
ret = SizeASN_Items(eccPublicKeyASN, dataASN,
eccPublicKeyASN_Length, &sz);
}
/* Set the key type OID. */
SetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], ECDSAk,
oidKeyType);
/* Set the curve OID. */
SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID],
key->dp->oid, key->dp->oidSz);
/* Don't try to write out explicit parameters. */
dataASN[ECCPUBLICKEYASN_IDX_ALGOID_PARAMS].noOut = 1;
/* Set size of public point to ensure space is made for it. */
SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_PUBKEY], NULL, pubSz);
/* Calculate size of ECC public key. */
ret = SizeASN_Items(eccPublicKeyASN, dataASN,
eccPublicKeyASN_Length, &sz);
/* Check buffer, if passed in, is big enough for encoded data. */
if ((ret == 0) && (output != NULL) && (sz > outLen)) {
ret = BUFFER_E;
@ -22035,7 +22036,7 @@ static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input)
int cnt = 1 + EKU_OID_HI;
int i;
int ret = 0;
int sz;
int sz = 0;
#ifdef WOLFSSL_EKU_OID
cnt += CTC_MAX_EKU_NB;
@ -22581,7 +22582,7 @@ static int EncodeName(EncodedName* name, const char* nameStr,
ASNItem namesASN[rdnASN_Length];
byte dnOid[DN_OID_SZ] = { 0x55, 0x04, 0x00 };
int ret = 0;
int sz;
int sz = 0;
const byte* oid;
int oidSz;
word32 nameSz;
@ -22953,7 +22954,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap)
ASNItem* namesASN = NULL;
int items = 0;
int ret = 0;
int sz;
int sz = 0;
/* Calculate length of name entries and size for allocating. */
ret = SetNameRdnItems(NULL, NULL, 0, name);
@ -24377,7 +24378,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
word32 issuerSz = 0;
word32 subjectSz = 0;
word32 extSz = 0;
int sz;
int sz = 0;
int ret = 0;
word32 issRawLen = 0;
word32 sbjRawLen = 0;
@ -25219,7 +25220,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
#else
DECL_ASNSETDATA(dataASN, certReqBodyASN_Length);
word32 publicKeySz, subjectSz, extSz;
int sz;
int sz = 0;
int ret = 0;
#if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA)
word32 sbjRawSz;
@ -26616,7 +26617,7 @@ int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g)
#else
ASNSetData dataASN[dhParamASN_Length];
int ret = 0;
int sz;
int sz = 0;
WOLFSSL_ENTER("StoreDHparams");
if (out == NULL) {
@ -28002,7 +28003,7 @@ static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
*inLen = totalSz;
#ifndef WOLFSSL_NO_MALLOC
XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (pub) {
if (pubIn) {
XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif
@ -28406,9 +28407,8 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
*privKeyLen = privSz;
XMEMCPY(privKey, priv, *privKeyLen);
if (pubKeyLen != NULL)
*pubKeyLen = pubSz;
if (pubKey != NULL && pubKeyLen != NULL)
*pubKeyLen = pubSz;
if (pubKey != NULL)
XMEMCPY(pubKey, pub, *pubKeyLen);
}
if (endKeyIdx != (int)*inOutIdx)
@ -30653,7 +30653,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
#else
DECL_ASNSETDATA(dataASN, ocspRequestASN_Length);
word32 extSz = 0;
int sz;
int sz = 0;
int ret = 0;
WOLFSSL_ENTER("EncodeOcspRequest");

6
wolfcrypt/src/dh.c
View File

@ -1736,10 +1736,8 @@ int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
if (ret == 0) {
if (mp_iszero(q) == MP_NO) {
/* priv (x) shouldn't be greater than q - 1 */
if (ret == 0) {
if (mp_copy(&key->q, q) != MP_OKAY)
ret = MP_INIT_E;
}
if (mp_copy(&key->q, q) != MP_OKAY)
ret = MP_INIT_E;
if (ret == 0) {
if (mp_sub_d(q, 1, q) != MP_OKAY)
ret = MP_SUB_E;

17
wolfcrypt/src/ecc.c
View File

@ -3706,6 +3706,9 @@ int wc_ecc_is_valid_idx(int n)
{
int x;
if (n >= (int)ECC_SET_COUNT)
return 0;
for (x = 0; ecc_sets[x].size != 0; x++)
;
/* -1 is a valid index --- indicating that the domain params
@ -5154,11 +5157,11 @@ static void wc_ecc_dump_oids(void)
for (i = 0; i < (int)oidSz; i++) {
sum += oid[i];
}
printf("Sum: %d\n", sum);
printf("Sum: %u\n", sum);
/* validate sum */
if (ecc_sets[x].oidSum != sum) {
printf(" Sum %d Not Valid!\n", ecc_sets[x].oidSum);
printf(" Sum %u Not Valid!\n", ecc_sets[x].oidSum);
}
}
mOidDumpDone = 1;
@ -11077,12 +11080,10 @@ static int accel_fp_mul2add(int idx1, int idx2,
first = 0;
}
if (zB && first == 0) {
if (zB) {
if ((err = ecc_projective_add_point_safe(R,
fp_cache[idx2].LUT[zB], R, a,
modulus, mp, &first)) != MP_OKAY){
break;
}
if ((err = ecc_projective_add_point_safe(R,
fp_cache[idx2].LUT[zB], R, a,
modulus, mp, &first)) != MP_OKAY){
break;
}
} else if (zB && first == 1) {
if ((mp_copy(fp_cache[idx2].LUT[zB]->x, R->x) != MP_OKAY) ||

146
wolfcrypt/src/evp.c
View File

@ -147,10 +147,6 @@
static const char EVP_AES_256_ECB[] = "AES-256-ECB";
#endif
#endif
#define EVP_AES_SIZE 11
#ifdef WOLFSSL_AES_CFB
#define EVP_AESCFB_SIZE 14
#endif
#endif
#ifndef NO_DES3
@ -159,23 +155,19 @@
static const char EVP_DES_EDE3_CBC[] = "DES-EDE3-CBC";
static const char EVP_DES_EDE3_ECB[] = "DES-EDE3-ECB";
#define EVP_DES_SIZE 7
#define EVP_DES_EDE3_SIZE 12
#endif
#ifdef HAVE_IDEA
static const char EVP_IDEA_CBC[] = "IDEA-CBC";
#define EVP_IDEA_SIZE 8
#endif
#ifndef NO_RC4
static const char EVP_ARC4[] = "ARC4";
#define EVP_ARC4_SIZE 4
#endif
static const char EVP_NULL[] = "NULL";
#define EVP_NULL_SIZE 4
#define EVP_CIPHER_TYPE_MATCHES(x, y) (XSTRCMP(x,y) == 0)
#define EVP_PKEY_PRINT_LINE_WIDTH_MAX 80
#define EVP_PKEY_PRINT_DIGITS_PER_LINE 15
@ -1047,140 +1039,140 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
{
if (cipher == NULL) return 0; /* dummy for #ifdef */
#ifndef NO_DES3
else if (XSTRNCMP(cipher, EVP_DES_CBC, EVP_DES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_CBC))
return DES_CBC_TYPE;
else if (XSTRNCMP(cipher, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_EDE3_CBC))
return DES_EDE3_CBC_TYPE;
#if !defined(NO_DES3)
else if (XSTRNCMP(cipher, EVP_DES_ECB, EVP_DES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_ECB))
return DES_ECB_TYPE;
else if (XSTRNCMP(cipher, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_DES_EDE3_ECB))
return DES_EDE3_ECB_TYPE;
#endif /* NO_DES3 && HAVE_AES_ECB */
#endif
#if !defined(NO_AES)
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CBC))
return AES_128_CBC_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CBC))
return AES_192_CBC_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CBC))
return AES_256_CBC_TYPE;
#endif
#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
#if defined(HAVE_AESGCM)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_GCM, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_GCM))
return AES_128_GCM_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_GCM, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_GCM))
return AES_192_GCM_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_GCM, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_GCM))
return AES_256_GCM_TYPE;
#endif
#endif /* HAVE_AESGCM */
#if defined(WOLFSSL_AES_COUNTER)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CTR))
return AES_128_CTR_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CTR))
return AES_192_CTR_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CTR))
return AES_256_CTR_TYPE;
#endif
#endif /* HAVE_AES_CBC */
#if defined(HAVE_AES_ECB)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_ECB))
return AES_128_ECB_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_ECB))
return AES_192_ECB_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_ECB))
return AES_256_ECB_TYPE;
#endif
#endif /*HAVE_AES_CBC */
#if defined(WOLFSSL_AES_XTS)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_XTS, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_XTS))
return AES_128_XTS_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_XTS, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_XTS))
return AES_256_XTS_TYPE;
#endif
#endif /* WOLFSSL_AES_XTS */
#if defined(WOLFSSL_AES_CFB)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB1))
return AES_128_CFB1_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB1))
return AES_192_CFB1_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB1))
return AES_256_CFB1_TYPE;
#endif
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB8))
return AES_128_CFB8_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB8))
return AES_192_CFB8_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB8))
return AES_256_CFB8_TYPE;
#endif
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_CFB128))
return AES_128_CFB128_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_CFB128))
return AES_192_CFB128_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_CFB128))
return AES_256_CFB128_TYPE;
#endif
#endif /*HAVE_AES_CBC */
#if defined(WOLFSSL_AES_OFB)
#ifdef WOLFSSL_AES_128
else if (XSTRNCMP(cipher, EVP_AES_128_OFB, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_OFB))
return AES_128_OFB_TYPE;
#endif
#ifdef WOLFSSL_AES_192
else if (XSTRNCMP(cipher, EVP_AES_192_OFB, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_192_OFB))
return AES_192_OFB_TYPE;
#endif
#ifdef WOLFSSL_AES_256
else if (XSTRNCMP(cipher, EVP_AES_256_OFB, EVP_AES_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_256_OFB))
return AES_256_OFB_TYPE;
#endif
#endif
#endif /* !NO_AES */
#ifndef NO_RC4
else if (XSTRNCMP(cipher, EVP_ARC4, EVP_ARC4_SIZE) == 0)
else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARC4))
return ARC4_TYPE;
#endif
else return 0;
@ -1995,10 +1987,10 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
}
ownPkey = 1;
pkey = wolfSSL_EVP_PKEY_new();
pkey->type = ctx->pkey->type;
if (pkey == NULL)
return ret;
return MEMORY_E;
pkey->type = ctx->pkey->type;
}
switch (pkey->type) {
@ -5034,7 +5026,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_CBC_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CBC, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CBC))) {
WOLFSSL_MSG("EVP_AES_128_CBC");
ctx->cipherType = AES_128_CBC_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5059,7 +5051,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_CBC_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_CBC, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CBC))) {
WOLFSSL_MSG("EVP_AES_192_CBC");
ctx->cipherType = AES_192_CBC_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5084,7 +5076,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_CBC_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_CBC, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CBC))) {
WOLFSSL_MSG("EVP_AES_256_CBC");
ctx->cipherType = AES_256_CBC_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5117,7 +5109,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#ifdef HAVE_AESGCM
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_GCM_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_GCM, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_GCM))) {
WOLFSSL_MSG("EVP_AES_128_GCM");
ctx->cipherType = AES_128_GCM_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5153,7 +5145,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_GCM_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_GCM, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_GCM))) {
WOLFSSL_MSG("EVP_AES_192_GCM");
ctx->cipherType = AES_192_GCM_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5189,7 +5181,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_GCM_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_GCM, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_GCM))) {
WOLFSSL_MSG("EVP_AES_256_GCM");
ctx->cipherType = AES_256_GCM_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5228,7 +5220,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#ifdef WOLFSSL_AES_COUNTER
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_CTR_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CTR, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CTR))) {
WOLFSSL_MSG("EVP_AES_128_CTR");
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
ctx->cipherType = AES_128_CTR_TYPE;
@ -5256,7 +5248,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_CTR_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_CTR, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CTR))) {
WOLFSSL_MSG("EVP_AES_192_CTR");
ctx->cipherType = AES_192_CTR_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5284,7 +5276,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_CTR_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_CTR, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CTR))) {
WOLFSSL_MSG("EVP_AES_256_CTR");
ctx->cipherType = AES_256_CTR_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5314,7 +5306,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#ifdef HAVE_AES_ECB
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_ECB_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_ECB, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_ECB))) {
WOLFSSL_MSG("EVP_AES_128_ECB");
ctx->cipherType = AES_128_ECB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5333,7 +5325,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_ECB_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_ECB, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_ECB))) {
WOLFSSL_MSG("EVP_AES_192_ECB");
ctx->cipherType = AES_192_ECB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5352,7 +5344,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_ECB_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_ECB, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_ECB))) {
WOLFSSL_MSG("EVP_AES_256_ECB");
ctx->cipherType = AES_256_ECB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5373,7 +5365,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#ifdef WOLFSSL_AES_CFB
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_CFB1_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CFB1, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB1))) {
WOLFSSL_MSG("EVP_AES_128_CFB1");
ctx->cipherType = AES_128_CFB1_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5397,7 +5389,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_CFB1_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_CFB1, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB1))) {
WOLFSSL_MSG("EVP_AES_192_CFB1");
ctx->cipherType = AES_192_CFB1_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5421,7 +5413,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_CFB1_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_CFB1, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB1))) {
WOLFSSL_MSG("EVP_AES_256_CFB1");
ctx->cipherType = AES_256_CFB1_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5449,7 +5441,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_256 */
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_CFB8_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CFB8, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB8))) {
WOLFSSL_MSG("EVP_AES_128_CFB8");
ctx->cipherType = AES_128_CFB8_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5473,7 +5465,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_CFB8_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_CFB8, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB8))) {
WOLFSSL_MSG("EVP_AES_192_CFB8");
ctx->cipherType = AES_192_CFB8_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5497,7 +5489,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_CFB8_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_CFB8, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB8))) {
WOLFSSL_MSG("EVP_AES_256_CFB8");
ctx->cipherType = AES_256_CFB8_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5525,7 +5517,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_256 */
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_CFB128_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_CFB128, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB128))) {
WOLFSSL_MSG("EVP_AES_128_CFB128");
ctx->cipherType = AES_128_CFB128_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5549,7 +5541,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_CFB128_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_CFB128, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB128))) {
WOLFSSL_MSG("EVP_AES_192_CFB128");
ctx->cipherType = AES_192_CFB128_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5573,7 +5565,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_CFB128_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_CFB128, EVP_AESCFB_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB128))) {
WOLFSSL_MSG("EVP_AES_256_CFB128");
ctx->cipherType = AES_256_CFB128_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5603,7 +5595,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#ifdef WOLFSSL_AES_OFB
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_OFB_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_OFB, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_OFB))) {
WOLFSSL_MSG("EVP_AES_128_OFB");
ctx->cipherType = AES_128_OFB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5627,7 +5619,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
if (ctx->cipherType == AES_192_OFB_TYPE ||
(type && XSTRNCMP(type, EVP_AES_192_OFB, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_OFB))) {
WOLFSSL_MSG("EVP_AES_192_OFB");
ctx->cipherType = AES_192_OFB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5651,7 +5643,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_192 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_OFB_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_OFB, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_OFB))) {
WOLFSSL_MSG("EVP_AES_256_OFB");
ctx->cipherType = AES_256_OFB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5681,7 +5673,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#ifdef WOLFSSL_AES_XTS
#ifdef WOLFSSL_AES_128
if (ctx->cipherType == AES_128_XTS_TYPE ||
(type && XSTRNCMP(type, EVP_AES_128_XTS, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_XTS))) {
WOLFSSL_MSG("EVP_AES_128_XTS");
ctx->cipherType = AES_128_XTS_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5711,7 +5703,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_256
if (ctx->cipherType == AES_256_XTS_TYPE ||
(type && XSTRNCMP(type, EVP_AES_256_XTS, EVP_AES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_XTS))) {
WOLFSSL_MSG("EVP_AES_256_XTS");
ctx->cipherType = AES_256_XTS_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5744,7 +5736,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#ifndef NO_DES3
if (ctx->cipherType == DES_CBC_TYPE ||
(type && XSTRNCMP(type, EVP_DES_CBC, EVP_DES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_CBC))) {
WOLFSSL_MSG("EVP_DES_CBC");
ctx->cipherType = DES_CBC_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5766,7 +5758,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
}
#ifdef WOLFSSL_DES_ECB
else if (ctx->cipherType == DES_ECB_TYPE ||
(type && XSTRNCMP(type, EVP_DES_ECB, EVP_DES_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_ECB))) {
WOLFSSL_MSG("EVP_DES_ECB");
ctx->cipherType = DES_ECB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5786,7 +5778,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif
else if (ctx->cipherType == DES_EDE3_CBC_TYPE ||
(type &&
XSTRNCMP(type, EVP_DES_EDE3_CBC, EVP_DES_EDE3_SIZE) == 0)) {
EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_CBC))) {
WOLFSSL_MSG("EVP_DES_EDE3_CBC");
ctx->cipherType = DES_EDE3_CBC_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5811,7 +5803,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
}
else if (ctx->cipherType == DES_EDE3_ECB_TYPE ||
(type &&
XSTRNCMP(type, EVP_DES_EDE3_ECB, EVP_DES_EDE3_SIZE) == 0)) {
EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_ECB))) {
WOLFSSL_MSG("EVP_DES_EDE3_ECB");
ctx->cipherType = DES_EDE3_ECB_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5830,7 +5822,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* NO_DES3 */
#ifndef NO_RC4
if (ctx->cipherType == ARC4_TYPE ||
(type && XSTRNCMP(type, EVP_ARC4, 4) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARC4))) {
WOLFSSL_MSG("ARC4");
ctx->cipherType = ARC4_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5844,7 +5836,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
#endif /* NO_RC4 */
#ifdef HAVE_IDEA
if (ctx->cipherType == IDEA_CBC_TYPE ||
(type && XSTRNCMP(type, EVP_IDEA_CBC, EVP_IDEA_SIZE) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_IDEA_CBC))) {
WOLFSSL_MSG("EVP_IDEA_CBC");
ctx->cipherType = IDEA_CBC_TYPE;
ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
@ -5867,7 +5859,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
}
#endif /* HAVE_IDEA */
if (ctx->cipherType == NULL_CIPHER_TYPE ||
(type && XSTRNCMP(type, EVP_NULL, 4) == 0)) {
(type && EVP_CIPHER_TYPE_MATCHES(type, EVP_NULL))) {
WOLFSSL_MSG("NULL cipher");
ctx->cipherType = NULL_CIPHER_TYPE;
ctx->keyLen = 0;

10
wolfcrypt/src/fe_low_mem.c
View File

@ -141,7 +141,7 @@ static void xc_diffadd(byte *x5, byte *z5,
}
#ifndef FREESCALE_LTC_ECC
int curve25519(byte *result, const byte *e, const byte *q)
int curve25519(byte *result, const byte *n, const byte *p)
{
/* Current point: P_m */
byte xm[F25519_SIZE];
@ -154,19 +154,19 @@ int curve25519(byte *result, const byte *e, const byte *q)
int i;
/* Note: bit 254 is assumed to be 1 */
lm_copy(xm, q);
lm_copy(xm, p);
for (i = 253; i >= 0; i--) {
const int bit = (e[i >> 3] >> (i & 7)) & 1;
const int bit = (n[i >> 3] >> (i & 7)) & 1;
byte xms[F25519_SIZE];
byte zms[F25519_SIZE];
/* From P_m and P_(m-1), compute P_(2m) and P_(2m-1) */
xc_diffadd(xm1, zm1, q, f25519_one, xm, zm, xm1, zm1);
xc_diffadd(xm1, zm1, p, f25519_one, xm, zm, xm1, zm1);
xc_double(xm, zm, xm, zm);
/* Compute P_(2m+1) */
xc_diffadd(xms, zms, xm1, zm1, xm, zm, q, f25519_one);
xc_diffadd(xms, zms, xm1, zm1, xm, zm, p, f25519_one);
/* Select:
* bit = 1 --> (P_(2m+1), P_(2m))

2
wolfcrypt/src/integer.c
View File

@ -1993,7 +1993,7 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
* one of many reduction algorithms without modding the guts of
* the code with if statements everywhere.
*/
int (*redux)(mp_int*,mp_int*,mp_digit) = NULL;
int (*redux)(mp_int*,mp_int*,mp_digit) = NULL; // cppcheck-suppress nullPointerRedundantCheck // cppcheck 2.6.3 false positive
#ifdef WOLFSSL_SMALL_STACK
M = (mp_int*) XMALLOC(sizeof(mp_int) * TAB_SIZE, NULL,

2
wolfcrypt/src/logging.c
View File

@ -487,7 +487,7 @@ void WOLFSSL_ERROR(int error)
if (error < 0)
error = error - (2 * error); /* get absolute value */
XSNPRINTF(buffer, sizeof(buffer),
"wolfSSL error occurred, error = %d line:%d file:%s",
"wolfSSL error occurred, error = %d line:%u file:%s",
error, line, file);
if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) {

201
wolfcrypt/src/memory.c
View File

@ -152,7 +152,7 @@ void* wolfSSL_Malloc(size_t size)
#ifdef WOLFSSL_DEBUG_MEMORY
#if defined(WOLFSSL_DEBUG_MEMORY_PRINT) && !defined(WOLFSSL_TRACK_MEMORY)
printf("Alloc: %p -> %u at %s:%d\n", res, (word32)size, func, line);
printf("Alloc: %p -> %u at %s:%u\n", res, (word32)size, func, line);
#else
(void)func;
(void)line;
@ -193,7 +193,7 @@ void wolfSSL_Free(void *ptr)
{
#ifdef WOLFSSL_DEBUG_MEMORY
#if defined(WOLFSSL_DEBUG_MEMORY_PRINT) && !defined(WOLFSSL_TRACK_MEMORY)
printf("Free: %p at %s:%d\n", ptr, func, line);
printf("Free: %p at %s:%u\n", ptr, func, line);
#else
(void)func;
(void)line;
@ -1140,197 +1140,6 @@ void __attribute__((no_instrument_function))
}
#endif
#if defined(WOLFSSL_LINUXKM_SIMD_X86)
static union fpregs_state **wolfcrypt_linuxkm_fpu_states = NULL;
static WARN_UNUSED_RESULT inline int am_in_hard_interrupt_handler(void)
{
return (preempt_count() & (NMI_MASK | HARDIRQ_MASK)) != 0;
}
WARN_UNUSED_RESULT int allocate_wolfcrypt_linuxkm_fpu_states(void)
{
wolfcrypt_linuxkm_fpu_states =
(union fpregs_state **)kzalloc(nr_cpu_ids
* sizeof(struct fpu_state *),
GFP_KERNEL);
if (! wolfcrypt_linuxkm_fpu_states) {
pr_err("warning, allocation of %lu bytes for "
"wolfcrypt_linuxkm_fpu_states failed.\n",
nr_cpu_ids * sizeof(struct fpu_state *));
return MEMORY_E;
}
{
typeof(nr_cpu_ids) i;
for (i=0; i<nr_cpu_ids; ++i) {
_Static_assert(sizeof(union fpregs_state) <= PAGE_SIZE,
"union fpregs_state is larger than expected.");
wolfcrypt_linuxkm_fpu_states[i] =
(union fpregs_state *)kzalloc(PAGE_SIZE
/* sizeof(union fpregs_state) */,
GFP_KERNEL);
if (! wolfcrypt_linuxkm_fpu_states[i])
break;
/* double-check that the allocation is 64-byte-aligned as needed
* for xsave.
*/
if ((unsigned long)wolfcrypt_linuxkm_fpu_states[i] & 63UL) {
pr_err("warning, allocation for wolfcrypt_linuxkm_fpu_states "
"was not properly aligned (%px).\n",
wolfcrypt_linuxkm_fpu_states[i]);
kfree(wolfcrypt_linuxkm_fpu_states[i]);
wolfcrypt_linuxkm_fpu_states[i] = 0;
break;
}
}
if (i < nr_cpu_ids) {
pr_err("warning, only %u/%u allocations succeeded for "
"wolfcrypt_linuxkm_fpu_states.\n",
i, nr_cpu_ids);
return MEMORY_E;
}
}
return 0;
}
void free_wolfcrypt_linuxkm_fpu_states(void)
{
if (wolfcrypt_linuxkm_fpu_states) {
typeof(nr_cpu_ids) i;
for (i=0; i<nr_cpu_ids; ++i) {
if (wolfcrypt_linuxkm_fpu_states[i])
kfree(wolfcrypt_linuxkm_fpu_states[i]);
}
kfree(wolfcrypt_linuxkm_fpu_states);
wolfcrypt_linuxkm_fpu_states = 0;
}
}
WARN_UNUSED_RESULT int save_vector_registers_x86(void)
{
int processor_id;
preempt_disable();
processor_id = smp_processor_id();
{
static int _warned_on_null = -1;
if ((wolfcrypt_linuxkm_fpu_states == NULL) ||
(wolfcrypt_linuxkm_fpu_states[processor_id] == NULL))
{
preempt_enable();
if (_warned_on_null < processor_id) {
_warned_on_null = processor_id;
pr_err("save_vector_registers_x86 called for cpu id %d "
"with null context buffer.\n", processor_id);
}
return BAD_STATE_E;
}
}
if (! irq_fpu_usable()) {
if (am_in_hard_interrupt_handler()) {
/* allow for nested calls */
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] != 0) {
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 255) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1];
return 0;
}
}
/* note, fpregs_lock() is not needed here, because
* interrupts/preemptions are already disabled here.
*/
{
/* save_fpregs_to_fpstate() only accesses fpu->state, which
* has stringent alignment requirements (64 byte cache
* line), but takes a pointer to the parent struct. work
* around this.
*/
struct fpu *fake_fpu_pointer =
(struct fpu *)(((char *)wolfcrypt_linuxkm_fpu_states[processor_id])
- offsetof(struct fpu, state));
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
copy_fpregs_to_fpstate(fake_fpu_pointer);
#else
save_fpregs_to_fpstate(fake_fpu_pointer);
#endif
}
/* mark the slot as used. */
((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] = 1;
/* note, not preempt_enable()ing, mirroring kernel_fpu_begin()
* semantics, even though routine will have been entered already
* non-preemptable.
*/
return 0;
} else {
preempt_enable();
return BAD_STATE_E;
}
} else {
/* allow for nested calls */
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] != 0) {
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 255) {
preempt_enable();
pr_err("save_vector_registers_x86 recursion register overflow for "
"cpu id %d.\n", processor_id);
return BAD_STATE_E;
} else {
++((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1];
return 0;
}
}
kernel_fpu_begin();
preempt_enable(); /* kernel_fpu_begin() does its own
* preempt_disable(). decrement ours.
*/
((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] = 1;
return 0;
}
}
void restore_vector_registers_x86(void)
{
int processor_id = smp_processor_id();
if ((wolfcrypt_linuxkm_fpu_states == NULL) ||
(wolfcrypt_linuxkm_fpu_states[processor_id] == NULL))
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"without null context buffer.\n", processor_id);
return;
}
if (((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] == 0)
{
pr_err("restore_vector_registers_x86 called for cpu id %d "
"without saved context.\n", processor_id);
return;
}
if (--((unsigned char *)wolfcrypt_linuxkm_fpu_states[processor_id])[PAGE_SIZE-1] > 0) {
preempt_enable(); /* preempt_disable count will still be nonzero after this decrement. */
return;
}
if (am_in_hard_interrupt_handler()) {
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
copy_kernel_to_fpregs(wolfcrypt_linuxkm_fpu_states[processor_id]);
#else
__restore_fpregs_from_fpstate(wolfcrypt_linuxkm_fpu_states[processor_id],
xfeatures_mask_all);
#endif
preempt_enable();
} else {
kernel_fpu_end();
}
return;
}
#endif /* WOLFSSL_LINUXKM_SIMD_X86 && WOLFSSL_LINUXKM_SIMD_X86_IRQ_ALLOWED */
#ifdef WOLFSSL_LINUXKM
#include "../../linuxkm/linuxkm_memory.c"
#endif

1
wolfcrypt/src/pkcs12.c
View File

@ -188,7 +188,6 @@ void wc_PKCS12_free(WC_PKCS12* pkcs12)
}
XFREE(pkcs12, NULL, DYNAMIC_TYPE_PKCS);
pkcs12 = NULL;
}

2
wolfcrypt/src/pkcs7.c
View File

@ -2718,7 +2718,7 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
XMEMCPY(output2 + idx, esd->encContentDigest, esd->encContentDigestSz);
idx += esd->encContentDigestSz;
if (output2 && output2Sz) {
if (output2Sz) {
*output2Sz = idx;
idx = 0; /* success */
}

4
wolfcrypt/src/port/kcapi/kcapi_hmac.c
View File

@ -102,7 +102,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
const char* ciphername = NULL;
if ((hmac == NULL || (key == NULL && length != 0))) {
ret = BAD_FUNC_ARG;
return BAD_FUNC_ARG;
}
#ifdef HAVE_FIPS
@ -183,7 +183,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
hmac->macType = type;
}
if (ret == 0 && hmac->handle == NULL) {
if (hmac->handle != NULL) {
kcapi_md_destroy(hmac->handle);
hmac->handle = NULL;
}

1
wolfcrypt/src/port/ti/ti-aes.c
View File

@ -209,6 +209,7 @@ WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz
XMEMCPY(out, out_block+aes->left,odd) ;
aes->left += odd ;
}
return; // work around cppcheck 2.6.3 false positive missingReturn
}
#endif

6
wolfcrypt/src/random.c
View File

@ -2468,7 +2468,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int ret;
int ret = 0;
word32 buffer[4];
while (sz > 0) {
@ -2493,7 +2493,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int ret;
int ret = 0;
word32 buffer[4];
while (sz > 0) {
@ -2551,7 +2551,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
return -1;
}
ret = WOLFSSL_SCE_TRNG_HANDLE.p_api->read(WOLFSSL_SCE_TRNG_HANDLE.p_ctrl,
(word32*)tmp, 1);
(word32*)&tmp, 1);
if (ret != SSP_SUCCESS) {
return -1;
}

29
wolfcrypt/src/rsa.c
View File

@ -2420,32 +2420,41 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
#if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
/* blind */
ret = mp_rand(rnd, get_digit_count(&key->n), rng);
if (ret != 0)
break;
/* rndi = 1/rnd mod n */
if (ret == 0 && mp_invmod(rnd, &key->n, rndi) != MP_OKAY)
if (mp_invmod(rnd, &key->n, rndi) != MP_OKAY) {
ret = MP_INVMOD_E;
break;
}
/* rnd = rnd^e */
#ifndef WOLFSSL_SP_MATH_ALL
if (ret == 0 && mp_exptmod(rnd, &key->e, &key->n, rnd) != MP_OKAY)
if (mp_exptmod(rnd, &key->e, &key->n, rnd) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
#else
if (ret == 0 && mp_exptmod_nct(rnd, &key->e, &key->n,
rnd) != MP_OKAY) {
if (mp_exptmod_nct(rnd, &key->e, &key->n, rnd) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
#endif
/* tmp = tmp*rnd mod n */
if (ret == 0 && mp_mulmod(tmp, rnd, &key->n, tmp) != MP_OKAY)
if (mp_mulmod(tmp, rnd, &key->n, tmp) != MP_OKAY) {
ret = MP_MULMOD_E;
break;
}
#endif /* WC_RSA_BLINDING && !WC_NO_RNG */
#ifdef RSA_LOW_MEM /* half as much memory but twice as slow */
if (ret == 0 && mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY)
if (mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY) {
ret = MP_EXPTMOD_E;
break;
}
#else
if (ret == 0) {
{
#ifdef WOLFSSL_SMALL_STACK
mp_int* tmpa;
mp_int* tmpb = NULL;
@ -2461,9 +2470,9 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
tmpb = tmpa + 1;
else
ret = MEMORY_E;
if (ret == 0)
#endif
if (ret == 0) {
{
if (mp_init(tmpa) != MP_OKAY)
ret = MP_INIT_E;
else

4
wolfcrypt/src/sha.c
View File

@ -698,7 +698,7 @@ int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
#ifdef LITTLE_ENDIAN_ORDER
ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
XMEMCPY(hash, digest, WC_SHA_DIGEST_SIZE);
XMEMCPY(hash, (byte *)&digest[0], WC_SHA_DIGEST_SIZE);
#else
XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
#endif
@ -802,7 +802,7 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
#endif
XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
XMEMCPY(hash, (byte *)&sha->digest[0], WC_SHA_DIGEST_SIZE);
(void)InitSha(sha); /* reset state */

4
wolfcrypt/src/sha512.c
View File

@ -956,13 +956,15 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
static WC_INLINE int Sha512Final(wc_Sha512* sha512)
{
byte* local = (byte*)sha512->buffer;
byte* local;
int ret;
if (sha512 == NULL) {
return BAD_FUNC_ARG;
}
local = (byte*)sha512->buffer;
local[sha512->buffLen++] = 0x80; /* add 1 */
/* pad with zeros */

5
wolfcrypt/src/srp.c
View File

@ -611,8 +611,11 @@ int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size)
if (((i = (mp_int *)XMALLOC(sizeof(*i), srp->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL) ||
((j = (mp_int *)XMALLOC(sizeof(*j), srp->heap, DYNAMIC_TYPE_TMP_BUFFER)) == NULL))
r = MEMORY_E;
if (!r)
#endif
if (!r) r = mp_init_multi(i, j, 0, 0, 0, 0);
{
r = mp_init_multi(i, j, 0, 0, 0, 0);
}
if (!r) r = mp_read_unsigned_bin(i, srp->k,SrpHashSize(srp->type));
if (!r) r = mp_iszero(i) == MP_YES ? SRP_BAD_KEY_E : 0;
if (!r) r = mp_exptmod(&srp->g, &srp->priv, &srp->N, pubkey);

2
wolfcrypt/src/wc_pkcs11.c
View File

@ -2041,7 +2041,7 @@ static int Pkcs11GetEccPublicKey(ecc_key* key, Pkcs11Session* session,
word32 i = 0;
int curveIdx;
unsigned char* point = NULL;
int pointSz;
int pointSz = 0;
byte tag;
CK_RV rv;
CK_ATTRIBUTE tmpl[] = {

35
wolfcrypt/src/wc_port.c
View File

@ -130,7 +130,7 @@ int wolfCrypt_Init(void)
time_t seed = time(NULL);
srand((word32)seed);
rngMallocFail = rand() % 2000; /* max 2000 */
printf("\n--- RNG MALLOC FAIL AT %d---\n", rngMallocFail);
printf("\n--- RNG MALLOC FAIL AT %u ---\n", rngMallocFail);
wolfSSL_SetMemFailCount(rngMallocFail);
}
#endif
@ -1649,7 +1649,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
void *newp = NULL;
if(p) {
ercd = get_mpl(ID_wolfssl_MPOOL, sz, (VP)&newp);
if (ercd == E_OK) {
if ((ercd == E_OK) && (newp != NULL)) {
XMEMCPY(newp, p, sz);
ercd = rel_mpl(ID_wolfssl_MPOOL, (VP)p);
if (ercd == E_OK) {
@ -1743,7 +1743,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
void *newp = NULL;
if (p) {
ercd = tk_get_mpl(ID_wolfssl_MPOOL, sz, (VP)&newp, TMO_FEVR);
if (ercd == E_OK) {
if ((ercd == E_OK) && (newp != NULL)) {
XMEMCPY(newp, p, sz);
ercd = tk_rel_mpl(ID_wolfssl_MPOOL, (VP)p);
if (ercd == E_OK) {
@ -2150,10 +2150,7 @@ time_t windows_time(time_t* timer)
SYSTEMTIME sysTime;
FILETIME fTime;
ULARGE_INTEGER intTime;
time_t localTime;
if (timer == NULL)
timer = &localTime;
GetSystemTime(&sysTime);
SystemTimeToFileTime(&sysTime, &fTime);
@ -2163,9 +2160,11 @@ time_t windows_time(time_t* timer)
intTime.QuadPart -= 0x19db1ded53e8000;
/* to secs */
intTime.QuadPart /= 10000000;
*timer = (time_t)intTime.QuadPart;
return *timer;
if (timer != NULL)
*timer = (time_t)intTime.QuadPart;
return (time_t)intTime.QuadPart;
}
#endif /* _WIN32_WCE */
@ -2275,19 +2274,17 @@ time_t pic32_time(time_t* timer)
#else
word32 sec = 0;
#endif
time_t localTime;
if (timer == NULL)
timer = &localTime;
#ifdef MICROCHIP_MPLAB_HARMONY
sec = TCPIP_SNTP_UTCSecondsGet();
#else
sec = SNTPGetUTCSeconds();
#endif
*timer = (time_t) sec;
return *timer;
if (timer != NULL)
*timer = (time_t)sec;
return (time_t)sec;
}
#endif /* MICROCHIP_TCPIP || MICROCHIP_TCPIP_V5 */
@ -2331,16 +2328,14 @@ time_t micrium_time(time_t* timer)
time_t mqx_time(time_t* timer)
{
time_t localTime;
TIME_STRUCT time_s;
if (timer == NULL)
timer = &localTime;
_time_get(&time_s);
*timer = (time_t) time_s.SECONDS;
return *timer;
if (timer != NULL)
*timer = (time_t)time_s.SECONDS;
return (time_t)time_s.SECONDS;
}
#endif /* FREESCALE_MQX || FREESCALE_KSDK_MQX */

47
wolfcrypt/test/test.c
View File

@ -746,8 +746,8 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
#if !defined(NO_BIG_INT)
if (CheckCtcSettings() != 1) {
printf("Sizeof mismatch (build) %x != (run) %x\n",
CTC_SETTINGS, CheckRunTimeSettings());
printf("Sizeof mismatch (build) %x != (run) %lx\n",
CTC_SETTINGS, (unsigned long)CheckRunTimeSettings());
return err_sys("Build vs runtime math mismatch\n", -1000);
}
@ -11969,9 +11969,6 @@ static int simple_mem_test(int sz)
WOLFSSL_TEST_SUBROUTINE int memory_test(void)
{
int ret = 0;
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_NO_MALLOC)
byte* b = NULL;
#endif
#if defined(COMPLEX_MEM_TEST) || defined(WOLFSSL_STATIC_MEMORY)
int i;
#endif
@ -12088,15 +12085,22 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_NO_MALLOC)
/* realloc test */
b = (byte*)XMALLOC(MEM_TEST_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (b) {
b = (byte*)XREALLOC(b, MEM_TEST_SZ+sizeof(word32), HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
{
byte *c = NULL;
byte *b = (byte*)XMALLOC(MEM_TEST_SZ, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
if (b) {
c = (byte*)XREALLOC(b, MEM_TEST_SZ+sizeof(word32), HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER);
if (c)
b = c;
}
if (b)
XFREE(b, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if ((b == NULL) || (c == NULL)) {
return -7217;
}
}
if (b == NULL) {
return -7217;
}
XFREE(b, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
@ -15005,11 +15009,6 @@ static int rsa_oaep_padding_test(RsaKey* key, WC_RNG* rng)
XMEMCPY(in, inStr, inLen);
#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
if (in == NULL || out == NULL || plain == NULL)
ERROR_OUT(MEMORY_E, exit_rsa);
#endif
#ifndef NO_SHA
do {
#if defined(WOLFSSL_ASYNC_CRYPT)
@ -18353,10 +18352,10 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
ret = EVP_DigestFinal(&md_ctx, hash, 0);
}
EVP_MD_CTX_cleanup(&md_ctx);
if (ret != WOLFSSL_SUCCESS ||
XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
if (ret != WOLFSSL_SUCCESS)
return -18601;
if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0)
return -8601;
}
#endif /* NO_MD5 */
#ifndef NO_SHA
@ -18376,10 +18375,10 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
ret = EVP_DigestFinal(&md_ctx, hash, 0);
}
EVP_MD_CTX_cleanup(&md_ctx);
if (ret != WOLFSSL_SUCCESS ||
XMEMCMP(hash, b.output, WC_SHA_DIGEST_SIZE) != 0) {
if (ret != WOLFSSL_SUCCESS)
return -18602;
if (XMEMCMP(hash, b.output, WC_SHA_DIGEST_SIZE) != 0)
return -8602;
}
#endif /* NO_SHA */
#ifdef WOLFSSL_SHA224

73
wolfssl/test.h
View File

@ -74,7 +74,7 @@
static unsigned long wolfSSL_inet_addr(const char *cp)
{
unsigned int a[4] ; unsigned long ret ;
sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ;
sscanf(cp, "%u.%u.%u.%u", &a[0], &a[1], &a[2], &a[3]) ;
ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ;
return(ret) ;
}
@ -594,9 +594,8 @@ err_sys(const char* msg)
#endif
{
printf("wolfSSL error: %s\n", msg);
XEXIT_T(EXIT_FAILURE);
}
XEXIT_T(EXIT_FAILURE);
}
static WC_INLINE
@ -622,9 +621,8 @@ err_sys_with_errno(const char* msg)
#else
printf("wolfSSL error: %s\n", msg);
#endif
XEXIT_T(EXIT_FAILURE);
}
XEXIT_T(EXIT_FAILURE);
}
@ -1110,8 +1108,10 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
(void)udp;
(void)sctp;
if (addr == NULL)
if (addr == NULL) {
err_sys("invalid argument to build_addr, addr is NULL");
return;
}
XMEMSET(addr, 0, sizeof(SOCKADDR_IN_T));
@ -2061,7 +2061,7 @@ static WC_INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
if (ready_file) {
#if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST) && \
!defined(NETOS)
XFILE srf = NULL;
XFILE srf = (XFILE)NULL;
if (args)
ready = args->signal;
@ -3009,8 +3009,10 @@ static WC_INLINE int StackSizeCheck(func_args* args, thread_func tf)
#endif
ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize);
if (ret != 0 || myStack == NULL)
if (ret != 0 || myStack == NULL) {
err_sys_with_errno("posix_memalign failed\n");
return -1;
}
XMEMSET(myStack, STACK_CHECK_VAL, stackSize);
@ -3082,8 +3084,11 @@ static WC_INLINE int StackSizeCheck_launch(func_args* args, thread_func tf, pthr
}
ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize);
if (ret != 0 || myStack == NULL)
if (ret != 0 || myStack == NULL) {
err_sys_with_errno("posix_memalign failed\n");
free(shim_args);
return -1;
}
XMEMSET(myStack, STACK_CHECK_VAL, stackSize);
@ -3676,7 +3681,7 @@ static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK ECC KeyGen: keySz %d, Curve ID %d\n", keySz, ecc_curve);
WOLFSSL_PKMSG("PK ECC KeyGen: keySz %u, Curve ID %d\n", keySz, ecc_curve);
ret = wc_ecc_init(new_key);
if (ret == 0) {
@ -3722,7 +3727,7 @@ static WC_INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK ECC Sign: inSz %d, keySz %d\n", inSz, keySz);
WOLFSSL_PKMSG("PK ECC Sign: inSz %u, keySz %u\n", inSz, keySz);
#ifdef TEST_PK_PRIVKEY
ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz);
@ -3746,7 +3751,7 @@ static WC_INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
free(keyBuf);
#endif
WOLFSSL_PKMSG("PK ECC Sign: ret %d outSz %d\n", ret, *outSz);
WOLFSSL_PKMSG("PK ECC Sign: ret %d outSz %u\n", ret, *outSz);
return ret;
}
@ -3764,7 +3769,7 @@ static WC_INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK ECC Verify: sigSz %d, hashSz %d, keySz %d\n", sigSz, hashSz, keySz);
WOLFSSL_PKMSG("PK ECC Verify: sigSz %u, hashSz %u, keySz %u\n", sigSz, hashSz, keySz);
ret = wc_ecc_init(&myKey);
if (ret == 0) {
@ -3867,7 +3872,7 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
wc_ecc_free(&tmpKey);
WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen);
WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %u, OutLen %u\n", ret, *pubKeySz, *outlen);
return ret;
}
@ -3999,7 +4004,7 @@ static WC_INLINE int myX25519KeyGen(WOLFSSL* ssl, curve25519_key* key,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK 25519 KeyGen: keySz %d\n", keySz);
WOLFSSL_PKMSG("PK 25519 KeyGen: keySz %u\n", keySz);
ret = wc_InitRng(&rng);
if (ret != 0)
@ -4074,7 +4079,7 @@ static WC_INLINE int myX25519SharedSecret(WOLFSSL* ssl, curve25519_key* otherKey
wc_curve25519_free(&tmpKey);
WOLFSSL_PKMSG("PK 25519 PMS: ret %d, pubKeySz %d, outLen %d\n",
WOLFSSL_PKMSG("PK 25519 PMS: ret %d, pubKeySz %u, outLen %u\n",
ret, *pubKeySz, *outlen);
return ret;
@ -4095,7 +4100,7 @@ static WC_INLINE int myEd448Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK 448 Sign: inSz %d, keySz %d\n", inSz, keySz);
WOLFSSL_PKMSG("PK 448 Sign: inSz %u, keySz %u\n", inSz, keySz);
#ifdef TEST_PK_PRIVKEY
ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz);
@ -4115,7 +4120,7 @@ static WC_INLINE int myEd448Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
free(keyBuf);
#endif
WOLFSSL_PKMSG("PK 448 Sign: ret %d, outSz %d\n", ret, *outSz);
WOLFSSL_PKMSG("PK 448 Sign: ret %d, outSz %u\n", ret, *outSz);
return ret;
}
@ -4134,7 +4139,7 @@ static WC_INLINE int myEd448Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK 448 Verify: sigSz %d, msgSz %d, keySz %d\n", sigSz, msgSz,
WOLFSSL_PKMSG("PK 448 Verify: sigSz %u, msgSz %u, keySz %u\n", sigSz, msgSz,
keySz);
ret = wc_ed448_init(&myKey);
@ -4165,7 +4170,7 @@ static WC_INLINE int myX448KeyGen(WOLFSSL* ssl, curve448_key* key,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK 448 KeyGen: keySz %d\n", keySz);
WOLFSSL_PKMSG("PK 448 KeyGen: keySz %u\n", keySz);
ret = wc_InitRng(&rng);
if (ret != 0)
@ -4240,7 +4245,7 @@ static WC_INLINE int myX448SharedSecret(WOLFSSL* ssl, curve448_key* otherKey,
wc_curve448_free(&tmpKey);
WOLFSSL_PKMSG("PK 448 PMS: ret %d, pubKeySz %d, outLen %d\n",
WOLFSSL_PKMSG("PK 448 PMS: ret %d, pubKeySz %u, outLen %u\n",
ret, *pubKeySz, *outlen);
return ret;
@ -4263,7 +4268,7 @@ static WC_INLINE int myDhCallback(WOLFSSL* ssl, struct DhKey* key,
/* return 0 on success */
ret = wc_DhAgree(key, out, outlen, priv, privSz, pubKeyDer, pubKeySz);
WOLFSSL_PKMSG("PK ED Agree: ret %d, privSz %d, pubKeySz %d, outlen %d\n",
WOLFSSL_PKMSG("PK ED Agree: ret %d, privSz %u, pubKeySz %u, outlen %u\n",
ret, privSz, pubKeySz, *outlen);
return ret;
@ -4286,7 +4291,7 @@ static WC_INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA Sign: inSz %d, keySz %d\n", inSz, keySz);
WOLFSSL_PKMSG("PK RSA Sign: inSz %u, keySz %u\n", inSz, keySz);
#ifdef TEST_PK_PRIVKEY
ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz);
@ -4315,7 +4320,7 @@ static WC_INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
free(keyBuf);
#endif
WOLFSSL_PKMSG("PK RSA Sign: ret %d, outSz %d\n", ret, *outSz);
WOLFSSL_PKMSG("PK RSA Sign: ret %d, outSz %u\n", ret, *outSz);
return ret;
}
@ -4332,7 +4337,7 @@ static WC_INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz);
WOLFSSL_PKMSG("PK RSA Verify: sigSz %u, keySz %u\n", sigSz, keySz);
ret = wc_InitRsaKey(&myKey, NULL);
if (ret == 0) {
@ -4359,7 +4364,7 @@ static WC_INLINE int myRsaSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA SignCheck: sigSz %d, keySz %d\n", sigSz, keySz);
WOLFSSL_PKMSG("PK RSA SignCheck: sigSz %u, keySz %u\n", sigSz, keySz);
#ifdef TEST_PK_PRIVKEY
ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz);
@ -4399,7 +4404,7 @@ static WC_INLINE int myRsaPssSign(WOLFSSL* ssl, const byte* in, word32 inSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA PSS Sign: inSz %d, hash %d, mgf %d, keySz %d\n",
WOLFSSL_PKMSG("PK RSA PSS Sign: inSz %u, hash %d, mgf %d, keySz %u\n",
inSz, hash, mgf, keySz);
#ifdef TEST_PK_PRIVKEY
@ -4449,7 +4454,7 @@ static WC_INLINE int myRsaPssSign(WOLFSSL* ssl, const byte* in, word32 inSz,
free(keyBuf);
#endif
WOLFSSL_PKMSG("PK RSA PSS Sign: ret %d, outSz %d\n", ret, *outSz);
WOLFSSL_PKMSG("PK RSA PSS Sign: ret %d, outSz %u\n", ret, *outSz);
return ret;
}
@ -4467,7 +4472,7 @@ static WC_INLINE int myRsaPssVerify(WOLFSSL* ssl, byte* sig, word32 sigSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA PSS Verify: sigSz %d, hash %d, mgf %d, keySz %d\n",
WOLFSSL_PKMSG("PK RSA PSS Verify: sigSz %u, hash %d, mgf %d, keySz %u\n",
sigSz, hash, mgf, keySz);
switch (hash) {
@ -4516,7 +4521,7 @@ static WC_INLINE int myRsaPssSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA PSS SignCheck: sigSz %d, hash %d, mgf %d, keySz %d\n",
WOLFSSL_PKMSG("PK RSA PSS SignCheck: sigSz %u, hash %d, mgf %d, keySz %u\n",
sigSz, hash, mgf, keySz);
#ifdef TEST_PK_PRIVKEY
@ -4577,7 +4582,7 @@ static WC_INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA Enc: inSz %d, keySz %d\n", inSz, keySz);
WOLFSSL_PKMSG("PK RSA Enc: inSz %u, keySz %u\n", inSz, keySz);
ret = wc_InitRng(&rng);
if (ret != 0)
@ -4597,7 +4602,7 @@ static WC_INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz,
}
wc_FreeRng(&rng);
WOLFSSL_PKMSG("PK RSA Enc: ret %d, outSz %d\n", ret, *outSz);
WOLFSSL_PKMSG("PK RSA Enc: ret %d, outSz %u\n", ret, *outSz);
return ret;
}
@ -4615,7 +4620,7 @@ static WC_INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz,
(void)ssl;
(void)cbInfo;
WOLFSSL_PKMSG("PK RSA Dec: inSz %d, keySz %d\n", inSz, keySz);
WOLFSSL_PKMSG("PK RSA Dec: inSz %u, keySz %u\n", inSz, keySz);
#ifdef TEST_PK_PRIVKEY
ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz);
@ -4965,7 +4970,7 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num)
static const char alphanum[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz";
WC_RNG rng;
byte out;
byte out = 0;
if (tempfn == NULL || len < 1 || num < 1 || len <= num) {
printf("Bad input\n");

3
wolfssl/wolfcrypt/ecc.h
View File

@ -359,6 +359,9 @@ typedef struct ecc_set_type {
#endif
/* verify alignment */
#if CHAR_BIT == 0
#error CHAR_BIT must be nonzero
#endif
#if FP_MAX_BITS_ECC % CHAR_BIT
#error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
#endif

3
wolfssl/wolfcrypt/tfm.h
View File

@ -277,6 +277,9 @@
#define FP_MAX_SIZE (FP_MAX_BITS+(8*DIGIT_BIT))
/* will this lib work? */
#if CHAR_BIT == 0
#error CHAR_BIT must be nonzero
#endif
#if (CHAR_BIT & 7)
#error CHAR_BIT must be a multiple of eight.
#endif

42
wolfssl/wolfcrypt/types.h
View File

@ -415,7 +415,11 @@ decouple library dependencies with standard string, memory and so on.
/* Telit M2MB SDK requires use m2mb_os API's, not std malloc/free */
/* Use of malloc/free will cause CPU reboot */
#define XMALLOC(s, h, t) ((void)h, (void)t, m2mb_os_malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) m2mb_os_free((xp));}
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
#define XFREE(p, h, t) m2mb_os_free(xp)
#else
#define XFREE(p, h, t) {void* xp = (p); if (xp) m2mb_os_free(xp);}
#endif
#define XREALLOC(p, n, h, t) m2mb_os_realloc((p), (n))
#elif defined(NO_WOLFSSL_MEMORY)
@ -439,15 +443,17 @@ decouple library dependencies with standard string, memory and so on.
/* just use plain C stdlib stuff if desired */
#include <stdlib.h>
#define XMALLOC(s, h, t) malloc((size_t)(s))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));}
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
#define XFREE(p, h, t) free(xp)
#else
#define XFREE(p, h, t) {void* xp = (p); if (xp) free(xp);}
#endif
#define XREALLOC(p, n, h, t) realloc((p), (size_t)(n))
#endif
#elif defined(WOLFSSL_LINUXKM)
/* the requisite linux/slab.h is included in wc_port.h, with incompatible warnings masked out. */
#define XMALLOC(s, h, t) ({(void)(h); (void)(t); kmalloc(s, GFP_KERNEL);})
#define XFREE(p, h, t) ({void* _xp; (void)(h); _xp = (p); if(_xp) kfree(_xp);})
#define XREALLOC(p, n, h, t) ({(void)(h); (void)(t); krealloc((p), (n), GFP_KERNEL);})
/* definitions are in linuxkm/linuxkm_wc_port.h */
#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \
&& !defined(WOLFSSL_SAFERTOS) && !defined(FREESCALE_MQX) \
@ -460,21 +466,37 @@ decouple library dependencies with standard string, memory and so on.
#ifdef WOLFSSL_STATIC_MEMORY
#ifdef WOLFSSL_DEBUG_MEMORY
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t), __func__, __LINE__)
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t), __func__, __LINE__);}
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
#define XFREE(p, h, t) wolfSSL_Free(xp, h, t, __func__, __LINE__)
#else
#define XFREE(p, h, t) {void* xp = (p); if (xp) wolfSSL_Free(xp, h, t, __func__, __LINE__);}
#endif
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t), __func__, __LINE__)
#else
#define XMALLOC(s, h, t) wolfSSL_Malloc((s), (h), (t))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), (h), (t));}
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
#define XFREE(p, h, t) wolfSSL_Free(xp, h, t)
#else
#define XFREE(p, h, t) {void* xp = (p); if (xp) wolfSSL_Free(xp, h, t);}
#endif
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), (h), (t))
#endif /* WOLFSSL_DEBUG_MEMORY */
#elif !defined(FREERTOS) && !defined(FREERTOS_TCP)
#ifdef WOLFSSL_DEBUG_MEMORY
#define XMALLOC(s, h, t) ((void)(h), (void)(t), wolfSSL_Malloc((s), __func__, __LINE__))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp), __func__, __LINE__);}
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
#define XFREE(p, h, t) wolfSSL_Free(xp, __func__, __LINE__)
#else
#define XFREE(p, h, t) {void* xp = (p); if (xp) wolfSSL_Free(xp, __func__, __LINE__);}
#endif
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
#else
#define XMALLOC(s, h, t) ((void)(h), (void)(t), wolfSSL_Malloc((s)))
#define XFREE(p, h, t) {void* xp = (p); if((xp)) wolfSSL_Free((xp));}
#ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
#define XFREE(p, h, t) wolfSSL_Free(p)
#else
#define XFREE(p, h, t) {void* xp = (p); if (xp) wolfSSL_Free(xp);}
#endif
#define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
#endif /* WOLFSSL_DEBUG_MEMORY */
#endif /* WOLFSSL_STATIC_MEMORY */

569
wolfssl/wolfcrypt/wc_port.h
View File

@ -55,553 +55,7 @@
#endif
#ifdef WOLFSSL_LINUXKM
#ifdef HAVE_CONFIG_H
#ifndef PACKAGE_NAME
#error wc_port.h included before config.h
#endif
/* config.h is autogenerated without gating, and is subject to repeat
* inclusions, so gate it out here to keep autodetection masking
* intact:
*/
#undef HAVE_CONFIG_H
#endif
#ifdef BUILDING_WOLFSSL
#if defined(CONFIG_MIPS) && defined(HAVE_LINUXKM_PIE_SUPPORT)
/* __ZBOOT__ disables some unhelpful macros around the mem*() funcs in
* legacy arch/mips/include/asm/string.h
*/
#define __ZBOOT__
#define memcmp __builtin_memcmp
#define __ARCH_MEMCMP_NO_REDIRECT
#define __ARCH_MEMCPY_NO_REDIRECT
#define __builtin_memcpy memcpy
extern void *memcpy(void *dest, const void *src, unsigned int n);
#define __ARCH_MEMCPY_NO_REDIRECT
#define __builtin_memset memset
extern void *memset(void *dest, int c, unsigned int n);
#endif
_Pragma("GCC diagnostic push");
/* we include all the needed kernel headers with these masked out. else
* there are profuse warnings.
*/
_Pragma("GCC diagnostic ignored \"-Wunused-parameter\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-arith\"");
_Pragma("GCC diagnostic ignored \"-Wshadow\"");
_Pragma("GCC diagnostic ignored \"-Wnested-externs\"");
_Pragma("GCC diagnostic ignored \"-Wredundant-decls\"");
_Pragma("GCC diagnostic ignored \"-Wsign-compare\"");
_Pragma("GCC diagnostic ignored \"-Wpointer-sign\"");
_Pragma("GCC diagnostic ignored \"-Wbad-function-cast\"");
_Pragma("GCC diagnostic ignored \"-Wdiscarded-qualifiers\"");
_Pragma("GCC diagnostic ignored \"-Wtype-limits\"");
_Pragma("GCC diagnostic ignored \"-Wswitch-enum\"");
/* suppress inclusion of stdint-gcc.h to avoid conflicts with Linux native include/linux/types.h: */
#define _GCC_STDINT_H
#include <linux/kconfig.h>
#include <linux/kernel.h>
#include <linux/version.h>
#include <linux/ctype.h>
#include <linux/init.h>
#include <linux/module.h>
#ifdef __PIE__
/* without this, mm.h brings in static, but not inline, pmd_to_page(),
* with direct references to global vmem variables.
*/
#undef USE_SPLIT_PMD_PTLOCKS
#define USE_SPLIT_PMD_PTLOCKS 0
#endif
#include <linux/mm.h>
#ifndef SINGLE_THREADED
#include <linux/kthread.h>
#endif
#include <linux/net.h>
#include <linux/slab.h>
#if defined(WOLFSSL_AESNI) || defined(USE_INTEL_SPEEDUP) || defined(WOLFSSL_SP_X86_64_ASM)
#ifndef CONFIG_X86
#error X86 SIMD extensions requested, but CONFIG_X86 is not set.
#endif
#define WOLFSSL_LINUXKM_SIMD
#define WOLFSSL_LINUXKM_SIMD_X86
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#include <asm/i387.h>
#else
#include <asm/simd.h>
#endif
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 0, 0)
#include <asm/fpu/internal.h>
#endif
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_x86(); if (_svr_ret != 0) { fail_clause } }
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_x86()
#endif
#elif defined(WOLFSSL_ARMASM) || defined(WOLFSSL_SP_ARM32_ASM) || \
defined(WOLFSSL_SP_ARM64_ASM) || defined(WOLFSSL_SP_ARM_THUMB_ASM) ||\
defined(WOLFSSL_SP_ARM_CORTEX_M_ASM)
#if !defined(CONFIG_ARM) && !defined(CONFIG_ARM64)
#error ARM SIMD extensions requested, but CONFIG_ARM* is not set.
#endif
#define WOLFSSL_LINUXKM_SIMD
#define WOLFSSL_LINUXKM_SIMD_ARM
#include <asm/fpsimd.h>
#ifndef SAVE_VECTOR_REGISTERS
#define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_arm(); if (_svr_ret != 0) { fail_clause } }
#endif
#ifndef RESTORE_VECTOR_REGISTERS
#define RESTORE_VECTOR_REGISTERS() restore_vector_registers_arm()
#endif
#else
#ifndef WOLFSSL_NO_ASM
#define WOLFSSL_NO_ASM
#endif
#endif
_Pragma("GCC diagnostic pop");
/* the kernel uses -std=c89, but not -pedantic, and makes full use of anon
* structs/unions, so we should too.
*/
#define HAVE_ANONYMOUS_INLINE_AGGREGATES 1
#define NO_THREAD_LS
#define NO_ATTRIBUTE_CONSTRUCTOR
/* kvmalloc()/kvfree() and friends added in linux commit a7c3e901 */
#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 12, 0)
#define HAVE_KVMALLOC
#endif
#ifdef HAVE_FIPS
extern int wolfCrypt_FIPS_first(void);
extern int wolfCrypt_FIPS_last(void);
#endif
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
/* work around backward dependency of asn.c on ssl.c. */
struct Signer;
struct Signer *GetCA(void *signers, unsigned char *hash);
#ifndef NO_SKID
struct Signer *GetCAByName(void* signers, unsigned char *hash);
#endif
#endif
#if defined(__PIE__) && !defined(USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE)
#error "compiling -fPIE without PIE support."
#endif
#if defined(HAVE_FIPS) && !defined(HAVE_LINUXKM_PIE_SUPPORT)
#error "FIPS build requires PIE support."
#endif
#ifdef USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE
#ifdef CONFIG_MIPS
#undef __ARCH_MEMCMP_NO_REDIRECT
#undef memcmp
extern int memcmp(const void *s1, const void *s2, size_t n);
#endif
struct wolfssl_linuxkm_pie_redirect_table {
#ifndef __ARCH_MEMCMP_NO_REDIRECT
typeof(memcmp) *memcmp;
#endif
#ifndef __ARCH_MEMCPY_NO_REDIRECT
typeof(memcpy) *memcpy;
#endif
#ifndef __ARCH_MEMSET_NO_REDIRECT
typeof(memset) *memset;
#endif
#ifndef __ARCH_MEMMOVE_NO_REDIRECT
typeof(memmove) *memmove;
#endif
#ifndef __ARCH_STRNCMP_NO_REDIRECT
typeof(strncmp) *strncmp;
#endif
#ifndef __ARCH_STRLEN_NO_REDIRECT
typeof(strlen) *strlen;
#endif
#ifndef __ARCH_STRSTR_NO_REDIRECT
typeof(strstr) *strstr;
#endif
#ifndef __ARCH_STRNCPY_NO_REDIRECT
typeof(strncpy) *strncpy;
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
typeof(strncat) *strncat;
#endif
#ifndef __ARCH_STRNCASECMP_NO_REDIRECT
typeof(strncasecmp) *strncasecmp;
#endif
typeof(kstrtoll) *kstrtoll;
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)
typeof(_printk) *_printk;
#else
typeof(printk) *printk;
#endif
typeof(snprintf) *snprintf;
const unsigned char *_ctype;
typeof(kmalloc) *kmalloc;
typeof(kfree) *kfree;
typeof(ksize) *ksize;
typeof(krealloc) *krealloc;
#ifdef HAVE_KVMALLOC
typeof(kvmalloc_node) *kvmalloc_node;
typeof(kvfree) *kvfree;
#endif
typeof(is_vmalloc_addr) *is_vmalloc_addr;
typeof(kmem_cache_alloc_trace) *kmem_cache_alloc_trace;
typeof(kmalloc_order_trace) *kmalloc_order_trace;
typeof(get_random_bytes) *get_random_bytes;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(getnstimeofday) *getnstimeofday;
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
typeof(current_kernel_time64) *current_kernel_time64;
#else
typeof(ktime_get_coarse_real_ts64) *ktime_get_coarse_real_ts64;
#endif
struct task_struct *(*get_current)(void);
int (*preempt_count)(void);
#ifdef WOLFSSL_LINUXKM_SIMD_X86
typeof(irq_fpu_usable) *irq_fpu_usable;
/* kernel_fpu_begin() replaced by kernel_fpu_begin_mask() in commit e4512289,
* released in kernel 5.11, backported to 5.4.93
*/
#ifdef kernel_fpu_begin
typeof(kernel_fpu_begin_mask) *kernel_fpu_begin_mask;
#else
typeof(kernel_fpu_begin) *kernel_fpu_begin;
#endif
typeof(kernel_fpu_end) *kernel_fpu_end;
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
typeof(copy_fpregs_to_fpstate) *copy_fpregs_to_fpstate;
typeof(copy_kernel_to_fpregs) *copy_kernel_to_fpregs;
#else
typeof(save_fpregs_to_fpstate) *save_fpregs_to_fpstate;
typeof(__restore_fpregs_from_fpstate) *__restore_fpregs_from_fpstate;
typeof(xfeatures_mask_all) *xfeatures_mask_all;
#endif
typeof(cpu_number) *cpu_number;
typeof(nr_cpu_ids) *nr_cpu_ids;
#endif /* WOLFSSL_LINUXKM_SIMD_X86 */
typeof(__mutex_init) *__mutex_init;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(mutex_lock_nested) *mutex_lock_nested;
#else
typeof(mutex_lock) *mutex_lock;
#endif
typeof(mutex_unlock) *mutex_unlock;
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
typeof(mutex_destroy) *mutex_destroy;
#endif
#ifdef HAVE_FIPS
typeof(wolfCrypt_FIPS_first) *wolfCrypt_FIPS_first;
typeof(wolfCrypt_FIPS_last) *wolfCrypt_FIPS_last;
#endif
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
typeof(GetCA) *GetCA;
#ifndef NO_SKID
typeof(GetCAByName) *GetCAByName;
#endif
#endif
const void *_last_slot;
};
extern const struct wolfssl_linuxkm_pie_redirect_table *wolfssl_linuxkm_get_pie_redirect_table(void);
#ifdef __PIE__
#ifndef __ARCH_MEMCMP_NO_REDIRECT
#define memcmp (wolfssl_linuxkm_get_pie_redirect_table()->memcmp)
#endif
#ifndef __ARCH_MEMCPY_NO_REDIRECT
#define memcpy (wolfssl_linuxkm_get_pie_redirect_table()->memcpy)
#endif
#ifndef __ARCH_MEMSET_NO_REDIRECT
#define memset (wolfssl_linuxkm_get_pie_redirect_table()->memset)
#endif
#ifndef __ARCH_MEMMOVE_NO_REDIRECT
#define memmove (wolfssl_linuxkm_get_pie_redirect_table()->memmove)
#endif
#ifndef __ARCH_STRNCMP_NO_REDIRECT
#define strncmp (wolfssl_linuxkm_get_pie_redirect_table()->strncmp)
#endif
#ifndef __ARCH_STRLEN_NO_REDIRECT
#define strlen (wolfssl_linuxkm_get_pie_redirect_table()->strlen)
#endif
#ifndef __ARCH_STRSTR_NO_REDIRECT
#define strstr (wolfssl_linuxkm_get_pie_redirect_table()->strstr)
#endif
#ifndef __ARCH_STRNCPY_NO_REDIRECT
#define strncpy (wolfssl_linuxkm_get_pie_redirect_table()->strncpy)
#endif
#ifndef __ARCH_STRNCAT_NO_REDIRECT
#define strncat (wolfssl_linuxkm_get_pie_redirect_table()->strncat)
#endif
#ifndef __ARCH_STRNCASECMP_NO_REDIRECT
#define strncasecmp (wolfssl_linuxkm_get_pie_redirect_table()->strncasecmp)
#endif
#define kstrtoll (wolfssl_linuxkm_get_pie_redirect_table()->kstrtoll)
#if LINUX_VERSION_CODE >= KERNEL_VERSION(5, 15, 0)
#define _printk (wolfssl_linuxkm_get_pie_redirect_table()->_printk)
#else
#define printk (wolfssl_linuxkm_get_pie_redirect_table()->printk)
#endif
#define snprintf (wolfssl_linuxkm_get_pie_redirect_table()->snprintf)
#define _ctype (wolfssl_linuxkm_get_pie_redirect_table()->_ctype)
#define kmalloc (wolfssl_linuxkm_get_pie_redirect_table()->kmalloc)
#define kfree (wolfssl_linuxkm_get_pie_redirect_table()->kfree)
#define ksize (wolfssl_linuxkm_get_pie_redirect_table()->ksize)
#define krealloc (wolfssl_linuxkm_get_pie_redirect_table()->krealloc)
#define kzalloc(size, flags) kmalloc(size, (flags) | __GFP_ZERO)
#ifdef HAVE_KVMALLOC
#define kvmalloc_node (wolfssl_linuxkm_get_pie_redirect_table()->kvmalloc_node)
#define kvfree (wolfssl_linuxkm_get_pie_redirect_table()->kvfree)
#endif
#define is_vmalloc_addr (wolfssl_linuxkm_get_pie_redirect_table()->is_vmalloc_addr)
#define kmem_cache_alloc_trace (wolfssl_linuxkm_get_pie_redirect_table()->kmem_cache_alloc_trace)
#define kmalloc_order_trace (wolfssl_linuxkm_get_pie_redirect_table()->kmalloc_order_trace)
#define get_random_bytes (wolfssl_linuxkm_get_pie_redirect_table()->get_random_bytes)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define getnstimeofday (wolfssl_linuxkm_get_pie_redirect_table()->getnstimeofday)
#elif LINUX_VERSION_CODE < KERNEL_VERSION(5, 0, 0)
#define current_kernel_time64 (wolfssl_linuxkm_get_pie_redirect_table()->current_kernel_time64)
#else
#define ktime_get_coarse_real_ts64 (wolfssl_linuxkm_get_pie_redirect_table()->ktime_get_coarse_real_ts64)
#endif
#undef get_current
#define get_current (wolfssl_linuxkm_get_pie_redirect_table()->get_current)
#undef preempt_count
#define preempt_count (wolfssl_linuxkm_get_pie_redirect_table()->preempt_count)
#ifdef WOLFSSL_LINUXKM_SIMD_X86
#define irq_fpu_usable (wolfssl_linuxkm_get_pie_redirect_table()->irq_fpu_usable)
#ifdef kernel_fpu_begin
#define kernel_fpu_begin_mask (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_begin_mask)
#else
#define kernel_fpu_begin (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_begin)
#endif
#define kernel_fpu_end (wolfssl_linuxkm_get_pie_redirect_table()->kernel_fpu_end)
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 14, 0)
#define copy_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->copy_fpregs_to_fpstate)
#define copy_kernel_to_fpregs (wolfssl_linuxkm_get_pie_redirect_table()->copy_kernel_to_fpregs)
#else
#define save_fpregs_to_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->save_fpregs_to_fpstate)
#define __restore_fpregs_from_fpstate (wolfssl_linuxkm_get_pie_redirect_table()->__restore_fpregs_from_fpstate)
#define xfeatures_mask_all (*(wolfssl_linuxkm_get_pie_redirect_table()->xfeatures_mask_all))
#endif
#define cpu_number (*(wolfssl_linuxkm_get_pie_redirect_table()->cpu_number))
#define nr_cpu_ids (*(wolfssl_linuxkm_get_pie_redirect_table()->nr_cpu_ids))
#endif
#define __mutex_init (wolfssl_linuxkm_get_pie_redirect_table()->__mutex_init)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define mutex_lock_nested (wolfssl_linuxkm_get_pie_redirect_table()->mutex_lock_nested)
#else
#define mutex_lock (wolfssl_linuxkm_get_pie_redirect_table()->mutex_lock)
#endif
#define mutex_unlock (wolfssl_linuxkm_get_pie_redirect_table()->mutex_unlock)
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
#define mutex_destroy (wolfssl_linuxkm_get_pie_redirect_table()->mutex_destroy)
#endif
/* per linux/ctype.h, tolower() and toupper() are macros bound to static inlines
* that use macros that bring in the _ctype global. for __PIE__, this needs to
* be masked out.
*/
#undef tolower
#undef toupper
#define tolower(c) (islower(c) ? (c) : ((c) + ('a'-'A')))
#define toupper(c) (isupper(c) ? (c) : ((c) - ('a'-'A')))
#if !defined(WOLFCRYPT_ONLY) && !defined(NO_CERTS)
#define GetCA (wolfssl_linuxkm_get_pie_redirect_table()->GetCA)
#ifndef NO_SKID
#define GetCAByName (wolfssl_linuxkm_get_pie_redirect_table()->GetCAByName)
#endif
#endif
#endif /* __PIE__ */
#endif /* USE_WOLFSSL_LINUXKM_PIE_REDIRECT_TABLE */
#ifdef WOLFSSL_LINUXKM_SIMD
#ifdef WOLFSSL_LINUXKM_SIMD_X86
extern __must_check int allocate_wolfcrypt_linuxkm_fpu_states(void);
extern void free_wolfcrypt_linuxkm_fpu_states(void);
extern __must_check int save_vector_registers_x86(void);
extern void restore_vector_registers_x86(void);
#elif defined(CONFIG_ARM) || defined(CONFIG_ARM64)
#error kernel module ARM SIMD is not yet tested or usable.
static WARN_UNUSED_RESULT inline int save_vector_registers_arm(void)
{
preempt_disable();
if (! may_use_simd()) {
preempt_enable();
return BAD_STATE_E;
} else {
fpsimd_preserve_current_state();
return 0;
}
}
static inline void restore_vector_registers_arm(void)
{
fpsimd_restore_current_state();
preempt_enable();
}
#endif
#endif /* WOLFSSL_LINUXKM_SIMD */
/* Linux headers define these using C expressions, but we need
* them to be evaluable by the preprocessor, for use in sp_int.h.
*/
#if BITS_PER_LONG == 64
_Static_assert(sizeof(ULONG_MAX) == 8, "BITS_PER_LONG is 64, but ULONG_MAX is not.");
#undef UCHAR_MAX
#define UCHAR_MAX 255
#undef USHRT_MAX
#define USHRT_MAX 65535
#undef UINT_MAX
#define UINT_MAX 4294967295U
#undef ULONG_MAX
#define ULONG_MAX 18446744073709551615UL
#undef ULLONG_MAX
#define ULLONG_MAX ULONG_MAX
#undef INT_MAX
#define INT_MAX 2147483647
#undef LONG_MAX
#define LONG_MAX 9223372036854775807L
#undef LLONG_MAX
#define LLONG_MAX LONG_MAX
#elif BITS_PER_LONG == 32
_Static_assert(sizeof(ULONG_MAX) == 4, "BITS_PER_LONG is 32, but ULONG_MAX is not.");
#undef UCHAR_MAX
#define UCHAR_MAX 255
#undef USHRT_MAX
#define USHRT_MAX 65535
#undef UINT_MAX
#define UINT_MAX 4294967295U
#undef ULONG_MAX
#define ULONG_MAX 4294967295UL
#undef INT_MAX
#define INT_MAX 2147483647
#undef LONG_MAX
#define LONG_MAX 2147483647L
#undef ULLONG_MAX
#undef LLONG_MAX
#if BITS_PER_LONG_LONG == 64
#define ULLONG_MAX 18446744073709551615UL
#define LLONG_MAX 9223372036854775807L
#else
#undef NO_64BIT
#define NO_64BIT
#define ULLONG_MAX ULONG_MAX
#define LLONG_MAX LONG_MAX
#endif
#else
#error unexpected BITS_PER_LONG value.
#endif
/* remove this multifariously conflicting macro, picked up from
* Linux arch/<arch>/include/asm/current.h.
*/
#ifndef WOLFSSL_NEED_LINUX_CURRENT
#undef current
#endif
/* prevent gcc's mm_malloc.h from being included, since it unconditionally
* includes stdlib.h, which is kernel-incompatible.
*/
#define _MM_MALLOC_H_INCLUDED
#ifdef HAVE_KVMALLOC
#define malloc(x) kvmalloc_node(x, GFP_KERNEL, NUMA_NO_NODE)
#define free(x) kvfree(x)
void *lkm_realloc(void *ptr, size_t newsize);
#define realloc(x, y) lkm_realloc(x, y)
#else
#define malloc(x) kmalloc(x, GFP_KERNEL)
#define free(x) kfree(x)
#define realloc(x,y) krealloc(x, y, GFP_KERNEL)
#endif
/* min() and max() in linux/kernel.h over-aggressively type-check, producing
* myriad spurious -Werrors throughout the codebase.
*/
#undef min
#undef max
/* work around namespace conflict between wolfssl/internal.h (enum HandShakeType)
* and linux/key.h (extern int()).
*/
#define key_update wc_key_update
#define lkm_printf(format, args...) printk(KERN_INFO "wolfssl: %s(): " format, __func__, ## args)
#define printf(...) lkm_printf(__VA_ARGS__)
#ifdef HAVE_FIPS
extern void fipsEntry(void);
#endif
/* suppress false-positive "writing 1 byte into a region of size 0" warnings
* building old kernels with new gcc:
*/
#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0)
_Pragma("GCC diagnostic ignored \"-Wstringop-overflow\"");
#endif
#endif /* BUILDING_WOLFSSL */
/* needed to suppress inclusion of stdio.h in wolfssl/wolfcrypt/types.h */
#define XSNPRINTF snprintf
/* the rigmarole around kstrtoll() here is to accommodate its warn-unused-result attribute. */
/* also needed to suppress inclusion of stdlib.h in wolfssl/wolfcrypt/types.h */
#define XATOI(s) ({ \
long long _xatoi_res = 0; \
int _xatoi_ret = kstrtoll(s, 10, &_xatoi_res); \
if (_xatoi_ret != 0) { \
_xatoi_res = 0; \
} \
(int)_xatoi_res; \
})
#include "../../linuxkm/linuxkm_wc_port.h"
#endif /* WOLFSSL_LINUXKM */
/* THREADING/MUTEX SECTION */
@ -711,8 +165,8 @@
#else
#ifndef SINGLE_THREADED
#ifndef WOLFSSL_USER_MUTEX
#if defined(WOLFSSL_LINUXKM)
#define WOLFSSL_KTHREADS
#ifdef WOLFSSL_LINUXKM
/* definitions are in linuxkm/linuxkm_wc_port.h */
#else
#define WOLFSSL_PTHREADS
#include <pthread.h>
@ -810,7 +264,7 @@
#elif defined(WOLFSSL_USER_MUTEX)
/* typedef User_Mutex wolfSSL_Mutex; */
#elif defined(WOLFSSL_LINUXKM)
typedef struct mutex wolfSSL_Mutex;
/* definitions are in linuxkm/linuxkm_wc_port.h */
#else
#error Need a mutex type in multithreaded mode
#endif /* USE_WINDOWS_API */
@ -1375,21 +829,8 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#elif defined(WOLFSSL_LINUXKM)
#ifdef BUILDING_WOLFSSL
/* includes are all above, with incompatible warnings masked out. */
#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 5, 0)
typedef __kernel_time_t time_t;
#else
typedef __kernel_time64_t time_t;
#endif
extern time_t time(time_t * timer);
#define XTIME time
#define WOLFSSL_GMTIME
#define XGMTIME(c, t) gmtime(c)
#define NO_TIMEVAL 1
#endif /* BUILDING_WOLFSSL */
/* definitions are in linuxkm/linuxkm_wc_port.h */
#elif defined(HAL_RTC_MODULE_ENABLED)
#include <time.h>