mirror of https://github.com/wolfSSL/wolfssl
Fix Coverity
This commit is contained in:
parent
1e94f0478c
commit
890500c1b1
|
@ -525,15 +525,15 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
|
|||
int recvd;
|
||||
int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl);
|
||||
struct sockaddr peer;
|
||||
socklen_t peerSz;
|
||||
|
||||
socklen_t peerSz = 0;
|
||||
|
||||
if (DoneHandShake) dtls_timeout = 0;
|
||||
|
||||
if (!wolfSSL_get_using_nonblock(ssl)) {
|
||||
struct timeval timeout;
|
||||
XMEMSET(&timeout, 0, sizeof(timeout));
|
||||
timeout.tv_sec = dtls_timeout;
|
||||
|
||||
|
||||
if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout,
|
||||
sizeof(timeout)) != 0) {
|
||||
printf("setsockopt rcvtimeo failed\n");
|
||||
|
@ -543,7 +543,7 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
|
|||
recvd = (int)recvfrom(sd, buf, sz, 0, (SOCKADDR*)&peer, &peerSz);
|
||||
|
||||
if (recvd < 0) {
|
||||
|
||||
|
||||
if (errno == SOCKET_EWOULDBLOCK || errno == SOCKET_EAGAIN) {
|
||||
if (wolfSSL_dtls_get_using_nonblock(ssl)) {
|
||||
return WOLFSSL_CBIO_ERR_WANT_READ;
|
||||
|
@ -576,7 +576,7 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
|
|||
#endif /* WOLFSSL_DTLS && !NO_WOLFSSL_SERVER */
|
||||
|
||||
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_CLIENT)
|
||||
static int SendTo(int sd, char *buf, int sz, const struct sockaddr *peer,
|
||||
static int SendTo(int sd, char *buf, int sz, const struct sockaddr *peer,
|
||||
socklen_t peerSz)
|
||||
{
|
||||
int sent;
|
||||
|
@ -625,9 +625,9 @@ static int ServerSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
|||
#endif
|
||||
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_CLIENT)
|
||||
if (info->doDTLS) {
|
||||
return SendTo(info->server.sockFd, buf, sz,
|
||||
return SendTo(info->server.sockFd, buf, sz,
|
||||
(const struct sockaddr*)&info->clientAddr, sizeof(info->clientAddr));
|
||||
} else
|
||||
} else
|
||||
#endif
|
||||
return SocketSend(info->server.sockFd, buf, sz);
|
||||
}
|
||||
|
@ -659,9 +659,9 @@ static int ClientSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
|||
#endif
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (info->doDTLS) {
|
||||
return SendTo(info->client.sockFd, buf, sz,
|
||||
return SendTo(info->client.sockFd, buf, sz,
|
||||
(const struct sockaddr*)&info->serverAddr, sizeof(info->serverAddr));
|
||||
} else
|
||||
} else
|
||||
#endif
|
||||
return SocketSend(info->client.sockFd, buf, sz);
|
||||
}
|
||||
|
@ -676,7 +676,7 @@ static int ClientRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
|
|||
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
|
||||
if (info->doDTLS) {
|
||||
return ReceiveFrom(ssl, info->client.sockFd, buf, sz);
|
||||
} else
|
||||
} else
|
||||
#endif
|
||||
return SocketRecv(info->client.sockFd, buf, sz);
|
||||
}
|
||||
|
@ -734,14 +734,14 @@ static int SetupSocketAndConnect(info_t* info, const char* host,
|
|||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (info->doDTLS) {
|
||||
/* Create the SOCK_DGRAM socket type is implemented on the User
|
||||
/* Create the SOCK_DGRAM socket type is implemented on the User
|
||||
* Datagram Protocol/Internet Protocol(UDP/IP protocol).*/
|
||||
if ((info->client.sockFd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
|
||||
printf("ERROR: failed to create the SOCK_DGRAM socket\n");
|
||||
return -1;
|
||||
}
|
||||
XMEMCPY(&info->serverAddr, &servAddr, sizeof(servAddr));
|
||||
} else {
|
||||
} else {
|
||||
#endif
|
||||
/* Create a socket that uses an Internet IPv4 address,
|
||||
* Sets the socket to be stream based (TCP),
|
||||
|
@ -792,7 +792,7 @@ static int bench_tls_client(info_t* info)
|
|||
if(info->doDTLS) {
|
||||
if (tls13) return WOLFSSL_SUCCESS;
|
||||
cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
|
||||
} else
|
||||
} else
|
||||
#endif
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (tls13)
|
||||
|
@ -889,7 +889,7 @@ static int bench_tls_client(info_t* info)
|
|||
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (info->doDTLS) {
|
||||
ret = wolfSSL_dtls_set_peer(cli_ssl, &info->serverAddr,
|
||||
ret = wolfSSL_dtls_set_peer(cli_ssl, &info->serverAddr,
|
||||
sizeof(info->serverAddr));
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
printf("error setting dtls peer\n");
|
||||
|
@ -906,7 +906,7 @@ static int bench_tls_client(info_t* info)
|
|||
wolfSSL_SetIOWriteCtx(cli_ssl, info);
|
||||
|
||||
#if defined(HAVE_PTHREAD) && defined(WOLFSSL_DTLS)
|
||||
/* synchronize with server */
|
||||
/* synchronize with server */
|
||||
if (info->doDTLS && !info->clientOrserverOnly) {
|
||||
pthread_mutex_lock(&info->dtls_mutex);
|
||||
if (info->serverReady != 1) {
|
||||
|
@ -1083,7 +1083,7 @@ static int SetupSocketAndListen(int* listenFd, word32 port, int doDTLS)
|
|||
#ifdef WOLFSSL_DTLS
|
||||
if (doDTLS) {
|
||||
/* Create a socket that is implemented on the User Datagram Protocol/
|
||||
* Interet Protocol(UDP/IP protocol). */
|
||||
* Interet Protocol(UDP/IP protocol). */
|
||||
if((*listenFd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
|
||||
printf("ERROR: failed to create the socket\n");
|
||||
return -1;
|
||||
|
@ -1149,7 +1149,7 @@ static int SocketWaitClient(info_t* info)
|
|||
MSG_PEEK, (struct sockaddr*)&clientAddr, &size);
|
||||
if (connd < -1) {
|
||||
printf("ERROR: failed to accept the connection\n");
|
||||
return -1;
|
||||
return -1;
|
||||
}
|
||||
XMEMCPY(&info->clientAddr, &clientAddr, sizeof(clientAddr));
|
||||
info->server.sockFd = info->listenFd;
|
||||
|
@ -1195,7 +1195,7 @@ static int bench_tls_server(info_t* info)
|
|||
if(info->doDTLS) {
|
||||
if(tls13) return WOLFSSL_SUCCESS;
|
||||
srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
|
||||
} else {
|
||||
} else {
|
||||
#endif
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (tls13)
|
||||
|
@ -1301,7 +1301,7 @@ static int bench_tls_server(info_t* info)
|
|||
}
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (info->doDTLS) {
|
||||
ret = wolfSSL_dtls_set_peer(srv_ssl, &info->clientAddr,
|
||||
ret = wolfSSL_dtls_set_peer(srv_ssl, &info->clientAddr,
|
||||
sizeof(info->clientAddr));
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
printf("error setting dtls peer\n");
|
||||
|
@ -1405,7 +1405,7 @@ static int bench_tls_server(info_t* info)
|
|||
#ifdef WOLFSSL_DTLS
|
||||
if (info->doDTLS) {
|
||||
SetupSocketAndListen(&info->listenFd, info->port, info->doDTLS);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
}
|
||||
|
|
|
@ -728,7 +728,7 @@ static int StartTLS_Init(SOCKET_T* sockfd)
|
|||
XMEMSET(tmpBuf, 0, sizeof(tmpBuf));
|
||||
if (recv(*sockfd, tmpBuf, sizeof(tmpBuf)-1, 0) < 0)
|
||||
err_sys("failed to read STARTTLS command\n");
|
||||
|
||||
tmpBuf[sizeof(tmpBuf)-1] = '\0';
|
||||
if (!XSTRNCMP(tmpBuf, starttlsCmd[4], XSTRLEN(starttlsCmd[4]))) {
|
||||
printf("%s\n", tmpBuf);
|
||||
} else {
|
||||
|
|
29
src/bio.c
29
src/bio.c
|
@ -159,22 +159,20 @@ static int wolfSSL_BIO_SSL_read(WOLFSSL_BIO* bio, void* buf,
|
|||
|
||||
static int wolfSSL_BIO_MD_read(WOLFSSL_BIO* bio, void* buf, int sz)
|
||||
{
|
||||
int ret = sz;
|
||||
|
||||
if (wolfSSL_EVP_MD_CTX_type((WOLFSSL_EVP_MD_CTX*)bio->ptr) == NID_hmac) {
|
||||
if (wolfSSL_EVP_DigestSignUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf,
|
||||
sz) != WOLFSSL_SUCCESS)
|
||||
{
|
||||
ret = WOLFSSL_FATAL_ERROR;
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (wolfSSL_EVP_DigestUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf, ret)
|
||||
if (wolfSSL_EVP_DigestUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf, sz)
|
||||
!= WOLFSSL_SUCCESS) {
|
||||
ret = WOLFSSL_FATAL_ERROR;
|
||||
return WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
}
|
||||
return ret;
|
||||
return sz;
|
||||
}
|
||||
#endif /* WOLFCRYPT_ONLY */
|
||||
|
||||
|
@ -609,10 +607,6 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
|||
bio = bio->next;
|
||||
}
|
||||
|
||||
if (frmt != NULL) {
|
||||
XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
|
||||
/* info cb, user can override return value */
|
||||
if (front != NULL && front->infoCb != NULL) {
|
||||
ret = (int)front->infoCb(front,
|
||||
|
@ -620,6 +614,10 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
|
|||
(const char*)data, 0, 0, ret);
|
||||
}
|
||||
|
||||
if (frmt != NULL) {
|
||||
XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
}
|
||||
|
||||
if (retB64 != 0)
|
||||
return retB64;
|
||||
else
|
||||
|
@ -1527,6 +1525,7 @@ void* wolfSSL_BIO_get_data(WOLFSSL_BIO* bio)
|
|||
*/
|
||||
long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifndef WOLFSSL_DTLS
|
||||
(void)on;
|
||||
#endif
|
||||
|
@ -1538,9 +1537,9 @@ long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on)
|
|||
{
|
||||
int flag = XFCNTL(bio->num, F_GETFL, 0);
|
||||
if (on)
|
||||
XFCNTL(bio->num, F_SETFL, flag | O_NONBLOCK);
|
||||
ret = XFCNTL(bio->num, F_SETFL, flag | O_NONBLOCK);
|
||||
else
|
||||
XFCNTL(bio->num, F_SETFL, flag & ~O_NONBLOCK);
|
||||
ret = XFCNTL(bio->num, F_SETFL, flag & ~O_NONBLOCK);
|
||||
}
|
||||
#endif
|
||||
break;
|
||||
|
@ -1554,8 +1553,10 @@ long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on)
|
|||
WOLFSSL_MSG("Unsupported bio type for non blocking");
|
||||
break;
|
||||
}
|
||||
|
||||
return 1;
|
||||
if (ret != -1)
|
||||
return 1;
|
||||
else
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -630,6 +630,7 @@ static CRL_Entry* DupCRL_list(CRL_Entry* crl, void* heap)
|
|||
head = head->next;
|
||||
FreeCRL_Entry(current, heap);
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
current = current->next;
|
||||
|
|
|
@ -19215,7 +19215,7 @@ int GetCipherSuiteFromName(const char* name, byte* cipherSuite0,
|
|||
int i;
|
||||
unsigned long len;
|
||||
const char* nameDelim;
|
||||
|
||||
|
||||
/* Support trailing : */
|
||||
nameDelim = XSTRSTR(name, ":");
|
||||
if (nameDelim)
|
||||
|
@ -26933,6 +26933,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
|||
#ifdef WOLFSSL_EXTRA_ALERTS
|
||||
SendAlert(ssl, alert_fatal, handshake_failure);
|
||||
#endif
|
||||
#ifdef HAVE_EXT_CACHE
|
||||
wolfSSL_SESSION_free(session);
|
||||
#endif
|
||||
return EXT_MASTER_SECRET_NEEDED_E;
|
||||
}
|
||||
#ifdef HAVE_EXT_CACHE
|
||||
|
|
|
@ -3385,7 +3385,7 @@ int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side)
|
|||
/* Initialize the AES-GCM/CCM explicit IV to a zero. */
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (scr_copy)
|
||||
XMEMCPY(ssl->keys.aead_exp_IV,
|
||||
XMEMMOVE(ssl->keys.aead_exp_IV,
|
||||
keys->aead_exp_IV, AEAD_MAX_EXP_SZ);
|
||||
#endif
|
||||
XMEMSET(keys->aead_exp_IV, 0, AEAD_MAX_EXP_SZ);
|
||||
|
|
50
src/ssl.c
50
src/ssl.c
|
@ -2508,7 +2508,7 @@ WOLFSSL_ABI
|
|||
int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list,
|
||||
word32 protocol_name_listSz, byte options)
|
||||
{
|
||||
char *list, *ptr, *token[WOLFSSL_MAX_ALPN_NUMBER]={NULL};
|
||||
char *list, *ptr, *token[WOLFSSL_MAX_ALPN_NUMBER+1]={NULL};
|
||||
word16 len;
|
||||
int idx = 0;
|
||||
int ret = WOLFSSL_FAILURE;
|
||||
|
@ -8430,6 +8430,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
|
|||
wolfSSL_ASN1_OBJECT_free(ext->obj);
|
||||
wolfSSL_X509_EXTENSION_free(ext);
|
||||
FreeDecodedCert(&cert);
|
||||
XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return NULL;
|
||||
}
|
||||
ext->obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
|
||||
|
@ -8499,7 +8500,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
|
|||
int nid;
|
||||
const int sz = CTC_NAME_SIZE*2;
|
||||
int rc = WOLFSSL_FAILURE;
|
||||
char tmp[CTC_NAME_SIZE*2];
|
||||
char tmp[CTC_NAME_SIZE*2] = {0};
|
||||
WOLFSSL_ENTER("wolfSSL_X509V3_EXT_print");
|
||||
|
||||
if ((out == NULL) || (ext == NULL)) {
|
||||
|
@ -8514,7 +8515,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
|
|||
}
|
||||
|
||||
str = wolfSSL_X509_EXTENSION_get_data(ext);
|
||||
if (obj == NULL) {
|
||||
if (str == NULL) {
|
||||
WOLFSSL_MSG("Error getting ASN1_STRING from X509_EXTENSION");
|
||||
return rc;
|
||||
}
|
||||
|
@ -8638,7 +8639,7 @@ const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(WOLFSSL_X509_EXTENSION* ex)
|
|||
WOLFSSL_MSG("Failed to get nid from passed extension object");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
XMEMSET(&method, 0, sizeof(WOLFSSL_v3_ext_method));
|
||||
switch (nid) {
|
||||
case NID_basic_constraints:
|
||||
break;
|
||||
|
@ -11539,7 +11540,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||
|
||||
if (ssl->buffers.outputBuffer.length > 0
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
/* do not send buffered or advance state if last error was an
|
||||
/* do not send buffered or advance state if last error was an
|
||||
async pending operation */
|
||||
&& ssl->error != WC_PENDING_E
|
||||
#endif
|
||||
|
@ -11951,7 +11952,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
|
|||
|
||||
if (ssl->buffers.outputBuffer.length > 0
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
/* do not send buffered or advance state if last error was an
|
||||
/* do not send buffered or advance state if last error was an
|
||||
async pending operation */
|
||||
&& ssl->error != WC_PENDING_E
|
||||
#endif
|
||||
|
@ -16568,7 +16569,12 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
|
|||
WOLFSSL_ENTER("DES_ncbc_encrypt");
|
||||
|
||||
/* OpenSSL compat, no ret */
|
||||
wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc);
|
||||
if (wc_Des_SetKey(&myDes, (const byte*)schedule,
|
||||
(const byte*)ivec, !enc) != 0) {
|
||||
WOLFSSL_MSG("wc_Des_SetKey return error.");
|
||||
return;
|
||||
}
|
||||
|
||||
lb_sz = length%DES_BLOCK_SIZE;
|
||||
blk = length/DES_BLOCK_SIZE;
|
||||
idx -= sizeof(DES_cblock);
|
||||
|
@ -23741,7 +23747,7 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
|
|||
if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)asnTime, buf,
|
||||
sizeof(buf)) == NULL) {
|
||||
XMEMSET(buf, 0, MAX_TIME_STRING_SZ);
|
||||
XMEMCPY(buf, "Bad time value", 14);
|
||||
XSTRNCPY(buf, "Bad time value", sizeof(buf)-1);
|
||||
ret = WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
|
@ -30419,6 +30425,7 @@ int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
|
|||
int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
|
||||
{
|
||||
void* heap;
|
||||
int ret;
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
heap = src->heap;
|
||||
|
@ -30433,36 +30440,36 @@ int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
|
|||
switch (src->macType) {
|
||||
#ifndef NO_MD5
|
||||
case WC_MD5:
|
||||
wc_Md5Copy(&src->hash.md5, &des->hash.md5);
|
||||
ret = wc_Md5Copy(&src->hash.md5, &des->hash.md5);
|
||||
break;
|
||||
#endif /* !NO_MD5 */
|
||||
|
||||
#ifndef NO_SHA
|
||||
case WC_SHA:
|
||||
wc_ShaCopy(&src->hash.sha, &des->hash.sha);
|
||||
ret = wc_ShaCopy(&src->hash.sha, &des->hash.sha);
|
||||
break;
|
||||
#endif /* !NO_SHA */
|
||||
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case WC_SHA224:
|
||||
wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);
|
||||
ret = wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);
|
||||
break;
|
||||
#endif /* WOLFSSL_SHA224 */
|
||||
|
||||
#ifndef NO_SHA256
|
||||
case WC_SHA256:
|
||||
wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);
|
||||
ret = wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);
|
||||
break;
|
||||
#endif /* !NO_SHA256 */
|
||||
|
||||
#ifdef WOLFSSL_SHA384
|
||||
case WC_SHA384:
|
||||
wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);
|
||||
ret = wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);
|
||||
break;
|
||||
#endif /* WOLFSSL_SHA384 */
|
||||
#ifdef WOLFSSL_SHA512
|
||||
case WC_SHA512:
|
||||
wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);
|
||||
ret = wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);
|
||||
break;
|
||||
#endif /* WOLFSSL_SHA512 */
|
||||
|
||||
|
@ -30470,6 +30477,9 @@ int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
|
|||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
if (ret != 0)
|
||||
return WOLFSSL_FAILURE;
|
||||
|
||||
XMEMCPY((byte*)des->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE);
|
||||
XMEMCPY((byte*)des->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE);
|
||||
XMEMCPY((byte*)des->innerHash, (byte*)src->innerHash, WC_MAX_DIGEST_SIZE);
|
||||
|
@ -41001,7 +41011,7 @@ void wolfSSL_print_all_errors_fp(XFILE fp)
|
|||
}
|
||||
#endif /* !NO_FILESYSTEM */
|
||||
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX ||
|
||||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX ||
|
||||
HAVE_LIGHTY || WOLFSSL_HAPROXY || WOLFSSL_OPENSSH */
|
||||
|
||||
|
||||
|
@ -41701,7 +41711,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
|
|||
{
|
||||
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
|
||||
int count = 0, len = 0, totalSz = 0, tmpSz = 0;
|
||||
char tmp[ASN_NAME_MAX];
|
||||
char tmp[ASN_NAME_MAX+1];
|
||||
char fullName[ASN_NAME_MAX];
|
||||
const char *buf = NULL;
|
||||
WOLFSSL_X509_NAME_ENTRY* ne;
|
||||
|
@ -42988,7 +42998,8 @@ unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, int *line,
|
|||
int ret = 0;
|
||||
|
||||
while (1) {
|
||||
if ((ret = wc_PeekErrorNode(-1, file, NULL, line)) < 0) {
|
||||
ret = wc_PeekErrorNode(-1, file, NULL, line);
|
||||
if (ret == BAD_MUTEX_E || ret == BAD_FUNC_ARG || ret == BAD_STATE_E) {
|
||||
WOLFSSL_MSG("Issue peeking at error node in queue");
|
||||
return 0;
|
||||
}
|
||||
|
@ -44564,7 +44575,10 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
|
|||
ret = GetInt(&mpi, ai->data, &idx, ai->dataMax);
|
||||
if (ret != 0) {
|
||||
#ifdef WOLFSSL_QT
|
||||
mp_init(&mpi); /* must init mpi */
|
||||
ret = mp_init(&mpi); /* must init mpi */
|
||||
if (ret != MP_OKAY) {
|
||||
return NULL;
|
||||
}
|
||||
/* Serial number in QT starts at index 0 of data */
|
||||
if (mp_read_unsigned_bin(&mpi, (byte*)ai->data, ai->length) != 0) {
|
||||
mp_clear(&mpi);
|
||||
|
|
11
src/tls.c
11
src/tls.c
|
@ -3039,8 +3039,6 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
|
|||
|
||||
if (length == 0)
|
||||
return 0;
|
||||
if (length < ENUM_LEN)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
status_type = input[offset++];
|
||||
|
||||
|
@ -3841,13 +3839,10 @@ static void TLSX_PointFormat_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
|
|||
return;
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
#ifdef HAVE_FFDHE
|
||||
return;
|
||||
#endif
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef HAVE_FFDHE
|
||||
return;
|
||||
#endif
|
||||
/* turns semaphore on to avoid sending this extension. */
|
||||
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS));
|
||||
}
|
||||
|
|
11
src/tls13.c
11
src/tls13.c
|
@ -7216,12 +7216,13 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
|||
{
|
||||
int ret = 0;
|
||||
word32 inputLength;
|
||||
byte type;
|
||||
word32 size = 0;
|
||||
|
||||
WOLFSSL_ENTER("DoTls13HandShakeMsg()");
|
||||
|
||||
if (ssl->arrays == NULL) {
|
||||
byte type;
|
||||
word32 size;
|
||||
|
||||
|
||||
if (GetHandshakeHeader(ssl, input, inOutIdx, &type, &size,
|
||||
totalSz) != 0) {
|
||||
|
@ -7238,8 +7239,6 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
|||
/* If there is a pending fragmented handshake message,
|
||||
* pending message size will be non-zero. */
|
||||
if (ssl->arrays->pendingMsgSz == 0) {
|
||||
byte type;
|
||||
word32 size;
|
||||
|
||||
if (GetHandshakeHeader(ssl,input, inOutIdx, &type, &size, totalSz) != 0)
|
||||
return PARSE_ERROR;
|
||||
|
@ -7339,7 +7338,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
|
|||
|
||||
if (ssl->buffers.outputBuffer.length > 0
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
/* do not send buffered or advance state if last error was an
|
||||
/* do not send buffered or advance state if last error was an
|
||||
async pending operation */
|
||||
&& ssl->error != WC_PENDING_E
|
||||
#endif
|
||||
|
@ -8065,7 +8064,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
|
|||
|
||||
if (ssl->buffers.outputBuffer.length > 0
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
/* do not send buffered or advance state if last error was an
|
||||
/* do not send buffered or advance state if last error was an
|
||||
async pending operation */
|
||||
&& ssl->error != WC_PENDING_E
|
||||
#endif
|
||||
|
|
115
tests/api.c
115
tests/api.c
|
@ -2098,8 +2098,8 @@ static void test_wolfSSL_ECDSA_SIG(void)
|
|||
unsigned char outSig[8];
|
||||
unsigned char sigData[8] =
|
||||
{ 0x30, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x01 };
|
||||
|
||||
AssertNull(wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData)));
|
||||
sig = wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData));
|
||||
AssertNull(sig);
|
||||
cp = sigData;
|
||||
AssertNotNull((sig = wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigData))));
|
||||
AssertIntEQ((cp == sigData + 8), 1);
|
||||
|
@ -12995,6 +12995,7 @@ static int test_RsaDecryptBoundsCheck(void)
|
|||
WC_RNG rng;
|
||||
|
||||
printf(testingFmt, "RSA decrypt bounds check");
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
|
||||
|
@ -13126,6 +13127,8 @@ static int test_wc_RsaKeyToDer (void)
|
|||
/* (2 x 256) + 2 (possible leading 00) + (5 x 128) + 5 (possible leading 00)
|
||||
+ 3 (e) + 8 (ASN tag) + 17 (ASN length) + 4 seqSz + 3 version */
|
||||
#endif
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&genKey, 0, sizeof(genKey));
|
||||
|
||||
der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (der == NULL) {
|
||||
|
@ -13231,6 +13234,9 @@ static int test_wc_RsaKeyToPublicDer (void)
|
|||
word32 derLen = 290;
|
||||
#endif
|
||||
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (der == NULL) {
|
||||
ret = WOLFSSL_FATAL_ERROR;
|
||||
|
@ -14461,6 +14467,8 @@ static int test_wc_MakeDsaKey (void)
|
|||
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
|
||||
DsaKey genKey;
|
||||
WC_RNG rng;
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&genKey, 0, sizeof(genKey));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -14558,7 +14566,10 @@ static int test_wc_DsaKeyToDer (void)
|
|||
bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
|
||||
XFCLOSE(fp);
|
||||
#endif /* END USE_CERT_BUFFERS_1024 */
|
||||
|
||||
#if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&genKey, 0, sizeof(genKey));
|
||||
#endif
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
ret = wc_InitDsaKey(&genKey);
|
||||
|
@ -14966,6 +14977,8 @@ static int test_wc_DsaExportKeyRaw (void)
|
|||
word32 xOutSz, yOutSz;
|
||||
|
||||
printf(testingFmt, "wc_DsaExportKeyRaw()");
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -18059,6 +18072,9 @@ static int test_wc_ecc_check_key (void)
|
|||
WC_RNG rng;
|
||||
ecc_key key;
|
||||
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
ret = wc_ecc_init(&key);
|
||||
|
@ -18154,6 +18170,9 @@ static int test_wc_ecc_size (void)
|
|||
WC_RNG rng;
|
||||
ecc_key key;
|
||||
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
ret = wc_ecc_init(&key);
|
||||
|
@ -18233,7 +18252,7 @@ static int test_wc_ecc_signVerify_hash (void)
|
|||
|
||||
/* Init stack var */
|
||||
XMEMSET(sig, 0, siglen);
|
||||
XMEMSET(&key, 0, sizeof(ecc_key));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
/* Init structs. */
|
||||
ret = wc_InitRng(&rng);
|
||||
|
@ -18343,6 +18362,9 @@ static int test_wc_ecc_shared_secret (void)
|
|||
|
||||
/* Initialize variables. */
|
||||
XMEMSET(out, 0, keySz);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
XMEMSET(&pubKey, 0, sizeof(pubKey));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -18413,6 +18435,8 @@ static int test_wc_ecc_export_x963 (void)
|
|||
|
||||
/* Initialize variables. */
|
||||
XMEMSET(out, 0, outlen);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -18482,6 +18506,8 @@ static int test_wc_ecc_export_x963_ex (void)
|
|||
|
||||
/* Init stack variables. */
|
||||
XMEMSET(out, 0, outlen);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -18582,6 +18608,10 @@ static int test_wc_ecc_import_x963 (void)
|
|||
|
||||
/* Init stack variables. */
|
||||
XMEMSET(x963, 0, x963Len);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
XMEMSET(&pubKey, 0, sizeof(pubKey));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
ret = wc_ecc_init(&pubKey);
|
||||
|
@ -18653,6 +18683,9 @@ static int ecc_import_private_key (void)
|
|||
/* Init stack variables. */
|
||||
XMEMSET(privKey, 0, privKeySz);
|
||||
XMEMSET(x963Key, 0, x963KeySz);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
XMEMSET(&keyImp, 0, sizeof(keyImp));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -18725,6 +18758,8 @@ static int test_wc_ecc_export_private_only (void)
|
|||
|
||||
/* Init stack variables. */
|
||||
XMEMSET(out, 0, outlen);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -19006,6 +19041,8 @@ static int test_wc_ecc_sig_size (void)
|
|||
WC_RNG rng;
|
||||
int keySz = KEY16;
|
||||
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
ret = wc_ecc_init(&key);
|
||||
|
@ -19281,6 +19318,9 @@ static int test_wc_ecc_encryptDecrypt (void)
|
|||
/* Init stack variables. */
|
||||
XMEMSET(out, 0, outSz);
|
||||
XMEMSET(plain, 0, plainSz);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&srvKey, 0, sizeof(srvKey));
|
||||
XMEMSET(&cliKey, 0, sizeof(cliKey));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -19427,6 +19467,8 @@ static int test_wc_ecc_pointFns (void)
|
|||
|
||||
/* Init stack variables. */
|
||||
XMEMSET(der, 0, derSz);
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -19600,7 +19642,9 @@ static int test_wc_ecc_shared_secret_ssh (void)
|
|||
|
||||
/* Init stack variables. */
|
||||
XMEMSET(secret, 0, secretLen);
|
||||
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
XMEMSET(&key2, 0, sizeof(key2));
|
||||
/* Make keys */
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -19894,6 +19938,8 @@ static int test_wc_ecc_is_valid_idx (void)
|
|||
int iVal = -2;
|
||||
int iVal2 = 3000;
|
||||
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
XMEMSET(&key, 0, sizeof(key));
|
||||
|
||||
ret = wc_InitRng(&rng);
|
||||
if (ret == 0) {
|
||||
|
@ -22951,7 +22997,8 @@ static void test_wolfSSL_PEM_PrivateKey(void)
|
|||
XFCLOSE(file);
|
||||
|
||||
/* Test using BIO new mem and loading PEM private key */
|
||||
AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
|
||||
bio = BIO_new_mem_buf(buf, (int)sz);
|
||||
AssertNotNull(bio);
|
||||
AssertNotNull((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)));
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
|
||||
BIO_free(bio);
|
||||
|
@ -23832,8 +23879,9 @@ static void test_wolfSSL_EVP_MD_ecc_signing(void)
|
|||
printf(testingFmt, "wolfSSL_EVP_MD_ecc_signing()");
|
||||
|
||||
cp = ecc_clikey_der_256;
|
||||
AssertNotNull((privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp,
|
||||
sizeof_ecc_clikey_der_256)));
|
||||
privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp,
|
||||
sizeof_ecc_clikey_der_256);
|
||||
AssertNotNull(privKey);
|
||||
p = ecc_clikeypub_der_256;
|
||||
AssertNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p,
|
||||
sizeof_ecc_clikeypub_der_256)));
|
||||
|
@ -23934,7 +23982,8 @@ static void test_wolfSSL_CTX_add_extra_chain_cert(void)
|
|||
AssertNotNull(ecX509 = wolfSSL_X509_load_certificate_file(cliEccCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
#endif
|
||||
AssertNotNull(pkey = X509_get_pubkey(ecX509));
|
||||
pkey = X509_get_pubkey(ecX509);
|
||||
AssertNotNull(pkey);
|
||||
/* current ECC key is 256 bit (32 bytes) */
|
||||
AssertIntEQ(EVP_PKEY_size(pkey), 32);
|
||||
|
||||
|
@ -24150,7 +24199,8 @@ static void test_wolfSSL_X509_STORE_CTX(void)
|
|||
AssertIntEQ(X509_STORE_add_cert(str, x509), SSL_SUCCESS);
|
||||
#ifdef OPENSSL_ALL
|
||||
/* sk_X509_new only in OPENSSL_ALL */
|
||||
AssertNotNull(sk = sk_X509_new());
|
||||
sk = sk_X509_new();
|
||||
AssertNotNull(sk);
|
||||
AssertIntEQ(X509_STORE_CTX_init(ctx, str, x509, sk), SSL_SUCCESS);
|
||||
#else
|
||||
AssertIntEQ(X509_STORE_CTX_init(ctx, str, x509, NULL), SSL_SUCCESS);
|
||||
|
@ -24426,8 +24476,8 @@ static void test_wolfSSL_CTX_add_client_CA(void)
|
|||
printf(testingFmt, "wolfSSL_CTX_add_client_CA()");
|
||||
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
||||
/* Add client cert */
|
||||
AssertNotNull(x509 = X509_load_certificate_file(cliCertFile,
|
||||
SSL_FILETYPE_PEM));
|
||||
x509 = X509_load_certificate_file(cliCertFile, SSL_FILETYPE_PEM);
|
||||
AssertNotNull(x509);
|
||||
ret = SSL_CTX_add_client_CA(ctx, x509);
|
||||
AssertIntEQ(ret, SSL_SUCCESS);
|
||||
AssertNotNull(ca_list = SSL_CTX_get_client_CA_list(ctx));
|
||||
|
@ -24723,8 +24773,8 @@ static void test_wolfSSL_BN(void)
|
|||
AssertNotNull(d = BN_new());
|
||||
|
||||
value[0] = 0x03;
|
||||
|
||||
AssertNotNull(ai = ASN1_INTEGER_new());
|
||||
ai = ASN1_INTEGER_new();
|
||||
AssertNotNull(ai);
|
||||
/* at the moment hard setting since no set function */
|
||||
ai->data[0] = 0x02; /* tag for ASN_INTEGER */
|
||||
ai->data[1] = 0x01; /* length of integer */
|
||||
|
@ -25206,9 +25256,11 @@ static void test_wolfSSL_set_options(void)
|
|||
SSL_CTX_free(ctx);
|
||||
|
||||
#ifndef NO_WOLFSSL_SERVER
|
||||
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
|
||||
ctx = SSL_CTX_new(wolfSSLv23_server_method());
|
||||
AssertNotNull(ctx);
|
||||
#else
|
||||
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
|
||||
ctx = SSL_CTX_new(wolfSSLv23_client_method());
|
||||
AssertNotNull(ctx);
|
||||
#endif
|
||||
AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile, SSL_FILETYPE_PEM));
|
||||
AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
|
||||
|
@ -26700,8 +26752,8 @@ static void test_wolfSSL_OBJ(void)
|
|||
*/
|
||||
AssertStrEQ((char*)buf_dyn, "www.wolfssl.com");
|
||||
OPENSSL_free(buf_dyn);
|
||||
|
||||
AssertTrue((bio = BIO_new(BIO_s_mem())) != NULL);
|
||||
bio = BIO_new(BIO_s_mem());
|
||||
AssertTrue(bio != NULL);
|
||||
for (j = 0; j < numNames; j++)
|
||||
{
|
||||
AssertNotNull(x509NameEntry = X509_NAME_get_entry(x509Name, j));
|
||||
|
@ -26722,7 +26774,8 @@ static void test_wolfSSL_OBJ(void)
|
|||
AssertTrue((boolRet = PKCS12_parse(p12, "wolfSSL test", &pkey, &x509, NULL)) > 0);
|
||||
wc_PKCS12_free(p12);
|
||||
EVP_PKEY_free(pkey);
|
||||
AssertNotNull((x509Name = X509_get_issuer_name(x509)) != NULL);
|
||||
x509Name = X509_get_issuer_name(x509);
|
||||
AssertNotNull(x509Name);
|
||||
AssertIntNE((numNames = X509_NAME_entry_count(x509Name)), 0);
|
||||
AssertTrue((bio = BIO_new(BIO_s_mem())) != NULL);
|
||||
for (j = 0; j < numNames; j++)
|
||||
|
@ -27326,7 +27379,8 @@ static void test_wolfSSL_BIO_should_retry(void)
|
|||
tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
|
||||
|
||||
/* force retry */
|
||||
AssertNotNull(ssl = wolfSSL_new(ctx));
|
||||
ssl = wolfSSL_new(ctx);
|
||||
AssertNotNull(ssl);
|
||||
AssertIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
|
||||
wolfSSL_SSLSetIORecv(ssl, forceWantRead);
|
||||
|
||||
|
@ -28554,8 +28608,8 @@ static void test_wolfSSL_DH_1536_prime(void)
|
|||
};
|
||||
|
||||
printf(testingFmt, "wolfSSL_DH_1536_prime()");
|
||||
|
||||
AssertNotNull(bn = get_rfc3526_prime_1536(NULL));
|
||||
bn = get_rfc3526_prime_1536(NULL);
|
||||
AssertNotNull(bn);
|
||||
AssertIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits));
|
||||
AssertIntEQ(0, XMEMCMP(expected, bits, sz));
|
||||
|
||||
|
@ -29461,9 +29515,10 @@ static void test_wolfSSL_get_ciphers_compat(void)
|
|||
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
|
||||
|
||||
printf(testingFmt, "wolfSSL_get_ciphers_compat");
|
||||
|
||||
AssertNotNull(method = SSLv23_client_method());
|
||||
AssertNotNull(ctx = SSL_CTX_new(method));
|
||||
method = SSLv23_client_method();
|
||||
AssertNotNull(method);
|
||||
ctx = SSL_CTX_new(method);
|
||||
AssertNotNull(ctx);
|
||||
|
||||
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
|
||||
SSL_CTX_set_verify_depth(ctx, 4);
|
||||
|
@ -31478,8 +31533,8 @@ static void test_wolfSSL_EVP_PKEY_sign(void)
|
|||
size_t rsaKeySz = 2048/8; /* Bytes */
|
||||
|
||||
printf(testingFmt, "wolfSSL_EVP_PKEY_sign()");
|
||||
|
||||
AssertNotNull(sig = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
|
||||
sig = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
AssertNotNull(sig);
|
||||
XMEMSET(sig, 0, rsaKeySz);
|
||||
AssertNotNull(sigVerify = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
|
||||
XMEMSET(sigVerify, 0, rsaKeySz);
|
||||
|
@ -33753,9 +33808,11 @@ static void test_stubs_are_stubs()
|
|||
WOLFSSL_CTX* ctx = NULL;
|
||||
WOLFSSL_CTX* ctxN = NULL;
|
||||
#ifndef NO_WOLFSSL_CLIENT
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
|
||||
ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
|
||||
AssertNotNull(ctx);
|
||||
#elif !defined(NO_WOLFSSL_SERVER)
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
|
||||
ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
|
||||
AssertNotNull(ctx);
|
||||
#else
|
||||
return;
|
||||
#endif
|
||||
|
|
|
@ -856,7 +856,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
|
|||
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
/* reset cipher state after final */
|
||||
wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
|
||||
ret = wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
|
|
@ -2122,6 +2122,7 @@ static byte* PKCS12_create_cert_content(WC_PKCS12* pkcs12, int nidCert,
|
|||
XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (ret < 0) {
|
||||
WOLFSSL_LEAVE("wc_PKCS12_create()", ret);
|
||||
XFREE(certCi, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return NULL;
|
||||
}
|
||||
*certCiSz = ret;
|
||||
|
|
|
@ -14443,6 +14443,7 @@ int dh_test(void)
|
|||
(void)tmp;
|
||||
(void)bytes;
|
||||
|
||||
XMEMSET(&rng, 0, sizeof(rng));
|
||||
/* Use API for coverage. */
|
||||
ret = wc_InitDhKey(&key);
|
||||
if (ret != 0) {
|
||||
|
@ -17214,13 +17215,17 @@ int openssl_evpSig_test(void)
|
|||
verf = EVP_MD_CTX_create();
|
||||
if((sign == NULL)||(verf == NULL)){
|
||||
printf("error with EVP_MD_CTX_create\n");
|
||||
EVP_MD_CTX_destroy(sign);
|
||||
EVP_MD_CTX_destroy(verf);
|
||||
return ERR_BASE_EVPSIG-10;
|
||||
}
|
||||
|
||||
ret = EVP_SignInit(sign, EVP_sha1());
|
||||
if(ret != SSL_SUCCESS){
|
||||
printf("error with EVP_SignInit\n");
|
||||
return ERR_BASE_EVPSIG-11;
|
||||
if (ret != SSL_SUCCESS){
|
||||
printf("error with EVP_SignInit\n");
|
||||
EVP_MD_CTX_destroy(sign);
|
||||
EVP_MD_CTX_destroy(verf);
|
||||
return ERR_BASE_EVPSIG-11;
|
||||
}
|
||||
|
||||
count = sizeof(msg);
|
||||
|
@ -17232,6 +17237,10 @@ int openssl_evpSig_test(void)
|
|||
ret1 = EVP_SignUpdate(sign, pt, count);
|
||||
ret2 = EVP_SignFinal(sign, sig, &sigSz, prvPkey);
|
||||
if((ret1 != SSL_SUCCESS) || (ret2 != SSL_SUCCESS)){
|
||||
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
EVP_MD_CTX_destroy(sign);
|
||||
EVP_MD_CTX_destroy(verf);
|
||||
printf("error with EVP_MD_CTX_create\n");
|
||||
return ERR_BASE_EVPSIG-12;
|
||||
}
|
||||
|
@ -17242,12 +17251,18 @@ int openssl_evpSig_test(void)
|
|||
ret1 = EVP_VerifyInit(verf, EVP_sha1());
|
||||
ret2 = EVP_VerifyUpdate(verf, pt, count);
|
||||
if((ret1 != SSL_SUCCESS) || (ret2 != SSL_SUCCESS)){
|
||||
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
EVP_MD_CTX_destroy(sign);
|
||||
EVP_MD_CTX_destroy(verf);
|
||||
printf("error with EVP_Verify\n");
|
||||
return ERR_BASE_EVPSIG-13;
|
||||
}
|
||||
if (EVP_VerifyFinal(verf, sig, sigSz, pubPkey) != 1) {
|
||||
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
EVP_MD_CTX_destroy(sign);
|
||||
EVP_MD_CTX_destroy(verf);
|
||||
printf("error with EVP_VerifyFinal\n");
|
||||
return ERR_BASE_EVPSIG-14;
|
||||
}
|
||||
|
@ -17257,6 +17272,8 @@ int openssl_evpSig_test(void)
|
|||
if (EVP_VerifyFinal(verf, sig, sigSz, pubPkey) == 1) {
|
||||
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
|
||||
EVP_MD_CTX_destroy(sign);
|
||||
EVP_MD_CTX_destroy(verf);
|
||||
printf("EVP_VerifyInit without update not detected\n");
|
||||
return ERR_BASE_EVPSIG-15;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue