diff --git a/tests/api.c b/tests/api.c
index c898dbf98..c2e5fe65e 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -7486,11 +7486,9 @@ static int test_wc_Sha384Copy (void)
}
}
-
wc_Sha384Free(&sha384);
wc_Sha384Free(&temp);
-
printf(resultFmt, flag == 0 ? passed : failed);
#endif
@@ -9043,9 +9041,7 @@ static int test_wc_Sha3_GetFlags (void)
ret = 0;
}
}
-
wc_Sha3_224_Free(&sha3);
-
printf(resultFmt, ret == 0 ? passed : failed);
#endif
@@ -9259,7 +9255,6 @@ static int test_wc_Shake256_Copy (void)
#endif
return ret;
-
} /* END test_wc_Shake256_Copy */
/*
* Unit test function for wc_Shake256Hash()
@@ -13219,13 +13214,13 @@ static int test_wc_RsaPrivateKeyDecode (void)
/* Test bad args. */
if (ret == 0) {
ret = wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes);
- if (ret == ASN_PARSE_E) {
+ if (ret == BAD_FUNC_ARG) {
ret = wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes);
}
if (ret == BAD_FUNC_ARG) {
ret = wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes);
}
- if (ret == ASN_PARSE_E) {
+ if (ret == BAD_FUNC_ARG) {
ret = 0;
} else {
ret = WOLFSSL_FATAL_ERROR;
@@ -27367,14 +27362,14 @@ static void test_wolfSSL_ERR_print_errors(void)
AssertNotNull(bio = BIO_new(BIO_s_mem()));
ERR_clear_error(); /* clear out any error nodes */
ERR_put_error(0,SYS_F_ACCEPT, -173, "ssl.c", 0);
- ERR_put_error(0,SYS_F_BIND, -275, "asn.c", 100);
+ ERR_put_error(0,SYS_F_BIND, -295, "asn.c", 100);
ERR_print_errors(bio);
AssertIntEQ(BIO_gets(bio, buf, sizeof(buf)), 56);
AssertIntEQ(XSTRNCMP("error:173:wolfSSL library:Bad function argument:ssl.c:0",
buf, 55), 0);
AssertIntEQ(BIO_gets(bio, buf, sizeof(buf)), 57);
- AssertIntEQ(XSTRNCMP("error:275:wolfSSL library:unknown error number:asn.c:100",
+ AssertIntEQ(XSTRNCMP("error:295:wolfSSL library:unknown error number:asn.c:100",
buf, 56), 0);
AssertIntEQ(BIO_gets(bio, buf, sizeof(buf)), 0);
AssertIntEQ(ERR_get_error_line(NULL, NULL), 0);
diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c
index a44ee72b3..cbe36bf1d 100644
--- a/wolfcrypt/src/aes.c
+++ b/wolfcrypt/src/aes.c
@@ -19,7 +19,15 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library provides the interfaces to the Advanced Encryption Standard (AES)
+for encrypting and decrypting data. AES is the standard known for a symmetric
+block cipher mechanism that uses n-bit binary string parameter key with 128-bits,
+192-bits, and 256-bits of key sizes.
+
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 9201ae576..e700d318e 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -19,7 +19,14 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library provides the interface to Abstract Syntax Notation One (ASN.1) objects.
+ASN.1 is a standard interface description language for defining data structures
+that can be serialized and deserialized in a cross-platform way.
+
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -2581,7 +2588,7 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
{
int version, length;
- if (inOutIdx == NULL) {
+ if (inOutIdx == NULL || input == NULL || key == NULL) {
return BAD_FUNC_ARG;
}
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
diff --git a/wolfcrypt/src/chacha.c b/wolfcrypt/src/chacha.c
index 38a1ede7d..15cea7387 100644
--- a/wolfcrypt/src/chacha.c
+++ b/wolfcrypt/src/chacha.c
@@ -18,15 +18,12 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-
/*
- * based from
- * chacha-ref.c version 20080118
- * D. J. Bernstein
- * Public domain.
- */
+DESCRIPTION
+This library contains implementation for the ChaCha20 stream cipher.
+*/
#ifdef WOLFSSL_ARMASM
/* implementation is located in wolfcrypt/src/port/arm/armv8-chacha.c */
@@ -112,25 +109,17 @@ int wc_Chacha_SetIV(ChaCha* ctx, const byte* inIv, word32 counter)
{
word32 temp[CHACHA_IV_WORDS];/* used for alignment of memory */
-#ifdef CHACHA_AEAD_TEST
- word32 i;
- printf("NONCE : ");
- for (i = 0; i < CHACHA_IV_BYTES; i++) {
- printf("%02x", inIv[i]);
- }
- printf("\n\n");
-#endif
- if (ctx == NULL)
+ if (ctx == NULL || inIv == NULL)
return BAD_FUNC_ARG;
XMEMCPY(temp, inIv, CHACHA_IV_BYTES);
ctx->left = 0; /* resets state */
- ctx->X[CHACHA_IV_BYTES+0] = counter; /* block counter */
- ctx->X[CHACHA_IV_BYTES+1] = LITTLE32(temp[0]); /* fixed variable from nonce */
- ctx->X[CHACHA_IV_BYTES+2] = LITTLE32(temp[1]); /* counter from nonce */
- ctx->X[CHACHA_IV_BYTES+3] = LITTLE32(temp[2]); /* counter from nonce */
+ ctx->X[CHACHA_MATRIX_CNT_IV+0] = counter; /* block counter */
+ ctx->X[CHACHA_MATRIX_CNT_IV+1] = LITTLE32(temp[0]); /* fixed variable from nonce */
+ ctx->X[CHACHA_MATRIX_CNT_IV+2] = LITTLE32(temp[1]); /* counter from nonce */
+ ctx->X[CHACHA_MATRIX_CNT_IV+3] = LITTLE32(temp[2]); /* counter from nonce */
return 0;
}
@@ -152,7 +141,7 @@ int wc_Chacha_SetKey(ChaCha* ctx, const byte* key, word32 keySz)
word32 alignKey[8];
#endif
- if (ctx == NULL)
+ if (ctx == NULL || key == NULL)
return BAD_FUNC_ARG;
if (keySz != (CHACHA_MAX_KEY_SZ/2) && keySz != CHACHA_MAX_KEY_SZ)
@@ -270,13 +259,13 @@ static void wc_Chacha_encrypt_bytes(ChaCha* ctx, const byte* m, byte* c,
wc_Chacha_wordtobyte(temp, ctx->X); /* recreate the stream */
output = (byte*)temp + CHACHA_CHUNK_BYTES - ctx->left;
for (i = 0; i < bytes && i < ctx->left; i++) {
- c[i] = m[i] ^ output[i];
+ c[i] = (byte)(m[i] ^ output[i]);
}
ctx->left = ctx->left - i;
/* Used up all of the stream that was left, increment the counter */
if (ctx->left == 0) {
- ctx->X[CHACHA_IV_BYTES] = PLUSONE(ctx->X[CHACHA_IV_BYTES]);
+ ctx->X[CHACHA_MATRIX_CNT_IV] = PLUSONE(ctx->X[CHACHA_MATRIX_CNT_IV]);
}
bytes = bytes - i;
c += i;
@@ -286,9 +275,9 @@ static void wc_Chacha_encrypt_bytes(ChaCha* ctx, const byte* m, byte* c,
output = (byte*)temp;
while (bytes >= CHACHA_CHUNK_BYTES) {
wc_Chacha_wordtobyte(temp, ctx->X);
- ctx->X[CHACHA_IV_BYTES] = PLUSONE(ctx->X[CHACHA_IV_BYTES]);
+ ctx->X[CHACHA_MATRIX_CNT_IV] = PLUSONE(ctx->X[CHACHA_MATRIX_CNT_IV]);
for (i = 0; i < CHACHA_CHUNK_BYTES; ++i) {
- c[i] = m[i] ^ output[i];
+ c[i] = (byte)(m[i] ^ output[i]);
}
bytes -= CHACHA_CHUNK_BYTES;
c += CHACHA_CHUNK_BYTES;
@@ -314,7 +303,7 @@ static void wc_Chacha_encrypt_bytes(ChaCha* ctx, const byte* m, byte* c,
int wc_Chacha_Process(ChaCha* ctx, byte* output, const byte* input,
word32 msglen)
{
- if (ctx == NULL)
+ if (ctx == NULL || input == NULL || output == NULL)
return BAD_FUNC_ARG;
#ifdef USE_INTEL_CHACHA_SPEEDUP
diff --git a/wolfcrypt/src/chacha20_poly1305.c b/wolfcrypt/src/chacha20_poly1305.c
index 64bc4c199..d2fcee007 100644
--- a/wolfcrypt/src/chacha20_poly1305.c
+++ b/wolfcrypt/src/chacha20_poly1305.c
@@ -18,8 +18,14 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library contains implementation for the ChaCha20 stream cipher and
+the Poly1305 authenticator, both as as combined-mode,
+or Authenticated Encryption with Additional Data (AEAD) algorithm.
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
@@ -141,7 +147,7 @@ int wc_ChaCha20Poly1305_Init(ChaChaPoly_Aead* aead,
/* setup aead context */
XMEMSET(aead, 0, sizeof(ChaChaPoly_Aead));
XMEMSET(authKey, 0, sizeof(authKey));
- aead->isEncrypt = isEncrypt;
+ aead->isEncrypt = (byte)isEncrypt;
/* Initialize the ChaCha20 context (key and iv) */
ret = wc_Chacha_SetKey(&aead->chacha, inKey,
@@ -189,6 +195,8 @@ int wc_ChaCha20Poly1305_UpdateAad(ChaChaPoly_Aead* aead,
aead->state != CHACHA20_POLY1305_STATE_AAD) {
return BAD_STATE_E;
}
+ if (inAADLen > CHACHA20_POLY1305_MAX - aead->aadLen)
+ return CHACHA_POLY_OVERFLOW;
if (inAAD && inAADLen > 0) {
ret = wc_Poly1305Update(&aead->poly, inAAD, inAADLen);
@@ -215,6 +223,8 @@ int wc_ChaCha20Poly1305_UpdateData(ChaChaPoly_Aead* aead,
aead->state != CHACHA20_POLY1305_STATE_DATA) {
return BAD_STATE_E;
}
+ if (dataLen > CHACHA20_POLY1305_MAX - aead->dataLen)
+ return CHACHA_POLY_OVERFLOW;
/* Pad the AAD */
if (aead->state == CHACHA20_POLY1305_STATE_AAD) {
@@ -261,7 +271,7 @@ int wc_ChaCha20Poly1305_Final(ChaChaPoly_Aead* aead,
ret = wc_Poly1305_Pad(&aead->poly, aead->aadLen);
}
- /* Pad the ciphertext to 16 bytes */
+ /* Pad the plaintext/ciphertext to 16 bytes */
if (ret == 0) {
ret = wc_Poly1305_Pad(&aead->poly, aead->dataLen);
}
diff --git a/wolfcrypt/src/error.c b/wolfcrypt/src/error.c
index 87ded35d6..b9ec96085 100644
--- a/wolfcrypt/src/error.c
+++ b/wolfcrypt/src/error.c
@@ -512,6 +512,9 @@ const char* wc_GetErrorString(int error)
case PSS_SALTLEN_RECOVER_E:
return "PSS - Salt length unable to be recovered";
+ case CHACHA_POLY_OVERFLOW:
+ return "wolfcrypt - ChaCha20_Poly1305 limit overflow 4GB";
+
case ASN_SELF_SIGNED_E:
return "ASN self-signed certificate error";
diff --git a/wolfcrypt/src/misc.c b/wolfcrypt/src/misc.c
index 7ff7eb01f..fe66ee0a1 100644
--- a/wolfcrypt/src/misc.c
+++ b/wolfcrypt/src/misc.c
@@ -18,8 +18,13 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This module implements the arithmetic-shift right, left, byte swapping, XOR,
+masking and clearing memory logic.
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -77,13 +82,14 @@
}
#else /* generic */
+/* This routine performs a left circular arithmetic shift of <x> by <y> value. */
WC_STATIC WC_INLINE word32 rotlFixed(word32 x, word32 y)
{
return (x << y) | (x >> (sizeof(y) * 8 - y));
}
-
+/* This routine performs a right circular arithmetic shift of <x> by <y> value. */
WC_STATIC WC_INLINE word32 rotrFixed(word32 x, word32 y)
{
return (x >> y) | (x << (sizeof(y) * 8 - y));
@@ -91,7 +97,7 @@
#endif
-
+/* This routine performs a byte swap of 32-bit word value. */
WC_STATIC WC_INLINE word32 ByteReverseWord32(word32 value)
{
#ifdef PPC_INTRINSICS
@@ -114,8 +120,8 @@ WC_STATIC WC_INLINE word32 ByteReverseWord32(word32 value)
return rotlFixed(value, 16U);
#endif
}
-
-
+#if defined(LITTLE_ENDIAN_ORDER)
+/* This routine performs a byte swap of words array of a given count. */
WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
word32 byteCount)
{
@@ -125,7 +131,7 @@ WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
out[i] = ByteReverseWord32(in[i]);
}
-
+#endif /* LITTLE_ENDIAN_ORDER */
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS)
@@ -172,6 +178,8 @@ WC_STATIC WC_INLINE void ByteReverseWords64(word64* out, const word64* in,
#endif /* WORD64_AVAILABLE && !WOLFSSL_NO_WORD64_OPS */
#ifndef WOLFSSL_NO_XOR_OPS
+/* This routine performs a bitwise XOR operation of <*r> and <*a> for <n> number
+of wolfssl_words, placing the result in <*r>. */
WC_STATIC WC_INLINE void XorWords(wolfssl_word* r, const wolfssl_word* a, word32 n)
{
word32 i;
@@ -179,6 +187,8 @@ WC_STATIC WC_INLINE void XorWords(wolfssl_word* r, const wolfssl_word* a, word32
for (i = 0; i < n; i++) r[i] ^= a[i];
}
+/* This routine performs a bitwise XOR operation of <*buf> and <*mask> of n
+counts, placing the result in <*buf>. */
WC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count)
{
@@ -196,7 +206,8 @@ WC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count)
#endif
#ifndef WOLFSSL_NO_FORCE_ZERO
-/* Make sure compiler doesn't skip */
+/* This routine fills the first len bytes of the memory area pointed by mem
+ with zeros. It ensures compiler optimizations doesn't skip it */
WC_STATIC WC_INLINE void ForceZero(const void* mem, word32 len)
{
volatile byte* z = (volatile byte*)mem;
@@ -242,6 +253,7 @@ WC_STATIC WC_INLINE int ConstantCompare(const byte* a, const byte* b, int length
#if defined(HAVE_FIPS) && !defined(min) /* so ifdef check passes */
#define min min
#endif
+ /* returns the smaller of a and b */
WC_STATIC WC_INLINE word32 min(word32 a, word32 b)
{
return a > b ? b : a;
@@ -323,7 +335,7 @@ WC_STATIC WC_INLINE word32 btoi(byte b)
/* Constant time - mask set when a > b. */
WC_STATIC WC_INLINE byte ctMaskGT(int a, int b)
{
- return (((word32)a - b - 1) >> 31) - 1;
+ return ((byte)(((word32)a - b - 1) >> 31) - 1);
}
/* Constant time - mask set when a >= b. */
@@ -356,16 +368,19 @@ WC_STATIC WC_INLINE byte ctMaskEq(int a, int b)
return (~ctMaskGT(a, b)) & (~ctMaskLT(a, b));
}
+/* Constant time - sets 16 bit integer mask when a > b */
WC_STATIC WC_INLINE word16 ctMask16GT(int a, int b)
{
return (((word32)a - b - 1) >> 31) - 1;
}
+/* Constant time - sets 16 bit integer mask when a < b. */
WC_STATIC WC_INLINE word16 ctMask16LT(int a, int b)
{
return (((word32)b - a - 1) >> 31) - 1;
}
+/* Constant time - sets 16 bit integer mask when a == b. */
WC_STATIC WC_INLINE word16 ctMask16Eq(int a, int b)
{
return (~ctMask16GT(a, b)) & (~ctMask16LT(a, b));
diff --git a/wolfcrypt/src/poly1305.c b/wolfcrypt/src/poly1305.c
index 651664884..cca381490 100644
--- a/wolfcrypt/src/poly1305.c
+++ b/wolfcrypt/src/poly1305.c
@@ -18,11 +18,12 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
-
/*
- * Based off the public domain implementations by Andrew Moon
- * and Daniel J. Bernstein
- */
+
+DESCRIPTION
+This library contains implementation for the Poly1305 authenticator.
+
+*/
#ifdef HAVE_CONFIG_H
@@ -228,11 +229,11 @@ extern void poly1305_final_avx2(Poly1305* ctx, byte* mac);
}
static void U32TO8(byte *p, word32 v) {
- p[0] = (v ) & 0xff;
- p[1] = (v >> 8) & 0xff;
- p[2] = (v >> 16) & 0xff;
- p[3] = (v >> 24) & 0xff;
- }
+ p[0] = (byte)((v ) & 0xff);
+ p[1] = (byte)((v >> 8) & 0xff);
+ p[2] = (byte)((v >> 16) & 0xff);
+ p[3] = (byte)((v >> 24) & 0xff);
+}
#endif
/* convert 32-bit unsigned to little endian 64 bit type as byte array */
@@ -254,7 +255,11 @@ static WC_INLINE void u32tole64(const word32 inLe32, byte outLe64[8])
#if !defined(WOLFSSL_ARMASM) || !defined(__aarch64__)
-void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
+/*
+This local function operates on a message with a given number of bytes
+with a given ctx pointer to a Poly1305 structure.
+*/
+static void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
size_t bytes)
{
#ifdef USE_INTEL_SPEEDUP
@@ -378,7 +383,11 @@ void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
#endif /* end of 64 bit cpu blocks or 32 bit cpu */
}
-void poly1305_block(Poly1305* ctx, const unsigned char *m)
+/*
+This local function is used for the last call when a message with a given
+number of bytes is less than the block size.
+*/
+static void poly1305_block(Poly1305* ctx, const unsigned char *m)
{
#ifdef USE_INTEL_SPEEDUP
/* No call to poly1305_block when AVX2, AVX2 does 4 blocks at a time. */
@@ -494,7 +503,7 @@ int wc_Poly1305Final(Poly1305* ctx, byte* mac)
#endif
- if (ctx == NULL)
+ if (ctx == NULL || mac == NULL)
return BAD_FUNC_ARG;
#ifdef USE_INTEL_SPEEDUP
@@ -663,6 +672,13 @@ int wc_Poly1305Update(Poly1305* ctx, const byte* m, word32 bytes)
{
size_t i;
+ if (ctx == NULL || (m == NULL && bytes > 0))
+ return BAD_FUNC_ARG;
+
+ if (bytes == 0) {
+ /* valid, but do nothing */
+ return 0;
+ }
#ifdef CHACHA_AEAD_TEST
word32 k;
printf("Raw input to poly:\n");
@@ -673,8 +689,7 @@ int wc_Poly1305Update(Poly1305* ctx, const byte* m, word32 bytes)
}
printf("\n");
#endif
-
- if (ctx == NULL)
+ if (ctx == NULL || (m == NULL && bytes > 0))
return BAD_FUNC_ARG;
#ifdef USE_INTEL_SPEEDUP
diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c
index dfec75316..69edb1808 100644
--- a/wolfcrypt/src/random.c
+++ b/wolfcrypt/src/random.c
@@ -19,7 +19,12 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library contains implementation for the random number generator.
+
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -487,7 +492,7 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
return DRBG_CONT_FAILURE;
}
else {
- if (i == len) {
+ if (i == (len-1)) {
len++;
}
drbg->matchCount = 1;
@@ -511,6 +516,10 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
}
}
}
+ else {
+ /* wc_Sha256Update or wc_Sha256Final returned error */
+ break;
+ }
}
ForceZero(data, sizeof(data));
@@ -614,7 +623,7 @@ static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
const byte* nonce, word32 nonceSz,
void* heap, int devId)
{
- int ret;
+ int ret = DRBG_FAILURE;
XMEMSET(drbg, 0, sizeof(DRBG));
#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
@@ -645,9 +654,6 @@ static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
drbg->matchCount = 0;
ret = DRBG_SUCCESS;
}
- else {
- ret = DRBG_FAILURE;
- }
return ret;
}
@@ -674,7 +680,7 @@ static int Hash_DRBG_Uninstantiate(DRBG* drbg)
int wc_RNG_TestSeed(const byte* seed, word32 seedSz)
{
- int ret = DRBG_SUCCESS;
+ int ret = 0;
/* Check the seed for duplicate words. */
word32 seedIdx = 0;
@@ -700,7 +706,7 @@ int wc_RNG_TestSeed(const byte* seed, word32 seedSz)
static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
void* heap, int devId)
{
- int ret = RNG_FAILURE_E;
+ int ret = 0;
#ifdef HAVE_HASHDRBG
word32 seedSz = SEED_SZ + SEED_BLOCK_SZ;
#endif
@@ -773,6 +779,10 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
rng->drbg =
(struct DRBG*)XMALLOC(sizeof(DRBG), rng->heap,
DYNAMIC_TYPE_RNG);
+ if (rng->drbg == NULL) {
+ ret = MEMORY_E;
+ rng->status = DRBG_FAILED;
+ }
#else
/* compile-time validation of drbg_data size */
typedef char drbg_data_test[sizeof(rng->drbg_data) >=
@@ -780,16 +790,14 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz,
(void)sizeof(drbg_data_test);
rng->drbg = (struct DRBG*)rng->drbg_data;
#endif
-
- if (rng->drbg == NULL) {
- ret = MEMORY_E;
- }
- else {
+ if (ret == 0) {
ret = wc_GenerateSeed(&rng->seed, seed, seedSz);
- if (ret != 0)
- ret = DRBG_FAILURE;
- else
+ if (ret == 0)
ret = wc_RNG_TestSeed(seed, seedSz);
+ else {
+ ret = DRBG_FAILURE;
+ rng->status = DRBG_FAILED;
+ }
if (ret == DRBG_SUCCESS)
ret = Hash_DRBG_Instantiate(rng->drbg,
@@ -2350,7 +2358,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
#endif
#include "r_bsp/platform.h"
#include "r_tsip_rx_if.h"
-
+
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int ret;
@@ -2358,7 +2366,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
while (sz > 0) {
uint32_t len = sizeof(buffer);
-
+
if (sz < len) {
len = sz;
}
diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c
index b36678325..59fca0f0a 100644
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -19,7 +19,13 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library provides the interface to the RSA.
+RSA keys can be used to encrypt, decrypt, sign and verify data.
+
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -605,59 +611,61 @@ int wc_CheckRsaKey(RsaKey* key)
if (mp_set_int(k, 0x2342) != MP_OKAY)
ret = MP_READ_E;
}
-
#ifdef WOLFSSL_HAVE_SP_RSA
-#ifndef WOLFSSL_SP_NO_2048
- if (mp_count_bits(&key->n) == 2048) {
- ret = sp_ModExp_2048(k, &key->e, &key->n, tmp);
- if (ret != 0)
- ret = MP_EXPTMOD_E;
- ret = sp_ModExp_2048(tmp, &key->d, &key->n, tmp);
- if (ret != 0)
- ret = MP_EXPTMOD_E;
- }
- else
-#endif
-#ifndef WOLFSSL_SP_NO_3072
- if (mp_count_bits(&key->n) == 3072) {
- ret = sp_ModExp_3072(k, &key->e, &key->n, tmp);
- if (ret != 0)
- ret = MP_EXPTMOD_E;
- ret = sp_ModExp_3072(tmp, &key->d, &key->n, tmp);
- if (ret != 0)
- ret = MP_EXPTMOD_E;
- }
- else
-#endif
-#ifdef WOLFSSL_SP_4096
- if (mp_count_bits(&key->n) == 4096) {
- ret = sp_ModExp_4096(k, &key->e, &key->n, tmp);
- if (ret != 0)
- ret = MP_EXPTMOD_E;
- ret = sp_ModExp_4096(tmp, &key->d, &key->n, tmp);
- if (ret != 0)
- ret = MP_EXPTMOD_E;
- }
- else
-#endif
-#endif
-#ifdef WOLFSSL_SP_MATH
- {
- ret = WC_KEY_SIZE_E;
- }
-#else
- {
- if (ret == 0) {
- if (mp_exptmod(k, &key->e, &key->n, tmp) != MP_OKAY)
- ret = MP_EXPTMOD_E;
+ if (ret == 0) {
+ switch (mp_count_bits(&key->n)) {
+ #ifndef WOLFSSL_SP_NO_2048
+ case 2048:
+ ret = sp_ModExp_2048(k, &key->e, &key->n, tmp);
+ if (ret != 0)
+ ret = MP_EXPTMOD_E;
+ if (ret == 0) {
+ ret = sp_ModExp_2048(tmp, &key->d, &key->n, tmp);
+ if (ret != 0)
+ ret = MP_EXPTMOD_E;
+ }
+ break;
+ #endif /* WOLFSSL_SP_NO_2048 */
+ #ifndef WOLFSSL_SP_NO_3072
+ case 3072:
+ ret = sp_ModExp_3072(k, &key->e, &key->n, tmp);
+ if (ret != 0)
+ ret = MP_EXPTMOD_E;
+ if (ret == 0) {
+ ret = sp_ModExp_3072(tmp, &key->d, &key->n, tmp);
+ if (ret != 0)
+ ret = MP_EXPTMOD_E;
+ }
+ break;
+ #endif /* WOLFSSL_SP_NO_3072 */
+ #ifdef WOLFSSL_SP_4096
+ case 4096:
+ ret = sp_ModExp_4096(k, &key->e, &key->n, tmp);
+ if (ret != 0)
+ ret = MP_EXPTMOD_E;
+ if (ret == 0) {
+ ret = sp_ModExp_4096(tmp, &key->d, &key->n, tmp);
+ if (ret != 0)
+ ret = MP_EXPTMOD_E;
+ }
+ break;
+ #endif /* WOLFSSL_SP_4096 */
+ default:
+ ret = WC_KEY_SIZE_E;
}
+ }
+#endif /* WOLFSSL_HAVE_SP_RSA */
+#ifndef WOLFSSL_SP_MATH
+ if (ret == 0) {
+ if (mp_exptmod(k, &key->e, &key->n, tmp) != MP_OKAY)
+ ret = MP_EXPTMOD_E;
+ }
- if (ret == 0) {
- if (mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY)
- ret = MP_EXPTMOD_E;
- }
+ if (ret == 0) {
+ if (mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY)
+ ret = MP_EXPTMOD_E;
}
-#endif
+#endif /* !WOLFSSL_SP_MATH */
if (ret == 0) {
if (mp_cmp(k, tmp) != MP_EQ)
@@ -815,10 +823,10 @@ static int RsaMGF1(enum wc_HashType hType, byte* seed, word32 seedSz,
XMEMCPY(tmp, seed, seedSz);
/* counter to byte array appended to tmp */
- tmp[seedSz] = (counter >> 24) & 0xFF;
- tmp[seedSz + 1] = (counter >> 16) & 0xFF;
- tmp[seedSz + 2] = (counter >> 8) & 0xFF;
- tmp[seedSz + 3] = (counter) & 0xFF;
+ tmp[seedSz] = (byte)((counter >> 24) & 0xFF);
+ tmp[seedSz + 1] = (byte)((counter >> 16) & 0xFF);
+ tmp[seedSz + 2] = (byte)((counter >> 8) & 0xFF);
+ tmp[seedSz + 3] = (byte)((counter) & 0xFF);
/* hash and append to existing output */
if ((ret = wc_Hash(hType, tmp, (seedSz + 4), tmp, tmpSz)) != 0) {
@@ -1124,6 +1132,9 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock,
hiBits = (bits - 1) & 0x7;
if (hiBits == 0) {
+ /* Per RFC8017, set the leftmost 8emLen - emBits bits of the
+ leftmost octet in DB to zero.
+ */
*(pkcsBlock++) = 0;
pkcsBlockLen--;
}
@@ -1160,7 +1171,6 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock,
if ((int)pkcsBlockLen - hLen < saltLen + 2) {
return PSS_SALTLEN_E;
}
-
maskLen = pkcsBlockLen - 1 - hLen;
#if defined(WOLFSSL_PSS_LONG_SALT) || defined(WOLFSSL_PSS_SALT_LEN_DISCOVER)
@@ -1203,12 +1213,16 @@ static int RsaPad_PSS(const byte* input, word32 inputLen, byte* pkcsBlock,
ret = wc_Hash(hType, s, (word32)(m - s), pkcsBlock + maskLen, hLen);
}
if (ret == 0) {
+ /* Set the last eight bits or trailer field to the octet 0xbc */
pkcsBlock[pkcsBlockLen - 1] = RSA_PSS_PAD_TERM;
ret = RsaMGF(mgf, pkcsBlock + maskLen, hLen, pkcsBlock, maskLen, heap);
}
if (ret == 0) {
- pkcsBlock[0] &= (1 << hiBits) - 1;
+ /* Clear the first high bit when "8emLen - emBits" is non-zero.
+ where emBits = n modBits - 1 */
+ if (hiBits)
+ pkcsBlock[0] &= (1 << hiBits) - 1;
m = pkcsBlock + maskLen - saltLen - 1;
*(m++) ^= 0x01;
@@ -1237,15 +1251,15 @@ static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
return BAD_FUNC_ARG;
}
+ if (pkcsBlockLen - RSA_MIN_PAD_SZ < inputLen) {
+ WOLFSSL_MSG("RsaPad error, invalid length");
+ return RSA_PAD_E;
+ }
pkcsBlock[0] = 0x0; /* set first byte to zero and advance */
pkcsBlock++; pkcsBlockLen--;
pkcsBlock[0] = padValue; /* insert padValue */
if (padValue == RSA_BLOCK_TYPE_1) {
- if (pkcsBlockLen < inputLen + 2) {
- WOLFSSL_MSG("RsaPad error, invalid length");
- return RSA_PAD_E;
- }
/* pad with 0xff bytes */
XMEMSET(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2);
@@ -1255,12 +1269,6 @@ static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
/* pad with non-zero random bytes */
word32 padLen, i;
int ret;
-
- if (pkcsBlockLen < inputLen + 1) {
- WOLFSSL_MSG("RsaPad error, invalid length");
- return RSA_PAD_E;
- }
-
padLen = pkcsBlockLen - inputLen - 1;
ret = wc_RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);
if (ret != 0) {
@@ -1457,9 +1465,10 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen,
* saltLen Length of salt to put in padding.
* bits Length of key in bits.
* heap Used for dynamic memory allocation.
- * returns 0 on success, PSS_SALTLEN_E when the salt length is invalid,
- * BAD_PADDING_E when the padding is not valid, MEMORY_E when allocation fails
- * and other negative values on error.
+ * returns the sum of salt length and SHA-256 digest size on success.
+ * Otherwise, PSS_SALTLEN_E for an incorrect salt length,
+ * WC_KEY_SIZE_E for an incorrect encoded message (EM) size
+ and other negative values on error.
*/
static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
byte **output, enum wc_HashType hType, int mgf,
@@ -2659,7 +2668,7 @@ int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
#endif
if (mp_init(c) != MP_OKAY)
- ret = MEMORY_E;
+ ret = MP_INIT_E;
if (ret == 0) {
if (mp_read_unsigned_bin(c, in, inLen) != 0)
ret = MP_READ_E;
diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c
index 2b2521bbd..e9d0a5e2a 100644
--- a/wolfcrypt/src/sha256.c
+++ b/wolfcrypt/src/sha256.c
@@ -19,6 +19,16 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/* For more info on the algorithm, see https://tools.ietf.org/html/rfc6234 */
+/*
+
+DESCRIPTION
+This library provides the interface to SHA-256 secure hash algorithms.
+SHA-256 performs processing on message blocks to produce a final hash digest
+output. It can be used to hash a message, M, having a length of L bits,
+where 0 <= L < 2^64.
+
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
diff --git a/wolfcrypt/src/sp_int.c b/wolfcrypt/src/sp_int.c
index 396c57b5e..f25a7dd74 100644
--- a/wolfcrypt/src/sp_int.c
+++ b/wolfcrypt/src/sp_int.c
@@ -21,6 +21,11 @@
/* Implementation by Sean Parkinson. */
+/*
+DESCRIPTION
+This library provides single precision (SP) integer math functions.
+
+*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@@ -178,20 +183,23 @@ int sp_unsigned_bin_size(sp_int* a)
* a SP integer.
* in Array of bytes.
* inSz Number of data bytes in array.
- * returns BAD_FUNC_ARG when the number is too big to fit in an SP and
+ * returns MP_VAL when the number is too big to fit in an SP and
MP_OKAY otherwise.
*/
-int sp_read_unsigned_bin(sp_int* a, const byte* in, int inSz)
+int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz)
{
int err = MP_OKAY;
int i, j = 0, k;
/* Extra digit added to SP_INT_DIGITS to be used in calculations. */
- if (inSz > (SP_INT_DIGITS - 1) * (int)sizeof(a->dp[0])) {
+ if (inSz > SP_INT_DIGITS * (int)sizeof(a->dp[0])) {
err = MP_VAL;
}
-
- if (err == MP_OKAY) {
+ else if (inSz == 0) {
+ XMEMSET(a->dp, 0, a->size * sizeof(*a->dp));
+ a->used = 0;
+ }
+ else {
for (i = inSz-1; i >= (SP_WORD_SIZE/8); i -= (SP_WORD_SIZE/8), j++) {
a->dp[j] = (((sp_int_digit)in[i-0]) << (0*8))
| (((sp_int_digit)in[i-1]) << (1*8))
@@ -212,9 +220,9 @@ int sp_read_unsigned_bin(sp_int* a, const byte* in, int inSz)
}
}
a->used = j + 1;
- }
- sp_clamp(a);
+ sp_clamp(a);
+ }
return err;
}
@@ -1019,12 +1027,27 @@ int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r)
int i = 0;
sp_int_digit t;
+ if (a == NULL || r == NULL || a->used > SP_INT_DIGITS)
+ return BAD_FUNC_ARG;
+
r->used = a->used;
- if (a->used == 0) {
- r->used = d > 0;
+
+ if (d == 0) {
+ /*copy the content of <a> to <r>*/
+ for (; i < a->used; i++)
+ r->dp[i] = a->dp[i];
+
+ return MP_OKAY;
}
- t = a->dp[0] + d;
- if (t < a->dp[0]) {
+
+ if (a->used == 0) {
+ r->used = 1;
+ t = d;
+ }
+ else
+ t = a->dp[0] + d;
+
+ if (a->used != 0 && t < a->dp[0]) {
for (++i; i < a->used; i++) {
r->dp[i] = a->dp[i] + 1;
if (r->dp[i] != 0) {
@@ -1033,19 +1056,20 @@ int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r)
}
if (i == a->used) {
r->used++;
- r->dp[i] = 1;
+ if (i < SP_INT_DIGITS)
+ r->dp[i] = 1;
+ else
+ return MP_VAL;
}
}
r->dp[0] = t;
- if (r != a) {
- for (++i; i < a->used; i++) {
- r->dp[i] = a->dp[i];
- }
- }
+ for (++i; i < a->used; i++)
+ r->dp[i] = a->dp[i];
return MP_OKAY;
}
+
#if !defined(NO_DH) || defined(HAVE_ECC) || defined(WC_RSA_BLINDING) || \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
/* Left shift the big number by a number of digits.
diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h
index 15d3ee601..e8bdcfc2e 100644
--- a/wolfssl/wolfcrypt/aes.h
+++ b/wolfssl/wolfcrypt/aes.h
@@ -22,8 +22,15 @@
/*!
\file wolfssl/wolfcrypt/aes.h
*/
+/*
+DESCRIPTION
+This library provides the interfaces to the Advanced Encryption Standard (AES)
+for encrypting and decrypting data. AES is the standard known for a symmetric
+block cipher mechanism that uses n-bit binary string parameter key with 128-bits,
+192-bits, and 256-bits of key sizes.
+*/
#ifndef WOLF_CRYPT_AES_H
#define WOLF_CRYPT_AES_H
diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h
index bd2a2a1ee..877e5dcf7 100644
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -23,6 +23,14 @@
\file wolfssl/wolfcrypt/asn.h
*/
+/*
+
+DESCRIPTION
+This library provides the interface to Abstract Syntax Notation One (ASN.1) objects.
+ASN.1 is a standard interface description language for defining data structures
+that can be serialized and deserialized in a cross-platform way.
+
+*/
#ifndef WOLF_CRYPT_ASN_H
#define WOLF_CRYPT_ASN_H
diff --git a/wolfssl/wolfcrypt/asn_public.h b/wolfssl/wolfcrypt/asn_public.h
index 393780036..f5a29435d 100644
--- a/wolfssl/wolfcrypt/asn_public.h
+++ b/wolfssl/wolfcrypt/asn_public.h
@@ -23,6 +23,11 @@
\file wolfssl/wolfcrypt/asn_public.h
*/
+/*
+DESCRIPTION
+This library defines the interface APIs for X509 certificates.
+
+*/
#ifndef WOLF_CRYPT_ASN_PUBLIC_H
#define WOLF_CRYPT_ASN_PUBLIC_H
diff --git a/wolfssl/wolfcrypt/chacha.h b/wolfssl/wolfcrypt/chacha.h
index 72fc58280..82bdd7a65 100644
--- a/wolfssl/wolfcrypt/chacha.h
+++ b/wolfssl/wolfcrypt/chacha.h
@@ -18,7 +18,12 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library contains implementation for the ChaCha20 stream cipher.
+
+*/
/*!
\file wolfssl/wolfcrypt/chacha.h
*/
@@ -35,9 +40,21 @@
extern "C" {
#endif
+/*
+Initialization vector starts at 13 with zero being the index origin of a matrix.
+Block counter is located at index 12.
+ 0 1 2 3
+ 4 5 6 7
+ 8 9 10 11
+ 12 13 14 15
+*/
+#define CHACHA_MATRIX_CNT_IV 12
+
/* Size of the IV */
#define CHACHA_IV_WORDS 3
-#define CHACHA_IV_BYTES (CHACHA_IV_WORDS * sizeof(word32))
+
+/* Size of IV in bytes*/
+#define CHACHA_IV_BYTES 12
/* Size of ChaCha chunks */
#define CHACHA_CHUNK_WORDS 16
diff --git a/wolfssl/wolfcrypt/chacha20_poly1305.h b/wolfssl/wolfcrypt/chacha20_poly1305.h
index 7d2b1aa2a..d72514c5a 100644
--- a/wolfssl/wolfcrypt/chacha20_poly1305.h
+++ b/wolfssl/wolfcrypt/chacha20_poly1305.h
@@ -18,12 +18,14 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library contains implementation for the ChaCha20 stream cipher and
+the Poly1305 authenticator, both as as combined-mode,
+or Authenticated Encryption with Additional Data (AEAD) algorithm.
-/* This implementation of the ChaCha20-Poly1305 AEAD is based on "ChaCha20
- * and Poly1305 for IETF protocols" (draft-irtf-cfrg-chacha20-poly1305-10):
- * https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10
- */
+*/
/*!
\file wolfssl/wolfcrypt/chacha20_poly1305.h
@@ -45,6 +47,7 @@
#define CHACHA20_POLY1305_AEAD_KEYSIZE 32
#define CHACHA20_POLY1305_AEAD_IV_SIZE 12
#define CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE 16
+#define CHACHA20_POLY1305_MAX 4294967295U
enum {
CHACHA20_POLY_1305_ENC_TYPE = 8, /* cipher unique type */
diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h
index 445611aef..2cf6fcca7 100644
--- a/wolfssl/wolfcrypt/error-crypt.h
+++ b/wolfssl/wolfcrypt/error-crypt.h
@@ -22,6 +22,11 @@
/*!
\file wolfssl/wolfcrypt/error-crypt.h
*/
+/*
+DESCRIPTION
+This library defines error codes and contians routines for setting and examining
+the error status.
+*/
#ifndef WOLF_CRYPT_ERROR_H
#define WOLF_CRYPT_ERROR_H
@@ -227,10 +232,10 @@ enum {
CRYPTOCB_UNAVAILABLE= -271, /* Crypto callback unavailable */
PKCS7_SIGNEEDS_CHECK= -272, /* signature needs verified by caller */
PSS_SALTLEN_RECOVER_E=-273, /* PSS slat length not recoverable */
+ CHACHA_POLY_OVERFLOW =-274, /* ChaCha20Poly1305 limit overflow */
+ ASN_SELF_SIGNED_E = -275, /* ASN self-signed certificate error */
- ASN_SELF_SIGNED_E = -274, /* ASN self-signed certificate error */
-
- WC_LAST_E = -274, /* Update this to indicate last error */
+ WC_LAST_E = -275, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes
diff --git a/wolfssl/wolfcrypt/misc.h b/wolfssl/wolfcrypt/misc.h
index d5237dec0..10011eb40 100644
--- a/wolfssl/wolfcrypt/misc.h
+++ b/wolfssl/wolfcrypt/misc.h
@@ -18,9 +18,13 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This module implements the arithmetic-shift right, left, byte swapping, XOR,
+masking and clearing memory logic.
-
+*/
#ifndef WOLF_CRYPT_MISC_H
#define WOLF_CRYPT_MISC_H
diff --git a/wolfssl/wolfcrypt/poly1305.h b/wolfssl/wolfcrypt/poly1305.h
index 981ce49a1..fc84b5187 100644
--- a/wolfssl/wolfcrypt/poly1305.h
+++ b/wolfssl/wolfcrypt/poly1305.h
@@ -119,9 +119,6 @@ WOLFSSL_API int wc_Poly1305_EncodeSizes(Poly1305* ctx, word32 aadSz, word32 data
WOLFSSL_API int wc_Poly1305_MAC(Poly1305* ctx, byte* additional, word32 addSz,
byte* input, word32 sz, byte* tag, word32 tagSz);
-void poly1305_block(Poly1305* ctx, const unsigned char *m);
-void poly1305_blocks(Poly1305* ctx, const unsigned char *m,
- size_t bytes);
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h
index 3965dc450..8feee70d4 100644
--- a/wolfssl/wolfcrypt/rsa.h
+++ b/wolfssl/wolfcrypt/rsa.h
@@ -23,7 +23,13 @@
\file wolfssl/wolfcrypt/rsa.h
*/
+/*
+DESCRIPTION
+This library provides the interface to the RSA.
+RSA keys can be used to encrypt, decrypt, sign and verify data.
+
+*/
#ifndef WOLF_CRYPT_RSA_H
#define WOLF_CRYPT_RSA_H
@@ -280,8 +286,9 @@ WOLFSSL_API int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
RsaKey*, word32);
WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
const byte* e, word32 eSz, RsaKey* key);
-WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
-
+#ifdef WOLFSSL_KEY_GEN
+ WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
+#endif
#ifdef WC_RSA_BLINDING
WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
diff --git a/wolfssl/wolfcrypt/sp_int.h b/wolfssl/wolfcrypt/sp_int.h
index ef0ebbb0a..f01c1d04b 100644
--- a/wolfssl/wolfcrypt/sp_int.h
+++ b/wolfssl/wolfcrypt/sp_int.h
@@ -19,7 +19,11 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library provides single precision (SP) integer math functions.
+*/
#ifndef WOLF_CRYPT_SP_INT_H
#define WOLF_CRYPT_SP_INT_H
@@ -187,7 +191,7 @@ MP_API int sp_init_multi(sp_int* a, sp_int* b, sp_int* c, sp_int* d,
sp_int* e, sp_int* f);
MP_API void sp_clear(sp_int* a);
MP_API int sp_unsigned_bin_size(sp_int* a);
-MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, int inSz);
+MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz);
MP_API int sp_read_radix(sp_int* a, const char* in, int radix);
MP_API int sp_cmp(sp_int* a, sp_int* b);
MP_API int sp_count_bits(sp_int* a);
diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h
index c5329164a..5301e161e 100644
--- a/wolfssl/wolfcrypt/types.h
+++ b/wolfssl/wolfcrypt/types.h
@@ -22,7 +22,12 @@
/*!
\file wolfssl/wolfcrypt/types.h
*/
+/*
+DESCRIPTION
+This library defines the primitive data types and abstraction macros to
+decouple library dependencies with standard string, memory and so on.
+*/
#ifndef WOLF_CRYPT_TYPES_H
#define WOLF_CRYPT_TYPES_H
diff --git a/wolfssl/wolfcrypt/wolfmath.h b/wolfssl/wolfcrypt/wolfmath.h
index 43b73c44d..3d9830a15 100644
--- a/wolfssl/wolfcrypt/wolfmath.h
+++ b/wolfssl/wolfcrypt/wolfmath.h
@@ -19,6 +19,11 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
+/*
+DESCRIPTION
+This library provides big integer math functions.
+
+*/
#ifndef __WOLFMATH_H__
#define __WOLFMATH_H__