mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pkcs7: refactoring PKCS7_EncodeEnvelopedData to reduce stack usage: ~ 1300 bytes moved to the heap.

Browse Source 
--- variable contentKeyEnc moved to the heap (512 bytes saved)
--- variable recip moved to the heap (~800 bytes saved)
This commit is contained in:
Moisés Guimarães 2014-06-20 13:47:15 -03:00
parent 46d0f68097
commit edb94557e9
1 changed files with 64 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
ctaocrypt/src/pkcs7.c
View File

@ -1173,12 +1173,20 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
int contentKeyEncSz, blockKeySz; int contentKeyEncSz, blockKeySz;
int dynamicFlag = 0; int dynamicFlag = 0;
byte contentKeyPlain[MAX_CONTENT_KEY_LEN]; byte contentKeyPlain[MAX_CONTENT_KEY_LEN];
#ifdef CYASSL_SMALL_STACK
byte* contentKeyEnc;
#else
byte contentKeyEnc[MAX_ENCRYPTED_KEY_SZ]; byte contentKeyEnc[MAX_ENCRYPTED_KEY_SZ];
#endif
byte* plain; byte* plain;
byte* encryptedContent; byte* encryptedContent;
int recipSz, recipSetSz; int recipSz, recipSetSz;
#ifdef CYASSL_SMALL_STACK
byte* recip;
#else
byte recip[MAX_RECIP_SZ]; byte recip[MAX_RECIP_SZ];
#endif
byte recipSet[MAX_SET_SZ]; byte recipSet[MAX_SET_SZ];
int encContentOctetSz, encContentSeqSz, contentTypeSz; int encContentOctetSz, encContentSeqSz, contentTypeSz;
@ -1227,35 +1235,67 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
if (ret != 0) if (ret != 0)
return ret; return ret;
#ifdef CYASSL_SMALL_STACK
recip = (byte*)XMALLOC(MAX_RECIP_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
contentKeyEnc = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (contentKeyEnc == NULL || recip == NULL) {
if (recip) XFREE(recip, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (contentKeyEnc) XFREE(contentKeyEnc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
/* build RecipientInfo, only handle 1 for now */ /* build RecipientInfo, only handle 1 for now */
recipSz = CreateRecipientInfo(pkcs7->singleCert, pkcs7->singleCertSz, RSAk, recipSz = CreateRecipientInfo(pkcs7->singleCert, pkcs7->singleCertSz, RSAk,
blockKeySz, &rng, contentKeyPlain, blockKeySz, &rng, contentKeyPlain,
contentKeyEnc, &contentKeyEncSz, recip, contentKeyEnc, &contentKeyEncSz, recip,
MAX_RECIP_SZ); MAX_RECIP_SZ);
XMEMSET(contentKeyEnc, 0, MAX_ENCRYPTED_KEY_SZ);
#ifdef CYASSL_SMALL_STACK
XFREE(contentKeyEnc, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
if (recipSz < 0) { if (recipSz < 0) {
CYASSL_MSG("Failed to create RecipientInfo"); CYASSL_MSG("Failed to create RecipientInfo");
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return recipSz; return recipSz;
} }
recipSetSz = SetSet(recipSz, recipSet); recipSetSz = SetSet(recipSz, recipSet);
/* generate IV for block cipher */ /* generate IV for block cipher */
ret = RNG_GenerateBlock(&rng, tmpIv, DES_BLOCK_SIZE); ret = RNG_GenerateBlock(&rng, tmpIv, DES_BLOCK_SIZE);
if (ret != 0) if (ret != 0) {
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return ret; return ret;
}
/* EncryptedContentInfo */ /* EncryptedContentInfo */
contentTypeSz = SetContentType(pkcs7->contentOID, contentType); contentTypeSz = SetContentType(pkcs7->contentOID, contentType);
if (contentTypeSz == 0) if (contentTypeSz == 0) {
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
}
/* allocate encrypted content buffer, pad if necessary, PKCS#7 padding */ /* allocate encrypted content buffer, pad if necessary, PKCS#7 padding */
padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE); padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE);
desOutSz = pkcs7->contentSz + padSz; desOutSz = pkcs7->contentSz + padSz;
if (padSz != 0) { if (padSz != 0) {
plain = XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); plain = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (plain == NULL) { if (plain == NULL) {
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E; return MEMORY_E;
} }
XMEMCPY(plain, pkcs7->content, pkcs7->contentSz); XMEMCPY(plain, pkcs7->content, pkcs7->contentSz);
@ -1270,10 +1310,13 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
desOutSz = pkcs7->contentSz; desOutSz = pkcs7->contentSz;
} }
encryptedContent = XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); encryptedContent = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (encryptedContent == NULL) { if (encryptedContent == NULL) {
if (dynamicFlag) if (dynamicFlag)
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return MEMORY_E; return MEMORY_E;
} }
@ -1289,6 +1332,9 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (dynamicFlag) if (dynamicFlag)
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
@ -1305,6 +1351,9 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (dynamicFlag) if (dynamicFlag)
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return ret; return ret;
} }
} }
@ -1320,6 +1369,9 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (dynamicFlag) if (dynamicFlag)
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return ret; return ret;
} }
} }
@ -1354,6 +1406,9 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (dynamicFlag) if (dynamicFlag)
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return BUFFER_E; return BUFFER_E;
} }
@ -1391,12 +1446,15 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
#endif #endif
XMEMSET(contentKeyPlain, 0, MAX_CONTENT_KEY_LEN); XMEMSET(contentKeyPlain, 0, MAX_CONTENT_KEY_LEN);
XMEMSET(contentKeyEnc, 0, MAX_ENCRYPTED_KEY_SZ);
if (dynamicFlag) if (dynamicFlag)
XFREE(plain, NULL, DYNAMMIC_TYPE_TMP_BUFFER); XFREE(plain, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef CYASSL_SMALL_STACK
XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER);
#endif
return idx; return idx;
} }
@ -1475,7 +1533,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
return ASN_PARSE_E; return ASN_PARSE_E;
#ifdef CYASSL_SMALL_STACK #ifdef CYASSL_SMALL_STACK
encryptedKey = (byte*) XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL, encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL,
DYNAMIC_TYPE_TMP_BUFFER); DYNAMIC_TYPE_TMP_BUFFER);
if (encryptedKey == NULL) if (encryptedKey == NULL)
return MEMORY_E; return MEMORY_E;