From 2f9c9b9a2203f1e6f645db8f9f291d8e770fcc0b Mon Sep 17 00:00:00 2001 From: John Safranek Date: Mon, 13 Jun 2016 14:39:41 -0700 Subject: [PATCH 1/7] Add cipher suite ECDHE-ECDSA-AES128-CCM 1. Added the usual cipher suite changes for the new suite. 2. Added a build option, WOLFSSL_ALT_TEST_STRINGS, for testing against GnuTLS. It wants to receive strings with newlines. 3. Updated the test configs for the new suite. Tested against GnuTLS's client and server using the options: $ gnutls-cli --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" --x509cafile=./certs/server-ecc.pem --no-ca-verification -p 11111 localhost $ gnutls-serv --echo --x509keyfile=./certs/ecc-key.pem --x509certfile=./certs/server-ecc.pem --port=11111 -a --priority "NONE:+VERS-TLS-ALL:+AEAD:+ECDHE-ECDSA:+AES-128-CCM:+SIGN-ALL:+COMP-NULL:+CURVE-ALL:+CTYPE-X509" To talk to GnuTLS, wolfSSL also needed the supported curves option enabled. --- examples/client/client.c | 10 ++++++++-- examples/server/server.c | 4 ++++ src/internal.c | 16 ++++++++++++++++ src/keys.c | 18 ++++++++++++++++++ src/ssl.c | 2 ++ tests/test-dtls.conf | 13 +++++++++++++ tests/test-qsh.conf | 11 +++++++++++ tests/test-sig.conf | 11 +++++++++++ tests/test.conf | 11 +++++++++++ wolfssl/internal.h | 2 ++ 10 files changed, 96 insertions(+), 2 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 3e79a732a..8c609d427 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -517,13 +517,19 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) WOLFSSL* sslResume = 0; WOLFSSL_SESSION* session = 0; - char resumeMsg[32] = "resuming wolfssl!"; - int resumeSz = (int)strlen(resumeMsg); +#ifndef WOLFSSL_ALT_TEST_STRINGS char msg[32] = "hello wolfssl!"; /* GET may make bigger */ + char resumeMsg[32] = "resuming wolfssl!"; +#else + char msg[32] = "hello wolfssl!\n"; + char resumeMsg[32] = "resuming wolfssl!\n"; +#endif + char reply[80]; int input; int msgSz = (int)strlen(msg); + int resumeSz = (int)strlen(resumeMsg); word16 port = wolfSSLPort; char* host = (char*)wolfSSLIP; diff --git a/examples/server/server.c b/examples/server/server.c index df3110a39..0fdbdd2e6 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -256,7 +256,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) SSL_CTX* ctx = 0; SSL* ssl = 0; +#ifndef WOLFSSL_ALT_TEST_STRINGS const char msg[] = "I hear you fa shizzle!"; +#else + const char msg[] = "I hear you fa shizzle!\n"; +#endif char input[80]; int ch; int version = SERVER_DEFAULT_VERSION; diff --git a/src/internal.c b/src/internal.c index 746182a6e..fd1f9b63b 100755 --- a/src/internal.c +++ b/src/internal.c @@ -2123,6 +2123,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, } #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM + if (tls1_2 && haveECC) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CCM; + } +#endif + #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 if (tls1_2 && haveECC) { suites->suites[idx++] = ECC_BYTE; @@ -5540,6 +5547,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) break; #endif + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM : case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : if (requirement == REQUIRES_ECC) @@ -11500,6 +11508,10 @@ static const char* const cipher_names[] = "AES256-CCM-8", #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM + "ECDHE-ECDSA-AES128-CCM", +#endif + #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 "ECDHE-ECDSA-AES128-CCM-8", #endif @@ -11942,6 +11954,10 @@ static int cipher_name_idx[] = TLS_RSA_WITH_AES_256_CCM_8, #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM + TLS_ECDHE_ECDSA_WITH_AES_128_CCM, +#endif + #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, #endif diff --git a/src/keys.c b/src/keys.c index 849636ee1..dd3207c88 100644 --- a/src/keys.c +++ b/src/keys.c @@ -790,6 +790,24 @@ int SetCipherSpecs(WOLFSSL* ssl) break; #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM : + ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AESGCM_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; + + break; +#endif + #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : ssl->specs.bulk_cipher_algorithm = wolfssl_aes_ccm; diff --git a/src/ssl.c b/src/ssl.c index 4a45ba34e..2595f3d35 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -11760,6 +11760,8 @@ const char* wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher) return "TLS_DHE_PSK_WITH_AES_256_CCM"; #endif #ifdef HAVE_ECC + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM: + return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM"; case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"; case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : diff --git a/tests/test-dtls.conf b/tests/test-dtls.conf index 7faa856f2..fb4260e62 100644 --- a/tests/test-dtls.conf +++ b/tests/test-dtls.conf @@ -1046,6 +1046,19 @@ -v 3 -l PSK-AES256-GCM-SHA384 +# server DTLSv1.2 ECDHE-ECDSA-AES128-CCM +-u +-v 3 +-l ECDHE-ECDSA-AES128-CCM +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES128-CCM +-u +-v 3 +-l ECDHE-ECDSA-AES128-CCM +-A ./certs/server-ecc.pem + # server DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8 -u -v 3 diff --git a/tests/test-qsh.conf b/tests/test-qsh.conf index b12b49cf7..211ecabed 100644 --- a/tests/test-qsh.conf +++ b/tests/test-qsh.conf @@ -1823,6 +1823,17 @@ -v 3 -l QSH:AES256-CCM-8 +# server TLSv1.2 ECDHE-ECDSA-AES128-CCM +-v 3 +-l QSH:ECDHE-ECDSA-AES128-CCM +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES128-CCM +-v 3 +-l QSH:ECDHE-ECDSA-AES128-CCM +-A ./certs/server-ecc.pem + # server TLSv1.2 ECDHE-ECDSA-AES128-CCM-8 -v 3 -l QSH:ECDHE-ECDSA-AES128-CCM-8 diff --git a/tests/test-sig.conf b/tests/test-sig.conf index db643c5c2..4ce46ca83 100644 --- a/tests/test-sig.conf +++ b/tests/test-sig.conf @@ -185,6 +185,17 @@ -l ECDHE-ECDSA-AES256-GCM-SHA384 -A ./certs/ca-cert.pem +# server TLSv1.2 ECDHE-ECDSA-AES128-CCM +-v 3 +-l ECDHE-ECDSA-AES128-CCM +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES128-CCM +-v 3 +-l ECDHE-ECDSA-AES128-CCM +-A ./certs/ca-cert.pem + # server TLSv1.2 ECDHE-ECDSA-AES128-CCM-8 -v 3 -l ECDHE-ECDSA-AES128-CCM-8 diff --git a/tests/test.conf b/tests/test.conf index 40beed1cc..37f672ab0 100644 --- a/tests/test.conf +++ b/tests/test.conf @@ -1812,6 +1812,17 @@ -v 3 -l AES256-CCM-8 +# server TLSv1.2 ECDHE-ECDSA-AES128-CCM +-v 3 +-l ECDHE-ECDSA-AES128-CCM +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES128-CCM +-v 3 +-l ECDHE-ECDSA-AES128-CCM +-A ./certs/server-ecc.pem + # server TLSv1.2 ECDHE-ECDSA-AES128-CCM-8 -v 3 -l ECDHE-ECDSA-AES128-CCM-8 diff --git a/wolfssl/internal.h b/wolfssl/internal.h index fd53f97de..01301001a 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -608,6 +608,7 @@ typedef byte word24[3]; #endif #endif #if defined(HAVE_AESCCM) && !defined(NO_SHA256) + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 #endif @@ -812,6 +813,7 @@ enum { * with non-ECC AES-GCM */ TLS_RSA_WITH_AES_128_CCM_8 = 0xa0, TLS_RSA_WITH_AES_256_CCM_8 = 0xa1, + TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xac, TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xae, TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xaf, TLS_PSK_WITH_AES_128_CCM = 0xa4, From 35f43f92166b426b6d68e14be800050fd09509d4 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Tue, 14 Jun 2016 14:36:08 -0700 Subject: [PATCH 2/7] In DTLS, if a mac or decrypt error is detected, just drop the datagram and don't send an alert --- src/internal.c | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/src/internal.c b/src/internal.c index 9ee2ca0f6..f80c7f412 100755 --- a/src/internal.c +++ b/src/internal.c @@ -7834,7 +7834,8 @@ static int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input, /* check tag sent along with packet */ if (ConstantCompare(input + msgLen, tag, ssl->specs.aead_mac_size) != 0) { WOLFSSL_MSG("MAC did not match"); - SendAlert(ssl, alert_fatal, bad_record_mac); + if (!ssl->options.dtls) + SendAlert(ssl, alert_fatal, bad_record_mac); return VERIFY_MAC_ERROR; } @@ -8098,7 +8099,8 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input, input + sz - ssl->specs.aead_mac_size, ssl->specs.aead_mac_size, additional, AEAD_AUTH_DATA_SZ) < 0) { - SendAlert(ssl, alert_fatal, bad_record_mac); + if (!ssl->options.dtls) + SendAlert(ssl, alert_fatal, bad_record_mac); ret = VERIFY_MAC_ERROR; } ForceZero(nonce, AESGCM_NONCE_SZ); @@ -8139,7 +8141,8 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input, input + sz - ssl->specs.aead_mac_size, ssl->specs.aead_mac_size, additional, AEAD_AUTH_DATA_SZ) < 0) { - SendAlert(ssl, alert_fatal, bad_record_mac); + if (!ssl->options.dtls) + SendAlert(ssl, alert_fatal, bad_record_mac); ret = VERIFY_MAC_ERROR; } ForceZero(nonce, AESGCM_NONCE_SZ); @@ -8929,6 +8932,15 @@ int ProcessReply(WOLFSSL* ssl) if (ret < 0) { WOLFSSL_MSG("Decrypt failed"); WOLFSSL_ERROR(ret); + #ifdef WOLFSSL_DTLS + /* If in DTLS mode, if the decrypt fails for any + * reason, pretend the datagram never happened. */ + if (ssl->options.dtls) { + ssl->options.processReply = doProcessInit; + ssl->buffers.inputBuffer.idx = + ssl->buffers.inputBuffer.length; + } + #endif /* WOLFSSL_DTLS */ return DECRYPT_ERROR; } if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) @@ -10535,6 +10547,15 @@ int ReceiveData(WOLFSSL* ssl, byte* output, int sz, int peek) if (ssl->error == WANT_READ || ssl->error == WC_PENDING_E) ssl->error = 0; +#ifdef WOLFSSL_DTLS + if (ssl->options.dtls) { + /* In DTLS mode, we forgive some errors and allow the session + * to continue despite them. */ + if (ssl->error == VERIFY_MAC_ERROR || ssl->error == DECRYPT_ERROR) + ssl->error = 0; + } +#endif /* WOLFSSL_DTLS */ + if (ssl->error != 0 && ssl->error != WANT_WRITE) { WOLFSSL_MSG("User calling wolfSSL_read in error state, not allowed"); return ssl->error; From 8f3c56c03fff4f5c6f8fec1ee696f2c7860433c1 Mon Sep 17 00:00:00 2001 From: John Safranek Date: Wed, 15 Jun 2016 18:44:25 -0700 Subject: [PATCH 3/7] Fix where the last flight was getting retransmit on timeout notification. --- src/internal.c | 3 +-- src/ssl.c | 4 +++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/internal.c b/src/internal.c index 746182a6e..5f732ad9b 100755 --- a/src/internal.c +++ b/src/internal.c @@ -4752,8 +4752,7 @@ retry: case WOLFSSL_CBIO_ERR_TIMEOUT: if (ssl->options.dtls) { #ifdef WOLFSSL_DTLS - if ((!ssl->options.handShakeDone || - ssl->options.dtlsHsRetain) && + if (!ssl->options.handShakeDone && DtlsPoolTimeout(ssl) == 0 && DtlsPoolSend(ssl) == 0) { diff --git a/src/ssl.c b/src/ssl.c index 4a45ba34e..20ffb0f30 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -6617,7 +6617,9 @@ int wolfSSL_dtls_got_timeout(WOLFSSL* ssl) { int result = SSL_SUCCESS; - if (DtlsPoolTimeout(ssl) < 0 || DtlsPoolSend(ssl) < 0) { + if (!ssl->options.handShakeDone && + (DtlsPoolTimeout(ssl) < 0 || DtlsPoolSend(ssl) < 0)) { + result = SSL_FATAL_ERROR; } return result; From db7aab5e378218781fc7e3807ddddb093f55b495 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moise=CC=81s=20Guimara=CC=83es?= Date: Fri, 17 Jun 2016 08:19:57 -0300 Subject: [PATCH 4/7] fixes ocsp stapling tests ignoring CRL --- scripts/ocsp-stapling.test | 4 ++-- scripts/ocsp-stapling2.test | 12 ++++++------ 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/scripts/ocsp-stapling.test b/scripts/ocsp-stapling.test index 572310a01..82869ca28 100755 --- a/scripts/ocsp-stapling.test +++ b/scripts/ocsp-stapling.test @@ -25,14 +25,14 @@ sleep 1 # client test against our own server - GOOD CERT ./examples/server/server -c certs/ocsp/server1-cert.pem -k certs/ocsp/server1-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 1 RESULT=$? [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1 # client test against our own server - REVOKED CERT ./examples/server/server -c certs/ocsp/server2-cert.pem -k certs/ocsp/server2-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 1 RESULT=$? [ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1 diff --git a/scripts/ocsp-stapling2.test b/scripts/ocsp-stapling2.test index 75877f210..9bdc2f5d9 100755 --- a/scripts/ocsp-stapling2.test +++ b/scripts/ocsp-stapling2.test @@ -16,39 +16,39 @@ sleep 1 # client test against our own server - GOOD CERTS ./examples/server/server -c certs/ocsp/server3-cert.pem -k certs/ocsp/server3-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 1 RESULT=$? [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1 ./examples/server/server -c certs/ocsp/server3-cert.pem -k certs/ocsp/server3-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 2 RESULT=$? [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1 # client test against our own server - REVOKED SERVER CERT ./examples/server/server -c certs/ocsp/server4-cert.pem -k certs/ocsp/server4-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 1 RESULT=$? [ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1 ./examples/server/server -c certs/ocsp/server4-cert.pem -k certs/ocsp/server4-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 2 RESULT=$? [ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1 # client test against our own server - REVOKED INTERMEDIATE CERT ./examples/server/server -c certs/ocsp/server5-cert.pem -k certs/ocsp/server5-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 1 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 1 RESULT=$? [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed $RESULT" && exit 1 ./examples/server/server -c certs/ocsp/server5-cert.pem -k certs/ocsp/server5-key.pem & sleep 1 -./examples/client/client -A certs/ocsp/root-ca-cert.pem -W 2 +./examples/client/client -X -C -A certs/ocsp/root-ca-cert.pem -W 2 RESULT=$? [ $RESULT -ne 1 ] && echo -e "\n\nClient connection suceeded $RESULT" && exit 1 From eb1d8d5df648b9e1d36f208a65f588ff39c121fe Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 17 Jun 2016 15:59:25 -0700 Subject: [PATCH 5/7] Fix for NID names on NIST prime 192 and 256 curves. Cleanup of the memcpy/memset in .i files to use portable names. --- src/ssl.c | 12 ++++- wolfcrypt/src/ecc.c | 4 +- wolfcrypt/src/fp_mont_small.i | 11 ++--- wolfcrypt/src/fp_mul_comba_12.i | 4 +- wolfcrypt/src/fp_mul_comba_17.i | 4 +- wolfcrypt/src/fp_mul_comba_20.i | 4 +- wolfcrypt/src/fp_mul_comba_24.i | 4 +- wolfcrypt/src/fp_mul_comba_28.i | 4 +- wolfcrypt/src/fp_mul_comba_3.i | 4 +- wolfcrypt/src/fp_mul_comba_32.i | 4 +- wolfcrypt/src/fp_mul_comba_4.i | 4 +- wolfcrypt/src/fp_mul_comba_48.i | 4 +- wolfcrypt/src/fp_mul_comba_6.i | 4 +- wolfcrypt/src/fp_mul_comba_64.i | 4 +- wolfcrypt/src/fp_mul_comba_7.i | 4 +- wolfcrypt/src/fp_mul_comba_8.i | 4 +- wolfcrypt/src/fp_mul_comba_9.i | 4 +- wolfcrypt/src/fp_mul_comba_small_set.i | 64 +++++++++++++------------- wolfcrypt/src/fp_sqr_comba_12.i | 2 +- wolfcrypt/src/fp_sqr_comba_17.i | 2 +- wolfcrypt/src/fp_sqr_comba_20.i | 2 +- wolfcrypt/src/fp_sqr_comba_24.i | 2 +- wolfcrypt/src/fp_sqr_comba_28.i | 2 +- wolfcrypt/src/fp_sqr_comba_3.i | 2 +- wolfcrypt/src/fp_sqr_comba_32.i | 2 +- wolfcrypt/src/fp_sqr_comba_4.i | 2 +- wolfcrypt/src/fp_sqr_comba_48.i | 2 +- wolfcrypt/src/fp_sqr_comba_6.i | 2 +- wolfcrypt/src/fp_sqr_comba_64.i | 2 +- wolfcrypt/src/fp_sqr_comba_7.i | 2 +- wolfcrypt/src/fp_sqr_comba_8.i | 2 +- wolfcrypt/src/fp_sqr_comba_9.i | 2 +- wolfcrypt/src/fp_sqr_comba_small_set.i | 32 ++++++------- wolfssl/openssl/ec.h | 4 +- wolfssl/wolfcrypt/mem_track.h | 2 +- 35 files changed, 109 insertions(+), 104 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index e50898458..346961717 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -16341,7 +16341,17 @@ int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group) } switch(group->curve_nid) { - case NID_secp256k1: + case NID_secp112r1: + return 112; + case NID_secp128r1: + return 128; + case NID_secp160r1: + return 160; + case NID_X9_62_prime192v1: + return 192; + case NID_secp224r1: + return 224; + case NID_X9_62_prime256v1: return 256; case NID_secp384r1: return 384; diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 4bd19bff3..eec95ae4d 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -167,7 +167,7 @@ const ecc_set_type ecc_sets[] = { #ifdef ECC192 { 24, /* size/bytes */ - NID_secp192k1, /* NID */ + NID_X9_62_prime192v1, /* NID */ "SECP192R1", /* curve name */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", /* prime */ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC", /* A */ @@ -193,7 +193,7 @@ const ecc_set_type ecc_sets[] = { #ifdef ECC256 { 32, /* size/bytes */ - NID_secp256k1, /* NID */ + NID_X9_62_prime256v1, /* NID */ "SECP256R1", /* curve name */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", /* prime */ "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC", /* A */ diff --git a/wolfcrypt/src/fp_mont_small.i b/wolfcrypt/src/fp_mont_small.i index 46ac50f2a..78ff5b52e 100644 --- a/wolfcrypt/src/fp_mont_small.i +++ b/wolfcrypt/src/fp_mont_small.i @@ -28,10 +28,9 @@ void fp_montgomery_reduce_small(fp_int *a, fp_int *m, fp_digit mp) fp_digit c[FP_SIZE], *_c, *tmpm, mu, cy; int oldused, x, y, pa; -#if defined(USE_MEMSET) /* now zero the buff */ - memset(c, 0, sizeof c); -#endif + XMEMSET(c, 0, sizeof c); + pa = m->used; /* copy the input */ @@ -39,11 +38,7 @@ void fp_montgomery_reduce_small(fp_int *a, fp_int *m, fp_digit mp) for (x = 0; x < oldused; x++) { c[x] = a->dp[x]; } -#if !defined(USE_MEMSET) - for (; x < 2*pa+3; x++) { - c[x] = 0; - } -#endif + MONT_START; switch (pa) { diff --git a/wolfcrypt/src/fp_mul_comba_12.i b/wolfcrypt/src/fp_mul_comba_12.i index fe21a5294..b6c8e9830 100644 --- a/wolfcrypt/src/fp_mul_comba_12.i +++ b/wolfcrypt/src/fp_mul_comba_12.i @@ -26,8 +26,8 @@ void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[24]; - memcpy(at, A->dp, 12 * sizeof(fp_digit)); - memcpy(at+12, B->dp, 12 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 12 * sizeof(fp_digit)); + XMEMCPY(at+12, B->dp, 12 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_17.i b/wolfcrypt/src/fp_mul_comba_17.i index 4ea109a5c..ba4ee0913 100644 --- a/wolfcrypt/src/fp_mul_comba_17.i +++ b/wolfcrypt/src/fp_mul_comba_17.i @@ -26,8 +26,8 @@ void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[34]; - memcpy(at, A->dp, 17 * sizeof(fp_digit)); - memcpy(at+17, B->dp, 17 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 17 * sizeof(fp_digit)); + XMEMCPY(at+17, B->dp, 17 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_20.i b/wolfcrypt/src/fp_mul_comba_20.i index 11de0ff1f..7d2275abb 100644 --- a/wolfcrypt/src/fp_mul_comba_20.i +++ b/wolfcrypt/src/fp_mul_comba_20.i @@ -25,8 +25,8 @@ void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[40]; - memcpy(at, A->dp, 20 * sizeof(fp_digit)); - memcpy(at+20, B->dp, 20 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 20 * sizeof(fp_digit)); + XMEMCPY(at+20, B->dp, 20 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_24.i b/wolfcrypt/src/fp_mul_comba_24.i index 02324c50b..3502151f6 100644 --- a/wolfcrypt/src/fp_mul_comba_24.i +++ b/wolfcrypt/src/fp_mul_comba_24.i @@ -26,8 +26,8 @@ void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[48]; - memcpy(at, A->dp, 24 * sizeof(fp_digit)); - memcpy(at+24, B->dp, 24 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 24 * sizeof(fp_digit)); + XMEMCPY(at+24, B->dp, 24 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_28.i b/wolfcrypt/src/fp_mul_comba_28.i index fc12bde5f..41ef1bc9a 100644 --- a/wolfcrypt/src/fp_mul_comba_28.i +++ b/wolfcrypt/src/fp_mul_comba_28.i @@ -26,8 +26,8 @@ void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[56]; - memcpy(at, A->dp, 28 * sizeof(fp_digit)); - memcpy(at+28, B->dp, 28 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 28 * sizeof(fp_digit)); + XMEMCPY(at+28, B->dp, 28 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_3.i b/wolfcrypt/src/fp_mul_comba_3.i index 9d2b0016f..fb0ca1203 100644 --- a/wolfcrypt/src/fp_mul_comba_3.i +++ b/wolfcrypt/src/fp_mul_comba_3.i @@ -26,8 +26,8 @@ void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[6]; - memcpy(at, A->dp, 3 * sizeof(fp_digit)); - memcpy(at+3, B->dp, 3 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 3 * sizeof(fp_digit)); + XMEMCPY(at+3, B->dp, 3 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_32.i b/wolfcrypt/src/fp_mul_comba_32.i index 0bd92aaa1..f1e54116d 100644 --- a/wolfcrypt/src/fp_mul_comba_32.i +++ b/wolfcrypt/src/fp_mul_comba_32.i @@ -28,8 +28,8 @@ void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C) int out_size; out_size = A->used + B->used; - memcpy(at, A->dp, 32 * sizeof(fp_digit)); - memcpy(at+32, B->dp, 32 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 32 * sizeof(fp_digit)); + XMEMCPY(at+32, B->dp, 32 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_4.i b/wolfcrypt/src/fp_mul_comba_4.i index 07a1e68ff..8c34cc9e3 100644 --- a/wolfcrypt/src/fp_mul_comba_4.i +++ b/wolfcrypt/src/fp_mul_comba_4.i @@ -26,8 +26,8 @@ void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[8]; - memcpy(at, A->dp, 4 * sizeof(fp_digit)); - memcpy(at+4, B->dp, 4 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 4 * sizeof(fp_digit)); + XMEMCPY(at+4, B->dp, 4 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_48.i b/wolfcrypt/src/fp_mul_comba_48.i index 9a4682ba8..91df8f835 100644 --- a/wolfcrypt/src/fp_mul_comba_48.i +++ b/wolfcrypt/src/fp_mul_comba_48.i @@ -26,8 +26,8 @@ void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[96]; - memcpy(at, A->dp, 48 * sizeof(fp_digit)); - memcpy(at+48, B->dp, 48 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 48 * sizeof(fp_digit)); + XMEMCPY(at+48, B->dp, 48 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_6.i b/wolfcrypt/src/fp_mul_comba_6.i index 4daa55903..c953f4d02 100644 --- a/wolfcrypt/src/fp_mul_comba_6.i +++ b/wolfcrypt/src/fp_mul_comba_6.i @@ -26,8 +26,8 @@ void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[12]; - memcpy(at, A->dp, 6 * sizeof(fp_digit)); - memcpy(at+6, B->dp, 6 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 6 * sizeof(fp_digit)); + XMEMCPY(at+6, B->dp, 6 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_64.i b/wolfcrypt/src/fp_mul_comba_64.i index 99a9a8159..981675980 100644 --- a/wolfcrypt/src/fp_mul_comba_64.i +++ b/wolfcrypt/src/fp_mul_comba_64.i @@ -26,8 +26,8 @@ void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[128]; - memcpy(at, A->dp, 64 * sizeof(fp_digit)); - memcpy(at+64, B->dp, 64 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 64 * sizeof(fp_digit)); + XMEMCPY(at+64, B->dp, 64 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_7.i b/wolfcrypt/src/fp_mul_comba_7.i index c03e22ee6..b7dd9c1da 100644 --- a/wolfcrypt/src/fp_mul_comba_7.i +++ b/wolfcrypt/src/fp_mul_comba_7.i @@ -26,8 +26,8 @@ void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[14]; - memcpy(at, A->dp, 7 * sizeof(fp_digit)); - memcpy(at+7, B->dp, 7 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 7 * sizeof(fp_digit)); + XMEMCPY(at+7, B->dp, 7 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_8.i b/wolfcrypt/src/fp_mul_comba_8.i index 829424d7d..aa0428a5b 100644 --- a/wolfcrypt/src/fp_mul_comba_8.i +++ b/wolfcrypt/src/fp_mul_comba_8.i @@ -26,8 +26,8 @@ void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[16]; - memcpy(at, A->dp, 8 * sizeof(fp_digit)); - memcpy(at+8, B->dp, 8 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 8 * sizeof(fp_digit)); + XMEMCPY(at+8, B->dp, 8 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_9.i b/wolfcrypt/src/fp_mul_comba_9.i index d9adf67c4..4f443908b 100644 --- a/wolfcrypt/src/fp_mul_comba_9.i +++ b/wolfcrypt/src/fp_mul_comba_9.i @@ -26,8 +26,8 @@ void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C) { fp_digit c0, c1, c2, at[18]; - memcpy(at, A->dp, 9 * sizeof(fp_digit)); - memcpy(at+9, B->dp, 9 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 9 * sizeof(fp_digit)); + XMEMCPY(at+9, B->dp, 9 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_mul_comba_small_set.i b/wolfcrypt/src/fp_mul_comba_small_set.i index 8c5cb3225..4e948c7cd 100644 --- a/wolfcrypt/src/fp_mul_comba_small_set.i +++ b/wolfcrypt/src/fp_mul_comba_small_set.i @@ -28,8 +28,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) switch (MAX(A->used, B->used)) { case 1: - memcpy(at, A->dp, 1 * sizeof(fp_digit)); - memcpy(at+1, B->dp, 1 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 1 * sizeof(fp_digit)); + XMEMCPY(at+1, B->dp, 1 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -44,8 +44,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 2: - memcpy(at, A->dp, 2 * sizeof(fp_digit)); - memcpy(at+2, B->dp, 2 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 2 * sizeof(fp_digit)); + XMEMCPY(at+2, B->dp, 2 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -68,8 +68,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 3: - memcpy(at, A->dp, 3 * sizeof(fp_digit)); - memcpy(at+3, B->dp, 3 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 3 * sizeof(fp_digit)); + XMEMCPY(at+3, B->dp, 3 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -100,8 +100,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 4: - memcpy(at, A->dp, 4 * sizeof(fp_digit)); - memcpy(at+4, B->dp, 4 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 4 * sizeof(fp_digit)); + XMEMCPY(at+4, B->dp, 4 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -140,8 +140,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 5: - memcpy(at, A->dp, 5 * sizeof(fp_digit)); - memcpy(at+5, B->dp, 5 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 5 * sizeof(fp_digit)); + XMEMCPY(at+5, B->dp, 5 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -188,8 +188,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 6: - memcpy(at, A->dp, 6 * sizeof(fp_digit)); - memcpy(at+6, B->dp, 6 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 6 * sizeof(fp_digit)); + XMEMCPY(at+6, B->dp, 6 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -244,8 +244,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 7: - memcpy(at, A->dp, 7 * sizeof(fp_digit)); - memcpy(at+7, B->dp, 7 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 7 * sizeof(fp_digit)); + XMEMCPY(at+7, B->dp, 7 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -308,8 +308,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 8: - memcpy(at, A->dp, 8 * sizeof(fp_digit)); - memcpy(at+8, B->dp, 8 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 8 * sizeof(fp_digit)); + XMEMCPY(at+8, B->dp, 8 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -380,8 +380,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 9: - memcpy(at, A->dp, 9 * sizeof(fp_digit)); - memcpy(at+9, B->dp, 9 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 9 * sizeof(fp_digit)); + XMEMCPY(at+9, B->dp, 9 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -460,8 +460,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 10: - memcpy(at, A->dp, 10 * sizeof(fp_digit)); - memcpy(at+10, B->dp, 10 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 10 * sizeof(fp_digit)); + XMEMCPY(at+10, B->dp, 10 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -548,8 +548,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 11: - memcpy(at, A->dp, 11 * sizeof(fp_digit)); - memcpy(at+11, B->dp, 11 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 11 * sizeof(fp_digit)); + XMEMCPY(at+11, B->dp, 11 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -644,8 +644,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 12: - memcpy(at, A->dp, 12 * sizeof(fp_digit)); - memcpy(at+12, B->dp, 12 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 12 * sizeof(fp_digit)); + XMEMCPY(at+12, B->dp, 12 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -748,8 +748,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 13: - memcpy(at, A->dp, 13 * sizeof(fp_digit)); - memcpy(at+13, B->dp, 13 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 13 * sizeof(fp_digit)); + XMEMCPY(at+13, B->dp, 13 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -860,8 +860,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 14: - memcpy(at, A->dp, 14 * sizeof(fp_digit)); - memcpy(at+14, B->dp, 14 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 14 * sizeof(fp_digit)); + XMEMCPY(at+14, B->dp, 14 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -980,8 +980,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 15: - memcpy(at, A->dp, 15 * sizeof(fp_digit)); - memcpy(at+15, B->dp, 15 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 15 * sizeof(fp_digit)); + XMEMCPY(at+15, B->dp, 15 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; @@ -1108,8 +1108,8 @@ void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C) break; case 16: - memcpy(at, A->dp, 16 * sizeof(fp_digit)); - memcpy(at+16, B->dp, 16 * sizeof(fp_digit)); + XMEMCPY(at, A->dp, 16 * sizeof(fp_digit)); + XMEMCPY(at+16, B->dp, 16 * sizeof(fp_digit)); COMBA_START; COMBA_CLEAR; diff --git a/wolfcrypt/src/fp_sqr_comba_12.i b/wolfcrypt/src/fp_sqr_comba_12.i index a39de8358..c4da02ada 100644 --- a/wolfcrypt/src/fp_sqr_comba_12.i +++ b/wolfcrypt/src/fp_sqr_comba_12.i @@ -152,7 +152,7 @@ void fp_sqr_comba12(fp_int *A, fp_int *B) B->used = 24; B->sign = FP_ZPOS; - memcpy(B->dp, b, 24 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 24 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_17.i b/wolfcrypt/src/fp_sqr_comba_17.i index d75bfe034..501c247c7 100644 --- a/wolfcrypt/src/fp_sqr_comba_17.i +++ b/wolfcrypt/src/fp_sqr_comba_17.i @@ -203,7 +203,7 @@ void fp_sqr_comba17(fp_int *A, fp_int *B) B->used = 34; B->sign = FP_ZPOS; - memcpy(B->dp, b, 34 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 34 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_20.i b/wolfcrypt/src/fp_sqr_comba_20.i index 05c895a73..7cbcd65bb 100644 --- a/wolfcrypt/src/fp_sqr_comba_20.i +++ b/wolfcrypt/src/fp_sqr_comba_20.i @@ -233,7 +233,7 @@ void fp_sqr_comba20(fp_int *A, fp_int *B) B->used = 40; B->sign = FP_ZPOS; - memcpy(B->dp, b, 40 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 40 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_24.i b/wolfcrypt/src/fp_sqr_comba_24.i index bb512e472..f32c36f27 100644 --- a/wolfcrypt/src/fp_sqr_comba_24.i +++ b/wolfcrypt/src/fp_sqr_comba_24.i @@ -273,7 +273,7 @@ void fp_sqr_comba24(fp_int *A, fp_int *B) B->used = 48; B->sign = FP_ZPOS; - memcpy(B->dp, b, 48 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 48 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_28.i b/wolfcrypt/src/fp_sqr_comba_28.i index e38104d87..3ddb23430 100644 --- a/wolfcrypt/src/fp_sqr_comba_28.i +++ b/wolfcrypt/src/fp_sqr_comba_28.i @@ -313,7 +313,7 @@ void fp_sqr_comba28(fp_int *A, fp_int *B) B->used = 56; B->sign = FP_ZPOS; - memcpy(B->dp, b, 56 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 56 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_3.i b/wolfcrypt/src/fp_sqr_comba_3.i index dd838ac4a..065916e1f 100644 --- a/wolfcrypt/src/fp_sqr_comba_3.i +++ b/wolfcrypt/src/fp_sqr_comba_3.i @@ -63,7 +63,7 @@ void fp_sqr_comba3(fp_int *A, fp_int *B) B->used = 6; B->sign = FP_ZPOS; - memcpy(B->dp, b, 6 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 6 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_32.i b/wolfcrypt/src/fp_sqr_comba_32.i index 205d81c94..5e3565a5e 100644 --- a/wolfcrypt/src/fp_sqr_comba_32.i +++ b/wolfcrypt/src/fp_sqr_comba_32.i @@ -353,7 +353,7 @@ void fp_sqr_comba32(fp_int *A, fp_int *B) B->used = 64; B->sign = FP_ZPOS; - memcpy(B->dp, b, 64 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 64 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_4.i b/wolfcrypt/src/fp_sqr_comba_4.i index 9d8956685..35f4d1c3d 100644 --- a/wolfcrypt/src/fp_sqr_comba_4.i +++ b/wolfcrypt/src/fp_sqr_comba_4.i @@ -73,7 +73,7 @@ void fp_sqr_comba4(fp_int *A, fp_int *B) B->used = 8; B->sign = FP_ZPOS; - memcpy(B->dp, b, 8 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 8 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_48.i b/wolfcrypt/src/fp_sqr_comba_48.i index be4fde7cf..2dc2c6626 100644 --- a/wolfcrypt/src/fp_sqr_comba_48.i +++ b/wolfcrypt/src/fp_sqr_comba_48.i @@ -513,7 +513,7 @@ void fp_sqr_comba48(fp_int *A, fp_int *B) B->used = 96; B->sign = FP_ZPOS; - memcpy(B->dp, b, 96 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 96 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_6.i b/wolfcrypt/src/fp_sqr_comba_6.i index a1cdcd52d..6cc94a643 100644 --- a/wolfcrypt/src/fp_sqr_comba_6.i +++ b/wolfcrypt/src/fp_sqr_comba_6.i @@ -93,7 +93,7 @@ void fp_sqr_comba6(fp_int *A, fp_int *B) B->used = 12; B->sign = FP_ZPOS; - memcpy(B->dp, b, 12 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 12 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_64.i b/wolfcrypt/src/fp_sqr_comba_64.i index a119ebefc..34cd4c2be 100644 --- a/wolfcrypt/src/fp_sqr_comba_64.i +++ b/wolfcrypt/src/fp_sqr_comba_64.i @@ -673,7 +673,7 @@ void fp_sqr_comba64(fp_int *A, fp_int *B) B->used = 128; B->sign = FP_ZPOS; - memcpy(B->dp, b, 128 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 128 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_7.i b/wolfcrypt/src/fp_sqr_comba_7.i index 89686a208..e79a215e6 100644 --- a/wolfcrypt/src/fp_sqr_comba_7.i +++ b/wolfcrypt/src/fp_sqr_comba_7.i @@ -103,7 +103,7 @@ void fp_sqr_comba7(fp_int *A, fp_int *B) B->used = 14; B->sign = FP_ZPOS; - memcpy(B->dp, b, 14 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 14 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_8.i b/wolfcrypt/src/fp_sqr_comba_8.i index f64156503..5abc6485f 100644 --- a/wolfcrypt/src/fp_sqr_comba_8.i +++ b/wolfcrypt/src/fp_sqr_comba_8.i @@ -113,7 +113,7 @@ void fp_sqr_comba8(fp_int *A, fp_int *B) B->used = 16; B->sign = FP_ZPOS; - memcpy(B->dp, b, 16 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 16 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_9.i b/wolfcrypt/src/fp_sqr_comba_9.i index 75bb72ba6..40e8d4e70 100644 --- a/wolfcrypt/src/fp_sqr_comba_9.i +++ b/wolfcrypt/src/fp_sqr_comba_9.i @@ -123,7 +123,7 @@ void fp_sqr_comba9(fp_int *A, fp_int *B) B->used = 18; B->sign = FP_ZPOS; - memcpy(B->dp, b, 18 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 18 * sizeof(fp_digit)); fp_clamp(B); } #endif diff --git a/wolfcrypt/src/fp_sqr_comba_small_set.i b/wolfcrypt/src/fp_sqr_comba_small_set.i index e9cd60883..0a3d27cb0 100644 --- a/wolfcrypt/src/fp_sqr_comba_small_set.i +++ b/wolfcrypt/src/fp_sqr_comba_small_set.i @@ -44,7 +44,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 2; B->sign = FP_ZPOS; - memcpy(B->dp, b, 2 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 2 * sizeof(fp_digit)); fp_clamp(B); break; @@ -73,7 +73,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 4; B->sign = FP_ZPOS; - memcpy(B->dp, b, 4 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 4 * sizeof(fp_digit)); fp_clamp(B); break; @@ -112,7 +112,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 6; B->sign = FP_ZPOS; - memcpy(B->dp, b, 6 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 6 * sizeof(fp_digit)); fp_clamp(B); break; @@ -161,7 +161,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 8; B->sign = FP_ZPOS; - memcpy(B->dp, b, 8 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 8 * sizeof(fp_digit)); fp_clamp(B); break; @@ -220,7 +220,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 10; B->sign = FP_ZPOS; - memcpy(B->dp, b, 10 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 10 * sizeof(fp_digit)); fp_clamp(B); break; @@ -289,7 +289,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 12; B->sign = FP_ZPOS; - memcpy(B->dp, b, 12 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 12 * sizeof(fp_digit)); fp_clamp(B); break; @@ -368,7 +368,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 14; B->sign = FP_ZPOS; - memcpy(B->dp, b, 14 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 14 * sizeof(fp_digit)); fp_clamp(B); break; @@ -457,7 +457,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 16; B->sign = FP_ZPOS; - memcpy(B->dp, b, 16 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 16 * sizeof(fp_digit)); fp_clamp(B); break; @@ -556,7 +556,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 18; B->sign = FP_ZPOS; - memcpy(B->dp, b, 18 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 18 * sizeof(fp_digit)); fp_clamp(B); break; @@ -665,7 +665,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 20; B->sign = FP_ZPOS; - memcpy(B->dp, b, 20 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 20 * sizeof(fp_digit)); fp_clamp(B); break; @@ -784,7 +784,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 22; B->sign = FP_ZPOS; - memcpy(B->dp, b, 22 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 22 * sizeof(fp_digit)); fp_clamp(B); break; @@ -913,7 +913,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 24; B->sign = FP_ZPOS; - memcpy(B->dp, b, 24 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 24 * sizeof(fp_digit)); fp_clamp(B); break; @@ -1052,7 +1052,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 26; B->sign = FP_ZPOS; - memcpy(B->dp, b, 26 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 26 * sizeof(fp_digit)); fp_clamp(B); break; @@ -1201,7 +1201,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 28; B->sign = FP_ZPOS; - memcpy(B->dp, b, 28 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 28 * sizeof(fp_digit)); fp_clamp(B); break; @@ -1360,7 +1360,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 30; B->sign = FP_ZPOS; - memcpy(B->dp, b, 30 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 30 * sizeof(fp_digit)); fp_clamp(B); break; @@ -1529,7 +1529,7 @@ void fp_sqr_comba_small(fp_int *A, fp_int *B) B->used = 32; B->sign = FP_ZPOS; - memcpy(B->dp, b, 32 * sizeof(fp_digit)); + XMEMCPY(B->dp, b, 32 * sizeof(fp_digit)); fp_clamp(B); break; diff --git a/wolfssl/openssl/ec.h b/wolfssl/openssl/ec.h index ab4efb073..e8711d791 100644 --- a/wolfssl/openssl/ec.h +++ b/wolfssl/openssl/ec.h @@ -16,9 +16,9 @@ enum { NID_secp112r1 = 0, NID_secp128r1 = 1, NID_secp160r1 = 2, - NID_secp192k1 = 3, + NID_X9_62_prime192v1 = 3, NID_secp224r1 = 4, - NID_secp256k1 = 5, + NID_X9_62_prime256v1 = 5, NID_secp384r1 = 6, NID_secp521r1 = 7, NID_X9_62_prime_field = 100, diff --git a/wolfssl/wolfcrypt/mem_track.h b/wolfssl/wolfcrypt/mem_track.h index f7972a272..beb280b3e 100644 --- a/wolfssl/wolfcrypt/mem_track.h +++ b/wolfssl/wolfcrypt/mem_track.h @@ -181,7 +181,7 @@ } if (ret && ptr) - memcpy(ret, ptr, sz); + XMEMCPY(ret, ptr, sz); if (ret) { #ifdef WOLFSSL_DEBUG_MEMORY From 3789d9913c607385e9c5aa85cbda6f386ff49171 Mon Sep 17 00:00:00 2001 From: David Garske Date: Sat, 18 Jun 2016 22:35:52 -0700 Subject: [PATCH 6/7] Fixes scan-build warning "wolfcrypt/src/ecc.c:2208:6: warning: Use of memory after it is freed". This is due to a rebase issue with static memory changes after the new ECC custom curves changes. The precomp[] is init to NULL at top so cleanup can always be done at end (shouldn't be done in middle). --- wolfcrypt/src/ecc.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 4bd19bff3..ae65fdba4 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -2067,9 +2067,6 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA, for (x = 0; x < 16; x++) { precomp[x] = wc_ecc_new_point_h(heap); if (precomp[x] == NULL) { - for (y = 0; y < x; ++y) { - wc_ecc_del_point_h(precomp[y], heap); - } err = GEN_MEM_ERR; break; } From f4473edfb1e79cf8b0bf27affe3264cde6a1016a Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 20 Jun 2016 16:20:18 -0700 Subject: [PATCH 7/7] bump dev version --- configure.ac | 2 +- support/wolfssl.pc | 2 +- wolfssl/version.h | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/configure.ac b/configure.ac index 3132eca12..5ced203d5 100644 --- a/configure.ac +++ b/configure.ac @@ -6,7 +6,7 @@ # # -AC_INIT([wolfssl],[3.9.6],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com]) +AC_INIT([wolfssl],[3.9.7],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[http://www.wolfssl.com]) AC_CONFIG_AUX_DIR([build-aux]) diff --git a/support/wolfssl.pc b/support/wolfssl.pc index 85b1ecf7c..bf71aab4c 100644 --- a/support/wolfssl.pc +++ b/support/wolfssl.pc @@ -5,6 +5,6 @@ includedir=${prefix}/include Name: wolfssl Description: wolfssl C library. -Version: 3.9.6 +Version: 3.9.7 Libs: -L${libdir} -lwolfssl Cflags: -I${includedir} diff --git a/wolfssl/version.h b/wolfssl/version.h index 69e364873..7fcd75f25 100644 --- a/wolfssl/version.h +++ b/wolfssl/version.h @@ -28,8 +28,8 @@ extern "C" { #endif -#define LIBWOLFSSL_VERSION_STRING "3.9.6" -#define LIBWOLFSSL_VERSION_HEX 0x03009006 +#define LIBWOLFSSL_VERSION_STRING "3.9.7" +#define LIBWOLFSSL_VERSION_HEX 0x03009007 #ifdef __cplusplus }