From 984d16b72715ca08d4fff705adf069c79ed0291a Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 17 Oct 2024 18:48:07 -0500 Subject: [PATCH 1/3] refactor wolfcrypt constructors: add delete APIs, matching recently added wc_AesNew, wc_curve25519_new, wc_ed25519_new, wc_HashNew, and wc_NewRsaKey: * wc_AesDelete() * wc_HashDelete() * wc_DeleteRsaKey() * wc_curve25519_delete() * wc_ed25519_delete() * remove handling in corresponding preexisting free APIs for recently added .isAllocated member -- this restores preexisting semantics; * add WC_NO_CONSTRUCTORS gate, and auto-activate it when NO_WOLFSSL_MEMORY && WOLFSSL_NO_MALLOC (unless preempted by XMALLOC_USER or XMALLOC_OVERRIDE); * exclude recently added .isAllocated members from wolfcrypt structs when defined(WC_NO_CONSTRUCTORS); * adjust wolfcrypt/test/test.c for consistency with the above, and fix cleanup codes/dynamics in several tests. --- wolfcrypt/src/aes.c | 27 +-- wolfcrypt/src/curve25519.c | 22 +-- wolfcrypt/src/ed25519.c | 25 ++- wolfcrypt/src/hash.c | 41 ++--- wolfcrypt/src/rsa.c | 22 ++- wolfcrypt/test/test.c | 322 +++++++++++++++++---------------- wolfssl/wolfcrypt/aes.h | 5 +- wolfssl/wolfcrypt/curve25519.h | 12 +- wolfssl/wolfcrypt/ed25519.h | 12 +- wolfssl/wolfcrypt/hash.h | 12 +- wolfssl/wolfcrypt/rsa.h | 10 +- wolfssl/wolfcrypt/types.h | 6 + 12 files changed, 284 insertions(+), 232 deletions(-) diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 89af92a030..5d4f4a1e3a 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -11299,6 +11299,7 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz, #endif /* HAVE_AESCCM */ +#ifndef WC_NO_CONSTRUCTORS Aes* wc_AesNew(void* heap, int devId) { Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); @@ -11314,6 +11315,17 @@ Aes* wc_AesNew(void* heap, int devId) return aes; } +int wc_AesDelete(Aes** aes) +{ + if ((aes == NULL) || (*aes == NULL)) + return BAD_FUNC_ARG; + wc_AesFree(*aes); + XFREE(*aes, (*aes)->heap, DYNAMIC_TYPE_AES); + *aes = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ + /* Initialize Aes for use with async hardware */ int wc_AesInit(Aes* aes, void* heap, int devId) { @@ -11448,18 +11460,12 @@ int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId) /* Free Aes from use with async hardware */ void wc_AesFree(Aes* aes) { - void* heap; - byte isAllocated; - if (aes == NULL) { return; } - heap = aes->heap; - isAllocated = aes->isAllocated; - #ifdef WC_DEBUG_CIPHER_LIFECYCLE - (void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, heap, 1); + (void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1); #endif #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES) @@ -11497,7 +11503,7 @@ void wc_AesFree(Aes* aes) #endif #if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \ !defined(WOLFSSL_AESNI) - XFREE(aes->streamData, heap, DYNAMIC_TYPE_AES); + XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES); aes->streamData = NULL; #endif @@ -11524,11 +11530,6 @@ void wc_AesFree(Aes* aes) #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(aes, sizeof(Aes)); #endif - - if (isAllocated) { - XFREE(aes, heap, DYNAMIC_TYPE_AES); - } - } int wc_AesGetKeySize(Aes* aes, word32* keySize) diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c index db3205a041..d4db9b28b3 100644 --- a/wolfcrypt/src/curve25519.c +++ b/wolfcrypt/src/curve25519.c @@ -655,6 +655,7 @@ int wc_curve25519_import_private_ex(const byte* priv, word32 privSz, #endif /* HAVE_CURVE25519_KEY_IMPORT */ +#ifndef WC_NO_CONSTRUCTORS curve25519_key* wc_curve25519_new(void* heap, int devId) { curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap, @@ -671,6 +672,16 @@ curve25519_key* wc_curve25519_new(void* heap, int devId) return key; } +int wc_curve25519_delete(curve25519_key** key) { + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_curve25519_free(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_CURVE25519); + *key = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ + int wc_curve25519_init_ex(curve25519_key* key, void* heap, int devId) { if (key == NULL) @@ -707,15 +718,9 @@ int wc_curve25519_init(curve25519_key* key) /* Clean the memory of a key */ void wc_curve25519_free(curve25519_key* key) { - void* heap; - byte isAllocated = 0; - if (key == NULL) return; - heap = key->heap; - isAllocated = key->isAllocated; - #ifdef WOLFSSL_SE050 se050_curve25519_free_key(key); #endif @@ -729,11 +734,6 @@ void wc_curve25519_free(curve25519_key* key) #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(key, sizeof(curve25519_key)); #endif - - if (isAllocated) { - XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); - (void)heap; - } } /* get key size */ diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c index a000453880..02b318774f 100644 --- a/wolfcrypt/src/ed25519.c +++ b/wolfcrypt/src/ed25519.c @@ -968,7 +968,7 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, } #endif /* HAVE_ED25519_VERIFY */ -#ifndef WOLFSSL_NO_MALLOC +#ifndef WC_NO_CONSTRUCTORS ed25519_key* wc_ed25519_new(void* heap, int devId) { ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, @@ -984,7 +984,16 @@ ed25519_key* wc_ed25519_new(void* heap, int devId) } return key; } -#endif + +int wc_ed25519_delete(ed25519_key** key) { + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_ed25519_free(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_ED25519); + *key = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ /* initialize information and memory for key */ int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId) @@ -1025,15 +1034,9 @@ int wc_ed25519_init(ed25519_key* key) /* clear memory of key */ void wc_ed25519_free(ed25519_key* key) { - void* heap; - byte isAllocated = 0; - if (key == NULL) return; - heap = key->heap; - isAllocated = key->isAllocated; - #ifdef WOLFSSL_ED25519_PERSISTENT_SHA ed25519_hash_free(key, &key->sha); #endif @@ -1046,12 +1049,6 @@ void wc_ed25519_free(ed25519_key* key) #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(key, sizeof(ed25519_key)); #endif - - if (isAllocated) { - XFREE(key, heap, DYNAMIC_TYPE_ED25519); - (void)heap; - } - } diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index 4249c39ea9..73429c3acb 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -686,7 +686,7 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data, NULL, INVALID_DEVID); } -#ifndef WOLFSSL_NO_MALLOC +#ifndef WC_NO_CONSTRUCTORS wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId) { wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, @@ -702,7 +702,19 @@ wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId) } return hash; } -#endif + +int wc_HashDelete(wc_HashAlg **hash) { + int ret; + if ((hash == NULL) || (*hash == NULL)) + return BAD_FUNC_ARG; + ret = wc_HashFree(*hash, (*hash)->type); + if (ret < 0) + return ret; + XFREE(*hash, (*hash)->heap, DYNAMIC_TYPE_HASHES); + *hash = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, int devId) @@ -712,9 +724,14 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, if (hash == NULL) return BAD_FUNC_ARG; - hash->isAllocated = 0; hash->type = type; +#ifdef WC_NO_CONSTRUCTORS + (void)heap; +#else + hash->heap = heap; +#endif + switch (type) { case WC_HASH_TYPE_MD5: #ifndef NO_MD5 @@ -808,7 +825,6 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, ret = BAD_FUNC_ARG; }; - (void)heap; (void)devId; return ret; @@ -1043,8 +1059,6 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) { int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */ - void* heap = NULL; - byte isAllocated = 0; if (hash == NULL) return BAD_FUNC_ARG; @@ -1056,47 +1070,39 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) } #endif - isAllocated = hash->isAllocated; - switch (type) { case WC_HASH_TYPE_MD5: #ifndef NO_MD5 - heap = hash->alg.md5.heap; wc_Md5Free(&hash->alg.md5); ret = 0; #endif break; case WC_HASH_TYPE_SHA: #ifndef NO_SHA - heap = hash->alg.sha.heap; wc_ShaFree(&hash->alg.sha); ret = 0; #endif break; case WC_HASH_TYPE_SHA224: #ifdef WOLFSSL_SHA224 - heap = hash->alg.sha224.heap; wc_Sha224Free(&hash->alg.sha224); ret = 0; #endif break; case WC_HASH_TYPE_SHA256: #ifndef NO_SHA256 - heap = hash->alg.sha256.heap; wc_Sha256Free(&hash->alg.sha256); ret = 0; #endif break; case WC_HASH_TYPE_SHA384: #ifdef WOLFSSL_SHA384 - heap = hash->alg.sha384.heap; wc_Sha384Free(&hash->alg.sha384); ret = 0; #endif break; case WC_HASH_TYPE_SHA512: #ifdef WOLFSSL_SHA512 - heap = hash->alg.sha512.heap; wc_Sha512Free(&hash->alg.sha512); ret = 0; #endif @@ -1123,7 +1129,6 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) #endif case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) - heap = hash->alg.sha3.heap; wc_Sha3_224_Free(&hash->alg.sha3); ret = 0; #endif @@ -1149,7 +1154,6 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) #ifdef WOLFSSL_SM3 case WC_HASH_TYPE_SM3: - heap = hash->alg.sm3.heap; wc_Sm3Free(&hash->alg.sm3); ret = 0; break; @@ -1172,11 +1176,6 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) ret = BAD_FUNC_ARG; }; - if (isAllocated) { - XFREE(hash, heap, DYNAMIC_TYPE_HASHES); - (void)heap; - } - return ret; } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 3cd4c324b2..9770d321b5 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -154,6 +154,7 @@ static void wc_RsaCleanup(RsaKey* key) #endif } +#ifndef WC_NO_CONSTRUCTORS RsaKey* wc_NewRsaKey(void* heap, int devId) { RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); @@ -169,6 +170,17 @@ RsaKey* wc_NewRsaKey(void* heap, int devId) return key; } +int wc_DeleteRsaKey(RsaKey** key) +{ + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_FreeRsaKey(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_RSA); + *key = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ + int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId) { int ret = 0; @@ -542,16 +554,11 @@ int wc_RsaGetKeyId(RsaKey* key, word32* keyId) int wc_FreeRsaKey(RsaKey* key) { int ret = 0; - void* heap; - byte isAllocated = 0; if (key == NULL) { return BAD_FUNC_ARG; } - heap = key->heap; - isAllocated = key->isAllocated; - wc_RsaCleanup(key); #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) @@ -615,11 +622,6 @@ int wc_FreeRsaKey(RsaKey* key) wc_fspsm_RsaKeyFree(key); #endif - if (isAllocated) { - XFREE(key, heap, DYNAMIC_TYPE_RSA); - (void)heap; - } - return ret; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index c8dc36742c..436f0c55f4 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -937,8 +937,8 @@ static void myFipsCb(int ok, int err, const char* hash) #if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) -#ifndef NO_AES -static struct Aes *wc_AesNew(void *heap, int thisDevId) { +#if !defined(NO_AES) && !defined(WC_NO_CONSTRUCTORS) +static WC_MAYBE_UNUSED struct Aes *wc_AesNew(void *heap, int thisDevId) { Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); if (aes != NULL) { if (wc_AesInit(aes, heap, thisDevId) != 0) { @@ -948,10 +948,19 @@ static struct Aes *wc_AesNew(void *heap, int thisDevId) { } return aes; } -#endif +static WC_MAYBE_UNUSED int wc_AesDelete(Aes** aes) +{ + if ((aes == NULL) || (*aes == NULL)) + return BAD_FUNC_ARG; + wc_AesFree(*aes); + XFREE(*aes, (*aes)->heap, DYNAMIC_TYPE_AES); + *aes = NULL; + return 0; +} +#endif /* !NO_AES && !WC_NO_CONSTRUCTORS */ -#ifndef NO_RSA -static RsaKey* wc_NewRsaKey(void* heap, int thisDevId) +#if !defined(NO_RSA) && !defined(WC_NO_CONSTRUCTORS) +static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int thisDevId) { RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); if (key != NULL) { @@ -962,11 +971,19 @@ static RsaKey* wc_NewRsaKey(void* heap, int thisDevId) } return key; } -#endif +static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey** key) +{ + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_FreeRsaKey(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_RSA); + *key = NULL; + return 0; +} +#endif /* !NO_RSA && !WC_NO_CONSTRUCTORS */ #endif /* FIPS_VERSION3_LT(6,0,0) */ - #ifdef WOLFSSL_STATIC_MEMORY #if defined(WOLFSSL_STATIC_MEMORY_TEST_SZ) static byte gTestMemory[WOLFSSL_STATIC_MEMORY_TEST_SZ]; @@ -6039,7 +6056,6 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) ret = MEMORY_E; return WC_TEST_RET_ENC_EC(ret); } - hash->isAllocated = 0; /* free manually */ #else XMEMSET(hash, 0, sizeof(wc_HashAlg)); #endif @@ -6320,10 +6336,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - if (hash != NULL) { - hash->isAllocated = 1; /* free manually */ - (void)wc_HashFree(hash, hash->type); - } + (void)wc_HashDelete(&hash); #endif return 0; @@ -9545,16 +9558,18 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); + #else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif + #endif #ifdef HAVE_AES_DECRYPT + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); + #else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif + #endif #endif #endif /* WOLFSSL_AES_256 */ @@ -9873,14 +9888,16 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -10133,14 +10150,16 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -10343,14 +10362,16 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -10486,9 +10507,10 @@ static wc_test_ret_t aes_key_size_test(void) ret = 0; /* success */ out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&aes); +#else wc_AesFree(aes); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(aes, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -13526,14 +13548,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void) #endif /* DEBUG_VECTOR_REGISTER_ACCESS && WC_C_DYNAMIC_FALLBACK */ out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif return ret; @@ -14100,14 +14124,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -14176,13 +14202,12 @@ static wc_test_ret_t aes_ecb_direct_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); + wc_AesDelete(&dec); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -14374,14 +14399,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif #endif /* HAVE_AES_CBC */ @@ -14579,14 +14606,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif #endif /* HAVE_AES_CBC */ @@ -14714,13 +14743,12 @@ static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); + wc_AesDelete(&dec); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -15652,13 +15680,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) XFREE(large_outdec, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); + wc_AesDelete(&dec); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -15877,9 +15904,10 @@ static wc_test_ret_t aesccm_256_test(void) } #endif +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&aes); +#else wc_AesFree(aes); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(aes, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -16044,19 +16072,9 @@ static wc_test_ret_t aesccm_128_test(void) XMEMSET(iv2, 0, sizeof(iv2)); wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); - if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), out); -#else - XMEMSET(enc, 0, sizeof(Aes)); ret = wc_AesInit(enc, HEAP_HINT, devId); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); -#endif #ifndef HAVE_SELFTEST /* selftest build does not have wc_AesCcmSetNonce() or @@ -16179,9 +16197,10 @@ static wc_test_ret_t aesccm_128_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(&enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -21553,7 +21572,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC if (in == NULL || out == NULL || plain == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); #endif XMEMCPY(in, inStr, inLen); @@ -21561,26 +21580,33 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) key = wc_NewRsaKey(HEAP_HINT, devId); if (key == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) keypub = wc_NewRsaKey(HEAP_HINT, devId); if (keypub == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); #endif #ifdef WOLFSSL_TEST_CERT if (cert == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); #endif -#endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */ - /* initialize stack structures */ - XMEMSET(&rng, 0, sizeof(rng)); - /* memset also clears isAllocated bit, so free must be called manually */ - XMEMSET(key, 0, sizeof(RsaKey)); +#else /* ! (WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC) */ + + ret = wc_InitRsaKey_ex(key, HEAP_HINT, devId); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - XMEMSET(keypub, 0, sizeof(RsaKey)); + ret = wc_InitRsaKey_ex(keypub, HEAP_HINT, devId); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #endif +#endif /* ! (WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC) */ + + /* initialize stack structures */ + XMEMSET(&rng, 0, sizeof(rng)); + #if !defined(NO_ASN) ret = rsa_decode_test(key); if (ret != 0) @@ -21850,7 +21876,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) && !defined(WOLF_CRYPTO_CB_ONLY_RSA) ret = rsa_oaep_padding_test(key, &rng); if (ret != 0) - return ret; + goto exit_rsa; #endif /* !HAVE_FIPS */ #endif /* WC_NO_RSA_OAEP && !WC_NO_RNG */ @@ -21860,14 +21886,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) && !defined(WOLFSSL_RSA_VERIFY_ONLY) ret = rsa_export_key_test(key); if (ret != 0) - return ret; + goto exit_rsa; #endif #if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \ !defined(WOLFSSL_RSA_VERIFY_ONLY) ret = rsa_flatten_test(key); if (ret != 0) - return ret; + goto exit_rsa; #endif #if !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_ASN) && \ @@ -22130,16 +22156,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) exit_rsa: -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - if (key != NULL) { - wc_FreeRsaKey(key); - XFREE(key, HEAP_HINT, DYNAMIC_TYPE_RSA); - } + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_DeleteRsaKey(&key); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - if (keypub != NULL) { - wc_FreeRsaKey(keypub); - XFREE(keypub, HEAP_HINT, DYNAMIC_TYPE_RSA); - } + wc_DeleteRsaKey(&keypub); #endif #ifdef WOLFSSL_TEST_CERT XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -35059,21 +35079,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) (void)x; WOLFSSL_ENTER("curve25519_test"); -#ifndef HAVE_FIPS - ret = wc_InitRng_ex(&rng, HEAP_HINT, devId); -#else - ret = wc_InitRng(&rng); -#endif - if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); - #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) userA = wc_curve25519_new(HEAP_HINT, devId); userB = wc_curve25519_new(HEAP_HINT, devId); pubKey = wc_curve25519_new(HEAP_HINT, devId); if (userA == NULL || userB == NULL || pubKey == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), cleanup); } #else wc_curve25519_init_ex(userA, HEAP_HINT, devId); @@ -35081,35 +35092,43 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) wc_curve25519_init_ex(pubKey, HEAP_HINT, devId); #endif +#ifndef HAVE_FIPS + ret = wc_InitRng_ex(&rng, HEAP_HINT, devId); +#else + ret = wc_InitRng(&rng); +#endif + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + /* make curve25519 keys */ ret = wc_curve25519_make_key(&rng, 32, userA); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_curve25519_make_key(&rng, 32, userB); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #ifdef HAVE_CURVE25519_SHARED_SECRET /* find shared secret key */ x = sizeof(sharedA); if ((ret = wc_curve25519_shared_secret(userA, userB, sharedA, &x)) != 0) { printf("wc_curve25519_shared_secret 1 failed\n"); - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); } y = sizeof(sharedB); if ((ret = wc_curve25519_shared_secret(userB, userA, sharedB, &y)) != 0) { printf("wc_curve25519_shared_secret 2 failed\n"); - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); } /* compare shared secret keys to test they are the same */ if (y != x) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); if (XMEMCMP(sharedA, sharedB, x)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #endif #ifdef HAVE_CURVE25519_KEY_EXPORT @@ -35117,12 +35136,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) x = sizeof(exportBuf); ret = wc_curve25519_export_public(userA, exportBuf, &x); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #ifdef HAVE_CURVE25519_KEY_IMPORT ret = wc_curve25519_import_public(exportBuf, x, pubKey); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif #endif @@ -35132,104 +35151,104 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) XMEMSET(sharedB, 0, sizeof(sharedB)); y = sizeof(sharedB); if (wc_curve25519_shared_secret(userB, pubKey, sharedB, &y) != 0) { - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); } if (XMEMCMP(sharedA, sharedB, y)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); /* import RFC test vectors and compare shared key */ ret = wc_curve25519_import_private_raw(sa, sizeof(sa), pa, sizeof(pa), userA); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_curve25519_import_private_raw(sb, sizeof(sb), pb, sizeof(pb), userB); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); /* test against known test vector */ XMEMSET(sharedB, 0, sizeof(sharedB)); y = sizeof(sharedB); ret = wc_curve25519_shared_secret(userA, userB, sharedB, &y); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(ss, sharedB, y)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); /* test swapping roles of keys and generating same shared key */ XMEMSET(sharedB, 0, sizeof(sharedB)); y = sizeof(sharedB); ret = wc_curve25519_shared_secret(userB, userA, sharedB, &y); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(ss, sharedB, y)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); /* test with 1 generated key and 1 from known test vector */ ret = wc_curve25519_import_private_raw(sa, sizeof(sa), pa, sizeof(pa), userA); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); wc_curve25519_free(userB); -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - userB = wc_curve25519_new(HEAP_HINT, devId); - if (userB == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } -#else wc_curve25519_init_ex(userB, HEAP_HINT, devId); -#endif ret = wc_curve25519_make_key(&rng, 32, userB); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); x = sizeof(sharedA); ret = wc_curve25519_shared_secret(userA, userB, sharedA, &x); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); y = sizeof(sharedB); ret = wc_curve25519_shared_secret(userB, userA, sharedB, &y); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); /* compare shared secret keys to test they are the same */ if (y != x) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); if (XMEMCMP(sharedA, sharedB, x)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); ret = curve25519_overflow_test(); if (ret != 0) - return ret; + goto cleanup; ret = curve25519_check_public_test(); if (ret != 0) - return ret; + goto cleanup; #endif /* HAVE_CURVE25519_SHARED_SECRET && HAVE_CURVE25519_KEY_IMPORT */ #if !defined(NO_ASN) && defined(HAVE_CURVE25519_KEY_EXPORT) && \ defined(HAVE_CURVE25519_KEY_IMPORT) ret = curve255519_der_test(); if (ret != 0) - return ret; + goto cleanup; #endif +cleanup: + /* clean up keys when done */ +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_curve25519_delete(&pubKey); + wc_curve25519_delete(&userB); + wc_curve25519_delete(&userA); +#else wc_curve25519_free(pubKey); wc_curve25519_free(userB); wc_curve25519_free(userA); +#endif wc_FreeRng(&rng); - return 0; + return ret; } #endif /* HAVE_CURVE25519 */ @@ -36387,15 +36406,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) #endif /* HAVE_ED25519_VERIFY */ wc_ed25519_free(key3); -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key3 = wc_ed25519_new(HEAP_HINT, devId); - if (key3 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } -#else wc_ed25519_init_ex(key3, HEAP_HINT, devId); -#endif idx = 0; ret = wc_Ed25519PrivateKeyDecode(privPubEd25519, &idx, key3, @@ -36410,13 +36421,22 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) if (XMEMCMP(out, sigs[0], 64)) return WC_TEST_RET_ENC_NC; +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_ed25519_delete(&key3); +#else wc_ed25519_free(key3); +#endif #endif /* NO_ASN */ #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_EXPORT && HAVE_ED25519_KEY_IMPORT */ /* clean up keys when done */ +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_ed25519_delete(&key); + wc_ed25519_delete(&key2); +#else wc_ed25519_free(key); wc_ed25519_free(key2); +#endif #if defined(HAVE_HASHDRBG) || defined(NO_RC4) wc_FreeRng(&rng); diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index c01482c341..a4327d0ee8 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -726,8 +726,11 @@ WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap, WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId); #endif -WOLFSSL_API Aes* wc_AesNew(void* heap, int devId); WOLFSSL_API void wc_AesFree(Aes* aes); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API Aes* wc_AesNew(void* heap, int devId); +WOLFSSL_API int wc_AesDelete(Aes** aes); +#endif #ifdef WOLFSSL_AES_SIV typedef struct AesSivAssoc { diff --git a/wolfssl/wolfcrypt/curve25519.h b/wolfssl/wolfcrypt/curve25519.h index feb74aa99e..adf7fe6603 100644 --- a/wolfssl/wolfcrypt/curve25519.h +++ b/wolfssl/wolfcrypt/curve25519.h @@ -99,7 +99,9 @@ struct curve25519_key { /* bit fields */ WC_BITFIELD pubSet:1; WC_BITFIELD privSet:1; - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ +#ifndef WC_NO_CONSTRUCTORS + WC_BITFIELD isAllocated:1; +#endif }; enum { @@ -132,8 +134,6 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key, curve25519_key* public_key, byte* out, word32* outlen, int endian); -WOLFSSL_API -curve25519_key* wc_curve25519_new(void* heap, int devId); WOLFSSL_API int wc_curve25519_init(curve25519_key* key); WOLFSSL_API @@ -142,6 +142,12 @@ int wc_curve25519_init_ex(curve25519_key* key, void* heap, int devId); WOLFSSL_API void wc_curve25519_free(curve25519_key* key); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API +curve25519_key* wc_curve25519_new(void* heap, int devId); +WOLFSSL_API +int wc_curve25519_delete(curve25519_key** key); +#endif /* raw key helpers */ WOLFSSL_API diff --git a/wolfssl/wolfcrypt/ed25519.h b/wolfssl/wolfcrypt/ed25519.h index 1de20133a9..f29dcfa3b7 100644 --- a/wolfssl/wolfcrypt/ed25519.h +++ b/wolfssl/wolfcrypt/ed25519.h @@ -97,8 +97,9 @@ struct ed25519_key { WC_BITFIELD privKeySet:1; WC_BITFIELD pubKeySet:1; WC_BITFIELD sha_clean_flag:1; /* only used if WOLFSSL_ED25519_PERSISTENT_SHA */ - /* flag indicates if structure was allocated */ +#ifndef WC_NO_CONSTRUCTORS WC_BITFIELD isAllocated:1; +#endif #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif @@ -177,14 +178,19 @@ int wc_ed25519_verify_msg_final(const byte* sig, word32 sigLen, int* res, #endif /* WOLFSSL_ED25519_STREAMING_VERIFY */ #endif /* HAVE_ED25519_VERIFY */ -WOLFSSL_API -ed25519_key* wc_ed25519_new(void* heap, int devId); WOLFSSL_API int wc_ed25519_init(ed25519_key* key); WOLFSSL_API int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId); WOLFSSL_API void wc_ed25519_free(ed25519_key* key); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API +ed25519_key* wc_ed25519_new(void* heap, int devId); +WOLFSSL_API +int wc_ed25519_delete(ed25519_key** key); +#endif + #ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key); diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 2abfafd180..3d235bc4f9 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -125,7 +125,10 @@ typedef union { typedef struct { wc_Hashes alg; enum wc_HashType type; /* sanity check */ - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ +#ifndef WC_NO_CONSTRUCTORS + void *heap; + WC_BITFIELD isAllocated:1; +#endif } wc_HashAlg; #endif /* !NO_HASH_WRAPPER */ @@ -182,8 +185,6 @@ WOLFSSL_API int wc_Hash_ex(enum wc_HashType hash_type, byte* hash, word32 hash_len, void* heap, int devId); /* generic hash operation wrappers */ -WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, - int devId); WOLFSSL_API int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, int devId); WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type); @@ -192,6 +193,11 @@ WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out); WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, + int devId); +WOLFSSL_API int wc_HashDelete(wc_HashAlg **hash); +#endif #ifdef WOLFSSL_HASH_FLAGS WOLFSSL_API int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index 8bb0f5fe49..be9aee32aa 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -269,7 +269,9 @@ struct RsaKey { #if defined(WOLFSSL_RENESAS_FSPSM) FSPSM_RSA_CTX ctx; #endif - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ +#ifndef WC_NO_CONSTRUCTORS + WC_BITFIELD isAllocated:1; +#endif }; #ifndef WC_RSAKEY_TYPE_DEFINED @@ -293,10 +295,14 @@ struct RsaPadding { typedef struct RsaPadding RsaPadding; #endif -WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId); WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId); +WOLFSSL_API int wc_DeleteRsaKey(RsaKey** key); +#endif + #ifdef WOLF_PRIVATE_KEY_ID WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap, int devId); diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index e10f5f8b45..f1be16b9bb 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -522,6 +522,12 @@ typedef struct w64wrapper { #elif defined(NO_WOLFSSL_MEMORY) #ifdef WOLFSSL_NO_MALLOC /* this platform does not support heap use */ + #ifdef WOLFSSL_SMALL_STACK + #error WOLFSSL_SMALL_STACK requires a heap implementation. + #endif + #ifndef WC_NO_CONSTRUCTORS + #define WC_NO_CONSTRUCTORS + #endif #ifdef WOLFSSL_MALLOC_CHECK #ifndef NO_STDIO_FILESYSTEM #include From f44d12026ab0f72f8765202064fce3df4bdbe870 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 18 Oct 2024 17:49:28 -0500 Subject: [PATCH 2/3] wolfssl/wolfcrypt/{aes.h,curve25519.h,ed25519.h,hash.h,rsa.h}: remove unneeded .isAllocated member from struct definitions, and add int *result_code argument to constructor prototypes; wolfssl/wolfcrypt/aes.h: add Aes.streamData_sz; src/tls13.c: fix devId passed to wc_HmacInit() in CreateCookieExt() and TlsCheckCookie(); src/keys.c: in SetKeys(), call wc_HmacInit() on hmacs only if newly allocated; wolfcrypt/src/aes.c: * in wc_Gmac(), wc_GmacVerify(), and AesSivCipher(), use wc_AesNew() and wc_AesDelete(); * in wc_AesInit(), zero the object on entry, and remove superseded piecemeal initializations to zero; * in wc_AesFree(), zero aes->streamData, and zero the entire object as final cleanup; wolfcrypt/src/curve25519.c: in wc_curve25519_free(), zero the entire object rather than zeroing piecemeal; wolfcrypt/test/test.c: * add fallback implementations (for old FIPS) of wc_HashNew(), wc_HashDelete(), wc_curve25519_new(), wc_curve25519_delete(), wc_ed25519_new(), and wc_ed25519_delete(); * update constructor calls throughout for new semantics; * refactor ed25519_test() for proper cleanup and error encoding. --- src/keys.c | 4 - src/tls13.c | 6 +- wolfcrypt/src/aes.c | 153 +++++-------- wolfcrypt/src/curve25519.c | 24 +- wolfcrypt/src/ed25519.c | 18 +- wolfcrypt/src/hash.c | 19 +- wolfcrypt/src/rsa.c | 18 +- wolfcrypt/test/test.c | 390 ++++++++++++++++++++++----------- wolfssl/wolfcrypt/aes.h | 6 +- wolfssl/wolfcrypt/curve25519.h | 6 +- wolfssl/wolfcrypt/ed25519.h | 6 +- wolfssl/wolfcrypt/hash.h | 3 +- wolfssl/wolfcrypt/rsa.h | 5 +- wolfssl/wolfcrypt/types.h | 4 + 14 files changed, 375 insertions(+), 287 deletions(-) diff --git a/src/keys.c b/src/keys.c index b13fbdf5b8..b5b982c1b3 100644 --- a/src/keys.c +++ b/src/keys.c @@ -3318,9 +3318,7 @@ int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, DYNAMIC_TYPE_CIPHER); if (enc->hmac == NULL) return MEMORY_E; - } - if (enc) { if (wc_HmacInit(enc->hmac, heap, devId) != 0) { WOLFSSL_MSG("HmacInit failed in SetKeys"); XFREE(enc->hmac, heap, DYNAMIC_TYPE_CIPHER); @@ -3334,9 +3332,7 @@ int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, DYNAMIC_TYPE_CIPHER); if (dec->hmac == NULL) return MEMORY_E; - } - if (dec) { if (wc_HmacInit(dec->hmac, heap, devId) != 0) { WOLFSSL_MSG("HmacInit failed in SetKeys"); XFREE(dec->hmac, heap, DYNAMIC_TYPE_CIPHER); diff --git a/src/tls13.c b/src/tls13.c index 90e4568f40..e8268939ba 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -2534,7 +2534,6 @@ static int Tls13IntegrityOnly_Encrypt(WOLFSSL* ssl, byte* output, /* Copy the input to output if not the same buffer */ if (ret == 0 && output != input) XMEMCPY(output, input, sz); - return ret; } #endif @@ -2930,7 +2929,6 @@ static int Tls13IntegrityOnly_Decrypt(WOLFSSL* ssl, byte* output, /* Copy the input to output if not the same buffer */ if (ret == 0 && output != input) XMEMCPY(output, input, sz); - return ret; } #endif @@ -3612,7 +3610,7 @@ int CreateCookieExt(const WOLFSSL* ssl, byte* hash, word16 hashSz, macSz = WC_SHA256_DIGEST_SIZE; #endif /* NO_SHA256 */ - ret = wc_HmacInit(&cookieHmac, ssl->heap, INVALID_DEVID); + ret = wc_HmacInit(&cookieHmac, ssl->heap, ssl->devId); if (ret == 0) { ret = wc_HmacSetKey(&cookieHmac, cookieType, ssl->buffers.tls13CookieSecret.buffer, @@ -6394,7 +6392,7 @@ int TlsCheckCookie(const WOLFSSL* ssl, const byte* cookie, word16 cookieSz) return HRR_COOKIE_ERROR; cookieSz -= macSz; - ret = wc_HmacInit(&cookieHmac, ssl->heap, INVALID_DEVID); + ret = wc_HmacInit(&cookieHmac, ssl->heap, ssl->devId); if (ret == 0) { ret = wc_HmacSetKey(&cookieHmac, cookieType, ssl->buffers.tls13CookieSecret.buffer, diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 5d4f4a1e3a..44dc31cb67 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -10026,7 +10026,8 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv, #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI) if ((ret == 0) && (aes->streamData == NULL)) { /* Allocate buffers for streaming. */ - aes->streamData = (byte*)XMALLOC(5 * AES_BLOCK_SIZE, aes->heap, + aes->streamData_sz = 5 * AES_BLOCK_SIZE; + aes->streamData = (byte*)XMALLOC(aes->streamData_sz, aes->heap, DYNAMIC_TYPE_AES); if (aes->streamData == NULL) { ret = MEMORY_E; @@ -10513,7 +10514,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, WC_RNG* rng) { #ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; + Aes *aes; #else Aes aes[1]; #endif @@ -10526,25 +10527,24 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, } #ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else + ret = wc_AesInit(aes, NULL, INVALID_DEVID); #endif + if (ret != 0) + return ret; - ret = wc_AesInit(aes, NULL, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesGcmSetKey(aes, key, keySz); - if (ret == 0) - ret = wc_AesGcmSetIV(aes, ivSz, NULL, 0, rng); - if (ret == 0) - ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz, + ret = wc_AesGcmSetKey(aes, key, keySz); + if (ret == 0) + ret = wc_AesGcmSetIV(aes, ivSz, NULL, 0, rng); + if (ret == 0) + ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz, authTag, authTagSz, authIn, authInSz); - aes->isAllocated = 0; - wc_AesFree(aes); - } - ForceZero(aes, sizeof *aes); + #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); + wc_AesDelete(&aes); +#else + wc_AesFree(aes); #endif return ret; @@ -10570,24 +10570,21 @@ int wc_GmacVerify(const byte* key, word32 keySz, } #ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; -#endif - + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else ret = wc_AesInit(aes, NULL, INVALID_DEVID); +#endif if (ret == 0) { ret = wc_AesGcmSetKey(aes, key, keySz); if (ret == 0) ret = wc_AesGcmDecrypt(aes, NULL, NULL, 0, iv, ivSz, authTag, authTagSz, authIn, authInSz); - aes->isAllocated = 0; - wc_AesFree(aes); } - ForceZero(aes, sizeof *aes); #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); + wc_AesDelete(&aes); +#else + wc_AesFree(aes); #endif #else (void)key; @@ -11300,18 +11297,24 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz, #endif /* HAVE_AESCCM */ #ifndef WC_NO_CONSTRUCTORS -Aes* wc_AesNew(void* heap, int devId) +Aes* wc_AesNew(void* heap, int devId, int *result_code) { + int ret; Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); - if (aes != NULL) { - if (wc_AesInit(aes, heap, devId) != 0) { + if (aes == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_AesInit(aes, heap, devId); + if (ret != 0) { XFREE(aes, heap, DYNAMIC_TYPE_AES); aes = NULL; } - else { - aes->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return aes; } @@ -11326,7 +11329,7 @@ int wc_AesDelete(Aes** aes) } #endif /* !WC_NO_CONSTRUCTORS */ -/* Initialize Aes for use with async hardware */ +/* Initialize Aes */ int wc_AesInit(Aes* aes, void* heap, int devId) { int ret = 0; @@ -11334,18 +11337,12 @@ int wc_AesInit(Aes* aes, void* heap, int devId) if (aes == NULL) return BAD_FUNC_ARG; - aes->isAllocated = 0; - aes->heap = heap; - aes->rounds = 0; + XMEMSET(aes, 0, sizeof(*aes)); -#ifdef WOLFSSL_AESNI - /* clear here for the benefit of wc_AesGcmInit(). */ - aes->use_aesni = 0; -#endif + aes->heap = heap; #ifdef WOLF_CRYPTO_CB aes->devId = devId; - aes->devCtx = NULL; #else (void)devId; #endif @@ -11358,51 +11355,18 @@ int wc_AesInit(Aes* aes, void* heap, int devId) aes->alFd = WC_SOCK_NOTSET; aes->rdFd = WC_SOCK_NOTSET; #endif -#ifdef WOLFSSL_KCAPI_AES - aes->handle = NULL; - aes->init = 0; -#endif #if defined(WOLFSSL_DEVCRYPTO) && \ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) aes->ctx.cfd = -1; #endif -#if defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES) - XMEMSET(&aes->ctx, 0, sizeof(aes->ctx)); -#endif #if defined(WOLFSSL_IMXRT_DCP) DCPAesInit(aes); #endif -#ifdef WOLFSSL_MAXQ10XX_CRYPTO - XMEMSET(&aes->maxq_ctx, 0, sizeof(aes->maxq_ctx)); -#endif - -#ifdef HAVE_AESGCM -#ifdef OPENSSL_EXTRA - XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH)); - aes->gcm.aadLen = 0; -#endif -#endif - -#ifdef WOLFSSL_AESGCM_STREAM -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI) - aes->streamData = NULL; -#endif - aes->keylen = 0; - aes->nonceSz = 0; - aes->gcmKeySet = 0; - aes->nonceSet = 0; - aes->ctrSet = 0; -#endif - #if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES) ret = wc_psa_aes_init(aes); #endif -#if defined(WOLFSSL_RENESAS_FSPSM) - XMEMSET(&aes->ctx, 0, sizeof(aes->ctx)); -#endif - #ifdef WC_DEBUG_CIPHER_LIFECYCLE if (ret == 0) ret = wc_debug_CipherLifecycleInit(&aes->CipherLifecycleTag, aes->heap); @@ -11457,7 +11421,7 @@ int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId) } #endif -/* Free Aes from use with async hardware */ +/* Free Aes resources */ void wc_AesFree(Aes* aes) { if (aes == NULL) { @@ -11503,8 +11467,11 @@ void wc_AesFree(Aes* aes) #endif #if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \ !defined(WOLFSSL_AESNI) - XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES); - aes->streamData = NULL; + if (aes->streamData != NULL) { + ForceZero(aes->streamData, aes->streamData_sz); + XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES); + aes->streamData = NULL; + } #endif #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT) @@ -11527,6 +11494,8 @@ void wc_AesFree(Aes* aes) wc_fspsm_Aesfree(aes); #endif + ForceZero(aes, sizeof(Aes)); + #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(aes, sizeof(Aes)); #endif @@ -14018,29 +13987,17 @@ static WARN_UNUSED_RESULT int AesSivCipher( } } -#ifdef WOLFSSL_SMALL_STACK - if (ret == 0) { - aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_AES); - if (aes == NULL) { - ret = MEMORY_E; - } - } -#endif - if (ret == 0) { +#ifdef WOLFSSL_SMALL_STACK + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else ret = wc_AesInit(aes, NULL, INVALID_DEVID); +#endif if (ret != 0) { WOLFSSL_MSG("Failed to initialized AES object."); } } -#ifndef WOLFSSL_SMALL_STACK - /* make aes has heap hint and isAllocated initialized for cleanup below */ - if (ret != 0) { - XMEMSET(aes, 0, sizeof(Aes)); - } -#endif - if (ret == 0 && dataSz > 0) { sivTmp[12] &= 0x7f; sivTmp[8] &= 0x7f; @@ -14071,14 +14028,10 @@ static WARN_UNUSED_RESULT int AesSivCipher( } #ifdef WOLFSSL_SMALL_STACK - if (aes != NULL) + wc_AesDelete(&aes); +#else + wc_AesFree(aes); #endif - { - wc_AesFree(aes); - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); - #endif - } return ret; } diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c index d4db9b28b3..f4c7c11aba 100644 --- a/wolfcrypt/src/curve25519.c +++ b/wolfcrypt/src/curve25519.c @@ -656,19 +656,25 @@ int wc_curve25519_import_private_ex(const byte* priv, word32 privSz, #endif /* HAVE_CURVE25519_KEY_IMPORT */ #ifndef WC_NO_CONSTRUCTORS -curve25519_key* wc_curve25519_new(void* heap, int devId) +curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code) { + int ret; curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap, DYNAMIC_TYPE_CURVE25519); - if (key != NULL) { - if (wc_curve25519_init_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_curve25519_init_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } @@ -725,11 +731,7 @@ void wc_curve25519_free(curve25519_key* key) se050_curve25519_free_key(key); #endif - key->dp = NULL; - ForceZero(key->k, sizeof(key->k)); - XMEMSET(&key->p, 0, sizeof(key->p)); - key->pubSet = 0; - key->privSet = 0; + ForceZero(key, sizeof(*key)); #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(key, sizeof(curve25519_key)); diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c index 02b318774f..ce856b9011 100644 --- a/wolfcrypt/src/ed25519.c +++ b/wolfcrypt/src/ed25519.c @@ -969,19 +969,25 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, #endif /* HAVE_ED25519_VERIFY */ #ifndef WC_NO_CONSTRUCTORS -ed25519_key* wc_ed25519_new(void* heap, int devId) +ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code) { + int ret; ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, DYNAMIC_TYPE_ED25519); - if (key != NULL) { - if (wc_ed25519_init_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_ed25519_init_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_ED25519); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index 73429c3acb..f2eefad9ce 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -687,19 +687,26 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data, } #ifndef WC_NO_CONSTRUCTORS -wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId) +wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, + int *result_code) { + int ret; wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, DYNAMIC_TYPE_HASHES); - if (hash != NULL) { - if (wc_HashInit_ex(hash, type, heap, devId) != 0) { + if (hash == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_HashInit_ex(hash, type, heap, devId); + if (ret != 0) { XFREE(hash, heap, DYNAMIC_TYPE_HASHES); hash = NULL; } - else { - hash->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return hash; } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 9770d321b5..dd5f7f8be2 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -155,18 +155,24 @@ static void wc_RsaCleanup(RsaKey* key) } #ifndef WC_NO_CONSTRUCTORS -RsaKey* wc_NewRsaKey(void* heap, int devId) +RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code) { + int ret; RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key != NULL) { - if (wc_InitRsaKey_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_InitRsaKey_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_RSA); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 436f0c55f4..b7f8131d2e 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -935,17 +935,27 @@ static void myFipsCb(int ok, int err, const char* hash) } #endif /* HAVE_FIPS && !WOLFSSL_LINUXKM */ -#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) +#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && !defined(WC_NO_CONSTRUCTORS) -#if !defined(NO_AES) && !defined(WC_NO_CONSTRUCTORS) -static WC_MAYBE_UNUSED struct Aes *wc_AesNew(void *heap, int thisDevId) { +#if !defined(NO_AES) +static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code) +{ + int ret; Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); - if (aes != NULL) { - if (wc_AesInit(aes, heap, thisDevId) != 0) { + if (aes == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_AesInit(aes, heap, devId); + if (ret != 0) { XFREE(aes, heap, DYNAMIC_TYPE_AES); aes = NULL; } } + + if (result_code != NULL) + *result_code = ret; + return aes; } static WC_MAYBE_UNUSED int wc_AesDelete(Aes** aes) @@ -957,18 +967,27 @@ static WC_MAYBE_UNUSED int wc_AesDelete(Aes** aes) *aes = NULL; return 0; } -#endif /* !NO_AES && !WC_NO_CONSTRUCTORS */ +#endif /* !NO_AES */ -#if !defined(NO_RSA) && !defined(WC_NO_CONSTRUCTORS) -static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int thisDevId) +#if !defined(NO_RSA) +static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code) { + int ret; RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key != NULL) { - if (wc_InitRsaKey_ex(key, heap, thisDevId) != 0) { + if (key = NULL) { + ret = MEMORY_E; + } + else { + ret = wc_InitRsaKey_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_RSA); key = NULL; } } + + if (result_code != NULL) + *result_code = ret; + return key; } static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey** key) @@ -980,9 +999,112 @@ static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey** key) *key = NULL; return 0; } -#endif /* !NO_RSA && !WC_NO_CONSTRUCTORS */ +#endif /* !NO_RSA */ + +#if !defined(NO_HASH_WRAPPER) +static WC_MAYBE_UNUSED wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, + int *result_code) +{ + int ret; + wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, + DYNAMIC_TYPE_HASHES); + if (hash == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_HashInit_ex(hash, type, heap, devId); + if (ret != 0) { + XFREE(hash, heap, DYNAMIC_TYPE_HASHES); + hash = NULL; + } + } + + if (result_code != NULL) + *result_code = ret; + + return hash; +} + +static WC_MAYBE_UNUSED int wc_HashDelete(wc_HashAlg **hash) { + int ret; + if ((hash == NULL) || (*hash == NULL)) + return BAD_FUNC_ARG; + ret = wc_HashFree(*hash, (*hash)->type); + if (ret < 0) + return ret; + XFREE(*hash, (*hash)->heap, DYNAMIC_TYPE_HASHES); + *hash = NULL; + return 0; +} +#endif /* !NO_HASH_WRAPPER */ + +#if defined(HAVE_CURVE25519) +static WC_MAYBE_UNUSED curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code) +{ + int ret; + curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap, + DYNAMIC_TYPE_CURVE25519); + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_curve25519_init_ex(key, heap, devId); + if (ret != 0) { + XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); + key = NULL; + } + } + + if (result_code != NULL) + *result_code = ret; + + return key; +} + +static WC_MAYBE_UNUSED int wc_curve25519_delete(curve25519_key** key) { + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_curve25519_free(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_CURVE25519); + *key = NULL; + return 0; +} +#endif /* HAVE_CURVE25519 */ + +#if defined(HAVE_ED25519) +static WC_MAYBE_UNUSED ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code) +{ + int ret; + ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, + DYNAMIC_TYPE_ED25519); + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_ed25519_init_ex(key, heap, devId); + if (ret != 0) { + XFREE(key, heap, DYNAMIC_TYPE_ED25519); + key = NULL; + } + } + + if (result_code != NULL) + *result_code = ret; + + return key; +} + +static WC_MAYBE_UNUSED int wc_ed25519_delete(ed25519_key** key) { + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_ed25519_free(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_ED25519); + *key = NULL; + return 0; +} +#endif /* HAVE_ED25519 */ -#endif /* FIPS_VERSION3_LT(6,0,0) */ +#endif /* FIPS_VERSION3_LT(6,0,0) && !WC_NO_CONSTRUCTORS */ #ifdef WOLFSSL_STATIC_MEMORY #if defined(WOLFSSL_STATIC_MEMORY_TEST_SZ) @@ -6051,9 +6173,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) WOLFSSL_ENTER("hash_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - hash = wc_HashNew(WC_HASH_TYPE_SHA256, HEAP_HINT, devId); + hash = wc_HashNew(WC_HASH_TYPE_SHA256, HEAP_HINT, devId, &ret); if (hash == NULL) { - ret = MEMORY_E; return WC_TEST_RET_ENC_EC(ret); } #else @@ -9301,13 +9422,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, WOLFSSL_ENTER("aesofb_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -9702,13 +9823,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -9999,13 +10120,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -10257,13 +10378,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -10406,9 +10527,9 @@ static wc_test_ret_t aes_key_size_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - aes = wc_AesNew(HEAP_HINT, devId); + aes = wc_AesNew(HEAP_HINT, devId, &ret); if (aes == NULL) - return WC_TEST_RET_ENC_ERRNO; + return WC_TEST_RET_ENC_EC(ret); #else ret = wc_AesInit(aes, HEAP_HINT, devId); /* 0 check OK for FIPSv1 */ @@ -13417,12 +13538,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void) WOLFSSL_ENTER("aes_ctr_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); XMEMSET(dec, 0, sizeof(Aes)); @@ -13765,13 +13886,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void) WOLFSSL_ENTER("aes_cbc_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14169,13 +14290,13 @@ static wc_test_ret_t aes_ecb_direct_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else ret = wc_AesInit(enc, HEAP_HINT, devId); @@ -14341,13 +14462,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) WOLFSSL_ENTER("aes192_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14471,13 +14592,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void) WOLFSSL_ENTER("aes256_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14650,12 +14771,12 @@ static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, XMEMSET(resultP, 0, sizeof(resultP)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); XMEMSET(dec, 0, sizeof(Aes)); @@ -15082,12 +15203,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) XMEMSET(resultP, 0, sizeof(resultP)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else ret = wc_AesInit(enc, HEAP_HINT, devId); if (ret != 0) @@ -15864,9 +15985,9 @@ static wc_test_ret_t aesccm_256_test(void) byte atag[sizeof(exp_tag)]; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - Aes* aes = wc_AesNew(HEAP_HINT, devId); + Aes* aes = wc_AesNew(HEAP_HINT, devId, &ret); if (aes == NULL) { - ret = WC_TEST_RET_ENC_EC(MEMORY_E); + ret = WC_TEST_RET_ENC_EC(ret); } #else Aes aes[1]; @@ -16020,9 +16141,9 @@ static wc_test_ret_t aesccm_128_test(void) XMEMSET(p2, 0, sizeof(p2)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); ret = wc_AesInit(enc, HEAP_HINT, devId); @@ -21578,13 +21699,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) XMEMCPY(in, inStr, inLen); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key = wc_NewRsaKey(HEAP_HINT, devId); + key = wc_NewRsaKey(HEAP_HINT, devId, &ret); if (key == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - keypub = wc_NewRsaKey(HEAP_HINT, devId); + keypub = wc_NewRsaKey(HEAP_HINT, devId, &ret); if (keypub == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #endif #ifdef WOLFSSL_TEST_CERT if (cert == NULL) @@ -35080,12 +35201,15 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) WOLFSSL_ENTER("curve25519_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - userA = wc_curve25519_new(HEAP_HINT, devId); - userB = wc_curve25519_new(HEAP_HINT, devId); - pubKey = wc_curve25519_new(HEAP_HINT, devId); - if (userA == NULL || userB == NULL || pubKey == NULL) { - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), cleanup); - } + userA = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + userB = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + pubKey = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #else wc_curve25519_init_ex(userA, HEAP_HINT, devId); wc_curve25519_init_ex(userB, HEAP_HINT, devId); @@ -36175,18 +36299,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) return WC_TEST_RET_ENC_EC(ret); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key = wc_ed25519_new(HEAP_HINT, devId); - key2 = wc_ed25519_new(HEAP_HINT, devId); - if (key == NULL || key2 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } + key = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + key2 = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #if !defined(NO_ASN) && defined(HAVE_ED25519_SIGN) - key3 = wc_ed25519_new(HEAP_HINT, devId); - if (key3 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } + key3 = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif #else wc_ed25519_init_ex(key, HEAP_HINT, devId); @@ -36213,70 +36335,70 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) if (wc_ed25519_import_private_key(sKeys[i], ED25519_KEY_SIZE, pKeys[i], pKeySz[i], key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_sign_msg(msgs[i], msgSz[i], out, &outlen, key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (XMEMCMP(out, sigs[i], 64)) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #if defined(HAVE_ED25519_VERIFY) /* test verify on good msg */ if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #ifdef WOLFSSL_ED25519_STREAMING_VERIFY /* test verify on good msg using streaming interface directly */ if (wc_ed25519_verify_msg_init(out, outlen, key, (byte)Ed25519, NULL, 0) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); for (j = 0; j < msgSz[i]; j += i) { if (wc_ed25519_verify_msg_update(msgs[i] + j, MIN(i, msgSz[i] - j), key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); } if (wc_ed25519_verify_msg_final(out, outlen, &verify, key) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* WOLFSSL_ED25519_STREAMING_VERIFY */ /* test verify on bad msg */ out[outlen-1] = out[outlen-1] + 1; if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key) == 0 || verify == 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* HAVE_ED25519_VERIFY */ /* test api for import/exporting keys */ exportPSz = sizeof(exportPKey); exportSSz = sizeof(exportSKey); if (wc_ed25519_export_public(key, exportPKey, &exportPSz) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_import_public_ex(exportPKey, exportPSz, key2, 1) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_export_private_only(key, exportSKey, &exportSSz) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_import_private_key(exportSKey, exportSSz, exportPKey, exportPSz, key2) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); /* clear "out" buffer and test sign with imported keys */ outlen = sizeof(out); XMEMSET(out, 0, sizeof(out)); if (wc_ed25519_sign_msg(msgs[i], msgSz[i], out, &outlen, key2) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #if defined(HAVE_ED25519_VERIFY) if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key2) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (XMEMCMP(out, sigs[i], 64)) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* HAVE_ED25519_VERIFY */ } @@ -36330,36 +36452,36 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_ed25519_import_private_key(sKeys[0], ED25519_KEY_SIZE, pKeys[0], pKeySz[0], key); if (ret != 0) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd1, sizeof(rareEd1), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd2, sizeof(rareEd2), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd3, sizeof(rareEd3), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd4, sizeof(rareEd4), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(SIG_VERIFY_E)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); } ret = ed25519ctx_test(); if (ret != 0) - return ret; + goto cleanup; ret = ed25519ph_test(); if (ret != 0) - return ret; + goto cleanup; #ifndef NO_ASN /* Try ASN.1 encoded private-only key and public key. */ @@ -36367,41 +36489,41 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_Ed25519PrivateKeyDecode(privateEd25519, &idx, key3, sizeof(privateEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); idx = 0; if (wc_Ed25519PrivateKeyDecode(badPrivateEd25519, &idx, key3, sizeof(badPrivateEd25519)) == 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); /* try with a buffer size that is too large */ idx = 0; if (wc_Ed25519PublicKeyDecode(badPublicEd25519, &idx, key3, sizeof(badPublicEd25519)) == 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); idx = 0; ret = wc_Ed25519PublicKeyDecode(publicEd25519, &idx, key3, sizeof(publicEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(out, sigs[0], 64)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #if defined(HAVE_ED25519_VERIFY) /* test verify on good msg */ ret = wc_ed25519_verify_msg(out, outlen, msgs[0], msgSz[0], &verify, key3); if (ret != 0 || verify != 1) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif /* HAVE_ED25519_VERIFY */ @@ -36412,14 +36534,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_Ed25519PrivateKeyDecode(privPubEd25519, &idx, key3, sizeof(privPubEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(out, sigs[0], 64)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) wc_ed25519_delete(&key3); @@ -36429,6 +36551,22 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) #endif /* NO_ASN */ #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_EXPORT && HAVE_ED25519_KEY_IMPORT */ + ret = ed25519_test_check_key(); + if (ret < 0) + goto cleanup; +#ifdef WOLFSSL_TEST_CERT + ret = ed25519_test_cert(); + if (ret < 0) + goto cleanup; +#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY) + ret = ed25519_test_make_cert(); + if (ret < 0) + goto cleanup; +#endif /* WOLFSSL_CERT_GEN */ +#endif /* WOLFSSL_TEST_CERT */ + +cleanup: + /* clean up keys when done */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) wc_ed25519_delete(&key); @@ -36446,21 +36584,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) (void)keySz; (void)sigSz; - ret = ed25519_test_check_key(); - if (ret < 0) - return ret; -#ifdef WOLFSSL_TEST_CERT - ret = ed25519_test_cert(); - if (ret < 0) - return ret; -#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY) - ret = ed25519_test_make_cert(); - if (ret < 0) - return ret; -#endif /* WOLFSSL_CERT_GEN */ -#endif /* WOLFSSL_TEST_CERT */ - - return 0; + return ret; } #endif /* HAVE_ED25519 */ diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index a4327d0ee8..6f1a313bf9 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -327,7 +327,7 @@ struct Aes { int alFd; /* server socket to bind to */ int rdFd; /* socket to read from */ struct msghdr msg; - int dir; /* flag for encrpyt or decrypt */ + int dir; /* flag for encrypt or decrypt */ #ifdef WOLFSSL_AFALG_XILINX_AES word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) + GCM_NONCE_MID_SZ)]; @@ -382,6 +382,7 @@ struct Aes { ALIGN16 byte streamData[5 * AES_BLOCK_SIZE]; #else byte* streamData; + word32 streamData_sz; #endif word32 aSz; word32 cSz; @@ -392,7 +393,6 @@ struct Aes { WC_BITFIELD nonceSet:1; WC_BITFIELD ctrSet:1; #endif - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ #ifdef WC_DEBUG_CIPHER_LIFECYCLE void *CipherLifecycleTag; /* used for dummy allocation and initialization, * trackable by sanitizers. @@ -728,7 +728,7 @@ WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap, #endif WOLFSSL_API void wc_AesFree(Aes* aes); #ifndef WC_NO_CONSTRUCTORS -WOLFSSL_API Aes* wc_AesNew(void* heap, int devId); +WOLFSSL_API Aes* wc_AesNew(void* heap, int devId, int *result_code); WOLFSSL_API int wc_AesDelete(Aes** aes); #endif diff --git a/wolfssl/wolfcrypt/curve25519.h b/wolfssl/wolfcrypt/curve25519.h index adf7fe6603..e2367e21b1 100644 --- a/wolfssl/wolfcrypt/curve25519.h +++ b/wolfssl/wolfcrypt/curve25519.h @@ -99,9 +99,6 @@ struct curve25519_key { /* bit fields */ WC_BITFIELD pubSet:1; WC_BITFIELD privSet:1; -#ifndef WC_NO_CONSTRUCTORS - WC_BITFIELD isAllocated:1; -#endif }; enum { @@ -144,10 +141,11 @@ void wc_curve25519_free(curve25519_key* key); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API -curve25519_key* wc_curve25519_new(void* heap, int devId); +curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code); WOLFSSL_API int wc_curve25519_delete(curve25519_key** key); #endif +WOLFSSL_API /* raw key helpers */ WOLFSSL_API diff --git a/wolfssl/wolfcrypt/ed25519.h b/wolfssl/wolfcrypt/ed25519.h index f29dcfa3b7..5f017e31a0 100644 --- a/wolfssl/wolfcrypt/ed25519.h +++ b/wolfssl/wolfcrypt/ed25519.h @@ -97,9 +97,6 @@ struct ed25519_key { WC_BITFIELD privKeySet:1; WC_BITFIELD pubKeySet:1; WC_BITFIELD sha_clean_flag:1; /* only used if WOLFSSL_ED25519_PERSISTENT_SHA */ -#ifndef WC_NO_CONSTRUCTORS - WC_BITFIELD isAllocated:1; -#endif #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif @@ -186,10 +183,11 @@ WOLFSSL_API void wc_ed25519_free(ed25519_key* key); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API -ed25519_key* wc_ed25519_new(void* heap, int devId); +ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code); WOLFSSL_API int wc_ed25519_delete(ed25519_key** key); #endif +WOLFSSL_API #ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 3d235bc4f9..2c3bd0363c 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -127,7 +127,6 @@ typedef struct { enum wc_HashType type; /* sanity check */ #ifndef WC_NO_CONSTRUCTORS void *heap; - WC_BITFIELD isAllocated:1; #endif } wc_HashAlg; #endif /* !NO_HASH_WRAPPER */ @@ -195,7 +194,7 @@ WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, - int devId); + int devId, int *result_code); WOLFSSL_API int wc_HashDelete(wc_HashAlg **hash); #endif diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index be9aee32aa..4b30e455e2 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -269,9 +269,6 @@ struct RsaKey { #if defined(WOLFSSL_RENESAS_FSPSM) FSPSM_RSA_CTX ctx; #endif -#ifndef WC_NO_CONSTRUCTORS - WC_BITFIELD isAllocated:1; -#endif }; #ifndef WC_RSAKEY_TYPE_DEFINED @@ -299,7 +296,7 @@ WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); #ifndef WC_NO_CONSTRUCTORS -WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId); +WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code); WOLFSSL_API int wc_DeleteRsaKey(RsaKey** key); #endif diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index f1be16b9bb..1b437c1000 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -612,6 +612,10 @@ typedef struct w64wrapper { #endif /* WOLFSSL_STATIC_MEMORY */ #endif + #if defined(WOLFSSL_SMALL_STACK) && defined(WC_NO_CONSTRUCTORS) + #error WOLFSSL_SMALL_STACK requires constructors. + #endif + #include /* declare/free variable handling for async and smallstack */ From 996986d0c1f6b507f3c949684df068f5c8868904 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Fri, 18 Oct 2024 21:13:38 -0500 Subject: [PATCH 3/3] refactor wc_AesDelete, wc_curve25519_delete, wc_ed25519_delete, wc_HashDelete, and wc_DeleteRsaKey to take two arguments, the first a required pointer to the object, the second an optional pointer to the pointer to be zeroed upon successful deletion, for the benefit of calling from C# without unsafe code. wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs: update for new calling conventions around wc_AesNew, wc_curve25519_new, wc_ed25519_new, wc_HashNew, and wc_NewRsaKey, and the corresponding delete functions. --- wolfcrypt/src/aes.c | 17 +- wolfcrypt/src/curve25519.c | 11 +- wolfcrypt/src/ed25519.c | 11 +- wolfcrypt/src/hash.c | 11 +- wolfcrypt/src/rsa.c | 11 +- wolfcrypt/test/test.c | 203 ++++++--------------- wolfssl/wolfcrypt/aes.h | 2 +- wolfssl/wolfcrypt/curve25519.h | 2 +- wolfssl/wolfcrypt/ed25519.h | 2 +- wolfssl/wolfcrypt/hash.h | 2 +- wolfssl/wolfcrypt/rsa.h | 2 +- wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs | 114 +++++++----- 12 files changed, 155 insertions(+), 233 deletions(-) diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 44dc31cb67..6a6b494035 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -10542,7 +10542,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, authTag, authTagSz, authIn, authInSz); #ifdef WOLFSSL_SMALL_STACK - wc_AesDelete(&aes); + wc_AesDelete(aes, NULL); #else wc_AesFree(aes); #endif @@ -10582,7 +10582,7 @@ int wc_GmacVerify(const byte* key, word32 keySz, } #ifdef WOLFSSL_SMALL_STACK - wc_AesDelete(&aes); + wc_AesDelete(aes, NULL); #else wc_AesFree(aes); #endif @@ -11318,13 +11318,14 @@ Aes* wc_AesNew(void* heap, int devId, int *result_code) return aes; } -int wc_AesDelete(Aes** aes) +int wc_AesDelete(Aes *aes, Aes** aes_p) { - if ((aes == NULL) || (*aes == NULL)) + if (aes == NULL) return BAD_FUNC_ARG; - wc_AesFree(*aes); - XFREE(*aes, (*aes)->heap, DYNAMIC_TYPE_AES); - *aes = NULL; + wc_AesFree(aes); + XFREE(aes, aes->heap, DYNAMIC_TYPE_AES); + if (aes_p != NULL) + *aes_p = NULL; return 0; } #endif /* !WC_NO_CONSTRUCTORS */ @@ -14028,7 +14029,7 @@ static WARN_UNUSED_RESULT int AesSivCipher( } #ifdef WOLFSSL_SMALL_STACK - wc_AesDelete(&aes); + wc_AesDelete(aes, NULL); #else wc_AesFree(aes); #endif diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c index f4c7c11aba..7641055b44 100644 --- a/wolfcrypt/src/curve25519.c +++ b/wolfcrypt/src/curve25519.c @@ -678,12 +678,13 @@ curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code) return key; } -int wc_curve25519_delete(curve25519_key** key) { - if ((key == NULL) || (*key == NULL)) +int wc_curve25519_delete(curve25519_key* key, curve25519_key** key_p) { + if (key == NULL) return BAD_FUNC_ARG; - wc_curve25519_free(*key); - XFREE(*key, (*key)->heap, DYNAMIC_TYPE_CURVE25519); - *key = NULL; + wc_curve25519_free(key); + XFREE(key, key->heap, DYNAMIC_TYPE_CURVE25519); + if (key_p != NULL) + *key_p = NULL; return 0; } #endif /* !WC_NO_CONSTRUCTORS */ diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c index ce856b9011..09777dde76 100644 --- a/wolfcrypt/src/ed25519.c +++ b/wolfcrypt/src/ed25519.c @@ -991,12 +991,13 @@ ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code) return key; } -int wc_ed25519_delete(ed25519_key** key) { - if ((key == NULL) || (*key == NULL)) +int wc_ed25519_delete(ed25519_key* key, ed25519_key** key_p) { + if (key == NULL) return BAD_FUNC_ARG; - wc_ed25519_free(*key); - XFREE(*key, (*key)->heap, DYNAMIC_TYPE_ED25519); - *key = NULL; + wc_ed25519_free(key); + XFREE(key, key->heap, DYNAMIC_TYPE_ED25519); + if (key_p != NULL) + *key_p = NULL; return 0; } #endif /* !WC_NO_CONSTRUCTORS */ diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index f2eefad9ce..b16c47dcb1 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -710,15 +710,16 @@ wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, return hash; } -int wc_HashDelete(wc_HashAlg **hash) { +int wc_HashDelete(wc_HashAlg *hash, wc_HashAlg **hash_p) { int ret; - if ((hash == NULL) || (*hash == NULL)) + if (hash == NULL) return BAD_FUNC_ARG; - ret = wc_HashFree(*hash, (*hash)->type); + ret = wc_HashFree(hash, hash->type); if (ret < 0) return ret; - XFREE(*hash, (*hash)->heap, DYNAMIC_TYPE_HASHES); - *hash = NULL; + XFREE(hash, hash->heap, DYNAMIC_TYPE_HASHES); + if (hash_p != NULL) + *hash_p = NULL; return 0; } #endif /* !WC_NO_CONSTRUCTORS */ diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index dd5f7f8be2..f5ed3d3533 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -176,13 +176,14 @@ RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code) return key; } -int wc_DeleteRsaKey(RsaKey** key) +int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p) { - if ((key == NULL) || (*key == NULL)) + if (key == NULL) return BAD_FUNC_ARG; - wc_FreeRsaKey(*key); - XFREE(*key, (*key)->heap, DYNAMIC_TYPE_RSA); - *key = NULL; + wc_FreeRsaKey(key); + XFREE(key, key->heap, DYNAMIC_TYPE_RSA); + if (key_p != NULL) + *key_p = NULL; return 0; } #endif /* !WC_NO_CONSTRUCTORS */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b7f8131d2e..4c3c9d771d 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -938,7 +938,7 @@ static void myFipsCb(int ok, int err, const char* hash) #if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && !defined(WC_NO_CONSTRUCTORS) #if !defined(NO_AES) -static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code) +static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int thisDevId, int *result_code) { int ret; Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); @@ -946,7 +946,7 @@ static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code) ret = MEMORY_E; } else { - ret = wc_AesInit(aes, heap, devId); + ret = wc_AesInit(aes, heap, thisDevId); if (ret != 0) { XFREE(aes, heap, DYNAMIC_TYPE_AES); aes = NULL; @@ -958,27 +958,28 @@ static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code) return aes; } -static WC_MAYBE_UNUSED int wc_AesDelete(Aes** aes) +static WC_MAYBE_UNUSED int wc_AesDelete(Aes *aes, Aes** aes_p) { - if ((aes == NULL) || (*aes == NULL)) + if (aes == NULL) return BAD_FUNC_ARG; - wc_AesFree(*aes); - XFREE(*aes, (*aes)->heap, DYNAMIC_TYPE_AES); - *aes = NULL; + wc_AesFree(aes); + XFREE(aes, aes->heap, DYNAMIC_TYPE_AES); + if (aes_p != NULL) + *aes_p = NULL; return 0; } #endif /* !NO_AES */ #if !defined(NO_RSA) -static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code) +static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int thisDevId, int *result_code) { int ret; RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key = NULL) { + if (key == NULL) { ret = MEMORY_E; } else { - ret = wc_InitRsaKey_ex(key, heap, devId); + ret = wc_InitRsaKey_ex(key, heap, thisDevId); if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_RSA); key = NULL; @@ -990,120 +991,18 @@ static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_c return key; } -static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey** key) +static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p) { - if ((key == NULL) || (*key == NULL)) + if (key == NULL) return BAD_FUNC_ARG; - wc_FreeRsaKey(*key); - XFREE(*key, (*key)->heap, DYNAMIC_TYPE_RSA); - *key = NULL; + wc_FreeRsaKey(key); + XFREE(key, key->heap, DYNAMIC_TYPE_RSA); + if (key_p != NULL) + *key_p = NULL; return 0; } #endif /* !NO_RSA */ -#if !defined(NO_HASH_WRAPPER) -static WC_MAYBE_UNUSED wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, - int *result_code) -{ - int ret; - wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, - DYNAMIC_TYPE_HASHES); - if (hash == NULL) { - ret = MEMORY_E; - } - else { - ret = wc_HashInit_ex(hash, type, heap, devId); - if (ret != 0) { - XFREE(hash, heap, DYNAMIC_TYPE_HASHES); - hash = NULL; - } - } - - if (result_code != NULL) - *result_code = ret; - - return hash; -} - -static WC_MAYBE_UNUSED int wc_HashDelete(wc_HashAlg **hash) { - int ret; - if ((hash == NULL) || (*hash == NULL)) - return BAD_FUNC_ARG; - ret = wc_HashFree(*hash, (*hash)->type); - if (ret < 0) - return ret; - XFREE(*hash, (*hash)->heap, DYNAMIC_TYPE_HASHES); - *hash = NULL; - return 0; -} -#endif /* !NO_HASH_WRAPPER */ - -#if defined(HAVE_CURVE25519) -static WC_MAYBE_UNUSED curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code) -{ - int ret; - curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap, - DYNAMIC_TYPE_CURVE25519); - if (key == NULL) { - ret = MEMORY_E; - } - else { - ret = wc_curve25519_init_ex(key, heap, devId); - if (ret != 0) { - XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); - key = NULL; - } - } - - if (result_code != NULL) - *result_code = ret; - - return key; -} - -static WC_MAYBE_UNUSED int wc_curve25519_delete(curve25519_key** key) { - if ((key == NULL) || (*key == NULL)) - return BAD_FUNC_ARG; - wc_curve25519_free(*key); - XFREE(*key, (*key)->heap, DYNAMIC_TYPE_CURVE25519); - *key = NULL; - return 0; -} -#endif /* HAVE_CURVE25519 */ - -#if defined(HAVE_ED25519) -static WC_MAYBE_UNUSED ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code) -{ - int ret; - ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, - DYNAMIC_TYPE_ED25519); - if (key == NULL) { - ret = MEMORY_E; - } - else { - ret = wc_ed25519_init_ex(key, heap, devId); - if (ret != 0) { - XFREE(key, heap, DYNAMIC_TYPE_ED25519); - key = NULL; - } - } - - if (result_code != NULL) - *result_code = ret; - - return key; -} - -static WC_MAYBE_UNUSED int wc_ed25519_delete(ed25519_key** key) { - if ((key == NULL) || (*key == NULL)) - return BAD_FUNC_ARG; - wc_ed25519_free(*key); - XFREE(*key, (*key)->heap, DYNAMIC_TYPE_ED25519); - *key = NULL; - return 0; -} -#endif /* HAVE_ED25519 */ - #endif /* FIPS_VERSION3_LT(6,0,0) && !WC_NO_CONSTRUCTORS */ #ifdef WOLFSSL_STATIC_MEMORY @@ -6457,7 +6356,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - (void)wc_HashDelete(&hash); + (void)wc_HashDelete(hash, &hash); #endif return 0; @@ -9680,14 +9579,14 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -10010,13 +9909,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -10272,13 +10171,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -10484,13 +10383,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -10629,7 +10528,7 @@ static wc_test_ret_t aes_key_size_test(void) out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&aes); + wc_AesDelete(aes, &aes); #else wc_AesFree(aes); #endif @@ -13670,13 +13569,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void) out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -14246,13 +14145,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void) out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -14324,8 +14223,8 @@ static wc_test_ret_t aes_ecb_direct_test(void) out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); - wc_AesDelete(&dec); + wc_AesDelete(enc, &enc); + wc_AesDelete(dec, &dec); #else wc_AesFree(enc); wc_AesFree(dec); @@ -14521,13 +14420,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -14728,13 +14627,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void) out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif #ifdef HAVE_AES_DECRYPT #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&dec); + wc_AesDelete(dec, &dec); #else wc_AesFree(dec); #endif @@ -14865,8 +14764,8 @@ static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); - wc_AesDelete(&dec); + wc_AesDelete(enc, &enc); + wc_AesDelete(dec, &dec); #else wc_AesFree(enc); wc_AesFree(dec); @@ -15802,8 +15701,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); - wc_AesDelete(&dec); + wc_AesDelete(enc, &enc); + wc_AesDelete(dec, &dec); #else wc_AesFree(enc); wc_AesFree(dec); @@ -16026,7 +15925,7 @@ static wc_test_ret_t aesccm_256_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&aes); + wc_AesDelete(aes, &aes); #else wc_AesFree(aes); #endif @@ -16319,7 +16218,7 @@ static wc_test_ret_t aesccm_128_test(void) out: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_AesDelete(&enc); + wc_AesDelete(enc, &enc); #else wc_AesFree(enc); #endif @@ -22278,9 +22177,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) exit_rsa: #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_DeleteRsaKey(&key); + wc_DeleteRsaKey(key, &key); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - wc_DeleteRsaKey(&keypub); + wc_DeleteRsaKey(keypub, &keypub); #endif #ifdef WOLFSSL_TEST_CERT XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -35361,9 +35260,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) /* clean up keys when done */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_curve25519_delete(&pubKey); - wc_curve25519_delete(&userB); - wc_curve25519_delete(&userA); + wc_curve25519_delete(pubKey, &pubKey); + wc_curve25519_delete(userB, &userB); + wc_curve25519_delete(userA, &userA); #else wc_curve25519_free(pubKey); wc_curve25519_free(userB); @@ -36544,7 +36443,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_ed25519_delete(&key3); + wc_ed25519_delete(key3, &key3); #else wc_ed25519_free(key3); #endif @@ -36569,8 +36468,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) /* clean up keys when done */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - wc_ed25519_delete(&key); - wc_ed25519_delete(&key2); + wc_ed25519_delete(key, &key); + wc_ed25519_delete(key2, &key2); #else wc_ed25519_free(key); wc_ed25519_free(key2); diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index 6f1a313bf9..eaa0c47150 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -729,7 +729,7 @@ WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap, WOLFSSL_API void wc_AesFree(Aes* aes); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API Aes* wc_AesNew(void* heap, int devId, int *result_code); -WOLFSSL_API int wc_AesDelete(Aes** aes); +WOLFSSL_API int wc_AesDelete(Aes* aes, Aes** aes_p); #endif #ifdef WOLFSSL_AES_SIV diff --git a/wolfssl/wolfcrypt/curve25519.h b/wolfssl/wolfcrypt/curve25519.h index e2367e21b1..4d18c5678e 100644 --- a/wolfssl/wolfcrypt/curve25519.h +++ b/wolfssl/wolfcrypt/curve25519.h @@ -143,7 +143,7 @@ void wc_curve25519_free(curve25519_key* key); WOLFSSL_API curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code); WOLFSSL_API -int wc_curve25519_delete(curve25519_key** key); +int wc_curve25519_delete(curve25519_key* key, curve25519_key** key_p); #endif WOLFSSL_API diff --git a/wolfssl/wolfcrypt/ed25519.h b/wolfssl/wolfcrypt/ed25519.h index 5f017e31a0..8c660b2189 100644 --- a/wolfssl/wolfcrypt/ed25519.h +++ b/wolfssl/wolfcrypt/ed25519.h @@ -185,7 +185,7 @@ void wc_ed25519_free(ed25519_key* key); WOLFSSL_API ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code); WOLFSSL_API -int wc_ed25519_delete(ed25519_key** key); +int wc_ed25519_delete(ed25519_key* key, ed25519_key** key_p); #endif WOLFSSL_API diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 2c3bd0363c..edbc949bcb 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -195,7 +195,7 @@ WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, int *result_code); -WOLFSSL_API int wc_HashDelete(wc_HashAlg **hash); +WOLFSSL_API int wc_HashDelete(wc_HashAlg *hash, wc_HashAlg **hash_p); #endif #ifdef WOLFSSL_HASH_FLAGS diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index 4b30e455e2..3f39d5b4df 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -297,7 +297,7 @@ WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code); -WOLFSSL_API int wc_DeleteRsaKey(RsaKey** key); +WOLFSSL_API int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p); #endif #ifdef WOLF_PRIVATE_KEY_ID diff --git a/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs b/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs index 2e5f30e938..223beafacc 100644 --- a/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs +++ b/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs @@ -119,7 +119,9 @@ public class wolfcrypt * RSA */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private static extern IntPtr wc_NewRsaKey(IntPtr heap, int devId); + private static extern IntPtr wc_NewRsaKey(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private static extern int wc_DeleteRsaKey(IntPtr key, IntPtr key_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_InitRsaKey(IntPtr key, IntPtr heap); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -153,7 +155,9 @@ public class wolfcrypt * ED25519 */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private static extern IntPtr wc_ed25519_new(IntPtr heap, int devId); + private static extern IntPtr wc_ed25519_new(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private static extern int wc_ed25519_delete(IntPtr key, IntPtr key_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private static extern int wc_ed25519_init(IntPtr key); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -194,7 +198,9 @@ public class wolfcrypt * Curve25519 */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private static extern IntPtr wc_curve25519_new(IntPtr heap, int devId); + private static extern IntPtr wc_curve25519_new(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private static extern int wc_curve25519_delete(IntPtr key, IntPtr key_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_curve25519_init(IntPtr key); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -235,7 +241,9 @@ public class wolfcrypt * AES-GCM */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private extern static IntPtr wc_AesNew(IntPtr heap, int devId); + private extern static IntPtr wc_AesNew(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static int wc_AesDelete(IntPtr aes, IntPtr aes_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_AesFree(IntPtr aes); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -254,7 +262,9 @@ public class wolfcrypt * HASH */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private extern static IntPtr wc_HashNew(uint hashType, IntPtr heap, int devId); + private extern static IntPtr wc_HashNew(uint hashType, IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static int wc_HashDelete(IntPtr hash, IntPtr hash_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_HashInit(IntPtr hash, uint hashType); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -373,7 +383,7 @@ public static int Cleanup() /// Pointer to allocated WC_RNG or null public static IntPtr RandomNew() { - IntPtr rng; + IntPtr rng; try { @@ -386,7 +396,7 @@ public static IntPtr RandomNew() { log(ERROR_LOG, "random new exception " + e.ToString()); rng = IntPtr.Zero; - } + } return rng; } @@ -551,7 +561,7 @@ public static int EccSetRng(IntPtr key, IntPtr rng) public static IntPtr EccImportKey(byte[] keyASN1) { int ret; - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { @@ -577,7 +587,7 @@ public static IntPtr EccImportKey(byte[] keyASN1) log(ERROR_LOG, "ECC import key exception " + e.ToString()); EccFreeKey(key); /* make sure its free'd */ key = IntPtr.Zero; - } + } return key; } @@ -713,7 +723,7 @@ public static int EccExportPrivateKeyToDer(IntPtr key, out byte[] derKey) { log(ERROR_LOG, "ECC export private exception " + e.ToString()); ret = EXCEPTION_E; - } + } return ret; } @@ -747,7 +757,7 @@ public static int EccExportPublicKeyToDer(IntPtr key, out byte[] derKey, bool in { log(ERROR_LOG, "ECC export public exception " + e.ToString()); ret = EXCEPTION_E; - } + } return ret; } @@ -1317,12 +1327,12 @@ public static IntPtr RsaMakeKey(IntPtr heap, int devId, int keysize, Int32 expon { int ret; IntPtr key = IntPtr.Zero; - IntPtr rng = IntPtr.Zero; + IntPtr rng = IntPtr.Zero; try { /* Allocate and init new RSA key structure */ - key = wc_NewRsaKey(heap, devId); + key = wc_NewRsaKey(heap, devId, IntPtr.Zero); if (key != IntPtr.Zero) { rng = RandomNew(); @@ -1348,7 +1358,7 @@ public static IntPtr RsaMakeKey(IntPtr heap, int devId, int keysize, Int32 expon if (rng != IntPtr.Zero) RandomFree(rng); if (key != IntPtr.Zero) RsaFreeKey(key); key = IntPtr.Zero; - } + } return key; } @@ -1366,11 +1376,11 @@ public static IntPtr RsaMakeKey(IntPtr heap, int devId, int keysize) public static IntPtr RsaImportKey(byte[] keyASN1) { int ret; - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { - key = wc_NewRsaKey(IntPtr.Zero, INVALID_DEVID); + key = wc_NewRsaKey(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { IntPtr idx = Marshal.AllocHGlobal(sizeof(uint)); @@ -1392,7 +1402,7 @@ public static IntPtr RsaImportKey(byte[] keyASN1) log(ERROR_LOG, "RSA make key exception " + e.ToString()); RsaFreeKey(key); /* make sure its free'd */ key = IntPtr.Zero; - } + } return key; } @@ -1548,7 +1558,8 @@ public static void RsaFreeKey(IntPtr key) { if (key != IntPtr.Zero) { - wc_FreeRsaKey(key); + wc_DeleteRsaKey(key, IntPtr.Zero); + key = IntPtr.Zero; } } /* END RSA */ @@ -1578,7 +1589,7 @@ public static IntPtr Ed25519MakeKey(IntPtr heap, int devId) throw new Exception("Failed to create RNG."); } - key = wc_ed25519_new(heap, devId); + key = wc_ed25519_new(heap, devId, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_ed25519_make_key(rng, 32, key); @@ -1595,7 +1606,7 @@ public static IntPtr Ed25519MakeKey(IntPtr heap, int devId) if (rng != IntPtr.Zero) RandomFree(rng); if (ret != 0) { - wc_ed25519_free(key); + wc_ed25519_delete(key, IntPtr.Zero); key = IntPtr.Zero; } } @@ -1611,7 +1622,7 @@ public static IntPtr Ed25519MakeKey(IntPtr heap, int devId) /// Private key used for signing /// 0 on success, otherwise an error code public static int Ed25519SignMsg(byte[] inMsg, out byte[] outMsg, IntPtr key) - { + { int ret; IntPtr inMsgPtr = Marshal.AllocHGlobal(inMsg.Length); IntPtr outMsgPtr = Marshal.AllocHGlobal(ED25519_SIG_SIZE); @@ -1633,7 +1644,7 @@ public static int Ed25519SignMsg(byte[] inMsg, out byte[] outMsg, IntPtr key) /* Clenup */ if (inMsgPtr != IntPtr.Zero) Marshal.FreeHGlobal(inMsgPtr); if (outMsgPtr != IntPtr.Zero) Marshal.FreeHGlobal(outMsgPtr); - } + } return ret; } @@ -1682,7 +1693,7 @@ public static int Ed25519VerifyMsg(byte[] sig, byte[] msg, IntPtr key) /* Cleanup */ if (sigPtr != IntPtr.Zero) Marshal.FreeHGlobal(sigPtr); if (msgPtr != IntPtr.Zero) Marshal.FreeHGlobal(msgPtr); - } + } return ret; } @@ -1700,7 +1711,7 @@ public static IntPtr Ed25519PrivateKeyDecode(byte[] input) try { - key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Ed25519PrivateKeyDecode(input, ref idx, key, (uint)input.Length); @@ -1734,7 +1745,7 @@ public static IntPtr Ed25519PublicKeyDecode(byte[] input) try { - key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Ed25519PublicKeyDecode(input, ref idx, key, (uint)input.Length); @@ -1878,7 +1889,8 @@ public static int Ed25519ExportPublicKeyToDer(IntPtr key, out byte[] pubKey, boo /// Key to be freed public static void Ed25519FreeKey(IntPtr key) { - wc_ed25519_free(key); + wc_ed25519_delete(key, IntPtr.Zero); + key = IntPtr.Zero; } /* END ED25519 */ @@ -2104,7 +2116,7 @@ public static IntPtr Curve25519MakeKey(IntPtr heap, int devId) throw new Exception("Failed to create RNG."); } - key = wc_curve25519_new(heap, devId); + key = wc_curve25519_new(heap, devId, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_curve25519_make_key(rng, 32, key); @@ -2121,7 +2133,7 @@ public static IntPtr Curve25519MakeKey(IntPtr heap, int devId) if (rng != IntPtr.Zero) RandomFree(rng); if (ret != 0) { - wc_curve25519_free(key); + wc_curve25519_delete(key, IntPtr.Zero); key = IntPtr.Zero; } } @@ -2142,7 +2154,7 @@ public static IntPtr Curve25519PrivateKeyDecode(byte[] input) try { - key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Ed25519PrivateKeyDecode(input, ref idx, key, (uint)input.Length); @@ -2176,7 +2188,7 @@ public static IntPtr Curve25519PublicKeyDecode(byte[] input) try { - key = wc_curve25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_curve25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Curve25519PublicKeyDecode(input, ref idx, key, (uint)input.Length); @@ -2280,7 +2292,8 @@ public static int Curve25519ExportPublicKeyToDer(IntPtr key, out byte[] derKey, /// Key to be freed public static void Curve25519FreeKey(IntPtr key) { - wc_curve25519_free(key); + wc_curve25519_delete(key, IntPtr.Zero); + key = IntPtr.Zero; } /* END Curve25519 */ @@ -2313,7 +2326,7 @@ public static int Curve25519SharedSecret(IntPtr privateKey, IntPtr publicKey, by { log(ERROR_LOG, "Curve25519 shared secret exception " + e.ToString()); ret = EXCEPTION_E; - } + } return ret; } @@ -2325,7 +2338,7 @@ public static int Curve25519SharedSecret(IntPtr privateKey, IntPtr publicKey, by /// Allocated Curve25519 key structure or null public static IntPtr Curve25519ImportPrivateKey(byte[] privateKey) { - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { @@ -2343,7 +2356,7 @@ public static IntPtr Curve25519ImportPrivateKey(byte[] privateKey) log(ERROR_LOG, "Curve25519 import private key exception " + e.ToString()); if (key != IntPtr.Zero) Marshal.FreeHGlobal(key); key = IntPtr.Zero; - } + } return key; } @@ -2355,7 +2368,7 @@ public static IntPtr Curve25519ImportPrivateKey(byte[] privateKey) /// Allocated Curve25519 key structure or null public static IntPtr Curve25519ImportPublicKey(byte[] publicKey) { - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { @@ -2373,7 +2386,7 @@ public static IntPtr Curve25519ImportPublicKey(byte[] publicKey) log(ERROR_LOG, "Curve25519 import public key exception " + e.ToString()); if (key != IntPtr.Zero) Marshal.FreeHGlobal(key); key = IntPtr.Zero; - } + } return key; } @@ -2449,7 +2462,7 @@ public static IntPtr AesNew(IntPtr heap, int devId) try { - aesPtr = wc_AesNew(heap, devId); + aesPtr = wc_AesNew(heap, devId, IntPtr.Zero); if (aesPtr == IntPtr.Zero) { @@ -2460,7 +2473,7 @@ public static IntPtr AesNew(IntPtr heap, int devId) catch (Exception e) { Console.WriteLine($"AES context creation failed: {e.Message}"); - } + } return aesPtr; } @@ -2529,7 +2542,7 @@ public static int AesGcmInit(IntPtr aes, byte[] key, byte[] iv) /* Cleanup */ if (keyPtr != IntPtr.Zero) Marshal.FreeHGlobal(keyPtr); if (ivPtr != IntPtr.Zero) Marshal.FreeHGlobal(ivPtr); - } + } return ret; } @@ -2596,7 +2609,7 @@ public static int AesGcmEncrypt(IntPtr aes, byte[] iv, byte[] plaintext, if (plaintextPtr != IntPtr.Zero) Marshal.FreeHGlobal(plaintextPtr); if (authTagPtr != IntPtr.Zero) Marshal.FreeHGlobal(authTagPtr); if (addAuthPtr != IntPtr.Zero) Marshal.FreeHGlobal(addAuthPtr); - } + } return ret; } @@ -2663,7 +2676,7 @@ public static int AesGcmDecrypt(IntPtr aes, byte[] iv, byte[] ciphertext, if (plaintextPtr != IntPtr.Zero) Marshal.FreeHGlobal(plaintextPtr); if (authTagPtr != IntPtr.Zero) Marshal.FreeHGlobal(authTagPtr); if (addAuthPtr != IntPtr.Zero) Marshal.FreeHGlobal(addAuthPtr); - } + } return ret; } @@ -2676,7 +2689,8 @@ public static void AesGcmFree(IntPtr aes) { if (aes != IntPtr.Zero) { - wc_AesFree(aes); + wc_AesDelete(aes, IntPtr.Zero); + aes = IntPtr.Zero; } } /* END AES-GCM */ @@ -2700,7 +2714,7 @@ public static IntPtr HashNew(uint hashType, IntPtr heap, int devId) try { /* Allocate new hash */ - hash = wc_HashNew(hashType, heap, devId); + hash = wc_HashNew(hashType, heap, devId, IntPtr.Zero); if (hash == IntPtr.Zero) { throw new Exception("Failed to allocate new hash context."); @@ -2709,7 +2723,7 @@ public static IntPtr HashNew(uint hashType, IntPtr heap, int devId) catch (Exception e) { log(ERROR_LOG, "HashNew Exception: " + e.ToString()); - } + } return hash; } @@ -2740,8 +2754,11 @@ public static int InitHash(IntPtr hash, uint hashType) { /* Cleanup */ log(ERROR_LOG, "InitHash Exception: " + e.ToString()); - if (hash != IntPtr.Zero) wc_HashFree(hash, hashType); - } + if (hash != IntPtr.Zero) { + wc_HashDelete(hash, IntPtr.Zero); + hash = IntPtr.Zero; + } + } return ret; } @@ -2856,7 +2873,8 @@ public static int HashFree(IntPtr hash, uint hashType) throw new Exception("Hash context is null, cannot free."); /* Free hash */ - ret = wc_HashFree(hash, hashType); + ret = wc_HashDelete(hash, IntPtr.Zero); + hash = IntPtr.Zero; if (ret != 0) { throw new Exception($"Failed to free hash context. Error code: {ret}"); @@ -2865,7 +2883,7 @@ public static int HashFree(IntPtr hash, uint hashType) catch (Exception e) { log(ERROR_LOG, "HashFree Exception: " + e.ToString()); - } + } return ret; }