From 2486aac88f72a79d34f78f67388454d30793ab03 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Fri, 23 Aug 2024 10:54:31 -0700 Subject: [PATCH] CI warning fixes --- mplabx/small-psk-build/Makefile | 7 +- mplabx/small-psk-build/README.md | 14 + mplabx/small-psk-build/example-client-psk.c | 127 ++++-- mplabx/small-psk-build/psk-ssl.c | 355 +++++++-------- mplabx/small-psk-build/psk-tls.c | 91 ++-- mplabx/small-psk-build/user_settings.h | 17 +- src/dtls13.c | 120 ++--- src/internal.c | 91 ++-- src/keys.c | 6 +- src/sniffer.c | 22 +- src/ssl.c | 19 +- src/tls13.c | 5 +- wolfcrypt/src/aes.c | 15 +- wolfcrypt/src/hmac.c | 4 +- wolfcrypt/src/misc.c | 4 +- wolfcrypt/src/random.c | 35 +- wolfcrypt/src/sha256.c | 8 +- wolfssl/error-ssl.h | 370 +++++++-------- wolfssl/internal.h | 287 ++++++++++-- wolfssl/openssl/evp.h | 8 +- wolfssl/openssl/ssl.h | 10 +- wolfssl/ssl.h | 30 +- wolfssl/test.h | 1 + wolfssl/wolfcrypt/chacha.h | 6 +- wolfssl/wolfcrypt/error-crypt.h | 478 ++++++++++---------- wolfssl/wolfcrypt/poly1305.h | 8 +- wolfssl/wolfcrypt/types.h | 2 +- 27 files changed, 1210 insertions(+), 930 deletions(-) create mode 100644 mplabx/small-psk-build/README.md diff --git a/mplabx/small-psk-build/Makefile b/mplabx/small-psk-build/Makefile index ec493c4196..7fac6ee904 100644 --- a/mplabx/small-psk-build/Makefile +++ b/mplabx/small-psk-build/Makefile @@ -24,8 +24,8 @@ INC = -I$(USER_SETTINGS_DIR) \ # Defines DEF = -DWOLFSSL_USER_SETTINGS -DWOLFSSL_GENSEED_FORTEST -#DEF = -DUSE_LIBFUZZER -#CFLAGS = -fsanitize=fuzzer,address +#DEF += -DUSE_LIBFUZZER +#CFLAGS = -fsanitize=fuzzer,address -g # LD: generate map LDFLAGS += -Wl,-Map=$(BUILD_DIR)/$(BIN).map @@ -53,7 +53,6 @@ SRC_C += ../../wolfcrypt/src/hmac.c SRC_C += ../../wolfcrypt/src/random.c SRC_C += ../../wolfcrypt/src/sha256.c SRC_C += ../../wolfcrypt/src/misc.c -SRC_C += ../../src/wolfio.c SRC_C += psk-ssl.c SRC_C += psk-tls.c SRC_C += example-client-psk.c @@ -66,7 +65,7 @@ vpath %.c $(dir $(SRC_C)) APP = example-client-psk -all: $(BUILD_DIR)/$(APP) +all: $(BUILD_DIR) $(BUILD_DIR)/$(APP) @echo "" $(CMD_ECHO) $(SIZE) $(BUILD_DIR)/$(APP) diff --git a/mplabx/small-psk-build/README.md b/mplabx/small-psk-build/README.md new file mode 100644 index 0000000000..0f945047fe --- /dev/null +++ b/mplabx/small-psk-build/README.md @@ -0,0 +1,14 @@ +NOT intended for general use! + +Crafted for a specific static PSK build using an AES-CBC 128 cipher suite with +TLS 1.2 client. When compiling with the Microchip toolchain additional source +files consumed a small amount of DATA memory. psk-tls.c and psk-ssl.c are the +combination of; src/ssl.c, src/tls.c, src/internal.c, src/keys.c, src/wolfio.c, +and wolfcrypt/src/kdf.c. The code has then been trimmed for the specific use +case and adjusted to flatten the call stack. The compiler used had a limit of +around 32 function calls deep for the call stack. The linker used also was +unable to effectivily trim out unused functions, hence a lot of the unused +functions were removed in psk-tls.c and psk-ssl.c. + +To build the example client using the gcc compiler run `make` from this +directory and then `./Build/example-client-psk`. diff --git a/mplabx/small-psk-build/example-client-psk.c b/mplabx/small-psk-build/example-client-psk.c index b2ca1ef016..07301063ef 100644 --- a/mplabx/small-psk-build/example-client-psk.c +++ b/mplabx/small-psk-build/example-client-psk.c @@ -35,9 +35,11 @@ #define DEFAULT_IP "127.0.0.1" static int sockfd = SOCKET_INVALID; -static int cannedLen = 0; -static byte canned[4096]; -static int cannedIdx = 0; +typedef struct cannedStruct { + int bufferLen; + byte buffer[4096]; + int bufferIdx; +} cannedStruct; #ifndef NO_PSK /* @@ -67,17 +69,17 @@ static inline unsigned int My_Psk_Client_Cb(WOLFSSL* ssl, const char* hint, int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx) { - /* By default, ctx will be a pointer to the file descriptor to read from. - * This can be changed by calling wolfSSL_SetIOReadCtx(). */ int recvd; - - if (cannedLen > 0) { - recvd = (sz < (cannedLen - cannedIdx))? sz : cannedLen - cannedIdx; - memcpy(buff, canned + cannedIdx, recvd); - cannedIdx += recvd; + if (ctx != NULL) { + cannedStruct *cannedData = (cannedStruct*)ctx; + recvd = sz; + if (recvd > (cannedData->bufferLen - cannedData->bufferIdx)) { + recvd = cannedData->bufferLen - cannedData->bufferIdx; + } + memcpy(buff, cannedData->buffer + cannedData->bufferIdx, recvd); + cannedData->bufferIdx += recvd; if (recvd == 0) { - fprintf(stderr, "ran out of input\n"); return WOLFSSL_CBIO_ERR_CONN_CLOSE; } } @@ -129,7 +131,9 @@ int my_IORecv(WOLFSSL* ssl, char* buff, int sz, void* ctx) #endif } /* successful receive */ +#ifndef USE_LIBFUZZER printf("my_IORecv: received %d bytes\n", sz); +#endif return recvd; } @@ -140,44 +144,45 @@ int my_IOSend(WOLFSSL* ssl, char* buff, int sz, void* ctx) * This can be changed by calling wolfSSL_SetIOWriteCtx(). */ int sent; - - if (cannedLen > 0) { + if (ctx != NULL) { + /* drop sent data */ sent = sz; } else { - /* Receive message from socket */ - if ((sent = send(sockfd, buff, sz, 0)) == -1) { - /* error encountered. Be responsible and report it in wolfSSL terms */ - - fprintf(stderr, "IO SEND ERROR: "); - switch (errno) { - #if EAGAIN != EWOULDBLOCK - case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems, but not others */ - #endif - case EWOULDBLOCK: - fprintf(stderr, "would block\n"); - return WOLFSSL_CBIO_ERR_WANT_WRITE; - case ECONNRESET: - fprintf(stderr, "connection reset\n"); - return WOLFSSL_CBIO_ERR_CONN_RST; - case EINTR: - fprintf(stderr, "socket interrupted\n"); - return WOLFSSL_CBIO_ERR_ISR; - case EPIPE: - fprintf(stderr, "socket EPIPE\n"); - return WOLFSSL_CBIO_ERR_CONN_CLOSE; - default: - fprintf(stderr, "general error\n"); - return WOLFSSL_CBIO_ERR_GENERAL; + /* Receive message from socket */ + if ((sent = send(sockfd, buff, sz, 0)) == -1) { + fprintf(stderr, "IO SEND ERROR: "); + switch (errno) { + #if EAGAIN != EWOULDBLOCK + case EAGAIN: /* EAGAIN == EWOULDBLOCK on some systems */ + #endif + case EWOULDBLOCK: + fprintf(stderr, "would block\n"); + return WOLFSSL_CBIO_ERR_WANT_WRITE; + case ECONNRESET: + fprintf(stderr, "connection reset\n"); + return WOLFSSL_CBIO_ERR_CONN_RST; + case EINTR: + fprintf(stderr, "socket interrupted\n"); + return WOLFSSL_CBIO_ERR_ISR; + case EPIPE: + fprintf(stderr, "socket EPIPE\n"); + return WOLFSSL_CBIO_ERR_CONN_CLOSE; + default: + fprintf(stderr, "general error\n"); + return WOLFSSL_CBIO_ERR_GENERAL; + } + } + else if (sent == 0) { + printf("Connection closed\n"); + return 0; } } - else if (sent == 0) { - printf("Connection closed\n"); - return 0; - } - } + /* successful send */ +#ifndef USE_LIBFUZZER printf("my_IOSend: sent %d bytes\n", sz); +#endif return sent; } @@ -199,10 +204,10 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz) byte ran[TLS_RANDOM_SIZE]; byte *ptr; WOLFSSL_METHOD* meth = NULL; - WOLFSSL* ssl = NULL; + cannedStruct cannedData; - memset(ran, 0, sizeof(ran)); + cannedData.bufferLen = 0; #ifndef USE_LIBFUZZER if (argc == 2) { FILE* f = fopen(argv[1], "rb"); @@ -212,7 +217,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz) return 1; } else { - cannedLen = fread(canned, 1, 4096, f); + cannedData.bufferLen = fread(cannedData.buffer, 1, 4096, f); + cannedData.bufferIdx = 0; fclose(f); } } @@ -244,13 +250,16 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz) } } #else - cannedLen = sz; - memcpy(canned, data, cannedLen); + cannedData.bufferLen = sz; + memcpy(cannedData.buffer, data, cannedData.bufferLen); + cannedData.bufferIdx = 0; #endif wolfSSL_Init(); /* initialize wolfSSL */ meth = wolfTLSv1_2_client_method(); + /* creat wolfssl object after each tcp connect */ + memset(ran, 0, sizeof(ran)); if ( (ssl = wolfSSL_new_leanpsk(meth, SUITE0, SUITE1, ran, TLS_RANDOM_SIZE)) == NULL) { fprintf(stderr, "wolfSSL_new_leanpsk error.\n"); @@ -261,12 +270,24 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz) wolfSSL_SSLSetIORecv(ssl, my_IORecv); wolfSSL_SSLSetIOSend(ssl, my_IOSend); + if (cannedData.bufferLen > 0) { + wolfSSL_SetIOWriteCtx(ssl, (void*)&cannedData); + wolfSSL_SetIOReadCtx(ssl, (void*)&cannedData); + } + ret = wolfSSL_connect(ssl); +#ifndef USE_LIBFUZZER printf("ret of connect = %d\n", ret); +#endif + if (ret < 0) { + goto exit; + } /* write string to the server */ if (wolfSSL_write_inline(ssl, recvline, strlen(recvline), MAXLINE) < 0) { + #ifndef USE_LIBFUZZER printf("Write Error to Server\n"); + #endif ret = -1; goto exit; } @@ -274,14 +295,20 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t sz) /* check if server ended before client could read a response */ if ((read = wolfSSL_read_inline(ssl, recvline, MAXLINE, (void**)&ptr, MAXLINE)) < 0 ) { + #ifndef USE_LIBFUZZER printf("Client: Server Terminated Prematurely!\n"); + #endif ret = -1; goto exit; } - /* show message from the server */ - ptr[read] = '\0'; - printf("Server Message: %s\n", ptr); + if (read > 0) { + /* show message from the server */ + ptr[read] = '\0'; + #ifndef USE_LIBFUZZER + printf("Server Message: %s\n", ptr); + #endif + } ret = 0; diff --git a/mplabx/small-psk-build/psk-ssl.c b/mplabx/small-psk-build/psk-ssl.c index 31da69d5c5..5d5ea9d877 100644 --- a/mplabx/small-psk-build/psk-ssl.c +++ b/mplabx/small-psk-build/psk-ssl.c @@ -191,7 +191,8 @@ static const byte tls13Downgrade[7] = { int IsTLS(const WOLFSSL* ssl) { - if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_MINOR) + if (ssl->version.major == (byte)SSLv3_MAJOR && + ssl->version.minor >= (byte)TLSv1_MINOR) return 1; #ifdef WOLFSSL_DTLS if (ssl->version.major == DTLS_MAJOR) @@ -203,7 +204,8 @@ int IsTLS(const WOLFSSL* ssl) int IsTLS_ex(const ProtocolVersion pv) { - if (pv.major == SSLv3_MAJOR && pv.minor >=TLSv1_MINOR) + if (pv.major == (byte)SSLv3_MAJOR && + pv.minor >= (byte)TLSv1_MINOR) return 1; return 0; @@ -212,7 +214,8 @@ int IsTLS_ex(const ProtocolVersion pv) int IsAtLeastTLSv1_2(const WOLFSSL* ssl) { - if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_2_MINOR) + if (ssl->version.major == (byte)SSLv3_MAJOR && + ssl->version.minor >= (byte)TLSv1_2_MINOR) return 1; return 0; @@ -221,13 +224,16 @@ int IsAtLeastTLSv1_2(const WOLFSSL* ssl) int IsAtLeastTLSv1_3(ProtocolVersion pv) { int ret; - ret = (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR); + ret = (int)((pv.major == (byte)SSLv3_MAJOR && + pv.minor >= (byte)TLSv1_3_MINOR)); return ret; } #ifdef WOLFSSL_LEANPSK -#define IsEncryptionOn(ssl, isSend) (ssl)->keys->encryptionOn && ((isSend) ? (ssl)->encryptSetup : (ssl)->decryptSetup) +#define IsEncryptionOn(ssl, isSend) \ + (ssl)->keys->encryptionOn && ((isSend) ? \ + (ssl)->encryptSetup : (ssl)->decryptSetup) #else int IsEncryptionOn(const WOLFSSL* ssl, int isSend) { @@ -360,7 +366,7 @@ int ReinitSSL_leanpsk(WOLFSSL* ssl) if (ssl->session != NULL) ssl->session->side = (byte)ssl->options.side; #endif - + return ret; } @@ -392,7 +398,7 @@ int InitSSL_leanpsk(WOLFSSL* ssl, WOLFSSL_METHOD* method, byte ciphersuite0, ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer; ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN; - + /* initialize states */ ssl->options.serverState = NULL_STATE; ssl->options.clientState = NULL_STATE; @@ -408,7 +414,7 @@ int InitSSL_leanpsk(WOLFSSL* ssl, WOLFSSL_METHOD* method, byte ciphersuite0, #endif ssl->options.useClientOrder = 0; ssl->options.mutualAuth = 0; - + /* default alert state (none) */ ssl->alert_history.last_rx.code = -1; ssl->alert_history.last_rx.level = -1; @@ -438,7 +444,7 @@ int InitSSL_leanpsk(WOLFSSL* ssl, WOLFSSL_METHOD* method, byte ciphersuite0, ssl->options.cipherSuite0 = CIPHER_BYTE; ssl->options.cipherSuite = TLS_PSK_WITH_AES_128_CBC_SHA256; } - + /* hsHashes */ ret = InitHandshakeHashes(ssl); if (ret != 0) { @@ -576,17 +582,7 @@ void SSL_ResourceFree(WOLFSSL* ssl) ssl->clientFinished_len = 0; #endif #ifndef NO_DH - if (ssl->buffers.serverDH_Priv.buffer != NULL) { - ForceZero(ssl->buffers.serverDH_Priv.buffer, - ssl->buffers.serverDH_Priv.length); - } - XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_PRIVATE_KEY); - XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - /* parameters (p,g) may be owned by ctx */ - if (ssl->buffers.weOwnDH) { - XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - } + #error expecting NO_DH defined #endif /* !NO_DH */ #ifndef NO_CERTS ssl->keepCert = 0; /* make sure certificate is free'd */ @@ -672,7 +668,7 @@ void SSL_ResourceFree(WOLFSSL* ssl) void FreeHandshakeResources(WOLFSSL* ssl) { WOLFSSL_ENTER("FreeHandshakeResources"); - + /* input buffer */ if (ssl->buffers.inputBuffer.dynamicFlag) ShrinkInputBuffer(ssl, NO_FORCED_FREE); @@ -802,7 +798,8 @@ void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out) * WOLFSSL_SM4_CCM) && HAVE_AEAD) */ /* add record layer header for message */ -static void AddRecordHeader(byte* output, word32 length, byte type, WOLFSSL* ssl, int epochOrder) +static void AddRecordHeader(byte* output, word32 length, byte type, + WOLFSSL* ssl, int epochOrder) { RecordLayerHeader* rl; @@ -903,7 +900,7 @@ static int wolfSSLReceive(WOLFSSL* ssl, byte* buf, word32 sz) retry: recvd = ssl->CBIORecv(ssl, (char *)buf, (int)sz, - #ifndef WOLFSSL_LEANPSK_STATIC_IO + #ifndef WOLFSSL_LEANPSK_STATIC_IO ssl->IOCB_ReadCtx #else NULL @@ -1002,9 +999,10 @@ static int wolfSSLReceive(WOLFSSL* ssl, byte* buf, word32 sz) void ShrinkOutputBuffer(WOLFSSL* ssl) { WOLFSSL_MSG("Shrinking output buffer"); - if (ssl->buffers.outputBuffer.dynamicFlag != (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { - XFREE(ssl->buffers.outputBuffer.buffer - ssl->buffers.outputBuffer.offset, - ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); + if (ssl->buffers.outputBuffer.dynamicFlag != + (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { + XFREE(ssl->buffers.outputBuffer.buffer - + ssl->buffers.outputBuffer.offset, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); } ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer; ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN; @@ -1035,7 +1033,8 @@ void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree) usedLength); } - if (ssl->buffers.inputBuffer.dynamicFlag != (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { + if (ssl->buffers.inputBuffer.dynamicFlag != + (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { #ifndef WOLFSSL_NO_FORCE_ZERO ForceZero(ssl->buffers.inputBuffer.buffer, ssl->buffers.inputBuffer.length); @@ -1214,7 +1213,8 @@ static WC_INLINE int GrowOutputBuffer(WOLFSSL* ssl, int size) align *= 2; #endif - if (ssl->buffers.outputBuffer.dynamicFlag == (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { + if (ssl->buffers.outputBuffer.dynamicFlag == + (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { WOLFSSL_MSG("External output buffer provided was too small"); return BAD_FUNC_ARG; } @@ -1304,7 +1304,8 @@ int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength) return BAD_FUNC_ARG; } - if (ssl->buffers.inputBuffer.dynamicFlag == (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { + if (ssl->buffers.inputBuffer.dynamicFlag == + (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { WOLFSSL_MSG("External input buffer provided was too small"); return BAD_FUNC_ARG; } @@ -1374,34 +1375,6 @@ int CheckAvailableSize(WOLFSSL *ssl, int size) return BAD_FUNC_ARG; } -#ifdef WOLFSSL_DTLS - if (ssl->options.dtls) { -#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU) - word32 mtu = (word32)ssl->dtlsMtuSz; -#else - word32 mtu = MAX_MTU; -#endif - if ((word32)size + ssl->buffers.outputBuffer.length > mtu) { - int ret; - WOLFSSL_MSG("CheckAvailableSize() flushing buffer " - "to make room for new message"); - if ((ret = SendBuffered(ssl)) != 0) { - return ret; - } - } - if ((word32)size > mtu -#ifdef WOLFSSL_DTLS13 - /* DTLS1.3 uses the output buffer to store the full message and deal - with fragmentation later in dtls13HandshakeSend() */ - && !IsAtLeastTLSv1_3(ssl->version) -#endif /* WOLFSSL_DTLS13 */ - ) { - WOLFSSL_MSG("CheckAvailableSize() called with size greater than MTU."); - return DTLS_SIZE_ERROR; - } - } -#endif - if ((ssl->buffers.outputBuffer.bufferSize - ssl->buffers.outputBuffer.length - ssl->buffers.outputBuffer.idx) < (word32)size) { @@ -1478,7 +1451,7 @@ int MsgCheckEncryption(WOLFSSL* ssl, byte type, byte encrypted) case certificate_status: case session_ticket: case change_cipher_hs: - if (encrypted) { + if (encrypted) { WOLFSSL_MSG("Message can not be encrypted in regular " "handshake"); WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E); @@ -1860,8 +1833,8 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size, } if (sniff == NO_SNIFF) { - if (XMEMCMP((void*)(input + *inOutIdx), (void*)&ssl->hsHashes->verifyHashes, - size) != 0){ + if (XMEMCMP((void*)(input + *inOutIdx), + (void*)&ssl->hsHashes->verifyHashes, size) != 0){ WOLFSSL_MSG("Verify finished error on hashes"); WOLFSSL_ERROR_VERBOSE(VERIFY_FINISHED_ERROR); return VERIFY_FINISHED_ERROR; @@ -1914,7 +1887,7 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size, ssl->options.handShakeDone = 1; } } - + WOLFSSL_LEAVE("DoFinished", 0); WOLFSSL_END(WC_FUNC_FINISHED_DO); @@ -2221,7 +2194,8 @@ int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, } #endif - if (ssl->options.handShakeState == (byte)HANDSHAKE_DONE && type != hello_request){ + if (ssl->options.handShakeState == (byte)HANDSHAKE_DONE && + type != hello_request){ WOLFSSL_MSG("HandShake message after handshake complete"); SendAlert(ssl, alert_fatal, unexpected_message); WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E); @@ -2229,7 +2203,8 @@ int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, } if (ssl->options.side == (byte)WOLFSSL_CLIENT_END && - ssl->options.serverState == (byte)NULL_STATE && type != server_hello && + ssl->options.serverState == (byte)NULL_STATE && + type != server_hello && type != hello_request) { WOLFSSL_MSG("First server message not server hello or " "hello request"); @@ -2248,7 +2223,8 @@ int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, } if (ssl->options.side == (byte)WOLFSSL_SERVER_END && - ssl->options.clientState == (byte)NULL_STATE && type != client_hello) { + ssl->options.clientState == (byte)NULL_STATE && + type != client_hello) { WOLFSSL_MSG("First client message not client hello"); SendAlert(ssl, alert_fatal, unexpected_message); WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E); @@ -2327,7 +2303,8 @@ int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, #endif { ssl->options.cacheMessages = 0; - if ((ssl->hsHashes != NULL) && (ssl->hsHashes->messages != NULL)) { + if ((ssl->hsHashes != NULL) && + (ssl->hsHashes->messages != NULL)) { ForceZero(ssl->hsHashes->messages, ssl->hsHashes->length); XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES); @@ -2344,7 +2321,7 @@ int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, break; #endif - + case server_hello_done: WOLFSSL_MSG("processing server hello done"); ssl->options.serverState = SERVER_HELLODONE_COMPLETE; @@ -2452,6 +2429,11 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, if (inputLength - HANDSHAKE_HEADER_SZ < size) { ssl->arrays->pendingMsgType = type; ssl->arrays->pendingMsgSz = size + HANDSHAKE_HEADER_SZ; + + if (ssl->arrays->pendingMsg != NULL) { + XFREE(ssl->arrays->pendingMsg, ssl->heap, DYNAMIC_TYPE_ARRAYS); + } + ssl->arrays->pendingMsg = (byte*)XMALLOC(size + HANDSHAKE_HEADER_SZ, ssl->heap, DYNAMIC_TYPE_ARRAYS); @@ -2653,7 +2635,6 @@ static WC_INLINE int CipherHasExpIV(WOLFSSL *ssl) } -#ifndef WOLFSSL_LEANPSK_STATIC /* check cipher text size for sanity */ static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz) { @@ -2665,7 +2646,7 @@ static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz) #endif #ifndef WOLFSSL_AEAD_ONLY - if (ssl->specs.cipher_type == block) { + if (ssl->specs.cipher_type == (byte)block) { #ifdef HAVE_ENCRYPT_THEN_MAC if (ssl->options.startedETMRead) { if ((encryptSz - MacSize(ssl)) % ssl->specs.block_size) { @@ -2692,7 +2673,7 @@ static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz) } else #endif - if (ssl->specs.cipher_type == aead) { + if (ssl->specs.cipher_type == (byte)aead) { minLength = ssl->specs.aead_mac_size; /* authTag size */ if (CipherHasExpIV(ssl)) minLength += AESGCM_EXP_IV_SZ; /* explicit IV */ @@ -2706,7 +2687,6 @@ static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz) return 0; } -#endif /* WOLFSSL_LEANPSK _STATIC */ #ifndef WOLFSSL_AEAD_ONLY #ifdef WOLSSL_OLD_TIMINGPADVERIFY @@ -2874,7 +2854,8 @@ static WC_INLINE void DoRounds(int type, int rounds, const byte* data, int sz) /* do number of compression rounds on dummy data */ -static WC_INLINE void CompressRounds(WOLFSSL* ssl, int rounds, const byte* dummy) +static WC_INLINE void CompressRounds(WOLFSSL* ssl, int rounds, + const byte* dummy) { if (rounds) DoRounds(ssl->specs.mac_algorithm, rounds, dummy, COMPRESS_LOWER); @@ -2976,7 +2957,7 @@ static WC_INLINE int GetRounds(int pLen, int padLen, int t) #else #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) - + #ifndef WOLFSSL_LEANPSK_STATIC /* check all length bytes for the pad value, return 0 on success */ static int PadCheck(const byte* a, byte pad, int length) @@ -3097,14 +3078,8 @@ int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz, /* 4th argument has potential to underflow, ssl->hmac function should * either increment the size by (macSz + padLen + 1) before use or check on * the size to make sure is valid. */ -#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \ - defined(WOLFSSL_RENESAS_TSIP_TLS) - ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen, - content, 1, PEER_ORDER); -#else ret = TLS_hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen, content, 1, PEER_ORDER); -#endif good |= MaskMac(input, pLen, WC_SHA256_DIGEST_SIZE, verify); /* Non-zero on failure. */ @@ -3592,7 +3567,8 @@ static int GetInputData(WOLFSSL *ssl, word32 size) /* Put buffer data at start if not there */ if (usedLength > 0 && ssl->buffers.inputBuffer.idx != 0u) XMEMMOVE((void*)&ssl->buffers.inputBuffer.buffer[0], - (void*)(ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx), + (void*)(ssl->buffers.inputBuffer.buffer + + ssl->buffers.inputBuffer.idx), usedLength); /* remove processed data */ @@ -3646,7 +3622,8 @@ static WC_INLINE int VerifyMacEnc(WOLFSSL* ssl, const byte* input, word32 msgSz, return VERIFY_MAC_ERROR; } - ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1, PEER_ORDER); + ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, -1, content, 1, + PEER_ORDER); ret |= ConstantCompare(verify, input + msgSz - digestSz, (int)digestSz); if (ret != 0) { WOLFSSL_ERROR_VERBOSE(VERIFY_MAC_ERROR); @@ -3675,10 +3652,8 @@ static WC_INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, if (ssl->specs.cipher_type == (byte)block) { int ivExtra = 0; -//#ifndef NO_OLD_TLS if (ssl->options.tls1_1) ivExtra = ssl->specs.block_size; -//#endif pad = *(input + msgSz - ivExtra - 1); padByte = 1; @@ -3694,7 +3669,7 @@ static WC_INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, if (ssl->specs.cipher_type == (byte)aead) { *padSz = ssl->specs.aead_mac_size; } - else + else #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY) { *padSz = digestSz + pad + padByte; @@ -3886,11 +3861,10 @@ int ProcessReply(WOLFSSL* ssl) if (IsEncryptionOn(ssl, 0) && ssl->keys->decryptedCur == 0u && (!IsAtLeastTLSv1_3(ssl->version) || - ssl->curRL.type != (byte)change_cipher_spec)) + ssl->curRL.type != (byte)change_cipher_spec)) { bufferStatic* in = &ssl->buffers.inputBuffer; -#ifndef WOLFSSL_LEANPSK_STATIC ret = SanityCheckCipherText(ssl, ssl->curSize); if (ret < 0) { #ifdef WOLFSSL_EXTRA_ALERTS @@ -3898,7 +3872,6 @@ int ProcessReply(WOLFSSL* ssl) #endif return ret; } -#endif if (atomicUser) { } @@ -3962,7 +3935,7 @@ int ProcessReply(WOLFSSL* ssl) return ASYNC_INIT_E; } - //If server side this should be keys->client_write_key + /*If server side this should be keys->client_write_key*/ key = ssl->keys->keys + WC_MAX_DIGEST_SIZE + WC_MAX_DIGEST_SIZE + MAX_SYM_KEY_SIZE; iv = key + MAX_SYM_KEY_SIZE + MAX_WRITE_IV_SZ; @@ -4015,7 +3988,8 @@ int ProcessReply(WOLFSSL* ssl) #ifndef WOLFSSL_NO_TLS12 /* handle success */ #ifndef WOLFSSL_AEAD_ONLY - if (ssl->options.tls1_1 && ssl->specs.cipher_type == (byte)block) + if (ssl->options.tls1_1 && + ssl->specs.cipher_type == (byte)block) ssl->buffers.inputBuffer.idx += ssl->specs.block_size; #endif /* go past TLSv1.1 IV */ @@ -4040,7 +4014,7 @@ int ProcessReply(WOLFSSL* ssl) if (IsEncryptionOn(ssl, 0) && ssl->keys->decryptedCur == 0u && (!IsAtLeastTLSv1_3(ssl->version) || - ssl->curRL.type != (byte)change_cipher_spec)) + ssl->curRL.type != (byte)change_cipher_spec)) { if (!atomicUser #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) @@ -4056,7 +4030,8 @@ int ProcessReply(WOLFSSL* ssl) return ret; #endif if (ret < 0) { - #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_ETM_ALERT) + #if defined(WOLFSSL_EXTRA_ALERTS) && \ + !defined(WOLFSSL_NO_ETM_ALERT) if (!ssl->options.dtls) SendAlert(ssl, alert_fatal, bad_record_mac); #endif @@ -4172,8 +4147,7 @@ int ProcessReply(WOLFSSL* ssl) #endif } if (ret != 0 - - #ifdef WOLFSSL_DTLS +#ifdef WOLFSSL_DTLS /* DoDtlsHandShakeMsg can return a WANT_WRITE when * calling DtlsMsgPoolSend. This msg is done * processing so let's move on. */ @@ -4258,9 +4232,11 @@ int ProcessReply(WOLFSSL* ssl) if (IsEncryptionOn(ssl, 0) && ssl->options.handShakeDone) { #ifdef HAVE_AEAD if (ssl->specs.cipher_type == aead) { - if (ssl->specs.bulk_cipher_algorithm != wolfssl_chacha) + if (ssl->specs.bulk_cipher_algorithm != + wolfssl_chacha) ssl->curSize -= AESGCM_EXP_IV_SZ; - ssl->buffers.inputBuffer.idx += ssl->specs.aead_mac_size; + ssl->buffers.inputBuffer.idx += + ssl->specs.aead_mac_size; ssl->curSize -= ssl->specs.aead_mac_size; } else @@ -4292,12 +4268,12 @@ int ProcessReply(WOLFSSL* ssl) ssl->buffers.inputBuffer.idx++; - #ifndef WOLFSSL_NO_SANITY_CHECK_HANDSHAKE + #ifndef WOLFSSL_NO_SANITY_CHECK_HANDSHAKE ret = SanityCheckMsgReceived(ssl, change_cipher_hs); if (ret != 0) { return ret; } - #endif + #endif ssl->keys->encryptionOn = 1; @@ -4338,8 +4314,8 @@ int ProcessReply(WOLFSSL* ssl) return ret; #endif ret = BuildTlsFinished(ssl, &ssl->hsHashes->verifyHashes, - ssl->options.side == (byte)WOLFSSL_CLIENT_END ? - 1 : 0); + ssl->options.side == (byte)WOLFSSL_CLIENT_END ? + 1 : 0); if (ret != 0) return ret; #endif /* !WOLFSSL_NO_TLS12 */ @@ -4395,7 +4371,8 @@ int ProcessReply(WOLFSSL* ssl) ssl->options.processReply = doProcessInit; /* input exhausted */ - if (ssl->buffers.inputBuffer.idx >= ssl->buffers.inputBuffer.length) { + if (ssl->buffers.inputBuffer.idx >= + ssl->buffers.inputBuffer.length) { /* Shrink input buffer when we successfully finish record * processing */ if ((ret == 0) && ssl->buffers.inputBuffer.dynamicFlag) @@ -4410,14 +4387,15 @@ int ProcessReply(WOLFSSL* ssl) ssl->options.processReply = runProcessingOneMessage; if (IsEncryptionOn(ssl, 0)) { - WOLFSSL_MSG("Bundled encrypted messages, remove middle pad"); + WOLFSSL_MSG( + "Bundled encrypted messages, remove middle pad"); #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) if (ssl->options.startedETMRead) { word32 digestSz = MacSize(ssl); if (ssl->buffers.inputBuffer.idx >= - ssl->keys->padSz + digestSz) { + ssl->keys->padSz + digestSz) { ssl->buffers.inputBuffer.idx -= - ssl->keys->padSz + digestSz; + ssl->keys->padSz + digestSz; } else { WOLFSSL_MSG("\tmiddle padding error"); @@ -4632,7 +4610,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, if (ssl->specs.bulk_cipher_algorithm != wolfssl_chacha) args->ivSz = AESGCM_EXP_IV_SZ; - args->sz += (args->ivSz + ssl->specs.aead_mac_size - args->digestSz); + args->sz += (args->ivSz + ssl->specs.aead_mac_size - + args->digestSz); } #endif @@ -4655,7 +4634,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, } else { if (ssl->rng == NULL) { - ssl->rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), ssl->heap,DYNAMIC_TYPE_RNG); + ssl->rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), + ssl->heap, DYNAMIC_TYPE_RNG); if (ssl->rng == NULL) { WOLFSSL_MSG("RNG Memory error"); goto exit_buildmsg; @@ -4663,7 +4643,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, XMEMSET(ssl->rng, 0, sizeof(WC_RNG)); ssl->options.weOwnRng = 1; - if ( (ret = wc_InitRng_ex(ssl->rng, ssl->heap, INVALID_DEVID)) != 0) { + if ( (ret = wc_InitRng_ex(ssl->rng, ssl->heap, + INVALID_DEVID)) != 0) { WOLFSSL_MSG("RNG Init error"); goto exit_buildmsg; } @@ -4681,14 +4662,14 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, XMEMCPY(args->iv, ssl->keys->aead_exp_IV, AESGCM_EXP_IV_SZ); } #endif - /* move plan text data out of record headers way */ if (ssl->buffers.outputBuffer.dynamicFlag == (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { XMEMMOVE(output + args->headerSz + args->ivSz, input, inSz); } - - args->size = (word16)(args->sz - args->headerSz); /* include mac and digest */ + + /* include mac and digest */ + args->size = (word16)(args->sz - args->headerSz); AddRecordHeader(output, args->size, (byte)type, ssl, epochOrder); /* write to output */ @@ -4713,7 +4694,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, goto exit_buildmsg; if (type == handshake && hashOutput) { - ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, output + RECORD_HEADER_SZ + args->ivSz, + ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, + output + RECORD_HEADER_SZ + args->ivSz, args->headerSz + inSz - RECORD_HEADER_SZ); if (ret != 0) goto exit_buildmsg; @@ -4731,7 +4713,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, tmpIdx = args->idx + args->digestSz; for (i = 0; i <= args->pad; i++) - output[tmpIdx++] = (byte)args->pad; /* pad byte gets pad value */ + /* pad byte gets pad value */ + output[tmpIdx++] = (byte)args->pad; } #endif @@ -4768,8 +4751,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, #endif ret = ssl->hmac(ssl, hmac, - output + args->headerSz + args->ivSz, (word32)inSz, - -1, type, 0, epochOrder); + output + args->headerSz + args->ivSz, + (word32)inSz, -1, type, 0, epochOrder); XMEMCPY(output + args->idx, hmac, args->digestSz); #ifdef WOLFSSL_SMALL_STACK @@ -4779,14 +4762,9 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, else #endif { -#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \ - defined(WOLFSSL_RENESAS_TSIP_TLS) - ret = ssl->hmac(ssl, output + args->idx, output + - args->headerSz + args->ivSz, (word32)inSz, -1, type, 0, epochOrder); -#else ret = TLS_hmac(ssl, output + args->idx, output + - args->headerSz + args->ivSz, (word32)inSz, -1, type, 0, epochOrder); -#endif + args->headerSz + args->ivSz, + (word32)inSz, -1, type, 0, epochOrder); } } #endif /* WOLFSSL_AEAD_ONLY */ @@ -4817,7 +4795,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, byte *key; byte *iv; - aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap, DYNAMIC_TYPE_CIPHER); + aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap, + DYNAMIC_TYPE_CIPHER); if (aes == NULL) { return MEMORY_E; } @@ -4827,8 +4806,9 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, return ASYNC_INIT_E; } - //If server side this should be keys->server_write_key - key = ssl->keys->keys + WC_MAX_DIGEST_SIZE + WC_MAX_DIGEST_SIZE; + /* If server side this should be keys->server_write_key */ + key = ssl->keys->keys + WC_MAX_DIGEST_SIZE + + WC_MAX_DIGEST_SIZE; iv = key + MAX_SYM_KEY_SIZE + MAX_SYM_KEY_SIZE; ret = wc_AesSetKey(aes, key, 16, iv, @@ -4947,7 +4927,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, else { WOLFSSL_ERROR_VERBOSE(ret); } - + return ret; #endif /* !WOLFSSL_NO_TLS12 */ #else @@ -4968,7 +4948,7 @@ int SendFinished(WOLFSSL* ssl) int sendSz, finishedSz = ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ; - byte input[FINISHED_SZ + 12];//DTLS_HANDSHAKE_HEADER_SZ]; /* max */ + byte input[FINISHED_SZ + 12]; /* max */ byte *output; Hashes* hashes; int ret; @@ -4994,8 +4974,8 @@ int SendFinished(WOLFSSL* ssl) /* make finished hashes */ hashes = (Hashes*)&input[headerSz]; - ret = BuildTlsFinished(ssl, hashes, ssl->options.side == (byte)WOLFSSL_CLIENT_END ? - 0 : 1); + ret = BuildTlsFinished(ssl, hashes, + ssl->options.side == (byte)WOLFSSL_CLIENT_END ? 0 : 1); if (ret != 0) return ret; #ifdef WOLFSSL_HAVE_TLS_UNIQUE @@ -5031,7 +5011,7 @@ int SendFinished(WOLFSSL* ssl) ssl->options.handShakeDone = 1; } } - + ssl->buffers.outputBuffer.length += sendSz; ret = SendBuffered(ssl); @@ -5085,9 +5065,9 @@ static int ssl_in_handshake(WOLFSSL *ssl, int send) if (ssl->options.side == (byte)WOLFSSL_CLIENT_END) { if (IsAtLeastTLSv1_3(ssl->version)) - return ssl->options.connectState < FINISHED_DONE; + return ssl->options.connectState < (byte)FINISHED_DONE; if (IsAtLeastTLSv1_2(ssl)) - return ssl->options.connectState < SECOND_REPLY_DONE; + return ssl->options.connectState < (byte)SECOND_REPLY_DONE; return 0; } @@ -5273,7 +5253,8 @@ int ReceiveData(WOLFSSL* ssl, byte** output, int sz, int peek) size = min(sz, (int)ssl->buffers.clearOutputBuffer.length); - if (ssl->buffers.inputBuffer.dynamicFlag == (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { + if (ssl->buffers.inputBuffer.dynamicFlag == + (byte)WOLFSSL_EXTERNAL_IO_BUFFER) { *output = ssl->buffers.clearOutputBuffer.buffer; } else { @@ -5332,7 +5313,7 @@ static int SendAlert_ex(WOLFSSL* ssl, int severity, int type) */ if (IsEncryptionOn(ssl, 1)) { sendSz = BuildMessage(ssl, output, outputSz, input, ALERT_SIZE, alert, - 0, 0, 0, CUR_ORDER); + 0, 0, 0, CUR_ORDER); } else { { @@ -5480,8 +5461,8 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) if (IsEncryptionOn(ssl, 1)) sendSz += MAX_MSG_EXTRA; - /* Set this in case CheckAvailableSize returns a WANT_WRITE so that state - * is not advanced yet */ + /* Set this in case CheckAvailableSize returns a WANT_WRITE so that + * state is not advanced yet */ ssl->options.buildingMsg = 1; /* check for available size */ @@ -5499,18 +5480,18 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) ssl->chVersion = ssl->version; /* store in case changed */ /* then random */ - if (ssl->options.connectState == CONNECT_BEGIN) { + if (ssl->options.connectState == (byte)CONNECT_BEGIN) { XMEMCPY(output + idx, ssl->arrays->csRandom, RAN_LEN); } idx += RAN_LEN; /* then session id */ output[idx++] = (byte)idSz; - + #ifndef WOLFSSL_NO_SESSION_RESUMPTION if (idSz) { XMEMCPY(output + idx, ssl->session->sessionID, - ssl->session->sessionIDSz); + ssl->session->sessionIDSz); idx += ssl->session->sessionIDSz; } #endif @@ -5548,8 +5529,8 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) if (sendSz < 0) return sendSz; } else { - ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, output + RECORD_HEADER_SZ, - sendSz - RECORD_HEADER_SZ); + ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, + output + RECORD_HEADER_SZ, sendSz - RECORD_HEADER_SZ); if (ret != 0) return ret; } @@ -5580,7 +5561,7 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) byte lowerVersion, higherVersion; { - if (pv.major != SSLv3_MAJOR) { + if (pv.major != (byte)SSLv3_MAJOR) { WOLFSSL_ERROR_VERBOSE(VERSION_ERROR); return VERSION_ERROR; } @@ -5743,13 +5724,15 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) compression = input[i++]; - if (compression != (byte)NO_COMPRESSION && !ssl->options.usingCompression) { + if (compression != (byte)NO_COMPRESSION && + !ssl->options.usingCompression) { WOLFSSL_MSG("Server forcing compression w/o support"); WOLFSSL_ERROR_VERBOSE(COMPRESSION_ERROR); return COMPRESSION_ERROR; } - if (compression != (byte)ZLIB_COMPRESSION && ssl->options.usingCompression) { + if (compression != (byte)ZLIB_COMPRESSION && + ssl->options.usingCompression) { WOLFSSL_MSG("Server refused compression, turning off"); ssl->options.usingCompression = 0; /* turn off if server refused */ } @@ -5789,12 +5772,12 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) if ( (i - begin) < helloSz) { int allowExt = 0; - if (ssl->version.major == SSLv3_MAJOR && - ssl->version.minor >= TLSv1_MINOR) { + if (ssl->version.major == (byte)SSLv3_MAJOR && + ssl->version.minor >= (byte)TLSv1_MINOR) { allowExt = 1; } - + if (allowExt) { word16 totalExtSz; @@ -5818,7 +5801,8 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) ato16(&input[i], &extSz); i += OPAQUE16_LEN; - if (OPAQUE16_LEN + OPAQUE16_LEN + extSz > totalExtSz) + if ((word16)OPAQUE16_LEN + (word16)OPAQUE16_LEN + extSz + > totalExtSz) return BUFFER_ERROR; if (extId == (word16)HELLO_EXT_EXTMS) @@ -5845,8 +5829,7 @@ int SendAlert(WOLFSSL* ssl, int severity, int type) !ssl->secure_renegotiation->enabled) { /* If the server does not acknowledge the extension, the client * MUST generate a fatal handshake_failure alert prior to - * terminating the connection. - * https://www.rfc-editor.org/rfc/rfc9325#name-renegotiation-in-tls-12 */ + * terminating the connection. */ WOLFSSL_MSG("ServerHello did not contain SCR extension"); return SECURE_RENEGOTIATION_E; } @@ -5988,7 +5971,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, #endif } /* case TLS_ASYNC_BEGIN */ FALL_THROUGH; - + case TLS_ASYNC_FINALIZE: { if (IsEncryptionOn(ssl, 0)) { @@ -6057,8 +6040,8 @@ int SendClientKeyExchange(WOLFSSL* ssl) ret = 0; ssl->options.asyncState = TLS_ASYNC_BEGIN; XMEMSET(args, 0, sizeof(SckeArgs)); - /* Set this in case CheckAvailableSize returns a WANT_WRITE so that state - * is not advanced yet */ + /* Set this in case CheckAvailableSize returns a WANT_WRITE so that + * state is not advanced yet */ ssl->options.buildingMsg = 1; } @@ -6140,14 +6123,12 @@ int SendClientKeyExchange(WOLFSSL* ssl) c16toa((word16)psk_keySz, pms); pms += OPAQUE16_LEN; if (psk_keySz < (int)MAX_PSK_KEY_LEN) { - XMEMMOVE((void*)pms, (void*)(pms + (MAX_PSK_KEY_LEN - psk_keySz)), + XMEMMOVE((void*)pms, + (void*)(pms + (MAX_PSK_KEY_LEN - psk_keySz)), psk_keySz); } ssl->arrays->preMasterSz = (psk_keySz * 2) + (2 * OPAQUE16_LEN); -#ifndef WOLFSSL_NO_FORCE_ZERO - ForceZero(ssl->arrays->psk_key, ssl->arrays->psk_keySz); -#endif } psk_keySz = 0; /* No further need */ break; @@ -6175,7 +6156,8 @@ int SendClientKeyExchange(WOLFSSL* ssl) word32 tlsSz = 0; word32 idx = 0; - if (ssl->options.tls || ssl->specs.kea == (byte)diffie_hellman_kea) { + if (ssl->options.tls || + ssl->specs.kea == (byte)diffie_hellman_kea) { tlsSz = 2; } @@ -6199,7 +6181,8 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* get output buffer */ args->output = GetOutputBuffer(ssl); - AddHeaders(args->output, args->encSz + tlsSz, client_key_exchange, ssl); + AddHeaders(args->output, args->encSz + tlsSz, client_key_exchange, + ssl); if (tlsSz) { c16toa((word16)args->encSz, &args->output[idx]); @@ -6231,9 +6214,9 @@ int SendClientKeyExchange(WOLFSSL* ssl) { if (IsEncryptionOn(ssl, 1)) { ret = BuildMessage(ssl, args->output, args->sendSz, - args->input, args->inputSz, handshake, 1, 0, 0, CUR_ORDER); + args->input, args->inputSz, handshake, 1, 0, 0, CUR_ORDER); XFREE(args->input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); - args->input = NULL; /* make sure its not double free'd on cleanup */ + args->input = NULL; /* make sure its not double free'd */ if (ret >= 0) { args->sendSz = ret; @@ -6241,14 +6224,15 @@ int SendClientKeyExchange(WOLFSSL* ssl) } } else { - ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, args->output + RECORD_HEADER_SZ, + ret = wc_Sha256Update(&ssl->hsHashes->hashSha256, + args->output + RECORD_HEADER_SZ, args->sendSz - RECORD_HEADER_SZ); } if (ret != 0) { goto exit_scke; } - + ssl->buffers.outputBuffer.length += (word32)args->sendSz; if (!ssl->options.groupMessages) { @@ -6378,15 +6362,16 @@ WOLFSSL* wolfSSL_new_leanpsk(WOLFSSL_METHOD* method, } /* ssl XMALLOC success */ if (ssl && ssl->arrays) { - XMEMCPY(ssl->arrays->csRandom, ran, RAN_LEN); /* copy over client random */ + /* copy over client random */ + XMEMCPY(ssl->arrays->csRandom, ran, RAN_LEN); XMEMCPY(ssl->arrays->csRandom + RAN_LEN + RAN_LEN, ran + RAN_LEN, 16); /* copy over first IV */ } - + WOLFSSL_LEAVE("wolfSSL_new InitSSL =", ret); (void)ret; - return ssl; + return ssl; } @@ -6492,7 +6477,7 @@ int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz) if (ssl == NULL || data == NULL || sz < 0) return BAD_FUNC_ARG; - + ret = SendData(ssl, data, sz); WOLFSSL_LEAVE("wolfSSL_write", ret); @@ -6544,8 +6529,8 @@ int wolfSSL_read_inline(WOLFSSL* ssl, void* buf, int bufSz, void** data, int dataSz) { int ret; - - WOLFSSL_ENTER("wolfSSL_read"); + + WOLFSSL_ENTER("wolfSSL_read_inline"); #ifdef OPENSSL_EXTRA if (ssl == NULL) { @@ -6665,7 +6650,7 @@ WOLFSSL_ABI int wolfSSL_Init(void) { int ret = WOLFSSL_SUCCESS; - + WOLFSSL_ENTER("wolfSSL_Init"); if ((ret == WOLFSSL_SUCCESS) && (initRefCount == 0)) { @@ -6727,21 +6712,21 @@ int wolfSSL_Init(void) if ((ret = ReinitSSL_leanpsk(ssl)) != 0) { return ret; } - + if (ssl->options.side != (byte)WOLFSSL_CLIENT_END) { ssl->error = SIDE_ERROR; WOLFSSL_ERROR(ssl->error); return WOLFSSL_FATAL_ERROR; } - + /* fragOffset is non-zero when sending fragments. On the last * fragment, fragOffset is zero again, and the state can be * advanced. */ advanceState = ssl->fragOffset == 0u && - (ssl->options.connectState == CONNECT_BEGIN || - ssl->options.connectState == HELLO_AGAIN || - (ssl->options.connectState >= FIRST_REPLY_DONE && - ssl->options.connectState <= FIRST_REPLY_FOURTH)); + (ssl->options.connectState == (byte)CONNECT_BEGIN || + ssl->options.connectState == (byte)HELLO_AGAIN || + (ssl->options.connectState >= (byte)FIRST_REPLY_DONE && + ssl->options.connectState <= (byte)FIRST_REPLY_FOURTH)); if (ssl->buffers.outputBuffer.length > 0u) { ret = SendBuffered(ssl); @@ -6939,7 +6924,7 @@ int wolfSSL_Cleanup(void) if (initRefCount == 0) release = 1; } - + if (!release) return ret; @@ -7055,15 +7040,25 @@ int wolfSSL_get_shutdown(const WOLFSSL* ssl) return isShutdown; } -#ifdef WOLFSSL_LEANPSK_STATIC_IO +#ifndef WOLFSSL_LEANPSK_STATIC_IO +void wolfSSL_SetIOReadCtx(WOLFSSL* ssl, void *rctx) +{ + if (ssl) + ssl->IOCB_ReadCtx = rctx; +} + +void wolfSSL_SetIOWriteCtx(WOLFSSL* ssl, void *wctx) +{ + if (ssl) + ssl->IOCB_WriteCtx = wctx; +} +#endif + /* sets the IO callback to use for receives at WOLFSSL level */ void wolfSSL_SSLSetIORecv(WOLFSSL *ssl, CallbackIORecv CBIORecv) { if (ssl) { ssl->CBIORecv = CBIORecv; - #ifdef OPENSSL_EXTRA - ssl->cbioFlag |= WOLFSSL_CBIO_RECV; - #endif } } @@ -7073,12 +7068,8 @@ void wolfSSL_SSLSetIOSend(WOLFSSL *ssl, CallbackIOSend CBIOSend) { if (ssl) { ssl->CBIOSend = CBIOSend; - #ifdef OPENSSL_EXTRA - ssl->cbioFlag |= WOLFSSL_CBIO_SEND; - #endif } } -#endif #endif /* !WOLFCRYPT_ONLY */ diff --git a/mplabx/small-psk-build/psk-tls.c b/mplabx/small-psk-build/psk-tls.c index fc808203ba..aab5bd2433 100644 --- a/mplabx/small-psk-build/psk-tls.c +++ b/mplabx/small-psk-build/psk-tls.c @@ -64,7 +64,8 @@ int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash, word32* hashLen) int ret = 0; word32 hashSz = FINISHED_SZ; - if (ssl == NULL || hash == NULL || hashLen == NULL || *hashLen < (word32)HSHASH_SZ) + if (ssl == NULL || hash == NULL || hashLen == NULL || + *hashLen < (word32)HSHASH_SZ) return BAD_FUNC_ARG; /* for constant timing perform these even if error */ @@ -102,7 +103,7 @@ int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash, word32* hashLen) #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Add("TLS handshake hash", hash, hashSz); #endif - + if (ret != 0) { ret = BUILD_MSG_ERROR; WOLFSSL_ERROR_VERBOSE(ret); @@ -129,7 +130,6 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, byte srvr) #endif XMEMSET(handshake_hash, 0, HSHASH_SZ); - ret = BuildTlsHandshakeHash(ssl, handshake_hash, &hashSz); if (ret == 0) { @@ -144,7 +144,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, byte srvr) WOLFSSL_MSG("Unexpected sender value"); } } - + if (ret == 0) { #ifdef WOLFSSL_HAVE_PRF { @@ -230,8 +230,8 @@ static int _MakeTlsExtendedMasterSecret(byte* ms, word32 msLen, #ifdef WOLFSSL_HAVE_PRF PRIVATE_KEY_UNLOCK(); - ret = wc_PRF_TLS(ms, msLen, pms, pmsLen, ext_master_label, EXT_MASTER_LABEL_SZ, - sHash, sHashLen, tls1_2, hash_type, heap, devId); + ret = wc_PRF_TLS(ms, msLen, pms, pmsLen, ext_master_label, + EXT_MASTER_LABEL_SZ, sHash, sHashLen, tls1_2, hash_type, heap, devId); PRIVATE_KEY_LOCK(); #else /* Pseudo random function must be enabled in the configuration. */ @@ -311,14 +311,14 @@ static int Hmac_OuterHash(Hmac* hmac, unsigned char* mac) if (hashType != WC_HASH_TYPE_SHA256) { return BAD_FUNC_ARG; } - + #ifdef WOLFSSL_SMALL_STACK hash = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, DYNAMIC_TYPE_HASH_TMP); if (hash == NULL) { return MEMORY_E; } #endif - + if ((digestSz >= 0u) && (blockSz >= 0u)) { ret = wc_InitSha256(hash); } @@ -358,12 +358,13 @@ static int Hmac_OuterHash(Hmac* hmac, unsigned char* mac) int blockSz = wc_HashGetBlockSize(hashType); #ifdef WOLFSSL_SMALL_STACK - hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), NULL, DYNAMIC_TYPE_HASH_TMP); + hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), NULL, + DYNAMIC_TYPE_HASH_TMP); if (hash == NULL) { return MEMORY_E; } #endif - + if ((digestSz >= 0) && (blockSz >= 0)) { ret = wc_HashInit(hash, hashType); } @@ -459,13 +460,14 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in, /* Size of data to HMAC if padding length byte is zero. */ maxLen = WOLFSSL_TLS_HMAC_INNER_SZ + sz - 1 - (unsigned int)macLen; /* Complete data (including padding) has block for EOC and/or length. */ - extraBlock = (byte)ctSetLTE((maxLen + (unsigned int)padSz) & blockMask, padSz); + extraBlock = (byte)ctSetLTE((maxLen + (unsigned int)padSz) & blockMask, + padSz); /* Total number of blocks for data including padding. */ blocks = ((maxLen + blockSz - 1) >> blockBits) + extraBlock; /* Up to last 6 blocks can be hashed safely. */ safeBlocks = blocks - 6; - if (sz < 1u) + if (sz < 1U) return BAD_FUNC_ARG; /* Length of message data. */ @@ -487,14 +489,16 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in, c32toa(realLen >> ((sizeof(word32) * 8) - 3), lenBytes); c32toa(realLen << 3, lenBytes + sizeof(word32)); - ret = wc_Sha256Update(&hmac->hash.sha256, (unsigned char*)hmac->ipad, (word32)blockSz); + ret = wc_Sha256Update(&hmac->hash.sha256, (unsigned char*)hmac->ipad, + (word32)blockSz); if (ret != 0) return ret; XMEMSET(hmac->innerHash, 0, macLen); if (safeBlocks > 0) { - ret = wc_Sha256Update(&hmac->hash.sha256, header, WOLFSSL_TLS_HMAC_INNER_SZ); + ret = wc_Sha256Update(&hmac->hash.sha256, header, + WOLFSSL_TLS_HMAC_INNER_SZ); if (ret != 0) return ret; ret = wc_Sha256Update(&hmac->hash.sha256, in, safeBlocks * blockSz - @@ -517,11 +521,12 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in, unsigned char isOutBlock = ctMaskEq(i, lenBlock); #ifdef WOLFSSL_SMALL_STACK - hashBlock = (unsigned char*)XMALLOC(WC_MAX_BLOCK_SIZE, NULL, DYNAMIC_TYPE_HMAC); + hashBlock = (unsigned char*)XMALLOC(WC_MAX_BLOCK_SIZE, NULL, + DYNAMIC_TYPE_HMAC); if (hashBlock == NULL) return MEMORY_E; #endif - + for (j = 0; j < blockSz; j++) { unsigned char atEoc = ctMaskEq(j, eocIndex) & isEocBlock; unsigned char pastEoc = ctMaskGT(j, eocIndex) & isEocBlock; @@ -590,7 +595,7 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, if (hmac == NULL) return MEMORY_E; #endif - + #ifdef HAVE_TRUNCATED_HMAC hashSz = ssl->truncated_hmac ? (byte)TRUNCATED_HMAC_SZ : ssl->specs.hash_size; @@ -620,9 +625,7 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, #else macSecret = wolfSSL_GetMacSecret(ssl, verify); #endif - ret = wc_HmacSetKey(hmac, WC_SHA256, macSecret, ssl->specs.hash_size - - ); + ret = wc_HmacSetKey(hmac, WC_SHA256, macSecret, ssl->specs.hash_size); if (ret == 0) { /* Constant time verification required. */ @@ -650,7 +653,6 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, wc_HmacFree(hmac); #ifdef WOLFSSL_SMALL_STACK - //XFREE(myInner, NULL, DYNAMIC_TYPE_HMAC); XFREE(hmac, NULL, DYNAMIC_TYPE_HMAC); #endif return ret; @@ -686,7 +688,7 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz, #endif /* WOLFCRYPT_ONLY */ - + int SetCipherSpecs(WOLFSSL* ssl) { int ret = GetCipherSpec(ssl->options.side, ssl->options.cipherSuite0, @@ -694,13 +696,13 @@ int SetCipherSpecs(WOLFSSL* ssl) &ssl->options); if (ret == 0) { /* set TLS if it hasn't been turned off */ - if (ssl->version.major == SSLv3_MAJOR && - ssl->version.minor >= TLSv1_MINOR) { + if (ssl->version.major == (byte)SSLv3_MAJOR && + ssl->version.minor >= (byte)TLSv1_MINOR) { #ifndef NO_TLS ssl->options.tls = 1; - if (ssl->version.minor >= TLSv1_1_MINOR) { + if (ssl->version.minor >= (byte)TLSv1_1_MINOR) { ssl->options.tls1_1 = 1; - if (ssl->version.minor >= TLSv1_3_MINOR) + if (ssl->version.minor >= (byte)TLSv1_3_MINOR) ssl->options.tls1_3 = 1; } #endif @@ -791,7 +793,7 @@ int LeanPSKMakeMasterSecret(WOLFSSL* ssl, byte* keyLabel) 2 * AES_128_KEY_SIZE + 2 * AES_IV_SIZE; byte seed[SEED_LEN]; - + XMEMCPY(seed, ssl->arrays->csRandom + RAN_LEN, RAN_LEN); XMEMCPY(seed + RAN_LEN, ssl->arrays->csRandom, RAN_LEN); @@ -836,14 +838,14 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, byte times; byte lastLen; byte lastTime; - + #ifdef WOLFSSL_SMALL_STACK byte* current; byte previous[WC_SHA256_DIGEST_SIZE]; /* max size */ Hmac* hmac; #else - byte previous[P_HASH_MAX_SIZE]; /* max size */ - byte current[P_HASH_MAX_SIZE]; /* max size */ + byte previous[WC_SHA256_DIGEST_SIZE]; /* max size */ + byte current[WC_SHA256_DIGEST_SIZE]; /* max size */ Hmac hmac[1]; #endif @@ -881,15 +883,16 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, times += 1; - /* times == 0 if resLen == 0, but times == 0 abides clang static analyzer - while resLen == 0 doesn't */ - if (times == 0u) + /* times == 0 if resLen == 0, but times == 0 abides clang static + analyzer while resLen == 0 doesn't */ + if (times == 0U) return BAD_FUNC_ARG; lastTime = times - 1U; #ifdef WOLFSSL_SMALL_STACK - current = (byte*)XMALLOC(WC_SHA256_DIGEST_SIZE, heap, DYNAMIC_TYPE_DIGEST); + current = (byte*)XMALLOC(WC_SHA256_DIGEST_SIZE, heap, + DYNAMIC_TYPE_DIGEST); hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC); if (hmac == NULL || current == NULL) { if (current) XFREE(current, heap, DYNAMIC_TYPE_DIGEST); @@ -908,7 +911,8 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, if (ret == 0) { ret = wc_HmacSetKey(hmac, WC_SHA256, secret, secLen); if (ret == 0) { - ret = wc_HmacUpdate(hmac, labelSeed, labLen + seedLen); /* A0 = seed */ + /* A0 = seed */ + ret = wc_HmacUpdate(hmac, labelSeed, labLen + seedLen); } if (ret == 0) { ret = wc_HmacFinal(hmac, previous); /* A1 */ @@ -930,11 +934,12 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, if ((i == lastTime) && lastLen) XMEMCPY(&digest[idx], current, - min(lastLen, WC_SHA256_DIGEST_SIZE)); + min(lastLen, WC_SHA256_DIGEST_SIZE)); else { XMEMCPY(&digest[idx], current, WC_SHA256_DIGEST_SIZE); idx += WC_SHA256_DIGEST_SIZE; - ret = wc_HmacUpdate(hmac, previous, WC_SHA256_DIGEST_SIZE); + ret = wc_HmacUpdate(hmac, previous, + WC_SHA256_DIGEST_SIZE); if (ret != 0) break; ret = wc_HmacFinal(hmac, previous); @@ -948,15 +953,9 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, #ifndef WOLFSSL_NO_FORCE_ZERO - ForceZero(previous, P_HASH_MAX_SIZE); - ForceZero(current, P_HASH_MAX_SIZE); + ForceZero(previous, WC_SHA256_DIGEST_SIZE); + ForceZero(current, WC_SHA256_DIGEST_SIZE); ForceZero(hmac, sizeof(Hmac)); - - #if defined(WOLFSSL_CHECK_MEM_ZERO) - wc_MemZero_Check(previous, P_HASH_MAX_SIZE); - wc_MemZero_Check(current, P_HASH_MAX_SIZE); - wc_MemZero_Check(hmac, sizeof(Hmac)); - #endif #endif #ifdef WOLFSSL_SMALL_STACK @@ -972,7 +971,7 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, else { ret = BAD_FUNC_ARG; } - + return ret; } #endif /* WOLFSSL_HAVE_PRF && !NO_HMAC */ diff --git a/mplabx/small-psk-build/user_settings.h b/mplabx/small-psk-build/user_settings.h index 57ef74f951..3816b5814a 100644 --- a/mplabx/small-psk-build/user_settings.h +++ b/mplabx/small-psk-build/user_settings.h @@ -228,7 +228,12 @@ extern "C" { #define WC_NO_CACHE_RESISTANT /* pre calculated sizes */ -#define MAX_PSK_ID_LEN 10 +#ifdef __18CXX + #define MAX_PSK_ID_LEN 10 +#else + /* large enough for example "Client_identity" */ + #define MAX_PSK_ID_LEN 17 +#endif #define MAX_PSK_KEY_LEN 16u #undef WOLFSSL_MAX_SUITE_SZ @@ -254,8 +259,8 @@ extern "C" { #undef WOLFSSL_NO_STRICT_CIPHER_SUITE #define WOLFSSL_NO_STRICT_CIPHER_SUITE -/* Remove additional sanity checks to make sure no duplicates, no fast forward ... - * ~1k of code size */ +/* Remove additional sanity checks to make sure no duplicates, no fast forward + ... ~1k of code size */ #undef WOLFSSL_NO_SANITY_CHECK_HANDSHAKE //#define WOLFSSL_NO_SANITY_CHECK_HANDSHAKE @@ -332,9 +337,9 @@ extern "C" { /* ------------------------------------------------------------------------- */ #ifndef WOLFSSL_GENSEED_FORTEST #if 0 - /* Gains about 30 bytes of heap and ~6k of code space but is not a secure - * RNG. RNG is used with client random in ClientHello and with AES-CBC IV's - * when usng static PSK cipher suite. + /* Gains about 30 bytes of heap and ~6k of code space but is not a + * secure RNG. RNG is used with client random in ClientHello and with + * AES-CBC IV's when usng static PSK cipher suite. */ #define CUSTOM_RAND_GENERATE_BLOCK myRng diff --git a/src/dtls13.c b/src/dtls13.c index c661dc94cc..db9beea7e5 100644 --- a/src/dtls13.c +++ b/src/dtls13.c @@ -203,7 +203,7 @@ static int Dtls13HandshakeAddHeaderFrag(WOLFSSL* ssl, byte* output, hdr->msg_type = msg_type; c32to24((word32)msg_length, hdr->length); - c16toa(ssl->keys.dtls_handshake_number, hdr->messageSeq); + c16toa(ssl->keys->dtls_handshake_number, hdr->messageSeq); c32to24(frag_offset, hdr->fragmentOffset); c32to24(frag_length, hdr->fragmentLength); @@ -339,7 +339,7 @@ static byte Dtls13RtxMsgNeedsAck(WOLFSSL* ssl, enum HandShakeType hs) static void Dtls13MsgWasProcessed(WOLFSSL* ssl, enum HandShakeType hs) { if (ssl->options.dtlsStateful) - ssl->keys.dtls_expected_peer_handshake_number++; + ssl->keys->dtls_expected_peer_handshake_number++; /* we need to send ACKs on the last message of a flight that needs explicit acknowledgment */ @@ -359,7 +359,7 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl) idx = 0; /* message not in order */ - if (ssl->keys.dtls_expected_peer_handshake_number != msg->seq) + if (ssl->keys->dtls_expected_peer_handshake_number != msg->seq) break; /* message not complete */ @@ -407,7 +407,7 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl) /* DoHandShakeMsgType normally handles the hs number but if * DoTls13HandShakeMsgType processed 1.2 msgs then this wasn't * incremented. */ - ssl->keys.dtls_expected_peer_handshake_number++; + ssl->keys->dtls_expected_peer_handshake_number++; ssl->dtls_rx_msg_list = msg->next; DtlsMsgDelete(msg, ssl->heap); @@ -429,7 +429,7 @@ static int Dtls13NextMessageComplete(WOLFSSL* ssl) return ssl->dtls_rx_msg_list != NULL && ssl->dtls_rx_msg_list->ready && ssl->dtls_rx_msg_list->seq == - ssl->keys.dtls_expected_peer_handshake_number; + ssl->keys->dtls_expected_peer_handshake_number; } static WC_INLINE int FragIsInOutputBuffer(WOLFSSL* ssl, const byte* frag) @@ -745,13 +745,13 @@ static int Dtls13DetectDisruption(WOLFSSL* ssl, word32 fragOffset) { /* retransmission. The other peer may have lost our flight or our ACKs. We don't account this as a disruption */ - if (ssl->keys.dtls_peer_handshake_number < - ssl->keys.dtls_expected_peer_handshake_number) + if (ssl->keys->dtls_peer_handshake_number < + ssl->keys->dtls_expected_peer_handshake_number) return 0; /* out of order message */ - if (ssl->keys.dtls_peer_handshake_number > - ssl->keys.dtls_expected_peer_handshake_number) { + if (ssl->keys->dtls_peer_handshake_number > + ssl->keys->dtls_expected_peer_handshake_number) { return 1; } @@ -788,8 +788,8 @@ static void Dtls13RtxRemoveCurAck(WOLFSSL* ssl) rn = ssl->dtls13Rtx.seenRecords; while (rn != NULL) { - if (w64Equal(rn->epoch, ssl->keys.curEpoch64) && - w64Equal(rn->seq, ssl->keys.curSeq)) { + if (w64Equal(rn->epoch, ssl->keys->curEpoch64) && + w64Equal(rn->seq, ssl->keys->curSeq)) { *prevNext = rn->next; XFREE(rn, ssl->heap, DYNAMIC_TYPE_DTLS_MSG); return; @@ -833,8 +833,8 @@ static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs, WOLFSSL_ENTER("Dtls13RtxMsgRecvd"); if (!ssl->options.handShakeDone && - ssl->keys.dtls_peer_handshake_number >= - ssl->keys.dtls_expected_peer_handshake_number) { + ssl->keys->dtls_peer_handshake_number >= + ssl->keys->dtls_expected_peer_handshake_number) { if (hs == server_hello) Dtls13MaybeSaveClientHello(ssl); @@ -852,8 +852,8 @@ static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs, DtlsMsgPoolReset(ssl); } - if (ssl->keys.dtls_peer_handshake_number < - ssl->keys.dtls_expected_peer_handshake_number) { + if (ssl->keys->dtls_peer_handshake_number < + ssl->keys->dtls_expected_peer_handshake_number) { /* retransmission detected. */ ssl->dtls13Rtx.retransmit = 1; @@ -864,8 +864,8 @@ static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs, ssl->dtls13Rtx.sendAcks = (byte)ssl->options.dtls13SendMoreAcks; } - if (ssl->keys.dtls_peer_handshake_number == - ssl->keys.dtls_expected_peer_handshake_number && + if (ssl->keys->dtls_peer_handshake_number == + ssl->keys->dtls_expected_peer_handshake_number && ssl->options.handShakeDone && hs == certificate_request) { /* the current record, containing a post-handshake certificate request, @@ -1202,7 +1202,7 @@ int Dtls13HandshakeAddHeader(WOLFSSL* ssl, byte* output, hdr->msg_type = msg_type; c32to24((word32)length, hdr->length); - c16toa(ssl->keys.dtls_handshake_number, hdr->messageSeq); + c16toa(ssl->keys->dtls_handshake_number, hdr->messageSeq); /* send unfragmented first */ c32to24(0, hdr->fragmentOffset); @@ -1506,7 +1506,7 @@ int Dtls13RecordRecvd(WOLFSSL* ssl) if (!ssl->options.dtls13SendMoreAcks) ssl->dtls13FastTimeout = 1; - ret = Dtls13RtxAddAck(ssl, ssl->keys.curEpoch64, ssl->keys.curSeq); + ret = Dtls13RtxAddAck(ssl, ssl->keys->curEpoch64, ssl->keys->curSeq); if (ret != 0) WOLFSSL_MSG("can't save ack fragment"); @@ -1666,10 +1666,10 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size, /* To be able to operate in stateless mode, we assume the ClientHello * is in order and we use its Handshake Message number and Sequence * Number for our Tx. */ - ssl->keys.dtls_expected_peer_handshake_number = - ssl->keys.dtls_handshake_number = - ssl->keys.dtls_peer_handshake_number; - ssl->dtls13Epochs[0].nextSeqNumber = ssl->keys.curSeq; + ssl->keys->dtls_expected_peer_handshake_number = + ssl->keys->dtls_handshake_number = + ssl->keys->dtls_peer_handshake_number; + ssl->dtls13Epochs[0].nextSeqNumber = ssl->keys->curSeq; } if (idx + fragLength > size) { @@ -1684,8 +1684,8 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size, if (ret != 0) return ret; - if (ssl->keys.dtls_peer_handshake_number < - ssl->keys.dtls_expected_peer_handshake_number) { + if (ssl->keys->dtls_peer_handshake_number < + ssl->keys->dtls_expected_peer_handshake_number) { #ifdef WOLFSSL_DEBUG_TLS WOLFSSL_MSG( @@ -1693,7 +1693,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size, #endif /* WOLFSSL_DEBUG_TLS */ /* ignore the message */ - *processedSize = idx + fragLength + ssl->keys.padSz; + *processedSize = idx + fragLength + ssl->keys->padSz; return 0; } @@ -1727,7 +1727,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size, WOLFSSL_MSG("DTLS1.3 not accepting fragmented plaintext message"); #endif /* WOLFSSL_DEBUG_TLS */ /* ignore the message */ - *processedSize = idx + fragLength + ssl->keys.padSz; + *processedSize = idx + fragLength + ssl->keys->padSz; return 0; } } @@ -1740,12 +1740,12 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size, * if the message is stored in the buffer. */ if (!isComplete || - ssl->keys.dtls_peer_handshake_number > - ssl->keys.dtls_expected_peer_handshake_number || + ssl->keys->dtls_peer_handshake_number > + ssl->keys->dtls_expected_peer_handshake_number || usingAsyncCrypto) { if (ssl->dtls_rx_msg_list_sz < DTLS_POOL_SZ) { - DtlsMsgStore(ssl, (word16)w64GetLow32(ssl->keys.curEpoch64), - ssl->keys.dtls_peer_handshake_number, + DtlsMsgStore(ssl, (word16)w64GetLow32(ssl->keys->curEpoch64), + ssl->keys->dtls_peer_handshake_number, input + DTLS_HANDSHAKE_HEADER_SZ, messageLength, handshakeType, fragOff, fragLength, ssl->heap); } @@ -1755,7 +1755,7 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size, return DTLS_TOO_MANY_FRAGMENTS_E; } - *processedSize = idx + fragLength + ssl->keys.padSz; + *processedSize = idx + fragLength + ssl->keys->padSz; if (Dtls13NextMessageComplete(ssl)) return Dtls13ProcessBufferedMessages(ssl); @@ -1804,7 +1804,7 @@ int Dtls13FragmentsContinue(WOLFSSL* ssl) ret = Dtls13SendFragmentedInternal(ssl); if (ret == 0) - ssl->keys.dtls_handshake_number++; + ssl->keys->dtls_handshake_number++; return ret; } @@ -1894,13 +1894,13 @@ int Dtls13HandshakeSend(WOLFSSL* ssl, byte* message, word16 outputSize, ret = Dtls13SendOneFragmentRtx(ssl, handshakeType, outputSize, message, length, hashOutput); if (ret == 0 || ret == WC_NO_ERR_TRACE(WANT_WRITE)) - ssl->keys.dtls_handshake_number++; + ssl->keys->dtls_handshake_number++; } else { ret = Dtls13SendFragmented(ssl, message, length, handshakeType, hashOutput); if (ret == 0) - ssl->keys.dtls_handshake_number++; + ssl->keys->dtls_handshake_number++; } return ret; @@ -1927,7 +1927,7 @@ int Dtls13DeriveSnKeys(WOLFSSL* ssl, int provision) if (ret != 0) goto end; - XMEMCPY(ssl->keys.client_sn_key, key_dig, ssl->specs.key_size); + XMEMCPY(ssl->keys->client_sn_key, key_dig, ssl->specs.key_size); } if (provision & PROVISION_SERVER) { @@ -1938,7 +1938,7 @@ int Dtls13DeriveSnKeys(WOLFSSL* ssl, int provision) if (ret != 0) goto end; - XMEMCPY(ssl->keys.server_sn_key, key_dig, ssl->specs.key_size); + XMEMCPY(ssl->keys->server_sn_key, key_dig, ssl->specs.key_size); } end: @@ -2081,7 +2081,7 @@ int Dtls13GetSeq(WOLFSSL* ssl, int order, word32* seq, byte increment) w64wrapper* nativeSeq; if (order == PEER_ORDER) { - nativeSeq = &ssl->keys.curSeq; + nativeSeq = &ssl->keys->curSeq; /* never increment seq number for current record. In DTLS seq number are explicit */ increment = 0; @@ -2166,7 +2166,7 @@ int Dtls13NewEpoch(WOLFSSL* ssl, w64wrapper epochNumber, int side) return BAD_STATE_E; } - Dtls13EpochCopyKeys(ssl, e, &ssl->keys, side); + Dtls13EpochCopyKeys(ssl, e, ssl->keys, side); if (!e->isValid) { /* fresh epoch, initialize fields */ @@ -2243,33 +2243,33 @@ int Dtls13SetEpochKeys(WOLFSSL* ssl, w64wrapper epochNumber, return 0; if (clientWrite) { - XMEMCPY(ssl->keys.client_write_key, e->client_write_key, - sizeof(ssl->keys.client_write_key)); + XMEMCPY(ssl->keys->client_write_key, e->client_write_key, + sizeof(ssl->keys->client_write_key)); - XMEMCPY(ssl->keys.client_write_IV, e->client_write_IV, - sizeof(ssl->keys.client_write_IV)); + XMEMCPY(ssl->keys->client_write_IV, e->client_write_IV, + sizeof(ssl->keys->client_write_IV)); - XMEMCPY(ssl->keys.client_sn_key, e->client_sn_key, - sizeof(ssl->keys.client_sn_key)); + XMEMCPY(ssl->keys->client_sn_key, e->client_sn_key, + sizeof(ssl->keys->client_sn_key)); } if (serverWrite) { - XMEMCPY(ssl->keys.server_write_key, e->server_write_key, - sizeof(ssl->keys.server_write_key)); + XMEMCPY(ssl->keys->server_write_key, e->server_write_key, + sizeof(ssl->keys->server_write_key)); - XMEMCPY(ssl->keys.server_write_IV, e->server_write_IV, - sizeof(ssl->keys.server_write_IV)); + XMEMCPY(ssl->keys->server_write_IV, e->server_write_IV, + sizeof(ssl->keys->server_write_IV)); - XMEMCPY(ssl->keys.server_sn_key, e->server_sn_key, - sizeof(ssl->keys.server_sn_key)); + XMEMCPY(ssl->keys->server_sn_key, e->server_sn_key, + sizeof(ssl->keys->server_sn_key)); } if (enc) - XMEMCPY(ssl->keys.aead_enc_imp_IV, e->aead_enc_imp_IV, - sizeof(ssl->keys.aead_enc_imp_IV)); + XMEMCPY(ssl->keys->aead_enc_imp_IV, e->aead_enc_imp_IV, + sizeof(ssl->keys->aead_enc_imp_IV)); if (dec) - XMEMCPY(ssl->keys.aead_dec_imp_IV, e->aead_dec_imp_IV, - sizeof(ssl->keys.aead_dec_imp_IV)); + XMEMCPY(ssl->keys->aead_dec_imp_IV, e->aead_dec_imp_IV, + sizeof(ssl->keys->aead_dec_imp_IV)); return SetKeysSide(ssl, side); } @@ -2300,16 +2300,16 @@ int Dtls13SetRecordNumberKeys(WOLFSSL* ssl, enum encrypt_side side) if (enc) { if (ssl->options.side == WOLFSSL_CLIENT_END) - encKey = ssl->keys.client_sn_key; + encKey = ssl->keys->client_sn_key; else - encKey = ssl->keys.server_sn_key; + encKey = ssl->keys->server_sn_key; } if (dec) { if (ssl->options.side == WOLFSSL_CLIENT_END) - decKey = ssl->keys.server_sn_key; + decKey = ssl->keys->server_sn_key; else - decKey = ssl->keys.client_sn_key; + decKey = ssl->keys->client_sn_key; } /* DTLSv1.3 supports only AEAD algorithm. */ @@ -2863,7 +2863,7 @@ int Dtls13CheckAEADFailLimit(WOLFSSL* ssl) else if (w64GT(ssl->dtls13DecryptEpoch->dropCount, keyUpdateLimit)) { WOLFSSL_MSG("Connection exceeded key update limit. Issuing key update"); /* If not waiting for a response then request a key update. */ - if (!ssl->keys.updateResponseReq) { + if (!ssl->keys->updateResponseReq) { ssl->dtls13DoKeyUpdate = 1; ssl->dtls13InvalidateBefore = ssl->dtls13PeerEpoch; w64Increment(&ssl->dtls13InvalidateBefore); diff --git a/src/internal.c b/src/internal.c index c9777015bd..3479b63237 100644 --- a/src/internal.c +++ b/src/internal.c @@ -245,15 +245,15 @@ enum processReply { #ifndef WOLFSSL_NO_TLS12 -#if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT) +#if !defined(NO_WOLFSSL_SERVER) || \ + (!defined(NO_WOLFSSL_CLIENT) && defined(WOLFSSL_TLS13)) -#ifdef WOLFSSL_TLS13 /* Server random bytes for TLS v1.3 described downgrade protection mechanism. */ static const byte tls13Downgrade[7] = { 0x44, 0x4f, 0x57, 0x4e, 0x47, 0x52, 0x44 }; #define TLS13_DOWNGRADE_SZ sizeof(tls13Downgrade) -#endif + #endif /* !NO_WOLFSSL_SERVER || !NO_WOLFSSL_CLIENT */ #if !defined(NO_OLD_TLS) && !defined(WOLFSSL_AEAD_ONLY) @@ -2420,7 +2420,6 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) } #endif -#ifdef WOLF_CRYPTO_CB #ifdef WOLFSSL_QNX_CAAM /* default to try using CAAM when built */ ctx->devId = WOLFSSL_CAAM_DEVID; @@ -2429,7 +2428,6 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) #else ctx->devId = INVALID_DEVID; #endif -#endif #if defined(WOLFSSL_DTLS) #ifdef WOLFSSL_SCTP @@ -2908,7 +2906,8 @@ void FreeCiphers(WOLFSSL* ssl) XFREE(ssl->decrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER); #endif #if defined(BUILD_AES) || defined(BUILD_AESGCM) || defined(HAVE_ARIA) - /* See: InitKeys() in keys->c on addition of BUILD_AESGCM check (enc->aes, dec->aes) */ + /* See: InitKeys() in keys->c on addition of BUILD_AESGCM check + (enc->aes, dec->aes) */ wc_AesFree(ssl->encrypt.aes); wc_AesFree(ssl->decrypt.aes); XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER); @@ -6454,6 +6453,7 @@ static void InitSuites_EitherSide(Suites* suites, ProtocolVersion pv, int keySz, haveECC, TRUE, haveStaticECC, haveFalconSig, haveDilithiumSig, haveAnon, TRUE, side); } + (void)haveDH; /* not used when no server support is compiled in */ } void InitSSL_CTX_Suites(WOLFSSL_CTX* ctx) @@ -8200,11 +8200,11 @@ void SSL_ResourceFree(WOLFSSL* ssl) FreeHandshakeHashes(ssl); XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN); -#ifndef WOLFSSL_NO_FORCE_ZERO - /* clear keys struct after session */ - ForceZero(ssl->keys, sizeof(Keys)); -#endif if (ssl->keys != NULL) { + #ifndef WOLFSSL_NO_FORCE_ZERO + /* clear keys struct after session */ + ForceZero(ssl->keys, sizeof(Keys)); + #endif XFREE(ssl->keys, ssl->heap, DYNAMIC_TYPE_KEY); ssl->keys = NULL; } @@ -9643,7 +9643,7 @@ int DtlsMsgPoolSend(WOLFSSL* ssl, int sendOnlyFirstPacket) * PREV_ORDER will always use ssl->keys */ if (DtlsSCRKeysSet(ssl)) { - if (pool->epoch == ssl->secure_renegotiation->tmp_keys->dtls_epoch) + if (pool->epoch == ssl->secure_renegotiation->tmp_keys.dtls_epoch) epochOrder = CUR_ORDER; else epochOrder = PREV_ORDER; @@ -11457,7 +11457,8 @@ static int GetDtlsRecordHeader(WOLFSSL* ssl, word32* inOutIdx, #endif } else - ato16(ssl->buffers.inputBuffer.buffer + *inOutIdx, &ssl->keys->curSeq_hi); + ato16(ssl->buffers.inputBuffer.buffer + *inOutIdx, + &ssl->keys->curSeq_hi); *inOutIdx += OPAQUE16_LEN; ato32(ssl->buffers.inputBuffer.buffer + *inOutIdx, &ssl->keys->curSeq_lo); *inOutIdx += OPAQUE32_LEN; /* advance past rest of seq */ @@ -11519,7 +11520,8 @@ static int GetRecordHeader(WOLFSSL* ssl, word32* inOutIdx, if (!_DtlsCheckWindow(ssl) || (rh->type == application_data && ssl->keys->curEpoch == 0) || (rh->type == alert && ssl->options.handShakeDone && - ssl->keys->curEpoch == 0 && ssl->keys->dtls_epoch != 0)) { + ssl->keys->curEpoch == 0 && + ssl->keys->dtls_epoch != 0)) { WOLFSSL_LEAVE("GetRecordHeader()", SEQUENCE_ERROR); return SEQUENCE_ERROR; } @@ -13897,9 +13899,7 @@ int DoVerifyCallback(WOLFSSL_CERT_MANAGER* cm, WOLFSSL* ssl, int cert_err, #endif /* if verify callback has been set */ if ((use_cb && (ssl != NULL) - #ifndef NO_CERTS && ((ssl->verifyCallback != NULL) - #endif #ifdef OPENSSL_ALL || (ssl->ctx->verifyCertCb != NULL) #endif @@ -13952,7 +13952,6 @@ int DoVerifyCallback(WOLFSSL_CERT_MANAGER* cm, WOLFSSL* ssl, int cert_err, } } #endif - #ifndef NO_CERTS /* non-zero return code indicates failure override */ if (ssl->verifyCallback) { if (ssl->verifyCallback(verify_ok, store)) { @@ -13965,7 +13964,6 @@ int DoVerifyCallback(WOLFSSL_CERT_MANAGER* cm, WOLFSSL* ssl, int cert_err, verifyFail = 1; } } - #endif #if defined(WOLFSSL_LOCAL_X509_STORE) && \ (defined(OPENSSL_ALL) || defined(WOLFSSL_QT)) if (SSL_STORE(ssl) != NULL && SSL_STORE(ssl)->verify_cb != NULL) { @@ -15452,7 +15450,6 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, } #endif -#ifndef NO_CERTS if (ssl->verifyCallback) { WOLFSSL_MSG( "\tCallback override available, will continue"); @@ -15461,7 +15458,6 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, if (args->fatal) DoCertFatalAlert(ssl, ret); } -#endif #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) /* Disregard failure to verify peer cert, as we will verify * the whole chain with the native API later */ @@ -18193,7 +18189,8 @@ static int Dtls13UpdateWindow(WOLFSSL* ssl) return BAD_STATE_E; } - if (!w64Equal(ssl->keys->curEpoch64, ssl->dtls13DecryptEpoch->epochNumber)) { + if (!w64Equal(ssl->keys->curEpoch64, + ssl->dtls13DecryptEpoch->epochNumber)) { /* ssl->dtls13DecryptEpoch has been updated since we received the msg */ e = Dtls13GetEpoch(ssl, ssl->keys->curEpoch64); if (e == NULL) { @@ -18702,7 +18699,7 @@ int ChachaAEADEncrypt(WOLFSSL* ssl, byte* out, const byte* input, /* opaque SEQ number stored for AD */ if (ssl->options.dtls && DtlsSCRKeysSet(ssl)) { if (ssl->keys->dtls_epoch == - ssl->secure_renegotiation->tmp_keys->dtls_epoch) { + ssl->secure_renegotiation->tmp_keys.dtls_epoch) { keys = &ssl->secure_renegotiation->tmp_keys; WriteSEQ(ssl, CUR_ORDER, add); } @@ -18918,7 +18915,7 @@ int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input, * has the latest epoch cipher material */ if (ssl->options.dtls && DtlsSCRKeysSet(ssl) && - ssl->keys->curEpoch == ssl->secure_renegotiation->tmp_keys->dtls_epoch) + ssl->keys->curEpoch == ssl->secure_renegotiation->tmp_keys.dtls_epoch) keys = &ssl->secure_renegotiation->tmp_keys; #endif @@ -19698,7 +19695,7 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input, #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl)) XMEMCPY(ssl->decrypt.nonce, - ssl->secure_renegotiation->tmp_keys->aead_dec_imp_IV, + ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV, AESGCM_IMP_IV_SZ); else #endif @@ -19761,7 +19758,7 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input, #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl)) XMEMCPY(ssl->decrypt.nonce, - ssl->secure_renegotiation->tmp_keys->aead_dec_imp_IV, + ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV, AESGCM_IMP_IV_SZ); else #endif @@ -19862,7 +19859,7 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input, #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl)) XMEMCPY(ssl->decrypt.nonce, - ssl->secure_renegotiation->tmp_keys->aead_dec_imp_IV, + ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV, GCM_IMP_IV_SZ); else #endif @@ -20006,10 +20003,10 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz) #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) if (ssl->options.dtls && DtlsSCRKeysSet(ssl)) { /* For epochs >1 the current cipher parameters are located in - * ssl->secure_renegotiation->tmp_keys-> Previous cipher + * ssl->secure_renegotiation->tmp_keys Previous cipher * parameters and for epoch 1 use ssl->keys */ if (ssl->keys->curEpoch == - ssl->secure_renegotiation->tmp_keys->dtls_epoch) { + ssl->secure_renegotiation->tmp_keys.dtls_epoch) { if (ssl->decrypt.src != SCR) { ssl->secure_renegotiation->cache_status = SCR_CACHE_NEEDED; @@ -22391,14 +22388,15 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr) ssl->options.processReply = runProcessingOneMessage; if (IsEncryptionOn(ssl, 0)) { - WOLFSSL_MSG("Bundled encrypted messages, remove middle pad"); + WOLFSSL_MSG( + "Bundled encrypted messages, remove middle pad"); #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) if (ssl->options.startedETMRead) { word32 digestSz = MacSize(ssl); if (ssl->buffers.inputBuffer.idx >= - ssl->keys->padSz + digestSz) { + ssl->keys->padSz + digestSz) { ssl->buffers.inputBuffer.idx -= - ssl->keys->padSz + digestSz; + ssl->keys->padSz + digestSz; } else { WOLFSSL_MSG("\tmiddle padding error"); @@ -22798,7 +22796,6 @@ static int BuildSHA_CertVerify(const WOLFSSL* ssl, byte* digest) } #endif /* !NO_SHA && (!NO_OLD_TLS || WOLFSSL_ALLOW_TLS_SHA1) */ -#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH) int BuildCertHashes(const WOLFSSL* ssl, Hashes* hashes) { int ret = 0; @@ -22860,7 +22857,6 @@ int BuildCertHashes(const WOLFSSL* ssl, Hashes* hashes) return ret; } -#endif #ifndef WOLFSSL_NO_TLS12 void FreeBuildMsgArgs(WOLFSSL* ssl, BuildMsgArgs* args) @@ -22964,7 +22960,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION) if (ssl->options.dtls && DtlsSCRKeysSet(ssl)) { /* For epochs >1 the current cipher parameters are located in - * ssl->secure_renegotiation->tmp_keys-> Previous cipher + * ssl->secure_renegotiation->tmp_keys Previous cipher * parameters and for epoch 1 use ssl->keys */ switch (epochOrder) { case PREV_ORDER: @@ -22977,7 +22973,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, break; case CUR_ORDER: if (ssl->keys->dtls_epoch == - ssl->secure_renegotiation->tmp_keys->dtls_epoch) { + ssl->secure_renegotiation->tmp_keys.dtls_epoch) { if (ssl->encrypt.src != SCR) { ssl->secure_renegotiation->cache_status = SCR_CACHE_NEEDED; @@ -23034,7 +23030,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, } if (ssl->options.tls1_1) { - args->ivSz = blockSz; + args->ivSz = (byte)blockSz; args->sz += args->ivSz; if (args->ivSz > MAX_IV_SZ) @@ -23402,7 +23398,7 @@ int SendFinished(WOLFSSL* ssl) int sendSz, finishedSz = ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ; - byte input[FINISHED_SZ + 12];//DTLS_HANDSHAKE_HEADER_SZ]; /* max */ + byte input[FINISHED_SZ + DTLS_HANDSHAKE_HEADER_SZ]; /* max */ byte *output; Hashes* hashes; int ret; @@ -24530,7 +24526,7 @@ int SendCertificateStatus(WOLFSSL* ssl) int DtlsSCRKeysSet(WOLFSSL* ssl) { return ssl->secure_renegotiation && - ssl->secure_renegotiation->tmp_keys->dtls_epoch != 0; + ssl->secure_renegotiation->tmp_keys.dtls_epoch != 0; } /** @@ -24543,7 +24539,7 @@ int IsDtlsMsgSCRKeys(WOLFSSL* ssl) { return DtlsSCRKeysSet(ssl) && ssl->keys->curEpoch == - ssl->secure_renegotiation->tmp_keys->dtls_epoch; + ssl->secure_renegotiation->tmp_keys.dtls_epoch; } /** @@ -24555,18 +24551,19 @@ int IsDtlsMsgSCRKeys(WOLFSSL* ssl) int DtlsUseSCRKeys(WOLFSSL* ssl) { return DtlsSCRKeysSet(ssl) && - ssl->secure_renegotiation->tmp_keys->dtls_epoch == + ssl->secure_renegotiation->tmp_keys.dtls_epoch == ssl->keys->dtls_epoch; } /** - * If ssl->secure_renegotiation->tmp_keys->dtls_epoch > ssl->keys->dtls_epoch + * If ssl->secure_renegotiation->tmp_keys.dtls_epoch > ssl->keys->dtls_epoch * then PREV_ORDER refers to the current epoch. * */ int DtlsCheckOrder(WOLFSSL* ssl, int order) { if (order == PREV_ORDER && ssl->secure_renegotiation && - ssl->secure_renegotiation->tmp_keys->dtls_epoch > ssl->keys->dtls_epoch) { + ssl->secure_renegotiation->tmp_keys.dtls_epoch > + ssl->keys->dtls_epoch) { return CUR_ORDER; } else { @@ -25000,7 +24997,7 @@ int SendData(WOLFSSL* ssl, const void* data, int sz) sent += buffSz; /* only one message per attempt */ - if (ssl->options.partialWrite == 1u) { + if (ssl->options.partialWrite == 1) { WOLFSSL_MSG("Partial Write on, only sending one record"); break; } @@ -29957,7 +29954,6 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, if (ssl->toInfoOn) AddLateName("HelloVerifyRequest", &ssl->timeoutInfo); #endif -#ifdef WOLFSSL_DTLS if (ssl->options.dtls) { DtlsMsgPoolReset(ssl); #ifdef WOLFSSL_DTLS_CID @@ -29965,7 +29961,6 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, DtlsCIDOnExtensionsParsed(ssl); #endif /* WOLFSSL_DTLS_CID */ } -#endif if (OPAQUE16_LEN + OPAQUE8_LEN > size) return BUFFER_ERROR; @@ -29983,12 +29978,10 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, if ((*inOutIdx - begin) + cookieSz > size) return BUFFER_ERROR; -#ifdef WOLFSSL_DTLS if (cookieSz <= MAX_COOKIE_LEN) { XMEMCPY(ssl->arrays->cookie, input + *inOutIdx, cookieSz); ssl->arrays->cookieSz = cookieSz; } -#endif *inOutIdx += cookieSz; } @@ -34295,7 +34288,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } #endif /* HAVE_ECC */ -#ifdef WOLFSSL_DTLS int TranslateErrorToAlert(int err) { switch (err) { @@ -34321,7 +34313,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return invalid_alert; } } -#endif /* search suites for specific one, idx on success, negative on error */ int FindSuite(const Suites* suites, byte first, byte second) @@ -34447,7 +34438,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ret != 0) return ret; -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) if (TLSv1_3_Capable(ssl)) { /* TLS v1.3 capable server downgraded. */ XMEMCPY(output + idx + RAN_LEN - (TLS13_DOWNGRADE_SZ + 1), @@ -39008,8 +38999,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, int inputSz = (int)idx; /* build msg adds rec hdr */ int recordHeaderSz = RECORD_HEADER_SZ; + #ifdef WOLFSSL_DTLS if (ssl->options.dtls) recordHeaderSz += DTLS_RECORD_EXTRA; + #endif inputSz -= recordHeaderSz; input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); if (input == NULL) diff --git a/src/keys.c b/src/keys.c index bcce6be2c5..0d2fdd039b 100644 --- a/src/keys.c +++ b/src/keys.c @@ -3583,9 +3583,9 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side) #ifdef WOLFSSL_DTLS if (ret == 0 && ssl->options.dtls && !ssl->options.tls1_3) { if (wc_encrypt) - wc_encrypt->src = keys == &ssl->keys ? KEYS : SCR; + wc_encrypt->src = keys == ssl->keys ? KEYS : SCR; if (wc_decrypt) - wc_decrypt->src = keys == &ssl->keys ? KEYS : SCR; + wc_decrypt->src = keys == ssl->keys ? KEYS : SCR; } #endif @@ -3595,7 +3595,7 @@ int SetKeysSide(WOLFSSL* ssl, enum encrypt_side side) /* Sanity check that keys == ssl->secure_renegotiation->tmp_keys. * Otherwise the memcpy calls would copy overlapping memory * and cause UB. Fail early. */ - if (keys == &ssl->keys) + if (keys == ssl->keys) return BAD_FUNC_ARG; if (ssl->options.side == WOLFSSL_CLIENT_END && wc_encrypt) diff --git a/src/sniffer.c b/src/sniffer.c index 7be98cdef0..50fbe0a3fa 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -1668,7 +1668,7 @@ static int LoadKeyFile(byte** keyBuf, word32* keyBufSz, return WOLFSSL_FATAL_ERROR; } fileSz = XFTELL(file); - if (fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) { + if ((unsigned long)fileSz > MAX_WOLFSSL_FILE_SIZE || fileSz < 0) { XFCLOSE(file); return WOLFSSL_FATAL_ERROR; } @@ -4812,8 +4812,10 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input, XMEMSET(ssl->decrypt.additional, 0, AEAD_AUTH_DATA_SZ); - XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV, AESGCM_IMP_IV_SZ); - XMEMCPY(ssl->decrypt.nonce + AESGCM_IMP_IV_SZ, input, AESGCM_EXP_IV_SZ); + XMEMCPY(ssl->decrypt.nonce, ssl->keys->aead_dec_imp_IV, + AESGCM_IMP_IV_SZ); + XMEMCPY(ssl->decrypt.nonce + AESGCM_IMP_IV_SZ, input, + AESGCM_EXP_IV_SZ); if ((ret = aes_auth_fn(ssl->decrypt.aes, plain, @@ -5006,7 +5008,7 @@ static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz, return NULL; } - ssl->keys.encryptSz = sz; + ssl->keys->encryptSz = sz; if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) { output += ssl->specs.block_size; /* go past TLSv1.1 IV */ ivExtra = ssl->specs.block_size; @@ -5015,10 +5017,10 @@ static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz, if (ssl->specs.cipher_type == aead) { *advance = ssl->specs.aead_mac_size; - ssl->keys.padSz = ssl->specs.aead_mac_size; + ssl->keys->padSz = ssl->specs.aead_mac_size; } else - ssl->keys.padSz = ssl->specs.hash_size; + ssl->keys->padSz = ssl->specs.hash_size; if (ssl->specs.cipher_type == block) { /* last pad bytes indicates length */ @@ -5027,12 +5029,12 @@ static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz, /* get value of last pad byte */ pad = *(output + sz - ivExtra - 1) + 1; } - ssl->keys.padSz += pad; + ssl->keys->padSz += pad; } #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version)) { - word16 i = (word16)(sz - ssl->keys.padSz); + word16 i = (word16)(sz - ssl->keys->padSz); /* Remove padding from end of plain text. */ for (--i; i > 0; i--) { if (output[i] != 0) @@ -5040,7 +5042,7 @@ static const byte* DecryptMessage(WOLFSSL* ssl, const byte* input, word32 sz, } /* Get the real content type from the end of the data. */ rh->type = output[i]; - ssl->keys.padSz = sz - i; + ssl->keys->padSz = sz - i; } #endif (void)rh; @@ -6382,7 +6384,7 @@ static int ProcessMessage(const byte* sslFrame, SnifferSession* session, used = startIdx - sslBytes; sslFrame += used; if (decrypted) - sslFrame += ssl->keys.padSz; + sslFrame += ssl->keys->padSz; } break; case change_cipher_spec: diff --git a/src/ssl.c b/src/ssl.c index 170b5e2c24..aa5fa708a3 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1726,10 +1726,15 @@ int wolfSSL_get_fd(const WOLFSSL* ssl) int wolfSSL_dtls(WOLFSSL* ssl) { +#ifdef WOLFSSL_DTLS int dtlsOpt = 0; if (ssl) dtlsOpt = ssl->options.dtls; return dtlsOpt; +#else + (void)ssl; + return 0; +#endif } #if !defined(NO_CERTS) @@ -8842,12 +8847,13 @@ int wolfSSL_dtls_get_using_nonblock(WOLFSSL* ssl) return WOLFSSL_FAILURE; WOLFSSL_ENTER("wolfSSL_dtls_get_using_nonblock"); - if (ssl->options.dtls) { #ifdef WOLFSSL_DTLS + if (ssl->options.dtls) { useNb = ssl->options.dtlsUseNonblock; -#endif } - else { + else +#endif + { WOLFSSL_MSG("wolfSSL_dtls_get_using_nonblock() is " "DEPRECATED for non-DTLS use."); } @@ -8866,12 +8872,13 @@ void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock) if (ssl == NULL) return; - if (ssl->options.dtls) { #ifdef WOLFSSL_DTLS + if (ssl->options.dtls) { ssl->options.dtlsUseNonblock = (nonblock != 0); -#endif } - else { + else +#endif + { WOLFSSL_MSG("wolfSSL_dtls_set_using_nonblock() is " "DEPRECATED for non-DTLS use."); } diff --git a/src/tls13.c b/src/tls13.c index 7fad68b080..7e51f64d6f 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -6127,7 +6127,7 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 inputSz, /* Derive the binder and compare with the one in the extension. */ ret = BuildTls13HandshakeHmac(ssl, - ssl->keys->client_write_MAC_secret, binder, &binderLen); + ssl->keys->client_write_MAC_secret, binder, &binderLen); if (ret != 0) return ret; if (binderLen != current->binderLen || @@ -12800,7 +12800,8 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, totalSz); } - inputLength = ssl->buffers.inputBuffer.length - *inOutIdx - ssl->keys->padSz; + inputLength = ssl->buffers.inputBuffer.length - *inOutIdx - + ssl->keys->padSz; /* If there is a pending fragmented handshake message, * pending message size will be non-zero. */ diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 852b45d198..01620f2b5d 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -2823,7 +2823,7 @@ static WARN_UNUSED_RESULT int wc_AesEncrypt( r = aes->rounds >> 1; - if (r > 7u || r == 0u) { + if (r > 7U || r == 0U) { WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E); return KEYUSAGE_E; } @@ -3600,7 +3600,7 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt( r = aes->rounds >> 1; - if (r > 7u || r == 0u) { + if (r > 7U || r == 0U) { WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E); return KEYUSAGE_E; } @@ -4222,7 +4222,7 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir) rk[5] = rk[1] ^ rk[4]; rk[6] = rk[2] ^ rk[5]; rk[7] = rk[3] ^ rk[6]; - if (++i == 10u) + if (++i == 10U) break; rk += 4; } @@ -4512,7 +4512,7 @@ static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir) #endif if (checkKeyLen) { - if (keylen != 16u && keylen != 24u && keylen != 32u) { + if (keylen != 16U && keylen != 24U && keylen != 32U) { return BAD_FUNC_ARG; } #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE < 256 @@ -5651,7 +5651,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) return BAD_FUNC_ARG; } - if (sz == 0u) { + if (sz == 0U) { return 0; } @@ -5776,7 +5776,8 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) ret = 0; /* in case blocks is 0 */ while (blocks--) { xorbuf((byte*)aes->reg, in, AES_BLOCK_SIZE); - ret = wc_AesEncrypt(aes, (const byte*)aes->reg, (byte*)aes->reg); + ret = wc_AesEncrypt(aes, (const byte*)aes->reg, + (byte*)aes->reg); if (ret != 0) break; XMEMCPY(out, aes->reg, AES_BLOCK_SIZE); @@ -5804,7 +5805,7 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) return BAD_FUNC_ARG; } - if (sz == 0u) { + if (sz == 0U) { return 0; } diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index f515033c9a..acfd765049 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -256,7 +256,7 @@ int wc_HmacSetKey_ex(Hmac* hmac, int type, const byte* key, word32 length, int ret = 0; void* heap = NULL; - if (hmac == NULL || (key == NULL && length != 0u) || + if (hmac == NULL || (key == NULL && length != 0U) || !(type == WC_MD5 || type == WC_SHA || #ifdef WOLFSSL_SM3 type == WC_SM3 || @@ -706,7 +706,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length) { int ret = 0; - if (hmac == NULL || (msg == NULL && length > 0u)) { + if (hmac == NULL || (msg == NULL && length > 0U)) { return BAD_FUNC_ARG; } diff --git a/wolfcrypt/src/misc.c b/wolfcrypt/src/misc.c index 1d0d10f43e..77617c1bbd 100644 --- a/wolfcrypt/src/misc.c +++ b/wolfcrypt/src/misc.c @@ -297,7 +297,7 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf, /* Alignment checks out. Possible to XOR words. */ /* Move alignment so that it lines up with a * WOLFSSL_WORD_SIZE boundary */ - while (((wc_ptr_t)b) % WOLFSSL_WORD_SIZE != 0u && count > 0u) { + while (((wc_ptr_t)b) % WOLFSSL_WORD_SIZE != 0U && count > 0U) { *(o++) = (byte)(*(b++) ^ *(m++)); count--; } @@ -352,7 +352,7 @@ WC_MISC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count) /* Alignment checks out. Possible to XOR words. */ /* Move alignment so that it lines up with a * WOLFSSL_WORD_SIZE boundary */ - while (((wc_ptr_t)buf) % WOLFSSL_WORD_SIZE != 0u && count > 0u) { + while (((wc_ptr_t)buf) % WOLFSSL_WORD_SIZE != 0U && count > 0U) { *(b++) ^= *(m++); count--; } diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index 248830f5e7..5bbf6ca3bc 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -325,11 +325,11 @@ int wc_SetSeed_Cb(wc_RngSeed_Cb cb) #endif -#define drbgInitC 0u -#define drbgReseed 1u -#define drbgGenerateW 2u -#define drbgGenerateH 3u -#define drbgInitV 4u +#define drbgInitC 0U +#define drbgReseed 1U +#define drbgGenerateW 2U +#define drbgGenerateH 3U +#define drbgInitV 4U typedef struct DRBG_internal DRBG_internal; @@ -365,7 +365,8 @@ static int Hash_df(DRBG_internal* drbg, byte* out, word32 outSz, byte type, #ifdef WOLFSSL_SMALL_STACK #ifndef WOLFSSL_SMALL_STACK_CACHE - sha = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), drbg->heap, DYNAMIC_TYPE_TMP_BUFFER); + sha = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), drbg->heap, + DYNAMIC_TYPE_TMP_BUFFER); if (sha == NULL) return DRBG_FAILURE; #endif @@ -406,7 +407,7 @@ static int Hash_df(DRBG_internal* drbg, byte* out, word32 outSz, byte type, if (ret == 0) ret = wc_Sha256Update(sha, inA, inASz); if (ret == 0) { - if (inB != NULL && inBSz > 0u) + if (inB != NULL && inBSz > 0U) ret = wc_Sha256Update(sha, inB, inBSz); } if (ret == 0) @@ -506,7 +507,7 @@ static WC_INLINE void array_add_one(byte* data, word32 dataSz) int i; for (i = (int)dataSz - 1; i >= 0; i--) { data[i]++; - if (data[i] != 0u) break; + if (data[i] != 0U) break; } } @@ -526,7 +527,8 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V) #ifdef WOLFSSL_SMALL_STACK_CACHE wc_Sha256* sha = &drbg->sha256; #elif defined(WOLFSSL_SMALL_STACK) - wc_Sha256* sha = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER); + wc_Sha256* sha = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, + DYNAMIC_TYPE_TMP_BUFFER); if (sha == NULL) return MEMORY_E; #else @@ -551,7 +553,7 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V) /* Special case: outSz is 0 and out is NULL. wc_Generate a block to save for * the continuous test. */ - if (outSz == 0u) { + if (outSz == 0U) { outSz = 1; } @@ -575,7 +577,7 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V) #endif if (ret == 0) { - if (out != NULL && outSz != 0u) { + if (out != NULL && outSz != 0U) { if (outSz >= (word32)OUTPUT_BLOCK_LEN) { XMEMCPY(out, digest, OUTPUT_BLOCK_LEN); outSz -= OUTPUT_BLOCK_LEN; @@ -611,7 +613,7 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V) static WC_INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen) { - if (dLen > 0u && sLen > 0u && dLen >= sLen) { + if (dLen > 0U && sLen > 0U && dLen >= sLen) { int sIdx, dIdx; word16 carry = 0; @@ -662,7 +664,8 @@ static int Hash_DRBG_Generate(DRBG_internal* drbg, byte* out, word32 outSz) byte* digest; #ifndef WOLFSSL_SMALL_STACK_CACHE - sha = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), drbg->heap, DYNAMIC_TYPE_TMP_BUFFER); + sha = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), drbg->heap, + DYNAMIC_TYPE_TMP_BUFFER); if (sha == NULL) return DRBG_FAILURE; #endif @@ -1633,7 +1636,7 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz, if (rng == NULL) return BAD_FUNC_ARG; - if (nonce == NULL && nonceSz != 0u) + if (nonce == NULL && nonceSz != 0U) return BAD_FUNC_ARG; #ifdef WOLFSSL_HEAP_TEST @@ -1701,7 +1704,7 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz, /* not CUSTOM_RAND_GENERATE_BLOCK follows */ #ifdef HAVE_HASHDRBG - if (nonceSz == 0u) { + if (nonceSz == 0U) { seedSz = MAX_SEED_SZ; } @@ -1909,7 +1912,7 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz) if (rng == NULL || output == NULL) return BAD_FUNC_ARG; - if (sz == 0u) + if (sz == 0U) return 0; #ifdef WOLF_CRYPTO_CB diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index a424e6f495..468299ee1e 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -1346,7 +1346,7 @@ static int InitSha256(wc_Sha256* sha256) local = (byte*)sha256->buffer; /* process any remainder from previous operation */ - if (sha256->buffLen > 0u) { + if (sha256->buffLen > 0U) { blocksLen = min(len, WC_SHA256_BLOCK_SIZE - sha256->buffLen); XMEMCPY(&local[sha256->buffLen], data, blocksLen); @@ -1492,7 +1492,7 @@ static int InitSha256(wc_Sha256* sha256) #endif /* save remainder */ - if (ret == 0 && len > 0u) { + if (ret == 0 && len > 0U) { XMEMCPY(local, data, len); sha256->buffLen = len; } @@ -1509,7 +1509,7 @@ static int InitSha256(wc_Sha256* sha256) if (sha256 == NULL) { return BAD_FUNC_ARG; } - if (data == NULL && len == 0u) { + if (data == NULL && len == 0U) { /* valid, but do nothing */ return 0; } @@ -1547,7 +1547,7 @@ static int InitSha256(wc_Sha256* sha256) /* we'll add a 0x80 byte at the end, ** so make sure we have appropriate buffer length. */ - if (sha256->buffLen > (word32)WC_SHA256_BLOCK_SIZE - 1u) { + if (sha256->buffLen > (word32)WC_SHA256_BLOCK_SIZE - 1U) { /* exit with error code if there's a bad buffer size in buffLen */ return BAD_STATE_E; } /* buffLen check */ diff --git a/wolfssl/error-ssl.h b/wolfssl/error-ssl.h index 0c97df6b7d..f61c78650a 100644 --- a/wolfssl/error-ssl.h +++ b/wolfssl/error-ssl.h @@ -34,189 +34,195 @@ #include #endif -#define WOLFSSL_FATAL_ERROR -1 /* must be -1 for backward compat. */ - -/* negative counterparts to namesake positive constants in ssl.h */ -#define WOLFSSL_ERROR_WANT_READ_E -2 -#define WOLFSSL_ERROR_WANT_WRITE_E -3 -#define WOLFSSL_ERROR_WANT_X509_LOOKUP_E -4 -#define WOLFSSL_ERROR_SYSCALL_E -5 -#define WOLFSSL_ERROR_ZERO_RETURN_E -6 -#define WOLFSSL_ERROR_WANT_CONNECT_E -7 -#define WOLFSSL_ERROR_WANT_ACCEPT_E -8 - -#define WOLFSSL_FIRST_E -301 -#define INPUT_CASE_ERROR -301 /* process input state error */ -#define PREFIX_ERROR -302 /* bad index to key rounds */ -#define MEMORY_ERROR -303 /* out of memory */ -#define VERIFY_FINISHED_ERROR -304 /* verify problem on finished */ -#define VERIFY_MAC_ERROR -305 /* verify mac problem */ -#define PARSE_ERROR -306 /* parse error on header */ -#define UNKNOWN_HANDSHAKE_TYPE -307 /* weird handshake type */ -#define SOCKET_ERROR_E -308 /* error state on socket */ -#define SOCKET_NODATA -309 /* expected data, not there */ -#define INCOMPLETE_DATA -310 /* don't have enough data to +enum wolfSSL_ErrorCodes { + WOLFSSL_FATAL_ERROR = -1, /* must be -1 for backward compat. */ + + /* negative counterparts to namesake positive constants in ssl.h */ + WOLFSSL_ERROR_WANT_READ_E = -2, + WOLFSSL_ERROR_WANT_WRITE_E = -3, + WOLFSSL_ERROR_WANT_X509_LOOKUP_E = -4, + WOLFSSL_ERROR_SYSCALL_E = -5, + WOLFSSL_ERROR_ZERO_RETURN_E = -6, + WOLFSSL_ERROR_WANT_CONNECT_E = -7, + WOLFSSL_ERROR_WANT_ACCEPT_E = -8, + + WOLFSSL_FIRST_E = -301, /* start of native TLS codes */ + + INPUT_CASE_ERROR = -301, /* process input state error */ + PREFIX_ERROR = -302, /* bad index to key rounds */ + MEMORY_ERROR = -303, /* out of memory */ + VERIFY_FINISHED_ERROR = -304, /* verify problem on finished */ + VERIFY_MAC_ERROR = -305, /* verify mac problem */ + PARSE_ERROR = -306, /* parse error on header */ + UNKNOWN_HANDSHAKE_TYPE = -307, /* weird handshake type */ + SOCKET_ERROR_E = -308, /* error state on socket */ + SOCKET_NODATA = -309, /* expected data, not there */ + INCOMPLETE_DATA = -310, /* don't have enough data to complete task */ -#define UNKNOWN_RECORD_TYPE -311 /* unknown type in record hdr */ -#define DECRYPT_ERROR -312 /* error during decryption */ -#define FATAL_ERROR -313 /* recvd alert fatal error */ -#define ENCRYPT_ERROR -314 /* error during encryption */ -#define FREAD_ERROR -315 /* fread problem */ -#define NO_PEER_KEY -316 /* need peer's key */ -#define NO_PRIVATE_KEY -317 /* need the private key */ -#define RSA_PRIVATE_ERROR -318 /* error during rsa priv op */ -#define NO_DH_PARAMS -319 /* server missing DH params */ -#define BUILD_MSG_ERROR -320 /* build message failure */ -#define BAD_HELLO -321 /* client hello malformed */ -#define DOMAIN_NAME_MISMATCH -322 /* peer subject name mismatch */ -#define WANT_READ -323 /* want read, call again */ -#define NOT_READY_ERROR -324 /* handshake layer not ready */ -#define IPADDR_MISMATCH -325 /* peer ip address mismatch */ -#define VERSION_ERROR -326 /* record layer version error */ -#define WANT_WRITE -327 /* want write, call again */ -#define BUFFER_ERROR -328 /* malformed buffer input */ -#define VERIFY_CERT_ERROR -329 /* verify cert error */ -#define VERIFY_SIGN_ERROR -330 /* verify sign error */ -#define CLIENT_ID_ERROR -331 /* psk client identity error */ -#define SERVER_HINT_ERROR -332 /* psk server hint error */ -#define PSK_KEY_ERROR -333 /* psk key error */ - -#define GETTIME_ERROR -337 /* gettimeofday failed ??? */ -#define GETITIMER_ERROR -338 /* getitimer failed ??? */ -#define SIGACT_ERROR -339 /* sigaction failed ??? */ -#define SETITIMER_ERROR -340 /* setitimer failed ??? */ -#define LENGTH_ERROR -341 /* record layer length error */ -#define PEER_KEY_ERROR -342 /* can't decode peer key */ -#define ZERO_RETURN -343 /* peer sent close notify */ -#define SIDE_ERROR -344 /* wrong client/server type */ -#define NO_PEER_CERT -345 /* peer didn't send key */ - -#define ECC_CURVETYPE_ERROR -350 /* Bad ECC Curve Type */ -#define ECC_CURVE_ERROR -351 /* Bad ECC Curve */ -#define ECC_PEERKEY_ERROR -352 /* Bad Peer ECC Key */ -#define ECC_MAKEKEY_ERROR -353 /* Bad Make ECC Key */ -#define ECC_EXPORT_ERROR -354 /* Bad ECC Export Key */ -#define ECC_SHARED_ERROR -355 /* Bad ECC Shared Secret */ - -#define NOT_CA_ERROR -357 /* Not a CA cert error */ - -#define BAD_CERT_MANAGER_ERROR -359 /* Bad Cert Manager */ -#define OCSP_CERT_REVOKED -360 /* OCSP Certificate revoked */ -#define CRL_CERT_REVOKED -361 /* CRL Certificate revoked */ -#define CRL_MISSING -362 /* CRL Not loaded */ -#define MONITOR_SETUP_E -363 /* CRL Monitor setup error */ -#define THREAD_CREATE_E -364 /* Thread Create Error */ -#define OCSP_NEED_URL -365 /* OCSP need an URL for lookup */ -#define OCSP_CERT_UNKNOWN -366 /* OCSP responder doesn't know */ -#define OCSP_LOOKUP_FAIL -367 /* OCSP lookup not successful */ -#define MAX_CHAIN_ERROR -368 /* max chain depth exceeded */ -#define COOKIE_ERROR -369 /* dtls cookie error */ -#define SEQUENCE_ERROR -370 /* dtls sequence error */ -#define SUITES_ERROR -371 /* suites pointer error */ - -#define OUT_OF_ORDER_E -373 /* out of order message */ -#define BAD_KEA_TYPE_E -374 /* bad KEA type found */ -#define SANITY_CIPHER_E -375 /* sanity check on cipher error */ -#define RECV_OVERFLOW_E -376 /* RXCB returned more than read */ -#define GEN_COOKIE_E -377 /* Generate Cookie Error */ -#define NO_PEER_VERIFY -378 /* Need peer cert verify Error */ -#define FWRITE_ERROR -379 /* fwrite problem */ -#define CACHE_MATCH_ERROR -380 /* Cache hdr match error */ -#define UNKNOWN_SNI_HOST_NAME_E -381 /* Unrecognized host name Error */ -#define UNKNOWN_MAX_FRAG_LEN_E -382 /* Unrecognized max frag len Error */ -#define KEYUSE_SIGNATURE_E -383 /* KeyUse digSignature error */ - -#define KEYUSE_ENCIPHER_E -385 /* KeyUse keyEncipher error */ -#define EXTKEYUSE_AUTH_E -386 /* ExtKeyUse server|client_auth */ -#define SEND_OOB_READ_E -387 /* Send Cb out of bounds read */ -#define SECURE_RENEGOTIATION_E -388 /* Invalid Renegotiation Info */ -#define SESSION_TICKET_LEN_E -389 /* Session Ticket too large */ -#define SESSION_TICKET_EXPECT_E -390 /* Session Ticket missing */ -#define SCR_DIFFERENT_CERT_E -391 /* SCR Different cert error */ -#define SESSION_SECRET_CB_E -392 /* Session secret Cb fcn failure */ -#define NO_CHANGE_CIPHER_E -393 /* Finished before change cipher */ -#define SANITY_MSG_E -394 /* Sanity check on msg order error */ -#define DUPLICATE_MSG_E -395 /* Duplicate message error */ -#define SNI_UNSUPPORTED -396 /* SSL 3.0 does not support SNI */ -#define SOCKET_PEER_CLOSED_E -397 /* Underlying transport closed */ -#define BAD_TICKET_KEY_CB_SZ -398 /* Bad session ticket key cb size */ -#define BAD_TICKET_MSG_SZ -399 /* Bad session ticket msg size */ -#define BAD_TICKET_ENCRYPT -400 /* Bad user ticket encrypt */ -#define DH_KEY_SIZE_E -401 /* DH Key too small */ -#define SNI_ABSENT_ERROR -402 /* No SNI request. */ -#define RSA_SIGN_FAULT -403 /* RSA Sign fault */ -#define HANDSHAKE_SIZE_ERROR -404 /* Handshake message too large */ -#define UNKNOWN_ALPN_PROTOCOL_NAME_E -405 /* Unrecognized protocol name Error*/ -#define BAD_CERTIFICATE_STATUS_ERROR -406 /* Bad certificate status message */ -#define OCSP_INVALID_STATUS -407 /* Invalid OCSP Status */ -#define OCSP_WANT_READ -408 /* OCSP callback response WOLFSSL_CBIO_ERR_WANT_READ */ -#define RSA_KEY_SIZE_E -409 /* RSA key too small */ -#define ECC_KEY_SIZE_E -410 /* ECC key too small */ -#define DTLS_EXPORT_VER_E -411 /* export version error */ -#define INPUT_SIZE_E -412 /* input size too big error */ -#define CTX_INIT_MUTEX_E -413 /* initialize ctx mutex error */ -#define EXT_MASTER_SECRET_NEEDED_E -414 /* need EMS enabled to resume */ -#define DTLS_POOL_SZ_E -415 /* exceeded DTLS pool size */ -#define DECODE_E -416 /* decode handshake message error */ -#define HTTP_TIMEOUT -417 /* HTTP timeout for OCSP or CRL req */ -#define WRITE_DUP_READ_E -418 /* Write dup write side can't read */ -#define WRITE_DUP_WRITE_E -419 /* Write dup read side can't write */ -#define INVALID_CERT_CTX_E -420 /* TLS cert ctx not matching */ -#define BAD_KEY_SHARE_DATA -421 /* Key Share data invalid */ -#define MISSING_HANDSHAKE_DATA -422 /* Handshake message missing data */ -#define BAD_BINDER -423 /* Binder does not match */ -#define EXT_NOT_ALLOWED -424 /* Extension not allowed in msg */ -#define INVALID_PARAMETER -425 /* Security parameter invalid */ -#define MCAST_HIGHWATER_CB_E -426 /* Multicast highwater cb err */ -#define ALERT_COUNT_E -427 /* Alert Count exceeded err */ -#define EXT_MISSING -428 /* Required extension not found */ -#define UNSUPPORTED_EXTENSION -429 /* TLSX not requested by client */ -#define PRF_MISSING -430 /* PRF not compiled in */ -#define DTLS_RETX_OVER_TX -431 /* Retransmit DTLS flight over */ -#define DH_PARAMS_NOT_FFDHE_E -432 /* DH params from server not FFDHE */ -#define TCA_INVALID_ID_TYPE -433 /* TLSX TCA ID type invalid */ -#define TCA_ABSENT_ERROR -434 /* TLSX TCA ID no response */ -#define TSIP_MAC_DIGSZ_E -435 /* Invalid MAC size for TSIP */ -#define CLIENT_CERT_CB_ERROR -436 /* Client cert callback error */ -#define SSL_SHUTDOWN_ALREADY_DONE_E -437 /* Shutdown called redundantly */ -#define TLS13_SECRET_CB_E -438 /* TLS1.3 secret Cb fcn failure */ -#define DTLS_SIZE_ERROR -439 /* Trying to send too much data */ -#define NO_CERT_ERROR -440 /* TLS1.3 - no cert set error */ -#define APP_DATA_READY -441 /* DTLS1.2 application data ready for read */ -#define TOO_MUCH_EARLY_DATA -442 /* Too much Early data */ -#define SOCKET_FILTERED_E -443 /* Session stopped by network filter */ -#define HTTP_RECV_ERR -444 /* HTTP Receive error */ -#define HTTP_HEADER_ERR -445 /* HTTP Header error */ -#define HTTP_PROTO_ERR -446 /* HTTP Protocol error */ -#define HTTP_STATUS_ERR -447 /* HTTP Status error */ -#define HTTP_VERSION_ERR -448 /* HTTP Version error */ -#define HTTP_APPSTR_ERR -449 /* HTTP Application string error */ -#define UNSUPPORTED_PROTO_VERSION -450 /* bad/unsupported protocol version*/ -#define FALCON_KEY_SIZE_E -451 /* Wrong key size for Falcon. */ -#define QUIC_TP_MISSING_E -452 /* QUIC transport parameter missing */ -#define DILITHIUM_KEY_SIZE_E -453 /* Wrong key size for Dilithium. */ -#define DTLS_CID_ERROR -454 /* Wrong or missing CID */ -#define DTLS_TOO_MANY_FRAGMENTS_E -455 /* Received too many fragments */ -#define QUIC_WRONG_ENC_LEVEL -456 /* QUIC data received on wrong encryption level */ - -#define DUPLICATE_TLS_EXT_E -457 /* Duplicate TLS extension in msg. */ -/* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ - -/* begin negotiation parameter errors */ -#define UNSUPPORTED_SUITE -500 /* unsupported cipher suite */ -#define MATCH_SUITE_ERROR -501 /* can't match cipher suite */ -#define COMPRESSION_ERROR -502 /* compression mismatch */ -#define KEY_SHARE_ERROR -503 /* key share mismatch */ -#define POST_HAND_AUTH_ERROR -504 /* client won't do post-hand auth */ -#define HRR_COOKIE_ERROR -505 /* HRR msg cookie mismatch */ -#define UNSUPPORTED_CERTIFICATE -506 /* unsupported certificate type */ - /* end negotiation parameter errors only 10 for now */ - -#define WOLFSSL_LAST_E -506 - - /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */ - - /* no error strings go down here, add above negotiation errors !!!! */ + UNKNOWN_RECORD_TYPE = -311, /* unknown type in record hdr */ + DECRYPT_ERROR = -312, /* error during decryption */ + FATAL_ERROR = -313, /* recvd alert fatal error */ + ENCRYPT_ERROR = -314, /* error during encryption */ + FREAD_ERROR = -315, /* fread problem */ + NO_PEER_KEY = -316, /* need peer's key */ + NO_PRIVATE_KEY = -317, /* need the private key */ + RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */ + NO_DH_PARAMS = -319, /* server missing DH params */ + BUILD_MSG_ERROR = -320, /* build message failure */ + BAD_HELLO = -321, /* client hello malformed */ + DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */ + WANT_READ = -323, /* want read, call again */ + NOT_READY_ERROR = -324, /* handshake layer not ready */ + IPADDR_MISMATCH = -325, /* peer ip address mismatch */ + VERSION_ERROR = -326, /* record layer version error */ + WANT_WRITE = -327, /* want write, call again */ + BUFFER_ERROR = -328, /* malformed buffer input */ + VERIFY_CERT_ERROR = -329, /* verify cert error */ + VERIFY_SIGN_ERROR = -330, /* verify sign error */ + CLIENT_ID_ERROR = -331, /* psk client identity error */ + SERVER_HINT_ERROR = -332, /* psk server hint error */ + PSK_KEY_ERROR = -333, /* psk key error */ + + GETTIME_ERROR = -337, /* gettimeofday failed ??? */ + GETITIMER_ERROR = -338, /* getitimer failed ??? */ + SIGACT_ERROR = -339, /* sigaction failed ??? */ + SETITIMER_ERROR = -340, /* setitimer failed ??? */ + LENGTH_ERROR = -341, /* record layer length error */ + PEER_KEY_ERROR = -342, /* can't decode peer key */ + ZERO_RETURN = -343, /* peer sent close notify */ + SIDE_ERROR = -344, /* wrong client/server type */ + NO_PEER_CERT = -345, /* peer didn't send key */ + + ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */ + ECC_CURVE_ERROR = -351, /* Bad ECC Curve */ + ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */ + ECC_MAKEKEY_ERROR = -353, /* Bad Make ECC Key */ + ECC_EXPORT_ERROR = -354, /* Bad ECC Export Key */ + ECC_SHARED_ERROR = -355, /* Bad ECC Shared Secret */ + + NOT_CA_ERROR = -357, /* Not a CA cert error */ + + BAD_CERT_MANAGER_ERROR = -359, /* Bad Cert Manager */ + OCSP_CERT_REVOKED = -360, /* OCSP Certificate revoked */ + CRL_CERT_REVOKED = -361, /* CRL Certificate revoked */ + CRL_MISSING = -362, /* CRL Not loaded */ + MONITOR_SETUP_E = -363, /* CRL Monitor setup error */ + THREAD_CREATE_E = -364, /* Thread Create Error */ + OCSP_NEED_URL = -365, /* OCSP need an URL for lookup */ + OCSP_CERT_UNKNOWN = -366, /* OCSP responder doesn't know */ + OCSP_LOOKUP_FAIL = -367, /* OCSP lookup not successful */ + MAX_CHAIN_ERROR = -368, /* max chain depth exceeded */ + COOKIE_ERROR = -369, /* dtls cookie error */ + SEQUENCE_ERROR = -370, /* dtls sequence error */ + SUITES_ERROR = -371, /* suites pointer error */ + + OUT_OF_ORDER_E = -373, /* out of order message */ + BAD_KEA_TYPE_E = -374, /* bad KEA type found */ + SANITY_CIPHER_E = -375, /* sanity check on cipher error */ + RECV_OVERFLOW_E = -376, /* RXCB returned more than read */ + GEN_COOKIE_E = -377, /* Generate Cookie Error */ + NO_PEER_VERIFY = -378, /* Need peer cert verify Error */ + FWRITE_ERROR = -379, /* fwrite problem */ + CACHE_MATCH_ERROR = -380, /* Cache hdr match error */ + UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */ + UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */ + KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */ + + KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */ + EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */ + SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */ + SECURE_RENEGOTIATION_E = -388, /* Invalid Renegotiation Info */ + SESSION_TICKET_LEN_E = -389, /* Session Ticket too large */ + SESSION_TICKET_EXPECT_E = -390, /* Session Ticket missing */ + SCR_DIFFERENT_CERT_E = -391, /* SCR Different cert error */ + SESSION_SECRET_CB_E = -392, /* Session secret Cb fcn failure */ + NO_CHANGE_CIPHER_E = -393, /* Finished before change cipher */ + SANITY_MSG_E = -394, /* Sanity check on msg order error */ + DUPLICATE_MSG_E = -395, /* Duplicate message error */ + SNI_UNSUPPORTED = -396, /* SSL 3.0 does not support SNI */ + SOCKET_PEER_CLOSED_E = -397, /* Underlying transport closed */ + BAD_TICKET_KEY_CB_SZ = -398, /* Bad session ticket key cb size */ + BAD_TICKET_MSG_SZ = -399, /* Bad session ticket msg size */ + BAD_TICKET_ENCRYPT = -400, /* Bad user ticket encrypt */ + DH_KEY_SIZE_E = -401, /* DH Key too small */ + SNI_ABSENT_ERROR = -402, /* No SNI request. */ + RSA_SIGN_FAULT = -403, /* RSA Sign fault */ + HANDSHAKE_SIZE_ERROR = -404, /* Handshake message too large */ + UNKNOWN_ALPN_PROTOCOL_NAME_E = -405, /* Unrecognized protocol name Error*/ + BAD_CERTIFICATE_STATUS_ERROR = -406, /* Bad certificate status message */ + OCSP_INVALID_STATUS = -407, /* Invalid OCSP Status */ + OCSP_WANT_READ = -408, /* OCSP callback response WOLFSSL_CBIO_ERR_WANT_READ */ + RSA_KEY_SIZE_E = -409, /* RSA key too small */ + ECC_KEY_SIZE_E = -410, /* ECC key too small */ + DTLS_EXPORT_VER_E = -411, /* export version error */ + INPUT_SIZE_E = -412, /* input size too big error */ + CTX_INIT_MUTEX_E = -413, /* initialize ctx mutex error */ + EXT_MASTER_SECRET_NEEDED_E = -414, /* need EMS enabled to resume */ + DTLS_POOL_SZ_E = -415, /* exceeded DTLS pool size */ + DECODE_E = -416, /* decode handshake message error */ + HTTP_TIMEOUT = -417, /* HTTP timeout for OCSP or CRL req */ + WRITE_DUP_READ_E = -418, /* Write dup write side can't read */ + WRITE_DUP_WRITE_E = -419, /* Write dup read side can't write */ + INVALID_CERT_CTX_E = -420, /* TLS cert ctx not matching */ + BAD_KEY_SHARE_DATA = -421, /* Key Share data invalid */ + MISSING_HANDSHAKE_DATA = -422, /* Handshake message missing data */ + BAD_BINDER = -423, /* Binder does not match */ + EXT_NOT_ALLOWED = -424, /* Extension not allowed in msg */ + INVALID_PARAMETER = -425, /* Security parameter invalid */ + MCAST_HIGHWATER_CB_E = -426, /* Multicast highwater cb err */ + ALERT_COUNT_E = -427, /* Alert Count exceeded err */ + EXT_MISSING = -428, /* Required extension not found */ + UNSUPPORTED_EXTENSION = -429, /* TLSX not requested by client */ + PRF_MISSING = -430, /* PRF not compiled in */ + DTLS_RETX_OVER_TX = -431, /* Retransmit DTLS flight over */ + DH_PARAMS_NOT_FFDHE_E = -432, /* DH params from server not FFDHE */ + TCA_INVALID_ID_TYPE = -433, /* TLSX TCA ID type invalid */ + TCA_ABSENT_ERROR = -434, /* TLSX TCA ID no response */ + TSIP_MAC_DIGSZ_E = -435, /* Invalid MAC size for TSIP */ + CLIENT_CERT_CB_ERROR = -436, /* Client cert callback error */ + SSL_SHUTDOWN_ALREADY_DONE_E = -437, /* Shutdown called redundantly */ + TLS13_SECRET_CB_E = -438, /* TLS1.3 secret Cb fcn failure */ + DTLS_SIZE_ERROR = -439, /* Trying to send too much data */ + NO_CERT_ERROR = -440, /* TLS1.3 - no cert set error */ + APP_DATA_READY = -441, /* DTLS1.2 application data ready for read */ + TOO_MUCH_EARLY_DATA = -442, /* Too much Early data */ + SOCKET_FILTERED_E = -443, /* Session stopped by network filter */ + HTTP_RECV_ERR = -444, /* HTTP Receive error */ + HTTP_HEADER_ERR = -445, /* HTTP Header error */ + HTTP_PROTO_ERR = -446, /* HTTP Protocol error */ + HTTP_STATUS_ERR = -447, /* HTTP Status error */ + HTTP_VERSION_ERR = -448, /* HTTP Version error */ + HTTP_APPSTR_ERR = -449, /* HTTP Application string error */ + UNSUPPORTED_PROTO_VERSION = -450, /* bad/unsupported protocol version*/ + FALCON_KEY_SIZE_E = -451, /* Wrong key size for Falcon. */ + QUIC_TP_MISSING_E = -452, /* QUIC transport parameter missing */ + DILITHIUM_KEY_SIZE_E = -453, /* Wrong key size for Dilithium. */ + DTLS_CID_ERROR = -454, /* Wrong or missing CID */ + DTLS_TOO_MANY_FRAGMENTS_E = -455, /* Received too many fragments */ + QUIC_WRONG_ENC_LEVEL = -456, /* QUIC data received on wrong encryption level */ + DUPLICATE_TLS_EXT_E = -457, /* Duplicate TLS extension in msg. */ + + /* legacy CyaSSL compat layer error codes */ + WOLFSSL_ALPN_NOT_FOUND = -458, /* TLS extension not found */ + WOLFSSL_BAD_CERTTYPE = -459, /* Certificate type not supported */ + WOLFSSL_BAD_STAT = -460, /* not used */ + WOLFSSL_BAD_PATH = -461, /* No certificates found at designated path */ + WOLFSSL_BAD_FILETYPE = -462, /* Data format not supported */ + WOLFSSL_BAD_FILE = -463, /* Input/output error on file */ + WOLFSSL_NOT_IMPLEMENTED = -464, /* Function not implemented */ + WOLFSSL_UNKNOWN = -465, /* Unknown algorithm (EVP) */ + + /* negotiation parameter errors */ + UNSUPPORTED_SUITE = -500, /* unsupported cipher suite */ + MATCH_SUITE_ERROR = -501, /* can't match cipher suite */ + COMPRESSION_ERROR = -502, /* compression mismatch */ + KEY_SHARE_ERROR = -503, /* key share mismatch */ + POST_HAND_AUTH_ERROR = -504, /* client won't do post-hand auth */ + HRR_COOKIE_ERROR = -505, /* HRR msg cookie mismatch */ + UNSUPPORTED_CERTIFICATE = -506, /* unsupported certificate type */ + + WOLFSSL_LAST_E = -506 +}; /* I/O Callback default errors */ enum IOerrors { diff --git a/wolfssl/internal.h b/wolfssl/internal.h index c77f4d0fca..89cd156ec3 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1847,22 +1847,247 @@ enum Misc { * hybridization with other algs. */ #else #ifndef NO_PSK - #define ENCRYPT_LEN (ENCRYPT_BASE_BITS / 8) + MAX_PSK_KEY_LEN + 2 + #define ENCRYPT_LEN ((ENCRYPT_BASE_BITS / 8) + MAX_PSK_KEY_LEN + 2) #else #define ENCRYPT_LEN (ENCRYPT_BASE_BITS / 8) #endif #endif #ifndef MAX_PLAINTEXT_SZ -#define CLIENT_HELLO_COMPLETE 12 -#define CLIENT_KEYEXCHANGE_COMPLETE 13 -#define CLIENT_CHANGECIPHERSPEC_COMPLETE 14 -#define CLIENT_FINISHED_COMPLETE 15 -#define HANDSHAKE_DONE 16 + #define MAX_PLAINTEXT_SZ 16384u /* (1u << 14) Max plaintext sz */ +#endif + +#ifndef MAX_TLS_CIPHER_SZ + #define MAX_TLS_CIPHER_SZ 18432u /* (1u << 14) + 2048 Max TLS encrypted + data sz */ +#endif +#define SEED_LEN (RAN_LEN * 2) /* tls prf seed length */ +#ifndef MAX_PSK_KEY_LEN + #define MAX_PSK_KEY_LEN 64 /* max psk key supported */ +#endif +#define MAX_MSG_EXTRA (38 + WC_MAX_DIGEST_SIZE) + /* max added to msg, mac + pad from */ + /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max + digest sz + BLOC_SZ (iv) + pad byte (1) */ + +#define WOLFSSL_NAMED_GROUP_IS_FFHDE(group) \ + (MIN_FFHDE_GROUP <= (group) && (group) <= MAX_FFHDE_GROUP) +#ifdef WOLFSSL_HAVE_KYBER +#define WOLFSSL_NAMED_GROUP_IS_PQC(group) \ + ((WOLFSSL_PQC_SIMPLE_MIN <= (group) && (group) <= WOLFSSL_PQC_SIMPLE_MAX) || \ + (WOLFSSL_PQC_HYBRID_MIN <= (group) && (group) <= WOLFSSL_PQC_HYBRID_MAX)) +#else +#define WOLFSSL_NAMED_GROUP_IS_PQC(group) ((void)(group), 0) +#endif /* WOLFSSL_HAVE_KYBER */ + +/* minimum Downgrade Minor version */ +#ifndef WOLFSSL_MIN_DOWNGRADE + #ifndef NO_OLD_TLS + #define WOLFSSL_MIN_DOWNGRADE TLSv1_MINOR + #else + #define WOLFSSL_MIN_DOWNGRADE TLSv1_2_MINOR + #endif +#endif + +/* minimum DTLS Downgrade Minor version */ +#ifndef WOLFSSL_MIN_DTLS_DOWNGRADE +#define WOLFSSL_MIN_DTLS_DOWNGRADE DTLS_MINOR; +#endif + +/* Set max implicit IV size for AEAD cipher suites */ +#define AEAD_MAX_IMP_SZ 12 + +/* Set max explicit IV size for AEAD cipher suites */ +#define AEAD_MAX_EXP_SZ 8 + + +#ifndef WOLFSSL_MAX_SUITE_SZ + #define WOLFSSL_MAX_SUITE_SZ 300 + /* 150 suites for now! */ +#endif + +/* number of items in the signature algo list */ +#ifndef WOLFSSL_MAX_SIGALGO +#if defined(HAVE_FALCON) || defined(HAVE_DILITHIUM) + /* If we are building with post-quantum algorithms, we likely want to + * inter-op with OQS's OpenSSL and they send a lot more sigalgs. + */ + #define WOLFSSL_MAX_SIGALGO 128 +#else + #define WOLFSSL_MAX_SIGALGO 38 +#endif +#endif + + +/* set minimum ECC key size allowed */ +#ifndef WOLFSSL_MIN_ECC_BITS + #ifdef WOLFSSL_MAX_STRENGTH + #define WOLFSSL_MIN_ECC_BITS 256 + #else + #define WOLFSSL_MIN_ECC_BITS 224 + #endif +#endif /* WOLFSSL_MIN_ECC_BITS */ +#if (WOLFSSL_MIN_ECC_BITS % 8) + /* Some ECC keys are not divisible by 8 such as prime239v1 or sect131r1. + In these cases round down to the nearest value divisible by 8. The + restriction of being divisible by 8 is in place to match wc_ecc_size + function from wolfSSL. + */ + #error ECC minimum bit size must be a multiple of 8 +#endif +#define MIN_ECCKEY_SZ (WOLFSSL_MIN_ECC_BITS / 8) + +#ifdef HAVE_FALCON +#ifndef MIN_FALCONKEY_SZ + #define MIN_FALCONKEY_SZ 1281 +#endif +#endif +#ifdef HAVE_DILITHIUM +#ifndef MIN_DILITHIUMKEY_SZ + #define MIN_DILITHIUMKEY_SZ 2528 +#endif +#endif + +/* set minimum RSA key size allowed */ +#ifndef WOLFSSL_MIN_RSA_BITS + #if defined(WOLFSSL_HARDEN_TLS) && !defined(WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK) + /* Using guidance from section 5.6.1 + * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf */ + #if WOLFSSL_HARDEN_TLS >= 128 + #define WOLFSSL_MIN_RSA_BITS 3072 + #elif WOLFSSL_HARDEN_TLS >= 112 + #define WOLFSSL_MIN_RSA_BITS 2048 + #endif + #elif defined(WOLFSSL_MAX_STRENGTH) + #define WOLFSSL_MIN_RSA_BITS 2048 + #else + #define WOLFSSL_MIN_RSA_BITS 1024 + #endif +#endif /* WOLFSSL_MIN_RSA_BITS */ +#if defined(WOLFSSL_HARDEN_TLS) && WOLFSSL_MIN_RSA_BITS < 2048 && \ + !defined(WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK) + /* Implementations MUST NOT negotiate cipher suites offering less than + * 112 bits of security. + * https://www.rfc-editor.org/rfc/rfc9325#section-4.1 + * Using guidance from section 5.6.1 + * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf */ + #error "For 112 bits of security RSA needs at least 2048 bit keys" +#endif +#if (WOLFSSL_MIN_RSA_BITS % 8) + /* This is to account for the example case of a min size of 2050 bits but + still allows 2049 bit key. So we need the measurement to be in bytes. */ + #error RSA minimum bit size must be a multiple of 8 +#endif +#define MIN_RSAKEY_SZ (WOLFSSL_MIN_RSA_BITS / 8) + +#ifdef SESSION_INDEX +/* Shift values for making a session index */ +#define SESSIDX_ROW_SHIFT 4 +#define SESSIDX_IDX_MASK 0x0F +#endif + +#ifndef MAX_X509_SIZE + #if defined(HAVE_FALCON) || defined(HAVE_DILITHIUM) + #define MAX_X509_SIZE (8*1024) /* max static x509 buffer size; dilithium is big */ + #elif defined(WOLFSSL_HAPROXY) + #define MAX_X509_SIZE 3072 /* max static x509 buffer size */ + #else + #define MAX_X509_SIZE 2048 /* max static x509 buffer size */ + #endif +#endif + +/* max cert chain peer depth */ +#ifndef MAX_CHAIN_DEPTH + #define MAX_CHAIN_DEPTH 9 +#endif + +/* max size of a certificate message payload */ +/* assumes MAX_CHAIN_DEPTH number of certificates at 2kb per certificate */ +#ifndef MAX_CERTIFICATE_SZ + #define MAX_CERTIFICATE_SZ \ + (CERT_HEADER_SZ + \ + (MAX_X509_SIZE + CERT_HEADER_SZ) * MAX_CHAIN_DEPTH) +#endif + +/* max size of a handshake message, currently set to the certificate */ +#ifndef MAX_HANDSHAKE_SZ + #define MAX_HANDSHAKE_SZ MAX_CERTIFICATE_SZ +#endif + +#ifndef PREALLOC_SESSION_TICKET_LEN + #define PREALLOC_SESSION_TICKET_LEN 512 +#endif + +#ifndef PREALLOC_SESSION_TICKET_NONCE_LEN + #define PREALLOC_SESSION_TICKET_NONCE_LEN 32 +#endif + +#ifndef SESSION_TICKET_HINT_DEFAULT + #define SESSION_TICKET_HINT_DEFAULT 300 +#endif + +#if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_WOLFSSL_SERVER) + /* Check chosen encryption is available. */ + #if !(defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) && \ + defined(WOLFSSL_TICKET_ENC_CHACHA20_POLY1305) + #error "ChaCha20-Poly1305 not available for default ticket encryption" + #endif + #if !defined(HAVE_AESGCM) && (defined(WOLFSSL_TICKET_ENC_AES128_GCM) || \ + defined(WOLFSSL_TICKET_ENC_AES256_GCM)) + #error "AES-GCM not available for default ticket encryption" + #endif + + #ifndef WOLFSSL_TICKET_KEY_LIFETIME + /* Default lifetime is 1 hour from issue of first ticket with key. */ + #define WOLFSSL_TICKET_KEY_LIFETIME (60 * 60) + #endif + #if WOLFSSL_TICKET_KEY_LIFETIME <= SESSION_TICKET_HINT_DEFAULT + #error "Ticket Key lifetime must be longer than ticket life hint." + #endif +#endif + +#define MAX_ENCRYPT_SZ ENCRYPT_LEN + +/* A static check to assert a relation between x and y */ +#define WOLFSSL_ASSERT_TEST(x, y, op) do { \ + typedef char _args_test_[(x) op (y) ? 1 : -1]; \ + (void)sizeof(_args_test_); \ +} while(0) + +#define WOLFSSL_ASSERT_EQ(x, y) WOLFSSL_ASSERT_TEST(x, y, ==) + +#define WOLFSSL_ASSERT_SIZEOF_TEST(x, y, op) \ + WOLFSSL_ASSERT_TEST(sizeof(x), sizeof(y), op) + +#define WOLFSSL_ASSERT_SIZEOF_GE(x, y) WOLFSSL_ASSERT_SIZEOF_TEST(x, y, >=) + +/* states. Adding state before HANDSHAKE_DONE will break session importing */ +enum states { + NULL_STATE = 0, + + SERVER_HELLOVERIFYREQUEST_COMPLETE, + SERVER_HELLO_RETRY_REQUEST_COMPLETE, + SERVER_HELLO_COMPLETE, + SERVER_ENCRYPTED_EXTENSIONS_COMPLETE, + SERVER_CERT_COMPLETE, + SERVER_CERT_VERIFY_COMPLETE, + SERVER_KEYEXCHANGE_COMPLETE, + SERVER_HELLODONE_COMPLETE, + SERVER_CHANGECIPHERSPEC_COMPLETE, + SERVER_FINISHED_COMPLETE, + + CLIENT_HELLO_RETRY, + CLIENT_HELLO_COMPLETE, + CLIENT_KEYEXCHANGE_COMPLETE, + CLIENT_CHANGECIPHERSPEC_COMPLETE, + CLIENT_FINISHED_COMPLETE, + + HANDSHAKE_DONE, #ifdef WOLFSSL_DTLS13 - #define SERVER_FINISHED_ACKED 17 + SERVER_FINISHED_ACKED, #endif /* WOLFSSL_DTLS13 */ +}; /* SSL Version */ typedef struct ProtocolVersion { @@ -4432,23 +4657,24 @@ typedef int (*hmacfp) (WOLFSSL*, byte*, const byte*, word32, int, int, int, int) #endif /* client connect state for nonblocking restart */ - -#define CONNECT_BEGIN 0u -#define CLIENT_HELLO_SENT 1u -#define HELLO_AGAIN 2u /* HELLO_AGAIN s for DTLS case */ -#define HELLO_AGAIN_REPLY 3u -#define FIRST_REPLY_DONE 4u -#define FIRST_REPLY_FIRST 5u -#define FIRST_REPLY_SECOND 6u -#define FIRST_REPLY_THIRD 7u -#define FIRST_REPLY_FOURTH 8u -#define FINISHED_DONE 9u -#define SECOND_REPLY_DONE 10u +enum ConnectState { + CONNECT_BEGIN = 0, + CLIENT_HELLO_SENT, + HELLO_AGAIN, /* HELLO_AGAIN s for DTLS case */ + HELLO_AGAIN_REPLY, + FIRST_REPLY_DONE, + FIRST_REPLY_FIRST, + FIRST_REPLY_SECOND, + FIRST_REPLY_THIRD, + FIRST_REPLY_FOURTH, + FINISHED_DONE, + SECOND_REPLY_DONE, #ifdef WOLFSSL_DTLS13 -#define WAIT_FINISHED_ACK 11 + WAIT_FINISHED_ACK #endif /* WOLFSSL_DTLS13 */ +}; /* server accept state for nonblocking restart */ @@ -4562,16 +4788,16 @@ typedef struct Buffers { #endif #ifdef HAVE_PK_CALLBACKS #ifdef HAVE_ECC - WOLFSSL_BUFFER_INFO peerEccDsaKey; /* we own for Ecc Verify Callbacks */ + WOLFSSL_BUFFER_INFO peerEccDsaKey; /* we own for Ecc Verify Callbacks */ #endif /* HAVE_ECC */ #ifdef HAVE_ED25519 - WOLFSSL_BUFFER_INFO peerEd25519Key; /* for Ed25519 Verify Callbacks */ + WOLFSSL_BUFFER_INFO peerEd25519Key;/* for Ed25519 Verify Callbacks */ #endif /* HAVE_ED25519 */ #ifdef HAVE_ED448 - WOLFSSL_BUFFER_INFO peerEd448Key; /* for Ed448 Verify Callbacks */ + WOLFSSL_BUFFER_INFO peerEd448Key; /* for Ed448 Verify Callbacks */ #endif /* HAVE_ED448 */ #ifndef NO_RSA - WOLFSSL_BUFFER_INFO peerRsaKey; /* we own for Rsa Verify Callbacks */ + WOLFSSL_BUFFER_INFO peerRsaKey; /* we own for Rsa Verify Callbacks */ #endif /* NO_RSA */ #endif /* HAVE_PK_CALLBACKS */ } Buffers; @@ -4660,7 +4886,7 @@ struct Options { word16 tls1_1:1; /* using TLSv1.1+ ? */ word16 tls1_3:1; /* using TLSv1.3+ ? */ word16 seenUnifiedHdr:1; /* received msg with unified header */ -#ifdef WOLFSSL_DTLS +#ifndef WOLFSSL_LEANPSK_STATIC word16 dtls:1; /* using datagrams ? */ word16 dtlsStateful:1; /* allow stateful processing ? */ #endif @@ -4876,7 +5102,8 @@ typedef struct Arrays { char server_hint[MAX_PSK_ID_LEN + NULL_TERM_LEN]; #endif #ifdef WOLFSSL_LEANPSK_STATIC - byte csRandom[(RAN_LEN * 2) + AES_IV_SIZE]; /* client + server random + first IV*/ + /* client + server random + first IV*/ + byte csRandom[(RAN_LEN * 2) + AES_IV_SIZE]; #else byte clientRandom[RAN_LEN]; byte serverRandom[RAN_LEN]; @@ -6180,8 +6407,10 @@ enum { REQUIRES_AEAD }; -static const FLASH_QUALIFIER byte kTlsClientStr[SIZEOF_SENDER+1] = { 0x43, 0x4C, 0x4E, 0x54, 0x00 }; /* CLNT */ -static const FLASH_QUALIFIER byte kTlsServerStr[SIZEOF_SENDER+1] = { 0x53, 0x52, 0x56, 0x52, 0x00 }; /* SRVR */ +static const FLASH_QUALIFIER byte kTlsClientStr[SIZEOF_SENDER+1] = + { 0x43, 0x4C, 0x4E, 0x54, 0x00 }; /* CLNT */ +static const FLASH_QUALIFIER byte kTlsServerStr[SIZEOF_SENDER+1] = + { 0x53, 0x52, 0x56, 0x52, 0x00 }; /* SRVR */ #ifndef WOLFSSL_LEANPSK_STATIC static const byte kTlsClientFinStr[FINISHED_LABEL_SZ + 1] = "client finished"; @@ -6297,7 +6526,7 @@ WOLFSSL_LOCAL int SetECKeyExternal(WOLFSSL_EC_KEY* eckey); WOLFSSL_LOCAL int wolfSSL_curve_is_disabled(const WOLFSSL* ssl, word16 curve_id); #else -#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448) +#ifndef WOLFSSL_LEANPSK_STATIC static WC_INLINE int wolfSSL_curve_is_disabled(const WOLFSSL* ssl, word16 curve_id) { diff --git a/wolfssl/openssl/evp.h b/wolfssl/openssl/evp.h index fbfea201a1..43b1425873 100644 --- a/wolfssl/openssl/evp.h +++ b/wolfssl/openssl/evp.h @@ -1230,10 +1230,10 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx, #endif -#define EVP_R_BAD_DECRYPT (-MIN_CODE_E + 100 + 1) -#define EVP_R_BN_DECODE_ERROR (-MIN_CODE_E + 100 + 2) -#define EVP_R_DECODE_ERROR (-MIN_CODE_E + 100 + 3) -#define EVP_R_PRIVATE_KEY_DECODE_ERROR (-MIN_CODE_E + 100 + 4) +#define EVP_R_BAD_DECRYPT (-(MIN_CODE_E) + 100 + 1) +#define EVP_R_BN_DECODE_ERROR (-(MIN_CODE_E) + 100 + 2) +#define EVP_R_DECODE_ERROR (-(MIN_CODE_E) + 100 + 3) +#define EVP_R_PRIVATE_KEY_DECODE_ERROR (-(MIN_CODE_E) + 100 + 4) #define EVP_PKEY_NONE NID_undef #define EVP_PKEY_DH 28 diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index ef65f60ea9..2ed4ec0b66 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -1556,11 +1556,11 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE SRTP_PROTECTION_PROFILE; #define PEM_F_PEM_DEF_CALLBACK 100 /* Avoid wolfSSL error code range */ -#define PEM_R_NO_START_LINE (-MIN_CODE_E + 1) -#define PEM_R_PROBLEMS_GETTING_PASSWORD (-MIN_CODE_E + 2) -#define PEM_R_BAD_PASSWORD_READ (-MIN_CODE_E + 3) -#define PEM_R_BAD_DECRYPT (-MIN_CODE_E + 4) -#define ASN1_R_HEADER_TOO_LONG (-MIN_CODE_E + 5) +#define PEM_R_NO_START_LINE (-(MIN_CODE_E) + 1) +#define PEM_R_PROBLEMS_GETTING_PASSWORD (-(MIN_CODE_E) + 2) +#define PEM_R_BAD_PASSWORD_READ (-(MIN_CODE_E) + 3) +#define PEM_R_BAD_DECRYPT (-(MIN_CODE_E) + 4) +#define ASN1_R_HEADER_TOO_LONG (-(MIN_CODE_E) + 5) #define ERR_LIB_SYS 2 #define ERR_LIB_RSA 4 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index d323b4a964..c19cbdcd79 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -2639,16 +2639,6 @@ WOLFSSL_API void wolfSSL_ERR_print_errors(WOLFSSL_BIO *bio); #define WOLFSSL_SHUTDOWN_NOT_DONE 2 #endif -#define WOLFSSL_ALPN_NOT_FOUND -9 -#define WOLFSSL_BAD_CERTTYPE -8 -#define WOLFSSL_BAD_STAT -7 -#define WOLFSSL_BAD_PATH -6 -#define WOLFSSL_BAD_FILETYPE -5 -#define WOLFSSL_BAD_FILE -4 -#define WOLFSSL_NOT_IMPLEMENTED -3 -#define WOLFSSL_UNKNOWN -2 -#define WOLFSSL_FATAL_ERROR -1 - #define WOLFSSL_FILETYPE_ASN1 CTC_FILETYPE_ASN1 #define WOLFSSL_FILETYPE_PEM CTC_FILETYPE_PEM #define WOLFSSL_FILETYPE_DEFAULT CTC_FILETYPE_ASN1 /* ASN1 */ @@ -2668,7 +2658,8 @@ WOLFSSL_API void wolfSSL_ERR_print_errors(WOLFSSL_BIO *bio); #define WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR 0x0008 #define WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP 0x0100 #define WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE 0x0200 -#define WOLFSSL_SESS_CACHE_NO_INTERNAL (WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE | WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP) +#define WOLFSSL_SESS_CACHE_NO_INTERNAL \ + (WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE | WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP) /* These values match OpenSSL values for corresponding names. */ #define WOLFSSL_ERROR_SSL 1 @@ -3397,14 +3388,15 @@ WOLFSSL_API int wolfSSL_SetTlsHmacInner(WOLFSSL* ssl, byte* inner, word32 sz, int content, int verify); /* Atomic User Needs */ - -#define WOLFSSL_SERVER_END 0 -#define WOLFSSL_CLIENT_END 1 -#define WOLFSSL_NEITHER_END 3 -#define WOLFSSL_BLOCK_TYPE 2 -#define WOLFSSL_STREAM_TYPE 3 -#define WOLFSSL_AEAD_TYPE 4 -#define WOLFSSL_TLS_HMAC_INNER_SZ 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */ +enum { + WOLFSSL_SERVER_END = 0, + WOLFSSL_CLIENT_END = 1, + WOLFSSL_NEITHER_END = 3, + WOLFSSL_BLOCK_TYPE = 2, + WOLFSSL_STREAM_TYPE = 3, + WOLFSSL_AEAD_TYPE = 4, + WOLFSSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */ +}; /* for GetBulkCipher and internal use diff --git a/wolfssl/test.h b/wolfssl/test.h index 9d3a35e286..4183af3d98 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -1484,6 +1484,7 @@ static WC_INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) err_sys_with_errno("tcp connect failed"); } + (void)ssl; /* not used when compiled without DTLS support */ } #endif /* WOLFSSL_WOLFSENTRY_HOOKS */ diff --git a/wolfssl/wolfcrypt/chacha.h b/wolfssl/wolfcrypt/chacha.h index 3cae8fcadb..42e71aee57 100644 --- a/wolfssl/wolfcrypt/chacha.h +++ b/wolfssl/wolfcrypt/chacha.h @@ -70,8 +70,10 @@ Block counter is located at index 12. #endif #endif -#define CHACHA_ENC_TYPE WC_CIPHER_CHACHA /* cipher unique type */ -#define CHACHA_MAX_KEY_SZ 32 +enum { + CHACHA_ENC_TYPE = WC_CIPHER_CHACHA, /* cipher unique type */ + CHACHA_MAX_KEY_SZ = 32 +}; typedef struct ChaCha { word32 X[CHACHA_CHUNK_WORDS]; /* state of cipher */ diff --git a/wolfssl/wolfcrypt/error-crypt.h b/wolfssl/wolfcrypt/error-crypt.h index 8151ae441e..3f188f7444 100644 --- a/wolfssl/wolfcrypt/error-crypt.h +++ b/wolfssl/wolfcrypt/error-crypt.h @@ -42,254 +42,260 @@ the error status. #endif /* error codes, add string for new errors !!! */ +enum wolfCrypt_ErrorCodes { /* note that WOLFSSL_FATAL_ERROR is defined as -1 in error-ssl.h, for * reasons of backward compatibility. */ -#define MAX_CODE_E -96 /* errors -97 - -299 */ -#define WC_FIRST_E -97 /* errors -97 - -299 */ + MAX_CODE_E = -96, /* errors -97 - -299 */ + WC_FIRST_E = -97, /* errors -97 - -299 */ -#define MP_MEM -97 /* MP dynamic memory allocation failed. */ -#define MP_VAL -98 /* MP value passed is not able to be used. */ -#define MP_WOULDBLOCK -99 /* MP non-blocking operation is returning after + MP_MEM = -97, /* MP dynamic memory allocation failed. */ + MP_VAL = -98, /* MP value passed is not able to be used. */ + MP_WOULDBLOCK = -99, /* MP non-blocking operation is returning after * partial completion. */ -#define MP_NOT_INF -100 /* MP point not at infinity */ - -#define OPEN_RAN_E -101 /* opening random device error */ -#define READ_RAN_E -102 /* reading random device error */ -#define WINCRYPT_E -103 /* windows crypt init error */ -#define CRYPTGEN_E -104 /* windows crypt generation error */ -#define RAN_BLOCK_E -105 /* reading random device would block */ -#define BAD_MUTEX_E -106 /* Bad mutex operation */ -#define WC_TIMEOUT_E -107 /* timeout error */ -#define WC_PENDING_E -108 /* wolfCrypt operation pending (would block) */ -#define WC_NO_PENDING_E -109 /* no asynchronous operation pending */ - -#define MP_INIT_E -110 /* mp_init error state */ -#define MP_READ_E -111 /* mp_read error state */ -#define MP_EXPTMOD_E -112 /* mp_exptmod error state */ -#define MP_TO_E -113 /* mp_to_xxx error state, can't convert */ -#define MP_SUB_E -114 /* mp_sub error state, can't subtract */ -#define MP_ADD_E -115 /* mp_add error state, can't add */ -#define MP_MUL_E -116 /* mp_mul error state, can't multiply */ -#define MP_MULMOD_E -117 /* mp_mulmod error state, can't multiply mod */ -#define MP_MOD_E -118 /* mp_mod error state, can't mod */ -#define MP_INVMOD_E -119 /* mp_invmod error state, can't inv mod */ -#define MP_CMP_E -120 /* mp_cmp error state */ -#define MP_ZERO_E -121 /* got a mp zero result, not expected */ - -#define AES_EAX_AUTH_E -122 /* AES-EAX Authentication check failure */ -#define KEY_EXHAUSTED_E -123 /* No longer usable for operation. */ - -/* -124 unused. */ - -#define MEMORY_E -125 /* out of memory error */ -#define VAR_STATE_CHANGE_E -126 /* var state modified by different thread */ -#define FIPS_DEGRADED_E -127 /* FIPS Module in degraded mode */ - -#define FIPS_CODE_SZ_E -128 /* Module CODE too big */ -#define FIPS_DATA_SZ_E -129 /* Module DATA too big */ - -#define RSA_WRONG_TYPE_E -130 /* RSA wrong block type for RSA function */ -#define RSA_BUFFER_E -131 /* RSA buffer error, output too small or + MP_NOT_INF = -100, /* MP point not at infinity */ + + OPEN_RAN_E = -101, /* opening random device error */ + READ_RAN_E = -102, /* reading random device error */ + WINCRYPT_E = -103, /* windows crypt init error */ + CRYPTGEN_E = -104, /* windows crypt generation error */ + RAN_BLOCK_E = -105, /* reading random device would block */ + BAD_MUTEX_E = -106, /* Bad mutex operation */ + WC_TIMEOUT_E = -107, /* timeout error */ + WC_PENDING_E = -108, /* wolfCrypt operation pending (would block) */ + WC_NO_PENDING_E = -109, /* no asynchronous operation pending */ + + MP_INIT_E = -110, /* mp_init error state */ + MP_READ_E = -111, /* mp_read error state */ + MP_EXPTMOD_E = -112, /* mp_exptmod error state */ + MP_TO_E = -113, /* mp_to_xxx error state, can't convert */ + MP_SUB_E = -114, /* mp_sub error state, can't subtract */ + MP_ADD_E = -115, /* mp_add error state, can't add */ + MP_MUL_E = -116, /* mp_mul error state, can't multiply */ + MP_MULMOD_E = -117, /* mp_mulmod error state, can't multiply mod */ + MP_MOD_E = -118, /* mp_mod error state, can't mod */ + MP_INVMOD_E = -119, /* mp_invmod error state, can't inv mod */ + MP_CMP_E = -120, /* mp_cmp error state */ + MP_ZERO_E = -121, /* got a mp zero result, not expected */ + + AES_EAX_AUTH_E = -122, /* AES-EAX Authentication check failure */ + KEY_EXHAUSTED_E = -123, /* No longer usable for operation. */ + + /* -124 unused. */ + + MEMORY_E = -125, /* out of memory error */ + VAR_STATE_CHANGE_E = -126, /* var state modified by different thread */ + FIPS_DEGRADED_E = -127, /* FIPS Module in degraded mode */ + + FIPS_CODE_SZ_E = -128, /* Module CODE too big */ + FIPS_DATA_SZ_E = -129, /* Module DATA too big */ + + RSA_WRONG_TYPE_E = -130, /* RSA wrong block type for RSA function */ + RSA_BUFFER_E = -131, /* RSA buffer error, output too small or input too large */ -#define BUFFER_E -132 /* output buffer too small or input too large */ -#define ALGO_ID_E -133 /* setting algo id error */ -#define PUBLIC_KEY_E -134 /* setting public key error */ -#define DATE_E -135 /* setting date validity error */ -#define SUBJECT_E -136 /* setting subject name error */ -#define ISSUER_E -137 /* setting issuer name error */ -#define CA_TRUE_E -138 /* setting CA basic constraint true error */ -#define EXTENSIONS_E -139 /* setting extensions error */ -#define ASN_PARSE_E -140 /* ASN parsing error, invalid input */ -#define ASN_VERSION_E -141 /* ASN version error, invalid number */ -#define ASN_GETINT_E -142 /* ASN get big int error, invalid data */ -#define ASN_RSA_KEY_E -143 /* ASN key init error, invalid input */ -#define ASN_OBJECT_ID_E -144 /* ASN object id error, invalid id */ -#define ASN_TAG_NULL_E -145 /* ASN tag error, not null */ -#define ASN_EXPECT_0_E -146 /* ASN expect error, not zero */ -#define ASN_BITSTR_E -147 /* ASN bit string error, wrong id */ -#define ASN_UNKNOWN_OID_E -148 /* ASN oid error, unknown sum id */ -#define ASN_DATE_SZ_E -149 /* ASN date error, bad size */ -#define ASN_BEFORE_DATE_E -150 /* ASN date error, current date before */ -#define ASN_AFTER_DATE_E -151 /* ASN date error, current date after */ -#define ASN_SIG_OID_E -152 /* ASN signature error, mismatched oid */ -#define ASN_TIME_E -153 /* ASN time error, unknown time type */ -#define ASN_INPUT_E -154 /* ASN input error, not enough data */ -#define ASN_SIG_CONFIRM_E -155 /* ASN sig error, confirm failure */ -#define ASN_SIG_HASH_E -156 /* ASN sig error, unsupported hash type */ -#define ASN_SIG_KEY_E -157 /* ASN sig error, unsupported key type */ -#define ASN_DH_KEY_E -158 /* ASN key init error, invalid input */ -#define KDF_SRTP_KAT_FIPS_E -159 /* SRTP-KDF Known Answer Test Failure */ -#define ASN_CRIT_EXT_E -160 /* ASN unsupported critical extension */ -#define ASN_ALT_NAME_E -161 /* ASN alternate name error */ -#define ASN_NO_PEM_HEADER -162 /* ASN no PEM header found */ -#define ED25519_KAT_FIPS_E -163 /* Ed25519 Known answer test failure */ -#define ED448_KAT_FIPS_E -164 /* Ed448 Known answer test failure */ -#define PBKDF2_KAT_FIPS_E -165 /* PBKDF2 Known answer test failure */ - + BUFFER_E = -132, /* output buffer too small or input too large */ + ALGO_ID_E = -133, /* setting algo id error */ + PUBLIC_KEY_E = -134, /* setting public key error */ + DATE_E = -135, /* setting date validity error */ + SUBJECT_E = -136, /* setting subject name error */ + ISSUER_E = -137, /* setting issuer name error */ + CA_TRUE_E = -138, /* setting CA basic constraint true error */ + EXTENSIONS_E = -139, /* setting extensions error */ + + ASN_PARSE_E = -140, /* ASN parsing error, invalid input */ + ASN_VERSION_E = -141, /* ASN version error, invalid number */ + ASN_GETINT_E = -142, /* ASN get big int error, invalid data */ + ASN_RSA_KEY_E = -143, /* ASN key init error, invalid input */ + ASN_OBJECT_ID_E = -144, /* ASN object id error, invalid id */ + ASN_TAG_NULL_E = -145, /* ASN tag error, not null */ + ASN_EXPECT_0_E = -146, /* ASN expect error, not zero */ + ASN_BITSTR_E = -147, /* ASN bit string error, wrong id */ + ASN_UNKNOWN_OID_E = -148, /* ASN oid error, unknown sum id */ + ASN_DATE_SZ_E = -149, /* ASN date error, bad size */ + ASN_BEFORE_DATE_E = -150, /* ASN date error, current date before */ + ASN_AFTER_DATE_E = -151, /* ASN date error, current date after */ + ASN_SIG_OID_E = -152, /* ASN signature error, mismatched oid */ + ASN_TIME_E = -153, /* ASN time error, unknown time type */ + ASN_INPUT_E = -154, /* ASN input error, not enough data */ + ASN_SIG_CONFIRM_E = -155, /* ASN sig error, confirm failure */ + ASN_SIG_HASH_E = -156, /* ASN sig error, unsupported hash type */ + ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */ + ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */ + KDF_SRTP_KAT_FIPS_E = -159, /* SRTP-KDF Known Answer Test Failure */ + ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */ + ASN_ALT_NAME_E = -161, /* ASN alternate name error */ + ASN_NO_PEM_HEADER = -162, /* ASN no PEM header found */ + ED25519_KAT_FIPS_E = -163, /* Ed25519 Known answer test failure */ + ED448_KAT_FIPS_E = -164, /* Ed448 Known answer test failure */ + PBKDF2_KAT_FIPS_E = -165, /* PBKDF2 Known answer test failure */ /* -166..-169 unused. */ -#define ECC_BAD_ARG_E -170 /* ECC input argument of wrong type */ -#define ASN_ECC_KEY_E -171 /* ASN ECC bad input */ -#define ECC_CURVE_OID_E -172 /* Unsupported ECC OID curve type */ -#define BAD_FUNC_ARG -173 /* Bad function argument provided */ -#define NOT_COMPILED_IN -174 /* Feature not compiled in */ -#define UNICODE_SIZE_E -175 /* Unicode password too big */ -#define NO_PASSWORD -176 /* no password provided by user */ -#define ALT_NAME_E -177 /* alt name size problem, too big */ -#define BAD_OCSP_RESPONDER -178 /* missing key usage extensions */ -#define CRL_CERT_DATE_ERR -179 /* CRL date error */ - -#define AES_GCM_AUTH_E -180 /* AES-GCM Authentication check failure */ -#define AES_CCM_AUTH_E -181 /* AES-CCM Authentication check failure */ - -#define ASYNC_INIT_E -182 /* Async Init type error */ - -#define COMPRESS_INIT_E -183 /* Compress init error */ -#define COMPRESS_E -184 /* Compress error */ -#define DECOMPRESS_INIT_E -185 /* DeCompress init error */ -#define DECOMPRESS_E -186 /* DeCompress error */ - -#define BAD_ALIGN_E -187 /* Bad alignment for operation, no alloc */ -#define ASN_NO_SIGNER_E -188 /* ASN no signer to confirm failure */ -#define ASN_CRL_CONFIRM_E -189 /* ASN CRL signature confirm failure */ -#define ASN_CRL_NO_SIGNER_E -190 /* ASN CRL no signer to confirm failure */ -#define ASN_OCSP_CONFIRM_E -191 /* ASN OCSP signature confirm failure */ - -#define BAD_STATE_E -192 /* Bad state operation */ -#define BAD_PADDING_E -193 /* Bad padding, msg not correct length */ - -#define REQ_ATTRIBUTE_E -194 /* setting cert request attributes error */ - -#define PKCS7_OID_E -195 /* PKCS#7, mismatched OID error */ -#define PKCS7_RECIP_E -196 /* PKCS#7, recipient error */ -#define FIPS_NOT_ALLOWED_E -197 /* FIPS not allowed error */ -#define ASN_NAME_INVALID_E -198 /* ASN name constraint error */ - -#define RNG_FAILURE_E -199 /* RNG Failed, Reinitialize */ -#define HMAC_MIN_KEYLEN_E -200 /* FIPS Mode HMAC Minimum Key Length error */ -#define RSA_PAD_E -201 /* RSA Padding Error */ -#define LENGTH_ONLY_E -202 /* Returning output length only */ - -#define IN_CORE_FIPS_E -203 /* In Core Integrity check failure */ -#define AES_KAT_FIPS_E -204 /* AES KAT failure */ -#define DES3_KAT_FIPS_E -205 /* DES3 KAT failure */ -#define HMAC_KAT_FIPS_E -206 /* HMAC KAT failure */ -#define RSA_KAT_FIPS_E -207 /* RSA KAT failure */ -#define DRBG_KAT_FIPS_E -208 /* HASH DRBG KAT failure */ -#define DRBG_CONT_FIPS_E -209 /* HASH DRBG Continuous test failure */ -#define AESGCM_KAT_FIPS_E -210 /* AESGCM KAT failure */ -#define THREAD_STORE_KEY_E -211 /* Thread local storage key create failure */ -#define THREAD_STORE_SET_E -212 /* Thread local storage key set failure */ - -#define MAC_CMP_FAILED_E -213 /* MAC comparison failed */ -#define IS_POINT_E -214 /* ECC is point on curve failed */ -#define ECC_INF_E -215 /* ECC point infinity error */ -#define ECC_PRIV_KEY_E -216 /* ECC private key not valid error */ -#define ECC_OUT_OF_RANGE_E -217 /* ECC key component out of range */ - -#define SRP_CALL_ORDER_E -218 /* SRP function called in the wrong order. */ -#define SRP_VERIFY_E -219 /* SRP proof verification failed. */ -#define SRP_BAD_KEY_E -220 /* SRP bad ephemeral values. */ - -#define ASN_NO_SKID -221 /* ASN no Subject Key Identifier found */ -#define ASN_NO_AKID -222 /* ASN no Authority Key Identifier found */ -#define ASN_NO_KEYUSAGE -223 /* ASN no Key Usage found */ -#define SKID_E -224 /* setting Subject Key Identifier error */ -#define AKID_E -225 /* setting Authority Key Identifier error */ -#define KEYUSAGE_E -226 /* Bad Key Usage value */ -#define CERTPOLICIES_E -227 /* setting Certificate Policies error */ -#define WC_INIT_E -228 /* wolfcrypt failed to initialize */ -#define SIG_VERIFY_E -229 /* wolfcrypt signature verify error */ -#define BAD_COND_E -230 /* Bad condition variable operation */ -#define SIG_TYPE_E -231 /* Signature Type not enabled/available */ -#define HASH_TYPE_E -232 /* Hash Type not enabled/available */ -#define FIPS_INVALID_VER_E -233 /* Invalid FIPS Version defined */ -#define WC_KEY_SIZE_E -234 /* Key size error, either too small or large */ -#define ASN_COUNTRY_SIZE_E -235 /* ASN Cert Gen, invalid country code size */ -#define MISSING_RNG_E -236 /* RNG required but not provided */ -#define ASN_PATHLEN_SIZE_E -237 /* ASN CA path length too large error */ -#define ASN_PATHLEN_INV_E -238 /* ASN CA path length inversion error */ - -#define BAD_KEYWRAP_ALG_E -239 -#define BAD_KEYWRAP_IV_E -240 /* Decrypted AES key wrap IV incorrect */ -#define WC_CLEANUP_E -241 /* wolfcrypt cleanup failed */ -#define ECC_CDH_KAT_FIPS_E -242 /* ECC CDH Known Answer Test failure */ -#define DH_CHECK_PUB_E -243 /* DH Check Pub Key error */ -#define BAD_PATH_ERROR -244 /* Bad path for opendir */ - -#define ASYNC_OP_E -245 /* Async operation error */ - -#define ECC_PRIVATEONLY_E -246 /* Invalid use of private only ECC key*/ -#define EXTKEYUSAGE_E -247 /* Bad Extended Key Usage value */ -#define WC_HW_E -248 /* Error with hardware crypto use */ -#define WC_HW_WAIT_E -249 /* Hardware waiting on resource */ - -#define PSS_SALTLEN_E -250 /* PSS length of salt is too long for hash */ -#define PRIME_GEN_E -251 /* Failure finding a prime. */ -#define BER_INDEF_E -252 /* Cannot decode indefinite length BER. */ -#define RSA_OUT_OF_RANGE_E -253 /* Ciphertext to decrypt out of range. */ -#define RSAPSS_PAT_FIPS_E -254 /* RSA-PSS PAT failure */ -#define ECDSA_PAT_FIPS_E -255 /* ECDSA PAT failure */ -#define DH_KAT_FIPS_E -256 /* DH KAT failure */ -#define AESCCM_KAT_FIPS_E -257 /* AESCCM KAT failure */ -#define SHA3_KAT_FIPS_E -258 /* SHA-3 KAT failure */ -#define ECDHE_KAT_FIPS_E -259 /* ECDHE KAT failure */ -#define AES_GCM_OVERFLOW_E -260 /* AES-GCM invocation counter overflow. */ -#define AES_CCM_OVERFLOW_E -261 /* AES-CCM invocation counter overflow. */ -#define RSA_KEY_PAIR_E -262 /* RSA Key Pair-Wise Consistency check fail. */ -#define DH_CHECK_PRIV_E -263 /* DH Check Priv Key error */ - -#define WC_AFALG_SOCK_E -264 /* AF_ALG socket error */ -#define WC_DEVCRYPTO_E -265 /* /dev/crypto error */ - -#define ZLIB_INIT_ERROR -266 /* zlib init error */ -#define ZLIB_COMPRESS_ERROR -267 /* zlib compression error */ -#define ZLIB_DECOMPRESS_ERROR -268 /* zlib decompression error */ - -#define PKCS7_NO_SIGNER_E -269 /* No signer in PKCS#7 signed data msg */ -#define WC_PKCS7_WANT_READ_E -270 /* PKCS7 operations wants more input */ - -#define CRYPTOCB_UNAVAILABLE -271 /* Crypto callback unavailable */ -#define PKCS7_SIGNEEDS_CHECK -272 /* signature needs verified by caller */ -#define PSS_SALTLEN_RECOVER_E -273 /* PSS slat length not recoverable */ -#define CHACHA_POLY_OVERFLOW -274 /* ChaCha20Poly1305 limit overflow */ -#define ASN_SELF_SIGNED_E -275 /* ASN self-signed certificate error */ -#define SAKKE_VERIFY_FAIL_E -276 /* SAKKE derivation verification error */ -#define MISSING_IV -277 /* IV was not set */ -#define MISSING_KEY -278 /* Key was not set */ -#define BAD_LENGTH_E -279 /* Value of length parameter is invalid. */ -#define ECDSA_KAT_FIPS_E -280 /* ECDSA KAT failure */ -#define RSA_PAT_FIPS_E -281 /* RSA Pairwise failure */ -#define KDF_TLS12_KAT_FIPS_E -282 /* TLS12 KDF KAT failure */ -#define KDF_TLS13_KAT_FIPS_E -283 /* TLS13 KDF KAT failure */ -#define KDF_SSH_KAT_FIPS_E -284 /* SSH KDF KAT failure */ -#define DHE_PCT_E -285 /* DHE Pairwise Consistency Test failure */ -#define ECC_PCT_E -286 /* ECDHE Pairwise Consistency Test failure */ -#define FIPS_PRIVATE_KEY_LOCKED_E -287 /* Cannot export private key. */ -#define PROTOCOLCB_UNAVAILABLE -288 /* Protocol callback unavailable */ -#define AES_SIV_AUTH_E -289 /* AES-SIV authentication failed */ -#define NO_VALID_DEVID -290 /* no valid device ID */ - -#define IO_FAILED_E -291 /* Input/output failure */ -#define SYSLIB_FAILED_E -292 /* System/library call failed */ -#define USE_HW_PSK -293 /* Callback return to indicate HW has PSK */ - -#define ENTROPY_RT_E -294 /* Entropy Repetition Test failed */ -#define ENTROPY_APT_E -295 /* Entropy Adaptive Proportion Test failed */ - -#define ASN_DEPTH_E -296 /* Invalid ASN.1 - depth check */ -#define ASN_LEN_E -297 /* ASN.1 length invalid */ - -#define SM4_GCM_AUTH_E -298 /* SM4-GCM Authentication check failure */ -#define SM4_CCM_AUTH_E -299 /* SM4-CCM Authentication check failure */ - -#define WC_LAST_E -299 /* Update this to indicate last error */ -#define MIN_CODE_E -300 /* errors -2 - -299 */ + ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */ + ASN_ECC_KEY_E = -171, /* ASN ECC bad input */ + ECC_CURVE_OID_E = -172, /* Unsupported ECC OID curve type */ + BAD_FUNC_ARG = -173, /* Bad function argument provided */ + NOT_COMPILED_IN = -174, /* Feature not compiled in */ + UNICODE_SIZE_E = -175, /* Unicode password too big */ + NO_PASSWORD = -176, /* no password provided by user */ + ALT_NAME_E = -177, /* alt name size problem, too big */ + BAD_OCSP_RESPONDER = -178, /* missing key usage extensions */ + CRL_CERT_DATE_ERR = -179, /* CRL date error */ + + AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */ + AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */ + + ASYNC_INIT_E = -182, /* Async Init type error */ + + COMPRESS_INIT_E = -183, /* Compress init error */ + COMPRESS_E = -184, /* Compress error */ + DECOMPRESS_INIT_E = -185, /* DeCompress init error */ + DECOMPRESS_E = -186, /* DeCompress error */ + + BAD_ALIGN_E = -187, /* Bad alignment for operation, no alloc */ + ASN_NO_SIGNER_E = -188, /* ASN no signer to confirm failure */ + ASN_CRL_CONFIRM_E = -189, /* ASN CRL signature confirm failure */ + ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */ + ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */ + + BAD_STATE_E = -192, /* Bad state operation */ + BAD_PADDING_E = -193, /* Bad padding, msg not correct length */ + + REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */ + + PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */ + PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */ + FIPS_NOT_ALLOWED_E = -197, /* FIPS not allowed error */ + ASN_NAME_INVALID_E = -198, /* ASN name constraint error */ + + RNG_FAILURE_E = -199, /* RNG Failed, Reinitialize */ + HMAC_MIN_KEYLEN_E = -200, /* FIPS Mode HMAC Minimum Key Length error */ + RSA_PAD_E = -201, /* RSA Padding Error */ + LENGTH_ONLY_E = -202, /* Returning output length only */ + + IN_CORE_FIPS_E = -203, /* In Core Integrity check failure */ + AES_KAT_FIPS_E = -204, /* AES KAT failure */ + DES3_KAT_FIPS_E = -205, /* DES3 KAT failure */ + HMAC_KAT_FIPS_E = -206, /* HMAC KAT failure */ + RSA_KAT_FIPS_E = -207, /* RSA KAT failure */ + DRBG_KAT_FIPS_E = -208, /* HASH DRBG KAT failure */ + DRBG_CONT_FIPS_E = -209, /* HASH DRBG Continuous test failure */ + AESGCM_KAT_FIPS_E = -210, /* AESGCM KAT failure */ + THREAD_STORE_KEY_E = -211, /* Thread local storage key create failure */ + THREAD_STORE_SET_E = -212, /* Thread local storage key set failure */ + + MAC_CMP_FAILED_E = -213, /* MAC comparison failed */ + IS_POINT_E = -214, /* ECC is point on curve failed */ + ECC_INF_E = -215, /* ECC point infinity error */ + ECC_PRIV_KEY_E = -216, /* ECC private key not valid error */ + ECC_OUT_OF_RANGE_E = -217, /* ECC key component out of range */ + + SRP_CALL_ORDER_E = -218, /* SRP function called in the wrong order. */ + SRP_VERIFY_E = -219, /* SRP proof verification failed. */ + SRP_BAD_KEY_E = -220, /* SRP bad ephemeral values. */ + + ASN_NO_SKID = -221, /* ASN no Subject Key Identifier found */ + ASN_NO_AKID = -222, /* ASN no Authority Key Identifier found */ + ASN_NO_KEYUSAGE = -223, /* ASN no Key Usage found */ + SKID_E = -224, /* setting Subject Key Identifier error */ + AKID_E = -225, /* setting Authority Key Identifier error */ + KEYUSAGE_E = -226, /* Bad Key Usage value */ + CERTPOLICIES_E = -227, /* setting Certificate Policies error */ + + WC_INIT_E = -228, /* wolfcrypt failed to initialize */ + SIG_VERIFY_E = -229, /* wolfcrypt signature verify error */ + BAD_COND_E = -230, /* Bad condition variable operation */ + SIG_TYPE_E = -231, /* Signature Type not enabled/available + * NOTE: 1024-bit sign disabled in FIPS mode */ + HASH_TYPE_E = -232, /* Hash Type not enabled/available */ + + FIPS_INVALID_VER_E = -233, /* Invalid FIPS Version defined */ + + WC_KEY_SIZE_E = -234, /* Key size error, either too small or large */ + ASN_COUNTRY_SIZE_E = -235, /* ASN Cert Gen, invalid country code size */ + MISSING_RNG_E = -236, /* RNG required but not provided */ + ASN_PATHLEN_SIZE_E = -237, /* ASN CA path length too large error */ + ASN_PATHLEN_INV_E = -238, /* ASN CA path length inversion error */ + + BAD_KEYWRAP_ALG_E = -239, + BAD_KEYWRAP_IV_E = -240, /* Decrypted AES key wrap IV incorrect */ + WC_CLEANUP_E = -241, /* wolfcrypt cleanup failed */ + ECC_CDH_KAT_FIPS_E = -242, /* ECC CDH Known Answer Test failure */ + DH_CHECK_PUB_E = -243, /* DH Check Pub Key error */ + BAD_PATH_ERROR = -244, /* Bad path for opendir */ + + ASYNC_OP_E = -245, /* Async operation error */ + + ECC_PRIVATEONLY_E = -246, /* Invalid use of private only ECC key*/ + EXTKEYUSAGE_E = -247, /* Bad Extended Key Usage value */ + WC_HW_E = -248, /* Error with hardware crypto use */ + WC_HW_WAIT_E = -249, /* Hardware waiting on resource */ + + PSS_SALTLEN_E = -250, /* PSS length of salt is too long for hash */ + PRIME_GEN_E = -251, /* Failure finding a prime. */ + BER_INDEF_E = -252, /* Cannot decode indefinite length BER. */ + RSA_OUT_OF_RANGE_E = -253, /* Ciphertext to decrypt out of range. */ + RSAPSS_PAT_FIPS_E = -254, /* RSA-PSS PAT failure */ + ECDSA_PAT_FIPS_E = -255, /* ECDSA PAT failure */ + DH_KAT_FIPS_E = -256, /* DH KAT failure */ + AESCCM_KAT_FIPS_E = -257, /* AESCCM KAT failure */ + SHA3_KAT_FIPS_E = -258, /* SHA-3 KAT failure */ + ECDHE_KAT_FIPS_E = -259, /* ECDHE KAT failure */ + AES_GCM_OVERFLOW_E = -260, /* AES-GCM invocation counter overflow. */ + AES_CCM_OVERFLOW_E = -261, /* AES-CCM invocation counter overflow. */ + RSA_KEY_PAIR_E = -262, /* RSA Key Pair-Wise Consistency check fail. */ + DH_CHECK_PRIV_E = -263, /* DH Check Priv Key error */ + + WC_AFALG_SOCK_E = -264, /* AF_ALG socket error */ + WC_DEVCRYPTO_E = -265, /* /dev/crypto error */ + + ZLIB_INIT_ERROR = -266, /* zlib init error */ + ZLIB_COMPRESS_ERROR = -267, /* zlib compression error */ + ZLIB_DECOMPRESS_ERROR = -268, /* zlib decompression error */ + + PKCS7_NO_SIGNER_E = -269, /* No signer in PKCS#7 signed data msg */ + WC_PKCS7_WANT_READ_E= -270, /* PKCS7 operations wants more input */ + + CRYPTOCB_UNAVAILABLE= -271, /* Crypto callback unavailable */ + PKCS7_SIGNEEDS_CHECK= -272, /* signature needs verified by caller */ + PSS_SALTLEN_RECOVER_E=-273, /* PSS slat length not recoverable */ + CHACHA_POLY_OVERFLOW =-274, /* ChaCha20Poly1305 limit overflow */ + ASN_SELF_SIGNED_E = -275, /* ASN self-signed certificate error */ + SAKKE_VERIFY_FAIL_E = -276, /* SAKKE derivation verification error */ + MISSING_IV = -277, /* IV was not set */ + MISSING_KEY = -278, /* Key was not set */ + BAD_LENGTH_E = -279, /* Value of length parameter is invalid. */ + ECDSA_KAT_FIPS_E = -280, /* ECDSA KAT failure */ + RSA_PAT_FIPS_E = -281, /* RSA Pairwise failure */ + KDF_TLS12_KAT_FIPS_E = -282, /* TLS12 KDF KAT failure */ + KDF_TLS13_KAT_FIPS_E = -283, /* TLS13 KDF KAT failure */ + KDF_SSH_KAT_FIPS_E = -284, /* SSH KDF KAT failure */ + DHE_PCT_E = -285, /* DHE Pairwise Consistency Test failure */ + ECC_PCT_E = -286, /* ECDHE Pairwise Consistency Test failure */ + FIPS_PRIVATE_KEY_LOCKED_E = -287, /* Cannot export private key. */ + PROTOCOLCB_UNAVAILABLE = -288, /* Protocol callback unavailable */ + AES_SIV_AUTH_E = -289, /* AES-SIV authentication failed */ + NO_VALID_DEVID = -290, /* no valid device ID */ + + IO_FAILED_E = -291, /* Input/output failure */ + SYSLIB_FAILED_E = -292, /* System/library call failed */ + USE_HW_PSK = -293, /* Callback return to indicate HW has PSK */ + + ENTROPY_RT_E = -294, /* Entropy Repetition Test failed */ + ENTROPY_APT_E = -295, /* Entropy Adaptive Proportion Test failed */ + + ASN_DEPTH_E = -296, /* Invalid ASN.1 - depth check */ + ASN_LEN_E = -297, /* ASN.1 length invalid */ + + SM4_GCM_AUTH_E = -298, /* SM4-GCM Authentication check failure */ + SM4_CCM_AUTH_E = -299, /* SM4-CCM Authentication check failure */ + + WC_LAST_E = -299, /* Update this to indicate last error */ + MIN_CODE_E = -300 /* errors -2 - -299 */ /* add new companion error id strings for any new error codes wolfcrypt/src/error.c !!! */ +}; #ifdef NO_ERROR_STRINGS #define wc_GetErrorString(error) "no support for error strings built in" diff --git a/wolfssl/wolfcrypt/poly1305.h b/wolfssl/wolfcrypt/poly1305.h index be82873222..bcc48a6298 100644 --- a/wolfssl/wolfcrypt/poly1305.h +++ b/wolfssl/wolfcrypt/poly1305.h @@ -63,9 +63,11 @@ #define POLY130532 #endif -#define POLY1305 7 -#define POLY1305_BLOCK_SIZE 16 -#define POLY1305_DIGEST_SIZE 16 +enum { + POLY1305 = 7, + POLY1305_BLOCK_SIZE = 16, + POLY1305_DIGEST_SIZE = 16 +}; #define WC_POLY1305_PAD_SZ 16 #define WC_POLY1305_MAC_SZ 16 diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 8190ec3f88..04322f0542 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -1000,7 +1000,7 @@ typedef struct w64wrapper { /* memory allocation types for user hints */ - enum { + enum dynamicTypes { DYNAMIC_TYPE_CA = 1, DYNAMIC_TYPE_CERT = 2, DYNAMIC_TYPE_KEY = 3,