diff --git a/src/keys.c b/src/keys.c index b13fbdf5b8..b5b982c1b3 100644 --- a/src/keys.c +++ b/src/keys.c @@ -3318,9 +3318,7 @@ int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, DYNAMIC_TYPE_CIPHER); if (enc->hmac == NULL) return MEMORY_E; - } - if (enc) { if (wc_HmacInit(enc->hmac, heap, devId) != 0) { WOLFSSL_MSG("HmacInit failed in SetKeys"); XFREE(enc->hmac, heap, DYNAMIC_TYPE_CIPHER); @@ -3334,9 +3332,7 @@ int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, DYNAMIC_TYPE_CIPHER); if (dec->hmac == NULL) return MEMORY_E; - } - if (dec) { if (wc_HmacInit(dec->hmac, heap, devId) != 0) { WOLFSSL_MSG("HmacInit failed in SetKeys"); XFREE(dec->hmac, heap, DYNAMIC_TYPE_CIPHER); diff --git a/src/tls13.c b/src/tls13.c index 90e4568f40..e8268939ba 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -2534,7 +2534,6 @@ static int Tls13IntegrityOnly_Encrypt(WOLFSSL* ssl, byte* output, /* Copy the input to output if not the same buffer */ if (ret == 0 && output != input) XMEMCPY(output, input, sz); - return ret; } #endif @@ -2930,7 +2929,6 @@ static int Tls13IntegrityOnly_Decrypt(WOLFSSL* ssl, byte* output, /* Copy the input to output if not the same buffer */ if (ret == 0 && output != input) XMEMCPY(output, input, sz); - return ret; } #endif @@ -3612,7 +3610,7 @@ int CreateCookieExt(const WOLFSSL* ssl, byte* hash, word16 hashSz, macSz = WC_SHA256_DIGEST_SIZE; #endif /* NO_SHA256 */ - ret = wc_HmacInit(&cookieHmac, ssl->heap, INVALID_DEVID); + ret = wc_HmacInit(&cookieHmac, ssl->heap, ssl->devId); if (ret == 0) { ret = wc_HmacSetKey(&cookieHmac, cookieType, ssl->buffers.tls13CookieSecret.buffer, @@ -6394,7 +6392,7 @@ int TlsCheckCookie(const WOLFSSL* ssl, const byte* cookie, word16 cookieSz) return HRR_COOKIE_ERROR; cookieSz -= macSz; - ret = wc_HmacInit(&cookieHmac, ssl->heap, INVALID_DEVID); + ret = wc_HmacInit(&cookieHmac, ssl->heap, ssl->devId); if (ret == 0) { ret = wc_HmacSetKey(&cookieHmac, cookieType, ssl->buffers.tls13CookieSecret.buffer, diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 89af92a030..6a6b494035 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -10026,7 +10026,8 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv, #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI) if ((ret == 0) && (aes->streamData == NULL)) { /* Allocate buffers for streaming. */ - aes->streamData = (byte*)XMALLOC(5 * AES_BLOCK_SIZE, aes->heap, + aes->streamData_sz = 5 * AES_BLOCK_SIZE; + aes->streamData = (byte*)XMALLOC(aes->streamData_sz, aes->heap, DYNAMIC_TYPE_AES); if (aes->streamData == NULL) { ret = MEMORY_E; @@ -10513,7 +10514,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, WC_RNG* rng) { #ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; + Aes *aes; #else Aes aes[1]; #endif @@ -10526,25 +10527,24 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, } #ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else + ret = wc_AesInit(aes, NULL, INVALID_DEVID); #endif + if (ret != 0) + return ret; - ret = wc_AesInit(aes, NULL, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesGcmSetKey(aes, key, keySz); - if (ret == 0) - ret = wc_AesGcmSetIV(aes, ivSz, NULL, 0, rng); - if (ret == 0) - ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz, + ret = wc_AesGcmSetKey(aes, key, keySz); + if (ret == 0) + ret = wc_AesGcmSetIV(aes, ivSz, NULL, 0, rng); + if (ret == 0) + ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz, authTag, authTagSz, authIn, authInSz); - aes->isAllocated = 0; - wc_AesFree(aes); - } - ForceZero(aes, sizeof *aes); + #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); + wc_AesDelete(aes, NULL); +#else + wc_AesFree(aes); #endif return ret; @@ -10570,24 +10570,21 @@ int wc_GmacVerify(const byte* key, word32 keySz, } #ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; -#endif - + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else ret = wc_AesInit(aes, NULL, INVALID_DEVID); +#endif if (ret == 0) { ret = wc_AesGcmSetKey(aes, key, keySz); if (ret == 0) ret = wc_AesGcmDecrypt(aes, NULL, NULL, 0, iv, ivSz, authTag, authTagSz, authIn, authInSz); - aes->isAllocated = 0; - wc_AesFree(aes); } - ForceZero(aes, sizeof *aes); #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); + wc_AesDelete(aes, NULL); +#else + wc_AesFree(aes); #endif #else (void)key; @@ -11299,22 +11296,41 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz, #endif /* HAVE_AESCCM */ -Aes* wc_AesNew(void* heap, int devId) +#ifndef WC_NO_CONSTRUCTORS +Aes* wc_AesNew(void* heap, int devId, int *result_code) { + int ret; Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); - if (aes != NULL) { - if (wc_AesInit(aes, heap, devId) != 0) { + if (aes == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_AesInit(aes, heap, devId); + if (ret != 0) { XFREE(aes, heap, DYNAMIC_TYPE_AES); aes = NULL; } - else { - aes->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return aes; } -/* Initialize Aes for use with async hardware */ +int wc_AesDelete(Aes *aes, Aes** aes_p) +{ + if (aes == NULL) + return BAD_FUNC_ARG; + wc_AesFree(aes); + XFREE(aes, aes->heap, DYNAMIC_TYPE_AES); + if (aes_p != NULL) + *aes_p = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ + +/* Initialize Aes */ int wc_AesInit(Aes* aes, void* heap, int devId) { int ret = 0; @@ -11322,18 +11338,12 @@ int wc_AesInit(Aes* aes, void* heap, int devId) if (aes == NULL) return BAD_FUNC_ARG; - aes->isAllocated = 0; - aes->heap = heap; - aes->rounds = 0; + XMEMSET(aes, 0, sizeof(*aes)); -#ifdef WOLFSSL_AESNI - /* clear here for the benefit of wc_AesGcmInit(). */ - aes->use_aesni = 0; -#endif + aes->heap = heap; #ifdef WOLF_CRYPTO_CB aes->devId = devId; - aes->devCtx = NULL; #else (void)devId; #endif @@ -11346,51 +11356,18 @@ int wc_AesInit(Aes* aes, void* heap, int devId) aes->alFd = WC_SOCK_NOTSET; aes->rdFd = WC_SOCK_NOTSET; #endif -#ifdef WOLFSSL_KCAPI_AES - aes->handle = NULL; - aes->init = 0; -#endif #if defined(WOLFSSL_DEVCRYPTO) && \ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) aes->ctx.cfd = -1; #endif -#if defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES) - XMEMSET(&aes->ctx, 0, sizeof(aes->ctx)); -#endif #if defined(WOLFSSL_IMXRT_DCP) DCPAesInit(aes); #endif -#ifdef WOLFSSL_MAXQ10XX_CRYPTO - XMEMSET(&aes->maxq_ctx, 0, sizeof(aes->maxq_ctx)); -#endif - -#ifdef HAVE_AESGCM -#ifdef OPENSSL_EXTRA - XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH)); - aes->gcm.aadLen = 0; -#endif -#endif - -#ifdef WOLFSSL_AESGCM_STREAM -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI) - aes->streamData = NULL; -#endif - aes->keylen = 0; - aes->nonceSz = 0; - aes->gcmKeySet = 0; - aes->nonceSet = 0; - aes->ctrSet = 0; -#endif - #if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES) ret = wc_psa_aes_init(aes); #endif -#if defined(WOLFSSL_RENESAS_FSPSM) - XMEMSET(&aes->ctx, 0, sizeof(aes->ctx)); -#endif - #ifdef WC_DEBUG_CIPHER_LIFECYCLE if (ret == 0) ret = wc_debug_CipherLifecycleInit(&aes->CipherLifecycleTag, aes->heap); @@ -11445,21 +11422,15 @@ int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId) } #endif -/* Free Aes from use with async hardware */ +/* Free Aes resources */ void wc_AesFree(Aes* aes) { - void* heap; - byte isAllocated; - if (aes == NULL) { return; } - heap = aes->heap; - isAllocated = aes->isAllocated; - #ifdef WC_DEBUG_CIPHER_LIFECYCLE - (void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, heap, 1); + (void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1); #endif #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES) @@ -11497,8 +11468,11 @@ void wc_AesFree(Aes* aes) #endif #if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \ !defined(WOLFSSL_AESNI) - XFREE(aes->streamData, heap, DYNAMIC_TYPE_AES); - aes->streamData = NULL; + if (aes->streamData != NULL) { + ForceZero(aes->streamData, aes->streamData_sz); + XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES); + aes->streamData = NULL; + } #endif #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT) @@ -11521,14 +11495,11 @@ void wc_AesFree(Aes* aes) wc_fspsm_Aesfree(aes); #endif + ForceZero(aes, sizeof(Aes)); + #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(aes, sizeof(Aes)); #endif - - if (isAllocated) { - XFREE(aes, heap, DYNAMIC_TYPE_AES); - } - } int wc_AesGetKeySize(Aes* aes, word32* keySize) @@ -14017,29 +13988,17 @@ static WARN_UNUSED_RESULT int AesSivCipher( } } -#ifdef WOLFSSL_SMALL_STACK - if (ret == 0) { - aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_AES); - if (aes == NULL) { - ret = MEMORY_E; - } - } -#endif - if (ret == 0) { +#ifdef WOLFSSL_SMALL_STACK + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else ret = wc_AesInit(aes, NULL, INVALID_DEVID); +#endif if (ret != 0) { WOLFSSL_MSG("Failed to initialized AES object."); } } -#ifndef WOLFSSL_SMALL_STACK - /* make aes has heap hint and isAllocated initialized for cleanup below */ - if (ret != 0) { - XMEMSET(aes, 0, sizeof(Aes)); - } -#endif - if (ret == 0 && dataSz > 0) { sivTmp[12] &= 0x7f; sivTmp[8] &= 0x7f; @@ -14070,14 +14029,10 @@ static WARN_UNUSED_RESULT int AesSivCipher( } #ifdef WOLFSSL_SMALL_STACK - if (aes != NULL) + wc_AesDelete(aes, NULL); +#else + wc_AesFree(aes); #endif - { - wc_AesFree(aes); - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); - #endif - } return ret; } diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c index db3205a041..7641055b44 100644 --- a/wolfcrypt/src/curve25519.c +++ b/wolfcrypt/src/curve25519.c @@ -655,22 +655,40 @@ int wc_curve25519_import_private_ex(const byte* priv, word32 privSz, #endif /* HAVE_CURVE25519_KEY_IMPORT */ -curve25519_key* wc_curve25519_new(void* heap, int devId) +#ifndef WC_NO_CONSTRUCTORS +curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code) { + int ret; curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap, DYNAMIC_TYPE_CURVE25519); - if (key != NULL) { - if (wc_curve25519_init_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_curve25519_init_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } +int wc_curve25519_delete(curve25519_key* key, curve25519_key** key_p) { + if (key == NULL) + return BAD_FUNC_ARG; + wc_curve25519_free(key); + XFREE(key, key->heap, DYNAMIC_TYPE_CURVE25519); + if (key_p != NULL) + *key_p = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ + int wc_curve25519_init_ex(curve25519_key* key, void* heap, int devId) { if (key == NULL) @@ -707,33 +725,18 @@ int wc_curve25519_init(curve25519_key* key) /* Clean the memory of a key */ void wc_curve25519_free(curve25519_key* key) { - void* heap; - byte isAllocated = 0; - if (key == NULL) return; - heap = key->heap; - isAllocated = key->isAllocated; - #ifdef WOLFSSL_SE050 se050_curve25519_free_key(key); #endif - key->dp = NULL; - ForceZero(key->k, sizeof(key->k)); - XMEMSET(&key->p, 0, sizeof(key->p)); - key->pubSet = 0; - key->privSet = 0; + ForceZero(key, sizeof(*key)); #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(key, sizeof(curve25519_key)); #endif - - if (isAllocated) { - XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); - (void)heap; - } } /* get key size */ diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c index a000453880..09777dde76 100644 --- a/wolfcrypt/src/ed25519.c +++ b/wolfcrypt/src/ed25519.c @@ -968,23 +968,39 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, } #endif /* HAVE_ED25519_VERIFY */ -#ifndef WOLFSSL_NO_MALLOC -ed25519_key* wc_ed25519_new(void* heap, int devId) +#ifndef WC_NO_CONSTRUCTORS +ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code) { + int ret; ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, DYNAMIC_TYPE_ED25519); - if (key != NULL) { - if (wc_ed25519_init_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_ed25519_init_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_ED25519); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } -#endif + +int wc_ed25519_delete(ed25519_key* key, ed25519_key** key_p) { + if (key == NULL) + return BAD_FUNC_ARG; + wc_ed25519_free(key); + XFREE(key, key->heap, DYNAMIC_TYPE_ED25519); + if (key_p != NULL) + *key_p = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ /* initialize information and memory for key */ int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId) @@ -1025,15 +1041,9 @@ int wc_ed25519_init(ed25519_key* key) /* clear memory of key */ void wc_ed25519_free(ed25519_key* key) { - void* heap; - byte isAllocated = 0; - if (key == NULL) return; - heap = key->heap; - isAllocated = key->isAllocated; - #ifdef WOLFSSL_ED25519_PERSISTENT_SHA ed25519_hash_free(key, &key->sha); #endif @@ -1046,12 +1056,6 @@ void wc_ed25519_free(ed25519_key* key) #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(key, sizeof(ed25519_key)); #endif - - if (isAllocated) { - XFREE(key, heap, DYNAMIC_TYPE_ED25519); - (void)heap; - } - } diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index 4249c39ea9..b16c47dcb1 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -686,23 +686,43 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data, NULL, INVALID_DEVID); } -#ifndef WOLFSSL_NO_MALLOC -wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId) +#ifndef WC_NO_CONSTRUCTORS +wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, + int *result_code) { + int ret; wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, DYNAMIC_TYPE_HASHES); - if (hash != NULL) { - if (wc_HashInit_ex(hash, type, heap, devId) != 0) { + if (hash == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_HashInit_ex(hash, type, heap, devId); + if (ret != 0) { XFREE(hash, heap, DYNAMIC_TYPE_HASHES); hash = NULL; } - else { - hash->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return hash; } -#endif + +int wc_HashDelete(wc_HashAlg *hash, wc_HashAlg **hash_p) { + int ret; + if (hash == NULL) + return BAD_FUNC_ARG; + ret = wc_HashFree(hash, hash->type); + if (ret < 0) + return ret; + XFREE(hash, hash->heap, DYNAMIC_TYPE_HASHES); + if (hash_p != NULL) + *hash_p = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, int devId) @@ -712,9 +732,14 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, if (hash == NULL) return BAD_FUNC_ARG; - hash->isAllocated = 0; hash->type = type; +#ifdef WC_NO_CONSTRUCTORS + (void)heap; +#else + hash->heap = heap; +#endif + switch (type) { case WC_HASH_TYPE_MD5: #ifndef NO_MD5 @@ -808,7 +833,6 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, ret = BAD_FUNC_ARG; }; - (void)heap; (void)devId; return ret; @@ -1043,8 +1067,6 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out) int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) { int ret = WC_NO_ERR_TRACE(HASH_TYPE_E); /* Default to hash type error */ - void* heap = NULL; - byte isAllocated = 0; if (hash == NULL) return BAD_FUNC_ARG; @@ -1056,47 +1078,39 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) } #endif - isAllocated = hash->isAllocated; - switch (type) { case WC_HASH_TYPE_MD5: #ifndef NO_MD5 - heap = hash->alg.md5.heap; wc_Md5Free(&hash->alg.md5); ret = 0; #endif break; case WC_HASH_TYPE_SHA: #ifndef NO_SHA - heap = hash->alg.sha.heap; wc_ShaFree(&hash->alg.sha); ret = 0; #endif break; case WC_HASH_TYPE_SHA224: #ifdef WOLFSSL_SHA224 - heap = hash->alg.sha224.heap; wc_Sha224Free(&hash->alg.sha224); ret = 0; #endif break; case WC_HASH_TYPE_SHA256: #ifndef NO_SHA256 - heap = hash->alg.sha256.heap; wc_Sha256Free(&hash->alg.sha256); ret = 0; #endif break; case WC_HASH_TYPE_SHA384: #ifdef WOLFSSL_SHA384 - heap = hash->alg.sha384.heap; wc_Sha384Free(&hash->alg.sha384); ret = 0; #endif break; case WC_HASH_TYPE_SHA512: #ifdef WOLFSSL_SHA512 - heap = hash->alg.sha512.heap; wc_Sha512Free(&hash->alg.sha512); ret = 0; #endif @@ -1123,7 +1137,6 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) #endif case WC_HASH_TYPE_SHA3_224: #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224) - heap = hash->alg.sha3.heap; wc_Sha3_224_Free(&hash->alg.sha3); ret = 0; #endif @@ -1149,7 +1162,6 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) #ifdef WOLFSSL_SM3 case WC_HASH_TYPE_SM3: - heap = hash->alg.sm3.heap; wc_Sm3Free(&hash->alg.sm3); ret = 0; break; @@ -1172,11 +1184,6 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type) ret = BAD_FUNC_ARG; }; - if (isAllocated) { - XFREE(hash, heap, DYNAMIC_TYPE_HASHES); - (void)heap; - } - return ret; } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 3cd4c324b2..f5ed3d3533 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -154,21 +154,40 @@ static void wc_RsaCleanup(RsaKey* key) #endif } -RsaKey* wc_NewRsaKey(void* heap, int devId) +#ifndef WC_NO_CONSTRUCTORS +RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code) { + int ret; RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key != NULL) { - if (wc_InitRsaKey_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_InitRsaKey_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_RSA); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } +int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p) +{ + if (key == NULL) + return BAD_FUNC_ARG; + wc_FreeRsaKey(key); + XFREE(key, key->heap, DYNAMIC_TYPE_RSA); + if (key_p != NULL) + *key_p = NULL; + return 0; +} +#endif /* !WC_NO_CONSTRUCTORS */ + int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId) { int ret = 0; @@ -542,16 +561,11 @@ int wc_RsaGetKeyId(RsaKey* key, word32* keyId) int wc_FreeRsaKey(RsaKey* key) { int ret = 0; - void* heap; - byte isAllocated = 0; if (key == NULL) { return BAD_FUNC_ARG; } - heap = key->heap; - isAllocated = key->isAllocated; - wc_RsaCleanup(key); #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) @@ -615,11 +629,6 @@ int wc_FreeRsaKey(RsaKey* key) wc_fspsm_RsaKeyFree(key); #endif - if (isAllocated) { - XFREE(key, heap, DYNAMIC_TYPE_RSA); - (void)heap; - } - return ret; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index c8dc36742c..4c3c9d771d 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -935,37 +935,75 @@ static void myFipsCb(int ok, int err, const char* hash) } #endif /* HAVE_FIPS && !WOLFSSL_LINUXKM */ -#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) +#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && !defined(WC_NO_CONSTRUCTORS) -#ifndef NO_AES -static struct Aes *wc_AesNew(void *heap, int thisDevId) { +#if !defined(NO_AES) +static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int thisDevId, int *result_code) +{ + int ret; Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); - if (aes != NULL) { - if (wc_AesInit(aes, heap, thisDevId) != 0) { + if (aes == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_AesInit(aes, heap, thisDevId); + if (ret != 0) { XFREE(aes, heap, DYNAMIC_TYPE_AES); aes = NULL; } } + + if (result_code != NULL) + *result_code = ret; + return aes; } -#endif +static WC_MAYBE_UNUSED int wc_AesDelete(Aes *aes, Aes** aes_p) +{ + if (aes == NULL) + return BAD_FUNC_ARG; + wc_AesFree(aes); + XFREE(aes, aes->heap, DYNAMIC_TYPE_AES); + if (aes_p != NULL) + *aes_p = NULL; + return 0; +} +#endif /* !NO_AES */ -#ifndef NO_RSA -static RsaKey* wc_NewRsaKey(void* heap, int thisDevId) +#if !defined(NO_RSA) +static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int thisDevId, int *result_code) { + int ret; RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key != NULL) { - if (wc_InitRsaKey_ex(key, heap, thisDevId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_InitRsaKey_ex(key, heap, thisDevId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_RSA); key = NULL; } } + + if (result_code != NULL) + *result_code = ret; + return key; } -#endif - -#endif /* FIPS_VERSION3_LT(6,0,0) */ +static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p) +{ + if (key == NULL) + return BAD_FUNC_ARG; + wc_FreeRsaKey(key); + XFREE(key, key->heap, DYNAMIC_TYPE_RSA); + if (key_p != NULL) + *key_p = NULL; + return 0; +} +#endif /* !NO_RSA */ +#endif /* FIPS_VERSION3_LT(6,0,0) && !WC_NO_CONSTRUCTORS */ #ifdef WOLFSSL_STATIC_MEMORY #if defined(WOLFSSL_STATIC_MEMORY_TEST_SZ) @@ -6034,12 +6072,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) WOLFSSL_ENTER("hash_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - hash = wc_HashNew(WC_HASH_TYPE_SHA256, HEAP_HINT, devId); + hash = wc_HashNew(WC_HASH_TYPE_SHA256, HEAP_HINT, devId, &ret); if (hash == NULL) { - ret = MEMORY_E; return WC_TEST_RET_ENC_EC(ret); } - hash->isAllocated = 0; /* free manually */ #else XMEMSET(hash, 0, sizeof(wc_HashAlg)); #endif @@ -6320,10 +6356,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - if (hash != NULL) { - hash->isAllocated = 1; /* free manually */ - (void)wc_HashFree(hash, hash->type); - } + (void)wc_HashDelete(hash, &hash); #endif return 0; @@ -9288,13 +9321,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, WOLFSSL_ENTER("aesofb_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -9545,16 +9578,18 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); + #else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif + #endif #ifdef HAVE_AES_DECRYPT + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); + #else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif + #endif #endif #endif /* WOLFSSL_AES_256 */ @@ -9687,13 +9722,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -9873,14 +9908,16 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -9982,13 +10019,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -10133,14 +10170,16 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -10238,13 +10277,13 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -10343,14 +10382,16 @@ static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -10385,9 +10426,9 @@ static wc_test_ret_t aes_key_size_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - aes = wc_AesNew(HEAP_HINT, devId); + aes = wc_AesNew(HEAP_HINT, devId, &ret); if (aes == NULL) - return WC_TEST_RET_ENC_ERRNO; + return WC_TEST_RET_ENC_EC(ret); #else ret = wc_AesInit(aes, HEAP_HINT, devId); /* 0 check OK for FIPSv1 */ @@ -10486,9 +10527,10 @@ static wc_test_ret_t aes_key_size_test(void) ret = 0; /* success */ out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(aes, &aes); +#else wc_AesFree(aes); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(aes, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -13395,12 +13437,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void) WOLFSSL_ENTER("aes_ctr_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); XMEMSET(dec, 0, sizeof(Aes)); @@ -13526,14 +13568,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void) #endif /* DEBUG_VECTOR_REGISTER_ACCESS && WC_C_DYNAMIC_FALLBACK */ out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif return ret; @@ -13741,13 +13785,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void) WOLFSSL_ENTER("aes_cbc_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14100,14 +14144,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif @@ -14143,13 +14189,13 @@ static wc_test_ret_t aes_ecb_direct_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else ret = wc_AesInit(enc, HEAP_HINT, devId); @@ -14176,13 +14222,12 @@ static wc_test_ret_t aes_ecb_direct_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); + wc_AesDelete(dec, &dec); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -14316,13 +14361,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) WOLFSSL_ENTER("aes192_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14374,14 +14419,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif #endif /* HAVE_AES_CBC */ @@ -14444,13 +14491,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void) WOLFSSL_ENTER("aes256_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14579,14 +14626,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #ifdef HAVE_AES_DECRYPT +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(dec, &dec); +#else wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif #endif #endif /* HAVE_AES_CBC */ @@ -14621,12 +14670,12 @@ static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, XMEMSET(resultP, 0, sizeof(resultP)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); XMEMSET(dec, 0, sizeof(Aes)); @@ -14714,13 +14763,12 @@ static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); + wc_AesDelete(dec, &dec); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -15054,12 +15102,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) XMEMSET(resultP, 0, sizeof(resultP)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else ret = wc_AesInit(enc, HEAP_HINT, devId); if (ret != 0) @@ -15652,13 +15700,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) XFREE(large_outdec, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); + wc_AesDelete(dec, &dec); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif wc_AesFree(dec); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(dec, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -15837,9 +15884,9 @@ static wc_test_ret_t aesccm_256_test(void) byte atag[sizeof(exp_tag)]; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - Aes* aes = wc_AesNew(HEAP_HINT, devId); + Aes* aes = wc_AesNew(HEAP_HINT, devId, &ret); if (aes == NULL) { - ret = WC_TEST_RET_ENC_EC(MEMORY_E); + ret = WC_TEST_RET_ENC_EC(ret); } #else Aes aes[1]; @@ -15877,9 +15924,10 @@ static wc_test_ret_t aesccm_256_test(void) } #endif +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(aes, &aes); +#else wc_AesFree(aes); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(aes, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -15992,9 +16040,9 @@ static wc_test_ret_t aesccm_128_test(void) XMEMSET(p2, 0, sizeof(p2)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); ret = wc_AesInit(enc, HEAP_HINT, devId); @@ -16044,19 +16092,9 @@ static wc_test_ret_t aesccm_128_test(void) XMEMSET(iv2, 0, sizeof(iv2)); wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); -#endif -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); - if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), out); -#else - XMEMSET(enc, 0, sizeof(Aes)); ret = wc_AesInit(enc, HEAP_HINT, devId); if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); -#endif #ifndef HAVE_SELFTEST /* selftest build does not have wc_AesCcmSetNonce() or @@ -16179,9 +16217,10 @@ static wc_test_ret_t aesccm_128_test(void) out: +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_AesDelete(enc, &enc); +#else wc_AesFree(enc); -#if defined(WOLFSSL_SMALL_STACK) && defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) - XFREE(enc, HEAP_HINT, DYNAMIC_TYPE_AES); #endif return ret; @@ -21553,34 +21592,41 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC if (in == NULL || out == NULL || plain == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); #endif XMEMCPY(in, inStr, inLen); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key = wc_NewRsaKey(HEAP_HINT, devId); + key = wc_NewRsaKey(HEAP_HINT, devId, &ret); if (key == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - keypub = wc_NewRsaKey(HEAP_HINT, devId); + keypub = wc_NewRsaKey(HEAP_HINT, devId, &ret); if (keypub == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #endif #ifdef WOLFSSL_TEST_CERT if (cert == NULL) - ERROR_OUT(MEMORY_E, exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); #endif -#endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */ - /* initialize stack structures */ - XMEMSET(&rng, 0, sizeof(rng)); - /* memset also clears isAllocated bit, so free must be called manually */ - XMEMSET(key, 0, sizeof(RsaKey)); +#else /* ! (WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC) */ + + ret = wc_InitRsaKey_ex(key, HEAP_HINT, devId); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - XMEMSET(keypub, 0, sizeof(RsaKey)); + ret = wc_InitRsaKey_ex(keypub, HEAP_HINT, devId); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #endif +#endif /* ! (WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC) */ + + /* initialize stack structures */ + XMEMSET(&rng, 0, sizeof(rng)); + #if !defined(NO_ASN) ret = rsa_decode_test(key); if (ret != 0) @@ -21850,7 +21896,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) && !defined(WOLF_CRYPTO_CB_ONLY_RSA) ret = rsa_oaep_padding_test(key, &rng); if (ret != 0) - return ret; + goto exit_rsa; #endif /* !HAVE_FIPS */ #endif /* WC_NO_RSA_OAEP && !WC_NO_RNG */ @@ -21860,14 +21906,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) && !defined(WOLFSSL_RSA_VERIFY_ONLY) ret = rsa_export_key_test(key); if (ret != 0) - return ret; + goto exit_rsa; #endif #if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \ !defined(WOLFSSL_RSA_VERIFY_ONLY) ret = rsa_flatten_test(key); if (ret != 0) - return ret; + goto exit_rsa; #endif #if !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_ASN) && \ @@ -22130,16 +22176,10 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) exit_rsa: -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - if (key != NULL) { - wc_FreeRsaKey(key); - XFREE(key, HEAP_HINT, DYNAMIC_TYPE_RSA); - } + #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_DeleteRsaKey(key, &key); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - if (keypub != NULL) { - wc_FreeRsaKey(keypub); - XFREE(keypub, HEAP_HINT, DYNAMIC_TYPE_RSA); - } + wc_DeleteRsaKey(keypub, &keypub); #endif #ifdef WOLFSSL_TEST_CERT XFREE(cert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); @@ -35059,57 +35099,59 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) (void)x; WOLFSSL_ENTER("curve25519_test"); -#ifndef HAVE_FIPS - ret = wc_InitRng_ex(&rng, HEAP_HINT, devId); -#else - ret = wc_InitRng(&rng); -#endif - if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); - #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - userA = wc_curve25519_new(HEAP_HINT, devId); - userB = wc_curve25519_new(HEAP_HINT, devId); - pubKey = wc_curve25519_new(HEAP_HINT, devId); - if (userA == NULL || userB == NULL || pubKey == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } + userA = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + userB = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + pubKey = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #else wc_curve25519_init_ex(userA, HEAP_HINT, devId); wc_curve25519_init_ex(userB, HEAP_HINT, devId); wc_curve25519_init_ex(pubKey, HEAP_HINT, devId); #endif +#ifndef HAVE_FIPS + ret = wc_InitRng_ex(&rng, HEAP_HINT, devId); +#else + ret = wc_InitRng(&rng); +#endif + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + /* make curve25519 keys */ ret = wc_curve25519_make_key(&rng, 32, userA); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_curve25519_make_key(&rng, 32, userB); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #ifdef HAVE_CURVE25519_SHARED_SECRET /* find shared secret key */ x = sizeof(sharedA); if ((ret = wc_curve25519_shared_secret(userA, userB, sharedA, &x)) != 0) { printf("wc_curve25519_shared_secret 1 failed\n"); - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); } y = sizeof(sharedB); if ((ret = wc_curve25519_shared_secret(userB, userA, sharedB, &y)) != 0) { printf("wc_curve25519_shared_secret 2 failed\n"); - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); } /* compare shared secret keys to test they are the same */ if (y != x) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); if (XMEMCMP(sharedA, sharedB, x)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #endif #ifdef HAVE_CURVE25519_KEY_EXPORT @@ -35117,12 +35159,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) x = sizeof(exportBuf); ret = wc_curve25519_export_public(userA, exportBuf, &x); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #ifdef HAVE_CURVE25519_KEY_IMPORT ret = wc_curve25519_import_public(exportBuf, x, pubKey); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif #endif @@ -35132,104 +35174,104 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) XMEMSET(sharedB, 0, sizeof(sharedB)); y = sizeof(sharedB); if (wc_curve25519_shared_secret(userB, pubKey, sharedB, &y) != 0) { - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); } if (XMEMCMP(sharedA, sharedB, y)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); /* import RFC test vectors and compare shared key */ ret = wc_curve25519_import_private_raw(sa, sizeof(sa), pa, sizeof(pa), userA); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_curve25519_import_private_raw(sb, sizeof(sb), pb, sizeof(pb), userB); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); /* test against known test vector */ XMEMSET(sharedB, 0, sizeof(sharedB)); y = sizeof(sharedB); ret = wc_curve25519_shared_secret(userA, userB, sharedB, &y); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(ss, sharedB, y)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); /* test swapping roles of keys and generating same shared key */ XMEMSET(sharedB, 0, sizeof(sharedB)); y = sizeof(sharedB); ret = wc_curve25519_shared_secret(userB, userA, sharedB, &y); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(ss, sharedB, y)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); /* test with 1 generated key and 1 from known test vector */ ret = wc_curve25519_import_private_raw(sa, sizeof(sa), pa, sizeof(pa), userA); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); wc_curve25519_free(userB); -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - userB = wc_curve25519_new(HEAP_HINT, devId); - if (userB == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } -#else wc_curve25519_init_ex(userB, HEAP_HINT, devId); -#endif ret = wc_curve25519_make_key(&rng, 32, userB); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); x = sizeof(sharedA); ret = wc_curve25519_shared_secret(userA, userB, sharedA, &x); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); y = sizeof(sharedB); ret = wc_curve25519_shared_secret(userB, userA, sharedB, &y); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); /* compare shared secret keys to test they are the same */ if (y != x) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); if (XMEMCMP(sharedA, sharedB, x)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); ret = curve25519_overflow_test(); if (ret != 0) - return ret; + goto cleanup; ret = curve25519_check_public_test(); if (ret != 0) - return ret; + goto cleanup; #endif /* HAVE_CURVE25519_SHARED_SECRET && HAVE_CURVE25519_KEY_IMPORT */ #if !defined(NO_ASN) && defined(HAVE_CURVE25519_KEY_EXPORT) && \ defined(HAVE_CURVE25519_KEY_IMPORT) ret = curve255519_der_test(); if (ret != 0) - return ret; + goto cleanup; #endif +cleanup: + /* clean up keys when done */ +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_curve25519_delete(pubKey, &pubKey); + wc_curve25519_delete(userB, &userB); + wc_curve25519_delete(userA, &userA); +#else wc_curve25519_free(pubKey); wc_curve25519_free(userB); wc_curve25519_free(userA); +#endif wc_FreeRng(&rng); - return 0; + return ret; } #endif /* HAVE_CURVE25519 */ @@ -36156,18 +36198,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) return WC_TEST_RET_ENC_EC(ret); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key = wc_ed25519_new(HEAP_HINT, devId); - key2 = wc_ed25519_new(HEAP_HINT, devId); - if (key == NULL || key2 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } + key = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + key2 = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #if !defined(NO_ASN) && defined(HAVE_ED25519_SIGN) - key3 = wc_ed25519_new(HEAP_HINT, devId); - if (key3 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } + key3 = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif #else wc_ed25519_init_ex(key, HEAP_HINT, devId); @@ -36194,70 +36234,70 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) if (wc_ed25519_import_private_key(sKeys[i], ED25519_KEY_SIZE, pKeys[i], pKeySz[i], key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_sign_msg(msgs[i], msgSz[i], out, &outlen, key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (XMEMCMP(out, sigs[i], 64)) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #if defined(HAVE_ED25519_VERIFY) /* test verify on good msg */ if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #ifdef WOLFSSL_ED25519_STREAMING_VERIFY /* test verify on good msg using streaming interface directly */ if (wc_ed25519_verify_msg_init(out, outlen, key, (byte)Ed25519, NULL, 0) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); for (j = 0; j < msgSz[i]; j += i) { if (wc_ed25519_verify_msg_update(msgs[i] + j, MIN(i, msgSz[i] - j), key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); } if (wc_ed25519_verify_msg_final(out, outlen, &verify, key) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* WOLFSSL_ED25519_STREAMING_VERIFY */ /* test verify on bad msg */ out[outlen-1] = out[outlen-1] + 1; if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key) == 0 || verify == 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* HAVE_ED25519_VERIFY */ /* test api for import/exporting keys */ exportPSz = sizeof(exportPKey); exportSSz = sizeof(exportSKey); if (wc_ed25519_export_public(key, exportPKey, &exportPSz) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_import_public_ex(exportPKey, exportPSz, key2, 1) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_export_private_only(key, exportSKey, &exportSSz) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_import_private_key(exportSKey, exportSSz, exportPKey, exportPSz, key2) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); /* clear "out" buffer and test sign with imported keys */ outlen = sizeof(out); XMEMSET(out, 0, sizeof(out)); if (wc_ed25519_sign_msg(msgs[i], msgSz[i], out, &outlen, key2) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #if defined(HAVE_ED25519_VERIFY) if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key2) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (XMEMCMP(out, sigs[i], 64)) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* HAVE_ED25519_VERIFY */ } @@ -36311,36 +36351,36 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_ed25519_import_private_key(sKeys[0], ED25519_KEY_SIZE, pKeys[0], pKeySz[0], key); if (ret != 0) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd1, sizeof(rareEd1), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd2, sizeof(rareEd2), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd3, sizeof(rareEd3), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd4, sizeof(rareEd4), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(SIG_VERIFY_E)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); } ret = ed25519ctx_test(); if (ret != 0) - return ret; + goto cleanup; ret = ed25519ph_test(); if (ret != 0) - return ret; + goto cleanup; #ifndef NO_ASN /* Try ASN.1 encoded private-only key and public key. */ @@ -36348,75 +36388,92 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_Ed25519PrivateKeyDecode(privateEd25519, &idx, key3, sizeof(privateEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); idx = 0; if (wc_Ed25519PrivateKeyDecode(badPrivateEd25519, &idx, key3, sizeof(badPrivateEd25519)) == 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); /* try with a buffer size that is too large */ idx = 0; if (wc_Ed25519PublicKeyDecode(badPublicEd25519, &idx, key3, sizeof(badPublicEd25519)) == 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); idx = 0; ret = wc_Ed25519PublicKeyDecode(publicEd25519, &idx, key3, sizeof(publicEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(out, sigs[0], 64)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #if defined(HAVE_ED25519_VERIFY) /* test verify on good msg */ ret = wc_ed25519_verify_msg(out, outlen, msgs[0], msgSz[0], &verify, key3); if (ret != 0 || verify != 1) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif /* HAVE_ED25519_VERIFY */ wc_ed25519_free(key3); -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key3 = wc_ed25519_new(HEAP_HINT, devId); - if (key3 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } -#else wc_ed25519_init_ex(key3, HEAP_HINT, devId); -#endif idx = 0; ret = wc_Ed25519PrivateKeyDecode(privPubEd25519, &idx, key3, sizeof(privPubEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(out, sigs[0], 64)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_ed25519_delete(key3, &key3); +#else wc_ed25519_free(key3); +#endif #endif /* NO_ASN */ #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_EXPORT && HAVE_ED25519_KEY_IMPORT */ + ret = ed25519_test_check_key(); + if (ret < 0) + goto cleanup; +#ifdef WOLFSSL_TEST_CERT + ret = ed25519_test_cert(); + if (ret < 0) + goto cleanup; +#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY) + ret = ed25519_test_make_cert(); + if (ret < 0) + goto cleanup; +#endif /* WOLFSSL_CERT_GEN */ +#endif /* WOLFSSL_TEST_CERT */ + +cleanup: + /* clean up keys when done */ +#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) + wc_ed25519_delete(key, &key); + wc_ed25519_delete(key2, &key2); +#else wc_ed25519_free(key); wc_ed25519_free(key2); +#endif #if defined(HAVE_HASHDRBG) || defined(NO_RC4) wc_FreeRng(&rng); @@ -36426,21 +36483,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) (void)keySz; (void)sigSz; - ret = ed25519_test_check_key(); - if (ret < 0) - return ret; -#ifdef WOLFSSL_TEST_CERT - ret = ed25519_test_cert(); - if (ret < 0) - return ret; -#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY) - ret = ed25519_test_make_cert(); - if (ret < 0) - return ret; -#endif /* WOLFSSL_CERT_GEN */ -#endif /* WOLFSSL_TEST_CERT */ - - return 0; + return ret; } #endif /* HAVE_ED25519 */ diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index c01482c341..eaa0c47150 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -327,7 +327,7 @@ struct Aes { int alFd; /* server socket to bind to */ int rdFd; /* socket to read from */ struct msghdr msg; - int dir; /* flag for encrpyt or decrypt */ + int dir; /* flag for encrypt or decrypt */ #ifdef WOLFSSL_AFALG_XILINX_AES word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) + GCM_NONCE_MID_SZ)]; @@ -382,6 +382,7 @@ struct Aes { ALIGN16 byte streamData[5 * AES_BLOCK_SIZE]; #else byte* streamData; + word32 streamData_sz; #endif word32 aSz; word32 cSz; @@ -392,7 +393,6 @@ struct Aes { WC_BITFIELD nonceSet:1; WC_BITFIELD ctrSet:1; #endif - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ #ifdef WC_DEBUG_CIPHER_LIFECYCLE void *CipherLifecycleTag; /* used for dummy allocation and initialization, * trackable by sanitizers. @@ -726,8 +726,11 @@ WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap, WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId); #endif -WOLFSSL_API Aes* wc_AesNew(void* heap, int devId); WOLFSSL_API void wc_AesFree(Aes* aes); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API Aes* wc_AesNew(void* heap, int devId, int *result_code); +WOLFSSL_API int wc_AesDelete(Aes* aes, Aes** aes_p); +#endif #ifdef WOLFSSL_AES_SIV typedef struct AesSivAssoc { diff --git a/wolfssl/wolfcrypt/curve25519.h b/wolfssl/wolfcrypt/curve25519.h index feb74aa99e..4d18c5678e 100644 --- a/wolfssl/wolfcrypt/curve25519.h +++ b/wolfssl/wolfcrypt/curve25519.h @@ -99,7 +99,6 @@ struct curve25519_key { /* bit fields */ WC_BITFIELD pubSet:1; WC_BITFIELD privSet:1; - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ }; enum { @@ -132,8 +131,6 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key, curve25519_key* public_key, byte* out, word32* outlen, int endian); -WOLFSSL_API -curve25519_key* wc_curve25519_new(void* heap, int devId); WOLFSSL_API int wc_curve25519_init(curve25519_key* key); WOLFSSL_API @@ -142,6 +139,13 @@ int wc_curve25519_init_ex(curve25519_key* key, void* heap, int devId); WOLFSSL_API void wc_curve25519_free(curve25519_key* key); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API +curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code); +WOLFSSL_API +int wc_curve25519_delete(curve25519_key* key, curve25519_key** key_p); +#endif +WOLFSSL_API /* raw key helpers */ WOLFSSL_API diff --git a/wolfssl/wolfcrypt/ed25519.h b/wolfssl/wolfcrypt/ed25519.h index 1de20133a9..8c660b2189 100644 --- a/wolfssl/wolfcrypt/ed25519.h +++ b/wolfssl/wolfcrypt/ed25519.h @@ -97,8 +97,6 @@ struct ed25519_key { WC_BITFIELD privKeySet:1; WC_BITFIELD pubKeySet:1; WC_BITFIELD sha_clean_flag:1; /* only used if WOLFSSL_ED25519_PERSISTENT_SHA */ - /* flag indicates if structure was allocated */ - WC_BITFIELD isAllocated:1; #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif @@ -177,14 +175,20 @@ int wc_ed25519_verify_msg_final(const byte* sig, word32 sigLen, int* res, #endif /* WOLFSSL_ED25519_STREAMING_VERIFY */ #endif /* HAVE_ED25519_VERIFY */ -WOLFSSL_API -ed25519_key* wc_ed25519_new(void* heap, int devId); WOLFSSL_API int wc_ed25519_init(ed25519_key* key); WOLFSSL_API int wc_ed25519_init_ex(ed25519_key* key, void* heap, int devId); WOLFSSL_API void wc_ed25519_free(ed25519_key* key); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API +ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code); +WOLFSSL_API +int wc_ed25519_delete(ed25519_key* key, ed25519_key** key_p); +#endif +WOLFSSL_API + #ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key); diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 2abfafd180..edbc949bcb 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -125,7 +125,9 @@ typedef union { typedef struct { wc_Hashes alg; enum wc_HashType type; /* sanity check */ - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ +#ifndef WC_NO_CONSTRUCTORS + void *heap; +#endif } wc_HashAlg; #endif /* !NO_HASH_WRAPPER */ @@ -182,8 +184,6 @@ WOLFSSL_API int wc_Hash_ex(enum wc_HashType hash_type, byte* hash, word32 hash_len, void* heap, int devId); /* generic hash operation wrappers */ -WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, - int devId); WOLFSSL_API int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap, int devId); WOLFSSL_API int wc_HashInit(wc_HashAlg* hash, enum wc_HashType type); @@ -192,6 +192,11 @@ WOLFSSL_API int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out); WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, + int devId, int *result_code); +WOLFSSL_API int wc_HashDelete(wc_HashAlg *hash, wc_HashAlg **hash_p); +#endif #ifdef WOLFSSL_HASH_FLAGS WOLFSSL_API int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index 8bb0f5fe49..3f39d5b4df 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -269,7 +269,6 @@ struct RsaKey { #if defined(WOLFSSL_RENESAS_FSPSM) FSPSM_RSA_CTX ctx; #endif - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ }; #ifndef WC_RSAKEY_TYPE_DEFINED @@ -293,10 +292,14 @@ struct RsaPadding { typedef struct RsaPadding RsaPadding; #endif -WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId); WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); +#ifndef WC_NO_CONSTRUCTORS +WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code); +WOLFSSL_API int wc_DeleteRsaKey(RsaKey* key, RsaKey** key_p); +#endif + #ifdef WOLF_PRIVATE_KEY_ID WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap, int devId); diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index e10f5f8b45..1b437c1000 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -522,6 +522,12 @@ typedef struct w64wrapper { #elif defined(NO_WOLFSSL_MEMORY) #ifdef WOLFSSL_NO_MALLOC /* this platform does not support heap use */ + #ifdef WOLFSSL_SMALL_STACK + #error WOLFSSL_SMALL_STACK requires a heap implementation. + #endif + #ifndef WC_NO_CONSTRUCTORS + #define WC_NO_CONSTRUCTORS + #endif #ifdef WOLFSSL_MALLOC_CHECK #ifndef NO_STDIO_FILESYSTEM #include @@ -606,6 +612,10 @@ typedef struct w64wrapper { #endif /* WOLFSSL_STATIC_MEMORY */ #endif + #if defined(WOLFSSL_SMALL_STACK) && defined(WC_NO_CONSTRUCTORS) + #error WOLFSSL_SMALL_STACK requires constructors. + #endif + #include /* declare/free variable handling for async and smallstack */ diff --git a/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs b/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs index 2e5f30e938..223beafacc 100644 --- a/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs +++ b/wrapper/CSharp/wolfSSL_CSharp/wolfCrypt.cs @@ -119,7 +119,9 @@ public class wolfcrypt * RSA */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private static extern IntPtr wc_NewRsaKey(IntPtr heap, int devId); + private static extern IntPtr wc_NewRsaKey(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private static extern int wc_DeleteRsaKey(IntPtr key, IntPtr key_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_InitRsaKey(IntPtr key, IntPtr heap); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -153,7 +155,9 @@ public class wolfcrypt * ED25519 */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private static extern IntPtr wc_ed25519_new(IntPtr heap, int devId); + private static extern IntPtr wc_ed25519_new(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private static extern int wc_ed25519_delete(IntPtr key, IntPtr key_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private static extern int wc_ed25519_init(IntPtr key); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -194,7 +198,9 @@ public class wolfcrypt * Curve25519 */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private static extern IntPtr wc_curve25519_new(IntPtr heap, int devId); + private static extern IntPtr wc_curve25519_new(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private static extern int wc_curve25519_delete(IntPtr key, IntPtr key_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_curve25519_init(IntPtr key); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -235,7 +241,9 @@ public class wolfcrypt * AES-GCM */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private extern static IntPtr wc_AesNew(IntPtr heap, int devId); + private extern static IntPtr wc_AesNew(IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static int wc_AesDelete(IntPtr aes, IntPtr aes_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_AesFree(IntPtr aes); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -254,7 +262,9 @@ public class wolfcrypt * HASH */ [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private extern static IntPtr wc_HashNew(uint hashType, IntPtr heap, int devId); + private extern static IntPtr wc_HashNew(uint hashType, IntPtr heap, int devId, IntPtr result_code); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static int wc_HashDelete(IntPtr hash, IntPtr hash_p); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wc_HashInit(IntPtr hash, uint hashType); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] @@ -373,7 +383,7 @@ public static int Cleanup() /// Pointer to allocated WC_RNG or null public static IntPtr RandomNew() { - IntPtr rng; + IntPtr rng; try { @@ -386,7 +396,7 @@ public static IntPtr RandomNew() { log(ERROR_LOG, "random new exception " + e.ToString()); rng = IntPtr.Zero; - } + } return rng; } @@ -551,7 +561,7 @@ public static int EccSetRng(IntPtr key, IntPtr rng) public static IntPtr EccImportKey(byte[] keyASN1) { int ret; - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { @@ -577,7 +587,7 @@ public static IntPtr EccImportKey(byte[] keyASN1) log(ERROR_LOG, "ECC import key exception " + e.ToString()); EccFreeKey(key); /* make sure its free'd */ key = IntPtr.Zero; - } + } return key; } @@ -713,7 +723,7 @@ public static int EccExportPrivateKeyToDer(IntPtr key, out byte[] derKey) { log(ERROR_LOG, "ECC export private exception " + e.ToString()); ret = EXCEPTION_E; - } + } return ret; } @@ -747,7 +757,7 @@ public static int EccExportPublicKeyToDer(IntPtr key, out byte[] derKey, bool in { log(ERROR_LOG, "ECC export public exception " + e.ToString()); ret = EXCEPTION_E; - } + } return ret; } @@ -1317,12 +1327,12 @@ public static IntPtr RsaMakeKey(IntPtr heap, int devId, int keysize, Int32 expon { int ret; IntPtr key = IntPtr.Zero; - IntPtr rng = IntPtr.Zero; + IntPtr rng = IntPtr.Zero; try { /* Allocate and init new RSA key structure */ - key = wc_NewRsaKey(heap, devId); + key = wc_NewRsaKey(heap, devId, IntPtr.Zero); if (key != IntPtr.Zero) { rng = RandomNew(); @@ -1348,7 +1358,7 @@ public static IntPtr RsaMakeKey(IntPtr heap, int devId, int keysize, Int32 expon if (rng != IntPtr.Zero) RandomFree(rng); if (key != IntPtr.Zero) RsaFreeKey(key); key = IntPtr.Zero; - } + } return key; } @@ -1366,11 +1376,11 @@ public static IntPtr RsaMakeKey(IntPtr heap, int devId, int keysize) public static IntPtr RsaImportKey(byte[] keyASN1) { int ret; - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { - key = wc_NewRsaKey(IntPtr.Zero, INVALID_DEVID); + key = wc_NewRsaKey(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { IntPtr idx = Marshal.AllocHGlobal(sizeof(uint)); @@ -1392,7 +1402,7 @@ public static IntPtr RsaImportKey(byte[] keyASN1) log(ERROR_LOG, "RSA make key exception " + e.ToString()); RsaFreeKey(key); /* make sure its free'd */ key = IntPtr.Zero; - } + } return key; } @@ -1548,7 +1558,8 @@ public static void RsaFreeKey(IntPtr key) { if (key != IntPtr.Zero) { - wc_FreeRsaKey(key); + wc_DeleteRsaKey(key, IntPtr.Zero); + key = IntPtr.Zero; } } /* END RSA */ @@ -1578,7 +1589,7 @@ public static IntPtr Ed25519MakeKey(IntPtr heap, int devId) throw new Exception("Failed to create RNG."); } - key = wc_ed25519_new(heap, devId); + key = wc_ed25519_new(heap, devId, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_ed25519_make_key(rng, 32, key); @@ -1595,7 +1606,7 @@ public static IntPtr Ed25519MakeKey(IntPtr heap, int devId) if (rng != IntPtr.Zero) RandomFree(rng); if (ret != 0) { - wc_ed25519_free(key); + wc_ed25519_delete(key, IntPtr.Zero); key = IntPtr.Zero; } } @@ -1611,7 +1622,7 @@ public static IntPtr Ed25519MakeKey(IntPtr heap, int devId) /// Private key used for signing /// 0 on success, otherwise an error code public static int Ed25519SignMsg(byte[] inMsg, out byte[] outMsg, IntPtr key) - { + { int ret; IntPtr inMsgPtr = Marshal.AllocHGlobal(inMsg.Length); IntPtr outMsgPtr = Marshal.AllocHGlobal(ED25519_SIG_SIZE); @@ -1633,7 +1644,7 @@ public static int Ed25519SignMsg(byte[] inMsg, out byte[] outMsg, IntPtr key) /* Clenup */ if (inMsgPtr != IntPtr.Zero) Marshal.FreeHGlobal(inMsgPtr); if (outMsgPtr != IntPtr.Zero) Marshal.FreeHGlobal(outMsgPtr); - } + } return ret; } @@ -1682,7 +1693,7 @@ public static int Ed25519VerifyMsg(byte[] sig, byte[] msg, IntPtr key) /* Cleanup */ if (sigPtr != IntPtr.Zero) Marshal.FreeHGlobal(sigPtr); if (msgPtr != IntPtr.Zero) Marshal.FreeHGlobal(msgPtr); - } + } return ret; } @@ -1700,7 +1711,7 @@ public static IntPtr Ed25519PrivateKeyDecode(byte[] input) try { - key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Ed25519PrivateKeyDecode(input, ref idx, key, (uint)input.Length); @@ -1734,7 +1745,7 @@ public static IntPtr Ed25519PublicKeyDecode(byte[] input) try { - key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Ed25519PublicKeyDecode(input, ref idx, key, (uint)input.Length); @@ -1878,7 +1889,8 @@ public static int Ed25519ExportPublicKeyToDer(IntPtr key, out byte[] pubKey, boo /// Key to be freed public static void Ed25519FreeKey(IntPtr key) { - wc_ed25519_free(key); + wc_ed25519_delete(key, IntPtr.Zero); + key = IntPtr.Zero; } /* END ED25519 */ @@ -2104,7 +2116,7 @@ public static IntPtr Curve25519MakeKey(IntPtr heap, int devId) throw new Exception("Failed to create RNG."); } - key = wc_curve25519_new(heap, devId); + key = wc_curve25519_new(heap, devId, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_curve25519_make_key(rng, 32, key); @@ -2121,7 +2133,7 @@ public static IntPtr Curve25519MakeKey(IntPtr heap, int devId) if (rng != IntPtr.Zero) RandomFree(rng); if (ret != 0) { - wc_curve25519_free(key); + wc_curve25519_delete(key, IntPtr.Zero); key = IntPtr.Zero; } } @@ -2142,7 +2154,7 @@ public static IntPtr Curve25519PrivateKeyDecode(byte[] input) try { - key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_ed25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Ed25519PrivateKeyDecode(input, ref idx, key, (uint)input.Length); @@ -2176,7 +2188,7 @@ public static IntPtr Curve25519PublicKeyDecode(byte[] input) try { - key = wc_curve25519_new(IntPtr.Zero, INVALID_DEVID); + key = wc_curve25519_new(IntPtr.Zero, INVALID_DEVID, IntPtr.Zero); if (key != IntPtr.Zero) { ret = wc_Curve25519PublicKeyDecode(input, ref idx, key, (uint)input.Length); @@ -2280,7 +2292,8 @@ public static int Curve25519ExportPublicKeyToDer(IntPtr key, out byte[] derKey, /// Key to be freed public static void Curve25519FreeKey(IntPtr key) { - wc_curve25519_free(key); + wc_curve25519_delete(key, IntPtr.Zero); + key = IntPtr.Zero; } /* END Curve25519 */ @@ -2313,7 +2326,7 @@ public static int Curve25519SharedSecret(IntPtr privateKey, IntPtr publicKey, by { log(ERROR_LOG, "Curve25519 shared secret exception " + e.ToString()); ret = EXCEPTION_E; - } + } return ret; } @@ -2325,7 +2338,7 @@ public static int Curve25519SharedSecret(IntPtr privateKey, IntPtr publicKey, by /// Allocated Curve25519 key structure or null public static IntPtr Curve25519ImportPrivateKey(byte[] privateKey) { - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { @@ -2343,7 +2356,7 @@ public static IntPtr Curve25519ImportPrivateKey(byte[] privateKey) log(ERROR_LOG, "Curve25519 import private key exception " + e.ToString()); if (key != IntPtr.Zero) Marshal.FreeHGlobal(key); key = IntPtr.Zero; - } + } return key; } @@ -2355,7 +2368,7 @@ public static IntPtr Curve25519ImportPrivateKey(byte[] privateKey) /// Allocated Curve25519 key structure or null public static IntPtr Curve25519ImportPublicKey(byte[] publicKey) { - IntPtr key = IntPtr.Zero; + IntPtr key = IntPtr.Zero; try { @@ -2373,7 +2386,7 @@ public static IntPtr Curve25519ImportPublicKey(byte[] publicKey) log(ERROR_LOG, "Curve25519 import public key exception " + e.ToString()); if (key != IntPtr.Zero) Marshal.FreeHGlobal(key); key = IntPtr.Zero; - } + } return key; } @@ -2449,7 +2462,7 @@ public static IntPtr AesNew(IntPtr heap, int devId) try { - aesPtr = wc_AesNew(heap, devId); + aesPtr = wc_AesNew(heap, devId, IntPtr.Zero); if (aesPtr == IntPtr.Zero) { @@ -2460,7 +2473,7 @@ public static IntPtr AesNew(IntPtr heap, int devId) catch (Exception e) { Console.WriteLine($"AES context creation failed: {e.Message}"); - } + } return aesPtr; } @@ -2529,7 +2542,7 @@ public static int AesGcmInit(IntPtr aes, byte[] key, byte[] iv) /* Cleanup */ if (keyPtr != IntPtr.Zero) Marshal.FreeHGlobal(keyPtr); if (ivPtr != IntPtr.Zero) Marshal.FreeHGlobal(ivPtr); - } + } return ret; } @@ -2596,7 +2609,7 @@ public static int AesGcmEncrypt(IntPtr aes, byte[] iv, byte[] plaintext, if (plaintextPtr != IntPtr.Zero) Marshal.FreeHGlobal(plaintextPtr); if (authTagPtr != IntPtr.Zero) Marshal.FreeHGlobal(authTagPtr); if (addAuthPtr != IntPtr.Zero) Marshal.FreeHGlobal(addAuthPtr); - } + } return ret; } @@ -2663,7 +2676,7 @@ public static int AesGcmDecrypt(IntPtr aes, byte[] iv, byte[] ciphertext, if (plaintextPtr != IntPtr.Zero) Marshal.FreeHGlobal(plaintextPtr); if (authTagPtr != IntPtr.Zero) Marshal.FreeHGlobal(authTagPtr); if (addAuthPtr != IntPtr.Zero) Marshal.FreeHGlobal(addAuthPtr); - } + } return ret; } @@ -2676,7 +2689,8 @@ public static void AesGcmFree(IntPtr aes) { if (aes != IntPtr.Zero) { - wc_AesFree(aes); + wc_AesDelete(aes, IntPtr.Zero); + aes = IntPtr.Zero; } } /* END AES-GCM */ @@ -2700,7 +2714,7 @@ public static IntPtr HashNew(uint hashType, IntPtr heap, int devId) try { /* Allocate new hash */ - hash = wc_HashNew(hashType, heap, devId); + hash = wc_HashNew(hashType, heap, devId, IntPtr.Zero); if (hash == IntPtr.Zero) { throw new Exception("Failed to allocate new hash context."); @@ -2709,7 +2723,7 @@ public static IntPtr HashNew(uint hashType, IntPtr heap, int devId) catch (Exception e) { log(ERROR_LOG, "HashNew Exception: " + e.ToString()); - } + } return hash; } @@ -2740,8 +2754,11 @@ public static int InitHash(IntPtr hash, uint hashType) { /* Cleanup */ log(ERROR_LOG, "InitHash Exception: " + e.ToString()); - if (hash != IntPtr.Zero) wc_HashFree(hash, hashType); - } + if (hash != IntPtr.Zero) { + wc_HashDelete(hash, IntPtr.Zero); + hash = IntPtr.Zero; + } + } return ret; } @@ -2856,7 +2873,8 @@ public static int HashFree(IntPtr hash, uint hashType) throw new Exception("Hash context is null, cannot free."); /* Free hash */ - ret = wc_HashFree(hash, hashType); + ret = wc_HashDelete(hash, IntPtr.Zero); + hash = IntPtr.Zero; if (ret != 0) { throw new Exception($"Failed to free hash context. Error code: {ret}"); @@ -2865,7 +2883,7 @@ public static int HashFree(IntPtr hash, uint hashType) catch (Exception e) { log(ERROR_LOG, "HashFree Exception: " + e.ToString()); - } + } return ret; }