From 12d3f94c98f61f697a6c1f50dfed3f913015e500 Mon Sep 17 00:00:00 2001 From: Saksik Remy Date: Tue, 4 Jan 2022 13:18:39 +0800 Subject: [PATCH] update build and update NULL salt usecase --- IDE/iotsafe-raspberrypi/Makefile | 17 +++++++++++++---- IDE/iotsafe-raspberrypi/include.am | 9 +++++++++ wolfcrypt/src/port/iotsafe/iotsafe.c | 28 ++++++++++++++++------------ 3 files changed, 38 insertions(+), 16 deletions(-) create mode 100644 IDE/iotsafe-raspberrypi/include.am diff --git a/IDE/iotsafe-raspberrypi/Makefile b/IDE/iotsafe-raspberrypi/Makefile index 667cb061a..d26af05ae 100644 --- a/IDE/iotsafe-raspberrypi/Makefile +++ b/IDE/iotsafe-raspberrypi/Makefile @@ -3,6 +3,9 @@ CINCS := -I. -I/usr/local/wolfssl CLIBS := -L/usr/local/lib CDEPS := -lc -lg -lm -lwolfssl +WOLFSSL_BUILD=build +MKDIR_P = mkdir -p + ENABLE_DEBUG_UART_IO := off ENABLE_DEBUG_UART_IO_EXTRA := off ENABLE_SECRET_CALLBACK := off @@ -19,7 +22,7 @@ ifeq ($(ENABLE_SECRET_CALLBACK), on) CFLAGS+=-DUSE_SECRET_CALLBACK endif -OBJS:=main.o client-tls13.o +OBJS:=$(WOLFSSL_BUILD)/main.o $(WOLFSSL_BUILD)/client-tls13.o .PHONY: all clean help @@ -57,16 +60,22 @@ endef help: @$(run-help) -all: main.bin +all: directories main.bin + +directories: $(WOLFSSL_BUILD) + +$(WOLFSSL_BUILD): + ${MKDIR_P} $(WOLFSSL_BUILD) main.bin: $(OBJS) $(CC) $(CFLAGS) $(CINCS) $(CLIBS) -o $@ $^ $(CDEPS) -main.o: main.c +$(WOLFSSL_BUILD)/main.o: main.c $(CC) $(CFLAGS) $(CINCS) $(CLIBS) -c -o $@ $^ $(CDEPS) -client-tls13.o: client-tls13.c +$(WOLFSSL_BUILD)/client-tls13.o: client-tls13.c $(CC) $(CFLAGS) $(CINCS) $(CLIBS) -c -o $@ $^ $(CDEPS) clean: rm -f *.o *.bin + rm -rf build diff --git a/IDE/iotsafe-raspberrypi/include.am b/IDE/iotsafe-raspberrypi/include.am new file mode 100644 index 000000000..bd28bdf4f --- /dev/null +++ b/IDE/iotsafe-raspberrypi/include.am @@ -0,0 +1,9 @@ +# vim:ft=automake +# All paths should be given relative to the root + +EXTRA_DIST += IDE/iotsafe-raspberrypi/README.md +EXTRA_DIST += IDE/iotsafe-raspberrypi/Makefile +EXTRA_DIST += IDE/iotsafe-raspberrypi/main.c +EXTRA_DIST += IDE/iotsafe-raspberrypi/client-tls13.c + +DISTCLEANFILES+= IDE/iotsafe-raspberrypi/build diff --git a/wolfcrypt/src/port/iotsafe/iotsafe.c b/wolfcrypt/src/port/iotsafe/iotsafe.c index 5c18cdaba..3b1147a06 100644 --- a/wolfcrypt/src/port/iotsafe/iotsafe.c +++ b/wolfcrypt/src/port/iotsafe/iotsafe.c @@ -1047,25 +1047,29 @@ static int wolfIoT_hkdf_extract(byte* prk, const byte* salt, word32 saltLen, { (void)ctx; int ret; + const byte* localSalt; /* either points to user input or tmp */ + byte tmp[WC_MAX_DIGEST_SIZE]; /* localSalt helper */ WOLFSSL_MSG("IOTSAFE: Called wolfIoT_hkdf_extract\n"); - if(saltLen != 0){ - ret = iotsafe_hkdf_extract(prk, salt, saltLen, ikm, ikmLen, digest); - } - else{ - #ifdef DEBUG_IOTSAFE - printf("SALT is NULL, not supported by IoT Safe Applet, fallback to software implementation\n"); - #endif - ret = wc_Tls13_HKDF_Extract(prk, salt, saltLen, ikm, ikmLen, digest); - } - return ret; + localSalt = salt; + if(saltLen == 0) { + ret = wc_HmacSizeByType(digest); + if (ret < 0) + return ret; + saltLen = ret; + if (localSalt == NULL) { + XMEMSET(tmp, 0, saltLen); + localSalt = tmp; + } + } + + ret = iotsafe_hkdf_extract(prk, localSalt, saltLen, ikm, ikmLen, digest); + return ret; } #endif - - static int wolfIoT_ecc_sign(WOLFSSL* ssl, const unsigned char* in, unsigned int inSz, unsigned char* out, word32* outSz,