From 5a0afc512ef2dd1af1d366aee0809966e51929b8 Mon Sep 17 00:00:00 2001 From: TakayukiMatsuo Date: Sun, 24 Jul 2022 05:24:27 +0900 Subject: [PATCH] Fix memory leak in ECDHE with TSIP --- .../RX65N/GR-ROSE/test/src/wolf_client.c | 4 ++- wolfcrypt/src/port/Renesas/renesas_common.c | 7 +++- wolfcrypt/src/port/Renesas/renesas_tsip_aes.c | 4 +-- .../src/port/Renesas/renesas_tsip_util.c | 35 +++++++++---------- wolfssl/internal.h | 3 ++ 5 files changed, 30 insertions(+), 23 deletions(-) diff --git a/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c b/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c index dedb312b0..75634bb66 100644 --- a/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c +++ b/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c @@ -27,7 +27,9 @@ #include "wolfssl/certs_test.h" #include "key_data.h" #include "wolfssl_demo.h" - +#if defined(WOLFSSL_RENESAS_TSIP_TLS) + #include +#endif #define SIMPLE_TLSSEVER_IP "192.168.1.12" #define SIMPLE_TLSSERVER_PORT "11111" diff --git a/wolfcrypt/src/port/Renesas/renesas_common.c b/wolfcrypt/src/port/Renesas/renesas_common.c index 6d9edb803..2d6baaa8b 100644 --- a/wolfcrypt/src/port/Renesas/renesas_common.c +++ b/wolfcrypt/src/port/Renesas/renesas_common.c @@ -544,7 +544,7 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig, * key_e_start Byte position of public key exponent in cert * key_e_len Length of public key exponent * cm_row CA index - * return FSP_SUCCESS(0) on success, otherwise FSP/TSIP error code + * return FSP_SUCCESS(0) on success, otherwise WOLFSSL_FATAL_ERROR */ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, word32 key_n_start, word32 key_n_len, word32 key_e_start, word32 key_e_len, word32 cm_row) @@ -564,11 +564,16 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, word32 key_ ret = wc_sce_tls_RootCertVerify(cert, cert_len, key_n_start, key_n_len, key_e_start, key_e_len, cm_row); #endif + + if (ret != TSIP_SUCCESS) { + ret = WOLFSSL_FATAL_ERROR; + } } else { /* already verified. skipped */ ret = 0; } + WOLFSSL_LEAVE("wc_Renesas_cmn_RootCertVerify", ret); return ret; } diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c index 5215b3a4a..5c6677e43 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c @@ -723,7 +723,7 @@ int wc_tsip_AesGcmEncrypt( * iv init func. * It expects to pass iv when users create their own key. */ - err = initFn(&hdl, &key_client_aes, iv_l, ivSz_l); + err = initFn(&hdl, &key_client_aes, (uint8_t*)iv_l, ivSz_l); if (err == TSIP_SUCCESS) { err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)aadBuf, authInSz); @@ -917,7 +917,7 @@ int wc_tsip_AesGcmDecrypt( * * It expects to pass iv when users create their own key. */ - err = initFn(&hdl, &key_server_aes, iv_l, ivSz_l); + err = initFn(&hdl, &key_server_aes, (uint8_t*)iv_l, ivSz_l); if (err == TSIP_SUCCESS) { /* pass only AAD and it's size before passing cipher text */ diff --git a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c index 30b2d5341..c579a5c63 100644 --- a/wolfcrypt/src/port/Renesas/renesas_tsip_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_tsip_util.c @@ -2028,8 +2028,19 @@ int wc_tsip_RsaVerify( WOLFSSL_LEAVE("tsip_RsaVerify", ret); return ret; } -/* - * return 0 on success +/* Verify signature for Server Key Exchange with TSIP + * TSIP can handle prime256v1 curve and sha256 hash + * parameters: + * ssl WOLFSSL object + * sig buffer holding DER encoded ecdsa signature data + * sigSz signature data size + * hash buffer holding sha256 hash data + * hashSz hash data size + * key buffer holding peer's public key (NOT used in this function) + * keySz public key size((NOT used in this function)) + * result address of the variable to output result + * ctx context + * return 0 on success, CRYPTOCB_UNAVAILABLE in case TSIP cannot handle */ int wc_tsip_EccVerify( WOLFSSL* ssl, @@ -2039,8 +2050,7 @@ int wc_tsip_EccVerify( int* result, void* ctx) { int ret = WOLFSSL_FAILURE; - uint8_t* sigforSCE = NULL; - uint8_t* pSig = NULL; + uint8_t sigforSCE [R_TSIP_ECDSA_DATA_BYTE_SIZE] = {0}; const byte rs_size = R_TSIP_ECDSA_DATA_BYTE_SIZE/2; byte offset = 0x3; @@ -2060,18 +2070,7 @@ int wc_tsip_EccVerify( return CRYPTOCB_UNAVAILABLE; } - sigforSCE = (uint8_t*)XMALLOC(R_TSIP_ECDSA_DATA_BYTE_SIZE, NULL, - DYNAMIC_TYPE_TMP_BUFFER); - - if (sigforSCE == NULL) { - WOLFSSL_MSG("failed to malloc memory"); - WOLFSSL_LEAVE("wc_tsip_EccVerify", MEMORY_E); - return MEMORY_E; - } - - /* initialization */ - XMEMCPY(sigforSCE, 0, R_TSIP_ECDSA_DATA_BYTE_SIZE); - + /* concatenate r and s parts of the signature so that TSIP can handle it*/ /* r */ if (sig[offset] == 0x20) { XMEMCPY(sigforSCE, &sig[offset+1], rs_size); @@ -2098,9 +2097,7 @@ int wc_tsip_EccVerify( } } - pSig = sigforSCE; - - ret = tsip_ServerKeyExVerify(2, ssl, pSig, 64, ctx); + ret = tsip_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx); if (ret == WOLFSSL_SUCCESS) { *result = 1; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 567b08a23..5477f987f 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -257,6 +257,9 @@ #include #endif +#if defined(WOLFSSL_RENESAS_TSIP_TLS) + #include +#endif #ifdef __cplusplus extern "C" {