WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #3039 from tmael/cov-fix2 

Coverity fix in wolfSSL 4.4.0 - part 2
pull/3126/head
toddouska 2020-07-10 13:06:22 -07:00 committed by GitHub
parent b8078ab789 890500c1b1
commit a90d6b2a5e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 441 additions and 353 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
examples/benchmark/tls_bench.c
View File

@ -525,15 +525,15 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
int recvd;
int dtls_timeout = wolfSSL_dtls_get_current_timeout(ssl);
struct sockaddr peer;
socklen_t peerSz;
socklen_t peerSz = 0;
if (DoneHandShake) dtls_timeout = 0;
if (!wolfSSL_get_using_nonblock(ssl)) {
struct timeval timeout;
XMEMSET(&timeout, 0, sizeof(timeout));
timeout.tv_sec = dtls_timeout;
if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout,
sizeof(timeout)) != 0) {
printf("setsockopt rcvtimeo failed\n");
@ -543,7 +543,7 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
recvd = (int)recvfrom(sd, buf, sz, 0, (SOCKADDR*)&peer, &peerSz);
if (recvd < 0) {
if (errno == SOCKET_EWOULDBLOCK || errno == SOCKET_EAGAIN) {
if (wolfSSL_dtls_get_using_nonblock(ssl)) {
return WOLFSSL_CBIO_ERR_WANT_READ;
@ -576,7 +576,7 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
#endif /* WOLFSSL_DTLS && !NO_WOLFSSL_SERVER */
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_CLIENT)
static int SendTo(int sd, char *buf, int sz, const struct sockaddr *peer,
static int SendTo(int sd, char *buf, int sz, const struct sockaddr *peer,
socklen_t peerSz)
{
int sent;
@ -625,9 +625,9 @@ static int ServerSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
#endif
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_CLIENT)
if (info->doDTLS) {
return SendTo(info->server.sockFd, buf, sz,
return SendTo(info->server.sockFd, buf, sz,
(const struct sockaddr*)&info->clientAddr, sizeof(info->clientAddr));
} else
} else
#endif
return SocketSend(info->server.sockFd, buf, sz);
}
@ -659,9 +659,9 @@ static int ClientSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
#endif
#ifdef WOLFSSL_DTLS
if (info->doDTLS) {
return SendTo(info->client.sockFd, buf, sz,
return SendTo(info->client.sockFd, buf, sz,
(const struct sockaddr*)&info->serverAddr, sizeof(info->serverAddr));
} else
} else
#endif
return SocketSend(info->client.sockFd, buf, sz);
}
@ -676,7 +676,7 @@ static int ClientRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
#if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
if (info->doDTLS) {
return ReceiveFrom(ssl, info->client.sockFd, buf, sz);
} else
} else
#endif
return SocketRecv(info->client.sockFd, buf, sz);
}
@ -734,14 +734,14 @@ static int SetupSocketAndConnect(info_t* info, const char* host,
#ifdef WOLFSSL_DTLS
if (info->doDTLS) {
/* Create the SOCK_DGRAM socket type is implemented on the User
/* Create the SOCK_DGRAM socket type is implemented on the User
* Datagram Protocol/Internet Protocol(UDP/IP protocol).*/
if ((info->client.sockFd = socket(AF_INET, SOCK_DGRAM, 0)) < 0) {
printf("ERROR: failed to create the SOCK_DGRAM socket\n");
return -1;
}
XMEMCPY(&info->serverAddr, &servAddr, sizeof(servAddr));
} else {
} else {
#endif
/* Create a socket that uses an Internet IPv4 address,
* Sets the socket to be stream based (TCP),
@ -792,7 +792,7 @@ static int bench_tls_client(info_t* info)
if(info->doDTLS) {
if (tls13) return WOLFSSL_SUCCESS;
cli_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
} else
} else
#endif
#ifdef WOLFSSL_TLS13
if (tls13)
@ -889,7 +889,7 @@ static int bench_tls_client(info_t* info)
#ifdef WOLFSSL_DTLS
if (info->doDTLS) {
ret = wolfSSL_dtls_set_peer(cli_ssl, &info->serverAddr,
ret = wolfSSL_dtls_set_peer(cli_ssl, &info->serverAddr,
sizeof(info->serverAddr));
if (ret != WOLFSSL_SUCCESS) {
printf("error setting dtls peer\n");
@ -906,7 +906,7 @@ static int bench_tls_client(info_t* info)
wolfSSL_SetIOWriteCtx(cli_ssl, info);
#if defined(HAVE_PTHREAD) && defined(WOLFSSL_DTLS)
/* synchronize with server */
/* synchronize with server */
if (info->doDTLS && !info->clientOrserverOnly) {
pthread_mutex_lock(&info->dtls_mutex);
if (info->serverReady != 1) {
@ -1083,7 +1083,7 @@ static int SetupSocketAndListen(int* listenFd, word32 port, int doDTLS)
#ifdef WOLFSSL_DTLS
if (doDTLS) {
/* Create a socket that is implemented on the User Datagram Protocol/
* Interet Protocol(UDP/IP protocol). */
* Interet Protocol(UDP/IP protocol). */
if((*listenFd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
printf("ERROR: failed to create the socket\n");
return -1;
@ -1149,7 +1149,7 @@ static int SocketWaitClient(info_t* info)
MSG_PEEK, (struct sockaddr*)&clientAddr, &size);
if (connd < -1) {
printf("ERROR: failed to accept the connection\n");
return -1;
return -1;
}
XMEMCPY(&info->clientAddr, &clientAddr, sizeof(clientAddr));
info->server.sockFd = info->listenFd;
@ -1195,7 +1195,7 @@ static int bench_tls_server(info_t* info)
if(info->doDTLS) {
if(tls13) return WOLFSSL_SUCCESS;
srv_ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
} else {
} else {
#endif
#ifdef WOLFSSL_TLS13
if (tls13)
@ -1301,7 +1301,7 @@ static int bench_tls_server(info_t* info)
}
#ifdef WOLFSSL_DTLS
if (info->doDTLS) {
ret = wolfSSL_dtls_set_peer(srv_ssl, &info->clientAddr,
ret = wolfSSL_dtls_set_peer(srv_ssl, &info->clientAddr,
sizeof(info->clientAddr));
if (ret != WOLFSSL_SUCCESS) {
printf("error setting dtls peer\n");
@ -1405,7 +1405,7 @@ static int bench_tls_server(info_t* info)
#ifdef WOLFSSL_DTLS
if (info->doDTLS) {
SetupSocketAndListen(&info->listenFd, info->port, info->doDTLS);
}
}
#endif
}

2
examples/client/client.c
View File

@ -728,7 +728,7 @@ static int StartTLS_Init(SOCKET_T* sockfd)
XMEMSET(tmpBuf, 0, sizeof(tmpBuf));
if (recv(*sockfd, tmpBuf, sizeof(tmpBuf)-1, 0) < 0)
err_sys("failed to read STARTTLS command\n");
tmpBuf[sizeof(tmpBuf)-1] = '\0';
if (!XSTRNCMP(tmpBuf, starttlsCmd[4], XSTRLEN(starttlsCmd[4]))) {
printf("%s\n", tmpBuf);
} else {

29
src/bio.c
View File

@ -159,22 +159,20 @@ static int wolfSSL_BIO_SSL_read(WOLFSSL_BIO* bio, void* buf,
static int wolfSSL_BIO_MD_read(WOLFSSL_BIO* bio, void* buf, int sz)
{
int ret = sz;
if (wolfSSL_EVP_MD_CTX_type((WOLFSSL_EVP_MD_CTX*)bio->ptr) == NID_hmac) {
if (wolfSSL_EVP_DigestSignUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf,
sz) != WOLFSSL_SUCCESS)
{
ret = WOLFSSL_FATAL_ERROR;
return WOLFSSL_FATAL_ERROR;
}
}
else {
if (wolfSSL_EVP_DigestUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf, ret)
if (wolfSSL_EVP_DigestUpdate((WOLFSSL_EVP_MD_CTX*)bio->ptr, buf, sz)
!= WOLFSSL_SUCCESS) {
ret = WOLFSSL_FATAL_ERROR;
return WOLFSSL_FATAL_ERROR;
}
}
return ret;
return sz;
}
#endif /* WOLFCRYPT_ONLY */
@ -609,10 +607,6 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
bio = bio->next;
}
if (frmt != NULL) {
XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
/* info cb, user can override return value */
if (front != NULL && front->infoCb != NULL) {
ret = (int)front->infoCb(front,
@ -620,6 +614,10 @@ int wolfSSL_BIO_write(WOLFSSL_BIO* bio, const void* data, int len)
(const char*)data, 0, 0, ret);
}
if (frmt != NULL) {
XFREE(frmt, front->heap, DYNAMIC_TYPE_TMP_BUFFER);
}
if (retB64 != 0)
return retB64;
else
@ -1527,6 +1525,7 @@ void* wolfSSL_BIO_get_data(WOLFSSL_BIO* bio)
*/
long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on)
{
int ret = 0;
#ifndef WOLFSSL_DTLS
(void)on;
#endif
@ -1538,9 +1537,9 @@ long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on)
{
int flag = XFCNTL(bio->num, F_GETFL, 0);
if (on)
XFCNTL(bio->num, F_SETFL, flag | O_NONBLOCK);
ret = XFCNTL(bio->num, F_SETFL, flag | O_NONBLOCK);
else
XFCNTL(bio->num, F_SETFL, flag & ~O_NONBLOCK);
ret = XFCNTL(bio->num, F_SETFL, flag & ~O_NONBLOCK);
}
#endif
break;
@ -1554,8 +1553,10 @@ long wolfSSL_BIO_set_nbio(WOLFSSL_BIO* bio, long on)
WOLFSSL_MSG("Unsupported bio type for non blocking");
break;
}
return 1;
if (ret != -1)
return 1;
else
return 0;
}

1
src/crl.c
View File

@ -630,6 +630,7 @@ static CRL_Entry* DupCRL_list(CRL_Entry* crl, void* heap)
head = head->next;
FreeCRL_Entry(current, heap);
}
return NULL;
}
current = current->next;

5
src/internal.c
View File

@ -19215,7 +19215,7 @@ int GetCipherSuiteFromName(const char* name, byte* cipherSuite0,
int i;
unsigned long len;
const char* nameDelim;
/* Support trailing : */
nameDelim = XSTRSTR(name, ":");
if (nameDelim)
@ -26933,6 +26933,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifdef WOLFSSL_EXTRA_ALERTS
SendAlert(ssl, alert_fatal, handshake_failure);
#endif
#ifdef HAVE_EXT_CACHE
wolfSSL_SESSION_free(session);
#endif
return EXT_MASTER_SECRET_NEEDED_E;
}
#ifdef HAVE_EXT_CACHE

2
src/keys.c
View File

@ -3385,7 +3385,7 @@ int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side)
/* Initialize the AES-GCM/CCM explicit IV to a zero. */
#ifdef WOLFSSL_DTLS
if (scr_copy)
XMEMCPY(ssl->keys.aead_exp_IV,
XMEMMOVE(ssl->keys.aead_exp_IV,
keys->aead_exp_IV, AEAD_MAX_EXP_SZ);
#endif
XMEMSET(keys->aead_exp_IV, 0, AEAD_MAX_EXP_SZ);

50
src/ssl.c
View File

@ -2508,7 +2508,7 @@ WOLFSSL_ABI
int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list,
word32 protocol_name_listSz, byte options)
{
char *list, *ptr, *token[WOLFSSL_MAX_ALPN_NUMBER]={NULL};
char *list, *ptr, *token[WOLFSSL_MAX_ALPN_NUMBER+1]={NULL};
word16 len;
int idx = 0;
int ret = WOLFSSL_FAILURE;
@ -8430,6 +8430,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
wolfSSL_ASN1_OBJECT_free(ext->obj);
wolfSSL_X509_EXTENSION_free(ext);
FreeDecodedCert(&cert);
XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
ext->obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA;
@ -8499,7 +8500,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
int nid;
const int sz = CTC_NAME_SIZE*2;
int rc = WOLFSSL_FAILURE;
char tmp[CTC_NAME_SIZE*2];
char tmp[CTC_NAME_SIZE*2] = {0};
WOLFSSL_ENTER("wolfSSL_X509V3_EXT_print");
if ((out == NULL) || (ext == NULL)) {
@ -8514,7 +8515,7 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
}
str = wolfSSL_X509_EXTENSION_get_data(ext);
if (obj == NULL) {
if (str == NULL) {
WOLFSSL_MSG("Error getting ASN1_STRING from X509_EXTENSION");
return rc;
}
@ -8638,7 +8639,7 @@ const WOLFSSL_v3_ext_method* wolfSSL_X509V3_EXT_get(WOLFSSL_X509_EXTENSION* ex)
WOLFSSL_MSG("Failed to get nid from passed extension object");
return NULL;
}
XMEMSET(&method, 0, sizeof(WOLFSSL_v3_ext_method));
switch (nid) {
case NID_basic_constraints:
break;
@ -11539,7 +11540,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
if (ssl->buffers.outputBuffer.length > 0
#ifdef WOLFSSL_ASYNC_CRYPT
/* do not send buffered or advance state if last error was an
/* do not send buffered or advance state if last error was an
async pending operation */
&& ssl->error != WC_PENDING_E
#endif
@ -11951,7 +11952,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
if (ssl->buffers.outputBuffer.length > 0
#ifdef WOLFSSL_ASYNC_CRYPT
/* do not send buffered or advance state if last error was an
/* do not send buffered or advance state if last error was an
async pending operation */
&& ssl->error != WC_PENDING_E
#endif
@ -16565,7 +16566,12 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
WOLFSSL_ENTER("DES_ncbc_encrypt");
/* OpenSSL compat, no ret */
wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc);
if (wc_Des_SetKey(&myDes, (const byte*)schedule,
(const byte*)ivec, !enc) != 0) {
WOLFSSL_MSG("wc_Des_SetKey return error.");
return;
}
lb_sz = length%DES_BLOCK_SIZE;
blk = length/DES_BLOCK_SIZE;
idx -= sizeof(DES_cblock);
@ -23792,7 +23798,7 @@ int wolfSSL_ASN1_TIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_TIME* asnTime)
if (wolfSSL_ASN1_TIME_to_string((WOLFSSL_ASN1_TIME*)asnTime, buf,
sizeof(buf)) == NULL) {
XMEMSET(buf, 0, MAX_TIME_STRING_SZ);
XMEMCPY(buf, "Bad time value", 14);
XSTRNCPY(buf, "Bad time value", sizeof(buf)-1);
ret = WOLFSSL_FAILURE;
}
@ -30470,6 +30476,7 @@ int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
{
void* heap;
int ret;
#ifndef HAVE_FIPS
heap = src->heap;
@ -30484,36 +30491,36 @@ int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
switch (src->macType) {
#ifndef NO_MD5
case WC_MD5:
wc_Md5Copy(&src->hash.md5, &des->hash.md5);
ret = wc_Md5Copy(&src->hash.md5, &des->hash.md5);
break;
#endif /* !NO_MD5 */
#ifndef NO_SHA
case WC_SHA:
wc_ShaCopy(&src->hash.sha, &des->hash.sha);
ret = wc_ShaCopy(&src->hash.sha, &des->hash.sha);
break;
#endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224
case WC_SHA224:
wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);
ret = wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case WC_SHA256:
wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);
ret = wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
case WC_SHA384:
wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);
ret = wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);
break;
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
case WC_SHA512:
wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);
ret = wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);
break;
#endif /* WOLFSSL_SHA512 */
@ -30521,6 +30528,9 @@ int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
return WOLFSSL_FAILURE;
}
if (ret != 0)
return WOLFSSL_FAILURE;
XMEMCPY((byte*)des->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE);
XMEMCPY((byte*)des->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE);
XMEMCPY((byte*)des->innerHash, (byte*)src->innerHash, WC_MAX_DIGEST_SIZE);
@ -41052,7 +41062,7 @@ void wolfSSL_print_all_errors_fp(XFILE fp)
}
#endif /* !NO_FILESYSTEM */
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX ||
#endif /* OPENSSL_ALL || OPENSSL_EXTRA || HAVE_STUNNEL || WOLFSSL_NGINX ||
HAVE_LIGHTY || WOLFSSL_HAPROXY || WOLFSSL_OPENSSH */
@ -41752,7 +41762,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
{
#if defined(WOLFSSL_APACHE_HTTPD) || defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
int count = 0, len = 0, totalSz = 0, tmpSz = 0;
char tmp[ASN_NAME_MAX];
char tmp[ASN_NAME_MAX+1];
char fullName[ASN_NAME_MAX];
const char *buf = NULL;
WOLFSSL_X509_NAME_ENTRY* ne;
@ -43039,7 +43049,8 @@ unsigned long wolfSSL_ERR_peek_error_line_data(const char **file, int *line,
int ret = 0;
while (1) {
if ((ret = wc_PeekErrorNode(-1, file, NULL, line)) < 0) {
ret = wc_PeekErrorNode(-1, file, NULL, line);
if (ret == BAD_MUTEX_E || ret == BAD_FUNC_ARG || ret == BAD_STATE_E) {
WOLFSSL_MSG("Issue peeking at error node in queue");
return 0;
}
@ -44622,7 +44633,10 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
ret = GetInt(&mpi, ai->data, &idx, ai->dataMax);
if (ret != 0) {
#ifdef WOLFSSL_QT
mp_init(&mpi); /* must init mpi */
ret = mp_init(&mpi); /* must init mpi */
if (ret != MP_OKAY) {
return NULL;
}
/* Serial number in QT starts at index 0 of data */
if (mp_read_unsigned_bin(&mpi, (byte*)ai->data, ai->length) != 0) {
mp_clear(&mpi);

11
src/tls.c
View File

@ -3039,8 +3039,6 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, byte* input, word16 length,
if (length == 0)
return 0;
if (length < ENUM_LEN)
return BUFFER_ERROR;
status_type = input[offset++];
@ -3841,13 +3839,10 @@ static void TLSX_PointFormat_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
return;
#endif
}
else {
#ifdef HAVE_FFDHE
return;
#endif
}
}
#ifdef HAVE_FFDHE
return;
#endif
/* turns semaphore on to avoid sending this extension. */
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS));
}

11
src/tls13.c
View File

@ -7216,12 +7216,13 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
{
int ret = 0;
word32 inputLength;
byte type;
word32 size = 0;
WOLFSSL_ENTER("DoTls13HandShakeMsg()");
if (ssl->arrays == NULL) {
byte type;
word32 size;
if (GetHandshakeHeader(ssl, input, inOutIdx, &type, &size,
totalSz) != 0) {
@ -7238,8 +7239,6 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
/* If there is a pending fragmented handshake message,
* pending message size will be non-zero. */
if (ssl->arrays->pendingMsgSz == 0) {
byte type;
word32 size;
if (GetHandshakeHeader(ssl,input, inOutIdx, &type, &size, totalSz) != 0)
return PARSE_ERROR;
@ -7339,7 +7338,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
if (ssl->buffers.outputBuffer.length > 0
#ifdef WOLFSSL_ASYNC_CRYPT
/* do not send buffered or advance state if last error was an
/* do not send buffered or advance state if last error was an
async pending operation */
&& ssl->error != WC_PENDING_E
#endif
@ -8065,7 +8064,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
if (ssl->buffers.outputBuffer.length > 0
#ifdef WOLFSSL_ASYNC_CRYPT
/* do not send buffered or advance state if last error was an
/* do not send buffered or advance state if last error was an
async pending operation */
&& ssl->error != WC_PENDING_E
#endif

617
tests/api.c
View File

File diff suppressed because it is too large Load Diff

2
wolfcrypt/src/evp.c
View File

@ -856,7 +856,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx,
if (ret == WOLFSSL_SUCCESS) {
/* reset cipher state after final */
wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
ret = wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
}
return ret;
}

1
wolfcrypt/src/pkcs12.c
View File

@ -2122,6 +2122,7 @@ static byte* PKCS12_create_cert_content(WC_PKCS12* pkcs12, int nidCert,
XFREE(certBuf, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (ret < 0) {
WOLFSSL_LEAVE("wc_PKCS12_create()", ret);
XFREE(certCi, heap, DYNAMIC_TYPE_TMP_BUFFER);
return NULL;
}
*certCiSz = ret;

23
wolfcrypt/test/test.c
View File

@ -14443,6 +14443,7 @@ int dh_test(void)
(void)tmp;
(void)bytes;
XMEMSET(&rng, 0, sizeof(rng));
/* Use API for coverage. */
ret = wc_InitDhKey(&key);
if (ret != 0) {
@ -17214,13 +17215,17 @@ int openssl_evpSig_test(void)
verf = EVP_MD_CTX_create();
if((sign == NULL)||(verf == NULL)){
printf("error with EVP_MD_CTX_create\n");
EVP_MD_CTX_destroy(sign);
EVP_MD_CTX_destroy(verf);
return ERR_BASE_EVPSIG-10;
}
ret = EVP_SignInit(sign, EVP_sha1());
if(ret != SSL_SUCCESS){
printf("error with EVP_SignInit\n");
return ERR_BASE_EVPSIG-11;
if (ret != SSL_SUCCESS){
printf("error with EVP_SignInit\n");
EVP_MD_CTX_destroy(sign);
EVP_MD_CTX_destroy(verf);
return ERR_BASE_EVPSIG-11;
}
count = sizeof(msg);
@ -17232,6 +17237,10 @@ int openssl_evpSig_test(void)
ret1 = EVP_SignUpdate(sign, pt, count);
ret2 = EVP_SignFinal(sign, sig, &sigSz, prvPkey);
if((ret1 != SSL_SUCCESS) || (ret2 != SSL_SUCCESS)){
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
EVP_MD_CTX_destroy(sign);
EVP_MD_CTX_destroy(verf);
printf("error with EVP_MD_CTX_create\n");
return ERR_BASE_EVPSIG-12;
}
@ -17242,12 +17251,18 @@ int openssl_evpSig_test(void)
ret1 = EVP_VerifyInit(verf, EVP_sha1());
ret2 = EVP_VerifyUpdate(verf, pt, count);
if((ret1 != SSL_SUCCESS) || (ret2 != SSL_SUCCESS)){
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
EVP_MD_CTX_destroy(sign);
EVP_MD_CTX_destroy(verf);
printf("error with EVP_Verify\n");
return ERR_BASE_EVPSIG-13;
}
if (EVP_VerifyFinal(verf, sig, sigSz, pubPkey) != 1) {
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
EVP_MD_CTX_destroy(sign);
EVP_MD_CTX_destroy(verf);
printf("error with EVP_VerifyFinal\n");
return ERR_BASE_EVPSIG-14;
}
@ -17257,6 +17272,8 @@ int openssl_evpSig_test(void)
if (EVP_VerifyFinal(verf, sig, sigSz, pubPkey) == 1) {
XFREE(pubTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
XFREE(prvTmp, HEAP_HINT ,DYNAMIC_TYPE_TMP_BUFFER);
EVP_MD_CTX_destroy(sign);
EVP_MD_CTX_destroy(verf);
printf("EVP_VerifyInit without update not detected\n");
return ERR_BASE_EVPSIG-15;
}