diff --git a/src/keys.c b/src/keys.c index b13fbdf5b..b5b982c1b 100644 --- a/src/keys.c +++ b/src/keys.c @@ -3318,9 +3318,7 @@ int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, DYNAMIC_TYPE_CIPHER); if (enc->hmac == NULL) return MEMORY_E; - } - if (enc) { if (wc_HmacInit(enc->hmac, heap, devId) != 0) { WOLFSSL_MSG("HmacInit failed in SetKeys"); XFREE(enc->hmac, heap, DYNAMIC_TYPE_CIPHER); @@ -3334,9 +3332,7 @@ int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, DYNAMIC_TYPE_CIPHER); if (dec->hmac == NULL) return MEMORY_E; - } - if (dec) { if (wc_HmacInit(dec->hmac, heap, devId) != 0) { WOLFSSL_MSG("HmacInit failed in SetKeys"); XFREE(dec->hmac, heap, DYNAMIC_TYPE_CIPHER); diff --git a/src/tls13.c b/src/tls13.c index 90e4568f4..e8268939b 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -2534,7 +2534,6 @@ static int Tls13IntegrityOnly_Encrypt(WOLFSSL* ssl, byte* output, /* Copy the input to output if not the same buffer */ if (ret == 0 && output != input) XMEMCPY(output, input, sz); - return ret; } #endif @@ -2930,7 +2929,6 @@ static int Tls13IntegrityOnly_Decrypt(WOLFSSL* ssl, byte* output, /* Copy the input to output if not the same buffer */ if (ret == 0 && output != input) XMEMCPY(output, input, sz); - return ret; } #endif @@ -3612,7 +3610,7 @@ int CreateCookieExt(const WOLFSSL* ssl, byte* hash, word16 hashSz, macSz = WC_SHA256_DIGEST_SIZE; #endif /* NO_SHA256 */ - ret = wc_HmacInit(&cookieHmac, ssl->heap, INVALID_DEVID); + ret = wc_HmacInit(&cookieHmac, ssl->heap, ssl->devId); if (ret == 0) { ret = wc_HmacSetKey(&cookieHmac, cookieType, ssl->buffers.tls13CookieSecret.buffer, @@ -6394,7 +6392,7 @@ int TlsCheckCookie(const WOLFSSL* ssl, const byte* cookie, word16 cookieSz) return HRR_COOKIE_ERROR; cookieSz -= macSz; - ret = wc_HmacInit(&cookieHmac, ssl->heap, INVALID_DEVID); + ret = wc_HmacInit(&cookieHmac, ssl->heap, ssl->devId); if (ret == 0) { ret = wc_HmacSetKey(&cookieHmac, cookieType, ssl->buffers.tls13CookieSecret.buffer, diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index 5d4f4a1e3..44dc31cb6 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -10026,7 +10026,8 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv, #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI) if ((ret == 0) && (aes->streamData == NULL)) { /* Allocate buffers for streaming. */ - aes->streamData = (byte*)XMALLOC(5 * AES_BLOCK_SIZE, aes->heap, + aes->streamData_sz = 5 * AES_BLOCK_SIZE; + aes->streamData = (byte*)XMALLOC(aes->streamData_sz, aes->heap, DYNAMIC_TYPE_AES); if (aes->streamData == NULL) { ret = MEMORY_E; @@ -10513,7 +10514,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, WC_RNG* rng) { #ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; + Aes *aes; #else Aes aes[1]; #endif @@ -10526,25 +10527,24 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, } #ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; -#endif - + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else ret = wc_AesInit(aes, NULL, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesGcmSetKey(aes, key, keySz); - if (ret == 0) - ret = wc_AesGcmSetIV(aes, ivSz, NULL, 0, rng); - if (ret == 0) - ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz, +#endif + if (ret != 0) + return ret; + + ret = wc_AesGcmSetKey(aes, key, keySz); + if (ret == 0) + ret = wc_AesGcmSetIV(aes, ivSz, NULL, 0, rng); + if (ret == 0) + ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz, authTag, authTagSz, authIn, authInSz); - aes->isAllocated = 0; - wc_AesFree(aes); - } - ForceZero(aes, sizeof *aes); + #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); + wc_AesDelete(&aes); +#else + wc_AesFree(aes); #endif return ret; @@ -10570,24 +10570,21 @@ int wc_GmacVerify(const byte* key, word32 keySz, } #ifdef WOLFSSL_SMALL_STACK - if ((aes = (Aes *)XMALLOC(sizeof *aes, NULL, - DYNAMIC_TYPE_AES)) == NULL) - return MEMORY_E; -#endif - + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else ret = wc_AesInit(aes, NULL, INVALID_DEVID); +#endif if (ret == 0) { ret = wc_AesGcmSetKey(aes, key, keySz); if (ret == 0) ret = wc_AesGcmDecrypt(aes, NULL, NULL, 0, iv, ivSz, authTag, authTagSz, authIn, authInSz); - aes->isAllocated = 0; - wc_AesFree(aes); } - ForceZero(aes, sizeof *aes); #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); + wc_AesDelete(&aes); +#else + wc_AesFree(aes); #endif #else (void)key; @@ -11300,18 +11297,24 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz, #endif /* HAVE_AESCCM */ #ifndef WC_NO_CONSTRUCTORS -Aes* wc_AesNew(void* heap, int devId) +Aes* wc_AesNew(void* heap, int devId, int *result_code) { + int ret; Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); - if (aes != NULL) { - if (wc_AesInit(aes, heap, devId) != 0) { + if (aes == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_AesInit(aes, heap, devId); + if (ret != 0) { XFREE(aes, heap, DYNAMIC_TYPE_AES); aes = NULL; } - else { - aes->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return aes; } @@ -11326,7 +11329,7 @@ int wc_AesDelete(Aes** aes) } #endif /* !WC_NO_CONSTRUCTORS */ -/* Initialize Aes for use with async hardware */ +/* Initialize Aes */ int wc_AesInit(Aes* aes, void* heap, int devId) { int ret = 0; @@ -11334,18 +11337,12 @@ int wc_AesInit(Aes* aes, void* heap, int devId) if (aes == NULL) return BAD_FUNC_ARG; - aes->isAllocated = 0; - aes->heap = heap; - aes->rounds = 0; + XMEMSET(aes, 0, sizeof(*aes)); -#ifdef WOLFSSL_AESNI - /* clear here for the benefit of wc_AesGcmInit(). */ - aes->use_aesni = 0; -#endif + aes->heap = heap; #ifdef WOLF_CRYPTO_CB aes->devId = devId; - aes->devCtx = NULL; #else (void)devId; #endif @@ -11358,51 +11355,18 @@ int wc_AesInit(Aes* aes, void* heap, int devId) aes->alFd = WC_SOCK_NOTSET; aes->rdFd = WC_SOCK_NOTSET; #endif -#ifdef WOLFSSL_KCAPI_AES - aes->handle = NULL; - aes->init = 0; -#endif #if defined(WOLFSSL_DEVCRYPTO) && \ (defined(WOLFSSL_DEVCRYPTO_AES) || defined(WOLFSSL_DEVCRYPTO_CBC)) aes->ctx.cfd = -1; #endif -#if defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES) - XMEMSET(&aes->ctx, 0, sizeof(aes->ctx)); -#endif #if defined(WOLFSSL_IMXRT_DCP) DCPAesInit(aes); #endif -#ifdef WOLFSSL_MAXQ10XX_CRYPTO - XMEMSET(&aes->maxq_ctx, 0, sizeof(aes->maxq_ctx)); -#endif - -#ifdef HAVE_AESGCM -#ifdef OPENSSL_EXTRA - XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH)); - aes->gcm.aadLen = 0; -#endif -#endif - -#ifdef WOLFSSL_AESGCM_STREAM -#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_AESNI) - aes->streamData = NULL; -#endif - aes->keylen = 0; - aes->nonceSz = 0; - aes->gcmKeySet = 0; - aes->nonceSet = 0; - aes->ctrSet = 0; -#endif - #if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES) ret = wc_psa_aes_init(aes); #endif -#if defined(WOLFSSL_RENESAS_FSPSM) - XMEMSET(&aes->ctx, 0, sizeof(aes->ctx)); -#endif - #ifdef WC_DEBUG_CIPHER_LIFECYCLE if (ret == 0) ret = wc_debug_CipherLifecycleInit(&aes->CipherLifecycleTag, aes->heap); @@ -11457,7 +11421,7 @@ int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId) } #endif -/* Free Aes from use with async hardware */ +/* Free Aes resources */ void wc_AesFree(Aes* aes) { if (aes == NULL) { @@ -11503,8 +11467,11 @@ void wc_AesFree(Aes* aes) #endif #if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \ !defined(WOLFSSL_AESNI) - XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES); - aes->streamData = NULL; + if (aes->streamData != NULL) { + ForceZero(aes->streamData, aes->streamData_sz); + XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES); + aes->streamData = NULL; + } #endif #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT) @@ -11527,6 +11494,8 @@ void wc_AesFree(Aes* aes) wc_fspsm_Aesfree(aes); #endif + ForceZero(aes, sizeof(Aes)); + #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(aes, sizeof(Aes)); #endif @@ -14018,29 +13987,17 @@ static WARN_UNUSED_RESULT int AesSivCipher( } } + if (ret == 0) { #ifdef WOLFSSL_SMALL_STACK - if (ret == 0) { - aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_AES); - if (aes == NULL) { - ret = MEMORY_E; - } - } -#endif - - if (ret == 0) { + aes = wc_AesNew(NULL, INVALID_DEVID, &ret); +#else ret = wc_AesInit(aes, NULL, INVALID_DEVID); +#endif if (ret != 0) { WOLFSSL_MSG("Failed to initialized AES object."); } } -#ifndef WOLFSSL_SMALL_STACK - /* make aes has heap hint and isAllocated initialized for cleanup below */ - if (ret != 0) { - XMEMSET(aes, 0, sizeof(Aes)); - } -#endif - if (ret == 0 && dataSz > 0) { sivTmp[12] &= 0x7f; sivTmp[8] &= 0x7f; @@ -14071,14 +14028,10 @@ static WARN_UNUSED_RESULT int AesSivCipher( } #ifdef WOLFSSL_SMALL_STACK - if (aes != NULL) + wc_AesDelete(&aes); +#else + wc_AesFree(aes); #endif - { - wc_AesFree(aes); - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); - #endif - } return ret; } diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c index d4db9b28b..f4c7c11ab 100644 --- a/wolfcrypt/src/curve25519.c +++ b/wolfcrypt/src/curve25519.c @@ -656,19 +656,25 @@ int wc_curve25519_import_private_ex(const byte* priv, word32 privSz, #endif /* HAVE_CURVE25519_KEY_IMPORT */ #ifndef WC_NO_CONSTRUCTORS -curve25519_key* wc_curve25519_new(void* heap, int devId) +curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code) { + int ret; curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap, DYNAMIC_TYPE_CURVE25519); - if (key != NULL) { - if (wc_curve25519_init_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_curve25519_init_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } @@ -725,11 +731,7 @@ void wc_curve25519_free(curve25519_key* key) se050_curve25519_free_key(key); #endif - key->dp = NULL; - ForceZero(key->k, sizeof(key->k)); - XMEMSET(&key->p, 0, sizeof(key->p)); - key->pubSet = 0; - key->privSet = 0; + ForceZero(key, sizeof(*key)); #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(key, sizeof(curve25519_key)); diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c index 02b318774..ce856b901 100644 --- a/wolfcrypt/src/ed25519.c +++ b/wolfcrypt/src/ed25519.c @@ -969,19 +969,25 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 sigLen, const byte* msg, #endif /* HAVE_ED25519_VERIFY */ #ifndef WC_NO_CONSTRUCTORS -ed25519_key* wc_ed25519_new(void* heap, int devId) +ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code) { + int ret; ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, DYNAMIC_TYPE_ED25519); - if (key != NULL) { - if (wc_ed25519_init_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_ed25519_init_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_ED25519); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index 73429c3ac..f2eefad9c 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -687,19 +687,26 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data, } #ifndef WC_NO_CONSTRUCTORS -wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId) +wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, + int *result_code) { + int ret; wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, DYNAMIC_TYPE_HASHES); - if (hash != NULL) { - if (wc_HashInit_ex(hash, type, heap, devId) != 0) { + if (hash == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_HashInit_ex(hash, type, heap, devId); + if (ret != 0) { XFREE(hash, heap, DYNAMIC_TYPE_HASHES); hash = NULL; } - else { - hash->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return hash; } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 9770d321b..dd5f7f8be 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -155,18 +155,24 @@ static void wc_RsaCleanup(RsaKey* key) } #ifndef WC_NO_CONSTRUCTORS -RsaKey* wc_NewRsaKey(void* heap, int devId) +RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code) { + int ret; RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key != NULL) { - if (wc_InitRsaKey_ex(key, heap, devId) != 0) { + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_InitRsaKey_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_RSA); key = NULL; } - else { - key->isAllocated = 1; - } } + + if (result_code != NULL) + *result_code = ret; + return key; } diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 436f0c55f..b7f8131d2 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -935,17 +935,27 @@ static void myFipsCb(int ok, int err, const char* hash) } #endif /* HAVE_FIPS && !WOLFSSL_LINUXKM */ -#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) +#if defined(HAVE_FIPS) && FIPS_VERSION3_LT(6,0,0) && !defined(WC_NO_CONSTRUCTORS) -#if !defined(NO_AES) && !defined(WC_NO_CONSTRUCTORS) -static WC_MAYBE_UNUSED struct Aes *wc_AesNew(void *heap, int thisDevId) { +#if !defined(NO_AES) +static WC_MAYBE_UNUSED Aes* wc_AesNew(void* heap, int devId, int *result_code) +{ + int ret; Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES); - if (aes != NULL) { - if (wc_AesInit(aes, heap, thisDevId) != 0) { + if (aes == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_AesInit(aes, heap, devId); + if (ret != 0) { XFREE(aes, heap, DYNAMIC_TYPE_AES); aes = NULL; } } + + if (result_code != NULL) + *result_code = ret; + return aes; } static WC_MAYBE_UNUSED int wc_AesDelete(Aes** aes) @@ -957,18 +967,27 @@ static WC_MAYBE_UNUSED int wc_AesDelete(Aes** aes) *aes = NULL; return 0; } -#endif /* !NO_AES && !WC_NO_CONSTRUCTORS */ +#endif /* !NO_AES */ -#if !defined(NO_RSA) && !defined(WC_NO_CONSTRUCTORS) -static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int thisDevId) +#if !defined(NO_RSA) +static WC_MAYBE_UNUSED RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code) { + int ret; RsaKey* key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key != NULL) { - if (wc_InitRsaKey_ex(key, heap, thisDevId) != 0) { + if (key = NULL) { + ret = MEMORY_E; + } + else { + ret = wc_InitRsaKey_ex(key, heap, devId); + if (ret != 0) { XFREE(key, heap, DYNAMIC_TYPE_RSA); key = NULL; } } + + if (result_code != NULL) + *result_code = ret; + return key; } static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey** key) @@ -980,9 +999,112 @@ static WC_MAYBE_UNUSED int wc_DeleteRsaKey(RsaKey** key) *key = NULL; return 0; } -#endif /* !NO_RSA && !WC_NO_CONSTRUCTORS */ +#endif /* !NO_RSA */ -#endif /* FIPS_VERSION3_LT(6,0,0) */ +#if !defined(NO_HASH_WRAPPER) +static WC_MAYBE_UNUSED wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, int devId, + int *result_code) +{ + int ret; + wc_HashAlg* hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, + DYNAMIC_TYPE_HASHES); + if (hash == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_HashInit_ex(hash, type, heap, devId); + if (ret != 0) { + XFREE(hash, heap, DYNAMIC_TYPE_HASHES); + hash = NULL; + } + } + + if (result_code != NULL) + *result_code = ret; + + return hash; +} + +static WC_MAYBE_UNUSED int wc_HashDelete(wc_HashAlg **hash) { + int ret; + if ((hash == NULL) || (*hash == NULL)) + return BAD_FUNC_ARG; + ret = wc_HashFree(*hash, (*hash)->type); + if (ret < 0) + return ret; + XFREE(*hash, (*hash)->heap, DYNAMIC_TYPE_HASHES); + *hash = NULL; + return 0; +} +#endif /* !NO_HASH_WRAPPER */ + +#if defined(HAVE_CURVE25519) +static WC_MAYBE_UNUSED curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code) +{ + int ret; + curve25519_key* key = (curve25519_key*)XMALLOC(sizeof(curve25519_key), heap, + DYNAMIC_TYPE_CURVE25519); + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_curve25519_init_ex(key, heap, devId); + if (ret != 0) { + XFREE(key, heap, DYNAMIC_TYPE_CURVE25519); + key = NULL; + } + } + + if (result_code != NULL) + *result_code = ret; + + return key; +} + +static WC_MAYBE_UNUSED int wc_curve25519_delete(curve25519_key** key) { + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_curve25519_free(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_CURVE25519); + *key = NULL; + return 0; +} +#endif /* HAVE_CURVE25519 */ + +#if defined(HAVE_ED25519) +static WC_MAYBE_UNUSED ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code) +{ + int ret; + ed25519_key* key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, + DYNAMIC_TYPE_ED25519); + if (key == NULL) { + ret = MEMORY_E; + } + else { + ret = wc_ed25519_init_ex(key, heap, devId); + if (ret != 0) { + XFREE(key, heap, DYNAMIC_TYPE_ED25519); + key = NULL; + } + } + + if (result_code != NULL) + *result_code = ret; + + return key; +} + +static WC_MAYBE_UNUSED int wc_ed25519_delete(ed25519_key** key) { + if ((key == NULL) || (*key == NULL)) + return BAD_FUNC_ARG; + wc_ed25519_free(*key); + XFREE(*key, (*key)->heap, DYNAMIC_TYPE_ED25519); + *key = NULL; + return 0; +} +#endif /* HAVE_ED25519 */ + +#endif /* FIPS_VERSION3_LT(6,0,0) && !WC_NO_CONSTRUCTORS */ #ifdef WOLFSSL_STATIC_MEMORY #if defined(WOLFSSL_STATIC_MEMORY_TEST_SZ) @@ -6051,9 +6173,8 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void) WOLFSSL_ENTER("hash_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - hash = wc_HashNew(WC_HASH_TYPE_SHA256, HEAP_HINT, devId); + hash = wc_HashNew(WC_HASH_TYPE_SHA256, HEAP_HINT, devId, &ret); if (hash == NULL) { - ret = MEMORY_E; return WC_TEST_RET_ENC_EC(ret); } #else @@ -9301,13 +9422,13 @@ EVP_TEST_END: WOLFSSL_ENTER("aesofb_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -9702,13 +9823,13 @@ EVP_TEST_END: #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -9999,13 +10120,13 @@ EVP_TEST_END: #endif /* WOLFSSL_AES_256 */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -10257,13 +10378,13 @@ EVP_TEST_END: #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -10406,9 +10527,9 @@ static wc_test_ret_t aes_key_size_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - aes = wc_AesNew(HEAP_HINT, devId); + aes = wc_AesNew(HEAP_HINT, devId, &ret); if (aes == NULL) - return WC_TEST_RET_ENC_ERRNO; + return WC_TEST_RET_ENC_EC(ret); #else ret = wc_AesInit(aes, HEAP_HINT, devId); /* 0 check OK for FIPSv1 */ @@ -13417,12 +13538,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void) WOLFSSL_ENTER("aes_ctr_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); XMEMSET(dec, 0, sizeof(Aes)); @@ -13765,13 +13886,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_cbc_test(void) WOLFSSL_ENTER("aes_cbc_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14169,13 +14290,13 @@ static wc_test_ret_t aes_ecb_direct_test(void) #endif #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else ret = wc_AesInit(enc, HEAP_HINT, devId); @@ -14341,13 +14462,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void) WOLFSSL_ENTER("aes192_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14471,13 +14592,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void) WOLFSSL_ENTER("aes256_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #ifdef HAVE_AES_DECRYPT - dec = wc_AesNew(HEAP_HINT, devId); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #endif #else XMEMSET(enc, 0, sizeof(Aes)); @@ -14650,12 +14771,12 @@ static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, XMEMSET(resultP, 0, sizeof(resultP)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); XMEMSET(dec, 0, sizeof(Aes)); @@ -15082,12 +15203,12 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void) XMEMSET(resultP, 0, sizeof(resultP)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); - dec = wc_AesNew(HEAP_HINT, devId); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); + dec = wc_AesNew(HEAP_HINT, devId, &ret); if (dec == NULL) - ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else ret = wc_AesInit(enc, HEAP_HINT, devId); if (ret != 0) @@ -15864,9 +15985,9 @@ static wc_test_ret_t aesccm_256_test(void) byte atag[sizeof(exp_tag)]; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - Aes* aes = wc_AesNew(HEAP_HINT, devId); + Aes* aes = wc_AesNew(HEAP_HINT, devId, &ret); if (aes == NULL) { - ret = WC_TEST_RET_ENC_EC(MEMORY_E); + ret = WC_TEST_RET_ENC_EC(ret); } #else Aes aes[1]; @@ -16020,9 +16141,9 @@ static wc_test_ret_t aesccm_128_test(void) XMEMSET(p2, 0, sizeof(p2)); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - enc = wc_AesNew(HEAP_HINT, devId); + enc = wc_AesNew(HEAP_HINT, devId, &ret); if (enc == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), out); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out); #else XMEMSET(enc, 0, sizeof(Aes)); ret = wc_AesInit(enc, HEAP_HINT, devId); @@ -21578,13 +21699,13 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void) XMEMCPY(in, inStr, inLen); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key = wc_NewRsaKey(HEAP_HINT, devId); + key = wc_NewRsaKey(HEAP_HINT, devId, &ret); if (key == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_CERT_GEN) - keypub = wc_NewRsaKey(HEAP_HINT, devId); + keypub = wc_NewRsaKey(HEAP_HINT, devId, &ret); if (keypub == NULL) - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit_rsa); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa); #endif #ifdef WOLFSSL_TEST_CERT if (cert == NULL) @@ -35080,12 +35201,15 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void) WOLFSSL_ENTER("curve25519_test"); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - userA = wc_curve25519_new(HEAP_HINT, devId); - userB = wc_curve25519_new(HEAP_HINT, devId); - pubKey = wc_curve25519_new(HEAP_HINT, devId); - if (userA == NULL || userB == NULL || pubKey == NULL) { - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), cleanup); - } + userA = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + userB = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + pubKey = wc_curve25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #else wc_curve25519_init_ex(userA, HEAP_HINT, devId); wc_curve25519_init_ex(userB, HEAP_HINT, devId); @@ -36175,18 +36299,16 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) return WC_TEST_RET_ENC_EC(ret); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) - key = wc_ed25519_new(HEAP_HINT, devId); - key2 = wc_ed25519_new(HEAP_HINT, devId); - if (key == NULL || key2 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } + key = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); + key2 = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #if !defined(NO_ASN) && defined(HAVE_ED25519_SIGN) - key3 = wc_ed25519_new(HEAP_HINT, devId); - if (key3 == NULL) { - ret = MEMORY_E; - return WC_TEST_RET_ENC_EC(ret); - } + key3 = wc_ed25519_new(HEAP_HINT, devId, &ret); + if (ret != 0) + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif #else wc_ed25519_init_ex(key, HEAP_HINT, devId); @@ -36213,70 +36335,70 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) if (wc_ed25519_import_private_key(sKeys[i], ED25519_KEY_SIZE, pKeys[i], pKeySz[i], key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_sign_msg(msgs[i], msgSz[i], out, &outlen, key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (XMEMCMP(out, sigs[i], 64)) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #if defined(HAVE_ED25519_VERIFY) /* test verify on good msg */ if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #ifdef WOLFSSL_ED25519_STREAMING_VERIFY /* test verify on good msg using streaming interface directly */ if (wc_ed25519_verify_msg_init(out, outlen, key, (byte)Ed25519, NULL, 0) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); for (j = 0; j < msgSz[i]; j += i) { if (wc_ed25519_verify_msg_update(msgs[i] + j, MIN(i, msgSz[i] - j), key) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); } if (wc_ed25519_verify_msg_final(out, outlen, &verify, key) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* WOLFSSL_ED25519_STREAMING_VERIFY */ /* test verify on bad msg */ out[outlen-1] = out[outlen-1] + 1; if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key) == 0 || verify == 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* HAVE_ED25519_VERIFY */ /* test api for import/exporting keys */ exportPSz = sizeof(exportPKey); exportSSz = sizeof(exportSKey); if (wc_ed25519_export_public(key, exportPKey, &exportPSz) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_import_public_ex(exportPKey, exportPSz, key2, 1) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_export_private_only(key, exportSKey, &exportSSz) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (wc_ed25519_import_private_key(exportSKey, exportSSz, exportPKey, exportPSz, key2) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); /* clear "out" buffer and test sign with imported keys */ outlen = sizeof(out); XMEMSET(out, 0, sizeof(out)); if (wc_ed25519_sign_msg(msgs[i], msgSz[i], out, &outlen, key2) != 0) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #if defined(HAVE_ED25519_VERIFY) if (wc_ed25519_verify_msg(out, outlen, msgs[i], msgSz[i], &verify, key2) != 0 || verify != 1) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); if (XMEMCMP(out, sigs[i], 64)) - return WC_TEST_RET_ENC_I(i); + ERROR_OUT(WC_TEST_RET_ENC_I(i), cleanup); #endif /* HAVE_ED25519_VERIFY */ } @@ -36330,36 +36452,36 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_ed25519_import_private_key(sKeys[0], ED25519_KEY_SIZE, pKeys[0], pKeySz[0], key); if (ret != 0) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd1, sizeof(rareEd1), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd2, sizeof(rareEd2), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd3, sizeof(rareEd3), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_verify_msg(rareEd4, sizeof(rareEd4), msgs[0], msgSz[0], &verify, key); if (ret != WC_NO_ERR_TRACE(SIG_VERIFY_E)) - return ret; + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); } ret = ed25519ctx_test(); if (ret != 0) - return ret; + goto cleanup; ret = ed25519ph_test(); if (ret != 0) - return ret; + goto cleanup; #ifndef NO_ASN /* Try ASN.1 encoded private-only key and public key. */ @@ -36367,41 +36489,41 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_Ed25519PrivateKeyDecode(privateEd25519, &idx, key3, sizeof(privateEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); idx = 0; if (wc_Ed25519PrivateKeyDecode(badPrivateEd25519, &idx, key3, sizeof(badPrivateEd25519)) == 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != WC_NO_ERR_TRACE(BAD_FUNC_ARG)) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); /* try with a buffer size that is too large */ idx = 0; if (wc_Ed25519PublicKeyDecode(badPublicEd25519, &idx, key3, sizeof(badPublicEd25519)) == 0) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); idx = 0; ret = wc_Ed25519PublicKeyDecode(publicEd25519, &idx, key3, sizeof(publicEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(out, sigs[0], 64)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #if defined(HAVE_ED25519_VERIFY) /* test verify on good msg */ ret = wc_ed25519_verify_msg(out, outlen, msgs[0], msgSz[0], &verify, key3); if (ret != 0 || verify != 1) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); #endif /* HAVE_ED25519_VERIFY */ @@ -36412,14 +36534,14 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) ret = wc_Ed25519PrivateKeyDecode(privPubEd25519, &idx, key3, sizeof(privPubEd25519)); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); ret = wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, key3); if (ret != 0) - return WC_TEST_RET_ENC_EC(ret); + ERROR_OUT(WC_TEST_RET_ENC_EC(ret), cleanup); if (XMEMCMP(out, sigs[0], 64)) - return WC_TEST_RET_ENC_NC; + ERROR_OUT(WC_TEST_RET_ENC_NC, cleanup); #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) wc_ed25519_delete(&key3); @@ -36429,6 +36551,22 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) #endif /* NO_ASN */ #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_EXPORT && HAVE_ED25519_KEY_IMPORT */ + ret = ed25519_test_check_key(); + if (ret < 0) + goto cleanup; +#ifdef WOLFSSL_TEST_CERT + ret = ed25519_test_cert(); + if (ret < 0) + goto cleanup; +#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY) + ret = ed25519_test_make_cert(); + if (ret < 0) + goto cleanup; +#endif /* WOLFSSL_CERT_GEN */ +#endif /* WOLFSSL_TEST_CERT */ + +cleanup: + /* clean up keys when done */ #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) wc_ed25519_delete(&key); @@ -36446,21 +36584,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void) (void)keySz; (void)sigSz; - ret = ed25519_test_check_key(); - if (ret < 0) - return ret; -#ifdef WOLFSSL_TEST_CERT - ret = ed25519_test_cert(); - if (ret < 0) - return ret; -#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY) - ret = ed25519_test_make_cert(); - if (ret < 0) - return ret; -#endif /* WOLFSSL_CERT_GEN */ -#endif /* WOLFSSL_TEST_CERT */ - - return 0; + return ret; } #endif /* HAVE_ED25519 */ diff --git a/wolfssl/wolfcrypt/aes.h b/wolfssl/wolfcrypt/aes.h index a4327d0ee..6f1a313bf 100644 --- a/wolfssl/wolfcrypt/aes.h +++ b/wolfssl/wolfcrypt/aes.h @@ -327,7 +327,7 @@ struct Aes { int alFd; /* server socket to bind to */ int rdFd; /* socket to read from */ struct msghdr msg; - int dir; /* flag for encrpyt or decrypt */ + int dir; /* flag for encrypt or decrypt */ #ifdef WOLFSSL_AFALG_XILINX_AES word32 msgBuf[CMSG_SPACE(4) + CMSG_SPACE(sizeof(struct af_alg_iv) + GCM_NONCE_MID_SZ)]; @@ -382,6 +382,7 @@ struct Aes { ALIGN16 byte streamData[5 * AES_BLOCK_SIZE]; #else byte* streamData; + word32 streamData_sz; #endif word32 aSz; word32 cSz; @@ -392,7 +393,6 @@ struct Aes { WC_BITFIELD nonceSet:1; WC_BITFIELD ctrSet:1; #endif - WC_BITFIELD isAllocated:1; /* flag indicates if structure was allocated */ #ifdef WC_DEBUG_CIPHER_LIFECYCLE void *CipherLifecycleTag; /* used for dummy allocation and initialization, * trackable by sanitizers. @@ -728,7 +728,7 @@ WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap, #endif WOLFSSL_API void wc_AesFree(Aes* aes); #ifndef WC_NO_CONSTRUCTORS -WOLFSSL_API Aes* wc_AesNew(void* heap, int devId); +WOLFSSL_API Aes* wc_AesNew(void* heap, int devId, int *result_code); WOLFSSL_API int wc_AesDelete(Aes** aes); #endif diff --git a/wolfssl/wolfcrypt/curve25519.h b/wolfssl/wolfcrypt/curve25519.h index adf7fe660..e2367e21b 100644 --- a/wolfssl/wolfcrypt/curve25519.h +++ b/wolfssl/wolfcrypt/curve25519.h @@ -99,9 +99,6 @@ struct curve25519_key { /* bit fields */ WC_BITFIELD pubSet:1; WC_BITFIELD privSet:1; -#ifndef WC_NO_CONSTRUCTORS - WC_BITFIELD isAllocated:1; -#endif }; enum { @@ -144,10 +141,11 @@ void wc_curve25519_free(curve25519_key* key); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API -curve25519_key* wc_curve25519_new(void* heap, int devId); +curve25519_key* wc_curve25519_new(void* heap, int devId, int *result_code); WOLFSSL_API int wc_curve25519_delete(curve25519_key** key); #endif +WOLFSSL_API /* raw key helpers */ WOLFSSL_API diff --git a/wolfssl/wolfcrypt/ed25519.h b/wolfssl/wolfcrypt/ed25519.h index f29dcfa3b..5f017e31a 100644 --- a/wolfssl/wolfcrypt/ed25519.h +++ b/wolfssl/wolfcrypt/ed25519.h @@ -97,9 +97,6 @@ struct ed25519_key { WC_BITFIELD privKeySet:1; WC_BITFIELD pubKeySet:1; WC_BITFIELD sha_clean_flag:1; /* only used if WOLFSSL_ED25519_PERSISTENT_SHA */ -#ifndef WC_NO_CONSTRUCTORS - WC_BITFIELD isAllocated:1; -#endif #ifdef WOLFSSL_ASYNC_CRYPT WC_ASYNC_DEV asyncDev; #endif @@ -186,10 +183,11 @@ WOLFSSL_API void wc_ed25519_free(ed25519_key* key); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API -ed25519_key* wc_ed25519_new(void* heap, int devId); +ed25519_key* wc_ed25519_new(void* heap, int devId, int *result_code); WOLFSSL_API int wc_ed25519_delete(ed25519_key** key); #endif +WOLFSSL_API #ifdef HAVE_ED25519_KEY_IMPORT WOLFSSL_API diff --git a/wolfssl/wolfcrypt/hash.h b/wolfssl/wolfcrypt/hash.h index 3d235bc4f..2c3bd0363 100644 --- a/wolfssl/wolfcrypt/hash.h +++ b/wolfssl/wolfcrypt/hash.h @@ -127,7 +127,6 @@ typedef struct { enum wc_HashType type; /* sanity check */ #ifndef WC_NO_CONSTRUCTORS void *heap; - WC_BITFIELD isAllocated:1; #endif } wc_HashAlg; #endif /* !NO_HASH_WRAPPER */ @@ -195,7 +194,7 @@ WOLFSSL_API int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, WOLFSSL_API int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type); #ifndef WC_NO_CONSTRUCTORS WOLFSSL_API wc_HashAlg* wc_HashNew(enum wc_HashType type, void* heap, - int devId); + int devId, int *result_code); WOLFSSL_API int wc_HashDelete(wc_HashAlg **hash); #endif diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index be9aee32a..4b30e455e 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -269,9 +269,6 @@ struct RsaKey { #if defined(WOLFSSL_RENESAS_FSPSM) FSPSM_RSA_CTX ctx; #endif -#ifndef WC_NO_CONSTRUCTORS - WC_BITFIELD isAllocated:1; -#endif }; #ifndef WC_RSAKEY_TYPE_DEFINED @@ -299,7 +296,7 @@ WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId); WOLFSSL_API int wc_FreeRsaKey(RsaKey* key); #ifndef WC_NO_CONSTRUCTORS -WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId); +WOLFSSL_API RsaKey* wc_NewRsaKey(void* heap, int devId, int *result_code); WOLFSSL_API int wc_DeleteRsaKey(RsaKey** key); #endif diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index f1be16b9b..1b437c100 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -612,6 +612,10 @@ typedef struct w64wrapper { #endif /* WOLFSSL_STATIC_MEMORY */ #endif + #if defined(WOLFSSL_SMALL_STACK) && defined(WC_NO_CONSTRUCTORS) + #error WOLFSSL_SMALL_STACK requires constructors. + #endif + #include /* declare/free variable handling for async and smallstack */