WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

1. Added more options to the full commit test. 

2. Cleanups from static analysis.
pull/1/head v3.0.0
John Safranek 2014-04-30 15:01:10 -07:00
parent 85d453f2d1
commit fb5200aa95
5 changed files with 409 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
commit-tests.sh
View File

@ -23,7 +23,7 @@ RESULT=$?
# make sure full config is ok
echo -e "\n\nTesting full config as well...\n\n"
./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia --enable-sha512;
./configure --enable-opensslextra --enable-ecc --enable-dtls --enable-aesgcm --enable-aesccm --enable-hc128 --enable-sniffer --enable-psk --enable-rabbit --enable-camellia --enable-sha512 --enable-crl --enable-ocsp --enable-savesession --enable-savecert --enable-atomicuser --enable-pkcallbacks --enable-scep;
RESULT=$?
[ $RESULT -ne 0 ] && echo -e "\n\nFull config ./configure failed" && exit 1

1
ctaocrypt/src/hc128.c
View File

@ -338,6 +338,7 @@ static INLINE int DoProcess(HC128* ctx, byte* output, const byte* input,
if (msglen > 0)
{
XMEMSET(keystream, 0, sizeof(keystream)); /* hush the static analysis */
generate_keystream(ctx, keystream);
#ifdef BIG_ENDIAN_ORDER

10
ctaocrypt/src/pkcs7.c
View File

@ -585,11 +585,7 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
byte* content = NULL;
byte* sig = NULL;
byte* cert = NULL;
byte* signedAttr = NULL;
int contentSz = 0, sigSz = 0, certSz = 0, signedAttrSz = 0;
(void)signedAttr; /* not used yet, just set */
(void)signedAttrSz;
int contentSz = 0, sigSz = 0, certSz = 0;
if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0)
return BAD_FUNC_ARG;
@ -750,10 +746,6 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
/* save pointer and length */
signedAttr = &pkiMsg[idx];
signedAttrSz = length;
idx += length;
}

492
ctaocrypt/test/test.c
View File

@ -2792,44 +2792,87 @@ int rsa_test(void)
FILE* pemFile;
ret = InitRsaKey(&genKey, 0);
if (ret != 0) return -300;
if (ret != 0)
return -300;
ret = MakeRsaKey(&genKey, 1024, 65537, &rng);
if (ret != 0)
return -301;
der = (byte*)malloc(FOURK_BUF);
if (der == NULL)
if (der == NULL) {
FreeRsaKey(&genKey);
return -307;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(der);
FreeRsaKey(&genKey);
return -308;
}
derSz = RsaKeyToDer(&genKey, der, FOURK_BUF);
if (derSz < 0)
if (derSz < 0) {
free(der);
free(pem);
return -302;
}
keyFile = fopen("./key.der", "wb");
if (!keyFile)
if (!keyFile) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -303;
ret = (int)fwrite(der, derSz, 1, keyFile);
}
ret = (int)fwrite(der, 1, derSz, keyFile);
fclose(keyFile);
if (ret != derSz) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -313;
}
pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -304;
}
pemFile = fopen("./key.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -305;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile);
if (ret != pemSz) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -314;
}
ret = InitRsaKey(&derIn, 0);
if (ret != 0) return -3060;
if (ret != 0) {
free(der);
free(pem);
FreeRsaKey(&genKey);
return -3060;
}
idx = 0;
ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
if (ret != 0)
if (ret != 0) {
free(der);
free(pem);
FreeRsaKey(&derIn);
FreeRsaKey(&genKey);
return -306;
}
FreeRsaKey(&derIn);
FreeRsaKey(&genKey);
@ -2857,8 +2900,10 @@ int rsa_test(void)
if (derCert == NULL)
return -309;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -310;
}
InitCert(&myCert);
@ -2873,31 +2918,56 @@ int rsa_test(void)
myCert.sigType = CTC_SHA256wRSA;
certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
return -401;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(derCert);
free(pem);
return -402;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./cert.der", "wb");
if (!derFile)
if (!derFile) {
free(derCert);
free(pem);
return -403;
ret = (int)fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(derCert);
free(pem);
return -414;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(derCert);
free(pem);
return -404;
}
pemFile = fopen("./cert.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(derCert);
free(pem);
return -405;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile);
if (ret != pemSz) {
free(derCert);
free(pem);
return -406;
}
free(pem);
free(derCert);
}
@ -2922,21 +2992,35 @@ int rsa_test(void)
if (derCert == NULL)
return -311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -312;
}
file3 = fopen(caKeyFile, "rb");
if (!file3)
if (!file3) {
free(derCert);
free(pem);
return -412;
}
bytes3 = fread(tmp, 1, FOURK_BUF, file3);
fclose(file3);
ret = InitRsaKey(&caKey, 0);
if (ret != 0) return -411;
if (ret != 0) {
free(derCert);
free(pem);
return -411;
}
ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) return -413;
if (ret != 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -413;
}
InitCert(&myCert);
@ -2949,41 +3033,81 @@ int rsa_test(void)
strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, caCertFile);
if (ret < 0)
if (ret < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -405;
}
certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -407;
}
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -408;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -409;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./othercert.der", "wb");
if (!derFile)
if (!derFile) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -410;
ret = (int)fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -416;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -411;
}
pemFile = fopen("./othercert.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -412;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
if (ret != pemSz) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -415;
}
fclose(pemFile);
free(pem);
free(derCert);
@ -3002,7 +3126,7 @@ int rsa_test(void)
int pemSz;
size_t bytes3;
word32 idx3 = 0;
FILE* file3 ;
FILE* file3;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
@ -3011,20 +3135,29 @@ int rsa_test(void)
if (derCert == NULL)
return -5311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -5312;
}
file3 = fopen(eccCaKeyFile, "rb");
if (!file3)
if (!file3) {
free(derCert);
free(pem);
return -5412;
}
bytes3 = fread(tmp, 1, FOURK_BUF, file3);
fclose(file3);
ecc_init(&caKey);
ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
if (ret != 0) return -5413;
if (ret != 0) {
free(derCert);
free(pem);
return -5413;
}
InitCert(&myCert);
myCert.sigType = CTC_SHA256wECDSA;
@ -3038,40 +3171,80 @@ int rsa_test(void)
strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, eccCaCertFile);
if (ret < 0)
if (ret < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5405;
}
certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
if (certSz < 0)
if (certSz < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5407;
}
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
NULL, &caKey, &rng);
if (certSz < 0)
if (certSz < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5408;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5409;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./certecc.der", "wb");
if (!derFile)
if (!derFile) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5410;
ret = (int)fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5414;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5411;
}
pemFile = fopen("./certecc.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5412;
ret = (int)fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
if (ret != pemSz) {
free(pem);
free(derCert);
ecc_free(&caKey);
return -5415;
}
fclose(pemFile);
free(pem);
free(derCert);
@ -3090,8 +3263,7 @@ int rsa_test(void)
FILE* ntruPrivFile;
int certSz;
int pemSz;
size_t bytes;
word32 idx = 0;
word32 idx3;
#ifdef CYASSL_TEST_CERT
DecodedCert decode;
#endif
@ -3099,8 +3271,10 @@ int rsa_test(void)
if (derCert == NULL)
return -311;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(derCert);
return -312;
}
byte public_key[557]; /* sized for EES401EP2 */
word16 public_key_len; /* no. of octets in public key */
@ -3112,33 +3286,53 @@ int rsa_test(void)
};
word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
GetEntropy, &drbg);
if (rc != DRBG_OK)
if (rc != DRBG_OK) {
free(derCert);
free(pem);
return -450;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
NULL, &private_key_len, NULL);
if (rc != NTRU_OK)
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -451;
}
rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
public_key, &private_key_len, private_key);
crypto_drbg_uninstantiate(drbg);
if (rc != NTRU_OK)
if (rc != NTRU_OK) {
free(derCert);
free(pem);
return -452;
}
caFile = fopen(caKeyFile, "rb");
if (!caFile)
if (!caFile) {
free(derCert);
free(pem);
return -453;
}
bytes = fread(tmp, 1, FOURK_BUF, caFile);
fclose(caFile);
ret = InitRsaKey(&caKey, 0);
if (ret != 0) return -459;
ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes);
if (ret != 0) return -454;
if (ret != 0) {
free(derCert);
free(pem);
return -459;
}
ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
if (ret != 0) {
free(derCert);
free(pem);
return -454;
}
InitCert(&myCert);
@ -3151,51 +3345,92 @@ int rsa_test(void)
strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
ret = SetIssuer(&myCert, caCertFile);
if (ret < 0)
if (ret < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -455;
}
certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key,
public_key_len, &rng);
if (certSz < 0)
if (certSz < 0) {
free(derCert);
free(pem);
FreeRsaKey(&caKey);
return -456;
}
certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
&caKey, NULL, &rng);
if (certSz < 0)
FreeRsaKey(&caKey);
if (certSz < 0) {
free(derCert);
free(pem);
return -457;
}
#ifdef CYASSL_TEST_CERT
InitDecodedCert(&decode, derCert, certSz, 0);
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0)
if (ret != 0) {
free(derCert);
free(pem);
return -458;
}
FreeDecodedCert(&decode);
#endif
derFile = fopen("./ntru-cert.der", "wb");
if (!derFile)
if (!derFile) {
free(derCert);
free(pem);
return -459;
ret = fwrite(derCert, certSz, 1, derFile);
}
ret = (int)fwrite(derCert, 1, certSz, derFile);
fclose(derFile);
if (ret != certSz) {
free(derCert);
free(pem);
return -473;
}
pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(derCert);
free(pem);
return -460;
}
pemFile = fopen("./ntru-cert.pem", "wb");
if (!pemFile)
if (!pemFile) {
free(derCert);
free(pem);
return -461;
ret = fwrite(pem, pemSz, 1, pemFile);
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile);
if (ret != pemSz) {
free(derCert);
free(pem);
return -474;
}
ntruPrivFile = fopen("./ntru-key.raw", "wb");
if (!ntruPrivFile)
if (!ntruPrivFile) {
free(derCert);
free(pem);
return -462;
ret = fwrite(private_key, private_key_len, 1, ntruPrivFile);
}
ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile);
fclose(ntruPrivFile);
if (ret != private_key_len) {
free(pem);
free(derCert);
return -475;
}
free(pem);
free(derCert);
FreeRsaKey(&caKey);
}
#endif /* HAVE_NTRU */
#ifdef CYASSL_CERT_REQ
@ -3211,8 +3446,10 @@ int rsa_test(void)
if (der == NULL)
return -463;
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL)
if (pem == NULL) {
free(der);
return -464;
}
InitCert(&req);
@ -3229,30 +3466,55 @@ int rsa_test(void)
req.sigType = CTC_SHA256wRSA;
derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
if (derSz < 0)
if (derSz < 0) {
free(pem);
free(der);
return -465;
}
derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
&key, NULL, &rng);
if (derSz < 0)
if (derSz < 0) {
free(pem);
free(der);
return -466;
}
pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
if (pemSz < 0)
if (pemSz < 0) {
free(pem);
free(der);
return -467;
}
reqFile = fopen("./certreq.der", "wb");
if (!reqFile)
if (!reqFile) {
free(pem);
free(der);
return -468;
}
ret = (int)fwrite(der, derSz, 1, reqFile);
ret = (int)fwrite(der, 1, derSz, reqFile);
fclose(reqFile);
if (ret != derSz) {
free(pem);
free(der);
return -471;
}
reqFile = fopen("./certreq.pem", "wb");
if (!reqFile)
if (!reqFile) {
free(pem);
free(der);
return -469;
ret = (int)fwrite(pem, pemSz, 1, reqFile);
}
ret = (int)fwrite(pem, 1, pemSz, reqFile);
fclose(reqFile);
if (ret != pemSz) {
free(pem);
free(der);
return -470;
}
free(pem);
free(der);
@ -3855,6 +4117,10 @@ int ecc_test(void)
ecc_init(&pubKey);
ret = ecc_make_key(&rng, 32, &userA);
if (ret != 0)
return -1014;
ret = ecc_make_key(&rng, 32, &userB);
if (ret != 0)
@ -3863,6 +4129,9 @@ int ecc_test(void)
x = sizeof(sharedA);
ret = ecc_shared_secret(&userA, &userB, sharedA, &x);
if (ret != 0)
return -1015;
y = sizeof(sharedB);
ret = ecc_shared_secret(&userB, &userA, sharedB, &y);
@ -3901,6 +4170,9 @@ int ecc_test(void)
x = sizeof(sig);
ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
if (ret != 0)
return -1016;
verify = 0;
ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
@ -4200,21 +4472,29 @@ int pkcs7enveloped_test(void)
return -201;
privKey = (byte*)malloc(FOURK_BUF);
if (privKey == NULL)
if (privKey == NULL) {
free(cert);
return -202;
}
certFile = fopen(clientCert, "rb");
if (!certFile)
if (!certFile) {
free(cert);
free(privKey);
err_sys("can't open ./certs/client-cert.der, "
"Please run from CyaSSL home dir", -42);
}
certSz = fread(cert, 1, FOURK_BUF, certFile);
fclose(certFile);
keyFile = fopen(clientKey, "rb");
if (!keyFile)
if (!keyFile) {
free(cert);
free(privKey);
err_sys("can't open ./certs/client-key.der, "
"Please run from CyaSSL home dir", -43);
}
privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
fclose(keyFile);
@ -4230,24 +4510,35 @@ int pkcs7enveloped_test(void)
/* encode envelopedData */
envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
sizeof(enveloped));
if (envelopedSz <= 0)
if (envelopedSz <= 0) {
free(cert);
free(privKey);
return -203;
}
/* decode envelopedData */
decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
decoded, sizeof(decoded));
if (decodedSz <= 0)
if (decodedSz <= 0) {
free(cert);
free(privKey);
return -204;
}
/* test decode result */
if (memcmp(decoded, data, sizeof(data)) != 0) {
free(cert);
free(privKey);
return -205;
}
/* output pkcs7 envelopedData for external testing */
pkcs7File = fopen(pkcs7OutFile, "wb");
if (!pkcs7File)
if (!pkcs7File) {
free(cert);
free(privKey);
return -206;
}
ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
fclose(pkcs7File);
@ -4302,15 +4593,19 @@ int pkcs7signed_test(void)
outSz = FOURK_BUF;
certDer = (byte*)malloc(FOURK_BUF);
keyDer = (byte*)malloc(FOURK_BUF);
out = (byte*)malloc(FOURK_BUF);
if (certDer == NULL)
return -207;
if (keyDer == NULL)
keyDer = (byte*)malloc(FOURK_BUF);
if (keyDer == NULL) {
free(certDer);
return -208;
if (out == NULL)
}
out = (byte*)malloc(FOURK_BUF);
if (out == NULL) {
free(certDer);
free(keyDer);
return -209;
}
/* read in DER cert of recipient, into cert of size certSz */
file = fopen(clientCert, "rb");
@ -4336,15 +4631,23 @@ int pkcs7signed_test(void)
fclose(file);
ret = InitRng(&rng);
if (ret != 0)
if (ret != 0) {
free(certDer);
free(keyDer);
free(out);
return -210;
}
senderNonce[0] = 0x04;
senderNonce[1] = PKCS7_NONCE_SZ;
ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
if (ret != 0)
if (ret != 0) {
free(certDer);
free(keyDer);
free(out);
return -211;
}
PKCS7_InitWithCert(&msg, certDer, certDerSz);
msg.privateKey = keyDer;
@ -4365,8 +4668,12 @@ int pkcs7signed_test(void)
transId[1] = SHA_DIGEST_SIZE * 2;
ret = InitSha(&sha);
if (ret != 0)
if (ret != 0) {
free(certDer);
free(keyDer);
free(out);
return -4003;
}
ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
ShaFinal(&sha, digest);
@ -4396,6 +4703,13 @@ int pkcs7signed_test(void)
}
ret = (int)fwrite(out, 1, outSz, file);
fclose(file);
if (ret != (int)outSz) {
free(certDer);
free(keyDer);
free(out);
PKCS7_Free(&msg);
return -218;
}
PKCS7_Free(&msg);
PKCS7_InitWithCert(&msg, NULL, 0);

3
src/ssl.c
View File

@ -3280,6 +3280,9 @@ int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX* ctx, const char* fname, int format)
int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX* ctx, const char* file)
{
CYASSL_ENTER("CyaSSL_CTX_use_NTRUPrivateKey_file");
if (ctx == NULL)
return SSL_FAILURE;
if (ProcessFile(ctx, file, SSL_FILETYPE_RAW, PRIVATEKEY_TYPE, NULL, 0, NULL)
== SSL_SUCCESS) {
ctx->haveNTRU = 1;