Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

20241010-WOLFSSL_NO_MALLOC #8065

Merged
merged 10 commits into from
Oct 15, 2024
Merged

Conversation

douzzer
Copy link
Contributor

@douzzer douzzer commented Oct 11, 2024

fixes for enable-all-crypto enable-cryptonly WOLFSSL_NO_MALLOC:

revert changes from #8053

wolfcrypt/src/dh.c: add stack buffer codepath in wc_DhGenerateParams();

wolfcrypt/src/ecc.c: add always-fail codepath to find_hole() to preempt heap allocation attempts;

wolfcrypt/test/test.c: gate out several heap-dependent subtests when defined(WOLFSSL_NO_MALLOC), and add a stack buffer codepath in ed448_test();

wolfssl/wolfcrypt/types.h: harmonize macro definitions of XFREE() to use do { ... } while (0) wrappers to assure syntactic indivisibility.

tested with wolfssl-multi-test.sh ... super-quick-check with allcryptonly-no-malloc added to it.

config for allcryptonly-no-malloc:

./configure --enable-all-crypto --enable-cryptonly --disable-pkcs12 --disable-ecccustcurves --disable-brainpool --disable-dsa --disable-srp --disable-scrypt --disable-eccsi --disable-sakke --disable-pkcs7 CFLAGS='-DWOLFSSL_NO_MALLOC -DWOLFSSL_SP_NO_MALLOC -DWOLFSSL_SP_NO_DYN_STACK -DNO_WOLFSSL_MEMORY -UHAVE_ECC_KOBLITZ'

wolfcrypt/src/asn.c Outdated Show resolved Hide resolved
wolfcrypt/src/asn.c Outdated Show resolved Hide resolved
wolfcrypt/src/dh.c Outdated Show resolved Hide resolved
wolfcrypt/src/dh.c Show resolved Hide resolved
wolfssl/wolfcrypt/sha.h Outdated Show resolved Hide resolved
@JacobBarthelmeh JacobBarthelmeh removed their assignment Oct 11, 2024
@douzzer douzzer force-pushed the 20241010-WOLFSSL_NO_MALLOC branch from c40a119 to 376cd16 Compare October 12, 2024 21:34
@douzzer
Copy link
Contributor Author

douzzer commented Oct 13, 2024

retest this please.

douzzer and others added 10 commits October 14, 2024 14:21
wolfcrypt/src//asn.c: add stack buffer codepaths in ParseKeyUsageStr(), SetKeyIdFromPublicKey(), and EncodePolicyOID;

wolfcrypt/src/dh.c: add stack buffer codepath in wc_DhGenerateParams();

wolfcrypt/src/ecc.c: add always-fail codepath to find_hole() to preempt heap allocation attempts;

wolfcrypt/test/test.c: gate out several heap-dependent subtests when defined(WOLFSSL_NO_MALLOC), and add a stack buffer codepath in ed448_test();

wolfssl/wolfcrypt/types.h: harmonize macro definitions of XFREE() to use do { ... } while (0) wrappers to assure syntactic indivisibility.
…d isAllocated XFREE()s in wc_ed25519_free() and wc_HashFree().
…finition of XSTRDUP regardless of WOLFSSL_NO_MALLOC (wc_strdup_ex() uses XMALLOC(), which may be a user or static pool allocator).
wolfcrypt/src/dh.c: in wc_DhGenerateParams(), use named constant for buf size, and only XFREE it if !WOLFSSL_NO_MALLOC;

wolfcrypt/src/ecc.c and wolfssl/wolfcrypt/ecc.h: in wc_ecc_new_point_ex(), remove !WOLFSSL_NO_MALLOC gate around XMALLOC(), and if XMALLOC()ed, set ecc_point.isAllocated, then in wc_ecc_del_point_ex, XFREE() iff ecc_point.isAllocated;

wolfcrypt/src/pkcs7.c: in wc_PKCS7_RsaVerify(), when WOLFSSL_NO_MALLOC, jumbo-size the digest buffer to cope with in-place dynamics in RsaUnPad();

wolfcrypt/test/test.c: add !WOLFSSL_NO_MALLOC gates around various XFREE()s of objects that are on the stack in WOLFSSL_NO_MALLOC builds;

wolfssl/wolfcrypt/types.h: add an unconditional include of memory.h (itself guarded against multiple inclusion) to assure availability of WC_DEBUG_CIPHER_LIFECYCLE prototypes/macros.
@douzzer douzzer force-pushed the 20241010-WOLFSSL_NO_MALLOC branch from aa1de20 to cc7ccf9 Compare October 14, 2024 19:21
@douzzer
Copy link
Contributor Author

douzzer commented Oct 14, 2024

retest this please..

wolfcrypt/src/aes.c Show resolved Hide resolved
@philljj philljj merged commit 6cde744 into wolfSSL:master Oct 15, 2024
139 of 140 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants