Merge pull request #3224 from ejohnstown/release-update

Release v4.5.0 Supplement
wolfSSL · Aug 20, 2020 · 0fa5af9 · 0fa5af9
2 parents 028bddd + 05671d1
commit 0fa5af9
Show file tree

Hide file tree

Showing 17 changed files with 84 additions and 44 deletions.
diff --git a/ChangeLog.md b/ChangeLog.md
@@ -1,4 +1,4 @@
-# wolfSSL Release 4.5.0 (August 18, 2020)
+# wolfSSL Release 4.5.0 (August 19, 2020)
 
 If you have questions about this release, feel free to contact us on our
 info@ address.

diff --git a/README b/README
@@ -73,7 +73,7 @@ should be used for the enum name.
 *** end Notes ***
 
 
-# wolfSSL Release 4.5.0 (August 18, 2020)
+# wolfSSL Release 4.5.0 (August 19, 2020)
 
 If you have questions about this release, feel free to contact us on our
 info@ address.

diff --git a/README.md b/README.md
@@ -73,7 +73,7 @@ should be used for the enum name.
 *** end Notes ***
 
 
-# wolfSSL Release 4.5.0 (August 18, 2020)
+# wolfSSL Release 4.5.0 (August 19, 2020)
 
 If you have questions about this release, feel free to contact us on our
 info@ address.
@@ -126,6 +126,11 @@ Release 4.5.0 of wolfSSL embedded TLS has bug fixes and new features including:
 * Fix for sanity check on padding with DES3 conversion of PEM to DER
 * Sanity check for potential out of bounds read with fp_read_radix_16
 * Additional checking of ECC scalars.
+* Fixing the FIPS Ready build w.r.t. ecc.c.
+* When processing certificate names with OpenSSL compatibility layer
+  enabled, unknown name item types were getting handled as having NID 0,
+  and failing. Added a couple more items to what is handled correctly,
+  and ignoring anything that is an unknown type.
 
 ## Improvements/Optimizations
 

diff --git a/configure.ac b/configure.ac
@@ -2970,7 +2970,7 @@ AC_ARG_WITH([ntru],
             AC_MSG_RESULT([yes])
         fi
 
-        AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -DHAVE_TLS_EXTENSIONS"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -DHAVE_TLS_EXTENSIONS -DWOLFSSL_STATIC_RSA"
         ENABLED_NTRU="yes"
     ]
 )

diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c
@@ -138,7 +138,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 #if defined(CYASSL_DTLS)
     method  = CyaDTLSv1_2_server_method();
 #elif !defined(NO_TLS)
-    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
+    #if (defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)) || \
+        defined(HAVE_NTRU)
     method = CyaTLSv1_2_server_method();
     #else
     method = CyaSSLv23_server_method();

diff --git a/rpm/spec.in b/rpm/spec.in
@@ -74,7 +74,7 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_libdir}/libwolfssl.la
 %{_libdir}/libwolfssl.so
 %{_libdir}/libwolfssl.so.24
-%{_libdir}/libwolfssl.so.24.1.0
+%{_libdir}/libwolfssl.so.24.2.0
 
 %files devel
 %defattr(-,root,root,-)
@@ -180,6 +180,7 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_includedir}/wolfssl/ocsp.h
 %{_includedir}/wolfssl/openssl/aes.h
 %{_includedir}/wolfssl/openssl/asn1.h
+%{_includedir}/wolfssl/openssl/asn1t.h
 %{_includedir}/wolfssl/openssl/bio.h
 %{_includedir}/wolfssl/openssl/bn.h
 %{_includedir}/wolfssl/openssl/buffer.h
@@ -300,6 +301,9 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_libdir}/pkgconfig/wolfssl.pc
 
 %changelog
+* Mon Aug 17 2020 John Safranek <[email protected]>
+- Add a missing header.
+- Update for release.
 * Thu Apr 16 2020 John Safranek <[email protected]>
 - Add some missing headers.
 - Sort the file list.

diff --git a/src/internal.c b/src/internal.c
@@ -8339,7 +8339,9 @@ static int GetRecordHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #ifdef WOLFSSL_DTLS
     if (IsDtlsNotSctpMode(ssl)) {
         if (!DtlsCheckWindow(ssl) ||
-                (ssl->keys.curEpoch == 0 && rh->type == application_data)) {
+                (rh->type == application_data && ssl->keys.curEpoch == 0) ||
+                (rh->type == alert && ssl->options.handShakeDone &&
+                        ssl->keys.curEpoch == 0 && ssl->keys.dtls_epoch != 0)) {
             WOLFSSL_LEAVE("GetRecordHeader()", SEQUENCE_ERROR);
             return SEQUENCE_ERROR;
         }
@@ -12275,6 +12277,14 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
                 WOLFSSL_MSG("Duplicate Finished received");
                 return DUPLICATE_MSG_E;
             }
+#ifdef HAVE_DTLS
+            if (ssl->options.dtls) {
+                if (ssl->keys.curEpoch == 0) {
+                    WOLFSSL_MSG("Finished received with epoch 0");
+                    return SEQUENCE_ERROR;
+                }
+            }
+#endif
             ssl->msgsReceived.got_finished = 1;
 
             if (ssl->msgsReceived.got_change_cipher == 0) {

diff --git a/src/sniffer.c b/src/sniffer.c
@@ -1737,7 +1737,7 @@ int ssl_SetPrivateKeyBuffer(const char* address, int port,
     int ret;
 
     TraceHeader();
-    TraceSetServer(address, port, NULL);
+    TraceSetServer(address, port, "from buffer");
 
     wc_LockMutex(&ServerListMutex);
     ret = SetNamedPrivateKey(NULL, address, port, keyBuf, keySz,
@@ -1826,7 +1826,7 @@ int ssl_SetEphemeralKeyBuffer(const char* address, int port,
     int ret;
 
     TraceHeader();
-    TraceSetServer(address, port, NULL);
+    TraceSetServer(address, port, "from buffer");
 
     wc_LockMutex(&ServerListMutex);
     ret = SetNamedPrivateKey(NULL, address, port, keyBuf, keySz,

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
@@ -13475,7 +13475,8 @@ int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
 int wc_MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz,
                   const byte* ntruKey, word16 keySz, WC_RNG* rng)
 {
-    return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng, ntruKey, keySz, NULL);
+    return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng,
+            ntruKey, keySz, NULL, NULL);
 }
 
 #endif /* HAVE_NTRU */

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
@@ -2811,25 +2811,26 @@ static int ecc_point_to_mont(ecc_point* p, ecc_point* r, mp_int* modulus,
        err = mp_init(mu);
    if (err == MP_OKAY) {
        err = mp_montgomery_calc_normalization(mu, modulus);
-   }
 
-   if (err == MP_OKAY) {
-       if (mp_cmp_d(mu, 1) == MP_EQ) {
-           err = mp_copy(p->x, r->x);
-           if (err == MP_OKAY)
-               err = mp_copy(p->y, r->y);
-           if (err == MP_OKAY)
-               err = mp_copy(p->z, r->z);
-       }
-       else {
-           err = mp_mulmod(p->x, mu, modulus, r->x);
-           if (err == MP_OKAY)
-               err = mp_mulmod(p->y, mu, modulus, r->y);
-           if (err == MP_OKAY)
-               err = mp_mulmod(p->z, mu, modulus, r->z);
+       if (err == MP_OKAY) {
+           if (mp_cmp_d(mu, 1) == MP_EQ) {
+               err = mp_copy(p->x, r->x);
+               if (err == MP_OKAY)
+                   err = mp_copy(p->y, r->y);
+               if (err == MP_OKAY)
+                   err = mp_copy(p->z, r->z);
+           }
+           else {
+               err = mp_mulmod(p->x, mu, modulus, r->x);
+               if (err == MP_OKAY)
+                   err = mp_mulmod(p->y, mu, modulus, r->y);
+               if (err == MP_OKAY)
+                   err = mp_mulmod(p->z, mu, modulus, r->z);
+           }
        }
-   }
 
+       mp_clear(mu);
+   }
 #ifdef WOLFSSL_SMALL_STACK
    if (mu != NULL)
       XFREE(mu, heap, DYNAMIC_TYPE_ECC);
@@ -2843,7 +2844,7 @@ static int ecc_key_tmp_init(ecc_key* key, void* heap)
 {
    int err = MP_OKAY;
 
-   XMEMSET(*key, 0, sizeof(key));
+   XMEMSET(key, 0, sizeof(*key));
 
    key->t1 = (mp_int*)XMALLOC(sizeof(mp_int), heap, DYNAMIC_TYPE_ECC);
    key->t2 = (mp_int*)XMALLOC(sizeof(mp_int), heap, DYNAMIC_TYPE_ECC);
@@ -2865,6 +2866,7 @@ static int ecc_key_tmp_init(ecc_key* key, void* heap)
 
 static void ecc_key_tmp_final(ecc_key* key, void* heap)
 {
+    (void)heap;
 #ifdef ALT_ECC_SIZE
    if (key->z != NULL)
       XFREE(key->z, heap, DYNAMIC_TYPE_ECC);
@@ -2875,7 +2877,7 @@ static void ecc_key_tmp_final(ecc_key* key, void* heap)
 #endif
    if (key->t2 != NULL)
       XFREE(key->t2, heap, DYNAMIC_TYPE_ECC);
-   if (key.t1 != NULL)
+   if (key->t1 != NULL)
       XFREE(key->t1, heap, DYNAMIC_TYPE_ECC);
 }
 #endif /* WOLFSSL_SMALL_STACK_CACHE */
@@ -2969,7 +2971,7 @@ int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
    }
 #ifdef WOLFSSL_SMALL_STACK_CACHE
    R->key = NULL;
-   ecc_key_tmp_free(&key, heap);
+   ecc_key_tmp_final(&key, heap);
 #endif /* WOLFSSL_SMALL_STACK_CACHE */
 
    return err;
@@ -3103,6 +3105,23 @@ int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
    if (err == MP_OKAY)
       err = ecc_mulmod(&t, tG, R, M, a, modulus, mp, rng);
 
+    /* Check for k == 1 or k == order+1. Result will be 0 point which is not
+     * correct. Calculates 2 * order and get 0 point then adds base point
+     * which results in 0 point with constant time implementation)
+     */
+   if (err == MP_OKAY)
+      err = mp_add_d(order, 1, &t);
+   if (err == MP_OKAY) {
+      int kIsOne = (mp_cmp_d(k, 1) == MP_EQ) | (mp_cmp(k, &t) == MP_EQ);
+      err = mp_cond_copy(tG->x, kIsOne, R->x);
+      if (err == 0) {
+          err = mp_cond_copy(tG->y, kIsOne, R->y);
+      }
+      if (err == 0) {
+          err = mp_cond_copy(tG->z, kIsOne, R->z);
+      }
+   }
+
    mp_forcezero(&t);
    mp_free(&t);
 #else
@@ -3123,7 +3142,7 @@ int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
    }
 #ifdef WOLFSSL_SMALL_STACK_CACHE
    R->key = NULL;
-   ecc_key_tmp_free(&key, heap);
+   ecc_key_tmp_final(&key, heap);
 #endif /* WOLFSSL_SMALL_STACK_CACHE */
 
    return err;

diff --git a/wolfcrypt/src/sp_arm32.c b/wolfcrypt/src/sp_arm32.c
@@ -34783,7 +34783,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_256_ecc_mulmod_8(infinity, point, p256_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_256_iszero_8(point->x) == 0) || (sp_256_iszero_8(point->y) == 0)) {
+        if (sp_256_iszero_8(point->x) || sp_256_iszero_8(point->y)) {
             err = ECC_INF_E;
         }
     }
@@ -44487,7 +44487,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_384_ecc_mulmod_12(infinity, point, p384_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_384_iszero_12(point->x) == 0) || (sp_384_iszero_12(point->y) == 0)) {
+        if (sp_384_iszero_12(point->x) || sp_384_iszero_12(point->y)) {
             err = ECC_INF_E;
         }
     }

diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c
@@ -36055,7 +36055,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_256_ecc_mulmod_4(infinity, point, p256_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_256_iszero_4(point->x) == 0) || (sp_256_iszero_4(point->y) == 0)) {
+        if (sp_256_iszero_4(point->x) || sp_256_iszero_4(point->y)) {
             err = ECC_INF_E;
         }
     }
@@ -42742,7 +42742,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_384_ecc_mulmod_6(infinity, point, p384_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_384_iszero_6(point->x) == 0) || (sp_384_iszero_6(point->y) == 0)) {
+        if (sp_384_iszero_6(point->x) || sp_384_iszero_6(point->y)) {
             err = ECC_INF_E;
         }
     }

diff --git a/wolfcrypt/src/sp_armthumb.c b/wolfcrypt/src/sp_armthumb.c
@@ -20506,7 +20506,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_256_ecc_mulmod_8(infinity, point, p256_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_256_iszero_8(point->x) == 0) || (sp_256_iszero_8(point->y) == 0)) {
+        if (sp_256_iszero_8(point->x) || sp_256_iszero_8(point->y)) {
             err = ECC_INF_E;
         }
     }
@@ -27324,7 +27324,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_384_ecc_mulmod_12(infinity, point, p384_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_384_iszero_12(point->x) == 0) || (sp_384_iszero_12(point->y) == 0)) {
+        if (sp_384_iszero_12(point->x) || sp_384_iszero_12(point->y)) {
             err = ECC_INF_E;
         }
     }

diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c
@@ -17205,7 +17205,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_256_ecc_mulmod_10(infinity, point, p256_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_256_iszero_10(point->x) == 0) || (sp_256_iszero_10(point->y) == 0)) {
+        if (sp_256_iszero_10(point->x) || sp_256_iszero_10(point->y)) {
             err = ECC_INF_E;
         }
     }
@@ -24543,7 +24543,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_384_ecc_mulmod_15(infinity, point, p384_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_384_iszero_15(point->x) == 0) || (sp_384_iszero_15(point->y) == 0)) {
+        if (sp_384_iszero_15(point->x) || sp_384_iszero_15(point->y)) {
             err = ECC_INF_E;
         }
     }

diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c
@@ -16964,7 +16964,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_256_ecc_mulmod_5(infinity, point, p256_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_256_iszero_5(point->x) == 0) || (sp_256_iszero_5(point->y) == 0)) {
+        if (sp_256_iszero_5(point->x) || sp_256_iszero_5(point->y)) {
             err = ECC_INF_E;
         }
     }
@@ -23766,7 +23766,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_384_ecc_mulmod_7(infinity, point, p384_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_384_iszero_7(point->x) == 0) || (sp_384_iszero_7(point->y) == 0)) {
+        if (sp_384_iszero_7(point->x) || sp_384_iszero_7(point->y)) {
             err = ECC_INF_E;
         }
     }

diff --git a/wolfcrypt/src/sp_cortexm.c b/wolfcrypt/src/sp_cortexm.c
@@ -19348,7 +19348,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_256_ecc_mulmod_8(infinity, point, p256_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_256_iszero_8(point->x) == 0) || (sp_256_iszero_8(point->y) == 0)) {
+        if (sp_256_iszero_8(point->x) || sp_256_iszero_8(point->y)) {
             err = ECC_INF_E;
         }
     }
@@ -26743,7 +26743,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_384_ecc_mulmod_12(infinity, point, p384_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_384_iszero_12(point->x) == 0) || (sp_384_iszero_12(point->y) == 0)) {
+        if (sp_384_iszero_12(point->x) || sp_384_iszero_12(point->y)) {
             err = ECC_INF_E;
         }
     }

diff --git a/wolfcrypt/src/sp_x86_64.c b/wolfcrypt/src/sp_x86_64.c
@@ -22200,7 +22200,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_256_ecc_mulmod_4(infinity, point, p256_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_256_iszero_4(point->x) == 0) || (sp_256_iszero_4(point->y) == 0)) {
+        if (sp_256_iszero_4(point->x) || sp_256_iszero_4(point->y)) {
             err = ECC_INF_E;
         }
     }
@@ -29252,7 +29252,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
             err = sp_384_ecc_mulmod_6(infinity, point, p384_order, 1, 1, NULL);
     }
     if (err == MP_OKAY) {
-        if ((sp_384_iszero_6(point->x) == 0) || (sp_384_iszero_6(point->y) == 0)) {
+        if (sp_384_iszero_6(point->x) || sp_384_iszero_6(point->y)) {
             err = ECC_INF_E;
         }
     }