Merge pull request #3586 from tmael/cc310_tests

Fix Cryptocell and revert test.c use of static const
wolfSSL · Dec 23, 2020 · 9c87f97 · 9c87f97
2 parents 90b14e2 + f06361d
commit 9c87f97
Show file tree

Hide file tree

Showing 4 changed files with 499 additions and 493 deletions.
diff --git a/configure.ac b/configure.ac
@@ -196,7 +196,7 @@ AC_ARG_ENABLE([linuxkm-defaults],
 
 if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_OLD_PRIME_CHECK -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_OLD_PRIME_CHECK -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC"
 fi
 
 AC_ARG_WITH([linux-source],

diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c
@@ -4911,16 +4911,15 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
                return WC_HW_E;
         }
     #elif defined(WOLFSSL_CRYPTOCELL)
-
+        /* truncate if hash is longer than key size */
+        if (msgLenInBytes > keysize) {
+            msgLenInBytes = keysize;
+        }
         hash_mode = cc310_hashModeECC(msgLenInBytes);
         if (hash_mode == CRYS_ECPKI_HASH_OpModeLast) {
             hash_mode = cc310_hashModeECC(keysize);
             hash_mode = CRYS_ECPKI_HASH_SHA256_mode;
-        }
 
-        /* truncate if hash is longer than key size */
-        if (msgLenInBytes > keysize) {
-            msgLenInBytes = keysize;
         }
 
         /* create signature from an input buffer using a private key*/
@@ -6390,15 +6389,15 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
        return err;
    }
 
+   /* truncate if hash is longer than key size */
+   if (msgLenInBytes > keySz) {
+       msgLenInBytes = keySz;
+   }
    hash_mode = cc310_hashModeECC(msgLenInBytes);
    if (hash_mode == CRYS_ECPKI_HASH_OpModeLast) {
        /* hash_mode = */ cc310_hashModeECC(keySz);
        hash_mode = CRYS_ECPKI_HASH_SHA256_mode;
    }
-   /* truncate if hash is longer than key size */
-   if (msgLenInBytes > keySz) {
-       msgLenInBytes = keySz;
-   }
 
    /* verify the signature using the public key */
    err = CRYS_ECDSA_Verify(&sigCtxTemp,