len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-16 01:37:45 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update wolfSSL to the latest version(v.4.4.0) (#186)

Browse source 
* deleted old version wolfSSL before updating

* updated wolfSSL to the latest version(v4.4.0)

* updated wolfSSL to the latest version(v4.4.0)

* added macros for timing resistance

Co-authored-by: RichardBarry <3073890+RichardBarry@users.noreply.github.com>
Co-authored-by: Ming Yue <mingyue86010@gmail.com>
This commit is contained in:
TakayukiMatsuo 2020-08-08 07:58:14 +09:00 committed by GitHub
parent 68518f5866
commit 94aa31c3cb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1185 changed files with 837519 additions and 72138 deletions
Download patch file Download diff file Expand all files Collapse all files

292
FreeRTOS-Plus/Source/WolfSSL/wolfcrypt/src/coding.c
View file

@ -1,8 +1,8 @@
/* coding.c
*
* Copyright (C) 2006-2015 wolfSSL Inc.
* Copyright (C) 2006-2020 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -16,9 +16,10 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
@ -35,10 +36,14 @@
enum {
BAD = 0xFF, /* invalid encoding */
PAD = '=',
PEM_LINE_SZ = 64
PEM_LINE_SZ = 64,
BASE64_MIN = 0x2B,
BASE16_MIN = 0x30,
};
#ifdef WOLFSSL_BASE64_DECODE
static
const byte base64Decode[] = { 62, BAD, BAD, BAD, 63, /* + starts at 0x2B */
52, 53, 54, 55, 56, 57, 58, 59, 60, 61,
@ -52,27 +57,81 @@ const byte base64Decode[] = { 62, BAD, BAD, BAD, 63, /* + starts at 0x2B */
46, 47, 48, 49, 50, 51
};
static WC_INLINE int Base64_SkipNewline(const byte* in, word32 *inLen, word32 *outJ)
{
word32 len = *inLen;
word32 j = *outJ;
if (len && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) {
byte endLine = in[j++];
len--;
while (len && endLine == ' ') { /* allow trailing whitespace */
endLine = in[j++];
len--;
}
if (endLine == '\r') {
if (len) {
endLine = in[j++];
len--;
}
}
if (endLine != '\n') {
WOLFSSL_MSG("Bad end of line in Base64 Decode");
return ASN_INPUT_E;
}
}
if (!len) {
return BUFFER_E;
}
*inLen = len;
*outJ = j;
return 0;
}
int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
word32 i = 0;
word32 j = 0;
word32 plainSz = inLen - ((inLen + (PEM_LINE_SZ - 1)) / PEM_LINE_SZ );
const byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1;
int ret;
const byte maxIdx = (byte)sizeof(base64Decode) + BASE64_MIN - 1;
plainSz = (plainSz * 3 + 3) / 4;
if (plainSz > *outLen) return BAD_FUNC_ARG;
while (inLen > 3) {
byte b1, b2, b3;
byte e1 = in[j++];
byte e2 = in[j++];
byte e3 = in[j++];
byte e4 = in[j++];
int pad3 = 0;
int pad4 = 0;
byte b1, b2, b3;
byte e1, e2, e3, e4;
if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) {
if (ret == BUFFER_E) {
/* Running out of buffer here is not an error */
break;
}
return ret;
}
e1 = in[j++];
if (e1 == '\0') {
break;
}
inLen--;
if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) {
return ret;
}
e2 = in[j++];
inLen--;
if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) {
return ret;
}
e3 = in[j++];
inLen--;
if ((ret = Base64_SkipNewline(in, &inLen, &j)) != 0) {
return ret;
}
e4 = in[j++];
inLen--;
if (e1 == 0) /* end file 0's */
break;
if (e3 == PAD)
@ -80,7 +139,7 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
if (e4 == PAD)
pad4 = 1;
if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) {
if (e1 < BASE64_MIN || e2 < BASE64_MIN || e3 < BASE64_MIN || e4 < BASE64_MIN) {
WOLFSSL_MSG("Bad Base64 Decode data, too small");
return ASN_INPUT_E;
}
@ -90,10 +149,15 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
return ASN_INPUT_E;
}
e1 = base64Decode[e1 - 0x2B];
e2 = base64Decode[e2 - 0x2B];
e3 = (e3 == PAD) ? 0 : base64Decode[e3 - 0x2B];
e4 = (e4 == PAD) ? 0 : base64Decode[e4 - 0x2B];
if (i + 1 + !pad3 + !pad4 > *outLen) {
WOLFSSL_MSG("Bad Base64 Decode out buffer, too small");
return BAD_FUNC_ARG;
}
e1 = base64Decode[e1 - BASE64_MIN];
e2 = base64Decode[e2 - BASE64_MIN];
e3 = (e3 == PAD) ? 0 : base64Decode[e3 - BASE64_MIN];
e4 = (e4 == PAD) ? 0 : base64Decode[e4 - BASE64_MIN];
b1 = (byte)((e1 << 2) | (e2 >> 4));
b2 = (byte)(((e2 & 0xF) << 4) | (e3 >> 2));
@ -106,32 +170,17 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
out[i++] = b3;
else
break;
inLen -= 4;
if (inLen && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) {
byte endLine = in[j++];
inLen--;
while (inLen && endLine == ' ') { /* allow trailing whitespace */
endLine = in[j++];
inLen--;
}
if (endLine == '\r') {
if (inLen) {
endLine = in[j++];
inLen--;
}
}
if (endLine != '\n') {
WOLFSSL_MSG("Bad end of line in Base64 Decode");
return ASN_INPUT_E;
}
}
}
/* If the output buffer has a room for an extra byte, add a null terminator */
if (out && *outLen > i)
out[i]= '\0';
*outLen = i;
return 0;
}
#endif /* WOLFSSL_BASE64_DECODE */
#if defined(WOLFSSL_BASE64_ENCODE)
@ -150,7 +199,7 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
/* make sure *i (idx) won't exceed max, store and possibly escape to out,
* raw means use e w/o decode, 0 on success */
static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
int raw)
int raw, int getSzOnly)
{
int doEscape = 0;
word32 needed = 1;
@ -166,8 +215,8 @@ static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
else
basic = base64Encode[e];
/* check whether to escape */
if (escaped) {
/* check whether to escape. Only escape for EncodeEsc */
if (escaped == WC_ESC_NL_ENC) {
switch ((char)basic) {
case '+' :
plus = 1;
@ -191,31 +240,37 @@ static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
}
/* check size */
if ( (idx+needed) > max) {
if ( (idx+needed) > max && !getSzOnly) {
WOLFSSL_MSG("Escape buffer max too small");
return BUFFER_E;
}
/* store it */
if (doEscape == 0) {
out[idx++] = basic;
if(getSzOnly)
idx++;
else
out[idx++] = basic;
}
else {
out[idx++] = '%'; /* start escape */
if(getSzOnly)
idx+=3;
else {
out[idx++] = '%'; /* start escape */
if (plus) {
out[idx++] = '2';
out[idx++] = 'B';
if (plus) {
out[idx++] = '2';
out[idx++] = 'B';
}
else if (equals) {
out[idx++] = '3';
out[idx++] = 'D';
}
else if (newline) {
out[idx++] = '0';
out[idx++] = 'A';
}
}
else if (equals) {
out[idx++] = '3';
out[idx++] = 'D';
}
else if (newline) {
out[idx++] = '0';
out[idx++] = 'A';
}
}
*i = idx;
@ -223,7 +278,8 @@ static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max,
}
/* internal worker, handles both escaped and normal line endings */
/* internal worker, handles both escaped and normal line endings.
If out buffer is NULL, will return sz needed in outLen */
static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
word32* outLen, int escaped)
{
@ -232,18 +288,23 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
j = 0,
n = 0; /* new line counter */
int getSzOnly = (out == NULL);
word32 outSz = (inLen + 3 - 1) / 3 * 4;
word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */
if (escaped)
if (escaped == WC_ESC_NL_ENC)
addSz *= 3; /* instead of just \n, we're doing %0A triplet */
else if (escaped == WC_NO_NL_ENC)
addSz = 0; /* encode without \n */
outSz += addSz;
/* if escaped we can't predetermine size for one pass encoding, but
* make sure we have enough if no escapes are in input */
if (outSz > *outLen) return BAD_FUNC_ARG;
* make sure we have enough if no escapes are in input
* Also need to ensure outLen valid before dereference */
if (!outLen || (outSz > *outLen && !getSzOnly)) return BAD_FUNC_ARG;
while (inLen > 2) {
byte b1 = in[j++];
byte b2 = in[j++];
@ -256,19 +317,20 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
byte e4 = b3 & 0x3F;
/* store */
ret = CEscape(escaped, e1, out, &i, *outLen, 0);
ret = CEscape(escaped, e1, out, &i, *outLen, 0, getSzOnly);
if (ret != 0) break;
ret = CEscape(escaped, e2, out, &i, *outLen, 0);
ret = CEscape(escaped, e2, out, &i, *outLen, 0, getSzOnly);
if (ret != 0) break;
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
ret = CEscape(escaped, e3, out, &i, *outLen, 0, getSzOnly);
if (ret != 0) break;
ret = CEscape(escaped, e4, out, &i, *outLen, 0);
ret = CEscape(escaped, e4, out, &i, *outLen, 0, getSzOnly);
if (ret != 0) break;
inLen -= 3;
if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) {
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
/* Insert newline after PEM_LINE_SZ, unless no \n requested */
if (escaped != WC_NO_NL_ENC && (++n % (PEM_LINE_SZ/4)) == 0 && inLen) {
ret = CEscape(escaped, '\n', out, &i, *outLen, 1, getSzOnly);
if (ret != 0) break;
}
}
@ -284,50 +346,61 @@ static int DoBase64_Encode(const byte* in, word32 inLen, byte* out,
byte e2 = (byte)(((b1 & 0x3) << 4) | (b2 >> 4));
byte e3 = (byte)((b2 & 0xF) << 2);
ret = CEscape(escaped, e1, out, &i, *outLen, 0);
if (ret == 0)
ret = CEscape(escaped, e2, out, &i, *outLen, 0);
ret = CEscape(escaped, e1, out, &i, *outLen, 0, getSzOnly);
if (ret == 0)
ret = CEscape(escaped, e2, out, &i, *outLen, 0, getSzOnly);
if (ret == 0) {
/* third */
if (twoBytes)
ret = CEscape(escaped, e3, out, &i, *outLen, 0);
else
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
ret = CEscape(escaped, e3, out, &i, *outLen, 0, getSzOnly);
else
ret = CEscape(escaped, '=', out, &i, *outLen, 1, getSzOnly);
}
/* fourth always pad */
if (ret == 0)
ret = CEscape(escaped, '=', out, &i, *outLen, 1);
}
ret = CEscape(escaped, '=', out, &i, *outLen, 1, getSzOnly);
}
if (ret == 0)
ret = CEscape(escaped, '\n', out, &i, *outLen, 1);
if (ret == 0 && escaped != WC_NO_NL_ENC)
ret = CEscape(escaped, '\n', out, &i, *outLen, 1, getSzOnly);
if (i != outSz && escaped == 0 && ret == 0)
return ASN_INPUT_E;
if (i != outSz && escaped != 1 && ret == 0)
return ASN_INPUT_E;
/* If the output buffer has a room for an extra byte, add a null terminator */
if (out && *outLen > i)
out[i]= '\0';
*outLen = i;
return ret;
if (ret == 0)
return getSzOnly ? LENGTH_ONLY_E : 0;
return ret;
}
/* Base64 Encode, PEM style, with \n line endings */
int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 0);
return DoBase64_Encode(in, inLen, out, outLen, WC_STD_ENC);
}
/* Base64 Encode, with %0A esacped line endings instead of \n */
/* Base64 Encode, with %0A escaped line endings instead of \n */
int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, 1);
return DoBase64_Encode(in, inLen, out, outLen, WC_ESC_NL_ENC);
}
int Base64_Encode_NoNl(const byte* in, word32 inLen, byte* out, word32* outLen)
{
return DoBase64_Encode(in, inLen, out, outLen, WC_NO_NL_ENC);
}
#endif /* defined(WOLFSSL_BASE64_ENCODE) */
#endif /* WOLFSSL_BASE64_ENCODE */
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
#ifdef WOLFSSL_BASE16
static
const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
@ -345,8 +418,11 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
word32 inIdx = 0;
word32 outIdx = 0;
if (in == NULL || out == NULL || outLen == NULL)
return BAD_FUNC_ARG;
if (inLen == 1 && *outLen && in) {
byte b = in[inIdx++] - 0x30; /* 0 starts at 0x30 */
byte b = in[inIdx++] - BASE16_MIN; /* 0 starts at 0x30 */
/* sanity check */
if (b >= sizeof(hexDecode)/sizeof(hexDecode[0]))
@ -356,7 +432,7 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
if (b == BAD)
return ASN_INPUT_E;
out[outIdx++] = b;
*outLen = outIdx;
@ -370,8 +446,8 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
return BAD_FUNC_ARG;
while (inLen) {
byte b = in[inIdx++] - 0x30; /* 0 starts at 0x30 */
byte b2 = in[inIdx++] - 0x30;
byte b = in[inIdx++] - BASE16_MIN; /* 0 starts at 0x30 */
byte b2 = in[inIdx++] - BASE16_MIN;
/* sanity checks */
if (b >= sizeof(hexDecode)/sizeof(hexDecode[0]))
@ -384,7 +460,7 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
if (b == BAD || b2 == BAD)
return ASN_INPUT_E;
out[outIdx++] = (byte)((b << 4) | b2);
inLen -= 2;
}
@ -393,7 +469,43 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
return 0;
}
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
word32 outIdx = 0;
word32 i;
byte hb, lb;
#endif /* (OPENSSL_EXTRA) || (HAVE_WEBSERVER) || (HAVE_FIPS) */
if (in == NULL || out == NULL || outLen == NULL)
return BAD_FUNC_ARG;
#endif /* NO_CODING */
if (*outLen < (2 * inLen + 1))
return BAD_FUNC_ARG;
for (i = 0; i < inLen; i++) {
hb = in[i] >> 4;
lb = in[i] & 0x0f;
/* ASCII value */
hb += '0';
if (hb > '9')
hb += 7;
/* ASCII value */
lb += '0';
if (lb>'9')
lb += 7;
out[outIdx++] = hb;
out[outIdx++] = lb;
}
/* force 0 at this end */
out[outIdx++] = 0;
*outLen = outIdx;
return 0;
}
#endif /* WOLFSSL_BASE16 */
#endif /* !NO_CODING */