HAVE_SELFTEST wip

wolfSSL · Aug 27, 2024 · 21e85e6 · 21e85e6
1 parent 0072c00
commit 21e85e6
Showing 1 changed file with 24 additions and 11 deletions.
diff --git a/src/pk.c b/src/pk.c
@@ -5311,7 +5311,6 @@ int wolfSSL_DSA_SIG_set0(WOLFSSL_DSA_SIG *sig, WOLFSSL_BIGNUM *r,
     return 1;
 }
 
-#ifndef HAVE_SELFTEST
 /**
  *
  * @param sig The input signature to encode
@@ -5471,7 +5470,7 @@ WOLFSSL_DSA_SIG* wolfSSL_d2i_DSA_SIG(WOLFSSL_DSA_SIG **sig,
 static int dsa_do_sign(const unsigned char* d, int dLen, unsigned char* sigRet,
         WOLFSSL_DSA* dsa)
 {
-    int     ret = -1;
+    int     ret = WOLFSSL_FATAL_ERROR;
     int     initTmpRng = 0;
     WC_RNG* rng = NULL;
 #ifdef WOLFSSL_SMALL_STACK
@@ -5496,7 +5495,7 @@ static int dsa_do_sign(const unsigned char* d, int dLen, unsigned char* sigRet,
 #ifdef WOLFSSL_SMALL_STACK
     tmpRng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG);
     if (tmpRng == NULL)
-        return -1;
+        return ret;
 #endif
 
     if (wc_InitRng(tmpRng) == 0) {
@@ -5509,10 +5508,16 @@ static int dsa_do_sign(const unsigned char* d, int dLen, unsigned char* sigRet,
     }
 
     if (rng) {
+#ifdef HAVE_SELFTEST
+        if (dLen != WC_SHA_DIGEST_SIZE ||
+                wc_DsaSign(d, sigRet, (DsaKey*)dsa->internal, rng) < 0)
+            WOLFSSL_MSG("wc_DsaSign failed or dLen wrong length");
+#else
         if (wc_DsaSign_ex(d, dLen, sigRet, (DsaKey*)dsa->internal, rng) < 0)
-            WOLFSSL_MSG("DsaSign failed");
+            WOLFSSL_MSG("wc_DsaSign_ex failed");
+#endif
         else
-            ret = 1;
+            ret = WOLFSSL_SUCCESS;
     }
 
     if (initTmpRng)
@@ -5574,25 +5579,34 @@ static int dsa_do_verify(const unsigned char* d, int dLen, unsigned char* sig,
 
     if (d == NULL || sig == NULL || dsa == NULL) {
         WOLFSSL_MSG("Bad function arguments");
-        return -1;
+        return WOLFSSL_FATAL_ERROR;
     }
     if (dsa->inSet == 0)
     {
         WOLFSSL_MSG("No DSA internal set, do it");
 
         if (SetDsaInternal(dsa) != 1) {
             WOLFSSL_MSG("SetDsaInternal failed");
-            return -1;
+            return WOLFSSL_FATAL_ERROR;
         }
     }
 
+#ifdef HAVE_SELFTEST
+    ret = dLen == WC_SHA_DIGEST_SIZE ?
+          wc_DsaVerify(d, sig, (DsaKey*)dsa->internal, dsacheck) : BAD_FUNC_ARG;
+#else
     ret = wc_DsaVerify_ex(d, dLen, sig, (DsaKey*)dsa->internal, dsacheck);
-    if (ret != 0 || *dsacheck != 1) {
+#endif
+    if (ret != 0) {
         WOLFSSL_MSG("DsaVerify failed");
-        return ret;
+        return WOLFSSL_FATAL_ERROR;
+    }
+    if (*dsacheck != 1) {
+        WOLFSSL_MSG("DsaVerify sig failed");
+        return WOLFSSL_FAILURE;
     }
 
-    return 1;
+    return WOLFSSL_SUCCESS;
 }
 
 int wolfSSL_DSA_do_verify(const unsigned char* d, unsigned char* sig,
@@ -5683,7 +5697,6 @@ int wolfSSL_DSA_do_verify_ex(const unsigned char* digest, int digest_len,
 
     return 1;
 }
-#endif /* !HAVE_SELFTEST */
 
 int wolfSSL_i2d_DSAparams(const WOLFSSL_DSA* dsa,
     unsigned char** out)