Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

wolfCrypt CSharp Wrapper #3166

Merged
merged 8 commits into from
Oct 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 57 additions & 0 deletions .github/workflows/win-csharp-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: Windows CSharp Build Test

on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]

jobs:
build:

runs-on: windows-latest

# This should be a safe limit for the tests to run.
timeout-minutes: 6

env:
# Path to the solution file relative to the root of the project.
SOLUTION_FILE_PATH: wolfssl\wrapper\CSharp\wolfSSL_CSharp.sln

# Configuration type to build.
# You can convert this to a build matrix if you need coverage of multiple configuration types.
# https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
BUILD_CONFIGURATION: Debug
BUILD_PLATFORM: x64

steps:
- name: Pull wolfssl
uses: actions/checkout@master
with:
repository: wolfssl/wolfssl
path: wolfssl

- name: Create FIPS stub files (autogen)
working-directory: wolfssl
run: |
echo $null >> wolfcrypt\src\fips.c
echo $null >> wolfcrypt\src\fips_test.c
echo $null >> wolfcrypt\src\wolfcrypt_first.c
echo $null >> wolfcrypt\src\wolfcrypt_last.c

- name: Add MSBuild to PATH
uses: microsoft/setup-msbuild@v1

- name: Build
working-directory: ${{env.GITHUB_WORKSPACE}}
# Add additional options to the MSBuild command line here (like platform or verbosity level).
# See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}

- name: Run wolfCrypt test
working-directory: ${{env.GITHUB_WORKSPACE}}wolfssl\wrapper\CSharp\Debug\x64\
run: ./wolfCrypt-test.exe

- name: Run wolfSSL client/server example
working-directory: ${{env.GITHUB_WORKSPACE}}wolfssl\wrapper\CSharp\Debug\x64\
run: ./wolfSSL-TLS-Server.exe && sleep 1 & ./wolfSSL-TLS-Client.exe
4 changes: 2 additions & 2 deletions mcapi/crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -173,9 +173,9 @@ enum {
typedef struct CRYPT_AES_CTX {
/* big enough to hold internal, but check on init */
#ifdef WOLF_PRIVATE_KEY_ID
int holder[110];
int holder[114];
#else
int holder[92];
int holder[96];
#endif
} CRYPT_AES_CTX;

Expand Down
4 changes: 2 additions & 2 deletions src/pk.c
Original file line number Diff line number Diff line change
Expand Up @@ -354,7 +354,7 @@ int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher,
int ret = 0;
int paddingSz = 0;
word32 idx;
word32 cipherInfoSz;
word32 cipherInfoSz = 0;
#ifdef WOLFSSL_SMALL_STACK
EncryptedInfo* info = NULL;
#else
Expand Down Expand Up @@ -3300,7 +3300,7 @@ static int wolfssl_rsa_generate_key_native(WOLFSSL_RSA* rsa, int bits,
#endif
int initTmpRng = 0;
WC_RNG* rng = NULL;
long en;
long en = 0;
#endif

(void)cb;
Expand Down
11 changes: 7 additions & 4 deletions src/ssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -16138,11 +16138,14 @@ long wolfSSL_set_options(WOLFSSL* ssl, long op)
else {
/* Only preserve overlapping suites */
Suites tmpSuites;
word16 in, out, haveECDSAsig = 0;
word16 haveStaticECC = ssl->options.haveStaticECC;
word16 in, out;
word16 haveECDSAsig, haveStaticECC;
#ifdef NO_RSA
haveECDSAsig = 1;
haveStaticECC = 1;
#else
haveECDSAsig = 0;
haveStaticECC = ssl->options.haveStaticECC;
#endif
XMEMSET(&tmpSuites, 0, sizeof(Suites));
/* Get all possible ciphers and sigalgs for the version. Following
Expand Down Expand Up @@ -21962,9 +21965,9 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names,
#endif /* HAVE_SUPPORTED_CURVES */
}

if (ssl)
if (ssl != NULL)
ssl->disabledCurves = disabled;
else
else if (ctx != NULL)
ctx->disabledCurves = disabled;
ret = WOLFSSL_SUCCESS;

Expand Down
9 changes: 5 additions & 4 deletions tests/api.c
Original file line number Diff line number Diff line change
Expand Up @@ -27665,7 +27665,7 @@ static int test_wc_EccPrivateKeyToDer(void)
byte output[ONEK_BUF];
ecc_key eccKey;
WC_RNG rng;
word32 inLen;
word32 inLen = 0;
word32 outLen = 0;
int ret;

Expand All @@ -27681,12 +27681,13 @@ static int test_wc_EccPrivateKeyToDer(void)
#endif
ExpectIntEQ(ret, 0);

inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, NULL, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, output, inLen), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, NULL, inLen), WC_NO_ERR_TRACE(LENGTH_ONLY_E));
inLen = wc_EccPrivateKeyToDer(&eccKey, NULL, 0);
ExpectIntGT(inLen, 0);
ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, output, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG));

/* Good Case */
ExpectIntGT(outLen = (word32)wc_EccPrivateKeyToDer(&eccKey, output, inLen), 0);

Expand Down Expand Up @@ -52516,7 +52517,7 @@ static int test_wolfSSL_ASN1_INTEGER(void)
ASN1_INTEGER_free(a);
a = NULL;

p = longDer;
p = invalidLenDer;
ExpectNull(d2i_ASN1_INTEGER(NULL, &p, sizeof(invalidLenDer)));

p = longDer;
Expand Down
52 changes: 47 additions & 5 deletions wolfcrypt/src/aes.c
Original file line number Diff line number Diff line change
Expand Up @@ -10539,6 +10539,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
if (ret == 0)
ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
aes->isAllocated = 0;
wc_AesFree(aes);
}
ForceZero(aes, sizeof *aes);
Expand Down Expand Up @@ -10580,6 +10581,8 @@ int wc_GmacVerify(const byte* key, word32 keySz,
if (ret == 0)
ret = wc_AesGcmDecrypt(aes, NULL, NULL, 0, iv, ivSz,
authTag, authTagSz, authIn, authInSz);

aes->isAllocated = 0;
wc_AesFree(aes);
}
ForceZero(aes, sizeof *aes);
Expand Down Expand Up @@ -11296,6 +11299,20 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz,

#endif /* HAVE_AESCCM */

Aes* wc_AesNew(void* heap, int devId)
aidangarske marked this conversation as resolved.
Show resolved Hide resolved
{
Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES);
if (aes != NULL) {
if (wc_AesInit(aes, heap, devId) != 0) {
XFREE(aes, heap, DYNAMIC_TYPE_AES);
aes = NULL;
}
else {
aes->isAllocated = 1;
}
}
return aes;
}

/* Initialize Aes for use with async hardware */
int wc_AesInit(Aes* aes, void* heap, int devId)
Expand All @@ -11305,6 +11322,7 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
if (aes == NULL)
return BAD_FUNC_ARG;

aes->isAllocated = 0;
aes->heap = heap;
aes->rounds = 0;

Expand Down Expand Up @@ -11430,11 +11448,18 @@ int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId)
/* Free Aes from use with async hardware */
void wc_AesFree(Aes* aes)
{
if (aes == NULL)
void* heap;
byte isAllocated;

if (aes == NULL) {
return;
}

heap = aes->heap;
isAllocated = aes->isAllocated;

#ifdef WC_DEBUG_CIPHER_LIFECYCLE
(void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1);
(void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, heap, 1);
#endif

#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
Expand Down Expand Up @@ -11472,7 +11497,7 @@ void wc_AesFree(Aes* aes)
#endif
#if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \
!defined(WOLFSSL_AESNI)
XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES);
XFREE(aes->streamData, heap, DYNAMIC_TYPE_AES);
aes->streamData = NULL;
#endif

Expand All @@ -11499,6 +11524,11 @@ void wc_AesFree(Aes* aes)
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Check(aes, sizeof(Aes));
#endif

if (isAllocated) {
XFREE(aes, heap, DYNAMIC_TYPE_AES);
}

}

int wc_AesGetKeySize(Aes* aes, word32* keySize)
Expand Down Expand Up @@ -14003,6 +14033,13 @@ static WARN_UNUSED_RESULT int AesSivCipher(
}
}

#ifndef WOLFSSL_SMALL_STACK
/* make aes has heap hint and isAllocated initialized for cleanup below */
if (ret != 0) {
XMEMSET(aes, 0, sizeof(Aes));
}
#endif

if (ret == 0 && dataSz > 0) {
sivTmp[12] &= 0x7f;
sivTmp[8] &= 0x7f;
Expand Down Expand Up @@ -14032,10 +14069,15 @@ static WARN_UNUSED_RESULT int AesSivCipher(
}
}

wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_AES);
if (aes != NULL)
#endif
{
wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_AES);
#endif
}

return ret;
}
Expand Down
24 changes: 13 additions & 11 deletions wolfcrypt/src/asn.c
Original file line number Diff line number Diff line change
Expand Up @@ -22659,7 +22659,7 @@ static int DecodeCertReq(DecodedCert* cert, int* criticalExt)
{
DECL_ASNGETDATA(dataASN, certReqASN_Length);
int ret = 0;
byte version;
byte version = 0;
word32 idx;

CALLOC_ASNGETDATA(dataASN, certReqASN_Length, ret, cert->heap);
Expand Down Expand Up @@ -23552,7 +23552,7 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
const unsigned char** pubKey, word32* pubKeySz)
{
int ret = 0;
int l;
int l = 0;
word32 o = 0;
int i;
static DecodeInstr ops[] = {
Expand Down Expand Up @@ -27841,7 +27841,7 @@ static int SetCertificatePolicies(byte *output,
byte oid[MAX_OID_SZ];
word32 oidSz;
word32 sz = 0;
int piSz;
int piSz = 0;

if ((input == NULL) || (nb_certpol > MAX_CERTPOL_NB)) {
ret = BAD_FUNC_ARG;
Expand Down Expand Up @@ -30399,8 +30399,8 @@ int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
return (int)(idx + seqSz);
#else
DECL_ASNSETDATA(dataASN, sigASN_Length);
word32 seqSz;
int sz;
word32 seqSz = 0;
int sz = 0;
int ret = 0;

CALLOC_ASNSETDATA(dataASN, sigASN_Length, ret, NULL);
Expand Down Expand Up @@ -35106,6 +35106,7 @@ int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,

/* Write a Private ecc key, including public to DER format,
* length on success else < 0 */
/* Note: use wc_EccKeyDerSize to get length only */
WOLFSSL_ABI
int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
{
Expand All @@ -35117,10 +35118,7 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
int wc_EccKeyDerSize(ecc_key* key, int pub)
{
word32 sz = 0;
int ret;

ret = wc_BuildEccKeyDer(key, NULL, &sz, pub, 1);

int ret = wc_BuildEccKeyDer(key, NULL, &sz, pub, 1);
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return ret;
}
Expand All @@ -35131,7 +35129,11 @@ int wc_EccKeyDerSize(ecc_key* key, int pub)
* length on success else < 0 */
int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen)
{
return wc_BuildEccKeyDer(key, output, &inLen, 0, 1);
int ret = wc_BuildEccKeyDer(key, output, &inLen, 0, 1);
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return (int)inLen;
}
return ret;
}

#ifdef HAVE_PKCS8
Expand Down Expand Up @@ -35673,7 +35675,7 @@ int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
word32 idx = 0, seqSz, verSz, algoSz, privSz, pubSz = 0, sz;
#else
DECL_ASNSETDATA(dataASN, edKeyASN_Length);
int sz;
int sz = 0;
#endif

/* validate parameters */
Expand Down
Loading
Loading