Skip to content

Commit

Permalink
Merge pull request #3166 from dgarske/csharp_wolfcrypt
Browse files Browse the repository at this point in the history
wolfCrypt CSharp Wrapper
  • Loading branch information
douzzer authored Oct 8, 2024
2 parents bf29b68 + e4f4274 commit 4a37947
Show file tree
Hide file tree
Showing 46 changed files with 5,863 additions and 1,008 deletions.
57 changes: 57 additions & 0 deletions .github/workflows/win-csharp-test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: Windows CSharp Build Test

on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]

jobs:
build:

runs-on: windows-latest

# This should be a safe limit for the tests to run.
timeout-minutes: 6

env:
# Path to the solution file relative to the root of the project.
SOLUTION_FILE_PATH: wolfssl\wrapper\CSharp\wolfSSL_CSharp.sln

# Configuration type to build.
# You can convert this to a build matrix if you need coverage of multiple configuration types.
# https://docs.github.com/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
BUILD_CONFIGURATION: Debug
BUILD_PLATFORM: x64

steps:
- name: Pull wolfssl
uses: actions/checkout@master
with:
repository: wolfssl/wolfssl
path: wolfssl

- name: Create FIPS stub files (autogen)
working-directory: wolfssl
run: |
echo $null >> wolfcrypt\src\fips.c
echo $null >> wolfcrypt\src\fips_test.c
echo $null >> wolfcrypt\src\wolfcrypt_first.c
echo $null >> wolfcrypt\src\wolfcrypt_last.c
- name: Add MSBuild to PATH
uses: microsoft/setup-msbuild@v1

- name: Build
working-directory: ${{env.GITHUB_WORKSPACE}}
# Add additional options to the MSBuild command line here (like platform or verbosity level).
# See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}

- name: Run wolfCrypt test
working-directory: ${{env.GITHUB_WORKSPACE}}wolfssl\wrapper\CSharp\Debug\x64\
run: ./wolfCrypt-test.exe

- name: Run wolfSSL client/server example
working-directory: ${{env.GITHUB_WORKSPACE}}wolfssl\wrapper\CSharp\Debug\x64\
run: ./wolfSSL-TLS-Server.exe && sleep 1 & ./wolfSSL-TLS-Client.exe
4 changes: 2 additions & 2 deletions mcapi/crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -173,9 +173,9 @@ enum {
typedef struct CRYPT_AES_CTX {
/* big enough to hold internal, but check on init */
#ifdef WOLF_PRIVATE_KEY_ID
int holder[110];
int holder[114];
#else
int holder[92];
int holder[96];
#endif
} CRYPT_AES_CTX;

Expand Down
4 changes: 2 additions & 2 deletions src/pk.c
Original file line number Diff line number Diff line change
Expand Up @@ -354,7 +354,7 @@ int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher,
int ret = 0;
int paddingSz = 0;
word32 idx;
word32 cipherInfoSz;
word32 cipherInfoSz = 0;
#ifdef WOLFSSL_SMALL_STACK
EncryptedInfo* info = NULL;
#else
Expand Down Expand Up @@ -3300,7 +3300,7 @@ static int wolfssl_rsa_generate_key_native(WOLFSSL_RSA* rsa, int bits,
#endif
int initTmpRng = 0;
WC_RNG* rng = NULL;
long en;
long en = 0;
#endif

(void)cb;
Expand Down
11 changes: 7 additions & 4 deletions src/ssl.c
Original file line number Diff line number Diff line change
Expand Up @@ -16138,11 +16138,14 @@ long wolfSSL_set_options(WOLFSSL* ssl, long op)
else {
/* Only preserve overlapping suites */
Suites tmpSuites;
word16 in, out, haveECDSAsig = 0;
word16 haveStaticECC = ssl->options.haveStaticECC;
word16 in, out;
word16 haveECDSAsig, haveStaticECC;
#ifdef NO_RSA
haveECDSAsig = 1;
haveStaticECC = 1;
#else
haveECDSAsig = 0;
haveStaticECC = ssl->options.haveStaticECC;
#endif
XMEMSET(&tmpSuites, 0, sizeof(Suites));
/* Get all possible ciphers and sigalgs for the version. Following
Expand Down Expand Up @@ -21962,9 +21965,9 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names,
#endif /* HAVE_SUPPORTED_CURVES */
}

if (ssl)
if (ssl != NULL)
ssl->disabledCurves = disabled;
else
else if (ctx != NULL)
ctx->disabledCurves = disabled;
ret = WOLFSSL_SUCCESS;

Expand Down
9 changes: 5 additions & 4 deletions tests/api.c
Original file line number Diff line number Diff line change
Expand Up @@ -27665,7 +27665,7 @@ static int test_wc_EccPrivateKeyToDer(void)
byte output[ONEK_BUF];
ecc_key eccKey;
WC_RNG rng;
word32 inLen;
word32 inLen = 0;
word32 outLen = 0;
int ret;

Expand All @@ -27681,12 +27681,13 @@ static int test_wc_EccPrivateKeyToDer(void)
#endif
ExpectIntEQ(ret, 0);

inLen = (word32)sizeof(output);
/* Bad Cases */
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, NULL, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, output, inLen), WC_NO_ERR_TRACE(BAD_FUNC_ARG));
ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, NULL, inLen), WC_NO_ERR_TRACE(LENGTH_ONLY_E));
inLen = wc_EccPrivateKeyToDer(&eccKey, NULL, 0);
ExpectIntGT(inLen, 0);
ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, output, 0), WC_NO_ERR_TRACE(BAD_FUNC_ARG));

/* Good Case */
ExpectIntGT(outLen = (word32)wc_EccPrivateKeyToDer(&eccKey, output, inLen), 0);

Expand Down Expand Up @@ -52516,7 +52517,7 @@ static int test_wolfSSL_ASN1_INTEGER(void)
ASN1_INTEGER_free(a);
a = NULL;

p = longDer;
p = invalidLenDer;
ExpectNull(d2i_ASN1_INTEGER(NULL, &p, sizeof(invalidLenDer)));

p = longDer;
Expand Down
52 changes: 47 additions & 5 deletions wolfcrypt/src/aes.c
Original file line number Diff line number Diff line change
Expand Up @@ -10539,6 +10539,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz,
if (ret == 0)
ret = wc_AesGcmEncrypt_ex(aes, NULL, NULL, 0, iv, ivSz,
authTag, authTagSz, authIn, authInSz);
aes->isAllocated = 0;
wc_AesFree(aes);
}
ForceZero(aes, sizeof *aes);
Expand Down Expand Up @@ -10580,6 +10581,8 @@ int wc_GmacVerify(const byte* key, word32 keySz,
if (ret == 0)
ret = wc_AesGcmDecrypt(aes, NULL, NULL, 0, iv, ivSz,
authTag, authTagSz, authIn, authInSz);

aes->isAllocated = 0;
wc_AesFree(aes);
}
ForceZero(aes, sizeof *aes);
Expand Down Expand Up @@ -11296,6 +11299,20 @@ int wc_AesCcmEncrypt_ex(Aes* aes, byte* out, const byte* in, word32 sz,

#endif /* HAVE_AESCCM */

Aes* wc_AesNew(void* heap, int devId)
{
Aes* aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_AES);
if (aes != NULL) {
if (wc_AesInit(aes, heap, devId) != 0) {
XFREE(aes, heap, DYNAMIC_TYPE_AES);
aes = NULL;
}
else {
aes->isAllocated = 1;
}
}
return aes;
}

/* Initialize Aes for use with async hardware */
int wc_AesInit(Aes* aes, void* heap, int devId)
Expand All @@ -11305,6 +11322,7 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
if (aes == NULL)
return BAD_FUNC_ARG;

aes->isAllocated = 0;
aes->heap = heap;
aes->rounds = 0;

Expand Down Expand Up @@ -11430,11 +11448,18 @@ int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId)
/* Free Aes from use with async hardware */
void wc_AesFree(Aes* aes)
{
if (aes == NULL)
void* heap;
byte isAllocated;

if (aes == NULL) {
return;
}

heap = aes->heap;
isAllocated = aes->isAllocated;

#ifdef WC_DEBUG_CIPHER_LIFECYCLE
(void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1);
(void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, heap, 1);
#endif

#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
Expand Down Expand Up @@ -11472,7 +11497,7 @@ void wc_AesFree(Aes* aes)
#endif
#if defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \
!defined(WOLFSSL_AESNI)
XFREE(aes->streamData, aes->heap, DYNAMIC_TYPE_AES);
XFREE(aes->streamData, heap, DYNAMIC_TYPE_AES);
aes->streamData = NULL;
#endif

Expand All @@ -11499,6 +11524,11 @@ void wc_AesFree(Aes* aes)
#ifdef WOLFSSL_CHECK_MEM_ZERO
wc_MemZero_Check(aes, sizeof(Aes));
#endif

if (isAllocated) {
XFREE(aes, heap, DYNAMIC_TYPE_AES);
}

}

int wc_AesGetKeySize(Aes* aes, word32* keySize)
Expand Down Expand Up @@ -14003,6 +14033,13 @@ static WARN_UNUSED_RESULT int AesSivCipher(
}
}

#ifndef WOLFSSL_SMALL_STACK
/* make aes has heap hint and isAllocated initialized for cleanup below */
if (ret != 0) {
XMEMSET(aes, 0, sizeof(Aes));
}
#endif

if (ret == 0 && dataSz > 0) {
sivTmp[12] &= 0x7f;
sivTmp[8] &= 0x7f;
Expand Down Expand Up @@ -14032,10 +14069,15 @@ static WARN_UNUSED_RESULT int AesSivCipher(
}
}

wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_AES);
if (aes != NULL)
#endif
{
wc_AesFree(aes);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_AES);
#endif
}

return ret;
}
Expand Down
24 changes: 13 additions & 11 deletions wolfcrypt/src/asn.c
Original file line number Diff line number Diff line change
Expand Up @@ -22659,7 +22659,7 @@ static int DecodeCertReq(DecodedCert* cert, int* criticalExt)
{
DECL_ASNGETDATA(dataASN, certReqASN_Length);
int ret = 0;
byte version;
byte version = 0;
word32 idx;

CALLOC_ASNGETDATA(dataASN, certReqASN_Length, ret, cert->heap);
Expand Down Expand Up @@ -23552,7 +23552,7 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
const unsigned char** pubKey, word32* pubKeySz)
{
int ret = 0;
int l;
int l = 0;
word32 o = 0;
int i;
static DecodeInstr ops[] = {
Expand Down Expand Up @@ -27841,7 +27841,7 @@ static int SetCertificatePolicies(byte *output,
byte oid[MAX_OID_SZ];
word32 oidSz;
word32 sz = 0;
int piSz;
int piSz = 0;

if ((input == NULL) || (nb_certpol > MAX_CERTPOL_NB)) {
ret = BAD_FUNC_ARG;
Expand Down Expand Up @@ -30399,8 +30399,8 @@ int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
return (int)(idx + seqSz);
#else
DECL_ASNSETDATA(dataASN, sigASN_Length);
word32 seqSz;
int sz;
word32 seqSz = 0;
int sz = 0;
int ret = 0;

CALLOC_ASNSETDATA(dataASN, sigASN_Length, ret, NULL);
Expand Down Expand Up @@ -35106,6 +35106,7 @@ int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,

/* Write a Private ecc key, including public to DER format,
* length on success else < 0 */
/* Note: use wc_EccKeyDerSize to get length only */
WOLFSSL_ABI
int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
{
Expand All @@ -35117,10 +35118,7 @@ int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
int wc_EccKeyDerSize(ecc_key* key, int pub)
{
word32 sz = 0;
int ret;

ret = wc_BuildEccKeyDer(key, NULL, &sz, pub, 1);

int ret = wc_BuildEccKeyDer(key, NULL, &sz, pub, 1);
if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return ret;
}
Expand All @@ -35131,7 +35129,11 @@ int wc_EccKeyDerSize(ecc_key* key, int pub)
* length on success else < 0 */
int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen)
{
return wc_BuildEccKeyDer(key, output, &inLen, 0, 1);
int ret = wc_BuildEccKeyDer(key, output, &inLen, 0, 1);
if (ret == WC_NO_ERR_TRACE(LENGTH_ONLY_E)) {
return (int)inLen;
}
return ret;
}

#ifdef HAVE_PKCS8
Expand Down Expand Up @@ -35673,7 +35675,7 @@ int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
word32 idx = 0, seqSz, verSz, algoSz, privSz, pubSz = 0, sz;
#else
DECL_ASNSETDATA(dataASN, edKeyASN_Length);
int sz;
int sz = 0;
#endif

/* validate parameters */
Expand Down
Loading

0 comments on commit 4a37947

Please sign in to comment.