Skip to content

Commit

Permalink
Merge pull request #8339 from douzzer/20250107-clang-tidy-xmss
Browse files Browse the repository at this point in the history 
20250107-clang-tidy-xmss
  • Loading branch information
@dgarske
dgarske authored Jan 8, 2025
2 parents 78c4a04 + fd664fd commit 78776ba
Show file tree
Hide file tree
Showing 6 changed files with 67 additions and 25 deletions.
2 changes: 0 additions & 2 deletions .wolfssl_known_macro_extras
View file
Original file line number Diff line number Diff line change
Expand Up @@ -638,7 +638,6 @@ WOLFSSL_FRDM_K64
WOLFSSL_FRDM_K64_JENKINS
WOLFSSL_FUNC_TIME
WOLFSSL_FUNC_TIME_LOG
WOLFSSL_GAISLER_BCC
WOLFSSL_GEN_CERT
WOLFSSL_GETRANDOM
WOLFSSL_GNRC
Expand Down Expand Up @@ -682,7 +681,6 @@ WOLFSSL_MULTICIRCULATE_ALTNAMELIST
WOLFSSL_NONBLOCK_OCSP
WOLFSSL_NOSHA3_384
WOLFSSL_NOT_WINDOWS_API
WOLFSSL_NO_AES_CFB_1_8
WOLFSSL_NO_BIO_ADDR_IN
WOLFSSL_NO_CLIENT
WOLFSSL_NO_CLIENT_CERT_ERROR
Expand Down
2 changes: 1 addition & 1 deletion tests/api.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99282,7 +99282,7 @@ static int test_dtls12_basic_connection_id(void)
WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
struct test_memio_ctx test_ctx;

printf("Testing %s run #%ld ... ", params[i], j);
printf("Testing %s run #%ld ... ", params[i], (long int)j);

XMEMSET(&test_ctx, 0, sizeof(test_ctx));

Expand Down
20 changes: 15 additions & 5 deletions wolfcrypt/src/dh.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2549,31 +2549,41 @@ static int _DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g,
* public moduli (known primes) from RFC 7919.
*/
#ifdef HAVE_FFDHE_2048
if ((pSz == sizeof(dh_ffdhe2048_p)) && (XMEMCMP(p, dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p)) == 0)) {
if ((pSz == sizeof(dh_ffdhe2048_p)) &&
(XMEMCMP(p, dh_ffdhe2048_p, sizeof(dh_ffdhe2048_p)) == 0))
{
isPrime = 1;
}
else
#endif
#ifdef HAVE_FFDHE_3072
if ((pSz == sizeof(dh_ffdhe3072_p)) && (XMEMCMP(p, dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p)) == 0)) {
if ((pSz == sizeof(dh_ffdhe3072_p)) &&
(XMEMCMP(p, dh_ffdhe3072_p, sizeof(dh_ffdhe3072_p)) == 0))
{
isPrime = 1;
}
else
#endif
#ifdef HAVE_FFDHE_4096
if ((pSz == sizeof(dh_ffdhe4096_p)) && (XMEMCMP(p, dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p)) == 0)) {
if ((pSz == sizeof(dh_ffdhe4096_p)) &&
(XMEMCMP(p, dh_ffdhe4096_p, sizeof(dh_ffdhe4096_p)) == 0))
{
isPrime = 1;
}
else
#endif
#ifdef HAVE_FFDHE_6144
if ((pSz == sizeof(dh_ffdhe6144_p)) && (XMEMCMP(p, dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p)) == 0)) {
if ((pSz == sizeof(dh_ffdhe6144_p)) &&
(XMEMCMP(p, dh_ffdhe6144_p, sizeof(dh_ffdhe6144_p)) == 0))
{
isPrime = 1;
}
else
#endif
#ifdef HAVE_FFDHE_8192
if ((pSz == sizeof(dh_ffdhe8192_p)) && (XMEMCMP(p, dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p)) == 0)) {
if ((pSz == sizeof(dh_ffdhe8192_p)) &&
(XMEMCMP(p, dh_ffdhe8192_p, sizeof(dh_ffdhe8192_p)) == 0))
{
isPrime = 1;
}
else
Expand Down
18 changes: 18 additions & 0 deletions wolfcrypt/src/integer.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -440,6 +440,10 @@ int mp_grow (mp_int * a, int size)
a->dp[i] = 0;
}
}
else if ((a->alloc > 0) && (a->dp == NULL)) {
/* opportunistic sanity check on a->dp */
return MP_VAL;
}
return MP_OKAY;
}

Expand Down Expand Up @@ -1758,6 +1762,13 @@ int s_mp_add (mp_int * a, mp_int * b, mp_int * c)
/* destination */
tmpc = c->dp;

/* sanity-check dp pointers from a and b. */
if ((min_ab > 0) &&
((tmpa == NULL) || (tmpb == NULL)))
{
return MP_VAL;
}

/* zero the carry */
u = 0;
for (i = 0; i < min_ab; i++) {
Expand Down Expand Up @@ -1833,6 +1844,13 @@ int s_mp_sub (mp_int * a, mp_int * b, mp_int * c)
tmpb = b->dp;
tmpc = c->dp;

/* sanity-check dp pointers from a and b. */
if ((min_b > 0) &&
((tmpa == NULL) || (tmpb == NULL)))
{
return MP_VAL;
}

/* set carry to zero */
u = 0;
for (i = 0; i < min_b; i++) {
Expand Down
2 changes: 2 additions & 0 deletions wolfcrypt/src/pkcs7.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2073,6 +2073,8 @@ static int wc_PKCS7_BuildSignedAttributes(wc_PKCS7* pkcs7, ESD* esd,

cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib);

XMEMSET(&cannedAttribs[idx], 0, sizeof(cannedAttribs[idx]));

if ((pkcs7->defaultSignedAttribs & WOLFSSL_CONTENT_TYPE_ATTRIBUTE) ||
pkcs7->defaultSignedAttribs == 0) {
cannedAttribs[idx].oid = contentTypeOid;
Expand Down
48 changes: 31 additions & 17 deletions wolfcrypt/src/wc_xmss_impl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2675,7 +2675,7 @@ static void wc_xmss_bds_state_free(BdsState* bds)
* @param [out] bds BDS states.
* @param [out] wots_sigs WOTS signatures when XMSS^MT.
*/
static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
static int wc_xmss_bds_state_load(const XmssState* state, byte* sk,
BdsState* bds, byte** wots_sigs)
{
const XmssParams* params = state->params;
Expand All @@ -2689,6 +2689,9 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
/* Skip past standard SK = idx || wots_sk || SK_PRF || root || SEED; */
sk += params->idx_len + 4 * n;

if (2 * (int)params->d - 1 <= 0)
return WC_FAILURE;

for (i = 0; i < 2 * (int)params->d - 1; i++) {
/* Set pointers into SK. */
bds[i].stack = sk;
Expand All @@ -2715,6 +2718,8 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
if (wots_sigs != NULL) {
*wots_sigs = sk;
}

return 0;
}

/* Store the BDS state into the secret/private key.
Expand All @@ -2723,7 +2728,7 @@ static void wc_xmss_bds_state_load(const XmssState* state, byte* sk,
* @param [in, out] sk Secret/private key.
* @param [in] bds BDS states.
*/
static void wc_xmss_bds_state_store(const XmssState* state, byte* sk,
static int wc_xmss_bds_state_store(const XmssState* state, byte* sk,
BdsState* bds)
{
int i;
Expand All @@ -2743,15 +2748,20 @@ static void wc_xmss_bds_state_store(const XmssState* state, byte* sk,
/* Ignore standard SK = idx || wots_sk || SK_PRF || root || SEED; */
sk += params->idx_len + 4 * n;

if (2 * (int)params->d - 1 <= 0)
return WC_FAILURE;

for (i = 0; i < 2 * (int)params->d - 1; i++) {
/* Skip pointers into sk. */
sk += skip;
/* Save values - big-endian encoded. */
c32to24(bds[i].next, sk);
c32to24(bds[i].next, sk); /* NOLINT(clang-analyzer-core.CallAndMessage) */
sk += 3;
sk[0] = bds[i].offset;
sk += 1;
}

return 0;
}

/********************************************
Expand Down Expand Up @@ -3297,6 +3307,10 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
if (ret == 0)
#endif
{
/* Setup pointers into sk - assumes sk is initialized to zeros. */
ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
}
if (ret == 0) {
/* Offsets into seed. */
const byte* seed_priv = seed;
const byte* seed_pub = seed + 2 * n;
Expand All @@ -3306,9 +3320,6 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
/* Offsets into public key. */
byte* pk_seed = pk + n;

/* Setup pointers into sk - assumes sk is initialized to zeros. */
wc_xmss_bds_state_load(state, sk, bds, NULL);

/* Set first index to 0 in private key. idx_len always 4. */
*sk_idx = 0;
/* Set private key seed and private key for PRF in to private key. */
Expand All @@ -3333,7 +3344,7 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed,
XMEMCPY(sk_root, pk_root, 2 * n);

/* Store BDS state back into secret/private key. */
wc_xmss_bds_state_store(state, sk, bds);
ret = wc_xmss_bds_state_store(state, sk, bds);
}

#ifdef WOLFSSL_SMALL_STACK
Expand Down Expand Up @@ -3412,8 +3423,9 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
#endif
{
/* Load the BDS state from secret/private key. */
wc_xmss_bds_state_load(state, sk, bds, NULL);

ret = wc_xmss_bds_state_load(state, sk, bds, NULL);
}
if (ret == 0) {
/* Copy the index into the signature data: Sig = idx_sig || ... */
*((word32*)sig) = *((word32*)sk);
/* Read index from the secret key. */
Expand Down Expand Up @@ -3490,7 +3502,7 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen,
}
if (ret == 0) {
/* Store BDS state back into secret/private key. */
wc_xmss_bds_state_store(state, sk, bds);
ret = wc_xmss_bds_state_store(state, sk, bds);
}

#ifdef WOLFSSL_SMALL_STACK
Expand Down Expand Up @@ -3580,14 +3592,15 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,

/* Allocate memory for BDS states and tree hash instances. */
ret = wc_xmss_bds_state_alloc(params, &bds);
if (ret == 0) {
/* Load the BDS state from secret/private key. */
ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
}
if (ret == 0) {
/* Offsets into seed. */
const byte* seed_priv = seed;
const byte* seed_pub = seed + 2 * params->n;

/* Load the BDS state from secret/private key. */
wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);

/* Set first index to 0 in private key. */
XMEMSET(sk, 0, params->idx_len);
/* Set private key seed and private key for PRF in to private key. */
Expand Down Expand Up @@ -3630,7 +3643,7 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed,
XMEMCPY(sk_root, pk_root, 2 * n);

/* Store BDS state back into secret/private key. */
wc_xmss_bds_state_store(state, sk, bds);
ret = wc_xmss_bds_state_store(state, sk, bds);
}

/* Dispose of allocated data of BDS states. */
Expand Down Expand Up @@ -4000,8 +4013,9 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,
ret = wc_xmss_bds_state_alloc(params, &bds);
if (ret == 0) {
/* Load the BDS state from secret/private key. */
wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);

ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs);
}
if (ret == 0) {
/* Copy the index into the signature data: Sig_MT = idx_sig. */
XMEMCPY(sig_mt, sk, idx_len);

Expand Down Expand Up @@ -4032,7 +4046,7 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen,

if (ret == 0) {
/* Store BDS state back into secret/private key. */
wc_xmss_bds_state_store(state, sk, bds);
ret = wc_xmss_bds_state_store(state, sk, bds);
}

/* Dispose of allocated data of BDS states. */
Expand Down

0 comments on commit 78776ba

Please sign in to comment.