-
Notifications
You must be signed in to change notification settings - Fork 836
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add EC_POINT_hex2point #7191
Add EC_POINT_hex2point #7191
Conversation
2dd78b3
to
890f46f
Compare
6ac25c2
to
1259e4a
Compare
retest this please.. |
I ran this locally with Valgrind and the "CI/krb5/Build wolfSSL" test failure is legit.
I got the same leak report for function I looked into the "CI/openwrt/Compile container (21.02-SNAPSHOT)" failure. It isn't able to download the openwrt sources from the server. |
Looks like there's actually an issue here with missing macro definitions. The |
a80a0c5
to
d7e7168
Compare
retest this please |
src/pk.c
Outdated
WOLFSSL_MSG("EEC_KEY_get_byte_size, XMALLOC"); | ||
goto err; | ||
} | ||
octGx[0] = 0x03; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you use ECC_POINT_COMP_ODD
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
src/pk.c
Outdated
int key_sz; | ||
byte *octGx = NULL; | ||
|
||
#define P_ALLOC 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adding P_ALLOC
here seems pointless. Just use 1 directly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
src/pk.c
Outdated
} | ||
else if (hex[0] == '0' && (hex[1] == '2' || hex[1] == '3')) { | ||
/* compressed mode */ | ||
key_sz = ((wolfSSL_EC_GROUP_get_degree(group) + 7) / 8); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Recommend a cleanup to do key_sz = ((wolfSSL_EC_GROUP_get_degree(group) + 7) / 8);
above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
src/pk.c
Outdated
} | ||
|
||
if (hex[0] == '0' && hex[1] == '4') { /* uncompressed mode */ | ||
str_sz = ((wolfSSL_EC_GROUP_get_degree(group) + 7) / 8) * 2; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
str_sz = key_sz * 2
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
src/pk.c
Outdated
|
||
if (hex[0] == '0' && hex[1] == '4') { /* uncompressed mode */ | ||
str_sz = ((wolfSSL_EC_GROUP_get_degree(group) + 7) / 8) * 2; | ||
strGx = (char *)XMALLOC(str_sz + 1, NULL, DYNAMIC_TYPE_ECC); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It might be easier to just use MAX_ECC_BYTES * 2
for the buffer vs using malloc without a heap hint. Its not really an ECC type, its temp buffer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
src/pk.c
Outdated
else if (hex[0] == '0' && (hex[1] == '2' || hex[1] == '3')) { | ||
/* compressed mode */ | ||
key_sz = ((wolfSSL_EC_GROUP_get_degree(group) + 7) / 8); | ||
octGx = (byte *)XMALLOC(key_sz + 1, NULL, DYNAMIC_TYPE_ECC); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same use MAX_ECC_BYTES
and only use a single buffer for either case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
retest this please |
src/pk.c
Outdated
@@ -9788,12 +9787,12 @@ char* wolfSSL_EC_POINT_point2hex(const WOLFSSL_EC_GROUP* group, | |||
* odd. | |||
*/ | |||
hex[0] = mp_isodd((mp_int*)point->Y->internal) ? | |||
ECC_POINT_COMP_ODD : ECC_POINT_COMP_EVEN; | |||
0x03 : 0x02; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you switch to using the numeric directly to avoid having the #fndef HAVE_SELFTEST
?
I really prefer the ECC_POINT_COMP_ODD
, ECC_POINT_COMP_EVEN
and ECC_POINT_UNCOMP
values. If needed you could add some logic above to ensure these are available.
#ifdef HAVE_SELFTEST
/* point compression types */
#define ECC_POINT_COMP_EVEN 0x02
#define ECC_POINT_COMP_ODD 0x03
#define ECC_POINT_UNCOMP 0x04
#endif
e760f12
to
cd2818a
Compare
Retest this please |
retest this please |
2791ba9
to
73b35f1
Compare
Add EC_POINT_hex2point
Description
Add EC_POINT_hex2point
Enable HAVE_COMP_KEY for Compressed Key
Fixes zd #17090
Testing
Checklist