From 7a3db09ddddf81410569c8122d51ba068771a5a2 Mon Sep 17 00:00:00 2001 From: effbiae Date: Wed, 10 Sep 2025 12:22:06 +1000 Subject: [PATCH 1/6] automated small stack compress --- src/crl.c | 93 +--- src/internal.c | 206 ++----- src/keys.c | 26 +- src/ocsp.c | 48 +- src/pk.c | 276 ++------- src/quic.c | 4 +- src/ssl.c | 219 ++------ src/ssl_bn.c | 38 +- src/ssl_certman.c | 74 +-- src/ssl_crypto.c | 136 +---- src/ssl_load.c | 175 ++---- src/ssl_p7p12.c | 32 +- src/ssl_sess.c | 14 +- src/tls.c | 71 +-- src/tls13.c | 31 +- src/wolfio.c | 16 +- src/x509.c | 368 +++--------- src/x509_str.c | 27 +- tests/api.c | 6 +- wolfcrypt/benchmark/benchmark.c | 6 +- wolfcrypt/src/aes.c | 74 +-- wolfcrypt/src/asn.c | 591 ++++++-------------- wolfcrypt/src/blake2b.c | 12 +- wolfcrypt/src/blake2s.c | 12 +- wolfcrypt/src/camellia.c | 12 +- wolfcrypt/src/chacha20_poly1305.c | 36 +- wolfcrypt/src/cmac.c | 12 +- wolfcrypt/src/des3.c | 4 +- wolfcrypt/src/dilithium.c | 74 +-- wolfcrypt/src/ecc.c | 327 +++-------- wolfcrypt/src/evp.c | 106 +--- wolfcrypt/src/ge_448.c | 6 +- wolfcrypt/src/hash.c | 249 ++------- wolfcrypt/src/hmac.c | 40 +- wolfcrypt/src/hpke.c | 179 ++---- wolfcrypt/src/integer.c | 99 +--- wolfcrypt/src/kdf.c | 88 +-- wolfcrypt/src/logging.c | 4 +- wolfcrypt/src/md2.c | 17 +- wolfcrypt/src/pkcs12.c | 4 +- wolfcrypt/src/pkcs7.c | 641 +++++++-------------- wolfcrypt/src/port/iotsafe/iotsafe.c | 31 +- wolfcrypt/src/port/ti/ti-aes.c | 20 +- wolfcrypt/src/port/ti/ti-hash.c | 17 +- wolfcrypt/src/pwdbased.c | 56 +- wolfcrypt/src/random.c | 68 +-- wolfcrypt/src/rsa.c | 70 +-- wolfcrypt/src/sha.c | 19 +- wolfcrypt/src/sha256.c | 38 +- wolfcrypt/src/sha512.c | 45 +- wolfcrypt/src/srp.c | 30 +- wolfcrypt/src/tfm.c | 799 ++++++--------------------- wolfcrypt/src/wc_encrypt.c | 140 ++--- wolfcrypt/src/wc_lms.c | 84 +-- wolfcrypt/src/wc_lms_impl.c | 57 +- wolfcrypt/src/wc_mlkem_poly.c | 35 +- wolfcrypt/src/wc_pkcs11.c | 36 +- wolfcrypt/src/wc_xmss.c | 70 +-- wolfcrypt/src/wc_xmss_impl.c | 12 +- wolfcrypt/test/test.c | 79 +-- 60 files changed, 1524 insertions(+), 4635 deletions(-) diff --git a/src/crl.c b/src/crl.c index 576fe2e950a..9056bd1c6ce 100644 --- a/src/crl.c +++ b/src/crl.c @@ -757,11 +757,7 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type, int ret = WOLFSSL_SUCCESS; const byte* myBuffer = buff; /* if DER ok, otherwise switch */ DerBuffer* der = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCRL* dcrl; -#else - DecodedCRL dcrl[1]; -#endif + WC_DECLARE_VAR(dcrl, DecodedCRL, 1, 0); WOLFSSL_ENTER("BufferLoadCRL"); @@ -796,9 +792,7 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type, crl->currentEntry = CRL_Entry_new(crl->heap); if (crl->currentEntry == NULL) { WOLFSSL_MSG_CERT_LOG("alloc CRL Entry failed"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); FreeDer(&der); return MEMORY_E; } @@ -825,9 +819,7 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type, FreeDecodedCRL(dcrl); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); FreeDer(&der); @@ -843,11 +835,7 @@ int GetCRLInfo(WOLFSSL_CRL* crl, CrlInfo* info, const byte* buff, const byte* myBuffer = buff; /* if DER ok, otherwise switch */ DerBuffer* der = NULL; CRL_Entry* crle = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCRL* dcrl; -#else - DecodedCRL dcrl[1]; -#endif + WC_DECLARE_VAR(dcrl, DecodedCRL, 1, 0); WOLFSSL_ENTER("GetCRLInfo"); @@ -883,9 +871,7 @@ int GetCRLInfo(WOLFSSL_CRL* crl, CrlInfo* info, const byte* buff, crle = CRL_Entry_new(crl->heap); if (crle == NULL) { WOLFSSL_MSG("alloc CRL Entry failed"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); FreeDer(&der); return MEMORY_E; } @@ -904,9 +890,7 @@ int GetCRLInfo(WOLFSSL_CRL* crl, CrlInfo* info, const byte* buff, FreeDecodedCRL(dcrl); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(dcrl, NULL, DYNAMIC_TYPE_TMP_BUFFER); FreeDer(&der); CRL_Entry_free(crle, crl->heap); @@ -1254,23 +1238,14 @@ static int SwapLists(WOLFSSL_CRL* crl) { int ret; CRL_Entry* newList; -#ifdef WOLFSSL_SMALL_STACK - WOLFSSL_CRL* tmp; -#else - WOLFSSL_CRL tmp[1]; -#endif + WC_DECLARE_VAR(tmp, WOLFSSL_CRL, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - tmp = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (tmp == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(tmp, WOLFSSL_CRL, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if (InitCRL(tmp, crl->cm) < 0) { WOLFSSL_MSG("Init tmp CRL failed"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } @@ -1279,9 +1254,7 @@ static int SwapLists(WOLFSSL_CRL* crl) if (ret != WOLFSSL_SUCCESS) { WOLFSSL_MSG("PEM LoadCRL on dir change failed"); FreeCRL(tmp, 0); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } } @@ -1291,9 +1264,7 @@ static int SwapLists(WOLFSSL_CRL* crl) if (ret != WOLFSSL_SUCCESS) { WOLFSSL_MSG("DER LoadCRL on dir change failed"); FreeCRL(tmp, 0); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } } @@ -1301,9 +1272,7 @@ static int SwapLists(WOLFSSL_CRL* crl) if (wc_LockRwLock_Wr(&crl->crlLock) != 0) { WOLFSSL_MSG("wc_LockRwLock_Wr failed"); FreeCRL(tmp, 0); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } @@ -1317,9 +1286,7 @@ static int SwapLists(WOLFSSL_CRL* crl) FreeCRL(tmp, 0); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -1505,11 +1472,7 @@ static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg) int notifyFd; int wd = -1; WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg; -#ifdef WOLFSSL_SMALL_STACK - char* buff; -#else - char buff[8192]; -#endif + WC_DECLARE_VAR(buff, char, 8192, 0); WOLFSSL_ENTER("DoMonitor"); @@ -1614,9 +1577,7 @@ static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (wd > 0) { if (inotify_rm_watch(notifyFd, wd) < 0) @@ -1826,22 +1787,14 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor) { int ret = WOLFSSL_SUCCESS; char* name = NULL; -#ifdef WOLFSSL_SMALL_STACK - ReadDirCtx* readCtx = NULL; -#else - ReadDirCtx readCtx[1]; -#endif + WC_DECLARE_VAR(readCtx, ReadDirCtx, 1, 0); WOLFSSL_ENTER("LoadCRL"); if (crl == NULL) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - readCtx = (ReadDirCtx*)XMALLOC(sizeof(ReadDirCtx), crl->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (readCtx == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(readCtx, ReadDirCtx, 1, crl->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); /* try to load each regular file in path */ ret = wc_ReadDirFirst(readCtx, path, &name); @@ -1873,9 +1826,7 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor) if (ret != WOLFSSL_SUCCESS) { WOLFSSL_MSG("CRL file load failed"); wc_ReadDirClose(readCtx); - #ifdef WOLFSSL_SMALL_STACK - XFREE(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } } @@ -1888,9 +1839,7 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor) /* load failures not reported, for backwards compat */ ret = WOLFSSL_SUCCESS; -#ifdef WOLFSSL_SMALL_STACK - XFREE(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER); if (monitor & WOLFSSL_CRL_MONITOR) { #ifdef HAVE_CRL_MONITOR diff --git a/src/internal.c b/src/internal.c index 356007531a7..f21e75affd5 100644 --- a/src/internal.c +++ b/src/internal.c @@ -12221,9 +12221,7 @@ static int BuildMD5(WOLFSSL* ssl, Hashes* hashes, const byte* sender) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(md5, ssl->heap, DYNAMIC_TYPE_HASHCTX); -#endif + WC_FREE_VAR_EX(md5, ssl->heap, DYNAMIC_TYPE_HASHCTX); return ret; } @@ -12267,9 +12265,7 @@ static int BuildSHA(WOLFSSL* ssl, Hashes* hashes, const byte* sender) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(sha, ssl->heap, DYNAMIC_TYPE_HASHCTX); -#endif + WC_FREE_VAR_EX(sha, ssl->heap, DYNAMIC_TYPE_HASHCTX); return ret; } @@ -14060,11 +14056,9 @@ static int ProcessCSR_ex(WOLFSSL* ssl, byte* input, word32* inOutIdx, * single->isDynamic is set. */ FreeOcspResponse(response); - #ifdef WOLFSSL_SMALL_STACK - XFREE(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS); - XFREE(single, ssl->heap, DYNAMIC_TYPE_OCSP_ENTRY); - XFREE(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); - #endif + WC_FREE_VAR_EX(status, ssl->heap, DYNAMIC_TYPE_OCSP_STATUS); + WC_FREE_VAR_EX(single, ssl->heap, DYNAMIC_TYPE_OCSP_ENTRY); + WC_FREE_VAR_EX(response, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); WOLFSSL_LEAVE("ProcessCSR", ret); return ret; @@ -15906,25 +15900,15 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, #endif #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) if (ret == 0 && addToPendingCAs && !alreadySigner) { -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *dCertAdd = NULL; -#else - DecodedCert dCertAdd[1]; -#endif + WC_DECLARE_VAR(dCertAdd, DecodedCert, 1, 0); int dCertAdd_inited = 0; DerBuffer *derBuffer = NULL; buffer* cert = &args->certs[args->certIdx]; Signer *s = NULL; -#ifdef WOLFSSL_SMALL_STACK - dCertAdd = (DecodedCert *) - XMALLOC(sizeof(*dCertAdd), ssl->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (dCertAdd == NULL) { - ret = MEMORY_E; - goto exit_req_v2; - } -#endif + WC_ALLOC_VAR_EX(dCertAdd, DecodedCert, 1, ssl->heap, + DYNAMIC_TYPE_TMP_BUFFER, + {ret=MEMORY_E;goto exit_req_v2;}); InitDecodedCert(dCertAdd, cert->buffer, cert->length, ssl->heap); dCertAdd_inited = 1; @@ -15957,9 +15941,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, FreeDer(&derBuffer); if (dCertAdd_inited) FreeDecodedCert(dCertAdd); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dCertAdd, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(dCertAdd, ssl->heap, + DYNAMIC_TYPE_TMP_BUFFER); if (ret != 0) goto exit_ppc; } @@ -17213,11 +17196,9 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx, ssl->status_request_v2 = 0; - #ifdef WOLFSSL_SMALL_STACK - XFREE(status, NULL, DYNAMIC_TYPE_OCSP_STATUS); - XFREE(single, NULL, DYNAMIC_TYPE_OCSP_ENTRY); - XFREE(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST); - #endif + WC_FREE_VAR_EX(status, NULL, DYNAMIC_TYPE_OCSP_STATUS); + WC_FREE_VAR_EX(single, NULL, DYNAMIC_TYPE_OCSP_ENTRY); + WC_FREE_VAR_EX(response, NULL, DYNAMIC_TYPE_OCSP_REQUEST); } break; @@ -23576,9 +23557,7 @@ static int BuildMD5_CertVerify(const WOLFSSL* ssl, byte* digest) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(md5, ssl->heap, DYNAMIC_TYPE_HASHCTX); -#endif + WC_FREE_VAR_EX(md5, ssl->heap, DYNAMIC_TYPE_HASHCTX); return ret; } @@ -23621,9 +23600,7 @@ static int BuildSHA_CertVerify(const WOLFSSL* ssl, byte* digest) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(sha, ssl->heap, DYNAMIC_TYPE_HASHCTX); -#endif + WC_FREE_VAR_EX(sha, ssl->heap, DYNAMIC_TYPE_HASHCTX); return ret; } @@ -24050,18 +24027,11 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, #ifdef HAVE_TRUNCATED_HMAC if (ssl->truncated_hmac && ssl->specs.hash_size > args->digestSz) { - #ifdef WOLFSSL_SMALL_STACK - byte* hmac; - #else - byte hmac[WC_MAX_DIGEST_SIZE]; - #endif + WC_DECLARE_VAR(hmac, byte, WC_MAX_DIGEST_SIZE, 0); - #ifdef WOLFSSL_SMALL_STACK - hmac = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, ssl->heap, - DYNAMIC_TYPE_DIGEST); - if (hmac == NULL) - ERROR_OUT(MEMORY_E, exit_buildmsg); - #endif + WC_ALLOC_VAR_EX(hmac, byte, WC_MAX_DIGEST_SIZE, ssl->heap, + DYNAMIC_TYPE_DIGEST, + ERROR_OUT(MEMORY_E,exit_buildmsg)); ret = ssl->hmac(ssl, hmac, output + args->headerSz + args->ivSz, @@ -24069,9 +24039,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, epochOrder); XMEMCPY(output + args->idx, hmac, args->digestSz); - #ifdef WOLFSSL_SMALL_STACK - XFREE(hmac, ssl->heap, DYNAMIC_TYPE_DIGEST); - #endif + WC_FREE_VAR_EX(hmac, ssl->heap, DYNAMIC_TYPE_DIGEST); } else #endif @@ -24197,18 +24165,11 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, #ifdef HAVE_TRUNCATED_HMAC if (ssl->truncated_hmac && ssl->specs.hash_size > args->digestSz) { - #ifdef WOLFSSL_SMALL_STACK - byte* hmac = NULL; - #else - byte hmac[WC_MAX_DIGEST_SIZE]; - #endif + WC_DECLARE_VAR(hmac, byte, WC_MAX_DIGEST_SIZE, 0); - #ifdef WOLFSSL_SMALL_STACK - hmac = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, ssl->heap, - DYNAMIC_TYPE_DIGEST); - if (hmac == NULL) - ERROR_OUT(MEMORY_E, exit_buildmsg); - #endif + WC_ALLOC_VAR_EX(hmac, byte, WC_MAX_DIGEST_SIZE, ssl->heap, + DYNAMIC_TYPE_DIGEST, + ERROR_OUT(MEMORY_E,exit_buildmsg)); ret = ssl->hmac(ssl, hmac, output + args->headerSz, args->ivSz + inSz + args->pad + 1, -1, @@ -24216,9 +24177,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, XMEMCPY(output + args->idx + args->pad + 1, hmac, args->digestSz); - #ifdef WOLFSSL_SMALL_STACK - XFREE(hmac, ssl->heap, DYNAMIC_TYPE_DIGEST); - #endif + WC_FREE_VAR_EX(hmac, ssl->heap, DYNAMIC_TYPE_DIGEST); } else #endif @@ -24522,22 +24481,14 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest, if (request == NULL || ssl->buffers.weOwnCert) { DerBuffer* der = ssl->buffers.certificate; - #ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; - #else - DecodedCert cert[1]; - #endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); /* unable to fetch status. skip. */ if (der->buffer == NULL || der->length == 0) return 0; - #ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, ssl->heap, DYNAMIC_TYPE_DCERT, + return MEMORY_E); request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); if (request == NULL) @@ -24554,9 +24505,7 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest, request = NULL; } - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, ssl->heap, DYNAMIC_TYPE_DCERT); } if (ret == 0) { @@ -25379,25 +25328,15 @@ int SendCertificateStatus(WOLFSSL* ssl) || ssl->buffers.weOwnCertChain)) { buffer der; word32 idx = 0; - #ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert; - #else - DecodedCert cert[1]; - #endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); DerBuffer* chain; - #ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), ssl->heap, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, ssl->heap, + DYNAMIC_TYPE_DCERT, return MEMORY_E); request = (OcspRequest*)XMALLOC(sizeof(OcspRequest), ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); if (request == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, ssl->heap, DYNAMIC_TYPE_DCERT); return MEMORY_E; } @@ -25440,9 +25379,7 @@ int SendCertificateStatus(WOLFSSL* ssl) } if (!ctxOwnsRequest) XFREE(request, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, ssl->heap, DYNAMIC_TYPE_DCERT); } else { while (ret == 0 && @@ -31905,9 +31842,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, ssl->heap, DYNAMIC_TYPE_DCERT); if (ret != 0) { if (name != NULL) wolfSSL_X509_NAME_free(name); @@ -33125,20 +33060,14 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, } #endif if (IsAtLeastTLSv1_2(ssl)) { - #ifdef WOLFSSL_SMALL_STACK - byte* encodedSig; - #else - byte encodedSig[MAX_ENCODED_SIG_SZ]; - #endif + WC_DECLARE_VAR(encodedSig, byte, + MAX_ENCODED_SIG_SZ, 0); word32 encSigSz; - #ifdef WOLFSSL_SMALL_STACK - encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, - ssl->heap, DYNAMIC_TYPE_SIGNATURE); - if (encodedSig == NULL) { - ERROR_OUT(MEMORY_E, exit_dske); - } - #endif + WC_ALLOC_VAR_EX(encodedSig, byte, + MAX_ENCODED_SIG_SZ, ssl->heap, + DYNAMIC_TYPE_SIGNATURE, + ERROR_OUT(MEMORY_E,exit_dske)); encSigSz = wc_EncodeSignature(encodedSig, ssl->buffers.digest.buffer, @@ -33149,9 +33078,8 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, min(encSigSz, MAX_ENCODED_SIG_SZ)) != 0) { ret = VERIFY_SIGN_ERROR; } - #ifdef WOLFSSL_SMALL_STACK - XFREE(encodedSig, ssl->heap, DYNAMIC_TYPE_SIGNATURE); - #endif + WC_FREE_VAR_EX(encodedSig, ssl->heap, + DYNAMIC_TYPE_SIGNATURE); if (ret != 0) { goto exit_dske; } @@ -38984,10 +38912,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ret = VERIFY_CERT_ERROR; } - #ifdef WOLFSSL_SMALL_STACK - XFREE(encodedSig, ssl->heap, - DYNAMIC_TYPE_SIGNATURE); - #endif + WC_FREE_VAR_EX(encodedSig, ssl->heap, + DYNAMIC_TYPE_SIGNATURE); } } else { @@ -40268,10 +40194,8 @@ static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz, } wc_HmacFree(hmac); -#ifdef WOLFSSL_SMALL_STACK - XFREE(hmac, heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(aes, heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(hmac, heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(aes, heap, DYNAMIC_TYPE_TMP_BUFFER); *outLen = inLen; @@ -40343,19 +40267,12 @@ static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz, void* heap, int enc) { int ret; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); (void)heap; -#ifdef WOLFSSL_SMALL_STACK - aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_TMP_BUFFER); - if (aes == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(aes, Aes, 1, heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if (enc) { ret = wc_AesInit(aes, NULL, INVALID_DEVID); @@ -40380,9 +40297,7 @@ static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz, wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(aes, heap, DYNAMIC_TYPE_TMP_BUFFER); *outLen = inLen; @@ -40412,19 +40327,12 @@ static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz, void* heap, int enc) { int ret; -#ifdef WOLFSSL_SMALL_STACK - wc_Sm4* sm4; -#else - wc_Sm4 sm4[1]; -#endif + WC_DECLARE_VAR(sm4, wc_Sm4, 1, 0); (void)heap; -#ifdef WOLFSSL_SMALL_STACK - sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap, DYNAMIC_TYPE_TMP_BUFFER); - if (sm4 == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(sm4, wc_Sm4, 1, heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if (enc) { ret = wc_Sm4Init(sm4, NULL, INVALID_DEVID); @@ -40449,9 +40357,7 @@ static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz, wc_Sm4Free(sm4); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(sm4, heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(sm4, heap, DYNAMIC_TYPE_TMP_BUFFER); *outLen = inLen; diff --git a/src/keys.c b/src/keys.c index a3da542fa93..714d9dd85d1 100644 --- a/src/keys.c +++ b/src/keys.c @@ -3934,14 +3934,12 @@ int DeriveKeys(WOLFSSL* ssl) ret = StoreKeys(ssl, keyData, PROVISION_CLIENT_SERVER); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyData, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -4084,13 +4082,11 @@ static int MakeSslMasterSecret(WOLFSSL* ssl) ret = DeriveKeys(ssl); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(shaOutput, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(md5Input, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(shaInput, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (ret == 0) ret = CleanPreMaster(ssl); diff --git a/src/ocsp.c b/src/ocsp.c index ed255aa9148..2348af7df13 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -197,11 +197,7 @@ int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, WOLFSSL* ssl) { int ret = WC_NO_ERR_TRACE(OCSP_LOOKUP_FAIL); -#ifdef WOLFSSL_SMALL_STACK - OcspRequest* ocspRequest; -#else - OcspRequest ocspRequest[1]; -#endif + WC_DECLARE_VAR(ocspRequest, OcspRequest, 1, 0); WOLFSSL_ENTER("CheckCertOCSP"); @@ -223,9 +219,7 @@ int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, WOLFSSL* ssl) FreeOcspRequest(ocspRequest); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(ocspRequest, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(ocspRequest, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_LEAVE("CheckCertOCSP", ret); return ret; @@ -475,11 +469,9 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz, } FreeOcspResponse(ocspResponse); -#ifdef WOLFSSL_SMALL_STACK - XFREE(newStatus, NULL, DYNAMIC_TYPE_OCSP_STATUS); - XFREE(newSingle, NULL, DYNAMIC_TYPE_OCSP_ENTRY); - XFREE(ocspResponse, NULL, DYNAMIC_TYPE_OCSP_REQUEST); -#endif + WC_FREE_VAR_EX(newStatus, NULL, DYNAMIC_TYPE_OCSP_STATUS); + WC_FREE_VAR_EX(newSingle, NULL, DYNAMIC_TYPE_OCSP_ENTRY); + WC_FREE_VAR_EX(ocspResponse, NULL, DYNAMIC_TYPE_OCSP_REQUEST); return ret; } @@ -780,11 +772,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id( int ret = -1; DerBuffer* derCert = NULL; int dgstType; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); if (dgst == NULL) { dgstType = WC_HASH_TYPE_SHA; @@ -803,11 +791,8 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id( || issuer == NULL || issuer->derCert == NULL) goto out; -#ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert *)XMALLOC(sizeof(*cert), cm->heap, DYNAMIC_TYPE_DCERT); - if (cert == NULL) - goto out; -#endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, cm->heap, DYNAMIC_TYPE_DCERT, + goto out); ret = AllocDer(&derCert, issuer->derCert->length, issuer->derCert->type, NULL); @@ -1027,21 +1012,14 @@ static int OcspFindSigner(WOLFSSL_OCSP_BASICRESP *resp, static int OcspVerifySigner(WOLFSSL_OCSP_BASICRESP *resp, DecodedCert *cert, WOLFSSL_X509_STORE *st, unsigned long flags) { -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *c = NULL; -#else - DecodedCert c[1]; -#endif + WC_DECLARE_VAR(c, DecodedCert, 1, 0); int ret = -1; if (st == NULL) return ASN_OCSP_CONFIRM_E; -#ifdef WOLFSSL_SMALL_STACK - c = (DecodedCert *)XMALLOC(sizeof(*c), NULL, DYNAMIC_TYPE_DCERT); - if (c == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(c, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + return MEMORY_E); InitDecodedCert(c, cert->source, cert->maxIdx, NULL); if (ParseCertRelative(c, CERT_TYPE, VERIFY, st->cm, NULL) != 0) { @@ -1063,9 +1041,7 @@ static int OcspVerifySigner(WOLFSSL_OCSP_BASICRESP *resp, DecodedCert *cert, err: FreeDecodedCert(c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(c, NULL, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(c, NULL, DYNAMIC_TYPE_DCERT); return ret; } /* Signature verified in DecodeBasicOcspResponse. diff --git a/src/pk.c b/src/pk.c index 8bc1c75c058..847a76c1722 100644 --- a/src/pk.c +++ b/src/pk.c @@ -85,11 +85,7 @@ static int pem_mem_to_der(const char* pem, int pemSz, wc_pem_password_cb* cb, void* pass, int keyType, int* keyFormat, DerBuffer** der) { -#ifdef WOLFSSL_SMALL_STACK - EncryptedInfo* info = NULL; -#else - EncryptedInfo info[1]; -#endif /* WOLFSSL_SMALL_STACK */ + WC_DECLARE_VAR(info, EncryptedInfo, 1, 0); wc_pem_password_cb* localCb = NULL; int ret = 0; @@ -125,9 +121,7 @@ static int pem_mem_to_der(const char* pem, int pemSz, wc_pem_password_cb* cb, ret = (int)info->consumed; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); -#endif + WC_FREE_VAR_EX(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); return ret; } @@ -372,11 +366,7 @@ int EncryptDerKey(byte *der, int *derSz, const WOLFSSL_EVP_CIPHER* cipher, int paddingSz = 0; word32 idx; word32 cipherInfoSz = 0; -#ifdef WOLFSSL_SMALL_STACK - EncryptedInfo* info = NULL; -#else - EncryptedInfo info[1]; -#endif + WC_DECLARE_VAR(info, EncryptedInfo, 1, 0); WOLFSSL_ENTER("EncryptDerKey"); @@ -471,10 +461,7 @@ int EncryptDerKey(byte *der, int *derSz, const WOLFSSL_EVP_CIPHER* cipher, } } -#ifdef WOLFSSL_SMALL_STACK - /* Free dynamically allocated info. */ - XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); -#endif + WC_FREE_VAR_EX(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); return ret == 0; } #endif /* WOLFSSL_KEY_GEN || WOLFSSL_PEM_TO_DER */ @@ -3390,10 +3377,7 @@ static int wolfssl_rsa_generate_key_native(WOLFSSL_RSA* rsa, int bits, if (initTmpRng) { wc_FreeRng(tmpRng); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of any allocated RNG. */ - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); return ret; #else @@ -3705,10 +3689,7 @@ int wolfSSL_RSA_padding_add_PKCS1_PSS_mgf1(WOLFSSL_RSA *rsa, unsigned char *em, if (initTmpRng) { wc_FreeRng(tmpRng); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of any allocated RNG. */ - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); return ret; } @@ -4155,11 +4136,8 @@ int wolfSSL_RSA_sign_mgf(int hashAlg, const unsigned char* hash, if (initTmpRng) { wc_FreeRng(tmpRng); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of any allocated RNG and encoded signature. */ - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); - XFREE(encodedSig, NULL, DYNAMIC_TYPE_SIGNATURE); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); + WC_FREE_VAR_EX(encodedSig, NULL, DYNAMIC_TYPE_SIGNATURE); WOLFSSL_LEAVE("wolfSSL_RSA_sign_mgf", ret); return ret; @@ -4334,9 +4312,7 @@ int wolfSSL_RSA_verify_mgf(int hashAlg, const unsigned char* hash, } /* Dispose of any allocated data. */ -#ifdef WOLFSSL_SMALL_STACK - XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(sigDec, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_LEAVE("wolfSSL_RSA_verify_mgf", ret); @@ -4455,10 +4431,7 @@ int wolfSSL_RSA_public_encrypt(int len, const unsigned char* from, if (initTmpRng) { wc_FreeRng(tmpRng); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of any allocated RNG. */ - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); /* wolfCrypt error means return -1. */ if (ret <= 0) { @@ -4732,10 +4705,7 @@ int wolfSSL_RSA_private_encrypt(int len, const unsigned char* from, if (initTmpRng) { wc_FreeRng(tmpRng); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of any allocated RNG. */ - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); /* wolfCrypt error means return -1. */ if (ret <= 0) { @@ -4762,11 +4732,7 @@ int wolfSSL_RSA_GenAdd(WOLFSSL_RSA* rsa) int ret = 1; int err; mp_int* t = NULL; -#ifdef WOLFSSL_SMALL_STACK - mp_int *tmp = NULL; -#else - mp_int tmp[1]; -#endif + WC_DECLARE_VAR(tmp, mp_int, 1, 0); WOLFSSL_ENTER("wolfSSL_RsaGenAdd"); @@ -5131,17 +5097,10 @@ int wolfSSL_DSA_generate_key(WOLFSSL_DSA* dsa) { int initTmpRng = 0; WC_RNG *rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG *tmpRng; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - tmpRng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); - if (tmpRng == NULL) - return WOLFSSL_FATAL_ERROR; -#endif + WC_ALLOC_VAR_EX(tmpRng, WC_RNG, 1, NULL, DYNAMIC_TYPE_RNG, + return WOLFSSL_FATAL_ERROR); if (wc_InitRng(tmpRng) == 0) { rng = tmpRng; initTmpRng = 1; @@ -5169,9 +5128,7 @@ int wolfSSL_DSA_generate_key(WOLFSSL_DSA* dsa) if (initTmpRng) wc_FreeRng(tmpRng); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); } #else /* WOLFSSL_KEY_GEN */ WOLFSSL_MSG("No Key Gen built in"); @@ -5235,17 +5192,10 @@ int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA* dsa, int bits, { int initTmpRng = 0; WC_RNG *rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG *tmpRng; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - tmpRng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); - if (tmpRng == NULL) - return WOLFSSL_FATAL_ERROR; -#endif + WC_ALLOC_VAR_EX(tmpRng, WC_RNG, 1, NULL, DYNAMIC_TYPE_RNG, + return WOLFSSL_FATAL_ERROR); if (wc_InitRng(tmpRng) == 0) { rng = tmpRng; initTmpRng = 1; @@ -5268,9 +5218,7 @@ int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA* dsa, int bits, if (initTmpRng) wc_FreeRng(tmpRng); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); } #else /* WOLFSSL_KEY_GEN */ WOLFSSL_MSG("No Key Gen built in"); @@ -5562,11 +5510,7 @@ static int dsa_do_sign(const unsigned char* d, int dLen, unsigned char* sigRet, int ret = WC_NO_ERR_TRACE(WOLFSSL_FATAL_ERROR); int initTmpRng = 0; WC_RNG* rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); if (d == NULL || sigRet == NULL || dsa == NULL) { WOLFSSL_MSG("Bad function arguments"); @@ -5581,11 +5525,8 @@ static int dsa_do_sign(const unsigned char* d, int dLen, unsigned char* sigRet, } } -#ifdef WOLFSSL_SMALL_STACK - tmpRng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); - if (tmpRng == NULL) - return WOLFSSL_FATAL_ERROR; -#endif + WC_ALLOC_VAR_EX(tmpRng, WC_RNG, 1, NULL, DYNAMIC_TYPE_RNG, + return WOLFSSL_FATAL_ERROR); if (wc_InitRng(tmpRng) == 0) { rng = tmpRng; @@ -5621,9 +5562,7 @@ static int dsa_do_sign(const unsigned char* d, int dLen, unsigned char* sigRet, if (initTmpRng) wc_FreeRng(tmpRng); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpRng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRng, NULL, DYNAMIC_TYPE_RNG); return ret; } @@ -8469,11 +8408,7 @@ int wolfSSL_DH_set0_key(WOLFSSL_DH *dh, WOLFSSL_BIGNUM *pub_key, static int wolfssl_dh_check_prime(WOLFSSL_BIGNUM* n, int* isPrime) { int ret = 1; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); WC_RNG* rng; int localRng; @@ -8491,9 +8426,7 @@ static int wolfssl_dh_check_prime(WOLFSSL_BIGNUM* n, int* isPrime) /* Free local random number generator if created. */ if (localRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } @@ -8621,11 +8554,7 @@ int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH* dh, int prime_len, { int ret = 1; DhKey* key = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); WC_RNG* rng = NULL; int localRng = 0; @@ -8671,9 +8600,7 @@ int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH* dh, int prime_len, /* Free local random number generator if created. */ if (localRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_TMP_BUFFER); } if (ret == 1) { @@ -8714,11 +8641,7 @@ int wolfSSL_DH_generate_key(WOLFSSL_DH* dh) word32 privSz = 0; int localRng = 0; WC_RNG* rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); unsigned char* pub = NULL; unsigned char* priv = NULL; @@ -8815,9 +8738,7 @@ int wolfSSL_DH_generate_key(WOLFSSL_DH* dh) if (localRng) { /* Free an initialized local random number generator. */ wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } /* Dispose of allocated data. */ XFREE(pub, NULL, DYNAMIC_TYPE_PUBLIC_KEY); @@ -8966,10 +8887,8 @@ static int _DH_compute_key(unsigned char* key, const WOLFSSL_BIGNUM* otherPub, ForceZero(priv, (word32)privSz); } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(pub, NULL, DYNAMIC_TYPE_PUBLIC_KEY); - XFREE(priv, NULL, DYNAMIC_TYPE_PRIVATE_KEY); -#endif + WC_FREE_VAR_EX(pub, NULL, DYNAMIC_TYPE_PUBLIC_KEY); + WC_FREE_VAR_EX(priv, NULL, DYNAMIC_TYPE_PRIVATE_KEY); WOLFSSL_LEAVE("wolfSSL_DH_compute_key", ret); @@ -9781,11 +9700,7 @@ int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group) int wolfSSL_EC_GROUP_order_bits(const WOLFSSL_EC_GROUP *group) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - mp_int *order = NULL; -#else - mp_int order[1]; -#endif + WC_DECLARE_VAR(order, mp_int, 1, 0); /* Validate parameter. */ if ((group == NULL) || (group->curve_idx < 0)) { @@ -9821,10 +9736,7 @@ int wolfSSL_EC_GROUP_order_bits(const WOLFSSL_EC_GROUP *group) mp_clear(order); } -#ifdef WOLFSSL_SMALL_STACK - /* Deallocate order. */ - XFREE(order, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(order, NULL, DYNAMIC_TYPE_TMP_BUFFER); /* Convert error code to length of 0. */ if (ret < 0) { @@ -10792,19 +10704,10 @@ int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group, { int err = 0; mp_digit mp = 0; -#ifdef WOLFSSL_SMALL_STACK - mp_int* modulus; -#else - mp_int modulus[1]; -#endif + WC_DECLARE_VAR(modulus, mp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate memory for curve's prime modulus. */ - modulus = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (modulus == NULL) { - err = 1; - } -#endif + WC_ALLOC_VAR_EX(modulus, mp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, err=1); /* Initialize the MP integer. */ if ((!err) && (mp_init(modulus) != MP_OKAY)) { WOLFSSL_MSG("mp_init failed"); @@ -10841,9 +10744,7 @@ int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group, mp_clear(modulus); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(modulus, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(modulus, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -11145,11 +11046,9 @@ static int wolfssl_ec_point_add(int curveIdx, ecc_point* r, ecc_point* p1, mp_clear(mu); wc_ecc_del_point_h(montP1, NULL); wc_ecc_del_point_h(montP2, NULL); -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(mu, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(prime, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(mu, NULL, DYNAMIC_TYPE_BIGINT); return ret; } @@ -11405,10 +11304,8 @@ static int wolfssl_ec_point_mul(int curveIdx, ecc_point* r, mp_int* n, mp_clear(a); mp_clear(prime); -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(prime, NULL, DYNAMIC_TYPE_BIGINT); return ret; } @@ -11512,19 +11409,10 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r, static int wolfssl_ec_point_invert(int curveIdx, ecc_point* point) { int ret = 1; -#ifdef WOLFSSL_SMALL_STACK - mp_int* prime = NULL; -#else - mp_int prime[1]; -#endif + WC_DECLARE_VAR(prime, mp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate memory for an MP int to hold the prime of the curve. */ - prime = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (prime == NULL) { - ret = 0; - } -#endif + WC_ALLOC_VAR_EX(prime, mp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, ret=0); /* Initialize MP int. */ if ((ret == 1) && (mp_init(prime) != MP_OKAY)) { @@ -11548,10 +11436,7 @@ static int wolfssl_ec_point_invert(int curveIdx, ecc_point* point) /* Dispose of memory associated with MP. */ mp_free(prime); -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of dynamically allocated temporaries. */ - XFREE(prime, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(prime, NULL, DYNAMIC_TYPE_BIGINT); return ret; } @@ -13697,11 +13582,7 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key) int res = 1; int initTmpRng = 0; WC_RNG* rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); WOLFSSL_ENTER("wolfSSL_EC_KEY_generate_key"); @@ -13769,9 +13650,7 @@ int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key) /* Dispose of local random number generator if initialized. */ if (initTmpRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } /* Set the external key from new internal key values. */ @@ -14174,11 +14053,7 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst, int dLen, { int err = 0; WOLFSSL_ECDSA_SIG *sig = NULL; -#ifdef WOLFSSL_SMALL_STACK - byte* out = NULL; -#else - byte out[ECC_BUFSIZE]; -#endif + WC_DECLARE_VAR(out, byte, ECC_BUFSIZE, 0); unsigned int outLen = ECC_BUFSIZE; WOLFSSL_ENTER("wolfSSL_ECDSA_do_sign"); @@ -14220,10 +14095,7 @@ WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst, int dLen, sig = wolfSSL_d2i_ECDSA_SIG(NULL, &p, outLen); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of any temporary dynamically allocated data. */ - XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(out, NULL, DYNAMIC_TYPE_TMP_BUFFER); return sig; } @@ -14321,11 +14193,7 @@ int wolfSSL_ECDSA_sign(int type, const unsigned char *digest, int digestSz, { int ret = 1; WC_RNG* rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); int initTmpRng = 0; WOLFSSL_ENTER("wolfSSL_ECDSA_sign"); @@ -14355,9 +14223,7 @@ int wolfSSL_ECDSA_sign(int type, const unsigned char *digest, int digestSz, if (initTmpRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } return ret; @@ -14611,11 +14477,7 @@ int wolfSSL_EC25519_generate_key(unsigned char *priv, unsigned int *privSz, int res = 1; int initTmpRng = 0; WC_RNG *rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG *tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); curve25519_key key; WOLFSSL_ENTER("wolfSSL_EC25519_generate_key"); @@ -14664,9 +14526,7 @@ int wolfSSL_EC25519_generate_key(unsigned char *priv, unsigned int *privSz, if (initTmpRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } return res; @@ -14812,11 +14672,7 @@ int wolfSSL_ED25519_generate_key(unsigned char *priv, unsigned int *privSz, int res = 1; int initTmpRng = 0; WC_RNG *rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG *tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); ed25519_key key; WOLFSSL_ENTER("wolfSSL_ED25519_generate_key"); @@ -14864,9 +14720,7 @@ int wolfSSL_ED25519_generate_key(unsigned char *priv, unsigned int *privSz, if (initTmpRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } return res; @@ -15084,11 +14938,7 @@ int wolfSSL_EC448_generate_key(unsigned char *priv, unsigned int *privSz, int res = 1; int initTmpRng = 0; WC_RNG *rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG *tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); curve448_key key; WOLFSSL_ENTER("wolfSSL_EC448_generate_key"); @@ -15137,9 +14987,7 @@ int wolfSSL_EC448_generate_key(unsigned char *priv, unsigned int *privSz, if (initTmpRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } return res; @@ -15278,11 +15126,7 @@ int wolfSSL_ED448_generate_key(unsigned char *priv, unsigned int *privSz, int res = 1; int initTmpRng = 0; WC_RNG *rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG *tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); ed448_key key; WOLFSSL_ENTER("wolfSSL_ED448_generate_key"); @@ -15330,9 +15174,7 @@ int wolfSSL_ED448_generate_key(unsigned char *priv, unsigned int *privSz, if (initTmpRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } return res; diff --git a/src/quic.c b/src/quic.c index 7c30cfc96c9..aac0e66db9c 100644 --- a/src/quic.c +++ b/src/quic.c @@ -1119,9 +1119,7 @@ size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher) } (void)wolfSSL_EVP_CIPHER_CTX_cleanup(ctx); -#ifdef WOLFSSL_SMALL_STACK - XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/src/ssl.c b/src/ssl.c index 8794eb7174e..e60f1469b37 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -381,16 +381,11 @@ int wolfSSL_CTX_GenerateEchConfig(WOLFSSL_CTX* ctx, const char* publicName, if (ctx == NULL || publicName == NULL) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), ctx->heap, DYNAMIC_TYPE_RNG); - if (rng == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(rng, WC_RNG, 1, ctx->heap, DYNAMIC_TYPE_RNG, + return MEMORY_E); ret = wc_InitRng(rng); if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, ctx->heap, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, ctx->heap, DYNAMIC_TYPE_RNG); return ret; } @@ -494,10 +489,8 @@ int wolfSSL_CTX_GenerateEchConfig(WOLFSSL_CTX* ctx, const char* publicName, if (ret == 0) ret = WOLFSSL_SUCCESS; -#ifdef WOLFSSL_SMALL_STACK - XFREE(hpke, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(rng, ctx->heap, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(hpke, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(rng, ctx->heap, DYNAMIC_TYPE_RNG); return ret; } @@ -5888,11 +5881,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) Signer* signer = NULL; word32 row; byte* subjectHash; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); DerBuffer* der = *pDer; WOLFSSL_MSG_CERT_LOG("Adding a CA"); @@ -5902,14 +5891,8 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) { - FreeDer(pDer); - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + {FreeDer(pDer);return MEMORY_E;}); InitDecodedCert(cert, der->buffer, der->length, cm->heap); @@ -6148,9 +6131,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) FreeDecodedCert(cert); if (ret != 0 && signer != NULL) FreeSigner(signer, cm->heap); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); WOLFSSL_MSG("\tFreeing der CA"); FreeDer(pDer); WOLFSSL_MSG("\t\tOK Freeing der CA"); @@ -7297,11 +7278,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey, void* heap, int devId, int isKeyLabel, int isKeyId, int altDevId, int isAltKeyLabel, int isAltKeyId) { -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* der = NULL; -#else - DecodedCert der[1]; -#endif + WC_DECLARE_VAR(der, DecodedCert, 1, 0); word32 size; byte* buff; int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE); @@ -7312,20 +7289,15 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey, return WOLFSSL_FAILURE; } -#ifdef WOLFSSL_SMALL_STACK - der = (DecodedCert*)XMALLOC(sizeof(DecodedCert), heap, DYNAMIC_TYPE_DCERT); - if (der == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(der, DecodedCert, 1, heap, DYNAMIC_TYPE_DCERT, + return MEMORY_E); size = cert->length; buff = cert->buffer; InitDecodedCert_ex(der, buff, size, heap, devId); if (ParseCertRelative(der, CERT_TYPE, NO_VERIFY, NULL, NULL) != 0) { FreeDecodedCert(der); - #ifdef WOLFSSL_SMALL_STACK - XFREE(der, heap, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(der, heap, DYNAMIC_TYPE_DCERT); return WOLFSSL_FAILURE; } @@ -7418,9 +7390,7 @@ static int check_cert_key(DerBuffer* cert, DerBuffer* key, DerBuffer* altKey, } #endif /* WOLFSSL_DUAL_ALG_CERTS */ FreeDecodedCert(der); -#ifdef WOLFSSL_SMALL_STACK - XFREE(der, heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(der, heap, DYNAMIC_TYPE_DCERT); (void)devId; (void)isKeyLabel; @@ -7581,9 +7551,7 @@ static int d2iTryRsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, XMEMSET(rsa, 0, sizeof(RsaKey)); if (wc_InitRsaKey(rsa, NULL) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(rsa, NULL, DYNAMIC_TYPE_RSA); - #endif + WC_FREE_VAR_EX(rsa, NULL, DYNAMIC_TYPE_RSA); return 0; } /* test if RSA key */ @@ -7596,9 +7564,7 @@ static int d2iTryRsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, (wc_RsaPublicKeyDecode(mem, &keyIdx, rsa, (word32)memSz) == 0); } wc_FreeRsaKey(rsa); -#ifdef WOLFSSL_SMALL_STACK - XFREE(rsa, NULL, DYNAMIC_TYPE_RSA); -#endif + WC_FREE_VAR_EX(rsa, NULL, DYNAMIC_TYPE_RSA); if (!isRsaKey) { return WOLFSSL_FATAL_ERROR; @@ -7665,9 +7631,7 @@ static int d2iTryEccKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, XMEMSET(ecc, 0, sizeof(ecc_key)); if (wc_ecc_init(ecc) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(ecc, NULL, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(ecc, NULL, DYNAMIC_TYPE_ECC); return 0; } @@ -7680,9 +7644,7 @@ static int d2iTryEccKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, (wc_EccPublicKeyDecode(mem, &keyIdx, ecc, (word32)memSz) == 0); } wc_ecc_free(ecc); -#ifdef WOLFSSL_SMALL_STACK - XFREE(ecc, NULL, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(ecc, NULL, DYNAMIC_TYPE_ECC); if (!isEccKey) { return WOLFSSL_FATAL_ERROR; @@ -7752,9 +7714,7 @@ static int d2iTryDsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, XMEMSET(dsa, 0, sizeof(DsaKey)); if (wc_InitDsaKey(dsa) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(dsa, NULL, DYNAMIC_TYPE_DSA); - #endif + WC_FREE_VAR_EX(dsa, NULL, DYNAMIC_TYPE_DSA); return 0; } @@ -7767,9 +7727,7 @@ static int d2iTryDsaKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, (wc_DsaPublicKeyDecode(mem, &keyIdx, dsa, (word32)memSz) == 0); } wc_FreeDsaKey(dsa); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dsa, NULL, DYNAMIC_TYPE_DSA); -#endif + WC_FREE_VAR_EX(dsa, NULL, DYNAMIC_TYPE_DSA); /* test if DSA key */ if (!isDsaKey) { @@ -7843,17 +7801,13 @@ static int d2iTryDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, XMEMSET(dh, 0, sizeof(DhKey)); if (wc_InitDhKey(dh) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(dh, NULL, DYNAMIC_TYPE_DH); - #endif + WC_FREE_VAR_EX(dh, NULL, DYNAMIC_TYPE_DH); return 0; } isDhKey = (wc_DhKeyDecode(mem, &keyIdx, dh, (word32)memSz) == 0); wc_FreeDhKey(dh); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dh, NULL, DYNAMIC_TYPE_DH); -#endif + WC_FREE_VAR_EX(dh, NULL, DYNAMIC_TYPE_DH); /* test if DH key */ if (!isDhKey) { @@ -7928,17 +7882,13 @@ static int d2iTryAltDhKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, /* test if DH-public key */ if (wc_InitDhKey(dh) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(dh, NULL, DYNAMIC_TYPE_DH); -#endif + WC_FREE_VAR_EX(dh, NULL, DYNAMIC_TYPE_DH); return 0; } ret = wc_DhKeyDecode(mem, &keyIdx, dh, (word32)memSz); wc_FreeDhKey(dh); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dh, NULL, DYNAMIC_TYPE_DH); -#endif + WC_FREE_VAR_EX(dh, NULL, DYNAMIC_TYPE_DH); if (ret != 0) { return WOLFSSL_FATAL_ERROR; @@ -8019,9 +7969,7 @@ static int d2iTryFalconKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, #endif if (wc_falcon_init(falcon) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(falcon, NULL, DYNAMIC_TYPE_FALCON); - #endif + WC_FREE_VAR_EX(falcon, NULL, DYNAMIC_TYPE_FALCON); return 0; } @@ -8051,9 +7999,7 @@ static int d2iTryFalconKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, } } wc_falcon_free(falcon); -#ifdef WOLFSSL_SMALL_STACK - XFREE(falcon, NULL, DYNAMIC_TYPE_FALCON); -#endif + WC_FREE_VAR_EX(falcon, NULL, DYNAMIC_TYPE_FALCON); if (!isFalcon) { return WOLFSSL_FATAL_ERROR; @@ -8098,9 +8044,7 @@ static int d2iTryDilithiumKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, #endif if (wc_dilithium_init(dilithium) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(dilithium, NULL, DYNAMIC_TYPE_DILITHIUM); - #endif + WC_FREE_VAR_EX(dilithium, NULL, DYNAMIC_TYPE_DILITHIUM); return 0; } @@ -8136,9 +8080,7 @@ static int d2iTryDilithiumKey(WOLFSSL_EVP_PKEY** out, const unsigned char* mem, } } wc_dilithium_free(dilithium); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dilithium, NULL, DYNAMIC_TYPE_DILITHIUM); -#endif + WC_FREE_VAR_EX(dilithium, NULL, DYNAMIC_TYPE_DILITHIUM); if (!isDilithium) { return WOLFSSL_FATAL_ERROR; @@ -9546,11 +9488,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl, int ret = 0; int listattribute = 0; int tls13Only = 0; -#ifndef WOLFSSL_SMALL_STACK - byte suitesCpy[WOLFSSL_MAX_SUITE_SZ]; -#else - byte* suitesCpy = NULL; -#endif + WC_DECLARE_VAR(suitesCpy, byte, WOLFSSL_MAX_SUITE_SZ, 0); word16 suitesCpySz = 0; word16 i = 0; word16 j = 0; @@ -9608,9 +9546,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl, ret = SetCipherList_ex(ctx, ssl, suites, list); if (ret != 1) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(suitesCpy, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(suitesCpy, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; } @@ -9656,9 +9592,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, WOLFSSL* ssl, } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(suitesCpy, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(suitesCpy, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -12970,11 +12904,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) if (ssl->options.side == WOLFSSL_CLIENT_END) { #ifdef HAVE_ECC - #ifdef WOLFSSL_SMALL_STACK - ecc_key* key = NULL; - #else - ecc_key key[1]; - #endif + WC_DECLARE_VAR(key, ecc_key, 1, 0); word32 idx = 0; #ifdef WOLFSSL_SMALL_STACK @@ -12995,9 +12925,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) wc_ecc_free(key); } } - #ifdef WOLFSSL_SMALL_STACK - XFREE(key, ssl->heap, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(key, ssl->heap, DYNAMIC_TYPE_ECC); #endif #ifndef NO_DH @@ -14658,20 +14586,12 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, static int DecodeToX509(WOLFSSL_X509* x509, const byte* in, int len) { int ret; - #ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert; - #else - DecodedCert cert[1]; - #endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); if (x509 == NULL || in == NULL || len <= 0) return BAD_FUNC_ARG; - #ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + return MEMORY_E); /* Create a DecodedCert object and copy fields into WOLFSSL_X509 object. */ @@ -14683,9 +14603,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, ret = CopyDecodedToX509(x509, cert); } FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return ret; } @@ -19556,11 +19474,7 @@ WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN* chain, int idx) { int ret = 0; WOLFSSL_X509* x509 = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_get_chain_X509"); if (chain != NULL && idx < MAX_CHAIN_DEPTH) { @@ -19594,9 +19508,7 @@ WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN* chain, int idx) } FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); } } (void)ret; @@ -22792,11 +22704,7 @@ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl, int encTicketLen, int* encLen, void* ctx) { byte digest[WC_MAX_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - WOLFSSL_EVP_CIPHER_CTX *evpCtx; -#else - WOLFSSL_EVP_CIPHER_CTX evpCtx[1]; -#endif + WC_DECLARE_VAR(evpCtx, WOLFSSL_EVP_CIPHER_CTX, 1, 0); WOLFSSL_HMAC_CTX hmacCtx; unsigned int mdSz = 0; int len = 0; @@ -22826,9 +22734,7 @@ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl, wolfSSL_EVP_CIPHER_CTX_init(evpCtx); if (wolfSSL_HMAC_CTX_Init(&hmacCtx) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init error"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(evpCtx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(evpCtx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_TICKET_RET_FATAL; } res = ssl->ctx->ticketEncWrapCb(ssl, keyName, @@ -22902,9 +22808,7 @@ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl, (void)wc_HmacFree(&hmacCtx.hmac); (void)wolfSSL_EVP_CIPHER_CTX_cleanup(evpCtx); -#ifdef WOLFSSL_SMALL_STACK - XFREE(evpCtx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(evpCtx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -23571,14 +23475,8 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names, #endif const WOLF_EC_NIST_NAME* nist_name; -#ifdef WOLFSSL_SMALL_STACK - groups = (int*)XMALLOC(sizeof(int)*WOLFSSL_MAX_GROUP_COUNT, - heap, DYNAMIC_TYPE_TMP_BUFFER); - if (groups == NULL) { - ret = MEMORY_E; - goto leave; - } -#endif + WC_ALLOC_VAR_EX(groups, int, WOLFSSL_MAX_GROUP_COUNT, heap, + DYNAMIC_TYPE_TMP_BUFFER, {ret=MEMORY_E;goto leave;}); for (idx = 1; names[idx-1] != '\0'; idx++) { if (names[idx] != ':' && names[idx] != '\0') @@ -25978,9 +25876,7 @@ int wolfSSL_RAND_write_file(const char* fname) if (initGlobalRNG == 0 && wolfSSL_RAND_Init() != WOLFSSL_SUCCESS) { WOLFSSL_MSG("No RNG to use"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -26055,18 +25951,14 @@ int wolfSSL_RAND_egd(const char* nm) XMEMSET(&rem, 0, sizeof(struct sockaddr_un)); if (nm == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } fd = socket(AF_UNIX, SOCK_STREAM, 0); if (fd < 0) { WOLFSSL_MSG("Error creating socket"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FATAL_ERROR; } rem.sun_family = AF_UNIX; @@ -26268,11 +26160,7 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num) { int ret = 0; WC_RNG* rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRNG = NULL; -#else - WC_RNG tmpRNG[1]; -#endif + WC_DECLARE_VAR(tmpRNG, WC_RNG, 1, 0); int initTmpRng = 0; #ifdef HAVE_GLOBAL_RNG int used_global = 0; @@ -26337,11 +26225,8 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num) if (used_global == 0) #endif { - #ifdef WOLFSSL_SMALL_STACK - tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); - if (tmpRNG == NULL) - return ret; - #endif + WC_ALLOC_VAR_EX(tmpRNG, WC_RNG, 1, NULL, DYNAMIC_TYPE_RNG, + return ret); if (wc_InitRng(tmpRNG) == 0) { rng = tmpRNG; initTmpRng = 1; @@ -26376,9 +26261,7 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num) #endif if (initTmpRng) wc_FreeRng(tmpRNG); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(tmpRNG, NULL, DYNAMIC_TYPE_RNG); return ret; } diff --git a/src/ssl_bn.c b/src/ssl_bn.c index 139684bd8c7..6625ba81d84 100644 --- a/src/ssl_bn.c +++ b/src/ssl_bn.c @@ -903,11 +903,7 @@ int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM* bn, int n) int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM* bn, int n) { int ret = 1; -#ifndef WOLFSSL_SMALL_STACK - mp_int tmp[1]; -#else - mp_int* tmp = NULL; -#endif + WC_DECLARE_VAR(tmp, mp_int, 1, 0); /* Validate parameters. */ if (BN_IS_NULL(bn) || (n < 0)) { @@ -916,13 +912,8 @@ int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM* bn, int n) } /* Check if bit is set to clear. */ if ((ret == 1) && (mp_is_bit_set((mp_int*)bn->internal, n))) { - #ifdef WOLFSSL_SMALL_STACK /* Allocate a new MP integer to hold bit to clear. */ - tmp = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (tmp == NULL) { - ret = 0; - } - #endif + WC_ALLOC_VAR_EX(tmp, mp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, ret=0); if (ret == 1) { /* Reset new MP integer. */ XMEMSET(tmp, 0, sizeof(mp_int)); @@ -942,10 +933,7 @@ int wolfSSL_BN_clear_bit(WOLFSSL_BIGNUM* bn, int n) /* Free any dynamic memory in MP integer. */ mp_clear(tmp); - #ifdef WOLFSSL_SMALL_STACK - /* Dispose of temporary MP integer. */ - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); } return ret; @@ -2255,11 +2243,7 @@ int wolfSSL_BN_generate_prime_ex(WOLFSSL_BIGNUM* prime, int bits, WOLFSSL_BN_GENCB* cb) { int ret = 1; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); WC_RNG* rng = NULL; int localRng = 0; @@ -2291,9 +2275,7 @@ int wolfSSL_BN_generate_prime_ex(WOLFSSL_BIGNUM* prime, int bits, if (localRng) { /* Dispose of local RNG that was created. */ wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } WOLFSSL_LEAVE("wolfSSL_BN_generate_prime_ex", ret); @@ -2318,11 +2300,7 @@ int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM *bn, int checks, { int ret = 1; WC_RNG* rng = NULL; -#ifdef WOLFSSL_SMALL_STACK - WC_RNG* tmpRng = NULL; -#else - WC_RNG tmpRng[1]; -#endif + WC_DECLARE_VAR(tmpRng, WC_RNG, 1, 0); int localRng = 0; int res = MP_NO; @@ -2350,9 +2328,7 @@ int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM *bn, int checks, if (localRng) { wc_FreeRng(rng); - #ifdef WOLFSSL_SMALL_STACK - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); - #endif + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } if ((ret != -1) && (res != MP_YES)) { diff --git a/src/ssl_certman.c b/src/ssl_certman.c index 8bd3a2f6895..34f66b9cdf9 100644 --- a/src/ssl_certman.c +++ b/src/ssl_certman.c @@ -738,26 +738,16 @@ int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff, int ret = 0; int fatal = 0; DerBuffer* der = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("CM_VerifyBuffer_ex"); (void)prev_err; -#ifdef WOLFSSL_SMALL_STACK /* Allocate memory for decoded certificate. */ - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) { - ret = MEMORY_E; - fatal = 1; - } - if (ret == 0) -#endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, cm->heap, DYNAMIC_TYPE_DCERT, + {ret=MEMORY_E;fatal=1;}); + if (WC_VAR_OK(cert)) { /* Reset fields of decoded certificate. */ XMEMSET(cert, 0, sizeof(DecodedCert)); @@ -806,11 +796,7 @@ int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff, #ifndef NO_WOLFSSL_CM_VERIFY /* Use callback to perform verification too if available. */ if ((!fatal) && cm->verifyCallback) { - #ifdef WOLFSSL_SMALL_STACK - ProcPeerCertArgs* args; - #else - ProcPeerCertArgs args[1]; - #endif + WC_DECLARE_VAR(args, ProcPeerCertArgs, 1, 0); buffer certBuf; #ifdef WOLFSSL_SMALL_STACK @@ -843,19 +829,14 @@ int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff, /* Use callback to verify certificate. */ ret = DoVerifyCallback(cm, NULL, ret, args); } - #ifdef WOLFSSL_SMALL_STACK - /* Dispose of allocated callback args. */ - XFREE(args, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(args, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); } #endif /* Dispose of allocated memory. */ FreeDecodedCert(cert); FreeDer(&der); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, cm->heap, DYNAMIC_TYPE_DCERT); /* Convert the ret value to a return value. */ return (ret == 0) ? WOLFSSL_SUCCESS : ret; @@ -1880,11 +1861,7 @@ int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, const unsigned char* der, int sz) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL"); @@ -1895,14 +1872,10 @@ int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, /* Check if CRL checking enabled. */ if ((ret == 0) && cm->crlEnabled) { - #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for decoded certificate. */ - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) - ret = MEMORY_E; - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + ret=MEMORY_E); + if (WC_VAR_OK(cert)) { /* Initialize decoded certificate with buffer. */ InitDecodedCert(cert, der, (word32)sz, NULL); @@ -1919,9 +1892,7 @@ int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, /* Dispose of dynamically allocated memory. */ FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); } } @@ -2406,11 +2377,7 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, const unsigned char* der, int sz) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSP"); @@ -2421,15 +2388,10 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, /* Check if OCSP checking enabled. */ if ((ret == 0) && cm->ocspEnabled) { - #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for decoded certificate. */ - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, cm->heap, DYNAMIC_TYPE_DCERT, + ret=MEMORY_E); + if (WC_VAR_OK(cert)) { /* Initialize decoded certificate with buffer. */ InitDecodedCert(cert, der, (word32)sz, NULL); @@ -2446,9 +2408,7 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, /* Dispose of dynamically allocated memory. */ FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, cm->heap, DYNAMIC_TYPE_DCERT); } } diff --git a/src/ssl_crypto.c b/src/ssl_crypto.c index 7f8395be147..167f71cc886 100644 --- a/src/ssl_crypto.c +++ b/src/ssl_crypto.c @@ -1048,11 +1048,7 @@ unsigned char* wolfSSL_SHA1(const unsigned char* data, size_t len, { /* Buffer to use when hash is NULL. */ static byte dgst[WC_SHA_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha* sha; -#else - wc_Sha sha[1]; -#endif + WC_DECLARE_VAR(sha, wc_Sha, 1, 0); int ret = 0; WOLFSSL_ENTER("wolfSSL_SHA1"); @@ -1064,13 +1060,9 @@ unsigned char* wolfSSL_SHA1(const unsigned char* data, size_t len, hash = dgst; } -#ifdef WOLFSSL_SMALL_STACK /* Allocate dynamic memory for a wolfSSL SHA object. */ - sha = (wc_Sha*)XMALLOC(sizeof(wc_Sha), NULL, DYNAMIC_TYPE_DIGEST); - if (sha == NULL) { - ret = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(sha, wc_Sha, 1, NULL, DYNAMIC_TYPE_DIGEST, + ret=MEMORY_E); if (ret == 0) { /* Initialize wolfCrypt SHA object. */ @@ -1100,10 +1092,7 @@ unsigned char* wolfSSL_SHA1(const unsigned char* data, size_t len, wc_ShaFree(sha); } -#ifdef WOLFSSL_SMALL_STACK - /* Free dynamic memory of a wolfSSL SHA object. */ - XFREE(sha, NULL, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(sha, NULL, DYNAMIC_TYPE_DIGEST); return hash; } #endif /* ! NO_SHA */ @@ -1126,11 +1115,7 @@ unsigned char* wolfSSL_SHA224(const unsigned char* data, size_t len, { /* Buffer to use when hash is NULL. */ static byte dgst[WC_SHA224_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha224* sha224; -#else - wc_Sha224 sha224[1]; -#endif + WC_DECLARE_VAR(sha224, wc_Sha224, 1, 0); int ret = 0; WOLFSSL_ENTER("wolfSSL_SHA224"); @@ -1142,13 +1127,9 @@ unsigned char* wolfSSL_SHA224(const unsigned char* data, size_t len, hash = dgst; } -#ifdef WOLFSSL_SMALL_STACK /* Allocate dynamic memory for a wolfSSL SHA-224 object. */ - sha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL, DYNAMIC_TYPE_DIGEST); - if (sha224 == NULL) { - ret = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(sha224, wc_Sha224, 1, NULL, DYNAMIC_TYPE_DIGEST, + ret=MEMORY_E); if (ret == 0) { /* Initialize wolfCrypt SHA224 object. */ @@ -1178,10 +1159,7 @@ unsigned char* wolfSSL_SHA224(const unsigned char* data, size_t len, wc_Sha224Free(sha224); } -#ifdef WOLFSSL_SMALL_STACK - /* Free dynamic memory of a wolfSSL SHA-224 object. */ - XFREE(sha224, NULL, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(sha224, NULL, DYNAMIC_TYPE_DIGEST); return hash; } #endif @@ -1204,11 +1182,7 @@ unsigned char* wolfSSL_SHA256(const unsigned char* data, size_t len, { /* Buffer to use when hash is NULL. */ static byte dgst[WC_SHA256_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha256* sha256; -#else - wc_Sha256 sha256[1]; -#endif + WC_DECLARE_VAR(sha256, wc_Sha256, 1, 0); int ret = 0; WOLFSSL_ENTER("wolfSSL_SHA256"); @@ -1220,13 +1194,9 @@ unsigned char* wolfSSL_SHA256(const unsigned char* data, size_t len, hash = dgst; } -#ifdef WOLFSSL_SMALL_STACK /* Allocate dynamic memory for a wolfSSL SHA-256 object. */ - sha256 = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, DYNAMIC_TYPE_DIGEST); - if (sha256 == NULL) { - ret = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(sha256, wc_Sha256, 1, NULL, DYNAMIC_TYPE_DIGEST, + ret=MEMORY_E); if (ret == 0) { /* Initialize wolfCrypt SHA256 object. */ @@ -1256,10 +1226,7 @@ unsigned char* wolfSSL_SHA256(const unsigned char* data, size_t len, wc_Sha256Free(sha256); } -#ifdef WOLFSSL_SMALL_STACK - /* Free dynamic memory of a wolfSSL SHA object. */ - XFREE(sha256, NULL, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(sha256, NULL, DYNAMIC_TYPE_DIGEST); return hash; } #endif /* ! NO_SHA256 */ @@ -1282,11 +1249,7 @@ unsigned char* wolfSSL_SHA384(const unsigned char* data, size_t len, { /* Buffer to use when hash is NULL. */ static byte dgst[WC_SHA384_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha384* sha384; -#else - wc_Sha384 sha384[1]; -#endif + WC_DECLARE_VAR(sha384, wc_Sha384, 1, 0); int ret = 0; WOLFSSL_ENTER("wolfSSL_SHA384"); @@ -1298,13 +1261,9 @@ unsigned char* wolfSSL_SHA384(const unsigned char* data, size_t len, hash = dgst; } -#ifdef WOLFSSL_SMALL_STACK /* Allocate dynamic memory for a wolfSSL SHA-384 object. */ - sha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), NULL, DYNAMIC_TYPE_DIGEST); - if (sha384 == NULL) { - ret = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(sha384, wc_Sha384, 1, NULL, DYNAMIC_TYPE_DIGEST, + ret=MEMORY_E); if (ret == 0) { /* Initialize wolfCrypt SHA384 object. */ @@ -1334,10 +1293,7 @@ unsigned char* wolfSSL_SHA384(const unsigned char* data, size_t len, wc_Sha384Free(sha384); } -#ifdef WOLFSSL_SMALL_STACK - /* Free dynamic memory of a wolfSSL SHA-384 object. */ - XFREE(sha384, NULL, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(sha384, NULL, DYNAMIC_TYPE_DIGEST); return hash; } #endif /* WOLFSSL_SHA384 */ @@ -1360,11 +1316,7 @@ unsigned char* wolfSSL_SHA512(const unsigned char* data, size_t len, { /* Buffer to use when hash is NULL. */ static byte dgst[WC_SHA512_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha512* sha512; -#else - wc_Sha512 sha512[1]; -#endif + WC_DECLARE_VAR(sha512, wc_Sha512, 1, 0); int ret = 0; WOLFSSL_ENTER("wolfSSL_SHA512"); @@ -1376,13 +1328,9 @@ unsigned char* wolfSSL_SHA512(const unsigned char* data, size_t len, hash = dgst; } -#ifdef WOLFSSL_SMALL_STACK /* Allocate dynamic memory for a wolfSSL SHA-512 object. */ - sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, DYNAMIC_TYPE_DIGEST); - if (sha512 == NULL) { - ret = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(sha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_DIGEST, + ret=MEMORY_E); if (ret == 0) { /* Initialize wolfCrypt SHA512 object. */ @@ -1412,10 +1360,7 @@ unsigned char* wolfSSL_SHA512(const unsigned char* data, size_t len, wc_Sha512Free(sha512); } -#ifdef WOLFSSL_SMALL_STACK - /* Free dynamic memory of a wolfSSL SHA-512 object. */ - XFREE(sha512, NULL, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(sha512, NULL, DYNAMIC_TYPE_DIGEST); return hash; } #endif /* WOLFSSL_SHA512 */ @@ -2062,11 +2007,7 @@ unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key, int rc = 0; int type = 0; int hmacLen = 0; -#ifdef WOLFSSL_SMALL_STACK - Hmac* hmac = NULL; -#else - Hmac hmac[1]; -#endif + WC_DECLARE_VAR(hmac, Hmac, 1, 0); void* heap = NULL; /* Validate parameters. */ @@ -2116,10 +2057,7 @@ unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key, wc_HmacFree(hmac); } -#ifdef WOLFSSL_SMALL_STACK - /* Free dynamic memory of a wolfSSL HMAC object. */ - XFREE(hmac, heap, DYNAMIC_TYPE_HMAC); -#endif + WC_FREE_VAR_EX(hmac, heap, DYNAMIC_TYPE_HMAC); return ret; } @@ -2715,11 +2653,7 @@ void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output, long length, WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec, int enc) { -#ifdef WOLFSSL_SMALL_STACK - Des* des = NULL; -#else - Des des[1]; -#endif + WC_DECLARE_VAR(des, Des, 1, 0); byte lastBlock[DES_BLOCK_SIZE]; WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt"); @@ -2767,9 +2701,7 @@ void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output, } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(des, NULL, DYNAMIC_TYPE_CIPHER); -#endif + WC_FREE_VAR_EX(des, NULL, DYNAMIC_TYPE_CIPHER); } /* Encrypt/decrypt data with DES-CBC. Sets the IV for following operation. @@ -2834,11 +2766,7 @@ void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input, WOLFSSL_DES_key_schedule* ks2, WOLFSSL_DES_key_schedule* ks3, WOLFSSL_DES_cblock* ivec, int enc) { -#ifdef WOLFSSL_SMALL_STACK - Des3* des3; -#else - Des3 des3[1]; -#endif + WC_DECLARE_VAR(des3, Des3, 1, 0); WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt"); @@ -2943,9 +2871,7 @@ void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input, wc_Des3Free(des3); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(des3, NULL, DYNAMIC_TYPE_CIPHER); -#endif + WC_FREE_VAR_EX(des3, NULL, DYNAMIC_TYPE_CIPHER); } #ifdef WOLFSSL_DES_ECB @@ -2959,11 +2885,7 @@ void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input, void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* in, WOLFSSL_DES_cblock* out, WOLFSSL_DES_key_schedule* key, int enc) { -#ifdef WOLFSSL_SMALL_STACK - Des* des = NULL; -#else - Des des[1]; -#endif + WC_DECLARE_VAR(des, Des, 1, 0); WOLFSSL_ENTER("wolfSSL_DES_ecb_encrypt"); @@ -3001,9 +2923,7 @@ void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* in, WOLFSSL_DES_cblock* out, } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(des, NULL, DYNAMIC_TYPE_CIPHER); -#endif + WC_FREE_VAR_EX(des, NULL, DYNAMIC_TYPE_CIPHER); } #endif #endif /* NO_DES3 */ diff --git a/src/ssl_load.c b/src/ssl_load.c index 3ca77d7a748..95af6d4f654 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -468,18 +468,11 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl, int ret; word32 idx; /* make sure RSA key can be used */ -#ifdef WOLFSSL_SMALL_STACK - RsaKey* key; -#else - RsaKey key[1]; -#endif + WC_DECLARE_VAR(key, RsaKey, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate an RSA key to parse into so we can get size. */ - key = (RsaKey*)XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA); - if (key == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(key, RsaKey, 1, heap, DYNAMIC_TYPE_RSA, + return MEMORY_E); /* Initialize the RSA key. */ ret = wc_InitRsaKey_ex(key, heap, devId); @@ -529,10 +522,7 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl, wc_FreeRsaKey(key); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of allocated key. */ - XFREE(key, heap, DYNAMIC_TYPE_RSA); -#endif + WC_FREE_VAR_EX(key, heap, DYNAMIC_TYPE_RSA); return ret; } @@ -562,18 +552,11 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl, int ret = 0; word32 idx; /* make sure ECC key can be used */ -#ifdef WOLFSSL_SMALL_STACK - ecc_key* key; -#else - ecc_key key[1]; -#endif + WC_DECLARE_VAR(key, ecc_key, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate an ECC key to parse into. */ - key = (ecc_key*)XMALLOC(sizeof(ecc_key), heap, DYNAMIC_TYPE_ECC); - if (key == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(key, ecc_key, 1, heap, DYNAMIC_TYPE_ECC, + return MEMORY_E); /* Initialize ECC key. */ if (wc_ecc_init_ex(key, heap, devId) == 0) { @@ -638,10 +621,7 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl, wc_ecc_free(key); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of allocated key. */ - XFREE(key, heap, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(key, heap, DYNAMIC_TYPE_ECC); return ret; } #endif /* HAVE_ECC */ @@ -669,19 +649,11 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl, int ret; word32 idx; /* make sure Ed25519 key can be used */ -#ifdef WOLFSSL_SMALL_STACK - ed25519_key* key; -#else - ed25519_key key[1]; -#endif + WC_DECLARE_VAR(key, ed25519_key, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate an Ed25519 key to parse into. */ - key = (ed25519_key*)XMALLOC(sizeof(ed25519_key), heap, - DYNAMIC_TYPE_ED25519); - if (key == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(key, ed25519_key, 1, heap, DYNAMIC_TYPE_ED25519, + return MEMORY_E); /* Initialize Ed25519 key. */ ret = wc_ed25519_init_ex(key, heap, devId); @@ -733,10 +705,7 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl, wc_ed25519_free(key); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of allocated key. */ - XFREE(key, heap, DYNAMIC_TYPE_ED25519); -#endif + WC_FREE_VAR_EX(key, heap, DYNAMIC_TYPE_ED25519); return ret; } #endif /* HAVE_ED25519 && HAVE_ED25519_KEY_IMPORT */ @@ -764,18 +733,11 @@ static int ProcessBufferTryDecodeEd448(WOLFSSL_CTX* ctx, WOLFSSL* ssl, int ret; word32 idx; /* make sure Ed448 key can be used */ -#ifdef WOLFSSL_SMALL_STACK - ed448_key* key = NULL; -#else - ed448_key key[1]; -#endif + WC_DECLARE_VAR(key, ed448_key, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate an Ed448 key to parse into. */ - key = (ed448_key*)XMALLOC(sizeof(ed448_key), heap, DYNAMIC_TYPE_ED448); - if (key == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(key, ed448_key, 1, heap, DYNAMIC_TYPE_ED448, + return MEMORY_E); /* Initialize Ed448 key. */ ret = wc_ed448_init_ex(key, heap, devId); @@ -824,10 +786,7 @@ static int ProcessBufferTryDecodeEd448(WOLFSSL_CTX* ctx, WOLFSSL* ssl, wc_ed448_free(key); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of allocated key. */ - XFREE(key, heap, DYNAMIC_TYPE_ED448); -#endif + WC_FREE_VAR_EX(key, heap, DYNAMIC_TYPE_ED448); return ret; } #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */ @@ -1210,11 +1169,7 @@ static int ProcessBufferPrivPkcs8Dec(EncryptedInfo* info, DerBuffer* der, int ret = 0; word32 algId; int passwordSz = NAME_SZ; -#ifndef WOLFSSL_SMALL_STACK - char password[NAME_SZ]; -#else - char* password; -#endif + WC_DECLARE_VAR(password, char, NAME_SZ, 0); (void)heap; #ifdef WOLFSSL_SMALL_STACK @@ -1868,20 +1823,11 @@ static int ProcessBufferCertAltPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, #ifdef HAVE_ECC case ECDSAk: { - #ifdef WOLFSSL_SMALL_STACK - ecc_key* temp_key = NULL; - #else - ecc_key temp_key[1]; - #endif + WC_DECLARE_VAR(temp_key, ecc_key, 1, 0); keyType = ecc_dsa_sa_algo; - #ifdef WOLFSSL_SMALL_STACK - temp_key = (ecc_key*)XMALLOC(sizeof(ecc_key), heap, - DYNAMIC_TYPE_ECC); - if (temp_key == NULL) { - ret = MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(temp_key, ecc_key, 1, heap, DYNAMIC_TYPE_ECC, + ret=MEMORY_E); /* Determine ECC key size. We have to decode the sapki for * that. */ @@ -1897,9 +1843,7 @@ static int ProcessBufferCertAltPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, wc_ecc_free(temp_key); } } - #ifdef WOLFSSL_SMALL_STACK - XFREE(temp_key, heap, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(temp_key, heap, DYNAMIC_TYPE_ECC); if ((ret == 0) && checkKeySz) { ret = CHECK_KEY_SZ(ssl ? ssl->options.minEccKeySz : @@ -2068,21 +2012,12 @@ static int ProcessBufferCert(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der) #if defined(HAVE_RPK) RpkState* rpkState = ssl ? &ssl->options.rpkState : &ctx->rpkState; #endif -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate memory for certificate to be decoded into. */ - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), heap, DYNAMIC_TYPE_DCERT); - if (cert == NULL) { - ret = MEMORY_E; - } - - if (ret == 0) -#endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, heap, DYNAMIC_TYPE_DCERT, + ret=MEMORY_E); + if (WC_VAR_OK(cert)) { /* Get device id from SSL context or SSL object. */ int devId = wolfSSL_CTX_GetDevId(ctx, ssl); @@ -2129,10 +2064,7 @@ static int ProcessBufferCert(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der) /* Dispose of dynamic memory in certificate object. */ FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of certificate object. */ - XFREE(cert, heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, heap, DYNAMIC_TYPE_DCERT); return ret; } @@ -2409,11 +2341,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, long sz, DerBuffer* der = NULL; int ret = 0; void* heap = WOLFSSL_HEAP(ctx, ssl); -#ifdef WOLFSSL_SMALL_STACK - EncryptedInfo* info = NULL; -#else - EncryptedInfo info[1]; -#endif + WC_DECLARE_VAR(info, EncryptedInfo, 1, 0); int algId = 0; #ifdef WOLFSSL_DEBUG_CERTIFICATE_LOADS long usedAtStart = used ? *used : 0L; @@ -2479,10 +2407,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, long sz, /* Process the private key. */ ret = ProcessBufferPrivateKey(ctx, ssl, der, format, info, heap, type, algId); - #ifdef WOLFSSL_SMALL_STACK - /* Info no longer needed - keep max memory usage down. */ - XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); - #endif + WC_FREE_VAR_EX(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); } else if (ret == 0) { /* Processing a certificate. */ @@ -2515,10 +2440,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, long sz, #endif /* WOLFSSL_DEBUG_CERTIFICATE_LOADS */ } - #ifdef WOLFSSL_SMALL_STACK - /* Info no longer needed - keep max memory usage down. */ - XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); - #endif + WC_FREE_VAR_EX(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); if (ret == 0) { /* Process the different types of certificates. */ @@ -2885,20 +2807,11 @@ static int wolfssl_ctx_load_path(WOLFSSL_CTX* ctx, const char* path, char* name = NULL; int fileRet; int failCount = 0; -#ifdef WOLFSSL_SMALL_STACK - ReadDirCtx* readCtx; -#else - ReadDirCtx readCtx[1]; -#endif + WC_DECLARE_VAR(readCtx, ReadDirCtx, 1, 0); -#ifdef WOLFSSL_SMALL_STACK /* Allocate memory for directory reading context. */ - readCtx = (ReadDirCtx*)XMALLOC(sizeof(ReadDirCtx), ctx->heap, - DYNAMIC_TYPE_DIRCTX); - if (readCtx == NULL) { - ret = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(readCtx, ReadDirCtx, 1, ctx->heap, DYNAMIC_TYPE_DIRCTX, + ret=MEMORY_E); if (ret == 1) { /* Get name of first file in path. */ @@ -2956,10 +2869,7 @@ static int wolfssl_ctx_load_path(WOLFSSL_CTX* ctx, const char* path, ret = 1; } - #ifdef WOLFSSL_SMALL_STACK - /* Dispose of dynamically allocated memory. */ - XFREE(readCtx, ctx->heap, DYNAMIC_TYPE_DIRCTX); - #endif + WC_FREE_VAR_EX(readCtx, ctx->heap, DYNAMIC_TYPE_DIRCTX); } return ret; @@ -5652,18 +5562,10 @@ static int wolfssl_check_dh_key(unsigned char* p, int pSz, unsigned char* g, { WC_RNG rng; int ret = 0; -#ifndef WOLFSSL_SMALL_STACK - DhKey checkKey[1]; -#else - DhKey *checkKey; -#endif + WC_DECLARE_VAR(checkKey, DhKey, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - checkKey = (DhKey*)XMALLOC(sizeof(DhKey), NULL, DYNAMIC_TYPE_DH); - if (checkKey == NULL) { - ret = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(checkKey, DhKey, 1, NULL, DYNAMIC_TYPE_DH, + ret=MEMORY_E); /* Initialize a new random number generator. */ if ((ret == 0) && ((ret = wc_InitRng(&rng)) == 0)) { /* Initialize a DH object. */ @@ -5677,10 +5579,7 @@ static int wolfssl_check_dh_key(unsigned char* p, int pSz, unsigned char* g, wc_FreeRng(&rng); } -#ifdef WOLFSSL_SMALL_STACK - /* Dispose of dynamically allocated data. */ - XFREE(checkKey, NULL, DYNAMIC_TYPE_DH); -#endif + WC_FREE_VAR_EX(checkKey, NULL, DYNAMIC_TYPE_DH); /* Convert wolfCrypt return code to 1 on success and ret on failure. */ return WC_TO_WS_RC(ret); } diff --git a/src/ssl_p7p12.c b/src/ssl_p7p12.c index 6313feb5518..7fc44a4b973 100644 --- a/src/ssl_p7p12.c +++ b/src/ssl_p7p12.c @@ -578,11 +578,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out) int lineLen = 0; word32 canonLineLen = 0; char* canonLine = NULL; -#ifdef WOLFSSL_SMALL_STACK - char* line = NULL; -#else - char line[MAX_MIME_LINE_LEN]; -#endif + WC_DECLARE_VAR(line, char, MAX_MIME_LINE_LEN, 0); if (in == NULL || out == NULL) { return BAD_FUNC_ARG; @@ -629,9 +625,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out) } XFREE(canonLine, NULL, DYNAMIC_TYPE_PKCS7); -#ifdef WOLFSSL_SMALL_STACK - XFREE(line, in->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(line, in->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1041,18 +1035,14 @@ int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7) if ((wolfSSL_BIO_write(bio, pem, pemSz) == pemSz)) { XFREE(output, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); -#ifdef WOLFSSL_SMALL_STACK - XFREE(outputHead, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(outputFoot, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(outputHead, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(outputFoot, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_SUCCESS; } error: -#ifdef WOLFSSL_SMALL_STACK - XFREE(outputHead, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(outputFoot, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(outputHead, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(outputFoot, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(output, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(pem, bio->heap, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; @@ -1853,11 +1843,7 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, byte* pk = NULL; word32 pkSz; WC_DerCertList* certList = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *DeCert; -#else - DecodedCert DeCert[1]; -#endif + WC_DECLARE_VAR(DeCert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_PKCS12_parse"); @@ -2073,9 +2059,7 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw, out: -#ifdef WOLFSSL_SMALL_STACK - XFREE(DeCert, heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(DeCert, heap, DYNAMIC_TYPE_DCERT); return ret; } diff --git a/src/ssl_sess.c b/src/ssl_sess.c index 50e3fedb402..272c285b653 100644 --- a/src/ssl_sess.c +++ b/src/ssl_sess.c @@ -1167,11 +1167,7 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output) word32 row; int error = 0; #ifdef HAVE_SESSION_TICKET -#ifndef WOLFSSL_SMALL_STACK - byte tmpTicket[PREALLOC_SESSION_TICKET_LEN]; -#else - byte* tmpTicket = NULL; -#endif + WC_DECLARE_VAR(tmpTicket, byte, PREALLOC_SESSION_TICKET_LEN, 0); #ifdef WOLFSSL_TLS13 byte *preallocNonce = NULL; byte preallocNonceLen = 0; @@ -1300,9 +1296,7 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output) output->ticket = output->staticTicket; output->ticketLenAlloc = 0; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; } #endif /* WOLFSSL_TLS13 && HAVE_SESSION_TICKET*/ @@ -1403,9 +1397,7 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output) XMEMCPY(output->ticket, tmpTicket, output->ticketLen); /* cppcheck-suppress uninitvar */ } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpTicket, output->heap, DYNAMIC_TYPE_TMP_BUFFER); #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) && \ (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3))) diff --git a/src/tls.c b/src/tls.c index 5759e344d90..07cb80dfb31 100644 --- a/src/tls.c +++ b/src/tls.c @@ -464,18 +464,10 @@ int DeriveTlsKeys(WOLFSSL* ssl) int key_dig_len = 2 * ssl->specs.hash_size + 2 * ssl->specs.key_size + 2 * ssl->specs.iv_size; -#ifdef WOLFSSL_SMALL_STACK - byte* key_dig; -#else - byte key_dig[MAX_PRF_DIG]; -#endif + WC_DECLARE_VAR(key_dig, byte, MAX_PRF_DIG, 0); -#ifdef WOLFSSL_SMALL_STACK - key_dig = (byte*)XMALLOC(MAX_PRF_DIG, ssl->heap, DYNAMIC_TYPE_DIGEST); - if (key_dig == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(key_dig, byte, MAX_PRF_DIG, ssl->heap, + DYNAMIC_TYPE_DIGEST, return MEMORY_E); XMEMSET(key_dig, 0, MAX_PRF_DIG); @@ -496,9 +488,7 @@ int DeriveTlsKeys(WOLFSSL* ssl) if (ret == 0) ret = StoreKeys(ssl, key_dig, PROVISION_CLIENT_SERVER); -#ifdef WOLFSSL_SMALL_STACK - XFREE(key_dig, ssl->heap, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(key_dig, ssl->heap, DYNAMIC_TYPE_DIGEST); return ret; } @@ -709,17 +699,10 @@ int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* key, unsigned int len, const char* label) { int ret; -#ifdef WOLFSSL_SMALL_STACK - byte* seed; -#else - byte seed[SEED_LEN]; -#endif + WC_DECLARE_VAR(seed, byte, SEED_LEN, 0); -#ifdef WOLFSSL_SMALL_STACK - seed = (byte*)XMALLOC(SEED_LEN, ssl->heap, DYNAMIC_TYPE_SEED); - if (seed == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(seed, byte, SEED_LEN, ssl->heap, DYNAMIC_TYPE_SEED, + return MEMORY_E); /* * As per RFC-5281, the order of the client and server randoms is reversed @@ -745,9 +728,7 @@ int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* key, unsigned int len, (void)label; #endif -#ifdef WOLFSSL_SMALL_STACK - XFREE(seed, ssl->heap, DYNAMIC_TYPE_SEED); -#endif + WC_FREE_VAR_EX(seed, ssl->heap, DYNAMIC_TYPE_SEED); return ret; } @@ -7458,9 +7439,7 @@ static int TLSX_CA_Names_Parse(WOLFSSL *ssl, const byte* input, if (didInit) FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, ssl->heap, DYNAMIC_TYPE_DCERT); if (ret != 0) return ret; @@ -8440,11 +8419,7 @@ static int TLSX_KeyShare_GenPqcKeyClient(WOLFSSL *ssl, KeyShareEntry* kse) int ret = 0; int type = 0; #ifndef WOLFSSL_TLSX_PQC_MLKEM_STORE_OBJ - #ifdef WOLFSSL_SMALL_STACK - KyberKey *kem = NULL; - #else - KyberKey kem[1]; - #endif + WC_DECLARE_VAR(kem, KyberKey, 1, 0); byte* privKey = NULL; word32 privSz = 0; #else @@ -13117,10 +13092,8 @@ static int TLSX_ECH_Write(WOLFSSL_ECH* ech, byte msgType, byte* writeBuf, wc_FreeRng(rng); if (ephemeralKey != NULL) wc_HpkeFreeKey(hpke, hpke->kem, ephemeralKey, hpke->heap); -#ifdef WOLFSSL_SMALL_STACK - XFREE(hpke, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(rng, NULL, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(hpke, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(rng, NULL, DYNAMIC_TYPE_RNG); } else { /* only write enc if this is our first ech, no hpke context */ @@ -15007,11 +14980,7 @@ static int TLSX_GetSizeWithEch(WOLFSSL* ssl, byte* semaphore, byte msgType, TLSX* echX = NULL; TLSX* serverNameX = NULL; TLSX** extensions = NULL; -#ifdef WOLFSSL_SMALL_STACK - char* tmpServerName = NULL; -#else - char tmpServerName[MAX_PUBLIC_NAME_SZ]; -#endif + WC_DECLARE_VAR(tmpServerName, char, MAX_PUBLIC_NAME_SZ, 0); /* calculate the rest of the extensions length with inner ech */ if (ssl->extensions) @@ -15086,9 +15055,7 @@ static int TLSX_GetSizeWithEch(WOLFSSL* ssl, byte* semaphore, byte msgType, ret = 0; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpServerName, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpServerName, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -15218,11 +15185,7 @@ static int TLSX_WriteWithEch(WOLFSSL* ssl, byte* output, byte* semaphore, TLSX* echX = NULL; TLSX* serverNameX = NULL; TLSX** extensions = NULL; -#ifdef WOLFSSL_SMALL_STACK - char* tmpServerName = NULL; -#else - char tmpServerName[MAX_PUBLIC_NAME_SZ]; -#endif + WC_DECLARE_VAR(tmpServerName, char, MAX_PUBLIC_NAME_SZ, 0); /* get the echX from either extensions or ctx */ if (ssl->extensions) @@ -15330,9 +15293,7 @@ static int TLSX_WriteWithEch(WOLFSSL* ssl, byte* output, byte* semaphore, ret = r; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpServerName, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpServerName, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/src/tls13.c b/src/tls13.c index 715feb1ac31..5f4c8697a58 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1344,11 +1344,7 @@ int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret) static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash, word32* pHashSz) { -#ifdef WOLFSSL_SMALL_STACK - Hmac* verifyHmac; -#else - Hmac verifyHmac[1]; -#endif + WC_DECLARE_VAR(verifyHmac, Hmac, 1, 0); int hashType = WC_SHA256; int hashSz = WC_SHA256_DIGEST_SIZE; int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); @@ -1401,12 +1397,8 @@ static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash, WOLFSSL_BUFFER(hash, hashSz); #endif -#ifdef WOLFSSL_SMALL_STACK - verifyHmac = (Hmac*)XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_HMAC); - if (verifyHmac == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(verifyHmac, Hmac, 1, NULL, DYNAMIC_TYPE_HMAC, + return MEMORY_E); /* Calculate the verify data. */ ret = wc_HmacInit(verifyHmac, ssl->heap, ssl->devId); @@ -1419,9 +1411,7 @@ static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash, wc_HmacFree(verifyHmac); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(verifyHmac, NULL, DYNAMIC_TYPE_HMAC); -#endif + WC_FREE_VAR_EX(verifyHmac, NULL, DYNAMIC_TYPE_HMAC); #ifdef WOLFSSL_DEBUG_TLS WOLFSSL_MSG(" Hash"); @@ -1465,11 +1455,7 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) { int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); /* Assume failure */ int i = 0; -#ifdef WOLFSSL_SMALL_STACK - byte* key_dig; -#else - byte key_dig[MAX_PRF_DIG]; -#endif + WC_DECLARE_VAR(key_dig, byte, MAX_PRF_DIG, 0); int provision; #if defined(WOLFSSL_RENESAS_TSIP_TLS) @@ -1480,11 +1466,8 @@ int DeriveTls13Keys(WOLFSSL* ssl, int secret, int side, int store) ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); /* Assume failure */ #endif -#ifdef WOLFSSL_SMALL_STACK - key_dig = (byte*)XMALLOC(MAX_PRF_DIG, ssl->heap, DYNAMIC_TYPE_DIGEST); - if (key_dig == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(key_dig, byte, MAX_PRF_DIG, ssl->heap, + DYNAMIC_TYPE_DIGEST, return MEMORY_E); if (side == ENCRYPT_AND_DECRYPT_SIDE) { provision = PROVISION_CLIENT_SERVER; diff --git a/src/wolfio.c b/src/wolfio.c index 62e78f10cd0..430e8898371 100644 --- a/src/wolfio.c +++ b/src/wolfio.c @@ -2150,10 +2150,8 @@ int EmbedOcspLookup(void* ctx, const char* url, int urlSz, } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(path, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(domainName, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(path, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(domainName, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -2206,11 +2204,7 @@ int EmbedCrlLookup(WOLFSSL_CRL* crl, const char* url, int urlSz) SOCKET_T sfd = SOCKET_INVALID; word16 port; int ret = -1; -#ifdef WOLFSSL_SMALL_STACK - char* domainName; -#else - char domainName[MAX_URL_ITEM_SIZE]; -#endif + WC_DECLARE_VAR(domainName, char, MAX_URL_ITEM_SIZE, 0); #ifdef WOLFSSL_SMALL_STACK domainName = (char*)XMALLOC(MAX_URL_ITEM_SIZE, crl->heap, @@ -2252,9 +2246,7 @@ int EmbedCrlLookup(WOLFSSL_CRL* crl, const char* url, int urlSz) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(domainName, crl->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(domainName, crl->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/src/x509.c b/src/x509.c index 74efb78c385..45b5e2078d5 100644 --- a/src/x509.c +++ b/src/x509.c @@ -117,11 +117,7 @@ int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert) int sz = 0; word32 idx = 0; const byte* input; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *cert; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_X509_get_ext_count"); if (passedCert == NULL) { @@ -196,9 +192,7 @@ int wolfSSL_X509_get_ext_count(const WOLFSSL_X509* passedCert) out: FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return extCount; } @@ -737,11 +731,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) byte* oidBuf; word32 oid, idx = 0, tmpIdx = 0, nid; WOLFSSL_X509_EXTENSION* ext = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_X509_set_ext"); @@ -788,9 +778,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tCertificate parsing failed"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -801,9 +789,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -815,9 +801,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tfail: should be an EXTENSIONS"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -825,9 +809,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tfail: invalid length"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } } @@ -836,9 +818,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tfail: should be a SEQUENCE (1)"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -849,9 +829,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tfail: should be a SEQUENCE"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -861,9 +839,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tfail: OBJECT ID"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } idx = tmpIdx; @@ -886,9 +862,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("\tfail: Invalid OBJECT"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } } @@ -934,9 +908,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) if (a == NULL || !ret) { wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } a->length = (int)x509->pathLength; @@ -962,9 +934,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("Failed to malloc stack"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -979,9 +949,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } obj->obj = (byte*)x509->authInfoCaIssuer; @@ -997,9 +965,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } } @@ -1015,9 +981,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } obj->obj = x509->authInfo; @@ -1033,9 +997,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_sk_ASN1_OBJECT_pop_free(sk, NULL); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } } @@ -1049,9 +1011,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) if (!wolfssl_x509_alt_names_to_gn(x509, ext)) { wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } break; @@ -1066,9 +1026,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("Failed to Get ASN Object Id"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } oidBuf = (byte*)XMALLOC(length+1+MAX_LENGTH_SZ, NULL, @@ -1077,9 +1035,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("Failed to malloc tmp buffer"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } oidBuf[0] = ASN_OBJECT_ID; @@ -1094,9 +1050,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } } @@ -1123,9 +1077,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); XFREE(oidBuf, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } ext->obj->dynamic |= WOLFSSL_ASN1_DYNAMIC_DATA; @@ -1160,9 +1112,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_ASN1_OBJECT_free(ext->obj); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -1178,9 +1128,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_ASN1_OBJECT_free(ext->obj); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } @@ -1191,9 +1139,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) wolfSSL_ASN1_OBJECT_free(ext->obj); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } ext->value.data = (char*)XMALLOC(length, NULL, @@ -1203,9 +1149,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) WOLFSSL_MSG("Failed to malloc ASN1_STRING data"); wolfSSL_X509_EXTENSION_free(ext); FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return NULL; } XMEMCPY(ext->value.data,input+tmpIdx,length); @@ -1226,9 +1170,7 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc) } FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return ext; } @@ -1911,11 +1853,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) WOLFSSL_ASN1_STRING* asn1String = NULL, *newString = NULL; WOLFSSL_STACK* sk; void *data = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *cert; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_X509V3_EXT_d2i"); @@ -2122,9 +2060,7 @@ void* wolfSSL_X509V3_EXT_d2i(WOLFSSL_X509_EXTENSION* ext) out: FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_X509_EXT); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_X509_EXT); return data; } @@ -2145,11 +2081,7 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos) const byte* rawCert; const byte* input; word32 oid, idx = 0, tmpIdx = 0, foundNID; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *cert; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_X509_get_ext_by_NID"); @@ -2254,9 +2186,7 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509, int nid, int lastPos) out: FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, x509->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, x509->heap, DYNAMIC_TYPE_DCERT); return found ? extCount : WOLFSSL_FATAL_ERROR; } @@ -3890,18 +3820,10 @@ static WOLFSSL_X509* d2i_X509orX509REQ(WOLFSSL_X509** x509, && (req == 0 || req == 1) #endif ) { - #ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert; - #else - DecodedCert cert[1]; - #endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) - return NULL; - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + return NULL); InitDecodedCert(cert, (byte*)in, (word32)len, heap); #ifdef WOLFSSL_CERT_REQ @@ -3917,9 +3839,7 @@ static WOLFSSL_X509* d2i_X509orX509REQ(WOLFSSL_X509** x509, } } FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); } if (x509 != NULL) @@ -4063,11 +3983,7 @@ int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, int wolfSSL_X509_get_pubkey_buffer(WOLFSSL_X509* x509, unsigned char* buf, int* bufSz) { -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); const byte* der; int length = 0; int ret = 0, derSz = 0; @@ -4104,9 +4020,7 @@ int wolfSSL_X509_get_pubkey_buffer(WOLFSSL_X509* x509, } FreeDecodedCert(cert); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, x509->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(cert, x509->heap, DYNAMIC_TYPE_TMP_BUFFER); if (ret < 0) { WOLFSSL_LEAVE("wolfSSL_X509_get_pubkey_buffer", ret); @@ -5463,20 +5377,11 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer( /* At this point we want `der` to have the certificate in DER format */ /* ready to be decoded. */ if (der != NULL && der->buffer != NULL) { - #ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert; - #else - DecodedCert cert[1]; - #endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) { - ret = MEMORY_ERROR; - } - else - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + ret=MEMORY_ERROR); + if (WC_VAR_OK(cert)) { InitDecodedCert(cert, der->buffer, der->length, NULL); ret = ParseCertRelative(cert, type, 0, NULL, NULL); @@ -5497,9 +5402,7 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer( } FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); } FreeDer(&der); @@ -7773,11 +7676,7 @@ static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl) size_t pathLen; int i, num; const char* c; -#ifdef WOLFSSL_SMALL_STACK - char *buf; -#else - char buf[MAX_FILENAME_SZ]; -#endif + WC_DECLARE_VAR(buf, char, MAX_FILENAME_SZ, 0); WOLFSSL_ENTER("x509AddCertDir"); @@ -7821,9 +7720,7 @@ static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl) if (ctx->dir_entry == NULL) { WOLFSSL_MSG("failed to allocate dir_entry"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(buf, 0, DYNAMIC_TYPE_OPENSSL); - #endif + WC_FREE_VAR_EX(buf, 0, DYNAMIC_TYPE_OPENSSL); return 0; } } @@ -7831,9 +7728,7 @@ static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl) entry = wolfSSL_BY_DIR_entry_new(); if (entry == NULL) { WOLFSSL_MSG("failed to allocate dir entry"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(buf, 0, DYNAMIC_TYPE_OPENSSL); - #endif + WC_FREE_VAR_EX(buf, 0, DYNAMIC_TYPE_OPENSSL); return 0; } entry->dir_type = (int)argl; @@ -7843,9 +7738,7 @@ static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl) if (entry->dir_name == NULL || entry->hashes == NULL) { WOLFSSL_MSG("failed to allocate dir name"); wolfSSL_BY_DIR_entry_free(entry); - #ifdef WOLFSSL_SMALL_STACK - XFREE(buf, 0, DYNAMIC_TYPE_OPENSSL); - #endif + WC_FREE_VAR_EX(buf, 0, DYNAMIC_TYPE_OPENSSL); return 0; } @@ -7854,9 +7747,7 @@ static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl) if (wolfSSL_sk_BY_DIR_entry_push(ctx->dir_entry, entry) <= 0) { wolfSSL_BY_DIR_entry_free(entry); - #ifdef WOLFSSL_SMALL_STACK - XFREE(buf, 0, DYNAMIC_TYPE_OPENSSL); - #endif + WC_FREE_VAR_EX(buf, 0, DYNAMIC_TYPE_OPENSSL); return 0; } } @@ -7870,9 +7761,7 @@ static int x509AddCertDir(WOLFSSL_BY_DIR *ctx, const char *argc, long argl) } while(*c++ != '\0'); -#ifdef WOLFSSL_SMALL_STACK - XFREE(buf, 0, DYNAMIC_TYPE_OPENSSL); -#endif + WC_FREE_VAR_EX(buf, 0, DYNAMIC_TYPE_OPENSSL); return WOLFSSL_SUCCESS; #else @@ -7961,11 +7850,7 @@ static int loadX509orX509REQFromBio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE); /* Get large buffer to hold cert der */ int derSz = X509_BUFFER_SZ; -#ifdef WOLFSSL_SMALL_STACK - byte* der; -#else - byte der[X509_BUFFER_SZ]; -#endif + WC_DECLARE_VAR(der, byte, X509_BUFFER_SZ, 0); WOLFSSL_ENTER("wolfSSL_i2d_X509_bio"); if (bio == NULL || x509 == NULL) { @@ -7990,9 +7875,7 @@ static int loadX509orX509REQFromBio(WOLFSSL_BIO* bio, WOLFSSL_X509* x509, ret = WOLFSSL_SUCCESS; cleanup: - #ifdef WOLFSSL_SMALL_STACK - XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -8988,9 +8871,7 @@ static int X509CRLPrintExtensions(WOLFSSL_BIO* bio, WOLFSSL_X509_CRL* crl, mp_free(dec_num); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(dec_num, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(dec_num, NULL, DYNAMIC_TYPE_BIGINT); } #if !defined(NO_SKID) @@ -11667,21 +11548,13 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out) { int totalBytes = 0, i, idx; byte *output, *local = NULL; -#ifdef WOLFSSL_SMALL_STACK - EncodedName* names = NULL; -#else - EncodedName names[MAX_NAME_ENTRIES]; -#endif + WC_DECLARE_VAR(names, EncodedName, MAX_NAME_ENTRIES, 0); if (name == NULL) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - names = (EncodedName*)XMALLOC(sizeof(EncodedName) * MAX_NAME_ENTRIES, NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (names == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(names, EncodedName, MAX_NAME_ENTRIES, NULL, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); XMEMSET(names, 0, sizeof(EncodedName) * MAX_NAME_ENTRIES); @@ -11697,25 +11570,19 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out) cano_data = wolfSSL_ASN1_STRING_new(); if (cano_data == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } data = wolfSSL_X509_NAME_ENTRY_get_data(entry); if (data == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_ASN1_STRING_free(cano_data); WOLFSSL_MSG("Error getting entry data"); return WOLFSSL_FATAL_ERROR; } if (wolfSSL_ASN1_STRING_canon(cano_data, data) != WOLFSSL_SUCCESS) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_ASN1_STRING_free(cano_data); return WOLFSSL_FAILURE; } @@ -11724,9 +11591,7 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out) ret = wc_EncodeNameCanonical(&names[i], nameStr, CTC_UTF8, (byte)ConvertNIDToWolfSSL(entry->nid)); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); wolfSSL_ASN1_STRING_free(cano_data); WOLFSSL_MSG("EncodeName failed"); return WOLFSSL_FATAL_ERROR; @@ -11738,9 +11603,7 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out) if (out == NULL) { /* If out is NULL, caller just wants length. */ -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); return totalBytes; } @@ -11763,9 +11626,7 @@ int wolfSSL_i2d_X509_NAME_canon(WOLFSSL_X509_NAME* name, unsigned char** out) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); /* used existing buffer passed in, so increment pointer */ if (local == NULL) { @@ -11802,21 +11663,13 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) int totalBytes = 0, i, idx; byte temp[MAX_SEQ_SZ]; byte *output, *local = NULL; -#ifdef WOLFSSL_SMALL_STACK - EncodedName* names = NULL; -#else - EncodedName names[MAX_NAME_ENTRIES]; -#endif + WC_DECLARE_VAR(names, EncodedName, MAX_NAME_ENTRIES, 0); if (name == NULL) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - names = (EncodedName*)XMALLOC(sizeof(EncodedName) * MAX_NAME_ENTRIES, NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (names == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(names, EncodedName, MAX_NAME_ENTRIES, NULL, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); XMEMSET(names, 0, sizeof(EncodedName) * MAX_NAME_ENTRIES); @@ -11832,9 +11685,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) data = wolfSSL_X509_NAME_ENTRY_get_data(entry); if (data == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("Error getting entry data"); return WOLFSSL_FATAL_ERROR; } @@ -11858,9 +11709,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) ret = wc_EncodeName(&names[i], nameStr, (char)type, (byte)ConvertNIDToWolfSSL(entry->nid)); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("EncodeName failed"); return WOLFSSL_FATAL_ERROR; } @@ -11871,9 +11720,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) /* header */ idx = (int)SetSequence((word32)totalBytes, temp); if (totalBytes + idx > ASN_NAME_MAX) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("Total Bytes is greater than ASN_NAME_MAX"); return BUFFER_E; } @@ -11881,9 +11728,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) if (out == NULL) { /* If out is NULL, caller just wants length. */ totalBytes += idx; -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); return totalBytes; } @@ -11906,9 +11751,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); /* used existing buffer passed in, so increment pointer */ if (local == NULL) { @@ -11926,11 +11769,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) unsigned char **in, long length) { WOLFSSL_X509_NAME* tmp = NULL; - #ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; - #else - DecodedCert cert[1]; - #endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_d2i_X509_NAME"); @@ -11939,13 +11778,8 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) return NULL; } - #ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, - DYNAMIC_TYPE_DCERT); - if (cert == NULL) { - return NULL; - } - #endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + return NULL); /* Set the X509_NAME buffer as the input data for cert. * in is NOT a full certificate. Just the name. */ @@ -11973,9 +11807,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out) *name = tmp; cleanup: FreeDecodedCert(cert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); return tmp; } #endif /* OPENSSL_EXTRA || OPENSSL_ALL || WOLFSSL_WPAS_SMALL */ @@ -14253,11 +14085,7 @@ int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, size_t chklen, { int ret; size_t i; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *dCert; -#else - DecodedCert dCert[1]; -#endif + WC_DECLARE_VAR(dCert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_X509_check_host"); @@ -14318,9 +14146,7 @@ int wolfSSL_X509_check_host(WOLFSSL_X509 *x, const char *chk, size_t chklen, out: FreeDecodedCert(dCert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dCert, x->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(dCert, x->heap, DYNAMIC_TYPE_DCERT); if (ret != 0) return WOLFSSL_FAILURE; @@ -14332,11 +14158,7 @@ int wolfSSL_X509_check_ip_asc(WOLFSSL_X509 *x, const char *ipasc, unsigned int flags) { int ret = WC_NO_ERR_TRACE(WOLFSSL_FAILURE); -#ifdef WOLFSSL_SMALL_STACK - DecodedCert *dCert = NULL; -#else - DecodedCert dCert[1]; -#endif + WC_DECLARE_VAR(dCert, DecodedCert, 1, 0); WOLFSSL_ENTER("wolfSSL_X509_check_ip_asc"); @@ -15054,11 +14876,7 @@ int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, const WOLFSSL_EVP_MD *md) { int ret; -#ifdef WOLFSSL_SMALL_STACK - byte* der = NULL; -#else - byte der[2048]; -#endif + WC_DECLARE_VAR(der, byte, 2048, 0); int derSz = 2048; if (req == NULL || pkey == NULL || md == NULL) { @@ -15066,20 +14884,14 @@ int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, return WOLFSSL_FAILURE; } -#ifdef WOLFSSL_SMALL_STACK - der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (der == NULL) { - return WOLFSSL_FAILURE; - } -#endif + WC_ALLOC_VAR_EX(der, byte, derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return WOLFSSL_FAILURE); /* Create a Cert that has the certificate request fields. */ req->sigOID = wolfSSL_sigTypeFromPKEY((WOLFSSL_EVP_MD*)md, pkey); ret = wolfssl_x509_make_der(req, 1, der, &derSz, 0); if (ret != WOLFSSL_SUCCESS) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("Unable to make DER for X509"); WOLFSSL_LEAVE("wolfSSL_X509_REQ_sign", ret); return WOLFSSL_FAILURE; @@ -15087,14 +14899,10 @@ int wolfSSL_X509_REQ_sign(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey, if (wolfSSL_X509_resign_cert(req, 1, der, 2048, derSz, (WOLFSSL_EVP_MD*)md, pkey) <= 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_FAILURE; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); return WOLFSSL_SUCCESS; } @@ -15138,9 +14946,7 @@ static int regenX509REQDerBuffer(WOLFSSL_X509* x509) else { WOLFSSL_MSG("Unable to make DER for X509 REQ"); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -15767,11 +15573,7 @@ WOLFSSL_X509_ACERT * wolfSSL_X509_ACERT_load_certificate_buffer_ex( int ret = 0; WOLFSSL_X509_ACERT * x509 = NULL; DerBuffer * der = NULL; - #ifdef WOLFSSL_SMALL_STACK - DecodedAcert * acert = NULL; - #else - DecodedAcert acert[1]; - #endif + WC_DECLARE_VAR(acert, DecodedAcert, 1, 0); WOLFSSL_ENTER("wolfSSL_X509_ACERT_load_certificate_buffer"); @@ -15836,9 +15638,7 @@ WOLFSSL_X509_ACERT * wolfSSL_X509_ACERT_load_certificate_buffer_ex( FreeDecodedAcert(acert); - #ifdef WOLFSSL_SMALL_STACK - XFREE(acert, heap, DYNAMIC_TYPE_DCERT); - #endif + WC_FREE_VAR_EX(acert, heap, DYNAMIC_TYPE_DCERT); FreeDer(&der); diff --git a/src/x509_str.c b/src/x509_str.c index 81c43b7b45d..cbf82cc396a 100644 --- a/src/x509_str.c +++ b/src/x509_str.c @@ -125,11 +125,7 @@ static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm, WOLFSSL_X509 *x) { Signer* ca = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert = NULL; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); if (cm == NULL || x == NULL || x->derCert == NULL) { WOLFSSL_MSG("No cert DER buffer or NULL cm. Defining " @@ -137,11 +133,8 @@ static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm, return WOLFSSL_FAILURE; } -#ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); - if (cert == NULL) - return WOLFSSL_FAILURE; -#endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, + return WOLFSSL_FAILURE); /* Use existing CA retrieval APIs that use DecodedCert. */ InitDecodedCert(cert, x->derCert->buffer, x->derCert->length, cm->heap); @@ -157,9 +150,7 @@ static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm, #endif /* NO SKID */ } FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_DCERT); if (ca == NULL) return WOLFSSL_FAILURE; @@ -1669,11 +1660,7 @@ int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, WOLFSSL_CTX* ctx; char *name = NULL; int ret = WOLFSSL_SUCCESS; -#ifdef WOLFSSL_SMALL_STACK - ReadDirCtx* readCtx = NULL; -#else - ReadDirCtx readCtx[1]; -#endif + WC_DECLARE_VAR(readCtx, ReadDirCtx, 1, 0); WOLFSSL_ENTER("wolfSSL_X509_STORE_load_locations"); @@ -1749,9 +1736,7 @@ int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str, ret = WOLFSSL_FAILURE; } - #ifdef WOLFSSL_SMALL_STACK - XFREE(readCtx, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(readCtx, ctx->heap, DYNAMIC_TYPE_TMP_BUFFER); } ctx->cm = NULL; diff --git a/tests/api.c b/tests/api.c index 977e400ea87..148ec6ce08b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -14495,11 +14495,7 @@ static int test_wolfSSL_X509_ACERT_asn(void) 0x65, 0x72, 0x2e, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65}; DerBuffer * der = NULL; -#ifdef WOLFSSL_SMALL_STACK - DecodedAcert * acert = NULL; -#else - DecodedAcert acert[1]; -#endif + WC_DECLARE_VAR(acert, DecodedAcert, 1, 0); rc = wc_PemToDer(acert_ietf, sizeof(acert_ietf), ACERT_TYPE, &der, HEAP_HINT, NULL, NULL); diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 1642489b4e9..a4f2df83a80 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -9912,10 +9912,8 @@ void bench_mlkem(int type) wc_KyberKey_Free(key2); wc_KyberKey_Free(key1); -#ifdef WOLFSSL_SMALL_STACK - XFREE(key1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(key2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(key1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(key2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); } #endif diff --git a/wolfcrypt/src/aes.c b/wolfcrypt/src/aes.c index a6b88af3858..46531f28b01 100644 --- a/wolfcrypt/src/aes.c +++ b/wolfcrypt/src/aes.c @@ -808,11 +808,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits const unsigned char* userKey, const int bits, Aes* aes) { word32 nr; -#ifdef WOLFSSL_SMALL_STACK - Aes *temp_key; -#else - Aes temp_key[1]; -#endif + WC_DECLARE_VAR(temp_key, Aes, 1, 0); __m128i *Key_Schedule; __m128i *Temp_Key_Schedule; @@ -829,9 +825,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits if (AES_set_encrypt_key_AESNI(userKey,bits,temp_key) == WC_NO_ERR_TRACE(BAD_FUNC_ARG)) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(temp_key, aes->heap, DYNAMIC_TYPE_AES); return BAD_FUNC_ARG; } @@ -864,9 +858,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits Key_Schedule[0] = Temp_Key_Schedule[nr]; -#ifdef WOLFSSL_SMALL_STACK - XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(temp_key, aes->heap, DYNAMIC_TYPE_AES); return 0; } @@ -11008,11 +11000,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, const byte* authIn, word32 authInSz, byte* authTag, word32 authTagSz, WC_RNG* rng) { -#ifdef WOLFSSL_SMALL_STACK - Aes *aes; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int ret; if (key == NULL || iv == NULL || (authIn == NULL && authInSz != 0) || @@ -11052,11 +11040,7 @@ int wc_GmacVerify(const byte* key, word32 keySz, { int ret; #ifdef HAVE_AES_DECRYPT -#ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); if (key == NULL || iv == NULL || (authIn == NULL && authInSz != 0) || authTag == NULL || authTagSz == 0 || authTagSz > WC_AES_BLOCK_SIZE) { @@ -12865,11 +12849,7 @@ int wc_AesKeyWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out, int wc_AesKeyWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv) { -#ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int ret; if (key == NULL) @@ -12896,9 +12876,7 @@ int wc_AesKeyWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, wc_AesFree(aes); out: -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); return ret; } @@ -12980,11 +12958,7 @@ int wc_AesKeyUnWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out, int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, byte* out, word32 outSz, const byte* iv) { -#ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int ret; (void)iv; @@ -13014,9 +12988,7 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz, wc_AesFree(aes); out: -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); return ret; } @@ -14434,13 +14406,9 @@ static WARN_UNUSED_RESULT int S2V( if (ret == 0) { if (dataSz >= WC_AES_BLOCK_SIZE) { - #ifdef WOLFSSL_SMALL_STACK - cmac = (Cmac*)XMALLOC(sizeof(Cmac), NULL, DYNAMIC_TYPE_CMAC); - if (cmac == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(cmac, Cmac, 1, NULL, DYNAMIC_TYPE_CMAC, + ret=MEMORY_E); + if (WC_VAR_OK(cmac)) { #ifdef WOLFSSL_CHECK_MEM_ZERO /* Aes part is checked by wc_AesFree. */ @@ -14499,11 +14467,7 @@ static WARN_UNUSED_RESULT int AesSivCipher( int enc) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); byte sivTmp[WC_AES_BLOCK_SIZE]; if (key == NULL || siv == NULL || out == NULL) { @@ -15155,11 +15119,7 @@ int wc_AesCtsEncrypt(const byte* key, word32 keySz, byte* out, const byte* in, word32 inSz, const byte* iv) { -#ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int ret = 0; word32 outSz = inSz; @@ -15193,11 +15153,7 @@ int wc_AesCtsDecrypt(const byte* key, word32 keySz, byte* out, const byte* in, word32 inSz, const byte* iv) { -#ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int ret = 0; word32 outSz = inSz; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 4258f7edaeb..6d6383391c4 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -3965,11 +3965,7 @@ int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz) { int ret = 0; word32 i, j; -#ifdef WOLFSSL_SMALL_STACK - IndefItems* indefItems = NULL; -#else - IndefItems indefItems[1]; -#endif + WC_DECLARE_VAR(indefItems, IndefItems, 1, 0); byte tag, basic; word32 length; int indef; @@ -3977,14 +3973,8 @@ int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz) if (ber == NULL || derSz == NULL) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - indefItems = (IndefItems *)XMALLOC(sizeof(IndefItems), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (indefItems == NULL) { - ret = MEMORY_E; - goto end; - } -#endif + WC_ALLOC_VAR_EX(indefItems, IndefItems, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + {ret=MEMORY_E;goto end;}); XMEMSET(indefItems, 0, sizeof(*indefItems)); @@ -4169,9 +4159,7 @@ int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz) ret = WC_NO_ERR_TRACE(LENGTH_ONLY_E); } end: -#ifdef WOLFSSL_SMALL_STACK - XFREE(indefItems, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(indefItems, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } #endif @@ -8591,18 +8579,14 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, #endif if ((ret = wc_InitRsaKey(a, heap)) < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_RSA); - XFREE(a, NULL, DYNAMIC_TYPE_RSA); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_RSA); + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_RSA); return ret; } if ((ret = wc_InitRsaKey(b, heap)) < 0) { wc_FreeRsaKey(a); - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_RSA); - XFREE(a, NULL, DYNAMIC_TYPE_RSA); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_RSA); + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_RSA); return ret; } if ((ret = wc_RsaPrivateKeyDecode(privKey, &keyIdx, a, privKeySz)) == 0) { @@ -8627,10 +8611,8 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, } wc_FreeRsaKey(b); wc_FreeRsaKey(a); - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_RSA); - XFREE(a, NULL, DYNAMIC_TYPE_RSA); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_RSA); + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_RSA); } else #endif /* !NO_RSA && !NO_ASN_CRYPT */ @@ -8659,10 +8641,8 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, #endif if ((ret = wc_ecc_init_ex(key_pair, heap, INVALID_DEVID)) < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_ECC); return ret; } @@ -8713,24 +8693,14 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT) && !defined(NO_ASN_CRYPT) if (ks == ED25519k) { - #ifdef WOLFSSL_SMALL_STACK - ed25519_key* key_pair; - #else - ed25519_key key_pair[1]; - #endif + WC_DECLARE_VAR(key_pair, ed25519_key, 1, 0); word32 keyIdx = 0; - #ifdef WOLFSSL_SMALL_STACK - key_pair = (ed25519_key*)XMALLOC(sizeof(ed25519_key), NULL, - DYNAMIC_TYPE_ED25519); - if (key_pair == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(key_pair, ed25519_key, 1, NULL, DYNAMIC_TYPE_ED25519, + return MEMORY_E); if ((ret = wc_ed25519_init_ex(key_pair, heap, INVALID_DEVID)) < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_ED25519); return ret; } if ((ret = wc_Ed25519PrivateKeyDecode(privKey, &keyIdx, key_pair, @@ -8754,33 +8724,21 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, WOLFSSL_ERROR_VERBOSE(ret); } wc_ed25519_free(key_pair); - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_ED25519); } else #endif /* HAVE_ED25519 && HAVE_ED25519_KEY_IMPORT && !NO_ASN_CRYPT */ #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT) && !defined(NO_ASN_CRYPT) if (ks == ED448k) { - #ifdef WOLFSSL_SMALL_STACK - ed448_key* key_pair = NULL; - #else - ed448_key key_pair[1]; - #endif + WC_DECLARE_VAR(key_pair, ed448_key, 1, 0); word32 keyIdx = 0; - #ifdef WOLFSSL_SMALL_STACK - key_pair = (ed448_key*)XMALLOC(sizeof(ed448_key), NULL, - DYNAMIC_TYPE_ED448); - if (key_pair == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(key_pair, ed448_key, 1, NULL, DYNAMIC_TYPE_ED448, + return MEMORY_E); if ((ret = wc_ed448_init_ex(key_pair, heap, INVALID_DEVID)) < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_ED448); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_ED448); return ret; } if ((ret = wc_Ed448PrivateKeyDecode(privKey, &keyIdx, key_pair, @@ -8804,32 +8762,20 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, WOLFSSL_ERROR_VERBOSE(ret); } wc_ed448_free(key_pair); - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_ED448); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_ED448); } else #endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */ #if defined(HAVE_FALCON) if ((ks == FALCON_LEVEL1k) || (ks == FALCON_LEVEL5k)) { - #ifdef WOLFSSL_SMALL_STACK - falcon_key* key_pair = NULL; - #else - falcon_key key_pair[1]; - #endif + WC_DECLARE_VAR(key_pair, falcon_key, 1, 0); word32 keyIdx = 0; - #ifdef WOLFSSL_SMALL_STACK - key_pair = (falcon_key*)XMALLOC(sizeof(falcon_key), NULL, - DYNAMIC_TYPE_FALCON); - if (key_pair == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(key_pair, falcon_key, 1, NULL, DYNAMIC_TYPE_FALCON, + return MEMORY_E); ret = wc_falcon_init(key_pair); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_FALCON); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_FALCON); return ret; } @@ -8841,9 +8787,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, } if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_FALCON); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_FALCON); return ret; } if ((ret = wc_Falcon_PrivateKeyDecode(privKey, &keyIdx, key_pair, @@ -8865,9 +8809,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, WOLFSSL_ERROR_VERBOSE(ret); } wc_falcon_free(key_pair); - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_FALCON); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_FALCON); } else #endif /* HAVE_FALCON */ @@ -8882,24 +8824,14 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, || (ks == DILITHIUM_LEVEL5k) #endif ) { - #ifdef WOLFSSL_SMALL_STACK - dilithium_key* key_pair = NULL; - #else - dilithium_key key_pair[1]; - #endif + WC_DECLARE_VAR(key_pair, dilithium_key, 1, 0); word32 keyIdx = 0; - #ifdef WOLFSSL_SMALL_STACK - key_pair = (dilithium_key*)XMALLOC(sizeof(dilithium_key), NULL, - DYNAMIC_TYPE_DILITHIUM); - if (key_pair == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(key_pair, dilithium_key, 1, NULL, + DYNAMIC_TYPE_DILITHIUM, return MEMORY_E); ret = wc_dilithium_init(key_pair); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_DILITHIUM); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_DILITHIUM); return ret; } @@ -8926,9 +8858,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, #endif if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_DILITHIUM); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_DILITHIUM); return ret; } if ((ret = wc_Dilithium_PrivateKeyDecode(privKey, &keyIdx, key_pair, @@ -8943,9 +8873,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, } } wc_dilithium_free(key_pair); - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_DILITHIUM); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_DILITHIUM); } else #endif /* HAVE_DILITHIUM && !WOLFSSL_DILITHIUM_VERIFY_ONLY */ @@ -8956,24 +8884,14 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, (ks == SPHINCS_SMALL_LEVEL1k) || (ks == SPHINCS_SMALL_LEVEL3k) || (ks == SPHINCS_SMALL_LEVEL5k)) { - #ifdef WOLFSSL_SMALL_STACK - sphincs_key* key_pair = NULL; - #else - sphincs_key key_pair[1]; - #endif + WC_DECLARE_VAR(key_pair, sphincs_key, 1, 0); word32 keyIdx = 0; - #ifdef WOLFSSL_SMALL_STACK - key_pair = (sphincs_key*)XMALLOC(sizeof(sphincs_key), NULL, - DYNAMIC_TYPE_SPHINCS); - if (key_pair == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(key_pair, sphincs_key, 1, NULL, DYNAMIC_TYPE_SPHINCS, + return MEMORY_E); ret = wc_sphincs_init(key_pair); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_SPHINCS); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_SPHINCS); return ret; } @@ -8997,9 +8915,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, } if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_SPHINCS); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_SPHINCS); return ret; } if ((ret = wc_Sphincs_PrivateKeyDecode(privKey, &keyIdx, key_pair, @@ -9014,9 +8930,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, } } wc_sphincs_free(key_pair); - #ifdef WOLFSSL_SMALL_STACK - XFREE(key_pair, NULL, DYNAMIC_TYPE_SPHINCS); - #endif + WC_FREE_VAR_EX(key_pair, NULL, DYNAMIC_TYPE_SPHINCS); } else #endif /* HAVE_SPHINCS */ @@ -9684,11 +9598,7 @@ int wc_EncryptPKCS8Key_ex(byte* key, word32 keySz, byte* out, word32* outSz, int encAlgId, byte* salt, word32 saltSz, int itt, int hmacOid, WC_RNG* rng, void* heap) { -#ifdef WOLFSSL_SMALL_STACK - byte* saltTmp = NULL; -#else - byte saltTmp[MAX_SALT_SIZE]; -#endif + WC_DECLARE_VAR(saltTmp, byte, MAX_SALT_SIZE, 0); int genSalt = 0; int ret = 0; int version = 0; @@ -9790,13 +9700,9 @@ int wc_EncryptPKCS8Key_ex(byte* key, word32 keySz, byte* out, word32* outSz, } if (genSalt == 1) { - #ifdef WOLFSSL_SMALL_STACK - saltTmp = (byte*)XMALLOC(saltSz, heap, DYNAMIC_TYPE_TMP_BUFFER); - if (saltTmp == NULL) { - ret = MEMORY_E; - } - else - #endif + WC_ALLOC_VAR_EX(saltTmp, byte, saltSz, heap, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); + if (WC_VAR_OK(saltTmp)) { salt = saltTmp; if ((ret = wc_RNG_GenerateBlock(rng, saltTmp, saltSz)) != 0) { @@ -9865,9 +9771,7 @@ int wc_EncryptPKCS8Key_ex(byte* key, word32 keySz, byte* out, word32* outSz, ret = (int)idx; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_LEAVE("wc_EncryptPKCS8Key_ex", ret); @@ -10117,12 +10021,8 @@ int DecryptContent(byte* input, word32 sz, const char* password, int passwordSz) ERROR_OUT(ASN_PARSE_E, exit_dc); } -#ifdef WOLFSSL_SMALL_STACK - salt = (byte*)XMALLOC(MAX_SALT_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (salt == NULL) { - ERROR_OUT(MEMORY_E, exit_dc); - } -#endif + WC_ALLOC_VAR_EX(salt, byte, MAX_SALT_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ERROR_OUT(MEMORY_E,exit_dc)); XMEMCPY(salt, &input[inOutIdx], (size_t)saltSz); inOutIdx += (word32)saltSz; @@ -10154,12 +10054,8 @@ int DecryptContent(byte* input, word32 sz, const char* password, int passwordSz) shaOid = oid; } -#ifdef WOLFSSL_SMALL_STACK - cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (cbcIv == NULL) { - ERROR_OUT(MEMORY_E, exit_dc); - } -#endif + WC_ALLOC_VAR_EX(cbcIv, byte, MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ERROR_OUT(MEMORY_E,exit_dc)); if (version == PKCS5v2) { /* get encryption algo */ @@ -10202,10 +10098,8 @@ int DecryptContent(byte* input, word32 sz, const char* password, int passwordSz) input + inOutIdx, length, version, cbcIv, 0, (int)shaOid); exit_dc: -#ifdef WOLFSSL_SMALL_STACK - XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); if (ret == 0) { XMEMMOVE(input, input + inOutIdx, (size_t)length); @@ -10740,26 +10634,19 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, /* create random salt if one not provided */ if (salt == NULL || saltSz == 0) { saltSz = 8; - #ifdef WOLFSSL_SMALL_STACK - saltTmp = (byte*)XMALLOC(saltSz, heap, DYNAMIC_TYPE_TMP_BUFFER); - if (saltTmp == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(saltTmp, byte, saltSz, heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); salt = saltTmp; if ((ret = wc_RNG_GenerateBlock(rng, saltTmp, saltSz)) != 0) { WOLFSSL_MSG("Error generating random salt"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } } inOutIdx += SetOctetString(saltSz, out + inOutIdx); if (saltSz + inOutIdx > *outSz) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return BUFFER_E; } XMEMCPY(out + inOutIdx, salt, saltSz); @@ -10768,16 +10655,12 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, /* place iteration setting in buffer */ ret = SetShortInt(out, &inOutIdx, (word32)itt, *outSz); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } if (inOutIdx + 1 > *outSz) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return BUFFER_E; } out[inOutIdx++] = ASN_CONTEXT_SPECIFIC | 0; @@ -10785,9 +10668,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, /* get pad size and verify buffer room */ sz = wc_PkcsPad(NULL, inputSz, (word32)blockSz); if (sz + inOutIdx > *outSz) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return BUFFER_E; } inOutIdx += SetLength(sz, out + inOutIdx); @@ -10807,17 +10688,13 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz, if ((ret = wc_CryptKey(password, passwordSz, salt, (int)saltSz, itt, id, out + inOutIdx, (int)sz, version, cbcIv, 1, 0)) < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; /* encrypt failure */ } -#ifdef WOLFSSL_SMALL_STACK - XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER); (void)rng; @@ -12459,64 +12336,44 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) } /* p */ -#ifdef WOLFSSL_SMALL_STACK - p = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - if (p == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(p, byte, MAX_DSA_INT_SZ, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); if ((pSz = SetASNIntMP(&key->p, MAX_DSA_INT_SZ, p)) < 0) { WOLFSSL_MSG("SetASNIntMP Error with p"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); return pSz; } /* q */ -#ifdef WOLFSSL_SMALL_STACK - q = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - if (q == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(q, byte, MAX_DSA_INT_SZ, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); if ((qSz = SetASNIntMP(&key->q, MAX_DSA_INT_SZ, q)) < 0) { WOLFSSL_MSG("SetASNIntMP Error with q"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); return qSz; } /* g */ -#ifdef WOLFSSL_SMALL_STACK - g = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - if (g == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(g, byte, MAX_DSA_INT_SZ, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); if ((gSz = SetASNIntMP(&key->g, MAX_DSA_INT_SZ, g)) < 0) { WOLFSSL_MSG("SetASNIntMP Error with g"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); return gSz; } /* y */ -#ifdef WOLFSSL_SMALL_STACK - y = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - if (y == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(y, byte, MAX_DSA_INT_SZ, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); if ((ySz = SetASNIntMP(&key->y, MAX_DSA_INT_SZ, y)) < 0) { WOLFSSL_MSG("SetASNIntMP Error with y"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); return ySz; } @@ -12549,13 +12406,11 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) if ((idx + algoSz + bitStringSz + innerSeqSz + (word32)(pSz + qSz + gSz + ySz)) > (word32)outLen) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("Error, output size smaller than outlen"); return BUFFER_E; } @@ -12566,20 +12421,16 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) /* algo */ XMEMCPY(output + idx, algo, algoSz); idx += algoSz; -#ifdef WOLFSSL_SMALL_STACK - XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER); } else { innerSeqSz = SetSequence((word32)(pSz + qSz + gSz + ySz), innerSeq); /* check output size */ if ((innerSeqSz + (word32)(pSz + qSz + gSz + ySz)) > (word32)outLen) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("Error, output size smaller than outlen"); return BUFFER_E; } @@ -12608,12 +12459,10 @@ int wc_SetDsaPublicKey(byte* output, DsaKey* key, int outLen, int with_header) XMEMCPY(output + idx, y, (size_t)ySz); idx += (word32)ySz; -#ifdef WOLFSSL_SMALL_STACK - XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER); return (int)idx; #else DECL_ASNSETDATA(dataASN, dsaPubKeyASN_Length); @@ -25038,18 +24887,12 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, } FreeSignatureCtx(sigCtx); -#ifdef WOLFSSL_SMALL_STACK - XFREE(sigCtx, heap, DYNAMIC_TYPE_SIGNATURE); -#endif + WC_FREE_VAR_EX(sigCtx, heap, DYNAMIC_TYPE_SIGNATURE); return ret; #else /* WOLFSSL_ASN_TEMPLATE */ /* X509 ASN.1 template longer than Certificate Request template. */ DECL_ASNGETDATA(dataASN, x509CertASN_Length); -#ifndef WOLFSSL_SMALL_STACK - SignatureCtx sigCtx[1]; -#else - SignatureCtx* sigCtx = NULL; -#endif + WC_DECLARE_VAR(sigCtx, SignatureCtx, 1, 0); byte hash[KEYID_SIZE]; Signer* ca = NULL; int ret = 0; @@ -25228,14 +25071,9 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - sigCtx = (SignatureCtx*)XMALLOC(sizeof(*sigCtx), heap, - DYNAMIC_TYPE_SIGNATURE); - if (sigCtx == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(sigCtx, SignatureCtx, 1, heap, DYNAMIC_TYPE_SIGNATURE, + ret=MEMORY_E); + if (WC_VAR_OK(sigCtx)) { InitSignatureCtx(sigCtx, heap, INVALID_DEVID); @@ -25248,9 +25086,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap, } FreeSignatureCtx(sigCtx); - #ifdef WOLFSSL_SMALL_STACK - XFREE(sigCtx, heap, DYNAMIC_TYPE_SIGNATURE); - #endif + WC_FREE_VAR_EX(sigCtx, heap, DYNAMIC_TYPE_SIGNATURE); } } @@ -25416,11 +25252,7 @@ int wc_GetSubjectPubKeyInfoDerFromCert(const byte* certDer, byte* pubKeyDer, word32* pubKeyDerSz) { -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* cert; -#else - DecodedCert cert[1]; -#endif + WC_DECLARE_VAR(cert, DecodedCert, 1, 0); int ret; word32 startIdx; word32 idx; @@ -25431,11 +25263,8 @@ int wc_GetSubjectPubKeyInfoDerFromCert(const byte* certDer, return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(*cert), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (cert == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); length = 0; badDate = 0; @@ -25474,9 +25303,7 @@ int wc_GetSubjectPubKeyInfoDerFromCert(const byte* certDer, *pubKeyDerSz = length; wc_FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(cert, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -26047,9 +25874,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm, cert->altSigValLen, cert->altSigAlgOID, NULL, 0, NULL); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(der, cert->heap, DYNAMIC_TYPE_DCERT); - #endif /* WOLFSSL_SMALL_STACK */ + WC_FREE_VAR_EX(der, cert->heap, DYNAMIC_TYPE_DCERT); if (ret != 0) { WOLFSSL_MSG("Confirm alternative signature failed"); @@ -26120,9 +25945,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm, cert->altSigValLen, cert->altSigAlgOID, NULL, 0, NULL); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(der, cert->heap, DYNAMIC_TYPE_DCERT); - #endif /* WOLFSSL_SMALL_STACK */ + WC_FREE_VAR_EX(der, cert->heap, DYNAMIC_TYPE_DCERT); if (ret != 0) { WOLFSSL_MSG("Confirm alternative signature failed"); @@ -27204,10 +27027,8 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz, #ifdef WOLFSSL_ENCRYPTED_KEYS err = wc_EncryptedInfoAppend(header, (int)headerLen, (char*)cipher_info); if (err != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } #endif @@ -27217,10 +27038,8 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz, /* if null output and 0 size passed in then return size needed */ if (!output && outSz == 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); outLen = 0; if ((err = Base64_Encode(der, derSz, NULL, (word32*)&outLen)) != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) { @@ -27231,19 +27050,15 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz, } if (!der || !output) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); return BAD_FUNC_ARG; } /* don't even try if outSz too short */ if (outSz < (word32)headerLen + (word32)footerLen + derSz) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); return BAD_FUNC_ARG; } @@ -27251,16 +27066,12 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz, XMEMCPY(output, header, (size_t)headerLen); i = (int)headerLen; -#ifdef WOLFSSL_SMALL_STACK - XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); /* body */ outLen = (int)outSz - (int)(headerLen + footerLen); /* input to Base64_Encode */ if ( (err = Base64_Encode(der, derSz, output + i, (word32*)&outLen)) < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_ERROR_VERBOSE(err); return err; } @@ -27268,16 +27079,12 @@ int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz, /* footer */ if ( (i + (int)footerLen) > (int)outSz) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); return BAD_FUNC_ARG; } XMEMCPY(output + i, footer, (size_t)footerLen); -#ifdef WOLFSSL_SMALL_STACK - XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); return outLen + (int)headerLen + (int)footerLen; } @@ -27612,11 +27419,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type, #ifdef WOLFSSL_ENCRYPTED_KEYS if (encrypted_key || header == BEGIN_ENC_PRIV_KEY) { int passwordSz = NAME_SZ; - #ifdef WOLFSSL_SMALL_STACK - char* password = NULL; - #else - char password[NAME_SZ]; - #endif + WC_DECLARE_VAR(password, char, NAME_SZ, 0); if (!info || !info->passwd_cb) { WOLFSSL_MSG("No password callback set"); @@ -27781,11 +27584,7 @@ int wc_KeyPemToDer(const unsigned char* pem, int pemSz, { int ret; DerBuffer* der = NULL; -#ifdef WOLFSSL_SMALL_STACK - EncryptedInfo* info = NULL; -#else - EncryptedInfo info[1]; -#endif + WC_DECLARE_VAR(info, EncryptedInfo, 1, 0); WOLFSSL_ENTER("wc_KeyPemToDer"); @@ -27794,12 +27593,8 @@ int wc_KeyPemToDer(const unsigned char* pem, int pemSz, return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL, - DYNAMIC_TYPE_ENCRYPTEDINFO); - if (info == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(info, EncryptedInfo, 1, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO, + return MEMORY_E); XMEMSET(info, 0, sizeof(EncryptedInfo)); #ifdef WOLFSSL_ENCRYPTED_KEYS @@ -27811,9 +27606,7 @@ int wc_KeyPemToDer(const unsigned char* pem, int pemSz, ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, info, NULL); -#ifdef WOLFSSL_SMALL_STACK - XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); -#endif + WC_FREE_VAR_EX(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); if (ret < 0 || der == NULL) { WOLFSSL_MSG("Bad Pem To Der"); @@ -30549,11 +30342,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) int ret; int i; word32 idx, totalBytes = 0; -#ifdef WOLFSSL_SMALL_STACK - EncodedName* names = NULL; -#else - EncodedName names[NAME_ENTRIES]; -#endif + WC_DECLARE_VAR(names, EncodedName, NAME_ENTRIES, 0); #ifdef WOLFSSL_MULTI_ATTRIB EncodedName addNames[CTC_MAX_ATTRIB]; int j, type; @@ -30565,12 +30354,8 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) if (outputSz < 3) return BUFFER_E; -#ifdef WOLFSSL_SMALL_STACK - names = (EncodedName*)XMALLOC(sizeof(EncodedName) * NAME_ENTRIES, NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (names == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(names, EncodedName, NAME_ENTRIES, NULL, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); for (i = 0; i < NAME_ENTRIES; i++) { const char* nameStr = GetOneCertName(name, i); @@ -30578,9 +30363,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) ret = EncodeName(&names[i], nameStr, (byte)GetNameType(name, i), GetCertNameId(i), ASN_IA5_STRING, name); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("EncodeName failed"); return BUFFER_E; } @@ -30593,9 +30376,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) (byte)name->name[i].type, (byte)name->name[i].id, ASN_IA5_STRING, NULL); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("EncodeName on multiple attributes failed"); return BUFFER_E; } @@ -30611,9 +30392,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) idx = SetSequence(totalBytes, output); totalBytes += idx; if (totalBytes > WC_ASN_NAME_MAX) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("Total Bytes is greater than WC_ASN_NAME_MAX"); return BUFFER_E; } @@ -30624,9 +30403,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) for (j = 0; j < CTC_MAX_ATTRIB; j++) { if (name->name[j].sz > 0 && type == name->name[j].id) { if (outputSz < idx + (word32)addNames[j].totalLen) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_MSG("Not enough space left for DC value"); return BUFFER_E; } @@ -30640,9 +30417,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) if (names[i].used) { if (outputSz < idx + (word32)names[i].totalLen) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); return BUFFER_E; } @@ -30651,9 +30426,7 @@ int SetNameEx(byte* output, word32 outputSz, CertName* name, void* heap) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); (void)heap; return (int)totalBytes; @@ -32461,11 +32234,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, { #ifndef WOLFSSL_ASN_TEMPLATE int ret; -#ifdef WOLFSSL_SMALL_STACK - DerCert* der; -#else - DerCert der[1]; -#endif + WC_DECLARE_VAR(der, DerCert, 1, 0); if (derBuffer == NULL) return BAD_FUNC_ARG; @@ -32537,11 +32306,8 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, else return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - der = (DerCert*)XMALLOC(sizeof(DerCert), cert->heap, DYNAMIC_TYPE_TMP_BUFFER); - if (der == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(der, DerCert, 1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = EncodeCert(cert, der, rsaKey, eccKey, rng, dsaKey, ed25519Key, ed448Key, falconKey, dilithiumKey, sphincsKey); @@ -32552,9 +32318,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, ret = cert->bodySz = WriteCertBody(der, derBuffer); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(der, cert->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(der, cert->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; #else @@ -33594,11 +33358,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, { #ifndef WOLFSSL_ASN_TEMPLATE int ret; -#ifdef WOLFSSL_SMALL_STACK - DerCert* der; -#else - DerCert der[1]; -#endif + WC_DECLARE_VAR(der, DerCert, 1, 0); if (eccKey) cert->keyType = ECC_KEY; @@ -33667,12 +33427,8 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, else return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - der = (DerCert*)XMALLOC(sizeof(DerCert), cert->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (der == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(der, DerCert, 1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = EncodeCertReq(cert, der, rsaKey, dsaKey, eccKey, ed25519Key, ed448Key, falconKey, dilithiumKey, sphincsKey); @@ -33684,9 +33440,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, ret = cert->bodySz = WriteCertReqBody(der, derBuffer); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(der, cert->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(der, cert->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; #else @@ -34875,21 +34629,13 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz, int devId) { int ret; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* decoded; -#else - DecodedCert decoded[1]; -#endif + WC_DECLARE_VAR(decoded, DecodedCert, 1, 0); if (derSz < 0) return derSz; -#ifdef WOLFSSL_SMALL_STACK - decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cert->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (decoded == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(decoded, DecodedCert, 1, cert->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); InitDecodedCert_ex(decoded, der, (word32)derSz, NULL, devId); ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0, NULL); @@ -34902,9 +34648,7 @@ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz, } FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(decoded, cert->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(decoded, cert->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret < 0 ? ret : 0; } @@ -35074,21 +34818,13 @@ static void SetNameFromDcert(CertName* cn, DecodedCert* decoded) static int SetNameFromCert(CertName* cn, const byte* der, int derSz, int devId) { int ret; -#ifdef WOLFSSL_SMALL_STACK - DecodedCert* decoded; -#else - DecodedCert decoded[1]; -#endif + WC_DECLARE_VAR(decoded, DecodedCert, 1, 0); if (derSz < 0) return derSz; -#ifdef WOLFSSL_SMALL_STACK - decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (decoded == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(decoded, DecodedCert, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); InitDecodedCert_ex(decoded, der, (word32)derSz, NULL, devId); ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0, NULL); @@ -35102,9 +34838,7 @@ static int SetNameFromCert(CertName* cn, const byte* der, int derSz, int devId) FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret < 0 ? ret : 0; } @@ -36286,11 +36020,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, if (privSz > ECC_MAXSIZE) return BUFFER_E; -#ifdef WOLFSSL_SMALL_STACK - priv = (byte*)XMALLOC(privSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - if (priv == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(priv, byte, privSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); /* priv key */ XMEMCPY(priv, &input[*inOutIdx], (size_t)privSz); @@ -36339,13 +36070,9 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, if (pubSz > 2*(ECC_MAXSIZE+1)) ret = BUFFER_E; else { - #ifdef WOLFSSL_SMALL_STACK - pub = (byte*)XMALLOC(pubSz, key->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (pub == NULL) - ret = MEMORY_E; - else - #endif + WC_ALLOC_VAR_EX(pub, byte, pubSz, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); + if (WC_VAR_OK(pub)) { XMEMCPY(pub, &input[*inOutIdx], (size_t)pubSz); *inOutIdx += (word32)length; @@ -36361,10 +36088,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, (word32)pubSz, key, curve_id); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(priv, key->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(priv, key->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; #else @@ -43895,11 +43620,7 @@ static int acert_sig_verify(const byte * acinfo, word32 acinfoSz, word32 sigOID, const byte * sigParams, word32 sigParamsSz, void * heap) { -#ifndef WOLFSSL_SMALL_STACK - SignatureCtx sigCtx[1]; -#else - SignatureCtx * sigCtx = NULL; -#endif + WC_DECLARE_VAR(sigCtx, SignatureCtx, 1, 0); int ret = 0; #ifdef WOLFSSL_SMALL_STACK diff --git a/wolfcrypt/src/blake2b.c b/wolfcrypt/src/blake2b.c index b28e9c0554d..1f473cdd17b 100644 --- a/wolfcrypt/src/blake2b.c +++ b/wolfcrypt/src/blake2b.c @@ -198,9 +198,7 @@ int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */ /* memory */ -#ifdef WOLFSSL_SMALL_STACK - XFREE(block, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(block, NULL, DYNAMIC_TYPE_TMP_BUFFER); } return ret; } @@ -319,9 +317,7 @@ int blake2b_update( blake2b_state *S, const byte *in, word64 inlen ) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -377,9 +373,7 @@ int blake2b_final( blake2b_state *S, byte *out, byte outlen ) out: -#ifdef WOLFSSL_SMALL_STACK - XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/blake2s.c b/wolfcrypt/src/blake2s.c index 5f264cd6650..cf5c9f2ffb4 100644 --- a/wolfcrypt/src/blake2s.c +++ b/wolfcrypt/src/blake2s.c @@ -194,9 +194,7 @@ int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, secure_zero_memory( block, BLAKE2S_BLOCKBYTES ); /* Burn the key from */ /* memory */ -#ifdef WOLFSSL_SMALL_STACK - XFREE(block, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(block, NULL, DYNAMIC_TYPE_TMP_BUFFER); } return ret; } @@ -313,9 +311,7 @@ int blake2s_update( blake2s_state *S, const byte *in, word32 inlen ) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -369,9 +365,7 @@ int blake2s_final( blake2s_state *S, byte *out, byte outlen ) out: -#ifdef WOLFSSL_SMALL_STACK - XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/camellia.c b/wolfcrypt/src/camellia.c index 9a15ba05dc2..607b30183fd 100644 --- a/wolfcrypt/src/camellia.c +++ b/wolfcrypt/src/camellia.c @@ -704,10 +704,8 @@ static int camellia_setup128(const unsigned char *key, u32 *subkey) dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; -#ifdef WOLFSSL_SMALL_STACK - XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -1011,10 +1009,8 @@ static int camellia_setup256(const unsigned char *key, u32 *subkey) dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; -#ifdef WOLFSSL_SMALL_STACK - XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } diff --git a/wolfcrypt/src/chacha20_poly1305.c b/wolfcrypt/src/chacha20_poly1305.c index 0503726bf7b..94eb5ea89bd 100644 --- a/wolfcrypt/src/chacha20_poly1305.c +++ b/wolfcrypt/src/chacha20_poly1305.c @@ -51,11 +51,7 @@ int wc_ChaCha20Poly1305_Encrypt( byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]) { int ret; -#ifdef WOLFSSL_SMALL_STACK - ChaChaPoly_Aead *aead = NULL; -#else - ChaChaPoly_Aead aead[1]; -#endif + WC_DECLARE_VAR(aead, ChaChaPoly_Aead, 1, 0); /* Validate function arguments */ if (!inKey || !inIV || @@ -66,12 +62,8 @@ int wc_ChaCha20Poly1305_Encrypt( return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - aead = (ChaChaPoly_Aead *)XMALLOC(sizeof(*aead), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (aead == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(aead, ChaChaPoly_Aead, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_ChaCha20Poly1305_Init(aead, inKey, inIV, CHACHA20_POLY1305_AEAD_ENCRYPT); @@ -83,9 +75,7 @@ int wc_ChaCha20Poly1305_Encrypt( if (ret == 0) ret = wc_ChaCha20Poly1305_Final(aead, outAuthTag); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -100,11 +90,7 @@ int wc_ChaCha20Poly1305_Decrypt( byte* outPlaintext) { int ret; -#ifdef WOLFSSL_SMALL_STACK - ChaChaPoly_Aead *aead = NULL; -#else - ChaChaPoly_Aead aead[1]; -#endif + WC_DECLARE_VAR(aead, ChaChaPoly_Aead, 1, 0); byte calculatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]; /* Validate function arguments */ @@ -116,12 +102,8 @@ int wc_ChaCha20Poly1305_Decrypt( return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - aead = (ChaChaPoly_Aead *)XMALLOC(sizeof(*aead), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (aead == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(aead, ChaChaPoly_Aead, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); XMEMSET(calculatedAuthTag, 0, sizeof(calculatedAuthTag)); @@ -137,9 +119,7 @@ int wc_ChaCha20Poly1305_Decrypt( if (ret == 0) ret = wc_ChaCha20Poly1305_CheckTag(inAuthTag, calculatedAuthTag); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(aead, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/cmac.c b/wolfcrypt/src/cmac.c index 0c7274f32f8..0d46054e28c 100644 --- a/wolfcrypt/src/cmac.c +++ b/wolfcrypt/src/cmac.c @@ -418,11 +418,7 @@ int wc_AesCmacGenerate(byte* out, word32* outSz, const byte* key, word32 keySz) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Cmac *cmac; -#else - Cmac cmac[1]; -#endif + WC_DECLARE_VAR(cmac, Cmac, 1, 0); if (out == NULL || (in == NULL && inSz > 0) || key == NULL || keySz == 0) { return BAD_FUNC_ARG; @@ -498,11 +494,7 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz, const byte* key, word32 keySz) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Cmac *cmac; -#else - Cmac cmac[1]; -#endif + WC_DECLARE_VAR(cmac, Cmac, 1, 0); if (check == NULL || checkSz == 0 || (in == NULL && inSz > 0) || key == NULL || keySz == 0) { diff --git a/wolfcrypt/src/des3.c b/wolfcrypt/src/des3.c index d38fa408d70..9c39196de63 100644 --- a/wolfcrypt/src/des3.c +++ b/wolfcrypt/src/des3.c @@ -1591,9 +1591,7 @@ } } - #ifdef WOLFSSL_SMALL_STACK - XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); } return 0; diff --git a/wolfcrypt/src/dilithium.c b/wolfcrypt/src/dilithium.c index 704bdd94cdb..ef3e71bd20c 100644 --- a/wolfcrypt/src/dilithium.c +++ b/wolfcrypt/src/dilithium.c @@ -2757,10 +2757,8 @@ static int wc_mldsa_gen_matrix_4x4_avx2(sword32* a, byte* seed) a += 4 * MLDSA_N; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -2904,10 +2902,8 @@ static int wc_mldsa_gen_matrix_6x5_avx2(sword32* a, byte* seed) MLDSA_N - ctr1, p, SHA3_128_BYTES); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -3013,10 +3009,8 @@ static int wc_mldsa_gen_matrix_8x7_avx2(sword32* a, byte* seed) a += 4 * MLDSA_N; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -3625,10 +3619,8 @@ static int wc_mldsa_gen_s_4_4_avx2(sword32* s[2], byte* seed) (ctr3 < MLDSA_N)); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -3780,10 +3772,8 @@ static int wc_mldsa_gen_s_5_6_avx2(sword32* s[2], byte* seed) /* Create more blocks if too many rejected. */ while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N)); -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -3937,10 +3927,8 @@ static int wc_mldsa_gen_s_7_8_avx2(sword32* s[2], byte* seed) /* Create more blocks if too many rejected. */ while ((ctr0 < MLDSA_N) || (ctr1 < MLDSA_N) || (ctr2 < MLDSA_N)); -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -4124,10 +4112,8 @@ static int wc_mldsa_gen_y_4_avx2(sword32* y, byte* seed, word16 kappa) wc_mldsa_decode_gamma1_17_avx2(rand + 3 * DILITHIUM_MAX_V, y + 3 * DILITHIUM_N); -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -4206,10 +4192,8 @@ static int wc_mldsa_gen_y_5_avx2(sword32* y, byte* seed, word16 kappa, wc_mldsa_decode_gamma1_19_avx2(rand, y + 4 * DILITHIUM_N); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -4303,10 +4287,8 @@ static int wc_mldsa_gen_y_7_avx2(sword32* y, byte* seed, word16 kappa) wc_mldsa_decode_gamma1_19_avx2(rand + 2 * DILITHIUM_MAX_V, y + 6 * DILITHIUM_N); -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -8256,11 +8238,7 @@ static int dilithium_sign_with_seed_mu(dilithium_key* key, /* Step 11: Start rejection sampling loop */ do { -#ifdef WOLFSSL_SMALL_STACK - byte *w1e = NULL; -#else - byte w1e[DILITHIUM_MAX_W1_ENC_SZ]; -#endif + WC_DECLARE_VAR(w1e, byte, DILITHIUM_MAX_W1_ENC_SZ, 0); sword32* w = w1; sword32* y_ntt = z; sword32* cs2 = ct0; @@ -8290,13 +8268,9 @@ static int dilithium_sign_with_seed_mu(dilithium_key* key, if (valid) { #endif /* Step 15: Encode w1. */ -#ifdef WOLFSSL_SMALL_STACK - w1e = (byte *)XMALLOC(DILITHIUM_MAX_W1_ENC_SZ, key->heap, - DYNAMIC_TYPE_DILITHIUM); - if (w1e == NULL) - ret = MEMORY_E; - if (ret == 0) -#endif + WC_ALLOC_VAR_EX(w1e, byte, DILITHIUM_MAX_W1_ENC_SZ, key->heap, + DYNAMIC_TYPE_DILITHIUM, ret=MEMORY_E); + if (WC_VAR_OK(w1e)) { dilithium_vec_encode_w1(w1, params->k, params->gamma2, w1e); /* Step 15: Hash mu and encoded w1. @@ -8365,9 +8339,7 @@ static int dilithium_sign_with_seed_mu(dilithium_key* key, } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(w1e, key->heap, DYNAMIC_TYPE_DILITHIUM); -#endif + WC_FREE_VAR_EX(w1e, key->heap, DYNAMIC_TYPE_DILITHIUM); } if (!valid) { diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 04d3cea5e94..77f0f87579a 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -1538,18 +1538,13 @@ static int xil_mpi_import(mp_int *mpi, return BUFFER_E; #endif -#ifdef WOLFSSL_SMALL_STACK - buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_PRIVATE_KEY); - if (buf == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(buf, byte, len, heap, DYNAMIC_TYPE_PRIVATE_KEY, + return MEMORY_E); buf_reverse(buf, inbuf, len); err = mp_read_unsigned_bin(mpi, buf, len); ForceZero(buf, len); -#ifdef WOLFSSL_SMALL_STACK - XFREE(buf, heap, DYNAMIC_TYPE_PRIVATE_KEY); -#endif + WC_FREE_VAR_EX(buf, heap, DYNAMIC_TYPE_PRIVATE_KEY); return err; } #endif @@ -3177,21 +3172,12 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q, #ifndef WC_NO_CACHE_RESISTANT /* First bit always 1 (fix at end) and swap equals first bit */ int swap = 1; -#ifdef WOLFSSL_SMALL_STACK - mp_int* tmp = NULL; -#else - mp_int tmp[1]; -#endif + WC_DECLARE_VAR(tmp, mp_int, 1, 0); #endif int infinity; #ifndef WC_NO_CACHE_RESISTANT -#ifdef WOLFSSL_SMALL_STACK - tmp = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC); - if (tmp == NULL) { - err = MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(tmp, mp_int, 1, NULL, DYNAMIC_TYPE_ECC, err=MEMORY_E); if (err == MP_OKAY) err = mp_init(tmp); #endif @@ -4391,10 +4377,8 @@ static int wc_ecc_cmp_param(const char* curveParam, #endif if ((err = mp_init_multi(a, b, NULL, NULL, NULL, NULL)) != MP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_ECC); - XFREE(b, NULL, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_ECC); return err; } @@ -4414,10 +4398,8 @@ static int wc_ecc_cmp_param(const char* curveParam, mp_clear(a); mp_clear(b); -#ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_ECC); - XFREE(a, NULL, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_ECC); return err; } @@ -4764,11 +4746,7 @@ int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point, int err = MP_OKAY; mp_int* k = ecc_get_k(private_key); #ifdef HAVE_ECC_CDH -#ifdef WOLFSSL_SMALL_STACK - mp_int *k_lcl = NULL; -#else - mp_int k_lcl[1]; -#endif + WC_DECLARE_VAR(k_lcl, mp_int, 1, 0); #endif #if defined(WOLFSSL_HAVE_SP_ECC) && defined(WC_ECC_NONBLOCK) && \ defined(WC_ECC_NONBLOCK_ONLY) @@ -4990,9 +4968,7 @@ int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point, #ifdef HAVE_ECC_CDH if (k == k_lcl) mp_clear(k); -#ifdef WOLFSSL_SMALL_STACK - XFREE(k_lcl, private_key->heap, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(k_lcl, private_key->heap, DYNAMIC_TYPE_ECC_BUFFER); #endif return err; @@ -6577,10 +6553,8 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen, error_out: ForceZero(K, MAX_ECC_BYTES); -#ifdef WOLFSSL_SMALL_STACK - XFREE(incopy, key->heap, DYNAMIC_TYPE_HASH_TMP); - XFREE(K, key->heap, DYNAMIC_TYPE_PRIVATE_KEY); -#endif + WC_FREE_VAR_EX(incopy, key->heap, DYNAMIC_TYPE_HASH_TMP); + WC_FREE_VAR_EX(K, key->heap, DYNAMIC_TYPE_PRIVATE_KEY); if (err) { ForceZero(out, keysize * 2); return err; @@ -7468,27 +7442,18 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng, #endif /* WOLFSSL_ASYNC_CRYPT && WC_ASYNC_ENABLE_ECC */ if (err == MP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - ecc_key* pubkey; - #else - ecc_key pubkey[1]; - #endif + WC_DECLARE_VAR(pubkey, ecc_key, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - pubkey = (ecc_key*)XMALLOC(sizeof(ecc_key), key->heap, DYNAMIC_TYPE_ECC); - if (pubkey == NULL) - err = MEMORY_E; - else - #endif + WC_ALLOC_VAR_EX(pubkey, ecc_key, 1, key->heap, DYNAMIC_TYPE_ECC, + err=MEMORY_E); + if (WC_VAR_OK(pubkey)) { /* don't use async for key, since we don't support async return here */ err = wc_ecc_init_ex(pubkey, key->heap, INVALID_DEVID); if (err == MP_OKAY) { err = ecc_sign_hash_sw(key, pubkey, rng, curve, e, r, s); wc_ecc_free(pubkey); - #ifdef WOLFSSL_SMALL_STACK - XFREE(pubkey, key->heap, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(pubkey, key->heap, DYNAMIC_TYPE_ECC); } } } @@ -8469,9 +8434,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, XFREE(key, heap, DYNAMIC_TYPE_ECC_BUFFER); C->key = NULL; #endif -#ifdef WOLFSSL_SMALL_STACK - XFREE(precomp, heap, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(precomp, heap, DYNAMIC_TYPE_ECC_BUFFER); #ifndef WOLFSSL_NO_MALLOC XFREE(tB, heap, DYNAMIC_TYPE_ECC_BUFFER); XFREE(tA, heap, DYNAMIC_TYPE_ECC_BUFFER); @@ -9628,10 +9591,8 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen, mp_clear(t1); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(t1, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(t2, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(t1, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(t2, NULL, DYNAMIC_TYPE_BIGINT); wc_ecc_curve_free(curve); FREE_CURVE_SPECS(); @@ -9693,11 +9654,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out, { int ret = MP_OKAY; word32 numlen; -#ifdef WOLFSSL_SMALL_STACK - byte* buf; -#else - byte buf[ECC_BUFSIZE]; -#endif + WC_DECLARE_VAR(buf, byte, ECC_BUFSIZE, 0); if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0)) return ECC_BAD_ARG_E; @@ -9727,11 +9684,8 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out, /* store byte point type */ out[0] = ECC_POINT_UNCOMP; -#ifdef WOLFSSL_SMALL_STACK - buf = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_ECC_BUFFER); - if (buf == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(buf, byte, ECC_BUFSIZE, NULL, DYNAMIC_TYPE_ECC_BUFFER, + return MEMORY_E); /* pad and store x */ XMEMSET(buf, 0, ECC_BUFSIZE); @@ -9752,9 +9706,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out, *outLen = 1 + 2*numlen; done: -#ifdef WOLFSSL_SMALL_STACK - XFREE(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER); return ret; } @@ -9768,11 +9720,7 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point, int ret = MP_OKAY; word32 numlen; word32 output_len; -#ifdef WOLFSSL_SMALL_STACK - byte* buf; -#else - byte buf[ECC_BUFSIZE]; -#endif + WC_DECLARE_VAR(buf, byte, ECC_BUFSIZE, 0); if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0)) return ECC_BAD_ARG_E; @@ -9804,11 +9752,8 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point, out[0] = mp_isodd(point->y) == MP_YES ? ECC_POINT_COMP_ODD : ECC_POINT_COMP_EVEN; -#ifdef WOLFSSL_SMALL_STACK - buf = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_ECC_BUFFER); - if (buf == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(buf, byte, ECC_BUFSIZE, NULL, DYNAMIC_TYPE_ECC_BUFFER, + return MEMORY_E); /* pad and store x */ XMEMSET(buf, 0, ECC_BUFSIZE); @@ -9821,9 +9766,7 @@ int wc_ecc_export_point_der_compressed(const int curve_idx, ecc_point* point, *outLen = output_len; done: -#ifdef WOLFSSL_SMALL_STACK - XFREE(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER); return ret; } @@ -9835,11 +9778,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen) { int ret = MP_OKAY; word32 numlen; -#ifdef WOLFSSL_SMALL_STACK - byte* buf; -#else - byte buf[ECC_BUFSIZE]; -#endif + WC_DECLARE_VAR(buf, byte, ECC_BUFSIZE, 0); word32 pubxlen, pubylen; /* return length needed only */ @@ -9895,11 +9834,8 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen) /* store byte point type */ out[0] = ECC_POINT_UNCOMP; -#ifdef WOLFSSL_SMALL_STACK - buf = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_ECC_BUFFER); - if (buf == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(buf, byte, ECC_BUFSIZE, NULL, DYNAMIC_TYPE_ECC_BUFFER, + return MEMORY_E); /* pad and store x */ XMEMSET(buf, 0, ECC_BUFSIZE); @@ -9918,9 +9854,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen) *outLen = 1 + 2*numlen; done: -#ifdef WOLFSSL_SMALL_STACK - XFREE(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(buf, NULL, DYNAMIC_TYPE_ECC_BUFFER); return ret; } @@ -9970,10 +9904,8 @@ static int _ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime) #endif if ((err = mp_init_multi(t1, t2, NULL, NULL, NULL, NULL)) != MP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(t2, NULL, DYNAMIC_TYPE_ECC); - XFREE(t1, NULL, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(t2, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(t1, NULL, DYNAMIC_TYPE_ECC); return err; } @@ -10049,10 +9981,8 @@ static int _ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime) RESTORE_VECTOR_REGISTERS(); -#ifdef WOLFSSL_SMALL_STACK - XFREE(t2, NULL, DYNAMIC_TYPE_ECC); - XFREE(t1, NULL, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(t2, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(t1, NULL, DYNAMIC_TYPE_ECC); return err; #else @@ -10336,20 +10266,15 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng) sigLen = (word32)wc_ecc_sig_size(key); digestLen = WC_SHA256_DIGEST_SIZE; -#ifdef WOLFSSL_SMALL_STACK - sig = (byte*)XMALLOC(sigLen + digestLen, key->heap, DYNAMIC_TYPE_ECC); - if (sig == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(sig, byte, sigLen+digestLen, key->heap, + DYNAMIC_TYPE_ECC, return MEMORY_E); digest = sig + sigLen; if (rng == NULL) { dynRng = 1; rng = wc_rng_new(NULL, 0, key->heap); if (rng == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(sig, key->heap, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(sig, key->heap, DYNAMIC_TYPE_ECC); return MEMORY_E; } } @@ -10370,9 +10295,7 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng) wc_rng_free(rng); } ForceZero(sig, sigLen + digestLen); -#ifdef WOLFSSL_SMALL_STACK - XFREE(sig, key->heap, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(sig, key->heap, DYNAMIC_TYPE_ECC); } (void)rng; @@ -10580,9 +10503,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv) * keys */ if (key->blackKey > 0) { /* encrypted key was used */ - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, key->heap, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(b, key->heap, DYNAMIC_TYPE_ECC); FREE_CURVE_SPECS(); return 0; } @@ -10592,9 +10513,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv) /* SP 800-56Ar3, section 5.6.2.3.4, process step 1 */ /* pubkey point cannot be at infinity */ if (wc_ecc_point_is_at_infinity(&key->pubkey)) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, key->heap, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(b, key->heap, DYNAMIC_TYPE_ECC); FREE_CURVE_SPECS(); return ECC_INF_E; } @@ -10676,9 +10595,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv) #ifndef USE_ECC_B_PARAM mp_clear(b); - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, key->heap, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(b, key->heap, DYNAMIC_TYPE_ECC); #endif FREE_CURVE_SPECS(); @@ -10905,10 +10822,8 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, mp_clear(t2); mp_clear(t1); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(t1, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(t2, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(t1, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(t2, NULL, DYNAMIC_TYPE_BIGINT); wc_ecc_curve_free(curve); FREE_CURVE_SPECS(); @@ -11311,18 +11226,10 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, #endif /* HAVE_WOLF_BIGINT */ #ifdef WOLFSSL_VALIDATE_ECC_IMPORT if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - mp_int* order = NULL; - #else - mp_int order[1]; - #endif + WC_DECLARE_VAR(order, mp_int, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - order = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_ECC); - if (order == NULL) { - ret = MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(order, mp_int, 1, key->heap, DYNAMIC_TYPE_ECC, + ret=MEMORY_E); if (ret == 0) { ret = mp_init(order); @@ -11341,9 +11248,7 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, ret = ECC_PRIV_KEY_E; } - #ifdef WOLFSSL_SMALL_STACK - XFREE(order, key->heap, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(order, key->heap, DYNAMIC_TYPE_ECC); } #endif /* WOLFSSL_VALIDATE_ECC_IMPORT */ #ifdef WOLFSSL_ECC_BLIND_K @@ -11425,10 +11330,8 @@ int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen) err = mp_init_multi(rtmp, stmp, NULL, NULL, NULL, NULL); if (err != MP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(stmp, NULL, DYNAMIC_TYPE_ECC); - XFREE(rtmp, NULL, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(stmp, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(rtmp, NULL, DYNAMIC_TYPE_ECC); return err; } @@ -11452,10 +11355,8 @@ int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen) mp_clear(rtmp); mp_clear(stmp); -#ifdef WOLFSSL_SMALL_STACK - XFREE(stmp, NULL, DYNAMIC_TYPE_ECC); - XFREE(rtmp, NULL, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(stmp, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(rtmp, NULL, DYNAMIC_TYPE_ECC); return err; } @@ -12634,11 +12535,7 @@ static int build_lut(int idx, mp_int* a, mp_int* modulus, mp_digit mp, { int err; unsigned x, y, bitlen, lut_gap; -#ifdef WOLFSSL_SMALL_STACK - mp_int *tmp = NULL; -#else - mp_int tmp[1]; -#endif + WC_DECLARE_VAR(tmp, mp_int, 1, 0); int infinity; #ifdef WOLFSSL_SMALL_STACK @@ -12764,9 +12661,7 @@ static int build_lut(int idx, mp_int* a, mp_int* modulus, mp_digit mp, errout: mp_clear(tmp); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_ECC_BUFFER); if (err == MP_OKAY) { fp_cache[idx].LUT_set = 1; @@ -13279,9 +13174,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, err = mp_init(mu); if (err != MP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); return err; } @@ -13294,9 +13187,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, #endif if (wc_LockMutex(&ecc_fp_lock) != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); return BAD_MUTEX_E; } #endif /* HAVE_THREAD_LS */ @@ -13391,9 +13282,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA, wc_UnLockMutex(&ecc_fp_lock); #endif /* HAVE_THREAD_LS */ mp_clear(mu); -#ifdef WOLFSSL_SMALL_STACK - XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); return err; } @@ -13416,11 +13305,7 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, #if !defined(WOLFSSL_SP_MATH) int idx, err = MP_OKAY; mp_digit mp = 0; -#ifdef WOLFSSL_SMALL_STACK - mp_int *mu = NULL; -#else - mp_int mu[1]; -#endif + WC_DECLARE_VAR(mu, mp_int, 1, 0); int mpSetup = 0; #ifndef HAVE_THREAD_LS int got_ecc_fp_lock = 0; @@ -13519,9 +13404,7 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, wc_UnLockMutex(&ecc_fp_lock); #endif /* HAVE_THREAD_LS */ mp_clear(mu); -#ifdef WOLFSSL_SMALL_STACK - XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); return err; @@ -13592,11 +13475,7 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, #if !defined(WOLFSSL_SP_MATH) int idx, err = MP_OKAY; mp_digit mp = 0; -#ifdef WOLFSSL_SMALL_STACK - mp_int *mu = NULL; -#else - mp_int mu[1]; -#endif + WC_DECLARE_VAR(mu, mp_int, 1, 0); int mpSetup = 0; #ifndef HAVE_THREAD_LS int got_ecc_fp_lock = 0; @@ -13696,9 +13575,7 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, wc_UnLockMutex(&ecc_fp_lock); #endif /* HAVE_THREAD_LS */ mp_clear(mu); -#ifdef WOLFSSL_SMALL_STACK - XFREE(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(mu, NULL, DYNAMIC_TYPE_ECC_BUFFER); return err; @@ -14457,9 +14334,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, } wc_AesFree(aes); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, ctx->heap, DYNAMIC_TYPE_AES); - #endif + WC_FREE_VAR_EX(aes, ctx->heap, DYNAMIC_TYPE_AES); #else ret = NOT_COMPILED_IN; #endif @@ -14500,9 +14375,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, } wc_AesFree(aes); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, ctx->heap, DYNAMIC_TYPE_AES); - #endif + WC_FREE_VAR_EX(aes, ctx->heap, DYNAMIC_TYPE_AES); #else ret = NOT_COMPILED_IN; #endif @@ -14546,9 +14419,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, ret = wc_HmacFinal(hmac, out+msgSz); wc_HmacFree(hmac); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(hmac, ctx->heap, DYNAMIC_TYPE_HMAC); - #endif + WC_FREE_VAR_EX(hmac, ctx->heap, DYNAMIC_TYPE_HMAC); break; } @@ -14570,10 +14441,8 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, RESTORE_VECTOR_REGISTERS(); -#ifdef WOLFSSL_SMALL_STACK - XFREE(sharedSecret, ctx->heap, DYNAMIC_TYPE_ECC_BUFFER); - XFREE(keys, ctx->heap, DYNAMIC_TYPE_ECC_BUFFER); -#endif + WC_FREE_VAR_EX(sharedSecret, ctx->heap, DYNAMIC_TYPE_ECC_BUFFER); + WC_FREE_VAR_EX(keys, ctx->heap, DYNAMIC_TYPE_ECC_BUFFER); return ret; } @@ -14603,11 +14472,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, byte iv[ECC_MAX_IV_SIZE]; #endif word32 pubKeySz = 0; -#ifdef WOLFSSL_SMALL_STACK - ecc_key* peerKey = NULL; -#else - ecc_key peerKey[1]; -#endif + WC_DECLARE_VAR(peerKey, ecc_key, 1, 0); #endif word32 digestSz = 0; ecEncCtx localCtx; @@ -14737,12 +14602,8 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, #ifndef WOLFSSL_ECIES_OLD if (pubKey == NULL) { -#ifdef WOLFSSL_SMALL_STACK - peerKey = (ecc_key*)XMALLOC(sizeof(*peerKey), ctx->heap, - DYNAMIC_TYPE_ECC_BUFFER); - if (peerKey == NULL) - ret = MEMORY_E; -#endif + WC_ALLOC_VAR_EX(peerKey, ecc_key, 1, ctx->heap, + DYNAMIC_TYPE_ECC_BUFFER, ret=MEMORY_E); pubKey = peerKey; } else { @@ -14882,9 +14743,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, wc_HmacFree(hmac); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(hmac, ctx->heap, DYNAMIC_TYPE_HMAC); - #endif + WC_FREE_VAR_EX(hmac, ctx->heap, DYNAMIC_TYPE_HMAC); break; } @@ -14924,9 +14783,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, } wc_AesFree(aes); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, ctx->heap, DYNAMIC_TYPE_AES); - #endif + WC_FREE_VAR_EX(aes, ctx->heap, DYNAMIC_TYPE_AES); break; } #endif @@ -14963,9 +14820,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, } wc_AesFree(aes); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, ctx->heap, DYNAMIC_TYPE_AES); - #endif + WC_FREE_VAR_EX(aes, ctx->heap, DYNAMIC_TYPE_AES); break; } #endif @@ -15045,10 +14900,8 @@ static int mp_jacobi(mp_int* a, mp_int* n, int* c) #endif if ((res = mp_init_multi(a1, n1, NULL, NULL, NULL, NULL)) != MP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(a1, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(n1, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a1, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(n1, NULL, DYNAMIC_TYPE_BIGINT); return res; } @@ -15117,10 +14970,8 @@ static int mp_jacobi(mp_int* a, mp_int* n, int* c) mp_clear(n1); mp_clear(a1); -#ifdef WOLFSSL_SMALL_STACK - XFREE(a1, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(n1, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a1, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(n1, NULL, DYNAMIC_TYPE_BIGINT); return res; } @@ -15655,11 +15506,7 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz, byte counter[4]; byte tmp[WC_MAX_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - wc_HashAlg* hash; -#else - wc_HashAlg hash[1]; -#endif + WC_DECLARE_VAR(hash, wc_HashAlg, 1, 0); if (secret == NULL || secretSz == 0 || out == NULL) return BAD_FUNC_ARG; @@ -15675,18 +15522,12 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz, return ret; digestSz = (word32)ret; -#ifdef WOLFSSL_SMALL_STACK - hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), NULL, - DYNAMIC_TYPE_HASHES); - if (hash == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(hash, wc_HashAlg, 1, NULL, DYNAMIC_TYPE_HASHES, + return MEMORY_E); ret = wc_HashInit(hash, type); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHES); -#endif + WC_FREE_VAR_EX(hash, NULL, DYNAMIC_TYPE_HASHES); return ret; } @@ -15728,9 +15569,7 @@ int wc_X963_KDF(enum wc_HashType type, const byte* secret, word32 secretSz, wc_HashFree(hash, type); -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHES); -#endif + WC_FREE_VAR_EX(hash, NULL, DYNAMIC_TYPE_HASHES); return ret; } diff --git a/wolfcrypt/src/evp.c b/wolfcrypt/src/evp.c index 2840f226760..a1a5777f938 100644 --- a/wolfcrypt/src/evp.c +++ b/wolfcrypt/src/evp.c @@ -4659,9 +4659,7 @@ static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx, if (ret == WOLFSSL_SUCCESS) ret = wc_HmacFinal(hmacCopy, md) == 0; wc_HmacFree(hmacCopy); -#ifdef WOLFSSL_SMALL_STACK - XFREE(hmacCopy, NULL, DYNAMIC_TYPE_OPENSSL); -#endif + WC_FREE_VAR_EX(hmacCopy, NULL, DYNAMIC_TYPE_OPENSSL); return ret; } else { @@ -4678,9 +4676,7 @@ static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx, if (ret == WOLFSSL_SUCCESS) ret = wolfSSL_EVP_DigestFinal(ctxCopy, md, mdlen); wolfSSL_EVP_MD_CTX_cleanup(ctxCopy); -#ifdef WOLFSSL_SMALL_STACK - XFREE(ctxCopy, NULL, DYNAMIC_TYPE_OPENSSL); -#endif + WC_FREE_VAR_EX(ctxCopy, NULL, DYNAMIC_TYPE_OPENSSL); return ret; } } @@ -6638,11 +6634,7 @@ void wolfSSL_EVP_init(void) { int ret; int hashType = WC_HASH_TYPE_NONE; - #ifdef WOLFSSL_SMALL_STACK - EncryptedInfo* info; - #else - EncryptedInfo info[1]; - #endif + WC_DECLARE_VAR(info, EncryptedInfo, 1, 0); #ifdef WOLFSSL_SMALL_STACK info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL, @@ -6674,9 +6666,7 @@ void wolfSSL_EVP_init(void) ret = (int)info->keySz; end: - #ifdef WOLFSSL_SMALL_STACK - XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); - #endif + WC_FREE_VAR_EX(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO); if (ret < 0) return 0; /* failure - for compatibility */ @@ -11701,9 +11691,7 @@ static int PrintHexWithColon(WOLFSSL_BIO* out, const byte* input, idx = 0; } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } #if !defined(NO_RSA) @@ -11730,26 +11718,16 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, const byte* e = NULL; /* pointer to modulus/exponent */ word32 i; unsigned long exponent = 0; -#ifdef WOLFSSL_SMALL_STACK - mp_int* a = NULL; -#else - mp_int a[1]; -#endif + WC_DECLARE_VAR(a, mp_int, 1, 0); char line[32] = { 0 }; (void)pctx; -#ifdef WOLFSSL_SMALL_STACK - a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (a == NULL) { - return WOLFSSL_FAILURE; - } -#endif + WC_ALLOC_VAR_EX(a, mp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return WOLFSSL_FAILURE); if( mp_init(a) != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return WOLFSSL_FAILURE; } if (indent < 0) { @@ -11853,9 +11831,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, } while (0); mp_free(a); -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return res; } #endif /* !NO_RSA */ @@ -11914,10 +11890,8 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, #endif if (mp_init(a) != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(key, NULL, DYNAMIC_TYPE_ECC); - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(key, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return WOLFSSL_FAILURE; } @@ -11925,10 +11899,8 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, /* Return early so we don't have to remember if init succeeded * or not. */ mp_free(a); -#ifdef WOLFSSL_SMALL_STACK - XFREE(key, NULL, DYNAMIC_TYPE_ECC); - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(key, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return WOLFSSL_FAILURE; } @@ -12047,10 +12019,8 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, wc_ecc_free(key); mp_free(a); -#ifdef WOLFSSL_SMALL_STACK - XFREE(key, NULL, DYNAMIC_TYPE_ECC); - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(key, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return res; } @@ -12078,24 +12048,14 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, word32 inOutIdx = 0; word32 oid; byte tagFound; -#ifdef WOLFSSL_SMALL_STACK - mp_int* a = NULL; -#else - mp_int a[1]; -#endif + WC_DECLARE_VAR(a, mp_int, 1, 0); char line[32] = { 0 }; -#ifdef WOLFSSL_SMALL_STACK - a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (a == NULL) { - return WOLFSSL_FAILURE; - } -#endif + WC_ALLOC_VAR_EX(a, mp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return WOLFSSL_FAILURE); if( mp_init(a) != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return WOLFSSL_FAILURE; } @@ -12268,9 +12228,7 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, } while (0); mp_free(a); -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return res; } #endif /* !NO_DSA */ @@ -12302,24 +12260,14 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, byte* publicKey = NULL; word32 outSz; byte outHex[3]; -#ifdef WOLFSSL_SMALL_STACK - mp_int* a = NULL; -#else - mp_int a[1]; -#endif + WC_DECLARE_VAR(a, mp_int, 1, 0); char line[32] = { 0 }; -#ifdef WOLFSSL_SMALL_STACK - a = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (a == NULL) { - return WOLFSSL_FAILURE; - } -#endif + WC_ALLOC_VAR_EX(a, mp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return WOLFSSL_FAILURE); if( mp_init(a) != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return WOLFSSL_FAILURE; } @@ -12498,9 +12446,7 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz, } while (0); mp_free(a); -#ifdef WOLFSSL_SMALL_STACK - XFREE(a, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(a, NULL, DYNAMIC_TYPE_BIGINT); return res; } #endif /* WOLFSSL_DH_EXTRA */ diff --git a/wolfcrypt/src/ge_448.c b/wolfcrypt/src/ge_448.c index efc8f723190..9c65bbc6f99 100644 --- a/wolfcrypt/src/ge_448.c +++ b/wolfcrypt/src/ge_448.c @@ -11034,10 +11034,8 @@ int ge448_scalarmult_base(ge448_p2* r, const byte* a) ge448_madd(r, r, t); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } diff --git a/wolfcrypt/src/hash.c b/wolfcrypt/src/hash.c index c3bae41cc8f..c6c49472ed2 100644 --- a/wolfcrypt/src/hash.c +++ b/wolfcrypt/src/hash.c @@ -1329,17 +1329,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret; - #ifdef WOLFSSL_SMALL_STACK - wc_Md5* md5; - #else - wc_Md5 md5[1]; - #endif + WC_DECLARE_VAR(md5, wc_Md5, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - md5 = (wc_Md5*)XMALLOC(sizeof(wc_Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (md5 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(md5, wc_Md5, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitMd5_ex(md5, heap, devId)) != 0) { WOLFSSL_MSG("InitMd5 failed"); @@ -1354,9 +1347,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Md5Free(md5); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1378,17 +1369,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha* sha; - #else - wc_Sha sha[1]; - #endif + WC_DECLARE_VAR(sha, wc_Sha, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha = (wc_Sha*)XMALLOC(sizeof(wc_Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (sha == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha, wc_Sha, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha_ex(sha, heap, devId)) != 0) { WOLFSSL_MSG("InitSha failed"); @@ -1403,9 +1387,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_ShaFree(sha); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1427,18 +1409,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha224* sha224; - #else - wc_Sha224 sha224[1]; - #endif + WC_DECLARE_VAR(sha224, wc_Sha224, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha224 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha224, wc_Sha224, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha224_ex(sha224, heap, devId)) != 0) { WOLFSSL_MSG("InitSha224 failed"); @@ -1453,9 +1427,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha224Free(sha224); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha224, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha224, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1531,18 +1503,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha512* sha512; - #else - wc_Sha512 sha512[1]; - #endif + WC_DECLARE_VAR(sha512, wc_Sha512, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha512 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha512_ex(sha512, heap, devId)) != 0) { WOLFSSL_MSG("InitSha512 failed"); @@ -1557,9 +1521,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha512Free(sha512); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1580,18 +1542,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha512* sha512; - #else - wc_Sha512 sha512[1]; - #endif + WC_DECLARE_VAR(sha512, wc_Sha512, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha512 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha512_224_ex(sha512, heap, devId)) != 0) { WOLFSSL_MSG("wc_InitSha512_224 failed"); @@ -1606,9 +1560,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha512_224Free(sha512); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1632,18 +1584,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha512* sha512; - #else - wc_Sha512 sha512[1]; - #endif + WC_DECLARE_VAR(sha512, wc_Sha512, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha512 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha512_256_ex(sha512, heap, devId)) != 0) { WOLFSSL_MSG("wc_InitSha512_256 failed"); @@ -1658,9 +1602,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha512_256Free(sha512); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1685,18 +1627,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha384* sha384; - #else - wc_Sha384 sha384[1]; - #endif + WC_DECLARE_VAR(sha384, wc_Sha384, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha384 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha384, wc_Sha384, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha384_ex(sha384, heap, devId)) != 0) { WOLFSSL_MSG("InitSha384 failed"); @@ -1711,9 +1645,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha384Free(sha384); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1736,18 +1668,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha3* sha3; - #else - wc_Sha3 sha3[1]; - #endif + WC_DECLARE_VAR(sha3, wc_Sha3, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha3 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha3, wc_Sha3, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha3_224(sha3, heap, devId)) != 0) { WOLFSSL_MSG("InitSha3_224 failed"); @@ -1762,9 +1686,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha3_224_Free(sha3); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1786,18 +1708,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha3* sha3; - #else - wc_Sha3 sha3[1]; - #endif + WC_DECLARE_VAR(sha3, wc_Sha3, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha3 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha3, wc_Sha3, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha3_256(sha3, heap, devId)) != 0) { WOLFSSL_MSG("InitSha3_256 failed"); @@ -1812,9 +1726,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha3_256_Free(sha3); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1836,18 +1748,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha3* sha3; - #else - wc_Sha3 sha3[1]; - #endif + WC_DECLARE_VAR(sha3, wc_Sha3, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha3 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha3, wc_Sha3, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha3_384(sha3, heap, devId)) != 0) { WOLFSSL_MSG("InitSha3_384 failed"); @@ -1862,9 +1766,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha3_384_Free(sha3); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1886,18 +1788,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha3* sha3; - #else - wc_Sha3 sha3[1]; - #endif + WC_DECLARE_VAR(sha3, wc_Sha3, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sha3 = (wc_Sha3*)XMALLOC(sizeof(wc_Sha3), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (sha3 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sha3, wc_Sha3, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSha3_512(sha3, heap, devId)) != 0) { WOLFSSL_MSG("InitSha3_512 failed"); @@ -1912,9 +1806,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sha3_512_Free(sha3); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sha3, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1936,18 +1828,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) word32 hashLen, void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Shake* shake; - #else - wc_Shake shake[1]; - #endif + WC_DECLARE_VAR(shake, wc_Shake, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - shake = (wc_Shake*)XMALLOC(sizeof(wc_Shake), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (shake == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(shake, wc_Shake, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitShake128(shake, heap, devId)) != 0) { WOLFSSL_MSG("InitShake128 failed"); @@ -1962,9 +1846,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Shake128_Free(shake); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(shake, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(shake, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1988,18 +1870,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) word32 hashLen, void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Shake* shake; - #else - wc_Shake shake[1]; - #endif + WC_DECLARE_VAR(shake, wc_Shake, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - shake = (wc_Shake*)XMALLOC(sizeof(wc_Shake), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (shake == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(shake, wc_Shake, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitShake256(shake, heap, devId)) != 0) { WOLFSSL_MSG("InitShake256 failed"); @@ -2014,9 +1888,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Shake256_Free(shake); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(shake, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(shake, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -2041,17 +1913,10 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) void* heap, int devId) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - wc_Sm3* sm3; - #else - wc_Sm3 sm3[1]; - #endif + WC_DECLARE_VAR(sm3, wc_Sm3, 1, 0); - #ifdef WOLFSSL_SMALL_STACK - sm3 = (wc_Sm3*)XMALLOC(sizeof(wc_Sm3), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (sm3 == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(sm3, wc_Sm3, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); if ((ret = wc_InitSm3(sm3, heap, devId)) != 0) { WOLFSSL_MSG("InitSm3 failed"); @@ -2066,9 +1931,7 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags) wc_Sm3Free(sm3); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(sm3, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(sm3, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/hmac.c b/wolfcrypt/src/hmac.c index c5d8e37c1b6..caf7e142adf 100644 --- a/wolfcrypt/src/hmac.c +++ b/wolfcrypt/src/hmac.c @@ -1449,11 +1449,7 @@ int wolfSSL_GetHmacMaxSize(void) const byte* inKey, word32 inKeySz, byte* out, void* heap, int devId) { byte tmp[WC_MAX_DIGEST_SIZE]; /* localSalt helper */ - #ifdef WOLFSSL_SMALL_STACK - Hmac* myHmac; - #else - Hmac myHmac[1]; - #endif + WC_DECLARE_VAR(myHmac, Hmac, 1, 0); int ret; const byte* localSalt; /* either points to user input or tmp */ word32 hashSz; @@ -1463,12 +1459,8 @@ int wolfSSL_GetHmacMaxSize(void) return ret; } - #ifdef WOLFSSL_SMALL_STACK - myHmac = (Hmac*)XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_HMAC); - if (myHmac == NULL) { - return MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(myHmac, Hmac, 1, NULL, DYNAMIC_TYPE_HMAC, + return MEMORY_E); hashSz = (word32)ret; localSalt = salt; @@ -1492,9 +1484,7 @@ int wolfSSL_GetHmacMaxSize(void) ret = wc_HmacFinal(myHmac, out); wc_HmacFree(myHmac); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(myHmac, NULL, DYNAMIC_TYPE_HMAC); - #endif + WC_FREE_VAR_EX(myHmac, NULL, DYNAMIC_TYPE_HMAC); return ret; } @@ -1522,11 +1512,7 @@ int wolfSSL_GetHmacMaxSize(void) void* heap, int devId) { byte tmp[WC_MAX_DIGEST_SIZE]; - #ifdef WOLFSSL_SMALL_STACK - Hmac* myHmac; - #else - Hmac myHmac[1]; - #endif + WC_DECLARE_VAR(myHmac, Hmac, 1, 0); int ret = 0; word32 outIdx = 0; word32 hashSz; @@ -1545,18 +1531,12 @@ int wolfSSL_GetHmacMaxSize(void) return BAD_FUNC_ARG; } - #ifdef WOLFSSL_SMALL_STACK - myHmac = (Hmac*)XMALLOC(sizeof(Hmac), NULL, DYNAMIC_TYPE_HMAC); - if (myHmac == NULL) { - return MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(myHmac, Hmac, 1, NULL, DYNAMIC_TYPE_HMAC, + return MEMORY_E); ret = wc_HmacInit(myHmac, heap, devId); if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(myHmac, NULL, DYNAMIC_TYPE_HMAC); - #endif + WC_FREE_VAR_EX(myHmac, NULL, DYNAMIC_TYPE_HMAC); return ret; } @@ -1595,9 +1575,7 @@ int wolfSSL_GetHmacMaxSize(void) } wc_HmacFree(myHmac); - #ifdef WOLFSSL_SMALL_STACK - XFREE(myHmac, NULL, DYNAMIC_TYPE_HMAC); - #endif + WC_FREE_VAR_EX(myHmac, NULL, DYNAMIC_TYPE_HMAC); return ret; } diff --git a/wolfcrypt/src/hpke.c b/wolfcrypt/src/hpke.c index 848b53af308..686abd145d6 100644 --- a/wolfcrypt/src/hpke.c +++ b/wolfcrypt/src/hpke.c @@ -465,23 +465,14 @@ static int wc_HpkeLabeledExtract(Hpke* hpke, byte* suite_id, { int ret; byte* labeled_ikm_p; -#ifndef WOLFSSL_SMALL_STACK - byte labeled_ikm[MAX_HPKE_LABEL_SZ]; -#else - byte* labeled_ikm; -#endif + WC_DECLARE_VAR(labeled_ikm, byte, MAX_HPKE_LABEL_SZ, 0); if (hpke == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - labeled_ikm = (byte*)XMALLOC(MAX_HPKE_LABEL_SZ, hpke->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (labeled_ikm == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(labeled_ikm, byte, MAX_HPKE_LABEL_SZ, hpke->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); /* concat the labeled_ikm */ /* version */ @@ -508,9 +499,7 @@ static int wc_HpkeLabeledExtract(Hpke* hpke, byte* suite_id, (word32)(size_t)(labeled_ikm_p - labeled_ikm), out); PRIVATE_KEY_LOCK(); -#ifdef WOLFSSL_SMALL_STACK - XFREE(labeled_ikm, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(labeled_ikm, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -523,23 +512,14 @@ static int wc_HpkeLabeledExpand(Hpke* hpke, byte* suite_id, word32 suite_id_len, { int ret; byte* labeled_info_p; -#ifndef WOLFSSL_SMALL_STACK - byte labeled_info[MAX_HPKE_LABEL_SZ]; -#else - byte* labeled_info; -#endif + WC_DECLARE_VAR(labeled_info, byte, MAX_HPKE_LABEL_SZ, 0); if (hpke == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - labeled_info = (byte*)XMALLOC(MAX_HPKE_LABEL_SZ, hpke->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (labeled_info == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(labeled_info, byte, MAX_HPKE_LABEL_SZ, hpke->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); /* copy length */ ret = I2OSP((int)L, 2, labeled_info); @@ -571,9 +551,7 @@ static int wc_HpkeLabeledExpand(Hpke* hpke, byte* suite_id, word32 suite_id_len, PRIVATE_KEY_LOCK(); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(labeled_info, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(labeled_info, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -606,23 +584,14 @@ static int wc_HpkeExtractAndExpand( Hpke* hpke, byte* dh, word32 dh_len, { int ret; /* max length is the largest hmac digest possible */ -#ifndef WOLFSSL_SMALL_STACK - byte eae_prk[WC_MAX_DIGEST_SIZE]; -#else - byte* eae_prk; -#endif + WC_DECLARE_VAR(eae_prk, byte, WC_MAX_DIGEST_SIZE, 0); if (hpke == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - eae_prk = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, hpke->heap, - DYNAMIC_TYPE_DIGEST); - if (eae_prk == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(eae_prk, byte, WC_MAX_DIGEST_SIZE, hpke->heap, + DYNAMIC_TYPE_DIGEST, return MEMORY_E); /* extract */ ret = wc_HpkeLabeledExtract(hpke, hpke->kem_suite_id, @@ -636,9 +605,7 @@ static int wc_HpkeExtractAndExpand( Hpke* hpke, byte* dh, word32 dh_len, (byte*)SHARED_SECRET_LABEL_STR, SHARED_SECRET_LABEL_STR_LEN, kemContext, kem_context_length, hpke->Nsecret, sharedSecret); -#ifdef WOLFSSL_SMALL_STACK - XFREE(eae_prk, hpke->heap, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(eae_prk, hpke->heap, DYNAMIC_TYPE_DIGEST); return ret; } @@ -726,10 +693,9 @@ static int wc_HpkeKeyScheduleBase(Hpke* hpke, HpkeBaseContext* context, 1 + 2 * hpke->Nh, hpke->Nh, context->exporter_secret); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(key_schedule_context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(secret, hpke->heap, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(key_schedule_context, hpke->heap, + DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(secret, hpke->heap, DYNAMIC_TYPE_DIGEST); return ret; } @@ -830,10 +796,8 @@ static int wc_HpkeEncap(Hpke* hpke, void* ephemeralKey, void* receiverKey, hpke->Npk * 2, sharedSecret); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -843,11 +807,7 @@ static int wc_HpkeSetupBaseSender(Hpke* hpke, HpkeBaseContext* context, void* ephemeralKey, void* receiverKey, byte* info, word32 infoSz) { int ret; -#ifndef WOLFSSL_SMALL_STACK - byte sharedSecret[HPKE_Nsecret_MAX]; -#else - byte* sharedSecret; -#endif + WC_DECLARE_VAR(sharedSecret, byte, HPKE_Nsecret_MAX, 0); if (hpke == NULL) { return BAD_FUNC_ARG; @@ -867,9 +827,7 @@ static int wc_HpkeSetupBaseSender(Hpke* hpke, HpkeBaseContext* context, infoSz); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(sharedSecret, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(sharedSecret, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -896,21 +854,13 @@ int wc_HpkeContextSealBase(Hpke* hpke, HpkeBaseContext* context, { int ret; byte nonce[HPKE_Nn_MAX]; -#ifndef WOLFSSL_SMALL_STACK - Aes aes[1]; -#else - Aes* aes; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); if (hpke == NULL || context == NULL || (aad == NULL && aadSz > 0) || plaintext == NULL || out == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - aes = (Aes*)XMALLOC(sizeof(Aes), hpke->heap, DYNAMIC_TYPE_AES); - if (aes == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(aes, Aes, 1, hpke->heap, DYNAMIC_TYPE_AES, + return MEMORY_E); ret = wc_AesInit(aes, hpke->heap, INVALID_DEVID); if (ret == 0) { /* compute nonce */ @@ -928,9 +878,7 @@ int wc_HpkeContextSealBase(Hpke* hpke, HpkeBaseContext* context, } wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, hpke->heap, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, hpke->heap, DYNAMIC_TYPE_AES); return ret; } @@ -940,11 +888,7 @@ int wc_HpkeSealBase(Hpke* hpke, void* ephemeralKey, void* receiverKey, word32 ptSz, byte* ciphertext) { int ret; -#ifdef WOLFSSL_SMALL_STACK - HpkeBaseContext* context; -#else - HpkeBaseContext context[1]; -#endif + WC_DECLARE_VAR(context, HpkeBaseContext, 1, 0); /* check that all the buffers are non NULL or optional with 0 length */ if (hpke == NULL || ephemeralKey == NULL || receiverKey == NULL || @@ -953,13 +897,8 @@ int wc_HpkeSealBase(Hpke* hpke, void* ephemeralKey, void* receiverKey, return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - context = (HpkeBaseContext*)XMALLOC(sizeof(HpkeBaseContext), hpke->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (context == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(context, HpkeBaseContext, 1, hpke->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); PRIVATE_KEY_UNLOCK(); @@ -975,9 +914,7 @@ int wc_HpkeSealBase(Hpke* hpke, void* ephemeralKey, void* receiverKey, PRIVATE_KEY_LOCK(); -#ifdef WOLFSSL_SMALL_STACK - XFREE(context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1095,10 +1032,8 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey, hpke->Npk * 2, sharedSecret); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(dh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(kemContext, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1109,19 +1044,10 @@ static int wc_HpkeSetupBaseReceiver(Hpke* hpke, HpkeBaseContext* context, word32 infoSz) { int ret; -#ifndef WOLFSSL_SMALL_STACK - byte sharedSecret[HPKE_Nsecret_MAX]; -#else - byte* sharedSecret; -#endif + WC_DECLARE_VAR(sharedSecret, byte, HPKE_Nsecret_MAX, 0); -#ifdef WOLFSSL_SMALL_STACK - sharedSecret = (byte*)XMALLOC(hpke->Nsecret, hpke->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (sharedSecret == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(sharedSecret, byte, hpke->Nsecret, hpke->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); /* decap */ ret = wc_HpkeDecap(hpke, receiverKey, pubKey, pubKeySz, sharedSecret); @@ -1132,9 +1058,7 @@ static int wc_HpkeSetupBaseReceiver(Hpke* hpke, HpkeBaseContext* context, infoSz); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(sharedSecret, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(sharedSecret, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1159,21 +1083,13 @@ int wc_HpkeContextOpenBase(Hpke* hpke, HpkeBaseContext* context, byte* aad, { int ret; byte nonce[HPKE_Nn_MAX]; -#ifndef WOLFSSL_SMALL_STACK - Aes aes[1]; -#else - Aes* aes; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); if (hpke == NULL) { return BAD_FUNC_ARG; } XMEMSET(nonce, 0, sizeof(nonce)); -#ifdef WOLFSSL_SMALL_STACK - aes = (Aes*)XMALLOC(sizeof(Aes), hpke->heap, DYNAMIC_TYPE_AES); - if (aes == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(aes, Aes, 1, hpke->heap, DYNAMIC_TYPE_AES, + return MEMORY_E); /* compute nonce */ ret = wc_HpkeContextComputeNonce(hpke, context, nonce); if (ret == 0) @@ -1190,9 +1106,7 @@ int wc_HpkeContextOpenBase(Hpke* hpke, HpkeBaseContext* context, byte* aad, } wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, hpke->heap, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, hpke->heap, DYNAMIC_TYPE_AES); return ret; } @@ -1203,11 +1117,7 @@ int wc_HpkeOpenBase(Hpke* hpke, void* receiverKey, const byte* pubKey, byte* ciphertext, word32 ctSz, byte* plaintext) { int ret; -#ifndef WOLFSSL_SMALL_STACK - HpkeBaseContext context[1]; -#else - HpkeBaseContext* context; -#endif + WC_DECLARE_VAR(context, HpkeBaseContext, 1, 0); /* check that all the buffer are non NULL or optional with 0 length */ if (hpke == NULL || receiverKey == NULL || pubKey == NULL || @@ -1217,13 +1127,8 @@ int wc_HpkeOpenBase(Hpke* hpke, void* receiverKey, const byte* pubKey, return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - context = (HpkeBaseContext*)XMALLOC(sizeof(HpkeBaseContext), hpke->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (context == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(context, HpkeBaseContext, 1, hpke->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); PRIVATE_KEY_UNLOCK(); @@ -1239,9 +1144,7 @@ int wc_HpkeOpenBase(Hpke* hpke, void* receiverKey, const byte* pubKey, PRIVATE_KEY_LOCK(); -#ifdef WOLFSSL_SMALL_STACK - XFREE(context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(context, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/integer.c b/wolfcrypt/src/integer.c index 3c27d30a868..fded3d7c3af 100644 --- a/wolfcrypt/src/integer.c +++ b/wolfcrypt/src/integer.c @@ -2016,23 +2016,15 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, mp_int res; mp_digit buf, mp; int err, bitbuf, bitcpy, bitcnt, mode, digidx, x, y, winsize; -#ifdef WOLFSSL_SMALL_STACK - mp_int* M; -#else - mp_int M[TAB_SIZE]; -#endif + WC_DECLARE_VAR(M, mp_int, TAB_SIZE, 0); /* use a pointer to the reduction algorithm. This allows us to use * one of many reduction algorithms without modding the guts of * the code with if statements everywhere. */ int (*redux)(mp_int*,mp_int*,mp_digit) = NULL; -#ifdef WOLFSSL_SMALL_STACK - M = (mp_int*) XMALLOC(sizeof(mp_int) * TAB_SIZE, NULL, - DYNAMIC_TYPE_BIGINT); - if (M == NULL) - return MP_MEM; -#endif + WC_ALLOC_VAR_EX(M, mp_int, TAB_SIZE, NULL, DYNAMIC_TYPE_BIGINT, + return MP_MEM); /* find window size */ x = mp_count_bits (X); @@ -2061,9 +2053,7 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, /* init M array */ /* init first cell */ if ((err = mp_init_size(&M[1], P->alloc)) != MP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(M, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(M, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2076,9 +2066,7 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, } mp_clear(&M[1]); -#ifdef WOLFSSL_SMALL_STACK - XFREE(M, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(M, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2317,9 +2305,7 @@ LBL_RES:mp_clear (&res); mp_clear (&M[x]); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(M, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(M, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2527,11 +2513,8 @@ int mp_montgomery_setup (mp_int * n, mp_digit * rho) int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) { int ix, res, olduse; -#ifdef WOLFSSL_SMALL_STACK - mp_word* W; /* uses dynamic memory and slower */ -#else - mp_word W[MP_WARRAY]; -#endif + /* uses dynamic memory and slower */ + WC_DECLARE_VAR(W, mp_word, MP_WARRAY, 0); /* get old used count */ olduse = x->used; @@ -2543,12 +2526,8 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) } } -#ifdef WOLFSSL_SMALL_STACK - W = (mp_word*)XMALLOC(sizeof(mp_word) * (n->used * 2 + 2), NULL, - DYNAMIC_TYPE_BIGINT); - if (W == NULL) - return MP_MEM; -#endif + WC_ALLOC_VAR_EX(W, mp_word, (n->used*2+2), NULL, DYNAMIC_TYPE_BIGINT, + return MP_MEM); XMEMSET(W, 0, sizeof(mp_word) * (n->used * 2 + 2)); @@ -2668,9 +2647,7 @@ int fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho) x->used = n->used + 1; mp_clamp (x); -#ifdef WOLFSSL_SMALL_STACK - XFREE(W, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT); /* if A >= m then A = A - m */ if (mp_cmp_mag (x, n) != MP_LT) { @@ -3384,11 +3361,8 @@ After that loop you do the squares and add them in. int fast_s_mp_sqr (mp_int * a, mp_int * b) { int olduse, res, pa, ix, iz; -#ifdef WOLFSSL_SMALL_STACK - mp_digit* W; /* uses dynamic memory and slower */ -#else - mp_digit W[MP_WARRAY]; -#endif + /* uses dynamic memory and slower */ + WC_DECLARE_VAR(W, mp_digit, MP_WARRAY, 0); mp_digit *tmpx; mp_word W1; @@ -3409,11 +3383,8 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b) return MP_OKAY; } -#ifdef WOLFSSL_SMALL_STACK - W = (mp_digit*)XMALLOC(sizeof(mp_digit) * pa, NULL, DYNAMIC_TYPE_BIGINT); - if (W == NULL) - return MP_MEM; -#endif + WC_ALLOC_VAR_EX(W, mp_digit, pa, NULL, DYNAMIC_TYPE_BIGINT, + return MP_MEM); /* number of output digits to produce */ W1 = 0; @@ -3482,9 +3453,7 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b) } mp_clamp (b); -#ifdef WOLFSSL_SMALL_STACK - XFREE(W, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT); return MP_OKAY; } @@ -3509,11 +3478,8 @@ int fast_s_mp_sqr (mp_int * a, mp_int * b) int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) { int olduse, res, pa, ix, iz; -#ifdef WOLFSSL_SMALL_STACK - mp_digit* W; /* uses dynamic memory and slower */ -#else - mp_digit W[MP_WARRAY]; -#endif + /* uses dynamic memory and slower */ + WC_DECLARE_VAR(W, mp_digit, MP_WARRAY, 0); mp_word _W; /* grow the destination as required */ @@ -3534,11 +3500,8 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) return MP_OKAY; } -#ifdef WOLFSSL_SMALL_STACK - W = (mp_digit*)XMALLOC(sizeof(mp_digit) * pa, NULL, DYNAMIC_TYPE_BIGINT); - if (W == NULL) - return MP_MEM; -#endif + WC_ALLOC_VAR_EX(W, mp_digit, pa, NULL, DYNAMIC_TYPE_BIGINT, + return MP_MEM); /* clear the carry */ _W = 0; @@ -3594,9 +3557,7 @@ int fast_s_mp_mul_digs (mp_int * a, mp_int * b, mp_int * c, int digs) } mp_clamp (c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(W, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT); return MP_OKAY; } @@ -4247,11 +4208,8 @@ int s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) { int olduse, res, pa, ix, iz; -#ifdef WOLFSSL_SMALL_STACK - mp_digit* W; /* uses dynamic memory and slower */ -#else - mp_digit W[MP_WARRAY]; -#endif + /* uses dynamic memory and slower */ + WC_DECLARE_VAR(W, mp_digit, MP_WARRAY, 0); mp_word _W; if (a->dp == NULL) { /* JRB, avoid reading uninitialized values */ @@ -4269,11 +4227,8 @@ int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) if (pa > (int)MP_WARRAY) return MP_RANGE; /* TAO range check */ -#ifdef WOLFSSL_SMALL_STACK - W = (mp_digit*)XMALLOC(sizeof(mp_digit) * pa, NULL, DYNAMIC_TYPE_BIGINT); - if (W == NULL) - return MP_MEM; -#endif + WC_ALLOC_VAR_EX(W, mp_digit, pa, NULL, DYNAMIC_TYPE_BIGINT, + return MP_MEM); /* number of output digits to produce */ _W = 0; @@ -4326,9 +4281,7 @@ int fast_s_mp_mul_high_digs (mp_int * a, mp_int * b, mp_int * c, int digs) } mp_clamp (c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(W, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(W, NULL, DYNAMIC_TYPE_BIGINT); return MP_OKAY; } diff --git a/wolfcrypt/src/kdf.c b/wolfcrypt/src/kdf.c index ce278d0318e..4568bdb21c5 100644 --- a/wolfcrypt/src/kdf.c +++ b/wolfcrypt/src/kdf.c @@ -209,10 +209,8 @@ int wc_PRF(byte* result, word32 resLen, const byte* secret, wc_MemZero_Check(hmac, sizeof(Hmac)); #endif -#ifdef WOLFSSL_SMALL_STACK - XFREE(current, heap, DYNAMIC_TYPE_DIGEST); - XFREE(hmac, heap, DYNAMIC_TYPE_HMAC); -#endif + WC_FREE_VAR_EX(current, heap, DYNAMIC_TYPE_DIGEST); + WC_FREE_VAR_EX(hmac, heap, DYNAMIC_TYPE_HMAC); return ret; } @@ -278,10 +276,8 @@ int wc_PRF_TLSv1(byte* digest, word32 digLen, const byte* secret, wc_MemZero_Check(sha_result, MAX_PRF_DIG); #endif -#ifdef WOLFSSL_SMALL_STACK - XFREE(sha_result, heap, DYNAMIC_TYPE_DIGEST); - XFREE(labelSeed, heap, DYNAMIC_TYPE_DIGEST); -#endif + WC_FREE_VAR_EX(sha_result, heap, DYNAMIC_TYPE_DIGEST); + WC_FREE_VAR_EX(labelSeed, heap, DYNAMIC_TYPE_DIGEST); return ret; } @@ -305,22 +301,14 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, if (useAtLeastSha256) { - #ifdef WOLFSSL_SMALL_STACK - byte* labelSeed; - #else - byte labelSeed[MAX_PRF_LABSEED]; - #endif + WC_DECLARE_VAR(labelSeed, byte, MAX_PRF_LABSEED, 0); if (labLen + seedLen > MAX_PRF_LABSEED) { return BUFFER_E; } - #ifdef WOLFSSL_SMALL_STACK - labelSeed = (byte*)XMALLOC(MAX_PRF_LABSEED, heap, DYNAMIC_TYPE_DIGEST); - if (labelSeed == NULL) { - return MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(labelSeed, byte, MAX_PRF_LABSEED, heap, + DYNAMIC_TYPE_DIGEST, return MEMORY_E); XMEMCPY(labelSeed, label, labLen); XMEMCPY(labelSeed + labLen, seed, seedLen); @@ -334,9 +322,7 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, ret = wc_PRF(digest, digLen, secret, secLen, labelSeed, labLen + seedLen, hash_type, heap, devId); - #ifdef WOLFSSL_SMALL_STACK - XFREE(labelSeed, heap, DYNAMIC_TYPE_DIGEST); - #endif + WC_FREE_VAR_EX(labelSeed, heap, DYNAMIC_TYPE_DIGEST); } else { #ifndef NO_OLD_TLS @@ -448,11 +434,7 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, { int ret = 0; word32 idx = 0; - #ifdef WOLFSSL_SMALL_STACK - byte* data; - #else - byte data[MAX_TLS13_HKDF_LABEL_SZ]; - #endif + WC_DECLARE_VAR(data, byte, MAX_TLS13_HKDF_LABEL_SZ, 0); /* okmLen (2) + protocol|label len (1) + info len(1) + protocollen + * labellen + infolen */ @@ -461,12 +443,8 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, return BUFFER_E; } - #ifdef WOLFSSL_SMALL_STACK - data = (byte*)XMALLOC(idx, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (data == NULL) { - return MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(data, byte, idx, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); idx = 0; /* Output length. */ @@ -524,9 +502,7 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen, #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Check(data, idx); #endif - #ifdef WOLFSSL_SMALL_STACK - XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(data, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1023,11 +999,7 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz, { int ret = 0; byte block[WC_AES_BLOCK_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int aes_inited = 0; /* Validate parameters. */ @@ -1078,9 +1050,7 @@ int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz, if (aes_inited) wc_AesFree(aes); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_CIPHER); return ret; } @@ -1114,11 +1084,7 @@ int wc_SRTCP_KDF_ex(const byte* key, word32 keySz, const byte* salt, word32 salt { int ret = 0; byte block[WC_AES_BLOCK_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int aes_inited = 0; int idxLen; @@ -1177,9 +1143,7 @@ int wc_SRTCP_KDF_ex(const byte* key, word32 keySz, const byte* salt, word32 salt if (aes_inited) wc_AesFree(aes); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_CIPHER); return ret; } @@ -1219,11 +1183,7 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt, { int ret = 0; byte block[WC_AES_BLOCK_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int aes_inited = 0; /* Validate parameters. */ @@ -1264,9 +1224,7 @@ int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt, if (aes_inited) wc_AesFree(aes); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_CIPHER); return ret; } @@ -1298,11 +1256,7 @@ int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt, { int ret = 0; byte block[WC_AES_BLOCK_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int aes_inited = 0; /* Validate parameters. */ @@ -1343,9 +1297,7 @@ int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt, if (aes_inited) wc_AesFree(aes); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_CIPHER); return ret; } diff --git a/wolfcrypt/src/logging.c b/wolfcrypt/src/logging.c index 68729fe6d1a..284b80822cd 100644 --- a/wolfcrypt/src/logging.c +++ b/wolfcrypt/src/logging.c @@ -402,9 +402,7 @@ static void wolfssl_log(const int logLevel, const char* const file_name, if ((written > 0) && (loggingCertEnabled != 0)) { wolfssl_log(INFO_LOG, NULL, 0, msg); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(msg, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(msg, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } /* WOLFSSL_MSG_CERT_EX */ #endif /* XVSNPRINTF */ diff --git a/wolfcrypt/src/md2.c b/wolfcrypt/src/md2.c index d6a7e56d018..9ae436fdc0e 100644 --- a/wolfcrypt/src/md2.c +++ b/wolfcrypt/src/md2.c @@ -137,25 +137,16 @@ void wc_Md2Final(wc_Md2* md2, byte* hash) int wc_Md2Hash(const byte* data, word32 len, byte* hash) { -#ifdef WOLFSSL_SMALL_STACK - wc_Md2* md2; -#else - wc_Md2 md2[1]; -#endif + WC_DECLARE_VAR(md2, wc_Md2, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - md2 = (wc_Md2*)XMALLOC(sizeof(wc_Md2), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (md2 == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(md2, wc_Md2, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); wc_InitMd2(md2); wc_Md2Update(md2, data, len); wc_Md2Final(md2, hash); -#ifdef WOLFSSL_SMALL_STACK - XFREE(md2, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(md2, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } diff --git a/wolfcrypt/src/pkcs12.c b/wolfcrypt/src/pkcs12.c index 87393549fcb..516ef654ecd 100644 --- a/wolfcrypt/src/pkcs12.c +++ b/wolfcrypt/src/pkcs12.c @@ -1119,9 +1119,7 @@ static WARN_UNUSED_RESULT int freeDecCertList(WC_DerCertList** list, current = current->next; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(DeCert, heap, DYNAMIC_TYPE_PKCS); -#endif + WC_FREE_VAR_EX(DeCert, heap, DYNAMIC_TYPE_PKCS); return 0; } diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index 3ba2e8bfd37..d340652d26e 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -1118,9 +1118,7 @@ int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz) cert = (Pkcs7Cert*)XMALLOC(sizeof(Pkcs7Cert), pkcs7->heap, DYNAMIC_TYPE_PKCS7); if (cert == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return MEMORY_E; } XMEMSET(cert, 0, sizeof(Pkcs7Cert)); @@ -1150,9 +1148,7 @@ int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz) ret = ParseCert(dCert, CA_TYPE, NO_VERIFY, 0); if (ret < 0) { FreeDecodedCert(dCert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return ret; } @@ -1162,9 +1158,7 @@ int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz) if (ret != 0) { WOLFSSL_MSG("Invalid public key, check pkcs7->cert"); FreeDecodedCert(dCert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return ret; } @@ -1172,9 +1166,7 @@ int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz) dCert->serialSz > MAX_SN_SZ) { WOLFSSL_MSG("Invalid size in certificate"); FreeDecodedCert(dCert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return ASN_PARSE_E; } @@ -1196,9 +1188,7 @@ int wc_PKCS7_InitWithCert(wc_PKCS7* pkcs7, byte* derCert, word32 derCertSz) FreeDecodedCert(dCert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); } return ret; @@ -1817,22 +1807,14 @@ static int wc_PKCS7_ImportRSA(wc_PKCS7* pkcs7, RsaKey* privKey) static int wc_PKCS7_RsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) { int ret; -#ifdef WOLFSSL_SMALL_STACK - RsaKey* privKey; -#else - RsaKey privKey[1]; -#endif + WC_DECLARE_VAR(privKey, RsaKey, 1, 0); if (pkcs7 == NULL || pkcs7->rng == NULL || in == NULL || esd == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (privKey == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(privKey, RsaKey, 1, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_PKCS7_ImportRSA(pkcs7, privKey); if (ret == 0) { @@ -1853,9 +1835,7 @@ static int wc_PKCS7_RsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) } wc_FreeRsaKey(privKey); -#ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1908,22 +1888,14 @@ static int wc_PKCS7_EcdsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) { int ret; word32 outSz; -#ifdef WOLFSSL_SMALL_STACK - ecc_key* privKey; -#else - ecc_key privKey[1]; -#endif + WC_DECLARE_VAR(privKey, ecc_key, 1, 0); if (pkcs7 == NULL || pkcs7->rng == NULL || in == NULL || esd == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - privKey = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (privKey == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(privKey, ecc_key, 1, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_PKCS7_ImportECC(pkcs7, privKey); if (ret == 0) { @@ -1946,9 +1918,7 @@ static int wc_PKCS7_EcdsaSign(wc_PKCS7* pkcs7, byte* in, word32 inSz, ESD* esd) } wc_ecc_free(privKey); -#ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1980,9 +1950,7 @@ static int wc_PKCS7_GetSignSize(wc_PKCS7* pkcs7) ret = wc_RsaEncryptSize(privKey); } wc_FreeRsaKey(privKey); - #ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); } break; #endif @@ -2005,9 +1973,7 @@ static int wc_PKCS7_GetSignSize(wc_PKCS7* pkcs7) ret = wc_ecc_sig_size(privKey); } wc_ecc_free(privKey); - #ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); } break; #endif @@ -2375,31 +2341,20 @@ static int wc_PKCS7_SignedDataBuildSignature(wc_PKCS7* pkcs7, int hashOID; #endif word32 digestInfoSz = MAX_PKCS7_DIGEST_SZ; -#ifdef WOLFSSL_SMALL_STACK - byte* digestInfo; -#else - byte digestInfo[MAX_PKCS7_DIGEST_SZ]; -#endif + WC_DECLARE_VAR(digestInfo, byte, MAX_PKCS7_DIGEST_SZ, 0); if (pkcs7 == NULL || esd == NULL) return BAD_FUNC_ARG; -#ifdef WOLFSSL_SMALL_STACK - digestInfo = (byte*)XMALLOC(digestInfoSz, pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (digestInfo == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(digestInfo, byte, digestInfoSz, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); XMEMSET(digestInfo, 0, digestInfoSz); ret = wc_PKCS7_BuildDigestInfo(pkcs7, flatSignedAttribs, flatSignedAttribsSz, esd, digestInfo, &digestInfoSz); if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -2408,9 +2363,7 @@ static int wc_PKCS7_SignedDataBuildSignature(wc_PKCS7* pkcs7, /* get digest size from hash type */ hashSz = wc_HashGetDigestSize(esd->hashType); if (hashSz < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return hashSz; } #endif @@ -2452,9 +2405,7 @@ static int wc_PKCS7_SignedDataBuildSignature(wc_PKCS7* pkcs7, ret = BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); if (ret >= 0) { esd->encContentDigestSz = (word32)ret; @@ -2784,19 +2735,11 @@ static int PKCS7_EncodeSigned(wc_PKCS7* pkcs7, byte* flatSignedAttribs = NULL; word32 flatSignedAttribsSz = 0; -#ifdef WOLFSSL_SMALL_STACK - ESD* esd = NULL; -#else - ESD esd[1]; -#endif + WC_DECLARE_VAR(esd, ESD, 1, 0); #ifdef ASN_BER_TO_DER word32 streamSz = 0; #endif -#ifdef WOLFSSL_SMALL_STACK - byte *signedDataOid = NULL; -#else - byte signedDataOid[MAX_OID_SZ]; -#endif + WC_DECLARE_VAR(signedDataOid, byte, MAX_OID_SZ, 0); word32 signedDataOidSz; byte signingTime[MAX_TIME_STRING_SZ]; @@ -3407,10 +3350,8 @@ static int PKCS7_EncodeSigned(wc_PKCS7* pkcs7, XFREE(flatSignedAttribs, pkcs7->heap, DYNAMIC_TYPE_PKCS7); -#ifdef WOLFSSL_SMALL_STACK - XFREE(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(signedDataOid, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(esd, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(signedDataOid, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return idx; } @@ -4102,11 +4043,9 @@ static int wc_PKCS7_RsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz, ret = wc_InitRsaKey_ex(key, pkcs7->heap, pkcs7->devId); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return ret; } @@ -4158,11 +4097,9 @@ static int wc_PKCS7_RsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz, ret = SIG_VERIFY_E; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return ret; } @@ -4230,11 +4167,9 @@ static int wc_PKCS7_EcdsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz, ret = wc_ecc_init_ex(key, pkcs7->heap, pkcs7->devId); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return ret; } @@ -4288,11 +4223,9 @@ static int wc_PKCS7_EcdsaVerify(wc_PKCS7* pkcs7, byte* sig, int sigSz, ret = SIG_VERIFY_E; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(key, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(dCert, pkcs7->heap, DYNAMIC_TYPE_DCERT); return ret; } @@ -4326,11 +4259,7 @@ static int wc_PKCS7_BuildSignedDataDigest(wc_PKCS7* pkcs7, byte* signedAttrib, byte digestStr[MAX_OCTET_STR_SZ]; byte algoId[MAX_ALGO_SZ]; word32 digestInfoSeqSz, digestStrSz, algoIdSz; -#ifdef WOLFSSL_SMALL_STACK - byte* digestInfo; -#else - byte digestInfo[MAX_PKCS7_DIGEST_SZ]; -#endif + WC_DECLARE_VAR(digestInfo, byte, MAX_PKCS7_DIGEST_SZ, 0); wc_HashAlg hash; enum wc_HashType hashType; @@ -4360,12 +4289,8 @@ static int wc_PKCS7_BuildSignedDataDigest(wc_PKCS7* pkcs7, byte* signedAttrib, return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - digestInfo = (byte*)XMALLOC(MAX_PKCS7_DIGEST_SZ, pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (digestInfo == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(digestInfo, byte, MAX_PKCS7_DIGEST_SZ, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); XMEMSET(pkcs7Digest, 0, *pkcs7DigestSz); XMEMSET(digest, 0, WC_MAX_DIGEST_SIZE); @@ -4379,9 +4304,7 @@ static int wc_PKCS7_BuildSignedDataDigest(wc_PKCS7* pkcs7, byte* signedAttrib, else { ret = wc_HashInit(&hash, hashType); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -4402,9 +4325,7 @@ static int wc_PKCS7_BuildSignedDataDigest(wc_PKCS7* pkcs7, byte* signedAttrib, wc_HashFree(&hash, hashType); if (ret < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } } @@ -4433,9 +4354,7 @@ static int wc_PKCS7_BuildSignedDataDigest(wc_PKCS7* pkcs7, byte* signedAttrib, *plainDigest = pkcs7Digest + digIdx - hashSz; *plainDigestSz = hashSz; -#ifdef WOLFSSL_SMALL_STACK - XFREE(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digestInfo, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -4461,11 +4380,7 @@ static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7, word32 contentIdx = 0; byte* content = NULL; byte* digestBuf = NULL; -#ifdef WOLFSSL_SMALL_STACK - byte* digest = NULL; -#else - byte digest[MAX_PKCS7_DIGEST_SZ]; -#endif + WC_DECLARE_VAR(digest, byte, MAX_PKCS7_DIGEST_SZ, 0); PKCS7DecodedAttrib* attrib; enum wc_HashType hashType; @@ -4510,12 +4425,8 @@ static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7, /* build content hash if needed, or use existing hash value */ if (hashBuf == NULL) { -#ifdef WOLFSSL_SMALL_STACK - digest = (byte*)XMALLOC(MAX_PKCS7_DIGEST_SZ, pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (digest == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(digest, byte, MAX_PKCS7_DIGEST_SZ, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ); content = pkcs7->content; @@ -4533,9 +4444,8 @@ static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7, if (GetLength_ex(content, &contentIdx, &contentLen, (word32)contentLen, 1) < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(digest, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return ASN_PARSE_E; } } @@ -4544,9 +4454,7 @@ static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7, MAX_PKCS7_DIGEST_SZ); if (ret < 0) { WOLFSSL_MSG("Error hashing PKCS7 content for verification"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -4554,9 +4462,7 @@ static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7, digestSz = wc_HashGetDigestSize(hashType); if (digestSz < 0) { WOLFSSL_MSG("Invalid hash type"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return digestSz; } } else { @@ -4570,16 +4476,12 @@ static int wc_PKCS7_VerifyContentMessageDigest(wc_PKCS7* pkcs7, if ((innerAttribSz != digestSz) || (XMEMCMP(attrib->value + idx, digestBuf, (size_t)digestSz) != 0)) { WOLFSSL_MSG("Content digest does not match messageDigest attrib value"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return SIG_VERIFY_E; } if (hashBuf == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); } return 0; @@ -4604,23 +4506,15 @@ static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, int ret = 0; word32 plainDigestSz = 0, pkcs7DigestSz; byte* plainDigest = NULL; /* offset into pkcs7Digest */ -#ifdef WOLFSSL_SMALL_STACK - byte* pkcs7Digest; -#else - byte pkcs7Digest[MAX_PKCS7_DIGEST_SZ]; -#endif + WC_DECLARE_VAR(pkcs7Digest, byte, MAX_PKCS7_DIGEST_SZ, 0); if (pkcs7 == NULL) return BAD_FUNC_ARG; /* allocate space to build hash */ pkcs7DigestSz = MAX_PKCS7_DIGEST_SZ; -#ifdef WOLFSSL_SMALL_STACK - pkcs7Digest = (byte*)XMALLOC(pkcs7DigestSz, pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (pkcs7Digest == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(pkcs7Digest, byte, pkcs7DigestSz, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); XMEMSET(pkcs7Digest, 0, pkcs7DigestSz); @@ -4628,9 +4522,8 @@ static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, if (signedAttrib != NULL) { ret = wc_PKCS7_VerifyContentMessageDigest(pkcs7, hashBuf, hashSz); if (ret != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return ret; } } @@ -4641,9 +4534,7 @@ static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, &pkcs7DigestSz, &plainDigest, &plainDigestSz, hashBuf, hashSz); if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -4670,9 +4561,8 @@ static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, pkcs7->signature = (byte*)XMALLOC(sigSz, pkcs7->heap, DYNAMIC_TYPE_SIGNATURE); if (pkcs7->signature == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } XMEMCPY(pkcs7->signature, sig, sigSz); @@ -4685,9 +4575,8 @@ static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, pkcs7->plainDigest = (byte*)XMALLOC(plainDigestSz, pkcs7->heap, DYNAMIC_TYPE_DIGEST); if (pkcs7->plainDigest == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } XMEMCPY(pkcs7->plainDigest, plainDigest, plainDigestSz); @@ -4700,17 +4589,15 @@ static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, pkcs7->pkcs7Digest = (byte*)XMALLOC(pkcs7DigestSz, pkcs7->heap, DYNAMIC_TYPE_DIGEST); if (pkcs7->pkcs7Digest == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } XMEMCPY(pkcs7->pkcs7Digest, pkcs7Digest, pkcs7DigestSz); pkcs7->pkcs7DigestSz = pkcs7DigestSz; - #ifdef WOLFSSL_SMALL_STACK - XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return PKCS7_SIGNEEDS_CHECK; } } @@ -4743,9 +4630,7 @@ static int wc_PKCS7_SignedDataVerifySignature(wc_PKCS7* pkcs7, byte* sig, ret = BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pkcs7Digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -7467,9 +7352,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip), pkcs7->heap, DYNAMIC_TYPE_PKCS7); if (recip == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } XMEMSET(recip, 0, sizeof(Pkcs7EncodedRecip)); @@ -7477,9 +7360,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, /* get key size for content-encryption key based on algorithm */ blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID); if (blockKeySz < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return blockKeySz; } @@ -7487,9 +7368,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, /* generate random content encryption key, if needed */ ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz); if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; } @@ -7511,18 +7390,15 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, #endif default: WOLFSSL_MSG("Unsupported key wrap algorithm"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return BAD_KEYWRAP_ALG_E; } kari = wc_PKCS7_KariNew(pkcs7, WC_PKCS7_ENCODE); if (kari == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return MEMORY_E; } @@ -7538,9 +7414,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, ret = wc_PKCS7_KariParseRecipCert(kari, cert, certSz, NULL, 0); if (ret != 0) { wc_PKCS7_KariFree(kari); -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; } @@ -7549,9 +7423,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, ret = wc_PKCS7_KariGenerateEphemeralKey(kari); if (ret != 0) { wc_PKCS7_KariFree(kari); -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; } @@ -7560,9 +7432,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, ret = wc_PKCS7_KariGenerateKEK(kari, pkcs7->rng, keyWrapOID, keyAgreeOID); if (ret != 0) { wc_PKCS7_KariFree(kari); -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; } @@ -7573,9 +7443,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, keyWrapOID, direction); if (keySz <= 0) { wc_PKCS7_KariFree(kari); -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return keySz; } @@ -7669,9 +7537,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, if (totalSz > MAX_RECIP_SZ) { WOLFSSL_MSG("KeyAgreeRecipientInfo output buffer too small"); wc_PKCS7_KariFree(kari); -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return BUFFER_E; } @@ -7728,9 +7594,7 @@ int wc_PKCS7_AddRecipient_KARI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, idx += encryptedKeySz; wc_PKCS7_KariFree(kari); -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); /* store recipient size */ recip->recipSz = idx; @@ -7817,11 +7681,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); if (encryptedKey == NULL) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } @@ -7846,11 +7708,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip), pkcs7->heap, DYNAMIC_TYPE_PKCS7); if (recip == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); return MEMORY_E; } @@ -7859,11 +7719,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, /* get key size for content-encryption key based on algorithm */ blockKeySz = wc_PKCS7_GetOIDKeySize(pkcs7->encryptOID); if (blockKeySz < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return blockKeySz; @@ -7872,11 +7730,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, /* generate random content encryption key, if needed */ ret = PKCS7_GenerateContentEncryptionKey(pkcs7, (word32)blockKeySz); if (ret < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; @@ -7886,11 +7742,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, ret = ParseCert(decoded, CA_TYPE, NO_VERIFY, 0); if (ret < 0) { FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; @@ -7913,11 +7767,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, if (decoded->issuerRaw == NULL || decoded->issuerRawLen == 0) { WOLFSSL_MSG("DecodedCert lacks raw issuer pointer and length"); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return -1; @@ -7928,11 +7781,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, if (decoded->serialSz == 0) { WOLFSSL_MSG("DecodedCert missing serial number"); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return -1; @@ -7942,11 +7794,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, if (snSz < 0) { WOLFSSL_MSG("Error setting the serial number"); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return -1; @@ -7962,11 +7813,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, issuerSKIDSz = SetLength((word32)keyIdSize, issuerSKID); } else { FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return PKCS7_RECIP_E; @@ -7977,11 +7826,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, /* KeyEncryptionAlgorithmIdentifier, only support RSA now */ if (pkcs7->publicKeyOID != RSAk) { FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ALGO_ID_E; @@ -7991,11 +7838,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, oidKeyType, 0); if (keyEncAlgSz == 0) { FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return BAD_FUNC_ARG; @@ -8019,12 +7864,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, ret = wc_InitRsaKey_ex(pubKey, pkcs7->heap, pkcs7->devId); if (ret != 0) { FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; @@ -8035,12 +7878,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, WOLFSSL_MSG("ASN RSA key decode error"); wc_FreeRsaKey(pubKey); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return PUBLIC_KEY_E; @@ -8050,12 +7891,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, if (ret != 0) { wc_FreeRsaKey(pubKey); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return MEMORY_E; @@ -8078,18 +7917,14 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, wc_FreeRsaKey(pubKey); wc_FreeRng(&rng); -#ifdef WOLFSSL_SMALL_STACK - XFREE(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pubKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); if (ret < 0) { WOLFSSL_MSG("RSA Public Encrypt failed"); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return ret; @@ -8108,11 +7943,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, if ((recipSeqSz + recipLen) > MAX_RECIP_SZ) { WOLFSSL_MSG("RecipientInfo output buffer too small"); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return BUFFER_E; @@ -8125,11 +7959,10 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, if ((recipSeqSz + recipLen) > MAX_RECIP_SZ) { WOLFSSL_MSG("RecipientInfo output buffer too small"); FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return BUFFER_E; @@ -8167,11 +8000,9 @@ int wc_PKCS7_AddRecipient_KTRI(wc_PKCS7* pkcs7, const byte* cert, word32 certSz, FreeDecodedCert(decoded); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(keyAlgArray, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(decoded, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); /* store recipient size */ @@ -8243,11 +8074,7 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, { int ret; #ifndef NO_AES -#ifdef WOLFSSL_SMALL_STACK - Aes* aes; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); #endif #ifndef NO_DES3 Des des; @@ -8309,9 +8136,7 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); break; #endif /* HAVE_AES_CBC */ #ifdef HAVE_AESGCM @@ -8372,9 +8197,7 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); break; #endif #endif /* HAVE_AESGCM */ @@ -8417,9 +8240,7 @@ static int wc_PKCS7_EncryptContent(wc_PKCS7* pkcs7, int encryptOID, byte* key, } wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); break; #endif #endif /* HAVE_AESCCM */ @@ -9589,11 +9410,7 @@ int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, byte otherAttSeq[MAX_SEQ_SZ]; byte encAlgoId[MAX_ALGO_SZ]; byte encKeyOctetStr[MAX_OCTET_STR_SZ]; -#ifdef WOLFSSL_SMALL_STACK - byte* encryptedKey; -#else - byte encryptedKey[MAX_ENCRYPTED_KEY_SZ]; -#endif + WC_DECLARE_VAR(encryptedKey, byte, MAX_ENCRYPTED_KEY_SZ, 0); int blockKeySz = 0, ret = 0, direction; word32 idx = 0; @@ -9653,17 +9470,13 @@ int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, encryptedKeySz = wc_PKCS7_KeyWrap(pkcs7, pkcs7->cek, pkcs7->cekSz, kek, kekSz, encryptedKey, (word32)encryptedKeySz, keyWrapOID, direction); if (encryptedKeySz < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return encryptedKeySz; } /* handle a zero size encKey case as WC_KEY_SIZE_E */ if (encryptedKeySz == 0 || encryptedKeySz > MAX_ENCRYPTED_KEY_SZ) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return WC_KEY_SIZE_E; } @@ -9686,9 +9499,7 @@ int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, timeSz = GetAsnTimeString(tm, genTime, sizeof(genTime)); if (timeSz < 0) { XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return timeSz; } totalSz += (word32)timeSz; @@ -9718,9 +9529,7 @@ int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, if (totalSz > MAX_RECIP_SZ) { WOLFSSL_MSG("CMS Recipient output buffer too small"); XFREE(recip, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); return BUFFER_E; } @@ -9753,9 +9562,7 @@ int wc_PKCS7_AddRecipient_KEKRI(wc_PKCS7* pkcs7, int keyWrapOID, byte* kek, XMEMCPY(recip->recip + idx, encryptedKey, (word32)encryptedKeySz); idx += (word32)encryptedKeySz; -#ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); -#endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); /* store recipient size */ recip->recipSz = idx; @@ -10365,25 +10172,19 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, *recipFound = 1; } - #ifdef WOLFSSL_SMALL_STACK - serialNum = (mp_int*)XMALLOC(sizeof(mp_int), pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (serialNum == NULL) - return MEMORY_E; - #endif + WC_ALLOC_VAR_EX(serialNum, mp_int, 1, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); if (GetInt(serialNum, pkiMsg, idx, pkiMsgSz) < 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(serialNum, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(serialNum, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return ASN_PARSE_E; } mp_clear(serialNum); - #ifdef WOLFSSL_SMALL_STACK - XFREE(serialNum, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(serialNum, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); } else { /* parse SubjectKeyIdentifier @@ -10509,9 +10310,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, ret = wc_InitRsaKey_ex(privKey, pkcs7->heap, pkcs7->devId); if (ret != 0) { XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); - #ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -10527,9 +10327,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, WOLFSSL_MSG("Failed to decode RSA private key"); wc_FreeRsaKey(privKey); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); - #ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -10567,10 +10366,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, wc_FreeRsaKey(privKey); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); - #ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, - DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); WOLFSSL_ERROR_VERBOSE(MEMORY_E); return MEMORY_E; } @@ -10596,9 +10393,8 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, if (keySz <= 0 || outKey == NULL) { ForceZero(encryptedKey, (word32)encryptedKeySz); XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); - #ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, + DYNAMIC_TYPE_TMP_BUFFER); #ifndef WC_NO_RSA_OAEP if (encOID == RSAESOAEPk) { if (!outKey) { @@ -10614,9 +10410,7 @@ static int wc_PKCS7_DecryptKtri(wc_PKCS7* pkcs7, byte* in, word32 inSz, } XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_WOLF_BIGINT); - #ifdef WOLFSSL_SMALL_STACK - XFREE(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(privKey, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); #ifndef WC_NO_RSA_OAEP if (encOID == RSAESOAEPk) { if (!outKey) { @@ -10952,10 +10746,8 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari, #endif if (GetInt(serial, pkiMsg, idx, pkiMsgSz) < 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); return ASN_PARSE_E; } @@ -10966,10 +10758,8 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari, if (ret != MP_OKAY) { mp_clear(serial); WOLFSSL_MSG("Failed to parse CMS recipient serial number"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -10978,20 +10768,16 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari, mp_clear(serial); mp_clear(recipSerial); WOLFSSL_MSG("CMS serial number does not match recipient"); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); return PKCS7_RECIP_E; } mp_clear(serial); mp_clear(recipSerial); -#ifdef WOLFSSL_SMALL_STACK - XFREE(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(serial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(recipSerial, kari->heap, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -11616,11 +11402,7 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, word32 keyAgreeOID, keyWrapOID; byte rid[KEYID_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - byte* encryptedKey; -#else - byte encryptedKey[MAX_ENCRYPTED_KEY_SZ]; -#endif + WC_DECLARE_VAR(encryptedKey, byte, MAX_ENCRYPTED_KEY_SZ, 0); byte* pkiMsg = in; word32 pkiMsgSz = inSz; @@ -11658,14 +11440,9 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, if (kari == NULL) return MEMORY_E; - #ifdef WOLFSSL_SMALL_STACK - encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, pkcs7->heap, - DYNAMIC_TYPE_PKCS7); - if (encryptedKey == NULL) { - wc_PKCS7_KariFree(kari); - return MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(encryptedKey, byte, MAX_ENCRYPTED_KEY_SZ, + pkcs7->heap, DYNAMIC_TYPE_PKCS7, + {wc_PKCS7_KariFree(kari);return MEMORY_E;}); encryptedKeySz = MAX_ENCRYPTED_KEY_SZ; /* parse cert and key */ @@ -11675,9 +11452,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, if (ret != 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return ret; } @@ -11686,9 +11462,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, pkiMsgSz, idx); if (ret != 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return ret; } @@ -11697,9 +11472,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, idx); if (ret != 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return ret; } @@ -11708,9 +11482,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, pkiMsgSz, idx, &keyAgreeOID, &keyWrapOID); if (ret != 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return ret; } @@ -11744,9 +11517,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, } wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return BAD_KEYWRAP_ALG_E; } @@ -11755,9 +11527,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, idx, recipFound, encryptedKey, &encryptedKeySz, rid); if (ret != 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return ret; } @@ -11771,9 +11542,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, PRIVATE_KEY_LOCK(); if (ret != WC_NO_ERR_TRACE(LENGTH_ONLY_E)) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return ret; } @@ -11789,9 +11559,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, DYNAMIC_TYPE_TMP_BUFFER); if (tmpKeyDer == NULL) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return MEMORY_E; } @@ -11799,9 +11568,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, tmpKeySz, 1); if (ret < 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -11827,9 +11595,8 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, (int)keyWrapOID, pkcs7->keyAgreeOID); if (ret != 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return ret; } @@ -11841,17 +11608,15 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, } if (keySz <= 0) { wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); return keySz; } *decryptedKeySz = (word32)keySz; wc_PKCS7_KariFree(kari); - #ifdef WOLFSSL_SMALL_STACK - XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7); - #endif + WC_FREE_VAR_EX(encryptedKey, pkcs7->heap, + DYNAMIC_TYPE_PKCS7); #ifndef NO_PKCS7_STREAM if ((ret = wc_PKCS7_StreamEndCase(pkcs7, &tmpIdx, idx)) != 0) { break; diff --git a/wolfcrypt/src/port/iotsafe/iotsafe.c b/wolfcrypt/src/port/iotsafe/iotsafe.c index 3fb5410285b..c0666f06b8e 100644 --- a/wolfcrypt/src/port/iotsafe/iotsafe.c +++ b/wolfcrypt/src/port/iotsafe/iotsafe.c @@ -1144,9 +1144,7 @@ static int wolfIoT_ecc_sign(WOLFSSL* ssl, if (ret == 0) ret = wc_ecc_sign_hash(in, inSz, out, outSz, rng, myKey); wc_ecc_free(myKey); -#ifdef WOLFSSL_SMALL_STACK - XFREE(myKey, NULL, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(myKey, NULL, DYNAMIC_TYPE_ECC); (void)ctx; return ret; @@ -1203,10 +1201,8 @@ static int wolfIoT_ecc_verify(WOLFSSL *ssl, #endif ret = wc_ecc_init(key); if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(key, NULL, DYNAMIC_TYPE_ECC); - XFREE(sig_raw, NULL, DYNAMIC_TYPE_SIGNATURE); - #endif + WC_FREE_VAR_EX(key, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(sig_raw, NULL, DYNAMIC_TYPE_SIGNATURE); return ret; } @@ -1246,10 +1242,8 @@ static int wolfIoT_ecc_verify(WOLFSSL *ssl, } } wc_ecc_free(key); -#ifdef WOLFSSL_SMALL_STACK - XFREE(key, NULL, DYNAMIC_TYPE_ECC); - XFREE(sig_raw, NULL, DYNAMIC_TYPE_SIGNATURE); -#endif + WC_FREE_VAR_EX(key, NULL, DYNAMIC_TYPE_ECC); + WC_FREE_VAR_EX(sig_raw, NULL, DYNAMIC_TYPE_SIGNATURE); (void)ctx; return ret; } @@ -1282,16 +1276,11 @@ static int wolfIoT_ecc_shared_secret(WOLFSSL* ssl, struct ecc_key* otherKey, side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id); #endif -#ifdef WOLFSSL_SMALL_STACK - tmpKey = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC); - if (tmpKey == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(tmpKey, ecc_key, 1, NULL, DYNAMIC_TYPE_ECC, + return MEMORY_E); ret = wc_ecc_init(tmpKey); if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(tmpKey, NULL, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(tmpKey, NULL, DYNAMIC_TYPE_ECC); return ret; } @@ -1405,9 +1394,7 @@ static int wolfIoT_ecc_shared_secret(WOLFSSL* ssl, struct ecc_key* otherKey, } } wc_ecc_free(tmpKey); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpKey, NULL, DYNAMIC_TYPE_ECC); -#endif + WC_FREE_VAR_EX(tmpKey, NULL, DYNAMIC_TYPE_ECC); (void)ctx; return ret; } diff --git a/wolfcrypt/src/port/ti/ti-aes.c b/wolfcrypt/src/port/ti/ti-aes.c index 577e5b968f7..c895dad2f30 100644 --- a/wolfcrypt/src/port/ti/ti-aes.c +++ b/wolfcrypt/src/port/ti/ti-aes.c @@ -780,11 +780,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, const byte* authIn, word32 authInSz, byte* authTag, word32 authTagSz, WC_RNG* rng) { -#ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); int ret; if (key == NULL || iv == NULL || (authIn == NULL && authInSz != 0) || @@ -810,9 +806,7 @@ int wc_Gmac(const byte* key, word32 keySz, byte* iv, word32 ivSz, wc_AesFree(aes); } ForceZero(aes, sizeof *aes); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); return ret; } @@ -824,11 +818,7 @@ int wc_GmacVerify(const byte* key, word32 keySz, { int ret; #ifdef HAVE_AES_DECRYPT -#ifdef WOLFSSL_SMALL_STACK - Aes *aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); if (key == NULL || iv == NULL || (authIn == NULL && authInSz != 0) || authTag == NULL || authTagSz == 0 || authTagSz > WC_AES_BLOCK_SIZE) { @@ -851,9 +841,7 @@ int wc_GmacVerify(const byte* key, word32 keySz, wc_AesFree(aes); } ForceZero(aes, sizeof *aes); -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); #else (void)key; (void)keySz; diff --git a/wolfcrypt/src/port/ti/ti-hash.c b/wolfcrypt/src/port/ti/ti-hash.c index 11623c44c71..d26fbb5360f 100644 --- a/wolfcrypt/src/port/ti/ti-hash.c +++ b/wolfcrypt/src/port/ti/ti-hash.c @@ -138,17 +138,10 @@ static int hashFinal(wolfssl_TI_Hash *hash, byte* result, word32 algo, word32 hs static int hashHash(const byte* data, word32 len, byte* hash, word32 algo, word32 hsize) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - wolfssl_TI_Hash* hash_desc; -#else - wolfssl_TI_Hash hash_desc[1]; -#endif + WC_DECLARE_VAR(hash_desc, wolfssl_TI_Hash, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - hash_desc = (wolfssl_TI_Hash*)XMALLOC(sizeof(wolfssl_TI_Hash), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (hash_desc == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(hash_desc, wolfssl_TI_Hash, 1, NULL, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); if ((ret = hashInit(hash_desc)) != 0) { WOLFSSL_MSG("Hash Init failed"); @@ -158,9 +151,7 @@ static int hashHash(const byte* data, word32 len, byte* hash, word32 algo, word3 hashFinal(hash_desc, hash, algo, hsize); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash_desc, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(hash_desc, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/pwdbased.c b/wolfcrypt/src/pwdbased.c index 9a255874c26..d0179249cd3 100644 --- a/wolfcrypt/src/pwdbased.c +++ b/wolfcrypt/src/pwdbased.c @@ -67,11 +67,7 @@ int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen, int keyOutput = 0; int digestLen; byte digest[WC_MAX_DIGEST_SIZE]; -#ifdef WOLFSSL_SMALL_STACK - wc_HashAlg* hash = NULL; -#else - wc_HashAlg hash[1]; -#endif + WC_DECLARE_VAR(hash, wc_HashAlg, 1, 0); enum wc_HashType hashT; (void)heap; @@ -90,18 +86,12 @@ int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen, digestLen = err; /* initialize hash */ -#ifdef WOLFSSL_SMALL_STACK - hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), heap, - DYNAMIC_TYPE_HASHCTX); - if (hash == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(hash, wc_HashAlg, 1, heap, DYNAMIC_TYPE_HASHCTX, + return MEMORY_E); err = wc_HashInit_ex(hash, hashT, heap, INVALID_DEVID); if (err != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(hash, heap, DYNAMIC_TYPE_HASHCTX); - #endif + WC_FREE_VAR_EX(hash, heap, DYNAMIC_TYPE_HASHCTX); return err; } @@ -160,9 +150,7 @@ int wc_PBKDF1_ex(byte* key, int keyLen, byte* iv, int ivLen, wc_HashFree(hash, hashT); -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, heap, DYNAMIC_TYPE_HASHCTX); -#endif + WC_FREE_VAR_EX(hash, heap, DYNAMIC_TYPE_HASHCTX); if (err != 0) return err; @@ -306,10 +294,8 @@ int wc_PBKDF2_ex(byte* output, const byte* passwd, int pLen, const byte* salt, wc_HmacFree(hmac); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(hmac, heap, DYNAMIC_TYPE_HMAC); -#endif + WC_FREE_VAR_EX(buffer, heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(hmac, heap, DYNAMIC_TYPE_HMAC); return ret; } @@ -331,11 +317,7 @@ static int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen, { int i; int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - wc_HashAlg* hash = NULL; -#else - wc_HashAlg hash[1]; -#endif + WC_DECLARE_VAR(hash, wc_HashAlg, 1, 0); enum wc_HashType hashT; if (buffer == NULL || Ai == NULL) { @@ -345,18 +327,12 @@ static int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen, hashT = wc_HashTypeConvert(hashType); /* initialize hash */ -#ifdef WOLFSSL_SMALL_STACK - hash = (wc_HashAlg*)XMALLOC(sizeof(wc_HashAlg), NULL, - DYNAMIC_TYPE_HASHCTX); - if (hash == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(hash, wc_HashAlg, 1, NULL, DYNAMIC_TYPE_HASHCTX, + return MEMORY_E); ret = wc_HashInit(hash, hashT); if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHCTX); - #endif + WC_FREE_VAR_EX(hash, NULL, DYNAMIC_TYPE_HASHCTX); return ret; } @@ -374,9 +350,7 @@ static int DoPKCS12Hash(int hashType, byte* buffer, word32 totalLen, wc_HashFree(hash, hashT); -#ifdef WOLFSSL_SMALL_STACK - XFREE(hash, NULL, DYNAMIC_TYPE_HASHCTX); -#endif + WC_FREE_VAR_EX(hash, NULL, DYNAMIC_TYPE_HASHCTX); return ret; } @@ -476,10 +450,8 @@ int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen, if (totalLen > sizeof(staticBuffer)) { buffer = (byte*)XMALLOC(totalLen, heap, DYNAMIC_TYPE_KEY); if (buffer == NULL) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(Ai, heap, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(B, heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(Ai, heap, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(B, heap, DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; } dynamic = 1; diff --git a/wolfcrypt/src/random.c b/wolfcrypt/src/random.c index b2cdf26df09..77e4168e88a 100644 --- a/wolfcrypt/src/random.c +++ b/wolfcrypt/src/random.c @@ -455,22 +455,14 @@ static int Hash_df(DRBG_internal* drbg, byte* out, word32 outSz, byte type, static int Hash_DRBG_Reseed(DRBG_internal* drbg, const byte* seed, word32 seedSz) { int ret; -#ifdef WOLFSSL_SMALL_STACK - byte* newV; -#else - byte newV[DRBG_SEED_LEN]; -#endif + WC_DECLARE_VAR(newV, byte, DRBG_SEED_LEN, 0); if (drbg == NULL) { return DRBG_FAILURE; } -#ifdef WOLFSSL_SMALL_STACK - newV = (byte*)XMALLOC(DRBG_SEED_LEN, drbg->heap, DYNAMIC_TYPE_TMP_BUFFER); - if (newV == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(newV, byte, DRBG_SEED_LEN, drbg->heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); XMEMSET(newV, 0, DRBG_SEED_LEN); ret = Hash_df(drbg, newV, DRBG_SEED_LEN, drbgReseed, @@ -486,9 +478,7 @@ static int Hash_DRBG_Reseed(DRBG_internal* drbg, const byte* seed, word32 seedSz drbg->reseedCtr = 1; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(newV, drbg->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(newV, drbg->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -602,10 +592,8 @@ static int Hash_gen(DRBG_internal* drbg, byte* out, word32 outSz, const byte* V) } ForceZero(data, DRBG_SEED_LEN); -#ifdef WOLFSSL_SMALL_STACK - XFREE(digest, drbg->heap, DYNAMIC_TYPE_DIGEST); - XFREE(data, drbg->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(digest, drbg->heap, DYNAMIC_TYPE_DIGEST); + WC_FREE_VAR_EX(data, drbg->heap, DYNAMIC_TYPE_TMP_BUFFER); return (ret == 0) ? DRBG_SUCCESS : DRBG_FAILURE; } @@ -1494,20 +1482,13 @@ static wolfSSL_Mutex entropy_mutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(entropy_mute int wc_Entropy_Get(int bits, unsigned char* entropy, word32 len) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - byte *noise = NULL; -#else - byte noise[MAX_NOISE_CNT]; -#endif + WC_DECLARE_VAR(noise, byte, MAX_NOISE_CNT, 0); /* Noise length is the number of 8 byte samples required to get the bits of * entropy requested. */ int noise_len = (bits + ENTROPY_EXTRA) / ENTROPY_MIN; -#ifdef WOLFSSL_SMALL_STACK - noise = (byte *)XMALLOC(MAX_NOISE_CNT, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (noise == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(noise, byte, MAX_NOISE_CNT, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); /* Lock the mutex as collection uses globals. */ if ((ret == 0) && (wc_LockMutex(&entropy_mutex) != 0)) { @@ -1568,9 +1549,7 @@ int wc_Entropy_Get(int bits, unsigned char* entropy, word32 len) wc_UnLockMutex(&entropy_mutex); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(noise, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(noise, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1841,9 +1820,7 @@ static int _InitRng(WC_RNG* rng, byte* nonce, word32 nonceSz, } /* ret == 0 */ ForceZero(seed, seedSz); - #ifdef WOLFSSL_SMALL_STACK - XFREE(seed, rng->heap, DYNAMIC_TYPE_SEED); - #endif + WC_FREE_VAR_EX(seed, rng->heap, DYNAMIC_TYPE_SEED); } /* else swc_RNG_HealthTestLocal was successful */ if (ret == DRBG_SUCCESS) { @@ -2231,9 +2208,7 @@ int wc_RNG_HealthTest_ex(int reseed, const byte* nonce, word32 nonceSz, ret = -1; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(drbg, heap, DYNAMIC_TYPE_RNG); -#endif + WC_FREE_VAR_EX(drbg, heap, DYNAMIC_TYPE_RNG); return ret; } @@ -2292,19 +2267,10 @@ const FLASH_QUALIFIER byte outputB_data[] = { static int wc_RNG_HealthTestLocal(int reseed, void* heap, int devId) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - byte* check; -#else - byte check[RNG_HEALTH_TEST_CHECK_SIZE]; -#endif + WC_DECLARE_VAR(check, byte, RNG_HEALTH_TEST_CHECK_SIZE, 0); -#ifdef WOLFSSL_SMALL_STACK - check = (byte*)XMALLOC(RNG_HEALTH_TEST_CHECK_SIZE, heap, - DYNAMIC_TYPE_TMP_BUFFER); - if (check == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(check, byte, RNG_HEALTH_TEST_CHECK_SIZE, heap, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); if (reseed) { #ifdef WOLFSSL_USE_FLASHMEM @@ -2418,9 +2384,7 @@ static int wc_RNG_HealthTestLocal(int reseed, void* heap, int devId) #endif } -#ifdef WOLFSSL_SMALL_STACK - XFREE(check, heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(check, heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index ab33a6c10ee..a30c6826b24 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -703,11 +703,7 @@ static int _ifc_pairwise_consistency_test(RsaKey* key, WC_RNG* rng) int wc_CheckRsaKey(RsaKey* key) { -#ifdef WOLFSSL_SMALL_STACK - WC_RNG *rng = NULL; -#else - WC_RNG rng[1]; -#endif + WC_DECLARE_VAR(rng, WC_RNG, 1, 0); int ret = 0; DECL_MP_INT_SIZE_DYN(tmp, (key)? mp_bitsused(&key->n) : 0, RSA_MAX_SIZE); @@ -722,12 +718,8 @@ int wc_CheckRsaKey(RsaKey* key) } #endif -#ifdef WOLFSSL_SMALL_STACK - rng = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); - if (rng == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(rng, WC_RNG, 1, NULL, DYNAMIC_TYPE_RNG, + return MEMORY_E); NEW_MP_INT_SIZE(tmp, mp_bitsused(&key->n), NULL, DYNAMIC_TYPE_RSA); #ifdef MP_INT_SIZE_CHECK_NULL if (tmp == NULL) { @@ -1126,10 +1118,8 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock, if ((ret = wc_Hash(hType, optLabel, labelLen, lHash, hLen)) != 0) { WOLFSSL_MSG("OAEP hash type possibly not supported or lHash to small"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); - #endif + WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); + WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); return ret; } @@ -1143,19 +1133,15 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock, */ if ((2 * hLen + 2) > pkcsBlockLen) { WOLFSSL_MSG("OAEP pad error hash to big for RSA key size"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); - #endif + WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); + WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); return BAD_FUNC_ARG; } if (inputLen > (pkcsBlockLen - 2 * hLen - 2)) { WOLFSSL_MSG("OAEP pad error message too long"); - #ifdef WOLFSSL_SMALL_STACK - XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); - #endif + WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); + WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); return BAD_FUNC_ARG; } @@ -1163,10 +1149,8 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock, idx = pkcsBlockLen - 1 - inputLen; psLen = (int)pkcsBlockLen - (int)inputLen - 2 * (int)hLen - 2; if (pkcsBlockLen < inputLen) { /*make sure not writing over end of buffer */ - #ifdef WOLFSSL_SMALL_STACK - XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); - #endif + WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); + WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); return BUFFER_E; } XMEMCPY(pkcsBlock + (pkcsBlockLen - inputLen), input, inputLen); @@ -1179,10 +1163,8 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock, /* generate random seed */ if ((ret = wc_RNG_GenerateBlock(rng, seed, hLen)) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); - #endif + WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); + WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); return ret; } @@ -1203,29 +1185,23 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock, XMEMSET(dbMask, 0, pkcsBlockLen - hLen - 1); /* help static analyzer */ ret = RsaMGF(mgf, seed, hLen, dbMask, pkcsBlockLen - hLen - 1, heap); if (ret != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(dbMask, heap, DYNAMIC_TYPE_RSA); - XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); - #endif + WC_FREE_VAR_EX(dbMask, heap, DYNAMIC_TYPE_RSA); + WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); + WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); return ret; } xorbuf(pkcsBlock + hLen + 1, dbMask,pkcsBlockLen - hLen - 1); -#ifdef WOLFSSL_SMALL_STACK - XFREE(dbMask, heap, DYNAMIC_TYPE_RSA); -#endif + WC_FREE_VAR_EX(dbMask, heap, DYNAMIC_TYPE_RSA); /* create maskedSeed from seedMask */ pkcsBlock[0] = 0x00; /* create seedMask inline */ if ((ret = RsaMGF(mgf, pkcsBlock + hLen + 1, pkcsBlockLen - hLen - 1, pkcsBlock + 1, hLen, heap)) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); - XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); - #endif + WC_FREE_VAR_EX(lHash, heap, DYNAMIC_TYPE_RSA_BUFFER); + WC_FREE_VAR_EX(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); return ret; } @@ -1599,9 +1575,7 @@ static int RsaUnPad_OAEP(byte *pkcsBlock, unsigned int pkcsBlockLen, /* find seedMask value */ if ((ret = RsaMGF(mgf, (byte*)(pkcsBlock + (hLen + 1)), pkcsBlockLen - hLen - 1, tmp, hLen, heap)) != 0) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER); -#endif + WC_FREE_VAR_EX(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER); return ret; } @@ -5311,9 +5285,7 @@ static int CalcDX(mp_int* y, mp_int* x, mp_int* d) mp_forcezero(m); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(m, NULL, DYNAMIC_TYPE_WOLF_BIGINT); -#endif + WC_FREE_VAR_EX(m, NULL, DYNAMIC_TYPE_WOLF_BIGINT); return err; } diff --git a/wolfcrypt/src/sha.c b/wolfcrypt/src/sha.c index 618a6deb2a8..4591b29efb8 100644 --- a/wolfcrypt/src/sha.c +++ b/wolfcrypt/src/sha.c @@ -1097,32 +1097,21 @@ void wc_ShaFree(wc_Sha* sha) int wc_ShaGetHash(wc_Sha* sha, byte* hash) { int ret; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha* tmpSha; -#else - wc_Sha tmpSha[1]; -#endif + WC_DECLARE_VAR(tmpSha, wc_Sha, 1, 0); if (sha == NULL || hash == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - tmpSha = (wc_Sha*)XMALLOC(sizeof(wc_Sha), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (tmpSha == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(tmpSha, wc_Sha, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_ShaCopy(sha, tmpSha); if (ret == 0) { ret = wc_ShaFinal(tmpSha, hash); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpSha, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpSha, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/sha256.c b/wolfcrypt/src/sha256.c index 07a5e29c2c6..46b599b5b86 100644 --- a/wolfcrypt/src/sha256.c +++ b/wolfcrypt/src/sha256.c @@ -2422,23 +2422,14 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz) int wc_Sha224GetHash(wc_Sha224* sha224, byte* hash) { int ret; - #ifdef WOLFSSL_SMALL_STACK - wc_Sha224* tmpSha224; - #else - wc_Sha224 tmpSha224[1]; - #endif + WC_DECLARE_VAR(tmpSha224, wc_Sha224, 1, 0); if (sha224 == NULL || hash == NULL) { return BAD_FUNC_ARG; } - #ifdef WOLFSSL_SMALL_STACK - tmpSha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (tmpSha224 == NULL) { - return MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(tmpSha224, wc_Sha224, 1, NULL, + DYNAMIC_TYPE_TMP_BUFFER, return MEMORY_E); ret = wc_Sha224Copy(sha224, tmpSha224); if (ret == 0) { @@ -2446,9 +2437,7 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz) wc_Sha224Free(tmpSha224); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(tmpSha224, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(tmpSha224, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -2558,23 +2547,14 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz) int wc_Sha256GetHash(wc_Sha256* sha256, byte* hash) { int ret; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha256* tmpSha256; -#else - wc_Sha256 tmpSha256[1]; -#endif + WC_DECLARE_VAR(tmpSha256, wc_Sha256, 1, 0); if (sha256 == NULL || hash == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - tmpSha256 = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (tmpSha256 == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(tmpSha256, wc_Sha256, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_Sha256Copy(sha256, tmpSha256); if (ret == 0) { @@ -2583,9 +2563,7 @@ int wc_Sha256GetHash(wc_Sha256* sha256, byte* hash) } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpSha256, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpSha256, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/sha512.c b/wolfcrypt/src/sha512.c index 84d8625fc96..28e3336678e 100644 --- a/wolfcrypt/src/sha512.c +++ b/wolfcrypt/src/sha512.c @@ -1533,11 +1533,8 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data) { int ret; /* back up buffer */ -#ifdef WOLFSSL_SMALL_STACK - word64 *buffer; -#else - word64 buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64)]; -#endif + WC_DECLARE_VAR(buffer, word64, WC_SHA512_BLOCK_SIZE / sizeof(word64), + 0); /* sanity check */ if (sha == NULL || data == NULL) { @@ -1986,23 +1983,14 @@ static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash, int (*finalfp)(wc_Sha512*, byte*)) { int ret; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha512* tmpSha512; -#else - wc_Sha512 tmpSha512[1]; -#endif + WC_DECLARE_VAR(tmpSha512, wc_Sha512, 1, 0); if (sha512 == NULL || hash == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - tmpSha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (tmpSha512 == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(tmpSha512, wc_Sha512, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); /* copy this sha512 into tmpSha */ ret = wc_Sha512Copy(sha512, tmpSha512); @@ -2011,9 +1999,7 @@ static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash, wc_Sha512Free(tmpSha512); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpSha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpSha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -2404,23 +2390,14 @@ int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data) int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash) { int ret; -#ifdef WOLFSSL_SMALL_STACK - wc_Sha384* tmpSha384; -#else - wc_Sha384 tmpSha384[1]; -#endif + WC_DECLARE_VAR(tmpSha384, wc_Sha384, 1, 0); if (sha384 == NULL || hash == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - tmpSha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (tmpSha384 == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(tmpSha384, wc_Sha384, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); /* copy this sha384 into tmpSha */ ret = wc_Sha384Copy(sha384, tmpSha384); @@ -2429,9 +2406,7 @@ int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash) wc_Sha384Free(tmpSha384); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmpSha384, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(tmpSha384, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/srp.c b/wolfcrypt/src/srp.c index 5ea5a250737..ab81a396110 100644 --- a/wolfcrypt/src/srp.c +++ b/wolfcrypt/src/srp.c @@ -473,11 +473,7 @@ int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size) int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size) { -#ifdef WOLFSSL_SMALL_STACK - mp_int *v = NULL; -#else - mp_int v[1]; -#endif + WC_DECLARE_VAR(v, mp_int, 1, 0); int r; if (!srp || !verifier || !size || srp->side != SRP_CLIENT_SIDE) @@ -501,9 +497,7 @@ int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size) if (!r) *size = (word32)mp_unsigned_bin_size(v); mp_clear(v); -#ifdef WOLFSSL_SMALL_STACK - XFREE(v, srp->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(v, srp->heap, DYNAMIC_TYPE_TMP_BUFFER); return r; } @@ -518,11 +512,7 @@ int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size) int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size) { -#ifdef WOLFSSL_SMALL_STACK - mp_int *p = NULL; -#else - mp_int p[1]; -#endif + WC_DECLARE_VAR(p, mp_int, 1, 0); int r; if (!srp || !priv || !size) @@ -544,9 +534,7 @@ int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size) if (!r) r = mp_iszero(&srp->priv) == MP_YES ? SRP_BAD_KEY_E : 0; mp_clear(p); -#ifdef WOLFSSL_SMALL_STACK - XFREE(p, srp->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(p, srp->heap, DYNAMIC_TYPE_TMP_BUFFER); return r; } @@ -566,11 +554,7 @@ static int wc_SrpGenPrivate(Srp* srp, byte* priv, word32 size) int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size) { -#ifdef WOLFSSL_SMALL_STACK - mp_int *pubkey = NULL; -#else - mp_int pubkey[1]; -#endif + WC_DECLARE_VAR(pubkey, mp_int, 1, 0); word32 modulusSz; int r; int hashSize; @@ -649,9 +633,7 @@ int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size) if (!r) *size = (word32)mp_unsigned_bin_size(pubkey); mp_clear(pubkey); -#ifdef WOLFSSL_SMALL_STACK - XFREE(pubkey, srp->heap, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pubkey, srp->heap, DYNAMIC_TYPE_TMP_BUFFER); return r; } diff --git a/wolfcrypt/src/tfm.c b/wolfcrypt/src/tfm.c index b6de6e06ec3..a4f52267257 100644 --- a/wolfcrypt/src/tfm.c +++ b/wolfcrypt/src/tfm.c @@ -576,21 +576,14 @@ WC_INLINE static int fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C) { int ix, iy, iz, pa; fp_int *dst; -#ifndef WOLFSSL_SMALL_STACK - fp_int tmp[1]; -#else - fp_int *tmp; -#endif + WC_DECLARE_VAR(tmp, fp_int, 1, 0); fp_digit carry; /* Variables used but not seen by cppcheck. */ (void)ix; (void)iy; (void)iz; -#ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (tmp == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); /* get size of output and trim */ pa = A->used + B->used; @@ -612,9 +605,7 @@ WC_INLINE static int fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C) fp_clamp(dst); fp_copy(dst, C); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -627,21 +618,14 @@ int fp_mul_comba(fp_int *A, fp_int *B, fp_int *C) int ix, iy, iz, tx, ty, pa; fp_digit c0, c1, c2, *tmpx, *tmpy; fp_int *dst; -#ifndef WOLFSSL_SMALL_STACK - fp_int tmp[1]; -#else - fp_int *tmp; -#endif + WC_DECLARE_VAR(tmp, fp_int, 1, 0); if (A->used + B->used >= FP_SIZE) return FP_VAL; IF_HAVE_INTEL_MULX(ret = fp_mul_comba_mulx(A, B, C), return ret) ; -#ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (tmp == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); COMBA_START; COMBA_CLEAR; @@ -696,9 +680,7 @@ int fp_mul_comba(fp_int *A, fp_int *B, fp_int *C) /* Variables used but not seen by cppcheck. */ (void)c0; (void)c1; (void)c2; -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); return ret; } @@ -768,16 +750,12 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) norm = (DIGIT_BIT-1) - norm; ret = fp_mul_2d (x, norm, x); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } ret = fp_mul_2d (y, norm, y); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } } else { @@ -791,9 +769,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) /* while (x >= y*b**n-t) do { q[n-t] += 1; x -= y*b**{n-t} } */ ret = fp_lshd (y, n - t); /* y = y*b**{n-t} */ if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } @@ -801,9 +777,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) ++(q->dp[n - t]); ret = fp_sub (x, y, x); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } } @@ -850,9 +824,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) t1->used = 2; ret = fp_mul_d (t1, q->dp[i - t - 1], t1); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } @@ -866,23 +838,17 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) /* step 3.3 x = x - q{i-t-1} * y * b**{i-t-1} */ ret = fp_mul_d (y, q->dp[i - t - 1], t1); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } ret = fp_lshd (t1, i - t - 1); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } ret = fp_sub (x, t1, x); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } @@ -891,16 +857,12 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) fp_copy (y, t1); ret = fp_lshd (t1, i - t - 1); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } ret = fp_add (x, t1, x); if (ret != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return ret; } q->dp[i - t - 1] = q->dp[i - t - 1] - 1; @@ -931,9 +893,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) fp_copy (x, d); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -1047,18 +1007,10 @@ void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d) /* c = a mod b, 0 <= c < b */ int fp_mod(fp_int *a, fp_int *b, fp_int *c) { -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); int err; -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(t); err = fp_div(a, b, NULL, t); @@ -1070,9 +1022,7 @@ int fp_mod(fp_int *a, fp_int *b, fp_int *c) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -1166,26 +1116,20 @@ static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c) /* x = a, y = b */ if ((err = fp_mod(a, b, x)) != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } fp_copy(b, y); if (fp_iszero(x) == FP_YES) { /* invmod doesn't exist for this a and b */ - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_VAL; } /* 2. [modified] if x,y are both even then return an error! */ if (fp_iseven(x) == FP_YES && fp_iseven(y) == FP_YES) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_VAL; } @@ -1206,16 +1150,12 @@ static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c) /* A = (A+y)/2, B = (B-x)/2 */ err = fp_add (A, y, A); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (B, x, B); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } @@ -1234,16 +1174,12 @@ static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c) /* C = (C+y)/2, D = (D-x)/2 */ err = fp_add (C, y, C); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (D, x, D); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } @@ -1257,46 +1193,34 @@ static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c) /* u = u - v, A = A - C, B = B - D */ err = fp_sub (u, v, u); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (A, C, A); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (B, D, B); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } else { /* v - v - u, C = C - A, D = D - B */ err = fp_sub (v, u, v); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (C, A, C); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (D, B, D); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } @@ -1309,9 +1233,7 @@ static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c) /* if v != 1 then there is no inverse */ if (fp_cmp_d (v, 1) != FP_EQ) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_VAL; } @@ -1319,9 +1241,7 @@ static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c) while (fp_cmp_d(C, 0) == FP_LT) { err = fp_add(C, b, C); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } @@ -1330,18 +1250,14 @@ static int fp_invmod_slow (fp_int * a, fp_int * b, fp_int * c) while (fp_cmp_mag(C, b) != FP_LT) { err = fp_sub(C, b, C); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } /* C is now the inverse */ fp_copy(C, c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -1383,9 +1299,7 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) fp_init(B); fp_init(D); if (fp_iszero(a) == FP_YES) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_VAL; } @@ -1394,17 +1308,13 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) /* we need y = |a| */ if ((err = mp_mod(a, b, y)) != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } if (fp_iszero(y) == FP_YES) { /* invmod doesn't exist for this a and b */ - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_VAL; } @@ -1423,9 +1333,7 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) if (fp_isodd (B) == FP_YES) { err = fp_sub (B, x, B); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } @@ -1443,9 +1351,7 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) /* D = (D-x)/2 */ err = fp_sub (D, x, D); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } @@ -1458,32 +1364,24 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) /* u = u - v, B = B - D */ err = fp_sub (u, v, u); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (B, D, B); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } else { /* v - v - u, D = D - B */ err = fp_sub (v, u, v); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sub (D, B, D); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } @@ -1497,9 +1395,7 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) /* if v != 1 then there is no inverse */ if (fp_cmp_d (v, 1) != FP_EQ) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_VAL; } @@ -1507,9 +1403,7 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) while (D->sign == FP_NEG) { err = fp_add (D, b, D); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } } @@ -1517,16 +1411,12 @@ int fp_invmod(fp_int *a, fp_int *b, fp_int *c) while (fp_cmp_mag(D, b) != FP_LT) { err = fp_sub(D, b, D); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return err; } } fp_copy (D, c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(x, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(x, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -1600,9 +1490,7 @@ int fp_invmod_mont_ct(fp_int *a, fp_int *b, fp_int *c, fp_digit mp) else fp_copy(t, c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -1611,17 +1499,9 @@ int fp_invmod_mont_ct(fp_int *a, fp_int *b, fp_int *c, fp_digit mp) int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) { int err; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(t); err = fp_mul(a, b, t); @@ -1637,9 +1517,7 @@ int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -1647,17 +1525,9 @@ int fp_mulmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) { int err; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(t); err = fp_sub(a, b, t); @@ -1673,9 +1543,7 @@ int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -1683,17 +1551,9 @@ int fp_submod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) { int err; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(t); err = fp_add(a, b, t); @@ -1709,9 +1569,7 @@ int fp_addmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2108,9 +1966,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, /* now we need R mod m */ err = fp_montgomery_calc_normalization (&R[0], P); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2119,9 +1975,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, /* G > P so we reduce it first */ err = fp_mod(G, P, &R[1]); if (err != FP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } } else { @@ -2129,9 +1983,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, } err = fp_mulmod (&R[1], &R[0], P, &R[1]); if (err != FP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2164,47 +2016,35 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, /* do ops */ err = fp_mul(&R[0], &R[1], &R[y^1]); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_montgomery_reduce(&R[y^1], P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_sqr(&R[y], &R[y]); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_montgomery_reduce(&R[y], P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } #else /* do ops */ err = fp_mul(&R[0], &R[1], &R[2]); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_montgomery_reduce(&R[2], P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } /* instead of using R[y^1] for mul, which leaks key bit to cache monitor, @@ -2222,16 +2062,12 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, &R[2]); err = fp_sqr(&R[2], &R[2]); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_montgomery_reduce(&R[2], P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } fp_copy(&R[2], @@ -2242,9 +2078,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, err = fp_montgomery_reduce(&R[0], P, mp); fp_copy(&R[0], Y); -#ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2300,11 +2134,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, return err; } -#ifdef WOLFSSL_SMALL_STACK - R = (fp_int*)XMALLOC(sizeof(fp_int) * 4, NULL, DYNAMIC_TYPE_BIGINT); - if (R == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(R, fp_int, 4, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(&R[0]); fp_init(&R[1]); fp_init(&R[2]); @@ -2313,9 +2143,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, /* now we need R mod m */ err = fp_montgomery_calc_normalization (&R[0], P); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2324,9 +2152,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, /* G > P so we reduce it first */ err = fp_mod(G, P, &R[1]); if (err != FP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } } else { @@ -2334,9 +2160,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, } err = fp_mulmod (&R[1], &R[0], P, &R[1]); if (err != FP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2368,16 +2192,12 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, /* do ops */ err = fp_mul(&R[0], &R[1], &R[2]); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_montgomery_reduce(&R[2], P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2389,16 +2209,12 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, &R[3]); err = fp_sqr(&R[3], &R[3]); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } err = fp_montgomery_reduce(&R[3], P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } fp_copy_2_ct(&R[2], &R[3], &R[0], &R[1], y, P->used); @@ -2406,9 +2222,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P, err = fp_montgomery_reduce(&R[0], P, mp); fp_copy(&R[0], Y); -#ifdef WOLFSSL_SMALL_STACK - XFREE(R, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(R, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -2741,9 +2555,7 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, /* now setup montgomery */ if ((err = fp_montgomery_setup(P, &mp)) != FP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -2753,18 +2565,14 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, err = fp_mul_2d(P, 1 << WINSIZE, tmp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } /* now we need R mod m */ err = fp_montgomery_calc_normalization(res, P); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -2780,23 +2588,17 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, /* Multiply montgomery representation of 1 by 2 ^ top */ err = fp_mul_2d(res, bitbuf, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } err = fp_add(res, tmp, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } err = fp_mod(res, P, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } /* Move out bits used */ @@ -2841,16 +2643,12 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, for (x = 0; x < WINSIZE; x++) { err = fp_sqr(res, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } err = fp_montgomery_reduce(res, P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } } @@ -2863,24 +2661,18 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, err = fp_mul_2d(res, bitbuf & WINMASK, res); #endif if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } /* Add in value to make mod operation take same time */ err = fp_add(res, tmp, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } err = fp_mod(res, P, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -2906,9 +2698,7 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, /* swap res with Y */ fp_copy(res, Y); -#ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -2934,23 +2724,15 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, { fp_digit buf, mp; int err, bitbuf, bitcpy, bitcnt, digidx, x, y; -#ifdef WOLFSSL_SMALL_STACK - fp_int *res; -#else - fp_int res[1]; -#endif + WC_DECLARE_VAR(res, fp_int, 1, 0); /* now setup montgomery */ if ((err = fp_montgomery_setup(P, &mp)) != FP_OKAY) { return err; } -#ifdef WOLFSSL_SMALL_STACK - res = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (res == NULL) { - return FP_MEM; - } -#endif + WC_ALLOC_VAR_EX(res, fp_int, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return FP_MEM); /* setup result */ fp_init(res); @@ -2958,9 +2740,7 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, /* now we need R mod m */ err = fp_montgomery_calc_normalization(res, P); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -2976,16 +2756,12 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, /* Multiply montgomery representation of 1 by 2 ^ top */ err = fp_mul_2d(res, bitbuf, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } err = fp_mod(res, P, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } /* Move out bits used */ @@ -3025,16 +2801,12 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, for (x = 0; x < WINSIZE; x++) { err = fp_sqr(res, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } err = fp_montgomery_reduce(res, P, mp); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } } @@ -3042,16 +2814,12 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, /* then multiply by 2^bitbuf */ err = fp_mul_2d(res, bitbuf, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } err = fp_mod(res, P, res); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -3072,9 +2840,7 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P, /* swap res with Y */ fp_copy(res, Y); -#ifdef WOLFSSL_SMALL_STACK - XFREE(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(res, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -3140,17 +2906,10 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) if (X->sign == FP_NEG) { #ifndef POSITIVE_EXP_ONLY /* reduce stack if assume no negatives */ int err; - #ifndef WOLFSSL_SMALL_STACK - fp_int tmp[2]; - #else - fp_int *tmp; - #endif + WC_DECLARE_VAR(tmp, fp_int, 2, 0); - #ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int) * 2, NULL, DYNAMIC_TYPE_BIGINT); - if (tmp == NULL) - return FP_MEM; - #endif + WC_ALLOC_VAR_EX(tmp, fp_int, 2, NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); /* yes, copy G and invmod it */ fp_init_copy(&tmp[0], G); @@ -3169,9 +2928,7 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) err = fp_add(Y, P, Y); } } - #ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; #else return FP_VAL; @@ -3241,17 +2998,10 @@ int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y) if (X->sign == FP_NEG) { #ifndef POSITIVE_EXP_ONLY /* reduce stack if assume no negatives */ int err; - #ifndef WOLFSSL_SMALL_STACK - fp_int tmp[2]; - #else - fp_int *tmp; - #endif + WC_DECLARE_VAR(tmp, fp_int, 2, 0); - #ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int) * 2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (tmp == NULL) - return FP_MEM; - #endif + WC_ALLOC_VAR_EX(tmp, fp_int, 2, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return FP_MEM); /* yes, copy G and invmod it */ fp_init_copy(&tmp[0], G); @@ -3273,9 +3023,7 @@ int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y) err = fp_add(Y, P, Y); } } - #ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); return err; #else return FP_VAL; @@ -3353,17 +3101,10 @@ int fp_exptmod_nct(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) if (X->sign == FP_NEG) { #ifndef POSITIVE_EXP_ONLY /* reduce stack if assume no negatives */ int err; - #ifndef WOLFSSL_SMALL_STACK - fp_int tmp[2]; - #else - fp_int *tmp; - #endif + WC_DECLARE_VAR(tmp, fp_int, 2, 0); - #ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int) * 2, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (tmp == NULL) - return FP_MEM; - #endif + WC_ALLOC_VAR_EX(tmp, fp_int, 2, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return FP_MEM); /* yes, copy G and invmod it */ fp_init_copy(&tmp[0], G); @@ -3380,9 +3121,7 @@ int fp_exptmod_nct(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) err = fp_add(Y, P, Y); } } - #ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); return err; #else return FP_VAL; @@ -3573,17 +3312,10 @@ int fp_sqr_comba(fp_int *A, fp_int *B) fp_word tt = 0; #endif fp_int *dst; -#ifndef WOLFSSL_SMALL_STACK - fp_int tmp[1]; -#else - fp_int *tmp; -#endif + WC_DECLARE_VAR(tmp, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (tmp == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); /* get size of output and trim */ pa = A->used + A->used; @@ -3660,9 +3392,7 @@ int fp_sqr_comba(fp_int *A, fp_int *B) (void)tt; #endif -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -3813,11 +3543,7 @@ static WC_INLINE void innermul8_mulx(fp_digit *c_mulx, fp_digit *cy_mulx, fp_dig /* computes x/R == x (mod N) via Montgomery Reduction */ static int fp_montgomery_reduce_mulx(fp_int *a, fp_int *m, fp_digit mp, int ct) { -#ifndef WOLFSSL_SMALL_STACK - fp_digit c[FP_SIZE+1]; -#else - fp_digit *c; -#endif + WC_DECLARE_VAR(c, fp_digit, FP_SIZE+1, 0); fp_digit *_c, *tmpm, mu = 0; int oldused, x, y, pa; @@ -3833,13 +3559,9 @@ static int fp_montgomery_reduce_mulx(fp_int *a, fp_int *m, fp_digit mp, int ct) } #endif -#ifdef WOLFSSL_SMALL_STACK /* only allocate space for what's needed for window plus res */ - c = (fp_digit*)XMALLOC(sizeof(fp_digit)*(FP_SIZE + 1), NULL, DYNAMIC_TYPE_BIGINT); - if (c == NULL) { - return FP_MEM; - } -#endif + WC_ALLOC_VAR_EX(c, fp_digit, (FP_SIZE+1), NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); /* now zero the buff */ XMEMSET(c, 0, sizeof(fp_digit)*(FP_SIZE + 1)); @@ -3916,9 +3638,7 @@ static int fp_montgomery_reduce_mulx(fp_int *a, fp_int *m, fp_digit mp, int ct) } #endif -#ifdef WOLFSSL_SMALL_STACK - XFREE(c, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(c, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } #endif @@ -3926,11 +3646,7 @@ static int fp_montgomery_reduce_mulx(fp_int *a, fp_int *m, fp_digit mp, int ct) /* computes x/R == x (mod N) via Montgomery Reduction */ int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct) { -#ifndef WOLFSSL_SMALL_STACK - fp_digit c[FP_SIZE+1]; -#else - fp_digit *c; -#endif + WC_DECLARE_VAR(c, fp_digit, FP_SIZE+1, 0); fp_digit *_c, *tmpm, mu = 0; int oldused, x, y, pa, err = 0; @@ -3949,13 +3665,9 @@ int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct) } #endif -#ifdef WOLFSSL_SMALL_STACK /* only allocate space for what's needed for window plus res */ - c = (fp_digit*)XMALLOC(sizeof(fp_digit)*(FP_SIZE + 1), NULL, DYNAMIC_TYPE_BIGINT); - if (c == NULL) { - return FP_MEM; - } -#endif + WC_ALLOC_VAR_EX(c, fp_digit, (FP_SIZE+1), NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); /* now zero the buff */ XMEMSET(c, 0, sizeof(fp_digit)*(FP_SIZE + 1)); @@ -4034,9 +3746,7 @@ int fp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct) } #endif -#ifdef WOLFSSL_SMALL_STACK - XFREE(c, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(c, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -4187,26 +3897,16 @@ int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b) int fp_to_unsigned_bin(const fp_int *a, unsigned char *b) { int x; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init_copy(t, a); x = fp_to_unsigned_bin_at_pos(0, t, b); mp_reverse (b, x); -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -4288,17 +3988,9 @@ int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c) return FP_OKAY; #else int x; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init_copy(t, a); @@ -4308,9 +4000,7 @@ int fp_to_unsigned_bin_len(fp_int *a, unsigned char *b, int c) } mp_reverse (b, x); -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); if (!fp_iszero(t)) { return FP_VAL; } @@ -4563,18 +4253,11 @@ void fp_rshd(fp_int *a, int x) /* c = a - b */ int fp_sub_d(fp_int *a, fp_digit b, fp_int *c) { -#ifndef WOLFSSL_SMALL_STACK - fp_int tmp[1]; -#else - fp_int *tmp; -#endif + WC_DECLARE_VAR(tmp, fp_int, 1, 0); int err = FP_OKAY; -#ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (tmp == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); fp_init(tmp); fp_set(tmp, b); @@ -4589,9 +4272,7 @@ int fp_sub_d(fp_int *a, fp_digit b, fp_int *c) err = fp_sub(a, tmp, c); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -5043,17 +4724,9 @@ int mp_set_bit(mp_int *a, mp_digit b) int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c) { int err; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(t); err = fp_sqr(a, t); @@ -5070,9 +4743,7 @@ int fp_sqrmod(fp_int *a, fp_int *b, fp_int *c) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -5114,23 +4785,13 @@ static int fp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t) static int fp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m) { -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int* t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_cond_swap_ct_ex(a, b, c, m, t); -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -5144,25 +4805,15 @@ static int fp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m) */ static int fp_exch (fp_int * a, fp_int * b) { -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); *t = *a; *a = *b; *b = *t; -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } #endif @@ -5220,11 +4871,7 @@ static int s_is_power_of_two(fp_digit b, int *p) /* a/b => cb + d == a */ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d) { -#ifndef WOLFSSL_SMALL_STACK - fp_int q[1]; -#else - fp_int *q; -#endif + WC_DECLARE_VAR(q, fp_int, 1, 0); fp_word w; fp_digit t; int ix; @@ -5256,11 +4903,7 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d) return FP_OKAY; } -#ifdef WOLFSSL_SMALL_STACK - q = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (q == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(q, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(q); @@ -5298,9 +4941,7 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d) fp_copy(q, c); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(q, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(q, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -5456,9 +5097,7 @@ static int fp_prime_miller_rabin(fp_int * a, fp_int * b, int *result) fp_clear(y); fp_clear(r); -#ifdef WOLFSSL_SMALL_STACK - XFREE(n1, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(n1, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -5505,11 +5144,7 @@ static const fp_digit primes[FP_PRIME_SIZE] = { int fp_isprime_ex(fp_int *a, int t, int* result) { -#ifndef WOLFSSL_SMALL_STACK - fp_int b[1]; -#else - fp_int *b; -#endif + WC_DECLARE_VAR(b, fp_int, 1, 0); fp_digit d; int r, res; int err; @@ -5541,11 +5176,7 @@ int fp_isprime_ex(fp_int *a, int t, int* result) } } -#ifdef WOLFSSL_SMALL_STACK - b = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (b == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(b, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); /* now do 't' miller rabins */ fp_init(b); for (r = 0; r < t; r++) { @@ -5553,16 +5184,12 @@ int fp_isprime_ex(fp_int *a, int t, int* result) err = fp_prime_miller_rabin(a, b, &res); if ((err != FP_OKAY) || (res == FP_NO)) { *result = res; - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT); return err; } } *result = FP_YES; -#ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -5654,18 +5281,14 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) err = fp_sub_d(a, 2, c); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } while (t > 0) { if ((err = wc_RNG_GenerateBlock(rng, base, baseSz)) != 0) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } @@ -5674,10 +5297,8 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) err = fp_read_unsigned_bin(b, base, baseSz); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } if (fp_cmp_d(b, 2) != FP_GT || fp_cmp(b, c) != FP_LT) { @@ -5686,10 +5307,8 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) err = fp_prime_miller_rabin_ex(a, b, &ret, n1, y, r); if (err != FP_OKAY) { - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); return err; } if (ret == FP_NO) @@ -5703,10 +5322,8 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng) fp_clear(r); fp_clear(b); fp_clear(c); - #ifdef WOLFSSL_SMALL_STACK - XFREE(b, NULL, DYNAMIC_TYPE_BIGINT); - XFREE(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(b, NULL, DYNAMIC_TYPE_BIGINT); + WC_FREE_VAR_EX(base, NULL, DYNAMIC_TYPE_TMP_BUFFER); } #else (void)t; @@ -5841,11 +5458,7 @@ int fp_randprime(fp_int* a, int len, WC_RNG* rng, void* heap) int fp_lcm(fp_int *a, fp_int *b, fp_int *c) { int err; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[2]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 2, 0); /* LCM of 0 and any number is undefined as 0 is not in the set of values * being used. */ @@ -5853,12 +5466,7 @@ int fp_lcm(fp_int *a, fp_int *b, fp_int *c) return FP_VAL; } -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int) * 2, NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) { - return FP_MEM; - } -#endif + WC_ALLOC_VAR_EX(t, fp_int, 2, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); fp_init(&t[0]); fp_init(&t[1]); @@ -5875,9 +5483,7 @@ int fp_lcm(fp_int *a, fp_int *b, fp_int *c) } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -5939,9 +5545,7 @@ int fp_gcd(fp_int *a, fp_int *b, fp_int *c) while (fp_iszero(v) == FP_NO) { int err = fp_mod(u, v, r); if (err != MP_OKAY) { -#ifdef WOLFSSL_SMALL_STACK - XFREE(u, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(u, NULL, DYNAMIC_TYPE_BIGINT); return err; } fp_copy(v, u); @@ -5949,9 +5553,7 @@ int fp_gcd(fp_int *a, fp_int *b, fp_int *c) } fp_copy(u, c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(u, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(u, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -5964,26 +5566,17 @@ int fp_gcd(fp_int *a, fp_int *b, fp_int *c) /* c = a + b */ int fp_add_d(fp_int *a, fp_digit b, fp_int *c) { -#ifndef WOLFSSL_SMALL_STACK - fp_int tmp[1]; -#else - fp_int* tmp; -#endif + WC_DECLARE_VAR(tmp, fp_int, 1, 0); int err; -#ifdef WOLFSSL_SMALL_STACK - tmp = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (tmp == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(tmp, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, + return FP_MEM); fp_init(tmp); fp_set(tmp, b); err = fp_add(a, tmp, c); -#ifdef WOLFSSL_SMALL_STACK - XFREE(tmp, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(tmp, NULL, DYNAMIC_TYPE_BIGINT); return err; } @@ -6207,11 +5800,7 @@ int mp_radix_size (mp_int *a, int radix, int *size) { int res, digs; fp_digit d; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); *size = 0; @@ -6242,11 +5831,7 @@ int mp_radix_size (mp_int *a, int radix, int *size) /* digs is the digit count */ digs = 0; -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); /* Init a copy (t) of the input (a) ** @@ -6263,9 +5848,7 @@ int mp_radix_size (mp_int *a, int radix, int *size) while (fp_iszero (t) == FP_NO) { if ((res = fp_div_d (t, (mp_digit) radix, t, &d)) != FP_OKAY) { fp_zero (t); - #ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return res; } ++digs; @@ -6286,9 +5869,7 @@ int mp_radix_size (mp_int *a, int radix, int *size) /* return digs + 1, the 1 is for the NULL byte that would be required. */ *size = digs + 1; -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } @@ -6298,11 +5879,7 @@ int mp_toradix (mp_int *a, char *str, int radix) int res, digs; fp_digit d; char *_s = str; -#ifndef WOLFSSL_SMALL_STACK - fp_int t[1]; -#else - fp_int *t; -#endif + WC_DECLARE_VAR(t, fp_int, 1, 0); /* check range of the radix */ if (radix < 2 || radix > 64) { @@ -6320,11 +5897,7 @@ int mp_toradix (mp_int *a, char *str, int radix) return FP_OKAY; } -#ifdef WOLFSSL_SMALL_STACK - t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT); - if (t == NULL) - return FP_MEM; -#endif + WC_ALLOC_VAR_EX(t, fp_int, 1, NULL, DYNAMIC_TYPE_BIGINT, return FP_MEM); /* Init a copy (t) of the input (a) ** @@ -6345,9 +5918,7 @@ int mp_toradix (mp_int *a, char *str, int radix) while (fp_iszero (t) == FP_NO) { if ((res = fp_div_d (t, (fp_digit) radix, t, &d)) != FP_OKAY) { fp_zero (t); - #ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); - #endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return res; } *str++ = fp_s_rmap[d]; @@ -6369,9 +5940,7 @@ int mp_toradix (mp_int *a, char *str, int radix) *str = '\0'; fp_zero (t); -#ifdef WOLFSSL_SMALL_STACK - XFREE(t, NULL, DYNAMIC_TYPE_BIGINT); -#endif + WC_FREE_VAR_EX(t, NULL, DYNAMIC_TYPE_BIGINT); return FP_OKAY; } diff --git a/wolfcrypt/src/wc_encrypt.c b/wolfcrypt/src/wc_encrypt.c index dca1640d5c7..c9489becd41 100644 --- a/wolfcrypt/src/wc_encrypt.c +++ b/wolfcrypt/src/wc_encrypt.c @@ -44,21 +44,14 @@ int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz, const byte* key, word32 keySz, const byte* iv) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes = NULL; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); if (out == NULL || in == NULL || key == NULL || iv == NULL) { return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (aes == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(aes, Aes, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret == 0) { @@ -69,9 +62,7 @@ int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz, wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -81,17 +72,10 @@ int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, const byte* key, word32 keySz, const byte* iv) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Aes* aes; -#else - Aes aes[1]; -#endif + WC_DECLARE_VAR(aes, Aes, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (aes == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(aes, Aes, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_AesInit(aes, NULL, INVALID_DEVID); if (ret == 0) { @@ -102,9 +86,7 @@ int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz, wc_AesFree(aes); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -116,25 +98,16 @@ int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz, const byte* key, const byte* iv) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Des* des; -#else - Des des[1]; -#endif + WC_DECLARE_VAR(des, Des, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (des == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(des, Des, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_Des_SetKey(des, key, iv, DES_ENCRYPTION); if (ret == 0) ret = wc_Des_CbcEncrypt(des, out, in, sz); -#ifdef WOLFSSL_SMALL_STACK - XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(des, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -143,25 +116,16 @@ int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, const byte* key, const byte* iv) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Des* des; -#else - Des des[1]; -#endif + WC_DECLARE_VAR(des, Des, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (des == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(des, Des, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION); if (ret == 0) ret = wc_Des_CbcDecrypt(des, out, in, sz); -#ifdef WOLFSSL_SMALL_STACK - XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(des, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -171,17 +135,10 @@ int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz, const byte* key, const byte* iv) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Des3* des3; -#else - Des3 des3[1]; -#endif + WC_DECLARE_VAR(des3, Des3, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (des3 == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(des3, Des3, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_Des3Init(des3, NULL, INVALID_DEVID); if (ret == 0) { @@ -191,9 +148,7 @@ int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz, wc_Des3Free(des3); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -203,17 +158,10 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, const byte* key, const byte* iv) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - Des3* des3; -#else - Des3 des3[1]; -#endif + WC_DECLARE_VAR(des3, Des3, 1, 0); -#ifdef WOLFSSL_SMALL_STACK - des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (des3 == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(des3, Des3, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_Des3Init(des3, NULL, INVALID_DEVID); if (ret == 0) { @@ -223,9 +171,7 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, wc_Des3Free(des3); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -239,11 +185,7 @@ int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz, const byte* password, int passwordSz, int hashType) { int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); -#ifdef WOLFSSL_SMALL_STACK - byte* key = NULL; -#else - byte key[WC_MAX_SYM_KEY_SIZE]; -#endif + WC_DECLARE_VAR(key, byte, WC_MAX_SYM_KEY_SIZE, 0); (void)derSz; (void)passwordSz; @@ -263,12 +205,8 @@ int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz, return BUFFER_E; } -#ifdef WOLFSSL_SMALL_STACK - key = (byte*)XMALLOC(WC_MAX_SYM_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY); - if (key == NULL) { - return MEMORY_E; - } -#endif + WC_ALLOC_VAR_EX(key, byte, WC_MAX_SYM_KEY_SIZE, NULL, + DYNAMIC_TYPE_SYMMETRIC_KEY, return MEMORY_E); #ifdef WOLFSSL_CHECK_MEM_ZERO wc_MemZero_Add("wc_BufferKeyDecrypt key", key, WC_MAX_SYM_KEY_SIZE); #endif @@ -313,11 +251,7 @@ int wc_BufferKeyEncrypt(EncryptedInfo* info, byte* der, word32 derSz, const byte* password, int passwordSz, int hashType) { int ret = WC_NO_ERR_TRACE(NOT_COMPILED_IN); -#ifdef WOLFSSL_SMALL_STACK - byte* key = NULL; -#else - byte key[WC_MAX_SYM_KEY_SIZE]; -#endif + WC_DECLARE_VAR(key, byte, WC_MAX_SYM_KEY_SIZE, 0); (void)derSz; (void)passwordSz; @@ -328,12 +262,8 @@ int wc_BufferKeyEncrypt(EncryptedInfo* info, byte* der, word32 derSz, return BAD_FUNC_ARG; } -#ifdef WOLFSSL_SMALL_STACK - key = (byte*)XMALLOC(WC_MAX_SYM_KEY_SIZE, NULL, DYNAMIC_TYPE_SYMMETRIC_KEY); - if (key == NULL) { - return MEMORY_E; - } -#endif /* WOLFSSL_SMALL_STACK */ + WC_ALLOC_VAR_EX(key, byte, WC_MAX_SYM_KEY_SIZE, NULL, + DYNAMIC_TYPE_SYMMETRIC_KEY, return MEMORY_E); #ifdef WOLFSSL_CHECK_MEM_ZERO XMEMSET(key, 0xff, WC_MAX_SYM_KEY_SIZE); wc_MemZero_Add("wc_BufferKeyDecrypt key", key, WC_MAX_SYM_KEY_SIZE); @@ -392,11 +322,7 @@ int wc_CryptKey(const char* password, int passwordSz, byte* salt, int typeH = WC_HASH_TYPE_NONE; word32 derivedLen = 0; int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - byte* key = NULL; -#else - byte key[PKCS_MAX_KEY_SIZE]; -#endif + WC_DECLARE_VAR(key, byte, PKCS_MAX_KEY_SIZE, 0); (void)input; (void)length; @@ -687,9 +613,7 @@ int wc_CryptKey(const char* password, int passwordSz, byte* salt, if (free_aes) wc_AesFree(aes); ForceZero(aes, sizeof(Aes)); - #ifdef WOLFSSL_SMALL_STACK - XFREE(aes, NULL, DYNAMIC_TYPE_AES); - #endif + WC_FREE_VAR_EX(aes, NULL, DYNAMIC_TYPE_AES); break; } #endif /* !NO_AES && HAVE_AES_CBC && (WOLFSSL_AES_256 || WOLFSSL_AES_128) */ diff --git a/wolfcrypt/src/wc_lms.c b/wolfcrypt/src/wc_lms.c index d4f29637a11..94634140e56 100644 --- a/wolfcrypt/src/wc_lms.c +++ b/wolfcrypt/src/wc_lms.c @@ -764,21 +764,12 @@ int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG* rng) #endif } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - LmsState* state; - #else - LmsState state[1]; - #endif + WC_DECLARE_VAR(state, LmsState, 1, 0); - #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for working state. */ - state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (state == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ret=MEMORY_E); + if (WC_VAR_OK(state)) { /* Initialize working state for use. */ ret = wc_lmskey_state_init(state, key->params); @@ -789,9 +780,7 @@ int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG* rng) wc_lmskey_state_free(state); } ForceZero(state, sizeof(LmsState)); - #ifdef WOLFSSL_SMALL_STACK - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } if (ret == 0) { @@ -911,21 +900,12 @@ int wc_LmsKey_Reload(LmsKey* key) } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - LmsState* state; - #else - LmsState state[1]; - #endif + WC_DECLARE_VAR(state, LmsState, 1, 0); - #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for working state. */ - state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (state == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ret=MEMORY_E); + if (WC_VAR_OK(state)) { /* Initialize working state for use. */ ret = wc_lmskey_state_init(state, key->params); @@ -935,9 +915,7 @@ int wc_LmsKey_Reload(LmsKey* key) key->priv_data, NULL); } ForceZero(state, sizeof(LmsState)); - #ifdef WOLFSSL_SMALL_STACK - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } @@ -1010,21 +988,12 @@ int wc_LmsKey_Sign(LmsKey* key, byte* sig, word32* sigSz, const byte* msg, } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - LmsState* state; - #else - LmsState state[1]; - #endif + WC_DECLARE_VAR(state, LmsState, 1, 0); - #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for working state. */ - state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (state == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ret=MEMORY_E); + if (WC_VAR_OK(state)) { /* Initialize working state for use. */ ret = wc_lmskey_state_init(state, key->params); @@ -1035,9 +1004,7 @@ int wc_LmsKey_Sign(LmsKey* key, byte* sig, word32* sigSz, const byte* msg, wc_lmskey_state_free(state); } ForceZero(state, sizeof(LmsState)); - #ifdef WOLFSSL_SMALL_STACK - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } if (ret == 0) { @@ -1288,21 +1255,12 @@ int wc_LmsKey_Verify(LmsKey* key, const byte* sig, word32 sigSz, } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - LmsState* state; - #else - LmsState state[1]; - #endif + WC_DECLARE_VAR(state, LmsState, 1, 0); - #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for working state. */ - state = (LmsState*)XMALLOC(sizeof(LmsState), NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (state == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_ALLOC_VAR_EX(state, LmsState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ret=MEMORY_E); + if (WC_VAR_OK(state)) { /* Initialize working state for use. */ ret = wc_lmskey_state_init(state, key->params); @@ -1312,9 +1270,7 @@ int wc_LmsKey_Verify(LmsKey* key, const byte* sig, word32 sigSz, wc_lmskey_state_free(state); } ForceZero(state, sizeof(LmsState)); - #ifdef WOLFSSL_SMALL_STACK - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } diff --git a/wolfcrypt/src/wc_lms_impl.c b/wolfcrypt/src/wc_lms_impl.c index 5defb103d57..46c7354a871 100644 --- a/wolfcrypt/src/wc_lms_impl.c +++ b/wolfcrypt/src/wc_lms_impl.c @@ -1797,25 +1797,16 @@ static int wc_lms_treehash(LmsState* state, const byte* id, const byte* seed, byte* dp = rp + LMS_R_LEN; byte* left = dp + LMS_D_LEN; byte* temp = left + params->hash_len; -#ifdef WOLFSSL_SMALL_STACK - byte* stack = NULL; -#else - byte stack[(LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN]; -#endif /* WOLFSSL_SMALL_STACK */ + WC_DECLARE_VAR(stack, byte, (LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN, 0); byte* sp; word32 i; /* I || ... */ XMEMCPY(buffer, id, LMS_I_LEN); -#ifdef WOLFSSL_SMALL_STACK /* Allocate stack of left side hashes. */ - stack = XMALLOC((params->height + 1) * params->hash_len, NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (stack == NULL) { - ret = MEMORY_E; - } -#endif /* WOLFSSL_SMALL_STACK */ + WC_ALLOC_VAR_EX(stack, byte, (params->height+1)*params->hash_len, NULL, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); sp = stack; /* Compute all nodes requested. */ @@ -1863,9 +1854,7 @@ static int wc_lms_treehash(LmsState* state, const byte* id, const byte* seed, /* Public key, root node, is top of data stack. */ XMEMCPY(pub, stack, params->hash_len); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif /* WOLFSSL_SMALL_STACK */ + WC_FREE_VAR_EX(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1936,11 +1925,7 @@ static int wc_lms_treehash_init(LmsState* state, LmsPrivState* privState, byte* dp = rp + LMS_R_LEN; byte* left = dp + LMS_D_LEN; byte* temp = left + params->hash_len; -#ifdef WOLFSSL_SMALL_STACK - byte* stack = NULL; -#else - byte stack[(LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN]; -#endif /* WOLFSSL_SMALL_STACK */ + WC_DECLARE_VAR(stack, byte, (LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN, 0); word32 spi = 0; word32 i; word32 max_h = (word32)1 << params->height; @@ -1957,14 +1942,9 @@ static int wc_lms_treehash_init(LmsState* state, LmsPrivState* privState, /* I || ... */ XMEMCPY(buffer, id, LMS_I_LEN); -#ifdef WOLFSSL_SMALL_STACK /* Allocate stack of left side hashes. */ - stack = (byte*)XMALLOC((params->height + 1) * params->hash_len, NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (stack == NULL) { - ret = MEMORY_E; - } -#endif /* WOLFSSL_SMALL_STACK */ + WC_ALLOC_VAR_EX(stack, byte, (params->height+1)*params->hash_len, NULL, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); /* Compute all nodes requested. */ for (i = 0; (ret == 0) && (i < max_h); i++) { @@ -2024,9 +2004,7 @@ static int wc_lms_treehash_init(LmsState* state, LmsPrivState* privState, } } -#ifdef WOLFSSL_SMALL_STACK - XFREE(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif /* WOLFSSL_SMALL_STACK */ + WC_FREE_VAR_EX(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -2071,11 +2049,7 @@ static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState, byte* dp = rp + LMS_R_LEN; byte* left = dp + LMS_D_LEN; byte* temp = left + params->hash_len; -#ifdef WOLFSSL_SMALL_STACK - byte* stack = NULL; -#else - byte stack[(LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN]; -#endif /* WOLFSSL_SMALL_STACK */ + WC_DECLARE_VAR(stack, byte, (LMS_MAX_HEIGHT + 1) * LMS_MAX_NODE_LEN, 0); byte* sp; word32 max_cb = (word32)1 << params->cacheBits; word32 i; @@ -2083,14 +2057,9 @@ static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState, /* I || ... */ XMEMCPY(buffer, id, LMS_I_LEN); -#ifdef WOLFSSL_SMALL_STACK /* Allocate stack of left side hashes. */ - stack = (byte*)XMALLOC((params->height + 1) * params->hash_len, NULL, - DYNAMIC_TYPE_TMP_BUFFER); - if (stack == NULL) { - ret = MEMORY_E; - } -#endif /* WOLFSSL_SMALL_STACK */ + WC_ALLOC_VAR_EX(stack, byte, (params->height+1)*params->hash_len, NULL, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); /* Public key, root node, is top of data stack. */ if (ret == 0) { @@ -2197,9 +2166,7 @@ static int wc_lms_treehash_update(LmsState* state, LmsPrivState* privState, stackCache->offset = (word32)((size_t)sp - (size_t)stack); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif /* WOLFSSL_SMALL_STACK */ + WC_FREE_VAR_EX(stack, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } #endif /* WOLFSSL_WC_LMS_SMALL */ diff --git a/wolfcrypt/src/wc_mlkem_poly.c b/wolfcrypt/src/wc_mlkem_poly.c index 9f8184de31d..3306a886871 100644 --- a/wolfcrypt/src/wc_mlkem_poly.c +++ b/wolfcrypt/src/wc_mlkem_poly.c @@ -2369,10 +2369,8 @@ static int mlkem_gen_matrix_k2_avx2(sword16* a, byte* seed, int transposed) p, XOF_BLOCK_SIZE); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -2525,10 +2523,8 @@ static int mlkem_gen_matrix_k3_avx2(sword16* a, byte* seed, int transposed) XOF_BLOCK_SIZE); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -2637,10 +2633,8 @@ static int mlkem_gen_matrix_k4_avx2(sword16* a, byte* seed, int transposed) a += 4 * MLKEM_N; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); return 0; } @@ -4208,17 +4202,10 @@ static int mlkem_get_noise_k2_avx2(MLKEM_PRF_T* prf, sword16* vec1, sword16* vec2, sword16* poly, byte* seed) { int ret = 0; -#ifdef WOLFSSL_SMALL_STACK - byte *rand; -#else - byte rand[4 * PRF_RAND_SZ]; -#endif + WC_DECLARE_VAR(rand, byte, 4 * PRF_RAND_SZ, 0); -#ifdef WOLFSSL_SMALL_STACK - rand = (byte*)XMALLOC(4 * PRF_RAND_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (rand == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(rand, byte, 4*PRF_RAND_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); mlkem_get_noise_x4_eta3_avx2(rand, seed); mlkem_cbd_eta3_avx2(vec1 , rand + 0 * PRF_RAND_SZ); @@ -4235,9 +4222,7 @@ static int mlkem_get_noise_k2_avx2(MLKEM_PRF_T* prf, sword16* vec1, ret = mlkem_get_noise_eta2_avx2(prf, poly, seed); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(rand, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } diff --git a/wolfcrypt/src/wc_pkcs11.c b/wolfcrypt/src/wc_pkcs11.c index b0c6a7634ca..d272a315843 100644 --- a/wolfcrypt/src/wc_pkcs11.c +++ b/wolfcrypt/src/wc_pkcs11.c @@ -3192,19 +3192,11 @@ static int wc_Pkcs11CheckPrivKey_Rsa(RsaKey* priv, const unsigned char* publicKey, word32 pubKeySize) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - RsaKey* pub = NULL; - #else - RsaKey pub[1]; - #endif + WC_DECLARE_VAR(pub, RsaKey, 1, 0); word32 keyIdx = 0; - #ifdef WOLFSSL_SMALL_STACK - pub = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA); - if (pub == NULL) { - ret = MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(pub, RsaKey, 1, NULL, DYNAMIC_TYPE_RSA, + ret=MEMORY_E); if ((ret == 0) && (ret = wc_InitRsaKey(pub, NULL)) == 0) { if (ret == 0) { @@ -3222,9 +3214,7 @@ static int wc_Pkcs11CheckPrivKey_Rsa(RsaKey* priv, } wc_FreeRsaKey(pub); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(pub, NULL, DYNAMIC_TYPE_RSA); - #endif + WC_FREE_VAR_EX(pub, NULL, DYNAMIC_TYPE_RSA); return ret; } @@ -3338,19 +3328,11 @@ static int wc_Pkcs11CheckPrivKey_Ecc(ecc_key* priv, const unsigned char* publicKey, word32 pubKeySize) { int ret = 0; - #ifdef WOLFSSL_SMALL_STACK - ecc_key* pub = NULL; - #else - ecc_key pub[1]; - #endif + WC_DECLARE_VAR(pub, ecc_key, 1, 0); word32 keyIdx = 0; - #ifdef WOLFSSL_SMALL_STACK - pub = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC); - if (pub == NULL) { - ret = MEMORY_E; - } - #endif + WC_ALLOC_VAR_EX(pub, ecc_key, 1, NULL, DYNAMIC_TYPE_ECC, + ret=MEMORY_E); if ((ret == 0) && (ret = wc_ecc_init(pub)) == 0) { ret = wc_EccPublicKeyDecode(publicKey, &keyIdx, pub, pubKeySize); @@ -3367,9 +3349,7 @@ static int wc_Pkcs11CheckPrivKey_Ecc(ecc_key* priv, } wc_ecc_free(pub); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(pub, NULL, DYNAMIC_TYPE_ECC); - #endif + WC_FREE_VAR_EX(pub, NULL, DYNAMIC_TYPE_ECC); return ret; } diff --git a/wolfcrypt/src/wc_xmss.c b/wolfcrypt/src/wc_xmss.c index 695747174a5..1d1c85b80ce 100644 --- a/wolfcrypt/src/wc_xmss.c +++ b/wolfcrypt/src/wc_xmss.c @@ -731,19 +731,11 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig, } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - XmssState* state; - #else - XmssState state[1]; - #endif - - #ifdef WOLFSSL_SMALL_STACK - state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (state == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_DECLARE_VAR(state, XmssState, 1, 0); + + WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ret=MEMORY_E); + if (WC_VAR_OK(state)) { /* Initialize state for use in signing. */ ret = wc_xmss_state_init(state, key->params); @@ -774,9 +766,7 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig, /* Free state after use. */ wc_xmss_state_free(state); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } @@ -1102,19 +1092,11 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng) } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - XmssState* state; - #else - XmssState state[1]; - #endif - - #ifdef WOLFSSL_SMALL_STACK - state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (state == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_DECLARE_VAR(state, XmssState, 1, 0); + + WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ret=MEMORY_E); + if (WC_VAR_OK(state)) { /* Initialize state for use in key generation. */ ret = wc_xmss_state_init(state, key->params); @@ -1138,9 +1120,7 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng) /* Free state after use. */ wc_xmss_state_free(state); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } @@ -1161,9 +1141,7 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng) key->state = WC_XMSS_STATE_OK; } -#ifdef WOLFSSL_SMALL_STACK - XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1638,19 +1616,11 @@ int wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigLen, } if (ret == 0) { - #ifdef WOLFSSL_SMALL_STACK - XmssState* state; - #else - XmssState state[1]; - #endif - - #ifdef WOLFSSL_SMALL_STACK - state = (XmssState*)XMALLOC(sizeof(XmssState), NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (state == NULL) { - ret = MEMORY_E; - } - if (ret == 0) - #endif + WC_DECLARE_VAR(state, XmssState, 1, 0); + + WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, + ret=MEMORY_E); + if (WC_VAR_OK(state)) { /* Initialize state for use in verification. */ ret = wc_xmss_state_init(state, key->params); @@ -1660,9 +1630,7 @@ int wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigLen, /* Free state after use. */ wc_xmss_state_free(state); } - #ifdef WOLFSSL_SMALL_STACK - XFREE(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); - #endif + WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); } } diff --git a/wolfcrypt/src/wc_xmss_impl.c b/wolfcrypt/src/wc_xmss_impl.c index 720cfb23206..6e02ff31b85 100644 --- a/wolfcrypt/src/wc_xmss_impl.c +++ b/wolfcrypt/src/wc_xmss_impl.c @@ -3312,11 +3312,7 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed, const word8 n = params->n; /* Offset of root node in public key. */ byte* pk_root = pk; -#ifdef WOLFSSL_SMALL_STACK - BdsState* bds = NULL; -#else - BdsState bds[1]; -#endif + WC_DECLARE_VAR(bds, BdsState, 1, 0); #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for tree hash instances and put in BDS state. */ @@ -3427,11 +3423,7 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen, byte node[WC_XMSS_MAX_N]; word32 idx; byte* sig_r = sig + XMSS_IDX_LEN; -#ifdef WOLFSSL_SMALL_STACK - BdsState* bds = NULL; -#else - BdsState bds[1]; -#endif + WC_DECLARE_VAR(bds, BdsState, 1, 0); #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for tree hash instances and put in BDS state. */ diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 20e3009e50b..41d51d8d216 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -4068,11 +4068,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) #endif #ifndef NO_LARGE_HASH_TEST #define LARGE_HASH_TEST_INPUT_SZ 1024 -#ifdef WOLFSSL_SMALL_STACK - byte *large_input = NULL; -#else - byte large_input[LARGE_HASH_TEST_INPUT_SZ]; -#endif + WC_DECLARE_VAR(large_input, byte, LARGE_HASH_TEST_INPUT_SZ, 0); #endif int times = sizeof(test_sha) / sizeof(struct testVector), i; @@ -4224,14 +4220,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void) "\x4f\x45\x79\x7f\x67\x70\xbd\x63\x7f\xbf\x0d\x80\x7c\xbd\xba\xe0"; #endif -#ifdef WOLFSSL_SMALL_STACK - large_input = (byte *)XMALLOC(LARGE_HASH_TEST_INPUT_SZ, HEAP_HINT, - DYNAMIC_TYPE_TMP_BUFFER); - - if (large_input == NULL) { - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit); - } -#endif + WC_ALLOC_VAR_EX(large_input, byte, LARGE_HASH_TEST_INPUT_SZ, HEAP_HINT, + DYNAMIC_TYPE_TMP_BUFFER, + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E),exit)); for (i = 0; i < LARGE_HASH_TEST_INPUT_SZ; i++) { large_input[i] = (byte)(i & 0xFF); @@ -4320,11 +4311,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) #endif #ifndef NO_LARGE_HASH_TEST #define LARGE_HASH_TEST_INPUT_SZ 1024 -#ifdef WOLFSSL_SMALL_STACK - byte *large_input = NULL; -#else - byte large_input[LARGE_HASH_TEST_INPUT_SZ]; -#endif + WC_DECLARE_VAR(large_input, byte, LARGE_HASH_TEST_INPUT_SZ, 0); #endif int times = sizeof(test_sha) / sizeof(struct testVector), i; @@ -4473,14 +4460,9 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void) "\xa5\xdc\xfc\xfa\x9d\x1a\x4d\xc0\xfa\x3a\x14\xf6\x01\x51\x90\xa4"; #endif -#ifdef WOLFSSL_SMALL_STACK - large_input = (byte *)XMALLOC(LARGE_HASH_TEST_INPUT_SZ, HEAP_HINT, - DYNAMIC_TYPE_TMP_BUFFER); - - if (large_input == NULL) { - ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), exit); - } -#endif + WC_ALLOC_VAR_EX(large_input, byte, LARGE_HASH_TEST_INPUT_SZ, HEAP_HINT, + DYNAMIC_TYPE_TMP_BUFFER, + ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E),exit)); for (i = 0; i < LARGE_HASH_TEST_INPUT_SZ; i++) { large_input[i] = (byte)(i & 0xFF); @@ -29225,9 +29207,7 @@ static wc_test_ret_t hpke_test_single(Hpke* hpke) if (receiverKey != NULL) wc_HpkeFreeKey(hpke, hpke->kem, receiverKey, hpke->heap); -#ifdef WOLFSSL_SMALL_STACK - XFREE(pubKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(pubKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (rngRet == 0) wc_FreeRng(rng); @@ -30442,11 +30422,7 @@ static wc_test_ret_t ecdsa_test_deterministic_k_sig(ecc_key *key, static wc_test_ret_t ecc_test_deterministic_k(WC_RNG* rng) { wc_test_ret_t ret; -#ifdef WOLFSSL_SMALL_STACK - ecc_key *key = NULL; -#else - ecc_key key[1]; -#endif + WC_DECLARE_VAR(key, ecc_key, 1, 0); int key_inited = 0; WOLFSSL_SMALL_STACK_STATIC const char* msg = "sample"; WOLFSSL_SMALL_STACK_STATIC const char* dIUT = @@ -30504,11 +30480,8 @@ static wc_test_ret_t ecc_test_deterministic_k(WC_RNG* rng) }; #endif -#ifdef WOLFSSL_SMALL_STACK - key = (ecc_key *)XMALLOC(sizeof(*key), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (key == NULL) - return MEMORY_E; -#endif + WC_ALLOC_VAR_EX(key, ecc_key, 1, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER, + return MEMORY_E); ret = wc_ecc_init_ex(key, HEAP_HINT, devId); if (ret != 0) @@ -30549,9 +30522,7 @@ static wc_test_ret_t ecc_test_deterministic_k(WC_RNG* rng) done: if (key_inited) wc_ecc_free(key); - #ifdef WOLFSSL_SMALL_STACK - XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); return ret; } #endif /* NO_ECC256 || HAVE_ALL_CURVES */ @@ -30726,13 +30697,11 @@ static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng) mp_free(expR); mp_free(expS); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(r, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(s, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(expR, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(expS, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(r, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(s, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(expR, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(expS, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -30870,13 +30839,11 @@ static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng) mp_free(expR); mp_free(expS); } -#ifdef WOLFSSL_SMALL_STACK - XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(r, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(s, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(expR, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - XFREE(expS, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); -#endif + WC_FREE_VAR_EX(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(r, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(s, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(expR, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(expS, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); return ret; } From 75a6621c63015e6185d00d58cdc94ba12aae12d2 Mon Sep 17 00:00:00 2001 From: effbiae Date: Tue, 9 Sep 2025 14:00:52 +1000 Subject: [PATCH 2/6] hand edits for small stack compress --- src/tls.c | 18 +++++++++--------- wolfcrypt/test/test.c | 6 +----- 2 files changed, 10 insertions(+), 14 deletions(-) diff --git a/src/tls.c b/src/tls.c index 07cb80dfb31..feac0c2a408 100644 --- a/src/tls.c +++ b/src/tls.c @@ -174,8 +174,8 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) #if !defined(WOLFSSL_ASYNC_CRYPT) || defined(WC_ASYNC_NO_HASH) byte handshake_hash[HSHASH_SZ]; #else - WC_DECLARE_VAR(handshake_hash, byte, HSHASH_SZ, ssl->heap); - WC_ALLOC_VAR(handshake_hash, byte, HSHASH_SZ, ssl->heap); + byte* handshake_hash = NULL; + handshake_hash = XMALLOC(HSHASH_SZ, ssl->heap, DYNAMIC_TYPE_DIGEST); if (handshake_hash == NULL) return MEMORY_E; #endif @@ -230,7 +230,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) } #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) - WC_FREE_VAR(handshake_hash, ssl->heap); + XFREE(handshake_hash, ssl->heap, DYNAMIC_TYPE_DIGEST); #elif defined(WOLFSSL_CHECK_MEM_ZERO) wc_MemZero_Check(handshake_hash, HSHASH_SZ); #endif @@ -403,8 +403,8 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len, { int ret; #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) - WC_DECLARE_VAR(seed, byte, SEED_LEN, heap); - WC_ALLOC_VAR(seed, byte, SEED_LEN, heap); + byte* seed = NULL; + seed = XMALLOC(SEED_LEN, heap, DYNAMIC_TYPE_SEED); if (seed == NULL) return MEMORY_E; #else @@ -441,7 +441,7 @@ static int _DeriveTlsKeys(byte* key_dig, word32 key_dig_len, #endif #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) - WC_FREE_VAR(seed, heap); + XFREE(seed, heap, DYNAMIC_TYPE_SEED); #endif return ret; @@ -503,8 +503,8 @@ static int _MakeTlsMasterSecret(byte* ms, word32 msLen, #if !defined(WOLFSSL_ASYNC_CRYPT) || defined(WC_ASYNC_NO_HASH) byte seed[SEED_LEN]; #else - WC_DECLARE_VAR(seed, byte, SEED_LEN, heap); - WC_ALLOC_VAR(seed, byte, SEED_LEN, heap); + byte* seed = NULL; + seed = XMALLOC(SEED_LEN, heap, DYNAMIC_TYPE_SEED); if (seed == NULL) return MEMORY_E; #endif @@ -533,7 +533,7 @@ static int _MakeTlsMasterSecret(byte* ms, word32 msLen, #endif #if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_ASYNC_NO_HASH) - WC_FREE_VAR(seed, heap); + XFREE(seed, heap, DYNAMIC_TYPE_SEED); #endif return ret; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 41d51d8d216..b03b700896e 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -20985,11 +20985,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void) #endif tmp = (byte*)XMALLOC(bytes, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); - if (tmp == NULL - #ifdef WOLFSSL_ASYNC_CRYPT - || out == NULL || plain == NULL - #endif - ) { + if (tmp == NULL) { ERROR_OUT(WC_TEST_RET_ENC_NC, exit_rsa_nopadding); } From 392136225045bdf77547eaa166800dd0bc820388 Mon Sep 17 00:00:00 2001 From: effbiae Date: Tue, 9 Sep 2025 13:45:37 +1000 Subject: [PATCH 3/6] WC_VAR macros --- wolfssl/wolfcrypt/types.h | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index 00356e4db07..d2dbe046623 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -708,10 +708,11 @@ enum { idx##VAR_NAME = 0; \ } -#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_SMALL_STACK) +#if defined(WOLFSSL_SMALL_STACK) #define WC_DECLARE_VAR_IS_HEAP_ALLOC #define WC_DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ VAR_TYPE* VAR_NAME = NULL + #define WC_VAR_OK(VAR_NAME) ((VAR_NAME) != NULL) #define WC_ALLOC_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ do { \ (VAR_NAME) = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * (VAR_SIZE), \ @@ -720,6 +721,14 @@ enum { WC_ALLOC_DO_ON_FAILURE(); \ } \ } while (0) + #define WC_ALLOC_VAR_EX(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP, TY, ONFAIL)\ + do { \ + (VAR_NAME) = (VAR_TYPE*)XMALLOC(sizeof(VAR_TYPE) * (VAR_SIZE), \ + (HEAP), TY); \ + if ((VAR_NAME) == NULL) { \ + ONFAIL; \ + } \ + } while (0) #define WC_CALLOC_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ do { \ WC_ALLOC_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP); \ @@ -727,6 +736,8 @@ enum { } while (0) #define WC_FREE_VAR(VAR_NAME, HEAP) \ XFREE(VAR_NAME, (HEAP), DYNAMIC_TYPE_WOLF_BIGINT) + #define WC_FREE_VAR_EX(VAR_NAME, HEAP, TYPE) \ + XFREE(VAR_NAME, (HEAP), TYPE) #define WC_DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ WC_DECLARE_HEAP_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) #define WC_ARRAY_ARG(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE) \ @@ -743,10 +754,14 @@ enum { #define WC_DECLARE_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ VAR_TYPE VAR_NAME[VAR_SIZE] #define WC_ALLOC_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) WC_DO_NOTHING + #define WC_ALLOC_VAR_EX(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP, TYPE, ONFAIL)\ + WC_DO_NOTHING + #define WC_VAR_OK(VAR_NAME) 1 #define WC_CALLOC_VAR(VAR_NAME, VAR_TYPE, VAR_SIZE, HEAP) \ XMEMSET(VAR_NAME, 0, sizeof(var)) #define WC_FREE_VAR(VAR_NAME, HEAP) WC_DO_NOTHING \ /* nothing to free, its stack */ + #define WC_FREE_VAR_EX(VAR_NAME, HEAP, TYPE) WC_DO_NOTHING #define WC_DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ VAR_TYPE VAR_NAME[VAR_ITEMS][(VAR_SIZE) / sizeof(VAR_TYPE)] /* NOLINT(bugprone-sizeof-expression) */ #define WC_ARRAY_ARG(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE) \ From 6bda10abd08c0733920850c89ccda391f2ce32ba Mon Sep 17 00:00:00 2001 From: effbiae Date: Sat, 13 Sep 2025 13:00:02 +1000 Subject: [PATCH 4/6] define WOLFSSL_SMALL_STACK in tests and benchmark for ASYNC --- tests/api/test_rsa.c | 4 ++++ wolfcrypt/benchmark/benchmark.c | 3 +++ wolfcrypt/test/test.c | 4 ++++ 3 files changed, 11 insertions(+) diff --git a/tests/api/test_rsa.c b/tests/api/test_rsa.c index 97354217e7d..40786e467eb 100644 --- a/tests/api/test_rsa.c +++ b/tests/api/test_rsa.c @@ -28,6 +28,10 @@ #include #endif +#ifdef WOLFSSL_ASYNC_CRYPT + #define WOLFSSL_SMALL_STACK +#endif + #include #include #include diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index a4f2df83a80..8e77f58005c 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -69,6 +69,9 @@ /* Macro to disable benchmark */ #ifndef NO_CRYPT_BENCHMARK +#ifdef WOLFSSL_ASYNC_CRYPT + #define WOLFSSL_SMALL_STACK +#endif #define WC_ALLOC_DO_ON_FAILURE() do { printf("out of memory at benchmark.c L %d\n", __LINE__); ret = MEMORY_E; goto exit; } while (0) #include diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b03b700896e..1e8c87d4590 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -43,6 +43,10 @@ #define WOLFSSL_DEBUG_TRACE_ERROR_CODES_ALWAYS #endif +#ifdef WOLFSSL_ASYNC_CRYPT + #define WOLFSSL_SMALL_STACK +#endif + #if !defined(NO_CRYPT_TEST) || defined(WC_TEST_EXPORT_SUBTESTS) #include From b5c58540648bb36c5c918b79ff8f52a45950a5a7 Mon Sep 17 00:00:00 2001 From: effbiae Date: Sat, 11 Oct 2025 11:12:46 +1100 Subject: [PATCH 5/6] fix for cppcheck defect in src/ssl.c --- src/ssl.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index e60f1469b37..fd37a3aef47 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -5891,8 +5891,13 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) return BAD_FUNC_ARG; } - WC_ALLOC_VAR_EX(cert, DecodedCert, 1, NULL, DYNAMIC_TYPE_DCERT, - {FreeDer(pDer);return MEMORY_E;}); + #ifdef WOLFSSL_SMALL_STACK + cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); + if (cert == NULL) { + FreeDer(pDer); + return MEMORY_E; + } + #endif InitDecodedCert(cert, der->buffer, der->length, cm->heap); @@ -5907,12 +5912,6 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify) WOLFSSL_MSG("\tParsed new CA"); #ifdef WOLFSSL_DEBUG_CERTS - #ifdef WOLFSSL_SMALL_STACK - if (cert == NULL) { - WOLFSSL_MSG_CERT(WOLFSSL_MSG_CERT_INDENT "Failed; cert is NULL"); - } - else - #endif { const char* err_msg; if (ret == 0) { From f4b8f844b2e7efce11d5124a20f719f7ba485c38 Mon Sep 17 00:00:00 2001 From: effbiae Date: Mon, 13 Oct 2025 14:04:06 +1100 Subject: [PATCH 6/6] indent {.*;} macro args --- src/internal.c | 5 ++++- src/ssl.c | 6 +++++- src/ssl_certman.c | 5 ++++- wolfcrypt/src/asn.c | 5 ++++- wolfcrypt/src/pkcs7.c | 5 ++++- 5 files changed, 21 insertions(+), 5 deletions(-) diff --git a/src/internal.c b/src/internal.c index f21e75affd5..35900697ee5 100644 --- a/src/internal.c +++ b/src/internal.c @@ -15908,7 +15908,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, WC_ALLOC_VAR_EX(dCertAdd, DecodedCert, 1, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER, - {ret=MEMORY_E;goto exit_req_v2;}); + { + ret=MEMORY_E; + goto exit_req_v2; + }); InitDecodedCert(dCertAdd, cert->buffer, cert->length, ssl->heap); dCertAdd_inited = 1; diff --git a/src/ssl.c b/src/ssl.c index fd37a3aef47..3d729fe1eb3 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -23475,7 +23475,11 @@ int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names, const WOLF_EC_NIST_NAME* nist_name; WC_ALLOC_VAR_EX(groups, int, WOLFSSL_MAX_GROUP_COUNT, heap, - DYNAMIC_TYPE_TMP_BUFFER, {ret=MEMORY_E;goto leave;}); + DYNAMIC_TYPE_TMP_BUFFER, + { + ret=MEMORY_E; + goto leave; + }); for (idx = 1; names[idx-1] != '\0'; idx++) { if (names[idx] != ':' && names[idx] != '\0') diff --git a/src/ssl_certman.c b/src/ssl_certman.c index 34f66b9cdf9..1fa5d0b490c 100644 --- a/src/ssl_certman.c +++ b/src/ssl_certman.c @@ -746,7 +746,10 @@ int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff, /* Allocate memory for decoded certificate. */ WC_ALLOC_VAR_EX(cert, DecodedCert, 1, cm->heap, DYNAMIC_TYPE_DCERT, - {ret=MEMORY_E;fatal=1;}); + { + ret=MEMORY_E; + fatal=1; + }); if (WC_VAR_OK(cert)) { /* Reset fields of decoded certificate. */ diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 6d6383391c4..7611eb242b0 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -3974,7 +3974,10 @@ int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz) return BAD_FUNC_ARG; WC_ALLOC_VAR_EX(indefItems, IndefItems, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, - {ret=MEMORY_E;goto end;}); + { + ret=MEMORY_E; + goto end; + }); XMEMSET(indefItems, 0, sizeof(*indefItems)); diff --git a/wolfcrypt/src/pkcs7.c b/wolfcrypt/src/pkcs7.c index d340652d26e..54cfe00c5d9 100644 --- a/wolfcrypt/src/pkcs7.c +++ b/wolfcrypt/src/pkcs7.c @@ -11442,7 +11442,10 @@ static int wc_PKCS7_DecryptKari(wc_PKCS7* pkcs7, byte* in, word32 inSz, WC_ALLOC_VAR_EX(encryptedKey, byte, MAX_ENCRYPTED_KEY_SZ, pkcs7->heap, DYNAMIC_TYPE_PKCS7, - {wc_PKCS7_KariFree(kari);return MEMORY_E;}); + { + wc_PKCS7_KariFree(kari); + return MEMORY_E; + }); encryptedKeySz = MAX_ENCRYPTED_KEY_SZ; /* parse cert and key */