Merge pull request #10508 from JacobBarthelmeh/static_analysis_3

devcrypto fixes, forcezero on memory after use, RX64 GetHash port fix, blake2 stor64 alignment

Author: SparkiDev

linuxkm/lkcapi_aes_glue.c

@@ -408,7 +408,7 @@ static int km_AesInitCommon(
         if (! ctx->aes_decrypt_C) {
             pr_err("%s: allocation of %zu bytes for decryption key failed.\n",
                    name, sizeof(*ctx->aes_decrypt_C));
-            err = -MEMORY_E;
+            err = -ENOMEM;
             goto out;
         }
 

wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c

@@ -318,6 +318,23 @@ static int RX64_HashGet(wolfssl_RX64_HW_Hash* hash, byte* out)
         return BAD_FUNC_ARG;
     }
 
+    /* RX64 HW SHA rejects empty input; return the documented empty-message
+     * digest instead. This matches the special case in RX64_HashFinal so
+     * callers like wc_Sha256GetHash on a freshly-initialised state succeed. */
+    if ((hash->msg == NULL) && (hash->len == 0) && (hash->used == 0))
+    {
+        if (hash->sha_type == RX64_SHA1) {
+            XMEMCPY(out, DefaultShaHashData, sizeof(DefaultShaHashData));
+        }
+        else if (hash->sha_type == RX64_SHA224) {
+            XMEMCPY(out, DefaultSha224HashData, sizeof(DefaultSha224HashData));
+        }
+        else if (hash->sha_type == RX64_SHA256) {
+            XMEMCPY(out, DefaultSha256HashData, sizeof(DefaultSha256HashData));
+        }
+        return 0;
+    }
+
     ret = RX64_ShaCalc(hash->msg, hash->len, out, hash->sha_type);
     if (ret != R_PROCESS_COMPLETE) {
         return ret;

wolfcrypt/src/port/devcrypto/devcrypto_ecdsa.c

@@ -64,6 +64,7 @@ int wc_DevCryptoEccKeyGen(int curveId, int enc, byte* pri, word32 priSz,
     }
 
     if (ret == 0) {
+        XMEMSET(&kop, 0, sizeof(kop));
         kop.crk_op = CRK_ECC_KEYGEN;
         kop.ses    = ctx.sess.ses;
         kop.crk_flags = ecdsel;

wolfcrypt/src/port/devcrypto/devcrypto_rsa.c

@@ -89,11 +89,11 @@ static void wc_SetupRsaPrivate(struct crypt_kop* kop, WC_CRYPTODEV* dev,
 
     if (dpSz == 0 || dqSz == 0) {
         kop->crk_param[inIdx].crp_p     = n;
-        kop->crk_param[inIdx].crp_nbits = dSz * WOLFSSL_BIT_SIZE;
+        kop->crk_param[inIdx].crp_nbits = nSz * WOLFSSL_BIT_SIZE;
         inIdx++;
 
         kop->crk_param[inIdx].crp_p     = d;
-        kop->crk_param[inIdx].crp_nbits = nSz * WOLFSSL_BIT_SIZE;
+        kop->crk_param[inIdx].crp_nbits = dSz * WOLFSSL_BIT_SIZE;
         inIdx++;
     }
     else {

wolfcrypt/src/port/devcrypto/wc_devcrypto.c

@@ -234,7 +234,7 @@ void wc_SetupCryptAead(struct crypt_auth_op* crt, WC_CRYPTODEV* dev,
          byte* src, word32 srcSz, byte* dst, byte* iv, word32 ivSz, int flag,
          byte* authIn, word32 authInSz, byte* authTag, word32 authTagSz)
 {
-    XMEMSET(crt, 0, sizeof(struct crypt_op));
+    XMEMSET(crt, 0, sizeof(struct crypt_auth_op));
     crt->ses    = dev->sess.ses;
     crt->src    = src;
     crt->len    = srcSz;

wolfcrypt/src/port/nxp/dcp_port.c

@@ -31,6 +31,12 @@
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef NO_INLINE
+    #include <wolfssl/wolfcrypt/misc.h>
+#else
+    #define WOLFSSL_MISC_INCLUDED
+    #include <wolfcrypt/src/misc.c>
+#endif
 
 #if defined(__DCACHE_PRESENT) && (__DCACHE_PRESENT == 1U) && defined(DCP_USE_DCACHE) && (DCP_USE_DCACHE == 1U)
 #error "DCACHE not supported by this driver. Please undefine DCP_USE_DCACHE."
@@ -205,14 +211,18 @@ int DCPAesInit(Aes *aes)
     return 0;
 }
 
+static unsigned char  aes_key_aligned[16] __attribute__((aligned(0x10)));
+
 void DCPAesFree(Aes *aes)
 {
+    dcp_lock();
+    ForceZero(aes_key_aligned, sizeof(aes_key_aligned));
+    dcp_unlock();
     dcp_free(aes->handle.channel);
     aes->handle.channel = 0;
 }
 
 
-static unsigned char  aes_key_aligned[16] __attribute__((aligned(0x10)));
 int  DCPAesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
                           int dir)
 {
@@ -231,8 +241,9 @@ int  DCPAesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
             return WC_HW_E;
     }
     dcp_lock();
-    memcpy(aes_key_aligned, key, 16);
+    XMEMCPY(aes_key_aligned, key, 16);
     status = DCP_AES_SetKey(DCP, &aes->handle, aes_key_aligned, 16);
+    ForceZero(aes_key_aligned, sizeof(aes_key_aligned));
     if (status != kStatus_Success)
         status = WC_HW_E;
     else {

wolfcrypt/src/port/tropicsquare/tropic01.c

@@ -565,6 +565,9 @@ int Tropic01_Deinit(void)
         WOLFSSL_MSG("TROPIC01: Crypto device deinitialized successfully");
     }
 
+    ForceZero(sh0priv, sizeof(sh0priv));
+    ForceZero(sh0pub, sizeof(sh0pub));
+
     return 0;
 }
 

wolfcrypt/src/rc2.c

@@ -171,10 +171,10 @@ int wc_Rc2EcbEncrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
         return BUFFER_E;
     }
 
-    r10 = (in[1] << 8) | in[0]; /* R[0] */
-    r32 = (in[3] << 8) | in[2]; /* R[1] */
-    r54 = (in[5] << 8) | in[4]; /* R[2] */
-    r76 = (in[7] << 8) | in[6]; /* R[3] */
+    r10 = (word16)((word16)in[1] << 8) | in[0]; /* R[0] */
+    r32 = (word16)((word16)in[3] << 8) | in[2]; /* R[1] */
+    r54 = (word16)((word16)in[5] << 8) | in[4]; /* R[2] */
+    r76 = (word16)((word16)in[7] << 8) | in[6]; /* R[3] */
 
     for (i = 0; i < 16; i++) {
         j = i * 4;
@@ -236,10 +236,10 @@ int wc_Rc2EcbDecrypt(Rc2* rc2, byte* out, const byte* in, word32 sz)
         return BUFFER_E;
     }
 
-    r0 = (in[1] << 8) | in[0];
-    r1 = (in[3] << 8) | in[2];
-    r2 = (in[5] << 8) | in[4];
-    r3 = (in[7] << 8) | in[6];
+    r0 = (word16)((word16)in[1] << 8) | in[0];
+    r1 = (word16)((word16)in[3] << 8) | in[2];
+    r2 = (word16)((word16)in[5] << 8) | in[4];
+    r3 = (word16)((word16)in[7] << 8) | in[6];
 
     for (i = 16; i > 0; i--) {
         j = 4*i - 1;

wolfssl/wolfcrypt/blake2-impl.h

@@ -40,7 +40,8 @@
 
 static WC_INLINE word32 load32( const void *src )
 {
-#if defined(LITTLE_ENDIAN_ORDER)
+#if defined(LITTLE_ENDIAN_ORDER) && \
+    (!defined(WOLFSSL_GENERAL_ALIGNMENT) || (WOLFSSL_GENERAL_ALIGNMENT == 0))
   return *( const word32 * )( src );
 #else
   const byte *p = ( const byte * )src;
@@ -54,7 +55,8 @@ static WC_INLINE word32 load32( const void *src )
 
 static WC_INLINE word64 load64( const void *src )
 {
-#if defined(LITTLE_ENDIAN_ORDER)
+#if defined(LITTLE_ENDIAN_ORDER) && \
+    (!defined(WOLFSSL_GENERAL_ALIGNMENT) || (WOLFSSL_GENERAL_ALIGNMENT == 0))
   return *( const word64 * )( src );
 #else
   const byte *p = ( const byte * )src;
@@ -72,7 +74,8 @@ static WC_INLINE word64 load64( const void *src )
 
 static WC_INLINE void store32( void *dst, word32 w )
 {
-#if defined(LITTLE_ENDIAN_ORDER)
+#if defined(LITTLE_ENDIAN_ORDER) && \
+    (!defined(WOLFSSL_GENERAL_ALIGNMENT) || (WOLFSSL_GENERAL_ALIGNMENT == 0))
   *( word32 * )( dst ) = w;
 #else
   byte *p = ( byte * )dst;
@@ -85,7 +88,8 @@ static WC_INLINE void store32( void *dst, word32 w )
 
 static WC_INLINE void store64( void *dst, word64 w )
 {
-#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_GENERAL_ALIGNMENT)
+#if defined(LITTLE_ENDIAN_ORDER) && \
+    (!defined(WOLFSSL_GENERAL_ALIGNMENT) || (WOLFSSL_GENERAL_ALIGNMENT == 0))
   *( word64 * )( dst ) = w;
 #else
   byte *p = ( byte * )dst;