Memory reduction (#54)

* Reduce memory usage for determining encoding size. Some devices don't have the memory to spare to use an 8K buffer to determine the size of buffer that is needed for encoding. * Enable limiting decoders * Add COSE_ERR_UNSUPPORTED_COSE_TYPE * Adapt tests for decoders not configured * Setup to build individuals Setup to do indivual COSE elements. We are going to assume that if individuals build and all build then all combinations are going to build * Pass NULL to cn_cbor_encoder_write to get the size. * Conditional compilation based on INCLUDE_* defines * Revert "Adapt tests for decoders not configured" This reverts commit a66f0a7. * Add missing compile checks in sign corner cases * Fix cmake check for excluding sign0 * Fix unintentional whitespace differences
cose-wg · Apr 25, 2018 · acc638b · acc638b
1 parent f694970
commit acc638b
Show file tree

Hide file tree

Showing 20 changed files with 359 additions and 43 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -10,6 +10,12 @@ env:
   - USE_CONTEXT=ON
   - USE_CONTEXT=OFF
   - USE_CONTEXT=OFF USE_EMBEDTLS=ON
+  - CMAKE_OPTIONS="-Dinclude_encrypt=ON -Dinclude_encrypt0=OFF -Dinclude_mac0=OFF -Dinclude_mac=OFF -Dinclude_sign=OFF -Dinclude_sign0=OFF"
+  - CMAKE_OPTIONS="-Dinclude_encrypt=OFF -Dinclude_encrypt0=ON -Dinclude_mac0=OFF -Dinclude_mac=OFF -Dinclude_sign=OFF -Dinclude_sign0=OFF"
+  - CMAKE_OPTIONS="-Dinclude_encrypt=OFF -Dinclude_encrypt0=OFF -Dinclude_mac0=ON -Dinclude_mac=OFF -Dinclude_sign=OFF -Dinclude_sign0=OFF"
+  - CMAKE_OPTIONS="-Dinclude_encrypt=OFF -Dinclude_encrypt0=OFF -Dinclude_mac0=OFF -Dinclude_mac=ON -Dinclude_sign=OFF -Dinclude_sign0=OFF"
+  - CMAKE_OPTIONS="-Dinclude_encrypt=OFF -Dinclude_encrypt0=OFF -Dinclude_mac0=OFF -Dinclude_mac=OFF -Dinclude_sign=ON -Dinclude_sign0=OFF"
+  - CMAKE_OPTIONS="-Dinclude_encrypt=OFF -Dinclude_encrypt0=OFF -Dinclude_mac0=OFF -Dinclude_mac=OFF -Dinclude_sign=OFF -Dinclude_sign0=ON"
 matrix:
   exclude:
     - compiler: clang
@@ -31,7 +37,7 @@ script:
   - cmake --version
   - git clone --depth 1 git://github.com/cose-wg/Examples Examples
   - mkdir build
-  - cd build && cmake -Duse_context=$USE_CONTEXT -Dcoveralls_send=ON  -Duse_embedtls=$USE_EMBEDTLS .. && make all test
+  - cd build && cmake -Duse_context=$USE_CONTEXT -Dcoveralls_send=ON  -Duse_embedtls=$USE_EMBEDTLS $CMAKE_OPTIONS .. && make all test
 
 after_success:
   - make coveralls

diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -26,6 +26,12 @@ option ( coveralls_send "Send data to coveralls site" OFF )
 option (build_docs      "Create docs using Doxygen" ${DOXYGEN_FOUND} )
 option (build_shared_libs "Build Shared Libraries" ON)
 option (use_embedtls    "Use MBedTLS for the Crypto Package" OFF)
+option (include_encrypt  "Include COSE_ENCRYPT" ON)
+option (include_encrypt0 "Include COSE_ENCRYPT0" ON)
+option (include_mac      "Include COSE_MAC" ON)
+option (include_mac0     "Include COSE_MAC0" ON)
+option (include_sign     "Include COSE_SIGN" ON)
+option (include_sign0    "Include COSE_SIGN0" ON)
 
 set ( dist_dir          ${CMAKE_BINARY_DIR}/dist )
 set ( prefix            ${CMAKE_INSTALL_PREFIX} )
@@ -44,6 +50,25 @@ if (NOT CMAKE_BUILD_TYPE)
    endif ()
 endif ()
 
+if (NOT include_encrypt)
+   add_definitions( -DINCLUDE_ENCRYPT=0 )
+endif ()
+if (NOT include_encrypt0)
+   add_definitions( -DINCLUDE_ENCRYPT0=0 )
+endif ()
+if (NOT include_mac)
+   add_definitions( -DINCLUDE_MAC=0 )
+endif ()
+if (NOT include_mac0)
+   add_definitions( -DINCLUDE_MAC0=0 )
+endif ()
+if (NOT include_sign)
+   add_definitions( -DINCLUDE_SIGN=0 )
+endif ()
+if (NOT include_sign0)
+   add_definitions( -DINCLUDE_SIGN0=0 )
+endif ()
+
 if ( MSVC OR CMAKE_C_COMPILER_ID MATCHES "Clang" )
    set (coveralls OFF)
 endif ()

diff --git a/src/Cose.c b/src/Cose.c
@@ -151,45 +151,69 @@ HCOSE COSE_Decode(const byte * rgbData, size_t cbData, int * ptype, COSE_object_
 
 	switch (*ptype) {
 	case COSE_enveloped_object:
+#if INCLUDE_ENCRYPT
 		h = (HCOSE)_COSE_Enveloped_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
 		if (h == NULL) {
 			goto errorReturn;
 		}
+#else
+		FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+#endif
 		break;
 
 	case COSE_sign_object:
+#if INCLUDE_SIGN
 		h = (HCOSE)_COSE_Sign_Init_From_Object(cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
 		if (h == NULL) {
 			goto errorReturn;
 		}
+#else
+		FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+#endif
 		break;
 
 	case COSE_sign0_object:
+#if INCLUDE_SIGN0
 		h = (HCOSE)_COSE_Sign0_Init_From_Object(cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
 		if (h == NULL) {
 			goto errorReturn;
 		}
+#else
+		FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+#endif
 		break;
 
 	case COSE_mac_object:
+#if INCLUDE_MAC
 		h = (HCOSE)_COSE_Mac_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
 		if (h == NULL) {
 			goto errorReturn;
 		}
+#else
+		FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+#endif
 		break;
 
 	case COSE_mac0_object:
+#if INCLUDE_MAC0
 		h = (HCOSE)_COSE_Mac0_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
 		if (h == NULL) {
 			goto errorReturn;
 		}
+#else
+		FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+#endif
 		break;
 
 	case COSE_encrypt_object:
+#if INCLUDE_ENCRYPT0
 		h = (HCOSE)_COSE_Encrypt_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
 		if (h == NULL) {
 			goto errorReturn;
 		}
+#else
+		FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+#endif
 		break;
 
 	default:

diff --git a/src/Encrypt.c b/src/Encrypt.c
@@ -12,10 +12,13 @@
 #include "configure.h"
 #include "crypto.h"
 
+#if INCLUDE_ENCRYPT || INCLUDE_MAC
 void _COSE_Enveloped_Release(COSE_Enveloped * p);
 
 COSE * EnvelopedRoot = NULL;
+#endif
 
+#if INCLUDE_ENCRYPT
 /*! \private
 * @brief Test if a HCOSE_ENVELOPED handle is valid
 *
@@ -72,7 +75,9 @@ HCOSE_ENVELOPED COSE_Enveloped_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA co
 errorReturn:
 	return NULL;
 }
+#endif
 
+#if INCLUDE_ENCRYPT || INCLUDE_MAC
 HCOSE_ENVELOPED _COSE_Enveloped_Init_From_Object(cn_cbor * cbor, COSE_Enveloped * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
 {
 	COSE_Enveloped * pobj = pIn;
@@ -114,7 +119,9 @@ HCOSE_ENVELOPED _COSE_Enveloped_Init_From_Object(cn_cbor * cbor, COSE_Enveloped
 
 	return(HCOSE_ENVELOPED) pobj;
 }
+#endif
 
+#if INCLUDE_ENCRYPT
 bool COSE_Enveloped_Free(HCOSE_ENVELOPED h)
 {
 #ifdef USE_CBOR_CONTEXT
@@ -141,7 +148,9 @@ bool COSE_Enveloped_Free(HCOSE_ENVELOPED h)
 
 	return true;
 }
+#endif
 
+#if INCLUDE_ENCRYPT || INCLUDE_MAC
 void _COSE_Enveloped_Release(COSE_Enveloped * p)
 {
 	COSE_RecipientInfo * pRecipient1;
@@ -157,7 +166,9 @@ void _COSE_Enveloped_Release(COSE_Enveloped * p)
 
 	_COSE_Release(&p->m_message);
 }
+#endif
 
+#if INCLUDE_ENCRYPT
 bool COSE_Enveloped_decrypt(HCOSE_ENVELOPED h, HCOSE_RECIPIENT hRecip, cose_errback * perr)
 {
 	COSE_Enveloped * pcose = (COSE_Enveloped *)h;
@@ -173,7 +184,9 @@ bool COSE_Enveloped_decrypt(HCOSE_ENVELOPED h, HCOSE_RECIPIENT hRecip, cose_errb
 	errorReturn:
 	return f;
 }
+#endif
 
+#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0
 bool _COSE_Enveloped_decrypt(COSE_Enveloped * pcose, COSE_RecipientInfo * pRecip, const byte *pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
 {
 	int alg;
@@ -405,7 +418,9 @@ bool _COSE_Enveloped_decrypt(COSE_Enveloped * pcose, COSE_RecipientInfo * pRecip
 
 	return true;
 }
+#endif
 
+#if INCLUDE_ENCRYPT
 bool COSE_Enveloped_encrypt(HCOSE_ENVELOPED h, cose_errback * perr)
 {
 	COSE_Enveloped * pcose = (COSE_Enveloped *)h;
@@ -418,7 +433,9 @@ bool COSE_Enveloped_encrypt(HCOSE_ENVELOPED h, cose_errback * perr)
 errorReturn:
 	return false;
 }
+#endif
 
+#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0
 bool _COSE_Enveloped_encrypt(COSE_Enveloped * pcose, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
 {
 	int alg;
@@ -654,7 +671,9 @@ bool _COSE_Enveloped_encrypt(COSE_Enveloped * pcose, const byte * pbKeyIn, size_
 	}
 	return fRet;
 }
+#endif
 
+#if INCLUDE_ENCRYPT
 bool COSE_Enveloped_SetContent(HCOSE_ENVELOPED h, const byte * rgb, size_t cb, cose_errback * perr)
 {
 	CHECK_CONDITION(IsValidEnvelopedHandle(h), COSE_ERR_INVALID_HANDLE);
@@ -785,7 +804,9 @@ bool COSE_Enveloped_AddRecipient(HCOSE_ENVELOPED hEnc, HCOSE_RECIPIENT hRecip, c
 errorReturn:
 	return false;
 }
+#endif
 
+#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0 || INCLUDE_MAC || INCLUDE_MAC0
 bool _COSE_Encrypt_Build_AAD(COSE * pMessage, byte ** ppbAAD, size_t * pcbAAD, const char * szContext, cose_errback * perr)
 {
 #ifdef USE_CBOR_CONTEXT
@@ -841,7 +862,9 @@ bool _COSE_Encrypt_Build_AAD(COSE * pMessage, byte ** ppbAAD, size_t * pcbAAD, c
 	if (pAuthData != NULL) CN_CBOR_FREE(pAuthData, context);
 	return false;
 }
+#endif
 
+#if INCLUDE_ENCRYPT
 HCOSE_RECIPIENT COSE_Enveloped_GetRecipient(HCOSE_ENVELOPED cose, int iRecipient, cose_errback * perr)
 {
 	int i;
@@ -880,3 +903,5 @@ HCOSE_COUNTERSIGN COSE_Enveloped_GetCounterSigner(HCOSE_ENCRYPT h, int iSigner,
 	return NULL;
 }
 #endif
+
+#endif
diff --git a/src/Encrypt0.c b/src/Encrypt0.c
@@ -12,10 +12,13 @@
 #include "configure.h"
 #include "crypto.h"
 
+#if INCLUDE_ENCRYPT0 || INCLUDE_MAC0
 void _COSE_Encrypt_Release(COSE_Encrypt * p);
 
 COSE * EncryptRoot = NULL;
+#endif
 
+#if INCLUDE_ENCRYPT0
 /*! \private
 * @brief Test if a HCOSE_ENCRYPT handle is valid
 *
@@ -35,8 +38,9 @@ bool IsValidEncryptHandle(HCOSE_ENCRYPT h)
 	COSE_Encrypt * p = (COSE_Encrypt *)h;
 	return _COSE_IsInList(EncryptRoot, (COSE *)p);
 }
+#endif
 
-
+#if INCLUDE_ENCRYPT0 || INCLUDE_MAC0
 HCOSE_ENCRYPT COSE_Encrypt_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
 {
 	CHECK_CONDITION(flags == COSE_INIT_FLAGS_NONE, COSE_ERR_INVALID_PARAMETER);
@@ -56,7 +60,9 @@ HCOSE_ENCRYPT COSE_Encrypt_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_e
 errorReturn:
 	return NULL;
 }
+#endif
 
+#if INCLUDE_ENCRYPT0
 HCOSE_ENCRYPT _COSE_Encrypt_Init_From_Object(cn_cbor * cbor, COSE_Encrypt * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
 {
 	COSE_Encrypt * pobj = pIn;
@@ -108,14 +114,18 @@ bool COSE_Encrypt_Free(HCOSE_ENCRYPT h)
 
 	return true;
 }
+#endif
 
+#if INCLUDE_ENCRYPT0 || INCLUDE_MAC0
 void _COSE_Encrypt_Release(COSE_Encrypt * p)
 {
 	if (p->pbContent != NULL) COSE_FREE((void *) p->pbContent, &p->m_message.m_allocContext);
 
 	_COSE_Release(&p->m_message);
 }
+#endif
 
+#if INCLUDE_ENCRYPT0
 bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT h, const byte * pbKey, size_t cbKey, cose_errback * perr)
 {
 	COSE_Encrypt * pcose = (COSE_Encrypt *)h;
@@ -210,3 +220,5 @@ bool COSE_Encrypt_map_put_int(HCOSE_ENCRYPT h, int key, cn_cbor * value, int fla
 
 	return _COSE_map_put(&((COSE_Encrypt *)h)->m_message, key, value, flags, perror);
 }
+
+#endif
diff --git a/src/MacMessage.c b/src/MacMessage.c
@@ -13,6 +13,8 @@
 #include "configure.h"
 #include "crypto.h"
 
+#if INCLUDE_MAC
+
 COSE * MacRoot = NULL;
 
 /*! \private
@@ -219,8 +221,9 @@ bool COSE_Mac_map_put_int(HCOSE_MAC h, int key, cn_cbor * value, int flags, cose
 
 	return _COSE_map_put(&((COSE_MacMessage *)h)->m_message, key, value, flags, perror);
 }
+#endif
 
-
+#if INCLUDE_MAC || INCLUDE_MAC0
 bool _COSE_Mac_Build_AAD(COSE * pCose, const char * szContext, byte ** ppbAuthData, size_t * pcbAuthData, CBOR_CONTEXT_COMMA cose_errback * perr)
 {
 	cn_cbor * pAuthData = NULL;
@@ -294,7 +297,9 @@ bool _COSE_Mac_Build_AAD(COSE * pCose, const char * szContext, byte ** ppbAuthDa
 	if (ptmp != NULL) CN_CBOR_FREE(ptmp, context);
 	return fRet;
 }
+#endif
 
+#if INCLUDE_MAC
 bool COSE_Mac_encrypt(HCOSE_MAC h, cose_errback * perr)
 {
 	COSE_MacMessage * pcose = (COSE_MacMessage *)h;
@@ -307,7 +312,9 @@ bool COSE_Mac_encrypt(HCOSE_MAC h, cose_errback * perr)
 	errorReturn:
 		return false;
 }
+#endif
 
+#if INCLUDE_MAC || INCLUDE_MAC0
 bool _COSE_Mac_compute(COSE_MacMessage * pcose, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
 {
 	int alg;
@@ -499,7 +506,9 @@ bool _COSE_Mac_compute(COSE_MacMessage * pcose, const byte * pbKeyIn, size_t cbK
 	if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
 	return fRet;
 }
+#endif
 
+#if INCLUDE_MAC
 bool COSE_Mac_validate(HCOSE_MAC h, HCOSE_RECIPIENT hRecip, cose_errback * perr)
 {
 	COSE_MacMessage * pcose = (COSE_MacMessage *)h;
@@ -512,7 +521,9 @@ bool COSE_Mac_validate(HCOSE_MAC h, HCOSE_RECIPIENT hRecip, cose_errback * perr)
 errorReturn:
 	return false;
 }
+#endif
 
+#if INCLUDE_MAC || INCLUDE_MAC0
 bool _COSE_Mac_validate(COSE_MacMessage * pcose, COSE_RecipientInfo * pRecip, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
 {
 	byte * pbAuthData = NULL;
@@ -700,7 +711,9 @@ bool _COSE_Mac_validate(COSE_MacMessage * pcose, COSE_RecipientInfo * pRecip, co
 
 	return fRet;
 }
+#endif
 
+#if INCLUDE_MAC
 bool COSE_Mac_AddRecipient(HCOSE_MAC hMac, HCOSE_RECIPIENT hRecip, cose_errback * perr)
 {
 	COSE_RecipientInfo * pRecip;
@@ -764,3 +777,5 @@ HCOSE_RECIPIENT COSE_Mac_GetRecipient(HCOSE_MAC cose, int iRecipient, cose_errba
 errorReturn:
 	return NULL;
 }
+
+#endif