Memory usage improvements

configure.ac

@@ -7682,6 +7682,11 @@ case $host_cpu in
     ;;
 esac
 
+if test "$ENABLED_LOWRESOURCE" = "yes" && test "$ENABLED_ECC" = "yes" && (test "$ENABLED_RSA" = "yes" || test "$ENABLED_DH" == "yes") && (test "$ENABLED_SP_MATH" = "yes" || test "$ENABLED_SP_MATH_ALL" = "yes")
+then
+    AM_CFLAGS="$AM_CFLAGS -DALT_ECC_SIZE"
+fi
+
 ################################################################################
 # Update ENABLE_* variables                                                    #
 ################################################################################

examples/client/client.c

@@ -1260,10 +1260,14 @@ static const char* client_usage_msg[][70] = {
 #endif
 #ifdef HAVE_SUPPORTED_CURVES
         "--onlyPskDheKe Must use DHE key exchange with PSK\n",          /* 73 */
+#endif
+#ifndef NO_PSK
+        "--openssl-psk  Use TLS 1.3 PSK callback compatible with "
+        "OpenSSL\n",                                                    /* 74 */
 #endif
         "\n"
            "For simpler wolfSSL TLS client examples, visit\n"
-           "https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 74 */
+           "https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 75 */
         NULL,
     },
 #ifndef NO_MULTIBYTE_PRINT
@@ -1481,11 +1485,15 @@ static const char* client_usage_msg[][70] = {
 #endif
 #ifdef HAVE_SUPPORTED_CURVES
         "--onlyPskDheKe Must use DHE key exchange with PSK\n",          /* 73 */
+#endif
+#ifndef NO_PSK
+        "--openssl-psk  Use TLS 1.3 PSK callback compatible with "
+        "OpenSSL\n",                                                    /* 74 */
 #endif
         "\n"
         "より簡単なwolfSSL TSL クライアントの例については"
                                          "下記にアクセスしてください\n"
-        "https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 74 */
+        "https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 75 */
         NULL,
     },
 #endif
@@ -1852,13 +1860,17 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 #endif
 #ifdef HAVE_SUPPORTED_CURVES
         { "onlyPskDheKe", 0, 264 },
+#endif
+#ifndef NO_PSK
+        { "openssl-psk", 0, 265 },
 #endif
         { 0, 0, 0 }
     };
 #endif
     int    version = CLIENT_INVALID_VERSION;
     int    minVersion = CLIENT_INVALID_VERSION;
     int    usePsk   = 0;
+    int    opensslPsk = 0;
     int    useAnon  = 0;
     int    sendGET  = 0;
     int    benchmark = 0;
@@ -2066,6 +2078,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     (void)loadCertKeyIntoSSLObj;
     (void)usePqc;
     (void)pqcAlg;
+    (void)opensslPsk;
     StackTrap();
 
     /* Reinitialize the global myVerifyAction. */
@@ -2678,6 +2691,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                 #ifdef WOLFSSL_TLS13
                     onlyPskDheKe = 1;
                 #endif
+#endif
+                break;
+            case 265:
+#ifndef NO_PSK
+                opensslPsk = 1;
 #endif
                 break;
             default:
@@ -3060,10 +3078,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         wolfSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
 #ifdef WOLFSSL_TLS13
     #if !defined(WOLFSSL_PSK_TLS13_CB) && !defined(WOLFSSL_PSK_ONE_ID)
-        wolfSSL_CTX_set_psk_client_cs_callback(ctx, my_psk_client_cs_cb);
-    #else
-        wolfSSL_CTX_set_psk_client_tls13_callback(ctx, my_psk_client_tls13_cb);
+        if (!opensslPsk) {
+            wolfSSL_CTX_set_psk_client_cs_callback(ctx, my_psk_client_cs_cb);
+        }
+        else
     #endif
+        {
+            wolfSSL_CTX_set_psk_client_tls13_callback(ctx,
+                my_psk_client_tls13_cb);
+        }
 #endif
         if (defaultCipherList == NULL) {
         #if defined(HAVE_AESGCM) && !defined(NO_DH)

scripts/openssl.test

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-#openssl.test
+# openssl.test
 
 # Enviornment variables used:
 # OPENSSL            (openssl app to use)
@@ -409,6 +409,14 @@ OIFS=$IFS # store old separator to reset
 #
 # Start
 #
+echo
+echo "wolfSSL configuration:"
+./config.status --config
+echo
+echo "OpenSSL version:"
+$OPENSSL version -a
+echo
+
 ps -p $PPID >/dev/null 2>&1
 if [ "$?" = "1" ]
 then
@@ -494,51 +502,86 @@ esac
 
 if [ "$wolf_certs" != "" ]
 then
+    echo
+    # Check if RSA certificates supported in wolfSSL
+    wolf_rsa=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ca-cert.pem" 2>&1`
+    case $wolf_rsa in
+    *"ca file"*)
+        echo "wolfSSL does not support RSA"
+        wolf_rsa=""
+        ;;
+    *)
+        ;;
+    esac
+    if [ "$wolf_rsa" != "" ]; then
+        echo "wolfSSL supports RSA"
+    fi
     # Check if ECC certificates supported in wolfSSL
-    wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/ca-ecc-cert.pem" 2>&1`
+    wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ca-ecc-cert.pem" 2>&1`
     case $wolf_ecc in
     *"ca file"*)
+        echo "wolfSSL does not support ECDSA"
         wolf_ecc=""
         ;;
     *)
         ;;
     esac
+    if [ "$wolf_ecc" != "" ]; then
+        echo "wolfSSL supports ECDSA"
+    fi
     # Check if Ed25519 certificates supported in wolfSSL
     wolf_ed25519=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/root-ed25519.pem" 2>&1`
     case $wolf_ed25519 in
     *"ca file"*)
+        echo "wolfSSL does not support Ed25519"
         wolf_ed25519=""
         ;;
     *)
         ;;
     esac
+    if [ "$wolf_ed25519" != "" ]; then
+        echo "wolfSSL supports Ed25519"
+    fi
     # Check if Ed25519 certificates supported in OpenSSL
     openssl_ed25519=`$OPENSSL s_client -cert "${CERT_DIR}/ed25519/client-ed25519.pem" -key "${CERT_DIR}/ed25519/client-ed25519-priv.pem" 2>&1`
     case $openssl_ed25519 in
     *"unable to load"*)
+        echo "OpenSSL does not support Ed25519"
         wolf_ed25519=""
         ;;
     *)
         ;;
     esac
+    if [ "$wolf_ed25519" != "" ]; then
+        echo "OpenSSL supports Ed25519"
+    fi
     # Check if Ed448 certificates supported in wolfSSL
     wolf_ed448=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed448/root-ed448.pem" 2>&1`
     case $wolf_ed448 in
     *"ca file"*)
+        echo "wolfSSL does not support Ed448"
         wolf_ed448=""
         ;;
     *)
         ;;
     esac
+    if [ "$wolf_ed448" != "" ]; then
+        echo "wolfSSL supports Ed448"
+    fi
     # Check if Ed448 certificates supported in OpenSSL
     openssl_ed448=`$OPENSSL s_client -cert "${CERT_DIR}/ed448/client-ed448.pem" -key "${CERT_DIR}/ed448/client-ed448-priv.pem" 2>&1`
     case $openssl_ed448 in
     *"unable to load"*)
+        echo "OpenSSL does not support Ed448"
         wolf_ed448=""
         ;;
     *)
         ;;
     esac
+    if [ "$wolf_ed448" != "" ]; then
+        echo "OpenSSL supports Ed448"
+    fi
+    echo
 fi
 
 openssl_tls13=`$OPENSSL s_client -help 2>&1`
@@ -664,7 +707,7 @@ if [ "$wolf_ecdsa" != "" -a "$wolf_ecc" != "" ]
 then
     cert_file="${CERT_DIR}/server-ecc.pem"
     key_file="${CERT_DIR}/ecc-key.pem"
-    ca_file="${CERT_DIR}/client-ca.pem"
+    ca_file="${CERT_DIR}/client-ecc-cert.pem"
 
     openssl_suite="ECDH[E]-ECDSA"
     start_openssl_server
@@ -727,7 +770,7 @@ then
     tls13_psk_openssl_port=$server_port
     tls13_psk_openssl_pid=$server_pid
 
-    psk="-s"
+    psk="-s --openssl-psk"
     wolfssl_suite="TLSv1.3_PSK"
     start_wolfssl_server
     tls13_psk_wolfssl_port=$server_port
@@ -977,8 +1020,8 @@ do
         *ECDHE-ECDSA*|*ECDH-ECDSA*)
             if [ "$wolf_ecc" != "" ]
             then
-                cert="${CERT_DIR}/client-cert.pem"
-                key="${CERT_DIR}/client-key.pem"
+                cert="${CERT_DIR}/client-ecc-cert.pem"
+                key="${CERT_DIR}/ecc-client-key.pem"
                 caCert="${CERT_DIR}/ca-ecc-cert.pem"
 
                 port=$ecdsa_openssl_port
@@ -1090,7 +1133,7 @@ do
 
                 wolf_temp_cases_total=$((wolf_temp_cases_total + 1))
                 port=$tls13_psk_openssl_port
-                psk="-s"
+                psk="-s --openssl-psk"
                 # OpenSSL doesn't support DH for key exchange so do no PSK
                 # DHE when ECC not supported
                 if [ "$wolf_ecc" = "" ]

src/internal.c

@@ -25415,6 +25415,29 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
                 if (ret == 0 && hashAlgo > ssl->options.hashAlgo)
                     break;
             #endif
+                if (IsAtLeastTLSv1_2(ssl) && !IsAtLeastTLSv1_3(ssl->version) &&
+                        (ssl->options.side == WOLFSSL_CLIENT_END)) {
+                    /* TLS 1.2 client deciding hash algorithm for
+                     * CertificateVerify. Hash must be one of the handshake
+                     * hashes being maintained. */
+                    if (1
+                    #ifndef NO_SHA
+                        && (hashAlgo != sha_mac)
+                    #endif
+                    #ifndef NO_SHA256
+                        && (hashAlgo != sha256_mac)
+                    #endif
+                    #ifdef WOLFSSL_SHA384
+                        && (hashAlgo != sha384_mac)
+                    #endif
+                    #ifdef WOLFSSL_SHA512
+                        && (hashAlgo != sha512_mac)
+                    #endif
+                        )
+                        {
+                            break;
+                        }
+                }
                 /* The chosen one - but keep looking. */
                 ssl->options.hashAlgo = hashAlgo;
                 ssl->options.sigAlgo = sigAlgo;
@@ -30188,17 +30211,22 @@ int SendCertificateVerify(WOLFSSL* ssl)
             }
         #endif
 
-    #ifndef NO_OLD_TLS
-        #ifndef NO_SHA
-            /* old tls default */
-            SetDigest(ssl, sha_mac);
-        #endif
-    #else
-        #ifndef NO_SHA256
-            /* new tls default */
-            SetDigest(ssl, sha256_mac);
-        #endif
-    #endif /* !NO_OLD_TLS */
+            if (!IsAtLeastTLSv1_2(ssl)) {
+        #ifndef NO_OLD_TLS
+            #ifndef NO_SHA
+                /* old tls default */
+                SetDigest(ssl, sha_mac);
+            #endif
+        #else
+            #ifndef NO_SHA256
+                /* new tls default */
+                SetDigest(ssl, sha256_mac);
+            #endif
+        #endif /* !NO_OLD_TLS */
+            }
+            else {
+                SetDigest(ssl, ssl->options.hashAlgo);
+            }
 
             if (ssl->hsType == DYNAMIC_TYPE_RSA) {
         #ifdef WC_RSA_PSS

src/pk.c

@@ -30,6 +30,15 @@
     #include <wolfssl/wolfcrypt/random.h>
 #endif
 
+#ifdef HAVE_ECC
+    #include <wolfssl/wolfcrypt/ecc.h>
+#endif
+#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
+    /* FIPS build has replaced ecc.h. */
+    #define wc_ecc_key_get_priv(key) (&((key)->k))
+    #define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
+#endif
+
 #if !defined(WOLFSSL_PK_INCLUDED)
     #ifndef WOLFSSL_IGNORE_FILE_WARN
         #warning pk.c does not need to be compiled separately from ssl.c
@@ -11395,7 +11404,7 @@ static int wolfssl_ec_key_int_copy(ecc_key* dst, const ecc_key* src)
 
     if (ret == 0) {
         /* Copy private key. */
-        ret = mp_copy(&src->k, &dst->k);
+        ret = mp_copy(wc_ecc_key_get_priv(src), wc_ecc_key_get_priv(dst));
         if (ret != MP_OKAY) {
             WOLFSSL_MSG("mp_copy error");
         }
@@ -12533,7 +12542,8 @@ int SetECKeyExternal(WOLFSSL_EC_KEY* eckey)
 
         /* set the external privkey */
         if ((ret == 1) && (key->type == ECC_PRIVATEKEY) &&
-                (wolfssl_bn_set_value(&eckey->priv_key, &key->k) != 1)) {
+                (wolfssl_bn_set_value(&eckey->priv_key,
+                wc_ecc_key_get_priv(key)) != 1)) {
             WOLFSSL_MSG("ec priv key error");
             ret = -1;
         }
@@ -12604,12 +12614,13 @@ int SetECKeyInternal(WOLFSSL_EC_KEY* eckey)
 
         /* set privkey */
         if ((ret == 1) && (eckey->priv_key != NULL)) {
-            if (wolfssl_bn_get_value(eckey->priv_key, &key->k) != 1) {
+            if (wolfssl_bn_get_value(eckey->priv_key,
+                    wc_ecc_key_get_priv(key)) != 1) {
                 WOLFSSL_MSG("ec key priv error");
                 ret = -1;
             }
             /* private key */
-            if ((ret == 1) && (!mp_iszero(&key->k))) {
+            if ((ret == 1) && (!mp_iszero(wc_ecc_key_get_priv(key)))) {
                 if (pubSet) {
                     key->type = ECC_PRIVATEKEY;
                 }