diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 8f421542fd..7fc62536a9 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -2551,7 +2551,7 @@ typedef enum bench_stat_type { if (bstat == NULL) { /* allocate new and put on list */ - bstat = (bench_stats_t*)XMALLOC(sizeof(bench_stats_t), NULL, + bstat = (bench_stats_t*)XMALLOC(sizeof(bench_stats_t), HEAP_HINT, DYNAMIC_TYPE_INFO); if (bstat) { XMEMSET(bstat, 0, sizeof(bench_stats_t)); @@ -3719,7 +3719,7 @@ static WC_INLINE void bench_stats_free(void) bench_stats_t* bstat; for (bstat = bench_stats_head; bstat != NULL; ) { bench_stats_t* next = bstat->next; - XFREE(bstat, NULL, DYNAMIC_TYPE_INFO); + XFREE(bstat, HEAP_HINT, DYNAMIC_TYPE_INFO); bstat = next; } bench_stats_head = NULL; @@ -6470,7 +6470,7 @@ static void bench_aesofb_internal(const byte* key, bench_stats_prepare(); - ret = wc_AesInit(&enc, NULL, INVALID_DEVID); + ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID); if (ret != 0) { printf("AesInit failed at L%d, ret = %d\n", __LINE__, ret); return; @@ -11539,7 +11539,7 @@ static void bench_lms_keygen(enum wc_LmsParm parm, byte* pub) return; } - ret = wc_LmsKey_Init(&key, NULL, INVALID_DEVID); + ret = wc_LmsKey_Init(&key, HEAP_HINT, INVALID_DEVID); if (ret) { printf("wc_LmsKey_Init failed: %d\n", ret); wc_FreeRng(&rng); @@ -11555,7 +11555,7 @@ static void bench_lms_keygen(enum wc_LmsParm parm, byte* pub) wc_LmsKey_Free(&key); - ret = wc_LmsKey_Init(&key, NULL, INVALID_DEVID); + ret = wc_LmsKey_Init(&key, HEAP_HINT, INVALID_DEVID); if (ret) { printf("wc_LmsKey_Init failed: %d\n", ret); goto exit_lms_keygen; @@ -11644,7 +11644,7 @@ static void bench_lms_sign_verify(enum wc_LmsParm parm, byte* pub) bench_stats_prepare(); - ret = wc_LmsKey_Init(&key, NULL, INVALID_DEVID); + ret = wc_LmsKey_Init(&key, HEAP_HINT, INVALID_DEVID); if (ret) { printf("wc_LmsKey_Init failed: %d\n", ret); goto exit_lms_sign_verify; @@ -12124,7 +12124,7 @@ static void bench_xmss_sign_verify(const char * params) freeRng = 1; - ret = wc_XmssKey_Init(&key, NULL, INVALID_DEVID); + ret = wc_XmssKey_Init(&key, HEAP_HINT, INVALID_DEVID); if (ret != 0) { printf("wc_XmssKey_Init failed: %d\n", ret); goto exit_xmss_sign_verify; @@ -12602,7 +12602,8 @@ void bench_slhdsa(int param) WC_ALLOC_VAR_EX(sig, byte, WC_SLHDSA_MAX_SIG_LEN, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER, goto exit); - ret = wc_SlhDsaKey_Init(key, (enum SlhDsaParam)param, NULL, INVALID_DEVID); + ret = wc_SlhDsaKey_Init(key, (enum SlhDsaParam)param, HEAP_HINT, + INVALID_DEVID); if (ret != 0) { goto exit; } @@ -12664,7 +12665,8 @@ void bench_slhdsa(int param) goto exit; } - ret = wc_SlhDsaKey_Init(key_vfy, (enum SlhDsaParam)param, NULL, INVALID_DEVID); + ret = wc_SlhDsaKey_Init(key_vfy, (enum SlhDsaParam)param, HEAP_HINT, + INVALID_DEVID); if (ret != 0) { goto exit; } @@ -14215,7 +14217,7 @@ void bench_eccsiKeyGen(void) bench_stats_start(&count, &start); do { for (i = 0; i < genTimes; i++) { - wc_InitEccsiKey(genKey, NULL, INVALID_DEVID); + wc_InitEccsiKey(genKey, HEAP_HINT, INVALID_DEVID); ret = wc_MakeEccsiKey(genKey, &gRng); wc_FreeEccsiKey(genKey); if (ret != 0) { @@ -14260,7 +14262,7 @@ void bench_eccsiPairGen(void) (void)mp_init(ssk); pvt = wc_ecc_new_point(); - wc_InitEccsiKey(genKey, NULL, INVALID_DEVID); + wc_InitEccsiKey(genKey, HEAP_HINT, INVALID_DEVID); (void)wc_MakeEccsiKey(genKey, &gRng); /* RSK Gen */ @@ -14319,7 +14321,7 @@ void bench_eccsiValidate(void) (void)mp_init(ssk); pvt = wc_ecc_new_point(); - wc_InitEccsiKey(genKey, NULL, INVALID_DEVID); + wc_InitEccsiKey(genKey, HEAP_HINT, INVALID_DEVID); (void)wc_MakeEccsiKey(genKey, &gRng); (void)wc_MakeEccsiPair(genKey, &gRng, WC_HASH_TYPE_SHA256, id, sizeof(id), ssk, pvt); @@ -14384,7 +14386,7 @@ void bench_eccsi(void) (void)mp_init(ssk); pvt = wc_ecc_new_point(); - (void)wc_InitEccsiKey(genKey, NULL, INVALID_DEVID); + (void)wc_InitEccsiKey(genKey, HEAP_HINT, INVALID_DEVID); (void)wc_MakeEccsiKey(genKey, &gRng); (void)wc_MakeEccsiPair(genKey, &gRng, WC_HASH_TYPE_SHA256, id, sizeof(id), ssk, pvt); @@ -14475,7 +14477,7 @@ void bench_sakkeKeyGen(void) bench_stats_start(&count, &start); do { for (i = 0; i < genTimes; i++) { - wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID); + wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, HEAP_HINT, INVALID_DEVID); ret = wc_MakeSakkeKey(genKey, &gRng); if (ret != 0) { printf("wc_MakeSakkeKey failed: %d\n", ret); @@ -14517,7 +14519,7 @@ void bench_sakkeRskGen(void) WC_ALLOC_VAR(genKey, SakkeKey, 1, HEAP_HINT); rsk = wc_ecc_new_point(); - wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID); + wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, HEAP_HINT, INVALID_DEVID); (void)wc_MakeSakkeKey(genKey, &gRng); /* RSK Gen */ @@ -14570,7 +14572,7 @@ void bench_sakkeValidate(void) WC_ALLOC_VAR(genKey, SakkeKey, 1, HEAP_HINT); rsk = wc_ecc_new_point(); - (void)wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID); + (void)wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, HEAP_HINT, INVALID_DEVID); (void)wc_MakeSakkeKey(genKey, &gRng); (void)wc_MakeSakkeRsk(genKey, id, sizeof(id), rsk); (void)wc_ValidateSakkeRsk(genKey, id, sizeof(id), rsk, &valid); @@ -14634,7 +14636,7 @@ void bench_sakke(void) XMEMCPY(ssv, ssv_init, sizeof ssv); rsk = wc_ecc_new_point(); - (void)wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID); + (void)wc_InitSakkeKey_ex(genKey, 128, ECC_SAKKE_1, HEAP_HINT, INVALID_DEVID); (void)wc_MakeSakkeKey(genKey, &gRng); (void)wc_MakeSakkeRsk(genKey, id, sizeof(id), rsk); (void)wc_SetSakkeRsk(genKey, rsk, NULL, 0); @@ -14861,9 +14863,9 @@ void bench_falconKeySign(byte level) bench_stats_prepare(); - ret = wc_falcon_init(&key); + ret = wc_falcon_init_ex(&key, HEAP_HINT, devId); if (ret != 0) { - printf("wc_falcon_init failed %d\n", ret); + printf("wc_falcon_init_ex failed %d\n", ret); return; } diff --git a/wolfcrypt/src/wc_xmss.c b/wolfcrypt/src/wc_xmss.c index 2a80deb217..f48922897f 100644 --- a/wolfcrypt/src/wc_xmss.c +++ b/wolfcrypt/src/wc_xmss.c @@ -124,14 +124,16 @@ static void wc_xmss_digest_free(XmssState* state) * * @param [in, out] state XMSS/MT state including digest and parameters. * @param [in] params Parameters for key. + * @param [in] heap Dynamic memory hint. * @return 0 on success. * @return NOT_COMPILED_IN when digest algorithm not supported. * @return Other negative when digest algorithm initialization failed. */ static WC_INLINE int wc_xmss_state_init(XmssState* state, - const XmssParams* params) + const XmssParams* params, void* heap) { state->params = params; + state->heap = heap; state->ret = 0; return wc_xmss_digest_init(state); } @@ -686,7 +688,7 @@ static int wc_xmsskey_alloc_sk(XmssKey* key) } if (ret == 0) { /* Allocate a buffer to hold secret key. */ - key->sk = (unsigned char *)XMALLOC(key->sk_len, NULL, + key->sk = (unsigned char *)XMALLOC(key->sk_len, key->heap, DYNAMIC_TYPE_TMP_BUFFER); if (key->sk == NULL) { WOLFSSL_MSG("error: malloc XMSS key->sk failed"); @@ -738,12 +740,12 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig, if (ret == 0) { WC_DECLARE_VAR(state, XmssState, 1, 0); - WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, - ret=MEMORY_E); + WC_ALLOC_VAR_EX(state, XmssState, 1, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); if (WC_VAR_OK(state)) { /* Initialize state for use in signing. */ - ret = wc_xmss_state_init(state, key->params); + ret = wc_xmss_state_init(state, key->params, key->heap); if (ret == 0) { /* Read was good. Now sign and update the secret key in memory. */ @@ -771,7 +773,7 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig, /* Free state after use. */ wc_xmss_state_free(state); } - WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, key->heap, DYNAMIC_TYPE_TMP_BUFFER); } } @@ -809,7 +811,7 @@ static WC_INLINE int wc_xmsskey_signupdate(XmssKey* key, byte* sig, * Call this before setting the parms of an XMSS key. * * @param [in] key The XMSS key to init. - * @param [in] heap Unused. + * @param [in] heap Dynamic memory hint used by subsequent allocations. * @param [in] devId Unused. * * @return 0 on success. @@ -819,7 +821,6 @@ int wc_XmssKey_Init(XmssKey* key, void* heap, int devId) { int ret = 0; - (void) heap; (void) devId; /* Validate parameters. */ @@ -830,6 +831,7 @@ int wc_XmssKey_Init(XmssKey* key, void* heap, int devId) if (ret == 0) { /* Zeroize key and set state to initialized. */ ForceZero(key, sizeof(XmssKey)); + key->heap = heap; key->state = WC_XMSS_STATE_INITED; } @@ -911,7 +913,7 @@ void wc_XmssKey_Free(XmssKey* key) if (key->sk != NULL) { /* Zeroize private key. */ ForceZero(key->sk, key->sk_len); - XFREE(key->sk, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(key->sk, key->heap, DYNAMIC_TYPE_TMP_BUFFER); key->sk = NULL; key->sk_len = 0; } @@ -1083,7 +1085,7 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng) } #ifdef WOLFSSL_SMALL_STACK if (ret == 0) { - seed = (unsigned char*)XMALLOC(3 * key->params->n, NULL, + seed = (unsigned char*)XMALLOC(3 * key->params->n, key->heap, DYNAMIC_TYPE_TMP_BUFFER); if (seed == NULL) { ret = MEMORY_E; @@ -1099,12 +1101,12 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng) if (ret == 0) { WC_DECLARE_VAR(state, XmssState, 1, 0); - WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, - ret=MEMORY_E); + WC_ALLOC_VAR_EX(state, XmssState, 1, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); if (WC_VAR_OK(state)) { /* Initialize state for use in key generation. */ - ret = wc_xmss_state_init(state, key->params); + ret = wc_xmss_state_init(state, key->params, key->heap); if (ret == 0) { /* Finally make the private/public key pair. Immediately write * it to NV storage and then clear from memory. */ @@ -1125,7 +1127,7 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng) /* Free state after use. */ wc_xmss_state_free(state); } - WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, key->heap, DYNAMIC_TYPE_TMP_BUFFER); } } @@ -1146,7 +1148,7 @@ int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG* rng) key->state = WC_XMSS_STATE_OK; } - WC_FREE_VAR_EX(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(seed, key->heap, DYNAMIC_TYPE_TMP_BUFFER); return ret; } @@ -1430,6 +1432,7 @@ int wc_XmssKey_ExportPub(XmssKey* keyDst, const XmssKey* keySrc) keyDst->oid = keySrc->oid; keyDst->is_xmssmt = keySrc->is_xmssmt; keyDst->params = keySrc->params; + keyDst->heap = keySrc->heap; } if (ret == 0) { /* Mark keyDst as verify only, to prevent misuse. */ @@ -1623,19 +1626,19 @@ int wc_XmssKey_Verify(XmssKey* key, const byte* sig, word32 sigLen, if (ret == 0) { WC_DECLARE_VAR(state, XmssState, 1, 0); - WC_ALLOC_VAR_EX(state, XmssState, 1, NULL, DYNAMIC_TYPE_TMP_BUFFER, - ret=MEMORY_E); + WC_ALLOC_VAR_EX(state, XmssState, 1, key->heap, + DYNAMIC_TYPE_TMP_BUFFER, ret=MEMORY_E); if (WC_VAR_OK(state)) { /* Initialize state for use in verification. */ - ret = wc_xmss_state_init(state, key->params); + ret = wc_xmss_state_init(state, key->params, key->heap); if (ret == 0) { /* Verify using either XMSS^MT function as it works for both. */ ret = wc_xmssmt_verify(state, m, mLen, sig, key->pk); /* Free state after use. */ wc_xmss_state_free(state); } - WC_FREE_VAR_EX(state, NULL, DYNAMIC_TYPE_TMP_BUFFER); + WC_FREE_VAR_EX(state, key->heap, DYNAMIC_TYPE_TMP_BUFFER); } } diff --git a/wolfcrypt/src/wc_xmss_impl.c b/wolfcrypt/src/wc_xmss_impl.c index c7a75f3143..c78b35d2fd 100644 --- a/wolfcrypt/src/wc_xmss_impl.c +++ b/wolfcrypt/src/wc_xmss_impl.c @@ -2634,14 +2634,15 @@ static void wc_xmss_bds_state_treehash_set(BdsState* bds, int i, * @return 0 on success. * @return MEMORY_E on dynamic memory allocation failure. */ -static int wc_xmss_bds_state_alloc(const XmssParams* params, BdsState** bds) +static int wc_xmss_bds_state_alloc(const XmssParams* params, BdsState** bds, + void* heap) { const word8 cnt = 2 * params->d - 1; int ret = 0; if (*bds == NULL) { /* Allocate memory for BDS states. */ - *bds = (BdsState*)XMALLOC(sizeof(BdsState) * cnt, NULL, + *bds = (BdsState*)XMALLOC(sizeof(BdsState) * cnt, heap, DYNAMIC_TYPE_TMP_BUFFER); if (*bds == NULL) { ret = MEMORY_E; @@ -2657,11 +2658,12 @@ static int wc_xmss_bds_state_alloc(const XmssParams* params, BdsState** bds) /* Dispose of allocated memory associated with BDS state. * * @param [in] bds BDS state. + * @param [in] heap Dynamic memory hint. */ -static void wc_xmss_bds_state_free(BdsState* bds) +static void wc_xmss_bds_state_free(BdsState* bds, void* heap) { /* BDS states was allocated - must free. */ - XFREE(bds, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(bds, heap, DYNAMIC_TYPE_TMP_BUFFER); } /* Load the BDS state from the secret/private key. @@ -3315,7 +3317,7 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed, #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for tree hash instances and put in BDS state. */ - ret = wc_xmss_bds_state_alloc(params, &bds); + ret = wc_xmss_bds_state_alloc(params, &bds, state->heap); if (ret == 0) #endif { @@ -3361,7 +3363,7 @@ int wc_xmss_keygen(XmssState* state, const unsigned char* seed, #ifdef WOLFSSL_SMALL_STACK /* Dispose of allocated data of BDS states. */ - wc_xmss_bds_state_free(bds); + wc_xmss_bds_state_free(bds, state->heap); #endif return ret; #else @@ -3426,7 +3428,7 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen, #ifdef WOLFSSL_SMALL_STACK /* Allocate memory for tree hash instances and put in BDS state. */ - ret = wc_xmss_bds_state_alloc(params, &bds); + ret = wc_xmss_bds_state_alloc(params, &bds, state->heap); if (ret == 0) #endif { @@ -3515,7 +3517,7 @@ int wc_xmss_sign(XmssState* state, const unsigned char* m, word32 mlen, #ifdef WOLFSSL_SMALL_STACK /* Dispose of allocated data of BDS states. */ - wc_xmss_bds_state_free(bds); + wc_xmss_bds_state_free(bds, state->heap); #endif return ret; #else @@ -3599,7 +3601,7 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed, BdsState* bds = NULL; /* Allocate memory for BDS states and tree hash instances. */ - ret = wc_xmss_bds_state_alloc(params, &bds); + ret = wc_xmss_bds_state_alloc(params, &bds, state->heap); if (ret == 0) { /* Load the BDS state from secret/private key. */ ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs); @@ -3655,7 +3657,7 @@ int wc_xmssmt_keygen(XmssState* state, const unsigned char* seed, } /* Dispose of allocated data of BDS states. */ - wc_xmss_bds_state_free(bds); + wc_xmss_bds_state_free(bds, state->heap); return ret; } @@ -4029,7 +4031,7 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen, BdsState* bds = NULL; /* Allocate memory for BDS states and tree hash instances. */ - ret = wc_xmss_bds_state_alloc(params, &bds); + ret = wc_xmss_bds_state_alloc(params, &bds, state->heap); if (ret == 0) { /* Load the BDS state from secret/private key. */ ret = wc_xmss_bds_state_load(state, sk, bds, &wots_sigs); @@ -4069,7 +4071,7 @@ int wc_xmssmt_sign(XmssState* state, const unsigned char* m, word32 mlen, } /* Dispose of allocated data of BDS states. */ - wc_xmss_bds_state_free(bds); + wc_xmss_bds_state_free(bds, state->heap); return ret; } diff --git a/wolfssl/wolfcrypt/wc_xmss.h b/wolfssl/wolfcrypt/wc_xmss.h index 5ed8823b65..5d0bba1da0 100644 --- a/wolfssl/wolfcrypt/wc_xmss.h +++ b/wolfssl/wolfcrypt/wc_xmss.h @@ -358,12 +358,15 @@ typedef struct XmssKey { /* Context arg passed to callbacks. */ void* context; #endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */ + /* Dynamic memory hint. */ + void* heap; /* State of key. */ enum wc_XmssState state; } XmssKey; typedef struct XmssState { const XmssParams* params; + void* heap; /* Digest is assumed to be at the end. */ union {