Skip to content

Commit 7df5bca

Browse files
dgarskeclaude
dgarske
and
claude
committed
Peer review fixes
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent 78bba7e commit 7df5bca

File tree

4 files changed

+39
-17
lines changed

4 files changed

+39
-17
lines changed

src/tls.c

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9225,8 +9225,10 @@ static int TLSX_KeyShare_ProcessX25519_ex(WOLFSSL* ssl,
92259225
}
92269226
#endif
92279227
}
9228-
/* On CALL_AGAIN re-entry: shared secret is already computed,
9229-
* ret stays 0, proceed to cleanup */
9228+
/* On CALL_AGAIN re-entry (lastRet == WC_PENDING_E): the block
9229+
* above is skipped entirely, so wc_curve25519_shared_secret_ex
9230+
* is not called again. ret stays 0 from initialization, and
9231+
* execution falls through to the cleanup code below. */
92309232
}
92319233

92329234
/* done with key share, release resources */

wolfcrypt/src/asn.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18487,6 +18487,8 @@ int ConfirmSignature(SignatureCtx* sigCtx,
1848718487

1848818488
ret = wc_ecc_set_nonblock(sigCtx->key.ecc, nbCtx);
1848918489
if (ret != 0) {
18490+
XFREE(nbCtx, sigCtx->heap,
18491+
DYNAMIC_TYPE_TMP_BUFFER);
1849018492
goto exit_cs;
1849118493
}
1849218494
}

wolfcrypt/src/curve25519.c

Lines changed: 19 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -627,22 +627,26 @@ static int wc_curve25519_shared_secret_nb(curve25519_key* privKey,
627627
break;
628628
case 2:
629629
#ifdef WOLFSSL_ECDHX_SHARED_NOT_ZERO
630-
int i;
631-
byte t = 0;
632-
633-
for (i = 0; i < CURVE25519_KEYSIZE; i++) {
634-
t |= privKey->nbCtx->o.point[i];
635-
}
636-
if (t == 0) {
637-
ret = ECC_OUT_OF_RANGE_E;
638-
}
639-
else
640-
#endif /* WOLFSSL_ECDHX_SHARED_NOT_ZERO */
641630
{
642-
curve25519_copy_point(out, privKey->nbCtx->o.point, endian);
643-
*outlen = CURVE25519_KEYSIZE;
644-
ret = 0;
631+
int i;
632+
byte t = 0;
633+
634+
for (i = 0; i < CURVE25519_KEYSIZE; i++) {
635+
t |= privKey->nbCtx->o.point[i];
636+
}
637+
if (t == 0) {
638+
ret = ECC_OUT_OF_RANGE_E;
639+
}
640+
else
641+
#endif /* WOLFSSL_ECDHX_SHARED_NOT_ZERO */
642+
{
643+
curve25519_copy_point(out, privKey->nbCtx->o.point, endian);
644+
*outlen = CURVE25519_KEYSIZE;
645+
ret = 0;
646+
}
647+
#ifdef WOLFSSL_ECDHX_SHARED_NOT_ZERO
645648
}
649+
#endif
646650
break;
647651
}
648652

@@ -653,7 +657,7 @@ static int wc_curve25519_shared_secret_nb(curve25519_key* privKey,
653657
return ret;
654658
}
655659

656-
#endif /* WC_X25518_NONBLOCK */
660+
#endif /* WC_X25519_NONBLOCK */
657661

658662
int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
659663
curve25519_key* public_key,

wolfcrypt/test/test.c

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38615,6 +38615,7 @@ static int x25519_nonblock_test(WC_RNG* rng)
3861538615
ret = wc_curve25519_set_nonblock(&userA, &nbCtx);
3861638616
if (ret != 0) {
3861738617
printf("wc_curve25519_set_nonblock 1 %d\n", ret);
38618+
wc_curve25519_free(&userA);
3861838619
return -10723;
3861938620
}
3862038621
count = 0;
@@ -38624,6 +38625,7 @@ static int x25519_nonblock_test(WC_RNG* rng)
3862438625
} while (ret == FP_WOULDBLOCK);
3862538626
if (ret != 0) {
3862638627
printf("wc_curve25519_make_key_nb 1 %d\n", ret);
38628+
wc_curve25519_free(&userA);
3862738629
return -10724;
3862838630
}
3862938631
#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
@@ -38640,6 +38642,8 @@ static int x25519_nonblock_test(WC_RNG* rng)
3864038642
ret = wc_curve25519_set_nonblock(&userB, &nbCtx);
3864138643
if (ret != 0) {
3864238644
printf("wc_curve25519_set_nonblock 2 %d\n", ret);
38645+
wc_curve25519_free(&userA);
38646+
wc_curve25519_free(&userB);
3864338647
return -10725;
3864438648
}
3864538649
count = 0;
@@ -38649,6 +38653,8 @@ static int x25519_nonblock_test(WC_RNG* rng)
3864938653
} while (ret == FP_WOULDBLOCK);
3865038654
if (ret != 0) {
3865138655
printf("wc_curve25519_make_key_nb 2 %d\n", ret);
38656+
wc_curve25519_free(&userA);
38657+
wc_curve25519_free(&userB);
3865238658
return -10726;
3865338659
}
3865438660

@@ -38659,6 +38665,8 @@ static int x25519_nonblock_test(WC_RNG* rng)
3865938665
} while (ret == FP_WOULDBLOCK);
3866038666
if (ret != 0) {
3866138667
printf("wc_curve25519_shared_secret_nb 1 %d\n", ret);
38668+
wc_curve25519_free(&userA);
38669+
wc_curve25519_free(&userB);
3866238670
return -10727;
3866338671
}
3866438672

@@ -38671,6 +38679,8 @@ static int x25519_nonblock_test(WC_RNG* rng)
3867138679
while (ret == FP_WOULDBLOCK);
3867238680
if (ret != 0) {
3867338681
printf("wc_curve25519_shared_secret_nb 2 %d\n", ret);
38682+
wc_curve25519_free(&userA);
38683+
wc_curve25519_free(&userB);
3867438684
return -10728;
3867538685
}
3867638686
#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
@@ -38680,10 +38690,14 @@ static int x25519_nonblock_test(WC_RNG* rng)
3868038690

3868138691
/* compare shared secret keys to test they are the same */
3868238692
if (y != x) {
38693+
wc_curve25519_free(&userA);
38694+
wc_curve25519_free(&userB);
3868338695
return -10729;
3868438696
}
3868538697

3868638698
if (XMEMCMP(sharedA, sharedB, x) != 0) {
38699+
wc_curve25519_free(&userA);
38700+
wc_curve25519_free(&userB);
3868738701
return -10730;
3868838702
}
3868938703
#endif /* HAVE_CURVE25519_SHARED_SECRET */

0 commit comments

Comments
 (0)