Skip to content

Commit cdc723c

Browse files
dgarskedgarske
authored
Merge pull request #168 from JacobBarthelmeh/release
release version 0.1.7
2 parents 809381e + 0df9596 commit cdc723c

File tree

6 files changed

+54
-27
lines changed

6 files changed

+54
-27
lines changed

ChangeLog.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,13 @@
1+
# wolfCLU v0.1.7 (Jan 27, 2025)
2+
- Initial support for XMSS-XMSS^MT gnkey, sign and verify (PR 163)
3+
- Support longer certificate chains (PR 162)
4+
- Fix for setting wrong version in CSRs (PR 154)
5+
- Fix DIlithium pem header and sign-verify without level option (PR 158)
6+
- Fix typo VERIFY_USE_PREVERIFY in src/client/client.c and src/server/server.c
7+
(PR 160)
8+
- Fix for change to OBJ sn2nid behavior in wolfSSL (PR 166)
9+
10+
111
# wolfCLU v0.1.6 (Nov 11, 2024)
212
- Expanded continuous integration tests with more GitHub actions added (PR 142,
313
146, 147)

configure.ac

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
#requires user to have AutoConf version 2.63 or greater.
1111
AC_PREREQ([2.63])
1212

13-
AC_INIT([wolfclu], [0.1.6], [http://www.wolfssl.com])
13+
AC_INIT([wolfclu], [0.1.7], [http://www.wolfssl.com])
1414

1515
#a helpful directory to keep clutter out of root
1616
AC_CONFIG_AUX_DIR([build-aux])

src/sign-verify/clu_sign.c

Lines changed: 21 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -589,16 +589,17 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
589589
if (wc_dilithium_init(key) != 0) {
590590
wolfCLU_LogError("Failed to initialize Dilithium Key.\nRET: %d", ret);
591591
#ifdef WOLFSSL_SMALL_STACK
592-
wc_dilithium_free(key);
592+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
593593
#endif
594594
return WOLFCLU_FAILURE;
595595
}
596596
XMEMSET(key, 0, sizeof(dilithium_key));
597597

598598
if (wc_InitRng(&rng) != 0) {
599599
wolfCLU_LogError("Failed to initialize rng.\nRET: %d", ret);
600-
#ifdef WOLFSSL_SMALL_STACK
601600
wc_dilithium_free(key);
601+
#ifdef WOLFSSL_SMALL_STACK
602+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
602603
#endif
603604
return WOLFCLU_FAILURE;
604605
}
@@ -608,8 +609,9 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
608609
if (privKeyFile == NULL) {
609610
wolfCLU_LogError("Faild to open Private key FILE.");
610611
wc_FreeRng(&rng);
611-
#ifdef WOLFSSL_SMALL_STACK
612612
wc_dilithium_free(key);
613+
#ifdef WOLFSSL_SMALL_STACK
614+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
613615
#endif
614616
return ret;
615617
}
@@ -620,8 +622,9 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
620622
if (privBuf == NULL) {
621623
XFCLOSE(privKeyFile);
622624
wc_FreeRng(&rng);
623-
#ifdef WOLFSSL_SMALL_STACK
624625
wc_dilithium_free(key);
626+
#ifdef WOLFSSL_SMALL_STACK
627+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
625628
#endif
626629
return MEMORY_E;
627630
}
@@ -633,8 +636,9 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
633636
wolfCLU_Log(WOLFCLU_L0, "incorecct size: %d", privFileSz);
634637
XFREE(privBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
635638
wc_FreeRng(&rng);
636-
#ifdef WOLFSSL_SMALL_STACK
637639
wc_dilithium_free(key);
640+
#ifdef WOLFSSL_SMALL_STACK
641+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
638642
#endif
639643
return ret;
640644
}
@@ -647,8 +651,9 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
647651
wolfCLU_LogError("Failed to convert PEM to DER.\nRET: %d", ret);
648652
XFREE(privBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
649653
wc_FreeRng(&rng);
650-
#ifdef WOLFSSL_SMALL_STACK
651654
wc_dilithium_free(key);
655+
#ifdef WOLFSSL_SMALL_STACK
656+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
652657
#endif
653658
return ret;
654659
}
@@ -659,12 +664,13 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
659664

660665
/* retrieving private key and staoring in the Dilithium key */
661666
ret = wc_Dilithium_PrivateKeyDecode(privBuf, &index, key, privBufSz);
667+
XFREE(privBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
662668
if (ret != 0) {
663669
wolfCLU_LogError("Failed to decode private key.\nRET: %d", ret);
664-
XFREE(privBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
665670
wc_FreeRng(&rng);
666-
#ifdef WOLFSSL_SMALL_STACK
667671
wc_dilithium_free(key);
672+
#ifdef WOLFSSL_SMALL_STACK
673+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
668674
#endif
669675
return ret;
670676
}
@@ -675,20 +681,22 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
675681
if (outBuf == NULL) {
676682
XFREE(privBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
677683
wc_FreeRng(&rng);
678-
#ifdef WOLFSSL_SMALL_STACK
679684
wc_dilithium_free(key);
685+
#ifdef WOLFSSL_SMALL_STACK
686+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
680687
#endif
681688
return MEMORY_E;
682689
}
683-
690+
684691
/* sign the message usign Dilithium private key */
685692
ret = wc_dilithium_sign_msg(data, dataSz, outBuf, &outBufSz, key, &rng);
686693
if (ret != 0) {
687694
wolfCLU_LogError("Failed to sign data with Dilithium private key.\nRET: %d", ret);
688695
XFREE(outBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
689696
wc_FreeRng(&rng);
690-
#ifdef WOLFSSL_SMALL_STACK
691697
wc_dilithium_free(key);
698+
#ifdef WOLFSSL_SMALL_STACK
699+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
692700
#endif
693701
return ret;
694702
}
@@ -701,9 +709,10 @@ int wolfCLU_sign_data_dilithium (byte* data, char* out, word32 dataSz, char* pri
701709

702710
XFREE(outBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
703711
wc_FreeRng(&rng);
712+
wc_dilithium_free(key);
704713

705714
#ifdef WOLFSSL_SMALL_STACK
706-
wc_dilithium_free(key);
715+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
707716
#endif
708717

709718
return WOLFCLU_SUCCESS;

src/sign-verify/clu_verify.c

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -755,7 +755,7 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
755755
if (ret != 0) {
756756
wolfCLU_LogError("Failed to initialize Dilithium Key.\nRET: %d", ret);
757757
#ifdef WOLFSSL_SMALL_STACK
758-
wc_dilithium_free(key);
758+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
759759
#endif
760760
return ret;
761761
}
@@ -765,8 +765,9 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
765765
keyFile = XFOPEN(keyPath, "rb");
766766
if (keyFile == NULL) {
767767
wolfCLU_LogError("Faild to open Private key FILE.");
768-
#ifdef WOLFSSL_SMALL_STACK
769768
wc_dilithium_free(key);
769+
#ifdef WOLFSSL_SMALL_STACK
770+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
770771
#endif
771772
return BAD_FUNC_ARG;
772773
}
@@ -777,8 +778,9 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
777778
if (keyBuf == NULL) {
778779
wolfCLU_LogError("Failed to malloc key buffer.");
779780
XFCLOSE(keyFile);
780-
#ifdef WOLFSSL_SMALL_STACK
781781
wc_dilithium_free(key);
782+
#ifdef WOLFSSL_SMALL_STACK
783+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
782784
#endif
783785
return MEMORY_E;
784786
}
@@ -788,8 +790,9 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
788790
(int)XFREAD(keyBuf, 1, keyFileSz, keyFile) != keyFileSz) {
789791
wolfCLU_LogError("Failed to read public key.\nRET: %d", ret);
790792
XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
791-
#ifdef WOLFSSL_SMALL_STACK
792793
wc_dilithium_free(key);
794+
#ifdef WOLFSSL_SMALL_STACK
795+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
793796
#endif
794797
return WOLFCLU_FATAL_ERROR;
795798
}
@@ -802,8 +805,9 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
802805
if (ret < 0) {
803806
wolfCLU_LogError("Failed to convert PEM to DER.\nRET: %d", ret);
804807
XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
805-
#ifdef WOLFSSL_SMALL_STACK
806808
wc_dilithium_free(key);
809+
#ifdef WOLFSSL_SMALL_STACK
810+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
807811
#endif
808812
return ret;
809813
}
@@ -814,23 +818,24 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
814818

815819
/* retrieving public key and storing in the dilithium key */
816820
ret = wc_Dilithium_PublicKeyDecode(keyBuf, &index, key, keyBufSz);
821+
XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
817822
if (ret != 0) {
818823
wolfCLU_LogError("Failed to decode public key.\nRET: %d", ret);
819-
XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
820-
#ifdef WOLFSSL_SMALL_STACK
821824
wc_dilithium_free(key);
825+
#ifdef WOLFSSL_SMALL_STACK
826+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
822827
#endif
823828
return ret;
824829
}
825-
XFREE(keyBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
826830

827831
/* verify the massage using the dilithium public key */
828832
ret = wc_dilithium_verify_msg(sig, sigSz, msg, msgLen, &res, key);
829833
if (ret != 0) {
830834
wolfCLU_LogError("Failed to verify data with Dilithium public key.\n"
831835
"RET: %d", ret);
832-
#ifdef WOLFSSL_SMALL_STACK
833836
wc_dilithium_free(key);
837+
#ifdef WOLFSSL_SMALL_STACK
838+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
834839
#endif
835840
return ret;
836841
}
@@ -840,9 +845,10 @@ int wolfCLU_verify_signature_dilithium(byte* sig, int sigSz, byte* msg,
840845
else {
841846
wolfCLU_LogError("Invalid Signature.");
842847
}
848+
wc_dilithium_free(key);
843849

844850
#ifdef WOLFSSL_SMALL_STACK
845-
wc_dilithium_free(key);
851+
XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
846852
#endif
847853

848854
return WOLFCLU_SUCCESS;

tests/genkey_sign_ver/genkey-sign-ver-test.sh

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -201,7 +201,7 @@ SIGOUTNAME="ed-signed.sig"
201201
DERPEMRAW="raw"
202202
gen_key_sign_ver_test ${ALGORITHM} ${KEYFILENAME} ${SIGOUTNAME} ${DERPEMRAW}
203203

204-
if grep -q "#define HAVE_DILITHIUM" /usr/local/include/wolfssl/options.h; then
204+
if ./wolfssl -genkey -h 2>&1 | grep -A6 "Available keys with current configure" | grep dilithium; then
205205
ALGORITHM="dilithium"
206206
KEYFILENAME="mldsakey"
207207
SIGOUTNAME="mldsa-signed.sig"
@@ -221,7 +221,9 @@ do
221221
done
222222
fi
223223

224-
if grep -q "#define WOLFSSL_HAVE_XMSS" /usr/local/include/wolfssl/options.h; then
224+
# Check if xmss is availabe
225+
if ./wolfssl xmss -help 2>&1 | grep -A6 "Available keys with current configure" | grep xmss; then
226+
printf "Testing XMSS sign/verify\n"
225227
ALGORITHM="xmss"
226228
SIGOUTNAME="xmss-signed.sig"
227229
DERPEMRAW="raw"

wolfclu/version.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,8 +26,8 @@
2626
extern "C" {
2727
#endif
2828

29-
#define CLUWOLFSSL_VERSION_STRING "0.1.6"
30-
#define CLUWOLFSSL_VERSION_HEX 0x00001006
29+
#define CLUWOLFSSL_VERSION_STRING "0.1.7"
30+
#define CLUWOLFSSL_VERSION_HEX 0x00001007
3131

3232
#ifdef __cplusplus
3333
}

0 commit comments

Comments
 (0)