zephyr no malloc

- cert gen
- csr gen
- pkcs12
- Compiles for Zephyr 3.4.0 and 2.7.4
- Add support for CONFIG_POSIX_API

Author: julek-wolfssl

wolfcrypt/src/memory.c

@@ -991,10 +991,17 @@ void* wolfSSL_Malloc(size_t size, void* heap, int type)
                             break;
                         }
                     #ifdef WOLFSSL_DEBUG_STATIC_MEMORY
+                        #ifdef WOLFSSL_ZEPHYR
+                        else {
+                            fprintf(stderr, "Size: %zu, Empty: %d\n", size,
+                                                              mem->sizeList[i]);
+                        }
+                        #else
                         else {
                             fprintf(stderr, "Size: %ld, Empty: %d\n", size,
                                                               mem->sizeList[i]);
                         }
+                        #endif
                     #endif
                     }
                 }
@@ -1029,7 +1036,13 @@ void* wolfSSL_Malloc(size_t size, void* heap, int type)
         else {
             WOLFSSL_MSG("ERROR ran out of static memory");
             #ifdef WOLFSSL_DEBUG_MEMORY
-            fprintf(stderr, "Looking for %lu bytes at %s:%d\n", size, func, line);
+                #ifdef WOLFSSL_ZEPHYR
+                fprintf(stderr, "Looking for %zu bytes at %s:%d\n", size, func,
+                        line);
+                #else
+                fprintf(stderr, "Looking for %lu bytes at %s:%d\n", size, func,
+                        line);
+                #endif
             #endif
         }
 

wolfcrypt/src/pkcs12.c

@@ -130,15 +130,22 @@ typedef struct WC_PKCS12_ATTRIBUTE {
 
 
 WC_PKCS12* wc_PKCS12_new(void)
+{
+    return wc_PKCS12_new_ex(NULL);
+}
+
+
+WC_PKCS12* wc_PKCS12_new_ex(void* heap)
 {
     WC_PKCS12* pkcs12 = (WC_PKCS12*)XMALLOC(sizeof(WC_PKCS12),
-                                                      NULL, DYNAMIC_TYPE_PKCS);
+                                                      heap, DYNAMIC_TYPE_PKCS);
     if (pkcs12 == NULL) {
         WOLFSSL_MSG("Memory issue when creating WC_PKCS12 struct");
         return NULL;
     }
 
     XMEMSET(pkcs12, 0, sizeof(WC_PKCS12));
+    pkcs12->heap = heap;
 
     return pkcs12;
 }
@@ -202,7 +209,7 @@ void wc_PKCS12_free(WC_PKCS12* pkcs12)
     }
 #endif
 
-    XFREE(pkcs12, NULL, DYNAMIC_TYPE_PKCS);
+    XFREE(pkcs12, heap, DYNAMIC_TYPE_PKCS);
 }
 
 
@@ -2604,20 +2611,12 @@ WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz, char* name,
         return NULL;
     }
 
-    if ((pkcs12 = wc_PKCS12_new()) == NULL) {
+    if ((pkcs12 = wc_PKCS12_new_ex(heap)) == NULL) {
         wc_FreeRng(&rng);
         WOLFSSL_LEAVE("wc_PKCS12_create", MEMORY_E);
         return NULL;
     }
 
-    if ((ret = wc_PKCS12_SetHeap(pkcs12, heap)) != 0) {
-        wc_PKCS12_free(pkcs12);
-        wc_FreeRng(&rng);
-        WOLFSSL_LEAVE("wc_PKCS12_create", ret);
-        (void)ret;
-        return NULL;
-    }
-
     if (iter <= 0) {
         iter = WC_PKCS12_ITT_DEFAULT;
     }

wolfcrypt/src/random.c

@@ -3731,25 +3731,33 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 
 #elif defined(WOLFSSL_ZEPHYR)
 
-        #include <version.h>
+    #include <version.h>
 
     #if KERNEL_VERSION_NUMBER >= 0x30500
         #include <zephyr/random/random.h>
     #else
-        #include <zephyr/random/rand32.h>
+        #if KERNEL_VERSION_NUMBER >= 0x30100
+            #include <zephyr/random/rand32.h>
+        #else
+            #include <random/rand32.h>
+        #endif
     #endif
 
     #ifndef _POSIX_C_SOURCE
-        #include <zephyr/posix/time.h>
+        #if KERNEL_VERSION_NUMBER >= 0x30100
+            #include <zephyr/posix/time.h>
+        #else
+            #include <posix/time.h>
+        #endif
     #else
         #include <time.h>
     #endif
 
-        int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
-        {
-            sys_rand_get(output, sz);
-            return 0;
-        }
+    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+    {
+        sys_rand_get(output, sz);
+        return 0;
+    }
 
 #elif defined(WOLFSSL_TELIT_M2MB)
 

wolfcrypt/src/wc_port.c

@@ -3668,11 +3668,13 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
 
 #elif defined(WOLFSSL_ZEPHYR)
 
+    void* wolfsslThreadHeapHint = NULL;
+
     int wolfSSL_NewThread(THREAD_TYPE* thread,
         THREAD_CB cb, void* arg)
     {
         #ifndef WOLFSSL_ZEPHYR_STACK_SZ
-            #define WOLFSSL_ZEPHYR_STACK_SZ (24*1024)
+            #define WOLFSSL_ZEPHYR_STACK_SZ (48*1024)
         #endif
 
         if (thread == NULL || cb == NULL)
@@ -3685,11 +3687,14 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
          * thread->threadStack = k_thread_stack_alloc(WOLFSSL_ZEPHYR_STACK_SZ,
          *                                            0);
          */
+        printf("thread stack size is %ld\n", Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ));
         thread->threadStack = (void*)XMALLOC(
-                Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ), 0,
-                                             DYNAMIC_TYPE_TMP_BUFFER);
-        if (thread->threadStack == NULL)
+                Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ),
+                wolfsslThreadHeapHint, DYNAMIC_TYPE_TMP_BUFFER);
+        if (thread->threadStack == NULL) {
+            WOLFSSL_MSG("error: XMALLOC failed");
             return MEMORY_E;
+        }
 
         /* k_thread_create does not return any error codes */
         /* Casting to k_thread_entry_t should be fine since we just ignore the
@@ -3716,7 +3721,8 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
          * if (err != 0)
          *     ret = MEMORY_E;
          */
-        XFREE(thread.threadStack, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        XFREE(thread.threadStack, wolfsslThreadHeapHint,
+                DYNAMIC_TYPE_TMP_BUFFER);
         thread.threadStack = NULL;
 
         /* No thread resources to free. Everything is stored in thread.tid */

wolfcrypt/test/test.c

@@ -354,6 +354,9 @@ const byte const_byte_array[] = "A+Gd\0\0\0";
 #ifdef HAVE_PKCS7
     #include <wolfssl/wolfcrypt/pkcs7.h>
 #endif
+#ifdef HAVE_PKCS12
+    #include <wolfssl/wolfcrypt/pkcs12.h>
+#endif
 #ifdef HAVE_FIPS
     #include <wolfssl/wolfcrypt/fips_test.h>
 #endif
@@ -584,6 +587,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  srp_test(void);
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  random_test(void);
 #endif /* WC_NO_RNG */
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  pwdbased_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  pkcs12_test(void);
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  ripemd_test(void);
 #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  openssl_test(void);   /* test mini api */
@@ -595,7 +599,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  openssl_evpSig_test(void);
 #endif
 
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void);
-WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_pbkdf_test(void);
 #if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
 WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void);
 #endif
@@ -1672,6 +1676,13 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
     PRIVATE_KEY_LOCK();
 #endif
 
+#if defined(HAVE_PKCS12) && defined(USE_CERT_BUFFERS_2048)
+    if ( (ret = pkcs12_test()) != 0)
+        TEST_FAIL("PKCS12   test failed!\n", ret);
+    else
+        TEST_PASS("PKCS12   test passed!\n");
+#endif
+
 #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
     if ( (ret = openssl_test()) != 0)
         TEST_FAIL("OPENSSL  test failed!\n", ret);
@@ -24707,7 +24718,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void)
 #endif
 
 #ifdef HAVE_PKCS12
-WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_pbkdf_test(void)
 {
     WOLFSSL_SMALL_STACK_STATIC const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
                             0x00, 0x00 };
@@ -24734,7 +24745,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
     int kLen       = 24;
     int iterations =  1;
     wc_test_ret_t ret;
-    WOLFSSL_ENTER("pkcs12_test");
+    WOLFSSL_ENTER("pkcs12_pbkdf_test");
 
     ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8,
                           iterations, kLen, WC_SHA256, id);
@@ -24839,7 +24850,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void)
         return ret;
 #endif
 #ifdef HAVE_PKCS12
-    ret = pkcs12_test();
+    ret = pkcs12_pbkdf_test();
     if (ret != 0)
         return ret;
 #endif
@@ -24853,6 +24864,76 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void)
 
 #endif /* NO_PWDBASED */
 
+#if defined(HAVE_PKCS12) && defined(USE_CERT_BUFFERS_2048)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
+{
+    wc_test_ret_t ret = 0;
+    WC_PKCS12* pkcs12 = NULL;
+    /* Gen vars */
+    byte* pkcs12der = NULL;
+    int pkcs12derSz = 0;
+    WC_DerCertList derCaList = {
+        (byte*)ca_cert_der_2048, sizeof_ca_cert_der_2048, NULL
+    };
+    char* pass = (char*)"wolfSSL test";
+    /* Parsing vars */
+    WC_DerCertList* derCaListOut = NULL;
+    byte* keyDer  = NULL;
+    byte* certDer = NULL;
+    word32 keySz;
+    word32 certSz;
+
+    WOLFSSL_ENTER("pkcs12_test");
+
+    pkcs12 = wc_PKCS12_create(pass, XSTRLEN(pass),
+        (char*)"friendlyName" /* not used currently */,
+        (byte*)server_key_der_2048, sizeof_server_key_der_2048,
+        (byte*)server_cert_der_2048, sizeof_server_cert_der_2048,
+        &derCaList, PBE_SHA1_DES3, PBE_SHA1_DES3, 100, 100,
+        0 /* not used currently */, HEAP_HINT);
+    if (pkcs12 == NULL)
+        return MEMORY_E;
+
+    ret = wc_i2d_PKCS12(pkcs12, NULL, &pkcs12derSz);
+    if (ret != LENGTH_ONLY_E)
+        return ret == 0 ? -1 : ret;
+
+    pkcs12der = (byte*)XMALLOC(pkcs12derSz, HEAP_HINT, DYNAMIC_TYPE_PKCS);
+    if (pkcs12der == NULL)
+        return MEMORY_E;
+
+    {
+        /* Use tmp pointer to avoid advancing pkcs12der */
+        byte* tmp = pkcs12der;
+        ret = wc_i2d_PKCS12(pkcs12, &tmp, &pkcs12derSz);
+        if (ret <= 0)
+            return ret == 0 ? -1 : ret;
+    }
+
+    wc_PKCS12_free(pkcs12);
+    pkcs12 = wc_PKCS12_new_ex(HEAP_HINT);
+    if (pkcs12 == NULL)
+        return MEMORY_E;
+
+    /* convert the DER file into an internal structure */
+    ret = wc_d2i_PKCS12(pkcs12der, pkcs12derSz, pkcs12);
+    if (ret != 0)
+        return ret;
+
+    /* parse the internal structure into its parts */
+    ret = wc_PKCS12_parse(pkcs12, "wolfSSL test", &keyDer, &keySz,
+            &certDer, &certSz, &derCaListOut);
+    if (ret != 0 || keyDer == NULL || certDer == NULL || derCaListOut == NULL)
+        return ret == 0 ? -1 : ret;
+
+    wc_FreeCertList(derCaListOut, HEAP_HINT);
+    XFREE(keyDer, HEAP_HINT, DYNAMIC_TYPE_PKCS);
+    XFREE(certDer, HEAP_HINT, DYNAMIC_TYPE_PKCS);
+    wc_PKCS12_free(pkcs12);
+    return ret;
+}
+#endif
+
 #if defined(HAVE_HKDF) && !defined(NO_HMAC)
 
 #if defined(WOLFSSL_AFALG_XILINX) || defined(WOLFSSL_AFALG_XILINX_AES) ||     \
@@ -50257,7 +50338,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
         return BAD_FUNC_ARG;
 
 #ifdef DEBUG_WOLFSSL
-    printf("CryptoDevCb: Algo Type %d\n", info->algo_type);
+    WOLFSSL_MSG_EX("CryptoDevCb: Algo Type %d\n", info->algo_type);
 #endif
 
     if (info->algo_type == WC_ALGO_TYPE_RNG) {
@@ -50299,7 +50380,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
     }
     else if (info->algo_type == WC_ALGO_TYPE_PK) {
     #ifdef DEBUG_WOLFSSL
-        printf("CryptoDevCb: Pk Type %d\n", info->pk.type);
+        WOLFSSL_MSG_EX("CryptoDevCb: Pk Type %d\n", info->pk.type);
     #endif
 
     #ifndef NO_RSA

wolfssl/internal.h

@@ -206,7 +206,12 @@
     #endif
 #elif defined(WOLFSSL_ZEPHYR)
     #ifndef SINGLE_THREADED
-        #include <zephyr/kernel.h>
+        #include <version.h>
+        #if KERNEL_VERSION_NUMBER >= 0x30100
+            #include <zephyr/kernel.h>
+        #else
+            #include <kernel.h>
+        #endif
     #endif
 #elif defined(WOLFSSL_TELIT_M2MB)
     /* do nothing */

wolfssl/test.h

@@ -143,9 +143,26 @@
     #include <pthread.h>
     #define SOCKET_T int
 #elif defined(WOLFSSL_ZEPHYR)
+    #include <version.h>
     #include <string.h>
     #include <sys/types.h>
-    #include <zephyr/net/socket.h>
+    #if KERNEL_VERSION_NUMBER >= 0x30100
+        #include <zephyr/net/socket.h>
+        #ifdef CONFIG_POSIX_API
+            #include <zephyr/posix/poll.h>
+            #include <zephyr/posix/netdb.h>
+            #include <zephyr/posix/sys/socket.h>
+            #include <zephyr/posix/sys/select.h>
+        #endif
+    #else
+        #include <net/socket.h>
+        #ifdef CONFIG_POSIX_API
+            #include <posix/poll.h>
+            #include <posix/netdb.h>
+            #include <posix/sys/socket.h>
+            #include <posix/sys/select.h>
+        #endif
+    #endif
     #define SOCKET_T int
     #define SOL_SOCKET 1
     #define WOLFSSL_USE_GETADDRINFO

wolfssl/wolfcrypt/pkcs12.h

@@ -47,6 +47,7 @@ enum {
 };
 
 WOLFSSL_API WC_PKCS12* wc_PKCS12_new(void);
+WOLFSSL_API WC_PKCS12* wc_PKCS12_new_ex(void* heap);
 WOLFSSL_API void wc_PKCS12_free(WC_PKCS12* pkcs12);
 WOLFSSL_API int wc_d2i_PKCS12(const byte* der, word32 derSz, WC_PKCS12* pkcs12);
 #ifndef NO_FILESYSTEM
@@ -67,7 +68,7 @@ WOLFSSL_API WC_PKCS12* wc_PKCS12_create(char* pass, word32 passSz,
 WOLFSSL_LOCAL int wc_PKCS12_SetHeap(WC_PKCS12* pkcs12, void* heap);
 WOLFSSL_LOCAL void* wc_PKCS12_GetHeap(WC_PKCS12* pkcs12);
 
-WOLFSSL_LOCAL void wc_FreeCertList(WC_DerCertList* list, void* heap);
+WOLFSSL_API void wc_FreeCertList(WC_DerCertList* list, void* heap);
 
 #ifdef __cplusplus
     } /* extern "C" */