Merge pull request #7585 from kaleb-himes/SRTP-KDF-CODEREVIEW

Add FIPS required forward declaration of streaming struct

Author: douzzer

tests/api.c

@@ -24918,6 +24918,7 @@ static int test_wc_ecc_export_x963_ex(void)
     XMEMSET(&key, 0, sizeof(ecc_key));
     XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(out, 0, outlen);
+    PRIVATE_KEY_UNLOCK();
 
     ExpectIntEQ(wc_ecc_init(&key), 0);
     ExpectIntEQ(wc_InitRng(&rng), 0);
@@ -24958,6 +24959,7 @@ static int test_wc_ecc_export_x963_ex(void)
     ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP),
         ECC_BAD_ARG_E);
 #endif
+    PRIVATE_KEY_LOCK();
 
     DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
@@ -25049,6 +25051,7 @@ static int test_wc_ecc_import_private_key(void)
     XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(privKey, 0, privKeySz);
     XMEMSET(x963Key, 0, x963KeySz);
+    PRIVATE_KEY_UNLOCK();
 
     ExpectIntEQ(wc_ecc_init(&key), 0);
     ExpectIntEQ(wc_ecc_init(&keyImp), 0);
@@ -25071,6 +25074,7 @@ static int test_wc_ecc_import_private_key(void)
         x963KeySz, NULL), BAD_FUNC_ARG);
     ExpectIntEQ(wc_ecc_import_private_key(NULL, privKeySz, x963Key, x963KeySz,
         &keyImp), BAD_FUNC_ARG);
+    PRIVATE_KEY_LOCK();
 
     DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&keyImp);
@@ -25101,6 +25105,7 @@ static int test_wc_ecc_export_private_only(void)
     XMEMSET(&key, 0, sizeof(ecc_key));
     XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(out, 0, outlen);
+    PRIVATE_KEY_UNLOCK();
 
     ExpectIntEQ(wc_ecc_init(&key), 0);
     ExpectIntEQ(wc_InitRng(&rng), 0);
@@ -25115,6 +25120,7 @@ static int test_wc_ecc_export_private_only(void)
     ExpectIntEQ(wc_ecc_export_private_only(NULL, out, &outlen), BAD_FUNC_ARG);
     ExpectIntEQ(wc_ecc_export_private_only(&key, NULL, &outlen), BAD_FUNC_ARG);
     ExpectIntEQ(wc_ecc_export_private_only(&key, out, NULL), BAD_FUNC_ARG);
+    PRIVATE_KEY_LOCK();
 
     DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
@@ -25712,6 +25718,7 @@ static int test_wc_ecc_shared_secret_ssh(void)
     XMEMSET(&key2, 0, sizeof(ecc_key));
     XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(secret, 0, secretLen);
+    PRIVATE_KEY_UNLOCK();
 
     /* Make keys */
     ExpectIntEQ(wc_ecc_init(&key), 0);
@@ -25751,6 +25758,7 @@ static int test_wc_ecc_shared_secret_ssh(void)
     key.type = ECC_PUBLICKEY;
     ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
         &secretLen), ECC_BAD_ARG_E);
+    PRIVATE_KEY_LOCK();
 
     DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
@@ -26678,6 +26686,7 @@ static int test_wc_EccPrivateKeyToDer(void)
 
     XMEMSET(&eccKey, 0, sizeof(ecc_key));
     XMEMSET(&rng, 0, sizeof(WC_RNG));
+    PRIVATE_KEY_UNLOCK();
 
     ExpectIntEQ(wc_InitRng(&rng), 0);
     ExpectIntEQ(wc_ecc_init(&eccKey), 0);
@@ -26718,6 +26727,7 @@ static int test_wc_EccPrivateKeyToDer(void)
         EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
     }
 #endif
+    PRIVATE_KEY_LOCK();
 #endif
     return EXPECT_RESULT();
 } /* End test_wc_EccPrivateKeyToDer*/

wolfssl/wolfcrypt/aes.h

@@ -420,18 +420,19 @@ struct Aes {
         Aes tweak;
     };
 
-    #ifndef WC_AESXTS_TYPE_DEFINED
-        typedef struct XtsAes XtsAes;
-        #define WC_AESXTS_TYPE_DEFINED
-    #endif
-
     #ifdef WOLFSSL_AESXTS_STREAM
         struct XtsAesStreamData {
             byte tweak_block[AES_BLOCK_SIZE];
             word32 bytes_crypted_with_this_tweak;
         };
     #endif
 
+    #ifndef WC_AESXTS_TYPE_DEFINED
+        typedef struct XtsAes XtsAes;
+        typedef struct XtsAesStreamData XtsAesStreamData;
+        #define WC_AESXTS_TYPE_DEFINED
+    #endif
+
 #endif
 
 
@@ -456,9 +457,15 @@ struct Aes {
 #endif
 
 #ifdef HAVE_AESGCM
-typedef struct Gmac {
+struct Gmac {
     Aes aes;
-} Gmac;
+};
+
+#ifndef WC_AESGCM_TYPE_DEFINED
+    typedef struct Gmac Gmac;
+    #define WC_AESGCM_TYPE_DEFINED
+#endif
+
 #endif /* HAVE_AESGCM */
 #endif /* HAVE_FIPS */
 

wolfssl/wolfcrypt/ecc.h

@@ -297,7 +297,7 @@ typedef byte   ecc_oid_t;
 
 /* ECC set type defined a GF(p) curve */
 #ifndef WOLFSSL_ECC_CURVE_STATIC
-typedef struct ecc_set_type {
+struct ecc_set_type {
     int size;             /* The size of the curve in octets */
     int id;               /* id of this curve */
     const char* name;     /* name of this curve */
@@ -311,13 +311,13 @@ typedef struct ecc_set_type {
     word32      oidSz;
     word32      oidSum;    /* sum of encoded OID bytes */
     int         cofactor;
-} ecc_set_type;
+};
 #else
 #define MAX_ECC_NAME 16
 #define MAX_ECC_STRING ((MAX_ECC_BYTES * 2) + 2)
     /* The values are stored as text strings. */
 
-typedef struct ecc_set_type {
+struct ecc_set_type {
     int size;             /* The size of the curve in octets */
     int id;               /* id of this curve */
     char name[MAX_ECC_NAME];     /* name of this curve */
@@ -331,7 +331,7 @@ typedef struct ecc_set_type {
     word32      oidSz;
     word32      oidSum;    /* sum of encoded OID bytes */
     int         cofactor;
-} ecc_set_type;
+};
 #endif
 
 
@@ -441,10 +441,19 @@ typedef struct alt_fp_int {
     #define WC_ECCKEY_TYPE_DEFINED
 #endif
 
+#ifndef WC_ECCPOINT_TYPE_DEFINED
+    typedef struct ecc_point ecc_point;
+    #define WC_ECCPOINT_TYPE_DEFINED
+#endif
+
+#ifndef WC_ECCSET_TYPE_DEFINED
+    typedef struct ecc_set_type ecc_set_type;
+    #define WC_ECCSET_TYPE_DEFINED
+#endif
 
 /* A point on an ECC curve, stored in Jacobian format such that (x,y,z) =>
    (x/z^2, y/z^3, 1) when interpreted as affine */
-typedef struct {
+struct ecc_point {
 #ifndef ALT_ECC_SIZE
     mp_int x[1];        /* The x coordinate */
     mp_int y[1];        /* The y coordinate */
@@ -458,7 +467,7 @@ typedef struct {
 #if defined(WOLFSSL_SMALL_STACK_CACHE) && !defined(WOLFSSL_ECC_NO_SMALL_STACK)
     ecc_key* key;
 #endif
-} ecc_point;
+};
 
 /* ECC Flags */
 enum {