feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

merge conflict

Browse Source
This commit is contained in:
toddouska
2015-07-01 12:24:11 -07:00
parent afde172f28
commit 1d663d3bff
25 changed files with 4072 additions and 1045 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cyassl/openssl/ecdh.h Normal file
View File

@@ -0,0 +1,3 @@
/* ecdh.h for openssl */
#include <wolfssl/openssl/ecdh.h>

1
cyassl/openssl/include.am
View File

@@ -11,6 +11,7 @@ nobase_include_HEADERS+= \
cyassl/openssl/dh.h \
cyassl/openssl/dsa.h \
cyassl/openssl/ecdsa.h \
cyassl/openssl/ecdh.h \
cyassl/openssl/ec.h \
cyassl/openssl/engine.h \
cyassl/openssl/err.h \

2
rpm/spec.in
View File

@@ -134,6 +134,7 @@ mkdir -p $RPM_BUILD_ROOT/
%{_includedir}/cyassl/openssl/dsa.h
%{_includedir}/cyassl/openssl/ec.h
%{_includedir}/cyassl/openssl/ecdsa.h
%{_includedir}/cyassl/openssl/ecdh.h
%{_includedir}/cyassl/openssl/engine.h
%{_includedir}/cyassl/openssl/err.h
%{_includedir}/cyassl/openssl/evp.h
@@ -226,6 +227,7 @@ mkdir -p $RPM_BUILD_ROOT/
%{_includedir}/wolfssl/openssl/dsa.h
%{_includedir}/wolfssl/openssl/ec.h
%{_includedir}/wolfssl/openssl/ecdsa.h
%{_includedir}/wolfssl/openssl/ecdh.h
%{_includedir}/wolfssl/openssl/engine.h
%{_includedir}/wolfssl/openssl/err.h
%{_includedir}/wolfssl/openssl/evp.h

2202
src/ssl.c
View File

File diff suppressed because it is too large Load Diff

114
wolfcrypt/src/asn.c
View File

@@ -1413,6 +1413,110 @@ int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
return 0;
}
static mp_int* GetDsaInt(DsaKey* key, int idx)
{
if (idx == 0)
return &key->p;
if (idx == 1)
return &key->q;
if (idx == 2)
return &key->g;
if (idx == 3)
return &key->x;
if (idx == 4)
return &key->y;
return NULL;
}
/* Release Tmp DSA resources */
static INLINE void FreeTmpDsas(byte** tmps)
{
int i;
for (i = 0; i < DSA_INTS; i++)
XFREE(tmps[i], NULL, DYNAMIC_TYPE_DSA);
}
/* Convert DsaKey key to DER format, write to output (inLen), return bytes
written */
int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
{
word32 seqSz, verSz, rawLen, intTotalLen = 0;
word32 sizes[DSA_INTS];
int i, j, outLen, ret = 0;
byte seq[MAX_SEQ_SZ];
byte ver[MAX_VERSION_SZ];
byte* tmps[DSA_INTS];
if (!key || !output)
return BAD_FUNC_ARG;
if (key->type != DSA_PRIVATE)
return BAD_FUNC_ARG;
for (i = 0; i < DSA_INTS; i++)
tmps[i] = NULL;
/* write all big ints from key to DER tmps */
for (i = 0; i < DSA_INTS; i++) {
mp_int* keyInt = GetDsaInt(key, i);
rawLen = mp_unsigned_bin_size(keyInt);
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, NULL, DYNAMIC_TYPE_DSA);
if (tmps[i] == NULL) {
ret = MEMORY_E;
break;
}
tmps[i][0] = ASN_INTEGER;
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
if (sizes[i] <= MAX_SEQ_SZ) {
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) {
sizes[i] += rawLen;
intTotalLen += sizes[i];
}
else {
ret = err;
break;
}
}
else {
ret = ASN_INPUT_E;
break;
}
}
if (ret != 0) {
FreeTmpDsas(tmps);
return ret;
}
/* make headers */
verSz = SetMyVersion(0, ver, FALSE);
seqSz = SetSequence(verSz + intTotalLen, seq);
outLen = seqSz + verSz + intTotalLen;
if (outLen > (int)inLen)
return BAD_FUNC_ARG;
/* write to output */
XMEMCPY(output, seq, seqSz);
j = seqSz;
XMEMCPY(output + j, ver, verSz);
j += verSz;
for (i = 0; i < DSA_INTS; i++) {
XMEMCPY(output + j, tmps[i], sizes[i]);
j += sizes[i];
}
FreeTmpDsas(tmps);
return outLen;
}
#endif /* NO_DSA */
@@ -6609,8 +6713,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
byte* priv;
byte* pub;
#else
byte priv[ECC_MAXSIZE];
byte pub[ECC_MAXSIZE * 2 + 1]; /* public key has two parts plus header */
byte priv[ECC_MAXSIZE+1];
byte pub[2*(ECC_MAXSIZE+1)]; /* public key has two parts plus header */
#endif
if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
@@ -6636,11 +6740,11 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
return BUFFER_E;
#ifdef WOLFSSL_SMALL_STACK
priv = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
priv = (byte*)XMALLOC(ECC_MAXSIZE+1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (priv == NULL)
return MEMORY_E;
pub = (byte*)XMALLOC(ECC_MAXSIZE * 2 + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
pub = (byte*)XMALLOC(2*(ECC_MAXSIZE+1), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pub == NULL) {
XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
@@ -6713,7 +6817,7 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
else {
/* pub key */
pubSz = length - 1; /* null prefix */
if (pubSz < (ECC_MAXSIZE*2 + 1)) {
if (pubSz < 2*(ECC_MAXSIZE+1)) {
XMEMCPY(pub, &input[*inOutIdx], pubSz);
*inOutIdx += length;
ret = wc_ecc_import_private_key(priv, privSz, pub, pubSz,

517
wolfcrypt/src/ecc.c
View File

@@ -30,6 +30,7 @@
#ifdef HAVE_ECC
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/openssl/ec.h>
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
@@ -86,6 +87,7 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC112
{
14,
NID_secp111r1,
"SECP112R1",
"DB7C2ABF62E35E668076BEAD208B",
"DB7C2ABF62E35E668076BEAD2088",
@@ -98,6 +100,7 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC128
{
16,
NID_secp128r1,
"SECP128R1",
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",
@@ -110,6 +113,7 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC160
{
20,
NID_secp160r1,
"SECP160R1",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",
@@ -122,6 +126,7 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC192
{
24,
NID_cert192,
"ECC-192",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",
@@ -134,6 +139,7 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC224
{
28,
NID_cert224,
"ECC-224",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",
@@ -146,7 +152,8 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC256
{
32,
"ECC-256",
NID_X9_62_prime256v1,
"nistp256",
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",
"5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
@@ -158,7 +165,8 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC384
{
48,
"ECC-384",
NID_secp384r1,
"nistp384",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",
"B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
@@ -170,7 +178,8 @@ const ecc_set_type ecc_sets[] = {
#ifdef ECC521
{
66,
"ECC-521",
NID_secp521r1,
"nistp521",
"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",
"51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
@@ -180,21 +189,17 @@ const ecc_set_type ecc_sets[] = {
},
#endif
{
0,
0, -1,
NULL, NULL, NULL, NULL, NULL, NULL, NULL
}
};
ecc_point* ecc_new_point(void);
void ecc_del_point(ecc_point* p);
int ecc_map(ecc_point*, mp_int*, mp_digit*);
int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
mp_int* modulus, mp_digit* mp);
int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* modulus,
mp_digit* mp);
static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map);
static int ecc_check_pubkey_order(ecc_key* key, mp_int* prime, mp_int* order);
#ifdef ECC_SHAMIR
static int ecc_mul2add(ecc_point* A, mp_int* kA, ecc_point* B, mp_int* kB,
@@ -1009,7 +1014,7 @@ int ecc_map(ecc_point* P, mp_int* modulus, mp_digit* mp)
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map)
#else
static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
#endif
{
@@ -1224,7 +1229,7 @@ static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map)
#else
static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
#endif
{
@@ -1431,6 +1436,61 @@ void ecc_del_point(ecc_point* p)
}
}
/** Copy the value of a point to an other one
p The point to copy
r The created point
*/
int ecc_copy_point(ecc_point* p, ecc_point *r)
{
/* prevents null arguments */
if (p == NULL || r == NULL)
return 0;
if (mp_copy(p->x, r->x) != MP_OKAY)
return 0;
if (mp_copy(p->y, r->y) != MP_OKAY)
return 0;
if (mp_copy(p->z, r->z) != MP_OKAY)
return 0;
return 1;
}
/** Compare the value of a point with an other one
a The point to compare
b The othe point to compare
return 0 if equal, 1 if not, -1 in case of error
*/
int ecc_cmp_point(ecc_point* a, ecc_point *b)
{
int ret;
/* prevents null arguments */
if (a == NULL || b == NULL)
return -1;
ret = mp_cmp(a->x, b->x);
if (ret != MP_EQ) {
if (ret != MP_LT && ret != MP_GT)
return -1;
return 1;
}
ret = mp_cmp(a->y, b->y);
if (ret != MP_EQ) {
if (ret != MP_LT && ret != MP_GT)
return -1;
return 1;
}
ret = mp_cmp(a->z, b->z);
if (ret != MP_EQ) {
if (ret != MP_LT && ret != MP_GT)
return -1;
return 1;
}
return 0;
}
/** Returns whether an ECC idx is valid or not
n The idx number to check
@@ -1519,9 +1579,70 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
return err;
}
/**
Create an ECC shared secret between two keys
private_key The private ECC key
point The point to use (public key)
out [out] Destination of the shared secret
Conforms to EC-DH from ANSI X9.63
outlen [in/out] The max size and resulting size of the shared secret
return MP_OKAY if successful
*/
int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point, byte* out, word32 *outlen)
{
word32 x = 0;
ecc_point* result;
mp_int prime;
int err;
if (private_key == NULL || point == NULL || out == NULL || outlen == NULL)
return BAD_FUNC_ARG;
/* type valid? */
if (private_key->type != ECC_PRIVATEKEY) {
return ECC_BAD_ARG_E;
}
if (ecc_is_valid_idx(private_key->idx) == 0)
return ECC_BAD_ARG_E;
/* make new point */
result = ecc_new_point();
if (result == NULL) {
return MEMORY_E;
}
if ((err = mp_init(&prime)) != MP_OKAY) {
ecc_del_point(result);
return err;
}
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
if (err == MP_OKAY)
err = ecc_mulmod(&private_key->k, point, result, &prime, 1);
if (err == MP_OKAY) {
x = mp_unsigned_bin_size(&prime);
if (*outlen < x)
err = BUFFER_E;
}
if (err == MP_OKAY) {
XMEMSET(out, 0, x);
err = mp_to_unsigned_bin(result->x,out + (x - mp_unsigned_bin_size(result->x)));
*outlen = x;
}
mp_clear(&prime);
ecc_del_point(result);
return err;
}
/* return 1 if point is at infinity, 0 if not, < 0 on error */
static int ecc_point_is_at_infinity(ecc_point* p)
int ecc_point_is_at_infinity(ecc_point* p)
{
if (p == NULL)
return BAD_FUNC_ARG;
@@ -1533,38 +1654,7 @@ static int ecc_point_is_at_infinity(ecc_point* p)
}
int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp);
/**
Make a new ECC key
rng An active RNG state
keysize The keysize for the new key (in octets from 20 to 65 bytes)
key [out] Destination of the newly created key
return MP_OKAY if successful,
upon error all allocated memory will be freed
*/
int wc_ecc_make_key(RNG* rng, int keysize, ecc_key* key)
{
int x, err;
if (key == NULL || rng == NULL)
return ECC_BAD_ARG_E;
/* find key size */
for (x = 0; (keysize > ecc_sets[x].size) && (ecc_sets[x].size != 0); x++)
;
keysize = ecc_sets[x].size;
if (keysize > ECC_MAXSIZE || ecc_sets[x].size == 0) {
return BAD_FUNC_ARG;
}
err = wc_ecc_make_key_ex(rng, key, &ecc_sets[x]);
key->idx = x;
return err;
}
int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
{
int err;
ecc_point* base;
@@ -1679,6 +1769,34 @@ int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
return err;
}
/**
Make a new ECC key
rng An active RNG state
keysize The keysize for the new key (in octets from 20 to 65 bytes)
key [out] Destination of the newly created key
return MP_OKAY if successful,
upon error all allocated memory will be freed
*/
int wc_ecc_make_key(RNG* rng, int keysize, ecc_key* key)
{
int x, err;
if (key == NULL || rng == NULL)
return ECC_BAD_ARG_E;
/* find key size */
for (x = 0; (keysize > ecc_sets[x].size) && (ecc_sets[x].size != 0); x++)
;
keysize = ecc_sets[x].size;
if (keysize > ECC_MAXSIZE || ecc_sets[x].size == 0) {
return BAD_FUNC_ARG;
}
err = wc_ecc_make_key_ex(rng, key, &ecc_sets[x]);
key->idx = x;
return err;
}
/* Setup dynamic pointers is using normal math for proper freeing */
int wc_ecc_init(ecc_key* key)
@@ -1717,17 +1835,50 @@ int wc_ecc_init(ecc_key* key)
outlen [in/out] The max size and resulting size of the signature
key A private ECC key
return MP_OKAY if successful
*/
*/
int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
RNG* rng, ecc_key* key)
{
mp_int r;
mp_int s;
int err;
if (in == NULL || out == NULL || outlen == NULL || key == NULL || rng == NULL)
return ECC_BAD_ARG_E;
if ((err = mp_init_multi(&r, &s, NULL, NULL, NULL, NULL)) != MP_OKAY) {
return err;
}
err = wc_ecc_sign_hash_ex(in, inlen, rng, key, &r, &s);
if (err == MP_OKAY)
err = StoreECC_DSA_Sig(out, outlen, &r, &s);
mp_clear(&r);
mp_clear(&s);
return err;
}
/**
Sign a message digest
in The message digest to sign
inlen The length of the digest
out [out] The destination for the signature
outlen [in/out] The max size and resulting size of the signature
key A private ECC key
r [out] The destination for r component of the signature
s [out] The destination for s component of the signature
return MP_OKAY if successful
*/
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
ecc_key* key, mp_int *r, mp_int *s)
{
mp_int e;
mp_int p;
int err;
if (in == NULL || out == NULL || outlen == NULL || key == NULL || rng ==NULL)
if (in == NULL || r == NULL || s == NULL || key == NULL || rng == NULL)
return ECC_BAD_ARG_E;
/* is this a private key? */
@@ -1742,7 +1893,7 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
/* get the hash and load it as a bignum into 'e' */
/* init the bignums */
if ((err = mp_init_multi(&r, &s, &p, &e, NULL, NULL)) != MP_OKAY) {
if ((err = mp_init_multi(&p, &e, NULL, NULL, NULL, NULL)) != MP_OKAY) {
return err;
}
err = mp_read_radix(&p, (char *)key->dp->order, 16);
@@ -1775,10 +1926,10 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
if (err != MP_OKAY) break;
/* find r = x1 mod n */
err = mp_mod(pubkey.pubkey.x, &p, &r);
err = mp_mod(pubkey.pubkey.x, &p, r);
if (err != MP_OKAY) break;
if (mp_iszero(&r) == MP_YES) {
if (mp_iszero(r) == MP_YES) {
mp_clear(pubkey.pubkey.x);
mp_clear(pubkey.pubkey.y);
mp_clear(pubkey.pubkey.z);
@@ -1789,31 +1940,25 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
err = mp_invmod(&pubkey.k, &p, &pubkey.k);
if (err != MP_OKAY) break;
err = mp_mulmod(&key->k, &r, &p, &s); /* s = xr */
err = mp_mulmod(&key->k, r, &p, s); /* s = xr */
if (err != MP_OKAY) break;
err = mp_add(&e, &s, &s); /* s = e + xr */
err = mp_add(&e, s, s); /* s = e + xr */
if (err != MP_OKAY) break;
err = mp_mod(&s, &p, &s); /* s = e + xr */
err = mp_mod(s, &p, s); /* s = e + xr */
if (err != MP_OKAY) break;
err = mp_mulmod(&s, &pubkey.k, &p, &s); /* s = (e + xr)/k */
err = mp_mulmod(s, &pubkey.k, &p, s); /* s = (e + xr)/k */
if (err != MP_OKAY) break;
if (mp_iszero(&s) == MP_NO)
if (mp_iszero(s) == MP_NO)
break;
}
}
wc_ecc_free(&pubkey);
}
/* store as SEQUENCE { r, s -- integer } */
if (err == MP_OKAY)
err = StoreECC_DSA_Sig(out, outlen, &r, &s);
mp_clear(&r);
mp_clear(&s);
mp_clear(&p);
mp_clear(&e);
@@ -2093,13 +2238,53 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
stat Result of signature, 1==valid, 0==invalid
key The corresponding public ECC key
return MP_OKAY if successful (even if the signature is not valid)
*/
*/
int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* stat, ecc_key* key)
{
ecc_point *mG, *mQ;
mp_int r;
mp_int s;
int err;
if (sig == NULL || hash == NULL || stat == NULL || key == NULL)
return ECC_BAD_ARG_E;
/* default to invalid signature */
*stat = 0;
/* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s.
* If either of those don't allocate correctly, none of
* the rest of this function will execute, and everything
* gets cleaned up at the end. */
XMEMSET(&r, 0, sizeof(r));
XMEMSET(&s, 0, sizeof(s));
err = DecodeECC_DSA_Sig(sig, siglen, &r, &s);
if (err != MP_OKAY)
return err;
err = wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, stat, key);
mp_clear(&r);
mp_clear(&s);
return err;
}
/**
Verify an ECC signature
r The signature R component to verify
s The signature S component to verify
hash The hash (message digest) that was signed
hashlen The length of the hash (octets)
stat Result of signature, 1==valid, 0==invalid
key The corresponding public ECC key
return MP_OKAY if successful (even if the signature is not valid)
*/
int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* stat, ecc_key* key)
{
ecc_point *mG, *mQ;
mp_int v;
mp_int w;
mp_int u1;
@@ -2109,7 +2294,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
mp_int m;
int err;
if (sig == NULL || hash == NULL || stat == NULL || key == NULL)
if (r == NULL || s == NULL || hash == NULL || stat == NULL || key == NULL)
return ECC_BAD_ARG_E;
/* default to invalid signature */
@@ -2141,15 +2326,6 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
if (mQ == NULL || mG == NULL)
err = MEMORY_E;
/* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s.
* If either of those don't allocate correctly, none of
* the rest of this function will execute, and everything
* gets cleaned up at the end. */
XMEMSET(&r, 0, sizeof(r));
XMEMSET(&s, 0, sizeof(s));
if (err == MP_OKAY)
err = DecodeECC_DSA_Sig(sig, siglen, &r, &s);
/* get the order */
if (err == MP_OKAY)
err = mp_read_radix(&p, (char *)key->dp->order, 16);
@@ -2160,8 +2336,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
/* check for zero */
if (err == MP_OKAY) {
if (mp_iszero(&r) || mp_iszero(&s) || mp_cmp(&r, &p) != MP_LT ||
mp_cmp(&s, &p) != MP_LT)
if (mp_iszero(r) || mp_iszero(s) || mp_cmp(r, &p) != MP_LT || mp_cmp(s, &p) != MP_LT)
err = MP_ZERO_E;
}
/* read hash */
@@ -2181,7 +2356,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
/* w = s^-1 mod n */
if (err == MP_OKAY)
err = mp_invmod(&s, &p, &w);
err = mp_invmod(s, &p, &w);
/* u1 = ew */
if (err == MP_OKAY)
@@ -2189,7 +2364,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
/* u2 = rw */
if (err == MP_OKAY)
err = mp_mulmod(&r, &w, &p, &u2);
err = mp_mulmod(r, &w, &p, &u2);
/* find mG and mQ */
if (err == MP_OKAY)
@@ -2241,15 +2416,13 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
/* does v == r */
if (err == MP_OKAY) {
if (mp_cmp(&v, &r) == MP_EQ)
if (mp_cmp(&v, r) == MP_EQ)
*stat = 1;
}
ecc_del_point(mG);
ecc_del_point(mQ);
mp_clear(&r);
mp_clear(&s);
mp_clear(&v);
mp_clear(&w);
mp_clear(&u1);
@@ -2261,6 +2434,192 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
return err;
}
/* import point from der */
int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, ecc_point* point)
{
int err;
int compressed = 0;
if (in == NULL || point == NULL || (ecc_is_valid_idx(curve_idx) == 0))
return ECC_BAD_ARG_E;
/* must be odd */
if ((inLen & 1) == 0) {
return ECC_BAD_ARG_E;
}
/* init point */
#ifdef ALT_ECC_SIZE
point->x = (mp_int*)&point->xyz[0];
point->y = (mp_int*)&point->xyz[1];
point->z = (mp_int*)&point->xyz[2];
alt_fp_init(point->x);
alt_fp_init(point->y);
alt_fp_init(point->z);
#else
err = mp_init_multi(point->x, point->y, point->z, NULL, NULL, NULL);
#endif
if (err != MP_OKAY)
return MEMORY_E;
/* check for 4, 2, or 3 */
if (in[0] != 0x04 && in[0] != 0x02 && in[0] != 0x03) {
err = ASN_PARSE_E;
}
if (in[0] == 0x02 || in[0] == 0x03) {
#ifdef HAVE_COMP_KEY
compressed = 1;
#else
err = NOT_COMPILED_IN;
#endif
}
/* read data */
if (err == MP_OKAY)
err = mp_read_unsigned_bin(point->x, (byte*)in+1, (inLen-1)>>1);
#ifdef HAVE_COMP_KEY
if (err == MP_OKAY && compressed == 1) { /* build y */
mp_int t1, t2, prime, a, b;
if (mp_init_multi(&t1, &t2, &prime, &a, &b, NULL) != MP_OKAY)
err = MEMORY_E;
/* load prime */
if (err == MP_OKAY)
err = mp_read_radix(&prime, (char *)ecc_sets[curve_idx].prime, 16);
/* load a */
if (err == MP_OKAY)
err = mp_read_radix(&a, (char *)ecc_sets[curve_idx].Af, 16);
/* load b */
if (err == MP_OKAY)
err = mp_read_radix(&b, (char *)ecc_sets[curve_idx].Bf, 16);
/* compute x^3 */
if (err == MP_OKAY)
err = mp_sqr(point->x, &t1);
if (err == MP_OKAY)
err = mp_mulmod(&t1, point->x, &prime, &t1);
/* compute x^3 + a*x */
if (err == MP_OKAY)
err = mp_mulmod(&a, point->x, &prime, &t2);
if (err == MP_OKAY)
err = mp_add(&t1, &t2, &t1);
/* compute x^3 + a*x + b */
if (err == MP_OKAY)
err = mp_add(&t1, &b, &t1);
/* compute sqrt(x^3 + a*x + b) */
if (err == MP_OKAY)
err = mp_sqrtmod_prime(&t1, &prime, &t2);
/* adjust y */
if (err == MP_OKAY) {
if ((mp_isodd(&t2) && in[0] == 0x03) ||
(!mp_isodd(&t2) && in[0] == 0x02)) {
err = mp_mod(&t2, &prime, point->y);
}
else {
err = mp_submod(&prime, &t2, &prime, point->y);
}
}
mp_clear(&a);
mp_clear(&b);
mp_clear(&prime);
mp_clear(&t2);
mp_clear(&t1);
}
#endif
if (err == MP_OKAY && compressed == 0)
err = mp_read_unsigned_bin(point->y, (byte*)in+1+((inLen-1)>>1), (inLen-1)>>1);
if (err == MP_OKAY)
mp_set(point->z, 1);
if (err != MP_OKAY) {
mp_clear(point->x);
mp_clear(point->y);
mp_clear(point->z);
}
return err;
}
/* export point to der */
int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out, word32* outLen)
{
#ifdef WOLFSSL_SMALL_STACK
byte* buf;
#else
byte buf[ECC_BUFSIZE];
#endif
word32 numlen;
int ret = MP_OKAY;
if (curve_idx < 0)
return ECC_BAD_ARG_E;
/* return length needed only */
if (point != NULL && out == NULL && outLen != NULL) {
numlen = ecc_sets[curve_idx].size;
*outLen = 1 + 2*numlen;
return LENGTH_ONLY_E;
}
if (point == NULL && out == NULL && outLen == NULL)
return ECC_BAD_ARG_E;
numlen = ecc_sets[curve_idx].size;
if (*outLen < (1 + 2*numlen)) {
*outLen = 1 + 2*numlen;
return BUFFER_E;
}
/* store byte 0x04 */
out[0] = 0x04;
#ifdef WOLFSSL_SMALL_STACK
buf = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL)
return MEMORY_E;
#endif
do {
/* pad and store x */
XMEMSET(buf, 0, ECC_BUFSIZE);
ret = mp_to_unsigned_bin(point->x,
buf + (numlen - mp_unsigned_bin_size(point->x)));
if (ret != MP_OKAY)
break;
XMEMCPY(out+1, buf, numlen);
/* pad and store y */
XMEMSET(buf, 0, ECC_BUFSIZE);
ret = mp_to_unsigned_bin(point->y,
buf + (numlen - mp_unsigned_bin_size(point->y)));
if (ret != MP_OKAY)
break;
XMEMCPY(out+1+numlen, buf, numlen);
*outLen = 1 + 2*numlen;
} while (0);
#ifdef WOLFSSL_SMALL_STACK
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
/* export public ECC key in ANSI X9.63 format */
int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
@@ -4203,7 +4562,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
return err;
}
#endif
#endif /* ECC_SHAMIR */
/** ECC Fixed Point mulmod global
k The multiplicand

177
wolfcrypt/src/integer.c
View File

@@ -45,7 +45,23 @@
#endif
#endif
static void bn_reverse (unsigned char *s, int len);
/* reverse an array, used for radix code */
static void
bn_reverse (unsigned char *s, int len)
{
int ix, iy;
unsigned char t;
ix = 0;
iy = len - 1;
while (ix < iy) {
t = s[ix];
s[ix] = s[iy];
s[iy] = t;
++ix;
--iy;
}
}
/* math settings check */
word32 CheckRunTimeSettings(void)
@@ -327,25 +343,6 @@ int mp_grow (mp_int * a, int size)
}
/* reverse an array, used for radix code */
void
bn_reverse (unsigned char *s, int len)
{
int ix, iy;
unsigned char t;
ix = 0;
iy = len - 1;
while (ix < iy) {
t = s[ix];
s[ix] = s[iy];
s[iy] = t;
++ix;
--iy;
}
}
/* shift right by a certain bit count (store quotient in c, optional
remainder in d) */
int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d)
@@ -1251,6 +1248,14 @@ void mp_set (mp_int * a, mp_digit b)
a->used = (a->dp[0] != 0) ? 1 : 0;
}
/* chek if a bit is set */
int mp_is_bit_set (mp_int *a, mp_digit b)
{
if ((mp_digit)a->used < b/DIGIT_BIT)
return 0;
return (int)((a->dp[b/DIGIT_BIT] >> b%DIGIT_BIT) & (mp_digit)1);
}
/* c = a mod b, 0 <= c < b */
int
@@ -2514,6 +2519,25 @@ mp_2expt (mp_int * a, int b)
return MP_OKAY;
}
/* set the b bit of a */
int
mp_set_bit (mp_int * a, int b)
{
int i = b / DIGIT_BIT, res;
/* grow a to accomodate the single bit */
if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
return res;
}
/* set the used count of where the bit will go */
a->used = i + 1;
/* put the single bit in its place */
a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
return MP_OKAY;
}
/* multiply by a digit */
int
@@ -3961,7 +3985,7 @@ int mp_sub_d (mp_int * a, mp_digit b, mp_int * c)
#endif /* defined(HAVE_ECC) || !defined(NO_PWDBASED) */
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(HAVE_ECC)
static const int lnz[16] = {
4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
@@ -4096,7 +4120,7 @@ int mp_mod_d (mp_int * a, mp_digit b, mp_digit * c)
return mp_div_d(a, b, NULL, c);
}
#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) || defined(HAVE_ECC) */
#ifdef WOLFSSL_KEY_GEN
@@ -4514,6 +4538,115 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
return MP_OKAY;
}
/* returns size of ASCII representation */
int mp_radix_size (mp_int *a, int radix, int *size)
{
int res, digs;
mp_int t;
mp_digit d;
*size = 0;
/* special case for binary */
if (radix == 2) {
*size = mp_count_bits (a) + (a->sign == MP_NEG ? 1 : 0) + 1;
return MP_OKAY;
}
/* make sure the radix is in range */
if (radix < 2 || radix > 64) {
return MP_VAL;
}
if (mp_iszero(a) == MP_YES) {
*size = 2;
return MP_OKAY;
}
/* digs is the digit count */
digs = 0;
/* if it's negative add one for the sign */
if (a->sign == MP_NEG) {
++digs;
}
/* init a copy of the input */
if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
return res;
}
/* force temp to positive */
t.sign = MP_ZPOS;
/* fetch out all of the digits */
while (mp_iszero (&t) == MP_NO) {
if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
mp_clear (&t);
return res;
}
++digs;
}
mp_clear (&t);
/* return digs + 1, the 1 is for the NULL byte that would be required. */
*size = digs + 1;
return MP_OKAY;
}
/* stores a bignum as a ASCII string in a given radix (2..64) */
int mp_toradix (mp_int *a, char *str, int radix)
{
int res, digs;
mp_int t;
mp_digit d;
char *_s = str;
/* check range of the radix */
if (radix < 2 || radix > 64) {
return MP_VAL;
}
/* quick out if its zero */
if (mp_iszero(a) == 1) {
*str++ = '0';
*str = '\0';
return MP_OKAY;
}
if ((res = mp_init_copy (&t, a)) != MP_OKAY) {
return res;
}
/* if it is negative output a - */
if (t.sign == MP_NEG) {
++_s;
*str++ = '-';
t.sign = MP_ZPOS;
}
digs = 0;
while (mp_iszero (&t) == 0) {
if ((res = mp_div_d (&t, (mp_digit) radix, &t, &d)) != MP_OKAY) {
mp_clear (&t);
return res;
}
*str++ = mp_s_rmap[d];
++digs;
}
/* reverse the digits of the string. In this case _s points
* to the first digit [exluding the sign] of the number]
*/
bn_reverse ((unsigned char *)_s, digs);
/* append a NULL so the string is properly terminated */
*str = '\0';
mp_clear (&t);
return MP_OKAY;
}
#endif /* HAVE_ECC */
#endif /* USE_FAST_MATH */

139
wolfcrypt/src/tfm.c
View File

@@ -1810,6 +1810,15 @@ void fp_set(fp_int *a, fp_digit b)
a->used = a->dp[0] ? 1 : 0;
}
/* chek if a bit is set */
int fp_is_bit_set (fp_int *a, fp_digit b)
{
if ((fp_digit)a->used < b/DIGIT_BIT)
return 0;
return (int)((a->dp[b/DIGIT_BIT] >> b%DIGIT_BIT) & (fp_digit)1);
}
int fp_count_bits (fp_int * a)
{
int r;
@@ -2100,6 +2109,11 @@ int mp_sub_d(fp_int *a, fp_digit b, fp_int *c)
return MP_OKAY;
}
int mp_mul_2d(fp_int *a, int b, fp_int *c)
{
fp_mul_2d(a, b, c);
return MP_OKAY;
}
#ifdef ALT_ECC_SIZE
void fp_copy(fp_int *a, fp_int* b)
@@ -2169,6 +2183,10 @@ int mp_set_int(fp_int *a, fp_digit b)
return MP_OKAY;
}
int mp_is_bit_set (fp_int *a, fp_digit b)
{
return fp_is_bit_set(a, b);
}
#if defined(WOLFSSL_KEY_GEN) || defined (HAVE_ECC)
@@ -2677,6 +2695,11 @@ int mp_init_copy(fp_int * a, fp_int * b)
return MP_OKAY;
}
int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
{
fp_div_2d(a, b, c, d);
return MP_OKAY;
}
#ifdef HAVE_COMP_KEY
@@ -2686,15 +2709,119 @@ int mp_cnt_lsb(fp_int* a)
return MP_OKAY;
}
int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
{
fp_div_2d(a, b, c, d);
return MP_OKAY;
}
#endif /* HAVE_COMP_KEY */
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
/* returns size of ASCII reprensentation */
int mp_radix_size (mp_int *a, int radix, int *size)
{
int res, digs;
fp_int t;
fp_digit d;
*size = 0;
/* special case for binary */
if (radix == 2) {
*size = fp_count_bits (a) + (a->sign == FP_NEG ? 1 : 0) + 1;
return FP_YES;
}
/* make sure the radix is in range */
if (radix < 2 || radix > 64) {
return FP_VAL;
}
if (fp_iszero(a) == MP_YES) {
*size = 2;
return FP_YES;
}
/* digs is the digit count */
digs = 0;
/* if it's negative add one for the sign */
if (a->sign == FP_NEG) {
++digs;
}
/* init a copy of the input */
fp_init_copy (&t, a);
/* force temp to positive */
t.sign = FP_ZPOS;
/* fetch out all of the digits */
while (fp_iszero (&t) == FP_NO) {
if ((res = fp_div_d (&t, (mp_digit) radix, &t, &d)) != FP_OKAY) {
fp_zero (&t);
return res;
}
++digs;
}
fp_zero (&t);
/* return digs + 1, the 1 is for the NULL byte that would be required. */
*size = digs + 1;
return FP_OKAY;
}
/* stores a bignum as a ASCII string in a given radix (2..64) */
int mp_toradix (mp_int *a, char *str, int radix)
{
int res, digs;
fp_int t;
fp_digit d;
char *_s = str;
/* check range of the radix */
if (radix < 2 || radix > 64) {
return FP_VAL;
}
/* quick out if its zero */
if (fp_iszero(a) == 1) {
*str++ = '0';
*str = '\0';
return FP_YES;
}
/* init a copy of the input */
fp_init_copy (&t, a);
/* if it is negative output a - */
if (t.sign == FP_NEG) {
++_s;
*str++ = '-';
t.sign = FP_ZPOS;
}
digs = 0;
while (fp_iszero (&t) == 0) {
if ((res = fp_div_d (&t, (fp_digit) radix, &t, &d)) != FP_OKAY) {
fp_zero (&t);
return res;
}
*str++ = fp_s_rmap[d];
++digs;
}
/* reverse the digits of the string. In this case _s points
* to the first digit [exluding the sign] of the number]
*/
fp_reverse ((unsigned char *)_s, digs);
/* append a NULL so the string is properly terminated */
*str = '\0';
fp_zero (&t);
return FP_OKAY;
}
#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
#endif /* HAVE_ECC */
#endif /* USE_FAST_MATH */

38
wolfssl/openssl/bn.h
View File

@@ -5,6 +5,7 @@
#define WOLFSSL_BN_H_
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/integer.h>
#ifdef __cplusplus
extern "C" {
@@ -16,8 +17,10 @@ typedef struct WOLFSSL_BIGNUM {
} WOLFSSL_BIGNUM;
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
#define WOLFSSL_BN_ULONG mp_digit
typedef struct WOLFSSL_BN_CTX WOLFSSL_BN_CTX;
typedef struct WOLFSSL_BN_GENCB WOLFSSL_BN_GENCB;
WOLFSSL_API WOLFSSL_BN_CTX* wolfSSL_BN_CTX_new(void);
WOLFSSL_API void wolfSSL_BN_CTX_init(WOLFSSL_BN_CTX*);
@@ -58,14 +61,28 @@ WOLFSSL_API int wolfSSL_BN_hex2bn(WOLFSSL_BIGNUM**, const char* str);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_dup(const WOLFSSL_BIGNUM*);
WOLFSSL_API WOLFSSL_BIGNUM* wolfSSL_BN_copy(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, unsigned long w);
WOLFSSL_API int wolfSSL_BN_dec2bn(WOLFSSL_BIGNUM**, const char* str);
WOLFSSL_API char* wolfSSL_BN_bn2dec(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_lshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API int wolfSSL_BN_add_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
WOLFSSL_API int wolfSSL_BN_set_bit(WOLFSSL_BIGNUM*, int);
WOLFSSL_API int wolfSSL_BN_set_word(WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
/* 2/6 */
WOLFSSL_API int wolfSSL_BN_add(WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*, WOLFSSL_BIGNUM*);
WOLFSSL_API char *wolfSSL_BN_bn2hex(const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_is_prime_ex(const WOLFSSL_BIGNUM*, int, WOLFSSL_BN_CTX*, WOLFSSL_BN_GENCB*);
WOLFSSL_API WOLFSSL_BN_ULONG wolfSSL_BN_mod_word(const WOLFSSL_BIGNUM*, WOLFSSL_BN_ULONG);
WOLFSSL_API int wolfSSL_BN_print_fp(FILE*, const WOLFSSL_BIGNUM*);
WOLFSSL_API int wolfSSL_BN_rshift(WOLFSSL_BIGNUM*, const WOLFSSL_BIGNUM*, int);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_BN_CTX_get(WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_BN_CTX_start(WOLFSSL_BN_CTX *ctx);
typedef WOLFSSL_BIGNUM BIGNUM;
typedef WOLFSSL_BN_CTX BN_CTX;
typedef WOLFSSL_BN_GENCB BN_GENCB;
#define BN_CTX_new wolfSSL_BN_CTX_new
#define BN_CTX_init wolfSSL_BN_CTX_init
@@ -104,7 +121,22 @@ typedef WOLFSSL_BN_CTX BN_CTX;
#define BN_dec2bn wolfSSL_BN_dec2bn
#define BN_bn2dec wolfSSL_BN_bn2dec
#define BN_bn2hex wolfSSL_BN_bn2hex
#define BN_lshift wolfSSL_BN_lshift
#define BN_add_word wolfSSL_BN_add_word
#define BN_add wolfSSL_BN_add
#define BN_set_word wolfSSL_BN_set_word
#define BN_set_bit wolfSSL_BN_set_bit
#define BN_is_prime_ex wolfSSL_BN_is_prime_ex
#define BN_print_fp wolfSSL_BN_print_fp
#define BN_rshift wolfSSL_BN_rshift
#define BN_mod_word wolfSSL_BN_mod_word
#define BN_CTX_get wolfSSL_BN_CTX_get
#define BN_CTX_start wolfSSL_BN_CTX_start
#ifdef __cplusplus
} /* extern "C" */

2
wolfssl/openssl/dsa.h
View File

@@ -38,6 +38,8 @@ WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,
WOLFSSL_API int wolfSSL_DSA_LoadDer(WOLFSSL_DSA*, const unsigned char*, int sz);
WOLFSSL_API int wolfSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet,
WOLFSSL_DSA* dsa);
WOLFSSL_API int wolfSSL_DSA_do_verify(const unsigned char* d, unsigned char* sig,
WOLFSSL_DSA* dsa, int *dsacheck);
#define DSA_new wolfSSL_DSA_new
#define DSA_free wolfSSL_DSA_free

121
wolfssl/openssl/ec.h
View File

@@ -1,2 +1,123 @@
/* ec.h for openssl */
#ifndef WOLFSSL_EC_H_
#define WOLFSSL_EC_H_
#include <wolfssl/openssl/ssl.h>
#include <wolfssl/openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
/* Map OpenSSL NID value */
enum {
POINT_CONVERSION_UNCOMPRESSED = 4,
NID_secp111r1 = 0,
NID_secp128r1 = 1,
NID_secp160r1 = 2,
NID_cert192 = 3,
NID_cert224 = 4,
NID_X9_62_prime256v1 = 5,
NID_secp384r1 = 6,
NID_secp521r1 = 7,
NID_X9_62_prime_field = 100,
OPENSSL_EC_NAMED_CURVE = 0x001
};
struct WOLFSSL_EC_POINT {
WOLFSSL_BIGNUM *X;
WOLFSSL_BIGNUM *Y;
WOLFSSL_BIGNUM *Z;
void* internal; /* our ECC point */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
};
struct WOLFSSL_EC_GROUP {
int curve_idx; /* index of curve, used by WolfSSL as a curve reference */
int curve_nid; /* NID of curve, used by OpenSSL/OpenSSH as a curve reference */
};
struct WOLFSSL_EC_KEY {
WOLFSSL_EC_GROUP *group;
WOLFSSL_EC_POINT *pub_key;
WOLFSSL_BIGNUM *priv_key;
void* internal; /* our ECC Key */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
};
WOLFSSL_API int wolfSSL_ECPoint_i2d(const WOLFSSL_EC_GROUP *curve, const WOLFSSL_EC_POINT *p, unsigned char *out, unsigned int *len);
WOLFSSL_API int wolfSSL_ECPoint_d2i(unsigned char *in, unsigned int len, const WOLFSSL_EC_GROUP *curve, WOLFSSL_EC_POINT *p);
WOLFSSL_API int wolfSSL_EC_KEY_LoadDer(WOLFSSL_EC_KEY* key, const unsigned char* der, int derSz);
WOLFSSL_API void wolfSSL_EC_KEY_free(WOLFSSL_EC_KEY *key);
WOLFSSL_API WOLFSSL_EC_POINT *wolfSSL_EC_KEY_get0_public_key(const WOLFSSL_EC_KEY *key);
WOLFSSL_API const WOLFSSL_EC_GROUP *wolfSSL_EC_KEY_get0_group(const WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_EC_KEY_set_private_key(WOLFSSL_EC_KEY *key, const WOLFSSL_BIGNUM *priv_key);
WOLFSSL_API WOLFSSL_BIGNUM *wolfSSL_EC_KEY_get0_private_key(const WOLFSSL_EC_KEY *key);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new_by_curve_name(int nid);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EC_KEY_new(void);
WOLFSSL_API int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group);
WOLFSSL_API int wolfSSL_EC_KEY_generate_key(WOLFSSL_EC_KEY *key);
WOLFSSL_API void wolfSSL_EC_KEY_set_asn1_flag(WOLFSSL_EC_KEY *key, int asn1_flag);
WOLFSSL_API int wolfSSL_EC_KEY_set_public_key(WOLFSSL_EC_KEY *key, const WOLFSSL_EC_POINT *pub);
WOLFSSL_API void wolfSSL_EC_GROUP_set_asn1_flag(WOLFSSL_EC_GROUP *group, int flag);
WOLFSSL_API WOLFSSL_EC_GROUP *wolfSSL_EC_GROUP_new_by_curve_name(int nid);
WOLFSSL_API int wolfSSL_EC_GROUP_cmp(const WOLFSSL_EC_GROUP *a, const WOLFSSL_EC_GROUP *b, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API int wolfSSL_EC_GROUP_get_curve_name(const WOLFSSL_EC_GROUP *group);
WOLFSSL_API int wolfSSL_EC_GROUP_get_degree(const WOLFSSL_EC_GROUP *group);
WOLFSSL_API int wolfSSL_EC_GROUP_get_order(const WOLFSSL_EC_GROUP *group, WOLFSSL_BIGNUM *order, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_EC_GROUP_free(WOLFSSL_EC_GROUP *group);
WOLFSSL_API void wolfssl_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *p);
WOLFSSL_API WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group);
WOLFSSL_API int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group, const WOLFSSL_EC_POINT *p,
WOLFSSL_BIGNUM *x, WOLFSSL_BIGNUM *y, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r, const WOLFSSL_BIGNUM *n,
const WOLFSSL_EC_POINT *q, const WOLFSSL_BIGNUM *m, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_EC_POINT_clear_free(WOLFSSL_EC_POINT *point);
WOLFSSL_API int wolfSSL_EC_POINT_cmp(const WOLFSSL_EC_GROUP *group, const WOLFSSL_EC_POINT *a,
const WOLFSSL_EC_POINT *b, WOLFSSL_BN_CTX *ctx);
WOLFSSL_API void wolfSSL_EC_POINT_free(WOLFSSL_EC_POINT *point);
WOLFSSL_API int wolfSSL_EC_POINT_is_at_infinity(const WOLFSSL_EC_GROUP *group, const WOLFSSL_EC_POINT *a);
#define EC_KEY_free wolfSSL_EC_KEY_free
#define EC_KEY_get0_public_key wolfSSL_EC_KEY_get0_public_key
#define EC_KEY_get0_group wolfSSL_EC_KEY_get0_group
#define EC_KEY_set_private_key wolfSSL_EC_KEY_set_private_key
#define EC_KEY_get0_private_key wolfSSL_EC_KEY_get0_private_key
#define EC_KEY_new_by_curve_name wolfSSL_EC_KEY_new_by_curve_name
#define EC_KEY_set_group wolfSSL_EC_KEY_set_group
#define EC_KEY_generate_key wolfSSL_EC_KEY_generate_key
#define EC_KEY_set_asn1_flag wolfSSL_EC_KEY_set_asn1_flag
#define EC_KEY_set_public_key wolfSSL_EC_KEY_set_public_key
#define EC_KEY_new wolfSSL_EC_KEY_new
#define EC_GROUP_set_asn1_flag wolfSSL_EC_GROUP_set_asn1_flag
#define EC_GROUP_new_by_curve_name wolfSSL_EC_GROUP_new_by_curve_name
#define EC_GROUP_cmp wolfSSL_EC_GROUP_cmp
#define EC_GROUP_get_curve_name wolfSSL_EC_GROUP_get_curve_name
#define EC_GROUP_get_degree wolfSSL_EC_GROUP_get_degree
#define EC_GROUP_get_order wolfSSL_EC_GROUP_get_order
#define EC_GROUP_free wolfSSL_EC_GROUP_free
#define EC_POINT_new wolfSSL_EC_POINT_new
#define EC_POINT_get_affine_coordinates_GFp wolfSSL_EC_POINT_get_affine_coordinates_GFp
#define EC_POINT_mul wolfSSL_EC_POINT_mul
#define EC_POINT_clear_free wolfSSL_EC_POINT_clear_free
#define EC_POINT_cmp wolfSSL_EC_POINT_cmp
#define EC_POINT_free wolfSSL_EC_POINT_free
#define EC_POINT_is_at_infinity wolfSSL_EC_POINT_is_at_infinity
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

23
wolfssl/openssl/ecdh.h Normal file
View File

@@ -0,0 +1,23 @@
/* ecdh.h for openssl */
#ifndef WOLFSSL_ECDH_H_
#define WOLFSSL_ECDH_H_
#include <wolfssl/openssl/ssl.h>
#include <wolfssl/openssl/bn.h>
#ifdef __cplusplus
extern C {
#endif
WOLFSSL_API int wolfSSL_ECDH_compute_key(void *out, size_t outlen, const WOLFSSL_EC_POINT *pub_key,
WOLFSSL_EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen));
#define ECDH_compute_key wolfSSL_ECDH_compute_key
#ifdef __cplusplus
} /* extern C */
#endif
#endif /* header */

36
wolfssl/openssl/ecdsa.h
View File

@@ -1,2 +1,38 @@
/* ecdsa.h for openssl */
#ifndef WOLFSSL_ECDSA_H_
#define WOLFSSL_ECDSA_H_
#include <wolfssl/openssl/ssl.h>
#include <wolfssl/openssl/bn.h>
#ifdef __cplusplus
extern "C" {
#endif
struct WOLFSSL_ECDSA_SIG {
WOLFSSL_BIGNUM *r;
WOLFSSL_BIGNUM *s;
#if 0
void* internal; /* our EC DSA */
char inSet; /* internal set from external ? */
char exSet; /* external set from internal ? */
#endif
};
WOLFSSL_API void wolfSSL_ECDSA_SIG_free(WOLFSSL_ECDSA_SIG *sig);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_SIG_new(void);
WOLFSSL_API WOLFSSL_ECDSA_SIG *wolfSSL_ECDSA_do_sign(const unsigned char *dgst, int dgst_len, WOLFSSL_EC_KEY *eckey);
WOLFSSL_API int wolfSSL_ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const WOLFSSL_ECDSA_SIG *sig, WOLFSSL_EC_KEY *eckey);
#define ECDSA_SIG_free wolfSSL_ECDSA_SIG_free
#define ECDSA_SIG_new wolfSSL_ECDSA_SIG_new
#define ECDSA_do_sign wolfSSL_ECDSA_do_sign
#define ECDSA_do_verify wolfSSL_ECDSA_do_verify
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* header */

5
wolfssl/openssl/evp.h
View File

@@ -41,6 +41,7 @@
#include <wolfssl/openssl/ripemd.h>
#include <wolfssl/openssl/rsa.h>
#include <wolfssl/openssl/dsa.h>
#include <wolfssl/openssl/ec.h>
#include <wolfssl/wolfcrypt/aes.h>
#include <wolfssl/wolfcrypt/des3.h>
@@ -124,6 +125,7 @@ enum {
NULL_CIPHER_TYPE = 10,
EVP_PKEY_RSA = 11,
EVP_PKEY_DSA = 12,
EVP_PKEY_EC = 13,
NID_sha1 = 64,
NID_md5 = 4
};
@@ -182,6 +184,7 @@ WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int);
WOLFSSL_API WOLFSSL_RSA* wolfSSL_EVP_PKEY_get1_RSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_DSA* wolfSSL_EVP_PKEY_get1_DSA(WOLFSSL_EVP_PKEY*);
WOLFSSL_API WOLFSSL_EC_KEY *wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY *key);
/* these next ones don't need real OpenSSL type, for OpenSSH compat only */
WOLFSSL_API void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx);
@@ -244,6 +247,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_PKEY_get1_RSA wolfSSL_EVP_PKEY_get1_RSA
#define EVP_PKEY_get1_DSA wolfSSL_EVP_PKEY_get1_DSA
#define EVP_PKEY_get1_EC_KEY wolfSSL_EVP_PKEY_get1_EC_KEY
#ifndef EVP_MAX_MD_SIZE
#define EVP_MAX_MD_SIZE 64 /* sha512 */

1
wolfssl/openssl/include.am
View File

@@ -11,6 +11,7 @@ nobase_include_HEADERS+= \
wolfssl/openssl/dh.h \
wolfssl/openssl/dsa.h \
wolfssl/openssl/ecdsa.h \
wolfssl/openssl/ecdh.h \
wolfssl/openssl/ec.h \
wolfssl/openssl/engine.h \
wolfssl/openssl/err.h \

2
wolfssl/openssl/opensslv.h
View File

@@ -5,7 +5,7 @@
/* api version compatibility */
#define OPENSSL_VERSION_NUMBER 0x0090410fL
#define OPENSSL_VERSION_NUMBER 0x0090810fL
#endif /* header */

57
wolfssl/openssl/pem.h
View File

@@ -14,23 +14,70 @@
#endif
WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, RSA* rsa,
WOLFSSL_API int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, DSA* rsa,
WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**, pem_password_cb cb, void* arg);
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
#define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u);
WOLFSSL_API int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_buf_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#ifdef __cplusplus
} /* extern "C" */

4
wolfssl/openssl/ssl.h
View File

@@ -58,6 +58,10 @@ typedef WOLFSSL_X509_CHAIN X509_CHAIN;
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_RSA RSA;
typedef WOLFSSL_DSA DSA;
typedef WOLFSSL_EC_KEY EC_KEY;
typedef WOLFSSL_EC_GROUP EC_GROUP;
typedef WOLFSSL_EC_POINT EC_POINT;
typedef WOLFSSL_ECDSA_SIG ECDSA_SIG;
typedef WOLFSSL_BIO BIO;
typedef WOLFSSL_BIO_METHOD BIO_METHOD;
typedef WOLFSSL_CIPHER SSL_CIPHER;

4
wolfssl/ssl.h
View File

@@ -76,6 +76,10 @@ typedef struct WOLFSSL_SOCKADDR WOLFSSL_SOCKADDR;
typedef struct WOLFSSL_RSA WOLFSSL_RSA;
typedef struct WOLFSSL_DSA WOLFSSL_DSA;
typedef struct WOLFSSL_EC_KEY WOLFSSL_EC_KEY;
typedef struct WOLFSSL_EC_POINT WOLFSSL_EC_POINT;
typedef struct WOLFSSL_EC_GROUP WOLFSSL_EC_GROUP;
typedef struct WOLFSSL_ECDSA_SIG WOLFSSL_ECDSA_SIG;
typedef struct WOLFSSL_CIPHER WOLFSSL_CIPHER;
typedef struct WOLFSSL_X509_LOOKUP WOLFSSL_X509_LOOKUP;
typedef struct WOLFSSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD;

1
wolfssl/wolfcrypt/asn.h
View File

@@ -145,6 +145,7 @@ enum Misc_ASN {
KEYID_SIZE = SHA_DIGEST_SIZE,
#endif
RSA_INTS = 8, /* RSA ints in private key */
DSA_INTS = 5, /* DSA ints in private key */
MIN_DATE_SIZE = 13,
MAX_DATE_SIZE = 32,
ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */

5
wolfssl/wolfcrypt/asn_public.h
View File

@@ -43,7 +43,10 @@ enum CertType {
CRL_TYPE,
CA_TYPE,
ECC_PRIVATEKEY_TYPE,
CERTREQ_TYPE
CERTREQ_TYPE,
DSA_TYPE,
ECC_TYPE,
RSA_TYPE
};

3
wolfssl/wolfcrypt/dsa.h
View File

@@ -36,6 +36,7 @@
#define DsaVerify wc_DsaVerify
#define DsaPublicKeyDecode wc_DsaPublicKeyDecode
#define DsaPrivateKeyDecode wc_DsaPrivateKeyDecode
#define DsaKeyToDer wc_DsaKeyToDer
#ifdef __cplusplus
extern "C" {
@@ -66,6 +67,8 @@ WOLFSSL_API int wc_DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKe
WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*,
word32);
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
#ifdef __cplusplus
} /* extern "C" */
#endif

25
wolfssl/wolfcrypt/ecc.h
View File

@@ -47,6 +47,7 @@ enum {
/* ECC set type defined a NIST GF(p) curve */
typedef struct {
int size; /* The size of the curve in octets */
int nid; /* id of this curve */
const char* name; /* name of this curve */
const char* prime; /* prime that defines the field, curve is in (hex) */
const char* Af; /* fields A param (hex) */
@@ -140,18 +141,38 @@ WOLFSSL_API
int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
word32* outlen);
WOLFSSL_API
int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point, byte* out, word32 *outlen);
WOLFSSL_API
int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
RNG* rng, ecc_key* key);
WOLFSSL_API
int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
ecc_key* key, mp_int *r, mp_int *s);
WOLFSSL_API
int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
WOLFSSL_API
int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
word32 hashlen, int* stat, ecc_key* key);
WOLFSSL_API
int wc_ecc_init(ecc_key* key);
WOLFSSL_API
void wc_ecc_free(ecc_key* key);
WOLFSSL_API
void wc_ecc_fp_free(void);
WOLFSSL_API
ecc_point* ecc_new_point(void);
WOLFSSL_API
void ecc_del_point(ecc_point* p);
WOLFSSL_API
int ecc_copy_point(ecc_point* p, ecc_point *r);
WOLFSSL_API
int ecc_cmp_point(ecc_point* a, ecc_point *b);
WOLFSSL_API
int ecc_point_is_at_infinity(ecc_point *p);
WOLFSSL_API
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, int map);
/* ASN key helpers */
WOLFSSL_API
@@ -173,6 +194,10 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
WOLFSSL_API
int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out, word32* outLen);
int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx, ecc_point* point);
/* size helper */
WOLFSSL_API
int wc_ecc_size(ecc_key* key);

7
wolfssl/wolfcrypt/integer.h
View File

@@ -140,7 +140,8 @@ extern "C" {
#define MP_OKAY 0 /* ok result */
#define MP_MEM -2 /* out of mem */
#define MP_VAL -3 /* invalid input */
#define MP_RANGE MP_VAL
#define MP_NOT_INF -4 /* point not at infinity */
#define MP_RANGE MP_NOT_INF
#define MP_YES 1 /* yes response */
#define MP_NO 0 /* no response */
@@ -250,6 +251,7 @@ int mp_cmp_mag (mp_int * a, mp_int * b);
int mp_cmp (mp_int * a, mp_int * b);
int mp_cmp_d(mp_int * a, mp_digit b);
void mp_set (mp_int * a, mp_digit b);
int mp_is_bit_set (mp_int * a, mp_digit b);
int mp_mod (mp_int * a, mp_int * b, mp_int * c);
int mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_div_2(mp_int * a, mp_int * b);
@@ -287,6 +289,7 @@ int mp_sqr (mp_int * a, mp_int * b);
int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_mul_d (mp_int * a, mp_digit b, mp_int * c);
int mp_2expt (mp_int * a, int b);
int mp_set_bit (mp_int * a, int b);
int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
int mp_add_d (mp_int* a, mp_digit b, mp_int* c);
int mp_set_int (mp_int * a, unsigned long b);
@@ -296,6 +299,8 @@ int mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
/* added */
int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e,
mp_int* f);
int mp_toradix (mp_int *a, char *str, int radix);
int mp_radix_size (mp_int * a, int radix, int *size);
#if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
int mp_sqrmod(mp_int* a, mp_int* b, mp_int* c);

14
wolfssl/wolfcrypt/tfm.h
View File

@@ -234,6 +234,10 @@
*
* It defaults to 4096-bits [allowing multiplications upto 2048x2048 bits ]
*/
/* For DH with 3072 bits key size */
//#define FP_MAX_BITS 32768
#ifndef FP_MAX_BITS
#define FP_MAX_BITS 4096
#endif
@@ -258,6 +262,7 @@
#define FP_OKAY 0
#define FP_VAL 1
#define FP_MEM 2
#define FP_NOT_INF 3
/* equalities */
#define FP_LT -1 /* less than */
@@ -372,6 +377,9 @@ typedef struct {
/* set to a small digit */
void fp_set(fp_int *a, fp_digit b);
/* check if a bit is set */
int fp_is_bit_set(fp_int *a, fp_digit b);
/* copy from a to b */
#ifndef ALT_ECC_SIZE
#define fp_copy(a, b) (void)(((a) != (b)) ? ((void)XMEMCPY((b), (a), sizeof(fp_int))) : (void)0)
@@ -645,6 +653,7 @@ void fp_sqr_comba64(fp_int *a, fp_int *b);
#define MP_EQ FP_EQ /* equal to */
#define MP_GT FP_GT /* greater than */
#define MP_VAL FP_VAL /* invalid */
#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
#define MP_OKAY FP_OKAY /* ok result */
#define MP_NO FP_NO /* yes/no result */
#define MP_YES FP_YES /* yes/no result */
@@ -665,6 +674,8 @@ int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d);
int mp_mod(mp_int *a, mp_int *b, mp_int *c);
int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y);
int mp_mul_2d(mp_int *a, int b, mp_int *c);
int mp_cmp(mp_int *a, mp_int *b);
int mp_cmp_d(mp_int *a, mp_digit b);
@@ -680,7 +691,10 @@ int mp_iszero(mp_int* a);
int mp_count_bits(mp_int *a);
int mp_leading_bit(mp_int *a);
int mp_set_int(fp_int *a, fp_digit b);
int mp_is_bit_set (fp_int * a, fp_digit b);
void mp_rshb(mp_int *a, int x);
int mp_toradix (mp_int *a, char *str, int radix);
int mp_radix_size (mp_int * a, int radix, int *size);
#ifdef HAVE_ECC
int mp_read_radix(mp_int* a, const char* str, int radix);