From 41d6afcfa17fef9bcccf83a2faa2ce5c38f28839 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Wed, 30 Aug 2023 10:22:41 +1000 Subject: [PATCH] ECIES: add support for other KDFs --- wolfcrypt/src/ecc.c | 51 ++++++++++++++++++++++++++++++++++++++++- wolfcrypt/test/test.c | 16 +++++++++++++ wolfssl/wolfcrypt/ecc.h | 8 +++++-- 3 files changed, 72 insertions(+), 3 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 11c51fd4d..ef939bfb4 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -13843,7 +13843,9 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret + pubKeySz, &sharedSz); #endif - } while (ret == WC_PENDING_E); + } + while (ret == WC_PENDING_E); + if (ret == 0) { #ifdef WOLFSSL_ECIES_ISO18033 /* KDF data is encoded public key and secret. */ @@ -13855,6 +13857,30 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg, ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen); break; + case ecHKDF_SHA1 : + ret = wc_HKDF(WC_SHA, sharedSecret, sharedSz, ctx->kdfSalt, + ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, + keys, (word32)keysLen); + break; +#if defined(HAVE_X963_KDF) && !defined(NO_HASH_WRAPPER) + case ecKDF_X963_SHA1 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz, + ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen); + break; + case ecKDF_X963_SHA256 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz, + ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen); + break; + case ecKDF_SHA1 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz, + NULL, 0, keys, (word32)keysLen); + break; + case ecKDF_SHA256 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz, + NULL, 0, keys, (word32)keysLen); + break; +#endif + default: ret = BAD_FUNC_ARG; @@ -14250,6 +14276,29 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen); break; + case ecHKDF_SHA1 : + ret = wc_HKDF(WC_SHA, sharedSecret, sharedSz, ctx->kdfSalt, + ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, + keys, (word32)keysLen); + break; +#if defined(HAVE_X963_KDF) && !defined(NO_HASH_WRAPPER) + case ecKDF_X963_SHA1 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz, + ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen); + break; + case ecKDF_X963_SHA256 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz, + ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen); + break; + case ecKDF_SHA1 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz, + NULL, 0, keys, (word32)keysLen); + break; + case ecKDF_SHA256 : + ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz, + NULL, 0, keys, (word32)keysLen); + break; +#endif default: ret = BAD_FUNC_ARG; diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index cedc87a7f..3dde3cb55 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -29437,6 +29437,22 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_encrypt_test(void) printf("ECIES: AES_128_CBC, HKDF_SHA256, HMAC_SHA256\n"); } } +#ifdef HAVE_X963_KDF + if (ret == 0) { + ret = ecc_encrypt_e2e_test(&rng, userA, userB, ecAES_128_CBC, + ecKDF_X963_SHA256, ecHMAC_SHA256); + if (ret != 0) { + printf("ECIES: AES_128_CBC, KDF_X963_SHA256, HMAC_SHA256\n"); + } + } + if (ret == 0) { + ret = ecc_encrypt_e2e_test(&rng, userA, userB, ecAES_128_CBC, + ecKDF_SHA256, ecHMAC_SHA256); + if (ret != 0) { + printf("ECIES: AES_128_CBC, KDF_SHA256, HMAC_SHA256\n"); + } + } +#endif #endif #ifdef WOLFSSL_AES_256 if (ret == 0) { diff --git a/wolfssl/wolfcrypt/ecc.h b/wolfssl/wolfcrypt/ecc.h index 0f5d14e45..ff0467df9 100644 --- a/wolfssl/wolfcrypt/ecc.h +++ b/wolfssl/wolfcrypt/ecc.h @@ -895,8 +895,12 @@ enum ecEncAlgo { }; enum ecKdfAlgo { - ecHKDF_SHA256 = 1, /* default */ - ecHKDF_SHA1 = 2 + ecHKDF_SHA256 = 1, /* default */ + ecHKDF_SHA1 = 2, + ecKDF_X963_SHA1 = 3, + ecKDF_X963_SHA256 = 4, + ecKDF_SHA1 = 5, + ecKDF_SHA256 = 6 }; enum ecMacAlgo {