feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #8730 from philljj/linuxkm_pkcs1pad_more

Browse Source 
linuxkm rsa: add more pkcs1pad sha variants
This commit is contained in:
Daniel Pouzzner
2025-05-05 16:59:29 -05:00
committed by GitHub
parent 6296dfdb1e a341333589
commit 629d812eb3
2 changed files with 373 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
linuxkm/lkcapi_glue.c
View File

@@ -508,14 +508,23 @@ static int linuxkm_lkcapi_register(void)
#if defined(LINUXKM_DIRECT_RSA)
REGISTER_ALG(direct_rsa, akcipher, linuxkm_test_rsa);
#endif /* LINUXKM_DIRECT_RSA */
#ifdef WOLFSSL_SHA224
REGISTER_ALG(pkcs1_sha224, akcipher, linuxkm_test_pkcs1_sha224);
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
REGISTER_ALG(pkcs1_sha256, akcipher,
linuxkm_test_pkcs1_sha256);
REGISTER_ALG(pkcs1_sha256, akcipher, linuxkm_test_pkcs1_sha256);
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
REGISTER_ALG(pkcs1_sha384, akcipher, linuxkm_test_pkcs1_sha384);
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
REGISTER_ALG(pkcs1_sha512, akcipher,
linuxkm_test_pkcs1_sha512);
REGISTER_ALG(pkcs1_sha512, akcipher, linuxkm_test_pkcs1_sha512);
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
REGISTER_ALG(pkcs1_sha3_256, akcipher, linuxkm_test_pkcs1_sha3_256);
REGISTER_ALG(pkcs1_sha3_384, akcipher, linuxkm_test_pkcs1_sha3_384);
REGISTER_ALG(pkcs1_sha3_512, akcipher, linuxkm_test_pkcs1_sha3_512);
#endif /* WOLFSSL_SHA3 */
#endif
#ifdef LINUXKM_LKCAPI_REGISTER_DH
@@ -736,12 +745,26 @@ static int linuxkm_lkcapi_unregister(void)
#if defined(LINUXKM_DIRECT_RSA)
UNREGISTER_ALG(direct_rsa, akcipher);
#endif /* LINUXKM_DIRECT_RSA */
#ifdef WOLFSSL_SHA224
UNREGISTER_ALG(pkcs1_sha224, akcipher);
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
UNREGISTER_ALG(pkcs1_sha256, akcipher);
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
UNREGISTER_ALG(pkcs1_sha384, akcipher);
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA384
UNREGISTER_ALG(pkcs1_sha384, akcipher);
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
UNREGISTER_ALG(pkcs1_sha512, akcipher);
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
UNREGISTER_ALG(pkcs1_sha3_256, akcipher);
UNREGISTER_ALG(pkcs1_sha3_384, akcipher);
UNREGISTER_ALG(pkcs1_sha3_512, akcipher);
#endif /* WOLFSSL_SHA3 */
#endif /* LINUXKM_LKCAPI_REGISTER_RSA */
#ifdef LINUXKM_LKCAPI_REGISTER_DH

408
linuxkm/lkcapi_rsa_glue.c
View File

@@ -77,14 +77,34 @@
#define WOLFKM_RSA_NAME ("rsa")
#define WOLFKM_RSA_DRIVER ("rsa" WOLFKM_DRIVER_FIPS "-wolfcrypt")
#define WOLFKM_PKCS1_SHA224_NAME ("pkcs1pad(rsa,sha224)")
#define WOLFKM_PKCS1_SHA224_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha224)")
#define WOLFKM_PKCS1_SHA256_NAME ("pkcs1pad(rsa,sha256)")
#define WOLFKM_PKCS1_SHA256_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha256)")
#define WOLFKM_PKCS1_SHA384_NAME ("pkcs1pad(rsa,sha384)")
#define WOLFKM_PKCS1_SHA384_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha384)")
#define WOLFKM_PKCS1_SHA512_NAME ("pkcs1pad(rsa,sha512)")
#define WOLFKM_PKCS1_SHA512_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha512)")
#define WOLFKM_PKCS1_SHA3_256_NAME ("pkcs1pad(rsa,sha3-256)")
#define WOLFKM_PKCS1_SHA3_256_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha3-256)")
#define WOLFKM_PKCS1_SHA3_384_NAME ("pkcs1pad(rsa,sha3-384)")
#define WOLFKM_PKCS1_SHA3_384_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha3-384)")
#define WOLFKM_PKCS1_SHA3_512_NAME ("pkcs1pad(rsa,sha3-512)")
#define WOLFKM_PKCS1_SHA3_512_DRIVER ("pkcs1pad(rsa" WOLFKM_DRIVER_FIPS \
"-wolfcrypt,sha3-512)")
#if defined(WOLFSSL_KEY_GEN)
#if defined(LINUXKM_DIRECT_RSA)
static int linuxkm_test_rsa_driver(const char * driver, int nbits);
@@ -96,12 +116,23 @@
#if defined(LINUXKM_DIRECT_RSA)
static int direct_rsa_loaded = 0;
#endif /* LINUXKM_DIRECT_RSA */
#ifdef WOLFSSL_SHA224
static int pkcs1_sha224_loaded = 0;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
static int pkcs1_sha256_loaded = 0;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
static int pkcs1_sha384_loaded = 0;
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
static int pkcs1_sha512_loaded = 0;
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
static int pkcs1_sha3_256_loaded = 0;
static int pkcs1_sha3_384_loaded = 0;
static int pkcs1_sha3_512_loaded = 0;
#endif /* WOLFSSL_SHA3 */
struct km_rsa_ctx {
WC_RNG rng; /* needed for pkcs1 padding, and blinding */
@@ -128,12 +159,23 @@ static unsigned int km_rsa_max_size(struct crypto_akcipher *tfm);
#endif /* LINUXKM_DIRECT_RSA */
/* pkcs1 callbacks */
#ifdef WOLFSSL_SHA224
static int km_pkcs1_sha224_init(struct crypto_akcipher *tfm);
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
static int km_pkcs1_sha256_init(struct crypto_akcipher *tfm);
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
static int km_pkcs1_sha384_init(struct crypto_akcipher *tfm);
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
static int km_pkcs1_sha512_init(struct crypto_akcipher *tfm);
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
static int km_pkcs1_sha3_256_init(struct crypto_akcipher *tfm);
static int km_pkcs1_sha3_384_init(struct crypto_akcipher *tfm);
static int km_pkcs1_sha3_512_init(struct crypto_akcipher *tfm);
#endif /* WOLFSSL_SHA3 */
#if !defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
static int km_pkcs1_sign(struct akcipher_request *req);
static int km_pkcs1_verify(struct akcipher_request *req);
@@ -162,6 +204,27 @@ static struct akcipher_alg direct_rsa = {
};
#endif /* LINUXKM_DIRECT_RSA */
#ifdef WOLFSSL_SHA224
static struct akcipher_alg pkcs1_sha224 = {
.base.cra_name = WOLFKM_PKCS1_SHA224_NAME,
.base.cra_driver_name = WOLFKM_PKCS1_SHA224_DRIVER,
.base.cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY,
.base.cra_module = THIS_MODULE,
.base.cra_ctxsize = sizeof(struct km_rsa_ctx),
#if !defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
.sign = km_pkcs1_sign,
.verify = km_pkcs1_verify,
#endif /* !LINUXKM_AKCIPHER_NO_SIGNVERIFY */
.encrypt = km_pkcs1_enc,
.decrypt = km_pkcs1_dec,
.set_priv_key = km_rsa_set_priv,
.set_pub_key = km_rsa_set_pub,
.max_size = km_rsa_max_size,
.init = km_pkcs1_sha224_init,
.exit = km_rsa_exit,
};
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
static struct akcipher_alg pkcs1_sha256 = {
.base.cra_name = WOLFKM_PKCS1_SHA256_NAME,
@@ -183,6 +246,27 @@ static struct akcipher_alg pkcs1_sha256 = {
};
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
static struct akcipher_alg pkcs1_sha384 = {
.base.cra_name = WOLFKM_PKCS1_SHA384_NAME,
.base.cra_driver_name = WOLFKM_PKCS1_SHA384_DRIVER,
.base.cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY,
.base.cra_module = THIS_MODULE,
.base.cra_ctxsize = sizeof(struct km_rsa_ctx),
#if !defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
.sign = km_pkcs1_sign,
.verify = km_pkcs1_verify,
#endif /* !LINUXKM_AKCIPHER_NO_SIGNVERIFY */
.encrypt = km_pkcs1_enc,
.decrypt = km_pkcs1_dec,
.set_priv_key = km_rsa_set_priv,
.set_pub_key = km_rsa_set_pub,
.max_size = km_rsa_max_size,
.init = km_pkcs1_sha384_init,
.exit = km_rsa_exit,
};
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
static struct akcipher_alg pkcs1_sha512 = {
.base.cra_name = WOLFKM_PKCS1_SHA512_NAME,
@@ -204,6 +288,65 @@ static struct akcipher_alg pkcs1_sha512 = {
};
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
static struct akcipher_alg pkcs1_sha3_256 = {
.base.cra_name = WOLFKM_PKCS1_SHA3_256_NAME,
.base.cra_driver_name = WOLFKM_PKCS1_SHA3_256_DRIVER,
.base.cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY,
.base.cra_module = THIS_MODULE,
.base.cra_ctxsize = sizeof(struct km_rsa_ctx),
#if !defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
.sign = km_pkcs1_sign,
.verify = km_pkcs1_verify,
#endif /* !LINUXKM_AKCIPHER_NO_SIGNVERIFY */
.encrypt = km_pkcs1_enc,
.decrypt = km_pkcs1_dec,
.set_priv_key = km_rsa_set_priv,
.set_pub_key = km_rsa_set_pub,
.max_size = km_rsa_max_size,
.init = km_pkcs1_sha3_256_init,
.exit = km_rsa_exit,
};
static struct akcipher_alg pkcs1_sha3_384 = {
.base.cra_name = WOLFKM_PKCS1_SHA3_384_NAME,
.base.cra_driver_name = WOLFKM_PKCS1_SHA3_384_DRIVER,
.base.cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY,
.base.cra_module = THIS_MODULE,
.base.cra_ctxsize = sizeof(struct km_rsa_ctx),
#if !defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
.sign = km_pkcs1_sign,
.verify = km_pkcs1_verify,
#endif /* !LINUXKM_AKCIPHER_NO_SIGNVERIFY */
.encrypt = km_pkcs1_enc,
.decrypt = km_pkcs1_dec,
.set_priv_key = km_rsa_set_priv,
.set_pub_key = km_rsa_set_pub,
.max_size = km_rsa_max_size,
.init = km_pkcs1_sha3_384_init,
.exit = km_rsa_exit,
};
static struct akcipher_alg pkcs1_sha3_512 = {
.base.cra_name = WOLFKM_PKCS1_SHA3_512_NAME,
.base.cra_driver_name = WOLFKM_PKCS1_SHA3_512_DRIVER,
.base.cra_priority = WOLFSSL_LINUXKM_LKCAPI_PRIORITY,
.base.cra_module = THIS_MODULE,
.base.cra_ctxsize = sizeof(struct km_rsa_ctx),
#if !defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
.sign = km_pkcs1_sign,
.verify = km_pkcs1_verify,
#endif /* !LINUXKM_AKCIPHER_NO_SIGNVERIFY */
.encrypt = km_pkcs1_enc,
.decrypt = km_pkcs1_dec,
.set_priv_key = km_rsa_set_priv,
.set_pub_key = km_rsa_set_pub,
.max_size = km_rsa_max_size,
.init = km_pkcs1_sha3_512_init,
.exit = km_rsa_exit,
};
#endif /* WOLFSSL_SHA3 */
static int km_rsa_init(struct crypto_akcipher *tfm, int hash_oid)
{
struct km_rsa_ctx * ctx = NULL;
@@ -249,16 +392,37 @@ static int km_rsa_init(struct crypto_akcipher *tfm, int hash_oid)
case 0:
ctx->digest_len = 0;
break;
#ifdef WOLFSSL_SHA224
case SHA224h:
ctx->digest_len = WC_SHA224_DIGEST_SIZE;
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case SHA256h:
ctx->digest_len = WC_SHA256_DIGEST_SIZE;
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
case SHA384h:
ctx->digest_len = WC_SHA384_DIGEST_SIZE;
break;
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
case SHA512h:
ctx->digest_len = WC_SHA512_DIGEST_SIZE;
break;
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
case SHA3_256h:
ctx->digest_len = WC_SHA3_256_DIGEST_SIZE;
break;
case SHA3_384h:
ctx->digest_len = WC_SHA3_384_DIGEST_SIZE;
break;
case SHA3_512h:
ctx->digest_len = WC_SHA3_512_DIGEST_SIZE;
break;
#endif /* WOLFSSL_SHA3 */
default:
pr_err("%s: init: unhandled hash_oid: %d\n", WOLFKM_RSA_DRIVER,
hash_oid);
@@ -520,7 +684,7 @@ static int km_rsa_set_priv(struct crypto_akcipher *tfm, const void *key,
ctx->key_len = (word32) key_len;
#ifdef WOLFKM_DEBUG_RSA
pr_info("info: exiting km_rsa_set_priv\n");
pr_info("info: exiting km_rsa_set_priv: %d\n", keylen);
#endif /* WOLFKM_DEBUG_RSA */
return err;
}
@@ -575,7 +739,7 @@ static int km_rsa_set_pub(struct crypto_akcipher *tfm, const void *key,
ctx->key_len = (word32) key_len;
#ifdef WOLFKM_DEBUG_RSA
pr_info("info: exiting km_rsa_set_pub\n");
pr_info("info: exiting km_rsa_set_pub %d\n", keylen);
#endif /* WOLFKM_DEBUG_RSA */
return err;
}
@@ -619,6 +783,13 @@ static void km_rsa_exit(struct crypto_akcipher *tfm)
return;
}
#ifdef WOLFSSL_SHA224
static int km_pkcs1_sha224_init(struct crypto_akcipher *tfm)
{
return km_rsa_init(tfm, SHA224h);
}
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
static int km_pkcs1_sha256_init(struct crypto_akcipher *tfm)
{
@@ -626,12 +797,35 @@ static int km_pkcs1_sha256_init(struct crypto_akcipher *tfm)
}
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
static int km_pkcs1_sha384_init(struct crypto_akcipher *tfm)
{
return km_rsa_init(tfm, SHA384h);
}
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
static int km_pkcs1_sha512_init(struct crypto_akcipher *tfm)
{
return km_rsa_init(tfm, SHA512h);
}
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
static int km_pkcs1_sha3_256_init(struct crypto_akcipher *tfm)
{
return km_rsa_init(tfm, SHA3_256h);
}
static int km_pkcs1_sha3_384_init(struct crypto_akcipher *tfm)
{
return km_rsa_init(tfm, SHA3_384h);
}
static int km_pkcs1_sha3_512_init(struct crypto_akcipher *tfm)
{
return km_rsa_init(tfm, SHA3_512h);
}
#endif /* WOLFSSL_SHA3 */
#if !defined(LINUXKM_AKCIPHER_NO_SIGNVERIFY)
static int km_pkcs1_sign(struct akcipher_request *req)
@@ -725,8 +919,10 @@ pkcs1_sign_out:
if (sig != NULL) { free(sig); sig = NULL; }
#ifdef WOLFKM_DEBUG_RSA
pr_info("info: exiting km_pkcs1_sign\n");
pr_info("info: exiting km_pkcs1_sign msg_len %d, enc_msg_len %d,"
" sig_len %d, err %d", req->src_len, enc_len, sig_len, err);
#endif /* WOLFKM_DEBUG_RSA */
return err;
}
@@ -774,12 +970,20 @@ static int km_pkcs1_verify(struct akcipher_request *req)
hash_enc_len = get_hash_enc_len(ctx->hash_oid);
if (hash_enc_len <= 0) {
#ifdef WOLFKM_DEBUG_RSA
pr_err("error: %s: bad hash enc len %d",
WOLFKM_RSA_DRIVER, hash_enc_len);
#endif /* WOLFKM_DEBUG_RSA */
err = -EINVAL;
goto pkcs1_verify_out;
}
if (msg_len != ctx->digest_len || sig_len != ctx->key_len) {
/* invalid src or dst args */
#ifdef WOLFKM_DEBUG_RSA
pr_err("error: %s: got msg_len %d, expected %d",
WOLFKM_RSA_DRIVER, msg_len, ctx->digest_len);
#endif /* WOLFKM_DEBUG_RSA */
err = -EINVAL;
goto pkcs1_verify_out;
}
@@ -836,7 +1040,8 @@ pkcs1_verify_out:
if (sig != NULL) { free(sig); sig = NULL; }
#ifdef WOLFKM_DEBUG_RSA
pr_info("info: exiting km_pkcs1_verify\n");
pr_info("info: exiting km_pkcs1_verify msg_len %d, enc_msg_len %d,"
" sig_len %d, err %d", msg_len, enc_msg_len, sig_len, err);
#endif /* WOLFKM_DEBUG_RSA */
return err;
}
@@ -911,7 +1116,7 @@ pkcs1_enc_out:
if (enc != NULL) { free(enc); enc = NULL; }
if (dec != NULL) { free(dec); dec = NULL; }
#ifdef WOLFKM_DEBUG_RSA
pr_info("info: exiting km_pkcs1_enc\n");
pr_info("info: exiting km_pkcs1_enc %d\n", err);
#endif /* WOLFKM_DEBUG_RSA */
return err;
}
@@ -991,7 +1196,7 @@ pkcs1_dec_out:
if (dec != NULL) { free(dec); dec = NULL; }
#ifdef WOLFKM_DEBUG_RSA
pr_info("info: exiting km_pkcs1_dec\n");
pr_info("info: exiting km_pkcs1_dec %d", err);
#endif /* WOLFKM_DEBUG_RSA */
return err;
}
@@ -1021,7 +1226,7 @@ static int linuxkm_test_rsa(void)
rc = linuxkm_test_rsa_driver(WOLFKM_RSA_DRIVER, 4096);
if (rc) { return rc; }
#ifdef WOLFKM_DEBUG_RSA_GENERIC
/* repeat test against stock linux RSA akcipher. */
rc = linuxkm_test_rsa_driver("rsa-generic", 2048);
if (rc) { return rc; }
@@ -1031,6 +1236,7 @@ static int linuxkm_test_rsa(void)
rc = linuxkm_test_rsa_driver("rsa-generic", 4096);
if (rc) { return rc; }
#endif /* WOLFKM_DEBUG_RSA_GENERIC */
#endif /* WOLFKM_DEBUG_RSA */
#endif /* WOLFSSL_KEY_GEN */
@@ -1038,82 +1244,153 @@ static int linuxkm_test_rsa(void)
}
#endif /* LINUXKM_DIRECT_RSA */
#if defined(WOLFSSL_KEY_GEN)
/* Test the given pkcs1 wolfcrypt driver and generic driver for a
* hash oid and hash length.
* */
static int linuxkm_test_pkcs1_hash(const char * wc_driver,
const char * generic_driver,
int hash_oid, word32 hash_len)
{
int rc = 0;
rc = linuxkm_test_pkcs1_driver(wc_driver, 2048,
hash_oid, hash_len);
if (rc) { return rc; }
#ifdef WOLFKM_DEBUG_RSA
/* repeat with additional key lengths */
rc = linuxkm_test_pkcs1_driver(wc_driver, 3072,
hash_oid, hash_len);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver(wc_driver, 4096,
hash_oid, hash_len);
if (rc) { return rc; }
#ifdef WOLFKM_DEBUG_RSA_GENERIC
/* repeat tests against stock linux rsa-generic pkcs1pad. */
rc = linuxkm_test_pkcs1_driver(generic_driver, 2048,
hash_oid, hash_len);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver(generic_driver, 3072,
hash_oid, hash_len);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver(generic_driver, 4096,
hash_oid, hash_len);
if (rc) { return rc; }
#endif /* WOLFKM_DEBUG_RSA_GENERIC */
#endif /* WOLFKM_DEBUG_RSA */
(void)generic_driver;
return rc;
}
#endif /* WOLFSSL_KEY_GEN */
#ifdef WOLFSSL_SHA224
static int linuxkm_test_pkcs1_sha224(void)
{
int rc = 0;
#if defined(WOLFSSL_KEY_GEN)
rc = linuxkm_test_pkcs1_hash(WOLFKM_PKCS1_SHA224_DRIVER,
"pkcs1pad(rsa-generic,sha224)",
SHA224h, WC_SHA224_DIGEST_SIZE);
#endif /* WOLFSSL_KEY_GEN */
return rc;
}
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
static int linuxkm_test_pkcs1_sha256(void)
{
int rc = 0;
#ifdef WOLFSSL_KEY_GEN
rc = linuxkm_test_pkcs1_driver(WOLFKM_PKCS1_SHA256_DRIVER, 2048,
SHA256h, 32);
if (rc) { return rc; }
#ifdef WOLFKM_DEBUG_RSA
rc = linuxkm_test_pkcs1_driver(WOLFKM_PKCS1_SHA256_DRIVER, 3072,
SHA256h, 32);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver(WOLFKM_PKCS1_SHA256_DRIVER, 4096,
SHA256h, 32);
if (rc) { return rc; }
/* repeat test against stock linux pkcs1pad. */
rc = linuxkm_test_pkcs1_driver("pkcs1pad(rsa-generic,sha256)", 2048,
SHA256h, 32);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver("pkcs1pad(rsa-generic,sha256)", 3072,
SHA256h, 32);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver("pkcs1pad(rsa-generic,sha256)", 4096,
SHA256h, 32);
if (rc) { return rc; }
#endif /* WOLFKM_DEBUG_RSA */
#if defined(WOLFSSL_KEY_GEN)
rc = linuxkm_test_pkcs1_hash(WOLFKM_PKCS1_SHA256_DRIVER,
"pkcs1pad(rsa-generic,sha256)",
SHA256h, WC_SHA256_DIGEST_SIZE);
#endif /* WOLFSSL_KEY_GEN */
return rc;
}
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA384
static int linuxkm_test_pkcs1_sha384(void)
{
int rc = 0;
#if defined(WOLFSSL_KEY_GEN)
rc = linuxkm_test_pkcs1_hash(WOLFKM_PKCS1_SHA384_DRIVER,
"pkcs1pad(rsa-generic,sha384)",
SHA384h, WC_SHA384_DIGEST_SIZE);
#endif /* WOLFSSL_KEY_GEN */
return rc;
}
#endif /* WOLFSSL_SHA384 */
#ifdef WOLFSSL_SHA512
static int linuxkm_test_pkcs1_sha512(void)
{
int rc = 0;
#ifdef WOLFSSL_KEY_GEN
rc = linuxkm_test_pkcs1_driver(WOLFKM_PKCS1_SHA512_DRIVER, 2048,
SHA512h, 64);
if (rc) { return rc; }
#ifdef WOLFKM_DEBUG_RSA
rc = linuxkm_test_pkcs1_driver(WOLFKM_PKCS1_SHA512_DRIVER, 3072,
SHA512h, 64);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver(WOLFKM_PKCS1_SHA512_DRIVER, 4096,
SHA512h, 64);
if (rc) { return rc; }
/* repeat test against stock linux pkcs1pad. */
rc = linuxkm_test_pkcs1_driver("pkcs1pad(rsa-generic,sha512)", 2048,
SHA512h, 64);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver("pkcs1pad(rsa-generic,sha512)", 3072,
SHA512h, 64);
if (rc) { return rc; }
rc = linuxkm_test_pkcs1_driver("pkcs1pad(rsa-generic,sha512)", 4096,
SHA512h, 64);
if (rc) { return rc; }
#endif /* WOLFKM_DEBUG_RSA */
#if defined(WOLFSSL_KEY_GEN)
rc = linuxkm_test_pkcs1_hash(WOLFKM_PKCS1_SHA512_DRIVER,
"pkcs1pad(rsa-generic,sha512)",
SHA512h, WC_SHA512_DIGEST_SIZE);
#endif /* WOLFSSL_KEY_GEN */
return rc;
}
#endif /* WOLFSSL_SHA512 */
#ifdef WOLFSSL_SHA3
static int linuxkm_test_pkcs1_sha3_256(void)
{
int rc = 0;
#if defined(WOLFSSL_KEY_GEN)
rc = linuxkm_test_pkcs1_hash(WOLFKM_PKCS1_SHA3_256_DRIVER,
"pkcs1pad(rsa-generic,sha3-256)",
SHA3_256h, WC_SHA3_256_DIGEST_SIZE);
#endif /* WOLFSSL_KEY_GEN */
return rc;
}
static int linuxkm_test_pkcs1_sha3_384(void)
{
int rc = 0;
#if defined(WOLFSSL_KEY_GEN)
rc = linuxkm_test_pkcs1_hash(WOLFKM_PKCS1_SHA3_384_DRIVER,
"pkcs1pad(rsa-generic,sha3-384)",
SHA3_384h, WC_SHA3_384_DIGEST_SIZE);
#endif /* WOLFSSL_KEY_GEN */
return rc;
}
static int linuxkm_test_pkcs1_sha3_512(void)
{
int rc = 0;
#if defined(WOLFSSL_KEY_GEN)
rc = linuxkm_test_pkcs1_hash(WOLFKM_PKCS1_SHA3_512_DRIVER,
"pkcs1pad(rsa-generic,sha3-512)",
SHA3_512h, WC_SHA3_512_DIGEST_SIZE);
#endif /* WOLFSSL_KEY_GEN */
return rc;
}
#endif /* WOLFSSL_SHA3 */
#if defined(LINUXKM_DIRECT_RSA) && defined(WOLFSSL_KEY_GEN)
/*
* Test linux kernel crypto driver:
@@ -1481,13 +1758,15 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits,
#endif /* !LINUXKM_AKCIPHER_NO_SIGNVERIFY */
int n_diff = 0;
hash = malloc(WC_SHA512_DIGEST_SIZE);
hash = malloc(hash_len);
if (! hash) {
pr_err("error: allocating hash buffer failed.\n");
test_rc = MEMORY_E;
goto test_pkcs1_end;
}
memset(hash, 0, hash_len);
/* hash the test msg with hash algo. */
ret = wc_Hash(wc_OidGetHash(hash_oid), p_vector, sizeof(p_vector),
hash, hash_len);
@@ -1930,8 +2209,13 @@ static int get_hash_enc_len(int hash_oid)
int enc_len = -1;
switch (hash_oid) {
case SHA224h:
case SHA256h:
case SHA384h:
case SHA512h:
case SHA3_256h:
case SHA3_384h:
case SHA3_512h:
enc_len = 19;
break;
default: