From 7022eb6f89ead81ed07f91d65f0269f9fa982a77 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Wed, 8 Dec 2021 18:04:11 -0500 Subject: [PATCH 1/3] Actually do a private/public key check for FALCON. --- wolfcrypt/src/asn.c | 3 +-- wolfcrypt/src/falcon.c | 17 +++++++++++++++-- wolfssl/wolfcrypt/falcon.h | 2 +- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index cc9f0b782..be961f8b8 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -28158,8 +28158,7 @@ int wc_Falcon_PrivateKeyDecode(const byte* input, word32* inOutIdx, pubKey, &pubKeyLen, keytype); if (ret == 0) { if (pubKeyLen == 0) { - ret = wc_falcon_import_private_only(privKey, privKeyLen, - key); + ret = wc_falcon_import_private_only(input, inSz, key); } else { ret = wc_falcon_import_private_key(privKey, privKeyLen, diff --git a/wolfcrypt/src/falcon.c b/wolfcrypt/src/falcon.c index 00dbe7705..04ea642c5 100644 --- a/wolfcrypt/src/falcon.c +++ b/wolfcrypt/src/falcon.c @@ -588,9 +588,22 @@ int wc_falcon_export_key(falcon_key* key, byte* priv, word32 *privSz, */ int wc_falcon_check_key(falcon_key* key) { - /* Might want to try to sign and verify a random message here. */ + /* Sign and verify a message. */ int ret = 0; - (void)key; + int res = 0; + byte msg[] = "The wolfSSL team is here to make you ready for quantum computers!!"; + word32 msglen = sizeof(msg); + byte sig[FALCON_MAX_SIG_SIZE]; + word32 siglen = sizeof(sig); + + ret = wc_falcon_sign_msg(msg, msglen, sig, &siglen, key); + + if (ret == 0) { + ret = wc_falcon_verify_msg(sig, siglen, msg, msglen, &res, key); + if ((ret != 0) || (res != 1)) { + ret = SIG_VERIFY_E; + } + } return ret; } diff --git a/wolfssl/wolfcrypt/falcon.h b/wolfssl/wolfcrypt/falcon.h index 3ff83a4ba..56c459b84 100644 --- a/wolfssl/wolfcrypt/falcon.h +++ b/wolfssl/wolfcrypt/falcon.h @@ -51,7 +51,7 @@ #define FALCON_LEVEL5_PUB_KEY_SIZE OQS_SIG_falcon_1024_length_public_key #define FALCON_LEVEL5_PRV_KEY_SIZE (FALCON_LEVEL5_PUB_KEY_SIZE+FALCON_LEVEL5_KEY_SIZE) -#define FALCON_MAX_KEY_SIZE FALCON_LEVEL5_KEY_SIZE +#define FALCON_MAX_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE #define FALCON_MAX_SIG_SIZE FALCON_LEVEL5_SIG_SIZE #define FALCON_MAX_PUB_KEY_SIZE FALCON_LEVEL5_PUB_KEY_SIZE #define FALCON_MAX_PRV_KEY_SIZE FALCON_LEVEL5_PRV_KEY_SIZE From 494abde3eb61e0e374837ce0f6a008797b0199a9 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Thu, 9 Dec 2021 09:45:28 -0500 Subject: [PATCH 2/3] Better casting. --- wolfcrypt/src/falcon.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/wolfcrypt/src/falcon.c b/wolfcrypt/src/falcon.c index 04ea642c5..8de9148bc 100644 --- a/wolfcrypt/src/falcon.c +++ b/wolfcrypt/src/falcon.c @@ -591,10 +591,11 @@ int wc_falcon_check_key(falcon_key* key) /* Sign and verify a message. */ int ret = 0; int res = 0; - byte msg[] = "The wolfSSL team is here to make you ready for quantum computers!!"; - word32 msglen = sizeof(msg); + const byte *msg = (const byte *)"The wolfSSL team is here to make you " + "ready for quantum computers!!"; + word32 msglen = (word32)sizeof(msg); byte sig[FALCON_MAX_SIG_SIZE]; - word32 siglen = sizeof(sig); + word32 siglen = (word32)sizeof(sig); ret = wc_falcon_sign_msg(msg, msglen, sig, &siglen, key); From 6b5fa9d0ae7f81a9245a00ace5e5fa035c578738 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Thu, 9 Dec 2021 17:12:42 -0500 Subject: [PATCH 3/3] remove consistency check; let it fail elsewhere. --- wolfcrypt/src/asn.c | 4 +--- wolfcrypt/src/falcon.c | 22 +++++----------------- 2 files changed, 6 insertions(+), 20 deletions(-) diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index be961f8b8..fdc852552 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -6217,9 +6217,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz, keyIdx = 0; if ((ret = wc_falcon_import_public(pubKey, pubKeySz, key_pair)) == 0) { - /* public and private extracted successfully no check if is - * a pair and also do sanity checks on key. wc_ecc_check_key - * checks that private * base generator equals pubkey */ + /* Public and private extracted successfully. Sanity check. */ if ((ret = wc_falcon_check_key(key_pair)) == 0) ret = 1; } diff --git a/wolfcrypt/src/falcon.c b/wolfcrypt/src/falcon.c index 8de9148bc..a18442331 100644 --- a/wolfcrypt/src/falcon.c +++ b/wolfcrypt/src/falcon.c @@ -588,24 +588,12 @@ int wc_falcon_export_key(falcon_key* key, byte* priv, word32 *privSz, */ int wc_falcon_check_key(falcon_key* key) { - /* Sign and verify a message. */ - int ret = 0; - int res = 0; - const byte *msg = (const byte *)"The wolfSSL team is here to make you " - "ready for quantum computers!!"; - word32 msglen = (word32)sizeof(msg); - byte sig[FALCON_MAX_SIG_SIZE]; - word32 siglen = (word32)sizeof(sig); - - ret = wc_falcon_sign_msg(msg, msglen, sig, &siglen, key); - - if (ret == 0) { - ret = wc_falcon_verify_msg(sig, siglen, msg, msglen, &res, key); - if ((ret != 0) || (res != 1)) { - ret = SIG_VERIFY_E; - } + if (key == NULL) { + return BAD_FUNC_ARG; } - return ret; + + /* Assume everything is fine. */ + return 0; } /* Returns the size of a falcon private key.