feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #5080 from JacobBarthelmeh/DH

Browse Source 
with WOLFSSL_NO_DH186 restriction allow odd DH param size generations
This commit is contained in:
John Safranek
2022-05-13 08:57:33 -07:00
committed by GitHub
parent 50f53f9576 5caef7eaba
commit 7305616452
2 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
wolfcrypt/src/dh.c
View File

@ -2845,7 +2845,16 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
groupSz = 32; groupSz = 32;
break; break;
default: default:
#if !defined(HAVE_FIPS) && defined(WOLFSSL_NO_DH186)
/* in non fips mode attempt to match strength of group size with
* mod size */
if (modSz < 2048)
groupSz = 20;
else
groupSz = 32;
#else
ret = BAD_FUNC_ARG; ret = BAD_FUNC_ARG;
#endif
break; break;
} }
} }

33
wolfcrypt/test/test.c
View File

@ -16033,9 +16033,42 @@ static int dh_generate_test(WC_RNG *rng)
} }
#else #else
(void)rng; (void)rng;
#if defined(HAVE_FIPS) || !defined(WOLFSSL_NO_DH186)
ret = 0; ret = 0;
#endif
#endif #endif
#if !defined(HAVE_FIPS) && defined(WOLFSSL_NO_DH186)
{
byte priv[260];
byte pub[260];
word32 privSz = sizeof(priv);
word32 pubSz = sizeof(pub);
/* test odd ball param generation with DH */
wc_FreeDhKey(smallKey);
ret = wc_InitDhKey_ex(smallKey, HEAP_HINT, devId);
if (ret != 0)
ERROR_OUT(-8019, exit_gen_test);
ret = wc_DhGenerateParams(rng, 2056, smallKey);
if (ret != 0) {
ERROR_OUT(-8020, exit_gen_test);
}
privSz = sizeof(priv);
pubSz = sizeof(pub);
ret = wc_DhGenerateKeyPair(smallKey, rng, priv, &privSz, pub, &pubSz);
#if defined(WOLFSSL_ASYNC_CRYPT)
ret = wc_AsyncWait(ret, &smallKey->asyncDev, WC_ASYNC_FLAG_NONE);
#endif
if (ret != 0) {
ERROR_OUT(-8021, exit_gen_test);
}
}
#endif /* !HAVE_FIPS and WOLFSSL_NO_DH186 */
exit_gen_test: exit_gen_test:
if (smallKey_inited) if (smallKey_inited)
wc_FreeDhKey(smallKey); wc_FreeDhKey(smallKey);