feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fixes for building Ed/Curve for building on 32/64 bit with uint64_t. Fixes for build with Ed/Curve with ECC disabled.

Browse Source
This commit is contained in:
David Garske
2017-06-19 10:09:12 -07:00
parent ee83710a0a
commit 7fdb7037d8
6 changed files with 66 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
src/internal.c
View File

@ -3429,6 +3429,7 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
return ret;
}
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
/* Sign the data using EdDSA and key using X25519.
@ -3640,7 +3641,7 @@ static int X25519MakeKey(WOLFSSL* ssl, curve25519_key* key,
return ret;
}
#endif /* HAVE_CURVE25519 */
#endif /* HAVE_ECC */
#endif /* !NO_CERTS */
#if !defined(NO_CERTS) || !defined(NO_PSK)
@ -17906,7 +17907,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
}
break;
#endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK)
#if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea:
/* sanity check that PSK client callback has been set */
if (ssl->options.client_psk_cb == NULL) {
@ -17963,7 +17964,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, ssl->peerEccKey);
break;
#endif /* HAVE_ECC && !NO_PSK */
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
#ifdef HAVE_NTRU
case ntru_kea:
if (ssl->peerNtruKeyPresent == 0) {
@ -17971,10 +17972,12 @@ int SendClientKeyExchange(WOLFSSL* ssl)
}
break;
#endif /* HAVE_NTRU */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea:
{
#ifdef HAVE_ECC
ecc_key* peerKey;
#endif
#ifdef HAVE_PK_CALLBACKS
/* if callback then use it for shared secret */
@ -18007,8 +18010,8 @@ int SendClientKeyExchange(WOLFSSL* ssl)
ssl->peerX25519Key);
break;
}
else
#endif
#ifdef HAVE_ECC
if (ssl->specs.static_ecdh) {
/* TODO: EccDsa is really fixed Ecc change naming */
if (!ssl->peerEccDsaKey ||
@ -18037,10 +18040,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
}
ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, peerKey);
#endif
break;
}
#endif /* HAVE_ECC */
#endif /* HAVE_ECC || HAVE_CURVE25519 */
default:
ret = BAD_KEA_TYPE_E;
@ -18206,7 +18210,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break;
}
#endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK)
#if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea:
{
word32 esSz = 0;
@ -18291,7 +18295,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break;
}
#endif /* HAVE_NTRU */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea:
{
ssl->arrays->preMasterSz = ENCRYPT_LEN;
@ -18316,6 +18320,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break;
}
#endif
#ifdef HAVE_ECC
#ifdef HAVE_PK_CALLBACKS
/* if callback then use it for shared secret */
if (ssl->ctx->EccSharedSecretCb != NULL) {
@ -18329,9 +18334,10 @@ int SendClientKeyExchange(WOLFSSL* ssl)
if (ret != 0) {
ERROR_OUT(ECC_EXPORT_ERROR, exit_scke);
}
#endif /* HAVE_ECC */
break;
}
#endif /* HAVE_ECC */
#endif /* HAVE_ECC || HAVE_CURVE25519 */
default:
ret = BAD_KEA_TYPE_E;
@ -18400,7 +18406,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break;
}
#endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK)
#if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea:
{
#ifdef HAVE_CURVE25519
@ -18434,7 +18440,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
);
break;
}
#endif /* HAVE_ECC && !NO_PSK */
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
#ifdef HAVE_NTRU
case ntru_kea:
{
@ -18459,10 +18465,12 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break;
}
#endif /* HAVE_NTRU */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea:
{
#ifdef HAVE_ECC
ecc_key* peerKey;
#endif
#ifdef HAVE_CURVE25519
if (ssl->peerX25519KeyPresent) {
@ -18481,6 +18489,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
break;
}
#endif
#ifdef HAVE_ECC
peerKey = (ssl->specs.static_ecdh) ?
ssl->peerEccDsaKey : ssl->peerEccKey;
@ -18496,10 +18505,11 @@ int SendClientKeyExchange(WOLFSSL* ssl)
NULL
#endif
);
#endif
break;
}
#endif /* HAVE_ECC */
#endif /* HAVE_ECC || HAVE_CURVE25519 */
default:
ret = BAD_KEA_TYPE_E;
@ -19968,7 +19978,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case ecdhe_psk_kea:
/* Fall through to create temp ECC key */
#endif /* HAVE_ECC && !NO_PSK */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea:
{
#ifdef HAVE_CURVE25519
@ -19993,6 +20003,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif
#ifdef HAVE_ECC
/* need ephemeral key now, create it if missing */
if (ssl->eccTempKey == NULL) {
/* alloc/init on demand */
@ -20011,9 +20022,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->eccTempKeyPresent = 1;
}
}
#endif
break;
}
#endif /* HAVE_ECC */
#endif /* HAVE_ECC || HAVE_CURVE25519 */
default:
/* Skip ServerKeyExchange */
goto exit_sske;
@ -23079,9 +23091,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif /* HAVE_NTRU */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea:
{
#ifdef HAVE_ECC
ecc_key* private_key = ssl->eccTempKey;
/* handle static private key */
@ -23109,6 +23122,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
}
}
#endif
/* import peer ECC key */
if ((args->idx - args->begin) + OPAQUE8_LEN > size) {
@ -23162,6 +23176,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif
#ifdef HAVE_ECC
#ifdef HAVE_PK_CALLBACKS
/* if callback then use it for shared secret */
if (ssl->ctx->EccSharedSecretCb != NULL) {
@ -23197,13 +23212,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
}
ssl->peerEccKeyPresent = 1;
#endif /* HAVE_ECC */
if (ret != 0) {
goto exit_dcke;
}
break;
}
#endif /* HAVE_ECC */
#endif /* HAVE_ECC || HAVE_CURVE25519 */
#ifndef NO_DH
case diffie_hellman_kea:
{
@ -23290,7 +23306,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK)
#if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea:
{
word16 clientSz;
@ -23406,7 +23422,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->peerEccKeyPresent = 1;
break;
}
#endif /* HAVE_ECC && !NO_PSK */
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
default:
ret = BAD_KEA_TYPE_E;
} /* switch (ssl->specs.kea) */
@ -23457,7 +23473,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif /* HAVE_NTRU */
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
case ecc_diffie_hellman_kea:
{
void* private_key = ssl->eccTempKey;
@ -23480,6 +23496,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif
#ifdef HAVE_ECC
if (ssl->specs.static_ecdh) {
private_key = ssl->hsKey;
}
@ -23497,9 +23514,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
NULL
#endif
);
#endif
break;
}
#endif /* HAVE_ECC */
#endif /* HAVE_ECC || HAVE_CURVE25519 */
#ifndef NO_DH
case diffie_hellman_kea:
{
@ -23526,7 +23544,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
break;
}
#endif /* !NO_DH && !NO_PSK */
#if defined(HAVE_ECC) && !defined(NO_PSK)
#if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK)
case ecdhe_psk_kea:
{
#ifdef HAVE_CURVE25519
@ -23562,7 +23580,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
);
break;
}
#endif /* HAVE_ECC && !NO_PSK */
#endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */
default:
ret = BAD_KEA_TYPE_E;
} /* switch (ssl->specs.kea) */

6
wolfcrypt/src/fe_operations.c
View File

@ -44,6 +44,8 @@
#ifdef HAVE___UINT128_T
#include "fe_x25519_128.i"
#else
#ifdef HAVE_CURVE25519
/*
fe means field element.
Here the field is \Z/(2^255-19).
@ -71,7 +73,7 @@ uint64_t load_4(const unsigned char *in)
result |= ((uint64_t) in[3]) << 24;
return result;
}
#endif
/*
h = 1
@ -570,6 +572,7 @@ void fe_sub(fe h,const fe f,const fe g)
}
#ifdef HAVE_CURVE25519
/*
Ignores top bit of h.
*/
@ -620,6 +623,7 @@ void fe_frombytes(fe h,const unsigned char *s)
h[8] = (int32_t)h8;
h[9] = (int32_t)h9;
}
#endif
void fe_invert(fe out,const fe z)

26
wolfssl/internal.h
View File

@ -1680,7 +1680,7 @@ struct WOLFSSL_CERT_MANAGER {
#ifndef NO_RSA
short minRsaKeySz; /* minimum allowed RSA key size */
#endif
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_ED25519)
short minEccKeySz; /* minimum allowed ECC key size */
#endif
};
@ -2196,7 +2196,7 @@ struct WOLFSSL_CTX {
#ifndef NO_RSA
short minRsaKeySz; /* minimum RSA key size */
#endif
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_ED25519)
short minEccKeySz; /* minimum ECC key size */
#endif
#ifdef OPENSSL_EXTRA
@ -2214,9 +2214,11 @@ struct WOLFSSL_CTX {
#endif /* WOLFSSL_DTLS */
VerifyCallback verifyCallback; /* cert verification callback */
word32 timeout; /* session timeout */
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
word32 ecdhCurveOID; /* curve Ecc_Sum */
#endif
#ifdef HAVE_ECC
word16 eccTempKeySz; /* in octets 20 - 66 */
word32 ecdhCurveOID; /* curve Ecc_Sum */
word32 pkCurveOID; /* curve Ecc_Sum */
#endif
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
@ -2803,7 +2805,7 @@ typedef struct Options {
#ifndef NO_RSA
short minRsaKeySz; /* minimum RSA key size */
#endif
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_ED25519)
short minEccKeySz; /* minimum ECC key size */
#endif
@ -3178,17 +3180,22 @@ struct WOLFSSL {
byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ];
byte peerNtruKeyPresent;
#endif
#if defined(HAVE_ECC) || defined(HAVE_ED25519)
int eccVerifyRes;
#endif
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
word32 ecdhCurveOID; /* curve Ecc_Sum */
ecc_key* eccTempKey; /* private ECDHE key */
byte eccTempKeyPresent;
byte peerEccKeyPresent;
#endif
#ifdef HAVE_ECC
ecc_key* peerEccKey; /* peer's ECDHE key */
ecc_key* peerEccDsaKey; /* peer's ECDSA key */
ecc_key* eccTempKey; /* private ECDHE key */
int eccVerifyRes;
word32 pkCurveOID; /* curve Ecc_Sum */
word32 ecdhCurveOID; /* curve Ecc_Sum */
word16 eccTempKeySz; /* in octets 20 - 66 */
byte peerEccKeyPresent;
byte peerEccDsaKeyPresent;
byte eccTempKeyPresent;
#endif
#ifdef HAVE_ED25519
ed25519_key* peerEd25519Key;
byte peerEd25519KeyPresent;
@ -3197,7 +3204,6 @@ struct WOLFSSL {
curve25519_key* peerX25519Key;
byte peerX25519KeyPresent;
#endif
#endif
#ifdef HAVE_LIBZ
z_stream c_stream; /* compression stream */
z_stream d_stream; /* decompression stream */

4
wolfssl/wolfcrypt/asn.h
View File

@ -431,7 +431,7 @@ struct SignatureCtx {
byte* out;
byte* plain;
#endif
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_ED25519)
int verify;
#endif
union {
@ -565,7 +565,7 @@ struct DecodedCert {
byte* extSubjKeyIdSrc;
word32 extSubjKeyIdSz;
#endif
#ifdef HAVE_ECC
#if defined(HAVE_ECC) || defined(HAVE_ED25519)
word32 pkCurveOID; /* Public Key's curve OID */
#endif /* HAVE_ECC */
byte* beforeDate;

2
wolfssl/wolfcrypt/fe_operations.h
View File

@ -27,7 +27,7 @@
#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
#ifndef CURVE25519_SMALL
#if defined(HAVE___UINT128_T)
#include <stdint.h>
#endif
#include <wolfssl/wolfcrypt/types.h>

2
wolfssl/wolfcrypt/ge_operations.h
View File

@ -29,7 +29,7 @@
#ifdef HAVE_ED25519
#ifndef ED25519_SMALL
#if defined(HAVE___UINT128_T)
#include <stdint.h>
#endif
#include <wolfssl/wolfcrypt/fe_operations.h>