From 7fdb7037d8c8362202bb1be3e5b65b8543603e90 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 19 Jun 2017 10:09:12 -0700 Subject: [PATCH] Fixes for building Ed/Curve for building on 32/64 bit with uint64_t. Fixes for build with Ed/Curve with ECC disabled. --- src/internal.c | 64 ++++++++++++++++++++----------- wolfcrypt/src/fe_operations.c | 6 ++- wolfssl/internal.h | 26 ++++++++----- wolfssl/wolfcrypt/asn.h | 4 +- wolfssl/wolfcrypt/fe_operations.h | 2 +- wolfssl/wolfcrypt/ge_operations.h | 2 +- 6 files changed, 66 insertions(+), 38 deletions(-) diff --git a/src/internal.c b/src/internal.c index 41532de90..dc4d983c8 100755 --- a/src/internal.c +++ b/src/internal.c @@ -3429,6 +3429,7 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer) return ret; } +#endif /* HAVE_ECC */ #ifdef HAVE_ED25519 /* Sign the data using EdDSA and key using X25519. @@ -3640,7 +3641,7 @@ static int X25519MakeKey(WOLFSSL* ssl, curve25519_key* key, return ret; } #endif /* HAVE_CURVE25519 */ -#endif /* HAVE_ECC */ + #endif /* !NO_CERTS */ #if !defined(NO_CERTS) || !defined(NO_PSK) @@ -17906,7 +17907,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) } break; #endif /* !NO_DH && !NO_PSK */ - #if defined(HAVE_ECC) && !defined(NO_PSK) + #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) case ecdhe_psk_kea: /* sanity check that PSK client callback has been set */ if (ssl->options.client_psk_cb == NULL) { @@ -17963,7 +17964,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, ssl->peerEccKey); break; - #endif /* HAVE_ECC && !NO_PSK */ + #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ #ifdef HAVE_NTRU case ntru_kea: if (ssl->peerNtruKeyPresent == 0) { @@ -17971,10 +17972,12 @@ int SendClientKeyExchange(WOLFSSL* ssl) } break; #endif /* HAVE_NTRU */ - #ifdef HAVE_ECC + #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) case ecc_diffie_hellman_kea: { + #ifdef HAVE_ECC ecc_key* peerKey; + #endif #ifdef HAVE_PK_CALLBACKS /* if callback then use it for shared secret */ @@ -18007,8 +18010,8 @@ int SendClientKeyExchange(WOLFSSL* ssl) ssl->peerX25519Key); break; } - else #endif + #ifdef HAVE_ECC if (ssl->specs.static_ecdh) { /* TODO: EccDsa is really fixed Ecc change naming */ if (!ssl->peerEccDsaKey || @@ -18037,10 +18040,11 @@ int SendClientKeyExchange(WOLFSSL* ssl) } ret = EccMakeKey(ssl, (ecc_key*)ssl->hsKey, peerKey); + #endif break; } - #endif /* HAVE_ECC */ + #endif /* HAVE_ECC || HAVE_CURVE25519 */ default: ret = BAD_KEA_TYPE_E; @@ -18206,7 +18210,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) break; } #endif /* !NO_DH && !NO_PSK */ - #if defined(HAVE_ECC) && !defined(NO_PSK) + #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) case ecdhe_psk_kea: { word32 esSz = 0; @@ -18291,7 +18295,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) break; } #endif /* HAVE_NTRU */ - #ifdef HAVE_ECC + #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) case ecc_diffie_hellman_kea: { ssl->arrays->preMasterSz = ENCRYPT_LEN; @@ -18316,6 +18320,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) break; } #endif + #ifdef HAVE_ECC #ifdef HAVE_PK_CALLBACKS /* if callback then use it for shared secret */ if (ssl->ctx->EccSharedSecretCb != NULL) { @@ -18329,9 +18334,10 @@ int SendClientKeyExchange(WOLFSSL* ssl) if (ret != 0) { ERROR_OUT(ECC_EXPORT_ERROR, exit_scke); } + #endif /* HAVE_ECC */ break; } - #endif /* HAVE_ECC */ + #endif /* HAVE_ECC || HAVE_CURVE25519 */ default: ret = BAD_KEA_TYPE_E; @@ -18400,7 +18406,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) break; } #endif /* !NO_DH && !NO_PSK */ - #if defined(HAVE_ECC) && !defined(NO_PSK) + #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) case ecdhe_psk_kea: { #ifdef HAVE_CURVE25519 @@ -18434,7 +18440,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) ); break; } - #endif /* HAVE_ECC && !NO_PSK */ + #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ #ifdef HAVE_NTRU case ntru_kea: { @@ -18459,10 +18465,12 @@ int SendClientKeyExchange(WOLFSSL* ssl) break; } #endif /* HAVE_NTRU */ - #ifdef HAVE_ECC + #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) case ecc_diffie_hellman_kea: { + #ifdef HAVE_ECC ecc_key* peerKey; + #endif #ifdef HAVE_CURVE25519 if (ssl->peerX25519KeyPresent) { @@ -18481,6 +18489,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) break; } #endif + #ifdef HAVE_ECC peerKey = (ssl->specs.static_ecdh) ? ssl->peerEccDsaKey : ssl->peerEccKey; @@ -18496,10 +18505,11 @@ int SendClientKeyExchange(WOLFSSL* ssl) NULL #endif ); + #endif break; } - #endif /* HAVE_ECC */ + #endif /* HAVE_ECC || HAVE_CURVE25519 */ default: ret = BAD_KEA_TYPE_E; @@ -19968,7 +19978,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, case ecdhe_psk_kea: /* Fall through to create temp ECC key */ #endif /* HAVE_ECC && !NO_PSK */ - #ifdef HAVE_ECC + #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) case ecc_diffie_hellman_kea: { #ifdef HAVE_CURVE25519 @@ -19993,6 +20003,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, break; } #endif + #ifdef HAVE_ECC /* need ephemeral key now, create it if missing */ if (ssl->eccTempKey == NULL) { /* alloc/init on demand */ @@ -20011,9 +20022,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->eccTempKeyPresent = 1; } } + #endif break; } - #endif /* HAVE_ECC */ + #endif /* HAVE_ECC || HAVE_CURVE25519 */ default: /* Skip ServerKeyExchange */ goto exit_sske; @@ -23079,9 +23091,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, break; } #endif /* HAVE_NTRU */ - #ifdef HAVE_ECC + #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) case ecc_diffie_hellman_kea: { + #ifdef HAVE_ECC ecc_key* private_key = ssl->eccTempKey; /* handle static private key */ @@ -23109,6 +23122,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } } } + #endif /* import peer ECC key */ if ((args->idx - args->begin) + OPAQUE8_LEN > size) { @@ -23162,6 +23176,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, break; } #endif + #ifdef HAVE_ECC #ifdef HAVE_PK_CALLBACKS /* if callback then use it for shared secret */ if (ssl->ctx->EccSharedSecretCb != NULL) { @@ -23197,13 +23212,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } ssl->peerEccKeyPresent = 1; + #endif /* HAVE_ECC */ if (ret != 0) { goto exit_dcke; } break; } - #endif /* HAVE_ECC */ + #endif /* HAVE_ECC || HAVE_CURVE25519 */ #ifndef NO_DH case diffie_hellman_kea: { @@ -23290,7 +23306,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, break; } #endif /* !NO_DH && !NO_PSK */ - #if defined(HAVE_ECC) && !defined(NO_PSK) + #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) case ecdhe_psk_kea: { word16 clientSz; @@ -23406,7 +23422,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->peerEccKeyPresent = 1; break; } - #endif /* HAVE_ECC && !NO_PSK */ + #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ default: ret = BAD_KEA_TYPE_E; } /* switch (ssl->specs.kea) */ @@ -23457,7 +23473,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, break; } #endif /* HAVE_NTRU */ - #ifdef HAVE_ECC + #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) case ecc_diffie_hellman_kea: { void* private_key = ssl->eccTempKey; @@ -23480,6 +23496,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, break; } #endif + #ifdef HAVE_ECC if (ssl->specs.static_ecdh) { private_key = ssl->hsKey; } @@ -23497,9 +23514,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, NULL #endif ); + #endif break; } - #endif /* HAVE_ECC */ + #endif /* HAVE_ECC || HAVE_CURVE25519 */ #ifndef NO_DH case diffie_hellman_kea: { @@ -23526,7 +23544,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, break; } #endif /* !NO_DH && !NO_PSK */ - #if defined(HAVE_ECC) && !defined(NO_PSK) + #if (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && !defined(NO_PSK) case ecdhe_psk_kea: { #ifdef HAVE_CURVE25519 @@ -23562,7 +23580,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ); break; } - #endif /* HAVE_ECC && !NO_PSK */ + #endif /* (HAVE_ECC || HAVE_CURVE25519) && !NO_PSK */ default: ret = BAD_KEA_TYPE_E; } /* switch (ssl->specs.kea) */ diff --git a/wolfcrypt/src/fe_operations.c b/wolfcrypt/src/fe_operations.c index 45bdbb514..fe67ed711 100755 --- a/wolfcrypt/src/fe_operations.c +++ b/wolfcrypt/src/fe_operations.c @@ -44,6 +44,8 @@ #ifdef HAVE___UINT128_T #include "fe_x25519_128.i" #else + +#ifdef HAVE_CURVE25519 /* fe means field element. Here the field is \Z/(2^255-19). @@ -71,7 +73,7 @@ uint64_t load_4(const unsigned char *in) result |= ((uint64_t) in[3]) << 24; return result; } - +#endif /* h = 1 @@ -570,6 +572,7 @@ void fe_sub(fe h,const fe f,const fe g) } +#ifdef HAVE_CURVE25519 /* Ignores top bit of h. */ @@ -620,6 +623,7 @@ void fe_frombytes(fe h,const unsigned char *s) h[8] = (int32_t)h8; h[9] = (int32_t)h9; } +#endif void fe_invert(fe out,const fe z) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index c35b7b2e7..5b1708063 100755 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1680,7 +1680,7 @@ struct WOLFSSL_CERT_MANAGER { #ifndef NO_RSA short minRsaKeySz; /* minimum allowed RSA key size */ #endif -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || defined(HAVE_ED25519) short minEccKeySz; /* minimum allowed ECC key size */ #endif }; @@ -2196,7 +2196,7 @@ struct WOLFSSL_CTX { #ifndef NO_RSA short minRsaKeySz; /* minimum RSA key size */ #endif -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || defined(HAVE_ED25519) short minEccKeySz; /* minimum ECC key size */ #endif #ifdef OPENSSL_EXTRA @@ -2214,9 +2214,11 @@ struct WOLFSSL_CTX { #endif /* WOLFSSL_DTLS */ VerifyCallback verifyCallback; /* cert verification callback */ word32 timeout; /* session timeout */ +#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) + word32 ecdhCurveOID; /* curve Ecc_Sum */ +#endif #ifdef HAVE_ECC word16 eccTempKeySz; /* in octets 20 - 66 */ - word32 ecdhCurveOID; /* curve Ecc_Sum */ word32 pkCurveOID; /* curve Ecc_Sum */ #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) @@ -2803,7 +2805,7 @@ typedef struct Options { #ifndef NO_RSA short minRsaKeySz; /* minimum RSA key size */ #endif -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || defined(HAVE_ED25519) short minEccKeySz; /* minimum ECC key size */ #endif @@ -3178,17 +3180,22 @@ struct WOLFSSL { byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ]; byte peerNtruKeyPresent; #endif +#if defined(HAVE_ECC) || defined(HAVE_ED25519) + int eccVerifyRes; +#endif +#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) + word32 ecdhCurveOID; /* curve Ecc_Sum */ + ecc_key* eccTempKey; /* private ECDHE key */ + byte eccTempKeyPresent; + byte peerEccKeyPresent; +#endif #ifdef HAVE_ECC ecc_key* peerEccKey; /* peer's ECDHE key */ ecc_key* peerEccDsaKey; /* peer's ECDSA key */ - ecc_key* eccTempKey; /* private ECDHE key */ - int eccVerifyRes; word32 pkCurveOID; /* curve Ecc_Sum */ - word32 ecdhCurveOID; /* curve Ecc_Sum */ word16 eccTempKeySz; /* in octets 20 - 66 */ - byte peerEccKeyPresent; byte peerEccDsaKeyPresent; - byte eccTempKeyPresent; +#endif #ifdef HAVE_ED25519 ed25519_key* peerEd25519Key; byte peerEd25519KeyPresent; @@ -3197,7 +3204,6 @@ struct WOLFSSL { curve25519_key* peerX25519Key; byte peerX25519KeyPresent; #endif -#endif #ifdef HAVE_LIBZ z_stream c_stream; /* compression stream */ z_stream d_stream; /* decompression stream */ diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index 1b732fa55..7af6ea5ad 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -431,7 +431,7 @@ struct SignatureCtx { byte* out; byte* plain; #endif -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || defined(HAVE_ED25519) int verify; #endif union { @@ -565,7 +565,7 @@ struct DecodedCert { byte* extSubjKeyIdSrc; word32 extSubjKeyIdSz; #endif -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || defined(HAVE_ED25519) word32 pkCurveOID; /* Public Key's curve OID */ #endif /* HAVE_ECC */ byte* beforeDate; diff --git a/wolfssl/wolfcrypt/fe_operations.h b/wolfssl/wolfcrypt/fe_operations.h index 0118f471f..043684220 100644 --- a/wolfssl/wolfcrypt/fe_operations.h +++ b/wolfssl/wolfcrypt/fe_operations.h @@ -27,7 +27,7 @@ #if defined(HAVE_CURVE25519) || defined(HAVE_ED25519) -#ifndef CURVE25519_SMALL +#if defined(HAVE___UINT128_T) #include #endif #include diff --git a/wolfssl/wolfcrypt/ge_operations.h b/wolfssl/wolfcrypt/ge_operations.h index 2848adf86..1da444a5e 100644 --- a/wolfssl/wolfcrypt/ge_operations.h +++ b/wolfssl/wolfcrypt/ge_operations.h @@ -29,7 +29,7 @@ #ifdef HAVE_ED25519 -#ifndef ED25519_SMALL +#if defined(HAVE___UINT128_T) #include #endif #include