From f5509780c617ae31f1fe52379f74582d3d222eb9 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 4 Jan 2021 09:06:29 -0800 Subject: [PATCH 1/3] Add argument checking to `wc_ecc_gen_k` . Cleanup return codes for `wc_ecc_mulmod_ex2`. --- wolfcrypt/src/ecc.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 69bcb2d18..19a885907 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -3222,13 +3222,13 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a, if (err == MP_OKAY) { int kIsMinusOne = (mp_cmp((mp_int*)k, &t) == MP_EQ); err = mp_cond_copy(tG->x, kIsMinusOne, R->x); - if (err == 0) { + if (err == MP_OKAY) { err = mp_sub(modulus, tG->y, &t); } - if (err == 0) { + if (err == MP_OKAY) { err = mp_cond_copy(&t, kIsMinusOne, R->y); } - if (err == 0) { + if (err == MP_OKAY) { err = mp_cond_copy(tG->z, kIsMinusOne, R->z); } } @@ -4291,8 +4291,12 @@ int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order) int err; byte buf[ECC_MAXSIZE_GEN]; - /*generate 8 extra bytes to mitigate bias from the modulo operation below*/ - /*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/ + if (rng == NULL || size > ECC_MAXSIZE_GEN || k == NULL || order == NULL) { + return BAD_FUNC_ARG; + } + + /* generate 8 extra bytes to mitigate bias from the modulo operation below */ + /* see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)' */ size += 8; /* make up random string */ From 8c91a0c6b0409d8917d0128aa45750bc7a6bb02b Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 6 Jan 2021 16:43:49 -0800 Subject: [PATCH 2/3] Support for `mp_dump` with SP Math ALL. --- wolfssl/wolfcrypt/sp_int.h | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/wolfssl/wolfcrypt/sp_int.h b/wolfssl/wolfcrypt/sp_int.h index 9f247daf0..a51b90cf0 100644 --- a/wolfssl/wolfcrypt/sp_int.h +++ b/wolfssl/wolfcrypt/sp_int.h @@ -156,7 +156,7 @@ extern "C" { #endif -/* Detemine the number of bits to use in each word. */ +/* Determine the number of bits to use in each word. */ #ifdef SP_WORD_SIZE #elif defined(WOLFSSL_DSP_BUILD) #define SP_WORD_SIZE 32 @@ -510,7 +510,7 @@ typedef struct sp_ecc_ctx { #define sp_print_digit(a, s) #define sp_print_int(a, s) -#endif +#endif /* !NO_FILESYSTEM */ /* Returns whether multi-precision number is odd * @@ -978,8 +978,16 @@ WOLFSSL_API word32 CheckRunTimeFastMath(void); #define mp_gcd sp_gcd #define mp_lcm sp_lcm +#ifdef WOLFSSL_DEBUG_MATH +static inline void mp_dump(const char* desc, mp_int* a, byte verbose) +{ + sp_print(a, desc); + (void)verbose; +} #endif +#endif /* WOLFSSL_SP_MATH || WOLFSSL_SP_MATH_ALL */ + #ifdef __cplusplus } /* extern "C" */ #endif From 7e69277680ed2fae592a0de0ef05a09e674046d1 Mon Sep 17 00:00:00 2001 From: David Garske Date: Mon, 10 May 2021 16:27:06 -0700 Subject: [PATCH 3/3] Improve SP `mp_dump` to use macro. --- wolfssl/wolfcrypt/sp_int.h | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/wolfssl/wolfcrypt/sp_int.h b/wolfssl/wolfcrypt/sp_int.h index a51b90cf0..a32810e49 100644 --- a/wolfssl/wolfcrypt/sp_int.h +++ b/wolfssl/wolfcrypt/sp_int.h @@ -979,11 +979,7 @@ WOLFSSL_API word32 CheckRunTimeFastMath(void); #define mp_lcm sp_lcm #ifdef WOLFSSL_DEBUG_MATH -static inline void mp_dump(const char* desc, mp_int* a, byte verbose) -{ - sp_print(a, desc); - (void)verbose; -} +#define mp_dump(d, a, v) sp_print(a, d) #endif #endif /* WOLFSSL_SP_MATH || WOLFSSL_SP_MATH_ALL */