Merge pull request #4158 from dgarske/nxp_ltc_rsa2

Fixes for NXP LTC with RSA and Blinding
2021-06-24 12:14:04 +10:00
parent ae2f2b246e 73c90369c6
commit 92a4e30b69
3 changed files with 12 additions and 9 deletions
--- a/wolfcrypt/src/port/nxp/ksdk_port.c
+++ b/wolfcrypt/src/port/nxp/ksdk_port.c
@@ -405,6 +405,7 @@ int mp_invmod(mp_int *a, mp_int *b, mp_int *c)
 }

 /* d = a * b (mod c) */
+/* with blinding enabled ptr a can equal ptr d */
 int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
 {
    int res = MP_OKAY;
@@ -422,8 +423,9 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
    szB = mp_unsigned_bin_size(b);
    szC = mp_unsigned_bin_size(c);

-    if ((szA <= LTC_MAX_INT_BYTES) && (szB <= LTC_MAX_INT_BYTES) && 
-        (szC <= LTC_MAX_INT_BYTES))
+    /* LTC hardware seems to have issue with ModMul with 511 bytes or more,
+        so use software math */
+    if ((szA + szB < LTC_MAX_INT_BYTES-1) && (szC <=  LTC_MAX_INT_BYTES))
    {
        uint8_t *ptrA, *ptrB, *ptrC, *ptrD;

@@ -432,15 +434,15 @@ int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d)
        ptrC = (uint8_t*)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT);
        ptrD = (uint8_t*)XMALLOC(LTC_MAX_INT_BYTES, NULL, DYNAMIC_TYPE_BIGINT);

-        /* unsigned multiply */
-#if (!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)) || \
-      defined(WOLFSSL_SP_INT_NEGATIVE)
-        int neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG;
-#endif
-
        if (ptrA && ptrB && ptrC && ptrD) {
            uint16_t sizeA, sizeB, sizeC, sizeD = 0;

+            /* unsigned multiply */
+#if (!defined(WOLFSSL_SP_MATH) && !defined(WOLFSSL_SP_MATH_ALL)) || \
+      defined(WOLFSSL_SP_INT_NEGATIVE)
+            int neg = (a->sign == b->sign) ? MP_ZPOS : MP_NEG;
+#endif
+
            /* Multiply A * B = D */
            res = ltc_get_lsb_bin_from_mp_int(ptrA, a, &sizeA);
            if (res == MP_OKAY)
--- a/wolfcrypt/src/rsa.c
+++ b/wolfcrypt/src/rsa.c
@@ -2434,7 +2434,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
            /* unblind */
            if (ret == 0 && mp_mulmod(tmp, rndi, &key->n, tmp) != MP_OKAY)
                ret = MP_MULMOD_E;
-        #endif   /* WC_RSA_BLINDING */
+        #endif /* WC_RSA_BLINDING */

            break;
        }
--- a/wolfssl/wolfcrypt/port/nxp/ksdk_port.h
+++ b/wolfssl/wolfcrypt/port/nxp/ksdk_port.h
@@ -46,6 +46,7 @@ int ksdk_port_init(void);
 	int wolfcrypt_mp_mod(mp_int *a, mp_int *b, mp_int *c);
 	int wolfcrypt_mp_invmod(mp_int *a, mp_int *b, mp_int *c);
 	int wolfcrypt_mp_exptmod(mp_int *G, mp_int *X, mp_int *P, mp_int *Y);
+	int wolfcrypt_mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng);

    /* Exported mp_mulmod function */
    int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);