feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

KCAPI ECDSA Memory

Browse Source 
Use page aligned memory when using ECDSA signing and verify.
This commit is contained in:
John Safranek
2021-12-17 11:11:16 -08:00
parent 2f0b451545
commit b45f1ed761
1 changed files with 42 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
wolfcrypt/src/port/kcapi/kcapi_ecc.c
View File

@ -179,6 +179,10 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
word32* sigLen) word32* sigLen)
{ {
int ret = 0; int ret = 0;
unsigned char* buf_aligned = NULL;
unsigned char* hash_aligned = NULL;
unsigned char* sig_aligned = NULL;
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
if (key->handle == NULL) { if (key->handle == NULL) {
ret = kcapi_akcipher_init(&key->handle, WC_NAME_ECDSA, 0); ret = kcapi_akcipher_init(&key->handle, WC_NAME_ECDSA, 0);
@ -190,13 +194,38 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
} }
} }
if (ret == 0) { if (ret == 0) {
ret = kcapi_akcipher_sign(key->handle, hash, hashLen, sig, *sigLen, if (((size_t)sig % pageSz != 0) || ((size_t)hash % pageSz != 0)) {
ret = posix_memalign((void*)&buf_aligned, pageSz, pageSz * 2);
if (ret < 0) {
ret = MEMORY_E;
}
}
}
if (ret == 0) {
sig_aligned = ((size_t)sig % pageSz == 0) ? sig : buf_aligned;
if ((size_t)hash % pageSz == 0) {
hash_aligned = (unsigned char*)hash;
}
else {
hash_aligned = buf_aligned + pageSz;
XMEMCPY(hash_aligned, hash, hashLen);
}
ret = kcapi_akcipher_sign(key->handle, hash_aligned, hashLen,
sig_aligned, *sigLen,
KCAPI_ACCESS_HEURISTIC); KCAPI_ACCESS_HEURISTIC);
if (ret >= 0) { if (ret >= 0) {
*sigLen = ret; *sigLen = ret;
ret = 0; ret = 0;
if (sig_aligned != sig) {
XMEMCPY(sig, sig_aligned, ret);
}
} }
} }
/* Using free as this is in an environment that will have it
* available along with posix_memalign. */
if (buf_aligned != NULL) {
free(buf_aligned);
}
return ret; return ret;
} }
@ -225,7 +254,8 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
word32 sigLen) word32 sigLen)
{ {
int ret = 0; int ret = 0;
unsigned char* sigHash = NULL; unsigned char* sigHash_aligned = NULL;
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
if (key->handle == NULL) { if (key->handle == NULL) {
ret = kcapi_akcipher_init(&key->handle, WC_NAME_ECDSA, 0); ret = kcapi_akcipher_init(&key->handle, WC_NAME_ECDSA, 0);
@ -238,25 +268,26 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
} }
if (ret == 0) { if (ret == 0) {
sigHash = (unsigned char*)XMALLOC(sigLen + hashLen, key->heap, ret = posix_memalign((void*)&sigHash_aligned, pageSz, sigLen + hashLen);
DYNAMIC_TYPE_TMP_BUFFER); if (ret < 0) {
if (sigHash == NULL) {
ret = MEMORY_E; ret = MEMORY_E;
} }
} }
if (ret == 0) { if (ret == 0) {
XMEMCPY(sigHash, sig, sigLen); XMEMCPY(sigHash_aligned, sig, sigLen);
XMEMCPY(sigHash + sigLen, hash, hashLen); XMEMCPY(sigHash_aligned + sigLen, hash, hashLen);
ret = kcapi_akcipher_verify(key->handle, sigHash, sigLen + hashLen, ret = kcapi_akcipher_verify(key->handle, sigHash_aligned,
NULL, hashLen, KCAPI_ACCESS_HEURISTIC); sigLen + hashLen, NULL, hashLen, KCAPI_ACCESS_HEURISTIC);
if (ret >= 0) { if (ret >= 0) {
ret = 0; ret = 0;
} }
} }
if (sigHash != NULL) { /* Using free as this is in an environment that will have it
XFREE(sigHash, key->heap, DYNAMIC_TYPE_TMP_BUFFER); * available along with posix_memalign. */
if (sigHash_aligned != NULL) {
free(sigHash_aligned);
} }
return ret; return ret;
} }