feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix issue with "wc_ecc_set_custom_curve" function not setting index as "ECC_CUSTOM_IDX". Cleanup of the ECC tests to return actual error code (when available) and make sure keys are free'd. Some trailing whitespace cleanup.

Browse Source
This commit is contained in:
David Garske
2016-08-26 12:35:47 -07:00
parent 78ca9e7716
commit bf23b2f9d1
2 changed files with 55 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
wolfcrypt/src/ecc.c
View File

@ -436,7 +436,7 @@ const ecc_set_type ecc_sets[] = {
"9487239995A5EE76B55F9C2F098", /* Gx */ "9487239995A5EE76B55F9C2F098", /* Gx */
"A89CE5AF8724C0A23E0E0FF77500", /* Gy */ "A89CE5AF8724C0A23E0E0FF77500", /* Gy */
ecc_oid_secp112r1, /* oid/oidSz */ ecc_oid_secp112r1, /* oid/oidSz */
sizeof(ecc_oid_secp112r1) / sizeof(ecc_oid_t), sizeof(ecc_oid_secp112r1) / sizeof(ecc_oid_t),
ECC_SECP112R1_OID, /* oid sum */ ECC_SECP112R1_OID, /* oid sum */
1, /* cofactor */ 1, /* cofactor */
}, },
@ -805,7 +805,7 @@ const ecc_set_type ecc_sets[] = {
"8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", /* Gx */ "8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", /* Gx */
"547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", /* Gy */ "547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", /* Gy */
ecc_oid_brainpoolp256r1, /* oid/oidSz */ ecc_oid_brainpoolp256r1, /* oid/oidSz */
sizeof(ecc_oid_brainpoolp256r1) / sizeof(ecc_oid_t), sizeof(ecc_oid_brainpoolp256r1) / sizeof(ecc_oid_t),
ECC_BRAINPOOLP256R1_OID, /* oid sum */ ECC_BRAINPOOLP256R1_OID, /* oid sum */
1, /* cofactor */ 1, /* cofactor */
}, },
@ -936,7 +936,7 @@ static int wc_ecc_export_x963_compressed(ecc_key*, byte* out, word32* outLen);
static int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id) static int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id)
{ {
if (keysize <=0 && curve_id <= 0) { if (keysize <= 0 && curve_id <= 0) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
@ -1037,12 +1037,12 @@ int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
return ecc_projective_dbl_point(P, R, a, modulus, mp); return ecc_projective_dbl_point(P, R, a, modulus, mp);
} }
} }
if (err != MP_OKAY) { if (err != MP_OKAY) {
goto done; goto done;
} }
/* If use ALT_ECC_SIZE we need to use local stack variable since /* If use ALT_ECC_SIZE we need to use local stack variable since
ecc_point x,y,z is reduced size */ ecc_point x,y,z is reduced size */
#ifdef ALT_ECC_SIZE #ifdef ALT_ECC_SIZE
/* Use local stack variable */ /* Use local stack variable */
@ -1312,7 +1312,7 @@ int ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* a,
return err; return err;
} }
/* If use ALT_ECC_SIZE we need to use local stack variable since /* If use ALT_ECC_SIZE we need to use local stack variable since
ecc_point x,y,z is reduced size */ ecc_point x,y,z is reduced size */
#ifdef ALT_ECC_SIZE #ifdef ALT_ECC_SIZE
/* Use local stack variable */ /* Use local stack variable */
@ -1571,7 +1571,7 @@ int ecc_map(ecc_point* P, mp_int* modulus, mp_digit mp)
if ((err = mp_init_multi(x, y, z, NULL, NULL, NULL)) != MP_OKAY) { if ((err = mp_init_multi(x, y, z, NULL, NULL, NULL)) != MP_OKAY) {
goto done; goto done;
} }
if (err == MP_OKAY) if (err == MP_OKAY)
err = mp_copy(P->x, x); err = mp_copy(P->x, x);
if (err == MP_OKAY) if (err == MP_OKAY)
@ -1871,7 +1871,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
{ {
return wc_ecc_mulmod_ex(k, G, R, a, modulus, map, NULL); return wc_ecc_mulmod_ex(k, G, R, a, modulus, map, NULL);
} }
#endif /* ! FP_ECC */ #endif /* !FP_ECC */
#undef WINSIZE #undef WINSIZE
#else /* ECC_TIMING_RESISTANT */ #else /* ECC_TIMING_RESISTANT */
@ -1979,7 +1979,7 @@ int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
break; break;
} }
buf = get_digit(k, digidx); buf = get_digit(k, digidx);
bitcnt = (int) DIGIT_BIT; bitcnt = (int)DIGIT_BIT;
--digidx; --digidx;
} }
@ -3786,7 +3786,7 @@ static int ecc_check_pubkey_order(ecc_key* key, mp_int* a, mp_int* prime,
if (inf == NULL) if (inf == NULL)
err = MEMORY_E; err = MEMORY_E;
else { else {
err = wc_ecc_mulmod_ex(order, &key->pubkey, inf, a, prime, 1, err = wc_ecc_mulmod_ex(order, &key->pubkey, inf, a, prime, 1,
key->heap); key->heap);
if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf)) if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf))
err = ECC_INF_E; err = ECC_INF_E;
@ -6615,7 +6615,7 @@ int wc_ecc_set_custom_curve(ecc_key* key, const ecc_set_type* dp)
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
key->idx = WOLFSSL_CUSTOM_CURVES; key->idx = ECC_CUSTOM_IDX;
key->dp = dp; key->dp = dp;
return 0; return 0;

83
wolfcrypt/test/test.c
View File

@ -6679,7 +6679,7 @@ typedef struct eccVector {
static int ecc_test_vector_item(const eccVector* vector) static int ecc_test_vector_item(const eccVector* vector)
{ {
int ret, verify; int ret = 0, verify;
word32 x; word32 x;
ecc_key userA; ecc_key userA;
byte sig[1024]; byte sig[1024];
@ -6692,22 +6692,24 @@ static int ecc_test_vector_item(const eccVector* vector)
ret = wc_ecc_import_raw(&userA, vector->Qx, vector->Qy, ret = wc_ecc_import_raw(&userA, vector->Qx, vector->Qy,
vector->d, vector->curveName); vector->d, vector->curveName);
if (ret != 0) if (ret != 0)
return -1018; goto done;
ret = wc_ecc_rs_to_sig(vector->R, vector->S, sig, &x); ret = wc_ecc_rs_to_sig(vector->R, vector->S, sig, &x);
if (ret != 0) if (ret != 0)
return -1019; goto done;
ret = wc_ecc_verify_hash(sig, x, (byte*)vector->msg, vector->msgLen, &verify, &userA); ret = wc_ecc_verify_hash(sig, x, (byte*)vector->msg, vector->msgLen,
&verify, &userA);
if (ret != 0) if (ret != 0)
return -1021; goto done;
if (verify != 1) if (verify != 1)
return -1023; ret = -1023;
done:
wc_ecc_free(&userA); wc_ecc_free(&userA);
return 0; return ret;
} }
static int ecc_test_vector(int keySize) static int ecc_test_vector(int keySize)
@ -6791,7 +6793,7 @@ static int ecc_test_vector(int keySize)
#if defined(HAVE_ECC239) || defined(HAVE_ALL_CURVES) #if defined(HAVE_ECC239) || defined(HAVE_ALL_CURVES)
case 30: case 30:
return 0; return 0;
#endif /* HAVE_ECC239 */ #endif /* HAVE_ECC239 */
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
@ -6904,7 +6906,7 @@ static int ecc_test_vector(int keySize)
#ifdef WOLFSSL_KEY_GEN #ifdef WOLFSSL_KEY_GEN
static int ecc_test_key_gen(WC_RNG* rng, int keySize) static int ecc_test_key_gen(WC_RNG* rng, int keySize)
{ {
int ret; int ret = 0;
int derSz, pemSz; int derSz, pemSz;
byte der[FOURK_BUF]; byte der[FOURK_BUF];
byte pem[FOURK_BUF]; byte pem[FOURK_BUF];
@ -6917,46 +6919,49 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
ret = wc_ecc_make_key(rng, keySize, &userA); ret = wc_ecc_make_key(rng, keySize, &userA);
if (ret != 0) if (ret != 0)
return -1014; goto done;
ret = wc_ecc_check_key(&userA); ret = wc_ecc_check_key(&userA);
if (ret != 0) if (ret != 0)
return -1023; goto done;
derSz = wc_EccKeyToDer(&userA, der, FOURK_BUF); derSz = wc_EccKeyToDer(&userA, der, FOURK_BUF);
if (derSz < 0) { if (derSz < 0) {
return -1024; ERROR_OUT(derSz, done);
} }
keyFile = fopen("./ecc-key.der", "wb"); keyFile = fopen("./ecc-key.der", "wb");
if (!keyFile) { if (!keyFile) {
return -1025; ERROR_OUT(-1025, done);
} }
ret = (int)fwrite(der, 1, derSz, keyFile); ret = (int)fwrite(der, 1, derSz, keyFile);
fclose(keyFile); fclose(keyFile);
if (ret != derSz) { if (ret != derSz) {
return -1026; ERROR_OUT(-1026, done);
} }
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, ECC_PRIVATEKEY_TYPE); pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, ECC_PRIVATEKEY_TYPE);
if (pemSz < 0) { if (pemSz < 0) {
return -1027; ERROR_OUT(pemSz, done);
} }
pemFile = fopen("./ecc-key.pem", "wb"); pemFile = fopen("./ecc-key.pem", "wb");
if (!pemFile) { if (!pemFile) {
return -1028; ERROR_OUT(-1028, done);
} }
ret = (int)fwrite(pem, 1, pemSz, pemFile); ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile); fclose(pemFile);
if (ret != pemSz) { if (ret != pemSz) {
return -1029; ERROR_OUT(-1029, done);
} }
/* test export of public key */ /* test export of public key */
derSz = wc_EccPublicKeyToDer(&userA, der, FOURK_BUF, 1); derSz = wc_EccPublicKeyToDer(&userA, der, FOURK_BUF, 1);
if (derSz <= 0) { if (derSz < 0) {
return -5516; ERROR_OUT(derSz, done);
}
if (derSz == 0) {
ERROR_OUT(-5416, done);
} }
#ifdef FREESCALE_MQX #ifdef FREESCALE_MQX
keyFile = fopen("a:\\certs\\ecc-public-key.der", "wb"); keyFile = fopen("a:\\certs\\ecc-public-key.der", "wb");
@ -6964,17 +6969,19 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
keyFile = fopen("./ecc-public-key.der", "wb"); keyFile = fopen("./ecc-public-key.der", "wb");
#endif #endif
if (!keyFile) { if (!keyFile) {
return -5417; ERROR_OUT(-5417, done);
} }
ret = (int)fwrite(der, 1, derSz, keyFile); ret = (int)fwrite(der, 1, derSz, keyFile);
fclose(keyFile); fclose(keyFile);
if (ret != derSz) { if (ret != derSz) {
return -5418; ERROR_OUT(-5418, done);
} }
ret = 0;
done:
wc_ecc_free(&userA); wc_ecc_free(&userA);
return 0; return ret;
} }
#endif /* WOLFSSL_KEY_GEN */ #endif /* WOLFSSL_KEY_GEN */
static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount, static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
@ -7010,28 +7017,27 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
ret = wc_ecc_make_key_ex(rng, keySize, &userA, curve_id); ret = wc_ecc_make_key_ex(rng, keySize, &userA, curve_id);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1014, done); goto done;
ret = wc_ecc_check_key(&userA); ret = wc_ecc_check_key(&userA);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1023, done); goto done;
ret = wc_ecc_make_key_ex(rng, keySize, &userB, curve_id); ret = wc_ecc_make_key_ex(rng, keySize, &userB, curve_id);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1002, done); goto done;
#ifdef HAVE_ECC_DHE #ifdef HAVE_ECC_DHE
x = sizeof(sharedA); x = sizeof(sharedA);
ret = wc_ecc_shared_secret(&userA, &userB, sharedA, &x); ret = wc_ecc_shared_secret(&userA, &userB, sharedA, &x);
if (ret != 0) { if (ret != 0) {
printf("wc_ecc_shared_secret %d\n", ret); goto done;
ERROR_OUT(-1015, done);
} }
y = sizeof(sharedB); y = sizeof(sharedB);
ret = wc_ecc_shared_secret(&userB, &userA, sharedB, &y); ret = wc_ecc_shared_secret(&userB, &userA, sharedB, &y);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1003, done); goto done;
if (y != x) if (y != x)
ERROR_OUT(-1004, done); ERROR_OUT(-1004, done);
@ -7044,18 +7050,18 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
x = sizeof(exportBuf); x = sizeof(exportBuf);
ret = wc_ecc_export_x963(&userA, exportBuf, &x); ret = wc_ecc_export_x963(&userA, exportBuf, &x);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1006, done); goto done;
#ifdef HAVE_ECC_KEY_IMPORT #ifdef HAVE_ECC_KEY_IMPORT
ret = wc_ecc_import_x963_ex(exportBuf, x, &pubKey, curve_id); ret = wc_ecc_import_x963_ex(exportBuf, x, &pubKey, curve_id);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1007, done); goto done;
#ifdef HAVE_ECC_DHE #ifdef HAVE_ECC_DHE
y = sizeof(sharedB); y = sizeof(sharedB);
ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y); ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1008, done); goto done;
if (XMEMCMP(sharedA, sharedB, y)) if (XMEMCMP(sharedA, sharedB, y))
ERROR_OUT(-1009, done); ERROR_OUT(-1009, done);
@ -7066,19 +7072,19 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
x = sizeof(exportBuf); x = sizeof(exportBuf);
ret = wc_ecc_export_x963_ex(&userA, exportBuf, &x, 1); ret = wc_ecc_export_x963_ex(&userA, exportBuf, &x, 1);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1010, done); goto done;
wc_ecc_free(&pubKey); wc_ecc_free(&pubKey);
wc_ecc_init(&pubKey); wc_ecc_init(&pubKey);
ret = wc_ecc_import_x963_ex(exportBuf, x, &pubKey, curve_id); ret = wc_ecc_import_x963_ex(exportBuf, x, &pubKey, curve_id);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1011, done); goto done;
#ifdef HAVE_ECC_DHE #ifdef HAVE_ECC_DHE
y = sizeof(sharedB); y = sizeof(sharedB);
ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y); ret = wc_ecc_shared_secret(&userB, &pubKey, sharedB, &y);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1012, done); goto done;
if (XMEMCMP(sharedA, sharedB, y)) if (XMEMCMP(sharedA, sharedB, y))
ERROR_OUT(-1013, done); ERROR_OUT(-1013, done);
@ -7097,16 +7103,15 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
x = sizeof(sig); x = sizeof(sig);
ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, rng, &userA); ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, rng, &userA);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1014, done); goto done;
#ifdef HAVE_ECC_VERIFY #ifdef HAVE_ECC_VERIFY
for (i=0; i<testVerifyCount; i++) { for (i=0; i<testVerifyCount; i++) {
verify = 0; verify = 0;
ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA); ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1015, done); goto done;
if (verify != 1) if (verify != 1)
ERROR_OUT(-1016, done); ERROR_OUT(-1016, done);
} }
@ -7129,7 +7134,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
verify = 0; verify = 0;
ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA); ret = wc_ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1015, done); goto done;
if (verify != 1) if (verify != 1)
ERROR_OUT(-1016, done); ERROR_OUT(-1016, done);
} }
@ -7140,7 +7145,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
x = sizeof(exportBuf); x = sizeof(exportBuf);
ret = wc_ecc_export_private_only(&userA, exportBuf, &x); ret = wc_ecc_export_private_only(&userA, exportBuf, &x);
if (ret != 0) if (ret != 0)
ERROR_OUT(-1017, done); goto done;
#endif /* HAVE_ECC_KEY_EXPORT */ #endif /* HAVE_ECC_KEY_EXPORT */
done: done: