forked from wolfSSL/wolfssl
RSA fips mode
This commit is contained in:
toddouska
@@ -800,7 +800,11 @@ void bench_rsa(void)
|
||||
printf("InitRNG failed\n");
|
||||
return;
|
||||
}
|
||||
InitRsaKey(&rsaKey, 0);
|
||||
ret = InitRsaKey(&rsaKey, 0);
|
||||
if (ret < 0) {
|
||||
printf("InitRsaKey failed\n");
|
||||
return;
|
||||
}
|
||||
ret = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes);
|
||||
|
||||
start = current_time(1);
|
||||
|
||||
@@ -2759,7 +2759,8 @@ static int ConfirmSignature(const byte* buf, word32 bufSz,
|
||||
return 0;
|
||||
}
|
||||
|
||||
InitRsaKey(&pubKey, heap);
|
||||
ret = InitRsaKey(&pubKey, heap);
|
||||
if (ret != 0) return ret;
|
||||
if (RsaPublicKeyDecode(key, &idx, &pubKey, keySz) < 0) {
|
||||
CYASSL_MSG("ASN Key decode error RSA");
|
||||
ret = 0;
|
||||
|
||||
@@ -434,7 +434,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
attribSetSz = SetSet(flatSignedAttribsSz, attribSet);
|
||||
|
||||
ret = InitSha(&esd.sha);
|
||||
if (result < 0) {
|
||||
if (ret < 0) {
|
||||
XFREE(flatSignedAttribs, 0, NULL);
|
||||
return ret;
|
||||
}
|
||||
@@ -458,9 +458,10 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
XMEMCPY(digestInfo + digIdx, esd.contentAttribsDigest, SHA_DIGEST_SIZE);
|
||||
digIdx += SHA_DIGEST_SIZE;
|
||||
|
||||
InitRsaKey(&privKey, NULL);
|
||||
result = RsaPrivateKeyDecode(pkcs7->privateKey, &scratch, &privKey,
|
||||
pkcs7->privateKeySz);
|
||||
result = InitRsaKey(&privKey, NULL);
|
||||
if (result == 0)
|
||||
result = RsaPrivateKeyDecode(pkcs7->privateKey, &scratch, &privKey,
|
||||
pkcs7->privateKeySz);
|
||||
if (result < 0) {
|
||||
XFREE(flatSignedAttribs, 0, NULL);
|
||||
return PUBLIC_KEY_E;
|
||||
@@ -580,7 +581,7 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
|
||||
{
|
||||
word32 idx, contentType;
|
||||
int length, version;
|
||||
int length, version, ret;
|
||||
byte* content = NULL;
|
||||
byte* sig = NULL;
|
||||
byte* cert = NULL;
|
||||
@@ -781,7 +782,8 @@ int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
|
||||
pkcs7->content = content;
|
||||
pkcs7->contentSz = contentSz;
|
||||
|
||||
InitRsaKey(&key, NULL);
|
||||
ret = InitRsaKey(&key, NULL);
|
||||
if (ret != 0) return ret;
|
||||
if (RsaPublicKeyDecode(pkcs7->publicKey, &scratch, &key,
|
||||
pkcs7->publicKeySz) < 0) {
|
||||
CYASSL_MSG("ASN RSA key decode error");
|
||||
@@ -859,7 +861,8 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
/* EncryptedKey */
|
||||
InitRsaKey(&pubKey, 0);
|
||||
ret = InitRsaKey(&pubKey, 0);
|
||||
if (ret != 0) return ret;
|
||||
if (RsaPublicKeyDecode(decoded.publicKey, &idx, &pubKey,
|
||||
decoded.pubKeySize) < 0) {
|
||||
CYASSL_MSG("ASN RSA key decode error");
|
||||
@@ -1045,7 +1048,7 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
||||
ret = Des_SetKey(&des, contentKeyPlain, tmpIv, DES_ENCRYPTION);
|
||||
|
||||
if (ret == 0)
|
||||
ret = Des_CbcEncrypt(&des, encryptedContent, plain, desOutSz);
|
||||
Des_CbcEncrypt(&des, encryptedContent, plain, desOutSz);
|
||||
|
||||
if (ret != 0) {
|
||||
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
@@ -1178,7 +1181,8 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
/* load private key */
|
||||
InitRsaKey(&privKey, 0);
|
||||
ret = InitRsaKey(&privKey, 0);
|
||||
if (ret != 0) return ret;
|
||||
ret = RsaPrivateKeyDecode(pkcs7->privateKey, &idx, &privKey,
|
||||
pkcs7->privateKeySz);
|
||||
if (ret != 0) {
|
||||
@@ -1337,7 +1341,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
||||
ret = Des_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION);
|
||||
|
||||
if (ret == 0)
|
||||
ret = Des_CbcDecrypt(&des, encryptedContent, encryptedContent,
|
||||
Des_CbcDecrypt(&des, encryptedContent, encryptedContent,
|
||||
encryptedContentSz);
|
||||
|
||||
if (ret != 0) {
|
||||
|
||||
@@ -28,6 +28,11 @@
|
||||
|
||||
#ifndef NO_RSA
|
||||
|
||||
#ifdef HAVE_FIPS
|
||||
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
|
||||
#define FIPS_NO_WRAPPERS
|
||||
#endif
|
||||
|
||||
#include <cyassl/ctaocrypt/rsa.h>
|
||||
#include <cyassl/ctaocrypt/random.h>
|
||||
#include <cyassl/ctaocrypt/error-crypt.h>
|
||||
@@ -42,8 +47,8 @@
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
static void InitCaviumRsaKey(RsaKey* key, void* heap);
|
||||
static void FreeCaviumRsaKey(RsaKey* key);
|
||||
static int InitCaviumRsaKey(RsaKey* key, void* heap);
|
||||
static int FreeCaviumRsaKey(RsaKey* key);
|
||||
static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key);
|
||||
static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
|
||||
@@ -70,7 +75,7 @@ enum {
|
||||
};
|
||||
|
||||
|
||||
void InitRsaKey(RsaKey* key, void* heap)
|
||||
int InitRsaKey(RsaKey* key, void* heap)
|
||||
{
|
||||
#ifdef HAVE_CAVIUM
|
||||
if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
|
||||
@@ -88,10 +93,12 @@ void InitRsaKey(RsaKey* key, void* heap)
|
||||
key->q.dp = key->dP.dp = 0;
|
||||
key->u.dp = key->dQ.dp = 0;
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
void FreeRsaKey(RsaKey* key)
|
||||
int FreeRsaKey(RsaKey* key)
|
||||
{
|
||||
(void)key;
|
||||
|
||||
@@ -113,6 +120,8 @@ void FreeRsaKey(RsaKey* key)
|
||||
mp_clear(&key->e);
|
||||
mp_clear(&key->n);
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
|
||||
@@ -664,10 +673,10 @@ void RsaFreeCavium(RsaKey* rsa)
|
||||
|
||||
|
||||
/* Initialize cavium RSA key */
|
||||
static void InitCaviumRsaKey(RsaKey* key, void* heap)
|
||||
static int InitCaviumRsaKey(RsaKey* key, void* heap)
|
||||
{
|
||||
if (key == NULL)
|
||||
return;
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
key->heap = heap;
|
||||
key->type = -1; /* don't know yet */
|
||||
@@ -689,14 +698,16 @@ static void InitCaviumRsaKey(RsaKey* key, void* heap)
|
||||
key->c_dP_Sz = 0;
|
||||
key->c_dQ_Sz = 0;
|
||||
key->c_uSz = 0;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Free cavium RSA key */
|
||||
static void FreeCaviumRsaKey(RsaKey* key)
|
||||
static int FreeCaviumRsaKey(RsaKey* key)
|
||||
{
|
||||
if (key == NULL)
|
||||
return;
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
XFREE(key->c_n, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_e, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
@@ -707,7 +718,7 @@ static void FreeCaviumRsaKey(RsaKey* key)
|
||||
XFREE(key->c_dQ, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
XFREE(key->c_u, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
||||
|
||||
InitCaviumRsaKey(key, key->heap); /* reset pointers */
|
||||
return InitCaviumRsaKey(key, key->heap); /* reset pointers */
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -2681,7 +2681,8 @@ int rsa_test(void)
|
||||
#ifdef HAVE_CAVIUM
|
||||
RsaInitCavium(&key, CAVIUM_DEV_ID);
|
||||
#endif
|
||||
InitRsaKey(&key, 0);
|
||||
ret = InitRsaKey(&key, 0);
|
||||
if (ret != 0) return -39;
|
||||
ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
|
||||
if (ret != 0) return -41;
|
||||
|
||||
@@ -2751,7 +2752,8 @@ int rsa_test(void)
|
||||
FILE* keyFile;
|
||||
FILE* pemFile;
|
||||
|
||||
InitRsaKey(&genKey, 0);
|
||||
ret = InitRsaKey(&genKey, 0);
|
||||
if (ret != 0) return -300;
|
||||
ret = MakeRsaKey(&genKey, 1024, 65537, &rng);
|
||||
if (ret != 0)
|
||||
return -301;
|
||||
@@ -2783,7 +2785,8 @@ int rsa_test(void)
|
||||
ret = (int)fwrite(pem, pemSz, 1, pemFile);
|
||||
fclose(pemFile);
|
||||
|
||||
InitRsaKey(&derIn, 0);
|
||||
ret = InitRsaKey(&derIn, 0);
|
||||
if (ret != 0) return -3060;
|
||||
idx = 0;
|
||||
ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
|
||||
if (ret != 0)
|
||||
@@ -2891,7 +2894,8 @@ int rsa_test(void)
|
||||
bytes3 = fread(tmp, 1, FOURK_BUF, file3);
|
||||
fclose(file3);
|
||||
|
||||
InitRsaKey(&caKey, 0);
|
||||
ret = InitRsaKey(&caKey, 0);
|
||||
if (ret != 0) return -411;
|
||||
ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
|
||||
if (ret != 0) return -413;
|
||||
|
||||
@@ -3092,7 +3096,8 @@ int rsa_test(void)
|
||||
bytes = fread(tmp, 1, FOURK_BUF, caFile);
|
||||
fclose(caFile);
|
||||
|
||||
InitRsaKey(&caKey, 0);
|
||||
ret = InitRsaKey(&caKey, 0);
|
||||
if (ret != 0) return -459;
|
||||
ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes);
|
||||
if (ret != 0) return -454;
|
||||
|
||||
|
||||
@@ -61,8 +61,8 @@ typedef struct RsaKey {
|
||||
} RsaKey;
|
||||
|
||||
|
||||
CYASSL_API void InitRsaKey(RsaKey* key, void*);
|
||||
CYASSL_API void FreeRsaKey(RsaKey* key);
|
||||
CYASSL_API int InitRsaKey(RsaKey* key, void*);
|
||||
CYASSL_API int FreeRsaKey(RsaKey* key);
|
||||
|
||||
CYASSL_API int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key, RNG* rng);
|
||||
@@ -93,6 +93,46 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*,
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef HAVE_FIPS
|
||||
/* fips wrapper calls, user can call direct */
|
||||
CYASSL_API int InitRsaKey_fips(RsaKey* key, void*);
|
||||
CYASSL_API int FreeRsaKey_fips(RsaKey* key);
|
||||
|
||||
CYASSL_API int RsaPublicEncrypt_fips(const byte* in,word32 inLen,byte* out,
|
||||
word32 outLen, RsaKey* key, RNG* rng);
|
||||
CYASSL_API int RsaPrivateDecryptInline_fips(byte* in, word32 inLen,
|
||||
byte** out, RsaKey* key);
|
||||
CYASSL_API int RsaPrivateDecrypt_fips(const byte* in, word32 inLen,
|
||||
byte* out,word32 outLen,RsaKey* key);
|
||||
CYASSL_API int RsaSSL_Sign_fips(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key, RNG* rng);
|
||||
CYASSL_API int RsaSSL_VerifyInline_fips(byte* in, word32 inLen, byte** out,
|
||||
RsaKey* key);
|
||||
CYASSL_API int RsaSSL_Verify_fips(const byte* in, word32 inLen, byte* out,
|
||||
word32 outLen, RsaKey* key);
|
||||
CYASSL_API int RsaEncryptSize_fips(RsaKey* key);
|
||||
|
||||
CYASSL_API int RsaPrivateKeyDecode_fips(const byte* input, word32* inOutIdx,
|
||||
RsaKey*, word32);
|
||||
CYASSL_API int RsaPublicKeyDecode_fips(const byte* input, word32* inOutIdx,
|
||||
RsaKey*, word32);
|
||||
#ifndef FIPS_NO_WRAPPERS
|
||||
/* if not impl or fips.c impl wrapper force fips calls if fips build */
|
||||
#define InitRsaKey InitRsaKey_fips
|
||||
#define FreeRsaKey FreeRsaKey_fips
|
||||
#define RsaPublicEncrypt RsaPublicEncrypt_fips
|
||||
#define RsaPrivateDecryptInline RsaPrivateDecryptInline_fips
|
||||
#define RsaPrivateDecrypt RsaPrivateDecrypt_fips
|
||||
#define RsaSSL_Sign RsaSSL_Sign_fips
|
||||
#define RsaSSL_VerifyInline RsaSSL_VerifyInline_fips
|
||||
#define RsaSSL_Verify RsaSSL_Verify_fips
|
||||
#define RsaEncryptSize RsaEncryptSize_fips
|
||||
/* no implicit KeyDecodes since in asn.c (not rsa.c) */
|
||||
#endif /* FIPS_NO_WRAPPERS */
|
||||
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
@@ -461,9 +461,7 @@ int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa)
|
||||
if (rsa->holder == NULL)
|
||||
return -1;
|
||||
|
||||
InitRsaKey((RsaKey*)rsa->holder, NULL);
|
||||
|
||||
return 0;
|
||||
return InitRsaKey((RsaKey*)rsa->holder, NULL);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -1219,8 +1219,9 @@ static int check_rsa(void)
|
||||
byte out1[256];
|
||||
byte out2[256];
|
||||
|
||||
InitRsaKey(&defRsa, NULL);
|
||||
ret = CRYPT_RSA_Initialize(&mcRsa);
|
||||
ret = InitRsaKey(&defRsa, NULL);
|
||||
if (ret == 0)
|
||||
ret = CRYPT_RSA_Initialize(&mcRsa);
|
||||
if (ret != 0) {
|
||||
printf("mcapi rsa init failed\n");
|
||||
return -1;
|
||||
|
||||
@@ -1696,7 +1696,8 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
|
||||
CYASSL_MSG("PeerRsaKey Memory error");
|
||||
return MEMORY_E;
|
||||
}
|
||||
InitRsaKey(ssl->peerRsaKey, ctx->heap);
|
||||
ret = InitRsaKey(ssl->peerRsaKey, ctx->heap);
|
||||
if (ret != 0) return ret;
|
||||
#endif
|
||||
#ifndef NO_CERTS
|
||||
/* make sure server has cert and key unless using PSK */
|
||||
@@ -8483,6 +8484,7 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
word32 sigOutSz = 0;
|
||||
#ifndef NO_RSA
|
||||
RsaKey key;
|
||||
int initRsaKey = 0;
|
||||
#endif
|
||||
int usingEcc = 0;
|
||||
#ifdef HAVE_ECC
|
||||
@@ -8508,9 +8510,11 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
ecc_init(&eccKey);
|
||||
#endif
|
||||
#ifndef NO_RSA
|
||||
InitRsaKey(&key, ssl->heap);
|
||||
ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key,
|
||||
ssl->buffers.key.length);
|
||||
ret = InitRsaKey(&key, ssl->heap);
|
||||
if (ret == 0) initRsaKey = 1;
|
||||
if (ret == 0)
|
||||
ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key,
|
||||
ssl->buffers.key.length);
|
||||
if (ret == 0)
|
||||
sigOutSz = RsaEncryptSize(&key);
|
||||
else
|
||||
@@ -8711,7 +8715,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
}
|
||||
}
|
||||
#ifndef NO_RSA
|
||||
FreeRsaKey(&key);
|
||||
if (initRsaKey)
|
||||
FreeRsaKey(&key);
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
ecc_free(&eccKey);
|
||||
@@ -8960,7 +8965,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
preSigIdx = idx;
|
||||
|
||||
#ifndef NO_RSA
|
||||
InitRsaKey(&rsaKey, ssl->heap);
|
||||
ret = InitRsaKey(&rsaKey, ssl->heap);
|
||||
if (ret != 0) return ret;
|
||||
#endif
|
||||
ecc_init(&dsaKey);
|
||||
|
||||
@@ -9293,7 +9299,10 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
&ssl->buffers.serverDH_Pub.length);
|
||||
FreeDhKey(&dhKey);
|
||||
|
||||
InitRsaKey(&rsaKey, ssl->heap);
|
||||
if (ret == 0) {
|
||||
ret = InitRsaKey(&rsaKey, ssl->heap);
|
||||
if (ret != 0) return ret;
|
||||
}
|
||||
if (ret == 0) {
|
||||
length = LENGTH_SZ * 3; /* p, g, pub */
|
||||
length += ssl->buffers.serverDH_P.length +
|
||||
@@ -10807,7 +10816,8 @@ static void PickHashSigAlgo(CYASSL* ssl,
|
||||
doUserRsa = 1;
|
||||
#endif
|
||||
|
||||
InitRsaKey(&key, ssl->heap);
|
||||
ret = InitRsaKey(&key, ssl->heap);
|
||||
if (ret != 0) return ret;
|
||||
|
||||
if (ssl->buffers.key.buffer)
|
||||
ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx,
|
||||
|
||||
@@ -1044,9 +1044,9 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
|
||||
RsaKey key;
|
||||
int ret;
|
||||
|
||||
InitRsaKey(&key, 0);
|
||||
|
||||
ret = RsaPrivateKeyDecode(session->context->ctx->privateKey.buffer,
|
||||
ret = InitRsaKey(&key, 0);
|
||||
if (ret == 0)
|
||||
ret = RsaPrivateKeyDecode(session->context->ctx->privateKey.buffer,
|
||||
&idx, &key, session->context->ctx->privateKey.length);
|
||||
if (ret == 0) {
|
||||
int length = RsaEncryptSize(&key);
|
||||
|
||||
10
src/ssl.c
10
src/ssl.c
@@ -2121,7 +2121,8 @@ int CyaSSL_Init(void)
|
||||
RsaKey key;
|
||||
word32 idx = 0;
|
||||
|
||||
InitRsaKey(&key, 0);
|
||||
ret = InitRsaKey(&key, 0);
|
||||
if (ret != 0) return ret;
|
||||
if (RsaPrivateKeyDecode(der.buffer,&idx,&key,der.length) != 0) {
|
||||
#ifdef HAVE_ECC
|
||||
/* could have DER ECC (or pkcs8 ecc), no easy way to tell */
|
||||
@@ -10341,7 +10342,12 @@ static int initGlobalRNG = 0;
|
||||
}
|
||||
|
||||
InitCyaSSL_Rsa(external);
|
||||
InitRsaKey(key, NULL);
|
||||
if (InitRsaKey(key, NULL) != 0) {
|
||||
CYASSL_MSG("InitRsaKey CYASSL_RSA failure");
|
||||
XFREE(external, NULL, DYNAMIC_TYPE_RSA);
|
||||
XFREE(key, NULL, DYNAMIC_TYPE_RSA);
|
||||
return NULL;
|
||||
}
|
||||
external->internal = key;
|
||||
|
||||
return external;
|
||||
|
||||
Reference in New Issue
Block a user