forked from wolfSSL/wolfssl
Fixes for KCAPI ECC verify. Cleanup of the pubkey_raw. Fix KCAPI AES possible used uninitialized.
This commit is contained in:
David Garske
@@ -8670,16 +8670,16 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
|
|||||||
|
|
||||||
#ifdef WOLFSSL_KCAPI_ECC
|
#ifdef WOLFSSL_KCAPI_ECC
|
||||||
if (err == MP_OKAY) {
|
if (err == MP_OKAY) {
|
||||||
byte pubkey_raw[MAX_ECC_BYTES * 2];
|
word32 pubkey_sz = (word32)sizeof(key->pubkey_raw);
|
||||||
word32 pubkey_sz = (word32)sizeof(pubkey_raw);
|
|
||||||
|
|
||||||
err = KcapiEcc_LoadKey(key, pubkey_raw, &pubkey_sz, 1);
|
err = KcapiEcc_LoadKey(key, key->pubkey_raw, &pubkey_sz, 1);
|
||||||
if (err == 0) {
|
if (err == 0) {
|
||||||
err = mp_read_unsigned_bin(res->x, pubkey_raw,
|
err = mp_read_unsigned_bin(res->x, key->pubkey_raw,
|
||||||
pubkey_sz/2);
|
pubkey_sz/2);
|
||||||
}
|
}
|
||||||
if (err == MP_OKAY) {
|
if (err == MP_OKAY) {
|
||||||
err = mp_read_unsigned_bin(res->y, pubkey_raw + pubkey_sz/2,
|
err = mp_read_unsigned_bin(res->y,
|
||||||
|
key->pubkey_raw + pubkey_sz/2,
|
||||||
pubkey_sz/2);
|
pubkey_sz/2);
|
||||||
}
|
}
|
||||||
if (err == MP_OKAY) {
|
if (err == MP_OKAY) {
|
||||||
@@ -9190,14 +9190,14 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
|||||||
|
|
||||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
|
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
|
||||||
/* For SECP256R1 only save raw public key for hardware */
|
/* For SECP256R1 only save raw public key for hardware */
|
||||||
if (curve_id == ECC_SECP256R1 && inLen <= sizeof(key->pubkey_raw)) {
|
if (curve_id == ECC_SECP256R1 && inLen <= (word32)sizeof(key->pubkey_raw)) {
|
||||||
#ifdef HAVE_COMP_KEY
|
#ifdef HAVE_COMP_KEY
|
||||||
if (!compressed)
|
if (!compressed)
|
||||||
#endif
|
#endif
|
||||||
XMEMCPY(key->pubkey_raw, (byte*)in, inLen);
|
XMEMCPY(key->pubkey_raw, (byte*)in, inLen);
|
||||||
}
|
}
|
||||||
#elif defined(WOLFSSL_KCAPI_ECC)
|
#elif defined(WOLFSSL_KCAPI_ECC)
|
||||||
XMEMCPY(key->pubkey_raw + KCAPI_PARAM_SZ, (byte*)in, inLen);
|
XMEMCPY(key->pubkey_raw, (byte*)in, inLen);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (err == MP_OKAY) {
|
if (err == MP_OKAY) {
|
||||||
@@ -9870,11 +9870,11 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
|
|||||||
#elif defined(WOLFSSL_KCAPI_ECC)
|
#elif defined(WOLFSSL_KCAPI_ECC)
|
||||||
if (err == MP_OKAY) {
|
if (err == MP_OKAY) {
|
||||||
word32 keySz = key->dp->size;
|
word32 keySz = key->dp->size;
|
||||||
err = wc_export_int(key->pubkey.x, key->pubkey_raw + KCAPI_PARAM_SZ,
|
err = wc_export_int(key->pubkey.x, key->pubkey_raw,
|
||||||
&keySz, keySz, WC_TYPE_UNSIGNED_BIN);
|
&keySz, keySz, WC_TYPE_UNSIGNED_BIN);
|
||||||
if (err == MP_OKAY) {
|
if (err == MP_OKAY) {
|
||||||
err = wc_export_int(key->pubkey.y,
|
err = wc_export_int(key->pubkey.y,
|
||||||
&key->pubkey_raw[KCAPI_PARAM_SZ + keySz], &keySz, keySz,
|
&key->pubkey_raw[keySz], &keySz, keySz,
|
||||||
WC_TYPE_UNSIGNED_BIN);
|
WC_TYPE_UNSIGNED_BIN);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -235,7 +235,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
byte* data = NULL;
|
byte* data = NULL;
|
||||||
word32 dataSz;
|
word32 dataSz;
|
||||||
int inbuflen, outbuflen;
|
int inbuflen = 0, outbuflen = 0;
|
||||||
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
||||||
|
|
||||||
/* argument checks */
|
/* argument checks */
|
||||||
@@ -336,7 +336,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
byte* data = NULL;
|
byte* data = NULL;
|
||||||
word32 dataSz;
|
word32 dataSz;
|
||||||
int inbuflen, outbuflen;
|
int inbuflen = 0, outbuflen = 0;
|
||||||
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
||||||
|
|
||||||
/* argument checks */
|
/* argument checks */
|
||||||
|
|||||||
@@ -124,11 +124,16 @@ int KcapiEcc_LoadKey(ecc_key* key, byte* pubkey_raw, word32* pubkey_sz,
|
|||||||
|
|
||||||
/* optionally load public key */
|
/* optionally load public key */
|
||||||
if (ret == 0 && pubkey_raw != NULL && pubkey_sz != NULL) {
|
if (ret == 0 && pubkey_raw != NULL && pubkey_sz != NULL) {
|
||||||
ret = (int)kcapi_kpp_keygen(key->handle, pubkey_raw, keySz*2,
|
if (*pubkey_sz < keySz*2) {
|
||||||
KCAPI_ACCESS_HEURISTIC);
|
ret = BUFFER_E;
|
||||||
if (ret >= 0) {
|
}
|
||||||
*pubkey_sz = ret;
|
if (ret == 0) {
|
||||||
ret = 0;
|
ret = (int)kcapi_kpp_keygen(key->handle, pubkey_raw, keySz*2,
|
||||||
|
KCAPI_ACCESS_HEURISTIC);
|
||||||
|
if (ret >= 0) {
|
||||||
|
*pubkey_sz = ret;
|
||||||
|
ret = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -137,7 +142,7 @@ int KcapiEcc_LoadKey(ecc_key* key, byte* pubkey_raw, word32* pubkey_sz,
|
|||||||
key->handle = NULL;
|
key->handle = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
int KcapiEcc_MakeKey(ecc_key* key, int keysize, int curve_id)
|
int KcapiEcc_MakeKey(ecc_key* key, int keysize, int curve_id)
|
||||||
@@ -289,9 +294,13 @@ static int KcapiEcc_SetPrivKey(ecc_key* key)
|
|||||||
WC_TYPE_UNSIGNED_BIN);
|
WC_TYPE_UNSIGNED_BIN);
|
||||||
}
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
ret = kcapi_akcipher_setkey(key->handle, priv, KCAPI_PARAM_SZ + keySz);
|
/* call with NULL to so KCAPI treats incoming data as hash */
|
||||||
|
ret = kcapi_akcipher_setkey(key->handle, NULL, 0);
|
||||||
if (ret >= 0) {
|
if (ret >= 0) {
|
||||||
ret = 0;
|
ret = kcapi_akcipher_setkey(key->handle, priv, KCAPI_PARAM_SZ + keySz);
|
||||||
|
if (ret >= 0) {
|
||||||
|
ret = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -356,6 +365,7 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Using free as this is in an environment that will have it
|
/* Using free as this is in an environment that will have it
|
||||||
* available along with posix_memalign. */
|
* available along with posix_memalign. */
|
||||||
if (buf_aligned != NULL) {
|
if (buf_aligned != NULL) {
|
||||||
@@ -373,20 +383,28 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
|||||||
|
|
||||||
|
|
||||||
#ifdef HAVE_ECC_VERIFY
|
#ifdef HAVE_ECC_VERIFY
|
||||||
int KcapiEcc_SetPubKey(ecc_key* key)
|
static int KcapiEcc_SetPubKey(ecc_key* key)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
int len = KCAPI_PARAM_SZ + key->dp->size * 2;
|
|
||||||
word32 kcapiCurveId;
|
word32 kcapiCurveId;
|
||||||
|
word32 keySz = key->dp->size;
|
||||||
|
byte pub[KCAPI_PARAM_SZ + (MAX_ECC_BYTES * 2)];
|
||||||
|
int pubLen;
|
||||||
|
|
||||||
ret = KcapiEcc_CurveId(key->dp->id, &kcapiCurveId);
|
ret = KcapiEcc_CurveId(key->dp->id, &kcapiCurveId);
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
key->pubkey_raw[0] = ECDSA_KEY_VERSION;
|
pub[0] = ECDSA_KEY_VERSION;
|
||||||
key->pubkey_raw[1] = kcapiCurveId;
|
pub[1] = kcapiCurveId;
|
||||||
|
XMEMCPY(&pub[KCAPI_PARAM_SZ], key->pubkey_raw, keySz * 2);
|
||||||
|
pubLen = KCAPI_PARAM_SZ + (keySz * 2);
|
||||||
|
|
||||||
ret = kcapi_akcipher_setpubkey(key->handle, key->pubkey_raw, len);
|
/* call with NULL to so KCAPI treats incoming data as hash */
|
||||||
|
ret = kcapi_akcipher_setpubkey(key->handle, NULL, 0);
|
||||||
if (ret >= 0) {
|
if (ret >= 0) {
|
||||||
ret = 0;
|
ret = kcapi_akcipher_setpubkey(key->handle, pub, pubLen);
|
||||||
|
if (ret >= 0) {
|
||||||
|
ret = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -400,6 +418,8 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
|||||||
byte* sigHash_aligned = NULL;
|
byte* sigHash_aligned = NULL;
|
||||||
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
||||||
int handleInit = 0;
|
int handleInit = 0;
|
||||||
|
word32 keySz = 0;
|
||||||
|
byte* outbuf = NULL;
|
||||||
|
|
||||||
if (key == NULL || key->dp == NULL) {
|
if (key == NULL || key->dp == NULL) {
|
||||||
ret = BAD_FUNC_ARG;
|
ret = BAD_FUNC_ARG;
|
||||||
@@ -421,15 +441,24 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
|||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
if (ret == 0) {
|
||||||
|
keySz = key->dp->size;
|
||||||
|
ret = posix_memalign((void*)&outbuf, pageSz, keySz * 2);
|
||||||
|
if (ret < 0) {
|
||||||
|
ret = MEMORY_E;
|
||||||
|
}
|
||||||
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
XMEMCPY(sigHash_aligned, sig, sigLen);
|
XMEMCPY(sigHash_aligned, sig, sigLen);
|
||||||
XMEMCPY(sigHash_aligned + sigLen, hash, hashLen);
|
XMEMCPY(sigHash_aligned + sigLen, hash, hashLen);
|
||||||
|
|
||||||
ret = (int)kcapi_akcipher_verify(key->handle, sigHash_aligned,
|
ret = (int)kcapi_akcipher_verify(key->handle, sigHash_aligned,
|
||||||
sigLen + hashLen, NULL, hashLen, KCAPI_ACCESS_HEURISTIC);
|
sigLen + hashLen, outbuf, keySz * 2,
|
||||||
|
KCAPI_ACCESS_HEURISTIC);
|
||||||
if (ret >= 0) {
|
if (ret >= 0) {
|
||||||
ret = 0;
|
ret = 0;
|
||||||
}
|
}
|
||||||
|
(void)outbuf; /* not used */
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Using free as this is in an environment that will have it
|
/* Using free as this is in an environment that will have it
|
||||||
@@ -437,7 +466,10 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
|||||||
if (sigHash_aligned != NULL) {
|
if (sigHash_aligned != NULL) {
|
||||||
free(sigHash_aligned);
|
free(sigHash_aligned);
|
||||||
}
|
}
|
||||||
|
if (outbuf != NULL) {
|
||||||
|
free(outbuf);
|
||||||
|
}
|
||||||
|
|
||||||
if (handleInit) {
|
if (handleInit) {
|
||||||
kcapi_kpp_destroy(key->handle);
|
kcapi_kpp_destroy(key->handle);
|
||||||
key->handle = NULL;
|
key->handle = NULL;
|
||||||
|
|||||||
@@ -466,7 +466,7 @@ struct ecc_key {
|
|||||||
#endif
|
#endif
|
||||||
#ifdef WOLFSSL_KCAPI_ECC
|
#ifdef WOLFSSL_KCAPI_ECC
|
||||||
struct kcapi_handle* handle;
|
struct kcapi_handle* handle;
|
||||||
byte pubkey_raw[KCAPI_PARAM_SZ + MAX_ECC_BYTES * 2];
|
byte pubkey_raw[MAX_ECC_BYTES * 2];
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||||
|
|||||||
@@ -36,8 +36,6 @@
|
|||||||
#define WC_ECCKEY_TYPE_DEFINED
|
#define WC_ECCKEY_TYPE_DEFINED
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
WOLFSSL_LOCAL int KcapiEcc_SetPubKey(ecc_key* key);
|
|
||||||
|
|
||||||
WOLFSSL_LOCAL void KcapiEcc_Free(ecc_key* key);
|
WOLFSSL_LOCAL void KcapiEcc_Free(ecc_key* key);
|
||||||
WOLFSSL_LOCAL int KcapiEcc_MakeKey(ecc_key* key, int keysize, int curve_id);
|
WOLFSSL_LOCAL int KcapiEcc_MakeKey(ecc_key* key, int keysize, int curve_id);
|
||||||
WOLFSSL_LOCAL int KcapiEcc_LoadKey(ecc_key* key, byte* pubkey_raw,
|
WOLFSSL_LOCAL int KcapiEcc_LoadKey(ecc_key* key, byte* pubkey_raw,
|
||||||
|
|||||||
Reference in New Issue
Block a user