forked from wolfSSL/wolfssl
Fixes for KCAPI ECC verify. Cleanup of the pubkey_raw. Fix KCAPI AES possible used uninitialized.
This commit is contained in:
David Garske
@@ -8670,16 +8670,16 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
|
||||
|
||||
#ifdef WOLFSSL_KCAPI_ECC
|
||||
if (err == MP_OKAY) {
|
||||
byte pubkey_raw[MAX_ECC_BYTES * 2];
|
||||
word32 pubkey_sz = (word32)sizeof(pubkey_raw);
|
||||
word32 pubkey_sz = (word32)sizeof(key->pubkey_raw);
|
||||
|
||||
err = KcapiEcc_LoadKey(key, pubkey_raw, &pubkey_sz, 1);
|
||||
err = KcapiEcc_LoadKey(key, key->pubkey_raw, &pubkey_sz, 1);
|
||||
if (err == 0) {
|
||||
err = mp_read_unsigned_bin(res->x, pubkey_raw,
|
||||
err = mp_read_unsigned_bin(res->x, key->pubkey_raw,
|
||||
pubkey_sz/2);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
err = mp_read_unsigned_bin(res->y, pubkey_raw + pubkey_sz/2,
|
||||
err = mp_read_unsigned_bin(res->y,
|
||||
key->pubkey_raw + pubkey_sz/2,
|
||||
pubkey_sz/2);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
@@ -9190,14 +9190,14 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
|
||||
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
|
||||
/* For SECP256R1 only save raw public key for hardware */
|
||||
if (curve_id == ECC_SECP256R1 && inLen <= sizeof(key->pubkey_raw)) {
|
||||
if (curve_id == ECC_SECP256R1 && inLen <= (word32)sizeof(key->pubkey_raw)) {
|
||||
#ifdef HAVE_COMP_KEY
|
||||
if (!compressed)
|
||||
#endif
|
||||
XMEMCPY(key->pubkey_raw, (byte*)in, inLen);
|
||||
}
|
||||
#elif defined(WOLFSSL_KCAPI_ECC)
|
||||
XMEMCPY(key->pubkey_raw + KCAPI_PARAM_SZ, (byte*)in, inLen);
|
||||
XMEMCPY(key->pubkey_raw, (byte*)in, inLen);
|
||||
#endif
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
@@ -9870,11 +9870,11 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
|
||||
#elif defined(WOLFSSL_KCAPI_ECC)
|
||||
if (err == MP_OKAY) {
|
||||
word32 keySz = key->dp->size;
|
||||
err = wc_export_int(key->pubkey.x, key->pubkey_raw + KCAPI_PARAM_SZ,
|
||||
err = wc_export_int(key->pubkey.x, key->pubkey_raw,
|
||||
&keySz, keySz, WC_TYPE_UNSIGNED_BIN);
|
||||
if (err == MP_OKAY) {
|
||||
err = wc_export_int(key->pubkey.y,
|
||||
&key->pubkey_raw[KCAPI_PARAM_SZ + keySz], &keySz, keySz,
|
||||
&key->pubkey_raw[keySz], &keySz, keySz,
|
||||
WC_TYPE_UNSIGNED_BIN);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -235,7 +235,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
int ret = 0;
|
||||
byte* data = NULL;
|
||||
word32 dataSz;
|
||||
int inbuflen, outbuflen;
|
||||
int inbuflen = 0, outbuflen = 0;
|
||||
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
||||
|
||||
/* argument checks */
|
||||
@@ -336,7 +336,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
int ret = 0;
|
||||
byte* data = NULL;
|
||||
word32 dataSz;
|
||||
int inbuflen, outbuflen;
|
||||
int inbuflen = 0, outbuflen = 0;
|
||||
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
||||
|
||||
/* argument checks */
|
||||
|
||||
@@ -124,11 +124,16 @@ int KcapiEcc_LoadKey(ecc_key* key, byte* pubkey_raw, word32* pubkey_sz,
|
||||
|
||||
/* optionally load public key */
|
||||
if (ret == 0 && pubkey_raw != NULL && pubkey_sz != NULL) {
|
||||
ret = (int)kcapi_kpp_keygen(key->handle, pubkey_raw, keySz*2,
|
||||
KCAPI_ACCESS_HEURISTIC);
|
||||
if (ret >= 0) {
|
||||
*pubkey_sz = ret;
|
||||
ret = 0;
|
||||
if (*pubkey_sz < keySz*2) {
|
||||
ret = BUFFER_E;
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = (int)kcapi_kpp_keygen(key->handle, pubkey_raw, keySz*2,
|
||||
KCAPI_ACCESS_HEURISTIC);
|
||||
if (ret >= 0) {
|
||||
*pubkey_sz = ret;
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -289,9 +294,13 @@ static int KcapiEcc_SetPrivKey(ecc_key* key)
|
||||
WC_TYPE_UNSIGNED_BIN);
|
||||
}
|
||||
if (ret == 0) {
|
||||
ret = kcapi_akcipher_setkey(key->handle, priv, KCAPI_PARAM_SZ + keySz);
|
||||
/* call with NULL to so KCAPI treats incoming data as hash */
|
||||
ret = kcapi_akcipher_setkey(key->handle, NULL, 0);
|
||||
if (ret >= 0) {
|
||||
ret = 0;
|
||||
ret = kcapi_akcipher_setkey(key->handle, priv, KCAPI_PARAM_SZ + keySz);
|
||||
if (ret >= 0) {
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -356,6 +365,7 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Using free as this is in an environment that will have it
|
||||
* available along with posix_memalign. */
|
||||
if (buf_aligned != NULL) {
|
||||
@@ -373,20 +383,28 @@ int KcapiEcc_Sign(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
||||
|
||||
|
||||
#ifdef HAVE_ECC_VERIFY
|
||||
int KcapiEcc_SetPubKey(ecc_key* key)
|
||||
static int KcapiEcc_SetPubKey(ecc_key* key)
|
||||
{
|
||||
int ret;
|
||||
int len = KCAPI_PARAM_SZ + key->dp->size * 2;
|
||||
word32 kcapiCurveId;
|
||||
word32 keySz = key->dp->size;
|
||||
byte pub[KCAPI_PARAM_SZ + (MAX_ECC_BYTES * 2)];
|
||||
int pubLen;
|
||||
|
||||
ret = KcapiEcc_CurveId(key->dp->id, &kcapiCurveId);
|
||||
if (ret == 0) {
|
||||
key->pubkey_raw[0] = ECDSA_KEY_VERSION;
|
||||
key->pubkey_raw[1] = kcapiCurveId;
|
||||
pub[0] = ECDSA_KEY_VERSION;
|
||||
pub[1] = kcapiCurveId;
|
||||
XMEMCPY(&pub[KCAPI_PARAM_SZ], key->pubkey_raw, keySz * 2);
|
||||
pubLen = KCAPI_PARAM_SZ + (keySz * 2);
|
||||
|
||||
ret = kcapi_akcipher_setpubkey(key->handle, key->pubkey_raw, len);
|
||||
/* call with NULL to so KCAPI treats incoming data as hash */
|
||||
ret = kcapi_akcipher_setpubkey(key->handle, NULL, 0);
|
||||
if (ret >= 0) {
|
||||
ret = 0;
|
||||
ret = kcapi_akcipher_setpubkey(key->handle, pub, pubLen);
|
||||
if (ret >= 0) {
|
||||
ret = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -400,6 +418,8 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
||||
byte* sigHash_aligned = NULL;
|
||||
size_t pageSz = (size_t)sysconf(_SC_PAGESIZE);
|
||||
int handleInit = 0;
|
||||
word32 keySz = 0;
|
||||
byte* outbuf = NULL;
|
||||
|
||||
if (key == NULL || key->dp == NULL) {
|
||||
ret = BAD_FUNC_ARG;
|
||||
@@ -421,15 +441,24 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (ret == 0) {
|
||||
keySz = key->dp->size;
|
||||
ret = posix_memalign((void*)&outbuf, pageSz, keySz * 2);
|
||||
if (ret < 0) {
|
||||
ret = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (ret == 0) {
|
||||
XMEMCPY(sigHash_aligned, sig, sigLen);
|
||||
XMEMCPY(sigHash_aligned + sigLen, hash, hashLen);
|
||||
|
||||
ret = (int)kcapi_akcipher_verify(key->handle, sigHash_aligned,
|
||||
sigLen + hashLen, NULL, hashLen, KCAPI_ACCESS_HEURISTIC);
|
||||
sigLen + hashLen, outbuf, keySz * 2,
|
||||
KCAPI_ACCESS_HEURISTIC);
|
||||
if (ret >= 0) {
|
||||
ret = 0;
|
||||
}
|
||||
(void)outbuf; /* not used */
|
||||
}
|
||||
|
||||
/* Using free as this is in an environment that will have it
|
||||
@@ -437,6 +466,9 @@ int KcapiEcc_Verify(ecc_key* key, const byte* hash, word32 hashLen, byte* sig,
|
||||
if (sigHash_aligned != NULL) {
|
||||
free(sigHash_aligned);
|
||||
}
|
||||
if (outbuf != NULL) {
|
||||
free(outbuf);
|
||||
}
|
||||
|
||||
if (handleInit) {
|
||||
kcapi_kpp_destroy(key->handle);
|
||||
|
||||
@@ -466,7 +466,7 @@ struct ecc_key {
|
||||
#endif
|
||||
#ifdef WOLFSSL_KCAPI_ECC
|
||||
struct kcapi_handle* handle;
|
||||
byte pubkey_raw[KCAPI_PARAM_SZ + MAX_ECC_BYTES * 2];
|
||||
byte pubkey_raw[MAX_ECC_BYTES * 2];
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
|
||||
@@ -36,8 +36,6 @@
|
||||
#define WC_ECCKEY_TYPE_DEFINED
|
||||
#endif
|
||||
|
||||
WOLFSSL_LOCAL int KcapiEcc_SetPubKey(ecc_key* key);
|
||||
|
||||
WOLFSSL_LOCAL void KcapiEcc_Free(ecc_key* key);
|
||||
WOLFSSL_LOCAL int KcapiEcc_MakeKey(ecc_key* key, int keysize, int curve_id);
|
||||
WOLFSSL_LOCAL int KcapiEcc_LoadKey(ecc_key* key, byte* pubkey_raw,
|
||||
|
||||
Reference in New Issue
Block a user