feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Set ecc_key.rng when using ECC_TIMING_RESISTANT

Browse Source 
Set ecc_key.rng to either a local rng struct or the globalRNG object when using ECC_TIMING_RESISTANT
Add helpful logs to some ecc functions
This commit is contained in:
Juliusz Sosinowicz
2020-11-20 17:49:14 +01:00
parent c57fee136a
commit cd4affddac
2 changed files with 68 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/ssl.c
View File

@ -36871,6 +36871,10 @@ int wolfSSL_ECDH_compute_key(void *out, size_t outlen,
(void)KDF; (void)KDF;
(void)KDF; (void)KDF;
ecc_key* key;
#ifdef ECC_TIMING_RESISTANT
int setGlobalRNG = 0;
#endif
WOLFSSL_ENTER("wolfSSL_ECDH_compute_key"); WOLFSSL_ENTER("wolfSSL_ECDH_compute_key");
@ -36892,14 +36896,31 @@ int wolfSSL_ECDH_compute_key(void *out, size_t outlen,
} }
len = (word32)outlen; len = (word32)outlen;
key = (ecc_key*)ecdh->internal;
if (wc_ecc_shared_secret_ssh((ecc_key*)ecdh->internal, #ifdef ECC_TIMING_RESISTANT
if (key->rng == NULL) {
if (initGlobalRNG == 0 && wolfSSL_RAND_Init() != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("No RNG to use");
return WOLFSSL_FATAL_ERROR;
}
key->rng = &globalRNG;
setGlobalRNG = 1;
}
#endif
if (wc_ecc_shared_secret_ssh(key,
(ecc_point*)pub_key->internal, (ecc_point*)pub_key->internal,
(byte *)out, &len) != MP_OKAY) { (byte *)out, &len) != MP_OKAY) {
WOLFSSL_MSG("wc_ecc_shared_secret failed"); WOLFSSL_MSG("wc_ecc_shared_secret failed");
return WOLFSSL_FATAL_ERROR; return WOLFSSL_FATAL_ERROR;
} }
#ifdef ECC_TIMING_RESISTANT
if (setGlobalRNG)
key->rng = NULL;
#endif
return len; return len;
} }
/* End ECDH */ /* End ECDH */

47
wolfcrypt/src/ecc.c
View File

@ -3809,6 +3809,7 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
#ifdef HAVE_ECC_CDH #ifdef HAVE_ECC_CDH
mp_int k_lcl; mp_int k_lcl;
WOLFSSL_ENTER("wc_ecc_shared_secret_gen_sync");
/* if cofactor flag has been set */ /* if cofactor flag has been set */
if (private_key->flags & WC_ECC_FLAG_COFACTOR) { if (private_key->flags & WC_ECC_FLAG_COFACTOR) {
mp_digit cofactor = (mp_digit)private_key->dp->cofactor; mp_digit cofactor = (mp_digit)private_key->dp->cofactor;
@ -3825,6 +3826,8 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
} }
} }
} }
#else
WOLFSSL_ENTER("wc_ecc_shared_secret_gen_sync");
#endif #endif
#ifdef WOLFSSL_HAVE_SP_ECC #ifdef WOLFSSL_HAVE_SP_ECC
@ -3909,6 +3912,8 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
mp_clear(k); mp_clear(k);
#endif #endif
WOLFSSL_LEAVE("wc_ecc_shared_secret_gen_sync", err);
return err; return err;
} }
@ -4030,6 +4035,14 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
byte* out, word32 *outlen) byte* out, word32 *outlen)
{ {
int err; int err;
#ifdef ECC_TIMING_RESISTANT
int initTmpRng = 0;
#ifdef WOLFSSL_SMALL_STACK
WC_RNG *tmpRNG = NULL;
#else
WC_RNG tmpRNG[1];
#endif
#endif
if (private_key == NULL || point == NULL || out == NULL || if (private_key == NULL || point == NULL || out == NULL ||
outlen == NULL) { outlen == NULL) {
@ -4039,20 +4052,50 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
/* type valid? */ /* type valid? */
if (private_key->type != ECC_PRIVATEKEY && if (private_key->type != ECC_PRIVATEKEY &&
private_key->type != ECC_PRIVATEKEY_ONLY) { private_key->type != ECC_PRIVATEKEY_ONLY) {
WOLFSSL_MSG("ECC_BAD_ARG_E");
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
} }
/* Verify domain params supplied */ /* Verify domain params supplied */
if (wc_ecc_is_valid_idx(private_key->idx) == 0) if (wc_ecc_is_valid_idx(private_key->idx) == 0) {
WOLFSSL_MSG("wc_ecc_is_valid_idx failed");
return ECC_BAD_ARG_E; return ECC_BAD_ARG_E;
}
switch(private_key->state) { switch(private_key->state) {
case ECC_STATE_NONE: case ECC_STATE_NONE:
case ECC_STATE_SHARED_SEC_GEN: case ECC_STATE_SHARED_SEC_GEN:
private_key->state = ECC_STATE_SHARED_SEC_GEN; private_key->state = ECC_STATE_SHARED_SEC_GEN;
#ifdef ECC_TIMING_RESISTANT
if (private_key->rng == NULL) {
#ifdef WOLFSSL_SMALL_STACK
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG);
if (tmpRNG == NULL)
return WOLFSSL_FAILURE;
#endif
if ((err = wc_InitRng(tmpRNG)) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);
#endif
break;
}
private_key->rng = tmpRNG;
initTmpRng = 1;
}
#endif
err = wc_ecc_shared_secret_gen(private_key, point, out, outlen); err = wc_ecc_shared_secret_gen(private_key, point, out, outlen);
#ifdef ECC_TIMING_RESISTANT
if (initTmpRng) {
wc_FreeRng(tmpRNG);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpRNG, NULL, DYNAMIC_TYPE_RNG);
#endif
private_key->rng = NULL;
}
#endif
if (err < 0) { if (err < 0) {
WOLFSSL_MSG("wc_ecc_shared_secret_gen failed");
break; break;
} }
FALL_THROUGH; FALL_THROUGH;
@ -4078,6 +4121,8 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
err = BAD_STATE_E; err = BAD_STATE_E;
} /* switch */ } /* switch */
WOLFSSL_LEAVE("wc_ecc_shared_secret_ex", err);
/* if async pending then return and skip done cleanup below */ /* if async pending then return and skip done cleanup below */
if (err == WC_PENDING_E) { if (err == WC_PENDING_E) {
private_key->state++; private_key->state++;