feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

ECC sign_k: don't have it dynamically allocated

Browse Source
This commit is contained in:
Sean Parkinson
2022-09-02 09:18:42 +10:00
parent 23fd6456c2
commit cef590131a
2 changed files with 28 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
wolfcrypt/src/ecc.c
View File

@ -5615,6 +5615,14 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
} }
#endif /* ALT_ECC_SIZE */ #endif /* ALT_ECC_SIZE */
#endif /* WOLFSSL_ATECC508A */ #endif /* WOLFSSL_ATECC508A */
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
ret = mp_init(&key->sign_k);
if (ret != MP_OKAY) {
return MEMORY_E;
}
#endif
#ifdef WOLFSSL_HEAP_TEST #ifdef WOLFSSL_HEAP_TEST
key->heap = (void*)WOLFSSL_HEAP_TEST; key->heap = (void*)WOLFSSL_HEAP_TEST;
@ -6070,33 +6078,14 @@ static int deterministic_sign_helper(const byte* in, word32 inlen, ecc_key* key)
} }
if (err == MP_OKAY) { if (err == MP_OKAY) {
/* if key->sign_k is NULL then create a buffer for the mp_int key->sign_k_set = 0;
* if not NULL then assume the user correctly set deterministic flag and /* currently limiting to SHA256 for auto create */
* that the key->sign_k holds a previously malloc'd mp_int buffer */ if (wc_ecc_gen_deterministic_k(in, inlen, WC_HASH_TYPE_SHA256, &key->k,
if (key->sign_k == NULL) { &key->sign_k, curve->order, key->heap) != 0) {
key->sign_k = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, err = ECC_PRIV_KEY_E;
DYNAMIC_TYPE_ECC);
}
if (key->sign_k != NULL) {
/* currently limiting to SHA256 for auto create */
if (mp_init(key->sign_k) != MP_OKAY ||
wc_ecc_gen_deterministic_k(in, inlen,
WC_HASH_TYPE_SHA256, &key->k, key->sign_k,
curve->order, key->heap) != 0) {
mp_free(key->sign_k);
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
key->sign_k = NULL;
err = ECC_PRIV_KEY_E;
}
#ifdef WOLFSSL_CHECK_MEM_ZERO
else {
mp_memzero_add("deterministic_sign_helper sign_k", key->sign_k);
}
#endif
} }
else { else {
err = MEMORY_E; key->sign_k_set = 1;
} }
} }
@ -6172,21 +6161,19 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
if (key->sign_k != NULL) { if (key->sign_k_set) {
if (loop_check > 1) { if (loop_check > 1) {
err = RNG_FAILURE_E; err = RNG_FAILURE_E;
break; break;
} }
/* use provided sign_k */ /* use provided sign_k */
err = mp_copy(key->sign_k, &pubkey->k); err = mp_copy(&key->sign_k, &pubkey->k);
if (err != MP_OKAY) break; if (err != MP_OKAY) break;
/* free sign_k, so only used once */ /* free sign_k, so only used once */
mp_forcezero(key->sign_k); mp_forcezero(&key->sign_k);
mp_free(key->sign_k); key->sign_k_set = 0;
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
key->sign_k = NULL;
#ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP #ifdef WOLFSSL_ECDSA_SET_K_ONE_LOOP
loop_check = 64; loop_check = 64;
#endif #endif
@ -6368,7 +6355,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \ #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) \
|| defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ || defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
mp_int* sign_k = key->sign_k; mp_int* sign_k = &key->sign_k;
#else #else
mp_int* sign_k = NULL; mp_int* sign_k = NULL;
#endif #endif
@ -6981,23 +6968,15 @@ int wc_ecc_sign_set_k(const byte* k, word32 klen, ecc_key* key)
return ret; return ret;
} }
if (key->sign_k == NULL) {
key->sign_k = (mp_int*)XMALLOC(sizeof(mp_int), key->heap,
DYNAMIC_TYPE_ECC);
if (key->sign_k) {
ret = mp_init(key->sign_k);
}
else {
ret = MEMORY_E;
}
}
if (ret == 0) { if (ret == 0) {
ret = mp_read_unsigned_bin(key->sign_k, k, klen); ret = mp_read_unsigned_bin(&key->sign_k, k, klen);
} }
if (ret == 0 && mp_cmp(key->sign_k, curve->order) != MP_LT) { if (ret == 0 && mp_cmp(&key->sign_k, curve->order) != MP_LT) {
ret = MP_VAL; ret = MP_VAL;
} }
if (ret == 0) {
key->sign_k_set = 1;
}
wc_ecc_curve_free(curve); wc_ecc_curve_free(curve);
FREE_CURVE_SPECS(); FREE_CURVE_SPECS();
@ -7044,11 +7023,8 @@ int wc_ecc_free(ecc_key* key)
} }
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP)
if (key->sign_k != NULL) { mp_forcezero(&key->sign_k);
mp_forcezero(key->sign_k); mp_free(&key->sign_k);
mp_free(key->sign_k);
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
}
#endif #endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC)

3
wolfssl/wolfcrypt/ecc.h
View File

@ -494,7 +494,8 @@ struct ecc_key {
#if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \ #if defined(WOLFSSL_ECDSA_SET_K) || defined(WOLFSSL_ECDSA_SET_K_ONE_LOOP) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)
mp_int *sign_k; mp_int sign_k;
byte sign_k_set:1;
#endif #endif
#if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \ #if defined(WOLFSSL_ECDSA_DETERMINISTIC_K) || \
defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT) defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)