feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge branch 'master' of https://github.com/wolfSSL/wolfssl into wolfASIO

Browse Source
This commit is contained in:
MJSPollard
2018-07-18 11:10:35 -06:00
parent 93d7891701 227e7cc8c7
commit db8939c578
49 changed files with 3436 additions and 1203 deletions
Download Patch File Download Diff File Expand all files Collapse all files
IDE/ROWLEY-CROSSWORKS-ARM/README.md
+2 -3
View File
@@ -13,12 +13,11 @@ This is a sample test application. It runs "wolfcrypt_test" suite suite repeated
# Prerequisits
You will need to install the "Freescale Kinetis CPU Support Package" in the
Rowley Package Manager under Tools -> Pacakge Manager.
+You will need to install the "Freescale Kinetis CPU Support Package" and "ARM CPU Support Package" in the Rowley Package Manager under Tools -> Pacakge Manager.
# Harware Support
All hardware functions are defined in `kinetis_hw.c` and are currently setup for a Freescale Kinetis K64 Coretx-M4 microcontroller. This file can be customized to work with other Kinetis microcontrollers by editing the top part of the file. Testing for this project was done with the Freescale Kinetis `MK64FN1M0xxx12` using the `TWR-K64F120M`.
All hardware functions are defined in `kinetis_hw.c` and are currently setup for a Freescale Kinetis K64 Coretx-M4 microcontroller. This file can be customized to work with other Kinetis microcontrollers by editing the top part of the file. Testing for this project was done with the Freescale Kinetis `MK64FN1M0xxx12` using the `TWR-K64F120M`. To build for the `TWR-K64F120M` or `FRDM-K64F`, define `WOLFSSL_FRDM_K64` in the Preprocessor Definitions section of CrossStudio, or define it in "user_settings.h".
To create support for a new ARM microcontroller the functions in `hw.h` will need to be implemented.
IDE/ROWLEY-CROSSWORKS-ARM/benchmark_main.c
+8
View File
@@ -44,6 +44,14 @@ void main(void)
do
{
/* Used for testing, must have a delay so no data is missed while serial is initializing */
#ifdef WOLFSSL_FRDM_K64_JENKINS
if(test_num == 2){
break;
}
delay_us(1000000);
#endif
printf("\nBenchmark Test %d:\n", test_num);
benchmark_test(&args);
printf("Benchmark Test %d: Return code %d\n", test_num, args.return_code);
IDE/ROWLEY-CROSSWORKS-ARM/kinetis_hw.c
+29 -5
View File
@@ -33,6 +33,7 @@
// $(TargetsDir) location:
// On Mac OS/X: Users/USERNAME/Library/Rowley Associates Limited/CrossWorks for ARM/packages/targets/
// On Windows: C:/Users/USERNAME/Application Data/Local/Rowley Associates Limited/CrossWorks for ARM/packages/targets/
// On Linux: home/USERNAME/.rowley_associates_limited/CrossWorks for ARM/v4/packages/targets/
// Located in $(TargetsDir)/Kinetis/CMSIS/
#ifdef FREESCALE_KSDK_BM
@@ -67,17 +68,29 @@
#define UART_TX_PORT PORTA /* UART TX Port */
#define UART_TX_PIN 2U /* UART TX Pin */
#define UART_TX_MUX kPORT_MuxAlt2 /* Kinetis UART pin mux */
#elif defined (WOLFSSL_FRDM_K64)
#define UART_PORT UART0 /* UART Port */
#define UART_TX_PORT PORTB /* UART TX Port */
#define UART_TX_PIN 17U /* UART TX Pin */
#define UART_TX_MUX 0x3 /* Kinetis UART pin mux */
#else
#define UART_PORT UART4 /* UART Port */
#define UART_TX_PORT PORTE /* UART TX Port */
#define UART_TX_PIN 24U /* UART TX Pin */
#define UART_TX_MUX 0x3 /* Kinetis UART pin mux */
#endif
#define UART_BAUD 115200 /* UART Baud Rate */
#define UART_BAUD_RATE 115200 /* UART Baud Rate */
#ifdef WOLFSSL_FRDM_K64
#define UART_BAUD UART_BAUD_RATE*8
#else
#define UART_BAUD UART_BAUD_RATE
#endif
/* Note: You will also need to update the UART clock gate in hw_uart_init (SIM_SCGC1_UART5_MASK) */
/* Note: TWR-K60 is UART3, PTC17 */
/* Note: FRDM-K64 is UART4, PTE24 */
/* Note: FRDM-K64 is UART4, PTE24 or UART0 PTB17 for OpenOCD (SIM_SCGC4_UART0_MASK)*/
/* Note: TWR-K64 is UART5, PTE8 */
/* Note: FRDM-K82F is LPUART0 A2, LPUART4 PTC15 */
@@ -130,6 +143,13 @@ static void hw_gpio_init(void)
| SIM_SCGC5_PORTE_MASK
#endif
);
#if 0 /* Debug clock */
/* ClockOut on PTC3 */
PORTC->PCR[3] = PORT_PCR_MUX(0x05); /* Alt 5 */
SIM_SOPT2 |= SIM_SOPT2_CLKOUTSEL(0); /* FlexBus CLKOUT */
#endif
#endif
}
@@ -143,10 +163,14 @@ static void hw_uart_init(void)
CLOCK_SetLpuartClock(1); /* MCGPLLCLK */
DbgConsole_Init((uint32_t)UART_PORT, UART_BAUD, DEBUG_CONSOLE_DEVICE_TYPE_LPUART, SYS_CLK_HZ);
#else
/* Enable UART core clock */
/* Note: Remember to update me if UART_PORT changes */
SIM->SCGC1 |= SIM_SCGC1_UART4_MASK;
#ifdef WOLFSSL_FRDM_K64
/* Enable UART core clock ONLY for FRDM-K64F */
SIM->SCGC4 |= SIM_SCGC4_UART0_MASK;
#else
/* Enable UART core clock */
/* Note: Remember to update me if UART_PORT changes */
SIM->SCGC1 |= SIM_SCGC1_UART4_MASK;
#endif
/* Configure UART TX pin */
UART_TX_PORT->PCR[UART_TX_PIN] = PORT_PCR_MUX(UART_TX_MUX);
IDE/ROWLEY-CROSSWORKS-ARM/test_main.c
+17
View File
@@ -28,6 +28,7 @@
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfcrypt/test/test.h>
#include <stdio.h>
#include "hw.h"
typedef struct func_args {
int argc;
@@ -44,12 +45,28 @@ void main(void)
do
{
/* Used for testing, must have a delay so no data is missed while serial is initializing */
#ifdef WOLFSSL_FRDM_K64_JENKINS
/* run twice */
if(test_num == 2){
printf("\n&&&&&&&&&&&&& done &&&&&&&&&&&&&&&");
delay_us(1000000);
break;
}
delay_us(1000000); /* 1 second */
#endif
printf("\nCrypt Test %d:\n", test_num);
wolfcrypt_test(&args);
printf("Crypt Test %d: Return code %d\n", test_num, args.return_code);
test_num++;
} while(args.return_code == 0);
#ifdef WOLFSSL_FRDM_K64_JENKINS
printf("\n&&&&&&&&&&&&&& done &&&&&&&&&&&&&\n");
delay_us(1000000);
#endif
}
IDE/ROWLEY-CROSSWORKS-ARM/wolfssl.hzp
+2 -2
View File
@@ -158,7 +158,7 @@
arm_target_loader_applicable_loaders="Flash"
arm_target_loader_default_loader="Flash"
c_preprocessor_definitions="WOLFSSL_ROWLEY_ARM;WOLFSSL_USER_SETTINGS"
c_user_include_directories=".;../;../../;$(TargetsDir);$(TargetsDir)/Kinetis;$(TargetsDir)/Kinetis/CMSIS;$(TargetsDir)/Kinetis/CMSIS/include;$(TargetsDir)/CMSIS_3/CMSIS/include"
c_user_include_directories=".;../;../../;$(TargetsDir);$(TargetsDir)/Kinetis;$(TargetsDir)/Kinetis/CMSIS;$(TargetsDir)/Kinetis/CMSIS/include;$(TargetsDir)/CMSIS_4/CMSIS/include;$(TargetsDir)/../CMSIS_4/CMSIS;$(TargetsDir)/../CMSIS_4/CMSIS/Include"
debug_register_definition_file="$(TargetsDir)/Kinetis/MK64F12_Peripherals.xml"
linker_memory_map_file="$(TargetsDir)/Kinetis/MK64FN1M0xxx12_MemoryMap.xml"
linker_memory_map_macros="FLASHSIZE=0x80000;SRAMSIZE=0x20000"
@@ -201,7 +201,7 @@
arm_target_loader_applicable_loaders="Flash"
arm_target_loader_default_loader="Flash"
c_preprocessor_definitions="WOLFSSL_ROWLEY_ARM;WOLFSSL_USER_SETTINGS"
c_user_include_directories=".;../;../../;$(TargetsDir);$(TargetsDir)/Kinetis;$(TargetsDir)/Kinetis/CMSIS;$(TargetsDir)/Kinetis/CMSIS/include;$(TargetsDir)/CMSIS_3/CMSIS/include"
c_user_include_directories=".;../;../../;$(TargetsDir);$(TargetsDir)/Kinetis;$(TargetsDir)/Kinetis/CMSIS;$(TargetsDir)/Kinetis/CMSIS/include;$(TargetsDir)/CMSIS_4/CMSIS/include;$(TargetsDir)/../CMSIS_4/CMSIS;$(TargetsDir)/../CMSIS_4/CMSIS/Include"
debug_register_definition_file="$(TargetsDir)/Kinetis/MK64F12_Peripherals.xml"
linker_memory_map_file="$(TargetsDir)/Kinetis/MK64FN1M0xxx12_MemoryMap.xml"
linker_memory_map_macros="FLASHSIZE=0x80000;SRAMSIZE=0x20000"
IDE/WIN-SGX/wolfSSL_SGX.vcxproj
+4
View File
@@ -301,6 +301,7 @@
<ItemGroup>
<ClCompile Include="..\..\wolfcrypt\src\aes.c" />
<ClCompile Include="..\..\wolfcrypt\src\asn.c" />
<ClCompile Include="..\..\wolfcrypt\src\coding.c" />
<ClCompile Include="..\..\wolfcrypt\src\hash.c" />
<ClCompile Include="..\..\wolfcrypt\src\hmac.c">
<AdditionalIncludeDirectories Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">..\..;$(SGXSDKInstallPath)include;$(SGXSDKInstallPath)include\tlibc;$(SGXSDKInstallPath)include\stlport;$(SolutionDir)wolfssl-3.9.6;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
@@ -314,6 +315,9 @@
<ClCompile Include="..\..\wolfcrypt\src\rsa.c" />
<ClCompile Include="..\..\wolfcrypt\src\sha256.c" />
<ClCompile Include="..\..\wolfcrypt\src\tfm.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_encrypt.c" />
<ClCompile Include="..\..\wolfcrypt\src\wc_port.c" />
<ClCompile Include="..\..\wolfcrypt\src\wolfmath.c" />
</ItemGroup>
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
<ImportGroup Label="ExtensionTargets">
IDE/WIN-SGX/wolfSSL_SGX.vcxproj.filters
+12
View File
@@ -54,5 +54,17 @@
<ClCompile Include="..\..\wolfcrypt\src\random.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\wolfcrypt\src\coding.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\wolfcrypt\src\wc_encrypt.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\wolfcrypt\src\wolfmath.c">
<Filter>Source Files</Filter>
</ClCompile>
<ClCompile Include="..\..\wolfcrypt\src\wc_port.c">
<Filter>Source Files\Resource Files</Filter>
</ClCompile>
</ItemGroup>
</Project>
certs/test/include.am
+4
View File
@@ -20,6 +20,8 @@ EXTRA_DIST += \
EXTRA_DIST += \
certs/test/gen-testcerts.sh \
certs/test/server-garbage.der \
certs/test/server-garbage.pem \
certs/test/server-goodcn.pem \
certs/test/server-goodcn.der \
certs/test/server-goodalt.pem \
@@ -36,6 +38,8 @@ EXTRA_DIST += \
certs/test/server-badaltnull.der \
certs/test/server-badaltname.der \
certs/test/server-badaltname.pem \
certs/test/server-localhost.der \
certs/test/server-localhost.pem \
certs/crl/server-goodaltCrl.pem \
certs/crl/server-goodcnCrl.pem \
certs/crl/server-goodaltwildCrl.pem \
configure.ac
+22 -2
View File
@@ -1807,6 +1807,10 @@ AC_ARG_ENABLE([des3],
[ ENABLED_DES3=no ]
)
if test "$ENABLED_OPENSSH" = "yes"
then
ENABLED_DES3="yes"
fi
# IDEA
AC_ARG_ENABLE([idea],
@@ -2761,6 +2765,18 @@ fi
# Small Stack - Cache on object
AC_ARG_ENABLE([smallstackcache],
[AS_HELP_STRING([--enable-smallstackcache],[Enable Small Stack Usage Caching (default: disabled)])],
[ ENABLED_SMALL_STACK_CACHE=$enableval ],
[ ENABLED_SMALL_STACK_CACHE=no ]
)
if test "x$ENABLED_SMALL_STACK_CACHE" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SMALL_STACK_CACHE"
fi
# Small Stack
AC_ARG_ENABLE([smallstack],
[AS_HELP_STRING([--enable-smallstack],[Enable Small Stack Usage (default: disabled)])],
@@ -2768,6 +2784,10 @@ AC_ARG_ENABLE([smallstack],
[ ENABLED_SMALL_STACK=no ]
)
if test "x$ENABLED_SMALL_STACK_CACHE" = "xyes"
then
ENABLED_SMALL_STACK=yes
fi
if test "x$ENABLED_SMALL_STACK" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SMALL_STACK"
@@ -4298,9 +4318,9 @@ for option in $OPTION_FLAGS; do
continue
fi
# allow user to igonore system options
# allow user to ignore system options
ignoresys=no
if [[[ $noequalsign == _* ]]] ;
if test "$noequalsign = _*"
then
ignoresys=yes
echo "#ifndef WOLFSSL_OPTIONS_IGNORE_SYS" >> $OPTION_FILE
doc/dox_comments/header_files/ssl.h
+72 -5
View File
@@ -6202,6 +6202,10 @@ WOLFSSL_API int wolfSSL_SetTmpDH_buffer(WOLFSSL*, const unsigned char* b, long
\return SIDE_ERROR if the side member of the Options structure found
in the WOLFSSL struct is not the server side.
\return SSL_BAD_FILETYPE returns if the certificate fails a set of checks.
\return DH_KEY_SIZE_E returned if the DH parameter's key size is less than
the value of the minDhKeySz member in the WOLFSSL struct.
\return DH_KEY_SIZE_E returned if the DH parameter's key size is greater
than the value of the maxDhKeySz member in the WOLFSSL struct.
\return BAD_FUNC_ARG returns if an argument value is NULL that is not
permitted such as, the WOLFSSL structure.
@@ -6236,8 +6240,10 @@ WOLFSSL_API int wolfSSL_SetTmpDH_file(WOLFSSL*, const char* f, int format);
\return SSL_SUCCESS returned if the function and all subroutines
return without error.
\return BAD_FUNC_ARG returned if the CTX, p or g parameters are NULL.
\return DH_KEY_SIZE_E returned if the minDhKeySz member of the
WOLFSSL_CTX struct is not the correct size.
\return DH_KEY_SIZE_E returned if the DH parameter's key size is less than
the value of the minDhKeySz member of the WOLFSSL_CTX struct.
\return DH_KEY_SIZE_E returned if the DH parameter's key size is greater
than the value of the maxDhKeySz member of the WOLFSSL_CTX struct.
\return MEMORY_E returned if the allocation of memory failed in this
function or a subroutine.
@@ -6335,8 +6341,10 @@ WOLFSSL_API int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX*, const unsigned char*
if the a set of checks on the file fail from wolfSSL_SetTmpDH_file_wrapper.
\return SSL_BAD_FILETYPE returned if teh format is not PEM or ASN.1 from
wolfSSL_SetTmpDH_buffer_wrapper().
\return DH_KEY_SIZE_E returned from wolfSSL_SetTmpDH() if the ctx
minDhKeySz member exceeds maximum size allowed for DH.
\return DH_KEY_SIZE_E returned if the DH parameter's key size is less than
the value of the minDhKeySz member of the WOLFSSL_CTX struct.
\return DH_KEY_SIZE_E returned if the DH parameter's key size is greater
than the value of the maxDhKeySz member of the WOLFSSL_CTX struct.
\return SIDE_ERROR returned in wolfSSL_SetTmpDH() if the side is not the
server end.
\return SSL_NO_PEM_HEADER returned from PemToDer if there is no PEM header.
@@ -6396,7 +6404,8 @@ WOLFSSL_API int wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX*, const char* f,
\endcode
\sa wolfSSL_SetMinDhKey_Sz
\sa CTX_SetMinDhKey_Sz
\sa wolfSSL_CTX_SetMaxDhKey_Sz
\sa wolfSSL_SetMaxDhKey_Sz
\sa wolfSSL_GetDhKey_Sz
\sa wolfSSL_CTX_SetTMpDH_file
*/
@@ -6425,10 +6434,68 @@ WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short);
}
\endcode
\sa wolfSSL_CTX_SetMinDhKey_Sz
\sa wolfSSL_GetDhKey_Sz
*/
WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short);
/*!
\ingroup CertsKeys
\brief This function sets the maximum size of the Diffie Hellman key size
by accessing the maxDhKeySz member in the WOLFSSL_CTX structure.
\return SSL_SUCCESS returned if the function completes successfully.
\return BAD_FUNC_ARG returned if the WOLFSSL_CTX struct is NULL or if
the keySz is greater than 16,000 or not divisible by 8.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param keySz a word16 type used to set the maximum DH key size. The
WOLFSSL_CTX struct holds this information in the maxDhKeySz member.
_Example_
\code
public static int CTX_SetMaxDhKey_Sz(IntPtr ctx, short maxDhKey){
return wolfSSL_CTX_SetMaxDhKey_Sz(local_ctx, maxDhKey);
\endcode
\sa wolfSSL_SetMinDhKey_Sz
\sa wolfSSL_CTX_SetMinDhKey_Sz
\sa wolfSSL_SetMaxDhKey_Sz
\sa wolfSSL_GetDhKey_Sz
\sa wolfSSL_CTX_SetTMpDH_file
*/
WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, unsigned short);
/*!
\ingroup CertsKeys
\brief Sets the maximum size for a Diffie-Hellman key in the WOLFSSL
structure in bytes.
\return SSL_SUCCESS the maximum size was successfully set.
\return BAD_FUNC_ARG the WOLFSSL structure was NULL or the keySz parameter
was greater than the allowable size or not divisible by 8.
\param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
\param keySz a word16 type representing the bit size of the maximum DH key.
_Example_
\code
WOLFSSL* ssl = wolfSSL_new(ctx);
word16 keySz;
...
if(wolfSSL_SetMaxDhKey(ssl, keySz) != SSL_SUCCESS){
// Failed to set.
}
\endcode
\sa wolfSSL_CTX_SetMaxDhKey_Sz
\sa wolfSSL_GetDhKey_Sz
*/
WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL*, unsigned short);
/*!
\ingroup CertsKeys
examples/client/client.c
+7 -2
View File
@@ -162,7 +162,7 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
static void ShowCiphers(void)
{
char ciphers[4096];
static char ciphers[4096];
int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
@@ -313,7 +313,12 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
}
#ifdef WOLFSSL_TLS13
if (version >= 4 && resumeSession && !benchResume) {
#ifndef NO_SESSION_CACHE
if (version >= 4 && resumeSession && !benchResume)
#else
if (version >= 4 && resumeSession)
#endif
{
if (wolfSSL_write(ssl, msg, sizeof(msg)-1) <= 0)
err_sys("SSL_write failed");
src/bio.c
+8 -6
View File
@@ -21,7 +21,7 @@
#if !defined(WOLFSSL_BIO_INCLUDED)
#ifndef WOLFSSL_IGNORE_FILE_WARN
#warning bio.c does not need to be compiled seperatly from ssl.c
#warning bio.c does not need to be compiled separately from ssl.c
#endif
#else
@@ -580,8 +580,9 @@ int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz)
const byte* c;
int cSz;
cSz = wolfSSL_BIO_pending(bio);
if (cSz < 0) {
ret = cSz;
if (cSz == 0) {
ret = 0; /* Nothing to read */
buf[0] = '\0';
break;
}
@@ -604,7 +605,7 @@ int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz)
}
ret = wolfSSL_BIO_MEMORY_read(bio, (void*)buf, cSz);
/* ret is read after the switch statment */
/* ret is read after the switch statement */
break;
}
case WOLFSSL_BIO_BIO:
@@ -612,8 +613,9 @@ int wolfSSL_BIO_gets(WOLFSSL_BIO* bio, char* buf, int sz)
char* c;
int cSz;
cSz = wolfSSL_BIO_nread0(bio, &c);
if (cSz < 0) {
ret = cSz;
if (cSz == 0) {
ret = 0; /* Nothing to read */
buf[0] = '\0';
break;
}
src/internal.c
+135 -201
View File
@@ -754,10 +754,12 @@ static int dtls_export_new(WOLFSSL* ssl, byte* exp, word32 len, byte ver)
exp[idx++] = options->downgrade;
#ifndef NO_DH
c16toa(options->minDhKeySz, exp + idx); idx += OPAQUE16_LEN;
c16toa(options->maxDhKeySz, exp + idx); idx += OPAQUE16_LEN;
c16toa(options->dhKeySz, exp + idx); idx += OPAQUE16_LEN;
#else
c16toa(zero, exp + idx); idx += OPAQUE16_LEN;
c16toa(zero, exp + idx); idx += OPAQUE16_LEN;
c16toa(zero, exp + idx); idx += OPAQUE16_LEN;
#endif
#ifndef NO_RSA
c16toa((word16)(options->minRsaKeySz), exp + idx); idx += OPAQUE16_LEN;
@@ -917,10 +919,12 @@ static int dtls_export_load(WOLFSSL* ssl, byte* exp, word32 len, byte ver)
options->downgrade = exp[idx++];
#ifndef NO_DH
ato16(exp + idx, &(options->minDhKeySz)); idx += OPAQUE16_LEN;
ato16(exp + idx, &(options->maxDhKeySz)); idx += OPAQUE16_LEN;
ato16(exp + idx, &(options->dhKeySz)); idx += OPAQUE16_LEN;
#else
idx += OPAQUE16_LEN;
idx += OPAQUE16_LEN;
idx += OPAQUE16_LEN;
#endif
#ifndef NO_RSA
ato16(exp + idx, (word16*)&(options->minRsaKeySz)); idx += OPAQUE16_LEN;
@@ -1367,6 +1371,7 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
#ifndef NO_DH
ctx->minDhKeySz = MIN_DHKEY_SZ;
ctx->maxDhKeySz = MAX_DHKEY_SZ;
#endif
#ifndef NO_RSA
ctx->minRsaKeySz = MIN_RSAKEY_SZ;
@@ -3002,7 +3007,7 @@ int ConvertHashPss(int hashAlgo, enum wc_HashType* hashType, int* mgf)
int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
word32* outSz, int sigAlgo, int hashAlgo, RsaKey* key,
DerBuffer* keyBufInfo, void* ctx)
DerBuffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3017,7 +3022,6 @@ int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
(void)sigAlgo;
(void)hashAlgo;
@@ -3041,6 +3045,7 @@ int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
#if defined(HAVE_PK_CALLBACKS)
if (ssl->ctx->RsaPssSignCb) {
void* ctx = wolfSSL_GetRsaPssSignCtx(ssl);
ret = ssl->ctx->RsaPssSignCb(ssl, in, inSz, out, outSz,
TypeHash(hashAlgo), mgf,
keyBuf, keySz, ctx);
@@ -3056,6 +3061,7 @@ int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
#endif
#if defined(HAVE_PK_CALLBACKS)
if (ssl->ctx->RsaSignCb) {
void* ctx = wolfSSL_GetRsaSignCtx(ssl);
ret = ssl->ctx->RsaSignCb(ssl, in, inSz, out, outSz, keyBuf, keySz,
ctx);
}
@@ -3082,7 +3088,7 @@ int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
}
int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
int hashAlgo, RsaKey* key, buffer* keyBufInfo, void* ctx)
int hashAlgo, RsaKey* key, buffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3097,7 +3103,6 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
(void)sigAlgo;
(void)hashAlgo;
@@ -3120,6 +3125,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
return ret;
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->RsaPssVerifyCb) {
void* ctx = wolfSSL_GetRsaPssVerifyCtx(ssl);
ret = ssl->ctx->RsaPssVerifyCb(ssl, in, inSz, out,
TypeHash(hashAlgo), mgf,
keyBuf, keySz, ctx);
@@ -3132,6 +3138,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
#endif
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->RsaVerifyCb) {
void* ctx = wolfSSL_GetRsaVerifyCtx(ssl);
ret = ssl->ctx->RsaVerifyCb(ssl, in, inSz, out, keyBuf, keySz, ctx);
}
else
@@ -3156,7 +3163,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
/* This function is used to check the sign result */
int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
const byte* plain, word32 plainSz, int sigAlgo, int hashAlgo, RsaKey* key,
DerBuffer* keyBufInfo, void* ctx)
DerBuffer* keyBufInfo)
{
byte* out = NULL; /* inline result */
int ret;
@@ -3172,7 +3179,6 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
(void)sigAlgo;
(void)hashAlgo;
@@ -3211,6 +3217,7 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
/* If HSM hardware is checking the signature result you can
optionally skip the sign check and return 0 */
/* The ctx here is the RsaSignCtx set using wolfSSL_SetRsaSignCtx */
void* ctx = wolfSSL_GetRsaPssSignCtx(ssl);
ret = ssl->ctx->RsaPssSignCheckCb(ssl, verifySig, sigSz, &out,
TypeHash(hashAlgo), mgf,
keyBuf, keySz, ctx);
@@ -3238,6 +3245,7 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
/* If HSM hardware is checking the signature result you can
optionally skip the sign check and return 0 */
/* The ctx here is the RsaSignCtx set using wolfSSL_SetRsaSignCtx */
void* ctx = wolfSSL_GetRsaSignCtx(ssl);
ret = ssl->ctx->RsaSignCheckCb(ssl, verifySig, sigSz, &out,
keyBuf, keySz, ctx);
}
@@ -3273,7 +3281,7 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
#ifndef WOLFSSL_NO_TLS12
int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
RsaKey* key, DerBuffer* keyBufInfo, void* ctx)
RsaKey* key, DerBuffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3288,7 +3296,6 @@ int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
WOLFSSL_ENTER("RsaDec");
@@ -3301,8 +3308,8 @@ int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->RsaDecCb) {
ret = ssl->ctx->RsaDecCb(ssl, in, inSz, out, keyBuf, keySz,
ctx);
void* ctx = wolfSSL_GetRsaDecCtx(ssl);
ret = ssl->ctx->RsaDecCb(ssl, in, inSz, out, keyBuf, keySz, ctx);
}
else
#endif /* HAVE_PK_CALLBACKS */
@@ -3334,7 +3341,7 @@ int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
}
int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
RsaKey* key, buffer* keyBufInfo, void* ctx)
RsaKey* key, buffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3349,7 +3356,6 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
WOLFSSL_ENTER("RsaEnc");
@@ -3362,8 +3368,8 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->RsaEncCb) {
ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz,
ctx);
void* ctx = wolfSSL_GetRsaEncCtx(ssl);
ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz, ctx);
}
else
#endif /* HAVE_PK_CALLBACKS */
@@ -3396,7 +3402,7 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
#ifdef HAVE_ECC
int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
word32* outSz, ecc_key* key, DerBuffer* keyBufInfo, void* ctx)
word32* outSz, ecc_key* key, DerBuffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3411,7 +3417,6 @@ int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
WOLFSSL_ENTER("EccSign");
@@ -3424,6 +3429,7 @@ int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
#if defined(HAVE_PK_CALLBACKS)
if (ssl->ctx->EccSignCb) {
void* ctx = wolfSSL_GetEccSignCtx(ssl);
ret = ssl->ctx->EccSignCb(ssl, in, inSz, out, outSz, keyBuf,
keySz, ctx);
}
@@ -3446,7 +3452,7 @@ int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
}
int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
word32 outSz, ecc_key* key, buffer* keyBufInfo, void* ctx)
word32 outSz, ecc_key* key, buffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3461,7 +3467,6 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
WOLFSSL_ENTER("EccVerify");
@@ -3474,6 +3479,7 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->EccVerifyCb) {
void* ctx = wolfSSL_GetEccVerifyCtx(ssl);
ret = ssl->ctx->EccVerifyCb(ssl, in, inSz, out, outSz, keyBuf, keySz,
&ssl->eccVerifyRes, ctx);
}
@@ -3555,7 +3561,7 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key, ecc_key* pub_key,
byte* pubKeyDer, word32* pubKeySz, byte* out, word32* outlen,
int side, void* ctx)
int side)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3569,7 +3575,6 @@ int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key, ecc_key* pub_key,
(void)pubKeyDer;
(void)pubKeySz;
(void)side;
(void)ctx;
WOLFSSL_ENTER("EccSharedSecret");
@@ -3593,6 +3598,7 @@ int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key, ecc_key* pub_key,
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->EccSharedSecretCb) {
void* ctx = wolfSSL_GetEccSharedSecretCtx(ssl);
ret = ssl->ctx->EccSharedSecretCb(ssl, otherKey, pubKeyDer,
pubKeySz, out, outlen, side, ctx);
}
@@ -3618,6 +3624,7 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
{
int ret = 0;
int keySz = 0;
int ecc_curve = ECC_CURVE_DEF;
WOLFSSL_ENTER("EccMakeKey");
@@ -3628,6 +3635,7 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
return ret;
#endif
/* get key size */
if (peer == NULL) {
keySz = ssl->eccTempKeySz;
}
@@ -3635,14 +3643,25 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
keySz = peer->dp->size;
}
/* get curve type */
if (ssl->ecdhCurveOID > 0) {
ret = wc_ecc_make_key_ex(ssl->rng, keySz, key,
wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL));
ecc_curve = wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL);
}
else {
ret = wc_ecc_make_key(ssl->rng, keySz, key);
if (ret == 0)
ssl->ecdhCurveOID = key->dp->oidSum;
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->EccKeyGenCb) {
void* ctx = wolfSSL_GetEccKeyGenCtx(ssl);
ret = ssl->ctx->EccKeyGenCb(ssl, key, keySz, ecc_curve, ctx);
}
else
#endif
{
ret = wc_ecc_make_key_ex(ssl->rng, keySz, key, ecc_curve);
}
/* make sure the curve is set for TLS */
if (ret == 0 && key->dp) {
ssl->ecdhCurveOID = key->dp->oidSum;
}
/* Handle async pending response */
@@ -3709,8 +3728,7 @@ int Ed25519CheckPubKey(WOLFSSL* ssl)
* returns 0 on success, otherwise the value is an error.
*/
int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
word32* outSz, ed25519_key* key, DerBuffer* keyBufInfo,
void* ctx)
word32* outSz, ed25519_key* key, DerBuffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3725,7 +3743,6 @@ int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
WOLFSSL_ENTER("Ed25519Sign");
@@ -3738,6 +3755,7 @@ int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
#if defined(HAVE_PK_CALLBACKS)
if (ssl->ctx->Ed25519SignCb) {
void* ctx = wolfSSL_GetEd25519SignCtx(ssl);
ret = ssl->ctx->Ed25519SignCb(ssl, in, inSz, out, outSz, keyBuf,
keySz, ctx);
}
@@ -3772,7 +3790,7 @@ int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
* returns 0 on success, otherwise the value is an error.
*/
int Ed25519Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg,
word32 msgSz, ed25519_key* key, buffer* keyBufInfo, void* ctx)
word32 msgSz, ed25519_key* key, buffer* keyBufInfo)
{
int ret;
#ifdef HAVE_PK_CALLBACKS
@@ -3787,7 +3805,6 @@ int Ed25519Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg,
(void)ssl;
(void)keyBufInfo;
(void)ctx;
WOLFSSL_ENTER("Ed25519Verify");
@@ -3800,6 +3817,7 @@ int Ed25519Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg,
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->Ed25519VerifyCb) {
void* ctx = wolfSSL_GetEd25519VerifyCtx(ssl);
ret = ssl->ctx->Ed25519VerifyCb(ssl, in, inSz, msg, msgSz, keyBuf,
keySz, &ssl->eccVerifyRes, ctx);
}
@@ -3869,7 +3887,7 @@ int Ed25519Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg,
static int X25519SharedSecret(WOLFSSL* ssl, curve25519_key* priv_key,
curve25519_key* pub_key, byte* pubKeyDer, word32* pubKeySz,
byte* out, word32* outlen, int side, void* ctx)
byte* out, word32* outlen, int side)
{
int ret;
@@ -3877,7 +3895,6 @@ static int X25519SharedSecret(WOLFSSL* ssl, curve25519_key* priv_key,
(void)pubKeyDer;
(void)pubKeySz;
(void)side;
(void)ctx;
WOLFSSL_ENTER("X25519SharedSecret");
@@ -3894,6 +3911,7 @@ static int X25519SharedSecret(WOLFSSL* ssl, curve25519_key* priv_key,
ret = X25519GetKey(ssl, &otherKey);
if (ret == 0) {
void* ctx = wolfSSL_GetX25519SharedSecretCtx(ssl);
ret = ssl->ctx->X25519SharedSecretCb(ssl, otherKey, pubKeyDer,
pubKeySz, out, outlen, side, ctx);
}
@@ -3933,9 +3951,20 @@ static int X25519MakeKey(WOLFSSL* ssl, curve25519_key* key,
return ret;
#endif
ret = wc_curve25519_make_key(ssl->rng, CURVE25519_KEYSIZE, key);
if (ret == 0)
#ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->X25519KeyGenCb) {
void* ctx = wolfSSL_GetX25519KeyGenCtx(ssl);
ret = ssl->ctx->X25519KeyGenCb(ssl, key, CURVE25519_KEYSIZE, ctx);
}
else
#endif
{
ret = wc_curve25519_make_key(ssl->rng, CURVE25519_KEYSIZE, key);
}
if (ret == 0) {
ssl->ecdhCurveOID = ECC_X25519_OID;
}
/* Handle async pending response */
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -4163,6 +4192,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
#endif
#ifndef NO_DH
ssl->options.minDhKeySz = ctx->minDhKeySz;
ssl->options.maxDhKeySz = ctx->maxDhKeySz;
#endif
#ifndef NO_RSA
ssl->options.minRsaKeySz = ctx->minRsaKeySz;
@@ -7026,30 +7056,10 @@ static int BuildSHA(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
{
int ret = 0;
#ifdef WOLFSSL_SHA384
#ifdef WOLFSSL_SMALL_STACK
wc_Sha384* sha384;
#else
wc_Sha384 sha384[1];
#endif /* WOLFSSL_SMALL_STACK */
#endif /* WOLFSSL_SHA384 */
if (ssl == NULL)
return BAD_FUNC_ARG;
#ifdef WOLFSSL_SHA384
#ifdef WOLFSSL_SMALL_STACK
sha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), ssl->heap, DYNAMIC_TYPE_HASHCTX);
if (sha384 == NULL)
return MEMORY_E;
#endif /* WOLFSSL_SMALL_STACK */
#endif /* WOLFSSL_SHA384 */
/* store current states, building requires get_digest which resets state */
#ifdef WOLFSSL_SHA384
sha384[0] = ssl->hsHashes->hashSha384;
#endif
#ifndef NO_TLS
if (ssl->options.tls) {
ret = BuildTlsFinished(ssl, hashes, sender);
@@ -7064,19 +7074,6 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
}
#endif
/* restore */
if (IsAtLeastTLSv1_2(ssl)) {
#ifdef WOLFSSL_SHA384
ssl->hsHashes->hashSha384 = sha384[0];
#endif
}
#ifdef WOLFSSL_SHA384
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha384, ssl->heap, DYNAMIC_TYPE_HASHCTX);
#endif
#endif
return ret;
}
@@ -12169,7 +12166,7 @@ int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz,
good |= MaskMac(input, pLen, ssl->specs.hash_size, verify);
/* Non-zero on failure. */
good = ~good;
good = (byte)~(word32)good;
good &= good >> 4;
good &= good >> 2;
good &= good >> 1;
@@ -13696,10 +13693,6 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
#endif
ret = ssl->hmac(ssl, output + args->idx, output +
args->headerSz + args->ivSz, inSz, -1, type, 0);
#ifdef WOLFSSL_DTLS
if (ssl->options.dtls)
DtlsSEQIncrement(ssl, CUR_ORDER);
#endif
}
if (ret != 0)
goto exit_buildmsg;
@@ -13728,6 +13721,11 @@ exit_buildmsg:
/* make sure build message state is reset */
ssl->options.buildMsgState = BUILD_MSG_BEGIN;
#ifdef WOLFSSL_DTLS
if (ret == 0 && ssl->options.dtls)
DtlsSEQIncrement(ssl, CUR_ORDER);
#endif
/* return sz on success */
if (ret == 0)
ret = args->sz;
@@ -14687,8 +14685,12 @@ int SendData(WOLFSSL* ssl, const void* data, int sz)
WOLFSSL_MSG("output buffer was full, trying to send again");
if ( (ssl->error = SendBuffered(ssl)) < 0) {
WOLFSSL_ERROR(ssl->error);
if (ssl->error == SOCKET_ERROR_E && ssl->options.connReset)
return 0; /* peer reset */
if (ssl->error == SOCKET_ERROR_E && (ssl->options.connReset ||
ssl->options.isClosed)) {
ssl->error = SOCKET_PEER_CLOSED_E;
WOLFSSL_ERROR(ssl->error);
return 0; /* peer reset or closed */
}
return ssl->error;
}
else {
@@ -14770,15 +14772,19 @@ int SendData(WOLFSSL* ssl, const void* data, int sz)
ssl->buffers.outputBuffer.length += sendSz;
if ( (ret = SendBuffered(ssl)) < 0) {
WOLFSSL_ERROR(ret);
if ( (ssl->error = SendBuffered(ssl)) < 0) {
WOLFSSL_ERROR(ssl->error);
/* store for next call if WANT_WRITE or user embedSend() that
doesn't present like WANT_WRITE */
ssl->buffers.plainSz = len;
ssl->buffers.prevSent = sent;
if (ret == SOCKET_ERROR_E && ssl->options.connReset)
return 0; /* peer reset */
return ssl->error = ret;
if (ssl->error == SOCKET_ERROR_E && (ssl->options.connReset ||
ssl->options.isClosed)) {
ssl->error = SOCKET_PEER_CLOSED_E;
WOLFSSL_ERROR(ssl->error);
return 0; /* peer reset or closed */
}
return ssl->error;
}
sent += len;
@@ -16150,7 +16156,7 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
byte hashAlgo = 0, sigAlgo = 0;
DecodeSigAlg(&hashSigAlgo[i], &hashAlgo, &sigAlgo);
#ifdef HAVE_ECC
#ifdef HAVE_ED25519
if (ssl->pkCurveOID == ECC_ED25519_OID && sigAlgo != ed25519_sa_algo)
continue;
@@ -17594,6 +17600,11 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
SendAlert(ssl, alert_fatal, handshake_failure);
ERROR_OUT(DH_KEY_SIZE_E, exit_dske);
}
if (length > ssl->options.maxDhKeySz) {
WOLFSSL_MSG("Server using a DH key that is too big");
SendAlert(ssl, alert_fatal, handshake_failure);
ERROR_OUT(DH_KEY_SIZE_E, exit_dske);
}
ssl->buffers.serverDH_P.buffer =
(byte*)XMALLOC(length, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
@@ -17787,6 +17798,11 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
SendAlert(ssl, alert_fatal, handshake_failure);
ERROR_OUT(DH_KEY_SIZE_E, exit_dske);
}
if (length > ssl->options.maxDhKeySz) {
WOLFSSL_MSG("Server using a DH key that is too big");
SendAlert(ssl, alert_fatal, handshake_failure);
ERROR_OUT(DH_KEY_SIZE_E, exit_dske);
}
ssl->buffers.serverDH_P.buffer = (byte*)XMALLOC(length,
ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY);
@@ -18183,10 +18199,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
args->sigAlgo, args->hashAlgo,
ssl->peerRsaKey,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerRsaKey,
ssl->RsaVerifyCtx
&ssl->buffers.peerRsaKey
#else
NULL, NULL
NULL
#endif
);
@@ -18206,10 +18221,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
ssl->buffers.digest.length,
ssl->peerEccDsaKey,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerEccDsaKey,
ssl->EccVerifyCtx
&ssl->buffers.peerEccDsaKey
#else
NULL, NULL
NULL
#endif
);
@@ -18225,10 +18239,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
ssl->buffers.sig.length,
ssl->peerEd25519Key,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerEd25519Key,
ssl->Ed25519VerifyCtx
&ssl->buffers.peerEd25519Key
#else
NULL, NULL
NULL
#endif
);
@@ -19398,10 +19411,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
args->encSecret, &args->encSz,
ssl->peerRsaKey,
#if defined(HAVE_PK_CALLBACKS)
&ssl->buffers.peerRsaKey,
ssl->RsaEncCtx
&ssl->buffers.peerRsaKey
#else
NULL, NULL
NULL
#endif
);
@@ -19448,12 +19460,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
args->output + OPAQUE8_LEN, &args->length,
ssl->arrays->preMasterSecret + OPAQUE16_LEN,
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_CLIENT_END
);
break;
}
@@ -19463,12 +19470,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
args->output + OPAQUE8_LEN, &args->length,
ssl->arrays->preMasterSecret + OPAQUE16_LEN,
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_CLIENT_END
);
break;
}
@@ -19513,12 +19515,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
args->encSecret + OPAQUE8_LEN, &args->encSz,
ssl->arrays->preMasterSecret,
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_CLIENT_END
);
break;
}
@@ -19532,12 +19529,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
args->encSecret + OPAQUE8_LEN, &args->encSz,
ssl->arrays->preMasterSecret,
&ssl->arrays->preMasterSz,
WOLFSSL_CLIENT_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_CLIENT_END
);
#endif
@@ -20131,10 +20123,9 @@ int SendCertificateVerify(WOLFSSL* ssl)
ssl->buffers.sig.buffer, &ssl->buffers.sig.length,
key,
#ifdef HAVE_PK_CALLBACKS
ssl->buffers.key,
ssl->EccSignCtx
ssl->buffers.key
#else
NULL, NULL
NULL
#endif
);
}
@@ -20148,10 +20139,9 @@ int SendCertificateVerify(WOLFSSL* ssl)
ssl->buffers.sig.buffer, &ssl->buffers.sig.length,
key,
#ifdef HAVE_PK_CALLBACKS
ssl->buffers.key,
ssl->Ed25519SignCtx
ssl->buffers.key
#else
NULL, NULL
NULL
#endif
);
}
@@ -20167,12 +20157,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
ssl->buffers.sig.buffer, ssl->buffers.sig.length,
args->verify + args->extraSz + VERIFY_HEADER, &args->sigSz,
args->sigAlgo, ssl->suites->hashAlgo, key,
ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
ssl->buffers.key
);
}
#endif /* !NO_RSA */
@@ -20229,12 +20214,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
args->verifySig, args->sigSz,
ssl->buffers.sig.buffer, ssl->buffers.sig.length,
args->sigAlgo, ssl->suites->hashAlgo, key,
ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
ssl->buffers.key
);
}
#endif /* !NO_RSA */
@@ -21867,12 +21847,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
key,
ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
ssl->buffers.key
);
break;
}
@@ -21888,10 +21863,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
key,
#ifdef HAVE_PK_CALLBACKS
ssl->buffers.key,
ssl->EccSignCtx
ssl->buffers.key
#else
NULL, NULL
NULL
#endif
);
break;
@@ -21907,10 +21881,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
key,
#ifdef HAVE_PK_CALLBACKS
ssl->buffers.key,
ssl->Ed25519SignCtx
ssl->buffers.key
#else
NULL, NULL
NULL
#endif
);
break;
@@ -21945,12 +21918,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
key,
ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
ssl->buffers.key
);
break;
}
@@ -22030,12 +21998,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->buffers.sig.buffer,
ssl->buffers.sig.length,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
key, ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
key, ssl->buffers.key
);
break;
}
@@ -22097,12 +22060,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->buffers.sig.buffer,
ssl->buffers.sig.length,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
key, ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
key, ssl->buffers.key
);
break;
}
@@ -23385,10 +23343,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args->sigAlgo, args->hashAlgo,
ssl->peerRsaKey,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerRsaKey,
ssl->RsaVerifyCtx
&ssl->buffers.peerRsaKey
#else
NULL, NULL
NULL
#endif
);
if (ret >= 0) {
@@ -23411,10 +23368,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->buffers.digest.buffer, ssl->buffers.digest.length,
ssl->peerEccDsaKey,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerEccDsaKey,
ssl->EccVerifyCtx
&ssl->buffers.peerEccDsaKey
#else
NULL, NULL
NULL
#endif
);
}
@@ -23428,10 +23384,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->hsHashes->messages, ssl->hsHashes->prevLen,
ssl->peerEd25519Key,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerEd25519Key,
ssl->Ed25519VerifyCtx
&ssl->buffers.peerEd25519Key
#else
NULL, NULL
NULL
#endif
);
}
@@ -24682,10 +24637,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
&args->sigSz,
key,
#ifdef HAVE_PK_CALLBACKS
ssl->buffers.key,
ssl->RsaDecCtx
ssl->buffers.key
#else
NULL, NULL
NULL
#endif
);
@@ -24731,12 +24685,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
input + args->idx, &args->length,
ssl->arrays->preMasterSecret,
&ssl->arrays->preMasterSz,
WOLFSSL_SERVER_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_SERVER_END
);
break;
}
@@ -24752,12 +24701,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
input + args->idx, &args->length,
ssl->arrays->preMasterSecret,
&ssl->arrays->preMasterSz,
WOLFSSL_SERVER_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_SERVER_END
);
#endif
break;
@@ -24800,12 +24744,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
input + args->idx, &args->length,
ssl->arrays->preMasterSecret + OPAQUE16_LEN,
&args->sigSz,
WOLFSSL_SERVER_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_SERVER_END
);
break;
}
@@ -24816,12 +24755,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
input + args->idx, &args->length,
ssl->arrays->preMasterSecret + OPAQUE16_LEN,
&args->sigSz,
WOLFSSL_SERVER_END,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
WOLFSSL_SERVER_END
);
break;
}
src/ssl.c
+252 -129
View File
@@ -1461,6 +1461,8 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
if (pSz < ssl->options.minDhKeySz)
return DH_KEY_SIZE_E;
if (pSz > ssl->options.maxDhKeySz)
return DH_KEY_SIZE_E;
if (ssl->options.side != WOLFSSL_SERVER_END)
return SIDE_ERROR;
@@ -1522,6 +1524,8 @@ int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p, int pSz,
if (pSz < ctx->minDhKeySz)
return DH_KEY_SIZE_E;
if (pSz > ctx->maxDhKeySz)
return DH_KEY_SIZE_E;
XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY);
XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY);
@@ -1569,6 +1573,26 @@ int wolfSSL_SetMinDhKey_Sz(WOLFSSL* ssl, word16 keySz)
}
int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX* ctx, word16 keySz)
{
if (ctx == NULL || keySz > 16000 || keySz % 8 != 0)
return BAD_FUNC_ARG;
ctx->maxDhKeySz = keySz / 8;
return WOLFSSL_SUCCESS;
}
int wolfSSL_SetMaxDhKey_Sz(WOLFSSL* ssl, word16 keySz)
{
if (ssl == NULL || keySz > 16000 || keySz % 8 != 0)
return BAD_FUNC_ARG;
ssl->options.maxDhKeySz = keySz / 8;
return WOLFSSL_SUCCESS;
}
int wolfSSL_GetDhKey_Sz(WOLFSSL* ssl)
{
if (ssl == NULL)
@@ -4263,15 +4287,16 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, const unsigned char* buff,
#endif
byte* chainBuffer = staticBuffer;
int dynamicBuffer = 0;
word32 bufferSz = sizeof(staticBuffer);
word32 bufferSz;
long consumed = info->consumed;
word32 idx = 0;
int gotOne = 0;
if ( (sz - consumed) > (int)bufferSz) {
/* Calculate max possible size, including max headers */
bufferSz = (word32)(sz - consumed) + (CERT_HEADER_SZ * MAX_CHAIN_DEPTH);
if (bufferSz > sizeof(staticBuffer)) {
WOLFSSL_MSG("Growing Tmp Chain Buffer");
bufferSz = (word32)(sz - consumed);
/* will shrink to actual size */
/* will shrink to actual size */
chainBuffer = (byte*)XMALLOC(bufferSz, heap, DYNAMIC_TYPE_FILE);
if (chainBuffer == NULL) {
return MEMORY_E;
@@ -4301,7 +4326,7 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, const unsigned char* buff,
if (GetSequence(buff + consumed, &inOutIdx, &length, remain) < 0) {
ret = ASN_NO_PEM_HEADER;
}
length += inOutIdx; /* include leading squence */
length += inOutIdx; /* include leading sequence */
}
info->consumed = length;
if (ret == 0) {
@@ -4316,7 +4341,7 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, const unsigned char* buff,
#ifdef WOLFSSL_TLS13
cnt++;
#endif
if ((idx + part->length) > bufferSz) {
if ((idx + part->length + CERT_HEADER_SZ) > bufferSz) {
WOLFSSL_MSG(" Cert Chain bigger than buffer");
ret = BUFFER_E;
}
@@ -4446,7 +4471,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
if (GetSequence(buff, &inOutIdx, &length, (word32)sz) < 0) {
ret = ASN_PARSE_E;
}
length += inOutIdx; /* include leading squence */
length += inOutIdx; /* include leading sequence */
}
info->consumed = length;
@@ -4465,6 +4490,10 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
/* process user chain */
if (ret >= 0) {
/* First certificate in chain is loaded into ssl->buffers.certificate.
* Remainder are loaded into ssl->buffers.certChain.
* Chain should have server cert first, then intermediates, then root.
*/
if (userChain) {
ret = ProcessUserChain(ctx, buff, sz, format, type, ssl, used, info);
}
@@ -4668,19 +4697,29 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
#ifdef HAVE_ECC
if (!rsaKey && !ed25519Key) {
/* make sure ECC key can be used */
word32 idx = 0;
ecc_key key;
word32 idx = 0;
#ifdef WOLFSSL_SMALL_STACK
ecc_key* key = NULL;
#else
ecc_key key[1];
#endif
if (wc_ecc_init_ex(&key, heap, devId) == 0) {
if (wc_EccPrivateKeyDecode(der->buffer, &idx, &key,
#ifdef WOLFSSL_SMALL_STACK
key = (ecc_key*)XMALLOC(sizeof(ecc_key), heap, DYNAMIC_TYPE_ECC);
if (key == NULL)
return MEMORY_E;
#endif
if (wc_ecc_init_ex(key, heap, devId) == 0) {
if (wc_EccPrivateKeyDecode(der->buffer, &idx, key,
der->length) == 0) {
int keySz = wc_ecc_size(&key);
int keySz = wc_ecc_size(key);
int minKeySz;
/* check for minimum ECC key size and then free */
minKeySz = ssl ? ssl->options.minEccKeySz : ctx->minEccKeySz;
if (keySz < minKeySz) {
wc_ecc_free(&key);
wc_ecc_free(key);
WOLFSSL_MSG("ECC private key too small");
return ECC_KEY_SIZE_E;
}
@@ -4704,52 +4743,71 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
else
eccKey = 0;
wc_ecc_free(&key);
wc_ecc_free(key);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, heap, DYNAMIC_TYPE_ECC);
#endif
}
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
if (!rsaKey && !eccKey) {
/* make sure Ed25519 key can be used */
word32 idx = 0;
ed25519_key key;
const int keySz = ED25519_KEY_SIZE;
int minKeySz;
word32 idx = 0;
#ifdef WOLFSSL_SMALL_STACK
ed25519_key* key = NULL;
#else
ed25519_key key[1];
#endif
ret = wc_ed25519_init(&key);
if (ret != 0) {
return ret;
}
#ifdef WOLFSSL_SMALL_STACK
key = (ed25519_key*)XMALLOC(sizeof(ecc_key), heap,
DYNAMIC_TYPE_ED25519);
if (key == NULL)
return MEMORY_E;
#endif
if (wc_Ed25519PrivateKeyDecode(der->buffer, &idx, &key,
ret = wc_ed25519_init(key);
if (ret == 0) {
if (wc_Ed25519PrivateKeyDecode(der->buffer, &idx, key,
der->length) != 0) {
wc_ed25519_free(&key);
return WOLFSSL_BAD_FILE;
ret = WOLFSSL_BAD_FILE;
}
if (ret == 0) {
/* check for minimum key size and then free */
int minKeySz = ssl ? ssl->options.minEccKeySz :
ctx->minEccKeySz;
if (ED25519_KEY_SIZE < minKeySz) {
WOLFSSL_MSG("ED25519 private key too small");
ret = ECC_KEY_SIZE_E;
}
}
if (ret == 0) {
if (ssl) {
ssl->buffers.keyType = ed25519_sa_algo;
ssl->buffers.keySz = ED25519_KEY_SIZE;
}
else if (ctx) {
ctx->privateKeyType = ed25519_sa_algo;
ctx->privateKeySz = ED25519_KEY_SIZE;
}
ed25519Key = 1;
if (ssl && ssl->options.side == WOLFSSL_SERVER_END) {
resetSuites = 1;
}
}
wc_ed25519_free(key);
}
/* check for minimum key size and then free */
minKeySz = ssl ? ssl->options.minEccKeySz : ctx->minEccKeySz;
if (keySz < minKeySz) {
wc_ed25519_free(&key);
WOLFSSL_MSG("ED25519 private key too small");
return ECC_KEY_SIZE_E;
}
if (ssl) {
ssl->buffers.keyType = ed25519_sa_algo;
ssl->buffers.keySz = keySz;
}
else if (ctx) {
ctx->privateKeyType = ed25519_sa_algo;
ctx->privateKeySz = keySz;
}
wc_ed25519_free(&key);
ed25519Key = 1;
if (ssl && ssl->options.side == WOLFSSL_SERVER_END) {
resetSuites = 1;
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(key, heap, DYNAMIC_TYPE_ED25519);
#endif
if (ret != 0)
return ret;
}
#else
if (!rsaKey && !eccKey && !ed25519Key)
@@ -5819,7 +5877,11 @@ int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file,
* Returns SSL_SUCCESS on good private key and SSL_FAILURE if miss matched. */
int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx)
{
DecodedCert der;
#ifdef WOLFSSL_SMALL_STACK
DecodedCert* der = NULL;
#else
DecodedCert der[1];
#endif
word32 size;
byte* buff;
int ret;
@@ -5831,18 +5893,30 @@ int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx)
}
#ifndef NO_CERTS
#ifdef WOLFSSL_SMALL_STACK
der = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT);
if (der == NULL)
return MEMORY_E;
#endif
size = ctx->certificate->length;
buff = ctx->certificate->buffer;
InitDecodedCert(&der, buff, size, ctx->heap);
if (ParseCertRelative(&der, CERT_TYPE, NO_VERIFY, NULL) != 0) {
FreeDecodedCert(&der);
InitDecodedCert(der, buff, size, ctx->heap);
if (ParseCertRelative(der, CERT_TYPE, NO_VERIFY, NULL) != 0) {
FreeDecodedCert(der);
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, NULL, DYNAMIC_TYPE_DCERT);
#endif
return WOLFSSL_FAILURE;
}
size = ctx->privateKey->length;
buff = ctx->privateKey->buffer;
ret = wc_CheckPrivateKey(buff, size, &der);
FreeDecodedCert(&der);
ret = wc_CheckPrivateKey(buff, size, der);
FreeDecodedCert(der);
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, NULL, DYNAMIC_TYPE_DCERT);
#endif
if (ret == 1) {
return WOLFSSL_SUCCESS;
@@ -6742,6 +6816,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
case BASIC_CA_OID:
if (x509->basicConstSet) {
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
if (c != NULL) {
*c = x509->basicConstCrit;
}
@@ -6771,6 +6850,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
dns = x509->altNames;
while (dns != NULL) {
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = dns->type;
obj->grp = oidCertExtType;
obj->obj = (byte*)dns->name;
@@ -6803,6 +6887,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
*c = x509->CRLdistCrit;
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = CRL_DIST_OID;
obj->grp = oidCertExtType;
obj->obj = x509->CRLInfo;
@@ -6819,6 +6908,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
*c = x509->authInfoCrit;
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = AUTH_INFO_OID;
obj->grp = oidCertExtType;
obj->obj = x509->authInfo;
@@ -6835,6 +6929,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
*c = x509->authKeyIdCrit;
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = AUTH_KEY_OID;
obj->grp = oidCertExtType;
obj->obj = x509->authKeyId;
@@ -6851,6 +6950,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
*c = x509->subjKeyIdCrit;
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = SUBJ_KEY_OID;
obj->grp = oidCertExtType;
obj->obj = x509->subjKeyId;
@@ -6878,6 +6982,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
for (i = 0; i < x509->certPoliciesNb - 1; i++) {
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = CERT_POLICY_OID;
obj->grp = oidCertExtType;
obj->obj = (byte*)(x509->certPolicies[i]);
@@ -6891,6 +7000,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
}
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = CERT_POLICY_OID;
obj->grp = oidCertExtType;
obj->obj = (byte*)(x509->certPolicies[i]);
@@ -6907,6 +7021,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
*c = x509->certPolicyCrit;
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = CERT_POLICY_OID;
obj->grp = oidCertExtType;
}
@@ -6925,6 +7044,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
*c = x509->keyUsageCrit;
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = KEY_USAGE_OID;
obj->grp = oidCertExtType;
obj->obj = (byte*)&(x509->keyUsage);
@@ -6950,6 +7074,11 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
}
}
obj = wolfSSL_ASN1_OBJECT_new();
if (obj == NULL) {
WOLFSSL_MSG("Issue creating WOLFSSL_ASN1_OBJECT struct");
wolfSSL_sk_ASN1_OBJECT_free(sk);
return NULL;
}
obj->type = EXT_KEY_USAGE_OID;
obj->grp = oidCertExtType;
obj->obj = x509->extKeyUsageSrc;
@@ -18572,7 +18701,7 @@ char* wolfSSL_ASN1_TIME_to_string(WOLFSSL_ASN1_TIME* t, char* buf, int len)
WOLFSSL_ASN1_TIME* wolfSSL_ASN1_TIME_adj(WOLFSSL_ASN1_TIME *s, time_t t,
int offset_day, long offset_sec)
{
const int sec_per_day = 24*60*60;
const time_t sec_per_day = 24*60*60;
struct tm* ts = NULL;
struct tm* tmpTime = NULL;
time_t t_adj = 0;
@@ -23545,6 +23674,7 @@ static int SetRsaExternal(WOLFSSL_RSA* rsa)
return WOLFSSL_FATAL_ERROR;
}
#ifndef RSA_LOW_MEM
if (SetIndividualExternal(&rsa->dmp1, &key->dP) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("rsa dP key error");
return WOLFSSL_FATAL_ERROR;
@@ -23559,6 +23689,7 @@ static int SetRsaExternal(WOLFSSL_RSA* rsa)
WOLFSSL_MSG("rsa u key error");
return WOLFSSL_FATAL_ERROR;
}
#endif /* !RSA_LOW_MEM */
}
rsa->exSet = 1;
@@ -23617,6 +23748,7 @@ static int SetRsaInternal(WOLFSSL_RSA* rsa)
return WOLFSSL_FATAL_ERROR;
}
#ifndef RSA_LOW_MEM
if (rsa->dmp1 != NULL &&
SetIndividualInternal(rsa->dmp1, &key->dP) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("rsa dP key error");
@@ -23634,6 +23766,7 @@ static int SetRsaInternal(WOLFSSL_RSA* rsa)
WOLFSSL_MSG("rsa u key error");
return WOLFSSL_FATAL_ERROR;
}
#endif /* !RSA_LOW_MEM */
rsa->inSet = 1;
@@ -25520,6 +25653,11 @@ int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* key,
pkey = wolfSSL_PKEY_new_ex(bio->heap);
if (pkey == NULL) {
WOLFSSL_MSG("wolfSSL_PKEY_new_ex failed");
return SSL_FAILURE;
}
pkey->type = EVP_PKEY_RSA;
pkey->rsa = key;
pkey->ownRsa = 0;
@@ -25538,6 +25676,7 @@ int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* key,
derBuf = (byte*)XMALLOC(derMax, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (derBuf == NULL) {
WOLFSSL_MSG("malloc failed");
wolfSSL_EVP_PKEY_free(pkey);
return SSL_FAILURE;
}
@@ -25546,6 +25685,7 @@ int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* key,
if (derSz < 0) {
WOLFSSL_MSG("wc_RsaKeyToDer failed");
XFREE(derBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_EVP_PKEY_free(pkey);
return SSL_FAILURE;
}
@@ -25554,6 +25694,7 @@ int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* key,
if (pkey->pkey.ptr == NULL) {
WOLFSSL_MSG("key malloc failed");
XFREE(derBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL_EVP_PKEY_free(pkey);
return SSL_FAILURE;
}
pkey->pkey_sz = derSz;
@@ -28242,21 +28383,34 @@ void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx)
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
void wolfSSL_CTX_SetEccKeyGenCb(WOLFSSL_CTX* ctx, CallbackEccKeyGen cb)
{
if (ctx)
ctx->EccKeyGenCb = cb;
}
void wolfSSL_SetEccKeyGenCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->EccKeyGenCtx = ctx;
}
void* wolfSSL_GetEccKeyGenCtx(WOLFSSL* ssl)
{
if (ssl)
return ssl->EccKeyGenCtx;
return NULL;
}
void wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb)
{
if (ctx)
ctx->EccSignCb = cb;
}
void wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->EccSignCtx = ctx;
}
void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28265,21 +28419,16 @@ void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl)
return NULL;
}
void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb)
{
if (ctx)
ctx->EccVerifyCb = cb;
}
void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->EccVerifyCtx = ctx;
}
void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28293,14 +28442,11 @@ void wolfSSL_CTX_SetEccSharedSecretCb(WOLFSSL_CTX* ctx, CallbackEccSharedSecret
if (ctx)
ctx->EccSharedSecretCb = cb;
}
void wolfSSL_SetEccSharedSecretCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->EccSharedSecretCtx = ctx;
}
void* wolfSSL_GetEccSharedSecretCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28316,15 +28462,11 @@ void wolfSSL_CTX_SetEd25519SignCb(WOLFSSL_CTX* ctx, CallbackEd25519Sign cb)
if (ctx)
ctx->Ed25519SignCb = cb;
}
void wolfSSL_SetEd25519SignCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->Ed25519SignCtx = ctx;
}
void* wolfSSL_GetEd25519SignCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28333,21 +28475,16 @@ void* wolfSSL_GetEd25519SignCtx(WOLFSSL* ssl)
return NULL;
}
void wolfSSL_CTX_SetEd25519VerifyCb(WOLFSSL_CTX* ctx, CallbackEd25519Verify cb)
{
if (ctx)
ctx->Ed25519VerifyCb = cb;
}
void wolfSSL_SetEd25519VerifyCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->Ed25519VerifyCtx = ctx;
}
void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28355,23 +28492,39 @@ void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl)
return NULL;
}
#endif
#endif /* HAVE_ED25519 */
#ifdef HAVE_CURVE25519
void wolfSSL_CTX_SetX25519KeyGenCb(WOLFSSL_CTX* ctx,
CallbackX25519KeyGen cb)
{
if (ctx)
ctx->X25519KeyGenCb = cb;
}
void wolfSSL_SetX25519KeyGenCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->X25519KeyGenCtx = ctx;
}
void* wolfSSL_GetX25519KeyGenCtx(WOLFSSL* ssl)
{
if (ssl)
return ssl->X25519KeyGenCtx;
return NULL;
}
void wolfSSL_CTX_SetX25519SharedSecretCb(WOLFSSL_CTX* ctx,
CallbackX25519SharedSecret cb)
{
if (ctx)
ctx->X25519SharedSecretCb = cb;
}
void wolfSSL_SetX25519SharedSecretCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->X25519SharedSecretCtx = ctx;
}
void* wolfSSL_GetX25519SharedSecretCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28379,24 +28532,24 @@ void* wolfSSL_GetX25519SharedSecretCtx(WOLFSSL* ssl)
return NULL;
}
#endif
#endif /* HAVE_CURVE25519 */
#ifndef NO_RSA
void wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb)
{
if (ctx)
ctx->RsaSignCb = cb;
}
void wolfSSL_CTX_SetRsaSignCheckCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb)
{
if (ctx)
ctx->RsaSignCheckCb = cb;
}
void wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->RsaSignCtx = ctx;
}
void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28411,21 +28564,11 @@ void wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb)
if (ctx)
ctx->RsaVerifyCb = cb;
}
void wolfSSL_CTX_SetRsaSignCheckCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb)
{
if (ctx)
ctx->RsaSignCheckCb = cb;
}
void wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->RsaVerifyCtx = ctx;
}
void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28440,15 +28583,16 @@ void wolfSSL_CTX_SetRsaPssSignCb(WOLFSSL_CTX* ctx, CallbackRsaPssSign cb)
if (ctx)
ctx->RsaPssSignCb = cb;
}
void wolfSSL_CTX_SetRsaPssSignCheckCb(WOLFSSL_CTX* ctx, CallbackRsaPssVerify cb)
{
if (ctx)
ctx->RsaPssSignCheckCb = cb;
}
void wolfSSL_SetRsaPssSignCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->RsaPssSignCtx = ctx;
}
void* wolfSSL_GetRsaPssSignCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28457,27 +28601,16 @@ void* wolfSSL_GetRsaPssSignCtx(WOLFSSL* ssl)
return NULL;
}
void wolfSSL_CTX_SetRsaPssVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaPssVerify cb)
{
if (ctx)
ctx->RsaPssVerifyCb = cb;
}
void wolfSSL_CTX_SetRsaPssSignCheckCb(WOLFSSL_CTX* ctx, CallbackRsaPssVerify cb)
{
if (ctx)
ctx->RsaPssSignCheckCb = cb;
}
void wolfSSL_SetRsaPssVerifyCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->RsaPssVerifyCtx = ctx;
}
void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28485,22 +28618,18 @@ void* wolfSSL_GetRsaPssVerifyCtx(WOLFSSL* ssl)
return NULL;
}
#endif
#endif /* WC_RSA_PSS */
void wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb)
{
if (ctx)
ctx->RsaEncCb = cb;
}
void wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->RsaEncCtx = ctx;
}
void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28514,15 +28643,11 @@ void wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb)
if (ctx)
ctx->RsaDecCb = cb;
}
void wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->RsaDecCtx = ctx;
}
void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28530,27 +28655,22 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl)
return NULL;
}
#endif /* NO_RSA */
#endif /* HAVE_PK_CALLBACKS */
#endif /* NO_CERTS */
#if defined(HAVE_PK_CALLBACKS) && !defined(NO_DH)
void wolfSSL_CTX_SetDhAgreeCb(WOLFSSL_CTX* ctx, CallbackDhAgree cb)
{
if (ctx)
ctx->DhAgreeCb = cb;
}
void wolfSSL_SetDhAgreeCtx(WOLFSSL* ssl, void *ctx)
{
if (ssl)
ssl->DhAgreeCtx = ctx;
}
void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
{
if (ssl)
@@ -28831,6 +28951,12 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
return NULL;
if (XFSEEK(bp->file, i, SEEK_SET) != 0)
return NULL;
/* check calculated length */
if (l - i < 0)
return NULL;
l -= i;
#else
WOLFSSL_MSG("Unable to read file with NO_FILESYSTEM defined");
return NULL;
@@ -28839,10 +28965,7 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
else
return NULL;
/* check calculated length */
if (l - i < 0)
return NULL;
pem = (unsigned char*)XMALLOC(l - i, 0, DYNAMIC_TYPE_PEM);
pem = (unsigned char*)XMALLOC(l, 0, DYNAMIC_TYPE_PEM);
if (pem == NULL)
return NULL;
src/tls.c
+63 -28
View File
@@ -1129,8 +1129,8 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
b = in[k - WOLFSSL_TLS_HMAC_INNER_SZ];
b = ctMaskSel(atEoc, b, 0x80);
b &= ~pastEoc;
b &= ~isOutBlock | isEocBlock;
b &= (unsigned char)~(word32)pastEoc;
b &= ((unsigned char)~(word32)isOutBlock) | isEocBlock;
if (j >= blockSz - 8) {
b = ctMaskSel(isOutBlock, b, lenBytes[j - (blockSz - 8)]);
@@ -5856,7 +5856,11 @@ static int TLSX_KeyShare_GenDhKey(WOLFSSL *ssl, KeyShareEntry* kse)
word32 keySz;
word32 dataSz;
const DhParams* params;
DhKey dhKey;
#ifdef WOLFSSL_SMALL_STACK
DhKey* dhKey = NULL;
#else
DhKey dhKey[1];
#endif
/* TODO: [TLS13] The key size should come from wolfcrypt. */
/* Pick the parameters from the named group. */
@@ -5895,9 +5899,19 @@ static int TLSX_KeyShare_GenDhKey(WOLFSSL *ssl, KeyShareEntry* kse)
return BAD_FUNC_ARG;
}
ret = wc_InitDhKey_ex(&dhKey, ssl->heap, ssl->devId);
if (ret != 0)
#ifdef WOLFSSL_SMALL_STACK
dhKey = (DhKey*)XMALLOC(sizeof(DhKey), ssl->heap, DYNAMIC_TYPE_DH);
if (dhKey == NULL)
return MEMORY_E;
#endif
ret = wc_InitDhKey_ex(dhKey, ssl->heap, ssl->devId);
if (ret != 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
/* Allocate space for the public key. */
dataSz = params->p_len;
@@ -5914,19 +5928,19 @@ static int TLSX_KeyShare_GenDhKey(WOLFSSL *ssl, KeyShareEntry* kse)
}
/* Set key */
ret = wc_DhSetKey(&dhKey,
ret = wc_DhSetKey(dhKey,
(byte*)params->p, params->p_len,
(byte*)params->g, params->g_len);
if (ret != 0)
goto end;
/* Generate a new key pair. */
ret = wc_DhGenerateKeyPair(&dhKey, ssl->rng, (byte*)key, &keySz, keyData,
ret = wc_DhGenerateKeyPair(dhKey, ssl->rng, (byte*)key, &keySz, keyData,
&dataSz);
#ifdef WOLFSSL_ASYNC_CRYPT
/* TODO: Make this function non-blocking */
if (ret == WC_PENDING_E) {
ret = wc_AsyncWait(ret, &dhKey.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, &dhKey->asyncDev, WC_ASYNC_FLAG_NONE);
}
#endif
if (ret != 0)
@@ -5950,7 +5964,10 @@ static int TLSX_KeyShare_GenDhKey(WOLFSSL *ssl, KeyShareEntry* kse)
end:
wc_FreeDhKey(&dhKey);
wc_FreeDhKey(dhKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
#endif
if (ret != 0) {
/* Data owned by key share entry otherwise. */
@@ -6299,7 +6316,11 @@ static int TLSX_KeyShare_ProcessDh(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
#ifndef NO_DH
int ret;
const DhParams* params;
DhKey dhKey;
#ifdef WOLFSSL_SMALL_STACK
DhKey* dhKey = NULL;
#else
DhKey dhKey[1];
#endif
switch (keyShareEntry->group) {
#ifdef HAVE_FFDHE_2048
@@ -6336,37 +6357,56 @@ static int TLSX_KeyShare_ProcessDh(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
WOLFSSL_BUFFER(keyShareEntry->ke, keyShareEntry->keLen);
#endif
ret = wc_InitDhKey_ex(&dhKey, ssl->heap, ssl->devId);
if (ret != 0)
return ret;
#ifdef WOLFSSL_SMALL_STACK
dhKey = (DhKey*)XMALLOC(sizeof(DhKey), ssl->heap, DYNAMIC_TYPE_DH);
if (dhKey == NULL)
return MEMORY_E;
#endif
/* Set key */
ret = wc_DhSetKey(&dhKey, (byte*)params->p, params->p_len, (byte*)params->g,
params->g_len);
ret = wc_InitDhKey_ex(dhKey, ssl->heap, ssl->devId);
if (ret != 0) {
wc_FreeDhKey(&dhKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
ret = wc_DhCheckPubKey(&dhKey, keyShareEntry->ke, keyShareEntry->keLen);
/* Set key */
ret = wc_DhSetKey(dhKey, (byte*)params->p, params->p_len, (byte*)params->g,
params->g_len);
if (ret != 0) {
wc_FreeDhKey(&dhKey);
wc_FreeDhKey(dhKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
ret = wc_DhCheckPubKey(dhKey, keyShareEntry->ke, keyShareEntry->keLen);
if (ret != 0) {
wc_FreeDhKey(dhKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
#endif
return PEER_KEY_ERROR;
}
/* Derive secret from private key and peer's public key. */
ret = wc_DhAgree(&dhKey,
ret = wc_DhAgree(dhKey,
ssl->arrays->preMasterSecret, &ssl->arrays->preMasterSz,
(const byte*)keyShareEntry->key, keyShareEntry->keyLen,
keyShareEntry->ke, keyShareEntry->keLen);
#ifdef WOLFSSL_ASYNC_CRYPT
/* TODO: Make this function non-blocking */
if (ret == WC_PENDING_E) {
ret = wc_AsyncWait(ret, &dhKey.asyncDev, WC_ASYNC_FLAG_NONE);
ret = wc_AsyncWait(ret, dhKey.asyncDev, WC_ASYNC_FLAG_NONE);
}
#endif
wc_FreeDhKey(&dhKey);
wc_FreeDhKey(dhKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(dhKey, ssl->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
#else
@@ -6529,12 +6569,7 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
ret = EccSharedSecret(ssl, keyShareEntry->key, ssl->peerEccKey,
keyShareEntry->ke, &keyShareEntry->keLen,
ssl->arrays->preMasterSecret, &ssl->arrays->preMasterSz,
ssl->options.side,
#ifdef HAVE_PK_CALLBACKS
ssl->EccSharedSecretCtx
#else
NULL
#endif
ssl->options.side
);
#endif
src/tls13.c
+14 -29
View File
@@ -5319,10 +5319,9 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
&sig->length, (ecc_key*)ssl->hsKey,
#ifdef HAVE_PK_CALLBACKS
ssl->buffers.key,
ssl->EccSignCtx
ssl->buffers.key
#else
NULL, NULL
NULL
#endif
);
args->length = (word16)sig->length;
@@ -5334,10 +5333,9 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
&sig->length, (ed25519_key*)ssl->hsKey,
#ifdef HAVE_PK_CALLBACKS
ssl->buffers.key,
ssl->Ed25519SignCtx
ssl->buffers.key
#else
NULL, NULL
NULL
#endif
);
args->length = sig->length;
@@ -5350,12 +5348,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
args->verify + HASH_SIG_SIZE + VERIFY_HEADER, &args->sigLen,
args->sigAlgo, ssl->suites->hashAlgo,
(RsaKey*)ssl->hsKey,
ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
ssl->buffers.key
);
args->length = (word16)args->sigLen;
}
@@ -5393,12 +5386,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
ret = VerifyRsaSign(ssl, args->verifySig, args->sigLen,
sig->buffer, sig->length, args->sigAlgo,
ssl->suites->hashAlgo, (RsaKey*)ssl->hsKey,
ssl->buffers.key,
#ifdef HAVE_PK_CALLBACKS
ssl->RsaSignCtx
#else
NULL
#endif
ssl->buffers.key
);
}
#endif /* !NO_RSA */
@@ -5718,10 +5706,9 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
ret = RsaVerify(ssl, sig->buffer, sig->length, &args->output,
args->sigAlgo, args->hashAlgo, ssl->peerRsaKey,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerRsaKey,
ssl->RsaVerifyCtx
&ssl->buffers.peerRsaKey
#else
NULL, NULL
NULL
#endif
);
if (ret >= 0) {
@@ -5738,10 +5725,9 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
args->sigData, args->sigDataSz,
ssl->peerEccDsaKey,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerEccDsaKey,
ssl->EccVerifyCtx
&ssl->buffers.peerEccDsaKey
#else
NULL, NULL
NULL
#endif
);
}
@@ -5754,10 +5740,9 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
args->sigData, args->sigDataSz,
ssl->peerEd25519Key,
#ifdef HAVE_PK_CALLBACKS
&ssl->buffers.peerEd25519Key,
ssl->Ed25519VerifyCtx
&ssl->buffers.peerEd25519Key
#else
NULL, NULL
NULL
#endif
);
}
@@ -8068,7 +8053,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
return WOLFSSL_FATAL_ERROR;
}
}
ssl->options.acceptState = TLS13_ACCEPT_HELLO_RETRY_REQUEST_DONE;
WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE");
FALL_THROUGH;
@@ -8125,7 +8110,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
ssl->options.sentChangeCipher = 1;
}
#endif
ssl->options.acceptState = TLS13_ACCEPT_THIRD_REPLY_DONE;
WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE");
FALL_THROUGH;
tests/api.c
+150 -37
View File
@@ -744,6 +744,25 @@ static void test_wolfSSL_CTX_load_verify_locations(void)
#endif
}
static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
{
int ret = 0;
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
const char* server_chain_der = "./certs/server-cert-chain.der";
WOLFSSL_CTX* ctx;
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
AssertNotNull(ctx);
AssertIntEQ(wolfSSL_CTX_use_certificate_chain_file_format(ctx,
server_chain_der, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
wolfSSL_CTX_free(ctx);
#endif
return ret;
}
static void test_wolfSSL_CTX_SetTmpDH_file(void)
{
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
@@ -795,6 +814,37 @@ static void test_wolfSSL_CTX_SetTmpDH_buffer(void)
#endif
}
static void test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
{
#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx;
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 3072));
AssertIntEQ(DH_KEY_SIZE_E, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 2048));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 1024));
AssertIntEQ(DH_KEY_SIZE_E, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 2048));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetTmpDH_buffer(ctx, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
wolfSSL_CTX_free(ctx);
#endif
}
/*----------------------------------------------------------------------------*
| SSL
*----------------------------------------------------------------------------*/
@@ -930,6 +980,56 @@ static void test_wolfSSL_SetTmpDH_buffer(void)
#endif
}
static void test_wolfSSL_SetMinMaxDhKey_Sz(void)
{
#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_CLIENT)
WOLFSSL_CTX *ctx, *ctx2;
WOLFSSL *ssl, *ssl2;
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
AssertTrue(wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMinDhKey_Sz(ctx, 3072));
AssertNotNull(ssl = wolfSSL_new(ctx));
AssertNotNull(ctx2 = wolfSSL_CTX_new(wolfSSLv23_server_method()));
AssertTrue(wolfSSL_CTX_use_certificate_buffer(ctx2, server_cert_der_2048,
sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertTrue(wolfSSL_CTX_use_PrivateKey_buffer(ctx2, server_key_der_2048,
sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_SetMaxDhKey_Sz(ctx, 1024));
AssertNotNull(ssl2 = wolfSSL_new(ctx2));
AssertIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMinDhKey_Sz(ssl, 2048));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMinDhKey_Sz(ssl, 3072));
AssertIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl2, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMaxDhKey_Sz(ssl2, 2048));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetTmpDH_buffer(ssl2, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SetMaxDhKey_Sz(ssl2, 1024));
AssertIntEQ(DH_KEY_SIZE_E, wolfSSL_SetTmpDH_buffer(ssl, dh_key_der_2048,
sizeof_dh_key_der_2048, WOLFSSL_FILETYPE_ASN1));
wolfSSL_free(ssl2);
wolfSSL_CTX_free(ctx2);
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
}
/* Test function for wolfSSL_SetMinVersion. Sets the minimum downgrade version
* allowed.
@@ -1837,26 +1937,26 @@ static void test_wolfSSL_read_write(void)
defined(WOLFSSL_SESSION_EXPORT)
/* canned export of a session using older version 3 */
static unsigned char version_3[] = {
0xA5, 0xA3, 0x01, 0x87, 0x00, 0x39, 0x00, 0x01,
0x00, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x80,
0x00, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
0x01, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01,
0xA5, 0xA3, 0x01, 0x87, 0x00, 0x3b, 0x00, 0x01,
0x00, 0x00, 0x00, 0x80, 0x0C, 0x00, 0x00, 0x00,
0x00, 0x80, 0x00, 0x1C, 0x00, 0x00, 0x00, 0x00,
0x00, 0x01, 0x01, 0x01, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0x30, 0x05,
0x09, 0x0A, 0x01, 0x01, 0x00, 0x0D, 0x05, 0xFE,
0xFD, 0x01, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0xC0, 0x30, 0x05, 0x09, 0x0A,
0x01, 0x01, 0x00, 0x0D, 0x05, 0xFE, 0xFD, 0x01,
0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x06, 0x00, 0x05, 0x00, 0x06, 0x00, 0x00, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00,
0x05, 0x00, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06, 0x00,
0x01, 0x00, 0x07, 0x00, 0x00, 0x00, 0x30, 0x00,
0x00, 0x00, 0x10, 0x01, 0x01, 0x00, 0x02, 0x00,
0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x00, 0x00, 0x3F, 0x00, 0x00, 0x00,
0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00,
0x06, 0x00, 0x01, 0x00, 0x07, 0x00, 0x00, 0x00,
0x30, 0x00, 0x00, 0x00, 0x10, 0x01, 0x01, 0x00,
0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x3F, 0x00,
0x00, 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -1868,25 +1968,25 @@ static unsigned char version_3[] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x20, 0x05, 0x12, 0xCF, 0x22,
0xA1, 0x9F, 0x1C, 0x39, 0x1D, 0x31, 0x11, 0x12,
0x1D, 0x11, 0x18, 0x0D, 0x0B, 0xF3, 0xE1, 0x4D,
0xDC, 0xB1, 0xF1, 0x39, 0x98, 0x91, 0x6C, 0x48,
0xE5, 0xED, 0x11, 0x12, 0xA0, 0x00, 0xF2, 0x25,
0x4C, 0x09, 0x26, 0xD1, 0x74, 0xDF, 0x23, 0x40,
0x15, 0x6A, 0x42, 0x2A, 0x26, 0xA5, 0xAC, 0x56,
0xD5, 0x4A, 0x20, 0xB7, 0xE9, 0xEF, 0xEB, 0xAF,
0xA8, 0x1E, 0x23, 0x7C, 0x04, 0xAA, 0xA1, 0x6D,
0x92, 0x79, 0x7B, 0xFA, 0x80, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x0C, 0x79, 0x7B,
0xFA, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0xAA, 0xA1, 0x6D, 0x92, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10,
0x00, 0x20, 0x00, 0x04, 0x00, 0x10, 0x00, 0x10,
0x08, 0x02, 0x05, 0x08, 0x01, 0x30, 0x28, 0x00,
0x00, 0x0F, 0x00, 0x02, 0x00, 0x09, 0x31, 0x32,
0x37, 0x2E, 0x30, 0x2E, 0x30, 0x2E, 0x31, 0xED,
0x4F
0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x05, 0x12,
0xCF, 0x22, 0xA1, 0x9F, 0x1C, 0x39, 0x1D, 0x31,
0x11, 0x12, 0x1D, 0x11, 0x18, 0x0D, 0x0B, 0xF3,
0xE1, 0x4D, 0xDC, 0xB1, 0xF1, 0x39, 0x98, 0x91,
0x6C, 0x48, 0xE5, 0xED, 0x11, 0x12, 0xA0, 0x00,
0xF2, 0x25, 0x4C, 0x09, 0x26, 0xD1, 0x74, 0xDF,
0x23, 0x40, 0x15, 0x6A, 0x42, 0x2A, 0x26, 0xA5,
0xAC, 0x56, 0xD5, 0x4A, 0x20, 0xB7, 0xE9, 0xEF,
0xEB, 0xAF, 0xA8, 0x1E, 0x23, 0x7C, 0x04, 0xAA,
0xA1, 0x6D, 0x92, 0x79, 0x7B, 0xFA, 0x80, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x0C,
0x79, 0x7B, 0xFA, 0x80, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xAA, 0xA1, 0x6D, 0x92,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x10, 0x00, 0x20, 0x00, 0x04, 0x00, 0x10,
0x00, 0x10, 0x08, 0x02, 0x05, 0x08, 0x01, 0x30,
0x28, 0x00, 0x00, 0x0F, 0x00, 0x02, 0x00, 0x09,
0x31, 0x32, 0x37, 0x2E, 0x30, 0x2E, 0x30, 0x2E,
0x31, 0xED, 0x4F
};
#endif /* defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) && \
defined(WOLFSSL_SESSION_EXPORT) */
@@ -17750,12 +17850,13 @@ static void test_wolfSSL_BIO_gets(void)
AssertNotNull(bio = BIO_new_mem_buf((void*)emp, sizeof(emp)));
AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 1); /* just terminator */
AssertStrEQ(emp, buffer);
AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 0); /* Nothing to read */
/* check error cases */
BIO_free(bio);
AssertIntEQ(BIO_gets(NULL, NULL, 0), SSL_FAILURE);
AssertNotNull(bio = BIO_new(BIO_s_mem()));
AssertIntEQ(BIO_gets(bio, buffer, 2), -1); /* nothing to read */
AssertIntEQ(BIO_gets(bio, buffer, 2), 0); /* nothing to read */
#if !defined(NO_FILESYSTEM)
{
@@ -17779,6 +17880,7 @@ static void test_wolfSSL_BIO_gets(void)
XMEMCPY(msg, "\nhello wolfSSL\n security plus\t---...**adf\na...b.c",
sizeof(msg));
AssertNotNull(bio = BIO_new(BIO_s_bio()));
AssertIntEQ(BIO_gets(bio, buffer, 2), 0); /* nothing to read */
AssertNotNull(bio2 = BIO_new(BIO_s_bio()));
AssertIntEQ(BIO_set_write_buf_size(bio, 10), SSL_SUCCESS);
@@ -17797,6 +17899,14 @@ static void test_wolfSSL_BIO_gets(void)
BIO_free(bio);
BIO_free(bio2);
/* check reading an empty string */
AssertNotNull(bio = BIO_new(BIO_s_bio()));
AssertIntEQ(BIO_set_write_buf_size(bio, sizeof(emp)), SSL_SUCCESS);
AssertIntEQ(BIO_gets(bio, buffer, bufferSz), 0); /* Nothing to read */
AssertStrEQ(emp, buffer);
BIO_free(bio);
printf(resultFmt, passed);
#endif
}
@@ -20043,13 +20153,16 @@ void ApiTest(void)
AssertIntEQ(test_wolfSSL_CTX_use_certificate_buffer(), WOLFSSL_SUCCESS);
test_wolfSSL_CTX_use_PrivateKey_file();
test_wolfSSL_CTX_load_verify_locations();
test_wolfSSL_CTX_use_certificate_chain_file_format();
test_wolfSSL_CTX_trust_peer_cert();
test_wolfSSL_CTX_SetTmpDH_file();
test_wolfSSL_CTX_SetTmpDH_buffer();
test_wolfSSL_CTX_SetMinMaxDhKey_Sz();
test_server_wolfSSL_new();
test_client_wolfSSL_new();
test_wolfSSL_SetTmpDH_file();
test_wolfSSL_SetTmpDH_buffer();
test_wolfSSL_SetMinMaxDhKey_Sz();
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
test_wolfSSL_read_write();
#endif
wolfcrypt/src/asn.c
+132 -36
View File
@@ -746,6 +746,25 @@ int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, word32 maxIdx)
return 0;
}
#ifdef RSA_LOW_MEM
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
static int SkipInt(const byte* input, word32* inOutIdx, word32 maxIdx)
{
word32 idx = *inOutIdx;
int ret;
int length;
ret = GetASNInt(input, &idx, &length, maxIdx);
if (ret != 0)
return ret;
*inOutIdx = idx + length;
return 0;
}
#endif
#endif
static int CheckBitString(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx, int zeroBits, byte* unusedBits)
{
@@ -2092,10 +2111,16 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
GetInt(&key->e, input, inOutIdx, inSz) < 0 ||
GetInt(&key->d, input, inOutIdx, inSz) < 0 ||
GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
GetInt(&key->dP, input, inOutIdx, inSz) < 0 ||
GetInt(&key->q, input, inOutIdx, inSz) < 0) return ASN_RSA_KEY_E;
#ifndef RSA_LOW_MEM
if (GetInt(&key->dP, input, inOutIdx, inSz) < 0 ||
GetInt(&key->dQ, input, inOutIdx, inSz) < 0 ||
GetInt(&key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
#else
if (SkipInt(input, inOutIdx, inSz) < 0 ||
SkipInt(input, inOutIdx, inSz) < 0 ||
SkipInt(input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
#endif
#ifdef WOLFSSL_XILINX_CRYPT
if (wc_InitRsaHw(key) != 0) {
@@ -2310,20 +2335,45 @@ int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der)
#if !defined(NO_RSA)
/* test if RSA key */
if (der->keyOID == RSAk) {
RsaKey a, b;
#ifdef WOLFSSL_SMALL_STACK
RsaKey* a = NULL;
RsaKey* b = NULL;
#else
RsaKey a[1], b[1];
#endif
word32 keyIdx = 0;
if ((ret = wc_InitRsaKey(&a, NULL)) < 0)
return ret;
if ((ret = wc_InitRsaKey(&b, NULL)) < 0) {
wc_FreeRsaKey(&a);
#ifdef WOLFSSL_SMALL_STACK
a = XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
if (a == NULL)
return MEMORY_E;
b = XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
if (b == NULL) {
XFREE(a, NULL, DYNAMIC_TYPE_RSA);
return MEMORY_E;
}
#endif
if ((ret = wc_InitRsaKey(a, NULL)) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(b, NULL, DYNAMIC_TYPE_RSA);
XFREE(a, NULL, DYNAMIC_TYPE_RSA);
#endif
return ret;
}
if ((ret = wc_RsaPrivateKeyDecode(key, &keyIdx, &a, keySz)) == 0) {
if ((ret = wc_InitRsaKey(b, NULL)) < 0) {
wc_FreeRsaKey(a);
#ifdef WOLFSSL_SMALL_STACK
XFREE(b, NULL, DYNAMIC_TYPE_RSA);
XFREE(a, NULL, DYNAMIC_TYPE_RSA);
#endif
return ret;
}
if ((ret = wc_RsaPrivateKeyDecode(key, &keyIdx, a, keySz)) == 0) {
WOLFSSL_MSG("Checking RSA key pair");
keyIdx = 0; /* reset to 0 for parsing public key */
if ((ret = wc_RsaPublicKeyDecode(der->publicKey, &keyIdx, &b,
if ((ret = wc_RsaPublicKeyDecode(der->publicKey, &keyIdx, b,
der->pubKeySize)) == 0) {
/* limit for user RSA crypto because of RsaKey
* dereference. */
@@ -2333,8 +2383,8 @@ int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der)
#else
/* both keys extracted successfully now check n and e
* values are the same. This is dereferencing RsaKey */
if (mp_cmp(&(a.n), &(b.n)) != MP_EQ ||
mp_cmp(&(a.e), &(b.e)) != MP_EQ) {
if (mp_cmp(&(a->n), &(b->n)) != MP_EQ ||
mp_cmp(&(a->e), &(b->e)) != MP_EQ) {
ret = MP_CMP_E;
}
else
@@ -2342,73 +2392,119 @@ int wc_CheckPrivateKey(byte* key, word32 keySz, DecodedCert* der)
#endif
}
}
wc_FreeRsaKey(&b);
wc_FreeRsaKey(&a);
wc_FreeRsaKey(b);
wc_FreeRsaKey(a);
#ifdef WOLFSSL_SMALL_STACK
XFREE(b, NULL, DYNAMIC_TYPE_RSA);
XFREE(a, NULL, DYNAMIC_TYPE_RSA);
#endif
}
else
#endif /* NO_RSA */
#ifdef HAVE_ECC
if (der->keyOID == ECDSAk) {
ecc_key key_pair;
byte privDer[MAX_ECC_BYTES];
word32 privSz = MAX_ECC_BYTES;
word32 keyIdx = 0;
#ifdef WOLFSSL_SMALL_STACK
ecc_key* key_pair = NULL;
byte* privDer;
#else
ecc_key key_pair[1];
byte privDer[MAX_ECC_BYTES];
#endif
word32 privSz = MAX_ECC_BYTES;
word32 keyIdx = 0;
if ((ret = wc_ecc_init(&key_pair)) < 0)
#ifdef WOLFSSL_SMALL_STACK
key_pair = XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
if (key_pair == NULL)
return MEMORY_E;
privDer = XMALLOC(MAX_ECC_BYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (privDer == NULL) {
XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
return MEMORY_E;
}
#endif
if ((ret = wc_ecc_init(key_pair)) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
#endif
return ret;
}
if ((ret = wc_EccPrivateKeyDecode(key, &keyIdx, &key_pair,
if ((ret = wc_EccPrivateKeyDecode(key, &keyIdx, key_pair,
keySz)) == 0) {
WOLFSSL_MSG("Checking ECC key pair");
if ((ret = wc_ecc_export_private_only(&key_pair, privDer, &privSz))
if ((ret = wc_ecc_export_private_only(key_pair, privDer, &privSz))
== 0) {
wc_ecc_free(&key_pair);
ret = wc_ecc_init(&key_pair);
wc_ecc_free(key_pair);
ret = wc_ecc_init(key_pair);
if (ret == 0) {
ret = wc_ecc_import_private_key((const byte*)privDer,
privSz, (const byte*)der->publicKey,
der->pubKeySize, &key_pair);
der->pubKeySize, key_pair);
}
/* public and private extracted successfuly now check if is
* a pair and also do sanity checks on key. wc_ecc_check_key
* checks that private * base generator equals pubkey */
if (ret == 0) {
if ((ret = wc_ecc_check_key(&key_pair)) == 0) {
if ((ret = wc_ecc_check_key(key_pair)) == 0) {
ret = 1;
}
}
ForceZero(privDer, privSz);
}
}
wc_ecc_free(&key_pair);
wc_ecc_free(key_pair);
#ifdef WOLFSSL_SMALL_STACK
XFREE(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
#endif
}
else
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
if (der->keyOID == ED25519k) {
word32 keyIdx = 0;
ed25519_key key_pair;
#ifdef WOLFSSL_SMALL_STACK
ed25519_key* key_pair = NULL;
#else
ed25519_key key_pair[1];
#endif
word32 keyIdx = 0;
if ((ret = wc_ed25519_init(&key_pair)) < 0)
#ifdef WOLFSSL_SMALL_STACK
key_pair = XMALLOC(sizeof(ed25519_key), NULL, DYNAMIC_TYPE_ED25519);
if (key_pair == NULL)
return MEMORY_E;
#endif
if ((ret = wc_ed25519_init(key_pair)) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519);
#endif
return ret;
if ((ret = wc_Ed25519PrivateKeyDecode(key, &keyIdx, &key_pair,
}
if ((ret = wc_Ed25519PrivateKeyDecode(key, &keyIdx, key_pair,
keySz)) == 0) {
WOLFSSL_MSG("Checking ED25519 key pair");
keyIdx = 0;
if ((ret = wc_ed25519_import_public(der->publicKey, der->pubKeySize,
&key_pair)) == 0) {
key_pair)) == 0) {
/* public and private extracted successfuly no check if is
* a pair and also do sanity checks on key. wc_ecc_check_key
* checks that private * base generator equals pubkey */
if ((ret = wc_ed25519_check_key(&key_pair)) == 0)
if ((ret = wc_ed25519_check_key(key_pair)) == 0)
ret = 1;
}
}
wc_ed25519_free(&key_pair);
wc_ed25519_free(key_pair);
#ifdef WOLFSSL_SMALL_STACK
XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519);
#endif
}
else
#endif
@@ -8660,7 +8756,7 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)
int wc_InitCert(Cert* cert)
{
#ifdef WOLFSSL_MULTI_ATTRIB
int i;
int i = 0;
#endif
if (cert == NULL) {
return BAD_FUNC_ARG;
@@ -10114,7 +10210,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
/* SKID */
if (cert->skidSz) {
/* check the provided SKID size */
if (cert->skidSz > (int)sizeof(der->skid))
if (cert->skidSz > (int)min(CTC_MAX_SKID_SIZE, sizeof(der->skid)))
return SKID_E;
/* Note: different skid buffers sizes for der (MAX_KID_SZ) and
@@ -10132,7 +10228,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
/* AKID */
if (cert->akidSz) {
/* check the provided AKID size */
if (cert->akidSz > (int)sizeof(der->akid))
if (cert->akidSz > (int)min(CTC_MAX_AKID_SIZE, sizeof(der->akid)))
return AKID_E;
der->akidSz = SetAKID(der->akid, sizeof(der->akid),
@@ -10665,7 +10761,7 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
/* SKID */
if (cert->skidSz) {
/* check the provided SKID size */
if (cert->skidSz > (int)sizeof(der->skid))
if (cert->skidSz > (int)min(CTC_MAX_SKID_SIZE, sizeof(der->skid)))
return SKID_E;
der->skidSz = SetSKID(der->skid, sizeof(der->skid),
wolfcrypt/src/dh.c
+293 -96
View File
@@ -1028,7 +1028,12 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
{
byte* cBuf;
int qSz, pSz, cSz, err;
mp_int tmpQ, tmpX;
#ifdef WOLFSSL_SMALL_STACK
mp_int* tmpQ = NULL;
mp_int* tmpX = NULL;
#else
mp_int tmpQ[1], tmpX[1];
#endif
/* Parameters validated in calling functions. */
@@ -1052,61 +1057,87 @@ static int GeneratePrivateDh186(DhKey* key, WC_RNG* rng, byte* priv,
if (cBuf == NULL) {
return MEMORY_E;
}
#ifdef WOLFSSL_SMALL_STACK
tmpQ = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (tmpQ == NULL) {
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
tmpX = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (tmpX == NULL) {
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
#endif
if ((err = mp_init_multi(&tmpX, &tmpQ, NULL, NULL, NULL, NULL))
if ((err = mp_init_multi(tmpX, tmpQ, NULL, NULL, NULL, NULL))
!= MP_OKAY) {
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
#endif
return err;
}
do {
/* generate N+64 bits (c) from RBG into &tmpX, making sure positive.
/* generate N+64 bits (c) from RBG into tmpX, making sure positive.
* Hash_DRBG uses SHA-256 which matches maximum
* requested_security_strength of (L,N) */
err = wc_RNG_GenerateBlock(rng, cBuf, cSz);
if (err == MP_OKAY)
err = mp_read_unsigned_bin(&tmpX, cBuf, cSz);
err = mp_read_unsigned_bin(tmpX, cBuf, cSz);
if (err != MP_OKAY) {
mp_clear(&tmpX);
mp_clear(&tmpQ);
mp_clear(tmpX);
mp_clear(tmpQ);
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
#endif
return err;
}
} while (mp_cmp_d(&tmpX, 1) != MP_GT);
} while (mp_cmp_d(tmpX, 1) != MP_GT);
ForceZero(cBuf, cSz);
XFREE(cBuf, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
/* tmpQ = q - 1 */
if (err == MP_OKAY)
err = mp_copy(&key->q, &tmpQ);
err = mp_copy(&key->q, tmpQ);
if (err == MP_OKAY)
err = mp_sub_d(&tmpQ, 1, &tmpQ);
err = mp_sub_d(tmpQ, 1, tmpQ);
/* x = c mod (q-1), &tmpX holds c */
/* x = c mod (q-1), tmpX holds c */
if (err == MP_OKAY)
err = mp_mod(&tmpX, &tmpQ, &tmpX);
err = mp_mod(tmpX, tmpQ, tmpX);
/* x = c mod (q-1) + 1 */
if (err == MP_OKAY)
err = mp_add_d(&tmpX, 1, &tmpX);
err = mp_add_d(tmpX, 1, tmpX);
/* copy tmpX into priv */
if (err == MP_OKAY) {
pSz = mp_unsigned_bin_size(&tmpX);
pSz = mp_unsigned_bin_size(tmpX);
if (pSz > (int)*privSz) {
WOLFSSL_MSG("DH private key output buffer too small");
err = BAD_FUNC_ARG;
} else {
*privSz = pSz;
err = mp_to_unsigned_bin(&tmpX, priv);
err = mp_to_unsigned_bin(tmpX, priv);
}
}
mp_forcezero(&tmpX);
mp_clear(&tmpX);
mp_clear(&tmpQ);
mp_forcezero(tmpX);
mp_clear(tmpX);
mp_clear(tmpQ);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpQ, key->heap, DYNAMIC_TYPE_DH);
XFREE(tmpX, key->heap, DYNAMIC_TYPE_DH);
#endif
return err;
}
@@ -1175,8 +1206,13 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
{
int ret = 0;
#ifndef WOLFSSL_SP_MATH
mp_int x;
mp_int y;
#ifdef WOLFSSL_SMALL_STACK
mp_int* x = NULL;
mp_int* y = NULL;
#else
mp_int x[1];
mp_int y[1];
#endif
#endif
#ifdef WOLFSSL_HAVE_SP_DH
@@ -1191,23 +1227,37 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
#endif
#ifndef WOLFSSL_SP_MATH
if (mp_init_multi(&x, &y, 0, 0, 0, 0) != MP_OKAY)
#ifdef WOLFSSL_SMALL_STACK
x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (x == NULL)
return MEMORY_E;
y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (y == NULL) {
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
#endif
if (mp_init_multi(x, y, 0, 0, 0, 0) != MP_OKAY)
return MP_INIT_E;
if (mp_read_unsigned_bin(&x, priv, privSz) != MP_OKAY)
if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
ret = MP_READ_E;
if (ret == 0 && mp_exptmod(&key->g, &x, &key->p, &y) != MP_OKAY)
if (ret == 0 && mp_exptmod(&key->g, x, &key->p, y) != MP_OKAY)
ret = MP_EXPTMOD_E;
if (ret == 0 && mp_to_unsigned_bin(&y, pub) != MP_OKAY)
if (ret == 0 && mp_to_unsigned_bin(y, pub) != MP_OKAY)
ret = MP_TO_E;
if (ret == 0)
*pubSz = mp_unsigned_bin_size(&y);
*pubSz = mp_unsigned_bin_size(y);
mp_clear(&y);
mp_clear(&x);
mp_clear(y);
mp_clear(x);
#ifdef WOLFSSL_SMALL_STACK
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif
#else
ret = WC_KEY_SIZE_E;
#endif
@@ -1306,53 +1356,76 @@ int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
const byte* prime, word32 primeSz)
{
int ret = 0;
mp_int y;
mp_int p;
mp_int q;
#ifdef WOLFSSL_SMALL_STACK
mp_int* y = NULL;
mp_int* p = NULL;
mp_int* q = NULL;
#else
mp_int y[1];
mp_int p[1];
mp_int q[1];
#endif
if (key == NULL || pub == NULL) {
return BAD_FUNC_ARG;
}
if (mp_init_multi(&y, &p, &q, NULL, NULL, NULL) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (y == NULL)
return MEMORY_E;
p = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (p == NULL) {
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (q == NULL) {
XFREE(p, key->heap, DYNAMIC_TYPE_DH);
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
#endif
if (mp_init_multi(y, p, q, NULL, NULL, NULL) != MP_OKAY) {
return MP_INIT_E;
}
if (mp_read_unsigned_bin(&y, pub, pubSz) != MP_OKAY) {
if (mp_read_unsigned_bin(y, pub, pubSz) != MP_OKAY) {
ret = MP_READ_E;
}
if (ret == 0 && prime != NULL) {
if (mp_read_unsigned_bin(&q, prime, primeSz) != MP_OKAY)
if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
ret = MP_READ_E;
} else if (mp_iszero(&key->q) == MP_NO) {
/* use q available in DhKey */
if (mp_copy(&key->q, &q) != MP_OKAY)
if (mp_copy(&key->q, q) != MP_OKAY)
ret = MP_INIT_E;
}
/* SP 800-56Ar3, section 5.6.2.3.1, process step 1 */
/* pub (y) should not be 0 or 1 */
if (ret == 0 && mp_cmp_d(&y, 2) == MP_LT) {
if (ret == 0 && mp_cmp_d(y, 2) == MP_LT) {
ret = MP_CMP_E;
}
/* pub (y) shouldn't be greater than or equal to p - 1 */
if (ret == 0 && mp_copy(&key->p, &p) != MP_OKAY) {
if (ret == 0 && mp_copy(&key->p, p) != MP_OKAY) {
ret = MP_INIT_E;
}
if (ret == 0 && mp_sub_d(&p, 2, &p) != MP_OKAY) {
if (ret == 0 && mp_sub_d(p, 2, p) != MP_OKAY) {
ret = MP_SUB_E;
}
if (ret == 0 && mp_cmp(&y, &p) == MP_GT) {
if (ret == 0 && mp_cmp(y, p) == MP_GT) {
ret = MP_CMP_E;
}
if (ret == 0 && (prime != NULL || (mp_iszero(&key->q) == MP_NO) )) {
/* restore key->p into p */
if (mp_copy(&key->p, &p) != MP_OKAY)
if (mp_copy(&key->p, p) != MP_OKAY)
ret = MP_INIT_E;
}
@@ -1360,7 +1433,7 @@ int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
#ifdef WOLFSSL_HAVE_SP_DH
#ifndef WOLFSSL_SP_NO_2048
if (mp_count_bits(&key->p) == 2048) {
ret = sp_ModExp_2048(&y, &q, &p, &y);
ret = sp_ModExp_2048(y, q, p, y);
if (ret != 0)
ret = MP_EXPTMOD_E;
}
@@ -1368,7 +1441,7 @@ int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
#endif
#ifndef WOLFSSL_SP_NO_3072
if (mp_count_bits(&key->p) == 3072) {
ret = sp_ModExp_3072(&y, &q, &p, &y);
ret = sp_ModExp_3072(y, q, p, y);
if (ret != 0)
ret = MP_EXPTMOD_E;
}
@@ -1376,27 +1449,30 @@ int wc_DhCheckPubKey_ex(DhKey* key, const byte* pub, word32 pubSz,
#endif
#endif
{
/* SP 800-56Ar3, section 5.6.2.3.1, process step 2 */
#ifndef WOLFSSL_SP_MATH
{
/* calculate (y^q) mod(p), store back into y */
if (ret == 0 && mp_exptmod(&y, &q, &p, &y) != MP_OKAY)
if (ret == 0 && mp_exptmod(y, q, p, y) != MP_OKAY)
ret = MP_EXPTMOD_E;
}
#else
{
ret = WC_KEY_SIZE_E;
}
#endif
}
/* verify above == 1 */
if (ret == 0 && mp_cmp_d(&y, 1) != MP_EQ)
if (ret == 0 && mp_cmp_d(y, 1) != MP_EQ)
ret = MP_CMP_E;
}
mp_clear(&y);
mp_clear(&p);
mp_clear(&q);
mp_clear(y);
mp_clear(p);
mp_clear(q);
#ifdef WOLFSSL_SMALL_STACK
XFREE(q, key->heap, DYNAMIC_TYPE_DH);
XFREE(p, key->heap, DYNAMIC_TYPE_DH);
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
@@ -1432,59 +1508,79 @@ int wc_DhCheckPrivKey_ex(DhKey* key, const byte* priv, word32 privSz,
const byte* prime, word32 primeSz)
{
int ret = 0;
mp_int x;
mp_int q;
#ifdef WOLFSSL_SMALL_STACK
mp_int* x = NULL;
mp_int* q = NULL;
#else
mp_int x[1];
mp_int q[1];
#endif
if (key == NULL || priv == NULL) {
return BAD_FUNC_ARG;
}
if (mp_init_multi(&x, &q, NULL, NULL, NULL, NULL) != MP_OKAY) {
#ifdef WOLFSSL_SMALL_STACK
x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (x == NULL)
return MEMORY_E;
q = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (q == NULL) {
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
#endif
if (mp_init_multi(x, q, NULL, NULL, NULL, NULL) != MP_OKAY) {
return MP_INIT_E;
}
if (mp_read_unsigned_bin(&x, priv, privSz) != MP_OKAY) {
if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY) {
ret = MP_READ_E;
}
if (ret == 0) {
if (prime != NULL) {
if (mp_read_unsigned_bin(&q, prime, primeSz) != MP_OKAY)
if (mp_read_unsigned_bin(q, prime, primeSz) != MP_OKAY)
ret = MP_READ_E;
}
else if (mp_iszero(&key->q) == MP_NO) {
/* use q available in DhKey */
if (mp_copy(&key->q, &q) != MP_OKAY)
if (mp_copy(&key->q, q) != MP_OKAY)
ret = MP_INIT_E;
}
}
/* priv (x) should not be 0 */
if (ret == 0) {
if (mp_cmp_d(&x, 0) == MP_EQ)
if (mp_cmp_d(x, 0) == MP_EQ)
ret = MP_CMP_E;
}
if (ret == 0) {
if (mp_iszero(&q) == MP_NO) {
if (mp_iszero(q) == MP_NO) {
/* priv (x) shouldn't be greater than q - 1 */
if (ret == 0) {
if (mp_copy(&key->q, &q) != MP_OKAY)
if (mp_copy(&key->q, q) != MP_OKAY)
ret = MP_INIT_E;
}
if (ret == 0) {
if (mp_sub_d(&q, 1, &q) != MP_OKAY)
if (mp_sub_d(q, 1, q) != MP_OKAY)
ret = MP_SUB_E;
}
if (ret == 0) {
if (mp_cmp(&x, &q) == MP_GT)
if (mp_cmp(x, q) == MP_GT)
ret = DH_CHECK_PRIV_E;
}
}
}
mp_clear(&x);
mp_clear(&q);
mp_clear(x);
mp_clear(q);
#ifdef WOLFSSL_SMALL_STACK
XFREE(q, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
@@ -1518,43 +1614,95 @@ int wc_DhCheckPrivKey(DhKey* key, const byte* priv, word32 privSz)
int wc_DhCheckKeyPair(DhKey* key, const byte* pub, word32 pubSz,
const byte* priv, word32 privSz)
{
mp_int publicKey;
mp_int privateKey;
mp_int checkKey;
#ifdef WOLFSSL_SMALL_STACK
mp_int* publicKey = NULL;
mp_int* privateKey = NULL;
mp_int* checkKey = NULL;
#else
mp_int publicKey[1];
mp_int privateKey[1];
mp_int checkKey[1];
#endif
int ret = 0;
if (key == NULL || pub == NULL || priv == NULL)
return BAD_FUNC_ARG;
if (mp_init_multi(&publicKey, &privateKey, &checkKey,
#ifdef WOLFSSL_SMALL_STACK
publicKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (publicKey == NULL)
return MEMORY_E;
privateKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (privateKey == NULL) {
XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
checkKey = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (checkKey == NULL) {
XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
#endif
if (mp_init_multi(publicKey, privateKey, checkKey,
NULL, NULL, NULL) != MP_OKAY) {
return MP_INIT_E;
}
/* Load the private and public keys into big integers. */
if (mp_read_unsigned_bin(&publicKey, pub, pubSz) != MP_OKAY ||
mp_read_unsigned_bin(&privateKey, priv, privSz) != MP_OKAY) {
if (mp_read_unsigned_bin(publicKey, pub, pubSz) != MP_OKAY ||
mp_read_unsigned_bin(privateKey, priv, privSz) != MP_OKAY) {
ret = MP_READ_E;
}
/* Calculate checkKey = g^privateKey mod p */
if (ret == 0) {
if (mp_exptmod(&key->g, &privateKey, &key->p, &checkKey) != MP_OKAY)
ret = MP_EXPTMOD_E;
#ifdef WOLFSSL_HAVE_SP_DH
#ifndef WOLFSSL_SP_NO_2048
if (mp_count_bits(&key->p) == 2048) {
ret = sp_ModExp_2048(&key->g, privateKey, &key->p, checkKey);
if (ret != 0)
ret = MP_EXPTMOD_E;
}
else
#endif
#ifndef WOLFSSL_SP_NO_3072
if (mp_count_bits(&key->p) == 3072) {
ret = sp_ModExp_3072(&key->g, privateKey, &key->p, checkKey);
if (ret != 0)
ret = MP_EXPTMOD_E;
}
else
#endif
#endif
{
#ifndef WOLFSSL_SP_MATH
if (mp_exptmod(&key->g, privateKey, &key->p, checkKey) != MP_OKAY)
ret = MP_EXPTMOD_E;
#else
ret = WC_KEY_SIZE_E;
#endif
}
}
/* Compare the calculated public key to the supplied check value. */
if (ret == 0) {
if (mp_cmp(&checkKey, &publicKey) != MP_EQ)
if (mp_cmp(checkKey, publicKey) != MP_EQ)
ret = MP_CMP_E;
}
mp_forcezero(&privateKey);
mp_clear(&privateKey);
mp_clear(&publicKey);
mp_clear(&checkKey);
mp_forcezero(privateKey);
mp_clear(privateKey);
mp_clear(publicKey);
mp_clear(checkKey);
#ifdef WOLFSSL_SMALL_STACK
XFREE(checkKey, key->heap, DYNAMIC_TYPE_DH);
XFREE(privateKey, key->heap, DYNAMIC_TYPE_DH);
XFREE(publicKey, key->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
@@ -1588,10 +1736,18 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
const byte* priv, word32 privSz, const byte* otherPub, word32 pubSz)
{
int ret = 0;
mp_int y;
#ifdef WOLFSSL_SMALL_STACK
mp_int* y = NULL;
#ifndef WOLFSSL_SP_MATH
mp_int x;
mp_int z;
mp_int* x = NULL;
mp_int* z = NULL;
#endif
#else
mp_int y[1];
#ifndef WOLFSSL_SP_MATH
mp_int x[1];
mp_int z[1];
#endif
#endif
#ifdef WOLFSSL_VALIDATE_FFC_IMPORT
@@ -1606,65 +1762,106 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
}
#endif
#ifdef WOLFSSL_SMALL_STACK
y = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (y == NULL)
return MEMORY_E;
#ifndef WOLFSSL_SP_MATH
x = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (x == NULL) {
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
z = (mp_int*)XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_DH);
if (z == NULL) {
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
return MEMORY_E;
}
#endif
#endif
#ifdef WOLFSSL_HAVE_SP_DH
#ifndef WOLFSSL_SP_NO_2048
if (mp_count_bits(&key->p) == 2048) {
if (mp_init(&y) != MP_OKAY)
if (mp_init(y) != MP_OKAY)
return MP_INIT_E;
if (ret == 0 && mp_read_unsigned_bin(&y, otherPub, pubSz) != MP_OKAY)
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
ret = MP_READ_E;
if (ret == 0)
ret = sp_DhExp_2048(&y, priv, privSz, &key->p, agree, agreeSz);
ret = sp_DhExp_2048(y, priv, privSz, &key->p, agree, agreeSz);
mp_clear(&y);
mp_clear(y);
#ifdef WOLFSSL_SMALL_STACK
#ifndef WOLFSSL_SP_MATH
XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
#endif
#ifndef WOLFSSL_SP_NO_3072
if (mp_count_bits(&key->p) == 3072) {
if (mp_init(&y) != MP_OKAY)
if (mp_init(y) != MP_OKAY)
return MP_INIT_E;
if (ret == 0 && mp_read_unsigned_bin(&y, otherPub, pubSz) != MP_OKAY)
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
ret = MP_READ_E;
if (ret == 0)
ret = sp_DhExp_3072(&y, priv, privSz, &key->p, agree, agreeSz);
ret = sp_DhExp_3072(y, priv, privSz, &key->p, agree, agreeSz);
mp_clear(&y);
mp_clear(y);
#ifdef WOLFSSL_SMALL_STACK
#ifndef WOLFSSL_SP_MATH
XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
}
#endif
#endif
#ifndef WOLFSSL_SP_MATH
if (mp_init_multi(&x, &y, &z, 0, 0, 0) != MP_OKAY)
if (mp_init_multi(x, y, z, 0, 0, 0) != MP_OKAY)
return MP_INIT_E;
if (mp_read_unsigned_bin(&x, priv, privSz) != MP_OKAY)
if (mp_read_unsigned_bin(x, priv, privSz) != MP_OKAY)
ret = MP_READ_E;
if (ret == 0 && mp_read_unsigned_bin(&y, otherPub, pubSz) != MP_OKAY)
if (ret == 0 && mp_read_unsigned_bin(y, otherPub, pubSz) != MP_OKAY)
ret = MP_READ_E;
if (ret == 0 && mp_exptmod(&y, &x, &key->p, &z) != MP_OKAY)
if (ret == 0 && mp_exptmod(y, x, &key->p, z) != MP_OKAY)
ret = MP_EXPTMOD_E;
/* make sure z is not one (SP800-56A, 5.7.1.1) */
if (ret == 0 && (mp_cmp_d(&z, 1) == MP_EQ))
if (ret == 0 && (mp_cmp_d(z, 1) == MP_EQ))
ret = MP_VAL;
if (ret == 0 && mp_to_unsigned_bin(&z, agree) != MP_OKAY)
if (ret == 0 && mp_to_unsigned_bin(z, agree) != MP_OKAY)
ret = MP_TO_E;
if (ret == 0)
*agreeSz = mp_unsigned_bin_size(&z);
*agreeSz = mp_unsigned_bin_size(z);
mp_clear(&z);
mp_clear(&y);
mp_forcezero(&x);
mp_clear(z);
mp_clear(y);
mp_forcezero(x);
#endif
#ifdef WOLFSSL_SMALL_STACK
#ifndef WOLFSSL_SP_MATH
XFREE(z, key->heap, DYNAMIC_TYPE_DH);
XFREE(x, key->heap, DYNAMIC_TYPE_DH);
#endif
XFREE(y, key->heap, DYNAMIC_TYPE_DH);
#endif
return ret;
wolfcrypt/src/ecc.c
+1033 -289
View File
File diff suppressed because it is too large Load Diff
wolfcrypt/src/hash.c
+54 -41
View File
@@ -707,35 +707,38 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
#endif /* !NO_SHA */
#if defined(WOLFSSL_SHA224)
int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
wc_Sha224* sha224;
#else
wc_Sha224 sha224[1];
#endif
int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
wc_Sha224* sha224;
#else
wc_Sha224 sha224[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
sha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (sha224 == NULL)
return MEMORY_E;
#endif
#ifdef WOLFSSL_SMALL_STACK
sha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (sha224 == NULL)
return MEMORY_E;
#endif
if ((ret = wc_InitSha224(sha224)) != 0) {
WOLFSSL_MSG("InitSha224 failed");
}
else if ((ret = wc_Sha224Update(sha224, data, len)) != 0) {
WOLFSSL_MSG("Sha224Update failed");
}
else if ((ret = wc_Sha224Final(sha224, hash)) != 0) {
WOLFSSL_MSG("Sha224Final failed");
}
if ((ret = wc_InitSha224(sha224)) != 0) {
WOLFSSL_MSG("InitSha224 failed");
}
else {
if ((ret = wc_Sha224Update(sha224, data, len)) != 0) {
WOLFSSL_MSG("Sha224Update failed");
}
else if ((ret = wc_Sha224Final(sha224, hash)) != 0) {
WOLFSSL_MSG("Sha224Final failed");
}
wc_Sha224Free(sha224);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha224, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha224, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
@@ -761,13 +764,17 @@ int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
if ((ret = wc_InitSha256(sha256)) != 0) {
WOLFSSL_MSG("InitSha256 failed");
}
else if ((ret = wc_Sha256Update(sha256, data, len)) != 0) {
WOLFSSL_MSG("Sha256Update failed");
}
else if ((ret = wc_Sha256Final(sha256, hash)) != 0) {
WOLFSSL_MSG("Sha256Final failed");
else {
if ((ret = wc_Sha256Update(sha256, data, len)) != 0) {
WOLFSSL_MSG("Sha256Update failed");
}
else if ((ret = wc_Sha256Final(sha256, hash)) != 0) {
WOLFSSL_MSG("Sha256Final failed");
}
wc_Sha256Free(sha256);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
@@ -799,11 +806,14 @@ int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
if ((ret = wc_InitSha512(sha512)) != 0) {
WOLFSSL_MSG("InitSha512 failed");
}
else if ((ret = wc_Sha512Update(sha512, data, len)) != 0) {
WOLFSSL_MSG("Sha512Update failed");
}
else if ((ret = wc_Sha512Final(sha512, hash)) != 0) {
WOLFSSL_MSG("Sha512Final failed");
else {
if ((ret = wc_Sha512Update(sha512, data, len)) != 0) {
WOLFSSL_MSG("Sha512Update failed");
}
else if ((ret = wc_Sha512Final(sha512, hash)) != 0) {
WOLFSSL_MSG("Sha512Final failed");
}
wc_Sha512Free(sha512);
}
#ifdef WOLFSSL_SMALL_STACK
@@ -833,11 +843,14 @@ int wc_Sha224Hash(const byte* data, word32 len, byte* hash)
if ((ret = wc_InitSha384(sha384)) != 0) {
WOLFSSL_MSG("InitSha384 failed");
}
else if ((ret = wc_Sha384Update(sha384, data, len)) != 0) {
WOLFSSL_MSG("Sha384Update failed");
}
else if ((ret = wc_Sha384Final(sha384, hash)) != 0) {
WOLFSSL_MSG("Sha384Final failed");
else {
if ((ret = wc_Sha384Update(sha384, data, len)) != 0) {
WOLFSSL_MSG("Sha384Update failed");
}
else if ((ret = wc_Sha384Final(sha384, hash)) != 0) {
WOLFSSL_MSG("Sha384Final failed");
}
wc_Sha384Free(sha384);
}
#ifdef WOLFSSL_SMALL_STACK
wolfcrypt/src/hmac.c
+60
View File
@@ -1002,6 +1002,66 @@ void wc_HmacFree(Hmac* hmac)
if (hmac == NULL)
return;
switch (hmac->macType) {
#ifndef NO_MD5
case WC_MD5:
wc_Md5Free(&hmac->hash.md5);
break;
#endif /* !NO_MD5 */
#ifndef NO_SHA
case WC_SHA:
wc_ShaFree(&hmac->hash.sha);
break;
#endif /* !NO_SHA */
#ifdef WOLFSSL_SHA224
case WC_SHA224:
wc_Sha224Free(&hmac->hash.sha224);
break;
#endif /* WOLFSSL_SHA224 */
#ifndef NO_SHA256
case WC_SHA256:
wc_Sha256Free(&hmac->hash.sha256);
break;
#endif /* !NO_SHA256 */
#ifdef WOLFSSL_SHA512
#ifdef WOLFSSL_SHA384
case WC_SHA384:
wc_Sha384Free(&hmac->hash.sha384);
break;
#endif /* WOLFSSL_SHA384 */
case WC_SHA512:
wc_Sha512Free(&hmac->hash.sha512);
break;
#endif /* WOLFSSL_SHA512 */
#ifdef HAVE_BLAKE2
case BLAKE2B_ID:
break;
#endif /* HAVE_BLAKE2 */
#ifdef WOLFSSL_SHA3
case WC_SHA3_224:
wc_Sha3_224_Free(&hmac->hash.sha3);
break;
case WC_SHA3_256:
wc_Sha3_256_Free(&hmac->hash.sha3);
break;
case WC_SHA3_384:
wc_Sha3_384_Free(&hmac->hash.sha3);
break;
case WC_SHA3_512:
wc_Sha3_512_Free(&hmac->hash.sha3);
break;
#endif /* WOLFSSL_SHA3 */
default:
break;
}
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_HMAC)
wolfAsync_DevCtxFree(&hmac->asyncDev, WOLFSSL_ASYNC_MARKER_HMAC);
#endif /* WOLFSSL_ASYNC_CRYPT */
wolfcrypt/src/misc.c
+1 -1
View File
@@ -344,7 +344,7 @@ STATIC WC_INLINE byte ctMaskEq(int a, int b)
/* Constant time - select b when mask is set and a otherwise. */
STATIC WC_INLINE byte ctMaskSel(byte m, byte a, byte b)
{
return (a & ~m) | (b & m);
return (a & ((byte)~(word32)m)) | (b & m);
}
/* Constant time - bit set when a <= b. */
wolfcrypt/src/port/atmel/README.md
+65
View File
@@ -5,4 +5,69 @@
* Adds new PK callback for Pre Master Secret.
## Building
`./configure --enable-pkcallbacks CFLAGS="-DWOLFSSL_ATECC508A"`
or
`#define HAVE_PK_CALLBACKS`
`#define WOLFSSL_ATECC508A`
## Coding
Setup the PK callbacks for TLS using:
```
/* Setup PK Callbacks for ATECC508A */
WOLFSSL_CTX* ctx;
wolfSSL_CTX_SetEccKeyGenCb(ctx, atcatls_create_key_cb);
wolfSSL_CTX_SetEccVerifyCb(ctx, atcatls_verify_signature_cb);
wolfSSL_CTX_SetEccSignCb(ctx, atcatls_sign_certificate_cb);
wolfSSL_CTX_SetEccSharedSecretCb(ctx, atcatls_create_pms_cb);
```
The reference ATECC508A PK callback functions are located in the `wolfcrypt/src/port/atmel/atmel.c` file.
Adding a custom contex to the callbacks:
```
/* Setup PK Callbacks context */
WOLFSSL* ssl;
void* myOwnCtx;
wolfSSL_SetEccKeyGenCtx(ssl, myOwnCtx);
wolfSSL_SetEccVerifyCtx(ssl, myOwnCtx);
wolfSSL_SetEccSignCtx(ssl, myOwnCtx);
wolfSSL_SetEccSharedSecretCtx(ssl, myOwnCtx);
```
## Benchmarks
### TLS
TLS Establishment Times:
* Hardware accelerated ATECC508A: 2.342 seconds avgerage
* Software only: 13.422 seconds average
The TLS connection establishment time is 5.73 times faster with the ATECC508A.
### Cryptographic ECC
Software only implementation (SAMD21 48Mhz Cortex-M0, Fast Math TFM-ASM):
`ECC 256 key generation 3123.000 milliseconds, avg over 5 iterations`
`EC-DHE key agreement 3117.000 milliseconds, avg over 5 iterations`
`EC-DSA sign time 1997.000 milliseconds, avg over 5 iterations`
`EC-DSA verify time 5057.000 milliseconds, avg over 5 iterations`
ATECC508A HW accelerated implementation:
`ECC 256 key generation 144.400 milliseconds, avg over 5 iterations`
`EC-DHE key agreement 134.200 milliseconds, avg over 5 iterations`
`EC-DSA sign time 293.400 milliseconds, avg over 5 iterations`
`EC-DSA verify time 208.400 milliseconds, avg over 5 iterations`
For details see our [wolfSSL Atmel ATECC508A](wolfhttps://wolfssl.com/wolfSSL/wolfssl-atmel.html) page.
wolfcrypt/src/port/atmel/atmel.c
+253 -3
View File
@@ -1,6 +1,6 @@
/* atmel.c
*
* Copyright (C) 2006-2017 wolfSSL Inc.
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@@ -176,7 +176,7 @@ static int atmel_init_enc_key(void)
uint8_t read_key[ATECC_KEY_SIZE] = { 0 };
XMEMSET(read_key, 0xFF, sizeof(read_key));
ret = atcab_write_bytes_slot(0x04, 0, read_key, sizeof(read_key));
ret = atcab_write_bytes_slot(TLS_SLOT_ENC_PARENT, 0, read_key, sizeof(read_key));
if (ret != ATCA_SUCCESS) {
WOLFSSL_MSG("Failed to write key");
return -1;
@@ -235,7 +235,7 @@ void atmel_init(void)
/* show revision information */
atmel_show_rev_info();
/* Configure the ECC508 for use with TLS API funcitons */
/* Configure the ECC508 for use with TLS API functions */
#if 0
atcatls_device_provision();
#else
@@ -247,4 +247,254 @@ void atmel_init(void)
}
}
void atmel_finish(void)
{
if (mAtcaInitDone) {
atcatls_finish();
mAtcaInitDone = 0;
}
}
/* Reference PK Callbacks */
#ifdef HAVE_PK_CALLBACKS
int atcatls_create_key_cb(WOLFSSL* ssl, ecc_key* key, word32 keySz,
int ecc_curve, void* ctx)
{
int ret;
uint8_t peerKey[ATECC_PUBKEY_SIZE];
uint8_t* qx = &peerKey[0];
uint8_t* qy = &peerKey[ATECC_PUBKEY_SIZE/2];
(void)ssl;
(void)ctx;
/* only supports P-256 */
if (ecc_curve != ECC_SECP256R1 && keySz != ATECC_PUBKEY_SIZE/2) {
return BAD_FUNC_ARG;
}
/* generate new ephemeral key on device */
ret = atcatls_create_key(TLS_SLOT_ECDHE_PRIV, peerKey);
if (ret != ATCA_SUCCESS) {
ret = WC_HW_E; goto exit;
}
/* load generated ECC508A public key into key, used by wolfSSL */
ret = wc_ecc_import_unsigned(key, qx, qy, NULL, ECC_SECP256R1);
exit:
#ifdef WOLFSSL_ATECC508A_DEBUG
if (ret != 0) {
printf("atcatls_create_key_cb: ret %d\n", ret);
}
#endif
return ret;
}
int atcatls_create_pms_cb(WOLFSSL* ssl, ecc_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
unsigned char* out, unsigned int* outlen,
int side, void* ctx)
{
int ret;
ecc_key tmpKey;
uint8_t peerKeyBuf[ATECC_PUBKEY_SIZE];
uint8_t* peerKey = peerKeyBuf;
uint8_t* qx = &peerKey[0];
uint8_t* qy = &peerKey[ATECC_PUBKEY_SIZE/2];
word32 qxLen = ATECC_PUBKEY_SIZE/2, qyLen = ATECC_PUBKEY_SIZE/2;
if (pubKeyDer == NULL || pubKeySz == NULL || out == NULL || outlen == NULL) {
return BAD_FUNC_ARG;
}
(void)ssl;
(void)ctx;
(void)otherKey;
ret = wc_ecc_init(&tmpKey);
if (ret != 0) {
return ret;
}
XMEMSET(peerKey, 0, ATECC_PUBKEY_SIZE);
/* for client: create and export public key */
if (side == WOLFSSL_CLIENT_END) {
/* generate new ephemeral key on device */
ret = atcatls_create_key(TLS_SLOT_ECDHE_PRIV, peerKey);
if (ret != ATCA_SUCCESS) {
ret = WC_HW_E; goto exit;
}
/* convert raw unsigned public key to X.963 format for TLS */
ret = wc_ecc_import_unsigned(&tmpKey, qx, qy, NULL, ECC_SECP256R1);
if (ret == 0) {
ret = wc_ecc_export_x963(&tmpKey, pubKeyDer, pubKeySz);
}
}
/* for server: import public key */
else if (side == WOLFSSL_SERVER_END) {
/* import peer's key and export as raw unsigned for hardware */
ret = wc_ecc_import_x963_ex(pubKeyDer, *pubKeySz, &tmpKey, ECC_SECP256R1);
if (ret == 0) {
ret = wc_ecc_export_public_raw(&tmpKey, qx, &qxLen, qy, &qyLen);
}
(void)qxLen;
(void)qyLen;
}
else {
ret = BAD_FUNC_ARG;
}
if (ret != 0) {
goto exit;
}
#if 1
ret = atcatls_ecdh(TLS_SLOT_ECDHE_PRIV, peerKey, out);
#else
/* other syntax for encrypted ECDH using key in another slot */
ret = atcatls_ecdh_enc(TLS_SLOT_ECDHE_PRIV, TLS_SLOT_FEATURE_PRIV,
peerKey, out);
#endif
if (ret != ATCA_SUCCESS) {
ret = WC_HW_E;
}
*outlen = ATECC_SIG_SIZE;
exit:
wc_ecc_free(&tmpKey);
#ifdef WOLFSSL_ATECC508A_DEBUG
if (ret != 0) {
printf("atcatls_create_pms_cb: ret %d\n", ret);
}
#endif
return ret;
}
/**
* \brief Sign received digest so far for private key to be proved.
*/
int atcatls_sign_certificate_cb(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
{
int ret;
byte sigRs[ATECC_SIG_SIZE*2];
(void)ssl;
(void)inSz;
(void)key;
(void)keySz;
(void)ctx;
if (in == NULL || out == NULL || outSz == NULL) {
return BAD_FUNC_ARG;
}
ret = atcatls_sign(TLS_SLOT_AUTH_PRIV, in, sigRs);
if (ret != ATCA_SUCCESS) {
ret = WC_HW_E; goto exit;
}
/* Encode with ECDSA signature */
ret = wc_ecc_rs_raw_to_sig(
&sigRs[0], ATECC_SIG_SIZE,
&sigRs[ATECC_SIG_SIZE], ATECC_SIG_SIZE,
out, outSz);
if (ret != 0) {
goto exit;
}
exit:
#ifdef WOLFSSL_ATECC508A_DEBUG
if (ret != 0) {
printf("atcatls_sign_certificate_cb: ret %d\n", ret);
}
#endif
return ret;
}
/**
* \brief Verify signature received from peers to prove peer's private key.
*/
int atcatls_verify_signature_cb(WOLFSSL* ssl, const byte* sig, word32 sigSz,
const byte* hash, word32 hashSz, const byte* key, word32 keySz, int* result,
void* ctx)
{
int ret;
ecc_key tmpKey;
word32 idx = 0;
uint8_t peerKey[ATECC_PUBKEY_SIZE];
uint8_t* qx = &peerKey[0];
uint8_t* qy = &peerKey[ATECC_PUBKEY_SIZE/2];
word32 qxLen = ATECC_PUBKEY_SIZE/2, qyLen = ATECC_PUBKEY_SIZE/2;
byte sigRs[ATECC_SIG_SIZE*2];
word32 rSz = ATECC_SIG_SIZE;
word32 sSz = ATECC_SIG_SIZE;
(void)sigSz;
(void)hashSz;
(void)ctx;
if (ssl == NULL || key == NULL || sig == NULL || hash == NULL || result == NULL) {
return BAD_FUNC_ARG;
}
/* import public key and export public as unsigned bin for hardware */
ret = wc_ecc_init(&tmpKey);
if (ret == 0) {
ret = wc_EccPublicKeyDecode(key, &idx, &tmpKey, keySz);
if (ret == 0) {
ret = wc_ecc_export_public_raw(&tmpKey, qx, &qxLen, qy, &qyLen);
}
wc_ecc_free(&tmpKey);
(void)qxLen;
(void)qyLen;
}
if (ret != 0) {
goto exit;
}
/* decode the ECDSA signature */
ret = wc_ecc_sig_to_rs(sig, sigSz,
&sigRs[0], &rSz,
&sigRs[ATECC_SIG_SIZE], &sSz);
if (ret != 0) {
goto exit;
}
(void)rSz;
(void)sSz;
ret = atcatls_verify(hash, sigRs, peerKey, (bool*)result);
if (ret != ATCA_SUCCESS || !*result) {
ret = WC_HW_E; goto exit;
}
ret = 0; /* success */
exit:
#ifdef WOLFSSL_ATECC508A_DEBUG
if (ret != 0) {
printf("atcatls_verify_signature_cb: ret %d\n", ret);
}
#endif
return ret;
}
#endif /* HAVE_PK_CALLBACKS */
#endif /* WOLFSSL_ATMEL || WOLFSSL_ATECC508A */
wolfcrypt/src/random.c
+65 -24
View File
@@ -217,6 +217,9 @@ typedef struct DRBG {
int devId;
#endif
byte matchCount;
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256 sha256;
#endif
} DRBG;
@@ -233,7 +236,11 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
int i;
int len;
word32 bits = (outSz * 8); /* reverse byte order */
wc_Sha256 sha;
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256* sha = &drbg->sha256;
#else
wc_Sha256 sha[1];
#endif
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
(void)drbg;
@@ -249,34 +256,38 @@ static int Hash_df(DRBG* drbg, byte* out, word32 outSz, byte type,
+ ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0);
for (i = 0, ctr = 1; i < len; i++, ctr++) {
#ifndef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wc_InitSha256_ex(&sha, drbg->heap, drbg->devId);
ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
#else
ret = wc_InitSha256(&sha);
ret = wc_InitSha256(sha);
#endif
if (ret != 0)
break;
if (ret == 0)
ret = wc_Sha256Update(&sha, &ctr, sizeof(ctr));
#endif
ret = wc_Sha256Update(sha, &ctr, sizeof(ctr));
if (ret == 0)
ret = wc_Sha256Update(&sha, (byte*)&bits, sizeof(bits));
ret = wc_Sha256Update(sha, (byte*)&bits, sizeof(bits));
if (ret == 0) {
/* churning V is the only string that doesn't have the type added */
if (type != drbgInitV)
ret = wc_Sha256Update(&sha, &type, sizeof(type));
ret = wc_Sha256Update(sha, &type, sizeof(type));
}
if (ret == 0)
ret = wc_Sha256Update(&sha, inA, inASz);
ret = wc_Sha256Update(sha, inA, inASz);
if (ret == 0) {
if (inB != NULL && inBSz > 0)
ret = wc_Sha256Update(&sha, inB, inBSz);
ret = wc_Sha256Update(sha, inB, inBSz);
}
if (ret == 0)
ret = wc_Sha256Final(&sha, digest);
ret = wc_Sha256Final(sha, digest);
wc_Sha256Free(&sha);
#ifndef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256Free(sha);
#endif
if (ret == 0) {
if (outSz > OUTPUT_BLOCK_LEN) {
XMEMCPY(out, digest, OUTPUT_BLOCK_LEN);
@@ -349,7 +360,11 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
int i;
int len;
word32 checkBlock;
wc_Sha256 sha;
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256* sha = &drbg->sha256;
#else
wc_Sha256 sha[1];
#endif
DECLARE_VAR(digest, byte, WC_SHA256_DIGEST_SIZE, drbg->heap);
/* Special case: outSz is 0 and out is NULL. wc_Generate a block to save for
@@ -361,16 +376,20 @@ static int Hash_gen(DRBG* drbg, byte* out, word32 outSz, const byte* V)
XMEMCPY(data, V, sizeof(data));
for (i = 0; i < len; i++) {
#ifndef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wc_InitSha256_ex(&sha, drbg->heap, drbg->devId);
ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
#else
ret = wc_InitSha256(&sha);
ret = wc_InitSha256(sha);
#endif
if (ret == 0)
ret = wc_Sha256Update(&sha, data, sizeof(data));
#endif
ret = wc_Sha256Update(sha, data, sizeof(data));
if (ret == 0)
ret = wc_Sha256Final(&sha, digest);
wc_Sha256Free(&sha);
ret = wc_Sha256Final(sha, digest);
#ifndef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256Free(sha);
#endif
if (ret == 0) {
XMEMCPY(&checkBlock, digest, sizeof(word32));
@@ -437,7 +456,11 @@ static WC_INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen
static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
{
int ret;
wc_Sha256 sha;
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256* sha = &drbg->sha256;
#else
wc_Sha256 sha[1];
#endif
byte type;
word32 reseedCtr;
@@ -450,19 +473,23 @@ static int Hash_DRBG_Generate(DRBG* drbg, byte* out, word32 outSz)
ret = Hash_gen(drbg, out, outSz, drbg->V);
if (ret == DRBG_SUCCESS) {
#ifndef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wc_InitSha256_ex(&sha, drbg->heap, drbg->devId);
ret = wc_InitSha256_ex(sha, drbg->heap, drbg->devId);
#else
ret = wc_InitSha256(&sha);
ret = wc_InitSha256(sha);
#endif
if (ret == 0)
ret = wc_Sha256Update(&sha, &type, sizeof(type));
#endif
ret = wc_Sha256Update(sha, &type, sizeof(type));
if (ret == 0)
ret = wc_Sha256Update(&sha, drbg->V, sizeof(drbg->V));
ret = wc_Sha256Update(sha, drbg->V, sizeof(drbg->V));
if (ret == 0)
ret = wc_Sha256Final(&sha, digest);
ret = wc_Sha256Final(sha, digest);
wc_Sha256Free(&sha);
#ifndef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256Free(sha);
#endif
if (ret == 0) {
array_add(drbg->V, sizeof(drbg->V), digest, WC_SHA256_DIGEST_SIZE);
@@ -499,6 +526,16 @@ static int Hash_DRBG_Instantiate(DRBG* drbg, const byte* seed, word32 seedSz,
(void)devId;
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wc_InitSha256_ex(&drbg->sha256, drbg->heap, drbg->devId);
#else
ret = wc_InitSha256(&drbg->sha256);
#endif
if (ret != 0)
return ret;
#endif
if (Hash_df(drbg, drbg->V, sizeof(drbg->V), drbgInitV, seed, seedSz,
nonce, nonceSz) == DRBG_SUCCESS &&
Hash_df(drbg, drbg->C, sizeof(drbg->C), drbgInitC, drbg->V,
@@ -520,6 +557,10 @@ static int Hash_DRBG_Uninstantiate(DRBG* drbg)
int compareSum = 0;
byte* compareDrbg = (byte*)drbg;
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256Free(&drbg->sha256);
#endif
ForceZero(drbg, sizeof(DRBG));
for (i = 0; i < sizeof(DRBG); i++)
@@ -1423,7 +1464,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
*/
int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
{
int i;
word32 i;
/* turn on RNGA module */
#if defined(SIM_SCGC3_RNGA_MASK)
wolfcrypt/src/rsa.c
+271 -143
View File
@@ -276,7 +276,11 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
if (ret != MP_OKAY)
return ret;
#ifdef RSA_LOW_MEM
ret = mp_init_multi(&key->d, &key->p, &key->q, NULL, NULL, NULL);
#else
ret = mp_init_multi(&key->d, &key->p, &key->q, &key->dP, &key->dQ, &key->u);
#endif
if (ret != MP_OKAY) {
mp_clear(&key->n);
mp_clear(&key->e);
@@ -387,17 +391,21 @@ int wc_FreeRsaKey(RsaKey* key)
#endif
if (key->type == RSA_PRIVATE) {
#ifndef RSA_LOW_MEM
mp_forcezero(&key->u);
mp_forcezero(&key->dQ);
mp_forcezero(&key->dP);
#endif
mp_forcezero(&key->q);
mp_forcezero(&key->p);
mp_forcezero(&key->d);
}
/* private part */
#ifndef RSA_LOW_MEM
mp_clear(&key->u);
mp_clear(&key->dQ);
mp_clear(&key->dP);
#endif
mp_clear(&key->q);
mp_clear(&key->p);
mp_clear(&key->d);
@@ -420,10 +428,21 @@ int wc_FreeRsaKey(RsaKey* key)
* Verify that k = (k^e)^d, for some k: 1 < k < n-1. */
int wc_CheckRsaKey(RsaKey* key)
{
mp_int k, tmp;
#ifdef WOLFSSL_SMALL_STACK
mp_int *k = NULL, *tmp = NULL;
#else
mp_int k[1], tmp[1];
#endif
int ret = 0;
if (mp_init_multi(&k, &tmp, NULL, NULL, NULL, NULL) != MP_OKAY)
#ifdef WOLFSSL_SMALL_STACK
k = (mp_int*)XMALLOC(sizeof(mp_int) * 2, NULL, DYNAMIC_TYPE_RSA);
if (k == NULL)
return MEMORY_E;
tmp = k + 1;
#endif
if (mp_init_multi(k, tmp, NULL, NULL, NULL, NULL) != MP_OKAY)
ret = MP_INIT_E;
if (ret == 0) {
@@ -432,28 +451,64 @@ int wc_CheckRsaKey(RsaKey* key)
}
if (ret == 0) {
if (mp_set_int(&k, 0x2342) != MP_OKAY)
if (mp_set_int(k, 0x2342) != MP_OKAY)
ret = MP_READ_E;
}
if (ret == 0) {
if (mp_exptmod(&k, &key->e, &key->n, &tmp) != MP_OKAY)
#ifdef WOLFSSL_SP_RSA
#ifndef WOLFSSL_SP_NO_2048
if (mp_count_bits(&key->n) == 2048) {
ret = sp_ModExp_2048(k, &key->e, &key->n, tmp);
if (ret != 0)
ret = MP_EXPTMOD_E;
ret = sp_ModExp_2048(tmp, &key->d, &key->n, tmp);
if (ret != 0)
ret = MP_EXPTMOD_E;
}
if (ret == 0) {
if (mp_exptmod(&tmp, &key->d, &key->n, &tmp) != MP_OKAY)
else
#endif
#ifndef WOLFSSL_SP_NO_3072
if (mp_count_bits(&key->n) == 3072) {
ret = sp_ModExp_3072(k, &key->e, &key->n, tmp);
if (ret != 0)
ret = MP_EXPTMOD_E;
ret = sp_ModExp_3072(tmp, &key->d, &key->n, tmp);
if (ret != 0)
ret = MP_EXPTMOD_E;
}
else
#endif
#endif
#ifdef WOLFSSL_SP_MATH
{
ret = WC_KEY_SIZE_E;
}
#else
{
if (ret == 0) {
if (mp_exptmod(k, &key->e, &key->n, tmp) != MP_OKAY)
ret = MP_EXPTMOD_E;
}
if (ret == 0) {
if (mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY)
ret = MP_EXPTMOD_E;
}
}
#endif
if (ret == 0) {
if (mp_cmp(&k, &tmp) != MP_EQ)
if (mp_cmp(k, tmp) != MP_EQ)
ret = RSA_KEY_PAIR_E;
}
mp_forcezero(&tmp);
mp_clear(&tmp);
mp_clear(&k);
mp_forcezero(tmp);
mp_clear(tmp);
mp_clear(k);
#ifdef WOLFSSL_SMALL_STACK
XFREE(k, NULL, DYNAMIC_TYPE_RSA);
#endif
return ret;
}
@@ -1296,9 +1351,17 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
{
#ifndef WOLFSSL_SP_MATH
mp_int tmp;
#ifdef WOLFSSL_SMALL_STACK
mp_int* tmp = NULL;
#ifdef WC_RSA_BLINDING
mp_int rnd, rndi;
mp_int* rnd = NULL;
mp_int* rndi = NULL;
#endif
#else
mp_int tmp[1];
#ifdef WC_RSA_BLINDING
mp_int rnd[1], rndi[1];
#endif
#endif
int ret = 0;
word32 keyLen, len;
@@ -1314,9 +1377,14 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
if (rng == NULL)
return MISSING_RNG_E;
#endif
#ifndef RSA_LOW_MEM
return sp_RsaPrivate_2048(in, inLen, &key->d, &key->p, &key->q,
&key->dP, &key->dQ, &key->u, &key->n,
out, outLen);
#else
return sp_RsaPrivate_2048(in, inLen, &key->d, &key->p, &key->q,
NULL, NULL, NULL, &key->n, out, outLen);
#endif
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
return sp_RsaPublic_2048(in, inLen, &key->e, &key->n, out, outLen);
@@ -1332,9 +1400,14 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
if (rng == NULL)
return MISSING_RNG_E;
#endif
#ifndef RSA_LOW_MEM
return sp_RsaPrivate_3072(in, inLen, &key->d, &key->p, &key->q,
&key->dP, &key->dQ, &key->u, &key->n,
out, outLen);
#else
return sp_RsaPrivate_3072(in, inLen, &key->d, &key->p, &key->q,
NULL, NULL, NULL, &key->n, out, outLen);
#endif
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
return sp_RsaPublic_3072(in, inLen, &key->e, &key->n, out, outLen);
@@ -1348,152 +1421,193 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
#else
(void)rng;
if (mp_init(&tmp) != MP_OKAY)
return MP_INIT_E;
#ifdef WOLFSSL_SMALL_STACK
tmp = XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_RSA);
if (tmp == NULL)
return MEMORY_E;
#ifdef WC_RSA_BLINDING
rnd = XMALLOC(sizeof(mp_int) * 2, key->heap, DYNAMIC_TYPE_RSA);
if (rnd == NULL) {
XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
return MEMORY_E;
}
rndi = rnd + 1;
#endif /* WC_RSA_BLINDING */
#endif /* WOLFSSL_SMALL_STACK */
if (mp_init(tmp) != MP_OKAY)
ret = MP_INIT_E;
#ifdef WC_RSA_BLINDING
if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT) {
if (mp_init_multi(&rnd, &rndi, NULL, NULL, NULL, NULL) != MP_OKAY) {
mp_clear(&tmp);
return MP_INIT_E;
if (ret == 0) {
if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT) {
if (mp_init_multi(rnd, rndi, NULL, NULL, NULL, NULL) != MP_OKAY) {
mp_clear(tmp);
ret = MP_INIT_E;
}
}
}
#endif
if (mp_read_unsigned_bin(&tmp, (byte*)in, inLen) != MP_OKAY)
ERROR_OUT(MP_READ_E);
if (ret == 0 && mp_read_unsigned_bin(tmp, (byte*)in, inLen) != MP_OKAY)
ret = MP_READ_E;
switch(type) {
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
{
#ifdef WC_RSA_BLINDING
/* blind */
ret = mp_rand(&rnd, get_digit_count(&key->n), rng);
if (ret != MP_OKAY)
goto done;
if (ret == 0) {
switch(type) {
case RSA_PRIVATE_DECRYPT:
case RSA_PRIVATE_ENCRYPT:
{
#ifdef WC_RSA_BLINDING
/* blind */
ret = mp_rand(rnd, get_digit_count(&key->n), rng);
/* rndi = 1/rnd mod n */
if (mp_invmod(&rnd, &key->n, &rndi) != MP_OKAY)
ERROR_OUT(MP_INVMOD_E);
/* rndi = 1/rnd mod n */
if (ret == 0 && mp_invmod(rnd, &key->n, rndi) != MP_OKAY)
ret = MP_INVMOD_E;
/* rnd = rnd^e */
if (mp_exptmod(&rnd, &key->e, &key->n, &rnd) != MP_OKAY)
ERROR_OUT(MP_EXPTMOD_E);
/* rnd = rnd^e */
if (ret == 0 && mp_exptmod(rnd, &key->e, &key->n, rnd) != MP_OKAY)
ret = MP_EXPTMOD_E;
/* tmp = tmp*rnd mod n */
if (mp_mulmod(&tmp, &rnd, &key->n, &tmp) != MP_OKAY)
ERROR_OUT(MP_MULMOD_E);
#endif /* WC_RSA_BLINDING */
/* tmp = tmp*rnd mod n */
if (ret == 0 && mp_mulmod(tmp, rnd, &key->n, tmp) != MP_OKAY)
ret = MP_MULMOD_E;
#endif /* WC_RSA_BLINDING */
#ifdef RSA_LOW_MEM /* half as much memory but twice as slow */
if (mp_exptmod(&tmp, &key->d, &key->n, &tmp) != MP_OKAY)
ERROR_OUT(MP_EXPTMOD_E);
#else
/* Return 0 when cond is false and n when cond is true. */
#define COND_N(cond, n) ((0 - (cond)) & (n))
/* If ret has an error value return it otherwise if r is OK then return
* 0 otherwise return e.
*/
#define RET_ERR(ret, r, e) \
((ret) | (COND_N((ret) == 0, COND_N((r) != MP_OKAY, (e)))))
#ifdef RSA_LOW_MEM /* half as much memory but twice as slow */
if (ret == 0 && mp_exptmod(tmp, &key->d, &key->n, tmp) != MP_OKAY)
ret = MP_EXPTMOD_E;
#else
if (ret == 0) {
#ifdef WOLFSSL_SMALL_STACK
mp_int* tmpa = NULL;
mp_int* tmpb = NULL;
#else
mp_int tmpa[1], tmpb[1];
#endif
int cleara = 0, clearb = 0;
{ /* tmpa/b scope */
mp_int tmpa, tmpb;
int r;
#ifdef WOLFSSL_SMALL_STACK
tmpa = XMALLOC(sizeof(mp_int) * 2, key->heap, DYNAMIC_TYPE_RSA);
if (tmpa != NULL)
tmpb = tmpa + 1;
else
ret = MEMORY_E;
#endif
if (mp_init(&tmpa) != MP_OKAY)
ERROR_OUT(MP_INIT_E);
if (ret == 0) {
if (mp_init(tmpa) != MP_OKAY)
ret = MP_INIT_E;
else
cleara = 1;
}
if (mp_init(&tmpb) != MP_OKAY) {
mp_clear(&tmpa);
ERROR_OUT(MP_INIT_E);
if (ret == 0) {
if (mp_init(tmpb) != MP_OKAY)
ret = MP_INIT_E;
else
clearb = 1;
}
/* tmpa = tmp^dP mod p */
if (ret == 0 && mp_exptmod(tmp, &key->dP, &key->p,
tmpa) != MP_OKAY)
ret = MP_EXPTMOD_E;
/* tmpb = tmp^dQ mod q */
if (ret == 0 && mp_exptmod(tmp, &key->dQ, &key->q,
tmpb) != MP_OKAY)
ret = MP_EXPTMOD_E;
/* tmp = (tmpa - tmpb) * qInv (mod p) */
if (ret == 0 && mp_sub(tmpa, tmpb, tmp) != MP_OKAY)
ret = MP_SUB_E;
if (ret == 0 && mp_mulmod(tmp, &key->u, &key->p,
tmp) != MP_OKAY)
ret = MP_MULMOD_E;
/* tmp = tmpb + q * tmp */
if (ret == 0 && mp_mul(tmp, &key->q, tmp) != MP_OKAY)
ret = MP_MUL_E;
if (ret == 0 && mp_add(tmp, tmpb, tmp) != MP_OKAY)
ret = MP_ADD_E;
#ifdef WOLFSSL_SMALL_STACK
if (tmpa != NULL)
#endif
{
if (cleara)
mp_clear(tmpa);
if (clearb)
mp_clear(tmpb);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmpa, key->heap, DYNAMIC_TYPE_RSA);
#endif
}
} /* tmpa/b scope */
#endif /* RSA_LOW_MEM */
#ifdef WC_RSA_BLINDING
/* unblind */
if (ret == 0 && mp_mulmod(tmp, rndi, &key->n, tmp) != MP_OKAY)
ret = MP_MULMOD_E;
#endif /* WC_RSA_BLINDING */
break;
}
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
#ifdef WOLFSSL_XILINX_CRYPT
ret = wc_RsaFunctionXil(in, inLen, out, outLen, type, key, rng);
#else
if (mp_exptmod(tmp, &key->e, &key->n, tmp) != MP_OKAY)
ret = MP_EXPTMOD_E;
break;
#endif
default:
ret = RSA_WRONG_TYPE_E;
break;
}
}
if (ret == 0) {
keyLen = wc_RsaEncryptSize(key);
if (keyLen > *outLen)
ret = RSA_BUFFER_E;
}
if (ret == 0) {
len = mp_unsigned_bin_size(tmp);
/* pad front w/ zeros to match key length */
while (len < keyLen) {
*out++ = 0x00;
len++;
}
/* tmpa = tmp^dP mod p */
r = mp_exptmod(&tmp, &key->dP, &key->p, &tmpa);
ret = RET_ERR(ret, r, MP_EXPTMOD_E);
*outLen = keyLen;
/* tmpb = tmp^dQ mod q */
r = mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb);
ret = RET_ERR(ret, r, MP_EXPTMOD_E);
/* tmp = (tmpa - tmpb) * qInv (mod p) */
r = mp_sub(&tmpa, &tmpb, &tmp);
ret = RET_ERR(ret, r, MP_SUB_E);
r = mp_mulmod(&tmp, &key->u, &key->p, &tmp);
ret = RET_ERR(ret, r, MP_MULMOD_E);
/* tmp = tmpb + q * tmp */
r = mp_mul(&tmp, &key->q, &tmp);
ret = RET_ERR(ret, r, MP_MUL_E);
r = mp_add(&tmp, &tmpb, &tmp);
ret = RET_ERR(ret, r, MP_ADD_E);
mp_clear(&tmpa);
mp_clear(&tmpb);
if (ret != 0) {
goto done;
}
#undef RET_ERR
#undef COND_N
} /* tmpa/b scope */
#endif /* RSA_LOW_MEM */
#ifdef WC_RSA_BLINDING
/* unblind */
if (mp_mulmod(&tmp, &rndi, &key->n, &tmp) != MP_OKAY)
ERROR_OUT(MP_MULMOD_E);
#endif /* WC_RSA_BLINDING */
break;
}
case RSA_PUBLIC_ENCRYPT:
case RSA_PUBLIC_DECRYPT:
#ifdef WOLFSSL_XILINX_CRYPT
ret = wc_RsaFunctionXil(in, inLen, out, outLen, type, key, rng);
goto done;
#else
if (mp_exptmod(&tmp, &key->e, &key->n, &tmp) != MP_OKAY)
ERROR_OUT(MP_EXPTMOD_E);
break;
#endif
default:
ERROR_OUT(RSA_WRONG_TYPE_E);
/* convert */
if (mp_to_unsigned_bin(tmp, out) != MP_OKAY)
ret = MP_TO_E;
}
keyLen = wc_RsaEncryptSize(key);
if (keyLen > *outLen) {
ERROR_OUT(RSA_BUFFER_E);
}
len = mp_unsigned_bin_size(&tmp);
/* pad front w/ zeros to match key length */
while (len < keyLen) {
*out++ = 0x00;
len++;
}
*outLen = keyLen;
/* convert */
if (mp_to_unsigned_bin(&tmp, out) != MP_OKAY)
ERROR_OUT(MP_TO_E);
done:
mp_clear(&tmp);
mp_clear(tmp);
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
#endif
#ifdef WC_RSA_BLINDING
if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT) {
mp_clear(&rndi);
mp_clear(&rnd);
mp_clear(rndi);
mp_clear(rnd);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(rnd, key->heap, DYNAMIC_TYPE_RSA);
#endif
#endif /* WC_RSA_BLINDING */
return ret;
#endif
#endif /* WOLFSSL_SP_MATH */
}
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA)
@@ -1690,30 +1804,44 @@ int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
key->state == RSA_STATE_DECRYPT_EXPTMOD) {
/* Check that 1 < in < n-1. (Requirement of 800-56B.) */
mp_int c;
#ifdef WOLFSSL_SMALL_STACK
mp_int* c = NULL;
#else
mp_int c[1];
#endif
if (mp_init(&c) != MP_OKAY)
#ifdef WOLFSSL_SMALL_STACK
c = XMALLOC(sizeof(mp_int), key->heap, DYNAMIC_TYPE_RSA);
if (c == NULL)
ret = MEMORY_E;
#endif
if (mp_init(c) != MP_OKAY)
ret = MEMORY_E;
if (ret == 0) {
if (mp_read_unsigned_bin(&c, in, inLen) != 0)
if (mp_read_unsigned_bin(c, in, inLen) != 0)
ret = MP_READ_E;
}
if (ret == 0) {
/* check c > 1 */
if (mp_cmp_d(&c, 1) != MP_GT)
if (mp_cmp_d(c, 1) != MP_GT)
ret = RSA_OUT_OF_RANGE_E;
}
if (ret == 0) {
/* add c+1 */
if (mp_add_d(&c, 1, &c) != MP_OKAY)
if (mp_add_d(c, 1, c) != MP_OKAY)
ret = MP_ADD_E;
}
if (ret == 0) {
/* check c+1 < n */
if (mp_cmp(&c, &key->n) != MP_LT)
if (mp_cmp(c, &key->n) != MP_LT)
ret = RSA_OUT_OF_RANGE_E;
}
mp_clear(&c);
mp_clear(c);
#ifdef WOLFSSL_SMALL_STACK
XFREE(c, key->heap, DYNAMIC_TYPE_RSA);
#endif
if (ret != 0)
return ret;
wolfcrypt/src/sha256.c
+42 -5
View File
@@ -454,6 +454,10 @@ static int InitSha256(wc_Sha256* sha256)
if (ret != 0)
return ret;
#ifdef WOLFSSL_SMALL_STACK_CACHE
sha256->W = NULL;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
ret = wolfAsync_DevCtxInit(&sha256->asyncDev,
WOLFSSL_ASYNC_MARKER_SHA256, sha256->heap, devId);
@@ -518,11 +522,19 @@ static int InitSha256(wc_Sha256* sha256)
word32 S[8], t0, t1;
int i;
#ifdef WOLFSSL_SMALL_STACK
#ifdef WOLFSSL_SMALL_STACK_CACHE
word32* W = sha256->W;
if (W == NULL) {
W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
DYNAMIC_TYPE_RNG);
if (W == NULL)
return MEMORY_E;
sha256->W = W;
}
#elif defined(WOLFSSL_SMALL_STACK)
word32* W;
W = (word32*)XMALLOC(sizeof(word32) * WC_SHA256_BLOCK_SIZE, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
DYNAMIC_TYPE_TMP_BUFFER);
if (W == NULL)
return MEMORY_E;
#else
@@ -560,10 +572,9 @@ static int InitSha256(wc_Sha256* sha256)
sha256->digest[i] += S[i];
}
#ifdef WOLFSSL_SMALL_STACK
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE)
XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return 0;
}
#endif
@@ -2611,6 +2622,10 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
if (ret != 0)
return ret;
#ifdef WOLFSSL_SMALL_STACK_CACHE
sha224->W = NULL;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224)
ret = wolfAsync_DevCtxInit(&sha224->asyncDev,
WOLFSSL_ASYNC_MARKER_SHA224, sha224->heap, devId);
@@ -2682,6 +2697,13 @@ SHA256_NOINLINE static int Transform_Sha256_AVX2_RORX_Len(wc_Sha256* sha256,
if (sha224 == NULL)
return;
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha224->W != NULL) {
XFREE(sha224->W, NULL, DYNAMIC_TYPE_RNG);
sha224->W = NULL;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224)
wolfAsync_DevCtxFree(&sha224->asyncDev, WOLFSSL_ASYNC_MARKER_SHA224);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -2699,6 +2721,13 @@ void wc_Sha256Free(wc_Sha256* sha256)
if (sha256 == NULL)
return;
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha256->W != NULL) {
XFREE(sha256->W, NULL, DYNAMIC_TYPE_RNG);
sha256->W = NULL;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
wolfAsync_DevCtxFree(&sha256->asyncDev, WOLFSSL_ASYNC_MARKER_SHA256);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -2721,6 +2750,7 @@ void wc_Sha256Free(wc_Sha256* sha256)
ret = wc_Sha224Copy(sha224, &tmpSha224);
if (ret == 0) {
ret = wc_Sha224Final(&tmpSha224, hash);
wc_Sha224Free(&tmpSha224);
}
return ret;
}
@@ -2732,6 +2762,9 @@ void wc_Sha256Free(wc_Sha256* sha256)
return BAD_FUNC_ARG;
XMEMCPY(dst, src, sizeof(wc_Sha224));
#ifdef WOLFSSL_SMALL_STACK_CACHE
dst->W = NULL;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
@@ -2752,6 +2785,7 @@ int wc_Sha256GetHash(wc_Sha256* sha256, byte* hash)
ret = wc_Sha256Copy(sha256, &tmpSha256);
if (ret == 0) {
ret = wc_Sha256Final(&tmpSha256, hash);
wc_Sha256Free(&tmpSha256);
}
return ret;
}
@@ -2763,6 +2797,9 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
return BAD_FUNC_ARG;
XMEMCPY(dst, src, sizeof(wc_Sha256));
#ifdef WOLFSSL_SMALL_STACK_CACHE
dst->W = NULL;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
wolfcrypt/src/sha512.c
+47 -6
View File
@@ -374,6 +374,10 @@ static int InitSha512(wc_Sha512* sha512)
if (ret != 0)
return ret;
#ifdef WOLFSSL_SMALL_STACK_CACHE
sha512->W = NULL;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
ret = wolfAsync_DevCtxInit(&sha512->asyncDev,
WOLFSSL_ASYNC_MARKER_SHA512, sha512->heap, devId);
@@ -466,7 +470,16 @@ static int _Transform_Sha512(wc_Sha512* sha512)
word32 j;
word64 T[8];
#ifdef WOLFSSL_SMALL_STACK
#ifdef WOLFSSL_SMALL_STACK_CACHE
word64* W = sha512->W;
if (W == NULL) {
W = (word64*) XMALLOC(sizeof(word64) * 16, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (W == NULL)
return MEMORY_E;
sha512->W = W;
}
#elif defined(WOLFSSL_SMALL_STACK)
word64* W;
W = (word64*) XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (W == NULL)
@@ -511,7 +524,7 @@ static int _Transform_Sha512(wc_Sha512* sha512)
ForceZero(W, sizeof(word64) * 16);
ForceZero(T, sizeof(T));
#ifdef WOLFSSL_SMALL_STACK
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE)
XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
@@ -538,11 +551,13 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
if (sha512->buffLen > 0) {
word32 add = min(len, WC_SHA512_BLOCK_SIZE - sha512->buffLen);
XMEMCPY(&local[sha512->buffLen], data, add);
if (add > 0) {
XMEMCPY(&local[sha512->buffLen], data, add);
sha512->buffLen += add;
data += add;
len -= add;
sha512->buffLen += add;
data += add;
len -= add;
}
if (sha512->buffLen == WC_SHA512_BLOCK_SIZE) {
#if defined(LITTLE_ENDIAN_ORDER)
@@ -768,6 +783,13 @@ void wc_Sha512Free(wc_Sha512* sha512)
if (sha512 == NULL)
return;
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha512->W != NULL) {
XFREE(sha512->W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
sha512->W = NULL;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
wolfAsync_DevCtxFree(&sha512->asyncDev, WOLFSSL_ASYNC_MARKER_SHA512);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -2699,6 +2721,10 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
if (ret != 0)
return ret;
#ifdef WOLFSSL_SMALL_STACK_CACHE
sha384->W = NULL;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
ret = wolfAsync_DevCtxInit(&sha384->asyncDev, WOLFSSL_ASYNC_MARKER_SHA384,
sha384->heap, devId);
@@ -2721,6 +2747,13 @@ void wc_Sha384Free(wc_Sha384* sha384)
if (sha384 == NULL)
return;
#ifdef WOLFSSL_SMALL_STACK_CACHE
if (sha384->W != NULL) {
XFREE(sha384->W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
sha384->W = NULL;
}
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
wolfAsync_DevCtxFree(&sha384->asyncDev, WOLFSSL_ASYNC_MARKER_SHA384);
#endif /* WOLFSSL_ASYNC_CRYPT */
@@ -2742,6 +2775,7 @@ int wc_Sha512GetHash(wc_Sha512* sha512, byte* hash)
ret = wc_Sha512Copy(sha512, &tmpSha512);
if (ret == 0) {
ret = wc_Sha512Final(&tmpSha512, hash);
wc_Sha512Free(&tmpSha512);
}
return ret;
}
@@ -2754,6 +2788,9 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
return BAD_FUNC_ARG;
XMEMCPY(dst, src, sizeof(wc_Sha512));
#ifdef WOLFSSL_SMALL_STACK_CACHE
dst->W = NULL;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
@@ -2774,6 +2811,7 @@ int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash)
ret = wc_Sha384Copy(sha384, &tmpSha384);
if (ret == 0) {
ret = wc_Sha384Final(&tmpSha384, hash);
wc_Sha384Free(&tmpSha384);
}
return ret;
}
@@ -2785,6 +2823,9 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
return BAD_FUNC_ARG;
XMEMCPY(dst, src, sizeof(wc_Sha384));
#ifdef WOLFSSL_SMALL_STACK_CACHE
dst->W = NULL;
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
wolfcrypt/src/sp_c32.c
+8 -6
View File
@@ -3054,7 +3054,8 @@ static int sp_2048_mod_exp_90(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
}
#endif /* SP_RSA_PRIVATE_EXP_D || WOLFSSL_HAVE_SP_DH */
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) && \
!defined(RSA_LOW_MEM)
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -3311,7 +3312,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm,
byte* out, word32* outLen)
{
#ifdef SP_RSA_PRIVATE_EXP_D
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
sp_digit* a;
sp_digit* d = NULL;
@@ -3521,7 +3522,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
return err;
#endif /* WOLFSSL_SP_SMALL || defined(WOLFSSL_SMALL_STACK) */
#endif /* SP_RSA_PRIVATE_EXP_D */
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
}
#endif /* WOLFSSL_HAVE_SP_RSA */
@@ -6424,7 +6425,8 @@ static int sp_3072_mod_exp_136(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
}
#endif /* SP_RSA_PRIVATE_EXP_D || WOLFSSL_HAVE_SP_DH */
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) && \
!defined(RSA_LOW_MEM)
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -6680,7 +6682,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm,
byte* out, word32* outLen)
{
#ifdef SP_RSA_PRIVATE_EXP_D
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
sp_digit* a;
sp_digit* d = NULL;
@@ -6890,7 +6892,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
return err;
#endif /* WOLFSSL_SP_SMALL || defined(WOLFSSL_SMALL_STACK) */
#endif /* SP_RSA_PRIVATE_EXP_D */
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
}
#endif /* WOLFSSL_HAVE_SP_RSA */
wolfcrypt/src/sp_c64.c
+8 -6
View File
@@ -2480,7 +2480,8 @@ static int sp_2048_mod_exp_36(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
}
#endif /* SP_RSA_PRIVATE_EXP_D || WOLFSSL_HAVE_SP_DH */
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) && \
!defined(RSA_LOW_MEM)
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -2734,7 +2735,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm,
byte* out, word32* outLen)
{
#ifdef SP_RSA_PRIVATE_EXP_D
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
sp_digit* a;
sp_digit* d = NULL;
@@ -2944,7 +2945,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
return err;
#endif /* WOLFSSL_SP_SMALL || defined(WOLFSSL_SMALL_STACK) */
#endif /* SP_RSA_PRIVATE_EXP_D */
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
}
#endif /* WOLFSSL_HAVE_SP_RSA */
@@ -5861,7 +5862,8 @@ static int sp_3072_mod_exp_54(sp_digit* r, sp_digit* a, sp_digit* e, int bits,
}
#endif /* SP_RSA_PRIVATE_EXP_D || WOLFSSL_HAVE_SP_DH */
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D)
#if defined(WOLFSSL_HAVE_SP_RSA) && !defined(SP_RSA_PRIVATE_EXP_D) && \
!defined(RSA_LOW_MEM)
/* AND m into each word of a and store in r.
*
* r A single precision integer.
@@ -6116,7 +6118,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm,
byte* out, word32* outLen)
{
#ifdef SP_RSA_PRIVATE_EXP_D
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
sp_digit* a;
sp_digit* d = NULL;
@@ -6326,7 +6328,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
return err;
#endif /* WOLFSSL_SP_SMALL || defined(WOLFSSL_SMALL_STACK) */
#endif /* SP_RSA_PRIVATE_EXP_D */
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
}
#endif /* WOLFSSL_HAVE_SP_RSA */
wolfcrypt/src/sp_int.c
+16
View File
@@ -633,6 +633,22 @@ int sp_add(sp_int* a, sp_int* b, sp_int* r)
}
#endif
#ifndef NO_RSA
/* Set a number into the big number.
*
* a SP integer.
* b Value to set.
* returns MP_OKAY always.
*/
int sp_set_int(sp_int* a, unsigned long b)
{
a->used = 1;
a->dp[0] = b;
return MP_OKAY;
}
#endif
#if !defined(USE_FAST_MATH)
/* Returns the run time settings.
*
wolfssl/internal.h
+62 -45
View File
@@ -1032,6 +1032,34 @@ enum {
#endif /* WOLFSSL_MAX_MTU */
/* set minimum DH key size allowed */
#ifndef WOLFSSL_MIN_DHKEY_BITS
#ifdef WOLFSSL_MAX_STRENGTH
#define WOLFSSL_MIN_DHKEY_BITS 2048
#else
#define WOLFSSL_MIN_DHKEY_BITS 1024
#endif
#endif
#if (WOLFSSL_MIN_DHKEY_BITS % 8)
#error DH minimum bit size must be multiple of 8
#endif
#if (WOLFSSL_MIN_DHKEY_BITS > 16000)
#error DH minimum bit size must not be greater than 16000
#endif
#define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8)
/* set maximum DH key size allowed */
#ifndef WOLFSSL_MAX_DHKEY_BITS
#define WOLFSSL_MAX_DHKEY_BITS 4096
#endif
#if (WOLFSSL_MAX_DHKEY_BITS % 8)
#error DH maximum bit size must be multiple of 8
#endif
#if (WOLFSSL_MAX_DHKEY_BITS > 16000)
#error DH maximum bit size must not be greater than 16000
#endif
#define MAX_DHKEY_SZ (WOLFSSL_MAX_DHKEY_BITS / 8)
enum Misc {
CIPHER_BYTE = 0x00, /* Default ciphers */
@@ -1089,7 +1117,8 @@ enum Misc {
MAX_COMP_EXTRA = 1024, /* max compression extra */
MAX_MTU = WOLFSSL_MAX_MTU, /* max expected MTU */
MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */
MAX_DH_SZ = 1036, /* 4096 p, pub, g + 2 byte size for each */
MAX_DH_SZ = (MAX_DHKEY_SZ * 2) + 12,
/* 4096 p, pub, g + 2 byte size for each */
MAX_STR_VERSION = 8, /* string rep of protocol version */
PAD_MD5 = 48, /* pad length for finished */
@@ -1103,7 +1132,8 @@ enum Misc {
VERIFY_HEADER = 2, /* always use 2 bytes */
EXTS_SZ = 2, /* always use 2 bytes */
EXT_ID_SZ = 2, /* always use 2 bytes */
MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */
MAX_DH_SIZE = MAX_DHKEY_SZ+1,
/* Max size plus possible leading 0 */
NAMED_DH_MASK = 0x100, /* Named group mask for DH parameters */
SESSION_HINT_SZ = 4, /* session timeout hint */
SESSION_ADD_SZ = 4, /* session age add */
@@ -1151,9 +1181,9 @@ enum Misc {
DTLS_POOL_SZ = 255,/* allowed number of list items in TX pool */
DTLS_EXPORT_PRO = 165,/* wolfSSL protocol for serialized session */
DTLS_EXPORT_VERSION = 4, /* wolfSSL version for serialized session */
DTLS_EXPORT_OPT_SZ = 58, /* amount of bytes used from Options */
DTLS_EXPORT_OPT_SZ = 60, /* amount of bytes used from Options */
DTLS_EXPORT_VERSION_3 = 3, /* wolfSSL version before TLS 1.3 addition */
DTLS_EXPORT_OPT_SZ_3 = 57, /* amount of bytes used from Options */
DTLS_EXPORT_OPT_SZ_3 = 59, /* amount of bytes used from Options */
DTLS_EXPORT_KEY_SZ = 325 + (DTLS_SEQ_SZ * 2),
/* max amount of bytes used from Keys */
DTLS_EXPORT_MIN_KEY_SZ = 78 + (DTLS_SEQ_SZ * 2),
@@ -1352,23 +1382,6 @@ enum Misc {
#endif
#define MIN_RSAKEY_SZ (WOLFSSL_MIN_RSA_BITS / 8)
/* set minimum DH key size allowed */
#ifndef WOLFSSL_MIN_DHKEY_BITS
#ifdef WOLFSSL_MAX_STRENGTH
#define WOLFSSL_MIN_DHKEY_BITS 2048
#else
#define WOLFSSL_MIN_DHKEY_BITS 1024
#endif
#endif
#if (WOLFSSL_MIN_DHKEY_BITS % 8)
#error DH minimum bit size must be multiple of 8
#endif
#if (WOLFSSL_MIN_DHKEY_BITS > 16000)
#error DH minimum bit size must not be greater than 16000
#endif
#define MIN_DHKEY_SZ (WOLFSSL_MIN_DHKEY_BITS / 8)
#ifdef SESSION_INDEX
/* Shift values for making a session index */
#define SESSIDX_ROW_SHIFT 4
@@ -2438,6 +2451,7 @@ struct WOLFSSL_CTX {
#endif
#ifndef NO_DH
word16 minDhKeySz; /* minimum DH key size */
word16 maxDhKeySz; /* maximum DH key size */
#endif
#ifndef NO_RSA
short minRsaKeySz; /* minimum RSA key size */
@@ -2546,9 +2560,10 @@ struct WOLFSSL_CTX {
#endif
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
CallbackEccKeyGen EccKeyGenCb; /* User EccKeyGen Callback Handler */
CallbackEccSign EccSignCb; /* User EccSign Callback handler */
CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */
CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */
CallbackEccSharedSecret EccSharedSecretCb; /* User EccVerify Callback handler */
#ifdef HAVE_ED25519
/* User Ed25519Sign Callback handler */
CallbackEd25519Sign Ed25519SignCb;
@@ -2556,7 +2571,9 @@ struct WOLFSSL_CTX {
CallbackEd25519Verify Ed25519VerifyCb;
#endif
#ifdef HAVE_CURVE25519
/* User EccSharedSecret Callback handler */
/* User X25519 KeyGen Callback Handler */
CallbackX25519KeyGen X25519KeyGenCb;
/* User X25519 SharedSecret Callback handler */
CallbackX25519SharedSecret X25519SharedSecretCb;
#endif
#endif /* HAVE_ECC */
@@ -3137,6 +3154,7 @@ typedef struct Options {
#endif
#ifndef NO_DH
word16 minDhKeySz; /* minimum DH key size */
word16 maxDhKeySz; /* minimum DH key size */
word16 dhKeySz; /* actual DH key size */
#endif
#ifndef NO_RSA
@@ -3712,15 +3730,17 @@ struct WOLFSSL {
#endif
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
void* EccSignCtx; /* Ecc Sign Callback Context */
void* EccVerifyCtx; /* Ecc Verify Callback Context */
void* EccSharedSecretCtx; /* Ecc Pms Callback Context */
void* EccKeyGenCtx; /* EccKeyGen Callback Context */
void* EccSignCtx; /* Ecc Sign Callback Context */
void* EccVerifyCtx; /* Ecc Verify Callback Context */
void* EccSharedSecretCtx; /* Ecc Pms Callback Context */
#ifdef HAVE_ED25519
void* Ed25519SignCtx; /* ED25519 Sign Callback Context */
void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */
void* Ed25519SignCtx; /* ED25519 Sign Callback Context */
void* Ed25519VerifyCtx; /* ED25519 Verify Callback Context */
#endif
#ifdef HAVE_CURVE25519
void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */
void* X25519KeyGenCtx; /* X25519 KeyGen Callback Context */
void* X25519SharedSecretCtx; /* X25519 Pms Callback Context */
#endif
#endif /* HAVE_ECC */
#ifndef NO_DH
@@ -3915,44 +3935,41 @@ WOLFSSL_LOCAL int wolfSSL_GetMaxRecordSize(WOLFSSL* ssl, int maxFragment);
#ifndef NO_RSA
#ifdef WC_RSA_PSS
WOLFSSL_LOCAL int CheckRsaPssPadding(const byte* plain, word32 plainSz,
byte* out, word32 sigSz,
enum wc_HashType hashType);
WOLFSSL_LOCAL int ConvertHashPss(int hashAlgo, enum wc_HashType* hashType, int* mgf);
byte* out, word32 sigSz, enum wc_HashType hashType);
WOLFSSL_LOCAL int ConvertHashPss(int hashAlgo,
enum wc_HashType* hashType, int* mgf);
#endif
WOLFSSL_LOCAL int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig,
word32 sigSz, const byte* plain, word32 plainSz, int sigAlgo,
int hashAlgo, RsaKey* key, DerBuffer* keyBufInfo, void* ctx);
int hashAlgo, RsaKey* key, DerBuffer* keyBufInfo);
WOLFSSL_LOCAL int RsaSign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, int sigAlgo, int hashAlgo, RsaKey* key,
DerBuffer* keyBufInfo, void* ctx);
DerBuffer* keyBufInfo);
WOLFSSL_LOCAL int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz,
byte** out, int sigAlgo, int hashAlgo, RsaKey* key,
buffer* keyBufInfo, void* ctx);
buffer* keyBufInfo);
WOLFSSL_LOCAL int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out,
word32* outSz, RsaKey* key, DerBuffer* keyBufInfo, void* ctx);
word32* outSz, RsaKey* key, DerBuffer* keyBufInfo);
WOLFSSL_LOCAL int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out,
word32* outSz, RsaKey* key, buffer* keyBufInfo, void* ctx);
word32* outSz, RsaKey* key, buffer* keyBufInfo);
#endif /* !NO_RSA */
#ifdef HAVE_ECC
WOLFSSL_LOCAL int EccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, ecc_key* key, DerBuffer* keyBufInfo,
void* ctx);
byte* out, word32* outSz, ecc_key* key, DerBuffer* keyBufInfo);
WOLFSSL_LOCAL int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz,
const byte* out, word32 outSz, ecc_key* key, buffer* keyBufInfo,
void* ctx);
const byte* out, word32 outSz, ecc_key* key, buffer* keyBufInfo);
WOLFSSL_LOCAL int EccSharedSecret(WOLFSSL* ssl, ecc_key* priv_key,
ecc_key* pub_key, byte* pubKeyDer, word32* pubKeySz, byte* out,
word32* outlen, int side, void* ctx);
word32* outlen, int side);
#endif /* HAVE_ECC */
#ifdef HAVE_ED25519
WOLFSSL_LOCAL int Ed25519CheckPubKey(WOLFSSL* ssl);
WOLFSSL_LOCAL int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, ed25519_key* key, DerBuffer* keyBufInfo,
void* ctx);
byte* out, word32* outSz, ed25519_key* key, DerBuffer* keyBufInfo);
WOLFSSL_LOCAL int Ed25519Verify(WOLFSSL* ssl, const byte* in,
word32 inSz, const byte* msg, word32 msgSz, ed25519_key* key,
buffer* keyBufInfo, void* ctx);
buffer* keyBufInfo);
#endif /* HAVE_ED25519 */
wolfssl/openssl/crypto.h
+7
View File
@@ -36,6 +36,10 @@
WOLFSSL_API const char* wolfSSLeay_version(int type);
WOLFSSL_API unsigned long wolfSSLeay(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
#endif
#define CRYPTO_THREADID void
@@ -50,6 +54,9 @@ WOLFSSL_API unsigned long wolfSSLeay(void);
/* this function was used to set the default malloc, free, and realloc */
#define CRYPTO_malloc_init() /* CRYPTO_malloc_init is not needed */
#define OPENSSL_free wolfSSL_OPENSSL_free
#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA)
#define CRYPTO_set_mem_ex_functions wolfSSL_CRYPTO_set_mem_ex_functions
wolfssl/openssl/err.h
+2
View File
@@ -22,6 +22,8 @@
#ifndef WOLFSSL_OPENSSL_ERR_
#define WOLFSSL_OPENSSL_ERR_
#include <wolfssl/openssl/ssl.h>
/* err.h for openssl */
#define ERR_load_crypto_strings wolfSSL_ERR_load_crypto_strings
#define ERR_peek_last_error wolfSSL_ERR_peek_last_error
wolfssl/openssl/evp.h
+20
View File
@@ -61,6 +61,7 @@
extern "C" {
#endif
typedef char WOLFSSL_EVP_CIPHER;
#ifndef WOLFSSL_EVP_TYPE_DEFINED /* guard on redeclaration */
typedef char WOLFSSL_EVP_MD;
@@ -68,6 +69,9 @@ typedef struct WOLFSSL_EVP_PKEY WOLFSSL_EVP_PKEY;
#define WOLFSSL_EVP_TYPE_DEFINED
#endif
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
#ifndef NO_MD4
WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_md4(void);
#endif
@@ -357,7 +361,10 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
const unsigned char *in, size_t inlen);
WOLFSSL_API int wolfSSL_EVP_PKEY_encrypt_init(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_EVP_PKEY_new(void);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, WOLFSSL_EVP_PKEY *pkey);
WOLFSSL_API int wolfSSL_EVP_SignInit(WOLFSSL_EVP_MD_CTX *ctx, const WOLFSSL_EVP_MD *type);
@@ -390,7 +397,12 @@ WOLFSSL_API unsigned long wolfSSL_EVP_CIPHER_CTX_mode(const WOLFSSL_EVP_CIPHER_C
WOLFSSL_API int wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *c, int pad);
WOLFSSL_API int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest);
WOLFSSL_API int wolfSSL_EVP_add_cipher(const WOLFSSL_EVP_CIPHER *cipher);
WOLFSSL_API void wolfSSL_EVP_cleanup(void);
WOLFSSL_API int wolfSSL_add_all_algorithms(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API int wolfSSL_OPENSSL_add_all_algorithms_noconf(void);
#endif
WOLFSSL_API int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char * pass, int passlen,
const unsigned char * salt,
@@ -535,6 +547,8 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_PKEY_new wolfSSL_PKEY_new
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
#define EVP_PKEY_size wolfSSL_EVP_PKEY_size
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
#define EVP_SignFinal wolfSSL_EVP_SignFinal
#define EVP_SignInit wolfSSL_EVP_SignInit
#define EVP_SignUpdate wolfSSL_EVP_SignUpdate
@@ -550,6 +564,12 @@ typedef WOLFSSL_EVP_CIPHER_CTX EVP_CIPHER_CTX;
#define EVP_CIPHER_CTX_flags wolfSSL_EVP_CIPHER_CTX_flags
#define EVP_add_digest wolfSSL_EVP_add_digest
#define EVP_add_cipher wolfSSL_EVP_add_cipher
#define EVP_cleanup wolfSSL_EVP_cleanup
#define OpenSSL_add_all_digests() wolfCrypt_Init()
#define OpenSSL_add_all_ciphers() wolfCrypt_Init()
#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
#define OPENSSL_add_all_algorithms_noconf wolfSSL_OPENSSL_add_all_algorithms_noconf
#define PKCS5_PBKDF2_HMAC_SHA1 wolfSSL_PKCS5_PBKDF2_HMAC_SHA1
wolfssl/openssl/pem.h
-7
View File
@@ -124,12 +124,6 @@ int wolfSSL_PEM_write_bio_PrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key,
unsigned char* passwd, int len,
pem_password_cb* cb, void* arg);
WOLFSSL_API
int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API
int wolfSSL_EVP_PKEY_base_id(const EVP_PKEY *pkey);
#if !defined(NO_FILESYSTEM)
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
@@ -163,7 +157,6 @@ WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PrivateKey(FILE *fp, WOLFSSL_EVP_PKEY **x,
/* EVP_KEY */
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#ifdef __cplusplus
} /* extern "C" */
wolfssl/openssl/rsa.h
+2
View File
@@ -95,6 +95,7 @@ WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int s
#define WOLFSSL_RSA_LOAD_PRIVATE 1
#define WOLFSSL_RSA_LOAD_PUBLIC 2
#define WOLFSSL_RSA_F4 0x10001L
#define RSA_new wolfSSL_RSA_new
#define RSA_free wolfSSL_RSA_free
@@ -111,6 +112,7 @@ WOLFSSL_API int wolfSSL_RSA_LoadDer_ex(WOLFSSL_RSA*, const unsigned char*, int s
#define RSA_verify wolfSSL_RSA_verify
#define RSA_public_decrypt wolfSSL_RSA_public_decrypt
#define RSA_F4 WOLFSSL_RSA_F4
#ifdef __cplusplus
} /* extern "C" */
wolfssl/openssl/ssl.h
+3 -15
View File
@@ -36,6 +36,9 @@
#endif /* OPENSSL_EXTRA_SSL_GUARD */
#include <wolfssl/openssl/evp.h>
#ifdef OPENSSL_EXTRA
#include <wolfssl/openssl/crypto.h>
#endif
#ifdef __cplusplus
extern "C" {
@@ -66,9 +69,6 @@ typedef WOLFSSL_X509_CHAIN X509_CHAIN;
/* redeclare guard */
#define WOLFSSL_TYPES_DEFINED
typedef WOLFSSL_EVP_PKEY EVP_PKEY;
typedef WOLFSSL_EVP_PKEY PKCS8_PRIV_KEY_INFO;
typedef WOLFSSL_BIO BIO;
typedef WOLFSSL_BIO_METHOD BIO_METHOD;
typedef WOLFSSL_CIPHER SSL_CIPHER;
@@ -245,8 +245,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define X509_digest wolfSSL_X509_digest
#define X509_free wolfSSL_X509_free
#define X509_new wolfSSL_X509_new
#define OPENSSL_free wolfSSL_OPENSSL_free
#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
#define OCSP_parse_url wolfSSL_OCSP_parse_url
#define SSLv23_client_method wolfSSLv23_client_method
@@ -286,9 +284,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define BIO_f_base64 wolfSSL_BIO_f_base64
#define BIO_set_flags wolfSSL_BIO_set_flags
#define OpenSSL_add_all_digests() wolfCrypt_Init()
#define OpenSSL_add_all_ciphers() wolfCrypt_Init()
#define OpenSSL_add_all_algorithms wolfSSL_add_all_algorithms
#define SSLeay_add_ssl_algorithms wolfSSL_add_all_algorithms
#define SSLeay_add_all_algorithms wolfSSL_add_all_algorithms
@@ -366,10 +361,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define X509_CRL_verify wolfSSL_X509_CRL_verify
#define X509_STORE_CTX_set_error wolfSSL_X509_STORE_CTX_set_error
#define X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
#define EVP_PKEY_new wolfSSL_PKEY_new
#define EVP_PKEY_free wolfSSL_EVP_PKEY_free
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define EVP_PKEY_base_id wolfSSL_EVP_PKEY_base_id
#define d2i_PUBKEY wolfSSL_d2i_PUBKEY
#define X509_cmp_current_time wolfSSL_X509_cmp_current_time
#define sk_X509_REVOKED_num wolfSSL_sk_X509_REVOKED_num
@@ -443,7 +434,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define SSL_DEFAULT_CIPHER_LIST WOLFSSL_DEFAULT_CIPHER_LIST
#define RSA_F4 WOLFSSL_RSA_F4
#define SSL_CTX_set_psk_client_callback wolfSSL_CTX_set_psk_client_callback
#define SSL_set_psk_client_callback wolfSSL_set_psk_client_callback
@@ -495,7 +485,6 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
#define ERR_free_strings wolfSSL_ERR_free_strings
#define ERR_remove_state wolfSSL_ERR_remove_state
#define EVP_cleanup wolfSSL_EVP_cleanup
#define CRYPTO_cleanup_all_ex_data wolfSSL_cleanup_all_ex_data
#define SSL_CTX_set_mode wolfSSL_CTX_set_mode
@@ -964,7 +953,6 @@ typedef WOLFSSL_ASN1_BIT_STRING ASN1_BIT_STRING;
#define SSL_CTX_add_client_CA wolfSSL_CTX_add_client_CA
#define SSL_CTX_set_srp_password wolfSSL_CTX_set_srp_password
#define SSL_CTX_set_srp_username wolfSSL_CTX_set_srp_username
#define OPENSSL_add_all_algorithms_noconf wolfSSL_OPENSSL_add_all_alogrithms_noconf
#ifdef __cplusplus
} /* extern "C" */
wolfssl/ssl.h
+18 -14
View File
@@ -778,11 +778,6 @@ WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
WOLFSSL_API WOLFSSL_X509* wolfSSL_X509_new(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
#endif
WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port,
char** path, int* ssl);
@@ -820,11 +815,6 @@ WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_mem_buf(void* buf, int len);
WOLFSSL_API long wolfSSL_BIO_set_ssl(WOLFSSL_BIO*, WOLFSSL*, int flag);
WOLFSSL_API long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
WOLFSSL_API void wolfSSL_set_bio(WOLFSSL*, WOLFSSL_BIO* rd, WOLFSSL_BIO* wr);
WOLFSSL_API int wolfSSL_add_all_algorithms(void);
#ifdef OPENSSL_EXTRA
WOLFSSL_API int wolfSSL_OPENSSL_add_all_algorithms_noconf(void);
#endif
#ifndef NO_FILESYSTEM
WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_file(void);
@@ -959,7 +949,6 @@ WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_d2i_PrivateKey_EVP(WOLFSSL_EVP_PKEY** key,
unsigned char** in, long inSz);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new_ex(void* heap);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PKEY_new(void);
WOLFSSL_API void wolfSSL_EVP_PKEY_free(WOLFSSL_EVP_PKEY*);
WOLFSSL_API int wolfSSL_X509_cmp_current_time(const WOLFSSL_ASN1_TIME*);
WOLFSSL_API int wolfSSL_sk_X509_REVOKED_num(WOLFSSL_X509_REVOKED*);
#ifdef OPENSSL_EXTRA
@@ -1076,7 +1065,6 @@ WOLFSSL_API long wolfSSL_get_tlsext_status_exts(WOLFSSL *s, void *arg);
WOLFSSL_API long wolfSSL_get_verify_result(const WOLFSSL *ssl);
#define WOLFSSL_DEFAULT_CIPHER_LIST "" /* default all */
#define WOLFSSL_RSA_F4 0x10001L
enum {
WOLFSSL_OCSP_URL_OVERRIDE = 1,
@@ -1439,7 +1427,6 @@ WOLFSSL_API long wolfSSL_CTX_clear_options(WOLFSSL_CTX*, long);
WOLFSSL_API void wolfSSL_ERR_free_strings(void);
WOLFSSL_API void wolfSSL_ERR_remove_state(unsigned long);
WOLFSSL_API void wolfSSL_EVP_cleanup(void);
WOLFSSL_API int wolfSSL_clear(WOLFSSL* ssl);
WOLFSSL_API int wolfSSL_state(WOLFSSL* ssl);
@@ -1625,6 +1612,8 @@ WOLFSSL_API int wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX*, const unsigned char*
WOLFSSL_API int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX*, unsigned short);
WOLFSSL_API int wolfSSL_SetMinDhKey_Sz(WOLFSSL*, unsigned short);
WOLFSSL_API int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX*, unsigned short);
WOLFSSL_API int wolfSSL_SetMaxDhKey_Sz(WOLFSSL*, unsigned short);
WOLFSSL_API int wolfSSL_GetDhKey_Sz(WOLFSSL*);
#endif /* NO_DH */
@@ -1863,6 +1852,15 @@ enum KDF_MacAlgorithm {
/* Public Key Callback support */
#ifdef HAVE_PK_CALLBACKS
#ifdef HAVE_ECC
struct ecc_key;
typedef int (*CallbackEccKeyGen)(WOLFSSL* ssl, struct ecc_key* key,
unsigned int keySz, int ecc_curve, void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetEccKeyGenCb(WOLFSSL_CTX*, CallbackEccKeyGen);
WOLFSSL_API void wolfSSL_SetEccKeyGenCtx(WOLFSSL* ssl, void *ctx);
WOLFSSL_API void* wolfSSL_GetEccKeyGenCtx(WOLFSSL* ssl);
typedef int (*CallbackEccSign)(WOLFSSL* ssl,
const unsigned char* in, unsigned int inSz,
unsigned char* out, unsigned int* outSz,
@@ -1881,7 +1879,6 @@ WOLFSSL_API void wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX*, CallbackEccVerify);
WOLFSSL_API void wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
WOLFSSL_API void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl);
struct ecc_key;
typedef int (*CallbackEccSharedSecret)(WOLFSSL* ssl, struct ecc_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
unsigned char* out, unsigned int* outlen,
@@ -1929,6 +1926,13 @@ WOLFSSL_API void* wolfSSL_GetEd25519VerifyCtx(WOLFSSL* ssl);
#ifdef HAVE_CURVE25519
struct curve25519_key;
typedef int (*CallbackX25519KeyGen)(WOLFSSL* ssl, struct curve25519_key* key,
unsigned int keySz, void* ctx);
WOLFSSL_API void wolfSSL_CTX_SetX25519KeyGenCb(WOLFSSL_CTX*, CallbackX25519KeyGen);
WOLFSSL_API void wolfSSL_SetX25519KeyGenCtx(WOLFSSL* ssl, void *ctx);
WOLFSSL_API void* wolfSSL_GetX25519KeyGenCtx(WOLFSSL* ssl);
typedef int (*CallbackX25519SharedSecret)(WOLFSSL* ssl,
struct curve25519_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
wolfssl/test.h
+91
View File
@@ -238,8 +238,10 @@
#define CLIENT_DOWNGRADE_VERSION (-98)
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)
#define DEFAULT_MIN_DHKEY_BITS 2048
#define DEFAULT_MAX_DHKEY_BITS 3072
#else
#define DEFAULT_MIN_DHKEY_BITS 1024
#define DEFAULT_MAX_DHKEY_BITS 2048
#endif
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_MAX_STRENGTH)
#define DEFAULT_MIN_RSAKEY_BITS 2048
@@ -1918,10 +1920,64 @@ static WC_INLINE int wolfSSL_PrintStats(WOLFSSL_MEM_STATS* stats)
typedef struct PkCbInfo {
const char* ourKey;
#ifdef TEST_PK_PRIVKEY
union {
#ifdef HAVE_ECC
ecc_key ecc;
#endif
#ifdef HAVE_CURVE25519
curve25519_key curve;
#endif
} keyGen;
#endif
} PkCbInfo;
#ifdef HAVE_ECC
static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz,
int ecc_curve, void* ctx)
{
int ret;
WC_RNG rng;
PkCbInfo* cbInfo = (PkCbInfo*)ctx;
ecc_key* new_key = key;
#ifdef TEST_PK_PRIVKEY
byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES];
word32 qxLen = sizeof(qx), qyLen = sizeof(qy);
new_key = &cbInfo->keyGen.ecc;
#endif
(void)ssl;
(void)cbInfo;
ret = wc_InitRng(&rng);
if (ret != 0)
return ret;
ret = wc_ecc_init(new_key);
if (ret == 0) {
/* create new key */
ret = wc_ecc_make_key_ex(&rng, keySz, new_key, ecc_curve);
#ifdef TEST_PK_PRIVKEY
if (ret == 0) {
/* extract public portion from new key into `key` arg */
ret = wc_ecc_export_public_raw(new_key, qx, &qxLen, qy, &qyLen);
if (ret == 0) {
/* load public portion only into key */
ret = wc_ecc_import_unsigned(key, qx, qy, NULL, ecc_curve);
}
(void)qxLen;
(void)qyLen;
}
#endif
}
wc_FreeRng(&rng);
return ret;
}
static WC_INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
{
@@ -2027,7 +2083,11 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
/* for server: import public key */
else if (side == WOLFSSL_SERVER_END) {
#ifdef TEST_PK_PRIVKEY
privKey = &cbInfo->keyGen.ecc;
#else
privKey = otherKey;
#endif
pubKey = &tmpKey;
ret = wc_ecc_import_x963_ex(pubKeyDer, *pubKeySz, pubKey,
@@ -2048,6 +2108,12 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
#endif
}
#ifdef TEST_PK_PRIVKEY
if (side == WOLFSSL_SERVER_END) {
wc_ecc_free(&cbInfo->keyGen.ecc);
}
#endif
wc_ecc_free(&tmpKey);
return ret;
@@ -2113,6 +2179,27 @@ static WC_INLINE int myEd25519Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz
#endif /* HAVE_ED25519 */
#ifdef HAVE_CURVE25519
static WC_INLINE int myX25519KeyGen(WOLFSSL* ssl, curve25519_key* key,
unsigned int keySz, void* ctx)
{
int ret;
WC_RNG rng;
PkCbInfo* cbInfo = (PkCbInfo*)ctx;
(void)ssl;
(void)cbInfo;
ret = wc_InitRng(&rng);
if (ret != 0)
return ret;
ret = wc_curve25519_make_key(&rng, keySz, key);
wc_FreeRng(&rng);
return ret;
}
static WC_INLINE int myX25519SharedSecret(WOLFSSL* ssl, curve25519_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
unsigned char* out, unsigned int* outlen,
@@ -2543,6 +2630,7 @@ static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx)
(void)ctx;
#ifdef HAVE_ECC
wolfSSL_CTX_SetEccKeyGenCb(ctx, myEccKeyGen);
wolfSSL_CTX_SetEccSignCb(ctx, myEccSign);
wolfSSL_CTX_SetEccVerifyCb(ctx, myEccVerify);
wolfSSL_CTX_SetEccSharedSecretCb(ctx, myEccSharedSecret);
@@ -2555,6 +2643,7 @@ static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx)
wolfSSL_CTX_SetEd25519VerifyCb(ctx, myEd25519Verify);
#endif
#ifdef HAVE_CURVE25519
wolfSSL_CTX_SetX25519KeyGenCb(ctx, myX25519KeyGen);
wolfSSL_CTX_SetX25519SharedSecretCb(ctx, myX25519SharedSecret);
#endif
#ifndef NO_RSA
@@ -2574,6 +2663,7 @@ static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx)
static WC_INLINE void SetupPkCallbackContexts(WOLFSSL* ssl, void* myCtx)
{
#ifdef HAVE_ECC
wolfSSL_SetEccKeyGenCtx(ssl, myCtx);
wolfSSL_SetEccSignCtx(ssl, myCtx);
wolfSSL_SetEccVerifyCtx(ssl, myCtx);
wolfSSL_SetEccSharedSecretCtx(ssl, myCtx);
@@ -2586,6 +2676,7 @@ static WC_INLINE void SetupPkCallbackContexts(WOLFSSL* ssl, void* myCtx)
wolfSSL_SetEd25519VerifyCtx(ssl, myCtx);
#endif
#ifdef HAVE_CURVE25519
wolfSSL_SetX25519KeyGenCtx(ssl, myCtx);
wolfSSL_SetX25519SharedSecretCtx(ssl, myCtx);
#endif
#ifndef NO_RSA
wolfssl/wolfcrypt/ecc.h
+20 -5
View File
@@ -135,6 +135,9 @@ enum {
ECC_POINT_COMP_EVEN = 0x02,
ECC_POINT_COMP_ODD = 0x03,
ECC_POINT_UNCOMP = 0x04,
/* Shamir's dual add constants */
SHAMIR_PRECOMP_SZ = 16,
};
/* Curve Types */
@@ -301,6 +304,11 @@ typedef struct alt_fp_int {
} alt_fp_int;
#endif /* ALT_ECC_SIZE */
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#endif
/* A point on an ECC curve, stored in Jacbobian format such that (x,y,z) =>
(x/z^2, y/z^3, 1) when interpreted as affine */
@@ -315,6 +323,9 @@ typedef struct {
mp_int* z; /* The z coordinate */
alt_fp_int xyz[3];
#endif
#ifdef WOLFSSL_SMALL_STACK_CACHE
ecc_key* key;
#endif
} ecc_point;
/* ECC Flags */
@@ -360,12 +371,16 @@ struct ecc_key {
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
};
#ifndef WC_ECCKEY_TYPE_DEFINED
typedef struct ecc_key ecc_key;
#define WC_ECCKEY_TYPE_DEFINED
#ifdef WOLFSSL_SMALL_STACK_CACHE
mp_int* t1;
mp_int* t2;
#ifdef ALT_ECC_SIZE
mp_int* x;
mp_int* y;
mp_int* z;
#endif
#endif
};
/* ECC predefined curve sets */
wolfssl/wolfcrypt/port/atmel/atmel.h
+24 -1
View File
@@ -1,6 +1,6 @@
/* atecc508.h
*
* Copyright (C) 2006-2017 wolfSSL Inc.
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfSSL. (formerly known as CyaSSL)
*
@@ -24,6 +24,11 @@
#include <stdint.h>
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifdef WOLFSSL_ATECC508A
#undef SHA_BLOCK_SIZE
#define SHA_BLOCK_SIZE SHA_BLOCK_SIZE_REMAP
@@ -36,6 +41,8 @@
/* ATECC508A only supports ECC-256 */
#define ATECC_KEY_SIZE (32)
#define ATECC_PUBKEY_SIZE (ATECC_KEY_SIZE*2) /* X and Y */
#define ATECC_SIG_SIZE (ATECC_KEY_SIZE*2) /* R and S */
#define ATECC_MAX_SLOT (0x7) /* Only use 0-7 */
#define ATECC_INVALID_SLOT (-1)
@@ -57,10 +64,26 @@ extern t_atcert atcert;
/* Amtel port functions */
void atmel_init(void);
void atmel_finish(void);
int atmel_get_random_number(uint32_t count, uint8_t* rand_out);
long atmel_get_curr_time_and_date(long* tm);
int atmel_ecc_alloc(void);
void atmel_ecc_free(int slot);
#ifdef HAVE_PK_CALLBACKS
int atcatls_create_key_cb(WOLFSSL* ssl, ecc_key* key, word32 keySz,
int ecc_curve, void* ctx);
int atcatls_create_pms_cb(WOLFSSL* ssl, ecc_key* otherKey,
unsigned char* pubKeyDer, unsigned int* pubKeySz,
unsigned char* out, unsigned int* outlen,
int side, void* ctx);
int atcatls_sign_certificate_cb(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx);
int atcatls_verify_signature_cb(WOLFSSL* ssl, const byte* sig, word32 sigSz,
const byte* hash, word32 hashSz, const byte* key, word32 keySz, int* result,
void* ctx);
#endif
#endif /* _ATECC508_H_ */
wolfssl/wolfcrypt/rsa.h
+4 -1
View File
@@ -113,7 +113,10 @@ enum {
/* RSA */
struct RsaKey {
mp_int n, e, d, p, q, dP, dQ, u;
mp_int n, e, d, p, q;
#if defined(WOLFSSL_KEY_GEN) || !defined(RSA_LOW_MEM)
mp_int dP, dQ, u;
#endif
void* heap; /* for user memory overrides */
byte* data; /* temp buffer for async RSA */
int type; /* public or private */
wolfssl/wolfcrypt/settings.h
+20 -9
View File
@@ -76,6 +76,9 @@
/* Uncomment next line if building wolfSSL for LSR */
/* #define WOLFSSL_LSR */
/* Uncomment next line if building for Freescale Classic MQX version 4.0 */
/* #define FREESCALE_MQX_4_0 */
/* Uncomment next line if building for Freescale Classic MQX/RTCS/MFS */
/* #define FREESCALE_MQX */
@@ -85,7 +88,8 @@
/* Uncomment next line if building for Freescale KSDK Bare Metal */
/* #define FREESCALE_KSDK_BM */
/* Uncomment next line if building for Freescale KSDK FreeRTOS (old name FREESCALE_FREE_RTOS) */
/* Uncomment next line if building for Freescale KSDK FreeRTOS, */
/* (old name FREESCALE_FREE_RTOS) */
/* #define FREESCALE_KSDK_FREERTOS */
/* Uncomment next line if using STM32F2 */
@@ -709,6 +713,11 @@ extern void uITRON4_free(void *p) ;
#define TFM_TIMING_RESISTANT
#endif
#ifdef FREESCALE_MQX_4_0
/* use normal Freescale MQX port, but with minor changes for 4.0 */
#define FREESCALE_MQX
#endif
#ifdef FREESCALE_MQX
#define FREESCALE_COMMON
#include "mqx.h"
@@ -725,10 +734,12 @@ extern void uITRON4_free(void *p) ;
#include "mutex.h"
#endif
#define XMALLOC_OVERRIDE
#define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
#define XMALLOC_OVERRIDE
#define XMALLOC(s, h, t) (void *)_mem_alloc_system((s))
#define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));}
/* Note: MQX has no realloc, using fastmath above */
#endif
#endif
#ifdef FREESCALE_KSDK_MQX
@@ -1256,7 +1267,6 @@ extern void uITRON4_free(void *p) ;
#else
#define TFM_TIMING_RESISTANT
#define NO_WOLFSSL_DIR
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define WOLFSSL_LOG_PRINTF
@@ -1264,9 +1274,6 @@ extern void uITRON4_free(void *p) ;
#endif
#else
#define HAVE_ECC
#define ECC_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#define NO_FILESYSTEM
#define NO_WRITEV
#define NO_MAIN_DRIVER
#define USER_TICKS
@@ -1276,6 +1283,10 @@ extern void uITRON4_free(void *p) ;
#if !defined(HAVE_FIPS) && !defined(NO_RSA)
#define WC_RSA_BLINDING
#endif
#define NO_FILESYSTEM
#define ECC_TIMING_RESISTANT
#define TFM_TIMING_RESISTANT
#define SINGLE_THREADED
#define NO_ASN_TIME /* can not use headers such as windows.h */
#define HAVE_AESGCM
wolfssl/wolfcrypt/sha256.h
+3
View File
@@ -137,6 +137,9 @@ typedef struct wc_Sha256 {
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_SMALL_STACK_CACHE
word32* W;
#endif
#endif
} wc_Sha256;
wolfssl/wolfcrypt/sha512.h
+3
View File
@@ -116,6 +116,9 @@ typedef struct wc_Sha512 {
#ifdef WOLFSSL_ASYNC_CRYPT
WC_ASYNC_DEV asyncDev;
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_SMALL_STACK_CACHE
word64* W;
#endif
} wc_Sha512;
#endif
wolfssl/wolfcrypt/sp_int.h
+2
View File
@@ -133,6 +133,7 @@ MP_API void sp_zero(sp_int* a);
MP_API int sp_add_d(sp_int* a, sp_int_digit d, sp_int* r);
MP_API int sp_lshd(sp_int* a, int s);
MP_API int sp_add(sp_int* a, sp_int* b, sp_int* r);
MP_API int sp_set_int(sp_int* a, unsigned long b);
typedef sp_int mp_int;
typedef sp_digit mp_digit;
@@ -180,6 +181,7 @@ typedef sp_digit mp_digit;
#define mp_lshd sp_lshd
#define mp_add sp_add
#define mp_isodd sp_isodd
#define mp_set_int sp_set_int
#define MP_INT_DEFINED
wolfssl/wolfcrypt/wc_port.h
+6 -1
View File
@@ -383,8 +383,13 @@ WOLFSSL_API int wolfCrypt_Cleanup(void);
#define XGMTIME(c, t) gmtime((c))
#elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
#ifdef FREESCALE_MQX_4_0
#include <time.h>
extern time_t mqx_time(time_t* timer);
#else
#define HAVE_GMTIME_R
#endif
#define XTIME(t1) mqx_time((t1))
#define HAVE_GMTIME_R
#elif defined(FREESCALE_KSDK_BM) || defined(FREESCALE_FREE_RTOS) || defined(FREESCALE_KSDK_FREERTOS)
#include <time.h>