From e21fddf553065d738ce565908c1ff05c1b100dbd Mon Sep 17 00:00:00 2001 From: Takashi Kojo Date: Thu, 14 Jan 2021 10:10:54 +0900 Subject: [PATCH] add wc_RsaSetRNG to doc --- doc/dox_comments/header_files/rsa.h | 66 ++++++++++++++++++++++++++++- wolfcrypt/src/rsa.c | 2 +- 2 files changed, 66 insertions(+), 2 deletions(-) diff --git a/doc/dox_comments/header_files/rsa.h b/doc/dox_comments/header_files/rsa.h index fc1f5b7bc..ccb7f971b 100644 --- a/doc/dox_comments/header_files/rsa.h +++ b/doc/dox_comments/header_files/rsa.h @@ -5,6 +5,9 @@ in a heap identifier, for use with user defined memory overrides (see XMALLOC, XFREE, XREALLOC). + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING + is enabled. + \return 0 Returned upon successfully initializing the RSA structure for use with encryption and decryption \return BAD_FUNC_ARGS Returned if the RSA key pointer evaluates to NULL @@ -26,6 +29,7 @@ \sa wc_RsaInitCavium \sa wc_FreeRsaKey + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); @@ -37,6 +41,9 @@ WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); the device. It also takes in a heap identifier, for use with user defined memory overrides (see XMALLOC, XFREE, XREALLOC). + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING + is enabled. + \return 0 Returned upon successfully initializing the RSA structure for use with encryption and decryption \return BAD_FUNC_ARGS Returned if the RSA key pointer evaluates to NULL @@ -72,10 +79,38 @@ WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap); \sa wc_InitRsaKey \sa wc_RsaInitCavium \sa wc_FreeRsaKey + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap, int devId); +/*! + \ingroup RSA + + \brief This function associates RNG with Key. It is needed when WC_RSA_BLINDING + is enabled. + + \return 0 Returned upon success + \return BAD_FUNC_ARGS Returned if the RSA key, rng pointer evaluates to NULL + + \param key pointer to the RsaKey structure to be associated + \param rng pointer to the WC_RNG structure to associate with + + _Example_ + \code + ret = wc_InitRsaKey(&key, NULL); + if (ret == 0) { + ret = wc_InitRng(&rng); + } else return -1; + if (ret == 0) { + ret = wc_RsaSetRNG(&key, &rng); + \endcode + + \sa wc_InitRsaKey + \sa wc_RsaSetRNG +*/ +WOLFSSL_API int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng); + /*! \ingroup RSA @@ -379,6 +414,7 @@ WOLFSSL_API int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, \endcode \sa wc_RsaPSS_Verify + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, word32 outLen, enum wc_HashType hash, int mgf, @@ -388,7 +424,10 @@ WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, \ingroup RSA \brief Decrypt input signature to verify that the message was signed by key. - + + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING +    is enabled. + \return Success Length of text on no error. \return MEMORY_E memory exception. @@ -430,6 +469,7 @@ WOLFSSL_API int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, \sa wc_RsaPSS_Sign \sa wc_RsaPSS_VerifyInline \sa wc_RsaPSS_CheckPadding + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out, word32 outLen, enum wc_HashType hash, int mgf, @@ -441,6 +481,9 @@ WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out, \brief Decrypt input signature to verify that the message was signed by RSA key. The output uses the same byte array as the input. + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING +    is enabled. + \return >0 Length of text. \return <0 An error occurred. @@ -485,6 +528,7 @@ WOLFSSL_API int wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out, \sa wc_RsaPSS_VerifyCheckInline_ex \sa wc_RsaPSS_CheckPadding \sa wc_RsaPSS_CheckPadding_ex + \sa wc_RsaSetRNG */ @@ -497,6 +541,9 @@ WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out, \brief Verify the message signed with RSA-PSS. Salt length is equal to hash length. + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING +    is enabled. + \return the length of the PSS data on success and negative indicates failure. \return MEMORY_E memory exception. @@ -552,6 +599,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out, \sa wc_RsaPSS_VerifyCheckInline_ex \sa wc_RsaPSS_CheckPadding \sa wc_RsaPSS_CheckPadding_ex + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, @@ -564,6 +612,9 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, \brief Verify the message signed with RSA-PSS. + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING +    is enabled. + \return the length of the PSS data on success and negative indicates failure. \return MEMORY_E memory exception. @@ -623,6 +674,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheck(byte* in, word32 inLen, \sa wc_RsaPSS_VerifyCheckInline_ex \sa wc_RsaPSS_CheckPadding \sa wc_RsaPSS_CheckPadding_ex + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_RsaPSS_VerifyCheck_ex(byte* in, word32 inLen, byte* out, word32 outLen, @@ -637,6 +689,9 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheck_ex(byte* in, word32 inLen, The input buffer is reused for the output buffer. Salt length is equal to hash length. + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING +    is enabled. + \return the length of the PSS data on success and negative indicates failure. \param in The byte array to be decrypted. @@ -690,6 +745,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheck_ex(byte* in, word32 inLen, \sa wc_RsaPSS_VerifyCheckInline_ex \sa wc_RsaPSS_CheckPadding \sa wc_RsaPSS_CheckPadding_ex + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out, const byte* digest, word32 digentLen, @@ -701,6 +757,9 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out, \brief Verify the message signed with RSA-PSS. The input buffer is reused for the output buffer. + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING +    is enabled. + \return the length of the PSS data on success and negative indicates failure. \param in The byte array to be decrypted. @@ -757,6 +816,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out, \sa wc_RsaPSS_VerifyCheckInline \sa wc_RsaPSS_CheckPadding \sa wc_RsaPSS_CheckPadding_ex + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_RsaPSS_VerifyCheckInline_ex(byte* in, word32 inLen, byte** out, const byte* digest, word32 digentLen, @@ -769,6 +829,9 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheckInline_ex(byte* in, word32 inLen, byte** o \brief Checks the PSS data to ensure that the signature matches. Salt length is equal to hash length. + The key has to be associated with RNG by wc_RsaSetRNG when WC_RSA_BLINDING +    is enabled. + \return BAD_PADDING_E when the PSS data is invalid, BAD_FUNC_ARG when NULL is passed in to in or sig or inSz is not the same as the hash algorithm length and 0 on success. @@ -820,6 +883,7 @@ WOLFSSL_API int wc_RsaPSS_VerifyCheckInline_ex(byte* in, word32 inLen, byte** o \sa wc_RsaPSS_VerifyCheckInline \sa wc_RsaPSS_VerifyCheckInline_ex \sa wc_RsaPSS_CheckPadding_ex + \sa wc_RsaSetRNG */ WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig, word32 sigSz, diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 419bd30fd..44e190b68 100644 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -4396,7 +4396,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng) #ifdef WC_RSA_BLINDING int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng) { - if (key == NULL) + if (key == NULL || rng == NULL) return BAD_FUNC_ARG; key->rng = rng;