diff --git a/src/ssl.c b/src/ssl.c index deba47772..b1e625458 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -20078,7 +20078,7 @@ int wolfSSL_RSA_generate_key_ex(WOLFSSL_RSA* rsa, int bits, WOLFSSL_BIGNUM* bn, if (wc_InitRng(rng) < 0) WOLFSSL_MSG("RNG init failed"); else if (wc_MakeRsaKey((RsaKey*)rsa->internal, - bits, 65537, rng) != MP_OKAY) + bits, WC_RSA_EXPONENT, rng) != MP_OKAY) WOLFSSL_MSG("wc_MakeRsaKey failed"); else if (SetRsaExternal(rsa) != WOLFSSL_SUCCESS) WOLFSSL_MSG("SetRsaExternal failed"); diff --git a/tests/api.c b/tests/api.c index 7960211c6..ee2528487 100644 --- a/tests/api.c +++ b/tests/api.c @@ -7799,7 +7799,7 @@ static int test_wc_MakeRsaKey (void) if (ret == 0) { ret = wc_InitRng(&rng); if (ret == 0) { - ret = wc_MakeRsaKey(&genKey, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&genKey, 1024, WC_RSA_EXPONENT, &rng); if (ret == 0 && wc_FreeRsaKey(&genKey) != 0) { ret = WOLFSSL_FATAL_ERROR; } @@ -7808,9 +7808,9 @@ static int test_wc_MakeRsaKey (void) #ifndef HAVE_USER_RSA /* Test bad args. */ if (ret == 0) { - ret = wc_MakeRsaKey(NULL, 1024, 65537, &rng); + ret = wc_MakeRsaKey(NULL, 1024, WC_RSA_EXPONENT, &rng); if (ret == BAD_FUNC_ARG) { - ret = wc_MakeRsaKey(&genKey, 1024, 65537, NULL); + ret = wc_MakeRsaKey(&genKey, 1024, WC_RSA_EXPONENT, NULL); } if (ret == BAD_FUNC_ARG) { /* e < 3 */ @@ -7829,9 +7829,9 @@ static int test_wc_MakeRsaKey (void) #else /* Test bad args. */ if (ret == 0) { - ret = wc_MakeRsaKey(NULL, 1024, 65537, &rng); + ret = wc_MakeRsaKey(NULL, 1024, WC_RSA_EXPONENT, &rng); if (ret == USER_CRYPTO_ERROR) { - ret = wc_MakeRsaKey(&genKey, 1024, 65537, NULL); + ret = wc_MakeRsaKey(&genKey, 1024, WC_RSA_EXPONENT, NULL); } if (ret == USER_CRYPTO_ERROR) { /* e < 3 */ @@ -7942,7 +7942,7 @@ static int test_wc_RsaKeyToDer (void) } /* Make key. */ if (ret == 0) { - ret = wc_MakeRsaKey(&genKey, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&genKey, 1024, WC_RSA_EXPONENT, &rng); if (ret != 0) { ret = WOLFSSL_FATAL_ERROR; } @@ -8035,7 +8035,7 @@ static int test_wc_RsaKeyToPublicDer (void) ret = wc_InitRng(&rng); } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); } printf(testingFmt, "wc_RsaKeyToPublicDer()"); @@ -8123,7 +8123,7 @@ static int test_wc_RsaPublicEncryptDecrypt (void) ret = wc_InitRng(&rng); } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); } /* Encrypt. */ printf(testingFmt, "wc_RsaPublicEncrypt()"); @@ -8211,7 +8211,7 @@ static int test_wc_RsaPublicEncryptDecrypt_ex (void) ret = wc_InitRng(&rng); } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); } /* Encrypt */ printf(testingFmt, "wc_RsaPublicEncrypt_ex()"); @@ -8318,7 +8318,7 @@ static int test_wc_RsaSSL_SignVerify (void) } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); } /* Sign. */ printf(testingFmt, "wc_RsaSSL_Sign()"); @@ -8464,7 +8464,7 @@ static int test_wc_RsaEncryptSize (void) printf(testingFmt, "wc_RsaEncryptSize()"); if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); if (ret == 0) { ret = wc_RsaEncryptSize(&key); } @@ -8481,7 +8481,7 @@ static int test_wc_RsaEncryptSize (void) } if (ret == 0) { - ret = wc_MakeRsaKey(&key, FOURK_BUF, 65537, &rng); + ret = wc_MakeRsaKey(&key, FOURK_BUF, WC_RSA_EXPONENT, &rng); if (ret == 0) { ret = wc_RsaEncryptSize(&key); } @@ -8538,7 +8538,7 @@ static int test_wc_RsaFlattenPublicKey (void) } if (ret == 0) { - ret = wc_MakeRsaKey(&key, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&key, 1024, WC_RSA_EXPONENT, &rng); if (ret >= 0) { ret = 0; } else { diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 872cb9ecc..5ad5fb836 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -2944,7 +2944,7 @@ void bench_rsaKeyGen(int doAsync) int ret = 0, i, count = 0, times, pending = 0; int k, keySz; const int keySizes[2] = {1024, 2048}; - const long rsa_e_val = 65537; + const long rsa_e_val = WC_RSA_EXPONENT; /* clear for done cleanup */ XMEMSET(genKey, 0, sizeof(genKey)); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index 63c80fb3a..5941eb4e9 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -8220,7 +8220,7 @@ int rsa_test(void) if (ret != 0) { ERROR_OUT(-5550, exit_rsa); } - ret = wc_MakeRsaKey(&genKey, 1024, 65537, &rng); + ret = wc_MakeRsaKey(&genKey, 1024, WC_RSA_EXPONENT, &rng); if (ret != 0) { ERROR_OUT(-5551, exit_rsa); } diff --git a/wolfcrypt/user-crypto/include/user_rsa.h b/wolfcrypt/user-crypto/include/user_rsa.h index bf15fa9f5..bb962ba9e 100644 --- a/wolfcrypt/user-crypto/include/user_rsa.h +++ b/wolfcrypt/user-crypto/include/user_rsa.h @@ -50,12 +50,12 @@ #define WOLFSSL_RSA_TYPE_DEFINED #endif + enum { RSA_PUBLIC = 0, RSA_PRIVATE = 1, }; - /* RSA */ struct RsaKey { IppsBigNumState* n; diff --git a/wolfssl/wolfcrypt/rsa.h b/wolfssl/wolfcrypt/rsa.h index 931fc8163..3dafb8a34 100644 --- a/wolfssl/wolfcrypt/rsa.h +++ b/wolfssl/wolfcrypt/rsa.h @@ -27,6 +27,13 @@ #ifndef NO_RSA + +/* RSA default exponent */ +#ifndef WC_RSA_EXPONENT + #define WC_RSA_EXPONENT 65537L +#endif + + /* allow for user to plug in own crypto */ #if !defined(HAVE_FIPS) && (defined(HAVE_USER_RSA) || defined(HAVE_FAST_RSA)) #include "user_rsa.h" @@ -90,7 +97,6 @@ enum { #endif }; - /* RSA */ struct RsaKey { mp_int n, e, d, p, q, dP, dQ, u;