feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge branch 'ecc'

Browse Source
This commit is contained in:
John Safranek
2012-12-27 11:41:20 -08:00
parent 581f91b984 03f9cafa4b
commit e70838e984
6 changed files with 130 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
ctaocrypt/src/ecc.c
View File

@ -1266,17 +1266,17 @@ int ecc_verify_hash(const byte* sig, word32 siglen, byte* hash, word32 hashlen,
} }
/* allocate ints */ /* allocate ints */
if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2)) != MP_OKAY) { if ((err = mp_init_multi(&v, &w, &u1, &u2, &p, &e)) != MP_OKAY) {
return MEMORY_E; return MEMORY_E;
} }
if ((err = mp_init_multi(&p, &e, &m, NULL, NULL, NULL)) != MP_OKAY) { if ((err = mp_init(&m)) != MP_OKAY) {
mp_clear(&r);
mp_clear(&s);
mp_clear(&v); mp_clear(&v);
mp_clear(&w); mp_clear(&w);
mp_clear(&u1); mp_clear(&u1);
mp_clear(&u2); mp_clear(&u2);
mp_clear(&p);
mp_clear(&e);
return MEMORY_E; return MEMORY_E;
} }
@ -1286,6 +1286,12 @@ int ecc_verify_hash(const byte* sig, word32 siglen, byte* hash, word32 hashlen,
if (mQ == NULL || mG == NULL) if (mQ == NULL || mG == NULL)
err = MEMORY_E; err = MEMORY_E;
/* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s.
* If either of those don't allocate correctly, none of
* the rest of this function will execute, and everything
* gets cleaned up at the end. */
XMEMSET(&r, 0, sizeof(r));
XMEMSET(&s, 0, sizeof(s));
if (err == MP_OKAY) if (err == MP_OKAY)
err = DecodeECC_DSA_Sig(sig, siglen, &r, &s); err = DecodeECC_DSA_Sig(sig, siglen, &r, &s);

6
ctaocrypt/src/integer.c
View File

@ -3792,8 +3792,10 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
*tmpc++ &= MP_MASK; *tmpc++ &= MP_MASK;
} }
/* set final carry */ /* set final carry */
ix++; if (mu != 0 && ix < c->alloc) {
*tmpc++ = mu; ix++;
*tmpc++ = mu;
}
/* setup size */ /* setup size */
c->used = a->used + 1; c->used = a->used + 1;

3
cyassl/ctaocrypt/types.h
View File

@ -224,7 +224,8 @@ enum {
DYNAMIC_TYPE_ARRAYS = 33, DYNAMIC_TYPE_ARRAYS = 33,
DYNAMIC_TYPE_DTLS_POOL = 34, DYNAMIC_TYPE_DTLS_POOL = 34,
DYNAMIC_TYPE_SOCKADDR = 35, DYNAMIC_TYPE_SOCKADDR = 35,
DYNAMIC_TYPE_LIBZ = 36 DYNAMIC_TYPE_LIBZ = 36,
DYNAMIC_TYPE_ECC = 37
}; };
/* stack protection */ /* stack protection */

8
cyassl/internal.h
View File

@ -1350,10 +1350,10 @@ struct CYASSL {
byte peerNtruKeyPresent; byte peerNtruKeyPresent;
#endif #endif
#ifdef HAVE_ECC #ifdef HAVE_ECC
ecc_key peerEccKey; /* peer's ECDHE key */ ecc_key* peerEccKey; /* peer's ECDHE key */
ecc_key peerEccDsaKey; /* peer's ECDSA key */ ecc_key* peerEccDsaKey; /* peer's ECDSA key */
ecc_key eccTempKey; /* private ECDHE key */ ecc_key* eccTempKey; /* private ECDHE key */
ecc_key eccDsaKey; /* private ECDSA key */ ecc_key* eccDsaKey; /* private ECDSA key */
word16 eccTempKeySz; /* in octets 20 - 66 */ word16 eccTempKeySz; /* in octets 20 - 66 */
byte peerEccKeyPresent; byte peerEccKeyPresent;
byte peerEccDsaKeyPresent; byte peerEccDsaKeyPresent;

132
src/internal.c
View File

@ -1004,10 +1004,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
ssl->peerEccDsaKeyPresent = 0; ssl->peerEccDsaKeyPresent = 0;
ssl->eccDsaKeyPresent = 0; ssl->eccDsaKeyPresent = 0;
ssl->eccTempKeyPresent = 0; ssl->eccTempKeyPresent = 0;
ecc_init(&ssl->peerEccKey); ssl->peerEccKey = NULL;
ecc_init(&ssl->peerEccDsaKey); ssl->peerEccDsaKey = NULL;
ecc_init(&ssl->eccDsaKey); ssl->eccDsaKey = NULL;
ecc_init(&ssl->eccTempKey); ssl->eccTempKey = NULL;
#endif #endif
ssl->timeout = ctx->timeout; ssl->timeout = ctx->timeout;
@ -1228,6 +1228,36 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx)
return NO_PRIVATE_KEY; return NO_PRIVATE_KEY;
} }
#endif #endif
#ifdef HAVE_ECC
ssl->peerEccKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
ctx->heap, DYNAMIC_TYPE_ECC);
if (ssl->peerEccKey == NULL) {
CYASSL_MSG("PeerEccKey Memory error");
return MEMORY_E;
}
ssl->peerEccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
ctx->heap, DYNAMIC_TYPE_ECC);
if (ssl->peerEccDsaKey == NULL) {
CYASSL_MSG("PeerEccDsaKey Memory error");
return MEMORY_E;
}
ssl->eccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
ctx->heap, DYNAMIC_TYPE_ECC);
if (ssl->eccDsaKey == NULL) {
CYASSL_MSG("EccDsaKey Memory error");
return MEMORY_E;
}
ssl->eccTempKey = (ecc_key*)XMALLOC(sizeof(ecc_key),
ctx->heap, DYNAMIC_TYPE_ECC);
if (ssl->eccTempKey == NULL) {
CYASSL_MSG("EccTempKey Memory error");
return MEMORY_E;
}
ecc_init(ssl->peerEccKey);
ecc_init(ssl->peerEccDsaKey);
ecc_init(ssl->eccDsaKey);
ecc_init(ssl->eccTempKey);
#endif
/* make sure server has DH parms, and add PSK if there, add NTRU too */ /* make sure server has DH parms, and add PSK if there, add NTRU too */
if (ssl->options.side == SERVER_END) if (ssl->options.side == SERVER_END)
@ -1312,10 +1342,26 @@ void SSL_ResourceFree(CYASSL* ssl)
FreeStreams(ssl); FreeStreams(ssl);
#endif #endif
#ifdef HAVE_ECC #ifdef HAVE_ECC
ecc_free(&ssl->peerEccKey); if (ssl->peerEccKey) {
ecc_free(&ssl->peerEccDsaKey); if (ssl->peerEccKeyPresent)
ecc_free(&ssl->eccTempKey); ecc_free(ssl->peerEccKey);
ecc_free(&ssl->eccDsaKey); XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
if (ssl->peerEccDsaKey) {
if (ssl->peerEccDsaKeyPresent)
ecc_free(ssl->peerEccDsaKey);
XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
if (ssl->eccTempKey) {
if (ssl->eccTempKeyPresent)
ecc_free(ssl->eccTempKey);
XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
if (ssl->eccDsaKey) {
if (ssl->eccDsaKeyPresent)
ecc_free(ssl->eccDsaKey);
XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
}
#endif #endif
} }
@ -1358,6 +1404,45 @@ void FreeHandshakeResources(CYASSL* ssl)
ssl->peerRsaKey = NULL; ssl->peerRsaKey = NULL;
} }
#endif #endif
#ifdef HAVE_ECC
if (ssl->peerEccKey)
{
if (ssl->peerEccKeyPresent) {
ecc_free(ssl->peerEccKey);
ssl->peerEccKeyPresent = 0;
}
XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC);
ssl->peerEccKey = NULL;
}
if (ssl->peerEccDsaKey)
{
if (ssl->peerEccDsaKeyPresent) {
ecc_free(ssl->peerEccDsaKey);
ssl->peerEccDsaKeyPresent = 0;
}
XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
ssl->peerEccDsaKey = NULL;
}
if (ssl->eccTempKey)
{
if (ssl->eccTempKeyPresent) {
ecc_free(ssl->eccTempKey);
ssl->eccTempKeyPresent = 0;
}
XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC);
ssl->eccTempKey = NULL;
}
if (ssl->eccDsaKey)
{
if (ssl->eccDsaKeyPresent) {
ecc_free(ssl->eccDsaKey);
ssl->eccDsaKeyPresent = 0;
}
XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC);
ssl->eccDsaKey = NULL;
}
#endif
} }
@ -2418,7 +2503,7 @@ static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx)
case ECDSAk: case ECDSAk:
{ {
if (ecc_import_x963(dCert.publicKey, dCert.pubKeySize, if (ecc_import_x963(dCert.publicKey, dCert.pubKeySize,
&ssl->peerEccDsaKey) != 0) { ssl->peerEccDsaKey) != 0) {
ret = PEER_KEY_ERROR; ret = PEER_KEY_ERROR;
} }
else else
@ -5680,7 +5765,7 @@ int SetCipherList(Suites* s, const char* list)
length = input[*inOutIdx]; length = input[*inOutIdx];
*inOutIdx += 1; *inOutIdx += 1;
if (ecc_import_x963(&input[*inOutIdx], length, &ssl->peerEccKey) != 0) if (ecc_import_x963(&input[*inOutIdx], length, ssl->peerEccKey) != 0)
return ECC_PEERKEY_ERROR; return ECC_PEERKEY_ERROR;
*inOutIdx += length; *inOutIdx += length;
@ -5774,7 +5859,7 @@ int SetCipherList(Suites* s, const char* list)
return NO_PEER_KEY; return NO_PEER_KEY;
ret = ecc_verify_hash(signature, sigLen, &hash[MD5_DIGEST_SIZE], ret = ecc_verify_hash(signature, sigLen, &hash[MD5_DIGEST_SIZE],
SHA_DIGEST_SIZE, &verify, &ssl->peerEccDsaKey); SHA_DIGEST_SIZE, &verify, ssl->peerEccDsaKey);
if (ret != 0 || verify == 0) if (ret != 0 || verify == 0)
return VERIFY_SIGN_ERROR; return VERIFY_SIGN_ERROR;
} }
@ -5924,14 +6009,14 @@ int SetCipherList(Suites* s, const char* list)
if (ssl->specs.static_ecdh) { if (ssl->specs.static_ecdh) {
/* TODO: EccDsa is really fixed Ecc change naming */ /* TODO: EccDsa is really fixed Ecc change naming */
if (!ssl->peerEccDsaKeyPresent || !ssl->peerEccDsaKey.dp) if (!ssl->peerEccDsaKeyPresent || !ssl->peerEccDsaKey->dp)
return NO_PEER_KEY; return NO_PEER_KEY;
peerKey = &ssl->peerEccDsaKey; peerKey = ssl->peerEccDsaKey;
} }
else { else {
if (!ssl->peerEccKeyPresent || !ssl->peerEccKey.dp) if (!ssl->peerEccKeyPresent || !ssl->peerEccKey->dp)
return NO_PEER_KEY; return NO_PEER_KEY;
peerKey = &ssl->peerEccKey; peerKey = ssl->peerEccKey;
} }
ecc_init(&myKey); ecc_init(&myKey);
@ -6387,7 +6472,7 @@ int SetCipherList(Suites* s, const char* list)
length = ENUM_LEN + CURVE_LEN + ENUM_LEN; length = ENUM_LEN + CURVE_LEN + ENUM_LEN;
/* pub key size */ /* pub key size */
CYASSL_MSG("Using ephemeral ECDH"); CYASSL_MSG("Using ephemeral ECDH");
if (ecc_export_x963(&ssl->eccTempKey, exportBuf, &expSz) != 0) if (ecc_export_x963(ssl->eccTempKey, exportBuf, &expSz) != 0)
return ECC_EXPORT_ERROR; return ECC_EXPORT_ERROR;
length += expSz; length += expSz;
@ -6457,7 +6542,7 @@ int SetCipherList(Suites* s, const char* list)
/* key exchange data */ /* key exchange data */
output[idx++] = named_curve; output[idx++] = named_curve;
output[idx++] = 0x00; /* leading zero */ output[idx++] = 0x00; /* leading zero */
output[idx++] = SetCurveId(ecc_size(&ssl->eccTempKey)); output[idx++] = SetCurveId(ecc_size(ssl->eccTempKey));
output[idx++] = (byte)expSz; output[idx++] = (byte)expSz;
XMEMCPY(output + idx, exportBuf, expSz); XMEMCPY(output + idx, exportBuf, expSz);
idx += expSz; idx += expSz;
@ -7590,7 +7675,7 @@ int SetCipherList(Suites* s, const char* list)
CYASSL_MSG("Doing ECC peer cert verify"); CYASSL_MSG("Doing ECC peer cert verify");
err = ecc_verify_hash(sig, sz, ssl->certHashes.sha, SHA_DIGEST_SIZE, err = ecc_verify_hash(sig, sz, ssl->certHashes.sha, SHA_DIGEST_SIZE,
&verify, &ssl->peerEccDsaKey); &verify, ssl->peerEccDsaKey);
if (err == 0 && verify == 1) if (err == 0 && verify == 1)
ret = 0; /* verified */ ret = 0; /* verified */
@ -7833,7 +7918,8 @@ int SetCipherList(Suites* s, const char* list)
word32 bLength = input[*inOutIdx]; /* one byte length */ word32 bLength = input[*inOutIdx]; /* one byte length */
*inOutIdx += 1; *inOutIdx += 1;
ret = ecc_import_x963(&input[*inOutIdx], bLength, &ssl->peerEccKey); ret = ecc_import_x963(&input[*inOutIdx],
bLength, ssl->peerEccKey);
if (ret != 0) if (ret != 0)
return ECC_PEERKEY_ERROR; return ECC_PEERKEY_ERROR;
*inOutIdx += bLength; *inOutIdx += bLength;
@ -7846,14 +7932,14 @@ int SetCipherList(Suites* s, const char* list)
ecc_init(&staticKey); ecc_init(&staticKey);
ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i, ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i,
&staticKey, ssl->buffers.key.length); &staticKey, ssl->buffers.key.length);
if (ret == 0) if (ret == 0)
ret = ecc_shared_secret(&staticKey, &ssl->peerEccKey, ret = ecc_shared_secret(&staticKey, ssl->peerEccKey,
ssl->arrays->preMasterSecret, &size); ssl->arrays->preMasterSecret, &size);
ecc_free(&staticKey); ecc_free(&staticKey);
} }
else else
ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey, ret = ecc_shared_secret(ssl->eccTempKey, ssl->peerEccKey,
ssl->arrays->preMasterSecret, &size); ssl->arrays->preMasterSecret, &size);
if (ret != 0) if (ret != 0)
return ECC_SHARED_ERROR; return ECC_SHARED_ERROR;

2
src/ssl.c
View File

@ -2786,7 +2786,7 @@ int CyaSSL_dtls_got_timeout(CYASSL* ssl)
/* in case used set_accept_state after init */ /* in case used set_accept_state after init */
if (ssl->eccTempKeyPresent == 0) { if (ssl->eccTempKeyPresent == 0) {
if (ecc_make_key(ssl->rng, ssl->eccTempKeySz, if (ecc_make_key(ssl->rng, ssl->eccTempKeySz,
&ssl->eccTempKey) != 0) { ssl->eccTempKey) != 0) {
ssl->error = ECC_MAKEKEY_ERROR; ssl->error = ECC_MAKEKEY_ERROR;
CYASSL_ERROR(ssl->error); CYASSL_ERROR(ssl->error);
return SSL_FATAL_ERROR; return SSL_FATAL_ERROR;