wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 20:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3060 from dgarske/git3059_cryptocell

Browse Source 
Fixes for CryptoCell
This commit is contained in:
toddouska
2020-06-22 13:37:37 -07:00
committed by GitHub
parent 93bd0dbfe1 6b1a6309ce
commit 180439ca34
2 changed files with 23 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
wolfcrypt/src/signature.c
View File

@@ -176,23 +176,16 @@ int wc_SignatureVerifyHash(
case WC_SIGNATURE_TYPE_RSA: case WC_SIGNATURE_TYPE_RSA:
{ {
#ifndef NO_RSA #ifndef NO_RSA
#if defined(WOLFSSL_CRYPTOCELL) #ifdef WOLFSSL_CRYPTOCELL
/* the signature must propagate to the cryptocell to get verfied */
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key, ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key,
CRYS_RSA_HASH_SHA256_mode); cc310_hashModeRSA(hash_type, 0));
} }
else { else {
ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key, ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key,
CRYS_RSA_After_SHA256_mode); cc310_hashModeRSA(hash_type, 1));
} }
#else
if (ret != 0) {
WOLFSSL_MSG("RSA Signature Verify difference!");
ret = SIG_VERIFY_E;
}
#else /* WOLFSSL_CRYPTOCELL */
word32 plain_len = hash_len; word32 plain_len = hash_len;
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -201,7 +194,6 @@ int wc_SignatureVerifyHash(
byte plain_data[MAX_ENCODED_SIG_SZ]; byte plain_data[MAX_ENCODED_SIG_SZ];
#endif #endif
/* Make sure the plain text output is at least key size */ /* Make sure the plain text output is at least key size */
if (plain_len < sig_len) { if (plain_len < sig_len) {
plain_len = sig_len; plain_len = sig_len;
@@ -231,7 +223,6 @@ int wc_SignatureVerifyHash(
ret = 0; /* Success */ ret = 0; /* Success */
} }
else { else {
WOLFSSL_MSG("RSA Signature Verify difference!");
ret = SIG_VERIFY_E; ret = SIG_VERIFY_E;
} }
} }
@@ -242,7 +233,11 @@ int wc_SignatureVerifyHash(
else { else {
ret = MEMORY_E; ret = MEMORY_E;
} }
#endif /* !WOLFSSL_CRYPTOCELL */ #endif /* WOLFSSL_CRYPTOCELL */
if (ret != 0) {
WOLFSSL_MSG("RSA Signature Verify difference!");
ret = SIG_VERIFY_E;
}
#else #else
ret = SIG_TYPE_E; ret = SIG_TYPE_E;
#endif #endif
@@ -322,23 +317,9 @@ int wc_SignatureVerify(
} }
if (ret == 0) { if (ret == 0) {
#if defined(WOLFSSL_CRYPTOCELL)
if ((sig_type == WC_SIGNATURE_TYPE_RSA)
|| (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC)) {
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
ret = cc310_RsaSSL_Verify(hash_data, hash_len, sig, key,
cc310_hashModeRSA(hash_type, 0));
}
else {
ret = cc310_RsaSSL_Verify(hash_data, hash_len, sig, key,
cc310_hashModeRSA(hash_type, 1));
}
}
#else
/* Verify signature using hash */ /* Verify signature using hash */
ret = wc_SignatureVerifyHash(hash_type, sig_type, ret = wc_SignatureVerifyHash(hash_type, sig_type,
hash_data, hash_enc_len, sig, sig_len, key, key_len); hash_data, hash_enc_len, sig, sig_len, key, key_len);
#endif /* WOLFSSL_CRYPTOCELL */
} }
} }
@@ -414,7 +395,9 @@ int wc_SignatureGenerateHash_ex(
case WC_SIGNATURE_TYPE_RSA_W_ENC: case WC_SIGNATURE_TYPE_RSA_W_ENC:
case WC_SIGNATURE_TYPE_RSA: case WC_SIGNATURE_TYPE_RSA:
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) #if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
#if defined(WOLFSSL_CRYPTOCELL) #ifdef WOLFSSL_CRYPTOCELL
/* use expected signature size (incoming sig_len could be larger buffer */
*sig_len = wc_SignatureGetSize(sig_type, key, key_len);
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key, ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key,
cc310_hashModeRSA(hash_type, 0)); cc310_hashModeRSA(hash_type, 0));
@@ -532,25 +515,6 @@ int wc_SignatureGenerate_ex(
#endif #endif
} }
if (ret == 0) { if (ret == 0) {
#if defined(WOLFSSL_CRYPTOCELL)
if ((sig_type == WC_SIGNATURE_TYPE_RSA)
|| (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC)) {
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
key, cc310_hashModeRSA(hash_type, 0));
}
else {
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
key, cc310_hashModeRSA(hash_type, 1));
}
if (ret == *sig_len) {
ret = 0;
}
}
}
}
#else
/* Generate signature using hash */ /* Generate signature using hash */
ret = wc_SignatureGenerateHash(hash_type, sig_type, ret = wc_SignatureGenerateHash(hash_type, sig_type,
hash_data, hash_enc_len, sig, sig_len, key, key_len, rng); hash_data, hash_enc_len, sig, sig_len, key, key_len, rng);
@@ -561,7 +525,6 @@ int wc_SignatureGenerate_ex(
ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data, ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data,
hash_enc_len, sig, *sig_len, key, key_len); hash_enc_len, sig, *sig_len, key, key_len);
} }
#endif /* WOLFSSL_CRYPTOCELL */
#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN) #if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN)
XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);

2
wolfcrypt/test/test.c
View File

@@ -18353,7 +18353,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
#if defined(WOLFSSL_CRYPTOCELL) #if defined(WOLFSSL_CRYPTOCELL)
/* create a new key since building private key from public key is unsupported */ /* create a new key since building private key from public key is unsupported */
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &key); ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &key);
if (ret == 0) { if (ret != 0) {
ERROR_OUT(-9628, done); ERROR_OUT(-9628, done);
} }
#endif #endif