mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-02 04:04:39 +02:00
Merge pull request #3060 from dgarske/git3059_cryptocell
Fixes for CryptoCell
This commit is contained in:
toddouska
GitHub
@@ -176,23 +176,16 @@ int wc_SignatureVerifyHash(
|
|||||||
case WC_SIGNATURE_TYPE_RSA:
|
case WC_SIGNATURE_TYPE_RSA:
|
||||||
{
|
{
|
||||||
#ifndef NO_RSA
|
#ifndef NO_RSA
|
||||||
#if defined(WOLFSSL_CRYPTOCELL)
|
#ifdef WOLFSSL_CRYPTOCELL
|
||||||
/* the signature must propagate to the cryptocell to get verfied */
|
|
||||||
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
|
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
|
||||||
ret = cc310_RsaSSL_Verify(hash_data, hash_len,(byte*)sig, key,
|
ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key,
|
||||||
CRYS_RSA_HASH_SHA256_mode);
|
cc310_hashModeRSA(hash_type, 0));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
ret = cc310_RsaSSL_Verify(hash_data, hash_len,(byte*)sig, key,
|
ret = cc310_RsaSSL_Verify(hash_data, hash_len, (byte*)sig, key,
|
||||||
CRYS_RSA_After_SHA256_mode);
|
cc310_hashModeRSA(hash_type, 1));
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
if (ret != 0) {
|
|
||||||
WOLFSSL_MSG("RSA Signature Verify difference!");
|
|
||||||
ret = SIG_VERIFY_E;
|
|
||||||
}
|
|
||||||
|
|
||||||
#else /* WOLFSSL_CRYPTOCELL */
|
|
||||||
|
|
||||||
word32 plain_len = hash_len;
|
word32 plain_len = hash_len;
|
||||||
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
|
||||||
@@ -200,7 +193,6 @@ int wc_SignatureVerifyHash(
|
|||||||
#else
|
#else
|
||||||
byte plain_data[MAX_ENCODED_SIG_SZ];
|
byte plain_data[MAX_ENCODED_SIG_SZ];
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
/* Make sure the plain text output is at least key size */
|
/* Make sure the plain text output is at least key size */
|
||||||
if (plain_len < sig_len) {
|
if (plain_len < sig_len) {
|
||||||
@@ -231,7 +223,6 @@ int wc_SignatureVerifyHash(
|
|||||||
ret = 0; /* Success */
|
ret = 0; /* Success */
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
WOLFSSL_MSG("RSA Signature Verify difference!");
|
|
||||||
ret = SIG_VERIFY_E;
|
ret = SIG_VERIFY_E;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -242,7 +233,11 @@ int wc_SignatureVerifyHash(
|
|||||||
else {
|
else {
|
||||||
ret = MEMORY_E;
|
ret = MEMORY_E;
|
||||||
}
|
}
|
||||||
#endif /* !WOLFSSL_CRYPTOCELL */
|
#endif /* WOLFSSL_CRYPTOCELL */
|
||||||
|
if (ret != 0) {
|
||||||
|
WOLFSSL_MSG("RSA Signature Verify difference!");
|
||||||
|
ret = SIG_VERIFY_E;
|
||||||
|
}
|
||||||
#else
|
#else
|
||||||
ret = SIG_TYPE_E;
|
ret = SIG_TYPE_E;
|
||||||
#endif
|
#endif
|
||||||
@@ -322,23 +317,9 @@ int wc_SignatureVerify(
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
#if defined(WOLFSSL_CRYPTOCELL)
|
|
||||||
if ((sig_type == WC_SIGNATURE_TYPE_RSA)
|
|
||||||
|| (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC)) {
|
|
||||||
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
|
|
||||||
ret = cc310_RsaSSL_Verify(hash_data, hash_len, sig, key,
|
|
||||||
cc310_hashModeRSA(hash_type, 0));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
ret = cc310_RsaSSL_Verify(hash_data, hash_len, sig, key,
|
|
||||||
cc310_hashModeRSA(hash_type, 1));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
/* Verify signature using hash */
|
/* Verify signature using hash */
|
||||||
ret = wc_SignatureVerifyHash(hash_type, sig_type,
|
ret = wc_SignatureVerifyHash(hash_type, sig_type,
|
||||||
hash_data, hash_enc_len, sig, sig_len, key, key_len);
|
hash_data, hash_enc_len, sig, sig_len, key, key_len);
|
||||||
#endif /* WOLFSSL_CRYPTOCELL */
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -414,15 +395,17 @@ int wc_SignatureGenerateHash_ex(
|
|||||||
case WC_SIGNATURE_TYPE_RSA_W_ENC:
|
case WC_SIGNATURE_TYPE_RSA_W_ENC:
|
||||||
case WC_SIGNATURE_TYPE_RSA:
|
case WC_SIGNATURE_TYPE_RSA:
|
||||||
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
|
#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
|
||||||
#if defined(WOLFSSL_CRYPTOCELL)
|
#ifdef WOLFSSL_CRYPTOCELL
|
||||||
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
|
/* use expected signature size (incoming sig_len could be larger buffer */
|
||||||
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key,
|
*sig_len = wc_SignatureGetSize(sig_type, key, key_len);
|
||||||
cc310_hashModeRSA(hash_type, 0));
|
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
|
||||||
|
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key,
|
||||||
|
cc310_hashModeRSA(hash_type, 0));
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key,
|
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key,
|
||||||
cc310_hashModeRSA(hash_type, 1));
|
cc310_hashModeRSA(hash_type, 1));
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
/* Create signature using provided RSA key */
|
/* Create signature using provided RSA key */
|
||||||
do {
|
do {
|
||||||
@@ -434,7 +417,7 @@ int wc_SignatureGenerateHash_ex(
|
|||||||
ret = wc_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
|
ret = wc_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
|
||||||
(RsaKey*)key, rng);
|
(RsaKey*)key, rng);
|
||||||
} while (ret == WC_PENDING_E);
|
} while (ret == WC_PENDING_E);
|
||||||
#endif /* WOLFSSL_CRYPTOCELL */
|
#endif /* WOLFSSL_CRYPTOCELL */
|
||||||
if (ret >= 0) {
|
if (ret >= 0) {
|
||||||
*sig_len = ret;
|
*sig_len = ret;
|
||||||
ret = 0; /* Success */
|
ret = 0; /* Success */
|
||||||
@@ -532,25 +515,6 @@ int wc_SignatureGenerate_ex(
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
#if defined(WOLFSSL_CRYPTOCELL)
|
|
||||||
if ((sig_type == WC_SIGNATURE_TYPE_RSA)
|
|
||||||
|| (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC)) {
|
|
||||||
if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) {
|
|
||||||
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
|
|
||||||
key, cc310_hashModeRSA(hash_type, 0));
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len,
|
|
||||||
key, cc310_hashModeRSA(hash_type, 1));
|
|
||||||
}
|
|
||||||
|
|
||||||
if (ret == *sig_len) {
|
|
||||||
ret = 0;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
/* Generate signature using hash */
|
/* Generate signature using hash */
|
||||||
ret = wc_SignatureGenerateHash(hash_type, sig_type,
|
ret = wc_SignatureGenerateHash(hash_type, sig_type,
|
||||||
hash_data, hash_enc_len, sig, sig_len, key, key_len, rng);
|
hash_data, hash_enc_len, sig, sig_len, key, key_len, rng);
|
||||||
@@ -561,7 +525,6 @@ int wc_SignatureGenerate_ex(
|
|||||||
ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data,
|
ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data,
|
||||||
hash_enc_len, sig, *sig_len, key, key_len);
|
hash_enc_len, sig, *sig_len, key, key_len);
|
||||||
}
|
}
|
||||||
#endif /* WOLFSSL_CRYPTOCELL */
|
|
||||||
|
|
||||||
#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN)
|
#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN)
|
||||||
XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
|||||||
@@ -18353,7 +18353,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
|
|||||||
#if defined(WOLFSSL_CRYPTOCELL)
|
#if defined(WOLFSSL_CRYPTOCELL)
|
||||||
/* create a new key since building private key from public key is unsupported */
|
/* create a new key since building private key from public key is unsupported */
|
||||||
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &key);
|
ret = wc_ecc_make_key(rng, ECC_KEYGEN_SIZE, &key);
|
||||||
if (ret == 0) {
|
if (ret != 0) {
|
||||||
ERROR_OUT(-9628, done);
|
ERROR_OUT(-9628, done);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Reference in New Issue
Block a user