wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix for ECC non-blocking to allow calling without context set and block when WC_ECC_NONBLOCK_ONLY is defined. In FIPS mode we need "blocking".

Browse Source
This commit is contained in:
David Garske
2020-07-23 14:31:41 -07:00
parent 056ee0987c
commit 20ef2daa9f
1 changed files with 44 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
wolfcrypt/src/ecc.c
View File

@ -4913,35 +4913,50 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
#else
mp_int* sign_k = NULL;
#endif
#ifdef WC_ECC_NONBLOCK_ONLY
/* perform blocking call to non-blocking function */
ecc_nb_ctx_t nb_ctx;
XMEMSET(&nb_ctx, 0, sizeof(nb_ctx));
#endif
#ifndef WOLFSSL_SP_NO_256
if (ecc_sets[key->idx].id == ECC_SECP256R1) {
#ifdef WC_ECC_NONBLOCK
#if defined(WC_ECC_NONBLOCK) || defined(WC_ECC_NONBLOCK_ONLY)
if (key->nb_ctx) {
return sp_ecc_sign_256_nb(&key->nb_ctx->sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
}
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_sign_256_nb(&nb_ctx.sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
} while (err == FP_WOULDBLOCK);
return err;
#endif
#endif
#ifndef WC_ECC_NONBLOCK_ONLY
return sp_ecc_sign_256(in, inlen, rng, &key->k, r, s, sign_k,
key->heap);
#else
return NOT_COMPILED_IN;
#endif
}
#endif
#ifdef WOLFSSL_SP_384
if (ecc_sets[key->idx].id == ECC_SECP384R1) {
#ifdef WC_ECC_NONBLOCK
#if defined(WC_ECC_NONBLOCK) || defined(WC_ECC_NONBLOCK_ONLY)
if (key->nb_ctx) {
return sp_ecc_sign_384_nb(&key->nb_ctx->sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
}
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_sign_384_nb(&nb_ctx.sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
} while (err == FP_WOULDBLOCK);
return err;
#endif
#endif
#ifndef WC_ECC_NONBLOCK_ONLY
return sp_ecc_sign_384(in, inlen, rng, &key->k, r, s, sign_k,
key->heap);
#else
return NOT_COMPILED_IN;
#endif
}
#endif
@ -6013,37 +6028,54 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
&& key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC
#endif
) {
#ifdef WC_ECC_NONBLOCK_ONLY
/* perform blocking call to non-blocking function */
ecc_nb_ctx_t nb_ctx;
XMEMSET(&nb_ctx, 0, sizeof(nb_ctx));
#endif
#ifndef WOLFSSL_SP_NO_256
if (ecc_sets[key->idx].id == ECC_SECP256R1) {
#ifdef WC_ECC_NONBLOCK
#if defined(WC_ECC_NONBLOCK) || defined(WC_ECC_NONBLOCK_ONLY)
if (key->nb_ctx) {
return sp_ecc_verify_256_nb(&key->nb_ctx->sp_ctx, hash, hashlen,
key->pubkey.x, key->pubkey.y, key->pubkey.z, r, s, res,
key->heap);
}
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_verify_256_nb(&nb_ctx->sp_ctx, hash, hashlen,
key->pubkey.x, key->pubkey.y, key->pubkey.z, r, s, res,
key->heap);
} while (err == FP_WOULDBLOCK);
return err;
#endif
#endif
#ifndef WC_ECC_NONBLOCK_ONLY
return sp_ecc_verify_256(hash, hashlen, key->pubkey.x,
key->pubkey.y, key->pubkey.z, r, s, res, key->heap);
#else
return NOT_COMPILED_IN;
#endif
}
#endif
#ifdef WOLFSSL_SP_384
if (ecc_sets[key->idx].id == ECC_SECP384R1) {
#ifdef WC_ECC_NONBLOCK
#if defined(WC_ECC_NONBLOCK) || defined(WC_ECC_NONBLOCK_ONLY)
if (key->nb_ctx) {
return sp_ecc_verify_384_nb(&key->nb_ctx->sp_ctx, hash, hashlen,
key->pubkey.x, key->pubkey.y, key->pubkey.z, r, s, res,
key->heap);
}
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_verify_384_nb(&nb_ctx.sp_ctx, hash, hashlen,
key->pubkey.x, key->pubkey.y, key->pubkey.z, r, s, res,
key->heap);
} while (err == FP_WOULDBLOCK);
return err;
#endif
#endif
#ifndef WC_ECC_NONBLOCK_ONLY
return sp_ecc_verify_384(hash, hashlen, key->pubkey.x,
key->pubkey.y, key->pubkey.z, r, s, res, key->heap);
#else
return NOT_COMPILED_IN;
#endif
}
#endif