From f807c7063768d190fd5829837e188a81b206ebc0 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Mon, 5 Sep 2022 12:21:51 +1000 Subject: [PATCH] Ed make public key wasn't checking whether private key set Ed25519 and Ed448 make public key APIs now check whether the private key was set. The private key and public key flags setting and clearing also updated. Testing of unset private key and calling make public key added for Ed25519 and Ed448. --- tests/api.c | 20 ++++++++++++++++++++ wolfcrypt/src/ed25519.c | 14 +++++++++++--- wolfcrypt/src/ed448.c | 12 ++++++++++-- 3 files changed, 41 insertions(+), 5 deletions(-) diff --git a/tests/api.c b/tests/api.c index 51b9ffb15..add8b76a5 100644 --- a/tests/api.c +++ b/tests/api.c @@ -21426,11 +21426,21 @@ static int test_wc_ed25519_make_key(void) #if defined(HAVE_ED25519) ed25519_key key; WC_RNG rng; + unsigned char pubkey[ED25519_PUB_KEY_SIZE]; ret = wc_InitRng(&rng); if (ret == 0) { ret = wc_ed25519_init(&key); } + if (ret == 0) { + ret = wc_ed25519_make_public(&key, pubkey, sizeof(pubkey)); + if (ret == ECC_PRIV_KEY_E) { + ret = 0; + } + else if (ret == 0) { + ret = -1; + } + } printf(testingFmt, "wc_ed25519_make_key()"); if (ret == 0) { ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key); @@ -23249,11 +23259,21 @@ static int test_wc_ed448_make_key(void) #if defined(HAVE_ED448) ed448_key key; WC_RNG rng; + unsigned char pubkey[ED448_PUB_KEY_SIZE]; ret = wc_InitRng(&rng); if (ret == 0) { ret = wc_ed448_init(&key); } + if (ret == 0) { + ret = wc_ed448_make_public(&key, pubkey, sizeof(pubkey)); + if (ret == ECC_PRIV_KEY_E) { + ret = 0; + } + else if (ret == 0) { + ret = -1; + } + } printf(testingFmt, "wc_ed448_make_key()"); if (ret == 0) { ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key); diff --git a/wolfcrypt/src/ed25519.c b/wolfcrypt/src/ed25519.c index 8529ac135..42fae4ff5 100644 --- a/wolfcrypt/src/ed25519.c +++ b/wolfcrypt/src/ed25519.c @@ -182,6 +182,10 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey, if (key == NULL || pubKey == NULL || pubKeySz != ED25519_PUB_KEY_SIZE) ret = BAD_FUNC_ARG; + if ((ret == 0) && (!key->privKeySet)) { + ret = ECC_PRIV_KEY_E; + } + if (ret == 0) ret = ed25519_hash(key, key->k, ED25519_KEY_SIZE, az); if (ret == 0) { @@ -201,6 +205,8 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey, ge_scalarmult_base(&A, az); ge_p3_tobytes(pubKey, &A); #endif + + key->pubKeySet = 1; } return ret; @@ -220,6 +226,9 @@ int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key) if (keySz != ED25519_KEY_SIZE) return BAD_FUNC_ARG; + key->privKeySet = 0; + key->pubKeySet = 0; + #ifdef WOLF_CRYPTO_CB if (key->devId != INVALID_DEVID) { ret = wc_CryptoCb_Ed25519Gen(rng, keySz, key); @@ -233,8 +242,10 @@ int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key) if (ret != 0) return ret; + key->privKeySet = 1; ret = wc_ed25519_make_public(key, key->p, ED25519_PUB_KEY_SIZE); if (ret != 0) { + key->privKeySet = 0; ForceZero(key->k, ED25519_KEY_SIZE); return ret; } @@ -242,9 +253,6 @@ int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key) /* put public key after private key, on the same buffer */ XMEMMOVE(key->k + ED25519_KEY_SIZE, key->p, ED25519_PUB_KEY_SIZE); - key->privKeySet = 1; - key->pubKeySet = 1; - return ret; } diff --git a/wolfcrypt/src/ed448.c b/wolfcrypt/src/ed448.c index 51f53c46b..cb8a93eef 100644 --- a/wolfcrypt/src/ed448.c +++ b/wolfcrypt/src/ed448.c @@ -185,6 +185,10 @@ int wc_ed448_make_public(ed448_key* key, unsigned char* pubKey, word32 pubKeySz) ret = BAD_FUNC_ARG; } + if ((ret == 0) && (!key->privKeySet)) { + ret = ECC_PRIV_KEY_E; + } + if (ret == 0) ret = ed448_hash(key, key->k, ED448_KEY_SIZE, az, sizeof(az)); @@ -196,6 +200,8 @@ int wc_ed448_make_public(ed448_key* key, unsigned char* pubKey, word32 pubKeySz) ge448_scalarmult_base(&A, az); ge448_to_bytes(pubKey, &A); + + key->pubKeySet = 1; } return ret; @@ -225,20 +231,22 @@ int wc_ed448_make_key(WC_RNG* rng, int keySz, ed448_key* key) } if (ret == 0) { + key->pubKeySet = 0; + key->privKeySet = 0; + ret = wc_RNG_GenerateBlock(rng, key->k, ED448_KEY_SIZE); } if (ret == 0) { key->privKeySet = 1; ret = wc_ed448_make_public(key, key->p, ED448_PUB_KEY_SIZE); if (ret != 0) { + key->privKeySet = 0; ForceZero(key->k, ED448_KEY_SIZE); } } if (ret == 0) { /* put public key after private key, on the same buffer */ XMEMMOVE(key->k + ED448_KEY_SIZE, key->p, ED448_PUB_KEY_SIZE); - - key->pubKeySet = 1; } return ret;