wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add support for OpenSSH ssh-keygen tools

Browse Source 
refactor existing code
This commit is contained in:
Ludovic FLAMENT
2015-07-22 14:18:07 +02:00
parent df8b48cd0f
commit 349edd40c2
23 changed files with 1957 additions and 705 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1126
src/ssl.c
View File

File diff suppressed because it is too large Load Diff

33
wolfcrypt/src/aes.c
View File

@@ -55,6 +55,12 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
}
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
return AesCbcDecryptWithKey(out, in, inSz, key, keySz, iv);
}
int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
@@ -1748,6 +1754,33 @@ int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
return ret;
}
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Aes* aes = NULL;
#else
Aes aes[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (aes == NULL)
return MEMORY_E;
#endif
ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION);
if (ret == 0)
ret = wc_AesCbcEncrypt(aes, out, in, inSz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)

265
wolfcrypt/src/asn.c
View File

@@ -1386,7 +1386,8 @@ int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
GetInt(&key->y, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
GetInt(&key->y, input, inOutIdx, inSz) < 0 )
return ASN_DH_KEY_E;
key->type = DSA_PUBLIC;
return 0;
@@ -1408,7 +1409,8 @@ int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
GetInt(&key->y, input, inOutIdx, inSz) < 0 ||
GetInt(&key->x, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
GetInt(&key->x, input, inOutIdx, inSz) < 0 )
return ASN_DH_KEY_E;
key->type = DSA_PRIVATE;
return 0;
@@ -1423,9 +1425,9 @@ static mp_int* GetDsaInt(DsaKey* key, int idx)
if (idx == 2)
return &key->g;
if (idx == 3)
return &key->x;
if (idx == 4)
return &key->y;
if (idx == 4)
return &key->x;
return NULL;
}
@@ -1445,7 +1447,7 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
{
word32 seqSz, verSz, rawLen, intTotalLen = 0;
word32 sizes[DSA_INTS];
int i, j, outLen, ret = 0;
int i, j, outLen, ret = 0, lbit;
byte seq[MAX_SEQ_SZ];
byte ver[MAX_VERSION_SZ];
@@ -1463,7 +1465,15 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
/* write all big ints from key to DER tmps */
for (i = 0; i < DSA_INTS; i++) {
mp_int* keyInt = GetDsaInt(key, i);
rawLen = mp_unsigned_bin_size(keyInt);
/* leading zero */
if ((mp_count_bits(keyInt) & 7) == 0 || mp_iszero(keyInt) == MP_YES)
lbit = 1;
else
lbit = 0;
rawLen = mp_unsigned_bin_size(keyInt) + lbit;
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, NULL, DYNAMIC_TYPE_DSA);
if (tmps[i] == NULL) {
ret = MEMORY_E;
@@ -1471,12 +1481,16 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
}
tmps[i][0] = ASN_INTEGER;
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
if (sizes[i] <= MAX_SEQ_SZ) {
/* leading zero */
if (lbit)
tmps[i][sizes[i]-1] = 0x00;
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) {
sizes[i] += rawLen;
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
intTotalLen += sizes[i];
}
else {
@@ -4641,24 +4655,42 @@ WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
const char* BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
const char* END_CERT = "-----END CERTIFICATE-----";
const char* BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
const char* END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
const char* BEGIN_DH_PARAM = "-----BEGIN DH PARAMETERS-----";
const char* END_DH_PARAM = "-----END DH PARAMETERS-----";
const char* BEGIN_X509_CRL = "-----BEGIN X509 CRL-----";
const char* END_X509_CRL = "-----END X509 CRL-----";
const char* BEGIN_RSA_PRIV = "-----BEGIN RSA PRIVATE KEY-----";
const char* END_RSA_PRIV = "-----END RSA PRIVATE KEY-----";
const char* BEGIN_PRIV_KEY = "-----BEGIN PRIVATE KEY-----";
const char* END_PRIV_KEY = "-----END PRIVATE KEY-----";
const char* BEGIN_ENC_PRIV_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
const char* END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
const char* BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
const char* END_EC_PRIV = "-----END EC PRIVATE KEY-----";
const char* BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
const char* END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA)
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
/* convert der buffer to pem into output, can't do inplace, der and output
need to be different */
int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
int type)
byte *cipher_info, int type)
{
#ifdef WOLFSSL_SMALL_STACK
char* header = NULL;
char* footer = NULL;
#else
char header[80];
char footer[80];
char header[40 + HEADER_ENCRYPTED_KEY_SIZE];
char footer[40];
#endif
int headerLen = 80;
int footerLen = 80;
int headerLen = 40 + HEADER_ENCRYPTED_KEY_SIZE;
int footerLen = 40;
int i;
int err;
int outLen; /* return length or error */
@@ -4670,36 +4702,55 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
header = (char*)XMALLOC(headerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (header == NULL)
return MEMORY_E;
footer = (char*)XMALLOC(footerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (footer == NULL) {
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
if (type == CERT_TYPE) {
XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", headerLen);
XSTRNCPY(footer, "-----END CERTIFICATE-----\n", footerLen);
XSTRNCPY(header, BEGIN_CERT, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_CERT, footerLen);
XSTRNCAT(footer, "\n", 1);
}
else if (type == PRIVATEKEY_TYPE) {
XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", headerLen);
XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n", footerLen);
XSTRNCPY(header, BEGIN_RSA_PRIV, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_RSA_PRIV, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#ifdef HAVE_ECC
#ifndef NO_DSA
else if (type == DSA_PRIVATEKEY_TYPE) {
XSTRNCPY(header, BEGIN_DSA_PRIV, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_DSA_PRIV, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#endif
#ifdef HAVE_ECC
else if (type == ECC_PRIVATEKEY_TYPE) {
XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----\n", headerLen);
XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n", footerLen);
XSTRNCPY(header, BEGIN_EC_PRIV, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_EC_PRIV, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#endif
#ifdef WOLFSSL_CERT_REQ
#endif
#ifdef WOLFSSL_CERT_REQ
else if (type == CERTREQ_TYPE)
{
XSTRNCPY(header,
"-----BEGIN CERTIFICATE REQUEST-----\n", headerLen);
XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----\n", footerLen);
XSTRNCPY(header, BEGIN_CERT_REQ, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_CERT_REQ, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#endif
#endif
else {
#ifdef WOLFSSL_SMALL_STACK
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -4708,6 +4759,14 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
return BAD_FUNC_ARG;
}
/* extra header information for encrypted key */
if (cipher_info != NULL) {
XSTRNCAT(header, "Proc-Type: 4,ENCRYPTED\n", 23);
XSTRNCAT(header, "DEK-Info: ", 10);
XSTRNCAT(header, (char*)cipher_info, XSTRLEN((char*)cipher_info));
XSTRNCAT(header, "\n\n", 2);
}
headerLen = (int)XSTRLEN(header);
footerLen = (int)XSTRLEN(footer);
@@ -4762,7 +4821,6 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
return outLen + headerLen + footerLen;
}
#endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */
@@ -4810,7 +4868,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
{
word32 seqSz, verSz, rawLen, intTotalLen = 0;
word32 sizes[RSA_INTS];
int i, j, outLen, ret = 0;
int i, j, outLen, ret = 0, lbit;
byte seq[MAX_SEQ_SZ];
byte ver[MAX_VERSION_SZ];
@@ -4828,7 +4886,15 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
/* write all big ints from key to DER tmps */
for (i = 0; i < RSA_INTS; i++) {
mp_int* keyInt = GetRsaInt(key, i);
rawLen = mp_unsigned_bin_size(keyInt);
/* leading zero */
if ((mp_count_bits(keyInt) & 7) == 0 || mp_iszero(keyInt) == MP_YES)
lbit = 1;
else
lbit = 0;
rawLen = mp_unsigned_bin_size(keyInt) + lbit;
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
DYNAMIC_TYPE_RSA);
if (tmps[i] == NULL) {
@@ -4837,12 +4903,16 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
}
tmps[i][0] = ASN_INTEGER;
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
if (sizes[i] <= MAX_SEQ_SZ) {
/* leading zero */
if (lbit)
tmps[i][sizes[i]-1] = 0x00;
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) {
sizes[i] += rawLen;
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
intTotalLen += sizes[i];
}
else {
@@ -6846,84 +6916,109 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
/* Write a Private ecc key to DER format, length on success else < 0 */
int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
{
byte curve[MAX_ALGO_SZ];
byte curve[MAX_ALGO_SZ+2];
byte ver[MAX_VERSION_SZ];
byte seq[MAX_SEQ_SZ];
int ret;
int curveSz;
int verSz;
byte *prv, *pub;
int ret, totalSz, curveSz, verSz;
int privHdrSz = ASN_ECC_HEADER_SZ;
int pubHdrSz = ASN_ECC_CONTEXT_SZ + ASN_ECC_HEADER_SZ;
int curveHdrSz = ASN_ECC_CONTEXT_SZ;
word32 seqSz;
word32 idx = 0;
word32 pubSz = ECC_BUFSIZE;
word32 privSz;
word32 totalSz;
word32 idx = 0, prvidx = 0, pubidx = 0, curveidx = 0;
word32 seqSz, privSz, pubSz = ECC_BUFSIZE;
if (key == NULL || output == NULL || inLen == 0)
return BAD_FUNC_ARG;
ret = wc_ecc_export_x963(key, NULL, &pubSz);
if (ret != LENGTH_ONLY_E) {
/* curve */
curve[curveidx++] = ECC_PREFIX_0;
curveidx++ /* to put the size after computation */;
curveSz = SetCurve(key, curve+curveidx);
if (curveSz < 0)
return curveSz;
/* set computed size */
curve[1] = (byte)curveSz;
curveidx += curveSz;
/* private */
privSz = key->dp->size;
prv = (byte*)XMALLOC(privSz + privHdrSz + MAX_SEQ_SZ,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (prv == NULL) {
return MEMORY_E;
}
prv[prvidx++] = ASN_OCTET_STRING;
prv[prvidx++] = (byte)key->dp->size;
ret = wc_ecc_export_private_only(key, prv + prvidx, &privSz);
if (ret < 0) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
curveSz = SetCurve(key, curve);
if (curveSz < 0) {
return curveSz;
prvidx += privSz;
/* public */
ret = wc_ecc_export_x963(key, NULL, &pubSz);
if (ret != LENGTH_ONLY_E) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
privSz = key->dp->size;
pub = (byte*)XMALLOC(pubSz + pubHdrSz + MAX_SEQ_SZ,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pub == NULL) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
pub[pubidx++] = ECC_PREFIX_1;
if (pubSz > 128) /* leading zero + extra size byte */
pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 2, pub+pubidx);
else /* leading zero */
pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 1, pub+pubidx);
pub[pubidx++] = ASN_BIT_STRING;
pubidx += SetLength(pubSz + 1, pub+pubidx);
pub[pubidx++] = (byte)0; /* leading zero */
ret = wc_ecc_export_x963(key, pub + pubidx, &pubSz);
if (ret != 0) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
pubidx += pubSz;
/* make headers */
verSz = SetMyVersion(1, ver, FALSE);
if (verSz < 0) {
return verSz;
seqSz = SetSequence(verSz + prvidx + pubidx + curveidx, seq);
totalSz = prvidx + pubidx + curveidx + verSz + seqSz;
if (totalSz > (int)inLen) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return BAD_FUNC_ARG;
}
totalSz = verSz + privSz + privHdrSz + curveSz + curveHdrSz +
pubSz + pubHdrSz + 1; /* plus null byte b4 public */
seqSz = SetSequence(totalSz, seq);
totalSz += seqSz;
if (totalSz > inLen) {
return BUFFER_E;
}
/* write it out */
/* write out */
/* seq */
XMEMCPY(output + idx, seq, seqSz);
idx += seqSz;
idx = seqSz;
/* ver */
/* ver */
XMEMCPY(output + idx, ver, verSz);
idx += verSz;
/* private */
output[idx++] = ASN_OCTET_STRING;
output[idx++] = (byte)privSz;
ret = wc_ecc_export_private_only(key, output + idx, &privSz);
if (ret < 0) {
return ret;
}
idx += privSz;
XMEMCPY(output + idx, prv, prvidx);
idx += prvidx;
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* curve */
output[idx++] = ECC_PREFIX_0;
output[idx++] = (byte)curveSz;
XMEMCPY(output + idx, curve, curveSz);
idx += curveSz;
XMEMCPY(output + idx, curve, curveidx);
idx += curveidx;
/* public */
output[idx++] = ECC_PREFIX_1;
output[idx++] = (byte)pubSz + ASN_ECC_CONTEXT_SZ + 1; /* plus null byte */
output[idx++] = ASN_BIT_STRING;
output[idx++] = (byte)pubSz + 1; /* plus null byte */
output[idx++] = (byte)0; /* null byte */
ret = wc_ecc_export_x963(key, output + idx, &pubSz);
if (ret != 0) {
return ret;
}
/* idx += pubSz if do more later */
XMEMCPY(output + idx, pub, pubidx);
idx += pubidx;
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return totalSz;
}

33
wolfcrypt/src/coding.c
View File

@@ -393,6 +393,39 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
return 0;
}
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
word32 outIdx = 0;
word32 i;
byte hb, lb;
if (*outLen < (2 * inLen + 1))
return BAD_FUNC_ARG;
for (i = 0; i < inLen; i++) {
hb = in[i] >> 4;
lb = in[i] & 0x0f;
/* ASCII value */
hb += '0';
if (hb > '9')
hb += 7;
/* ASCII value */
lb += '0';
if (lb>'9')
lb += 7;
out[outIdx++] = hb;
out[outIdx++] = lb;
}
/* force 0 at this end */
out[outIdx++] = 0;
*outLen = outIdx;
return 0;
}
#endif /* (OPENSSL_EXTRA) || (HAVE_WEBSERVER) || (HAVE_FIPS) */

79
wolfcrypt/src/des3.c
View File

@@ -91,8 +91,14 @@ void wc_Des_SetIV(Des* des, const byte* iv)
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des_CbcEncryptWithKey(out, in, sz, key, iv);
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des_CbcDecryptWithKey(out, in, sz, key, iv);
}
@@ -104,13 +110,18 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
}
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des3_CbcEncryptWithKey(out, in, sz, key, iv);
}
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
const byte* key, const byte* iv)
{
return Des3_CbcDecryptWithKey(out, in, sz, key, iv);
}
#ifdef HAVE_CAVIUM
/* Initiliaze Des3 for use with Nitrox device */
@@ -1490,8 +1501,35 @@ void wc_Des_SetIV(Des* des, const byte* iv)
}
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des* des = NULL;
#else
Des des[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des == NULL)
return MEMORY_E;
#endif
ret = wc_Des_SetKey(des, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des_CbcEncrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
@@ -1508,7 +1546,7 @@ int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des_CbcDecrypt(des, out, in, sz);
ret = wc_Des_CbcDecrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1529,8 +1567,35 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
}
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des3* des3 = NULL;
#else
Des3 des3[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des3 == NULL)
return MEMORY_E;
#endif
ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des3_CbcEncrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
@@ -1547,7 +1612,7 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);

266
wolfcrypt/src/dsa.c
View File

@@ -27,10 +27,12 @@
#ifndef NO_DSA
#include <wolfssl/wolfcrypt/dsa.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/integer.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/dsa.h>
enum {
@@ -80,6 +82,266 @@ void wc_FreeDsaKey(DsaKey* key)
#endif
}
#ifdef WOLFSSL_KEY_GEN
int wc_MakeDsaKey(RNG *rng, DsaKey *dsa)
{
unsigned char *buf;
int qsize, err;
if (rng == NULL || dsa == NULL)
return BAD_FUNC_ARG;
qsize = mp_unsigned_bin_size(&dsa->q);
/* allocate ram */
buf = (unsigned char *)XMALLOC(qsize, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL)
return MEMORY_E;
if (mp_init(&dsa->x) != MP_OKAY) {
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MP_INIT_E;
}
do {
/* make a random exponent mod q */
err = wc_RNG_GenerateBlock(rng, buf, qsize);
if (err != MP_OKAY) {
mp_clear(&dsa->x);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
/* force magnitude */
buf[0] |= 0xC0;
err = mp_read_unsigned_bin(&dsa->x, buf, qsize);
if (err != MP_OKAY) {
mp_clear(&dsa->x);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
} while (mp_cmp_d(&dsa->x, 1) != MP_GT);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (mp_init(&dsa->y) != MP_OKAY) {
mp_clear(&dsa->x);
return MP_INIT_E;
}
/* public key : y = g^x mod p */
err = mp_exptmod(&dsa->g, &dsa->x, &dsa->p, &dsa->y);
if (err != MP_OKAY) {
mp_clear(&dsa->x);
mp_clear(&dsa->y);
return err;
}
dsa->type = DSA_PRIVATE;
return MP_OKAY;
}
/* modulus_size in bits */
int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa)
{
mp_int tmp, tmp2;
int err, res, msize, qsize, loop;
unsigned char *buf;
if (rng == NULL || dsa == NULL)
return BAD_FUNC_ARG;
/* set group size in bytes from modulus size
* FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256)
*/
switch (modulus_size) {
case 1024:
qsize = 20;
break;
case 2048:
case 3072:
qsize = 32;
break;
default:
return BAD_FUNC_ARG;
break;
}
/* modulus size in bytes */
msize = modulus_size / 8;
if (mp_init(&dsa->q) != MP_OKAY)
return MP_INIT_E;
/* make our prime q */
err = mp_rand_prime(&dsa->q, qsize, rng, NULL);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
return err;
}
if (mp_init(&tmp) != MP_OKAY) {
mp_clear(&dsa->q);
return MP_INIT_E;
}
/* tmp = 2q */
err = mp_add(&dsa->q, &dsa->q, &tmp);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&tmp);
return err;
}
/* allocate ram */
buf = (unsigned char *)XMALLOC(msize - qsize,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL) {
mp_clear(&dsa->q);
mp_clear(&tmp);
return MEMORY_E;
}
/* now make a random string and multply it against q */
err = wc_RNG_GenerateBlock(rng, buf, msize - qsize);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&tmp);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
/* force magnitude */
buf[0] |= 0xC0;
/* force even */
buf[msize - qsize - 1] &= ~1;
if (mp_init_multi(&tmp2, &dsa->p, 0, 0, 0, 0) != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&tmp);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MP_INIT_E;
}
err = mp_read_unsigned_bin(&tmp2, buf, msize - qsize);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* p = tmp2 * q */
err = mp_mul(&dsa->q, &tmp2, &dsa->p);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
/* p = tmp2 * q + 1, so q is a prime divisor of p-1 */
err = mp_add_d(&dsa->p, 1, &dsa->p);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
/* loop until p is prime */
for (loop = 0; loop++;) {
err = mp_prime_is_prime(&dsa->p, 8, &res);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
if (res == MP_YES)
break;
/* p += 2q */
err = mp_add(&tmp, &dsa->p, &dsa->p);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
}
/* tmp2 += (2*loop)
* to have p = (q * tmp2) + 1 prime
*/
if (loop) {
err = mp_add_d(&tmp2, 2*loop, &tmp2);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
}
if (mp_init(&dsa->g) != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return MP_INIT_E;
}
/* find a value g for which g^tmp2 != 1 */
mp_set(&dsa->g, 1);
do {
err = mp_add_d(&dsa->g, 1, &dsa->g);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&dsa->g);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
err = mp_exptmod(&dsa->g, &tmp2, &dsa->p, &tmp);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&dsa->g);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
} while (mp_cmp_d(&tmp, 1) == MP_EQ);
/* at this point tmp generates a group of order q mod p */
mp_exch(&tmp, &dsa->g);
mp_clear(&tmp);
mp_clear(&tmp2);
return MP_OKAY;
}
#endif /* WOLFSSL_KEY_GEN */
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng)
{

140
wolfcrypt/src/ecc.c
View File

@@ -1014,7 +1014,7 @@ int ecc_map(ecc_point* P, mp_int* modulus, mp_digit* mp)
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map)
#else
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
#endif
{
@@ -1043,10 +1043,10 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
/* alloc ram for window temps */
for (i = 0; i < 8; i++) {
M[i] = ecc_new_point();
M[i] = wc_ecc_new_point();
if (M[i] == NULL) {
for (j = 0; j < i; j++) {
ecc_del_point(M[j]);
wc_ecc_del_point(M[j]);
}
mp_clear(&mu);
return MEMORY_E;
@@ -1054,7 +1054,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
}
/* make a copy of G incase R==G */
tG = ecc_new_point();
tG = wc_ecc_new_point();
if (tG == NULL)
err = MEMORY_E;
@@ -1204,9 +1204,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
err = ecc_map(R, modulus, &mp);
mp_clear(&mu);
ecc_del_point(tG);
wc_ecc_del_point(tG);
for (i = 0; i < 8; i++) {
ecc_del_point(M[i]);
wc_ecc_del_point(M[i]);
}
return err;
}
@@ -1229,7 +1229,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map)
#else
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
#endif
{
@@ -1257,10 +1257,10 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
/* alloc ram for window temps */
for (i = 0; i < 3; i++) {
M[i] = ecc_new_point();
M[i] = wc_ecc_new_point();
if (M[i] == NULL) {
for (j = 0; j < i; j++) {
ecc_del_point(M[j]);
wc_ecc_del_point(M[j]);
}
mp_clear(&mu);
return MEMORY_E;
@@ -1268,7 +1268,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
}
/* make a copy of G incase R==G */
tG = ecc_new_point();
tG = wc_ecc_new_point();
if (tG == NULL)
err = MEMORY_E;
@@ -1364,9 +1364,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
/* done */
mp_clear(&mu);
ecc_del_point(tG);
wc_ecc_del_point(tG);
for (i = 0; i < 3; i++) {
ecc_del_point(M[i]);
wc_ecc_del_point(M[i]);
}
return err;
}
@@ -1389,7 +1389,7 @@ static void alt_fp_init(fp_int* a)
Allocate a new ECC point
return A newly allocated point or NULL on error
*/
ecc_point* ecc_new_point(void)
ecc_point* wc_ecc_new_point(void)
{
ecc_point* p;
@@ -1425,7 +1425,7 @@ ecc_point* ecc_new_point(void)
/** Free an ECC point from memory
p The point to free
*/
void ecc_del_point(ecc_point* p)
void wc_ecc_del_point(ecc_point* p)
{
/* prevents free'ing null arguments */
if (p != NULL) {
@@ -1440,7 +1440,7 @@ void ecc_del_point(ecc_point* p)
p The point to copy
r The created point
*/
int ecc_copy_point(ecc_point* p, ecc_point *r)
int wc_ecc_copy_point(ecc_point* p, ecc_point *r)
{
int ret;
@@ -1467,7 +1467,7 @@ int ecc_copy_point(ecc_point* p, ecc_point *r)
return MP_EQ if equal, MP_LT/MP_GT if not, < 0 in case of error
*/
int ecc_cmp_point(ecc_point* a, ecc_point *b)
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b)
{
int ret;
@@ -1492,7 +1492,7 @@ int ecc_cmp_point(ecc_point* a, ecc_point *b)
n The idx number to check
return 1 if valid, 0 if not
*/
static int ecc_is_valid_idx(int n)
int wc_ecc_is_valid_idx(int n)
{
int x;
@@ -1533,28 +1533,28 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
return ECC_BAD_ARG_E;
}
if (ecc_is_valid_idx(private_key->idx) == 0 ||
ecc_is_valid_idx(public_key->idx) == 0)
if (wc_ecc_is_valid_idx(private_key->idx) == 0 ||
wc_ecc_is_valid_idx(public_key->idx) == 0)
return ECC_BAD_ARG_E;
if (XSTRNCMP(private_key->dp->name, public_key->dp->name, ECC_MAXNAME) != 0)
return ECC_BAD_ARG_E;
/* make new point */
result = ecc_new_point();
result = wc_ecc_new_point();
if (result == NULL) {
return MEMORY_E;
}
if ((err = mp_init(&prime)) != MP_OKAY) {
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
if (err == MP_OKAY)
err = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
err = wc_ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
if (err == MP_OKAY) {
x = mp_unsigned_bin_size(&prime);
@@ -1570,7 +1570,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
}
mp_clear(&prime);
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
@@ -1600,24 +1600,24 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
return ECC_BAD_ARG_E;
}
if (ecc_is_valid_idx(private_key->idx) == 0)
if (wc_ecc_is_valid_idx(private_key->idx) == 0)
return ECC_BAD_ARG_E;
/* make new point */
result = ecc_new_point();
result = wc_ecc_new_point();
if (result == NULL) {
return MEMORY_E;
}
if ((err = mp_init(&prime)) != MP_OKAY) {
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
if (err == MP_OKAY)
err = ecc_mulmod(&private_key->k, point, result, &prime, 1);
err = wc_ecc_mulmod(&private_key->k, point, result, &prime, 1);
if (err == MP_OKAY) {
x = mp_unsigned_bin_size(&prime);
@@ -1633,14 +1633,14 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
}
mp_clear(&prime);
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
/* return 1 if point is at infinity, 0 if not, < 0 on error */
int ecc_point_is_at_infinity(ecc_point* p)
int wc_ecc_point_is_at_infinity(ecc_point* p)
{
if (p == NULL)
return BAD_FUNC_ARG;
@@ -1708,7 +1708,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
}
if (err == MP_OKAY) {
base = ecc_new_point();
base = wc_ecc_new_point();
if (base == NULL)
err = MEMORY_E;
}
@@ -1735,7 +1735,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
}
/* make the public key */
if (err == MP_OKAY)
err = ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
err = wc_ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
/* validate the public key, order * pubkey = point at infinity */
@@ -1753,7 +1753,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
mp_clear(key->pubkey.z);
mp_clear(&key->k);
}
ecc_del_point(base);
wc_ecc_del_point(base);
if (po_init) {
mp_clear(&prime);
mp_clear(&order);
@@ -1886,7 +1886,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
}
/* is the IDX valid ? */
if (ecc_is_valid_idx(key->idx) != 1) {
if (wc_ecc_is_valid_idx(key->idx) != 1) {
return ECC_BAD_ARG_E;
}
@@ -2059,10 +2059,10 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
/* allocate the table */
if (err == MP_OKAY) {
for (x = 0; x < 16; x++) {
precomp[x] = ecc_new_point();
precomp[x] = wc_ecc_new_point();
if (precomp[x] == NULL) {
for (y = 0; y < x; ++y) {
ecc_del_point(precomp[y]);
wc_ecc_del_point(precomp[y]);
}
err = GEN_MEM_ERR;
break;
@@ -2203,7 +2203,7 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
if (tableInit) {
for (x = 0; x < 16; x++) {
ecc_del_point(precomp[x]);
wc_ecc_del_point(precomp[x]);
}
}
ForceZero(tA, ECC_BUFSIZE);
@@ -2300,7 +2300,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
*stat = 0;
/* is the IDX valid ? */
if (ecc_is_valid_idx(key->idx) != 1) {
if (wc_ecc_is_valid_idx(key->idx) != 1) {
return ECC_BAD_ARG_E;
}
@@ -2320,8 +2320,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
}
/* allocate points */
mG = ecc_new_point();
mQ = ecc_new_point();
mG = wc_ecc_new_point();
mQ = wc_ecc_new_point();
if (mQ == NULL || mG == NULL)
err = MEMORY_E;
@@ -2388,9 +2388,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
/* compute u1*mG + u2*mQ = mG */
if (err == MP_OKAY)
err = ecc_mulmod(&u1, mG, mG, &m, 0);
err = wc_ecc_mulmod(&u1, mG, mG, &m, 0);
if (err == MP_OKAY)
err = ecc_mulmod(&u2, mQ, mQ, &m, 0);
err = wc_ecc_mulmod(&u2, mQ, mQ, &m, 0);
/* find the montgomery mp */
if (err == MP_OKAY)
@@ -2420,8 +2420,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
*stat = 1;
}
ecc_del_point(mG);
ecc_del_point(mQ);
wc_ecc_del_point(mG);
wc_ecc_del_point(mQ);
mp_clear(&v);
mp_clear(&w);
@@ -2442,7 +2442,7 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
int compressed = 0;
if (in == NULL || point == NULL || (curve_idx < 0) ||
(ecc_is_valid_idx(curve_idx) == 0))
(wc_ecc_is_valid_idx(curve_idx) == 0))
return ECC_BAD_ARG_E;
/* must be odd */
@@ -2568,7 +2568,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out,
word32 numlen;
int ret = MP_OKAY;
if ((curve_idx < 0) || (ecc_is_valid_idx(curve_idx) == 0))
if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0))
return ECC_BAD_ARG_E;
/* return length needed only */
@@ -2646,7 +2646,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
if (key == NULL || out == NULL || outLen == NULL)
return ECC_BAD_ARG_E;
if (ecc_is_valid_idx(key->idx) == 0) {
if (wc_ecc_is_valid_idx(key->idx) == 0) {
return ECC_BAD_ARG_E;
}
numlen = key->dp->size;
@@ -2782,7 +2782,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
if (key == NULL)
return BAD_FUNC_ARG;
base = ecc_new_point();
base = wc_ecc_new_point();
if (base == NULL)
return MEMORY_E;
@@ -2794,11 +2794,11 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
mp_set(base->z, 1);
if (err == MP_OKAY) {
res = ecc_new_point();
res = wc_ecc_new_point();
if (res == NULL)
err = MEMORY_E;
else {
err = ecc_mulmod(&key->k, base, res, prime, 1);
err = wc_ecc_mulmod(&key->k, base, res, prime, 1);
if (err == MP_OKAY) {
/* compare result to public key */
if (mp_cmp(res->x, key->pubkey.x) != MP_EQ ||
@@ -2811,8 +2811,8 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
}
}
ecc_del_point(res);
ecc_del_point(base);
wc_ecc_del_point(res);
wc_ecc_del_point(base);
return err;
}
@@ -2855,16 +2855,16 @@ static int ecc_check_pubkey_order(ecc_key* key, mp_int* prime, mp_int* order)
if (key == NULL)
return BAD_FUNC_ARG;
inf = ecc_new_point();
inf = wc_ecc_new_point();
if (inf == NULL)
err = MEMORY_E;
else {
err = ecc_mulmod(order, &key->pubkey, inf, prime, 1);
if (err == MP_OKAY && !ecc_point_is_at_infinity(inf))
err = wc_ecc_mulmod(order, &key->pubkey, inf, prime, 1);
if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf))
err = ECC_INF_E;
}
ecc_del_point(inf);
wc_ecc_del_point(inf);
return err;
}
@@ -2881,7 +2881,7 @@ int wc_ecc_check_key(ecc_key* key)
return BAD_FUNC_ARG;
/* pubkey point cannot be at inifinity */
if (ecc_point_is_at_infinity(&key->pubkey))
if (wc_ecc_point_is_at_infinity(&key->pubkey))
return ECC_INF_E;
err = mp_init_multi(&prime, &order, NULL, NULL, NULL, NULL);
@@ -3071,7 +3071,7 @@ int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen)
if (key == NULL || out == NULL || outLen == NULL)
return ECC_BAD_ARG_E;
if (ecc_is_valid_idx(key->idx) == 0) {
if (wc_ecc_is_valid_idx(key->idx) == 0) {
return ECC_BAD_ARG_E;
}
numlen = key->dp->size;
@@ -3848,10 +3848,10 @@ static int find_hole(void)
/* free entry z */
if (z >= 0 && fp_cache[z].g) {
mp_clear(&fp_cache[z].mu);
ecc_del_point(fp_cache[z].g);
wc_ecc_del_point(fp_cache[z].g);
fp_cache[z].g = NULL;
for (x = 0; x < (1U<<FP_LUT); x++) {
ecc_del_point(fp_cache[z].LUT[x]);
wc_ecc_del_point(fp_cache[z].LUT[x]);
fp_cache[z].LUT[x] = NULL;
}
fp_cache[z].lru_count = 0;
@@ -3883,7 +3883,7 @@ static int add_entry(int idx, ecc_point *g)
unsigned x, y;
/* allocate base and LUT */
fp_cache[idx].g = ecc_new_point();
fp_cache[idx].g = wc_ecc_new_point();
if (fp_cache[idx].g == NULL) {
return GEN_MEM_ERR;
}
@@ -3892,19 +3892,19 @@ static int add_entry(int idx, ecc_point *g)
if ((mp_copy(g->x, fp_cache[idx].g->x) != MP_OKAY) ||
(mp_copy(g->y, fp_cache[idx].g->y) != MP_OKAY) ||
(mp_copy(g->z, fp_cache[idx].g->z) != MP_OKAY)) {
ecc_del_point(fp_cache[idx].g);
wc_ecc_del_point(fp_cache[idx].g);
fp_cache[idx].g = NULL;
return GEN_MEM_ERR;
}
for (x = 0; x < (1U<<FP_LUT); x++) {
fp_cache[idx].LUT[x] = ecc_new_point();
fp_cache[idx].LUT[x] = wc_ecc_new_point();
if (fp_cache[idx].LUT[x] == NULL) {
for (y = 0; y < x; y++) {
ecc_del_point(fp_cache[idx].LUT[y]);
wc_ecc_del_point(fp_cache[idx].LUT[y]);
fp_cache[idx].LUT[y] = NULL;
}
ecc_del_point(fp_cache[idx].g);
wc_ecc_del_point(fp_cache[idx].g);
fp_cache[idx].g = NULL;
fp_cache[idx].lru_count = 0;
return GEN_MEM_ERR;
@@ -4044,10 +4044,10 @@ static int build_lut(int idx, mp_int* modulus, mp_digit* mp, mp_int* mu)
/* err cleanup */
for (y = 0; y < (1U<<FP_LUT); y++) {
ecc_del_point(fp_cache[idx].LUT[y]);
wc_ecc_del_point(fp_cache[idx].LUT[y]);
fp_cache[idx].LUT[y] = NULL;
}
ecc_del_point(fp_cache[idx].g);
wc_ecc_del_point(fp_cache[idx].g);
fp_cache[idx].g = NULL;
fp_cache[idx].lru_count = 0;
mp_clear(&fp_cache[idx].mu);
@@ -4578,7 +4578,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
otherwise it's left in jacobian-montgomery form
return MP_OKAY if successful
*/
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
{
int idx, err = MP_OKAY;
@@ -4663,10 +4663,10 @@ static void wc_ecc_fp_free_cache(void)
for (x = 0; x < FP_ENTRIES; x++) {
if (fp_cache[x].g != NULL) {
for (y = 0; y < (1U<<FP_LUT); y++) {
ecc_del_point(fp_cache[x].LUT[y]);
wc_ecc_del_point(fp_cache[x].LUT[y]);
fp_cache[x].LUT[y] = NULL;
}
ecc_del_point(fp_cache[x].g);
wc_ecc_del_point(fp_cache[x].g);
fp_cache[x].g = NULL;
mp_clear(&fp_cache[x].mu);
fp_cache[x].lru_count = 0;
@@ -5502,7 +5502,7 @@ int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen)
if (key == NULL || out == NULL || outLen == NULL)
return ECC_BAD_ARG_E;
if (ecc_is_valid_idx(key->idx) == 0) {
if (wc_ecc_is_valid_idx(key->idx) == 0) {
return ECC_BAD_ARG_E;
}
numlen = key->dp->size;

109
wolfcrypt/src/integer.c
View File

@@ -45,6 +45,14 @@
#endif
#endif
#ifdef SHOW_GEN
#ifdef FREESCALE_MQX
#include <fio.h>
#else
#include <stdio.h>
#endif
#endif
/* reverse an array, used for radix code */
static void
bn_reverse (unsigned char *s, int len)
@@ -2526,13 +2534,15 @@ mp_set_bit (mp_int * a, int b)
{
int i = b / DIGIT_BIT, res;
/* grow a to accomodate the single bit */
if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
return res;
}
if (a->used < (int)(i + 1)) {
/* grow a to accomodate the single bit */
if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
return res;
}
/* set the used count of where the bit will go */
a->used = i + 1;
/* set the used count of where the bit will go */
a->used = (int)(i + 1);
}
/* put the single bit in its place */
a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
@@ -4086,12 +4096,15 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
#endif
/* no easy answer [c'est la vie]. Just division */
if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
return res;
if (c != NULL) {
if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
return res;
}
q.used = a->used;
q.sign = a->sign;
}
q.used = a->used;
q.sign = a->sign;
w = 0;
for (ix = a->used - 1; ix >= 0; ix--) {
w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);
@@ -4102,7 +4115,8 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
} else {
t = 0;
}
q.dp[ix] = (mp_digit)t;
if (c != NULL)
q.dp[ix] = (mp_digit)t;
}
if (d != NULL) {
@@ -4112,8 +4126,8 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
if (c != NULL) {
mp_clamp(&q);
mp_exch(&q, c);
mp_clear(&q);
}
mp_clear(&q);
return res;
}
@@ -4282,6 +4296,70 @@ static int mp_prime_is_divisible (mp_int * a, int *result)
return MP_OKAY;
}
static const int USE_BBS = 1;
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
{
int err, res, type;
byte* buf;
if (N == NULL || rng == NULL)
return BAD_FUNC_ARG;
/* get type */
if (len < 0) {
type = USE_BBS;
len = -len;
} else {
type = 0;
}
/* allow sizes between 2 and 512 bytes for a prime size */
if (len < 2 || len > 512) {
return BAD_FUNC_ARG;
}
/* allocate buffer to work with */
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
if (buf == NULL) {
return MEMORY_E;
}
XMEMSET(buf, 0, len);
do {
#ifdef SHOW_GEN
printf(".");
fflush(stdout);
#endif
/* generate value */
err = wc_RNG_GenerateBlock(rng, buf, len);
if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* munge bits */
buf[0] |= 0x80 | 0x40;
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
/* load value */
if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* test */
if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
} while (res == MP_NO);
ForceZero(buf, len);
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return MP_OKAY;
}
/*
* Sets result to 1 if probably prime, 0 otherwise
@@ -4468,8 +4546,6 @@ LBL_U:mp_clear (&v);
return res;
}
#endif /* WOLFSSL_KEY_GEN */
@@ -4542,6 +4618,9 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
}
return MP_OKAY;
}
#endif /* HAVE_ECC */
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
/* returns size of ASCII representation */
int mp_radix_size (mp_int *a, int radix, int *size)
@@ -4652,7 +4731,7 @@ int mp_toradix (mp_int *a, char *str, int radix)
return MP_OKAY;
}
#endif /* HAVE_ECC */
#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
#endif /* USE_FAST_MATH */

97
wolfcrypt/src/rsa.c
View File

@@ -131,14 +131,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
#include <wolfcrypt/src/misc.c>
#endif
#ifdef SHOW_GEN
#ifdef FREESCALE_MQX
#include <fio.h>
#else
#include <stdio.h>
#endif
#endif
#ifdef HAVE_CAVIUM
static int InitCaviumRsaKey(RsaKey* key, void* heap);
static int FreeCaviumRsaKey(RsaKey* key);
@@ -152,22 +144,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32 outLen, RsaKey* key);
#endif
enum {
RSA_PUBLIC_ENCRYPT = 0,
RSA_PUBLIC_DECRYPT = 1,
RSA_PRIVATE_ENCRYPT = 2,
RSA_PRIVATE_DECRYPT = 3,
RSA_BLOCK_TYPE_1 = 1,
RSA_BLOCK_TYPE_2 = 2,
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
};
int wc_InitRsaKey(RsaKey* key, void* heap)
{
#ifdef HAVE_CAVIUM
@@ -610,76 +586,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
return 0;
}
#ifdef WOLFSSL_KEY_GEN
static const int USE_BBS = 1;
static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
{
int err, res, type;
byte* buf;
(void)heap;
if (N == NULL || rng == NULL)
return BAD_FUNC_ARG;
/* get type */
if (len < 0) {
type = USE_BBS;
len = -len;
} else {
type = 0;
}
/* allow sizes between 2 and 512 bytes for a prime size */
if (len < 2 || len > 512) {
return BAD_FUNC_ARG;
}
/* allocate buffer to work with */
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
if (buf == NULL) {
return MEMORY_E;
}
XMEMSET(buf, 0, len);
do {
#ifdef SHOW_GEN
printf(".");
fflush(stdout);
#endif
/* generate value */
err = wc_RNG_GenerateBlock(rng, buf, len);
if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* munge bits */
buf[0] |= 0x80 | 0x40;
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
/* load value */
if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* test */
if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
} while (res == MP_NO);
ForceZero(buf, len);
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return 0;
}
/* Make an RSA key for size bits, with e specified, 65537 is a good e */
int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
{
@@ -703,7 +610,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
/* make p */
if (err == MP_OKAY) {
do {
err = rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
err = mp_rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
if (err == MP_OKAY)
err = mp_sub_d(&p, 1, &tmp1); /* tmp1 = p-1 */
@@ -716,7 +623,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
/* make q */
if (err == MP_OKAY) {
do {
err = rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
err = mp_rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
if (err == MP_OKAY)
err = mp_sub_d(&q, 1, &tmp1); /* tmp1 = q-1 */

150
wolfcrypt/src/tfm.c
View File

@@ -39,6 +39,7 @@
#ifdef USE_FAST_MATH
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/tfm.h>
#include <wolfcrypt/src/asm.c> /* will define asm MACROS or C ones */
@@ -1815,10 +1816,37 @@ void fp_set(fp_int *a, fp_digit b)
/* chek if a bit is set */
int fp_is_bit_set (fp_int *a, fp_digit b)
{
if ((fp_digit)a->used < b/DIGIT_BIT)
fp_digit i;
if (b > FP_MAX_BITS)
return 0;
else
i = b/DIGIT_BIT;
if ((fp_digit)a->used < i)
return 0;
return (int)((a->dp[b/DIGIT_BIT] >> b%DIGIT_BIT) & (fp_digit)1);
return (int)((a->dp[i] >> b%DIGIT_BIT) & (fp_digit)1);
}
/* set the b bit of a */
int fp_set_bit (fp_int * a, fp_digit b)
{
fp_digit i;
if (b > FP_MAX_BITS)
return 0;
else
i = b/DIGIT_BIT;
/* set the used count of where the bit will go if required */
if (a->used < (int)(i + 1))
a->used = (int)(i + 1);
/* put the single bit in its place */
a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
return MP_OKAY;
}
int fp_count_bits (fp_int * a)
@@ -2186,17 +2214,22 @@ void mp_rshb (mp_int* a, int x)
/* fast math wrappers */
int mp_set_int(fp_int *a, fp_digit b)
int mp_set_int(mp_int *a, mp_digit b)
{
fp_set(a, b);
return MP_OKAY;
}
int mp_is_bit_set (fp_int *a, fp_digit b)
int mp_is_bit_set (mp_int *a, mp_digit b)
{
return fp_is_bit_set(a, b);
}
int mp_set_bit(mp_int *a, mp_digit b)
{
return fp_set_bit(a, b);
}
#if defined(WOLFSSL_KEY_GEN) || defined (HAVE_ECC)
/* c = a * a (mod b) */
@@ -2230,6 +2263,18 @@ static const int lnz[16] = {
4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
};
/* swap the elements of two integers, for cases where you can't simply swap the
* mp_int pointers around
*/
static void fp_exch (fp_int * a, fp_int * b)
{
fp_int t;
t = *a;
*a = *b;
*b = t;
}
/* Counts the number of lsbs which are zero before the first zero bit */
int fp_cnt_lsb(fp_int *a)
{
@@ -2258,8 +2303,6 @@ int fp_cnt_lsb(fp_int *a)
}
static int s_is_power_of_two(fp_digit b, int *p)
{
int x;
@@ -2313,11 +2356,14 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
return FP_OKAY;
}
/* no easy answer [c'est la vie]. Just division */
fp_init(&q);
if (c != NULL) {
/* no easy answer [c'est la vie]. Just division */
fp_init(&q);
q.used = a->used;
q.sign = a->sign;
}
q.used = a->used;
q.sign = a->sign;
w = 0;
for (ix = a->used - 1; ix >= 0; ix--) {
w = (w << ((fp_word)DIGIT_BIT)) | ((fp_word)a->dp[ix]);
@@ -2328,7 +2374,8 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
} else {
t = 0;
}
q.dp[ix] = (fp_digit)t;
if (c != NULL)
q.dp[ix] = (fp_digit)t;
}
if (d != NULL) {
@@ -2362,6 +2409,7 @@ int mp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
void fp_gcd(fp_int *a, fp_int *b, fp_int *c);
void fp_lcm(fp_int *a, fp_int *b, fp_int *c);
int fp_isprime(fp_int *a);
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap);
int mp_gcd(fp_int *a, fp_int *b, fp_int *c)
{
@@ -2384,6 +2432,31 @@ int mp_prime_is_prime(mp_int* a, int t, int* result)
return MP_OKAY;
}
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
{
int err;
err = fp_randprime(N, len, rng, heap);
switch(err) {
case FP_VAL:
return MP_VAL;
break;
case FP_MEM:
return MP_MEM;
break;
default:
break;
}
return MP_OKAY;
}
int mp_exch (mp_int * a, mp_int * b)
{
fp_exch(a, b);
return MP_OKAY;
}
/* Miller-Rabin test of "a" to the base of "b" as described in
* HAC pp. 139 Algorithm 4.24
*
@@ -2513,6 +2586,59 @@ int fp_isprime(fp_int *a)
return FP_YES;
}
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap)
{
static const int USE_BBS = 1;
int err, type;
byte* buf;
/* get type */
if (len < 0) {
type = USE_BBS;
len = -len;
} else {
type = 0;
}
/* allow sizes between 2 and 512 bytes for a prime size */
if (len < 2 || len > 512) {
return FP_VAL;
}
/* allocate buffer to work with */
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL) {
return FP_MEM;
}
XMEMSET(buf, 0, len);
do {
#ifdef SHOW_GEN
printf(".");
fflush(stdout);
#endif
/* generate value */
err = wc_RNG_GenerateBlock(rng, buf, len);
if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
return FP_VAL;
}
/* munge bits */
buf[0] |= 0x80 | 0x40;
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
/* load value */
fp_read_unsigned_bin(N, buf, len);
/* test */
} while (fp_isprime(N) == FP_NO);
XMEMSET(buf, 0, len);
XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
return FP_OKAY;
}
/* c = [a, b] */
void fp_lcm(fp_int *a, fp_int *b, fp_int *c)
@@ -2740,7 +2866,7 @@ int mp_radix_size (mp_int *a, int radix, int *size)
if (fp_iszero(a) == MP_YES) {
*size = 2;
return FP_YES;
return FP_OKAY;
}
/* digs is the digit count */

40
wolfcrypt/test/test.c
View File

@@ -210,7 +210,7 @@ int pbkdf2_test(void);
#endif
/* General big buffer size for many tests. */
/* General big buffer size for many tests. */
#define FOURK_BUF 4096
@@ -3385,6 +3385,8 @@ int rsa_test(void)
#ifdef HAVE_CAVIUM
wc_RsaInitCavium(&key, CAVIUM_DEV_ID);
#endif
printf("1\n");
ret = wc_InitRsaKey(&key, 0);
if (ret != 0) {
free(tmp);
@@ -3445,7 +3447,7 @@ int rsa_test(void)
free(tmp);
return -49;
}
printf("11\n");
bytes = fread(tmp, 1, FOURK_BUF, file2);
fclose(file2);
#endif
@@ -3465,7 +3467,7 @@ int rsa_test(void)
(void)bytes;
#endif
printf("111\n");
#ifdef WOLFSSL_KEY_GEN
{
byte* der;
@@ -3476,7 +3478,7 @@ int rsa_test(void)
RsaKey genKey;
FILE* keyFile;
FILE* pemFile;
printf("2\n");
ret = wc_InitRsaKey(&genKey, 0);
if (ret != 0)
return -300;
@@ -3502,7 +3504,7 @@ int rsa_test(void)
free(pem);
return -302;
}
printf("22\n");
#ifdef FREESCALE_MQX
keyFile = fopen("a:\\certs\\key.der", "wb");
#else
@@ -3523,14 +3525,14 @@ int rsa_test(void)
return -313;
}
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, NULL, PRIVATEKEY_TYPE);
if (pemSz < 0) {
free(der);
free(pem);
wc_FreeRsaKey(&genKey);
return -304;
}
printf("222\n");
#ifdef FREESCALE_MQX
pemFile = fopen("a:\\certs\\key.pem", "wb");
#else
@@ -3567,7 +3569,7 @@ int rsa_test(void)
wc_FreeRsaKey(&genKey);
return -306;
}
printf("2222\n");
wc_FreeRsaKey(&derIn);
wc_FreeRsaKey(&genKey);
free(pem);
@@ -3575,7 +3577,7 @@ int rsa_test(void)
}
#endif /* WOLFSSL_KEY_GEN */
printf("3\n");
#ifdef WOLFSSL_CERT_GEN
/* self signed */
{
@@ -3598,7 +3600,7 @@ int rsa_test(void)
free(derCert);
return -310;
}
printf("33\n");
wc_InitCert(&myCert);
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
@@ -3628,7 +3630,7 @@ int rsa_test(void)
}
FreeDecodedCert(&decode);
#endif
printf("333\n");
#ifdef FREESCALE_MQX
derFile = fopen("a:\\certs\\cert.der", "wb");
#else
@@ -3646,14 +3648,14 @@ int rsa_test(void)
free(pem);
return -414;
}
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
printf("4\n");
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, NULL, CERT_TYPE);
if (pemSz < 0) {
free(derCert);
free(pem);
return -404;
}
printf("41\n");
#ifdef FREESCALE_MQX
pemFile = fopen("a:\\certs\\cert.pem", "wb");
#else
@@ -3793,7 +3795,7 @@ int rsa_test(void)
return -416;
}
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, NULL, CERT_TYPE);
if (pemSz < 0) {
free(derCert);
free(pem);
@@ -3938,7 +3940,7 @@ int rsa_test(void)
return -5414;
}
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, NULL, CERT_TYPE);
if (pemSz < 0) {
free(pem);
free(derCert);
@@ -4122,7 +4124,7 @@ int rsa_test(void)
return -473;
}
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
pemSz = wc_DerToPem(derCert, certSz, pem, FOURK_BUF, NULL, CERT_TYPE);
if (pemSz < 0) {
free(derCert);
free(pem);
@@ -4207,7 +4209,7 @@ int rsa_test(void)
return -466;
}
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, NULL, CERTREQ_TYPE);
if (pemSz < 0) {
free(pem);
free(der);
@@ -5125,7 +5127,7 @@ int ecc_test(void)
return -1026;
}
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, ECC_PRIVATEKEY_TYPE);
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, NULL, ECC_PRIVATEKEY_TYPE);
if (pemSz < 0) {
return -1027;
}

2
wolfssl/openssl/dsa.h
View File

@@ -24,7 +24,7 @@ struct WOLFSSL_DSA {
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*);
WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,

143
wolfssl/openssl/pem.h
View File

@@ -14,75 +14,104 @@
#endif
WOLFSSL_API int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
/* RSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
/* DSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API
int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
/* ECC */
WOLFSSL_API
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API
int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
/* EVP_KEY */
WOLFSSL_API
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**,
pem_password_cb cb,
void* arg);
WOLFSSL_API
int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**, pem_password_cb cb, void* arg);
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u);
WOLFSSL_API int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_buf_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
/* RSA */
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
/* DSA */
#define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
/* ECC */
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
/* EVP_KEY */
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_PEM_H_ */

63
wolfssl/wolfcrypt/aes.h
View File

@@ -126,17 +126,24 @@ typedef struct Gmac {
#endif /* HAVE_AESGCM */
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv);
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
/* AES-CTR */
#ifdef WOLFSSL_AES_COUNTER
WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)
@@ -147,30 +154,34 @@ typedef struct Gmac {
#endif
#ifdef HAVE_AESGCM
WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AESCCM
WOLFSSL_API void wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
WOLFSSL_API void wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API void wc_AesCcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_CAVIUM

21
wolfssl/wolfcrypt/asn.h
View File

@@ -182,8 +182,9 @@ enum Misc_ASN {
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */
EIGHTK_BUF = 8192, /* Tmp buffer size */
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2,
/* use bigger NTRU size */
HEADER_ENCRYPTED_KEY_SIZE = 88 /* Extra header size for encrypted key */
};
@@ -476,6 +477,24 @@ struct DecodedCert {
#endif /* WOLFSSL_SEP */
};
extern const char* BEGIN_CERT;
extern const char* END_CERT;
extern const char* BEGIN_CERT_REQ;
extern const char* END_CERT_REQ;
extern const char* BEGIN_DH_PARAM;
extern const char* END_DH_PARAM;
extern const char* BEGIN_X509_CRL;
extern const char* END_X509_CRL;
extern const char* BEGIN_RSA_PRIV;
extern const char* END_RSA_PRIV;
extern const char* BEGIN_PRIV_KEY;
extern const char* END_PRIV_KEY;
extern const char* BEGIN_ENC_PRIV_KEY;
extern const char* END_ENC_PRIV_KEY;
extern const char* BEGIN_EC_PRIV;
extern const char* END_EC_PRIV;
extern const char* BEGIN_DSA_PRIV;
extern const char* END_DSA_PRIV;
#ifdef NO_SHA
#define SIGNER_DIGEST_SIZE SHA256_DIGEST_SIZE

3
wolfssl/wolfcrypt/asn_public.h
View File

@@ -43,6 +43,7 @@ enum CertType {
CRL_TYPE,
CA_TYPE,
ECC_PRIVATEKEY_TYPE,
DSA_PRIVATEKEY_TYPE,
CERTREQ_TYPE,
DSA_TYPE,
ECC_TYPE,
@@ -177,7 +178,7 @@ WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA)
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
word32 outputSz, byte *cipherIno, int type);
#endif
#ifdef HAVE_ECC

2
wolfssl/wolfcrypt/coding.h
View File

@@ -53,6 +53,8 @@ WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out,
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
WOLFSSL_API
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
WOLFSSL_API
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
#endif

38
wolfssl/wolfcrypt/des3.h
View File

@@ -83,21 +83,35 @@ typedef struct Des3 {
} Des3;
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key,
const byte* iv, int dir);
WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key,
const byte* iv,int dir);
WOLFSSL_API int wc_Des3_SetIV(Des3* des, const byte* iv);
WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out,
const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_Des3_InitCavium(Des3*, int);

5
wolfssl/wolfcrypt/dsa.h
View File

@@ -66,6 +66,11 @@ WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32);
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_MakeDsaKey(RNG *rng, DsaKey *dsa);
WOLFSSL_API int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

17
wolfssl/wolfcrypt/ecc.h
View File

@@ -84,7 +84,7 @@ typedef struct {
*/
#ifndef FP_MAX_BITS_ECC
#define FP_MAX_BITS_ECC 512
#define FP_MAX_BITS_ECC 528
#endif
#define FP_MAX_SIZE_ECC (FP_MAX_BITS_ECC+(8*DIGIT_BIT))
#if FP_MAX_BITS_ECC % CHAR_BIT
@@ -163,17 +163,20 @@ WOLFSSL_API
void wc_ecc_fp_free(void);
WOLFSSL_API
ecc_point* ecc_new_point(void);
ecc_point* wc_ecc_new_point(void);
WOLFSSL_API
void ecc_del_point(ecc_point* p);
void wc_ecc_del_point(ecc_point* p);
WOLFSSL_API
int ecc_copy_point(ecc_point* p, ecc_point *r);
int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
WOLFSSL_API
int ecc_cmp_point(ecc_point* a, ecc_point *b);
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
WOLFSSL_API
int ecc_point_is_at_infinity(ecc_point *p);
int wc_ecc_point_is_at_infinity(ecc_point *p);
WOLFSSL_API
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, int map);
int wc_ecc_is_valid_idx(int n);
WOLFSSL_API
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map);
/* ASN key helpers */
WOLFSSL_API

3
wolfssl/wolfcrypt/integer.h
View File

@@ -36,6 +36,8 @@
#include <wolfssl/wolfcrypt/tfm.h>
#else
#include <wolfssl/wolfcrypt/random.h>
#ifndef CHAR_BIT
#include <limits.h>
#endif
@@ -313,6 +315,7 @@ int mp_radix_size (mp_int * a, int radix, int *size);
int mp_prime_is_prime (mp_int * a, int t, int *result);
int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
#endif
int mp_cnt_lsb(mp_int *a);

16
wolfssl/wolfcrypt/rsa.h
View File

@@ -46,9 +46,23 @@
enum {
RSA_PUBLIC = 0,
RSA_PRIVATE = 1
RSA_PRIVATE = 1,
RSA_PUBLIC_ENCRYPT = 0,
RSA_PUBLIC_DECRYPT = 1,
RSA_PRIVATE_ENCRYPT = 2,
RSA_PRIVATE_DECRYPT = 3,
RSA_BLOCK_TYPE_1 = 1,
RSA_BLOCK_TYPE_2 = 2,
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
};
/* RSA */
typedef struct RsaKey {
mp_int n, e, d, p, q, dP, dQ, u;

11
wolfssl/wolfcrypt/tfm.h
View File

@@ -40,6 +40,7 @@
#include <limits.h>
#endif
#include <wolfssl/wolfcrypt/random.h>
#ifdef __cplusplus
extern "C" {
@@ -377,6 +378,8 @@ void fp_set(fp_int *a, fp_digit b);
/* check if a bit is set */
int fp_is_bit_set(fp_int *a, fp_digit b);
/* set the b bit to 1 */
int fp_set_bit (fp_int * a, fp_digit b);
/* copy from a to b */
#ifndef ALT_ECC_SIZE
@@ -651,6 +654,7 @@ void fp_sqr_comba64(fp_int *a, fp_int *b);
#define MP_EQ FP_EQ /* equal to */
#define MP_GT FP_GT /* greater than */
#define MP_VAL FP_VAL /* invalid */
#define MP_MEM FP_MEM /* memory error */
#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
#define MP_OKAY FP_OKAY /* ok result */
#define MP_NO FP_NO /* yes/no result */
@@ -688,8 +692,9 @@ int mp_isodd(mp_int* a);
int mp_iszero(mp_int* a);
int mp_count_bits(mp_int *a);
int mp_leading_bit(mp_int *a);
int mp_set_int(fp_int *a, fp_digit b);
int mp_is_bit_set (fp_int * a, fp_digit b);
int mp_set_int(mp_int *a, mp_digit b);
int mp_is_bit_set (mp_int * a, mp_digit b);
int mp_set_bit (mp_int * a, mp_digit b);
void mp_rshb(mp_int *a, int x);
int mp_toradix (mp_int *a, char *str, int radix);
int mp_radix_size (mp_int * a, int radix, int *size);
@@ -713,6 +718,8 @@ int mp_radix_size (mp_int * a, int radix, int *size);
int mp_gcd(fp_int *a, fp_int *b, fp_int *c);
int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
int mp_prime_is_prime(mp_int* a, int t, int* result);
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
int mp_exch(mp_int *a, mp_int *b);
#endif /* WOLFSSL_KEY_GEN */
int mp_cnt_lsb(fp_int *a);