wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for peer review feedback. Improve the ECC key bit calculation. Improve the signature RS unsigned bin creation.

Browse Source
This commit is contained in:
David Garske
2021-11-05 14:37:41 -07:00
parent d8faa22194
commit 3941eea626
2 changed files with 54 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wolfcrypt/src/ecc.c
View File

@@ -7094,12 +7094,16 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \ #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \ defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050) defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050)
/* Extract R and S */
err = mp_to_unsigned_bin(r, &sigRS[0]); /* Extract R and S with front zero padding (if required) */
XMEMSET(sigRS, 0, keySz * 2);
err = mp_to_unsigned_bin(r, sigRS +
(keySz - mp_unsigned_bin_size(r)));
if (err != MP_OKAY) { if (err != MP_OKAY) {
return err; return err;
} }
err = mp_to_unsigned_bin(s, &sigRS[keySz]); err = mp_to_unsigned_bin(s, sigRS + keySz +
(keySz - mp_unsigned_bin_size(s)));
if (err != MP_OKAY) { if (err != MP_OKAY) {
return err; return err;
} }

72
wolfcrypt/src/port/nxp/se050_port.c
View File

@@ -427,15 +427,22 @@ void se050_aes_free(Aes* aes)
#ifdef HAVE_ECC #ifdef HAVE_ECC
static sss_cipher_type_t se050_map_curve(int curve_id) static int se050_map_curve(int curve_id, int keySize,
int* keySizeBits, sss_cipher_type_t* pcurve_type)
{ {
int ret = 0;
sss_cipher_type_t curve_type; sss_cipher_type_t curve_type;
*keySizeBits = keySize * 8; /* set default */
switch (curve_id) { switch (curve_id) {
case ECC_SECP160K1: case ECC_SECP160K1:
case ECC_SECP192K1: case ECC_SECP192K1:
case ECC_SECP224K1: case ECC_SECP224K1:
case ECC_SECP256K1: case ECC_SECP256K1:
#ifdef HAVE_ECC_KOBLITZ
curve_type = kSSS_CipherType_EC_NIST_K; curve_type = kSSS_CipherType_EC_NIST_K;
#else
ret = ECC_CURVE_OID_E;
#endif
break; break;
case ECC_BRAINPOOLP160R1: case ECC_BRAINPOOLP160R1:
case ECC_BRAINPOOLP192R1: case ECC_BRAINPOOLP192R1:
@@ -444,7 +451,15 @@ static sss_cipher_type_t se050_map_curve(int curve_id)
case ECC_BRAINPOOLP320R1: case ECC_BRAINPOOLP320R1:
case ECC_BRAINPOOLP384R1: case ECC_BRAINPOOLP384R1:
case ECC_BRAINPOOLP512R1: case ECC_BRAINPOOLP512R1:
#ifdef HAVE_ECC_BRAINPOOL
curve_type = kSSS_CipherType_EC_BRAINPOOL; curve_type = kSSS_CipherType_EC_BRAINPOOL;
#else
ret = ECC_CURVE_OID_E;
#endif
break;
case ECC_SECP521R1:
curve_type = kSSS_CipherType_EC_NIST_P;
*keySizeBits = 521;
break; break;
case ECC_CURVE_DEF: case ECC_CURVE_DEF:
case ECC_SECP160R1: case ECC_SECP160R1:
@@ -452,12 +467,18 @@ static sss_cipher_type_t se050_map_curve(int curve_id)
case ECC_SECP224R1: case ECC_SECP224R1:
case ECC_SECP256R1: case ECC_SECP256R1:
case ECC_SECP384R1: case ECC_SECP384R1:
case ECC_SECP521R1:
default:
curve_type = kSSS_CipherType_EC_NIST_P; curve_type = kSSS_CipherType_EC_NIST_P;
break; break;
case ECC_PRIME239V1:
case ECC_PRIME192V2:
case ECC_PRIME192V3:
default:
ret = ECC_CURVE_OID_E;
break;
} }
return curve_type; if (pcurve_type)
*pcurve_type = curve_type;
return ret;
} }
int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out, int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
@@ -485,9 +506,10 @@ int se050_ecc_sign_hash_ex(const byte* in, word32 inLen, byte* out,
} }
keySize = key->dp->size; keySize = key->dp->size;
keySizeBits = keySize * 8; ret = se050_map_curve(key->dp->id, keySize, &keySizeBits, NULL);
if (keySizeBits > SSS_MAX_ECC_BITS) if (ret != 0) {
keySizeBits = SSS_MAX_ECC_BITS; return ret;
}
/* truncate if digest is larger than key size */ /* truncate if digest is larger than key size */
if (inLen > (word32)keySize) if (inLen > (word32)keySize)
@@ -594,10 +616,10 @@ int se050_ecc_verify_hash_ex(const byte* hash, word32 hashLen, byte* sigRS,
} }
keySize = key->dp->size; keySize = key->dp->size;
keySizeBits = keySize * 8; ret = se050_map_curve(key->dp->id, keySize, &keySizeBits, &curveType);
if (keySizeBits > SSS_MAX_ECC_BITS) if (ret != 0) {
keySizeBits = SSS_MAX_ECC_BITS; return ret;
curveType = se050_map_curve(key->dp->id); }
/* truncate hash if larger than key size */ /* truncate hash if larger than key size */
if (hashLen > (word32)keySize) if (hashLen > (word32)keySize)
@@ -759,7 +781,6 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize)
sss_key_store_t host_keystore; sss_key_store_t host_keystore;
uint8_t derBuf[SE050_ECC_DER_MAX]; uint8_t derBuf[SE050_ECC_DER_MAX];
size_t derSz = sizeof(derBuf); size_t derSz = sizeof(derBuf);
size_t derSzBits = derSz * 8;
int keyId; int keyId;
int keySizeBits; int keySizeBits;
sss_cipher_type_t curveType; sss_cipher_type_t curveType;
@@ -774,14 +795,9 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize)
return WC_HW_E; return WC_HW_E;
} }
curveType = se050_map_curve(curve_id); ret = se050_map_curve(curve_id, keySize, &keySizeBits, &curveType);
keySizeBits = keySize * 8; if (ret != 0) {
if (keySizeBits > SSS_MAX_ECC_BITS) return ret;
keySizeBits = SSS_MAX_ECC_BITS;
if (keySize == 30) {
/* not supported curve key size */
return ECC_CURVE_OID_E;
} }
if (wolfSSL_CryptHwMutexLock() != 0) { if (wolfSSL_CryptHwMutexLock() != 0) {
@@ -807,8 +823,10 @@ int se050_ecc_create_key(struct ecc_key* key, int curve_id, int keySize)
keySizeBits, NULL); keySizeBits, NULL);
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
size_t derSzBits = derSz * 8;
status = sss_key_store_get_key(&host_keystore, &keyPair, status = sss_key_store_get_key(&host_keystore, &keyPair,
derBuf, &derSz, &derSzBits); derBuf, &derSz, &derSzBits);
(void)derSzBits; /* not used */
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
word32 idx = 0; word32 idx = 0;
@@ -853,7 +871,7 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
sss_derive_key_t ctx_derive_key; sss_derive_key_t ctx_derive_key;
int keyId; int keyId;
int keySize; int keySize;
size_t keySizeBits; int keySizeBits;
sss_cipher_type_t curveType; sss_cipher_type_t curveType;
int keyCreated = 0; int keyCreated = 0;
int deriveKeyCreated = 0; int deriveKeyCreated = 0;
@@ -871,10 +889,10 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
} }
keySize = private_key->dp->size; keySize = private_key->dp->size;
keySizeBits = keySize * 8; ret = se050_map_curve(private_key->dp->id, keySize, &keySizeBits, &curveType);
if (keySizeBits > SSS_MAX_ECC_BITS) if (ret != 0) {
keySizeBits = SSS_MAX_ECC_BITS; return ret;
curveType = se050_map_curve(private_key->dp->id); }
if (wolfSSL_CryptHwMutexLock() != 0) { if (wolfSSL_CryptHwMutexLock() != 0) {
return BAD_MUTEX_E; return BAD_MUTEX_E;
@@ -947,10 +965,12 @@ int se050_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
} }
if (status == kStatus_SSS_Success) { if (status == kStatus_SSS_Success) {
size_t outlenSz = (size_t)*outlen; size_t outlenSz = (size_t)*outlen;
size_t outlenSzBits = outlenSz * 8;
/* derived key export */ /* derived key export */
status = sss_key_store_get_key(&host_keystore, &deriveKey, out, status = sss_key_store_get_key(&host_keystore, &deriveKey, out,
&outlenSz, &keySizeBits); &outlenSz, &outlenSzBits);
*outlen = (word32)outlenSz; *outlen = (word32)outlenSz;
(void)outlenSzBits; /* not used */
} }
sss_derive_key_context_free(&ctx_derive_key); sss_derive_key_context_free(&ctx_derive_key);