Add support for EVP_PKEY_sign/verify functionality (#5056)

* Fix wolfSSL_RSA_public_decrypt() return value to match Openssl
* Add support for EVP_PKEY_verify_init() and EVP_PKEY_verify()
* wpa_supplicant SAE public key functionality requires this function.
* Add DSA support for EVP_PKEY_sign/verify()
* Add ECDSA support for EVP_PKEY_sign/verify()
* Add tests for EVP_PKEY_sign_verify()
* Fix "siglen = keySz" at error cases
* Fix wolfSSL_DSA_do_sign() usage
1. Check wolfSSL_BN_num_bytes() return value
2. Check siglen size
3. Double the siglen
* Check return code of wolfSSL_i2d_ECDSA_SIG() in wolfSSL_EVP_DigestSignFinal()
* Add size calculations to `wolfSSL_EVP_PKEY_sign`
* Add size checks to wolfSSL_EVP_PKEY_sign before writing out signature
* Use wc_ecc_sig_size() to calculate ECC signature size
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Co-authored-by: Juliusz Sosinowicz <juliusz@wolfssl.com>

src/ssl.c

@@ -28632,6 +28632,8 @@ int wolfSSL_RSA_sign_ex(int type, const unsigned char* m,
                            unsigned int mLen, unsigned char* sigRet,
                            unsigned int* sigLen, WOLFSSL_RSA* rsa, int flag)
 {
+    if (sigLen != NULL)
+        *sigLen = RSA_MAX_SIZE / CHAR_BIT; /* No size checking in this API */
     return wolfSSL_RSA_sign_generic_padding(type, m, mLen, sigRet, sigLen,
             rsa, flag, RSA_PKCS1_PADDING);
 }
@@ -28710,6 +28712,10 @@ int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m,
     if (outLen == 0) {
         WOLFSSL_MSG("Bad RSA size");
     }
+    else if (outLen > *sigLen) {
+        WOLFSSL_MSG("Output buffer too small");
+        return WOLFSSL_FAILURE;
+    }
     else if (wc_InitRng(tmpRNG) == 0) {
         rng = tmpRNG;
         initTmpRng = 1;
@@ -28842,7 +28848,7 @@ int wolfSSL_RSA_verify_ex(int type, const unsigned char* m,
     int     ret = WOLFSSL_FAILURE;
     unsigned char *sigRet = NULL;
     unsigned char *sigDec = NULL;
-    unsigned int   len = 0;
+    unsigned int   len = sigLen;
     int verLen;
 #if (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && \
     FIPS_VERSION_GE(5,1))) && !defined(HAVE_SELFTEST)
@@ -43113,7 +43119,7 @@ int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
 
     if (rsa == NULL || rsa->internal == NULL || from == NULL) {
         WOLFSSL_MSG("Bad function arguments");
-        return WOLFSSL_FAILURE;
+        return WOLFSSL_FATAL_ERROR;
     }
 
 #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
@@ -43133,7 +43139,7 @@ int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
         break;
     default:
         WOLFSSL_MSG("RSA_public_decrypt unsupported padding");
-        return WOLFSSL_FAILURE;
+        return WOLFSSL_FATAL_ERROR;
     }
 #endif
 
@@ -43142,7 +43148,7 @@ int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
 
         if (SetRsaInternal(rsa) != WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("SetRsaInternal failed");
-            return WOLFSSL_FAILURE;
+            return WOLFSSL_FATAL_ERROR;
         }
     }
 
@@ -43159,14 +43165,14 @@ int wolfSSL_RSA_public_decrypt(int flen, const unsigned char* from,
     }
     else {
         WOLFSSL_MSG("RSA_public_decrypt pad type not supported in FIPS");
-        ret = WOLFSSL_FAILURE;
+        ret = WOLFSSL_FATAL_ERROR;
     }
 #endif
 
     WOLFSSL_LEAVE("RSA_public_decrypt", ret);
 
     if (ret <= 0) {
-        ret = WOLFSSL_FAILURE;
+        ret = WOLFSSL_FATAL_ERROR;
     }
     return ret;
 }