wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-04 05:04:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4062 from dgarske/dh_key

Browse Source 
DH Key and Params Export cleanups and Apache httpd fixes
This commit is contained in:
Sean Parkinson
2021-06-10 20:54:32 +10:00
committed by GitHub
parent 56c317e1ab 4a85127507
commit 3ecb8d5a3e
15 changed files with 351 additions and 382 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
certs/statickeys/dh-ffdhe2048-pub.der Normal file
View File

Binary file not shown.

14
certs/statickeys/dh-ffdhe2048-pub.pem Normal file
View File

@@ -0,0 +1,14 @@
-----BEGIN PUBLIC KEY-----
MIICJDCCARcGCSqGSIb3DQEDATCCAQgCggEBAP//////////rfhUWKK7Spqv3FYg
Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V
1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih
Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n
Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb
TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8CAQID
ggEFAAKCAQBNP0zkbEZx/2ECcwtlT0bnLg+eQQRVQVGJqV6EvHoKNTQVvrHDHs3H
WheYX/+WPRub+swfHqcii5XuK9R04mPi/ZyqT75kaYMxXpBchV2ymeAFtfK2Gc0G
zaizWY2HhH+PCe69YW/FzbicpxWX0EQuLS4yIMU731BvjRe4hKNnJH6j7IwIeGwl
iALToGjOGiVGLptMgvTrs8kdFwySlFQPtd8/cUUzl02HGktACnG0Gb4zvc/zFWMG
N1yhncDnp4vToms/8ULINmsKQ4vp0IzNDzHNIuc5yI3rXZGLBm4fB9urK0+F+LtV
471wUVxzZl3RtvhEEODyCRxtAl38egiC
-----END PUBLIC KEY-----

3
certs/statickeys/gen-static.sh
View File

@@ -10,3 +10,6 @@ openssl ec -inform pem -in certs/statickeys/ecc-secp256r1.pem -outform der -out
# Using one generated and capture with wolfSSL using wc_DhGenerateKeyPair (openssl generates DH keys with 2048-bits... based on the DH "p" prime size)
#openssl genpkey -paramfile certs/statickeys/dh-ffdhe2048-params.pem -out certs/statickeys/dh-ffdhe2048.der
openssl pkey -inform der -in certs/statickeys/dh-ffdhe2048.der -outform pem -out certs/statickeys/dh-ffdhe2048.pem
# Export DH public key as DER and convert to PEM
openssl pkey -inform der -in certs/statickeys/dh-ffdhe2048.der -outform der -out certs/statickeys/dh-ffdhe2048-pub.der -pubout
openssl pkey -inform der -in certs/statickeys/dh-ffdhe2048.der -outform pem -out certs/statickeys/dh-ffdhe2048-pub.pem -pubout

4
certs/statickeys/include.am
View File

@@ -14,4 +14,6 @@ EXTRA_DIST += \
EXTRA_DIST += \
certs/statickeys/dh-ffdhe2048-params.pem \
certs/statickeys/dh-ffdhe2048.der \
certs/statickeys/dh-ffdhe2048.pem
certs/statickeys/dh-ffdhe2048.pem \
certs/statickeys/dh-ffdhe2048-pub.der \
certs/statickeys/dh-ffdhe2048-pub.pem

273
src/ssl.c
View File

@@ -45724,274 +45724,7 @@ end:
}
#endif /* !NO_BIO */
#ifndef NO_FILESYSTEM
#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH)
/* Convert DH key parameters to DER format, write to output (outSz)
* If output is NULL then max expected size is set to outSz and LENGTH_ONLY_E is
* returned.
*
* Note : static function due to redefinition complications with DhKey and FIPS
* version 2 build.
*
* return bytes written on success */
int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz)
{
word32 sz = 0, idx = 0;
int pSz = 0, gSz = 0, ret;
byte scratch[MAX_LENGTH_SZ];
if (key == NULL || outSz == NULL) {
return BAD_FUNC_ARG;
}
pSz = mp_unsigned_bin_size(&key->p);
if (pSz < 0) {
return pSz;
}
if (mp_leading_bit(&key->p)) {
pSz++;
}
gSz = mp_unsigned_bin_size(&key->g);
if (gSz < 0) {
return gSz;
}
if (mp_leading_bit(&key->g)) {
gSz++;
}
sz = ASN_TAG_SZ; /* Integer */
sz += SetLength(pSz, scratch);
sz += ASN_TAG_SZ; /* Integer */
sz += SetLength(gSz, scratch);
sz += gSz + pSz;
if (out == NULL) {
byte seqScratch[MAX_SEQ_SZ];
*outSz = sz + SetSequence(sz, seqScratch);
return LENGTH_ONLY_E;
}
if (*outSz < MAX_SEQ_SZ || *outSz < sz) {
return BUFFER_E;
}
idx += SetSequence(sz, out);
if (*outSz < idx + sz) {
return BUFFER_E;
}
out[idx++] = ASN_INTEGER;
idx += SetLength(pSz, out + idx);
if (mp_leading_bit(&key->p)) {
out[idx++] = 0x00;
pSz -= 1; /* subtract 1 from size to account for leading 0 */
}
ret = mp_to_unsigned_bin(&key->p, out + idx);
if (ret != MP_OKAY) {
return BUFFER_E;
}
idx += pSz;
out[idx++] = ASN_INTEGER;
idx += SetLength(gSz, out + idx);
if (mp_leading_bit(&key->g)) {
out[idx++] = 0x00;
gSz -= 1; /* subtract 1 from size to account for leading 0 */
}
ret = mp_to_unsigned_bin(&key->g, out + idx);
if (ret != MP_OKAY) {
return BUFFER_E;
}
idx += gSz;
return idx;
}
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz)
{
word32 sz = 0;
word32 paramSz = 0;
int ret;
int pubSz = 0;
int idx = 0;
byte scratch[MAX_ALGO_SZ];
/* Get size of entire key */
/* SEQUENCE <--| SetAlgoId
* OBJECT IDENTIFIER <--|
* SEQUENCE <--
* INTEGER | wc_DhParamsToDer
* INTEGER <--
*/
ret = wc_DhParamsToDer(key, NULL, &paramSz);
if (ret != LENGTH_ONLY_E)
return ASN_PARSE_E;
sz += paramSz;
sz += SetAlgoID(DHk, scratch, oidKeyType, paramSz);
/* BIT STRING
* INTEGER
*/
pubSz = mp_unsigned_bin_size(&key->pub);
if (pubSz < 0)
return pubSz;
if (mp_leading_bit(&key->pub))
pubSz++;
sz += ASN_TAG_SZ; /* Integer */
sz += SetLength(pubSz, scratch);
sz += pubSz;
sz += SetBitString(pubSz, 0, scratch);
if (out == NULL) {
/* Uppermost SEQUENCE */
*outSz = sz + SetSequence(sz, scratch);
return LENGTH_ONLY_E;
}
/* end get size of entire key */
/* Check for indexing errors */
if (*outSz < MAX_SEQ_SZ || *outSz < sz) {
return BUFFER_E;
}
/* Build Up Entire Key */
idx += SetSequence(sz, out);
idx += SetAlgoID(DHk, out+idx, oidKeyType, paramSz);
ret = wc_DhParamsToDer(key, out+idx, &paramSz);
if (ret < 0)
return ret;
idx += ret;
/* BIT STRING
* INTEGER
*/
idx += SetBitString(pubSz, 0, out+idx);
out[idx++] = ASN_INTEGER;
idx += SetLength(pubSz, out + idx);
if (mp_leading_bit(&key->pub)) {
out[idx++] = 0x00;
pubSz -= 1; /* subtract 1 from size to account for leading 0 */
}
ret = mp_to_unsigned_bin(&key->pub, out + idx);
if (ret != MP_OKAY) {
return BUFFER_E;
}
idx += pubSz;
return idx;
}
int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz)
{
word32 sz = 0;
word32 paramSz = 0;
int ret;
int privSz = 0;
int idx = 0;
byte scratch[MAX_ALGO_SZ];
/* Get size of entire key */
/* INTEGER 0 */
sz += ASN_TAG_SZ; /* Integer */
sz += SetLength(1, scratch);
sz += 1;
/* SEQUENCE <--| SetAlgoId
* OBJECT IDENTIFIER <--|
* SEQUENCE <--
* INTEGER | wc_DhParamsToDer
* INTEGER <--
*/
ret = wc_DhParamsToDer(key, NULL, &paramSz);
if (ret != LENGTH_ONLY_E)
return ASN_PARSE_E;
sz += paramSz;
sz += SetAlgoID(DHk, scratch, oidKeyType, paramSz);
/* OCTET STRING
* INTEGER
*/
privSz = mp_unsigned_bin_size(&key->priv);
if (privSz < 0)
return privSz;
else if (privSz > 256) /* Key is larger than 2048 */
return ASN_VERSION_E;
if (mp_leading_bit(&key->priv))
privSz++;
sz += ASN_TAG_SZ; /* Integer */
sz += SetLength(privSz, scratch);
sz += privSz;
sz += SetOctetString(privSz + ASN_OCTET_STRING, scratch);
if (out == NULL) {
/* Uppermost SEQUENCE */
*outSz = sz + SetSequence(sz, scratch);
return LENGTH_ONLY_E;
}
/* end get size of entire key */
/* Check for indexing errors */
if (*outSz < MAX_SEQ_SZ || *outSz < sz) {
return BUFFER_E;
}
/* Build Up Entire Key */
idx += SetSequence(sz, out);
/* INTEGER 0 */
out[idx++] = ASN_INTEGER;
idx += SetLength(1, out+idx);
out[idx++] = 0;
idx += SetAlgoID(DHk, out+idx, oidKeyType, paramSz);
ret = wc_DhParamsToDer(key, out+idx, &paramSz);
if (ret < 0)
return ret;
idx += ret;
/* OCTET STRING
* INTEGER
*/
if (privSz == 256) {
idx += SetOctetString(privSz + ASN_OCTET_STRING, out+idx);
} else if (privSz == 128) {
idx += SetOctetString(privSz + ASN_OCTET_STRING-1, out+idx);
} else if (privSz == 64) {
idx += SetOctetString(privSz + ASN_OCTET_STRING-2, out+idx);
} else {
WOLFSSL_MSG("Unsupported key size");
return ASN_VERSION_E;
}
out[idx++] = ASN_INTEGER;
idx += SetLength(privSz, out + idx);
if (mp_leading_bit(&key->priv)) {
out[idx++] = 0x00;
privSz -= 1; /* subtract 1 from size to account for leading 0 */
}
ret = mp_to_unsigned_bin(&key->priv, out + idx);
if (ret != MP_OKAY) {
return BUFFER_E;
}
idx += privSz;
return idx;
}
#if defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
/* Writes the DH parameters in PEM format from "dh" out to the file pointer
* passed in.
*
@@ -46074,9 +45807,7 @@ int wolfSSL_PEM_write_DHparams(XFILE fp, WOLFSSL_DH* dh)
WOLFSSL_LEAVE("wolfSSL_PEM_write_DHparams", WOLFSSL_SUCCESS);
return WOLFSSL_SUCCESS;
}
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* WOLFSSL_QT || OPENSSL_ALL */
#endif /* !NO_FILESYSTEM */
#endif /* WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */
#endif /* !NO_DH */
#ifndef NO_BIO

44
tests/api.c
View File

@@ -27749,7 +27749,8 @@ static void test_wolfSSL_tmp_dh(void)
int bytes;
DSA* dsa;
DH* dh;
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
#if defined(WOLFSSL_DH_EXTRA) && \
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
DH* dh2;
#endif
BIO* bio;
@@ -27780,7 +27781,8 @@ static void test_wolfSSL_tmp_dh(void)
dh = wolfSSL_DSA_dup_DH(dsa);
AssertNotNull(dh);
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
#if defined(WOLFSSL_DH_EXTRA) && \
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
AssertNotNull(dh2 = wolfSSL_DH_dup(dh));
#endif
@@ -27794,7 +27796,8 @@ static void test_wolfSSL_tmp_dh(void)
BIO_free(bio);
DSA_free(dsa);
DH_free(dh);
#if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
#if defined(WOLFSSL_DH_EXTRA) && \
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH))
DH_free(dh2);
#endif
SSL_free(ssl);
@@ -34525,10 +34528,8 @@ static void test_wolfSSL_DH_1536_prime(void)
static void test_wolfSSL_PEM_write_DHparams(void)
{
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if defined(OPENSSL_EXTRA) && !defined(NO_DH) && !defined(NO_FILESYSTEM)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#ifndef NO_BIO
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO) && \
!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH* dh;
BIO* bio;
XFILE fp;
@@ -34568,9 +34569,6 @@ tgZl96bcAGdru8OpQYP7x/rI4h5+rwA/kwIBAg==\n\
XFCLOSE(fp);
printf(resultFmt, passed);
#endif /* !NO_BIO */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL || OPENSSL_QT */
#endif
}
@@ -36279,8 +36277,9 @@ static void test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY (void)
static void test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
{
#if !defined(NO_DH)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH *dh = NULL;
DH *setDh = NULL;
EVP_PKEY *pkey = NULL;
@@ -36323,8 +36322,9 @@ static void test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
DH_free(setDh);
DH_free(dh);
printf(resultFmt, passed);
#endif /* !NO_DH && WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* NO_DH */
#endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
} /* END test_EVP_PKEY_set1_get1_DH */
static void test_wolfSSL_CTX_ctrl(void)
@@ -37401,9 +37401,8 @@ static void test_wolfSSL_QT_EVP_PKEY_CTX_free(void)
static void test_wolfSSL_EVP_PKEY_param_check(void)
{
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if !defined(NO_DH) && !defined(NO_FILESYSTEM)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) \
&& (HAVE_FIPS_VERSION>2))
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH *dh = NULL;
DH *setDh = NULL;
EVP_PKEY *pkey = NULL;
@@ -37450,7 +37449,6 @@ static void test_wolfSSL_EVP_PKEY_param_check(void)
printf(resultFmt, passed);
#endif
#endif
#endif
}
static void test_wolfSSL_EVP_BytesToKey(void)
{
@@ -38443,16 +38441,18 @@ static void test_wolfSSL_OCSP_resp_get0(void)
static void test_wolfSSL_EVP_PKEY_derive(void)
{
#if defined(OPENSSL_ALL) && !defined(NO_DH)
printf(testingFmt, "wolfSSL_EVP_PKEY_derive()");
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC)
printf(testingFmt, "wolfSSL_EVP_PKEY_derive()");
EVP_PKEY_CTX *ctx;
unsigned char *skey;
size_t skeylen;
EVP_PKEY *pkey, *peerkey;
const unsigned char* key;
#ifndef NO_DH
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
/* DH */
key = dh_key_der_2048;
AssertNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
@@ -38495,9 +38495,11 @@ static void test_wolfSSL_EVP_PKEY_derive(void)
EVP_PKEY_free(pkey);
XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
#endif /* HAVE_ECC */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
printf(resultFmt, "passed");
#endif /* OPENSSL_ALL */
#endif /* (!NO_DH && WOLFSSL_DH_EXTRA) || HAVE_ECC */
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
}
#ifndef NO_RSA

158
wolfcrypt/src/asn.c
View File

@@ -684,6 +684,7 @@ int SetASNInt(int len, byte firstByte, byte* output)
#if !defined(NO_DSA) || defined(HAVE_ECC) || (defined(WOLFSSL_CERT_GEN) && \
!defined(NO_RSA)) || ((defined(WOLFSSL_KEY_GEN) || \
(!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || \
defined(OPENSSL_EXTRA)) && !defined(NO_RSA) && !defined(HAVE_USER_RSA))
/* Set the DER/BER encoding of the ASN.1 INTEGER element with an mp_int.
* The number is assumed to be positive.
@@ -4730,11 +4731,10 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
if (ret == ASN_DH_KEY_E) {
*inOutIdx = temp;
/* the version (0) */
if (GetASNInt(input, inOutIdx, &length, inSz) < 0) {
return ASN_PARSE_E;
}
/* the version (0) - private only (for public skip) */
if (GetASNInt(input, inOutIdx, &length, inSz) == 0) {
*inOutIdx += length;
}
/* Size of dhKeyAgreement section */
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
@@ -4790,6 +4790,156 @@ int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
return ret;
}
#ifdef WOLFSSL_DH_EXTRA
/* Export DH Key (private or public) */
int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
{
int ret, privSz = 0, pubSz = 0, keySz;
word32 idx, total;
if (key == NULL || outSz == NULL) {
return BAD_FUNC_ARG;
}
/* determine size */
if (exportPriv) {
/* octect string: priv */
privSz = SetASNIntMP(&key->priv, -1, NULL);
idx = 1 + SetLength(privSz, NULL) + privSz; /* +1 for ASN_OCTET_STRING */
}
else {
/* bit string: public */
pubSz = SetASNIntMP(&key->pub, -1, NULL);
idx = SetBitString(pubSz, 0, NULL) + pubSz;
}
keySz = idx;
/* DH Parameters sequence with P and G */
total = 0;
ret = wc_DhParamsToDer(key, NULL, &total);
if (ret != LENGTH_ONLY_E)
return ret;
idx += total;
/* object dhKeyAgreement 1.2.840.113549.1.3.1 */
idx += SetObjectId(sizeof(keyDhOid), NULL);
idx += sizeof(keyDhOid);
/* sequence */
idx += SetSequence(idx, NULL);
if (exportPriv) {
/* version: 0 (ASN_INTEGER, 0x01, 0x00) */
idx += 3;
}
/* sequence */
total = idx + SetSequence(idx, NULL);
/* if no output, then just getting size */
if (output == NULL) {
*outSz = total;
return LENGTH_ONLY_E;
}
/* make sure output fits in buffer */
if (total > *outSz) {
return BUFFER_E;
}
total = idx;
/* sequence */
idx = SetSequence(total, output);
if (exportPriv) {
/* version: 0 */
idx += SetMyVersion(0, output + idx, 0);
}
/* sequence - all but pub/priv */
idx += SetSequence(total - keySz - idx, output + idx);
/* object dhKeyAgreement 1.2.840.113549.1.3.1 */
idx += SetObjectId(sizeof(keyDhOid), output + idx);
XMEMCPY(output + idx, keyDhOid, sizeof(keyDhOid));
idx += sizeof(keyDhOid);
/* DH Parameters sequence with P and G */
total = *outSz - idx;
ret = wc_DhParamsToDer(key, output + idx, &total);
if (ret < 0)
return ret;
idx += total;
/* octect string: priv */
if (exportPriv) {
idx += SetOctetString(privSz, output + idx);
idx += SetASNIntMP(&key->priv, -1, output + idx);
}
else {
/* bit string: public */
idx += SetBitString(pubSz, 0, output + idx);
idx += SetASNIntMP(&key->pub, -1, output + idx);
}
*outSz = idx;
return idx;
}
int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz)
{
return wc_DhKeyToDer(key, out, outSz, 0);
}
int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz)
{
return wc_DhKeyToDer(key, out, outSz, 1);
}
/* Convert DH key parameters to DER format, write to output (outSz)
* If output is NULL then max expected size is set to outSz and LENGTH_ONLY_E is
* returned.
*
* Note : static function due to redefinition complications with DhKey and FIPS
* version 2 build.
*
* return bytes written on success */
int wc_DhParamsToDer(DhKey* key, byte* output, word32* outSz)
{
word32 idx, total;
if (key == NULL || outSz == NULL) {
return BAD_FUNC_ARG;
}
/* determine size */
/* integer - g */
idx = SetASNIntMP(&key->g, -1, NULL);
/* integer - p */
idx += SetASNIntMP(&key->p, -1, NULL);
total = idx;
/* sequence */
idx += SetSequence(idx, NULL);
if (output == NULL) {
*outSz = idx;
return LENGTH_ONLY_E;
}
/* make sure output fits in buffer */
if (idx > *outSz) {
return BUFFER_E;
}
/* write DH parameters */
/* sequence - for P and G only */
idx = SetSequence(total, output);
/* integer - p */
idx += SetASNIntMP(&key->p, -1, output + idx);
/* integer - g */
idx += SetASNIntMP(&key->g, -1, output + idx);
*outSz = idx;
return idx;
}
#endif /* WOLFSSL_DH_EXTRA */
int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
byte* g, word32* gInOutSz)
{

33
wolfcrypt/src/evp.c
View File

@@ -1509,8 +1509,8 @@ int wolfSSL_EVP_PKEY_CTX_ctrl_str(WOLFSSL_EVP_PKEY_CTX *ctx,
}
#endif /* NO_WOLFSSL_STUB */
#if !defined(NO_DH) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION!=2))
#if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
{
int len;
@@ -1619,7 +1619,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_
return WOLFSSL_SUCCESS;
}
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* !NO_DH || HAVE_ECC */
#endif /* (!NO_DH && WOLFSSL_DH_EXTRA) || HAVE_ECC */
/* Uses the WOLFSSL_EVP_PKEY_CTX to decrypt a buffer.
*
@@ -2206,16 +2206,13 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx)
int ret;
WOLFSSL_DH* dh_key = NULL;
(void)dh_key;
/* sanity check */
if (ctx == NULL) {
return WOLFSSL_FAILURE;
}
type = wolfSSL_EVP_PKEY_type(wolfSSL_EVP_PKEY_base_id(ctx->pkey));
switch(type) {
switch (type) {
#if !defined(NO_RSA)
case EVP_PKEY_RSA:
WOLFSSL_MSG("EVP_PKEY_RSA not yet implemented");
@@ -2231,10 +2228,8 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx)
WOLFSSL_MSG("EVP_PKEY_DSA not yet implemented");
return WOLFSSL_FAILURE;
#endif
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if !defined(NO_DH) && !defined(NO_FILESYSTEM)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) \
&& (HAVE_FIPS_VERSION>2))
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
case EVP_PKEY_DH:
dh_key = wolfSSL_EVP_PKEY_get1_DH(ctx->pkey);
if (dh_key != NULL) {
@@ -2246,13 +2241,15 @@ int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx)
return ret;
#endif
#endif
#endif
default:
WOLFSSL_MSG("Unknown PKEY type");
return WOLFSSL_FAILURE;
break;
}
(void)ret;
(void)DH_param_check;
(void)dh_key;
return WOLFSSL_FAILURE;
}
/* Initialize structure for signing
@@ -6333,9 +6330,8 @@ WOLFSSL_EC_KEY* wolfSSL_EVP_PKEY_get1_EC_KEY(WOLFSSL_EVP_PKEY* key)
}
#endif /* HAVE_ECC */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if !defined(NO_DH) && !defined(NO_FILESYSTEM)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
/* with set1 functions the pkey struct does not own the DH structure
* Build the following DH Key format from the passed in WOLFSSL_DH
* then store in WOLFSSL_EVP_PKEY in DER format.
@@ -6414,7 +6410,6 @@ int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
return WOLFSSL_SUCCESS;
}
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
WOLFSSL_DH* wolfSSL_EVP_PKEY_get0_DH(WOLFSSL_EVP_PKEY* key)
{
@@ -6424,7 +6419,6 @@ WOLFSSL_DH* wolfSSL_EVP_PKEY_get0_DH(WOLFSSL_EVP_PKEY* key)
return key->dh;
}
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_DH* wolfSSL_EVP_PKEY_get1_DH(WOLFSSL_EVP_PKEY* key)
{
WOLFSSL_DH* local = NULL;
@@ -6458,8 +6452,7 @@ WOLFSSL_DH* wolfSSL_EVP_PKEY_get1_DH(WOLFSSL_EVP_PKEY* key)
return local;
}
#endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
#endif /* NO_DH && NO_FILESYSTEM */
#endif /* NO_DH && WOLFSSL_DH_EXTRA && NO_FILESYSTEM */
int wolfSSL_EVP_PKEY_assign(WOLFSSL_EVP_PKEY *pkey, int type, void *key)
{

141
wolfcrypt/test/test.c
View File

@@ -11994,6 +11994,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
#if defined(WOLFSSL_DH_EXTRA) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
static const char* dhKeyFile = CERT_ROOT "statickeys/dh-ffdhe2048.der";
static const char* dhKeyPubFile = CERT_ROOT "statickeys/dh-ffdhe2048-pub.der";
#endif
#endif
#ifndef NO_DSA
@@ -16276,10 +16277,15 @@ static int dh_test_check_pubvalue(void)
#if defined(HAVE_FFDHE)
#ifdef HAVE_FFDHE_3072
#define FFDHE_KEY_SIZE (3072/8)
#if defined(HAVE_FFDHE_4096)
#define MAX_DH_PRIV_SZ 39
#define MAX_DH_KEY_SZ 512
#elif defined(HAVE_FFDHE_3072)
#define MAX_DH_PRIV_SZ 34
#define MAX_DH_KEY_SZ 384
#else
#define FFDHE_KEY_SIZE (2048/8)
#define MAX_DH_PRIV_SZ 29
#define MAX_DH_KEY_SZ 256
#endif
#ifndef WC_NO_RNG
@@ -16288,26 +16294,26 @@ static int dh_ffdhe_test(WC_RNG *rng, const DhParams* params)
int ret;
word32 privSz, pubSz, privSz2, pubSz2;
#ifdef WOLFSSL_SMALL_STACK
byte *priv = (byte *)XMALLOC(FFDHE_KEY_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *pub = (byte *)XMALLOC(FFDHE_KEY_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *priv2 = (byte *)XMALLOC(FFDHE_KEY_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *pub2 = (byte *)XMALLOC(FFDHE_KEY_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *agree = (byte *)XMALLOC(FFDHE_KEY_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *agree2 = (byte *)XMALLOC(FFDHE_KEY_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
DhKey *key = (DhKey *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
DhKey *key2 = (DhKey *)XMALLOC(sizeof *key2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *priv = (byte*)XMALLOC(MAX_DH_PRIV_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *pub = (byte*)XMALLOC(MAX_DH_KEY_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *priv2 = (byte*)XMALLOC(MAX_DH_PRIV_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *pub2 = (byte*)XMALLOC(MAX_DH_KEY_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *agree = (byte*)XMALLOC(MAX_DH_KEY_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
byte *agree2 = (byte*)XMALLOC(MAX_DH_KEY_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
DhKey *key = (DhKey*)XMALLOC(sizeof(*key), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
DhKey *key2 = (DhKey*)XMALLOC(sizeof(*key2), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#else
byte priv[FFDHE_KEY_SIZE];
byte pub[FFDHE_KEY_SIZE];
byte priv2[FFDHE_KEY_SIZE];
byte pub2[FFDHE_KEY_SIZE];
byte agree[FFDHE_KEY_SIZE];
byte agree2[FFDHE_KEY_SIZE];
byte priv[MAX_DH_PRIV_SZ];
byte pub[MAX_DH_KEY_SZ];
byte priv2[MAX_DH_PRIV_SZ];
byte pub2[MAX_DH_KEY_SZ];
byte agree[MAX_DH_KEY_SZ];
byte agree2[MAX_DH_KEY_SZ];
DhKey key[1];
DhKey key2[1];
#endif
word32 agreeSz = FFDHE_KEY_SIZE;
word32 agreeSz2 = FFDHE_KEY_SIZE;
word32 agreeSz = MAX_DH_KEY_SZ;
word32 agreeSz2 = MAX_DH_KEY_SZ;
#ifdef WOLFSSL_SMALL_STACK
if ((priv == NULL) ||
@@ -16321,13 +16327,13 @@ static int dh_ffdhe_test(WC_RNG *rng, const DhParams* params)
ERROR_OUT(-8050, done);
#endif
pubSz = FFDHE_KEY_SIZE;
pubSz2 = FFDHE_KEY_SIZE;
privSz = FFDHE_KEY_SIZE;
privSz2 = FFDHE_KEY_SIZE;
pubSz = MAX_DH_KEY_SZ;
pubSz2 = MAX_DH_KEY_SZ;
privSz = MAX_DH_PRIV_SZ;
privSz2 = MAX_DH_PRIV_SZ;
XMEMSET(key, 0, sizeof *key);
XMEMSET(key2, 0, sizeof *key2);
XMEMSET(key, 0, sizeof(*key));
XMEMSET(key2, 0, sizeof(*key2));
ret = wc_InitDhKey_ex(key, HEAP_HINT, devId);
if (ret != 0) {
@@ -16657,67 +16663,120 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
ERROR_OUT(-8120, done);
}
#if !defined(NO_ASN) && !defined(NO_FILESYSTEM)
#ifndef NO_ASN
{
/* DH Private - Key Export / Import */
#ifdef WOLFSSL_SMALL_STACK
byte *tmp2;
#else
byte tmp2[DH_TEST_TMP_SIZE];
#endif
XFILE file = XFOPEN(dhKeyFile, "rb");
if (!file)
ERROR_OUT(-8121, done);
ERROR_OUT(-8130, done);
bytes = (word32)XFREAD(tmp, 1, DH_TEST_TMP_SIZE, file);
XFCLOSE(file);
#ifdef WOLFSSL_SMALL_STACK
tmp2 = (byte*)XMALLOC(DH_TEST_TMP_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
if (tmp2 == NULL)
ERROR_OUT(-8131, done);
#endif
idx = 0;
XMEMSET(tmp2, 0, DH_TEST_TMP_SIZE);
/* Import DH Private key as DER */
ret = wc_DhKeyDecode(tmp, &idx, key, bytes);
if (ret == 0) {
/* Export as DER */
idx = DH_TEST_TMP_SIZE;
ret = wc_DhPrivKeyToDer(key, tmp2, &idx);
}
/* Verify export matches original */
if (ret <= 0 || bytes != idx || XMEMCMP(tmp, tmp2, bytes) != 0) {
ERROR_OUT(-8132, done);
}
/* DH Public Key - Export / Import */
file = XFOPEN(dhKeyPubFile, "rb");
if (!file)
ERROR_OUT(-8133, done);
bytes = (word32)XFREAD(tmp, 1, DH_TEST_TMP_SIZE, file);
XFCLOSE(file);
idx = 0;
XMEMSET(tmp2, 0, DH_TEST_TMP_SIZE);
/* Import DH Public key as DER */
ret = wc_DhKeyDecode(tmp, &idx, key, bytes);
if (ret != 0) {
ERROR_OUT(-8122, done);
if (ret == 0) {
/* Export as DER */
idx = DH_TEST_TMP_SIZE;
ret = wc_DhPubKeyToDer(key, tmp2, &idx);
}
/* Verify export matches original */
if (ret <= 0 || bytes != idx || XMEMCMP(tmp, tmp2, bytes) != 0) {
ERROR_OUT(-8134, done);
}
#ifdef WOLFSSL_SMALL_STACK
XFREE(tmp2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
}
#else
ret = wc_DhSetKey(key, dh_p, sizeof(dh_p), dh_g, sizeof(dh_g));
if (ret != 0) {
ERROR_OUT(-8123, done);
ERROR_OUT(-8121, done);
}
#endif
#endif /* !NO_ASN */
privSz = DH_TEST_BUF_SIZE;
pubSz = DH_TEST_BUF_SIZE;
ret = wc_DhExportKeyPair(key, priv, &privSz, pub, &pubSz);
if (ret != 0) {
ERROR_OUT(-8124, done);
ERROR_OUT(-8122, done);
}
ret = wc_DhImportKeyPair(key2, priv, privSz, pub, pubSz);
if (ret != 0) {
ERROR_OUT(-8125, done);
}
#endif /* WOLFSSL_DH_EXTRA */
#endif /* WOLFSSL_DH_EXTRA && !NO_FILESYSTEM && !FIPS <= 2 */
#ifndef WC_NO_RNG
ret = dh_generate_test(&rng);
if (ret != 0)
ERROR_OUT(-8126, done);
ERROR_OUT(-8123, done);
ret = dh_fips_generate_test(&rng);
if (ret != 0)
ERROR_OUT(-8127, done);
ERROR_OUT(-8124, done);
#endif /* !WC_NO_RNG */
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
ret = dh_test_check_pubvalue();
if (ret != 0)
ERROR_OUT(-8128, done);
ERROR_OUT(-8125, done);
#endif
#ifndef WC_NO_RNG
/* Specialized code for key gen when using FFDHE-2048 and FFDHE-3072. */
/* Specialized code for key gen when using FFDHE-2048, FFDHE-3072 and FFDHE-4096 */
#ifdef HAVE_FFDHE_2048
ret = dh_ffdhe_test(&rng, wc_Dh_ffdhe2048_Get());
if (ret != 0)
ERROR_OUT(-8129, done);
ERROR_OUT(-8126, done);
#endif
#ifdef HAVE_FFDHE_3072
ret = dh_ffdhe_test(&rng, wc_Dh_ffdhe3072_Get());
if (ret != 0)
ERROR_OUT(-8130, done);
ERROR_OUT(-8127, done);
#endif
#ifdef HAVE_FFDHE_4096
ret = dh_ffdhe_test(&rng, wc_Dh_ffdhe4096_Get());
if (ret != 0)
ERROR_OUT(-8128, done);
#endif
#endif /* !WC_NO_RNG */
@@ -16730,7 +16789,7 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
ret = wc_DhSetCheckKey(key, dh_p, sizeof(dh_p), dh_g, sizeof(dh_g),
NULL, 0, 0, &rng);
if (ret != 0)
ERROR_OUT(-8131, done);
ERROR_OUT(-8129, done);
keyInit = 1; /* DhSetCheckKey also initializes the key, free it */
#endif

2
wolfssl/openssl/ssl.h
View File

@@ -1157,11 +1157,13 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
#define DTLS1_2_VERSION 0xFEFD
#define DTLS_MAX_VERSION DTLS1_2_VERSION
#ifndef WOLFSSL_APACHE_HTTPD /* apache uses SSL_CONF_FLAG_FILE to enable conf support */
#define SSL_CONF_FLAG_CMDLINE WOLFSSL_CONF_FLAG_CMDLINE
#define SSL_CONF_FLAG_FILE WOLFSSL_CONF_FLAG_FILE
#define SSL_CONF_FLAG_CERTIFICATE WOLFSSL_CONF_FLAG_CERTIFICATE
#define SSL_CONF_TYPE_STRING WOLFSSL_CONF_TYPE_STRING
#define SSL_CONF_TYPE_FILE WOLFSSL_CONF_TYPE_FILE
#endif
#if defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || defined(OPENSSL_EXTRA) \
|| defined(OPENSSL_ALL)

6
wolfssl/wolfcrypt/asn.h
View File

@@ -1233,12 +1233,6 @@ WOLFSSL_LOCAL int GetASNTag(const byte* input, word32* idx, byte* tag,
WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output);
WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output);
WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output);
#if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_DH) \
|| defined(WOLFSSL_OPENSSH)
WOLFSSL_LOCAL int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz);
WOLFSSL_LOCAL int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz);
WOLFSSL_LOCAL int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
#endif
WOLFSSL_LOCAL int SetASNInt(int len, byte firstByte, byte* output);
WOLFSSL_LOCAL word32 SetBitString(word32 len, byte unusedBits, byte* output);
WOLFSSL_LOCAL word32 SetImplicit(byte tag,byte number,word32 len,byte* output);

11
wolfssl/wolfcrypt/asn_public.h
View File

@@ -59,6 +59,10 @@ This library defines the interface APIs for X509 certificates.
typedef struct WC_RNG WC_RNG;
#define WC_RNG_TYPE_DEFINED
#endif
#ifndef WC_DH_TYPE_DEFINED
typedef struct DhKey DhKey;
#define WC_DH_TYPE_DEFINED
#endif
enum Ecc_Sum {
ECC_SECP112R1_OID = 182,
@@ -517,6 +521,13 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
WOLFSSL_API int wc_DsaKeyToParamsDer(DsaKey* key, byte* output, word32 inLen);
#endif
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
WOLFSSL_LOCAL int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv);
WOLFSSL_API int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz);
WOLFSSL_API int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz);
WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
#endif
#ifdef HAVE_ECC
/* private key helpers */
WOLFSSL_API int wc_EccPrivateKeyDecode(const byte*, word32*,

7
wolfssl/wolfcrypt/dh.h
View File

@@ -46,13 +46,6 @@
#include <wolfssl/wolfcrypt/async.h>
#endif
/* Optional support extended DH public / private keys */
#if !defined(WOLFSSL_DH_EXTRA) && (defined(WOLFSSL_QT) || \
defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
defined(WOLFSSL_STATIC_EPHEMERAL))
#define WOLFSSL_DH_EXTRA
#endif
typedef struct DhParams {
#ifdef HAVE_FFDHE_Q
const byte* q;

14
wolfssl/wolfcrypt/settings.h
View File

@@ -2450,6 +2450,20 @@ extern void uITRON4_free(void *p) ;
#error Small stack cannot be used with no malloc (WOLFSSL_NO_MALLOC)
#endif
/* Enable DH Extra for QT, openssl all, openssh and static ephemeral */
/* Allows export/import of DH key and params as DER */
#if !defined(WOLFSSL_DH_EXTRA) && \
(defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
defined(WOLFSSL_STATIC_EPHEMERAL))
#define WOLFSSL_DH_EXTRA
#endif
/* DH Extra is not supported on FIPS v1 or v2 (is missing DhKey .pub/.priv) */
#if defined(WOLFSSL_DH_EXTRA) && defined(HAVE_FIPS) && \
(!defined(HAVE_FIPS_VERSION) || HAVE_FIPS_VERSION <= 2)
#undef WOLFSSL_DH_EXTRA
#endif
#ifdef __cplusplus
} /* extern "C" */

5
wolfssl/wolfcrypt/types.h
View File

@@ -889,8 +889,9 @@ decouple library dependencies with standard string, memory and so on.
WC_PK_TYPE_EC_KEYGEN = 9,
WC_PK_TYPE_RSA_CHECK_PRIV_KEY = 10,
WC_PK_TYPE_EC_CHECK_PRIV_KEY = 11,
WC_PK_TYPE_MAX = WC_PK_TYPE_EC_CHECK_PRIV_KEY
WC_PK_TYPE_ED448 = 12,
WC_PK_TYPE_CURVE448 = 13,
WC_PK_TYPE_MAX = WC_PK_TYPE_CURVE448
};