From 3f9fe491ccee72a00c041593c011c27db0a29c41 Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Wed, 7 May 2025 12:52:43 -0600 Subject: [PATCH] adjust C# test and set rng with hpke case --- wolfcrypt/src/hpke.c | 15 ++++++++++++++- wrapper/CSharp/user_settings.h | 3 +++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/hpke.c b/wolfcrypt/src/hpke.c index 8ce209fa7..b9252845e 100644 --- a/wolfcrypt/src/hpke.c +++ b/wolfcrypt/src/hpke.c @@ -987,7 +987,7 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey, word16 pubKeySz, byte* sharedSecret) { int ret; -#ifdef ECC_TIMING_RESISTANT +#if defined(ECC_TIMING_RESISTANT) || defined(WOLFSSL_CURVE25519_BLINDING) WC_RNG* rng; #endif word32 dh_len; @@ -1052,9 +1052,22 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey, #endif #if defined(HAVE_CURVE25519) case DHKEM_X25519_HKDF_SHA256: + #ifdef WOLFSSL_CURVE25519_BLINDING + rng = wc_rng_new(NULL, 0, hpke->heap); + + if (rng == NULL) { + ret = RNG_FAILURE_E; + break; + } + + wc_curve25519_set_rng((curve25519_key*)receiverKey, rng); + #endif ret = wc_curve25519_shared_secret_ex( (curve25519_key*)receiverKey, (curve25519_key*)ephemeralKey, dh, &dh_len, EC25519_LITTLE_ENDIAN); + #ifdef WOLFSSL_CURVE25519_BLINDING + wc_rng_free(rng); + #endif break; #endif case DHKEM_X448_HKDF_SHA512: diff --git a/wrapper/CSharp/user_settings.h b/wrapper/CSharp/user_settings.h index 21fb7b11c..98d840f77 100644 --- a/wrapper/CSharp/user_settings.h +++ b/wrapper/CSharp/user_settings.h @@ -60,6 +60,9 @@ #define HAVE_ED25519 #define HAVE_CURVE25519 +/* C# wrapper has ephemeral RNG when creating curve25519 key */ +#define NO_CURVE25519_BLINDING + #define HAVE_AESGCM #define WOLFSSL_AESGCM_STREAM #define WOLFSSL_SHA384