wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6333 from SparkiDev/memusage_6

Browse Source 
Memory usage improvements
This commit is contained in:
David Garske
2023-05-04 09:14:24 -07:00
committed by GitHub
parent 82e502d8a2 d2afe9e5e0
commit 4cdf32e497
18 changed files with 495 additions and 198 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
configure.ac
View File

@@ -7682,6 +7682,11 @@ case $host_cpu in
;;
esac
if test "$ENABLED_LOWRESOURCE" = "yes" && test "$ENABLED_ECC" = "yes" && (test "$ENABLED_RSA" = "yes" || test "$ENABLED_DH" == "yes") && (test "$ENABLED_SP_MATH" = "yes" || test "$ENABLED_SP_MATH_ALL" = "yes")
then
AM_CFLAGS="$AM_CFLAGS -DALT_ECC_SIZE"
fi
################################################################################
# Update ENABLE_* variables #
################################################################################

33
examples/client/client.c
View File

@@ -1260,10 +1260,14 @@ static const char* client_usage_msg[][70] = {
#endif
#ifdef HAVE_SUPPORTED_CURVES
"--onlyPskDheKe Must use DHE key exchange with PSK\n", /* 73 */
#endif
#ifndef NO_PSK
"--openssl-psk Use TLS 1.3 PSK callback compatible with "
"OpenSSL\n", /* 74 */
#endif
"\n"
"For simpler wolfSSL TLS client examples, visit\n"
"https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 74 */
"https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 75 */
NULL,
},
#ifndef NO_MULTIBYTE_PRINT
@@ -1481,11 +1485,15 @@ static const char* client_usage_msg[][70] = {
#endif
#ifdef HAVE_SUPPORTED_CURVES
"--onlyPskDheKe Must use DHE key exchange with PSK\n", /* 73 */
#endif
#ifndef NO_PSK
"--openssl-psk Use TLS 1.3 PSK callback compatible with "
"OpenSSL\n", /* 74 */
#endif
"\n"
"より簡単なwolfSSL TSL クライアントの例については"
"下記にアクセスしてください\n"
"https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 74 */
"https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 75 */
NULL,
},
#endif
@@ -1852,6 +1860,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif
#ifdef HAVE_SUPPORTED_CURVES
{ "onlyPskDheKe", 0, 264 },
#endif
#ifndef NO_PSK
{ "openssl-psk", 0, 265 },
#endif
{ 0, 0, 0 }
};
@@ -1859,6 +1870,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
int version = CLIENT_INVALID_VERSION;
int minVersion = CLIENT_INVALID_VERSION;
int usePsk = 0;
int opensslPsk = 0;
int useAnon = 0;
int sendGET = 0;
int benchmark = 0;
@@ -2066,6 +2078,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
(void)loadCertKeyIntoSSLObj;
(void)usePqc;
(void)pqcAlg;
(void)opensslPsk;
StackTrap();
/* Reinitialize the global myVerifyAction. */
@@ -2678,6 +2691,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#ifdef WOLFSSL_TLS13
onlyPskDheKe = 1;
#endif
#endif
break;
case 265:
#ifndef NO_PSK
opensslPsk = 1;
#endif
break;
default:
@@ -3060,10 +3078,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
#ifdef WOLFSSL_TLS13
#if !defined(WOLFSSL_PSK_TLS13_CB) && !defined(WOLFSSL_PSK_ONE_ID)
wolfSSL_CTX_set_psk_client_cs_callback(ctx, my_psk_client_cs_cb);
#else
wolfSSL_CTX_set_psk_client_tls13_callback(ctx, my_psk_client_tls13_cb);
if (!opensslPsk) {
wolfSSL_CTX_set_psk_client_cs_callback(ctx, my_psk_client_cs_cb);
}
else
#endif
{
wolfSSL_CTX_set_psk_client_tls13_callback(ctx,
my_psk_client_tls13_cb);
}
#endif
if (defaultCipherList == NULL) {
#if defined(HAVE_AESGCM) && !defined(NO_DH)

57
scripts/openssl.test
View File

@@ -1,6 +1,6 @@
#!/bin/bash
#openssl.test
# openssl.test
# Enviornment variables used:
# OPENSSL (openssl app to use)
@@ -409,6 +409,14 @@ OIFS=$IFS # store old separator to reset
#
# Start
#
echo
echo "wolfSSL configuration:"
./config.status --config
echo
echo "OpenSSL version:"
$OPENSSL version -a
echo
ps -p $PPID >/dev/null 2>&1
if [ "$?" = "1" ]
then
@@ -494,51 +502,86 @@ esac
if [ "$wolf_certs" != "" ]
then
echo
# Check if RSA certificates supported in wolfSSL
wolf_rsa=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ca-cert.pem" 2>&1`
case $wolf_rsa in
*"ca file"*)
echo "wolfSSL does not support RSA"
wolf_rsa=""
;;
*)
;;
esac
if [ "$wolf_rsa" != "" ]; then
echo "wolfSSL supports RSA"
fi
# Check if ECC certificates supported in wolfSSL
wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/ca-ecc-cert.pem" 2>&1`
wolf_ecc=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ca-ecc-cert.pem" 2>&1`
case $wolf_ecc in
*"ca file"*)
echo "wolfSSL does not support ECDSA"
wolf_ecc=""
;;
*)
;;
esac
if [ "$wolf_ecc" != "" ]; then
echo "wolfSSL supports ECDSA"
fi
# Check if Ed25519 certificates supported in wolfSSL
wolf_ed25519=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed25519/root-ed25519.pem" 2>&1`
case $wolf_ed25519 in
*"ca file"*)
echo "wolfSSL does not support Ed25519"
wolf_ed25519=""
;;
*)
;;
esac
if [ "$wolf_ed25519" != "" ]; then
echo "wolfSSL supports Ed25519"
fi
# Check if Ed25519 certificates supported in OpenSSL
openssl_ed25519=`$OPENSSL s_client -cert "${CERT_DIR}/ed25519/client-ed25519.pem" -key "${CERT_DIR}/ed25519/client-ed25519-priv.pem" 2>&1`
case $openssl_ed25519 in
*"unable to load"*)
echo "OpenSSL does not support Ed25519"
wolf_ed25519=""
;;
*)
;;
esac
if [ "$wolf_ed25519" != "" ]; then
echo "OpenSSL supports Ed25519"
fi
# Check if Ed448 certificates supported in wolfSSL
wolf_ed448=`$WOLFSSL_CLIENT -A "${CERT_DIR}/ed448/root-ed448.pem" 2>&1`
case $wolf_ed448 in
*"ca file"*)
echo "wolfSSL does not support Ed448"
wolf_ed448=""
;;
*)
;;
esac
if [ "$wolf_ed448" != "" ]; then
echo "wolfSSL supports Ed448"
fi
# Check if Ed448 certificates supported in OpenSSL
openssl_ed448=`$OPENSSL s_client -cert "${CERT_DIR}/ed448/client-ed448.pem" -key "${CERT_DIR}/ed448/client-ed448-priv.pem" 2>&1`
case $openssl_ed448 in
*"unable to load"*)
echo "OpenSSL does not support Ed448"
wolf_ed448=""
;;
*)
;;
esac
if [ "$wolf_ed448" != "" ]; then
echo "OpenSSL supports Ed448"
fi
echo
fi
openssl_tls13=`$OPENSSL s_client -help 2>&1`
@@ -664,7 +707,7 @@ if [ "$wolf_ecdsa" != "" -a "$wolf_ecc" != "" ]
then
cert_file="${CERT_DIR}/server-ecc.pem"
key_file="${CERT_DIR}/ecc-key.pem"
ca_file="${CERT_DIR}/client-ca.pem"
ca_file="${CERT_DIR}/client-ecc-cert.pem"
openssl_suite="ECDH[E]-ECDSA"
start_openssl_server
@@ -727,7 +770,7 @@ then
tls13_psk_openssl_port=$server_port
tls13_psk_openssl_pid=$server_pid
psk="-s"
psk="-s --openssl-psk"
wolfssl_suite="TLSv1.3_PSK"
start_wolfssl_server
tls13_psk_wolfssl_port=$server_port
@@ -977,8 +1020,8 @@ do
*ECDHE-ECDSA*|*ECDH-ECDSA*)
if [ "$wolf_ecc" != "" ]
then
cert="${CERT_DIR}/client-cert.pem"
key="${CERT_DIR}/client-key.pem"
cert="${CERT_DIR}/client-ecc-cert.pem"
key="${CERT_DIR}/ecc-client-key.pem"
caCert="${CERT_DIR}/ca-ecc-cert.pem"
port=$ecdsa_openssl_port
@@ -1090,7 +1133,7 @@ do
wolf_temp_cases_total=$((wolf_temp_cases_total + 1))
port=$tls13_psk_openssl_port
psk="-s"
psk="-s --openssl-psk"
# OpenSSL doesn't support DH for key exchange so do no PSK
# DHE when ECC not supported
if [ "$wolf_ecc" = "" ]

50
src/internal.c
View File

@@ -25415,6 +25415,29 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
if (ret == 0 && hashAlgo > ssl->options.hashAlgo)
break;
#endif
if (IsAtLeastTLSv1_2(ssl) && !IsAtLeastTLSv1_3(ssl->version) &&
(ssl->options.side == WOLFSSL_CLIENT_END)) {
/* TLS 1.2 client deciding hash algorithm for
* CertificateVerify. Hash must be one of the handshake
* hashes being maintained. */
if (1
#ifndef NO_SHA
&& (hashAlgo != sha_mac)
#endif
#ifndef NO_SHA256
&& (hashAlgo != sha256_mac)
#endif
#ifdef WOLFSSL_SHA384
&& (hashAlgo != sha384_mac)
#endif
#ifdef WOLFSSL_SHA512
&& (hashAlgo != sha512_mac)
#endif
)
{
break;
}
}
/* The chosen one - but keep looking. */
ssl->options.hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
@@ -30188,17 +30211,22 @@ int SendCertificateVerify(WOLFSSL* ssl)
}
#endif
#ifndef NO_OLD_TLS
#ifndef NO_SHA
/* old tls default */
SetDigest(ssl, sha_mac);
#endif
#else
#ifndef NO_SHA256
/* new tls default */
SetDigest(ssl, sha256_mac);
#endif
#endif /* !NO_OLD_TLS */
if (!IsAtLeastTLSv1_2(ssl)) {
#ifndef NO_OLD_TLS
#ifndef NO_SHA
/* old tls default */
SetDigest(ssl, sha_mac);
#endif
#else
#ifndef NO_SHA256
/* new tls default */
SetDigest(ssl, sha256_mac);
#endif
#endif /* !NO_OLD_TLS */
}
else {
SetDigest(ssl, ssl->options.hashAlgo);
}
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
#ifdef WC_RSA_PSS

19
src/pk.c
View File

@@ -30,6 +30,15 @@
#include <wolfssl/wolfcrypt/random.h>
#endif
#ifdef HAVE_ECC
#include <wolfssl/wolfcrypt/ecc.h>
#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#if !defined(WOLFSSL_PK_INCLUDED)
#ifndef WOLFSSL_IGNORE_FILE_WARN
#warning pk.c does not need to be compiled separately from ssl.c
@@ -11395,7 +11404,7 @@ static int wolfssl_ec_key_int_copy(ecc_key* dst, const ecc_key* src)
if (ret == 0) {
/* Copy private key. */
ret = mp_copy(&src->k, &dst->k);
ret = mp_copy(wc_ecc_key_get_priv(src), wc_ecc_key_get_priv(dst));
if (ret != MP_OKAY) {
WOLFSSL_MSG("mp_copy error");
}
@@ -12533,7 +12542,8 @@ int SetECKeyExternal(WOLFSSL_EC_KEY* eckey)
/* set the external privkey */
if ((ret == 1) && (key->type == ECC_PRIVATEKEY) &&
(wolfssl_bn_set_value(&eckey->priv_key, &key->k) != 1)) {
(wolfssl_bn_set_value(&eckey->priv_key,
wc_ecc_key_get_priv(key)) != 1)) {
WOLFSSL_MSG("ec priv key error");
ret = -1;
}
@@ -12604,12 +12614,13 @@ int SetECKeyInternal(WOLFSSL_EC_KEY* eckey)
/* set privkey */
if ((ret == 1) && (eckey->priv_key != NULL)) {
if (wolfssl_bn_get_value(eckey->priv_key, &key->k) != 1) {
if (wolfssl_bn_get_value(eckey->priv_key,
wc_ecc_key_get_priv(key)) != 1) {
WOLFSSL_MSG("ec key priv error");
ret = -1;
}
/* private key */
if ((ret == 1) && (!mp_iszero(&key->k))) {
if ((ret == 1) && (!mp_iszero(wc_ecc_key_get_priv(key)))) {
if (pubSet) {
key->type = ECC_PRIVATEKEY;
}

31
tests/api.c
View File

@@ -358,6 +358,12 @@
#endif
#include <wolfssl/certs_test.h>
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
typedef struct testVector {
const char* input;
const char* output;
@@ -27393,25 +27399,30 @@ static int test_wc_ecc_mulmod(void)
}
if (ret == 0) {
ret = wc_ecc_mulmod(&key1.k, &key2.pubkey, &key3.pubkey, &key2.k,
&key3.k, 1);
ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
&key3.pubkey, wc_ecc_key_get_priv(&key2),
wc_ecc_key_get_priv(&key3), 1);
}
/* Test bad args. */
if (ret == 0) {
ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey, &key2.k,
&key3.k, 1);
ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey,
wc_ecc_key_get_priv(&key2),
wc_ecc_key_get_priv(&key3), 1);
if (ret == ECC_BAD_ARG_E) {
ret = wc_ecc_mulmod(&key1.k, NULL, &key3.pubkey, &key2.k,
&key3.k, 1);
ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey,
wc_ecc_key_get_priv(&key2),
wc_ecc_key_get_priv(&key3), 1);
}
if (ret == ECC_BAD_ARG_E) {
ret = wc_ecc_mulmod(&key1.k, &key2.pubkey, NULL, &key2.k,
&key3.k, 1);
ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL,
wc_ecc_key_get_priv(&key2),
wc_ecc_key_get_priv(&key3), 1);
}
if (ret == ECC_BAD_ARG_E) {
ret = wc_ecc_mulmod(&key1.k, &key2.pubkey, &key3.pubkey,
&key2.k, NULL, 1);
ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
&key3.pubkey, wc_ecc_key_get_priv(&key2), NULL,
1);
}
if (ret == ECC_BAD_ARG_E) {
ret = 0;

242
wolfcrypt/src/ecc.c
View File

@@ -3366,8 +3366,43 @@ static int ecc_key_tmp_init(ecc_key* key, void* heap)
{
int err = MP_OKAY;
(void)heap;
XMEMSET(key, 0, sizeof(*key));
#if defined(WOLFSSL_SP_MATH_ALL) && defined(WOLFSSL_SMALL_STACK)
NEW_MP_INT_SIZE(key->t1, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC);
NEW_MP_INT_SIZE(key->t2, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC);
#ifdef ALT_ECC_SIZE
NEW_MP_INT_SIZE(key->x, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC);
NEW_MP_INT_SIZE(key->y, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC);
NEW_MP_INT_SIZE(key->z, ECC_KEY_MAX_BITS(key), heap, DYNAMIC_TYPE_ECC);
#endif
if (key->t1 == NULL || key->t2 == NULL
#ifdef ALT_ECC_SIZE
|| key->x == NULL || key->y == NULL || key->z == NULL
#endif
) {
err = MEMORY_E;
}
if (err == 0) {
err = INIT_MP_INT_SIZE(key->t1, ECC_KEY_MAX_BITS(key));
}
if (err == 0) {
err = INIT_MP_INT_SIZE(key->t2, ECC_KEY_MAX_BITS(key));
}
#ifdef ALT_ECC_SIZE
if (err == 0) {
err = INIT_MP_INT_SIZE(key->x, ECC_KEY_MAX_BITS(key));
}
if (err == 0) {
err = INIT_MP_INT_SIZE(key->y, ECC_KEY_MAX_BITS(key));
}
if (err == 0) {
err = INIT_MP_INT_SIZE(key->z, ECC_KEY_MAX_BITS(key));
}
#endif
#else
key->t1 = (mp_int*)XMALLOC(sizeof(mp_int), heap, DYNAMIC_TYPE_ECC);
key->t2 = (mp_int*)XMALLOC(sizeof(mp_int), heap, DYNAMIC_TYPE_ECC);
#ifdef ALT_ECC_SIZE
@@ -3382,6 +3417,7 @@ static int ecc_key_tmp_init(ecc_key* key, void* heap)
) {
err = MEMORY_E;
}
#endif
return err;
}
@@ -3389,6 +3425,16 @@ static int ecc_key_tmp_init(ecc_key* key, void* heap)
static void ecc_key_tmp_final(ecc_key* key, void* heap)
{
(void)heap;
#if defined(WOLFSSL_SP_MATH_ALL) && defined(WOLFSSL_SMALL_STACK)
#ifdef ALT_ECC_SIZE
FREE_MP_INT_SIZE(key->z, heap, DYNAMIC_TYPE_ECC);
FREE_MP_INT_SIZE(key->y, heap, DYNAMIC_TYPE_ECC);
FREE_MP_INT_SIZE(key->x, heap, DYNAMIC_TYPE_ECC);
#endif
FREE_MP_INT_SIZE(key->t2, heap, DYNAMIC_TYPE_ECC);
FREE_MP_INT_SIZE(key->t1, heap, DYNAMIC_TYPE_ECC);
#else
#ifdef ALT_ECC_SIZE
if (key->z != NULL)
XFREE(key->z, heap, DYNAMIC_TYPE_ECC);
@@ -3401,6 +3447,7 @@ static void ecc_key_tmp_final(ecc_key* key, void* heap)
XFREE(key->t2, heap, DYNAMIC_TYPE_ECC);
if (key->t1 != NULL)
XFREE(key->t1, heap, DYNAMIC_TYPE_ECC);
#endif
}
#endif /* WOLFSSL_SMALL_STACK_CACHE */
#endif /* !WOLFSSL_SP_MATH */
@@ -4459,7 +4506,7 @@ int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
byte* out, word32* outlen)
{
int err = MP_OKAY;
mp_int* k = &private_key->k;
mp_int* k = private_key->k;
#ifdef HAVE_ECC_CDH
#ifdef WOLFSSL_SMALL_STACK
mp_int *k_lcl = NULL;
@@ -4489,7 +4536,7 @@ int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
goto errout;
}
/* multiply cofactor times private key "k" */
err = mp_mul_d(&private_key->k, cofactor, k);
err = mp_mul_d(private_key->k, cofactor, k);
if (err != MP_OKAY)
goto errout;
}
@@ -4722,7 +4769,7 @@ static int wc_ecc_shared_secret_gen_async(ecc_key* private_key,
word32 keySz = private_key->dp->size;
/* sync public key x/y */
err = wc_mp_to_bigint_sz(&private_key->k, &private_key->k.raw, keySz);
err = wc_mp_to_bigint_sz(private_key->k, &private_key->k->raw, keySz);
if (err == MP_OKAY)
err = wc_mp_to_bigint_sz(point->x, &point->x->raw, keySz);
if (err == MP_OKAY)
@@ -4736,7 +4783,7 @@ static int wc_ecc_shared_secret_gen_async(ecc_key* private_key,
NitroxEccGetSize(private_key)*2);
if (err == MP_OKAY)
err = NitroxEcdh(private_key,
&private_key->k.raw, &point->x->raw, &point->y->raw,
&private_key->k->raw, &point->x->raw, &point->y->raw,
private_key->e->raw.buf, &private_key->e->raw.len,
&curve->prime->raw);
#else
@@ -4744,7 +4791,7 @@ static int wc_ecc_shared_secret_gen_async(ecc_key* private_key,
err = wc_ecc_curve_load(private_key->dp, &curve, ECC_CURVE_FIELD_BF);
if (err == MP_OKAY)
err = IntelQaEcdh(&private_key->asyncDev,
&private_key->k.raw, &point->x->raw, &point->y->raw,
&private_key->k->raw, &point->x->raw, &point->y->raw,
out, outlen,
&curve->Af->raw, &curve->Bf->raw, &curve->prime->raw,
private_key->dp->cofactor);
@@ -5061,8 +5108,8 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curve,
key->type = ECC_PRIVATEKEY_ONLY;
}
if ((err == MP_OKAY) && (mp_iszero(&key->k) || mp_isneg(&key->k) ||
(mp_cmp(&key->k, curve->order) != MP_LT)))
if ((err == MP_OKAY) && (mp_iszero(key->k) || mp_isneg(key->k) ||
(mp_cmp(key->k, curve->order) != MP_LT)))
{
err = ECC_PRIV_KEY_E;
}
@@ -5085,10 +5132,10 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curve,
if (err == MP_OKAY && key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
word32 keySz = key->dp->size;
/* sync private key to raw */
err = wc_mp_to_bigint_sz(&key->k, &key->k.raw, keySz);
err = wc_mp_to_bigint_sz(key->k, &key->k->raw, keySz);
if (err == MP_OKAY) {
err = IntelQaEccPointMul(&key->asyncDev,
&key->k.raw, pub->x, pub->y, pub->z,
&key->k->raw, pub->x, pub->y, pub->z,
&curve->Gx->raw, &curve->Gy->raw,
&curve->Af->raw, &curve->Bf->raw, &curve->prime->raw,
key->dp->cofactor);
@@ -5104,19 +5151,19 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curve,
else
#ifndef WOLFSSL_SP_NO_256
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap);
err = sp_ecc_mulmod_base_256(key->k, pub, 1, key->heap);
}
else
#endif
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
err = sp_ecc_mulmod_base_384(&key->k, pub, 1, key->heap);
err = sp_ecc_mulmod_base_384(key->k, pub, 1, key->heap);
}
else
#endif
#ifdef WOLFSSL_SP_521
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP521R1) {
err = sp_ecc_mulmod_base_521(&key->k, pub, 1, key->heap);
err = sp_ecc_mulmod_base_521(key->k, pub, 1, key->heap);
}
else
#endif
@@ -5148,7 +5195,7 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curve,
/* make the public key */
if (err == MP_OKAY) {
/* Map in a separate call as this should be constant time */
err = wc_ecc_mulmod_ex2(&key->k, base, pub, curve->Af, curve->prime,
err = wc_ecc_mulmod_ex2(key->k, base, pub, curve->Af, curve->prime,
curve->order, rng, 0, key->heap);
if (err == MP_MEM) {
err = MEMORY_E;
@@ -5388,7 +5435,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
}
if (err == SA_SILIB_RET_OK) {
err = mp_read_unsigned_bin(&key->k, ucompressed_key, raw_size);
err = mp_read_unsigned_bin(key->k, ucompressed_key, raw_size);
}
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
@@ -5440,7 +5487,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
err = xil_mpi_import(key->pubkey.y, key->keyRaw + key->dp->size,
key->dp->size, key->heap);
if (err == 0)
err = xil_mpi_import(&key->k, key->privKey, key->dp->size, key->heap);
err = xil_mpi_import(key->k, key->privKey, key->dp->size, key->heap);
if (err == 0)
err = mp_set(key->pubkey.z, 1);
if (err) {
@@ -5458,20 +5505,20 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#ifndef WOLFSSL_SP_NO_256
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
#ifndef WC_ECC_NONBLOCK
err = sp_ecc_make_key_256(rng, &key->k, &key->pubkey, key->heap);
err = sp_ecc_make_key_256(rng, key->k, &key->pubkey, key->heap);
#else
if (key->nb_ctx) {
err = sp_ecc_make_key_256_nb(&key->nb_ctx->sp_ctx, rng, &key->k,
err = sp_ecc_make_key_256_nb(&key->nb_ctx->sp_ctx, rng, key->k,
&key->pubkey, key->heap);
}
else {
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_make_key_256_nb(&nb_ctx.sp_ctx, rng, &key->k,
err = sp_ecc_make_key_256_nb(&nb_ctx.sp_ctx, rng, key->k,
&key->pubkey, key->heap);
} while (err == FP_WOULDBLOCK);
#else
err = sp_ecc_make_key_256(rng, &key->k, &key->pubkey, key->heap);
err = sp_ecc_make_key_256(rng, key->k, &key->pubkey, key->heap);
#endif /* WC_ECC_NONBLOCK_ONLY */
}
#endif /* !WC_ECC_NONBLOCK */
@@ -5485,20 +5532,20 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
#ifndef WC_ECC_NONBLOCK
err = sp_ecc_make_key_384(rng, &key->k, &key->pubkey, key->heap);
err = sp_ecc_make_key_384(rng, key->k, &key->pubkey, key->heap);
#else
if (key->nb_ctx) {
err = sp_ecc_make_key_384_nb(&key->nb_ctx->sp_ctx, rng, &key->k,
err = sp_ecc_make_key_384_nb(&key->nb_ctx->sp_ctx, rng, key->k,
&key->pubkey, key->heap);
}
else {
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_make_key_384_nb(&nb_ctx.sp_ctx, rng, &key->k,
err = sp_ecc_make_key_384_nb(&nb_ctx.sp_ctx, rng, key->k,
&key->pubkey, key->heap);
} while (err == FP_WOULDBLOCK);
#else
err = sp_ecc_make_key_384(rng, &key->k, &key->pubkey, key->heap);
err = sp_ecc_make_key_384(rng, key->k, &key->pubkey, key->heap);
#endif /* WC_ECC_NONBLOCK_ONLY */
}
#endif /* !WC_ECC_NONBLOCK */
@@ -5512,20 +5559,20 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#ifdef WOLFSSL_SP_521
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP521R1) {
#ifndef WC_ECC_NONBLOCK
err = sp_ecc_make_key_521(rng, &key->k, &key->pubkey, key->heap);
err = sp_ecc_make_key_521(rng, key->k, &key->pubkey, key->heap);
#else
if (key->nb_ctx) {
err = sp_ecc_make_key_521_nb(&key->nb_ctx->sp_ctx, rng, &key->k,
err = sp_ecc_make_key_521_nb(&key->nb_ctx->sp_ctx, rng, key->k,
&key->pubkey, key->heap);
}
else {
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_make_key_521_nb(&nb_ctx.sp_ctx, rng, &key->k,
err = sp_ecc_make_key_521_nb(&nb_ctx.sp_ctx, rng, key->k,
&key->pubkey, key->heap);
} while (err == FP_WOULDBLOCK);
#else
err = sp_ecc_make_key_521(rng, &key->k, &key->pubkey, key->heap);
err = sp_ecc_make_key_521(rng, key->k, &key->pubkey, key->heap);
#endif /* WC_ECC_NONBLOCK_ONLY */
}
#endif /* !WC_ECC_NONBLOCK */
@@ -5545,7 +5592,12 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
DECLARE_CURVE_SPECS(ECC_CURVE_FIELD_COUNT);
/* setup the key variables */
err = mp_init(&key->k);
#ifndef ALT_ECC_SIZE
err = mp_init(key->k);
#else
key->k = (mp_int*)key->ka;
alt_fp_init(key->k);
#endif
/* load curve info */
if (err == MP_OKAY) {
@@ -5557,7 +5609,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
/* generate k */
if (err == MP_OKAY) {
err = wc_ecc_gen_k(rng, key->dp->size, &key->k, curve->order);
err = wc_ecc_gen_k(rng, key->dp->size, key->k, curve->order);
}
/* generate public key from k */
@@ -5574,7 +5626,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
}
else {
/* cleanup these on failure case only */
mp_forcezero(&key->k);
mp_forcezero(key->k);
}
/* cleanup allocations */
@@ -5585,7 +5637,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
#ifdef HAVE_WOLF_BIGINT
if (err == MP_OKAY)
err = wc_mp_to_bigint(&key->k, &key->k.raw);
err = wc_mp_to_bigint(key->k, &key->k->raw);
if (err == MP_OKAY)
err = wc_mp_to_bigint(key->pubkey.x, &key->pubkey.x->raw);
if (err == MP_OKAY)
@@ -5774,12 +5826,10 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
alt_fp_init(key->pubkey.x);
alt_fp_init(key->pubkey.y);
alt_fp_init(key->pubkey.z);
ret = mp_init(&key->k);
if (ret != MP_OKAY) {
return MEMORY_E;
}
key->k = (mp_int*)key->ka;
alt_fp_init(key->k);
#else
ret = mp_init_multi(&key->k, key->pubkey.x, key->pubkey.y, key->pubkey.z,
ret = mp_init_multi(key->k, key->pubkey.x, key->pubkey.y, key->pubkey.z,
NULL, NULL);
if (ret != MP_OKAY) {
return MEMORY_E;
@@ -5818,7 +5868,7 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId)
#endif
#ifdef WOLFSSL_CHECK_MEM_ZERO
mp_memzero_add("ECC k", &key->k);
mp_memzero_add("ECC k", key->k);
#endif
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
@@ -6385,7 +6435,7 @@ static int deterministic_sign_helper(const byte* in, word32 inlen, ecc_key* key)
/* currently limiting to SHA256 for auto create */
if (mp_init(key->sign_k) != MP_OKAY ||
wc_ecc_gen_deterministic_k(in, inlen,
WC_HASH_TYPE_SHA256, &key->k, key->sign_k,
WC_HASH_TYPE_SHA256, key->k, key->sign_k,
curve->order, key->heap) != 0) {
mp_free(key->sign_k);
XFREE(key->sign_k, key->heap, DYNAMIC_TYPE_ECC);
@@ -6404,7 +6454,7 @@ static int deterministic_sign_helper(const byte* in, word32 inlen, ecc_key* key)
#else
key->sign_k_set = 0;
/* currently limiting to SHA256 for auto create */
if (wc_ecc_gen_deterministic_k(in, inlen, WC_HASH_TYPE_SHA256, &key->k,
if (wc_ecc_gen_deterministic_k(in, inlen, WC_HASH_TYPE_SHA256, key->k,
key->sign_k, curve->order, key->heap) != 0) {
err = ECC_PRIV_KEY_E;
}
@@ -6494,7 +6544,7 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
}
/* use provided sign_k */
err = mp_copy(key->sign_k, &pubkey->k);
err = mp_copy(key->sign_k, pubkey->k);
if (err != MP_OKAY) break;
/* free sign_k, so only used once */
@@ -6529,7 +6579,7 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
}
#ifdef WOLFSSL_CHECK_MEM_ZERO
if (err == MP_OKAY) {
mp_memzero_add("ecc_sign_hash_sw k", &pubkey->k);
mp_memzero_add("ecc_sign_hash_sw k", pubkey->k);
}
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -6543,15 +6593,15 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
if (err != MP_OKAY) break;
if (mp_iszero(r) == MP_NO) {
mp_int* ep = &pubkey->k;
mp_int* kp = &pubkey->k;
mp_int* x = &key->k;
mp_int* ep = pubkey->k;
mp_int* kp = pubkey->k;
mp_int* x = key->k;
/* find s = (e + xr)/k
= b.(e/k.b + x.r/k.b) */
/* k' = k.b */
err = mp_mulmod(&pubkey->k, b, curve->order, kp);
err = mp_mulmod(pubkey->k, b, curve->order, kp);
if (err != MP_OKAY) break;
/* k' = 1/k.b
@@ -6593,7 +6643,7 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
mp_clear(pubkey->pubkey.y);
mp_clear(pubkey->pubkey.z);
#endif
mp_forcezero(&pubkey->k);
mp_forcezero(pubkey->k);
}
mp_forcezero(b);
FREE_MP_INT_SIZE(b, key->heap, DYNAMIC_TYPE_ECC);
@@ -6630,12 +6680,12 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
#endif
if (key->nb_ctx) {
return sp_ecc_sign_256_nb(&key->nb_ctx->sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
key->k, r, s, sign_k, key->heap);
}
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_sign_256_nb(&nb_ctx.sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
key->k, r, s, sign_k, key->heap);
} while (err == FP_WOULDBLOCK);
return err;
#endif
@@ -6644,7 +6694,7 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
{
int ret;
SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_sign_256(in, inlen, rng, &key->k, r, s, sign_k,
ret = sp_ecc_sign_256(in, inlen, rng, key->k, r, s, sign_k,
key->heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -6660,12 +6710,12 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
#endif
if (key->nb_ctx) {
return sp_ecc_sign_384_nb(&key->nb_ctx->sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
key->k, r, s, sign_k, key->heap);
}
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_sign_384_nb(&nb_ctx.sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
key->k, r, s, sign_k, key->heap);
} while (err == FP_WOULDBLOCK);
return err;
#endif
@@ -6674,7 +6724,7 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
{
int ret;
SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_sign_384(in, inlen, rng, &key->k, r, s, sign_k,
ret = sp_ecc_sign_384(in, inlen, rng, key->k, r, s, sign_k,
key->heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -6690,12 +6740,12 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
#endif
if (key->nb_ctx) {
return sp_ecc_sign_521_nb(&key->nb_ctx->sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
key->k, r, s, sign_k, key->heap);
}
#ifdef WC_ECC_NONBLOCK_ONLY
do { /* perform blocking call to non-blocking function */
err = sp_ecc_sign_521_nb(&nb_ctx.sp_ctx, in, inlen, rng,
&key->k, r, s, sign_k, key->heap);
key->k, r, s, sign_k, key->heap);
} while (err == FP_WOULDBLOCK);
return err;
#endif
@@ -6704,7 +6754,7 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
{
int ret;
SAVE_VECTOR_REGISTERS(return _svr_ret;);
ret = sp_ecc_sign_521(in, inlen, rng, &key->k, r, s, sign_k,
ret = sp_ecc_sign_521(in, inlen, rng, key->k, r, s, sign_k,
key->heap);
RESTORE_VECTOR_REGISTERS();
return ret;
@@ -6925,7 +6975,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
if (err == MP_OKAY)
err = wc_mp_to_bigint_sz(e, &e->raw, keySz);
if (err == MP_OKAY)
err = wc_mp_to_bigint_sz(&key->k, &key->k.raw, keySz);
err = wc_mp_to_bigint_sz(key->k, &key->k->raw, keySz);
if (err == MP_OKAY)
err = wc_ecc_gen_k(rng, key->dp->size, k, curve->order);
if (err == MP_OKAY)
@@ -6933,11 +6983,11 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
#ifdef HAVE_CAVIUM_V
if (err == MP_OKAY)
err = NitroxEcdsaSign(key, &e->raw, &key->k.raw, &k->raw,
err = NitroxEcdsaSign(key, &e->raw, &key->k->raw, &k->raw,
&r->raw, &s->raw, &curve->prime->raw, &curve->order->raw);
#else
if (err == MP_OKAY)
err = IntelQaEcdsaSign(&key->asyncDev, &e->raw, &key->k.raw,
err = IntelQaEcdsaSign(&key->asyncDev, &e->raw, &key->k->raw,
&k->raw, &r->raw, &s->raw, &curve->Af->raw, &curve->Bf->raw,
&curve->prime->raw, &curve->order->raw, &curve->Gx->raw,
&curve->Gy->raw);
@@ -7438,7 +7488,7 @@ int wc_ecc_free(ecc_key* key)
mp_clear(key->pubkey.y);
mp_clear(key->pubkey.z);
mp_forcezero(&key->k);
mp_forcezero(key->k);
#ifdef WOLFSSL_CUSTOM_CURVES
if (key->deallocSet && key->dp != NULL)
@@ -7900,7 +7950,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
#endif
XFREE(key->t2, heap, DYNAMIC_TYPE_ECC);
XFREE(key->t1, heap, DYNAMIC_TYPE_ECC);
XFREE(key, heap, DYNAMIC_TYPE_ECC);
XFREE(key, heap, DYNAMIC_TYPE_ECC_BUFFER);
C->key = NULL;
#endif
#ifdef WOLFSSL_SMALL_STACK
@@ -9473,7 +9523,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
#ifndef WOLFSSL_SP_NO_256
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
if (err == MP_OKAY) {
err = sp_ecc_mulmod_base_256(&key->k, res, 1, key->heap);
err = sp_ecc_mulmod_base_256(key->k, res, 1, key->heap);
}
}
else
@@ -9481,7 +9531,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
if (err == MP_OKAY) {
err = sp_ecc_mulmod_base_384(&key->k, res, 1, key->heap);
err = sp_ecc_mulmod_base_384(key->k, res, 1, key->heap);
}
}
else
@@ -9489,7 +9539,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
#ifdef WOLFSSL_SP_521
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP521R1) {
if (err == MP_OKAY) {
err = sp_ecc_mulmod_base_521(&key->k, res, 1, key->heap);
err = sp_ecc_mulmod_base_521(key->k, res, 1, key->heap);
}
}
else
@@ -9542,11 +9592,11 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
#else
#ifdef ECC_TIMING_RESISTANT
if (err == MP_OKAY)
err = wc_ecc_mulmod_ex2(&key->k, base, res, a, prime, curve->order,
err = wc_ecc_mulmod_ex2(key->k, base, res, a, prime, curve->order,
key->rng, 1, key->heap);
#else
if (err == MP_OKAY)
err = wc_ecc_mulmod_ex2(&key->k, base, res, a, prime, curve->order,
err = wc_ecc_mulmod_ex2(key->k, base, res, a, prime, curve->order,
NULL, 1, key->heap);
#endif
#endif /* WOLFSSL_KCAPI_ECC */
@@ -9813,25 +9863,25 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
#ifndef WOLFSSL_SP_NO_256
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
return sp_ecc_check_key_256(key->pubkey.x, key->pubkey.y,
key->type == ECC_PRIVATEKEY ? &key->k : NULL, key->heap);
key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
}
#endif
#ifdef WOLFSSL_SP_384
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
return sp_ecc_check_key_384(key->pubkey.x, key->pubkey.y,
key->type == ECC_PRIVATEKEY ? &key->k : NULL, key->heap);
key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
}
#endif
#ifdef WOLFSSL_SP_521
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP521R1) {
return sp_ecc_check_key_521(key->pubkey.x, key->pubkey.y,
key->type == ECC_PRIVATEKEY ? &key->k : NULL, key->heap);
key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
}
#endif
#if defined(WOLFSSL_SP_1024) && defined(WOLFCRYPT_HAVE_SAKKE)
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SAKKE_1) {
return sp_ecc_check_key_1024(key->pubkey.x, key->pubkey.y,
key->type == ECC_PRIVATEKEY ? &key->k : NULL, key->heap);
key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
}
#endif
#endif
@@ -9946,8 +9996,8 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
/* SP 800-56Ar3, section 5.6.2.1.2 */
/* private keys must be in the range [1, n-1] */
if ((err == MP_OKAY) && (key->type == ECC_PRIVATEKEY) &&
(mp_iszero(&key->k) || mp_isneg(&key->k) ||
(mp_cmp(&key->k, curve->order) != MP_LT))
(mp_iszero(key->k) || mp_isneg(key->k) ||
(mp_cmp(key->k, curve->order) != MP_LT))
#ifdef WOLFSSL_KCAPI_ECC
&& key->handle == NULL
#endif
@@ -10029,9 +10079,10 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
alt_fp_init(key->pubkey.x);
alt_fp_init(key->pubkey.y);
alt_fp_init(key->pubkey.z);
err = mp_init(&key->k);
key->k = (mp_int*)key->ka;
alt_fp_init(key->k);
#else
err = mp_init_multi(&key->k,
err = mp_init_multi(key->k,
key->pubkey.x, key->pubkey.y, key->pubkey.z, NULL, NULL);
#endif
if (err != MP_OKAY)
@@ -10277,7 +10328,7 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
mp_clear(key->pubkey.x);
mp_clear(key->pubkey.y);
mp_clear(key->pubkey.z);
mp_clear(&key->k);
mp_clear(key->k);
}
RESTORE_VECTOR_REGISTERS();
@@ -10336,7 +10387,7 @@ int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
return BUFFER_E;
}
err = wc_export_int(&key->k, d, dLen, keySz + WC_CAAM_MAC_SZ,
err = wc_export_int(key->k, d, dLen, keySz + WC_CAAM_MAC_SZ,
encType);
*dLen = keySz + WC_CAAM_MAC_SZ;
}
@@ -10358,7 +10409,7 @@ int wc_ecc_export_ex(ecc_key* key, byte* qx, word32* qxLen,
else
#endif
{
err = wc_export_int(&key->k, d, dLen, keySz, encType);
err = wc_export_int(key->k, d, dLen, keySz, encType);
if (err != MP_OKAY)
return err;
}
@@ -10490,11 +10541,11 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
return ret;
}
ret = mp_read_unsigned_bin(&key->k, priv, privSz);
ret = mp_read_unsigned_bin(key->k, priv, privSz);
}
#elif defined(WOLFSSL_SILABS_SE_ACCEL)
if (ret == MP_OKAY)
ret = mp_read_unsigned_bin(&key->k, priv, privSz);
ret = mp_read_unsigned_bin(key->k, priv, privSz);
if (ret == MP_OKAY) {
if (pub) {
@@ -10533,12 +10584,12 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
}
#else
key->blackKey = CAAM_BLACK_KEY_CCM;
ret = mp_read_unsigned_bin(&key->k, priv, privSz);
ret = mp_read_unsigned_bin(key->k, priv, privSz);
#endif
}
else {
key->blackKey = 0;
ret = mp_read_unsigned_bin(&key->k, priv, privSz);
ret = mp_read_unsigned_bin(key->k, priv, privSz);
/* If using AES-ECB encrypted black keys check here if key is valid,
* if not valid than assume is an encrypted key. A public key is needed
@@ -10565,11 +10616,11 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
SAVE_VECTOR_REGISTERS(return _svr_ret;);
#endif
ret = mp_read_unsigned_bin(&key->k, priv, privSz);
ret = mp_read_unsigned_bin(key->k, priv, privSz);
#ifdef HAVE_WOLF_BIGINT
if (ret == 0 &&
wc_bigint_from_unsigned_bin(&key->k.raw, priv, privSz) != 0) {
mp_clear(&key->k);
wc_bigint_from_unsigned_bin(&key->k->raw, priv, privSz) != 0) {
mp_clear(key->k);
ret = ASN_GETINT_E;
}
#endif /* HAVE_WOLF_BIGINT */
@@ -10594,7 +10645,7 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
if (ret == 0) {
ret = mp_read_radix(order, key->dp->order, MP_RADIX_HEX);
}
if ((ret == 0) && (mp_cmp(&key->k, order) != MP_LT)) {
if ((ret == 0) && (mp_cmp(key->k, order) != MP_LT)) {
ret = ECC_PRIV_KEY_E;
}
@@ -10787,9 +10838,10 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
alt_fp_init(key->pubkey.x);
alt_fp_init(key->pubkey.y);
alt_fp_init(key->pubkey.z);
err = mp_init(&key->k);
key->k = (mp_int*)key->ka;
alt_fp_init(key->k);
#else
err = mp_init_multi(&key->k, key->pubkey.x, key->pubkey.y, key->pubkey.z,
err = mp_init_multi(key->k, key->pubkey.x, key->pubkey.y, key->pubkey.z,
NULL, NULL);
#endif
if (err != MP_OKAY)
@@ -10940,12 +10992,12 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
key->type = ECC_PRIVATEKEY;
if (encType == WC_TYPE_HEX_STR)
err = mp_read_radix(&key->k, d, MP_RADIX_HEX);
err = mp_read_radix(key->k, d, MP_RADIX_HEX);
else
err = mp_read_unsigned_bin(&key->k, (const byte*)d,
err = mp_read_unsigned_bin(key->k, (const byte*)d,
key->dp->size);
if (err == MP_OKAY) {
err = wc_export_int(&key->k, &keyRaw[0], &keySz, keySz,
err = wc_export_int(key->k, &keyRaw[0], &keySz, keySz,
WC_TYPE_UNSIGNED_BIN);
}
@@ -10965,17 +11017,17 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
#else
key->type = ECC_PRIVATEKEY;
if (encType == WC_TYPE_HEX_STR)
err = mp_read_radix(&key->k, d, MP_RADIX_HEX);
err = mp_read_radix(key->k, d, MP_RADIX_HEX);
else {
#if defined(WOLFSSL_QNX_CAAM) || defined(WOLFSSL_IMXRT1170_CAAM)
if (key->blackKey == CAAM_BLACK_KEY_CCM) {
err = mp_read_unsigned_bin(&key->k, (const byte*)d,
err = mp_read_unsigned_bin(key->k, (const byte*)d,
key->dp->size + WC_CAAM_MAC_SZ);
}
else
#endif /* WOLFSSL_QNX_CAAM */
{
err = mp_read_unsigned_bin(&key->k, (const byte*)d,
err = mp_read_unsigned_bin(key->k, (const byte*)d,
(word32)key->dp->size);
}
}
@@ -10983,14 +11035,14 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
if (err == MP_OKAY) {
const word32 key_size = key->dp->size;
word32 buf_size = key_size;
err = wc_export_int(&key->k, key->privKey,
err = wc_export_int(key->k, key->privKey,
&buf_size, key_size, WC_TYPE_UNSIGNED_BIN);
mp_reverse(key->privKey, key_size);
}
#endif
#endif /* #else-case of custom HW-specific implementations */
if (mp_iszero(&key->k) || mp_isneg(&key->k)) {
if (mp_iszero(key->k) || mp_isneg(key->k)) {
WOLFSSL_MSG("Invalid private key");
err = BAD_FUNC_ARG;
}
@@ -11023,7 +11075,7 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
mp_clear(key->pubkey.x);
mp_clear(key->pubkey.y);
mp_clear(key->pubkey.z);
mp_clear(&key->k);
mp_clear(key->k);
#if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
ForceZero(key->keyRaw, sizeof(key->keyRaw));
#endif

32
wolfcrypt/src/eccsi.c
View File

@@ -43,6 +43,12 @@
#include <wolfssl/wolfcrypt/sp.h>
#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
/**
* Initialize the components of the ECCSI key and use the specified curve.
*
@@ -594,7 +600,8 @@ static int eccsi_encode_key(EccsiKey* key, byte* data)
word32 sz = (word32)key->ecc.dp->size * 2;
/* Write out the secret value into key size bytes. */
err = mp_to_unsigned_bin_len(&key->ecc.k, data, key->ecc.dp->size);
err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data,
key->ecc.dp->size);
if (err == 0) {
data += key->ecc.dp->size;
/* Write the public key. */
@@ -676,7 +683,8 @@ static int eccsi_decode_key(EccsiKey* key, const byte* data)
int err;
/* Read the secret value from key size bytes. */
err = mp_read_unsigned_bin(&key->ecc.k, data, key->ecc.dp->size);
err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
key->ecc.dp->size);
if (err == 0) {
data += key->ecc.dp->size;
/* Read public key. */
@@ -771,7 +779,8 @@ int wc_ExportEccsiPrivateKey(EccsiKey* key, byte* data, word32* sz)
}
}
if (err == 0) {
err = mp_to_unsigned_bin_len(&key->ecc.k, data, key->ecc.dp->size);
err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data,
key->ecc.dp->size);
}
return err;
@@ -804,7 +813,8 @@ int wc_ImportEccsiPrivateKey(EccsiKey* key, const byte* data, word32 sz)
}
if (err == 0) {
err = mp_read_unsigned_bin(&key->ecc.k, data, key->ecc.dp->size);
err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
key->ecc.dp->size);
}
return err;
@@ -907,18 +917,20 @@ static int eccsi_make_pair(EccsiKey* key, WC_RNG* rng,
err = mp_read_unsigned_bin(ssk, key->data, hashSz);
}
if (err == 0) {
err = mp_mulmod(ssk, &key->pubkey.k, &key->params.order, ssk);
err = mp_mulmod(ssk, wc_ecc_key_get_priv(&key->pubkey),
&key->params.order, ssk);
}
if (err == 0) {
err = mp_addmod(ssk, &key->ecc.k, &key->params.order, ssk);
err = mp_addmod(ssk, wc_ecc_key_get_priv(&key->ecc),
&key->params.order, ssk);
}
}
while ((err == 0) && (mp_iszero(ssk) ||
(mp_cmp(ssk, &key->ecc.k) == MP_EQ)));
(mp_cmp(ssk, wc_ecc_key_get_priv(&key->ecc)) == MP_EQ)));
/* Step 5: ensure SSK and HS are non-zero (code lines above) */
/* Step 6: Copy out SSK (done during calc) and PVT. Erase v */
mp_forcezero(&key->pubkey.k);
mp_forcezero(wc_ecc_key_get_priv(&key->pubkey));
return err;
}
@@ -2005,7 +2017,7 @@ int wc_SignEccsiHash(EccsiKey* key, WC_RNG* rng, enum wc_HashType hashType,
err = mp_invmod(s, &key->params.order, s);
}
if (err == 0) {
j = &key->pubkey.k;
j = wc_ecc_key_get_priv(&key->pubkey);
err = mp_mulmod(s, j, &key->params.order, s);
}
if (err == 0) {
@@ -2215,7 +2227,7 @@ int wc_VerifyEccsiHash(EccsiKey* key, enum wc_HashType hashType,
SAVE_VECTOR_REGISTERS(return _svr_ret;);
/* Decode the signature into components. */
r = &key->pubkey.k;
r = wc_ecc_key_get_priv(&key->pubkey);
pvt = &key->pubkey.pubkey;
err = eccsi_decode_sig_r_pvt(key, sig, sigSz, r, pvt);

24
wolfcrypt/src/port/caam/wolfcaam_ecdsa.c
View File

@@ -47,6 +47,12 @@
#include <stdio.h>
#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#if defined(WOLFSSL_DEVCRYPTO_ECDSA)
/* offload calls through devcrypto support */
@@ -79,7 +85,8 @@ static int wc_CAAM_DevEccSign(const byte* in, int inlen, byte* out,
keySz = wc_ecc_size(key);
/* private key */
if (mp_to_unsigned_bin_len(&key->k, pk, keySz) != MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), pk, keySz) != MP_OKAY)
{
return MP_TO_E;
}
@@ -191,7 +198,8 @@ static int wc_CAAM_DevEcdh(ecc_key* private_key, ecc_key* public_key, byte* out,
XMEMCPY(qxy+qxSz, qy, qySz);
/* private key */
if (mp_to_unsigned_bin_len(&private_key->k, pk, keySz) != MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), pk, keySz) !=
MP_OKAY) {
WOLFSSL_MSG("error getting private key buffer");
return MP_TO_E;
}
@@ -330,14 +338,15 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
}
else {
if (key->blackKey == CAAM_BLACK_KEY_CCM) {
if (mp_to_unsigned_bin_len(&key->k, pk, keySz + WC_CAAM_MAC_SZ)
!= MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), pk,
keySz + WC_CAAM_MAC_SZ) != MP_OKAY) {
return MP_TO_E;
}
buf[idx].Length = keySz + WC_CAAM_MAC_SZ;
}
else {
if (mp_to_unsigned_bin_len(&key->k, pk, keySz) != MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), pk, keySz) !=
MP_OKAY) {
return MP_TO_E;
}
buf[idx].Length = keySz;
@@ -599,14 +608,15 @@ int wc_CAAM_Ecdh(ecc_key* private_key, ecc_key* public_key, byte* out,
}
if (private_key->blackKey == CAAM_BLACK_KEY_CCM) {
if (mp_to_unsigned_bin_len(&private_key->k, pk,
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), pk,
keySz + WC_CAAM_MAC_SZ) != MP_OKAY) {
return MP_TO_E;
}
buf[idx].Length = keySz + WC_CAAM_MAC_SZ;
}
else {
if (mp_to_unsigned_bin_len(&private_key->k, pk, keySz) != MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), pk,
keySz) != MP_OKAY) {
return MP_TO_E;
}
buf[idx].Length = keySz;

18
wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
View File

@@ -31,6 +31,12 @@
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#if defined(FSL_FEATURE_HAS_L1CACHE) || defined(__DCACHE_PRESENT)
/* Setup for if memory is cached */
AT_NONCACHEABLE_SECTION(static caam_job_ring_interface_t jr0);
@@ -439,13 +445,14 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
}
else {
if (key->blackKey == CAAM_BLACK_KEY_CCM) {
if (mp_to_unsigned_bin_len(&key->k, k, kSz + WC_CAAM_MAC_SZ)
!= MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), k,
kSz + WC_CAAM_MAC_SZ) != MP_OKAY) {
return MP_TO_E;
}
}
else {
if (mp_to_unsigned_bin_len(&key->k, k, kSz) != MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(key), k, kSz) !=
MP_OKAY) {
return MP_TO_E;
}
}
@@ -696,13 +703,14 @@ int wc_CAAM_Ecdh(ecc_key* private_key, ecc_key* public_key, byte* out,
}
if (private_key->blackKey == CAAM_BLACK_KEY_CCM) {
if (mp_to_unsigned_bin_len(&private_key->k, k,
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), k,
keySz + WC_CAAM_MAC_SZ) != MP_OKAY) {
return MP_TO_E;
}
}
else {
if (mp_to_unsigned_bin_len(&private_key->k, k, keySz) != MP_OKAY) {
if (mp_to_unsigned_bin_len(wc_ecc_key_get_priv(private_key), k, keySz)
!= MP_OKAY) {
return MP_TO_E;
}
}

21
wolfcrypt/src/port/kcapi/kcapi_ecc.c
View File

@@ -34,6 +34,12 @@
#include <wolfssl/wolfcrypt/port/kcapi/kcapi_ecc.h>
#include <wolfssl/wolfcrypt/ecc.h>
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#ifndef ECC_CURVE_NIST_P256
#define ECC_CURVE_NIST_P256 2
#endif
@@ -113,10 +119,11 @@ int KcapiEcc_LoadKey(ecc_key* key, byte* pubkey_raw, word32* pubkey_sz,
/* set the key */
if (ret == 0) {
if (mp_iszero(&key->k) != MP_YES) {
if (mp_iszero(wc_ecc_key_get_priv(key)) != MP_YES) {
/* if a private key value is set, load and use it */
byte priv[MAX_ECC_BYTES];
ret = wc_export_int(&key->k, priv, &keySz, keySz, WC_TYPE_UNSIGNED_BIN);
ret = wc_export_int(wc_ecc_key_get_priv(key), priv, &keySz, keySz,
WC_TYPE_UNSIGNED_BIN);
if (ret == 0) {
ret = kcapi_kpp_setkey(key->handle, priv, keySz);
}
@@ -231,10 +238,10 @@ int KcapiEcc_SharedSecret(ecc_key* private_key, ecc_key* public_key, byte* out,
}
/* if a private key value is set, load and use it */
if (ret == 0 && mp_iszero(&private_key->k) != MP_YES) {
if (ret == 0 && mp_iszero(wc_ecc_key_get_priv(private_key)) != MP_YES) {
byte priv[MAX_ECC_BYTES];
ret = wc_export_int(&private_key->k, priv, &keySz, keySz,
WC_TYPE_UNSIGNED_BIN);
ret = wc_export_int(wc_ecc_key_get_priv(private_key), priv, &keySz,
keySz, WC_TYPE_UNSIGNED_BIN);
if (ret == 0) {
ret = kcapi_kpp_setkey(private_key->handle, priv, keySz);
if (ret >= 0) {
@@ -302,8 +309,8 @@ static int KcapiEcc_SetPrivKey(ecc_key* key)
else
#endif
{
ret = wc_export_int(&key->k, priv + KCAPI_PARAM_SZ, &keySz, keySz,
WC_TYPE_UNSIGNED_BIN);
ret = wc_export_int(wc_ecc_key_get_priv(key), priv + KCAPI_PARAM_SZ,
&keySz, keySz, WC_TYPE_UNSIGNED_BIN);
}
}
if (ret == 0) {

11
wolfcrypt/src/port/maxim/maxq10xx.c
View File

@@ -43,6 +43,12 @@
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/port/maxim/MXQ_API.h>
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#ifdef MAXQ_DEBUG
void dbg_dumphex(const char *identifier, const uint8_t* pdata, uint32_t plen);
#else
@@ -525,8 +531,9 @@ int wc_MAXQ10XX_EccSetKey(ecc_key* key, word32 keysize)
if (err == 0) {
if ((keytype == ECC_PRIVATEKEY) || (keytype == ECC_PRIVATEKEY_ONLY)) {
err = wc_export_int(&key->k, key->maxq_ctx.ecc_key + (2 * keysize),
&bufflen, keysize, WC_TYPE_UNSIGNED_BIN);
err = wc_export_int(wc_ecc_key_get_priv(key),
key->maxq_ctx.ecc_key + (2 * keysize), &bufflen, keysize,
WC_TYPE_UNSIGNED_BIN);
}
}

29
wolfcrypt/src/port/silabs/silabs_ecc.c
View File

@@ -32,6 +32,11 @@
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#define SILABS_UNSUPPORTED_KEY_TYPE 0xFFFFFFFF
@@ -163,7 +168,7 @@ int silabs_ecc_make_key(ecc_key* key, int keysize)
mp_read_unsigned_bin (key->pubkey.y,
key->key.storage.location.buffer.pointer + keysize,
keysize);
mp_read_unsigned_bin (&key->k,
mp_read_unsigned_bin (wc_ecc_key_get_priv(key),
key->key.storage.location.buffer.pointer + 2 * keysize,
keysize);
@@ -203,9 +208,9 @@ int silabs_ecc_import(ecc_key* key, word32 keysize)
&used, keysize,
WC_TYPE_UNSIGNED_BIN);
if (err == MP_OKAY)
err = wc_export_int(&key->k, key->key.storage.location.buffer.pointer + 2 * keysize,
&used, keysize,
WC_TYPE_UNSIGNED_BIN);
err = wc_export_int(wc_ecc_key_get_priv(key),
key->key.storage.location.buffer.pointer + 2 * keysize, &used,
keysize, WC_TYPE_UNSIGNED_BIN);
return err;
}
@@ -229,9 +234,9 @@ int silabs_ecc_import_private(ecc_key* key, word32 keysize)
if (sl_stat != SL_STATUS_OK)
return WC_HW_E;
ret = wc_export_int(&key->k, key->key.storage.location.buffer.pointer,
&keySz, keySz,
WC_TYPE_UNSIGNED_BIN);
ret = wc_export_int(wc_ecc_key_get_priv(key),
key->key.storage.location.buffer.pointer, &keySz, keySz,
WC_TYPE_UNSIGNED_BIN);
if (keySz != keysize)
ret = WC_HW_E;
@@ -284,14 +289,14 @@ int silabs_ecc_import_private_raw(ecc_key* key, word32 keySz, const char* d, int
return WC_HW_E;
if (encType == WC_TYPE_HEX_STR)
err = mp_read_radix(&key->k, d, MP_RADIX_HEX);
err = mp_read_radix(wc_ecc_key_get_priv(key), d, MP_RADIX_HEX);
else
err = mp_read_unsigned_bin(&key->k, (const byte*)d,
err = mp_read_unsigned_bin(wc_ecc_key_get_priv(key), (const byte*)d,
key->dp->size);
if (err == MP_OKAY) {
err = wc_export_int(&key->k, key->key.storage.location.buffer.pointer + (2 * keySz),
&keySz, keySz,
WC_TYPE_UNSIGNED_BIN);
err = wc_export_int(wc_ecc_key_get_priv(key),
key->key.storage.location.buffer.pointer + (2 * keySz), &keySz,
keySz, WC_TYPE_UNSIGNED_BIN);
}
return err;

10
wolfcrypt/src/port/st/stm32.c
View File

@@ -43,6 +43,11 @@
#include <wolfssl/wolfcrypt/aes.h>
#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#ifdef STM32_HASH
@@ -954,7 +959,8 @@ int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
if (status == MP_OKAY)
status = stm32_get_from_mp_int(Qybin, key->pubkey.y, szModulus);
if (status == MP_OKAY)
status = stm32_get_from_mp_int(privKeybin, &key->k, szModulus);
status = stm32_get_from_mp_int(privKeybin, wc_ecc_key_get_priv(key),
szModulus);
if (status != MP_OKAY)
return status;
@@ -1020,7 +1026,7 @@ int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, WC_RNG* rng,
size = wc_ecc_size(key);
status = stm32_get_from_mp_int(Keybin, &key->k, size);
status = stm32_get_from_mp_int(Keybin, wc_ecc_key_get_priv(key), size);
if (status != MP_OKAY)
return status;

33
wolfcrypt/src/sakke.c
View File

@@ -44,6 +44,12 @@
#include <wolfssl/wolfcrypt/sakke.h>
#include <wolfssl/wolfcrypt/asn_public.h>
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
/* SAKKE Build Options:
* WOLFSSL_SAKKE_SMALL: Small code size version of SAKKE.
* WOLFSSL_SAKKE_SMALL_MODEXP: Small code size for just SAKKE modexp.
@@ -515,17 +521,19 @@ int wc_MakeSakkeKey(SakkeKey* key, WC_RNG* rng)
err = RNG_FAILURE_E;
}
if (err == 0) {
err = mp_rand(&key->ecc.k, digits, rng);
err = mp_rand(wc_ecc_key_get_priv(&key->ecc), digits, rng);
}
if (err == 0) {
err = mp_mod(&key->ecc.k, &key->params.q, &key->ecc.k);
err = mp_mod(wc_ecc_key_get_priv(&key->ecc), &key->params.q,
wc_ecc_key_get_priv(&key->ecc));
}
}
while ((err == 0) && mp_iszero(&key->ecc.k));
while ((err == 0) && mp_iszero(wc_ecc_key_get_priv(&key->ecc)));
}
if (err == 0) {
/* Calculate public key by multiply master secret by base point. */
err = sakke_mulmod_base(key, &key->ecc.k, &key->ecc.pubkey, 1);
err = sakke_mulmod_base(key, wc_ecc_key_get_priv(&key->ecc),
&key->ecc.pubkey, 1);
}
if (err == 0) {
key->ecc.type = ECC_PRIVATEKEY;
@@ -561,7 +569,7 @@ int wc_MakeSakkePublicKey(SakkeKey* key, ecc_point* pub)
err = sakke_load_base_point(key);
}
if (err == 0) {
err = sakke_mulmod_base(key, &key->ecc.k, pub, 1);
err = sakke_mulmod_base(key, wc_ecc_key_get_priv(&key->ecc), pub, 1);
}
return err;
@@ -601,7 +609,7 @@ int wc_ExportSakkeKey(SakkeKey* key, byte* data, word32* sz)
}
if (err == 0) {
/* Write out the secret value into key size bytes. */
err = mp_to_unsigned_bin_len(&key->ecc.k, data, key->ecc.dp->size);
err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data, key->ecc.dp->size);
}
if (err == 0) {
data += key->ecc.dp->size;
@@ -651,7 +659,8 @@ int wc_ImportSakkeKey(SakkeKey* key, const byte* data, word32 sz)
if (err == 0) {
/* Read the secret value from key size bytes. */
err = mp_read_unsigned_bin(&key->ecc.k, data, key->ecc.dp->size);
err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
key->ecc.dp->size);
}
if (err == 0) {
data += key->ecc.dp->size;
@@ -706,7 +715,8 @@ int wc_ExportSakkePrivateKey(SakkeKey* key, byte* data, word32* sz)
}
if (err == 0) {
/* Write out the secret value into key size bytes. */
err = mp_to_unsigned_bin_len(&key->ecc.k, data, key->ecc.dp->size);
err = mp_to_unsigned_bin_len(wc_ecc_key_get_priv(&key->ecc), data,
key->ecc.dp->size);
}
if (err == 0) {
*sz = key->ecc.dp->size;
@@ -745,7 +755,8 @@ int wc_ImportSakkePrivateKey(SakkeKey* key, const byte* data, word32 sz)
if (err == 0) {
/* Read the secret value from key size bytes. */
err = mp_read_unsigned_bin(&key->ecc.k, data, key->ecc.dp->size);
err = mp_read_unsigned_bin(wc_ecc_key_get_priv(&key->ecc), data,
key->ecc.dp->size);
}
return err;
@@ -972,7 +983,7 @@ int wc_MakeSakkeRsk(SakkeKey* key, const byte* id, word16 idSz, ecc_point* rsk)
}
/* a + z_T */
if (err == 0) {
err = mp_addmod(a, &key->ecc.k, &key->params.q, a);
err = mp_addmod(a, wc_ecc_key_get_priv(&key->ecc), &key->params.q, a);
}
/* (a + z_T) ^ 1 modulo q */
if (err == 0) {
@@ -2361,7 +2372,7 @@ static int sakke_compute_point_i(SakkeKey* key, const byte* id, word16 idSz,
ecc_point* i)
{
int err;
mp_int* b = &key->ecc.k;
mp_int* b = wc_ecc_key_get_priv(&key->ecc);
/* Load b - ID of receiver */
err = mp_read_unsigned_bin(b, id, idSz);

18
wolfcrypt/src/wc_pkcs11.c
View File

@@ -45,6 +45,12 @@
#include <wolfcrypt/src/misc.c>
#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#if defined(NO_PKCS11_RSA) && !defined(NO_RSA)
#define NO_RSA
#endif
@@ -1184,8 +1190,8 @@ static int Pkcs11CreateEccPrivateKey(CK_OBJECT_HANDLE* privateKey,
ret = Pkcs11EccSetParams(private_key, keyTemplate, 3);
if (ret == 0) {
keyTemplate[4].pValue = private_key->k.raw.buf;
keyTemplate[4].ulValueLen = private_key->k.raw.len;
keyTemplate[4].pValue = wc_ecc_key_get_priv(private_key)->raw.buf;
keyTemplate[4].ulValueLen = wc_ecc_key_get_priv(private_key)->raw.len;
PKCS11_DUMP_TEMPLATE("Ec Private Key", keyTemplate, keyTmplCnt);
rv = session->func->C_CreateObject(session->handle, keyTemplate,
@@ -1426,7 +1432,7 @@ int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
ret = ret2;
}
if (ret == 0 && clear)
mp_forcezero(&eccKey->k);
mp_forcezero(wc_ecc_key_get_priv(eccKey));
break;
}
#endif
@@ -2448,7 +2454,8 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
if (ret == 0) {
WOLFSSL_MSG("PKCS#11: EC Key Derivation Operation");
if ((sessionKey = !mp_iszero(&info->pk.ecdh.private_key->k)))
if ((sessionKey = !mp_iszero(
wc_ecc_key_get_priv(info->pk.ecdh.private_key))))
ret = Pkcs11CreateEccPrivateKey(&privateKey, session,
info->pk.ecdh.private_key, CKA_DERIVE);
else if (info->pk.ecdh.private_key->labelLen > 0) {
@@ -2742,7 +2749,8 @@ static int Pkcs11ECDSA_Sign(Pkcs11Session* session, wc_CryptoInfo* info)
if (ret == 0) {
WOLFSSL_MSG("PKCS#11: EC Signing Operation");
if ((sessionKey = !mp_iszero(&info->pk.eccsign.key->k)))
if ((sessionKey = !mp_iszero(
wc_ecc_key_get_priv(info->pk.eccsign.key))))
ret = Pkcs11CreateEccPrivateKey(&privateKey, session,
info->pk.eccsign.key, CKA_SIGN);
else if (info->pk.eccsign.key->labelLen > 0) {

9
wolfcrypt/test/test.c
View File

@@ -356,6 +356,12 @@
#include <wiiuse/wpad.h>
#endif
#ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
/* FIPS build has replaced ecc.h. */
#define wc_ecc_key_get_priv(key) (&((key)->k))
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
#endif
#ifdef WOLFSSL_STATIC_MEMORY
static WOLFSSL_HEAP_HINT* HEAP_HINT;
#else
@@ -25748,7 +25754,8 @@ static int ecc_mulmod_test(ecc_key* key1)
if (ret != 0)
goto done;
ret = wc_ecc_mulmod(&key1->k, &key2->pubkey, &key3->pubkey, &key2->k, &key3->k,
ret = wc_ecc_mulmod(wc_ecc_key_get_priv(key1), &key2->pubkey, &key3->pubkey,
wc_ecc_key_get_priv(key2), wc_ecc_key_get_priv(key3),
1);
if (ret != 0) {
ret = WC_TEST_RET_ENC_EC(ret);

51
wolfssl/wolfcrypt/ecc.h
View File

@@ -347,14 +347,15 @@ typedef struct ecc_set_type {
* The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH.
*/
#if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH_ALL) && \
!defined(WOLFSSL_SP_MATH)
#error USE_FAST_MATH must be defined to use ALT_ECC_SIZE
#if defined(USE_INTEGER_HEAP_MATH)
#error Cannot use integer math with ALT_ECC_SIZE
#endif
#ifdef WOLFSSL_NO_MALLOC
#error ALT_ECC_SIZE cannot be used with no malloc (WOLFSSL_NO_MALLOC)
#endif
#ifdef USE_FAST_MATH
/* determine max bits required for ECC math */
#ifndef FP_MAX_BITS_ECC
/* max bits rounded up by 8 then doubled */
@@ -385,6 +386,40 @@ typedef struct alt_fp_int {
int used, sign, size;
mp_digit dp[FP_SIZE_ECC];
} alt_fp_int;
#else
#ifdef FP_MAX_BITS_ECC
#define SP_INT_BITS_ECC (FP_MAX_BITS_ECC / 2)
#elif SP_INT_BITS < MAX_ECC_BITS
#define SP_INT_BITS_ECC SP_INT_BITS
#else
#define SP_INT_BITS_ECC MAX_ECC_BITS
#endif
#define SP_INT_DIGITS_ECC \
(((SP_INT_BITS_ECC + SP_WORD_SIZE - 1) / SP_WORD_SIZE) * 2 + 1)
#define FP_SIZE_ECC SP_INT_DIGITS_ECC
typedef struct alt_fp_int {
/** Number of words that contain data. */
unsigned int used;
/** Maximum number of words in data. */
unsigned int size;
#ifdef WOLFSSL_SP_INT_NEGATIVE
/** Indicates whether number is 0/positive or negative. */
unsigned int sign;
#endif
#ifdef HAVE_WOLF_BIGINT
/** Unsigned binary (big endian) representation of number. */
struct WC_BIGINT raw;
#endif
/** Data of number. */
sp_int_digit dp[SP_INT_DIGITS_ECC];
} alt_fp_int;
#endif
#endif /* ALT_ECC_SIZE */
#ifndef WC_ECCKEY_TYPE_DEFINED
@@ -446,7 +481,12 @@ struct ecc_key {
#endif
void* heap; /* heap hint */
ecc_point pubkey; /* public key */
mp_int k; /* private key */
#ifndef ALT_ECC_SIZE
mp_int k[1]; /* private key */
#else
mp_int* k;
alt_fp_int ka[1];
#endif
#ifdef WOLFSSL_CAAM
word32 blackKey; /* address of key encrypted and in secure memory */
@@ -543,6 +583,9 @@ struct ecc_key {
#endif
};
#define wc_ecc_key_get_priv(key) ((key)->k)
#define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
WOLFSSL_ABI WOLFSSL_API ecc_key* wc_ecc_key_new(void* heap);
WOLFSSL_ABI WOLFSSL_API void wc_ecc_key_free(ecc_key* key);