mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 00:40:49 +02:00
ECC: import point, always do some checks when untrusted
Always check for infinity and, when B param available, whether the point is on the curve when point is untrusted. Change TLS code to treat points from peer as untrusted on import.
This commit is contained in:
+18
-3
@@ -32375,8 +32375,15 @@ static int GetEcDiffieHellmanKea(WOLFSSL *ssl,
|
||||
}
|
||||
|
||||
curveId = wc_ecc_get_oid((word32) curveOid, NULL, NULL);
|
||||
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
if (wc_ecc_import_x963_ex2(input + args->idx, length,
|
||||
ssl->peerEccKey, curveId, 1) != 0)
|
||||
#else
|
||||
/* FIPS has validation define on. */
|
||||
if (wc_ecc_import_x963_ex(input + args->idx, length,
|
||||
ssl->peerEccKey, curveId) != 0) {
|
||||
ssl->peerEccKey, curveId) != 0)
|
||||
#endif
|
||||
{
|
||||
#ifdef WOLFSSL_EXTRA_ALERTS
|
||||
SendAlert(ssl, alert_fatal, illegal_parameter);
|
||||
#endif
|
||||
@@ -40659,9 +40666,17 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
}
|
||||
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
if (wc_ecc_import_x963_ex2(input + args->idx, args->length,
|
||||
ssl->peerEccKey, kea == ecdhe_psk_kea ? ssl->eccTempKey->dp->id
|
||||
: private_key->dp->id, 1))
|
||||
#else
|
||||
/* FIPS has validation define on. */
|
||||
if (wc_ecc_import_x963_ex(input + args->idx, args->length,
|
||||
ssl->peerEccKey, kea == ecdhe_psk_kea ? ssl->eccTempKey->dp->id
|
||||
: private_key->dp->id)) {
|
||||
ssl->peerEccKey, kea == ecdhe_psk_kea ? ssl->eccTempKey->dp->id
|
||||
: private_key->dp->id))
|
||||
#endif
|
||||
{
|
||||
#ifdef WOLFSSL_EXTRA_ALERTS
|
||||
SendAlert(ssl, alert_fatal, illegal_parameter);
|
||||
#endif
|
||||
|
||||
@@ -9399,8 +9399,14 @@ static int TLSX_KeyShare_ProcessEcc_ex(WOLFSSL* ssl,
|
||||
|
||||
/* Point is validated by import function. */
|
||||
if (ret == 0) {
|
||||
ret = wc_ecc_import_x963_ex(keyShareEntry->ke, keyShareEntry->keLen,
|
||||
ssl->peerEccKey, curveId);
|
||||
#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
|
||||
ret = wc_ecc_import_x963_ex2(keyShareEntry->ke,
|
||||
keyShareEntry->keLen, ssl->peerEccKey, curveId, 1);
|
||||
#else
|
||||
/* FIPS has validation define on. */
|
||||
ret = wc_ecc_import_x963_ex(keyShareEntry->ke,
|
||||
keyShareEntry->keLen, ssl->peerEccKey, curveId);
|
||||
#endif
|
||||
if (ret != 0) {
|
||||
ret = ECC_PEERKEY_ERROR;
|
||||
WOLFSSL_ERROR_VERBOSE(ret);
|
||||
|
||||
+28
-2
@@ -10636,8 +10636,8 @@ int wc_ecc_check_key(ecc_key* key)
|
||||
|
||||
#ifdef HAVE_ECC_KEY_IMPORT
|
||||
/* import public ECC key in ANSI X9.63 format */
|
||||
int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
int curve_id)
|
||||
int wc_ecc_import_x963_ex2(const byte* in, word32 inLen, ecc_key* key,
|
||||
int curve_id, int untrusted)
|
||||
{
|
||||
int err = MP_OKAY;
|
||||
#ifdef HAVE_COMP_KEY
|
||||
@@ -10922,6 +10922,25 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_check_key(key);
|
||||
#endif
|
||||
#if (!defined(WOLFSSL_VALIDATE_ECC_IMPORT) || \
|
||||
!defined(HAVE_ECC_CHECK_PUBKEY_ORDER)) && \
|
||||
!defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
|
||||
!defined(WOLFSSL_CRYPTOCELL) && \
|
||||
(!defined(WOLF_CRYPTO_CB_ONLY_ECC) || defined(WOLFSSL_QNX_CAAM) || \
|
||||
defined(WOLFSSL_IMXRT1170_CAAM))
|
||||
if (untrusted) {
|
||||
/* Only do quick checks. */
|
||||
if ((err == MP_OKAY) && wc_ecc_point_is_at_infinity(&key->pubkey)) {
|
||||
err = ECC_INF_E;
|
||||
}
|
||||
#ifdef USE_ECC_B_PARAM
|
||||
if ((err == MP_OKAY) && (key->idx != ECC_CUSTOM_IDX)) {
|
||||
err = wc_ecc_point_is_on_curve(&key->pubkey, key->idx);
|
||||
}
|
||||
#endif /* USE_ECC_B_PARAM */
|
||||
}
|
||||
#endif
|
||||
(void)untrusted;
|
||||
|
||||
#ifdef WOLFSSL_MAXQ10XX_CRYPTO
|
||||
if (err == MP_OKAY) {
|
||||
@@ -10941,6 +10960,13 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
return err;
|
||||
}
|
||||
|
||||
/* import public ECC key in ANSI X9.63 format */
|
||||
int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
int curve_id)
|
||||
{
|
||||
return wc_ecc_import_x963_ex2(in, inLen, key, curve_id, 0);
|
||||
}
|
||||
|
||||
WOLFSSL_ABI
|
||||
int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key)
|
||||
{
|
||||
|
||||
@@ -866,6 +866,9 @@ int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
int curve_id);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_import_x963_ex2(const byte* in, word32 inLen, ecc_key* key,
|
||||
int curve_id, int untrusted);
|
||||
WOLFSSL_ABI WOLFSSL_API
|
||||
int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
|
||||
word32 pubSz, ecc_key* key);
|
||||
|
||||
Reference in New Issue
Block a user