diff --git a/wolfcrypt/src/blake2b.c b/wolfcrypt/src/blake2b.c index 1541947dd..3ccc28730 100644 --- a/wolfcrypt/src/blake2b.c +++ b/wolfcrypt/src/blake2b.c @@ -429,6 +429,22 @@ int wc_InitBlake2b(Blake2b* b2b, word32 digestSz) return blake2b_init(b2b->S, (byte)digestSz); } +/* Init Blake2b digest with key, track size in case final doesn't want to "remember" */ +int wc_InitBlake2b_WithKey(Blake2b* b2b, word32 digestSz, const byte *key, word32 keylen) +{ + if (b2b == NULL){ + return -1; + } + b2b->digestSz = digestSz; + + if (keylen >= 256) + return -1; + + if (key) + return blake2s_init_key(b2b->S, (byte)digestSz, key, (byte)keylen); + else + return blake2s_init(b2b->S, (byte)digestSz); +} /* Blake2b Update */ int wc_Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz) diff --git a/wolfcrypt/src/blake2s.c b/wolfcrypt/src/blake2s.c index 651a1d18d..53875a039 100644 --- a/wolfcrypt/src/blake2s.c +++ b/wolfcrypt/src/blake2s.c @@ -424,6 +424,24 @@ int wc_InitBlake2s(Blake2s* b2s, word32 digestSz) } +/* Init Blake2s digest with key, track size in case final doesn't want to "remember" */ +int wc_InitBlake2s_WithKey(Blake2s* b2s, word32 digestSz, const byte *key, word32 keylen) +{ + if (b2s == NULL){ + return -1; + } + b2s->digestSz = digestSz; + + if (keylen >= 256) + return -1; + + if (key) + return blake2s_init_key(b2s->S, (byte)digestSz, key, (byte)keylen); + else + return blake2s_init(b2s->S, (byte)digestSz); +} + + /* Blake2s Update */ int wc_Blake2sUpdate(Blake2s* b2s, const byte* data, word32 sz) { diff --git a/wolfcrypt/src/curve25519.c b/wolfcrypt/src/curve25519.c index a0e0b19cb..982dbd0c2 100644 --- a/wolfcrypt/src/curve25519.c +++ b/wolfcrypt/src/curve25519.c @@ -100,7 +100,12 @@ int wc_curve25519_make_pub(int public_size, byte* pub, int private_size, return ret; } -int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key) +/* generate a new private key, as a bare vector. + * + * return value is propagated from wc_RNG_GenerateBlock(() (0 on success), + * or BAD_FUNC_ARG/ECC_BAD_ARG_E, and the byte vector is little endian. + */ +int wc_curve25519_make_priv(WC_RNG* rng, int keysize, byte* key) { int ret; @@ -112,15 +117,29 @@ int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key) return ECC_BAD_ARG_E; /* random number for private key */ - ret = wc_RNG_GenerateBlock(rng, key->k.point, keysize); + ret = wc_RNG_GenerateBlock(rng, key, keysize); if (ret != 0) return ret; /* Clamp the private key */ - key->k.point[0] &= 248; - key->k.point[CURVE25519_KEYSIZE-1] &= 63; /* same &=127 because |=64 after */ - key->k.point[CURVE25519_KEYSIZE-1] |= 64; + key[0] &= 248; + key[CURVE25519_KEYSIZE-1] &= 63; /* same &=127 because |=64 after */ + key[CURVE25519_KEYSIZE-1] |= 64; + return 0; +} + +/* generate a new keypair. + * + * return value is propagated from wc_curve25519_make_private() or + * wc_curve25519_make_pub() (0 on success). + */ +int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key) { + if (key == NULL || rng == NULL) + return BAD_FUNC_ARG; + int ret = wc_curve25519_make_priv(rng, keysize, key->k.point); + if (ret < 0) + return ret; return wc_curve25519_make_pub((int)sizeof key->p.point, key->p.point, sizeof key->k.point, key->k.point); } diff --git a/wolfssl/wolfcrypt/blake2.h b/wolfssl/wolfcrypt/blake2.h index bc80d7166..37e4e2463 100644 --- a/wolfssl/wolfcrypt/blake2.h +++ b/wolfssl/wolfcrypt/blake2.h @@ -76,12 +76,14 @@ typedef struct Blake2s { #ifdef HAVE_BLAKE2B WOLFSSL_API int wc_InitBlake2b(Blake2b*, word32); +WOLFSSL_API int wc_InitBlake2b_WithKey(Blake2s*, word32, const byte *, word32); WOLFSSL_API int wc_Blake2bUpdate(Blake2b*, const byte*, word32); WOLFSSL_API int wc_Blake2bFinal(Blake2b*, byte*, word32); #endif #ifdef HAVE_BLAKE2S WOLFSSL_API int wc_InitBlake2s(Blake2s*, word32); +WOLFSSL_API int wc_InitBlake2s_WithKey(Blake2s*, word32, const byte *, word32); WOLFSSL_API int wc_Blake2sUpdate(Blake2s*, const byte*, word32); WOLFSSL_API int wc_Blake2sFinal(Blake2s*, byte*, word32); #endif diff --git a/wolfssl/wolfcrypt/curve25519.h b/wolfssl/wolfcrypt/curve25519.h index 2d926035f..a28416d4c 100644 --- a/wolfssl/wolfcrypt/curve25519.h +++ b/wolfssl/wolfcrypt/curve25519.h @@ -90,6 +90,9 @@ WOLFSSL_API int wc_curve25519_make_pub(int public_size, byte* pub, int private_size, const byte* priv); +WOLFSSL_API +int wc_curve25519_make_priv(WC_RNG* rng, int keysize, byte* priv); + WOLFSSL_API int wc_curve25519_make_key(WC_RNG* rng, int keysize, curve25519_key* key);