mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-04 13:14:45 +02:00
Enhancement / cleanup of the "wc_ecc_make_key_ex" API so it can be used with "keysize" or "dp" and allows compatibility with existing "wc_ecc_make_key". Note: "wc_ecc_make_key_ex" was not previously public, so changing it at this point is okay.
This commit is contained in:
David Garske
@@ -1624,9 +1624,10 @@ int wc_ecc_point_is_at_infinity(ecc_point* p)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
|
||||||
|
const ecc_set_type* dp)
|
||||||
{
|
{
|
||||||
int err;
|
int err, x;
|
||||||
ecc_point* base = NULL;
|
ecc_point* base = NULL;
|
||||||
mp_int prime;
|
mp_int prime;
|
||||||
mp_int a;
|
mp_int a;
|
||||||
@@ -1636,10 +1637,29 @@ int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||||||
#else
|
#else
|
||||||
byte buf[ECC_MAXSIZE_GEN];
|
byte buf[ECC_MAXSIZE_GEN];
|
||||||
#endif
|
#endif
|
||||||
int keysize;
|
|
||||||
|
|
||||||
if (key == NULL || rng == NULL || dp == NULL)
|
if (key == NULL || rng == NULL || (keysize <= 0 && dp == NULL)) {
|
||||||
return ECC_BAD_ARG_E;
|
return BAD_FUNC_ARG;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* determine curve type/index */
|
||||||
|
if (dp == NULL) {
|
||||||
|
/* find key size */
|
||||||
|
for (x = 0; (keysize > ecc_sets[x].size) &&
|
||||||
|
(ecc_sets[x].size != 0); x++);
|
||||||
|
keysize = ecc_sets[x].size;
|
||||||
|
|
||||||
|
if (keysize > ECC_MAXSIZE || ecc_sets[x].size == 0) {
|
||||||
|
return BAD_FUNC_ARG;
|
||||||
|
}
|
||||||
|
dp = &ecc_sets[x];
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
x = ECC_CUSTOM_IDX;
|
||||||
|
}
|
||||||
|
|
||||||
|
key->idx = x;
|
||||||
|
key->dp = dp;
|
||||||
|
|
||||||
#ifdef WOLFSSL_SMALL_STACK
|
#ifdef WOLFSSL_SMALL_STACK
|
||||||
buf = (byte*)XMALLOC(ECC_MAXSIZE_GEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
buf = (byte*)XMALLOC(ECC_MAXSIZE_GEN, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
@@ -1647,9 +1667,6 @@ int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
key->idx = ECC_CUSTOM_IDX;
|
|
||||||
key->dp = dp;
|
|
||||||
|
|
||||||
/*generate 8 extra bytes to mitigate bias from the modulo operation below*/
|
/*generate 8 extra bytes to mitigate bias from the modulo operation below*/
|
||||||
/*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/
|
/*see section A.1.2 in 'Suite B Implementor's Guide to FIPS 186-3 (ECDSA)'*/
|
||||||
keysize = dp->size + 8;
|
keysize = dp->size + 8;
|
||||||
@@ -1661,17 +1678,17 @@ int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||||||
if (err == 0) {
|
if (err == 0) {
|
||||||
err = mp_init_multi(&key->k, &prime, &order, &a, NULL, NULL);
|
err = mp_init_multi(&key->k, &prime, &order, &a, NULL, NULL);
|
||||||
if (err == MP_OKAY) {
|
if (err == MP_OKAY) {
|
||||||
#ifndef ALT_ECC_SIZE
|
#ifndef ALT_ECC_SIZE
|
||||||
err = mp_init_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z,
|
err = mp_init_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z,
|
||||||
NULL, NULL, NULL);
|
NULL, NULL, NULL);
|
||||||
#else
|
#else
|
||||||
key->pubkey.x = (mp_int*)&key->pubkey.xyz[0];
|
key->pubkey.x = (mp_int*)&key->pubkey.xyz[0];
|
||||||
key->pubkey.y = (mp_int*)&key->pubkey.xyz[1];
|
key->pubkey.y = (mp_int*)&key->pubkey.xyz[1];
|
||||||
key->pubkey.z = (mp_int*)&key->pubkey.xyz[2];
|
key->pubkey.z = (mp_int*)&key->pubkey.xyz[2];
|
||||||
alt_fp_init(key->pubkey.x);
|
alt_fp_init(key->pubkey.x);
|
||||||
alt_fp_init(key->pubkey.y);
|
alt_fp_init(key->pubkey.y);
|
||||||
alt_fp_init(key->pubkey.z);
|
alt_fp_init(key->pubkey.z);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1712,6 +1729,7 @@ int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||||||
if (mp_cmp(&key->k, &order) != MP_LT)
|
if (mp_cmp(&key->k, &order) != MP_LT)
|
||||||
err = mp_mod(&key->k, &order, &key->k);
|
err = mp_mod(&key->k, &order, &key->k);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* make the public key */
|
/* make the public key */
|
||||||
if (err == MP_OKAY)
|
if (err == MP_OKAY)
|
||||||
err = wc_ecc_mulmod_ex(&key->k, base, &key->pubkey, &a, &prime, 1,
|
err = wc_ecc_mulmod_ex(&key->k, base, &key->pubkey, &a, &prime, 1,
|
||||||
@@ -1757,23 +1775,7 @@ int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||||||
*/
|
*/
|
||||||
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key)
|
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key)
|
||||||
{
|
{
|
||||||
int x, err;
|
return wc_ecc_make_key_ex(rng, keysize, key, NULL);
|
||||||
|
|
||||||
if (key == NULL || rng == NULL)
|
|
||||||
return ECC_BAD_ARG_E;
|
|
||||||
|
|
||||||
/* find key size */
|
|
||||||
for (x = 0; (keysize > ecc_sets[x].size) && (ecc_sets[x].size != 0); x++)
|
|
||||||
;
|
|
||||||
keysize = ecc_sets[x].size;
|
|
||||||
|
|
||||||
if (keysize > ECC_MAXSIZE || ecc_sets[x].size == 0) {
|
|
||||||
return BAD_FUNC_ARG;
|
|
||||||
}
|
|
||||||
err = wc_ecc_make_key_ex(rng, key, &ecc_sets[x]);
|
|
||||||
key->idx = x;
|
|
||||||
|
|
||||||
return err;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Setup dynamic pointers is using normal math for proper freeing */
|
/* Setup dynamic pointers is using normal math for proper freeing */
|
||||||
@@ -1928,7 +1930,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
|
|||||||
err = RNG_FAILURE_E;
|
err = RNG_FAILURE_E;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
err = wc_ecc_make_key_ex(rng, &pubkey, key->dp);
|
err = wc_ecc_make_key_ex(rng, 0, &pubkey, key->dp);
|
||||||
if (err != MP_OKAY) break;
|
if (err != MP_OKAY) break;
|
||||||
|
|
||||||
/* find r = x1 mod n */
|
/* find r = x1 mod n */
|
||||||
|
|||||||
@@ -6703,12 +6703,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
|||||||
wc_ecc_init(&userB);
|
wc_ecc_init(&userB);
|
||||||
wc_ecc_init(&pubKey);
|
wc_ecc_init(&pubKey);
|
||||||
|
|
||||||
if (dp) {
|
ret = wc_ecc_make_key_ex(rng, keySize, &userA, dp);
|
||||||
ret = wc_ecc_make_key_ex(rng, &userA, dp);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
ret = wc_ecc_make_key(rng, keySize, &userA);
|
|
||||||
}
|
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
ERROR_OUT(-1014, done);
|
ERROR_OUT(-1014, done);
|
||||||
|
|
||||||
@@ -6716,12 +6711,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
|||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
ERROR_OUT(-1023, done);
|
ERROR_OUT(-1023, done);
|
||||||
|
|
||||||
if (dp) {
|
ret = wc_ecc_make_key_ex(rng, keySize, &userB, dp);
|
||||||
ret = wc_ecc_make_key_ex(rng, &userB, dp);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
ret = wc_ecc_make_key(rng, keySize, &userB);
|
|
||||||
}
|
|
||||||
if (ret != 0)
|
if (ret != 0)
|
||||||
ERROR_OUT(-1002, done);
|
ERROR_OUT(-1002, done);
|
||||||
|
|
||||||
|
|||||||
@@ -179,7 +179,8 @@ extern const ecc_set_type ecc_sets[];
|
|||||||
WOLFSSL_API
|
WOLFSSL_API
|
||||||
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
|
int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
|
||||||
WOLFSSL_API
|
WOLFSSL_API
|
||||||
int wc_ecc_make_key_ex(WC_RNG* rng, ecc_key* key, const ecc_set_type* dp);
|
int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
|
||||||
|
const ecc_set_type* dp);
|
||||||
WOLFSSL_API
|
WOLFSSL_API
|
||||||
int wc_ecc_check_key(ecc_key* key);
|
int wc_ecc_check_key(ecc_key* key);
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user