wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 20:54:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #993 from jrblixt/unitTest_api_addRsa-PR06222017

Browse Source 
Add RSA to unit test.
This commit is contained in:
Chris Conlon
2017-07-17 13:42:42 -07:00
committed by GitHub
parent cc4ca6a44a fdb371e82e
commit 808f4692c7
6 changed files with 1193 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1105
tests/api.c
View File

File diff suppressed because it is too large Load Diff

11
wolfcrypt/src/asn.c
View File

@@ -1861,6 +1861,9 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
{ {
int version, length; int version, length;
if (inOutIdx == NULL) {
return BAD_FUNC_ARG;
}
if (GetSequence(input, inOutIdx, &length, inSz) < 0) if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return ASN_PARSE_E; return ASN_PARSE_E;
@@ -6996,8 +6999,12 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)
selfSigned = 1 (true) use subject as issuer selfSigned = 1 (true) use subject as issuer
subject = blank subject = blank
*/ */
void wc_InitCert(Cert* cert) int wc_InitCert(Cert* cert)
{ {
if (cert == NULL) {
return BAD_FUNC_ARG;
}
cert->version = 2; /* version 3 is hex 2 */ cert->version = 2; /* version 3 is hex 2 */
cert->sigType = CTC_SHAwRSA; cert->sigType = CTC_SHAwRSA;
cert->daysValid = 500; cert->daysValid = 500;
@@ -7061,6 +7068,8 @@ void wc_InitCert(Cert* cert)
#else #else
cert->heap = NULL; cert->heap = NULL;
#endif #endif
return 0;
} }

42
wolfcrypt/src/rsa.c
View File

@@ -25,6 +25,7 @@
#endif #endif
#include <wolfssl/wolfcrypt/settings.h> #include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#ifndef NO_RSA #ifndef NO_RSA
@@ -52,12 +53,19 @@ RSA Key Size Configuration:
#ifdef HAVE_FIPS #ifdef HAVE_FIPS
int wc_InitRsaKey(RsaKey* key, void* ptr) int wc_InitRsaKey(RsaKey* key, void* ptr)
{ {
if (key == NULL) {
return BAD_FUNC_ARG;
}
return InitRsaKey_fips(key, ptr); return InitRsaKey_fips(key, ptr);
} }
int wc_InitRsaKey_ex(RsaKey* key, void* ptr, int devId) int wc_InitRsaKey_ex(RsaKey* key, void* ptr, int devId)
{ {
(void)devId; (void)devId;
if (key == NULL) {
return BAD_FUNC_ARG;
}
return InitRsaKey_fips(key, ptr); return InitRsaKey_fips(key, ptr);
} }
@@ -70,6 +78,9 @@ int wc_FreeRsaKey(RsaKey* key)
int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, WC_RNG* rng) word32 outLen, RsaKey* key, WC_RNG* rng)
{ {
if (in == NULL || out == NULL || key == NULL || rng == NULL) {
return BAD_FUNC_ARG;
}
return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng); return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
} }
@@ -77,6 +88,9 @@ int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
RsaKey* key) RsaKey* key)
{ {
if (in == NULL || out == NULL || key == NULL) {
return BAD_FUNC_ARG;
}
return RsaPrivateDecryptInline_fips(in, inLen, out, key); return RsaPrivateDecryptInline_fips(in, inLen, out, key);
} }
@@ -84,6 +98,9 @@ int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key) word32 outLen, RsaKey* key)
{ {
if (in == NULL || out == NULL || key == NULL) {
return BAD_FUNC_ARG;
}
return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key); return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key);
} }
@@ -91,12 +108,18 @@ int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, WC_RNG* rng) word32 outLen, RsaKey* key, WC_RNG* rng)
{ {
if (in == NULL || out == NULL || key == NULL || inLen == 0) {
return BAD_FUNC_ARG;
}
return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng); return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
} }
int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key) int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
{ {
if (in == NULL || out == NULL || key == NULL) {
return BAD_FUNC_ARG;
}
return RsaSSL_VerifyInline_fips(in, inLen, out, key); return RsaSSL_VerifyInline_fips(in, inLen, out, key);
} }
@@ -104,12 +127,18 @@ int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key) word32 outLen, RsaKey* key)
{ {
if (in == NULL || out == NULL || key == NULL || inLen == 0) {
return BAD_FUNC_ARG;
}
return RsaSSL_Verify_fips(in, inLen, out, outLen, key); return RsaSSL_Verify_fips(in, inLen, out, outLen, key);
} }
int wc_RsaEncryptSize(RsaKey* key) int wc_RsaEncryptSize(RsaKey* key)
{ {
if (key == NULL) {
return BAD_FUNC_ARG;
}
return RsaEncryptSize_fips(key); return RsaEncryptSize_fips(key);
} }
@@ -117,6 +146,7 @@ int wc_RsaEncryptSize(RsaKey* key)
int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b, int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32* bSz) word32* bSz)
{ {
/* not specified as fips so not needing _fips */ /* not specified as fips so not needing _fips */
return RsaFlattenPublicKey(key, a, aSz, b, bSz); return RsaFlattenPublicKey(key, a, aSz, b, bSz);
} }
@@ -136,7 +166,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
#else /* else build without fips */ #else /* else build without fips */
#include <wolfssl/wolfcrypt/random.h> #include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h> #include <wolfssl/wolfcrypt/logging.h>
#ifdef NO_INLINE #ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h> #include <wolfssl/wolfcrypt/misc.h>
@@ -1568,7 +1597,13 @@ int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen, int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
RsaKey* key) RsaKey* key)
{ {
WC_RNG* rng = NULL; WC_RNG* rng;
if (key == NULL) {
return BAD_FUNC_ARG;
}
rng = NULL;
#ifdef WC_RSA_BLINDING #ifdef WC_RSA_BLINDING
rng = key->rng; rng = key->rng;
#endif #endif
@@ -1637,6 +1672,9 @@ int wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
int wc_RsaEncryptSize(RsaKey* key) int wc_RsaEncryptSize(RsaKey* key)
{ {
if (key == NULL) {
return BAD_FUNC_ARG;
}
return mp_unsigned_bin_size(&key->n); return mp_unsigned_bin_size(&key->n);
} }

40
wolfcrypt/test/test.c
View File

@@ -7199,7 +7199,9 @@ int rsa_test(void)
ERROR_OUT(-5571, exit_rsa); ERROR_OUT(-5571, exit_rsa);
} }
wc_InitCert(&myCert); if (wc_InitCert(&myCert)) {
ERROR_OUT(-5572, exit_rsa);
}
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
@@ -7221,17 +7223,17 @@ int rsa_test(void)
/* add SKID from the Public Key */ /* add SKID from the Public Key */
if (wc_SetSubjectKeyIdFromPublicKey(&myCert, &keypub, NULL) != 0) { if (wc_SetSubjectKeyIdFromPublicKey(&myCert, &keypub, NULL) != 0) {
ERROR_OUT(-5572, exit_rsa); ERROR_OUT(-5573, exit_rsa);
} }
/* add AKID from the Public Key */ /* add AKID from the Public Key */
if (wc_SetAuthKeyIdFromPublicKey(&myCert, &keypub, NULL) != 0) { if (wc_SetAuthKeyIdFromPublicKey(&myCert, &keypub, NULL) != 0) {
ERROR_OUT(-5573, exit_rsa); ERROR_OUT(-5574, exit_rsa);
} }
/* add Key Usage */ /* add Key Usage */
if (wc_SetKeyUsage(&myCert,"cRLSign,keyCertSign") != 0) { if (wc_SetKeyUsage(&myCert,"cRLSign,keyCertSign") != 0) {
ERROR_OUT(-5574, exit_rsa); ERROR_OUT(-5575, exit_rsa);
} }
#endif /* WOLFSSL_CERT_EXT */ #endif /* WOLFSSL_CERT_EXT */
@@ -7245,7 +7247,7 @@ int rsa_test(void)
} }
} while (ret == WC_PENDING_E); } while (ret == WC_PENDING_E);
if (ret < 0) { if (ret < 0) {
ERROR_OUT(-5575, exit_rsa); ERROR_OUT(-5576, exit_rsa);
} }
certSz = ret; certSz = ret;
@@ -7254,7 +7256,7 @@ int rsa_test(void)
ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
if (ret != 0) { if (ret != 0) {
FreeDecodedCert(&decode); FreeDecodedCert(&decode);
ERROR_OUT(-5576, exit_rsa); ERROR_OUT(-5577, exit_rsa);
} }
FreeDecodedCert(&decode); FreeDecodedCert(&decode);
#endif #endif
@@ -7262,29 +7264,29 @@ int rsa_test(void)
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
derFile = fopen(certDerFile, "wb"); derFile = fopen(certDerFile, "wb");
if (!derFile) { if (!derFile) {
ERROR_OUT(-5577, exit_rsa); ERROR_OUT(-5578, exit_rsa);
} }
ret = (int)fwrite(der, 1, certSz, derFile); ret = (int)fwrite(der, 1, certSz, derFile);
fclose(derFile); fclose(derFile);
if (ret != certSz) { if (ret != certSz) {
ERROR_OUT(-5578, exit_rsa); ERROR_OUT(-5579, exit_rsa);
} }
#endif #endif
pemSz = wc_DerToPem(der, certSz, pem, FOURK_BUF, CERT_TYPE); pemSz = wc_DerToPem(der, certSz, pem, FOURK_BUF, CERT_TYPE);
if (pemSz < 0) { if (pemSz < 0) {
ERROR_OUT(-5579, exit_rsa); ERROR_OUT(-5580, exit_rsa);
} }
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
pemFile = fopen(certPemFile, "wb"); pemFile = fopen(certPemFile, "wb");
if (!pemFile) { if (!pemFile) {
ERROR_OUT(-5580, exit_rsa); ERROR_OUT(-5581, exit_rsa);
} }
ret = (int)fwrite(pem, 1, pemSz, pemFile); ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile); fclose(pemFile);
if (ret != pemSz) { if (ret != pemSz) {
ERROR_OUT(-5581, exit_rsa); ERROR_OUT(-5582, exit_rsa);
} }
#endif #endif
@@ -7345,7 +7347,9 @@ int rsa_test(void)
ERROR_OUT(-5604, exit_rsa); ERROR_OUT(-5604, exit_rsa);
} }
wc_InitCert(&myCert); if (wc_InitCert(&myCert)) {
ERROR_OUT(-5617, exit_rsa);
}
#ifdef NO_SHA #ifdef NO_SHA
myCert.sigType = CTC_SHA256wRSA; myCert.sigType = CTC_SHA256wRSA;
@@ -7519,7 +7523,9 @@ int rsa_test(void)
ERROR_OUT(-5624, exit_rsa); ERROR_OUT(-5624, exit_rsa);
} }
wc_InitCert(&myCert); if (wc_InitCert(&myCert)) {
ERROR_OUT(-5640, exit_rsa);
}
myCert.sigType = CTC_SHA256wECDSA; myCert.sigType = CTC_SHA256wECDSA;
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
@@ -7739,7 +7745,9 @@ int rsa_test(void)
ERROR_OUT(-5658, exit_rsa); ERROR_OUT(-5658, exit_rsa);
} }
wc_InitCert(&myCert); if (wc_InitCert(&myCert)) {
ERROR_OUT(-5573, exit_rsa);
}
strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
@@ -7886,7 +7894,9 @@ int rsa_test(void)
ERROR_OUT(-5681, exit_rsa); ERROR_OUT(-5681, exit_rsa);
} }
wc_InitCert(&req); if (wc_InitCert(&req)) {
ERROR_OUT(-5691, exit_rsa);
}
req.version = 0; req.version = 0;
req.isCA = 1; req.isCA = 1;

15
wolfcrypt/user-crypto/src/rsa.c
View File

@@ -928,6 +928,10 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
int ctxSz, pSz, qSz; int ctxSz, pSz, qSz;
IppStatus ret; IppStatus ret;
if (input == NULL || inOutIdx == NULL || key == NULL) {
return USER_CRYPTO_ERROR;
}
USER_DEBUG(("Entering wc_RsaPrivateKeyDecode\n")); USER_DEBUG(("Entering wc_RsaPrivateKeyDecode\n"));
/* read in key information */ /* read in key information */
@@ -1066,6 +1070,10 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
byte b; byte b;
#endif #endif
if (input == NULL || inOutIdx == NULL || key == NULL) {
return USER_CRYPTO_ERROR;
}
USER_DEBUG(("Entering wc_RsaPublicKeyDecode\n")); USER_DEBUG(("Entering wc_RsaPublicKeyDecode\n"));
if (GetSequence(input, inOutIdx, &length, inSz) < 0) if (GetSequence(input, inOutIdx, &length, inSz) < 0)
@@ -1246,7 +1254,7 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
key->eSz = eSz; key->eSz = eSz;
key->type = RSA_PUBLIC; key->type = RSA_PUBLIC;
return USER_CRYPTO_ERROR; return 0;
} }
@@ -1636,13 +1644,14 @@ int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
USER_DEBUG(("Entering wc_RsaSSL_Sign\n")); USER_DEBUG(("Entering wc_RsaSSL_Sign\n"));
sz = key->sz;
if (in == NULL || out == NULL || key == NULL || rng == NULL) { if (in == NULL || out == NULL || key == NULL || rng == NULL) {
USER_DEBUG(("Bad argument to wc_RsaSSL_Sign\n")); USER_DEBUG(("Bad argument to wc_RsaSSL_Sign\n"));
return USER_CRYPTO_ERROR; return USER_CRYPTO_ERROR;
} }
sz = key->sz;
/* sanity check on key being used */ /* sanity check on key being used */
if (key->pipp == NULL || key->qipp == NULL || key->uipp == NULL || if (key->pipp == NULL || key->qipp == NULL || key->uipp == NULL ||
key->dPipp == NULL || key->dQipp == NULL) { key->dPipp == NULL || key->dQipp == NULL) {

2
wolfssl/wolfcrypt/asn_public.h
View File

@@ -180,7 +180,7 @@ typedef struct Cert {
isCA = 0 (false) isCA = 0 (false)
keyType = RSA_KEY (default) keyType = RSA_KEY (default)
*/ */
WOLFSSL_API void wc_InitCert(Cert*); WOLFSSL_API int wc_InitCert(Cert*);
WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz, WOLFSSL_API int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz,
int keyType, void* key, WC_RNG* rng); int keyType, void* key, WC_RNG* rng);
WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,