wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-03 12:44:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes so ECC only build works. Fixes so ECC enabled with ASN disabled works and will prevent ECC sign/verify.

Browse Source
This commit is contained in:
David Garske
2016-02-10 08:53:09 -08:00
parent 9a5938432b
commit 8d0d5a3f90
4 changed files with 28 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
configure.ac
View File

@@ -1032,7 +1032,7 @@ AC_ARG_ENABLE([asn],
if test "$ENABLED_ASN" = "no" if test "$ENABLED_ASN" = "no"
then then
AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS" AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS"
if test "$ENABLED_DH" = "no" if test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" == "no"
then then
# DH needs bigint # DH needs bigint
AM_CFLAGS="$AM_CFLAGS -DNO_BIG_INT" AM_CFLAGS="$AM_CFLAGS -DNO_BIG_INT"
@@ -1056,6 +1056,8 @@ then
AC_MSG_ERROR([please disable dsa if disabling asn.]) AC_MSG_ERROR([please disable dsa if disabling asn.])
fi fi
if test "x$ENABLED_CRYPTONLY" = "xyes"
then
if test "$ENABLED_ECC" = "yes" && test "$ENABLED_ASN" = "no" if test "$ENABLED_ECC" = "yes" && test "$ENABLED_ASN" = "no"
then then
AC_MSG_ERROR([please disable ecc if disabling asn.]) AC_MSG_ERROR([please disable ecc if disabling asn.])
@@ -1065,9 +1067,10 @@ if test "$ENABLED_PSK" = "no" && test "$ENABLED_ASN" = "no"
then then
AC_MSG_ERROR([please enable psk if disabling asn.]) AC_MSG_ERROR([please enable psk if disabling asn.])
fi fi
fi
# DH needs bigint # DH needs bigint
if test "$ENABLED_ASN" = "no" && test "$ENABLED_DH" = "no" if test "$ENABLED_ASN" = "no" && test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no"
then then
ENABLED_FASTMATH=no ENABLED_FASTMATH=no
ENABLED_SLOWMATH=no ENABLED_SLOWMATH=no
@@ -2182,7 +2185,7 @@ then
# turn off fastmth if leanpsk on or asn off (w/o dh) # turn off fastmth if leanpsk on or asn off (w/o dh)
if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no" if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no"
then then
if test "$ENABLED_DH" = "no" if test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no"
then then
ENABLED_FASTMATH=no ENABLED_FASTMATH=no
else else

4
wolfcrypt/benchmark/benchmark.c
View File

@@ -1671,7 +1671,9 @@ void bench_eccKeyAgree(void)
double start, total, each, milliEach; double start, total, each, milliEach;
int i, ret; int i, ret;
byte shared[32]; byte shared[32];
#ifndef NO_ASN
byte sig[64+16]; /* der encoding too */ byte sig[64+16]; /* der encoding too */
#endif
byte digest[32]; byte digest[32];
word32 x = 0; word32 x = 0;
@@ -1712,6 +1714,7 @@ void bench_eccKeyAgree(void)
digest[i] = (byte)i; digest[i] = (byte)i;
#ifndef NO_ASN
start = current_time(1); start = current_time(1);
for(i = 0; i < agreeTimes; i++) { for(i = 0; i < agreeTimes; i++) {
@@ -1739,6 +1742,7 @@ void bench_eccKeyAgree(void)
return; return;
} }
} }
#endif
total = current_time(0) - start; total = current_time(0) - start;
each = total / agreeTimes; /* per second */ each = total / agreeTimes; /* per second */

6
wolfcrypt/src/ecc.c
View File

@@ -1832,6 +1832,7 @@ int wc_ecc_init(ecc_key* key)
} }
#ifndef NO_ASN
/** /**
Sign a message digest Sign a message digest
in The message digest to sign in The message digest to sign
@@ -1865,6 +1866,7 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
return err; return err;
} }
#endif /* !NO_ASN */
/** /**
Sign a message digest Sign a message digest
@@ -2226,6 +2228,7 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
#ifndef NO_ASN
/* verify /* verify
* *
* w = s^-1 mod n * w = s^-1 mod n
@@ -2276,6 +2279,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
return err; return err;
} }
#endif /* !NO_ASN */
/** /**
Verify an ECC signature Verify an ECC signature
@@ -3112,6 +3116,7 @@ int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
return ret; return ret;
} }
#ifndef NO_ASN
/** /**
Convert ECC R,S to signature Convert ECC R,S to signature
r R component of signature r R component of signature
@@ -3151,6 +3156,7 @@ int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen)
return err; return err;
} }
#endif /* !NO_ASN */
/** /**
Import raw ECC key Import raw ECC key

7
wolfcrypt/test/test.c
View File

@@ -6172,11 +6172,14 @@ int ecc_test(void)
WC_RNG rng; WC_RNG rng;
byte sharedA[1024]; byte sharedA[1024];
byte sharedB[1024]; byte sharedB[1024];
#ifndef NO_ASN
byte sig[1024]; byte sig[1024];
int verify;
#endif
byte digest[20]; byte digest[20];
byte exportBuf[1024]; byte exportBuf[1024];
word32 x, y; word32 x, y;
int i, verify, ret; int i, ret;
ecc_key userA, userB, pubKey; ecc_key userA, userB, pubKey;
ret = wc_InitRng(&rng); ret = wc_InitRng(&rng);
@@ -6266,6 +6269,7 @@ int ecc_test(void)
for (i = 0; i < (int)sizeof(digest); i++) for (i = 0; i < (int)sizeof(digest); i++)
digest[i] = (byte)i; digest[i] = (byte)i;
#ifndef NO_ASN
x = sizeof(sig); x = sizeof(sig);
ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA); ret = wc_ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
@@ -6280,6 +6284,7 @@ int ecc_test(void)
if (verify != 1) if (verify != 1)
return -1016; return -1016;
#endif
x = sizeof(exportBuf); x = sizeof(exportBuf);
ret = wc_ecc_export_private_only(&userA, exportBuf, &x); ret = wc_ecc_export_private_only(&userA, exportBuf, &x);