Merge pull request #4522 from dgarske/static_eph

Fixes and refactor for static ephemeral key support
This commit is contained in:
Sean Parkinson
2021-11-10 08:22:51 +10:00
committed by GitHub
15 changed files with 703 additions and 425 deletions
+1 -1
View File
@@ -100,7 +100,7 @@ static int tls_client(void)
/*---------------------*/
/* for no peer auth: */
/*---------------------*/
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
/*---------------------*/
/* end peer auth option*/
/*---------------------*/
+1 -1
View File
@@ -99,7 +99,7 @@ static int tls_server(void)
/*---------------------*/
/* for no peer auth: */
/*---------------------*/
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
/*---------------------*/
/* end peer auth option*/
/*---------------------*/
+1 -1
View File
@@ -65,7 +65,7 @@ If you want to mimic OpenSSL behavior of having `SSL_connect` succeed even if
verifying the server fails and reducing security you can do this by calling:
```c
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
```
before calling `wolfSSL_new();`. Though it's not recommended.
+3 -3
View File
@@ -1078,10 +1078,10 @@ WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int,
\code
char * file = “./certs/client-cert.pem”;
int derSz;
byte * der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
byte* der = (byte*)XMALLOC((8*1024), NULL, DYNAMIC_TYPE_CERT);
derSz = wc_PemCertToDer(file, der, EIGHTK_BUF);
if(derSz <= 0) {
derSz = wc_PemCertToDer(file, der, (8*1024));
if (derSz <= 0) {
//PemCertToDer error
}
\endcode
+2 -2
View File
@@ -2513,8 +2513,8 @@ WOLFSSL_API
\code
WOLFSSL_CTX* ctx = 0;
...
wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |
SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
wolfSSL_CTX_set_verify(ctx, (WOLFSSL_VERIFY_PEER |
WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT), NULL);
\endcode
\sa wolfSSL_set_verify
+2 -2
View File
@@ -3062,7 +3062,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
}
else if (!usePsk && !useAnon && doPeerCheck == 0) {
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
}
else if (!usePsk && !useAnon && myVerifyAction == VERIFY_OVERRIDE_DATE_ERR) {
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
@@ -3191,7 +3191,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
#if defined(WOLFSSL_MDK_ARM)
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
#endif
#if defined(OPENSSL_EXTRA)
+18 -25
View File
@@ -2400,16 +2400,22 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
#endif
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef NO_DH
if (ctx->staticKE.dhKey && ctx->staticKE.weOwnDH)
FreeDer(&ctx->staticKE.dhKey);
FreeDer(&ctx->staticKE.dhKey);
#endif
#ifdef HAVE_ECC
if (ctx->staticKE.ecKey && ctx->staticKE.weOwnEC)
FreeDer(&ctx->staticKE.ecKey);
FreeDer(&ctx->staticKE.ecKey);
#endif
#ifdef HAVE_CURVE25519
if (ctx->staticKE.x25519Key && ctx->staticKE.weOwnX25519)
FreeDer(&ctx->staticKE.x25519Key);
FreeDer(&ctx->staticKE.x25519Key);
#endif
#ifdef HAVE_CURVE448
FreeDer(&ctx->staticKE.x448Key);
#endif
#ifndef SINGLE_THREADED
if (ctx->staticKELockInit) {
wc_FreeMutex(&ctx->staticKELock);
ctx->staticKELockInit = 0;
}
#endif
#endif
(void)heapAtCTXInit;
@@ -6381,19 +6387,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
ssl->options.useClientOrder = ctx->useClientOrder;
ssl->options.mutualAuth = ctx->mutualAuth;
#ifdef WOLFSSL_STATIC_EPHEMERAL
XMEMCPY(&ssl->staticKE, &ctx->staticKE, sizeof(StaticKeyExchangeInfo_t));
#ifdef HAVE_ECC
ssl->staticKE.weOwnEC = 0;
#endif
#ifndef NO_DH
ssl->staticKE.weOwnDH = 0;
#endif
#ifdef HAVE_CURVE25519
ssl->staticKE.weOwnX25519 = 0;
#endif
#endif
#ifdef WOLFSSL_TLS13
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
ssl->options.maxTicketTls13 = ctx->maxTicketTls13;
@@ -7207,16 +7200,16 @@ void SSL_ResourceFree(WOLFSSL* ssl)
#endif
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef NO_DH
if (ssl->staticKE.dhKey && ssl->staticKE.weOwnDH)
FreeDer(&ssl->staticKE.dhKey);
FreeDer(&ssl->staticKE.dhKey);
#endif
#ifdef HAVE_ECC
if (ssl->staticKE.ecKey && ssl->staticKE.weOwnEC)
FreeDer(&ssl->staticKE.ecKey);
FreeDer(&ssl->staticKE.ecKey);
#endif
#ifdef HAVE_CURVE25519
if (ssl->staticKE.x25519Key && ssl->staticKE.weOwnX25519)
FreeDer(&ssl->staticKE.x25519Key);
FreeDer(&ssl->staticKE.x25519Key);
#endif
#ifdef HAVE_CURVE448
FreeDer(&ssl->staticKE.x448Key);
#endif
#endif
+351 -191
View File
@@ -1074,10 +1074,10 @@ static void TraceSetNamedServer(const char* name,
if (TraceOn) {
XFPRINTF(TraceFile, "\tTrying to install a new Sniffer Server with\n");
XFPRINTF(TraceFile, "\tname: %s, server: %s, port: %d, keyFile: %s\n",
name ? name : "",
srv ? srv : "",
port,
keyFile ? keyFile : "");
name ? name : "",
srv ? srv : "",
port,
keyFile ? keyFile : "");
}
}
@@ -2158,32 +2158,19 @@ static void ShowTlsSecrets(SnifferSession* session)
/* Process Keys */
/* contains static ephemeral keys */
typedef struct {
#ifndef NO_DH
DerBuffer* dhKey;
#endif
#ifdef HAVE_ECC
DerBuffer* ecKey;
#endif
#ifdef HAVE_CURVE25519
DerBuffer* x25519Key;
#endif
#if !defined(NO_RSA) && defined(WOLFSSL_STATIC_RSA)
DerBuffer* rsaKey;
#endif
} KeyBuffers_t;
static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
char* error, KeyShareInfo* ksInfo, KeyBuffers_t* keys)
char* error, KeyShareInfo* ksInfo)
{
word32 idx = 0;
int ret;
DerBuffer* keyBuf;
DerBuffer* keyBuf = NULL;
int keyBufFree = 0;
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
int useCurveId = 0;
#endif
int devId = INVALID_DEVID;
WOLFSSL_CTX* ctx = session->context->ctx;
WOLFSSL* ssl = session->sslServer;
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
if (ksInfo && ksInfo->curve_id != 0)
@@ -2201,15 +2188,18 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
#ifndef NO_RSA
/* Static RSA */
if (ksInfo == NULL && keys->rsaKey) {
if (ksInfo == NULL && ssl->buffers.key) {
RsaKey key;
int length;
keyBuf = keys->rsaKey;
int keyInit = 0;
ret = wc_InitRsaKey_ex(&key, NULL, devId);
if (ret == 0) {
ret = wc_RsaPrivateKeyDecode(keyBuf->buffer, &idx, &key, keyBuf->length);
keyInit = 1;
keyBuf = ssl->buffers.key;
ret = wc_RsaPrivateKeyDecode(keyBuf->buffer, &idx, &key,
keyBuf->length);
if (ret != 0) {
#ifndef HAVE_ECC
#ifdef WOLFSSL_SNIFFER_STATS
@@ -2217,18 +2207,12 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
#endif
SetError(RSA_DECODE_STR, error, session, FATAL_ERROR_STATE);
#else
/* If we can do ECC, this isn't fatal. Not loading an ECC
* key will be fatal, though. */
/* If we can do ECC, this isn't fatal. Not loading a key later
* will be fatal, though. */
SetError(RSA_DECODE_STR, error, session, 0);
if (keys->ecKey == NULL)
keys->ecKey = session->sslServer->buffers.key; /* try ECC */
keyBuf = NULL;
#endif
}
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519)
else {
useCurveId = -1; /* don't try loading further */
}
#endif
}
if (ret == 0) {
@@ -2243,14 +2227,14 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
}
}
#ifdef WC_RSA_BLINDING
#ifdef WC_RSA_BLINDING
if (ret == 0) {
ret = wc_RsaSetRNG(&key, session->sslServer->rng);
if (ret != 0) {
SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE);
}
}
#endif
#endif
if (ret == 0) {
session->keySz = length * WOLFSSL_BIT_SIZE;
@@ -2264,8 +2248,8 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
#endif
if (ret >= 0) {
ret = wc_RsaPrivateDecrypt(input, length,
session->sslServer->arrays->preMasterSecret,
session->sslServer->arrays->preMasterSz, &key);
session->sslServer->arrays->preMasterSecret,
session->sslServer->arrays->preMasterSz, &key);
}
} while (ret == WC_PENDING_E);
@@ -2274,100 +2258,137 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
}
}
wc_FreeRsaKey(&key);
if (keyInit) {
wc_FreeRsaKey(&key);
}
}
#endif /* !NO_RSA */
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
/* Static DH Key */
if (ksInfo && ksInfo->dh_key_bits != 0 && keys->dhKey) {
if (ksInfo && ksInfo->dh_key_bits != 0 && keyBuf == NULL) {
DhKey dhKey;
#ifdef HAVE_PUBLIC_FFDHE
#ifdef HAVE_PUBLIC_FFDHE
const DhParams* params;
word32 privKeySz;
#else
#endif
word32 privKeySz = 0, p_len = 0;
#endif
byte privKey[52]; /* max for TLS */
int keyInit = 0;
keyBuf = keys->dhKey;
/* try and load static ephemeral */
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef SINGLE_THREADED
int keyLocked = 0;
if (ctx->staticKELockInit &&
wc_LockMutex(&ctx->staticKELock) == 0)
#endif
{
#ifndef SINGLE_THREADED
keyLocked = 1;
#endif
keyBuf = ssl->staticKE.dhKey;
if (keyBuf == NULL)
keyBuf = ctx->staticKE.dhKey;
}
#endif
#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
ret = 0;
#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
if (KeyCb != NULL) {
if (keyBuf == NULL) {
ret = AllocDer(&keyBuf, FILE_BUFFER_SIZE, PRIVATEKEY_TYPE, NULL);
if (ret == 0)
keyBufFree = 1;
}
ret = KeyCb(session, ksInfo->named_group,
session->srvKs.key, session->srvKs.key_len,
session->cliKs.key, session->cliKs.key_len,
keyBuf, KeyCbCtx, error);
if (ret != 0) {
SetError(-1, error, session, FATAL_ERROR_STATE);
return ret;
}
}
#endif
#ifdef HAVE_PUBLIC_FFDHE
/* get DH params */
switch (ksInfo->named_group) {
#ifdef HAVE_FFDHE_2048
case WOLFSSL_FFDHE_2048:
params = wc_Dh_ffdhe2048_Get();
privKeySz = 29;
break;
#endif
#ifdef HAVE_FFDHE_3072
case WOLFSSL_FFDHE_3072:
params = wc_Dh_ffdhe3072_Get();
privKeySz = 34;
break;
#endif
#ifdef HAVE_FFDHE_4096
case WOLFSSL_FFDHE_4096:
params = wc_Dh_ffdhe4096_Get();
privKeySz = 39;
break;
#endif
#ifdef HAVE_FFDHE_6144
case WOLFSSL_FFDHE_6144:
params = wc_Dh_ffdhe6144_Get();
privKeySz = 46;
break;
#endif
#ifdef HAVE_FFDHE_8192
case WOLFSSL_FFDHE_8192:
params = wc_Dh_ffdhe8192_Get();
privKeySz = 52;
break;
#endif
default:
return BAD_FUNC_ARG;
#endif
if (ret == 0 && keyBuf == NULL) {
ret = BUFFER_E;
}
#endif
ret = wc_InitDhKey_ex(&dhKey, NULL, devId);
#ifdef HAVE_PUBLIC_FFDHE
if (ret == 0) {
#ifdef HAVE_PUBLIC_FFDHE
/* get DH params */
switch (ksInfo->named_group) {
#ifdef HAVE_FFDHE_2048
case WOLFSSL_FFDHE_2048:
params = wc_Dh_ffdhe2048_Get();
privKeySz = 29;
break;
#endif
#ifdef HAVE_FFDHE_3072
case WOLFSSL_FFDHE_3072:
params = wc_Dh_ffdhe3072_Get();
privKeySz = 34;
break;
#endif
#ifdef HAVE_FFDHE_4096
case WOLFSSL_FFDHE_4096:
params = wc_Dh_ffdhe4096_Get();
privKeySz = 39;
break;
#endif
#ifdef HAVE_FFDHE_6144
case WOLFSSL_FFDHE_6144:
params = wc_Dh_ffdhe6144_Get();
privKeySz = 46;
break;
#endif
#ifdef HAVE_FFDHE_8192
case WOLFSSL_FFDHE_8192:
params = wc_Dh_ffdhe8192_Get();
privKeySz = 52;
break;
#endif
default:
ret = BAD_FUNC_ARG;
}
}
#endif
if (ret == 0) {
ret = wc_InitDhKey_ex(&dhKey, NULL, devId);
if (ret == 0)
keyInit = 1;
}
if (ret == 0) {
#ifdef HAVE_PUBLIC_FFDHE
ret = wc_DhSetKey(&dhKey,
(byte*)params->p, params->p_len,
(byte*)params->g, params->g_len);
#else
p_len = params->p_len;
#else
ret = wc_DhSetNamedKey(&dhKey, ksInfo->named_group);
#endif
if (ret == 0) {
ret = wc_DhKeyDecode(keyBuf->buffer, &idx, &dhKey,
keyBuf->length);
}
#ifndef HAVE_PUBLIC_FFDHE
if (ret == 0) {
privKeySz = wc_DhGetNamedKeyMinSize(ksInfo->named_group);
ret = wc_DhGetNamedKeyParamSize(ksInfo->named_group,
&p_len, NULL, NULL);
}
#endif
if (ret == 0) {
ret = wc_DhExportKeyPair(&dhKey, privKey, &privKeySz, NULL,
NULL);
}
#endif
}
if (ret == 0) {
ret = wc_DhKeyDecode(keyBuf->buffer, &idx, &dhKey,
keyBuf->length);
}
if (ret == 0) {
ret = wc_DhExportKeyPair(&dhKey, privKey, &privKeySz, NULL,
NULL);
}
#if defined(WOLFSSL_STATIC_EPHEMERAL) && !defined(SINGLE_THREADED)
if (keyLocked) {
wc_UnLockMutex(&ctx->staticKELock);
}
#endif
if (ret == 0) {
/* Derive secret from private key and peer's public key */
do {
#ifdef WOLFSSL_ASYNC_CRYPT
@@ -2384,71 +2405,89 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
PRIVATE_KEY_LOCK();
}
} while (ret == WC_PENDING_E);
}
if (keyInit)
wc_FreeDhKey(&dhKey);
#ifdef WOLFSSL_SNIFFER_STATS
if (ret != 0)
INC_STAT(SnifferStats.sslKeyFails);
#endif
#ifdef WOLFSSL_SNIFFER_STATS
if (ret != 0)
INC_STAT(SnifferStats.sslKeyFails);
#endif
/* left-padded with zeros up to the size of the prime */
#ifdef HAVE_PUBLIC_FFDHE
if (ret == 0 && params->p_len > session->sslServer->arrays->preMasterSz) {
word32 diff = params->p_len - session->sslServer->arrays->preMasterSz;
XMEMMOVE(session->sslServer->arrays->preMasterSecret + diff,
session->sslServer->arrays->preMasterSecret,
session->sslServer->arrays->preMasterSz);
XMEMSET(session->sslServer->arrays->preMasterSecret, 0, diff);
session->sslServer->arrays->preMasterSz = params->p_len;
}
#else /* HAVE_PUBLIC_FFDHE */
if (ret == 0 && p_len > session->sslServer->arrays->preMasterSz) {
word32 diff = p_len - session->sslServer->arrays->preMasterSz;
XMEMMOVE(session->sslServer->arrays->preMasterSecret + diff,
session->sslServer->arrays->preMasterSecret,
session->sslServer->arrays->preMasterSz);
XMEMSET(session->sslServer->arrays->preMasterSecret, 0, diff);
session->sslServer->arrays->preMasterSz = p_len;
}
#endif /* HAVE_PUBLIC_FFDHE */
/* left-padded with zeros up to the size of the prime */
if (ret == 0 && p_len > session->sslServer->arrays->preMasterSz) {
word32 diff = p_len - session->sslServer->arrays->preMasterSz;
XMEMMOVE(session->sslServer->arrays->preMasterSecret + diff,
session->sslServer->arrays->preMasterSecret,
session->sslServer->arrays->preMasterSz);
XMEMSET(session->sslServer->arrays->preMasterSecret, 0, diff);
session->sslServer->arrays->preMasterSz = p_len;
}
}
#endif /* !NO_DH && WOLFSSL_DH_EXTRA */
#ifdef HAVE_ECC
/* Static ECC Key */
if (useCurveId >= 0 && keys->ecKey
if (useCurveId >= 0 && keyBuf == NULL
#ifdef HAVE_CURVE25519
&& useCurveId != ECC_X25519
#endif
#ifdef HAVE_CURVE448
&& useCurveId != ECC_X448
#endif
) {
ecc_key key;
ecc_key pubKey;
ecc_key key, pubKey;
int length, keyInit = 0, pubKeyInit = 0;
keyBuf = keys->ecKey;
/* try and load static ephemeral */
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef SINGLE_THREADED
int keyLocked = 0;
if (ctx->staticKELockInit &&
wc_LockMutex(&ctx->staticKELock) == 0)
#endif
{
#ifndef SINGLE_THREADED
keyLocked = 1;
#endif
keyBuf = ssl->staticKE.ecKey;
if (keyBuf == NULL)
keyBuf = ctx->staticKE.ecKey;
}
#endif
#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
/* try static ECC */
if (keyBuf == NULL) {
keyBuf = session->sslServer->buffers.key;
}
ret = 0;
#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
if (KeyCb != NULL && ksInfo) {
if (keyBuf == NULL) {
ret = AllocDer(&keyBuf, FILE_BUFFER_SIZE, PRIVATEKEY_TYPE, NULL);
if (ret == 0)
keyBufFree = 1;
}
ret = KeyCb(session, ksInfo->named_group,
session->srvKs.key, session->srvKs.key_len,
session->cliKs.key, session->cliKs.key_len,
keyBuf, KeyCbCtx, error);
if (ret != 0) {
SetError(-1, error, session, FATAL_ERROR_STATE);
return ret;
}
}
#endif
#endif
idx = 0;
ret = wc_ecc_init_ex(&key, NULL, devId);
if (ret == 0 && keyBuf == NULL) {
ret = BUFFER_E;
}
if (ret == 0) {
keyInit = 1;
ret = wc_ecc_init(&pubKey);
ret = wc_ecc_init_ex(&key, NULL, devId);
if (ret == 0)
keyInit = 1;
}
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
@@ -2456,15 +2495,20 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
ret = wc_ecc_set_rng(&key, session->sslServer->rng);
}
#endif
if (ret == 0) {
pubKeyInit = 1;
idx = 0;
ret = wc_EccPrivateKeyDecode(keyBuf->buffer, &idx, &key, keyBuf->length);
if (ret != 0) {
SetError(ECC_DECODE_STR, error, session, FATAL_ERROR_STATE);
}
}
#if defined(WOLFSSL_STATIC_EPHEMERAL) && !defined(SINGLE_THREADED)
if (keyLocked) {
wc_UnLockMutex(&ctx->staticKELock);
}
#endif
if (ret == 0) {
length = wc_ecc_size(&key) * 2 + 1;
/* The length should be 2 times the key size (x and y), plus 1
@@ -2483,14 +2527,17 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
useCurveId = key.dp->id;
}
}
if (ret == 0) {
ret = wc_ecc_init(&pubKey);
if (ret == 0)
pubKeyInit = 1;
}
if (ret == 0) {
ret = wc_ecc_import_x963_ex(input, length, &pubKey, useCurveId);
if (ret != 0) {
SetError(ECC_PUB_DECODE_STR, error, session, FATAL_ERROR_STATE);
}
}
if (ret == 0) {
session->keySz = ((length - 1) / 2) * WOLFSSL_BIT_SIZE;
/* Length is in bytes. Subtract 1 for the ECC key type. Divide
@@ -2513,10 +2560,10 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
} while (ret == WC_PENDING_E);
}
#ifdef WOLFSSL_SNIFFER_STATS
#ifdef WOLFSSL_SNIFFER_STATS
if (ret != 0)
INC_STAT(SnifferStats.sslKeyFails);
#endif
#endif
if (keyInit)
wc_ecc_free(&key);
@@ -2527,15 +2574,35 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
#ifdef HAVE_CURVE25519
/* Static Curve25519 Key */
if (useCurveId == ECC_X25519 && keys->x25519Key) {
curve25519_key key;
curve25519_key pubKey;
if (useCurveId == ECC_X25519) {
curve25519_key key, pubKey;
int length, keyInit = 0, pubKeyInit = 0;
keyBuf = keys->x25519Key;
/* try and load static ephemeral */
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef SINGLE_THREADED
int keyLocked = 0;
if (ctx->staticKELockInit &&
wc_LockMutex(&ctx->staticKELock) == 0)
#endif
{
#ifndef SINGLE_THREADED
keyLocked = 1;
#endif
keyBuf = ssl->staticKE.x25519Key;
if (keyBuf == NULL)
keyBuf = ctx->staticKE.x25519Key;
}
#endif
ret = 0;
#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
if (KeyCb != NULL && ksInfo) {
if (keyBuf == NULL) {
ret = AllocDer(&keyBuf, FILE_BUFFER_SIZE, PRIVATEKEY_TYPE, NULL);
if (ret == 0)
keyBufFree = 1;
}
ret = KeyCb(session, ksInfo->named_group,
session->srvKs.key, session->srvKs.key_len,
session->cliKs.key, session->cliKs.key_len,
@@ -2547,15 +2614,16 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
}
#endif
idx = 0;
ret = wc_curve25519_init_ex(&key, NULL, devId);
if (ret == 0) {
keyInit = 1;
ret = wc_curve25519_init(&pubKey);
if (ret == 0 && keyBuf == NULL) {
ret = BUFFER_E;
}
if (ret == 0) {
pubKeyInit = 1;
ret = wc_curve25519_init_ex(&key, NULL, devId);
if (ret == 0)
keyInit = 1;
}
if (ret == 0) {
idx = 0;
ret = wc_Curve25519PrivateKeyDecode(keyBuf->buffer, &idx, &key,
keyBuf->length);
if (ret != 0) {
@@ -2563,6 +2631,12 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
}
}
#if defined(WOLFSSL_STATIC_EPHEMERAL) && !defined(SINGLE_THREADED)
if (keyLocked) {
wc_UnLockMutex(&ctx->staticKELock);
}
#endif
if (ret == 0) {
length = CURVE25519_KEYSIZE;
if (length > *sslBytes) {
@@ -2570,7 +2644,11 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
ret = -1;
}
}
if (ret == 0) {
ret = wc_curve25519_init(&pubKey);
if (ret == 0)
pubKeyInit = 1;
}
if (ret == 0) {
ret = wc_curve25519_import_public_ex(input, length, &pubKey,
EC25519_LITTLE_ENDIAN);
@@ -2601,6 +2679,116 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
}
#endif /* HAVE_CURVE25519 */
#ifdef HAVE_CURVE448
/* Static Curve448 Key */
if (useCurveId == ECC_X448) {
curve448_key key, pubKey;
int length, keyInit = 0, pubKeyInit = 0;
/* try and load static ephemeral */
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef SINGLE_THREADED
int keyLocked = 0;
if (ctx->staticKELockInit &&
wc_LockMutex(&ctx->staticKELock) == 0)
#endif
{
#ifndef SINGLE_THREADED
keyLocked = 1;
#endif
keyBuf = ssl->staticKE.x448Key;
if (keyBuf == NULL)
keyBuf = ctx->staticKE.x448Key;
}
#endif
ret = 0;
#ifdef WOLFSSL_SNIFFER_KEY_CALLBACK
if (KeyCb != NULL && ksInfo) {
if (keyBuf == NULL) {
ret = AllocDer(&keyBuf, FILE_BUFFER_SIZE, PRIVATEKEY_TYPE, NULL);
if (ret == 0)
keyBufFree = 1;
}
ret = KeyCb(session, ksInfo->named_group,
session->srvKs.key, session->srvKs.key_len,
session->cliKs.key, session->cliKs.key_len,
keyBuf, KeyCbCtx, error);
if (ret != 0) {
SetError(-1, error, session, FATAL_ERROR_STATE);
return ret;
}
}
#endif
if (ret == 0 && keyBuf == NULL) {
ret = BUFFER_E;
}
if (ret == 0) {
ret = wc_curve448_init(&key);
if (ret == 0)
keyInit = 1;
}
if (ret == 0) {
idx = 0;
ret = wc_Curve448PrivateKeyDecode(keyBuf->buffer, &idx, &key,
keyBuf->length);
if (ret != 0) {
SetError(ECC_DECODE_STR, error, session, FATAL_ERROR_STATE);
}
}
#if defined(WOLFSSL_STATIC_EPHEMERAL) && !defined(SINGLE_THREADED)
if (keyLocked) {
wc_UnLockMutex(&ctx->staticKELock);
}
#endif
if (ret == 0) {
length = CURVE448_KEY_SIZE;
if (length > *sslBytes) {
SetError(PARTIAL_INPUT_STR, error, session, FATAL_ERROR_STATE);
ret = -1;
}
}
if (ret == 0) {
ret = wc_curve448_init(&pubKey);
if (ret == 0)
pubKeyInit = 1;
}
if (ret == 0) {
ret = wc_curve448_import_public_ex(input, length, &pubKey,
EC448_LITTLE_ENDIAN);
if (ret != 0) {
SetError(ECC_PUB_DECODE_STR, error, session, FATAL_ERROR_STATE);
}
}
if (ret == 0) {
session->keySz = CURVE448_KEY_SIZE;
session->sslServer->arrays->preMasterSz = ENCRYPT_LEN;
ret = wc_curve448_shared_secret_ex(&key, &pubKey,
session->sslServer->arrays->preMasterSecret,
&session->sslServer->arrays->preMasterSz, EC448_LITTLE_ENDIAN);
}
#ifdef WOLFSSL_SNIFFER_STATS
if (ret != 0)
INC_STAT(SnifferStats.sslKeyFails);
#endif
if (keyInit)
wc_curve448_free(&key);
if (pubKeyInit)
wc_curve448_free(&pubKey);
}
#endif /* HAVE_CURVE448 */
if (keyBufFree && keyBuf != NULL) {
FreeDer(&keyBuf);
}
/* store for client side as well */
XMEMCPY(session->sslClient->arrays->preMasterSecret,
session->sslServer->arrays->preMasterSecret,
@@ -2666,12 +2854,13 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
return ret;
}
/* Process Client Key Exchange, static RSA */
/* Process Client Key Exchange */
static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
SnifferSession* session, char* error)
{
KeyBuffers_t keys;
int ret;
#ifndef WOLFSSL_STATIC_EPHEMERAL
if (session->sslServer->buffers.key == NULL ||
session->sslServer->buffers.key->buffer == NULL ||
session->sslServer->buffers.key->length == 0) {
@@ -2679,23 +2868,11 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
SetError(RSA_KEY_MISSING_STR, error, session, FATAL_ERROR_STATE);
return -1;
}
#endif
XMEMSET(&keys, 0, sizeof(keys));
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef NO_DH
keys.dhKey = session->sslServer->staticKE.dhKey;
#endif
#ifdef HAVE_ECC
keys.ecKey = session->sslServer->staticKE.ecKey;
#endif
#ifdef HAVE_CURVE25519
keys.x25519Key = session->sslServer->staticKE.x25519Key;
#endif
#endif
#ifndef NO_RSA
keys.rsaKey = session->sslServer->buffers.key;
#endif
return SetupKeys(input, sslBytes, session, error, NULL, &keys);
ret = SetupKeys(input, sslBytes, session, error, NULL);
return ret;
}
#ifdef WOLFSSL_TLS13
@@ -2779,7 +2956,7 @@ static int ProcessKeyShare(KeyShareInfo* info, const byte* input, int len,
info->curve_id = ECC_X25519;
break;
#endif
#ifdef HAVE_X448
#ifdef HAVE_CURVE448
case WOLFSSL_ECC_X448:
info->curve_id = ECC_X448;
break;
@@ -3315,25 +3492,8 @@ static int ProcessServerHello(int msgSz, const byte* input, int* sslBytes,
#ifdef WOLFSSL_TLS13
/* Setup handshake keys */
if (IsAtLeastTLSv1_3(session->sslServer->version) && session->srvKs.key_len > 0) {
KeyBuffers_t keys;
XMEMSET(&keys, 0, sizeof(keys));
#ifndef NO_RSA
keys.rsaKey = session->sslServer->buffers.key;
#endif
#ifdef WOLFSSL_STATIC_EPHEMERAL
#ifndef NO_DH
keys.dhKey = session->sslServer->staticKE.dhKey;
#endif
#ifdef HAVE_ECC
keys.ecKey = session->sslServer->staticKE.ecKey;
#endif
#ifdef HAVE_CURVE25519
keys.x25519Key = session->sslServer->staticKE.x25519Key;
#endif
#endif
ret = SetupKeys(session->cliKs.key, &session->cliKs.key_len,
session, error, &session->cliKs, &keys);
session, error, &session->cliKs);
if (ret != 0) {
SetError(SERVER_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE);
return ret;
+203 -65
View File
@@ -17762,6 +17762,11 @@ cleanup:
#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL) || \
defined(HAVE_SECRET_CALLBACK)
#if !defined(NO_WOLFSSL_SERVER)
/* Return the amount of random bytes copied over or error case.
* ssl : ssl struct after handshake
* out : buffer to hold random bytes
* outSz : either 0 (return max buffer sz) or size of out buffer
*/
size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out,
size_t outSz)
{
@@ -17776,7 +17781,7 @@ size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out,
return 0;
}
if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) {
if (ssl->arrays == NULL) {
WOLFSSL_MSG("Arrays struct not saved after handshake");
return 0;
}
@@ -18497,8 +18502,6 @@ int wolfSSL_CTX_get_max_proto_version(WOLFSSL_CTX* ctx)
* ssl : ssl struct after handshake
* out : buffer to hold random bytes
* outSz : either 0 (return max buffer sz) or size of out buffer
*
* NOTE: wolfSSL_KeepArrays(ssl) must be called to retain handshake information.
*/
size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
size_t outSz)
@@ -18514,7 +18517,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
return 0;
}
if (ssl->options.saveArrays == 0 || ssl->arrays == NULL) {
if (ssl->arrays == NULL) {
WOLFSSL_MSG("Arrays struct not saved after handshake");
return 0;
}
@@ -55647,8 +55650,97 @@ int wolfSSL_X509_REQ_set_pubkey(WOLFSSL_X509 *req, WOLFSSL_EVP_PKEY *pkey)
#endif /* OPENSSL_ALL && !NO_CERTS && WOLFSSL_CERT_GEN && WOLFSSL_CERT_REQ */
#ifdef WOLFSSL_STATIC_EPHEMERAL
static int SetStaticEphemeralKey(StaticKeyExchangeInfo_t* staticKE, int keyAlgo,
const char* key, unsigned int keySz, int format, void* heap)
int wolfSSL_StaticEphemeralKeyLoad(WOLFSSL* ssl, int keyAlgo, void* keyPtr)
{
int ret;
word32 idx = 0;
DerBuffer* der = NULL;
if (ssl == NULL || ssl->ctx == NULL || keyPtr == NULL) {
return BAD_FUNC_ARG;
}
#ifndef SINGLE_THREADED
if (!ssl->ctx->staticKELockInit) {
return BUFFER_E; /* no keys set */
}
ret = wc_LockMutex(&ssl->ctx->staticKELock);
if (ret != 0) {
return ret;
}
#endif
ret = BUFFER_E; /* set default error */
switch (keyAlgo) {
#ifndef NO_DH
case WC_PK_TYPE_DH:
if (ssl != NULL)
der = ssl->staticKE.dhKey;
if (der == NULL)
der = ssl->ctx->staticKE.dhKey;
if (der != NULL) {
DhKey* key = (DhKey*)keyPtr;
WOLFSSL_MSG("Using static DH key");
ret = wc_DhKeyDecode(der->buffer, &idx, key, der->length);
}
break;
#endif
#ifdef HAVE_ECC
case WC_PK_TYPE_ECDH:
if (ssl != NULL)
der = ssl->staticKE.ecKey;
if (der == NULL)
der = ssl->ctx->staticKE.ecKey;
if (der != NULL) {
ecc_key* key = (ecc_key*)keyPtr;
WOLFSSL_MSG("Using static ECDH key");
ret = wc_EccPrivateKeyDecode(der->buffer, &idx, key, der->length);
}
break;
#endif
#ifdef HAVE_CURVE25519
case WC_PK_TYPE_CURVE25519:
if (ssl != NULL)
der = ssl->staticKE.x25519Key;
if (der == NULL)
der = ssl->ctx->staticKE.x25519Key;
if (der != NULL) {
curve25519_key* key = (curve25519_key*)keyPtr;
WOLFSSL_MSG("Using static X25519 key");
ret = wc_Curve25519PrivateKeyDecode(der->buffer, &idx, key,
der->length);
}
break;
#endif
#ifdef HAVE_CURVE448
case WC_PK_TYPE_CURVE448:
if (ssl != NULL)
der = ssl->staticKE.x448Key;
if (der == NULL)
der = ssl->ctx->staticKE.x448Key;
if (der != NULL) {
curve448_key* key = (curve448_key*)keyPtr;
WOLFSSL_MSG("Using static X448 key");
ret = wc_Curve448PrivateKeyDecode(der->buffer, &idx, key,
der->length);
}
break;
#endif
default:
/* not supported */
ret = NOT_COMPILED_IN;
break;
}
#ifndef SINGLE_THREADED
wc_UnLockMutex(&ssl->ctx->staticKELock);
#endif
return ret;
}
static int SetStaticEphemeralKey(WOLFSSL_CTX* ctx,
StaticKeyExchangeInfo_t* staticKE, int keyAlgo, const char* key,
unsigned int keySz, int format, void* heap)
{
int ret = 0;
DerBuffer* der = NULL;
@@ -55744,6 +55836,20 @@ static int SetStaticEphemeralKey(StaticKeyExchangeInfo_t* staticKE, int keyAlgo,
}
}
#endif
#ifdef HAVE_CURVE448
if (keyAlgo == WC_PK_TYPE_NONE) {
word32 idx = 0;
curve448_key x448Key;
ret = wc_curve448_init(&x448Key);
if (ret == 0) {
ret = wc_Curve448PrivateKeyDecode(keyBuf, &idx, &x448Key,
keySz);
if (ret == 0)
keyAlgo = WC_PK_TYPE_CURVE448;
wc_curve448_free(&x448Key);
}
}
#endif
if (keyAlgo != WC_PK_TYPE_NONE) {
ret = AllocDer(&der, keySz, PRIVATEKEY_TYPE, heap);
@@ -55761,53 +55867,61 @@ static int SetStaticEphemeralKey(StaticKeyExchangeInfo_t* staticKE, int keyAlgo,
}
#endif
/* if key is already allocated then set free it */
#ifndef NO_DH
if (keyAlgo == WC_PK_TYPE_DH && staticKE->dhKey && staticKE->weOwnDH) {
FreeDer(&staticKE->dhKey);
}
#endif
#ifdef HAVE_ECC
if (keyAlgo == WC_PK_TYPE_ECDH && staticKE->ecKey && staticKE->weOwnEC) {
FreeDer(&staticKE->ecKey);
}
#endif
#ifdef HAVE_CURVE25519
if (keyAlgo == WC_PK_TYPE_CURVE25519 && staticKE->x25519Key &&
staticKE->weOwnX25519) {
FreeDer(&staticKE->x25519Key);
#ifndef SINGLE_THREADED
if (ret == 0 && !ctx->staticKELockInit) {
ret = wc_InitMutex(&ctx->staticKELock);
if (ret == 0) {
ctx->staticKELockInit = 1;
}
}
#endif
if (ret == 0
#ifndef SINGLE_THREADED
&& (ret = wc_LockMutex(&ctx->staticKELock)) == 0
#endif
) {
switch (keyAlgo) {
#ifndef NO_DH
case WC_PK_TYPE_DH:
FreeDer(&staticKE->dhKey);
staticKE->dhKey = der; der = NULL;
break;
#endif
#ifdef HAVE_ECC
case WC_PK_TYPE_ECDH:
FreeDer(&staticKE->ecKey);
staticKE->ecKey = der; der = NULL;
break;
#endif
#ifdef HAVE_CURVE25519
case WC_PK_TYPE_CURVE25519:
FreeDer(&staticKE->x25519Key);
staticKE->x25519Key = der; der = NULL;
break;
#endif
#ifdef HAVE_CURVE448
case WC_PK_TYPE_CURVE448:
FreeDer(&staticKE->x448Key);
staticKE->x448Key = der; der = NULL;
break;
#endif
default:
/* not supported */
ret = NOT_COMPILED_IN;
break;
}
switch (keyAlgo) {
#ifndef NO_DH
case WC_PK_TYPE_DH:
staticKE->dhKey = der; der = NULL;
staticKE->weOwnDH = 1;
break;
#ifndef SINGLE_THREADED
wc_UnLockMutex(&ctx->staticKELock);
#endif
#ifdef HAVE_ECC
case WC_PK_TYPE_ECDH:
staticKE->ecKey = der; der = NULL;
staticKE->weOwnEC = 1;
break;
#endif
#ifdef HAVE_CURVE25519
case WC_PK_TYPE_CURVE25519:
staticKE->x25519Key = der; der = NULL;
staticKE->weOwnX25519 = 1;
break;
#endif
default:
/* not supported */
ret = NOT_COMPILED_IN;
break;
}
if (ret != 0) {
FreeDer(&der);
}
(void)ctx; /* not used for single threaded */
WOLFSSL_LEAVE("SetStaticEphemeralKey", ret);
return ret;
@@ -55819,48 +55933,66 @@ int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
if (ctx == NULL) {
return BAD_FUNC_ARG;
}
return SetStaticEphemeralKey(&ctx->staticKE, keyAlgo, key, keySz, format,
ctx->heap);
return SetStaticEphemeralKey(ctx, &ctx->staticKE, keyAlgo,
key, keySz, format, ctx->heap);
}
int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
const char* key, unsigned int keySz, int format)
{
if (ssl == NULL) {
if (ssl == NULL || ssl->ctx == NULL) {
return BAD_FUNC_ARG;
}
return SetStaticEphemeralKey(&ssl->staticKE, keyAlgo, key, keySz, format,
ssl->heap);
return SetStaticEphemeralKey(ssl->ctx, &ssl->staticKE, keyAlgo,
key, keySz, format, ssl->heap);
}
static int GetStaticEphemeralKey(StaticKeyExchangeInfo_t* staticKE, int keyAlgo,
const unsigned char** key, unsigned int* keySz)
static int GetStaticEphemeralKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
int keyAlgo, const unsigned char** key, unsigned int* keySz)
{
int ret = 0;
DerBuffer* der = NULL;
if (staticKE == NULL || key == NULL || keySz == NULL) {
return BAD_FUNC_ARG;
}
if (key) *key = NULL;
if (keySz) *keySz = 0;
*key = NULL;
*keySz = 0;
#ifndef SINGLE_THREADED
if (ctx->staticKELockInit &&
(ret = wc_LockMutex(&ctx->staticKELock)) != 0) {
return ret;
}
#endif
switch (keyAlgo) {
#ifndef NO_DH
case WC_PK_TYPE_DH:
der = staticKE->dhKey;
if (ssl != NULL)
der = ssl->staticKE.dhKey;
if (der == NULL)
der = ctx->staticKE.dhKey;
break;
#endif
#ifdef HAVE_ECC
case WC_PK_TYPE_ECDH:
der = staticKE->ecKey;
if (ssl != NULL)
der = ssl->staticKE.ecKey;
if (der == NULL)
der = ctx->staticKE.ecKey;
break;
#endif
#ifdef HAVE_CURVE25519
case WC_PK_TYPE_CURVE25519:
der = staticKE->x25519Key;
if (ssl != NULL)
der = ssl->staticKE.x25519Key;
if (der == NULL)
der = ctx->staticKE.x25519Key;
break;
#endif
#ifdef HAVE_CURVE448
case WC_PK_TYPE_CURVE448:
if (ssl != NULL)
der = ssl->staticKE.x448Key;
if (der == NULL)
der = ctx->staticKE.x448Key;
break;
#endif
default:
@@ -55870,10 +56002,16 @@ static int GetStaticEphemeralKey(StaticKeyExchangeInfo_t* staticKE, int keyAlgo,
}
if (der) {
*key = der->buffer;
*keySz = der->length;
if (key)
*key = der->buffer;
if (keySz)
*keySz = der->length;
}
#ifndef SINGLE_THREADED
wc_UnLockMutex(&ctx->staticKELock);
#endif
return ret;
}
@@ -55886,16 +56024,16 @@ int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
return BAD_FUNC_ARG;
}
return GetStaticEphemeralKey(&ctx->staticKE, keyAlgo, key, keySz);
return GetStaticEphemeralKey(ctx, NULL, keyAlgo, key, keySz);
}
int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
const unsigned char** key, unsigned int* keySz)
{
if (ssl == NULL) {
if (ssl == NULL || ssl->ctx == NULL) {
return BAD_FUNC_ARG;
}
return GetStaticEphemeralKey(&ssl->staticKE, keyAlgo, key, keySz);
return GetStaticEphemeralKey(ssl->ctx, ssl, keyAlgo, key, keySz);
}
#endif /* WOLFSSL_STATIC_EPHEMERAL */
+21 -29
View File
@@ -6217,18 +6217,12 @@ static int TLSX_KeyShare_GenDhKey(WOLFSSL *ssl, KeyShareEntry* kse)
if (ret == 0) {
#if defined(WOLFSSL_STATIC_EPHEMERAL) && defined(WOLFSSL_DH_EXTRA)
if (ssl->staticKE.dhKey) {
DerBuffer* keyDer = ssl->staticKE.dhKey;
word32 idx = 0;
WOLFSSL_MSG("Using static DH key");
ret = wc_DhKeyDecode(keyDer->buffer, &idx,
dhKey, keyDer->length);
if (ret == 0) {
ret = wc_DhExportKeyPair(dhKey,
(byte*)kse->privKey, &kse->keyLen, /* private */
kse->pubKey, &kse->pubKeyLen /* public */
);
}
ret = wolfSSL_StaticEphemeralKeyLoad(ssl, WC_PK_TYPE_DH, kse->key);
if (ret == 0) {
ret = wc_DhExportKeyPair(dhKey,
(byte*)kse->privKey, &kse->keyLen, /* private */
kse->pubKey, &kse->pubKeyLen /* public */
);
}
else
#endif
@@ -6329,16 +6323,12 @@ static int TLSX_KeyShare_GenX25519Key(WOLFSSL *ssl, KeyShareEntry* kse)
ret = wc_curve25519_init_ex((curve25519_key*)kse->key, ssl->heap,
INVALID_DEVID);
if (ret == 0) {
/* setting "key" means okay to call wc_curve25519_free */
key = (curve25519_key*)kse->key;
#ifdef WOLFSSL_STATIC_EPHEMERAL
if (ssl->staticKE.x25519Key) {
DerBuffer* keyDer = ssl->staticKE.x25519Key;
word32 idx = 0;
WOLFSSL_MSG("Using static X25519 key");
ret = wc_Curve25519PrivateKeyDecode(keyDer->buffer, &idx, key,
keyDer->length);
}
else
ret = wolfSSL_StaticEphemeralKeyLoad(ssl, WC_PK_TYPE_CURVE25519, kse->key);
if (ret != 0)
#endif
{
ret = wc_curve25519_make_key(ssl->rng, CURVE25519_KEYSIZE, key);
@@ -6422,7 +6412,14 @@ static int TLSX_KeyShare_GenX448Key(WOLFSSL *ssl, KeyShareEntry* kse)
ret = wc_curve448_init((curve448_key*)kse->key);
if (ret == 0) {
key = (curve448_key*)kse->key;
ret = wc_curve448_make_key(ssl->rng, CURVE448_KEY_SIZE, key);
#ifdef WOLFSSL_STATIC_EPHEMERAL
ret = wolfSSL_StaticEphemeralKeyLoad(ssl, WC_PK_TYPE_CURVE448, kse->key);
if (ret != 0)
#endif
{
ret = wc_curve448_make_key(ssl->rng, CURVE448_KEY_SIZE, key);
}
}
}
@@ -6536,17 +6533,12 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
/* Make an ECC key */
ret = wc_ecc_init_ex((ecc_key*)kse->key, ssl->heap, ssl->devId);
if (ret == 0) {
/* setting eccKey means okay to call wc_ecc_free */
eccKey = (ecc_key*)kse->key;
#ifdef WOLFSSL_STATIC_EPHEMERAL
if (ssl->staticKE.ecKey) {
DerBuffer* keyDer = ssl->staticKE.ecKey;
word32 idx = 0;
WOLFSSL_MSG("Using static ECDH key");
ret = wc_EccPrivateKeyDecode(keyDer->buffer, &idx, eccKey,
keyDer->length);
}
else
ret = wolfSSL_StaticEphemeralKeyLoad(ssl, WC_PK_TYPE_ECDH, kse->key);
if (ret != 0)
#endif
{
/* set curve info for EccMakeKey "peer" info */
+81 -91
View File
@@ -19635,11 +19635,10 @@ int wc_PubKeyPemToDer(const unsigned char* pem, int pemSz,
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#endif /* WOLFSSL_PEM_TO_DER */
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_PEM_TO_DER)
#ifdef WOLFSSL_CERT_GEN
/* load pem cert from file into der buffer, return der size or error */
int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
int wc_PemCertToDer_ex(const char* fileName, DerBuffer** der)
{
#ifdef WOLFSSL_SMALL_STACK
byte staticBuffer[1]; /* force XMALLOC */
@@ -19651,7 +19650,6 @@ int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
int ret = 0;
long sz = 0;
XFILE file;
DerBuffer* converted = NULL;
WOLFSSL_ENTER("wc_PemCertToDer");
@@ -19666,8 +19664,9 @@ int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
}
if (ret == 0) {
if(XFSEEK(file, 0, XSEEK_END) != 0)
if (XFSEEK(file, 0, XSEEK_END) != 0) {
ret = BUFFER_E;
}
sz = XFTELL(file);
XREWIND(file);
@@ -19677,35 +19676,23 @@ int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
else if (sz > (long)sizeof(staticBuffer)) {
#ifdef WOLFSSL_STATIC_MEMORY
WOLFSSL_MSG("File was larger then static buffer");
return MEMORY_E;
#endif
ret = MEMORY_E;
#else
fileBuf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE);
if (fileBuf == NULL)
ret = MEMORY_E;
else
dynamic = 1;
#endif
}
if (ret == 0) {
if ((size_t)XFREAD(fileBuf, 1, sz, file) != (size_t)sz) {
ret = BUFFER_E;
}
#ifdef WOLFSSL_PEM_TO_DER
else {
ret = PemToDer(fileBuf, sz, CA_TYPE, &converted, 0, NULL,NULL);
ret = PemToDer(fileBuf, sz, CA_TYPE, der, 0, NULL,NULL);
}
#endif
if (ret == 0) {
if (converted->length < (word32)derSz) {
XMEMCPY(derBuf, converted->buffer, converted->length);
ret = converted->length;
}
else
ret = BUFFER_E;
}
FreeDer(&converted);
}
XFCLOSE(file);
@@ -19715,12 +19702,29 @@ int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
return ret;
}
/* load pem cert from file into der buffer, return der size or error */
int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
{
int ret;
DerBuffer* converted = NULL;
ret = wc_PemCertToDer_ex(fileName, &converted);
if (ret == 0) {
if (converted->length < (word32)derSz) {
XMEMCPY(derBuf, converted->buffer, converted->length);
ret = converted->length;
}
else
ret = BUFFER_E;
FreeDer(&converted);
}
return ret;
}
#endif /* WOLFSSL_CERT_GEN */
#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
/* load pem public key from file into der buffer, return der size or error */
int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz)
int wc_PemPubKeyToDer_ex(const char* fileName, DerBuffer** der)
{
#ifdef WOLFSSL_SMALL_STACK
byte staticBuffer[1]; /* force XMALLOC */
@@ -19732,7 +19736,6 @@ int wc_PemPubKeyToDer(const char* fileName,
int ret = 0;
long sz = 0;
XFILE file;
DerBuffer* converted = NULL;
WOLFSSL_ENTER("wc_PemPubKeyToDer");
@@ -19747,8 +19750,9 @@ int wc_PemPubKeyToDer(const char* fileName,
}
if (ret == 0) {
if(XFSEEK(file, 0, XSEEK_END) != 0)
if (XFSEEK(file, 0, XSEEK_END) != 0) {
ret = BUFFER_E;
}
sz = XFTELL(file);
XREWIND(file);
@@ -19758,47 +19762,55 @@ int wc_PemPubKeyToDer(const char* fileName,
else if (sz > (long)sizeof(staticBuffer)) {
#ifdef WOLFSSL_STATIC_MEMORY
WOLFSSL_MSG("File was larger then static buffer");
return MEMORY_E;
#endif
ret = MEMORY_E;
#else
fileBuf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE);
if (fileBuf == NULL)
ret = MEMORY_E;
else
dynamic = 1;
#endif
}
if (ret == 0) {
if ((size_t)XFREAD(fileBuf, 1, sz, file) != (size_t)sz) {
ret = BUFFER_E;
}
#ifdef WOLFSSL_PEM_TO_DER
else {
ret = PemToDer(fileBuf, sz, PUBLICKEY_TYPE, &converted,
ret = PemToDer(fileBuf, sz, PUBLICKEY_TYPE, der,
0, NULL, NULL);
}
#endif
if (ret == 0) {
if (converted->length < (word32)derSz) {
XMEMCPY(derBuf, converted->buffer, converted->length);
ret = converted->length;
}
else
ret = BUFFER_E;
}
FreeDer(&converted);
}
XFCLOSE(file);
if (dynamic)
if (dynamic) {
XFREE(fileBuf, NULL, DYNAMIC_TYPE_FILE);
}
}
return ret;
}
/* load pem public key from file into der buffer, return der size or error */
int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz)
{
int ret;
DerBuffer* converted = NULL;
ret = wc_PemPubKeyToDer_ex(fileName, &converted);
if (ret == 0) {
if (converted->length < (word32)derSz) {
XMEMCPY(derBuf, converted->buffer, converted->length);
ret = converted->length;
}
else
ret = BUFFER_E;
FreeDer(&converted);
}
return ret;
}
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#endif /* !NO_FILESYSTEM */
#endif /* !NO_FILESYSTEM && WOLFSSL_PEM_TO_DER */
#if !defined(NO_RSA) && (defined(WOLFSSL_CERT_GEN) || \
@@ -25032,28 +25044,18 @@ int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz)
int wc_SetAuthKeyId(Cert *cert, const char* file)
{
int ret;
int derSz;
byte* der;
DerBuffer* der = NULL;
if (cert == NULL || file == NULL)
return BAD_FUNC_ARG;
der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
if (der == NULL) {
WOLFSSL_MSG("wc_SetAuthKeyId OOF Problem");
return MEMORY_E;
}
derSz = wc_PemCertToDer(file, der, EIGHTK_BUF);
if (derSz <= 0)
ret = wc_PemCertToDer_ex(file, &der);
if (ret == 0)
{
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
return derSz;
ret = wc_SetAuthKeyIdFromCert(cert, der->buffer, der->length);
FreeDer(&der);
}
ret = wc_SetAuthKeyIdFromCert(cert, der, derSz);
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
return ret;
}
@@ -25430,22 +25432,18 @@ static int SetNameFromCert(CertName* cn, const byte* der, int derSz)
int wc_SetIssuer(Cert* cert, const char* issuerFile)
{
int ret;
int derSz;
byte* der;
DerBuffer* der = NULL;
if (cert == NULL) {
if (cert == NULL || issuerFile == NULL)
return BAD_FUNC_ARG;
}
der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
if (der == NULL) {
WOLFSSL_MSG("wc_SetIssuer OOF Problem");
return MEMORY_E;
ret = wc_PemCertToDer_ex(issuerFile, &der);
if (ret == 0) {
cert->selfSigned = 0;
ret = SetNameFromCert(&cert->issuer, der->buffer, der->length);
FreeDer(&der);
}
derSz = wc_PemCertToDer(issuerFile, der, EIGHTK_BUF);
cert->selfSigned = 0;
ret = SetNameFromCert(&cert->issuer, der, derSz);
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
return ret;
}
@@ -25455,22 +25453,17 @@ int wc_SetIssuer(Cert* cert, const char* issuerFile)
int wc_SetSubject(Cert* cert, const char* subjectFile)
{
int ret;
int derSz;
byte* der;
DerBuffer* der = NULL;
if (cert == NULL) {
if (cert == NULL || subjectFile == NULL)
return BAD_FUNC_ARG;
}
der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
if (der == NULL) {
WOLFSSL_MSG("wc_SetSubject OOF Problem");
return MEMORY_E;
}
ret = wc_PemCertToDer_ex(subjectFile, &der);
if (ret == 0) {
ret = SetNameFromCert(&cert->subject, der->buffer, der->length);
derSz = wc_PemCertToDer(subjectFile, der, EIGHTK_BUF);
ret = SetNameFromCert(&cert->subject, der, derSz);
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
FreeDer(&der);
}
return ret;
}
@@ -25481,21 +25474,18 @@ int wc_SetSubject(Cert* cert, const char* subjectFile)
int wc_SetAltNames(Cert* cert, const char* file)
{
int ret;
int derSz;
byte* der;
DerBuffer* der = NULL;
if (cert == NULL) {
return BAD_FUNC_ARG;
}
der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
if (der == NULL) {
WOLFSSL_MSG("wc_SetAltNames OOF Problem");
return MEMORY_E;
ret = wc_PemCertToDer_ex(file, &der);
if (ret == 0) {
ret = SetAltNamesFromCert(cert, der->buffer, der->length);
FreeDer(&der);
}
derSz = wc_PemCertToDer(file, der, EIGHTK_BUF);
ret = SetAltNamesFromCert(cert, der, derSz);
XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
return ret;
}
+1
View File
@@ -26,6 +26,7 @@
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#ifndef NO_KDF
+14 -11
View File
@@ -2731,19 +2731,11 @@ typedef struct {
#ifdef HAVE_CURVE25519
DerBuffer* x25519Key;
#endif
/* bits */
#ifndef NO_DH
byte weOwnDH:1;
#endif
#ifdef HAVE_ECC
byte weOwnEC:1;
#endif
#ifdef HAVE_CURVE25519
byte weOwnX25519:1;
#ifdef HAVE_CURVE448
DerBuffer* x448Key;
#endif
} StaticKeyExchangeInfo_t;
#endif
#endif /* WOLFSSL_STATIC_EPHEMERAL */
/* wolfSSL context type */
@@ -2846,6 +2838,10 @@ struct WOLFSSL_CTX {
#ifdef WOLFSSL_STATIC_MEMORY
byte onHeapHint:1; /* whether the ctx/method is put on heap hint */
#endif
#if defined(WOLFSSL_STATIC_EPHEMERAL) && !defined(SINGLE_THREADED)
byte staticKELockInit:1;
#endif
#ifdef WOLFSSL_MULTICAST
byte haveMcast; /* multicast requested */
byte mcastID; /* multicast group ID */
@@ -3074,6 +3070,9 @@ struct WOLFSSL_CTX {
#endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
#ifdef WOLFSSL_STATIC_EPHEMERAL
StaticKeyExchangeInfo_t staticKE;
#ifndef SINGLE_THREADED
wolfSSL_Mutex staticKELock;
#endif
#endif
};
@@ -5029,6 +5028,10 @@ WOLFSSL_LOCAL int oid2nid(word32 oid, int grp);
WOLFSSL_LOCAL word32 nid2oid(int nid, int grp);
#endif
#ifdef WOLFSSL_STATIC_EPHEMERAL
WOLFSSL_LOCAL int wolfSSL_StaticEphemeralKeyLoad(WOLFSSL* ssl, int keyAlgo, void* keyPtr);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif
-1
View File
@@ -894,7 +894,6 @@ enum Misc_ASN {
OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */
EIGHTK_BUF = 8192, /* Tmp buffer size */
MAX_PUBLIC_KEY_SZ = MAX_DSA_PUBKEY_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2,
#ifdef WOLFSSL_ENCRYPTED_KEYS
HEADER_ENCRYPTED_KEY_SIZE = 88,/* Extra header size for encrypted key */
+4 -2
View File
@@ -535,9 +535,10 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#endif /* WOLFSSL_PEM_TO_DER */
#if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_PEM_TO_DER)
WOLFSSL_API int wc_PemPubKeyToDer(const char* fileName,
unsigned char* derBuf, int derSz);
WOLFSSL_API int wc_PemPubKeyToDer_ex(const char* fileName, DerBuffer** der);
#endif
WOLFSSL_API int wc_PubKeyPemToDer(const unsigned char*, int,
@@ -545,9 +546,10 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
#ifdef WOLFSSL_CERT_GEN
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_PEM_TO_DER)
WOLFSSL_API int wc_PemCertToDer(const char* fileName,
unsigned char* derBuf, int derSz);
WOLFSSL_API int wc_PemCertToDer_ex(const char* fileName, DerBuffer** der);
#endif
#endif /* WOLFSSL_CERT_GEN */