mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 00:00:49 +02:00
Fix issues with newly added check when using fast/integer math.
Simplify logic by using single macro for ECC & RSA.
This commit is contained in:
+12
-20
@@ -327,14 +327,6 @@ ECC Curve Sizes:
|
||||
#define MAX_ECC_BITS_USE MAX_ECC_BITS_NEEDED
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
|
||||
#define ECC_DECL_MP_OVER_MAX(bits) \
|
||||
(MP_BITS_CNT(bits) > MP_BITS_CNT(MAX_ECC_BITS_USE))
|
||||
#else
|
||||
#define ECC_DECL_MP_OVER_MAX(bits) \
|
||||
((bits) > MAX_ECC_BITS_USE)
|
||||
#endif
|
||||
|
||||
#if !defined(WOLFSSL_CUSTOM_CURVES) && (ECC_MIN_KEY_SZ > 160) && \
|
||||
(!defined(HAVE_ECC_KOBLITZ) || (ECC_MIN_KEY_SZ > 224))
|
||||
|
||||
@@ -2020,7 +2012,7 @@ static int _ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R,
|
||||
mp_int *x, *y, *z;
|
||||
int err;
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(mp_bitsused(modulus))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(modulus), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -2424,7 +2416,7 @@ static int _ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* a,
|
||||
mp_int *x, *y, *z;
|
||||
int err;
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(mp_bitsused(modulus))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(modulus), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -2778,7 +2770,7 @@ int ecc_map_ex(ecc_point* P, mp_int* modulus, mp_digit mp, int ct)
|
||||
#endif
|
||||
mp_int *x, *y, *z;
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(mp_bitsused(modulus))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(modulus), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -3603,7 +3595,7 @@ static int ecc_point_to_mont(ecc_point* p, ecc_point* r, mp_int* modulus,
|
||||
|
||||
DECL_MP_INT_SIZE_DYN(mu, mp_bitsused(modulus), MAX_ECC_BITS_USE);
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(mp_bitsused(modulus))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(modulus), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -3911,8 +3903,8 @@ static int ecc_check_order_minus_1(const mp_int* k, ecc_point* tG, ecc_point* R,
|
||||
int err;
|
||||
DECL_MP_INT_SIZE_DYN(t, mp_bitsused(order), MAX_ECC_BITS_USE);
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(mp_bitsused(order)) ||
|
||||
ECC_DECL_MP_OVER_MAX(mp_bitsused(modulus))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(order), MAX_ECC_BITS_USE) ||
|
||||
MP_BITS_OVER_MAX(mp_bitsused(modulus), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -6866,7 +6858,7 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
|
||||
word32 keySz;
|
||||
#endif
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(ECC_KEY_MAX_BITS(key))) {
|
||||
if (MP_BITS_OVER_MAX(ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -7071,7 +7063,7 @@ static int ecc_sign_hash_sw(ecc_key* key, ecc_key* pubkey, WC_RNG* rng,
|
||||
|
||||
DECL_MP_INT_SIZE_DYN(b, ECC_KEY_MAX_BITS_NONULLCHECK(key), MAX_ECC_BITS_USE);
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(ECC_KEY_MAX_BITS_NONULLCHECK(key))) {
|
||||
if (MP_BITS_OVER_MAX(ECC_KEY_MAX_BITS_NONULLCHECK(key), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -7402,7 +7394,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
|
||||
#else
|
||||
DECLARE_CURVE_SPECS(1);
|
||||
#endif
|
||||
if (ECC_DECL_MP_OVER_MAX(ECC_KEY_MAX_BITS(key))) {
|
||||
if (MP_BITS_OVER_MAX(ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
#endif /* !WOLFSSL_SP_MATH */
|
||||
@@ -8325,7 +8317,7 @@ static int ecc_mont_norm_points(ecc_point* A, ecc_point* Am, ecc_point* B,
|
||||
|
||||
DECL_MP_INT_SIZE_DYN(mu, mp_bitsused(modulus), MAX_ECC_BITS_USE);
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(mp_bitsused(modulus))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(modulus), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -8715,7 +8707,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
|
||||
word32 keySz;
|
||||
#endif
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(ECC_KEY_MAX_BITS(key))) {
|
||||
if (MP_BITS_OVER_MAX(ECC_KEY_MAX_BITS(key), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -9103,7 +9095,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash,
|
||||
mp_int* u1 = NULL; /* Will be e. */
|
||||
mp_int* u2 = NULL; /* Will be w. */
|
||||
|
||||
if (ECC_DECL_MP_OVER_MAX(ECC_KEY_MAX_BITS_NONULLCHECK(key))) {
|
||||
if (MP_BITS_OVER_MAX(ECC_KEY_MAX_BITS_NONULLCHECK(key), MAX_ECC_BITS_USE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
|
||||
+4
-12
@@ -44,14 +44,6 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
|
||||
#include <wolfssl/wolfcrypt/rsa.h>
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
|
||||
#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
|
||||
#define RSA_DECL_MP_OVER_MAX(bits) \
|
||||
(MP_BITS_CNT(bits) > MP_BITS_CNT(RSA_MAX_SIZE))
|
||||
#else
|
||||
#define RSA_DECL_MP_OVER_MAX(bits) \
|
||||
((bits) > RSA_MAX_SIZE)
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AFALG_XILINX_RSA
|
||||
#include <wolfssl/wolfcrypt/port/af_alg/wc_afalg.h>
|
||||
#endif
|
||||
@@ -847,7 +839,7 @@ int wc_CheckRsaKey(RsaKey* key)
|
||||
}
|
||||
#endif
|
||||
|
||||
if (RSA_DECL_MP_OVER_MAX(mp_bitsused(&key->n))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(&key->n), RSA_MAX_SIZE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -2887,7 +2879,7 @@ static int RsaFunctionPrivate(mp_int* tmp, RsaKey* key, WC_RNG* rng)
|
||||
DECL_MP_INT_SIZE_DYN(rndi, mp_bitsused(&key->n), RSA_MAX_SIZE);
|
||||
#endif /* WC_RSA_BLINDING && !WC_NO_RNG */
|
||||
|
||||
if (RSA_DECL_MP_OVER_MAX(mp_bitsused(&key->n))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(&key->n), RSA_MAX_SIZE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -3070,7 +3062,7 @@ static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
|
||||
DECL_MP_INT_SIZE_DYN(tmp, mp_bitsused(&key->n), RSA_MAX_SIZE);
|
||||
int ret = 0;
|
||||
|
||||
if (RSA_DECL_MP_OVER_MAX(mp_bitsused(&key->n))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(&key->n), RSA_MAX_SIZE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
@@ -3504,7 +3496,7 @@ int RsaFunctionCheckIn(const byte* in, word32 inLen, RsaKey* key,
|
||||
|
||||
DECL_MP_INT_SIZE_DYN(c, mp_bitsused(&key->n), RSA_MAX_SIZE);
|
||||
|
||||
if (RSA_DECL_MP_OVER_MAX(mp_bitsused(&key->n))) {
|
||||
if (MP_BITS_OVER_MAX(mp_bitsused(&key->n), RSA_MAX_SIZE)) {
|
||||
return WC_KEY_SIZE_E;
|
||||
}
|
||||
|
||||
|
||||
@@ -213,6 +213,10 @@ typedef int mp_err;
|
||||
/* Type to cast to when using size marcos. */
|
||||
#define MP_INT_SIZE mp_int
|
||||
|
||||
/* integer.h allocates full-sized mp_int buffers, so DECL_MP_INT_SIZE_DYN
|
||||
* cannot be undersized for any 'bits' value -- no check is needed. */
|
||||
#define MP_BITS_OVER_MAX(bits, max) 0
|
||||
|
||||
#ifdef HAVE_WOLF_BIGINT
|
||||
/* raw big integer */
|
||||
typedef struct WC_BIGINT {
|
||||
|
||||
@@ -838,6 +838,17 @@ typedef struct sp_dh_ctx {
|
||||
#define MP_BITS_CNT(bits) \
|
||||
((unsigned int)(((((bits) + SP_WORD_SIZE - 1) / SP_WORD_SIZE) * 2 + 1)))
|
||||
|
||||
/* True when 'bits' would require more digit storage than 'max'.
|
||||
*
|
||||
* Pairs with DECL_MP_INT_SIZE_DYN(name, bits, max) to guard against the
|
||||
* static buffer (sized for 'max' digits) being undersized for 'bits' when
|
||||
* the caller's 'bits' value can carry digit/byte alignment slack
|
||||
* (e.g. mp_bitsused() returns used*SP_WORD_SIZE; dp->size*8 rounds up to a
|
||||
* full byte). Compare digit-rounded counts so curves like P-521 (521 bits,
|
||||
* 17 32-bit digits) are not falsely rejected when max == 521. */
|
||||
#define MP_BITS_OVER_MAX(bits, max) \
|
||||
(MP_BITS_CNT(bits) > MP_BITS_CNT(max))
|
||||
|
||||
#if !defined(WOLFSSL_SP_NO_DYN_STACK) && defined(__STDC_VERSION__) && \
|
||||
(__STDC_VERSION__ >= 199901L) && \
|
||||
(defined(WOLFSSL_SP_NO_MALLOC) || \
|
||||
|
||||
@@ -371,6 +371,10 @@ while (0)
|
||||
/* Type to cast to when using size macros. */
|
||||
#define MP_INT_SIZE mp_int
|
||||
|
||||
/* tfm.h allocates full-sized mp_int buffers, so DECL_MP_INT_SIZE_DYN cannot
|
||||
* be undersized for any 'bits' value -- no check is needed. */
|
||||
#define MP_BITS_OVER_MAX(bits, max) 0
|
||||
|
||||
|
||||
#ifdef HAVE_WOLF_BIGINT
|
||||
/* raw big integer */
|
||||
|
||||
Reference in New Issue
Block a user