mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-07-31 11:17:29 +02:00
changes after initial review
This commit is contained in:
Jacob Barthelmeh
@ -139,7 +139,7 @@ int main(int argc, char** argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Create and initialize WOLFSSL_CTX */
|
/* Create and initialize WOLFSSL_CTX */
|
||||||
if ((ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())) == NULL) {
|
if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
|
||||||
fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
|
fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
|
||||||
ret = -1;
|
ret = -1;
|
||||||
goto socket_cleanup;
|
goto socket_cleanup;
|
||||||
@ -190,6 +190,11 @@ int main(int argc, char** argv)
|
|||||||
pemSz = ftell(f);
|
pemSz = ftell(f);
|
||||||
rewind(f);
|
rewind(f);
|
||||||
pem = malloc(pemSz);
|
pem = malloc(pemSz);
|
||||||
|
if (pem == NULL) {
|
||||||
|
fclose(f);
|
||||||
|
ret = -1;
|
||||||
|
goto socket_cleanup;
|
||||||
|
}
|
||||||
pemSz = fread(pem, 1, pemSz, f);
|
pemSz = fread(pem, 1, pemSz, f);
|
||||||
fclose(f);
|
fclose(f);
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
#include <sys/iofunc.h>
|
#include <sys/iofunc.h>
|
||||||
#include <sys/neutrino.h>
|
#include <sys/neutrino.h>
|
||||||
|
|
||||||
const byte k256[] =
|
static const byte k256[] =
|
||||||
{
|
{
|
||||||
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
|
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
|
||||||
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
|
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
|
||||||
|
|||||||
@ -36,6 +36,7 @@
|
|||||||
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h> /* functions for blob/cover*/
|
#include <wolfssl/wolfcrypt/port/caam/wolfcaam.h> /* functions for blob/cover*/
|
||||||
|
|
||||||
#define DEFAULT_PORT 11111
|
#define DEFAULT_PORT 11111
|
||||||
|
#define ECC_KEY_SIZE 32
|
||||||
|
|
||||||
#undef USE_CERT_BUFFERS_256
|
#undef USE_CERT_BUFFERS_256
|
||||||
#define USE_CERT_BUFFERS_256
|
#define USE_CERT_BUFFERS_256
|
||||||
@ -49,8 +50,8 @@ static int test_blob(byte* key, int keySz)
|
|||||||
int outSz;
|
int outSz;
|
||||||
int keyOutSz;
|
int keyOutSz;
|
||||||
|
|
||||||
byte keymod[16];
|
byte keymod[WC_CAAM_BLACK_KEYMOD_SZ];
|
||||||
int keymodSz = 16;
|
int keymodSz = WC_CAAM_BLACK_KEYMOD_SZ;
|
||||||
|
|
||||||
/* using a key mod of all 1's */
|
/* using a key mod of all 1's */
|
||||||
XMEMSET(keymod, 1, keymodSz);
|
XMEMSET(keymod, 1, keymodSz);
|
||||||
@ -94,16 +95,15 @@ int cover(ecc_key* keyOut, const byte* der, word32 derSz)
|
|||||||
word32 idx = 0;
|
word32 idx = 0;
|
||||||
|
|
||||||
/* format bit plus public key x and y parameter */
|
/* format bit plus public key x and y parameter */
|
||||||
byte x963[65];
|
byte x963[(ECC_KEY_SIZE*2) + 1];
|
||||||
word32 x963Sz = 65;
|
word32 x963Sz = (ECC_KEY_SIZE*2) + 1;
|
||||||
|
|
||||||
/* uncovered private key */
|
/* uncovered private key */
|
||||||
byte d[32];
|
byte d[ECC_KEY_SIZE];
|
||||||
word32 dSz = 32;
|
word32 dSz = ECC_KEY_SIZE;
|
||||||
|
|
||||||
byte blackKey[48]; /* 16 bytes larger than key size to account for MAC and
|
byte blackKey[ECC_KEY_SIZE + WC_CAAM_MAC_SZ];
|
||||||
* potential padding */
|
word32 blackKeySz = ECC_KEY_SIZE + WC_CAAM_MAC_SZ;
|
||||||
word32 blackKeySz = 48;
|
|
||||||
|
|
||||||
|
|
||||||
/* The DER buffer for test case does not contain a black key, here we will
|
/* The DER buffer for test case does not contain a black key, here we will
|
||||||
@ -151,7 +151,7 @@ int cover(ecc_key* keyOut, const byte* der, word32 derSz)
|
|||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (test_blob(blackKey, blackKeySz - 16) != 0) {/*-16 byte for MAC padding*/
|
if (test_blob(blackKey, blackKeySz - WC_CAAM_MAC_SZ) != 0) {
|
||||||
printf("test blob failed\n");
|
printf("test blob failed\n");
|
||||||
ret = -1;
|
ret = -1;
|
||||||
goto done;
|
goto done;
|
||||||
@ -191,7 +191,7 @@ static int TLS_ECC_Sign_callback(WOLFSSL* ssl, const unsigned char* in,
|
|||||||
printf("Using ECC sign callback\n");
|
printf("Using ECC sign callback\n");
|
||||||
|
|
||||||
if (ctx == NULL) {
|
if (ctx == NULL) {
|
||||||
printf("Was expecting a black key passed along with WOLFSSH\n");
|
printf("Was expecting a black key passed along with WOLFSSL\n");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
blackKey = (ecc_key*)ctx;
|
blackKey = (ecc_key*)ctx;
|
||||||
|
|||||||
@ -79,29 +79,30 @@ static void ShiftAndXorRb(byte* out, byte* in)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int wc_InitCmac(Cmac* cmac, const byte* key, word32 keySz,
|
|
||||||
int type, void* unused)
|
/* returns 0 on success */
|
||||||
|
int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
|
||||||
|
int type, void* unused, void* heap, int devId)
|
||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
(void)unused;
|
(void)unused;
|
||||||
|
(void)heap;
|
||||||
|
|
||||||
if (cmac == NULL || keySz == 0 || type != WC_CMAC_AES)
|
if (cmac == NULL || keySz == 0 || type != WC_CMAC_AES)
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
|
|
||||||
XMEMSET(cmac, 0, sizeof(Cmac));
|
XMEMSET(cmac, 0, sizeof(Cmac));
|
||||||
|
|
||||||
#ifdef WOLFSSL_QNX_CAAM
|
|
||||||
cmac->devId = WOLFSSL_CAAM_DEVID;
|
|
||||||
#endif
|
|
||||||
#ifdef WOLF_CRYPTO_CB
|
#ifdef WOLF_CRYPTO_CB
|
||||||
if (cmac->devId != INVALID_DEVID) {
|
if (devId != INVALID_DEVID) {
|
||||||
ret = wc_CryptoCb_Cmac(cmac, key, keySz, NULL, 0, NULL, NULL,
|
cmac->devId = devId;
|
||||||
type, unused);
|
ret = wc_CryptoCb_Cmac(cmac, key, keySz, NULL, 0, NULL, NULL,
|
||||||
if (ret != CRYPTOCB_UNAVAILABLE)
|
type, unused);
|
||||||
return ret;
|
if (ret != CRYPTOCB_UNAVAILABLE)
|
||||||
/* fall-through when unavailable */
|
return ret;
|
||||||
}
|
/* fall-through when unavailable */
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (key == NULL)
|
if (key == NULL)
|
||||||
@ -121,24 +122,37 @@ int wc_InitCmac(Cmac* cmac, const byte* key, word32 keySz,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int wc_InitCmac(Cmac* cmac, const byte* key, word32 keySz,
|
||||||
|
int type, void* unused)
|
||||||
|
{
|
||||||
|
#ifdef WOLFSSL_QNX_CAAM
|
||||||
|
return wc_InitCmac_ex(cmac, key, keySz, type, unused, NULL,
|
||||||
|
WOLFSSL_CAAM_DEVID);
|
||||||
|
#else
|
||||||
|
return wc_InitCmac_ex(cmac, key, keySz, type, unused, NULL, INVALID_DEVID);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
|
int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
|
||||||
{
|
{
|
||||||
#ifdef WOLF_CRYPTO_CB
|
#ifdef WOLF_CRYPTO_CB
|
||||||
int ret;
|
int ret;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if ((cmac == NULL) || (in == NULL && inSz != 0))
|
if ((cmac == NULL) || (in == NULL && inSz != 0))
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
|
|
||||||
#ifdef WOLF_CRYPTO_CB
|
#ifdef WOLF_CRYPTO_CB
|
||||||
if (cmac->devId != INVALID_DEVID) {
|
if (cmac->devId != INVALID_DEVID) {
|
||||||
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz,
|
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, in, inSz,
|
||||||
NULL, NULL, 0, NULL);
|
NULL, NULL, 0, NULL);
|
||||||
if (ret != CRYPTOCB_UNAVAILABLE)
|
if (ret != CRYPTOCB_UNAVAILABLE)
|
||||||
return ret;
|
return ret;
|
||||||
/* fall-through when unavailable */
|
/* fall-through when unavailable */
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
while (inSz != 0) {
|
while (inSz != 0) {
|
||||||
word32 add = min(inSz, AES_BLOCK_SIZE - cmac->bufferSz);
|
word32 add = min(inSz, AES_BLOCK_SIZE - cmac->bufferSz);
|
||||||
XMEMCPY(&cmac->buffer[cmac->bufferSz], in, add);
|
XMEMCPY(&cmac->buffer[cmac->bufferSz], in, add);
|
||||||
@ -164,9 +178,9 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
|
|||||||
|
|
||||||
int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
|
int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
|
||||||
{
|
{
|
||||||
#ifdef WOLF_CRYPTO_CB
|
#ifdef WOLF_CRYPTO_CB
|
||||||
int ret;
|
int ret;
|
||||||
#endif
|
#endif
|
||||||
const byte* subKey;
|
const byte* subKey;
|
||||||
|
|
||||||
if (cmac == NULL || out == NULL || outSz == NULL)
|
if (cmac == NULL || out == NULL || outSz == NULL)
|
||||||
@ -175,14 +189,14 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
|
|||||||
if (*outSz < WC_CMAC_TAG_MIN_SZ || *outSz > WC_CMAC_TAG_MAX_SZ)
|
if (*outSz < WC_CMAC_TAG_MIN_SZ || *outSz > WC_CMAC_TAG_MAX_SZ)
|
||||||
return BUFFER_E;
|
return BUFFER_E;
|
||||||
|
|
||||||
#ifdef WOLF_CRYPTO_CB
|
#ifdef WOLF_CRYPTO_CB
|
||||||
if (cmac->devId != INVALID_DEVID) {
|
if (cmac->devId != INVALID_DEVID) {
|
||||||
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, 0, NULL);
|
ret = wc_CryptoCb_Cmac(cmac, NULL, 0, NULL, 0, out, outSz, 0, NULL);
|
||||||
if (ret != CRYPTOCB_UNAVAILABLE)
|
if (ret != CRYPTOCB_UNAVAILABLE)
|
||||||
return ret;
|
return ret;
|
||||||
/* fall-through when unavailable */
|
/* fall-through when unavailable */
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (cmac->bufferSz == AES_BLOCK_SIZE) {
|
if (cmac->bufferSz == AES_BLOCK_SIZE) {
|
||||||
subKey = cmac->k1;
|
subKey = cmac->k1;
|
||||||
|
|||||||
@ -77,6 +77,12 @@ WOLFSSL_API
|
|||||||
int wc_InitCmac(Cmac* cmac,
|
int wc_InitCmac(Cmac* cmac,
|
||||||
const byte* key, word32 keySz,
|
const byte* key, word32 keySz,
|
||||||
int type, void* unused);
|
int type, void* unused);
|
||||||
|
|
||||||
|
WOLFSSL_API
|
||||||
|
int wc_InitCmac_ex(Cmac* cmac,
|
||||||
|
const byte* key, word32 keySz,
|
||||||
|
int type, void* unused, void* heap, int devId);
|
||||||
|
|
||||||
WOLFSSL_API
|
WOLFSSL_API
|
||||||
int wc_CmacUpdate(Cmac* cmac,
|
int wc_CmacUpdate(Cmac* cmac,
|
||||||
const byte* in, word32 inSz);
|
const byte* in, word32 inSz);
|
||||||
|
|||||||
Reference in New Issue
Block a user