wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

make -DNO_ED448_KEY_{IMPORT,EXPORT} buildable

Browse Source
This commit is contained in:
Daniel Pouzzner
2021-07-16 18:21:30 -05:00
parent 785a8f83ed
commit ac92204c15
7 changed files with 71 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/internal.c
View File

@ -5057,6 +5057,10 @@ static int X25519MakeKey(WOLFSSL* ssl, curve25519_key* key,
*/
int Ed448CheckPubKey(WOLFSSL* ssl)
{
#ifndef HAVE_ED448_KEY_IMPORT
(void)ssl;
return NOT_COMPILED_IN;
#else /* HAVE_ED448_KEY_IMPORT */
ed448_key* key = (ed448_key*)ssl->hsKey;
int ret = 0;
@ -5083,6 +5087,7 @@ int Ed448CheckPubKey(WOLFSSL* ssl)
}
return ret;
#endif /* HAVE_ED448_KEY_IMPORT */
}
/* Sign the data using EdDSA and key using Ed448.
@ -12680,7 +12685,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
break;
}
#endif /* HAVE_ED25519 */
#ifdef HAVE_ED448
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
case ED448k:
{
int keyRet = 0;
@ -12732,7 +12737,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
ssl->ecdhCurveOID = ECC_X448_OID;
break;
}
#endif /* HAVE_ED448 */
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
default:
break;
}
@ -21757,7 +21762,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
}
}
#endif /* HAVE_ED25519 */
#ifdef HAVE_ED448
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
#if !defined(NO_RSA) || defined(HAVE_ECC)
FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey);
#endif
@ -21800,7 +21805,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
goto exit_dpk;
}
}
#endif /* HAVE_ED448 */
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
(void)idx;
(void)keySz;

29
src/ssl.c
View File

@ -5379,7 +5379,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
#endif
}
#endif /* HAVE_ED25519 */
#ifdef HAVE_ED448
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
if (ret == 0 && (*keyFormat == 0 || *keyFormat == ED448k)) {
/* make sure Ed448 key can be used */
#ifdef WOLFSSL_SMALL_STACK
@ -5435,7 +5435,7 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl, DerBuffer* der
XFREE(key, heap, DYNAMIC_TYPE_ED448);
#endif
}
#endif /* HAVE_ED448 */
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT */
return ret;
}
@ -47476,7 +47476,14 @@ int wolfSSL_ED448_generate_key(unsigned char *priv, unsigned int *privSz,
(void) pub;
(void) pubSz;
return WOLFSSL_FAILURE;
#else /* WOLFSSL_KEY_GEN */
#elif !defined(HAVE_ED448_KEY_EXPORT)
WOLFSSL_MSG("No ED448 key export built in");
(void) priv;
(void) privSz;
(void) pub;
(void) pubSz;
return WOLFSSL_FAILURE;
#else /* WOLFSSL_KEY_GEN && HAVE_ED448_KEY_EXPORT */
int ret = WOLFSSL_FAILURE;
int initTmpRng = 0;
WC_RNG *rng = NULL;
@ -47535,7 +47542,7 @@ int wolfSSL_ED448_generate_key(unsigned char *priv, unsigned int *privSz,
#endif
return ret;
#endif /* WOLFSSL_KEY_GEN */
#endif /* WOLFSSL_KEY_GEN && HAVE_ED448_KEY_EXPORT */
}
/* return 1 if success, 0 if error
@ -47546,11 +47553,13 @@ int wolfSSL_ED448_sign(const unsigned char *msg, unsigned int msgSz,
const unsigned char *priv, unsigned int privSz,
unsigned char *sig, unsigned int *sigSz)
{
#if !defined(HAVE_ED448_SIGN) || !defined(WOLFSSL_KEY_GEN)
#if !defined(HAVE_ED448_SIGN) || !defined(WOLFSSL_KEY_GEN) || !defined(HAVE_ED448_KEY_IMPORT)
#if !defined(HAVE_ED448_SIGN)
WOLFSSL_MSG("No ED448 sign built in");
#elif !defined(WOLFSSL_KEY_GEN)
WOLFSSL_MSG("No Key Gen built in");
#elif !defined(HAVE_ED448_KEY_IMPORT)
WOLFSSL_MSG("No ED448 Key import built in");
#endif
(void) msg;
(void) msgSz;
@ -47559,7 +47568,7 @@ int wolfSSL_ED448_sign(const unsigned char *msg, unsigned int msgSz,
(void) sig;
(void) sigSz;
return WOLFSSL_FAILURE;
#else /* HAVE_ED448_SIGN && WOLFSSL_KEY_GEN */
#else /* HAVE_ED448_SIGN && WOLFSSL_KEY_GEN && HAVE_ED448_KEY_IMPORT */
ed448_key key;
int ret = WOLFSSL_FAILURE;
@ -47591,7 +47600,7 @@ int wolfSSL_ED448_sign(const unsigned char *msg, unsigned int msgSz,
wc_ed448_free(&key);
return ret;
#endif /* HAVE_ED448_SIGN && WOLFSSL_KEY_GEN */
#endif /* HAVE_ED448_SIGN && WOLFSSL_KEY_GEN && HAVE_ED448_KEY_IMPORT */
}
/* return 1 if success, 0 if error
@ -47602,11 +47611,13 @@ int wolfSSL_ED448_verify(const unsigned char *msg, unsigned int msgSz,
const unsigned char *pub, unsigned int pubSz,
const unsigned char *sig, unsigned int sigSz)
{
#if !defined(HAVE_ED448_VERIFY) || !defined(WOLFSSL_KEY_GEN)
#if !defined(HAVE_ED448_VERIFY) || !defined(WOLFSSL_KEY_GEN) || !defined(HAVE_ED448_KEY_IMPORT)
#if !defined(HAVE_ED448_VERIFY)
WOLFSSL_MSG("No ED448 verify built in");
#elif !defined(WOLFSSL_KEY_GEN)
WOLFSSL_MSG("No Key Gen built in");
#elif !defined(HAVE_ED448_KEY_IMPORT)
WOLFSSL_MSG("No ED448 Key import built in");
#endif
(void) msg;
(void) msgSz;
@ -47615,7 +47626,7 @@ int wolfSSL_ED448_verify(const unsigned char *msg, unsigned int msgSz,
(void) sig;
(void) sigSz;
return WOLFSSL_FAILURE;
#else /* HAVE_ED448_VERIFY && WOLFSSL_KEY_GEN */
#else /* HAVE_ED448_VERIFY && WOLFSSL_KEY_GEN && HAVE_ED448_KEY_IMPORT */
ed448_key key;
int ret = WOLFSSL_FAILURE, check = 0;

14
tests/api.c
View File

@ -20735,8 +20735,10 @@ static int test_wc_ed448_import_private_key (void)
"Ed448PublicKeyUnitTest.................................\n";
word32 privKeySz = sizeof(privKey);
word32 pubKeySz = sizeof(pubKey);
#ifdef HAVE_ED448_KEY_EXPORT
byte bothKeys[sizeof(privKey) + sizeof(pubKey)];
word32 bothKeysSz = sizeof(bothKeys);
#endif
ret = wc_InitRng(&rng);
if (ret != 0) {
@ -21106,8 +21108,8 @@ static int test_wc_Ed448PublicKeyToDer (void)
{
int ret = 0;
#if defined(HAVE_ED448) && (defined(WOLFSSL_CERT_GEN) || \
defined(WOLFSSL_KEY_GEN))
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
int tmp;
ed448_key key;
byte derBuf[1024];
@ -24177,8 +24179,8 @@ static int test_wc_Ed25519PrivateKeyToDer (void)
static int test_wc_Ed448KeyToDer (void)
{
int ret = 0;
#if defined(HAVE_ED448) && (defined(WOLFSSL_CERT_GEN) || \
defined(WOLFSSL_KEY_GEN))
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
byte output[ONEK_BUF];
ed448_key ed448Key;
@ -24242,8 +24244,8 @@ static int test_wc_Ed448KeyToDer (void)
static int test_wc_Ed448PrivateKeyToDer (void)
{
int ret = 0;
#if defined(HAVE_ED448) && (defined(WOLFSSL_CERT_GEN) || \
defined(WOLFSSL_KEY_GEN))
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
byte output[ONEK_BUF];
ed448_key ed448PrivKey;

27
wolfcrypt/src/asn.c
View File

@ -3298,7 +3298,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
else
#endif /* HAVE_ED25519 && !NO_ASN_CRYPT */
#if defined(HAVE_ED448) && !defined(NO_ASN_CRYPT)
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT) && !defined(NO_ASN_CRYPT)
if (ks == ED448k) {
#ifdef WOLFSSL_SMALL_STACK
ed448_key* key_pair = NULL;
@ -3556,7 +3556,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
XFREE(ed25519, heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* HAVE_ED25519 && !NO_ASN_CRYPT */
#if defined(HAVE_ED448) && !defined(NO_ASN_CRYPT)
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT) && !defined(NO_ASN_CRYPT)
if (*algoID != RSAk && *algoID != ECDSAk && *algoID != ED25519k) {
ed448_key *ed448 = (ed448_key *)XMALLOC(sizeof *ed448, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (ed448 == NULL)
@ -3577,7 +3577,7 @@ int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
}
XFREE(ed448, heap, DYNAMIC_TYPE_TMP_BUFFER);
}
#endif /* HAVE_ED448 && !NO_ASN_CRYPT */
#endif /* HAVE_ED448 && HAVE_ED448_KEY_IMPORT && !NO_ASN_CRYPT */
/* if flag is not set then is neither RSA or ECC key that could be
* found */
@ -7786,7 +7786,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
break;
}
#endif
#ifdef HAVE_ED448
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
case ED448k:
{
sigCtx->verify = 0;
@ -12711,8 +12711,8 @@ int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output, word32 inLen,
return SetEd25519PublicKey(output, key, withAlg);
}
#endif /* HAVE_ED25519 && (WOLFSSL_CERT_GEN || WOLFSSL_KEY_GEN) */
#if defined(HAVE_ED448) && (defined(WOLFSSL_CERT_GEN) || \
defined(WOLFSSL_KEY_GEN))
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
(defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
/* Write a public ECC key to output */
static int SetEd448PublicKey(byte* output, ed448_key* key, int with_header)
@ -12814,7 +12814,7 @@ int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
return SetEd448PublicKey(output, key, withAlg);
}
#endif /* HAVE_ED448 && (WOLFSSL_CERT_GEN || WOLFSSL_KEY_GEN) */
#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT && (WOLFSSL_CERT_GEN || WOLFSSL_KEY_GEN) */
#ifdef WOLFSSL_CERT_GEN
@ -13903,7 +13903,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
}
#endif
#ifdef HAVE_ED448
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
if (cert->keyType == ED448_KEY) {
if (ed448Key == NULL)
return PUBLIC_KEY_E;
@ -14660,7 +14660,7 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
}
#endif
#ifdef HAVE_ED448
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
if (cert->keyType == ED448_KEY) {
if (ed448Key == NULL)
return PUBLIC_KEY_E;
@ -15121,7 +15121,7 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
if (ed25519Key != NULL)
bufferSz = SetEd25519PublicKey(buf, ed25519Key, 0);
#endif
#ifdef HAVE_ED448
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
/* ED448 public key */
if (ed448Key != NULL)
bufferSz = SetEd448PublicKey(buf, ed448Key, 0);
@ -17318,6 +17318,7 @@ int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output, word32 inLen)
#ifdef HAVE_ED448
#ifdef HAVE_ED448_KEY_IMPORT
int wc_Ed448PrivateKeyDecode(const byte* input, word32* inOutIdx,
ed448_key* key, word32 inSz)
{
@ -17417,9 +17418,9 @@ int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx,
return 0;
}
#endif /* HAVE_ED448_KEY_IMPORT */
#ifdef WOLFSSL_KEY_GEN
#if defined(WOLFSSL_KEY_GEN) && defined(HAVE_ED448_KEY_EXPORT)
/* build DER formatted ED448 key,
* return length on success, negative on error */
@ -17492,7 +17493,7 @@ int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, word32 inLen)
return wc_BuildEd448KeyDer(key, output, inLen, 0);
}
#endif /* WOLFSSL_KEY_GEN */
#endif /* WOLFSSL_KEY_GEN && HAVE_ED448_KEY_EXPORT */
#endif /* HAVE_ED448 */

14
wolfssl/test.h
View File

@ -3862,7 +3862,7 @@ static WC_INLINE int myX25519SharedSecret(WOLFSSL* ssl, curve25519_key* otherKey
#endif /* HAVE_CURVE25519 */
#ifdef HAVE_ED448
#ifdef HAVE_ED448_SIGN
#if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_IMPORT)
static WC_INLINE int myEd448Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
{
@ -3899,10 +3899,10 @@ static WC_INLINE int myEd448Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
return ret;
}
#endif /* HAVE_ED448_SIGN */
#endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_ED448_VERIFY
#if defined(HAVE_ED448_VERIFY) && defined(HAVE_ED448_KEY_IMPORT)
static WC_INLINE int myEd448Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
const byte* msg, word32 msgSz, const byte* key, word32 keySz,
int* result, void* ctx)
@ -3931,7 +3931,7 @@ static WC_INLINE int myEd448Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz,
return ret;
}
#endif /* HAVE_ED448_VERIFY */
#endif /* HAVE_ED448_VERIFY && HAVE_ED448_KEY_IMPORT */
#endif /* HAVE_ED448 */
#ifdef HAVE_CURVE448
@ -4455,11 +4455,11 @@ static WC_INLINE void SetupPkCallbacks(WOLFSSL_CTX* ctx)
wolfSSL_CTX_SetX25519KeyGenCb(ctx, myX25519KeyGen);
wolfSSL_CTX_SetX25519SharedSecretCb(ctx, myX25519SharedSecret);
#endif
#ifdef HAVE_ED448
#ifdef HAVE_ED448_SIGN
#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
#if defined(HAVE_ED448_SIGN)
wolfSSL_CTX_SetEd448SignCb(ctx, myEd448Sign);
#endif
#ifdef HAVE_ED448_VERIFY
#if defined(HAVE_ED448_VERIFY)
wolfSSL_CTX_SetEd448VerifyCb(ctx, myEd448Verify);
#endif
#endif

8
wolfssl/wolfcrypt/asn_public.h
View File

@ -580,17 +580,23 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
#ifdef HAVE_ED448
/* private key helpers */
#ifdef HAVE_ED448_KEY_IMPORT
WOLFSSL_API int wc_Ed448PrivateKeyDecode(const byte*, word32*,
ed448_key*, word32);
#endif
#ifdef HAVE_ED448_KEY_EXPORT
WOLFSSL_API int wc_Ed448KeyToDer(ed448_key* key, byte* output,
word32 inLen);
WOLFSSL_API int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output,
word32 inLen);
#endif
/* public key helper */
WOLFSSL_API int wc_Ed448PublicKeyDecode(const byte*, word32*,
ed448_key*, word32);
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
#if (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) && \
defined(HAVE_ED448_KEY_EXPORT)
WOLFSSL_API int wc_Ed448PublicKeyToDer(ed448_key*, byte* output,
word32 inLen, int with_AlgCurve);
#endif

6
wolfssl/wolfcrypt/ed448.h
View File

@ -158,6 +158,8 @@ WOLFSSL_API
int wc_ed448_init(ed448_key* key);
WOLFSSL_API
void wc_ed448_free(ed448_key* key);
#ifdef HAVE_ED448_KEY_IMPORT
WOLFSSL_API
int wc_ed448_import_public(const byte* in, word32 inLen, ed448_key* key);
WOLFSSL_API
@ -166,6 +168,9 @@ int wc_ed448_import_private_only(const byte* priv, word32 privSz,
WOLFSSL_API
int wc_ed448_import_private_key(const byte* priv, word32 privSz,
const byte* pub, word32 pubSz, ed448_key* key);
#endif /* HAVE_ED448_KEY_IMPORT */
#ifdef HAVE_ED448_KEY_EXPORT
WOLFSSL_API
int wc_ed448_export_public(ed448_key*, byte* out, word32* outLen);
WOLFSSL_API
@ -175,6 +180,7 @@ int wc_ed448_export_private(ed448_key* key, byte* out, word32* outLen);
WOLFSSL_API
int wc_ed448_export_key(ed448_key* key, byte* priv, word32 *privSz,
byte* pub, word32 *pubSz);
#endif /* HAVE_ED448_KEY_EXPORT */
WOLFSSL_API
int wc_ed448_check_key(ed448_key* key);