wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 10:47:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7576 from Frauschi/pqc_private_key_fix

Browse Source 
Fix PQC and hybrid certificate regressions
This commit is contained in:
Anthony Hu
2024-05-23 15:03:16 -04:00
committed by GitHub
parent e05dbd531e 9a58301ab1
commit b98e4e0093
5 changed files with 12 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/ssl_load.c
View File

@ -1622,9 +1622,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
DecodedCert* cert, int checkKeySz) DecodedCert* cert, int checkKeySz)
{ {
int ret = 0; int ret = 0;
#ifdef WOLF_PRIVATE_KEY_ID
byte keyType = 0; byte keyType = 0;
#endif
int keySz = 0; int keySz = 0;
#ifndef NO_RSA #ifndef NO_RSA
word32 idx; word32 idx;
@ -1637,9 +1635,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
case RSAPSSk: case RSAPSSk:
#endif #endif
case RSAk: case RSAk:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = rsa_sa_algo; keyType = rsa_sa_algo;
#endif
/* Determine RSA key size by parsing public key */ /* Determine RSA key size by parsing public key */
idx = 0; idx = 0;
ret = wc_RsaPublicKeyDecode_ex(cert->publicKey, &idx, ret = wc_RsaPublicKeyDecode_ex(cert->publicKey, &idx,
@ -1652,9 +1648,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#endif /* !NO_RSA */ #endif /* !NO_RSA */
#ifdef HAVE_ECC #ifdef HAVE_ECC
case ECDSAk: case ECDSAk:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = ecc_dsa_sa_algo; keyType = ecc_dsa_sa_algo;
#endif
/* Determine ECC key size based on curve */ /* Determine ECC key size based on curve */
#ifdef WOLFSSL_CUSTOM_CURVES #ifdef WOLFSSL_CUSTOM_CURVES
if ((cert->pkCurveOID == 0) && (cert->pkCurveSize != 0)) { if ((cert->pkCurveOID == 0) && (cert->pkCurveSize != 0)) {
@ -1676,9 +1670,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
case SM2k: case SM2k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = sm2_sa_algo; keyType = sm2_sa_algo;
#endif
/* Determine ECC key size based on curve */ /* Determine ECC key size based on curve */
keySz = WOLFSSL_SM2_KEY_BITS / 8; keySz = WOLFSSL_SM2_KEY_BITS / 8;
if (checkKeySz) { if (checkKeySz) {
@ -1690,9 +1682,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#endif /* HAVE_ED25519 */ #endif /* HAVE_ED25519 */
#ifdef HAVE_ED25519 #ifdef HAVE_ED25519
case ED25519k: case ED25519k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = ed25519_sa_algo; keyType = ed25519_sa_algo;
#endif
/* ED25519 is fixed key size */ /* ED25519 is fixed key size */
keySz = ED25519_KEY_SIZE; keySz = ED25519_KEY_SIZE;
if (checkKeySz) { if (checkKeySz) {
@ -1703,9 +1693,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#endif /* HAVE_ED25519 */ #endif /* HAVE_ED25519 */
#ifdef HAVE_ED448 #ifdef HAVE_ED448
case ED448k: case ED448k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = ed448_sa_algo; keyType = ed448_sa_algo;
#endif
/* ED448 is fixed key size */ /* ED448 is fixed key size */
keySz = ED448_KEY_SIZE; keySz = ED448_KEY_SIZE;
if (checkKeySz) { if (checkKeySz) {
@ -1717,9 +1705,7 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#if defined(HAVE_PQC) #if defined(HAVE_PQC)
#if defined(HAVE_FALCON) #if defined(HAVE_FALCON)
case FALCON_LEVEL1k: case FALCON_LEVEL1k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = falcon_level1_sa_algo; keyType = falcon_level1_sa_algo;
#endif
/* Falcon is fixed key size */ /* Falcon is fixed key size */
keySz = FALCON_LEVEL1_KEY_SIZE; keySz = FALCON_LEVEL1_KEY_SIZE;
if (checkKeySz) { if (checkKeySz) {
@ -1729,11 +1715,9 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
} }
break; break;
case FALCON_LEVEL5k: case FALCON_LEVEL5k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = falcon_level5_sa_algo; keyType = falcon_level5_sa_algo;
#endif
/* Falcon is fixed key size */ /* Falcon is fixed key size */
keySz = FALCON_MAX_KEY_SIZE; keySz = FALCON_LEVEL5_KEY_SIZE;
if (checkKeySz) { if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minFalconKeySz : ret = CHECK_KEY_SZ(ssl ? ssl->options.minFalconKeySz :
ctx->minFalconKeySz, FALCON_MAX_KEY_SIZE, keySz, ctx->minFalconKeySz, FALCON_MAX_KEY_SIZE, keySz,
@ -1743,11 +1727,9 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
#endif /* HAVE_FALCON */ #endif /* HAVE_FALCON */
#if defined(HAVE_DILITHIUM) #if defined(HAVE_DILITHIUM)
case DILITHIUM_LEVEL2k: case DILITHIUM_LEVEL2k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = dilithium_level2_sa_algo; keyType = dilithium_level2_sa_algo;
#endif
/* Dilithium is fixed key size */ /* Dilithium is fixed key size */
keySz = DILITHIUM_MAX_KEY_SIZE; keySz = DILITHIUM_LEVEL2_KEY_SIZE;
if (checkKeySz) { if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
@ -1755,11 +1737,9 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
} }
break; break;
case DILITHIUM_LEVEL3k: case DILITHIUM_LEVEL3k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = dilithium_level3_sa_algo; keyType = dilithium_level3_sa_algo;
#endif
/* Dilithium is fixed key size */ /* Dilithium is fixed key size */
keySz = DILITHIUM_MAX_KEY_SIZE; keySz = DILITHIUM_LEVEL3_KEY_SIZE;
if (checkKeySz) { if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
@ -1767,11 +1747,9 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
} }
break; break;
case DILITHIUM_LEVEL5k: case DILITHIUM_LEVEL5k:
#ifdef WOLF_PRIVATE_KEY_ID
keyType = dilithium_level5_sa_algo; keyType = dilithium_level5_sa_algo;
#endif
/* Dilithium is fixed key size */ /* Dilithium is fixed key size */
keySz = DILITHIUM_MAX_KEY_SIZE; keySz = DILITHIUM_LEVEL5_KEY_SIZE;
if (checkKeySz) { if (checkKeySz) {
ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz : ret = CHECK_KEY_SZ(ssl ? ssl->options.minDilithiumKeySz :
ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz, ctx->minDilithiumKeySz, DILITHIUM_MAX_KEY_SIZE, keySz,
@ -1786,7 +1764,6 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
break; break;
} }
#ifdef WOLF_PRIVATE_KEY_ID
/* Store the type and key size as there may not be a private key set. */ /* Store the type and key size as there may not be a private key set. */
if (ssl != NULL) { if (ssl != NULL) {
ssl->buffers.keyType = keyType; ssl->buffers.keyType = keyType;
@ -1796,7 +1773,6 @@ static int ProcessBufferCertPublicKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
ctx->privateKeyType = keyType; ctx->privateKeyType = keyType;
ctx->privateKeySz = keySz; ctx->privateKeySz = keySz;
} }
#endif
return ret; return ret;
} }

7
src/tls13.c
View File

@ -10088,10 +10088,13 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
* with their size as 16-bit integeter prior in memory. Hence, * with their size as 16-bit integeter prior in memory. Hence,
* we can decode both lengths here now. */ * we can decode both lengths here now. */
word32 tmpIdx = args->idx; word32 tmpIdx = args->idx;
ato32(input + tmpIdx, &args->sigSz); word16 tmpSz = 0;
ato16(input + tmpIdx, &tmpSz);
args->sigSz = tmpSz;
tmpIdx += OPAQUE16_LEN + args->sigSz; tmpIdx += OPAQUE16_LEN + args->sigSz;
ato32(input + tmpIdx, &args->altSignatureSz); ato16(input + tmpIdx, &tmpSz);
args->altSignatureSz = tmpSz;
if (args->sz != (args->sigSz + args->altSignatureSz + if (args->sz != (args->sigSz + args->altSignatureSz +
OPAQUE16_LEN + OPAQUE16_LEN)) { OPAQUE16_LEN + OPAQUE16_LEN)) {

2
wolfcrypt/src/dilithium.c
View File

@ -488,7 +488,7 @@ static int parse_private_key(const byte* priv, word32 privSz,
/* At this point, it is still a PKCS8 private key. */ /* At this point, it is still a PKCS8 private key. */
if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) { if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) {
return ret; /* ignore error, did not have PKCS8 header */
} }
/* Now it is a octet_string(concat(priv,pub)) */ /* Now it is a octet_string(concat(priv,pub)) */

2
wolfcrypt/src/falcon.c
View File

@ -469,7 +469,7 @@ static int parse_private_key(const byte* priv, word32 privSz,
/* At this point, it is still a PKCS8 private key. */ /* At this point, it is still a PKCS8 private key. */
if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) { if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) {
return ret; /* ignore error, did not have PKCS8 header */
} }
/* Now it is a octet_string(concat(priv,pub)) */ /* Now it is a octet_string(concat(priv,pub)) */

2
wolfcrypt/src/sphincs.c
View File

@ -431,7 +431,7 @@ static int parse_private_key(const byte* priv, word32 privSz,
/* At this point, it is still a PKCS8 private key. */ /* At this point, it is still a PKCS8 private key. */
if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) { if ((ret = ToTraditionalInline(priv, &idx, privSz)) < 0) {
return ret; /* ignore error, did not have PKCS8 header */
} }
/* Now it is a octet_string(concat(priv,pub)) */ /* Now it is a octet_string(concat(priv,pub)) */