wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-29 18:27:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for building with RSA public or verify only. Fixes issue with reserved "div" keyword as variable name. ZD11585

Browse Source
This commit is contained in:
David Garske
2021-02-16 11:12:32 -08:00
parent ad58478d29
commit c62b48f7d0
5 changed files with 85 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
wolfcrypt/benchmark/benchmark.c
View File

@ -594,8 +594,7 @@ static const char* bench_result_words1[][4] = {
#endif
};
#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(HAVE_NTRU) || \
#if !defined(NO_RSA) || defined(HAVE_NTRU) || \
defined(HAVE_ECC) || !defined(NO_DH) || defined(HAVE_ECC_ENCRYPT) || \
defined(HAVE_CURVE25519) || defined(HAVE_CURVE25519_SHARED_SECRET) || \
defined(HAVE_ED25519) || defined(HAVE_CURVE448) || \
@ -723,10 +722,10 @@ static const char* bench_desc_words[][9] = {
#endif
#endif
#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || !defined(NO_DH) \
|| defined(WOLFSSL_KEY_GEN) || defined(HAVE_ECC) \
|| defined(HAVE_CURVE25519) || defined(HAVE_ED25519) \
|| defined(HAVE_CURVE448) || defined(HAVE_ED448)
#if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WC_NO_RNG)) \
|| !defined(NO_DH) || defined(WOLFSSL_KEY_GEN) || defined(HAVE_ECC) \
|| defined(HAVE_CURVE25519) || defined(HAVE_ED25519) \
|| defined(HAVE_CURVE448) || defined(HAVE_ED448)
#define HAVE_LOCAL_RNG
static THREAD_LS_T WC_RNG gRng;
#endif
@ -739,9 +738,7 @@ static const char* bench_desc_words[][9] = {
#endif
#if defined(BENCH_ASYM)
#if defined(HAVE_ECC) || (!defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(WOLFSSL_PUBLIC_MP) || \
!defined(NO_DH)
#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DH)
static const char* bench_result_words2[][5] = {
{ "ops took", "sec" , "avg" , "ops/sec", NULL }, /* 0 English */
#ifndef NO_MULTIBYTE_PRINT
@ -1278,9 +1275,7 @@ static void bench_stats_sym_finish(const char* desc, int doAsync, int count,
}
#ifdef BENCH_ASYM
#if defined(HAVE_ECC) || (!defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(WOLFSSL_PUBLIC_MP) || \
!defined(NO_DH)
#if defined(HAVE_ECC) || !defined(NO_RSA) || !defined(NO_DH)
static void bench_stats_asym_finish(const char* algo, int strength,
const char* desc, int doAsync, int count, double start, int ret)
{
@ -4464,9 +4459,8 @@ void bench_rsaKeyGen_size(int doAsync, int keySz)
#define RSA_BUF_SIZE 384 /* for up to 3072 bit */
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
#elif defined(WOLFSSL_PUBLIC_MP) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
#if defined(USE_CERT_BUFFERS_2048)
#if defined(WOLFSSL_RSA_VERIFY_INLINE) || defined(WOLFSSL_RSA_PUBLIC_ONLY)
#if defined(USE_CERT_BUFFERS_2048)
static unsigned char rsa_2048_sig[] = {
0x8c, 0x9e, 0x37, 0xbf, 0xc3, 0xa6, 0xba, 0x1c,
0x53, 0x22, 0x40, 0x4b, 0x8b, 0x0d, 0x3c, 0x0e,
@ -4501,7 +4495,7 @@ static unsigned char rsa_2048_sig[] = {
0x4c, 0xef, 0xe8, 0xd4, 0x4d, 0x6a, 0x33, 0x7d,
0x9e, 0xd2, 0x51, 0xe6, 0x41, 0xbf, 0x4f, 0xa2
};
#elif defined(USE_CERT_BUFFERS_3072)
#elif defined(USE_CERT_BUFFERS_3072)
static unsigned char rsa_3072_sig[] = {
0x1a, 0xd6, 0x0d, 0xfd, 0xe3, 0x41, 0x95, 0x76,
0x27, 0x16, 0x7d, 0xc7, 0x94, 0x16, 0xca, 0xa8,
@ -4552,13 +4546,11 @@ static unsigned char rsa_3072_sig[] = {
0x5e, 0xe9, 0xd0, 0xa7, 0xb4, 0x2a, 0x45, 0xdf,
0x15, 0x7d, 0x0d, 0x5b, 0xef, 0xc6, 0x23, 0xac
};
#else
#error Not Supported Yet!
#endif
#else
#error Not Supported Yet!
#endif
#endif /* WOLFSSL_RSA_VERIFY_INLINE || WOLFSSL_RSA_PUBLIC_ONLY */
#if (!defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(WOLFSSL_PUBLIC_MP)
static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING],
int rsaKeySz)
{
@ -4579,8 +4571,7 @@ static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING],
#else
byte* enc[BENCH_MAX_PENDING];
#endif
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
#if !defined(WOLFSSL_MDK5_COMPLv5)
/* MDK5 compiler regard this as a executable statement, and does not allow declarations after the line. */
DECLARE_ARRAY_DYNAMIC_DEC(out, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
@ -4593,8 +4584,7 @@ static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING],
#endif
DECLARE_ARRAY_DYNAMIC_EXE(enc, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
!defined(WOLFSSL_RSA_PUBLIC_ONLY)
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
DECLARE_ARRAY_DYNAMIC_EXE(out, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
if (out[0] == NULL) {
ret = MEMORY_E;
@ -4632,17 +4622,17 @@ static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING],
&gRng);
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(
&rsaKey[i]), 1, &times, &pending)) {
goto exit_rsa_pub;
goto exit_rsa_verify;
}
}
} /* for i */
} /* for times */
count += times;
} while (bench_stats_sym_check(start));
exit_rsa_pub:
exit_rsa_verify:
bench_stats_asym_finish("RSA", rsaKeySz, desc[0], doAsync, count,
start, ret);
#endif
#endif /* !WOLFSSL_RSA_VERIFY_ONLY */
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
if (ret < 0) {
@ -4667,17 +4657,17 @@ exit_rsa_pub:
if (!bench_async_handle(&ret,
BENCH_ASYNC_GET_DEV(&rsaKey[i]),
1, &times, &pending)) {
goto exit;
goto exit_rsa_pub;
}
}
} /* for i */
} /* for times */
count += times;
} while (bench_stats_sym_check(start));
exit:
exit_rsa_pub:
bench_stats_asym_finish("RSA", rsaKeySz, desc[1], doAsync, count,
start, ret);
#endif
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
}
else {
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
@ -4710,8 +4700,9 @@ exit_rsa_sign:
if (ret < 0) {
goto exit;
}
#endif
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
#ifndef WOLFSSL_RSA_VERIFY_ONLY
/* capture resulting encrypt length */
idx = rsaKeySz/8;
@ -4749,39 +4740,39 @@ exit_rsa_sign:
if (!bench_async_handle(&ret,
BENCH_ASYNC_GET_DEV(&rsaKey[i]),
1, &times, &pending)) {
goto exit_rsa_verify;
goto exit_rsa_verifyinline;
}
}
} /* for i */
} /* for times */
count += times;
} while (bench_stats_sym_check(start));
exit_rsa_verify:
exit_rsa_verifyinline:
bench_stats_asym_finish("RSA", rsaKeySz, desc[5], doAsync, count,
start, ret);
#endif /* !WOLFSSL_RSA_VERIFY_ONLY */
}
exit:
FREE_ARRAY_DYNAMIC(enc, BENCH_MAX_PENDING, HEAP_HINT);
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
FREE_ARRAY_DYNAMIC(out, BENCH_MAX_PENDING, HEAP_HINT);
#endif
FREE_VAR(message, HEAP_HINT);
}
#endif
void bench_rsa(int doAsync)
{
#ifndef WOLFSSL_RSA_VERIFY_ONLY
int ret = 0;
#endif
int i;
RsaKey rsaKey[BENCH_MAX_PENDING];
#if (!defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(WOLFSSL_PUBLIC_MP)
int rsaKeySz; /* used in printf */
size_t bytes;
int ret = 0;
int rsaKeySz = 0;
const byte* tmp;
size_t bytes;
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
word32 idx;
#endif
#ifdef USE_CERT_BUFFERS_1024
tmp = rsa_key_der_1024;
@ -4798,7 +4789,6 @@ void bench_rsa(int doAsync)
#else
#error "need a cert buffer size"
#endif /* USE_CERT_BUFFERS */
#endif
/* clear for done cleanup */
XMEMSET(rsaKey, 0, sizeof(rsaKey));
@ -4806,12 +4796,12 @@ void bench_rsa(int doAsync)
/* init keys */
for (i = 0; i < BENCH_MAX_PENDING; i++) {
/* setup an async context for each key */
if (wc_InitRsaKey_ex(&rsaKey[i], HEAP_HINT,
doAsync ? devId : INVALID_DEVID) < 0) {
if ((ret = wc_InitRsaKey_ex(&rsaKey[i], HEAP_HINT,
doAsync ? devId : INVALID_DEVID)) < 0) {
goto exit_bench_rsa;
}
#ifndef WOLFSSL_RSA_VERIFY_ONLY
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
#ifdef WC_RSA_BLINDING
ret = wc_RsaSetRNG(&rsaKey[i], &gRng);
if (ret != 0)
@ -4828,8 +4818,13 @@ void bench_rsa(int doAsync)
goto exit_bench_rsa;
}
#elif defined(WOLFSSL_PUBLIC_MP)
#ifdef USE_CERT_BUFFERS_2048
ret = mp_read_unsigned_bin(&rsaKey[i].n, &tmp[12], 256);
/* get offset to public portion of the RSA key */
#ifdef USE_CERT_BUFFERS_1024
bytes = 11;
#elif defined(USE_CERT_BUFFERS_2048) || defined(USE_CERT_BUFFERS_3072)
bytes = 12;
#endif
ret = mp_read_unsigned_bin(&rsaKey[i].n, &tmp[bytes], rsaKeySz/8);
if (ret != 0) {
printf("wc_RsaPrivateKeyDecode failed! %d\n", ret);
goto exit_bench_rsa;
@ -4839,19 +4834,16 @@ void bench_rsa(int doAsync)
printf("wc_RsaPrivateKeyDecode failed! %d\n", ret);
goto exit_bench_rsa;
}
#else
#error Not supported yet!
#endif
(void)idx;
(void)bytes;
#else
/* Note: To benchmark public only define WOLFSSL_PUBLIC_MP */
rsaKeySz = 0;
#endif
}
#if (!defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)) || defined(WOLFSSL_PUBLIC_MP)
bench_rsa_helper(doAsync, rsaKey, rsaKeySz);
#endif
if (rsaKeySz > 0) {
bench_rsa_helper(doAsync, rsaKey, rsaKeySz);
}
exit_bench_rsa:
/* cleanup */
for (i = 0; i < BENCH_MAX_PENDING; i++) {

4
wolfcrypt/src/asn.c
View File

@ -3148,6 +3148,7 @@ int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
{
ret = 0;
}
(void)ks;
return ret;
}
@ -5655,6 +5656,9 @@ int CalcHashId(const byte* data, word32 len, byte* hash)
ret = wc_ShaHash(data, len, hash);
#else
ret = NOT_COMPILED_IN;
(void)data;
(void)len;
(void)hash;
#endif
return ret;

3
wolfcrypt/src/hash.c
View File

@ -612,6 +612,9 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
ret = BAD_FUNC_ARG;
};
(void)heap;
(void)devId;
return ret;
}

15
wolfcrypt/src/sp_int.c
View File

@ -3255,7 +3255,7 @@ int sp_mul_d(sp_int* a, sp_int_digit d, sp_int* r)
* (WOLFSSL_KEY_GEN && !NO_RSA) */
#if defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_DH) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY))
(!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY))
#ifndef SP_ASM_DIV_WORD
/* Divide a two digit number by a digit number and return. (hi | lo) / d
*
@ -3271,12 +3271,12 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
sp_int_digit r;
if (hi != 0) {
sp_int_digit div = d >> SP_HALF_SIZE;
sp_int_digit divsz = d >> SP_HALF_SIZE;
sp_int_digit r2;
sp_int_word w = ((sp_int_word)hi << SP_WORD_SIZE) | lo;
sp_int_word trial;
r = hi / div;
r = hi / divsz;
if (r > SP_HALF_MAX) {
r = SP_HALF_MAX;
}
@ -3287,7 +3287,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
trial -= (sp_int_word)d << SP_HALF_SIZE;
}
w -= trial;
r2 = ((sp_int_digit)(w >> SP_HALF_SIZE)) / div;
r2 = ((sp_int_digit)(w >> SP_HALF_SIZE)) / divsz;
trial = r2 * (sp_int_word)d;
while (trial > w) {
r2--;
@ -12175,8 +12175,8 @@ int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz)
return err;
}
#if (!defined(NO_DH) || defined(HAVE_ECC) || defined(WC_RSA_BLINDING)) && \
!defined(WOLFSSL_RSA_VERIFY_ONLY)
#if (!defined(NO_DH) || defined(HAVE_ECC) || defined(WC_RSA_BLINDING) || \
defined(WOLFSSL_RSA_PUBLIC_ONLY)) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
/* Convert the multi-precision number to an array of bytes in big-endian format.
*
* The array must be large enough for encoded number - use mp_unsigned_bin_size
@ -12192,7 +12192,8 @@ int sp_to_unsigned_bin(sp_int* a, byte* out)
{
return sp_to_unsigned_bin_len(a, out, sp_unsigned_bin_size(a));
}
#endif /* (!NO_DH || HAVE_ECC || WC_RSA_BLINDING) && !WOLFSSL_RSA_VERIFY_ONLY */
#endif /* (!NO_DH || HAVE_ECC || WC_RSA_BLINDING || WOLFSSL_RSA_PUBLIC_ONLY)
&& !WOLFSSL_RSA_VERIFY_ONLY */
/* Convert the multi-precision number to an array of bytes in big-endian format.
*

28
wolfcrypt/test/test.c
View File

@ -12697,7 +12697,7 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
#elif defined(HAVE_FIPS) || !defined(WC_RSA_BLINDING)
/* FIPS140 implementation does not do blinding */
if (ret != 0)
#elif defined(WOLFSSL_RSA_PUBLIC_ONLY)
#elif defined(WOLFSSL_RSA_PUBLIC_ONLY) || defined(WOLFSSL_RSA_VERIFY_ONLY)
if (ret != SIG_TYPE_E)
#elif defined(WOLFSSL_CRYPTOCELL)
/* RNG is handled with the cryptocell */
@ -12752,7 +12752,7 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
return -7668;
sigSz = (word32)ret;
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
XMEMSET(out, 0, sizeof(out));
ret = wc_SignatureGenerate(WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA, in,
inLen, out, &sigSz, key, keyLen, rng);
@ -12806,7 +12806,7 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
#else
(void)hash;
(void)hashEnc;
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
#endif /* !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
return 0;
}
@ -13486,7 +13486,7 @@ exit_rsa_pss:
return ret;
}
#endif /* WOLFSSL_RSA_VERIFY_ONLY */
#endif /* !WOLFSSL_RSA_VERIFY_ONLY && !WOLFSSL_RSA_PUBLIC_ONLY */
#endif
#ifdef WC_RSA_NO_PADDING
@ -13726,17 +13726,25 @@ static int rsa_even_mod_test(WC_RNG* rng, RsaKey* key)
word32 idx = 0;
#endif
word32 outSz = RSA_TEST_BYTES;
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
word32 plainSz = RSA_TEST_BYTES;
#endif
#if !defined(USE_CERT_BUFFERS_2048) && !defined(USE_CERT_BUFFERS_3072) && \
!defined(USE_CERT_BUFFERS_4096) && !defined(NO_FILESYSTEM)
XFILE file;
#endif
DECLARE_VAR(out, byte, RSA_TEST_BYTES, HEAP_HINT);
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
DECLARE_VAR(plain, byte, RSA_TEST_BYTES, HEAP_HINT);
#endif
#ifdef DECLARE_VAR_IS_HEAP_ALLOC
if (out == NULL || plain == NULL)
if (out == NULL
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|| plain == NULL
#endif
) {
ERROR_OUT(MEMORY_E, exit_rsa_even_mod);
}
#endif
#if defined(USE_CERT_BUFFERS_2048)
@ -13850,7 +13858,9 @@ static int rsa_even_mod_test(WC_RNG* rng, RsaKey* key)
exit_rsa_even_mod:
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
FREE_VAR(out, HEAP_HINT);
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
FREE_VAR(plain, HEAP_HINT);
#endif
(void)out;
(void)outSz;
@ -14576,13 +14586,12 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
DECLARE_VAR(in, byte, TEST_STRING_SZ, HEAP_HINT);
DECLARE_VAR(out, byte, RSA_TEST_BYTES, HEAP_HINT);
DECLARE_VAR(plain, byte, RSA_TEST_BYTES, HEAP_HINT);
#endif
#ifdef DECLARE_VAR_IS_HEAP_ALLOC
if (in == NULL || out == NULL || plain == NULL)
ERROR_OUT(MEMORY_E, exit_rsa);
#endif
#ifndef WOLFSSL_RSA_VERIFY_ONLY
XMEMCPY(in, inStr, inLen);
#endif
@ -15652,9 +15661,12 @@ exit_rsa:
XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
wc_FreeRng(&rng);
#if (!defined(WOLFSSL_RSA_VERIFY_ONLY) || defined(WOLFSSL_PUBLIC_MP)) && \
!defined(WC_NO_RSA_OAEP) && !defined(WC_NO_RNG)
FREE_VAR(in, HEAP_HINT);
FREE_VAR(out, HEAP_HINT);
FREE_VAR(plain, HEAP_HINT);
#endif
/* ret can be greater then 0 with certgen but all negative values should
* be returned and treated as an error */