mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 03:30:49 +02:00
Merge pull request #2892 from SparkiDev/cppcheck_fixes_4
Fixes from cppcheck
This commit is contained in:
@@ -171,7 +171,7 @@ static void tskAes256_Test(void *pvParam)
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !defined(NO_RSA) || defined(HAVE_ECC)
|
||||
#if (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(WC_NO_RNG)
|
||||
|
||||
int mp_performance_check(int mul, int mulmod, int exptmod)
|
||||
{
|
||||
@@ -636,7 +636,7 @@ TEST_CASE("wolfssl mp mul performance test" , "[wolfssl]")
|
||||
|
||||
TEST_ASSERT_EQUAL(0, mp_performance_check(mul, mulmod, exptmod));
|
||||
}
|
||||
#endif/* !NO_RSA || HAVE_ECC */
|
||||
#endif/* (!NO_RSA || HAVE_ECC) && !WC_NO_RNG */
|
||||
|
||||
TEST_CASE("wolfssl aes test" , "[wolfssl]")
|
||||
{
|
||||
|
||||
@@ -630,7 +630,9 @@ void shell_main(void *arg) {
|
||||
int i ;
|
||||
func_args args ;
|
||||
int bf_flg ;
|
||||
#if defined(WOLFSSL_CMSIS_RTOS)
|
||||
osThreadId cmd ;
|
||||
#endif
|
||||
i = BackGround ;
|
||||
/* Dummy for avoiding warning: BackGround is defined but not used. */
|
||||
|
||||
|
||||
@@ -58,7 +58,9 @@ static void benchmark_TLS(int version, char* suites, int group)
|
||||
int i;
|
||||
NX_TCP_SOCKET sockfd;
|
||||
int ret;
|
||||
#ifdef WOLFSSL_TLS13
|
||||
int groups[1];
|
||||
#endif
|
||||
double start;
|
||||
WOLFSSL_METHOD* method = NULL;
|
||||
|
||||
|
||||
@@ -100,9 +100,7 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
|
||||
if (ret == 0) {
|
||||
/* make wolfSSL object nonblocking */
|
||||
wolfSSL_set_using_nonblock(client_ssl, 1);
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Return newly created wolfSSL context and object */
|
||||
*ctx = client_ctx;
|
||||
*ssl = client_ssl;
|
||||
@@ -178,9 +176,7 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
|
||||
if (ret == 0) {
|
||||
/* make wolfSSL object nonblocking */
|
||||
wolfSSL_set_using_nonblock(server_ssl, 1);
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Return newly created wolfSSL context and object */
|
||||
*ctx = server_ctx;
|
||||
*ssl = server_ssl;
|
||||
@@ -355,9 +351,9 @@ void server_thread(void* arg1, void* arg2, void* arg3)
|
||||
printf("unable to load static memory");
|
||||
ret = -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ret == 0)
|
||||
#endif
|
||||
ret = wolfssl_server_new(&server_ctx, &server_ssl);
|
||||
|
||||
if (ret == 0)
|
||||
@@ -415,8 +411,7 @@ int wolfssl_client_connect_tcp(WOLFSSL* ssl, SOCKET_T* fd)
|
||||
if (ret == 0) {
|
||||
*fd = sockfd;
|
||||
tcp_set_nonblocking(&sockfd);
|
||||
}
|
||||
if (ret == 0) {
|
||||
|
||||
printf("Client Connect\n");
|
||||
if (connect(sockfd, res->ai_addr, res->ai_addrlen) != 0)
|
||||
ret = -1;
|
||||
@@ -446,11 +441,13 @@ void client_thread()
|
||||
printf("unable to load static memory");
|
||||
ret = -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Client connection */
|
||||
if (ret == 0)
|
||||
#endif
|
||||
{
|
||||
/* Client connection */
|
||||
ret = wolfssl_client_new(&client_ctx, &client_ssl);
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = wolfssl_client_connect_tcp(client_ssl, &sockfd);
|
||||
@@ -462,12 +459,12 @@ void client_thread()
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
if (ret == 0) {
|
||||
printf("Handshake complete\n");
|
||||
|
||||
/* Send HTTP request */
|
||||
if (ret == 0)
|
||||
/* Send HTTP request */
|
||||
ret = wolfssl_send(client_ssl, msgHTTPGet);
|
||||
}
|
||||
/* Receive HTTP response */
|
||||
while (ret == 0) {
|
||||
k_sleep(10);
|
||||
|
||||
@@ -181,9 +181,7 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
|
||||
/* Register callbacks */
|
||||
wolfSSL_SetIORecv(client_ctx, recv_client);
|
||||
wolfSSL_SetIOSend(client_ctx, send_client);
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Create a WOLFSSL object */
|
||||
if ((client_ssl = wolfSSL_new(client_ctx)) == NULL) {
|
||||
printf("ERROR: failed to create WOLFSSL object\n");
|
||||
@@ -194,9 +192,7 @@ static int wolfssl_client_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
|
||||
if (ret == 0) {
|
||||
/* make wolfSSL object nonblocking */
|
||||
wolfSSL_set_using_nonblock(client_ssl, 1);
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Return newly created wolfSSL context and object */
|
||||
*ctx = client_ctx;
|
||||
*ssl = client_ssl;
|
||||
@@ -264,9 +260,7 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
|
||||
/* Register callbacks */
|
||||
wolfSSL_SetIORecv(server_ctx, recv_server);
|
||||
wolfSSL_SetIOSend(server_ctx, send_server);
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Create a WOLFSSL object */
|
||||
if ((server_ssl = wolfSSL_new(server_ctx)) == NULL) {
|
||||
printf("ERROR: failed to create WOLFSSL object\n");
|
||||
@@ -277,9 +271,7 @@ static int wolfssl_server_new(WOLFSSL_CTX** ctx, WOLFSSL** ssl)
|
||||
if (ret == 0) {
|
||||
/* make wolfSSL object nonblocking */
|
||||
wolfSSL_set_using_nonblock(server_ssl, 1);
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Return newly created wolfSSL context and object */
|
||||
*ctx = server_ctx;
|
||||
*ssl = server_ssl;
|
||||
@@ -406,9 +398,9 @@ void server_thread(void* arg1, void* arg2, void* arg3)
|
||||
printf("unable to load static memory");
|
||||
ret = -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ret == 0)
|
||||
#endif
|
||||
ret = wolfssl_server_new(&server_ctx, &server_ssl);
|
||||
|
||||
while (ret == 0) {
|
||||
@@ -458,11 +450,13 @@ int main()
|
||||
printf("unable to load static memory");
|
||||
ret = -1;
|
||||
}
|
||||
#endif
|
||||
|
||||
/* Client connection */
|
||||
if (ret == 0)
|
||||
#endif
|
||||
{
|
||||
/* Client connection */
|
||||
ret = wolfssl_client_new(&client_ctx, &client_ssl);
|
||||
}
|
||||
|
||||
while (ret == 0) {
|
||||
ret = wolfssl_client_connect(client_ssl);
|
||||
@@ -471,12 +465,12 @@ int main()
|
||||
k_sleep(10);
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
if (ret == 0) {
|
||||
printf("Handshake complete\n");
|
||||
|
||||
/* Send HTTP request */
|
||||
if (ret == 0)
|
||||
/* Send HTTP request */
|
||||
ret = wolfssl_send(client_ssl, msgHTTPGet);
|
||||
}
|
||||
/* Receive HTTP response */
|
||||
while (ret == 0) {
|
||||
k_sleep(10);
|
||||
|
||||
@@ -211,7 +211,7 @@ static const char* kTestStr =
|
||||
|
||||
#if !defined(NO_WOLFSSL_SERVER)
|
||||
/* dh2048 p */
|
||||
static const unsigned char p[] =
|
||||
static const unsigned char dhp[] =
|
||||
{
|
||||
0xb0, 0xa1, 0x08, 0x06, 0x9c, 0x08, 0x13, 0xba, 0x59, 0x06, 0x3c, 0xbc, 0x30,
|
||||
0xd5, 0xf5, 0x00, 0xc1, 0x4f, 0x44, 0xa7, 0xd6, 0xef, 0x4a, 0xc6, 0x25, 0x27,
|
||||
@@ -236,7 +236,7 @@ static const unsigned char p[] =
|
||||
};
|
||||
|
||||
/* dh2048 g */
|
||||
static const unsigned char g[] =
|
||||
static const unsigned char dhg[] =
|
||||
{
|
||||
0x02,
|
||||
};
|
||||
@@ -575,12 +575,11 @@ static int ReceiveFrom(WOLFSSL *ssl, int sd, char *buf, int sz)
|
||||
}
|
||||
|
||||
static int SendTo(int sd, char *buf, int sz, const struct sockaddr *peer,
|
||||
socklen_t peerSz)
|
||||
socklen_t peerSz)
|
||||
{
|
||||
int sent;
|
||||
int len = sz;
|
||||
|
||||
sent = (int)sendto(sd, &buf[sz - len], len, 0, peer, peerSz);
|
||||
sent = (int)sendto(sd, buf, sz, 0, peer, peerSz);
|
||||
|
||||
if (sent < 0) {
|
||||
if (errno == SOCKET_EWOULDBLOCK || errno == SOCKET_EAGAIN) {
|
||||
@@ -1312,7 +1311,7 @@ static int bench_tls_server(info_t* info)
|
||||
wolfSSL_SetIOReadCtx(srv_ssl, info);
|
||||
wolfSSL_SetIOWriteCtx(srv_ssl, info);
|
||||
#ifndef NO_DH
|
||||
wolfSSL_SetTmpDH(srv_ssl, p, sizeof(p), g, sizeof(g));
|
||||
wolfSSL_SetTmpDH(srv_ssl, dhp, sizeof(dhp), dhg, sizeof(dhg));
|
||||
#endif
|
||||
|
||||
/* accept TLS connection */
|
||||
|
||||
@@ -72,7 +72,7 @@
|
||||
|
||||
static int lng_index = 0;
|
||||
#ifdef WOLFSSL_CALLBACKS
|
||||
WOLFSSL_TIMEVAL timeout;
|
||||
WOLFSSL_TIMEVAL timeoutConnect;
|
||||
static int handShakeCB(HandShakeInfo* info)
|
||||
{
|
||||
(void)info;
|
||||
@@ -111,7 +111,7 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
|
||||
#ifndef WOLFSSL_CALLBACKS
|
||||
ret = wolfSSL_connect(ssl);
|
||||
#else
|
||||
ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout);
|
||||
ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeoutConnect);
|
||||
#endif
|
||||
error = wolfSSL_get_error(ssl, 0);
|
||||
sockfd = (SOCKET_T)wolfSSL_get_fd(ssl);
|
||||
@@ -157,7 +157,8 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
|
||||
#ifndef WOLFSSL_CALLBACKS
|
||||
ret = wolfSSL_connect(ssl);
|
||||
#else
|
||||
ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout);
|
||||
ret = wolfSSL_connect_ex(ssl, handShakeCB, timeoutCB,
|
||||
timeoutConnect);
|
||||
#endif
|
||||
error = wolfSSL_get_error(ssl, 0);
|
||||
elapsedSec = 0; /* reset elapsed */
|
||||
@@ -660,7 +661,11 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
|
||||
"\tConnect %8.3f ms\n"
|
||||
"\tTX %8.3f ms (%8.3f MBps)\n"
|
||||
"\tRX %8.3f ms (%8.3f MBps)\n",
|
||||
#if !defined(__MINGW32__)
|
||||
throughput,
|
||||
#else
|
||||
(int)throughput,
|
||||
#endif
|
||||
conn_time * 1000,
|
||||
tx_time * 1000, throughput / tx_time / 1024 / 1024,
|
||||
rx_time * 1000, throughput / rx_time / 1024 / 1024
|
||||
@@ -1390,7 +1395,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
because can't tell if we're really
|
||||
going there to detect old chacha-poly
|
||||
*/
|
||||
#ifndef WOLFSSL_VXWORKS
|
||||
int ch;
|
||||
#endif
|
||||
int version = CLIENT_INVALID_VERSION;
|
||||
int usePsk = 0;
|
||||
int useAnon = 0;
|
||||
@@ -2677,6 +2684,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (!helloRetry) {
|
||||
#if defined(WOLFSSL_TLS13) && (!defined(NO_DH) || defined(HAVE_ECC) || \
|
||||
defined(HAVE_CURVE25519) || defined(HAVE_CURVE448))
|
||||
if (onlyKeyShare == 0 || onlyKeyShare == 2) {
|
||||
#ifdef HAVE_CURVE25519
|
||||
if (useX25519) {
|
||||
@@ -2711,6 +2720,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
wolfSSL_NoKeyShares(ssl);
|
||||
@@ -2907,8 +2917,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
} while (err == WC_PENDING_E);
|
||||
}
|
||||
#else
|
||||
timeout.tv_sec = DEFAULT_TIMEOUT_SEC;
|
||||
timeout.tv_usec = 0;
|
||||
timeoutConnect.tv_sec = DEFAULT_TIMEOUT_SEC;
|
||||
timeoutConnect.tv_usec = 0;
|
||||
ret = NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */
|
||||
#endif
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
@@ -3222,7 +3232,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
if (nonBlocking) {
|
||||
#ifdef WOLFSSL_DTLS
|
||||
if (doDTLS) {
|
||||
wolfSSL_dtls_set_using_nonblock(ssl, 1);
|
||||
wolfSSL_dtls_set_using_nonblock(sslResume, 1);
|
||||
}
|
||||
#endif
|
||||
tcp_set_nonblocking(&sockfd);
|
||||
@@ -3255,8 +3265,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
|
||||
} while (err == WC_PENDING_E);
|
||||
}
|
||||
#else
|
||||
timeout.tv_sec = DEFAULT_TIMEOUT_SEC;
|
||||
timeout.tv_usec = 0;
|
||||
timeoutConnect.tv_sec = DEFAULT_TIMEOUT_SEC;
|
||||
timeoutConnect.tv_usec = 0;
|
||||
ret = NonBlockingSSL_Connect(sslResume); /* will keep retrying on timeout */
|
||||
#endif
|
||||
if (ret != WOLFSSL_SUCCESS) {
|
||||
|
||||
@@ -59,8 +59,10 @@ void echoclient_test(void* args)
|
||||
FILE* fin = stdin ;
|
||||
FILE* fout = stdout;
|
||||
|
||||
#ifndef WOLFSSL_MDK_SHELL
|
||||
int inCreated = 0;
|
||||
int outCreated = 0;
|
||||
#endif
|
||||
|
||||
char msg[1024];
|
||||
char reply[1024+1];
|
||||
@@ -106,11 +108,11 @@ void echoclient_test(void* args)
|
||||
#ifdef CYASSL_LEANPSK
|
||||
doPSK = 1;
|
||||
#endif
|
||||
|
||||
#if defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
|
||||
!defined(HAVE_ED448)
|
||||
doPSK = 1;
|
||||
#endif
|
||||
(void)doPSK;
|
||||
|
||||
#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_SHELL)
|
||||
port = ((func_args*)args)->signal->port;
|
||||
@@ -151,8 +153,8 @@ void echoclient_test(void* args)
|
||||
/* don't use EDH, can't sniff tmp keys */
|
||||
SSL_CTX_set_cipher_list(ctx, "AES256-SHA");
|
||||
#endif
|
||||
if (doPSK) {
|
||||
#ifndef NO_PSK
|
||||
if (doPSK) {
|
||||
const char *defaultCipherList;
|
||||
|
||||
CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
|
||||
@@ -165,8 +167,8 @@ void echoclient_test(void* args)
|
||||
#endif
|
||||
if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=WOLFSSL_SUCCESS)
|
||||
err_sys("client can't set cipher list 2");
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ENCRYPTED_KEYS
|
||||
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
|
||||
@@ -318,8 +320,10 @@ void echoclient_test(void* args)
|
||||
#endif
|
||||
|
||||
fflush(fout);
|
||||
#ifndef WOLFSSL_MDK_SHELL
|
||||
if (inCreated) fclose(fin);
|
||||
if (outCreated) fclose(fout);
|
||||
#endif
|
||||
|
||||
CloseSocket(sockfd);
|
||||
((func_args*)args)->return_code = 0;
|
||||
|
||||
@@ -203,7 +203,6 @@ static int TestEmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
||||
WOLFSSL_TEST_DTLS_CTX* dtlsCtx = (WOLFSSL_TEST_DTLS_CTX*)ctx;
|
||||
int sd = dtlsCtx->wfd;
|
||||
int sent;
|
||||
int len = sz;
|
||||
int err;
|
||||
|
||||
(void)ssl;
|
||||
@@ -220,9 +219,8 @@ static int TestEmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
||||
}
|
||||
}
|
||||
|
||||
sent = (int)sendto(sd, &buf[sz - len], len, 0,
|
||||
(const SOCKADDR*)&dtlsCtx->peer.sa,
|
||||
dtlsCtx->peer.sz);
|
||||
sent = (int)sendto(sd, buf, sz, 0, (const SOCKADDR*)&dtlsCtx->peer.sa,
|
||||
dtlsCtx->peer.sz);
|
||||
|
||||
sent = TranslateReturnCode(sent, sd);
|
||||
|
||||
@@ -430,7 +428,11 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
|
||||
#endif
|
||||
"\tRX %8.3f ms (%8.3f MBps)\n"
|
||||
"\tTX %8.3f ms (%8.3f MBps)\n",
|
||||
#if !defined(__MINGW32__)
|
||||
throughput,
|
||||
#else
|
||||
(int)throughput,
|
||||
#endif
|
||||
tx_time * 1000, throughput / tx_time / 1024 / 1024,
|
||||
rx_time * 1000, throughput / rx_time / 1024 / 1024
|
||||
);
|
||||
@@ -902,7 +904,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
||||
#endif
|
||||
int useWebServerMsg = 0;
|
||||
char input[80];
|
||||
#ifndef WOLFSSL_VXWORKS
|
||||
int ch;
|
||||
#endif
|
||||
int version = SERVER_DEFAULT_VERSION;
|
||||
#ifndef WOLFSSL_NO_CLIENT_AUTH
|
||||
int doCliCertCheck = 1;
|
||||
@@ -2199,11 +2203,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
|
||||
}
|
||||
#endif
|
||||
tcp_set_nonblocking(&clientfd);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef WOLFSSL_CALLBACKS
|
||||
if (nonBlocking) {
|
||||
ret = NonBlockingSSL_Accept(ssl);
|
||||
}
|
||||
else {
|
||||
|
||||
+22
-19
@@ -6298,27 +6298,29 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
||||
#endif
|
||||
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) ||defined(HAVE_CURVE448)
|
||||
{
|
||||
int dtype;
|
||||
int dtype = 0;
|
||||
#ifdef HAVE_ECC
|
||||
dtype = DYNAMIC_TYPE_ECC;
|
||||
#endif
|
||||
#ifdef HAVE_CURVE25519
|
||||
if (ssl->peerX25519KeyPresent
|
||||
#ifdef HAVE_ECC
|
||||
if (ssl->peerX25519KeyPresent ||
|
||||
ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE25519)
|
||||
|| ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE25519
|
||||
#endif /* HAVE_ECC */
|
||||
{
|
||||
)
|
||||
{
|
||||
dtype = DYNAMIC_TYPE_CURVE25519;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_CURVE25519 */
|
||||
#ifdef HAVE_CURVE448
|
||||
if (ssl->peerX448KeyPresent
|
||||
#ifdef HAVE_ECC
|
||||
if (ssl->peerX448KeyPresent ||
|
||||
ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE448)
|
||||
|| ssl->eccTempKeyPresent == DYNAMIC_TYPE_CURVE448
|
||||
#endif /* HAVE_ECC */
|
||||
{
|
||||
)
|
||||
{
|
||||
dtype = DYNAMIC_TYPE_CURVE448;
|
||||
}
|
||||
}
|
||||
#endif /* HAVE_CURVE448 */
|
||||
FreeKey(ssl, dtype, (void**)&ssl->eccTempKey);
|
||||
ssl->eccTempKeyPresent = 0;
|
||||
@@ -11227,7 +11229,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
}
|
||||
|
||||
if (keyRet != 0 || wc_RsaPublicKeyDecode(
|
||||
args->dCert->publicKey, &keyIdx, ssl->peerRsaKey,
|
||||
args->dCert->publicKey, &keyIdx, ssl->peerRsaKey,
|
||||
args->dCert->pubKeySize) != 0) {
|
||||
ret = PEER_KEY_ERROR;
|
||||
}
|
||||
@@ -11240,10 +11242,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
|
||||
ssl->peerTsipEncRsaKeyIndex = (byte*)XMALLOC(
|
||||
TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY,
|
||||
ssl->heap, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
if (!ssl->peerTsipEncRsaKeyIndex) {
|
||||
args->lastErr = MEMORY_E;
|
||||
goto exit_ppc;
|
||||
if (!ssl->peerTsipEncRsaKeyIndex) {
|
||||
args->lastErr = MEMORY_E;
|
||||
goto exit_ppc;
|
||||
}
|
||||
}
|
||||
|
||||
XMEMCPY(ssl->peerTsipEncRsaKeyIndex,
|
||||
@@ -19828,7 +19830,7 @@ exit_dpk:
|
||||
}
|
||||
#endif
|
||||
|
||||
if ((*inOutIdx - begin) + OPAQUE16_LEN + OPAQUE8_LEN > size)
|
||||
if (OPAQUE16_LEN + OPAQUE8_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
XMEMCPY(&pv, input + *inOutIdx, OPAQUE16_LEN);
|
||||
@@ -20373,7 +20375,7 @@ exit_dpk:
|
||||
AddLateName("CertificateRequest", &ssl->timeoutInfo);
|
||||
#endif
|
||||
|
||||
if ((*inOutIdx - begin) + OPAQUE8_LEN > size)
|
||||
if (OPAQUE8_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
len = input[(*inOutIdx)++];
|
||||
@@ -24024,7 +24026,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
return SESSION_TICKET_EXPECT_E;
|
||||
}
|
||||
|
||||
if ((*inOutIdx - begin) + OPAQUE32_LEN > size)
|
||||
if (OPAQUE32_LEN > size)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
ato32(input + *inOutIdx, &lifetime);
|
||||
@@ -26538,7 +26540,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo);
|
||||
#endif
|
||||
/* protocol version, random and session id length check */
|
||||
if ((i - begin) + OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
|
||||
if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
|
||||
return BUFFER_ERROR;
|
||||
|
||||
/* protocol version */
|
||||
@@ -29082,7 +29084,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
|
||||
ret = args->lastErr;
|
||||
args->lastErr = 0; /* reset */
|
||||
/* On error 'ret' will be negative - top bit set */
|
||||
mask = (ret >> ((sizeof(ret) * 8) - 1)) - 1;
|
||||
mask = ((unsigned int)ret >>
|
||||
((sizeof(ret) * 8) - 1)) - 1;
|
||||
|
||||
/* build PreMasterSecret */
|
||||
ssl->arrays->preMasterSecret[0] = ssl->chVersion.major;
|
||||
|
||||
+12
-10
@@ -2227,14 +2227,16 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
||||
#ifdef BUILD_ARC4
|
||||
if (specs->bulk_cipher_algorithm == wolfssl_rc4) {
|
||||
word32 sz = specs->key_size;
|
||||
if (enc && enc->arc4 == NULL)
|
||||
if (enc && enc->arc4 == NULL) {
|
||||
enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
|
||||
if (enc && enc->arc4 == NULL)
|
||||
return MEMORY_E;
|
||||
if (dec && dec->arc4 == NULL)
|
||||
if (enc->arc4 == NULL)
|
||||
return MEMORY_E;
|
||||
}
|
||||
if (dec && dec->arc4 == NULL) {
|
||||
dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER);
|
||||
if (dec && dec->arc4 == NULL)
|
||||
return MEMORY_E;
|
||||
if (dec->arc4 == NULL)
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if (enc) {
|
||||
if (wc_Arc4Init(enc->arc4, heap, devId) != 0) {
|
||||
@@ -2903,16 +2905,16 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
|
||||
if (enc && enc->hmac == NULL) {
|
||||
enc->hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap,
|
||||
DYNAMIC_TYPE_CIPHER);
|
||||
if (enc->hmac == NULL)
|
||||
return MEMORY_E;
|
||||
}
|
||||
if (enc && enc->hmac == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
if (dec && dec->hmac == NULL) {
|
||||
dec->hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap,
|
||||
DYNAMIC_TYPE_CIPHER);
|
||||
if (dec->hmac == NULL)
|
||||
return MEMORY_E;
|
||||
}
|
||||
if (dec && dec->hmac == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
if (enc) {
|
||||
if (wc_HmacInit(enc->hmac, heap, devId) != 0) {
|
||||
|
||||
+2
-2
@@ -1875,14 +1875,14 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes,
|
||||
}
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
#ifdef WC_RSA_BLINDING
|
||||
if (ret == 0) {
|
||||
ret = wc_RsaSetRNG(&key, session->sslServer->rng);
|
||||
if (ret != 0) {
|
||||
SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
if (ret == 0) {
|
||||
session->keySz = length * WOLFSSL_BIT_SIZE;
|
||||
|
||||
@@ -1152,10 +1152,9 @@ int wolfSSL_CTX_mcast_set_member_id(WOLFSSL_CTX* ctx, word16 id)
|
||||
#ifndef WOLFSSL_USER_IO
|
||||
ctx->CBIORecv = EmbedReceiveFromMcast;
|
||||
#endif /* WOLFSSL_USER_IO */
|
||||
}
|
||||
|
||||
if (ret == 0)
|
||||
ret = WOLFSSL_SUCCESS;
|
||||
}
|
||||
WOLFSSL_LEAVE("wolfSSL_CTX_mcast_set_member_id()", ret);
|
||||
return ret;
|
||||
}
|
||||
@@ -6383,9 +6382,8 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
|
||||
ret = ProcessBuffer(ctx, buff + used, sz - used, format, type, ssl,
|
||||
&consumed, 0, verify);
|
||||
|
||||
#ifdef WOLFSSL_WPAS
|
||||
#ifdef HAVE_CRL
|
||||
if (ret < 0) {
|
||||
#if defined(WOLFSSL_WPAS) && defined(HAVE_CRL)
|
||||
DerBuffer* der = NULL;
|
||||
EncryptedInfo info;
|
||||
|
||||
@@ -6394,15 +6392,13 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
|
||||
NULL) == 0) {
|
||||
WOLFSSL_MSG(" Processed a CRL");
|
||||
wolfSSL_CertManagerLoadCRLBuffer(ctx->cm, der->buffer,
|
||||
der->length, WOLFSSL_FILETYPE_ASN1);
|
||||
der->length, WOLFSSL_FILETYPE_ASN1);
|
||||
FreeDer(&der);
|
||||
used += info.consumed;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
if (ret < 0) {
|
||||
|
||||
if (consumed > 0) { /* Made progress in file */
|
||||
WOLFSSL_ERROR(ret);
|
||||
WOLFSSL_MSG("CA Parse failed, with progress in file.");
|
||||
@@ -13482,9 +13478,7 @@ int AddSession(WOLFSSL* ssl)
|
||||
session->ticket = session->staticTicket;
|
||||
session->isDynamic = 0;
|
||||
}
|
||||
}
|
||||
|
||||
if (error == 0) {
|
||||
session->ticketLen = (word16)ticLen;
|
||||
XMEMCPY(session->ticket, ssl->session.ticket, ticLen);
|
||||
} else { /* cleanup, reset state */
|
||||
@@ -39339,8 +39333,6 @@ void* wolfSSL_GetDhAgreeCtx(WOLFSSL* ssl)
|
||||
#ifdef WOLFSSL_CERT_EXT
|
||||
cName->busCat[0] = '\0';
|
||||
cName->busCatEnc = CTC_UTF8;
|
||||
cName->serialDev[0] = '\0';
|
||||
cName->serialDevEnc = CTC_PRINTABLE;
|
||||
cName->joiC[0] = '\0';
|
||||
cName->joiCEnc = CTC_PRINTABLE;
|
||||
cName->joiSt[0] = '\0';
|
||||
@@ -40272,10 +40264,8 @@ err:
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
XSTRNCPY(nameStr, pem + PEM_BEGIN_SZ, nameLen);
|
||||
nameStr[nameLen] = '\0';
|
||||
}
|
||||
|
||||
/* Get header of PEM - encryption header. */
|
||||
if (ret == WOLFSSL_SUCCESS) {
|
||||
/* Get header of PEM - encryption header. */
|
||||
headerLen = 0;
|
||||
while ((pemLen = wolfSSL_BIO_gets(bio, pem, sizeof(pem) - 1)) > 0) {
|
||||
while (pemLen > 0 && (pem[pemLen - 1] == '\r' ||
|
||||
@@ -43707,7 +43697,9 @@ long wolfSSL_ctrl(WOLFSSL* ssl, int cmd, long opt, void* pt)
|
||||
|
||||
long wolfSSL_CTX_ctrl(WOLFSSL_CTX* ctx, int cmd, long opt, void* pt)
|
||||
{
|
||||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
|
||||
long ctrl_opt;
|
||||
#endif
|
||||
long ret = WOLFSSL_SUCCESS;
|
||||
|
||||
WOLFSSL_ENTER("wolfSSL_CTX_ctrl");
|
||||
|
||||
@@ -9001,13 +9001,13 @@ static int TLSX_EarlyData_Parse(WOLFSSL* ssl, byte* input, word16 length,
|
||||
return TLSX_EarlyData_Use(ssl, 1);
|
||||
}
|
||||
if (msgType == session_ticket) {
|
||||
word32 max;
|
||||
word32 maxSz;
|
||||
|
||||
if (length != OPAQUE32_LEN)
|
||||
return BUFFER_E;
|
||||
ato32(input, &max);
|
||||
ato32(input, &maxSz);
|
||||
|
||||
ssl->session.maxEarlyDataSz = max;
|
||||
ssl->session.maxEarlyDataSz = maxSz;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
+2
-4
@@ -392,12 +392,11 @@ int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
||||
WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx;
|
||||
int sd = dtlsCtx->wfd;
|
||||
int sent;
|
||||
int len = sz;
|
||||
int err;
|
||||
|
||||
WOLFSSL_ENTER("EmbedSendTo()");
|
||||
|
||||
sent = (int)SENDTO_FUNCTION(sd, &buf[sz - len], len, ssl->wflags,
|
||||
sent = (int)SENDTO_FUNCTION(sd, buf, sz, ssl->wflags,
|
||||
(const SOCKADDR*)dtlsCtx->peer.sa,
|
||||
dtlsCtx->peer.sz);
|
||||
|
||||
@@ -1928,12 +1927,11 @@ int MicriumSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
|
||||
WOLFSSL_DTLS_CTX* dtlsCtx = (WOLFSSL_DTLS_CTX*)ctx;
|
||||
NET_SOCK_ID sd = dtlsCtx->wfd;
|
||||
NET_SOCK_RTN_CODE ret;
|
||||
int len = sz;
|
||||
NET_ERR err;
|
||||
|
||||
WOLFSSL_ENTER("MicriumSendTo()");
|
||||
|
||||
ret = NetSock_TxDataTo(sd, &buf[sz - len], len, ssl->wflags,
|
||||
ret = NetSock_TxDataTo(sd, buf, sz, ssl->wflags,
|
||||
(NET_SOCK_ADDR*)dtlsCtx->peer.sa,
|
||||
(NET_SOCK_ADDR_LEN)dtlsCtx->peer.sz,
|
||||
&err);
|
||||
|
||||
+10
-8
@@ -13728,8 +13728,7 @@ static int test_wc_DsaPublicPrivateKeyDecode (void)
|
||||
priv = WOLFSSL_FATAL_ERROR;
|
||||
}
|
||||
}
|
||||
} /* END Private Key */
|
||||
if (ret == 0) {
|
||||
|
||||
wc_FreeDsaKey(&key);
|
||||
ret = wc_InitDsaKey(&key);
|
||||
}
|
||||
@@ -27085,11 +27084,12 @@ static void test_wolfSSL_sk_CIPHER_description(void)
|
||||
}
|
||||
|
||||
/* Search cipher description string for "unknown" descriptor */
|
||||
for (j=0; j < (int)XSTRLEN(buf); j++) {
|
||||
k=0;
|
||||
while ((buf[j] == badStr[k]) && (k < (int)XSTRLEN(badStr))) {
|
||||
for (j = 0; j < (int)XSTRLEN(buf); j++) {
|
||||
k = 0;
|
||||
while ((k < (int)XSTRLEN(badStr)) && (buf[j] == badStr[k])) {
|
||||
test_str[k] = badStr[k];
|
||||
j++,k++;
|
||||
j++;
|
||||
k++;
|
||||
}
|
||||
}
|
||||
/* Fail if test_str == badStr == "unknown" */
|
||||
@@ -28782,11 +28782,13 @@ static void test_wc_ecc_get_curve_id_from_name(void)
|
||||
static void test_wc_ecc_get_curve_id_from_dp_params(void)
|
||||
{
|
||||
int id;
|
||||
#if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
|
||||
int curve_id;
|
||||
int ret = 0;
|
||||
WOLFSSL_EC_KEY *ecKey;
|
||||
ecc_key* key;
|
||||
const ecc_set_type* params;
|
||||
int ret;
|
||||
#endif
|
||||
WOLFSSL_EC_KEY *ecKey = NULL;
|
||||
|
||||
printf(testingFmt, "wc_ecc_get_curve_id_from_dp_params");
|
||||
|
||||
|
||||
+84
-77
@@ -38,7 +38,7 @@ static word32 usernameSz = 4;
|
||||
static byte password[] = "password";
|
||||
static word32 passwordSz = 8;
|
||||
|
||||
static byte N[] = {
|
||||
static byte srp_N[] = {
|
||||
0xD4, 0xC7, 0xF8, 0xA2, 0xB3, 0x2C, 0x11, 0xB8, 0xFB, 0xA9, 0x58, 0x1E,
|
||||
0xC4, 0xBA, 0x4F, 0x1B, 0x04, 0x21, 0x56, 0x42, 0xEF, 0x73, 0x55, 0xE3,
|
||||
0x7C, 0x0F, 0xC0, 0x44, 0x3E, 0xF7, 0x56, 0xEA, 0x2C, 0x6B, 0x8E, 0xEB,
|
||||
@@ -47,15 +47,15 @@ static byte N[] = {
|
||||
0xDB, 0xDF, 0xCA, 0x43
|
||||
};
|
||||
|
||||
static byte g[] = {
|
||||
static byte srp_g[] = {
|
||||
0x02
|
||||
};
|
||||
|
||||
static byte salt[] = {
|
||||
static byte srp_salt[] = {
|
||||
0x80, 0x66, 0x61, 0x5B, 0x7D, 0x33, 0xA2, 0x2E, 0x79, 0x18
|
||||
};
|
||||
|
||||
static byte verifier[] = {
|
||||
static byte srp_verifier[] = {
|
||||
0x24, 0x5F, 0xA5, 0x1B, 0x2A, 0x28, 0xF8, 0xFF, 0xE2, 0xA0, 0xF8, 0x61,
|
||||
0x7B, 0x0F, 0x3C, 0x05, 0xD6, 0x4A, 0x55, 0xDF, 0x74, 0x31, 0x54, 0x47,
|
||||
0xA1, 0xFA, 0x9D, 0x25, 0x7B, 0x02, 0x88, 0x0A, 0xE8, 0x5A, 0xBA, 0x8B,
|
||||
@@ -64,13 +64,13 @@ static byte verifier[] = {
|
||||
0x38, 0x19, 0xAB, 0x24
|
||||
};
|
||||
|
||||
static byte a[] = {
|
||||
static byte srp_a[] = {
|
||||
0x37, 0x95, 0xF2, 0xA6, 0xF1, 0x6F, 0x0D, 0x58, 0xBF, 0xED, 0x44, 0x87,
|
||||
0xE0, 0xB6, 0xCC, 0x1C, 0xA0, 0x50, 0xC6, 0x61, 0xBB, 0x36, 0xE0, 0x9A,
|
||||
0xF3, 0xF7, 0x1E, 0x7A, 0x61, 0x86, 0x5A, 0xF5
|
||||
};
|
||||
|
||||
static byte A[] = {
|
||||
static byte srp_A[] = {
|
||||
0x8D, 0x28, 0xC5, 0x6A, 0x46, 0x5C, 0x82, 0xDB, 0xC7, 0xF6, 0x8B, 0x62,
|
||||
0x1A, 0xAD, 0xA1, 0x76, 0x1B, 0x55, 0xFF, 0xAB, 0x10, 0x2F, 0xFF, 0x4A,
|
||||
0xAA, 0x46, 0xAD, 0x33, 0x64, 0xDE, 0x28, 0x2E, 0x82, 0x7A, 0xBE, 0xEA,
|
||||
@@ -79,13 +79,13 @@ static byte A[] = {
|
||||
0xBF, 0xCF, 0x2D, 0xB0
|
||||
};
|
||||
|
||||
static byte b[] = {
|
||||
static byte srp_b[] = {
|
||||
0x2B, 0xDD, 0x30, 0x30, 0x53, 0xAF, 0xD8, 0x3A, 0xE7, 0xE0, 0x17, 0x82,
|
||||
0x39, 0x44, 0x2C, 0xDB, 0x30, 0x88, 0x0F, 0xC8, 0x88, 0xC2, 0xB2, 0xC1,
|
||||
0x78, 0x43, 0x2F, 0xD5, 0x60, 0xD4, 0xDA, 0x43
|
||||
};
|
||||
|
||||
static byte B[] = {
|
||||
static byte srp_B[] = {
|
||||
0xB5, 0x80, 0x36, 0x7F, 0x50, 0x89, 0xC1, 0x04, 0x42, 0x98, 0xD7, 0x6A,
|
||||
0x37, 0x8E, 0xF1, 0x81, 0x52, 0xC5, 0x7A, 0xA1, 0xD5, 0xB7, 0x66, 0x84,
|
||||
0xA1, 0x3E, 0x32, 0x82, 0x2B, 0x3A, 0xB5, 0xD7, 0x3D, 0x50, 0xF1, 0x58,
|
||||
@@ -94,19 +94,19 @@ static byte B[] = {
|
||||
0x0E, 0xC7, 0x92, 0xAD
|
||||
};
|
||||
|
||||
static byte key[] = {
|
||||
static byte srp_key[] = {
|
||||
0x66, 0x00, 0x9D, 0x58, 0xB3, 0xD2, 0x0D, 0x4B, 0x69, 0x7F, 0xCF, 0x48,
|
||||
0xFF, 0x8F, 0x15, 0x81, 0x4C, 0x4B, 0xFE, 0x9D, 0x85, 0x77, 0x88, 0x60,
|
||||
0x1D, 0x1E, 0x51, 0xCF, 0x75, 0xCC, 0x58, 0x00, 0xE7, 0x8D, 0x22, 0x87,
|
||||
0x13, 0x6C, 0x88, 0x55
|
||||
};
|
||||
|
||||
static byte client_proof[] = {
|
||||
static byte srp_client_proof[] = {
|
||||
0x0D, 0x49, 0xE1, 0x9C, 0x3A, 0x88, 0x43, 0x15, 0x45, 0xA8, 0xAC, 0xAB,
|
||||
0xEA, 0x15, 0x1A, 0xEE, 0xF9, 0x38, 0x4D, 0x21
|
||||
};
|
||||
|
||||
static byte server_proof[] = {
|
||||
static byte srp_server_proof[] = {
|
||||
0xBD, 0xB1, 0x20, 0x70, 0x46, 0xC9, 0xD6, 0xCC, 0xE2, 0x1D, 0x75, 0xA2,
|
||||
0xD0, 0xAF, 0xC5, 0xBC, 0xAE, 0x12, 0xFC, 0x75
|
||||
};
|
||||
@@ -151,34 +151,39 @@ static void test_SrpSetParams(void)
|
||||
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
|
||||
|
||||
/* invalid call order */
|
||||
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpSetParams(&srp, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpSetParams(&srp,
|
||||
srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
|
||||
/* fix call order */
|
||||
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
|
||||
|
||||
/* invalid params */
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(NULL, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, NULL, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N),
|
||||
NULL, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
NULL, sizeof(salt)));
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(NULL,
|
||||
srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp,
|
||||
NULL, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp,
|
||||
srp_N, sizeof(srp_N),
|
||||
NULL, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp,
|
||||
srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
NULL, sizeof(srp_salt)));
|
||||
|
||||
/* success */
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
|
||||
AssertIntEQ(sizeof(salt), srp.saltSz);
|
||||
AssertIntEQ(0, XMEMCMP(srp.salt, salt, srp.saltSz));
|
||||
AssertIntEQ(sizeof(srp_salt), srp.saltSz);
|
||||
AssertIntEQ(0, XMEMCMP(srp.salt, srp_salt, srp.saltSz));
|
||||
|
||||
wc_SrpTerm(&srp);
|
||||
}
|
||||
@@ -199,9 +204,9 @@ static void test_SrpSetPassword(void)
|
||||
wc_SrpGetVerifier(&srp, v, &vSz));
|
||||
|
||||
/* fix call order */
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
|
||||
/* invalid params */
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(NULL, password, passwordSz));
|
||||
@@ -218,8 +223,8 @@ static void test_SrpSetPassword(void)
|
||||
/* success */
|
||||
vSz = sizeof(v);
|
||||
AssertIntEQ(0, wc_SrpGetVerifier(&srp, v, &vSz));
|
||||
AssertIntEQ(vSz, sizeof(verifier));
|
||||
AssertIntEQ(0, XMEMCMP(verifier, v, vSz));
|
||||
AssertIntEQ(vSz, sizeof(srp_verifier));
|
||||
AssertIntEQ(0, XMEMCMP(srp_verifier, v, vSz));
|
||||
|
||||
/* invalid params - client side srp */
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, v, vSz));
|
||||
@@ -245,9 +250,9 @@ static void test_SrpGetPublic(void)
|
||||
|
||||
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
|
||||
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
|
||||
/* invalid call order */
|
||||
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, pub, &pubSz));
|
||||
@@ -263,30 +268,30 @@ static void test_SrpGetPublic(void)
|
||||
|
||||
/* success */
|
||||
pubSz = sizeof(pub);
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srp, a, sizeof(a)));
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srp, srp_a, sizeof(srp_a)));
|
||||
AssertIntEQ(0, wc_SrpGetPublic(&srp, pub, &pubSz));
|
||||
AssertIntEQ(pubSz, sizeof(A));
|
||||
AssertIntEQ(0, XMEMCMP(pub, A, pubSz));
|
||||
AssertIntEQ(pubSz, sizeof(srp_A));
|
||||
AssertIntEQ(0, XMEMCMP(pub, srp_A, pubSz));
|
||||
|
||||
wc_SrpTerm(&srp);
|
||||
|
||||
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE));
|
||||
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
|
||||
/* invalid call order */
|
||||
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, pub, &pubSz));
|
||||
|
||||
/* fix call order */
|
||||
AssertIntEQ(0, wc_SrpSetVerifier(&srp, verifier, sizeof(verifier)));
|
||||
AssertIntEQ(0, wc_SrpSetVerifier(&srp, srp_verifier, sizeof(srp_verifier)));
|
||||
|
||||
/* success */
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srp, b, sizeof(b)));
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srp, srp_b, sizeof(srp_b)));
|
||||
AssertIntEQ(0, wc_SrpGetPublic(&srp, pub, &pubSz));
|
||||
AssertIntEQ(pubSz, sizeof(B));
|
||||
AssertIntEQ(0, XMEMCMP(pub, B, pubSz));
|
||||
AssertIntEQ(pubSz, sizeof(srp_B));
|
||||
AssertIntEQ(0, XMEMCMP(pub, srp_B, pubSz));
|
||||
|
||||
wc_SrpTerm(&srp);
|
||||
}
|
||||
@@ -311,22 +316,22 @@ static void test_SrpComputeKey(void)
|
||||
AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
|
||||
AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
|
||||
|
||||
AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&cli, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srv, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
|
||||
AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
|
||||
AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier)));
|
||||
AssertIntEQ(0, wc_SrpSetVerifier(&srv, srp_verifier, sizeof(srp_verifier)));
|
||||
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a)));
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&cli, srp_a, sizeof(srp_a)));
|
||||
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz));
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b)));
|
||||
AssertIntEQ(0, XMEMCMP(clientPubKey, srp_A, clientPubKeySz));
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srv, srp_b, sizeof(srp_b)));
|
||||
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(serverPubKey, srp_B, serverPubKeySz));
|
||||
|
||||
/* invalid params */
|
||||
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(NULL,
|
||||
@@ -350,8 +355,8 @@ static void test_SrpComputeKey(void)
|
||||
serverPubKey, serverPubKeySz));
|
||||
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
|
||||
serverPubKey, serverPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key)));
|
||||
AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key)));
|
||||
AssertIntEQ(0, XMEMCMP(cli.key, srp_key, sizeof(srp_key)));
|
||||
AssertIntEQ(0, XMEMCMP(srv.key, srp_key, sizeof(srp_key)));
|
||||
|
||||
wc_SrpTerm(&cli);
|
||||
wc_SrpTerm(&srv);
|
||||
@@ -375,31 +380,31 @@ static void test_SrpGetProofAndVerify(void)
|
||||
AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
|
||||
AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
|
||||
|
||||
AssertIntEQ(0, wc_SrpSetParams(&cli, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srv, N, sizeof(N),
|
||||
g, sizeof(g),
|
||||
salt, sizeof(salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&cli, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
AssertIntEQ(0, wc_SrpSetParams(&srv, srp_N, sizeof(srp_N),
|
||||
srp_g, sizeof(srp_g),
|
||||
srp_salt, sizeof(srp_salt)));
|
||||
|
||||
AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
|
||||
AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier, sizeof(verifier)));
|
||||
AssertIntEQ(0, wc_SrpSetVerifier(&srv, srp_verifier, sizeof(srp_verifier)));
|
||||
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&cli, a, sizeof(a)));
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&cli, srp_a, sizeof(srp_a)));
|
||||
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(clientPubKey, A, clientPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(clientPubKey, srp_A, clientPubKeySz));
|
||||
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srv, b, sizeof(b)));
|
||||
AssertIntEQ(0, wc_SrpSetPrivate(&srv, srp_b, sizeof(srp_b)));
|
||||
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(serverPubKey, B, serverPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(serverPubKey, srp_B, serverPubKeySz));
|
||||
|
||||
AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
|
||||
serverPubKey, serverPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(cli.key, key, sizeof(key)));
|
||||
AssertIntEQ(0, XMEMCMP(cli.key, srp_key, sizeof(srp_key)));
|
||||
|
||||
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
|
||||
serverPubKey, serverPubKeySz));
|
||||
AssertIntEQ(0, XMEMCMP(srv.key, key, sizeof(key)));
|
||||
AssertIntEQ(0, XMEMCMP(srv.key, srp_key, sizeof(srp_key)));
|
||||
|
||||
/* invalid params */
|
||||
serverProofSz = 0;
|
||||
@@ -418,10 +423,12 @@ static void test_SrpGetProofAndVerify(void)
|
||||
|
||||
/* success */
|
||||
AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz));
|
||||
AssertIntEQ(0, XMEMCMP(clientProof, client_proof, sizeof(client_proof)));
|
||||
AssertIntEQ(0, XMEMCMP(clientProof, srp_client_proof,
|
||||
sizeof(srp_client_proof)));
|
||||
AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz));
|
||||
AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz));
|
||||
AssertIntEQ(0, XMEMCMP(serverProof, server_proof, sizeof(server_proof)));
|
||||
AssertIntEQ(0, XMEMCMP(serverProof, srp_server_proof,
|
||||
sizeof(srp_server_proof)));
|
||||
AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz));
|
||||
|
||||
wc_SrpTerm(&cli);
|
||||
|
||||
@@ -242,14 +242,10 @@ void simple_test(func_args* args)
|
||||
for (i = 0; i < 3; i++)
|
||||
cliArgv[i] = argvc[i];
|
||||
|
||||
strcpy(argvs[0], "SimpleServer");
|
||||
svrArgs.argc = 1;
|
||||
svrArgs.argv = svrArgv;
|
||||
svrArgs.return_code = 0;
|
||||
cliArgs.argc = 1;
|
||||
cliArgs.argv = cliArgv;
|
||||
cliArgs.return_code = 0;
|
||||
|
||||
strcpy(argvs[0], "SimpleServer");
|
||||
#if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_SNIFFER) && \
|
||||
!defined(WOLFSSL_TIRTOS)
|
||||
strcpy(argvs[svrArgs.argc++], "-p");
|
||||
@@ -264,10 +260,14 @@ void simple_test(func_args* args)
|
||||
|
||||
/* Setting the actual port number. */
|
||||
strcpy(argvc[0], "SimpleClient");
|
||||
cliArgs.argv = cliArgv;
|
||||
cliArgs.return_code = 0;
|
||||
#ifndef USE_WINDOWS_API
|
||||
cliArgs.argc = NUMARGS;
|
||||
strcpy(argvc[1], "-p");
|
||||
snprintf(argvc[2], sizeof(argvc[2]), "%d", svrArgs.signal->port);
|
||||
#else
|
||||
cliArgs.argc = 1;
|
||||
#endif
|
||||
|
||||
client_test(&cliArgs);
|
||||
|
||||
@@ -718,7 +718,7 @@ static const char* bench_desc_words[][9] = {
|
||||
|| defined(HAVE_CURVE25519) || defined(HAVE_ED25519) \
|
||||
|| defined(HAVE_CURVE448) || defined(HAVE_ED448)
|
||||
#define HAVE_LOCAL_RNG
|
||||
static THREAD_LS_T WC_RNG rng;
|
||||
static THREAD_LS_T WC_RNG gRng;
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_ED25519) || defined(HAVE_CURVE25519) || \
|
||||
@@ -1371,9 +1371,9 @@ static void* benchmarks_do(void* args)
|
||||
int rngRet;
|
||||
|
||||
#ifndef HAVE_FIPS
|
||||
rngRet = wc_InitRng_ex(&rng, HEAP_HINT, devId);
|
||||
rngRet = wc_InitRng_ex(&gRng, HEAP_HINT, devId);
|
||||
#else
|
||||
rngRet = wc_InitRng(&rng);
|
||||
rngRet = wc_InitRng(&gRng);
|
||||
#endif
|
||||
if (rngRet < 0) {
|
||||
printf("InitRNG failed\n");
|
||||
@@ -1891,7 +1891,7 @@ exit:
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_LOCAL_RNG)
|
||||
wc_FreeRng(&rng);
|
||||
wc_FreeRng(&gRng);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
@@ -4308,7 +4308,7 @@ static void bench_rsaKeyGen_helper(int doAsync, int keySz)
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = wc_MakeRsaKey(&genKey[i], keySz, rsa_e_val, &rng);
|
||||
ret = wc_MakeRsaKey(&genKey[i], keySz, rsa_e_val, &gRng);
|
||||
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 0, ×, &pending)) {
|
||||
goto exit;
|
||||
}
|
||||
@@ -4472,12 +4472,11 @@ static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING],
|
||||
DECLARE_VAR_INIT(message, byte, len, messageStr, HEAP_HINT);
|
||||
#endif
|
||||
#if !defined(WOLFSSL_MDK5_COMPLv5)
|
||||
/* MDK5 compiler regard this as a executable statement, and does not allow declarations after the line. */
|
||||
DECLARE_ARRAY_DYNAMIC_DEC(enc, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
|
||||
#else
|
||||
byte* enc[BENCH_MAX_PENDING];
|
||||
int idxenc;
|
||||
#endif
|
||||
/* MDK5 compiler regard this as a executable statement, and does not allow declarations after the line. */
|
||||
DECLARE_ARRAY_DYNAMIC_DEC(enc, byte, BENCH_MAX_PENDING, rsaKeySz, HEAP_HINT);
|
||||
#else
|
||||
byte* enc[BENCH_MAX_PENDING];
|
||||
#endif
|
||||
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY)
|
||||
#if !defined(WOLFSSL_MDK5_COMPLv5)
|
||||
@@ -4511,7 +4510,7 @@ static void bench_rsa_helper(int doAsync, RsaKey rsaKey[BENCH_MAX_PENDING],
|
||||
1, ×, ntimes, &pending)) {
|
||||
ret = wc_RsaPublicEncrypt(message, (word32)len, enc[i],
|
||||
rsaKeySz/8, &rsaKey[i],
|
||||
&rng);
|
||||
&gRng);
|
||||
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(
|
||||
&rsaKey[i]), 1, ×, &pending)) {
|
||||
goto exit_rsa_pub;
|
||||
@@ -4574,7 +4573,7 @@ exit:
|
||||
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&rsaKey[i]),
|
||||
1, ×, ntimes, &pending)) {
|
||||
ret = wc_RsaSSL_Sign(message, len, enc[i],
|
||||
rsaKeySz/8, &rsaKey[i], &rng);
|
||||
rsaKeySz/8, &rsaKey[i], &gRng);
|
||||
if (!bench_async_handle(&ret,
|
||||
BENCH_ASYNC_GET_DEV(&rsaKey[i]),
|
||||
1, ×, &pending)) {
|
||||
@@ -4691,7 +4690,7 @@ void bench_rsa(int doAsync)
|
||||
|
||||
#ifndef WOLFSSL_RSA_VERIFY_ONLY
|
||||
#ifdef WC_RSA_BLINDING
|
||||
ret = wc_RsaSetRNG(&rsaKey[i], &rng);
|
||||
ret = wc_RsaSetRNG(&rsaKey[i], &gRng);
|
||||
if (ret != 0)
|
||||
goto exit_bench_rsa;
|
||||
#endif
|
||||
@@ -4763,14 +4762,14 @@ void bench_rsa_key(int doAsync, int rsaKeySz)
|
||||
}
|
||||
|
||||
#ifdef WC_RSA_BLINDING
|
||||
ret = wc_RsaSetRNG(&rsaKey[i], &rng);
|
||||
ret = wc_RsaSetRNG(&rsaKey[i], &gRng);
|
||||
if (ret != 0)
|
||||
goto exit_bench_rsa_key;
|
||||
#endif
|
||||
}
|
||||
|
||||
/* create the RSA key */
|
||||
ret = wc_MakeRsaKey(&rsaKey[i], rsaKeySz, exp, &rng);
|
||||
ret = wc_MakeRsaKey(&rsaKey[i], rsaKeySz, exp, &gRng);
|
||||
if (ret == WC_PENDING_E) {
|
||||
isPending[i] = 1;
|
||||
pending = 1;
|
||||
@@ -4920,7 +4919,7 @@ void bench_dh(int doAsync)
|
||||
for (i = 0; i < BENCH_MAX_PENDING; i++) {
|
||||
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&dhKey[i]), 0, ×, genTimes, &pending)) {
|
||||
privSz[i] = 0;
|
||||
ret = wc_DhGenerateKeyPair(&dhKey[i], &rng, priv[i], &privSz[i],
|
||||
ret = wc_DhGenerateKeyPair(&dhKey[i], &gRng, priv[i], &privSz[i],
|
||||
pub[i], &pubSz[i]);
|
||||
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&dhKey[i]), 0, ×, &pending)) {
|
||||
goto exit_dh_gen;
|
||||
@@ -4938,7 +4937,7 @@ exit_dh_gen:
|
||||
}
|
||||
|
||||
/* Generate key to use as other public */
|
||||
ret = wc_DhGenerateKeyPair(&dhKey[0], &rng, priv2, &privSz2, pub2, &pubSz2);
|
||||
ret = wc_DhGenerateKeyPair(&dhKey[0], &gRng, priv2, &privSz2, pub2, &pubSz2);
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
ret = wc_AsyncWait(ret, &dhKey[0].asyncDev, WC_ASYNC_FLAG_NONE);
|
||||
#endif
|
||||
@@ -4990,7 +4989,7 @@ byte GetEntropy(ENTROPY_CMD cmd, byte* out)
|
||||
return 0;
|
||||
|
||||
if (cmd == GET_BYTE_OF_ENTROPY)
|
||||
return (wc_RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
|
||||
return (wc_RNG_GenerateBlock(&gRng, out, 1) == 0) ? 1 : 0;
|
||||
|
||||
if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
|
||||
*out = 1;
|
||||
@@ -5232,7 +5231,7 @@ void bench_eccMakeKey(int doAsync)
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = wc_ecc_make_key(&rng, keySize, &genKey[i]);
|
||||
ret = wc_ecc_make_key(&gRng, keySize, &genKey[i]);
|
||||
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 0, ×, &pending)) {
|
||||
goto exit;
|
||||
}
|
||||
@@ -5288,7 +5287,7 @@ void bench_ecc(int doAsync)
|
||||
doAsync ? devId : INVALID_DEVID)) < 0) {
|
||||
goto exit;
|
||||
}
|
||||
ret = wc_ecc_make_key(&rng, keySize, &genKey[i]);
|
||||
ret = wc_ecc_make_key(&gRng, keySize, &genKey[i]);
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
ret = wc_AsyncWait(ret, &genKey[i].asyncDev, WC_ASYNC_FLAG_NONE);
|
||||
#endif
|
||||
@@ -5300,7 +5299,7 @@ void bench_ecc(int doAsync)
|
||||
if ((ret = wc_ecc_init_ex(&genKey2[i], HEAP_HINT, INVALID_DEVID)) < 0) {
|
||||
goto exit;
|
||||
}
|
||||
if ((ret = wc_ecc_make_key(&rng, keySize, &genKey2[i])) > 0) {
|
||||
if ((ret = wc_ecc_make_key(&gRng, keySize, &genKey2[i])) > 0) {
|
||||
goto exit;
|
||||
}
|
||||
#endif
|
||||
@@ -5356,7 +5355,7 @@ exit_ecdhe:
|
||||
if (genKey[i].state == 0)
|
||||
x[i] = ECC_MAX_SIG_SIZE;
|
||||
ret = wc_ecc_sign_hash(digest[i], (word32)keySize, sig[i], &x[i],
|
||||
&rng, &genKey[i]);
|
||||
&gRng, &genKey[i]);
|
||||
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1, ×, &pending)) {
|
||||
goto exit_ecdsa_sign;
|
||||
}
|
||||
@@ -5446,13 +5445,13 @@ void bench_eccEncrypt(void)
|
||||
return;
|
||||
}
|
||||
|
||||
ret = wc_ecc_make_key(&rng, keySize, &userA);
|
||||
ret = wc_ecc_make_key(&gRng, keySize, &userA);
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
ret = wc_AsyncWait(ret, &userA.asyncDev, WC_ASYNC_FLAG_NONE);
|
||||
#endif
|
||||
if (ret != 0)
|
||||
goto exit;
|
||||
ret = wc_ecc_make_key(&rng, keySize, &userB);
|
||||
ret = wc_ecc_make_key(&gRng, keySize, &userB);
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
ret = wc_AsyncWait(ret, &userB.asyncDev, WC_ASYNC_FLAG_NONE);
|
||||
#endif
|
||||
@@ -5513,7 +5512,7 @@ void bench_curve25519KeyGen(void)
|
||||
bench_stats_start(&count, &start);
|
||||
do {
|
||||
for (i = 0; i < genTimes; i++) {
|
||||
ret = wc_curve25519_make_key(&rng, 32, &genKey);
|
||||
ret = wc_curve25519_make_key(&gRng, 32, &genKey);
|
||||
wc_curve25519_free(&genKey);
|
||||
if (ret != 0) {
|
||||
printf("wc_curve25519_make_key failed: %d\n", ret);
|
||||
@@ -5538,12 +5537,12 @@ void bench_curve25519KeyAgree(void)
|
||||
wc_curve25519_init(&genKey);
|
||||
wc_curve25519_init(&genKey2);
|
||||
|
||||
ret = wc_curve25519_make_key(&rng, 32, &genKey);
|
||||
ret = wc_curve25519_make_key(&gRng, 32, &genKey);
|
||||
if (ret != 0) {
|
||||
printf("curve25519_make_key failed\n");
|
||||
return;
|
||||
}
|
||||
ret = wc_curve25519_make_key(&rng, 32, &genKey2);
|
||||
ret = wc_curve25519_make_key(&gRng, 32, &genKey2);
|
||||
if (ret != 0) {
|
||||
printf("curve25519_make_key failed: %d\n", ret);
|
||||
wc_curve25519_free(&genKey);
|
||||
@@ -5585,7 +5584,7 @@ void bench_ed25519KeyGen(void)
|
||||
do {
|
||||
for (i = 0; i < genTimes; i++) {
|
||||
wc_ed25519_init(&genKey);
|
||||
(void)wc_ed25519_make_key(&rng, 32, &genKey);
|
||||
(void)wc_ed25519_make_key(&gRng, 32, &genKey);
|
||||
wc_ed25519_free(&genKey);
|
||||
}
|
||||
count += i;
|
||||
@@ -5609,7 +5608,7 @@ void bench_ed25519KeySign(void)
|
||||
|
||||
wc_ed25519_init(&genKey);
|
||||
|
||||
ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &genKey);
|
||||
ret = wc_ed25519_make_key(&gRng, ED25519_KEY_SIZE, &genKey);
|
||||
if (ret != 0) {
|
||||
printf("ed25519_make_key failed\n");
|
||||
return;
|
||||
@@ -5670,7 +5669,7 @@ void bench_curve448KeyGen(void)
|
||||
bench_stats_start(&count, &start);
|
||||
do {
|
||||
for (i = 0; i < genTimes; i++) {
|
||||
ret = wc_curve448_make_key(&rng, 56, &genKey);
|
||||
ret = wc_curve448_make_key(&gRng, 56, &genKey);
|
||||
wc_curve448_free(&genKey);
|
||||
if (ret != 0) {
|
||||
printf("wc_curve448_make_key failed: %d\n", ret);
|
||||
@@ -5695,12 +5694,12 @@ void bench_curve448KeyAgree(void)
|
||||
wc_curve448_init(&genKey);
|
||||
wc_curve448_init(&genKey2);
|
||||
|
||||
ret = wc_curve448_make_key(&rng, 56, &genKey);
|
||||
ret = wc_curve448_make_key(&gRng, 56, &genKey);
|
||||
if (ret != 0) {
|
||||
printf("curve448_make_key failed\n");
|
||||
return;
|
||||
}
|
||||
ret = wc_curve448_make_key(&rng, 56, &genKey2);
|
||||
ret = wc_curve448_make_key(&gRng, 56, &genKey2);
|
||||
if (ret != 0) {
|
||||
printf("curve448_make_key failed: %d\n", ret);
|
||||
wc_curve448_free(&genKey);
|
||||
@@ -5742,7 +5741,7 @@ void bench_ed448KeyGen(void)
|
||||
do {
|
||||
for (i = 0; i < genTimes; i++) {
|
||||
wc_ed448_init(&genKey);
|
||||
(void)wc_ed448_make_key(&rng, ED448_KEY_SIZE, &genKey);
|
||||
(void)wc_ed448_make_key(&gRng, ED448_KEY_SIZE, &genKey);
|
||||
wc_ed448_free(&genKey);
|
||||
}
|
||||
count += i;
|
||||
@@ -5766,7 +5765,7 @@ void bench_ed448KeySign(void)
|
||||
|
||||
wc_ed448_init(&genKey);
|
||||
|
||||
ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &genKey);
|
||||
ret = wc_ed448_make_key(&gRng, ED448_KEY_SIZE, &genKey);
|
||||
if (ret != 0) {
|
||||
printf("ed448_make_key failed\n");
|
||||
return;
|
||||
|
||||
+10
-6
@@ -2178,18 +2178,19 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
word32 *rk = aes->key;
|
||||
word32 *rk;
|
||||
|
||||
(void)dir;
|
||||
|
||||
if (keylen != 16 &&
|
||||
if (aes == NULL || (keylen != 16 &&
|
||||
#ifdef WOLFSSL_AES_192
|
||||
keylen != 24 &&
|
||||
#endif
|
||||
keylen != 32) {
|
||||
keylen != 32)) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
rk = aes->key;
|
||||
aes->keylen = keylen;
|
||||
aes->rounds = keylen/4 + 6;
|
||||
XMEMCPY(rk, userKey, keylen);
|
||||
@@ -2305,7 +2306,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
const byte* iv, int dir)
|
||||
{
|
||||
int ret;
|
||||
byte* rk = (byte*)aes->key;
|
||||
byte* rk;
|
||||
byte* tmpKey = (byte*)userKey;
|
||||
int tmpKeyDynamic = 0;
|
||||
word32 alignOffset = 0;
|
||||
@@ -2314,7 +2315,10 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
|
||||
if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
|
||||
return BAD_FUNC_ARG;
|
||||
if (aes == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
rk = (byte*)aes->key;
|
||||
if (rk == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
@@ -2379,7 +2383,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
(void)dir;
|
||||
(void)iv;
|
||||
|
||||
if (keylen != 16)
|
||||
if (aes == NULL || keylen != 16)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
aes->keylen = keylen;
|
||||
@@ -2408,7 +2412,7 @@ static void wc_AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock)
|
||||
(void)dir;
|
||||
(void)iv;
|
||||
|
||||
if ( aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) {
|
||||
if (aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
|
||||
+3
-8
@@ -11387,11 +11387,7 @@ static
|
||||
void wc_SetCert_Free(Cert* cert)
|
||||
{
|
||||
if (cert != NULL) {
|
||||
|
||||
if (cert->der != NULL) {
|
||||
cert->der = NULL;
|
||||
}
|
||||
|
||||
cert->der = NULL;
|
||||
if (cert->decodedCert) {
|
||||
FreeDecodedCert((DecodedCert*)cert->decodedCert);
|
||||
|
||||
@@ -17086,8 +17082,8 @@ static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl,
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (*idx != end) /* skip extensions */
|
||||
*idx = end;
|
||||
/* skip extensions */
|
||||
*idx = end;
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -17458,7 +17454,6 @@ int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz)
|
||||
if (GetASNHeader(buf, ASN_PIV_SIGNED_NONCE, &idx, &length, totalSz) >= 0) {
|
||||
piv->signedNonce = &buf[idx];
|
||||
piv->signedNonceSz = length;
|
||||
idx += length;
|
||||
}
|
||||
|
||||
idx = 0;
|
||||
|
||||
+134
-107
@@ -167,22 +167,26 @@
|
||||
|
||||
int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
|
||||
{
|
||||
if (des == NULL || key == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
(void)dir;
|
||||
|
||||
#ifndef WOLFSSL_STM32_CUBEMX
|
||||
word32 *dkey1 = des->key[0];
|
||||
word32 *dkey2 = des->key[1];
|
||||
word32 *dkey3 = des->key[2];
|
||||
{
|
||||
word32 *dkey1 = des->key[0];
|
||||
word32 *dkey2 = des->key[1];
|
||||
word32 *dkey3 = des->key[2];
|
||||
|
||||
(void)dir;
|
||||
XMEMCPY(dkey1, key, 8); /* set key 1 */
|
||||
XMEMCPY(dkey2, key + 8, 8); /* set key 2 */
|
||||
XMEMCPY(dkey3, key + 16, 8); /* set key 3 */
|
||||
|
||||
XMEMCPY(dkey1, key, 8); /* set key 1 */
|
||||
XMEMCPY(dkey2, key + 8, 8); /* set key 2 */
|
||||
XMEMCPY(dkey3, key + 16, 8); /* set key 3 */
|
||||
|
||||
ByteReverseWords(dkey1, dkey1, 8);
|
||||
ByteReverseWords(dkey2, dkey2, 8);
|
||||
ByteReverseWords(dkey3, dkey3, 8);
|
||||
ByteReverseWords(dkey1, dkey1, 8);
|
||||
ByteReverseWords(dkey2, dkey2, 8);
|
||||
ByteReverseWords(dkey3, dkey3, 8);
|
||||
}
|
||||
#else
|
||||
(void)dir;
|
||||
XMEMCPY(des->key[0], key, DES3_KEYLEN); /* CUBEMX wants keys in sequential memory */
|
||||
#endif
|
||||
|
||||
@@ -344,110 +348,117 @@
|
||||
static void Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz,
|
||||
int dir)
|
||||
{
|
||||
if (des == NULL || out == NULL || in == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
#ifdef WOLFSSL_STM32_CUBEMX
|
||||
CRYP_HandleTypeDef hcryp;
|
||||
|
||||
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef));
|
||||
hcryp.Instance = CRYP;
|
||||
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
|
||||
hcryp.Init.DataType = CRYP_DATATYPE_8B;
|
||||
hcryp.Init.pKey = (uint8_t*)des->key;
|
||||
hcryp.Init.pInitVect = (uint8_t*)des->reg;
|
||||
|
||||
HAL_CRYP_Init(&hcryp);
|
||||
|
||||
while (sz > 0)
|
||||
{
|
||||
if (dir == DES_ENCRYPTION) {
|
||||
HAL_CRYP_TDESCBC_Encrypt(&hcryp, (byte*)in,
|
||||
DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
|
||||
}
|
||||
else {
|
||||
HAL_CRYP_TDESCBC_Decrypt(&hcryp, (byte*)in,
|
||||
DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
|
||||
CRYP_HandleTypeDef hcryp;
|
||||
|
||||
XMEMSET(&hcryp, 0, sizeof(CRYP_HandleTypeDef));
|
||||
hcryp.Instance = CRYP;
|
||||
hcryp.Init.KeySize = CRYP_KEYSIZE_128B;
|
||||
hcryp.Init.DataType = CRYP_DATATYPE_8B;
|
||||
hcryp.Init.pKey = (uint8_t*)des->key;
|
||||
hcryp.Init.pInitVect = (uint8_t*)des->reg;
|
||||
|
||||
HAL_CRYP_Init(&hcryp);
|
||||
|
||||
while (sz > 0)
|
||||
{
|
||||
if (dir == DES_ENCRYPTION) {
|
||||
HAL_CRYP_TDESCBC_Encrypt(&hcryp, (byte*)in,
|
||||
DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
|
||||
}
|
||||
else {
|
||||
HAL_CRYP_TDESCBC_Decrypt(&hcryp, (byte*)in,
|
||||
DES_BLOCK_SIZE, out, STM32_HAL_TIMEOUT);
|
||||
}
|
||||
|
||||
/* store iv for next call */
|
||||
XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
|
||||
|
||||
sz -= DES_BLOCK_SIZE;
|
||||
in += DES_BLOCK_SIZE;
|
||||
out += DES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
/* store iv for next call */
|
||||
XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
|
||||
|
||||
sz -= DES_BLOCK_SIZE;
|
||||
in += DES_BLOCK_SIZE;
|
||||
out += DES_BLOCK_SIZE;
|
||||
HAL_CRYP_DeInit(&hcryp);
|
||||
}
|
||||
|
||||
HAL_CRYP_DeInit(&hcryp);
|
||||
#else
|
||||
word32 *dkey1, *dkey2, *dkey3, *iv;
|
||||
CRYP_InitTypeDef DES3_CRYP_InitStructure;
|
||||
CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure;
|
||||
CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure;
|
||||
|
||||
dkey1 = des->key[0];
|
||||
dkey2 = des->key[1];
|
||||
dkey3 = des->key[2];
|
||||
iv = des->reg;
|
||||
|
||||
/* crypto structure initialization */
|
||||
CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure);
|
||||
CRYP_StructInit(&DES3_CRYP_InitStructure);
|
||||
CRYP_IVStructInit(&DES3_CRYP_IVInitStructure);
|
||||
|
||||
/* reset registers to their default values */
|
||||
CRYP_DeInit();
|
||||
|
||||
/* set direction, mode, and datatype */
|
||||
if (dir == DES_ENCRYPTION) {
|
||||
DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
|
||||
} else {
|
||||
DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
|
||||
}
|
||||
|
||||
DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC;
|
||||
DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
|
||||
CRYP_Init(&DES3_CRYP_InitStructure);
|
||||
|
||||
/* load key into correct registers */
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key1Left = dkey1[0];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key2Left = dkey2[0];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key3Left = dkey3[0];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1];
|
||||
CRYP_KeyInit(&DES3_CRYP_KeyInitStructure);
|
||||
|
||||
/* set iv */
|
||||
ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
|
||||
DES3_CRYP_IVInitStructure.CRYP_IV0Left = iv[0];
|
||||
DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
|
||||
CRYP_IVInit(&DES3_CRYP_IVInitStructure);
|
||||
|
||||
/* enable crypto processor */
|
||||
CRYP_Cmd(ENABLE);
|
||||
|
||||
while (sz > 0)
|
||||
{
|
||||
/* flush IN/OUT FIFOs */
|
||||
CRYP_FIFOFlush();
|
||||
word32 *dkey1, *dkey2, *dkey3, *iv;
|
||||
CRYP_InitTypeDef DES3_CRYP_InitStructure;
|
||||
CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure;
|
||||
CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure;
|
||||
|
||||
CRYP_DataIn(*(uint32_t*)&in[0]);
|
||||
CRYP_DataIn(*(uint32_t*)&in[4]);
|
||||
dkey1 = des->key[0];
|
||||
dkey2 = des->key[1];
|
||||
dkey3 = des->key[2];
|
||||
iv = des->reg;
|
||||
|
||||
/* wait until the complete message has been processed */
|
||||
while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
|
||||
/* crypto structure initialization */
|
||||
CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure);
|
||||
CRYP_StructInit(&DES3_CRYP_InitStructure);
|
||||
CRYP_IVStructInit(&DES3_CRYP_IVInitStructure);
|
||||
|
||||
*(uint32_t*)&out[0] = CRYP_DataOut();
|
||||
*(uint32_t*)&out[4] = CRYP_DataOut();
|
||||
/* reset registers to their default values */
|
||||
CRYP_DeInit();
|
||||
|
||||
/* store iv for next call */
|
||||
XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
|
||||
/* set direction, mode, and datatype */
|
||||
if (dir == DES_ENCRYPTION) {
|
||||
DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt;
|
||||
} else {
|
||||
DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt;
|
||||
}
|
||||
|
||||
sz -= DES_BLOCK_SIZE;
|
||||
in += DES_BLOCK_SIZE;
|
||||
out += DES_BLOCK_SIZE;
|
||||
DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC;
|
||||
DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b;
|
||||
CRYP_Init(&DES3_CRYP_InitStructure);
|
||||
|
||||
/* load key into correct registers */
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key1Left = dkey1[0];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key2Left = dkey2[0];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key3Left = dkey3[0];
|
||||
DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1];
|
||||
CRYP_KeyInit(&DES3_CRYP_KeyInitStructure);
|
||||
|
||||
/* set iv */
|
||||
ByteReverseWords(iv, iv, DES_BLOCK_SIZE);
|
||||
DES3_CRYP_IVInitStructure.CRYP_IV0Left = iv[0];
|
||||
DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1];
|
||||
CRYP_IVInit(&DES3_CRYP_IVInitStructure);
|
||||
|
||||
/* enable crypto processor */
|
||||
CRYP_Cmd(ENABLE);
|
||||
|
||||
while (sz > 0)
|
||||
{
|
||||
/* flush IN/OUT FIFOs */
|
||||
CRYP_FIFOFlush();
|
||||
|
||||
CRYP_DataIn(*(uint32_t*)&in[0]);
|
||||
CRYP_DataIn(*(uint32_t*)&in[4]);
|
||||
|
||||
/* wait until the complete message has been processed */
|
||||
while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {}
|
||||
|
||||
*(uint32_t*)&out[0] = CRYP_DataOut();
|
||||
*(uint32_t*)&out[4] = CRYP_DataOut();
|
||||
|
||||
/* store iv for next call */
|
||||
XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
|
||||
|
||||
sz -= DES_BLOCK_SIZE;
|
||||
in += DES_BLOCK_SIZE;
|
||||
out += DES_BLOCK_SIZE;
|
||||
}
|
||||
|
||||
/* disable crypto processor */
|
||||
CRYP_Cmd(DISABLE);
|
||||
}
|
||||
|
||||
/* disable crypto processor */
|
||||
CRYP_Cmd(DISABLE);
|
||||
#endif /* WOLFSSL_STM32_CUBEMX */
|
||||
}
|
||||
|
||||
@@ -655,10 +666,13 @@
|
||||
|
||||
int wc_Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir)
|
||||
{
|
||||
if (des3 == NULL || key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
if(desBuffIn == NULL) {
|
||||
if (desBuffIn == NULL) {
|
||||
#if defined (HAVE_THREADX)
|
||||
int s1, s2, s3, s4, s5;
|
||||
int s1, s2, s3, s4, s5;
|
||||
s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc,
|
||||
sizeof(SECdescriptorType), TX_NO_WAIT);
|
||||
s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn, DES_BUFFER_SIZE, TX_NO_WAIT);
|
||||
@@ -688,7 +702,13 @@
|
||||
#include "fsl_ltc.h"
|
||||
int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
|
||||
{
|
||||
byte* dkey = (byte*)des->key;
|
||||
byte* dkey;
|
||||
|
||||
if (des == NULL || key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
dkey = (byte*)des->key;
|
||||
|
||||
XMEMCPY(dkey, key, 8);
|
||||
|
||||
@@ -792,7 +812,14 @@
|
||||
int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
|
||||
{
|
||||
int i = 0;
|
||||
byte* dkey = (byte*)des->key;
|
||||
byte* dkey;
|
||||
|
||||
|
||||
if (des == NULL || key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
dkey = (byte*)des->key;
|
||||
|
||||
XMEMCPY(dkey, key, 8);
|
||||
|
||||
|
||||
+57
-43
@@ -4016,18 +4016,19 @@ static int wc_ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
|
||||
}
|
||||
|
||||
|
||||
if (err != MP_OKAY) {
|
||||
}
|
||||
else
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
|
||||
if (err == MP_OKAY)
|
||||
err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap);
|
||||
err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef WOLFSSL_SP_384
|
||||
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
|
||||
if (err == MP_OKAY)
|
||||
err = sp_ecc_mulmod_base_384(&key->k, pub, 1, key->heap);
|
||||
err = sp_ecc_mulmod_base_384(&key->k, pub, 1, key->heap);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
@@ -4038,11 +4039,9 @@ static int wc_ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
|
||||
{
|
||||
mp_digit mp;
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
err = MEMORY_E;
|
||||
}
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
err = MEMORY_E;
|
||||
/* read in the x/y for this key */
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gx, base->x);
|
||||
@@ -6292,7 +6291,9 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
|
||||
ecc_point* point)
|
||||
{
|
||||
int err = 0;
|
||||
#ifdef HAVE_COMP_KEY
|
||||
int compressed = 0;
|
||||
#endif
|
||||
int keysize;
|
||||
byte pointType;
|
||||
|
||||
@@ -6425,8 +6426,12 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
|
||||
}
|
||||
#endif
|
||||
|
||||
if (err == MP_OKAY && compressed == 0)
|
||||
err = mp_read_unsigned_bin(point->y, (byte*)in + keysize, keysize);
|
||||
if (err == MP_OKAY) {
|
||||
#ifdef HAVE_COMP_KEY
|
||||
if (compressed == 0)
|
||||
#endif
|
||||
err = mp_read_unsigned_bin(point->y, (byte*)in + keysize, keysize);
|
||||
}
|
||||
if (err == MP_OKAY)
|
||||
err = mp_set(point->z, 1);
|
||||
|
||||
@@ -7040,7 +7045,9 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
int curve_id)
|
||||
{
|
||||
int err = MP_OKAY;
|
||||
#ifdef HAVE_COMP_KEY
|
||||
int compressed = 0;
|
||||
#endif
|
||||
int keysize = 0;
|
||||
byte pointType;
|
||||
|
||||
@@ -7092,9 +7099,11 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
|
||||
#ifdef WOLFSSL_ATECC508A
|
||||
/* For SECP256R1 only save raw public key for hardware */
|
||||
if (curve_id == ECC_SECP256R1 && !compressed &&
|
||||
inLen <= sizeof(key->pubkey_raw)) {
|
||||
XMEMCPY(key->pubkey_raw, (byte*)in, inLen);
|
||||
if (curve_id == ECC_SECP256R1 && inLen <= sizeof(key->pubkey_raw)) {
|
||||
#ifdef HAVE_COMP_KEY
|
||||
if (!compressed)
|
||||
#endif
|
||||
XMEMCPY(key->pubkey_raw, (byte*)in, inLen);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -7195,8 +7204,15 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
|
||||
}
|
||||
#endif /* HAVE_COMP_KEY */
|
||||
|
||||
if (err == MP_OKAY && compressed == 0)
|
||||
err = mp_read_unsigned_bin(key->pubkey.y, (byte*)in + keysize, keysize);
|
||||
if (err == MP_OKAY) {
|
||||
#ifdef HAVE_COMP_KEY
|
||||
if (compressed == 0)
|
||||
#endif
|
||||
{
|
||||
err = mp_read_unsigned_bin(key->pubkey.y, (byte*)in + keysize,
|
||||
keysize);
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY)
|
||||
err = mp_set(key->pubkey.z, 1);
|
||||
|
||||
@@ -7602,18 +7618,15 @@ int wc_ecc_sig_to_rs(const byte* sig, word32 sigLen, byte* r, word32* rLen,
|
||||
/* rtmp and stmp are initialized */
|
||||
if (err == MP_OKAY) {
|
||||
tmp_valid = 1;
|
||||
}
|
||||
|
||||
/* extract r */
|
||||
if (err == MP_OKAY) {
|
||||
/* extract r */
|
||||
x = mp_unsigned_bin_size(rtmp);
|
||||
if (*rLen < x)
|
||||
err = BUFFER_E;
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
*rLen = x;
|
||||
err = mp_to_unsigned_bin(rtmp, r);
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
*rLen = x;
|
||||
err = mp_to_unsigned_bin(rtmp, r);
|
||||
}
|
||||
|
||||
/* extract s */
|
||||
@@ -7720,19 +7733,21 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
|
||||
keySz = (word32)key->dp->size;
|
||||
err = wc_export_int(key->pubkey.x, &key_raw[1], &keySz, keySz,
|
||||
WC_TYPE_UNSIGNED_BIN);
|
||||
if (err == MP_OKAY)
|
||||
if (err == MP_OKAY) {
|
||||
err = wc_export_int(key->pubkey.y, &key_raw[1+keySz],
|
||||
&keySz, keySz, WC_TYPE_UNSIGNED_BIN);
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
pDomain = CRYS_ECPKI_GetEcDomain(cc310_mapCurve(curve_id));
|
||||
|
||||
pDomain = CRYS_ECPKI_GetEcDomain(cc310_mapCurve(curve_id));
|
||||
|
||||
/* create public key from external key buffer */
|
||||
err = CRYS_ECPKI_BuildPublKeyFullCheck(pDomain,
|
||||
key_raw,
|
||||
keySz*2 + 1,
|
||||
&key->ctx.pubKey,
|
||||
&tempBuff);
|
||||
/* create public key from external key buffer */
|
||||
err = CRYS_ECPKI_BuildPublKeyFullCheck(pDomain,
|
||||
key_raw,
|
||||
keySz*2 + 1,
|
||||
&key->ctx.pubKey,
|
||||
&tempBuff);
|
||||
}
|
||||
|
||||
if (err != SA_SILIB_RET_OK){
|
||||
WOLFSSL_MSG("CRYS_ECPKI_BuildPublKeyFullCheck failed");
|
||||
@@ -9077,10 +9092,8 @@ static int accel_fp_mul2add(int idx1, int idx2,
|
||||
mp)) != MP_OKAY) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/* add if not first, otherwise copy */
|
||||
if (!first) {
|
||||
/* add if not first, otherwise copy */
|
||||
if (zA) {
|
||||
if ((err = ecc_projective_add_point(R, fp_cache[idx1].LUT[zA],
|
||||
R, a, modulus, mp)) != MP_OKAY) {
|
||||
@@ -9278,11 +9291,10 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
|
||||
++(fp_cache[idx1].lru_count);
|
||||
}
|
||||
|
||||
if (err == MP_OKAY)
|
||||
if (err == MP_OKAY) {
|
||||
/* find point */
|
||||
idx2 = find_base(B);
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
/* no entry? */
|
||||
if (idx2 == -1) {
|
||||
/* find hole and add it */
|
||||
@@ -10475,8 +10487,9 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz)
|
||||
/* find matching OID sum (based on encoded value) */
|
||||
for (x = 0; ecc_sets[x].size != 0; x++) {
|
||||
if (ecc_sets[x].oidSum == oidSum) {
|
||||
int ret = 0;
|
||||
int ret;
|
||||
#ifdef HAVE_OID_ENCODING
|
||||
ret = 0;
|
||||
/* check cache */
|
||||
oid_cache_t* o = &ecc_oid_cache[x];
|
||||
if (o->oidSz == 0) {
|
||||
@@ -10490,6 +10503,10 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz)
|
||||
if (oid) {
|
||||
*oid = o->oid;
|
||||
}
|
||||
/* on success return curve id */
|
||||
if (ret == 0) {
|
||||
ret = ecc_sets[x].id;
|
||||
}
|
||||
#else
|
||||
if (oidSz) {
|
||||
*oidSz = ecc_sets[x].oidSz;
|
||||
@@ -10497,11 +10514,8 @@ int wc_ecc_get_oid(word32 oidSum, const byte** oid, word32* oidSz)
|
||||
if (oid) {
|
||||
*oid = ecc_sets[x].oid;
|
||||
}
|
||||
ret = ecc_sets[x].id;
|
||||
#endif
|
||||
/* on success return curve id */
|
||||
if (ret == 0) {
|
||||
ret = ecc_sets[x].id;
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -606,14 +606,15 @@ int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key)
|
||||
key->pointY[i] = *(in + 2*ED25519_KEY_SIZE - i);
|
||||
}
|
||||
XMEMCPY(key->p, key->pointY, ED25519_KEY_SIZE);
|
||||
key->pubKeySet = 1;
|
||||
ret = 0;
|
||||
#else
|
||||
/* pass in (x,y) and store compressed key */
|
||||
ret = ge_compress_key(key->p, in+1,
|
||||
in+1+ED25519_PUB_KEY_SIZE, ED25519_PUB_KEY_SIZE);
|
||||
#endif /* FREESCALE_LTC_ECC */
|
||||
if (ret == 0)
|
||||
key->pubKeySet = 1;
|
||||
#endif /* FREESCALE_LTC_ECC */
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
+4
-3
@@ -1841,10 +1841,11 @@ static int wolfSSL_evp_digest_pk_init(WOLFSSL_EVP_MD_CTX *ctx,
|
||||
else {
|
||||
int ret;
|
||||
|
||||
if (ctx->pctx == NULL)
|
||||
if (ctx->pctx == NULL) {
|
||||
ctx->pctx = wolfSSL_EVP_PKEY_CTX_new(pkey, e);
|
||||
if (ctx->pctx == NULL)
|
||||
return WOLFSSL_FAILURE;
|
||||
if (ctx->pctx == NULL)
|
||||
return WOLFSSL_FAILURE;
|
||||
}
|
||||
|
||||
ret = wolfSSL_EVP_DigestInit(ctx, type);
|
||||
if (ret == WOLFSSL_SUCCESS && pctx != NULL)
|
||||
|
||||
@@ -2230,7 +2230,7 @@ int mp_exptmod_base_2(mp_int * X, mp_int * P, mp_int * Y)
|
||||
#else
|
||||
mp_int res[1];
|
||||
#endif
|
||||
int (*redux)(mp_int*,mp_int*,mp_digit);
|
||||
int (*redux)(mp_int*,mp_int*,mp_digit) = NULL;
|
||||
|
||||
/* automatically pick the comba one if available (saves quite a few
|
||||
calls/ifs) */
|
||||
|
||||
@@ -715,7 +715,7 @@ int wc_i2d_PKCS12(WC_PKCS12* pkcs12, byte** der, int* derSz)
|
||||
}
|
||||
|
||||
/* Create the MAC portion */
|
||||
if ((ret == 0) && (pkcs12->signData != NULL)) {
|
||||
if (pkcs12->signData != NULL) {
|
||||
MacData *mac = (MacData*)pkcs12->signData;
|
||||
word32 innerSz = 0;
|
||||
word32 outerSz = 0;
|
||||
|
||||
+9
-22
@@ -2507,8 +2507,9 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
|
||||
* pkcs7->contentSz: Must be provided as actual sign of raw data
|
||||
* return codes: 0=success, negative=error
|
||||
*/
|
||||
int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf, word32 hashSz,
|
||||
byte* outputHead, word32* outputHeadSz, byte* outputFoot, word32* outputFootSz)
|
||||
int wc_PKCS7_EncodeSignedData_ex(PKCS7* pkcs7, const byte* hashBuf,
|
||||
word32 hashSz, byte* outputHead, word32* outputHeadSz, byte* outputFoot,
|
||||
word32* outputFootSz)
|
||||
{
|
||||
int ret;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
@@ -2691,10 +2692,9 @@ int wc_PKCS7_EncodeSignedFPD(PKCS7* pkcs7, byte* privateKey,
|
||||
ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
|
||||
if (ret <= 0) {
|
||||
WOLFSSL_MSG("Error encoding CMS SignedData content type");
|
||||
wc_FreeRng(&rng);
|
||||
return ret;
|
||||
}
|
||||
|
||||
pkcs7->rng = NULL;
|
||||
wc_FreeRng(&rng);
|
||||
|
||||
return ret;
|
||||
@@ -2802,14 +2802,11 @@ int wc_PKCS7_EncodeSignedEncryptedFPD(PKCS7* pkcs7, byte* encryptKey,
|
||||
ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
|
||||
if (ret <= 0) {
|
||||
WOLFSSL_MSG("Error encoding CMS SignedData content type");
|
||||
ForceZero(encrypted, encryptedSz);
|
||||
XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
wc_FreeRng(&rng);
|
||||
return ret;
|
||||
}
|
||||
|
||||
ForceZero(encrypted, encryptedSz);
|
||||
XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
pkcs7->rng = NULL;
|
||||
wc_FreeRng(&rng);
|
||||
|
||||
return ret;
|
||||
@@ -2903,14 +2900,11 @@ int wc_PKCS7_EncodeSignedCompressedFPD(PKCS7* pkcs7, byte* privateKey,
|
||||
ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
|
||||
if (ret <= 0) {
|
||||
WOLFSSL_MSG("Error encoding CMS SignedData content type");
|
||||
ForceZero(compressed, compressedSz);
|
||||
XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
wc_FreeRng(&rng);
|
||||
return ret;
|
||||
}
|
||||
|
||||
ForceZero(compressed, compressedSz);
|
||||
XFREE(compressed, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
pkcs7->rng = NULL;
|
||||
wc_FreeRng(&rng);
|
||||
|
||||
return ret;
|
||||
@@ -3042,14 +3036,11 @@ int wc_PKCS7_EncodeSignedEncryptedCompressedFPD(PKCS7* pkcs7, byte* encryptKey,
|
||||
ret = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
|
||||
if (ret <= 0) {
|
||||
WOLFSSL_MSG("Error encoding CMS SignedData content type");
|
||||
ForceZero(encrypted, encryptedSz);
|
||||
XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
wc_FreeRng(&rng);
|
||||
return ret;
|
||||
}
|
||||
|
||||
ForceZero(encrypted, encryptedSz);
|
||||
XFREE(encrypted, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
|
||||
pkcs7->rng = NULL;
|
||||
wc_FreeRng(&rng);
|
||||
|
||||
return ret;
|
||||
@@ -11161,10 +11152,8 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
|
||||
if (GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) == 0 &&
|
||||
tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
|
||||
explicitOctet = 1;
|
||||
}
|
||||
|
||||
/* read encryptedContent, cont[0] */
|
||||
if (ret == 0) {
|
||||
/* read encryptedContent, cont[0] */
|
||||
ret = GetASNTag(pkiMsg, &idx, &tag, pkiMsgSz);
|
||||
}
|
||||
|
||||
@@ -12139,10 +12128,8 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* in, word32 inSz,
|
||||
if (ret == 0) {
|
||||
XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz);
|
||||
idx += encryptedContentSz;
|
||||
}
|
||||
|
||||
/* decrypt encryptedContent */
|
||||
if (ret == 0) {
|
||||
/* decrypt encryptedContent */
|
||||
ret = wc_PKCS7_DecryptContent(pkcs7, encOID,
|
||||
pkcs7->encryptionKey, pkcs7->encryptionKeySz, tmpIv,
|
||||
expBlockSz, NULL, 0, NULL, 0, encryptedContent,
|
||||
|
||||
@@ -429,23 +429,25 @@ int tsip_generateSeesionKey(struct WOLFSSL *ssl)
|
||||
dec = &ssl->decrypt;
|
||||
|
||||
if (enc) {
|
||||
if (enc->aes == NULL)
|
||||
if (enc->aes == NULL) {
|
||||
enc->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
|
||||
DYNAMIC_TYPE_CIPHER);
|
||||
if (enc->aes == NULL)
|
||||
return MEMORY_E;
|
||||
if (enc->aes == NULL)
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
XMEMSET(enc->aes, 0, sizeof(Aes));
|
||||
}
|
||||
if (dec) {
|
||||
if (dec->aes == NULL)
|
||||
if (dec->aes == NULL) {
|
||||
dec->aes = (Aes*)XMALLOC(sizeof(Aes), ssl->heap,
|
||||
DYNAMIC_TYPE_CIPHER);
|
||||
if (dec->aes == NULL) {
|
||||
if (enc) {
|
||||
XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER);
|
||||
if (dec->aes == NULL) {
|
||||
if (enc) {
|
||||
XFREE(enc->aes, NULL, DYNAMIC_TYPE_CIPHER);
|
||||
}
|
||||
return MEMORY_E;
|
||||
}
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
XMEMSET(dec->aes, 0, sizeof(Aes));
|
||||
|
||||
@@ -1628,7 +1628,7 @@ static void* _qaeMemAlloc(size_t size, void* heap, int type
|
||||
ptr = qaeMemAllocNUMA((Cpa32U)(size + sizeof(qaeMemHeader)), 0,
|
||||
alignment);
|
||||
}
|
||||
else if (ptr == NULL) {
|
||||
else {
|
||||
isNuma = 0;
|
||||
ptr = malloc(size + sizeof(qaeMemHeader));
|
||||
}
|
||||
|
||||
+134
-117
@@ -828,7 +828,7 @@ int wc_ecc_point_add(ecc_point *mG, ecc_point *mQ, ecc_point *mR, mp_int *m)
|
||||
|
||||
#if defined(HAVE_ED25519) || defined(HAVE_CURVE25519)
|
||||
/* Weierstrass parameters of prime 2^255 - 19 */
|
||||
static const uint8_t modbin[32] = {
|
||||
static const uint8_t curve25519_modbin[32] = {
|
||||
0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f};
|
||||
@@ -838,7 +838,7 @@ static const uint8_t r2mod[32] = {
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
|
||||
|
||||
/* invThree = ModInv(3,modbin) in LSB first */
|
||||
/* invThree = ModInv(3,curve25519_modbin) in LSB first */
|
||||
static const uint8_t invThree[32] = {
|
||||
0x49, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
|
||||
0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55, 0x55,
|
||||
@@ -868,10 +868,10 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA,
|
||||
0xfd, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
||||
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x0f};
|
||||
uint8_t twoA[sizeof(modbin)] = {0};
|
||||
uint8_t V[sizeof(modbin)] = {0};
|
||||
uint8_t I[sizeof(modbin)] = {0};
|
||||
uint8_t VV[sizeof(modbin)] = {0};
|
||||
uint8_t twoA[sizeof(curve25519_modbin)] = {0};
|
||||
uint8_t V[sizeof(curve25519_modbin)] = {0};
|
||||
uint8_t I[sizeof(curve25519_modbin)] = {0};
|
||||
uint8_t VV[sizeof(curve25519_modbin)] = {0};
|
||||
uint16_t szTwoA = 0;
|
||||
uint16_t szV = 0;
|
||||
uint16_t szVV = 0;
|
||||
@@ -880,32 +880,32 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA,
|
||||
uint8_t one = 1;
|
||||
|
||||
/* twoA = 2*A % p */
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, A, sizeA, A, sizeA, modbin,
|
||||
sizeof(modbin), twoA, &szTwoA, kLTC_PKHA_IntegerArith);
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, A, sizeA, A, sizeA, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), twoA, &szTwoA, kLTC_PKHA_IntegerArith);
|
||||
|
||||
/* V = ModularArithmetic.powmod(twoA, (p-5)/8, p) */
|
||||
if (status == kStatus_Success) {
|
||||
status =
|
||||
LTC_PKHA_ModExp(LTC_BASE, twoA, szTwoA, modbin, sizeof(modbin),
|
||||
curve25519_param, sizeof(curve25519_param), V, &szV,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
LTC_PKHA_ModExp(LTC_BASE, twoA, szTwoA, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), curve25519_param,
|
||||
sizeof(curve25519_param), V, &szV, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* VV = V*V % p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, V, szV, V, szV, modbin,
|
||||
sizeof(modbin), VV, &szVV, kLTC_PKHA_IntegerArith,
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, V, szV, V, szV, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), VV, &szVV, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* I = twoA * VV = 2*A*V*V % p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, twoA, szTwoA, VV, szVV, modbin,
|
||||
sizeof(modbin), I, &szI, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, twoA, szTwoA, VV, szVV,
|
||||
curve25519_modbin, sizeof(curve25519_modbin), I, &szI,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* I = I - 1 */
|
||||
@@ -918,23 +918,24 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA,
|
||||
}
|
||||
else {
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), &one,
|
||||
sizeof(one), VV, sizeof(VV), I, &szI);
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), &one, sizeof(one), VV, sizeof(VV), I,
|
||||
&szI);
|
||||
}
|
||||
}
|
||||
|
||||
/* res = a*v mod p */
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, A, sizeA, V, szV, modbin,
|
||||
sizeof(modbin), res, &szRes16, kLTC_PKHA_IntegerArith,
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, A, sizeA, V, szV, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), res, &szRes16, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
|
||||
/* res = res * (i-1) mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, res, szRes16, I, szI, modbin,
|
||||
sizeof(modbin), res, &szRes16, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, res, szRes16, I, szI,
|
||||
curve25519_modbin, sizeof(curve25519_modbin), res, &szRes16,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* if X mod 2 != X_0 then we need the -X
|
||||
@@ -944,8 +945,9 @@ status_t LTC_PKHA_Prime25519SquareRootMod(const uint8_t *A, size_t sizeA,
|
||||
if ((status == kStatus_Success) &&
|
||||
((bool)sign != (bool)(res[0] & 0x01u)))
|
||||
{
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), res,
|
||||
szRes16, VV, sizeof(VV), res, &szRes16); /* -a = p - a */
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), res, szRes16, VV, sizeof(VV), res,
|
||||
&szRes16); /* -a = p - a */
|
||||
}
|
||||
|
||||
if (status == kStatus_Success) {
|
||||
@@ -977,13 +979,13 @@ const ECPoint *wc_curve25519_GetBasePoint(void)
|
||||
return &ecBasePoint;
|
||||
}
|
||||
|
||||
static const uint8_t aCurveParam[CURVE25519_KEYSIZE] = {
|
||||
static const uint8_t curve25519_aCurveParam[CURVE25519_KEYSIZE] = {
|
||||
0x44, 0xa1, 0x14, 0x49, 0x98, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
|
||||
0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
|
||||
0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
|
||||
0xaa, 0xaa, 0xaa, 0xaa, 0x2a};
|
||||
|
||||
static const uint8_t bCurveParam[CURVE25519_KEYSIZE] = {
|
||||
static const uint8_t curve_bCurveParam[CURVE25519_KEYSIZE] = {
|
||||
0x64, 0xc8, 0x10, 0x77, 0x9c, 0x5e, 0x0b, 0x26, 0xb4, 0x97, 0xd0,
|
||||
0x5e, 0x42, 0x7b, 0x09, 0xed,
|
||||
0x25, 0xb4, 0x97, 0xd0, 0x5e, 0x42, 0x7b, 0x09, 0xed, 0x25, 0xb4,
|
||||
@@ -1001,8 +1003,8 @@ status_t LTC_PKHA_Curve25519ToWeierstrass(
|
||||
uint16_t sizeRes = 0;
|
||||
status_t status;
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, ltcPointIn->X, CURVE25519_KEYSIZE,
|
||||
offset, sizeof(offset), modbin, CURVE25519_KEYSIZE, ltcPointOut->X,
|
||||
&sizeRes, kLTC_PKHA_IntegerArith);
|
||||
offset, sizeof(offset), curve25519_modbin, CURVE25519_KEYSIZE,
|
||||
ltcPointOut->X, &sizeRes, kLTC_PKHA_IntegerArith);
|
||||
|
||||
if (status == kStatus_Success) {
|
||||
if (ltcPointOut->Y != ltcPointIn->Y) {
|
||||
@@ -1022,25 +1024,28 @@ status_t LTC_PKHA_WeierstrassToCurve25519(
|
||||
const uint8_t three = 0x03;
|
||||
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, &three, sizeof(three), ltcPointIn->X,
|
||||
CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, ltcPointOut->X,
|
||||
&resultSize, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
CURVE25519_KEYSIZE, curve25519_modbin, CURVE25519_KEYSIZE,
|
||||
ltcPointOut->X, &resultSize, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
|
||||
if (status == kStatus_Success) {
|
||||
const uint8_t A[] = {0x06, 0x6d, 0x07};
|
||||
if (LTC_PKHA_CompareBigNum(ltcPointOut->X, resultSize, A, sizeof(A))) {
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, ltcPointOut->X, resultSize, A,
|
||||
sizeof(A), modbin, CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize);
|
||||
sizeof(A), curve25519_modbin, CURVE25519_KEYSIZE,
|
||||
ltcPointOut->X, &resultSize);
|
||||
}
|
||||
else {
|
||||
status = LTC_PKHA_ModSub2(LTC_BASE, ltcPointOut->X, resultSize, A,
|
||||
sizeof(A), modbin, CURVE25519_KEYSIZE, ltcPointOut->X, &resultSize);
|
||||
sizeof(A), curve25519_modbin, CURVE25519_KEYSIZE,
|
||||
ltcPointOut->X, &resultSize);
|
||||
}
|
||||
}
|
||||
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, invThree, CURVE25519_KEYSIZE,
|
||||
ltcPointOut->X, resultSize, modbin, CURVE25519_KEYSIZE,
|
||||
ltcPointOut->X, resultSize, curve25519_modbin, CURVE25519_KEYSIZE,
|
||||
ltcPointOut->X, &resultSize, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
@@ -1068,37 +1073,40 @@ status_t LTC_PKHA_Curve25519ComputeY(ltc_pkha_ecc_point_t *ltcPoint)
|
||||
status_t status;
|
||||
|
||||
/* X^3 */
|
||||
status = LTC_PKHA_ModExp(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE, modbin,
|
||||
CURVE25519_KEYSIZE, &three, 1, U, &sizeU, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
status = LTC_PKHA_ModExp(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE,
|
||||
curve25519_modbin, CURVE25519_KEYSIZE, &three, 1, U, &sizeU,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
|
||||
/* X^2 */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, ltcPoint->X, CURVE25519_KEYSIZE,
|
||||
ltcPoint->X, CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, X2,
|
||||
&sizeX2, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* 486662*X^2 */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, A, sizeof(A), X2, sizeX2, modbin,
|
||||
ltcPoint->X, CURVE25519_KEYSIZE, curve25519_modbin,
|
||||
CURVE25519_KEYSIZE, X2, &sizeX2, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* 486662*X^2 */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, A, sizeof(A), X2, sizeX2,
|
||||
curve25519_modbin, CURVE25519_KEYSIZE, X2, &sizeX2,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* X^3 + 486662*X^2 */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, X2, sizeX2, modbin,
|
||||
CURVE25519_KEYSIZE, U, &sizeU, kLTC_PKHA_IntegerArith);
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, X2, sizeX2,
|
||||
curve25519_modbin, CURVE25519_KEYSIZE, U, &sizeU,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
|
||||
/* U = X^3 + 486662*X^2 + X */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, U, sizeU, ltcPoint->X,
|
||||
CURVE25519_KEYSIZE, modbin, CURVE25519_KEYSIZE, U, &sizeU,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
CURVE25519_KEYSIZE, curve25519_modbin, CURVE25519_KEYSIZE, U,
|
||||
&sizeU, kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
|
||||
/* Y = modular square root of U (U is Y^2) */
|
||||
@@ -1133,11 +1141,12 @@ int wc_curve25519(ECPoint *q, byte *n, const ECPoint *p, fsl_ltc_ecc_coordinate_
|
||||
|
||||
ltcPointOut.X = &q->point[0];
|
||||
ltcPointOut.Y = &q->pointY[0];
|
||||
/* modbin, r2mod, aCurveParam, bCurveParam are Weierstrass equivalent
|
||||
with Curve25519 */
|
||||
/* curve25519_modbin, r2mod, curve25519_aCurveParam, curve25519_bCurveParam
|
||||
* are Weierstrass equivalent with Curve25519 */
|
||||
status = LTC_PKHA_ECC_PointMul(LTC_BASE, <cPoint, n, CURVE25519_KEYSIZE,
|
||||
modbin, r2mod, aCurveParam, bCurveParam, CURVE25519_KEYSIZE,
|
||||
kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, <cPointOut, NULL);
|
||||
curve25519_modbin, r2mod, curve25519_aCurveParam,
|
||||
curve25519_bCurveParam, CURVE25519_KEYSIZE, kLTC_PKHA_TimingEqualized,
|
||||
kLTC_PKHA_IntegerArith, <cPointOut, NULL);
|
||||
|
||||
/* now need to map from Weierstrass form to Montgomery form */
|
||||
if (status == kStatus_Success) {
|
||||
@@ -1243,9 +1252,10 @@ status_t LTC_PKHA_Ed25519_PointMul(const ltc_pkha_ecc_point_t *ltcPointIn,
|
||||
status_t status;
|
||||
/* input on W, output in W, W parameters of ECC curve are Ed25519 curve
|
||||
parameters mapped to Weierstrass curve */
|
||||
status = LTC_PKHA_ECC_PointMul(LTC_BASE, ltcPointIn, N, szN, modbin,
|
||||
r2mod, a_coefEd25519, b_coefEd25519, ED25519_KEY_SIZE,
|
||||
kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith, ltcPointOut, NULL);
|
||||
status = LTC_PKHA_ECC_PointMul(LTC_BASE, ltcPointIn, N, szN,
|
||||
curve25519_modbin, r2mod, a_coefEd25519, b_coefEd25519,
|
||||
ED25519_KEY_SIZE, kLTC_PKHA_TimingEqualized, kLTC_PKHA_IntegerArith,
|
||||
ltcPointOut, NULL);
|
||||
|
||||
/* Weierstrass coordinates to Ed25519 coordinates */
|
||||
if ((status == kStatus_Success) && (typeOut == kLTC_Ed25519)) {
|
||||
@@ -1292,71 +1302,75 @@ status_t LTC_PKHA_Ed25519ToWeierstrass(const ltc_pkha_ecc_point_t *ltcPointIn,
|
||||
|
||||
/* temp = 1 + Ey */
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, Ey, ED25519_KEY_SIZE, &one, sizeof(one),
|
||||
modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
|
||||
curve25519_modbin, sizeof(curve25519_modbin), temp, &szTemp,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
|
||||
/* temp2 = 1 - Ey = 1 + (p - Ey) */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), Ey,
|
||||
ED25519_KEY_SIZE, max, sizeof(max), temp2, &szTemp2);
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), Ey, ED25519_KEY_SIZE, max, sizeof(max),
|
||||
temp2, &szTemp2);
|
||||
}
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, temp2, szTemp2, &one, sizeof(one),
|
||||
modbin, sizeof(modbin), temp2, &szTemp2, kLTC_PKHA_IntegerArith);
|
||||
curve25519_modbin, sizeof(curve25519_modbin), temp2, &szTemp2,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
|
||||
/* Mx = ModInv(temp2,prime) */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, temp2, szTemp2, modbin,
|
||||
sizeof(modbin), Mx, &szMx, kLTC_PKHA_IntegerArith);
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, temp2, szTemp2, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), Mx, &szMx, kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
|
||||
/* Mx = Mx * temp */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, temp, szTemp, modbin,
|
||||
ED25519_KEY_SIZE, Mx, &szMx, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, temp, szTemp,
|
||||
curve25519_modbin, ED25519_KEY_SIZE, Mx, &szMx,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* My = temp2 * Ex */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, Ex, ED25519_KEY_SIZE, temp2,
|
||||
szTemp2, modbin, ED25519_KEY_SIZE, My, &szMy,
|
||||
szTemp2, curve25519_modbin, ED25519_KEY_SIZE, My, &szMy,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* My = ModInv(My, prime) */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin),
|
||||
My, &szMy, kLTC_PKHA_IntegerArith);
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), My, &szMy, kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
/* My = My * temp */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, temp, szTemp, modbin,
|
||||
ED25519_KEY_SIZE, My, &szMy, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, temp, szTemp,
|
||||
curve25519_modbin, ED25519_KEY_SIZE, My, &szMy,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* Gx = Mx * invB_coefEd25519 + A_mul_invThreeB_coefEd25519 */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, Mx, szMx, invB_coefEd25519,
|
||||
sizeof(invB_coefEd25519), modbin, ED25519_KEY_SIZE, Gx, &szGx,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
sizeof(invB_coefEd25519), curve25519_modbin, ED25519_KEY_SIZE, Gx,
|
||||
&szGx, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, Gx, szGx,
|
||||
A_mul_invThreeB_coefEd25519, sizeof(A_mul_invThreeB_coefEd25519),
|
||||
modbin, sizeof(modbin), Gx, &szGx, kLTC_PKHA_IntegerArith);
|
||||
curve25519_modbin, sizeof(curve25519_modbin), Gx, &szGx,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
|
||||
/* Gy = My * invB_coefEd25519 */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, My, szMy, invB_coefEd25519,
|
||||
sizeof(invB_coefEd25519), modbin, ED25519_KEY_SIZE, Gy, &szGy,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
sizeof(invB_coefEd25519), curve25519_modbin, ED25519_KEY_SIZE, Gy,
|
||||
&szGy, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
@@ -1395,14 +1409,14 @@ status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn,
|
||||
|
||||
/* My = (B*Gy) % prime */
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, B_coefEd25519, sizeof(B_coefEd25519),
|
||||
Gy, ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, My, &szMy,
|
||||
Gy, ED25519_KEY_SIZE, curve25519_modbin, ED25519_KEY_SIZE, My, &szMy,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
|
||||
/* temp = 3*B*Gx mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, threeB_coefEd25519,
|
||||
sizeof(threeB_coefEd25519), Gx, ED25519_KEY_SIZE, modbin,
|
||||
sizeof(threeB_coefEd25519), Gx, ED25519_KEY_SIZE, curve25519_modbin,
|
||||
ED25519_KEY_SIZE, temp, &szTemp, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
@@ -1410,57 +1424,58 @@ status_t LTC_PKHA_WeierstrassToEd25519(const ltc_pkha_ecc_point_t *ltcPointIn,
|
||||
/* temp = (temp - A) mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, temp, szTemp, minus_A_coefEd25519,
|
||||
sizeof(minus_A_coefEd25519), modbin, sizeof(modbin), temp, &szTemp,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
sizeof(minus_A_coefEd25519), curve25519_modbin,
|
||||
sizeof(curve25519_modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
/* Mx = (temp/3) mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, invThree,
|
||||
sizeof(invThree), modbin, sizeof(modbin), Mx, &szMx,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
sizeof(invThree), curve25519_modbin, sizeof(curve25519_modbin), Mx,
|
||||
&szMx, kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
/* temp = 1/My mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, modbin, sizeof(modbin),
|
||||
temp, &szTemp, kLTC_PKHA_IntegerArith);
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, My, szMy, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
/* Ex = Mx * temp mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin,
|
||||
sizeof(modbin), Ex, &szEx, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx,
|
||||
curve25519_modbin, sizeof(curve25519_modbin), Ex, &szEx,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
/* temp = Mx + 1 mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, Mx, szMx, &one, sizeof(one),
|
||||
modbin, sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
|
||||
curve25519_modbin, sizeof(curve25519_modbin), temp, &szTemp,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
/* temp = 1/temp mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, temp, szTemp, modbin,
|
||||
sizeof(modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, temp, szTemp, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), temp, &szTemp, kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
/* Mx = (Mx - 1) mod p */
|
||||
if (status == kStatus_Success) {
|
||||
if (LTC_PKHA_CompareBigNum(Mx, szMx, &one, sizeof(one)) >= 0) {
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, Mx, szMx, &one, sizeof(one),
|
||||
modbin, sizeof(modbin), Mx, &szMx);
|
||||
curve25519_modbin, sizeof(curve25519_modbin), Mx, &szMx);
|
||||
}
|
||||
else {
|
||||
/* Mx is zero, so it is modulus, thus we do modulus - 1 */
|
||||
XMEMCPY(Mx, modbin, sizeof(modbin));
|
||||
XMEMCPY(Mx, curve25519_modbin, sizeof(curve25519_modbin));
|
||||
Mx[0]--;
|
||||
}
|
||||
}
|
||||
/* Ey = Mx * temp mod p */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx, modbin,
|
||||
sizeof(modbin), Ey, &szEy, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, temp, szTemp, Mx, szMx,
|
||||
curve25519_modbin, sizeof(curve25519_modbin), Ey, &szEy,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
return status;
|
||||
@@ -1494,7 +1509,7 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey,
|
||||
|
||||
/* U = y * y mod p */
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, Y, ED25519_KEY_SIZE, Y,
|
||||
ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, U, &szU,
|
||||
ED25519_KEY_SIZE, curve25519_modbin, ED25519_KEY_SIZE, U, &szU,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
XMEMCPY(V, U, szU);
|
||||
@@ -1504,11 +1519,11 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey,
|
||||
if (status == kStatus_Success) {
|
||||
if (LTC_PKHA_CompareBigNum(U, szU, &one, sizeof(one)) >= 0) {
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, U, szU, &one, sizeof(one),
|
||||
modbin, sizeof(modbin), U, &szU);
|
||||
curve25519_modbin, sizeof(curve25519_modbin), U, &szU);
|
||||
}
|
||||
else {
|
||||
/* U is zero, so it is modulus, thus we do modulus - 1 */
|
||||
XMEMCPY(U, modbin, sizeof(modbin));
|
||||
XMEMCPY(U, curve25519_modbin, sizeof(curve25519_modbin));
|
||||
U[0]--;
|
||||
}
|
||||
}
|
||||
@@ -1516,23 +1531,24 @@ status_t LTC_PKHA_Ed25519_PointDecompress(const uint8_t *pubkey,
|
||||
/* V = d*y*y + 1 */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, V, szV, d_coefEd25519,
|
||||
ED25519_KEY_SIZE, modbin, ED25519_KEY_SIZE, V, &szV,
|
||||
ED25519_KEY_SIZE, curve25519_modbin, ED25519_KEY_SIZE, V, &szV,
|
||||
kLTC_PKHA_IntegerArith, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_TimingEqualized);
|
||||
}
|
||||
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModAdd(LTC_BASE, V, szV, &one, sizeof(one),
|
||||
modbin, sizeof(modbin), V, &szV, kLTC_PKHA_IntegerArith);
|
||||
curve25519_modbin, sizeof(curve25519_modbin), V, &szV,
|
||||
kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
|
||||
/* U = U / V (mod p) */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, V, szV, modbin, sizeof(modbin),
|
||||
V, &szV, kLTC_PKHA_IntegerArith);
|
||||
status = LTC_PKHA_ModInv(LTC_BASE, V, szV, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), V, &szV, kLTC_PKHA_IntegerArith);
|
||||
}
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, V, szV, U, szU, modbin,
|
||||
status = LTC_PKHA_ModMul(LTC_BASE, V, szV, U, szU, curve25519_modbin,
|
||||
ED25519_KEY_SIZE, U, &szU, kLTC_PKHA_IntegerArith,
|
||||
kLTC_PKHA_NormalValue, kLTC_PKHA_NormalValue,
|
||||
kLTC_PKHA_TimingEqualized);
|
||||
@@ -1669,13 +1685,14 @@ status_t LTC_PKHA_SignatureForVerify(uint8_t *rcheck, const unsigned char *a,
|
||||
|
||||
/* R = b*B - a*A */
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, modbin, sizeof(modbin), ltc1.Y,
|
||||
szY, max, sizeof(max), ltc1.Y, &szY);
|
||||
status = LTC_PKHA_ModSub1(LTC_BASE, curve25519_modbin,
|
||||
sizeof(curve25519_modbin), ltc1.Y, szY, max, sizeof(max), ltc1.Y,
|
||||
&szY);
|
||||
}
|
||||
if (status == kStatus_Success) {
|
||||
status = LTC_PKHA_ECC_PointAdd(LTC_BASE, <c0, <c1, modbin, r2mod,
|
||||
a_coefEd25519, b_coefEd25519, ED25519_KEY_SIZE,
|
||||
kLTC_PKHA_IntegerArith, <c0);
|
||||
status = LTC_PKHA_ECC_PointAdd(LTC_BASE, <c0, <c1,
|
||||
curve25519_modbin, r2mod, a_coefEd25519, b_coefEd25519,
|
||||
ED25519_KEY_SIZE, kLTC_PKHA_IntegerArith, <c0);
|
||||
}
|
||||
/* map to Ed25519 */
|
||||
if (status == kStatus_Success) {
|
||||
|
||||
+1
-1
@@ -1728,7 +1728,7 @@ static int wc_RsaFunctionXil(const byte* in, word32 inLen, byte* out,
|
||||
word32* outLen, int type, RsaKey* key, WC_RNG* rng)
|
||||
{
|
||||
int ret = 0;
|
||||
word32 keyLen, len;
|
||||
word32 keyLen;
|
||||
(void)rng;
|
||||
|
||||
keyLen = wc_RsaEncryptSize(key);
|
||||
|
||||
+176
-2
@@ -7489,6 +7489,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 256U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 256) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 64;
|
||||
m = a + 128;
|
||||
r = a;
|
||||
|
||||
sp_2048_from_bin(a, 64, in, inLen);
|
||||
sp_2048_from_mp(d, 64, dm);
|
||||
sp_2048_from_mp(m, 64, mm);
|
||||
err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_2048_to_bin(r, out);
|
||||
*outLen = 256;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 64);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -7816,6 +7873,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -18977,6 +19035,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 384U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 384) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 96 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 96;
|
||||
m = a + 192;
|
||||
r = a;
|
||||
|
||||
sp_3072_from_bin(a, 96, in, inLen);
|
||||
sp_3072_from_mp(d, 96, dm);
|
||||
sp_3072_from_mp(m, 96, mm);
|
||||
err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_3072_to_bin(r, out);
|
||||
*outLen = 384;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 96);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -19384,6 +19499,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -71539,6 +71655,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 512U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 512) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 128 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 128;
|
||||
m = a + 256;
|
||||
r = a;
|
||||
|
||||
sp_4096_from_bin(a, 128, in, inLen);
|
||||
sp_4096_from_mp(d, 128, dm);
|
||||
sp_4096_from_mp(m, 128, mm);
|
||||
err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_4096_to_bin(r, out);
|
||||
*outLen = 512;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 128);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -72026,6 +72199,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -76112,7 +76286,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
|
||||
n <<= 4;
|
||||
for (; i>=0 || c>=4; ) {
|
||||
if (c < 4) {
|
||||
n |= k[i--] << (0 - c);
|
||||
n |= k[i--];
|
||||
c += 32;
|
||||
}
|
||||
y = (n >> 28) & 0xf;
|
||||
@@ -84781,7 +84955,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
|
||||
n <<= 4;
|
||||
for (; i>=0 || c>=4; ) {
|
||||
if (c < 4) {
|
||||
n |= k[i--] << (0 - c);
|
||||
n |= k[i--];
|
||||
c += 32;
|
||||
}
|
||||
y = (n >> 28) & 0xf;
|
||||
|
||||
@@ -4989,6 +4989,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 256U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 256) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 32 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 32;
|
||||
m = a + 64;
|
||||
r = a;
|
||||
|
||||
sp_2048_from_bin(a, 32, in, inLen);
|
||||
sp_2048_from_mp(d, 32, dm);
|
||||
sp_2048_from_mp(m, 32, mm);
|
||||
err = sp_2048_mod_exp_32(r, a, d, 2048, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_2048_to_bin(r, out);
|
||||
*outLen = 256;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 32);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -5212,6 +5269,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -12633,6 +12691,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 384U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 384) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 48 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 48;
|
||||
m = a + 96;
|
||||
r = a;
|
||||
|
||||
sp_3072_from_bin(a, 48, in, inLen);
|
||||
sp_3072_from_mp(d, 48, dm);
|
||||
sp_3072_from_mp(m, 48, mm);
|
||||
err = sp_3072_mod_exp_48(r, a, d, 3072, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_3072_to_bin(r, out);
|
||||
*outLen = 384;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 48);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -12884,6 +12999,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -17504,6 +17620,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 512U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 512) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 64;
|
||||
m = a + 128;
|
||||
r = a;
|
||||
|
||||
sp_4096_from_bin(a, 64, in, inLen);
|
||||
sp_4096_from_mp(d, 64, dm);
|
||||
sp_4096_from_mp(m, 64, mm);
|
||||
err = sp_4096_mod_exp_64(r, a, d, 4096, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_4096_to_bin(r, out);
|
||||
*outLen = 512;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 64);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -17783,6 +17956,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
|
||||
+176
-2
@@ -4362,6 +4362,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 256U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 256) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 64;
|
||||
m = a + 128;
|
||||
r = a;
|
||||
|
||||
sp_2048_from_bin(a, 64, in, inLen);
|
||||
sp_2048_from_mp(d, 64, dm);
|
||||
sp_2048_from_mp(m, 64, mm);
|
||||
err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_2048_to_bin(r, out);
|
||||
*outLen = 256;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 64);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -4522,6 +4579,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -10105,6 +10163,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 384U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 384) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 96 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 96;
|
||||
m = a + 192;
|
||||
r = a;
|
||||
|
||||
sp_3072_from_bin(a, 96, in, inLen);
|
||||
sp_3072_from_mp(d, 96, dm);
|
||||
sp_3072_from_mp(m, 96, mm);
|
||||
err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_3072_to_bin(r, out);
|
||||
*outLen = 384;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 96);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -10265,6 +10380,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -14507,6 +14623,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 512U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 512) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 128 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 128;
|
||||
m = a + 256;
|
||||
r = a;
|
||||
|
||||
sp_4096_from_bin(a, 128, in, inLen);
|
||||
sp_4096_from_mp(d, 128, dm);
|
||||
sp_4096_from_mp(m, 128, mm);
|
||||
err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_4096_to_bin(r, out);
|
||||
*outLen = 512;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 128);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -14668,6 +14841,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -17789,7 +17963,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
|
||||
n <<= 4;
|
||||
for (; i>=0 || c>=4; ) {
|
||||
if (c < 4) {
|
||||
n |= k[i--] << (0 - c);
|
||||
n |= k[i--];
|
||||
c += 32;
|
||||
}
|
||||
y = (n >> 28) & 0xf;
|
||||
@@ -23576,7 +23750,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
|
||||
n <<= 4;
|
||||
for (; i>=0 || c>=4; ) {
|
||||
if (c < 4) {
|
||||
n |= k[i--] << (0 - c);
|
||||
n |= k[i--];
|
||||
c += 32;
|
||||
}
|
||||
y = (n >> 28) & 0xf;
|
||||
|
||||
@@ -3420,7 +3420,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 90;
|
||||
m = a + 90;
|
||||
m = a + 180;
|
||||
r = a;
|
||||
|
||||
sp_2048_from_bin(a, 90, in, inLen);
|
||||
@@ -7257,7 +7257,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 134;
|
||||
m = a + 134;
|
||||
m = a + 268;
|
||||
r = a;
|
||||
|
||||
sp_3072_from_bin(a, 134, in, inLen);
|
||||
@@ -11258,7 +11258,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 196;
|
||||
m = a + 196;
|
||||
m = a + 392;
|
||||
r = a;
|
||||
|
||||
sp_4096_from_bin(a, 196, in, inLen);
|
||||
|
||||
@@ -3060,7 +3060,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 36;
|
||||
m = a + 36;
|
||||
m = a + 72;
|
||||
r = a;
|
||||
|
||||
sp_2048_from_bin(a, 36, in, inLen);
|
||||
@@ -7171,7 +7171,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 54;
|
||||
m = a + 54;
|
||||
m = a + 108;
|
||||
r = a;
|
||||
|
||||
sp_3072_from_bin(a, 54, in, inLen);
|
||||
@@ -11527,7 +11527,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 78;
|
||||
m = a + 78;
|
||||
m = a + 156;
|
||||
r = a;
|
||||
|
||||
sp_4096_from_bin(a, 78, in, inLen);
|
||||
|
||||
+176
-2
@@ -4116,6 +4116,63 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 256U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 256) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 64;
|
||||
m = a + 128;
|
||||
r = a;
|
||||
|
||||
sp_2048_from_bin(a, 64, in, inLen);
|
||||
sp_2048_from_mp(d, 64, dm);
|
||||
sp_2048_from_mp(m, 64, mm);
|
||||
err = sp_2048_mod_exp_64(r, a, d, 2048, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_2048_to_bin(r, out);
|
||||
*outLen = 256;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 64);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -4274,6 +4331,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -8708,6 +8766,63 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 384U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 384) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 96 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 96;
|
||||
m = a + 192;
|
||||
r = a;
|
||||
|
||||
sp_3072_from_bin(a, 96, in, inLen);
|
||||
sp_3072_from_mp(d, 96, dm);
|
||||
sp_3072_from_mp(m, 96, mm);
|
||||
err = sp_3072_mod_exp_96(r, a, d, 3072, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_3072_to_bin(r, out);
|
||||
*outLen = 384;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 96);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -8866,6 +8981,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -12246,6 +12362,63 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
sp_digit* a;
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* m;
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 512U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 512) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 128 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
a = d + 128;
|
||||
m = a + 256;
|
||||
r = a;
|
||||
|
||||
sp_4096_from_bin(a, 128, in, inLen);
|
||||
sp_4096_from_mp(d, 128, dm);
|
||||
sp_4096_from_mp(m, 128, mm);
|
||||
err = sp_4096_mod_exp_128(r, a, d, 4096, m, 0);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
sp_4096_to_bin(r, out);
|
||||
*outLen = 512;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 128);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
|
||||
return err;
|
||||
#else
|
||||
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
|
||||
/* Conditionally add a and b using the mask m.
|
||||
* m is -1 to add and 0 when not.
|
||||
@@ -12405,6 +12578,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
return err;
|
||||
}
|
||||
#endif /* WOLFSSL_RSA_PUBLIC_ONLY */
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -16032,7 +16206,7 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
|
||||
n <<= 4;
|
||||
for (; i>=0 || c>=4; ) {
|
||||
if (c < 4) {
|
||||
n |= k[i--] << (0 - c);
|
||||
n |= k[i--];
|
||||
c += 32;
|
||||
}
|
||||
y = (n >> 28) & 0xf;
|
||||
@@ -21538,7 +21712,7 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
|
||||
n <<= 4;
|
||||
for (; i>=0 || c>=4; ) {
|
||||
if (c < 4) {
|
||||
n |= k[i--] << (0 - c);
|
||||
n |= k[i--];
|
||||
c += 32;
|
||||
}
|
||||
y = (n >> 28) & 0xf;
|
||||
|
||||
@@ -309,7 +309,7 @@ int sp_count_bits(sp_int* a)
|
||||
r *= SP_WORD_SIZE;
|
||||
if (d >= (1L << (SP_WORD_SIZE / 2))) {
|
||||
r += SP_WORD_SIZE;
|
||||
while ((d & (1L << (SP_WORD_SIZE - 1))) == 0) {
|
||||
while ((d & (1UL << (SP_WORD_SIZE - 1))) == 0) {
|
||||
r--;
|
||||
d <<= 1;
|
||||
}
|
||||
|
||||
@@ -1466,6 +1466,100 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
/* RSA private key operation.
|
||||
*
|
||||
* in Array of bytes representing the number to exponentiate, base.
|
||||
* inLen Number of bytes in base.
|
||||
* dm Private exponent.
|
||||
* pm First prime.
|
||||
* qm Second prime.
|
||||
* dpm First prime's CRT exponent.
|
||||
* dqm Second prime's CRT exponent.
|
||||
* qim Inverse of second prime mod p.
|
||||
* mm Modulus.
|
||||
* out Buffer to hold big-endian bytes of exponentiation result.
|
||||
* Must be at least 256 bytes long.
|
||||
* outLen Number of bytes in result.
|
||||
* returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
|
||||
* an array is too long and MEMORY_E when dynamic memory allocation fails.
|
||||
*/
|
||||
int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm,
|
||||
byte* out, word32* outLen)
|
||||
{
|
||||
#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
|
||||
sp_digit a[64], d[32], m[32];
|
||||
#else
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* a;
|
||||
sp_digit* m;
|
||||
#endif
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 256U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 256U) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 2048) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 32 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
a = d + 32;
|
||||
m = a + 64;
|
||||
#endif
|
||||
r = a;
|
||||
|
||||
sp_2048_from_bin(a, 32, in, inLen);
|
||||
sp_2048_from_mp(d, 32, dm);
|
||||
sp_2048_from_mp(m, 32, mm);
|
||||
err = sp_2048_mod_exp_32(r, a, d, 2048, m, 0);
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
sp_2048_to_bin(r, out);
|
||||
*outLen = 256;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 32);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
#else
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 32);
|
||||
#endif
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
#else
|
||||
extern sp_digit sp_2048_cond_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
|
||||
extern sp_digit sp_2048_cond_add_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
|
||||
/* RSA private key operation.
|
||||
@@ -1627,6 +1721,7 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, mp_int* dm,
|
||||
|
||||
return err;
|
||||
}
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -3520,6 +3615,100 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
/* RSA private key operation.
|
||||
*
|
||||
* in Array of bytes representing the number to exponentiate, base.
|
||||
* inLen Number of bytes in base.
|
||||
* dm Private exponent.
|
||||
* pm First prime.
|
||||
* qm Second prime.
|
||||
* dpm First prime's CRT exponent.
|
||||
* dqm Second prime's CRT exponent.
|
||||
* qim Inverse of second prime mod p.
|
||||
* mm Modulus.
|
||||
* out Buffer to hold big-endian bytes of exponentiation result.
|
||||
* Must be at least 384 bytes long.
|
||||
* outLen Number of bytes in result.
|
||||
* returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
|
||||
* an array is too long and MEMORY_E when dynamic memory allocation fails.
|
||||
*/
|
||||
int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm,
|
||||
byte* out, word32* outLen)
|
||||
{
|
||||
#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
|
||||
sp_digit a[96], d[48], m[48];
|
||||
#else
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* a;
|
||||
sp_digit* m;
|
||||
#endif
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 384U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 384U) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 3072) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 48 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
a = d + 48;
|
||||
m = a + 96;
|
||||
#endif
|
||||
r = a;
|
||||
|
||||
sp_3072_from_bin(a, 48, in, inLen);
|
||||
sp_3072_from_mp(d, 48, dm);
|
||||
sp_3072_from_mp(m, 48, mm);
|
||||
err = sp_3072_mod_exp_48(r, a, d, 3072, m, 0);
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
sp_3072_to_bin(r, out);
|
||||
*outLen = 384;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 48);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
#else
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 48);
|
||||
#endif
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
#else
|
||||
extern sp_digit sp_3072_cond_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
|
||||
extern sp_digit sp_3072_cond_add_avx2_24(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
|
||||
/* RSA private key operation.
|
||||
@@ -3681,6 +3870,7 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, mp_int* dm,
|
||||
|
||||
return err;
|
||||
}
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
@@ -5028,6 +5218,100 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, mp_int* em, mp_int* mm,
|
||||
return err;
|
||||
}
|
||||
|
||||
#if defined(SP_RSA_PRIVATE_EXP_D) || defined(RSA_LOW_MEM)
|
||||
/* RSA private key operation.
|
||||
*
|
||||
* in Array of bytes representing the number to exponentiate, base.
|
||||
* inLen Number of bytes in base.
|
||||
* dm Private exponent.
|
||||
* pm First prime.
|
||||
* qm Second prime.
|
||||
* dpm First prime's CRT exponent.
|
||||
* dqm Second prime's CRT exponent.
|
||||
* qim Inverse of second prime mod p.
|
||||
* mm Modulus.
|
||||
* out Buffer to hold big-endian bytes of exponentiation result.
|
||||
* Must be at least 512 bytes long.
|
||||
* outLen Number of bytes in result.
|
||||
* returns 0 on success, MP_TO_E when the outLen is too small, MP_READ_E when
|
||||
* an array is too long and MEMORY_E when dynamic memory allocation fails.
|
||||
*/
|
||||
int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim, mp_int* mm,
|
||||
byte* out, word32* outLen)
|
||||
{
|
||||
#if !defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SMALL_STACK)
|
||||
sp_digit a[128], d[64], m[64];
|
||||
#else
|
||||
sp_digit* d = NULL;
|
||||
sp_digit* a;
|
||||
sp_digit* m;
|
||||
#endif
|
||||
sp_digit* r;
|
||||
int err = MP_OKAY;
|
||||
|
||||
(void)pm;
|
||||
(void)qm;
|
||||
(void)dpm;
|
||||
(void)dqm;
|
||||
(void)qim;
|
||||
|
||||
if (*outLen < 512U) {
|
||||
err = MP_TO_E;
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
if (mp_count_bits(dm) > 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (inLen > 512U) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
if (mp_count_bits(mm) != 4096) {
|
||||
err = MP_READ_E;
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
if (err == MP_OKAY) {
|
||||
d = (sp_digit*)XMALLOC(sizeof(sp_digit) * 64 * 4, NULL,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (d == NULL) {
|
||||
err = MEMORY_E;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
a = d + 64;
|
||||
m = a + 128;
|
||||
#endif
|
||||
r = a;
|
||||
|
||||
sp_4096_from_bin(a, 64, in, inLen);
|
||||
sp_4096_from_mp(d, 64, dm);
|
||||
sp_4096_from_mp(m, 64, mm);
|
||||
err = sp_4096_mod_exp_64(r, a, d, 4096, m, 0);
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
sp_4096_to_bin(r, out);
|
||||
*outLen = 512;
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)
|
||||
if (d != NULL) {
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 64);
|
||||
XFREE(d, NULL, DYNAMIC_TYPE_RSA);
|
||||
}
|
||||
#else
|
||||
XMEMSET(d, 0, sizeof(sp_digit) * 64);
|
||||
#endif
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
#else
|
||||
extern sp_digit sp_4096_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
|
||||
extern sp_digit sp_4096_cond_add_avx2_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m);
|
||||
/* RSA private key operation.
|
||||
@@ -5189,6 +5473,7 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, mp_int* dm,
|
||||
|
||||
return err;
|
||||
}
|
||||
#endif /* SP_RSA_PRIVATE_EXP_D || RSA_LOW_MEM */
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
#if defined(WOLFSSL_HAVE_SP_DH) || (defined(WOLFSSL_HAVE_SP_RSA) && \
|
||||
!defined(WOLFSSL_RSA_PUBLIC_ONLY))
|
||||
|
||||
+17
-20
@@ -4328,6 +4328,8 @@ int fp_isprime_ex(fp_int *a, int t, int* result)
|
||||
int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng)
|
||||
{
|
||||
int ret = FP_YES;
|
||||
fp_digit d;
|
||||
int i;
|
||||
|
||||
if (a == NULL || result == NULL || rng == NULL)
|
||||
return FP_VAL;
|
||||
@@ -4337,35 +4339,30 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng)
|
||||
return FP_OKAY;
|
||||
}
|
||||
|
||||
if (ret == FP_YES) {
|
||||
fp_digit d;
|
||||
int r;
|
||||
/* check against primes table */
|
||||
for (i = 0; i < FP_PRIME_SIZE; i++) {
|
||||
if (fp_cmp_d(a, primes[i]) == FP_EQ) {
|
||||
*result = FP_YES;
|
||||
return FP_OKAY;
|
||||
}
|
||||
}
|
||||
|
||||
/* check against primes table */
|
||||
for (r = 0; r < FP_PRIME_SIZE; r++) {
|
||||
if (fp_cmp_d(a, primes[r]) == FP_EQ) {
|
||||
*result = FP_YES;
|
||||
/* do trial division */
|
||||
for (i = 0; i < FP_PRIME_SIZE; i++) {
|
||||
if (fp_mod_d(a, primes[i], &d) == MP_OKAY) {
|
||||
if (d == 0) {
|
||||
*result = FP_NO;
|
||||
return FP_OKAY;
|
||||
}
|
||||
}
|
||||
|
||||
/* do trial division */
|
||||
for (r = 0; r < FP_PRIME_SIZE; r++) {
|
||||
if (fp_mod_d(a, primes[r], &d) == MP_OKAY) {
|
||||
if (d == 0) {
|
||||
*result = FP_NO;
|
||||
return FP_OKAY;
|
||||
}
|
||||
}
|
||||
else
|
||||
return FP_VAL;
|
||||
}
|
||||
else
|
||||
return FP_VAL;
|
||||
}
|
||||
|
||||
#ifndef WC_NO_RNG
|
||||
/* now do a miller rabin with up to t random numbers, this should
|
||||
* give a (1/4)^t chance of a false prime. */
|
||||
if (ret == FP_YES) {
|
||||
{
|
||||
#ifndef WOLFSSL_SMALL_STACK
|
||||
fp_int b[1], c[1], n1[1], y[1], r[1];
|
||||
byte base[FP_MAX_PRIME_SIZE];
|
||||
|
||||
@@ -212,9 +212,9 @@ int wc_bigint_alloc(WC_BIGINT* a, word32 sz)
|
||||
}
|
||||
if (a->buf == NULL) {
|
||||
a->buf = (byte*)XMALLOC(sz, a->heap, DYNAMIC_TYPE_WOLF_BIGINT);
|
||||
}
|
||||
if (a->buf == NULL) {
|
||||
err = MP_MEM;
|
||||
if (a->buf == NULL) {
|
||||
err = MP_MEM;
|
||||
}
|
||||
}
|
||||
else {
|
||||
XMEMSET(a->buf, 0, sz);
|
||||
|
||||
+25
-14
@@ -5913,6 +5913,11 @@ EVP_TEST_END:
|
||||
#endif
|
||||
int ret = 0;
|
||||
|
||||
(void)enc;
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
(void)dec;
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_AES_128
|
||||
/* 128 key size test */
|
||||
#ifdef OPENSSL_EXTRA
|
||||
@@ -13568,7 +13573,9 @@ int rsa_test(void)
|
||||
#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
|
||||
XFILE caFile;
|
||||
#endif
|
||||
#if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
|
||||
XFILE ntruPrivFile;
|
||||
#endif
|
||||
int certSz;
|
||||
word32 idx3 = 0;
|
||||
#ifdef WOLFSSL_TEST_CERT
|
||||
@@ -18423,7 +18430,9 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
|
||||
{
|
||||
int ret = 0;
|
||||
int derSz;
|
||||
#ifdef HAVE_PKCS8
|
||||
word32 pkcs8Sz;
|
||||
#endif
|
||||
byte* der;
|
||||
byte* pem;
|
||||
ecc_key userA;
|
||||
@@ -18538,6 +18547,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
|
||||
(void)testVerifyCount;
|
||||
(void)dp;
|
||||
(void)x;
|
||||
|
||||
XMEMSET(&userA, 0, sizeof(ecc_key));
|
||||
XMEMSET(&userB, 0, sizeof(ecc_key));
|
||||
@@ -21839,14 +21849,14 @@ static int curve448_check_public_test(void)
|
||||
}
|
||||
|
||||
/* Little-endian fail cases */
|
||||
for (i = 0; i < (int)(sizeof(fail_le) / sizeof(fail_le)); i++) {
|
||||
for (i = 0; i < (int)(sizeof(fail_le) / sizeof(*fail_le)); i++) {
|
||||
if (wc_curve448_check_public(fail_le[i], CURVE448_KEY_SIZE,
|
||||
EC448_LITTLE_ENDIAN) == 0) {
|
||||
return -10924 - i;
|
||||
}
|
||||
}
|
||||
/* Big-endian fail cases */
|
||||
for (i = 0; i < (int)(sizeof(fail_be) / sizeof(fail_be)); i++) {
|
||||
for (i = 0; i < (int)(sizeof(fail_be) / sizeof(*fail_be)); i++) {
|
||||
if (wc_curve448_check_public(fail_be[i], CURVE448_KEY_SIZE,
|
||||
EC448_BIG_ENDIAN) == 0) {
|
||||
return -10934 - i;
|
||||
@@ -21883,6 +21893,8 @@ int curve448_test(void)
|
||||
word32 x;
|
||||
curve448_key userA, userB, pubKey;
|
||||
|
||||
(void)x;
|
||||
|
||||
#if defined(HAVE_CURVE448_SHARED_SECRET) && \
|
||||
defined(HAVE_CURVE448_KEY_IMPORT)
|
||||
/* test vectors from
|
||||
@@ -25306,14 +25318,14 @@ int pkcs7authenveloped_test(void)
|
||||
|
||||
#endif /* HAVE_AESGCM || HAVE_AESCCM */
|
||||
#ifndef NO_AES
|
||||
static const byte defKey[] = {
|
||||
static const byte p7DefKey[] = {
|
||||
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
|
||||
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
|
||||
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
|
||||
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
|
||||
};
|
||||
|
||||
static const byte altKey[] = {
|
||||
static const byte p7AltKey[] = {
|
||||
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,
|
||||
0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08
|
||||
};
|
||||
@@ -25342,7 +25354,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
|
||||
|
||||
switch (keyWrapAlgo) {
|
||||
case AES256_WRAP:
|
||||
ret = wc_AesKeyUnWrap(defKey, sizeof(defKey), cek, cekSz,
|
||||
ret = wc_AesKeyUnWrap(p7DefKey, sizeof(p7DefKey), cek, cekSz,
|
||||
out, outSz, NULL);
|
||||
if (ret <= 0)
|
||||
return ret;
|
||||
@@ -25431,8 +25443,8 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
|
||||
pkcs7->ukmSz = 0;
|
||||
|
||||
/* add recipient (KEKRI type) */
|
||||
ret = wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP, (byte*)defKey,
|
||||
sizeof(defKey), (byte*)keyId,
|
||||
ret = wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP, (byte*)p7DefKey,
|
||||
sizeof(p7DefKey), (byte*)keyId,
|
||||
sizeof(keyId), NULL, NULL, 0, NULL, 0, 0);
|
||||
if (ret < 0) {
|
||||
printf("wc_PKCS7_AddRecipient_KEKRI() failed, ret = %d\n", ret);
|
||||
@@ -25495,7 +25507,7 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
|
||||
|
||||
/* If using keyHint 0 then create a bundle with fwWrappedFirmwareKey */
|
||||
if (keyHint == 0) {
|
||||
ret = envelopedData_encrypt((byte*)defKey, sizeof(defKey), env,
|
||||
ret = envelopedData_encrypt((byte*)p7DefKey, sizeof(p7DefKey), env,
|
||||
sizeof(env));
|
||||
if (ret <= 0) {
|
||||
return ret;
|
||||
@@ -25667,7 +25679,7 @@ int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz)
|
||||
word32 derSz = FOURK_BUF/2;
|
||||
|
||||
/* Doing default generation and verify */
|
||||
ret = generateBundle(derBuf, &derSz, defKey, sizeof(defKey), 0, cert,
|
||||
ret = generateBundle(derBuf, &derSz, p7DefKey, sizeof(p7DefKey), 0, cert,
|
||||
certSz, key, keySz);
|
||||
if (ret <= 0) {
|
||||
return -11915;
|
||||
@@ -25680,7 +25692,7 @@ int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz)
|
||||
|
||||
/* test choosing other key with keyID */
|
||||
derSz = FOURK_BUF/2;
|
||||
ret = generateBundle(derBuf, &derSz, altKey, sizeof(altKey), 1,
|
||||
ret = generateBundle(derBuf, &derSz, p7AltKey, sizeof(p7AltKey), 1,
|
||||
cert, certSz, key, keySz);
|
||||
if (ret <= 0) {
|
||||
return -11917;
|
||||
@@ -25693,7 +25705,7 @@ int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz)
|
||||
|
||||
/* test fail case with wrong keyID */
|
||||
derSz = FOURK_BUF/2;
|
||||
ret = generateBundle(derBuf, &derSz, defKey, sizeof(defKey), 1,
|
||||
ret = generateBundle(derBuf, &derSz, p7DefKey, sizeof(p7DefKey), 1,
|
||||
cert, certSz, key, keySz);
|
||||
if (ret <= 0) {
|
||||
return -11919;
|
||||
@@ -28439,9 +28451,8 @@ int cryptocb_test(void)
|
||||
#endif
|
||||
#ifndef NO_PWDBASED
|
||||
#if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
|
||||
ret = pbkdf2_test();
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
if (ret == 0)
|
||||
ret = pbkdf2_test();
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user