wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-31 11:17:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7612 from dgarske/rsa_pad

Browse Source 
Improvements to RSA padding to expose Pad/Unpad API's
This commit is contained in:
JacobBarthelmeh
2024-06-21 13:19:28 -06:00
committed by GitHub
parent aea32e37a9 305a754de3
commit e72db4a306
3 changed files with 36 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
examples/async/include.am
View File

@ -2,20 +2,25 @@
# All paths should be given relative to the root # All paths should be given relative to the root
if BUILD_ASYNCCRYPT if BUILD_ASYNCCRYPT
noinst_HEADERS += examples/async/async_tls.h noinst_HEADERS += examples/async/async_tls.h
if BUILD_EXAMPLE_CLIENTS
noinst_PROGRAMS += examples/async/async_client noinst_PROGRAMS += examples/async/async_client
examples_async_async_client_SOURCES = examples/async/async_client.c examples/async/async_tls.c examples_async_async_client_SOURCES = examples/async/async_client.c examples/async/async_tls.c
examples_async_async_client_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD) examples_async_async_client_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
examples_async_async_client_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la examples_async_async_client_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
examples_async_async_client_CFLAGS = $(AM_CFLAGS) examples_async_async_client_CFLAGS = $(AM_CFLAGS)
endif
if BUILD_EXAMPLE_SERVERS
noinst_PROGRAMS += examples/async/async_server noinst_PROGRAMS += examples/async/async_server
examples_async_async_server_SOURCES = examples/async/async_server.c examples/async/async_tls.c examples_async_async_server_SOURCES = examples/async/async_server.c examples/async/async_tls.c
examples_async_async_server_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD) examples_async_async_server_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
examples_async_async_server_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la examples_async_async_server_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
examples_async_async_server_CFLAGS = $(AM_CFLAGS) examples_async_async_server_CFLAGS = $(AM_CFLAGS)
endif endif
endif
dist_example_DATA+= examples/async/async_server.c dist_example_DATA+= examples/async/async_server.c
dist_example_DATA+= examples/async/async_client.c dist_example_DATA+= examples/async/async_client.c

38
wolfcrypt/src/rsa.c
View File

@ -129,19 +129,23 @@ enum {
static void wc_RsaCleanup(RsaKey* key) static void wc_RsaCleanup(RsaKey* key)
{ {
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_NO_MALLOC) #if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
if (key && key->data) { (!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
if (key != NULL) {
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
/* if private operation zero temp buffer */
if ((key->data != NULL && key->dataLen > 0) &&
(key->type == RSA_PRIVATE_DECRYPT ||
key->type == RSA_PRIVATE_ENCRYPT)) {
ForceZero(key->data, key->dataLen);
}
#endif
/* make sure any allocated memory is free'd */ /* make sure any allocated memory is free'd */
if (key->dataIsAlloc) { if (key->dataIsAlloc) {
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
if (key->type == RSA_PRIVATE_DECRYPT ||
key->type == RSA_PRIVATE_ENCRYPT) {
ForceZero(key->data, key->dataLen);
}
#endif
XFREE(key->data, key->heap, DYNAMIC_TYPE_WOLF_BIGINT); XFREE(key->data, key->heap, DYNAMIC_TYPE_WOLF_BIGINT);
key->dataIsAlloc = 0; key->dataIsAlloc = 0;
} }
key->data = NULL; key->data = NULL;
key->dataLen = 0; key->dataLen = 0;
} }
@ -163,10 +167,11 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
key->type = RSA_TYPE_UNKNOWN; key->type = RSA_TYPE_UNKNOWN;
key->state = RSA_STATE_NONE; key->state = RSA_STATE_NONE;
key->heap = heap; key->heap = heap;
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_NO_MALLOC) #if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
(!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
key->dataIsAlloc = 0; key->dataIsAlloc = 0;
key->data = NULL;
#endif #endif
key->data = NULL;
key->dataLen = 0; key->dataLen = 0;
#ifdef WC_RSA_BLINDING #ifdef WC_RSA_BLINDING
key->rng = NULL; key->rng = NULL;
@ -3504,6 +3509,7 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
break; break;
} }
XMEMCPY(key->data, in, inLen); XMEMCPY(key->data, in, inLen);
key->dataLen = inLen;
} }
else { else {
key->dataIsAlloc = 0; key->dataIsAlloc = 0;
@ -3537,13 +3543,13 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
case RSA_STATE_DECRYPT_UNPAD: case RSA_STATE_DECRYPT_UNPAD:
#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \ #if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
!defined(WOLFSSL_NO_MALLOC) !defined(WOLFSSL_NO_MALLOC)
ret = wc_RsaUnPad_ex(key->data, key->dataLen, &pad, pad_value, pad_type, ret = wc_RsaUnPad_ex(key->data,
hash, mgf, label, labelSz, saltLen, key->dataLen, &pad, pad_value, pad_type, hash, mgf,
mp_count_bits(&key->n), key->heap); label, labelSz, saltLen, mp_count_bits(&key->n), key->heap);
#else #else
ret = wc_RsaUnPad_ex(out, key->dataLen, &pad, pad_value, pad_type, hash, ret = wc_RsaUnPad_ex(out,
mgf, label, labelSz, saltLen, key->dataLen, &pad, pad_value, pad_type, hash, mgf, label,
mp_count_bits(&key->n), key->heap); labelSz, saltLen, mp_count_bits(&key->n), key->heap);
#endif #endif
if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen) { if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen) {
ret = RSA_BUFFER_E; ret = RSA_BUFFER_E;

19
wolfssl/wolfcrypt/rsa.h
View File

@ -242,8 +242,8 @@ struct RsaKey {
char label[RSA_MAX_LABEL_LEN]; char label[RSA_MAX_LABEL_LEN];
int labelLen; int labelLen;
#endif #endif
#if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE) && \ #if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
!defined(WOLFSSL_NO_MALLOC) (!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
byte dataIsAlloc; byte dataIsAlloc;
#endif #endif
#ifdef WC_RSA_NONBLOCK #ifdef WC_RSA_NONBLOCK
@ -441,14 +441,13 @@ WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
int nlen, int* isPrime); int nlen, int* isPrime);
#endif #endif
WOLFSSL_LOCAL int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock, WOLFSSL_API int wc_RsaPad_ex(const byte* input, word32 inputLen,
word32 pkcsBlockLen, byte padValue, WC_RNG* rng, int padType, byte* pkcsBlock, word32 pkcsBlockLen, byte padValue,
enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen, WC_RNG* rng, int padType, enum wc_HashType hType, int mgf,
int saltLen, int bits, void* heap); byte* optLabel, word32 labelLen, int saltLen, int bits, void* heap);
WOLFSSL_LOCAL int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out, WOLFSSL_API int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen,
byte padValue, int padType, enum wc_HashType hType, byte** out, byte padValue, int padType, enum wc_HashType hType, int mgf,
int mgf, byte* optLabel, word32 labelLen, int saltLen, byte* optLabel, word32 labelLen, int saltLen, int bits, void* heap);
int bits, void* heap);
WOLFSSL_LOCAL int wc_hash2mgf(enum wc_HashType hType); WOLFSSL_LOCAL int wc_hash2mgf(enum wc_HashType hType);
WOLFSSL_LOCAL int RsaFunctionCheckIn(const byte* in, word32 inLen, RsaKey* key, WOLFSSL_LOCAL int RsaFunctionCheckIn(const byte* in, word32 inLen, RsaKey* key,