WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Avoid using heap (malloc/free) for ecc_point.

pull/289/head
David Garske 2023-08-10 15:05:33 -07:00
parent 847e0ae595
commit 00c8ffc999
1 changed files with 22 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
src/tpm2_wrap.c
View File

@ -1044,6 +1044,9 @@ exit:
return ret; return ret;
} }
#ifdef ALT_ECC_SIZE
#error use of ecc_point below does not support ALT_ECC_SIZE
#endif
/* returns both the plaintext and encrypted value */ /* returns both the plaintext and encrypted value */
/* ECC: data = derived symmetric key /* ECC: data = derived symmetric key
* secret = exported public point */ * secret = exported public point */
@ -1056,7 +1059,7 @@ static int wolfTPM2_EncryptSecret_ECC(WOLFTPM2_DEV* dev, const WOLFTPM2_KEY* tpm
ecc_key eccKeyPriv, eccKeyPub; ecc_key eccKeyPriv, eccKeyPub;
const TPMT_PUBLIC *publicArea; const TPMT_PUBLIC *publicArea;
TPM2B_ECC_POINT pubPoint, secretPoint; TPM2B_ECC_POINT pubPoint, secretPoint;
ecc_point* r = NULL; ecc_point r[1];
mp_int prime, a; mp_int prime, a;
publicArea = &tpmKey->pub.publicArea; publicArea = &tpmKey->pub.publicArea;
@ -1065,6 +1068,9 @@ static int wolfTPM2_EncryptSecret_ECC(WOLFTPM2_DEV* dev, const WOLFTPM2_KEY* tpm
XMEMSET(&eccKeyPriv, 0, sizeof(eccKeyPriv)); XMEMSET(&eccKeyPriv, 0, sizeof(eccKeyPriv));
XMEMSET(&pubPoint, 0, sizeof(pubPoint)); XMEMSET(&pubPoint, 0, sizeof(pubPoint));
XMEMSET(&secretPoint, 0, sizeof(secretPoint)); XMEMSET(&secretPoint, 0, sizeof(secretPoint));
XMEMSET(r, 0, sizeof(r));
XMEMSET(&prime, 0, sizeof(prime));
XMEMSET(&a, 0, sizeof(a));
rc = wc_InitRng_ex(&rng, NULL, INVALID_DEVID); rc = wc_InitRng_ex(&rng, NULL, INVALID_DEVID);
if (rc == 0) { if (rc == 0) {
@ -1102,16 +1108,15 @@ static int wolfTPM2_EncryptSecret_ECC(WOLFTPM2_DEV* dev, const WOLFTPM2_KEY* tpm
secret->size = packet.pos; secret->size = packet.pos;
} }
if (rc == 0) { if (rc == 0) {
r = wc_ecc_new_point(); rc = mp_init_multi(&prime, &a, r->x, r->y, r->z, NULL);
if (r == NULL) }
rc = MEMORY_E; if (rc == 0) {
rc = mp_read_radix(&prime, eccKeyPriv.dp->prime, MP_RADIX_HEX);
}
if (rc == 0) {
rc = mp_read_radix(&a, eccKeyPriv.dp->Af, MP_RADIX_HEX);
} }
if (rc == 0) { if (rc == 0) {
mp_init(&prime);
mp_init(&a);
mp_read_radix(&prime, eccKeyPriv.dp->prime, MP_RADIX_HEX);
mp_read_radix(&a, eccKeyPriv.dp->Af, MP_RADIX_HEX);
/* perform point multiply */ /* perform point multiply */
rc = wc_ecc_mulmod(wc_ecc_key_get_priv(&eccKeyPriv), &eccKeyPub.pubkey, rc = wc_ecc_mulmod(wc_ecc_key_get_priv(&eccKeyPriv), &eccKeyPub.pubkey,
r, &a, &prime, 1); r, &a, &prime, 1);
@ -1119,8 +1124,9 @@ static int wolfTPM2_EncryptSecret_ECC(WOLFTPM2_DEV* dev, const WOLFTPM2_KEY* tpm
if (rc == 0) { if (rc == 0) {
/* export shared secret x */ /* export shared secret x */
secretPoint.point.x.size = mp_unsigned_bin_size(r->x); secretPoint.point.x.size = mp_unsigned_bin_size(r->x);
mp_to_unsigned_bin(r->x, secretPoint.point.x.buffer); rc = mp_to_unsigned_bin(r->x, secretPoint.point.x.buffer);
}
if (rc == 0) {
/* set size encryption key */ /* set size encryption key */
data->size = TPM2_GetHashDigestSize(publicArea->nameAlg); data->size = TPM2_GetHashDigestSize(publicArea->nameAlg);
@ -1135,11 +1141,11 @@ static int wolfTPM2_EncryptSecret_ECC(WOLFTPM2_DEV* dev, const WOLFTPM2_KEY* tpm
); );
} }
if (r != NULL) { mp_clear(r->x);
mp_free(&a); mp_clear(r->y);
mp_free(&prime); mp_clear(r->z);
wc_ecc_del_point(r); mp_clear(&a);
} mp_clear(&prime);
wc_ecc_free(&eccKeyPub); wc_ecc_free(&eccKeyPub);
wc_ecc_free(&eccKeyPriv); wc_ecc_free(&eccKeyPriv);
wc_FreeRng(&rng); wc_FreeRng(&rng);