mirror of https://github.com/wolfSSL/wolfssh.git
Use wolfCrypt SSHv2 KDF
1. Switching to use the new SSH-KDF function in wolfCrypt when the correct version of wolfSSL (v5.0.0 at a minimum) is used, when certified version of wolfCrypt is used or Kyber is disabled. 2. Add WOLFSSL_WOLFSSH to the wolfSSL user_settings files for the Zephyr testing.pull/729/head
parent
06dc40df87
commit
6e151e45c5
|
@ -48,6 +48,12 @@
|
|||
#include <wolfssl/wolfcrypt/hmac.h>
|
||||
#include <wolfssl/wolfcrypt/signature.h>
|
||||
|
||||
#if (LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_0_0) \
|
||||
&& ((defined(HAVE_FIPS) && FIPS_VERSION_GE(5,2)) \
|
||||
|| defined(WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256))
|
||||
#include <wolfssl/wolfcrypt/kdf.h>
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSH_HAVE_LIBOQS
|
||||
#include <oqs/kem.h>
|
||||
#endif
|
||||
|
@ -456,6 +462,9 @@ const char* GetErrorString(int err)
|
|||
case WS_AUTH_PENDING:
|
||||
return "userauth is still pending (callback would block)";
|
||||
|
||||
case WS_KDF_E:
|
||||
return "KDF error";
|
||||
|
||||
default:
|
||||
return "Unknown error code";
|
||||
}
|
||||
|
@ -2164,6 +2173,32 @@ int GenerateKey(byte hashId, byte keyId,
|
|||
const byte* h, word32 hSz,
|
||||
const byte* sessionId, word32 sessionIdSz,
|
||||
byte doKeyPad)
|
||||
#if (LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_0_0) \
|
||||
&& ((defined(HAVE_FIPS) && FIPS_VERSION_GE(5,2)) \
|
||||
|| defined(WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256))
|
||||
/* Cannot use the SSH KDF with Kyber. With Kyber, doKeyPad must be false,
|
||||
* and the FIPS SSH KDF doesn't handle no-padding. Also, the Kyber algorithm
|
||||
* isn't in our FIPS boundary. */
|
||||
{
|
||||
int ret = WS_SUCCESS;
|
||||
|
||||
if (!doKeyPad) {
|
||||
WLOG(WS_LOG_ERROR, "cannot use FIPS KDF with Kyber");
|
||||
ret = WS_INVALID_ALGO_ID;
|
||||
}
|
||||
else {
|
||||
PRIVATE_KEY_UNLOCK();
|
||||
ret = wc_SSH_KDF(hashId, keyId, key, keySz,
|
||||
k, kSz, h, hSz, sessionId, sessionIdSz);
|
||||
PRIVATE_KEY_LOCK();
|
||||
if (ret != 0) {
|
||||
WLOG(WS_LOG_ERROR, "SSH KDF failed (%d)", ret);
|
||||
ret = WS_KDF_E;
|
||||
}
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
#else
|
||||
{
|
||||
word32 blocks, remainder;
|
||||
wc_HashAlg hash;
|
||||
|
@ -2174,12 +2209,13 @@ int GenerateKey(byte hashId, byte keyId,
|
|||
int digestSz;
|
||||
int ret;
|
||||
|
||||
WLOG(WS_LOG_DEBUG, "Entering GenerateKey()");
|
||||
|
||||
if (key == NULL || keySz == 0 ||
|
||||
k == NULL || kSz == 0 ||
|
||||
h == NULL || hSz == 0 ||
|
||||
sessionId == NULL || sessionIdSz == 0) {
|
||||
|
||||
WLOG(WS_LOG_DEBUG, "GK: bad argument");
|
||||
return WS_BAD_ARGUMENT;
|
||||
}
|
||||
|
||||
|
@ -2274,6 +2310,7 @@ int GenerateKey(byte hashId, byte keyId,
|
|||
|
||||
return ret;
|
||||
}
|
||||
#endif /* HAVE_FIPS && LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_7_2 */
|
||||
|
||||
|
||||
static int GenerateKeys(WOLFSSH* ssh, byte hashId, byte doKeyPad)
|
||||
|
|
|
@ -135,8 +135,9 @@ enum WS_ErrorCodes {
|
|||
WS_MSGID_NOT_ALLOWED_E = -1094, /* Message not allowed before userauth */
|
||||
WS_ED25519_E = -1095, /* Ed25519 failure */
|
||||
WS_AUTH_PENDING = -1096, /* User authentication still pending */
|
||||
WS_KDF_E = -1097, /* KDF error*/
|
||||
|
||||
WS_LAST_E = -1096 /* Update this to indicate last error */
|
||||
WS_LAST_E = -1097 /* Update this to indicate last error */
|
||||
};
|
||||
|
||||
|
||||
|
|
|
@ -1352,7 +1352,9 @@ enum TerminalModes {
|
|||
#endif /* WOLFSSH_TERM */
|
||||
|
||||
|
||||
#define WOLFSSL_V5_0_0 0x05000000
|
||||
#define WOLFSSL_V5_7_0 0x05007000
|
||||
#define WOLFSSL_V5_7_2 0x05007002
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
|
|
|
@ -28,6 +28,9 @@ extern "C" {
|
|||
#undef WOLFSSL_ZEPHYR
|
||||
#define WOLFSSL_ZEPHYR
|
||||
|
||||
#undef WOLFSSL_WOLFSSH
|
||||
#define WOLFSSL_WOLFSSH
|
||||
|
||||
#undef TFM_TIMING_RESISTANT
|
||||
#define TFM_TIMING_RESISTANT
|
||||
|
||||
|
|
|
@ -28,6 +28,9 @@ extern "C" {
|
|||
#undef WOLFSSL_ZEPHYR
|
||||
#define WOLFSSL_ZEPHYR
|
||||
|
||||
#undef WOLFSSL_WOLFSSH
|
||||
#define WOLFSSL_WOLFSSH
|
||||
|
||||
#undef TFM_TIMING_RESISTANT
|
||||
#define TFM_TIMING_RESISTANT
|
||||
|
||||
|
|
Loading…
Reference in New Issue