diff --git a/src/internal.c b/src/internal.c index 97d94fb..99f9a45 100644 --- a/src/internal.c +++ b/src/internal.c @@ -48,6 +48,12 @@ #include #include +#if (LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_0_0) \ + && ((defined(HAVE_FIPS) && FIPS_VERSION_GE(5,2)) \ + || defined(WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256)) + #include +#endif + #ifdef WOLFSSH_HAVE_LIBOQS #include #endif @@ -456,6 +462,9 @@ const char* GetErrorString(int err) case WS_AUTH_PENDING: return "userauth is still pending (callback would block)"; + case WS_KDF_E: + return "KDF error"; + default: return "Unknown error code"; } @@ -2164,6 +2173,32 @@ int GenerateKey(byte hashId, byte keyId, const byte* h, word32 hSz, const byte* sessionId, word32 sessionIdSz, byte doKeyPad) +#if (LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_0_0) \ + && ((defined(HAVE_FIPS) && FIPS_VERSION_GE(5,2)) \ + || defined(WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256)) +/* Cannot use the SSH KDF with Kyber. With Kyber, doKeyPad must be false, + * and the FIPS SSH KDF doesn't handle no-padding. Also, the Kyber algorithm + * isn't in our FIPS boundary. */ +{ + int ret = WS_SUCCESS; + + if (!doKeyPad) { + WLOG(WS_LOG_ERROR, "cannot use FIPS KDF with Kyber"); + ret = WS_INVALID_ALGO_ID; + } + else { + PRIVATE_KEY_UNLOCK(); + ret = wc_SSH_KDF(hashId, keyId, key, keySz, + k, kSz, h, hSz, sessionId, sessionIdSz); + PRIVATE_KEY_LOCK(); + if (ret != 0) { + WLOG(WS_LOG_ERROR, "SSH KDF failed (%d)", ret); + ret = WS_KDF_E; + } + } + return ret; +} +#else { word32 blocks, remainder; wc_HashAlg hash; @@ -2174,12 +2209,13 @@ int GenerateKey(byte hashId, byte keyId, int digestSz; int ret; + WLOG(WS_LOG_DEBUG, "Entering GenerateKey()"); + if (key == NULL || keySz == 0 || k == NULL || kSz == 0 || h == NULL || hSz == 0 || sessionId == NULL || sessionIdSz == 0) { - WLOG(WS_LOG_DEBUG, "GK: bad argument"); return WS_BAD_ARGUMENT; } @@ -2274,6 +2310,7 @@ int GenerateKey(byte hashId, byte keyId, return ret; } +#endif /* HAVE_FIPS && LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_7_2 */ static int GenerateKeys(WOLFSSH* ssh, byte hashId, byte doKeyPad) diff --git a/wolfssh/error.h b/wolfssh/error.h index 9d3832f..d41f840 100644 --- a/wolfssh/error.h +++ b/wolfssh/error.h @@ -135,8 +135,9 @@ enum WS_ErrorCodes { WS_MSGID_NOT_ALLOWED_E = -1094, /* Message not allowed before userauth */ WS_ED25519_E = -1095, /* Ed25519 failure */ WS_AUTH_PENDING = -1096, /* User authentication still pending */ + WS_KDF_E = -1097, /* KDF error*/ - WS_LAST_E = -1096 /* Update this to indicate last error */ + WS_LAST_E = -1097 /* Update this to indicate last error */ }; diff --git a/wolfssh/internal.h b/wolfssh/internal.h index a1f29b4..c020526 100644 --- a/wolfssh/internal.h +++ b/wolfssh/internal.h @@ -1352,7 +1352,9 @@ enum TerminalModes { #endif /* WOLFSSH_TERM */ +#define WOLFSSL_V5_0_0 0x05000000 #define WOLFSSL_V5_7_0 0x05007000 +#define WOLFSSL_V5_7_2 0x05007002 #ifdef __cplusplus diff --git a/zephyr/samples/tests/wolfssl_user_settings.h b/zephyr/samples/tests/wolfssl_user_settings.h index 03b12c9..b22d3bd 100644 --- a/zephyr/samples/tests/wolfssl_user_settings.h +++ b/zephyr/samples/tests/wolfssl_user_settings.h @@ -28,6 +28,9 @@ extern "C" { #undef WOLFSSL_ZEPHYR #define WOLFSSL_ZEPHYR +#undef WOLFSSL_WOLFSSH +#define WOLFSSL_WOLFSSH + #undef TFM_TIMING_RESISTANT #define TFM_TIMING_RESISTANT diff --git a/zephyr/samples/tests/wolfssl_user_settings_nofs.h b/zephyr/samples/tests/wolfssl_user_settings_nofs.h index 881b6b6..7a27eae 100644 --- a/zephyr/samples/tests/wolfssl_user_settings_nofs.h +++ b/zephyr/samples/tests/wolfssl_user_settings_nofs.h @@ -28,6 +28,9 @@ extern "C" { #undef WOLFSSL_ZEPHYR #define WOLFSSL_ZEPHYR +#undef WOLFSSL_WOLFSSH +#define WOLFSSL_WOLFSSH + #undef TFM_TIMING_RESISTANT #define TFM_TIMING_RESISTANT