WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #8558 from julek-wolfssl/openssh-9.9-fix 

wolfSSL_EVP_PKEY_cmp: only compare the public keys
pull/8697/head
Daniel Pouzzner 2025-04-19 01:51:49 -05:00 committed by GitHub
parent 3cdc521d33 257fd17ea4
commit 543ba268a4
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 105 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
configure.ac
View File

@ -2253,6 +2253,7 @@ if test "$ENABLED_OPENSSH" = "yes"
then
ENABLED_FORTRESS="yes"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_OPENSSH -DHAVE_EX_DATA -DWOLFSSL_BASE16"
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ERROR_CODE_OPENSSL"
fi
# net-snmp Build

3
src/tls13.c
View File

@ -5580,6 +5580,9 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return ret;
ssl->options.pskNegotiated = 1;
}
#else
/* no resumption possible */
ssl->options.resuming = 0;
#endif
/* sanity check on PSK / KSE */

34
tests/api.c
View File

@ -6597,8 +6597,7 @@ static int test_wolfSSL_EVP_PKEY_print_public(void)
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "Public-Key: (256 bit)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectStrEQ(line, "Public-Key: (256 bit)\n");
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "pub:\n");
@ -25378,7 +25377,7 @@ static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey,
{
EXPECT_DECLS;
unsigned char check[WC_MAX_DIGEST_SIZE];
size_t checkSz = -1;
size_t checkSz = 0;
WOLFSSL_EVP_PKEY* key = NULL;
WOLFSSL_EVP_MD_CTX mdCtx;
@ -25388,8 +25387,10 @@ static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey,
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)testDataSz), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, (int)testResultSz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0);
@ -25404,12 +25405,15 @@ static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey,
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, (int)testResultSz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)testDataSz - 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0);
@ -25612,8 +25616,10 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,sz);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1);
@ -25637,12 +25643,15 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
@ -25668,8 +25677,10 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
paddings[i]), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,sz);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
@ -25703,10 +25714,12 @@ static int test_wolfSSL_EVP_MD_ecc_signing(void)
const char testData[] = "Hi There";
WOLFSSL_EVP_MD_CTX mdCtx;
int ret;
size_t checkSz = -1;
const unsigned char* cp;
const unsigned char* p;
unsigned char check[2048/8];
size_t checkSz = sizeof(check);
XMEMSET(check, 0, sizeof(check));
cp = ecc_clikey_der_256;
ExpectNotNull(privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp,
@ -25720,7 +25733,9 @@ static int test_wolfSSL_EVP_MD_ecc_signing(void)
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
@ -25739,10 +25754,13 @@ static int test_wolfSSL_EVP_MD_ecc_signing(void)
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
@ -25834,7 +25852,7 @@ static int test_wolfSSL_CTX_add_extra_chain_cert(void)
pkey = X509_get_pubkey(ecX509);
ExpectNotNull(pkey);
/* current ECC key is 256 bit (32 bytes) */
ExpectIntEQ(EVP_PKEY_size(pkey), 32);
ExpectIntGE(EVP_PKEY_size(pkey), 72);
X509_free(ecX509);
ecX509 = NULL;
@ -37584,7 +37602,7 @@ static int test_wolfSSL_BIO_f_md(void)
0xA4, 0x95, 0x99, 0x1B, 0x78, 0x52, 0xB8, 0x55
};
unsigned char check[sizeof(testResult) + 1];
size_t checkSz = -1;
size_t checkSz = sizeof(check);
EVP_PKEY* key = NULL;
XMEMSET(out, 0, sizeof(out));
@ -37637,7 +37655,9 @@ static int test_wolfSSL_BIO_f_md(void)
EVP_DigestSignInit(ctx, NULL, EVP_sha256(), NULL, key);
ExpectNotNull(bio = BIO_push(bio, mem));
BIO_write(bio, testData, (int)strlen(testData));
checkSz = sizeof(check);
ExpectIntEQ(EVP_DigestSignFinal(ctx, NULL, &checkSz), 1);
checkSz = sizeof(check);
ExpectIntEQ(EVP_DigestSignFinal(ctx, check, &checkSz), 1);
ExpectIntEQ(XMEMCMP(check, testResult, sizeof(testResult)), 0);
@ -40915,7 +40935,7 @@ static int test_wolfSSL_CTX_ctrl(void)
#endif
ExpectNotNull(pkey = X509_get_pubkey(ecX509));
/* current ECC key is 256 bit (32 bytes) */
ExpectIntEQ(EVP_PKEY_size(pkey), 32);
ExpectIntGE(EVP_PKEY_size(pkey), 72);
X509_free(ecX509);
EVP_PKEY_free(pkey);

111
wolfcrypt/src/evp.c
View File

@ -3478,14 +3478,44 @@ int wolfSSL_EVP_PKEY_verify(WOLFSSL_EVP_PKEY_CTX *ctx, const unsigned char *sig,
*/
int wolfSSL_EVP_PKEY_bits(const WOLFSSL_EVP_PKEY *pkey)
{
int bytes;
int ret = 0;
if (pkey == NULL) return 0;
WOLFSSL_ENTER("wolfSSL_EVP_PKEY_bits");
if ((bytes = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey)) ==0) return 0;
if (bytes < 0)
if (pkey == NULL)
return 0;
return bytes*8;
WOLFSSL_ENTER("wolfSSL_EVP_PKEY_bits");
switch (pkey->type) {
#ifndef NO_RSA
case WC_EVP_PKEY_RSA:
ret = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(pkey->rsa));
break;
#endif /* !NO_RSA */
#ifndef NO_DSA
case WC_EVP_PKEY_DSA:
if (pkey->dsa == NULL ||
(!pkey->dsa->exSet &&
SetDsaExternal(pkey->dsa) != WOLFSSL_SUCCESS))
break;
ret = wolfSSL_BN_num_bytes(pkey->dsa->p);
break;
#endif
#ifdef HAVE_ECC
case WC_EVP_PKEY_EC:
if (pkey->ecc == NULL || pkey->ecc->internal == NULL) {
WOLFSSL_MSG("No ECC key has been set");
break;
}
ret = wc_ecc_size((ecc_key*)(pkey->ecc->internal));
break;
#endif /* HAVE_ECC */
default:
break;
}
return ret > 0 ? ret * 8 : 0;
}
@ -3692,12 +3722,11 @@ int wolfSSL_EVP_PKEY_keygen(WOLFSSL_EVP_PKEY_CTX *ctx,
return ret;
}
/* Get the size in bytes for WOLFSSL_EVP_PKEY key
/* Get the maximum suitable size for the operations that can be done with pkey
*
* pkey WOLFSSL_EVP_PKEY structure to get key size of
*
* returns the size of a key on success which is the maximum size of a
* signature
* returns the recommended size of buffers
*/
int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
{
@ -3725,7 +3754,7 @@ int wolfSSL_EVP_PKEY_size(WOLFSSL_EVP_PKEY *pkey)
WOLFSSL_MSG("No ECC key has been set");
break;
}
return wc_ecc_size((ecc_key*)(pkey->ecc->internal));
return wc_ecc_sig_size((ecc_key*)(pkey->ecc->internal));
#endif /* HAVE_ECC */
default:
@ -3894,7 +3923,6 @@ int wolfSSL_EVP_PKEY_missing_parameters(WOLFSSL_EVP_PKEY *pkey)
int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b)
{
int ret = -1; /* failure */
int a_sz = 0, b_sz = 0;
if (a == NULL || b == NULL)
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
@ -3907,40 +3935,47 @@ int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b)
switch (a->type) {
#ifndef NO_RSA
case WC_EVP_PKEY_RSA:
a_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(a->rsa));
b_sz = (int)wolfSSL_RSA_size((const WOLFSSL_RSA*)(b->rsa));
if (wolfSSL_RSA_size((const WOLFSSL_RSA*)(a->rsa)) <= 0 ||
wolfSSL_RSA_size((const WOLFSSL_RSA*)(b->rsa)) <= 0) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
if (mp_cmp(&((RsaKey*)a->rsa->internal)->n,
&((RsaKey*)b->rsa->internal)->n) != MP_EQ) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
if (mp_cmp(&((RsaKey*)a->rsa->internal)->e,
&((RsaKey*)b->rsa->internal)->e) != MP_EQ) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
break;
#endif /* !NO_RSA */
#ifdef HAVE_ECC
case WC_EVP_PKEY_EC:
if (a->ecc == NULL || a->ecc->internal == NULL ||
b->ecc == NULL || b->ecc->internal == NULL) {
b->ecc == NULL || b->ecc->internal == NULL ||
wc_ecc_size((ecc_key*)a->ecc->internal) <= 0 ||
wc_ecc_size((ecc_key*)b->ecc->internal) <= 0 ||
a->ecc->group == NULL || b->ecc->group == NULL) {
return ret;
}
a_sz = wc_ecc_size((ecc_key*)(a->ecc->internal));
b_sz = wc_ecc_size((ecc_key*)(b->ecc->internal));
/* check curve */
if (a->ecc->group->curve_idx != b->ecc->group->curve_idx) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
if (wc_ecc_cmp_point(&((ecc_key*)a->ecc->internal)->pubkey,
&((ecc_key*)b->ecc->internal)->pubkey) != 0) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
break;
#endif /* HAVE_ECC */
default:
return WS_RETURN_CODE(ret, -2);
} /* switch (a->type) */
/* check size */
if (a_sz <= 0 || b_sz <= 0 || a_sz != b_sz) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
/* check public key size */
if (a->pkey_sz > 0 && b->pkey_sz > 0 && a->pkey_sz != b->pkey_sz) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
/* check public key */
if (a->pkey.ptr && b->pkey.ptr) {
if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, (size_t)a->pkey_sz) != 0) {
return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
}
}
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ret = 1; /* the keys match */
#else
@ -4802,7 +4837,9 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
ctx->pctx->pkey->ecc);
if (ecdsaSig == NULL)
break;
len = wolfSSL_i2d_ECDSA_SIG(ecdsaSig, &sig);
len = wolfSSL_i2d_ECDSA_SIG(ecdsaSig, NULL);
if (len > 0 && (size_t)len <= *siglen)
len = wolfSSL_i2d_ECDSA_SIG(ecdsaSig, &sig);
wolfSSL_ECDSA_SIG_free(ecdsaSig);
if (len == 0)
break;
@ -12468,7 +12505,7 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out,
case WC_EVP_PKEY_RSA:
#if !defined(NO_RSA)
keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8;
keybits = wolfSSL_EVP_PKEY_bits((WOLFSSL_EVP_PKEY*)pkey);
res = PrintPubKeyRSA(
out,
(byte*)(pkey->pkey.ptr), /* buffer for pkey raw data */
@ -12484,7 +12521,7 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out,
case WC_EVP_PKEY_EC:
#if defined(HAVE_ECC)
keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8;
keybits = wolfSSL_EVP_PKEY_bits((WOLFSSL_EVP_PKEY*)pkey);
res = PrintPubKeyEC(
out,
(byte*)(pkey->pkey.ptr), /* buffer for pkey raw data */
@ -12500,7 +12537,7 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out,
case WC_EVP_PKEY_DSA:
#if !defined(NO_DSA)
keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8;
keybits = wolfSSL_EVP_PKEY_bits((WOLFSSL_EVP_PKEY*)pkey);
res = PrintPubKeyDSA(
out,
(byte*)(pkey->pkey.ptr), /* buffer for pkey raw data */
@ -12516,7 +12553,7 @@ int wolfSSL_EVP_PKEY_print_public(WOLFSSL_BIO* out,
case WC_EVP_PKEY_DH:
#if defined(WOLFSSL_DH_EXTRA)
keybits = wolfSSL_EVP_PKEY_size((WOLFSSL_EVP_PKEY*)pkey) * 8;
keybits = wolfSSL_EVP_PKEY_bits((WOLFSSL_EVP_PKEY*)pkey);
res = PrintPubKeyDH(
out,
(byte*)(pkey->pkey.ptr), /* buffer for pkey raw data */