WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

PKCS#11: Label fixes and add support for checking private key 

Check private key matches the public key passed in.
Need to use a new API to pass in the token to use to perform PKCS #11
operations with.
pull/3523/head
Sean Parkinson 2020-11-02 17:13:10 +10:00
parent 43aeac4cf4
commit 5ca8e8f87c
16 changed files with 624 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
src/internal.c
View File

@ -1649,6 +1649,10 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
return BAD_MUTEX_E;
}
#ifndef NO_CERTS
ctx->privateKeyDevId = INVALID_DEVID;
#endif
#ifndef NO_DH
ctx->minDhKeySz = MIN_DHKEY_SZ;
ctx->maxDhKeySz = MAX_DHKEY_SZ;
@ -20048,6 +20052,76 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
#if !defined(NO_CERTS)
#ifdef WOLF_CRYPTO_CB
/* Create a private key for a device.
*
* pkey Key object.
* data Data to identify key.
* length Length of data.
* hsType Type of the key to create.
* heap Custom heap to use for mallocs/frees
* devId Id for device.
* return 0 on success.
* return NOT_COMPILED_IN if algorithm type not supported.
* return MEMORY_E on memory allocation failure.
* return other internal error
*/
int CreateDevPrivateKey(void** pkey, byte* data, word32 length, int hsType,
int label, int id, void* heap, int devId)
{
int ret = NOT_COMPILED_IN;
if (hsType == DYNAMIC_TYPE_RSA) {
#ifndef NO_RSA
RsaKey* rsaKey;
rsaKey = XMALLOC(sizeof(RsaKey), heap, DYNAMIC_TYPE_RSA);
if (rsaKey == NULL) {
return MEMORY_E;
}
if (label) {
ret = wc_InitRsaKey_Label(rsaKey, (char*)data, heap, devId);
}
else if (id) {
ret = wc_InitRsaKey_Id(rsaKey, data, length, heap, devId);
}
if (ret == 0) {
*pkey = (void*)rsaKey;
}
else {
XFREE(rsaKey, heap, DYNAMIC_TYPE_EC);
}
#endif
}
else if (hsType == DYNAMIC_TYPE_ECC) {
#ifdef HAVE_ECC
ecc_key* ecKey;
ecKey = XMALLOC(sizeof(ecc_key), heap, DYNAMIC_TYPE_ECC);
if (ecKey == NULL) {
return MEMORY_E;
}
if (label) {
ret = wc_ecc_init_label(ecKey, (char*)data, heap, devId);
}
else if (id) {
ret = wc_ecc_init_id(ecKey, data, length, heap, devId);
}
if (ret == 0) {
*pkey = (void*)ecKey;
}
else {
XFREE(ecKey, heap, DYNAMIC_TYPE_EC);
}
#endif
}
return ret;
}
#endif
/* Decode the private key - RSA/ECC/Ed25519/Ed448 - and creates a key object.
* The signature type is set as well.
* The maximum length of a signature is returned.

112
src/ssl.c
View File

@ -7353,7 +7353,41 @@ int wolfSSL_CTX_check_private_key(const WOLFSSL_CTX* ctx)
size = ctx->privateKey->length;
buff = ctx->privateKey->buffer;
ret = wc_CheckPrivateKey(buff, size, der);
#ifdef WOLF_CRYPTO_CB
if (ctx->privateKeyDevId != INVALID_DEVID) {
int type = 0;
void *pkey = NULL;
if (der->keyOID == RSAk) {
type = DYNAMIC_TYPE_RSA;
}
else if (der->keyOID == ECDSAk) {
type = DYNAMIC_TYPE_ECC;
}
ret = CreateDevPrivateKey(&pkey, buff, size, type, ctx->privateKeyLabel,
ctx->privateKeyId, ctx->heap,
ctx->privateKeyDevId);
if (ret == 0 && der->keyOID == RSAk) {
ret = wc_CryptoCb_RsaCheckPrivKey(pkey, der->publicKey,
der->pubKeySize);
if (ret == 0)
ret = 1;
wc_FreeRsaKey(pkey);
}
else if (ret == 0 && der->keyOID == ECDSAk) {
ret = wc_CryptoCb_EccCheckPrivKey(pkey, der->publicKey,
der->pubKeySize);
if (ret == 0)
ret = 1;
wc_ecc_free(pkey);
}
if (pkey != NULL) {
XFREE(pkey, ctx->heap, type);
}
}
else
#endif
ret = wc_CheckPrivateKey(buff, size, der);
FreeDecodedCert(der);
#ifdef WOLFSSL_SMALL_STACK
XFREE(der, NULL, DYNAMIC_TYPE_DCERT);
@ -7920,7 +7954,42 @@ int wolfSSL_check_private_key(const WOLFSSL* ssl)
size = ssl->buffers.key->length;
buff = ssl->buffers.key->buffer;
ret = wc_CheckPrivateKey(buff, size, &der);
#ifdef WOLF_CRYPTO_CB
if (ssl->buffers.keyDevId != INVALID_DEVID) {
int type = 0;
void *pkey = NULL;
if (der.keyOID == RSAk) {
type = DYNAMIC_TYPE_RSA;
}
else if (der.keyOID == ECDSAk) {
type = DYNAMIC_TYPE_ECC;
}
ret = CreateDevPrivateKey(&pkey, buff, size, type,
ssl->buffers.keyLabel,
ssl->buffers.keyId, ssl->heap,
ssl->buffers.keyDevId);
if (ret == 0 && der.keyOID == RSAk) {
ret = wc_CryptoCb_RsaCheckPrivKey(pkey, der.publicKey,
der.pubKeySize);
if (ret == 0)
ret = 1;
wc_FreeRsaKey(pkey);
}
else if (ret == 0 && der.keyOID == ECDSAk) {
ret = wc_CryptoCb_EccCheckPrivKey(pkey, der.publicKey,
der.pubKeySize);
if (ret == 0)
ret = 1;
wc_ecc_free(pkey);
}
if (pkey != NULL) {
XFREE(pkey, ctx->heap, type);
}
}
else
#endif
ret = wc_CheckPrivateKey(buff, size, &der);
FreeDecodedCert(&der);
return ret;
}
@ -14119,6 +14188,17 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#ifdef HAVE_PKCS11
int wolfSSL_CTX_use_PrivateKey_id(WOLFSSL_CTX* ctx, const unsigned char* id,
long sz, int devId, long keySz)
{
int ret = wolfSSL_CTX_use_PrivateKey_Id(ctx, id, sz, devId);
if (ret == WOLFSSL_SUCCESS)
ctx->privateKeySz = (word32)keySz;
return ret;
}
int wolfSSL_CTX_use_PrivateKey_Id(WOLFSSL_CTX* ctx, const unsigned char* id,
long sz, int devId)
{
int ret = WOLFSSL_FAILURE;
@ -14127,7 +14207,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
ctx->heap) == 0) {
XMEMCPY(ctx->privateKey->buffer, id, sz);
ctx->privateKeyId = 1;
ctx->privateKeySz = (word32)keySz;
if (devId != INVALID_DEVID)
ctx->privateKeyDevId = devId;
else
@ -14139,18 +14218,17 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return ret;
}
int wolfSSL_CTX_use_PrivateKey_label(WOLFSSL_CTX* ctx, const char* label,
int devId, long keySz)
int wolfSSL_CTX_use_PrivateKey_Label(WOLFSSL_CTX* ctx, const char* label,
int devId)
{
int ret = WOLFSSL_FAILURE;
word32 sz = XSTRLEN(label) + 1;
word32 sz = (word32)XSTRLEN(label) + 1;
FreeDer(&ctx->privateKey);
if (AllocDer(&ctx->privateKey, (word32)sz, PRIVATEKEY_TYPE,
ctx->heap) == 0) {
XMEMCPY(ctx->privateKey->buffer, label, sz);
ctx->privateKeyLabel = 1;
ctx->privateKeySz = (word32)keySz;
if (devId != INVALID_DEVID)
ctx->privateKeyDevId = devId;
else
@ -14305,9 +14383,20 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
ssl, NULL, 0, GET_VERIFY_SETTING_SSL(ssl));
}
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
int wolfSSL_use_PrivateKey_id(WOLFSSL* ssl, const unsigned char* id,
long sz, int devId, long keySz)
{
int ret = wolfSSL_use_PrivateKey_Id(ssl, id, sz, devId);
if (ret == WOLFSSL_SUCCESS)
ssl->buffers.keySz = (word32)keySz;
return ret;
}
int wolfSSL_use_PrivateKey_Id(WOLFSSL* ssl, const unsigned char* id,
long sz, int devId)
{
int ret = WOLFSSL_FAILURE;
@ -14318,7 +14407,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
XMEMCPY(ssl->buffers.key->buffer, id, sz);
ssl->buffers.weOwnKey = 1;
ssl->buffers.keyId = 1;
ssl->buffers.keySz = (word32)keySz;
if (devId != INVALID_DEVID)
ssl->buffers.keyDevId = devId;
else
@ -14330,11 +14418,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
return ret;
}
int wolfSSL_use_PrivateKey_label(WOLFSSL* ssl, const char* label, int devId,
long keySz)
int wolfSSL_use_PrivateKey_Label(WOLFSSL* ssl, const char* label, int devId)
{
int ret = WOLFSSL_FAILURE;
word32 sz = XSTRLEN(label) + 1;
word32 sz = (word32)XSTRLEN(label) + 1;
if (ssl->buffers.weOwnKey)
FreeDer(&ssl->buffers.key);
@ -14343,7 +14430,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
XMEMCPY(ssl->buffers.key->buffer, label, sz);
ssl->buffers.weOwnKey = 1;
ssl->buffers.keyLabel = 1;
ssl->buffers.keySz = (word32)keySz;
if (devId != INVALID_DEVID)
ssl->buffers.keyDevId = devId;
else

4
wolfcrypt/src/aes.c
View File

@ -8096,7 +8096,7 @@ int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap, int devId)
return ret;
}
int wc_AesInit_Label(Aes* aes, char* label, void* heap, int devId)
int wc_AesInit_Label(Aes* aes, const char* label, void* heap, int devId)
{
int ret = 0;
int labelLen = 0;
@ -8104,7 +8104,7 @@ int wc_AesInit_Label(Aes* aes, char* label, void* heap, int devId)
if (aes == NULL || label == NULL)
ret = BAD_FUNC_ARG;
if (ret == 0) {
labelLen = XSTRLEN(label);
labelLen = (int)XSTRLEN(label);
if (labelLen == 0 || labelLen > AES_MAX_LABEL_LEN)
ret = BUFFER_E;
}

52
wolfcrypt/src/cryptocb.c
View File

@ -176,6 +176,32 @@ int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif
int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey,
word32 pubKeySz)
{
int ret = CRYPTOCB_UNAVAILABLE;
CryptoCb* dev;
if (key == NULL)
return ret;
/* locate registered callback */
dev = wc_CryptoCb_FindDevice(key->devId);
if (dev && dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_PK;
cryptoInfo.pk.type = WC_PK_TYPE_RSA_CHECK_PRIV_KEY;
cryptoInfo.pk.rsa_check.key = key;
cryptoInfo.pk.rsa_check.pubKey = pubKey;
cryptoInfo.pk.rsa_check.pubKeySz = pubKeySz;
ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);
}
return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif /* !NO_RSA */
#ifdef HAVE_ECC
@ -289,6 +315,32 @@ int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
return wc_CryptoCb_TranslateErrorCode(ret);
}
int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey,
word32 pubKeySz)
{
int ret = CRYPTOCB_UNAVAILABLE;
CryptoCb* dev;
if (key == NULL)
return ret;
/* locate registered callback */
dev = wc_CryptoCb_FindDevice(key->devId);
if (dev && dev->cb) {
wc_CryptoInfo cryptoInfo;
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
cryptoInfo.algo_type = WC_ALGO_TYPE_PK;
cryptoInfo.pk.type = WC_PK_TYPE_EC_CHECK_PRIV_KEY;
cryptoInfo.pk.ecc_check.key = key;
cryptoInfo.pk.ecc_check.pubKey = pubKey;
cryptoInfo.pk.ecc_check.pubKeySz = pubKeySz;
ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);
}
return wc_CryptoCb_TranslateErrorCode(ret);
}
#endif /* HAVE_ECC */
#ifndef NO_AES

6
wolfcrypt/src/ecc.c
View File

@ -4750,7 +4750,7 @@ int wc_ecc_init(ecc_key* key)
return wc_ecc_init_ex(key, NULL, INVALID_DEVID);
}
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
int devId)
{
@ -4771,7 +4771,7 @@ int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
return ret;
}
int wc_ecc_init_label(ecc_key* key, char* label, void* heap, int devId)
int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId)
{
int ret = 0;
int labelLen = 0;
@ -4779,7 +4779,7 @@ int wc_ecc_init_label(ecc_key* key, char* label, void* heap, int devId)
if (key == NULL || label == NULL)
ret = BAD_FUNC_ARG;
if (ret == 0) {
labelLen = XSTRLEN(label);
labelLen = (int)XSTRLEN(label);
if (labelLen == 0 || labelLen > ECC_MAX_LABEL_LEN)
ret = BUFFER_E;
}

4
wolfcrypt/src/hmac.c
View File

@ -1023,7 +1023,7 @@ int wc_HmacInit_Id(Hmac* hmac, unsigned char* id, int len, void* heap,
return ret;
}
int wc_HmacInit_Label(Hmac* hmac, char* label, void* heap, int devId)
int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap, int devId)
{
int ret = 0;
int labelLen = 0;
@ -1031,7 +1031,7 @@ int wc_HmacInit_Label(Hmac* hmac, char* label, void* heap, int devId)
if (hmac == NULL || label == NULL)
ret = BAD_FUNC_ARG;
if (ret == 0) {
labelLen = XSTRLEN(label);
labelLen = (int)XSTRLEN(label);
if (labelLen == 0 || labelLen > HMAC_MAX_LABEL_LEN)
ret = BUFFER_E;
}

6
wolfcrypt/src/rsa.c
View File

@ -341,7 +341,7 @@ int wc_InitRsaKey(RsaKey* key, void* heap)
return wc_InitRsaKey_ex(key, heap, INVALID_DEVID);
}
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap,
int devId)
{
@ -362,7 +362,7 @@ int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len, void* heap,
return ret;
}
int wc_InitRsaKey_Label(RsaKey* key, char* label, void* heap, int devId)
int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap, int devId)
{
int ret = 0;
int labelLen = 0;
@ -370,7 +370,7 @@ int wc_InitRsaKey_Label(RsaKey* key, char* label, void* heap, int devId)
if (key == NULL || label == NULL)
ret = BAD_FUNC_ARG;
if (ret == 0) {
labelLen = XSTRLEN(label);
labelLen = (int)XSTRLEN(label);
if (labelLen == 0 || labelLen > RSA_MAX_LABEL_LEN)
ret = BUFFER_E;
}

431
wolfcrypt/src/wc_pkcs11.c
View File

@ -865,6 +865,95 @@ static int Pkcs11EccSetParams(ecc_key* key, CK_ATTRIBUTE* tmpl, int idx)
return ret;
}
/**
* Create a PKCS#11 object containing the ECC public key data.
* Encode the public key as an OCTET_STRING of the encoded point.
*
* @param [out] publicKey Henadle to public key object.
* @param [in] session Session object.
* @param [in] public_key ECC public key.
* @param [in] operation Cryptographic operation key is to be used for.
* @return WC_HW_E when a PKCS#11 library call fails.
* @return MEMORY_E when a memory allocation fails.
* @return 0 on success.
*/
static int Pkcs11CreateEccPublicKey(CK_OBJECT_HANDLE* publicKey,
Pkcs11Session* session,
ecc_key* public_key,
CK_ATTRIBUTE_TYPE operation)
{
int ret = 0;
int i;
unsigned char* ecPoint = NULL;
word32 len;
CK_RV rv;
CK_UTF8CHAR params[MAX_EC_PARAM_LEN];
CK_ATTRIBUTE keyTemplate[] = {
{ CKA_CLASS, &pubKeyClass, sizeof(pubKeyClass) },
{ CKA_KEY_TYPE, &ecKeyType, sizeof(ecKeyType) },
{ operation, &ckTrue, sizeof(ckTrue) },
{ CKA_EC_PARAMS, params, 0 },
{ CKA_EC_POINT, NULL, 0 },
{ 0, NULL, 0 },
{ 0, NULL, 0 }
};
CK_ULONG keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate) - 2;
if (public_key->labelLen > 0) {
keyTemplate[keyTmplCnt].type = CKA_LABEL;
keyTemplate[keyTmplCnt].pValue = public_key->label;
keyTemplate[keyTmplCnt].ulValueLen = public_key->labelLen;
keyTmplCnt++;
}
if (public_key->idLen > 0) {
keyTemplate[keyTmplCnt].type = CKA_ID;
keyTemplate[keyTmplCnt].pValue = public_key->id;
keyTemplate[keyTmplCnt].ulValueLen = public_key->idLen;
keyTmplCnt++;
}
ret = Pkcs11EccSetParams(public_key, keyTemplate, 3);
if (ret == 0) {
/* ASN1 encoded: OCT + uncompressed point */
len = 3 + 1 + 2 * public_key->dp->size;
ecPoint = (unsigned char*)XMALLOC(len, public_key->heap,
DYNAMIC_TYPE_ECC);
if (ecPoint == NULL)
ret = MEMORY_E;
}
if (ret == 0) {
len -= 3;
i = 0;
ecPoint[i++] = ASN_OCTET_STRING;
if (len >= ASN_LONG_LENGTH)
ecPoint[i++] = ASN_LONG_LENGTH | 1;
ecPoint[i++] = len;
ret = wc_ecc_export_x963(public_key, ecPoint + i, &len);
}
if (ret == 0) {
keyTemplate[4].pValue = ecPoint;
keyTemplate[4].ulValueLen = len + i;
#ifdef WOLFSSL_DEBUG_PKCS11
WOLFSSL_MSG("Ec Public Key");
pkcs11_dump_template(keyTemplate, keyTmplCnt);
#endif
rv = session->func->C_CreateObject(session->handle, keyTemplate,
keyTmplCnt, publicKey);
#ifdef WOLFSSL_DEBUG_PKCS11
pkcs11_rv("C_CreateObject", rv);
#endif
if (rv != CKR_OK) {
ret = WC_HW_E;
}
}
if (ecPoint != NULL)
XFREE(ecPoint, public_key->heap, DYNAMIC_TYPE_ECC);
return ret;
}
/**
* Create a PKCS#11 object containing the ECC private key data.
*
@ -888,9 +977,24 @@ static int Pkcs11CreateEccPrivateKey(CK_OBJECT_HANDLE* privateKey,
{ CKA_KEY_TYPE, &ecKeyType, sizeof(ecKeyType) },
{ operation, &ckTrue, sizeof(ckTrue) },
{ CKA_EC_PARAMS, params, 0 },
{ CKA_VALUE, NULL, 0 }
{ CKA_VALUE, NULL, 0 },
{ 0, NULL, 0 },
{ 0, NULL, 0 }
};
CK_ULONG keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate);
CK_ULONG keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate) - 2;
if (private_key->labelLen > 0) {
keyTemplate[keyTmplCnt].type = CKA_LABEL;
keyTemplate[keyTmplCnt].pValue = private_key->label;
keyTemplate[keyTmplCnt].ulValueLen = private_key->labelLen;
keyTmplCnt++;
}
if (private_key->idLen > 0) {
keyTemplate[keyTmplCnt].type = CKA_ID;
keyTemplate[keyTmplCnt].pValue = private_key->id;
keyTemplate[keyTmplCnt].ulValueLen = private_key->idLen;
keyTmplCnt++;
}
ret = Pkcs11EccSetParams(private_key, keyTemplate, 3);
if (ret == 0) {
@ -1116,11 +1220,13 @@ int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
int ret2 = NOT_COMPILED_IN;
#ifndef NO_PKCS11_ECDH
/* Try ECDH mechanism first. */
ret = Pkcs11MechAvail(&session, CKM_ECDH1_DERIVE);
if (ret == 0) {
ret = Pkcs11CreateEccPrivateKey(&privKey, &session, eccKey,
CKA_DERIVE);
if ((eccKey->flags & WC_ECC_FLAG_DEC_SIGN) == 0) {
/* Try ECDH mechanism first. */
ret = Pkcs11MechAvail(&session, CKM_ECDH1_DERIVE);
if (ret == 0) {
ret = Pkcs11CreateEccPrivateKey(&privKey, &session,
eccKey, CKA_DERIVE);
}
}
#endif
if (ret == 0 || ret == NOT_COMPILED_IN) {
@ -1129,6 +1235,12 @@ int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear, void* key)
if (ret2 == 0) {
ret2 = Pkcs11CreateEccPrivateKey(&privKey, &session,
eccKey, CKA_SIGN);
if (ret2 == 0) {
CK_OBJECT_HANDLE pubKey = NULL_PTR;
/* Store public key for validation with cert. */
ret2 = Pkcs11CreateEccPublicKey(&pubKey, &session,
eccKey, CKA_VERIFY);
}
}
/* OK for this to fail if set for ECDH. */
if (ret == NOT_COMPILED_IN)
@ -1733,8 +1845,8 @@ static int Pkcs11RsaKeyGen(Pkcs11Session* session, wc_CryptoInfo* info)
#ifdef HAVE_ECC
/**
* Find the PKCS#11 object containing the ECC public or private key data with
* the modulus specified.
* Find the PKCS#11 object containing the ECC public or private key data.
* Search for public key by public point.
*
* @param [out] key Henadle to key object.
* @param [in] keyClass Public or private key class.
@ -1745,7 +1857,8 @@ static int Pkcs11RsaKeyGen(Pkcs11Session* session, wc_CryptoInfo* info)
* @return 0 on success.
*/
static int Pkcs11FindEccKey(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
Pkcs11Session* session, ecc_key* eccKey)
Pkcs11Session* session, ecc_key* eccKey,
int op)
{
int ret = 0;
int i;
@ -1758,9 +1871,10 @@ static int Pkcs11FindEccKey(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
{ CKA_CLASS, &keyClass, sizeof(keyClass) },
{ CKA_KEY_TYPE, &ecKeyType, sizeof(ecKeyType) },
{ CKA_EC_PARAMS, params, 0 },
{ op, &ckTrue, sizeof(ckTrue) },
{ CKA_EC_POINT, NULL, 0 },
};
CK_ULONG attrCnt = 3;
CK_ULONG attrCnt = 4;
ret = Pkcs11EccSetParams(eccKey, keyTemplate, 2);
if (ret == 0 && keyClass == CKO_PUBLIC_KEY) {
@ -1822,81 +1936,6 @@ static int Pkcs11FindEccKey(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
return ret;
}
/**
* Create a PKCS#11 object containing the ECC public key data.
* Encode the public key as an OCTET_STRING of the encoded point.
*
* @param [out] publicKey Henadle to public key object.
* @param [in] session Session object.
* @param [in] public_key ECC public key.
* @param [in] operation Cryptographic operation key is to be used for.
* @return WC_HW_E when a PKCS#11 library call fails.
* @return MEMORY_E when a memory allocation fails.
* @return 0 on success.
*/
static int Pkcs11CreateEccPublicKey(CK_OBJECT_HANDLE* publicKey,
Pkcs11Session* session,
ecc_key* public_key,
CK_ATTRIBUTE_TYPE operation)
{
int ret = 0;
int i;
unsigned char* ecPoint = NULL;
word32 len;
CK_RV rv;
CK_UTF8CHAR params[MAX_EC_PARAM_LEN];
CK_ATTRIBUTE keyTemplate[] = {
{ CKA_CLASS, &pubKeyClass, sizeof(pubKeyClass) },
{ CKA_KEY_TYPE, &ecKeyType, sizeof(ecKeyType) },
{ operation, &ckTrue, sizeof(ckTrue) },
{ CKA_EC_PARAMS, params, 0 },
{ CKA_EC_POINT, NULL, 0 }
};
CK_ULONG keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate);
ret = Pkcs11EccSetParams(public_key, keyTemplate, 3);
if (ret == 0) {
/* ASN1 encoded: OCT + uncompressed point */
len = 3 + 1 + 2 * public_key->dp->size;
ecPoint = (unsigned char*)XMALLOC(len, public_key->heap,
DYNAMIC_TYPE_ECC);
if (ecPoint == NULL)
ret = MEMORY_E;
}
if (ret == 0) {
len -= 3;
i = 0;
ecPoint[i++] = ASN_OCTET_STRING;
if (len >= ASN_LONG_LENGTH)
ecPoint[i++] = ASN_LONG_LENGTH | 1;
ecPoint[i++] = len;
ret = wc_ecc_export_x963(public_key, ecPoint + i, &len);
}
if (ret == 0) {
keyTemplate[4].pValue = ecPoint;
keyTemplate[4].ulValueLen = len + i;
#ifdef WOLFSSL_DEBUG_PKCS11
WOLFSSL_MSG("Ec Public Key");
pkcs11_dump_template(keyTemplate, keyTmplCnt);
#endif
rv = session->func->C_CreateObject(session->handle, keyTemplate,
keyTmplCnt, publicKey);
#ifdef WOLFSSL_DEBUG_PKCS11
pkcs11_rv("C_CreateObject", rv);
#endif
if (rv != CKR_OK) {
ret = WC_HW_E;
}
}
if (ecPoint != NULL)
XFREE(ecPoint, public_key->heap, DYNAMIC_TYPE_ECC);
return ret;
}
#ifndef NO_PKCS11_EC_KEYGEN
/**
* Gets the public key data from the PKCS#11 object and puts into the ECC key.
*
@ -1987,6 +2026,7 @@ static int Pkcs11GetEccPublicKey(ecc_key* key, Pkcs11Session* session,
return ret;
}
#ifndef NO_PKCS11_EC_KEYGEN
/**
* Perform an ECC key generation operation.
* The private key data stays on the device.
@ -2189,7 +2229,6 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
if (ret == 0) {
WOLFSSL_MSG("PKCS#11: EC Key Derivation Operation");
if ((sessionKey = !mp_iszero(&info->pk.ecdh.private_key->k)))
ret = Pkcs11CreateEccPrivateKey(&privateKey, session,
info->pk.ecdh.private_key, CKA_DERIVE);
@ -2206,7 +2245,7 @@ static int Pkcs11ECDH(Pkcs11Session* session, wc_CryptoInfo* info)
}
else {
ret = Pkcs11FindEccKey(&privateKey, CKO_PRIVATE_KEY, session,
info->pk.ecdh.public_key);
info->pk.ecdh.public_key, CKA_DERIVE);
}
}
if (ret == 0) {
@ -2515,7 +2554,7 @@ static int Pkcs11ECDSA_Sign(Pkcs11Session* session, wc_CryptoInfo* info)
}
else {
ret = Pkcs11FindEccKey(&privateKey, CKO_PRIVATE_KEY, session,
info->pk.eccsign.key);
info->pk.eccsign.key, CKA_SIGN);
}
}
@ -2656,6 +2695,214 @@ static int Pkcs11ECDSA_Verify(Pkcs11Session* session, wc_CryptoInfo* info)
}
#endif
#ifndef NO_RSA
/**
* Check the private RSA key matches the public key.
*
* @param [in] priv RSA private key.
* @param [in] publicKey Encoded RSA public key.
* @param [in] pubKeySize Length of encoded RSA public key.
* @return MEMORY_E when a memory allocation fails.
* @return MP_CMP_E when the public parts are different.
* @return 0 on success.
*/
static int wc_Pkcs11CheckPrivKey_Rsa(RsaKey* priv,
const unsigned char* publicKey, word32 pubKeySize)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
RsaKey* pub = NULL;
#else
RsaKey pub[1];
#endif
word32 keyIdx = 0;
#ifdef WOLFSSL_SMALL_STACK
pub = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
if (pub == NULL) {
ret = MEMORY_E;
}
#endif
if ((ret == 0) && (ret = wc_InitRsaKey(pub, NULL)) == 0) {
if (ret == 0) {
ret = wc_RsaPublicKeyDecode(publicKey, &keyIdx, pub, pubKeySize);
}
if (ret == 0) {
/* both keys extracted successfully now check n and e
* values are the same. This is dereferencing RsaKey */
if (mp_cmp(&(priv->n), &(pub->n)) != MP_EQ ||
mp_cmp(&(priv->e), &(pub->e)) != MP_EQ) {
ret = MP_CMP_E;
}
else
ret = 0;
}
wc_FreeRsaKey(pub);
}
#ifdef WOLFSSL_SMALL_STACK
if (pub != NULL) {
XFREE(pub, NULL, DYNAMIC_TYPE_RSA);
}
#endif
return ret;
}
/**
* Checks the RSA private key matches the RSA public key.
*
* @param [in] session Session object.
* @param [in] info Cryptographic operation data.
* @return WC_HW_E when a PKCS#11 library call fails.
* @return MEMORY_E when a memory allocation fails.
* @return MEMORY_E when a memory allocation fails.
* @return MP_CMP_E when the public parts are different.
* @return 0 on success.
*/
static int Pkcs11RsaCheckPrivKey(Pkcs11Session* session, wc_CryptoInfo* info)
{
int ret = 0;
CK_OBJECT_HANDLE privateKey;
RsaKey* priv = info->pk.rsa_check.key;
if (mp_iszero(&priv->n) || mp_iszero(&priv->e)) {
/* Get the RSA private key object. */
if (priv->labelLen > 0) {
ret = Pkcs11FindKeyByLabel(&privateKey, CKO_PRIVATE_KEY,
CKK_RSA, session, priv->label,
priv->labelLen);
}
else if (info->pk.rsa.key->idLen > 0) {
ret = Pkcs11FindKeyById(&privateKey, CKO_PRIVATE_KEY, CKK_RSA,
session, priv->id, priv->idLen);
}
else {
ret = Pkcs11FindRsaKey(&privateKey, CKO_PRIVATE_KEY, session, priv);
}
if (ret == 0) {
/* Extract the public key components. */
ret = Pkcs11GetRsaPublicKey(priv, session, privateKey);
}
}
if (ret == 0) {
/* Compare the extracted public parts with the public key. */
ret = wc_Pkcs11CheckPrivKey_Rsa(priv, info->pk.rsa_check.pubKey,
info->pk.rsa_check.pubKeySz);
}
return ret;
}
#endif
#ifdef HAVE_ECC
/**
* Check the private ECC key matches the public key.
* Do this by looking up the public key data from the associated public key.
* The public key object handle is passed in for the private key.
*
* @param [in] privateKey Handle to private key object.
* @param [in] publicKey Encoded EC public key.
* @param [in] pubKeySize Length of encoded EC public key.
* @return MEMORY_E when a memory allocation fails.
* @return MP_CMP_E when the public parts are different.
* @return 0 on success.
*/
static int wc_Pkcs11CheckPrivKey_Ecc(ecc_key* priv,
const unsigned char* publicKey, word32 pubKeySize)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
ecc_key* pub = NULL;
#else
ecc_key pub[1];
#endif
word32 keyIdx = 0;
#ifdef WOLFSSL_SMALL_STACK
pub = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
if (pub == NULL) {
ret = MEMORY_E;
}
#endif
if ((ret == 0) && (ret = wc_ecc_init(pub)) == 0) {
ret = wc_EccPublicKeyDecode(publicKey, &keyIdx, pub, pubKeySize);
if (ret == 0) {
/* both keys extracted successfully now check curve and
* pubkey. */
if ((pub->idx != priv->idx) || (wc_ecc_cmp_point(&priv->pubkey,
&pub->pubkey) != MP_EQ)) {
ret = MP_CMP_E;
}
else {
ret = 0;
}
}
wc_ecc_free(pub);
}
#ifdef WOLFSSL_SMALL_STACK
if (pub != NULL) {
XFREE(pub, NULL, DYNAMIC_TYPE_ECC);
}
#endif
return ret;
}
/**
* Checks the ECC private key matches the ECC public key.
*
* @param [in] session Session object.
* @param [in] info Cryptographic operation data.
* @return WC_HW_E when a PKCS#11 library call fails.
* @return MEMORY_E when a memory allocation fails.
* @return MEMORY_E when a memory allocation fails.
* @return MP_CMP_E when the public parts are different.
* @return 0 on success.
*/
static int Pkcs11EccCheckPrivKey(Pkcs11Session* session, wc_CryptoInfo* info)
{
int ret;
ecc_key* priv = info->pk.ecc_check.key;
CK_OBJECT_HANDLE privateKey;
if (mp_iszero(priv->pubkey.x) || mp_iszero(priv->pubkey.y)) {
/* Get the public key object as the private key object doesn't have
* the public point stored in it.
*/
if (priv->labelLen > 0) {
ret = Pkcs11FindKeyByLabel(&privateKey, CKO_PUBLIC_KEY, CKK_EC,
session, priv->label, priv->labelLen);
}
else if (priv->idLen > 0) {
ret = Pkcs11FindKeyById(&privateKey, CKO_PUBLIC_KEY, CKK_EC,
session, priv->id, priv->idLen);
}
else {
ret = Pkcs11FindEccKey(&privateKey, CKO_PUBLIC_KEY, session, priv,
CKA_SIGN);
}
if (ret == 0 && priv->dp == NULL) {
/* Extract the group id. */
ret = Pkcs11GetEccParams(session, privateKey, priv);
}
if (ret == 0) {
/* Extract the public point. */
ret = Pkcs11GetEccPublicKey(priv, session, privateKey);
}
}
if (ret == 0) {
/* Compare the extracted public parts with the public key. */
ret = wc_Pkcs11CheckPrivKey_Ecc(priv, info->pk.ecc_check.pubKey,
info->pk.ecc_check.pubKeySz);
}
return ret;
}
#endif
#if !defined(NO_AES) && defined(HAVE_AESGCM)
/**
* Performs the AES-GCM encryption operation.
@ -3276,6 +3523,9 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
ret = Pkcs11RsaKeyGen(&session, info);
break;
#endif
case WC_PK_TYPE_RSA_CHECK_PRIV_KEY:
ret = Pkcs11RsaCheckPrivKey(&session, info);
break;
#endif
#ifdef HAVE_ECC
#ifndef NO_PKCS11_EC_KEYGEN
@ -3294,6 +3544,9 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
case WC_PK_TYPE_ECDSA_VERIFY:
ret = Pkcs11ECDSA_Verify(&session, info);
break;
case WC_PK_TYPE_EC_CHECK_PRIV_KEY:
ret = Pkcs11EccCheckPrivKey(&session, info);
break;
#endif
default:
ret = NOT_COMPILED_IN;

5
wolfssl/internal.h
View File

@ -1692,6 +1692,11 @@ WOLFSSL_LOCAL int CompleteServerHello(WOLFSSL *ssl);
WOLFSSL_LOCAL int CheckVersion(WOLFSSL *ssl, ProtocolVersion pv);
WOLFSSL_LOCAL int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
word32 hashSigAlgoSz);
#ifdef WOLF_CRYPTO_CB
WOLFSSL_LOCAL int CreateDevPrivateKey(void** pkey, byte* buffer, word32 length,
int hsType, int label, int id,
void* heap, int devId);
#endif
WOLFSSL_LOCAL int DecodePrivateKey(WOLFSSL *ssl, word16* length);
#ifdef HAVE_PK_CALLBACKS
WOLFSSL_LOCAL int GetPrivateKeySigSize(WOLFSSL* ssl);

16
wolfssl/ssl.h
View File

@ -40,6 +40,10 @@
#include <wolfssl/wolfcrypt/wolfevent.h>
#endif
#ifdef WOLF_CRYPTO_CB
#include <wolfssl/wolfcrypt/cryptocb.h>
#endif
/* used internally by wolfSSL while OpenSSL types aren't */
#include <wolfssl/callbacks.h>
@ -2326,8 +2330,11 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len,
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_id(WOLFSSL_CTX*,
const unsigned char*, long,
int, long);
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_label(WOLFSSL_CTX*, const char*,
int, long);
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_Id(WOLFSSL_CTX*,
const unsigned char*, long,
int);
WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_Label(WOLFSSL_CTX*, const char*,
int);
WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer_format(WOLFSSL_CTX*,
const unsigned char*, long, int);
WOLFSSL_API int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX*,
@ -2342,8 +2349,9 @@ WOLFSSL_API int wolfSSL_make_eap_keys(WOLFSSL*, void* key, unsigned int len,
long, int);
WOLFSSL_API int wolfSSL_use_PrivateKey_id(WOLFSSL*, const unsigned char*,
long, int, long);
WOLFSSL_API int wolfSSL_use_PrivateKey_label(WOLFSSL*, const char*, int,
long);
WOLFSSL_API int wolfSSL_use_PrivateKey_Id(WOLFSSL*, const unsigned char*,
long, int);
WOLFSSL_API int wolfSSL_use_PrivateKey_Label(WOLFSSL*, const char*, int);
WOLFSSL_API int wolfSSL_use_certificate_chain_buffer_format(WOLFSSL*,
const unsigned char*, long, int);
WOLFSSL_API int wolfSSL_use_certificate_chain_buffer(WOLFSSL*,

3
wolfssl/wolfcrypt/aes.h
View File

@ -440,7 +440,8 @@ WOLFSSL_API int wc_AesInit(Aes* aes, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API int wc_AesInit_Id(Aes* aes, unsigned char* id, int len, void* heap,
int devId);
WOLFSSL_API int wc_AesInit_Label(Aes* aes, char* label, void* heap, int devId);
WOLFSSL_API int wc_AesInit_Label(Aes* aes, const char* label, void* heap,
int devId);
#endif
WOLFSSL_API void wc_AesFree(Aes* aes);

16
wolfssl/wolfcrypt/cryptocb.h
View File

@ -85,6 +85,11 @@ typedef struct wc_CryptoInfo {
WC_RNG* rng;
} rsakg;
#endif
struct {
RsaKey* key;
const byte* pubKey;
word32 pubKeySz;
} rsa_check;
#endif
#ifdef HAVE_ECC
struct {
@ -115,6 +120,11 @@ typedef struct wc_CryptoInfo {
int* res;
ecc_key* key;
} eccverify;
struct {
ecc_key* key;
const byte* pubKey;
word32 pubKeySz;
} ecc_check;
#endif
};
} pk;
@ -229,6 +239,9 @@ WOLFSSL_LOCAL int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
WOLFSSL_LOCAL int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e,
WC_RNG* rng);
#endif /* WOLFSSL_KEY_GEN */
WOLFSSL_LOCAL int wc_CryptoCb_RsaCheckPrivKey(RsaKey* key, const byte* pubKey,
word32 pubKeySz);
#endif /* !NO_RSA */
#ifdef HAVE_ECC
@ -243,6 +256,9 @@ WOLFSSL_LOCAL int wc_CryptoCb_EccSign(const byte* in, word32 inlen, byte* out,
WOLFSSL_LOCAL int wc_CryptoCb_EccVerify(const byte* sig, word32 siglen,
const byte* hash, word32 hashlen, int* res, ecc_key* key);
WOLFSSL_LOCAL int wc_CryptoCb_EccCheckPrivKey(ecc_key* key, const byte* pubKey,
word32 pubKeySz);
#endif /* HAVE_ECC */
#ifndef NO_AES

8
wolfssl/wolfcrypt/ecc.h
View File

@ -152,7 +152,7 @@ enum {
/* Shamir's dual add constants */
SHAMIR_PRECOMP_SZ = 16,
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
ECC_MAX_ID_LEN = 32,
ECC_MAX_LABEL_LEN = 32,
#endif
@ -408,7 +408,7 @@ struct ecc_key {
CertSignCtx certSignCtx; /* context info for cert sign (MakeSignature) */
#endif
#endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
byte id[ECC_MAX_ID_LEN];
int idLen;
char label[ECC_MAX_LABEL_LEN];
@ -547,12 +547,12 @@ WOLFSSL_API
int wc_ecc_init(ecc_key* key);
WOLFSSL_ABI WOLFSSL_API
int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
WOLFSSL_API
int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
int devId);
WOLFSSL_API
int wc_ecc_init_label(ecc_key* key, char* label, void* heap, int devId);
int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId);
#endif
#ifdef WOLFSSL_CUSTOM_CURVES
WOLFSSL_LOCAL

2
wolfssl/wolfcrypt/hmac.h
View File

@ -180,7 +180,7 @@ WOLFSSL_API int wc_HmacInit(Hmac* hmac, void* heap, int devId);
#ifdef HAVE_PKCS11
WOLFSSL_API int wc_HmacInit_Id(Hmac* hmac, byte* id, int len, void* heap,
int devId);
WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, char* label, void* heap,
WOLFSSL_API int wc_HmacInit_Label(Hmac* hmac, const char* label, void* heap,
int devId);
#endif
WOLFSSL_API void wc_HmacFree(Hmac*);

8
wolfssl/wolfcrypt/rsa.h
View File

@ -141,7 +141,7 @@ enum {
RSA_PSS_SALT_LEN_DISCOVER = -2,
#endif
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
RSA_MAX_ID_LEN = 32,
RSA_MAX_LABEL_LEN = 32,
#endif
@ -185,7 +185,7 @@ struct RsaKey {
byte* mod;
XSecure_Rsa xRsa;
#endif
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
byte id[RSA_MAX_ID_LEN];
int idLen;
char label[RSA_MAX_LABEL_LEN];
@ -216,10 +216,10 @@ struct RsaKey {
WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
#ifdef HAVE_PKCS11
#ifdef WOLF_CRYPTO_CB
WOLFSSL_API int wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
void* heap, int devId);
WOLFSSL_API int wc_InitRsaKey_Label(RsaKey* key, char* label, void* heap,
WOLFSSL_API int wc_InitRsaKey_Label(RsaKey* key, const char* label, void* heap,
int devId);
#endif
WOLFSSL_API int wc_CheckRsaKey(RsaKey* key);

4
wolfssl/wolfcrypt/types.h
View File

@ -861,8 +861,10 @@ decouple library dependencies with standard string, memory and so on.
WC_PK_TYPE_CURVE25519 = 7,
WC_PK_TYPE_RSA_KEYGEN = 8,
WC_PK_TYPE_EC_KEYGEN = 9,
WC_PK_TYPE_RSA_CHECK_PRIV_KEY = 10,
WC_PK_TYPE_EC_CHECK_PRIV_KEY = 11,
WC_PK_TYPE_MAX = WC_PK_TYPE_EC_KEYGEN
WC_PK_TYPE_MAX = WC_PK_TYPE_EC_CHECK_PRIV_KEY
};