From c2be5dbe2b2b23e4b0b1d2bd0b858e149a21cb70 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Sat, 6 Feb 2021 01:54:25 +0700 Subject: [PATCH 1/4] check prime is prime with ecc compressed keys --- wolfcrypt/src/ecc.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 66bb3eef9..4ee4dd12f 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -6931,6 +6931,14 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); + /* validate prime is prime */ + if (err == MP_OKAY) { + int isPrime = MP_NO; + err = mp_prime_is_prime(curve->prime, 8, &isPrime); + if (err == MP_OKAY && isPrime == MP_NO) + err = MP_VAL; + } + /* compute x^3 */ if (err == MP_OKAY) err = mp_sqr(point->x, &t1); @@ -7828,6 +7836,14 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); + /* validate prime is prime */ + if (err == MP_OKAY) { + int isPrime = MP_NO; + err = mp_prime_is_prime(curve->prime, 8, &isPrime); + if (err == MP_OKAY && isPrime == MP_NO) + err = MP_VAL; + } + /* compute x^3 */ if (err == MP_OKAY) err = mp_sqr(key->pubkey.x, &t1); From 644636e0f880dd1c6e90fe27281ac124865a07de Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Sat, 6 Feb 2021 05:46:19 +0700 Subject: [PATCH 2/4] only check prime value with custom curves --- wolfcrypt/src/ecc.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 4ee4dd12f..ed1b87e7b 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -6931,8 +6931,8 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); - /* validate prime is prime */ - if (err == MP_OKAY) { + /* validate prime is prime for custom curves */ + if (err == MP_OKAY && curve->id == ECC_CURVE_CUSTOM) { int isPrime = MP_NO; err = mp_prime_is_prime(curve->prime, 8, &isPrime); if (err == MP_OKAY && isPrime == MP_NO) @@ -7836,8 +7836,8 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); - /* validate prime is prime */ - if (err == MP_OKAY) { + /* validate prime is prime for custom curves */ + if (err == MP_OKAY && curve->id == ECC_CURVE_CUSTOM) { int isPrime = MP_NO; err = mp_prime_is_prime(curve->prime, 8, &isPrime); if (err == MP_OKAY && isPrime == MP_NO) From cced2038b8eefa1a27532d7dadfc7d02af828514 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Mon, 8 Feb 2021 06:10:04 +0700 Subject: [PATCH 3/4] conditional compile and check on idx --- wolfcrypt/src/ecc.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index ed1b87e7b..13a0122b8 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -6931,13 +6931,15 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); + #ifdef WOLFSSL_CUSTOM_CURVES /* validate prime is prime for custom curves */ - if (err == MP_OKAY && curve->id == ECC_CURVE_CUSTOM) { + if (err == MP_OKAY && curve_idx == ECC_CUSTOM_IDX) { int isPrime = MP_NO; err = mp_prime_is_prime(curve->prime, 8, &isPrime); if (err == MP_OKAY && isPrime == MP_NO) err = MP_VAL; } + #endif /* compute x^3 */ if (err == MP_OKAY) @@ -7836,13 +7838,15 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); + #ifdef WOLFSSL_CUSTOM_CURVES /* validate prime is prime for custom curves */ - if (err == MP_OKAY && curve->id == ECC_CURVE_CUSTOM) { + if (err == MP_OKAY && key->idx == ECC_CUSTOM_IDX) { int isPrime = MP_NO; err = mp_prime_is_prime(curve->prime, 8, &isPrime); if (err == MP_OKAY && isPrime == MP_NO) err = MP_VAL; } + #endif /* compute x^3 */ if (err == MP_OKAY) From 812b44d58eede833d5553ec2d4854c7a83d3bde4 Mon Sep 17 00:00:00 2001 From: Jacob Barthelmeh Date: Mon, 8 Feb 2021 20:25:01 +0700 Subject: [PATCH 4/4] guard check on prime with macro WOLFSSL_VALIDATE_ECC_IMPORT --- wolfcrypt/src/ecc.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 13a0122b8..691d0ffc8 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -6931,7 +6931,8 @@ int wc_ecc_import_point_der_ex(byte* in, word32 inLen, const int curve_idx, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); - #ifdef WOLFSSL_CUSTOM_CURVES + #if defined(WOLFSSL_CUSTOM_CURVES) && \ + defined(WOLFSSL_VALIDATE_ECC_IMPORT) /* validate prime is prime for custom curves */ if (err == MP_OKAY && curve_idx == ECC_CUSTOM_IDX) { int isPrime = MP_NO; @@ -7838,7 +7839,8 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key, (ECC_CURVE_FIELD_PRIME | ECC_CURVE_FIELD_AF | ECC_CURVE_FIELD_BF)); - #ifdef WOLFSSL_CUSTOM_CURVES + #if defined(WOLFSSL_CUSTOM_CURVES) && \ + defined(WOLFSSL_VALIDATE_ECC_IMPORT) /* validate prime is prime for custom curves */ if (err == MP_OKAY && key->idx == ECC_CUSTOM_IDX) { int isPrime = MP_NO;