From 81651c351bc0d91c4f9d9d6b9d3d5ae0b46c1e6b Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 25 Oct 2018 09:15:34 -0700 Subject: [PATCH] Added optional logging for example PK callbacks in test.h enabled with `DEBUG_PK_CB`. --- wolfssl/test.h | 88 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 86 insertions(+), 2 deletions(-) diff --git a/wolfssl/test.h b/wolfssl/test.h index 2af69e224..4eb59aa06 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -2146,6 +2146,12 @@ typedef struct PkCbInfo { #endif } PkCbInfo; +#if defined(DEBUG_PK_CB) || defined(TEST_PK_PRIVKEY) + #define WOLFSSL_PKMSG(_f_, ...) printf(_f_, ##__VA_ARGS__) +#else + #define WOLFSSL_PKMSG(_f_, ...) +#endif + #ifdef HAVE_ECC static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz, @@ -2164,6 +2170,8 @@ static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK ECC KeyGen: keySz %d, Curve ID %d\n", keySz, ecc_curve); + ret = wc_InitRng(&rng); if (ret != 0) return ret; @@ -2187,6 +2195,8 @@ static WC_INLINE int myEccKeyGen(WOLFSSL* ssl, ecc_key* key, word32 keySz, #endif } + WOLFSSL_PKMSG("PK ECC KeyGen: ret %d\n", ret); + wc_FreeRng(&rng); return ret; @@ -2205,6 +2215,8 @@ static WC_INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK ECC Sign: inSz %d, keySz %d\n", inSz, keySz); + #ifdef TEST_PK_PRIVKEY ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); if (ret != 0) @@ -2218,8 +2230,10 @@ static WC_INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz, ret = wc_ecc_init(&myKey); if (ret == 0) { ret = wc_EccPrivateKeyDecode(keyBuf, &idx, &myKey, keySz); - if (ret == 0) + if (ret == 0) { + WOLFSSL_PKMSG("PK ECC Sign: Curve ID %d\n", myKey.dp->id); ret = wc_ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey); + } wc_ecc_free(&myKey); } wc_FreeRng(&rng); @@ -2228,6 +2242,8 @@ static WC_INLINE int myEccSign(WOLFSSL* ssl, const byte* in, word32 inSz, free(keyBuf); #endif + WOLFSSL_PKMSG("PK ECC Sign: ret %d outSz %d\n", ret, *outSz); + return ret; } @@ -2244,6 +2260,8 @@ static WC_INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK ECC Verify: sigSz %d, hashSz %d, keySz %d\n", sigSz, hashSz, keySz); + ret = wc_ecc_init(&myKey); if (ret == 0) { ret = wc_EccPublicKeyDecode(key, &idx, &myKey, keySz); @@ -2252,6 +2270,8 @@ static WC_INLINE int myEccVerify(WOLFSSL* ssl, const byte* sig, word32 sigSz, wc_ecc_free(&myKey); } + WOLFSSL_PKMSG("PK ECC Verify: ret %d, result %d\n", ret, *result); + return ret; } @@ -2269,6 +2289,9 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK ECC PMS: Side %s, Peer Curve %d\n", + side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id); + ret = wc_ecc_init(&tmpKey); if (ret != 0) { return ret; @@ -2330,6 +2353,8 @@ static WC_INLINE int myEccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey, wc_ecc_free(&tmpKey); + WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen); + return ret; } @@ -2346,6 +2371,8 @@ static WC_INLINE int myEd25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK 25519 Sign: inSz %d, keySz %d\n", inSz, keySz); + #ifdef TEST_PK_PRIVKEY ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); if (ret != 0) @@ -2364,6 +2391,8 @@ static WC_INLINE int myEd25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz, free(keyBuf); #endif + WOLFSSL_PKMSG("PK 25519 Sign: ret %d, outSz %d\n", ret, *outSz); + return ret; } @@ -2379,6 +2408,8 @@ static WC_INLINE int myEd25519Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK 25519 Verify: sigSz %d, msgSz %d, keySz %d\n", sigSz, msgSz, keySz); + ret = wc_ed25519_init(&myKey); if (ret == 0) { ret = wc_ed25519_import_public(key, keySz, &myKey); @@ -2388,6 +2419,8 @@ static WC_INLINE int myEd25519Verify(WOLFSSL* ssl, const byte* sig, word32 sigSz wc_ed25519_free(&myKey); } + WOLFSSL_PKMSG("PK 25519 Verify: ret %d, result %d\n", ret, *result); + return ret; } #endif /* HAVE_ED25519 */ @@ -2403,6 +2436,8 @@ static WC_INLINE int myX25519KeyGen(WOLFSSL* ssl, curve25519_key* key, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK 25519 KeyGen: keySz %d\n", keySz); + ret = wc_InitRng(&rng); if (ret != 0) return ret; @@ -2411,6 +2446,8 @@ static WC_INLINE int myX25519KeyGen(WOLFSSL* ssl, curve25519_key* key, wc_FreeRng(&rng); + WOLFSSL_PKMSG("PK 25519 KeyGen: ret %d\n", ret); + return ret; } @@ -2428,6 +2465,9 @@ static WC_INLINE int myX25519SharedSecret(WOLFSSL* ssl, curve25519_key* otherKey (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK 25519 PMS: side %s\n", + side == WOLFSSL_CLIENT_END ? "client" : "server"); + ret = wc_curve25519_init(&tmpKey); if (ret != 0) { return ret; @@ -2471,6 +2511,9 @@ static WC_INLINE int myX25519SharedSecret(WOLFSSL* ssl, curve25519_key* otherKey wc_curve25519_free(&tmpKey); + WOLFSSL_PKMSG("PK 25519 PMS: ret %d, pubKeySz %d, outLen %d\n", + ret, *pubKeySz, *outlen); + return ret; } #endif /* HAVE_CURVE25519 */ @@ -2484,13 +2527,19 @@ static WC_INLINE int myDhCallback(WOLFSSL* ssl, struct DhKey* key, unsigned char* out, unsigned int* outlen, void* ctx) { + int ret; PkCbInfo* cbInfo = (PkCbInfo*)ctx; (void)ssl; (void)cbInfo; /* return 0 on success */ - return wc_DhAgree(key, out, outlen, priv, privSz, pubKeyDer, pubKeySz); + ret = wc_DhAgree(key, out, outlen, priv, privSz, pubKeyDer, pubKeySz); + + WOLFSSL_PKMSG("PK ED Agree: ret %d, privSz %d, pubKeySz %d, outlen %d\n", + ret, privSz, pubKeySz, *outlen); + + return ret; }; #endif /* !NO_DH */ @@ -2510,6 +2559,8 @@ static WC_INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA Sign: inSz %d, keySz %d\n", inSz, keySz); + #ifdef TEST_PK_PRIVKEY ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); if (ret != 0) @@ -2537,6 +2588,8 @@ static WC_INLINE int myRsaSign(WOLFSSL* ssl, const byte* in, word32 inSz, free(keyBuf); #endif + WOLFSSL_PKMSG("PK RSA Sign: ret %d, outSz %d\n", ret, *outSz); + return ret; } @@ -2552,6 +2605,8 @@ static WC_INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz); + ret = wc_InitRsaKey(&myKey, NULL); if (ret == 0) { ret = wc_RsaPublicKeyDecode(key, &idx, &myKey, keySz); @@ -2560,6 +2615,8 @@ static WC_INLINE int myRsaVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, wc_FreeRsaKey(&myKey); } + WOLFSSL_PKMSG("PK RSA Verify: ret %d\n", ret); + return ret; } @@ -2575,6 +2632,8 @@ static WC_INLINE int myRsaSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA SignCheck: sigSz %d, keySz %d\n", sigSz, keySz); + #ifdef TEST_PK_PRIVKEY ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); if (ret != 0) @@ -2592,6 +2651,8 @@ static WC_INLINE int myRsaSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz, free(keyBuf); #endif + WOLFSSL_PKMSG("PK RSA SignCheck: ret %d\n", ret); + return ret; } @@ -2611,6 +2672,9 @@ static WC_INLINE int myRsaPssSign(WOLFSSL* ssl, const byte* in, word32 inSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA PSS Sign: inSz %d, hash %d, mgf %d, keySz %d\n", + inSz, hash, mgf, keySz); + #ifdef TEST_PK_PRIVKEY ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); if (ret != 0) @@ -2658,6 +2722,8 @@ static WC_INLINE int myRsaPssSign(WOLFSSL* ssl, const byte* in, word32 inSz, free(keyBuf); #endif + WOLFSSL_PKMSG("PK RSA PSS Sign: ret %d, outSz %d\n", ret, *outSz); + return ret; } @@ -2674,6 +2740,9 @@ static WC_INLINE int myRsaPssVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA PSS Verify: sigSz %d, hash %d, mgf %d, keySz %d\n", + sigSz, hash, mgf, keySz); + switch (hash) { #ifndef NO_SHA256 case SHA256h: @@ -2702,6 +2771,8 @@ static WC_INLINE int myRsaPssVerify(WOLFSSL* ssl, byte* sig, word32 sigSz, wc_FreeRsaKey(&myKey); } + WOLFSSL_PKMSG("PK RSA PSS Verify: ret %d\n", ret); + return ret; } @@ -2718,6 +2789,9 @@ static WC_INLINE int myRsaPssSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA PSS SignCheck: sigSz %d, hash %d, mgf %d, keySz %d\n", + sigSz, hash, mgf, keySz); + #ifdef TEST_PK_PRIVKEY ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); if (ret != 0) @@ -2756,6 +2830,8 @@ static WC_INLINE int myRsaPssSignCheck(WOLFSSL* ssl, byte* sig, word32 sigSz, free(keyBuf); #endif + WOLFSSL_PKMSG("PK RSA PSS SignCheck: ret %d\n", ret); + return ret; } #endif @@ -2774,6 +2850,8 @@ static WC_INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA Enc: inSz %d, keySz %d\n", inSz, keySz); + ret = wc_InitRng(&rng); if (ret != 0) return ret; @@ -2792,6 +2870,8 @@ static WC_INLINE int myRsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, } wc_FreeRng(&rng); + WOLFSSL_PKMSG("PK RSA Enc: ret %d, outSz %d\n", ret, *outSz); + return ret; } @@ -2808,6 +2888,8 @@ static WC_INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz, (void)ssl; (void)cbInfo; + WOLFSSL_PKMSG("PK RSA Dec: inSz %d, keySz %d\n", inSz, keySz); + #ifdef TEST_PK_PRIVKEY ret = load_key_file(cbInfo->ourKey, &keyBuf, &keySz); if (ret != 0) @@ -2834,6 +2916,8 @@ static WC_INLINE int myRsaDec(WOLFSSL* ssl, byte* in, word32 inSz, free(keyBuf); #endif + WOLFSSL_PKMSG("PK RSA Dec: ret %d\n", ret); + return ret; }