WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

pk.c: rework 

Re-order RSA functions.
Add comments to RSA functions.
Rework RSA function implementations.
pull/5186/head
Sean Parkinson 2022-05-27 16:30:59 +10:00
parent 9fb1143eba
commit 890abfbefc
9 changed files with 5752 additions and 3417 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
configure.ac
View File

@ -7608,6 +7608,12 @@ case $host_os in
fi ;;
esac
if test "$enable_shared" = "no"; then
if test "$enable_static" = "yes"; then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TEST_STATIC_BUILD"
fi
fi
if test "x$ENABLED_LINUXKM" = "xyes"; then
AX_SIMD_CC_COMPILER_FLAGS
AC_SUBST([CFLAGS_FPU_DISABLE])

7099
src/pk.c
View File

File diff suppressed because it is too large Load Diff

26
src/ssl.c
View File

@ -26916,7 +26916,7 @@ int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher,
#endif /* WOLFSSL_KEY_GEN || WOLFSSL_PEM_TO_DER */
#ifndef NO_BIO
static int WriteBioPUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
static int pem_write_bio_pubkey(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
{
int ret;
int pemSz;
@ -27005,14 +27005,14 @@ static int WriteBioPUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
pemSz = wc_DerToPem(derBuf, derSz, NULL, 0, PUBLICKEY_TYPE);
if (pemSz < 0) {
WOLFSSL_LEAVE("WriteBioPUBKEY", pemSz);
WOLFSSL_LEAVE("pem_write_bio_pubkey", pemSz);
XFREE(derBuf, bio->heap, DYNAMIC_TYPE_DER);
return WOLFSSL_FAILURE;
}
pemBuf = (byte*)XMALLOC(pemSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
if (pemBuf == NULL) {
WOLFSSL_LEAVE("WriteBioPUBKEY", pemSz);
WOLFSSL_LEAVE("pem_write_bio_pubkey", pemSz);
XFREE(derBuf, bio->heap, DYNAMIC_TYPE_DER);
return WOLFSSL_FAILURE;
}
@ -27020,7 +27020,7 @@ static int WriteBioPUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
ret = wc_DerToPem(derBuf, derSz, pemBuf, pemSz, PUBLICKEY_TYPE);
XFREE(derBuf, bio->heap, DYNAMIC_TYPE_DER);
if (ret < 0) {
WOLFSSL_LEAVE("WriteBioPUBKEY", ret);
WOLFSSL_LEAVE("pem_write_bio_pubkey", ret);
XFREE(pemBuf, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
return WOLFSSL_FAILURE;
}
@ -27042,7 +27042,7 @@ int wolfSSL_PEM_write_bio_PUBKEY(WOLFSSL_BIO* bio, WOLFSSL_EVP_PKEY* key)
{
WOLFSSL_ENTER("wolfSSL_PEM_write_bio_PUBKEY");
return WriteBioPUBKEY(bio, key);
return pem_write_bio_pubkey(bio, key);
}
/* Takes a private key and writes it out to a WOLFSSL_BIO
@ -33606,6 +33606,22 @@ word32 nid2oid(int nid, int grp)
case NID_sha512:
return SHA512h;
#endif
#ifndef WOLFSSL_NOSHA3_224
case NID_sha3_224:
return SHA3_224h;
#endif
#ifndef WOLFSSL_NOSHA3_256
case NID_sha3_256:
return SHA3_256h;
#endif
#ifndef WOLFSSL_NOSHA3_384
case NID_sha3_384:
return SHA3_384h;
#endif
#ifndef WOLFSSL_NOSHA3_512
case NID_sha3_512:
return SHA3_512h;
#endif
}
break;

1869
tests/api.c
View File

File diff suppressed because it is too large Load Diff

28
wolfcrypt/src/evp.c
View File

@ -1526,6 +1526,7 @@ WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_E
ctx->pkey = pkey;
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA)
ctx->padding = RSA_PKCS1_PADDING;
ctx->md = NULL;
#endif
#ifdef HAVE_ECC
if (pkey->ecc && pkey->ecc->group) {
@ -1558,6 +1559,26 @@ int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding)
return WOLFSSL_SUCCESS;
}
/* Sets the message digest type for RSA padding to use.
*
* ctx structure to set padding in.
* md Message digest
*
* returns WOLFSSL_SUCCESS on success.
*/
int wolfSSL_EVP_PKEY_CTX_set_signature_md(WOLFSSL_EVP_PKEY_CTX *ctx,
const EVP_MD* md)
{
if (ctx == NULL) return 0;
WOLFSSL_ENTER("EVP_PKEY_CTX_set_signature_md");
#ifndef NO_RSA
ctx->md = md;
#else
(void)md;
#endif
return WOLFSSL_SUCCESS;
}
/* create a PKEY context and return it */
WOLFSSL_EVP_PKEY_CTX *wolfSSL_EVP_PKEY_CTX_new_id(int id, WOLFSSL_ENGINE *e)
{
@ -2247,10 +2268,11 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
}
/* wolfSSL_RSA_sign_generic_padding performs a check that the output
* sig buffer is large enough */
if (wolfSSL_RSA_sign_generic_padding(WC_HASH_TYPE_NONE, tbs,
(unsigned int)tbslen, sig, &usiglen, ctx->pkey->rsa, 1, ctx->padding)
!= WOLFSSL_SUCCESS)
if (wolfSSL_RSA_sign_generic_padding(wolfSSL_EVP_MD_type(ctx->md), tbs,
(unsigned int)tbslen, sig, &usiglen, ctx->pkey->rsa, 1,
ctx->padding) != WOLFSSL_SUCCESS) {
return WOLFSSL_FAILURE;
}
*siglen = (size_t)usiglen;
return WOLFSSL_SUCCESS;
}

48
wolfcrypt/src/wc_port.c
View File

@ -1018,6 +1018,54 @@ size_t wc_strlcat(char *dst, const char *src, size_t dstSize)
}
#endif /* USE_WOLF_STRLCAT */
#ifndef SINGLE_THREADED
/* TODO: use atomic operations instead of mutex */
void wolfSSL_RefInit(wolfSSL_Ref* ref, int* err)
{
int ret = wc_InitMutex(&ref->mutex);
if (ret != 0) {
WOLFSSL_MSG("Failed to create mutex for reference counting!");
}
ref->count = 1;
*err = ret;
}
void wolfSSL_RefFree(wolfSSL_Ref* ref)
{
if (wc_FreeMutex(&ref->mutex) != 0) {
WOLFSSL_MSG("Failed to free mutex of reference counting!");
}
}
void wolfSSL_RefInc(wolfSSL_Ref* ref, int* err)
{
int ret = wc_LockMutex(&ref->mutex);
if (ret != 0) {
WOLFSSL_MSG("Failed to lock mutex for reference increment!");
}
else {
ref->count++;
wc_UnLockMutex(&ref->mutex);
}
*err = ret;
}
void wolfSSL_RefDec(wolfSSL_Ref* ref, int* isZero, int* err)
{
int ret = wc_LockMutex(&ref->mutex);
if (ret != 0) {
WOLFSSL_MSG("Failed to lock mutex for reference decrement!");
}
else {
ref->count--;
*isZero = (ref->count == 0);
wc_UnLockMutex(&ref->mutex);
}
*err = ret;
}
#endif
#if WOLFSSL_CRYPT_HW_MUTEX
/* Mutex for protection of cryptography hardware */
static wolfSSL_Mutex wcCryptHwMutex;

6
wolfssl/openssl/evp.h
View File

@ -454,6 +454,9 @@ struct WOLFSSL_EVP_PKEY_CTX {
#ifdef HAVE_ECC
int curveNID;
#endif
#ifndef NO_RSA
const WOLFSSL_EVP_MD* md;
#endif
};
struct WOLFSSL_ASN1_PCTX {
@ -639,6 +642,8 @@ WOLFSSL_API void wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx);
#endif
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_padding(WOLFSSL_EVP_PKEY_CTX *ctx, int padding);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_signature_md(WOLFSSL_EVP_PKEY_CTX *ctx,
const WOLFSSL_EVP_MD* md);
WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(WOLFSSL_EVP_PKEY_CTX *ctx, int bits);
WOLFSSL_API int wolfSSL_EVP_PKEY_derive_init(WOLFSSL_EVP_PKEY_CTX *ctx);
@ -1002,6 +1007,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
#define EVP_PKEY_CTX_free wolfSSL_EVP_PKEY_CTX_free
#define EVP_PKEY_CTX_new wolfSSL_EVP_PKEY_CTX_new
#define EVP_PKEY_CTX_set_rsa_padding wolfSSL_EVP_PKEY_CTX_set_rsa_padding
#define EVP_PKEY_CTX_set_signature_md wolfSSL_EVP_PKEY_CTX_set_signature_md
#define EVP_PKEY_CTX_new_id wolfSSL_EVP_PKEY_CTX_new_id
#define EVP_PKEY_CTX_set_rsa_keygen_bits wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits
#define EVP_PKEY_derive_init wolfSSL_EVP_PKEY_derive_init

46
wolfssl/openssl/rsa.h
View File

@ -59,44 +59,42 @@
#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
typedef struct WOLFSSL_RSA_METHOD {
/* Flags of RSA key implementation. */
int flags;
/* Name of RSA key implementation. */
char *name;
/* RSA method dynamically allocated. */
word16 dynamic:1;
} WOLFSSL_RSA_METHOD;
#ifndef WOLFSSL_RSA_TYPE_DEFINED /* guard on redeclaration */
#define WOLFSSL_RSA_TYPE_DEFINED
/* RSA key compatable with OpenSSL. */
typedef struct WOLFSSL_RSA {
#ifdef WC_RSA_BLINDING
WC_RNG* rng; /* for PrivateDecrypt blinding */
#endif
WOLFSSL_BIGNUM* n;
WOLFSSL_BIGNUM* e;
WOLFSSL_BIGNUM* d;
WOLFSSL_BIGNUM* p;
WOLFSSL_BIGNUM* q;
WOLFSSL_BIGNUM* dmp1; /* dP */
WOLFSSL_BIGNUM* dmq1; /* dQ */
WOLFSSL_BIGNUM* iqmp; /* u */
void* heap;
void* internal; /* our RSA */
WOLFSSL_BIGNUM* n; /* Modulus. */
WOLFSSL_BIGNUM* e; /* Public exponent. */
WOLFSSL_BIGNUM* d; /* Private exponent. */
WOLFSSL_BIGNUM* p; /* First prime. */
WOLFSSL_BIGNUM* q; /* Second prime. */
WOLFSSL_BIGNUM* dmp1; /* dP = d mod (p - 1) */
WOLFSSL_BIGNUM* dmq1; /* dQ = d mod (q - 1) */
WOLFSSL_BIGNUM* iqmp; /* u = (1 / q) mod p */
void* heap; /* Heap used for memory allocations. */
void* internal; /* wolfCrypt RSA key. */
#if defined(OPENSSL_EXTRA)
WOLFSSL_RSA_METHOD* meth;
const WOLFSSL_RSA_METHOD* meth; /* RSA method. */
#endif
#ifdef HAVE_EX_DATA
WOLFSSL_CRYPTO_EX_DATA ex_data; /* external data */
#endif
#if defined(OPENSSL_EXTRA_X509_SMALL) || defined(OPENSSL_EXTRA)
#ifndef SINGLE_THREADED
wolfSSL_Mutex refMutex; /* ref count mutex */
#endif
int refCount; /* reference count */
#endif
word16 pkcs8HeaderSz;
wolfSSL_Ref ref; /* Reference count information. */
word16 pkcs8HeaderSz; /* Size of PKCS#8 header from decode. */
int flags; /* Flags of implementation. */
/* bits */
byte inSet:1; /* internal set from external ? */
byte exSet:1; /* external set from internal ? */
byte ownRng:1; /* flag for if the rng should be free'd */
byte inSet:1; /* Internal set from external. */
byte exSet:1; /* External set from internal. */
byte ownRng:1; /* Rng needs to be free'd. */
} WOLFSSL_RSA;
#endif

41
wolfssl/wolfcrypt/wc_port.h
View File

@ -275,6 +275,47 @@
#endif /* USE_WINDOWS_API */
#endif /* SINGLE_THREADED */
/* Reference counting. */
typedef struct wolfSSL_Ref {
/* TODO: use atomic operations instead of mutex. */
#ifndef SINGLE_THREADED
wolfSSL_Mutex mutex;
#endif
int count;
} wolfSSL_Ref;
#ifdef SINGLE_THREADED
#define wolfSSL_RefInit(ref, err) \
do { \
(ref)->count = 1; \
*(err) = 0; \
} \
while (0)
#define wolfSSL_RefFree(ref)
#define wolfSSL_RefInc(ref, err) \
do { \
(ref)->count++; \
*(err) = 0; \
} \
while (0)
#define wolfSSL_RefDec(ref, isZero, err) \
do { \
(ref)->count--; \
*(isZero) = ((ref)->count == 0); \
*(err) = 0; \
} \
while (0)
#else
WOLFSSL_LOCAL void wolfSSL_RefInit(wolfSSL_Ref* ref, int* err);
WOLFSSL_LOCAL void wolfSSL_RefFree(wolfSSL_Ref* ref);
WOLFSSL_LOCAL void wolfSSL_RefInc(wolfSSL_Ref* ref, int* err);
WOLFSSL_LOCAL void wolfSSL_RefDec(wolfSSL_Ref* ref, int* isZero, int* err);
#endif
/* Enable crypt HW mutex for Freescale MMCAU, PIC32MZ or STM32 */
#if defined(FREESCALE_MMCAU) || defined(WOLFSSL_MICROCHIP_PIC32MZ) || \
defined(STM32_CRYPTO) || defined(STM32_HASH) || defined(STM32_RNG)