mirror of https://github.com/wolfSSL/wolfssl.git
Single Precision maths for RSA (and DH)
Single Precision ECC implementationpull/1103/head
Sean Parkinson
parent
130e026139
commit
90f8f67982
|
|
@ -0,0 +1,108 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number:
|
||||
c9:72:2a:eb:e8:4a:47:e7
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
|
||||
Validity
|
||||
Not Before: Aug 11 05:14:40 2017 GMT
|
||||
Not After : May 7 05:14:40 2020 GMT
|
||||
Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (3072 bit)
|
||||
Modulus:
|
||||
00:c1:00:b0:1a:0a:ba:88:03:cc:92:d6:f7:2e:0d:
|
||||
ad:be:60:f4:a4:53:a3:dc:f9:b6:48:6c:21:33:cf:
|
||||
7c:a0:c5:35:37:1a:5f:7e:65:33:07:b4:9a:d1:2e:
|
||||
b2:ed:35:a1:c8:67:b3:db:39:05:8d:aa:81:74:00:
|
||||
85:22:72:f8:7d:39:47:53:00:56:71:cf:82:d7:fc:
|
||||
a2:7d:a0:6e:10:a2:96:db:cc:8e:e4:2d:9d:9d:5b:
|
||||
4a:43:5e:cb:3d:48:72:af:f4:6a:da:34:2f:ed:99:
|
||||
c1:1b:fb:4c:56:8a:a0:66:8c:fb:5d:10:d5:5b:0f:
|
||||
96:04:d9:c5:b1:55:f5:88:76:db:d3:da:a1:dc:e9:
|
||||
ee:d1:67:dd:bf:54:50:07:ef:2f:79:fb:4e:59:2a:
|
||||
bf:92:0d:80:6f:7b:ec:79:65:9a:c3:08:c0:4f:c6:
|
||||
6b:33:bf:9d:4d:af:f9:83:af:25:42:4c:93:f1:9f:
|
||||
d6:33:7d:d4:85:2a:77:44:1d:1f:ca:d3:22:ab:69:
|
||||
50:35:d8:47:3e:f7:9c:a8:e3:f9:84:60:9e:36:10:
|
||||
02:5c:9c:1f:33:1c:e6:bb:d0:5f:28:63:27:4c:b5:
|
||||
1c:71:b3:f4:7a:33:aa:45:70:a9:54:88:70:07:0e:
|
||||
45:4f:b1:7f:2a:fd:bf:31:da:97:96:c8:55:49:f2:
|
||||
c3:b6:e6:08:78:ca:40:8b:2e:5d:8e:4e:6c:65:6b:
|
||||
57:f4:1d:ee:41:b6:ed:24:0d:38:f2:40:bd:7d:59:
|
||||
6b:c5:d6:67:e2:12:9b:10:05:fe:eb:40:1d:c5:73:
|
||||
75:ac:e9:9c:07:63:72:e4:c5:04:fe:c9:17:13:bf:
|
||||
04:02:0e:44:e9:9d:59:6e:7e:63:38:e6:db:31:21:
|
||||
28:5e:82:20:36:ad:26:fe:ba:6d:af:57:2e:32:aa:
|
||||
a6:2c:54:b4:25:50:11:ac:25:8b:84:1b:7b:5d:ae:
|
||||
df:e1:c4:32:3a:b4:60:6c:16:ef:9c:2c:a8:67:d0:
|
||||
53:f5:c8:97:9a:9e:81:25:e6:c7
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Subject Key Identifier:
|
||||
FA:B8:8A:0E:1D:E7:2B:22:BA:2D:F4:54:DD:7E:D4:63:8A:AB:E7:95
|
||||
X509v3 Authority Key Identifier:
|
||||
keyid:FA:B8:8A:0E:1D:E7:2B:22:BA:2D:F4:54:DD:7E:D4:63:8A:AB:E7:95
|
||||
DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_3072/OU=Programming-3072/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
|
||||
serial:C9:72:2A:EB:E8:4A:47:E7
|
||||
|
||||
X509v3 Basic Constraints:
|
||||
CA:TRUE
|
||||
Signature Algorithm: sha256WithRSAEncryption
|
||||
b3:20:83:3d:56:e2:b9:a6:8f:a9:46:fe:ad:9f:c7:d5:e2:dc:
|
||||
db:78:1e:4c:ca:d5:bd:38:5d:20:bc:18:f9:a0:33:7e:09:df:
|
||||
89:61:15:85:6d:80:78:3d:b4:6b:30:e6:f3:8a:8f:b2:5d:a0:
|
||||
6b:41:51:24:1c:4c:5e:db:0d:af:6d:56:12:1b:91:01:ed:0e:
|
||||
1c:1a:15:95:8f:99:1f:7f:e7:65:e7:0a:fe:24:0c:e0:a1:1f:
|
||||
16:7f:55:2e:48:98:97:3f:98:a7:90:1f:20:ec:b6:16:fa:2a:
|
||||
d2:91:3a:5f:83:df:cd:a3:51:37:19:69:c3:be:c9:35:bb:32:
|
||||
47:e9:e5:30:1f:cd:27:ac:4d:05:31:d9:06:33:5c:6e:f5:bb:
|
||||
22:b6:7c:68:3d:82:f2:c0:2e:00:34:d9:ed:ba:fc:f5:39:04:
|
||||
53:32:b7:bb:ff:c6:a1:bc:50:8e:d5:43:b6:48:07:8b:3d:47:
|
||||
4a:f7:22:f1:c3:4d:3d:db:d4:ca:e6:77:4d:94:7c:79:36:df:
|
||||
81:de:a7:fc:24:0e:7c:ec:72:2e:4d:b2:dc:7c:93:98:29:62:
|
||||
8b:67:0a:dd:c5:2f:ea:e1:b0:1d:d2:9d:91:74:30:3f:14:10:
|
||||
03:95:36:1b:02:2a:84:22:51:fa:26:fb:a4:a7:a7:d0:3f:12:
|
||||
0d:bc:14:c8:cd:60:a1:53:44:e3:5b:7a:63:ee:3e:50:f8:4a:
|
||||
ea:0a:2e:c2:9d:69:0c:4b:c6:ea:cd:b2:0d:d0:de:13:09:c9:
|
||||
f9:d5:7c:e4:f4:b1:55:8f:59:9e:86:b9:51:77:ad:35:06:35:
|
||||
fa:2c:76:06:41:b9:21:13:dd:94:02:34:66:e0:21:86:8e:08:
|
||||
9d:06:71:f2:bc:c3:34:10:ff:3d:d4:0c:70:8a:3c:bb:8a:ea:
|
||||
af:a1:b3:63:78:95:e4:c8:54:3c:87:c5:b4:97:7a:19:a3:59:
|
||||
75:ac:d6:5b:48:47:55:e8:24:20:fa:e8:2b:66:5d:6a:17:47:
|
||||
ce:38:93:a7:d1:ed
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFyjCCBDKgAwIBAgIJAMlyKuvoSkfnMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
|
||||
VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMG
|
||||
A1UECgwMd29sZlNTTF8zMDcyMRkwFwYDVQQLDBBQcm9ncmFtbWluZy0zMDcyMRgw
|
||||
FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
|
||||
ZnNzbC5jb20wHhcNMTcwODExMDUxNDQwWhcNMjAwNTA3MDUxNDQwWjCBnjELMAkG
|
||||
A1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTAT
|
||||
BgNVBAoMDHdvbGZTU0xfMzA3MjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMzA3MjEY
|
||||
MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
|
||||
bGZzc2wuY29tMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAwQCwGgq6
|
||||
iAPMktb3Lg2tvmD0pFOj3Pm2SGwhM898oMU1NxpffmUzB7Sa0S6y7TWhyGez2zkF
|
||||
jaqBdACFInL4fTlHUwBWcc+C1/yifaBuEKKW28yO5C2dnVtKQ17LPUhyr/Rq2jQv
|
||||
7ZnBG/tMVoqgZoz7XRDVWw+WBNnFsVX1iHbb09qh3Onu0Wfdv1RQB+8veftOWSq/
|
||||
kg2Ab3vseWWawwjAT8ZrM7+dTa/5g68lQkyT8Z/WM33UhSp3RB0fytMiq2lQNdhH
|
||||
PvecqOP5hGCeNhACXJwfMxzmu9BfKGMnTLUccbP0ejOqRXCpVIhwBw5FT7F/Kv2/
|
||||
MdqXlshVSfLDtuYIeMpAiy5djk5sZWtX9B3uQbbtJA048kC9fVlrxdZn4hKbEAX+
|
||||
60AdxXN1rOmcB2Ny5MUE/skXE78EAg5E6Z1Zbn5jOObbMSEoXoIgNq0m/rptr1cu
|
||||
MqqmLFS0JVARrCWLhBt7Xa7f4cQyOrRgbBbvnCyoZ9BT9ciXmp6BJebHAgMBAAGj
|
||||
ggEHMIIBAzAdBgNVHQ4EFgQU+riKDh3nKyK6LfRU3X7UY4qr55UwgdMGA1UdIwSB
|
||||
yzCByIAU+riKDh3nKyK6LfRU3X7UY4qr55WhgaSkgaEwgZ4xCzAJBgNVBAYTAlVT
|
||||
MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3
|
||||
b2xmU1NMXzMwNzIxGTAXBgNVBAsMEFByb2dyYW1taW5nLTMwNzIxGDAWBgNVBAMM
|
||||
D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv
|
||||
bYIJAMlyKuvoSkfnMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggGBALMg
|
||||
gz1W4rmmj6lG/q2fx9Xi3Nt4HkzK1b04XSC8GPmgM34J34lhFYVtgHg9tGsw5vOK
|
||||
j7JdoGtBUSQcTF7bDa9tVhIbkQHtDhwaFZWPmR9/52XnCv4kDOChHxZ/VS5ImJc/
|
||||
mKeQHyDsthb6KtKROl+D382jUTcZacO+yTW7Mkfp5TAfzSesTQUx2QYzXG71uyK2
|
||||
fGg9gvLALgA02e26/PU5BFMyt7v/xqG8UI7VQ7ZIB4s9R0r3IvHDTT3b1Mrmd02U
|
||||
fHk234Hep/wkDnzsci5Nstx8k5gpYotnCt3FL+rhsB3SnZF0MD8UEAOVNhsCKoQi
|
||||
Ufom+6Snp9A/Eg28FMjNYKFTRONbemPuPlD4SuoKLsKdaQxLxurNsg3Q3hMJyfnV
|
||||
fOT0sVWPWZ6GuVF3rTUGNfosdgZBuSET3ZQCNGbgIYaOCJ0GcfK8wzQQ/z3UDHCK
|
||||
PLuK6q+hs2N4leTIVDyHxbSXehmjWXWs1ltIR1XoJCD66CtmXWoXR844k6fR7Q==
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -0,0 +1,40 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIG/wIBADANBgkqhkiG9w0BAQEFAASCBukwggblAgEAAoIBgQDBALAaCrqIA8yS
|
||||
1vcuDa2+YPSkU6Pc+bZIbCEzz3ygxTU3Gl9+ZTMHtJrRLrLtNaHIZ7PbOQWNqoF0
|
||||
AIUicvh9OUdTAFZxz4LX/KJ9oG4QopbbzI7kLZ2dW0pDXss9SHKv9GraNC/tmcEb
|
||||
+0xWiqBmjPtdENVbD5YE2cWxVfWIdtvT2qHc6e7RZ92/VFAH7y95+05ZKr+SDYBv
|
||||
e+x5ZZrDCMBPxmszv51Nr/mDryVCTJPxn9YzfdSFKndEHR/K0yKraVA12Ec+95yo
|
||||
4/mEYJ42EAJcnB8zHOa70F8oYydMtRxxs/R6M6pFcKlUiHAHDkVPsX8q/b8x2peW
|
||||
yFVJ8sO25gh4ykCLLl2OTmxla1f0He5Btu0kDTjyQL19WWvF1mfiEpsQBf7rQB3F
|
||||
c3Ws6ZwHY3LkxQT+yRcTvwQCDkTpnVlufmM45tsxIShegiA2rSb+um2vVy4yqqYs
|
||||
VLQlUBGsJYuEG3tdrt/hxDI6tGBsFu+cLKhn0FP1yJeanoEl5scCAwEAAQKCAYA4
|
||||
2WMFyLM47SWM+xTD0/OhaB2naZuSs1sl6fO9txgWowARwwrtyBFH68LOatr5VBrb
|
||||
VPB9WkZwfBC1gpG0m/jlqcGAiVDtJRp9VETojCDfdYTKKW7Nd0I93234eiuTWYuu
|
||||
mGgA7e5QJkHjZBoQQ7ULf+tqdlLiB61AsISyv4cbMyd9N6EF2UInHFkMymDodWOe
|
||||
oo9pZFYZRzDVpcL53xu+5wz+couRKpfDElqEl0p6ROQu/82wTRgUQXXv8kQzEg1Z
|
||||
Ccm9D66IPLHviG19utUSNll2Fq3i7V88It+NFzBp4yzNvoXOiUFWwDoqHUve2ifV
|
||||
UDKITEE8Zh3Cm/UGdbNk+lkMOu5tmE0l1tOe2F+9RAjB1SnN8qxMqgMnmftEKYja
|
||||
3Do9feU0H2ZmKfK6dfECB7NsuVg9mI66Dew0rjQJ0oRG1+qqvPgHROcVnMBMmeU1
|
||||
bsF2yV2RWCc/4RFuAEi0VM2SgYOst5Voa+Os15rFxZ3APC+FqDmzYyyKVfXpgMEC
|
||||
gcEA7NuwxVGiseKGVZXG1/JJm86hCNkyAFMx1soGQDXyCZfTKFTwuJr+rImkOLnj
|
||||
J8i5cGa8v8E8obH/bMeM6hI8qsJ5jr1yHluZBGOy+VNmeV1pCLpCeXF/enn9gTq4
|
||||
m+X6SCxCn/SQdnr1Z5HT9yTcsWSzKk+T7uVKCZomfmBJyK3hhYsUsCaE0eQjgGfm
|
||||
yY/HKFVni/wmYLxnDwrMNtIK6aBA3cRrUr8MG8DZDVdourXMUo+G61kEaAV2Wu2R
|
||||
QrEzAoHBANCZrjOcPOZ5ojRmvqIiwX39U5Ucu9gkYvi63fJgzUcZKoH67D4pK1T7
|
||||
lvQ93hVnno0tKW16+lUS7EkQs4xmSPK07jQn0xYOkTcBnu4b/lkSIaFouecFd+ls
|
||||
XKlMz9VR91s89Hnuz0qXL7gpO2D9/bfonAXTsQyyTgNK3opwA4J0AKT+9PUTehGe
|
||||
pT7OtupGMh7osuNzX7v/9L5VBz24ZOiI35yypOnK/DHJDKzXnXGBxHhEwmdAQe0T
|
||||
BKMQ8nDcHQKBwQDCdCpQFJFpUPvQT8KLj1J3I9B5Hzc5pROJrxoqpR8sWQT2W6W1
|
||||
KSpkJCw6lgGzq8rySKY1F0Pby/JTMBC0Kny8BCUf1tBVtAWP4PoSTzIV+WY90Ay6
|
||||
/z8VIgnJipf9BXXQwuV/xJzFaHUIrmRCxnSY/n9JAUQGISADehaYMhzhMD+yD1jQ
|
||||
tQ7d8lpjFOoYGH380wDLoBsx1/sUEl1NtGtZGkOmzZb+u/II5u5LUbOddZtlPIgb
|
||||
t10yuSlNxTQ4eJkCgcEAgxbg23wm5Wuw3J9o03lmAWgOe5mIDqenLso4KlZdCn4t
|
||||
MWvfxJyYp5pH3gt3IhpxECU+cJek84ulw7DkNKoe06+SNmKEi8rxxRCWsOoUqCL1
|
||||
0Xp/wUe1eJJplNc5kMQm30ZqGKpTyHtEOMZok2ZqaIWcbyj+jY0L65PEUFleSz/d
|
||||
G9NBWzY3MxVwoQzE9GrSmov/x2I82mdahbXnjAjyGRPS+qVlb6rpW9wNxBzny2oS
|
||||
bsY/KSW/iF24P0WqJfSdAoHBAMrAqYYkbFVboqKXci8ngzrBIPTweUaQetseywd3
|
||||
EsBoCuIub/zOHrXPyEHpQpsWBoyCs7/wFy+e2E8qWJ9GBqVaUdpO1PQbgDBTg3C4
|
||||
lx91pXJ9wHFFMX7evHYLFLLce6ofhrRDch97aFvdDP0dB7fh32FRUyJzPQwVXOcL
|
||||
OEyaN2q+5mTLVIohiiryb6SmsD2qbAzym32/826Fku2zwX8j2xdCP/AkdnIPz/L0
|
||||
H3pgMZYSzYmd0dbSva225DqVew==
|
||||
-----END PRIVATE KEY-----
|
||||
|
|
@ -54,6 +54,24 @@ function run_renewcerts(){
|
|||
|
||||
openssl x509 -in client-cert.pem -text > tmp.pem
|
||||
mv tmp.pem client-cert.pem
|
||||
|
||||
|
||||
############################################################
|
||||
#### update the self-signed (3072-bit) client-cert.pem #####
|
||||
############################################################
|
||||
echo "Updating 3072-bit client-cert.pem"
|
||||
echo ""
|
||||
#pipe the following arguments to openssl req...
|
||||
echo -e "US\nMontana\nBozeman\nwolfSSL_3072\nProgramming-3072\nwww.wolfssl.com\ninfo@wolfssl.com\n.\n.\n" | openssl req -new -newkey rsa:3072 -keyout client-key-3072.pem -nodes -out client-cert-3072.csr
|
||||
|
||||
|
||||
openssl x509 -req -in client-cert-3072.csr -days 1000 -extfile wolfssl.cnf -extensions wolfssl_opts -signkey client-key-3072.pem -out client-cert-3072.pem
|
||||
rm client-cert-3072.csr
|
||||
|
||||
openssl x509 -in client-cert-3072.pem -text > tmp.pem
|
||||
mv tmp.pem client-cert-3072.pem
|
||||
|
||||
|
||||
############################################################
|
||||
#### update the self-signed (1024-bit) client-cert.pem #####
|
||||
############################################################
|
||||
|
|
|
|||
105
configure.ac
105
configure.ac
|
|
@ -111,6 +111,7 @@ OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer"
|
|||
OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer"
|
||||
OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET"
|
||||
DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL"
|
||||
COVERAGE_CFLAGS="--coverage"
|
||||
LIB_ADD=
|
||||
LIB_STATIC_ADD=
|
||||
|
||||
|
|
@ -129,6 +130,12 @@ AS_IF([test "$ax_enable_debug" = "yes"],
|
|||
[AM_CFLAGS="$AM_CFLAGS -DNDEBUG"])
|
||||
|
||||
|
||||
# COVERAGE
|
||||
AX_COVERAGE
|
||||
AS_IF([test "$ax_enable_coverage" = "yes"],
|
||||
[AM_CFLAGS="$COVERAGE_CFLAGS $AM_CFLAGS"])
|
||||
|
||||
|
||||
# Distro build feature subset (Debian, Ubuntu, etc.)
|
||||
AC_ARG_ENABLE([distro],
|
||||
[AS_HELP_STRING([--enable-distro],[Enable wolfSSL distro build (default: disabled)])],
|
||||
|
|
@ -3197,6 +3204,102 @@ AC_ARG_WITH([intelqa],
|
|||
|
||||
AM_CONDITIONAL([BUILD_INTEL_QA], [test "x$ENABLED_INTEL_QA" = "xyes"])
|
||||
|
||||
# Single Precision maths implementation
|
||||
AC_ARG_ENABLE([sp],
|
||||
[AS_HELP_STRING([--enable-sp],[Enable Single Precision maths implementation (default: disabled)])],
|
||||
[ ENABLED_SP=$enableval ],
|
||||
[ ENABLED_SP=yes ],
|
||||
)
|
||||
|
||||
for v in `echo $ENABLED_SP | tr "," " "`
|
||||
do
|
||||
case $v in
|
||||
small)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
|
||||
ENABLED_SP_RSA=yes
|
||||
ENABLED_SP_DH=yes
|
||||
ENABLED_SP_ECC=yes
|
||||
;;
|
||||
yes)
|
||||
ENABLED_SP_RSA=yes
|
||||
ENABLED_SP_DH=yes
|
||||
ENABLED_SP_ECC=yes
|
||||
;;
|
||||
no)
|
||||
;;
|
||||
|
||||
smallec256 | smallp256 | small256)
|
||||
ENABLED_SP_ECC=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
|
||||
;;
|
||||
ec256 | p256 | 256)
|
||||
ENABLED_SP_ECC=yes
|
||||
;;
|
||||
|
||||
small2048)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
|
||||
ENABLED_SP_RSA=yes
|
||||
ENABLED_SP_DH=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_3072"
|
||||
;;
|
||||
2048)
|
||||
ENABLED_SP_RSA=yes
|
||||
ENABLED_SP_DH=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_3072"
|
||||
;;
|
||||
|
||||
smallrsa2048)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
|
||||
ENABLED_SP_RSA=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_3072"
|
||||
;;
|
||||
rsa2048)
|
||||
ENABLED_SP_RSA=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_3072"
|
||||
;;
|
||||
|
||||
small3072)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
|
||||
ENABLED_SP_RSA=yes
|
||||
ENABLED_SP_DH=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_2048"
|
||||
;;
|
||||
3072)
|
||||
ENABLED_SP_RSA=yes
|
||||
ENABLED_SP_DH=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_2048"
|
||||
;;
|
||||
|
||||
smallrsa3072)
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
|
||||
ENABLED_SP_RSA=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_2048"
|
||||
;;
|
||||
rsa3072)
|
||||
ENABLED_SP_RSA=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_NO_2048"
|
||||
;;
|
||||
|
||||
*)
|
||||
AC_MSG_ERROR([Invalid choice of Single Precision length in bits [256, 2048, 3072]: $ENABLED_SP.])
|
||||
break;;
|
||||
esac
|
||||
done
|
||||
|
||||
ENABLED_SP=no
|
||||
if test "$ENABLED_RSA" = "yes" && test "$ENABLED_SP_RSA" = "yes"; then
|
||||
ENABLED_SP=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_SP_RSA"
|
||||
fi
|
||||
if test "$ENABLED_DH" = "yes" && test "$ENABLED_SP_DH" = "yes"; then
|
||||
ENABLED_SP=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_SP_DH"
|
||||
fi
|
||||
if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SP_ECC" = "yes"; then
|
||||
ENABLED_SP=yes
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_SP_ECC"
|
||||
fi
|
||||
AM_CONDITIONAL([BUILD_SP], [test "x$ENABLED_SP" = "xyes"])
|
||||
|
||||
# Fast RSA using Intel IPP
|
||||
ippdir="${srcdir}/IPP"
|
||||
|
|
@ -3891,6 +3994,7 @@ echo " * CPP Flags: $CPPFLAGS"
|
|||
echo " * CCAS Flags: $CCASFLAGS"
|
||||
echo " * LIB Flags: $LIB"
|
||||
echo " * Debug enabled: $ax_enable_debug"
|
||||
echo " * Coverage enabled: $ax_enable_coverage"
|
||||
echo " * Warnings as failure: $ac_cv_warnings_as_errors"
|
||||
echo " * make -j: $enable_jobserver"
|
||||
echo " * VCS checkout: $ac_cv_vcs_checkout"
|
||||
|
|
@ -4004,6 +4108,7 @@ echo " * LIBZ: $ENABLED_LIBZ"
|
|||
echo " * Examples: $ENABLED_EXAMPLES"
|
||||
echo " * User Crypto: $ENABLED_USER_CRYPTO"
|
||||
echo " * Fast RSA: $ENABLED_FAST_RSA"
|
||||
echo " * Single Precision: $ENABLED_SP"
|
||||
echo " * Async Crypto: $ENABLED_ASYNCCRYPT"
|
||||
echo " * Cavium: $ENABLED_CAVIUM"
|
||||
echo " * ARM ASM: $ENABLED_ARMASM"
|
||||
|
|
|
|||
|
|
@ -91,6 +91,9 @@ src_libwolfssl_la_SOURCES += wolfcrypt/src/rsa.c
|
|||
endif
|
||||
endif
|
||||
endif
|
||||
if BUILD_SP
|
||||
src_libwolfssl_la_SOURCES += wolfcrypt/src/sp.c
|
||||
endif
|
||||
|
||||
if BUILD_AES
|
||||
src_libwolfssl_la_SOURCES += wolfcrypt/src/aes.c
|
||||
|
|
|
|||
|
|
@ -2674,6 +2674,7 @@ void bench_rsa(int doAsync)
|
|||
}
|
||||
}
|
||||
|
||||
#ifndef BENCHMARK_RSA_SIGN_VERIFY
|
||||
/* begin public RSA */
|
||||
bench_stats_start(&count, &start);
|
||||
do {
|
||||
|
|
@ -2724,6 +2725,58 @@ exit_rsa_pub:
|
|||
} while (bench_stats_sym_check(start));
|
||||
exit:
|
||||
bench_stats_asym_finish("RSA", rsaKeySz, "private", doAsync, count, start, ret);
|
||||
#else
|
||||
/* begin public RSA */
|
||||
bench_stats_start(&count, &start);
|
||||
do {
|
||||
for (times = 0; times < ntimes || pending > 0; ) {
|
||||
bench_async_poll(&pending);
|
||||
|
||||
/* while free pending slots in queue, submit ops */
|
||||
for (i = 0; i < BENCH_MAX_PENDING; i++) {
|
||||
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&rsaKey[i]), 1, ×, ntimes, &pending)) {
|
||||
ret = wc_RsaSSL_Sign(message, len, enc[i],
|
||||
RSA_BUF_SIZE, &rsaKey[i], &rng);
|
||||
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&rsaKey[i]), 1, ×, &pending)) {
|
||||
goto exit_rsa_pub;
|
||||
}
|
||||
}
|
||||
} /* for i */
|
||||
} /* for times */
|
||||
count += times;
|
||||
} while (bench_stats_sym_check(start));
|
||||
exit_rsa_pub:
|
||||
bench_stats_asym_finish("RSA", rsaKeySz, "private", doAsync, count, start, ret);
|
||||
|
||||
if (ret < 0) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
/* capture resulting encrypt length */
|
||||
idx = rsaKeySz/8;
|
||||
|
||||
/* begin private async RSA */
|
||||
bench_stats_start(&count, &start);
|
||||
do {
|
||||
for (times = 0; times < ntimes || pending > 0; ) {
|
||||
bench_async_poll(&pending);
|
||||
|
||||
/* while free pending slots in queue, submit ops */
|
||||
for (i = 0; i < BENCH_MAX_PENDING; i++) {
|
||||
if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&rsaKey[i]), 1, ×, ntimes, &pending)) {
|
||||
ret = wc_RsaSSL_Verify(enc[i], idx, out[i],
|
||||
RSA_BUF_SIZE, &rsaKey[i]);
|
||||
if (!bench_async_handle(&ret, BENCH_ASYNC_GET_DEV(&rsaKey[i]), 1, ×, &pending)) {
|
||||
goto exit;
|
||||
}
|
||||
}
|
||||
} /* for i */
|
||||
} /* for times */
|
||||
count += times;
|
||||
} while (bench_stats_sym_check(start));
|
||||
exit:
|
||||
bench_stats_asym_finish("RSA", rsaKeySz, "public", doAsync, count, start, ret);
|
||||
#endif
|
||||
|
||||
/* cleanup */
|
||||
for (i = 0; i < BENCH_MAX_PENDING; i++) {
|
||||
|
|
|
|||
|
|
@ -86,6 +86,7 @@
|
|||
if (cpuid_flag(1, 0, ECX, 30)) { cpuid_flags |= CPUID_RDRAND; }
|
||||
if (cpuid_flag(7, 0, EBX, 18)) { cpuid_flags |= CPUID_RDSEED; }
|
||||
if (cpuid_flag(1, 0, ECX, 26)) { cpuid_flags |= CPUID_AESNI ; }
|
||||
if (cpuid_flag(7, 0, EBX, 19)) { cpuid_flags |= CPUID_ADX ; }
|
||||
cpuid_check = 1;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,6 +32,10 @@
|
|||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_DH
|
||||
#include <wolfssl/wolfcrypt/sp.h>
|
||||
#endif
|
||||
|
||||
#ifdef NO_INLINE
|
||||
#include <wolfssl/wolfcrypt/misc.h>
|
||||
#else
|
||||
|
|
@ -611,6 +615,17 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
|
|||
mp_int x;
|
||||
mp_int y;
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_DH
|
||||
#ifndef WOLFSSL_SP_NO_2048
|
||||
if (mp_count_bits(&key->p) == 2048)
|
||||
return sp_DhExp_2048(&key->g, priv, privSz, &key->p, pub, pubSz);
|
||||
#endif
|
||||
#ifndef WOLFSSL_SP_NO_3072
|
||||
if (mp_count_bits(&key->p) == 3072)
|
||||
return sp_DhExp_3072(&key->g, priv, privSz, &key->p, pub, pubSz);
|
||||
#endif
|
||||
#endif
|
||||
|
||||
if (mp_init_multi(&x, &y, 0, 0, 0, 0) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
|
||||
|
|
@ -794,6 +809,39 @@ static int wc_DhAgree_Sync(DhKey* key, byte* agree, word32* agreeSz,
|
|||
return DH_CHECK_PUB_E;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_DH
|
||||
#ifndef WOLFSSL_SP_NO_2048
|
||||
if (mp_count_bits(&key->p) == 2048) {
|
||||
if (mp_init(&y) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
|
||||
if (ret == 0 && mp_read_unsigned_bin(&y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_2048(&y, priv, privSz, &key->p, agree, agreeSz);
|
||||
|
||||
mp_clear(&y);
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
#ifndef WOLFSSL_SP_NO_3072
|
||||
if (mp_count_bits(&key->p) == 3072) {
|
||||
if (mp_init(&y) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
|
||||
if (ret == 0 && mp_read_unsigned_bin(&y, otherPub, pubSz) != MP_OKAY)
|
||||
ret = MP_READ_E;
|
||||
|
||||
if (ret == 0)
|
||||
ret = sp_DhExp_3072(&y, priv, privSz, &key->p, agree, agreeSz);
|
||||
|
||||
mp_clear(&y);
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
if (mp_init_multi(&x, &y, &z, 0, 0, 0) != MP_OKAY)
|
||||
return MP_INIT_E;
|
||||
|
||||
|
|
|
|||
|
|
@ -99,6 +99,10 @@ ECC Curve Sizes:
|
|||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#include <wolfssl/wolfcrypt/sp.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC_ENCRYPT
|
||||
#include <wolfssl/wolfcrypt/hmac.h>
|
||||
#include <wolfssl/wolfcrypt/aes.h>
|
||||
|
|
@ -2722,7 +2726,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
|
|||
#ifndef WOLFSSL_ATECC508A
|
||||
|
||||
static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
|
||||
byte* out, word32 *outlen, ecc_curve_spec* curve)
|
||||
byte* out, word32* outlen, ecc_curve_spec* curve)
|
||||
{
|
||||
int err;
|
||||
ecc_point* result = NULL;
|
||||
|
|
@ -2749,33 +2753,44 @@ static int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
|
|||
}
|
||||
#endif
|
||||
|
||||
/* make new point */
|
||||
result = wc_ecc_new_point_h(private_key->heap);
|
||||
if (result == NULL) {
|
||||
#ifdef HAVE_ECC_CDH
|
||||
if (k == &k_lcl)
|
||||
mp_clear(k);
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
if (private_key->idx != ECC_CUSTOM_IDX &&
|
||||
ecc_sets[private_key->idx].id == ECC_SECP256R1) {
|
||||
err = sp_ecc_secret_gen_256(k, point, out, outlen, private_key->heap);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
err = wc_ecc_mulmod_ex(k, point, result,
|
||||
curve->Af, curve->prime, 1, private_key->heap);
|
||||
if (err == MP_OKAY) {
|
||||
x = mp_unsigned_bin_size(curve->prime);
|
||||
if (*outlen < x) {
|
||||
err = BUFFER_E;
|
||||
#endif
|
||||
{
|
||||
/* make new point */
|
||||
result = wc_ecc_new_point_h(private_key->heap);
|
||||
if (result == NULL) {
|
||||
#ifdef HAVE_ECC_CDH
|
||||
if (k == &k_lcl)
|
||||
mp_clear(k);
|
||||
#endif
|
||||
return MEMORY_E;
|
||||
}
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
XMEMSET(out, 0, x);
|
||||
err = mp_to_unsigned_bin(result->x,out +
|
||||
(x - mp_unsigned_bin_size(result->x)));
|
||||
}
|
||||
*outlen = x;
|
||||
err = wc_ecc_mulmod_ex(k, point, result, curve->Af, curve->prime, 1,
|
||||
private_key->heap);
|
||||
if (err == MP_OKAY) {
|
||||
x = mp_unsigned_bin_size(curve->prime);
|
||||
if (*outlen < x) {
|
||||
err = BUFFER_E;
|
||||
}
|
||||
}
|
||||
|
||||
wc_ecc_del_point_h(result, private_key->heap);
|
||||
if (err == MP_OKAY) {
|
||||
XMEMSET(out, 0, x);
|
||||
err = mp_to_unsigned_bin(result->x,out +
|
||||
(x - mp_unsigned_bin_size(result->x)));
|
||||
}
|
||||
*outlen = x;
|
||||
|
||||
wc_ecc_del_point_h(result, private_key->heap);
|
||||
}
|
||||
#ifdef HAVE_ECC_CDH
|
||||
if (k == &k_lcl)
|
||||
mp_clear(k);
|
||||
|
|
@ -3054,26 +3069,39 @@ static int wc_ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curveIn,
|
|||
#endif
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
|
||||
if (err == MP_OKAY)
|
||||
err = sp_ecc_mulmod_base_256(&key->k, pub, 1, key->heap);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#endif
|
||||
{
|
||||
if (err == MP_OKAY) {
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
err = MEMORY_E;
|
||||
}
|
||||
/* read in the x/y for this key */
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gx, base->x);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gy, base->y);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_set(base->z, 1);
|
||||
|
||||
/* make the public key */
|
||||
if (err == MP_OKAY) {
|
||||
err = wc_ecc_mulmod_ex(&key->k, base, pub, curve->Af, curve->prime,
|
||||
1, key->heap);
|
||||
}
|
||||
|
||||
wc_ecc_del_point_h(base, key->heap);
|
||||
}
|
||||
|
||||
/* read in the x/y for this key */
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gx, base->x);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gy, base->y);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_set(base->z, 1);
|
||||
|
||||
/* make the public key */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod_ex(&key->k, base, pub,
|
||||
curve->Af, curve->prime, 1, key->heap);
|
||||
|
||||
wc_ecc_del_point_h(base, key->heap);
|
||||
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
|
||||
/* validate the public key, order * pubkey = point at infinity */
|
||||
if (err == MP_OKAY)
|
||||
|
|
@ -3162,40 +3190,50 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id)
|
|||
#endif /* WOLFSSL_ASYNC_CRYPT */
|
||||
|
||||
#ifdef WOLFSSL_ATECC508A
|
||||
key->type = ECC_PRIVATEKEY;
|
||||
err = atcatls_create_key(key->slot, key->pubkey);
|
||||
if (err != ATCA_SUCCESS) {
|
||||
err = BAD_COND_E;
|
||||
}
|
||||
|
||||
key->type = ECC_PRIVATEKEY;
|
||||
err = atcatls_create_key(key->slot, key->pubkey);
|
||||
if (err != ATCA_SUCCESS)
|
||||
err = BAD_COND_E;
|
||||
#else
|
||||
|
||||
/* setup the key variables */
|
||||
err = mp_init(&key->k);
|
||||
|
||||
/* load curve info */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_curve_load(key->dp, &curve, ECC_CURVE_FIELD_ALL);
|
||||
|
||||
/* generate k */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_gen_k(rng, key->dp->size, &key->k, curve->order);
|
||||
|
||||
/* generate public key from k */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_make_pub_ex(key, curve, NULL);
|
||||
|
||||
if (err == MP_OKAY)
|
||||
key->type = ECC_PRIVATEKEY;
|
||||
|
||||
/* cleanup these on failure case only */
|
||||
if (err != MP_OKAY) {
|
||||
/* clean up */
|
||||
mp_forcezero(&key->k);
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
|
||||
err = sp_ecc_make_key_256(rng, &key->k, &key->pubkey, key->heap);
|
||||
if (err == MP_OKAY)
|
||||
key->type = ECC_PRIVATEKEY;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#endif
|
||||
{
|
||||
/* setup the key variables */
|
||||
err = mp_init(&key->k);
|
||||
|
||||
/* cleanup allocations */
|
||||
wc_ecc_curve_free(curve);
|
||||
/* load curve info */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_curve_load(key->dp, &curve, ECC_CURVE_FIELD_ALL);
|
||||
|
||||
/* generate k */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_gen_k(rng, key->dp->size, &key->k, curve->order);
|
||||
|
||||
/* generate public key from k */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_make_pub_ex(key, curve, NULL);
|
||||
|
||||
if (err == MP_OKAY)
|
||||
key->type = ECC_PRIVATEKEY;
|
||||
|
||||
/* cleanup these on failure case only */
|
||||
if (err != MP_OKAY) {
|
||||
/* clean up */
|
||||
mp_forcezero(&key->k);
|
||||
}
|
||||
|
||||
/* cleanup allocations */
|
||||
wc_ecc_curve_free(curve);
|
||||
}
|
||||
|
||||
#endif /* WOLFSSL_ATECC508A */
|
||||
|
||||
|
|
@ -3553,6 +3591,19 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
|
|||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
|
||||
defined(WOLFSSL_ASYNC_CRYPT_TEST)
|
||||
if (key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC)
|
||||
#endif
|
||||
{
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1)
|
||||
return sp_ecc_sign_256(in, inlen, rng, &key->k, r, s, key->heap);
|
||||
#endif
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
|
||||
defined(WOLFSSL_ASYNC_CRYPT_TEST)
|
||||
if (key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
|
||||
|
|
@ -4142,6 +4193,20 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||
}
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_ECC) && \
|
||||
defined(WOLFSSL_ASYNC_CRYPT_TEST)
|
||||
if (key->asyncDev.marker != WOLFSSL_ASYNC_MARKER_ECC)
|
||||
#endif
|
||||
{
|
||||
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1)
|
||||
return sp_ecc_verify_256(hash, hashlen, key->pubkey.x, key->pubkey.y,
|
||||
key->pubkey.z,r, s, res, key->heap);
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
err = mp_init(&e);
|
||||
if (err != MP_OKAY)
|
||||
return MEMORY_E;
|
||||
|
|
@ -4253,32 +4318,37 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||
#else /* FREESCALE_LTC_ECC */
|
||||
#ifndef ECC_SHAMIR
|
||||
{
|
||||
mp_digit mp;
|
||||
mp_digit mp;
|
||||
|
||||
/* compute u1*mG + u2*mQ = mG */
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod_ex(&u1, mG, mG, curve->Af, curve->prime, 0, key->heap);
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod_ex(&u2, mQ, mQ, curve->Af, curve->prime, 0, key->heap);
|
||||
/* compute u1*mG + u2*mQ = mG */
|
||||
if (err == MP_OKAY) {
|
||||
err = wc_ecc_mulmod_ex(&u1, mG, mG, curve->Af, curve->prime, 0,
|
||||
key->heap);
|
||||
}
|
||||
if (err == MP_OKAY) {
|
||||
err = wc_ecc_mulmod_ex(&u2, mQ, mQ, curve->Af, curve->prime, 0,
|
||||
key->heap);
|
||||
}
|
||||
|
||||
/* find the montgomery mp */
|
||||
if (err == MP_OKAY)
|
||||
err = mp_montgomery_setup(curve->prime, &mp);
|
||||
/* find the montgomery mp */
|
||||
if (err == MP_OKAY)
|
||||
err = mp_montgomery_setup(curve->prime, &mp);
|
||||
|
||||
/* add them */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_projective_add_point(mQ, mG, mG, curve->Af,
|
||||
curve->prime, mp);
|
||||
/* add them */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_projective_add_point(mQ, mG, mG, curve->Af,
|
||||
curve->prime, mp);
|
||||
|
||||
/* reduce */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_map(mG, curve->prime, mp);
|
||||
/* reduce */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_map(mG, curve->prime, mp);
|
||||
}
|
||||
#else
|
||||
/* use Shamir's trick to compute u1*mG + u2*mQ using half the doubles */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_mul2add(mG, &u1, mQ, &u2, mG, curve->Af, curve->prime,
|
||||
if (err == MP_OKAY) {
|
||||
err = ecc_mul2add(mG, &u1, mQ, &u2, mG, curve->Af, curve->prime,
|
||||
key->heap);
|
||||
}
|
||||
#endif /* ECC_SHAMIR */
|
||||
#endif /* FREESCALE_LTC_ECC */
|
||||
/* v = X_x1 mod n */
|
||||
|
|
@ -4711,37 +4781,49 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
|
|||
if (key == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
return MEMORY_E;
|
||||
res = wc_ecc_new_point_h(key->heap);
|
||||
if (res == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
/* load curve info */
|
||||
err = wc_ecc_curve_load(key->dp, &curve,
|
||||
(ECC_CURVE_FIELD_GX | ECC_CURVE_FIELD_GY));
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) {
|
||||
if (err == MP_OKAY)
|
||||
err = sp_ecc_mulmod_base_256(&key->k, res, 1, key->heap);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#endif
|
||||
{
|
||||
base = wc_ecc_new_point_h(key->heap);
|
||||
if (base == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
/* set up base generator */
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gx, base->x);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gy, base->y);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_set(base->z, 1);
|
||||
if (err == MP_OKAY) {
|
||||
/* load curve info */
|
||||
err = wc_ecc_curve_load(key->dp, &curve,
|
||||
(ECC_CURVE_FIELD_GX | ECC_CURVE_FIELD_GY));
|
||||
}
|
||||
|
||||
/* set up base generator */
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gx, base->x);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_copy(curve->Gy, base->y);
|
||||
if (err == MP_OKAY)
|
||||
err = mp_set(base->z, 1);
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = wc_ecc_mulmod_ex(&key->k, base, res, a, prime, 1, key->heap);
|
||||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
res = wc_ecc_new_point_h(key->heap);
|
||||
if (res == NULL)
|
||||
err = MEMORY_E;
|
||||
else {
|
||||
err = wc_ecc_mulmod_ex(&key->k, base, res, a, prime, 1, key->heap);
|
||||
if (err == MP_OKAY) {
|
||||
/* compare result to public key */
|
||||
if (mp_cmp(res->x, key->pubkey.x) != MP_EQ ||
|
||||
mp_cmp(res->y, key->pubkey.y) != MP_EQ ||
|
||||
mp_cmp(res->z, key->pubkey.z) != MP_EQ) {
|
||||
/* didn't match */
|
||||
err = ECC_PRIV_KEY_E;
|
||||
}
|
||||
}
|
||||
/* compare result to public key */
|
||||
if (mp_cmp(res->x, key->pubkey.x) != MP_EQ ||
|
||||
mp_cmp(res->y, key->pubkey.y) != MP_EQ ||
|
||||
mp_cmp(res->z, key->pubkey.z) != MP_EQ) {
|
||||
/* didn't match */
|
||||
err = ECC_PRIV_KEY_E;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -4802,7 +4884,16 @@ static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
|
|||
if (inf == NULL)
|
||||
err = MEMORY_E;
|
||||
else {
|
||||
err = wc_ecc_mulmod_ex(order, pubkey, inf, a, prime, 1, key->heap);
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
#ifndef WOLFSSL_SP_NO_256
|
||||
if (key->idx != ECC_CUSTOM_IDX &&
|
||||
ecc_sets[key->idx].id == ECC_SECP256R1) {
|
||||
err = sp_ecc_mulmod_256(order, pubkey, inf, 1, key->heap);
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#endif
|
||||
err = wc_ecc_mulmod_ex(order, pubkey, inf, a, prime, 1, key->heap);
|
||||
if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf))
|
||||
err = ECC_INF_E;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -31,6 +31,10 @@
|
|||
|
||||
#include <wolfssl/wolfcrypt/rsa.h>
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_RSA
|
||||
#include <wolfssl/wolfcrypt/sp.h>
|
||||
#endif
|
||||
|
||||
/*
|
||||
Possible RSA enable options:
|
||||
* NO_RSA: Overall control of RSA default: on (not defined)
|
||||
|
|
@ -1136,6 +1140,45 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
|
|||
int ret = 0;
|
||||
word32 keyLen, len;
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_RSA
|
||||
#ifndef WOLFSSL_SP_NO_2048
|
||||
if (mp_count_bits(&key->n) == 2048) {
|
||||
switch(type) {
|
||||
case RSA_PRIVATE_DECRYPT:
|
||||
case RSA_PRIVATE_ENCRYPT:
|
||||
#ifdef WC_RSA_BLINDING
|
||||
if (rng == NULL)
|
||||
return MISSING_RNG_E;
|
||||
#endif
|
||||
return sp_RsaPrivate_2048(in, inLen, &key->d, &key->p, &key->q,
|
||||
&key->dP, &key->dQ, &key->u, &key->n,
|
||||
out, outLen);
|
||||
case RSA_PUBLIC_ENCRYPT:
|
||||
case RSA_PUBLIC_DECRYPT:
|
||||
return sp_RsaPublic_2048(in, inLen, &key->e, &key->n, out, outLen);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#ifndef WOLFSSL_SP_NO_3072
|
||||
if (mp_count_bits(&key->n) == 3072) {
|
||||
switch(type) {
|
||||
case RSA_PRIVATE_DECRYPT:
|
||||
case RSA_PRIVATE_ENCRYPT:
|
||||
#ifdef WC_RSA_BLINDING
|
||||
if (rng == NULL)
|
||||
return MISSING_RNG_E;
|
||||
#endif
|
||||
return sp_RsaPrivate_3072(in, inLen, &key->d, &key->p, &key->q,
|
||||
&key->dP, &key->dQ, &key->u, &key->n,
|
||||
out, outLen);
|
||||
case RSA_PUBLIC_ENCRYPT:
|
||||
case RSA_PUBLIC_DECRYPT:
|
||||
return sp_RsaPublic_3072(in, inLen, &key->e, &key->n, out, outLen);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
|
||||
(void)rng;
|
||||
|
||||
if (mp_init(&tmp) != MP_OKAY)
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -1928,11 +1928,29 @@ void fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c)
|
|||
|
||||
int fp_to_unsigned_bin_at_pos(int x, fp_int *t, unsigned char *b)
|
||||
{
|
||||
#if DIGIT_BIT == 64 || DIGIT_BIT == 32
|
||||
int i, j;
|
||||
fp_digit n;
|
||||
|
||||
for (j=0,i=0; i<t->used-1; ) {
|
||||
b[x++] = t->dp[i] >> j;
|
||||
j += 8;
|
||||
i += j == DIGIT_BIT;
|
||||
j &= DIGIT_BIT - 1;
|
||||
}
|
||||
n = t->dp[i];
|
||||
while (n != 0) {
|
||||
b[x++] = n;
|
||||
n >>= 8;
|
||||
}
|
||||
return x;
|
||||
#else
|
||||
while (fp_iszero (t) == FP_NO) {
|
||||
b[x++] = (unsigned char) (t->dp[0] & 255);
|
||||
fp_div_2d (t, 8, t, NULL);
|
||||
}
|
||||
return x;
|
||||
#endif
|
||||
}
|
||||
|
||||
void fp_to_unsigned_bin(fp_int *a, unsigned char *b)
|
||||
|
|
@ -3067,6 +3085,51 @@ static const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ\
|
|||
#endif
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
#if DIGIT_BIT == 64 || DIGIT_BIT == 32
|
||||
static int fp_read_radix_16(fp_int *a, const char *str)
|
||||
{
|
||||
int i, j, k, neg;
|
||||
char ch;
|
||||
|
||||
/* if the leading digit is a
|
||||
* minus set the sign to negative.
|
||||
*/
|
||||
if (*str == '-') {
|
||||
++str;
|
||||
neg = FP_NEG;
|
||||
} else {
|
||||
neg = FP_ZPOS;
|
||||
}
|
||||
|
||||
j = 0;
|
||||
k = 0;
|
||||
for (i = (int)(XSTRLEN(str) - 1); i >= 0; i--) {
|
||||
ch = str[i];
|
||||
if (ch >= '0' && ch <= '9')
|
||||
ch -= '0';
|
||||
else if (ch >= 'A' && ch <= 'F')
|
||||
ch -= 'A' - 10;
|
||||
else if (ch >= 'a' && ch <= 'f')
|
||||
ch -= 'a' - 10;
|
||||
else
|
||||
return FP_VAL;
|
||||
|
||||
a->dp[k] |= ((fp_digit)ch) << j;
|
||||
j += 4;
|
||||
k += j == DIGIT_BIT;
|
||||
j &= DIGIT_BIT - 1;
|
||||
}
|
||||
|
||||
a->used = k + 1;
|
||||
fp_clamp(a);
|
||||
/* set the sign only if a != 0 */
|
||||
if (fp_iszero(a) != FP_YES) {
|
||||
a->sign = neg;
|
||||
}
|
||||
return FP_OKAY;
|
||||
}
|
||||
#endif
|
||||
|
||||
static int fp_read_radix(fp_int *a, const char *str, int radix)
|
||||
{
|
||||
int y, neg;
|
||||
|
|
@ -3075,6 +3138,11 @@ static int fp_read_radix(fp_int *a, const char *str, int radix)
|
|||
/* set the integer to the default of zero */
|
||||
fp_zero (a);
|
||||
|
||||
#if DIGIT_BIT == 64 || DIGIT_BIT == 32
|
||||
if (radix == 16)
|
||||
return fp_read_radix_16(a, str);
|
||||
#endif
|
||||
|
||||
/* make sure the radix is ok */
|
||||
if (radix < 2 || radix > 64) {
|
||||
return FP_VAL;
|
||||
|
|
|
|||
|
|
@ -40,6 +40,7 @@
|
|||
#define CPUID_RDSEED 0x0008
|
||||
#define CPUID_BMI2 0x0010 /* MULX, RORX */
|
||||
#define CPUID_AESNI 0x0020
|
||||
#define CPUID_ADX 0x0040 /* ADCX, ADOX */
|
||||
|
||||
#define IS_INTEL_AVX1(f) ((f) & CPUID_AVX1)
|
||||
#define IS_INTEL_AVX2(f) ((f) & CPUID_AVX2)
|
||||
|
|
@ -47,6 +48,7 @@
|
|||
#define IS_INTEL_RDSEED(f) ((f) & CPUID_RDSEED)
|
||||
#define IS_INTEL_BMI2(f) ((f) & CPUID_BMI2)
|
||||
#define IS_INTEL_AESNI(f) ((f) & CPUID_AESNI)
|
||||
#define IS_INTEL_ADX(f) ((f) & CPUID_ADX)
|
||||
|
||||
void cpuid_set_flags(void);
|
||||
word32 cpuid_get_flags(void);
|
||||
|
|
|
|||
|
|
@ -85,3 +85,7 @@ nobase_include_HEADERS+= wolfssl/wolfcrypt/port/intel/quickassist.h
|
|||
nobase_include_HEADERS+= wolfssl/wolfcrypt/port/intel/quickassist_mem.h
|
||||
endif
|
||||
|
||||
if BUILD_SP
|
||||
nobase_include_HEADERS+= wolfssl/wolfcrypt/sp.h
|
||||
endif
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,124 @@
|
|||
/* sp.h
|
||||
*
|
||||
* Copyright (C) 2006-2017 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of wolfSSL.
|
||||
*
|
||||
* wolfSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* wolfSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
||||
*/
|
||||
|
||||
|
||||
#ifndef WOLF_CRYPT_SP_H
|
||||
#define WOLF_CRYPT_SP_H
|
||||
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
|
||||
#if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
|
||||
defined(WOLFSSL_HAVE_SP_ECC)
|
||||
|
||||
#include <stdint.h>
|
||||
|
||||
#include <wolfssl/wolfcrypt/integer.h>
|
||||
#include <wolfssl/wolfcrypt/ecc.h>
|
||||
|
||||
#if defined(NO_64BIT) || !defined(HAVE___UINT128_T)
|
||||
#define SP_WORD_SIZE 32
|
||||
#else
|
||||
#define SP_WORD_SIZE 64
|
||||
#endif
|
||||
|
||||
#if !defined(WOLFSSL_X86_64_BUILD) || !defined(USE_INTEL_SPEEDUP)
|
||||
#if SP_WORD_SIZE == 32
|
||||
typedef int32_t sp_digit;
|
||||
#elif SP_WORD_SIZE == 64
|
||||
typedef int64_t sp_digit;
|
||||
typedef long int128_t __attribute__ ((mode(TI)));
|
||||
#else
|
||||
#error Word size not defined
|
||||
#endif
|
||||
#else
|
||||
#if SP_WORD_SIZE == 32
|
||||
typedef uint32_t sp_digit;
|
||||
#elif SP_WORD_SIZE == 64
|
||||
typedef uint64_t sp_digit;
|
||||
typedef unsigned long uint128_t __attribute__ ((mode(TI)));
|
||||
typedef long int128_t __attribute__ ((mode(TI)));
|
||||
#else
|
||||
#error Word size not defined
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(_MSC_VER)
|
||||
#define SP_NOINLINE __declspec(noinline)
|
||||
#elif defined(__GNUC__)
|
||||
#define SP_NOINLINE __attribute__((noinline))
|
||||
#else
|
||||
#define 5P_NOINLINE
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_RSA
|
||||
|
||||
WOLFSSL_LOCAL int sp_RsaPublic_2048(const byte* in, word32 inLen,
|
||||
mp_int* em, mp_int* mm, byte* out, word32* outLen);
|
||||
WOLFSSL_LOCAL int sp_RsaPrivate_2048(const byte* in, word32 inLen,
|
||||
mp_int* dm, mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim,
|
||||
mp_int* mm, byte* out, word32* outLen);
|
||||
|
||||
WOLFSSL_LOCAL int sp_RsaPublic_3072(const byte* in, word32 inLen,
|
||||
mp_int* em, mp_int* mm, byte* out, word32* outLen);
|
||||
WOLFSSL_LOCAL int sp_RsaPrivate_3072(const byte* in, word32 inLen,
|
||||
mp_int* dm, mp_int* pm, mp_int* qm, mp_int* dpm, mp_int* dqm, mp_int* qim,
|
||||
mp_int* mm, byte* out, word32* outLen);
|
||||
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA */
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_DH
|
||||
|
||||
WOLFSSL_LOCAL int sp_DhExp_2048(mp_int* base, const byte* exp, word32 expLen,
|
||||
mp_int* mod, byte* out, word32* outLen);
|
||||
WOLFSSL_LOCAL int sp_DhExp_3072(mp_int* base, const byte* exp, word32 expLen,
|
||||
mp_int* mod, byte* out, word32* outLen);
|
||||
|
||||
#endif /* WOLFSSL_HAVE_SP_DH */
|
||||
|
||||
#ifdef WOLFSSL_HAVE_SP_ECC
|
||||
|
||||
int sp_ecc_mulmod_256(mp_int* km, ecc_point* gm, ecc_point* rm, int map,
|
||||
void* heap);
|
||||
int sp_ecc_mulmod_base_256(mp_int* km, ecc_point* rm, int map, void* heap);
|
||||
|
||||
int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap);
|
||||
int sp_ecc_secret_gen_256(mp_int* priv, ecc_point* pub, byte* out,
|
||||
word32* outlen, void* heap);
|
||||
int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng, mp_int* priv,
|
||||
mp_int* rm, mp_int* sm, void* heap);
|
||||
int sp_ecc_verify_256(const byte* hash, word32 hashLen, mp_int* pX, mp_int* pY,
|
||||
mp_int* pZ, mp_int* r, mp_int* sm, int* res, void* heap);
|
||||
|
||||
#endif /*ifdef WOLFSSL_HAVE_SP_ECC */
|
||||
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif /* WOLFSSL_HAVE_SP_RSA || WOLFSSL_HAVE_SP_DH || WOLFSSL_HAVE_SP_ECC */
|
||||
|
||||
#endif /* WOLF_CRYPT_SP_H */
|
||||
|
||||
|
|
@ -414,6 +414,8 @@ void fp_init_copy(fp_int *a, fp_int *b);
|
|||
|
||||
/* clamp digits */
|
||||
#define fp_clamp(a) { while ((a)->used && (a)->dp[(a)->used-1] == 0) --((a)->used); (a)->sign = (a)->used ? (a)->sign : FP_ZPOS; }
|
||||
#define mp_clamp(a) fp_clamp(a)
|
||||
#define mp_grow(a,s) MP_OKAY
|
||||
|
||||
/* negate and absolute */
|
||||
#define fp_neg(a, b) { fp_copy(a, b); (b)->sign ^= 1; fp_clamp(b); }
|
||||
|
|
|
|||
Loading…
Reference in New Issue