WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #7612 from dgarske/rsa_pad 

Improvements to RSA padding to expose Pad/Unpad API's
pull/6827/head
JacobBarthelmeh 2024-06-21 13:19:28 -06:00 committed by GitHub
parent aea32e37a9 305a754de3
commit e72db4a306
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 36 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
examples/async/include.am
View File

@ -2,20 +2,25 @@
# All paths should be given relative to the root
if BUILD_ASYNCCRYPT
noinst_HEADERS += examples/async/async_tls.h
if BUILD_EXAMPLE_CLIENTS
noinst_PROGRAMS += examples/async/async_client
examples_async_async_client_SOURCES = examples/async/async_client.c examples/async/async_tls.c
examples_async_async_client_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
examples_async_async_client_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
examples_async_async_client_CFLAGS = $(AM_CFLAGS)
endif
if BUILD_EXAMPLE_SERVERS
noinst_PROGRAMS += examples/async/async_server
examples_async_async_server_SOURCES = examples/async/async_server.c examples/async/async_tls.c
examples_async_async_server_LDADD = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
examples_async_async_server_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
examples_async_async_server_CFLAGS = $(AM_CFLAGS)
endif
endif
dist_example_DATA+= examples/async/async_server.c
dist_example_DATA+= examples/async/async_client.c

38
wolfcrypt/src/rsa.c
View File

@ -129,19 +129,23 @@ enum {
static void wc_RsaCleanup(RsaKey* key)
{
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_NO_MALLOC)
if (key && key->data) {
#if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
(!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
if (key != NULL) {
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
/* if private operation zero temp buffer */
if ((key->data != NULL && key->dataLen > 0) &&
(key->type == RSA_PRIVATE_DECRYPT ||
key->type == RSA_PRIVATE_ENCRYPT)) {
ForceZero(key->data, key->dataLen);
}
#endif
/* make sure any allocated memory is free'd */
if (key->dataIsAlloc) {
#ifndef WOLFSSL_RSA_PUBLIC_ONLY
if (key->type == RSA_PRIVATE_DECRYPT ||
key->type == RSA_PRIVATE_ENCRYPT) {
ForceZero(key->data, key->dataLen);
}
#endif
XFREE(key->data, key->heap, DYNAMIC_TYPE_WOLF_BIGINT);
key->dataIsAlloc = 0;
}
key->data = NULL;
key->dataLen = 0;
}
@ -163,10 +167,11 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
key->type = RSA_TYPE_UNKNOWN;
key->state = RSA_STATE_NONE;
key->heap = heap;
#if !defined(WOLFSSL_RSA_VERIFY_INLINE) && !defined(WOLFSSL_NO_MALLOC)
#if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
(!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
key->dataIsAlloc = 0;
key->data = NULL;
#endif
key->data = NULL;
key->dataLen = 0;
#ifdef WC_RSA_BLINDING
key->rng = NULL;
@ -3504,6 +3509,7 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
break;
}
XMEMCPY(key->data, in, inLen);
key->dataLen = inLen;
}
else {
key->dataIsAlloc = 0;
@ -3537,13 +3543,13 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
case RSA_STATE_DECRYPT_UNPAD:
#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
!defined(WOLFSSL_NO_MALLOC)
ret = wc_RsaUnPad_ex(key->data, key->dataLen, &pad, pad_value, pad_type,
hash, mgf, label, labelSz, saltLen,
mp_count_bits(&key->n), key->heap);
ret = wc_RsaUnPad_ex(key->data,
key->dataLen, &pad, pad_value, pad_type, hash, mgf,
label, labelSz, saltLen, mp_count_bits(&key->n), key->heap);
#else
ret = wc_RsaUnPad_ex(out, key->dataLen, &pad, pad_value, pad_type, hash,
mgf, label, labelSz, saltLen,
mp_count_bits(&key->n), key->heap);
ret = wc_RsaUnPad_ex(out,
key->dataLen, &pad, pad_value, pad_type, hash, mgf, label,
labelSz, saltLen, mp_count_bits(&key->n), key->heap);
#endif
if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen) {
ret = RSA_BUFFER_E;

19
wolfssl/wolfcrypt/rsa.h
View File

@ -242,8 +242,8 @@ struct RsaKey {
char label[RSA_MAX_LABEL_LEN];
int labelLen;
#endif
#if defined(WOLFSSL_ASYNC_CRYPT) || !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
!defined(WOLFSSL_NO_MALLOC)
#if !defined(WOLFSSL_NO_MALLOC) && (defined(WOLFSSL_ASYNC_CRYPT) || \
(!defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE)))
byte dataIsAlloc;
#endif
#ifdef WC_RSA_NONBLOCK
@ -441,14 +441,13 @@ WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
int nlen, int* isPrime);
#endif
WOLFSSL_LOCAL int wc_RsaPad_ex(const byte* input, word32 inputLen, byte* pkcsBlock,
word32 pkcsBlockLen, byte padValue, WC_RNG* rng, int padType,
enum wc_HashType hType, int mgf, byte* optLabel, word32 labelLen,
int saltLen, int bits, void* heap);
WOLFSSL_LOCAL int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen, byte** out,
byte padValue, int padType, enum wc_HashType hType,
int mgf, byte* optLabel, word32 labelLen, int saltLen,
int bits, void* heap);
WOLFSSL_API int wc_RsaPad_ex(const byte* input, word32 inputLen,
byte* pkcsBlock, word32 pkcsBlockLen, byte padValue,
WC_RNG* rng, int padType, enum wc_HashType hType, int mgf,
byte* optLabel, word32 labelLen, int saltLen, int bits, void* heap);
WOLFSSL_API int wc_RsaUnPad_ex(byte* pkcsBlock, word32 pkcsBlockLen,
byte** out, byte padValue, int padType, enum wc_HashType hType, int mgf,
byte* optLabel, word32 labelLen, int saltLen, int bits, void* heap);
WOLFSSL_LOCAL int wc_hash2mgf(enum wc_HashType hType);
WOLFSSL_LOCAL int RsaFunctionCheckIn(const byte* in, word32 inLen, RsaKey* key,