Fix to allow ECC set curve size with curve_id == 0. Added wolfCrypt tests / example for using wc_ecc_set_custom_curve
for BRAINPOOLP256R1
.
This commit is contained in:
parent
5180cf4cce
commit
33e214ffc1
@ -1233,7 +1233,7 @@ const char* wc_ecc_get_name(int curve_id)
|
||||
|
||||
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id)
|
||||
{
|
||||
if (keysize <= 0 && curve_id <= 0) {
|
||||
if (keysize <= 0 && curve_id < 0) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
|
@ -43,11 +43,7 @@
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/types.h>
|
||||
|
||||
#ifdef WOLFSSL_TEST_CERT
|
||||
#include <wolfssl/wolfcrypt/asn.h>
|
||||
#else
|
||||
#include <wolfssl/wolfcrypt/asn_public.h>
|
||||
#endif
|
||||
#include <wolfssl/wolfcrypt/asn.h>
|
||||
#include <wolfssl/wolfcrypt/md2.h>
|
||||
#include <wolfssl/wolfcrypt/md5.h>
|
||||
#include <wolfssl/wolfcrypt/md4.h>
|
||||
@ -10109,7 +10105,7 @@ done:
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
int curve_id)
|
||||
int curve_id, const ecc_set_type* dp)
|
||||
{
|
||||
DECLARE_VAR(sharedA, byte, ECC_SHARED_SIZE, HEAP_HINT);
|
||||
DECLARE_VAR(sharedB, byte, ECC_SHARED_SIZE, HEAP_HINT);
|
||||
@ -10129,6 +10125,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
ecc_key userA, userB, pubKey;
|
||||
|
||||
(void)testVerifyCount;
|
||||
(void)dp;
|
||||
|
||||
XMEMSET(&userA, 0, sizeof(ecc_key));
|
||||
XMEMSET(&userB, 0, sizeof(ecc_key));
|
||||
@ -10144,6 +10141,14 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
|
||||
if (ret != 0)
|
||||
goto done;
|
||||
|
||||
#ifdef WOLFSSL_CUSTOM_CURVES
|
||||
if (dp) {
|
||||
wc_ecc_set_custom_curve(&userA, dp);
|
||||
wc_ecc_set_custom_curve(&userB, dp);
|
||||
wc_ecc_set_custom_curve(&pubKey, dp);
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = wc_ecc_make_key_ex(rng, keySize, &userA, curve_id);
|
||||
#if defined(WOLFSSL_ASYNC_CRYPT)
|
||||
ret = wc_AsyncWait(ret, &userA.asyncDev, WC_ASYNC_FLAG_CALL_AGAIN);
|
||||
@ -10386,7 +10391,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT, ECC_CURVE_DEF);
|
||||
ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT, ECC_CURVE_DEF, NULL);
|
||||
if (ret < 0) {
|
||||
if (ret == ECC_CURVE_OID_E) {
|
||||
/* ignore error for curves not found */
|
||||
@ -10983,6 +10988,59 @@ done:
|
||||
}
|
||||
#endif /* WOLFSSL_CERT_EXT */
|
||||
|
||||
#ifdef WOLFSSL_CUSTOM_CURVES
|
||||
static int ecc_test_custom_curves(WC_RNG* rng)
|
||||
{
|
||||
int ret;
|
||||
|
||||
/* test use of custom curve - using BRAINPOOLP256R1 for test */
|
||||
const ecc_oid_t ecc_oid_brainpoolp256r1[] = {
|
||||
0x2B,0x24,0x03,0x03,0x02,0x08,0x01,0x01,0x07
|
||||
};
|
||||
const ecc_set_type ecc_dp_brainpool256r1 = {
|
||||
32, /* size/bytes */
|
||||
ECC_BRAINPOOLP256R1, /* ID */
|
||||
"BRAINPOOLP256R1", /* curve name */
|
||||
"A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", /* prime */
|
||||
"7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", /* A */
|
||||
"26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", /* B */
|
||||
"A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", /* order */
|
||||
"8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", /* Gx */
|
||||
"547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", /* Gy */
|
||||
ecc_oid_brainpoolp256r1, /* oid/oidSz */
|
||||
sizeof(ecc_oid_brainpoolp256r1) / sizeof(ecc_oid_t),
|
||||
ECC_BRAINPOOLP256R1_OID, /* oid sum */
|
||||
1, /* cofactor */
|
||||
};
|
||||
|
||||
ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, ECC_CURVE_DEF,
|
||||
&ecc_dp_brainpool256r1);
|
||||
if (ret != 0) {
|
||||
printf("ECC test for custom curve failed! %d\n", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
#if defined(HAVE_ECC_BRAINPOOL) || defined(HAVE_ECC_KOBLITZ)
|
||||
{
|
||||
int curve_id;
|
||||
#ifdef HAVE_ECC_BRAINPOOL
|
||||
curve_id = ECC_BRAINPOOLP256R1;
|
||||
#else
|
||||
curve_id = ECC_SECP256K1;
|
||||
#endif
|
||||
/* Test and demonstrate use of non-SECP curve */
|
||||
ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, curve_id, NULL);
|
||||
if (ret < 0) {
|
||||
printf("ECC test for curve_id %d failed! %d\n", curve_id, ret);
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_CUSTOM_CURVES */
|
||||
|
||||
int ecc_test(void)
|
||||
{
|
||||
int ret;
|
||||
@ -11081,22 +11139,10 @@ int ecc_test(void)
|
||||
#endif /* HAVE_ECC521 */
|
||||
|
||||
#if defined(WOLFSSL_CUSTOM_CURVES)
|
||||
#if defined(HAVE_ECC_BRAINPOOL) || defined(HAVE_ECC_KOBLITZ)
|
||||
{
|
||||
int curve_id;
|
||||
#ifdef HAVE_ECC_BRAINPOOL
|
||||
curve_id = ECC_BRAINPOOLP256R1;
|
||||
#else
|
||||
curve_id = ECC_SECP256K1;
|
||||
#endif
|
||||
/* Test and demonstrate use of non-SECP curve */
|
||||
ret = ecc_test_curve_size(&rng, 0, ECC_TEST_VERIFY_COUNT, curve_id);
|
||||
if (ret < 0) {
|
||||
printf("ecc_test_curve_size: type %d: failed!: %d\n", curve_id, ret);
|
||||
goto done;
|
||||
}
|
||||
ret = ecc_test_custom_curves(&rng);
|
||||
if (ret != 0) {
|
||||
goto done;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC_CDH
|
||||
|
Loading…
x
Reference in New Issue
Block a user