mirrors
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ludovic'

This commit is contained in:
toddouska 2015-07-24 15:39:54 -07:00
parent 5780f4d5f7 0a975eaff9
commit 4ba57a609c
23 changed files with 2120 additions and 721 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1177
src/ssl.c
View File

File diff suppressed because it is too large Load Diff

33
wolfcrypt/src/aes.c
View File

@ -55,6 +55,12 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
}
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
return AesCbcDecryptWithKey(out, in, inSz, key, keySz, iv);
}
int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
@ -1748,6 +1754,33 @@ int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
return ret;
}
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Aes* aes = NULL;
#else
Aes aes[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (aes == NULL)
return MEMORY_E;
#endif
ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION);
if (ret == 0)
ret = wc_AesCbcEncrypt(aes, out, in, inSz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)

274
wolfcrypt/src/asn.c
View File

@ -1386,7 +1386,8 @@ int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
GetInt(&key->y, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
GetInt(&key->y, input, inOutIdx, inSz) < 0 )
return ASN_DH_KEY_E;
key->type = DSA_PUBLIC;
return 0;
@ -1408,7 +1409,8 @@ int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
GetInt(&key->y, input, inOutIdx, inSz) < 0 ||
GetInt(&key->x, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
GetInt(&key->x, input, inOutIdx, inSz) < 0 )
return ASN_DH_KEY_E;
key->type = DSA_PRIVATE;
return 0;
@ -1423,9 +1425,9 @@ static mp_int* GetDsaInt(DsaKey* key, int idx)
if (idx == 2)
return &key->g;
if (idx == 3)
return &key->x;
if (idx == 4)
return &key->y;
if (idx == 4)
return &key->x;
return NULL;
}
@ -1445,7 +1447,7 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
{
word32 seqSz, verSz, rawLen, intTotalLen = 0;
word32 sizes[DSA_INTS];
int i, j, outLen, ret = 0;
int i, j, outLen, ret = 0, lbit;
byte seq[MAX_SEQ_SZ];
byte ver[MAX_VERSION_SZ];
@ -1463,7 +1465,15 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
/* write all big ints from key to DER tmps */
for (i = 0; i < DSA_INTS; i++) {
mp_int* keyInt = GetDsaInt(key, i);
rawLen = mp_unsigned_bin_size(keyInt);
/* leading zero */
if ((mp_count_bits(keyInt) & 7) == 0 || mp_iszero(keyInt) == MP_YES)
lbit = 1;
else
lbit = 0;
rawLen = mp_unsigned_bin_size(keyInt) + lbit;
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, NULL, DYNAMIC_TYPE_DSA);
if (tmps[i] == NULL) {
ret = MEMORY_E;
@ -1471,12 +1481,16 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
}
tmps[i][0] = ASN_INTEGER;
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
if (sizes[i] <= MAX_SEQ_SZ) {
/* leading zero */
if (lbit)
tmps[i][sizes[i]-1] = 0x00;
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) {
sizes[i] += rawLen;
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
intTotalLen += sizes[i];
}
else {
@ -4641,24 +4655,49 @@ WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
const char* BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
const char* END_CERT = "-----END CERTIFICATE-----";
const char* BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
const char* END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
const char* BEGIN_DH_PARAM = "-----BEGIN DH PARAMETERS-----";
const char* END_DH_PARAM = "-----END DH PARAMETERS-----";
const char* BEGIN_X509_CRL = "-----BEGIN X509 CRL-----";
const char* END_X509_CRL = "-----END X509 CRL-----";
const char* BEGIN_RSA_PRIV = "-----BEGIN RSA PRIVATE KEY-----";
const char* END_RSA_PRIV = "-----END RSA PRIVATE KEY-----";
const char* BEGIN_PRIV_KEY = "-----BEGIN PRIVATE KEY-----";
const char* END_PRIV_KEY = "-----END PRIVATE KEY-----";
const char* BEGIN_ENC_PRIV_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
const char* END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
const char* BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
const char* END_EC_PRIV = "-----END EC PRIVATE KEY-----";
const char* BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
const char* END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA)
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
/* Used for compatibility API */
int wc_DerToPem(const byte* der, word32 derSz,
byte* output, word32 outSz, int type)
{
return wc_DerToPemEx(der, derSz, output, outSz, NULL, type);
}
/* convert der buffer to pem into output, can't do inplace, der and output
need to be different */
int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
int type)
int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz,
byte *cipher_info, int type)
{
#ifdef WOLFSSL_SMALL_STACK
char* header = NULL;
char* footer = NULL;
#else
char header[80];
char footer[80];
char header[40 + HEADER_ENCRYPTED_KEY_SIZE];
char footer[40];
#endif
int headerLen = 80;
int footerLen = 80;
int headerLen = 40 + HEADER_ENCRYPTED_KEY_SIZE;
int footerLen = 40;
int i;
int err;
int outLen; /* return length or error */
@ -4670,36 +4709,55 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
header = (char*)XMALLOC(headerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (header == NULL)
return MEMORY_E;
footer = (char*)XMALLOC(footerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (footer == NULL) {
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
#endif
if (type == CERT_TYPE) {
XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", headerLen);
XSTRNCPY(footer, "-----END CERTIFICATE-----\n", footerLen);
XSTRNCPY(header, BEGIN_CERT, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_CERT, footerLen);
XSTRNCAT(footer, "\n", 1);
}
else if (type == PRIVATEKEY_TYPE) {
XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", headerLen);
XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n", footerLen);
XSTRNCPY(header, BEGIN_RSA_PRIV, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_RSA_PRIV, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#ifdef HAVE_ECC
#ifndef NO_DSA
else if (type == DSA_PRIVATEKEY_TYPE) {
XSTRNCPY(header, BEGIN_DSA_PRIV, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_DSA_PRIV, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#endif
#ifdef HAVE_ECC
else if (type == ECC_PRIVATEKEY_TYPE) {
XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----\n", headerLen);
XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n", footerLen);
XSTRNCPY(header, BEGIN_EC_PRIV, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_EC_PRIV, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#endif
#ifdef WOLFSSL_CERT_REQ
#endif
#ifdef WOLFSSL_CERT_REQ
else if (type == CERTREQ_TYPE)
{
XSTRNCPY(header,
"-----BEGIN CERTIFICATE REQUEST-----\n", headerLen);
XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----\n", footerLen);
XSTRNCPY(header, BEGIN_CERT_REQ, headerLen);
XSTRNCAT(header, "\n", 1);
XSTRNCPY(footer, END_CERT_REQ, footerLen);
XSTRNCAT(footer, "\n", 1);
}
#endif
#endif
else {
#ifdef WOLFSSL_SMALL_STACK
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -4708,6 +4766,14 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
return BAD_FUNC_ARG;
}
/* extra header information for encrypted key */
if (cipher_info != NULL) {
XSTRNCAT(header, "Proc-Type: 4,ENCRYPTED\n", 23);
XSTRNCAT(header, "DEK-Info: ", 10);
XSTRNCAT(header, (char*)cipher_info, XSTRLEN((char*)cipher_info));
XSTRNCAT(header, "\n\n", 2);
}
headerLen = (int)XSTRLEN(header);
footerLen = (int)XSTRLEN(footer);
@ -4762,7 +4828,6 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
return outLen + headerLen + footerLen;
}
#endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */
@ -4810,7 +4875,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
{
word32 seqSz, verSz, rawLen, intTotalLen = 0;
word32 sizes[RSA_INTS];
int i, j, outLen, ret = 0;
int i, j, outLen, ret = 0, lbit;
byte seq[MAX_SEQ_SZ];
byte ver[MAX_VERSION_SZ];
@ -4828,7 +4893,15 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
/* write all big ints from key to DER tmps */
for (i = 0; i < RSA_INTS; i++) {
mp_int* keyInt = GetRsaInt(key, i);
rawLen = mp_unsigned_bin_size(keyInt);
/* leading zero */
if ((mp_count_bits(keyInt) & 7) == 0 || mp_iszero(keyInt) == MP_YES)
lbit = 1;
else
lbit = 0;
rawLen = mp_unsigned_bin_size(keyInt) + lbit;
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
DYNAMIC_TYPE_RSA);
if (tmps[i] == NULL) {
@ -4837,12 +4910,16 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
}
tmps[i][0] = ASN_INTEGER;
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
if (sizes[i] <= MAX_SEQ_SZ) {
/* leading zero */
if (lbit)
tmps[i][sizes[i]-1] = 0x00;
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
if (err == MP_OKAY) {
sizes[i] += rawLen;
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
intTotalLen += sizes[i];
}
else {
@ -6846,84 +6923,109 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
/* Write a Private ecc key to DER format, length on success else < 0 */
int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
{
byte curve[MAX_ALGO_SZ];
byte curve[MAX_ALGO_SZ+2];
byte ver[MAX_VERSION_SZ];
byte seq[MAX_SEQ_SZ];
int ret;
int curveSz;
int verSz;
byte *prv, *pub;
int ret, totalSz, curveSz, verSz;
int privHdrSz = ASN_ECC_HEADER_SZ;
int pubHdrSz = ASN_ECC_CONTEXT_SZ + ASN_ECC_HEADER_SZ;
int curveHdrSz = ASN_ECC_CONTEXT_SZ;
word32 seqSz;
word32 idx = 0;
word32 pubSz = ECC_BUFSIZE;
word32 privSz;
word32 totalSz;
word32 idx = 0, prvidx = 0, pubidx = 0, curveidx = 0;
word32 seqSz, privSz, pubSz = ECC_BUFSIZE;
if (key == NULL || output == NULL || inLen == 0)
return BAD_FUNC_ARG;
ret = wc_ecc_export_x963(key, NULL, &pubSz);
if (ret != LENGTH_ONLY_E) {
/* curve */
curve[curveidx++] = ECC_PREFIX_0;
curveidx++ /* to put the size after computation */;
curveSz = SetCurve(key, curve+curveidx);
if (curveSz < 0)
return curveSz;
/* set computed size */
curve[1] = (byte)curveSz;
curveidx += curveSz;
/* private */
privSz = key->dp->size;
prv = (byte*)XMALLOC(privSz + privHdrSz + MAX_SEQ_SZ,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (prv == NULL) {
return MEMORY_E;
}
prv[prvidx++] = ASN_OCTET_STRING;
prv[prvidx++] = (byte)key->dp->size;
ret = wc_ecc_export_private_only(key, prv + prvidx, &privSz);
if (ret < 0) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
curveSz = SetCurve(key, curve);
if (curveSz < 0) {
return curveSz;
prvidx += privSz;
/* public */
ret = wc_ecc_export_x963(key, NULL, &pubSz);
if (ret != LENGTH_ONLY_E) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
privSz = key->dp->size;
pub = (byte*)XMALLOC(pubSz + pubHdrSz + MAX_SEQ_SZ,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (pub == NULL) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MEMORY_E;
}
pub[pubidx++] = ECC_PREFIX_1;
if (pubSz > 128) /* leading zero + extra size byte */
pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 2, pub+pubidx);
else /* leading zero */
pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 1, pub+pubidx);
pub[pubidx++] = ASN_BIT_STRING;
pubidx += SetLength(pubSz + 1, pub+pubidx);
pub[pubidx++] = (byte)0; /* leading zero */
ret = wc_ecc_export_x963(key, pub + pubidx, &pubSz);
if (ret != 0) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return ret;
}
pubidx += pubSz;
/* make headers */
verSz = SetMyVersion(1, ver, FALSE);
if (verSz < 0) {
return verSz;
seqSz = SetSequence(verSz + prvidx + pubidx + curveidx, seq);
totalSz = prvidx + pubidx + curveidx + verSz + seqSz;
if (totalSz > (int)inLen) {
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return BAD_FUNC_ARG;
}
totalSz = verSz + privSz + privHdrSz + curveSz + curveHdrSz +
pubSz + pubHdrSz + 1; /* plus null byte b4 public */
seqSz = SetSequence(totalSz, seq);
totalSz += seqSz;
if (totalSz > inLen) {
return BUFFER_E;
}
/* write it out */
/* write out */
/* seq */
XMEMCPY(output + idx, seq, seqSz);
idx += seqSz;
idx = seqSz;
/* ver */
/* ver */
XMEMCPY(output + idx, ver, verSz);
idx += verSz;
/* private */
output[idx++] = ASN_OCTET_STRING;
output[idx++] = (byte)privSz;
ret = wc_ecc_export_private_only(key, output + idx, &privSz);
if (ret < 0) {
return ret;
}
idx += privSz;
XMEMCPY(output + idx, prv, prvidx);
idx += prvidx;
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* curve */
output[idx++] = ECC_PREFIX_0;
output[idx++] = (byte)curveSz;
XMEMCPY(output + idx, curve, curveSz);
idx += curveSz;
XMEMCPY(output + idx, curve, curveidx);
idx += curveidx;
/* public */
output[idx++] = ECC_PREFIX_1;
output[idx++] = (byte)pubSz + ASN_ECC_CONTEXT_SZ + 1; /* plus null byte */
output[idx++] = ASN_BIT_STRING;
output[idx++] = (byte)pubSz + 1; /* plus null byte */
output[idx++] = (byte)0; /* null byte */
ret = wc_ecc_export_x963(key, output + idx, &pubSz);
if (ret != 0) {
return ret;
}
/* idx += pubSz if do more later */
XMEMCPY(output + idx, pub, pubidx);
/* idx += pubidx; not used after write, if more data remove comment */
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return totalSz;
}

33
wolfcrypt/src/coding.c
View File

@ -410,6 +410,39 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
return 0;
}
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
{
word32 outIdx = 0;
word32 i;
byte hb, lb;
if (*outLen < (2 * inLen + 1))
return BAD_FUNC_ARG;
for (i = 0; i < inLen; i++) {
hb = in[i] >> 4;
lb = in[i] & 0x0f;
/* ASCII value */
hb += '0';
if (hb > '9')
hb += 7;
/* ASCII value */
lb += '0';
if (lb>'9')
lb += 7;
out[outIdx++] = hb;
out[outIdx++] = lb;
}
/* force 0 at this end */
out[outIdx++] = 0;
*outLen = outIdx;
return 0;
}
#endif /* (OPENSSL_EXTRA) || (HAVE_WEBSERVER) || (HAVE_FIPS) */

79
wolfcrypt/src/des3.c
View File

@ -91,8 +91,14 @@ void wc_Des_SetIV(Des* des, const byte* iv)
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des_CbcEncryptWithKey(out, in, sz, key, iv);
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des_CbcDecryptWithKey(out, in, sz, key, iv);
}
@ -104,13 +110,18 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
}
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
return Des3_CbcEncryptWithKey(out, in, sz, key, iv);
}
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
const byte* key, const byte* iv)
{
return Des3_CbcDecryptWithKey(out, in, sz, key, iv);
}
#ifdef HAVE_CAVIUM
/* Initiliaze Des3 for use with Nitrox device */
@ -1490,8 +1501,35 @@ void wc_Des_SetIV(Des* des, const byte* iv)
}
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des* des = NULL;
#else
Des des[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des == NULL)
return MEMORY_E;
#endif
ret = wc_Des_SetKey(des, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des_CbcEncrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
@ -1508,7 +1546,7 @@ int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des_CbcDecrypt(des, out, in, sz);
ret = wc_Des_CbcDecrypt(des, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@ -1529,8 +1567,35 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
}
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
Des3* des3 = NULL;
#else
Des3 des3[1];
#endif
#ifdef WOLFSSL_SMALL_STACK
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (des3 == NULL)
return MEMORY_E;
#endif
ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION);
if (ret == 0)
ret = wc_Des3_CbcEncrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return ret;
}
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv)
const byte* key, const byte* iv)
{
int ret = 0;
#ifdef WOLFSSL_SMALL_STACK
@ -1547,7 +1612,7 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
if (ret == 0)
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
#ifdef WOLFSSL_SMALL_STACK
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);

264
wolfcrypt/src/dsa.c
View File

@ -18,6 +18,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#include <stdio.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
@ -27,10 +28,12 @@
#ifndef NO_DSA
#include <wolfssl/wolfcrypt/dsa.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/integer.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/sha.h>
#include <wolfssl/wolfcrypt/dsa.h>
enum {
@ -80,6 +83,263 @@ void wc_FreeDsaKey(DsaKey* key)
#endif
}
#ifdef WOLFSSL_KEY_GEN
int wc_MakeDsaKey(RNG *rng, DsaKey *dsa)
{
unsigned char *buf;
int qsize, err;
if (rng == NULL || dsa == NULL)
return BAD_FUNC_ARG;
qsize = mp_unsigned_bin_size(&dsa->q);
if (qsize == 0)
return BAD_FUNC_ARG;
/* allocate ram */
buf = (unsigned char *)XMALLOC(qsize, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL)
return MEMORY_E;
if (mp_init(&dsa->x) != MP_OKAY) {
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MP_INIT_E;
}
do {
/* make a random exponent mod q */
err = wc_RNG_GenerateBlock(rng, buf, qsize);
if (err != MP_OKAY) {
mp_clear(&dsa->x);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
err = mp_read_unsigned_bin(&dsa->x, buf, qsize);
if (err != MP_OKAY) {
mp_clear(&dsa->x);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
} while (mp_cmp_d(&dsa->x, 1) != MP_GT);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (mp_init(&dsa->y) != MP_OKAY) {
mp_clear(&dsa->x);
return MP_INIT_E;
}
/* public key : y = g^x mod p */
err = mp_exptmod(&dsa->g, &dsa->x, &dsa->p, &dsa->y);
if (err != MP_OKAY) {
mp_clear(&dsa->x);
mp_clear(&dsa->y);
return err;
}
dsa->type = DSA_PRIVATE;
return MP_OKAY;
}
/* modulus_size in bits */
int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa)
{
mp_int tmp, tmp2;
int err, msize, qsize,
loop_check_prime = 0,
check_prime = MP_NO;
unsigned char *buf;
if (rng == NULL || dsa == NULL)
return BAD_FUNC_ARG;
/* set group size in bytes from modulus size
* FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256)
*/
switch (modulus_size) {
case 1024:
qsize = 20;
break;
case 2048:
case 3072:
qsize = 32;
break;
default:
return BAD_FUNC_ARG;
break;
}
/* modulus size in bytes */
msize = modulus_size / 8;
/* allocate ram */
buf = (unsigned char *)XMALLOC(msize - qsize,
NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL) {
return MEMORY_E;
}
/* make a random string that will be multplied against q */
err = wc_RNG_GenerateBlock(rng, buf, msize - qsize);
if (err != MP_OKAY) {
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
/* force magnitude */
buf[0] |= 0xC0;
/* force even */
buf[msize - qsize - 1] &= ~1;
if (mp_init_multi(&tmp2, &dsa->p, &dsa->q, 0, 0, 0) != MP_OKAY) {
mp_clear(&dsa->q);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return MP_INIT_E;
}
err = mp_read_unsigned_bin(&tmp2, buf, msize - qsize);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp2);
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
return err;
}
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
/* make our prime q */
err = mp_rand_prime(&dsa->q, qsize, rng, NULL);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp2);
return err;
}
/* p = random * q */
err = mp_mul(&dsa->q, &tmp2, &dsa->p);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp2);
return err;
}
/* p = random * q + 1, so q is a prime divisor of p-1 */
err = mp_add_d(&dsa->p, 1, &dsa->p);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp2);
return err;
}
if (mp_init(&tmp) != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp2);
return MP_INIT_E;
}
/* tmp = 2q */
err = mp_add(&dsa->q, &dsa->q, &tmp);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
/* loop until p is prime */
while (check_prime == MP_NO) {
err = mp_prime_is_prime(&dsa->p, 8, &check_prime);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
if (check_prime != MP_YES) {
/* p += 2q */
err = mp_add(&tmp, &dsa->p, &dsa->p);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
loop_check_prime++;
}
}
/* tmp2 += (2*loop_check_prime)
* to have p = (q * tmp2) + 1 prime
*/
if (loop_check_prime) {
err = mp_add_d(&tmp2, 2*loop_check_prime, &tmp2);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
}
if (mp_init(&dsa->g) != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&tmp);
mp_clear(&tmp2);
return MP_INIT_E;
}
/* find a value g for which g^tmp2 != 1 */
mp_set(&dsa->g, 1);
do {
err = mp_add_d(&dsa->g, 1, &dsa->g);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&dsa->g);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
err = mp_exptmod(&dsa->g, &tmp2, &dsa->p, &tmp);
if (err != MP_OKAY) {
mp_clear(&dsa->q);
mp_clear(&dsa->p);
mp_clear(&dsa->g);
mp_clear(&tmp);
mp_clear(&tmp2);
return err;
}
} while (mp_cmp_d(&tmp, 1) == MP_EQ);
/* at this point tmp generates a group of order q mod p */
mp_exch(&tmp, &dsa->g);
mp_clear(&tmp);
mp_clear(&tmp2);
return MP_OKAY;
}
#endif /* WOLFSSL_KEY_GEN */
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng)
{

140
wolfcrypt/src/ecc.c
View File

@ -1014,7 +1014,7 @@ int ecc_map(ecc_point* P, mp_int* modulus, mp_digit* mp)
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map)
#else
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
#endif
{
@ -1043,10 +1043,10 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
/* alloc ram for window temps */
for (i = 0; i < 8; i++) {
M[i] = ecc_new_point();
M[i] = wc_ecc_new_point();
if (M[i] == NULL) {
for (j = 0; j < i; j++) {
ecc_del_point(M[j]);
wc_ecc_del_point(M[j]);
}
mp_clear(&mu);
return MEMORY_E;
@ -1054,7 +1054,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
}
/* make a copy of G incase R==G */
tG = ecc_new_point();
tG = wc_ecc_new_point();
if (tG == NULL)
err = MEMORY_E;
@ -1204,9 +1204,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
err = ecc_map(R, modulus, &mp);
mp_clear(&mu);
ecc_del_point(tG);
wc_ecc_del_point(tG);
for (i = 0; i < 8; i++) {
ecc_del_point(M[i]);
wc_ecc_del_point(M[i]);
}
return err;
}
@ -1229,7 +1229,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map)
#else
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
#endif
{
@ -1257,10 +1257,10 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
/* alloc ram for window temps */
for (i = 0; i < 3; i++) {
M[i] = ecc_new_point();
M[i] = wc_ecc_new_point();
if (M[i] == NULL) {
for (j = 0; j < i; j++) {
ecc_del_point(M[j]);
wc_ecc_del_point(M[j]);
}
mp_clear(&mu);
return MEMORY_E;
@ -1268,7 +1268,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
}
/* make a copy of G incase R==G */
tG = ecc_new_point();
tG = wc_ecc_new_point();
if (tG == NULL)
err = MEMORY_E;
@ -1364,9 +1364,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
/* done */
mp_clear(&mu);
ecc_del_point(tG);
wc_ecc_del_point(tG);
for (i = 0; i < 3; i++) {
ecc_del_point(M[i]);
wc_ecc_del_point(M[i]);
}
return err;
}
@ -1389,7 +1389,7 @@ static void alt_fp_init(fp_int* a)
Allocate a new ECC point
return A newly allocated point or NULL on error
*/
ecc_point* ecc_new_point(void)
ecc_point* wc_ecc_new_point(void)
{
ecc_point* p;
@ -1425,7 +1425,7 @@ ecc_point* ecc_new_point(void)
/** Free an ECC point from memory
p The point to free
*/
void ecc_del_point(ecc_point* p)
void wc_ecc_del_point(ecc_point* p)
{
/* prevents free'ing null arguments */
if (p != NULL) {
@ -1440,7 +1440,7 @@ void ecc_del_point(ecc_point* p)
p The point to copy
r The created point
*/
int ecc_copy_point(ecc_point* p, ecc_point *r)
int wc_ecc_copy_point(ecc_point* p, ecc_point *r)
{
int ret;
@ -1467,7 +1467,7 @@ int ecc_copy_point(ecc_point* p, ecc_point *r)
return MP_EQ if equal, MP_LT/MP_GT if not, < 0 in case of error
*/
int ecc_cmp_point(ecc_point* a, ecc_point *b)
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b)
{
int ret;
@ -1492,7 +1492,7 @@ int ecc_cmp_point(ecc_point* a, ecc_point *b)
n The idx number to check
return 1 if valid, 0 if not
*/
static int ecc_is_valid_idx(int n)
int wc_ecc_is_valid_idx(int n)
{
int x;
@ -1533,28 +1533,28 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
return ECC_BAD_ARG_E;
}
if (ecc_is_valid_idx(private_key->idx) == 0 ||
ecc_is_valid_idx(public_key->idx) == 0)
if (wc_ecc_is_valid_idx(private_key->idx) == 0 ||
wc_ecc_is_valid_idx(public_key->idx) == 0)
return ECC_BAD_ARG_E;
if (XSTRNCMP(private_key->dp->name, public_key->dp->name, ECC_MAXNAME) != 0)
return ECC_BAD_ARG_E;
/* make new point */
result = ecc_new_point();
result = wc_ecc_new_point();
if (result == NULL) {
return MEMORY_E;
}
if ((err = mp_init(&prime)) != MP_OKAY) {
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
if (err == MP_OKAY)
err = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
err = wc_ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
if (err == MP_OKAY) {
x = mp_unsigned_bin_size(&prime);
@ -1570,7 +1570,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
}
mp_clear(&prime);
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
@ -1600,24 +1600,24 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
return ECC_BAD_ARG_E;
}
if (ecc_is_valid_idx(private_key->idx) == 0)
if (wc_ecc_is_valid_idx(private_key->idx) == 0)
return ECC_BAD_ARG_E;
/* make new point */
result = ecc_new_point();
result = wc_ecc_new_point();
if (result == NULL) {
return MEMORY_E;
}
if ((err = mp_init(&prime)) != MP_OKAY) {
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
if (err == MP_OKAY)
err = ecc_mulmod(&private_key->k, point, result, &prime, 1);
err = wc_ecc_mulmod(&private_key->k, point, result, &prime, 1);
if (err == MP_OKAY) {
x = mp_unsigned_bin_size(&prime);
@ -1633,14 +1633,14 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
}
mp_clear(&prime);
ecc_del_point(result);
wc_ecc_del_point(result);
return err;
}
/* return 1 if point is at infinity, 0 if not, < 0 on error */
int ecc_point_is_at_infinity(ecc_point* p)
int wc_ecc_point_is_at_infinity(ecc_point* p)
{
if (p == NULL)
return BAD_FUNC_ARG;
@ -1708,7 +1708,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
}
if (err == MP_OKAY) {
base = ecc_new_point();
base = wc_ecc_new_point();
if (base == NULL)
err = MEMORY_E;
}
@ -1735,7 +1735,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
}
/* make the public key */
if (err == MP_OKAY)
err = ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
err = wc_ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
/* validate the public key, order * pubkey = point at infinity */
@ -1753,7 +1753,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
mp_clear(key->pubkey.z);
mp_clear(&key->k);
}
ecc_del_point(base);
wc_ecc_del_point(base);
if (po_init) {
mp_clear(&prime);
mp_clear(&order);
@ -1886,7 +1886,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
}
/* is the IDX valid ? */
if (ecc_is_valid_idx(key->idx) != 1) {
if (wc_ecc_is_valid_idx(key->idx) != 1) {
return ECC_BAD_ARG_E;
}
@ -2059,10 +2059,10 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
/* allocate the table */
if (err == MP_OKAY) {
for (x = 0; x < 16; x++) {
precomp[x] = ecc_new_point();
precomp[x] = wc_ecc_new_point();
if (precomp[x] == NULL) {
for (y = 0; y < x; ++y) {
ecc_del_point(precomp[y]);
wc_ecc_del_point(precomp[y]);
}
err = GEN_MEM_ERR;
break;
@ -2203,7 +2203,7 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
if (tableInit) {
for (x = 0; x < 16; x++) {
ecc_del_point(precomp[x]);
wc_ecc_del_point(precomp[x]);
}
}
ForceZero(tA, ECC_BUFSIZE);
@ -2300,7 +2300,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
*stat = 0;
/* is the IDX valid ? */
if (ecc_is_valid_idx(key->idx) != 1) {
if (wc_ecc_is_valid_idx(key->idx) != 1) {
return ECC_BAD_ARG_E;
}
@ -2320,8 +2320,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
}
/* allocate points */
mG = ecc_new_point();
mQ = ecc_new_point();
mG = wc_ecc_new_point();
mQ = wc_ecc_new_point();
if (mQ == NULL || mG == NULL)
err = MEMORY_E;
@ -2388,9 +2388,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
/* compute u1*mG + u2*mQ = mG */
if (err == MP_OKAY)
err = ecc_mulmod(&u1, mG, mG, &m, 0);
err = wc_ecc_mulmod(&u1, mG, mG, &m, 0);
if (err == MP_OKAY)
err = ecc_mulmod(&u2, mQ, mQ, &m, 0);
err = wc_ecc_mulmod(&u2, mQ, mQ, &m, 0);
/* find the montgomery mp */
if (err == MP_OKAY)
@ -2420,8 +2420,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
*stat = 1;
}
ecc_del_point(mG);
ecc_del_point(mQ);
wc_ecc_del_point(mG);
wc_ecc_del_point(mQ);
mp_clear(&v);
mp_clear(&w);
@ -2442,7 +2442,7 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
int compressed = 0;
if (in == NULL || point == NULL || (curve_idx < 0) ||
(ecc_is_valid_idx(curve_idx) == 0))
(wc_ecc_is_valid_idx(curve_idx) == 0))
return ECC_BAD_ARG_E;
/* must be odd */
@ -2568,7 +2568,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out,
word32 numlen;
int ret = MP_OKAY;
if ((curve_idx < 0) || (ecc_is_valid_idx(curve_idx) == 0))
if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0))
return ECC_BAD_ARG_E;
/* return length needed only */
@ -2645,7 +2645,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
if (key == NULL || out == NULL || outLen == NULL)
return ECC_BAD_ARG_E;
if (ecc_is_valid_idx(key->idx) == 0) {
if (wc_ecc_is_valid_idx(key->idx) == 0) {
return ECC_BAD_ARG_E;
}
numlen = key->dp->size;
@ -2780,7 +2780,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
if (key == NULL)
return BAD_FUNC_ARG;
base = ecc_new_point();
base = wc_ecc_new_point();
if (base == NULL)
return MEMORY_E;
@ -2792,11 +2792,11 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
mp_set(base->z, 1);
if (err == MP_OKAY) {
res = ecc_new_point();
res = wc_ecc_new_point();
if (res == NULL)
err = MEMORY_E;
else {
err = ecc_mulmod(&key->k, base, res, prime, 1);
err = wc_ecc_mulmod(&key->k, base, res, prime, 1);
if (err == MP_OKAY) {
/* compare result to public key */
if (mp_cmp(res->x, key->pubkey.x) != MP_EQ ||
@ -2809,8 +2809,8 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
}
}
ecc_del_point(res);
ecc_del_point(base);
wc_ecc_del_point(res);
wc_ecc_del_point(base);
return err;
}
@ -2853,16 +2853,16 @@ static int ecc_check_pubkey_order(ecc_key* key, mp_int* prime, mp_int* order)
if (key == NULL)
return BAD_FUNC_ARG;
inf = ecc_new_point();
inf = wc_ecc_new_point();
if (inf == NULL)
err = MEMORY_E;
else {
err = ecc_mulmod(order, &key->pubkey, inf, prime, 1);
if (err == MP_OKAY && !ecc_point_is_at_infinity(inf))
err = wc_ecc_mulmod(order, &key->pubkey, inf, prime, 1);
if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf))
err = ECC_INF_E;
}
ecc_del_point(inf);
wc_ecc_del_point(inf);
return err;
}
@ -2879,7 +2879,7 @@ int wc_ecc_check_key(ecc_key* key)
return BAD_FUNC_ARG;
/* pubkey point cannot be at inifinity */
if (ecc_point_is_at_infinity(&key->pubkey))
if (wc_ecc_point_is_at_infinity(&key->pubkey))
return ECC_INF_E;
err = mp_init_multi(&prime, &order, NULL, NULL, NULL, NULL);
@ -3069,7 +3069,7 @@ int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen)
if (key == NULL || out == NULL || outLen == NULL)
return ECC_BAD_ARG_E;
if (ecc_is_valid_idx(key->idx) == 0) {
if (wc_ecc_is_valid_idx(key->idx) == 0) {
return ECC_BAD_ARG_E;
}
numlen = key->dp->size;
@ -3846,10 +3846,10 @@ static int find_hole(void)
/* free entry z */
if (z >= 0 && fp_cache[z].g) {
mp_clear(&fp_cache[z].mu);
ecc_del_point(fp_cache[z].g);
wc_ecc_del_point(fp_cache[z].g);
fp_cache[z].g = NULL;
for (x = 0; x < (1U<<FP_LUT); x++) {
ecc_del_point(fp_cache[z].LUT[x]);
wc_ecc_del_point(fp_cache[z].LUT[x]);
fp_cache[z].LUT[x] = NULL;
}
fp_cache[z].lru_count = 0;
@ -3881,7 +3881,7 @@ static int add_entry(int idx, ecc_point *g)
unsigned x, y;
/* allocate base and LUT */
fp_cache[idx].g = ecc_new_point();
fp_cache[idx].g = wc_ecc_new_point();
if (fp_cache[idx].g == NULL) {
return GEN_MEM_ERR;
}
@ -3890,19 +3890,19 @@ static int add_entry(int idx, ecc_point *g)
if ((mp_copy(g->x, fp_cache[idx].g->x) != MP_OKAY) ||
(mp_copy(g->y, fp_cache[idx].g->y) != MP_OKAY) ||
(mp_copy(g->z, fp_cache[idx].g->z) != MP_OKAY)) {
ecc_del_point(fp_cache[idx].g);
wc_ecc_del_point(fp_cache[idx].g);
fp_cache[idx].g = NULL;
return GEN_MEM_ERR;
}
for (x = 0; x < (1U<<FP_LUT); x++) {
fp_cache[idx].LUT[x] = ecc_new_point();
fp_cache[idx].LUT[x] = wc_ecc_new_point();
if (fp_cache[idx].LUT[x] == NULL) {
for (y = 0; y < x; y++) {
ecc_del_point(fp_cache[idx].LUT[y]);
wc_ecc_del_point(fp_cache[idx].LUT[y]);
fp_cache[idx].LUT[y] = NULL;
}
ecc_del_point(fp_cache[idx].g);
wc_ecc_del_point(fp_cache[idx].g);
fp_cache[idx].g = NULL;
fp_cache[idx].lru_count = 0;
return GEN_MEM_ERR;
@ -4042,10 +4042,10 @@ static int build_lut(int idx, mp_int* modulus, mp_digit* mp, mp_int* mu)
/* err cleanup */
for (y = 0; y < (1U<<FP_LUT); y++) {
ecc_del_point(fp_cache[idx].LUT[y]);
wc_ecc_del_point(fp_cache[idx].LUT[y]);
fp_cache[idx].LUT[y] = NULL;
}
ecc_del_point(fp_cache[idx].g);
wc_ecc_del_point(fp_cache[idx].g);
fp_cache[idx].g = NULL;
fp_cache[idx].lru_count = 0;
mp_clear(&fp_cache[idx].mu);
@ -4576,7 +4576,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
otherwise it's left in jacobian-montgomery form
return MP_OKAY if successful
*/
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
int map)
{
int idx, err = MP_OKAY;
@ -4661,10 +4661,10 @@ static void wc_ecc_fp_free_cache(void)
for (x = 0; x < FP_ENTRIES; x++) {
if (fp_cache[x].g != NULL) {
for (y = 0; y < (1U<<FP_LUT); y++) {
ecc_del_point(fp_cache[x].LUT[y]);
wc_ecc_del_point(fp_cache[x].LUT[y]);
fp_cache[x].LUT[y] = NULL;
}
ecc_del_point(fp_cache[x].g);
wc_ecc_del_point(fp_cache[x].g);
fp_cache[x].g = NULL;
mp_clear(&fp_cache[x].mu);
fp_cache[x].lru_count = 0;
@ -5500,7 +5500,7 @@ int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen)
if (key == NULL || out == NULL || outLen == NULL)
return ECC_BAD_ARG_E;
if (ecc_is_valid_idx(key->idx) == 0) {
if (wc_ecc_is_valid_idx(key->idx) == 0) {
return ECC_BAD_ARG_E;
}
numlen = key->dp->size;

153
wolfcrypt/src/integer.c
View File

@ -45,6 +45,14 @@
#endif
#endif
#ifdef SHOW_GEN
#ifdef FREESCALE_MQX
#include <fio.h>
#else
#include <stdio.h>
#endif
#endif
/* reverse an array, used for radix code */
static void
bn_reverse (unsigned char *s, int len)
@ -2493,46 +2501,21 @@ int mp_reduce_2k_setup(mp_int *a, mp_digit *d)
}
/* computes a = 2**b
*
* Simple algorithm which zeroes the int, grows it then just sets one bit
* as required.
*/
int
mp_2expt (mp_int * a, int b)
{
int res;
/* zero a as per default */
mp_zero (a);
/* grow a to accomodate the single bit */
if ((res = mp_grow (a, b / DIGIT_BIT + 1)) != MP_OKAY) {
return res;
}
/* set the used count of where the bit will go */
a->used = b / DIGIT_BIT + 1;
/* put the single bit in its place */
a->dp[b / DIGIT_BIT] = ((mp_digit)1) << (b % DIGIT_BIT);
return MP_OKAY;
}
/* set the b bit of a */
int
mp_set_bit (mp_int * a, int b)
{
int i = b / DIGIT_BIT, res;
/* grow a to accomodate the single bit */
if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
return res;
}
if (a->used < (int)(i + 1)) {
/* grow a to accomodate the single bit */
if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
return res;
}
/* set the used count of where the bit will go */
a->used = i + 1;
/* set the used count of where the bit will go */
a->used = (int)(i + 1);
}
/* put the single bit in its place */
a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
@ -2540,6 +2523,19 @@ mp_set_bit (mp_int * a, int b)
return MP_OKAY;
}
/* computes a = 2**b
*
* Simple algorithm which zeroes the int, set the required bit
*/
int
mp_2expt (mp_int * a, int b)
{
/* zero a as per default */
mp_zero (a);
return mp_set_bit(a, b);
}
/* multiply by a digit */
int
mp_mul_d (mp_int * a, mp_digit b, mp_int * c)
@ -3882,7 +3878,7 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
*tmpc++ &= MP_MASK;
}
/* set final carry */
if (mu != 0 && ix < c->alloc) {
if (ix < c->alloc) {
ix++;
*tmpc++ = mu;
}
@ -4049,7 +4045,7 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
mp_int q;
mp_word w;
mp_digit t;
int res, ix;
int res = MP_OKAY, ix;
/* cannot divide by zero */
if (b == 0) {
@ -4086,12 +4082,15 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
#endif
/* no easy answer [c'est la vie]. Just division */
if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
return res;
if (c != NULL) {
if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
return res;
}
q.used = a->used;
q.sign = a->sign;
}
q.used = a->used;
q.sign = a->sign;
w = 0;
for (ix = a->used - 1; ix >= 0; ix--) {
w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);
@ -4102,7 +4101,8 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
} else {
t = 0;
}
q.dp[ix] = (mp_digit)t;
if (c != NULL)
q.dp[ix] = (mp_digit)t;
}
if (d != NULL) {
@ -4112,8 +4112,8 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
if (c != NULL) {
mp_clamp(&q);
mp_exch(&q, c);
mp_clear(&q);
}
mp_clear(&q);
return res;
}
@ -4282,6 +4282,70 @@ static int mp_prime_is_divisible (mp_int * a, int *result)
return MP_OKAY;
}
static const int USE_BBS = 1;
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
{
int err, res, type;
byte* buf;
if (N == NULL || rng == NULL)
return MP_VAL;
/* get type */
if (len < 0) {
type = USE_BBS;
len = -len;
} else {
type = 0;
}
/* allow sizes between 2 and 512 bytes for a prime size */
if (len < 2 || len > 512) {
return MP_VAL;
}
/* allocate buffer to work with */
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
if (buf == NULL) {
return MP_MEM;
}
XMEMSET(buf, 0, len);
do {
#ifdef SHOW_GEN
printf(".");
fflush(stdout);
#endif
/* generate value */
err = wc_RNG_GenerateBlock(rng, buf, len);
if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* munge bits */
buf[0] |= 0x80 | 0x40;
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
/* load value */
if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* test */
if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
} while (res == MP_NO);
XMEMSET(buf, 0, len);
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return MP_OKAY;
}
/*
* Sets result to 1 if probably prime, 0 otherwise
@ -4468,8 +4532,6 @@ LBL_U:mp_clear (&v);
return res;
}
#endif /* WOLFSSL_KEY_GEN */
@ -4542,6 +4604,9 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
}
return MP_OKAY;
}
#endif /* HAVE_ECC */
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
/* returns size of ASCII representation */
int mp_radix_size (mp_int *a, int radix, int *size)
@ -4652,7 +4717,7 @@ int mp_toradix (mp_int *a, char *str, int radix)
return MP_OKAY;
}
#endif /* HAVE_ECC */
#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
#endif /* USE_FAST_MATH */

97
wolfcrypt/src/rsa.c
View File

@ -131,14 +131,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
#include <wolfcrypt/src/misc.c>
#endif
#ifdef SHOW_GEN
#ifdef FREESCALE_MQX
#include <fio.h>
#else
#include <stdio.h>
#endif
#endif
#ifdef HAVE_CAVIUM
static int InitCaviumRsaKey(RsaKey* key, void* heap);
static int FreeCaviumRsaKey(RsaKey* key);
@ -152,22 +144,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32 outLen, RsaKey* key);
#endif
enum {
RSA_PUBLIC_ENCRYPT = 0,
RSA_PUBLIC_DECRYPT = 1,
RSA_PRIVATE_ENCRYPT = 2,
RSA_PRIVATE_DECRYPT = 3,
RSA_BLOCK_TYPE_1 = 1,
RSA_BLOCK_TYPE_2 = 2,
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
};
int wc_InitRsaKey(RsaKey* key, void* heap)
{
#ifdef HAVE_CAVIUM
@ -610,76 +586,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
return 0;
}
#ifdef WOLFSSL_KEY_GEN
static const int USE_BBS = 1;
static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
{
int err, res, type;
byte* buf;
(void)heap;
if (N == NULL || rng == NULL)
return BAD_FUNC_ARG;
/* get type */
if (len < 0) {
type = USE_BBS;
len = -len;
} else {
type = 0;
}
/* allow sizes between 2 and 512 bytes for a prime size */
if (len < 2 || len > 512) {
return BAD_FUNC_ARG;
}
/* allocate buffer to work with */
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
if (buf == NULL) {
return MEMORY_E;
}
XMEMSET(buf, 0, len);
do {
#ifdef SHOW_GEN
printf(".");
fflush(stdout);
#endif
/* generate value */
err = wc_RNG_GenerateBlock(rng, buf, len);
if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* munge bits */
buf[0] |= 0x80 | 0x40;
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
/* load value */
if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
/* test */
if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) {
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return err;
}
} while (res == MP_NO);
ForceZero(buf, len);
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
return 0;
}
/* Make an RSA key for size bits, with e specified, 65537 is a good e */
int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
{
@ -703,7 +610,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
/* make p */
if (err == MP_OKAY) {
do {
err = rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
err = mp_rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
if (err == MP_OKAY)
err = mp_sub_d(&p, 1, &tmp1); /* tmp1 = p-1 */
@ -716,7 +623,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
/* make q */
if (err == MP_OKAY) {
do {
err = rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
err = mp_rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
if (err == MP_OKAY)
err = mp_sub_d(&q, 1, &tmp1); /* tmp1 = q-1 */

151
wolfcrypt/src/tfm.c
View File

@ -39,6 +39,7 @@
#ifdef USE_FAST_MATH
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/tfm.h>
#include <wolfcrypt/src/asm.c> /* will define asm MACROS or C ones */
@ -1815,10 +1816,37 @@ void fp_set(fp_int *a, fp_digit b)
/* chek if a bit is set */
int fp_is_bit_set (fp_int *a, fp_digit b)
{
if ((fp_digit)a->used < b/DIGIT_BIT)
fp_digit i;
if (b > FP_MAX_BITS)
return 0;
else
i = b/DIGIT_BIT;
if ((fp_digit)a->used < i)
return 0;
return (int)((a->dp[b/DIGIT_BIT] >> b%DIGIT_BIT) & (fp_digit)1);
return (int)((a->dp[i] >> b%DIGIT_BIT) & (fp_digit)1);
}
/* set the b bit of a */
int fp_set_bit (fp_int * a, fp_digit b)
{
fp_digit i;
if (b > FP_MAX_BITS)
return 0;
else
i = b/DIGIT_BIT;
/* set the used count of where the bit will go if required */
if (a->used < (int)(i+1))
a->used = (int)(i+1);
/* put the single bit in its place */
a->dp[i] |= ((fp_digit)1) << (b % DIGIT_BIT);
return MP_OKAY;
}
int fp_count_bits (fp_int * a)
@ -1840,6 +1868,7 @@ int fp_count_bits (fp_int * a)
++r;
q >>= ((fp_digit) 1);
}
return r;
}
@ -2186,17 +2215,22 @@ void mp_rshb (mp_int* a, int x)
/* fast math wrappers */
int mp_set_int(fp_int *a, fp_digit b)
int mp_set_int(mp_int *a, mp_digit b)
{
fp_set(a, b);
return MP_OKAY;
}
int mp_is_bit_set (fp_int *a, fp_digit b)
int mp_is_bit_set (mp_int *a, mp_digit b)
{
return fp_is_bit_set(a, b);
}
int mp_set_bit(mp_int *a, mp_digit b)
{
return fp_set_bit(a, b);
}
#if defined(WOLFSSL_KEY_GEN) || defined (HAVE_ECC)
/* c = a * a (mod b) */
@ -2230,6 +2264,18 @@ static const int lnz[16] = {
4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
};
/* swap the elements of two integers, for cases where you can't simply swap the
* mp_int pointers around
*/
static void fp_exch (fp_int * a, fp_int * b)
{
fp_int t;
t = *a;
*a = *b;
*b = t;
}
/* Counts the number of lsbs which are zero before the first zero bit */
int fp_cnt_lsb(fp_int *a)
{
@ -2258,8 +2304,6 @@ int fp_cnt_lsb(fp_int *a)
}
static int s_is_power_of_two(fp_digit b, int *p)
{
int x;
@ -2313,11 +2357,14 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
return FP_OKAY;
}
/* no easy answer [c'est la vie]. Just division */
fp_init(&q);
if (c != NULL) {
/* no easy answer [c'est la vie]. Just division */
fp_init(&q);
q.used = a->used;
q.sign = a->sign;
}
q.used = a->used;
q.sign = a->sign;
w = 0;
for (ix = a->used - 1; ix >= 0; ix--) {
w = (w << ((fp_word)DIGIT_BIT)) | ((fp_word)a->dp[ix]);
@ -2328,7 +2375,8 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
} else {
t = 0;
}
q.dp[ix] = (fp_digit)t;
if (c != NULL)
q.dp[ix] = (fp_digit)t;
}
if (d != NULL) {
@ -2362,6 +2410,7 @@ int mp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
void fp_gcd(fp_int *a, fp_int *b, fp_int *c);
void fp_lcm(fp_int *a, fp_int *b, fp_int *c);
int fp_isprime(fp_int *a);
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap);
int mp_gcd(fp_int *a, fp_int *b, fp_int *c)
{
@ -2384,6 +2433,31 @@ int mp_prime_is_prime(mp_int* a, int t, int* result)
return MP_OKAY;
}
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
{
int err;
err = fp_randprime(N, len, rng, heap);
switch(err) {
case FP_VAL:
return MP_VAL;
break;
case FP_MEM:
return MP_MEM;
break;
default:
break;
}
return MP_OKAY;
}
int mp_exch (mp_int * a, mp_int * b)
{
fp_exch(a, b);
return MP_OKAY;
}
/* Miller-Rabin test of "a" to the base of "b" as described in
* HAC pp. 139 Algorithm 4.24
*
@ -2513,6 +2587,59 @@ int fp_isprime(fp_int *a)
return FP_YES;
}
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap)
{
static const int USE_BBS = 1;
int err, type;
byte* buf;
/* get type */
if (len < 0) {
type = USE_BBS;
len = -len;
} else {
type = 0;
}
/* allow sizes between 2 and 512 bytes for a prime size */
if (len < 2 || len > 512) {
return FP_VAL;
}
/* allocate buffer to work with */
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_TMP_BUFFER);
if (buf == NULL) {
return FP_MEM;
}
XMEMSET(buf, 0, len);
do {
#ifdef SHOW_GEN
printf(".");
fflush(stdout);
#endif
/* generate value */
err = wc_RNG_GenerateBlock(rng, buf, len);
if (err != 0) {
XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
return FP_VAL;
}
/* munge bits */
buf[0] |= 0x80 | 0x40;
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
/* load value */
fp_read_unsigned_bin(N, buf, len);
/* test */
} while (fp_isprime(N) == FP_NO);
XMEMSET(buf, 0, len);
XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
return FP_OKAY;
}
/* c = [a, b] */
void fp_lcm(fp_int *a, fp_int *b, fp_int *c)
@ -2740,7 +2867,7 @@ int mp_radix_size (mp_int *a, int radix, int *size)
if (fp_iszero(a) == MP_YES) {
*size = 2;
return FP_YES;
return FP_OKAY;
}
/* digs is the digit count */

110
wolfcrypt/test/test.c
View File

@ -210,7 +210,7 @@ int pbkdf2_test(void);
#endif
/* General big buffer size for many tests. */
/* General big buffer size for many tests. */
#define FOURK_BUF 4096
@ -3385,6 +3385,7 @@ int rsa_test(void)
#ifdef HAVE_CAVIUM
wc_RsaInitCavium(&key, CAVIUM_DEV_ID);
#endif
ret = wc_InitRsaKey(&key, 0);
if (ret != 0) {
free(tmp);
@ -3465,7 +3466,6 @@ int rsa_test(void)
(void)bytes;
#endif
#ifdef WOLFSSL_KEY_GEN
{
byte* der;
@ -3575,7 +3575,6 @@ int rsa_test(void)
}
#endif /* WOLFSSL_KEY_GEN */
#ifdef WOLFSSL_CERT_GEN
/* self signed */
{
@ -4428,8 +4427,111 @@ int dsa_test(void)
if (answer != 1) return -65;
wc_FreeDsaKey(&key);
wc_FreeRng(&rng);
#ifdef WOLFSSL_KEY_GEN
{
byte* der;
byte* pem;
int derSz = 0;
int pemSz = 0;
DsaKey derIn;
DsaKey genKey;
FILE* keyFile;
FILE* pemFile;
wc_InitDsaKey(&genKey);
ret = wc_MakeDsaParameters(&rng, 1024, &genKey);
if (ret != 0) return -362;
ret = wc_MakeDsaKey(&rng, &genKey);
if (ret != 0) return -363;
der = (byte*)malloc(FOURK_BUF);
if (der == NULL) {
wc_FreeDsaKey(&genKey);
return -364;
}
pem = (byte*)malloc(FOURK_BUF);
if (pem == NULL) {
free(der);
wc_FreeDsaKey(&genKey);
return -365;
}
derSz = wc_DsaKeyToDer(&genKey, der, FOURK_BUF);
if (derSz < 0) {
free(der);
free(pem);
return -366;
}
#ifdef FREESCALE_MQX
keyFile = fopen("a:\\certs\\key.der", "wb");
#else
keyFile = fopen("./key.der", "wb");
#endif
if (!keyFile) {
free(der);
free(pem);
wc_FreeDsaKey(&genKey);
return -367;
}
ret = (int)fwrite(der, 1, derSz, keyFile);
fclose(keyFile);
if (ret != derSz) {
free(der);
free(pem);
wc_FreeDsaKey(&genKey);
return -368;
}
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, DSA_PRIVATEKEY_TYPE);
if (pemSz < 0) {
free(der);
free(pem);
wc_FreeDsaKey(&genKey);
return -369;
}
#ifdef FREESCALE_MQX
pemFile = fopen("a:\\certs\\key.pem", "wb");
#else
pemFile = fopen("./key.pem", "wb");
#endif
if (!pemFile) {
free(der);
free(pem);
wc_FreeDsaKey(&genKey);
return -370;
}
ret = (int)fwrite(pem, 1, pemSz, pemFile);
fclose(pemFile);
if (ret != pemSz) {
free(der);
free(pem);
wc_FreeDsaKey(&genKey);
return -371;
}
wc_InitDsaKey(&derIn);
idx = 0;
ret = wc_DsaPrivateKeyDecode(der, &idx, &derIn, derSz);
if (ret != 0) {
free(der);
free(pem);
wc_FreeDsaKey(&derIn);
wc_FreeDsaKey(&genKey);
return -373;
}
wc_FreeDsaKey(&derIn);
wc_FreeDsaKey(&genKey);
free(pem);
free(der);
}
#endif /* WOLFSSL_KEY_GEN */
wc_FreeRng(&rng);
return 0;
}

2
wolfssl/openssl/dsa.h
View File

@ -24,7 +24,7 @@ struct WOLFSSL_DSA {
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*);
WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,

143
wolfssl/openssl/pem.h
View File

@ -14,75 +14,104 @@
#endif
WOLFSSL_API int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
/* RSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API
WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
/* DSA */
WOLFSSL_API
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API
int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
/* ECC */
WOLFSSL_API
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
pem_password_cb cb, void* arg);
WOLFSSL_API
int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key,
const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
WOLFSSL_API
int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key,
const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API
int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
/* EVP_KEY */
WOLFSSL_API
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**,
pem_password_cb cb,
void* arg);
WOLFSSL_API
int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
WOLFSSL_EVP_PKEY**, pem_password_cb cb, void* arg);
WOLFSSL_API
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
pem_password_cb *cb, void *u);
WOLFSSL_API WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
pem_password_cb *cb, void *u);
WOLFSSL_API int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
WOLFSSL_API int wolfSSL_PEM_write_buf_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
unsigned char* passwd, int len,
byte **pem, int *plen);
WOLFSSL_API int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
WOLFSSL_API int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key, const EVP_CIPHER *enc,
unsigned char *kstr, int klen,
pem_password_cb *cb, void *u);
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
/* RSA */
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
/* DSA */
#define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
/* ECC */
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
/* EVP_KEY */
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* WOLFSSL_PEM_H_ */

63
wolfssl/wolfcrypt/aes.h
View File

@ -126,17 +126,24 @@ typedef struct Gmac {
#endif /* HAVE_AESGCM */
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz, const byte* iv);
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
const byte* iv, int dir);
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
const byte* key, word32 keySz,
const byte* iv);
/* AES-CTR */
#ifdef WOLFSSL_AES_COUNTER
WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz);
#endif
/* AES-DIRECT */
#if defined(WOLFSSL_AES_DIRECT)
@ -147,30 +154,34 @@ typedef struct Gmac {
#endif
#ifdef HAVE_AESGCM
WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 sz,
const byte* iv, word32 ivSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
const byte* authIn, word32 authInSz,
byte* authTag, word32 authTagSz);
#endif /* HAVE_AESGCM */
#ifdef HAVE_AESCCM
WOLFSSL_API void wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
WOLFSSL_API void wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API void wc_AesCcmEncrypt(Aes* aes, byte* out,
const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
const byte* in, word32 inSz,
const byte* nonce, word32 nonceSz,
const byte* authTag, word32 authTagSz,
const byte* authIn, word32 authInSz);
#endif /* HAVE_AESCCM */
#ifdef HAVE_CAVIUM

21
wolfssl/wolfcrypt/asn.h
View File

@ -182,8 +182,9 @@ enum Misc_ASN {
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */
EIGHTK_BUF = 8192, /* Tmp buffer size */
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2,
/* use bigger NTRU size */
HEADER_ENCRYPTED_KEY_SIZE = 88 /* Extra header size for encrypted key */
};
@ -476,6 +477,24 @@ struct DecodedCert {
#endif /* WOLFSSL_SEP */
};
extern const char* BEGIN_CERT;
extern const char* END_CERT;
extern const char* BEGIN_CERT_REQ;
extern const char* END_CERT_REQ;
extern const char* BEGIN_DH_PARAM;
extern const char* END_DH_PARAM;
extern const char* BEGIN_X509_CRL;
extern const char* END_X509_CRL;
extern const char* BEGIN_RSA_PRIV;
extern const char* END_RSA_PRIV;
extern const char* BEGIN_PRIV_KEY;
extern const char* END_PRIV_KEY;
extern const char* BEGIN_ENC_PRIV_KEY;
extern const char* END_ENC_PRIV_KEY;
extern const char* BEGIN_EC_PRIV;
extern const char* END_EC_PRIV;
extern const char* BEGIN_DSA_PRIV;
extern const char* END_DSA_PRIV;
#ifdef NO_SHA
#define SIGNER_DIGEST_SIZE SHA256_DIGEST_SIZE

5
wolfssl/wolfcrypt/asn_public.h
View File

@ -43,6 +43,7 @@ enum CertType {
CRL_TYPE,
CA_TYPE,
ECC_PRIVATEKEY_TYPE,
DSA_PRIVATEKEY_TYPE,
CERTREQ_TYPE,
DSA_TYPE,
ECC_TYPE,
@ -177,7 +178,9 @@ WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA)
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
word32 outputSz, int type);
word32 outputSz, int type);
WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
word32 outputSz, byte *cipherIno, int type);
#endif
#ifdef HAVE_ECC

2
wolfssl/wolfcrypt/coding.h
View File

@ -62,6 +62,8 @@ WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out,
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
WOLFSSL_API
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
WOLFSSL_API
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
#endif

38
wolfssl/wolfcrypt/des3.h
View File

@ -83,21 +83,35 @@ typedef struct Des3 {
} Des3;
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key,
const byte* iv, int dir);
WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out,
const byte* in, word32 sz);
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key,
const byte* iv,int dir);
WOLFSSL_API int wc_Des3_SetIV(Des3* des, const byte* iv);
WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out,
const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
const byte* in,word32 sz);
WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out,
const byte* in, word32 sz,
const byte* key, const byte* iv);
#ifdef HAVE_CAVIUM
WOLFSSL_API int wc_Des3_InitCavium(Des3*, int);

5
wolfssl/wolfcrypt/dsa.h
View File

@ -66,6 +66,11 @@ WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
DsaKey*, word32);
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_MakeDsaKey(RNG *rng, DsaKey *dsa);
WOLFSSL_API int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa);
#endif
#ifdef __cplusplus
} /* extern "C" */
#endif

21
wolfssl/wolfcrypt/ecc.h
View File

@ -73,18 +73,18 @@ typedef struct {
* mp_ints for the components of the point. With ALT_ECC_SIZE, the components
* of the point are pointers that are set to each of a three item array of
* alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
* structure, the alt_fp_int will only have 512 bits. A size value was added
* structure, the alt_fp_int will only have 528 bits. A size value was added
* in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
* functions fp_zero() and fp_copy() use the size parameter. An int needs to
* be initialized before using it instead of just fp_zeroing it, the init will
* call zero. FP_MAX_BITS_ECC defaults to 512, but can be set to change the
* call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the
* number of bits used in the alternate FP_INT.
*
* Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
*/
#ifndef FP_MAX_BITS_ECC
#define FP_MAX_BITS_ECC 512
#define FP_MAX_BITS_ECC 528
#endif
#define FP_MAX_SIZE_ECC (FP_MAX_BITS_ECC+(8*DIGIT_BIT))
#if FP_MAX_BITS_ECC % CHAR_BIT
@ -163,17 +163,20 @@ WOLFSSL_API
void wc_ecc_fp_free(void);
WOLFSSL_API
ecc_point* ecc_new_point(void);
ecc_point* wc_ecc_new_point(void);
WOLFSSL_API
void ecc_del_point(ecc_point* p);
void wc_ecc_del_point(ecc_point* p);
WOLFSSL_API
int ecc_copy_point(ecc_point* p, ecc_point *r);
int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
WOLFSSL_API
int ecc_cmp_point(ecc_point* a, ecc_point *b);
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
WOLFSSL_API
int ecc_point_is_at_infinity(ecc_point *p);
int wc_ecc_point_is_at_infinity(ecc_point *p);
WOLFSSL_API
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, int map);
int wc_ecc_is_valid_idx(int n);
WOLFSSL_API
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
mp_int* modulus, int map);
/* ASN key helpers */
WOLFSSL_API

3
wolfssl/wolfcrypt/integer.h
View File

@ -36,6 +36,8 @@
#include <wolfssl/wolfcrypt/tfm.h>
#else
#include <wolfssl/wolfcrypt/random.h>
#ifndef CHAR_BIT
#include <limits.h>
#endif
@ -313,6 +315,7 @@ int mp_radix_size (mp_int * a, int radix, int *size);
int mp_prime_is_prime (mp_int * a, int t, int *result);
int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
#endif
int mp_cnt_lsb(mp_int *a);

16
wolfssl/wolfcrypt/rsa.h
View File

@ -46,9 +46,23 @@
enum {
RSA_PUBLIC = 0,
RSA_PRIVATE = 1
RSA_PRIVATE = 1,
RSA_PUBLIC_ENCRYPT = 0,
RSA_PUBLIC_DECRYPT = 1,
RSA_PRIVATE_ENCRYPT = 2,
RSA_PRIVATE_DECRYPT = 3,
RSA_BLOCK_TYPE_1 = 1,
RSA_BLOCK_TYPE_2 = 2,
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
};
/* RSA */
typedef struct RsaKey {
mp_int n, e, d, p, q, dP, dQ, u;

11
wolfssl/wolfcrypt/tfm.h
View File

@ -40,6 +40,7 @@
#include <limits.h>
#endif
#include <wolfssl/wolfcrypt/random.h>
#ifdef __cplusplus
extern "C" {
@ -377,6 +378,8 @@ void fp_set(fp_int *a, fp_digit b);
/* check if a bit is set */
int fp_is_bit_set(fp_int *a, fp_digit b);
/* set the b bit to 1 */
int fp_set_bit (fp_int * a, fp_digit b);
/* copy from a to b */
#ifndef ALT_ECC_SIZE
@ -651,6 +654,7 @@ void fp_sqr_comba64(fp_int *a, fp_int *b);
#define MP_EQ FP_EQ /* equal to */
#define MP_GT FP_GT /* greater than */
#define MP_VAL FP_VAL /* invalid */
#define MP_MEM FP_MEM /* memory error */
#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
#define MP_OKAY FP_OKAY /* ok result */
#define MP_NO FP_NO /* yes/no result */
@ -688,8 +692,9 @@ int mp_isodd(mp_int* a);
int mp_iszero(mp_int* a);
int mp_count_bits(mp_int *a);
int mp_leading_bit(mp_int *a);
int mp_set_int(fp_int *a, fp_digit b);
int mp_is_bit_set (fp_int * a, fp_digit b);
int mp_set_int(mp_int *a, mp_digit b);
int mp_is_bit_set (mp_int * a, mp_digit b);
int mp_set_bit (mp_int * a, mp_digit b);
void mp_rshb(mp_int *a, int x);
int mp_toradix (mp_int *a, char *str, int radix);
int mp_radix_size (mp_int * a, int radix, int *size);
@ -713,6 +718,8 @@ int mp_radix_size (mp_int * a, int radix, int *size);
int mp_gcd(fp_int *a, fp_int *b, fp_int *c);
int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
int mp_prime_is_prime(mp_int* a, int t, int* result);
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
int mp_exch(mp_int *a, mp_int *b);
#endif /* WOLFSSL_KEY_GEN */
int mp_cnt_lsb(fp_int *a);