mirror of https://github.com/wolfSSL/wolfssl
Merge branch 'ludovic'
This commit is contained in:
commit
4ba57a609c
|
@ -55,6 +55,12 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
|
|||
}
|
||||
|
||||
|
||||
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
|
||||
const byte* key, word32 keySz, const byte* iv)
|
||||
{
|
||||
return AesCbcDecryptWithKey(out, in, inSz, key, keySz, iv);
|
||||
}
|
||||
|
||||
int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
|
||||
const byte* key, word32 keySz, const byte* iv)
|
||||
{
|
||||
|
@ -1748,6 +1754,33 @@ int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
|
|||
return ret;
|
||||
}
|
||||
|
||||
int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
|
||||
const byte* key, word32 keySz, const byte* iv)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
Aes* aes = NULL;
|
||||
#else
|
||||
Aes aes[1];
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (aes == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
|
||||
ret = wc_AesSetKey(aes, key, keySz, iv, AES_ENCRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_AesCbcEncrypt(aes, out, in, inSz);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(aes, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/* AES-DIRECT */
|
||||
#if defined(WOLFSSL_AES_DIRECT)
|
||||
|
|
|
@ -1386,7 +1386,8 @@ int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
|
|||
if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
|
||||
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
|
||||
GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
|
||||
GetInt(&key->y, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
|
||||
GetInt(&key->y, input, inOutIdx, inSz) < 0 )
|
||||
return ASN_DH_KEY_E;
|
||||
|
||||
key->type = DSA_PUBLIC;
|
||||
return 0;
|
||||
|
@ -1408,7 +1409,8 @@ int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
|
|||
GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
|
||||
GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
|
||||
GetInt(&key->y, input, inOutIdx, inSz) < 0 ||
|
||||
GetInt(&key->x, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
|
||||
GetInt(&key->x, input, inOutIdx, inSz) < 0 )
|
||||
return ASN_DH_KEY_E;
|
||||
|
||||
key->type = DSA_PRIVATE;
|
||||
return 0;
|
||||
|
@ -1423,9 +1425,9 @@ static mp_int* GetDsaInt(DsaKey* key, int idx)
|
|||
if (idx == 2)
|
||||
return &key->g;
|
||||
if (idx == 3)
|
||||
return &key->x;
|
||||
if (idx == 4)
|
||||
return &key->y;
|
||||
if (idx == 4)
|
||||
return &key->x;
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
@ -1445,7 +1447,7 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
|
|||
{
|
||||
word32 seqSz, verSz, rawLen, intTotalLen = 0;
|
||||
word32 sizes[DSA_INTS];
|
||||
int i, j, outLen, ret = 0;
|
||||
int i, j, outLen, ret = 0, lbit;
|
||||
|
||||
byte seq[MAX_SEQ_SZ];
|
||||
byte ver[MAX_VERSION_SZ];
|
||||
|
@ -1463,7 +1465,15 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
|
|||
/* write all big ints from key to DER tmps */
|
||||
for (i = 0; i < DSA_INTS; i++) {
|
||||
mp_int* keyInt = GetDsaInt(key, i);
|
||||
rawLen = mp_unsigned_bin_size(keyInt);
|
||||
|
||||
/* leading zero */
|
||||
if ((mp_count_bits(keyInt) & 7) == 0 || mp_iszero(keyInt) == MP_YES)
|
||||
lbit = 1;
|
||||
else
|
||||
lbit = 0;
|
||||
|
||||
rawLen = mp_unsigned_bin_size(keyInt) + lbit;
|
||||
|
||||
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, NULL, DYNAMIC_TYPE_DSA);
|
||||
if (tmps[i] == NULL) {
|
||||
ret = MEMORY_E;
|
||||
|
@ -1471,12 +1481,16 @@ int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
|
|||
}
|
||||
|
||||
tmps[i][0] = ASN_INTEGER;
|
||||
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
|
||||
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
|
||||
|
||||
if (sizes[i] <= MAX_SEQ_SZ) {
|
||||
/* leading zero */
|
||||
if (lbit)
|
||||
tmps[i][sizes[i]-1] = 0x00;
|
||||
|
||||
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
|
||||
if (err == MP_OKAY) {
|
||||
sizes[i] += rawLen;
|
||||
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
|
||||
intTotalLen += sizes[i];
|
||||
}
|
||||
else {
|
||||
|
@ -4641,24 +4655,49 @@ WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
|
|||
|
||||
|
||||
|
||||
const char* BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
|
||||
const char* END_CERT = "-----END CERTIFICATE-----";
|
||||
const char* BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
|
||||
const char* END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
|
||||
const char* BEGIN_DH_PARAM = "-----BEGIN DH PARAMETERS-----";
|
||||
const char* END_DH_PARAM = "-----END DH PARAMETERS-----";
|
||||
const char* BEGIN_X509_CRL = "-----BEGIN X509 CRL-----";
|
||||
const char* END_X509_CRL = "-----END X509 CRL-----";
|
||||
const char* BEGIN_RSA_PRIV = "-----BEGIN RSA PRIVATE KEY-----";
|
||||
const char* END_RSA_PRIV = "-----END RSA PRIVATE KEY-----";
|
||||
const char* BEGIN_PRIV_KEY = "-----BEGIN PRIVATE KEY-----";
|
||||
const char* END_PRIV_KEY = "-----END PRIVATE KEY-----";
|
||||
const char* BEGIN_ENC_PRIV_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
|
||||
const char* END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
|
||||
const char* BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
|
||||
const char* END_EC_PRIV = "-----END EC PRIVATE KEY-----";
|
||||
const char* BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
|
||||
const char* END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
|
||||
|
||||
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA)
|
||||
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
|
||||
|
||||
/* Used for compatibility API */
|
||||
int wc_DerToPem(const byte* der, word32 derSz,
|
||||
byte* output, word32 outSz, int type)
|
||||
{
|
||||
return wc_DerToPemEx(der, derSz, output, outSz, NULL, type);
|
||||
}
|
||||
|
||||
/* convert der buffer to pem into output, can't do inplace, der and output
|
||||
need to be different */
|
||||
int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
|
||||
int type)
|
||||
int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz,
|
||||
byte *cipher_info, int type)
|
||||
{
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
char* header = NULL;
|
||||
char* footer = NULL;
|
||||
#else
|
||||
char header[80];
|
||||
char footer[80];
|
||||
char header[40 + HEADER_ENCRYPTED_KEY_SIZE];
|
||||
char footer[40];
|
||||
#endif
|
||||
|
||||
int headerLen = 80;
|
||||
int footerLen = 80;
|
||||
int headerLen = 40 + HEADER_ENCRYPTED_KEY_SIZE;
|
||||
int footerLen = 40;
|
||||
int i;
|
||||
int err;
|
||||
int outLen; /* return length or error */
|
||||
|
@ -4670,36 +4709,55 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
|
|||
header = (char*)XMALLOC(headerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (header == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
|
||||
footer = (char*)XMALLOC(footerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (footer == NULL) {
|
||||
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (type == CERT_TYPE) {
|
||||
XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", headerLen);
|
||||
XSTRNCPY(footer, "-----END CERTIFICATE-----\n", footerLen);
|
||||
XSTRNCPY(header, BEGIN_CERT, headerLen);
|
||||
XSTRNCAT(header, "\n", 1);
|
||||
|
||||
XSTRNCPY(footer, END_CERT, footerLen);
|
||||
XSTRNCAT(footer, "\n", 1);
|
||||
}
|
||||
else if (type == PRIVATEKEY_TYPE) {
|
||||
XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", headerLen);
|
||||
XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n", footerLen);
|
||||
XSTRNCPY(header, BEGIN_RSA_PRIV, headerLen);
|
||||
XSTRNCAT(header, "\n", 1);
|
||||
|
||||
XSTRNCPY(footer, END_RSA_PRIV, footerLen);
|
||||
XSTRNCAT(footer, "\n", 1);
|
||||
}
|
||||
#ifdef HAVE_ECC
|
||||
#ifndef NO_DSA
|
||||
else if (type == DSA_PRIVATEKEY_TYPE) {
|
||||
XSTRNCPY(header, BEGIN_DSA_PRIV, headerLen);
|
||||
XSTRNCAT(header, "\n", 1);
|
||||
|
||||
XSTRNCPY(footer, END_DSA_PRIV, footerLen);
|
||||
XSTRNCAT(footer, "\n", 1);
|
||||
}
|
||||
#endif
|
||||
#ifdef HAVE_ECC
|
||||
else if (type == ECC_PRIVATEKEY_TYPE) {
|
||||
XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----\n", headerLen);
|
||||
XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n", footerLen);
|
||||
XSTRNCPY(header, BEGIN_EC_PRIV, headerLen);
|
||||
XSTRNCAT(header, "\n", 1);
|
||||
|
||||
XSTRNCPY(footer, END_EC_PRIV, footerLen);
|
||||
XSTRNCAT(footer, "\n", 1);
|
||||
}
|
||||
#endif
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
#endif
|
||||
#ifdef WOLFSSL_CERT_REQ
|
||||
else if (type == CERTREQ_TYPE)
|
||||
{
|
||||
XSTRNCPY(header,
|
||||
"-----BEGIN CERTIFICATE REQUEST-----\n", headerLen);
|
||||
XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----\n", footerLen);
|
||||
XSTRNCPY(header, BEGIN_CERT_REQ, headerLen);
|
||||
XSTRNCAT(header, "\n", 1);
|
||||
|
||||
XSTRNCPY(footer, END_CERT_REQ, footerLen);
|
||||
XSTRNCAT(footer, "\n", 1);
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
else {
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
@ -4708,6 +4766,14 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
|
|||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* extra header information for encrypted key */
|
||||
if (cipher_info != NULL) {
|
||||
XSTRNCAT(header, "Proc-Type: 4,ENCRYPTED\n", 23);
|
||||
XSTRNCAT(header, "DEK-Info: ", 10);
|
||||
XSTRNCAT(header, (char*)cipher_info, XSTRLEN((char*)cipher_info));
|
||||
XSTRNCAT(header, "\n\n", 2);
|
||||
}
|
||||
|
||||
headerLen = (int)XSTRLEN(header);
|
||||
footerLen = (int)XSTRLEN(footer);
|
||||
|
||||
|
@ -4762,7 +4828,6 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
|
|||
return outLen + headerLen + footerLen;
|
||||
}
|
||||
|
||||
|
||||
#endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */
|
||||
|
||||
|
||||
|
@ -4810,7 +4875,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
|
|||
{
|
||||
word32 seqSz, verSz, rawLen, intTotalLen = 0;
|
||||
word32 sizes[RSA_INTS];
|
||||
int i, j, outLen, ret = 0;
|
||||
int i, j, outLen, ret = 0, lbit;
|
||||
|
||||
byte seq[MAX_SEQ_SZ];
|
||||
byte ver[MAX_VERSION_SZ];
|
||||
|
@ -4828,7 +4893,15 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
|
|||
/* write all big ints from key to DER tmps */
|
||||
for (i = 0; i < RSA_INTS; i++) {
|
||||
mp_int* keyInt = GetRsaInt(key, i);
|
||||
rawLen = mp_unsigned_bin_size(keyInt);
|
||||
|
||||
/* leading zero */
|
||||
if ((mp_count_bits(keyInt) & 7) == 0 || mp_iszero(keyInt) == MP_YES)
|
||||
lbit = 1;
|
||||
else
|
||||
lbit = 0;
|
||||
|
||||
rawLen = mp_unsigned_bin_size(keyInt) + lbit;
|
||||
|
||||
tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
|
||||
DYNAMIC_TYPE_RSA);
|
||||
if (tmps[i] == NULL) {
|
||||
|
@ -4837,12 +4910,16 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
|
|||
}
|
||||
|
||||
tmps[i][0] = ASN_INTEGER;
|
||||
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
|
||||
sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1 + lbit; /* tag & lbit */
|
||||
|
||||
if (sizes[i] <= MAX_SEQ_SZ) {
|
||||
/* leading zero */
|
||||
if (lbit)
|
||||
tmps[i][sizes[i]-1] = 0x00;
|
||||
|
||||
int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
|
||||
if (err == MP_OKAY) {
|
||||
sizes[i] += rawLen;
|
||||
sizes[i] += (rawLen-lbit); /* lbit included in rawLen */
|
||||
intTotalLen += sizes[i];
|
||||
}
|
||||
else {
|
||||
|
@ -6846,84 +6923,109 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
|
|||
/* Write a Private ecc key to DER format, length on success else < 0 */
|
||||
int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
|
||||
{
|
||||
byte curve[MAX_ALGO_SZ];
|
||||
byte curve[MAX_ALGO_SZ+2];
|
||||
byte ver[MAX_VERSION_SZ];
|
||||
byte seq[MAX_SEQ_SZ];
|
||||
int ret;
|
||||
int curveSz;
|
||||
int verSz;
|
||||
byte *prv, *pub;
|
||||
int ret, totalSz, curveSz, verSz;
|
||||
int privHdrSz = ASN_ECC_HEADER_SZ;
|
||||
int pubHdrSz = ASN_ECC_CONTEXT_SZ + ASN_ECC_HEADER_SZ;
|
||||
int curveHdrSz = ASN_ECC_CONTEXT_SZ;
|
||||
word32 seqSz;
|
||||
word32 idx = 0;
|
||||
word32 pubSz = ECC_BUFSIZE;
|
||||
word32 privSz;
|
||||
word32 totalSz;
|
||||
|
||||
word32 idx = 0, prvidx = 0, pubidx = 0, curveidx = 0;
|
||||
word32 seqSz, privSz, pubSz = ECC_BUFSIZE;
|
||||
|
||||
if (key == NULL || output == NULL || inLen == 0)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_ecc_export_x963(key, NULL, &pubSz);
|
||||
if (ret != LENGTH_ONLY_E) {
|
||||
/* curve */
|
||||
curve[curveidx++] = ECC_PREFIX_0;
|
||||
curveidx++ /* to put the size after computation */;
|
||||
curveSz = SetCurve(key, curve+curveidx);
|
||||
if (curveSz < 0)
|
||||
return curveSz;
|
||||
/* set computed size */
|
||||
curve[1] = (byte)curveSz;
|
||||
curveidx += curveSz;
|
||||
|
||||
/* private */
|
||||
privSz = key->dp->size;
|
||||
prv = (byte*)XMALLOC(privSz + privHdrSz + MAX_SEQ_SZ,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (prv == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
prv[prvidx++] = ASN_OCTET_STRING;
|
||||
prv[prvidx++] = (byte)key->dp->size;
|
||||
ret = wc_ecc_export_private_only(key, prv + prvidx, &privSz);
|
||||
if (ret < 0) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
curveSz = SetCurve(key, curve);
|
||||
if (curveSz < 0) {
|
||||
return curveSz;
|
||||
prvidx += privSz;
|
||||
|
||||
/* public */
|
||||
ret = wc_ecc_export_x963(key, NULL, &pubSz);
|
||||
if (ret != LENGTH_ONLY_E) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
|
||||
privSz = key->dp->size;
|
||||
pub = (byte*)XMALLOC(pubSz + pubHdrSz + MAX_SEQ_SZ,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (pub == NULL) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
pub[pubidx++] = ECC_PREFIX_1;
|
||||
if (pubSz > 128) /* leading zero + extra size byte */
|
||||
pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 2, pub+pubidx);
|
||||
else /* leading zero */
|
||||
pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 1, pub+pubidx);
|
||||
pub[pubidx++] = ASN_BIT_STRING;
|
||||
pubidx += SetLength(pubSz + 1, pub+pubidx);
|
||||
pub[pubidx++] = (byte)0; /* leading zero */
|
||||
ret = wc_ecc_export_x963(key, pub + pubidx, &pubSz);
|
||||
if (ret != 0) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return ret;
|
||||
}
|
||||
pubidx += pubSz;
|
||||
|
||||
/* make headers */
|
||||
verSz = SetMyVersion(1, ver, FALSE);
|
||||
if (verSz < 0) {
|
||||
return verSz;
|
||||
seqSz = SetSequence(verSz + prvidx + pubidx + curveidx, seq);
|
||||
|
||||
totalSz = prvidx + pubidx + curveidx + verSz + seqSz;
|
||||
if (totalSz > (int)inLen) {
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
totalSz = verSz + privSz + privHdrSz + curveSz + curveHdrSz +
|
||||
pubSz + pubHdrSz + 1; /* plus null byte b4 public */
|
||||
seqSz = SetSequence(totalSz, seq);
|
||||
totalSz += seqSz;
|
||||
|
||||
if (totalSz > inLen) {
|
||||
return BUFFER_E;
|
||||
}
|
||||
|
||||
/* write it out */
|
||||
/* write out */
|
||||
/* seq */
|
||||
XMEMCPY(output + idx, seq, seqSz);
|
||||
idx += seqSz;
|
||||
idx = seqSz;
|
||||
|
||||
/* ver */
|
||||
/* ver */
|
||||
XMEMCPY(output + idx, ver, verSz);
|
||||
idx += verSz;
|
||||
|
||||
/* private */
|
||||
output[idx++] = ASN_OCTET_STRING;
|
||||
output[idx++] = (byte)privSz;
|
||||
ret = wc_ecc_export_private_only(key, output + idx, &privSz);
|
||||
if (ret < 0) {
|
||||
return ret;
|
||||
}
|
||||
idx += privSz;
|
||||
XMEMCPY(output + idx, prv, prvidx);
|
||||
idx += prvidx;
|
||||
XFREE(prv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
/* curve */
|
||||
output[idx++] = ECC_PREFIX_0;
|
||||
output[idx++] = (byte)curveSz;
|
||||
XMEMCPY(output + idx, curve, curveSz);
|
||||
idx += curveSz;
|
||||
XMEMCPY(output + idx, curve, curveidx);
|
||||
idx += curveidx;
|
||||
|
||||
/* public */
|
||||
output[idx++] = ECC_PREFIX_1;
|
||||
output[idx++] = (byte)pubSz + ASN_ECC_CONTEXT_SZ + 1; /* plus null byte */
|
||||
output[idx++] = ASN_BIT_STRING;
|
||||
output[idx++] = (byte)pubSz + 1; /* plus null byte */
|
||||
output[idx++] = (byte)0; /* null byte */
|
||||
ret = wc_ecc_export_x963(key, output + idx, &pubSz);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
/* idx += pubSz if do more later */
|
||||
XMEMCPY(output + idx, pub, pubidx);
|
||||
/* idx += pubidx; not used after write, if more data remove comment */
|
||||
XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
return totalSz;
|
||||
}
|
||||
|
|
|
@ -410,6 +410,39 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen)
|
|||
return 0;
|
||||
}
|
||||
|
||||
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen)
|
||||
{
|
||||
word32 outIdx = 0;
|
||||
word32 i;
|
||||
byte hb, lb;
|
||||
|
||||
if (*outLen < (2 * inLen + 1))
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
for (i = 0; i < inLen; i++) {
|
||||
hb = in[i] >> 4;
|
||||
lb = in[i] & 0x0f;
|
||||
|
||||
/* ASCII value */
|
||||
hb += '0';
|
||||
if (hb > '9')
|
||||
hb += 7;
|
||||
|
||||
/* ASCII value */
|
||||
lb += '0';
|
||||
if (lb>'9')
|
||||
lb += 7;
|
||||
|
||||
out[outIdx++] = hb;
|
||||
out[outIdx++] = lb;
|
||||
}
|
||||
|
||||
/* force 0 at this end */
|
||||
out[outIdx++] = 0;
|
||||
|
||||
*outLen = outIdx;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif /* (OPENSSL_EXTRA) || (HAVE_WEBSERVER) || (HAVE_FIPS) */
|
||||
|
||||
|
|
|
@ -91,8 +91,14 @@ void wc_Des_SetIV(Des* des, const byte* iv)
|
|||
}
|
||||
|
||||
|
||||
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
return Des_CbcEncryptWithKey(out, in, sz, key, iv);
|
||||
}
|
||||
|
||||
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
return Des_CbcDecryptWithKey(out, in, sz, key, iv);
|
||||
}
|
||||
|
@ -104,13 +110,18 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
|
|||
}
|
||||
|
||||
|
||||
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
return Des3_CbcEncryptWithKey(out, in, sz, key, iv);
|
||||
}
|
||||
|
||||
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
return Des3_CbcDecryptWithKey(out, in, sz, key, iv);
|
||||
}
|
||||
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
|
||||
/* Initiliaze Des3 for use with Nitrox device */
|
||||
|
@ -1490,8 +1501,35 @@ void wc_Des_SetIV(Des* des, const byte* iv)
|
|||
}
|
||||
|
||||
|
||||
int wc_Des_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
Des* des = NULL;
|
||||
#else
|
||||
Des des[1];
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
des = (Des*)XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (des == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
|
||||
ret = wc_Des_SetKey(des, key, iv, DES_ENCRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des_CbcEncrypt(des, out, in, sz);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
|
@ -1508,7 +1546,7 @@ int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
|||
|
||||
ret = wc_Des_SetKey(des, key, iv, DES_DECRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des_CbcDecrypt(des, out, in, sz);
|
||||
ret = wc_Des_CbcDecrypt(des, out, in, sz);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(des, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
@ -1529,8 +1567,35 @@ int wc_Des3_SetIV(Des3* des, const byte* iv)
|
|||
}
|
||||
|
||||
|
||||
int wc_Des3_CbcEncryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
Des3* des3 = NULL;
|
||||
#else
|
||||
Des3 des3[1];
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
des3 = (Des3*)XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (des3 == NULL)
|
||||
return MEMORY_E;
|
||||
#endif
|
||||
|
||||
ret = wc_Des3_SetKey(des3, key, iv, DES_ENCRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des3_CbcEncrypt(des3, out, in, sz);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
#endif
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv)
|
||||
const byte* key, const byte* iv)
|
||||
{
|
||||
int ret = 0;
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
|
@ -1547,7 +1612,7 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
|||
|
||||
ret = wc_Des3_SetKey(des3, key, iv, DES_DECRYPTION);
|
||||
if (ret == 0)
|
||||
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
|
||||
ret = wc_Des3_CbcDecrypt(des3, out, in, sz);
|
||||
|
||||
#ifdef WOLFSSL_SMALL_STACK
|
||||
XFREE(des3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
|
|
@ -18,6 +18,7 @@
|
|||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*/
|
||||
#include <stdio.h>
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
|
@ -27,10 +28,12 @@
|
|||
|
||||
#ifndef NO_DSA
|
||||
|
||||
#include <wolfssl/wolfcrypt/dsa.h>
|
||||
#include <wolfssl/wolfcrypt/sha.h>
|
||||
#include <wolfssl/wolfcrypt/random.h>
|
||||
#include <wolfssl/wolfcrypt/integer.h>
|
||||
#include <wolfssl/wolfcrypt/error-crypt.h>
|
||||
#include <wolfssl/wolfcrypt/logging.h>
|
||||
#include <wolfssl/wolfcrypt/sha.h>
|
||||
#include <wolfssl/wolfcrypt/dsa.h>
|
||||
|
||||
|
||||
enum {
|
||||
|
@ -80,6 +83,263 @@ void wc_FreeDsaKey(DsaKey* key)
|
|||
#endif
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
|
||||
int wc_MakeDsaKey(RNG *rng, DsaKey *dsa)
|
||||
{
|
||||
unsigned char *buf;
|
||||
int qsize, err;
|
||||
|
||||
if (rng == NULL || dsa == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
qsize = mp_unsigned_bin_size(&dsa->q);
|
||||
if (qsize == 0)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
/* allocate ram */
|
||||
buf = (unsigned char *)XMALLOC(qsize, NULL,
|
||||
DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buf == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
if (mp_init(&dsa->x) != MP_OKAY) {
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MP_INIT_E;
|
||||
}
|
||||
|
||||
do {
|
||||
/* make a random exponent mod q */
|
||||
err = wc_RNG_GenerateBlock(rng, buf, qsize);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->x);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
|
||||
err = mp_read_unsigned_bin(&dsa->x, buf, qsize);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->x);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
} while (mp_cmp_d(&dsa->x, 1) != MP_GT);
|
||||
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
if (mp_init(&dsa->y) != MP_OKAY) {
|
||||
mp_clear(&dsa->x);
|
||||
return MP_INIT_E;
|
||||
}
|
||||
|
||||
/* public key : y = g^x mod p */
|
||||
err = mp_exptmod(&dsa->g, &dsa->x, &dsa->p, &dsa->y);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->x);
|
||||
mp_clear(&dsa->y);
|
||||
return err;
|
||||
}
|
||||
|
||||
dsa->type = DSA_PRIVATE;
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
/* modulus_size in bits */
|
||||
int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa)
|
||||
{
|
||||
mp_int tmp, tmp2;
|
||||
int err, msize, qsize,
|
||||
loop_check_prime = 0,
|
||||
check_prime = MP_NO;
|
||||
unsigned char *buf;
|
||||
|
||||
if (rng == NULL || dsa == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
/* set group size in bytes from modulus size
|
||||
* FIPS 186-4 defines valid values (1024, 160) (2048, 256) (3072, 256)
|
||||
*/
|
||||
switch (modulus_size) {
|
||||
case 1024:
|
||||
qsize = 20;
|
||||
break;
|
||||
case 2048:
|
||||
case 3072:
|
||||
qsize = 32;
|
||||
break;
|
||||
default:
|
||||
return BAD_FUNC_ARG;
|
||||
break;
|
||||
}
|
||||
|
||||
/* modulus size in bytes */
|
||||
msize = modulus_size / 8;
|
||||
|
||||
/* allocate ram */
|
||||
buf = (unsigned char *)XMALLOC(msize - qsize,
|
||||
NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buf == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
/* make a random string that will be multplied against q */
|
||||
err = wc_RNG_GenerateBlock(rng, buf, msize - qsize);
|
||||
if (err != MP_OKAY) {
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* force magnitude */
|
||||
buf[0] |= 0xC0;
|
||||
|
||||
/* force even */
|
||||
buf[msize - qsize - 1] &= ~1;
|
||||
|
||||
if (mp_init_multi(&tmp2, &dsa->p, &dsa->q, 0, 0, 0) != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return MP_INIT_E;
|
||||
}
|
||||
|
||||
err = mp_read_unsigned_bin(&tmp2, buf, msize - qsize);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp2);
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return err;
|
||||
}
|
||||
XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
/* make our prime q */
|
||||
err = mp_rand_prime(&dsa->q, qsize, rng, NULL);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* p = random * q */
|
||||
err = mp_mul(&dsa->q, &tmp2, &dsa->p);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* p = random * q + 1, so q is a prime divisor of p-1 */
|
||||
err = mp_add_d(&dsa->p, 1, &dsa->p);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
if (mp_init(&tmp) != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp2);
|
||||
return MP_INIT_E;
|
||||
}
|
||||
|
||||
/* tmp = 2q */
|
||||
err = mp_add(&dsa->q, &dsa->q, &tmp);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* loop until p is prime */
|
||||
while (check_prime == MP_NO) {
|
||||
err = mp_prime_is_prime(&dsa->p, 8, &check_prime);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
if (check_prime != MP_YES) {
|
||||
/* p += 2q */
|
||||
err = mp_add(&tmp, &dsa->p, &dsa->p);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
loop_check_prime++;
|
||||
}
|
||||
}
|
||||
|
||||
/* tmp2 += (2*loop_check_prime)
|
||||
* to have p = (q * tmp2) + 1 prime
|
||||
*/
|
||||
if (loop_check_prime) {
|
||||
err = mp_add_d(&tmp2, 2*loop_check_prime, &tmp2);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
}
|
||||
|
||||
if (mp_init(&dsa->g) != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
return MP_INIT_E;
|
||||
}
|
||||
|
||||
/* find a value g for which g^tmp2 != 1 */
|
||||
mp_set(&dsa->g, 1);
|
||||
|
||||
do {
|
||||
err = mp_add_d(&dsa->g, 1, &dsa->g);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&dsa->g);
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
err = mp_exptmod(&dsa->g, &tmp2, &dsa->p, &tmp);
|
||||
if (err != MP_OKAY) {
|
||||
mp_clear(&dsa->q);
|
||||
mp_clear(&dsa->p);
|
||||
mp_clear(&dsa->g);
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
return err;
|
||||
}
|
||||
|
||||
} while (mp_cmp_d(&tmp, 1) == MP_EQ);
|
||||
|
||||
/* at this point tmp generates a group of order q mod p */
|
||||
mp_exch(&tmp, &dsa->g);
|
||||
|
||||
mp_clear(&tmp);
|
||||
mp_clear(&tmp2);
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
|
||||
int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng)
|
||||
{
|
||||
|
|
|
@ -1014,7 +1014,7 @@ int ecc_map(ecc_point* P, mp_int* modulus, mp_digit* mp)
|
|||
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map)
|
||||
#else
|
||||
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int map)
|
||||
#endif
|
||||
{
|
||||
|
@ -1043,10 +1043,10 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
|||
|
||||
/* alloc ram for window temps */
|
||||
for (i = 0; i < 8; i++) {
|
||||
M[i] = ecc_new_point();
|
||||
M[i] = wc_ecc_new_point();
|
||||
if (M[i] == NULL) {
|
||||
for (j = 0; j < i; j++) {
|
||||
ecc_del_point(M[j]);
|
||||
wc_ecc_del_point(M[j]);
|
||||
}
|
||||
mp_clear(&mu);
|
||||
return MEMORY_E;
|
||||
|
@ -1054,7 +1054,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
|||
}
|
||||
|
||||
/* make a copy of G incase R==G */
|
||||
tG = ecc_new_point();
|
||||
tG = wc_ecc_new_point();
|
||||
if (tG == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
|
@ -1204,9 +1204,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
|||
err = ecc_map(R, modulus, &mp);
|
||||
|
||||
mp_clear(&mu);
|
||||
ecc_del_point(tG);
|
||||
wc_ecc_del_point(tG);
|
||||
for (i = 0; i < 8; i++) {
|
||||
ecc_del_point(M[i]);
|
||||
wc_ecc_del_point(M[i]);
|
||||
}
|
||||
return err;
|
||||
}
|
||||
|
@ -1229,7 +1229,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
|||
static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map)
|
||||
#else
|
||||
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int map)
|
||||
#endif
|
||||
{
|
||||
|
@ -1257,10 +1257,10 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
|||
|
||||
/* alloc ram for window temps */
|
||||
for (i = 0; i < 3; i++) {
|
||||
M[i] = ecc_new_point();
|
||||
M[i] = wc_ecc_new_point();
|
||||
if (M[i] == NULL) {
|
||||
for (j = 0; j < i; j++) {
|
||||
ecc_del_point(M[j]);
|
||||
wc_ecc_del_point(M[j]);
|
||||
}
|
||||
mp_clear(&mu);
|
||||
return MEMORY_E;
|
||||
|
@ -1268,7 +1268,7 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
|||
}
|
||||
|
||||
/* make a copy of G incase R==G */
|
||||
tG = ecc_new_point();
|
||||
tG = wc_ecc_new_point();
|
||||
if (tG == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
|
@ -1364,9 +1364,9 @@ int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
|||
|
||||
/* done */
|
||||
mp_clear(&mu);
|
||||
ecc_del_point(tG);
|
||||
wc_ecc_del_point(tG);
|
||||
for (i = 0; i < 3; i++) {
|
||||
ecc_del_point(M[i]);
|
||||
wc_ecc_del_point(M[i]);
|
||||
}
|
||||
return err;
|
||||
}
|
||||
|
@ -1389,7 +1389,7 @@ static void alt_fp_init(fp_int* a)
|
|||
Allocate a new ECC point
|
||||
return A newly allocated point or NULL on error
|
||||
*/
|
||||
ecc_point* ecc_new_point(void)
|
||||
ecc_point* wc_ecc_new_point(void)
|
||||
{
|
||||
ecc_point* p;
|
||||
|
||||
|
@ -1425,7 +1425,7 @@ ecc_point* ecc_new_point(void)
|
|||
/** Free an ECC point from memory
|
||||
p The point to free
|
||||
*/
|
||||
void ecc_del_point(ecc_point* p)
|
||||
void wc_ecc_del_point(ecc_point* p)
|
||||
{
|
||||
/* prevents free'ing null arguments */
|
||||
if (p != NULL) {
|
||||
|
@ -1440,7 +1440,7 @@ void ecc_del_point(ecc_point* p)
|
|||
p The point to copy
|
||||
r The created point
|
||||
*/
|
||||
int ecc_copy_point(ecc_point* p, ecc_point *r)
|
||||
int wc_ecc_copy_point(ecc_point* p, ecc_point *r)
|
||||
{
|
||||
int ret;
|
||||
|
||||
|
@ -1467,7 +1467,7 @@ int ecc_copy_point(ecc_point* p, ecc_point *r)
|
|||
|
||||
return MP_EQ if equal, MP_LT/MP_GT if not, < 0 in case of error
|
||||
*/
|
||||
int ecc_cmp_point(ecc_point* a, ecc_point *b)
|
||||
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b)
|
||||
{
|
||||
int ret;
|
||||
|
||||
|
@ -1492,7 +1492,7 @@ int ecc_cmp_point(ecc_point* a, ecc_point *b)
|
|||
n The idx number to check
|
||||
return 1 if valid, 0 if not
|
||||
*/
|
||||
static int ecc_is_valid_idx(int n)
|
||||
int wc_ecc_is_valid_idx(int n)
|
||||
{
|
||||
int x;
|
||||
|
||||
|
@ -1533,28 +1533,28 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
|
|||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
|
||||
if (ecc_is_valid_idx(private_key->idx) == 0 ||
|
||||
ecc_is_valid_idx(public_key->idx) == 0)
|
||||
if (wc_ecc_is_valid_idx(private_key->idx) == 0 ||
|
||||
wc_ecc_is_valid_idx(public_key->idx) == 0)
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
if (XSTRNCMP(private_key->dp->name, public_key->dp->name, ECC_MAXNAME) != 0)
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
/* make new point */
|
||||
result = ecc_new_point();
|
||||
result = wc_ecc_new_point();
|
||||
if (result == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if ((err = mp_init(&prime)) != MP_OKAY) {
|
||||
ecc_del_point(result);
|
||||
wc_ecc_del_point(result);
|
||||
return err;
|
||||
}
|
||||
|
||||
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
|
||||
err = wc_ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1);
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
x = mp_unsigned_bin_size(&prime);
|
||||
|
@ -1570,7 +1570,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
|
|||
}
|
||||
|
||||
mp_clear(&prime);
|
||||
ecc_del_point(result);
|
||||
wc_ecc_del_point(result);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
@ -1600,24 +1600,24 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
|
|||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
|
||||
if (ecc_is_valid_idx(private_key->idx) == 0)
|
||||
if (wc_ecc_is_valid_idx(private_key->idx) == 0)
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
/* make new point */
|
||||
result = ecc_new_point();
|
||||
result = wc_ecc_new_point();
|
||||
if (result == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
|
||||
if ((err = mp_init(&prime)) != MP_OKAY) {
|
||||
ecc_del_point(result);
|
||||
wc_ecc_del_point(result);
|
||||
return err;
|
||||
}
|
||||
|
||||
err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16);
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_mulmod(&private_key->k, point, result, &prime, 1);
|
||||
err = wc_ecc_mulmod(&private_key->k, point, result, &prime, 1);
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
x = mp_unsigned_bin_size(&prime);
|
||||
|
@ -1633,14 +1633,14 @@ int wc_ecc_shared_secret_ssh(ecc_key* private_key, ecc_point* point,
|
|||
}
|
||||
|
||||
mp_clear(&prime);
|
||||
ecc_del_point(result);
|
||||
wc_ecc_del_point(result);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
||||
|
||||
/* return 1 if point is at infinity, 0 if not, < 0 on error */
|
||||
int ecc_point_is_at_infinity(ecc_point* p)
|
||||
int wc_ecc_point_is_at_infinity(ecc_point* p)
|
||||
{
|
||||
if (p == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
@ -1708,7 +1708,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||
}
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
base = ecc_new_point();
|
||||
base = wc_ecc_new_point();
|
||||
if (base == NULL)
|
||||
err = MEMORY_E;
|
||||
}
|
||||
|
@ -1735,7 +1735,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||
}
|
||||
/* make the public key */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
|
||||
err = wc_ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1);
|
||||
|
||||
#ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
|
||||
/* validate the public key, order * pubkey = point at infinity */
|
||||
|
@ -1753,7 +1753,7 @@ static int wc_ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp)
|
|||
mp_clear(key->pubkey.z);
|
||||
mp_clear(&key->k);
|
||||
}
|
||||
ecc_del_point(base);
|
||||
wc_ecc_del_point(base);
|
||||
if (po_init) {
|
||||
mp_clear(&prime);
|
||||
mp_clear(&order);
|
||||
|
@ -1886,7 +1886,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, RNG* rng,
|
|||
}
|
||||
|
||||
/* is the IDX valid ? */
|
||||
if (ecc_is_valid_idx(key->idx) != 1) {
|
||||
if (wc_ecc_is_valid_idx(key->idx) != 1) {
|
||||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
|
||||
|
@ -2059,10 +2059,10 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
|
|||
/* allocate the table */
|
||||
if (err == MP_OKAY) {
|
||||
for (x = 0; x < 16; x++) {
|
||||
precomp[x] = ecc_new_point();
|
||||
precomp[x] = wc_ecc_new_point();
|
||||
if (precomp[x] == NULL) {
|
||||
for (y = 0; y < x; ++y) {
|
||||
ecc_del_point(precomp[y]);
|
||||
wc_ecc_del_point(precomp[y]);
|
||||
}
|
||||
err = GEN_MEM_ERR;
|
||||
break;
|
||||
|
@ -2203,7 +2203,7 @@ static int ecc_mul2add(ecc_point* A, mp_int* kA,
|
|||
|
||||
if (tableInit) {
|
||||
for (x = 0; x < 16; x++) {
|
||||
ecc_del_point(precomp[x]);
|
||||
wc_ecc_del_point(precomp[x]);
|
||||
}
|
||||
}
|
||||
ForceZero(tA, ECC_BUFSIZE);
|
||||
|
@ -2300,7 +2300,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||
*stat = 0;
|
||||
|
||||
/* is the IDX valid ? */
|
||||
if (ecc_is_valid_idx(key->idx) != 1) {
|
||||
if (wc_ecc_is_valid_idx(key->idx) != 1) {
|
||||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
|
||||
|
@ -2320,8 +2320,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||
}
|
||||
|
||||
/* allocate points */
|
||||
mG = ecc_new_point();
|
||||
mQ = ecc_new_point();
|
||||
mG = wc_ecc_new_point();
|
||||
mQ = wc_ecc_new_point();
|
||||
if (mQ == NULL || mG == NULL)
|
||||
err = MEMORY_E;
|
||||
|
||||
|
@ -2388,9 +2388,9 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||
|
||||
/* compute u1*mG + u2*mQ = mG */
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_mulmod(&u1, mG, mG, &m, 0);
|
||||
err = wc_ecc_mulmod(&u1, mG, mG, &m, 0);
|
||||
if (err == MP_OKAY)
|
||||
err = ecc_mulmod(&u2, mQ, mQ, &m, 0);
|
||||
err = wc_ecc_mulmod(&u2, mQ, mQ, &m, 0);
|
||||
|
||||
/* find the montgomery mp */
|
||||
if (err == MP_OKAY)
|
||||
|
@ -2420,8 +2420,8 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
|
|||
*stat = 1;
|
||||
}
|
||||
|
||||
ecc_del_point(mG);
|
||||
ecc_del_point(mQ);
|
||||
wc_ecc_del_point(mG);
|
||||
wc_ecc_del_point(mQ);
|
||||
|
||||
mp_clear(&v);
|
||||
mp_clear(&w);
|
||||
|
@ -2442,7 +2442,7 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
|
|||
int compressed = 0;
|
||||
|
||||
if (in == NULL || point == NULL || (curve_idx < 0) ||
|
||||
(ecc_is_valid_idx(curve_idx) == 0))
|
||||
(wc_ecc_is_valid_idx(curve_idx) == 0))
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
/* must be odd */
|
||||
|
@ -2568,7 +2568,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point, byte* out,
|
|||
word32 numlen;
|
||||
int ret = MP_OKAY;
|
||||
|
||||
if ((curve_idx < 0) || (ecc_is_valid_idx(curve_idx) == 0))
|
||||
if ((curve_idx < 0) || (wc_ecc_is_valid_idx(curve_idx) == 0))
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
/* return length needed only */
|
||||
|
@ -2645,7 +2645,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen)
|
|||
if (key == NULL || out == NULL || outLen == NULL)
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
if (ecc_is_valid_idx(key->idx) == 0) {
|
||||
if (wc_ecc_is_valid_idx(key->idx) == 0) {
|
||||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
numlen = key->dp->size;
|
||||
|
@ -2780,7 +2780,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
|
|||
if (key == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
base = ecc_new_point();
|
||||
base = wc_ecc_new_point();
|
||||
if (base == NULL)
|
||||
return MEMORY_E;
|
||||
|
||||
|
@ -2792,11 +2792,11 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
|
|||
mp_set(base->z, 1);
|
||||
|
||||
if (err == MP_OKAY) {
|
||||
res = ecc_new_point();
|
||||
res = wc_ecc_new_point();
|
||||
if (res == NULL)
|
||||
err = MEMORY_E;
|
||||
else {
|
||||
err = ecc_mulmod(&key->k, base, res, prime, 1);
|
||||
err = wc_ecc_mulmod(&key->k, base, res, prime, 1);
|
||||
if (err == MP_OKAY) {
|
||||
/* compare result to public key */
|
||||
if (mp_cmp(res->x, key->pubkey.x) != MP_EQ ||
|
||||
|
@ -2809,8 +2809,8 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* prime)
|
|||
}
|
||||
}
|
||||
|
||||
ecc_del_point(res);
|
||||
ecc_del_point(base);
|
||||
wc_ecc_del_point(res);
|
||||
wc_ecc_del_point(base);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
@ -2853,16 +2853,16 @@ static int ecc_check_pubkey_order(ecc_key* key, mp_int* prime, mp_int* order)
|
|||
if (key == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
inf = ecc_new_point();
|
||||
inf = wc_ecc_new_point();
|
||||
if (inf == NULL)
|
||||
err = MEMORY_E;
|
||||
else {
|
||||
err = ecc_mulmod(order, &key->pubkey, inf, prime, 1);
|
||||
if (err == MP_OKAY && !ecc_point_is_at_infinity(inf))
|
||||
err = wc_ecc_mulmod(order, &key->pubkey, inf, prime, 1);
|
||||
if (err == MP_OKAY && !wc_ecc_point_is_at_infinity(inf))
|
||||
err = ECC_INF_E;
|
||||
}
|
||||
|
||||
ecc_del_point(inf);
|
||||
wc_ecc_del_point(inf);
|
||||
|
||||
return err;
|
||||
}
|
||||
|
@ -2879,7 +2879,7 @@ int wc_ecc_check_key(ecc_key* key)
|
|||
return BAD_FUNC_ARG;
|
||||
|
||||
/* pubkey point cannot be at inifinity */
|
||||
if (ecc_point_is_at_infinity(&key->pubkey))
|
||||
if (wc_ecc_point_is_at_infinity(&key->pubkey))
|
||||
return ECC_INF_E;
|
||||
|
||||
err = mp_init_multi(&prime, &order, NULL, NULL, NULL, NULL);
|
||||
|
@ -3069,7 +3069,7 @@ int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen)
|
|||
if (key == NULL || out == NULL || outLen == NULL)
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
if (ecc_is_valid_idx(key->idx) == 0) {
|
||||
if (wc_ecc_is_valid_idx(key->idx) == 0) {
|
||||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
numlen = key->dp->size;
|
||||
|
@ -3846,10 +3846,10 @@ static int find_hole(void)
|
|||
/* free entry z */
|
||||
if (z >= 0 && fp_cache[z].g) {
|
||||
mp_clear(&fp_cache[z].mu);
|
||||
ecc_del_point(fp_cache[z].g);
|
||||
wc_ecc_del_point(fp_cache[z].g);
|
||||
fp_cache[z].g = NULL;
|
||||
for (x = 0; x < (1U<<FP_LUT); x++) {
|
||||
ecc_del_point(fp_cache[z].LUT[x]);
|
||||
wc_ecc_del_point(fp_cache[z].LUT[x]);
|
||||
fp_cache[z].LUT[x] = NULL;
|
||||
}
|
||||
fp_cache[z].lru_count = 0;
|
||||
|
@ -3881,7 +3881,7 @@ static int add_entry(int idx, ecc_point *g)
|
|||
unsigned x, y;
|
||||
|
||||
/* allocate base and LUT */
|
||||
fp_cache[idx].g = ecc_new_point();
|
||||
fp_cache[idx].g = wc_ecc_new_point();
|
||||
if (fp_cache[idx].g == NULL) {
|
||||
return GEN_MEM_ERR;
|
||||
}
|
||||
|
@ -3890,19 +3890,19 @@ static int add_entry(int idx, ecc_point *g)
|
|||
if ((mp_copy(g->x, fp_cache[idx].g->x) != MP_OKAY) ||
|
||||
(mp_copy(g->y, fp_cache[idx].g->y) != MP_OKAY) ||
|
||||
(mp_copy(g->z, fp_cache[idx].g->z) != MP_OKAY)) {
|
||||
ecc_del_point(fp_cache[idx].g);
|
||||
wc_ecc_del_point(fp_cache[idx].g);
|
||||
fp_cache[idx].g = NULL;
|
||||
return GEN_MEM_ERR;
|
||||
}
|
||||
|
||||
for (x = 0; x < (1U<<FP_LUT); x++) {
|
||||
fp_cache[idx].LUT[x] = ecc_new_point();
|
||||
fp_cache[idx].LUT[x] = wc_ecc_new_point();
|
||||
if (fp_cache[idx].LUT[x] == NULL) {
|
||||
for (y = 0; y < x; y++) {
|
||||
ecc_del_point(fp_cache[idx].LUT[y]);
|
||||
wc_ecc_del_point(fp_cache[idx].LUT[y]);
|
||||
fp_cache[idx].LUT[y] = NULL;
|
||||
}
|
||||
ecc_del_point(fp_cache[idx].g);
|
||||
wc_ecc_del_point(fp_cache[idx].g);
|
||||
fp_cache[idx].g = NULL;
|
||||
fp_cache[idx].lru_count = 0;
|
||||
return GEN_MEM_ERR;
|
||||
|
@ -4042,10 +4042,10 @@ static int build_lut(int idx, mp_int* modulus, mp_digit* mp, mp_int* mu)
|
|||
|
||||
/* err cleanup */
|
||||
for (y = 0; y < (1U<<FP_LUT); y++) {
|
||||
ecc_del_point(fp_cache[idx].LUT[y]);
|
||||
wc_ecc_del_point(fp_cache[idx].LUT[y]);
|
||||
fp_cache[idx].LUT[y] = NULL;
|
||||
}
|
||||
ecc_del_point(fp_cache[idx].g);
|
||||
wc_ecc_del_point(fp_cache[idx].g);
|
||||
fp_cache[idx].g = NULL;
|
||||
fp_cache[idx].lru_count = 0;
|
||||
mp_clear(&fp_cache[idx].mu);
|
||||
|
@ -4576,7 +4576,7 @@ int ecc_mul2add(ecc_point* A, mp_int* kA,
|
|||
otherwise it's left in jacobian-montgomery form
|
||||
return MP_OKAY if successful
|
||||
*/
|
||||
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus,
|
||||
int map)
|
||||
{
|
||||
int idx, err = MP_OKAY;
|
||||
|
@ -4661,10 +4661,10 @@ static void wc_ecc_fp_free_cache(void)
|
|||
for (x = 0; x < FP_ENTRIES; x++) {
|
||||
if (fp_cache[x].g != NULL) {
|
||||
for (y = 0; y < (1U<<FP_LUT); y++) {
|
||||
ecc_del_point(fp_cache[x].LUT[y]);
|
||||
wc_ecc_del_point(fp_cache[x].LUT[y]);
|
||||
fp_cache[x].LUT[y] = NULL;
|
||||
}
|
||||
ecc_del_point(fp_cache[x].g);
|
||||
wc_ecc_del_point(fp_cache[x].g);
|
||||
fp_cache[x].g = NULL;
|
||||
mp_clear(&fp_cache[x].mu);
|
||||
fp_cache[x].lru_count = 0;
|
||||
|
@ -5500,7 +5500,7 @@ int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen)
|
|||
if (key == NULL || out == NULL || outLen == NULL)
|
||||
return ECC_BAD_ARG_E;
|
||||
|
||||
if (ecc_is_valid_idx(key->idx) == 0) {
|
||||
if (wc_ecc_is_valid_idx(key->idx) == 0) {
|
||||
return ECC_BAD_ARG_E;
|
||||
}
|
||||
numlen = key->dp->size;
|
||||
|
|
|
@ -45,6 +45,14 @@
|
|||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef SHOW_GEN
|
||||
#ifdef FREESCALE_MQX
|
||||
#include <fio.h>
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* reverse an array, used for radix code */
|
||||
static void
|
||||
bn_reverse (unsigned char *s, int len)
|
||||
|
@ -2493,46 +2501,21 @@ int mp_reduce_2k_setup(mp_int *a, mp_digit *d)
|
|||
}
|
||||
|
||||
|
||||
/* computes a = 2**b
|
||||
*
|
||||
* Simple algorithm which zeroes the int, grows it then just sets one bit
|
||||
* as required.
|
||||
*/
|
||||
int
|
||||
mp_2expt (mp_int * a, int b)
|
||||
{
|
||||
int res;
|
||||
|
||||
/* zero a as per default */
|
||||
mp_zero (a);
|
||||
|
||||
/* grow a to accomodate the single bit */
|
||||
if ((res = mp_grow (a, b / DIGIT_BIT + 1)) != MP_OKAY) {
|
||||
return res;
|
||||
}
|
||||
|
||||
/* set the used count of where the bit will go */
|
||||
a->used = b / DIGIT_BIT + 1;
|
||||
|
||||
/* put the single bit in its place */
|
||||
a->dp[b / DIGIT_BIT] = ((mp_digit)1) << (b % DIGIT_BIT);
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
/* set the b bit of a */
|
||||
int
|
||||
mp_set_bit (mp_int * a, int b)
|
||||
{
|
||||
int i = b / DIGIT_BIT, res;
|
||||
|
||||
/* grow a to accomodate the single bit */
|
||||
if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
|
||||
return res;
|
||||
}
|
||||
if (a->used < (int)(i + 1)) {
|
||||
/* grow a to accomodate the single bit */
|
||||
if ((res = mp_grow (a, i + 1)) != MP_OKAY) {
|
||||
return res;
|
||||
}
|
||||
|
||||
/* set the used count of where the bit will go */
|
||||
a->used = i + 1;
|
||||
/* set the used count of where the bit will go */
|
||||
a->used = (int)(i + 1);
|
||||
}
|
||||
|
||||
/* put the single bit in its place */
|
||||
a->dp[i] |= ((mp_digit)1) << (b % DIGIT_BIT);
|
||||
|
@ -2540,6 +2523,19 @@ mp_set_bit (mp_int * a, int b)
|
|||
return MP_OKAY;
|
||||
}
|
||||
|
||||
/* computes a = 2**b
|
||||
*
|
||||
* Simple algorithm which zeroes the int, set the required bit
|
||||
*/
|
||||
int
|
||||
mp_2expt (mp_int * a, int b)
|
||||
{
|
||||
/* zero a as per default */
|
||||
mp_zero (a);
|
||||
|
||||
return mp_set_bit(a, b);
|
||||
}
|
||||
|
||||
/* multiply by a digit */
|
||||
int
|
||||
mp_mul_d (mp_int * a, mp_digit b, mp_int * c)
|
||||
|
@ -3882,7 +3878,7 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c)
|
|||
*tmpc++ &= MP_MASK;
|
||||
}
|
||||
/* set final carry */
|
||||
if (mu != 0 && ix < c->alloc) {
|
||||
if (ix < c->alloc) {
|
||||
ix++;
|
||||
*tmpc++ = mu;
|
||||
}
|
||||
|
@ -4049,7 +4045,7 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
|
|||
mp_int q;
|
||||
mp_word w;
|
||||
mp_digit t;
|
||||
int res, ix;
|
||||
int res = MP_OKAY, ix;
|
||||
|
||||
/* cannot divide by zero */
|
||||
if (b == 0) {
|
||||
|
@ -4086,12 +4082,15 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
|
|||
#endif
|
||||
|
||||
/* no easy answer [c'est la vie]. Just division */
|
||||
if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
|
||||
return res;
|
||||
if (c != NULL) {
|
||||
if ((res = mp_init_size(&q, a->used)) != MP_OKAY) {
|
||||
return res;
|
||||
}
|
||||
|
||||
q.used = a->used;
|
||||
q.sign = a->sign;
|
||||
}
|
||||
|
||||
q.used = a->used;
|
||||
q.sign = a->sign;
|
||||
w = 0;
|
||||
for (ix = a->used - 1; ix >= 0; ix--) {
|
||||
w = (w << ((mp_word)DIGIT_BIT)) | ((mp_word)a->dp[ix]);
|
||||
|
@ -4102,7 +4101,8 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
|
|||
} else {
|
||||
t = 0;
|
||||
}
|
||||
q.dp[ix] = (mp_digit)t;
|
||||
if (c != NULL)
|
||||
q.dp[ix] = (mp_digit)t;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
|
@ -4112,8 +4112,8 @@ static int mp_div_d (mp_int * a, mp_digit b, mp_int * c, mp_digit * d)
|
|||
if (c != NULL) {
|
||||
mp_clamp(&q);
|
||||
mp_exch(&q, c);
|
||||
mp_clear(&q);
|
||||
}
|
||||
mp_clear(&q);
|
||||
|
||||
return res;
|
||||
}
|
||||
|
@ -4282,6 +4282,70 @@ static int mp_prime_is_divisible (mp_int * a, int *result)
|
|||
return MP_OKAY;
|
||||
}
|
||||
|
||||
static const int USE_BBS = 1;
|
||||
|
||||
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
|
||||
{
|
||||
int err, res, type;
|
||||
byte* buf;
|
||||
|
||||
if (N == NULL || rng == NULL)
|
||||
return MP_VAL;
|
||||
|
||||
/* get type */
|
||||
if (len < 0) {
|
||||
type = USE_BBS;
|
||||
len = -len;
|
||||
} else {
|
||||
type = 0;
|
||||
}
|
||||
|
||||
/* allow sizes between 2 and 512 bytes for a prime size */
|
||||
if (len < 2 || len > 512) {
|
||||
return MP_VAL;
|
||||
}
|
||||
|
||||
/* allocate buffer to work with */
|
||||
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
|
||||
if (buf == NULL) {
|
||||
return MP_MEM;
|
||||
}
|
||||
XMEMSET(buf, 0, len);
|
||||
|
||||
do {
|
||||
#ifdef SHOW_GEN
|
||||
printf(".");
|
||||
fflush(stdout);
|
||||
#endif
|
||||
/* generate value */
|
||||
err = wc_RNG_GenerateBlock(rng, buf, len);
|
||||
if (err != 0) {
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* munge bits */
|
||||
buf[0] |= 0x80 | 0x40;
|
||||
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
|
||||
|
||||
/* load value */
|
||||
if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) {
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* test */
|
||||
if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) {
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
return err;
|
||||
}
|
||||
} while (res == MP_NO);
|
||||
|
||||
XMEMSET(buf, 0, len);
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
/*
|
||||
* Sets result to 1 if probably prime, 0 otherwise
|
||||
|
@ -4468,8 +4532,6 @@ LBL_U:mp_clear (&v);
|
|||
return res;
|
||||
}
|
||||
|
||||
|
||||
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
|
||||
|
@ -4542,6 +4604,9 @@ int mp_read_radix (mp_int * a, const char *str, int radix)
|
|||
}
|
||||
return MP_OKAY;
|
||||
}
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#if defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
|
||||
|
||||
/* returns size of ASCII representation */
|
||||
int mp_radix_size (mp_int *a, int radix, int *size)
|
||||
|
@ -4652,7 +4717,7 @@ int mp_toradix (mp_int *a, char *str, int radix)
|
|||
return MP_OKAY;
|
||||
}
|
||||
|
||||
#endif /* HAVE_ECC */
|
||||
#endif /* defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY) */
|
||||
|
||||
#endif /* USE_FAST_MATH */
|
||||
|
||||
|
|
|
@ -131,14 +131,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
|
|||
#include <wolfcrypt/src/misc.c>
|
||||
#endif
|
||||
|
||||
#ifdef SHOW_GEN
|
||||
#ifdef FREESCALE_MQX
|
||||
#include <fio.h>
|
||||
#else
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
static int InitCaviumRsaKey(RsaKey* key, void* heap);
|
||||
static int FreeCaviumRsaKey(RsaKey* key);
|
||||
|
@ -152,22 +144,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
|
|||
word32 outLen, RsaKey* key);
|
||||
#endif
|
||||
|
||||
enum {
|
||||
RSA_PUBLIC_ENCRYPT = 0,
|
||||
RSA_PUBLIC_DECRYPT = 1,
|
||||
RSA_PRIVATE_ENCRYPT = 2,
|
||||
RSA_PRIVATE_DECRYPT = 3,
|
||||
|
||||
RSA_BLOCK_TYPE_1 = 1,
|
||||
RSA_BLOCK_TYPE_2 = 2,
|
||||
|
||||
RSA_MIN_SIZE = 512,
|
||||
RSA_MAX_SIZE = 4096,
|
||||
|
||||
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
|
||||
};
|
||||
|
||||
|
||||
int wc_InitRsaKey(RsaKey* key, void* heap)
|
||||
{
|
||||
#ifdef HAVE_CAVIUM
|
||||
|
@ -610,76 +586,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
|
|||
return 0;
|
||||
}
|
||||
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
|
||||
static const int USE_BBS = 1;
|
||||
|
||||
static int rand_prime(mp_int* N, int len, RNG* rng, void* heap)
|
||||
{
|
||||
int err, res, type;
|
||||
byte* buf;
|
||||
|
||||
(void)heap;
|
||||
if (N == NULL || rng == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
/* get type */
|
||||
if (len < 0) {
|
||||
type = USE_BBS;
|
||||
len = -len;
|
||||
} else {
|
||||
type = 0;
|
||||
}
|
||||
|
||||
/* allow sizes between 2 and 512 bytes for a prime size */
|
||||
if (len < 2 || len > 512) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* allocate buffer to work with */
|
||||
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA);
|
||||
if (buf == NULL) {
|
||||
return MEMORY_E;
|
||||
}
|
||||
XMEMSET(buf, 0, len);
|
||||
|
||||
do {
|
||||
#ifdef SHOW_GEN
|
||||
printf(".");
|
||||
fflush(stdout);
|
||||
#endif
|
||||
/* generate value */
|
||||
err = wc_RNG_GenerateBlock(rng, buf, len);
|
||||
if (err != 0) {
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* munge bits */
|
||||
buf[0] |= 0x80 | 0x40;
|
||||
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
|
||||
|
||||
/* load value */
|
||||
if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) {
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
return err;
|
||||
}
|
||||
|
||||
/* test */
|
||||
if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) {
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
return err;
|
||||
}
|
||||
} while (res == MP_NO);
|
||||
|
||||
ForceZero(buf, len);
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_RSA);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/* Make an RSA key for size bits, with e specified, 65537 is a good e */
|
||||
int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
|
||||
{
|
||||
|
@ -703,7 +610,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
|
|||
/* make p */
|
||||
if (err == MP_OKAY) {
|
||||
do {
|
||||
err = rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
|
||||
err = mp_rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = mp_sub_d(&p, 1, &tmp1); /* tmp1 = p-1 */
|
||||
|
@ -716,7 +623,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, RNG* rng)
|
|||
/* make q */
|
||||
if (err == MP_OKAY) {
|
||||
do {
|
||||
err = rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
|
||||
err = mp_rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
|
||||
|
||||
if (err == MP_OKAY)
|
||||
err = mp_sub_d(&q, 1, &tmp1); /* tmp1 = q-1 */
|
||||
|
|
|
@ -39,6 +39,7 @@
|
|||
|
||||
#ifdef USE_FAST_MATH
|
||||
|
||||
#include <wolfssl/wolfcrypt/random.h>
|
||||
#include <wolfssl/wolfcrypt/tfm.h>
|
||||
#include <wolfcrypt/src/asm.c> /* will define asm MACROS or C ones */
|
||||
|
||||
|
@ -1815,10 +1816,37 @@ void fp_set(fp_int *a, fp_digit b)
|
|||
/* chek if a bit is set */
|
||||
int fp_is_bit_set (fp_int *a, fp_digit b)
|
||||
{
|
||||
if ((fp_digit)a->used < b/DIGIT_BIT)
|
||||
fp_digit i;
|
||||
|
||||
if (b > FP_MAX_BITS)
|
||||
return 0;
|
||||
else
|
||||
i = b/DIGIT_BIT;
|
||||
|
||||
if ((fp_digit)a->used < i)
|
||||
return 0;
|
||||
|
||||
return (int)((a->dp[b/DIGIT_BIT] >> b%DIGIT_BIT) & (fp_digit)1);
|
||||
return (int)((a->dp[i] >> b%DIGIT_BIT) & (fp_digit)1);
|
||||
}
|
||||
|
||||
/* set the b bit of a */
|
||||
int fp_set_bit (fp_int * a, fp_digit b)
|
||||
{
|
||||
fp_digit i;
|
||||
|
||||
if (b > FP_MAX_BITS)
|
||||
return 0;
|
||||
else
|
||||
i = b/DIGIT_BIT;
|
||||
|
||||
/* set the used count of where the bit will go if required */
|
||||
if (a->used < (int)(i+1))
|
||||
a->used = (int)(i+1);
|
||||
|
||||
/* put the single bit in its place */
|
||||
a->dp[i] |= ((fp_digit)1) << (b % DIGIT_BIT);
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
int fp_count_bits (fp_int * a)
|
||||
|
@ -1840,6 +1868,7 @@ int fp_count_bits (fp_int * a)
|
|||
++r;
|
||||
q >>= ((fp_digit) 1);
|
||||
}
|
||||
|
||||
return r;
|
||||
}
|
||||
|
||||
|
@ -2186,17 +2215,22 @@ void mp_rshb (mp_int* a, int x)
|
|||
|
||||
|
||||
/* fast math wrappers */
|
||||
int mp_set_int(fp_int *a, fp_digit b)
|
||||
int mp_set_int(mp_int *a, mp_digit b)
|
||||
{
|
||||
fp_set(a, b);
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
int mp_is_bit_set (fp_int *a, fp_digit b)
|
||||
int mp_is_bit_set (mp_int *a, mp_digit b)
|
||||
{
|
||||
return fp_is_bit_set(a, b);
|
||||
}
|
||||
|
||||
int mp_set_bit(mp_int *a, mp_digit b)
|
||||
{
|
||||
return fp_set_bit(a, b);
|
||||
}
|
||||
|
||||
#if defined(WOLFSSL_KEY_GEN) || defined (HAVE_ECC)
|
||||
|
||||
/* c = a * a (mod b) */
|
||||
|
@ -2230,6 +2264,18 @@ static const int lnz[16] = {
|
|||
4, 0, 1, 0, 2, 0, 1, 0, 3, 0, 1, 0, 2, 0, 1, 0
|
||||
};
|
||||
|
||||
/* swap the elements of two integers, for cases where you can't simply swap the
|
||||
* mp_int pointers around
|
||||
*/
|
||||
static void fp_exch (fp_int * a, fp_int * b)
|
||||
{
|
||||
fp_int t;
|
||||
|
||||
t = *a;
|
||||
*a = *b;
|
||||
*b = t;
|
||||
}
|
||||
|
||||
/* Counts the number of lsbs which are zero before the first zero bit */
|
||||
int fp_cnt_lsb(fp_int *a)
|
||||
{
|
||||
|
@ -2258,8 +2304,6 @@ int fp_cnt_lsb(fp_int *a)
|
|||
}
|
||||
|
||||
|
||||
|
||||
|
||||
static int s_is_power_of_two(fp_digit b, int *p)
|
||||
{
|
||||
int x;
|
||||
|
@ -2313,11 +2357,14 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
|
|||
return FP_OKAY;
|
||||
}
|
||||
|
||||
/* no easy answer [c'est la vie]. Just division */
|
||||
fp_init(&q);
|
||||
if (c != NULL) {
|
||||
/* no easy answer [c'est la vie]. Just division */
|
||||
fp_init(&q);
|
||||
|
||||
q.used = a->used;
|
||||
q.sign = a->sign;
|
||||
}
|
||||
|
||||
q.used = a->used;
|
||||
q.sign = a->sign;
|
||||
w = 0;
|
||||
for (ix = a->used - 1; ix >= 0; ix--) {
|
||||
w = (w << ((fp_word)DIGIT_BIT)) | ((fp_word)a->dp[ix]);
|
||||
|
@ -2328,7 +2375,8 @@ static int fp_div_d(fp_int *a, fp_digit b, fp_int *c, fp_digit *d)
|
|||
} else {
|
||||
t = 0;
|
||||
}
|
||||
q.dp[ix] = (fp_digit)t;
|
||||
if (c != NULL)
|
||||
q.dp[ix] = (fp_digit)t;
|
||||
}
|
||||
|
||||
if (d != NULL) {
|
||||
|
@ -2362,6 +2410,7 @@ int mp_mod_d(fp_int *a, fp_digit b, fp_digit *c)
|
|||
void fp_gcd(fp_int *a, fp_int *b, fp_int *c);
|
||||
void fp_lcm(fp_int *a, fp_int *b, fp_int *c);
|
||||
int fp_isprime(fp_int *a);
|
||||
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap);
|
||||
|
||||
int mp_gcd(fp_int *a, fp_int *b, fp_int *c)
|
||||
{
|
||||
|
@ -2384,6 +2433,31 @@ int mp_prime_is_prime(mp_int* a, int t, int* result)
|
|||
return MP_OKAY;
|
||||
}
|
||||
|
||||
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap)
|
||||
{
|
||||
int err;
|
||||
|
||||
err = fp_randprime(N, len, rng, heap);
|
||||
switch(err) {
|
||||
case FP_VAL:
|
||||
return MP_VAL;
|
||||
break;
|
||||
case FP_MEM:
|
||||
return MP_MEM;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
int mp_exch (mp_int * a, mp_int * b)
|
||||
{
|
||||
fp_exch(a, b);
|
||||
return MP_OKAY;
|
||||
}
|
||||
|
||||
/* Miller-Rabin test of "a" to the base of "b" as described in
|
||||
* HAC pp. 139 Algorithm 4.24
|
||||
*
|
||||
|
@ -2513,6 +2587,59 @@ int fp_isprime(fp_int *a)
|
|||
return FP_YES;
|
||||
}
|
||||
|
||||
int fp_randprime(fp_int* N, int len, RNG* rng, void* heap)
|
||||
{
|
||||
static const int USE_BBS = 1;
|
||||
int err, type;
|
||||
byte* buf;
|
||||
|
||||
/* get type */
|
||||
if (len < 0) {
|
||||
type = USE_BBS;
|
||||
len = -len;
|
||||
} else {
|
||||
type = 0;
|
||||
}
|
||||
|
||||
/* allow sizes between 2 and 512 bytes for a prime size */
|
||||
if (len < 2 || len > 512) {
|
||||
return FP_VAL;
|
||||
}
|
||||
|
||||
/* allocate buffer to work with */
|
||||
buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
if (buf == NULL) {
|
||||
return FP_MEM;
|
||||
}
|
||||
XMEMSET(buf, 0, len);
|
||||
|
||||
do {
|
||||
#ifdef SHOW_GEN
|
||||
printf(".");
|
||||
fflush(stdout);
|
||||
#endif
|
||||
/* generate value */
|
||||
err = wc_RNG_GenerateBlock(rng, buf, len);
|
||||
if (err != 0) {
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
return FP_VAL;
|
||||
}
|
||||
|
||||
/* munge bits */
|
||||
buf[0] |= 0x80 | 0x40;
|
||||
buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
|
||||
|
||||
/* load value */
|
||||
fp_read_unsigned_bin(N, buf, len);
|
||||
|
||||
/* test */
|
||||
} while (fp_isprime(N) == FP_NO);
|
||||
|
||||
XMEMSET(buf, 0, len);
|
||||
XFREE(buf, heap, DYNAMIC_TYPE_TMP_BUFFER);
|
||||
|
||||
return FP_OKAY;
|
||||
}
|
||||
|
||||
/* c = [a, b] */
|
||||
void fp_lcm(fp_int *a, fp_int *b, fp_int *c)
|
||||
|
@ -2740,7 +2867,7 @@ int mp_radix_size (mp_int *a, int radix, int *size)
|
|||
|
||||
if (fp_iszero(a) == MP_YES) {
|
||||
*size = 2;
|
||||
return FP_YES;
|
||||
return FP_OKAY;
|
||||
}
|
||||
|
||||
/* digs is the digit count */
|
||||
|
|
|
@ -210,7 +210,7 @@ int pbkdf2_test(void);
|
|||
#endif
|
||||
|
||||
|
||||
/* General big buffer size for many tests. */
|
||||
/* General big buffer size for many tests. */
|
||||
#define FOURK_BUF 4096
|
||||
|
||||
|
||||
|
@ -3385,6 +3385,7 @@ int rsa_test(void)
|
|||
#ifdef HAVE_CAVIUM
|
||||
wc_RsaInitCavium(&key, CAVIUM_DEV_ID);
|
||||
#endif
|
||||
|
||||
ret = wc_InitRsaKey(&key, 0);
|
||||
if (ret != 0) {
|
||||
free(tmp);
|
||||
|
@ -3465,7 +3466,6 @@ int rsa_test(void)
|
|||
(void)bytes;
|
||||
#endif
|
||||
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
{
|
||||
byte* der;
|
||||
|
@ -3575,7 +3575,6 @@ int rsa_test(void)
|
|||
}
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
|
||||
#ifdef WOLFSSL_CERT_GEN
|
||||
/* self signed */
|
||||
{
|
||||
|
@ -4428,8 +4427,111 @@ int dsa_test(void)
|
|||
if (answer != 1) return -65;
|
||||
|
||||
wc_FreeDsaKey(&key);
|
||||
wc_FreeRng(&rng);
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
{
|
||||
byte* der;
|
||||
byte* pem;
|
||||
int derSz = 0;
|
||||
int pemSz = 0;
|
||||
DsaKey derIn;
|
||||
DsaKey genKey;
|
||||
FILE* keyFile;
|
||||
FILE* pemFile;
|
||||
|
||||
wc_InitDsaKey(&genKey);
|
||||
ret = wc_MakeDsaParameters(&rng, 1024, &genKey);
|
||||
if (ret != 0) return -362;
|
||||
|
||||
ret = wc_MakeDsaKey(&rng, &genKey);
|
||||
if (ret != 0) return -363;
|
||||
|
||||
der = (byte*)malloc(FOURK_BUF);
|
||||
if (der == NULL) {
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -364;
|
||||
}
|
||||
pem = (byte*)malloc(FOURK_BUF);
|
||||
if (pem == NULL) {
|
||||
free(der);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -365;
|
||||
}
|
||||
|
||||
derSz = wc_DsaKeyToDer(&genKey, der, FOURK_BUF);
|
||||
if (derSz < 0) {
|
||||
free(der);
|
||||
free(pem);
|
||||
return -366;
|
||||
}
|
||||
|
||||
#ifdef FREESCALE_MQX
|
||||
keyFile = fopen("a:\\certs\\key.der", "wb");
|
||||
#else
|
||||
keyFile = fopen("./key.der", "wb");
|
||||
#endif
|
||||
if (!keyFile) {
|
||||
free(der);
|
||||
free(pem);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -367;
|
||||
}
|
||||
ret = (int)fwrite(der, 1, derSz, keyFile);
|
||||
fclose(keyFile);
|
||||
if (ret != derSz) {
|
||||
free(der);
|
||||
free(pem);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -368;
|
||||
}
|
||||
|
||||
pemSz = wc_DerToPem(der, derSz, pem, FOURK_BUF, DSA_PRIVATEKEY_TYPE);
|
||||
if (pemSz < 0) {
|
||||
free(der);
|
||||
free(pem);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -369;
|
||||
}
|
||||
|
||||
#ifdef FREESCALE_MQX
|
||||
pemFile = fopen("a:\\certs\\key.pem", "wb");
|
||||
#else
|
||||
pemFile = fopen("./key.pem", "wb");
|
||||
#endif
|
||||
if (!pemFile) {
|
||||
free(der);
|
||||
free(pem);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -370;
|
||||
}
|
||||
ret = (int)fwrite(pem, 1, pemSz, pemFile);
|
||||
fclose(pemFile);
|
||||
if (ret != pemSz) {
|
||||
free(der);
|
||||
free(pem);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -371;
|
||||
}
|
||||
|
||||
wc_InitDsaKey(&derIn);
|
||||
idx = 0;
|
||||
ret = wc_DsaPrivateKeyDecode(der, &idx, &derIn, derSz);
|
||||
if (ret != 0) {
|
||||
free(der);
|
||||
free(pem);
|
||||
wc_FreeDsaKey(&derIn);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
return -373;
|
||||
}
|
||||
|
||||
wc_FreeDsaKey(&derIn);
|
||||
wc_FreeDsaKey(&genKey);
|
||||
free(pem);
|
||||
free(der);
|
||||
}
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
wc_FreeRng(&rng);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@ struct WOLFSSL_DSA {
|
|||
|
||||
|
||||
WOLFSSL_API WOLFSSL_DSA* wolfSSL_DSA_new(void);
|
||||
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
|
||||
WOLFSSL_API void wolfSSL_DSA_free(WOLFSSL_DSA*);
|
||||
|
||||
WOLFSSL_API int wolfSSL_DSA_generate_key(WOLFSSL_DSA*);
|
||||
WOLFSSL_API int wolfSSL_DSA_generate_parameters_ex(WOLFSSL_DSA*, int bits,
|
||||
|
|
|
@ -14,75 +14,104 @@
|
|||
#endif
|
||||
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
pem_password_cb cb, void* arg);
|
||||
/* RSA */
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
pem_password_cb cb, void* arg);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa,
|
||||
const EVP_CIPHER *enc,
|
||||
unsigned char *kstr, int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_mem_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
byte **pem, int *plen);
|
||||
WOLFSSL_API
|
||||
WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
|
||||
pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_bio_RSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_RSA* rsa,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
pem_password_cb cb, void* arg);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_RSAPrivateKey(FILE *fp, WOLFSSL_RSA *rsa, const EVP_CIPHER *enc,
|
||||
unsigned char *kstr, int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
/* DSA */
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_DSA* dsa,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
pem_password_cb cb, void* arg);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa,
|
||||
const EVP_CIPHER *enc,
|
||||
unsigned char *kstr, int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_mem_DSAPrivateKey(WOLFSSL_DSA* dsa,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
byte **pem, int *plen);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_bio_DSAPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_DSA* dsa,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
pem_password_cb cb, void* arg);
|
||||
/* ECC */
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_bio_ECPrivateKey(WOLFSSL_BIO* bio, WOLFSSL_EC_KEY* ec,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
pem_password_cb cb, void* arg);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key,
|
||||
const EVP_CIPHER *enc,
|
||||
unsigned char *kstr, int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_mem_ECPrivateKey(WOLFSSL_EC_KEY* key,
|
||||
const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
byte **pem, int *plen);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_DSAPrivateKey(FILE *fp, WOLFSSL_DSA *dsa, const EVP_CIPHER *enc,
|
||||
unsigned char *kstr, int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
/* EVP_KEY */
|
||||
WOLFSSL_API
|
||||
WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_EVP_PKEY**,
|
||||
pem_password_cb cb,
|
||||
void* arg);
|
||||
WOLFSSL_API
|
||||
int wolfSSL_EVP_PKEY_type(int type);
|
||||
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY* wolfSSL_PEM_read_bio_PrivateKey(WOLFSSL_BIO* bio,
|
||||
WOLFSSL_EVP_PKEY**, pem_password_cb cb, void* arg);
|
||||
WOLFSSL_API
|
||||
WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
|
||||
pem_password_cb *cb, void *u);
|
||||
|
||||
WOLFSSL_API int wolfSSL_EVP_PKEY_type(int type);
|
||||
|
||||
WOLFSSL_API WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x,
|
||||
pem_password_cb *cb, void *u);
|
||||
|
||||
WOLFSSL_API WOLFSSL_RSA *wolfSSL_PEM_read_RSAPublicKey(FILE *fp, WOLFSSL_RSA **x,
|
||||
pem_password_cb *cb, void *u);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_DSA_PUBKEY(FILE *fp, WOLFSSL_DSA *x);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_RSAPublicKey(FILE *fp, WOLFSSL_RSA *x);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_RSA_PUBKEY(FILE *fp, WOLFSSL_RSA *x);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_buf_RSAPrivateKey(RSA* rsa, const EVP_CIPHER* cipher,
|
||||
unsigned char* passwd, int len,
|
||||
byte **pem, int *plen);
|
||||
|
||||
WOLFSSL_API int wolfSSL_PEM_write_EC_PUBKEY(FILE *fp, WOLFSSL_EC_KEY *key);
|
||||
WOLFSSL_API int wolfSSL_PEM_write_ECPrivateKey(FILE *fp, WOLFSSL_EC_KEY *key, const EVP_CIPHER *enc,
|
||||
unsigned char *kstr, int klen,
|
||||
pem_password_cb *cb, void *u);
|
||||
|
||||
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
|
||||
/* RSA */
|
||||
#define PEM_write_bio_RSAPrivateKey wolfSSL_PEM_write_bio_RSAPrivateKey
|
||||
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
|
||||
#define PEM_write_RSAPrivateKey wolfSSL_PEM_write_RSAPrivateKey
|
||||
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
|
||||
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
|
||||
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
|
||||
/* DSA */
|
||||
#define PEM_write_bio_DSAPrivateKey wolfSSL_PEM_write_bio_DSAPrivateKey
|
||||
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
|
||||
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
|
||||
#define PEM_write_RSA_PUBKEY wolfSSL_PEM_write_RSA_PUBKEY
|
||||
#define PEM_write_RSAPublicKey wolfSSL_PEM_write_RSAPublicKey
|
||||
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
|
||||
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
|
||||
#define PEM_read_RSAPublicKey wolfSSL_PEM_read_RSAPublicKey
|
||||
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
|
||||
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
|
||||
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
|
||||
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
|
||||
#define PEM_write_DSAPrivateKey wolfSSL_PEM_write_DSAPrivateKey
|
||||
#define PEM_write_DSA_PUBKEY wolfSSL_PEM_write_DSA_PUBKEY
|
||||
/* ECC */
|
||||
#define PEM_write_bio_ECPrivateKey wolfSSL_PEM_write_bio_ECPrivateKey
|
||||
#define PEM_write_EC_PUBKEY wolfSSL_PEM_write_EC_PUBKEY
|
||||
#define PEM_write_ECPrivateKey wolfSSL_PEM_write_ECPrivateKey
|
||||
/* EVP_KEY */
|
||||
#define PEM_read_bio_PrivateKey wolfSSL_PEM_read_bio_PrivateKey
|
||||
#define PEM_read_PUBKEY wolfSSL_PEM_read_PUBKEY
|
||||
#define EVP_PKEY_type wolfSSL_EVP_PKEY_type
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* WOLFSSL_PEM_H_ */
|
||||
|
||||
|
|
|
@ -126,17 +126,24 @@ typedef struct Gmac {
|
|||
#endif /* HAVE_AESGCM */
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
|
||||
int dir);
|
||||
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
|
||||
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
|
||||
const byte* key, word32 keySz, const byte* iv);
|
||||
WOLFSSL_API int wc_AesSetKey(Aes* aes, const byte* key, word32 len,
|
||||
const byte* iv, int dir);
|
||||
WOLFSSL_API int wc_AesSetIV(Aes* aes, const byte* iv);
|
||||
WOLFSSL_API int wc_AesCbcEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_AesCbcDecrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_AesCbcEncryptWithKey(byte* out, const byte* in, word32 inSz,
|
||||
const byte* key, word32 keySz,
|
||||
const byte* iv);
|
||||
WOLFSSL_API int wc_AesCbcDecryptWithKey(byte* out, const byte* in, word32 inSz,
|
||||
const byte* key, word32 keySz,
|
||||
const byte* iv);
|
||||
|
||||
/* AES-CTR */
|
||||
#ifdef WOLFSSL_AES_COUNTER
|
||||
WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
|
||||
WOLFSSL_API void wc_AesCtrEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz);
|
||||
#endif
|
||||
/* AES-DIRECT */
|
||||
#if defined(WOLFSSL_AES_DIRECT)
|
||||
|
@ -147,30 +154,34 @@ typedef struct Gmac {
|
|||
#endif
|
||||
#ifdef HAVE_AESGCM
|
||||
WOLFSSL_API int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
|
||||
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
WOLFSSL_API int wc_AesGcmEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
WOLFSSL_API int wc_AesGcmDecrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 sz,
|
||||
const byte* iv, word32 ivSz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
|
||||
WOLFSSL_API int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
|
||||
WOLFSSL_API int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
|
||||
const byte* authIn, word32 authInSz,
|
||||
byte* authTag, word32 authTagSz);
|
||||
const byte* authIn, word32 authInSz,
|
||||
byte* authTag, word32 authTagSz);
|
||||
#endif /* HAVE_AESGCM */
|
||||
#ifdef HAVE_AESCCM
|
||||
WOLFSSL_API void wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
|
||||
WOLFSSL_API void wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
|
||||
const byte* nonce, word32 nonceSz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
|
||||
const byte* nonce, word32 nonceSz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
WOLFSSL_API void wc_AesCcmEncrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 inSz,
|
||||
const byte* nonce, word32 nonceSz,
|
||||
byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
WOLFSSL_API int wc_AesCcmDecrypt(Aes* aes, byte* out,
|
||||
const byte* in, word32 inSz,
|
||||
const byte* nonce, word32 nonceSz,
|
||||
const byte* authTag, word32 authTagSz,
|
||||
const byte* authIn, word32 authInSz);
|
||||
#endif /* HAVE_AESCCM */
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
|
|
|
@ -182,8 +182,9 @@ enum Misc_ASN {
|
|||
MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
|
||||
MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */
|
||||
EIGHTK_BUF = 8192, /* Tmp buffer size */
|
||||
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
|
||||
MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2,
|
||||
/* use bigger NTRU size */
|
||||
HEADER_ENCRYPTED_KEY_SIZE = 88 /* Extra header size for encrypted key */
|
||||
};
|
||||
|
||||
|
||||
|
@ -476,6 +477,24 @@ struct DecodedCert {
|
|||
#endif /* WOLFSSL_SEP */
|
||||
};
|
||||
|
||||
extern const char* BEGIN_CERT;
|
||||
extern const char* END_CERT;
|
||||
extern const char* BEGIN_CERT_REQ;
|
||||
extern const char* END_CERT_REQ;
|
||||
extern const char* BEGIN_DH_PARAM;
|
||||
extern const char* END_DH_PARAM;
|
||||
extern const char* BEGIN_X509_CRL;
|
||||
extern const char* END_X509_CRL;
|
||||
extern const char* BEGIN_RSA_PRIV;
|
||||
extern const char* END_RSA_PRIV;
|
||||
extern const char* BEGIN_PRIV_KEY;
|
||||
extern const char* END_PRIV_KEY;
|
||||
extern const char* BEGIN_ENC_PRIV_KEY;
|
||||
extern const char* END_ENC_PRIV_KEY;
|
||||
extern const char* BEGIN_EC_PRIV;
|
||||
extern const char* END_EC_PRIV;
|
||||
extern const char* BEGIN_DSA_PRIV;
|
||||
extern const char* END_DSA_PRIV;
|
||||
|
||||
#ifdef NO_SHA
|
||||
#define SIGNER_DIGEST_SIZE SHA256_DIGEST_SIZE
|
||||
|
|
|
@ -43,6 +43,7 @@ enum CertType {
|
|||
CRL_TYPE,
|
||||
CA_TYPE,
|
||||
ECC_PRIVATEKEY_TYPE,
|
||||
DSA_PRIVATEKEY_TYPE,
|
||||
CERTREQ_TYPE,
|
||||
DSA_TYPE,
|
||||
ECC_TYPE,
|
||||
|
@ -177,7 +178,9 @@ WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
|
|||
|
||||
#if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN) || !defined(NO_DSA)
|
||||
WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
|
||||
word32 outputSz, int type);
|
||||
word32 outputSz, int type);
|
||||
WOLFSSL_API int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
|
||||
word32 outputSz, byte *cipherIno, int type);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_ECC
|
||||
|
|
|
@ -62,6 +62,8 @@ WOLFSSL_API int Base64_Decode(const byte* in, word32 inLen, byte* out,
|
|||
#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS)
|
||||
WOLFSSL_API
|
||||
int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen);
|
||||
WOLFSSL_API
|
||||
int Base16_Encode(const byte* in, word32 inLen, byte* out, word32* outLen);
|
||||
#endif
|
||||
|
||||
|
||||
|
|
|
@ -83,21 +83,35 @@ typedef struct Des3 {
|
|||
} Des3;
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir);
|
||||
WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key,
|
||||
const byte* iv, int dir);
|
||||
WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv);
|
||||
WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv);
|
||||
WOLFSSL_API int wc_Des_CbcEncrypt(Des* des, byte* out,
|
||||
const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_Des_CbcDecrypt(Des* des, byte* out,
|
||||
const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_Des_EcbEncrypt(Des* des, byte* out,
|
||||
const byte* in, word32 sz);
|
||||
WOLFSSL_API int wc_Des_CbcDecryptWithKey(byte* out,
|
||||
const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv);
|
||||
WOLFSSL_API int wc_Des_CbcEncryptWithKey(byte* out,
|
||||
const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv);
|
||||
|
||||
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir);
|
||||
WOLFSSL_API int wc_Des3_SetKey(Des3* des, const byte* key,
|
||||
const byte* iv,int dir);
|
||||
WOLFSSL_API int wc_Des3_SetIV(Des3* des, const byte* iv);
|
||||
WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz);
|
||||
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz);
|
||||
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv);
|
||||
|
||||
WOLFSSL_API int wc_Des3_CbcEncrypt(Des3* des, byte* out,
|
||||
const byte* in,word32 sz);
|
||||
WOLFSSL_API int wc_Des3_CbcDecrypt(Des3* des, byte* out,
|
||||
const byte* in,word32 sz);
|
||||
WOLFSSL_API int wc_Des3_CbcEncryptWithKey(byte* out,
|
||||
const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv);
|
||||
WOLFSSL_API int wc_Des3_CbcDecryptWithKey(byte* out,
|
||||
const byte* in, word32 sz,
|
||||
const byte* key, const byte* iv);
|
||||
|
||||
#ifdef HAVE_CAVIUM
|
||||
WOLFSSL_API int wc_Des3_InitCavium(Des3*, int);
|
||||
|
|
|
@ -66,6 +66,11 @@ WOLFSSL_API int wc_DsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
|
|||
DsaKey*, word32);
|
||||
WOLFSSL_API int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen);
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
WOLFSSL_API int wc_MakeDsaKey(RNG *rng, DsaKey *dsa);
|
||||
WOLFSSL_API int wc_MakeDsaParameters(RNG *rng, int modulus_size, DsaKey *dsa);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
|
@ -73,18 +73,18 @@ typedef struct {
|
|||
* mp_ints for the components of the point. With ALT_ECC_SIZE, the components
|
||||
* of the point are pointers that are set to each of a three item array of
|
||||
* alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
|
||||
* structure, the alt_fp_int will only have 512 bits. A size value was added
|
||||
* structure, the alt_fp_int will only have 528 bits. A size value was added
|
||||
* in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
|
||||
* functions fp_zero() and fp_copy() use the size parameter. An int needs to
|
||||
* be initialized before using it instead of just fp_zeroing it, the init will
|
||||
* call zero. FP_MAX_BITS_ECC defaults to 512, but can be set to change the
|
||||
* call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the
|
||||
* number of bits used in the alternate FP_INT.
|
||||
*
|
||||
* Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
|
||||
*/
|
||||
|
||||
#ifndef FP_MAX_BITS_ECC
|
||||
#define FP_MAX_BITS_ECC 512
|
||||
#define FP_MAX_BITS_ECC 528
|
||||
#endif
|
||||
#define FP_MAX_SIZE_ECC (FP_MAX_BITS_ECC+(8*DIGIT_BIT))
|
||||
#if FP_MAX_BITS_ECC % CHAR_BIT
|
||||
|
@ -163,17 +163,20 @@ WOLFSSL_API
|
|||
void wc_ecc_fp_free(void);
|
||||
|
||||
WOLFSSL_API
|
||||
ecc_point* ecc_new_point(void);
|
||||
ecc_point* wc_ecc_new_point(void);
|
||||
WOLFSSL_API
|
||||
void ecc_del_point(ecc_point* p);
|
||||
void wc_ecc_del_point(ecc_point* p);
|
||||
WOLFSSL_API
|
||||
int ecc_copy_point(ecc_point* p, ecc_point *r);
|
||||
int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
|
||||
WOLFSSL_API
|
||||
int ecc_cmp_point(ecc_point* a, ecc_point *b);
|
||||
int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
|
||||
WOLFSSL_API
|
||||
int ecc_point_is_at_infinity(ecc_point *p);
|
||||
int wc_ecc_point_is_at_infinity(ecc_point *p);
|
||||
WOLFSSL_API
|
||||
int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, int map);
|
||||
int wc_ecc_is_valid_idx(int n);
|
||||
WOLFSSL_API
|
||||
int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
|
||||
mp_int* modulus, int map);
|
||||
|
||||
/* ASN key helpers */
|
||||
WOLFSSL_API
|
||||
|
|
|
@ -36,6 +36,8 @@
|
|||
#include <wolfssl/wolfcrypt/tfm.h>
|
||||
#else
|
||||
|
||||
#include <wolfssl/wolfcrypt/random.h>
|
||||
|
||||
#ifndef CHAR_BIT
|
||||
#include <limits.h>
|
||||
#endif
|
||||
|
@ -313,6 +315,7 @@ int mp_radix_size (mp_int * a, int radix, int *size);
|
|||
int mp_prime_is_prime (mp_int * a, int t, int *result);
|
||||
int mp_gcd (mp_int * a, mp_int * b, mp_int * c);
|
||||
int mp_lcm (mp_int * a, mp_int * b, mp_int * c);
|
||||
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
|
||||
#endif
|
||||
|
||||
int mp_cnt_lsb(mp_int *a);
|
||||
|
|
|
@ -46,9 +46,23 @@
|
|||
|
||||
enum {
|
||||
RSA_PUBLIC = 0,
|
||||
RSA_PRIVATE = 1
|
||||
RSA_PRIVATE = 1,
|
||||
|
||||
RSA_PUBLIC_ENCRYPT = 0,
|
||||
RSA_PUBLIC_DECRYPT = 1,
|
||||
RSA_PRIVATE_ENCRYPT = 2,
|
||||
RSA_PRIVATE_DECRYPT = 3,
|
||||
|
||||
RSA_BLOCK_TYPE_1 = 1,
|
||||
RSA_BLOCK_TYPE_2 = 2,
|
||||
|
||||
RSA_MIN_SIZE = 512,
|
||||
RSA_MAX_SIZE = 4096,
|
||||
|
||||
RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
|
||||
};
|
||||
|
||||
|
||||
/* RSA */
|
||||
typedef struct RsaKey {
|
||||
mp_int n, e, d, p, q, dP, dQ, u;
|
||||
|
|
|
@ -40,6 +40,7 @@
|
|||
#include <limits.h>
|
||||
#endif
|
||||
|
||||
#include <wolfssl/wolfcrypt/random.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -377,6 +378,8 @@ void fp_set(fp_int *a, fp_digit b);
|
|||
|
||||
/* check if a bit is set */
|
||||
int fp_is_bit_set(fp_int *a, fp_digit b);
|
||||
/* set the b bit to 1 */
|
||||
int fp_set_bit (fp_int * a, fp_digit b);
|
||||
|
||||
/* copy from a to b */
|
||||
#ifndef ALT_ECC_SIZE
|
||||
|
@ -651,6 +654,7 @@ void fp_sqr_comba64(fp_int *a, fp_int *b);
|
|||
#define MP_EQ FP_EQ /* equal to */
|
||||
#define MP_GT FP_GT /* greater than */
|
||||
#define MP_VAL FP_VAL /* invalid */
|
||||
#define MP_MEM FP_MEM /* memory error */
|
||||
#define MP_NOT_INF FP_NOT_INF /* point not at infinity */
|
||||
#define MP_OKAY FP_OKAY /* ok result */
|
||||
#define MP_NO FP_NO /* yes/no result */
|
||||
|
@ -688,8 +692,9 @@ int mp_isodd(mp_int* a);
|
|||
int mp_iszero(mp_int* a);
|
||||
int mp_count_bits(mp_int *a);
|
||||
int mp_leading_bit(mp_int *a);
|
||||
int mp_set_int(fp_int *a, fp_digit b);
|
||||
int mp_is_bit_set (fp_int * a, fp_digit b);
|
||||
int mp_set_int(mp_int *a, mp_digit b);
|
||||
int mp_is_bit_set (mp_int * a, mp_digit b);
|
||||
int mp_set_bit (mp_int * a, mp_digit b);
|
||||
void mp_rshb(mp_int *a, int x);
|
||||
int mp_toradix (mp_int *a, char *str, int radix);
|
||||
int mp_radix_size (mp_int * a, int radix, int *size);
|
||||
|
@ -713,6 +718,8 @@ int mp_radix_size (mp_int * a, int radix, int *size);
|
|||
int mp_gcd(fp_int *a, fp_int *b, fp_int *c);
|
||||
int mp_lcm(fp_int *a, fp_int *b, fp_int *c);
|
||||
int mp_prime_is_prime(mp_int* a, int t, int* result);
|
||||
int mp_rand_prime(mp_int* N, int len, RNG* rng, void* heap);
|
||||
int mp_exch(mp_int *a, mp_int *b);
|
||||
#endif /* WOLFSSL_KEY_GEN */
|
||||
|
||||
int mp_cnt_lsb(fp_int *a);
|
||||
|
|
Loading…
Reference in New Issue