mirror of https://github.com/wolfSSL/wolfssl
Merge pull request #7907 from ColtonWilley/rsa_pad_crypto_cb
Add new crypto callback for RSA with padding.
This commit is contained in:
commit
96e2c51f07
|
@ -333,6 +333,12 @@ int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
|
|||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
if (ret != inLen) {
|
||||
return -1;
|
||||
}
|
||||
if (XMEMCMP(in, plain, ret) != 0) {
|
||||
return -1;
|
||||
}
|
||||
\endcode
|
||||
|
||||
\sa wc_RsaPad
|
||||
|
@ -403,6 +409,12 @@ int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
|
|||
if (ret < 0) {
|
||||
return -1;
|
||||
}
|
||||
if (ret != inLen) {
|
||||
return -1;
|
||||
}
|
||||
if (XMEMCMP(in, plain, ret) != 0) {
|
||||
return -1;
|
||||
}
|
||||
\endcode
|
||||
|
||||
\sa wc_RsaSSL_Sign
|
||||
|
|
71
tests/api.c
71
tests/api.c
|
@ -88162,6 +88162,77 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx)
|
|||
info->pk.rsa.type, ret, *info->pk.rsa.outLen);
|
||||
#endif
|
||||
}
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
else if (info->pk.type == WC_PK_TYPE_RSA_PKCS ||
|
||||
info->pk.type == WC_PK_TYPE_RSA_PSS ||
|
||||
info->pk.type == WC_PK_TYPE_RSA_OAEP) {
|
||||
RsaKey key;
|
||||
|
||||
if (info->pk.rsa.type == RSA_PUBLIC_ENCRYPT ||
|
||||
info->pk.rsa.type == RSA_PUBLIC_DECRYPT) {
|
||||
/* Have all public key ops fall back to SW */
|
||||
return CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
|
||||
if (info->pk.rsa.padding == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
/* Initialize key */
|
||||
ret = load_pem_key_file_as_der(privKeyFile, &pDer,
|
||||
&keyFormat);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
ret = wc_InitRsaKey(&key, HEAP_HINT);
|
||||
if (ret == 0) {
|
||||
word32 keyIdx = 0;
|
||||
/* load RSA private key and perform private transform */
|
||||
ret = wc_RsaPrivateKeyDecode(pDer->buffer, &keyIdx,
|
||||
&key, pDer->length);
|
||||
}
|
||||
/* Perform RSA operation */
|
||||
if ((ret == 0) && (info->pk.type == WC_PK_TYPE_RSA_PKCS)) {
|
||||
#if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
|
||||
ret = wc_RsaSSL_Sign(info->pk.rsa.in, info->pk.rsa.inLen,
|
||||
info->pk.rsa.out, *info->pk.rsa.outLen, &key,
|
||||
info->pk.rsa.rng);
|
||||
#else
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
if ((ret == 0) && (info->pk.type == WC_PK_TYPE_RSA_PSS)) {
|
||||
#ifdef WC_RSA_PSS
|
||||
ret = wc_RsaPSS_Sign_ex(info->pk.rsa.in, info->pk.rsa.inLen,
|
||||
info->pk.rsa.out, *info->pk.rsa.outLen,
|
||||
info->pk.rsa.padding->hash, info->pk.rsa.padding->mgf,
|
||||
info->pk.rsa.padding->saltLen, &key, info->pk.rsa.rng);
|
||||
#else
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
if ((ret == 0) && (info->pk.type == WC_PK_TYPE_RSA_OAEP)) {
|
||||
#if !defined(WC_NO_RSA_OAEP) || defined(WC_RSA_NO_PADDING)
|
||||
ret = wc_RsaPrivateDecrypt_ex(
|
||||
info->pk.rsa.in, info->pk.rsa.inLen,
|
||||
info->pk.rsa.out, *info->pk.rsa.outLen,
|
||||
&key, WC_RSA_OAEP_PAD, info->pk.rsa.padding->hash,
|
||||
info->pk.rsa.padding->mgf, info->pk.rsa.padding->label,
|
||||
info->pk.rsa.padding->labelSz);
|
||||
#else
|
||||
ret = CRYPTOCB_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
if (ret > 0) {
|
||||
*info->pk.rsa.outLen = ret;
|
||||
}
|
||||
|
||||
wc_FreeRsaKey(&key);
|
||||
wc_FreeDer(&pDer); pDer = NULL;
|
||||
}
|
||||
#endif /* ifdef WOLF_CRYPTO_CB_RSA_PAD */
|
||||
#endif /* !NO_RSA */
|
||||
#ifdef HAVE_ECC
|
||||
if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) {
|
||||
|
|
|
@ -418,6 +418,62 @@ int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
|
|||
return wc_CryptoCb_TranslateErrorCode(ret);
|
||||
}
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
int wc_CryptoCb_RsaPad(const byte* in, word32 inLen, byte* out,
|
||||
word32* outLen, int type, RsaKey* key, WC_RNG* rng,
|
||||
RsaPadding *padding)
|
||||
{
|
||||
int ret = WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE);
|
||||
CryptoCb* dev;
|
||||
int pk_type;
|
||||
|
||||
if (key == NULL)
|
||||
return ret;
|
||||
|
||||
/* locate registered callback */
|
||||
dev = wc_CryptoCb_FindDevice(key->devId, WC_ALGO_TYPE_PK);
|
||||
|
||||
if (padding) {
|
||||
switch(padding->pad_type) {
|
||||
#ifndef NO_PKCS11_RSA_PKCS
|
||||
case WC_RSA_PKCSV15_PAD:
|
||||
pk_type = WC_PK_TYPE_RSA_PKCS;
|
||||
break;
|
||||
case WC_RSA_PSS_PAD:
|
||||
pk_type = WC_PK_TYPE_RSA_PSS;
|
||||
break;
|
||||
case WC_RSA_OAEP_PAD:
|
||||
pk_type = WC_PK_TYPE_RSA_OAEP;
|
||||
break;
|
||||
#endif /* NO_PKCS11_RSA_PKCS */
|
||||
default:
|
||||
pk_type = WC_PK_TYPE_RSA;
|
||||
}
|
||||
} else {
|
||||
pk_type = WC_PK_TYPE_RSA;
|
||||
}
|
||||
|
||||
if (dev && dev->cb) {
|
||||
wc_CryptoInfo cryptoInfo;
|
||||
XMEMSET(&cryptoInfo, 0, sizeof(cryptoInfo));
|
||||
cryptoInfo.algo_type = WC_ALGO_TYPE_PK;
|
||||
cryptoInfo.pk.type = pk_type;
|
||||
cryptoInfo.pk.rsa.in = in;
|
||||
cryptoInfo.pk.rsa.inLen = inLen;
|
||||
cryptoInfo.pk.rsa.out = out;
|
||||
cryptoInfo.pk.rsa.outLen = outLen;
|
||||
cryptoInfo.pk.rsa.type = type;
|
||||
cryptoInfo.pk.rsa.key = key;
|
||||
cryptoInfo.pk.rsa.rng = rng;
|
||||
cryptoInfo.pk.rsa.padding = padding;
|
||||
|
||||
ret = dev->cb(dev->devId, &cryptoInfo, dev->ctx);
|
||||
}
|
||||
|
||||
return wc_CryptoCb_TranslateErrorCode(ret);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
||||
{
|
||||
|
|
|
@ -3127,6 +3127,9 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
|
|||
int ret = 0;
|
||||
(void)rng;
|
||||
(void)checkSmallCt;
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
|
||||
RsaPadding padding;
|
||||
#endif
|
||||
|
||||
if (key == NULL || in == NULL || inLen == 0 || out == NULL ||
|
||||
outLen == NULL || *outLen == 0 || type == RSA_TYPE_UNKNOWN) {
|
||||
|
@ -3138,7 +3141,18 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
|
|||
if (key->devId != INVALID_DEVID)
|
||||
#endif
|
||||
{
|
||||
#if defined(WOLF_CRYPTO_CB_RSA_PAD)
|
||||
/* If we are here, either the RSA PAD callback was already called
|
||||
* and returned that it could not implement for that padding scheme,
|
||||
* or this is a public verify operation. Either way indicate to the
|
||||
* callback that this should be a raw RSA operation with no padding.*/
|
||||
XMEMSET(&padding, 0, sizeof(RsaPadding));
|
||||
padding.pad_type = WC_RSA_NO_PAD;
|
||||
ret = wc_CryptoCb_RsaPad(in, inLen, out,
|
||||
outLen, type, key, rng, &padding);
|
||||
#else
|
||||
ret = wc_CryptoCb_Rsa(in, inLen, out, outLen, type, key, rng);
|
||||
#endif
|
||||
#ifndef WOLF_CRYPTO_CB_ONLY_RSA
|
||||
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
||||
return ret;
|
||||
|
@ -3246,6 +3260,9 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
|
|||
int ret = 0;
|
||||
int sz;
|
||||
int state;
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
|
||||
RsaPadding padding;
|
||||
#endif
|
||||
|
||||
if (in == NULL || inLen == 0 || out == NULL || key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
|
@ -3342,6 +3359,29 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
|
|||
#endif
|
||||
#endif /* WOLFSSL_SE050 */
|
||||
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
|
||||
if (key->devId != INVALID_DEVID) {
|
||||
XMEMSET(&padding, 0, sizeof(RsaPadding));
|
||||
padding.pad_value = pad_value;
|
||||
padding.pad_type = pad_type;
|
||||
padding.hash = hash;
|
||||
padding.mgf = mgf;
|
||||
padding.label = label;
|
||||
padding.labelSz = labelSz;
|
||||
padding.saltLen = saltLen;
|
||||
ret = wc_CryptoCb_RsaPad(in, inLen, out, &outLen, rsa_type, key, rng,
|
||||
&padding);
|
||||
|
||||
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
|
||||
if (ret < 0) {
|
||||
break;
|
||||
}
|
||||
|
||||
ret = outLen;
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
key->state = RSA_STATE_ENCRYPT_PAD;
|
||||
ret = wc_RsaPad_ex(in, inLen, out, (word32)sz, pad_value, rng, pad_type,
|
||||
hash, mgf, label, labelSz, saltLen,
|
||||
|
@ -3421,6 +3461,9 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
|
|||
{
|
||||
int ret = WC_NO_ERR_TRACE(RSA_WRONG_TYPE_E);
|
||||
byte* pad = NULL;
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
|
||||
RsaPadding padding;
|
||||
#endif
|
||||
|
||||
if (in == NULL || inLen == 0 || out == NULL || key == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
|
@ -3531,6 +3574,25 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
|
|||
FALL_THROUGH;
|
||||
|
||||
case RSA_STATE_DECRYPT_EXPTMOD:
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
|
||||
if ((key->devId != INVALID_DEVID) && (rsa_type != RSA_PUBLIC_DECRYPT)) {
|
||||
/* Everything except verify goes to crypto cb if
|
||||
* WOLF_CRYPTO_CB_RSA_PAD defined */
|
||||
XMEMSET(&padding, 0, sizeof(RsaPadding));
|
||||
padding.pad_value = pad_value;
|
||||
padding.pad_type = pad_type;
|
||||
padding.hash = hash;
|
||||
padding.mgf = mgf;
|
||||
padding.label = label;
|
||||
padding.labelSz = labelSz;
|
||||
padding.saltLen = saltLen;
|
||||
ret = wc_CryptoCb_RsaPad(in, inLen, out,
|
||||
&outLen, rsa_type, key, rng, &padding);
|
||||
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE)) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_VERIFY_INLINE) && \
|
||||
!defined(WOLFSSL_NO_MALLOC)
|
||||
ret = wc_RsaFunction_ex(key->data, inLen, key->data, &key->dataLen,
|
||||
|
|
|
@ -552,7 +552,7 @@ static int Pkcs11Slot_FindByTokenName(Pkcs11Dev* dev,
|
|||
PKCS11_RV("C_GetTokenInfo", rv);
|
||||
if (rv == CKR_OK &&
|
||||
XMEMCMP(tinfo.label, tokenName, tokenNameSz) == 0) {
|
||||
ret = slot[index];
|
||||
ret = (int)slot[index];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
@ -1809,6 +1809,84 @@ static int Pkcs11RsaPrivateKey(Pkcs11Session* session, RsaKey* rsaKey,
|
|||
return ret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the hash length associated with the WolfCrypt hash type.
|
||||
*
|
||||
* @param [in] hType Hash Type.
|
||||
* @return -1 if hash type not recognized.
|
||||
* @return hash length on success.
|
||||
*/
|
||||
int wc_hash2sz(int hType)
|
||||
{
|
||||
switch(hType) {
|
||||
case WC_HASH_TYPE_SHA:
|
||||
return 20;
|
||||
case WC_HASH_TYPE_SHA224:
|
||||
return 24;
|
||||
case WC_HASH_TYPE_SHA256:
|
||||
return 32;
|
||||
case WC_HASH_TYPE_SHA384:
|
||||
return 48;
|
||||
case WC_HASH_TYPE_SHA512:
|
||||
return 64;
|
||||
default:
|
||||
/* unsupported WC_HASH_TYPE_XXXX */
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get PKCS11 hash mechanism associated with the WolfCrypt hash type.
|
||||
*
|
||||
* @param [in] hType Hash Type.
|
||||
* @return 0 if hash type not recognized.
|
||||
* @return PKCS11 mechanism on success.
|
||||
*/
|
||||
CK_MECHANISM_TYPE wc_hash2ckm(int hType)
|
||||
{
|
||||
switch(hType) {
|
||||
case WC_HASH_TYPE_SHA:
|
||||
return CKM_SHA_1;
|
||||
case WC_HASH_TYPE_SHA224:
|
||||
return CKM_SHA224;
|
||||
case WC_HASH_TYPE_SHA256:
|
||||
return CKM_SHA256;
|
||||
case WC_HASH_TYPE_SHA384:
|
||||
return CKM_SHA384;
|
||||
case WC_HASH_TYPE_SHA512:
|
||||
return CKM_SHA512;
|
||||
default:
|
||||
/* unsupported WC_HASH_TYPE_XXXX */
|
||||
return 0UL;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Get PKCS11 MGF hash mechanism associated with the WolfCrypt MGF hash type.
|
||||
*
|
||||
* @param [in] mgf MGF Type.
|
||||
* @return 0 if MGF type not recognized.
|
||||
* @return PKCS11 MGF hash mechanism on success.
|
||||
*/
|
||||
CK_MECHANISM_TYPE wc_mgf2ckm(int mgf)
|
||||
{
|
||||
switch(mgf) {
|
||||
case WC_MGF1SHA1:
|
||||
return CKG_MGF1_SHA1;
|
||||
case WC_MGF1SHA224:
|
||||
return CKG_MGF1_SHA224;
|
||||
case WC_MGF1SHA256:
|
||||
return CKG_MGF1_SHA256;
|
||||
case WC_MGF1SHA384:
|
||||
return CKG_MGF1_SHA384;
|
||||
case WC_MGF1SHA512:
|
||||
return CKG_MGF1_SHA512;
|
||||
default:
|
||||
/* unsupported WC_MGF1XXXX */
|
||||
return 0x0UL;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Exponentiate the input with the public part of the RSA key.
|
||||
* Used in public encrypt and decrypt.
|
||||
|
@ -1822,9 +1900,13 @@ static int Pkcs11RsaEncrypt(Pkcs11Session* session, wc_CryptoInfo* info,
|
|||
CK_OBJECT_HANDLE key)
|
||||
{
|
||||
int ret = 0;
|
||||
CK_MECHANISM_TYPE mechanism = 0x0UL;
|
||||
CK_RV rv;
|
||||
CK_MECHANISM mech;
|
||||
CK_ULONG outLen;
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
CK_RSA_PKCS_OAEP_PARAMS oaepParams;
|
||||
#endif
|
||||
|
||||
WOLFSSL_MSG("PKCS#11: RSA Public Key Operation");
|
||||
|
||||
|
@ -1832,12 +1914,37 @@ static int Pkcs11RsaEncrypt(Pkcs11Session* session, wc_CryptoInfo* info,
|
|||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
switch(info->pk.type) {
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
case WC_PK_TYPE_RSA_PKCS:
|
||||
mechanism = CKM_RSA_PKCS;
|
||||
break;
|
||||
case WC_PK_TYPE_RSA_OAEP:
|
||||
mechanism = CKM_RSA_PKCS_OAEP;
|
||||
break;
|
||||
#endif
|
||||
case WC_PK_TYPE_RSA:
|
||||
mechanism = CKM_RSA_X_509;
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Raw RSA encrypt/decrypt operation. */
|
||||
mech.mechanism = CKM_RSA_X_509;
|
||||
mech.mechanism = mechanism;
|
||||
mech.ulParameterLen = 0;
|
||||
mech.pParameter = NULL;
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
if (mechanism == CKM_RSA_PKCS_OAEP) {
|
||||
XMEMSET(&oaepParams, 0, sizeof(oaepParams));
|
||||
mech.ulParameterLen = sizeof(CK_RSA_PKCS_OAEP_PARAMS);
|
||||
mech.pParameter = &oaepParams;
|
||||
oaepParams.source = CKZ_DATA_SPECIFIED;
|
||||
oaepParams.hashAlg = wc_hash2ckm(info->pk.rsa.padding->hash);
|
||||
oaepParams.mgf = wc_mgf2ckm(info->pk.rsa.padding->mgf);
|
||||
}
|
||||
#endif
|
||||
|
||||
rv = session->func->C_EncryptInit(session->handle, &mech, key);
|
||||
PKCS11_RV("C_EncryptInit", rv);
|
||||
if (rv != CKR_OK) {
|
||||
|
@ -1875,9 +1982,13 @@ static int Pkcs11RsaDecrypt(Pkcs11Session* session, wc_CryptoInfo* info,
|
|||
CK_OBJECT_HANDLE key)
|
||||
{
|
||||
int ret = 0;
|
||||
CK_MECHANISM_TYPE mechanism = 0x0UL;
|
||||
CK_RV rv;
|
||||
CK_MECHANISM mech;
|
||||
CK_ULONG outLen;
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
CK_RSA_PKCS_OAEP_PARAMS oaepParams;
|
||||
#endif
|
||||
|
||||
WOLFSSL_MSG("PKCS#11: RSA Private Key Operation");
|
||||
|
||||
|
@ -1885,12 +1996,37 @@ static int Pkcs11RsaDecrypt(Pkcs11Session* session, wc_CryptoInfo* info,
|
|||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
switch(info->pk.type) {
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
case WC_PK_TYPE_RSA_PKCS:
|
||||
mechanism = CKM_RSA_PKCS;
|
||||
break;
|
||||
case WC_PK_TYPE_RSA_OAEP:
|
||||
mechanism = CKM_RSA_PKCS_OAEP;
|
||||
break;
|
||||
#endif
|
||||
case WC_PK_TYPE_RSA:
|
||||
mechanism = CKM_RSA_X_509;
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Raw RSA encrypt/decrypt operation. */
|
||||
mech.mechanism = CKM_RSA_X_509;
|
||||
mech.mechanism = mechanism;
|
||||
mech.ulParameterLen = 0;
|
||||
mech.pParameter = NULL;
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
if (mechanism == CKM_RSA_PKCS_OAEP) {
|
||||
XMEMSET(&oaepParams, 0, sizeof(oaepParams));
|
||||
mech.ulParameterLen = sizeof(CK_RSA_PKCS_OAEP_PARAMS);
|
||||
mech.pParameter = &oaepParams;
|
||||
oaepParams.source = CKZ_DATA_SPECIFIED;
|
||||
oaepParams.hashAlg = wc_hash2ckm(info->pk.rsa.padding->hash);
|
||||
oaepParams.mgf = wc_mgf2ckm(info->pk.rsa.padding->mgf);
|
||||
}
|
||||
#endif
|
||||
|
||||
rv = session->func->C_DecryptInit(session->handle, &mech, key);
|
||||
PKCS11_RV("C_DecryptInit", rv);
|
||||
if (rv != CKR_OK) {
|
||||
|
@ -1933,6 +2069,12 @@ static int Pkcs11RsaSign(Pkcs11Session* session, wc_CryptoInfo* info,
|
|||
CK_RV rv;
|
||||
CK_MECHANISM mech;
|
||||
CK_ULONG outLen;
|
||||
CK_MECHANISM_TYPE mechanism;
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
CK_RSA_PKCS_PSS_PARAMS pssParams;
|
||||
int hLen;
|
||||
int saltLen;
|
||||
#endif
|
||||
|
||||
WOLFSSL_MSG("PKCS#11: RSA Private Key Operation");
|
||||
|
||||
|
@ -1940,12 +2082,67 @@ static int Pkcs11RsaSign(Pkcs11Session* session, wc_CryptoInfo* info,
|
|||
ret = BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
switch(info->pk.type) {
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
case WC_PK_TYPE_RSA_PKCS:
|
||||
mechanism = CKM_RSA_PKCS;
|
||||
break;
|
||||
case WC_PK_TYPE_RSA_PSS:
|
||||
mechanism = CKM_RSA_PKCS_PSS;
|
||||
break;
|
||||
#endif /* WOLF_CRYPTO_CB_RSA_PAD */
|
||||
default:
|
||||
mechanism = CKM_RSA_X_509;
|
||||
break;
|
||||
}
|
||||
|
||||
if (ret == 0) {
|
||||
/* Raw RSA encrypt/decrypt operation. */
|
||||
mech.mechanism = CKM_RSA_X_509;
|
||||
mech.mechanism = mechanism;
|
||||
mech.ulParameterLen = 0;
|
||||
mech.pParameter = NULL;
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
if (mechanism == CKM_RSA_PKCS_PSS) {
|
||||
mech.ulParameterLen = sizeof(CK_RSA_PKCS_PSS_PARAMS);
|
||||
mech.pParameter = &pssParams;
|
||||
pssParams.hashAlg = wc_hash2ckm(info->pk.rsa.padding->hash);
|
||||
pssParams.mgf = wc_mgf2ckm(info->pk.rsa.padding->mgf);
|
||||
|
||||
saltLen = info->pk.rsa.padding->saltLen;
|
||||
hLen = wc_hash2sz(info->pk.rsa.padding->hash);
|
||||
|
||||
/* Same salt length code as rsa.c */
|
||||
if (saltLen == RSA_PSS_SALT_LEN_DEFAULT)
|
||||
saltLen = hLen;
|
||||
#ifndef WOLFSSL_PSS_LONG_SALT
|
||||
else if (saltLen > hLen) {
|
||||
return PSS_SALTLEN_E;
|
||||
}
|
||||
#endif
|
||||
#ifndef WOLFSSL_PSS_SALT_LEN_DISCOVER
|
||||
else if (saltLen < RSA_PSS_SALT_LEN_DEFAULT) {
|
||||
return PSS_SALTLEN_E;
|
||||
}
|
||||
#else
|
||||
else if (saltLen == RSA_PSS_SALT_LEN_DISCOVER) {
|
||||
saltLen = *(info->pk.rsa.outLen) - hLen - 2;
|
||||
if (saltLen < 0) {
|
||||
return PSS_SALTLEN_E;
|
||||
}
|
||||
}
|
||||
else if (saltLen < RSA_PSS_SALT_LEN_DISCOVER) {
|
||||
return PSS_SALTLEN_E;
|
||||
}
|
||||
#endif
|
||||
if (*(info->pk.rsa.outLen) - hLen < (word32)(saltLen + 2)) {
|
||||
return PSS_SALTLEN_E;
|
||||
}
|
||||
|
||||
pssParams.sLen = saltLen;
|
||||
}
|
||||
#endif /* WOLF_CRYPTO_CB_RSA_PAD */
|
||||
|
||||
rv = session->func->C_SignInit(session->handle, &mech, key);
|
||||
PKCS11_RV("C_SignInit", rv);
|
||||
if (rv != CKR_OK) {
|
||||
|
@ -1984,13 +2181,31 @@ static int Pkcs11Rsa(Pkcs11Session* session, wc_CryptoInfo* info)
|
|||
int ret = 0;
|
||||
CK_RV rv;
|
||||
CK_MECHANISM_INFO mechInfo;
|
||||
CK_MECHANISM_TYPE mechanism = 0x0UL;
|
||||
int sessionKey = 0;
|
||||
CK_OBJECT_HANDLE key;
|
||||
RsaKey* rsaKey = info->pk.rsa.key;
|
||||
int type = info->pk.rsa.type;
|
||||
|
||||
switch(info->pk.type) {
|
||||
#ifndef NO_PKCS11_RSA_PKCS
|
||||
case WC_PK_TYPE_RSA_PKCS:
|
||||
mechanism = CKM_RSA_PKCS;
|
||||
break;
|
||||
case WC_PK_TYPE_RSA_PSS:
|
||||
mechanism = CKM_RSA_PKCS_PSS;
|
||||
break;
|
||||
case WC_PK_TYPE_RSA_OAEP:
|
||||
mechanism = CKM_RSA_PKCS_OAEP;
|
||||
break;
|
||||
#endif /* NO_PKCS11_RSA_PKCS */
|
||||
case WC_PK_TYPE_RSA:
|
||||
mechanism = CKM_RSA_X_509;
|
||||
break;
|
||||
}
|
||||
|
||||
/* Check operation is supported. */
|
||||
rv = session->func->C_GetMechanismInfo(session->slotId, CKM_RSA_X_509,
|
||||
rv = session->func->C_GetMechanismInfo(session->slotId, mechanism,
|
||||
&mechInfo);
|
||||
PKCS11_RV("C_GetMechanismInfo", rv);
|
||||
if (rv != CKR_OK) {
|
||||
|
@ -2023,7 +2238,7 @@ static int Pkcs11Rsa(Pkcs11Session* session, wc_CryptoInfo* info)
|
|||
}
|
||||
else if (type == RSA_PUBLIC_DECRYPT) {
|
||||
WOLFSSL_MSG("PKCS#11: Public Decrypt");
|
||||
if ((mechInfo.flags & CKF_DECRYPT) != 0) {
|
||||
if ((mechInfo.flags & CKF_ENCRYPT) != 0) {
|
||||
ret = Pkcs11RsaEncrypt(session, info, key);
|
||||
}
|
||||
else {
|
||||
|
@ -3783,6 +3998,11 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
|
|||
switch (info->pk.type) {
|
||||
#ifndef NO_RSA
|
||||
case WC_PK_TYPE_RSA:
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
case WC_PK_TYPE_RSA_PKCS:
|
||||
case WC_PK_TYPE_RSA_PSS:
|
||||
case WC_PK_TYPE_RSA_OAEP:
|
||||
#endif
|
||||
ret = Pkcs11OpenSession(token, &session, readWrite);
|
||||
if (ret == 0) {
|
||||
ret = Pkcs11Rsa(&session, info);
|
||||
|
|
|
@ -118,6 +118,9 @@ typedef struct wc_CryptoInfo {
|
|||
int type;
|
||||
RsaKey* key;
|
||||
WC_RNG* rng;
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
RsaPadding *padding;
|
||||
#endif
|
||||
} rsa;
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
struct {
|
||||
|
@ -481,6 +484,11 @@ WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info);
|
|||
WOLFSSL_LOCAL int wc_CryptoCb_Rsa(const byte* in, word32 inLen, byte* out,
|
||||
word32* outLen, int type, RsaKey* key, WC_RNG* rng);
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB_RSA_PAD
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_RsaPad(const byte* in, word32 inLen, byte* out,
|
||||
word32* outLen, int type, RsaKey* key, WC_RNG* rng, RsaPadding *padding);
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_KEY_GEN
|
||||
WOLFSSL_LOCAL int wc_CryptoCb_MakeRsaKey(RsaKey* key, int size, long e,
|
||||
WC_RNG* rng);
|
||||
|
|
|
@ -274,6 +274,20 @@ struct RsaKey {
|
|||
|
||||
#endif /* HAVE_FIPS */
|
||||
|
||||
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_RSA_PAD)
|
||||
struct RsaPadding {
|
||||
byte pad_value;
|
||||
int pad_type;
|
||||
enum wc_HashType hash;
|
||||
int mgf;
|
||||
byte* label;
|
||||
word32 labelSz;
|
||||
int saltLen;
|
||||
int unpadded;
|
||||
};
|
||||
typedef struct RsaPadding RsaPadding;
|
||||
#endif
|
||||
|
||||
WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
|
||||
WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
|
||||
WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
|
||||
|
|
|
@ -1263,6 +1263,9 @@ typedef struct w64wrapper {
|
|||
#undef _WC_PK_TYPE_MAX
|
||||
#define _WC_PK_TYPE_MAX WC_PK_TYPE_PQC_SIG_CHECK_PRIV_KEY
|
||||
#endif
|
||||
WC_PK_TYPE_RSA_PKCS = 25,
|
||||
WC_PK_TYPE_RSA_PSS = 26,
|
||||
WC_PK_TYPE_RSA_OAEP = 27,
|
||||
WC_PK_TYPE_MAX = _WC_PK_TYPE_MAX
|
||||
};
|
||||
|
||||
|
|
|
@ -97,6 +97,10 @@ WOLFSSL_API int wc_Pkcs11StoreKey(Pkcs11Token* token, int type, int clear,
|
|||
WOLFSSL_API int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info,
|
||||
void* ctx);
|
||||
|
||||
WOLFSSL_LOCAL int wc_hash2sz(int);
|
||||
WOLFSSL_LOCAL CK_MECHANISM_TYPE wc_hash2ckm(int);
|
||||
WOLFSSL_LOCAL CK_MECHANISM_TYPE wc_mgf2ckm(int);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue