mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

RSA Update

Browse Source 
1. Added FIPS wrappers for MakeRsaKey(), CheckProbablePrime(), and RsaFlattenPublicKey().
2. Update the API test so that it used appropriate key and message sizes for the RSA testing.
3. Add function to get all parts of a flattened RSA key.
This commit is contained in:
John Safranek 2017-10-31 13:30:06 -07:00
parent 84f6093068
commit a784142edf
4 changed files with 97 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cyassl/ctaocrypt/rsa.h
View File

@ -45,6 +45,7 @@
#ifdef WOLFSSL_KEY_GEN
#define MakeRsaKey wc_MakeRsaKey
#define RsaKeyToDer wc_RsaKeyToDer
#define CheckProbablePrime wc_CheckProbablePrime
#endif
#ifdef WOLFSSL_ASYNC_CRYPT

91
wolfcrypt/src/rsa.c
View File

@ -147,17 +147,47 @@ int wc_RsaEncryptSize(RsaKey* key)
}
int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32* bSz)
{
#ifndef WOLFSSL_KEY_GEN
int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32* bSz)
{
/* not specified as fips so not needing _fips */
return RsaFlattenPublicKey(key, a, aSz, b, bSz);
}
#else
int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
word32* bSz)
{
/* not specified as fips so not needing _fips */
return RsaFlattenPublicKey_fips(key, a, aSz, b, bSz);
}
int wc_RsaExportKey(RsaKey* key,
byte* e, word32* eSz, byte* n, word32* nSz,
byte* d, word32* dSz, byte* p, word32* pSz,
byte* q, word32* qSz)
{
/* not specified as fips so not needing _fips */
return RsaExportKey_fips(key, e, eSz, n, nSz, d, dSz, p, pSz, q, qSz);
}
int wc_CheckProbablePrime(const byte* pRaw, word32 pRawSz,
const byte* qRaw, word32 qRawSz,
const byte* eRaw, word32 eRawSz,
int nlen, int* isPrime)
{
return CheckProbablePrime_fips(pRaw, pRawSz,
qRaw, qRawSz,
eRaw, eRawSz,
nlen, isPrime);
}
/* not specified as fips so not needing _fips */
return RsaFlattenPublicKey(key, a, aSz, b, bSz);
}
#ifdef WOLFSSL_KEY_GEN
int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
{
return MakeRsaKey(key, size, e, rng);
return MakeRsaKey_fips(key, size, e, rng);
}
#endif
@ -2095,6 +2125,51 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
return 0;
}
static int RsaGetValue(mp_int* in, byte* out, word32* outSz)
{
word32 sz;
int ret = 0;
sz = (word32)mp_unsigned_bin_size(in);
if (sz > *outSz)
ret = RSA_BUFFER_E;
if (ret == 0)
ret = mp_to_unsigned_bin(in, out);
if (ret == MP_OKAY)
*outSz = sz;
return ret;
}
int wc_RsaExportKey(RsaKey* key,
byte* e, word32* eSz, byte* n, word32* nSz,
byte* d, word32* dSz, byte* p, word32* pSz,
byte* q, word32* qSz)
{
int ret = BAD_FUNC_ARG;
if (key && e && eSz && n && nSz && d && dSz && p && pSz && q && qSz)
ret = 0;
if (ret == 0)
ret = RsaGetValue(&key->e, e, eSz);
if (ret == 0)
ret = RsaGetValue(&key->n, n, nSz);
if (ret == 0)
ret = RsaGetValue(&key->d, d, dSz);
if (ret == 0)
ret = RsaGetValue(&key->p, p, pSz);
if (ret == 0)
ret = RsaGetValue(&key->q, q, qSz);
return ret;
}
#ifdef WOLFSSL_KEY_GEN
/* Check that |p-q| > 2^((size/2)-100) */

8
wolfcrypt/test/test.c
View File

@ -8394,11 +8394,17 @@ int rsa_test(void)
#ifdef WOLFSSL_KEY_GEN
{
int derSz = 0;
int keySz = 1024;
#ifdef HAVE_FIPS
keySz = 2048;
#endif /* HAVE_FIPS */
ret = wc_InitRsaKey(&genKey, HEAP_HINT);
if (ret != 0) {
ERROR_OUT(-5550, exit_rsa);
}
ret = wc_MakeRsaKey(&genKey, 1024, WC_RSA_EXPONENT, &rng);
ret = wc_MakeRsaKey(&genKey, keySz, WC_RSA_EXPONENT, &rng);
if (ret != 0) {
ERROR_OUT(-5551, exit_rsa);
}

6
wolfssl/wolfcrypt/rsa.h
View File

@ -222,6 +222,12 @@ WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
#endif /* HAVE_FIPS*/
WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
word32*);
WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
byte* e, word32* eSz,
byte* n, word32* nSz,
byte* d, word32* dSz,
byte* p, word32* pSz,
byte* q, word32* qSz);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);