Imported Upstream version 3.10.2+dfsg

wolfcrypt/user-crypto/Makefile.am

@@ -0,0 +1,9 @@
+AM_CFLAGS=-I m4
+
+#add in wolfssl directory
+AM_CPPFLAGS+=-I$(abs_srcdir)/../../ -I$(srcdir)/include/
+lib_LTLIBRARIES = lib/libusercrypto.la
+lib_libusercrypto_la_CPPFLAGS = $(AM_CPPFLAGS)
+lib_libusercrypto_la_LDFLAGS = $(AM_LDFLAGS)
+lib_libusercrypto_la_SOURCES = src/rsa.c
+include_HEADERS = include/user_rsa.h

wolfcrypt/user-crypto/README.txt

@@ -0,0 +1,78 @@
+/*
+ * Copyright (C) 2006-2016 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/*
+ Created to use intel's IPP see their license for linking to intel's IPP library
+ */
+
+
+##BUILDING ON 64BIT MAC OSX
+Tested and developed on MAC OSX linking to IPP v9.0
+
+for me exporting the IPP library was needed. As an example it was
+export DYLD_LIBRARY_PATH="/opt/intel/ipp/lib"
+
+first go to the root wolfssl dir and run ./autogen.sh && ./configure it with desired settings then make. This is to set up the define options and wolfssl library for the user crypto to link to.
+
+Then go to the wolfssl/user-crypto directory and run ./autogen.sh && ./configure then make make install this creates a usercrypto library to use
+
+Finally go back to the root wolfssl directory and follow these build instructions
+
+building wolfSSL add CPPFLAGS=-I/opt/intel/ipp/include for finding the IPP include files
+An example build would be
+./configure --with-user-crypto CPPFLAGS=-I/opt/intel/ipp/include --enable-lighty
+
+
+##BUILDING IN 32BIT UBUNTU
+Tested on UBUNTU 32 bit linking to IPP v9.0
+
+for me exporting the IPP library. As an example it was
+export LD_LIBRARY_PATH="/opt/intel/ipp/lib/ia32_lin/:$LD_LIBRARY_PATH"
+
+first go to the root wolfssl dir and configure it with desired settings and make install. This is to set up the define options and wolfssl library for the user crypto to link to.
+
+For me on Ubuntu the IPP libraries had been installed into /opt/intel/ipp/lib/ia32_lin/ so the ./configure LDFLAGS=-L/opt/intel/ipp/lib/ia32_lin was needed to be looking at that directory.
+Run make && make install from the directory wolfssl_root/wolfssl/user-crypto/ this creates a usercrypto library to use
+
+Finally go back to the root wolfssl directory and follow these build instructions
+
+building wolfSSL add CPPFLAGS=-I/opt/intel/ipp/include for finding the IPP include files
+
+./configure --with-user-crypto=root_wolfssl/wolfssl/user-crypto CPPFLAGS=-I/opt/intel/ipp/include (plus any desired additional flags)
+
+
+##THINGS TO CHECK FOR IF NOT ABLE TO LINK WITH USERCRYPTO LIB
+Check that the path has been exported for the IPP library. If usercrypto is unable to use the  function to init an RSA key then the link to it will fail in configure. Check for this by $DYLD_LIBRARY_PATH on mac or $LD_LIBRARY_PATH on ubuntu. If the directory for the Intel IPP libraries are not displayed than use "export DYLD_LIBRARY_PATH=path_to_ipp_libraries:$DYLD_LIBRARY_PATH".
+
+
+##CREATING OWN RSA CRYPTO PLUGIN
+
+It is required to have a header file named user_rsa.h. This is what is looked for by wolfssl/wolfcrypt/rsa.h and should contain the user defined rsa key struct.
+
+It is required to have a library called usercrypto. This is linked to when configuring wolfSSL with the option --with-user-crypto
+
+It is required when compiled with RSA cert generation to have key struct elements named n and e containing the corresponding big numbers. And the three helper functions to work with the big numbers. These functions are called by wolfcrypt/src/asn.c when working with certificates.
+To view the needed functions look at wolfssl/wolfcrypt/rsa.h they will be extern functions surronded by HAVE_USER_RSA define.
+Cert Generation for other sign and verify such as ECC are not yet supported.
+
+When building with openssl compatibility layer extra developent needs to be done, having the two functions SetRsaExernal and SetRsaInternal
+
+wolfSSL does not take responsibility for the strength of security of third party cryptography libraries plugged in by the user.

wolfcrypt/user-crypto/autogen.sh

@@ -0,0 +1,23 @@
+#!/bin/sh
+#
+# Create configure and makefile stuff...
+#
+
+# Git hooks should come before autoreconf.
+if test -d .git; then
+  if ! test -d .git/hooks; then
+    mkdir .git/hooks
+  fi
+  ln -s -f ../../pre-commit.sh .git/hooks/pre-commit
+  ln -s -f ../../pre-push.sh .git/hooks/pre-push
+fi
+
+# If this is a source checkout then call autoreconf with error as well
+if test -d .git; then
+  WARNINGS="all,error"
+else
+  WARNINGS="all"
+fi
+
+autoreconf --install --force --verbose
+

wolfcrypt/user-crypto/configure.ac

@@ -0,0 +1,44 @@
+#                                               -*- Autoconf -*-
+# Process this file with autoconf to produce a configure script.
+
+AC_PREREQ([2.63])
+AC_INIT([usercypto], [0.1], [])
+AC_CONFIG_SRCDIR([src/rsa.c])
+
+AM_INIT_AUTOMAKE([1.11 -Wall -Werror -Wno-portability foreign tar-ustar subdir-objects no-define color-tests])
+
+LT_PREREQ([2.2])
+LT_INIT([disable-static])
+LT_LANG([C++])
+LT_LANG([C])
+
+# Checks for programs.
+AC_PROG_CC
+AC_CONFIG_MACRO_DIR([m4])
+
+# Checks for libraries.
+AM_LDFLAGS=$LDFLAGS
+LDFLAGS="$LDFLAGS -L/opt/intel/ipp/lib -lippcp -lippcore"
+
+# Path to find wolfssl/options and other includes
+AM_CPPFLAGS=$CPPFLAGS
+CPPFLAGS="$CPPFLAGS -I../../ -I/opt/intel/ipp/include"
+AC_CHECK_LIB([ippcore], [ippGetStatusString], [], [AC_MSG_ERROR([ippcore library needed ./configure LDFLAGS=/path/to/ipp/lib])])
+AC_CHECK_LIB([ippcp], [ippsRSA_InitPublicKey], [], [AC_MSG_ERROR([ippcp library needed ./configure LDFLAGS=/path/to/ipp/lib])])
+
+# check headers
+AC_CHECK_HEADER([ippcp.h], [], [AC_MSG_ERROR([ippcp.h not found ./configure CPPFLAGS=-I/ipp/headers])])
+AC_CHECK_HEADER([ipp.h], [], [AC_MSG_ERROR([ipp.h not found ./configure CPPFLAGS=-I/ipp/headers])])
+
+LDFLAGS=$AM_LDFLAGS
+CPPFLAGS=$AM_CPPFLAGS
+
+AM_LDFLAGS="-L/opt/intel/ipp/lib -lippcp -lippcore"
+AM_CPPFLAGS="-I/opt/intel/ipp/include"
+
+AC_SUBST([AM_CPPFLAGS])
+AC_SUBST([AM_LDFLAGS])
+AC_C_INLINE
+
+AC_CONFIG_FILES([Makefile])
+AC_OUTPUT

wolfcrypt/user-crypto/include.am

@@ -0,0 +1,13 @@
+
+if BUILD_FAST_RSA
+include_HEADERS += wolfcrypt/user-crypto/include/user_rsa.h
+endif
+
+# user crypto plug in example
+EXTRA_DIST+= wolfcrypt/user-crypto/configure.ac
+EXTRA_DIST+= wolfcrypt/user-crypto/autogen.sh
+EXTRA_DIST+= wolfcrypt/user-crypto/include/user_rsa.h
+EXTRA_DIST+= wolfcrypt/user-crypto/src/rsa.c
+EXTRA_DIST+= wolfcrypt/user-crypto/lib/.gitkeep
+EXTRA_DIST+= wolfcrypt/user-crypto/README.txt
+EXTRA_DIST+= wolfcrypt/user-crypto/Makefile.am

wolfcrypt/user-crypto/include/user_rsa.h

@@ -0,0 +1,132 @@
+/* user_rsa.h
+ *
+ * Copyright (C) 2006-2016 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/*
+ Created to use intel's IPP see their license for linking to intel's IPP library
+ */
+
+#ifndef USER_WOLF_CRYPT_RSA_H
+#define USER_WOLF_CRYPT_RSA_H
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef NO_RSA
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+/* intels crypto */
+#include <ipp.h>
+#include <ippcp.h>
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* needed for WOLFSSL_RSA type but use macro guard against redefine */
+#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TYPES_DEFINED) \
+        && !defined(WOLFSSL_RSA_TYPE_DEFINED)
+    struct WOLFSSL_RSA;
+    typedef struct WOLFSSL_RSA WOLFSSL_RSA;
+    #define WOLFSSL_RSA_TYPE_DEFINED
+#endif
+
+enum {
+    RSA_PUBLIC   = 0,
+    RSA_PRIVATE  = 1,
+};
+
+
+/* RSA */
+typedef struct RsaKey {
+    IppsBigNumState* n;
+    IppsBigNumState* e;
+    IppsBigNumState* dipp;
+    IppsBigNumState* pipp;
+    IppsBigNumState* qipp;
+    IppsBigNumState* dPipp;
+    IppsBigNumState* dQipp;
+    IppsBigNumState* uipp;
+    int nSz, eSz, dSz;
+    IppsRSAPublicKeyState*  pPub;
+    IppsRSAPrivateKeyState* pPrv;
+    word32 prvSz; /* size of private key */
+    word32 sz;    /* size of signature */
+    int   type;                               /* public or private */
+    void* heap;                               /* for user memory overrides */
+} RsaKey;
+
+WOLFSSL_API int  wc_InitRsaKey(RsaKey* key, void*);
+WOLFSSL_API int  wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
+WOLFSSL_API int  wc_FreeRsaKey(RsaKey* key);
+
+WOLFSSL_API int  wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
+                                     word32 outLen, RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int  wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
+                                            RsaKey* key);
+WOLFSSL_API int  wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
+                                      word32 outLen, RsaKey* key);
+WOLFSSL_API int  wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
+                                word32 outLen, RsaKey* key, WC_RNG* rng);
+WOLFSSL_API int  wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
+                                        RsaKey* key);
+WOLFSSL_API int  wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
+                                  word32 outLen, RsaKey* key);
+WOLFSSL_API int  wc_RsaEncryptSize(RsaKey* key);
+
+WOLFSSL_API int  wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
+                                                               RsaKey*, word32);
+WOLFSSL_API int  wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
+                                                               RsaKey*, word32);
+WOLFSSL_API int  wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
+                                        const byte* e, word32 eSz, RsaKey* key);
+#ifdef WOLFSSL_KEY_GEN
+    WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
+    WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
+    WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
+#endif
+WOLFSSL_API int  wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
+                                                                       word32*);
+WOLFSSL_API int  wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
+
+
+#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)
+        /* abstracted BN operations with RSA key */
+    WOLFSSL_API int wc_Rsa_leading_bit(void* BN);
+    WOLFSSL_API int wc_Rsa_unsigned_bin_size(void* BN);
+
+        /* return MP_OKAY on success */
+    WOLFSSL_API int wc_Rsa_to_unsigned_bin(void* BN, byte* in, int inLen);
+#endif
+
+#ifdef OPENSSL_EXTRA /* abstracted functions to deal with rsa key */
+    WOLFSSL_API int SetRsaExternal(WOLFSSL_RSA* rsa);
+    WOLFSSL_API int SetRsaInternal(WOLFSSL_RSA* rsa);
+#endif
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* NO_RSA */
+#endif /* USER_WOLF_CRYPT_RSA_H */
+
+