deb/wolfssl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Imported Upstream version 3.13.0+dfsg

Browse Source
This commit is contained in:
Mario Fetka
2018-02-19 12:29:49 +01:00
parent 1893aafd38
commit e07619e148
472 changed files with 168552 additions and 31827 deletions
Download Patch File Download Diff File Expand all files Collapse all files

177
wolfcrypt/user-crypto/src/rsa.c
View File

@@ -1,6 +1,6 @@
/* rsa.c
*
* Copyright (C) 2006-2016 wolfSSL Inc.
* Copyright (C) 2006-2017 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
@@ -928,6 +928,10 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
int ctxSz, pSz, qSz;
IppStatus ret;
if (input == NULL || inOutIdx == NULL || key == NULL) {
return USER_CRYPTO_ERROR;
}
USER_DEBUG(("Entering wc_RsaPrivateKeyDecode\n"));
/* read in key information */
@@ -1066,6 +1070,10 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
byte b;
#endif
if (input == NULL || inOutIdx == NULL || key == NULL) {
return USER_CRYPTO_ERROR;
}
USER_DEBUG(("Entering wc_RsaPublicKeyDecode\n"));
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
@@ -1246,7 +1254,7 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
key->eSz = eSz;
key->type = RSA_PUBLIC;
return USER_CRYPTO_ERROR;
return 0;
}
@@ -1404,7 +1412,7 @@ int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
return USER_CRYPTO_ERROR;
}
if (in == NULL || out == NULL)
if (in == NULL || inLen == 0 || out == NULL)
return USER_CRYPTO_ERROR;
/* set up a private key state using public key values */
@@ -1636,13 +1644,14 @@ int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
USER_DEBUG(("Entering wc_RsaSSL_Sign\n"));
sz = key->sz;
if (in == NULL || out == NULL || key == NULL || rng == NULL) {
USER_DEBUG(("Bad argument to wc_RsaSSL_Sign\n"));
return USER_CRYPTO_ERROR;
}
sz = key->sz;
/* sanity check on key being used */
if (key->pipp == NULL || key->qipp == NULL || key->uipp == NULL ||
key->dPipp == NULL || key->dQipp == NULL) {
@@ -1950,13 +1959,13 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
if (key == NULL || e == NULL || eSz == NULL || n == NULL || nSz == NULL)
return USER_CRYPTO_ERROR;
bytSz = sizeof(byte);
bytSz = sizeof(byte) * 8;
ret = ippsExtGet_BN(NULL, &sz, NULL, key->e);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
/* sz is in bits change to bytes */
sz = (sz / bytSz) + (sz % bytSz);
sz = (sz / bytSz) + ((sz % bytSz)? 1 : 0);
if (*eSz < (word32)sz)
return USER_CRYPTO_ERROR;
@@ -1973,7 +1982,7 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
return USER_CRYPTO_ERROR;
/* sz is in bits change to bytes */
sz = (sz / bytSz) + (sz % bytSz);
sz = (sz / bytSz) + ((sz % bytSz)? 1: 0);
if (*nSz < (word32)sz)
return USER_CRYPTO_ERROR;
@@ -1999,7 +2008,7 @@ IppStatus wolfSSL_rng(Ipp32u* pData, int nBits, void* pEbsParams)
}
nBytes = (nBits/8) + ((nBits % 8)? 1: 0);
if (wc_RNG_GenerateBlock(pEbsParams, (byte*)pData, nBytes) != 0) {
if (wc_RNG_GenerateBlock((WC_RNG*)pEbsParams, (byte*)pData, nBytes) != 0) {
USER_DEBUG(("error in generating random wolfSSL block\n"));
return ippStsErr;
}
@@ -2017,11 +2026,11 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
int i; /* for trys on calling make key */
int ctxSz;
IppsBigNumState* pSrcPublicExp;
Ipp8u* scratchBuffer;
IppsBigNumState* pSrcPublicExp = NULL;
Ipp8u* scratchBuffer = NULL;
Ipp8u eAry[8];
int trys = 8; /* Miller-Rabin test parameter */
IppsPrimeState* pPrime;
IppsPrimeState* pPrime = NULL;
int qBitSz; /* size of q factor */
int bytSz; /* size of key in bytes */
@@ -2033,8 +2042,10 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
qBitSz = (size / 2) + ((size % 2)? 1: 0);
bytSz = (size / 8) + ((size % 8)? 1: 0);
if (key == NULL)
if (key == NULL || rng == NULL) {
USER_DEBUG(("Error, NULL argument passed in\n"));
return USER_CRYPTO_ERROR;
}
if (e < 3 || (e&1) == 0)
return USER_CRYPTO_ERROR;
@@ -2049,17 +2060,21 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
ret = ippsPrimeGetSize(size, &ctxSz); /* size in bits */
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsPrimeGetSize error of %s\n", ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
pPrime = (IppsPrimeState*)XMALLOC(ctxSz, NULL, DYNAMIC_TYPE_USER_CRYPTO);
if (pPrime == NULL)
return USER_CRYPTO_ERROR;
if (pPrime == NULL) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
ret = ippsPrimeInit(size, pPrime);
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsPrimeInit error of %s\n", ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* define RSA privete key type 2 */
@@ -2068,21 +2083,25 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_GetSizePrivateKeyType2 error of %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
key->prvSz = ctxSz; /* used when freeing private key */
key->pPrv = (IppsRSAPrivateKeyState*)XMALLOC(ctxSz, NULL,
DYNAMIC_TYPE_USER_CRYPTO);
if (key->pPrv == NULL)
return USER_CRYPTO_ERROR;
if (key->pPrv == NULL) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* length in bits of p and q factors */
ret = ippsRSA_InitPrivateKeyType2(qBitSz, qBitSz, key->pPrv, ctxSz);
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_InitPrivateKeyType2 error of %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* allocate scratch buffer */
@@ -2090,12 +2109,15 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_GetBufferSizePrivateKey error of %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
scratchBuffer = (Ipp8u*)XMALLOC(scratchSz, 0, DYNAMIC_TYPE_USER_CRYPTO);
if (scratchBuffer == NULL)
return USER_CRYPTO_ERROR;
if (scratchBuffer == NULL) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* set up initial value of pScrPublicExp */
leng = (int)sizeof(long); /* # of Ipp32u in long */
@@ -2105,31 +2127,41 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
eAry[i] = (e >> (8 * (leng - 1 - i))) & 0XFF;
}
ret = init_bn(&pSrcPublicExp, leng);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
ret = ippsSetOctString_BN(eAry, leng, pSrcPublicExp);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* initializing key->n */
ret = init_bn(&key->n, bytSz);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* initializing public exponent key->e */
ret = init_bn(&key->e, leng);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* private exponent key->dipp */
ret = init_bn(&key->dipp, bytSz);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* call IPP to generate keys, if inseficent entropy error call again
using for loop to avoid infinte loop */
for (i = 0; i < 5; i++) {
/* call IPP to generate keys, if inseficent entropy error call again */
ret = ippStsInsufficientEntropy;
while (ret == ippStsInsufficientEntropy) {
ret = ippsRSA_GenerateKeys(pSrcPublicExp, key->n, key->e,
key->dipp, key->pPrv, scratchBuffer, trys, pPrime,
wolfSSL_rng, rng);
@@ -2141,27 +2173,24 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
if (ret != ippStsInsufficientEntropy) {
USER_DEBUG(("ippsRSA_GeneratKeys error of %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
}
/* catch if still did not generate a good key */
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_GeneratKeys error of %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
}
/* get bn sizes needed for private key set up */
ret = ippsExtGet_BN(NULL, &key->eSz, NULL, key->e);
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsGetSize_BN error %s\n", ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
ret = ippsExtGet_BN(NULL, &key->nSz, NULL, key->n);
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsGetSize_BN error %s\n", ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* set up public key state */
@@ -2169,53 +2198,68 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_GetSizePublicKey error %s nSz = %d eSz = %d\n",
ippGetStatusString(ret), key->nSz, key->eSz));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
key->pPub = (IppsRSAPublicKeyState*)XMALLOC(ctxSz, NULL,
DYNAMIC_TYPE_USER_CRYPTO);
if (key->pPub == NULL)
return USER_CRYPTO_ERROR;
if (key->pPub == NULL) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
ret = ippsRSA_InitPublicKey(key->nSz, key->eSz, key->pPub, ctxSz);
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_InitPublicKey error %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
ret = ippsRSA_SetPublicKey(key->n, key->e, key->pPub);
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_SetPublicKey error %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* get private key information for key struct */
leng = size/16; /* size of q, p, u, dP, dQ */
ret = init_bn(&key->pipp, leng);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* set up q BN for key */
ret = init_bn(&key->qipp, leng);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* set up dP BN for key */
ret = init_bn(&key->dPipp, leng);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* set up dQ BN for key */
ret = init_bn(&key->dQipp, leng);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* set up u BN for key */
ret = init_bn(&key->uipp, leng);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
if (ret != ippStsNoErr) {
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
/* get values from created key */
ret = ippsRSA_GetPrivateKeyType2(key->pipp, key->qipp, key->dPipp,
@@ -2223,15 +2267,22 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
if (ret != ippStsNoErr) {
USER_DEBUG(("ippsRSA_GetPrivateKeyType2 error %s\n",
ippGetStatusString(ret)));
return USER_CRYPTO_ERROR;
ret = USER_CRYPTO_ERROR;
goto makeKeyEnd;
}
ret = 0; /* success case */
makeKeyEnd:
/* clean up memory used */
XFREE(pSrcPublicExp, NULL, DYNAMIC_TYPE_USER_CRYPTO);
XFREE(scratchBuffer, NULL, DYNAMIC_TYPE_USER_CRYPTO);
XFREE(pPrime, NULL, DYNAMIC_TYPE_USER_CRYPTO);
return 0;
if (ret != 0) { /* with fail case free RSA components created */
wc_FreeRsaKey(key);
}
return ret;
}
/********** duplicate code needed -- future refactor */