TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c71b7eb0e7b9a0ecfe16a418c4c9735af230259f / . / library / pk_wrap.c
blob: ceaaad1100c28831637b37d8e526aa853a36fdb6 [file] [log] [blame]
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]1/*
2 * Public Key abstraction layer: wrapper functions
3 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]4 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]5 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]6 * This file is part of mbed TLS (https://tls.mbed.org)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]7 *
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]23#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]24#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]25#else
26#include POLARSSL_CONFIG_FILE
27#endif
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]28
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +0200[diff] [blame]29#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]30#include "polarssl/pk_wrap.h"
31
Manuel Pégourié-Gonnarde511ffc2013-08-22 17:33:21 +0200[diff] [blame]32/* Even if RSA not activated, for the sake of RSA-alt */
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]33#include "polarssl/rsa.h"
Andres AGc71b7eb2017-01-19 11:24:33 +0000[diff] [blame^]34#include "polarssl/bignum.h"
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]35
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]36#include <string.h>
37
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]38#if defined(POLARSSL_ECP_C)
39#include "polarssl/ecp.h"
40#endif
41
42#if defined(POLARSSL_ECDSA_C)
43#include "polarssl/ecdsa.h"
44#endif
45
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]46#if defined(POLARSSL_PLATFORM_C)
47#include "polarssl/platform.h"
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]48#else
49#include <stdlib.h>
50#define polarssl_malloc malloc
51#define polarssl_free free
52#endif
53
Andres AGc71b7eb2017-01-19 11:24:33 +0000[diff] [blame^]54#include <limits.h>
55
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]56/* Implementation that should never be optimized out by the compiler */
57static void polarssl_zeroize( void *v, size_t n ) {
58 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
59}
60
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]61#if defined(POLARSSL_RSA_C)
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]62static int rsa_can_do( pk_type_t type )
63{
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]64 return( type == POLARSSL_PK_RSA ||
65 type == POLARSSL_PK_RSASSA_PSS );
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]66}
67
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]68static size_t rsa_get_size( const void *ctx )
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]69{
Paul Bakker8fc30b12013-11-25 13:29:43 +0100[diff] [blame]70 return( 8 * ((const rsa_context *) ctx)->len );
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]71}
72
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]73static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
74 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]75 const unsigned char *sig, size_t sig_len )
76{
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]77 int ret;
78
Andres AGc71b7eb2017-01-19 11:24:33 +0000[diff] [blame^]79#if defined(POLARSSL_HAVE_INT64)
80 if( md_alg == POLARSSL_MD_NONE && UINT_MAX < hash_len )
81 return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
82#endif /* POLARSSL_HAVE_INT64 */
83
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]84 if( sig_len < ((rsa_context *) ctx)->len )
Manuel Pégourié-Gonnardac4cd362013-08-14 20:20:41 +0200[diff] [blame]85 return( POLARSSL_ERR_RSA_VERIFY_FAILED );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]86
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]87 if( ( ret = rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL,
88 RSA_PUBLIC, md_alg,
89 (unsigned int) hash_len, hash, sig ) ) != 0 )
90 return( ret );
91
92 if( sig_len > ((rsa_context *) ctx)->len )
93 return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
94
95 return( 0 );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]96}
97
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]98static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
99 const unsigned char *hash, size_t hash_len,
100 unsigned char *sig, size_t *sig_len,
101 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
102{
Andres AGc71b7eb2017-01-19 11:24:33 +0000[diff] [blame^]103#if defined(POLARSSL_HAVE_INT64)
104 if( md_alg == POLARSSL_MD_NONE && UINT_MAX < hash_len )
105 return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
106#endif /* POLARSSL_HAVE_INT64 */
107
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]108 *sig_len = ((rsa_context *) ctx)->len;
109
110 return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]111 md_alg, (unsigned int) hash_len, hash, sig ) );
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]112}
113
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]114static int rsa_decrypt_wrap( void *ctx,
115 const unsigned char *input, size_t ilen,
116 unsigned char *output, size_t *olen, size_t osize,
117 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
118{
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]119 if( ilen != ((rsa_context *) ctx)->len )
120 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
121
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]122 return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]123 RSA_PRIVATE, olen, input, output, osize ) );
124}
125
126static int rsa_encrypt_wrap( void *ctx,
127 const unsigned char *input, size_t ilen,
128 unsigned char *output, size_t *olen, size_t osize,
129 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
130{
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]131 *olen = ((rsa_context *) ctx)->len;
132
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]133 if( *olen > osize )
134 return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
135
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]136 return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
137 f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
138}
139
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]140static int rsa_check_pair_wrap( const void *pub, const void *prv )
141{
142 return( rsa_check_pub_priv( (const rsa_context *) pub,
143 (const rsa_context *) prv ) );
144}
145
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]146static void *rsa_alloc_wrap( void )
147{
148 void *ctx = polarssl_malloc( sizeof( rsa_context ) );
149
150 if( ctx != NULL )
151 rsa_init( (rsa_context *) ctx, 0, 0 );
152
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]153 return( ctx );
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]154}
155
156static void rsa_free_wrap( void *ctx )
157{
158 rsa_free( (rsa_context *) ctx );
159 polarssl_free( ctx );
160}
161
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]162static void rsa_debug( const void *ctx, pk_debug_item *items )
163{
164 items->type = POLARSSL_PK_DEBUG_MPI;
165 items->name = "rsa.N";
166 items->value = &( ((rsa_context *) ctx)->N );
167
168 items++;
169
170 items->type = POLARSSL_PK_DEBUG_MPI;
171 items->name = "rsa.E";
172 items->value = &( ((rsa_context *) ctx)->E );
173}
174
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]175const pk_info_t rsa_info = {
176 POLARSSL_PK_RSA,
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]177 "RSA",
178 rsa_get_size,
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]179 rsa_can_do,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]180 rsa_verify_wrap,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]181 rsa_sign_wrap,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]182 rsa_decrypt_wrap,
183 rsa_encrypt_wrap,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]184 rsa_check_pair_wrap,
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]185 rsa_alloc_wrap,
186 rsa_free_wrap,
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]187 rsa_debug,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]188};
189#endif /* POLARSSL_RSA_C */
190
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]191#if defined(POLARSSL_ECP_C)
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]192/*
193 * Generic EC key
194 */
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]195static int eckey_can_do( pk_type_t type )
196{
197 return( type == POLARSSL_PK_ECKEY ||
198 type == POLARSSL_PK_ECKEY_DH ||
199 type == POLARSSL_PK_ECDSA );
200}
201
Manuel Pégourié-Gonnardb3d91872013-08-14 15:56:19 +0200[diff] [blame]202static size_t eckey_get_size( const void *ctx )
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]203{
204 return( ((ecp_keypair *) ctx)->grp.pbits );
205}
206
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]207#if defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]208/* Forward declarations */
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]209static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
210 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]211 const unsigned char *sig, size_t sig_len );
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]212
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]213static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
214 const unsigned char *hash, size_t hash_len,
215 unsigned char *sig, size_t *sig_len,
216 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
217
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]218static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
219 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]220 const unsigned char *sig, size_t sig_len )
221{
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]222 int ret;
223 ecdsa_context ecdsa;
224
225 ecdsa_init( &ecdsa );
226
Manuel Pégourié-Gonnard583b6082013-08-20 16:58:13 +0200[diff] [blame]227 if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
228 ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]229
230 ecdsa_free( &ecdsa );
231
232 return( ret );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]233}
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]234
235static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
236 const unsigned char *hash, size_t hash_len,
237 unsigned char *sig, size_t *sig_len,
238 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
239{
240 int ret;
241 ecdsa_context ecdsa;
242
243 ecdsa_init( &ecdsa );
244
245 if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
246 ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
247 f_rng, p_rng );
248
249 ecdsa_free( &ecdsa );
250
251 return( ret );
252}
253
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]254#endif /* POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]255
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]256static int eckey_check_pair( const void *pub, const void *prv )
257{
258 return( ecp_check_pub_priv( (const ecp_keypair *) pub,
259 (const ecp_keypair *) prv ) );
260}
261
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]262static void *eckey_alloc_wrap( void )
263{
264 void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
265
266 if( ctx != NULL )
267 ecp_keypair_init( ctx );
268
269 return( ctx );
270}
271
272static void eckey_free_wrap( void *ctx )
273{
274 ecp_keypair_free( (ecp_keypair *) ctx );
275 polarssl_free( ctx );
276}
277
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]278static void eckey_debug( const void *ctx, pk_debug_item *items )
279{
280 items->type = POLARSSL_PK_DEBUG_ECP;
281 items->name = "eckey.Q";
282 items->value = &( ((ecp_keypair *) ctx)->Q );
283}
284
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]285const pk_info_t eckey_info = {
286 POLARSSL_PK_ECKEY,
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]287 "EC",
288 eckey_get_size,
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]289 eckey_can_do,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]290#if defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]291 eckey_verify_wrap,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]292 eckey_sign_wrap,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]293#else
294 NULL,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]295 NULL,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]296#endif
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]297 NULL,
298 NULL,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]299 eckey_check_pair,
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]300 eckey_alloc_wrap,
301 eckey_free_wrap,
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]302 eckey_debug,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]303};
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]304
305/*
Paul Bakker75342a62014-04-08 17:35:40 +0200[diff] [blame]306 * EC key restricted to ECDH
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]307 */
308static int eckeydh_can_do( pk_type_t type )
309{
310 return( type == POLARSSL_PK_ECKEY ||
311 type == POLARSSL_PK_ECKEY_DH );
312}
313
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]314const pk_info_t eckeydh_info = {
315 POLARSSL_PK_ECKEY_DH,
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]316 "EC_DH",
317 eckey_get_size, /* Same underlying key structure */
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]318 eckeydh_can_do,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]319 NULL,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]320 NULL,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]321 NULL,
322 NULL,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]323 eckey_check_pair,
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]324 eckey_alloc_wrap, /* Same underlying key structure */
325 eckey_free_wrap, /* Same underlying key structure */
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]326 eckey_debug, /* Same underlying key structure */
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]327};
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]328#endif /* POLARSSL_ECP_C */
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]329
330#if defined(POLARSSL_ECDSA_C)
331static int ecdsa_can_do( pk_type_t type )
332{
333 return( type == POLARSSL_PK_ECDSA );
334}
335
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]336static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
337 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]338 const unsigned char *sig, size_t sig_len )
339{
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]340 int ret;
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]341 ((void) md_alg);
342
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]343 ret = ecdsa_read_signature( (ecdsa_context *) ctx,
344 hash, hash_len, sig, sig_len );
345
346 if( ret == POLARSSL_ERR_ECP_SIG_LEN_MISMATCH )
347 return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
348
349 return( ret );
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]350}
351
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]352static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
353 const unsigned char *hash, size_t hash_len,
354 unsigned char *sig, size_t *sig_len,
355 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
356{
Manuel Pégourié-Gonnard65ad3e42014-01-06 16:57:24 +0100[diff] [blame]357 /* Use deterministic ECDSA by default if available */
358#if defined(POLARSSL_ECDSA_DETERMINISTIC)
359 ((void) f_rng);
360 ((void) p_rng);
361
362 return( ecdsa_write_signature_det( (ecdsa_context *) ctx,
363 hash, hash_len, sig, sig_len, md_alg ) );
364#else
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]365 ((void) md_alg);
366
367 return( ecdsa_write_signature( (ecdsa_context *) ctx,
368 hash, hash_len, sig, sig_len, f_rng, p_rng ) );
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]369#endif /* POLARSSL_ECDSA_DETERMINISTIC */
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]370}
371
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]372static void *ecdsa_alloc_wrap( void )
373{
374 void *ctx = polarssl_malloc( sizeof( ecdsa_context ) );
375
376 if( ctx != NULL )
377 ecdsa_init( (ecdsa_context *) ctx );
378
379 return( ctx );
380}
381
382static void ecdsa_free_wrap( void *ctx )
383{
384 ecdsa_free( (ecdsa_context *) ctx );
385 polarssl_free( ctx );
386}
387
388const pk_info_t ecdsa_info = {
389 POLARSSL_PK_ECDSA,
390 "ECDSA",
391 eckey_get_size, /* Compatible key structures */
392 ecdsa_can_do,
393 ecdsa_verify_wrap,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]394 ecdsa_sign_wrap,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]395 NULL,
396 NULL,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]397 eckey_check_pair, /* Compatible key structures */
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]398 ecdsa_alloc_wrap,
399 ecdsa_free_wrap,
400 eckey_debug, /* Compatible key structures */
401};
402#endif /* POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]403
404/*
405 * Support for alternative RSA-private implementations
406 */
407
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]408static int rsa_alt_can_do( pk_type_t type )
409{
410 return( type == POLARSSL_PK_RSA );
411}
412
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]413static size_t rsa_alt_get_size( const void *ctx )
414{
Paul Bakker8fc30b12013-11-25 13:29:43 +0100[diff] [blame]415 const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx;
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]416
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]417 return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]418}
419
420static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
421 const unsigned char *hash, size_t hash_len,
422 unsigned char *sig, size_t *sig_len,
423 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
424{
425 rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
426
Andres AGc71b7eb2017-01-19 11:24:33 +0000[diff] [blame^]427#if defined(POLARSSL_HAVE_INT64)
428 if( UINT_MAX < hash_len )
429 return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
430#endif /* POLARSSL_HAVE_INT64 */
431
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]432 *sig_len = rsa_alt->key_len_func( rsa_alt->key );
433
434 return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]435 md_alg, (unsigned int) hash_len, hash, sig ) );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]436}
437
438static int rsa_alt_decrypt_wrap( void *ctx,
439 const unsigned char *input, size_t ilen,
440 unsigned char *output, size_t *olen, size_t osize,
441 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
442{
443 rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
444
445 ((void) f_rng);
446 ((void) p_rng);
447
448 if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
449 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
450
451 return( rsa_alt->decrypt_func( rsa_alt->key,
452 RSA_PRIVATE, olen, input, output, osize ) );
453}
454
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]455#if defined(POLARSSL_RSA_C)
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]456static int rsa_alt_check_pair( const void *pub, const void *prv )
457{
458 unsigned char sig[POLARSSL_MPI_MAX_SIZE];
459 unsigned char hash[32];
460 size_t sig_len = 0;
461 int ret;
462
463 if( rsa_alt_get_size( prv ) != rsa_get_size( pub ) )
464 return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
465
466 memset( hash, 0x2a, sizeof( hash ) );
467
468 if( ( ret = rsa_alt_sign_wrap( (void *) prv, POLARSSL_MD_NONE,
469 hash, sizeof( hash ),
470 sig, &sig_len, NULL, NULL ) ) != 0 )
471 {
472 return( ret );
473 }
474
475 if( rsa_verify_wrap( (void *) pub, POLARSSL_MD_NONE,
476 hash, sizeof( hash ), sig, sig_len ) != 0 )
477 {
478 return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
479 }
480
481 return( 0 );
482}
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]483#endif /* POLARSSL_RSA_C */
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]484
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]485static void *rsa_alt_alloc_wrap( void )
486{
487 void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
488
489 if( ctx != NULL )
490 memset( ctx, 0, sizeof( rsa_alt_context ) );
491
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]492 return( ctx );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]493}
494
495static void rsa_alt_free_wrap( void *ctx )
496{
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]497 polarssl_zeroize( ctx, sizeof( rsa_alt_context ) );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]498 polarssl_free( ctx );
499}
500
501const pk_info_t rsa_alt_info = {
502 POLARSSL_PK_RSA_ALT,
503 "RSA-alt",
504 rsa_alt_get_size,
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]505 rsa_alt_can_do,
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]506 NULL,
507 rsa_alt_sign_wrap,
508 rsa_alt_decrypt_wrap,
509 NULL,
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]510#if defined(POLARSSL_RSA_C)
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]511 rsa_alt_check_pair,
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]512#else
513 NULL,
514#endif
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]515 rsa_alt_alloc_wrap,
516 rsa_alt_free_wrap,
517 NULL,
518};
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +0200[diff] [blame]519
520#endif /* POLARSSL_PK_C */