Details | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
8774 | rgimad | 1 | /* |
2 | * Public Key abstraction layer: wrapper functions |
||
3 | * |
||
4 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved |
||
5 | * SPDX-License-Identifier: GPL-2.0 |
||
6 | * |
||
7 | * This program is free software; you can redistribute it and/or modify |
||
8 | * it under the terms of the GNU General Public License as published by |
||
9 | * the Free Software Foundation; either version 2 of the License, or |
||
10 | * (at your option) any later version. |
||
11 | * |
||
12 | * This program is distributed in the hope that it will be useful, |
||
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
15 | * GNU General Public License for more details. |
||
16 | * |
||
17 | * You should have received a copy of the GNU General Public License along |
||
18 | * with this program; if not, write to the Free Software Foundation, Inc., |
||
19 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
||
20 | * |
||
21 | * This file is part of mbed TLS (https://tls.mbed.org) |
||
22 | */ |
||
23 | |||
24 | #if !defined(MBEDTLS_CONFIG_FILE) |
||
25 | #include "mbedtls/config.h" |
||
26 | #else |
||
27 | #include MBEDTLS_CONFIG_FILE |
||
28 | #endif |
||
29 | |||
30 | #if defined(MBEDTLS_PK_C) |
||
31 | #include "mbedtls/pk_internal.h" |
||
32 | |||
33 | /* Even if RSA not activated, for the sake of RSA-alt */ |
||
34 | #include "mbedtls/rsa.h" |
||
35 | |||
36 | #include |
||
37 | |||
38 | #if defined(MBEDTLS_ECP_C) |
||
39 | #include "mbedtls/ecp.h" |
||
40 | #endif |
||
41 | |||
42 | #if defined(MBEDTLS_ECDSA_C) |
||
43 | #include "mbedtls/ecdsa.h" |
||
44 | #endif |
||
45 | |||
46 | #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) |
||
47 | #include "mbedtls/platform_util.h" |
||
48 | #endif |
||
49 | |||
50 | #if defined(MBEDTLS_PLATFORM_C) |
||
51 | #include "mbedtls/platform.h" |
||
52 | #else |
||
53 | #include |
||
54 | #define mbedtls_calloc calloc |
||
55 | #define mbedtls_free free |
||
56 | #endif |
||
57 | |||
58 | #include |
||
59 | #include |
||
60 | |||
61 | #if defined(MBEDTLS_RSA_C) |
||
62 | static int rsa_can_do( mbedtls_pk_type_t type ) |
||
63 | { |
||
64 | return( type == MBEDTLS_PK_RSA || |
||
65 | type == MBEDTLS_PK_RSASSA_PSS ); |
||
66 | } |
||
67 | |||
68 | static size_t rsa_get_bitlen( const void *ctx ) |
||
69 | { |
||
70 | const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx; |
||
71 | return( 8 * mbedtls_rsa_get_len( rsa ) ); |
||
72 | } |
||
73 | |||
74 | static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
75 | const unsigned char *hash, size_t hash_len, |
||
76 | const unsigned char *sig, size_t sig_len ) |
||
77 | { |
||
78 | int ret; |
||
79 | mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; |
||
80 | size_t rsa_len = mbedtls_rsa_get_len( rsa ); |
||
81 | |||
82 | #if SIZE_MAX > UINT_MAX |
||
83 | if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) |
||
84 | return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |
||
85 | #endif /* SIZE_MAX > UINT_MAX */ |
||
86 | |||
87 | if( sig_len < rsa_len ) |
||
88 | return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); |
||
89 | |||
90 | if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL, |
||
91 | MBEDTLS_RSA_PUBLIC, md_alg, |
||
92 | (unsigned int) hash_len, hash, sig ) ) != 0 ) |
||
93 | return( ret ); |
||
94 | |||
95 | /* The buffer contains a valid signature followed by extra data. |
||
96 | * We have a special error code for that so that so that callers can |
||
97 | * use mbedtls_pk_verify() to check "Does the buffer start with a |
||
98 | * valid signature?" and not just "Does the buffer contain a valid |
||
99 | * signature?". */ |
||
100 | if( sig_len > rsa_len ) |
||
101 | return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); |
||
102 | |||
103 | return( 0 ); |
||
104 | } |
||
105 | |||
106 | static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
107 | const unsigned char *hash, size_t hash_len, |
||
108 | unsigned char *sig, size_t *sig_len, |
||
109 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
||
110 | { |
||
111 | mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; |
||
112 | |||
113 | #if SIZE_MAX > UINT_MAX |
||
114 | if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) |
||
115 | return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |
||
116 | #endif /* SIZE_MAX > UINT_MAX */ |
||
117 | |||
118 | *sig_len = mbedtls_rsa_get_len( rsa ); |
||
119 | |||
120 | return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, |
||
121 | md_alg, (unsigned int) hash_len, hash, sig ) ); |
||
122 | } |
||
123 | |||
124 | static int rsa_decrypt_wrap( void *ctx, |
||
125 | const unsigned char *input, size_t ilen, |
||
126 | unsigned char *output, size_t *olen, size_t osize, |
||
127 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
||
128 | { |
||
129 | mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; |
||
130 | |||
131 | if( ilen != mbedtls_rsa_get_len( rsa ) ) |
||
132 | return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); |
||
133 | |||
134 | return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng, |
||
135 | MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); |
||
136 | } |
||
137 | |||
138 | static int rsa_encrypt_wrap( void *ctx, |
||
139 | const unsigned char *input, size_t ilen, |
||
140 | unsigned char *output, size_t *olen, size_t osize, |
||
141 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
||
142 | { |
||
143 | mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; |
||
144 | *olen = mbedtls_rsa_get_len( rsa ); |
||
145 | |||
146 | if( *olen > osize ) |
||
147 | return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); |
||
148 | |||
149 | return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC, |
||
150 | ilen, input, output ) ); |
||
151 | } |
||
152 | |||
153 | static int rsa_check_pair_wrap( const void *pub, const void *prv ) |
||
154 | { |
||
155 | return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub, |
||
156 | (const mbedtls_rsa_context *) prv ) ); |
||
157 | } |
||
158 | |||
159 | static void *rsa_alloc_wrap( void ) |
||
160 | { |
||
161 | void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) ); |
||
162 | |||
163 | if( ctx != NULL ) |
||
164 | mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 ); |
||
165 | |||
166 | return( ctx ); |
||
167 | } |
||
168 | |||
169 | static void rsa_free_wrap( void *ctx ) |
||
170 | { |
||
171 | mbedtls_rsa_free( (mbedtls_rsa_context *) ctx ); |
||
172 | mbedtls_free( ctx ); |
||
173 | } |
||
174 | |||
175 | static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) |
||
176 | { |
||
177 | items->type = MBEDTLS_PK_DEBUG_MPI; |
||
178 | items->name = "rsa.N"; |
||
179 | items->value = &( ((mbedtls_rsa_context *) ctx)->N ); |
||
180 | |||
181 | items++; |
||
182 | |||
183 | items->type = MBEDTLS_PK_DEBUG_MPI; |
||
184 | items->name = "rsa.E"; |
||
185 | items->value = &( ((mbedtls_rsa_context *) ctx)->E ); |
||
186 | } |
||
187 | |||
188 | const mbedtls_pk_info_t mbedtls_rsa_info = { |
||
189 | MBEDTLS_PK_RSA, |
||
190 | "RSA", |
||
191 | rsa_get_bitlen, |
||
192 | rsa_can_do, |
||
193 | rsa_verify_wrap, |
||
194 | rsa_sign_wrap, |
||
195 | #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
||
196 | NULL, |
||
197 | NULL, |
||
198 | #endif |
||
199 | rsa_decrypt_wrap, |
||
200 | rsa_encrypt_wrap, |
||
201 | rsa_check_pair_wrap, |
||
202 | rsa_alloc_wrap, |
||
203 | rsa_free_wrap, |
||
204 | #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
||
205 | NULL, |
||
206 | NULL, |
||
207 | #endif |
||
208 | rsa_debug, |
||
209 | }; |
||
210 | #endif /* MBEDTLS_RSA_C */ |
||
211 | |||
212 | #if defined(MBEDTLS_ECP_C) |
||
213 | /* |
||
214 | * Generic EC key |
||
215 | */ |
||
216 | static int eckey_can_do( mbedtls_pk_type_t type ) |
||
217 | { |
||
218 | return( type == MBEDTLS_PK_ECKEY || |
||
219 | type == MBEDTLS_PK_ECKEY_DH || |
||
220 | type == MBEDTLS_PK_ECDSA ); |
||
221 | } |
||
222 | |||
223 | static size_t eckey_get_bitlen( const void *ctx ) |
||
224 | { |
||
225 | return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits ); |
||
226 | } |
||
227 | |||
228 | #if defined(MBEDTLS_ECDSA_C) |
||
229 | /* Forward declarations */ |
||
230 | static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
231 | const unsigned char *hash, size_t hash_len, |
||
232 | const unsigned char *sig, size_t sig_len ); |
||
233 | |||
234 | static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
235 | const unsigned char *hash, size_t hash_len, |
||
236 | unsigned char *sig, size_t *sig_len, |
||
237 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); |
||
238 | |||
239 | static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
240 | const unsigned char *hash, size_t hash_len, |
||
241 | const unsigned char *sig, size_t sig_len ) |
||
242 | { |
||
243 | int ret; |
||
244 | mbedtls_ecdsa_context ecdsa; |
||
245 | |||
246 | mbedtls_ecdsa_init( &ecdsa ); |
||
247 | |||
248 | if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) |
||
249 | ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len ); |
||
250 | |||
251 | mbedtls_ecdsa_free( &ecdsa ); |
||
252 | |||
253 | return( ret ); |
||
254 | } |
||
255 | |||
256 | static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
257 | const unsigned char *hash, size_t hash_len, |
||
258 | unsigned char *sig, size_t *sig_len, |
||
259 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
||
260 | { |
||
261 | int ret; |
||
262 | mbedtls_ecdsa_context ecdsa; |
||
263 | |||
264 | mbedtls_ecdsa_init( &ecdsa ); |
||
265 | |||
266 | if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) |
||
267 | ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, |
||
268 | f_rng, p_rng ); |
||
269 | |||
270 | mbedtls_ecdsa_free( &ecdsa ); |
||
271 | |||
272 | return( ret ); |
||
273 | } |
||
274 | |||
275 | #if defined(MBEDTLS_ECP_RESTARTABLE) |
||
276 | /* Forward declarations */ |
||
277 | static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
278 | const unsigned char *hash, size_t hash_len, |
||
279 | const unsigned char *sig, size_t sig_len, |
||
280 | void *rs_ctx ); |
||
281 | |||
282 | static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
283 | const unsigned char *hash, size_t hash_len, |
||
284 | unsigned char *sig, size_t *sig_len, |
||
285 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, |
||
286 | void *rs_ctx ); |
||
287 | |||
288 | /* |
||
289 | * Restart context for ECDSA operations with ECKEY context |
||
290 | * |
||
291 | * We need to store an actual ECDSA context, as we need to pass the same to |
||
292 | * the underlying ecdsa function, so we can't create it on the fly every time. |
||
293 | */ |
||
294 | typedef struct |
||
295 | { |
||
296 | mbedtls_ecdsa_restart_ctx ecdsa_rs; |
||
297 | mbedtls_ecdsa_context ecdsa_ctx; |
||
298 | } eckey_restart_ctx; |
||
299 | |||
300 | static void *eckey_rs_alloc( void ) |
||
301 | { |
||
302 | eckey_restart_ctx *rs_ctx; |
||
303 | |||
304 | void *ctx = mbedtls_calloc( 1, sizeof( eckey_restart_ctx ) ); |
||
305 | |||
306 | if( ctx != NULL ) |
||
307 | { |
||
308 | rs_ctx = ctx; |
||
309 | mbedtls_ecdsa_restart_init( &rs_ctx->ecdsa_rs ); |
||
310 | mbedtls_ecdsa_init( &rs_ctx->ecdsa_ctx ); |
||
311 | } |
||
312 | |||
313 | return( ctx ); |
||
314 | } |
||
315 | |||
316 | static void eckey_rs_free( void *ctx ) |
||
317 | { |
||
318 | eckey_restart_ctx *rs_ctx; |
||
319 | |||
320 | if( ctx == NULL) |
||
321 | return; |
||
322 | |||
323 | rs_ctx = ctx; |
||
324 | mbedtls_ecdsa_restart_free( &rs_ctx->ecdsa_rs ); |
||
325 | mbedtls_ecdsa_free( &rs_ctx->ecdsa_ctx ); |
||
326 | |||
327 | mbedtls_free( ctx ); |
||
328 | } |
||
329 | |||
330 | static int eckey_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
331 | const unsigned char *hash, size_t hash_len, |
||
332 | const unsigned char *sig, size_t sig_len, |
||
333 | void *rs_ctx ) |
||
334 | { |
||
335 | int ret; |
||
336 | eckey_restart_ctx *rs = rs_ctx; |
||
337 | |||
338 | /* Should never happen */ |
||
339 | if( rs == NULL ) |
||
340 | return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |
||
341 | |||
342 | /* set up our own sub-context if needed (that is, on first run) */ |
||
343 | if( rs->ecdsa_ctx.grp.pbits == 0 ) |
||
344 | MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); |
||
345 | |||
346 | MBEDTLS_MPI_CHK( ecdsa_verify_rs_wrap( &rs->ecdsa_ctx, |
||
347 | md_alg, hash, hash_len, |
||
348 | sig, sig_len, &rs->ecdsa_rs ) ); |
||
349 | |||
350 | cleanup: |
||
351 | return( ret ); |
||
352 | } |
||
353 | |||
354 | static int eckey_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
355 | const unsigned char *hash, size_t hash_len, |
||
356 | unsigned char *sig, size_t *sig_len, |
||
357 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, |
||
358 | void *rs_ctx ) |
||
359 | { |
||
360 | int ret; |
||
361 | eckey_restart_ctx *rs = rs_ctx; |
||
362 | |||
363 | /* Should never happen */ |
||
364 | if( rs == NULL ) |
||
365 | return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |
||
366 | |||
367 | /* set up our own sub-context if needed (that is, on first run) */ |
||
368 | if( rs->ecdsa_ctx.grp.pbits == 0 ) |
||
369 | MBEDTLS_MPI_CHK( mbedtls_ecdsa_from_keypair( &rs->ecdsa_ctx, ctx ) ); |
||
370 | |||
371 | MBEDTLS_MPI_CHK( ecdsa_sign_rs_wrap( &rs->ecdsa_ctx, md_alg, |
||
372 | hash, hash_len, sig, sig_len, |
||
373 | f_rng, p_rng, &rs->ecdsa_rs ) ); |
||
374 | |||
375 | cleanup: |
||
376 | return( ret ); |
||
377 | } |
||
378 | #endif /* MBEDTLS_ECP_RESTARTABLE */ |
||
379 | #endif /* MBEDTLS_ECDSA_C */ |
||
380 | |||
381 | static int eckey_check_pair( const void *pub, const void *prv ) |
||
382 | { |
||
383 | return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub, |
||
384 | (const mbedtls_ecp_keypair *) prv ) ); |
||
385 | } |
||
386 | |||
387 | static void *eckey_alloc_wrap( void ) |
||
388 | { |
||
389 | void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); |
||
390 | |||
391 | if( ctx != NULL ) |
||
392 | mbedtls_ecp_keypair_init( ctx ); |
||
393 | |||
394 | return( ctx ); |
||
395 | } |
||
396 | |||
397 | static void eckey_free_wrap( void *ctx ) |
||
398 | { |
||
399 | mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx ); |
||
400 | mbedtls_free( ctx ); |
||
401 | } |
||
402 | |||
403 | static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items ) |
||
404 | { |
||
405 | items->type = MBEDTLS_PK_DEBUG_ECP; |
||
406 | items->name = "eckey.Q"; |
||
407 | items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q ); |
||
408 | } |
||
409 | |||
410 | const mbedtls_pk_info_t mbedtls_eckey_info = { |
||
411 | MBEDTLS_PK_ECKEY, |
||
412 | "EC", |
||
413 | eckey_get_bitlen, |
||
414 | eckey_can_do, |
||
415 | #if defined(MBEDTLS_ECDSA_C) |
||
416 | eckey_verify_wrap, |
||
417 | eckey_sign_wrap, |
||
418 | #if defined(MBEDTLS_ECP_RESTARTABLE) |
||
419 | eckey_verify_rs_wrap, |
||
420 | eckey_sign_rs_wrap, |
||
421 | #endif |
||
422 | #else /* MBEDTLS_ECDSA_C */ |
||
423 | NULL, |
||
424 | NULL, |
||
425 | #endif /* MBEDTLS_ECDSA_C */ |
||
426 | NULL, |
||
427 | NULL, |
||
428 | eckey_check_pair, |
||
429 | eckey_alloc_wrap, |
||
430 | eckey_free_wrap, |
||
431 | #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
||
432 | eckey_rs_alloc, |
||
433 | eckey_rs_free, |
||
434 | #endif |
||
435 | eckey_debug, |
||
436 | }; |
||
437 | |||
438 | /* |
||
439 | * EC key restricted to ECDH |
||
440 | */ |
||
441 | static int eckeydh_can_do( mbedtls_pk_type_t type ) |
||
442 | { |
||
443 | return( type == MBEDTLS_PK_ECKEY || |
||
444 | type == MBEDTLS_PK_ECKEY_DH ); |
||
445 | } |
||
446 | |||
447 | const mbedtls_pk_info_t mbedtls_eckeydh_info = { |
||
448 | MBEDTLS_PK_ECKEY_DH, |
||
449 | "EC_DH", |
||
450 | eckey_get_bitlen, /* Same underlying key structure */ |
||
451 | eckeydh_can_do, |
||
452 | NULL, |
||
453 | NULL, |
||
454 | #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
||
455 | NULL, |
||
456 | NULL, |
||
457 | #endif |
||
458 | NULL, |
||
459 | NULL, |
||
460 | eckey_check_pair, |
||
461 | eckey_alloc_wrap, /* Same underlying key structure */ |
||
462 | eckey_free_wrap, /* Same underlying key structure */ |
||
463 | #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
||
464 | NULL, |
||
465 | NULL, |
||
466 | #endif |
||
467 | eckey_debug, /* Same underlying key structure */ |
||
468 | }; |
||
469 | #endif /* MBEDTLS_ECP_C */ |
||
470 | |||
471 | #if defined(MBEDTLS_ECDSA_C) |
||
472 | static int ecdsa_can_do( mbedtls_pk_type_t type ) |
||
473 | { |
||
474 | return( type == MBEDTLS_PK_ECDSA ); |
||
475 | } |
||
476 | |||
477 | static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
478 | const unsigned char *hash, size_t hash_len, |
||
479 | const unsigned char *sig, size_t sig_len ) |
||
480 | { |
||
481 | int ret; |
||
482 | ((void) md_alg); |
||
483 | |||
484 | ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, |
||
485 | hash, hash_len, sig, sig_len ); |
||
486 | |||
487 | if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) |
||
488 | return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); |
||
489 | |||
490 | return( ret ); |
||
491 | } |
||
492 | |||
493 | static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
494 | const unsigned char *hash, size_t hash_len, |
||
495 | unsigned char *sig, size_t *sig_len, |
||
496 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
||
497 | { |
||
498 | return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx, |
||
499 | md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); |
||
500 | } |
||
501 | |||
502 | #if defined(MBEDTLS_ECP_RESTARTABLE) |
||
503 | static int ecdsa_verify_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
504 | const unsigned char *hash, size_t hash_len, |
||
505 | const unsigned char *sig, size_t sig_len, |
||
506 | void *rs_ctx ) |
||
507 | { |
||
508 | int ret; |
||
509 | ((void) md_alg); |
||
510 | |||
511 | ret = mbedtls_ecdsa_read_signature_restartable( |
||
512 | (mbedtls_ecdsa_context *) ctx, |
||
513 | hash, hash_len, sig, sig_len, |
||
514 | (mbedtls_ecdsa_restart_ctx *) rs_ctx ); |
||
515 | |||
516 | if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) |
||
517 | return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); |
||
518 | |||
519 | return( ret ); |
||
520 | } |
||
521 | |||
522 | static int ecdsa_sign_rs_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
523 | const unsigned char *hash, size_t hash_len, |
||
524 | unsigned char *sig, size_t *sig_len, |
||
525 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, |
||
526 | void *rs_ctx ) |
||
527 | { |
||
528 | return( mbedtls_ecdsa_write_signature_restartable( |
||
529 | (mbedtls_ecdsa_context *) ctx, |
||
530 | md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng, |
||
531 | (mbedtls_ecdsa_restart_ctx *) rs_ctx ) ); |
||
532 | |||
533 | } |
||
534 | #endif /* MBEDTLS_ECP_RESTARTABLE */ |
||
535 | |||
536 | static void *ecdsa_alloc_wrap( void ) |
||
537 | { |
||
538 | void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) ); |
||
539 | |||
540 | if( ctx != NULL ) |
||
541 | mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx ); |
||
542 | |||
543 | return( ctx ); |
||
544 | } |
||
545 | |||
546 | static void ecdsa_free_wrap( void *ctx ) |
||
547 | { |
||
548 | mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx ); |
||
549 | mbedtls_free( ctx ); |
||
550 | } |
||
551 | |||
552 | #if defined(MBEDTLS_ECP_RESTARTABLE) |
||
553 | static void *ecdsa_rs_alloc( void ) |
||
554 | { |
||
555 | void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) ); |
||
556 | |||
557 | if( ctx != NULL ) |
||
558 | mbedtls_ecdsa_restart_init( ctx ); |
||
559 | |||
560 | return( ctx ); |
||
561 | } |
||
562 | |||
563 | static void ecdsa_rs_free( void *ctx ) |
||
564 | { |
||
565 | mbedtls_ecdsa_restart_free( ctx ); |
||
566 | mbedtls_free( ctx ); |
||
567 | } |
||
568 | #endif /* MBEDTLS_ECP_RESTARTABLE */ |
||
569 | |||
570 | const mbedtls_pk_info_t mbedtls_ecdsa_info = { |
||
571 | MBEDTLS_PK_ECDSA, |
||
572 | "ECDSA", |
||
573 | eckey_get_bitlen, /* Compatible key structures */ |
||
574 | ecdsa_can_do, |
||
575 | ecdsa_verify_wrap, |
||
576 | ecdsa_sign_wrap, |
||
577 | #if defined(MBEDTLS_ECP_RESTARTABLE) |
||
578 | ecdsa_verify_rs_wrap, |
||
579 | ecdsa_sign_rs_wrap, |
||
580 | #endif |
||
581 | NULL, |
||
582 | NULL, |
||
583 | eckey_check_pair, /* Compatible key structures */ |
||
584 | ecdsa_alloc_wrap, |
||
585 | ecdsa_free_wrap, |
||
586 | #if defined(MBEDTLS_ECP_RESTARTABLE) |
||
587 | ecdsa_rs_alloc, |
||
588 | ecdsa_rs_free, |
||
589 | #endif |
||
590 | eckey_debug, /* Compatible key structures */ |
||
591 | }; |
||
592 | #endif /* MBEDTLS_ECDSA_C */ |
||
593 | |||
594 | #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) |
||
595 | /* |
||
596 | * Support for alternative RSA-private implementations |
||
597 | */ |
||
598 | |||
599 | static int rsa_alt_can_do( mbedtls_pk_type_t type ) |
||
600 | { |
||
601 | return( type == MBEDTLS_PK_RSA ); |
||
602 | } |
||
603 | |||
604 | static size_t rsa_alt_get_bitlen( const void *ctx ) |
||
605 | { |
||
606 | const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; |
||
607 | |||
608 | return( 8 * rsa_alt->key_len_func( rsa_alt->key ) ); |
||
609 | } |
||
610 | |||
611 | static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, |
||
612 | const unsigned char *hash, size_t hash_len, |
||
613 | unsigned char *sig, size_t *sig_len, |
||
614 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
||
615 | { |
||
616 | mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; |
||
617 | |||
618 | #if SIZE_MAX > UINT_MAX |
||
619 | if( UINT_MAX < hash_len ) |
||
620 | return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); |
||
621 | #endif /* SIZE_MAX > UINT_MAX */ |
||
622 | |||
623 | *sig_len = rsa_alt->key_len_func( rsa_alt->key ); |
||
624 | |||
625 | return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, |
||
626 | md_alg, (unsigned int) hash_len, hash, sig ) ); |
||
627 | } |
||
628 | |||
629 | static int rsa_alt_decrypt_wrap( void *ctx, |
||
630 | const unsigned char *input, size_t ilen, |
||
631 | unsigned char *output, size_t *olen, size_t osize, |
||
632 | int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) |
||
633 | { |
||
634 | mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; |
||
635 | |||
636 | ((void) f_rng); |
||
637 | ((void) p_rng); |
||
638 | |||
639 | if( ilen != rsa_alt->key_len_func( rsa_alt->key ) ) |
||
640 | return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); |
||
641 | |||
642 | return( rsa_alt->decrypt_func( rsa_alt->key, |
||
643 | MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); |
||
644 | } |
||
645 | |||
646 | #if defined(MBEDTLS_RSA_C) |
||
647 | static int rsa_alt_check_pair( const void *pub, const void *prv ) |
||
648 | { |
||
649 | unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; |
||
650 | unsigned char hash[32]; |
||
651 | size_t sig_len = 0; |
||
652 | int ret; |
||
653 | |||
654 | if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) |
||
655 | return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); |
||
656 | |||
657 | memset( hash, 0x2a, sizeof( hash ) ); |
||
658 | |||
659 | if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, |
||
660 | hash, sizeof( hash ), |
||
661 | sig, &sig_len, NULL, NULL ) ) != 0 ) |
||
662 | { |
||
663 | return( ret ); |
||
664 | } |
||
665 | |||
666 | if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE, |
||
667 | hash, sizeof( hash ), sig, sig_len ) != 0 ) |
||
668 | { |
||
669 | return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); |
||
670 | } |
||
671 | |||
672 | return( 0 ); |
||
673 | } |
||
674 | #endif /* MBEDTLS_RSA_C */ |
||
675 | |||
676 | static void *rsa_alt_alloc_wrap( void ) |
||
677 | { |
||
678 | void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) ); |
||
679 | |||
680 | if( ctx != NULL ) |
||
681 | memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); |
||
682 | |||
683 | return( ctx ); |
||
684 | } |
||
685 | |||
686 | static void rsa_alt_free_wrap( void *ctx ) |
||
687 | { |
||
688 | mbedtls_platform_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) ); |
||
689 | mbedtls_free( ctx ); |
||
690 | } |
||
691 | |||
692 | const mbedtls_pk_info_t mbedtls_rsa_alt_info = { |
||
693 | MBEDTLS_PK_RSA_ALT, |
||
694 | "RSA-alt", |
||
695 | rsa_alt_get_bitlen, |
||
696 | rsa_alt_can_do, |
||
697 | NULL, |
||
698 | rsa_alt_sign_wrap, |
||
699 | #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
||
700 | NULL, |
||
701 | NULL, |
||
702 | #endif |
||
703 | rsa_alt_decrypt_wrap, |
||
704 | NULL, |
||
705 | #if defined(MBEDTLS_RSA_C) |
||
706 | rsa_alt_check_pair, |
||
707 | #else |
||
708 | NULL, |
||
709 | #endif |
||
710 | rsa_alt_alloc_wrap, |
||
711 | rsa_alt_free_wrap, |
||
712 | #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE) |
||
713 | NULL, |
||
714 | NULL, |
||
715 | #endif |
||
716 | NULL, |
||
717 | }; |
||
718 | |||
719 | #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ |
||
720 | |||
721 | #endif /* MBEDTLS_PK_C */>>>> |