BA
/
SerialCom
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
OmniWheels
by 
Gustav Atmel
Embed:
(wiki syntax)
Show/hide line numbers
pk_wrap.c
00001 /* 00002 * Public Key abstraction layer: wrapper functions 00003 * 00004 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00005 * SPDX-License-Identifier: Apache-2.0 00006 * 00007 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00008 * not use this file except in compliance with the License. 00009 * You may obtain a copy of the License at 00010 * 00011 * http://www.apache.org/licenses/LICENSE-2.0 00012 * 00013 * Unless required by applicable law or agreed to in writing, software 00014 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00015 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00016 * See the License for the specific language governing permissions and 00017 * limitations under the License. 00018 * 00019 * This file is part of mbed TLS (https://tls.mbed.org) 00020 */ 00021 00022 #if !defined(MBEDTLS_CONFIG_FILE) 00023 #include "mbedtls/config.h" 00024 #else 00025 #include MBEDTLS_CONFIG_FILE 00026 #endif 00027 00028 #if defined(MBEDTLS_PK_C) 00029 #include "mbedtls/pk_internal.h" 00030 00031 /* Even if RSA not activated, for the sake of RSA-alt */ 00032 #include "mbedtls/rsa.h" 00033 00034 #include <string.h> 00035 00036 #if defined(MBEDTLS_ECP_C) 00037 #include "mbedtls/ecp.h" 00038 #endif 00039 00040 #if defined(MBEDTLS_ECDSA_C) 00041 #include "mbedtls/ecdsa.h" 00042 #endif 00043 00044 #if defined(MBEDTLS_PLATFORM_C) 00045 #include "mbedtls/platform.h" 00046 #else 00047 #include <stdlib.h> 00048 #define mbedtls_calloc calloc 00049 #define mbedtls_free free 00050 #endif 00051 00052 #include <limits.h> 00053 #include <stdint.h> 00054 00055 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00056 /* Implementation that should never be optimized out by the compiler */ 00057 static void mbedtls_zeroize( void *v, size_t n ) { 00058 volatile unsigned char *p = v; while( n-- ) *p++ = 0; 00059 } 00060 #endif 00061 00062 #if defined(MBEDTLS_RSA_C) 00063 static int rsa_can_do( mbedtls_pk_type_t type ) 00064 { 00065 return( type == MBEDTLS_PK_RSA || 00066 type == MBEDTLS_PK_RSASSA_PSS ); 00067 } 00068 00069 static size_t rsa_get_bitlen( const void *ctx ) 00070 { 00071 const mbedtls_rsa_context * rsa = (const mbedtls_rsa_context *) ctx; 00072 return( 8 * mbedtls_rsa_get_len( rsa ) ); 00073 } 00074 00075 static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00076 const unsigned char *hash, size_t hash_len, 00077 const unsigned char *sig, size_t sig_len ) 00078 { 00079 int ret; 00080 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; 00081 size_t rsa_len = mbedtls_rsa_get_len( rsa ); 00082 00083 #if SIZE_MAX > UINT_MAX 00084 if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) 00085 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); 00086 #endif /* SIZE_MAX > UINT_MAX */ 00087 00088 if( sig_len < rsa_len ) 00089 return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); 00090 00091 if( ( ret = mbedtls_rsa_pkcs1_verify( rsa, NULL, NULL, 00092 MBEDTLS_RSA_PUBLIC, md_alg, 00093 (unsigned int) hash_len, hash, sig ) ) != 0 ) 00094 return( ret ); 00095 00096 if( sig_len > rsa_len ) 00097 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); 00098 00099 return( 0 ); 00100 } 00101 00102 static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00103 const unsigned char *hash, size_t hash_len, 00104 unsigned char *sig, size_t *sig_len, 00105 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00106 { 00107 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; 00108 00109 #if SIZE_MAX > UINT_MAX 00110 if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) 00111 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); 00112 #endif /* SIZE_MAX > UINT_MAX */ 00113 00114 *sig_len = mbedtls_rsa_get_len( rsa ); 00115 00116 return( mbedtls_rsa_pkcs1_sign( rsa, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, 00117 md_alg, (unsigned int) hash_len, hash, sig ) ); 00118 } 00119 00120 static int rsa_decrypt_wrap( void *ctx, 00121 const unsigned char *input, size_t ilen, 00122 unsigned char *output, size_t *olen, size_t osize, 00123 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00124 { 00125 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; 00126 00127 if( ilen != mbedtls_rsa_get_len( rsa ) ) 00128 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); 00129 00130 return( mbedtls_rsa_pkcs1_decrypt( rsa, f_rng, p_rng, 00131 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); 00132 } 00133 00134 static int rsa_encrypt_wrap( void *ctx, 00135 const unsigned char *input, size_t ilen, 00136 unsigned char *output, size_t *olen, size_t osize, 00137 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00138 { 00139 mbedtls_rsa_context * rsa = (mbedtls_rsa_context *) ctx; 00140 *olen = mbedtls_rsa_get_len( rsa ); 00141 00142 if( *olen > osize ) 00143 return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); 00144 00145 return( mbedtls_rsa_pkcs1_encrypt( rsa, f_rng, p_rng, MBEDTLS_RSA_PUBLIC, 00146 ilen, input, output ) ); 00147 } 00148 00149 static int rsa_check_pair_wrap( const void *pub, const void *prv ) 00150 { 00151 return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub, 00152 (const mbedtls_rsa_context *) prv ) ); 00153 } 00154 00155 static void *rsa_alloc_wrap( void ) 00156 { 00157 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) ); 00158 00159 if( ctx != NULL ) 00160 mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 ); 00161 00162 return( ctx ); 00163 } 00164 00165 static void rsa_free_wrap( void *ctx ) 00166 { 00167 mbedtls_rsa_free( (mbedtls_rsa_context *) ctx ); 00168 mbedtls_free( ctx ); 00169 } 00170 00171 static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) 00172 { 00173 items->type = MBEDTLS_PK_DEBUG_MPI; 00174 items->name = "rsa.N"; 00175 items->value = &( ((mbedtls_rsa_context *) ctx)->N ); 00176 00177 items++; 00178 00179 items->type = MBEDTLS_PK_DEBUG_MPI; 00180 items->name = "rsa.E"; 00181 items->value = &( ((mbedtls_rsa_context *) ctx)->E ); 00182 } 00183 00184 const mbedtls_pk_info_t mbedtls_rsa_info = { 00185 MBEDTLS_PK_RSA, 00186 "RSA", 00187 rsa_get_bitlen, 00188 rsa_can_do, 00189 rsa_verify_wrap, 00190 rsa_sign_wrap, 00191 rsa_decrypt_wrap, 00192 rsa_encrypt_wrap, 00193 rsa_check_pair_wrap, 00194 rsa_alloc_wrap, 00195 rsa_free_wrap, 00196 rsa_debug, 00197 }; 00198 #endif /* MBEDTLS_RSA_C */ 00199 00200 #if defined(MBEDTLS_ECP_C) 00201 /* 00202 * Generic EC key 00203 */ 00204 static int eckey_can_do( mbedtls_pk_type_t type ) 00205 { 00206 return( type == MBEDTLS_PK_ECKEY || 00207 type == MBEDTLS_PK_ECKEY_DH || 00208 type == MBEDTLS_PK_ECDSA ); 00209 } 00210 00211 static size_t eckey_get_bitlen( const void *ctx ) 00212 { 00213 return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits ); 00214 } 00215 00216 #if defined(MBEDTLS_ECDSA_C) 00217 /* Forward declarations */ 00218 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00219 const unsigned char *hash, size_t hash_len, 00220 const unsigned char *sig, size_t sig_len ); 00221 00222 static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00223 const unsigned char *hash, size_t hash_len, 00224 unsigned char *sig, size_t *sig_len, 00225 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00226 00227 static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00228 const unsigned char *hash, size_t hash_len, 00229 const unsigned char *sig, size_t sig_len ) 00230 { 00231 int ret; 00232 mbedtls_ecdsa_context ecdsa; 00233 00234 mbedtls_ecdsa_init( &ecdsa ); 00235 00236 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) 00237 ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len ); 00238 00239 mbedtls_ecdsa_free( &ecdsa ); 00240 00241 return( ret ); 00242 } 00243 00244 static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00245 const unsigned char *hash, size_t hash_len, 00246 unsigned char *sig, size_t *sig_len, 00247 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00248 { 00249 int ret; 00250 mbedtls_ecdsa_context ecdsa; 00251 00252 mbedtls_ecdsa_init( &ecdsa ); 00253 00254 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) 00255 ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, 00256 f_rng, p_rng ); 00257 00258 mbedtls_ecdsa_free( &ecdsa ); 00259 00260 return( ret ); 00261 } 00262 00263 #endif /* MBEDTLS_ECDSA_C */ 00264 00265 static int eckey_check_pair( const void *pub, const void *prv ) 00266 { 00267 return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub, 00268 (const mbedtls_ecp_keypair *) prv ) ); 00269 } 00270 00271 static void *eckey_alloc_wrap( void ) 00272 { 00273 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); 00274 00275 if( ctx != NULL ) 00276 mbedtls_ecp_keypair_init( ctx ); 00277 00278 return( ctx ); 00279 } 00280 00281 static void eckey_free_wrap( void *ctx ) 00282 { 00283 mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx ); 00284 mbedtls_free( ctx ); 00285 } 00286 00287 static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items ) 00288 { 00289 items->type = MBEDTLS_PK_DEBUG_ECP; 00290 items->name = "eckey.Q"; 00291 items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q ); 00292 } 00293 00294 const mbedtls_pk_info_t mbedtls_eckey_info = { 00295 MBEDTLS_PK_ECKEY, 00296 "EC", 00297 eckey_get_bitlen, 00298 eckey_can_do, 00299 #if defined(MBEDTLS_ECDSA_C) 00300 eckey_verify_wrap, 00301 eckey_sign_wrap, 00302 #else 00303 NULL, 00304 NULL, 00305 #endif 00306 NULL, 00307 NULL, 00308 eckey_check_pair, 00309 eckey_alloc_wrap, 00310 eckey_free_wrap, 00311 eckey_debug, 00312 }; 00313 00314 /* 00315 * EC key restricted to ECDH 00316 */ 00317 static int eckeydh_can_do( mbedtls_pk_type_t type ) 00318 { 00319 return( type == MBEDTLS_PK_ECKEY || 00320 type == MBEDTLS_PK_ECKEY_DH ); 00321 } 00322 00323 const mbedtls_pk_info_t mbedtls_eckeydh_info = { 00324 MBEDTLS_PK_ECKEY_DH, 00325 "EC_DH", 00326 eckey_get_bitlen, /* Same underlying key structure */ 00327 eckeydh_can_do, 00328 NULL, 00329 NULL, 00330 NULL, 00331 NULL, 00332 eckey_check_pair, 00333 eckey_alloc_wrap, /* Same underlying key structure */ 00334 eckey_free_wrap, /* Same underlying key structure */ 00335 eckey_debug, /* Same underlying key structure */ 00336 }; 00337 #endif /* MBEDTLS_ECP_C */ 00338 00339 #if defined(MBEDTLS_ECDSA_C) 00340 static int ecdsa_can_do( mbedtls_pk_type_t type ) 00341 { 00342 return( type == MBEDTLS_PK_ECDSA ); 00343 } 00344 00345 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00346 const unsigned char *hash, size_t hash_len, 00347 const unsigned char *sig, size_t sig_len ) 00348 { 00349 int ret; 00350 ((void) md_alg); 00351 00352 ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, 00353 hash, hash_len, sig, sig_len ); 00354 00355 if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) 00356 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); 00357 00358 return( ret ); 00359 } 00360 00361 static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00362 const unsigned char *hash, size_t hash_len, 00363 unsigned char *sig, size_t *sig_len, 00364 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00365 { 00366 return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx, 00367 md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); 00368 } 00369 00370 static void *ecdsa_alloc_wrap( void ) 00371 { 00372 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) ); 00373 00374 if( ctx != NULL ) 00375 mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx ); 00376 00377 return( ctx ); 00378 } 00379 00380 static void ecdsa_free_wrap( void *ctx ) 00381 { 00382 mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx ); 00383 mbedtls_free( ctx ); 00384 } 00385 00386 const mbedtls_pk_info_t mbedtls_ecdsa_info = { 00387 MBEDTLS_PK_ECDSA, 00388 "ECDSA", 00389 eckey_get_bitlen, /* Compatible key structures */ 00390 ecdsa_can_do, 00391 ecdsa_verify_wrap, 00392 ecdsa_sign_wrap, 00393 NULL, 00394 NULL, 00395 eckey_check_pair, /* Compatible key structures */ 00396 ecdsa_alloc_wrap, 00397 ecdsa_free_wrap, 00398 eckey_debug, /* Compatible key structures */ 00399 }; 00400 #endif /* MBEDTLS_ECDSA_C */ 00401 00402 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00403 /* 00404 * Support for alternative RSA-private implementations 00405 */ 00406 00407 static int rsa_alt_can_do( mbedtls_pk_type_t type ) 00408 { 00409 return( type == MBEDTLS_PK_RSA ); 00410 } 00411 00412 static size_t rsa_alt_get_bitlen( const void *ctx ) 00413 { 00414 const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; 00415 00416 return( 8 * rsa_alt->key_len_func( rsa_alt->key ) ); 00417 } 00418 00419 static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00420 const unsigned char *hash, size_t hash_len, 00421 unsigned char *sig, size_t *sig_len, 00422 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00423 { 00424 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; 00425 00426 #if SIZE_MAX > UINT_MAX 00427 if( UINT_MAX < hash_len ) 00428 return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); 00429 #endif /* SIZE_MAX > UINT_MAX */ 00430 00431 *sig_len = rsa_alt->key_len_func( rsa_alt->key ); 00432 00433 return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, 00434 md_alg, (unsigned int) hash_len, hash, sig ) ); 00435 } 00436 00437 static int rsa_alt_decrypt_wrap( void *ctx, 00438 const unsigned char *input, size_t ilen, 00439 unsigned char *output, size_t *olen, size_t osize, 00440 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00441 { 00442 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; 00443 00444 ((void) f_rng); 00445 ((void) p_rng); 00446 00447 if( ilen != rsa_alt->key_len_func( rsa_alt->key ) ) 00448 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); 00449 00450 return( rsa_alt->decrypt_func( rsa_alt->key, 00451 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); 00452 } 00453 00454 #if defined(MBEDTLS_RSA_C) 00455 static int rsa_alt_check_pair( const void *pub, const void *prv ) 00456 { 00457 unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; 00458 unsigned char hash[32]; 00459 size_t sig_len = 0; 00460 int ret; 00461 00462 if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) 00463 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); 00464 00465 memset( hash, 0x2a, sizeof( hash ) ); 00466 00467 if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, 00468 hash, sizeof( hash ), 00469 sig, &sig_len, NULL, NULL ) ) != 0 ) 00470 { 00471 return( ret ); 00472 } 00473 00474 if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE, 00475 hash, sizeof( hash ), sig, sig_len ) != 0 ) 00476 { 00477 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); 00478 } 00479 00480 return( 0 ); 00481 } 00482 #endif /* MBEDTLS_RSA_C */ 00483 00484 static void *rsa_alt_alloc_wrap( void ) 00485 { 00486 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) ); 00487 00488 if( ctx != NULL ) 00489 memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); 00490 00491 return( ctx ); 00492 } 00493 00494 static void rsa_alt_free_wrap( void *ctx ) 00495 { 00496 mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) ); 00497 mbedtls_free( ctx ); 00498 } 00499 00500 const mbedtls_pk_info_t mbedtls_rsa_alt_info = { 00501 MBEDTLS_PK_RSA_ALT, 00502 "RSA-alt", 00503 rsa_alt_get_bitlen, 00504 rsa_alt_can_do, 00505 NULL, 00506 rsa_alt_sign_wrap, 00507 rsa_alt_decrypt_wrap, 00508 NULL, 00509 #if defined(MBEDTLS_RSA_C) 00510 rsa_alt_check_pair, 00511 #else 00512 NULL, 00513 #endif 00514 rsa_alt_alloc_wrap, 00515 rsa_alt_free_wrap, 00516 NULL, 00517 }; 00518 00519 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ 00520 00521 #endif /* MBEDTLS_PK_C */
Generated on Fri Jul 22 2022 04:53:58 by
1.7.2