sandbox / mbedtls

mbedtls ported to mbed-classic

Fork of mbedtls by Christopher Haster

source/pk_wrap.c@4:bef26f687287, 2016-04-07 (annotated)

Committer:
Brian Daniels
Date:
Thu Apr 07 11:11:18 2016 +0100
Revision:
4:bef26f687287
Parent:
1:24750b9ad5ef 
Adding ported selftest test case

Who changed what in which revision?

UserRevisionLine numberNew contents of line
Christopher Haster 1:24750b9ad5ef 1 /*
Christopher Haster 1:24750b9ad5ef 2 * Public Key abstraction layer: wrapper functions
Christopher Haster 1:24750b9ad5ef 3 *
Christopher Haster 1:24750b9ad5ef 4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
Christopher Haster 1:24750b9ad5ef 5 * SPDX-License-Identifier: Apache-2.0
Christopher Haster 1:24750b9ad5ef 6 *
Christopher Haster 1:24750b9ad5ef 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
Christopher Haster 1:24750b9ad5ef 8 * not use this file except in compliance with the License.
Christopher Haster 1:24750b9ad5ef 9 * You may obtain a copy of the License at
Christopher Haster 1:24750b9ad5ef 10 *
Christopher Haster 1:24750b9ad5ef 11 * http://www.apache.org/licenses/LICENSE-2.0
Christopher Haster 1:24750b9ad5ef 12 *
Christopher Haster 1:24750b9ad5ef 13 * Unless required by applicable law or agreed to in writing, software
Christopher Haster 1:24750b9ad5ef 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
Christopher Haster 1:24750b9ad5ef 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Christopher Haster 1:24750b9ad5ef 16 * See the License for the specific language governing permissions and
Christopher Haster 1:24750b9ad5ef 17 * limitations under the License.
Christopher Haster 1:24750b9ad5ef 18 *
Christopher Haster 1:24750b9ad5ef 19 * This file is part of mbed TLS (https://tls.mbed.org)
Christopher Haster 1:24750b9ad5ef 20 */
Christopher Haster 1:24750b9ad5ef 21
Christopher Haster 1:24750b9ad5ef 22 #if !defined(MBEDTLS_CONFIG_FILE)
Christopher Haster 1:24750b9ad5ef 23 #include "mbedtls/config.h"
Christopher Haster 1:24750b9ad5ef 24 #else
Christopher Haster 1:24750b9ad5ef 25 #include MBEDTLS_CONFIG_FILE
Christopher Haster 1:24750b9ad5ef 26 #endif
Christopher Haster 1:24750b9ad5ef 27
Christopher Haster 1:24750b9ad5ef 28 #if defined(MBEDTLS_PK_C)
Christopher Haster 1:24750b9ad5ef 29 #include "mbedtls/pk_internal.h"
Christopher Haster 1:24750b9ad5ef 30
Christopher Haster 1:24750b9ad5ef 31 /* Even if RSA not activated, for the sake of RSA-alt */
Christopher Haster 1:24750b9ad5ef 32 #include "mbedtls/rsa.h"
Christopher Haster 1:24750b9ad5ef 33
Christopher Haster 1:24750b9ad5ef 34 #include <string.h>
Christopher Haster 1:24750b9ad5ef 35
Christopher Haster 1:24750b9ad5ef 36 #if defined(MBEDTLS_ECP_C)
Christopher Haster 1:24750b9ad5ef 37 #include "mbedtls/ecp.h"
Christopher Haster 1:24750b9ad5ef 38 #endif
Christopher Haster 1:24750b9ad5ef 39
Christopher Haster 1:24750b9ad5ef 40 #if defined(MBEDTLS_ECDSA_C)
Christopher Haster 1:24750b9ad5ef 41 #include "mbedtls/ecdsa.h"
Christopher Haster 1:24750b9ad5ef 42 #endif
Christopher Haster 1:24750b9ad5ef 43
Christopher Haster 1:24750b9ad5ef 44 #if defined(MBEDTLS_PLATFORM_C)
Christopher Haster 1:24750b9ad5ef 45 #include "mbedtls/platform.h"
Christopher Haster 1:24750b9ad5ef 46 #else
Christopher Haster 1:24750b9ad5ef 47 #include <stdlib.h>
Christopher Haster 1:24750b9ad5ef 48 #define mbedtls_calloc calloc
Christopher Haster 1:24750b9ad5ef 49 #define mbedtls_free free
Christopher Haster 1:24750b9ad5ef 50 #endif
Christopher Haster 1:24750b9ad5ef 51
Christopher Haster 1:24750b9ad5ef 52 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
Christopher Haster 1:24750b9ad5ef 53 /* Implementation that should never be optimized out by the compiler */
Christopher Haster 1:24750b9ad5ef 54 static void mbedtls_zeroize( void *v, size_t n ) {
Christopher Haster 1:24750b9ad5ef 55 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
Christopher Haster 1:24750b9ad5ef 56 }
Christopher Haster 1:24750b9ad5ef 57 #endif
Christopher Haster 1:24750b9ad5ef 58
Christopher Haster 1:24750b9ad5ef 59 #if defined(MBEDTLS_RSA_C)
Christopher Haster 1:24750b9ad5ef 60 static int rsa_can_do( mbedtls_pk_type_t type )
Christopher Haster 1:24750b9ad5ef 61 {
Christopher Haster 1:24750b9ad5ef 62 return( type == MBEDTLS_PK_RSA ||
Christopher Haster 1:24750b9ad5ef 63 type == MBEDTLS_PK_RSASSA_PSS );
Christopher Haster 1:24750b9ad5ef 64 }
Christopher Haster 1:24750b9ad5ef 65
Christopher Haster 1:24750b9ad5ef 66 static size_t rsa_get_bitlen( const void *ctx )
Christopher Haster 1:24750b9ad5ef 67 {
Christopher Haster 1:24750b9ad5ef 68 return( 8 * ((const mbedtls_rsa_context *) ctx)->len );
Christopher Haster 1:24750b9ad5ef 69 }
Christopher Haster 1:24750b9ad5ef 70
Christopher Haster 1:24750b9ad5ef 71 static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 72 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 73 const unsigned char *sig, size_t sig_len )
Christopher Haster 1:24750b9ad5ef 74 {
Christopher Haster 1:24750b9ad5ef 75 int ret;
Christopher Haster 1:24750b9ad5ef 76
Christopher Haster 1:24750b9ad5ef 77 if( sig_len < ((mbedtls_rsa_context *) ctx)->len )
Christopher Haster 1:24750b9ad5ef 78 return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
Christopher Haster 1:24750b9ad5ef 79
Christopher Haster 1:24750b9ad5ef 80 if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL,
Christopher Haster 1:24750b9ad5ef 81 MBEDTLS_RSA_PUBLIC, md_alg,
Christopher Haster 1:24750b9ad5ef 82 (unsigned int) hash_len, hash, sig ) ) != 0 )
Christopher Haster 1:24750b9ad5ef 83 return( ret );
Christopher Haster 1:24750b9ad5ef 84
Christopher Haster 1:24750b9ad5ef 85 if( sig_len > ((mbedtls_rsa_context *) ctx)->len )
Christopher Haster 1:24750b9ad5ef 86 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
Christopher Haster 1:24750b9ad5ef 87
Christopher Haster 1:24750b9ad5ef 88 return( 0 );
Christopher Haster 1:24750b9ad5ef 89 }
Christopher Haster 1:24750b9ad5ef 90
Christopher Haster 1:24750b9ad5ef 91 static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 92 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 93 unsigned char *sig, size_t *sig_len,
Christopher Haster 1:24750b9ad5ef 94 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
Christopher Haster 1:24750b9ad5ef 95 {
Christopher Haster 1:24750b9ad5ef 96 *sig_len = ((mbedtls_rsa_context *) ctx)->len;
Christopher Haster 1:24750b9ad5ef 97
Christopher Haster 1:24750b9ad5ef 98 return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
Christopher Haster 1:24750b9ad5ef 99 md_alg, (unsigned int) hash_len, hash, sig ) );
Christopher Haster 1:24750b9ad5ef 100 }
Christopher Haster 1:24750b9ad5ef 101
Christopher Haster 1:24750b9ad5ef 102 static int rsa_decrypt_wrap( void *ctx,
Christopher Haster 1:24750b9ad5ef 103 const unsigned char *input, size_t ilen,
Christopher Haster 1:24750b9ad5ef 104 unsigned char *output, size_t *olen, size_t osize,
Christopher Haster 1:24750b9ad5ef 105 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
Christopher Haster 1:24750b9ad5ef 106 {
Christopher Haster 1:24750b9ad5ef 107 if( ilen != ((mbedtls_rsa_context *) ctx)->len )
Christopher Haster 1:24750b9ad5ef 108 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
Christopher Haster 1:24750b9ad5ef 109
Christopher Haster 1:24750b9ad5ef 110 return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
Christopher Haster 1:24750b9ad5ef 111 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
Christopher Haster 1:24750b9ad5ef 112 }
Christopher Haster 1:24750b9ad5ef 113
Christopher Haster 1:24750b9ad5ef 114 static int rsa_encrypt_wrap( void *ctx,
Christopher Haster 1:24750b9ad5ef 115 const unsigned char *input, size_t ilen,
Christopher Haster 1:24750b9ad5ef 116 unsigned char *output, size_t *olen, size_t osize,
Christopher Haster 1:24750b9ad5ef 117 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
Christopher Haster 1:24750b9ad5ef 118 {
Christopher Haster 1:24750b9ad5ef 119 *olen = ((mbedtls_rsa_context *) ctx)->len;
Christopher Haster 1:24750b9ad5ef 120
Christopher Haster 1:24750b9ad5ef 121 if( *olen > osize )
Christopher Haster 1:24750b9ad5ef 122 return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
Christopher Haster 1:24750b9ad5ef 123
Christopher Haster 1:24750b9ad5ef 124 return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx,
Christopher Haster 1:24750b9ad5ef 125 f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) );
Christopher Haster 1:24750b9ad5ef 126 }
Christopher Haster 1:24750b9ad5ef 127
Christopher Haster 1:24750b9ad5ef 128 static int rsa_check_pair_wrap( const void *pub, const void *prv )
Christopher Haster 1:24750b9ad5ef 129 {
Christopher Haster 1:24750b9ad5ef 130 return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
Christopher Haster 1:24750b9ad5ef 131 (const mbedtls_rsa_context *) prv ) );
Christopher Haster 1:24750b9ad5ef 132 }
Christopher Haster 1:24750b9ad5ef 133
Christopher Haster 1:24750b9ad5ef 134 static void *rsa_alloc_wrap( void )
Christopher Haster 1:24750b9ad5ef 135 {
Christopher Haster 1:24750b9ad5ef 136 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) );
Christopher Haster 1:24750b9ad5ef 137
Christopher Haster 1:24750b9ad5ef 138 if( ctx != NULL )
Christopher Haster 1:24750b9ad5ef 139 mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 );
Christopher Haster 1:24750b9ad5ef 140
Christopher Haster 1:24750b9ad5ef 141 return( ctx );
Christopher Haster 1:24750b9ad5ef 142 }
Christopher Haster 1:24750b9ad5ef 143
Christopher Haster 1:24750b9ad5ef 144 static void rsa_free_wrap( void *ctx )
Christopher Haster 1:24750b9ad5ef 145 {
Christopher Haster 1:24750b9ad5ef 146 mbedtls_rsa_free( (mbedtls_rsa_context *) ctx );
Christopher Haster 1:24750b9ad5ef 147 mbedtls_free( ctx );
Christopher Haster 1:24750b9ad5ef 148 }
Christopher Haster 1:24750b9ad5ef 149
Christopher Haster 1:24750b9ad5ef 150 static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items )
Christopher Haster 1:24750b9ad5ef 151 {
Christopher Haster 1:24750b9ad5ef 152 items->type = MBEDTLS_PK_DEBUG_MPI;
Christopher Haster 1:24750b9ad5ef 153 items->name = "rsa.N";
Christopher Haster 1:24750b9ad5ef 154 items->value = &( ((mbedtls_rsa_context *) ctx)->N );
Christopher Haster 1:24750b9ad5ef 155
Christopher Haster 1:24750b9ad5ef 156 items++;
Christopher Haster 1:24750b9ad5ef 157
Christopher Haster 1:24750b9ad5ef 158 items->type = MBEDTLS_PK_DEBUG_MPI;
Christopher Haster 1:24750b9ad5ef 159 items->name = "rsa.E";
Christopher Haster 1:24750b9ad5ef 160 items->value = &( ((mbedtls_rsa_context *) ctx)->E );
Christopher Haster 1:24750b9ad5ef 161 }
Christopher Haster 1:24750b9ad5ef 162
Christopher Haster 1:24750b9ad5ef 163 const mbedtls_pk_info_t mbedtls_rsa_info = {
Christopher Haster 1:24750b9ad5ef 164 MBEDTLS_PK_RSA,
Christopher Haster 1:24750b9ad5ef 165 "RSA",
Christopher Haster 1:24750b9ad5ef 166 rsa_get_bitlen,
Christopher Haster 1:24750b9ad5ef 167 rsa_can_do,
Christopher Haster 1:24750b9ad5ef 168 rsa_verify_wrap,
Christopher Haster 1:24750b9ad5ef 169 rsa_sign_wrap,
Christopher Haster 1:24750b9ad5ef 170 rsa_decrypt_wrap,
Christopher Haster 1:24750b9ad5ef 171 rsa_encrypt_wrap,
Christopher Haster 1:24750b9ad5ef 172 rsa_check_pair_wrap,
Christopher Haster 1:24750b9ad5ef 173 rsa_alloc_wrap,
Christopher Haster 1:24750b9ad5ef 174 rsa_free_wrap,
Christopher Haster 1:24750b9ad5ef 175 rsa_debug,
Christopher Haster 1:24750b9ad5ef 176 };
Christopher Haster 1:24750b9ad5ef 177 #endif /* MBEDTLS_RSA_C */
Christopher Haster 1:24750b9ad5ef 178
Christopher Haster 1:24750b9ad5ef 179 #if defined(MBEDTLS_ECP_C)
Christopher Haster 1:24750b9ad5ef 180 /*
Christopher Haster 1:24750b9ad5ef 181 * Generic EC key
Christopher Haster 1:24750b9ad5ef 182 */
Christopher Haster 1:24750b9ad5ef 183 static int eckey_can_do( mbedtls_pk_type_t type )
Christopher Haster 1:24750b9ad5ef 184 {
Christopher Haster 1:24750b9ad5ef 185 return( type == MBEDTLS_PK_ECKEY ||
Christopher Haster 1:24750b9ad5ef 186 type == MBEDTLS_PK_ECKEY_DH ||
Christopher Haster 1:24750b9ad5ef 187 type == MBEDTLS_PK_ECDSA );
Christopher Haster 1:24750b9ad5ef 188 }
Christopher Haster 1:24750b9ad5ef 189
Christopher Haster 1:24750b9ad5ef 190 static size_t eckey_get_bitlen( const void *ctx )
Christopher Haster 1:24750b9ad5ef 191 {
Christopher Haster 1:24750b9ad5ef 192 return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits );
Christopher Haster 1:24750b9ad5ef 193 }
Christopher Haster 1:24750b9ad5ef 194
Christopher Haster 1:24750b9ad5ef 195 #if defined(MBEDTLS_ECDSA_C)
Christopher Haster 1:24750b9ad5ef 196 /* Forward declarations */
Christopher Haster 1:24750b9ad5ef 197 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 198 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 199 const unsigned char *sig, size_t sig_len );
Christopher Haster 1:24750b9ad5ef 200
Christopher Haster 1:24750b9ad5ef 201 static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 202 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 203 unsigned char *sig, size_t *sig_len,
Christopher Haster 1:24750b9ad5ef 204 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
Christopher Haster 1:24750b9ad5ef 205
Christopher Haster 1:24750b9ad5ef 206 static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 207 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 208 const unsigned char *sig, size_t sig_len )
Christopher Haster 1:24750b9ad5ef 209 {
Christopher Haster 1:24750b9ad5ef 210 int ret;
Christopher Haster 1:24750b9ad5ef 211 mbedtls_ecdsa_context ecdsa;
Christopher Haster 1:24750b9ad5ef 212
Christopher Haster 1:24750b9ad5ef 213 mbedtls_ecdsa_init( &ecdsa );
Christopher Haster 1:24750b9ad5ef 214
Christopher Haster 1:24750b9ad5ef 215 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
Christopher Haster 1:24750b9ad5ef 216 ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
Christopher Haster 1:24750b9ad5ef 217
Christopher Haster 1:24750b9ad5ef 218 mbedtls_ecdsa_free( &ecdsa );
Christopher Haster 1:24750b9ad5ef 219
Christopher Haster 1:24750b9ad5ef 220 return( ret );
Christopher Haster 1:24750b9ad5ef 221 }
Christopher Haster 1:24750b9ad5ef 222
Christopher Haster 1:24750b9ad5ef 223 static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 224 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 225 unsigned char *sig, size_t *sig_len,
Christopher Haster 1:24750b9ad5ef 226 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
Christopher Haster 1:24750b9ad5ef 227 {
Christopher Haster 1:24750b9ad5ef 228 int ret;
Christopher Haster 1:24750b9ad5ef 229 mbedtls_ecdsa_context ecdsa;
Christopher Haster 1:24750b9ad5ef 230
Christopher Haster 1:24750b9ad5ef 231 mbedtls_ecdsa_init( &ecdsa );
Christopher Haster 1:24750b9ad5ef 232
Christopher Haster 1:24750b9ad5ef 233 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
Christopher Haster 1:24750b9ad5ef 234 ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
Christopher Haster 1:24750b9ad5ef 235 f_rng, p_rng );
Christopher Haster 1:24750b9ad5ef 236
Christopher Haster 1:24750b9ad5ef 237 mbedtls_ecdsa_free( &ecdsa );
Christopher Haster 1:24750b9ad5ef 238
Christopher Haster 1:24750b9ad5ef 239 return( ret );
Christopher Haster 1:24750b9ad5ef 240 }
Christopher Haster 1:24750b9ad5ef 241
Christopher Haster 1:24750b9ad5ef 242 #endif /* MBEDTLS_ECDSA_C */
Christopher Haster 1:24750b9ad5ef 243
Christopher Haster 1:24750b9ad5ef 244 static int eckey_check_pair( const void *pub, const void *prv )
Christopher Haster 1:24750b9ad5ef 245 {
Christopher Haster 1:24750b9ad5ef 246 return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
Christopher Haster 1:24750b9ad5ef 247 (const mbedtls_ecp_keypair *) prv ) );
Christopher Haster 1:24750b9ad5ef 248 }
Christopher Haster 1:24750b9ad5ef 249
Christopher Haster 1:24750b9ad5ef 250 static void *eckey_alloc_wrap( void )
Christopher Haster 1:24750b9ad5ef 251 {
Christopher Haster 1:24750b9ad5ef 252 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
Christopher Haster 1:24750b9ad5ef 253
Christopher Haster 1:24750b9ad5ef 254 if( ctx != NULL )
Christopher Haster 1:24750b9ad5ef 255 mbedtls_ecp_keypair_init( ctx );
Christopher Haster 1:24750b9ad5ef 256
Christopher Haster 1:24750b9ad5ef 257 return( ctx );
Christopher Haster 1:24750b9ad5ef 258 }
Christopher Haster 1:24750b9ad5ef 259
Christopher Haster 1:24750b9ad5ef 260 static void eckey_free_wrap( void *ctx )
Christopher Haster 1:24750b9ad5ef 261 {
Christopher Haster 1:24750b9ad5ef 262 mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx );
Christopher Haster 1:24750b9ad5ef 263 mbedtls_free( ctx );
Christopher Haster 1:24750b9ad5ef 264 }
Christopher Haster 1:24750b9ad5ef 265
Christopher Haster 1:24750b9ad5ef 266 static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items )
Christopher Haster 1:24750b9ad5ef 267 {
Christopher Haster 1:24750b9ad5ef 268 items->type = MBEDTLS_PK_DEBUG_ECP;
Christopher Haster 1:24750b9ad5ef 269 items->name = "eckey.Q";
Christopher Haster 1:24750b9ad5ef 270 items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
Christopher Haster 1:24750b9ad5ef 271 }
Christopher Haster 1:24750b9ad5ef 272
Christopher Haster 1:24750b9ad5ef 273 const mbedtls_pk_info_t mbedtls_eckey_info = {
Christopher Haster 1:24750b9ad5ef 274 MBEDTLS_PK_ECKEY,
Christopher Haster 1:24750b9ad5ef 275 "EC",
Christopher Haster 1:24750b9ad5ef 276 eckey_get_bitlen,
Christopher Haster 1:24750b9ad5ef 277 eckey_can_do,
Christopher Haster 1:24750b9ad5ef 278 #if defined(MBEDTLS_ECDSA_C)
Christopher Haster 1:24750b9ad5ef 279 eckey_verify_wrap,
Christopher Haster 1:24750b9ad5ef 280 eckey_sign_wrap,
Christopher Haster 1:24750b9ad5ef 281 #else
Christopher Haster 1:24750b9ad5ef 282 NULL,
Christopher Haster 1:24750b9ad5ef 283 NULL,
Christopher Haster 1:24750b9ad5ef 284 #endif
Christopher Haster 1:24750b9ad5ef 285 NULL,
Christopher Haster 1:24750b9ad5ef 286 NULL,
Christopher Haster 1:24750b9ad5ef 287 eckey_check_pair,
Christopher Haster 1:24750b9ad5ef 288 eckey_alloc_wrap,
Christopher Haster 1:24750b9ad5ef 289 eckey_free_wrap,
Christopher Haster 1:24750b9ad5ef 290 eckey_debug,
Christopher Haster 1:24750b9ad5ef 291 };
Christopher Haster 1:24750b9ad5ef 292
Christopher Haster 1:24750b9ad5ef 293 /*
Christopher Haster 1:24750b9ad5ef 294 * EC key restricted to ECDH
Christopher Haster 1:24750b9ad5ef 295 */
Christopher Haster 1:24750b9ad5ef 296 static int eckeydh_can_do( mbedtls_pk_type_t type )
Christopher Haster 1:24750b9ad5ef 297 {
Christopher Haster 1:24750b9ad5ef 298 return( type == MBEDTLS_PK_ECKEY ||
Christopher Haster 1:24750b9ad5ef 299 type == MBEDTLS_PK_ECKEY_DH );
Christopher Haster 1:24750b9ad5ef 300 }
Christopher Haster 1:24750b9ad5ef 301
Christopher Haster 1:24750b9ad5ef 302 const mbedtls_pk_info_t mbedtls_eckeydh_info = {
Christopher Haster 1:24750b9ad5ef 303 MBEDTLS_PK_ECKEY_DH,
Christopher Haster 1:24750b9ad5ef 304 "EC_DH",
Christopher Haster 1:24750b9ad5ef 305 eckey_get_bitlen, /* Same underlying key structure */
Christopher Haster 1:24750b9ad5ef 306 eckeydh_can_do,
Christopher Haster 1:24750b9ad5ef 307 NULL,
Christopher Haster 1:24750b9ad5ef 308 NULL,
Christopher Haster 1:24750b9ad5ef 309 NULL,
Christopher Haster 1:24750b9ad5ef 310 NULL,
Christopher Haster 1:24750b9ad5ef 311 eckey_check_pair,
Christopher Haster 1:24750b9ad5ef 312 eckey_alloc_wrap, /* Same underlying key structure */
Christopher Haster 1:24750b9ad5ef 313 eckey_free_wrap, /* Same underlying key structure */
Christopher Haster 1:24750b9ad5ef 314 eckey_debug, /* Same underlying key structure */
Christopher Haster 1:24750b9ad5ef 315 };
Christopher Haster 1:24750b9ad5ef 316 #endif /* MBEDTLS_ECP_C */
Christopher Haster 1:24750b9ad5ef 317
Christopher Haster 1:24750b9ad5ef 318 #if defined(MBEDTLS_ECDSA_C)
Christopher Haster 1:24750b9ad5ef 319 static int ecdsa_can_do( mbedtls_pk_type_t type )
Christopher Haster 1:24750b9ad5ef 320 {
Christopher Haster 1:24750b9ad5ef 321 return( type == MBEDTLS_PK_ECDSA );
Christopher Haster 1:24750b9ad5ef 322 }
Christopher Haster 1:24750b9ad5ef 323
Christopher Haster 1:24750b9ad5ef 324 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 325 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 326 const unsigned char *sig, size_t sig_len )
Christopher Haster 1:24750b9ad5ef 327 {
Christopher Haster 1:24750b9ad5ef 328 int ret;
Christopher Haster 1:24750b9ad5ef 329 ((void) md_alg);
Christopher Haster 1:24750b9ad5ef 330
Christopher Haster 1:24750b9ad5ef 331 ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx,
Christopher Haster 1:24750b9ad5ef 332 hash, hash_len, sig, sig_len );
Christopher Haster 1:24750b9ad5ef 333
Christopher Haster 1:24750b9ad5ef 334 if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
Christopher Haster 1:24750b9ad5ef 335 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
Christopher Haster 1:24750b9ad5ef 336
Christopher Haster 1:24750b9ad5ef 337 return( ret );
Christopher Haster 1:24750b9ad5ef 338 }
Christopher Haster 1:24750b9ad5ef 339
Christopher Haster 1:24750b9ad5ef 340 static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 341 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 342 unsigned char *sig, size_t *sig_len,
Christopher Haster 1:24750b9ad5ef 343 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
Christopher Haster 1:24750b9ad5ef 344 {
Christopher Haster 1:24750b9ad5ef 345 return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx,
Christopher Haster 1:24750b9ad5ef 346 md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
Christopher Haster 1:24750b9ad5ef 347 }
Christopher Haster 1:24750b9ad5ef 348
Christopher Haster 1:24750b9ad5ef 349 static void *ecdsa_alloc_wrap( void )
Christopher Haster 1:24750b9ad5ef 350 {
Christopher Haster 1:24750b9ad5ef 351 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) );
Christopher Haster 1:24750b9ad5ef 352
Christopher Haster 1:24750b9ad5ef 353 if( ctx != NULL )
Christopher Haster 1:24750b9ad5ef 354 mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx );
Christopher Haster 1:24750b9ad5ef 355
Christopher Haster 1:24750b9ad5ef 356 return( ctx );
Christopher Haster 1:24750b9ad5ef 357 }
Christopher Haster 1:24750b9ad5ef 358
Christopher Haster 1:24750b9ad5ef 359 static void ecdsa_free_wrap( void *ctx )
Christopher Haster 1:24750b9ad5ef 360 {
Christopher Haster 1:24750b9ad5ef 361 mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx );
Christopher Haster 1:24750b9ad5ef 362 mbedtls_free( ctx );
Christopher Haster 1:24750b9ad5ef 363 }
Christopher Haster 1:24750b9ad5ef 364
Christopher Haster 1:24750b9ad5ef 365 const mbedtls_pk_info_t mbedtls_ecdsa_info = {
Christopher Haster 1:24750b9ad5ef 366 MBEDTLS_PK_ECDSA,
Christopher Haster 1:24750b9ad5ef 367 "ECDSA",
Christopher Haster 1:24750b9ad5ef 368 eckey_get_bitlen, /* Compatible key structures */
Christopher Haster 1:24750b9ad5ef 369 ecdsa_can_do,
Christopher Haster 1:24750b9ad5ef 370 ecdsa_verify_wrap,
Christopher Haster 1:24750b9ad5ef 371 ecdsa_sign_wrap,
Christopher Haster 1:24750b9ad5ef 372 NULL,
Christopher Haster 1:24750b9ad5ef 373 NULL,
Christopher Haster 1:24750b9ad5ef 374 eckey_check_pair, /* Compatible key structures */
Christopher Haster 1:24750b9ad5ef 375 ecdsa_alloc_wrap,
Christopher Haster 1:24750b9ad5ef 376 ecdsa_free_wrap,
Christopher Haster 1:24750b9ad5ef 377 eckey_debug, /* Compatible key structures */
Christopher Haster 1:24750b9ad5ef 378 };
Christopher Haster 1:24750b9ad5ef 379 #endif /* MBEDTLS_ECDSA_C */
Christopher Haster 1:24750b9ad5ef 380
Christopher Haster 1:24750b9ad5ef 381 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
Christopher Haster 1:24750b9ad5ef 382 /*
Christopher Haster 1:24750b9ad5ef 383 * Support for alternative RSA-private implementations
Christopher Haster 1:24750b9ad5ef 384 */
Christopher Haster 1:24750b9ad5ef 385
Christopher Haster 1:24750b9ad5ef 386 static int rsa_alt_can_do( mbedtls_pk_type_t type )
Christopher Haster 1:24750b9ad5ef 387 {
Christopher Haster 1:24750b9ad5ef 388 return( type == MBEDTLS_PK_RSA );
Christopher Haster 1:24750b9ad5ef 389 }
Christopher Haster 1:24750b9ad5ef 390
Christopher Haster 1:24750b9ad5ef 391 static size_t rsa_alt_get_bitlen( const void *ctx )
Christopher Haster 1:24750b9ad5ef 392 {
Christopher Haster 1:24750b9ad5ef 393 const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx;
Christopher Haster 1:24750b9ad5ef 394
Christopher Haster 1:24750b9ad5ef 395 return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
Christopher Haster 1:24750b9ad5ef 396 }
Christopher Haster 1:24750b9ad5ef 397
Christopher Haster 1:24750b9ad5ef 398 static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
Christopher Haster 1:24750b9ad5ef 399 const unsigned char *hash, size_t hash_len,
Christopher Haster 1:24750b9ad5ef 400 unsigned char *sig, size_t *sig_len,
Christopher Haster 1:24750b9ad5ef 401 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
Christopher Haster 1:24750b9ad5ef 402 {
Christopher Haster 1:24750b9ad5ef 403 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
Christopher Haster 1:24750b9ad5ef 404
Christopher Haster 1:24750b9ad5ef 405 *sig_len = rsa_alt->key_len_func( rsa_alt->key );
Christopher Haster 1:24750b9ad5ef 406
Christopher Haster 1:24750b9ad5ef 407 return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
Christopher Haster 1:24750b9ad5ef 408 md_alg, (unsigned int) hash_len, hash, sig ) );
Christopher Haster 1:24750b9ad5ef 409 }
Christopher Haster 1:24750b9ad5ef 410
Christopher Haster 1:24750b9ad5ef 411 static int rsa_alt_decrypt_wrap( void *ctx,
Christopher Haster 1:24750b9ad5ef 412 const unsigned char *input, size_t ilen,
Christopher Haster 1:24750b9ad5ef 413 unsigned char *output, size_t *olen, size_t osize,
Christopher Haster 1:24750b9ad5ef 414 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
Christopher Haster 1:24750b9ad5ef 415 {
Christopher Haster 1:24750b9ad5ef 416 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
Christopher Haster 1:24750b9ad5ef 417
Christopher Haster 1:24750b9ad5ef 418 ((void) f_rng);
Christopher Haster 1:24750b9ad5ef 419 ((void) p_rng);
Christopher Haster 1:24750b9ad5ef 420
Christopher Haster 1:24750b9ad5ef 421 if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
Christopher Haster 1:24750b9ad5ef 422 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
Christopher Haster 1:24750b9ad5ef 423
Christopher Haster 1:24750b9ad5ef 424 return( rsa_alt->decrypt_func( rsa_alt->key,
Christopher Haster 1:24750b9ad5ef 425 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
Christopher Haster 1:24750b9ad5ef 426 }
Christopher Haster 1:24750b9ad5ef 427
Christopher Haster 1:24750b9ad5ef 428 #if defined(MBEDTLS_RSA_C)
Christopher Haster 1:24750b9ad5ef 429 static int rsa_alt_check_pair( const void *pub, const void *prv )
Christopher Haster 1:24750b9ad5ef 430 {
Christopher Haster 1:24750b9ad5ef 431 unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
Christopher Haster 1:24750b9ad5ef 432 unsigned char hash[32];
Christopher Haster 1:24750b9ad5ef 433 size_t sig_len = 0;
Christopher Haster 1:24750b9ad5ef 434 int ret;
Christopher Haster 1:24750b9ad5ef 435
Christopher Haster 1:24750b9ad5ef 436 if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) )
Christopher Haster 1:24750b9ad5ef 437 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Christopher Haster 1:24750b9ad5ef 438
Christopher Haster 1:24750b9ad5ef 439 memset( hash, 0x2a, sizeof( hash ) );
Christopher Haster 1:24750b9ad5ef 440
Christopher Haster 1:24750b9ad5ef 441 if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
Christopher Haster 1:24750b9ad5ef 442 hash, sizeof( hash ),
Christopher Haster 1:24750b9ad5ef 443 sig, &sig_len, NULL, NULL ) ) != 0 )
Christopher Haster 1:24750b9ad5ef 444 {
Christopher Haster 1:24750b9ad5ef 445 return( ret );
Christopher Haster 1:24750b9ad5ef 446 }
Christopher Haster 1:24750b9ad5ef 447
Christopher Haster 1:24750b9ad5ef 448 if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE,
Christopher Haster 1:24750b9ad5ef 449 hash, sizeof( hash ), sig, sig_len ) != 0 )
Christopher Haster 1:24750b9ad5ef 450 {
Christopher Haster 1:24750b9ad5ef 451 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
Christopher Haster 1:24750b9ad5ef 452 }
Christopher Haster 1:24750b9ad5ef 453
Christopher Haster 1:24750b9ad5ef 454 return( 0 );
Christopher Haster 1:24750b9ad5ef 455 }
Christopher Haster 1:24750b9ad5ef 456 #endif /* MBEDTLS_RSA_C */
Christopher Haster 1:24750b9ad5ef 457
Christopher Haster 1:24750b9ad5ef 458 static void *rsa_alt_alloc_wrap( void )
Christopher Haster 1:24750b9ad5ef 459 {
Christopher Haster 1:24750b9ad5ef 460 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) );
Christopher Haster 1:24750b9ad5ef 461
Christopher Haster 1:24750b9ad5ef 462 if( ctx != NULL )
Christopher Haster 1:24750b9ad5ef 463 memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) );
Christopher Haster 1:24750b9ad5ef 464
Christopher Haster 1:24750b9ad5ef 465 return( ctx );
Christopher Haster 1:24750b9ad5ef 466 }
Christopher Haster 1:24750b9ad5ef 467
Christopher Haster 1:24750b9ad5ef 468 static void rsa_alt_free_wrap( void *ctx )
Christopher Haster 1:24750b9ad5ef 469 {
Christopher Haster 1:24750b9ad5ef 470 mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) );
Christopher Haster 1:24750b9ad5ef 471 mbedtls_free( ctx );
Christopher Haster 1:24750b9ad5ef 472 }
Christopher Haster 1:24750b9ad5ef 473
Christopher Haster 1:24750b9ad5ef 474 const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
Christopher Haster 1:24750b9ad5ef 475 MBEDTLS_PK_RSA_ALT,
Christopher Haster 1:24750b9ad5ef 476 "RSA-alt",
Christopher Haster 1:24750b9ad5ef 477 rsa_alt_get_bitlen,
Christopher Haster 1:24750b9ad5ef 478 rsa_alt_can_do,
Christopher Haster 1:24750b9ad5ef 479 NULL,
Christopher Haster 1:24750b9ad5ef 480 rsa_alt_sign_wrap,
Christopher Haster 1:24750b9ad5ef 481 rsa_alt_decrypt_wrap,
Christopher Haster 1:24750b9ad5ef 482 NULL,
Christopher Haster 1:24750b9ad5ef 483 #if defined(MBEDTLS_RSA_C)
Christopher Haster 1:24750b9ad5ef 484 rsa_alt_check_pair,
Christopher Haster 1:24750b9ad5ef 485 #else
Christopher Haster 1:24750b9ad5ef 486 NULL,
Christopher Haster 1:24750b9ad5ef 487 #endif
Christopher Haster 1:24750b9ad5ef 488 rsa_alt_alloc_wrap,
Christopher Haster 1:24750b9ad5ef 489 rsa_alt_free_wrap,
Christopher Haster 1:24750b9ad5ef 490 NULL,
Christopher Haster 1:24750b9ad5ef 491 };
Christopher Haster 1:24750b9ad5ef 492
Christopher Haster 1:24750b9ad5ef 493 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
Christopher Haster 1:24750b9ad5ef 494
Christopher Haster 1:24750b9ad5ef 495 #endif /* MBEDTLS_PK_C */