nexpaq_dev - Preliminary main mbed library for nexpaq developm…

Users » nexpaq » Code » nexpaq_dev

Preliminary main mbed library for nexpaq development

features/mbedtls/src/pk_wrap.c@0:6c56fb4bc5f0, 2016-11-04 (annotated)

Committer:: nexpaq
Date:: Fri Nov 04 20:27:58 2016 +0000
Revision:: 0:6c56fb4bc5f0

Moving to library for sharing updates

Who changed what in which revision?

User	Revision	Line number	New contents of line
nexpaq	0:6c56fb4bc5f0	1	/*
nexpaq	0:6c56fb4bc5f0	2	* Public Key abstraction layer: wrapper functions
nexpaq	0:6c56fb4bc5f0	3	*
nexpaq	0:6c56fb4bc5f0	4	* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
nexpaq	0:6c56fb4bc5f0	5	* SPDX-License-Identifier: Apache-2.0
nexpaq	0:6c56fb4bc5f0	6	*
nexpaq	0:6c56fb4bc5f0	7	* Licensed under the Apache License, Version 2.0 (the "License"); you may
nexpaq	0:6c56fb4bc5f0	8	* not use this file except in compliance with the License.
nexpaq	0:6c56fb4bc5f0	9	* You may obtain a copy of the License at
nexpaq	0:6c56fb4bc5f0	10	*
nexpaq	0:6c56fb4bc5f0	11	* http://www.apache.org/licenses/LICENSE-2.0
nexpaq	0:6c56fb4bc5f0	12	*
nexpaq	0:6c56fb4bc5f0	13	* Unless required by applicable law or agreed to in writing, software
nexpaq	0:6c56fb4bc5f0	14	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
nexpaq	0:6c56fb4bc5f0	15	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
nexpaq	0:6c56fb4bc5f0	16	* See the License for the specific language governing permissions and
nexpaq	0:6c56fb4bc5f0	17	* limitations under the License.
nexpaq	0:6c56fb4bc5f0	18	*
nexpaq	0:6c56fb4bc5f0	19	* This file is part of mbed TLS (https://tls.mbed.org)
nexpaq	0:6c56fb4bc5f0	20	*/
nexpaq	0:6c56fb4bc5f0	21
nexpaq	0:6c56fb4bc5f0	22	#if !defined(MBEDTLS_CONFIG_FILE)
nexpaq	0:6c56fb4bc5f0	23	#include "mbedtls/config.h"
nexpaq	0:6c56fb4bc5f0	24	#else
nexpaq	0:6c56fb4bc5f0	25	#include MBEDTLS_CONFIG_FILE
nexpaq	0:6c56fb4bc5f0	26	#endif
nexpaq	0:6c56fb4bc5f0	27
nexpaq	0:6c56fb4bc5f0	28	#if defined(MBEDTLS_PK_C)
nexpaq	0:6c56fb4bc5f0	29	#include "mbedtls/pk_internal.h"
nexpaq	0:6c56fb4bc5f0	30
nexpaq	0:6c56fb4bc5f0	31	/* Even if RSA not activated, for the sake of RSA-alt */
nexpaq	0:6c56fb4bc5f0	32	#include "mbedtls/rsa.h"
nexpaq	0:6c56fb4bc5f0	33
nexpaq	0:6c56fb4bc5f0	34	#include <string.h>
nexpaq	0:6c56fb4bc5f0	35
nexpaq	0:6c56fb4bc5f0	36	#if defined(MBEDTLS_ECP_C)
nexpaq	0:6c56fb4bc5f0	37	#include "mbedtls/ecp.h"
nexpaq	0:6c56fb4bc5f0	38	#endif
nexpaq	0:6c56fb4bc5f0	39
nexpaq	0:6c56fb4bc5f0	40	#if defined(MBEDTLS_ECDSA_C)
nexpaq	0:6c56fb4bc5f0	41	#include "mbedtls/ecdsa.h"
nexpaq	0:6c56fb4bc5f0	42	#endif
nexpaq	0:6c56fb4bc5f0	43
nexpaq	0:6c56fb4bc5f0	44	#if defined(MBEDTLS_PLATFORM_C)
nexpaq	0:6c56fb4bc5f0	45	#include "mbedtls/platform.h"
nexpaq	0:6c56fb4bc5f0	46	#else
nexpaq	0:6c56fb4bc5f0	47	#include <stdlib.h>
nexpaq	0:6c56fb4bc5f0	48	#define mbedtls_calloc calloc
nexpaq	0:6c56fb4bc5f0	49	#define mbedtls_free free
nexpaq	0:6c56fb4bc5f0	50	#endif
nexpaq	0:6c56fb4bc5f0	51
nexpaq	0:6c56fb4bc5f0	52	#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
nexpaq	0:6c56fb4bc5f0	53	/* Implementation that should never be optimized out by the compiler */
nexpaq	0:6c56fb4bc5f0	54	static void mbedtls_zeroize( void *v, size_t n ) {
nexpaq	0:6c56fb4bc5f0	55	volatile unsigned char p = v; while( n-- ) p++ = 0;
nexpaq	0:6c56fb4bc5f0	56	}
nexpaq	0:6c56fb4bc5f0	57	#endif
nexpaq	0:6c56fb4bc5f0	58
nexpaq	0:6c56fb4bc5f0	59	#if defined(MBEDTLS_RSA_C)
nexpaq	0:6c56fb4bc5f0	60	static int rsa_can_do( mbedtls_pk_type_t type )
nexpaq	0:6c56fb4bc5f0	61	{
nexpaq	0:6c56fb4bc5f0	62	return( type == MBEDTLS_PK_RSA \|\|
nexpaq	0:6c56fb4bc5f0	63	type == MBEDTLS_PK_RSASSA_PSS );
nexpaq	0:6c56fb4bc5f0	64	}
nexpaq	0:6c56fb4bc5f0	65
nexpaq	0:6c56fb4bc5f0	66	static size_t rsa_get_bitlen( const void *ctx )
nexpaq	0:6c56fb4bc5f0	67	{
nexpaq	0:6c56fb4bc5f0	68	return( 8 * ((const mbedtls_rsa_context *) ctx)->len );
nexpaq	0:6c56fb4bc5f0	69	}
nexpaq	0:6c56fb4bc5f0	70
nexpaq	0:6c56fb4bc5f0	71	static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	72	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	73	const unsigned char *sig, size_t sig_len )
nexpaq	0:6c56fb4bc5f0	74	{
nexpaq	0:6c56fb4bc5f0	75	int ret;
nexpaq	0:6c56fb4bc5f0	76
nexpaq	0:6c56fb4bc5f0	77	if( sig_len < ((mbedtls_rsa_context *) ctx)->len )
nexpaq	0:6c56fb4bc5f0	78	return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
nexpaq	0:6c56fb4bc5f0	79
nexpaq	0:6c56fb4bc5f0	80	if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL,
nexpaq	0:6c56fb4bc5f0	81	MBEDTLS_RSA_PUBLIC, md_alg,
nexpaq	0:6c56fb4bc5f0	82	(unsigned int) hash_len, hash, sig ) ) != 0 )
nexpaq	0:6c56fb4bc5f0	83	return( ret );
nexpaq	0:6c56fb4bc5f0	84
nexpaq	0:6c56fb4bc5f0	85	if( sig_len > ((mbedtls_rsa_context *) ctx)->len )
nexpaq	0:6c56fb4bc5f0	86	return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
nexpaq	0:6c56fb4bc5f0	87
nexpaq	0:6c56fb4bc5f0	88	return( 0 );
nexpaq	0:6c56fb4bc5f0	89	}
nexpaq	0:6c56fb4bc5f0	90
nexpaq	0:6c56fb4bc5f0	91	static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	92	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	93	unsigned char sig, size_t sig_len,
nexpaq	0:6c56fb4bc5f0	94	int (f_rng)(void , unsigned char , size_t), void p_rng )
nexpaq	0:6c56fb4bc5f0	95	{
nexpaq	0:6c56fb4bc5f0	96	sig_len = ((mbedtls_rsa_context ) ctx)->len;
nexpaq	0:6c56fb4bc5f0	97
nexpaq	0:6c56fb4bc5f0	98	return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
nexpaq	0:6c56fb4bc5f0	99	md_alg, (unsigned int) hash_len, hash, sig ) );
nexpaq	0:6c56fb4bc5f0	100	}
nexpaq	0:6c56fb4bc5f0	101
nexpaq	0:6c56fb4bc5f0	102	static int rsa_decrypt_wrap( void *ctx,
nexpaq	0:6c56fb4bc5f0	103	const unsigned char *input, size_t ilen,
nexpaq	0:6c56fb4bc5f0	104	unsigned char output, size_t olen, size_t osize,
nexpaq	0:6c56fb4bc5f0	105	int (f_rng)(void , unsigned char , size_t), void p_rng )
nexpaq	0:6c56fb4bc5f0	106	{
nexpaq	0:6c56fb4bc5f0	107	if( ilen != ((mbedtls_rsa_context *) ctx)->len )
nexpaq	0:6c56fb4bc5f0	108	return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	109
nexpaq	0:6c56fb4bc5f0	110	return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
nexpaq	0:6c56fb4bc5f0	111	MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
nexpaq	0:6c56fb4bc5f0	112	}
nexpaq	0:6c56fb4bc5f0	113
nexpaq	0:6c56fb4bc5f0	114	static int rsa_encrypt_wrap( void *ctx,
nexpaq	0:6c56fb4bc5f0	115	const unsigned char *input, size_t ilen,
nexpaq	0:6c56fb4bc5f0	116	unsigned char output, size_t olen, size_t osize,
nexpaq	0:6c56fb4bc5f0	117	int (f_rng)(void , unsigned char , size_t), void p_rng )
nexpaq	0:6c56fb4bc5f0	118	{
nexpaq	0:6c56fb4bc5f0	119	olen = ((mbedtls_rsa_context ) ctx)->len;
nexpaq	0:6c56fb4bc5f0	120
nexpaq	0:6c56fb4bc5f0	121	if( *olen > osize )
nexpaq	0:6c56fb4bc5f0	122	return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
nexpaq	0:6c56fb4bc5f0	123
nexpaq	0:6c56fb4bc5f0	124	return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx,
nexpaq	0:6c56fb4bc5f0	125	f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) );
nexpaq	0:6c56fb4bc5f0	126	}
nexpaq	0:6c56fb4bc5f0	127
nexpaq	0:6c56fb4bc5f0	128	static int rsa_check_pair_wrap( const void pub, const void prv )
nexpaq	0:6c56fb4bc5f0	129	{
nexpaq	0:6c56fb4bc5f0	130	return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
nexpaq	0:6c56fb4bc5f0	131	(const mbedtls_rsa_context *) prv ) );
nexpaq	0:6c56fb4bc5f0	132	}
nexpaq	0:6c56fb4bc5f0	133
nexpaq	0:6c56fb4bc5f0	134	static void *rsa_alloc_wrap( void )
nexpaq	0:6c56fb4bc5f0	135	{
nexpaq	0:6c56fb4bc5f0	136	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) );
nexpaq	0:6c56fb4bc5f0	137
nexpaq	0:6c56fb4bc5f0	138	if( ctx != NULL )
nexpaq	0:6c56fb4bc5f0	139	mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 );
nexpaq	0:6c56fb4bc5f0	140
nexpaq	0:6c56fb4bc5f0	141	return( ctx );
nexpaq	0:6c56fb4bc5f0	142	}
nexpaq	0:6c56fb4bc5f0	143
nexpaq	0:6c56fb4bc5f0	144	static void rsa_free_wrap( void *ctx )
nexpaq	0:6c56fb4bc5f0	145	{
nexpaq	0:6c56fb4bc5f0	146	mbedtls_rsa_free( (mbedtls_rsa_context *) ctx );
nexpaq	0:6c56fb4bc5f0	147	mbedtls_free( ctx );
nexpaq	0:6c56fb4bc5f0	148	}
nexpaq	0:6c56fb4bc5f0	149
nexpaq	0:6c56fb4bc5f0	150	static void rsa_debug( const void ctx, mbedtls_pk_debug_item items )
nexpaq	0:6c56fb4bc5f0	151	{
nexpaq	0:6c56fb4bc5f0	152	items->type = MBEDTLS_PK_DEBUG_MPI;
nexpaq	0:6c56fb4bc5f0	153	items->name = "rsa.N";
nexpaq	0:6c56fb4bc5f0	154	items->value = &( ((mbedtls_rsa_context *) ctx)->N );
nexpaq	0:6c56fb4bc5f0	155
nexpaq	0:6c56fb4bc5f0	156	items++;
nexpaq	0:6c56fb4bc5f0	157
nexpaq	0:6c56fb4bc5f0	158	items->type = MBEDTLS_PK_DEBUG_MPI;
nexpaq	0:6c56fb4bc5f0	159	items->name = "rsa.E";
nexpaq	0:6c56fb4bc5f0	160	items->value = &( ((mbedtls_rsa_context *) ctx)->E );
nexpaq	0:6c56fb4bc5f0	161	}
nexpaq	0:6c56fb4bc5f0	162
nexpaq	0:6c56fb4bc5f0	163	const mbedtls_pk_info_t mbedtls_rsa_info = {
nexpaq	0:6c56fb4bc5f0	164	MBEDTLS_PK_RSA,
nexpaq	0:6c56fb4bc5f0	165	"RSA",
nexpaq	0:6c56fb4bc5f0	166	rsa_get_bitlen,
nexpaq	0:6c56fb4bc5f0	167	rsa_can_do,
nexpaq	0:6c56fb4bc5f0	168	rsa_verify_wrap,
nexpaq	0:6c56fb4bc5f0	169	rsa_sign_wrap,
nexpaq	0:6c56fb4bc5f0	170	rsa_decrypt_wrap,
nexpaq	0:6c56fb4bc5f0	171	rsa_encrypt_wrap,
nexpaq	0:6c56fb4bc5f0	172	rsa_check_pair_wrap,
nexpaq	0:6c56fb4bc5f0	173	rsa_alloc_wrap,
nexpaq	0:6c56fb4bc5f0	174	rsa_free_wrap,
nexpaq	0:6c56fb4bc5f0	175	rsa_debug,
nexpaq	0:6c56fb4bc5f0	176	};
nexpaq	0:6c56fb4bc5f0	177	#endif /* MBEDTLS_RSA_C */
nexpaq	0:6c56fb4bc5f0	178
nexpaq	0:6c56fb4bc5f0	179	#if defined(MBEDTLS_ECP_C)
nexpaq	0:6c56fb4bc5f0	180	/*
nexpaq	0:6c56fb4bc5f0	181	* Generic EC key
nexpaq	0:6c56fb4bc5f0	182	*/
nexpaq	0:6c56fb4bc5f0	183	static int eckey_can_do( mbedtls_pk_type_t type )
nexpaq	0:6c56fb4bc5f0	184	{
nexpaq	0:6c56fb4bc5f0	185	return( type == MBEDTLS_PK_ECKEY \|\|
nexpaq	0:6c56fb4bc5f0	186	type == MBEDTLS_PK_ECKEY_DH \|\|
nexpaq	0:6c56fb4bc5f0	187	type == MBEDTLS_PK_ECDSA );
nexpaq	0:6c56fb4bc5f0	188	}
nexpaq	0:6c56fb4bc5f0	189
nexpaq	0:6c56fb4bc5f0	190	static size_t eckey_get_bitlen( const void *ctx )
nexpaq	0:6c56fb4bc5f0	191	{
nexpaq	0:6c56fb4bc5f0	192	return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits );
nexpaq	0:6c56fb4bc5f0	193	}
nexpaq	0:6c56fb4bc5f0	194
nexpaq	0:6c56fb4bc5f0	195	#if defined(MBEDTLS_ECDSA_C)
nexpaq	0:6c56fb4bc5f0	196	/* Forward declarations */
nexpaq	0:6c56fb4bc5f0	197	static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	198	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	199	const unsigned char *sig, size_t sig_len );
nexpaq	0:6c56fb4bc5f0	200
nexpaq	0:6c56fb4bc5f0	201	static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	202	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	203	unsigned char sig, size_t sig_len,
nexpaq	0:6c56fb4bc5f0	204	int (f_rng)(void , unsigned char , size_t), void p_rng );
nexpaq	0:6c56fb4bc5f0	205
nexpaq	0:6c56fb4bc5f0	206	static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	207	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	208	const unsigned char *sig, size_t sig_len )
nexpaq	0:6c56fb4bc5f0	209	{
nexpaq	0:6c56fb4bc5f0	210	int ret;
nexpaq	0:6c56fb4bc5f0	211	mbedtls_ecdsa_context ecdsa;
nexpaq	0:6c56fb4bc5f0	212
nexpaq	0:6c56fb4bc5f0	213	mbedtls_ecdsa_init( &ecdsa );
nexpaq	0:6c56fb4bc5f0	214
nexpaq	0:6c56fb4bc5f0	215	if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
nexpaq	0:6c56fb4bc5f0	216	ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
nexpaq	0:6c56fb4bc5f0	217
nexpaq	0:6c56fb4bc5f0	218	mbedtls_ecdsa_free( &ecdsa );
nexpaq	0:6c56fb4bc5f0	219
nexpaq	0:6c56fb4bc5f0	220	return( ret );
nexpaq	0:6c56fb4bc5f0	221	}
nexpaq	0:6c56fb4bc5f0	222
nexpaq	0:6c56fb4bc5f0	223	static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	224	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	225	unsigned char sig, size_t sig_len,
nexpaq	0:6c56fb4bc5f0	226	int (f_rng)(void , unsigned char , size_t), void p_rng )
nexpaq	0:6c56fb4bc5f0	227	{
nexpaq	0:6c56fb4bc5f0	228	int ret;
nexpaq	0:6c56fb4bc5f0	229	mbedtls_ecdsa_context ecdsa;
nexpaq	0:6c56fb4bc5f0	230
nexpaq	0:6c56fb4bc5f0	231	mbedtls_ecdsa_init( &ecdsa );
nexpaq	0:6c56fb4bc5f0	232
nexpaq	0:6c56fb4bc5f0	233	if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
nexpaq	0:6c56fb4bc5f0	234	ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
nexpaq	0:6c56fb4bc5f0	235	f_rng, p_rng );
nexpaq	0:6c56fb4bc5f0	236
nexpaq	0:6c56fb4bc5f0	237	mbedtls_ecdsa_free( &ecdsa );
nexpaq	0:6c56fb4bc5f0	238
nexpaq	0:6c56fb4bc5f0	239	return( ret );
nexpaq	0:6c56fb4bc5f0	240	}
nexpaq	0:6c56fb4bc5f0	241
nexpaq	0:6c56fb4bc5f0	242	#endif /* MBEDTLS_ECDSA_C */
nexpaq	0:6c56fb4bc5f0	243
nexpaq	0:6c56fb4bc5f0	244	static int eckey_check_pair( const void pub, const void prv )
nexpaq	0:6c56fb4bc5f0	245	{
nexpaq	0:6c56fb4bc5f0	246	return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
nexpaq	0:6c56fb4bc5f0	247	(const mbedtls_ecp_keypair *) prv ) );
nexpaq	0:6c56fb4bc5f0	248	}
nexpaq	0:6c56fb4bc5f0	249
nexpaq	0:6c56fb4bc5f0	250	static void *eckey_alloc_wrap( void )
nexpaq	0:6c56fb4bc5f0	251	{
nexpaq	0:6c56fb4bc5f0	252	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) );
nexpaq	0:6c56fb4bc5f0	253
nexpaq	0:6c56fb4bc5f0	254	if( ctx != NULL )
nexpaq	0:6c56fb4bc5f0	255	mbedtls_ecp_keypair_init( ctx );
nexpaq	0:6c56fb4bc5f0	256
nexpaq	0:6c56fb4bc5f0	257	return( ctx );
nexpaq	0:6c56fb4bc5f0	258	}
nexpaq	0:6c56fb4bc5f0	259
nexpaq	0:6c56fb4bc5f0	260	static void eckey_free_wrap( void *ctx )
nexpaq	0:6c56fb4bc5f0	261	{
nexpaq	0:6c56fb4bc5f0	262	mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx );
nexpaq	0:6c56fb4bc5f0	263	mbedtls_free( ctx );
nexpaq	0:6c56fb4bc5f0	264	}
nexpaq	0:6c56fb4bc5f0	265
nexpaq	0:6c56fb4bc5f0	266	static void eckey_debug( const void ctx, mbedtls_pk_debug_item items )
nexpaq	0:6c56fb4bc5f0	267	{
nexpaq	0:6c56fb4bc5f0	268	items->type = MBEDTLS_PK_DEBUG_ECP;
nexpaq	0:6c56fb4bc5f0	269	items->name = "eckey.Q";
nexpaq	0:6c56fb4bc5f0	270	items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
nexpaq	0:6c56fb4bc5f0	271	}
nexpaq	0:6c56fb4bc5f0	272
nexpaq	0:6c56fb4bc5f0	273	const mbedtls_pk_info_t mbedtls_eckey_info = {
nexpaq	0:6c56fb4bc5f0	274	MBEDTLS_PK_ECKEY,
nexpaq	0:6c56fb4bc5f0	275	"EC",
nexpaq	0:6c56fb4bc5f0	276	eckey_get_bitlen,
nexpaq	0:6c56fb4bc5f0	277	eckey_can_do,
nexpaq	0:6c56fb4bc5f0	278	#if defined(MBEDTLS_ECDSA_C)
nexpaq	0:6c56fb4bc5f0	279	eckey_verify_wrap,
nexpaq	0:6c56fb4bc5f0	280	eckey_sign_wrap,
nexpaq	0:6c56fb4bc5f0	281	#else
nexpaq	0:6c56fb4bc5f0	282	NULL,
nexpaq	0:6c56fb4bc5f0	283	NULL,
nexpaq	0:6c56fb4bc5f0	284	#endif
nexpaq	0:6c56fb4bc5f0	285	NULL,
nexpaq	0:6c56fb4bc5f0	286	NULL,
nexpaq	0:6c56fb4bc5f0	287	eckey_check_pair,
nexpaq	0:6c56fb4bc5f0	288	eckey_alloc_wrap,
nexpaq	0:6c56fb4bc5f0	289	eckey_free_wrap,
nexpaq	0:6c56fb4bc5f0	290	eckey_debug,
nexpaq	0:6c56fb4bc5f0	291	};
nexpaq	0:6c56fb4bc5f0	292
nexpaq	0:6c56fb4bc5f0	293	/*
nexpaq	0:6c56fb4bc5f0	294	* EC key restricted to ECDH
nexpaq	0:6c56fb4bc5f0	295	*/
nexpaq	0:6c56fb4bc5f0	296	static int eckeydh_can_do( mbedtls_pk_type_t type )
nexpaq	0:6c56fb4bc5f0	297	{
nexpaq	0:6c56fb4bc5f0	298	return( type == MBEDTLS_PK_ECKEY \|\|
nexpaq	0:6c56fb4bc5f0	299	type == MBEDTLS_PK_ECKEY_DH );
nexpaq	0:6c56fb4bc5f0	300	}
nexpaq	0:6c56fb4bc5f0	301
nexpaq	0:6c56fb4bc5f0	302	const mbedtls_pk_info_t mbedtls_eckeydh_info = {
nexpaq	0:6c56fb4bc5f0	303	MBEDTLS_PK_ECKEY_DH,
nexpaq	0:6c56fb4bc5f0	304	"EC_DH",
nexpaq	0:6c56fb4bc5f0	305	eckey_get_bitlen, /* Same underlying key structure */
nexpaq	0:6c56fb4bc5f0	306	eckeydh_can_do,
nexpaq	0:6c56fb4bc5f0	307	NULL,
nexpaq	0:6c56fb4bc5f0	308	NULL,
nexpaq	0:6c56fb4bc5f0	309	NULL,
nexpaq	0:6c56fb4bc5f0	310	NULL,
nexpaq	0:6c56fb4bc5f0	311	eckey_check_pair,
nexpaq	0:6c56fb4bc5f0	312	eckey_alloc_wrap, /* Same underlying key structure */
nexpaq	0:6c56fb4bc5f0	313	eckey_free_wrap, /* Same underlying key structure */
nexpaq	0:6c56fb4bc5f0	314	eckey_debug, /* Same underlying key structure */
nexpaq	0:6c56fb4bc5f0	315	};
nexpaq	0:6c56fb4bc5f0	316	#endif /* MBEDTLS_ECP_C */
nexpaq	0:6c56fb4bc5f0	317
nexpaq	0:6c56fb4bc5f0	318	#if defined(MBEDTLS_ECDSA_C)
nexpaq	0:6c56fb4bc5f0	319	static int ecdsa_can_do( mbedtls_pk_type_t type )
nexpaq	0:6c56fb4bc5f0	320	{
nexpaq	0:6c56fb4bc5f0	321	return( type == MBEDTLS_PK_ECDSA );
nexpaq	0:6c56fb4bc5f0	322	}
nexpaq	0:6c56fb4bc5f0	323
nexpaq	0:6c56fb4bc5f0	324	static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	325	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	326	const unsigned char *sig, size_t sig_len )
nexpaq	0:6c56fb4bc5f0	327	{
nexpaq	0:6c56fb4bc5f0	328	int ret;
nexpaq	0:6c56fb4bc5f0	329	((void) md_alg);
nexpaq	0:6c56fb4bc5f0	330
nexpaq	0:6c56fb4bc5f0	331	ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx,
nexpaq	0:6c56fb4bc5f0	332	hash, hash_len, sig, sig_len );
nexpaq	0:6c56fb4bc5f0	333
nexpaq	0:6c56fb4bc5f0	334	if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
nexpaq	0:6c56fb4bc5f0	335	return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
nexpaq	0:6c56fb4bc5f0	336
nexpaq	0:6c56fb4bc5f0	337	return( ret );
nexpaq	0:6c56fb4bc5f0	338	}
nexpaq	0:6c56fb4bc5f0	339
nexpaq	0:6c56fb4bc5f0	340	static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	341	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	342	unsigned char sig, size_t sig_len,
nexpaq	0:6c56fb4bc5f0	343	int (f_rng)(void , unsigned char , size_t), void p_rng )
nexpaq	0:6c56fb4bc5f0	344	{
nexpaq	0:6c56fb4bc5f0	345	return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx,
nexpaq	0:6c56fb4bc5f0	346	md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
nexpaq	0:6c56fb4bc5f0	347	}
nexpaq	0:6c56fb4bc5f0	348
nexpaq	0:6c56fb4bc5f0	349	static void *ecdsa_alloc_wrap( void )
nexpaq	0:6c56fb4bc5f0	350	{
nexpaq	0:6c56fb4bc5f0	351	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) );
nexpaq	0:6c56fb4bc5f0	352
nexpaq	0:6c56fb4bc5f0	353	if( ctx != NULL )
nexpaq	0:6c56fb4bc5f0	354	mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx );
nexpaq	0:6c56fb4bc5f0	355
nexpaq	0:6c56fb4bc5f0	356	return( ctx );
nexpaq	0:6c56fb4bc5f0	357	}
nexpaq	0:6c56fb4bc5f0	358
nexpaq	0:6c56fb4bc5f0	359	static void ecdsa_free_wrap( void *ctx )
nexpaq	0:6c56fb4bc5f0	360	{
nexpaq	0:6c56fb4bc5f0	361	mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx );
nexpaq	0:6c56fb4bc5f0	362	mbedtls_free( ctx );
nexpaq	0:6c56fb4bc5f0	363	}
nexpaq	0:6c56fb4bc5f0	364
nexpaq	0:6c56fb4bc5f0	365	const mbedtls_pk_info_t mbedtls_ecdsa_info = {
nexpaq	0:6c56fb4bc5f0	366	MBEDTLS_PK_ECDSA,
nexpaq	0:6c56fb4bc5f0	367	"ECDSA",
nexpaq	0:6c56fb4bc5f0	368	eckey_get_bitlen, /* Compatible key structures */
nexpaq	0:6c56fb4bc5f0	369	ecdsa_can_do,
nexpaq	0:6c56fb4bc5f0	370	ecdsa_verify_wrap,
nexpaq	0:6c56fb4bc5f0	371	ecdsa_sign_wrap,
nexpaq	0:6c56fb4bc5f0	372	NULL,
nexpaq	0:6c56fb4bc5f0	373	NULL,
nexpaq	0:6c56fb4bc5f0	374	eckey_check_pair, /* Compatible key structures */
nexpaq	0:6c56fb4bc5f0	375	ecdsa_alloc_wrap,
nexpaq	0:6c56fb4bc5f0	376	ecdsa_free_wrap,
nexpaq	0:6c56fb4bc5f0	377	eckey_debug, /* Compatible key structures */
nexpaq	0:6c56fb4bc5f0	378	};
nexpaq	0:6c56fb4bc5f0	379	#endif /* MBEDTLS_ECDSA_C */
nexpaq	0:6c56fb4bc5f0	380
nexpaq	0:6c56fb4bc5f0	381	#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
nexpaq	0:6c56fb4bc5f0	382	/*
nexpaq	0:6c56fb4bc5f0	383	* Support for alternative RSA-private implementations
nexpaq	0:6c56fb4bc5f0	384	*/
nexpaq	0:6c56fb4bc5f0	385
nexpaq	0:6c56fb4bc5f0	386	static int rsa_alt_can_do( mbedtls_pk_type_t type )
nexpaq	0:6c56fb4bc5f0	387	{
nexpaq	0:6c56fb4bc5f0	388	return( type == MBEDTLS_PK_RSA );
nexpaq	0:6c56fb4bc5f0	389	}
nexpaq	0:6c56fb4bc5f0	390
nexpaq	0:6c56fb4bc5f0	391	static size_t rsa_alt_get_bitlen( const void *ctx )
nexpaq	0:6c56fb4bc5f0	392	{
nexpaq	0:6c56fb4bc5f0	393	const mbedtls_rsa_alt_context rsa_alt = (const mbedtls_rsa_alt_context ) ctx;
nexpaq	0:6c56fb4bc5f0	394
nexpaq	0:6c56fb4bc5f0	395	return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
nexpaq	0:6c56fb4bc5f0	396	}
nexpaq	0:6c56fb4bc5f0	397
nexpaq	0:6c56fb4bc5f0	398	static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
nexpaq	0:6c56fb4bc5f0	399	const unsigned char *hash, size_t hash_len,
nexpaq	0:6c56fb4bc5f0	400	unsigned char sig, size_t sig_len,
nexpaq	0:6c56fb4bc5f0	401	int (f_rng)(void , unsigned char , size_t), void p_rng )
nexpaq	0:6c56fb4bc5f0	402	{
nexpaq	0:6c56fb4bc5f0	403	mbedtls_rsa_alt_context rsa_alt = (mbedtls_rsa_alt_context ) ctx;
nexpaq	0:6c56fb4bc5f0	404
nexpaq	0:6c56fb4bc5f0	405	*sig_len = rsa_alt->key_len_func( rsa_alt->key );
nexpaq	0:6c56fb4bc5f0	406
nexpaq	0:6c56fb4bc5f0	407	return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
nexpaq	0:6c56fb4bc5f0	408	md_alg, (unsigned int) hash_len, hash, sig ) );
nexpaq	0:6c56fb4bc5f0	409	}
nexpaq	0:6c56fb4bc5f0	410
nexpaq	0:6c56fb4bc5f0	411	static int rsa_alt_decrypt_wrap( void *ctx,
nexpaq	0:6c56fb4bc5f0	412	const unsigned char *input, size_t ilen,
nexpaq	0:6c56fb4bc5f0	413	unsigned char output, size_t olen, size_t osize,
nexpaq	0:6c56fb4bc5f0	414	int (f_rng)(void , unsigned char , size_t), void p_rng )
nexpaq	0:6c56fb4bc5f0	415	{
nexpaq	0:6c56fb4bc5f0	416	mbedtls_rsa_alt_context rsa_alt = (mbedtls_rsa_alt_context ) ctx;
nexpaq	0:6c56fb4bc5f0	417
nexpaq	0:6c56fb4bc5f0	418	((void) f_rng);
nexpaq	0:6c56fb4bc5f0	419	((void) p_rng);
nexpaq	0:6c56fb4bc5f0	420
nexpaq	0:6c56fb4bc5f0	421	if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
nexpaq	0:6c56fb4bc5f0	422	return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
nexpaq	0:6c56fb4bc5f0	423
nexpaq	0:6c56fb4bc5f0	424	return( rsa_alt->decrypt_func( rsa_alt->key,
nexpaq	0:6c56fb4bc5f0	425	MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
nexpaq	0:6c56fb4bc5f0	426	}
nexpaq	0:6c56fb4bc5f0	427
nexpaq	0:6c56fb4bc5f0	428	#if defined(MBEDTLS_RSA_C)
nexpaq	0:6c56fb4bc5f0	429	static int rsa_alt_check_pair( const void pub, const void prv )
nexpaq	0:6c56fb4bc5f0	430	{
nexpaq	0:6c56fb4bc5f0	431	unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
nexpaq	0:6c56fb4bc5f0	432	unsigned char hash[32];
nexpaq	0:6c56fb4bc5f0	433	size_t sig_len = 0;
nexpaq	0:6c56fb4bc5f0	434	int ret;
nexpaq	0:6c56fb4bc5f0	435
nexpaq	0:6c56fb4bc5f0	436	if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) )
nexpaq	0:6c56fb4bc5f0	437	return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
nexpaq	0:6c56fb4bc5f0	438
nexpaq	0:6c56fb4bc5f0	439	memset( hash, 0x2a, sizeof( hash ) );
nexpaq	0:6c56fb4bc5f0	440
nexpaq	0:6c56fb4bc5f0	441	if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
nexpaq	0:6c56fb4bc5f0	442	hash, sizeof( hash ),
nexpaq	0:6c56fb4bc5f0	443	sig, &sig_len, NULL, NULL ) ) != 0 )
nexpaq	0:6c56fb4bc5f0	444	{
nexpaq	0:6c56fb4bc5f0	445	return( ret );
nexpaq	0:6c56fb4bc5f0	446	}
nexpaq	0:6c56fb4bc5f0	447
nexpaq	0:6c56fb4bc5f0	448	if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE,
nexpaq	0:6c56fb4bc5f0	449	hash, sizeof( hash ), sig, sig_len ) != 0 )
nexpaq	0:6c56fb4bc5f0	450	{
nexpaq	0:6c56fb4bc5f0	451	return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
nexpaq	0:6c56fb4bc5f0	452	}
nexpaq	0:6c56fb4bc5f0	453
nexpaq	0:6c56fb4bc5f0	454	return( 0 );
nexpaq	0:6c56fb4bc5f0	455	}
nexpaq	0:6c56fb4bc5f0	456	#endif /* MBEDTLS_RSA_C */
nexpaq	0:6c56fb4bc5f0	457
nexpaq	0:6c56fb4bc5f0	458	static void *rsa_alt_alloc_wrap( void )
nexpaq	0:6c56fb4bc5f0	459	{
nexpaq	0:6c56fb4bc5f0	460	void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) );
nexpaq	0:6c56fb4bc5f0	461
nexpaq	0:6c56fb4bc5f0	462	if( ctx != NULL )
nexpaq	0:6c56fb4bc5f0	463	memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) );
nexpaq	0:6c56fb4bc5f0	464
nexpaq	0:6c56fb4bc5f0	465	return( ctx );
nexpaq	0:6c56fb4bc5f0	466	}
nexpaq	0:6c56fb4bc5f0	467
nexpaq	0:6c56fb4bc5f0	468	static void rsa_alt_free_wrap( void *ctx )
nexpaq	0:6c56fb4bc5f0	469	{
nexpaq	0:6c56fb4bc5f0	470	mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) );
nexpaq	0:6c56fb4bc5f0	471	mbedtls_free( ctx );
nexpaq	0:6c56fb4bc5f0	472	}
nexpaq	0:6c56fb4bc5f0	473
nexpaq	0:6c56fb4bc5f0	474	const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
nexpaq	0:6c56fb4bc5f0	475	MBEDTLS_PK_RSA_ALT,
nexpaq	0:6c56fb4bc5f0	476	"RSA-alt",
nexpaq	0:6c56fb4bc5f0	477	rsa_alt_get_bitlen,
nexpaq	0:6c56fb4bc5f0	478	rsa_alt_can_do,
nexpaq	0:6c56fb4bc5f0	479	NULL,
nexpaq	0:6c56fb4bc5f0	480	rsa_alt_sign_wrap,
nexpaq	0:6c56fb4bc5f0	481	rsa_alt_decrypt_wrap,
nexpaq	0:6c56fb4bc5f0	482	NULL,
nexpaq	0:6c56fb4bc5f0	483	#if defined(MBEDTLS_RSA_C)
nexpaq	0:6c56fb4bc5f0	484	rsa_alt_check_pair,
nexpaq	0:6c56fb4bc5f0	485	#else
nexpaq	0:6c56fb4bc5f0	486	NULL,
nexpaq	0:6c56fb4bc5f0	487	#endif
nexpaq	0:6c56fb4bc5f0	488	rsa_alt_alloc_wrap,
nexpaq	0:6c56fb4bc5f0	489	rsa_alt_free_wrap,
nexpaq	0:6c56fb4bc5f0	490	NULL,
nexpaq	0:6c56fb4bc5f0	491	};
nexpaq	0:6c56fb4bc5f0	492
nexpaq	0:6c56fb4bc5f0	493	#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
nexpaq	0:6c56fb4bc5f0	494
nexpaq	0:6c56fb4bc5f0	495	#endif /* MBEDTLS_PK_C */

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	04 Nov 2016
Imports:	5
Forks:	0
Commits:	2
Dependents:	0
Dependencies:	0
Followers:	1

This repository is Public (Unlisted).

features/mbedtls/src/pk_wrap.c@0:6c56fb4bc5f0, 2016-11-04 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning