wolf SSL
wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
wolfcrypt/src/signature.c@3:6f956bdb3073, 2016-04-28 (annotated)
- Committer:
- wolfSSL
- Date:
- Thu Apr 28 00:56:55 2016 +0000
- Revision:
- 3:6f956bdb3073
wolfSSL 3.9.0
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 3:6f956bdb3073 | 1 | /* signature.c |
| wolfSSL | 3:6f956bdb3073 | 2 | * |
| wolfSSL | 3:6f956bdb3073 | 3 | * Copyright (C) 2006-2016 wolfSSL Inc. |
| wolfSSL | 3:6f956bdb3073 | 4 | * |
| wolfSSL | 3:6f956bdb3073 | 5 | * This file is part of wolfSSL. |
| wolfSSL | 3:6f956bdb3073 | 6 | * |
| wolfSSL | 3:6f956bdb3073 | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 3:6f956bdb3073 | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 3:6f956bdb3073 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 3:6f956bdb3073 | 10 | * (at your option) any later version. |
| wolfSSL | 3:6f956bdb3073 | 11 | * |
| wolfSSL | 3:6f956bdb3073 | 12 | * wolfSSL is distributed in the hope that it will be useful, |
| wolfSSL | 3:6f956bdb3073 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 3:6f956bdb3073 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 3:6f956bdb3073 | 15 | * GNU General Public License for more details. |
| wolfSSL | 3:6f956bdb3073 | 16 | * |
| wolfSSL | 3:6f956bdb3073 | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 3:6f956bdb3073 | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 3:6f956bdb3073 | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
| wolfSSL | 3:6f956bdb3073 | 20 | */ |
| wolfSSL | 3:6f956bdb3073 | 21 | |
| wolfSSL | 3:6f956bdb3073 | 22 | |
| wolfSSL | 3:6f956bdb3073 | 23 | #ifdef HAVE_CONFIG_H |
| wolfSSL | 3:6f956bdb3073 | 24 | #include <config.h> |
| wolfSSL | 3:6f956bdb3073 | 25 | #endif |
| wolfSSL | 3:6f956bdb3073 | 26 | |
| wolfSSL | 3:6f956bdb3073 | 27 | #include <wolfssl/wolfcrypt/settings.h> |
| wolfSSL | 3:6f956bdb3073 | 28 | #include <wolfssl/wolfcrypt/signature.h> |
| wolfSSL | 3:6f956bdb3073 | 29 | #include <wolfssl/wolfcrypt/error-crypt.h> |
| wolfSSL | 3:6f956bdb3073 | 30 | #include <wolfssl/wolfcrypt/logging.h> |
| wolfSSL | 3:6f956bdb3073 | 31 | #ifndef NO_ASN |
| wolfSSL | 3:6f956bdb3073 | 32 | #include <wolfssl/wolfcrypt/asn.h> |
| wolfSSL | 3:6f956bdb3073 | 33 | #endif |
| wolfSSL | 3:6f956bdb3073 | 34 | #ifdef HAVE_ECC |
| wolfSSL | 3:6f956bdb3073 | 35 | #include <wolfssl/wolfcrypt/ecc.h> |
| wolfSSL | 3:6f956bdb3073 | 36 | #endif |
| wolfSSL | 3:6f956bdb3073 | 37 | #ifndef NO_RSA |
| wolfSSL | 3:6f956bdb3073 | 38 | #include <wolfssl/wolfcrypt/rsa.h> |
| wolfSSL | 3:6f956bdb3073 | 39 | #endif |
| wolfSSL | 3:6f956bdb3073 | 40 | |
| wolfSSL | 3:6f956bdb3073 | 41 | /* If ECC and RSA are disabled then disable signature wrapper */ |
| wolfSSL | 3:6f956bdb3073 | 42 | #if (!defined(HAVE_ECC) || (defined(HAVE_ECC) && !defined(HAVE_ECC_SIGN) \ |
| wolfSSL | 3:6f956bdb3073 | 43 | && !defined(HAVE_ECC_VERIFY))) && defined(NO_RSA) |
| wolfSSL | 3:6f956bdb3073 | 44 | #undef NO_SIG_WRAPPER |
| wolfSSL | 3:6f956bdb3073 | 45 | #define NO_SIG_WRAPPER |
| wolfSSL | 3:6f956bdb3073 | 46 | #endif |
| wolfSSL | 3:6f956bdb3073 | 47 | |
| wolfSSL | 3:6f956bdb3073 | 48 | /* Signature wrapper disabled check */ |
| wolfSSL | 3:6f956bdb3073 | 49 | #ifndef NO_SIG_WRAPPER |
| wolfSSL | 3:6f956bdb3073 | 50 | |
| wolfSSL | 3:6f956bdb3073 | 51 | #if !defined(NO_RSA) && !defined(NO_ASN) |
| wolfSSL | 3:6f956bdb3073 | 52 | static int wc_SignatureDerEncode(enum wc_HashType hash_type, byte** hash_data, |
| wolfSSL | 3:6f956bdb3073 | 53 | word32* hash_len) |
| wolfSSL | 3:6f956bdb3073 | 54 | { |
| wolfSSL | 3:6f956bdb3073 | 55 | int ret = wc_HashGetOID(hash_type); |
| wolfSSL | 3:6f956bdb3073 | 56 | if (ret > 0) { |
| wolfSSL | 3:6f956bdb3073 | 57 | int oid = ret; |
| wolfSSL | 3:6f956bdb3073 | 58 | |
| wolfSSL | 3:6f956bdb3073 | 59 | /* Allocate buffer for hash and max DER encoded */ |
| wolfSSL | 3:6f956bdb3073 | 60 | word32 digest_len = *hash_len + MAX_DER_DIGEST_SZ; |
| wolfSSL | 3:6f956bdb3073 | 61 | byte *digest_buf = (byte*)XMALLOC(digest_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 62 | if (digest_buf) { |
| wolfSSL | 3:6f956bdb3073 | 63 | ret = wc_EncodeSignature(digest_buf, *hash_data, *hash_len, oid); |
| wolfSSL | 3:6f956bdb3073 | 64 | if (ret > 0) { |
| wolfSSL | 3:6f956bdb3073 | 65 | digest_len = ret; |
| wolfSSL | 3:6f956bdb3073 | 66 | |
| wolfSSL | 3:6f956bdb3073 | 67 | /* Replace hash with digest (DER encoding + hash) */ |
| wolfSSL | 3:6f956bdb3073 | 68 | XFREE(*hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 69 | *hash_data = digest_buf; |
| wolfSSL | 3:6f956bdb3073 | 70 | *hash_len = digest_len; |
| wolfSSL | 3:6f956bdb3073 | 71 | } |
| wolfSSL | 3:6f956bdb3073 | 72 | else { |
| wolfSSL | 3:6f956bdb3073 | 73 | XFREE(digest_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 74 | } |
| wolfSSL | 3:6f956bdb3073 | 75 | } |
| wolfSSL | 3:6f956bdb3073 | 76 | else { |
| wolfSSL | 3:6f956bdb3073 | 77 | ret = MEMORY_E; |
| wolfSSL | 3:6f956bdb3073 | 78 | } |
| wolfSSL | 3:6f956bdb3073 | 79 | } |
| wolfSSL | 3:6f956bdb3073 | 80 | return ret; |
| wolfSSL | 3:6f956bdb3073 | 81 | } |
| wolfSSL | 3:6f956bdb3073 | 82 | #endif /* !NO_RSA && !NO_ASN */ |
| wolfSSL | 3:6f956bdb3073 | 83 | |
| wolfSSL | 3:6f956bdb3073 | 84 | int wc_SignatureGetSize(enum wc_SignatureType sig_type, |
| wolfSSL | 3:6f956bdb3073 | 85 | const void* key, word32 key_len) |
| wolfSSL | 3:6f956bdb3073 | 86 | { |
| wolfSSL | 3:6f956bdb3073 | 87 | int sig_len = BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 88 | |
| wolfSSL | 3:6f956bdb3073 | 89 | /* Suppress possible unused args if all signature types are disabled */ |
| wolfSSL | 3:6f956bdb3073 | 90 | (void)key; |
| wolfSSL | 3:6f956bdb3073 | 91 | (void)key_len; |
| wolfSSL | 3:6f956bdb3073 | 92 | |
| wolfSSL | 3:6f956bdb3073 | 93 | switch(sig_type) { |
| wolfSSL | 3:6f956bdb3073 | 94 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 3:6f956bdb3073 | 95 | #ifdef HAVE_ECC |
| wolfSSL | 3:6f956bdb3073 | 96 | /* Santity check that void* key is at least ecc_key in size */ |
| wolfSSL | 3:6f956bdb3073 | 97 | if (key_len >= sizeof(ecc_key)) { |
| wolfSSL | 3:6f956bdb3073 | 98 | sig_len = wc_ecc_sig_size((ecc_key*)key); |
| wolfSSL | 3:6f956bdb3073 | 99 | } |
| wolfSSL | 3:6f956bdb3073 | 100 | else { |
| wolfSSL | 3:6f956bdb3073 | 101 | WOLFSSL_MSG("wc_SignatureGetSize: Invalid ECC key size"); |
| wolfSSL | 3:6f956bdb3073 | 102 | } |
| wolfSSL | 3:6f956bdb3073 | 103 | #else |
| wolfSSL | 3:6f956bdb3073 | 104 | sig_len = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 105 | #endif |
| wolfSSL | 3:6f956bdb3073 | 106 | break; |
| wolfSSL | 3:6f956bdb3073 | 107 | |
| wolfSSL | 3:6f956bdb3073 | 108 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 3:6f956bdb3073 | 109 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 3:6f956bdb3073 | 110 | #ifndef NO_RSA |
| wolfSSL | 3:6f956bdb3073 | 111 | /* Santity check that void* key is at least RsaKey in size */ |
| wolfSSL | 3:6f956bdb3073 | 112 | if (key_len >= sizeof(RsaKey)) { |
| wolfSSL | 3:6f956bdb3073 | 113 | sig_len = wc_RsaEncryptSize((RsaKey*)key); |
| wolfSSL | 3:6f956bdb3073 | 114 | } |
| wolfSSL | 3:6f956bdb3073 | 115 | else { |
| wolfSSL | 3:6f956bdb3073 | 116 | WOLFSSL_MSG("wc_SignatureGetSize: Invalid RsaKey key size"); |
| wolfSSL | 3:6f956bdb3073 | 117 | } |
| wolfSSL | 3:6f956bdb3073 | 118 | #else |
| wolfSSL | 3:6f956bdb3073 | 119 | sig_len = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 120 | #endif |
| wolfSSL | 3:6f956bdb3073 | 121 | break; |
| wolfSSL | 3:6f956bdb3073 | 122 | |
| wolfSSL | 3:6f956bdb3073 | 123 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 3:6f956bdb3073 | 124 | default: |
| wolfSSL | 3:6f956bdb3073 | 125 | sig_len = BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 126 | break; |
| wolfSSL | 3:6f956bdb3073 | 127 | } |
| wolfSSL | 3:6f956bdb3073 | 128 | return sig_len; |
| wolfSSL | 3:6f956bdb3073 | 129 | } |
| wolfSSL | 3:6f956bdb3073 | 130 | |
| wolfSSL | 3:6f956bdb3073 | 131 | int wc_SignatureVerify( |
| wolfSSL | 3:6f956bdb3073 | 132 | enum wc_HashType hash_type, enum wc_SignatureType sig_type, |
| wolfSSL | 3:6f956bdb3073 | 133 | const byte* data, word32 data_len, |
| wolfSSL | 3:6f956bdb3073 | 134 | const byte* sig, word32 sig_len, |
| wolfSSL | 3:6f956bdb3073 | 135 | const void* key, word32 key_len) |
| wolfSSL | 3:6f956bdb3073 | 136 | { |
| wolfSSL | 3:6f956bdb3073 | 137 | int ret; |
| wolfSSL | 3:6f956bdb3073 | 138 | word32 hash_len; |
| wolfSSL | 3:6f956bdb3073 | 139 | byte *hash_data = NULL; |
| wolfSSL | 3:6f956bdb3073 | 140 | |
| wolfSSL | 3:6f956bdb3073 | 141 | /* Check arguments */ |
| wolfSSL | 3:6f956bdb3073 | 142 | if (data == NULL || data_len <= 0 || sig == NULL || sig_len <= 0 || |
| wolfSSL | 3:6f956bdb3073 | 143 | key == NULL || key_len <= 0) { |
| wolfSSL | 3:6f956bdb3073 | 144 | return BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 145 | } |
| wolfSSL | 3:6f956bdb3073 | 146 | |
| wolfSSL | 3:6f956bdb3073 | 147 | /* Validate signature len (1 to max is okay) */ |
| wolfSSL | 3:6f956bdb3073 | 148 | if ((int)sig_len > wc_SignatureGetSize(sig_type, key, key_len)) { |
| wolfSSL | 3:6f956bdb3073 | 149 | WOLFSSL_MSG("wc_SignatureVerify: Invalid sig type/len"); |
| wolfSSL | 3:6f956bdb3073 | 150 | return BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 151 | } |
| wolfSSL | 3:6f956bdb3073 | 152 | |
| wolfSSL | 3:6f956bdb3073 | 153 | /* Validate hash size */ |
| wolfSSL | 3:6f956bdb3073 | 154 | ret = wc_HashGetDigestSize(hash_type); |
| wolfSSL | 3:6f956bdb3073 | 155 | if (ret < 0) { |
| wolfSSL | 3:6f956bdb3073 | 156 | WOLFSSL_MSG("wc_SignatureVerify: Invalid hash type/len"); |
| wolfSSL | 3:6f956bdb3073 | 157 | return ret; |
| wolfSSL | 3:6f956bdb3073 | 158 | } |
| wolfSSL | 3:6f956bdb3073 | 159 | hash_len = ret; |
| wolfSSL | 3:6f956bdb3073 | 160 | |
| wolfSSL | 3:6f956bdb3073 | 161 | /* Allocate temporary buffer for hash data */ |
| wolfSSL | 3:6f956bdb3073 | 162 | hash_data = (byte*)XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 163 | if (hash_data == NULL) { |
| wolfSSL | 3:6f956bdb3073 | 164 | return MEMORY_E; |
| wolfSSL | 3:6f956bdb3073 | 165 | } |
| wolfSSL | 3:6f956bdb3073 | 166 | |
| wolfSSL | 3:6f956bdb3073 | 167 | /* Perform hash of data */ |
| wolfSSL | 3:6f956bdb3073 | 168 | ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); |
| wolfSSL | 3:6f956bdb3073 | 169 | if(ret == 0) { |
| wolfSSL | 3:6f956bdb3073 | 170 | /* Verify signature using hash as data */ |
| wolfSSL | 3:6f956bdb3073 | 171 | switch(sig_type) { |
| wolfSSL | 3:6f956bdb3073 | 172 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 3:6f956bdb3073 | 173 | { |
| wolfSSL | 3:6f956bdb3073 | 174 | #if defined(HAVE_ECC) && defined(HAVE_ECC_VERIFY) |
| wolfSSL | 3:6f956bdb3073 | 175 | int is_valid_sig = 0; |
| wolfSSL | 3:6f956bdb3073 | 176 | |
| wolfSSL | 3:6f956bdb3073 | 177 | /* Perform verification of signature using provided ECC key */ |
| wolfSSL | 3:6f956bdb3073 | 178 | ret = wc_ecc_verify_hash(sig, sig_len, hash_data, hash_len, &is_valid_sig, (ecc_key*)key); |
| wolfSSL | 3:6f956bdb3073 | 179 | if (ret != 0 || is_valid_sig != 1) { |
| wolfSSL | 3:6f956bdb3073 | 180 | ret = SIG_VERIFY_E; |
| wolfSSL | 3:6f956bdb3073 | 181 | } |
| wolfSSL | 3:6f956bdb3073 | 182 | #else |
| wolfSSL | 3:6f956bdb3073 | 183 | ret = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 184 | #endif |
| wolfSSL | 3:6f956bdb3073 | 185 | break; |
| wolfSSL | 3:6f956bdb3073 | 186 | } |
| wolfSSL | 3:6f956bdb3073 | 187 | |
| wolfSSL | 3:6f956bdb3073 | 188 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 3:6f956bdb3073 | 189 | #if defined(NO_RSA) || defined(NO_ASN) |
| wolfSSL | 3:6f956bdb3073 | 190 | ret = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 191 | break; |
| wolfSSL | 3:6f956bdb3073 | 192 | #else |
| wolfSSL | 3:6f956bdb3073 | 193 | ret = wc_SignatureDerEncode(hash_type, &hash_data, &hash_len); |
| wolfSSL | 3:6f956bdb3073 | 194 | /* Check for error */ |
| wolfSSL | 3:6f956bdb3073 | 195 | if (ret < 0) { |
| wolfSSL | 3:6f956bdb3073 | 196 | break; |
| wolfSSL | 3:6f956bdb3073 | 197 | } |
| wolfSSL | 3:6f956bdb3073 | 198 | /* Otherwise fall-through and perform normal RSA verify against updated |
| wolfSSL | 3:6f956bdb3073 | 199 | * DER encoding + hash */ |
| wolfSSL | 3:6f956bdb3073 | 200 | #endif |
| wolfSSL | 3:6f956bdb3073 | 201 | |
| wolfSSL | 3:6f956bdb3073 | 202 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 3:6f956bdb3073 | 203 | { |
| wolfSSL | 3:6f956bdb3073 | 204 | #ifndef NO_RSA |
| wolfSSL | 3:6f956bdb3073 | 205 | word32 plain_len = hash_len; |
| wolfSSL | 3:6f956bdb3073 | 206 | byte *plain_data; |
| wolfSSL | 3:6f956bdb3073 | 207 | |
| wolfSSL | 3:6f956bdb3073 | 208 | /* Make sure the plain text output is at least key size */ |
| wolfSSL | 3:6f956bdb3073 | 209 | if (plain_len < sig_len) { |
| wolfSSL | 3:6f956bdb3073 | 210 | plain_len = sig_len; |
| wolfSSL | 3:6f956bdb3073 | 211 | } |
| wolfSSL | 3:6f956bdb3073 | 212 | plain_data = (byte*)XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 213 | if (plain_data) { |
| wolfSSL | 3:6f956bdb3073 | 214 | /* Perform verification of signature using provided RSA key */ |
| wolfSSL | 3:6f956bdb3073 | 215 | ret = wc_RsaSSL_Verify(sig, sig_len, plain_data, plain_len, |
| wolfSSL | 3:6f956bdb3073 | 216 | (RsaKey*)key); |
| wolfSSL | 3:6f956bdb3073 | 217 | if (ret >= 0) { |
| wolfSSL | 3:6f956bdb3073 | 218 | if ((word32)ret == hash_len && |
| wolfSSL | 3:6f956bdb3073 | 219 | XMEMCMP(plain_data, hash_data, hash_len) == 0) { |
| wolfSSL | 3:6f956bdb3073 | 220 | ret = 0; /* Success */ |
| wolfSSL | 3:6f956bdb3073 | 221 | } |
| wolfSSL | 3:6f956bdb3073 | 222 | else { |
| wolfSSL | 3:6f956bdb3073 | 223 | WOLFSSL_MSG("RSA Signature Verify difference!"); |
| wolfSSL | 3:6f956bdb3073 | 224 | ret = SIG_VERIFY_E; |
| wolfSSL | 3:6f956bdb3073 | 225 | } |
| wolfSSL | 3:6f956bdb3073 | 226 | } |
| wolfSSL | 3:6f956bdb3073 | 227 | XFREE(plain_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 228 | } |
| wolfSSL | 3:6f956bdb3073 | 229 | else { |
| wolfSSL | 3:6f956bdb3073 | 230 | ret = MEMORY_E; |
| wolfSSL | 3:6f956bdb3073 | 231 | } |
| wolfSSL | 3:6f956bdb3073 | 232 | #else |
| wolfSSL | 3:6f956bdb3073 | 233 | ret = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 234 | #endif |
| wolfSSL | 3:6f956bdb3073 | 235 | break; |
| wolfSSL | 3:6f956bdb3073 | 236 | } |
| wolfSSL | 3:6f956bdb3073 | 237 | |
| wolfSSL | 3:6f956bdb3073 | 238 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 3:6f956bdb3073 | 239 | default: |
| wolfSSL | 3:6f956bdb3073 | 240 | ret = BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 241 | break; |
| wolfSSL | 3:6f956bdb3073 | 242 | } |
| wolfSSL | 3:6f956bdb3073 | 243 | } |
| wolfSSL | 3:6f956bdb3073 | 244 | |
| wolfSSL | 3:6f956bdb3073 | 245 | if (hash_data) { |
| wolfSSL | 3:6f956bdb3073 | 246 | XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 247 | } |
| wolfSSL | 3:6f956bdb3073 | 248 | |
| wolfSSL | 3:6f956bdb3073 | 249 | return ret; |
| wolfSSL | 3:6f956bdb3073 | 250 | } |
| wolfSSL | 3:6f956bdb3073 | 251 | |
| wolfSSL | 3:6f956bdb3073 | 252 | int wc_SignatureGenerate( |
| wolfSSL | 3:6f956bdb3073 | 253 | enum wc_HashType hash_type, enum wc_SignatureType sig_type, |
| wolfSSL | 3:6f956bdb3073 | 254 | const byte* data, word32 data_len, |
| wolfSSL | 3:6f956bdb3073 | 255 | byte* sig, word32 *sig_len, |
| wolfSSL | 3:6f956bdb3073 | 256 | const void* key, word32 key_len, WC_RNG* rng) |
| wolfSSL | 3:6f956bdb3073 | 257 | { |
| wolfSSL | 3:6f956bdb3073 | 258 | int ret; |
| wolfSSL | 3:6f956bdb3073 | 259 | word32 hash_len; |
| wolfSSL | 3:6f956bdb3073 | 260 | byte *hash_data = NULL; |
| wolfSSL | 3:6f956bdb3073 | 261 | |
| wolfSSL | 3:6f956bdb3073 | 262 | /* Suppress possible unused arg if all signature types are disabled */ |
| wolfSSL | 3:6f956bdb3073 | 263 | (void)rng; |
| wolfSSL | 3:6f956bdb3073 | 264 | |
| wolfSSL | 3:6f956bdb3073 | 265 | /* Check arguments */ |
| wolfSSL | 3:6f956bdb3073 | 266 | if (data == NULL || data_len <= 0 || sig == NULL || sig_len == NULL || |
| wolfSSL | 3:6f956bdb3073 | 267 | *sig_len <= 0 || key == NULL || key_len <= 0) { |
| wolfSSL | 3:6f956bdb3073 | 268 | return BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 269 | } |
| wolfSSL | 3:6f956bdb3073 | 270 | |
| wolfSSL | 3:6f956bdb3073 | 271 | /* Validate signature len (needs to be at least max) */ |
| wolfSSL | 3:6f956bdb3073 | 272 | if ((int)*sig_len < wc_SignatureGetSize(sig_type, key, key_len)) { |
| wolfSSL | 3:6f956bdb3073 | 273 | WOLFSSL_MSG("wc_SignatureGenerate: Invalid sig type/len"); |
| wolfSSL | 3:6f956bdb3073 | 274 | return BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 275 | } |
| wolfSSL | 3:6f956bdb3073 | 276 | |
| wolfSSL | 3:6f956bdb3073 | 277 | /* Validate hash size */ |
| wolfSSL | 3:6f956bdb3073 | 278 | ret = wc_HashGetDigestSize(hash_type); |
| wolfSSL | 3:6f956bdb3073 | 279 | if (ret < 0) { |
| wolfSSL | 3:6f956bdb3073 | 280 | WOLFSSL_MSG("wc_SignatureGenerate: Invalid hash type/len"); |
| wolfSSL | 3:6f956bdb3073 | 281 | return ret; |
| wolfSSL | 3:6f956bdb3073 | 282 | } |
| wolfSSL | 3:6f956bdb3073 | 283 | hash_len = ret; |
| wolfSSL | 3:6f956bdb3073 | 284 | |
| wolfSSL | 3:6f956bdb3073 | 285 | /* Allocate temporary buffer for hash data */ |
| wolfSSL | 3:6f956bdb3073 | 286 | hash_data = (byte*)XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 287 | if (hash_data == NULL) { |
| wolfSSL | 3:6f956bdb3073 | 288 | return MEMORY_E; |
| wolfSSL | 3:6f956bdb3073 | 289 | } |
| wolfSSL | 3:6f956bdb3073 | 290 | |
| wolfSSL | 3:6f956bdb3073 | 291 | /* Perform hash of data */ |
| wolfSSL | 3:6f956bdb3073 | 292 | ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); |
| wolfSSL | 3:6f956bdb3073 | 293 | if (ret == 0) { |
| wolfSSL | 3:6f956bdb3073 | 294 | /* Create signature using hash as data */ |
| wolfSSL | 3:6f956bdb3073 | 295 | switch(sig_type) { |
| wolfSSL | 3:6f956bdb3073 | 296 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 3:6f956bdb3073 | 297 | #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) |
| wolfSSL | 3:6f956bdb3073 | 298 | /* Create signature using provided ECC key */ |
| wolfSSL | 3:6f956bdb3073 | 299 | ret = wc_ecc_sign_hash(hash_data, hash_len, sig, sig_len, rng, (ecc_key*)key); |
| wolfSSL | 3:6f956bdb3073 | 300 | #else |
| wolfSSL | 3:6f956bdb3073 | 301 | ret = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 302 | #endif |
| wolfSSL | 3:6f956bdb3073 | 303 | break; |
| wolfSSL | 3:6f956bdb3073 | 304 | |
| wolfSSL | 3:6f956bdb3073 | 305 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 3:6f956bdb3073 | 306 | #if defined(NO_RSA) || defined(NO_ASN) |
| wolfSSL | 3:6f956bdb3073 | 307 | ret = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 308 | break; |
| wolfSSL | 3:6f956bdb3073 | 309 | #else |
| wolfSSL | 3:6f956bdb3073 | 310 | ret = wc_SignatureDerEncode(hash_type, &hash_data, &hash_len); |
| wolfSSL | 3:6f956bdb3073 | 311 | /* Check for error */ |
| wolfSSL | 3:6f956bdb3073 | 312 | if (ret < 0) { |
| wolfSSL | 3:6f956bdb3073 | 313 | break; |
| wolfSSL | 3:6f956bdb3073 | 314 | } |
| wolfSSL | 3:6f956bdb3073 | 315 | /* Otherwise fall-through and perform normal RSA sign against updated |
| wolfSSL | 3:6f956bdb3073 | 316 | * DER encoding + hash */ |
| wolfSSL | 3:6f956bdb3073 | 317 | #endif |
| wolfSSL | 3:6f956bdb3073 | 318 | |
| wolfSSL | 3:6f956bdb3073 | 319 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 3:6f956bdb3073 | 320 | #ifndef NO_RSA |
| wolfSSL | 3:6f956bdb3073 | 321 | /* Create signature using provided RSA key */ |
| wolfSSL | 3:6f956bdb3073 | 322 | ret = wc_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, (RsaKey*)key, rng); |
| wolfSSL | 3:6f956bdb3073 | 323 | if (ret >= 0) { |
| wolfSSL | 3:6f956bdb3073 | 324 | *sig_len = ret; |
| wolfSSL | 3:6f956bdb3073 | 325 | ret = 0; /* Success */ |
| wolfSSL | 3:6f956bdb3073 | 326 | } |
| wolfSSL | 3:6f956bdb3073 | 327 | #else |
| wolfSSL | 3:6f956bdb3073 | 328 | ret = SIG_TYPE_E; |
| wolfSSL | 3:6f956bdb3073 | 329 | #endif |
| wolfSSL | 3:6f956bdb3073 | 330 | break; |
| wolfSSL | 3:6f956bdb3073 | 331 | |
| wolfSSL | 3:6f956bdb3073 | 332 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 3:6f956bdb3073 | 333 | default: |
| wolfSSL | 3:6f956bdb3073 | 334 | ret = BAD_FUNC_ARG; |
| wolfSSL | 3:6f956bdb3073 | 335 | break; |
| wolfSSL | 3:6f956bdb3073 | 336 | } |
| wolfSSL | 3:6f956bdb3073 | 337 | } |
| wolfSSL | 3:6f956bdb3073 | 338 | |
| wolfSSL | 3:6f956bdb3073 | 339 | if (hash_data) { |
| wolfSSL | 3:6f956bdb3073 | 340 | XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 3:6f956bdb3073 | 341 | } |
| wolfSSL | 3:6f956bdb3073 | 342 | |
| wolfSSL | 3:6f956bdb3073 | 343 | return ret; |
| wolfSSL | 3:6f956bdb3073 | 344 | } |
| wolfSSL | 3:6f956bdb3073 | 345 | |
| wolfSSL | 3:6f956bdb3073 | 346 | #endif /* NO_SIG_WRAPPER */ |
| wolfSSL | 3:6f956bdb3073 | 347 |