wolf SSL
wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
wolfcrypt/src/signature.c@11:cee25a834751, 2017-05-30 (annotated)
- Committer:
- wolfSSL
- Date:
- Tue May 30 01:44:10 2017 +0000
- Revision:
- 11:cee25a834751
wolfSSL 3.11.0
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 11:cee25a834751 | 1 | /* signature.c |
| wolfSSL | 11:cee25a834751 | 2 | * |
| wolfSSL | 11:cee25a834751 | 3 | * Copyright (C) 2006-2016 wolfSSL Inc. |
| wolfSSL | 11:cee25a834751 | 4 | * |
| wolfSSL | 11:cee25a834751 | 5 | * This file is part of wolfSSL. |
| wolfSSL | 11:cee25a834751 | 6 | * |
| wolfSSL | 11:cee25a834751 | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 11:cee25a834751 | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 11:cee25a834751 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 11:cee25a834751 | 10 | * (at your option) any later version. |
| wolfSSL | 11:cee25a834751 | 11 | * |
| wolfSSL | 11:cee25a834751 | 12 | * wolfSSL is distributed in the hope that it will be useful, |
| wolfSSL | 11:cee25a834751 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 11:cee25a834751 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 11:cee25a834751 | 15 | * GNU General Public License for more details. |
| wolfSSL | 11:cee25a834751 | 16 | * |
| wolfSSL | 11:cee25a834751 | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 11:cee25a834751 | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 11:cee25a834751 | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
| wolfSSL | 11:cee25a834751 | 20 | */ |
| wolfSSL | 11:cee25a834751 | 21 | |
| wolfSSL | 11:cee25a834751 | 22 | |
| wolfSSL | 11:cee25a834751 | 23 | #ifdef HAVE_CONFIG_H |
| wolfSSL | 11:cee25a834751 | 24 | #include <config.h> |
| wolfSSL | 11:cee25a834751 | 25 | #endif |
| wolfSSL | 11:cee25a834751 | 26 | |
| wolfSSL | 11:cee25a834751 | 27 | #include <wolfssl/wolfcrypt/settings.h> |
| wolfSSL | 11:cee25a834751 | 28 | #include <wolfssl/wolfcrypt/signature.h> |
| wolfSSL | 11:cee25a834751 | 29 | #include <wolfssl/wolfcrypt/error-crypt.h> |
| wolfSSL | 11:cee25a834751 | 30 | #include <wolfssl/wolfcrypt/logging.h> |
| wolfSSL | 11:cee25a834751 | 31 | #ifndef NO_ASN |
| wolfSSL | 11:cee25a834751 | 32 | #include <wolfssl/wolfcrypt/asn.h> |
| wolfSSL | 11:cee25a834751 | 33 | #endif |
| wolfSSL | 11:cee25a834751 | 34 | #ifdef HAVE_ECC |
| wolfSSL | 11:cee25a834751 | 35 | #include <wolfssl/wolfcrypt/ecc.h> |
| wolfSSL | 11:cee25a834751 | 36 | #endif |
| wolfSSL | 11:cee25a834751 | 37 | #ifndef NO_RSA |
| wolfSSL | 11:cee25a834751 | 38 | #include <wolfssl/wolfcrypt/rsa.h> |
| wolfSSL | 11:cee25a834751 | 39 | #endif |
| wolfSSL | 11:cee25a834751 | 40 | |
| wolfSSL | 11:cee25a834751 | 41 | /* If ECC and RSA are disabled then disable signature wrapper */ |
| wolfSSL | 11:cee25a834751 | 42 | #if (!defined(HAVE_ECC) || (defined(HAVE_ECC) && !defined(HAVE_ECC_SIGN) \ |
| wolfSSL | 11:cee25a834751 | 43 | && !defined(HAVE_ECC_VERIFY))) && defined(NO_RSA) |
| wolfSSL | 11:cee25a834751 | 44 | #undef NO_SIG_WRAPPER |
| wolfSSL | 11:cee25a834751 | 45 | #define NO_SIG_WRAPPER |
| wolfSSL | 11:cee25a834751 | 46 | #endif |
| wolfSSL | 11:cee25a834751 | 47 | |
| wolfSSL | 11:cee25a834751 | 48 | /* Signature wrapper disabled check */ |
| wolfSSL | 11:cee25a834751 | 49 | #ifndef NO_SIG_WRAPPER |
| wolfSSL | 11:cee25a834751 | 50 | |
| wolfSSL | 11:cee25a834751 | 51 | #if !defined(NO_RSA) && !defined(NO_ASN) |
| wolfSSL | 11:cee25a834751 | 52 | static int wc_SignatureDerEncode(enum wc_HashType hash_type, byte** hash_data, |
| wolfSSL | 11:cee25a834751 | 53 | word32* hash_len) |
| wolfSSL | 11:cee25a834751 | 54 | { |
| wolfSSL | 11:cee25a834751 | 55 | int ret = wc_HashGetOID(hash_type); |
| wolfSSL | 11:cee25a834751 | 56 | if (ret > 0) { |
| wolfSSL | 11:cee25a834751 | 57 | int oid = ret; |
| wolfSSL | 11:cee25a834751 | 58 | |
| wolfSSL | 11:cee25a834751 | 59 | /* Allocate buffer for hash and max DER encoded */ |
| wolfSSL | 11:cee25a834751 | 60 | word32 digest_len = *hash_len + MAX_DER_DIGEST_SZ; |
| wolfSSL | 11:cee25a834751 | 61 | byte *digest_buf = (byte*)XMALLOC(digest_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 62 | if (digest_buf) { |
| wolfSSL | 11:cee25a834751 | 63 | ret = wc_EncodeSignature(digest_buf, *hash_data, *hash_len, oid); |
| wolfSSL | 11:cee25a834751 | 64 | if (ret > 0) { |
| wolfSSL | 11:cee25a834751 | 65 | digest_len = ret; |
| wolfSSL | 11:cee25a834751 | 66 | |
| wolfSSL | 11:cee25a834751 | 67 | /* Replace hash with digest (DER encoding + hash) */ |
| wolfSSL | 11:cee25a834751 | 68 | XFREE(*hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 69 | *hash_data = digest_buf; |
| wolfSSL | 11:cee25a834751 | 70 | *hash_len = digest_len; |
| wolfSSL | 11:cee25a834751 | 71 | } |
| wolfSSL | 11:cee25a834751 | 72 | else { |
| wolfSSL | 11:cee25a834751 | 73 | XFREE(digest_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 74 | } |
| wolfSSL | 11:cee25a834751 | 75 | } |
| wolfSSL | 11:cee25a834751 | 76 | else { |
| wolfSSL | 11:cee25a834751 | 77 | ret = MEMORY_E; |
| wolfSSL | 11:cee25a834751 | 78 | } |
| wolfSSL | 11:cee25a834751 | 79 | } |
| wolfSSL | 11:cee25a834751 | 80 | return ret; |
| wolfSSL | 11:cee25a834751 | 81 | } |
| wolfSSL | 11:cee25a834751 | 82 | #endif /* !NO_RSA && !NO_ASN */ |
| wolfSSL | 11:cee25a834751 | 83 | |
| wolfSSL | 11:cee25a834751 | 84 | int wc_SignatureGetSize(enum wc_SignatureType sig_type, |
| wolfSSL | 11:cee25a834751 | 85 | const void* key, word32 key_len) |
| wolfSSL | 11:cee25a834751 | 86 | { |
| wolfSSL | 11:cee25a834751 | 87 | int sig_len = BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 88 | |
| wolfSSL | 11:cee25a834751 | 89 | /* Suppress possible unused args if all signature types are disabled */ |
| wolfSSL | 11:cee25a834751 | 90 | (void)key; |
| wolfSSL | 11:cee25a834751 | 91 | (void)key_len; |
| wolfSSL | 11:cee25a834751 | 92 | |
| wolfSSL | 11:cee25a834751 | 93 | switch(sig_type) { |
| wolfSSL | 11:cee25a834751 | 94 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 11:cee25a834751 | 95 | #ifdef HAVE_ECC |
| wolfSSL | 11:cee25a834751 | 96 | /* Santity check that void* key is at least ecc_key in size */ |
| wolfSSL | 11:cee25a834751 | 97 | if (key_len >= sizeof(ecc_key)) { |
| wolfSSL | 11:cee25a834751 | 98 | sig_len = wc_ecc_sig_size((ecc_key*)key); |
| wolfSSL | 11:cee25a834751 | 99 | } |
| wolfSSL | 11:cee25a834751 | 100 | else { |
| wolfSSL | 11:cee25a834751 | 101 | WOLFSSL_MSG("wc_SignatureGetSize: Invalid ECC key size"); |
| wolfSSL | 11:cee25a834751 | 102 | } |
| wolfSSL | 11:cee25a834751 | 103 | #else |
| wolfSSL | 11:cee25a834751 | 104 | sig_len = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 105 | #endif |
| wolfSSL | 11:cee25a834751 | 106 | break; |
| wolfSSL | 11:cee25a834751 | 107 | |
| wolfSSL | 11:cee25a834751 | 108 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 11:cee25a834751 | 109 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 11:cee25a834751 | 110 | #ifndef NO_RSA |
| wolfSSL | 11:cee25a834751 | 111 | /* Santity check that void* key is at least RsaKey in size */ |
| wolfSSL | 11:cee25a834751 | 112 | if (key_len >= sizeof(RsaKey)) { |
| wolfSSL | 11:cee25a834751 | 113 | sig_len = wc_RsaEncryptSize((RsaKey*)key); |
| wolfSSL | 11:cee25a834751 | 114 | } |
| wolfSSL | 11:cee25a834751 | 115 | else { |
| wolfSSL | 11:cee25a834751 | 116 | WOLFSSL_MSG("wc_SignatureGetSize: Invalid RsaKey key size"); |
| wolfSSL | 11:cee25a834751 | 117 | } |
| wolfSSL | 11:cee25a834751 | 118 | #else |
| wolfSSL | 11:cee25a834751 | 119 | sig_len = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 120 | #endif |
| wolfSSL | 11:cee25a834751 | 121 | break; |
| wolfSSL | 11:cee25a834751 | 122 | |
| wolfSSL | 11:cee25a834751 | 123 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 11:cee25a834751 | 124 | default: |
| wolfSSL | 11:cee25a834751 | 125 | sig_len = BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 126 | break; |
| wolfSSL | 11:cee25a834751 | 127 | } |
| wolfSSL | 11:cee25a834751 | 128 | return sig_len; |
| wolfSSL | 11:cee25a834751 | 129 | } |
| wolfSSL | 11:cee25a834751 | 130 | |
| wolfSSL | 11:cee25a834751 | 131 | int wc_SignatureVerify( |
| wolfSSL | 11:cee25a834751 | 132 | enum wc_HashType hash_type, enum wc_SignatureType sig_type, |
| wolfSSL | 11:cee25a834751 | 133 | const byte* data, word32 data_len, |
| wolfSSL | 11:cee25a834751 | 134 | const byte* sig, word32 sig_len, |
| wolfSSL | 11:cee25a834751 | 135 | const void* key, word32 key_len) |
| wolfSSL | 11:cee25a834751 | 136 | { |
| wolfSSL | 11:cee25a834751 | 137 | int ret; |
| wolfSSL | 11:cee25a834751 | 138 | word32 hash_len; |
| wolfSSL | 11:cee25a834751 | 139 | byte *hash_data = NULL; |
| wolfSSL | 11:cee25a834751 | 140 | |
| wolfSSL | 11:cee25a834751 | 141 | /* Check arguments */ |
| wolfSSL | 11:cee25a834751 | 142 | if (data == NULL || data_len <= 0 || sig == NULL || sig_len <= 0 || |
| wolfSSL | 11:cee25a834751 | 143 | key == NULL || key_len <= 0) { |
| wolfSSL | 11:cee25a834751 | 144 | return BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 145 | } |
| wolfSSL | 11:cee25a834751 | 146 | |
| wolfSSL | 11:cee25a834751 | 147 | /* Validate signature len (1 to max is okay) */ |
| wolfSSL | 11:cee25a834751 | 148 | if ((int)sig_len > wc_SignatureGetSize(sig_type, key, key_len)) { |
| wolfSSL | 11:cee25a834751 | 149 | WOLFSSL_MSG("wc_SignatureVerify: Invalid sig type/len"); |
| wolfSSL | 11:cee25a834751 | 150 | return BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 151 | } |
| wolfSSL | 11:cee25a834751 | 152 | |
| wolfSSL | 11:cee25a834751 | 153 | /* Validate hash size */ |
| wolfSSL | 11:cee25a834751 | 154 | ret = wc_HashGetDigestSize(hash_type); |
| wolfSSL | 11:cee25a834751 | 155 | if (ret < 0) { |
| wolfSSL | 11:cee25a834751 | 156 | WOLFSSL_MSG("wc_SignatureVerify: Invalid hash type/len"); |
| wolfSSL | 11:cee25a834751 | 157 | return ret; |
| wolfSSL | 11:cee25a834751 | 158 | } |
| wolfSSL | 11:cee25a834751 | 159 | hash_len = ret; |
| wolfSSL | 11:cee25a834751 | 160 | |
| wolfSSL | 11:cee25a834751 | 161 | /* Allocate temporary buffer for hash data */ |
| wolfSSL | 11:cee25a834751 | 162 | hash_data = (byte*)XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 163 | if (hash_data == NULL) { |
| wolfSSL | 11:cee25a834751 | 164 | return MEMORY_E; |
| wolfSSL | 11:cee25a834751 | 165 | } |
| wolfSSL | 11:cee25a834751 | 166 | |
| wolfSSL | 11:cee25a834751 | 167 | /* Perform hash of data */ |
| wolfSSL | 11:cee25a834751 | 168 | ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); |
| wolfSSL | 11:cee25a834751 | 169 | if(ret == 0) { |
| wolfSSL | 11:cee25a834751 | 170 | /* Verify signature using hash as data */ |
| wolfSSL | 11:cee25a834751 | 171 | switch(sig_type) { |
| wolfSSL | 11:cee25a834751 | 172 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 11:cee25a834751 | 173 | { |
| wolfSSL | 11:cee25a834751 | 174 | #if defined(HAVE_ECC) && defined(HAVE_ECC_VERIFY) |
| wolfSSL | 11:cee25a834751 | 175 | int is_valid_sig = 0; |
| wolfSSL | 11:cee25a834751 | 176 | |
| wolfSSL | 11:cee25a834751 | 177 | /* Perform verification of signature using provided ECC key */ |
| wolfSSL | 11:cee25a834751 | 178 | do { |
| wolfSSL | 11:cee25a834751 | 179 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 11:cee25a834751 | 180 | ret = wc_AsyncWait(ret, &((ecc_key*)key)->asyncDev, |
| wolfSSL | 11:cee25a834751 | 181 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 11:cee25a834751 | 182 | #endif |
| wolfSSL | 11:cee25a834751 | 183 | if (ret >= 0) |
| wolfSSL | 11:cee25a834751 | 184 | ret = wc_ecc_verify_hash(sig, sig_len, hash_data, hash_len, |
| wolfSSL | 11:cee25a834751 | 185 | &is_valid_sig, (ecc_key*)key); |
| wolfSSL | 11:cee25a834751 | 186 | } while (ret == WC_PENDING_E); |
| wolfSSL | 11:cee25a834751 | 187 | if (ret != 0 || is_valid_sig != 1) { |
| wolfSSL | 11:cee25a834751 | 188 | ret = SIG_VERIFY_E; |
| wolfSSL | 11:cee25a834751 | 189 | } |
| wolfSSL | 11:cee25a834751 | 190 | #else |
| wolfSSL | 11:cee25a834751 | 191 | ret = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 192 | #endif |
| wolfSSL | 11:cee25a834751 | 193 | break; |
| wolfSSL | 11:cee25a834751 | 194 | } |
| wolfSSL | 11:cee25a834751 | 195 | |
| wolfSSL | 11:cee25a834751 | 196 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 11:cee25a834751 | 197 | #if defined(NO_RSA) || defined(NO_ASN) |
| wolfSSL | 11:cee25a834751 | 198 | ret = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 199 | break; |
| wolfSSL | 11:cee25a834751 | 200 | #else |
| wolfSSL | 11:cee25a834751 | 201 | ret = wc_SignatureDerEncode(hash_type, &hash_data, &hash_len); |
| wolfSSL | 11:cee25a834751 | 202 | /* Check for error */ |
| wolfSSL | 11:cee25a834751 | 203 | if (ret < 0) { |
| wolfSSL | 11:cee25a834751 | 204 | break; |
| wolfSSL | 11:cee25a834751 | 205 | } |
| wolfSSL | 11:cee25a834751 | 206 | /* Otherwise fall-through and perform normal RSA verify against updated |
| wolfSSL | 11:cee25a834751 | 207 | * DER encoding + hash */ |
| wolfSSL | 11:cee25a834751 | 208 | #endif |
| wolfSSL | 11:cee25a834751 | 209 | |
| wolfSSL | 11:cee25a834751 | 210 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 11:cee25a834751 | 211 | { |
| wolfSSL | 11:cee25a834751 | 212 | #ifndef NO_RSA |
| wolfSSL | 11:cee25a834751 | 213 | word32 plain_len = hash_len; |
| wolfSSL | 11:cee25a834751 | 214 | byte *plain_data; |
| wolfSSL | 11:cee25a834751 | 215 | |
| wolfSSL | 11:cee25a834751 | 216 | /* Make sure the plain text output is at least key size */ |
| wolfSSL | 11:cee25a834751 | 217 | if (plain_len < sig_len) { |
| wolfSSL | 11:cee25a834751 | 218 | plain_len = sig_len; |
| wolfSSL | 11:cee25a834751 | 219 | } |
| wolfSSL | 11:cee25a834751 | 220 | plain_data = (byte*)XMALLOC(plain_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 221 | if (plain_data) { |
| wolfSSL | 11:cee25a834751 | 222 | /* Perform verification of signature using provided RSA key */ |
| wolfSSL | 11:cee25a834751 | 223 | do { |
| wolfSSL | 11:cee25a834751 | 224 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 11:cee25a834751 | 225 | ret = wc_AsyncWait(ret, &((RsaKey*)key)->asyncDev, |
| wolfSSL | 11:cee25a834751 | 226 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 11:cee25a834751 | 227 | #endif |
| wolfSSL | 11:cee25a834751 | 228 | if (ret >= 0) |
| wolfSSL | 11:cee25a834751 | 229 | ret = wc_RsaSSL_Verify(sig, sig_len, plain_data, |
| wolfSSL | 11:cee25a834751 | 230 | plain_len, (RsaKey*)key); |
| wolfSSL | 11:cee25a834751 | 231 | } while (ret == WC_PENDING_E); |
| wolfSSL | 11:cee25a834751 | 232 | if (ret >= 0) { |
| wolfSSL | 11:cee25a834751 | 233 | if ((word32)ret == hash_len && |
| wolfSSL | 11:cee25a834751 | 234 | XMEMCMP(plain_data, hash_data, hash_len) == 0) { |
| wolfSSL | 11:cee25a834751 | 235 | ret = 0; /* Success */ |
| wolfSSL | 11:cee25a834751 | 236 | } |
| wolfSSL | 11:cee25a834751 | 237 | else { |
| wolfSSL | 11:cee25a834751 | 238 | WOLFSSL_MSG("RSA Signature Verify difference!"); |
| wolfSSL | 11:cee25a834751 | 239 | ret = SIG_VERIFY_E; |
| wolfSSL | 11:cee25a834751 | 240 | } |
| wolfSSL | 11:cee25a834751 | 241 | } |
| wolfSSL | 11:cee25a834751 | 242 | XFREE(plain_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 243 | } |
| wolfSSL | 11:cee25a834751 | 244 | else { |
| wolfSSL | 11:cee25a834751 | 245 | ret = MEMORY_E; |
| wolfSSL | 11:cee25a834751 | 246 | } |
| wolfSSL | 11:cee25a834751 | 247 | #else |
| wolfSSL | 11:cee25a834751 | 248 | ret = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 249 | #endif |
| wolfSSL | 11:cee25a834751 | 250 | break; |
| wolfSSL | 11:cee25a834751 | 251 | } |
| wolfSSL | 11:cee25a834751 | 252 | |
| wolfSSL | 11:cee25a834751 | 253 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 11:cee25a834751 | 254 | default: |
| wolfSSL | 11:cee25a834751 | 255 | ret = BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 256 | break; |
| wolfSSL | 11:cee25a834751 | 257 | } |
| wolfSSL | 11:cee25a834751 | 258 | } |
| wolfSSL | 11:cee25a834751 | 259 | |
| wolfSSL | 11:cee25a834751 | 260 | if (hash_data) { |
| wolfSSL | 11:cee25a834751 | 261 | XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 262 | } |
| wolfSSL | 11:cee25a834751 | 263 | |
| wolfSSL | 11:cee25a834751 | 264 | return ret; |
| wolfSSL | 11:cee25a834751 | 265 | } |
| wolfSSL | 11:cee25a834751 | 266 | |
| wolfSSL | 11:cee25a834751 | 267 | int wc_SignatureGenerate( |
| wolfSSL | 11:cee25a834751 | 268 | enum wc_HashType hash_type, enum wc_SignatureType sig_type, |
| wolfSSL | 11:cee25a834751 | 269 | const byte* data, word32 data_len, |
| wolfSSL | 11:cee25a834751 | 270 | byte* sig, word32 *sig_len, |
| wolfSSL | 11:cee25a834751 | 271 | const void* key, word32 key_len, WC_RNG* rng) |
| wolfSSL | 11:cee25a834751 | 272 | { |
| wolfSSL | 11:cee25a834751 | 273 | int ret; |
| wolfSSL | 11:cee25a834751 | 274 | word32 hash_len; |
| wolfSSL | 11:cee25a834751 | 275 | byte *hash_data = NULL; |
| wolfSSL | 11:cee25a834751 | 276 | |
| wolfSSL | 11:cee25a834751 | 277 | /* Suppress possible unused arg if all signature types are disabled */ |
| wolfSSL | 11:cee25a834751 | 278 | (void)rng; |
| wolfSSL | 11:cee25a834751 | 279 | |
| wolfSSL | 11:cee25a834751 | 280 | /* Check arguments */ |
| wolfSSL | 11:cee25a834751 | 281 | if (data == NULL || data_len <= 0 || sig == NULL || sig_len == NULL || |
| wolfSSL | 11:cee25a834751 | 282 | *sig_len <= 0 || key == NULL || key_len <= 0) { |
| wolfSSL | 11:cee25a834751 | 283 | return BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 284 | } |
| wolfSSL | 11:cee25a834751 | 285 | |
| wolfSSL | 11:cee25a834751 | 286 | /* Validate signature len (needs to be at least max) */ |
| wolfSSL | 11:cee25a834751 | 287 | if ((int)*sig_len < wc_SignatureGetSize(sig_type, key, key_len)) { |
| wolfSSL | 11:cee25a834751 | 288 | WOLFSSL_MSG("wc_SignatureGenerate: Invalid sig type/len"); |
| wolfSSL | 11:cee25a834751 | 289 | return BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 290 | } |
| wolfSSL | 11:cee25a834751 | 291 | |
| wolfSSL | 11:cee25a834751 | 292 | /* Validate hash size */ |
| wolfSSL | 11:cee25a834751 | 293 | ret = wc_HashGetDigestSize(hash_type); |
| wolfSSL | 11:cee25a834751 | 294 | if (ret < 0) { |
| wolfSSL | 11:cee25a834751 | 295 | WOLFSSL_MSG("wc_SignatureGenerate: Invalid hash type/len"); |
| wolfSSL | 11:cee25a834751 | 296 | return ret; |
| wolfSSL | 11:cee25a834751 | 297 | } |
| wolfSSL | 11:cee25a834751 | 298 | hash_len = ret; |
| wolfSSL | 11:cee25a834751 | 299 | |
| wolfSSL | 11:cee25a834751 | 300 | /* Allocate temporary buffer for hash data */ |
| wolfSSL | 11:cee25a834751 | 301 | hash_data = (byte*)XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 302 | if (hash_data == NULL) { |
| wolfSSL | 11:cee25a834751 | 303 | return MEMORY_E; |
| wolfSSL | 11:cee25a834751 | 304 | } |
| wolfSSL | 11:cee25a834751 | 305 | |
| wolfSSL | 11:cee25a834751 | 306 | /* Perform hash of data */ |
| wolfSSL | 11:cee25a834751 | 307 | ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); |
| wolfSSL | 11:cee25a834751 | 308 | if (ret == 0) { |
| wolfSSL | 11:cee25a834751 | 309 | /* Create signature using hash as data */ |
| wolfSSL | 11:cee25a834751 | 310 | switch(sig_type) { |
| wolfSSL | 11:cee25a834751 | 311 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 11:cee25a834751 | 312 | #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) |
| wolfSSL | 11:cee25a834751 | 313 | /* Create signature using provided ECC key */ |
| wolfSSL | 11:cee25a834751 | 314 | do { |
| wolfSSL | 11:cee25a834751 | 315 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 11:cee25a834751 | 316 | ret = wc_AsyncWait(ret, &((ecc_key*)key)->asyncDev, |
| wolfSSL | 11:cee25a834751 | 317 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 11:cee25a834751 | 318 | #endif |
| wolfSSL | 11:cee25a834751 | 319 | if (ret >= 0) |
| wolfSSL | 11:cee25a834751 | 320 | ret = wc_ecc_sign_hash(hash_data, hash_len, sig, sig_len, |
| wolfSSL | 11:cee25a834751 | 321 | rng, (ecc_key*)key); |
| wolfSSL | 11:cee25a834751 | 322 | } while (ret == WC_PENDING_E); |
| wolfSSL | 11:cee25a834751 | 323 | #else |
| wolfSSL | 11:cee25a834751 | 324 | ret = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 325 | #endif |
| wolfSSL | 11:cee25a834751 | 326 | break; |
| wolfSSL | 11:cee25a834751 | 327 | |
| wolfSSL | 11:cee25a834751 | 328 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 11:cee25a834751 | 329 | #if defined(NO_RSA) || defined(NO_ASN) |
| wolfSSL | 11:cee25a834751 | 330 | ret = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 331 | break; |
| wolfSSL | 11:cee25a834751 | 332 | #else |
| wolfSSL | 11:cee25a834751 | 333 | ret = wc_SignatureDerEncode(hash_type, &hash_data, &hash_len); |
| wolfSSL | 11:cee25a834751 | 334 | /* Check for error */ |
| wolfSSL | 11:cee25a834751 | 335 | if (ret < 0) { |
| wolfSSL | 11:cee25a834751 | 336 | break; |
| wolfSSL | 11:cee25a834751 | 337 | } |
| wolfSSL | 11:cee25a834751 | 338 | /* Otherwise fall-through and perform normal RSA sign against updated |
| wolfSSL | 11:cee25a834751 | 339 | * DER encoding + hash */ |
| wolfSSL | 11:cee25a834751 | 340 | #endif |
| wolfSSL | 11:cee25a834751 | 341 | |
| wolfSSL | 11:cee25a834751 | 342 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 11:cee25a834751 | 343 | #ifndef NO_RSA |
| wolfSSL | 11:cee25a834751 | 344 | /* Create signature using provided RSA key */ |
| wolfSSL | 11:cee25a834751 | 345 | do { |
| wolfSSL | 11:cee25a834751 | 346 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 11:cee25a834751 | 347 | ret = wc_AsyncWait(ret, &((RsaKey*)key)->asyncDev, |
| wolfSSL | 11:cee25a834751 | 348 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 11:cee25a834751 | 349 | #endif |
| wolfSSL | 11:cee25a834751 | 350 | if (ret >= 0) |
| wolfSSL | 11:cee25a834751 | 351 | ret = wc_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, |
| wolfSSL | 11:cee25a834751 | 352 | (RsaKey*)key, rng); |
| wolfSSL | 11:cee25a834751 | 353 | } while (ret == WC_PENDING_E); |
| wolfSSL | 11:cee25a834751 | 354 | if (ret >= 0) { |
| wolfSSL | 11:cee25a834751 | 355 | *sig_len = ret; |
| wolfSSL | 11:cee25a834751 | 356 | ret = 0; /* Success */ |
| wolfSSL | 11:cee25a834751 | 357 | } |
| wolfSSL | 11:cee25a834751 | 358 | #else |
| wolfSSL | 11:cee25a834751 | 359 | ret = SIG_TYPE_E; |
| wolfSSL | 11:cee25a834751 | 360 | #endif |
| wolfSSL | 11:cee25a834751 | 361 | break; |
| wolfSSL | 11:cee25a834751 | 362 | |
| wolfSSL | 11:cee25a834751 | 363 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 11:cee25a834751 | 364 | default: |
| wolfSSL | 11:cee25a834751 | 365 | ret = BAD_FUNC_ARG; |
| wolfSSL | 11:cee25a834751 | 366 | break; |
| wolfSSL | 11:cee25a834751 | 367 | } |
| wolfSSL | 11:cee25a834751 | 368 | } |
| wolfSSL | 11:cee25a834751 | 369 | |
| wolfSSL | 11:cee25a834751 | 370 | if (hash_data) { |
| wolfSSL | 11:cee25a834751 | 371 | XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 11:cee25a834751 | 372 | } |
| wolfSSL | 11:cee25a834751 | 373 | |
| wolfSSL | 11:cee25a834751 | 374 | return ret; |
| wolfSSL | 11:cee25a834751 | 375 | } |
| wolfSSL | 11:cee25a834751 | 376 | |
| wolfSSL | 11:cee25a834751 | 377 | #endif /* NO_SIG_WRAPPER */ |
| wolfSSL | 11:cee25a834751 | 378 |