wolf SSL
wolfSSL SSL/TLS library, support up to TLS1.3
Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more
wolfcrypt/src/signature.c@13:f67a6c6013ca, 2017-08-22 (annotated)
- Committer:
- wolfSSL
- Date:
- Tue Aug 22 10:48:22 2017 +0000
- Revision:
- 13:f67a6c6013ca
wolfSSL3.12.0 with TLS1.3
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 13:f67a6c6013ca | 1 | /* signature.c |
| wolfSSL | 13:f67a6c6013ca | 2 | * |
| wolfSSL | 13:f67a6c6013ca | 3 | * Copyright (C) 2006-2016 wolfSSL Inc. |
| wolfSSL | 13:f67a6c6013ca | 4 | * |
| wolfSSL | 13:f67a6c6013ca | 5 | * This file is part of wolfSSL. |
| wolfSSL | 13:f67a6c6013ca | 6 | * |
| wolfSSL | 13:f67a6c6013ca | 7 | * wolfSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 13:f67a6c6013ca | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 13:f67a6c6013ca | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 13:f67a6c6013ca | 10 | * (at your option) any later version. |
| wolfSSL | 13:f67a6c6013ca | 11 | * |
| wolfSSL | 13:f67a6c6013ca | 12 | * wolfSSL is distributed in the hope that it will be useful, |
| wolfSSL | 13:f67a6c6013ca | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 13:f67a6c6013ca | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 13:f67a6c6013ca | 15 | * GNU General Public License for more details. |
| wolfSSL | 13:f67a6c6013ca | 16 | * |
| wolfSSL | 13:f67a6c6013ca | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 13:f67a6c6013ca | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 13:f67a6c6013ca | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
| wolfSSL | 13:f67a6c6013ca | 20 | */ |
| wolfSSL | 13:f67a6c6013ca | 21 | |
| wolfSSL | 13:f67a6c6013ca | 22 | |
| wolfSSL | 13:f67a6c6013ca | 23 | #ifdef HAVE_CONFIG_H |
| wolfSSL | 13:f67a6c6013ca | 24 | #include <config.h> |
| wolfSSL | 13:f67a6c6013ca | 25 | #endif |
| wolfSSL | 13:f67a6c6013ca | 26 | |
| wolfSSL | 13:f67a6c6013ca | 27 | #include <wolfssl/wolfcrypt/settings.h> |
| wolfSSL | 13:f67a6c6013ca | 28 | #include <wolfssl/wolfcrypt/signature.h> |
| wolfSSL | 13:f67a6c6013ca | 29 | #include <wolfssl/wolfcrypt/error-crypt.h> |
| wolfSSL | 13:f67a6c6013ca | 30 | #include <wolfssl/wolfcrypt/logging.h> |
| wolfSSL | 13:f67a6c6013ca | 31 | #ifndef NO_ASN |
| wolfSSL | 13:f67a6c6013ca | 32 | #include <wolfssl/wolfcrypt/asn.h> |
| wolfSSL | 13:f67a6c6013ca | 33 | #endif |
| wolfSSL | 13:f67a6c6013ca | 34 | #ifdef HAVE_ECC |
| wolfSSL | 13:f67a6c6013ca | 35 | #include <wolfssl/wolfcrypt/ecc.h> |
| wolfSSL | 13:f67a6c6013ca | 36 | #endif |
| wolfSSL | 13:f67a6c6013ca | 37 | #ifndef NO_RSA |
| wolfSSL | 13:f67a6c6013ca | 38 | #include <wolfssl/wolfcrypt/rsa.h> |
| wolfSSL | 13:f67a6c6013ca | 39 | #endif |
| wolfSSL | 13:f67a6c6013ca | 40 | |
| wolfSSL | 13:f67a6c6013ca | 41 | /* If ECC and RSA are disabled then disable signature wrapper */ |
| wolfSSL | 13:f67a6c6013ca | 42 | #if (!defined(HAVE_ECC) || (defined(HAVE_ECC) && !defined(HAVE_ECC_SIGN) \ |
| wolfSSL | 13:f67a6c6013ca | 43 | && !defined(HAVE_ECC_VERIFY))) && defined(NO_RSA) |
| wolfSSL | 13:f67a6c6013ca | 44 | #undef NO_SIG_WRAPPER |
| wolfSSL | 13:f67a6c6013ca | 45 | #define NO_SIG_WRAPPER |
| wolfSSL | 13:f67a6c6013ca | 46 | #endif |
| wolfSSL | 13:f67a6c6013ca | 47 | |
| wolfSSL | 13:f67a6c6013ca | 48 | /* Signature wrapper disabled check */ |
| wolfSSL | 13:f67a6c6013ca | 49 | #ifndef NO_SIG_WRAPPER |
| wolfSSL | 13:f67a6c6013ca | 50 | |
| wolfSSL | 13:f67a6c6013ca | 51 | #if !defined(NO_RSA) && !defined(NO_ASN) |
| wolfSSL | 13:f67a6c6013ca | 52 | static int wc_SignatureDerEncode(enum wc_HashType hash_type, byte** hash_data, |
| wolfSSL | 13:f67a6c6013ca | 53 | word32* hash_len) |
| wolfSSL | 13:f67a6c6013ca | 54 | { |
| wolfSSL | 13:f67a6c6013ca | 55 | int ret = wc_HashGetOID(hash_type); |
| wolfSSL | 13:f67a6c6013ca | 56 | if (ret > 0) { |
| wolfSSL | 13:f67a6c6013ca | 57 | int oid = ret; |
| wolfSSL | 13:f67a6c6013ca | 58 | |
| wolfSSL | 13:f67a6c6013ca | 59 | /* Allocate buffer for hash and max DER encoded */ |
| wolfSSL | 13:f67a6c6013ca | 60 | word32 digest_len = *hash_len + MAX_DER_DIGEST_SZ; |
| wolfSSL | 13:f67a6c6013ca | 61 | byte *digest_buf = (byte*)XMALLOC(digest_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 62 | if (digest_buf) { |
| wolfSSL | 13:f67a6c6013ca | 63 | ret = wc_EncodeSignature(digest_buf, *hash_data, *hash_len, oid); |
| wolfSSL | 13:f67a6c6013ca | 64 | if (ret > 0) { |
| wolfSSL | 13:f67a6c6013ca | 65 | digest_len = ret; |
| wolfSSL | 13:f67a6c6013ca | 66 | |
| wolfSSL | 13:f67a6c6013ca | 67 | /* Replace hash with digest (DER encoding + hash) */ |
| wolfSSL | 13:f67a6c6013ca | 68 | XFREE(*hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 69 | *hash_data = digest_buf; |
| wolfSSL | 13:f67a6c6013ca | 70 | *hash_len = digest_len; |
| wolfSSL | 13:f67a6c6013ca | 71 | } |
| wolfSSL | 13:f67a6c6013ca | 72 | else { |
| wolfSSL | 13:f67a6c6013ca | 73 | XFREE(digest_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 74 | } |
| wolfSSL | 13:f67a6c6013ca | 75 | } |
| wolfSSL | 13:f67a6c6013ca | 76 | else { |
| wolfSSL | 13:f67a6c6013ca | 77 | ret = MEMORY_E; |
| wolfSSL | 13:f67a6c6013ca | 78 | } |
| wolfSSL | 13:f67a6c6013ca | 79 | } |
| wolfSSL | 13:f67a6c6013ca | 80 | return ret; |
| wolfSSL | 13:f67a6c6013ca | 81 | } |
| wolfSSL | 13:f67a6c6013ca | 82 | #endif /* !NO_RSA && !NO_ASN */ |
| wolfSSL | 13:f67a6c6013ca | 83 | |
| wolfSSL | 13:f67a6c6013ca | 84 | int wc_SignatureGetSize(enum wc_SignatureType sig_type, |
| wolfSSL | 13:f67a6c6013ca | 85 | const void* key, word32 key_len) |
| wolfSSL | 13:f67a6c6013ca | 86 | { |
| wolfSSL | 13:f67a6c6013ca | 87 | int sig_len = BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 88 | |
| wolfSSL | 13:f67a6c6013ca | 89 | /* Suppress possible unused args if all signature types are disabled */ |
| wolfSSL | 13:f67a6c6013ca | 90 | (void)key; |
| wolfSSL | 13:f67a6c6013ca | 91 | (void)key_len; |
| wolfSSL | 13:f67a6c6013ca | 92 | |
| wolfSSL | 13:f67a6c6013ca | 93 | switch(sig_type) { |
| wolfSSL | 13:f67a6c6013ca | 94 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 13:f67a6c6013ca | 95 | #ifdef HAVE_ECC |
| wolfSSL | 13:f67a6c6013ca | 96 | /* Santity check that void* key is at least ecc_key in size */ |
| wolfSSL | 13:f67a6c6013ca | 97 | if (key_len >= sizeof(ecc_key)) { |
| wolfSSL | 13:f67a6c6013ca | 98 | sig_len = wc_ecc_sig_size((ecc_key*)key); |
| wolfSSL | 13:f67a6c6013ca | 99 | } |
| wolfSSL | 13:f67a6c6013ca | 100 | else { |
| wolfSSL | 13:f67a6c6013ca | 101 | WOLFSSL_MSG("wc_SignatureGetSize: Invalid ECC key size"); |
| wolfSSL | 13:f67a6c6013ca | 102 | } |
| wolfSSL | 13:f67a6c6013ca | 103 | #else |
| wolfSSL | 13:f67a6c6013ca | 104 | sig_len = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 105 | #endif |
| wolfSSL | 13:f67a6c6013ca | 106 | break; |
| wolfSSL | 13:f67a6c6013ca | 107 | |
| wolfSSL | 13:f67a6c6013ca | 108 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 13:f67a6c6013ca | 109 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 13:f67a6c6013ca | 110 | #ifndef NO_RSA |
| wolfSSL | 13:f67a6c6013ca | 111 | /* Santity check that void* key is at least RsaKey in size */ |
| wolfSSL | 13:f67a6c6013ca | 112 | if (key_len >= sizeof(RsaKey)) { |
| wolfSSL | 13:f67a6c6013ca | 113 | sig_len = wc_RsaEncryptSize((RsaKey*)key); |
| wolfSSL | 13:f67a6c6013ca | 114 | } |
| wolfSSL | 13:f67a6c6013ca | 115 | else { |
| wolfSSL | 13:f67a6c6013ca | 116 | WOLFSSL_MSG("wc_SignatureGetSize: Invalid RsaKey key size"); |
| wolfSSL | 13:f67a6c6013ca | 117 | } |
| wolfSSL | 13:f67a6c6013ca | 118 | #else |
| wolfSSL | 13:f67a6c6013ca | 119 | sig_len = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 120 | #endif |
| wolfSSL | 13:f67a6c6013ca | 121 | break; |
| wolfSSL | 13:f67a6c6013ca | 122 | |
| wolfSSL | 13:f67a6c6013ca | 123 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 13:f67a6c6013ca | 124 | default: |
| wolfSSL | 13:f67a6c6013ca | 125 | sig_len = BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 126 | break; |
| wolfSSL | 13:f67a6c6013ca | 127 | } |
| wolfSSL | 13:f67a6c6013ca | 128 | return sig_len; |
| wolfSSL | 13:f67a6c6013ca | 129 | } |
| wolfSSL | 13:f67a6c6013ca | 130 | |
| wolfSSL | 13:f67a6c6013ca | 131 | int wc_SignatureVerify( |
| wolfSSL | 13:f67a6c6013ca | 132 | enum wc_HashType hash_type, enum wc_SignatureType sig_type, |
| wolfSSL | 13:f67a6c6013ca | 133 | const byte* data, word32 data_len, |
| wolfSSL | 13:f67a6c6013ca | 134 | const byte* sig, word32 sig_len, |
| wolfSSL | 13:f67a6c6013ca | 135 | const void* key, word32 key_len) |
| wolfSSL | 13:f67a6c6013ca | 136 | { |
| wolfSSL | 13:f67a6c6013ca | 137 | int ret; |
| wolfSSL | 13:f67a6c6013ca | 138 | word32 hash_len; |
| wolfSSL | 13:f67a6c6013ca | 139 | byte *hash_data = NULL; |
| wolfSSL | 13:f67a6c6013ca | 140 | |
| wolfSSL | 13:f67a6c6013ca | 141 | /* Check arguments */ |
| wolfSSL | 13:f67a6c6013ca | 142 | if (data == NULL || data_len <= 0 || sig == NULL || sig_len <= 0 || |
| wolfSSL | 13:f67a6c6013ca | 143 | key == NULL || key_len <= 0) { |
| wolfSSL | 13:f67a6c6013ca | 144 | return BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 145 | } |
| wolfSSL | 13:f67a6c6013ca | 146 | |
| wolfSSL | 13:f67a6c6013ca | 147 | /* Validate signature len (1 to max is okay) */ |
| wolfSSL | 13:f67a6c6013ca | 148 | if ((int)sig_len > wc_SignatureGetSize(sig_type, key, key_len)) { |
| wolfSSL | 13:f67a6c6013ca | 149 | WOLFSSL_MSG("wc_SignatureVerify: Invalid sig type/len"); |
| wolfSSL | 13:f67a6c6013ca | 150 | return BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 151 | } |
| wolfSSL | 13:f67a6c6013ca | 152 | |
| wolfSSL | 13:f67a6c6013ca | 153 | /* Validate hash size */ |
| wolfSSL | 13:f67a6c6013ca | 154 | ret = wc_HashGetDigestSize(hash_type); |
| wolfSSL | 13:f67a6c6013ca | 155 | if (ret < 0) { |
| wolfSSL | 13:f67a6c6013ca | 156 | WOLFSSL_MSG("wc_SignatureVerify: Invalid hash type/len"); |
| wolfSSL | 13:f67a6c6013ca | 157 | return ret; |
| wolfSSL | 13:f67a6c6013ca | 158 | } |
| wolfSSL | 13:f67a6c6013ca | 159 | hash_len = ret; |
| wolfSSL | 13:f67a6c6013ca | 160 | |
| wolfSSL | 13:f67a6c6013ca | 161 | /* Allocate temporary buffer for hash data */ |
| wolfSSL | 13:f67a6c6013ca | 162 | hash_data = (byte*)XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 163 | if (hash_data == NULL) { |
| wolfSSL | 13:f67a6c6013ca | 164 | return MEMORY_E; |
| wolfSSL | 13:f67a6c6013ca | 165 | } |
| wolfSSL | 13:f67a6c6013ca | 166 | |
| wolfSSL | 13:f67a6c6013ca | 167 | /* Perform hash of data */ |
| wolfSSL | 13:f67a6c6013ca | 168 | ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); |
| wolfSSL | 13:f67a6c6013ca | 169 | if(ret == 0) { |
| wolfSSL | 13:f67a6c6013ca | 170 | /* Verify signature using hash as data */ |
| wolfSSL | 13:f67a6c6013ca | 171 | switch(sig_type) { |
| wolfSSL | 13:f67a6c6013ca | 172 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 13:f67a6c6013ca | 173 | { |
| wolfSSL | 13:f67a6c6013ca | 174 | #if defined(HAVE_ECC) && defined(HAVE_ECC_VERIFY) |
| wolfSSL | 13:f67a6c6013ca | 175 | int is_valid_sig = 0; |
| wolfSSL | 13:f67a6c6013ca | 176 | |
| wolfSSL | 13:f67a6c6013ca | 177 | /* Perform verification of signature using provided ECC key */ |
| wolfSSL | 13:f67a6c6013ca | 178 | do { |
| wolfSSL | 13:f67a6c6013ca | 179 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 13:f67a6c6013ca | 180 | ret = wc_AsyncWait(ret, &((ecc_key*)key)->asyncDev, |
| wolfSSL | 13:f67a6c6013ca | 181 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 13:f67a6c6013ca | 182 | #endif |
| wolfSSL | 13:f67a6c6013ca | 183 | if (ret >= 0) |
| wolfSSL | 13:f67a6c6013ca | 184 | ret = wc_ecc_verify_hash(sig, sig_len, hash_data, hash_len, |
| wolfSSL | 13:f67a6c6013ca | 185 | &is_valid_sig, (ecc_key*)key); |
| wolfSSL | 13:f67a6c6013ca | 186 | } while (ret == WC_PENDING_E); |
| wolfSSL | 13:f67a6c6013ca | 187 | if (ret != 0 || is_valid_sig != 1) { |
| wolfSSL | 13:f67a6c6013ca | 188 | ret = SIG_VERIFY_E; |
| wolfSSL | 13:f67a6c6013ca | 189 | } |
| wolfSSL | 13:f67a6c6013ca | 190 | #else |
| wolfSSL | 13:f67a6c6013ca | 191 | ret = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 192 | #endif |
| wolfSSL | 13:f67a6c6013ca | 193 | break; |
| wolfSSL | 13:f67a6c6013ca | 194 | } |
| wolfSSL | 13:f67a6c6013ca | 195 | |
| wolfSSL | 13:f67a6c6013ca | 196 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 13:f67a6c6013ca | 197 | #if defined(NO_RSA) || defined(NO_ASN) |
| wolfSSL | 13:f67a6c6013ca | 198 | ret = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 199 | break; |
| wolfSSL | 13:f67a6c6013ca | 200 | #else |
| wolfSSL | 13:f67a6c6013ca | 201 | ret = wc_SignatureDerEncode(hash_type, &hash_data, &hash_len); |
| wolfSSL | 13:f67a6c6013ca | 202 | /* Check for error */ |
| wolfSSL | 13:f67a6c6013ca | 203 | if (ret < 0) { |
| wolfSSL | 13:f67a6c6013ca | 204 | break; |
| wolfSSL | 13:f67a6c6013ca | 205 | } |
| wolfSSL | 13:f67a6c6013ca | 206 | /* Otherwise fall-through and perform normal RSA verify against updated |
| wolfSSL | 13:f67a6c6013ca | 207 | * DER encoding + hash */ |
| wolfSSL | 13:f67a6c6013ca | 208 | #endif |
| wolfSSL | 13:f67a6c6013ca | 209 | FALL_THROUGH; |
| wolfSSL | 13:f67a6c6013ca | 210 | |
| wolfSSL | 13:f67a6c6013ca | 211 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 13:f67a6c6013ca | 212 | { |
| wolfSSL | 13:f67a6c6013ca | 213 | #ifndef NO_RSA |
| wolfSSL | 13:f67a6c6013ca | 214 | word32 plain_len = hash_len; |
| wolfSSL | 13:f67a6c6013ca | 215 | byte *plain_data; |
| wolfSSL | 13:f67a6c6013ca | 216 | |
| wolfSSL | 13:f67a6c6013ca | 217 | /* Make sure the plain text output is at least key size */ |
| wolfSSL | 13:f67a6c6013ca | 218 | if (plain_len < sig_len) { |
| wolfSSL | 13:f67a6c6013ca | 219 | plain_len = sig_len; |
| wolfSSL | 13:f67a6c6013ca | 220 | } |
| wolfSSL | 13:f67a6c6013ca | 221 | plain_data = (byte*)XMALLOC(plain_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 222 | if (plain_data) { |
| wolfSSL | 13:f67a6c6013ca | 223 | /* Perform verification of signature using provided RSA key */ |
| wolfSSL | 13:f67a6c6013ca | 224 | do { |
| wolfSSL | 13:f67a6c6013ca | 225 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 13:f67a6c6013ca | 226 | ret = wc_AsyncWait(ret, &((RsaKey*)key)->asyncDev, |
| wolfSSL | 13:f67a6c6013ca | 227 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 13:f67a6c6013ca | 228 | #endif |
| wolfSSL | 13:f67a6c6013ca | 229 | if (ret >= 0) |
| wolfSSL | 13:f67a6c6013ca | 230 | ret = wc_RsaSSL_Verify(sig, sig_len, plain_data, |
| wolfSSL | 13:f67a6c6013ca | 231 | plain_len, (RsaKey*)key); |
| wolfSSL | 13:f67a6c6013ca | 232 | } while (ret == WC_PENDING_E); |
| wolfSSL | 13:f67a6c6013ca | 233 | if (ret >= 0) { |
| wolfSSL | 13:f67a6c6013ca | 234 | if ((word32)ret == hash_len && |
| wolfSSL | 13:f67a6c6013ca | 235 | XMEMCMP(plain_data, hash_data, hash_len) == 0) { |
| wolfSSL | 13:f67a6c6013ca | 236 | ret = 0; /* Success */ |
| wolfSSL | 13:f67a6c6013ca | 237 | } |
| wolfSSL | 13:f67a6c6013ca | 238 | else { |
| wolfSSL | 13:f67a6c6013ca | 239 | WOLFSSL_MSG("RSA Signature Verify difference!"); |
| wolfSSL | 13:f67a6c6013ca | 240 | ret = SIG_VERIFY_E; |
| wolfSSL | 13:f67a6c6013ca | 241 | } |
| wolfSSL | 13:f67a6c6013ca | 242 | } |
| wolfSSL | 13:f67a6c6013ca | 243 | XFREE(plain_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 244 | } |
| wolfSSL | 13:f67a6c6013ca | 245 | else { |
| wolfSSL | 13:f67a6c6013ca | 246 | ret = MEMORY_E; |
| wolfSSL | 13:f67a6c6013ca | 247 | } |
| wolfSSL | 13:f67a6c6013ca | 248 | #else |
| wolfSSL | 13:f67a6c6013ca | 249 | ret = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 250 | #endif |
| wolfSSL | 13:f67a6c6013ca | 251 | break; |
| wolfSSL | 13:f67a6c6013ca | 252 | } |
| wolfSSL | 13:f67a6c6013ca | 253 | |
| wolfSSL | 13:f67a6c6013ca | 254 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 13:f67a6c6013ca | 255 | default: |
| wolfSSL | 13:f67a6c6013ca | 256 | ret = BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 257 | break; |
| wolfSSL | 13:f67a6c6013ca | 258 | } |
| wolfSSL | 13:f67a6c6013ca | 259 | } |
| wolfSSL | 13:f67a6c6013ca | 260 | |
| wolfSSL | 13:f67a6c6013ca | 261 | if (hash_data) { |
| wolfSSL | 13:f67a6c6013ca | 262 | XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 263 | } |
| wolfSSL | 13:f67a6c6013ca | 264 | |
| wolfSSL | 13:f67a6c6013ca | 265 | return ret; |
| wolfSSL | 13:f67a6c6013ca | 266 | } |
| wolfSSL | 13:f67a6c6013ca | 267 | |
| wolfSSL | 13:f67a6c6013ca | 268 | int wc_SignatureGenerate( |
| wolfSSL | 13:f67a6c6013ca | 269 | enum wc_HashType hash_type, enum wc_SignatureType sig_type, |
| wolfSSL | 13:f67a6c6013ca | 270 | const byte* data, word32 data_len, |
| wolfSSL | 13:f67a6c6013ca | 271 | byte* sig, word32 *sig_len, |
| wolfSSL | 13:f67a6c6013ca | 272 | const void* key, word32 key_len, WC_RNG* rng) |
| wolfSSL | 13:f67a6c6013ca | 273 | { |
| wolfSSL | 13:f67a6c6013ca | 274 | int ret; |
| wolfSSL | 13:f67a6c6013ca | 275 | word32 hash_len; |
| wolfSSL | 13:f67a6c6013ca | 276 | byte *hash_data = NULL; |
| wolfSSL | 13:f67a6c6013ca | 277 | |
| wolfSSL | 13:f67a6c6013ca | 278 | /* Suppress possible unused arg if all signature types are disabled */ |
| wolfSSL | 13:f67a6c6013ca | 279 | (void)rng; |
| wolfSSL | 13:f67a6c6013ca | 280 | |
| wolfSSL | 13:f67a6c6013ca | 281 | /* Check arguments */ |
| wolfSSL | 13:f67a6c6013ca | 282 | if (data == NULL || data_len <= 0 || sig == NULL || sig_len == NULL || |
| wolfSSL | 13:f67a6c6013ca | 283 | *sig_len <= 0 || key == NULL || key_len <= 0) { |
| wolfSSL | 13:f67a6c6013ca | 284 | return BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 285 | } |
| wolfSSL | 13:f67a6c6013ca | 286 | |
| wolfSSL | 13:f67a6c6013ca | 287 | /* Validate signature len (needs to be at least max) */ |
| wolfSSL | 13:f67a6c6013ca | 288 | if ((int)*sig_len < wc_SignatureGetSize(sig_type, key, key_len)) { |
| wolfSSL | 13:f67a6c6013ca | 289 | WOLFSSL_MSG("wc_SignatureGenerate: Invalid sig type/len"); |
| wolfSSL | 13:f67a6c6013ca | 290 | return BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 291 | } |
| wolfSSL | 13:f67a6c6013ca | 292 | |
| wolfSSL | 13:f67a6c6013ca | 293 | /* Validate hash size */ |
| wolfSSL | 13:f67a6c6013ca | 294 | ret = wc_HashGetDigestSize(hash_type); |
| wolfSSL | 13:f67a6c6013ca | 295 | if (ret < 0) { |
| wolfSSL | 13:f67a6c6013ca | 296 | WOLFSSL_MSG("wc_SignatureGenerate: Invalid hash type/len"); |
| wolfSSL | 13:f67a6c6013ca | 297 | return ret; |
| wolfSSL | 13:f67a6c6013ca | 298 | } |
| wolfSSL | 13:f67a6c6013ca | 299 | hash_len = ret; |
| wolfSSL | 13:f67a6c6013ca | 300 | |
| wolfSSL | 13:f67a6c6013ca | 301 | /* Allocate temporary buffer for hash data */ |
| wolfSSL | 13:f67a6c6013ca | 302 | hash_data = (byte*)XMALLOC(hash_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 303 | if (hash_data == NULL) { |
| wolfSSL | 13:f67a6c6013ca | 304 | return MEMORY_E; |
| wolfSSL | 13:f67a6c6013ca | 305 | } |
| wolfSSL | 13:f67a6c6013ca | 306 | |
| wolfSSL | 13:f67a6c6013ca | 307 | /* Perform hash of data */ |
| wolfSSL | 13:f67a6c6013ca | 308 | ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); |
| wolfSSL | 13:f67a6c6013ca | 309 | if (ret == 0) { |
| wolfSSL | 13:f67a6c6013ca | 310 | /* Create signature using hash as data */ |
| wolfSSL | 13:f67a6c6013ca | 311 | switch(sig_type) { |
| wolfSSL | 13:f67a6c6013ca | 312 | case WC_SIGNATURE_TYPE_ECC: |
| wolfSSL | 13:f67a6c6013ca | 313 | #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) |
| wolfSSL | 13:f67a6c6013ca | 314 | /* Create signature using provided ECC key */ |
| wolfSSL | 13:f67a6c6013ca | 315 | do { |
| wolfSSL | 13:f67a6c6013ca | 316 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 13:f67a6c6013ca | 317 | ret = wc_AsyncWait(ret, &((ecc_key*)key)->asyncDev, |
| wolfSSL | 13:f67a6c6013ca | 318 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 13:f67a6c6013ca | 319 | #endif |
| wolfSSL | 13:f67a6c6013ca | 320 | if (ret >= 0) |
| wolfSSL | 13:f67a6c6013ca | 321 | ret = wc_ecc_sign_hash(hash_data, hash_len, sig, sig_len, |
| wolfSSL | 13:f67a6c6013ca | 322 | rng, (ecc_key*)key); |
| wolfSSL | 13:f67a6c6013ca | 323 | } while (ret == WC_PENDING_E); |
| wolfSSL | 13:f67a6c6013ca | 324 | #else |
| wolfSSL | 13:f67a6c6013ca | 325 | ret = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 326 | #endif |
| wolfSSL | 13:f67a6c6013ca | 327 | break; |
| wolfSSL | 13:f67a6c6013ca | 328 | |
| wolfSSL | 13:f67a6c6013ca | 329 | case WC_SIGNATURE_TYPE_RSA_W_ENC: |
| wolfSSL | 13:f67a6c6013ca | 330 | #if defined(NO_RSA) || defined(NO_ASN) |
| wolfSSL | 13:f67a6c6013ca | 331 | ret = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 332 | break; |
| wolfSSL | 13:f67a6c6013ca | 333 | #else |
| wolfSSL | 13:f67a6c6013ca | 334 | ret = wc_SignatureDerEncode(hash_type, &hash_data, &hash_len); |
| wolfSSL | 13:f67a6c6013ca | 335 | /* Check for error */ |
| wolfSSL | 13:f67a6c6013ca | 336 | if (ret < 0) { |
| wolfSSL | 13:f67a6c6013ca | 337 | break; |
| wolfSSL | 13:f67a6c6013ca | 338 | } |
| wolfSSL | 13:f67a6c6013ca | 339 | /* Otherwise fall-through and perform normal RSA sign against updated |
| wolfSSL | 13:f67a6c6013ca | 340 | * DER encoding + hash */ |
| wolfSSL | 13:f67a6c6013ca | 341 | #endif |
| wolfSSL | 13:f67a6c6013ca | 342 | FALL_THROUGH; |
| wolfSSL | 13:f67a6c6013ca | 343 | case WC_SIGNATURE_TYPE_RSA: |
| wolfSSL | 13:f67a6c6013ca | 344 | #ifndef NO_RSA |
| wolfSSL | 13:f67a6c6013ca | 345 | /* Create signature using provided RSA key */ |
| wolfSSL | 13:f67a6c6013ca | 346 | do { |
| wolfSSL | 13:f67a6c6013ca | 347 | #ifdef WOLFSSL_ASYNC_CRYPT |
| wolfSSL | 13:f67a6c6013ca | 348 | ret = wc_AsyncWait(ret, &((RsaKey*)key)->asyncDev, |
| wolfSSL | 13:f67a6c6013ca | 349 | WC_ASYNC_FLAG_CALL_AGAIN); |
| wolfSSL | 13:f67a6c6013ca | 350 | #endif |
| wolfSSL | 13:f67a6c6013ca | 351 | if (ret >= 0) |
| wolfSSL | 13:f67a6c6013ca | 352 | ret = wc_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, |
| wolfSSL | 13:f67a6c6013ca | 353 | (RsaKey*)key, rng); |
| wolfSSL | 13:f67a6c6013ca | 354 | } while (ret == WC_PENDING_E); |
| wolfSSL | 13:f67a6c6013ca | 355 | if (ret >= 0) { |
| wolfSSL | 13:f67a6c6013ca | 356 | *sig_len = ret; |
| wolfSSL | 13:f67a6c6013ca | 357 | ret = 0; /* Success */ |
| wolfSSL | 13:f67a6c6013ca | 358 | } |
| wolfSSL | 13:f67a6c6013ca | 359 | #else |
| wolfSSL | 13:f67a6c6013ca | 360 | ret = SIG_TYPE_E; |
| wolfSSL | 13:f67a6c6013ca | 361 | #endif |
| wolfSSL | 13:f67a6c6013ca | 362 | break; |
| wolfSSL | 13:f67a6c6013ca | 363 | |
| wolfSSL | 13:f67a6c6013ca | 364 | case WC_SIGNATURE_TYPE_NONE: |
| wolfSSL | 13:f67a6c6013ca | 365 | default: |
| wolfSSL | 13:f67a6c6013ca | 366 | ret = BAD_FUNC_ARG; |
| wolfSSL | 13:f67a6c6013ca | 367 | break; |
| wolfSSL | 13:f67a6c6013ca | 368 | } |
| wolfSSL | 13:f67a6c6013ca | 369 | } |
| wolfSSL | 13:f67a6c6013ca | 370 | |
| wolfSSL | 13:f67a6c6013ca | 371 | if (hash_data) { |
| wolfSSL | 13:f67a6c6013ca | 372 | XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| wolfSSL | 13:f67a6c6013ca | 373 | } |
| wolfSSL | 13:f67a6c6013ca | 374 | |
| wolfSSL | 13:f67a6c6013ca | 375 | return ret; |
| wolfSSL | 13:f67a6c6013ca | 376 | } |
| wolfSSL | 13:f67a6c6013ca | 377 | |
| wolfSSL | 13:f67a6c6013ca | 378 | #endif /* NO_SIG_WRAPPER */ |
| wolfSSL | 13:f67a6c6013ca | 379 |