Lee Kai Xuan
/
mbed-os
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
mbed-os
by 
erkin yucel
Embed:
(wiki syntax)
Show/hide line numbers
pk_wrap.c
00001 /* 00002 * Public Key abstraction layer: wrapper functions 00003 * 00004 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved 00005 * SPDX-License-Identifier: Apache-2.0 00006 * 00007 * Licensed under the Apache License, Version 2.0 (the "License"); you may 00008 * not use this file except in compliance with the License. 00009 * You may obtain a copy of the License at 00010 * 00011 * http://www.apache.org/licenses/LICENSE-2.0 00012 * 00013 * Unless required by applicable law or agreed to in writing, software 00014 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 00015 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00016 * See the License for the specific language governing permissions and 00017 * limitations under the License. 00018 * 00019 * This file is part of mbed TLS (https://tls.mbed.org) 00020 */ 00021 00022 #if !defined(MBEDTLS_CONFIG_FILE) 00023 #include "mbedtls/config.h" 00024 #else 00025 #include MBEDTLS_CONFIG_FILE 00026 #endif 00027 00028 #if defined(MBEDTLS_PK_C) 00029 #include "mbedtls/pk_internal.h" 00030 00031 /* Even if RSA not activated, for the sake of RSA-alt */ 00032 #include "mbedtls/rsa.h" 00033 00034 #include <string.h> 00035 00036 #if defined(MBEDTLS_ECP_C) 00037 #include "mbedtls/ecp.h" 00038 #endif 00039 00040 #if defined(MBEDTLS_ECDSA_C) 00041 #include "mbedtls/ecdsa.h" 00042 #endif 00043 00044 #if defined(MBEDTLS_PLATFORM_C) 00045 #include "mbedtls/platform.h" 00046 #else 00047 #include <stdlib.h> 00048 #define mbedtls_calloc calloc 00049 #define mbedtls_free free 00050 #endif 00051 00052 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00053 /* Implementation that should never be optimized out by the compiler */ 00054 static void mbedtls_zeroize( void *v, size_t n ) { 00055 volatile unsigned char *p = v; while( n-- ) *p++ = 0; 00056 } 00057 #endif 00058 00059 #if defined(MBEDTLS_RSA_C) 00060 static int rsa_can_do( mbedtls_pk_type_t type ) 00061 { 00062 return( type == MBEDTLS_PK_RSA || 00063 type == MBEDTLS_PK_RSASSA_PSS ); 00064 } 00065 00066 static size_t rsa_get_bitlen( const void *ctx ) 00067 { 00068 return( 8 * ((const mbedtls_rsa_context *) ctx)->len ); 00069 } 00070 00071 static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00072 const unsigned char *hash, size_t hash_len, 00073 const unsigned char *sig, size_t sig_len ) 00074 { 00075 int ret; 00076 00077 if( sig_len < ((mbedtls_rsa_context *) ctx)->len ) 00078 return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); 00079 00080 if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL, 00081 MBEDTLS_RSA_PUBLIC, md_alg, 00082 (unsigned int) hash_len, hash, sig ) ) != 0 ) 00083 return( ret ); 00084 00085 if( sig_len > ((mbedtls_rsa_context *) ctx)->len ) 00086 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); 00087 00088 return( 0 ); 00089 } 00090 00091 static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00092 const unsigned char *hash, size_t hash_len, 00093 unsigned char *sig, size_t *sig_len, 00094 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00095 { 00096 *sig_len = ((mbedtls_rsa_context *) ctx)->len; 00097 00098 return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, 00099 md_alg, (unsigned int) hash_len, hash, sig ) ); 00100 } 00101 00102 static int rsa_decrypt_wrap( void *ctx, 00103 const unsigned char *input, size_t ilen, 00104 unsigned char *output, size_t *olen, size_t osize, 00105 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00106 { 00107 if( ilen != ((mbedtls_rsa_context *) ctx)->len ) 00108 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); 00109 00110 return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng, 00111 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); 00112 } 00113 00114 static int rsa_encrypt_wrap( void *ctx, 00115 const unsigned char *input, size_t ilen, 00116 unsigned char *output, size_t *olen, size_t osize, 00117 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00118 { 00119 *olen = ((mbedtls_rsa_context *) ctx)->len; 00120 00121 if( *olen > osize ) 00122 return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE ); 00123 00124 return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx, 00125 f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) ); 00126 } 00127 00128 static int rsa_check_pair_wrap( const void *pub, const void *prv ) 00129 { 00130 return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub, 00131 (const mbedtls_rsa_context *) prv ) ); 00132 } 00133 00134 static void *rsa_alloc_wrap( void ) 00135 { 00136 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_context ) ); 00137 00138 if( ctx != NULL ) 00139 mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 ); 00140 00141 return( ctx ); 00142 } 00143 00144 static void rsa_free_wrap( void *ctx ) 00145 { 00146 mbedtls_rsa_free( (mbedtls_rsa_context *) ctx ); 00147 mbedtls_free( ctx ); 00148 } 00149 00150 static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items ) 00151 { 00152 items->type = MBEDTLS_PK_DEBUG_MPI; 00153 items->name = "rsa.N"; 00154 items->value = &( ((mbedtls_rsa_context *) ctx)->N ); 00155 00156 items++; 00157 00158 items->type = MBEDTLS_PK_DEBUG_MPI; 00159 items->name = "rsa.E"; 00160 items->value = &( ((mbedtls_rsa_context *) ctx)->E ); 00161 } 00162 00163 const mbedtls_pk_info_t mbedtls_rsa_info = { 00164 MBEDTLS_PK_RSA, 00165 "RSA", 00166 rsa_get_bitlen, 00167 rsa_can_do, 00168 rsa_verify_wrap, 00169 rsa_sign_wrap, 00170 rsa_decrypt_wrap, 00171 rsa_encrypt_wrap, 00172 rsa_check_pair_wrap, 00173 rsa_alloc_wrap, 00174 rsa_free_wrap, 00175 rsa_debug, 00176 }; 00177 #endif /* MBEDTLS_RSA_C */ 00178 00179 #if defined(MBEDTLS_ECP_C) 00180 /* 00181 * Generic EC key 00182 */ 00183 static int eckey_can_do( mbedtls_pk_type_t type ) 00184 { 00185 return( type == MBEDTLS_PK_ECKEY || 00186 type == MBEDTLS_PK_ECKEY_DH || 00187 type == MBEDTLS_PK_ECDSA ); 00188 } 00189 00190 static size_t eckey_get_bitlen( const void *ctx ) 00191 { 00192 return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits ); 00193 } 00194 00195 #if defined(MBEDTLS_ECDSA_C) 00196 /* Forward declarations */ 00197 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00198 const unsigned char *hash, size_t hash_len, 00199 const unsigned char *sig, size_t sig_len ); 00200 00201 static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00202 const unsigned char *hash, size_t hash_len, 00203 unsigned char *sig, size_t *sig_len, 00204 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); 00205 00206 static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00207 const unsigned char *hash, size_t hash_len, 00208 const unsigned char *sig, size_t sig_len ) 00209 { 00210 int ret; 00211 mbedtls_ecdsa_context ecdsa; 00212 00213 mbedtls_ecdsa_init( &ecdsa ); 00214 00215 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) 00216 ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len ); 00217 00218 mbedtls_ecdsa_free( &ecdsa ); 00219 00220 return( ret ); 00221 } 00222 00223 static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00224 const unsigned char *hash, size_t hash_len, 00225 unsigned char *sig, size_t *sig_len, 00226 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00227 { 00228 int ret; 00229 mbedtls_ecdsa_context ecdsa; 00230 00231 mbedtls_ecdsa_init( &ecdsa ); 00232 00233 if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 ) 00234 ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len, 00235 f_rng, p_rng ); 00236 00237 mbedtls_ecdsa_free( &ecdsa ); 00238 00239 return( ret ); 00240 } 00241 00242 #endif /* MBEDTLS_ECDSA_C */ 00243 00244 static int eckey_check_pair( const void *pub, const void *prv ) 00245 { 00246 return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub, 00247 (const mbedtls_ecp_keypair *) prv ) ); 00248 } 00249 00250 static void *eckey_alloc_wrap( void ) 00251 { 00252 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecp_keypair ) ); 00253 00254 if( ctx != NULL ) 00255 mbedtls_ecp_keypair_init( ctx ); 00256 00257 return( ctx ); 00258 } 00259 00260 static void eckey_free_wrap( void *ctx ) 00261 { 00262 mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx ); 00263 mbedtls_free( ctx ); 00264 } 00265 00266 static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items ) 00267 { 00268 items->type = MBEDTLS_PK_DEBUG_ECP; 00269 items->name = "eckey.Q"; 00270 items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q ); 00271 } 00272 00273 const mbedtls_pk_info_t mbedtls_eckey_info = { 00274 MBEDTLS_PK_ECKEY, 00275 "EC", 00276 eckey_get_bitlen, 00277 eckey_can_do, 00278 #if defined(MBEDTLS_ECDSA_C) 00279 eckey_verify_wrap, 00280 eckey_sign_wrap, 00281 #else 00282 NULL, 00283 NULL, 00284 #endif 00285 NULL, 00286 NULL, 00287 eckey_check_pair, 00288 eckey_alloc_wrap, 00289 eckey_free_wrap, 00290 eckey_debug, 00291 }; 00292 00293 /* 00294 * EC key restricted to ECDH 00295 */ 00296 static int eckeydh_can_do( mbedtls_pk_type_t type ) 00297 { 00298 return( type == MBEDTLS_PK_ECKEY || 00299 type == MBEDTLS_PK_ECKEY_DH ); 00300 } 00301 00302 const mbedtls_pk_info_t mbedtls_eckeydh_info = { 00303 MBEDTLS_PK_ECKEY_DH, 00304 "EC_DH", 00305 eckey_get_bitlen, /* Same underlying key structure */ 00306 eckeydh_can_do, 00307 NULL, 00308 NULL, 00309 NULL, 00310 NULL, 00311 eckey_check_pair, 00312 eckey_alloc_wrap, /* Same underlying key structure */ 00313 eckey_free_wrap, /* Same underlying key structure */ 00314 eckey_debug, /* Same underlying key structure */ 00315 }; 00316 #endif /* MBEDTLS_ECP_C */ 00317 00318 #if defined(MBEDTLS_ECDSA_C) 00319 static int ecdsa_can_do( mbedtls_pk_type_t type ) 00320 { 00321 return( type == MBEDTLS_PK_ECDSA ); 00322 } 00323 00324 static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg, 00325 const unsigned char *hash, size_t hash_len, 00326 const unsigned char *sig, size_t sig_len ) 00327 { 00328 int ret; 00329 ((void) md_alg); 00330 00331 ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx, 00332 hash, hash_len, sig, sig_len ); 00333 00334 if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH ) 00335 return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH ); 00336 00337 return( ret ); 00338 } 00339 00340 static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00341 const unsigned char *hash, size_t hash_len, 00342 unsigned char *sig, size_t *sig_len, 00343 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00344 { 00345 return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx, 00346 md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) ); 00347 } 00348 00349 static void *ecdsa_alloc_wrap( void ) 00350 { 00351 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_context ) ); 00352 00353 if( ctx != NULL ) 00354 mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx ); 00355 00356 return( ctx ); 00357 } 00358 00359 static void ecdsa_free_wrap( void *ctx ) 00360 { 00361 mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx ); 00362 mbedtls_free( ctx ); 00363 } 00364 00365 const mbedtls_pk_info_t mbedtls_ecdsa_info = { 00366 MBEDTLS_PK_ECDSA, 00367 "ECDSA", 00368 eckey_get_bitlen, /* Compatible key structures */ 00369 ecdsa_can_do, 00370 ecdsa_verify_wrap, 00371 ecdsa_sign_wrap, 00372 NULL, 00373 NULL, 00374 eckey_check_pair, /* Compatible key structures */ 00375 ecdsa_alloc_wrap, 00376 ecdsa_free_wrap, 00377 eckey_debug, /* Compatible key structures */ 00378 }; 00379 #endif /* MBEDTLS_ECDSA_C */ 00380 00381 #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 00382 /* 00383 * Support for alternative RSA-private implementations 00384 */ 00385 00386 static int rsa_alt_can_do( mbedtls_pk_type_t type ) 00387 { 00388 return( type == MBEDTLS_PK_RSA ); 00389 } 00390 00391 static size_t rsa_alt_get_bitlen( const void *ctx ) 00392 { 00393 const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx; 00394 00395 return( 8 * rsa_alt->key_len_func( rsa_alt->key ) ); 00396 } 00397 00398 static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg, 00399 const unsigned char *hash, size_t hash_len, 00400 unsigned char *sig, size_t *sig_len, 00401 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00402 { 00403 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; 00404 00405 *sig_len = rsa_alt->key_len_func( rsa_alt->key ); 00406 00407 return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE, 00408 md_alg, (unsigned int) hash_len, hash, sig ) ); 00409 } 00410 00411 static int rsa_alt_decrypt_wrap( void *ctx, 00412 const unsigned char *input, size_t ilen, 00413 unsigned char *output, size_t *olen, size_t osize, 00414 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) 00415 { 00416 mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx; 00417 00418 ((void) f_rng); 00419 ((void) p_rng); 00420 00421 if( ilen != rsa_alt->key_len_func( rsa_alt->key ) ) 00422 return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA ); 00423 00424 return( rsa_alt->decrypt_func( rsa_alt->key, 00425 MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) ); 00426 } 00427 00428 #if defined(MBEDTLS_RSA_C) 00429 static int rsa_alt_check_pair( const void *pub, const void *prv ) 00430 { 00431 unsigned char sig[MBEDTLS_MPI_MAX_SIZE]; 00432 unsigned char hash[32]; 00433 size_t sig_len = 0; 00434 int ret; 00435 00436 if( rsa_alt_get_bitlen( prv ) != rsa_get_bitlen( pub ) ) 00437 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); 00438 00439 memset( hash, 0x2a, sizeof( hash ) ); 00440 00441 if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE, 00442 hash, sizeof( hash ), 00443 sig, &sig_len, NULL, NULL ) ) != 0 ) 00444 { 00445 return( ret ); 00446 } 00447 00448 if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE, 00449 hash, sizeof( hash ), sig, sig_len ) != 0 ) 00450 { 00451 return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED ); 00452 } 00453 00454 return( 0 ); 00455 } 00456 #endif /* MBEDTLS_RSA_C */ 00457 00458 static void *rsa_alt_alloc_wrap( void ) 00459 { 00460 void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_rsa_alt_context ) ); 00461 00462 if( ctx != NULL ) 00463 memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) ); 00464 00465 return( ctx ); 00466 } 00467 00468 static void rsa_alt_free_wrap( void *ctx ) 00469 { 00470 mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) ); 00471 mbedtls_free( ctx ); 00472 } 00473 00474 const mbedtls_pk_info_t mbedtls_rsa_alt_info = { 00475 MBEDTLS_PK_RSA_ALT, 00476 "RSA-alt", 00477 rsa_alt_get_bitlen, 00478 rsa_alt_can_do, 00479 NULL, 00480 rsa_alt_sign_wrap, 00481 rsa_alt_decrypt_wrap, 00482 NULL, 00483 #if defined(MBEDTLS_RSA_C) 00484 rsa_alt_check_pair, 00485 #else 00486 NULL, 00487 #endif 00488 rsa_alt_alloc_wrap, 00489 rsa_alt_free_wrap, 00490 NULL, 00491 }; 00492 00493 #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */ 00494 00495 #endif /* MBEDTLS_PK_C */
Generated on Tue Jul 12 2022 13:16:03 by
1.7.2