Google Git
Sign in
pigweed / third_party / github / ARMmbed / mbedtls / f2ec505c34c53a1c26b06bfd0bd405c5865a61e9 / . / library / pk_wrap.c
blob: 6068605bfdb0319c947285a93148e23a0a8b3cd5 [file] [log] [blame]
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]1/*
2 * Public Key abstraction layer: wrapper functions
3 *
Manuel Pégourié-Gonnarda658a402015-01-23 09:45:19 +0000[diff] [blame]4 * Copyright (C) 2006-2014, ARM Limited, All Rights Reserved
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]5 *
Manuel Pégourié-Gonnardfe446432015-03-06 13:17:10 +0000[diff] [blame]6 * This file is part of mbed TLS (https://tls.mbed.org)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]7 *
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 */
22
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]23#if !defined(POLARSSL_CONFIG_FILE)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]24#include "polarssl/config.h"
Manuel Pégourié-Gonnardcef4ad22014-04-29 12:39:06 +0200[diff] [blame]25#else
26#include POLARSSL_CONFIG_FILE
27#endif
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]28
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +0200[diff] [blame]29#if defined(POLARSSL_PK_C)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]30#include "polarssl/pk_wrap.h"
31
Manuel Pégourié-Gonnarde511ffc2013-08-22 17:33:21 +0200[diff] [blame]32/* Even if RSA not activated, for the sake of RSA-alt */
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]33#include "polarssl/rsa.h"
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]34
Rich Evans00ab4702015-02-06 13:43:58 +0000[diff] [blame]35#include <string.h>
36
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]37#if defined(POLARSSL_ECP_C)
38#include "polarssl/ecp.h"
39#endif
40
41#if defined(POLARSSL_ECDSA_C)
42#include "polarssl/ecdsa.h"
43#endif
44
Paul Bakker7dc4c442014-02-01 22:50:26 +0100[diff] [blame]45#if defined(POLARSSL_PLATFORM_C)
46#include "polarssl/platform.h"
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]47#else
48#include <stdlib.h>
49#define polarssl_malloc malloc
50#define polarssl_free free
51#endif
52
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]53/* Implementation that should never be optimized out by the compiler */
54static void polarssl_zeroize( void *v, size_t n ) {
55 volatile unsigned char *p = v; while( n-- ) *p++ = 0;
56}
57
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]58#if defined(POLARSSL_RSA_C)
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]59static int rsa_can_do( pk_type_t type )
60{
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]61 return( type == POLARSSL_PK_RSA ||
62 type == POLARSSL_PK_RSASSA_PSS );
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]63}
64
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]65static size_t rsa_get_size( const void *ctx )
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]66{
Paul Bakker8fc30b12013-11-25 13:29:43 +0100[diff] [blame]67 return( 8 * ((const rsa_context *) ctx)->len );
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]68}
69
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]70static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
71 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]72 const unsigned char *sig, size_t sig_len )
73{
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]74 int ret;
75
76 if( sig_len < ((rsa_context *) ctx)->len )
Manuel Pégourié-Gonnardac4cd362013-08-14 20:20:41 +0200[diff] [blame]77 return( POLARSSL_ERR_RSA_VERIFY_FAILED );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]78
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]79 if( ( ret = rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL,
80 RSA_PUBLIC, md_alg,
81 (unsigned int) hash_len, hash, sig ) ) != 0 )
82 return( ret );
83
84 if( sig_len > ((rsa_context *) ctx)->len )
85 return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
86
87 return( 0 );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]88}
89
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]90static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
91 const unsigned char *hash, size_t hash_len,
92 unsigned char *sig, size_t *sig_len,
93 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
94{
95 *sig_len = ((rsa_context *) ctx)->len;
96
97 return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]98 md_alg, (unsigned int) hash_len, hash, sig ) );
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]99}
100
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]101static int rsa_decrypt_wrap( void *ctx,
102 const unsigned char *input, size_t ilen,
103 unsigned char *output, size_t *olen, size_t osize,
104 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
105{
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]106 if( ilen != ((rsa_context *) ctx)->len )
107 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
108
Paul Bakker548957d2013-08-30 10:30:02 +0200[diff] [blame]109 return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]110 RSA_PRIVATE, olen, input, output, osize ) );
111}
112
113static int rsa_encrypt_wrap( void *ctx,
114 const unsigned char *input, size_t ilen,
115 unsigned char *output, size_t *olen, size_t osize,
116 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
117{
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]118 *olen = ((rsa_context *) ctx)->len;
119
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]120 if( *olen > osize )
121 return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
122
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]123 return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
124 f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
125}
126
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]127static int rsa_check_pair_wrap( const void *pub, const void *prv )
128{
129 return( rsa_check_pub_priv( (const rsa_context *) pub,
130 (const rsa_context *) prv ) );
131}
132
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]133static void *rsa_alloc_wrap( void )
134{
135 void *ctx = polarssl_malloc( sizeof( rsa_context ) );
136
137 if( ctx != NULL )
138 rsa_init( (rsa_context *) ctx, 0, 0 );
139
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]140 return( ctx );
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]141}
142
143static void rsa_free_wrap( void *ctx )
144{
145 rsa_free( (rsa_context *) ctx );
146 polarssl_free( ctx );
147}
148
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]149static void rsa_debug( const void *ctx, pk_debug_item *items )
150{
151 items->type = POLARSSL_PK_DEBUG_MPI;
152 items->name = "rsa.N";
153 items->value = &( ((rsa_context *) ctx)->N );
154
155 items++;
156
157 items->type = POLARSSL_PK_DEBUG_MPI;
158 items->name = "rsa.E";
159 items->value = &( ((rsa_context *) ctx)->E );
160}
161
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]162const pk_info_t rsa_info = {
163 POLARSSL_PK_RSA,
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]164 "RSA",
165 rsa_get_size,
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]166 rsa_can_do,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]167 rsa_verify_wrap,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]168 rsa_sign_wrap,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]169 rsa_decrypt_wrap,
170 rsa_encrypt_wrap,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]171 rsa_check_pair_wrap,
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]172 rsa_alloc_wrap,
173 rsa_free_wrap,
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]174 rsa_debug,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]175};
176#endif /* POLARSSL_RSA_C */
177
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]178#if defined(POLARSSL_ECP_C)
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]179/*
180 * Generic EC key
181 */
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]182static int eckey_can_do( pk_type_t type )
183{
184 return( type == POLARSSL_PK_ECKEY ||
185 type == POLARSSL_PK_ECKEY_DH ||
186 type == POLARSSL_PK_ECDSA );
187}
188
Manuel Pégourié-Gonnardb3d91872013-08-14 15:56:19 +0200[diff] [blame]189static size_t eckey_get_size( const void *ctx )
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]190{
191 return( ((ecp_keypair *) ctx)->grp.pbits );
192}
193
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]194#if defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]195/* Forward declarations */
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]196static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
197 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]198 const unsigned char *sig, size_t sig_len );
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]199
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]200static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
201 const unsigned char *hash, size_t hash_len,
202 unsigned char *sig, size_t *sig_len,
203 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
204
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]205static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
206 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]207 const unsigned char *sig, size_t sig_len )
208{
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]209 int ret;
210 ecdsa_context ecdsa;
211
212 ecdsa_init( &ecdsa );
213
Manuel Pégourié-Gonnard583b6082013-08-20 16:58:13 +0200[diff] [blame]214 if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
215 ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]216
217 ecdsa_free( &ecdsa );
218
219 return( ret );
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]220}
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]221
222static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
223 const unsigned char *hash, size_t hash_len,
224 unsigned char *sig, size_t *sig_len,
225 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
226{
227 int ret;
228 ecdsa_context ecdsa;
229
230 ecdsa_init( &ecdsa );
231
232 if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
233 ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
234 f_rng, p_rng );
235
236 ecdsa_free( &ecdsa );
237
238 return( ret );
239}
240
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]241#endif /* POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]242
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]243static int eckey_check_pair( const void *pub, const void *prv )
244{
245 return( ecp_check_pub_priv( (const ecp_keypair *) pub,
246 (const ecp_keypair *) prv ) );
247}
248
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]249static void *eckey_alloc_wrap( void )
250{
251 void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
252
253 if( ctx != NULL )
254 ecp_keypair_init( ctx );
255
256 return( ctx );
257}
258
259static void eckey_free_wrap( void *ctx )
260{
261 ecp_keypair_free( (ecp_keypair *) ctx );
262 polarssl_free( ctx );
263}
264
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]265static void eckey_debug( const void *ctx, pk_debug_item *items )
266{
267 items->type = POLARSSL_PK_DEBUG_ECP;
268 items->name = "eckey.Q";
269 items->value = &( ((ecp_keypair *) ctx)->Q );
270}
271
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]272const pk_info_t eckey_info = {
273 POLARSSL_PK_ECKEY,
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]274 "EC",
275 eckey_get_size,
Manuel Pégourié-Gonnardf18c3e02013-08-12 18:41:18 +0200[diff] [blame]276 eckey_can_do,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]277#if defined(POLARSSL_ECDSA_C)
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]278 eckey_verify_wrap,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]279 eckey_sign_wrap,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]280#else
281 NULL,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]282 NULL,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]283#endif
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]284 NULL,
285 NULL,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]286 eckey_check_pair,
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]287 eckey_alloc_wrap,
288 eckey_free_wrap,
Manuel Pégourié-Gonnardc6ac8872013-08-14 18:04:18 +0200[diff] [blame]289 eckey_debug,
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]290};
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]291
292/*
Paul Bakker75342a62014-04-08 17:35:40 +0200[diff] [blame]293 * EC key restricted to ECDH
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]294 */
295static int eckeydh_can_do( pk_type_t type )
296{
297 return( type == POLARSSL_PK_ECKEY ||
298 type == POLARSSL_PK_ECKEY_DH );
299}
300
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]301const pk_info_t eckeydh_info = {
302 POLARSSL_PK_ECKEY_DH,
Manuel Pégourié-Gonnardf8c948a2013-08-12 19:45:32 +0200[diff] [blame]303 "EC_DH",
304 eckey_get_size, /* Same underlying key structure */
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]305 eckeydh_can_do,
Manuel Pégourié-Gonnardfff80f82013-08-17 15:20:06 +0200[diff] [blame]306 NULL,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]307 NULL,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]308 NULL,
309 NULL,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]310 eckey_check_pair,
Manuel Pégourié-Gonnard765db072013-08-14 15:00:27 +0200[diff] [blame]311 eckey_alloc_wrap, /* Same underlying key structure */
312 eckey_free_wrap, /* Same underlying key structure */
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]313 eckey_debug, /* Same underlying key structure */
Manuel Pégourié-Gonnard835eb592013-08-12 18:51:26 +0200[diff] [blame]314};
Manuel Pégourié-Gonnardd73b3c12013-08-12 17:06:05 +0200[diff] [blame]315#endif /* POLARSSL_ECP_C */
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]316
317#if defined(POLARSSL_ECDSA_C)
318static int ecdsa_can_do( pk_type_t type )
319{
320 return( type == POLARSSL_PK_ECDSA );
321}
322
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]323static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
324 const unsigned char *hash, size_t hash_len,
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]325 const unsigned char *sig, size_t sig_len )
326{
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]327 int ret;
Manuel Pégourié-Gonnardf73da022013-08-17 14:36:32 +0200[diff] [blame]328 ((void) md_alg);
329
Manuel Pégourié-Gonnard2abed842014-04-08 12:40:15 +0200[diff] [blame]330 ret = ecdsa_read_signature( (ecdsa_context *) ctx,
331 hash, hash_len, sig, sig_len );
332
333 if( ret == POLARSSL_ERR_ECP_SIG_LEN_MISMATCH )
334 return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
335
336 return( ret );
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]337}
338
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]339static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
340 const unsigned char *hash, size_t hash_len,
341 unsigned char *sig, size_t *sig_len,
342 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
343{
Manuel Pégourié-Gonnard65ad3e42014-01-06 16:57:24 +0100[diff] [blame]344 /* Use deterministic ECDSA by default if available */
345#if defined(POLARSSL_ECDSA_DETERMINISTIC)
346 ((void) f_rng);
347 ((void) p_rng);
348
349 return( ecdsa_write_signature_det( (ecdsa_context *) ctx,
350 hash, hash_len, sig, sig_len, md_alg ) );
351#else
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]352 ((void) md_alg);
353
354 return( ecdsa_write_signature( (ecdsa_context *) ctx,
355 hash, hash_len, sig, sig_len, f_rng, p_rng ) );
Paul Bakker9af723c2014-05-01 13:03:14 +0200[diff] [blame]356#endif /* POLARSSL_ECDSA_DETERMINISTIC */
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]357}
358
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]359static void *ecdsa_alloc_wrap( void )
360{
361 void *ctx = polarssl_malloc( sizeof( ecdsa_context ) );
362
363 if( ctx != NULL )
364 ecdsa_init( (ecdsa_context *) ctx );
365
366 return( ctx );
367}
368
369static void ecdsa_free_wrap( void *ctx )
370{
371 ecdsa_free( (ecdsa_context *) ctx );
372 polarssl_free( ctx );
373}
374
375const pk_info_t ecdsa_info = {
376 POLARSSL_PK_ECDSA,
377 "ECDSA",
378 eckey_get_size, /* Compatible key structures */
379 ecdsa_can_do,
380 ecdsa_verify_wrap,
Manuel Pégourié-Gonnard8df27692013-08-21 10:34:38 +0200[diff] [blame]381 ecdsa_sign_wrap,
Manuel Pégourié-Gonnarda2d3f222013-08-21 11:51:08 +0200[diff] [blame]382 NULL,
383 NULL,
Manuel Pégourié-Gonnard70bdadf2014-11-06 16:51:20 +0100[diff] [blame]384 eckey_check_pair, /* Compatible key structures */
Manuel Pégourié-Gonnard09162dd2013-08-14 18:16:50 +0200[diff] [blame]385 ecdsa_alloc_wrap,
386 ecdsa_free_wrap,
387 eckey_debug, /* Compatible key structures */
388};
389#endif /* POLARSSL_ECDSA_C */
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]390
391/*
392 * Support for alternative RSA-private implementations
393 */
394
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]395static int rsa_alt_can_do( pk_type_t type )
396{
397 return( type == POLARSSL_PK_RSA );
398}
399
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]400static size_t rsa_alt_get_size( const void *ctx )
401{
Paul Bakker8fc30b12013-11-25 13:29:43 +0100[diff] [blame]402 const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx;
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]403
Manuel Pégourié-Gonnard01488752014-04-03 22:09:18 +0200[diff] [blame]404 return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]405}
406
407static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
408 const unsigned char *hash, size_t hash_len,
409 unsigned char *sig, size_t *sig_len,
410 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
411{
412 rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
413
414 *sig_len = rsa_alt->key_len_func( rsa_alt->key );
415
416 return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
Paul Bakkerb9cfaa02013-10-11 18:58:55 +0200[diff] [blame]417 md_alg, (unsigned int) hash_len, hash, sig ) );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]418}
419
420static int rsa_alt_decrypt_wrap( void *ctx,
421 const unsigned char *input, size_t ilen,
422 unsigned char *output, size_t *olen, size_t osize,
423 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
424{
425 rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
426
427 ((void) f_rng);
428 ((void) p_rng);
429
430 if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
431 return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
432
433 return( rsa_alt->decrypt_func( rsa_alt->key,
434 RSA_PRIVATE, olen, input, output, osize ) );
435}
436
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]437#if defined(POLARSSL_RSA_C)
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]438static int rsa_alt_check_pair( const void *pub, const void *prv )
439{
440 unsigned char sig[POLARSSL_MPI_MAX_SIZE];
441 unsigned char hash[32];
442 size_t sig_len = 0;
443 int ret;
444
445 if( rsa_alt_get_size( prv ) != rsa_get_size( pub ) )
446 return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
447
448 memset( hash, 0x2a, sizeof( hash ) );
449
450 if( ( ret = rsa_alt_sign_wrap( (void *) prv, POLARSSL_MD_NONE,
451 hash, sizeof( hash ),
452 sig, &sig_len, NULL, NULL ) ) != 0 )
453 {
454 return( ret );
455 }
456
457 if( rsa_verify_wrap( (void *) pub, POLARSSL_MD_NONE,
458 hash, sizeof( hash ), sig, sig_len ) != 0 )
459 {
460 return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
461 }
462
463 return( 0 );
464}
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]465#endif /* POLARSSL_RSA_C */
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]466
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]467static void *rsa_alt_alloc_wrap( void )
468{
469 void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
470
471 if( ctx != NULL )
472 memset( ctx, 0, sizeof( rsa_alt_context ) );
473
Paul Bakkerd8bb8262014-06-17 14:06:49 +0200[diff] [blame]474 return( ctx );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]475}
476
477static void rsa_alt_free_wrap( void *ctx )
478{
Paul Bakker34617722014-06-13 17:20:13 +0200[diff] [blame]479 polarssl_zeroize( ctx, sizeof( rsa_alt_context ) );
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]480 polarssl_free( ctx );
481}
482
483const pk_info_t rsa_alt_info = {
484 POLARSSL_PK_RSA_ALT,
485 "RSA-alt",
486 rsa_alt_get_size,
Manuel Pégourié-Gonnard20422e92014-06-05 13:41:44 +0200[diff] [blame]487 rsa_alt_can_do,
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]488 NULL,
489 rsa_alt_sign_wrap,
490 rsa_alt_decrypt_wrap,
491 NULL,
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]492#if defined(POLARSSL_RSA_C)
Manuel Pégourié-Gonnarda1efcb02014-11-08 17:08:08 +0100[diff] [blame]493 rsa_alt_check_pair,
Manuel Pégourié-Gonnard7c13d692014-11-12 00:01:34 +0100[diff] [blame]494#else
495 NULL,
496#endif
Manuel Pégourié-Gonnard12c1ff02013-08-21 12:28:31 +0200[diff] [blame]497 rsa_alt_alloc_wrap,
498 rsa_alt_free_wrap,
499 NULL,
500};
Manuel Pégourié-Gonnardc40b4c32013-08-22 13:29:31 +0200[diff] [blame]501
502#endif /* POLARSSL_PK_C */