Add and fix algorithms for MBEDTLS
* Don't double defined COSE_C_USE_MBEDTLS
* Add an error to deal with MBEDTLS not supporting compressed points
* Fix key wrap bug
diff --git a/CMakeLists.txt b/CMakeLists.txt
index ce23007..4762954 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -186,7 +186,6 @@
endif()
if(COSE_C_USE_MBEDTLS)
- add_definitions(-DCOSE_C_USE_MBEDTLS)
set(COSE_C_USE_OPENSSL OFF)
if(COSE_C_USE_FIND_PACKAGE)
@@ -275,4 +274,4 @@
message(STATUS "project_cn_cbor_SOURCE_DIR:......${project_cn_cbor_SOURCE_DIR}")
message(STATUS "project_cn_cbor_BINARY_DIR:......${project_cn_cbor_BINARY_DIR}")
message(STATUS "project_mbedtls_SOURCE_DIR:......${project_mbedtls_SOURCE_DIR}")
-message(STATUS "project_mbedtls_BINARY_DIR:......${project_mbedtls_BINARY_DIR}")
\ No newline at end of file
+message(STATUS "project_mbedtls_BINARY_DIR:......${project_mbedtls_BINARY_DIR}")
diff --git a/include/cose/cose.h b/include/cose/cose.h
index bb35c24..3416b40 100644
--- a/include/cose/cose.h
+++ b/include/cose/cose.h
@@ -46,7 +46,9 @@
/** Internal Error */
COSE_ERR_INTERNAL,
/** Type is not supported */
- COSE_ERR_UNSUPPORTED_COSE_TYPE
+ COSE_ERR_UNSUPPORTED_COSE_TYPE,
+ /** Compressed points are not supported */
+ COSE_ERR_NO_COMPRESSED_POINTS
} cose_error;
typedef enum cose_init_flags {
diff --git a/src/Encrypt.c b/src/Encrypt.c
index 9a58933..2da3b01 100644
--- a/src/Encrypt.c
+++ b/src/Encrypt.c
@@ -349,7 +349,9 @@
// If there is a recipient - ask it for the key
if (pRecip != NULL) {
- COSE_RecipientInfo *pRecipX;
+ COSE_RecipientInfo *pRecipX = NULL;
+ cose_errback errorLocal;
+ int errorFound = 0;
for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL;
pRecipX = pRecipX->m_recipientNext) {
@@ -362,10 +364,15 @@
}
else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
if (_COSE_Recipient_decrypt(
- pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) {
+ pRecipX, pRecip, alg, cbitKey, pbKeyNew, &errorLocal)) {
break;
}
}
+ errorFound = errorLocal.err;
+ }
+ if (errorFound != 0) {
+ perr->err = errorFound;
+ goto errorReturn;
}
CHECK_CONDITION(pRecipX != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
diff --git a/src/MacMessage.c b/src/MacMessage.c
index 106cadf..b3e030d 100644
--- a/src/MacMessage.c
+++ b/src/MacMessage.c
@@ -630,6 +630,12 @@
#if INCLUDE_MAC
bool COSE_Mac_validate(HCOSE_MAC h, HCOSE_RECIPIENT hRecip, cose_errback *perr)
{
+ cose_errback error;
+
+ if (perr == NULL) {
+ perr = &error;
+ }
+
COSE_MacMessage *pcose = (COSE_MacMessage *)h;
COSE_RecipientInfo *pRecip = (COSE_RecipientInfo *)hRecip;
diff --git a/src/Recipient.c b/src/Recipient.c
index 64c35ad..df43e42 100644
--- a/src/Recipient.c
+++ b/src/Recipient.c
@@ -472,13 +472,23 @@
CHECK_CONDITION(cbitKeyX != 0, COSE_ERR_INVALID_PARAMETER);
pbKeyX = COSE_CALLOC(cbitKeyX / 8, 1, context);
CHECK_CONDITION(pbKeyX != NULL, COSE_ERR_OUT_OF_MEMORY);
-
+ cose_errback error = {COSE_ERR_NONE};
+ int errorFound = false;
+
for (pRecip2 = pcose->m_recipientFirst; pRecip2 != NULL;
pRecip2 = pRecip->m_recipientNext) {
if (_COSE_Recipient_decrypt(
- pRecip2, NULL, alg, cbitKeyX, pbKeyX, perr)) {
+ pRecip2, NULL, alg, cbitKeyX, pbKeyX, &error)) {
break;
}
+ if (error.err == COSE_ERR_NO_COMPRESSED_POINTS ||
+ error.err == COSE_ERR_UNKNOWN_ALGORITHM) {
+ errorFound = error.err;
+ }
+ }
+ if (errorFound) {
+ perr->err = errorFound;
+ goto errorReturn;
}
CHECK_CONDITION(pRecip2 != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
diff --git a/src/mbedtls.c b/src/mbedtls.c
index 6727c14..85144ab 100644
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -551,8 +551,9 @@
}
pmd = mbedtls_md_info_from_type(mdType);
- if (pmd == NULL)
+ if (pmd == NULL) {
goto errorReturn;
+ }
cbSalt = 0;
byte *pbSalt = NULL;
@@ -612,11 +613,12 @@
}
pmd = mbedtls_md_info_from_type(mdType);
- if (pmd == NULL)
+ if (pmd == NULL) {
goto errorReturn;
+ }
if (mbedtls_hkdf_expand(
- pmd, pbPRK, cbPRK, pbInfo, cbInfo, pbOutput, cbOutput) != 0) {
+ pmd, pbPRK, cbPRK, pbInfo, cbInfo, pbOutput, cbOutput) != 0) {
goto errorReturn;
}
@@ -772,10 +774,10 @@
cose_errback *perr)
{
byte rgbKey[MBEDTLS_ECP_MAX_PT_LEN];
- int cbKey;
- int cbGroup;
+ int cbKey = 0;
+ int cbGroup = 0;
const cn_cbor *p;
- mbedtls_ecp_group_id groupId;
+ mbedtls_ecp_group_id groupId = 0;
p = cn_cbor_mapget_int(pKey, COSE_Key_Type);
CHECK_CONDITION(p != NULL, COSE_ERR_INVALID_PARAMETER);
@@ -809,7 +811,7 @@
}
CHECK_CONDITION(mbedtls_ecp_group_load(&keypair->grp, groupId) == 0,
COSE_ERR_INVALID_PARAMETER);
- cbGroup = (keypair->grp.nbits + 7) / 8;
+ cbGroup = (int) (keypair->grp.nbits + 7) / 8;
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_X);
CHECK_CONDITION(
@@ -826,15 +828,24 @@
memcpy(rgbKey + p->length + 1, p->v.str, p->length);
}
else if (p->type == CN_CBOR_TRUE) {
+ perr->err = COSE_ERR_NO_COMPRESSED_POINTS;
+ goto errorReturn;
+ /*
cbKey = cbGroup + 1;
rgbKey[0] = 0x03;
+ */
}
else if (p->type == CN_CBOR_FALSE) {
+ perr->err = COSE_ERR_NO_COMPRESSED_POINTS;
+ goto errorReturn;
+ /*
cbKey = cbGroup + 1;
rgbKey[0] = 0x02;
+ */
}
- else
+ else {
FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ }
CHECK_CONDITION(mbedtls_ecp_point_read_binary(
&keypair->grp, &keypair->Q, rgbKey, cbKey) == 0,
@@ -1028,6 +1039,7 @@
cose_errback *perr)
{
mbedtls_nist_kw_context ctx;
+ size_t cbKeyOut = 0;
mbedtls_nist_kw_init(&ctx);
@@ -1037,9 +1049,10 @@
CHECK_CONDITION0(
mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW, pbCipherText,
- cbCipherText, pbKeyOut, pcbKeyOut, cbCipherText - 8),
+ cbCipherText, pbKeyOut, &cbKeyOut, cbCipherText - 8),
COSE_ERR_CRYPTO_FAIL);
+ *pcbKeyOut = (int)cbKeyOut;
mbedtls_nist_kw_free(&ctx);
return true;
@@ -1069,7 +1082,7 @@
CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
CHECK_CONDITION0(mbedtls_nist_kw_setkey(
- &ctx, MBEDTLS_CIPHER_ID_AES, pbKeyIn, cbitKey, FALSE),
+ &ctx, MBEDTLS_CIPHER_ID_AES, pbKeyIn, cbitKey, TRUE),
COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION0(mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, pbContent,
@@ -1090,8 +1103,9 @@
errorReturn:
COSE_FREE(cnTmp, context);
- if (pbOut != NULL)
+ if (pbOut != NULL) {
COSE_FREE(pbOut, context);
+ }
mbedtls_nist_kw_free(&ctx);
return false;
}
@@ -1188,7 +1202,7 @@
#if USE_ECDH
/*!
*
- * @param[in] pRecipent Pointer to the message object
+ * @param[in] pRecipient Pointer to the message object
* @param[in] ppKeyPrivate Address of key with private portion
* @param[in] pKeyPublic Address of the key w/o a private portion
* @param[in/out] ppbSecret pointer to buffer to hold the computed secret
@@ -1205,18 +1219,20 @@
size_t *pcbSecret,
CBOR_CONTEXT_COMMA cose_errback *perr)
{
- int cbGroup;
- int cbsecret;
+ UNUSED(pRecipient);
+
+ int cbGroup = 0;
+ int cbsecret = 0;
byte *pbsecret = NULL;
bool fRet = false;
- mbedtls_ecp_group_id groupId;
+ mbedtls_ecp_group_id groupId = 0;
mbedtls_ecp_keypair keypair;
mbedtls_ecdh_context ctx;
mbedtls_mpi d;
cn_cbor *p = NULL;
mbedtls_mpi z;
cn_cbor *pkey = NULL;
- int cose_group;
+ int cose_group = 0;
mbedtls_mpi_init(&z);
mbedtls_ecdh_init(&ctx);
@@ -1255,18 +1271,11 @@
CHECK_CONDITION0(
mbedtls_ecp_group_load(&group, groupId), COSE_ERR_INVALID_PARAMETER);
- if (!ECKey_From(pKeyPublic, &keypair, perr))
+ if (!ECKey_From(pKeyPublic, &keypair, perr)) {
goto errorReturn;
+ }
if (*ppKeyPrivate == NULL) {
- {
- cn_cbor *pCompress = _COSE_map_get_int(
- pRecipient, COSE_Header_UseCompressedECDH, COSE_BOTH, perr);
- if (pCompress == NULL)
- FUseCompressed = false;
- else
- FUseCompressed = (pCompress->type == CN_CBOR_TRUE);
- }
mbedtls_ecp_keypair privateKeyPair;
mbedtls_ecp_keypair_init(&privateKeyPair);
@@ -1340,6 +1349,7 @@
CHECK_CONDITION(p->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION0(mbedtls_mpi_read_binary(&d, p->v.bytes, p->length),
COSE_ERR_CRYPTO_FAIL);
+ p = NULL;
}
CHECK_CONDITION0(
@@ -1360,12 +1370,15 @@
fRet = true;
errorReturn:
- if (pbsecret != NULL)
+ if (pbsecret != NULL) {
COSE_FREE(pbsecret, context);
- if (pkey != NULL)
+ }
+ if (pkey != NULL) {
CN_CBOR_FREE(pkey, context);
- if (p != NULL)
- CN_CBOR_FREE(pkey, context);
+ }
+ if (p != NULL) {
+ CN_CBOR_FREE(p, context);
+ }
mbedtls_mpi_free(&d);
mbedtls_mpi_free(&z);
diff --git a/test/encrypt.c b/test/encrypt.c
index c81aac7..8eb6baf 100644
--- a/test/encrypt.c
+++ b/test/encrypt.c
@@ -147,11 +147,15 @@
}
}
- if (COSE_Enveloped_decrypt(hEnc, hRecip, NULL)) {
+ if (COSE_Enveloped_decrypt(hEnc, hRecip, &cose_err)) {
fRet = !fFailBody;
}
else {
- if (fNoSupport) {
+ if (cose_err.err == COSE_ERR_NO_COMPRESSED_POINTS || cose_err.err == COSE_ERR_UNKNOWN_ALGORITHM) {
+ fRet = false;
+ fNoSupport = true;
+ }
+ else if (fNoSupport) {
fRet = false;
}
else {
diff --git a/test/mac_test.c b/test/mac_test.c
index 1bd82d6..03a3ae6 100644
--- a/test/mac_test.c
+++ b/test/mac_test.c
@@ -35,6 +35,7 @@
bool fFailBody = false;
bool fAlgNoSupport = false;
int returnCode = 1;
+ cose_errback error;
pFail = cn_cbor_mapget_string(pControl, "fail");
if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE)) {
@@ -117,7 +118,7 @@
fAlgNoSupport = true;
}
- if (COSE_Mac_validate(hMAC, hRecip, NULL)) {
+ if (COSE_Mac_validate(hMAC, hRecip, &error)) {
if (fAlgNoSupport) {
fFail = true;
}
@@ -126,7 +127,11 @@
}
}
else {
- if (fAlgNoSupport) {
+ if (error.err == COSE_ERR_NO_COMPRESSED_POINTS || error.err == COSE_ERR_UNKNOWN_ALGORITHM) {
+ fAlgNoSupport = true;
+ returnCode = 0;
+ }
+ else if (fAlgNoSupport) {
returnCode = 0;
}
else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE)) {