diff options
Diffstat (limited to 'FreeRTOS-Plus/Source/WolfSSL/wolfcrypt/src/signature.c')
-rw-r--r-- | FreeRTOS-Plus/Source/WolfSSL/wolfcrypt/src/signature.c | 559 |
1 files changed, 559 insertions, 0 deletions
diff --git a/FreeRTOS-Plus/Source/WolfSSL/wolfcrypt/src/signature.c b/FreeRTOS-Plus/Source/WolfSSL/wolfcrypt/src/signature.c new file mode 100644 index 000000000..5d503338a --- /dev/null +++ b/FreeRTOS-Plus/Source/WolfSSL/wolfcrypt/src/signature.c @@ -0,0 +1,559 @@ +/* signature.c + * + * Copyright (C) 2006-2020 wolfSSL Inc. + * + * This file is part of wolfSSL. + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + + +#ifdef HAVE_CONFIG_H + #include <config.h> +#endif + +#include <wolfssl/wolfcrypt/settings.h> +#include <wolfssl/wolfcrypt/signature.h> +#include <wolfssl/wolfcrypt/error-crypt.h> +#include <wolfssl/wolfcrypt/logging.h> +#ifndef NO_ASN +#include <wolfssl/wolfcrypt/asn.h> +#endif +#ifdef HAVE_ECC +#include <wolfssl/wolfcrypt/ecc.h> +#endif +#ifndef NO_RSA +#include <wolfssl/wolfcrypt/rsa.h> +#endif + +/* If ECC and RSA are disabled then disable signature wrapper */ +#if (!defined(HAVE_ECC) || (defined(HAVE_ECC) && !defined(HAVE_ECC_SIGN) \ + && !defined(HAVE_ECC_VERIFY))) && defined(NO_RSA) + #undef NO_SIG_WRAPPER + #define NO_SIG_WRAPPER +#endif + +/* Signature wrapper disabled check */ +#ifndef NO_SIG_WRAPPER + +#if !defined(NO_RSA) && !defined(NO_ASN) +static int wc_SignatureDerEncode(enum wc_HashType hash_type, byte* hash_data, + word32 hash_len, word32* hash_enc_len) +{ + int ret, oid; + + ret = wc_HashGetOID(hash_type); + if (ret < 0) { + return ret; + } + oid = ret; + + ret = wc_EncodeSignature(hash_data, hash_data, hash_len, oid); + if (ret > 0) { + *hash_enc_len = ret; + ret = 0; + } + + return ret; +} +#endif /* !NO_RSA && !NO_ASN */ + +int wc_SignatureGetSize(enum wc_SignatureType sig_type, + const void* key, word32 key_len) +{ + int sig_len = BAD_FUNC_ARG; + + /* Suppress possible unused args if all signature types are disabled */ + (void)key; + (void)key_len; + + switch(sig_type) { + case WC_SIGNATURE_TYPE_ECC: +#ifdef HAVE_ECC + /* Sanity check that void* key is at least ecc_key in size */ + if (key_len >= sizeof(ecc_key)) { + sig_len = wc_ecc_sig_size((ecc_key*)key); + } + else { + WOLFSSL_MSG("wc_SignatureGetSize: Invalid ECC key size"); + } +#else + sig_len = SIG_TYPE_E; +#endif + break; + + case WC_SIGNATURE_TYPE_RSA_W_ENC: + case WC_SIGNATURE_TYPE_RSA: +#ifndef NO_RSA + /* Sanity check that void* key is at least RsaKey in size */ + if (key_len >= sizeof(RsaKey)) { + sig_len = wc_RsaEncryptSize((RsaKey*)key); + } + else { + WOLFSSL_MSG("wc_SignatureGetSize: Invalid RsaKey key size"); + } +#else + sig_len = SIG_TYPE_E; +#endif + break; + + case WC_SIGNATURE_TYPE_NONE: + default: + sig_len = BAD_FUNC_ARG; + break; + } + return sig_len; +} + +int wc_SignatureVerifyHash( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* hash_data, word32 hash_len, + const byte* sig, word32 sig_len, + const void* key, word32 key_len) +{ + int ret; + + /* Check arguments */ + if (hash_data == NULL || hash_len == 0 || + sig == NULL || sig_len == 0 || + key == NULL || key_len == 0) { + return BAD_FUNC_ARG; + } + + /* Validate signature len (1 to max is okay) */ + if ((int)sig_len > wc_SignatureGetSize(sig_type, key, key_len)) { + WOLFSSL_MSG("wc_SignatureVerify: Invalid sig type/len"); + return BAD_FUNC_ARG; + } + + /* Validate hash size */ + ret = wc_HashGetDigestSize(hash_type); + if (ret < 0) { + WOLFSSL_MSG("wc_SignatureVerify: Invalid hash type/len"); + return ret; + } + ret = 0; + + /* Verify signature using hash */ + switch (sig_type) { + case WC_SIGNATURE_TYPE_ECC: + { +#if defined(HAVE_ECC) && defined(HAVE_ECC_VERIFY) + int is_valid_sig = 0; + + /* Perform verification of signature using provided ECC key */ + do { + #ifdef WOLFSSL_ASYNC_CRYPT + ret = wc_AsyncWait(ret, &((ecc_key*)key)->asyncDev, + WC_ASYNC_FLAG_CALL_AGAIN); + #endif + if (ret >= 0) + ret = wc_ecc_verify_hash(sig, sig_len, hash_data, hash_len, + &is_valid_sig, (ecc_key*)key); + } while (ret == WC_PENDING_E); + if (ret != 0 || is_valid_sig != 1) { + ret = SIG_VERIFY_E; + } +#else + ret = SIG_TYPE_E; +#endif + break; + } + + case WC_SIGNATURE_TYPE_RSA_W_ENC: + case WC_SIGNATURE_TYPE_RSA: + { +#ifndef NO_RSA +#if defined(WOLFSSL_CRYPTOCELL) + /* the signature must propagate to the cryptocell to get verfied */ + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + ret = cc310_RsaSSL_Verify(hash_data, hash_len,(byte*)sig, key, + CRYS_RSA_HASH_SHA256_mode); + } + else { + ret = cc310_RsaSSL_Verify(hash_data, hash_len,(byte*)sig, key, + CRYS_RSA_After_SHA256_mode); + } + + if (ret != 0) { + WOLFSSL_MSG("RSA Signature Verify difference!"); + ret = SIG_VERIFY_E; + } + +#else /* WOLFSSL_CRYPTOCELL */ + + word32 plain_len = hash_len; + byte *plain_data; + + /* Make sure the plain text output is at least key size */ + if (plain_len < sig_len) { + plain_len = sig_len; + } + plain_data = (byte*)XMALLOC(plain_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (plain_data) { + /* Perform verification of signature using provided RSA key */ + do { + #ifdef WOLFSSL_ASYNC_CRYPT + ret = wc_AsyncWait(ret, &((RsaKey*)key)->asyncDev, + WC_ASYNC_FLAG_CALL_AGAIN); + #endif + if (ret >= 0) + ret = wc_RsaSSL_Verify(sig, sig_len, plain_data, + plain_len, (RsaKey*)key); + } while (ret == WC_PENDING_E); + if (ret >= 0) { + if ((word32)ret == hash_len && + XMEMCMP(plain_data, hash_data, hash_len) == 0) { + ret = 0; /* Success */ + } + else { + WOLFSSL_MSG("RSA Signature Verify difference!"); + ret = SIG_VERIFY_E; + } + } + XFREE(plain_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); + } + else { + ret = MEMORY_E; + } +#endif /* !WOLFSSL_CRYPTOCELL */ +#else + ret = SIG_TYPE_E; +#endif + break; + } + + case WC_SIGNATURE_TYPE_NONE: + default: + ret = BAD_FUNC_ARG; + break; + } + + return ret; +} + +int wc_SignatureVerify( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* data, word32 data_len, + const byte* sig, word32 sig_len, + const void* key, word32 key_len) +{ + int ret; + word32 hash_len, hash_enc_len; +#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN) + byte *hash_data; +#else + byte hash_data[MAX_DER_DIGEST_SZ]; +#endif + + /* Check arguments */ + if (data == NULL || data_len == 0 || + sig == NULL || sig_len == 0 || + key == NULL || key_len == 0) { + return BAD_FUNC_ARG; + } + + /* Validate signature len (1 to max is okay) */ + if ((int)sig_len > wc_SignatureGetSize(sig_type, key, key_len)) { + WOLFSSL_MSG("wc_SignatureVerify: Invalid sig type/len"); + return BAD_FUNC_ARG; + } + + /* Validate hash size */ + ret = wc_HashGetDigestSize(hash_type); + if (ret < 0) { + WOLFSSL_MSG("wc_SignatureVerify: Invalid hash type/len"); + return ret; + } + hash_enc_len = hash_len = ret; + +#ifndef NO_RSA + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + /* For RSA with ASN.1 encoding include room */ + hash_enc_len += MAX_DER_DIGEST_ASN_SZ; + } +#endif + +#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN) + /* Allocate temporary buffer for hash data */ + hash_data = (byte*)XMALLOC(hash_enc_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (hash_data == NULL) { + return MEMORY_E; + } +#endif + + /* Perform hash of data */ + ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); + if (ret == 0) { + /* Handle RSA with DER encoding */ + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + #if defined(NO_RSA) || defined(NO_ASN) + ret = SIG_TYPE_E; + #else + ret = wc_SignatureDerEncode(hash_type, hash_data, hash_len, + &hash_enc_len); + #endif + } + + if (ret == 0) { +#if defined(WOLFSSL_CRYPTOCELL) + if ((sig_type == WC_SIGNATURE_TYPE_RSA) + || (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC)) { + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + ret = cc310_RsaSSL_Verify(hash_data, hash_len, sig, key, + cc310_hashModeRSA(hash_type, 0)); + } + else { + ret = cc310_RsaSSL_Verify(hash_data, hash_len, sig, key, + cc310_hashModeRSA(hash_type, 1)); + } + } +#else + /* Verify signature using hash */ + ret = wc_SignatureVerifyHash(hash_type, sig_type, + hash_data, hash_enc_len, sig, sig_len, key, key_len); +#endif /* WOLFSSL_CRYPTOCELL */ + } + } + +#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN) + XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; +} + + +int wc_SignatureGenerateHash( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* hash_data, word32 hash_len, + byte* sig, word32 *sig_len, + const void* key, word32 key_len, WC_RNG* rng) +{ + return wc_SignatureGenerateHash_ex(hash_type, sig_type, hash_data, hash_len, + sig, sig_len, key, key_len, rng, 1); +} + +int wc_SignatureGenerateHash_ex( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* hash_data, word32 hash_len, + byte* sig, word32 *sig_len, + const void* key, word32 key_len, WC_RNG* rng, int verify) +{ + int ret; + + /* Suppress possible unused arg if all signature types are disabled */ + (void)rng; + + /* Check arguments */ + if (hash_data == NULL || hash_len == 0 || + sig == NULL || sig_len == NULL || *sig_len == 0 || + key == NULL || key_len == 0) { + return BAD_FUNC_ARG; + } + + /* Validate signature len (needs to be at least max) */ + if ((int)*sig_len < wc_SignatureGetSize(sig_type, key, key_len)) { + WOLFSSL_MSG("wc_SignatureGenerate: Invalid sig type/len"); + return BAD_FUNC_ARG; + } + + /* Validate hash size */ + ret = wc_HashGetDigestSize(hash_type); + if (ret < 0) { + WOLFSSL_MSG("wc_SignatureGenerate: Invalid hash type/len"); + return ret; + } + ret = 0; + + /* Create signature using hash as data */ + switch (sig_type) { + case WC_SIGNATURE_TYPE_ECC: +#if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) + /* Create signature using provided ECC key */ + do { + #ifdef WOLFSSL_ASYNC_CRYPT + ret = wc_AsyncWait(ret, &((ecc_key*)key)->asyncDev, + WC_ASYNC_FLAG_CALL_AGAIN); + #endif + if (ret >= 0) + ret = wc_ecc_sign_hash(hash_data, hash_len, sig, sig_len, + rng, (ecc_key*)key); + } while (ret == WC_PENDING_E); +#else + ret = SIG_TYPE_E; +#endif + break; + + case WC_SIGNATURE_TYPE_RSA_W_ENC: + case WC_SIGNATURE_TYPE_RSA: +#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) + #if defined(WOLFSSL_CRYPTOCELL) + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key, + cc310_hashModeRSA(hash_type, 0)); + } + else { + ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, key, + cc310_hashModeRSA(hash_type, 1)); + } + #else + /* Create signature using provided RSA key */ + do { + #ifdef WOLFSSL_ASYNC_CRYPT + ret = wc_AsyncWait(ret, &((RsaKey*)key)->asyncDev, + WC_ASYNC_FLAG_CALL_AGAIN); + #endif + if (ret >= 0) + ret = wc_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, + (RsaKey*)key, rng); + } while (ret == WC_PENDING_E); + #endif /* WOLFSSL_CRYPTOCELL */ + if (ret >= 0) { + *sig_len = ret; + ret = 0; /* Success */ + } +#else + ret = SIG_TYPE_E; +#endif + break; + + case WC_SIGNATURE_TYPE_NONE: + default: + ret = BAD_FUNC_ARG; + break; + } + + if (ret == 0 && verify) { + ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data, hash_len, + sig, *sig_len, key, key_len); + } + + return ret; +} + +int wc_SignatureGenerate( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* data, word32 data_len, + byte* sig, word32 *sig_len, + const void* key, word32 key_len, WC_RNG* rng) +{ + return wc_SignatureGenerate_ex(hash_type, sig_type, data, data_len, sig, + sig_len, key, key_len, rng, 1); +} + +int wc_SignatureGenerate_ex( + enum wc_HashType hash_type, enum wc_SignatureType sig_type, + const byte* data, word32 data_len, + byte* sig, word32 *sig_len, + const void* key, word32 key_len, WC_RNG* rng, int verify) +{ + int ret; + word32 hash_len, hash_enc_len; +#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN) + byte *hash_data; +#else + byte hash_data[MAX_DER_DIGEST_SZ]; +#endif + + /* Check arguments */ + if (data == NULL || data_len == 0 || + sig == NULL || sig_len == NULL || *sig_len == 0 || + key == NULL || key_len == 0) { + return BAD_FUNC_ARG; + } + + /* Validate signature len (needs to be at least max) */ + if ((int)*sig_len < wc_SignatureGetSize(sig_type, key, key_len)) { + WOLFSSL_MSG("wc_SignatureGenerate: Invalid sig type/len"); + return BAD_FUNC_ARG; + } + + /* Validate hash size */ + ret = wc_HashGetDigestSize(hash_type); + if (ret < 0) { + WOLFSSL_MSG("wc_SignatureGenerate: Invalid hash type/len"); + return ret; + } + hash_enc_len = hash_len = ret; + +#if !defined(NO_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + /* For RSA with ASN.1 encoding include room */ + hash_enc_len += MAX_DER_DIGEST_ASN_SZ; + } +#endif + +#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN) + /* Allocate temporary buffer for hash data */ + hash_data = (byte*)XMALLOC(hash_enc_len, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (hash_data == NULL) { + return MEMORY_E; + } +#endif + + /* Perform hash of data */ + ret = wc_Hash(hash_type, data, data_len, hash_data, hash_len); + if (ret == 0) { + /* Handle RSA with DER encoding */ + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + #if defined(NO_RSA) || defined(NO_ASN) || \ + defined(WOLFSSL_RSA_PUBLIC_ONLY) + ret = SIG_TYPE_E; + #else + ret = wc_SignatureDerEncode(hash_type, hash_data, hash_len, + &hash_enc_len); + #endif + } + if (ret == 0) { +#if defined(WOLFSSL_CRYPTOCELL) + if ((sig_type == WC_SIGNATURE_TYPE_RSA) + || (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC)) { + if (sig_type == WC_SIGNATURE_TYPE_RSA_W_ENC) { + ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, + key, cc310_hashModeRSA(hash_type, 0)); + } + else { + ret = cc310_RsaSSL_Sign(hash_data, hash_len, sig, *sig_len, + key, cc310_hashModeRSA(hash_type, 1)); + } + + if (ret == *sig_len) { + ret = 0; + } + } + } + } +#else + /* Generate signature using hash */ + ret = wc_SignatureGenerateHash(hash_type, sig_type, + hash_data, hash_enc_len, sig, sig_len, key, key_len, rng); + } + } + + if (ret == 0 && verify) { + ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data, + hash_enc_len, sig, *sig_len, key, key_len); + } +#endif /* WOLFSSL_CRYPTOCELL */ + +#if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN) + XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; +} + +#endif /* NO_SIG_WRAPPER */ |