Skip to content

Commit a110d88

Browse files
SparkiDevSparkiDev
authored
Merge pull request #31 from gasbytes/tests-improv
Tests improv (PK)
2 parents 2f78143 + 4739726 commit a110d88

2 files changed

Lines changed: 159 additions & 40 deletions

File tree

wolfssl-gnutls-wrapper/Makefile

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,18 @@
11
CC = gcc
2-
CFLAGS = -DENABLE_WOLFSSL -fPIC -Wall -Wextra -Werror
3-
CFLAGS_DEBUG = -DENABLE_WOLFSSL -fPIC -Wall -Wextra -Werror -g
42
INCLUDES = -I/opt/gnutls/include/ -I/opt/wolfssl/include/
53

64
UNAME_S := $(shell uname -s)
75

86
ifeq ($(UNAME_S),Linux)
7+
CFLAGS = -DENABLE_WOLFSSL -fPIC -Wall -Wextra -Werror
8+
CFLAGS_DEBUG = -DENABLE_WOLFSSL -fPIC -Wall -Wextra -Werror -g
99
LDFLAGS = -shared -L/opt/gnutls/lib -L/opt/wolfssl/lib -Wl,-rpath,/opt/wolfssl/lib -Wl,--no-as-needed -Wl,-z,now
1010
endif
1111

1212
ifeq ($(UNAME_S),Darwin)
1313
CC = clang
14+
CFLAGS = -DENABLE_WOLFSSL -fPIC -Wall -Wextra
15+
CFLAGS_DEBUG = -DENABLE_WOLFSSL -fPIC -Wall -Wextra -g
1416
LDFLAGS = -shared -L/opt/gnutls/lib -L/opt/wolfssl/lib -Wl,-rpath,/opt/wolfssl/lib
1517
endif
1618

wolfssl-gnutls-wrapper/src/wolfssl.c

Lines changed: 155 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -3964,6 +3964,18 @@ static int wolfssl_pk_get_bits(void *_ctx, unsigned int* bits)
39643964
{
39653965
struct wolfssl_pk_ctx *ctx = (struct wolfssl_pk_ctx *)_ctx;
39663966

3967+
WGW_FUNC_ENTER();
3968+
3969+
if (!ctx || !ctx->initialized) {
3970+
WGW_LOG("ctx not initialized");
3971+
return GNUTLS_E_ALGO_NOT_SUPPORTED;
3972+
}
3973+
3974+
if (!wolfssl_pk_supported[ctx->algo]) {
3975+
WGW_LOG("algorithm not supported");
3976+
return GNUTLS_E_ALGO_NOT_SUPPORTED;
3977+
}
3978+
39673979
switch (ctx->algo) {
39683980
case GNUTLS_PK_RSA:
39693981
case GNUTLS_PK_RSA_PSS:
@@ -7547,16 +7559,20 @@ static int wolfssl_pk_export_privkey_x509(void *_priv_ctx, const void *privkey)
75477559
}
75487560
} else if (priv_ctx->algo == GNUTLS_PK_EDDSA_ED25519) {
75497561
WGW_LOG("ED25519");
7562+
#if defined(HAVE_ED25519)
75507563
ret = wolfssl_ed25519_export_priv(priv_ctx, priv);
75517564
if (ret != 0) {
75527565
return ret;
75537566
}
7567+
#endif
75547568
} else if (priv_ctx->algo == GNUTLS_PK_EDDSA_ED448) {
75557569
WGW_LOG("ED448");
7570+
#if defined(HAVE_ED448)
75567571
ret = wolfssl_ed448_export_priv(priv_ctx, priv);
75577572
if (ret != 0) {
75587573
return ret;
75597574
}
7575+
#endif
75607576
} else {
75617577
WGW_ERROR("unsupported algorithm for exporting private key: %d",
75627578
priv_ctx->algo);
@@ -8789,6 +8805,7 @@ static int wolfssl_pk_derive_shared_secret(void *_pub_ctx, void *_priv_ctx, cons
87898805
return GNUTLS_E_INVALID_REQUEST;
87908806
}
87918807

8808+
87928809
if (!priv_ctx->key.x25519.privSet) {
87938810
WGW_LOG("Private key is not set, importing now");
87948811
const gnutls_datum_t *priv = (const gnutls_datum_t *)privkey;
@@ -8804,6 +8821,11 @@ static int wolfssl_pk_derive_shared_secret(void *_pub_ctx, void *_priv_ctx, cons
88048821
}
88058822
}
88068823

8824+
8825+
#if !defined(HAVE_FIPS)
8826+
wc_curve25519_set_rng(&priv_ctx->key.x25519, &priv_ctx->rng);
8827+
#endif
8828+
88078829
/* Generate the shared secret */
88088830
ret = wc_curve25519_shared_secret_ex(&priv_ctx->key.x25519, &peer_key,
88098831
shared_secret_buf, &secret_size, EC25519_LITTLE_ENDIAN);
@@ -9686,7 +9708,7 @@ static int wolfssl_pk_export_privkey_ecdh_raw(void *ctx, const void* x, const vo
96869708

96879709
/* export public key in raw bytes to the provided gnutls_datum_t */
96889710
static int wolfssl_pk_export_pubkey_ecdh_raw(void *ctx, const void *x,
9689-
const void *y)
9711+
const void *y, gnutls_ecc_curve_t *curve)
96909712
{
96919713
struct wolfssl_pk_ctx *pub_ctx = ctx;
96929714
gnutls_datum_t *x_datum = (gnutls_datum_t *)x;
@@ -9704,49 +9726,144 @@ static int wolfssl_pk_export_pubkey_ecdh_raw(void *ctx, const void *x,
97049726
return GNUTLS_E_INVALID_REQUEST;
97059727
}
97069728

9707-
if (!x_datum || !y_datum) {
9708-
WGW_ERROR("Public key datum parameter (x or y) is NULL");
9709-
return GNUTLS_E_INVALID_REQUEST;
9710-
}
9729+
switch(pub_ctx->algo) {
9730+
case GNUTLS_PK_EC:
9731+
WGW_LOG("EC");
9732+
if (!x_datum || !y_datum) {
9733+
WGW_ERROR("Public key datum parameter (x or y) is NULL");
9734+
return GNUTLS_E_ALGO_NOT_SUPPORTED;
9735+
}
97119736

9712-
/* Ensure the context is for ECDH algorithm */
9713-
if (pub_ctx->algo != GNUTLS_PK_ECDHX &&
9714-
pub_ctx->algo != GNUTLS_PK_ECDSA) {
9715-
WGW_ERROR("Context algorithm is not ECDH/ECDSA (%d)", pub_ctx->algo);
9716-
return GNUTLS_E_INVALID_REQUEST;
9717-
}
9737+
/* Export public key using wc_ecc_export_public_raw */
9738+
ret = wc_ecc_export_public_raw(&pub_ctx->key.ecc, x_buffer, &x_size,
9739+
y_buffer, &y_size);
9740+
if (ret != 0) {
9741+
WGW_ERROR("wc_ecc_export_public_raw failed: %d", ret);
9742+
return GNUTLS_E_INVALID_REQUEST;
9743+
}
97189744

9719-
/* Export public key using wc_ecc_export_public_raw */
9720-
ret = wc_ecc_export_public_raw(&pub_ctx->key.ecc, x_buffer, &x_size,
9721-
y_buffer, &y_size);
9722-
if (ret != 0) {
9723-
WGW_ERROR("wc_ecc_export_public_raw failed: %d", ret);
9724-
return GNUTLS_E_INVALID_REQUEST;
9725-
}
9745+
/* Allocate and copy public key x-ordinate */
9746+
x_datum->data = gnutls_malloc(x_size);
9747+
if (!x_datum->data) {
9748+
WGW_ERROR("Memory allocation failed for public key");
9749+
return GNUTLS_E_MEMORY_ERROR;
9750+
}
9751+
/* Allocate and copy public key y-ordinate */
9752+
y_datum->data = gnutls_malloc(y_size);
9753+
if (!x_datum->data) {
9754+
WGW_ERROR("Memory allocation failed for public key");
9755+
gnutls_free(x_datum->data);
9756+
x_datum->data = NULL;
9757+
x_datum->size = 0;
9758+
return GNUTLS_E_MEMORY_ERROR;
9759+
}
97269760

9727-
/* Allocate and copy public key x-ordinate */
9728-
x_datum->data = gnutls_malloc(x_size);
9729-
if (!x_datum->data) {
9730-
WGW_ERROR("Memory allocation failed for public key");
9731-
return GNUTLS_E_MEMORY_ERROR;
9732-
}
9733-
/* Allocate and copy public key y-ordinate */
9734-
y_datum->data = gnutls_malloc(y_size);
9735-
if (!x_datum->data) {
9736-
WGW_ERROR("Memory allocation failed for public key");
9737-
gnutls_free(x_datum->data);
9738-
x_datum->data = NULL;
9739-
x_datum->size = 0;
9740-
return GNUTLS_E_MEMORY_ERROR;
9761+
XMEMCPY(x_datum->data, x_buffer, x_size);
9762+
x_datum->size = x_size;
9763+
XMEMCPY(y_datum->data, y_buffer, y_size);
9764+
y_datum->size = y_size;
9765+
pub_ctx->curve = wolfssl_ecc_curve_id_to_curve_type(
9766+
pub_ctx->key.ecc.dp->id);
9767+
break;
9768+
#if defined(HAVE_ED25519)
9769+
case GNUTLS_PK_EDDSA_ED25519:
9770+
WGW_LOG("ED25519");
9771+
pub_ctx->pub_data_len = ED25519_PUB_KEY_SIZE;
9772+
ret = wc_ed25519_export_public(&pub_ctx->key.ed25519, x_buffer,
9773+
&x_size);
9774+
if (ret != 0) {
9775+
WGW_ERROR("wc_ed25519_export_public failed: %d", ret);
9776+
return GNUTLS_E_INVALID_REQUEST;
9777+
}
9778+
pub_ctx->curve = GNUTLS_ECC_CURVE_ED25519;
9779+
9780+
/* Allocate and copy public key x-ordinate */
9781+
x_datum->data = gnutls_malloc(x_size);
9782+
if (!x_datum->data) {
9783+
WGW_ERROR("Memory allocation failed for public key");
9784+
return GNUTLS_E_MEMORY_ERROR;
9785+
}
9786+
9787+
XMEMCPY(x_datum->data, x_buffer, x_size);
9788+
x_datum->size = x_size;
9789+
break;
9790+
#endif
9791+
#if defined(HAVE_ED448)
9792+
case GNUTLS_PK_EDDSA_ED448:
9793+
WGW_LOG("ED448");
9794+
pub_ctx->pub_data_len = ED448_PUB_KEY_SIZE;
9795+
ret = wc_ed448_export_public(&pub_ctx->key.ed448, x_buffer,
9796+
&x_size);
9797+
if (ret != 0) {
9798+
WGW_ERROR("wc_ed448_export_public failed: %d", ret);
9799+
return GNUTLS_E_INVALID_REQUEST;
9800+
}
9801+
pub_ctx->curve = GNUTLS_ECC_CURVE_ED448;
9802+
9803+
/* Allocate and copy public key x-ordinate */
9804+
x_datum->data = gnutls_malloc(x_size);
9805+
if (!x_datum->data) {
9806+
WGW_ERROR("Memory allocation failed for public key");
9807+
return GNUTLS_E_MEMORY_ERROR;
9808+
}
9809+
9810+
XMEMCPY(x_datum->data, x_buffer, x_size);
9811+
x_datum->size = x_size;
9812+
break;
9813+
#endif
9814+
#if defined(HAVE_X25519)
9815+
case GNUTLS_PK_ECDH_X25519:
9816+
WGW_LOG("X25519");
9817+
pub_ctx->pub_data_len = CURVE25519_PUB_KEY_SIZE;
9818+
ret = wc_curve25519_export_public_ex(&pub_ctx->key.x25519,
9819+
x_buffer, &x_size, EC25519_LITTLE_ENDIAN);
9820+
if (ret != 0) {
9821+
WGW_ERROR("wc_curve25519_export_public failed: %d", ret);
9822+
return GNUTLS_E_INVALID_REQUEST;
9823+
}
9824+
pub_ctx->curve = GNUTLS_ECC_CURVE_X25519;
9825+
9826+
/* Allocate and copy public key x-ordinate */
9827+
x_datum->data = gnutls_malloc(x_size);
9828+
if (!x_datum->data) {
9829+
WGW_ERROR("Memory allocation failed for public key");
9830+
return GNUTLS_E_MEMORY_ERROR;
9831+
}
9832+
9833+
XMEMCPY(x_datum->data, x_buffer, x_size);
9834+
x_datum->size = x_size;
9835+
break;
9836+
#endif
9837+
#if defined(HAVE_X448)
9838+
case GNUTLS_PK_ECDH_X448:
9839+
WGW_LOG("X448");
9840+
pub_ctx->pub_data_len = CURVE448_PUB_KEY_SIZE;
9841+
ret = wc_curve448_export_public_ex(&pub_ctx->key.x448, x_buffer,
9842+
&x_size, EC448_LITTLE_ENDIAN);
9843+
if (ret != 0) {
9844+
WGW_ERROR("wc_curve448_export_public failed: %d", ret);
9845+
return GNUTLS_E_INVALID_REQUEST;
9846+
}
9847+
pub_ctx->curve = GNUTLS_ECC_CURVE_X448;
9848+
9849+
/* Allocate and copy public key x-ordinate */
9850+
x_datum->data = gnutls_malloc(x_size);
9851+
if (!x_datum->data) {
9852+
WGW_ERROR("Memory allocation failed for public key");
9853+
return GNUTLS_E_MEMORY_ERROR;
9854+
}
9855+
9856+
XMEMCPY(x_datum->data, x_buffer, x_size);
9857+
x_datum->size = x_size;
9858+
break;
9859+
#endif
9860+
default:
9861+
return GNUTLS_E_ALGO_NOT_SUPPORTED;
97419862
}
97429863

9743-
XMEMCPY(x_datum->data, x_buffer, x_size);
9744-
x_datum->size = x_size;
9745-
XMEMCPY(y_datum->data, y_buffer, y_size);
9746-
y_datum->size = y_size;
9864+
*curve = pub_ctx->curve;
97479865

9748-
WGW_LOG("ECDH public key exported successfully (sizes=%u,,%u)",
9749-
x_datum->size, y_datum->size);
9866+
WGW_LOG("ECDH public key exported successfully");
97509867

97519868
return 0;
97529869
}

0 commit comments

Comments
 (0)