[crypto] Add RSA-2048-PSS verification.

This commit is contained in:
jakcron 2018-04-15 10:33:00 +08:00
parent 9073c4a6d8
commit 81e4f06048
7 changed files with 1513 additions and 2 deletions

View file

@ -107,5 +107,18 @@ namespace crypto
int rsaSign(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa4096Size]); int rsaSign(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa4096Size]);
int rsaVerify(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa4096Size]); int rsaVerify(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa4096Size]);
} }
namespace pss
{
// rsa1024
//int rsaSign(const sRsa1024Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa1024Size]);
//int rsaVerify(const sRsa1024Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa1024Size]);
// rsa2048
//int rsaSign(const sRsa2048Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa2048Size]);
int rsaVerify(const sRsa2048Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa2048Size]);
// rsa4096
//int rsaSign(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, uint8_t signature[kRsa4096Size]);
//int rsaVerify(const sRsa4096Key& key, sha::HashType hash_type, const uint8_t* hash, const uint8_t signature[kRsa4096Size]);
}
} }
} }

View file

@ -248,7 +248,7 @@
* Enable support for PKCS#1 v2.1 encoding. * Enable support for PKCS#1 v2.1 encoding.
* This enables support for RSAES-OAEP and RSASSA-PSS operations. * This enables support for RSAES-OAEP and RSASSA-PSS operations.
*/ */
//#define POLARSSL_PKCS1_V21 #define POLARSSL_PKCS1_V21
/** /**
* \def POLARSSL_RSA_NO_CRT * \def POLARSSL_RSA_NO_CRT
@ -641,7 +641,7 @@
* *
* Uncomment to enable generic message digest wrappers. * Uncomment to enable generic message digest wrappers.
*/ */
//#define POLARSSL_MD_C #define POLARSSL_MD_C
/** /**
* \def POLARSSL_MD2_C * \def POLARSSL_MD2_C

View file

@ -0,0 +1,357 @@
/**
* \file md.h
*
* \brief Generic message digest wrapper
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD_H
#define POLARSSL_MD_H
#include <string.h>
#if ( defined(__ARMCC_VERSION) || defined(_MSC_VER) ) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
typedef enum {
POLARSSL_MD_NONE=0,
POLARSSL_MD_MD2,
POLARSSL_MD_MD4,
POLARSSL_MD_MD5,
POLARSSL_MD_SHA1,
POLARSSL_MD_SHA224,
POLARSSL_MD_SHA256,
POLARSSL_MD_SHA384,
POLARSSL_MD_SHA512,
} md_type_t;
#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */
/**
* Message digest information. Allows message digest functions to be called
* in a generic way.
*/
typedef struct {
/** Digest identifier */
md_type_t type;
/** Name of the message digest */
const char * name;
/** Output length of the digest function */
int size;
/** Digest initialisation function */
void (*starts_func)( void *ctx );
/** Digest update function */
void (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** Digest finalisation function */
void (*finish_func)( void *ctx, unsigned char *output );
/** Generic digest function */
void (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
/** Generic file digest function */
int (*file_func)( const char *path, unsigned char *output );
/** HMAC Initialisation function */
void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen );
/** HMAC update function */
void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** HMAC finalisation function */
void (*hmac_finish_func)( void *ctx, unsigned char *output);
/** HMAC context reset function */
void (*hmac_reset_func)( void *ctx );
/** Generic HMAC function */
void (*hmac_func)( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
/** Free the given context */
void (*ctx_free_func)( void *ctx );
} md_info_t;
/**
* Generic message digest context.
*/
typedef struct {
/** Information about the associated message digest */
const md_info_t *md_info;
/** Digest-specific context */
void *md_ctx;
} md_context_t;
#define MD_CONTEXT_T_INIT { \
NULL, /* md_info */ \
NULL, /* md_ctx */ \
}
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Returns the list of digests supported by the generic digest module.
*
* \return a statically allocated array of digests, the last entry
* is 0.
*/
const int *md_list( void );
/**
* \brief Returns the message digest information associated with the
* given digest name.
*
* \param md_name Name of the digest to search for.
*
* \return The message digest information associated with md_name or
* NULL if not found.
*/
const md_info_t *md_info_from_string( const char *md_name );
/**
* \brief Returns the message digest information associated with the
* given digest type.
*
* \param md_type type of digest to search for.
*
* \return The message digest information associated with md_type or
* NULL if not found.
*/
const md_info_t *md_info_from_type( md_type_t md_type );
/**
* \brief Initialises and fills the message digest context structure with
* the appropriate values.
*
* \param ctx context to initialise. May not be NULL. The
* digest-specific context (ctx->md_ctx) must be NULL. It will
* be allocated, and must be freed using md_free_ctx() later.
* \param md_info message digest to use.
*
* \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on
* parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if
* allocation of the digest-specific context failed.
*/
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
/**
* \brief Free the message-specific context of ctx. Freeing ctx itself
* remains the responsibility of the caller.
*
* \param ctx Free the message-specific context
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_free_ctx( md_context_t *ctx );
/**
* \brief Returns the size of the message digest output.
*
* \param md_info message digest info
*
* \return size of the message digest output.
*/
static inline unsigned char md_get_size( const md_info_t *md_info )
{
if( md_info == NULL )
return( 0 );
return md_info->size;
}
/**
* \brief Returns the type of the message digest output.
*
* \param md_info message digest info
*
* \return type of the message digest output.
*/
static inline md_type_t md_get_type( const md_info_t *md_info )
{
if( md_info == NULL )
return( POLARSSL_MD_NONE );
return md_info->type;
}
/**
* \brief Returns the name of the message digest output.
*
* \param md_info message digest info
*
* \return name of the message digest output.
*/
static inline const char *md_get_name( const md_info_t *md_info )
{
if( md_info == NULL )
return( NULL );
return md_info->name;
}
/**
* \brief Set-up the given context for a new message digest
*
* \param ctx generic message digest context.
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_starts( md_context_t *ctx );
/**
* \brief Generic message digest process buffer
*
* \param ctx Generic message digest context
* \param input buffer holding the datal
* \param ilen length of the input data
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
* \brief Generic message digest final digest
*
* \param ctx Generic message digest context
* \param output Generic message digest checksum result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_finish( md_context_t *ctx, unsigned char *output );
/**
* \brief Output = message_digest( input buffer )
*
* \param md_info message digest info
* \param input buffer holding the data
* \param ilen length of the input data
* \param output Generic message digest checksum result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output );
/**
* \brief Output = message_digest( file contents )
*
* \param md_info message digest info
* \param path input file name
* \param output generic message digest checksum result
*
* \return 0 if successful, POLARSSL_ERR_MD_FILE_OPEN_FAILED if fopen
* failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed,
* POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
*/
int md_file( const md_info_t *md_info, const char *path, unsigned char *output );
/**
* \brief Generic HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen );
/**
* \brief Generic HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
* \brief Generic HMAC final digest
*
* \param ctx HMAC context
* \param output Generic HMAC checksum result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_finish( md_context_t *ctx, unsigned char *output);
/**
* \brief Generic HMAC context reset
*
* \param ctx HMAC context to be reset
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_reset( md_context_t *ctx );
/**
* \brief Output = Generic_HMAC( hmac key, input buffer )
*
* \param md_info message digest info
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output Generic HMAC-result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_MD_H */

View file

@ -0,0 +1,61 @@
/**
* \file md_wrap.h
*
* \brief Message digest wrappers.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD_WRAP_H
#define POLARSSL_MD_WRAP_H
#include "config.h"
#include "md.h"
#ifdef __cplusplus
extern "C" {
#endif
#if defined(POLARSSL_MD2_C)
extern const md_info_t md2_info;
#endif
#if defined(POLARSSL_MD4_C)
extern const md_info_t md4_info;
#endif
#if defined(POLARSSL_MD5_C)
extern const md_info_t md5_info;
#endif
#if defined(POLARSSL_SHA1_C)
extern const md_info_t sha1_info;
#endif
#if defined(POLARSSL_SHA2_C)
extern const md_info_t sha224_info;
extern const md_info_t sha256_info;
#endif
#if defined(POLARSSL_SHA4_C)
extern const md_info_t sha384_info;
extern const md_info_t sha512_info;
#endif
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_MD_WRAP_H */

View file

@ -0,0 +1,300 @@
/**
* \file md.c
*
* \brief Generic message digest wrapper for PolarSSL
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include "polarssl/config.h"
#if defined(POLARSSL_MD_C)
#include "polarssl/md.h"
#include "polarssl/md_wrap.h"
#include <stdlib.h>
#if defined _MSC_VER && !defined strcasecmp
#define strcasecmp _stricmp
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
static const int supported_digests[] = {
#if defined(POLARSSL_MD2_C)
POLARSSL_MD_MD2,
#endif
#if defined(POLARSSL_MD4_C)
POLARSSL_MD_MD4,
#endif
#if defined(POLARSSL_MD5_C)
POLARSSL_MD_MD5,
#endif
#if defined(POLARSSL_SHA1_C)
POLARSSL_MD_SHA1,
#endif
#if defined(POLARSSL_SHA2_C)
POLARSSL_MD_SHA224,
POLARSSL_MD_SHA256,
#endif
#if defined(POLARSSL_SHA4_C)
POLARSSL_MD_SHA384,
POLARSSL_MD_SHA512,
#endif
0
};
const int *md_list( void )
{
return supported_digests;
}
const md_info_t *md_info_from_string( const char *md_name )
{
if( NULL == md_name )
return NULL;
/* Get the appropriate digest information */
#if defined(POLARSSL_MD2_C)
if( !strcasecmp( "MD2", md_name ) )
return md_info_from_type( POLARSSL_MD_MD2 );
#endif
#if defined(POLARSSL_MD4_C)
if( !strcasecmp( "MD4", md_name ) )
return md_info_from_type( POLARSSL_MD_MD4 );
#endif
#if defined(POLARSSL_MD5_C)
if( !strcasecmp( "MD5", md_name ) )
return md_info_from_type( POLARSSL_MD_MD5 );
#endif
#if defined(POLARSSL_SHA1_C)
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA1 );
#endif
#if defined(POLARSSL_SHA2_C)
if( !strcasecmp( "SHA224", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA224 );
if( !strcasecmp( "SHA256", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA256 );
#endif
#if defined(POLARSSL_SHA4_C)
if( !strcasecmp( "SHA384", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA384 );
if( !strcasecmp( "SHA512", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA512 );
#endif
return NULL;
}
const md_info_t *md_info_from_type( md_type_t md_type )
{
switch( md_type )
{
#if defined(POLARSSL_MD2_C)
case POLARSSL_MD_MD2:
return &md2_info;
#endif
#if defined(POLARSSL_MD4_C)
case POLARSSL_MD_MD4:
return &md4_info;
#endif
#if defined(POLARSSL_MD5_C)
case POLARSSL_MD_MD5:
return &md5_info;
#endif
#if defined(POLARSSL_SHA1_C)
case POLARSSL_MD_SHA1:
return &sha1_info;
#endif
#if defined(POLARSSL_SHA2_C)
case POLARSSL_MD_SHA224:
return &sha224_info;
case POLARSSL_MD_SHA256:
return &sha256_info;
#endif
#if defined(POLARSSL_SHA4_C)
case POLARSSL_MD_SHA384:
return &sha384_info;
case POLARSSL_MD_SHA512:
return &sha512_info;
#endif
default:
return NULL;
}
}
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
{
if( md_info == NULL || ctx == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
memset( ctx, 0, sizeof( md_context_t ) );
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
return POLARSSL_ERR_MD_ALLOC_FAILED;
ctx->md_info = md_info;
md_info->starts_func( ctx->md_ctx );
return 0;
}
int md_free_ctx( md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->ctx_free_func( ctx->md_ctx );
polarssl_zeroize( ctx, sizeof( md_context_t ) );
return 0;
}
int md_starts( md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->starts_func( ctx->md_ctx );
return 0;
}
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return 0;
}
int md_finish( md_context_t *ctx, unsigned char *output )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->finish_func( ctx->md_ctx, output );
return 0;
}
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output )
{
if ( md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
md_info->digest_func( input, ilen, output );
return 0;
}
int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
int ret;
#endif
if( md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
#if defined(POLARSSL_FS_IO)
ret = md_info->file_func( path, output );
if( ret != 0 )
return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
return( ret );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->hmac_starts_func( ctx->md_ctx, key, keylen);
return 0;
}
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->hmac_update_func( ctx->md_ctx, input, ilen );
return 0;
}
int md_hmac_finish( md_context_t *ctx, unsigned char *output)
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->hmac_finish_func( ctx->md_ctx, output);
return 0;
}
int md_hmac_reset( md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
ctx->md_info->hmac_reset_func( ctx->md_ctx);
return 0;
}
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
if( md_info == NULL )
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
md_info->hmac_func( key, keylen, input, ilen, output );
return 0;
}
#endif

View file

@ -0,0 +1,743 @@
/**
* \file md_wrap.c
* \brief Generic message digest wrapper for PolarSSL
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include "polarssl/config.h"
#if defined(POLARSSL_MD_C)
#include "polarssl/md_wrap.h"
#if defined(POLARSSL_MD2_C)
#include "polarssl/md2.h"
#endif
#if defined(POLARSSL_MD4_C)
#include "polarssl/md4.h"
#endif
#if defined(POLARSSL_MD5_C)
#include "polarssl/md5.h"
#endif
#if defined(POLARSSL_SHA1_C)
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA2_C)
#include "polarssl/sha2.h"
#endif
#if defined(POLARSSL_SHA4_C)
#include "polarssl/sha4.h"
#endif
#include <stdlib.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if defined(POLARSSL_MD2_C)
static void md2_starts_wrap( void *ctx )
{
md2_starts( (md2_context *) ctx );
}
static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md2_update( (md2_context *) ctx, input, ilen );
}
static void md2_finish_wrap( void *ctx, unsigned char *output )
{
md2_finish( (md2_context *) ctx, output );
}
static int md2_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return md2_file( path, output );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md2_hmac_starts( (md2_context *) ctx, key, keylen );
}
static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md2_hmac_update( (md2_context *) ctx, input, ilen );
}
static void md2_hmac_finish_wrap( void *ctx, unsigned char *output )
{
md2_hmac_finish( (md2_context *) ctx, output );
}
static void md2_hmac_reset_wrap( void *ctx )
{
md2_hmac_reset( (md2_context *) ctx );
}
static void * md2_ctx_alloc( void )
{
return malloc( sizeof( md2_context ) );
}
static void md2_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( md2_context ) );
free( ctx );
}
const md_info_t md2_info = {
POLARSSL_MD_MD2,
"MD2",
16,
md2_starts_wrap,
md2_update_wrap,
md2_finish_wrap,
md2,
md2_file_wrap,
md2_hmac_starts_wrap,
md2_hmac_update_wrap,
md2_hmac_finish_wrap,
md2_hmac_reset_wrap,
md2_hmac,
md2_ctx_alloc,
md2_ctx_free,
};
#endif
#if defined(POLARSSL_MD4_C)
static void md4_starts_wrap( void *ctx )
{
md4_starts( (md4_context *) ctx );
}
static void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md4_update( (md4_context *) ctx, input, ilen );
}
static void md4_finish_wrap( void *ctx, unsigned char *output )
{
md4_finish( (md4_context *) ctx, output );
}
static int md4_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return md4_file( path, output );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md4_hmac_starts( (md4_context *) ctx, key, keylen );
}
static void md4_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md4_hmac_update( (md4_context *) ctx, input, ilen );
}
static void md4_hmac_finish_wrap( void *ctx, unsigned char *output )
{
md4_hmac_finish( (md4_context *) ctx, output );
}
static void md4_hmac_reset_wrap( void *ctx )
{
md4_hmac_reset( (md4_context *) ctx );
}
static void *md4_ctx_alloc( void )
{
return malloc( sizeof( md4_context ) );
}
static void md4_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( md4_context ) );
free( ctx );
}
const md_info_t md4_info = {
POLARSSL_MD_MD4,
"MD4",
16,
md4_starts_wrap,
md4_update_wrap,
md4_finish_wrap,
md4,
md4_file_wrap,
md4_hmac_starts_wrap,
md4_hmac_update_wrap,
md4_hmac_finish_wrap,
md4_hmac_reset_wrap,
md4_hmac,
md4_ctx_alloc,
md4_ctx_free,
};
#endif
#if defined(POLARSSL_MD5_C)
static void md5_starts_wrap( void *ctx )
{
md5_starts( (md5_context *) ctx );
}
static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md5_update( (md5_context *) ctx, input, ilen );
}
static void md5_finish_wrap( void *ctx, unsigned char *output )
{
md5_finish( (md5_context *) ctx, output );
}
static int md5_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return md5_file( path, output );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
md5_hmac_starts( (md5_context *) ctx, key, keylen );
}
static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
md5_hmac_update( (md5_context *) ctx, input, ilen );
}
static void md5_hmac_finish_wrap( void *ctx, unsigned char *output )
{
md5_hmac_finish( (md5_context *) ctx, output );
}
static void md5_hmac_reset_wrap( void *ctx )
{
md5_hmac_reset( (md5_context *) ctx );
}
static void * md5_ctx_alloc( void )
{
return malloc( sizeof( md5_context ) );
}
static void md5_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( md5_context ) );
free( ctx );
}
const md_info_t md5_info = {
POLARSSL_MD_MD5,
"MD5",
16,
md5_starts_wrap,
md5_update_wrap,
md5_finish_wrap,
md5,
md5_file_wrap,
md5_hmac_starts_wrap,
md5_hmac_update_wrap,
md5_hmac_finish_wrap,
md5_hmac_reset_wrap,
md5_hmac,
md5_ctx_alloc,
md5_ctx_free,
};
#endif
#if defined(POLARSSL_SHA1_C)
static void sha1_starts_wrap( void *ctx )
{
sha1_starts( (sha1_context *) ctx );
}
static void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha1_update( (sha1_context *) ctx, input, ilen );
}
static void sha1_finish_wrap( void *ctx, unsigned char *output )
{
sha1_finish( (sha1_context *) ctx, output );
}
static int sha1_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha1_file( path, output );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha1_hmac_starts( (sha1_context *) ctx, key, keylen );
}
static void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha1_hmac_update( (sha1_context *) ctx, input, ilen );
}
static void sha1_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha1_hmac_finish( (sha1_context *) ctx, output );
}
static void sha1_hmac_reset_wrap( void *ctx )
{
sha1_hmac_reset( (sha1_context *) ctx );
}
static void * sha1_ctx_alloc( void )
{
return malloc( sizeof( sha1_context ) );
}
static void sha1_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha1_context ) );
free( ctx );
}
const md_info_t sha1_info = {
POLARSSL_MD_SHA1,
"SHA1",
20,
sha1_starts_wrap,
sha1_update_wrap,
sha1_finish_wrap,
sha1,
sha1_file_wrap,
sha1_hmac_starts_wrap,
sha1_hmac_update_wrap,
sha1_hmac_finish_wrap,
sha1_hmac_reset_wrap,
sha1_hmac,
sha1_ctx_alloc,
sha1_ctx_free,
};
#endif
/*
* Wrappers for generic message digests
*/
#if defined(POLARSSL_SHA2_C)
static void sha224_starts_wrap( void *ctx )
{
sha2_starts( (sha2_context *) ctx, 1 );
}
static void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
}
static void sha224_finish_wrap( void *ctx, unsigned char *output )
{
sha2_finish( (sha2_context *) ctx, output );
}
static void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 1 );
}
static int sha224_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha2_file( path, output, 1 );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 );
}
static void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
}
static void sha224_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha2_hmac_finish( (sha2_context *) ctx, output );
}
static void sha224_hmac_reset_wrap( void *ctx )
{
sha2_hmac_reset( (sha2_context *) ctx );
}
static void sha224_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 1 );
}
static void * sha224_ctx_alloc( void )
{
return malloc( sizeof( sha2_context ) );
}
static void sha224_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha2_context ) );
free( ctx );
}
const md_info_t sha224_info = {
POLARSSL_MD_SHA224,
"SHA224",
28,
sha224_starts_wrap,
sha224_update_wrap,
sha224_finish_wrap,
sha224_wrap,
sha224_file_wrap,
sha224_hmac_starts_wrap,
sha224_hmac_update_wrap,
sha224_hmac_finish_wrap,
sha224_hmac_reset_wrap,
sha224_hmac_wrap,
sha224_ctx_alloc,
sha224_ctx_free,
};
static void sha256_starts_wrap( void *ctx )
{
sha2_starts( (sha2_context *) ctx, 0 );
}
static void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_update( (sha2_context *) ctx, input, ilen );
}
static void sha256_finish_wrap( void *ctx, unsigned char *output )
{
sha2_finish( (sha2_context *) ctx, output );
}
static void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2( input, ilen, output, 0 );
}
static int sha256_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha2_file( path, output, 0 );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 );
}
static void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
}
static void sha256_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha2_hmac_finish( (sha2_context *) ctx, output );
}
static void sha256_hmac_reset_wrap( void *ctx )
{
sha2_hmac_reset( (sha2_context *) ctx );
}
static void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha2_hmac( key, keylen, input, ilen, output, 0 );
}
static void * sha256_ctx_alloc( void )
{
return malloc( sizeof( sha2_context ) );
}
static void sha256_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha2_context ) );
free( ctx );
}
const md_info_t sha256_info = {
POLARSSL_MD_SHA256,
"SHA256",
32,
sha256_starts_wrap,
sha256_update_wrap,
sha256_finish_wrap,
sha256_wrap,
sha256_file_wrap,
sha256_hmac_starts_wrap,
sha256_hmac_update_wrap,
sha256_hmac_finish_wrap,
sha256_hmac_reset_wrap,
sha256_hmac_wrap,
sha256_ctx_alloc,
sha256_ctx_free,
};
#endif
#if defined(POLARSSL_SHA4_C)
static void sha384_starts_wrap( void *ctx )
{
sha4_starts( (sha4_context *) ctx, 1 );
}
static void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
}
static void sha384_finish_wrap( void *ctx, unsigned char *output )
{
sha4_finish( (sha4_context *) ctx, output );
}
static void sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 1 );
}
static int sha384_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha4_file( path, output, 1 );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 );
}
static void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
}
static void sha384_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha4_hmac_finish( (sha4_context *) ctx, output );
}
static void sha384_hmac_reset_wrap( void *ctx )
{
sha4_hmac_reset( (sha4_context *) ctx );
}
static void sha384_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 1 );
}
static void * sha384_ctx_alloc( void )
{
return malloc( sizeof( sha4_context ) );
}
static void sha384_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha4_context ) );
free( ctx );
}
const md_info_t sha384_info = {
POLARSSL_MD_SHA384,
"SHA384",
48,
sha384_starts_wrap,
sha384_update_wrap,
sha384_finish_wrap,
sha384_wrap,
sha384_file_wrap,
sha384_hmac_starts_wrap,
sha384_hmac_update_wrap,
sha384_hmac_finish_wrap,
sha384_hmac_reset_wrap,
sha384_hmac_wrap,
sha384_ctx_alloc,
sha384_ctx_free,
};
static void sha512_starts_wrap( void *ctx )
{
sha4_starts( (sha4_context *) ctx, 0 );
}
static void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_update( (sha4_context *) ctx, input, ilen );
}
static void sha512_finish_wrap( void *ctx, unsigned char *output )
{
sha4_finish( (sha4_context *) ctx, output );
}
static void sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4( input, ilen, output, 0 );
}
static int sha512_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha4_file( path, output, 0 );
#else
((void) path);
((void) output);
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
#endif
}
static void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
{
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 );
}
static void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
{
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
}
static void sha512_hmac_finish_wrap( void *ctx, unsigned char *output )
{
sha4_hmac_finish( (sha4_context *) ctx, output );
}
static void sha512_hmac_reset_wrap( void *ctx )
{
sha4_hmac_reset( (sha4_context *) ctx );
}
static void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha4_hmac( key, keylen, input, ilen, output, 0 );
}
static void * sha512_ctx_alloc( void )
{
return malloc( sizeof( sha4_context ) );
}
static void sha512_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha4_context ) );
free( ctx );
}
const md_info_t sha512_info = {
POLARSSL_MD_SHA512,
"SHA512",
64,
sha512_starts_wrap,
sha512_update_wrap,
sha512_finish_wrap,
sha512_wrap,
sha512_file_wrap,
sha512_hmac_starts_wrap,
sha512_hmac_update_wrap,
sha512_hmac_finish_wrap,
sha512_hmac_reset_wrap,
sha512_hmac_wrap,
sha512_ctx_alloc,
sha512_ctx_free,
};
#endif
#endif

View file

@ -1,5 +1,6 @@
#include <crypto/rsa.h> #include <crypto/rsa.h>
#include <polarssl/rsa.h> #include <polarssl/rsa.h>
#include <polarssl/md.h>
using namespace crypto::rsa; using namespace crypto::rsa;
using namespace crypto::sha; using namespace crypto::sha;
@ -21,6 +22,23 @@ int getWrappedHashType(HashType type)
return 0; return 0;
} }
int getMdWrappedHashType(HashType type)
{
switch (type)
{
case HASH_SHA1:
return POLARSSL_MD_SHA1;
break;
case HASH_SHA256:
return POLARSSL_MD_SHA256;
break;
default:
return POLARSSL_MD_NONE;
break;
}
return 0;
}
uint32_t getWrappedHashSize(HashType type) uint32_t getWrappedHashSize(HashType type)
{ {
uint32_t size = 0; uint32_t size = 0;
@ -146,3 +164,22 @@ int crypto::rsa::pkcs::rsaVerify(const sRsa4096Key & key, HashType hash_type, co
return ret; return ret;
} }
int crypto::rsa::pss::rsaVerify(const sRsa2048Key & key, HashType hash_type, const uint8_t * hash, const uint8_t signature[kRsa2048Size])
{
static const uint8_t public_exponent[3] = { 0x01, 0x00, 0x01 };
int ret;
rsa_context ctx;
rsa_init(&ctx, RSA_PKCS_V21, getMdWrappedHashType(hash_type));
ctx.len = kRsa2048Size;
mpi_read_binary(&ctx.E, public_exponent, sizeof(public_exponent));
mpi_read_binary(&ctx.N, key.modulus, ctx.len);
ret = rsa_rsassa_pss_verify(&ctx, RSA_PUBLIC, getWrappedHashType(hash_type), getWrappedHashSize(hash_type), hash, signature);
rsa_free(&ctx);
return ret;
}