d 0773d
Fork of CyaSSL for my specific settings
ctaocrypt/src/rsa.c@4:28ac50e1d49c, 2015-03-03 (annotated)
- Committer:
- d0773d
- Date:
- Tue Mar 03 22:52:52 2015 +0000
- Revision:
- 4:28ac50e1d49c
- Parent:
- 0:1239e9b70ca2
CyaSSL example
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 0:1239e9b70ca2 | 1 | /* rsa.c |
| wolfSSL | 0:1239e9b70ca2 | 2 | * |
| wolfSSL | 0:1239e9b70ca2 | 3 | * Copyright (C) 2006-2014 wolfSSL Inc. |
| wolfSSL | 0:1239e9b70ca2 | 4 | * |
| wolfSSL | 0:1239e9b70ca2 | 5 | * This file is part of CyaSSL. |
| wolfSSL | 0:1239e9b70ca2 | 6 | * |
| wolfSSL | 0:1239e9b70ca2 | 7 | * CyaSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 0:1239e9b70ca2 | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 0:1239e9b70ca2 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 0:1239e9b70ca2 | 10 | * (at your option) any later version. |
| wolfSSL | 0:1239e9b70ca2 | 11 | * |
| wolfSSL | 0:1239e9b70ca2 | 12 | * CyaSSL is distributed in the hope that it will be useful, |
| wolfSSL | 0:1239e9b70ca2 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 0:1239e9b70ca2 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 0:1239e9b70ca2 | 15 | * GNU General Public License for more details. |
| wolfSSL | 0:1239e9b70ca2 | 16 | * |
| wolfSSL | 0:1239e9b70ca2 | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 0:1239e9b70ca2 | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 0:1239e9b70ca2 | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
| wolfSSL | 0:1239e9b70ca2 | 20 | */ |
| wolfSSL | 0:1239e9b70ca2 | 21 | |
| wolfSSL | 0:1239e9b70ca2 | 22 | |
| wolfSSL | 0:1239e9b70ca2 | 23 | #ifdef HAVE_CONFIG_H |
| wolfSSL | 0:1239e9b70ca2 | 24 | #include <config.h> |
| wolfSSL | 0:1239e9b70ca2 | 25 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 26 | |
| wolfSSL | 0:1239e9b70ca2 | 27 | #include <cyassl/ctaocrypt/settings.h> |
| wolfSSL | 0:1239e9b70ca2 | 28 | |
| wolfSSL | 0:1239e9b70ca2 | 29 | #ifndef NO_RSA |
| wolfSSL | 0:1239e9b70ca2 | 30 | |
| wolfSSL | 0:1239e9b70ca2 | 31 | #ifdef HAVE_FIPS |
| wolfSSL | 0:1239e9b70ca2 | 32 | /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ |
| wolfSSL | 0:1239e9b70ca2 | 33 | #define FIPS_NO_WRAPPERS |
| wolfSSL | 0:1239e9b70ca2 | 34 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 35 | |
| wolfSSL | 0:1239e9b70ca2 | 36 | #include <cyassl/ctaocrypt/rsa.h> |
| wolfSSL | 0:1239e9b70ca2 | 37 | #include <cyassl/ctaocrypt/random.h> |
| wolfSSL | 0:1239e9b70ca2 | 38 | #include <cyassl/ctaocrypt/error-crypt.h> |
| wolfSSL | 0:1239e9b70ca2 | 39 | #include <cyassl/ctaocrypt/logging.h> |
| wolfSSL | 0:1239e9b70ca2 | 40 | |
| wolfSSL | 0:1239e9b70ca2 | 41 | #ifdef SHOW_GEN |
| wolfSSL | 0:1239e9b70ca2 | 42 | #ifdef FREESCALE_MQX |
| wolfSSL | 0:1239e9b70ca2 | 43 | #include <fio.h> |
| wolfSSL | 0:1239e9b70ca2 | 44 | #else |
| wolfSSL | 0:1239e9b70ca2 | 45 | #include <stdio.h> |
| wolfSSL | 0:1239e9b70ca2 | 46 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 47 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 48 | |
| wolfSSL | 0:1239e9b70ca2 | 49 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 50 | static int InitCaviumRsaKey(RsaKey* key, void* heap); |
| wolfSSL | 0:1239e9b70ca2 | 51 | static int FreeCaviumRsaKey(RsaKey* key); |
| wolfSSL | 0:1239e9b70ca2 | 52 | static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 53 | word32 outLen, RsaKey* key); |
| wolfSSL | 0:1239e9b70ca2 | 54 | static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 55 | word32 outLen, RsaKey* key); |
| wolfSSL | 0:1239e9b70ca2 | 56 | static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 57 | word32 outLen, RsaKey* key); |
| wolfSSL | 0:1239e9b70ca2 | 58 | static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 59 | word32 outLen, RsaKey* key); |
| wolfSSL | 0:1239e9b70ca2 | 60 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 61 | |
| wolfSSL | 0:1239e9b70ca2 | 62 | enum { |
| wolfSSL | 0:1239e9b70ca2 | 63 | RSA_PUBLIC_ENCRYPT = 0, |
| wolfSSL | 0:1239e9b70ca2 | 64 | RSA_PUBLIC_DECRYPT = 1, |
| wolfSSL | 0:1239e9b70ca2 | 65 | RSA_PRIVATE_ENCRYPT = 2, |
| wolfSSL | 0:1239e9b70ca2 | 66 | RSA_PRIVATE_DECRYPT = 3, |
| wolfSSL | 0:1239e9b70ca2 | 67 | |
| wolfSSL | 0:1239e9b70ca2 | 68 | RSA_BLOCK_TYPE_1 = 1, |
| wolfSSL | 0:1239e9b70ca2 | 69 | RSA_BLOCK_TYPE_2 = 2, |
| wolfSSL | 0:1239e9b70ca2 | 70 | |
| wolfSSL | 0:1239e9b70ca2 | 71 | RSA_MIN_SIZE = 512, |
| wolfSSL | 0:1239e9b70ca2 | 72 | RSA_MAX_SIZE = 4096, |
| wolfSSL | 0:1239e9b70ca2 | 73 | |
| wolfSSL | 0:1239e9b70ca2 | 74 | RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */ |
| wolfSSL | 0:1239e9b70ca2 | 75 | }; |
| wolfSSL | 0:1239e9b70ca2 | 76 | |
| wolfSSL | 0:1239e9b70ca2 | 77 | |
| wolfSSL | 0:1239e9b70ca2 | 78 | int InitRsaKey(RsaKey* key, void* heap) |
| wolfSSL | 0:1239e9b70ca2 | 79 | { |
| wolfSSL | 0:1239e9b70ca2 | 80 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 81 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) |
| wolfSSL | 0:1239e9b70ca2 | 82 | return InitCaviumRsaKey(key, heap); |
| wolfSSL | 0:1239e9b70ca2 | 83 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 84 | |
| wolfSSL | 0:1239e9b70ca2 | 85 | key->type = -1; /* haven't decided yet */ |
| wolfSSL | 0:1239e9b70ca2 | 86 | key->heap = heap; |
| wolfSSL | 0:1239e9b70ca2 | 87 | |
| wolfSSL | 0:1239e9b70ca2 | 88 | /* TomsFastMath doesn't use memory allocation */ |
| wolfSSL | 0:1239e9b70ca2 | 89 | #ifndef USE_FAST_MATH |
| wolfSSL | 0:1239e9b70ca2 | 90 | key->n.dp = key->e.dp = 0; /* public alloc parts */ |
| wolfSSL | 0:1239e9b70ca2 | 91 | |
| wolfSSL | 0:1239e9b70ca2 | 92 | key->d.dp = key->p.dp = 0; /* private alloc parts */ |
| wolfSSL | 0:1239e9b70ca2 | 93 | key->q.dp = key->dP.dp = 0; |
| wolfSSL | 0:1239e9b70ca2 | 94 | key->u.dp = key->dQ.dp = 0; |
| wolfSSL | 0:1239e9b70ca2 | 95 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 96 | |
| wolfSSL | 0:1239e9b70ca2 | 97 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 98 | } |
| wolfSSL | 0:1239e9b70ca2 | 99 | |
| wolfSSL | 0:1239e9b70ca2 | 100 | |
| wolfSSL | 0:1239e9b70ca2 | 101 | int FreeRsaKey(RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 102 | { |
| wolfSSL | 0:1239e9b70ca2 | 103 | (void)key; |
| wolfSSL | 0:1239e9b70ca2 | 104 | |
| wolfSSL | 0:1239e9b70ca2 | 105 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 106 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) |
| wolfSSL | 0:1239e9b70ca2 | 107 | return FreeCaviumRsaKey(key); |
| wolfSSL | 0:1239e9b70ca2 | 108 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 109 | |
| wolfSSL | 0:1239e9b70ca2 | 110 | /* TomsFastMath doesn't use memory allocation */ |
| wolfSSL | 0:1239e9b70ca2 | 111 | #ifndef USE_FAST_MATH |
| wolfSSL | 0:1239e9b70ca2 | 112 | if (key->type == RSA_PRIVATE) { |
| wolfSSL | 0:1239e9b70ca2 | 113 | mp_clear(&key->u); |
| wolfSSL | 0:1239e9b70ca2 | 114 | mp_clear(&key->dQ); |
| wolfSSL | 0:1239e9b70ca2 | 115 | mp_clear(&key->dP); |
| wolfSSL | 0:1239e9b70ca2 | 116 | mp_clear(&key->q); |
| wolfSSL | 0:1239e9b70ca2 | 117 | mp_clear(&key->p); |
| wolfSSL | 0:1239e9b70ca2 | 118 | mp_clear(&key->d); |
| wolfSSL | 0:1239e9b70ca2 | 119 | } |
| wolfSSL | 0:1239e9b70ca2 | 120 | mp_clear(&key->e); |
| wolfSSL | 0:1239e9b70ca2 | 121 | mp_clear(&key->n); |
| wolfSSL | 0:1239e9b70ca2 | 122 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 123 | |
| wolfSSL | 0:1239e9b70ca2 | 124 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 125 | } |
| wolfSSL | 0:1239e9b70ca2 | 126 | |
| wolfSSL | 0:1239e9b70ca2 | 127 | static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock, |
| wolfSSL | 0:1239e9b70ca2 | 128 | word32 pkcsBlockLen, byte padValue, RNG* rng) |
| wolfSSL | 0:1239e9b70ca2 | 129 | { |
| wolfSSL | 0:1239e9b70ca2 | 130 | if (inputLen == 0) |
| wolfSSL | 0:1239e9b70ca2 | 131 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 132 | |
| wolfSSL | 0:1239e9b70ca2 | 133 | pkcsBlock[0] = 0x0; /* set first byte to zero and advance */ |
| wolfSSL | 0:1239e9b70ca2 | 134 | pkcsBlock++; pkcsBlockLen--; |
| wolfSSL | 0:1239e9b70ca2 | 135 | pkcsBlock[0] = padValue; /* insert padValue */ |
| wolfSSL | 0:1239e9b70ca2 | 136 | |
| wolfSSL | 0:1239e9b70ca2 | 137 | if (padValue == RSA_BLOCK_TYPE_1) |
| wolfSSL | 0:1239e9b70ca2 | 138 | /* pad with 0xff bytes */ |
| wolfSSL | 0:1239e9b70ca2 | 139 | XMEMSET(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2); |
| wolfSSL | 0:1239e9b70ca2 | 140 | else { |
| wolfSSL | 0:1239e9b70ca2 | 141 | /* pad with non-zero random bytes */ |
| wolfSSL | 0:1239e9b70ca2 | 142 | word32 padLen = pkcsBlockLen - inputLen - 1, i; |
| wolfSSL | 0:1239e9b70ca2 | 143 | int ret = RNG_GenerateBlock(rng, &pkcsBlock[1], padLen); |
| wolfSSL | 0:1239e9b70ca2 | 144 | |
| wolfSSL | 0:1239e9b70ca2 | 145 | if (ret != 0) |
| wolfSSL | 0:1239e9b70ca2 | 146 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 147 | |
| wolfSSL | 0:1239e9b70ca2 | 148 | /* remove zeros */ |
| wolfSSL | 0:1239e9b70ca2 | 149 | for (i = 1; i < padLen; i++) |
| wolfSSL | 0:1239e9b70ca2 | 150 | if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01; |
| wolfSSL | 0:1239e9b70ca2 | 151 | } |
| wolfSSL | 0:1239e9b70ca2 | 152 | |
| wolfSSL | 0:1239e9b70ca2 | 153 | pkcsBlock[pkcsBlockLen-inputLen-1] = 0; /* separator */ |
| wolfSSL | 0:1239e9b70ca2 | 154 | XMEMCPY(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen); |
| wolfSSL | 0:1239e9b70ca2 | 155 | |
| wolfSSL | 0:1239e9b70ca2 | 156 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 157 | } |
| wolfSSL | 0:1239e9b70ca2 | 158 | |
| wolfSSL | 0:1239e9b70ca2 | 159 | |
| wolfSSL | 0:1239e9b70ca2 | 160 | static word32 RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen, |
| wolfSSL | 0:1239e9b70ca2 | 161 | byte **output, byte padValue) |
| wolfSSL | 0:1239e9b70ca2 | 162 | { |
| wolfSSL | 0:1239e9b70ca2 | 163 | word32 maxOutputLen = (pkcsBlockLen > 10) ? (pkcsBlockLen - 10) : 0, |
| wolfSSL | 0:1239e9b70ca2 | 164 | invalid = 0, |
| wolfSSL | 0:1239e9b70ca2 | 165 | i = 1, |
| wolfSSL | 0:1239e9b70ca2 | 166 | outputLen; |
| wolfSSL | 0:1239e9b70ca2 | 167 | |
| wolfSSL | 0:1239e9b70ca2 | 168 | if (pkcsBlock[0] != 0x0) /* skip past zero */ |
| wolfSSL | 0:1239e9b70ca2 | 169 | invalid = 1; |
| wolfSSL | 0:1239e9b70ca2 | 170 | pkcsBlock++; pkcsBlockLen--; |
| wolfSSL | 0:1239e9b70ca2 | 171 | |
| wolfSSL | 0:1239e9b70ca2 | 172 | /* Require block type padValue */ |
| wolfSSL | 0:1239e9b70ca2 | 173 | invalid = (pkcsBlock[0] != padValue) || invalid; |
| wolfSSL | 0:1239e9b70ca2 | 174 | |
| wolfSSL | 0:1239e9b70ca2 | 175 | /* skip past the padding until we find the separator */ |
| wolfSSL | 0:1239e9b70ca2 | 176 | while (i<pkcsBlockLen && pkcsBlock[i++]) { /* null body */ |
| wolfSSL | 0:1239e9b70ca2 | 177 | } |
| wolfSSL | 0:1239e9b70ca2 | 178 | if(!(i==pkcsBlockLen || pkcsBlock[i-1]==0)) { |
| wolfSSL | 0:1239e9b70ca2 | 179 | CYASSL_MSG("RsaUnPad error, bad formatting"); |
| wolfSSL | 0:1239e9b70ca2 | 180 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 181 | } |
| wolfSSL | 0:1239e9b70ca2 | 182 | |
| wolfSSL | 0:1239e9b70ca2 | 183 | outputLen = pkcsBlockLen - i; |
| wolfSSL | 0:1239e9b70ca2 | 184 | invalid = (outputLen > maxOutputLen) || invalid; |
| wolfSSL | 0:1239e9b70ca2 | 185 | |
| wolfSSL | 0:1239e9b70ca2 | 186 | if (invalid) { |
| wolfSSL | 0:1239e9b70ca2 | 187 | CYASSL_MSG("RsaUnPad error, bad formatting"); |
| wolfSSL | 0:1239e9b70ca2 | 188 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 189 | } |
| wolfSSL | 0:1239e9b70ca2 | 190 | |
| wolfSSL | 0:1239e9b70ca2 | 191 | *output = (byte *)(pkcsBlock + i); |
| wolfSSL | 0:1239e9b70ca2 | 192 | return outputLen; |
| wolfSSL | 0:1239e9b70ca2 | 193 | } |
| wolfSSL | 0:1239e9b70ca2 | 194 | |
| wolfSSL | 0:1239e9b70ca2 | 195 | |
| wolfSSL | 0:1239e9b70ca2 | 196 | static int RsaFunction(const byte* in, word32 inLen, byte* out, word32* outLen, |
| wolfSSL | 0:1239e9b70ca2 | 197 | int type, RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 198 | { |
| wolfSSL | 0:1239e9b70ca2 | 199 | #define ERROR_OUT(x) { ret = x; goto done;} |
| wolfSSL | 0:1239e9b70ca2 | 200 | |
| wolfSSL | 0:1239e9b70ca2 | 201 | mp_int tmp; |
| wolfSSL | 0:1239e9b70ca2 | 202 | int ret = 0; |
| wolfSSL | 0:1239e9b70ca2 | 203 | word32 keyLen, len; |
| wolfSSL | 0:1239e9b70ca2 | 204 | |
| wolfSSL | 0:1239e9b70ca2 | 205 | if (mp_init(&tmp) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 206 | return MP_INIT_E; |
| wolfSSL | 0:1239e9b70ca2 | 207 | |
| wolfSSL | 0:1239e9b70ca2 | 208 | if (mp_read_unsigned_bin(&tmp, (byte*)in, inLen) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 209 | ERROR_OUT(MP_READ_E); |
| wolfSSL | 0:1239e9b70ca2 | 210 | |
| wolfSSL | 0:1239e9b70ca2 | 211 | if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT) { |
| wolfSSL | 0:1239e9b70ca2 | 212 | #ifdef RSA_LOW_MEM /* half as much memory but twice as slow */ |
| wolfSSL | 0:1239e9b70ca2 | 213 | if (mp_exptmod(&tmp, &key->d, &key->n, &tmp) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 214 | ERROR_OUT(MP_EXPTMOD_E); |
| wolfSSL | 0:1239e9b70ca2 | 215 | #else |
| wolfSSL | 0:1239e9b70ca2 | 216 | #define INNER_ERROR_OUT(x) { ret = x; goto inner_done; } |
| wolfSSL | 0:1239e9b70ca2 | 217 | |
| wolfSSL | 0:1239e9b70ca2 | 218 | mp_int tmpa, tmpb; |
| wolfSSL | 0:1239e9b70ca2 | 219 | |
| wolfSSL | 0:1239e9b70ca2 | 220 | if (mp_init(&tmpa) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 221 | ERROR_OUT(MP_INIT_E); |
| wolfSSL | 0:1239e9b70ca2 | 222 | |
| wolfSSL | 0:1239e9b70ca2 | 223 | if (mp_init(&tmpb) != MP_OKAY) { |
| wolfSSL | 0:1239e9b70ca2 | 224 | mp_clear(&tmpa); |
| wolfSSL | 0:1239e9b70ca2 | 225 | ERROR_OUT(MP_INIT_E); |
| wolfSSL | 0:1239e9b70ca2 | 226 | } |
| wolfSSL | 0:1239e9b70ca2 | 227 | |
| wolfSSL | 0:1239e9b70ca2 | 228 | /* tmpa = tmp^dP mod p */ |
| wolfSSL | 0:1239e9b70ca2 | 229 | if (mp_exptmod(&tmp, &key->dP, &key->p, &tmpa) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 230 | INNER_ERROR_OUT(MP_EXPTMOD_E); |
| wolfSSL | 0:1239e9b70ca2 | 231 | |
| wolfSSL | 0:1239e9b70ca2 | 232 | /* tmpb = tmp^dQ mod q */ |
| wolfSSL | 0:1239e9b70ca2 | 233 | if (mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 234 | INNER_ERROR_OUT(MP_EXPTMOD_E); |
| wolfSSL | 0:1239e9b70ca2 | 235 | |
| wolfSSL | 0:1239e9b70ca2 | 236 | /* tmp = (tmpa - tmpb) * qInv (mod p) */ |
| wolfSSL | 0:1239e9b70ca2 | 237 | if (mp_sub(&tmpa, &tmpb, &tmp) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 238 | INNER_ERROR_OUT(MP_SUB_E); |
| wolfSSL | 0:1239e9b70ca2 | 239 | |
| wolfSSL | 0:1239e9b70ca2 | 240 | if (mp_mulmod(&tmp, &key->u, &key->p, &tmp) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 241 | INNER_ERROR_OUT(MP_MULMOD_E); |
| wolfSSL | 0:1239e9b70ca2 | 242 | |
| wolfSSL | 0:1239e9b70ca2 | 243 | /* tmp = tmpb + q * tmp */ |
| wolfSSL | 0:1239e9b70ca2 | 244 | if (mp_mul(&tmp, &key->q, &tmp) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 245 | INNER_ERROR_OUT(MP_MUL_E); |
| wolfSSL | 0:1239e9b70ca2 | 246 | |
| wolfSSL | 0:1239e9b70ca2 | 247 | if (mp_add(&tmp, &tmpb, &tmp) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 248 | INNER_ERROR_OUT(MP_ADD_E); |
| wolfSSL | 0:1239e9b70ca2 | 249 | |
| wolfSSL | 0:1239e9b70ca2 | 250 | inner_done: |
| wolfSSL | 0:1239e9b70ca2 | 251 | mp_clear(&tmpa); |
| wolfSSL | 0:1239e9b70ca2 | 252 | mp_clear(&tmpb); |
| wolfSSL | 0:1239e9b70ca2 | 253 | |
| wolfSSL | 0:1239e9b70ca2 | 254 | if (ret != 0) return ret; |
| wolfSSL | 0:1239e9b70ca2 | 255 | |
| wolfSSL | 0:1239e9b70ca2 | 256 | #endif /* RSA_LOW_MEM */ |
| wolfSSL | 0:1239e9b70ca2 | 257 | } |
| wolfSSL | 0:1239e9b70ca2 | 258 | else if (type == RSA_PUBLIC_ENCRYPT || type == RSA_PUBLIC_DECRYPT) { |
| wolfSSL | 0:1239e9b70ca2 | 259 | if (mp_exptmod(&tmp, &key->e, &key->n, &tmp) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 260 | ERROR_OUT(MP_EXPTMOD_E); |
| wolfSSL | 0:1239e9b70ca2 | 261 | } |
| wolfSSL | 0:1239e9b70ca2 | 262 | else |
| wolfSSL | 0:1239e9b70ca2 | 263 | ERROR_OUT(RSA_WRONG_TYPE_E); |
| wolfSSL | 0:1239e9b70ca2 | 264 | |
| wolfSSL | 0:1239e9b70ca2 | 265 | keyLen = mp_unsigned_bin_size(&key->n); |
| wolfSSL | 0:1239e9b70ca2 | 266 | if (keyLen > *outLen) |
| wolfSSL | 0:1239e9b70ca2 | 267 | ERROR_OUT(RSA_BUFFER_E); |
| wolfSSL | 0:1239e9b70ca2 | 268 | |
| wolfSSL | 0:1239e9b70ca2 | 269 | len = mp_unsigned_bin_size(&tmp); |
| wolfSSL | 0:1239e9b70ca2 | 270 | |
| wolfSSL | 0:1239e9b70ca2 | 271 | /* pad front w/ zeros to match key length */ |
| wolfSSL | 0:1239e9b70ca2 | 272 | while (len < keyLen) { |
| wolfSSL | 0:1239e9b70ca2 | 273 | *out++ = 0x00; |
| wolfSSL | 0:1239e9b70ca2 | 274 | len++; |
| wolfSSL | 0:1239e9b70ca2 | 275 | } |
| wolfSSL | 0:1239e9b70ca2 | 276 | |
| wolfSSL | 0:1239e9b70ca2 | 277 | *outLen = keyLen; |
| wolfSSL | 0:1239e9b70ca2 | 278 | |
| wolfSSL | 0:1239e9b70ca2 | 279 | /* convert */ |
| wolfSSL | 0:1239e9b70ca2 | 280 | if (mp_to_unsigned_bin(&tmp, out) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 281 | ERROR_OUT(MP_TO_E); |
| wolfSSL | 0:1239e9b70ca2 | 282 | |
| wolfSSL | 0:1239e9b70ca2 | 283 | done: |
| wolfSSL | 0:1239e9b70ca2 | 284 | mp_clear(&tmp); |
| wolfSSL | 0:1239e9b70ca2 | 285 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 286 | } |
| wolfSSL | 0:1239e9b70ca2 | 287 | |
| wolfSSL | 0:1239e9b70ca2 | 288 | |
| wolfSSL | 0:1239e9b70ca2 | 289 | int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen, |
| wolfSSL | 0:1239e9b70ca2 | 290 | RsaKey* key, RNG* rng) |
| wolfSSL | 0:1239e9b70ca2 | 291 | { |
| wolfSSL | 0:1239e9b70ca2 | 292 | int sz, ret; |
| wolfSSL | 0:1239e9b70ca2 | 293 | |
| wolfSSL | 0:1239e9b70ca2 | 294 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 295 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) |
| wolfSSL | 0:1239e9b70ca2 | 296 | return CaviumRsaPublicEncrypt(in, inLen, out, outLen, key); |
| wolfSSL | 0:1239e9b70ca2 | 297 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 298 | |
| wolfSSL | 0:1239e9b70ca2 | 299 | sz = mp_unsigned_bin_size(&key->n); |
| wolfSSL | 0:1239e9b70ca2 | 300 | if (sz > (int)outLen) |
| wolfSSL | 0:1239e9b70ca2 | 301 | return RSA_BUFFER_E; |
| wolfSSL | 0:1239e9b70ca2 | 302 | |
| wolfSSL | 0:1239e9b70ca2 | 303 | if (inLen > (word32)(sz - RSA_MIN_PAD_SZ)) |
| wolfSSL | 0:1239e9b70ca2 | 304 | return RSA_BUFFER_E; |
| wolfSSL | 0:1239e9b70ca2 | 305 | |
| wolfSSL | 0:1239e9b70ca2 | 306 | ret = RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng); |
| wolfSSL | 0:1239e9b70ca2 | 307 | if (ret != 0) |
| wolfSSL | 0:1239e9b70ca2 | 308 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 309 | |
| wolfSSL | 0:1239e9b70ca2 | 310 | if ((ret = RsaFunction(out, sz, out, &outLen, RSA_PUBLIC_ENCRYPT, key)) < 0) |
| wolfSSL | 0:1239e9b70ca2 | 311 | sz = ret; |
| wolfSSL | 0:1239e9b70ca2 | 312 | |
| wolfSSL | 0:1239e9b70ca2 | 313 | return sz; |
| wolfSSL | 0:1239e9b70ca2 | 314 | } |
| wolfSSL | 0:1239e9b70ca2 | 315 | |
| wolfSSL | 0:1239e9b70ca2 | 316 | |
| wolfSSL | 0:1239e9b70ca2 | 317 | int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 318 | { |
| wolfSSL | 0:1239e9b70ca2 | 319 | int plainLen, ret; |
| wolfSSL | 0:1239e9b70ca2 | 320 | |
| wolfSSL | 0:1239e9b70ca2 | 321 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 322 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) { |
| wolfSSL | 0:1239e9b70ca2 | 323 | ret = CaviumRsaPrivateDecrypt(in, inLen, in, inLen, key); |
| wolfSSL | 0:1239e9b70ca2 | 324 | if (ret > 0) |
| wolfSSL | 0:1239e9b70ca2 | 325 | *out = in; |
| wolfSSL | 0:1239e9b70ca2 | 326 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 327 | } |
| wolfSSL | 0:1239e9b70ca2 | 328 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 329 | |
| wolfSSL | 0:1239e9b70ca2 | 330 | if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PRIVATE_DECRYPT, key)) |
| wolfSSL | 0:1239e9b70ca2 | 331 | < 0) { |
| wolfSSL | 0:1239e9b70ca2 | 332 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 333 | } |
| wolfSSL | 0:1239e9b70ca2 | 334 | |
| wolfSSL | 0:1239e9b70ca2 | 335 | plainLen = RsaUnPad(in, inLen, out, RSA_BLOCK_TYPE_2); |
| wolfSSL | 0:1239e9b70ca2 | 336 | |
| wolfSSL | 0:1239e9b70ca2 | 337 | return plainLen; |
| wolfSSL | 0:1239e9b70ca2 | 338 | } |
| wolfSSL | 0:1239e9b70ca2 | 339 | |
| wolfSSL | 0:1239e9b70ca2 | 340 | |
| wolfSSL | 0:1239e9b70ca2 | 341 | int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen, |
| wolfSSL | 0:1239e9b70ca2 | 342 | RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 343 | { |
| wolfSSL | 0:1239e9b70ca2 | 344 | int plainLen, ret; |
| wolfSSL | 0:1239e9b70ca2 | 345 | byte* tmp; |
| wolfSSL | 0:1239e9b70ca2 | 346 | byte* pad = 0; |
| wolfSSL | 0:1239e9b70ca2 | 347 | |
| wolfSSL | 0:1239e9b70ca2 | 348 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 349 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) |
| wolfSSL | 0:1239e9b70ca2 | 350 | return CaviumRsaPrivateDecrypt(in, inLen, out, outLen, key); |
| wolfSSL | 0:1239e9b70ca2 | 351 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 352 | |
| wolfSSL | 0:1239e9b70ca2 | 353 | tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 354 | if (tmp == NULL) { |
| wolfSSL | 0:1239e9b70ca2 | 355 | return MEMORY_E; |
| wolfSSL | 0:1239e9b70ca2 | 356 | } |
| wolfSSL | 0:1239e9b70ca2 | 357 | |
| wolfSSL | 0:1239e9b70ca2 | 358 | XMEMCPY(tmp, in, inLen); |
| wolfSSL | 0:1239e9b70ca2 | 359 | |
| wolfSSL | 0:1239e9b70ca2 | 360 | if ((ret = plainLen = RsaPrivateDecryptInline(tmp, inLen, &pad, key)) |
| wolfSSL | 0:1239e9b70ca2 | 361 | < 0) { |
| wolfSSL | 0:1239e9b70ca2 | 362 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 363 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 364 | } |
| wolfSSL | 0:1239e9b70ca2 | 365 | if (plainLen > (int)outLen) |
| wolfSSL | 0:1239e9b70ca2 | 366 | plainLen = BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 367 | else |
| wolfSSL | 0:1239e9b70ca2 | 368 | XMEMCPY(out, pad, plainLen); |
| wolfSSL | 0:1239e9b70ca2 | 369 | XMEMSET(tmp, 0x00, inLen); |
| wolfSSL | 0:1239e9b70ca2 | 370 | |
| wolfSSL | 0:1239e9b70ca2 | 371 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 372 | return plainLen; |
| wolfSSL | 0:1239e9b70ca2 | 373 | } |
| wolfSSL | 0:1239e9b70ca2 | 374 | |
| wolfSSL | 0:1239e9b70ca2 | 375 | |
| wolfSSL | 0:1239e9b70ca2 | 376 | /* for Rsa Verify */ |
| wolfSSL | 0:1239e9b70ca2 | 377 | int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 378 | { |
| wolfSSL | 0:1239e9b70ca2 | 379 | int plainLen, ret; |
| wolfSSL | 0:1239e9b70ca2 | 380 | |
| wolfSSL | 0:1239e9b70ca2 | 381 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 382 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) { |
| wolfSSL | 0:1239e9b70ca2 | 383 | ret = CaviumRsaSSL_Verify(in, inLen, in, inLen, key); |
| wolfSSL | 0:1239e9b70ca2 | 384 | if (ret > 0) |
| wolfSSL | 0:1239e9b70ca2 | 385 | *out = in; |
| wolfSSL | 0:1239e9b70ca2 | 386 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 387 | } |
| wolfSSL | 0:1239e9b70ca2 | 388 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 389 | |
| wolfSSL | 0:1239e9b70ca2 | 390 | if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PUBLIC_DECRYPT, key)) |
| wolfSSL | 0:1239e9b70ca2 | 391 | < 0) { |
| wolfSSL | 0:1239e9b70ca2 | 392 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 393 | } |
| wolfSSL | 0:1239e9b70ca2 | 394 | |
| wolfSSL | 0:1239e9b70ca2 | 395 | plainLen = RsaUnPad(in, inLen, out, RSA_BLOCK_TYPE_1); |
| wolfSSL | 0:1239e9b70ca2 | 396 | |
| wolfSSL | 0:1239e9b70ca2 | 397 | return plainLen; |
| wolfSSL | 0:1239e9b70ca2 | 398 | } |
| wolfSSL | 0:1239e9b70ca2 | 399 | |
| wolfSSL | 0:1239e9b70ca2 | 400 | |
| wolfSSL | 0:1239e9b70ca2 | 401 | int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen, |
| wolfSSL | 0:1239e9b70ca2 | 402 | RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 403 | { |
| wolfSSL | 0:1239e9b70ca2 | 404 | int plainLen, ret; |
| wolfSSL | 0:1239e9b70ca2 | 405 | byte* tmp; |
| wolfSSL | 0:1239e9b70ca2 | 406 | byte* pad = 0; |
| wolfSSL | 0:1239e9b70ca2 | 407 | |
| wolfSSL | 0:1239e9b70ca2 | 408 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 409 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) |
| wolfSSL | 0:1239e9b70ca2 | 410 | return CaviumRsaSSL_Verify(in, inLen, out, outLen, key); |
| wolfSSL | 0:1239e9b70ca2 | 411 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 412 | |
| wolfSSL | 0:1239e9b70ca2 | 413 | tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 414 | if (tmp == NULL) { |
| wolfSSL | 0:1239e9b70ca2 | 415 | return MEMORY_E; |
| wolfSSL | 0:1239e9b70ca2 | 416 | } |
| wolfSSL | 0:1239e9b70ca2 | 417 | |
| wolfSSL | 0:1239e9b70ca2 | 418 | XMEMCPY(tmp, in, inLen); |
| wolfSSL | 0:1239e9b70ca2 | 419 | |
| wolfSSL | 0:1239e9b70ca2 | 420 | if ((ret = plainLen = RsaSSL_VerifyInline(tmp, inLen, &pad, key)) |
| wolfSSL | 0:1239e9b70ca2 | 421 | < 0) { |
| wolfSSL | 0:1239e9b70ca2 | 422 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 423 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 424 | } |
| wolfSSL | 0:1239e9b70ca2 | 425 | |
| wolfSSL | 0:1239e9b70ca2 | 426 | if (plainLen > (int)outLen) |
| wolfSSL | 0:1239e9b70ca2 | 427 | plainLen = BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 428 | else |
| wolfSSL | 0:1239e9b70ca2 | 429 | XMEMCPY(out, pad, plainLen); |
| wolfSSL | 0:1239e9b70ca2 | 430 | XMEMSET(tmp, 0x00, inLen); |
| wolfSSL | 0:1239e9b70ca2 | 431 | |
| wolfSSL | 0:1239e9b70ca2 | 432 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 433 | return plainLen; |
| wolfSSL | 0:1239e9b70ca2 | 434 | } |
| wolfSSL | 0:1239e9b70ca2 | 435 | |
| wolfSSL | 0:1239e9b70ca2 | 436 | |
| wolfSSL | 0:1239e9b70ca2 | 437 | /* for Rsa Sign */ |
| wolfSSL | 0:1239e9b70ca2 | 438 | int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen, |
| wolfSSL | 0:1239e9b70ca2 | 439 | RsaKey* key, RNG* rng) |
| wolfSSL | 0:1239e9b70ca2 | 440 | { |
| wolfSSL | 0:1239e9b70ca2 | 441 | int sz, ret; |
| wolfSSL | 0:1239e9b70ca2 | 442 | |
| wolfSSL | 0:1239e9b70ca2 | 443 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 444 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) |
| wolfSSL | 0:1239e9b70ca2 | 445 | return CaviumRsaSSL_Sign(in, inLen, out, outLen, key); |
| wolfSSL | 0:1239e9b70ca2 | 446 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 447 | |
| wolfSSL | 0:1239e9b70ca2 | 448 | sz = mp_unsigned_bin_size(&key->n); |
| wolfSSL | 0:1239e9b70ca2 | 449 | if (sz > (int)outLen) |
| wolfSSL | 0:1239e9b70ca2 | 450 | return RSA_BUFFER_E; |
| wolfSSL | 0:1239e9b70ca2 | 451 | |
| wolfSSL | 0:1239e9b70ca2 | 452 | if (inLen > (word32)(sz - RSA_MIN_PAD_SZ)) |
| wolfSSL | 0:1239e9b70ca2 | 453 | return RSA_BUFFER_E; |
| wolfSSL | 0:1239e9b70ca2 | 454 | |
| wolfSSL | 0:1239e9b70ca2 | 455 | ret = RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_1, rng); |
| wolfSSL | 0:1239e9b70ca2 | 456 | if (ret != 0) |
| wolfSSL | 0:1239e9b70ca2 | 457 | return ret; |
| wolfSSL | 0:1239e9b70ca2 | 458 | |
| wolfSSL | 0:1239e9b70ca2 | 459 | if ((ret = RsaFunction(out, sz, out, &outLen, RSA_PRIVATE_ENCRYPT,key)) < 0) |
| wolfSSL | 0:1239e9b70ca2 | 460 | sz = ret; |
| wolfSSL | 0:1239e9b70ca2 | 461 | |
| wolfSSL | 0:1239e9b70ca2 | 462 | return sz; |
| wolfSSL | 0:1239e9b70ca2 | 463 | } |
| wolfSSL | 0:1239e9b70ca2 | 464 | |
| wolfSSL | 0:1239e9b70ca2 | 465 | |
| wolfSSL | 0:1239e9b70ca2 | 466 | int RsaEncryptSize(RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 467 | { |
| wolfSSL | 0:1239e9b70ca2 | 468 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 469 | if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) |
| wolfSSL | 0:1239e9b70ca2 | 470 | return key->c_nSz; |
| wolfSSL | 0:1239e9b70ca2 | 471 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 472 | return mp_unsigned_bin_size(&key->n); |
| wolfSSL | 0:1239e9b70ca2 | 473 | } |
| wolfSSL | 0:1239e9b70ca2 | 474 | |
| wolfSSL | 0:1239e9b70ca2 | 475 | |
| wolfSSL | 0:1239e9b70ca2 | 476 | #ifdef CYASSL_KEY_GEN |
| wolfSSL | 0:1239e9b70ca2 | 477 | |
| wolfSSL | 0:1239e9b70ca2 | 478 | static const int USE_BBS = 1; |
| wolfSSL | 0:1239e9b70ca2 | 479 | |
| wolfSSL | 0:1239e9b70ca2 | 480 | static int rand_prime(mp_int* N, int len, RNG* rng, void* heap) |
| wolfSSL | 0:1239e9b70ca2 | 481 | { |
| wolfSSL | 0:1239e9b70ca2 | 482 | int err, res, type; |
| wolfSSL | 0:1239e9b70ca2 | 483 | byte* buf; |
| wolfSSL | 0:1239e9b70ca2 | 484 | |
| wolfSSL | 0:1239e9b70ca2 | 485 | (void)heap; |
| wolfSSL | 0:1239e9b70ca2 | 486 | if (N == NULL || rng == NULL) |
| wolfSSL | 0:1239e9b70ca2 | 487 | return BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 488 | |
| wolfSSL | 0:1239e9b70ca2 | 489 | /* get type */ |
| wolfSSL | 0:1239e9b70ca2 | 490 | if (len < 0) { |
| wolfSSL | 0:1239e9b70ca2 | 491 | type = USE_BBS; |
| wolfSSL | 0:1239e9b70ca2 | 492 | len = -len; |
| wolfSSL | 0:1239e9b70ca2 | 493 | } else { |
| wolfSSL | 0:1239e9b70ca2 | 494 | type = 0; |
| wolfSSL | 0:1239e9b70ca2 | 495 | } |
| wolfSSL | 0:1239e9b70ca2 | 496 | |
| wolfSSL | 0:1239e9b70ca2 | 497 | /* allow sizes between 2 and 512 bytes for a prime size */ |
| wolfSSL | 0:1239e9b70ca2 | 498 | if (len < 2 || len > 512) { |
| wolfSSL | 0:1239e9b70ca2 | 499 | return BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 500 | } |
| wolfSSL | 0:1239e9b70ca2 | 501 | |
| wolfSSL | 0:1239e9b70ca2 | 502 | /* allocate buffer to work with */ |
| wolfSSL | 0:1239e9b70ca2 | 503 | buf = (byte*)XMALLOC(len, heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 504 | if (buf == NULL) { |
| wolfSSL | 0:1239e9b70ca2 | 505 | return MEMORY_E; |
| wolfSSL | 0:1239e9b70ca2 | 506 | } |
| wolfSSL | 0:1239e9b70ca2 | 507 | XMEMSET(buf, 0, len); |
| wolfSSL | 0:1239e9b70ca2 | 508 | |
| wolfSSL | 0:1239e9b70ca2 | 509 | do { |
| wolfSSL | 0:1239e9b70ca2 | 510 | #ifdef SHOW_GEN |
| wolfSSL | 0:1239e9b70ca2 | 511 | printf("."); |
| wolfSSL | 0:1239e9b70ca2 | 512 | fflush(stdout); |
| wolfSSL | 0:1239e9b70ca2 | 513 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 514 | /* generate value */ |
| wolfSSL | 0:1239e9b70ca2 | 515 | err = RNG_GenerateBlock(rng, buf, len); |
| wolfSSL | 0:1239e9b70ca2 | 516 | if (err != 0) { |
| wolfSSL | 0:1239e9b70ca2 | 517 | XFREE(buf, heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 518 | return err; |
| wolfSSL | 0:1239e9b70ca2 | 519 | } |
| wolfSSL | 0:1239e9b70ca2 | 520 | |
| wolfSSL | 0:1239e9b70ca2 | 521 | /* munge bits */ |
| wolfSSL | 0:1239e9b70ca2 | 522 | buf[0] |= 0x80 | 0x40; |
| wolfSSL | 0:1239e9b70ca2 | 523 | buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00); |
| wolfSSL | 0:1239e9b70ca2 | 524 | |
| wolfSSL | 0:1239e9b70ca2 | 525 | /* load value */ |
| wolfSSL | 0:1239e9b70ca2 | 526 | if ((err = mp_read_unsigned_bin(N, buf, len)) != MP_OKAY) { |
| wolfSSL | 0:1239e9b70ca2 | 527 | XFREE(buf, heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 528 | return err; |
| wolfSSL | 0:1239e9b70ca2 | 529 | } |
| wolfSSL | 0:1239e9b70ca2 | 530 | |
| wolfSSL | 0:1239e9b70ca2 | 531 | /* test */ |
| wolfSSL | 0:1239e9b70ca2 | 532 | if ((err = mp_prime_is_prime(N, 8, &res)) != MP_OKAY) { |
| wolfSSL | 0:1239e9b70ca2 | 533 | XFREE(buf, heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 534 | return err; |
| wolfSSL | 0:1239e9b70ca2 | 535 | } |
| wolfSSL | 0:1239e9b70ca2 | 536 | } while (res == MP_NO); |
| wolfSSL | 0:1239e9b70ca2 | 537 | |
| wolfSSL | 0:1239e9b70ca2 | 538 | #ifdef LTC_CLEAN_STACK |
| wolfSSL | 0:1239e9b70ca2 | 539 | XMEMSET(buf, 0, len); |
| wolfSSL | 0:1239e9b70ca2 | 540 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 541 | |
| wolfSSL | 0:1239e9b70ca2 | 542 | XFREE(buf, heap, DYNAMIC_TYPE_RSA); |
| wolfSSL | 0:1239e9b70ca2 | 543 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 544 | } |
| wolfSSL | 0:1239e9b70ca2 | 545 | |
| wolfSSL | 0:1239e9b70ca2 | 546 | |
| wolfSSL | 0:1239e9b70ca2 | 547 | /* Make an RSA key for size bits, with e specified, 65537 is a good e */ |
| wolfSSL | 0:1239e9b70ca2 | 548 | int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng) |
| wolfSSL | 0:1239e9b70ca2 | 549 | { |
| wolfSSL | 0:1239e9b70ca2 | 550 | mp_int p, q, tmp1, tmp2, tmp3; |
| wolfSSL | 0:1239e9b70ca2 | 551 | int err; |
| wolfSSL | 0:1239e9b70ca2 | 552 | |
| wolfSSL | 0:1239e9b70ca2 | 553 | if (key == NULL || rng == NULL) |
| wolfSSL | 0:1239e9b70ca2 | 554 | return BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 555 | |
| wolfSSL | 0:1239e9b70ca2 | 556 | if (size < RSA_MIN_SIZE || size > RSA_MAX_SIZE) |
| wolfSSL | 0:1239e9b70ca2 | 557 | return BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 558 | |
| wolfSSL | 0:1239e9b70ca2 | 559 | if (e < 3 || (e & 1) == 0) |
| wolfSSL | 0:1239e9b70ca2 | 560 | return BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 561 | |
| wolfSSL | 0:1239e9b70ca2 | 562 | if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 563 | return err; |
| wolfSSL | 0:1239e9b70ca2 | 564 | |
| wolfSSL | 0:1239e9b70ca2 | 565 | err = mp_set_int(&tmp3, e); |
| wolfSSL | 0:1239e9b70ca2 | 566 | |
| wolfSSL | 0:1239e9b70ca2 | 567 | /* make p */ |
| wolfSSL | 0:1239e9b70ca2 | 568 | if (err == MP_OKAY) { |
| wolfSSL | 0:1239e9b70ca2 | 569 | do { |
| wolfSSL | 0:1239e9b70ca2 | 570 | err = rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */ |
| wolfSSL | 0:1239e9b70ca2 | 571 | |
| wolfSSL | 0:1239e9b70ca2 | 572 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 573 | err = mp_sub_d(&p, 1, &tmp1); /* tmp1 = p-1 */ |
| wolfSSL | 0:1239e9b70ca2 | 574 | |
| wolfSSL | 0:1239e9b70ca2 | 575 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 576 | err = mp_gcd(&tmp1, &tmp3, &tmp2); /* tmp2 = gcd(p-1, e) */ |
| wolfSSL | 0:1239e9b70ca2 | 577 | } while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0); /* e divdes p-1 */ |
| wolfSSL | 0:1239e9b70ca2 | 578 | } |
| wolfSSL | 0:1239e9b70ca2 | 579 | |
| wolfSSL | 0:1239e9b70ca2 | 580 | /* make q */ |
| wolfSSL | 0:1239e9b70ca2 | 581 | if (err == MP_OKAY) { |
| wolfSSL | 0:1239e9b70ca2 | 582 | do { |
| wolfSSL | 0:1239e9b70ca2 | 583 | err = rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */ |
| wolfSSL | 0:1239e9b70ca2 | 584 | |
| wolfSSL | 0:1239e9b70ca2 | 585 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 586 | err = mp_sub_d(&q, 1, &tmp1); /* tmp1 = q-1 */ |
| wolfSSL | 0:1239e9b70ca2 | 587 | |
| wolfSSL | 0:1239e9b70ca2 | 588 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 589 | err = mp_gcd(&tmp1, &tmp3, &tmp2); /* tmp2 = gcd(q-1, e) */ |
| wolfSSL | 0:1239e9b70ca2 | 590 | } while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0); /* e divdes q-1 */ |
| wolfSSL | 0:1239e9b70ca2 | 591 | } |
| wolfSSL | 0:1239e9b70ca2 | 592 | |
| wolfSSL | 0:1239e9b70ca2 | 593 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 594 | err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL); |
| wolfSSL | 0:1239e9b70ca2 | 595 | |
| wolfSSL | 0:1239e9b70ca2 | 596 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 597 | err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL); |
| wolfSSL | 0:1239e9b70ca2 | 598 | |
| wolfSSL | 0:1239e9b70ca2 | 599 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 600 | err = mp_sub_d(&p, 1, &tmp2); /* tmp2 = p-1 */ |
| wolfSSL | 0:1239e9b70ca2 | 601 | |
| wolfSSL | 0:1239e9b70ca2 | 602 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 603 | err = mp_lcm(&tmp1, &tmp2, &tmp1); /* tmp1 = lcm(p-1, q-1),last loop */ |
| wolfSSL | 0:1239e9b70ca2 | 604 | |
| wolfSSL | 0:1239e9b70ca2 | 605 | /* make key */ |
| wolfSSL | 0:1239e9b70ca2 | 606 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 607 | err = mp_set_int(&key->e, e); /* key->e = e */ |
| wolfSSL | 0:1239e9b70ca2 | 608 | |
| wolfSSL | 0:1239e9b70ca2 | 609 | if (err == MP_OKAY) /* key->d = 1/e mod lcm(p-1, q-1) */ |
| wolfSSL | 0:1239e9b70ca2 | 610 | err = mp_invmod(&key->e, &tmp1, &key->d); |
| wolfSSL | 0:1239e9b70ca2 | 611 | |
| wolfSSL | 0:1239e9b70ca2 | 612 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 613 | err = mp_mul(&p, &q, &key->n); /* key->n = pq */ |
| wolfSSL | 0:1239e9b70ca2 | 614 | |
| wolfSSL | 0:1239e9b70ca2 | 615 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 616 | err = mp_sub_d(&p, 1, &tmp1); |
| wolfSSL | 0:1239e9b70ca2 | 617 | |
| wolfSSL | 0:1239e9b70ca2 | 618 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 619 | err = mp_sub_d(&q, 1, &tmp2); |
| wolfSSL | 0:1239e9b70ca2 | 620 | |
| wolfSSL | 0:1239e9b70ca2 | 621 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 622 | err = mp_mod(&key->d, &tmp1, &key->dP); |
| wolfSSL | 0:1239e9b70ca2 | 623 | |
| wolfSSL | 0:1239e9b70ca2 | 624 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 625 | err = mp_mod(&key->d, &tmp2, &key->dQ); |
| wolfSSL | 0:1239e9b70ca2 | 626 | |
| wolfSSL | 0:1239e9b70ca2 | 627 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 628 | err = mp_invmod(&q, &p, &key->u); |
| wolfSSL | 0:1239e9b70ca2 | 629 | |
| wolfSSL | 0:1239e9b70ca2 | 630 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 631 | err = mp_copy(&p, &key->p); |
| wolfSSL | 0:1239e9b70ca2 | 632 | |
| wolfSSL | 0:1239e9b70ca2 | 633 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 634 | err = mp_copy(&q, &key->q); |
| wolfSSL | 0:1239e9b70ca2 | 635 | |
| wolfSSL | 0:1239e9b70ca2 | 636 | if (err == MP_OKAY) |
| wolfSSL | 0:1239e9b70ca2 | 637 | key->type = RSA_PRIVATE; |
| wolfSSL | 0:1239e9b70ca2 | 638 | |
| wolfSSL | 0:1239e9b70ca2 | 639 | mp_clear(&tmp3); |
| wolfSSL | 0:1239e9b70ca2 | 640 | mp_clear(&tmp2); |
| wolfSSL | 0:1239e9b70ca2 | 641 | mp_clear(&tmp1); |
| wolfSSL | 0:1239e9b70ca2 | 642 | mp_clear(&q); |
| wolfSSL | 0:1239e9b70ca2 | 643 | mp_clear(&p); |
| wolfSSL | 0:1239e9b70ca2 | 644 | |
| wolfSSL | 0:1239e9b70ca2 | 645 | if (err != MP_OKAY) { |
| wolfSSL | 0:1239e9b70ca2 | 646 | FreeRsaKey(key); |
| wolfSSL | 0:1239e9b70ca2 | 647 | return err; |
| wolfSSL | 0:1239e9b70ca2 | 648 | } |
| wolfSSL | 0:1239e9b70ca2 | 649 | |
| wolfSSL | 0:1239e9b70ca2 | 650 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 651 | } |
| wolfSSL | 0:1239e9b70ca2 | 652 | |
| wolfSSL | 0:1239e9b70ca2 | 653 | |
| wolfSSL | 0:1239e9b70ca2 | 654 | #endif /* CYASSL_KEY_GEN */ |
| wolfSSL | 0:1239e9b70ca2 | 655 | |
| wolfSSL | 0:1239e9b70ca2 | 656 | |
| wolfSSL | 0:1239e9b70ca2 | 657 | #ifdef HAVE_CAVIUM |
| wolfSSL | 0:1239e9b70ca2 | 658 | |
| wolfSSL | 0:1239e9b70ca2 | 659 | #include <cyassl/ctaocrypt/logging.h> |
| wolfSSL | 0:1239e9b70ca2 | 660 | #include "cavium_common.h" |
| wolfSSL | 0:1239e9b70ca2 | 661 | |
| wolfSSL | 0:1239e9b70ca2 | 662 | /* Initiliaze RSA for use with Nitrox device */ |
| wolfSSL | 0:1239e9b70ca2 | 663 | int RsaInitCavium(RsaKey* rsa, int devId) |
| wolfSSL | 0:1239e9b70ca2 | 664 | { |
| wolfSSL | 0:1239e9b70ca2 | 665 | if (rsa == NULL) |
| wolfSSL | 0:1239e9b70ca2 | 666 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 667 | |
| wolfSSL | 0:1239e9b70ca2 | 668 | if (CspAllocContext(CONTEXT_SSL, &rsa->contextHandle, devId) != 0) |
| wolfSSL | 0:1239e9b70ca2 | 669 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 670 | |
| wolfSSL | 0:1239e9b70ca2 | 671 | rsa->devId = devId; |
| wolfSSL | 0:1239e9b70ca2 | 672 | rsa->magic = CYASSL_RSA_CAVIUM_MAGIC; |
| wolfSSL | 0:1239e9b70ca2 | 673 | |
| wolfSSL | 0:1239e9b70ca2 | 674 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 675 | } |
| wolfSSL | 0:1239e9b70ca2 | 676 | |
| wolfSSL | 0:1239e9b70ca2 | 677 | |
| wolfSSL | 0:1239e9b70ca2 | 678 | /* Free RSA from use with Nitrox device */ |
| wolfSSL | 0:1239e9b70ca2 | 679 | void RsaFreeCavium(RsaKey* rsa) |
| wolfSSL | 0:1239e9b70ca2 | 680 | { |
| wolfSSL | 0:1239e9b70ca2 | 681 | if (rsa == NULL) |
| wolfSSL | 0:1239e9b70ca2 | 682 | return; |
| wolfSSL | 0:1239e9b70ca2 | 683 | |
| wolfSSL | 0:1239e9b70ca2 | 684 | CspFreeContext(CONTEXT_SSL, rsa->contextHandle, rsa->devId); |
| wolfSSL | 0:1239e9b70ca2 | 685 | rsa->magic = 0; |
| wolfSSL | 0:1239e9b70ca2 | 686 | } |
| wolfSSL | 0:1239e9b70ca2 | 687 | |
| wolfSSL | 0:1239e9b70ca2 | 688 | |
| wolfSSL | 0:1239e9b70ca2 | 689 | /* Initialize cavium RSA key */ |
| wolfSSL | 0:1239e9b70ca2 | 690 | static int InitCaviumRsaKey(RsaKey* key, void* heap) |
| wolfSSL | 0:1239e9b70ca2 | 691 | { |
| wolfSSL | 0:1239e9b70ca2 | 692 | if (key == NULL) |
| wolfSSL | 0:1239e9b70ca2 | 693 | return BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 694 | |
| wolfSSL | 0:1239e9b70ca2 | 695 | key->heap = heap; |
| wolfSSL | 0:1239e9b70ca2 | 696 | key->type = -1; /* don't know yet */ |
| wolfSSL | 0:1239e9b70ca2 | 697 | |
| wolfSSL | 0:1239e9b70ca2 | 698 | key->c_n = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 699 | key->c_e = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 700 | key->c_d = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 701 | key->c_p = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 702 | key->c_q = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 703 | key->c_dP = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 704 | key->c_dQ = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 705 | key->c_u = NULL; |
| wolfSSL | 0:1239e9b70ca2 | 706 | |
| wolfSSL | 0:1239e9b70ca2 | 707 | key->c_nSz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 708 | key->c_eSz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 709 | key->c_dSz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 710 | key->c_pSz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 711 | key->c_qSz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 712 | key->c_dP_Sz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 713 | key->c_dQ_Sz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 714 | key->c_uSz = 0; |
| wolfSSL | 0:1239e9b70ca2 | 715 | |
| wolfSSL | 0:1239e9b70ca2 | 716 | return 0; |
| wolfSSL | 0:1239e9b70ca2 | 717 | } |
| wolfSSL | 0:1239e9b70ca2 | 718 | |
| wolfSSL | 0:1239e9b70ca2 | 719 | |
| wolfSSL | 0:1239e9b70ca2 | 720 | /* Free cavium RSA key */ |
| wolfSSL | 0:1239e9b70ca2 | 721 | static int FreeCaviumRsaKey(RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 722 | { |
| wolfSSL | 0:1239e9b70ca2 | 723 | if (key == NULL) |
| wolfSSL | 0:1239e9b70ca2 | 724 | return BAD_FUNC_ARG; |
| wolfSSL | 0:1239e9b70ca2 | 725 | |
| wolfSSL | 0:1239e9b70ca2 | 726 | XFREE(key->c_n, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 727 | XFREE(key->c_e, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 728 | XFREE(key->c_d, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 729 | XFREE(key->c_p, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 730 | XFREE(key->c_q, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 731 | XFREE(key->c_dP, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 732 | XFREE(key->c_dQ, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 733 | XFREE(key->c_u, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); |
| wolfSSL | 0:1239e9b70ca2 | 734 | |
| wolfSSL | 0:1239e9b70ca2 | 735 | return InitCaviumRsaKey(key, key->heap); /* reset pointers */ |
| wolfSSL | 0:1239e9b70ca2 | 736 | } |
| wolfSSL | 0:1239e9b70ca2 | 737 | |
| wolfSSL | 0:1239e9b70ca2 | 738 | |
| wolfSSL | 0:1239e9b70ca2 | 739 | static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 740 | word32 outLen, RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 741 | { |
| wolfSSL | 0:1239e9b70ca2 | 742 | word32 requestId; |
| wolfSSL | 0:1239e9b70ca2 | 743 | word32 ret; |
| wolfSSL | 0:1239e9b70ca2 | 744 | |
| wolfSSL | 0:1239e9b70ca2 | 745 | if (key == NULL || in == NULL || out == NULL || outLen < (word32)key->c_nSz) |
| wolfSSL | 0:1239e9b70ca2 | 746 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 747 | |
| wolfSSL | 0:1239e9b70ca2 | 748 | ret = CspPkcs1v15Enc(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_eSz, |
| wolfSSL | 0:1239e9b70ca2 | 749 | (word16)inLen, key->c_n, key->c_e, (byte*)in, out, |
| wolfSSL | 0:1239e9b70ca2 | 750 | &requestId, key->devId); |
| wolfSSL | 0:1239e9b70ca2 | 751 | if (ret != 0) { |
| wolfSSL | 0:1239e9b70ca2 | 752 | CYASSL_MSG("Cavium Enc BT2 failed"); |
| wolfSSL | 0:1239e9b70ca2 | 753 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 754 | } |
| wolfSSL | 0:1239e9b70ca2 | 755 | return key->c_nSz; |
| wolfSSL | 0:1239e9b70ca2 | 756 | } |
| wolfSSL | 0:1239e9b70ca2 | 757 | |
| wolfSSL | 0:1239e9b70ca2 | 758 | |
| wolfSSL | 0:1239e9b70ca2 | 759 | static INLINE void ato16(const byte* c, word16* u16) |
| wolfSSL | 0:1239e9b70ca2 | 760 | { |
| wolfSSL | 0:1239e9b70ca2 | 761 | *u16 = (c[0] << 8) | (c[1]); |
| wolfSSL | 0:1239e9b70ca2 | 762 | } |
| wolfSSL | 0:1239e9b70ca2 | 763 | |
| wolfSSL | 0:1239e9b70ca2 | 764 | |
| wolfSSL | 0:1239e9b70ca2 | 765 | static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 766 | word32 outLen, RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 767 | { |
| wolfSSL | 0:1239e9b70ca2 | 768 | word32 requestId; |
| wolfSSL | 0:1239e9b70ca2 | 769 | word32 ret; |
| wolfSSL | 0:1239e9b70ca2 | 770 | word16 outSz = (word16)outLen; |
| wolfSSL | 0:1239e9b70ca2 | 771 | |
| wolfSSL | 0:1239e9b70ca2 | 772 | if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz) |
| wolfSSL | 0:1239e9b70ca2 | 773 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 774 | |
| wolfSSL | 0:1239e9b70ca2 | 775 | ret = CspPkcs1v15CrtDec(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_q, |
| wolfSSL | 0:1239e9b70ca2 | 776 | key->c_dQ, key->c_p, key->c_dP, key->c_u, |
| wolfSSL | 0:1239e9b70ca2 | 777 | (byte*)in, &outSz, out, &requestId, key->devId); |
| wolfSSL | 0:1239e9b70ca2 | 778 | if (ret != 0) { |
| wolfSSL | 0:1239e9b70ca2 | 779 | CYASSL_MSG("Cavium CRT Dec BT2 failed"); |
| wolfSSL | 0:1239e9b70ca2 | 780 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 781 | } |
| wolfSSL | 0:1239e9b70ca2 | 782 | ato16((const byte*)&outSz, &outSz); |
| wolfSSL | 0:1239e9b70ca2 | 783 | |
| wolfSSL | 0:1239e9b70ca2 | 784 | return outSz; |
| wolfSSL | 0:1239e9b70ca2 | 785 | } |
| wolfSSL | 0:1239e9b70ca2 | 786 | |
| wolfSSL | 0:1239e9b70ca2 | 787 | |
| wolfSSL | 0:1239e9b70ca2 | 788 | static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 789 | word32 outLen, RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 790 | { |
| wolfSSL | 0:1239e9b70ca2 | 791 | word32 requestId; |
| wolfSSL | 0:1239e9b70ca2 | 792 | word32 ret; |
| wolfSSL | 0:1239e9b70ca2 | 793 | |
| wolfSSL | 0:1239e9b70ca2 | 794 | if (key == NULL || in == NULL || out == NULL || inLen == 0 || outLen < |
| wolfSSL | 0:1239e9b70ca2 | 795 | (word32)key->c_nSz) |
| wolfSSL | 0:1239e9b70ca2 | 796 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 797 | |
| wolfSSL | 0:1239e9b70ca2 | 798 | ret = CspPkcs1v15CrtEnc(CAVIUM_BLOCKING, BT1, key->c_nSz, (word16)inLen, |
| wolfSSL | 0:1239e9b70ca2 | 799 | key->c_q, key->c_dQ, key->c_p, key->c_dP, key->c_u, |
| wolfSSL | 0:1239e9b70ca2 | 800 | (byte*)in, out, &requestId, key->devId); |
| wolfSSL | 0:1239e9b70ca2 | 801 | if (ret != 0) { |
| wolfSSL | 0:1239e9b70ca2 | 802 | CYASSL_MSG("Cavium CRT Enc BT1 failed"); |
| wolfSSL | 0:1239e9b70ca2 | 803 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 804 | } |
| wolfSSL | 0:1239e9b70ca2 | 805 | return key->c_nSz; |
| wolfSSL | 0:1239e9b70ca2 | 806 | } |
| wolfSSL | 0:1239e9b70ca2 | 807 | |
| wolfSSL | 0:1239e9b70ca2 | 808 | |
| wolfSSL | 0:1239e9b70ca2 | 809 | static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out, |
| wolfSSL | 0:1239e9b70ca2 | 810 | word32 outLen, RsaKey* key) |
| wolfSSL | 0:1239e9b70ca2 | 811 | { |
| wolfSSL | 0:1239e9b70ca2 | 812 | word32 requestId; |
| wolfSSL | 0:1239e9b70ca2 | 813 | word32 ret; |
| wolfSSL | 0:1239e9b70ca2 | 814 | word16 outSz = (word16)outLen; |
| wolfSSL | 0:1239e9b70ca2 | 815 | |
| wolfSSL | 0:1239e9b70ca2 | 816 | if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz) |
| wolfSSL | 0:1239e9b70ca2 | 817 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 818 | |
| wolfSSL | 0:1239e9b70ca2 | 819 | ret = CspPkcs1v15Dec(CAVIUM_BLOCKING, BT1, key->c_nSz, key->c_eSz, |
| wolfSSL | 0:1239e9b70ca2 | 820 | key->c_n, key->c_e, (byte*)in, &outSz, out, |
| wolfSSL | 0:1239e9b70ca2 | 821 | &requestId, key->devId); |
| wolfSSL | 0:1239e9b70ca2 | 822 | if (ret != 0) { |
| wolfSSL | 0:1239e9b70ca2 | 823 | CYASSL_MSG("Cavium Dec BT1 failed"); |
| wolfSSL | 0:1239e9b70ca2 | 824 | return -1; |
| wolfSSL | 0:1239e9b70ca2 | 825 | } |
| wolfSSL | 0:1239e9b70ca2 | 826 | outSz = ntohs(outSz); |
| wolfSSL | 0:1239e9b70ca2 | 827 | |
| wolfSSL | 0:1239e9b70ca2 | 828 | return outSz; |
| wolfSSL | 0:1239e9b70ca2 | 829 | } |
| wolfSSL | 0:1239e9b70ca2 | 830 | |
| wolfSSL | 0:1239e9b70ca2 | 831 | |
| wolfSSL | 0:1239e9b70ca2 | 832 | #endif /* HAVE_CAVIUM */ |
| wolfSSL | 0:1239e9b70ca2 | 833 | |
| wolfSSL | 0:1239e9b70ca2 | 834 | #endif /* NO_RSA */ |
| wolfSSL | 0:1239e9b70ca2 | 835 |