[06/24] wolfssl: implement EAP-AKA

Message ID	20240404181630.2431991-6-juliusz@wolfssl.com
State	New
Headers	show Return-Path: <hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> From: Juliusz Sosinowicz <juliusz@wolfssl.com> To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz <juliusz@wolfssl.com> Subject: [PATCH 06/24] wolfssl: implement EAP-AKA Date: Thu, 4 Apr 2024 20:16:12 +0200 Message-Id: <20240404181630.2431991-6-juliusz@wolfssl.com> In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com> References: <20240404181630.2431991-1-juliusz@wolfssl.com> MIME-Version: 1.0 preview: Implement the crypto_rsa_key set of functions in the wolfSSL backend to enable EAP-AKA and EAP-SIM Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com> --- hostapd/Makefile \| 1 + src/crypto/crypto_wolfssl.c \| 256 ++++++++++++++++++++++++++++++++++++ wpa_supplicant/Makefile \| 1 + 3 files changed, [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [2a00:1450:4864:20:0:0:0:12e listed in] [list.dnswl.org] Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Hostap" <hostap-bounces@lists.infradead.org> Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org
Series	[01/24] wolfssl: simplify tls_get_cipher \| expand [01/24] wolfssl: simplify tls_get_cipher [02/24] wolfssl: implement suiteb ciphersuite [03/24] wolfssl: use defines for ex_data access [04/24] wolfssl: fix get_x509_cert [05/24] wolfssl: support tod policy [06/24] wolfssl: implement EAP-AKA [07/24] openssl: Use uncompressed format for ECC keys [08/24] wolfssl: Set additional sigalgs when using anon cipher [09/24] wolfssl: tune test_ap_wpa2_eap_fast_prf_oom for wolfssl [10/24] ap_wpa2_eap_tls_rsa_and_ec: use ciphersuites that wolfSSL understands [11/24] ap_wpa2_eap_fast_cipher_suites: allow wolfSSL to skip RC4 test [12/24] ap_wpa2_eap_tls_versions: run tests with wolfSSL [13/24] wolfssl: generate events when OCSP status is revoked [14/24] wolfssl: remove unnecessary WOLFSSL_X509_STORE manipulation [15/24] wolfssl: log error number on failure [16/24] wolfssl: remove unused and non-compiling code [17/24] wolfssl: add missing return in tls_init [18/24] wolfssl: implement check_cert_subject [19/24] wolfssl: Actually use ocsp_stapling_response [20/24] run_ap_wpa2_eap_tls_intermediate_ca_ocsp: fix cert configuration [21/24] wolfssl: Implement EAP-FAST [22/24] wolfSSL: simplify option setting in tls_set_conn_flags [23/24] wolfSSL: Implement openssl_ecdh_curves [24/24] wolfSSL: test_ap_wpa2_eap_fast_server_oom

Message ID

20240404181630.2431991-6-juliusz@wolfssl.com

State

New

Headers

From: Juliusz Sosinowicz <juliusz@wolfssl.com>
To: hostap@lists.infradead.org
Cc: Juliusz Sosinowicz <juliusz@wolfssl.com>
Subject: [PATCH 06/24] wolfssl: implement EAP-AKA
Date: Thu,  4 Apr 2024 20:16:12 +0200
Message-Id: <20240404181630.2431991-6-juliusz@wolfssl.com>
In-Reply-To: <20240404181630.2431991-1-juliusz@wolfssl.com>
References: <20240404181630.2431991-1-juliusz@wolfssl.com>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Hostap" <hostap-bounces@lists.infradead.org>
Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Series

[01/24] wolfssl: simplify tls_get_cipher | expand

Commit Message

Juliusz Sosinowicz April 4, 2024, 6:16 p.m. UTC

Implement the crypto_rsa_key set of functions in the wolfSSL backend to enable EAP-AKA and EAP-SIM

Signed-off-by: Juliusz Sosinowicz <juliusz@wolfssl.com>
---
 hostapd/Makefile            |   1 +
 src/crypto/crypto_wolfssl.c | 256 ++++++++++++++++++++++++++++++++++++
 wpa_supplicant/Makefile     |   1 +
 3 files changed, 258 insertions(+)

diff --git a/hostapd/Makefile b/hostapd/Makefile
index b3cb686734..2e69453443 100644
--- a/hostapd/Makefile
+++ b/hostapd/Makefile
@@ -708,6 +708,7 @@  CFLAGS += -DCONFIG_TLSV12
 endif
 
 ifeq ($(CONFIG_TLS), wolfssl)
+CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
 CONFIG_CRYPTO=wolfssl
 ifdef TLS_FUNCS
 OBJS += ../src/crypto/tls_wolfssl.o
diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c
index 269174321b..74e25fab91 100644
--- a/src/crypto/crypto_wolfssl.c
+++ b/src/crypto/crypto_wolfssl.c
@@ -29,6 +29,7 @@ 
 #include <wolfssl/wolfcrypt/md5.h>
 #include <wolfssl/wolfcrypt/pkcs7.h>
 #include <wolfssl/wolfcrypt/pwdbased.h>
+#include <wolfssl/wolfcrypt/rsa.h>
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/sha512.h>
@@ -3554,6 +3555,261 @@  fail:
 
 #endif /* CONFIG_DPP */
 
+struct crypto_rsa_key {
+	RsaKey key;
+	WC_RNG *rng;
+};
+
+static struct crypto_rsa_key * crypto_rsa_key_init(void)
+{
+	struct crypto_rsa_key* ret;
+	int err;
+	ret = os_zalloc(sizeof(*ret));
+	if (ret) {
+		err = wc_InitRsaKey(&ret->key, NULL);
+		if (err != MP_OKAY) {
+			LOG_WOLF_ERROR_FUNC(wc_InitRsaKey, err);
+			goto fail;
+		}
+		ret->rng = wc_rng_init();
+		if (!ret->rng) {
+			LOG_WOLF_ERROR_FUNC_NULL(wc_rng_init);
+			goto fail;
+		}
+		err = wc_RsaSetRNG(&ret->key, ret->rng);
+		if (err != 0) {
+			LOG_WOLF_ERROR_FUNC(wc_RsaSetRNG, err);
+			goto fail;
+		}
+	}
+	return ret;
+fail:
+	crypto_rsa_key_free(ret);
+	return NULL;
+}
+
+void crypto_rsa_key_free(struct crypto_rsa_key *key)
+{
+	int err;
+	if (key) {
+		err = wc_FreeRsaKey(&key->key);
+		if (err != 0)
+			LOG_WOLF_ERROR_FUNC(wc_FreeRsaKey, err);
+		wc_rng_free(key->rng);
+		os_free(key);
+	}
+}
+
+static void read_rsa_key_from_x509(unsigned char *keyPem, size_t keyPemLen,
+		DerBuffer** keyDer)
+{
+	struct DecodedCert cert;
+    DerBuffer* certDer = NULL;
+    word32 derKeySz = 0;
+    int err;
+
+	err = wc_PemToDer(keyPem, (long)keyPemLen, CERT_TYPE, &certDer,
+			NULL, NULL, NULL);
+	if (err != 0) {
+		LOG_WOLF_ERROR_FUNC(wc_PemToDer, err);
+		goto fail;
+	}
+
+	wc_InitDecodedCert(&cert, certDer->buffer, certDer->length, NULL);
+	err = wc_ParseCert(&cert, CERT_TYPE, NO_VERIFY, NULL);
+	if (err != 0) {
+		LOG_WOLF_ERROR_FUNC(wc_PemToDer, err);
+		goto fail;
+	}
+
+	err = wc_GetPubKeyDerFromCert(&cert, NULL, &derKeySz);
+	if (err != LENGTH_ONLY_E) {
+		LOG_WOLF_ERROR_FUNC(wc_GetPubKeyDerFromCert, err);
+		goto fail;
+	}
+
+	if (*keyDer)
+	    wc_FreeDer(keyDer);
+	*keyDer = NULL;
+
+	err = wc_AllocDer(keyDer, derKeySz, PUBLICKEY_TYPE, NULL);
+	if (err != 0) {
+		LOG_WOLF_ERROR_FUNC(wc_AllocDer, err);
+		goto fail;
+	}
+
+	err = wc_GetPubKeyDerFromCert(&cert, (*keyDer)->buffer, &(*keyDer)->length);
+	if (err != 0) {
+		LOG_WOLF_ERROR_FUNC(wc_GetPubKeyDerFromCert, err);
+		goto fail;
+	}
+
+fail:
+	if (certDer) {
+		wc_FreeDecodedCert(&cert);
+	    wc_FreeDer(&certDer);
+	}
+	/* caller is responsible for free'ing keyDer */
+}
+
+struct crypto_rsa_key * crypto_rsa_key_read(const char *file, bool private_key)
+{
+	struct crypto_rsa_key* ret = NULL;
+	unsigned char *keyPem = NULL;
+	size_t keyPemLen = 0;
+    DerBuffer* keyDer = NULL;
+    int keyFormat = 0;
+    int err;
+    int success = 0;
+    word32 idx = 0;
+
+    keyPem = (unsigned char*)os_readfile(file, &keyPemLen);
+	if (!keyPem) {
+		LOG_WOLF_ERROR_FUNC_NULL(os_readfile);
+		goto fail;
+	}
+
+	err = wc_PemToDer(keyPem, (long)keyPemLen, private_key ? PRIVATEKEY_TYPE :
+			PUBLICKEY_TYPE, &keyDer,
+			NULL, NULL, &keyFormat);
+	if (err != 0) {
+		if (private_key) {
+			LOG_WOLF_ERROR_FUNC(wc_PemToDer, err);
+			goto fail;
+		}
+		else {
+			/* input file might be public key or x509 cert we want to extract
+			 * the key from */
+			wpa_printf(MSG_DEBUG,
+					"wolfSSL: trying to extract key from x509 cert");
+			read_rsa_key_from_x509(keyPem, keyPemLen, &keyDer);
+			if (!keyDer) {
+				LOG_WOLF_ERROR_FUNC(wc_PemToDer, err);
+				LOG_WOLF_ERROR_FUNC_NULL(read_rsa_key_from_x509);
+				goto fail;
+			}
+		}
+	}
+	if (private_key && keyFormat != RSAk) {
+		LOG_WOLF_ERROR("Private key is not RSA key");
+		goto fail;
+	}
+
+	/* No longer needed so let's free the memory early */
+	os_free(keyPem);
+	keyPem = NULL;
+
+	ret = crypto_rsa_key_init();
+	if (!ret) {
+		LOG_WOLF_ERROR_FUNC_NULL(crypto_rsa_key_init);
+		goto fail;
+	}
+
+	if (private_key)
+		err = wc_RsaPrivateKeyDecode(keyDer->buffer, &idx, &ret->key, keyDer->length);
+	else
+		err = wc_RsaPublicKeyDecode(keyDer->buffer, &idx, &ret->key, keyDer->length);
+
+	if (err != 0) {
+		if (private_key)
+			LOG_WOLF_ERROR_FUNC(wc_RsaPrivateKeyDecode, err);
+		else
+			LOG_WOLF_ERROR_FUNC(wc_RsaPublicKeyDecode, err);
+		goto fail;
+	}
+
+	success = 1;
+fail:
+	if (keyPem)
+		os_free(keyPem);
+	if (keyDer)
+	    wc_FreeDer(&keyDer);
+	if (!success && ret) {
+		crypto_rsa_key_free(ret);
+		ret = NULL;
+	}
+	return ret;
+}
+
+struct wpabuf * crypto_rsa_oaep_sha256_encrypt(struct crypto_rsa_key *key,
+					       const struct wpabuf *in)
+{
+	int err;
+	int success = 0;
+	struct wpabuf *ret = NULL;
+
+	if (!key || !in) {
+		LOG_INVALID_PARAMETERS();
+		return NULL;
+	}
+
+	ret = wpabuf_alloc(wc_RsaEncryptSize(&key->key));
+	if (!ret) {
+		LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc);
+		goto fail;
+	}
+
+	wpa_printf(MSG_DEBUG,
+			"wolfSSL: crypto_rsa_oaep_sha256_encrypt: wpabuf_len(in) %ld "
+			"wc_RsaEncryptSize(key->key) %d", wpabuf_len(in), wc_RsaEncryptSize(&key->key));
+
+    err = wc_RsaPublicEncrypt_ex(wpabuf_head_u8(in), wpabuf_len(in),
+    		wpabuf_mhead_u8(ret), wpabuf_size(ret), &key->key, key->rng,
+    		WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0);
+    if (err <= 0) {
+		LOG_WOLF_ERROR_FUNC(wc_RsaPublicEncrypt_ex, err);
+		goto fail;
+    }
+    wpabuf_put(ret, err);
+
+	success = 1;
+fail:
+	if (!success && ret) {
+		wpabuf_free(ret);
+		ret = NULL;
+	}
+	return ret;
+}
+
+struct wpabuf * crypto_rsa_oaep_sha256_decrypt(struct crypto_rsa_key *key,
+					       const struct wpabuf *in)
+{
+	int err;
+	int success = 0;
+	struct wpabuf *ret = NULL;
+
+	if (!key || !in) {
+		LOG_INVALID_PARAMETERS();
+		return NULL;
+	}
+
+	ret = wpabuf_alloc(wc_RsaEncryptSize(&key->key));
+	if (!ret) {
+		LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc);
+		goto fail;
+	}
+
+	wpa_printf(MSG_DEBUG,
+			"wolfSSL: crypto_rsa_oaep_sha256_decrypt: wpabuf_len(in) %ld "
+			"wc_RsaEncryptSize(key->key) %d", wpabuf_len(in), wc_RsaEncryptSize(&key->key));
+
+    err = wc_RsaPrivateDecrypt_ex(wpabuf_head_u8(in), wpabuf_len(in),
+    		wpabuf_mhead_u8(ret), wpabuf_size(ret), &key->key, WC_RSA_OAEP_PAD,
+    		WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0);
+    if (err <= 0) {
+		LOG_WOLF_ERROR_FUNC(wc_RsaPublicEncrypt_ex, err);
+		goto fail;
+    }
+    wpabuf_put(ret, err);
+
+	success = 1;
+fail:
+	if (!success && ret) {
+		wpabuf_free(ret);
+		ret = NULL;
+	}
+	return ret;
+}
 
 void crypto_unload(void)
 {
diff --git a/wpa_supplicant/Makefile b/wpa_supplicant/Makefile
index dd13308f7b..3f75399eb9 100644
--- a/wpa_supplicant/Makefile
+++ b/wpa_supplicant/Makefile
@@ -1188,6 +1188,7 @@  TLS_FUNCS=y
 endif
 
 ifeq ($(CONFIG_TLS), wolfssl)
+CFLAGS += -DCRYPTO_RSA_OAEP_SHA256
 ifdef TLS_FUNCS
 CFLAGS += -DWOLFSSL_DER_LOAD
 OBJS += ../src/crypto/tls_wolfssl.o

[06/24] wolfssl: implement EAP-AKA

Commit Message

Patch