From patchwork Wed Mar 8 17:18:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754259 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=zMpSnwVr; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzcH0Rlvz1yWs for ; Thu, 9 Mar 2023 04:21:03 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=SU6ikl2UKN2iZXVuBXT5k857lPWYZ3TYpXmGW/84Kws=; b=zMpSnwVrfHbp+7 aJL+wdfLKxYpLNDoHcb5Sbk0Tq65vg2IyhNxWXzi9mUyLmSn8RQoHF90AycrTYf5/WG6oSOp/DnKw 2A1dH1eo4jLAppVbTJ2yqEfXXMxOaXX8yo/i0Zh8QeN+Zj/omMpn0t6KH+/FA89nU7QukIvWsxy1o Gf+JGEAGC81bpaC05i6z/9x207qM47rWgLeXWa2oia4Xait4DkhFZ6aYAhXRxQl+yoqbvCu+n61GK 6+222KLoRJ3Z868HRou5C8dTHA9PlZxz3JQOprjeYROodmq+XytNN61e5HDzT8xEHUbC4phuLaQj1 hcz7593AkXwkmWFoNSJQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSL-0067cE-Ew; Wed, 08 Mar 2023 17:20:01 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSI-0067aa-Kq for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:19:59 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxS9pM64y; Wed, 08 Mar 2023 10:19:50 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3b6 a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=daL9QmaAbZE1QCLt3pgA:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 01/12] Print ciphersuites in wolfSSL Date: Wed, 8 Mar 2023 18:18:39 +0100 Message-Id: <20230308171850.267577-1-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-CMAE-Envelope: MS4xfIKI4gdCTMsD60vQzxXlCWKDBSQxgd4HzEu+p33hms36u6EK3JGXyEdgAkjd7qyLjoJje5UQ+wMSrpdcV0CGHmq8Fme+HiQeF8toCfKap7Y47U7cT+SS WKuebYQkyazYFUc1vm3CMvONtOf5AokQlkS3oFr2iD6+FfB9SakRY3HCt4Z0fCop8w0fhSgWE6UofVJf+1kd0xYhro/uEKm5gIYRMKPdUqBNFu4uYJtFzyb5 e/wjsQF3/fuLPU67rsPKhQ== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_091958_740916_7CC56F17 X-CRM114-Status: UNSURE ( 7.27 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/tls_wolfssl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index b4f1bbe7f..a02c92892 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -284,6 +284,7 @@ void * tls_init(con [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/tls_wolfssl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index b4f1bbe7f..a02c92892 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -284,6 +284,7 @@ void * tls_init(const struct tls_config *conf) ciphers = conf->openssl_ciphers; else ciphers = "ALL"; + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", ciphers); if (wolfSSL_CTX_set_cipher_list(ssl_ctx, ciphers) != 1) { wpa_printf(MSG_ERROR, "wolfSSL: Failed to set cipher string '%s'", @@ -1323,6 +1324,7 @@ int tls_connection_set_params(void *tls_ctx, struct tls_connection *conn, return -1; } + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", params->openssl_ciphers); if (params->openssl_ciphers && wolfSSL_set_cipher_list(conn->ssl, params->openssl_ciphers) != 1) { wpa_printf(MSG_INFO, @@ -1553,6 +1555,7 @@ int tls_global_set_params(void *tls_ctx, return -1; } + wpa_printf(MSG_DEBUG, "wolfSSL: cipher suites: %s", params->openssl_ciphers); if (params->openssl_ciphers && wolfSSL_CTX_set_cipher_list(tls_ctx, params->openssl_ciphers) != 1) { From patchwork Wed Mar 8 17:18:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754260 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=iV8lzg33; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzcH16Tsz246p for ; Thu, 9 Mar 2023 04:21:03 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=sYGGp/jWoXwWA1OvgjUom2FkfuDKyXYCMO/HCvBe32E=; b=iV8lzg33+0RXDT 9qUCaLtnp08HY2ymkRB8m/xdat+eBhWtrm2diSaTdbVK3OdnSku7mnTF/DXMG7FjMj5ETk2hw8804 f9LO5zHU/G9XKGBjxS76ANgOceG8fqGwkirr6Qsp5jHugHihX0yCvd7QWhlaIeWT5d/8I513X7dNj PTC2S9dVTba7a4fOQWH5ZZz2Luesq57VlvbOD2x5LYrSguITM2esvo+UTkwaReHOMd6/VQf9Dv8tW 6KQXhmps1czaPMObrwhHqdUD4lyQ9g51zsc4yO7+9nl5hJeN64OsXLucxMuIC+uZeTikmTcJRQWrl 6w05ZxJerEoH4kFGlZ8A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxST-0067ea-6E; Wed, 08 Mar 2023 17:20:09 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSN-0067aa-Sm for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:05 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSMpM65J; Wed, 08 Mar 2023 10:20:03 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3c3 a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=GV___YGArQhv6W14nq0A:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 02/12] Add more precise logging in wolfssl_handshake Date: Wed, 8 Mar 2023 18:18:40 +0100 Message-Id: <20230308171850.267577-2-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfNamQg80+aPlkJJgLUgd6+8ryZrUqlER8neM/OK0q4FkGsFUC0TiehFrHvU2H9GJTRUFdT5Qjbvr0/Dv6NhbK7mnGX9OE6UFDGZ94ZLn8fj9l5yWrH3f SJ7gpVpzSGGXD7M+ZVOnMD4Ukmoekv7NeCoHT2eGtnjereH1ogQMCduv/wrni+pLM4+AFn54Y6Ps7CIlyvqSnZjA8WetZFeg+ITQk9zYSRuA3ZEHGMpMtskK hEPmj++eLwoBrzHDS9Hyyw== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092003_966713_2B6975E4 X-CRM114-Status: UNSURE ( 9.24 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/tls_wolfssl.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index a02c92892..abf97700c 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -1668,20 +1668,27 @@ static struct w [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/tls_wolfssl.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c index a02c92892..abf97700c 100644 --- a/src/crypto/tls_wolfssl.c +++ b/src/crypto/tls_wolfssl.c @@ -1668,20 +1668,27 @@ static struct wpabuf * wolfssl_handshake(struct tls_connection *conn, wpa_printf(MSG_DEBUG, "SSL: wolfSSL_connect: %d", res); } - if (res != 1) { + if (res != WOLFSSL_SUCCESS) { int err = wolfSSL_get_error(conn->ssl, res); - if (err == SSL_ERROR_WANT_READ) { + if (err == WOLFSSL_ERROR_NONE) { wpa_printf(MSG_DEBUG, - "SSL: wolfSSL_connect - want more data"); - } else if (err == SSL_ERROR_WANT_WRITE) { + "SSL: %s - WOLFSSL_ERROR_NONE (%d)", + server ? "wolfSSL_accept" : "wolfSSL_connect", res); + } else if (err == WOLFSSL_ERROR_WANT_READ) { wpa_printf(MSG_DEBUG, - "SSL: wolfSSL_connect - want to write"); + "SSL: %s - want more data", + server ? "wolfSSL_accept" : "wolfSSL_connect"); + } else if (err == WOLFSSL_ERROR_WANT_WRITE) { + wpa_printf(MSG_DEBUG, + "SSL: %s - want to write", + server ? "wolfSSL_accept" : "wolfSSL_connect"); } else { char msg[80]; wpa_printf(MSG_DEBUG, - "SSL: wolfSSL_connect - failed %s", + "SSL: %s - failed %s", + server ? "wolfSSL_accept" : "wolfSSL_connect", wolfSSL_ERR_error_string(err, msg)); conn->failed++; } From patchwork Wed Mar 8 17:18:41 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754261 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=sej+xumw; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzcJ4BWgz1yWs for ; Thu, 9 Mar 2023 04:21:04 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=/4mXXb8sxxaEtGma7PgMmsf2M+Gh5Nfd902U4KXwtjc=; b=sej+xumwDPzSfZ khBkZPnGBqz+VtqmQiacWzG6TmOf0X0WXNLAsAihmbB3MktvuKCKOLUqEeLCqWvXy3Br7iKL+88sQ +sGF7Ga5Ruv1hl4XycrJCerg1cIcF6Q/z65MtIliN/aHFrXl6OEzVVpjZ6iUduMAY6O6oGfhj6gag PfurM1PRTjLKG0MRYF5D9C42NeTmi4RxqyodAWXngppcgXa8DMeUgPNndxEstbidxhVHTAhBrTiYO 43O4Bpo3TnB+ay0hEEPHz9tCunzG7IsW2lXEUjEQYYsz/g3TVWsv+po7JohcyDtyVeTyTUoi4WRz+ Iki84jHufsv0hFaeqwVA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSb-0067hK-K7; Wed, 08 Mar 2023 17:20:17 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSP-0067d6-3V for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:06 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSNpM65P; Wed, 08 Mar 2023 10:20:04 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3c4 a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=t6wpCwEC9UfHvCeaHgUA:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 03/12] Put wolfSSL headers in alphabetical order Date: Wed, 8 Mar 2023 18:18:41 +0100 Message-Id: <20230308171850.267577-3-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfDx2euR3PNTeN9AOS+8rVRz2UdGD/+olYFbk8gYViJO15KsWchWCYhlz46WBbIxJnRZz4H1cPztSrp9p7sfor+s4PgnjNeiwp9EOQjS1Eu0gQMDTmf3U sRdzlFTyOgbmdGopsH2qkNw7y9nGT4Xm9azCUVixptM+OeVj4AkSfGO2AI5TzHxRnGBypX2o3YtCeAbOTGDL8aodTdK0fcrvHzDaEMLHTYf9uQPIyBfjht3x J7x/wpxcvMZ8yQU+/t+mTA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092005_190169_103CF7B8 X-CRM114-Status: UNSURE ( 7.12 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 25 +++++++++++++ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index f47beebeb..da5f998de 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -12,23 +12,24 @@ #includ [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index f47beebeb..da5f998de 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -12,23 +12,24 @@ #include "crypto.h" /* wolfSSL headers */ -#include -#include -#include -#include -#include -#include -#include -#include +#include /* options.h needs to be included first */ +#include +#include #include +#include +#include #include -#include #include -#include #include -#include #include -#include +#include +#include +#include +#include +#include +#include +#include +#include #ifndef CONFIG_FIPS From patchwork Wed Mar 8 17:18:42 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754262 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=kxpUmRqh; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzcL5rBnz1yWs for ; Thu, 9 Mar 2023 04:21:06 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ljveCRQJWHLLPHv1B5GzW2SbIuhdg9fWPxuVdwQFAXs=; b=kxpUmRqhyPnK8+ 056NuaqYulYF1WCdagDN9frMewTsnPMDqN0kQQ37o9zOMBVQEinQwtAzfy13d/c7fNZDA5ZYXy5S2 /8yDcT0ki9ELDdRnTxjJVCfp/Rfwx8+yuRbR7ZR7LXI7aUoPvQ/E2fPGAug5yaRFB5YfqE1oT60Zq 2oe0kk4ckrG9BFA7kDKZ2T57Wi6xoJESHCe9/qxLF6+Z5hnbASZWWOniNi72ST0QPE4upiO4wCR9j yOZ8WFuHpgIMnlJkIzbd1FVErEiIdreCG4Opji7HoYPTI7jWOw+RLss9jsx/HrcRKa+gpSQkAfG33 WI8E1kxaGoQSF0j+Yu6g==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSj-0067jN-P1; Wed, 08 Mar 2023 17:20:25 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSQ-0067aa-26 for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:07 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSPpM65U; Wed, 08 Mar 2023 10:20:05 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3c6 a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=3nvOris4C_Xq3-0VF-AA:9 a=3nCRFRBk160rr49iQ4ul:22 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 04/12] Add FIPS warning Date: Wed, 8 Mar 2023 18:18:42 +0100 Message-Id: <20230308171850.267577-4-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfHPLtOpxI7oFaVCdba5pdFv/so/0Gw+9OEw4MvGMX6BtbjtbsTJq8PN5wtAyj/V0I6oINbUFmGZ/O9sV3gqH17RRU3YatsFEUb70wJQId/T5HM78fAtf RZvoB/Tvm09VsSzrLTs1zjotIeTVSv9K2TjvSgY0saSggYDf/cUX7FkH1ICcvsjY4zWX3/RQNUQebXKdD9B6yy2S5XARYp13IXxHOIj4LEyf+MmtGC98PocE KlcbN82LLj+f/RGQ9LLSUA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092006_135023_54899A83 X-CRM114-Status: UNSURE ( 7.35 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index da5f998de..5d9c17a16 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -31,6 +31,11 @@ #include [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index da5f998de..5d9c17a16 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -31,6 +31,11 @@ #include #include +#ifdef CONFIG_FIPS +#ifndef HAVE_FIPS +#warning "You are compiling wpa_supplicant in FIPS mode but wolfSSL is not configured for FIPS mode." +#endif +#endif #ifndef CONFIG_FIPS From patchwork Wed Mar 8 17:18:43 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754263 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=K08zb2il; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzcT3KY3z1yWs for ; Thu, 9 Mar 2023 04:21:13 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=McpzQ+kk548oR+dU/tiukwgUbXYMLg9AItpyTEB9cQk=; b=K08zb2ilOWFbIW w36ESnz9W/CEkJGVB7rc3cwRx0C4Zmg9IR9Gu2GDLXzamcWAT8UmeqYt7bN9ShT8e5v1rEPZl3ob0 uka6hYsGyubPohVQJFqg2qp7xfaOn6U319RJb109QZ3U0paZVOqR1speqrVKIU9xEEuPp+VZ0tRPj srMmww/6z3PScZNrha9qWHfY28hxMqEJboLViPUCLMw0eYgPne0MBJA7Q0fIltjAIf9MDTl87M20o p5Y2CMATC7SzRMxLLBzRk7qSQHIRXLCVFM5aqO+eoyKMFSkOwzVHlUj2rwM8pLvbC5BC7c9veuzij FsR7UaoRFKhWjCAXAQ8A==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSr-0067l3-V1; Wed, 08 Mar 2023 17:20:34 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSR-0067d6-4i for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:08 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSQpM65a; Wed, 08 Mar 2023 10:20:07 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3c7 a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=oue1eSNoLAf0LtJUQRsA:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 05/12] Add wolfssl crypto logging macros Date: Wed, 8 Mar 2023 18:18:43 +0100 Message-Id: <20230308171850.267577-5-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfILseHkJUl0Z/BwthF7HlDJCtQc/RCL8xOAyBUphwTs4nsj7d9tKq2/B9fxTtoXfcQF1j1bXWFzbRctPNMk+xwEYassi/hgozJwFE9NHPMTE3U4fnc4C 15A1SyILrrqKOWPoTjTU4IxBgOWJ1jkwExyY+CA+Fx4jwPE2TFB6a86sGC3/IAmZeL2/ZLpDcoGetdgz35eB8vpg0GuTYHqE3keZzfOSq7NFcRrBzqzqxoOr r+qH007N4RDjLoponuzidA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092007_220638_12B79ECE X-CRM114-Status: UNSURE ( 6.28 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 5d9c17a16..2f41f2378 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -37,6 +37,21 @@ #endif # [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 5d9c17a16..2f41f2378 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -37,6 +37,21 @@ #endif #endif +#define LOG_WOLF_ERROR_VA(msg, ...) \ + wpa_printf(MSG_ERROR, "wolfSSL: %s:%d " msg, __func__, __LINE__, __VA_ARGS__) + +#define LOG_WOLF_ERROR(msg) \ + LOG_WOLF_ERROR_VA("%s", (msg)) + +#define LOG_WOLF_ERROR_FUNC(func, err) \ + LOG_WOLF_ERROR_VA( #func " failed with err: %d %s", (err), wc_GetErrorString(err)) + +#define LOG_WOLF_ERROR_FUNC_NULL(func) \ + LOG_WOLF_ERROR( #func " failed with NULL return") + +#define LOG_INVALID_PARAMETERS() \ + LOG_WOLF_ERROR("invalid input parameters") + #ifndef CONFIG_FIPS int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) From patchwork Wed Mar 8 17:18:44 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754264 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=0nCWQa5F; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzcj3nRMz1yWs for ; Thu, 9 Mar 2023 04:21:25 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=GstCW4ktyGrlSQCgfE5IzLCAn64qPLonBEWRzuF5SVc=; b=0nCWQa5F3tIx4N HTC/fzCh8UvrrihIB6pdEQGb53WA4XUy6pyfdXKv+d0MdvoeehsW30UHlBWKVTKhFfNNTkaUk5p6Y Cq9eRslfh9BHbd7ggFgDcHDGTkhl+0PNlo8UXlo9WE4Td11WPrS0fGNJN5SWXhgQuU//H5BK90vSb weWj9+YtfWJh7C6J4WHmyVkg0mEHVTpT9xChg8GdVKYPhzTF3y79MZtg2anTt3IDT39xWIa/Wq7/T eeSYaFd18UWJlsE4d3N016MNSphp3WcgGGJmsqpqX/mxR0e0GXx9av6ZjiEnCz97QAcR4XOMgwemu Okqlm5wlMlV8M/Bs5R/Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxT2-0067oO-Bo; Wed, 08 Mar 2023 17:20:44 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSS-0067aa-8A for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:09 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSRpM65d; Wed, 08 Mar 2023 10:20:08 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3c8 a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=6e9o4IlfkHAY8sqJ2FAA:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 06/12] Improve error checking in wolfssl vector hashing functions Date: Wed, 8 Mar 2023 18:18:44 +0100 Message-Id: <20230308171850.267577-6-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfEm9ciUl3HywMcgoKmfeDaNcykmAj2JQ+p3GyxlCotDuhokv6U2q8dnKdLxTCGciQI3BPQRFM1BX3zBcv1h0aRbJiqg0VqjaZomVt8TexB/gyyMIEr8u cSYU0jldop2mwyCht8CNCE9IzNy/yps/W/2m0vFqLD2ptT7h6PZo00AilLV0klXxnR00+0aSraJMWkidM+JcPV7xVm7NtzNy7fn4Z+vkMh7iXsHRLTD5RY2P AXwQtjyqWwwMrk6go8UwSQ== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092008_328445_AB0C91FB X-CRM114-Status: GOOD ( 11.14 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 144 ++++++++++++++++++++++++++++-------- 1 file changed, 115 insertions(+), 29 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 2f41f2378..92137c6ce 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -77,18 +77,36 @@ int md5 [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 144 ++++++++++++++++++++++++++++-------- 1 file changed, 115 insertions(+), 29 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 2f41f2378..92137c6ce 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -77,18 +77,36 @@ int md5_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { wc_Md5 md5; size_t i; + int err; + int ret = -1; if (TEST_FAIL()) return -1; - wc_InitMd5(&md5); + err = wc_InitMd5(&md5); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_InitMd5, err); + return -1; + } - for (i = 0; i < num_elem; i++) - wc_Md5Update(&md5, addr[i], len[i]); + for (i = 0; i < num_elem; i++) { + err = wc_Md5Update(&md5, addr[i], len[i]); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Md5Update, err); + goto fail; + } + } - wc_Md5Final(&md5, mac); + err = wc_Md5Final(&md5, mac); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Md5Final, err); + goto fail; + } - return 0; + ret = 0; +fail: + wc_Md5Free(&md5); + return ret; } #endif /* CONFIG_FIPS */ @@ -98,19 +116,36 @@ int sha1_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) { wc_Sha sha; size_t i; + int err; + int ret = -1; if (TEST_FAIL()) return -1; - wc_InitSha(&sha); + err = wc_InitSha(&sha); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_InitSha, err); + return -1; + } - for (i = 0; i < num_elem; i++) - wc_ShaUpdate(&sha, addr[i], len[i]); + for (i = 0; i < num_elem; i++) { + err = wc_ShaUpdate(&sha, addr[i], len[i]); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_ShaUpdate, err); + goto fail; + } + } - wc_ShaFinal(&sha, mac); - wc_ShaFree(&sha); + err = wc_ShaFinal(&sha, mac); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_ShaFinal, err); + goto fail; + } - return 0; + ret = 0; +fail: + wc_ShaFree(&sha); + return ret; } @@ -120,19 +155,36 @@ int sha256_vector(size_t num_elem, const u8 *addr[], const size_t *len, { wc_Sha256 sha256; size_t i; + int err; + int ret = -1; if (TEST_FAIL()) return -1; - wc_InitSha256(&sha256); + err = wc_InitSha256(&sha256); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_InitSha256, err); + return -1; + } - for (i = 0; i < num_elem; i++) - wc_Sha256Update(&sha256, addr[i], len[i]); + for (i = 0; i < num_elem; i++) { + err = wc_Sha256Update(&sha256, addr[i], len[i]); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Sha256Update, err); + goto fail; + } + } - wc_Sha256Final(&sha256, mac); - wc_Sha256Free(&sha256); + err = wc_Sha256Final(&sha256, mac); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Sha256Final, err); + goto fail; + } - return 0; + ret = 0; +fail: + wc_Sha256Free(&sha256); + return ret; } #endif /* NO_SHA256_WRAPPER */ @@ -143,19 +195,36 @@ int sha384_vector(size_t num_elem, const u8 *addr[], const size_t *len, { wc_Sha384 sha384; size_t i; + int err; + int ret = -1; if (TEST_FAIL()) return -1; - wc_InitSha384(&sha384); + err = wc_InitSha384(&sha384); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_InitSha384, err); + return -1; + } - for (i = 0; i < num_elem; i++) - wc_Sha384Update(&sha384, addr[i], len[i]); + for (i = 0; i < num_elem; i++) { + err = wc_Sha384Update(&sha384, addr[i], len[i]); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Sha384Update, err); + goto fail; + } + } - wc_Sha384Final(&sha384, mac); - wc_Sha384Free(&sha384); + err = wc_Sha384Final(&sha384, mac); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Sha384Final, err); + goto fail; + } - return 0; + ret = 0; +fail: + wc_Sha384Free(&sha384); + return ret; } #endif /* CONFIG_SHA384 */ @@ -166,19 +235,36 @@ int sha512_vector(size_t num_elem, const u8 *addr[], const size_t *len, { wc_Sha512 sha512; size_t i; + int err; + int ret = -1; if (TEST_FAIL()) return -1; - wc_InitSha512(&sha512); + err = wc_InitSha512(&sha512); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_InitSha512, err); + return -1; + } - for (i = 0; i < num_elem; i++) - wc_Sha512Update(&sha512, addr[i], len[i]); + for (i = 0; i < num_elem; i++) { + err = wc_Sha512Update(&sha512, addr[i], len[i]); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Sha512Update, err); + goto fail; + } + } - wc_Sha512Final(&sha512, mac); - wc_Sha512Free(&sha512); + err = wc_Sha512Final(&sha512, mac); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_Sha512Final, err); + goto fail; + } - return 0; + ret = 0; +fail: + wc_Sha512Free(&sha512); + return ret; } #endif /* CONFIG_SHA512 */ From patchwork Wed Mar 8 17:18:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754265 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ZQQfB2Zg; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzcy3MHrz1yWs for ; Thu, 9 Mar 2023 04:21:38 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=RyaFwCSph3riFwJ83dNFU78qYx/CKY20zwIFfQbZiUU=; b=ZQQfB2Zg5WUGoz 7WYJ4jqqzmsecUx+XNAOqckh40acGKq1LpcXaJbKCR0iZ9aa1kuSJieIBxCtSb8EUzwf32hVbG8xR JlbrduHzqzk/34xKzTc3YKLdzHW6uXgT2Zh5A4FSnMA5pR2UldkZI06jUOl5YULYBoj/KJtnoJR71 UlHq9jtrvbQPgrQ6PVMwZzdJ/tJXPfd+ng+2iixqXrh6yKJ1NYGOYVqSrSBZXHG3UKUBHJFDAUmMF t5FVzD3cdfvnfj9sr4QMakysJB3JRIwLes/o/my3Ch+rvBktAKdxwoWIqqFVf/4Bfsk7lZ+vet8ug nvTFy/Pn8N2YSWETFWfw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxTD-0067sr-GL; Wed, 08 Mar 2023 17:20:55 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxST-0067d6-Al for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:10 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSSpM65h; Wed, 08 Mar 2023 10:20:09 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3c9 a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=c-xYXXDDVcie5B3pxScA:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 07/12] wolfssl_hmac_vector: always clean up resources and log errors Date: Wed, 8 Mar 2023 18:18:45 +0100 Message-Id: <20230308171850.267577-7-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfBk5l1j1K/rCe5lWwCqCNFmD7zHp4EO1xwYks4d2yXBpKOEBP7IJMXvGgWNp44+jaQJrnAjIMywoSoly72C58iaasgGteLwoLnrlGRLYrYGjs0u/Ov8/ BePqDYm4fKJSg6NwulLnjIudx5YE0ZwTKorwxzTd6Hbmhf4FGsxHCyjUflQPGy7dV7kQpCDbrdEELgDqzEFO5Q5GOIEXarp9Kl/QLy8T3PFJ0cksAqIELrBF 2bPfLOmypCR+NpmwXjFfVg== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092009_403739_5DAE3246 X-CRM114-Status: GOOD ( 12.41 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 38 ++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 92137c6ce..d8d014a07 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -276,23 +276,43 @@ stati [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 38 ++++++++++++++++++++++++++++--------- 1 file changed, 29 insertions(+), 9 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 92137c6ce..d8d014a07 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -276,23 +276,43 @@ static int wolfssl_hmac_vector(int type, const u8 *key, { Hmac hmac; size_t i; + int err; + int ret = -1; (void) mdlen; if (TEST_FAIL()) return -1; - if (wc_HmacInit(&hmac, NULL, INVALID_DEVID) != 0 || - wc_HmacSetKey(&hmac, type, key, (word32) key_len) != 0) - return -1; - for (i = 0; i < num_elem; i++) - if (wc_HmacUpdate(&hmac, addr[i], len[i]) != 0) - return -1; - if (wc_HmacFinal(&hmac, mac) != 0) + err = wc_HmacInit(&hmac, NULL, INVALID_DEVID); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_HmacInit, err); return -1; - wc_HmacFree(&hmac); + } - return 0; + err = wc_HmacSetKey(&hmac, type, key, (word32) key_len); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_HmacSetKey, err); + goto fail; + } + + for (i = 0; i < num_elem; i++) { + err = wc_HmacUpdate(&hmac, addr[i], len[i]); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_HmacUpdate, err); + goto fail; + } + } + err = wc_HmacFinal(&hmac, mac); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_HmacFinal, err); + goto fail; + } + + ret = 0; +fail: + wc_HmacFree(&hmac); + return ret; } From patchwork Wed Mar 8 17:18:46 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754266 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=UkYYhF0f; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzdC093nz1yWs for ; Thu, 9 Mar 2023 04:21:51 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=9YW0lEJqbfuiLlCNo+0PUpnAzzlINudj0uY0ukgUfyE=; b=UkYYhF0fFCPDaK C0oA1d1qtOcmtAX7EC0Gh5n2Qf+Cw/tkmUf6ybFdjMg5FJHI06NUhmb+kDjyIEzsTzUoxmupt7fb1 DMXJFzgjEsfc7gEEfQI1y7XfhB7rdfsvgjdTkaF85eUh+d5iJse6SX5AGYG1Y43FM5jSLBXBpez9n MwWQ5XVkoxSuMkiLj/CQnsHPnaw9fZj7FPtVjXvBIlZgIWypscQ/4u5r/IeVgnxqD8XX0whstZ3wN Mo3ivcUGX5hDVi5UcEHyIyH35aX6M/SaW8DxpqH1vj8HAWPoZPiEkCuyldx4o+qmVi9UYoaLMEjmK EpReQ/JoMvxvzKR8r3UA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxTS-006816-SZ; Wed, 08 Mar 2023 17:21:10 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSU-0067aa-DT for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:11 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSTpM65l; Wed, 08 Mar 2023 10:20:10 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3ca a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=37vA2Ne-ccQ0L1nD0xYA:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 08/12] wolfssl: Better error message in pbkdf2_sha1 for FIPS password failure Date: Wed, 8 Mar 2023 18:18:46 +0100 Message-Id: <20230308171850.267577-8-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfPr77PGyaJCcw3LsiaDjy/2k3dExbSZwkiCOs6oHBPfrSz59bf6JqxErntOZAVwOwUgavyNyZTjXiuJmVbvCj9LnBBdT8cWApZz2o9e0OjsndVxf8glu WG5KABI82eOmzeWaI9Sdr+OK5A5+aMdcHFlf2AFhDsSs9XH9xpx91r2MHb6gfBwzz89+kU/4cFtB2M8+Al6z6zedGdc6ldTGXKSblIMJdSguKskz3uRVCWrt VIhbrb+MEA4hCryKYVt8yQ== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092010_490405_905BF7BA X-CRM114-Status: UNSURE ( 9.34 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index d8d014a07..62eeee6a4 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -416,9 +416,9 @@ int pbk [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index d8d014a07..62eeee6a4 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -416,9 +416,9 @@ int pbkdf2_sha1(const char *passphrase, const u8 *ssid, size_t ssid_len, ssid, ssid_len, iterations, buflen, WC_SHA); if (ret != 0) { if (ret == HMAC_MIN_KEYLEN_E) { - wpa_printf(MSG_ERROR, - "wolfSSL: Password is too short. Make sure your password is at least %d characters long. This is a requirement for FIPS builds.", - HMAC_FIPS_MIN_KEY); + LOG_WOLF_ERROR_VA("wolfSSL: Password is too short. Make sure your " + "password is at least %d characters long. This is a " + "requirement for FIPS builds.", HMAC_FIPS_MIN_KEY); } return -1; } From patchwork Wed Mar 8 17:18:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754267 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=S5ivcuzF; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzdw40kdz1yWs for ; Thu, 9 Mar 2023 04:22:28 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=ju+ikVeI/dkfk+NuVa7zrpyrhpuV12jDCZpDVbgVLK4=; b=S5ivcuzFpS7a2G n29kGVWVgcRzAyCENeNsGxw9UGttm+TvBnHaERkpCyGe/VyZmUKJSuDYjdOAqzwTPnqTcY4Eg7BZs kRuTioooaAjQNsplyzxSUifI3pn+UPk70WnpH5twhh4am0kAupPUMJJ5Mw/Oe2yiE+F+2vIn2rVPk Eusnq3m4q1CfR+rFpLM02QnI1qfbGZa0yc1n8oVrfT3s93P21BM+7FYYObpwwMHKGRIVOj5OWYoq5 JRfyLDKvTpTDQrO4u8e6VpIpe1niHrbxt9O1oB1aqAeMVg2JcHM0iCOgpLpEb1sHlAXVArXH0Pwct JnODT1BKyCqM91fZMs8w==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxTt-0068E6-2I; Wed, 08 Mar 2023 17:21:37 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSV-0067d6-Fz for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:12 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSUpM65n; Wed, 08 Mar 2023 10:20:11 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3cb a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=UJmqBA65KaEb8WzTDs4A:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 09/12] wolfssl: improve error checking and logging in aes functions Date: Wed, 8 Mar 2023 18:18:47 +0100 Message-Id: <20230308171850.267577-9-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfJxtL7te/rYjcKd24NiT3yciIVUDtxSo1jH18iNmp0Af7tVeDvgjW/euBDQd/uZJ5INDKdUv+EF2eA7qGL8/v6HjmjozQZByit51LcibZYaje1Q8EIUo 5glCcgiNWxDktR88zklmM2nG6sblu7s9TelIWbiFOohLq8ZxTkuYXw1AZFgoWnBFow3P1B6cP6Oh2YTkwbwus02CAuJIIsDyNhA7xAjPdgYQ87xlvsukXGoC X2fVaVE/Ss712K8eMr2nFg== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092011_570249_27202E96 X-CRM114-Status: GOOD ( 10.39 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 62eeee6a4..14576a98d 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -453,15 +453,20 @@ int d [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 62eeee6a4..14576a98d 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -453,15 +453,20 @@ int des_encrypt(const u8 *clear, const u8 *key, u8 *cypher) void * aes_encrypt_init(const u8 *key, size_t len) { Aes *aes; + int err; if (TEST_FAIL()) return NULL; aes = os_malloc(sizeof(Aes)); - if (!aes) + if (!aes) { + LOG_WOLF_ERROR_FUNC_NULL(os_malloc); return NULL; + } - if (wc_AesSetKey(aes, key, len, NULL, AES_ENCRYPTION) < 0) { + err = wc_AesSetKey(aes, key, len, NULL, AES_ENCRYPTION); + if (err < 0) { + LOG_WOLF_ERROR_FUNC(wc_AesSetKey, err); os_free(aes); return NULL; } @@ -472,7 +477,11 @@ void * aes_encrypt_init(const u8 *key, size_t len) int aes_encrypt(void *ctx, const u8 *plain, u8 *crypt) { - wc_AesEncryptDirect(ctx, crypt, plain); + int err = wc_AesEncryptDirect(ctx, crypt, plain); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_AesEncryptDirect, err); + return -1; + } return 0; } @@ -486,15 +495,20 @@ void aes_encrypt_deinit(void *ctx) void * aes_decrypt_init(const u8 *key, size_t len) { Aes *aes; + int err; if (TEST_FAIL()) return NULL; aes = os_malloc(sizeof(Aes)); - if (!aes) + if (!aes) { + LOG_WOLF_ERROR_FUNC_NULL(os_malloc); return NULL; + } - if (wc_AesSetKey(aes, key, len, NULL, AES_DECRYPTION) < 0) { + err = wc_AesSetKey(aes, key, len, NULL, AES_DECRYPTION); + if (err < 0) { + LOG_WOLF_ERROR_FUNC(wc_AesSetKey, err); os_free(aes); return NULL; } @@ -505,7 +519,11 @@ void * aes_decrypt_init(const u8 *key, size_t len) int aes_decrypt(void *ctx, const u8 *crypt, u8 *plain) { - wc_AesDecryptDirect(ctx, plain, crypt); + int err = wc_AesDecryptDirect(ctx, plain, crypt); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_AesDecryptDirect, err); + return -1; + } return 0; } From patchwork Wed Mar 8 17:18:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754268 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=aAjG5bbc; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzfW3rqnz1yWs for ; Thu, 9 Mar 2023 04:22:59 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=RiS/rfhBwe5x/elxcu+UdVztY9v5QDLimQSpRZABa7w=; b=aAjG5bbcCvmzRZ AnHNgmA5RkbvHyGEX2v8d6sAhePHgzyZvR7io4hDckK4Id4COrvtI1cpufMKXMe1rAE0C/0TJIl8y VrNxv6XHDQwSStmK9pVNbzBAMo7rm6LRFpEotBzLmEQ188xbLGZ3d5tpyFLFmDAhBbfAm0YDOqYf0 EcWLhRPxSwPek+b8A67REgFeOFudrRItRuTNZDUOrRJjbh896EDQqcbP3wzUnswvfk6kdRmzD7CN9 MddBYjG/MlSQ42n0I62VJ3qnjX6q+MPjwVfPOetyWS8JX4/Ly2FWW3+WdF3T10FQwmRrJBvW98AdS ggLQdQfqmhLA4S5ca0sA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxUQ-0068Rz-WE; Wed, 08 Mar 2023 17:22:11 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSW-0067aa-Ps for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:16 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSVpM65s; Wed, 08 Mar 2023 10:20:12 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3cc a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=SCWwPqQA4A21Fyh6dKAA:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 10/12] wolfssl: refactor crypto ECC section Date: Wed, 8 Mar 2023 18:18:48 +0100 Message-Id: <20230308171850.267577-10-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfAOISLsm9jXpSwbkIRHsVaa0pw6Jsk2ikAfe0hJShZUnqlpqGot3ZHGeCMHs6yXWCSM3358Ccl6/+tstUETKrKtQRZlu8O2NzB6lQJmD8BHkMefRRRLD r8bIFIcgDGLwPyj03uCQTstaMBnXkyJB2WWhbXQexFj0WcwrPyy87WMOA4rhGq128IHzM4NkKeqvB/yj8MRf21zDMLPHWwsuSVNmigyOU4Ln0Uz3diY9kLpQ mKIvCsBeI3knKxSCGipevA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092012_954128_D8D63562 X-CRM114-Status: GOOD ( 21.27 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: - improve error checking - improve logging - use heap allocated objects - prefer lib functions instead of member access when possible - add more curves - check if brainpool support built - use appropr [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org - improve error checking - improve logging - use heap allocated objects - prefer lib functions instead of member access when possible - add more curves - check if brainpool support built - use appropriate functions or direct access when WOLFSSL_OLD_FIPS Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 610 ++++++++++++++++++++++++------------ 1 file changed, 402 insertions(+), 208 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 14576a98d..cacee0c8a 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -37,6 +37,12 @@ #endif #endif +#ifdef CONFIG_FIPS +#if !defined(HAVE_FIPS_VERSION) || HAVE_FIPS_VERSION <= 2 +#define WOLFSSL_OLD_FIPS +#endif +#endif + #define LOG_WOLF_ERROR_VA(msg, ...) \ wpa_printf(MSG_ERROR, "wolfSSL: %s:%d " msg, __func__, __LINE__, __VA_ARGS__) @@ -52,6 +58,40 @@ #define LOG_INVALID_PARAMETERS() \ LOG_WOLF_ERROR("invalid input parameters") +/* Helper functions to make type allocation uniform */ + +static WC_RNG * wc_rng_init(void) +{ + WC_RNG * ret; + ret = wc_rng_new(NULL, 0, NULL); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wc_rng_new); + } + return ret; +} + +static void wc_rng_deinit(WC_RNG * rng) +{ + wc_rng_free(rng); +} + +static ecc_key * ecc_key_init(void) +{ + ecc_key * ret; + ret = wc_ecc_key_new(NULL); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wc_ecc_key_new); + } + return ret; +} + +static void ecc_key_deinit(ecc_key * key) +{ + wc_ecc_key_free(key); +} + +/* end of helper functions */ + #ifndef CONFIG_FIPS int md4_vector(size_t num_elem, const u8 *addr[], const size_t *len, u8 *mac) @@ -655,7 +695,7 @@ struct crypto_cipher { }; struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, - const u8 *iv, const u8 *key, + const u8 *iv, const u8 *pubkey, size_t key_len) { struct crypto_cipher *ctx; @@ -668,8 +708,8 @@ struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, #ifndef CONFIG_NO_RC4 #ifndef NO_RC4 case CRYPTO_CIPHER_ALG_RC4: - wc_Arc4SetKey(&ctx->enc.arc4, key, key_len); - wc_Arc4SetKey(&ctx->dec.arc4, key, key_len); + wc_Arc4SetKey(&ctx->enc.arc4, pubkey, key_len); + wc_Arc4SetKey(&ctx->dec.arc4, pubkey, key_len); break; #endif /* NO_RC4 */ #endif /* CONFIG_NO_RC4 */ @@ -684,9 +724,9 @@ struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, os_free(ctx); return NULL; } - if (wc_AesSetKey(&ctx->enc.aes, key, key_len, iv, + if (wc_AesSetKey(&ctx->enc.aes, pubkey, key_len, iv, AES_ENCRYPTION) || - wc_AesSetKey(&ctx->dec.aes, key, key_len, iv, + wc_AesSetKey(&ctx->dec.aes, pubkey, key_len, iv, AES_DECRYPTION)) { os_free(ctx); return NULL; @@ -696,8 +736,8 @@ struct crypto_cipher * crypto_cipher_init(enum crypto_cipher_alg alg, #ifndef NO_DES3 case CRYPTO_CIPHER_ALG_3DES: if (key_len != DES3_KEYLEN || - wc_Des3_SetKey(&ctx->enc.des3, key, iv, DES_ENCRYPTION) || - wc_Des3_SetKey(&ctx->dec.des3, key, iv, DES_DECRYPTION)) { + wc_Des3_SetKey(&ctx->enc.des3, pubkey, iv, DES_ENCRYPTION) || + wc_Des3_SetKey(&ctx->dec.des3, pubkey, iv, DES_DECRYPTION)) { os_free(ctx); return NULL; } @@ -1060,7 +1100,7 @@ struct crypto_hash { }; -struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, +struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *pubkey, size_t key_len) { struct crypto_hash *ret = NULL; @@ -1097,7 +1137,7 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key, } if (wc_HmacInit(&hash->hmac, NULL, INVALID_DEVID) != 0 || - wc_HmacSetKey(&hash->hmac, type, key, key_len) != 0) + wc_HmacSetKey(&hash->hmac, type, pubkey, key_len) != 0) goto done; ret = hash; @@ -1479,17 +1519,49 @@ int crypto_bignum_legendre(const struct crypto_bignum *a, #ifdef CONFIG_ECC +static int crypto_ec_group_2_id(int group) +{ + switch (group) { + case 19: + return ECC_SECP256R1; + case 20: + return ECC_SECP384R1; + case 21: + return ECC_SECP521R1; + case 25: + return ECC_SECP192R1; + case 26: + return ECC_SECP224R1; +#ifdef HAVE_ECC_BRAINPOOL + case 27: + return ECC_BRAINPOOLP224R1; + case 28: + return ECC_BRAINPOOLP256R1; + case 29: + return ECC_BRAINPOOLP384R1; + case 30: + return ECC_BRAINPOOLP512R1; +#endif /* HAVE_ECC_BRAINPOOL */ + default: + LOG_WOLF_ERROR_VA("Unsupported curve (id=%d) in EC key", group); + return ECC_CURVE_INVALID; + } +} + + int ecc_map(ecc_point *, mp_int *, mp_digit); int ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, mp_int *a, mp_int *modulus, mp_digit mp); struct crypto_ec { - ecc_key key; + ecc_key* key; mp_int a; mp_int prime; mp_int order; - mp_digit mont_b; mp_int b; + mp_digit mont_b; + int curve_id; + byte ownKey:1; /* Should we free the `key` */ }; @@ -1497,59 +1569,63 @@ struct crypto_ec * crypto_ec_init(int group) { int built = 0; struct crypto_ec *e; - int curve_id; + int curve_id = crypto_ec_group_2_id(group); + int err; - /* Map from IANA registry for IKE D-H groups to OpenSSL NID */ - switch (group) { - case 19: - curve_id = ECC_SECP256R1; - break; - case 20: - curve_id = ECC_SECP384R1; - break; - case 21: - curve_id = ECC_SECP521R1; - break; - case 25: - curve_id = ECC_SECP192R1; - break; - case 26: - curve_id = ECC_SECP224R1; - break; -#ifdef HAVE_ECC_BRAINPOOL - case 27: - curve_id = ECC_BRAINPOOLP224R1; - break; - case 28: - curve_id = ECC_BRAINPOOLP256R1; - break; - case 29: - curve_id = ECC_BRAINPOOLP384R1; - break; - case 30: - curve_id = ECC_BRAINPOOLP512R1; - break; -#endif /* HAVE_ECC_BRAINPOOL */ - default: + if (curve_id == ECC_CURVE_INVALID) { + LOG_INVALID_PARAMETERS(); return NULL; } e = os_zalloc(sizeof(*e)); - if (!e) + if (!e) { + LOG_WOLF_ERROR_FUNC_NULL(os_zalloc); return NULL; + } - if (wc_ecc_init(&e->key) != 0 || - wc_ecc_set_curve(&e->key, 0, curve_id) != 0 || - mp_init(&e->a) != MP_OKAY || - mp_init(&e->prime) != MP_OKAY || - mp_init(&e->order) != MP_OKAY || - mp_init(&e->b) != MP_OKAY || - mp_read_radix(&e->a, e->key.dp->Af, 16) != MP_OKAY || - mp_read_radix(&e->b, e->key.dp->Bf, 16) != MP_OKAY || - mp_read_radix(&e->prime, e->key.dp->prime, 16) != MP_OKAY || - mp_read_radix(&e->order, e->key.dp->order, 16) != MP_OKAY || - mp_montgomery_setup(&e->prime, &e->mont_b) != MP_OKAY) + e->curve_id = curve_id; + e->ownKey = 1; + e->key = ecc_key_init(); + if (!e->key) { + LOG_WOLF_ERROR_FUNC_NULL(ecc_key_init); goto done; + } + + err = wc_ecc_set_curve(e->key, 0, curve_id); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_ecc_set_curve, err); + goto done; + } + err = mp_init_multi(&e->a, &e->prime, &e->order, &e->b, NULL, NULL); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_init_multi, err); + goto done; + } + err = mp_read_radix(&e->a, e->key->dp->Af, 16); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_read_radix, err); + goto done; + } + err = mp_read_radix(&e->b, e->key->dp->Bf, 16); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_read_radix, err); + goto done; + } + err = mp_read_radix(&e->prime, e->key->dp->prime, 16); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_read_radix, err); + goto done; + } + err = mp_read_radix(&e->order, e->key->dp->order, 16); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_read_radix, err); + goto done; + } + err = mp_montgomery_setup(&e->prime, &e->mont_b); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_montgomery_setup, err); + goto done; + } built = 1; done: @@ -1571,6 +1647,8 @@ void crypto_ec_deinit(struct crypto_ec* e) mp_clear(&e->prime); mp_clear(&e->a); wc_ecc_free(&e->key); + if (e->ownKey) + ecc_key_deinit(e->key); os_free(e); } @@ -1585,6 +1663,20 @@ struct crypto_ec_point * crypto_ec_point_init(struct crypto_ec *e) } +void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) +{ + ecc_point *point = (ecc_point *) p; + + if (!p) + return; + + if (clear) { + wc_ecc_forcezero_point(point); + } + wc_ecc_del_point(point); +} + + size_t crypto_ec_prime_len(struct crypto_ec *e) { return (mp_count_bits(&e->prime) + 7) / 8; @@ -1627,22 +1719,6 @@ const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e) } -void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) -{ - ecc_point *point = (ecc_point *) p; - - if (!p) - return; - - if (clear) { - mp_forcezero(point->x); - mp_forcezero(point->y); - mp_forcezero(point->z); - } - wc_ecc_del_point(point); -} - - int crypto_ec_point_x(struct crypto_ec *e, const struct crypto_ec_point *p, struct crypto_bignum *x) { @@ -1654,27 +1730,41 @@ int crypto_ec_point_to_bin(struct crypto_ec *e, const struct crypto_ec_point *point, u8 *x, u8 *y) { ecc_point *p = (ecc_point *) point; + int len; + int err; if (TEST_FAIL()) return -1; if (!mp_isone(p->z)) { - if (ecc_map(p, &e->prime, e->mont_b) != MP_OKAY) + err = ecc_map(p, &e->prime, e->mont_b); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(ecc_map, err); return -1; + } + } + + len = wc_ecc_get_curve_size_from_id(e->curve_id); + if (len <= 0) { + LOG_WOLF_ERROR_FUNC(wc_ecc_get_curve_size_from_id, len); + LOG_WOLF_ERROR_VA("wc_ecc_get_curve_size_from_id error for curve_id %d", e->curve_id); + return -1; } if (x) { if (crypto_bignum_to_bin((struct crypto_bignum *)p->x, x, - e->key.dp->size, - e->key.dp->size) <= 0) + (size_t)len, (size_t)len) <= 0) { + LOG_WOLF_ERROR_FUNC(crypto_bignum_to_bin, -1); return -1; + } } if (y) { if (crypto_bignum_to_bin((struct crypto_bignum *) p->y, y, - e->key.dp->size, - e->key.dp->size) <= 0) + (size_t)len, (size_t)len) <= 0) { + LOG_WOLF_ERROR_FUNC(crypto_bignum_to_bin, -1); return -1; + } } return 0; @@ -1694,10 +1784,10 @@ struct crypto_ec_point * crypto_ec_point_from_bin(struct crypto_ec *e, if (!point) goto done; - if (mp_read_unsigned_bin(point->x, val, e->key.dp->size) != MP_OKAY) + if (mp_read_unsigned_bin(point->x, val, e->key->dp->size) != MP_OKAY) goto done; - val += e->key.dp->size; - if (mp_read_unsigned_bin(point->y, val, e->key.dp->size) != MP_OKAY) + val += e->key->dp->size; + if (mp_read_unsigned_bin(point->y, val, e->key->dp->size) != MP_OKAY) goto done; mp_set(point->z, 1); @@ -1858,50 +1948,115 @@ int crypto_ec_point_cmp(const struct crypto_ec *e, struct crypto_ecdh { struct crypto_ec *ec; - WC_RNG rng; + WC_RNG* rng; }; -struct crypto_ecdh * crypto_ecdh_init(int group) -{ - struct crypto_ecdh *ecdh = NULL; - int ret; +struct crypto_ec_key { + ecc_key *eckey; + WC_RNG *rng; /* Needs to be initialized before use. + * *NOT* initialized in crypto_ec_key_init */ +}; - ecdh = os_zalloc(sizeof(*ecdh)); - if (!ecdh) - goto fail; +static struct crypto_ecdh * _crypto_ecdh_init(int group) +{ + struct crypto_ecdh *ret = NULL; + int err; - if (wc_InitRng(&ecdh->rng) != 0) - goto fail; + ret = os_zalloc(sizeof(struct crypto_ecdh)); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(os_zalloc); + return NULL; + } - ecdh->ec = crypto_ec_init(group); - if (!ecdh->ec) + ret->rng = wc_rng_init(); + if (!ret->rng) { + LOG_WOLF_ERROR_FUNC_NULL(wc_rng_init); goto fail; + } - ret = wc_ecc_make_key_ex(&ecdh->rng, ecdh->ec->key.dp->size, - &ecdh->ec->key, ecdh->ec->key.dp->id); - if (ret < 0) + ret->ec = crypto_ec_init(group); + if (!ret->ec) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_init); goto fail; + } -#if defined(ECC_TIMING_RESISTANT) && !defined(CONFIG_FIPS) - ret = wc_ecc_set_rng(&ecdh->ec->key, &ecdh->rng); - if (ret < 0) +#if defined(ECC_TIMING_RESISTANT) && !defined(WOLFSSL_OLD_FIPS) + err = wc_ecc_set_rng(ret->ec->key, ret->rng); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_ecc_set_rng, err); goto fail; -#endif /* ECC_TIMING_RESISTANT && !CONFIG_FIPS */ + } +#else + (void)err; +#endif /* ECC_TIMING_RESISTANT && !WOLFSSL_OLD_FIPS */ -done: - return ecdh; + return ret; fail: - crypto_ecdh_deinit(ecdh); - ecdh = NULL; - goto done; + crypto_ecdh_deinit(ret); + return NULL; } +struct crypto_ecdh * crypto_ecdh_init(int group) +{ + struct crypto_ecdh *ret = NULL; + int err; + + ret = _crypto_ecdh_init(group); + + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(_crypto_ecdh_init); + return NULL; + } + + err = wc_ecc_make_key_ex(ret->rng, 0, ret->ec->key, + crypto_ec_group_2_id(group)); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_make_key_ex, err); + crypto_ecdh_deinit(ret); + ret = NULL; + } + + return ret; +} + +struct crypto_ecdh * crypto_ecdh_init2(int group, struct crypto_ec_key *own_key) +{ + struct crypto_ecdh *ret = NULL; + + if (!own_key || crypto_ec_key_group(own_key) != group) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + ret = _crypto_ecdh_init(group); + if (ret) { + /* Already init'ed to the right group. Enough to substitute the key. */ + ecc_key_deinit(ret->ec->key); + ret->ec->key = own_key->eckey; + ret->ec->ownKey = 0; +#if defined(ECC_TIMING_RESISTANT) && !defined(WOLFSSL_OLD_FIPS) + if (!ret->ec->key->rng) { + int err = wc_ecc_set_rng(ret->ec->key, ret->rng); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_ecc_set_rng, err); + } + } +#endif /* ECC_TIMING_RESISTANT && !CONFIG_FIPS */ + } + + return ret; +} void crypto_ecdh_deinit(struct crypto_ecdh *ecdh) { if (ecdh) { +#if defined(ECC_TIMING_RESISTANT) && !defined(WOLFSSL_OLD_FIPS) + /* Disassociate the rng */ + if (ecdh->ec->key->rng == ecdh->rng) + (void)wc_ecc_set_rng(ecdh->ec->key, NULL); +#endif crypto_ec_deinit(ecdh->ec); - wc_FreeRng(&ecdh->rng); + wc_rng_deinit(ecdh->rng); os_free(ecdh); } } @@ -1911,20 +2066,20 @@ struct wpabuf * crypto_ecdh_get_pubkey(struct crypto_ecdh *ecdh, int inc_y) { struct wpabuf *buf = NULL; int ret; - int len = ecdh->ec->key.dp->size; + int len = ecdh->ec->key->dp->size; buf = wpabuf_alloc(inc_y ? 2 * len : len); if (!buf) goto fail; ret = crypto_bignum_to_bin((struct crypto_bignum *) - ecdh->ec->key.pubkey.x, wpabuf_put(buf, len), + ecdh->ec->key->pubkey.x, wpabuf_put(buf, len), len, len); if (ret < 0) goto fail; if (inc_y) { ret = crypto_bignum_to_bin((struct crypto_bignum *) - ecdh->ec->key.pubkey.y, + ecdh->ec->key->pubkey.y, wpabuf_put(buf, len), len, len); if (ret < 0) goto fail; @@ -1945,35 +2100,47 @@ struct wpabuf * crypto_ecdh_set_peerkey(struct crypto_ecdh *ecdh, int inc_y, int ret; struct wpabuf *pubkey = NULL; struct wpabuf *secret = NULL; - word32 key_len = ecdh->ec->key.dp->size; + word32 key_len = ecdh->ec->key->dp->size; ecc_point *point = NULL; size_t need_key_len = inc_y ? 2 * key_len : key_len; - if (len < need_key_len) + if (len < need_key_len) { + LOG_WOLF_ERROR("key len too small"); goto fail; + } pubkey = wpabuf_alloc(1 + 2 * key_len); - if (!pubkey) + if (!pubkey) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); goto fail; + } wpabuf_put_u8(pubkey, inc_y ? ECC_POINT_UNCOMP : ECC_POINT_COMP_EVEN); wpabuf_put_data(pubkey, key, need_key_len); point = wc_ecc_new_point(); - if (!point) + if (!point) { + LOG_WOLF_ERROR_FUNC_NULL(wc_ecc_new_point); goto fail; + } ret = wc_ecc_import_point_der(wpabuf_mhead(pubkey), 1 + 2 * key_len, - ecdh->ec->key.idx, point); - if (ret != MP_OKAY) + ecdh->ec->key->idx, point); + if (ret != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_import_point_der, ret); goto fail; + } secret = wpabuf_alloc(key_len); - if (!secret) + if (!secret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); goto fail; + } - ret = wc_ecc_shared_secret_ex(&ecdh->ec->key, point, + ret = wc_ecc_shared_secret_ex(ecdh->ec->key, point, wpabuf_put(secret, key_len), &key_len); - if (ret != MP_OKAY) + if (ret != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_shared_secret_ex, ret); goto fail; + } done: wc_ecc_del_point(point); @@ -1991,41 +2158,21 @@ size_t crypto_ecdh_prime_len(struct crypto_ecdh *ecdh) return crypto_ec_prime_len(ecdh->ec); } - -struct crypto_ec_key { - ecc_key *eckey; - WC_RNG *rng; /* Needs to be initialized before use. - * *NOT* initialized in crypto_ec_key_init */ -}; - - static struct crypto_ec_key * crypto_ec_key_init(void) { struct crypto_ec_key *key; key = os_zalloc(sizeof(struct crypto_ec_key)); if (key) { -#ifdef CONFIG_FIPS - key->eckey = os_zalloc(sizeof(ecc_key)); -#else /* CONFIG_FIPS */ - key->eckey = wc_ecc_key_new(NULL); -#endif /* CONFIG_FIPS */ + key->eckey = ecc_key_init(); /* Omit key->rng initialization because it seeds itself and thus * consumes entropy that may never be used. Lazy initialize when * necessary. */ if (!key->eckey) { - wpa_printf(MSG_ERROR, - "wolfSSL: crypto_ec_key_init() failed"); - crypto_ec_key_deinit(key); - key = NULL; - } -#ifdef CONFIG_FIPS - else if (wc_ecc_init_ex(key->eckey, NULL, INVALID_DEVID) != 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_ecc_init_ex failed"); + LOG_WOLF_ERROR_FUNC_NULL(ecc_key_init); crypto_ec_key_deinit(key); key = NULL; } -#endif /* CONFIG_FIPS */ } return key; } @@ -2034,32 +2181,39 @@ static struct crypto_ec_key * crypto_ec_key_init(void) void crypto_ec_key_deinit(struct crypto_ec_key *key) { if (key) { -#ifdef CONFIG_FIPS - os_free(key->rng); - os_free(key->eckey); -#else /* CONFIG_FIPS */ - wc_rng_free(key->rng); - wc_ecc_key_free(key->eckey); -#endif /* CONFIG_FIPS */ + ecc_key_deinit(key->eckey); + wc_rng_deinit(key->rng); os_free(key); } } +WC_RNG * crypto_ec_key_init_rng(struct crypto_ec_key *key) +{ + if (!key->rng) { + /* Lazy init key->rng */ + key->rng = wc_rng_init(); + if (!key->rng) { + LOG_WOLF_ERROR_FUNC_NULL(wc_rng_init); + } + } + return key->rng; +} struct crypto_ec_key * crypto_ec_key_parse_priv(const u8 *der, size_t der_len) { struct crypto_ec_key *ret; word32 idx = 0; + int err; ret = crypto_ec_key_init(); if (!ret) { - wpa_printf(MSG_ERROR, "wolfSSL: crypto_ec_key_init failed"); + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init); goto fail; } - if (wc_EccPrivateKeyDecode(der, &idx, ret->eckey, (word32) der_len) != - 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_EccPrivateKeyDecode failed"); + err = wc_EccPrivateKeyDecode(der, &idx, ret->eckey, (word32) der_len); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_EccPrivateKeyDecode, err); goto fail; } @@ -2075,8 +2229,7 @@ int crypto_ec_key_group(struct crypto_ec_key *key) { if (!key || !key->eckey || !key->eckey->dp) { - wpa_printf(MSG_ERROR, "wolfSSL: %s: invalid input parameters", - __func__); + LOG_INVALID_PARAMETERS(); return -1; } @@ -2087,54 +2240,110 @@ int crypto_ec_key_group(struct crypto_ec_key *key) return 20; case ECC_SECP521R1: return 21; + case ECC_SECP192R1: + return 25; + case ECC_SECP224R1: + return 26; +#ifdef HAVE_ECC_BRAINPOOL + case ECC_BRAINPOOLP224R1: + return 27; case ECC_BRAINPOOLP256R1: return 28; case ECC_BRAINPOOLP384R1: return 29; case ECC_BRAINPOOLP512R1: return 30; +#endif /* HAVE_ECC_BRAINPOOL */ } - wpa_printf(MSG_ERROR, "wolfSSL: Unsupported curve (id=%d) in EC key", + LOG_WOLF_ERROR_VA("Unsupported curve (id=%d) in EC key", key->eckey->dp->id); return -1; } +static int crypto_ec_key_gen_public_key(struct crypto_ec_key *key) +{ + int err; + +#ifndef WOLFSSL_OLD_FIPS + /* Have wolfSSL generate the public key to make it available for output */ + if (!crypto_ec_key_init_rng(key)) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init_rng); + return -1; + } +#endif + +#ifndef WOLFSSL_OLD_FIPS + err = wc_ecc_make_pub_ex(key->eckey, NULL, key->rng); +#else + err = wc_ecc_make_pub(key->eckey, NULL); +#endif + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_make_pub_ex, err); + return -1; + } + return 0; +} struct wpabuf * crypto_ec_key_get_subject_public_key(struct crypto_ec_key *key) { - byte *der = NULL; int der_len; struct wpabuf *ret = NULL; + int err; if (!key || !key->eckey) { - wpa_printf(MSG_ERROR, "wolfSSL: %s: invalid input parameters", - __func__); + LOG_INVALID_PARAMETERS(); goto fail; } - der_len = wc_EccPublicKeyDerSize(key->eckey, 1); - if (der_len <= 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_EccPublicKeyDerSize failed"); +#ifdef WOLFSSL_OLD_FIPS + if (key->eckey->type == ECC_PRIVATEKEY_ONLY) { + if (crypto_ec_key_gen_public_key(key) != 0) { + LOG_WOLF_ERROR_FUNC(crypto_ec_key_gen_public_key, -1); + goto fail; + } + } +#endif + + der_len = err = wc_EccPublicKeyToDer_ex(key->eckey, NULL, 0, 1, 1); + if (err == ECC_PRIVATEONLY_E) { + if (crypto_ec_key_gen_public_key(key) != 0) { + LOG_WOLF_ERROR_FUNC(crypto_ec_key_gen_public_key, -1); + goto fail; + } + der_len = err = wc_EccPublicKeyToDer_ex(key->eckey, NULL, 0, 1, 1); + } + if (err <= 0) { + LOG_WOLF_ERROR_FUNC(wc_EccPublicKeyDerSize, err); goto fail; } - der = os_malloc(der_len); - if (!der) + ret = wpabuf_alloc(der_len); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); goto fail; + } - der_len = wc_EccPublicKeyToDer(key->eckey, der, der_len, 1); - if (der_len <= 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_EccPublicKeyToDer failed"); + err = wc_EccPublicKeyToDer_ex(key->eckey, wpabuf_mhead(ret), der_len, 1, 1); + if (err == ECC_PRIVATEONLY_E) { + if (crypto_ec_key_gen_public_key(key) != 0) { + LOG_WOLF_ERROR_FUNC(crypto_ec_key_gen_public_key, -1); + goto fail; + } + err = wc_EccPublicKeyToDer_ex(key->eckey, wpabuf_mhead(ret), der_len, 1, 1); + } + if (err <= 0) { + LOG_WOLF_ERROR_FUNC(wc_EccPublicKeyToDer, err); goto fail; } + der_len = err; + wpabuf_put(ret, der_len); - ret = wpabuf_alloc_copy(der, der_len); - os_free(der); return ret; fail: - os_free(der); + if (ret) + wpabuf_free(ret); return NULL; } @@ -2143,16 +2352,17 @@ struct crypto_ec_key * crypto_ec_key_parse_pub(const u8 *der, size_t der_len) { word32 idx = 0; struct crypto_ec_key *ret = NULL; + int err; ret = crypto_ec_key_init(); if (!ret) { - wpa_printf(MSG_ERROR, "wolfSSL: crypto_ec_key_init failed"); + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init); goto fail; } - if (wc_EccPublicKeyDecode(der, &idx, ret->eckey, (word32) der_len) != 0) - { - wpa_printf(MSG_ERROR, "wolfSSL: wc_EccPublicKeyDecode failed"); + err = wc_EccPublicKeyDecode(der, &idx, ret->eckey, (word32) der_len); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_EccPublicKeyDecode, err); goto fail; } @@ -2166,60 +2376,46 @@ fail: struct wpabuf * crypto_ec_key_sign(struct crypto_ec_key *key, const u8 *data, size_t len) { - byte *der = NULL; int der_len; + int err; word32 w32_der_len; struct wpabuf *ret = NULL; if (!key || !key->eckey || !data || len == 0) { - wpa_printf(MSG_ERROR, "wolfSSL: %s: invalid input parameters", - __func__); + LOG_INVALID_PARAMETERS(); goto fail; } - if (!key->rng) { - /* Lazy init key->rng */ -#ifdef CONFIG_FIPS - key->rng = os_zalloc(sizeof(WC_RNG)); -#else /* CONFIG_FIPS */ - key->rng = wc_rng_new(NULL, 0, NULL); -#endif /* CONFIG_FIPS */ - if (!key->rng) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_rng_new failed"); - goto fail; - } -#ifdef CONFIG_FIPS - if (wc_InitRng(key->rng) != 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_InitRng failed"); - goto fail; - } -#endif /* CONFIG_FIPS */ + if (!crypto_ec_key_init_rng(key)) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init_rng); + goto fail; } der_len = wc_ecc_sig_size(key->eckey); if (der_len <= 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_ecc_sig_size failed"); + LOG_WOLF_ERROR_FUNC(wc_ecc_sig_size, der_len); goto fail; } - der = os_malloc(der_len); - if (!der) + ret = wpabuf_alloc(der_len); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); goto fail; + } - w32_der_len = (word32) der_len; - if (wc_ecc_sign_hash(data, len, der, &w32_der_len, key->rng, key->eckey) - != 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_ecc_sign_hash failed"); + w32_der_len = (word32)der_len; + err = wc_ecc_sign_hash(data, len, wpabuf_mhead(ret), &w32_der_len, + key->rng, key->eckey); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_ecc_sign_hash, err); goto fail; } + wpabuf_put(ret, w32_der_len); - ret = wpabuf_alloc_copy(der, der_len); - os_free(der); - if (!ret) - wpa_printf(MSG_ERROR, "wolfSSL: wpabuf_alloc_copy failed"); return ret; fail: - os_free(der); + if (ret) + wpabuf_free(ret); return NULL; } @@ -2230,20 +2426,18 @@ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, int res = 0; if (!key || !key->eckey || !data || len == 0 || !sig || sig_len == 0) { - wpa_printf(MSG_ERROR, "wolfSSL: %s: invalid input parameters", - __func__); + LOG_INVALID_PARAMETERS(); return -1; } if (wc_ecc_verify_hash(sig, sig_len, data, len, &res, key->eckey) != 0) { - wpa_printf(MSG_ERROR, "wolfSSL: wc_ecc_verify_hash failed"); + LOG_WOLF_ERROR("wc_ecc_verify_hash failed"); return -1; } if (res != 1) - wpa_printf(MSG_DEBUG, - "wolfSSL: crypto_ec_key_verify_signature failed"); + LOG_WOLF_ERROR("crypto_ec_key_verify_signature failed"); return res; } From patchwork Wed Mar 8 17:18:49 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754269 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=ceg6/QSg; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzg65FYXz1yWs for ; Thu, 9 Mar 2023 04:23:30 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=WTHYr+cixXmpn0MVh6ODBA5CHE4f6H+zOtug4JgJKcg=; b=ceg6/QSgWjPhZb NztISbedZg2g5F9BmxtkQHqBPMlBTrUZxFMf+RoHbRAXejE/7Gq1HpCrMwGLz35p0q5wTqRPXS0Zt bdxRYAHVslKg3Bkq52KbytO5tMHP14akaaoq1h+lGCrYB31sVcEwfjzYzFXsNI/whMUgctQzOcFGW +4SpqTfMjAU/KD+8J06wZmzz/12UtPai2fm6PCfTaSFzKO4PG8axSlK8KA9pklu47S1a/ivMZta7a M6uHpZiyAa+4moqx49VjvpOxqGiUhqamIvSwWuKCLIfaCfRk3I4VwcZ2zSFkbh3y5BYxiEuvdg3Co y9vB0K/A4JXjGH+A+Gdg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxUo-0068cZ-Jn; Wed, 08 Mar 2023 17:22:34 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSX-0067d6-Tu for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:17 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSWpM65x; Wed, 08 Mar 2023 10:20:13 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3cd a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=PDyUt09OAAAA:8 a=Z5UjgjsIdn17D_rwwr4A:9 a=on_vo79ac8RWgsiwd8Ea:22 a=D46ruGw-6LEkNg1KE2J-:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 11/12] wolfssl: implement DPP backend functions Date: Wed, 8 Mar 2023 18:18:49 +0100 Message-Id: <20230308171850.267577-11-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfBVyt7rkI9v+Td7Z6L5/es+7g9NjPoNaDyBvc865jsdERvBoBmSP43AMqYBszihd/Fx6UDPaz4X0QFpq7KKZTiGZro+GCZshqv7oRqLL0WagkYcmBokx mxZvkHSTeCnDovBp/Ly9dSr0mSJCFk6p93Rs7QdtK4gtmsFCnWijj3KW7DwgDKOWQ/d1YETvT7ADa4s9Tq4qBaRVlMUmP32YFZ1ZJvm5i3sFMGkzCzBx4tTl pK/5va/ZeFfbXU13ZUnLpg== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092014_043613_42A7E9BD X-CRM114-Status: GOOD ( 20.04 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 960 +++++++++++++++++++++++++++++++++++- 1 file changed, 958 insertions(+), 2 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index cacee0c8a..7d3672f01 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -10,6 +10,7 @@ Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 960 +++++++++++++++++++++++++++++++++++- 1 file changed, 958 insertions(+), 2 deletions(-) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index cacee0c8a..7d3672f01 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -10,6 +10,7 @@ #include "common.h" #include "crypto.h" +#include "tls/asn1.h" /* wolfSSL headers */ #include /* options.h needs to be included first */ @@ -1555,6 +1556,9 @@ int ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, struct crypto_ec { ecc_key* key; +#ifdef CONFIG_DPP + ecc_point* g; /* Only used in DPP for now */ +#endif mp_int a; mp_int prime; mp_int order; @@ -1596,6 +1600,18 @@ struct crypto_ec * crypto_ec_init(int group) LOG_WOLF_ERROR_FUNC(wc_ecc_set_curve, err); goto done; } +#ifdef CONFIG_DPP + e->g = wc_ecc_new_point(); + if (!e->g) { + LOG_WOLF_ERROR_FUNC_NULL(wc_ecc_new_point); + goto done; + } + err = wc_ecc_get_generator(e->g, wc_ecc_get_curve_idx(curve_id)); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_get_generator, err); + goto done; + } +#endif err = mp_init_multi(&e->a, &e->prime, &e->order, &e->b, NULL, NULL); if (err != MP_OKAY) { LOG_WOLF_ERROR_FUNC(mp_init_multi, err); @@ -1646,7 +1662,9 @@ void crypto_ec_deinit(struct crypto_ec* e) mp_clear(&e->order); mp_clear(&e->prime); mp_clear(&e->a); - wc_ecc_free(&e->key); +#ifdef CONFIG_DPP + wc_ecc_del_point(e->g); +#endif if (e->ownKey) ecc_key_deinit(e->key); os_free(e); @@ -1719,6 +1737,14 @@ const struct crypto_bignum * crypto_ec_get_b(struct crypto_ec *e) } +#ifdef CONFIG_DPP +const struct crypto_ec_point * crypto_ec_get_generator(struct crypto_ec *e) +{ + return (const struct crypto_ec_point *) e->g; +} +#endif + + int crypto_ec_point_x(struct crypto_ec *e, const struct crypto_ec_point *p, struct crypto_bignum *x) { @@ -2441,9 +2467,939 @@ int crypto_ec_key_verify_signature(struct crypto_ec_key *key, const u8 *data, return res; } - #endif /* CONFIG_ECC */ +#ifdef CONFIG_DPP +struct wpabuf * crypto_ec_key_get_ecprivate_key(struct crypto_ec_key *key, + bool include_pub) +{ + int len; + int err; + struct wpabuf * ret = NULL; + + if (!key || !key->eckey) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + +#ifdef WOLFSSL_OLD_FIPS + if (key->eckey->type != ECC_PRIVATEKEY && key->eckey->type != ECC_PRIVATEKEY_ONLY) { + LOG_INVALID_PARAMETERS(); + return NULL; + } +#endif + + len = err = wc_EccKeyDerSize(key->eckey, include_pub); + if (err == ECC_PRIVATEONLY_E && include_pub) { + if (crypto_ec_key_gen_public_key(key) != 0) { + LOG_WOLF_ERROR_FUNC(crypto_ec_key_gen_public_key, -1); + return NULL; + } + len = err = wc_EccKeyDerSize(key->eckey, include_pub); + } + if (err <= 0) { + /* Exception for BAD_FUNC_ARG because higher levels blindly call this + * function to determine if this is a private key or not. BAD_FUNC_ARG + * most probably means that key->eckey is a public key not private. */ + if (err != BAD_FUNC_ARG) + LOG_WOLF_ERROR_FUNC(wc_EccKeyDerSize, err); + return NULL; + } + + ret = wpabuf_alloc(len); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); + return NULL; + } + + if (include_pub) + err = wc_EccKeyToDer(key->eckey, wpabuf_put(ret, len), len); + else + err = wc_EccPrivateKeyToDer(key->eckey, wpabuf_put(ret, len), len); + + if (err != len) { + LOG_WOLF_ERROR_VA("%s failed with err: %d", include_pub ? + "wc_EccKeyToDer" : "wc_EccPrivateKeyToDer", err); + wpabuf_free(ret); + ret = NULL; + } + + return ret; +} + +struct wpabuf * crypto_ec_key_get_pubkey_point(struct crypto_ec_key *key, + int prefix) +{ + int err; + word32 len = 0; + struct wpabuf * ret = NULL; + + if (!key || !key->eckey) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + err = wc_ecc_export_x963(key->eckey, NULL, &len); + if (err != LENGTH_ONLY_E) { + LOG_WOLF_ERROR_FUNC(wc_ecc_export_x963, err); + goto fail; + } + + ret = wpabuf_alloc(len); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); + goto fail; + } + + err = wc_ecc_export_x963(key->eckey, wpabuf_mhead(ret), &len); + if (err == ECC_PRIVATEONLY_E) { + if (crypto_ec_key_gen_public_key(key) != 0) { + LOG_WOLF_ERROR_FUNC(crypto_ec_key_gen_public_key, -1); + goto fail; + } + err = wc_ecc_export_x963(key->eckey, wpabuf_mhead(ret), &len); + } + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_export_x963, err); + goto fail; + } + + if (!prefix) + os_memmove(wpabuf_mhead(ret), wpabuf_mhead_u8(ret) + 1, (size_t)--len); + wpabuf_put(ret, len); + + return ret; + +fail: + if (ret) + wpabuf_free(ret); + return NULL; +} + +struct crypto_ec_key * crypto_ec_key_set_pub(int group, const u8 *x, + const u8 *y, size_t len) +{ + struct crypto_ec_key * ret = NULL; + int curve_id = crypto_ec_group_2_id(group); + int err; + + if (!x || !y || len == 0 || curve_id == ECC_CURVE_INVALID || + wc_ecc_get_curve_size_from_id(curve_id) != len) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + ret = crypto_ec_key_init(); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init); + return NULL; + } + + /* Cast necessary for FIPS API */ + err = wc_ecc_import_unsigned(ret->eckey, (u8*)x, (u8*)y, NULL, curve_id); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_import_unsigned, err); + crypto_ec_key_deinit(ret); + return NULL; + } + + return ret; +} + + +int crypto_ec_key_cmp(struct crypto_ec_key *key1, struct crypto_ec_key *key2) +{ + int ret; + struct wpabuf * key1_buf = crypto_ec_key_get_subject_public_key(key1); + struct wpabuf * key2_buf = crypto_ec_key_get_subject_public_key(key2); + + if ((key1 && !key1_buf) || (key2 && !key2_buf)) { + LOG_WOLF_ERROR("crypto_ec_key_get_subject_public_key failed"); + return -1; + } + + ret = wpabuf_cmp(key1_buf, key2_buf); + if (ret != 0) + ret = -1; /* Default to -1 for different keys */ + + wpabuf_clear_free(key1_buf); + wpabuf_clear_free(key2_buf); + return ret; +} + +/* wolfSSL doesn't have a pretty print function for keys so just print out the + * PEM of the private key. */ +void crypto_ec_key_debug_print(const struct crypto_ec_key *key, + const char *title) +{ + struct wpabuf * key_buf; + struct wpabuf * out = NULL; + int err; + int pem_len; + + if (!key || !key->eckey) { + LOG_INVALID_PARAMETERS(); + return; + } + + if (key->eckey->type == ECC_PUBLICKEY) + key_buf = crypto_ec_key_get_subject_public_key((struct crypto_ec_key *)key); + else + key_buf = crypto_ec_key_get_ecprivate_key((struct crypto_ec_key *)key, 1); + + if (!key_buf) { + LOG_WOLF_ERROR_VA("%s has returned NULL", key->eckey->type == ECC_PUBLICKEY ? + "crypto_ec_key_get_subject_public_key" : "crypto_ec_key_get_ecprivate_key"); + goto fail; + } + + if (!title) + title = ""; + + err = wc_DerToPem(wpabuf_head(key_buf), wpabuf_len(key_buf), NULL, 0, + ECC_TYPE); + if (err <= 0) { + LOG_WOLF_ERROR_FUNC(wc_DerToPem, err); + goto fail; + } + pem_len = err; + + out = wpabuf_alloc(pem_len + 1); + if (!out) { + LOG_WOLF_ERROR_FUNC_NULL(wc_DerToPem); + goto fail; + } + + err = wc_DerToPem(wpabuf_head(key_buf), wpabuf_len(key_buf), + wpabuf_mhead(out), pem_len, ECC_TYPE); + if (err <= 0) { + LOG_WOLF_ERROR_FUNC(wc_DerToPem, err); + goto fail; + } + + wpabuf_mhead_u8(out)[err] = '\0'; + wpabuf_put(out, err + 1); + wpa_printf(MSG_DEBUG, "%s:\n%s", title, (char*)wpabuf_head(out)); + +fail: + if (key_buf) + wpabuf_clear_free(key_buf); + if (out) + wpabuf_clear_free(out); +} + + +void crypto_ec_point_debug_print(const struct crypto_ec *e, + const struct crypto_ec_point *p, const char *title) +{ + u8 x[ECC_MAXSIZE]; + u8 y[ECC_MAXSIZE]; + int coord_size; + int err; + + if (!p || !e) { + LOG_INVALID_PARAMETERS(); + return; + } + + coord_size = e->key->dp->size; + + if (!title) + title = ""; + + err = crypto_ec_point_to_bin((struct crypto_ec *)e, p, x, y); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(crypto_ec_point_to_bin, err); + return; + } + + wpa_hexdump(MSG_DEBUG, title, x, coord_size); + wpa_hexdump(MSG_DEBUG, title, y, coord_size); +} + +struct crypto_ec_key * crypto_ec_key_gen(int group) +{ + int curve_id = crypto_ec_group_2_id(group); + int err; + struct crypto_ec_key * ret = NULL; + + if (curve_id == ECC_CURVE_INVALID) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + ret = crypto_ec_key_init(); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init); + return NULL; + } + + if (!crypto_ec_key_init_rng(ret)) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init_rng); + goto fail; + } + + err = wc_ecc_make_key_ex(ret->rng, 0, ret->eckey, curve_id); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_make_key_ex, err); + goto fail; + } + + return ret; +fail: + if (ret) + crypto_ec_key_deinit(ret); + return NULL; +} + +int crypto_ec_key_verify_signature_r_s(struct crypto_ec_key *key, + const u8 *data, size_t len, + const u8 *r, size_t r_len, + const u8 *s, size_t s_len) +{ + int err; + u8 sig[ECC_MAX_SIG_SIZE]; + word32 sig_len = ECC_MAX_SIG_SIZE; + + if (!key || !key->eckey || !data || !len || !r || !r_len || !s || !s_len) { + LOG_INVALID_PARAMETERS(); + return -1; + } + + err = wc_ecc_rs_raw_to_sig(r, r_len, s, s_len, sig, &sig_len); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_rs_raw_to_sig, err); + return -1; + } + + return crypto_ec_key_verify_signature(key, data, len, sig, sig_len); +} + + +struct crypto_ec_point * crypto_ec_key_get_public_key(struct crypto_ec_key *key) +{ + ecc_point *point = NULL; + int err; + u8 *der = NULL; + word32 der_len = 0; + + if (!key || !key->eckey || !key->eckey->dp) { + LOG_INVALID_PARAMETERS(); + goto fail; + } + + err = wc_ecc_export_x963(key->eckey, NULL, &der_len); + if (err != LENGTH_ONLY_E) { + LOG_WOLF_ERROR_FUNC(wc_ecc_export_x963, err); + goto fail; + } + + der = os_malloc(der_len); + if (!der) { + LOG_WOLF_ERROR_FUNC_NULL(os_malloc); + goto fail; + } + + err = wc_ecc_export_x963(key->eckey, der, &der_len); + if (err == ECC_PRIVATEONLY_E) { + if (crypto_ec_key_gen_public_key(key) != 0) { + LOG_WOLF_ERROR_FUNC(crypto_ec_key_gen_public_key, -1); + goto fail; + } + err = wc_ecc_export_x963(key->eckey, der, &der_len); + } + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_export_x963, err); + goto fail; + } + + point = wc_ecc_new_point(); + if (!point) { + LOG_WOLF_ERROR_FUNC_NULL(wc_ecc_new_point); + goto fail; + } + + err = wc_ecc_import_point_der(der, der_len, key->eckey->idx, point); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_import_point_der, err); + goto fail; + } + + os_free(der); + return (struct crypto_ec_point *) point; + +fail: + if (der) + os_free(der); + if (point) + wc_ecc_del_point(point); + return NULL; +} + +struct crypto_bignum * crypto_ec_key_get_private_key(struct crypto_ec_key *key) +{ + u8 priv[ECC_MAXSIZE]; + word32 priv_len = ECC_MAXSIZE; +#ifdef WOLFSSL_OLD_FIPS + /* Needed to be compliant with the old API */ + u8 qx[ECC_MAXSIZE]; + word32 qx_len = ECC_MAXSIZE; + u8 qy[ECC_MAXSIZE]; + word32 qy_len = ECC_MAXSIZE; +#endif + struct crypto_bignum * ret = NULL; + int err; + + if (!key || !key->eckey) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + +#ifndef WOLFSSL_OLD_FIPS + err = wc_ecc_export_private_raw(key->eckey, NULL, NULL, NULL, NULL, priv, &priv_len); +#else + err = wc_ecc_export_private_raw(key->eckey, qx, &qx_len, qy, &qy_len, priv, &priv_len); +#endif + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_export_private_raw, err); + return NULL; + } + + ret = crypto_bignum_init_set(priv, priv_len); + os_memset(priv, 0, priv_len); + return ret; +} + +struct wpabuf * crypto_ec_key_sign_r_s(struct crypto_ec_key *key, + const u8 *data, size_t len) +{ + int err; + u8 success = 0; + mp_int r; + mp_int s; + u8 rs_init = 0; + int sz; + struct wpabuf * ret = NULL; + + if (!key || !key->eckey || !key->eckey->dp || !data || !len) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + sz = key->eckey->dp->size; + + if (!crypto_ec_key_init_rng(key)) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init_rng); + goto fail; + } + + err = mp_init_multi(&r, &s, NULL, NULL, NULL, NULL); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_init_multi, err); + goto fail; + } + rs_init = 1; + + err = wc_ecc_sign_hash_ex(data, len, key->rng, key->eckey, &r, &s); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_sign_hash_ex, err); + goto fail; + } + + if (mp_unsigned_bin_size(&r) > sz || mp_unsigned_bin_size(&s) > sz) { + LOG_WOLF_ERROR_VA("Unexpected size of r or s (%d %d %d)", sz, + mp_unsigned_bin_size(&r), mp_unsigned_bin_size(&s)); + goto fail; + } + + ret = wpabuf_alloc(2 * sz); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); + goto fail; + } + + err = mp_to_unsigned_bin_len(&r, wpabuf_put(ret, sz), sz); + if (err == MP_OKAY) + err = mp_to_unsigned_bin_len(&s, wpabuf_put(ret, sz), sz); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_sign_hash_ex, err); + goto fail; + } + + success = 1; +fail: + if (rs_init) { + mp_free(&r); + mp_free(&s); + } + if (!success) { + wpabuf_free(ret); + ret = NULL; + } + + return ret; +} + +struct crypto_ec_key * +crypto_ec_key_set_pub_point(struct crypto_ec *e, + const struct crypto_ec_point *pub) +{ + struct crypto_ec_key * ret = NULL; + int err; + byte* buf = NULL; + word32 buf_len = 0; + + if (!e || !pub) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + /* Export to DER to not mess with wolfSSL internals */ + err = wc_ecc_export_point_der(wc_ecc_get_curve_idx(e->curve_id), + (ecc_point*)pub, NULL, &buf_len); + if (err != LENGTH_ONLY_E || !buf_len) { + LOG_WOLF_ERROR_FUNC(wc_ecc_export_point_der, err); + goto fail; + } + + buf = os_malloc(buf_len); + if (!buf) { + LOG_WOLF_ERROR_FUNC_NULL(os_malloc); + goto fail; + } + + err = wc_ecc_export_point_der(wc_ecc_get_curve_idx(e->curve_id), + (ecc_point*)pub, buf, &buf_len); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_export_point_der, err); + goto fail; + } + + ret = crypto_ec_key_init(); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init); + goto fail; + } + + err = wc_ecc_import_x963_ex(buf, buf_len, ret->eckey, e->curve_id); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(wc_ecc_import_x963_ex, err); + goto fail; + } + + os_free(buf); + return ret; + +fail: + if (buf) + os_free(buf); + if (ret) + crypto_ec_key_deinit(ret); + return NULL; +} + +struct wpabuf * crypto_pkcs7_get_certificates(const struct wpabuf *pkcs7) +{ + PKCS7* p7 = NULL; + struct wpabuf * ret = NULL; + int err = 0; + int totalSz = 0; + int i; + + if (!pkcs7) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + p7 = wc_PKCS7_New(NULL, INVALID_DEVID); + if (!p7) { + LOG_WOLF_ERROR_FUNC_NULL(wc_PKCS7_New); + return NULL; + } + + err = wc_PKCS7_VerifySignedData(p7, (byte*)wpabuf_head(pkcs7), + wpabuf_len(pkcs7)); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_PKCS7_VerifySignedData, err); + wc_PKCS7_Free(p7); + goto fail; + } + + /* Need to access p7 members directly */ + for (i = 0; i < MAX_PKCS7_CERTS; i++) { + if (p7->certSz[i] == 0) + continue; + err = wc_DerToPem(p7->cert[i], p7->certSz[i], NULL, 0, CERT_TYPE); + if (err > 0) + totalSz += err; + else { + LOG_WOLF_ERROR_FUNC(wc_DerToPem, err); + goto fail; + } + } + + if (totalSz == 0) { + LOG_WOLF_ERROR("No certificates found in PKCS7 input"); + goto fail; + } + + ret = wpabuf_alloc(totalSz); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc); + goto fail; + } + + /* Need to access p7 members directly */ + for (i = 0; i < MAX_PKCS7_CERTS; i++) { + if (p7->certSz[i] == 0) + continue; + err = wc_DerToPem(p7->cert[i], p7->certSz[i], + /* Not using wpabuf_put here so that wpabuf_overflow isn't + * called in case of a size mismatch. wc_DerToPem checks if the + * output is large enough internally. */ + wpabuf_mhead_u8(ret) + wpabuf_len(ret), wpabuf_tailroom(ret), + CERT_TYPE); + if (err > 0) + wpabuf_put(ret, err); + else { + LOG_WOLF_ERROR_FUNC(wc_DerToPem, err); + wpabuf_free(ret); + ret = NULL; + goto fail; + } + } + +fail: + if (p7) + wc_PKCS7_Free(p7); + return ret; +} + +/* BEGIN Certificate Signing Request (CSR) APIs */ + +enum cert_type { + cert_type_none = 0, + cert_type_decoded_cert, + cert_type_cert, +}; + +struct crypto_csr { + union { + DecodedCert dc; /* For parsed csr should be read-only for higher levels */ + Cert c; /* For generating a csr */ + } req; + enum cert_type type; + struct crypto_ec_key *pubkey; +}; + +/* Helper function to make sure that the correct type is initialized */ +static void crypto_csr_init_type(struct crypto_csr * csr, enum cert_type type, + const byte* source, word32 inSz) +{ + int err; + if (csr->type == type) + return; /* Already correct type */ + switch (csr->type) { + case cert_type_decoded_cert: + wc_FreeDecodedCert(&csr->req.dc); + break; + case cert_type_cert: +#ifdef WOLFSSL_CERT_GEN_CACHE + wc_SetCert_Free(&csr->req.c); +#endif + break; + case cert_type_none: + break; + } + switch (type) { + case cert_type_decoded_cert: + wc_InitDecodedCert(&csr->req.dc, source, inSz, NULL); + break; + case cert_type_cert: + err = wc_InitCert(&csr->req.c); + if (err != 0) + LOG_WOLF_ERROR_FUNC(wc_InitCert, err); + break; + case cert_type_none: + break; + } + csr->type = type; +} + +struct crypto_csr * crypto_csr_init(void) +{ + struct crypto_csr * ret = os_malloc(sizeof(struct crypto_csr)); + + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(os_malloc); + return NULL; + } + + ret->type = cert_type_none; + crypto_csr_init_type(ret, cert_type_cert, NULL, 0); + ret->pubkey = NULL; + + return ret; +} + +void crypto_csr_deinit(struct crypto_csr *csr) +{ + if (csr) { + crypto_csr_init_type(csr, cert_type_none, NULL, 0); + if (csr->pubkey) + crypto_ec_key_deinit(csr->pubkey); + os_free(csr); + } +} + +int crypto_csr_set_ec_public_key(struct crypto_csr *csr, + struct crypto_ec_key *key) +{ + struct wpabuf * der = NULL; + + if (!csr || !key || !key->eckey) { + LOG_INVALID_PARAMETERS(); + return -1; + } + + if (csr->pubkey) { + crypto_ec_key_deinit(csr->pubkey); + csr->pubkey = NULL; + } + + /* Create copy of key to mitigate use-after-free errors */ + der = crypto_ec_key_get_subject_public_key(key); + if (!der) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_get_subject_public_key); + return -1; + } + + csr->pubkey = crypto_ec_key_parse_pub(wpabuf_head(der), wpabuf_len(der)); + + wpabuf_free(der); + if (!csr->pubkey) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_parse_pub); + return -1; + } + return 0; +} + +int crypto_csr_set_name(struct crypto_csr *csr, enum crypto_csr_name type, + const char *name) +{ + int name_len; + char *dest; + + if (!csr || !name) { + LOG_INVALID_PARAMETERS(); + return -1; + } + + if (csr->type != cert_type_cert) { + LOG_WOLF_ERROR_VA("csr is incorrect type (%d)", csr->type); + return -1; + } + + name_len = os_strlen(name); + if (name_len >= CTC_NAME_SIZE) { + LOG_WOLF_ERROR("name input too long"); + return -1; + } + + switch (type) { + case CSR_NAME_CN: + dest = csr->req.c.subject.commonName; + break; + case CSR_NAME_SN: + dest = csr->req.c.subject.sur; + break; + case CSR_NAME_C: + dest = csr->req.c.subject.country; + break; + case CSR_NAME_O: + dest = csr->req.c.subject.org; + break; + case CSR_NAME_OU: + dest = csr->req.c.subject.unit; + break; + default: + LOG_INVALID_PARAMETERS(); + return -1; + } + + os_memcpy(dest, name, name_len); + dest[name_len] = '\0'; + + return 0; +} + +int crypto_csr_set_attribute(struct crypto_csr *csr, enum crypto_csr_attr attr, + int attr_type, const u8 *value, size_t len) +{ + if (!csr || attr_type != ASN1_TAG_UTF8STRING || !value || len >= CTC_NAME_SIZE) { + LOG_INVALID_PARAMETERS(); + return -1; + } + + if (csr->type != cert_type_cert) { + LOG_WOLF_ERROR_VA("csr is incorrect type (%d)", csr->type); + return -1; + } + + switch (attr) { + case CSR_ATTR_CHALLENGE_PASSWORD: + os_memcpy(csr->req.c.challengePw, value, len); + csr->req.c.challengePw[len] = '\0'; + break; + default: + return -1; + } + + return 0; +} + +const u8 * crypto_csr_get_attribute(struct crypto_csr *csr, + enum crypto_csr_attr attr, + size_t *len, int *type) +{ + if (!csr || !len || !type) { + LOG_INVALID_PARAMETERS(); + return NULL;; + } + + switch (attr) { + case CSR_ATTR_CHALLENGE_PASSWORD: + switch (csr->type) { + case cert_type_decoded_cert: + *type = ASN1_TAG_UTF8STRING; + *len = csr->req.dc.cPwdLen; + return (u8*)csr->req.dc.cPwd; + case cert_type_cert: + *type = ASN1_TAG_UTF8STRING; + *len = os_strlen(csr->req.c.challengePw); + return (u8*)csr->req.c.challengePw; + case cert_type_none: + return NULL; + } + default: + return NULL; + } +} + +struct wpabuf * crypto_csr_sign(struct crypto_csr *csr, + struct crypto_ec_key *key, + enum crypto_hash_alg algo) +{ + int err; + int len; + u8 * buf = NULL; + int buf_len; + struct wpabuf * ret = NULL; + + if (!csr || !key || !key->eckey) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + if (csr->type != cert_type_cert) { + LOG_WOLF_ERROR_VA("csr is incorrect type (%d)", csr->type); + return NULL; + } + + if (!crypto_ec_key_init_rng(key)) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_ec_key_init_rng); + return NULL; + } + + switch (algo) { + case CRYPTO_HASH_ALG_SHA256: + csr->req.c.sigType = CTC_SHA256wECDSA; + break; + case CRYPTO_HASH_ALG_SHA384: + csr->req.c.sigType = CTC_SHA384wECDSA; + break; + case CRYPTO_HASH_ALG_SHA512: + csr->req.c.sigType = CTC_SHA512wECDSA; + break; + default: + LOG_INVALID_PARAMETERS(); + return NULL; + } + + /* Pass in large value that is guaranteed to be larger than the necessary buffer */ + err = wc_MakeCertReq(&csr->req.c, NULL, 100000, NULL, csr->pubkey->eckey); + if (err <= 0) { + LOG_WOLF_ERROR_FUNC(wc_MakeCertReq, err); + goto fail; + } + len = err; + + buf_len = len + MAX_SEQ_SZ * 2 + MAX_ENCODED_SIG_SZ; + buf = os_malloc(buf_len); + if (!buf) { + LOG_WOLF_ERROR_FUNC_NULL(os_malloc); + goto fail; + } + + err = wc_MakeCertReq(&csr->req.c, buf, buf_len, NULL, csr->pubkey->eckey); + if (err <= 0) { + LOG_WOLF_ERROR_FUNC(wc_MakeCertReq, err); + goto fail; + } + len = err; + + err = wc_SignCert(len, csr->req.c.sigType, buf, buf_len, NULL, key->eckey, key->rng); + if (err <= 0) { + LOG_WOLF_ERROR_FUNC(wc_SignCert, err); + goto fail; + } + len = err; + + ret = wpabuf_alloc_copy(buf, len); + if (!ret) { + LOG_WOLF_ERROR_FUNC_NULL(wpabuf_alloc_copy); + goto fail; + } + +fail: + if (buf) + os_free(buf); + return ret; +} + +struct crypto_csr * crypto_csr_verify(const struct wpabuf *req) +{ + struct crypto_csr * csr = NULL; + int err; + + if (!req) { + LOG_INVALID_PARAMETERS(); + return NULL; + } + + csr = crypto_csr_init(); + if (!csr) { + LOG_WOLF_ERROR_FUNC_NULL(crypto_csr_init); + goto fail; + } + + crypto_csr_init_type(csr, cert_type_decoded_cert, wpabuf_head(req), wpabuf_len(req)); + err = wc_ParseCert(&csr->req.dc, CERTREQ_TYPE, VERIFY, NULL); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_ParseCert, err); + goto fail; + } + + return csr; +fail: + if (csr) + crypto_csr_deinit(csr); + return NULL; +} + +/* END Certificate Signing Request (CSR) APIs */ + +#endif /* CONFIG_DPP */ void crypto_unload(void) { From patchwork Wed Mar 8 17:18:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Juliusz Sosinowicz X-Patchwork-Id: 1754270 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=HxcrnAlD; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PWzgV6W2fz1yWs for ; Thu, 9 Mar 2023 04:23:50 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=TlWL772YydO4moVuZ2xKjmrvP3QQQPN4WW8xa3Kl5ms=; b=HxcrnAlDv/50fl nfCvaOq2KeOcL4MuXJOier6YtMSU48g/LOyFMe2LInwxxWuz1awurSImalo1JJafrPA/7PoWq7S9e hydHzXoji0fgWyMTOy1OMns2g7RVUUHzExrPXOexIFafugEM5QayRmqIl9+37Tat6qSnasXcviLFY lp2b6hst/itJ/4j7CKg8Eom/eGCoPWlyKONGjMfLBC8Abh12c7I5TD+H54EdXYtYcAhOBr7h+2egD IK5IyWMKyG33GSjXToZWqs1ygQ+quzlHUNo80e7dVnw4wCscXGfCJfyDO+dY7SAWCm9f7oAxDk5rk nwiTiIaBZgrQtPvlctgw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxV8-0068n9-5p; Wed, 08 Mar 2023 17:22:54 +0000 Received: from p3plsmtpa07-08.prod.phx3.secureserver.net ([173.201.192.237]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1pZxSZ-0067gj-74 for hostap@lists.infradead.org; Wed, 08 Mar 2023 17:20:17 +0000 Received: from localhost.localdomain ([188.212.135.159]) by :SMTPAUTH: with ESMTPSA id ZxRlp2I9XoJ9VZxSYpM661; Wed, 08 Mar 2023 10:20:14 -0700 X-CMAE-Analysis: v=2.4 cv=fvwaJn0f c=1 sm=1 tr=0 ts=6408c3ce a=3NKXlI4tpxak3Hs97VqeiA==:117 a=3NKXlI4tpxak3Hs97VqeiA==:17 a=VTTltBjBAAAA:8 a=jWVZV7RqfMLTUg2Zzi4A:9 a=on_vo79ac8RWgsiwd8Ea:22 X-SECURESERVER-ACCT: juliusz@wolfssl.com From: Juliusz Sosinowicz To: hostap@lists.infradead.org Cc: Juliusz Sosinowicz Subject: [PATCH 12/12] wolfssl: implement FIPS compatible code when CONFIG_FIPS Date: Wed, 8 Mar 2023 18:18:50 +0100 Message-Id: <20230308171850.267577-12-juliusz@wolfssl.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230308171850.267577-1-juliusz@wolfssl.com> References: <20230308171850.267577-1-juliusz@wolfssl.com> MIME-Version: 1.0 X-CMAE-Envelope: MS4xfCTaQ6PVRQpchTOF25Zm/25W/jX+pd7zl8076UBPsBDIoH5DWeaeU+YfUAx/lbW3QPG8IIUSQR/YZSZfCPRvkowoAbPXCzh0qIpXvxzP6BBcZkqmX8xM BHSP4YNYdbBWSQ+yU1v4dZqljoAVrCDc012f0nOU5Qb8nfPgZ8MSIr1gL48+DM2+uRNtMzD3ljLsnr4JNVCqEa/ARsvLC+tpkCIht8OMtMmmmSXNS80w4FX3 CmhFRkjTFc2Uc+uh1scIfA== X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230308_092015_302820_08910293 X-CRM114-Status: GOOD ( 13.35 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 77 +++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 7d3672f01..52f4c70c6 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -64,31 +64,79 @@ static [...] Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [173.201.192.237 listed in wl.mailspike.net] -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [173.201.192.237 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Juliusz Sosinowicz --- src/crypto/crypto_wolfssl.c | 77 +++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) diff --git a/src/crypto/crypto_wolfssl.c b/src/crypto/crypto_wolfssl.c index 7d3672f01..52f4c70c6 100644 --- a/src/crypto/crypto_wolfssl.c +++ b/src/crypto/crypto_wolfssl.c @@ -64,31 +64,79 @@ static WC_RNG * wc_rng_init(void) { WC_RNG * ret; +#ifdef CONFIG_FIPS + ret = os_zalloc(sizeof(WC_RNG)); +#else ret = wc_rng_new(NULL, 0, NULL); +#endif if (!ret) { +#ifdef CONFIG_FIPS + LOG_WOLF_ERROR_FUNC_NULL(os_zalloc); +#else LOG_WOLF_ERROR_FUNC_NULL(wc_rng_new); +#endif + } +#ifdef CONFIG_FIPS + else { + int err; + err = wc_InitRng(ret); + if (err != 0) { + LOG_WOLF_ERROR_FUNC(wc_InitRng, err); + os_free(ret); + ret = NULL; + } } +#endif /* CONFIG_FIPS */ return ret; } static void wc_rng_deinit(WC_RNG * rng) { +#ifdef CONFIG_FIPS + wc_FreeRng(rng); + os_free(rng); +#else /* CONFIG_FIPS */ wc_rng_free(rng); +#endif /* CONFIG_FIPS */ } static ecc_key * ecc_key_init(void) { ecc_key * ret; +#ifdef CONFIG_FIPS + int err; + ret = os_zalloc(sizeof(ecc_key)); +#else /* CONFIG_FIPS */ ret = wc_ecc_key_new(NULL); +#endif /* CONFIG_FIPS */ if (!ret) { +#ifdef CONFIG_FIPS + LOG_WOLF_ERROR_FUNC_NULL(os_zalloc); +#else /* CONFIG_FIPS */ LOG_WOLF_ERROR_FUNC_NULL(wc_ecc_key_new); +#endif /* CONFIG_FIPS */ + } +#ifdef CONFIG_FIPS + else { + err = wc_ecc_init_ex(ret, NULL, INVALID_DEVID); + if (err != 0) { + LOG_WOLF_ERROR("wc_ecc_init_ex failed"); + os_free(ret); + ret = NULL; + } } +#endif /* CONFIG_FIPS */ return ret; } static void ecc_key_deinit(ecc_key * key) { +#ifdef CONFIG_FIPS + wc_ecc_free(key); + os_free(key); +#else /* CONFIG_FIPS */ wc_ecc_key_free(key); +#endif /* CONFIG_FIPS */ } /* end of helper functions */ @@ -1606,11 +1654,34 @@ struct crypto_ec * crypto_ec_init(int group) LOG_WOLF_ERROR_FUNC_NULL(wc_ecc_new_point); goto done; } +#ifdef CONFIG_FIPS + /* Setup generator manually in FIPS mode */ + if (!e->key->dp) { + LOG_WOLF_ERROR_FUNC_NULL(e->key->dp); + goto done; + } + err = mp_read_radix(e->g->x, e->key->dp->Gx, MP_RADIX_HEX); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_read_radix, err); + goto done; + } + err = mp_read_radix(e->g->y, e->key->dp->Gy, MP_RADIX_HEX); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_read_radix, err); + goto done; + } + err = mp_set(e->g->z, 1); + if (err != MP_OKAY) { + LOG_WOLF_ERROR_FUNC(mp_set, err); + goto done; + } +#else err = wc_ecc_get_generator(e->g, wc_ecc_get_curve_idx(curve_id)); if (err != MP_OKAY) { LOG_WOLF_ERROR_FUNC(wc_ecc_get_generator, err); goto done; } +#endif #endif err = mp_init_multi(&e->a, &e->prime, &e->order, &e->b, NULL, NULL); if (err != MP_OKAY) { @@ -1689,7 +1760,13 @@ void crypto_ec_point_deinit(struct crypto_ec_point *p, int clear) return; if (clear) { +#ifndef CONFIG_FIPS wc_ecc_forcezero_point(point); +#else + mp_forcezero(point->x); + mp_forcezero(point->y); + mp_forcezero(point->z); +#endif } wc_ecc_del_point(point); }