mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-16 08:42:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Change prototype of pk_sign_ext

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-03-12 16:23:53 +08:00
parent 67eced0132
commit 8beb9e173d
4 changed files with 25 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ChangeLog.d/mbedtls_pk_sign_ext.txt Normal file
View File

@ -0,0 +1,3 @@
Features
* Add mbedtls_pk_sign_ext() which allows generating RSA-PSS signatures when
PSA Crypto is enabled.

23
include/mbedtls/pk.h
View File

@ -536,10 +536,9 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** /**
* \brief Make signature with options, including padding if relevant. * \brief Make signature with input pk type. not the type of \p ctx .
* *
* \param type Signature type (inc. possible padding type) to verify * \param pk_type Signature type.
* \param options Pointer to type-specific options, or NULL
* \param ctx The PK context to use. It must have been set up * \param ctx The PK context to use. It must have been set up
* with a private key. * with a private key.
* \param md_alg Hash algorithm used (see notes) * \param md_alg Hash algorithm used (see notes)
@ -558,9 +557,9 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
* *
* \note For RSA keys, the default padding type is PKCS#1 v1.5. * \note For RSA keys, the padding type depends on the value of the
* There is no interface in the PK module to make RSASSA-PSS * \p pk_type parameter: MBEDTLS_PK_RSA for PKCS#1 v1.5, and
* signatures yet. * MBEDTLS_PK_RSASSA_PSS for PKCS#1 v2.1 with any salt.
* *
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
@ -568,11 +567,13 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0. * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
*/ */
int mbedtls_pk_sign_ext( mbedtls_pk_type_t type, const void *options, int mbedtls_pk_sign_ext( mbedtls_pk_type_t type,
mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, mbedtls_pk_context *ctx,
const unsigned char *hash, size_t hash_len, mbedtls_md_type_t md_alg,
unsigned char *sig, size_t sig_size, size_t *sig_len, const unsigned char *hash, size_t hash_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** /**
* \brief Restartable version of \c mbedtls_pk_sign() * \brief Restartable version of \c mbedtls_pk_sign()

23
library/pk.c
View File

@ -521,11 +521,13 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
/* /*
* Make a signature with options * Make a signature with options
*/ */
int mbedtls_pk_sign_ext( mbedtls_pk_type_t type, const void *options, int mbedtls_pk_sign_ext( mbedtls_pk_type_t type,
mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, mbedtls_pk_context *ctx,
const unsigned char *hash, size_t hash_len, mbedtls_md_type_t md_alg,
unsigned char *sig, size_t sig_size, size_t *sig_len, const unsigned char *hash, size_t hash_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) unsigned char *sig, size_t sig_size, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{ {
PK_VALIDATE_RET( ctx != NULL ); PK_VALIDATE_RET( ctx != NULL );
PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) || PK_VALIDATE_RET( ( md_alg == MBEDTLS_MD_NONE && hash_len == 0 ) ||
@ -541,10 +543,6 @@ int mbedtls_pk_sign_ext( mbedtls_pk_type_t type, const void *options,
if( type != MBEDTLS_PK_RSASSA_PSS ) if( type != MBEDTLS_PK_RSASSA_PSS )
{ {
/* General case: no options */
if( options != NULL )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len, return( mbedtls_pk_sign_restartable( ctx, md_alg, hash, hash_len,
sig, sig_size, sig_len, sig, sig_size, sig_len,
f_rng, p_rng, NULL ) ); f_rng, p_rng, NULL ) );
@ -552,17 +550,12 @@ int mbedtls_pk_sign_ext( mbedtls_pk_type_t type, const void *options,
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_pk_rsassa_pss_options *pss_opts;
#if SIZE_MAX > UINT_MAX #if SIZE_MAX > UINT_MAX
if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len ) if( md_alg == MBEDTLS_MD_NONE && UINT_MAX < hash_len )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#endif /* SIZE_MAX > UINT_MAX */ #endif /* SIZE_MAX > UINT_MAX */
if( options == NULL )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
if( sig_size < mbedtls_pk_get_len( ctx ) ) if( sig_size < mbedtls_pk_get_len( ctx ) )
return( MBEDTLS_ERR_RSA_VERIFY_FAILED ); return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
@ -578,7 +571,7 @@ int mbedtls_pk_sign_ext( mbedtls_pk_type_t type, const void *options,
f_rng, p_rng, f_rng, p_rng,
md_alg, md_alg,
(unsigned int) hash_len, (unsigned int) hash_len,
hash,pss_opts->expected_salt_len, hash,MBEDTLS_RSA_SALT_LEN_ANY,
sig sig
); );
return( ret ); return( ret );

12
library/ssl_tls13_generic.c
View File

@ -1060,10 +1060,8 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl,
unsigned char verify_buffer[ SSL_VERIFY_STRUCT_MAX_SIZE ]; unsigned char verify_buffer[ SSL_VERIFY_STRUCT_MAX_SIZE ];
size_t verify_buffer_len; size_t verify_buffer_len;
mbedtls_pk_type_t pk_type = MBEDTLS_PK_NONE; mbedtls_pk_type_t pk_type = MBEDTLS_PK_NONE;
const void *options = NULL;
mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE; mbedtls_md_type_t md_alg = MBEDTLS_MD_NONE;
uint16_t algorithm = MBEDTLS_TLS1_3_SIG_NONE; uint16_t algorithm = MBEDTLS_TLS1_3_SIG_NONE;
mbedtls_pk_rsassa_pss_options pss_opts;
size_t signature_len = 0; size_t signature_len = 0;
const mbedtls_md_info_t *md_info; const mbedtls_md_info_t *md_info;
unsigned char verify_hash[ MBEDTLS_MD_MAX_SIZE ]; unsigned char verify_hash[ MBEDTLS_MD_MAX_SIZE ];
@ -1134,20 +1132,14 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256: case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256:
md_alg = MBEDTLS_MD_SHA256; md_alg = MBEDTLS_MD_SHA256;
pss_opts.expected_salt_len = MBEDTLS_RSA_SALT_LEN_ANY;
options = &pss_opts;
pk_type = MBEDTLS_PK_RSASSA_PSS; pk_type = MBEDTLS_PK_RSASSA_PSS;
break; break;
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384: case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384:
md_alg = MBEDTLS_MD_SHA384; md_alg = MBEDTLS_MD_SHA384;
pss_opts.expected_salt_len = MBEDTLS_RSA_SALT_LEN_ANY;
options = &pss_opts;
pk_type = MBEDTLS_PK_RSASSA_PSS; pk_type = MBEDTLS_PK_RSASSA_PSS;
break; break;
case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512: case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512:
md_alg = MBEDTLS_MD_SHA512; md_alg = MBEDTLS_MD_SHA512;
pss_opts.expected_salt_len = MBEDTLS_RSA_SALT_LEN_ANY;
options = &pss_opts;
pk_type = MBEDTLS_PK_RSASSA_PSS; pk_type = MBEDTLS_PK_RSASSA_PSS;
break; break;
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
@ -1173,8 +1165,8 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl,
verify_hash_len = mbedtls_md_get_size( md_info ); verify_hash_len = mbedtls_md_get_size( md_info );
MBEDTLS_SSL_DEBUG_BUF( 3, "verify hash", verify_hash, verify_hash_len ); MBEDTLS_SSL_DEBUG_BUF( 3, "verify hash", verify_hash, verify_hash_len );
if( ( ret = mbedtls_pk_sign_ext( pk_type, options, if( ( ret = mbedtls_pk_sign_ext( pk_type, own_key,
own_key, md_alg, verify_hash, verify_hash_len, md_alg, verify_hash, verify_hash_len,
p + 2, (size_t)( end - ( p + 2 ) ), &signature_len, p + 2, (size_t)( end - ( p + 2 ) ), &signature_len,
ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 )
{ {