mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 06:15:37 +00:00
Merge remote-tracking branch 'restricted/pr/582' into mbedtls-2.16-restricted
* restricted/pr/582: Add a test for signing content with a long ECDSA key Add documentation notes about the required size of the signature buffers Add missing MBEDTLS_ECP_C dependencies in check_config.h Change size of preallocated buffer for pk_sign() calls
This commit is contained in:
commit
7b03e87fbc
|
@ -134,7 +134,9 @@
|
||||||
!defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \
|
!defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \
|
||||||
!defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \
|
!defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \
|
||||||
!defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \
|
!defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \
|
||||||
!defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) ) )
|
!defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \
|
||||||
|
!defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \
|
||||||
|
!defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) )
|
||||||
#error "MBEDTLS_ECP_C defined, but not all prerequisites"
|
#error "MBEDTLS_ECP_C defined, but not all prerequisites"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
|
@ -416,6 +416,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
|
||||||
*
|
*
|
||||||
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
|
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
|
||||||
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
|
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
|
||||||
|
*
|
||||||
|
* \note In order to ensure enough space for the signature, the
|
||||||
|
* \p sig buffer size must be of at least
|
||||||
|
* `max(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)` bytes.
|
||||||
*/
|
*/
|
||||||
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
|
@ -430,6 +434,10 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
||||||
* \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
|
* \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
|
||||||
* operations. For RSA, same as \c mbedtls_pk_sign().
|
* operations. For RSA, same as \c mbedtls_pk_sign().
|
||||||
*
|
*
|
||||||
|
* \note In order to ensure enough space for the signature, the
|
||||||
|
* \p sig buffer size must be of at least
|
||||||
|
* `max(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)` bytes.
|
||||||
|
*
|
||||||
* \param ctx The PK context to use. It must have been set up
|
* \param ctx The PK context to use. It must have been set up
|
||||||
* with a private key.
|
* with a private key.
|
||||||
* \param md_alg Hash algorithm used (see notes)
|
* \param md_alg Hash algorithm used (see notes)
|
||||||
|
|
|
@ -904,7 +904,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
|
||||||
* the size of the hash corresponding to \p md_alg.
|
* the size of the hash corresponding to \p md_alg.
|
||||||
* \param sig The buffer to hold the signature. This must be a writable
|
* \param sig The buffer to hold the signature. This must be a writable
|
||||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus. A buffer length of
|
||||||
|
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||||
*
|
*
|
||||||
* \return \c 0 if the signing operation was successful.
|
* \return \c 0 if the signing operation was successful.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
|
@ -951,7 +952,8 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||||
* the size of the hash corresponding to \p md_alg.
|
* the size of the hash corresponding to \p md_alg.
|
||||||
* \param sig The buffer to hold the signature. This must be a writable
|
* \param sig The buffer to hold the signature. This must be a writable
|
||||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus. A buffer length of
|
||||||
|
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||||
*
|
*
|
||||||
* \return \c 0 if the signing operation was successful.
|
* \return \c 0 if the signing operation was successful.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
|
@ -1012,7 +1014,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||||
* the size of the hash corresponding to \p md_alg.
|
* the size of the hash corresponding to \p md_alg.
|
||||||
* \param sig The buffer to hold the signature. This must be a writable
|
* \param sig The buffer to hold the signature. This must be a writable
|
||||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus. A buffer length of
|
||||||
|
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||||
*
|
*
|
||||||
* \return \c 0 if the signing operation was successful.
|
* \return \c 0 if the signing operation was successful.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
|
|
|
@ -45,6 +45,16 @@
|
||||||
#include "mbedtls/pem.h"
|
#include "mbedtls/pem.h"
|
||||||
#endif /* MBEDTLS_PEM_WRITE_C */
|
#endif /* MBEDTLS_PEM_WRITE_C */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For the currently used signature algorithms the buffer to store any signature
|
||||||
|
* must be at least of size MAX(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)
|
||||||
|
*/
|
||||||
|
#if MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_MPI_MAX_SIZE
|
||||||
|
#define SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
|
||||||
|
#else
|
||||||
|
#define SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
|
||||||
|
#endif
|
||||||
|
|
||||||
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
|
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
|
||||||
{
|
{
|
||||||
memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
|
memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
|
||||||
|
@ -334,7 +344,7 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
|
||||||
size_t sig_oid_len = 0;
|
size_t sig_oid_len = 0;
|
||||||
unsigned char *c, *c2;
|
unsigned char *c, *c2;
|
||||||
unsigned char hash[64];
|
unsigned char hash[64];
|
||||||
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
|
unsigned char sig[SIGNATURE_MAX_SIZE];
|
||||||
unsigned char tmp_buf[2048];
|
unsigned char tmp_buf[2048];
|
||||||
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
|
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
|
@ -44,6 +44,16 @@
|
||||||
#include "mbedtls/pem.h"
|
#include "mbedtls/pem.h"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For the currently used signature algorithms the buffer to store any signature
|
||||||
|
* must be at least of size MAX(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)
|
||||||
|
*/
|
||||||
|
#if MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_MPI_MAX_SIZE
|
||||||
|
#define SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
|
||||||
|
#else
|
||||||
|
#define SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
|
||||||
|
#endif
|
||||||
|
|
||||||
void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
|
void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
|
||||||
{
|
{
|
||||||
memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
|
memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
|
||||||
|
@ -159,7 +169,7 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
|
||||||
size_t sig_oid_len = 0;
|
size_t sig_oid_len = 0;
|
||||||
unsigned char *c, *c2;
|
unsigned char *c, *c2;
|
||||||
unsigned char hash[64];
|
unsigned char hash[64];
|
||||||
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
|
unsigned char sig[SIGNATURE_MAX_SIZE];
|
||||||
unsigned char tmp_buf[2048];
|
unsigned char tmp_buf[2048];
|
||||||
size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
|
size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
|
||||||
size_t len = 0;
|
size_t len = 0;
|
||||||
|
|
|
@ -61,6 +61,16 @@ int main( void )
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* For the currently used signature algorithms the buffer to store any signature
|
||||||
|
* must be at least of size MAX(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)
|
||||||
|
*/
|
||||||
|
#if MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_MPI_MAX_SIZE
|
||||||
|
#define SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
|
||||||
|
#else
|
||||||
|
#define SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
|
||||||
|
#endif
|
||||||
|
|
||||||
int main( int argc, char *argv[] )
|
int main( int argc, char *argv[] )
|
||||||
{
|
{
|
||||||
FILE *f;
|
FILE *f;
|
||||||
|
@ -70,7 +80,7 @@ int main( int argc, char *argv[] )
|
||||||
mbedtls_entropy_context entropy;
|
mbedtls_entropy_context entropy;
|
||||||
mbedtls_ctr_drbg_context ctr_drbg;
|
mbedtls_ctr_drbg_context ctr_drbg;
|
||||||
unsigned char hash[32];
|
unsigned char hash[32];
|
||||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
unsigned char buf[SIGNATURE_MAX_SIZE];
|
||||||
char filename[512];
|
char filename[512];
|
||||||
const char *pers = "mbedtls_pk_sign";
|
const char *pers = "mbedtls_pk_sign";
|
||||||
size_t olen = 0;
|
size_t olen = 0;
|
||||||
|
|
|
@ -793,6 +793,14 @@ server5.req.ku.sha1: server5.key
|
||||||
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
|
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
|
||||||
all_final += server5.req.ku.sha1
|
all_final += server5.req.ku.sha1
|
||||||
|
|
||||||
|
###
|
||||||
|
### A generic SECP521R1 private key
|
||||||
|
###
|
||||||
|
|
||||||
|
secp521r1_prv.der:
|
||||||
|
$(OPENSSL) ecparam -genkey -name secp521r1 -noout -out secp521r1_prv.der
|
||||||
|
all_final += secp521r1_prv.der
|
||||||
|
|
||||||
################################################################
|
################################################################
|
||||||
### Generate CSRs for X.509 write test suite
|
### Generate CSRs for X.509 write test suite
|
||||||
################################################################
|
################################################################
|
||||||
|
|
BIN
tests/data_files/secp521r1_prv.der
Normal file
BIN
tests/data_files/secp521r1_prv.der
Normal file
Binary file not shown.
|
@ -590,6 +590,23 @@ component_check_doxygen_warnings () {
|
||||||
#### Build and test many configurations and targets
|
#### Build and test many configurations and targets
|
||||||
################################################################
|
################################################################
|
||||||
|
|
||||||
|
component_test_large_ecdsa_key_signature () {
|
||||||
|
|
||||||
|
SMALL_MPI_MAX_SIZE=136 # Small enough to interfere with the EC signatures
|
||||||
|
|
||||||
|
msg "build: cmake + MBEDTLS_MPI_MAX_SIZE=${SMALL_MPI_MAX_SIZE}, gcc, ASan" # ~ 1 min 50s
|
||||||
|
scripts/config.pl set MBEDTLS_MPI_MAX_SIZE $SMALL_MPI_MAX_SIZE
|
||||||
|
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||||
|
make
|
||||||
|
|
||||||
|
INEVITABLY_PRESENT_FILE=Makefile
|
||||||
|
SIGNATURE_FILE="${INEVITABLY_PRESENT_FILE}.sig" # Warning, this is rm -f'ed below
|
||||||
|
|
||||||
|
msg "test: pk_sign secp521r1_prv.der for MBEDTLS_MPI_MAX_SIZE=${SMALL_MPI_MAX_SIZE} (ASan build)" # ~ 5s
|
||||||
|
if_build_succeeded programs/pkey/pk_sign tests/data_files/secp521r1_prv.der $INEVITABLY_PRESENT_FILE
|
||||||
|
rm -f $SIGNATURE_FILE
|
||||||
|
}
|
||||||
|
|
||||||
component_test_default_out_of_box () {
|
component_test_default_out_of_box () {
|
||||||
msg "build: make, default config (out-of-box)" # ~1min
|
msg "build: make, default config (out-of-box)" # ~1min
|
||||||
make
|
make
|
||||||
|
|
Loading…
Reference in a new issue