mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 15:15:47 +01:00
Merge remote-tracking branch 'restricted/pr/582' into mbedtls-2.16-restricted
* restricted/pr/582: Add a test for signing content with a long ECDSA key Add documentation notes about the required size of the signature buffers Add missing MBEDTLS_ECP_C dependencies in check_config.h Change size of preallocated buffer for pk_sign() calls
This commit is contained in:
commit
7b03e87fbc
@ -123,7 +123,7 @@
|
||||
#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \
|
||||
#if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \
|
||||
!defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \
|
||||
!defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \
|
||||
!defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \
|
||||
@ -134,7 +134,9 @@
|
||||
!defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \
|
||||
!defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \
|
||||
!defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \
|
||||
!defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) ) )
|
||||
!defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \
|
||||
!defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \
|
||||
!defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) )
|
||||
#error "MBEDTLS_ECP_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
|
@ -416,6 +416,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
|
||||
*
|
||||
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
|
||||
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
|
||||
*
|
||||
* \note In order to ensure enough space for the signature, the
|
||||
* \p sig buffer size must be of at least
|
||||
* `max(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)` bytes.
|
||||
*/
|
||||
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
@ -430,6 +434,10 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
||||
* \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
|
||||
* operations. For RSA, same as \c mbedtls_pk_sign().
|
||||
*
|
||||
* \note In order to ensure enough space for the signature, the
|
||||
* \p sig buffer size must be of at least
|
||||
* `max(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)` bytes.
|
||||
*
|
||||
* \param ctx The PK context to use. It must have been set up
|
||||
* with a private key.
|
||||
* \param md_alg Hash algorithm used (see notes)
|
||||
|
@ -904,7 +904,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
|
||||
* the size of the hash corresponding to \p md_alg.
|
||||
* \param sig The buffer to hold the signature. This must be a writable
|
||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||
* for an 2048-bit RSA modulus.
|
||||
* for an 2048-bit RSA modulus. A buffer length of
|
||||
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||
*
|
||||
* \return \c 0 if the signing operation was successful.
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
@ -951,7 +952,8 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
||||
* the size of the hash corresponding to \p md_alg.
|
||||
* \param sig The buffer to hold the signature. This must be a writable
|
||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||
* for an 2048-bit RSA modulus.
|
||||
* for an 2048-bit RSA modulus. A buffer length of
|
||||
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||
*
|
||||
* \return \c 0 if the signing operation was successful.
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
@ -1012,7 +1014,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
||||
* the size of the hash corresponding to \p md_alg.
|
||||
* \param sig The buffer to hold the signature. This must be a writable
|
||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||
* for an 2048-bit RSA modulus.
|
||||
* for an 2048-bit RSA modulus. A buffer length of
|
||||
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||
*
|
||||
* \return \c 0 if the signing operation was successful.
|
||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||
|
@ -45,6 +45,16 @@
|
||||
#include "mbedtls/pem.h"
|
||||
#endif /* MBEDTLS_PEM_WRITE_C */
|
||||
|
||||
/*
|
||||
* For the currently used signature algorithms the buffer to store any signature
|
||||
* must be at least of size MAX(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)
|
||||
*/
|
||||
#if MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_MPI_MAX_SIZE
|
||||
#define SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
|
||||
#else
|
||||
#define SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
|
||||
#endif
|
||||
|
||||
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
|
||||
@ -334,7 +344,7 @@ int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf,
|
||||
size_t sig_oid_len = 0;
|
||||
unsigned char *c, *c2;
|
||||
unsigned char hash[64];
|
||||
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
|
||||
unsigned char sig[SIGNATURE_MAX_SIZE];
|
||||
unsigned char tmp_buf[2048];
|
||||
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
|
||||
size_t len = 0;
|
||||
|
@ -44,6 +44,16 @@
|
||||
#include "mbedtls/pem.h"
|
||||
#endif
|
||||
|
||||
/*
|
||||
* For the currently used signature algorithms the buffer to store any signature
|
||||
* must be at least of size MAX(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)
|
||||
*/
|
||||
#if MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_MPI_MAX_SIZE
|
||||
#define SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
|
||||
#else
|
||||
#define SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
|
||||
#endif
|
||||
|
||||
void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
|
||||
@ -159,7 +169,7 @@ int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, s
|
||||
size_t sig_oid_len = 0;
|
||||
unsigned char *c, *c2;
|
||||
unsigned char hash[64];
|
||||
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
|
||||
unsigned char sig[SIGNATURE_MAX_SIZE];
|
||||
unsigned char tmp_buf[2048];
|
||||
size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
|
||||
size_t len = 0;
|
||||
|
@ -61,6 +61,16 @@ int main( void )
|
||||
#include <string.h>
|
||||
|
||||
|
||||
/*
|
||||
* For the currently used signature algorithms the buffer to store any signature
|
||||
* must be at least of size MAX(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)
|
||||
*/
|
||||
#if MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_MPI_MAX_SIZE
|
||||
#define SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
|
||||
#else
|
||||
#define SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
|
||||
#endif
|
||||
|
||||
int main( int argc, char *argv[] )
|
||||
{
|
||||
FILE *f;
|
||||
@ -70,7 +80,7 @@ int main( int argc, char *argv[] )
|
||||
mbedtls_entropy_context entropy;
|
||||
mbedtls_ctr_drbg_context ctr_drbg;
|
||||
unsigned char hash[32];
|
||||
unsigned char buf[MBEDTLS_MPI_MAX_SIZE];
|
||||
unsigned char buf[SIGNATURE_MAX_SIZE];
|
||||
char filename[512];
|
||||
const char *pers = "mbedtls_pk_sign";
|
||||
size_t olen = 0;
|
||||
|
@ -793,6 +793,14 @@ server5.req.ku.sha1: server5.key
|
||||
$(MBEDTLS_CERT_REQ) output_file=$@ filename=$< key_usage=digital_signature,non_repudiation subject_name="C=NL,O=PolarSSL,CN=PolarSSL Server 1" md=SHA1
|
||||
all_final += server5.req.ku.sha1
|
||||
|
||||
###
|
||||
### A generic SECP521R1 private key
|
||||
###
|
||||
|
||||
secp521r1_prv.der:
|
||||
$(OPENSSL) ecparam -genkey -name secp521r1 -noout -out secp521r1_prv.der
|
||||
all_final += secp521r1_prv.der
|
||||
|
||||
################################################################
|
||||
### Generate CSRs for X.509 write test suite
|
||||
################################################################
|
||||
|
BIN
tests/data_files/secp521r1_prv.der
Normal file
BIN
tests/data_files/secp521r1_prv.der
Normal file
Binary file not shown.
@ -590,6 +590,23 @@ component_check_doxygen_warnings () {
|
||||
#### Build and test many configurations and targets
|
||||
################################################################
|
||||
|
||||
component_test_large_ecdsa_key_signature () {
|
||||
|
||||
SMALL_MPI_MAX_SIZE=136 # Small enough to interfere with the EC signatures
|
||||
|
||||
msg "build: cmake + MBEDTLS_MPI_MAX_SIZE=${SMALL_MPI_MAX_SIZE}, gcc, ASan" # ~ 1 min 50s
|
||||
scripts/config.pl set MBEDTLS_MPI_MAX_SIZE $SMALL_MPI_MAX_SIZE
|
||||
CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan .
|
||||
make
|
||||
|
||||
INEVITABLY_PRESENT_FILE=Makefile
|
||||
SIGNATURE_FILE="${INEVITABLY_PRESENT_FILE}.sig" # Warning, this is rm -f'ed below
|
||||
|
||||
msg "test: pk_sign secp521r1_prv.der for MBEDTLS_MPI_MAX_SIZE=${SMALL_MPI_MAX_SIZE} (ASan build)" # ~ 5s
|
||||
if_build_succeeded programs/pkey/pk_sign tests/data_files/secp521r1_prv.der $INEVITABLY_PRESENT_FILE
|
||||
rm -f $SIGNATURE_FILE
|
||||
}
|
||||
|
||||
component_test_default_out_of_box () {
|
||||
msg "build: make, default config (out-of-box)" # ~1min
|
||||
make
|
||||
|
Loading…
Reference in New Issue
Block a user