diff --git a/src/internal.c b/src/internal.c index b2cfe3fa2f..38cd26e9d8 100644 --- a/src/internal.c +++ b/src/internal.c @@ -28015,6 +28015,12 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length) (ecc_key*)ssl->hsKey, ssl->buffers.key->length); } + #endif + #ifdef WOLFSSL_SM2 + if ((ret == 0) && (ssl->buffers.keyType == sm2_sa_algo)) { + ret = wc_ecc_set_curve((ecc_key*)ssl->hsKey, + WOLFSSL_SM2_KEY_BITS / 8, ECC_SM2P256V1); + } #endif if (ret == 0) { WOLFSSL_MSG("Using ECC private key"); @@ -34568,7 +34574,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, { word32 keySz; - ssl->buffers.keyType = ecc_dsa_sa_algo; + ssl->buffers.keyType = ssl->options.sigAlgo; ret = DecodePrivateKey(ssl, &keySz); if (ret != 0) { goto exit_sske; diff --git a/src/ssl_load.c b/src/ssl_load.c index 80894b488c..5e011fab0e 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -116,13 +116,14 @@ * @param [in, out] info Info for encryption. * @param [in] heap Dynamic memory allocation hint. * @param [out] der Holds DER encoded data. + * @param [out] algId Algorithm identifier for private keys. * @return 0 on success. * @return NOT_COMPILED_IN when format is PEM and PEM not supported. * @return ASN_PARSE_E when format is ASN.1 and invalid DER encoding. * @return MEMORY_E when dynamic memory allocation fails. */ static int DataToDerBuffer(const unsigned char* buff, word32 len, int format, - int type, EncryptedInfo* info, void* heap, DerBuffer** der) + int type, EncryptedInfo* info, void* heap, DerBuffer** der, int* algId) { int ret; @@ -131,7 +132,7 @@ static int DataToDerBuffer(const unsigned char* buff, word32 len, int format, /* Data in buffer has PEM format - extract DER data. */ if (format == WOLFSSL_FILETYPE_PEM) { #ifdef WOLFSSL_PEM_TO_DER - ret = PemToDer(buff, len, type, der, heap, info, NULL); + ret = PemToDer(buff, len, type, der, heap, info, algId); if (ret != 0) { FreeDer(der); } @@ -341,7 +342,7 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, WOLFSSL* ssl, /* Get a certificate as DER. */ ret = DataToDerBuffer(buff + consumed, (word32)(sz - consumed), - format, type, info, heap, &part); + format, type, info, heap, &part, NULL); if (ret == 0) { /* Process the user certificate. */ ret = ProcessUserCert(ctx->cm, &part, type, verify, @@ -604,6 +605,12 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl, idx = 0; ret = wc_EccPublicKeyDecode(der->buffer, &idx, key, der->length); } + #endif + #ifdef WOLFSSL_SM2 + if (*keyFormat == SM2k) { + ret = wc_ecc_set_curve(key, WOLFSSL_SM2_KEY_BITS / 8, + ECC_SM2P256V1); + } #endif if (ret == 0) { /* Get the minimum ECC key size from SSL or SSL context object. */ @@ -1317,17 +1324,18 @@ static void ProcessBufferPrivKeyHandleDer(WOLFSSL_CTX* ctx, WOLFSSL* ssl, * @param [in] heap Dynamic memory allocation hint. * @param [in] type Type of data: * PRIVATEKEY_TYPE or ALT_PRIVATEKEY_TYPE. + * @param [in] algId Algorithm id of key. * @return 0 on success. * @return WOLFSSL_BAD_FILE when not able to decode. */ static int ProcessBufferPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, - DerBuffer* der, int format, EncryptedInfo* info, void* heap, int type) + DerBuffer* der, int format, EncryptedInfo* info, void* heap, int type, + int algId) { int ret; - int keyFormat = 0; #if (defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)) || \ defined(HAVE_PKCS8) - word32 algId = 0; + word32 p8AlgId = 0; #endif (void)info; @@ -1335,34 +1343,34 @@ static int ProcessBufferPrivateKey(WOLFSSL_CTX* ctx, WOLFSSL* ssl, #ifdef HAVE_PKCS8 /* Try and remove PKCS8 header and get algorithm id. */ - ret = ToTraditional_ex(der->buffer, der->length, &algId); + ret = ToTraditional_ex(der->buffer, der->length, &p8AlgId); if (ret > 0) { /* Header stripped inline. */ der->length = ret; - keyFormat = algId; + algId = p8AlgId; } #endif /* Put the data into the SSL or SSL context object. */ ProcessBufferPrivKeyHandleDer(ctx, ssl, &der, type); /* Try to decode the DER data. */ - ret = ProcessBufferTryDecode(ctx, ssl, der, &keyFormat, heap, type); + ret = ProcessBufferTryDecode(ctx, ssl, der, &algId, heap, type); #if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED) /* If private key type PKCS8 header wasn't already removed (algId == 0). */ - if (((ret != 0) || (keyFormat == 0)) && (format != WOLFSSL_FILETYPE_PEM) && + if (((ret != 0) || (algId == 0)) && (format != WOLFSSL_FILETYPE_PEM) && (info->passwd_cb != NULL) && (algId == 0)) { /* Try to decrypt DER data as a PKCS#8 private key. */ ret = ProcessBufferPrivPkcs8Dec(info, der, heap); if (ret >= 0) { /* Try to decode decrypted data. */ - ret = ProcessBufferTryDecode(ctx, ssl, der, &keyFormat, heap, type); + ret = ProcessBufferTryDecode(ctx, ssl, der, &algId, heap, type); } } #endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */ - /* Check if we were able to determine key format. */ - if ((ret == 0) && (keyFormat == 0)) { + /* Check if we were able to determine algorithm id. */ + if ((ret == 0) && (algId == 0)) { #ifdef OPENSSL_EXTRA /* Decryption password is probably wrong. */ if (info->passwd_cb) { @@ -2265,6 +2273,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, long sz, #else EncryptedInfo info[1]; #endif + int algId = 0; WOLFSSL_ENTER("ProcessBuffer"); @@ -2306,7 +2315,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, long sz, #endif /* Get the DER data for a private key or certificate. */ - ret = DataToDerBuffer(buff, (word32)sz, format, type, info, heap, &der); + ret = DataToDerBuffer(buff, (word32)sz, format, type, info, heap, &der, + &algId); if (used != NULL) { /* Update to amount used/consumed. */ *used = info->consumed; @@ -2321,7 +2331,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, long sz, if ((ret == 0) && IS_PRIVKEY_TYPE(type)) { /* Process the private key. */ - ret = ProcessBufferPrivateKey(ctx, ssl, der, format, info, heap, type); + ret = ProcessBufferPrivateKey(ctx, ssl, der, format, info, heap, type, + algId); #ifdef WOLFSSL_SMALL_STACK /* Info no longer needed - keep max memory usage down. */ XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO); diff --git a/wolfcrypt/benchmark/benchmark.c b/wolfcrypt/benchmark/benchmark.c index 7e13f99ab7..0dc4013f49 100644 --- a/wolfcrypt/benchmark/benchmark.c +++ b/wolfcrypt/benchmark/benchmark.c @@ -5588,7 +5588,7 @@ void bench_sm4_gcm(void) #endif #ifdef WOLFSSL_SM4_CCM -void bench_sm4_ccm() +void bench_sm4_ccm(void) { wc_Sm4 enc; double start; @@ -7554,12 +7554,12 @@ void bench_sm3(int useDeviceID) bench_stats_start(&count, &start); do { for (times = 0; times < numBlocks; times++) { - ret = wc_InitSm3(hash, HEAP_HINT, + ret = wc_InitSm3(hash[0], HEAP_HINT, useDeviceID ? devId: INVALID_DEVID); if (ret == 0) - ret = wc_Sm3Update(hash, bench_plain, bench_size); + ret = wc_Sm3Update(hash[0], bench_plain, bench_size); if (ret == 0) - ret = wc_Sm3Final(hash, digest[0]); + ret = wc_Sm3Final(hash[0], digest[0]); if (ret != 0) goto exit_sm3; RECORD_MULTI_VALUE_STATS(); @@ -11016,13 +11016,13 @@ void bench_eccEncrypt(int curveId) #ifdef WOLFSSL_SM2 static void bench_sm2_MakeKey(int useDeviceID) { - int ret = 0, i, times, count, pending = 0; + int ret = 0, i, times, count = 0, pending = 0; int deviceID; int keySize; WC_DECLARE_ARRAY(genKey, ecc_key, BENCH_MAX_PENDING, sizeof(ecc_key), HEAP_HINT); char name[BENCH_ECC_NAME_SZ]; - double start; + double start = 0; const char**desc = bench_desc_words[lng_index]; DECLARE_MULTI_VALUE_STATS_VARS() diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 3cf67b8139..390038d4d7 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -23790,13 +23790,19 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) if (cert->ca) { if (verify == VERIFY || verify == VERIFY_OCSP || verify == VERIFY_SKIP_DATE) { + word32 keyOID = cert->ca->keyOID; + #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) + if (cert->selfSigned && (cert->signatureOID == CTC_SM3wSM2)) { + keyOID = SM2k; + } + #endif /* try to confirm/verify signature */ if ((ret = ConfirmSignature(&cert->sigCtx, cert->source + cert->certBegin, cert->sigIndex - cert->certBegin, cert->ca->publicKey, cert->ca->pubKeySize, - cert->ca->keyOID, cert->signature, - cert->sigLength, cert->signatureOID, + keyOID, cert->signature, cert->sigLength, + cert->signatureOID, #ifdef WC_RSA_PSS cert->source + cert->sigParamsIndex, cert->sigParamsLength, diff --git a/wolfcrypt/src/port/arm/armv8-aes.c b/wolfcrypt/src/port/arm/armv8-aes.c index 1a97996563..b40dd7b558 100644 --- a/wolfcrypt/src/port/arm/armv8-aes.c +++ b/wolfcrypt/src/port/arm/armv8-aes.c @@ -1532,6 +1532,7 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, "USHR v7.2d, v7.2d, #56 \n" "# AAD \n" + "CBZ %[a], 20f \n" "CBZ %w[aSz], 20f \n" "MOV w12, %w[aSz] \n" @@ -1702,6 +1703,7 @@ void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, "20: \n" "# Cipher Text \n" + "CBZ %[c], 120f \n" "CBZ %w[cSz], 120f \n" "MOV w12, %w[cSz] \n" diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index fe91daf97c..21ba6f20f3 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -29850,21 +29850,19 @@ static wc_test_ret_t ecc_test_custom_curves(WC_RNG* rng) #ifdef WOLFSSL_SM2 #ifdef HAVE_ECC_VERIFY #if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_CUSTOM_CURVES) - #ifdef WOLFSSL_SM2 - #ifdef HAVE_OID_ENCODING - #define CODED_SM2P256V1 {1,2,156,10197,1,301} - #define CODED_SM2P256V1_SZ 6 - #else - #define CODED_SM2P256V1 {0x06,0x08,0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D} - #define CODED_SM2P256V1_SZ 10 - #endif - #ifndef WOLFSSL_ECC_CURVE_STATIC - static const ecc_oid_t ecc_oid_sm2p256v1[] = CODED_SM2P256V1; - #else - #define ecc_oid_sm2p256v1 CODED_SM2P256V1 - #endif - #define ecc_oid_sm2p256v1_sz CODED_SM2P256V1_SZ - #endif /* WOLFSSL_SM2 */ + #ifdef HAVE_OID_ENCODING + #define CODED_SM2P256V1 {1,2,156,10197,1,301} + #define CODED_SM2P256V1_SZ 6 + #else + #define CODED_SM2P256V1 {0x06,0x08,0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D} + #define CODED_SM2P256V1_SZ 10 + #endif + #ifndef WOLFSSL_ECC_CURVE_STATIC + static const ecc_oid_t ecc_oid_sm2p256v1[] = CODED_SM2P256V1; + #else + #define ecc_oid_sm2p256v1 CODED_SM2P256V1 + #endif + #define ecc_oid_sm2p256v1_sz CODED_SM2P256V1_SZ #define ECC_SM2P256V1_TEST 102 static int test_sm2_verify_caseA2(void) { @@ -30041,9 +30039,7 @@ static int ecc_sm2_test_curve(WC_RNG* rng, int testVerifyCount) WC_DECLARE_VAR(sig, byte, ECC_SIG_SIZE, HEAP_HINT); WC_DECLARE_VAR(digest, byte, ECC_DIGEST_SIZE, HEAP_HINT); int i; -#ifdef HAVE_ECC_VERIFY int verify; -#endif /* HAVE_ECC_VERIFY */ #endif /* HAVE_ECC_SIGN */ int ret; #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC) @@ -30239,7 +30235,6 @@ static int ecc_sm2_test_curve(WC_RNG* rng, int testVerifyCount) if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done); -#ifdef HAVE_ECC_VERIFY for (i = 0; i < testVerifyCount; i++) { verify = 0; ret = wc_ecc_sm2_verify_hash(sig, x, digest, ECC_DIGEST_SIZE, &verify, @@ -30249,7 +30244,6 @@ static int ecc_sm2_test_curve(WC_RNG* rng, int testVerifyCount) if (verify != 1) ERROR_OUT(WC_TEST_RET_ENC_NC, done); } -#endif /* HAVE_ECC_VERIFY */ #endif /* ECC_SHAMIR */ /* test DSA sign hash with sequence (0,1,2,3,4,...) */ @@ -30262,7 +30256,6 @@ static int ecc_sm2_test_curve(WC_RNG* rng, int testVerifyCount) if (ret != 0) ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done); -#ifdef HAVE_ECC_VERIFY for (i = 0; i < testVerifyCount; i++) { verify = 0; ret = wc_ecc_sm2_verify_hash(sig, x, digest, ECC_DIGEST_SIZE, &verify, @@ -30272,7 +30265,6 @@ static int ecc_sm2_test_curve(WC_RNG* rng, int testVerifyCount) if (verify != 1) ERROR_OUT(WC_TEST_RET_ENC_NC, done); } -#endif /* HAVE_ECC_VERIFY */ #endif /* HAVE_ECC_SIGN */ #endif /* !ECC_TIMING_RESISTANT || (ECC_TIMING_RESISTANT && !WC_NO_RNG) */ diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index b5f5b09b08..1b43e7f4b1 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -592,7 +592,7 @@ typedef struct w64wrapper { #endif #define WC_DECLARE_HEAP_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \ - VAR_TYPE* VAR_NAME[VAR_ITEMS]; \ + VAR_TYPE* VAR_NAME[VAR_ITEMS] = { NULL, }; \ int idx##VAR_NAME = 0, inner_idx_##VAR_NAME #define WC_HEAP_ARRAY_ARG(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE) \ VAR_TYPE* VAR_NAME[VAR_ITEMS]