AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Dynamically allocate/free restart subcontext in PK

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2017-08-18 16:22:06 +02:00
parent 15d7df2ba8
commit 0bbc66cc76
4 changed files with 108 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
include/mbedtls/pk.h
View File

@ -135,7 +135,8 @@ typedef struct
*/ */
typedef struct typedef struct
{ {
mbedtls_ecdsa_restart_ctx ecdsa; /* temporary */ const mbedtls_pk_info_t * pk_info; /**< Public key informations */
void * rs_ctx; /**< Underlying restart context */
} mbedtls_pk_restart_ctx; } mbedtls_pk_restart_ctx;
#else #else
/* Now we can declare functions that take a pointer to that */ /* Now we can declare functions that take a pointer to that */

8
include/mbedtls/pk_internal.h
View File

@ -94,6 +94,14 @@ struct mbedtls_pk_info_t
/** Free the given context */ /** Free the given context */
void (*ctx_free_func)( void *ctx ); void (*ctx_free_func)( void *ctx );
#if defined(MBEDTLS_ECP_RESTARTABLE)
/** Allocate the restart context */
void * (*rs_alloc_func)( void );
/** Free the restart context */
void (*rs_free_func)( void *rs_ctx );
#endif /* MBEDTLS_ECP_RESTARTABLE */
/** Interface with the debug module */ /** Interface with the debug module */
void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items ); void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items );

69
library/pk.c
View File

@ -79,7 +79,8 @@ void mbedtls_pk_free( mbedtls_pk_context *ctx )
*/ */
void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx ) void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
{ {
mbedtls_ecdsa_restart_init( &ctx->ecdsa ); ctx->pk_info = NULL;
ctx->rs_ctx = NULL;
} }
/* /*
@ -87,10 +88,16 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
*/ */
void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx ) void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL || ctx->pk_info == NULL ||
ctx->pk_info->rs_free_func == NULL )
{
return; return;
}
mbedtls_ecdsa_restart_free( &ctx->ecdsa ); ctx->pk_info->rs_free_func( ctx->rs_ctx );
ctx->pk_info = NULL;
ctx->rs_ctx = NULL;
} }
#endif /* MBEDTLS_ECP_RESTARTABLE */ #endif /* MBEDTLS_ECP_RESTARTABLE */
@ -196,6 +203,30 @@ static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len
return( 0 ); return( 0 );
} }
#if defined(MBEDTLS_ECP_RESTARTABLE)
/*
* Helper to set up a restart context if needed
*/
static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx,
const mbedtls_pk_info_t *info )
{
/* Don't do anything it already set up */
if( ctx->pk_info != NULL )
return( 0 );
/* Should never happen when we're called */
if( info->rs_alloc_func == NULL || info->rs_free_func == NULL )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ( ctx->rs_ctx = info->rs_alloc_func() ) == NULL )
return( MBEDTLS_ERR_PK_ALLOC_FAILED );
ctx->pk_info = info;
return( 0 );
}
#endif /* MBEDTLS_ECP_RESTARTABLE */
/* /*
* Verify a signature (restartable) * Verify a signature (restartable)
*/ */
@ -210,10 +241,20 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
if( ctx->pk_info->verify_rs_func != NULL ) if( rs_ctx != NULL && ctx->pk_info->verify_rs_func != NULL )
{ {
return( ctx->pk_info->verify_rs_func( ctx->pk_ctx, int ret;
md_alg, hash, hash_len, sig, sig_len, rs_ctx ) );
if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
return( ret );
ret = ctx->pk_info->verify_rs_func( ctx->pk_ctx,
md_alg, hash, hash_len, sig, sig_len, rs_ctx->rs_ctx );
if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
mbedtls_pk_restart_free( rs_ctx );
return( ret );
} }
#else #else
(void) rs_ctx; (void) rs_ctx;
@ -310,10 +351,20 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA ); return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#if defined(MBEDTLS_ECP_RESTARTABLE) #if defined(MBEDTLS_ECP_RESTARTABLE)
if( ctx->pk_info->sign_rs_func != NULL ) if( rs_ctx != NULL && ctx->pk_info->sign_rs_func != NULL )
{ {
return( ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg, int ret;
hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx ) );
if( ( ret = pk_restart_setup( rs_ctx, ctx->pk_info ) ) != 0 )
return( ret );
ret = ctx->pk_info->sign_rs_func( ctx->pk_ctx, md_alg,
hash, hash_len, sig, sig_len, f_rng, p_rng, rs_ctx->rs_ctx );
if( ret != MBEDTLS_ERR_ECP_IN_PROGRESS )
mbedtls_pk_restart_free( rs_ctx );
return( ret );
} }
#else #else
(void) rs_ctx; (void) rs_ctx;

38
library/pk_wrap.c
View File

@ -189,6 +189,10 @@ const mbedtls_pk_info_t mbedtls_rsa_info = {
rsa_check_pair_wrap, rsa_check_pair_wrap,
rsa_alloc_wrap, rsa_alloc_wrap,
rsa_free_wrap, rsa_free_wrap,
#if defined(MBEDTLS_ECP_RESTARTABLE)
NULL,
NULL,
#endif
rsa_debug, rsa_debug,
}; };
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
@ -401,6 +405,24 @@ static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items )
items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q ); items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
} }
#if defined(MBEDTLS_ECP_RESTARTABLE)
static void *eckey_rs_alloc( void )
{
void *ctx = mbedtls_calloc( 1, sizeof( mbedtls_ecdsa_restart_ctx ) );
if( ctx != NULL )
mbedtls_ecdsa_restart_init( ctx );
return( ctx );
}
static void eckey_rs_free( void *ctx )
{
mbedtls_ecdsa_restart_free( ctx );
mbedtls_free( ctx );
}
#endif /* MBEDTLS_ECP_RESTARTABLE */
const mbedtls_pk_info_t mbedtls_eckey_info = { const mbedtls_pk_info_t mbedtls_eckey_info = {
MBEDTLS_PK_ECKEY, MBEDTLS_PK_ECKEY,
"EC", "EC",
@ -426,6 +448,10 @@ const mbedtls_pk_info_t mbedtls_eckey_info = {
eckey_check_pair, eckey_check_pair,
eckey_alloc_wrap, eckey_alloc_wrap,
eckey_free_wrap, eckey_free_wrap,
#if defined(MBEDTLS_ECP_RESTARTABLE)
eckey_rs_alloc,
eckey_rs_free,
#endif
eckey_debug, eckey_debug,
}; };
@ -454,6 +480,10 @@ const mbedtls_pk_info_t mbedtls_eckeydh_info = {
eckey_check_pair, eckey_check_pair,
eckey_alloc_wrap, /* Same underlying key structure */ eckey_alloc_wrap, /* Same underlying key structure */
eckey_free_wrap, /* Same underlying key structure */ eckey_free_wrap, /* Same underlying key structure */
#if defined(MBEDTLS_ECP_RESTARTABLE)
NULL,
NULL,
#endif
eckey_debug, /* Same underlying key structure */ eckey_debug, /* Same underlying key structure */
}; };
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
@ -555,6 +585,10 @@ const mbedtls_pk_info_t mbedtls_ecdsa_info = {
eckey_check_pair, /* Compatible key structures */ eckey_check_pair, /* Compatible key structures */
ecdsa_alloc_wrap, ecdsa_alloc_wrap,
ecdsa_free_wrap, ecdsa_free_wrap,
#if defined(MBEDTLS_ECP_RESTARTABLE)
eckey_rs_alloc,
eckey_rs_free,
#endif
eckey_debug, /* Compatible key structures */ eckey_debug, /* Compatible key structures */
}; };
#endif /* MBEDTLS_ECDSA_C */ #endif /* MBEDTLS_ECDSA_C */
@ -677,6 +711,10 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
#endif #endif
rsa_alt_alloc_wrap, rsa_alt_alloc_wrap,
rsa_alt_free_wrap, rsa_alt_free_wrap,
#if defined(MBEDTLS_ECP_RESTARTABLE)
NULL,
NULL,
#endif
NULL, NULL,
}; };