[164] | 1 | /* rsa.c
|
---|
| 2 | *
|
---|
| 3 | * Copyright (C) 2006-2015 wolfSSL Inc.
|
---|
| 4 | *
|
---|
| 5 | * This file is part of wolfSSL. (formerly known as CyaSSL)
|
---|
| 6 | *
|
---|
| 7 | * wolfSSL is free software; you can redistribute it and/or modify
|
---|
| 8 | * it under the terms of the GNU General Public License as published by
|
---|
| 9 | * the Free Software Foundation; either version 2 of the License, or
|
---|
| 10 | * (at your option) any later version.
|
---|
| 11 | *
|
---|
| 12 | * wolfSSL is distributed in the hope that it will be useful,
|
---|
| 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 15 | * GNU General Public License for more details.
|
---|
| 16 | *
|
---|
| 17 | * You should have received a copy of the GNU General Public License
|
---|
| 18 | * along with this program; if not, write to the Free Software
|
---|
| 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
| 20 | */
|
---|
| 21 |
|
---|
| 22 | #ifdef HAVE_CONFIG_H
|
---|
| 23 | #include <config.h>
|
---|
| 24 | #endif
|
---|
| 25 |
|
---|
| 26 | #include <wolfssl/wolfcrypt/settings.h>
|
---|
| 27 |
|
---|
| 28 | #ifndef NO_RSA
|
---|
| 29 |
|
---|
| 30 | #include <wolfssl/wolfcrypt/rsa.h>
|
---|
| 31 |
|
---|
| 32 | #ifdef HAVE_FIPS
|
---|
| 33 | int wc_InitRsaKey(RsaKey* key, void* ptr)
|
---|
| 34 | {
|
---|
| 35 | return InitRsaKey_fips(key, ptr);
|
---|
| 36 | }
|
---|
| 37 |
|
---|
| 38 |
|
---|
| 39 | int wc_FreeRsaKey(RsaKey* key)
|
---|
| 40 | {
|
---|
| 41 | return FreeRsaKey_fips(key);
|
---|
| 42 | }
|
---|
| 43 |
|
---|
| 44 |
|
---|
| 45 | int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
|
---|
| 46 | word32 outLen, RsaKey* key, WC_RNG* rng)
|
---|
| 47 | {
|
---|
| 48 | return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
|
---|
| 49 | }
|
---|
| 50 |
|
---|
| 51 |
|
---|
| 52 | int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
|
---|
| 53 | RsaKey* key)
|
---|
| 54 | {
|
---|
| 55 | return RsaPrivateDecryptInline_fips(in, inLen, out, key);
|
---|
| 56 | }
|
---|
| 57 |
|
---|
| 58 |
|
---|
| 59 | int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
|
---|
| 60 | word32 outLen, RsaKey* key)
|
---|
| 61 | {
|
---|
| 62 | return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key);
|
---|
| 63 | }
|
---|
| 64 |
|
---|
| 65 |
|
---|
| 66 | int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
|
---|
| 67 | word32 outLen, RsaKey* key, WC_RNG* rng)
|
---|
| 68 | {
|
---|
| 69 | return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
|
---|
| 70 | }
|
---|
| 71 |
|
---|
| 72 |
|
---|
| 73 | int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
|
---|
| 74 | {
|
---|
| 75 | return RsaSSL_VerifyInline_fips(in, inLen, out, key);
|
---|
| 76 | }
|
---|
| 77 |
|
---|
| 78 |
|
---|
| 79 | int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
|
---|
| 80 | word32 outLen, RsaKey* key)
|
---|
| 81 | {
|
---|
| 82 | return RsaSSL_Verify_fips(in, inLen, out, outLen, key);
|
---|
| 83 | }
|
---|
| 84 |
|
---|
| 85 |
|
---|
| 86 | int wc_RsaEncryptSize(RsaKey* key)
|
---|
| 87 | {
|
---|
| 88 | return RsaEncryptSize_fips(key);
|
---|
| 89 | }
|
---|
| 90 |
|
---|
| 91 |
|
---|
| 92 | int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
|
---|
| 93 | word32* bSz)
|
---|
| 94 | {
|
---|
| 95 | /* not specified as fips so not needing _fips */
|
---|
| 96 | return RsaFlattenPublicKey(key, a, aSz, b, bSz);
|
---|
| 97 | }
|
---|
| 98 | #ifdef WOLFSSL_KEY_GEN
|
---|
| 99 | int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
---|
| 100 | {
|
---|
| 101 | return MakeRsaKey(key, size, e, rng);
|
---|
| 102 | }
|
---|
| 103 | #endif
|
---|
| 104 |
|
---|
| 105 |
|
---|
| 106 | #ifdef HAVE_CAVIUM
|
---|
| 107 | int wc_RsaInitCavium(RsaKey* key, int i)
|
---|
| 108 | {
|
---|
| 109 | return RsaInitCavium(key, i);
|
---|
| 110 | }
|
---|
| 111 |
|
---|
| 112 |
|
---|
| 113 | void wc_RsaFreeCavium(RsaKey* key)
|
---|
| 114 | {
|
---|
| 115 | RsaFreeCavium(key);
|
---|
| 116 | }
|
---|
| 117 | #endif
|
---|
| 118 |
|
---|
| 119 | /* these are functions in asn and are routed to wolfssl/wolfcrypt/asn.c
|
---|
| 120 | * wc_RsaPrivateKeyDecode
|
---|
| 121 | * wc_RsaPublicKeyDecode
|
---|
| 122 | */
|
---|
| 123 |
|
---|
| 124 | #else /* else build without fips */
|
---|
| 125 | #include <wolfssl/wolfcrypt/random.h>
|
---|
| 126 | #include <wolfssl/wolfcrypt/error-crypt.h>
|
---|
| 127 | #include <wolfssl/wolfcrypt/logging.h>
|
---|
| 128 | #ifdef NO_INLINE
|
---|
| 129 | #include <wolfssl/wolfcrypt/misc.h>
|
---|
| 130 | #else
|
---|
| 131 | #include <wolfcrypt/src/misc.c>
|
---|
| 132 | #endif
|
---|
| 133 |
|
---|
| 134 | #ifdef HAVE_CAVIUM
|
---|
| 135 | static int InitCaviumRsaKey(RsaKey* key, void* heap);
|
---|
| 136 | static int FreeCaviumRsaKey(RsaKey* key);
|
---|
| 137 | static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
|
---|
| 138 | word32 outLen, RsaKey* key);
|
---|
| 139 | static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
|
---|
| 140 | word32 outLen, RsaKey* key);
|
---|
| 141 | static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
|
---|
| 142 | word32 outLen, RsaKey* key);
|
---|
| 143 | static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
|
---|
| 144 | word32 outLen, RsaKey* key);
|
---|
| 145 | #endif
|
---|
| 146 |
|
---|
| 147 | enum {
|
---|
| 148 | RSA_PUBLIC_ENCRYPT = 0,
|
---|
| 149 | RSA_PUBLIC_DECRYPT = 1,
|
---|
| 150 | RSA_PRIVATE_ENCRYPT = 2,
|
---|
| 151 | RSA_PRIVATE_DECRYPT = 3,
|
---|
| 152 |
|
---|
| 153 | RSA_BLOCK_TYPE_1 = 1,
|
---|
| 154 | RSA_BLOCK_TYPE_2 = 2,
|
---|
| 155 |
|
---|
| 156 | RSA_MIN_SIZE = 512,
|
---|
| 157 | RSA_MAX_SIZE = 4096,
|
---|
| 158 |
|
---|
| 159 | RSA_MIN_PAD_SZ = 11 /* seperator + 0 + pad value + 8 pads */
|
---|
| 160 | };
|
---|
| 161 |
|
---|
| 162 |
|
---|
| 163 | int wc_InitRsaKey(RsaKey* key, void* heap)
|
---|
| 164 | {
|
---|
| 165 | #ifdef HAVE_CAVIUM
|
---|
| 166 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
|
---|
| 167 | return InitCaviumRsaKey(key, heap);
|
---|
| 168 | #endif
|
---|
| 169 |
|
---|
| 170 | key->type = -1; /* haven't decided yet */
|
---|
| 171 | key->heap = heap;
|
---|
| 172 |
|
---|
| 173 | /* TomsFastMath doesn't use memory allocation */
|
---|
| 174 | #ifndef USE_FAST_MATH
|
---|
| 175 | key->n.dp = key->e.dp = 0; /* public alloc parts */
|
---|
| 176 |
|
---|
| 177 | key->d.dp = key->p.dp = 0; /* private alloc parts */
|
---|
| 178 | key->q.dp = key->dP.dp = 0;
|
---|
| 179 | key->u.dp = key->dQ.dp = 0;
|
---|
| 180 | #else
|
---|
| 181 | mp_init(&key->n);
|
---|
| 182 | mp_init(&key->e);
|
---|
| 183 | mp_init(&key->d);
|
---|
| 184 | mp_init(&key->p);
|
---|
| 185 | mp_init(&key->q);
|
---|
| 186 | mp_init(&key->dP);
|
---|
| 187 | mp_init(&key->dQ);
|
---|
| 188 | mp_init(&key->u);
|
---|
| 189 | #endif
|
---|
| 190 |
|
---|
| 191 | return 0;
|
---|
| 192 | }
|
---|
| 193 |
|
---|
| 194 |
|
---|
| 195 | int wc_FreeRsaKey(RsaKey* key)
|
---|
| 196 | {
|
---|
| 197 | (void)key;
|
---|
| 198 |
|
---|
| 199 | #ifdef HAVE_CAVIUM
|
---|
| 200 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
|
---|
| 201 | return FreeCaviumRsaKey(key);
|
---|
| 202 | #endif
|
---|
| 203 |
|
---|
| 204 | /* TomsFastMath doesn't use memory allocation */
|
---|
| 205 | #ifndef USE_FAST_MATH
|
---|
| 206 | if (key->type == RSA_PRIVATE) {
|
---|
| 207 | mp_clear(&key->u);
|
---|
| 208 | mp_clear(&key->dQ);
|
---|
| 209 | mp_clear(&key->dP);
|
---|
| 210 | mp_clear(&key->q);
|
---|
| 211 | mp_clear(&key->p);
|
---|
| 212 | mp_clear(&key->d);
|
---|
| 213 | }
|
---|
| 214 | mp_clear(&key->e);
|
---|
| 215 | mp_clear(&key->n);
|
---|
| 216 | #endif
|
---|
| 217 |
|
---|
| 218 | return 0;
|
---|
| 219 | }
|
---|
| 220 |
|
---|
| 221 | static int wc_RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock,
|
---|
| 222 | word32 pkcsBlockLen, byte padValue, WC_RNG* rng)
|
---|
| 223 | {
|
---|
| 224 | if (inputLen == 0)
|
---|
| 225 | return 0;
|
---|
| 226 |
|
---|
| 227 | pkcsBlock[0] = 0x0; /* set first byte to zero and advance */
|
---|
| 228 | pkcsBlock++; pkcsBlockLen--;
|
---|
| 229 | pkcsBlock[0] = padValue; /* insert padValue */
|
---|
| 230 |
|
---|
| 231 | if (padValue == RSA_BLOCK_TYPE_1)
|
---|
| 232 | /* pad with 0xff bytes */
|
---|
| 233 | XMEMSET(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2);
|
---|
| 234 | else {
|
---|
| 235 | /* pad with non-zero random bytes */
|
---|
| 236 | word32 padLen = pkcsBlockLen - inputLen - 1, i;
|
---|
| 237 | int ret = wc_RNG_GenerateBlock(rng, &pkcsBlock[1], padLen);
|
---|
| 238 |
|
---|
| 239 | if (ret != 0)
|
---|
| 240 | return ret;
|
---|
| 241 |
|
---|
| 242 | /* remove zeros */
|
---|
| 243 | for (i = 1; i < padLen; i++)
|
---|
| 244 | if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01;
|
---|
| 245 | }
|
---|
| 246 |
|
---|
| 247 | pkcsBlock[pkcsBlockLen-inputLen-1] = 0; /* separator */
|
---|
| 248 | XMEMCPY(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
|
---|
| 249 |
|
---|
| 250 | return 0;
|
---|
| 251 | }
|
---|
| 252 |
|
---|
| 253 |
|
---|
| 254 | /* UnPad plaintext, set start to *output, return length of plaintext,
|
---|
| 255 | * < 0 on error */
|
---|
| 256 | static int RsaUnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
|
---|
| 257 | byte **output, byte padValue)
|
---|
| 258 | {
|
---|
| 259 | word32 maxOutputLen = (pkcsBlockLen > 10) ? (pkcsBlockLen - 10) : 0,
|
---|
| 260 | invalid = 0,
|
---|
| 261 | i = 1,
|
---|
| 262 | outputLen;
|
---|
| 263 |
|
---|
| 264 | if (pkcsBlock[0] != 0x0) /* skip past zero */
|
---|
| 265 | invalid = 1;
|
---|
| 266 | pkcsBlock++; pkcsBlockLen--;
|
---|
| 267 |
|
---|
| 268 | /* Require block type padValue */
|
---|
| 269 | invalid = (pkcsBlock[0] != padValue) || invalid;
|
---|
| 270 |
|
---|
| 271 | /* verify the padding until we find the separator */
|
---|
| 272 | if (padValue == RSA_BLOCK_TYPE_1) {
|
---|
| 273 | while (i<pkcsBlockLen && pkcsBlock[i++] == 0xFF) {/* Null body */}
|
---|
| 274 | }
|
---|
| 275 | else {
|
---|
| 276 | while (i<pkcsBlockLen && pkcsBlock[i++]) {/* Null body */}
|
---|
| 277 | }
|
---|
| 278 |
|
---|
| 279 | if(!(i==pkcsBlockLen || pkcsBlock[i-1]==0)) {
|
---|
| 280 | WOLFSSL_MSG("RsaUnPad error, bad formatting");
|
---|
| 281 | return RSA_PAD_E;
|
---|
| 282 | }
|
---|
| 283 |
|
---|
| 284 | outputLen = pkcsBlockLen - i;
|
---|
| 285 | invalid = (outputLen > maxOutputLen) || invalid;
|
---|
| 286 |
|
---|
| 287 | if (invalid) {
|
---|
| 288 | WOLFSSL_MSG("RsaUnPad error, bad formatting");
|
---|
| 289 | return RSA_PAD_E;
|
---|
| 290 | }
|
---|
| 291 |
|
---|
| 292 | *output = (byte *)(pkcsBlock + i);
|
---|
| 293 | return outputLen;
|
---|
| 294 | }
|
---|
| 295 |
|
---|
| 296 |
|
---|
| 297 | static int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
|
---|
| 298 | word32* outLen, int type, RsaKey* key)
|
---|
| 299 | {
|
---|
| 300 | #define ERROR_OUT(x) { ret = (x); goto done;}
|
---|
| 301 |
|
---|
| 302 | mp_int tmp;
|
---|
| 303 | int ret = 0;
|
---|
| 304 | word32 keyLen, len;
|
---|
| 305 |
|
---|
| 306 | if (mp_init(&tmp) != MP_OKAY)
|
---|
| 307 | return MP_INIT_E;
|
---|
| 308 |
|
---|
| 309 | if (mp_read_unsigned_bin(&tmp, (byte*)in, inLen) != MP_OKAY)
|
---|
| 310 | ERROR_OUT(MP_READ_E);
|
---|
| 311 |
|
---|
| 312 | if (type == RSA_PRIVATE_DECRYPT || type == RSA_PRIVATE_ENCRYPT) {
|
---|
| 313 | #ifdef RSA_LOW_MEM /* half as much memory but twice as slow */
|
---|
| 314 | if (mp_exptmod(&tmp, &key->d, &key->n, &tmp) != MP_OKAY)
|
---|
| 315 | ERROR_OUT(MP_EXPTMOD_E);
|
---|
| 316 | #else
|
---|
| 317 | #define INNER_ERROR_OUT(x) { ret = (x); goto inner_done; }
|
---|
| 318 |
|
---|
| 319 | mp_int tmpa, tmpb;
|
---|
| 320 |
|
---|
| 321 | if (mp_init(&tmpa) != MP_OKAY)
|
---|
| 322 | ERROR_OUT(MP_INIT_E);
|
---|
| 323 |
|
---|
| 324 | if (mp_init(&tmpb) != MP_OKAY) {
|
---|
| 325 | mp_clear(&tmpa);
|
---|
| 326 | ERROR_OUT(MP_INIT_E);
|
---|
| 327 | }
|
---|
| 328 |
|
---|
| 329 | /* tmpa = tmp^dP mod p */
|
---|
| 330 | if (mp_exptmod(&tmp, &key->dP, &key->p, &tmpa) != MP_OKAY)
|
---|
| 331 | INNER_ERROR_OUT(MP_EXPTMOD_E);
|
---|
| 332 |
|
---|
| 333 | /* tmpb = tmp^dQ mod q */
|
---|
| 334 | if (mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb) != MP_OKAY)
|
---|
| 335 | INNER_ERROR_OUT(MP_EXPTMOD_E);
|
---|
| 336 |
|
---|
| 337 | /* tmp = (tmpa - tmpb) * qInv (mod p) */
|
---|
| 338 | if (mp_sub(&tmpa, &tmpb, &tmp) != MP_OKAY)
|
---|
| 339 | INNER_ERROR_OUT(MP_SUB_E);
|
---|
| 340 |
|
---|
| 341 | if (mp_mulmod(&tmp, &key->u, &key->p, &tmp) != MP_OKAY)
|
---|
| 342 | INNER_ERROR_OUT(MP_MULMOD_E);
|
---|
| 343 |
|
---|
| 344 | /* tmp = tmpb + q * tmp */
|
---|
| 345 | if (mp_mul(&tmp, &key->q, &tmp) != MP_OKAY)
|
---|
| 346 | INNER_ERROR_OUT(MP_MUL_E);
|
---|
| 347 |
|
---|
| 348 | if (mp_add(&tmp, &tmpb, &tmp) != MP_OKAY)
|
---|
| 349 | INNER_ERROR_OUT(MP_ADD_E);
|
---|
| 350 |
|
---|
| 351 | inner_done:
|
---|
| 352 | mp_clear(&tmpa);
|
---|
| 353 | mp_clear(&tmpb);
|
---|
| 354 |
|
---|
| 355 | if (ret != 0) return ret;
|
---|
| 356 |
|
---|
| 357 | #endif /* RSA_LOW_MEM */
|
---|
| 358 | }
|
---|
| 359 | else if (type == RSA_PUBLIC_ENCRYPT || type == RSA_PUBLIC_DECRYPT) {
|
---|
| 360 | if (mp_exptmod(&tmp, &key->e, &key->n, &tmp) != MP_OKAY)
|
---|
| 361 | ERROR_OUT(MP_EXPTMOD_E);
|
---|
| 362 | }
|
---|
| 363 | else
|
---|
| 364 | ERROR_OUT(RSA_WRONG_TYPE_E);
|
---|
| 365 |
|
---|
| 366 | keyLen = mp_unsigned_bin_size(&key->n);
|
---|
| 367 | if (keyLen > *outLen)
|
---|
| 368 | ERROR_OUT(RSA_BUFFER_E);
|
---|
| 369 |
|
---|
| 370 | len = mp_unsigned_bin_size(&tmp);
|
---|
| 371 |
|
---|
| 372 | /* pad front w/ zeros to match key length */
|
---|
| 373 | while (len < keyLen) {
|
---|
| 374 | *out++ = 0x00;
|
---|
| 375 | len++;
|
---|
| 376 | }
|
---|
| 377 |
|
---|
| 378 | *outLen = keyLen;
|
---|
| 379 |
|
---|
| 380 | /* convert */
|
---|
| 381 | if (mp_to_unsigned_bin(&tmp, out) != MP_OKAY)
|
---|
| 382 | ERROR_OUT(MP_TO_E);
|
---|
| 383 |
|
---|
| 384 | done:
|
---|
| 385 | mp_clear(&tmp);
|
---|
| 386 | if (ret == MP_EXPTMOD_E) {
|
---|
| 387 | WOLFSSL_MSG("RSA_FUNCTION MP_EXPTMOD_E: memory/config problem");
|
---|
| 388 | }
|
---|
| 389 | return ret;
|
---|
| 390 | }
|
---|
| 391 |
|
---|
| 392 |
|
---|
| 393 | int wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
|
---|
| 394 | RsaKey* key, WC_RNG* rng)
|
---|
| 395 | {
|
---|
| 396 | int sz, ret;
|
---|
| 397 |
|
---|
| 398 | #ifdef HAVE_CAVIUM
|
---|
| 399 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
|
---|
| 400 | return CaviumRsaPublicEncrypt(in, inLen, out, outLen, key);
|
---|
| 401 | #endif
|
---|
| 402 |
|
---|
| 403 | sz = mp_unsigned_bin_size(&key->n);
|
---|
| 404 | if (sz > (int)outLen)
|
---|
| 405 | return RSA_BUFFER_E;
|
---|
| 406 |
|
---|
| 407 | if (inLen > (word32)(sz - RSA_MIN_PAD_SZ))
|
---|
| 408 | return RSA_BUFFER_E;
|
---|
| 409 |
|
---|
| 410 | ret = wc_RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng);
|
---|
| 411 | if (ret != 0)
|
---|
| 412 | return ret;
|
---|
| 413 |
|
---|
| 414 | if ((ret = wc_RsaFunction(out, sz, out, &outLen,
|
---|
| 415 | RSA_PUBLIC_ENCRYPT, key)) < 0)
|
---|
| 416 | sz = ret;
|
---|
| 417 |
|
---|
| 418 | return sz;
|
---|
| 419 | }
|
---|
| 420 |
|
---|
| 421 |
|
---|
| 422 | int wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key)
|
---|
| 423 | {
|
---|
| 424 | int ret;
|
---|
| 425 |
|
---|
| 426 | #ifdef HAVE_CAVIUM
|
---|
| 427 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC) {
|
---|
| 428 | ret = CaviumRsaPrivateDecrypt(in, inLen, in, inLen, key);
|
---|
| 429 | if (ret > 0)
|
---|
| 430 | *out = in;
|
---|
| 431 | return ret;
|
---|
| 432 | }
|
---|
| 433 | #endif
|
---|
| 434 |
|
---|
| 435 | if ((ret = wc_RsaFunction(in, inLen, in, &inLen, RSA_PRIVATE_DECRYPT, key))
|
---|
| 436 | < 0) {
|
---|
| 437 | return ret;
|
---|
| 438 | }
|
---|
| 439 |
|
---|
| 440 | return RsaUnPad(in, inLen, out, RSA_BLOCK_TYPE_2);
|
---|
| 441 | }
|
---|
| 442 |
|
---|
| 443 |
|
---|
| 444 | int wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen,
|
---|
| 445 | RsaKey* key)
|
---|
| 446 | {
|
---|
| 447 | int plainLen;
|
---|
| 448 | byte* tmp;
|
---|
| 449 | byte* pad = 0;
|
---|
| 450 |
|
---|
| 451 | #ifdef HAVE_CAVIUM
|
---|
| 452 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
|
---|
| 453 | return CaviumRsaPrivateDecrypt(in, inLen, out, outLen, key);
|
---|
| 454 | #endif
|
---|
| 455 |
|
---|
| 456 | tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
|
---|
| 457 | if (tmp == NULL) {
|
---|
| 458 | return MEMORY_E;
|
---|
| 459 | }
|
---|
| 460 |
|
---|
| 461 | XMEMCPY(tmp, in, inLen);
|
---|
| 462 |
|
---|
| 463 | if ( (plainLen = wc_RsaPrivateDecryptInline(tmp, inLen, &pad, key) ) < 0) {
|
---|
| 464 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
|
---|
| 465 | return plainLen;
|
---|
| 466 | }
|
---|
| 467 | if (plainLen > (int)outLen)
|
---|
| 468 | plainLen = BAD_FUNC_ARG;
|
---|
| 469 | else
|
---|
| 470 | XMEMCPY(out, pad, plainLen);
|
---|
| 471 |
|
---|
| 472 | ForceZero(tmp, inLen);
|
---|
| 473 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
|
---|
| 474 |
|
---|
| 475 | return plainLen;
|
---|
| 476 | }
|
---|
| 477 |
|
---|
| 478 |
|
---|
| 479 | /* for Rsa Verify */
|
---|
| 480 | int wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
|
---|
| 481 | {
|
---|
| 482 | int ret;
|
---|
| 483 |
|
---|
| 484 | #ifdef HAVE_CAVIUM
|
---|
| 485 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC) {
|
---|
| 486 | ret = CaviumRsaSSL_Verify(in, inLen, in, inLen, key);
|
---|
| 487 | if (ret > 0)
|
---|
| 488 | *out = in;
|
---|
| 489 | return ret;
|
---|
| 490 | }
|
---|
| 491 | #endif
|
---|
| 492 |
|
---|
| 493 | if ((ret = wc_RsaFunction(in, inLen, in, &inLen, RSA_PUBLIC_DECRYPT, key))
|
---|
| 494 | < 0) {
|
---|
| 495 | return ret;
|
---|
| 496 | }
|
---|
| 497 |
|
---|
| 498 | return RsaUnPad(in, inLen, out, RSA_BLOCK_TYPE_1);
|
---|
| 499 | }
|
---|
| 500 |
|
---|
| 501 |
|
---|
| 502 | int wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen,
|
---|
| 503 | RsaKey* key)
|
---|
| 504 | {
|
---|
| 505 | int plainLen;
|
---|
| 506 | byte* tmp;
|
---|
| 507 | byte* pad = 0;
|
---|
| 508 |
|
---|
| 509 | #ifdef HAVE_CAVIUM
|
---|
| 510 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
|
---|
| 511 | return CaviumRsaSSL_Verify(in, inLen, out, outLen, key);
|
---|
| 512 | #endif
|
---|
| 513 |
|
---|
| 514 | tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA);
|
---|
| 515 | if (tmp == NULL) {
|
---|
| 516 | return MEMORY_E;
|
---|
| 517 | }
|
---|
| 518 |
|
---|
| 519 | XMEMCPY(tmp, in, inLen);
|
---|
| 520 |
|
---|
| 521 | if ( (plainLen = wc_RsaSSL_VerifyInline(tmp, inLen, &pad, key) ) < 0) {
|
---|
| 522 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
|
---|
| 523 | return plainLen;
|
---|
| 524 | }
|
---|
| 525 |
|
---|
| 526 | if (plainLen > (int)outLen)
|
---|
| 527 | plainLen = BAD_FUNC_ARG;
|
---|
| 528 | else
|
---|
| 529 | XMEMCPY(out, pad, plainLen);
|
---|
| 530 |
|
---|
| 531 | ForceZero(tmp, inLen);
|
---|
| 532 | XFREE(tmp, key->heap, DYNAMIC_TYPE_RSA);
|
---|
| 533 |
|
---|
| 534 | return plainLen;
|
---|
| 535 | }
|
---|
| 536 |
|
---|
| 537 |
|
---|
| 538 | /* for Rsa Sign */
|
---|
| 539 | int wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen,
|
---|
| 540 | RsaKey* key, WC_RNG* rng)
|
---|
| 541 | {
|
---|
| 542 | int sz, ret;
|
---|
| 543 |
|
---|
| 544 | #ifdef HAVE_CAVIUM
|
---|
| 545 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
|
---|
| 546 | return CaviumRsaSSL_Sign(in, inLen, out, outLen, key);
|
---|
| 547 | #endif
|
---|
| 548 |
|
---|
| 549 | sz = mp_unsigned_bin_size(&key->n);
|
---|
| 550 | if (sz > (int)outLen)
|
---|
| 551 | return RSA_BUFFER_E;
|
---|
| 552 |
|
---|
| 553 | if (inLen > (word32)(sz - RSA_MIN_PAD_SZ))
|
---|
| 554 | return RSA_BUFFER_E;
|
---|
| 555 |
|
---|
| 556 | ret = wc_RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_1, rng);
|
---|
| 557 | if (ret != 0)
|
---|
| 558 | return ret;
|
---|
| 559 |
|
---|
| 560 | if ((ret = wc_RsaFunction(out, sz, out, &outLen,
|
---|
| 561 | RSA_PRIVATE_ENCRYPT,key)) < 0)
|
---|
| 562 | sz = ret;
|
---|
| 563 |
|
---|
| 564 | return sz;
|
---|
| 565 | }
|
---|
| 566 |
|
---|
| 567 |
|
---|
| 568 | int wc_RsaEncryptSize(RsaKey* key)
|
---|
| 569 | {
|
---|
| 570 | #ifdef HAVE_CAVIUM
|
---|
| 571 | if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
|
---|
| 572 | return key->c_nSz;
|
---|
| 573 | #endif
|
---|
| 574 | return mp_unsigned_bin_size(&key->n);
|
---|
| 575 | }
|
---|
| 576 |
|
---|
| 577 | /* flatten RsaKey structure into individual elements (e, n) */
|
---|
| 578 | int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
|
---|
| 579 | word32* nSz)
|
---|
| 580 | {
|
---|
| 581 | int sz, ret;
|
---|
| 582 |
|
---|
| 583 | if (key == NULL || e == NULL || eSz == NULL || n == NULL || nSz == NULL)
|
---|
| 584 | return BAD_FUNC_ARG;
|
---|
| 585 |
|
---|
| 586 | sz = mp_unsigned_bin_size(&key->e);
|
---|
| 587 | if ((word32)sz > *nSz)
|
---|
| 588 | return RSA_BUFFER_E;
|
---|
| 589 | ret = mp_to_unsigned_bin(&key->e, e);
|
---|
| 590 | if (ret != MP_OKAY)
|
---|
| 591 | return ret;
|
---|
| 592 | *eSz = (word32)sz;
|
---|
| 593 |
|
---|
| 594 | sz = mp_unsigned_bin_size(&key->n);
|
---|
| 595 | if ((word32)sz > *nSz)
|
---|
| 596 | return RSA_BUFFER_E;
|
---|
| 597 | ret = mp_to_unsigned_bin(&key->n, n);
|
---|
| 598 | if (ret != MP_OKAY)
|
---|
| 599 | return ret;
|
---|
| 600 | *nSz = (word32)sz;
|
---|
| 601 |
|
---|
| 602 | return 0;
|
---|
| 603 | }
|
---|
| 604 |
|
---|
| 605 | #ifdef WOLFSSL_KEY_GEN
|
---|
| 606 | /* Make an RSA key for size bits, with e specified, 65537 is a good e */
|
---|
| 607 | int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
|
---|
| 608 | {
|
---|
| 609 | mp_int p, q, tmp1, tmp2, tmp3;
|
---|
| 610 | int err;
|
---|
| 611 |
|
---|
| 612 | if (key == NULL || rng == NULL)
|
---|
| 613 | return BAD_FUNC_ARG;
|
---|
| 614 |
|
---|
| 615 | if (size < RSA_MIN_SIZE || size > RSA_MAX_SIZE)
|
---|
| 616 | return BAD_FUNC_ARG;
|
---|
| 617 |
|
---|
| 618 | if (e < 3 || (e & 1) == 0)
|
---|
| 619 | return BAD_FUNC_ARG;
|
---|
| 620 |
|
---|
| 621 | if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY)
|
---|
| 622 | return err;
|
---|
| 623 |
|
---|
| 624 | err = mp_set_int(&tmp3, e);
|
---|
| 625 |
|
---|
| 626 | /* make p */
|
---|
| 627 | if (err == MP_OKAY) {
|
---|
| 628 | do {
|
---|
| 629 | err = mp_rand_prime(&p, size/16, rng, key->heap); /* size in bytes/2 */
|
---|
| 630 |
|
---|
| 631 | if (err == MP_OKAY)
|
---|
| 632 | err = mp_sub_d(&p, 1, &tmp1); /* tmp1 = p-1 */
|
---|
| 633 |
|
---|
| 634 | if (err == MP_OKAY)
|
---|
| 635 | err = mp_gcd(&tmp1, &tmp3, &tmp2); /* tmp2 = gcd(p-1, e) */
|
---|
| 636 | } while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0); /* e divdes p-1 */
|
---|
| 637 | }
|
---|
| 638 |
|
---|
| 639 | /* make q */
|
---|
| 640 | if (err == MP_OKAY) {
|
---|
| 641 | do {
|
---|
| 642 | err = mp_rand_prime(&q, size/16, rng, key->heap); /* size in bytes/2 */
|
---|
| 643 |
|
---|
| 644 | if (err == MP_OKAY)
|
---|
| 645 | err = mp_sub_d(&q, 1, &tmp1); /* tmp1 = q-1 */
|
---|
| 646 |
|
---|
| 647 | if (err == MP_OKAY)
|
---|
| 648 | err = mp_gcd(&tmp1, &tmp3, &tmp2); /* tmp2 = gcd(q-1, e) */
|
---|
| 649 | } while (err == MP_OKAY && mp_cmp_d(&tmp2, 1) != 0); /* e divdes q-1 */
|
---|
| 650 | }
|
---|
| 651 |
|
---|
| 652 | if (err == MP_OKAY)
|
---|
| 653 | err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL);
|
---|
| 654 |
|
---|
| 655 | if (err == MP_OKAY)
|
---|
| 656 | err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL);
|
---|
| 657 |
|
---|
| 658 | if (err == MP_OKAY)
|
---|
| 659 | err = mp_sub_d(&p, 1, &tmp2); /* tmp2 = p-1 */
|
---|
| 660 |
|
---|
| 661 | if (err == MP_OKAY)
|
---|
| 662 | err = mp_lcm(&tmp1, &tmp2, &tmp1); /* tmp1 = lcm(p-1, q-1),last loop */
|
---|
| 663 |
|
---|
| 664 | /* make key */
|
---|
| 665 | if (err == MP_OKAY)
|
---|
| 666 | err = mp_set_int(&key->e, e); /* key->e = e */
|
---|
| 667 |
|
---|
| 668 | if (err == MP_OKAY) /* key->d = 1/e mod lcm(p-1, q-1) */
|
---|
| 669 | err = mp_invmod(&key->e, &tmp1, &key->d);
|
---|
| 670 |
|
---|
| 671 | if (err == MP_OKAY)
|
---|
| 672 | err = mp_mul(&p, &q, &key->n); /* key->n = pq */
|
---|
| 673 |
|
---|
| 674 | if (err == MP_OKAY)
|
---|
| 675 | err = mp_sub_d(&p, 1, &tmp1);
|
---|
| 676 |
|
---|
| 677 | if (err == MP_OKAY)
|
---|
| 678 | err = mp_sub_d(&q, 1, &tmp2);
|
---|
| 679 |
|
---|
| 680 | if (err == MP_OKAY)
|
---|
| 681 | err = mp_mod(&key->d, &tmp1, &key->dP);
|
---|
| 682 |
|
---|
| 683 | if (err == MP_OKAY)
|
---|
| 684 | err = mp_mod(&key->d, &tmp2, &key->dQ);
|
---|
| 685 |
|
---|
| 686 | if (err == MP_OKAY)
|
---|
| 687 | err = mp_invmod(&q, &p, &key->u);
|
---|
| 688 |
|
---|
| 689 | if (err == MP_OKAY)
|
---|
| 690 | err = mp_copy(&p, &key->p);
|
---|
| 691 |
|
---|
| 692 | if (err == MP_OKAY)
|
---|
| 693 | err = mp_copy(&q, &key->q);
|
---|
| 694 |
|
---|
| 695 | if (err == MP_OKAY)
|
---|
| 696 | key->type = RSA_PRIVATE;
|
---|
| 697 |
|
---|
| 698 | mp_clear(&tmp3);
|
---|
| 699 | mp_clear(&tmp2);
|
---|
| 700 | mp_clear(&tmp1);
|
---|
| 701 | mp_clear(&q);
|
---|
| 702 | mp_clear(&p);
|
---|
| 703 |
|
---|
| 704 | if (err != MP_OKAY) {
|
---|
| 705 | wc_FreeRsaKey(key);
|
---|
| 706 | return err;
|
---|
| 707 | }
|
---|
| 708 |
|
---|
| 709 | return 0;
|
---|
| 710 | }
|
---|
| 711 |
|
---|
| 712 |
|
---|
| 713 | #endif /* WOLFSSL_KEY_GEN */
|
---|
| 714 |
|
---|
| 715 |
|
---|
| 716 | #ifdef HAVE_CAVIUM
|
---|
| 717 |
|
---|
| 718 | #include <cyassl/ctaocrypt/logging.h>
|
---|
| 719 | #include "cavium_common.h"
|
---|
| 720 |
|
---|
| 721 | /* Initiliaze RSA for use with Nitrox device */
|
---|
| 722 | int RsaInitCavium(RsaKey* rsa, int devId)
|
---|
| 723 | {
|
---|
| 724 | if (rsa == NULL)
|
---|
| 725 | return -1;
|
---|
| 726 |
|
---|
| 727 | if (CspAllocContext(CONTEXT_SSL, &rsa->contextHandle, devId) != 0)
|
---|
| 728 | return -1;
|
---|
| 729 |
|
---|
| 730 | rsa->devId = devId;
|
---|
| 731 | rsa->magic = WOLFSSL_RSA_CAVIUM_MAGIC;
|
---|
| 732 |
|
---|
| 733 | return 0;
|
---|
| 734 | }
|
---|
| 735 |
|
---|
| 736 |
|
---|
| 737 | /* Free RSA from use with Nitrox device */
|
---|
| 738 | void wc_RsaFreeCavium(RsaKey* rsa)
|
---|
| 739 | {
|
---|
| 740 | if (rsa == NULL)
|
---|
| 741 | return;
|
---|
| 742 |
|
---|
| 743 | CspFreeContext(CONTEXT_SSL, rsa->contextHandle, rsa->devId);
|
---|
| 744 | rsa->magic = 0;
|
---|
| 745 | }
|
---|
| 746 |
|
---|
| 747 |
|
---|
| 748 | /* Initialize cavium RSA key */
|
---|
| 749 | static int InitCaviumRsaKey(RsaKey* key, void* heap)
|
---|
| 750 | {
|
---|
| 751 | if (key == NULL)
|
---|
| 752 | return BAD_FUNC_ARG;
|
---|
| 753 |
|
---|
| 754 | key->heap = heap;
|
---|
| 755 | key->type = -1; /* don't know yet */
|
---|
| 756 |
|
---|
| 757 | key->c_n = NULL;
|
---|
| 758 | key->c_e = NULL;
|
---|
| 759 | key->c_d = NULL;
|
---|
| 760 | key->c_p = NULL;
|
---|
| 761 | key->c_q = NULL;
|
---|
| 762 | key->c_dP = NULL;
|
---|
| 763 | key->c_dQ = NULL;
|
---|
| 764 | key->c_u = NULL;
|
---|
| 765 |
|
---|
| 766 | key->c_nSz = 0;
|
---|
| 767 | key->c_eSz = 0;
|
---|
| 768 | key->c_dSz = 0;
|
---|
| 769 | key->c_pSz = 0;
|
---|
| 770 | key->c_qSz = 0;
|
---|
| 771 | key->c_dP_Sz = 0;
|
---|
| 772 | key->c_dQ_Sz = 0;
|
---|
| 773 | key->c_uSz = 0;
|
---|
| 774 |
|
---|
| 775 | return 0;
|
---|
| 776 | }
|
---|
| 777 |
|
---|
| 778 |
|
---|
| 779 | /* Free cavium RSA key */
|
---|
| 780 | static int FreeCaviumRsaKey(RsaKey* key)
|
---|
| 781 | {
|
---|
| 782 | if (key == NULL)
|
---|
| 783 | return BAD_FUNC_ARG;
|
---|
| 784 |
|
---|
| 785 | XFREE(key->c_n, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 786 | XFREE(key->c_e, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 787 | XFREE(key->c_d, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 788 | XFREE(key->c_p, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 789 | XFREE(key->c_q, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 790 | XFREE(key->c_dP, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 791 | XFREE(key->c_dQ, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 792 | XFREE(key->c_u, key->heap, DYNAMIC_TYPE_CAVIUM_TMP);
|
---|
| 793 |
|
---|
| 794 | return InitCaviumRsaKey(key, key->heap); /* reset pointers */
|
---|
| 795 | }
|
---|
| 796 |
|
---|
| 797 |
|
---|
| 798 | static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
|
---|
| 799 | word32 outLen, RsaKey* key)
|
---|
| 800 | {
|
---|
| 801 | word32 requestId;
|
---|
| 802 | word32 ret;
|
---|
| 803 |
|
---|
| 804 | if (key == NULL || in == NULL || out == NULL || outLen < (word32)key->c_nSz)
|
---|
| 805 | return -1;
|
---|
| 806 |
|
---|
| 807 | ret = CspPkcs1v15Enc(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_eSz,
|
---|
| 808 | (word16)inLen, key->c_n, key->c_e, (byte*)in, out,
|
---|
| 809 | &requestId, key->devId);
|
---|
| 810 | if (ret != 0) {
|
---|
| 811 | WOLFSSL_MSG("Cavium Enc BT2 failed");
|
---|
| 812 | return -1;
|
---|
| 813 | }
|
---|
| 814 | return key->c_nSz;
|
---|
| 815 | }
|
---|
| 816 |
|
---|
| 817 |
|
---|
| 818 | static INLINE void ato16(const byte* c, word16* u16)
|
---|
| 819 | {
|
---|
| 820 | *u16 = (c[0] << 8) | (c[1]);
|
---|
| 821 | }
|
---|
| 822 |
|
---|
| 823 |
|
---|
| 824 | static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
|
---|
| 825 | word32 outLen, RsaKey* key)
|
---|
| 826 | {
|
---|
| 827 | word32 requestId;
|
---|
| 828 | word32 ret;
|
---|
| 829 | word16 outSz = (word16)outLen;
|
---|
| 830 |
|
---|
| 831 | if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
|
---|
| 832 | return -1;
|
---|
| 833 |
|
---|
| 834 | ret = CspPkcs1v15CrtDec(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_q,
|
---|
| 835 | key->c_dQ, key->c_p, key->c_dP, key->c_u,
|
---|
| 836 | (byte*)in, &outSz, out, &requestId, key->devId);
|
---|
| 837 | if (ret != 0) {
|
---|
| 838 | WOLFSSL_MSG("Cavium CRT Dec BT2 failed");
|
---|
| 839 | return -1;
|
---|
| 840 | }
|
---|
| 841 | ato16((const byte*)&outSz, &outSz);
|
---|
| 842 |
|
---|
| 843 | return outSz;
|
---|
| 844 | }
|
---|
| 845 |
|
---|
| 846 |
|
---|
| 847 | static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out,
|
---|
| 848 | word32 outLen, RsaKey* key)
|
---|
| 849 | {
|
---|
| 850 | word32 requestId;
|
---|
| 851 | word32 ret;
|
---|
| 852 |
|
---|
| 853 | if (key == NULL || in == NULL || out == NULL || inLen == 0 || outLen <
|
---|
| 854 | (word32)key->c_nSz)
|
---|
| 855 | return -1;
|
---|
| 856 |
|
---|
| 857 | ret = CspPkcs1v15CrtEnc(CAVIUM_BLOCKING, BT1, key->c_nSz, (word16)inLen,
|
---|
| 858 | key->c_q, key->c_dQ, key->c_p, key->c_dP, key->c_u,
|
---|
| 859 | (byte*)in, out, &requestId, key->devId);
|
---|
| 860 | if (ret != 0) {
|
---|
| 861 | WOLFSSL_MSG("Cavium CRT Enc BT1 failed");
|
---|
| 862 | return -1;
|
---|
| 863 | }
|
---|
| 864 | return key->c_nSz;
|
---|
| 865 | }
|
---|
| 866 |
|
---|
| 867 |
|
---|
| 868 | static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out,
|
---|
| 869 | word32 outLen, RsaKey* key)
|
---|
| 870 | {
|
---|
| 871 | word32 requestId;
|
---|
| 872 | word32 ret;
|
---|
| 873 | word16 outSz = (word16)outLen;
|
---|
| 874 |
|
---|
| 875 | if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz)
|
---|
| 876 | return -1;
|
---|
| 877 |
|
---|
| 878 | ret = CspPkcs1v15Dec(CAVIUM_BLOCKING, BT1, key->c_nSz, key->c_eSz,
|
---|
| 879 | key->c_n, key->c_e, (byte*)in, &outSz, out,
|
---|
| 880 | &requestId, key->devId);
|
---|
| 881 | if (ret != 0) {
|
---|
| 882 | WOLFSSL_MSG("Cavium Dec BT1 failed");
|
---|
| 883 | return -1;
|
---|
| 884 | }
|
---|
| 885 | outSz = ntohs(outSz);
|
---|
| 886 |
|
---|
| 887 | return outSz;
|
---|
| 888 | }
|
---|
| 889 |
|
---|
| 890 |
|
---|
| 891 | #endif /* HAVE_CAVIUM */
|
---|
| 892 |
|
---|
| 893 | #endif /* HAVE_FIPS */
|
---|
| 894 | #endif /* NO_RSA */
|
---|
| 895 |
|
---|