Changeset 464 for azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfssl/wolfcrypt/ecc.h

Timestamp:

Jun 22, 2021, 9:00:19 PM (3 years ago)

Author:

coas-nagasima

Message:

WolfSSLとAzure IoT SDKを更新

Location:

azure_iot_hub_f767zi/trunk/wolfssl-4.7.0

Files:

• . (moved) (moved from azure_iot_hub_f767zi/trunk/wolfssl-4.4.0 )
• wolfssl/wolfcrypt/ecc.h (modified) (22 diffs)

azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfssl/wolfcrypt/ecc.h

@@ -51 +51 @@
 #endif
 
-#ifdef WOLFSSL_ATECC508A
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
     #include <wolfssl/wolfcrypt/port/atmel/atmel.h>
 #endif /* WOLFSSL_ATECC508A */
@@ -58 +58 @@
     #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
 #endif
+
+#ifdef WOLFSSL_SILABS_SE_ACCEL
+    #include <wolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
+#endif
+
+#ifdef WOLFSSL_HAVE_SP_ECC
+    #include <wolfssl/wolfcrypt/sp_int.h>
+#endif
+
 
 #ifdef __cplusplus
@@ -121 +130 @@
     SIG_HEADER_SZ   =  7,   /* ECC signature header size (30 81 87 02 42 [R] 02 42 [S]) */
     ECC_BUFSIZE     = 256,  /* for exported keys temp buffer */
-    ECC_MINSIZE     = 20,   /* MIN Private Key size */
+    ECC_MINSIZE     = ECC_MIN_KEY_SZ/8,   /* MIN Private Key size */
     ECC_MAXSIZE     = 66,   /* MAX Private Key size */
     ECC_MAXSIZE_GEN = 74,   /* MAX Buffer size required when generating ECC keys*/
@@ -128 +137 @@
 
     /* max crypto hardware size */
-#ifdef WOLFSSL_ATECC508A
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
     ECC_MAX_CRYPTO_HW_SIZE = ATECC_KEY_SIZE, /* from port/atmel/atmel.h */
     ECC_MAX_CRYPTO_HW_PUBKEY_SIZE = (ATECC_KEY_SIZE*2),
 #elif defined(PLUTON_CRYPTO_ECC)
+    ECC_MAX_CRYPTO_HW_SIZE = 32,
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
     ECC_MAX_CRYPTO_HW_SIZE = 32,
 #elif defined(WOLFSSL_CRYPTOCELL)
@@ -148 +159 @@
     SHAMIR_PRECOMP_SZ = 16,
 
-#ifdef HAVE_PKCS11
+#ifdef WOLF_CRYPTO_CB
     ECC_MAX_ID_LEN    = 32,
+    ECC_MAX_LABEL_LEN = 32,
 #endif
 };
@@ -204 +216 @@
     ECC_CURVE_CUSTOM,
 #endif
+    ECC_CURVE_MAX
 } ecc_curve_id;
 
@@ -279 +292 @@
  * of the point are pointers that are set to each of a three item array of
  * alt_fp_ints. While an mp_int will have 4096 bits of digit inside the
- * structure, the alt_fp_int will only have 528 bits. A size value was added
- * in the ALT case, as well, and is set by mp_init() and alt_fp_init(). The
- * functions fp_zero() and fp_copy() use the size parameter. An int needs to
- * be initialized before using it instead of just fp_zeroing it, the init will
- * call zero. FP_MAX_BITS_ECC defaults to 528, but can be set to change the
- * number of bits used in the alternate FP_INT.
+ * structure, the alt_fp_int will only have 512 bits for ECC 256-bit and 
+ * 1056-bits for ECC 521-bit. A size value was added in the ALT case, as well, 
+ * and is set by mp_init() and alt_fp_init(). The functions fp_zero() and 
+ * fp_copy() use the size parameter. An int needs to be initialized before 
+ * using it instead of just fp_zeroing it, the init will call zero. The 
+ * FP_MAX_BITS_ECC defaults to calculating based on MAX_ECC_BITS, but 
+ * can be set to change the number of bits used in the alternate FP_INT.
  *
- * Do not enable ALT_ECC_SIZE and disable fast math in the configuration.
+ * The ALT_ECC_SIZE option only applies to stack based fast math USE_FAST_MATH.
  */
 
@@ -295 +309 @@
 /* determine max bits required for ECC math */
 #ifndef FP_MAX_BITS_ECC
-    /* check alignment */
-    #if ((MAX_ECC_BITS * 2) % DIGIT_BIT) == 0
-        /* max bits is double */
-        #define FP_MAX_BITS_ECC     (MAX_ECC_BITS * 2)
-    #else
-        /* max bits is doubled, plus one digit of fudge */
-        #define FP_MAX_BITS_ECC     ((MAX_ECC_BITS * 2) + DIGIT_BIT)
-    #endif
-#else
-    /* verify alignment */
-    #if FP_MAX_BITS_ECC % CHAR_BIT
-       #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
-    #endif
+    /* max bits rounded up by 8 then doubled */
+    /* (ROUND8(MAX_ECC_BITS) * 2) */
+    #define FP_MAX_BITS_ECC (2 * \
+        ((MAX_ECC_BITS + DIGIT_BIT - 1) / DIGIT_BIT) * DIGIT_BIT)
+
+    /* Note: For ECC verify only FP_MAX_BITS_ECC can be reduced to:
+             ROUND8(MAX_ECC_BITS) + ROUND8(DIGIT_BIT) */
+#endif
+
+/* verify alignment */
+#if FP_MAX_BITS_ECC % CHAR_BIT
+    #error FP_MAX_BITS_ECC must be a multiple of CHAR_BIT
 #endif
 
 /* determine buffer size */
-#define FP_SIZE_ECC    (FP_MAX_BITS_ECC/DIGIT_BIT)
+/* Add one to accommodate extra digit used by sp_mul(), sp_mulmod(), sp_sqr(), and sp_sqrmod(). */
+#define FP_SIZE_ECC    ((FP_MAX_BITS_ECC/DIGIT_BIT) + 1)
 
 
@@ -348 +362 @@
 /* ECC Flags */
 enum {
-    WC_ECC_FLAG_NONE = 0x00,
+    WC_ECC_FLAG_NONE     = 0x00,
 #ifdef HAVE_ECC_CDH
     WC_ECC_FLAG_COFACTOR = 0x01,
 #endif
+    WC_ECC_FLAG_DEC_SIGN = 0x02,
 };
+
+/* ECC non-blocking */
+#ifdef WC_ECC_NONBLOCK
+    typedef struct ecc_nb_ctx {
+    #if defined(WOLFSSL_HAVE_SP_ECC) && defined(WOLFSSL_SP_NONBLOCK)
+        sp_ecc_ctx_t sp_ctx;
+    #else
+        /* build configuration not supported */
+        #error ECC non-blocking only supports SP (--enable-sp=nonblock)
+    #endif
+    } ecc_nb_ctx_t;
+#endif /* WC_ECC_NONBLOCK */
+
 
 /* An ECC Key */
@@ -370 +398 @@
     ecc_point pubkey;   /* public key */
     mp_int    k;        /* private key */
-#ifdef WOLFSSL_ATECC508A
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A)
     int  slot;        /* Key Slot Number (-1 unknown) */
     byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
@@ -377 +405 @@
     int devId;
 #endif
+#ifdef WOLFSSL_SILABS_SE_ACCEL
+    sl_se_command_context_t  cmd_ctx;
+    sl_se_key_descriptor_t   key;
+    /* Used for SiLabs "plaintext" with public X, public Y, and
+     * private D concatenated. These are respectively at offset `0`,
+     * offset `keysize`, and offset `2 * keysize`.
+     */
+    byte key_raw[3 * ECC_MAX_CRYPTO_HW_SIZE];
+#endif
+
 #ifdef WOLFSSL_ASYNC_CRYPT
     mp_int* r;          /* sign/verify temps */
@@ -389 +427 @@
     #endif
 #endif /* WOLFSSL_ASYNC_CRYPT */
-#ifdef HAVE_PKCS11
+#ifdef WOLF_CRYPTO_CB
     byte id[ECC_MAX_ID_LEN];
     int  idLen;
+    char label[ECC_MAX_LABEL_LEN];
+    int  labelLen;
 #endif
 #if defined(WOLFSSL_CRYPTOCELL)
@@ -414 +454 @@
     remote_handle64 handle;
 #endif
+#ifdef ECC_TIMING_RESISTANT
+    WC_RNG* rng;
+#endif
+#ifdef WC_ECC_NONBLOCK
+    ecc_nb_ctx_t* nb_ctx;
+#endif
 };
 
@@ -428 +474 @@
 const char* wc_ecc_get_name(int curve_id);
 
-#ifndef WOLFSSL_ATECC508A
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
 
 #ifdef WOLFSSL_PUBLIC_ECC_ADD_DBL
@@ -447 +493 @@
                                      mp_int* modulus, mp_digit mp);
 
+WOLFSSL_LOCAL
+int ecc_projective_add_point_safe(ecc_point* A, ecc_point* B, ecc_point* R,
+    mp_int* a, mp_int* modulus, mp_digit mp, int* infinity);
+WOLFSSL_LOCAL
+int ecc_projective_dbl_point_safe(ecc_point* P, ecc_point* R, mp_int* a,
+                                  mp_int* modulus, mp_digit mp);
+
 #endif
 
@@ -454 +507 @@
 int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
 WOLFSSL_API
+int wc_ecc_make_key_ex2(WC_RNG* rng, int keysize, ecc_key* key, int curve_id,
+                        int flags);
+WOLFSSL_API
 int wc_ecc_make_pub(ecc_key* key, ecc_point* pubOut);
+WOLFSSL_API
+int wc_ecc_make_pub_ex(ecc_key* key, ecc_point* pubOut, WC_RNG* rng);
 WOLFSSL_API
 int wc_ecc_check_key(ecc_key* key);
@@ -473 +531 @@
                              byte* out, word32 *outlen);
 
-#if defined(WOLFSSL_ATECC508A) || defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
+#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
+    defined(PLUTON_CRYPTO_ECC) || defined(WOLFSSL_CRYPTOCELL)
 #define wc_ecc_shared_secret_ssh wc_ecc_shared_secret
 #else
@@ -507 +566 @@
 WOLFSSL_ABI WOLFSSL_API
 int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
-#ifdef HAVE_PKCS11
+#ifdef WOLF_CRYPTO_CB
 WOLFSSL_API
 int wc_ecc_init_id(ecc_key* key, unsigned char* id, int len, void* heap,
                    int devId);
+WOLFSSL_API
+int wc_ecc_init_label(ecc_key* key, const char* label, void* heap, int devId);
 #endif
 #ifdef WOLFSSL_CUSTOM_CURVES
@@ -522 +583 @@
 WOLFSSL_API
 void wc_ecc_fp_free(void);
+WOLFSSL_LOCAL
+void wc_ecc_fp_init(void);
+#ifdef ECC_TIMING_RESISTANT
+WOLFSSL_API
+int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
+#endif
 
 WOLFSSL_API
@@ -569 +636 @@
 WOLFSSL_API
 int wc_ecc_point_is_at_infinity(ecc_point *p);
-
-#ifndef WOLFSSL_ATECC508A
+WOLFSSL_API
+int wc_ecc_point_is_on_curve(ecc_point *p, int curve_idx);
+
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A)
 WOLFSSL_API
 int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
@@ -577 +646 @@
 int wc_ecc_mulmod_ex(mp_int* k, ecc_point *G, ecc_point *R,
                   mp_int* a, mp_int* modulus, int map, void* heap);
+WOLFSSL_LOCAL
+int wc_ecc_mulmod_ex2(mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
+                      mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
+                      void* heap);
 #endif /* !WOLFSSL_ATECC508A */
 
@@ -755 +828 @@
 #endif
 
+#ifdef WC_ECC_NONBLOCK
+    WOLFSSL_API int wc_ecc_set_nonblock(ecc_key *key, ecc_nb_ctx_t* ctx);
+#endif
+
 #ifdef __cplusplus
     }    /* extern "C" */