Skip to content

Commit 97061a0

Browse files
haydenroche5haydenroche5
committed
Add macro guard for RSA X9.31 padding, on by default.
1 parent 64ead2c commit 97061a0

File tree

5 files changed

+52
-3
lines changed

5 files changed

+52
-3
lines changed

configure.ac

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -482,6 +482,18 @@ then
482482
AM_CFLAGS="$AM_CFLAGS -DWE_HAVE_RSA"
483483
fi
484484

485+
# RSA X9.31 padding
486+
AC_ARG_ENABLE([rsa-x931],
487+
[AS_HELP_STRING([--enable-rsa-x931],[Enable X9.31 padding for RSA signatures (default: enabled)])],
488+
[ ENABLED_RSA_X931=$enableval ],
489+
[ ENABLED_RSA_X931=yes ]
490+
)
491+
492+
if test "$ENABLED_RSA" = "yes" && test "$ENABLED_RSA_X931" = "yes"
493+
then
494+
AM_CFLAGS="$AM_CFLAGS -DWE_HAVE_RSA_X931"
495+
fi
496+
485497
# DH
486498
AC_ARG_ENABLE([dh],
487499
[AS_HELP_STRING([--enable-dh],[Enable Diffie-Hellman (DH) (default: enabled)])],
@@ -739,6 +751,7 @@ echo " * TLS1 PRF: $ENABLED_TLS1_PRF"
739751
echo " * HKDF: $ENABLED_HKDF"
740752
echo " * Random: $ENABLED_RAND"
741753
echo " * RSA: $ENABLED_RSA"
754+
echo " * RSA X9.31 padding: $ENABLED_RSA_X931"
742755
echo " * DH: $ENABLED_DH"
743756
echo " * AES-GCM: $ENABLED_AESGCM"
744757
echo " * AES-CBC: $ENABLED_AESCBC"

src/we_rsa.c

Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -219,6 +219,7 @@ static int we_pss_salt_len_to_wc(int saltLen, const EVP_MD *md, RsaKey *key,
219219
return saltLen;
220220
}
221221

222+
#ifdef WE_HAVE_RSA_X931
222223
/**
223224
* Add X9.31 padding to the input buffer, placing the result in the output
224225
* buffer.
@@ -426,6 +427,7 @@ static int we_rsa_add_x931_hash_code(const EVP_MD* md, unsigned char** to,
426427

427428
return ret;
428429
}
430+
#endif /* WE_HAVE_RSA_X931 */
429431

430432
/**
431433
* Set the public key in a we_Rsa structure.
@@ -1015,11 +1017,13 @@ static int we_rsa_priv_enc_int(size_t fromLen, const unsigned char *from,
10151017
WC_RNG *rng = we_rng;
10161018
#endif
10171019
char errBuff[WOLFENGINE_MAX_LOG_WIDTH];
1020+
#ifdef WE_HAVE_RSA_X931
10181021
unsigned char* padded = NULL;
10191022
int paddedSz;
10201023
mp_int toMp;
10211024
mp_int nMinusTo;
10221025
int rc;
1026+
#endif
10231027

10241028
WOLFENGINE_ENTER(WE_LOG_PK, "we_rsa_priv_enc_int");
10251029
WOLFENGINE_MSG_VERBOSE(WE_LOG_PK, "ARGS [fromLen = %zu, from = %p, "
@@ -1081,6 +1085,7 @@ static int we_rsa_priv_enc_int(size_t fromLen, const unsigned char *from,
10811085
}
10821086
}
10831087
break;
1088+
#ifdef WE_HAVE_RSA_X931
10841089
case RSA_X931_PADDING:
10851090
WOLFENGINE_MSG(WE_LOG_PK, "padMode: RSA_X931_PADDING");
10861091
paddedSz = wc_RsaEncryptSize(&rsa->key);
@@ -1154,8 +1159,8 @@ static int we_rsa_priv_enc_int(size_t fromLen, const unsigned char *from,
11541159
mp_free(&nMinusTo);
11551160
}
11561161
}
1157-
11581162
break;
1163+
#endif /* WE_HAVE_RSA_X931 */
11591164
default:
11601165
/* Unsupported padding mode for RSA private encryption. */
11611166
WOLFENGINE_ERROR_MSG(WE_LOG_PK,
@@ -1279,10 +1284,12 @@ static int we_rsa_pub_dec_int(size_t fromLen, const unsigned char *from,
12791284
WC_RNG *rng = we_rng;
12801285
#endif
12811286
char errBuff[WOLFENGINE_MAX_LOG_WIDTH];
1287+
#ifdef WE_HAVE_RSA_X931
12821288
unsigned char* unpadded = NULL;
12831289
mp_int toMp;
12841290
mp_int nMinusTo;
12851291
int rc;
1292+
#endif
12861293

12871294
WOLFENGINE_ENTER(WE_LOG_PK, "we_rsa_pub_dec_int");
12881295
WOLFENGINE_MSG_VERBOSE(WE_LOG_PK, "ARGS [fromLen = %zu, from = %p, "
@@ -1357,6 +1364,7 @@ static int we_rsa_pub_dec_int(size_t fromLen, const unsigned char *from,
13571364
}
13581365
}
13591366
break;
1367+
#ifdef WE_HAVE_RSA_X931
13601368
case RSA_X931_PADDING:
13611369
WOLFENGINE_MSG(WE_LOG_PK, "padMode: RSA_X931_PADDING");
13621370
ret = wc_RsaDirect((byte*)from, (unsigned int)fromLen, to,
@@ -1424,6 +1432,7 @@ static int we_rsa_pub_dec_int(size_t fromLen, const unsigned char *from,
14241432
}
14251433
}
14261434
break;
1435+
#endif /* WE_HAVE_RSA_X931 */
14271436
default:
14281437
/* Unsupported padding mode for RSA public decryption. */
14291438
XSNPRINTF(errBuff, sizeof(errBuff), "Unknown padding mode: %d",
@@ -2008,8 +2017,11 @@ static int we_rsa_pkey_ctrl(EVP_PKEY_CTX *ctx, int type, int num, void *ptr)
20082017
if (num != RSA_PKCS1_PADDING &&
20092018
num != RSA_PKCS1_PSS_PADDING &&
20102019
num != RSA_PKCS1_OAEP_PADDING &&
2011-
num != RSA_NO_PADDING &&
2012-
num != RSA_X931_PADDING)
2020+
num != RSA_NO_PADDING
2021+
#ifdef WE_HAVE_RSA_X931
2022+
&& num != RSA_X931_PADDING
2023+
#endif
2024+
)
20132025
{
20142026
WOLFENGINE_ERROR_MSG(WE_LOG_PK,
20152027
"Unsupported RSA padding mode.");
@@ -2298,9 +2310,11 @@ static int we_rsa_pkey_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
22982310
else if (XSTRNCMP(value, "pss", 4) == 0) {
22992311
rsa->padMode = RSA_PKCS1_PSS_PADDING;
23002312
}
2313+
#ifdef WE_HAVE_RSA_X931
23012314
else if (XSTRNCMP(value, "x931", 5) == 0) {
23022315
rsa->padMode = RSA_X931_PADDING;
23032316
}
2317+
#endif
23042318
else {
23052319
ret = 0;
23062320
}
@@ -2568,6 +2582,7 @@ static int we_rsa_pkey_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
25682582
}
25692583
}
25702584
if (ret == 1) {
2585+
#ifdef WE_HAVE_RSA_X931
25712586
if (rsa->padMode == RSA_X931_PADDING) {
25722587
if (rsa->md == NULL) {
25732588
WOLFENGINE_ERROR_MSG(WE_LOG_PK, "No digest specified for "
@@ -2588,6 +2603,7 @@ static int we_rsa_pkey_sign(EVP_PKEY_CTX *ctx, unsigned char *sig,
25882603
}
25892604
}
25902605
}
2606+
#endif
25912607
/* Pad and private encrypt. */
25922608
actualSigLen = we_rsa_priv_enc_int(tbsLen, tbs, *sigLen, sig, rsa);
25932609
if (actualSigLen == -1) {
@@ -2637,9 +2653,11 @@ static int we_rsa_pkey_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
26372653
unsigned char *encodedDigest = NULL;
26382654
int encodedDigestLen = 0;
26392655
int keySize = 0;
2656+
#ifdef WE_HAVE_RSA_X931
26402657
int nid;
26412658
unsigned char hashCode;
26422659
char errBuff[WOLFENGINE_MAX_LOG_WIDTH];
2660+
#endif
26432661

26442662
WOLFENGINE_ENTER(WE_LOG_PK, "we_rsa_pkey_verify");
26452663
WOLFENGINE_MSG_VERBOSE(WE_LOG_PK, "ARGS [ctx = %p, sig = %p, sigLen = %zu, "
@@ -2744,6 +2762,7 @@ static int we_rsa_pkey_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
27442762
tbsLen = encodedDigestLen;
27452763
}
27462764
}
2765+
#ifdef WE_HAVE_RSA_X931
27472766
if (ret == 1 && rsa->padMode == RSA_X931_PADDING) {
27482767
if (rsa->md == NULL) {
27492768
WOLFENGINE_ERROR_MSG(WE_LOG_PK, "No digest specified for "
@@ -2778,6 +2797,7 @@ static int we_rsa_pkey_verify(EVP_PKEY_CTX *ctx, const unsigned char *sig,
27782797
}
27792798
}
27802799
}
2800+
#endif
27812801
if ((ret == 1) && (tbsLen != (size_t)rc)) {
27822802
WOLFENGINE_ERROR_MSG(WE_LOG_PK, "Encoding different size");
27832803
ret = 0;

test/test_rsa.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -384,9 +384,17 @@ static int test_rsa_direct(ENGINE *e, const unsigned char *der, size_t derLen,
384384
int inBufLen;
385385
} TestVector;
386386
#if defined(_MSC_VER) || defined(__MINGW32__) || defined(__CYGWIN__) || defined(_WIN32_WCE)
387+
#ifdef WE_HAVE_RSA_X931
387388
#define numTestVectors 4
388389
#else
390+
#define numTestVectors 3
391+
#endif /* WE_HAVE_RSA_X931 */
392+
#else
393+
#ifdef WE_HAVE_RSA_X931
389394
const int numTestVectors = 4;
395+
#else
396+
const int numTestVectors = 3;
397+
#endif /* WE_HAVE_RSA_X931 */
390398
#endif
391399
TestVector testVectors[numTestVectors];
392400
int i = 0;
@@ -433,10 +441,12 @@ static int test_rsa_direct(ENGINE *e, const unsigned char *der, size_t derLen,
433441
testVectors[2].padName = "RSA_NO_PADDING";
434442
testVectors[2].inBuf = noPaddingBuf;
435443
testVectors[2].inBufLen = rsaSize;
444+
#ifdef WE_HAVE_RSA_X931
436445
testVectors[3].padding = RSA_X931_PADDING;
437446
testVectors[3].padName = "RSA_X931_PADDING";
438447
testVectors[3].inBuf = buf;
439448
testVectors[3].inBufLen = sizeof(buf);
449+
#endif
440450
}
441451

442452
for (; err == 0 && i < numTestVectors; ++i) {
@@ -948,12 +958,14 @@ int test_rsa_sign_verify_pss(ENGINE *e, void *data)
948958
return err;
949959
}
950960

961+
#ifdef WE_HAVE_RSA_X931
951962
int test_rsa_sign_verify_x931(ENGINE *e, void *data)
952963
{
953964
(void)data;
954965

955966
return test_rsa_sign_verify_pad(e, RSA_X931_PADDING, NULL, NULL);
956967
}
968+
#endif /* WE_HAVE_RSA_X931 */
957969

958970
static int test_rsa_enc_dec(ENGINE *e, const unsigned char *der, size_t derLen,
959971
int padMode, const EVP_MD *rsaMd,

test/unit.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -174,7 +174,9 @@ TEST_CASE test_case[] = {
174174
#ifdef WE_HAVE_RSA
175175
TEST_DECL(test_rsa_sign_sha1, NULL),
176176
TEST_DECL(test_rsa_sign_verify_pkcs1, NULL),
177+
#ifdef WE_HAVE_RSA_X931
177178
TEST_DECL(test_rsa_sign_verify_x931, NULL),
179+
#endif /* WE_HAVE_RSA_X931 */
178180
TEST_DECL(test_rsa_sign_verify_no_pad, NULL),
179181
TEST_DECL(test_rsa_sign_verify_pss, NULL),
180182
TEST_DECL(test_rsa_enc_dec_pkcs1, NULL),

test/unit.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -228,7 +228,9 @@ int test_pkey_dec_rsa(EVP_PKEY *pkey, ENGINE *e, unsigned char *msg, size_t msgL
228228
const EVP_MD *rsaMd, const EVP_MD *rsaMgf1Md);
229229
int test_rsa_sign_sha1(ENGINE *e, void *data);
230230
int test_rsa_sign_verify_pkcs1(ENGINE *e, void *data);
231+
#ifdef WE_HAVE_RSA_X931
231232
int test_rsa_sign_verify_x931(ENGINE *e, void *data);
233+
#endif /* WE_HAVE_RSA_X931 */
232234
int test_rsa_sign_verify_no_pad(ENGINE *e, void *data);
233235
int test_rsa_sign_verify_pss(ENGINE *e, void *data);
234236
int test_rsa_enc_dec_pkcs1(ENGINE *e, void *data);

0 commit comments

Comments
 (0)