Skip to content

Commit c0a67af

Browse files
dgarskedgarske
authored
Merge pull request #62 from ColtonWilley/wp_fix_rsa_match
Fix asymmetric key matching for RSA/ECC
2 parents aad3272 + 77c1a7d commit c0a67af

File tree

3 files changed

+45
-21
lines changed

3 files changed

+45
-21
lines changed

IDE/XCODE/build-wolfssl-framework.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ SDK_OUTPUT_DIR=${OUTDIR}/xcframework
2929
CFLAGS_COMMON=""
3030
CPPFLAGS_COMMON=""
3131
# Base configure flags
32-
CONF_OPTS="--disable-shared --enable-static"
32+
CONF_OPTS="--disable-shared --enable-static --enable-armasm=no"
3333

3434
helpFunction()
3535
{

src/wp_ecc_kmgmt.c

Lines changed: 25 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -856,6 +856,7 @@ static int wp_ecc_has(const wp_Ecc* ecc, int selection)
856856
static int wp_ecc_match(wp_Ecc* ecc1, wp_Ecc* ecc2, int selection)
857857
{
858858
int ok = 1;
859+
int checked = 0;
859860

860861
if (!wolfssl_prov_is_running()) {
861862
ok = 0;
@@ -864,20 +865,30 @@ static int wp_ecc_match(wp_Ecc* ecc1, wp_Ecc* ecc2, int selection)
864865
(ecc1->key.dp->id != ecc2->key.dp->id)) {
865866
ok = 0;
866867
}
867-
if (ok && ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) &&
868-
#if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) && LIBWOLFSSL_VERSION_HEX >= 0x05006002
869-
(mp_cmp(wc_ecc_key_get_priv(&ecc1->key),
870-
wc_ecc_key_get_priv(&ecc2->key)) != MP_EQ)
871-
#else
872-
(mp_cmp(&(ecc1->key.k), &(ecc2->key.k)) != MP_EQ)
873-
#endif
874-
) {
875-
ok = 0;
876-
}
877-
if (ok && ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) &&
878-
(wc_ecc_cmp_point((ecc_point*)&ecc1->key.pubkey,
879-
(ecc_point*)&ecc2->key.pubkey) != MP_EQ)) {
880-
ok = 0;
868+
if (ok && ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)) {
869+
if (ok && ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)) {
870+
if (wc_ecc_cmp_point((ecc_point*)&ecc1->key.pubkey,
871+
(ecc_point*)&ecc2->key.pubkey) != MP_EQ) {
872+
ok = 0;
873+
} else {
874+
checked = 1;
875+
}
876+
}
877+
if (ok && checked == 0 &&
878+
((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)) {
879+
#if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) && LIBWOLFSSL_VERSION_HEX >= 0x05006002
880+
if (mp_cmp(wc_ecc_key_get_priv(&ecc1->key),
881+
wc_ecc_key_get_priv(&ecc2->key)) != MP_EQ)
882+
#else
883+
if (mp_cmp(&(ecc1->key.k), &(ecc2->key.k)) != MP_EQ)
884+
#endif
885+
{
886+
ok = 0;
887+
} else {
888+
checked = 1;
889+
}
890+
}
891+
ok = ok && checked;
881892
}
882893

883894
WOLFPROV_LEAVE(WP_LOG_PK, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok);

src/wp_rsa_kmgmt.c

Lines changed: 19 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -887,16 +887,29 @@ static int wp_rsa_has(const wp_Rsa* rsa, int selection)
887887
static int wp_rsa_match(const wp_Rsa* rsa1, const wp_Rsa* rsa2, int selection)
888888
{
889889
int ok = 1;
890+
int checked = 0;
890891

891-
if (mp_cmp((mp_int*)&rsa1->key.n, (mp_int*)&rsa2->key.n) != MP_EQ) {
892-
ok = 0;
893-
}
894892
if (ok && mp_cmp((mp_int*)&rsa1->key.e, (mp_int*)&rsa2->key.e) != MP_EQ) {
895893
ok = 0;
896894
}
897-
if (ok && (((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) &&
898-
(mp_cmp((mp_int*)&rsa1->key.d, (mp_int*)&rsa2->key.d) != MP_EQ))) {
899-
ok = 0;
895+
if (ok && (((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0))) {
896+
if (ok && (((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0))) {
897+
if (mp_cmp((mp_int*)&rsa1->key.n, (mp_int*)&rsa2->key.n) != MP_EQ) {
898+
ok = 0;
899+
}
900+
else {
901+
checked = 1;
902+
}
903+
}
904+
if (ok && checked == 0 &&
905+
(((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))) {
906+
if (mp_cmp((mp_int*)&rsa1->key.d, (mp_int*)&rsa2->key.d) != MP_EQ) {
907+
ok = 0;
908+
} else {
909+
checked = 1;
910+
}
911+
}
912+
ok = ok && checked;
900913
}
901914

902915
WOLFPROV_LEAVE(WP_LOG_PK, __FILE__ ":" WOLFPROV_STRINGIZE(__LINE__), ok);

0 commit comments

Comments
 (0)