move rng setup to bind_wc_ecc_init and add der import export functions to the bindings

previously only x963 format public keys were supported, now der public and private keys can be exported with the bindings

Author: John Bland

addon/wolfcrypt/ecc.cpp

@@ -51,9 +51,10 @@ Napi::Number bind_wc_ecc_init(const Napi::CallbackInfo& info)
   Napi::Env env = info.Env();
   ecc_key* ecc = (ecc_key*)( info[0].As<Napi::Uint8Array>().Data() );
 
-  ecc->rng = NULL;
   ret = wc_ecc_init( ecc );
 
+  ecc->rng = wc_rng_new( NULL, 0, NULL );
+
   return Napi::Number::New( env, ret );
 }
 
@@ -64,8 +65,6 @@ Napi::Number bind_wc_ecc_make_key(const Napi::CallbackInfo& info)
   int key_size = info[0].As<Napi::Number>().Int32Value();
   ecc_key* ecc = (ecc_key*)( info[1].As<Napi::Uint8Array>().Data() );
 
-  ecc->rng = wc_rng_new( NULL, 0, NULL );
-
   ret = wc_ecc_make_key( ecc->rng, key_size, ecc );
 
   return Napi::Number::New( env, ret );
@@ -113,6 +112,84 @@ Napi::Number bind_wc_ecc_import_x963(const Napi::CallbackInfo& info)
   return Napi::Number::New( env, ret );
 }
 
+Napi::Number bind_wc_EccKeyDerSize(const Napi::CallbackInfo& info)
+{
+  Napi::Env env = info.Env();
+  int ret;
+  ecc_key* ecc = (ecc_key*)( info[0].As<Napi::Uint8Array>().Data() );
+  int pub = info[1].As<Napi::Number>().Int32Value();
+
+  ret = wc_EccKeyDerSize( ecc, pub );
+
+  return Napi::Number::New( env, ret );
+}
+
+Napi::Number bind_wc_EccPublicKeyDerSize(const Napi::CallbackInfo& info)
+{
+  Napi::Env env = info.Env();
+  int ret;
+  ecc_key* ecc = (ecc_key*)( info[0].As<Napi::Uint8Array>().Data() );
+
+  ret = wc_EccPublicKeyDerSize( ecc, 1 );
+
+  return Napi::Number::New( env, ret );
+}
+
+Napi::Number bind_wc_EccPublicKeyToDer(const Napi::CallbackInfo& info)
+{
+  Napi::Env env = info.Env();
+  int ret;
+  ecc_key* ecc = (ecc_key*)( info[0].As<Napi::Uint8Array>().Data() );
+  uint8_t* out = (uint8_t*)( info[1].As<Napi::Uint8Array>().Data() );
+  unsigned int out_len = info[2].As<Napi::Number>().Int32Value();
+
+  ret = wc_EccPublicKeyToDer( ecc, out, out_len, 1 );
+  //ret = wc_EccPublicKeyToDer( ecc, out, out_len, 0 );
+
+  return Napi::Number::New( env, ret );
+}
+
+Napi::Number bind_wc_EccPublicKeyDecode(const Napi::CallbackInfo& info)
+{
+  Napi::Env env = info.Env();
+  int ret;
+  uint8_t* in = (uint8_t*)( info[0].As<Napi::Uint8Array>().Data() );
+  ecc_key* ecc = (ecc_key*)( info[1].As<Napi::Uint8Array>().Data() );
+  unsigned int in_len = info[2].As<Napi::Number>().Int32Value();
+  unsigned int idx = 0;
+
+  ret = wc_EccPublicKeyDecode( in, &idx, ecc, in_len );
+
+  return Napi::Number::New( env, ret );
+}
+
+Napi::Number bind_wc_EccPrivateKeyToDer(const Napi::CallbackInfo& info)
+{
+  Napi::Env env = info.Env();
+  int ret;
+  ecc_key* ecc = (ecc_key*)( info[0].As<Napi::Uint8Array>().Data() );
+  uint8_t* out = (uint8_t*)( info[1].As<Napi::Uint8Array>().Data() );
+  unsigned int out_len = info[2].As<Napi::Number>().Int32Value();
+
+  ret = wc_EccPrivateKeyToDer( ecc, out, out_len );
+
+  return Napi::Number::New( env, ret );
+}
+
+Napi::Number bind_wc_EccPrivateKeyDecode(const Napi::CallbackInfo& info)
+{
+  Napi::Env env = info.Env();
+  int ret;
+  uint8_t* in = (uint8_t*)( info[0].As<Napi::Uint8Array>().Data() );
+  ecc_key* ecc = (ecc_key*)( info[1].As<Napi::Uint8Array>().Data() );
+  unsigned int in_len = info[2].As<Napi::Number>().Int32Value();
+  unsigned int idx = 0;
+
+  ret = wc_EccPrivateKeyDecode( in, &idx, ecc, in_len );
+
+  return Napi::Number::New( env, ret );
+}
+
 Napi::Number bind_wc_ecc_set_curve(const Napi::CallbackInfo& info)
 {
   Napi::Env env = info.Env();
@@ -160,18 +237,13 @@ Napi::Number bind_wc_ecc_sign_hash(const Napi::CallbackInfo& info)
 {
   Napi::Env env = info.Env();
   int ret;
-  WC_RNG rng;
   uint8_t* in = (uint8_t*)( info[0].As<Napi::Uint8Array>().Data() );
   int in_len = info[1].As<Napi::Number>().Int32Value();
   uint8_t* out = (uint8_t*)( info[2].As<Napi::Uint8Array>().Data() );
   unsigned int out_len = info[3].As<Napi::Number>().Int32Value();
   ecc_key* ecc = (ecc_key*)( info[4].As<Napi::Uint8Array>().Data() );
 
-  ret = wc_InitRng( &rng );
-  if (ret == 0)
-  {
-    ret = wc_ecc_sign_hash( in, in_len, out, &out_len, &rng, ecc );
-  }
+  ret = wc_ecc_sign_hash( in, in_len, out, &out_len, ecc->rng, ecc );
 
   if ( ret < 0 )
   {

addon/wolfcrypt/h/ecc.h

@@ -22,6 +22,7 @@
 #include "wolfssl/options.h"
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/asn.h>
 
 Napi::Number sizeof_ecc_key(const Napi::CallbackInfo& info);
 Napi::Number sizeof_ecc_point(const Napi::CallbackInfo& info);
@@ -31,6 +32,12 @@ Napi::Number bind_wc_ecc_make_key(const Napi::CallbackInfo& info);
 Napi::Number sizeof_ecc_x963(const Napi::CallbackInfo& info);
 Napi::Number bind_wc_ecc_export_x963(const Napi::CallbackInfo& info);
 Napi::Number bind_wc_ecc_import_x963(const Napi::CallbackInfo& info);
+Napi::Number bind_wc_EccKeyDerSize(const Napi::CallbackInfo& info);
+Napi::Number bind_wc_EccPublicKeyToDer(const Napi::CallbackInfo& info);
+Napi::Number bind_wc_EccPublicKeyDecode(const Napi::CallbackInfo& info);
+Napi::Number bind_wc_EccPublicKeyDerSize(const Napi::CallbackInfo& info);
+Napi::Number bind_wc_EccPrivateKeyToDer(const Napi::CallbackInfo& info);
+Napi::Number bind_wc_EccPrivateKeyDecode(const Napi::CallbackInfo& info);
 Napi::Number bind_wc_ecc_set_curve(const Napi::CallbackInfo& info);
 Napi::Number bind_wc_ecc_shared_secret(const Napi::CallbackInfo& info);
 Napi::Number bind_wc_ecc_sig_size(const Napi::CallbackInfo& info);

addon/wolfcrypt/main.cpp

@@ -106,6 +106,12 @@ Napi::Object Init(Napi::Env env, Napi::Object exports)
   exports.Set(Napi::String::New(env, "sizeof_ecc_x963"), Napi::Function::New(env, sizeof_ecc_x963));
   exports.Set(Napi::String::New(env, "wc_ecc_export_x963"), Napi::Function::New(env, bind_wc_ecc_export_x963));
   exports.Set(Napi::String::New(env, "wc_ecc_import_x963"), Napi::Function::New(env, bind_wc_ecc_import_x963));
+  exports.Set(Napi::String::New(env, "wc_EccKeyDerSize"), Napi::Function::New(env, bind_wc_EccKeyDerSize));
+  exports.Set(Napi::String::New(env, "wc_EccPublicKeyToDer"), Napi::Function::New(env, bind_wc_EccPublicKeyToDer));
+  exports.Set(Napi::String::New(env, "wc_EccPublicKeyDecode"), Napi::Function::New(env, bind_wc_EccPublicKeyDecode));
+  exports.Set(Napi::String::New(env, "wc_EccPublicKeyDerSize"), Napi::Function::New(env, bind_wc_EccPublicKeyDerSize));
+  exports.Set(Napi::String::New(env, "wc_EccPrivateKeyToDer"), Napi::Function::New(env, bind_wc_EccPrivateKeyToDer));
+  exports.Set(Napi::String::New(env, "wc_EccPrivateKeyDecode"), Napi::Function::New(env, bind_wc_EccPrivateKeyDecode));
   exports.Set(Napi::String::New(env, "wc_ecc_set_curve"), Napi::Function::New(env, bind_wc_ecc_set_curve));
   exports.Set(Napi::String::New(env, "wc_ecc_shared_secret"), Napi::Function::New(env, bind_wc_ecc_shared_secret));
   exports.Set(Napi::String::New(env, "wc_ecc_sig_size"), Napi::Function::New(env, bind_wc_ecc_sig_size));

interfaces/ecc.js

@@ -91,6 +91,84 @@ class WolfSSLEcc
     }
   }
 
+  PublicKeyToDer()
+  {
+    if ( this.ecc == null )
+    {
+      throw 'Ecc not allocated'
+    }
+
+    let derBuf = Buffer.alloc( wolfcrypt.wc_EccPublicKeyDerSize( this.ecc ) )
+
+    let ret = wolfcrypt.wc_EccPublicKeyToDer( this.ecc, derBuf, derBuf.length )
+
+    if ( ret <= 0 )
+    {
+      throw `Failed to wc_EccPublicKeyToDer ${ ret }`
+    }
+
+    return derBuf
+  }
+
+  PublicKeyDecode( derBuf )
+  {
+    if ( this.ecc == null )
+    {
+      throw 'Ecc not allocated'
+    }
+
+    if ( !Buffer.isBuffer( derBuf ) )
+    {
+      throw 'Public key der must be a Buffer'
+    }
+
+    let ret = wolfcrypt.wc_EccPublicKeyDecode( derBuf, this.ecc, derBuf.length )
+
+    if ( ret != 0 )
+    {
+      throw `Failed to wc_EccPublicKeyDecode ${ ret }`
+    }
+  }
+
+  PrivateKeyToDer()
+  {
+    if ( this.ecc == null )
+    {
+      throw 'Ecc not allocated'
+    }
+
+    let derBuf = Buffer.alloc( wolfcrypt.wc_EccKeyDerSize( this.ecc, 0 ) )
+
+    let ret = wolfcrypt.wc_EccPrivateKeyToDer( this.ecc, derBuf, derBuf.length )
+
+    if ( ret <= 0 )
+    {
+      throw `Failed to wc_EccPrivateKeyToDer ${ ret }`
+    }
+
+    return derBuf
+  }
+
+  PrivateKeyDecode( derBuf )
+  {
+    if ( this.ecc == null )
+    {
+      throw 'Ecc not allocated'
+    }
+
+    if ( !Buffer.isBuffer( derBuf ) )
+    {
+      throw 'Private key der must be a Buffer'
+    }
+
+    let ret = wolfcrypt.wc_EccPrivateKeyDecode( derBuf, this.ecc, derBuf.length )
+
+    if ( ret != 0 )
+    {
+      throw `Failed to wc_EccPrivateKeyDecode ${ ret }`
+    }
+  }
+
   set_curve( keySize, curveId )
   {
     if ( this.ecc == null )

tests/ecc.js

@@ -104,8 +104,7 @@ const ecc_tests =
     ecc0.free()
   },
 
-  // Validate Industries
-  importExport: function()
+  importExportx963: function()
   {
     let ecc0 = new WolfSSLEcc()
     let ecc1 = new WolfSSLEcc()
@@ -130,6 +129,41 @@ const ecc_tests =
     ecc0.free()
     ecc1.free()
   },
+
+  importExportDer: function()
+  {
+    let ecc0 = new WolfSSLEcc()
+    let ecc1 = new WolfSSLEcc()
+    let ecc2 = new WolfSSLEcc()
+
+    ecc0.make_key( 32 )
+
+    const sigBefore = ecc0.sign_hash( message )
+
+    let privKeyDer = ecc0.PrivateKeyToDer()
+    let pubKeyDer = ecc0.PublicKeyToDer()
+
+    ecc0.free()
+
+    ecc0 = new WolfSSLEcc()
+
+    ecc1.PrivateKeyDecode( privKeyDer )
+    ecc2.PublicKeyDecode( pubKeyDer )
+
+    const sigAfter = ecc1.sign_hash( message )
+
+    if ( ecc2.verify_hash( sigBefore, message ) == true && ecc2.verify_hash( sigAfter, message ) )
+    {
+      console.log( 'PASS ecc importExport' )
+    }
+    else
+    {
+      console.log( 'FAIL ecc importExport public' )
+    }
+
+    ecc1.free()
+    ecc2.free()
+  }
 }
 
 module.exports = ecc_tests