From 8352476972cbf2b942d1afdbce157b7a659717ef Mon Sep 17 00:00:00 2001 From: Patrick Wildt Date: Wed, 5 Jul 2017 11:26:04 +0200 Subject: BearSSL: implement PR feedback and compare ECGroup OID name This commit implements the feedback from @securitykernel on the PR and also changes the EC Group comparison to use the OID, akin to OpenSSL. The EC Group comparison was needed before GH #1093 was merged, but now we can go use the OpenSSL variant. --- src/lib/prov/bearssl/bearssl.h | 1 + src/lib/prov/bearssl/bearssl_ec.cpp | 39 ++++++++++++++++++++++++----------- src/lib/prov/bearssl/bearssl_hash.cpp | 1 + 3 files changed, 29 insertions(+), 12 deletions(-) (limited to 'src/lib/prov') diff --git a/src/lib/prov/bearssl/bearssl.h b/src/lib/prov/bearssl/bearssl.h index 9188770c3..1ba7d2dc6 100644 --- a/src/lib/prov/bearssl/bearssl.h +++ b/src/lib/prov/bearssl/bearssl.h @@ -1,6 +1,7 @@ /* * Utils for calling BearSSL * (C) 2015,2016 Jack Lloyd +* (C) 2017 Patrick Wildt * * Botan is released under the Simplified BSD License (see license.txt) */ diff --git a/src/lib/prov/bearssl/bearssl_ec.cpp b/src/lib/prov/bearssl/bearssl_ec.cpp index c62d78437..e689f34a7 100644 --- a/src/lib/prov/bearssl/bearssl_ec.cpp +++ b/src/lib/prov/bearssl/bearssl_ec.cpp @@ -1,10 +1,12 @@ /* * ECDSA via BearSSL * (C) 2015,2016 Jack Lloyd +* (C) 2017 Patrick Wildt * * Botan is released under the Simplified BSD License (see license.txt) */ +#include #include #include #include @@ -31,13 +33,18 @@ namespace Botan { namespace { -int BearSSL_EC_curve_for(const EC_Group& group) +int BearSSL_EC_curve_for(const OID& oid) { - if(group == EC_Group("secp256r1")) + if(oid.empty()) + return -1; + + const std::string name = OIDS::lookup(oid); + + if(name == "secp256r1") return BR_EC_secp256r1; - if(group == EC_Group("secp384r1")) + if(name == "secp384r1") return BR_EC_secp384r1; - if(group == EC_Group("secp521r1")) + if(name == "secp521r1") return BR_EC_secp521r1; return -1; @@ -56,13 +63,13 @@ const br_hash_class *BearSSL_hash_class_for(const std::string& emsa) if (emsa == "EMSA1(SHA-512)") return &br_sha512_vtable; - return NULL; + return nullptr; } } #endif -#if defined(BOTAN_HAS_ECDSA) && !defined(OPENSSL_NO_ECDSA) +#if defined(BOTAN_HAS_ECDSA) namespace { @@ -72,7 +79,7 @@ class BearSSL_ECDSA_Verification_Operation : public PK_Ops::Verification BearSSL_ECDSA_Verification_Operation(const ECDSA_PublicKey& ecdsa, const std::string& emsa) : m_order_bits(ecdsa.domain().get_order().bits()) { - const int curve = BearSSL_EC_curve_for(ecdsa.domain()); + const int curve = BearSSL_EC_curve_for(ecdsa.domain().get_oid()); if (curve < 0) throw Lookup_Error("BearSSL ECDSA does not support this curve"); @@ -88,7 +95,7 @@ class BearSSL_ECDSA_Verification_Operation : public PK_Ops::Verification const secure_vector enc = EC2OSP(ecdsa.public_point(), PointGFp::UNCOMPRESSED); m_key.qlen = enc.size(); m_key.q = new uint8_t[m_key.qlen]; - memcpy(m_key.q, (unsigned char *)enc.data(), m_key.qlen); + memcpy(m_key.q, enc.data(), m_key.qlen); m_key.curve = curve; } @@ -113,6 +120,11 @@ class BearSSL_ECDSA_Verification_Operation : public PK_Ops::Verification size_t max_input_bits() const { return m_order_bits; } + ~BearSSL_ECDSA_Verification_Operation() + { + delete m_key.q; + } + private: br_ec_public_key m_key; std::unique_ptr m_hf; @@ -126,7 +138,7 @@ class BearSSL_ECDSA_Signing_Operation : public PK_Ops::Signature BearSSL_ECDSA_Signing_Operation(const ECDSA_PrivateKey& ecdsa, const std::string& emsa) : m_order_bits(ecdsa.domain().get_order().bits()) { - const int curve = BearSSL_EC_curve_for(ecdsa.domain()); + const int curve = BearSSL_EC_curve_for(ecdsa.domain().get_oid()); if(curve < 0) throw Lookup_Error("BearSSL ECDSA does not support this curve"); @@ -145,7 +157,6 @@ class BearSSL_ECDSA_Signing_Operation : public PK_Ops::Signature m_key.curve = curve; } - void update(const uint8_t msg[], size_t msg_len) override { m_hf->update(msg, msg_len); @@ -155,10 +166,9 @@ class BearSSL_ECDSA_Signing_Operation : public PK_Ops::Signature { const size_t order_bytes = (m_order_bits + 7) / 8; secure_vector sigval(2*order_bytes); - size_t sign_len; br_ecdsa_sign engine = br_ecdsa_sign_raw_get_default(); - sign_len = engine(&br_ec_prime_i31, m_hash, m_hf->final().data(), &m_key, sigval.data()); + size_t sign_len = engine(&br_ec_prime_i31, m_hash, m_hf->final().data(), &m_key, sigval.data()); if (sign_len == 0) throw BearSSL_Error("br_ecdsa_sign"); @@ -168,6 +178,11 @@ class BearSSL_ECDSA_Signing_Operation : public PK_Ops::Signature size_t max_input_bits() const { return m_order_bits; } + ~BearSSL_ECDSA_Signing_Operation() + { + delete m_key.x; + } + private: br_ec_private_key m_key; std::unique_ptr m_hf; diff --git a/src/lib/prov/bearssl/bearssl_hash.cpp b/src/lib/prov/bearssl/bearssl_hash.cpp index af63e05c3..9620d6d70 100644 --- a/src/lib/prov/bearssl/bearssl_hash.cpp +++ b/src/lib/prov/bearssl/bearssl_hash.cpp @@ -1,6 +1,7 @@ /* * BearSSL Hash Functions * (C) 1999-2007,2015 Jack Lloyd +* (C) 2017 Patrick Wildt * * Botan is released under the Simplified BSD License (see license.txt) */ -- cgit v1.2.3