mirror of
https://github.com/cuberite/polarssl.git
synced 2025-10-30 03:00:21 -04:00
Make RSA_ALT support optionnal
This commit is contained in:
Manuel Pégourié-Gonnard
parent
32076e66be
commit
348bcb3694
@ -46,6 +46,9 @@ Default behavior changes
|
|||||||
* Support for receiving SSLv2 ClientHello is now disabled by default at
|
* Support for receiving SSLv2 ClientHello is now disabled by default at
|
||||||
compile time.
|
compile time.
|
||||||
* The default authmode for SSL/TLS clients is now REQUIRED.
|
* The default authmode for SSL/TLS clients is now REQUIRED.
|
||||||
|
* Support for RSA_ALT contexts in the PK layer is now optional. Since is is
|
||||||
|
enabled in the default configuration, this is only noticeable if using a
|
||||||
|
custom config.h
|
||||||
|
|
||||||
Changes
|
Changes
|
||||||
* Remove test program o_p_test, the script compat.sh does more.
|
* Remove test program o_p_test, the script compat.sh does more.
|
||||||
|
|||||||
@ -768,6 +768,15 @@
|
|||||||
*/
|
*/
|
||||||
//#define POLARSSL_MEMORY_BACKTRACE
|
//#define POLARSSL_MEMORY_BACKTRACE
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \def POLARSSL_PK_RSA_ALT_SUPPORT
|
||||||
|
*
|
||||||
|
* Support external private RSA keys (eg from a HSM) in the PK layer.
|
||||||
|
*
|
||||||
|
* Comment this macro to disable support for external private RSA keys.
|
||||||
|
*/
|
||||||
|
#define POLARSSL_PK_RSA_ALT_SUPPORT
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def POLARSSL_PKCS1_V15
|
* \def POLARSSL_PKCS1_V15
|
||||||
*
|
*
|
||||||
|
|||||||
@ -197,6 +197,7 @@ typedef struct
|
|||||||
void * pk_ctx; /**< Underlying public key context */
|
void * pk_ctx; /**< Underlying public key context */
|
||||||
} pk_context;
|
} pk_context;
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
/**
|
/**
|
||||||
* \brief Types for RSA-alt abstraction
|
* \brief Types for RSA-alt abstraction
|
||||||
*/
|
*/
|
||||||
@ -208,6 +209,7 @@ typedef int (*pk_rsa_alt_sign_func)( void *ctx,
|
|||||||
int mode, md_type_t md_alg, unsigned int hashlen,
|
int mode, md_type_t md_alg, unsigned int hashlen,
|
||||||
const unsigned char *hash, unsigned char *sig );
|
const unsigned char *hash, unsigned char *sig );
|
||||||
typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );
|
typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );
|
||||||
|
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Return information associated with the given PK type
|
* \brief Return information associated with the given PK type
|
||||||
@ -244,6 +246,7 @@ void pk_free( pk_context *ctx );
|
|||||||
*/
|
*/
|
||||||
int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
|
int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
/**
|
/**
|
||||||
* \brief Initialize an RSA-alt context
|
* \brief Initialize an RSA-alt context
|
||||||
*
|
*
|
||||||
@ -262,6 +265,7 @@ int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
|
|||||||
pk_rsa_alt_decrypt_func decrypt_func,
|
pk_rsa_alt_decrypt_func decrypt_func,
|
||||||
pk_rsa_alt_sign_func sign_func,
|
pk_rsa_alt_sign_func sign_func,
|
||||||
pk_rsa_alt_key_len_func key_len_func );
|
pk_rsa_alt_key_len_func key_len_func );
|
||||||
|
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Get the size in bits of the underlying key
|
* \brief Get the size in bits of the underlying key
|
||||||
|
|||||||
@ -33,6 +33,7 @@
|
|||||||
|
|
||||||
#include "pk.h"
|
#include "pk.h"
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
/* Container for RSA-alt */
|
/* Container for RSA-alt */
|
||||||
typedef struct
|
typedef struct
|
||||||
{
|
{
|
||||||
@ -41,6 +42,7 @@ typedef struct
|
|||||||
pk_rsa_alt_sign_func sign_func;
|
pk_rsa_alt_sign_func sign_func;
|
||||||
pk_rsa_alt_key_len_func key_len_func;
|
pk_rsa_alt_key_len_func key_len_func;
|
||||||
} rsa_alt_context;
|
} rsa_alt_context;
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_RSA_C)
|
#if defined(POLARSSL_RSA_C)
|
||||||
extern const pk_info_t rsa_info;
|
extern const pk_info_t rsa_info;
|
||||||
@ -55,6 +57,8 @@ extern const pk_info_t eckeydh_info;
|
|||||||
extern const pk_info_t ecdsa_info;
|
extern const pk_info_t ecdsa_info;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
extern const pk_info_t rsa_alt_info;
|
extern const pk_info_t rsa_alt_info;
|
||||||
|
#endif
|
||||||
|
|
||||||
#endif /* POLARSSL_PK_WRAP_H */
|
#endif /* POLARSSL_PK_WRAP_H */
|
||||||
|
|||||||
@ -112,6 +112,7 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
/*
|
/*
|
||||||
* Initialize an RSA-alt context
|
* Initialize an RSA-alt context
|
||||||
*/
|
*/
|
||||||
@ -140,6 +141,7 @@ int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
|
|||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Tell if a PK can do the operations of the given type
|
* Tell if a PK can do the operations of the given type
|
||||||
|
|||||||
@ -50,10 +50,12 @@
|
|||||||
#define polarssl_free free
|
#define polarssl_free free
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
/* Implementation that should never be optimized out by the compiler */
|
/* Implementation that should never be optimized out by the compiler */
|
||||||
static void polarssl_zeroize( void *v, size_t n ) {
|
static void polarssl_zeroize( void *v, size_t n ) {
|
||||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(POLARSSL_RSA_C)
|
#if defined(POLARSSL_RSA_C)
|
||||||
static int rsa_can_do( pk_type_t type )
|
static int rsa_can_do( pk_type_t type )
|
||||||
@ -377,6 +379,7 @@ const pk_info_t ecdsa_info = {
|
|||||||
};
|
};
|
||||||
#endif /* POLARSSL_ECDSA_C */
|
#endif /* POLARSSL_ECDSA_C */
|
||||||
|
|
||||||
|
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
/*
|
/*
|
||||||
* Support for alternative RSA-private implementations
|
* Support for alternative RSA-private implementations
|
||||||
*/
|
*/
|
||||||
@ -488,4 +491,6 @@ const pk_info_t rsa_alt_info = {
|
|||||||
NULL,
|
NULL,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */
|
||||||
|
|
||||||
#endif /* POLARSSL_PK_C */
|
#endif /* POLARSSL_PK_C */
|
||||||
|
|||||||
@ -98,7 +98,7 @@ void pk_check_pair( char *pub_file, char *prv_file, int ret )
|
|||||||
|
|
||||||
TEST_ASSERT( pk_check_pair( &pub, &prv ) == ret );
|
TEST_ASSERT( pk_check_pair( &pub, &prv ) == ret );
|
||||||
|
|
||||||
#if defined(POLARSSL_RSA_C)
|
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_PK_RSA_ALT_SUPPORT)
|
||||||
if( pk_get_type( &prv ) == POLARSSL_PK_RSA )
|
if( pk_get_type( &prv ) == POLARSSL_PK_RSA )
|
||||||
{
|
{
|
||||||
TEST_ASSERT( pk_init_ctx_rsa_alt( &alt, pk_rsa( prv ),
|
TEST_ASSERT( pk_init_ctx_rsa_alt( &alt, pk_rsa( prv ),
|
||||||
@ -414,7 +414,7 @@ exit:
|
|||||||
}
|
}
|
||||||
/* END_CASE */
|
/* END_CASE */
|
||||||
|
|
||||||
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
|
/* BEGIN_CASE depends_on:POLARSSL_RSA_C:POLARSSL_PK_RSA_ALT_SUPPORT */
|
||||||
void pk_rsa_alt( )
|
void pk_rsa_alt( )
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user