| From 21ce83b4ae2b9563175fdb4fc4312096cc399cf8 Mon Sep 17 00:00:00 2001 |
| From: David Bauer <mail@david-bauer.net> |
| Date: Wed, 5 May 2021 00:44:34 +0200 |
| Subject: [PATCH] wolfssl: add RNG to EC key |
| |
| Since upstream commit 6467de5a8840 ("Randomize z ordinates in |
| scalar mult when timing resistant") WolfSSL requires a RNG for |
| the EC key when built hardened which is the default. |
| |
| Set the RNG for the EC key to fix connections for OWE clients. |
| |
| Signed-off-by: David Bauer <mail@david-bauer.net> |
| --- |
| src/crypto/crypto_wolfssl.c | 4 ++++ |
| 1 file changed, 4 insertions(+) |
| |
| --- a/src/crypto/crypto_wolfssl.c |
| +++ b/src/crypto/crypto_wolfssl.c |
| @@ -1340,6 +1340,7 @@ int ecc_projective_add_point(ecc_point * |
| |
| struct crypto_ec { |
| ecc_key key; |
| + WC_RNG rng; |
| mp_int a; |
| mp_int prime; |
| mp_int order; |
| @@ -1394,6 +1395,8 @@ struct crypto_ec * crypto_ec_init(int gr |
| return NULL; |
| |
| if (wc_ecc_init(&e->key) != 0 || |
| + wc_InitRng(&e->rng) != 0 || |
| + wc_ecc_set_rng(&e->key, &e->rng) != 0 || |
| wc_ecc_set_curve(&e->key, 0, curve_id) != 0 || |
| mp_init(&e->a) != MP_OKAY || |
| mp_init(&e->prime) != MP_OKAY || |
| @@ -1425,6 +1428,7 @@ void crypto_ec_deinit(struct crypto_ec* |
| mp_clear(&e->order); |
| mp_clear(&e->prime); |
| mp_clear(&e->a); |
| + wc_FreeRng(&e->rng); |
| wc_ecc_free(&e->key); |
| os_free(e); |
| } |