developer | f2e3f56 | 2022-12-26 19:41:22 +0800 | [diff] [blame^] | 1 | From 21ce83b4ae2b9563175fdb4fc4312096cc399cf8 Mon Sep 17 00:00:00 2001 |
| 2 | From: David Bauer <mail@david-bauer.net> |
| 3 | Date: Wed, 5 May 2021 00:44:34 +0200 |
| 4 | Subject: [PATCH] wolfssl: add RNG to EC key |
| 5 | |
| 6 | Since upstream commit 6467de5a8840 ("Randomize z ordinates in |
| 7 | scalar mult when timing resistant") WolfSSL requires a RNG for |
| 8 | the EC key when built hardened which is the default. |
| 9 | |
| 10 | Set the RNG for the EC key to fix connections for OWE clients. |
| 11 | |
| 12 | Signed-off-by: David Bauer <mail@david-bauer.net> |
| 13 | --- |
| 14 | src/crypto/crypto_wolfssl.c | 4 ++++ |
| 15 | 1 file changed, 4 insertions(+) |
| 16 | |
| 17 | --- a/src/crypto/crypto_wolfssl.c |
| 18 | +++ b/src/crypto/crypto_wolfssl.c |
| 19 | @@ -1340,6 +1340,7 @@ int ecc_projective_add_point(ecc_point * |
| 20 | |
| 21 | struct crypto_ec { |
| 22 | ecc_key key; |
| 23 | + WC_RNG rng; |
| 24 | mp_int a; |
| 25 | mp_int prime; |
| 26 | mp_int order; |
| 27 | @@ -1394,6 +1395,8 @@ struct crypto_ec * crypto_ec_init(int gr |
| 28 | return NULL; |
| 29 | |
| 30 | if (wc_ecc_init(&e->key) != 0 || |
| 31 | + wc_InitRng(&e->rng) != 0 || |
| 32 | + wc_ecc_set_rng(&e->key, &e->rng) != 0 || |
| 33 | wc_ecc_set_curve(&e->key, 0, curve_id) != 0 || |
| 34 | mp_init(&e->a) != MP_OKAY || |
| 35 | mp_init(&e->prime) != MP_OKAY || |
| 36 | @@ -1425,6 +1428,7 @@ void crypto_ec_deinit(struct crypto_ec* |
| 37 | mp_clear(&e->order); |
| 38 | mp_clear(&e->prime); |
| 39 | mp_clear(&e->a); |
| 40 | + wc_FreeRng(&e->rng); |
| 41 | wc_ecc_free(&e->key); |
| 42 | os_free(e); |
| 43 | } |