Skip to content

Commit

Permalink
Use wolfCrypt SSHv2 KDF
Browse files Browse the repository at this point in the history
1. Switching to use the new SSH-KDF function in wolfCrypt.
2. Add check in configure for wc_SSH_KDF and set a flag if present.

Note: This only works in FIPS builds when Kyber isn't used.
  • Loading branch information
ejohnstown committed Jul 23, 2024
1 parent bbba8ae commit 6db6521
Show file tree
Hide file tree
Showing 3 changed files with 32 additions and 2 deletions.
30 changes: 29 additions & 1 deletion src/internal.c
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/signature.h>
#include <wolfssl/wolfcrypt/kdf.h>

#ifdef WOLFSSH_HAVE_LIBOQS
#include <oqs/kem.h>
Expand Down Expand Up @@ -453,6 +454,9 @@ const char* GetErrorString(int err)
case WS_AUTH_PENDING:
return "userauth is still pending (callback would block)";

case WS_KDF_E:
return "KDF error";

default:
return "Unknown error code";
}
Expand Down Expand Up @@ -2158,6 +2162,28 @@ int GenerateKey(byte hashId, byte keyId,
const byte* h, word32 hSz,
const byte* sessionId, word32 sessionIdSz,
byte doKeyPad)
#if (LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_7_2) && defined(HAVE_FIPS)
/* Cannot use the SSH KDF with Kyber. With Kyber, doKeyPad must be false,
* and the FIPS SSH KDF doesn't know how to do that. Anyway, the Kyber
* isn't in our FIPS boundary at the moment. */
{
int ret = WS_SUCCESS;

if (!doKeyPad) {
WLOG(WS_LOG_ERROR, "cannot use FIPS KDF with Kyber");
ret = WS_INVALID_ALGO_ID;
}
else {
ret = wc_SSH_KDF(hashId, keyId, key, keySz,
k, kSz, h, hSz, sessionId, sessionIdSz);
if (ret != 0) {
WLOG(WS_LOG_ERROR, "SSH KDF failed (%d)", ret);
ret = WS_KDF_E;
}
}
return ret;
}
#else
{
word32 blocks, remainder;
wc_HashAlg hash;
Expand All @@ -2168,12 +2194,13 @@ int GenerateKey(byte hashId, byte keyId,
int digestSz;
int ret;

WLOG(WS_LOG_DEBUG, "Entering GenerateKey()");

if (key == NULL || keySz == 0 ||
k == NULL || kSz == 0 ||
h == NULL || hSz == 0 ||
sessionId == NULL || sessionIdSz == 0) {

WLOG(WS_LOG_DEBUG, "GK: bad argument");
return WS_BAD_ARGUMENT;
}

Expand Down Expand Up @@ -2268,6 +2295,7 @@ int GenerateKey(byte hashId, byte keyId,

return ret;
}
#endif /* HAVE_FIPS && LIBWOLFSSL_VERSION_HEX >= WOLFSSL_V5_7_2 */


static int GenerateKeys(WOLFSSH* ssh, byte hashId, byte doKeyPad)
Expand Down
3 changes: 2 additions & 1 deletion wolfssh/error.h
Original file line number Diff line number Diff line change
Expand Up @@ -135,8 +135,9 @@ enum WS_ErrorCodes {
WS_MSGID_NOT_ALLOWED_E = -1094, /* Message not allowed before userauth */
WS_ED25519_E = -1095, /* Ed25519 failure */
WS_AUTH_PENDING = -1096, /* User authentication still pending */
WS_KDF_E = -1097, /* KDF error*/

WS_LAST_E = -1096 /* Update this to indicate last error */
WS_LAST_E = -1097 /* Update this to indicate last error */
};


Expand Down
1 change: 1 addition & 0 deletions wolfssh/internal.h
Original file line number Diff line number Diff line change
Expand Up @@ -1347,6 +1347,7 @@ enum TerminalModes {


#define WOLFSSL_V5_7_0 0x05007000
#define WOLFSSL_V5_7_2 0x05007002


#ifdef __cplusplus
Expand Down

0 comments on commit 6db6521

Please sign in to comment.