wolfssl: Full support of SHA3 signatures

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
index 83ba4f3807f93e146e808acc98db175d19301992..6b35aa3d9f1adc236e871220bf53bb417fff7114 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
@@ -302,37 +302,55 @@ METHOD(plugin_t, get_features, int,
                /* signature/encryption schemes */
                PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_NULL),
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_NULL),
-#ifdef WC_RSA_PSS
+       #ifdef WC_RSA_PSS
                PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PSS),
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PSS),
-#endif
-#ifndef NO_SHA
+       #endif
+       #ifndef NO_SHA
                PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA1),
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA1),
-#endif
-#ifdef WOLFSSL_SHA224
+       #endif
+       #ifdef WOLFSSL_SHA224
                PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_224),
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_224),
-#endif
-#ifndef NO_SHA256
+       #endif
+       #ifndef NO_SHA256
                PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_256),
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_256),
-#endif
-#ifdef WOLFSSL_SHA384
+       #endif
+       #ifdef WOLFSSL_SHA384
                PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_384),
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_384),
-#endif
-#ifdef WOLFSSL_SHA512
+       #endif
+       #ifdef WOLFSSL_SHA512
                PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA2_512),
                PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA2_512),
-#endif
-#ifndef NO_MD5
-               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_MD5),
-               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_MD5),
-#endif
+       #endif
+       #if defined(WOLFSSL_SHA3) && LIBWOLFSSL_VERSION_HEX >= 0x04007001
+       #ifndef WOLFSSL_NOSHA3_224
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA3_224),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA3_224),
+       #endif
+       #ifndef WOLFSSL_NOSHA3_256
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA3_256),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA3_256),
+       #endif
+       #ifndef WOLFSSL_NOSHA3_384
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA3_384),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA3_384),
+       #endif
+       #ifndef WOLFSSL_NOSHA3_512
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_SHA3_512),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_SHA3_512),
+       #endif
+       #endif /* WOLFSSL_SHA3 */
                PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_PKCS1),
                PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_PKCS1),
-#ifndef WC_NO_RSA_OAEP
+       #ifndef NO_MD5
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_RSA_EMSA_PKCS1_MD5),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_RSA_EMSA_PKCS1_MD5),
+       #endif
+       #ifndef WC_NO_RSA_OAEP
        #ifndef NO_SHA
                PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA1),
                PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA1),
@@ -353,7 +371,7 @@ METHOD(plugin_t, get_features, int,
                PLUGIN_PROVIDE(PUBKEY_ENCRYPT, ENCRYPT_RSA_OAEP_SHA512),
                PLUGIN_PROVIDE(PRIVKEY_DECRYPT, ENCRYPT_RSA_OAEP_SHA512),
        #endif
-#endif /* !WC_NO_RSA_OAEP */
+       #endif /* !WC_NO_RSA_OAEP */
 #endif /* !NO_RSA */
 #ifdef HAVE_ECC
        #ifdef HAVE_ECC_KEY_IMPORT

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c
index 2270b462092e6f6c9edfb854e54745eaa226330a..028d50c1a4be6c6738bd4e891209a0b80fcbb4d2 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_private_key.c
@@ -200,6 +200,26 @@ METHOD(private_key_t, sign, bool,
                        return build_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA512, data,
                                                                                          signature);
 #endif
+#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
+               case SIGN_RSA_EMSA_PKCS1_SHA3_224:
+                       return build_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_224,
+                                                                                         data, signature);
+#endif
+#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
+               case SIGN_RSA_EMSA_PKCS1_SHA3_256:
+                       return build_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_256,
+                                                                                         data, signature);
+#endif
+#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
+               case SIGN_RSA_EMSA_PKCS1_SHA3_384:
+                       return build_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_384,
+                                                                                         data, signature);
+#endif
+#if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
+               case SIGN_RSA_EMSA_PKCS1_SHA3_512:
+                       return build_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_512,
+                                                                                        data, signature);
+#endif
 #ifndef NO_SHA
                case SIGN_RSA_EMSA_PKCS1_SHA1:
                        return build_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA, data,

diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c
index 2824e9a170ea05c3bb5545ac03f4a4405318b820..4a03d40145494c3ba4782a45bf53d2c319ae8c50 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_rsa_public_key.c
@@ -187,6 +187,18 @@ METHOD(public_key_t, verify, bool,
                case SIGN_RSA_EMSA_PKCS1_SHA2_512:
                        return verify_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA512, data,
                                                                                           signature);
+               case SIGN_RSA_EMSA_PKCS1_SHA3_224:
+                       return verify_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_224, data,
+                                                                                          signature);
+               case SIGN_RSA_EMSA_PKCS1_SHA3_256:
+                       return verify_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_256, data,
+                                                                                          signature);
+               case SIGN_RSA_EMSA_PKCS1_SHA3_384:
+                       return verify_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_384, data,
+                                                                                          signature);
+               case SIGN_RSA_EMSA_PKCS1_SHA3_512:
+                       return verify_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA3_512, data,
+                                                                                          signature);
                case SIGN_RSA_EMSA_PKCS1_SHA1:
                        return verify_emsa_pkcs1_signature(this, WC_HASH_TYPE_SHA, data,
                                                                                           signature);