Merge pull request #9368 from holtrop/rust-wc-ed25519

Rust wrapper: add wolfssl::wolfcrypt::ed25519 module

Author: douzzer

doc/dox_comments/header_files/ed25519.h

@@ -440,8 +440,8 @@ int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
     byte hash[] = { initialize with SHA-512 hash of message };
     byte context[] = { initialize with context of signature };
     // initialize key with received public key
-    ret = wc_ed25519ph_verify_hash(sig, sizeof(sig), msg, sizeof(msg),
-            &verified, &key, );
+    ret = wc_ed25519ph_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+            &verified, &key, context, sizeof(context));
     if (ret < 0) {
         // error performing verification
     } else if (verified == 0)
@@ -496,8 +496,8 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
     byte msg[] = { initialize with message };
     byte context[] = { initialize with context of signature };
     // initialize key with received public key
-    ret = wc_ed25519ctx_verify_msg(sig, sizeof(sig), msg, sizeof(msg),
-            &verified, &key, );
+    ret = wc_ed25519ph_verify_msg(sig, sizeof(sig), msg, sizeof(msg),
+            &verified, &key, context, sizeof(context));
     if (ret < 0) {
         // error performing verification
     } else if (verified == 0)
@@ -506,8 +506,8 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
     \endcode
 
     \sa wc_ed25519_verify_msg
+    \sa wc_ed25519ctx_verify_msg
     \sa wc_ed25519ph_verify_hash
-    \sa wc_ed25519ph_verify_msg
     \sa wc_ed25519_sign_msg
 */
 
@@ -747,7 +747,7 @@ int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
 
     ed25519_key key;
     wc_ed25519_init_key(&key);
-    ret = wc_ed25519_import_private_key(priv, sizeof(priv), pub, sizeof(pub),
+    ret = wc_ed25519_import_private_key_ex(priv, sizeof(priv), pub, sizeof(pub),
             &key, 1);
     if (ret != 0) {
         // error importing key
@@ -774,7 +774,7 @@ int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
     \return 0 Returned upon successfully exporting the public key.
     \return BAD_FUNC_ARG Returned if any of the input values evaluate to NULL.
     \return BUFFER_E Returned if the buffer provided is not large enough to
-    store the private key. Upon returning this error, the function sets the
+    store the public key. Upon returning this error, the function sets the
     size required in outLen.
 
     \param [in] key Pointer to an ed25519_key structure from which to export the
@@ -801,10 +801,11 @@ int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
 
     \sa wc_ed25519_import_public
     \sa wc_ed25519_import_public_ex
+    \sa wc_ed25519_export_private
     \sa wc_ed25519_export_private_only
 */
 
-int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
+int wc_ed25519_export_public(const ed25519_key* key, byte* out, word32* outLen);
 
 /*!
     \ingroup ED25519
@@ -840,11 +841,12 @@ int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
     \endcode
 
     \sa wc_ed25519_export_public
+    \sa wc_ed25519_export_private
     \sa wc_ed25519_import_private_key
     \sa wc_ed25519_import_private_key_ex
 */
 
-int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
+int wc_ed25519_export_private_only(const ed25519_key* key, byte* out, word32* outLen);
 
 /*!
     \ingroup ED25519
@@ -888,7 +890,7 @@ int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
     \sa wc_ed25519_export_private_only
 */
 
-int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
+int wc_ed25519_export_private(const ed25519_key* key, byte* out, word32* outLen);
 
 /*!
     \ingroup ED25519
@@ -935,7 +937,7 @@ int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
     \sa wc_ed25519_export_public
 */
 
-int wc_ed25519_export_key(ed25519_key* key,
+int wc_ed25519_export_key(const ed25519_key* key,
                           byte* priv, word32 *privSz,
                           byte* pub, word32 *pubSz);
 
@@ -999,7 +1001,7 @@ int wc_ed25519_check_key(ed25519_key* key);
     \sa wc_ed25519_make_key
 */
 
-int wc_ed25519_size(ed25519_key* key);
+int wc_ed25519_size(const ed25519_key* key);
 
 /*!
     \ingroup ED25519
@@ -1028,7 +1030,7 @@ int wc_ed25519_size(ed25519_key* key);
     \sa wc_ed25519_pub_size
 */
 
-int wc_ed25519_priv_size(ed25519_key* key);
+int wc_ed25519_priv_size(const ed25519_key* key);
 
 /*!
     \ingroup ED25519
@@ -1056,7 +1058,7 @@ int wc_ed25519_priv_size(ed25519_key* key);
     \sa wc_ed25519_priv_size
 */
 
-int wc_ed25519_pub_size(ed25519_key* key);
+int wc_ed25519_pub_size(const ed25519_key* key);
 
 /*!
     \ingroup ED25519
@@ -1084,4 +1086,4 @@ int wc_ed25519_pub_size(ed25519_key* key);
     \sa wc_ed25519_sign_msg
 */
 
-int wc_ed25519_sig_size(ed25519_key* key);
+int wc_ed25519_sig_size(const ed25519_key* key);

wolfcrypt/src/asn.c

@@ -13499,7 +13499,7 @@ int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen,
  * @return  BAD_FUNC_ARG when key is NULL.
  * @return  MEMORY_E when dynamic memory allocation failed.
  */
-int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output, word32 inLen,
+int wc_Ed25519PublicKeyToDer(const ed25519_key* key, byte* output, word32 inLen,
                              int withAlg)
 {
     int    ret;
@@ -37770,7 +37770,7 @@ int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
 /* Write a Private ED25519 key, including public to DER format,
  * length on success else < 0 */
-int wc_Ed25519KeyToDer(ed25519_key* key, byte* output, word32 inLen)
+int wc_Ed25519KeyToDer(const ed25519_key* key, byte* output, word32 inLen)
 {
     if (key == NULL) {
         return BAD_FUNC_ARG;
@@ -37781,7 +37781,7 @@ int wc_Ed25519KeyToDer(ed25519_key* key, byte* output, word32 inLen)
 
 /* Write only private ED25519 key to DER format,
  * length on success else < 0 */
-int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output, word32 inLen)
+int wc_Ed25519PrivateKeyToDer(const ed25519_key* key, byte* output, word32 inLen)
 {
     if (key == NULL) {
         return BAD_FUNC_ARG;

wolfcrypt/src/ed25519.c

@@ -1117,7 +1117,7 @@ void wc_ed25519_free(ed25519_key* key)
     to the final output length.
     returns 0 on success
  */
-int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen)
+int wc_ed25519_export_public(const ed25519_key* key, byte* out, word32* outLen)
 {
     /* sanity check on arguments */
     if (key == NULL || out == NULL || outLen == NULL)
@@ -1343,7 +1343,7 @@ int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
  to the final output length.
  returns 0 on success
  */
-int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen)
+int wc_ed25519_export_private_only(const ed25519_key* key, byte* out, word32* outLen)
 {
     /* sanity checks on arguments */
     if (key == NULL || out == NULL || outLen == NULL)
@@ -1366,7 +1366,7 @@ int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen)
  to the final output length.
  returns 0 on success
  */
-int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen)
+int wc_ed25519_export_private(const ed25519_key* key, byte* out, word32* outLen)
 {
     /* sanity checks on arguments */
     if (key == NULL || out == NULL || outLen == NULL)
@@ -1386,7 +1386,7 @@ int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen)
 /* export full private key and public key
    return 0 on success
  */
-int wc_ed25519_export_key(ed25519_key* key,
+int wc_ed25519_export_key(const ed25519_key* key,
                           byte* priv, word32 *privSz,
                           byte* pub, word32 *pubSz)
 {
@@ -1487,7 +1487,7 @@ int wc_ed25519_check_key(ed25519_key* key)
 }
 
 /* returns the private key size (secret only) in bytes */
-int wc_ed25519_size(ed25519_key* key)
+int wc_ed25519_size(const ed25519_key* key)
 {
     if (key == NULL)
         return BAD_FUNC_ARG;
@@ -1496,7 +1496,7 @@ int wc_ed25519_size(ed25519_key* key)
 }
 
 /* returns the private key size (secret + public) in bytes */
-int wc_ed25519_priv_size(ed25519_key* key)
+int wc_ed25519_priv_size(const ed25519_key* key)
 {
     if (key == NULL)
         return BAD_FUNC_ARG;
@@ -1505,7 +1505,7 @@ int wc_ed25519_priv_size(ed25519_key* key)
 }
 
 /* returns the compressed key size in bytes (public key) */
-int wc_ed25519_pub_size(ed25519_key* key)
+int wc_ed25519_pub_size(const ed25519_key* key)
 {
     if (key == NULL)
         return BAD_FUNC_ARG;
@@ -1514,7 +1514,7 @@ int wc_ed25519_pub_size(ed25519_key* key)
 }
 
 /* returns the size of signature in bytes */
-int wc_ed25519_sig_size(ed25519_key* key)
+int wc_ed25519_sig_size(const ed25519_key* key)
 {
     if (key == NULL)
         return BAD_FUNC_ARG;

wolfssl/wolfcrypt/asn_public.h

@@ -728,11 +728,11 @@ WOLFSSL_API int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
                               ed25519_key* key, word32 inSz);
 #endif
 #ifdef HAVE_ED25519_KEY_EXPORT
-WOLFSSL_API int wc_Ed25519KeyToDer(ed25519_key* key, byte* output,
+WOLFSSL_API int wc_Ed25519KeyToDer(const ed25519_key* key, byte* output,
                                    word32 inLen);
-WOLFSSL_API int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output,
+WOLFSSL_API int wc_Ed25519PrivateKeyToDer(const ed25519_key* key, byte* output,
                                           word32 inLen);
-WOLFSSL_API int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output,
+WOLFSSL_API int wc_Ed25519PublicKeyToDer(const ed25519_key* key, byte* output,
                                          word32 inLen, int withAlg);
 #endif
 #endif /* HAVE_ED25519 */

wolfssl/wolfcrypt/ed25519.h

@@ -207,13 +207,13 @@ int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
 
 #ifdef HAVE_ED25519_KEY_EXPORT
 WOLFSSL_API
-int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
+int wc_ed25519_export_public(const ed25519_key* key, byte* out, word32* outLen);
 WOLFSSL_API
-int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
+int wc_ed25519_export_private_only(const ed25519_key* key, byte* out, word32* outLen);
 WOLFSSL_API
-int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
+int wc_ed25519_export_private(const ed25519_key* key, byte* out, word32* outLen);
 WOLFSSL_API
-int wc_ed25519_export_key(ed25519_key* key,
+int wc_ed25519_export_key(const ed25519_key* key,
                           byte* priv, word32 *privSz,
                           byte* pub, word32 *pubSz);
 #endif /* HAVE_ED25519_KEY_EXPORT */
@@ -223,13 +223,13 @@ int wc_ed25519_check_key(ed25519_key* key);
 
 /* size helper */
 WOLFSSL_API
-int wc_ed25519_size(ed25519_key* key);
+int wc_ed25519_size(const ed25519_key* key);
 WOLFSSL_API
-int wc_ed25519_priv_size(ed25519_key* key);
+int wc_ed25519_priv_size(const ed25519_key* key);
 WOLFSSL_API
-int wc_ed25519_pub_size(ed25519_key* key);
+int wc_ed25519_pub_size(const ed25519_key* key);
 WOLFSSL_API
-int wc_ed25519_sig_size(ed25519_key* key);
+int wc_ed25519_sig_size(const ed25519_key* key);
 
 #ifdef __cplusplus
     }    /* extern "C" */

wrapper/rust/include.am

@@ -20,6 +20,7 @@ EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/aes.rs
 EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/cmac.rs
 EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/dh.rs
 EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/ecc.rs
+EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/ed25519.rs
 EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/hkdf.rs
 EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/hmac.rs
 EXTRA_DIST += wrapper/rust/wolfssl/src/wolfcrypt/kdf.rs
@@ -31,6 +32,7 @@ EXTRA_DIST += wrapper/rust/wolfssl/tests/test_aes.rs
 EXTRA_DIST += wrapper/rust/wolfssl/tests/test_cmac.rs
 EXTRA_DIST += wrapper/rust/wolfssl/tests/test_dh.rs
 EXTRA_DIST += wrapper/rust/wolfssl/tests/test_ecc.rs
+EXTRA_DIST += wrapper/rust/wolfssl/tests/test_ed25519.rs
 EXTRA_DIST += wrapper/rust/wolfssl/tests/test_hkdf.rs
 EXTRA_DIST += wrapper/rust/wolfssl/tests/test_hmac.rs
 EXTRA_DIST += wrapper/rust/wolfssl/tests/test_kdf.rs

wrapper/rust/wolfssl/src/wolfcrypt.rs

@@ -22,6 +22,7 @@ pub mod aes;
 pub mod cmac;
 pub mod dh;
 pub mod ecc;
+pub mod ed25519;
 pub mod hkdf;
 pub mod hmac;
 pub mod kdf;