AuroraMiddleware/libtomcrypt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

add x509_decode_public_key_from_certificate()

Browse Source
This commit is contained in:
Steffen Jaeckel 2019-05-24 11:42:48 +02:00
parent c28a8495d2
commit 5119e71023
3 changed files with 134 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/headers/tomcrypt_private.h
View File

@ -330,6 +330,13 @@ int der_teletex_value_decode(int v);
int der_utf8_valid_char(const wchar_t c);
typedef int (*public_key_decode_cb)(const unsigned char *in, unsigned long inlen, void *ctx);
int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned long inlen,
enum ltc_oid_id algorithm, ltc_asn1_type param_type,
ltc_asn1_list* parameters, unsigned long *parameters_len,
public_key_decode_cb callback, void *ctx);
/* SUBJECT PUBLIC KEY INFO */
int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen,
unsigned int algorithm, const void* public_key, unsigned long public_key_len,

114
src/pk/asn1/x509/x509_decode_public_key_from_certificate.c Normal file
View File

@ -0,0 +1,114 @@
/* LibTomCrypt, modular cryptographic library -- Tom St Denis
*
* LibTomCrypt is a library that provides various cryptographic
* algorithms in a highly modular and flexible manner.
*
* The library is free for all purposes without any express
* guarantee it works.
*/
#include "tomcrypt_private.h"
/**
@file x509_decode_public_key_from_certificate.c
ASN.1 DER/X.509, decode a certificate
*/
#ifdef LTC_DER
/* Check if it looks like a SubjectPublicKeyInfo */
#define LOOKS_LIKE_SPKI(l) ((l) != NULL) \
&& ((l)->type == LTC_ASN1_SEQUENCE) \
&& ((l)->child != NULL) \
&& ((l)->child->type == LTC_ASN1_OBJECT_IDENTIFIER) \
&& ((l)->next != NULL) \
&& ((l)->next->type == LTC_ASN1_BIT_STRING)
/**
Try to decode the public key from a X.509 certificate
@param in The input buffer
@param inlen The length of the input buffer
@param algorithm One out of the enum #public_key_algorithms
@param param_type The parameters' type out of the enum ltc_asn1_type
@param parameters The parameters to include
@param parameters_len [in/out] The number of parameters to include
@param callback The callback
@param ctx The context passed to the callback
@return CRYPT_OK on success
*/
int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned long inlen,
enum ltc_oid_id algorithm, ltc_asn1_type param_type,
ltc_asn1_list* parameters, unsigned long *parameters_len,
public_key_decode_cb callback, void *ctx)
{
int err;
unsigned char *tmpbuf;
unsigned long tmpbuf_len, tmp_inlen;
ltc_asn1_list *decoded_list = NULL, *l;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != 0);
tmpbuf_len = inlen;
tmpbuf = XCALLOC(1, tmpbuf_len);
if (tmpbuf == NULL) {
err = CRYPT_MEM;
goto LBL_OUT;
}
tmp_inlen = inlen;
if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) {
l = decoded_list;
err = CRYPT_INVALID_ARG;
/* Move 2 levels up in the tree
SEQUENCE
SEQUENCE
...
*/
if ((l->type == LTC_ASN1_SEQUENCE) && (l->child != NULL)) {
l = l->child;
if ((l->type == LTC_ASN1_SEQUENCE) && (l->child != NULL)) {
l = l->child;
/* Move forward in the tree until we find this combination
...
SEQUENCE
SEQUENCE
OBJECT IDENTIFIER <some PKA OID, e.g. 1.2.840.113549.1.1.1>
NULL
BIT STRING
*/
do {
/* The additional check for l->data is there to make sure
* we won't try to decode a list that has been 'shrunk'
*/
if ((l->type == LTC_ASN1_SEQUENCE)
&& (l->data != NULL)
&& LOOKS_LIKE_SPKI(l->child)) {
err = x509_decode_subject_public_key_info(l->data, l->size,
algorithm, tmpbuf, &tmpbuf_len,
param_type, parameters, parameters_len);
if (err == CRYPT_OK) {
err = callback(tmpbuf, tmpbuf_len, ctx);
goto LBL_OUT;
}
}
l = l->next;
} while(l);
}
}
}
LBL_OUT:
if (decoded_list) der_free_sequence_flexi(decoded_list);
if (tmpbuf != NULL) XFREE(tmpbuf);
return err;
}
#endif
/* ref: $Format:%D$ */
/* git commit: $Format:%H$ */
/* commit time: $Format:%ai$ */

20
src/pk/asn1/x509/x509_decode_subject_public_key_info.c
View File

@ -34,7 +34,7 @@
@param public_key_len [in/out] The length of the public key buffer and the written length
@param parameters_type The parameters' type out of the enum ltc_asn1_type
@param parameters The parameters to include
@param parameters_len [in/out]The number of parameters to include
@param parameters_len [in/out] The number of parameters to include
@return CRYPT_OK on success
*/
int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen,
@ -42,18 +42,25 @@ int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long i
ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len)
{
int err;
unsigned long len, alg_id_num;
unsigned long len, alg_id_num, tmplen;
const char* oid;
unsigned char *tmpbuf;
unsigned long tmpoid[16];
unsigned long *_parameters_len;
ltc_asn1_list alg_id[2];
ltc_asn1_list subject_pubkey[2];
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != 0);
LTC_ARGCHK(public_key_len != NULL);
if (parameters_type != LTC_ASN1_EOL) {
LTC_ARGCHK(parameters_len != NULL);
if ((parameters == NULL) || (parameters_len == NULL)) {
tmplen = 0;
_parameters_len = &tmplen;
} else {
_parameters_len = parameters_len;
}
}
err = pk_get_oid(algorithm, &oid);
@ -72,9 +79,8 @@ int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long i
LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0]));
if (parameters_type == LTC_ASN1_EOL) {
alg_id_num = 1;
}
else {
LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, *parameters_len);
} else {
LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, *_parameters_len);
alg_id_num = 2;
}
@ -89,7 +95,7 @@ int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long i
goto LBL_ERR;
}
if (parameters_type != LTC_ASN1_EOL) {
*parameters_len = alg_id[1].size;
*_parameters_len = alg_id[1].size;
}
if ((err = pk_oid_cmp_with_asn1(oid, &alg_id[0])) != CRYPT_OK) {