add possibility to export RSA public key in SubjectPublicKeyInfo format

2014-08-31 14:57:35 +02:00 · 2014-08-31 14:57:35 +02:00 · f58c87866e
commit f58c87866e
parent b1f29539be
3 changed files with 43 additions and 18 deletions
--- a/src/headers/tomcrypt_pk.h
+++ b/src/headers/tomcrypt_pk.h
@ -5,6 +5,9 @@ enum {
   PK_PRIVATE=1
 };

+/* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */
+#define PK_STD          0x1000
+
 int rand_prime(void *N, long len, prng_state *prng, int wprng);
 int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng);
 int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng);
--- a/src/pk/rsa/rsa_export.c
+++ b/src/pk/rsa/rsa_export.c
@ -56,27 +56,37 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
                          LTC_ASN1_EOL,     0UL, NULL);
   } else {
      /* public key */
-      unsigned long tmplen = (mp_count_bits(key->N)/8)*2+8;
-      unsigned char* tmp = XMALLOC(tmplen);
+      unsigned long tmplen, *ptmplen;
+      unsigned char* tmp = NULL;

-      if (tmp == NULL) {
-	   return CRYPT_MEM;
+      if (type & PK_STD) {
+          tmplen = (mp_count_bits(key->N)/8)*2+8;
+          tmp = XMALLOC(tmplen);
+          ptmplen = &tmplen;
+          if (tmp == NULL) {
+              return CRYPT_MEM;
+          }
+      }
+      else {
+          tmp = out;
+          ptmplen = outlen;
      }

-      err = der_encode_sequence_multi(tmp, &tmplen,
+      err = der_encode_sequence_multi(tmp, ptmplen,
                                 LTC_ASN1_INTEGER, 1UL,  key->N,
                                 LTC_ASN1_INTEGER, 1UL,  key->e,
                                 LTC_ASN1_EOL,     0UL, NULL);

-      if (err != CRYPT_OK) {
-		  goto error;
+      if ((err != CRYPT_OK) || !(type & PK_STD)) {
+          goto finish;
      }

      err = der_encode_subject_public_key_info(out, outlen,
        PKA_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0);

-error:
-      XFREE(tmp);
+finish:
+      if (tmp != out)
+        XFREE(tmp);
      return err;

   }
--- a/testprof/rsa_test.c
+++ b/testprof/rsa_test.c
@ -63,15 +63,15 @@ static const unsigned char openssl_public_rsa[] = {

 /* same key but with extra headers stripped */
 static const unsigned char openssl_public_rsa_stripped[] = {
-   0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde, 
-   0x64, 0x8a, 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7, 
-   0xa1, 0xb7, 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96, 
-   0x65, 0xe5, 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60, 
-   0x12, 0x8a, 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b, 
-   0xbf, 0x12, 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68, 
-   0x7c, 0x61, 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4, 
-   0xe2, 0x76, 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a, 
-   0x60, 0x3f, 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01, 
+   0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xcf, 0x9a, 0xde,
+   0x64, 0x8a, 0xda, 0xc8, 0x33, 0x20, 0xa9, 0xd7, 0x83, 0x31, 0x19, 0x54, 0xb2, 0x9a, 0x85, 0xa7,
+   0xa1, 0xb7, 0x75, 0x33, 0xb6, 0xa9, 0xac, 0x84, 0x24, 0xb3, 0xde, 0xdb, 0x7d, 0x85, 0x2d, 0x96,
+   0x65, 0xe5, 0x3f, 0x72, 0x95, 0x24, 0x9f, 0x28, 0x68, 0xca, 0x4f, 0xdb, 0x44, 0x1c, 0x3e, 0x60,
+   0x12, 0x8a, 0xdd, 0x26, 0xa5, 0xeb, 0xff, 0x0b, 0x5e, 0xd4, 0x88, 0x38, 0x49, 0x2a, 0x6e, 0x5b,
+   0xbf, 0x12, 0x37, 0x47, 0xbd, 0x05, 0x6b, 0xbc, 0xdb, 0xf3, 0xee, 0xe4, 0x11, 0x8e, 0x41, 0x68,
+   0x7c, 0x61, 0x13, 0xd7, 0x42, 0xc8, 0x80, 0xbe, 0x36, 0x8f, 0xdc, 0x08, 0x8b, 0x4f, 0xac, 0xa4,
+   0xe2, 0x76, 0x0c, 0xc9, 0x63, 0x6c, 0x49, 0x58, 0x93, 0xed, 0xcc, 0xaa, 0xdc, 0x25, 0x3b, 0x0a,
+   0x60, 0x3f, 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01,
   0x00, 0x01,  };

 static int rsa_compat_test(void)
@ -119,6 +119,18 @@ static int rsa_compat_test(void)
   }
   rsa_free(&key);

+   /* try export in SubjectPublicKeyInfo format of the public key */
+   DO(rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &key));
+   len = sizeof(buf);
+   DO(rsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
+   if (len != sizeof(openssl_public_rsa) || memcmp(buf, openssl_public_rsa, len)) {
+      fprintf(stderr, "RSA(public) SSL public X.509 export failed to match OpenSSL output\n");
+      print_hex("should", openssl_public_rsa, sizeof(openssl_public_rsa));
+      print_hex("is", buf, len);
+      return 1;
+   }
+   rsa_free(&key);
+
   return 0;
 }