add possibility to export RSA public key in SubjectPublicKeyInfo format

2014-08-31 14:57:35 +02:00 · 2014-08-31 14:57:35 +02:00 · f58c87866e
commit f58c87866e
parent b1f29539be
3 changed files with 43 additions and 18 deletions
--- a/src/headers/tomcrypt_pk.h
+++ b/src/headers/tomcrypt_pk.h
@ -5,6 +5,9 @@ enum {
   PK_PRIVATE=1
 };

+/* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */
+#define PK_STD          0x1000
+
 int rand_prime(void *N, long len, prng_state *prng, int wprng);
 int rand_bn_bits(void *N, int bits, prng_state *prng, int wprng);
 int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng);
--- a/src/pk/rsa/rsa_export.c
+++ b/src/pk/rsa/rsa_export.c
@ -56,27 +56,37 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
                          LTC_ASN1_EOL,     0UL, NULL);
   } else {
      /* public key */
-      unsigned long tmplen = (mp_count_bits(key->N)/8)*2+8;
-      unsigned char* tmp = XMALLOC(tmplen);
+      unsigned long tmplen, *ptmplen;
+      unsigned char* tmp = NULL;

-      if (tmp == NULL) {
-	   return CRYPT_MEM;
+      if (type & PK_STD) {
+          tmplen = (mp_count_bits(key->N)/8)*2+8;
+          tmp = XMALLOC(tmplen);
+          ptmplen = &tmplen;
+          if (tmp == NULL) {
+              return CRYPT_MEM;
+          }
+      }
+      else {
+          tmp = out;
+          ptmplen = outlen;
      }

-      err = der_encode_sequence_multi(tmp, &tmplen,
+      err = der_encode_sequence_multi(tmp, ptmplen,
                                 LTC_ASN1_INTEGER, 1UL,  key->N,
                                 LTC_ASN1_INTEGER, 1UL,  key->e,
                                 LTC_ASN1_EOL,     0UL, NULL);

-      if (err != CRYPT_OK) {
-		  goto error;
+      if ((err != CRYPT_OK) || !(type & PK_STD)) {
+          goto finish;
      }

      err = der_encode_subject_public_key_info(out, outlen,
        PKA_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0);

-error:
-      XFREE(tmp);
+finish:
+      if (tmp != out)
+        XFREE(tmp);
      return err;

   }
--- a/testprof/rsa_test.c
+++ b/testprof/rsa_test.c
@ -119,6 +119,18 @@ static int rsa_compat_test(void)
   }
   rsa_free(&key);

+   /* try export in SubjectPublicKeyInfo format of the public key */
+   DO(rsa_import(openssl_public_rsa, sizeof(openssl_public_rsa), &key));
+   len = sizeof(buf);
+   DO(rsa_export(buf, &len, PK_PUBLIC | PK_STD, &key));
+   if (len != sizeof(openssl_public_rsa) || memcmp(buf, openssl_public_rsa, len)) {
+      fprintf(stderr, "RSA(public) SSL public X.509 export failed to match OpenSSL output\n");
+      print_hex("should", openssl_public_rsa, sizeof(openssl_public_rsa));
+      print_hex("is", buf, len);
+      return 1;
+   }
+   rsa_free(&key);
+
   return 0;
 }