Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
BC
public
external
mbedtls
Commits
88380993
Commit
88380993
authored
Jul 04, 2013
by
Manuel Pégourié-Gonnard
Browse files
Add x509parse_{,public}_key{,file}()
Also make previously public *_ec functions private.
parent
12e0ed91
Changes
3
Hide whitespace changes
Inline
Side-by-side
include/polarssl/x509.h
View file @
88380993
...
...
@@ -472,9 +472,9 @@ int x509parse_public_keyfile_rsa( rsa_context *rsa, const char *path );
/** \ingroup x509_module */
/**
* \brief Parse a private
EC
key
* \brief Parse a private key
*
* \param
eckey
EC
key to be initialized
* \param
ctx
key to be initialized
* \param key input buffer
* \param keylen size of the buffer
* \param pwd password for decryption (optional)
...
...
@@ -482,46 +482,46 @@ int x509parse_public_keyfile_rsa( rsa_context *rsa, const char *path );
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int
x509parse_key
_ec
(
ecp_keypair
*
eckey
,
const
unsigned
char
*
key
,
size_t
keylen
,
const
unsigned
char
*
pwd
,
size_t
pwdlen
);
int
x509parse_key
(
pk_context
*
ctx
,
const
unsigned
char
*
key
,
size_t
keylen
,
const
unsigned
char
*
pwd
,
size_t
pwdlen
);
/** \ingroup x509_module */
/**
* \brief Load and parse a private
EC
key
* \brief Load and parse a private key
*
* \param
eckey
EC
key to be initialized
* \param
ctx
key to be initialized
* \param path filename to read the private key from
* \param password password to decrypt the file (can be NULL)
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int
x509parse_keyfile
_ec
(
ecp_keypair
*
eckey
,
const
char
*
path
,
const
char
*
password
);
int
x509parse_keyfile
(
pk_context
*
ctx
,
const
char
*
path
,
const
char
*
password
);
/** \ingroup x509_module */
/**
* \brief Parse a public
EC
key
* \brief Parse a public key
*
* \param
eckey
EC
key to be initialized
* \param
ctx
key to be initialized
* \param key input buffer
* \param keylen size of the buffer
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int
x509parse_public_key
_ec
(
ecp_keypair
*
eckey
,
const
unsigned
char
*
key
,
size_t
keylen
);
int
x509parse_public_key
(
pk_context
*
ctx
,
const
unsigned
char
*
key
,
size_t
keylen
);
/** \ingroup x509_module */
/**
* \brief Load and parse a public
EC
key
* \brief Load and parse a public key
*
* \param
eckey
EC
key to be initialized
* \param
ctx
key to be initialized
* \param path filename to read the private key from
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int
x509parse_public_keyfile
_ec
(
ecp_keypair
*
eckey
,
const
char
*
path
);
int
x509parse_public_keyfile
(
pk_context
*
ctx
,
const
char
*
path
);
/** \ingroup x509_module */
/**
...
...
library/x509parse.c
View file @
88380993
...
...
@@ -511,12 +511,14 @@ static int x509_get_pubkey( unsigned char **p,
/*
* only RSA public keys handled at this time
*/
if
(
oid_get_pk_alg
(
pk_alg_oid
,
&
pk_alg
)
!=
0
||
pk_alg
!=
POLARSSL_PK_RSA
)
if
(
oid_get_pk_alg
(
pk_alg_oid
,
&
pk_alg
)
!=
0
)
{
return
(
POLARSSL_ERR_X509_UNKNOWN_PK_ALG
);
}
if
(
pk_alg
!=
POLARSSL_PK_RSA
)
return
(
POLARSSL_ERR_X509_CERT_INVALID_ALG
);
if
(
(
ret
=
asn1_get_tag
(
p
,
end
,
&
len
,
ASN1_BIT_STRING
)
)
!=
0
)
return
(
POLARSSL_ERR_X509_CERT_INVALID_PUBKEY
+
ret
);
...
...
@@ -2079,12 +2081,11 @@ int x509parse_public_keyfile_rsa( rsa_context *rsa, const char *path )
return
(
ret
);
}
#if defined(POLARSSL_ECP_C)
/*
* Load and parse a private
EC
key
* Load and parse a private key
*/
int
x509parse_keyfile
_ec
(
ecp_keypair
*
eckey
,
const
char
*
path
,
const
char
*
pwd
)
int
x509parse_keyfile
(
pk_context
*
ctx
,
const
char
*
path
,
const
char
*
pwd
)
{
int
ret
;
size_t
n
;
...
...
@@ -2094,9 +2095,9 @@ int x509parse_keyfile_ec( ecp_keypair *eckey,
return
(
ret
);
if
(
pwd
==
NULL
)
ret
=
x509parse_key
_ec
(
eckey
,
buf
,
n
,
NULL
,
0
);
ret
=
x509parse_key
(
ctx
,
buf
,
n
,
NULL
,
0
);
else
ret
=
x509parse_key
_ec
(
eckey
,
buf
,
n
,
ret
=
x509parse_key
(
ctx
,
buf
,
n
,
(
const
unsigned
char
*
)
pwd
,
strlen
(
pwd
)
);
memset
(
buf
,
0
,
n
+
1
);
...
...
@@ -2106,9 +2107,9 @@ int x509parse_keyfile_ec( ecp_keypair *eckey,
}
/*
* Load and parse a public
EC
key
* Load and parse a public key
*/
int
x509parse_public_keyfile
_ec
(
ecp_keypair
*
eckey
,
const
char
*
path
)
int
x509parse_public_keyfile
(
pk_context
*
ctx
,
const
char
*
path
)
{
int
ret
;
size_t
n
;
...
...
@@ -2117,14 +2118,14 @@ int x509parse_public_keyfile_ec( ecp_keypair *eckey, const char *path )
if
(
(
ret
=
load_file
(
path
,
&
buf
,
&
n
)
)
!=
0
)
return
(
ret
);
ret
=
x509parse_public_key
_ec
(
eckey
,
buf
,
n
);
ret
=
x509parse_public_key
(
ctx
,
buf
,
n
);
memset
(
buf
,
0
,
n
+
1
);
free
(
buf
);
return
(
ret
);
}
#endif
/* defined(POLARSSL_ECP_C) */
#endif
/* POLARSSL_FS_IO */
/*
...
...
@@ -2259,12 +2260,14 @@ static int x509parse_key_pkcs8_unencrypted_der(
/*
* only RSA keys handled at this time
*/
if
(
oid_get_pk_alg
(
&
pk_alg_oid
,
&
pk_alg
)
!=
0
||
pk_alg
!=
POLARSSL_PK_RSA
)
if
(
oid_get_pk_alg
(
&
pk_alg_oid
,
&
pk_alg
)
!=
0
)
{
return
(
POLARSSL_ERR_X509_UNKNOWN_PK_ALG
);
}
if
(
pk_alg
!=
POLARSSL_PK_RSA
)
return
(
POLARSSL_ERR_X509_CERT_INVALID_ALG
);
/*
* Get the OCTET STRING and parse the PKCS#1 format inside
*/
...
...
@@ -2791,7 +2794,7 @@ static int x509parse_key_pkcs8_unencrypted_der_ec(
return
(
POLARSSL_ERR_X509_UNKNOWN_PK_ALG
);
if
(
pk_alg
!=
POLARSSL_PK_ECKEY
&&
pk_alg
!=
POLARSSL_PK_ECKEY_DH
)
return
(
POLARSSL_ERR_X509_
UNKNOWN_PK
_ALG
);
return
(
POLARSSL_ERR_X509_
CERT_INVALID
_ALG
);
if
(
pk_alg
==
POLARSSL_PK_ECKEY_DH
)
eck
->
alg
=
POLARSSL_ECP_KEY_ALG_ECDH
;
...
...
@@ -2853,9 +2856,9 @@ static int x509parse_key_pkcs8_encrypted_der_ec(
/*
* Parse a private EC key
*/
int
x509parse_key_ec
(
ecp_keypair
*
eck
,
const
unsigned
char
*
key
,
size_t
keylen
,
const
unsigned
char
*
pwd
,
size_t
pwdlen
)
static
int
x509parse_key_ec
(
ecp_keypair
*
eck
,
const
unsigned
char
*
key
,
size_t
keylen
,
const
unsigned
char
*
pwd
,
size_t
pwdlen
)
{
int
ret
;
...
...
@@ -2994,7 +2997,7 @@ static int x509parse_public_key_ec_der( ecp_keypair *key,
return
(
POLARSSL_ERR_X509_UNKNOWN_PK_ALG
);
if
(
alg
!=
POLARSSL_PK_ECKEY
&&
alg
!=
POLARSSL_PK_ECKEY_DH
)
return
(
POLARSSL_ERR_X509_
UNKNOWN_PK
_ALG
);
return
(
POLARSSL_ERR_X509_
CERT_INVALID
_ALG
);
if
(
alg
==
POLARSSL_PK_ECKEY_DH
)
key
->
alg
=
POLARSSL_ECP_KEY_ALG_ECDH
;
...
...
@@ -3016,8 +3019,8 @@ static int x509parse_public_key_ec_der( ecp_keypair *key,
/*
* Parse a public EC key
*/
int
x509parse_public_key_ec
(
ecp_keypair
*
eckey
,
const
unsigned
char
*
key
,
size_t
keylen
)
static
int
x509parse_public_key_ec
(
ecp_keypair
*
eckey
,
const
unsigned
char
*
key
,
size_t
keylen
)
{
int
ret
;
#if defined(POLARSSL_PEM_C)
...
...
@@ -3059,6 +3062,58 @@ int x509parse_public_key_ec( ecp_keypair *eckey,
}
#endif
/* defined(POLARSSL_ECP_C) */
/*
* Parse a private key
*/
int
x509parse_key
(
pk_context
*
ctx
,
const
unsigned
char
*
key
,
size_t
keylen
,
const
unsigned
char
*
pwd
,
size_t
pwdlen
)
{
int
ret
;
if
(
(
ret
=
pk_set_type
(
ctx
,
POLARSSL_PK_RSA
)
)
!=
0
)
return
(
ret
);
if
(
(
ret
=
x509parse_key_rsa
(
ctx
->
data
,
key
,
keylen
,
pwd
,
pwdlen
)
)
==
0
)
{
return
(
0
);
}
if
(
(
ret
=
pk_set_type
(
ctx
,
POLARSSL_PK_ECKEY
)
)
!=
0
)
return
(
ret
);
if
(
(
ret
=
x509parse_key_ec
(
ctx
->
data
,
key
,
keylen
,
pwd
,
pwdlen
)
)
==
0
)
{
return
(
0
);
}
return
(
POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT
);
}
/*
* Parse a public key
*/
int
x509parse_public_key
(
pk_context
*
ctx
,
const
unsigned
char
*
key
,
size_t
keylen
)
{
int
ret
;
if
(
(
ret
=
pk_set_type
(
ctx
,
POLARSSL_PK_RSA
)
)
!=
0
)
return
(
ret
);
if
(
(
ret
=
x509parse_public_key_rsa
(
ctx
->
data
,
key
,
keylen
)
)
==
0
)
return
(
0
);
if
(
(
ret
=
pk_set_type
(
ctx
,
POLARSSL_PK_ECKEY
)
)
!=
0
)
return
(
ret
);
if
(
(
ret
=
x509parse_public_key_ec
(
ctx
->
data
,
key
,
keylen
)
)
==
0
)
return
(
0
);
return
(
POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT
);
}
#if defined(POLARSSL_DHM_C)
/*
* Parse DHM parameters
...
...
tests/suites/test_suite_x509parse.function
View file @
88380993
...
...
@@ -182,42 +182,48 @@ END_CASE
BEGIN_CASE
x509parse_public_keyfile_ec:key_file:result
{
ecp_keypair eckey
;
pk_context ctx
;
int res;
ecp_keypair
_init( &
eckey
);
pk
_init( &
ctx
);
res = x509parse_public_keyfile
_ec( &eckey
, {key_file} );
res = x509parse_public_keyfile
( &ctx
, {key_file} );
TEST_ASSERT( res == {result} );
if( res == 0 )
{
TEST_ASSERT( ecp_check_pubkey( &eckey.grp, &eckey.Q ) == 0 );
ecp_keypair *eckey;
TEST_ASSERT( ctx.type == POLARSSL_PK_ECKEY );
eckey = (ecp_keypair *) ctx.data;
TEST_ASSERT( ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 );
}
ecp_keypair
_free( &
eckey
);
pk
_free( &
ctx
);
}
END_CASE
BEGIN_CASE
x509parse_keyfile_ec:key_file:password:result
{
ecp_keypair eckey
;
pk_context ctx
;
int res;
ecp_keypair
_init( &
eckey
);
pk
_init( &
ctx
);
res = x509parse_keyfile
_ec( &eckey
, {key_file}, {password} );
res = x509parse_keyfile
( &ctx
, {key_file}, {password} );
TEST_ASSERT( res == {result} );
if( res == 0 )
{
TEST_ASSERT( ecp_check_prvkey( &eckey.grp, &eckey.d ) == 0 );
ecp_keypair *eckey;
TEST_ASSERT( ctx.type == POLARSSL_PK_ECKEY );
eckey = (ecp_keypair *) ctx.data;
TEST_ASSERT( ecp_check_prvkey( &eckey->grp, &eckey->d ) == 0 );
}
ecp_keypair
_free( &
eckey
);
pk
_free( &
ctx
);
}
END_CASE
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment