feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #8612 from JacobBarthelmeh/pkcs8

Browse Source 
account for existing pkcs8 header
This commit is contained in:
David Garske
2025-04-10 16:03:49 -07:00
committed by GitHub
parent e8656d0d22 29ce716615
commit 368dcf51af
2 changed files with 20 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/pk.c
View File

@ -16495,7 +16495,8 @@ int pkcs8_encrypt(WOLFSSL_EVP_PKEY* pkey,
if (ret == 0) { if (ret == 0) {
/* Encrypt private into buffer. */ /* Encrypt private into buffer. */
ret = TraditionalEnc((byte*)pkey->pkey.ptr, (word32)pkey->pkey_sz, ret = TraditionalEnc((byte*)pkey->pkey.ptr + pkey->pkcs8HeaderSz,
(word32)pkey->pkey_sz - pkey->pkcs8HeaderSz,
key, keySz, passwd, passwdSz, PKCS5, PBES2, encAlgId, key, keySz, passwd, passwdSz, PKCS5, PBES2, encAlgId,
NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL); NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL);
if (ret > 0) { if (ret > 0) {
@ -16576,8 +16577,9 @@ int pkcs8_encode(WOLFSSL_EVP_PKEY* pkey, byte* key, word32* keySz)
if (ret >= 0) { if (ret >= 0) {
/* Encode private key in PKCS#8 format. */ /* Encode private key in PKCS#8 format. */
ret = wc_CreatePKCS8Key(key, keySz, (byte*)pkey->pkey.ptr, ret = wc_CreatePKCS8Key(key, keySz, (byte*)pkey->pkey.ptr +
(word32)pkey->pkey_sz, algId, curveOid, oidSz); pkey->pkcs8HeaderSz, (word32)pkey->pkey_sz - pkey->pkcs8HeaderSz,
algId, curveOid, oidSz);
} }
return ret; return ret;

15
tests/api.c
View File

@ -33015,6 +33015,21 @@ static int test_wolfSSL_PKCS8_d2i(void)
evpPkey = NULL; evpPkey = NULL;
BIO_free(bio); BIO_free(bio);
bio = NULL; bio = NULL;
/* https://github.com/wolfSSL/wolfssl/issues/8610 */
bytes = (int)XSTRLEN((void*)pkcs8_buffer);
ExpectNotNull(bio = BIO_new_mem_buf((void*)pkcs8_buffer, bytes));
ExpectIntEQ(BIO_get_mem_data(bio, &p), bytes);
ExpectIntEQ(XMEMCMP(p, pkcs8_buffer, bytes), 0);
ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, NULL,
(void*)"yassl123"));
ExpectIntEQ(PEM_write_PKCS8PrivateKey(stderr, evpPkey, NULL,
NULL, 0, NULL, NULL), bytes);
EVP_PKEY_free(evpPkey);
evpPkey = NULL;
BIO_free(bio);
bio = NULL;
#endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 && HAVE_AES_CBC */ #endif /* OPENSSL_ALL && !NO_BIO && !NO_PWDBASED && HAVE_PKCS8 && HAVE_AES_CBC */
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
pkey = NULL; pkey = NULL;