Added PKCS8 support for ED25519.

2020-01-15 09:56:32 -08:00
parent 7707234901
commit 40c8562dc2
3 changed files with 17 additions and 16 deletions
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -5497,12 +5497,19 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
        /* ASN1 (DER) or RAW (NTRU) */
        int length = (int)sz;
        if (format == WOLFSSL_FILETYPE_ASN1) {
-            /* get length of der (read sequence) */
+            /* get length of der (read sequence or octet string) */
            word32 inOutIdx = 0;
-            if (GetSequence(buff, &inOutIdx, &length, (word32)sz) < 0) {
+            if (GetSequence(buff, &inOutIdx, &length, (word32)sz) >= 0) {
+                length += inOutIdx; /* include leading sequence */
+            }
+            /* get length using octect string (allowed for private key types) */
+            else if (type == PRIVATEKEY_TYPE &&
+                    GetOctetString(buff, &inOutIdx, &length, (word32)sz) >= 0) {
+                length += inOutIdx; /* include leading oct string */
+            }
+            else {
                ret = ASN_PARSE_E;
            }
-            length += inOutIdx; /* include leading sequence */
        }

        info->consumed = length;
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -423,7 +423,7 @@ static int SetBoolean(int val, byte* output)
 *         invalid.
 *         Otherwise, the number of bytes in the ASN.1 data.
 */
-static int GetOctetString(const byte* input, word32* inOutIdx, int* len,
+int GetOctetString(const byte* input, word32* inOutIdx, int* len,
                          word32 maxIdx)
 {
    return GetASNHeader(input, ASN_OCTET_STRING, inOutIdx, len, maxIdx);
@@ -10385,14 +10385,8 @@ int PemToDer(const unsigned char* buff, long longSz, int type,

                if (ret >= 0) {
                    der->length = ret;
-                    if ((algId == ECDSAk) && (keyFormat != NULL))
-                        *keyFormat = ECDSAk;
-                    else if ((algId == DSAk) && (keyFormat != NULL))
-                        *keyFormat = DSAk;
-                    #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
-                    else if ((algId == DHk) && (keyFormat != NULL))
-                        *keyFormat = DHk;
-                    #endif
+                    if (keyFormat)
+                        *keyFormat = algId;
                    ret = 0;
                }
            #else
--- a/wolfssl/wolfcrypt/asn.h
+++ b/wolfssl/wolfcrypt/asn.h
@@ -432,10 +432,8 @@ enum Key_Sum {
    RSAk     = 645,
    NTRUk    = 274,
    ECDSAk   = 518,
-    ED25519k = 256
-    #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL)
-    ,DHk      = 647 /* dhKeyAgreement OID: 1.2.840.113549.1.3.1 */
-    #endif
+    ED25519k = 256,
+    DHk      = 647, /* dhKeyAgreement OID: 1.2.840.113549.1.3.1 */
 };

 #if !defined(NO_AES) || defined(HAVE_PKCS7)
@@ -1114,6 +1112,8 @@ WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
                             word32 maxIdx);
 WOLFSSL_LOCAL int GetSequence_ex(const byte* input, word32* inOutIdx, int* len,
                           word32 maxIdx, int check);
+WOLFSSL_LOCAL int GetOctetString(const byte* input, word32* inOutIdx, int* len,
+                         word32 maxIdx);
 WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
                        word32 maxIdx);
 WOLFSSL_LOCAL int GetSet_ex(const byte* input, word32* inOutIdx, int* len,