feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #5356 from dgarske/asn_rfc8410

Browse Source 
Fixes for ED25519/ED448 private key with public key export (RFC8410)
This commit is contained in:
Andrew Hutchings
2022-07-14 07:11:03 +01:00
committed by GitHub
parent a2b7b44163 b69af856de
commit 5098cdcd76
3 changed files with 66 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
tests/api.c
View File

@ -26646,19 +26646,20 @@ static int test_wc_Ed25519KeyToDer (void)
ret = 0; ret = 0;
} }
} }
if (ret == 0) {
ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen);
if (ret == BAD_FUNC_ARG) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed25519KeyToDer(&ed25519Key, output, 0); ret = wc_Ed25519KeyToDer(&ed25519Key, output, 0);
if (ret == BAD_FUNC_ARG) { if (ret == BAD_FUNC_ARG) {
ret = 0; ret = 0;
} }
} }
/* Good Case */ /* Good Cases */
if (ret == 0) {
/* length only */
ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen);
if (ret > 0) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed25519KeyToDer(&ed25519Key, output, inLen); ret = wc_Ed25519KeyToDer(&ed25519Key, output, inLen);
if (ret > 0) { if (ret > 0) {
@ -26713,19 +26714,20 @@ static int test_wc_Ed25519PrivateKeyToDer (void)
ret = 0; ret = 0;
} }
} }
if (ret == 0) {
ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen);
if (ret == BAD_FUNC_ARG) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0); ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0);
if (ret == BAD_FUNC_ARG) { if (ret == BAD_FUNC_ARG) {
ret = 0; ret = 0;
} }
} }
/* Good Case */ /* Good Cases */
if (ret == 0) {
/* length only */
ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen);
if (ret > 0) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen); ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen);
if (ret > 0) { if (ret > 0) {
@ -26779,19 +26781,20 @@ static int test_wc_Ed448KeyToDer (void)
ret = 0; ret = 0;
} }
} }
if (ret == 0) {
ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen);
if (ret == BAD_FUNC_ARG) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed448KeyToDer(&ed448Key, output, 0); ret = wc_Ed448KeyToDer(&ed448Key, output, 0);
if (ret == BAD_FUNC_ARG) { if (ret == BAD_FUNC_ARG) {
ret = 0; ret = 0;
} }
} }
/* Good Case */ /* Good Cases */
if (ret == 0) {
/* length only */
ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen);
if (ret > 0) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed448KeyToDer(&ed448Key, output, inLen); ret = wc_Ed448KeyToDer(&ed448Key, output, inLen);
if (ret > 0) { if (ret > 0) {
@ -26845,19 +26848,20 @@ static int test_wc_Ed448PrivateKeyToDer (void)
ret = 0; ret = 0;
} }
} }
if (ret == 0) {
ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen);
if (ret == BAD_FUNC_ARG) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0); ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0);
if (ret == BAD_FUNC_ARG) { if (ret == BAD_FUNC_ARG) {
ret = 0; ret = 0;
} }
} }
/* Good case */ /* Good cases */
if (ret == 0) {
/* length only */
ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen);
if (ret > 0) {
ret = 0;
}
}
if (ret == 0) { if (ret == 0) {
ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen); ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen);
if (ret > 0) { if (ret > 0) {

41
wolfcrypt/src/asn.c
View File

@ -29661,9 +29661,7 @@ static const ASNItem edKeyASN[] = {
/* attributes */ /* attributes */
/* ATTRS */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_ATTRS, 1, 1, 1 }, /* ATTRS */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_ATTRS, 1, 1, 1 },
/* publicKey */ /* publicKey */
/* PUBKEY */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY, 1, 1, 1 }, /* PUBKEY */ { 1, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY, 0, 0, 1 },
/* Public value */
/* PUBKEY_VAL */ { 2, ASN_OCTET_STRING, 0, 0, 0 }
}; };
enum { enum {
EDKEYASN_IDX_SEQ = 0, EDKEYASN_IDX_SEQ = 0,
@ -29674,7 +29672,6 @@ enum {
EDKEYASN_IDX_PKEY_CURVEPKEY, EDKEYASN_IDX_PKEY_CURVEPKEY,
EDKEYASN_IDX_ATTRS, EDKEYASN_IDX_ATTRS,
EDKEYASN_IDX_PUBKEY, EDKEYASN_IDX_PUBKEY,
EDKEYASN_IDX_PUBKEY_VAL,
}; };
/* Number of items in ASN.1 template for Ed25519 and Ed448 private key. */ /* Number of items in ASN.1 template for Ed25519 and Ed448 private key. */
@ -29755,11 +29752,8 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1, if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY | 1,
inOutIdx, &length, inSz) < 0) { inOutIdx, &pubSz, inSz) < 0) {
return ASN_PARSE_E;
}
if (GetOctetString(input, inOutIdx, &pubSz, inSz) < 0) {
return ASN_PARSE_E; return ASN_PARSE_E;
} }
@ -29811,7 +29805,7 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
} }
else if ((ret == 0) && else if ((ret == 0) &&
(pubKeyLen != NULL) && (pubKeyLen != NULL) &&
(dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.ref.length > *pubKeyLen)) { (dataASN[EDKEYASN_IDX_PUBKEY].data.ref.length > *pubKeyLen)) {
ret = ASN_PARSE_E; ret = ASN_PARSE_E;
} }
else if (ret == 0) { else if (ret == 0) {
@ -29820,9 +29814,9 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
XMEMCPY(privKey, dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.ref.data, XMEMCPY(privKey, dataASN[EDKEYASN_IDX_PKEY_CURVEPKEY].data.ref.data,
*privKeyLen); *privKeyLen);
if (pubKeyLen != NULL) if (pubKeyLen != NULL)
*pubKeyLen = dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.ref.length; *pubKeyLen = dataASN[EDKEYASN_IDX_PUBKEY].data.ref.length;
if (pubKey != NULL && pubKeyLen != NULL) if (pubKey != NULL && pubKeyLen != NULL)
XMEMCPY(pubKey, dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.ref.data, XMEMCPY(pubKey, dataASN[EDKEYASN_IDX_PUBKEY].data.ref.data,
*pubKeyLen); *pubKeyLen);
} }
@ -30023,7 +30017,6 @@ int wc_Curve25519PublicKeyDecode(const byte* input, word32* inOutIdx,
* @return Size of encoded data in bytes on success * @return Size of encoded data in bytes on success
* @return BAD_FUNC_ARG when key is NULL. * @return BAD_FUNC_ARG when key is NULL.
* @return MEMORY_E when dynamic memory allocation failed. * @return MEMORY_E when dynamic memory allocation failed.
* @return LENGTH_ONLY_E return length only.
*/ */
static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
const byte* pubKey, word32 pubKeyLen, const byte* pubKey, word32 pubKeyLen,
@ -30045,7 +30038,7 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
#ifndef WOLFSSL_ASN_TEMPLATE #ifndef WOLFSSL_ASN_TEMPLATE
/* calculate size */ /* calculate size */
if (pubKey) { if (pubKey) {
pubSz = 2 + 2 + pubKeyLen; pubSz = 2 + pubKeyLen;
} }
privSz = 2 + 2 + privKeyLen; privSz = 2 + 2 + privKeyLen;
algoSz = SetAlgoID(keyType, NULL, oidKeyType, 0); algoSz = SetAlgoID(keyType, NULL, oidKeyType, 0);
@ -30061,7 +30054,7 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
if (ret == 0 && output != NULL) { if (ret == 0 && output != NULL) {
/* write out */ /* write out */
/* seq */ /* seq */
seqSz = SetSequence(verSz + algoSz + privSz + pubSz, output); seqSz = SetSequence(verSz + algoSz + privSz + pubSz, output);
idx = seqSz; idx = seqSz;
/* ver */ /* ver */
SetMyVersion(0, output + idx, FALSE); SetMyVersion(0, output + idx, FALSE);
@ -30076,13 +30069,16 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
idx += privKeyLen; idx += privKeyLen;
/* pubKey */ /* pubKey */
if (pubKey) { if (pubKey) {
idx += SetExplicit(1, 2 + pubKeyLen, output + idx); idx += SetHeader(ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY |
idx += SetOctetString(pubKeyLen, output + idx); 1, pubKeyLen, output + idx);
XMEMCPY(output + idx, pubKey, pubKeyLen); XMEMCPY(output + idx, pubKey, pubKeyLen);
idx += pubKeyLen; idx += pubKeyLen;
} }
sz = idx;
ret = idx; }
if (ret == 0) {
/* Return size of encoding. */
ret = sz;
} }
#else #else
@ -30099,7 +30095,7 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
dataASN[EDKEYASN_IDX_ATTRS].noOut = 1; dataASN[EDKEYASN_IDX_ATTRS].noOut = 1;
if (pubKey) { if (pubKey) {
/* Leave space for public key. */ /* Leave space for public key. */
SetASN_Buffer(&dataASN[EDKEYASN_IDX_PUBKEY_VAL], NULL, pubKeyLen); SetASN_Buffer(&dataASN[EDKEYASN_IDX_PUBKEY], NULL, pubKeyLen);
} }
else { else {
/* Don't put out public part. */ /* Don't put out public part. */
@ -30125,10 +30121,11 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
if (pubKey != NULL) { if (pubKey != NULL) {
/* Put public value into space provided. */ /* Put public value into space provided. */
XMEMCPY((byte*)dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.buffer.data, XMEMCPY((byte*)dataASN[EDKEYASN_IDX_PUBKEY].data.buffer.data,
pubKey, pubKeyLen); pubKey, pubKeyLen);
} }
}
if (ret == 0) {
/* Return size of encoding. */ /* Return size of encoding. */
ret = sz; ret = sz;
} }

30
wolfcrypt/test/test.c
View File

@ -27290,17 +27290,17 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
0x00 /* add an additional byte to make the pubkey appear bigger */ 0x00 /* add an additional byte to make the pubkey appear bigger */
}; };
static byte privPubEd25519[] = { static byte privPubEd25519[] = {
0x30,0x52,0x02,0x01,0x00,0x30,0x05,0x06, 0x30,0x50,0x02,0x01,0x00,0x30,0x05,0x06,
0x03,0x2b,0x65,0x70,0x04,0x22,0x04,0x20, 0x03,0x2b,0x65,0x70,0x04,0x22,0x04,0x20,
0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60, 0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60,
0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4, 0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4,
0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19, 0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19,
0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60, 0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60,
0xa1,0x22,0x04,0x20,0xd7,0x5a,0x98,0x01, 0x81,0x20,0xd7,0x5a,0x98,0x01,0x82,0xb1,
0x82,0xb1,0x0a,0xb7,0xd5,0x4b,0xfe,0xd3, 0x0a,0xb7,0xd5,0x4b,0xfe,0xd3,0xc9,0x64,
0xc9,0x64,0x07,0x3a,0x0e,0xe1,0x72,0xf3, 0x07,0x3a,0x0e,0xe1,0x72,0xf3,0xda,0xa6,
0xda,0xa6,0x23,0x25,0xaf,0x02,0x1a,0x68, 0x23,0x25,0xaf,0x02,0x1a,0x68,0xf7,0x07,
0xf7,0x07,0x51,0x1a 0x51,0x1a
}; };
word32 idx; word32 idx;
@ -28713,7 +28713,7 @@ WOLFSSL_TEST_SUBROUTINE int ed448_test(void)
0xaf, 0xe8, 0x25, 0x61, 0x80 0xaf, 0xe8, 0x25, 0x61, 0x80
}; };
static const byte privPubEd448[] = { static const byte privPubEd448[] = {
0x30, 0x81, 0x84, 0x02, 0x01, 0x00, 0x30, 0x05, 0x30, 0x81, 0x82, 0x02, 0x01, 0x00, 0x30, 0x05,
0x06, 0x03, 0x2b, 0x65, 0x71, 0x04, 0x3b, 0x04, 0x06, 0x03, 0x2b, 0x65, 0x71, 0x04, 0x3b, 0x04,
0x39, 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x39, 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d,
0x10, 0xd6, 0x32, 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0x10, 0xd6, 0x32, 0xbe, 0x89, 0xc8, 0x51, 0x3e,
@ -28722,14 +28722,14 @@ WOLFSSL_TEST_SUBROUTINE int ed448_test(void)
0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04,
0x4e, 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x4e, 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f,
0x8f, 0x03, 0x2e, 0x75, 0x49, 0xa2, 0x00, 0x98, 0x8f, 0x03, 0x2e, 0x75, 0x49, 0xa2, 0x00, 0x98,
0xf9, 0x5b, 0xa1, 0x3b, 0x04, 0x39, 0x5f, 0xd7, 0xf9, 0x5b, 0x81, 0x39, 0x5f, 0xd7, 0x44, 0x9b,
0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7, 0x87, 0xec,
0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
0x34, 0x24, 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d,
0xa7, 0x5d, 0x80, 0xe9, 0x67, 0x78, 0xed, 0xf1, 0x80, 0xe9, 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76,
0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06, 0x1b, 0xd6, 0x9b, 0x46, 0xc7, 0x06, 0x1b, 0xd6, 0x78, 0x3d,
0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa, 0x1a, 0xbe,
0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80 0xaf, 0xe8, 0x25, 0x61, 0x80
}; };
word32 idx; word32 idx;