feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #5072 from JacobBarthelmeh/Compatibility-Layer

Browse Source 
add support for importing private only EC key to a WOLFSSL_EVP_PKEY s…
This commit is contained in:
David Garske
2022-06-27 12:34:00 -07:00
committed by GitHub
parent 456e463640 4de90efbe2
commit 94e7eacc5f
2 changed files with 35 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tests/api.c
View File

@@ -26465,6 +26465,21 @@ static int test_wc_EccPrivateKeyToDer (void)
if (ret == 0) { if (ret == 0) {
ret = wc_EccPrivateKeyToDer(&eccKey, output, inLen); ret = wc_EccPrivateKeyToDer(&eccKey, output, inLen);
if (ret > 0) { if (ret > 0) {
#if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
/* test importing private only into a PKEY struct */
EC_KEY* ec;
EVP_PKEY* pkey;
const unsigned char* der = output;
pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, ret);
AssertNotNull(pkey);
der = output;
ec = d2i_ECPrivateKey(NULL, &der, ret);
AssertNotNull(ec);
AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
#endif
ret = 0; ret = 0;
} }
} }

25
wolfcrypt/src/evp.c
View File

@@ -7974,6 +7974,12 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
else else
#endif /* HAVE_PKCS8 */ #endif /* HAVE_PKCS8 */
{ {
if (ecc->type == ECC_PRIVATEKEY_ONLY) {
if (wc_ecc_make_pub(ecc, NULL) != MP_OKAY) {
return WOLFSSL_FAILURE;
}
}
/* if not, the pkey will be traditional ecc key */ /* if not, the pkey will be traditional ecc key */
if ((derSz = wc_EccKeyDerSize(ecc, 1)) > 0) { if ((derSz = wc_EccKeyDerSize(ecc, 1)) > 0) {
derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_OPENSSL); derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_OPENSSL);
@@ -8058,15 +8064,21 @@ void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx)
} }
int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key) int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key)
{ {
int ret;
if (pkey == NULL || key == NULL) if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
pkey->type = EVP_PKEY_EC;
pkey->ecc = key;
pkey->ownEcc = 1;
/* try and populate public pkey_sz and pkey.ptr */ /* try and populate public pkey_sz and pkey.ptr */
return ECC_populate_EVP_PKEY(pkey, key); ret = ECC_populate_EVP_PKEY(pkey, key);
if (ret == WOLFSSL_SUCCESS) { /* take ownership of key if can be used */
clearEVPPkeyKeys(pkey); /* clear out any previous keys */
pkey->type = EVP_PKEY_EC;
pkey->ecc = key;
pkey->ownEcc = 1;
}
return ret;
} }
#endif /* HAVE_ECC */ #endif /* HAVE_ECC */
@@ -8565,6 +8577,7 @@ int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key)
if (pkey == NULL || key == NULL) if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
clearEVPPkeyKeys(pkey);
pkey->type = EVP_PKEY_RSA; pkey->type = EVP_PKEY_RSA;
pkey->rsa = key; pkey->rsa = key;
pkey->ownRsa = 1; pkey->ownRsa = 1;
@@ -8600,6 +8613,7 @@ int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key)
if (pkey == NULL || key == NULL) if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
clearEVPPkeyKeys(pkey);
pkey->type = EVP_PKEY_DSA; pkey->type = EVP_PKEY_DSA;
pkey->dsa = key; pkey->dsa = key;
pkey->ownDsa = 1; pkey->ownDsa = 1;
@@ -8614,6 +8628,7 @@ int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key)
if (pkey == NULL || key == NULL) if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE; return WOLFSSL_FAILURE;
clearEVPPkeyKeys(pkey);
pkey->type = EVP_PKEY_DH; pkey->type = EVP_PKEY_DH;
pkey->dh = key; pkey->dh = key;
pkey->ownDh = 1; pkey->ownDh = 1;