wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-13 17:44:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix wolfSSL_i2d_PublicKey not returning SPKI format for ECC keys.

Browse Source
This commit is contained in:
Kareem
2025-08-04 15:17:21 -07:00
parent 649b6ede69
commit 36e0e3aa53
2 changed files with 22 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/ssl.c
View File

@@ -16653,7 +16653,7 @@ int wolfSSL_i2d_PublicKey(const WOLFSSL_EVP_PKEY *key, unsigned char **der)
} }
if (ret == 0) { if (ret == 0) {
pub_derSz = (word32)wc_EccPublicKeyDerSize(eccKey, 0); pub_derSz = (word32)wc_EccPublicKeyDerSize(eccKey, 1);
if ((int)pub_derSz <= 0) { if ((int)pub_derSz <= 0) {
ret = WOLFSSL_FAILURE; ret = WOLFSSL_FAILURE;
} }
@@ -16669,7 +16669,7 @@ int wolfSSL_i2d_PublicKey(const WOLFSSL_EVP_PKEY *key, unsigned char **der)
} }
if (ret == 0) { if (ret == 0) {
pub_derSz = (word32)wc_EccPublicKeyToDer(eccKey, pub_der, pub_derSz, 0); pub_derSz = (word32)wc_EccPublicKeyToDer(eccKey, pub_der, pub_derSz, 1);
if ((int)pub_derSz <= 0) { if ((int)pub_derSz <= 0) {
ret = WOLFSSL_FATAL_ERROR; ret = WOLFSSL_FATAL_ERROR;
} }

24
tests/api.c
View File

@@ -45730,11 +45730,14 @@ static int test_wolfSSL_d2i_and_i2d_PublicKey_ecc(void)
unsigned char *tmp = NULL; unsigned char *tmp = NULL;
int derLen; int derLen;
unsigned char pub_buf[65]; unsigned char pub_buf[65];
unsigned char pub_spki_buf[91];
const int pub_len = 65; const int pub_len = 65;
const int pub_spki_len = 91;
BN_CTX* ctx = NULL; BN_CTX* ctx = NULL;
EC_GROUP* curve = NULL; EC_GROUP* curve = NULL;
EC_KEY* ephemeral_key = NULL; EC_KEY* ephemeral_key = NULL;
const EC_POINT* h = NULL; const EC_POINT* h = NULL;
ecc_key *eccKey = NULL;
/* Generate an x963 key pair and get public part into pub_buf */ /* Generate an x963 key pair and get public part into pub_buf */
ExpectNotNull(ctx = BN_CTX_new()); ExpectNotNull(ctx = BN_CTX_new());
@@ -45745,6 +45748,17 @@ static int test_wolfSSL_d2i_and_i2d_PublicKey_ecc(void)
ExpectNotNull(h = EC_KEY_get0_public_key(ephemeral_key)); ExpectNotNull(h = EC_KEY_get0_public_key(ephemeral_key));
ExpectIntEQ(pub_len, EC_POINT_point2oct(curve, h, ExpectIntEQ(pub_len, EC_POINT_point2oct(curve, h,
POINT_CONVERSION_UNCOMPRESSED, pub_buf, pub_len, ctx)); POINT_CONVERSION_UNCOMPRESSED, pub_buf, pub_len, ctx));
/* Create an ecc key struct from the point.
Use it to create a DER with the appropriate
SubjectPublicKeyInfo format. */
ExpectNotNull(eccKey = (ecc_key *)XMALLOC(sizeof(*eccKey), NULL,
DYNAMIC_TYPE_ECC));
ExpectIntEQ(wc_ecc_init(eccKey), 0);
ExpectIntEQ(wc_ecc_import_x963(pub_buf, pub_len, eccKey), 0);
ExpectIntEQ(derLen = wc_EccPublicKeyDerSize(eccKey, 1),
pub_spki_len);
ExpectIntEQ(derLen = wc_EccPublicKeyToDer(eccKey, pub_spki_buf,
pub_spki_len, 1), pub_spki_len);
/* Prepare the EVP_PKEY */ /* Prepare the EVP_PKEY */
ExpectNotNull(pkey = EVP_PKEY_new()); ExpectNotNull(pkey = EVP_PKEY_new());
@@ -45756,17 +45770,19 @@ static int test_wolfSSL_d2i_and_i2d_PublicKey_ecc(void)
/* Check that key can be successfully encoded. */ /* Check that key can be successfully encoded. */
ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0); ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
/* Ensure that the encoded version matches the original. */ /* Ensure that the encoded version matches the original. */
ExpectIntEQ(derLen, pub_len); ExpectIntEQ(derLen, pub_spki_len);
ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0); ExpectIntEQ(XMEMCMP(der, pub_spki_buf, derLen), 0);
/* Do same test except with pre-allocated buffer to ensure the der pointer /* Do same test except with pre-allocated buffer to ensure the der pointer
* is advanced. */ * is advanced. */
tmp = der; tmp = der;
ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0); ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
ExpectIntEQ(derLen, pub_len); ExpectIntEQ(derLen, pub_spki_len);
ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0); ExpectIntEQ(XMEMCMP(der, pub_spki_buf, derLen), 0);
ExpectTrue(der + derLen == tmp); ExpectTrue(der + derLen == tmp);
wc_ecc_free(eccKey);
XFREE(eccKey, NULL, DYNAMIC_TYPE_ECC);
XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL); XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
EVP_PKEY_free(pkey); EVP_PKEY_free(pkey);
EC_KEY_free(ephemeral_key); EC_KEY_free(ephemeral_key);