WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

review comments

pull/8758/head
Brett Nicholas 2025-05-12 11:43:56 -06:00
parent 79f214f73c
commit 2151a1b8a1
3 changed files with 52 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
tests/api.c
View File

@ -22755,7 +22755,7 @@ static int test_wc_GetPubKeyDerFromCert(void)
return EXPECT_RESULT();
}
static int test_wc_ExportX509PubKeyWithSpki(void)
static int test_wc_GetSubjectPubKeyInfoDerFromCert(void)
{
EXPECT_DECLS;
#if !defined(NO_RSA) || defined(HAVE_ECC)
@ -22809,8 +22809,8 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
#endif
/* good test case - RSA DER cert */
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(rsaCertDer, rsaCertDerSz, keyDer,
&keyDerSz), 0);
ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer, rsaCertDerSz,
keyDer, &keyDerSz), 0);
ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */
@ -22823,18 +22823,20 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
/* bad args: certDer */
keyDerSz = (word32)sizeof(keyDer);
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(NULL, rsaCertDerSz, keyDer,
&keyDerSz),
ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(NULL, rsaCertDerSz, keyDer,
&keyDerSz),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* bad args: 0 sized certSz */
keyDerSz = (word32)sizeof(keyDer);
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(rsaCertDer, 0, keyDer, &keyDerSz),
ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer, 0, keyDer,
&keyDerSz),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* bad args: NULL inout size */
ExpectIntEQ(ret = wc_ExportX509PubKeyWithSpki(rsaCertDer, rsaCertDerSz,
keyDer, NULL),
ExpectIntEQ(ret = wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer,
rsaCertDerSz, keyDer,
NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* Certificate Request Tests */
@ -22849,8 +22851,10 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
/* good test case - RSA DER certificate request */
keyDerSz = sizeof(keyDer);
ExpectIntEQ(ret = wc_ExportX509PubKeyWithSpki(rsaCertDer, rsaCertDerSz,
keyDer, &keyDerSz), 0);
ExpectIntEQ(ret = wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer,
rsaCertDerSz,
keyDer,
&keyDerSz), 0);
ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */
@ -22878,8 +22882,8 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
/* good test case - ECC */
XMEMSET(keyDer, 0, sizeof(keyDer));
keyDerSz = sizeof(keyDer);
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(eccCert, eccCertSz, keyDer,
&keyDerSz), 0);
ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(eccCert, eccCertSz, keyDer,
&keyDerSz), 0);
ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */
@ -66987,7 +66991,7 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wc_PubKeyPemToDer),
TEST_DECL(test_wc_PemPubKeyToDer),
TEST_DECL(test_wc_GetPubKeyDerFromCert),
TEST_DECL(test_wc_ExportX509PubKeyWithSpki),
TEST_DECL(test_wc_GetSubjectPubKeyInfoDerFromCert),
TEST_DECL(test_wc_CheckCertSigPubKey),
/* wolfCrypt ASN tests */

63
wolfcrypt/src/asn.c
View File

@ -24628,59 +24628,60 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
* @return BAD_FUNC_ARG if certDer is NULL, certSz is 0, or pubKeyDerSz is NULL
* @return BUFFER_E if the provided buffer is too small
*/
WOLFSSL_API int wc_ExportX509PubKeyWithSpki(const byte* certDer, word32 certSz,
byte* pubKeyDer,
word32* pubKeyDerSz)
WOLFSSL_API int wc_GetSubjectPubKeyInfoDerFromCert(const byte* certDer,
word32 certSz,
byte* pubKeyDer,
word32* pubKeyDerSz)
{
DecodedCert cert;
int ret;
word32 startIdx;
word32 idx;
word32 length;
int badDate = 0;
int badDate;
if (certDer == NULL || certSz == 0 || pubKeyDerSz == NULL) {
return BAD_FUNC_ARG;
}
/* Initialize decoded cert structure */
length = 0;
badDate = 0;
wc_InitDecodedCert(&cert, certDer, certSz, NULL);
/* Parse up to the SubjectPublicKeyInfo */
ret = wc_GetPubX509(&cert, 0, &badDate);
if (ret < 0) {
wc_FreeDecodedCert(&cert);
return ret;
}
if (ret >= 0) {
/* Save the starting index of SubjectPublicKeyInfo */
startIdx = cert.srcIdx;
/* Save the starting index of SubjectPublicKeyInfo */
startIdx = cert.srcIdx;
/* Get the length of the SubjectPublicKeyInfo sequence */
idx = startIdx;
ret = GetSequence(certDer, &idx, (int*)&length, certSz);
if (ret >= 0) {
/* Calculate total length including sequence header */
length += (idx - startIdx);
/* Get the length of the SubjectPublicKeyInfo sequence */
idx = startIdx;
ret = GetSequence(certDer, &idx, (int*)&length, certSz);
if (ret < 0) {
wc_FreeDecodedCert(&cert);
return ret;
}
/* Calculate total length including sequence header */
length += (idx - startIdx);
/* Copy the SubjectPublicKeyInfo if buffer provided */
if (pubKeyDer != NULL) {
if (*pubKeyDerSz < (word32)length) {
wc_FreeDecodedCert(&cert);
return BUFFER_E;
/* Copy the SubjectPublicKeyInfo if buffer provided */
if (pubKeyDer != NULL) {
if (*pubKeyDerSz < (word32)length) {
ret = BUFFER_E;
}
else {
XMEMCPY(pubKeyDer, &certDer[startIdx], length);
}
}
}
XMEMCPY(pubKeyDer, &certDer[startIdx], length);
}
/* Return the size */
*pubKeyDerSz = length;
if (ret >= 0) {
ret = 0;
}
*pubKeyDerSz = length;
wc_FreeDecodedCert(&cert);
return 0;
return ret;
}

5
wolfssl/wolfcrypt/asn_public.h
View File

@ -879,8 +879,9 @@ WOLFSSL_API int wc_ParseCert(
WOLFSSL_API int wc_GetPubKeyDerFromCert(struct DecodedCert* cert,
byte* derKey, word32* derKeySz);
WOLFSSL_API int wc_ExportX509PubKeyWithSpki(const byte* cert, word32 certSz,
byte* pubKey, word32* pubKeySz);
WOLFSSL_API int wc_GetSubjectPubKeyInfoDerFromCert(const byte* cert,
word32 certSz, byte* pubKey,
word32* pubKeySz);
#ifdef WOLFSSL_FPKI
WOLFSSL_API int wc_GetUUIDFromCert(struct DecodedCert* cert,