WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

review comments

pull/8758/head
Brett Nicholas 2025-05-12 11:43:56 -06:00
parent 79f214f73c
commit 2151a1b8a1
3 changed files with 52 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
tests/api.c
View File

@ -22755,7 +22755,7 @@ static int test_wc_GetPubKeyDerFromCert(void)
return EXPECT_RESULT(); return EXPECT_RESULT();
} }
static int test_wc_ExportX509PubKeyWithSpki(void) static int test_wc_GetSubjectPubKeyInfoDerFromCert(void)
{ {
EXPECT_DECLS; EXPECT_DECLS;
#if !defined(NO_RSA) || defined(HAVE_ECC) #if !defined(NO_RSA) || defined(HAVE_ECC)
@ -22809,8 +22809,8 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
#endif #endif
/* good test case - RSA DER cert */ /* good test case - RSA DER cert */
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(rsaCertDer, rsaCertDerSz, keyDer, ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer, rsaCertDerSz,
&keyDerSz), 0); keyDer, &keyDerSz), 0);
ExpectIntGT(keyDerSz, 0); ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */ /* sanity check, verify we can import DER public key */
@ -22823,18 +22823,20 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
/* bad args: certDer */ /* bad args: certDer */
keyDerSz = (word32)sizeof(keyDer); keyDerSz = (word32)sizeof(keyDer);
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(NULL, rsaCertDerSz, keyDer, ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(NULL, rsaCertDerSz, keyDer,
&keyDerSz), &keyDerSz),
WC_NO_ERR_TRACE(BAD_FUNC_ARG)); WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* bad args: 0 sized certSz */ /* bad args: 0 sized certSz */
keyDerSz = (word32)sizeof(keyDer); keyDerSz = (word32)sizeof(keyDer);
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(rsaCertDer, 0, keyDer, &keyDerSz), ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer, 0, keyDer,
&keyDerSz),
WC_NO_ERR_TRACE(BAD_FUNC_ARG)); WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* bad args: NULL inout size */ /* bad args: NULL inout size */
ExpectIntEQ(ret = wc_ExportX509PubKeyWithSpki(rsaCertDer, rsaCertDerSz, ExpectIntEQ(ret = wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer,
keyDer, NULL), rsaCertDerSz, keyDer,
NULL),
WC_NO_ERR_TRACE(BAD_FUNC_ARG)); WC_NO_ERR_TRACE(BAD_FUNC_ARG));
/* Certificate Request Tests */ /* Certificate Request Tests */
@ -22849,8 +22851,10 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
/* good test case - RSA DER certificate request */ /* good test case - RSA DER certificate request */
keyDerSz = sizeof(keyDer); keyDerSz = sizeof(keyDer);
ExpectIntEQ(ret = wc_ExportX509PubKeyWithSpki(rsaCertDer, rsaCertDerSz, ExpectIntEQ(ret = wc_GetSubjectPubKeyInfoDerFromCert(rsaCertDer,
keyDer, &keyDerSz), 0); rsaCertDerSz,
keyDer,
&keyDerSz), 0);
ExpectIntGT(keyDerSz, 0); ExpectIntGT(keyDerSz, 0);
/* sanity check, verify we can import DER public key */ /* sanity check, verify we can import DER public key */
@ -22878,7 +22882,7 @@ static int test_wc_ExportX509PubKeyWithSpki(void)
/* good test case - ECC */ /* good test case - ECC */
XMEMSET(keyDer, 0, sizeof(keyDer)); XMEMSET(keyDer, 0, sizeof(keyDer));
keyDerSz = sizeof(keyDer); keyDerSz = sizeof(keyDer);
ExpectIntEQ(wc_ExportX509PubKeyWithSpki(eccCert, eccCertSz, keyDer, ExpectIntEQ(wc_GetSubjectPubKeyInfoDerFromCert(eccCert, eccCertSz, keyDer,
&keyDerSz), 0); &keyDerSz), 0);
ExpectIntGT(keyDerSz, 0); ExpectIntGT(keyDerSz, 0);
@ -66987,7 +66991,7 @@ TEST_CASE testCases[] = {
TEST_DECL(test_wc_PubKeyPemToDer), TEST_DECL(test_wc_PubKeyPemToDer),
TEST_DECL(test_wc_PemPubKeyToDer), TEST_DECL(test_wc_PemPubKeyToDer),
TEST_DECL(test_wc_GetPubKeyDerFromCert), TEST_DECL(test_wc_GetPubKeyDerFromCert),
TEST_DECL(test_wc_ExportX509PubKeyWithSpki), TEST_DECL(test_wc_GetSubjectPubKeyInfoDerFromCert),
TEST_DECL(test_wc_CheckCertSigPubKey), TEST_DECL(test_wc_CheckCertSigPubKey),
/* wolfCrypt ASN tests */ /* wolfCrypt ASN tests */

37
wolfcrypt/src/asn.c
View File

@ -24628,7 +24628,8 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
* @return BAD_FUNC_ARG if certDer is NULL, certSz is 0, or pubKeyDerSz is NULL * @return BAD_FUNC_ARG if certDer is NULL, certSz is 0, or pubKeyDerSz is NULL
* @return BUFFER_E if the provided buffer is too small * @return BUFFER_E if the provided buffer is too small
*/ */
WOLFSSL_API int wc_ExportX509PubKeyWithSpki(const byte* certDer, word32 certSz, WOLFSSL_API int wc_GetSubjectPubKeyInfoDerFromCert(const byte* certDer,
word32 certSz,
byte* pubKeyDer, byte* pubKeyDer,
word32* pubKeyDerSz) word32* pubKeyDerSz)
{ {
@ -24637,50 +24638,50 @@ WOLFSSL_API int wc_ExportX509PubKeyWithSpki(const byte* certDer, word32 certSz,
word32 startIdx; word32 startIdx;
word32 idx; word32 idx;
word32 length; word32 length;
int badDate = 0; int badDate;
if (certDer == NULL || certSz == 0 || pubKeyDerSz == NULL) { if (certDer == NULL || certSz == 0 || pubKeyDerSz == NULL) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }
/* Initialize decoded cert structure */ length = 0;
badDate = 0;
wc_InitDecodedCert(&cert, certDer, certSz, NULL); wc_InitDecodedCert(&cert, certDer, certSz, NULL);
/* Parse up to the SubjectPublicKeyInfo */ /* Parse up to the SubjectPublicKeyInfo */
ret = wc_GetPubX509(&cert, 0, &badDate); ret = wc_GetPubX509(&cert, 0, &badDate);
if (ret < 0) { if (ret >= 0) {
wc_FreeDecodedCert(&cert);
return ret;
}
/* Save the starting index of SubjectPublicKeyInfo */ /* Save the starting index of SubjectPublicKeyInfo */
startIdx = cert.srcIdx; startIdx = cert.srcIdx;
/* Get the length of the SubjectPublicKeyInfo sequence */ /* Get the length of the SubjectPublicKeyInfo sequence */
idx = startIdx; idx = startIdx;
ret = GetSequence(certDer, &idx, (int*)&length, certSz); ret = GetSequence(certDer, &idx, (int*)&length, certSz);
if (ret < 0) { if (ret >= 0) {
wc_FreeDecodedCert(&cert);
return ret;
}
/* Calculate total length including sequence header */ /* Calculate total length including sequence header */
length += (idx - startIdx); length += (idx - startIdx);
/* Copy the SubjectPublicKeyInfo if buffer provided */ /* Copy the SubjectPublicKeyInfo if buffer provided */
if (pubKeyDer != NULL) { if (pubKeyDer != NULL) {
if (*pubKeyDerSz < (word32)length) { if (*pubKeyDerSz < (word32)length) {
wc_FreeDecodedCert(&cert); ret = BUFFER_E;
return BUFFER_E;
} }
else {
XMEMCPY(pubKeyDer, &certDer[startIdx], length); XMEMCPY(pubKeyDer, &certDer[startIdx], length);
} }
}
}
}
if (ret >= 0) {
ret = 0;
}
/* Return the size */
*pubKeyDerSz = length; *pubKeyDerSz = length;
wc_FreeDecodedCert(&cert); wc_FreeDecodedCert(&cert);
return 0;
return ret;
} }

5
wolfssl/wolfcrypt/asn_public.h
View File

@ -879,8 +879,9 @@ WOLFSSL_API int wc_ParseCert(
WOLFSSL_API int wc_GetPubKeyDerFromCert(struct DecodedCert* cert, WOLFSSL_API int wc_GetPubKeyDerFromCert(struct DecodedCert* cert,
byte* derKey, word32* derKeySz); byte* derKey, word32* derKeySz);
WOLFSSL_API int wc_ExportX509PubKeyWithSpki(const byte* cert, word32 certSz, WOLFSSL_API int wc_GetSubjectPubKeyInfoDerFromCert(const byte* cert,
byte* pubKey, word32* pubKeySz); word32 certSz, byte* pubKey,
word32* pubKeySz);
#ifdef WOLFSSL_FPKI #ifdef WOLFSSL_FPKI
WOLFSSL_API int wc_GetUUIDFromCert(struct DecodedCert* cert, WOLFSSL_API int wc_GetUUIDFromCert(struct DecodedCert* cert,