From 2d5bc72c9bd5e74f35b3deb68b39f7b92e8d7adf Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 13 Jul 2022 16:17:08 -0700 Subject: [PATCH] Fixes for ED25519/ED448 private key with public key export (RFC8410). Added length only support. --- tests/api.c | 60 ++++++++++++++++++++++++--------------------- wolfcrypt/src/asn.c | 21 +++++++++------- 2 files changed, 44 insertions(+), 37 deletions(-) diff --git a/tests/api.c b/tests/api.c index a055befe4..67177f8a6 100644 --- a/tests/api.c +++ b/tests/api.c @@ -26646,19 +26646,20 @@ static int test_wc_Ed25519KeyToDer (void) ret = 0; } } - if (ret == 0) { - ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen); - if (ret == BAD_FUNC_ARG) { - ret = 0; - } - } if (ret == 0) { ret = wc_Ed25519KeyToDer(&ed25519Key, output, 0); if (ret == BAD_FUNC_ARG) { ret = 0; } } - /* Good Case */ + /* Good Cases */ + if (ret == 0) { + /* length only */ + ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen); + if (ret > 0) { + ret = 0; + } + } if (ret == 0) { ret = wc_Ed25519KeyToDer(&ed25519Key, output, inLen); if (ret > 0) { @@ -26713,19 +26714,20 @@ static int test_wc_Ed25519PrivateKeyToDer (void) ret = 0; } } - if (ret == 0) { - ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen); - if (ret == BAD_FUNC_ARG) { - ret = 0; - } - } if (ret == 0) { ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0); if (ret == BAD_FUNC_ARG) { ret = 0; } } - /* Good Case */ + /* Good Cases */ + if (ret == 0) { + /* length only */ + ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen); + if (ret > 0) { + ret = 0; + } + } if (ret == 0) { ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen); if (ret > 0) { @@ -26779,19 +26781,20 @@ static int test_wc_Ed448KeyToDer (void) ret = 0; } } - if (ret == 0) { - ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen); - if (ret == BAD_FUNC_ARG) { - ret = 0; - } - } if (ret == 0) { ret = wc_Ed448KeyToDer(&ed448Key, output, 0); if (ret == BAD_FUNC_ARG) { ret = 0; } } - /* Good Case */ + /* Good Cases */ + if (ret == 0) { + /* length only */ + ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen); + if (ret > 0) { + ret = 0; + } + } if (ret == 0) { ret = wc_Ed448KeyToDer(&ed448Key, output, inLen); if (ret > 0) { @@ -26845,19 +26848,20 @@ static int test_wc_Ed448PrivateKeyToDer (void) ret = 0; } } - if (ret == 0) { - ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen); - if (ret == BAD_FUNC_ARG) { - ret = 0; - } - } if (ret == 0) { ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0); if (ret == BAD_FUNC_ARG) { ret = 0; } } - /* Good case */ + /* Good cases */ + if (ret == 0) { + /* length only */ + ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen); + if (ret > 0) { + ret = 0; + } + } if (ret == 0) { ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen); if (ret > 0) { diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 1f3380b73..d0dd3973c 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -29755,7 +29755,7 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz, return BAD_FUNC_ARG; } - if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1, + if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY | 1, inOutIdx, &length, inSz) < 0) { return ASN_PARSE_E; } @@ -30023,7 +30023,6 @@ int wc_Curve25519PublicKeyDecode(const byte* input, word32* inOutIdx, * @return Size of encoded data in bytes on success * @return BAD_FUNC_ARG when key is NULL. * @return MEMORY_E when dynamic memory allocation failed. - * @return LENGTH_ONLY_E return length only. */ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, const byte* pubKey, word32 pubKeyLen, @@ -30045,7 +30044,7 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, #ifndef WOLFSSL_ASN_TEMPLATE /* calculate size */ if (pubKey) { - pubSz = 2 + 2 + pubKeyLen; + pubSz = 2 + pubKeyLen; } privSz = 2 + 2 + privKeyLen; algoSz = SetAlgoID(keyType, NULL, oidKeyType, 0); @@ -30061,7 +30060,7 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, if (ret == 0 && output != NULL) { /* write out */ /* seq */ - seqSz = SetSequence(verSz + algoSz + privSz + pubSz, output); + seqSz = SetSequence(verSz + algoSz + privSz + pubSz, output); idx = seqSz; /* ver */ SetMyVersion(0, output + idx, FALSE); @@ -30076,13 +30075,16 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, idx += privKeyLen; /* pubKey */ if (pubKey) { - idx += SetExplicit(1, 2 + pubKeyLen, output + idx); - idx += SetOctetString(pubKeyLen, output + idx); + idx += SetHeader(ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY | + 1, pubKeyLen, output + idx); XMEMCPY(output + idx, pubKey, pubKeyLen); idx += pubKeyLen; } - - ret = idx; + sz = idx; + } + if (ret == 0) { + /* Return size of encoding. */ + ret = sz; } #else @@ -30128,7 +30130,8 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen, XMEMCPY((byte*)dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.buffer.data, pubKey, pubKeyLen); } - + } + if (ret == 0) { /* Return size of encoding. */ ret = sz; }