Fixes for ED25519/ED448 private key with public key export (RFC8410). Added length only support.

2022-07-13 16:17:08 -07:00 · 2022-07-13 16:17:08 -07:00 · 2d5bc72c9b
parent a2b7b44163
commit 2d5bc72c9b
2 changed files with 44 additions and 37 deletions
--- a/tests/api.c
+++ b/tests/api.c
@ -26646,19 +26646,20 @@ static int test_wc_Ed25519KeyToDer (void)
                ret = 0;
            }
        }
-        if (ret == 0) {
-            ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
        if (ret == 0) {
            ret = wc_Ed25519KeyToDer(&ed25519Key, output, 0);
            if (ret == BAD_FUNC_ARG) {
                ret = 0;
            }
        }
-        /* Good Case */
+        /* Good Cases */
+        if (ret == 0) {
+            /* length only */
+            ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen);
+            if (ret > 0) {
+                ret = 0;
+            }
+        }
        if (ret == 0) {
            ret = wc_Ed25519KeyToDer(&ed25519Key, output, inLen);
            if (ret > 0) {
@ -26713,19 +26714,20 @@ static int test_wc_Ed25519PrivateKeyToDer (void)
                ret = 0;
            }
        }
-        if (ret == 0) {
-            ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
        if (ret == 0) {
            ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0);
            if (ret == BAD_FUNC_ARG) {
                ret = 0;
            }
        }
-        /* Good Case */
+        /* Good Cases */
+        if (ret == 0) {
+            /* length only */
+            ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen);
+            if (ret > 0) {
+                ret = 0;
+            }
+        }
        if (ret == 0) {
            ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen);
            if (ret > 0) {
@ -26779,19 +26781,20 @@ static int test_wc_Ed448KeyToDer (void)
                ret = 0;
            }
        }
-        if (ret == 0) {
-            ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
        if (ret == 0) {
            ret = wc_Ed448KeyToDer(&ed448Key, output, 0);
            if (ret == BAD_FUNC_ARG) {
                ret = 0;
            }
        }
-        /* Good Case */
+        /* Good Cases */
+        if (ret == 0) {
+            /* length only */
+            ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen);
+            if (ret > 0) {
+                ret = 0;
+            }
+        }
        if (ret == 0) {
            ret = wc_Ed448KeyToDer(&ed448Key, output, inLen);
            if (ret > 0) {
@ -26845,19 +26848,20 @@ static int test_wc_Ed448PrivateKeyToDer (void)
                ret = 0;
            }
        }
-        if (ret == 0) {
-            ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
        if (ret == 0) {
            ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0);
            if (ret == BAD_FUNC_ARG) {
                ret = 0;
            }
        }
-        /* Good case */
+        /* Good cases */
+        if (ret == 0) {
+            /* length only */
+            ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen);
+            if (ret > 0) {
+                ret = 0;
+            }
+        }
        if (ret == 0) {
            ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen);
            if (ret > 0) {
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -29755,7 +29755,7 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
            return BAD_FUNC_ARG;
        }

-        if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1,
+        if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY | 1,
                         inOutIdx, &length, inSz) < 0) {
            return ASN_PARSE_E;
        }
@ -30023,7 +30023,6 @@ int wc_Curve25519PublicKeyDecode(const byte* input, word32* inOutIdx,
 * @return  Size of encoded data in bytes on success
 * @return  BAD_FUNC_ARG when key is NULL.
 * @return  MEMORY_E when dynamic memory allocation failed.
- * @return  LENGTH_ONLY_E return length only.
 */
 static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
    const byte* pubKey, word32 pubKeyLen,
@ -30045,7 +30044,7 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
 #ifndef WOLFSSL_ASN_TEMPLATE
    /* calculate size */
    if (pubKey) {
-        pubSz = 2 + 2 + pubKeyLen;
+        pubSz = 2 + pubKeyLen;
    }
    privSz = 2 + 2 + privKeyLen;
    algoSz = SetAlgoID(keyType, NULL, oidKeyType, 0);
@ -30076,13 +30075,16 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
        idx += privKeyLen;
        /* pubKey */
        if (pubKey) {
-            idx += SetExplicit(1, 2 + pubKeyLen, output + idx);
-            idx += SetOctetString(pubKeyLen, output + idx);
+            idx += SetHeader(ASN_CONTEXT_SPECIFIC | ASN_ASYMKEY_PUBKEY |
+                             1, pubKeyLen, output + idx);
            XMEMCPY(output + idx, pubKey, pubKeyLen);
            idx += pubKeyLen;
        }
-
-        ret = idx;
+        sz = idx;
+    }
+    if (ret == 0) {
+        /* Return size of encoding. */
+        ret = sz;
    }
 #else

@ -30128,7 +30130,8 @@ static int SetAsymKeyDer(const byte* privKey, word32 privKeyLen,
            XMEMCPY((byte*)dataASN[EDKEYASN_IDX_PUBKEY_VAL].data.buffer.data,
                    pubKey, pubKeyLen);
        }
-
+    }
+    if (ret == 0) {
        /* Return size of encoding. */
        ret = sz;
    }