Merge pull request #964 from SparkiDev/ecc_priv_only

Ecc priv only
2017-06-14 16:42:24 -07:00 · 2017-06-14 16:42:24 -07:00 · 55d421d8b6
parent b778ddfea2 13c4fe6cc4
commit 55d421d8b6
5 changed files with 41 additions and 23 deletions
--- a/certs/ecc-privOnlyCert.pem
+++ b/certs/ecc-privOnlyCert.pem
@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE-----
+MIIBJDCByaADAgECAgEAMAwGCCqGSM49BAMCBQAwGjELMAkGA1UEChMCV1IxCzAJBgNVBAYTAkRF
+MB4XDTE3MDIwNjE0NTY0MVoXDTE4MDIwNjE0NTY0MVowGjELMAkGA1UEChMCV1IxCzAJBgNVBAYT
+AkRFMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJcD9Frgr8rgKHt2szmJSfFgKYH1Xddq9EcHV
+KupUa3bmPTb33VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAMBggqhkjOPQQDAgUAA0gAMEUC
+IDnBQOHgHIudh7nFB0wG/WFMoUutVFN0uQPbVJSWwbQHAiEAmw25n+eEMgMK4Gi7qH1lzxm11WX0
+jM1gxQSGZTaja8s=
+-----END CERTIFICATE-----
--- a/certs/ecc-privOnlyKey.pem
+++ b/certs/ecc-privOnlyKey.pem
@ -0,0 +1,4 @@
+-----BEGIN PRIVATE KEY-----
+MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCBmlE/nixmHCpmplUopbqNEo+jJE40p
+wfkxzH01tAWqcQ==
+-----END PRIVATE KEY-----
--- a/certs/include.am
+++ b/certs/include.am
@ -34,7 +34,9 @@ EXTRA_DIST += \
 	     certs/server-revoked-key.pem \
 	     certs/wolfssl-website-ca.pem \
 	     certs/test-servercert.p12 \
-	     certs/dsaparams.pem
+	     certs/dsaparams.pem \
+             certs/ecc-privOnlyKey.pem \
+             certs/ecc-privOnlyCert.pem
 EXTRA_DIST += \
 	     certs/ca-key.der \
 	     certs/ca-cert.der \
--- a/tests/test.conf
+++ b/tests/test.conf
@ -2190,3 +2190,12 @@
 -A ./certs/server-ecc.pem
 -t

+# server TLSv1.2 private-only key
+-v 3
+-c ./certs/ecc-privOnlyCert.pem
+-k ./certs/ecc-privOnlyKey.pem
+
+# client TLSv1.2 private-only key on server
+-v 3
+-d
+
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -9956,29 +9956,24 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
    XMEMCPY(priv, &input[*inOutIdx], privSz);
    *inOutIdx += length;

-    if ((*inOutIdx + 1) > inSz) {
-    #ifdef WOLFSSL_SMALL_STACK
-        XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    #endif
-        return BUFFER_E;
-    }
+    if (ret == 0 && (*inOutIdx + 1) < inSz) {
+        /* prefix 0, may have */
+        b = input[*inOutIdx];
+        if (b == ECC_PREFIX_0) {
+            *inOutIdx += 1;

-    /* prefix 0, may have */
-    b = input[*inOutIdx];
-    if (b == ECC_PREFIX_0) {
-        *inOutIdx += 1;
-
-        if (GetLength(input, inOutIdx, &length, inSz) <= 0)
-            ret = ASN_PARSE_E;
-        else {
-            ret = GetObjectId(input, inOutIdx, &oidSum, oidIgnoreType, inSz);
-            if (ret == 0) {
-                if ((ret = CheckCurve(oidSum)) < 0)
-                    ret = ECC_CURVE_OID_E;
-                else {
-                    curve_id = ret;
-                    ret = 0;
+            if (GetLength(input, inOutIdx, &length, inSz) <= 0)
+                ret = ASN_PARSE_E;
+            else {
+                ret = GetObjectId(input, inOutIdx, &oidSum, oidIgnoreType,
+                                  inSz);
+                if (ret == 0) {
+                    if ((ret = CheckCurve(oidSum)) < 0)
+                        ret = ECC_CURVE_OID_E;
+                    else {
+                        curve_id = ret;
+                        ret = 0;
+                    }
                }
            }
        }