WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #4261 from dgarske/rsa_der_pub

pull/4303/head
elms 2021-08-13 13:36:01 -07:00 committed by GitHub
parent ca06694bfb 5465d40ee3
commit b2380069f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 107 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
doc/dox_comments/header_files/rsa.h
View File

@ -144,8 +144,6 @@ WOLFSSL_API int wc_FreeRsaKey(RsaKey* key);
\return Success Upon successfully encrypting the input message, returns
0 for success and less than zero for failure. Also returns the number
bytes written to out by storing the value in outLen
\return -1 Returned if there is an error during RSA encryption and
hardware acceleration via Cavium is enabled
\return BAD_FUNC_ARG Returned if any of the input parameters are invalid
\return RSA_BUFFER_E Returned if the output buffer is too small to store
the ciphertext
@ -907,7 +905,7 @@ WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
\param saltLen Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt
length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER
indicates salt length is determined from the data.
\param bits igonred
\param bits Can be used to calculate salt size in FIPS case
_Example_
\code
@ -951,8 +949,7 @@ WOLFSSL_API int wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
\sa wc_RsaPSS_CheckPadding
*/
WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, byte* sig,
word32 sigSz,
enum wc_HashType hashType, int saltLen, int bits);
word32 sigSz, enum wc_HashType hashType, int saltLen, int bits);
/*!
\ingroup RSA
@ -970,7 +967,6 @@ WOLFSSL_API int wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, byte* s
\sa wc_InitRsaKey
\sa wc_InitRsaKey_ex
\sa wc_MakeRsaKey
\sa XMEMSET
*/
WOLFSSL_API int wc_RsaEncryptSize(RsaKey* key);
@ -1195,7 +1191,7 @@ WOLFSSL_API int wc_RsaKeyToDer(RsaKey*, byte* output, word32 inLen);
*/
WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, WC_RNG* rng, int type,
enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
/*!
\ingroup RSA
@ -1248,7 +1244,7 @@ WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
*/
WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
byte* out, word32 outLen, RsaKey* key, int type,
enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
/*!
\ingroup RSA
@ -1306,7 +1302,7 @@ WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
*/
WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
byte** out, RsaKey* key, int type, enum wc_HashType hash,
int mgf, byte* label, word32 lableSz);
int mgf, byte* label, word32 labelSz);
/*!
\ingroup RSA
@ -1348,7 +1344,6 @@ WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
\sa wc_InitRsaKey
\sa wc_InitRsaKey_ex
\sa wc_MakeRsaKey
\sa XMEMSET
*/
WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
word32*);
@ -1365,7 +1360,7 @@ WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
\return <0 Error
\param key The RSA key structure to convert.
\param output Output buffer to hold DER.
\param output Output buffer to hold DER. (if NULL will return length only)
\param inLen Length of buffer.
_Example_
@ -1375,18 +1370,55 @@ WOLFSSL_API int wc_RsaFlattenPublicKey(RsaKey*, byte*, word32*, byte*,
wc_RsaInitKey(&key, NULL);
// Use key
int BUFFER_SIZE = // Some adequate size for the buffer
const int BUFFER_SIZE = 1024; // Some adequate size for the buffer
byte output[BUFFER_SIZE];
if(wc_RsaKeyToPublicDer(&key, output, sizeof(output)) != 0)
{
if (wc_RsaKeyToPublicDer(&key, output, sizeof(output)) != 0) {
// Handle Error
}
\endcode
\sa wc_RsaPublicKeyDerSize
\sa wc_RsaKeyToPublicDer_ex
\sa wc_RsaInitKey
*/
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen);
/*!
\ingroup RSA
\brief Convert RSA Public key to DER format. Writes to output, and
returns count of bytes written. If with_header is 0 then only the
( seq + n + e) is returned in ASN.1 DER format and will exclude the header.
\return >0 Success, number of bytes written.
\return BAD_FUNC_ARG Returned if key or output is null.
\return MEMORY_E Returned when an error allocating memory occurs.
\return <0 Error
\param key The RSA key structure to convert.
\param output Output buffer to hold DER. (if NULL will return length only)
\param inLen Length of buffer.
_Example_
\code
RsaKey key;
wc_RsaInitKey(&key, NULL);
// Use key
const int BUFFER_SIZE = 1024; // Some adequate size for the buffer
byte output[BUFFER_SIZE];
if (wc_RsaKeyToPublicDer_ex(&key, output, sizeof(output), 0) != 0) {
// Handle Error
}
\endcode
\sa wc_RsaPublicKeyDerSize
\sa wc_RsaKeyToPublicDer
\sa wc_RsaInitKey
*/
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
WOLFSSL_API int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int with_header);
/*!
\ingroup RSA
@ -1432,7 +1464,7 @@ WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
\param key pointer to the RsaKey structure in which to store the
generated private key
\param size desired keylenth, in bits. Required to be greater than
\param size desired key length, in bits. Required to be greater than
RSA_MIN_SIZE and less than RSA_MAX_SIZE
\param e exponent parameter to use for generating the key. A secure
choice is 65537

1
doc/dox_comments/header_files/ssl.h
View File

@ -7818,7 +7818,6 @@ WOLFSSL_API void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCt
\sa ForceZero
\sa wc_RNG_GenerateBlock
\sa XMEMCPY
*/
WOLFSSL_API int wolfSSL_DTLS_SetCookieSecret(WOLFSSL*,
const unsigned char*,

36
doc/dox_comments/header_files/wolfio.h
View File

@ -35,9 +35,9 @@
}
\endcode
\sa wolfSSL_dtls_get_current_timeout
\sa TranslateReturnCode
\sa RECV_FUNCTION
\sa EmbedSend
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_SSLSetIORecv
*/
WOLFSSL_API int EmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
@ -73,11 +73,9 @@ WOLFSSL_API int EmbedReceive(WOLFSSL* ssl, char* buf, int sz, void* ctx);
}
\endcode
\sa TranslateReturnCode
\sa SEND_FUNCTION
\sa LastError
\sa InitSSL_Ctx
\sa LastError
\sa EmbedReceive
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SSLSetIOSend
*/
WOLFSSL_API int EmbedSend(WOLFSSL* ssl, char* buf, int sz, void* ctx);
@ -112,9 +110,10 @@ WOLFSSL_API int EmbedSend(WOLFSSL* ssl, char* buf, int sz, void* ctx);
}
\endcode
\sa TranslateReturnCode
\sa RECVFROM_FUNCTION
\sa Setsockopt
\sa EmbedSendTo
\sa wolfSSL_CTX_SetIORecv
\sa wolfSSL_SSLSetIORecv
\sa wolfSSL_dtls_get_current_timeout
*/
WOLFSSL_API int EmbedReceiveFrom(WOLFSSL* ssl, char* buf, int sz, void*);
@ -153,9 +152,9 @@ WOLFSSL_API int EmbedReceiveFrom(WOLFSSL* ssl, char* buf, int sz, void*);
}
\endcode
\sa LastError
\sa EmbedSend
\sa EmbedReceive
\sa EmbedReceiveFrom
\sa wolfSSL_CTX_SetIOSend
\sa wolfSSL_SSLSetIOSend
*/
WOLFSSL_API int EmbedSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
@ -188,10 +187,7 @@ WOLFSSL_API int EmbedSendTo(WOLFSSL* ssl, char* buf, int sz, void* ctx);
}
\endcode
\sa wc_ShaHash
\sa EmbedGenerateCookie
\sa XMEMCPY
\sa XMEMSET
\sa wolfSSL_CTX_SetGenCookie
*/
WOLFSSL_API int EmbedGenerateCookie(WOLFSSL* ssl, unsigned char* buf,
int sz, void*);
@ -212,7 +208,9 @@ WOLFSSL_API int EmbedGenerateCookie(WOLFSSL* ssl, unsigned char* buf,
EmbedOcspRespFree(ctx, resp);
\endcode
\sa XFREE
\sa wolfSSL_CertManagerSetOCSP_Cb
\sa wolfSSL_CertManagerEnableOCSPStapling
\sa wolfSSL_CertManagerEnableOCSP
*/
WOLFSSL_API void EmbedOcspRespFree(void*, unsigned char*);

15
tests/api.c
View File

@ -16902,6 +16902,21 @@ static int test_wc_RsaKeyToPublicDer (void)
}
}
if (ret == 0) {
/* test getting size only */
ret = wc_RsaKeyToPublicDer_ex(&key, NULL, derLen, 0);
if (ret >= 0)
ret = 0;
}
if (ret == 0) {
ret = wc_RsaKeyToPublicDer_ex(&key, der, derLen, 0);
if (ret >= 0) {
ret = 0;
} else {
ret = WOLFSSL_FATAL_ERROR;
}
}
#ifndef HAVE_USER_RSA
/* Pass in bad args. */
if (ret == 0) {

57
wolfcrypt/src/asn.c
View File

@ -12078,55 +12078,7 @@ static int SetRsaPublicKey(byte* output, RsaKey* key,
#if !defined(NO_RSA) && (defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA))
int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header)
{
int idx = 0;
int nSz, eSz, seqSz, bitStringSz, algoSz;
if (key == NULL)
return BAD_FUNC_ARG;
/* n */
#ifdef HAVE_USER_RSA
nSz = SetASNIntRSA(key->n, NULL);
#else
nSz = SetASNIntMP(&key->n, MAX_RSA_INT_SZ, NULL);
#endif
if (nSz < 0) {
return nSz;
}
/* e */
#ifdef HAVE_USER_RSA
eSz = SetASNIntRSA(key->e, NULL);
#else
eSz = SetASNIntMP(&key->e, MAX_RSA_INT_SZ, NULL);
#endif
if (eSz < 0) {
return eSz;
}
seqSz = SetSequence(nSz + eSz, NULL);
/* headers */
if (with_header) {
algoSz = SetAlgoID(RSAk, NULL, oidKeyType, 0);
bitStringSz = SetBitString(seqSz + nSz + eSz, 0, NULL);
idx += SetSequence(nSz + eSz + seqSz + bitStringSz + algoSz, NULL);
/* algo */
idx += algoSz;
/* bit string */
idx += bitStringSz;
}
/* seq */
idx += seqSz;
/* n */
idx += nSz;
/* e */
idx += eSz;
return idx;
return SetRsaPublicKey(NULL, key, 0, with_header);
}
#endif /* !NO_RSA && WOLFSSL_CERT_GEN */
@ -12238,6 +12190,13 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)
return SetRsaPublicKey(output, key, inLen, 1);
}
/* Returns public DER version of the RSA key. If with_header is 0 then only a
* seq + n + e is returned in ASN.1 DER format */
int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int with_header)
{
return SetRsaPublicKey(output, key, inLen, with_header);
}
#endif /* (WOLFSSL_KEY_GEN || OPENSSL_EXTRA) && !NO_RSA && !HAVE_USER_RSA */

1
wolfcrypt/src/rsa.c
View File

@ -3544,6 +3544,7 @@ int wc_RsaPSS_CheckPadding(const byte* in, word32 inSz, byte* sig,
* saltLen Length of salt used. RSA_PSS_SALT_LEN_DEFAULT (-1) indicates salt
* length is the same as the hash length. RSA_PSS_SALT_LEN_DISCOVER
* indicates salt length is determined from the data.
* bits Can be used to calculate salt size in FIPS case
* returns BAD_PADDING_E when the PSS data is invalid, BAD_FUNC_ARG when
* NULL is passed in to in or sig or inSz is not the same as the hash
* algorithm length and 0 on success.

7
wolfcrypt/user-crypto/src/rsa.c
View File

@ -2769,6 +2769,13 @@ int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)
return SetRsaPublicKey(output, key, inLen, 1);
}
/* Returns public DER version of the RSA key. If with_header is 0 then only a
* seq + n + e is returned in ASN.1 DER format */
int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int with_header)
{
return SetRsaPublicKey(output, key, inLen, with_header);
}
#endif /* WOLFSSL_KEY_GEN || OPENSSL_EXTRA */

7
wolfssl/wolfcrypt/asn_public.h
View File

@ -521,8 +521,15 @@ WOLFSSL_API void wc_FreeDer(DerBuffer** pDer);
#if !defined(HAVE_USER_RSA)
WOLFSSL_API int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx,
word32 inSz, const byte** n, word32* nSz, const byte** e, word32* eSz);
/* For FIPS v1/v2 and selftest this is in rsa.h */
#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION > 2)))
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen);
#endif
#endif
WOLFSSL_API int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header);
WOLFSSL_API int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
int with_header);
#endif
#ifndef NO_DSA

10
wolfssl/wolfcrypt/rsa.h
View File

@ -214,7 +214,7 @@ struct RsaKey {
#define WC_RSAKEY_TYPE_DEFINED
#endif
#endif /*HAVE_FIPS */
#endif /* HAVE_FIPS */
WOLFSSL_API int wc_InitRsaKey(RsaKey* key, void* heap);
WOLFSSL_API int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId);
@ -332,13 +332,13 @@ WOLFSSL_API int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
WOLFSSL_API int wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
word32 outLen, RsaKey* key, WC_RNG* rng, int type,
enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
WOLFSSL_API int wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
byte* out, word32 outLen, RsaKey* key, int type,
enum wc_HashType hash, int mgf, byte* label, word32 lableSz);
enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
WOLFSSL_API int wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
byte** out, RsaKey* key, int type, enum wc_HashType hash,
int mgf, byte* label, word32 lableSz);
int mgf, byte* label, word32 labelSz);
#if defined(WC_RSA_DIRECT) || defined(WC_RSA_NO_PADDING)
WOLFSSL_API int wc_RsaDirect(byte* in, word32 inLen, byte* out, word32* outSz,
RsaKey* key, int type, WC_RNG* rng);
@ -355,8 +355,6 @@ WOLFSSL_API int wc_RsaExportKey(RsaKey* key,
byte* p, word32* pSz,
byte* q, word32* qSz);
WOLFSSL_API int wc_RsaKeyToPublicDer(RsaKey*, byte* output, word32 inLen);
#ifdef WOLFSSL_KEY_GEN
WOLFSSL_API int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
WOLFSSL_API int wc_CheckProbablePrime_ex(const byte* p, word32 pSz,