cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-02 10:00:47 -04:00
Code Issues Packages Projects Releases Wiki Activity

pkwrite: split pk_write_rsa_der() with a dedicated function for non-opaque RSA key

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-01-23 09:10:22 +01:00
parent fd49a46a36
commit 429cd50ac8
1 changed files with 92 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
library/pkwrite.c
View File

@ -62,13 +62,12 @@
* publicExponent INTEGER -- e * publicExponent INTEGER -- e
* } * }
*/ */
static int pk_write_rsa_pubkey(unsigned char **p, unsigned char *start, static int mbedtls_rsa_pubkey_write(unsigned char **p, unsigned char *start,
const mbedtls_pk_context *pk) const mbedtls_rsa_context *rsa)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0; size_t len = 0;
mbedtls_mpi T; mbedtls_mpi T;
mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk);
mbedtls_mpi_init(&T); mbedtls_mpi_init(&T);
@ -100,29 +99,13 @@ end_of_export:
return (int) len; return (int) len;
} }
static int pk_write_rsa_der(unsigned char **p, unsigned char *buf, static int mbedtls_rsa_key_write(unsigned char **p, unsigned char *start,
const mbedtls_pk_context *pk) const mbedtls_rsa_context *rsa)
{ {
size_t len = 0; size_t len = 0;
int ret; int ret;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE];
size_t tmp_len = 0;
if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
*p -= tmp_len;
memcpy(*p, tmp, tmp_len);
len += tmp_len;
mbedtls_platform_zeroize(tmp, sizeof(tmp));
} else
#endif /* MBEDTLS_USE_PSA_CRYPTO */
{
mbedtls_mpi T; /* Temporary holding the exported parameters */ mbedtls_mpi T; /* Temporary holding the exported parameters */
mbedtls_rsa_context *rsa = mbedtls_pk_rsa(*pk);
/* /*
* Export the parameters one after another to avoid simultaneous copies. * Export the parameters one after another to avoid simultaneous copies.
@ -132,61 +115,56 @@ static int pk_write_rsa_der(unsigned char **p, unsigned char *buf,
/* Export QP */ /* Export QP */
if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 || if ((ret = mbedtls_rsa_export_crt(rsa, NULL, NULL, &T)) != 0 ||
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
/* Export DQ */ /* Export DQ */
if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 || if ((ret = mbedtls_rsa_export_crt(rsa, NULL, &T, NULL)) != 0 ||
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
/* Export DP */ /* Export DP */
if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 || if ((ret = mbedtls_rsa_export_crt(rsa, &T, NULL, NULL)) != 0 ||
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) { (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
/* Export Q */ /* Export Q */
if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, &T, NULL, NULL)) != 0 ||
&T, NULL, NULL)) != 0 || (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
/* Export P */ /* Export P */
if ((ret = mbedtls_rsa_export(rsa, NULL, &T, if ((ret = mbedtls_rsa_export(rsa, NULL, &T, NULL, NULL, NULL)) != 0 ||
NULL, NULL, NULL)) != 0 || (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
/* Export D */ /* Export D */
if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, &T, NULL)) != 0 ||
NULL, &T, NULL)) != 0 || (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
/* Export E */ /* Export E */
if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, if ((ret = mbedtls_rsa_export(rsa, NULL, NULL, NULL, NULL, &T)) != 0 ||
NULL, NULL, &T)) != 0 || (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
/* Export N */ /* Export N */
if ((ret = mbedtls_rsa_export(rsa, &T, NULL, if ((ret = mbedtls_rsa_export(rsa, &T, NULL, NULL, NULL, NULL)) != 0 ||
NULL, NULL, NULL)) != 0 || (ret = mbedtls_asn1_write_mpi(p, start, &T)) < 0) {
(ret = mbedtls_asn1_write_mpi(p, buf, &T)) < 0) {
goto end_of_export; goto end_of_export;
} }
len += ret; len += ret;
@ -198,15 +176,36 @@ end_of_export:
return ret; return ret;
} }
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, buf, 0)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_int(p, start, 0));
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, buf, len)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(p, start, len));
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(p, start,
buf, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE)); MBEDTLS_ASN1_SEQUENCE));
}
return (int) len; return (int) len;
} }
static int pk_write_rsa_der(unsigned char **p, unsigned char *buf,
const mbedtls_pk_context *pk)
{
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if (mbedtls_pk_get_type(pk) == MBEDTLS_PK_OPAQUE) {
uint8_t tmp[PSA_EXPORT_KEY_PAIR_MAX_SIZE];
size_t len = 0, tmp_len = 0;
if (psa_export_key(pk->priv_id, tmp, sizeof(tmp), &tmp_len) != PSA_SUCCESS) {
return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
}
*p -= tmp_len;
memcpy(*p, tmp, tmp_len);
len += tmp_len;
mbedtls_platform_zeroize(tmp, sizeof(tmp));
return (int) len;
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
return mbedtls_rsa_key_write(p, buf, mbedtls_pk_rsa(*pk));
}
#endif /* MBEDTLS_RSA_C */ #endif /* MBEDTLS_RSA_C */
/****************************************************************************** /******************************************************************************
@ -543,7 +542,7 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) { if (mbedtls_pk_get_type(key) == MBEDTLS_PK_RSA) {
MBEDTLS_ASN1_CHK_ADD(len, pk_write_rsa_pubkey(p, start, key)); MBEDTLS_ASN1_CHK_ADD(len, mbedtls_rsa_pubkey_write(p, start, mbedtls_pk_rsa(*key)));
} else } else
#endif #endif
#if defined(MBEDTLS_PK_HAVE_ECC_KEYS) #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)