mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-04 06:40:03 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fill in x509parse_key_ec using stub function

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-07-03 11:56:37 +02:00
parent 73c0cda346
commit 15e8b82724
1 changed files with 134 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

162
library/x509parse.c
View File

@ -2468,12 +2468,13 @@ int x509parse_key_rsa( rsa_context *rsa,
((void) pwdlen); ((void) pwdlen);
#endif /* POLARSSL_PEM_C */ #endif /* POLARSSL_PEM_C */
// At this point we only know it's not a PEM formatted key. Could be any /*
// of the known DER encoded private key formats * At this point we only know it's not a PEM formatted key. Could be any
// * of the known DER encoded private key formats
// We try the different DER format parsers to see if one passes without *
// error * We try the different DER format parsers to see if one passes without
// * error
*/
if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa, key, keylen, if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa, key, keylen,
pwd, pwdlen ) ) == 0 ) pwd, pwdlen ) ) == 0 )
{ {
@ -2593,12 +2594,81 @@ int x509parse_public_key_rsa( rsa_context *rsa,
} }
#if defined(POLARSSL_ECP_C) #if defined(POLARSSL_ECP_C)
/*
* Parse an unencrypted PKCS#8 encoded private EC key
*/
static int x509parse_key_pkcs8_unencrypted_der_ec(
ecp_keypair *eck,
const unsigned char* key,
size_t keylen )
{
int ret;
(void) key;
(void) keylen;
if( ( ret = ecp_check_prvkey( &eck->grp, &eck->d ) ) == 0 )
return 0;
cleanup:
ecp_keypair_free( eck );
return( ret );
}
/*
* Parse an encrypted PKCS#8 encoded private EC key
*/
static int x509parse_key_pkcs8_encrypted_der_ec(
ecp_keypair *eck,
const unsigned char *key,
size_t keylen,
const unsigned char *pwd,
size_t pwdlen )
{
int ret;
(void) key;
(void) keylen;
(void) pwd;
(void) pwdlen;
if( ( ret = ecp_check_prvkey( &eck->grp, &eck->d ) ) == 0 )
return 0;
cleanup:
ecp_keypair_free( eck );
return( ret );
}
/*
* Parse a PKCS#1 encoded private EC key
*/
static int x509parse_key_sec1_der( ecp_keypair *eck,
const unsigned char *key,
size_t keylen )
{
int ret;
(void) key;
(void) keylen;
if( ( ret = ecp_check_prvkey( &eck->grp, &eck->d ) ) == 0 )
return 0;
cleanup:
ecp_keypair_free( eck );
return( ret );
}
/* /*
* Parse a private EC key * Parse a private EC key
*/ */
int x509parse_key_ec( ecp_keypair *eckey, int x509parse_key_ec( ecp_keypair *eck,
const unsigned char *key, size_t keylen, const unsigned char *key, size_t keylen,
const unsigned char *pwd, size_t pwdlen ) const unsigned char *pwd, size_t pwdlen )
{ {
int ret; int ret;
@ -2607,21 +2677,16 @@ int x509parse_key_ec( ecp_keypair *eckey,
pem_context pem; pem_context pem;
pem_init( &pem ); pem_init( &pem );
/* TODO: get list of correct PEM headers */
ret = pem_read_buffer( &pem, ret = pem_read_buffer( &pem,
"-----BEGIN EC PRIVATE KEY-----", "-----BEGIN EC PRIVATE KEY-----",
"-----END EC PRIVATE KEY-----", "-----END EC PRIVATE KEY-----",
key, pwd, pwdlen, &len ); key, pwd, pwdlen, &len );
if( ret == 0 ) if( ret == 0 )
{ {
/* TODO: write der decoding function if( ( ret = x509parse_key_sec1_der( eck, pem.buf, pem.buflen ) ) != 0 )
if( ( ret = x509parse_key_pkcs8_encrypted_der( eckey,
pem.buf, pem.buflen,
pwd, pwdlen ) ) != 0 )
{ {
ecp_keypair_free( eckey ); ecp_keypair_free( eck );
} }
*/
pem_free( &pem ); pem_free( &pem );
return( ret ); return( ret );
@ -2633,36 +2698,77 @@ int x509parse_key_ec( ecp_keypair *eckey,
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
return( ret ); return( ret );
/* TODO: now repeat with other valid PEM headers */ ret = pem_read_buffer( &pem,
"-----BEGIN PRIVATE KEY-----",
"-----END PRIVATE KEY-----",
key, NULL, 0, &len );
if( ret == 0 )
{
if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
pem.buf, pem.buflen ) ) != 0 )
{
ecp_keypair_free( eck );
}
pem_free( &pem );
return( ret );
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
return( ret );
ret = pem_read_buffer( &pem,
"-----BEGIN ENCRYPTED PRIVATE KEY-----",
"-----END ENCRYPTED PRIVATE KEY-----",
key, NULL, 0, &len );
if( ret == 0 )
{
if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck,
pem.buf, pem.buflen,
pwd, pwdlen ) ) != 0 )
{
ecp_keypair_free( eck );
}
pem_free( &pem );
return( ret );
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
return( ret );
#else #else
((void) pwd); ((void) pwd);
((void) pwdlen); ((void) pwdlen);
#endif /* POLARSSL_PEM_C */ #endif /* POLARSSL_PEM_C */
((void) keylen); /*
/* TODO: write der decoding functions (encrypted, unencnrypted) * At this point we only know it's not a PEM formatted key. Could be any
if( ( ret = x509parse_key_pkcs8_encrypted_der( eckey, key, keylen, * of the known DER encoded private key formats
pwd, pwdlen ) ) == 0 ) *
* We try the different DER format parsers to see if one passes without
* error
*/
if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck, key, keylen,
pwd, pwdlen ) ) == 0 )
{ {
return( 0 ); return( 0 );
} }
ecp_keypair_free( eckey ); ecp_keypair_free( eck );
if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH ) if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH )
{ {
return( ret ); return( ret );
} }
if( ( ret = x509parse_key_pkcs8_unencrypted_der( eckey, key, keylen ) ) if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
== 0 ) key, keylen ) ) == 0 )
{
return( 0 ); return( 0 );
}
*/
ecp_keypair_free( eckey ); ecp_keypair_free( eck );
if( ( ret = x509parse_key_sec1_der( eck, key, keylen ) ) == 0 )
return( 0 );
ecp_keypair_free( eck );
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ); return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
} }