Public Keys are being exported to SubjectPublicKeyInfo format, instead of custom formats. For RSA keys the PKCS #1 format can be used as well.

4 files changed, 177 insertions, 4 deletions

diff --git a/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c b/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c
index d126df3..c9f6368 100644
--- a/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c
+++ b/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c
@@ -18,11 +18,13 @@
 
 #ifdef LTC_DER
 
+#define setbit(v, n)    (v=((unsigned char)(v) | (1U << (unsigned char)(n))))
+
 /**
   Store a BIT STRING
   @param in      The DER encoded BIT STRING
   @param inlen   The size of the DER BIT STRING
-  @param out     [out] The array of bits stored (one per char)
+  @param out     [out] The array of bits stored (8 per char)
   @param outlen  [in/out] The number of bits stored
   @return CRYPT_OK if successful
 */
@@ -84,7 +86,9 @@ int der_decode_bit_string(const unsigned char *in,  unsigned long inlen,
 
    /* decode/store the bits */
    for (y = 0; y < blen; y++) {
-       out[y] = (in[x] & (1 << (7 - (y & 7)))) ? 1 : 0;
+       if (in[x] & (1 << (7 - (y & 7)))) {
+          setbit(out[y/8], 7-(y%8));
+       }
        if ((y & 7) == 7) {
           ++x;
        }
diff --git a/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c b/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c
index d77ea5a..d1b6064 100644
--- a/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c
+++ b/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c
@@ -18,9 +18,11 @@
 
 #ifdef LTC_DER
 
+#define getbit(n, k) (((n) & ( 1 << (k) )) >> (k))
+
 /**
   Store a BIT STRING
-  @param in       The array of bits to store (one per char)
+  @param in       The array of bits to store (8 per char)
   @param inlen    The number of bits tostore
   @param out      [out] The destination for the DER encoded BIT STRING
   @param outlen   [in/out] The max size and resulting size of the DER BIT STRING
@@ -68,7 +70,7 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
 
    /* store the bits in big endian format */
    for (y = buf = 0; y < inlen; y++) {
-       buf |= (in[y] ? 1 : 0) << (7 - (y & 7));
+        buf |= (getbit(in[y/8],7-y%8)?1:0) << (7 - (y & 7));
        if ((y & 7) == 7) {
           out[x++] = buf;
           buf      = 0;
@@ -78,6 +80,7 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
    if (inlen & 7) {
       out[x++] = buf;
    }
+
    *outlen = x;
    return CRYPT_OK;
 }
diff --git a/libtomcrypt/pk/asn1/der/sequence/der_decode_subject_public_key_info.c b/libtomcrypt/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
new file mode 100644
index 0000000..6c97e96
--- /dev/null
+++ b/libtomcrypt/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
@@ -0,0 +1,97 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ */
+#include "tomcrypt.h"
+/**
+  @file der_encode_sequence_multi.c
+  ASN.1 DER, encode a Subject Public Key structure --nmav
+*/
+
+#ifdef LTC_DER
+
+/* AlgorithmIdentifier := SEQUENCE {
+ *    algorithm OBJECT IDENTIFIER,
+ *    parameters ANY DEFINED BY algorithm
+ * }
+ * 
+ * SubjectPublicKeyInfo := SEQUENCE {
+ *    algorithm AlgorithmIdentifier,
+ *    subjectPublicKey BIT STRING
+ * }
+ */
+/**
+  Encode a SEQUENCE type using a VA list
+  @param out    [out] Destination for data
+  @param outlen [in/out] Length of buffer and resulting length of output
+  @remark <...> is of the form <type, size, data> (int, unsigned long, void*)
+  @return CRYPT_OK on success
+*/  
+int der_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen,
+        unsigned int algorithm, void* public_key, unsigned long* public_key_len,
+        unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len)
+{
+   int err, len;
+   oid_st oid;
+   unsigned char *tmpbuf;
+   unsigned long  tmpoid[16];
+   ltc_asn1_list alg_id[2];
+   ltc_asn1_list subject_pubkey[2];
+
+   LTC_ARGCHK(in    != NULL);
+   LTC_ARGCHK(inlen != 0);
+
+   err = pk_get_oid(algorithm, &oid);
+   if (err != CRYPT_OK) {
+        return err;
+   }
+
+   /* see if the OpenSSL DER format RSA public key will work */
+   tmpbuf = XCALLOC(1, MAX_RSA_SIZE*8);
+   if (tmpbuf == NULL) {
+       err = CRYPT_MEM;
+       goto LBL_ERR;
+   }
+
+   /* this includes the internal hash ID and optional params (NULL in this case) */
+   LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0]));   
+   LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, parameters_len);
+
+   /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey in a **BIT** string ... so we have to extract it
+      then proceed to convert bit to octet 
+    */
+   LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, 2);
+   LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_BIT_STRING, tmpbuf, MAX_RSA_SIZE*8);
+
+   err=der_decode_sequence(in, inlen, subject_pubkey, 2UL);
+   if (err != CRYPT_OK) {
+           goto LBL_ERR;
+   }
+
+   len = subject_pubkey[1].size/8;
+   if (*public_key_len > len) {
+       memcpy(public_key, subject_pubkey[1].data, len);
+       *public_key_len = len;
+    } else {
+        *public_key_len = len;
+        err = CRYPT_BUFFER_OVERFLOW;
+        goto LBL_ERR;
+    }
+
+    err = CRYPT_OK;
+    
+LBL_ERR:
+
+    XFREE(tmpbuf);
+        
+    return err;
+}
+
+#endif
+
+
diff --git a/libtomcrypt/pk/asn1/der/sequence/der_encode_subject_public_key_info.c b/libtomcrypt/pk/asn1/der/sequence/der_encode_subject_public_key_info.c
new file mode 100644
index 0000000..e37c4b4
--- /dev/null
+++ b/libtomcrypt/pk/asn1/der/sequence/der_encode_subject_public_key_info.c
@@ -0,0 +1,69 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_sequence_multi.c
+  ASN.1 DER, encode a Subject Public Key structure --nmav
+*/
+
+#ifdef LTC_DER
+
+/* AlgorithmIdentifier := SEQUENCE {
+ *    algorithm OBJECT IDENTIFIER,
+ *    parameters ANY DEFINED BY algorithm
+ * }
+ * 
+ * SubjectPublicKeyInfo := SEQUENCE {
+ *    algorithm AlgorithmIdentifier,
+ *    subjectPublicKey BIT STRING
+ * }
+ */
+/**
+  Encode a SEQUENCE type using a VA list
+  @param out    [out] Destination for data
+  @param outlen [in/out] Length of buffer and resulting length of output
+  @remark <...> is of the form <type, size, data> (int, unsigned long, void*)
+  @return CRYPT_OK on success
+*/  
+int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen, 
+        unsigned int algorithm, void* public_key, unsigned long public_key_len, 
+        unsigned long parameters_type, void* parameters, unsigned long parameters_len)
+{
+   int           err;
+   ltc_asn1_list alg_id[2];
+   oid_st oid;
+
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   
+   err = pk_get_oid(algorithm, &oid);
+   if (err != CRYPT_OK) {
+        return err;
+   }
+
+   alg_id[0].data = oid.OID;
+   alg_id[0].size = oid.OIDlen;
+   alg_id[0].type = LTC_ASN1_OBJECT_IDENTIFIER;
+
+   alg_id[1].data = parameters;
+   alg_id[1].size = parameters_len;
+   alg_id[1].type = parameters_type;
+
+   return der_encode_sequence_multi(out, outlen, 
+        LTC_ASN1_SEQUENCE, (unsigned long)sizeof(alg_id)/sizeof(alg_id[0]), alg_id, 
+        LTC_ASN1_BIT_STRING, (unsigned long)(public_key_len*8), public_key,
+        LTC_ASN1_EOL,     0UL, NULL);
+
+}
+
+#endif
+
+