Public Keys are being exported to SubjectPublicKeyInfo format, instead of custom formats. For RSA keys the PKCS #1 format can be used as well.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-07-19 20:10:26 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-07-19 20:10:26 +0200
commit: 56eb45f752baa978a9ea3573faee44857678597d (patch)
tree: 3c7da78ba84669d0f988b98450e4e55779dfcb41 /libtomcrypt/pk/rsa
parent: 035b7bf3544ab9927dc2d64cf1e3214237ff0f71 (diff)
download: cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.tar.gz
cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.tar.xz
cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.zip
2 files changed, 34 insertions, 32 deletions
diff --git a/libtomcrypt/pk/rsa/rsa_export.c b/libtomcrypt/pk/rsa/rsa_export.c
index 04e59d8..33c222d 100644
--- a/libtomcrypt/pk/rsa/rsa_export.c
+++ b/libtomcrypt/pk/rsa/rsa_export.c
@@ -9,7 +9,7 @@
  * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
  */
 #include "tomcrypt.h"
-
+#include <ncr_int.h>
 /**
   @file rsa_export.c
   Export RSA LTC_PKCS keys, Tom St Denis
@@ -28,6 +28,7 @@
 int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key)
 {
    unsigned long zero=0;
+   int err;
    LTC_ARGCHK(out    != NULL);
    LTC_ARGCHK(outlen != NULL);
    LTC_ARGCHK(key    != NULL);
@@ -54,11 +55,27 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
                           LTC_ASN1_INTEGER, 1UL,  &key->qP, 
                           LTC_ASN1_EOL,     0UL, NULL);
    } else {
-      /* public key */
-      return der_encode_sequence_multi(out, outlen, 
+      unsigned long tmplen = (mp_count_bits(&key->N)/8)*2+8;
+      unsigned char* tmp = XMALLOC(tmplen);
+      
+      if (tmp == NULL) {
+	   return CRYPT_MEM;
+      }
+
+      err = der_encode_sequence_multi(tmp, &tmplen, 
                                  LTC_ASN1_INTEGER, 1UL,  &key->N, 
                                  LTC_ASN1_INTEGER, 1UL,  &key->e, 
                                  LTC_ASN1_EOL,     0UL, NULL);
+      if (err != CRYPT_OK) {
+		  goto error;
+      }
+
+      err = der_encode_subject_public_key_info(out, outlen, 
+        PKA_RSA, tmp, tmplen, LTC_ASN1_NULL, NULL, 0);
+      
+error:
+      XFREE(tmp);
+      return err;
    }
 }
 
diff --git a/libtomcrypt/pk/rsa/rsa_import.c b/libtomcrypt/pk/rsa/rsa_import.c
index db78236..2eaa0a9 100644
--- a/libtomcrypt/pk/rsa/rsa_import.c
+++ b/libtomcrypt/pk/rsa/rsa_import.c
@@ -28,10 +28,8 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
 {
    int           err;
    mp_int        zero;
-   unsigned char *tmpbuf;
-   unsigned long  t, x, y, z, tmpoid[16];
-   ltc_asn1_list ssl_pubkey_hashoid[2];
-   ltc_asn1_list ssl_pubkey[2];
+   unsigned char *tmpbuf=NULL;
+   unsigned long tmpbuf_len;
 
    LTC_ARGCHK(in          != NULL);
    LTC_ARGCHK(key         != NULL);
@@ -43,47 +41,33 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
    }
 
    /* see if the OpenSSL DER format RSA public key will work */
-   tmpbuf = XCALLOC(1, MAX_RSA_SIZE*8);
+   tmpbuf_len = MAX_RSA_SIZE * 8;
+   tmpbuf = XCALLOC(1, tmpbuf_len);
    if (tmpbuf == NULL) {
        err = CRYPT_MEM;
        goto LBL_ERR;
    }
 
-   /* this includes the internal hash ID and optional params (NULL in this case) */
-   LTC_SET_ASN1(ssl_pubkey_hashoid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid,                sizeof(tmpoid)/sizeof(tmpoid[0]));   
-   LTC_SET_ASN1(ssl_pubkey_hashoid, 1, LTC_ASN1_NULL,              NULL,                  0);
-
-   /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey in a **BIT** string ... so we have to extract it
-      then proceed to convert bit to octet 
-    */
-   LTC_SET_ASN1(ssl_pubkey, 0,         LTC_ASN1_SEQUENCE,          &ssl_pubkey_hashoid,   2);
-   LTC_SET_ASN1(ssl_pubkey, 1,         LTC_ASN1_BIT_STRING,        tmpbuf,                MAX_RSA_SIZE*8);
-
-   if (der_decode_sequence(in, inlen,
-                           ssl_pubkey, 2UL) == CRYPT_OK) {
-
-      /* ok now we have to reassemble the BIT STRING to an OCTET STRING.  Thanks OpenSSL... */
-      for (t = y = z = x = 0; x < ssl_pubkey[1].size; x++) {
-          y = (y << 1) | tmpbuf[x];
-          if (++z == 8) {
-             tmpbuf[t++] = (unsigned char)y;
-             y           = 0;
-             z           = 0;
-          }
-      }
+   err = der_decode_subject_public_key_info(in, inlen,
+        PKA_RSA, tmpbuf, &tmpbuf_len,
+        LTC_ASN1_NULL, NULL, 0);
+
+   if (err == CRYPT_OK) { /* SubjectPublicKeyInfo format */
 
       /* now it should be SEQUENCE { INTEGER, INTEGER } */
-      if ((err = der_decode_sequence_multi(tmpbuf, t,
+      if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len,
                                            LTC_ASN1_INTEGER, 1UL, &key->N, 
                                            LTC_ASN1_INTEGER, 1UL, &key->e, 
                                            LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
-         XFREE(tmpbuf);
          goto LBL_ERR;
       }
+
       XFREE(tmpbuf);
+
       key->type = PK_PUBLIC;
       return CRYPT_OK;
    }
+
    XFREE(tmpbuf);
 
    /* not SSL public key, try to match against LTC_PKCS #1 standards */
@@ -130,6 +114,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
    }
    return CRYPT_OK;
 LBL_ERR:
+   XFREE(tmpbuf);
    mp_clear_multi(&key->d,  &key->e, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL);
    return err;
 }
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-07-19 20:10:26 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-07-19 20:10:26 +0200
commit	56eb45f752baa978a9ea3573faee44857678597d (patch)
tree	3c7da78ba84669d0f988b98450e4e55779dfcb41 /libtomcrypt/pk/rsa
parent	035b7bf3544ab9927dc2d64cf1e3214237ff0f71 (diff)
download	cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.tar.gz cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.tar.xz cryptodev-linux-56eb45f752baa978a9ea3573faee44857678597d.zip