mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-23 08:01:12 +00:00
Fix parsing of PKCS#8 encoded Elliptic Curve keys.
The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are: PrivateKeyInfo ::= SEQUENCE { version Version, privateKeyAlgorithm PrivateKeyAlgorithmIdentifier, privateKey PrivateKey, attributes [0] IMPLICIT Attributes OPTIONAL } AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL } ECParameters ::= CHOICE { namedCurve OBJECT IDENTIFIER -- implicitCurve NULL -- specifiedCurve SpecifiedECDomain } ECPrivateKey ::= SEQUENCE { version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), privateKey OCTET STRING, parameters [0] ECParameters {{ NamedCurve }} OPTIONAL, publicKey [1] BIT STRING OPTIONAL } Because of the two optional fields, there are 4 possible variants that need to be parsed: no optional fields, only parameters, only public key, and both optional fields. Previously mbedTLS was unable to parse keys with "only parameters". Also, only "only public key" was tested. There was a test for "no optional fields", but it was labelled incorrectly as SEC.1 and not run because of a great renaming mixup.
This commit is contained in:
parent
1c986a9859
commit
1a886ff45f
|
@ -1,5 +1,12 @@
|
||||||
mbed TLS ChangeLog (Sorted per branch, date)
|
mbed TLS ChangeLog (Sorted per branch, date)
|
||||||
|
|
||||||
|
= mbed TLS x.x.x branch released xxx-xx-xx
|
||||||
|
|
||||||
|
Bugfix
|
||||||
|
* Fix parsing of PKCS#8 encoded Elliptic Curve keys. Previously Mbed TLS was
|
||||||
|
unable to parse keys with only the optional parameters field of the
|
||||||
|
ECPrivateKey structure. Found by jethrogb, fixed in #1379.
|
||||||
|
|
||||||
= mbed TLS 2.1.11 branch released 2018-03-16
|
= mbed TLS 2.1.11 branch released 2018-03-16
|
||||||
|
|
||||||
Default behavior changes
|
Default behavior changes
|
||||||
|
|
|
@ -798,7 +798,10 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
|
||||||
mbedtls_ecp_keypair_free( eck );
|
mbedtls_ecp_keypair_free( eck );
|
||||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if( p != end )
|
||||||
|
{
|
||||||
/*
|
/*
|
||||||
* Is 'publickey' present? If not, or if we can't read it (eg because it
|
* Is 'publickey' present? If not, or if we can't read it (eg because it
|
||||||
* is compressed), create it from the private key.
|
* is compressed), create it from the private key.
|
||||||
|
|
|
@ -564,7 +564,86 @@ keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 key
|
||||||
### Generate all RSA keys
|
### Generate all RSA keys
|
||||||
keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
|
keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
|
||||||
|
|
||||||
|
################################################################
|
||||||
|
#### Generate various EC keys
|
||||||
|
################################################################
|
||||||
|
|
||||||
|
###
|
||||||
|
### PKCS8 encoded
|
||||||
|
###
|
||||||
|
|
||||||
|
ec_prv.pk8.der:
|
||||||
|
$(OPENSSL) genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime192v1 -pkeyopt ec_param_enc:named_curve -out $@ -outform DER
|
||||||
|
all_final += ec_prv.pk8.der
|
||||||
|
|
||||||
|
# ### Instructions for creating `ec_prv.pk8nopub.der`,
|
||||||
|
# ### `ec_prv.pk8nopubparam.der`, and `ec_prv.pk8param.der` by hand from
|
||||||
|
# ### `ec_prv.pk8.der`.
|
||||||
|
#
|
||||||
|
# These instructions assume you are familiar with ASN.1 DER encoding and can
|
||||||
|
# use a hex editor to manipulate DER.
|
||||||
|
#
|
||||||
|
# The relevant ASN.1 definitions for a PKCS#8 encoded Elliptic Curve key are:
|
||||||
|
#
|
||||||
|
# PrivateKeyInfo ::= SEQUENCE {
|
||||||
|
# version Version,
|
||||||
|
# privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
|
||||||
|
# privateKey PrivateKey,
|
||||||
|
# attributes [0] IMPLICIT Attributes OPTIONAL
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# AlgorithmIdentifier ::= SEQUENCE {
|
||||||
|
# algorithm OBJECT IDENTIFIER,
|
||||||
|
# parameters ANY DEFINED BY algorithm OPTIONAL
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# ECParameters ::= CHOICE {
|
||||||
|
# namedCurve OBJECT IDENTIFIER
|
||||||
|
# -- implicitCurve NULL
|
||||||
|
# -- specifiedCurve SpecifiedECDomain
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# ECPrivateKey ::= SEQUENCE {
|
||||||
|
# version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
|
||||||
|
# privateKey OCTET STRING,
|
||||||
|
# parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
|
||||||
|
# publicKey [1] BIT STRING OPTIONAL
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# `ec_prv.pk8.der` as generatde above by OpenSSL should have the following
|
||||||
|
# fields:
|
||||||
|
#
|
||||||
|
# * privateKeyAlgorithm namedCurve
|
||||||
|
# * privateKey.parameters NOT PRESENT
|
||||||
|
# * privateKey.publicKey PRESENT
|
||||||
|
# * attributes NOT PRESENT
|
||||||
|
#
|
||||||
|
# # ec_prv.pk8nopub.der
|
||||||
|
#
|
||||||
|
# Take `ec_prv.pk8.der` and remove `privateKey.publicKey`.
|
||||||
|
#
|
||||||
|
# # ec_prv.pk8nopubparam.der
|
||||||
|
#
|
||||||
|
# Take `ec_prv.pk8nopub.der` and add `privateKey.parameters`, the same value as
|
||||||
|
# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
|
||||||
|
#
|
||||||
|
# # ec_prv.pk8param.der
|
||||||
|
#
|
||||||
|
# Take `ec_prv.pk8.der` and add `privateKey.parameters`, the same value as
|
||||||
|
# `privateKeyAlgorithm.namedCurve`. Don't forget to add the explicit tag.
|
||||||
|
|
||||||
|
ec_prv.pk8.pem: ec_prv.pk8.der
|
||||||
|
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||||
|
all_final += ec_prv.pk8.pem
|
||||||
|
ec_prv.pk8nopub.pem: ec_prv.pk8nopub.der
|
||||||
|
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||||
|
all_final += ec_prv.pk8nopub.pem
|
||||||
|
ec_prv.pk8nopubparam.pem: ec_prv.pk8nopubparam.der
|
||||||
|
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||||
|
all_final += ec_prv.pk8nopubparam.pem
|
||||||
|
ec_prv.pk8param.pem: ec_prv.pk8param.der
|
||||||
|
$(OPENSSL) pkey -in $< -inform DER -out $@
|
||||||
|
all_final += ec_prv.pk8param.pem
|
||||||
|
|
||||||
################################################################
|
################################################################
|
||||||
### Generate certificates for CRT write check tests
|
### Generate certificates for CRT write check tests
|
||||||
|
|
4
tests/data_files/ec_prv.pk8nopub.pem
Normal file
4
tests/data_files/ec_prv.pk8nopub.pem
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDH78XUX+cxmTPQ1hVkYbu3VvBc9c82
|
||||||
|
EyGKaGvkAo1Pkw==
|
||||||
|
-----END PRIVATE KEY-----
|
BIN
tests/data_files/ec_prv.pk8nopubparam.der
Normal file
BIN
tests/data_files/ec_prv.pk8nopubparam.der
Normal file
Binary file not shown.
4
tests/data_files/ec_prv.pk8nopubparam.pem
Normal file
4
tests/data_files/ec_prv.pk8nopubparam.pem
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
ME0CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEMzAxAgEBBCDH78XUX+cxmTPQ1hVkYbu3VvBc9c82
|
||||||
|
EyGKaGvkAo1Pk6AKBggqhkjOPQMBBw==
|
||||||
|
-----END PRIVATE KEY-----
|
BIN
tests/data_files/ec_prv.pk8param.der
Normal file
BIN
tests/data_files/ec_prv.pk8param.der
Normal file
Binary file not shown.
5
tests/data_files/ec_prv.pk8param.pem
Normal file
5
tests/data_files/ec_prv.pk8param.pem
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
-----BEGIN PRIVATE KEY-----
|
||||||
|
MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgx+/F1F/nMZkz0NYVZGG7t1bwXPXP
|
||||||
|
NhMhimhr5AKNT5OgCgYIKoZIzj0DAQehRANCAARkJXH1LofHesYJwJkoZQ0ijCVrxDFEi8e/fc1d
|
||||||
|
6DS2Hsk55TWpL953QEIDN8RmW01lejceK3jQWs0uGDenGCcM
|
||||||
|
-----END PRIVATE KEY-----
|
|
@ -982,10 +982,6 @@ Parse EC Key #1 (SEC1 DER)
|
||||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||||
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0
|
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.der":"NULL":0
|
||||||
|
|
||||||
Parse EC Key #1a (SEC1 DER, no optional part)
|
|
||||||
depends_on:POLARSSL_PEM_PARSE_C:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
|
|
||||||
pk_parse_keyfile_ec:"data_files/ec_prv.noopt.der":"NULL":0
|
|
||||||
|
|
||||||
Parse EC Key #2 (SEC1 PEM)
|
Parse EC Key #2 (SEC1 PEM)
|
||||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||||
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pem":"NULL":0
|
pk_parse_keyfile_ec:"data_files/ec_prv.sec1.pem":"NULL":0
|
||||||
|
@ -998,10 +994,34 @@ Parse EC Key #4 (PKCS8 DER)
|
||||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||||
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.der":"NULL":0
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.der":"NULL":0
|
||||||
|
|
||||||
|
Parse EC Key #4a (PKCS8 DER, no public key)
|
||||||
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopub.der":"NULL":0
|
||||||
|
|
||||||
|
Parse EC Key #4b (PKCS8 DER, no public key, with parameters)
|
||||||
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopubparam.der":"NULL":0
|
||||||
|
|
||||||
|
Parse EC Key #4c (PKCS8 DER, with parameters)
|
||||||
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.der":"NULL":0
|
||||||
|
|
||||||
Parse EC Key #5 (PKCS8 PEM)
|
Parse EC Key #5 (PKCS8 PEM)
|
||||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||||
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pem":"NULL":0
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pem":"NULL":0
|
||||||
|
|
||||||
|
Parse EC Key #5a (PKCS8 PEM, no public key)
|
||||||
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopub.pem":"NULL":0
|
||||||
|
|
||||||
|
Parse EC Key #5b (PKCS8 PEM, no public key, with parameters)
|
||||||
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8nopubparam.pem":"NULL":0
|
||||||
|
|
||||||
|
Parse EC Key #5c (PKCS8 PEM, with parameters)
|
||||||
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
|
||||||
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8param.pem":"NULL":0
|
||||||
|
|
||||||
Parse EC Key #6 (PKCS8 encrypted DER)
|
Parse EC Key #6 (PKCS8 encrypted DER)
|
||||||
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
depends_on:MBEDTLS_DES_C:MBEDTLS_SHA1_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||||
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0
|
pk_parse_keyfile_ec:"data_files/ec_prv.pk8.pw.der":"polar":0
|
||||||
|
|
Loading…
Reference in a new issue