Add pk_check_pair()

This commit is contained in:
Manuel Pégourié-Gonnard 2014-11-06 16:51:20 +01:00
parent 30668d688d
commit 70bdadf54b
5 changed files with 88 additions and 0 deletions

View file

@ -177,6 +177,9 @@ typedef struct
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** Check public-private key pair */
int (*check_pair_func)( const void *pub, const void *prv );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
@ -426,6 +429,16 @@ int pk_encrypt( pk_context *ctx,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Check if a public-private pair of keys matches.
*
* \param pub Context holding a public key.
* \param prv Context holding a private (and public) key.
*
* \return 0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA
*/
int pk_check_pair( const pk_context *pub, const pk_context *prv );
/**
* \brief Export debug information
*

View file

@ -300,6 +300,26 @@ int pk_encrypt( pk_context *ctx,
output, olen, osize, f_rng, p_rng ) );
}
/*
* Check public-private key pair
*/
int pk_check_pair( const pk_context *pub, const pk_context *prv )
{
if( pub == NULL || pub->pk_info == NULL ||
prv == NULL || prv->pk_info == NULL )
{
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
}
if( pub->pk_info != prv->pk_info ||
pub->pk_info->check_pair_func == NULL )
{
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
}
return( pub->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
}
/*
* Get key size in bits
*/

View file

@ -125,6 +125,12 @@ static int rsa_encrypt_wrap( void *ctx,
f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
}
static int rsa_check_pair_wrap( const void *pub, const void *prv )
{
return( rsa_check_pub_priv( (const rsa_context *) pub,
(const rsa_context *) prv ) );
}
static void *rsa_alloc_wrap( void )
{
void *ctx = polarssl_malloc( sizeof( rsa_context ) );
@ -163,6 +169,7 @@ const pk_info_t rsa_info = {
rsa_sign_wrap,
rsa_decrypt_wrap,
rsa_encrypt_wrap,
rsa_check_pair_wrap,
rsa_alloc_wrap,
rsa_free_wrap,
rsa_debug,
@ -234,6 +241,12 @@ static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
#endif /* POLARSSL_ECDSA_C */
static int eckey_check_pair( const void *pub, const void *prv )
{
return( ecp_check_pub_priv( (const ecp_keypair *) pub,
(const ecp_keypair *) prv ) );
}
static void *eckey_alloc_wrap( void )
{
void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
@ -271,6 +284,7 @@ const pk_info_t eckey_info = {
#endif
NULL,
NULL,
eckey_check_pair,
eckey_alloc_wrap,
eckey_free_wrap,
eckey_debug,
@ -294,6 +308,7 @@ const pk_info_t eckeydh_info = {
NULL,
NULL,
NULL,
eckey_check_pair,
eckey_alloc_wrap, /* Same underlying key structure */
eckey_free_wrap, /* Same underlying key structure */
eckey_debug, /* Same underlying key structure */
@ -367,6 +382,7 @@ const pk_info_t ecdsa_info = {
ecdsa_sign_wrap,
NULL,
NULL,
eckey_check_pair, /* Compatible key structures */
ecdsa_alloc_wrap,
ecdsa_free_wrap,
eckey_debug, /* Compatible key structures */
@ -444,6 +460,7 @@ const pk_info_t rsa_alt_info = {
rsa_alt_sign_wrap,
rsa_alt_decrypt_wrap,
NULL,
NULL, /* No public key */
rsa_alt_alloc_wrap,
rsa_alt_free_wrap,
NULL,

View file

@ -130,3 +130,23 @@ Verify ext RSA #12 (PKCS1 v1.5, good)
depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
pk_rsa_verify_ext_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":POLARSSL_PK_RSA:-1:RSA_SALT_LEN_ANY:0
Check pair #1 (EC, OK)
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
pk_check_pair:"data_files/ec_256_pub.pem":"data_files/ec_256_prv.pem":0
Check pair #2 (EC, bad)
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server5.key":POLARSSL_ERR_ECP_BAD_INPUT_DATA
Check pair #3 (RSA, OK)
depends_on:POLARSSL_RSA_C
pk_check_pair:"data_files/server1.pubkey":"data_files/server1.key":0
Check pair #4 (RSA, bad)
depends_on:POLARSSL_RSA_C
pk_check_pair:"data_files/server1.pubkey":"data_files/server2.key":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
Check pair #5 (RSA vs EC)
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED:POLARSSL_RSA_C
pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server1.key":POLARSSL_ERR_PK_TYPE_MISMATCH

View file

@ -80,6 +80,24 @@ exit:
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_PK_PARSE_C */
void pk_check_pair( char *pub_file, char *prv_file, int ret )
{
pk_context pub, prv;
pk_init( &pub );
pk_init( &prv );
TEST_ASSERT( pk_parse_public_keyfile( &pub, pub_file ) == 0 );
TEST_ASSERT( pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
TEST_ASSERT( pk_check_pair( &pub, &prv ) == ret );
pk_free( &pub );
pk_free( &prv );
}
/* END_CASE */
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
void pk_rsa_verify_test_vec( char *message_hex_string, int digest,
int mod, int radix_N, char *input_N, int radix_E,