mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-10 19:25:29 +00:00
Add pk_check_pair()
This commit is contained in:
parent
30668d688d
commit
70bdadf54b
|
@ -177,6 +177,9 @@ typedef struct
|
|||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/** Check public-private key pair */
|
||||
int (*check_pair_func)( const void *pub, const void *prv );
|
||||
|
||||
/** Allocate a new context */
|
||||
void * (*ctx_alloc_func)( void );
|
||||
|
||||
|
@ -426,6 +429,16 @@ int pk_encrypt( pk_context *ctx,
|
|||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Check if a public-private pair of keys matches.
|
||||
*
|
||||
* \param pub Context holding a public key.
|
||||
* \param prv Context holding a private (and public) key.
|
||||
*
|
||||
* \return 0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA
|
||||
*/
|
||||
int pk_check_pair( const pk_context *pub, const pk_context *prv );
|
||||
|
||||
/**
|
||||
* \brief Export debug information
|
||||
*
|
||||
|
|
20
library/pk.c
20
library/pk.c
|
@ -300,6 +300,26 @@ int pk_encrypt( pk_context *ctx,
|
|||
output, olen, osize, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Check public-private key pair
|
||||
*/
|
||||
int pk_check_pair( const pk_context *pub, const pk_context *prv )
|
||||
{
|
||||
if( pub == NULL || pub->pk_info == NULL ||
|
||||
prv == NULL || prv->pk_info == NULL )
|
||||
{
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
if( pub->pk_info != prv->pk_info ||
|
||||
pub->pk_info->check_pair_func == NULL )
|
||||
{
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
||||
return( pub->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get key size in bits
|
||||
*/
|
||||
|
|
|
@ -125,6 +125,12 @@ static int rsa_encrypt_wrap( void *ctx,
|
|||
f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
|
||||
}
|
||||
|
||||
static int rsa_check_pair_wrap( const void *pub, const void *prv )
|
||||
{
|
||||
return( rsa_check_pub_priv( (const rsa_context *) pub,
|
||||
(const rsa_context *) prv ) );
|
||||
}
|
||||
|
||||
static void *rsa_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( rsa_context ) );
|
||||
|
@ -163,6 +169,7 @@ const pk_info_t rsa_info = {
|
|||
rsa_sign_wrap,
|
||||
rsa_decrypt_wrap,
|
||||
rsa_encrypt_wrap,
|
||||
rsa_check_pair_wrap,
|
||||
rsa_alloc_wrap,
|
||||
rsa_free_wrap,
|
||||
rsa_debug,
|
||||
|
@ -234,6 +241,12 @@ static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
|
|||
|
||||
#endif /* POLARSSL_ECDSA_C */
|
||||
|
||||
static int eckey_check_pair( const void *pub, const void *prv )
|
||||
{
|
||||
return( ecp_check_pub_priv( (const ecp_keypair *) pub,
|
||||
(const ecp_keypair *) prv ) );
|
||||
}
|
||||
|
||||
static void *eckey_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
|
||||
|
@ -271,6 +284,7 @@ const pk_info_t eckey_info = {
|
|||
#endif
|
||||
NULL,
|
||||
NULL,
|
||||
eckey_check_pair,
|
||||
eckey_alloc_wrap,
|
||||
eckey_free_wrap,
|
||||
eckey_debug,
|
||||
|
@ -294,6 +308,7 @@ const pk_info_t eckeydh_info = {
|
|||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
eckey_check_pair,
|
||||
eckey_alloc_wrap, /* Same underlying key structure */
|
||||
eckey_free_wrap, /* Same underlying key structure */
|
||||
eckey_debug, /* Same underlying key structure */
|
||||
|
@ -367,6 +382,7 @@ const pk_info_t ecdsa_info = {
|
|||
ecdsa_sign_wrap,
|
||||
NULL,
|
||||
NULL,
|
||||
eckey_check_pair, /* Compatible key structures */
|
||||
ecdsa_alloc_wrap,
|
||||
ecdsa_free_wrap,
|
||||
eckey_debug, /* Compatible key structures */
|
||||
|
@ -444,6 +460,7 @@ const pk_info_t rsa_alt_info = {
|
|||
rsa_alt_sign_wrap,
|
||||
rsa_alt_decrypt_wrap,
|
||||
NULL,
|
||||
NULL, /* No public key */
|
||||
rsa_alt_alloc_wrap,
|
||||
rsa_alt_free_wrap,
|
||||
NULL,
|
||||
|
|
|
@ -130,3 +130,23 @@ Verify ext RSA #12 (PKCS1 v1.5, good)
|
|||
depends_on:POLARSSL_SHA1_C:POLARSSL_PKCS1_V15
|
||||
pk_rsa_verify_ext_test_vec:"206ef4bf396c6087f8229ef196fd35f37ccb8de5efcdb238f20d556668f114257a11fbe038464a67830378e62ae9791453953dac1dbd7921837ba98e84e856eb80ed9487e656d0b20c28c8ba5e35db1abbed83ed1c7720a97701f709e3547a4bfcabca9c89c57ad15c3996577a0ae36d7c7b699035242f37954646c1cd5c08ac":POLARSSL_MD_SHA1:1024:16:"e28a13548525e5f36dccb24ecb7cc332cc689dfd64012604c9c7816d72a16c3f5fcdc0e86e7c03280b1c69b586ce0cd8aec722cc73a5d3b730310bf7dfebdc77ce5d94bbc369dc18a2f7b07bd505ab0f82224aef09fdc1e5063234255e0b3c40a52e9e8ae60898eb88a766bdd788fe9493d8fd86bcdd2884d5c06216c65469e5":16:"3":"5abc01f5de25b70867ff0c24e222c61f53c88daf42586fddcd56f3c4588f074be3c328056c063388688b6385a8167957c6e5355a510e005b8a851d69c96b36ec6036644078210e5d7d326f96365ee0648882921492bc7b753eb9c26cdbab37555f210df2ca6fec1b25b463d38b81c0dcea202022b04af5da58aa03d77be949b7":POLARSSL_PK_RSA:-1:RSA_SALT_LEN_ANY:0
|
||||
|
||||
Check pair #1 (EC, OK)
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
|
||||
pk_check_pair:"data_files/ec_256_pub.pem":"data_files/ec_256_prv.pem":0
|
||||
|
||||
Check pair #2 (EC, bad)
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED
|
||||
pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server5.key":POLARSSL_ERR_ECP_BAD_INPUT_DATA
|
||||
|
||||
Check pair #3 (RSA, OK)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
pk_check_pair:"data_files/server1.pubkey":"data_files/server1.key":0
|
||||
|
||||
Check pair #4 (RSA, bad)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
pk_check_pair:"data_files/server1.pubkey":"data_files/server2.key":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
|
||||
|
||||
Check pair #5 (RSA vs EC)
|
||||
depends_on:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP256R1_ENABLED:POLARSSL_RSA_C
|
||||
pk_check_pair:"data_files/ec_256_pub.pem":"data_files/server1.key":POLARSSL_ERR_PK_TYPE_MISMATCH
|
||||
|
||||
|
|
|
@ -80,6 +80,24 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:POLARSSL_PK_PARSE_C */
|
||||
void pk_check_pair( char *pub_file, char *prv_file, int ret )
|
||||
{
|
||||
pk_context pub, prv;
|
||||
|
||||
pk_init( &pub );
|
||||
pk_init( &prv );
|
||||
|
||||
TEST_ASSERT( pk_parse_public_keyfile( &pub, pub_file ) == 0 );
|
||||
TEST_ASSERT( pk_parse_keyfile( &prv, prv_file, NULL ) == 0 );
|
||||
|
||||
TEST_ASSERT( pk_check_pair( &pub, &prv ) == ret );
|
||||
|
||||
pk_free( &pub );
|
||||
pk_free( &prv );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
|
||||
void pk_rsa_verify_test_vec( char *message_hex_string, int digest,
|
||||
int mod, int radix_N, char *input_N, int radix_E,
|
||||
|
|
Loading…
Reference in a new issue