mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-03 16:25:45 +00:00
Resolve PR review comments
1) use `pk_get_rsapubkey` instead of reimplementing the parsing 2) rename the key files, according to their type and key size 3) comment in the data_files/Makefile hoe the keys were generated 4) Fix issue of failure parsing pkcs#1 DER format parsing, missed in previous commit
This commit is contained in:
parent
d0c56de934
commit
b006518289
|
@ -649,14 +649,6 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
|
||||||
|
|
||||||
p = (unsigned char *) key;
|
p = (unsigned char *) key;
|
||||||
end = p + keylen;
|
end = p + keylen;
|
||||||
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
|
|
||||||
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
|
|
||||||
{
|
|
||||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
|
||||||
}
|
|
||||||
|
|
||||||
end = p + len;
|
|
||||||
|
|
||||||
if( mode == 0 )
|
if( mode == 0 )
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
|
@ -675,6 +667,14 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
|
||||||
* otherPrimeInfos OtherPrimeInfos OPTIONAL
|
* otherPrimeInfos OtherPrimeInfos OPTIONAL
|
||||||
* }
|
* }
|
||||||
*/
|
*/
|
||||||
|
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
|
||||||
|
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
|
||||||
|
{
|
||||||
|
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
||||||
|
}
|
||||||
|
|
||||||
|
end = p + len;
|
||||||
|
|
||||||
if( ( ret = mbedtls_asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
|
if( ( ret = mbedtls_asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
||||||
|
@ -715,36 +715,11 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
|
||||||
}
|
}
|
||||||
else /* public key*/
|
else /* public key*/
|
||||||
{
|
{
|
||||||
/*
|
if( ( ret = pk_get_rsapubkey( &p, end, rsa ) ) != 0 )
|
||||||
* This function parses the RSAPublicKey (PKCS#1)
|
|
||||||
*
|
|
||||||
* RSAPublicKey ::= SEQUENCE {
|
|
||||||
* modulus INTEGER, -- n
|
|
||||||
* publicExponent INTEGER -- e
|
|
||||||
* }
|
|
||||||
*/
|
|
||||||
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
|
|
||||||
( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->E ) ) != 0 )
|
|
||||||
{
|
{
|
||||||
mbedtls_rsa_free( rsa );
|
mbedtls_rsa_free( rsa );
|
||||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
rsa->len = mbedtls_mpi_size( &rsa->N );
|
|
||||||
|
|
||||||
if( p != end )
|
|
||||||
{
|
|
||||||
mbedtls_rsa_free( rsa );
|
|
||||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
|
|
||||||
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
|
|
||||||
}
|
|
||||||
|
|
||||||
if( ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 )
|
|
||||||
{
|
|
||||||
mbedtls_rsa_free( rsa );
|
|
||||||
return( ret );
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
@ -1287,6 +1262,7 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
|
||||||
#if defined(MBEDTLS_PEM_PARSE_C)
|
#if defined(MBEDTLS_PEM_PARSE_C)
|
||||||
size_t len;
|
size_t len;
|
||||||
mbedtls_pem_context pem;
|
mbedtls_pem_context pem;
|
||||||
|
const mbedtls_pk_info_t *pk_info;
|
||||||
|
|
||||||
mbedtls_pem_init( &pem );
|
mbedtls_pem_init( &pem );
|
||||||
#if defined(MBEDTLS_RSA_C)
|
#if defined(MBEDTLS_RSA_C)
|
||||||
|
@ -1301,7 +1277,6 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
|
||||||
|
|
||||||
if( ret == 0 )
|
if( ret == 0 )
|
||||||
{
|
{
|
||||||
const mbedtls_pk_info_t *pk_info;
|
|
||||||
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
|
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
|
||||||
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
|
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
|
||||||
|
|
||||||
|
@ -1319,6 +1294,21 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
|
||||||
mbedtls_pem_free( &pem );
|
mbedtls_pem_free( &pem );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
|
||||||
|
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
|
||||||
|
|
||||||
|
if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 )
|
||||||
|
return( ret );
|
||||||
|
|
||||||
|
ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *ctx ),
|
||||||
|
key, keylen, 1 );
|
||||||
|
if ( ret == 0 )
|
||||||
|
{
|
||||||
|
mbedtls_pem_free( &pem );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
|
mbedtls_pk_free( ctx );
|
||||||
#endif /* MBEDTLS_RSA_C */
|
#endif /* MBEDTLS_RSA_C */
|
||||||
|
|
||||||
/* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
|
/* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
|
||||||
|
|
|
@ -64,7 +64,13 @@ server2-sha256.crt: server2-rsa.csr
|
||||||
$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA test-ca-sha256.crt -CAkey $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 4 -days 3653 -sha256 -in server2-rsa.csr -out $@
|
$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA test-ca-sha256.crt -CAkey $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 4 -days 3653 -sha256 -in server2-rsa.csr -out $@
|
||||||
all_final += server2-sha256.crt
|
all_final += server2-sha256.crt
|
||||||
|
|
||||||
|
rsa_pkcs1_2048_public.pem: server8.key
|
||||||
|
$(OPENSSL) rsa -in server8.key -outform PEM -RSAPublicKey_out -out $@
|
||||||
|
all_final += rsa_pkcs8_2048_public.pem
|
||||||
|
|
||||||
|
rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem
|
||||||
|
$(OPENSSL) -RSAPublicKey_in -in rsa_pkcs1_2048_public.pem -outform DER -RSAPublicKey_out -out $@
|
||||||
|
all_final += rsa_pkcs8_2048_public.der
|
||||||
|
|
||||||
################################################################
|
################################################################
|
||||||
#### Meta targets
|
#### Meta targets
|
||||||
|
|
Binary file not shown.
|
@ -1,8 +0,0 @@
|
||||||
-----BEGIN RSA PUBLIC KEY-----
|
|
||||||
MIIBCgKCAQEA2UFMidUiQFATstnnSR6Q97QThcnPzkATdIM5LQ1HMLLbzmTrLRa1
|
|
||||||
mjneNIh9jE+ZpPDEXVcUAwrvgCOb/MQeqetYNxU8FHU1Baw76ZCSe91GPK6xSdIW
|
|
||||||
ovsrsPCKnu8qQBYGTV/OQ4Y6KvVL5NvcLsQfxGgOYtFuD6xn6oE25SwScqWD5y4Q
|
|
||||||
zB3Rm7u23xBBcLr+zb4fVjBOGS1vIVNnxj7aDYJTB9ZO2i+5MUch0BPHhsd3gf//
|
|
||||||
u5ECyItnc+B50apbc/7wziwX1ABMvGVIWbvEMG68Vgst2kX91ojiDPZJej/c2xLR
|
|
||||||
gpzage6SGEIQiCDQVIudSMnzZoltyMUmNwIDAQAB
|
|
||||||
-----END RSA PUBLIC KEY-----
|
|
BIN
tests/data_files/rsa_pkcs1_2048_public.der
Normal file
BIN
tests/data_files/rsa_pkcs1_2048_public.der
Normal file
Binary file not shown.
8
tests/data_files/rsa_pkcs1_2048_public.pem
Normal file
8
tests/data_files/rsa_pkcs1_2048_public.pem
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
-----BEGIN RSA PUBLIC KEY-----
|
||||||
|
MIIBCgKCAQEA2xx/LgvNv87RdRCgorjOfariBeB62ERjj7W9wLAZuTe4GUoO8V10
|
||||||
|
gGdGhwbeW38GA73BjV4HFdRb9Nzlzz35wREsrmq5ir0dZ2YX6k692xWagofk8HjD
|
||||||
|
o4WHsP2fqZlf4zPszOoLtWFe8Ul+P6Mt6gEMzEKadpvE0DfTsRcBYQEWWX4cF8NT
|
||||||
|
/dFyy0xgFdp94uqtUO+O4ovUandV1nDZa7vx7jkEOKO94tHgZmvinEeZ6Sjmtvwu
|
||||||
|
ymdDhOjVg9admGsBPoHcPHrK+fOc99YoGyd4fMPQ1WOngTSJrSVqvfLq7fpX/OU0
|
||||||
|
xsEPcS3SCBAbrURB4P55oGOTirFd6bDubwIDAQAB
|
||||||
|
-----END RSA PUBLIC KEY-----
|
|
@ -108,15 +108,15 @@ pk_parse_public_keyfile_rsa:"data_files/format_gen.pub":0
|
||||||
|
|
||||||
Parse Public RSA Key #1 (PKCS#8 wrapped, DER)
|
Parse Public RSA Key #1 (PKCS#8 wrapped, DER)
|
||||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C
|
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C
|
||||||
pk_parse_public_keyfile_rsa:"data_files/format_gen_der.pub":0
|
pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs8_1024_public.der":0
|
||||||
|
|
||||||
Parse Public RSA Key #3 (PKCS#1 wrapped)
|
Parse Public RSA Key #3 (PKCS#1 wrapped)
|
||||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C
|
depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C
|
||||||
pk_parse_public_keyfile_rsa:"data_files/public_rsa_key.pem":0
|
pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs1_2048_public.pem":0
|
||||||
|
|
||||||
Parse Public RSA Key #4 (PKCS#1 wrapped, DER)
|
Parse Public RSA Key #4 (PKCS#1 wrapped, DER)
|
||||||
depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C
|
depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C
|
||||||
pk_parse_public_keyfile_rsa:"data_files/public_rsa_key.der":0
|
pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs1_2048_public.der":0
|
||||||
|
|
||||||
Parse Public EC Key #1 (RFC 5480, DER)
|
Parse Public EC Key #1 (RFC 5480, DER)
|
||||||
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED
|
||||||
|
|
Loading…
Reference in a new issue