From c6ac8870d5bb9d0cb60b412c14b9b4e7c5e5dc7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Wed, 14 Aug 2013 18:04:18 +0200 Subject: [PATCH] Nicer interface between PK and debug. Finally get rid of pk_context.type member, too. --- include/polarssl/pk.h | 37 ++++++++++++++- library/debug.c | 53 ++++++++++++++-------- library/pk.c | 23 +++++++--- library/pk_wrap.c | 24 ++++++++++ tests/suites/test_suite_x509parse.function | 4 +- 5 files changed, 113 insertions(+), 28 deletions(-) diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h index 4f9fdb196..778efa703 100644 --- a/include/polarssl/pk.h +++ b/include/polarssl/pk.h @@ -81,6 +81,29 @@ typedef enum { POLARSSL_PK_ECDSA, } pk_type_t; +/** + * \brief Types for interfacing with the debug module + */ +typedef enum +{ + POLARSSL_PK_DEBUG_NONE = 0, + POLARSSL_PK_DEBUG_MPI, + POLARSSL_PK_DEBUG_ECP, +} pk_debug_type; + +/** + * \brief Item to send to the debug module + */ +typedef struct +{ + pk_debug_type type; + char *name; + void *value; +} pk_debug_item; + +/** Maximum number of item send for debugging, plus 1 */ +#define POLARSSL_PK_DEBUG_MAX_ITEMS 3 + /** * \brief Public key info */ @@ -109,6 +132,9 @@ typedef struct /** Free the given context */ void (*ctx_free_func)( void *ctx ); + /** Interface with the debug module */ + void (*debug_func)( const void *ctx, pk_debug_item *items ); + } pk_info_t; /** @@ -117,7 +143,6 @@ typedef struct typedef struct { const pk_info_t * info; /**< Public key informations */ - pk_type_t type; /**< Public key type (temporary) */ void * data; /**< Public key data */ } pk_context; @@ -182,6 +207,16 @@ int pk_verify( pk_context *ctx, const unsigned char *hash, const md_info_t *md_info, const unsigned char *sig, size_t sig_len ); +/** + * \brief Export debug information + * + * \param ctx Context to use + * \param items Place to write debug items + * + * \return 0 on sucess or POLARSSL_ERR_PK_BAD_INPUT_DATA + */ +int pk_debug( const pk_context *ctx, pk_debug_item *items ); + #ifdef __cplusplus } #endif diff --git a/library/debug.c b/library/debug.c index 8e3dd03a9..5522fb643 100644 --- a/library/debug.c +++ b/library/debug.c @@ -225,6 +225,39 @@ void debug_print_mpi( const ssl_context *ssl, int level, #endif /* POLARSSL_BIGNUM_C */ #if defined(POLARSSL_X509_PARSE_C) +static void debug_print_pk( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const pk_context *pk ) +{ + size_t i; + pk_debug_item items[POLARSSL_PK_DEBUG_MAX_ITEMS]; + char name[16]; + + memset( items, 0, sizeof( items ) ); + + if( pk_debug( pk, items ) != 0 ) + { + debug_print_msg( ssl, level, file, line, "invalid PK context" ); + return; + } + + for( i = 0; i < sizeof( items ); i++ ) + { + if( items[i].type == POLARSSL_PK_DEBUG_NONE ) + return; + + snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); + name[sizeof( name ) - 1] = '\0'; + + if( items[i].type == POLARSSL_PK_DEBUG_MPI ) + debug_print_mpi( ssl, level, file, line, name, items[i].value ); + else if( items[i].type == POLARSSL_PK_DEBUG_ECP ) + debug_print_ecp( ssl, level, file, line, name, items[i].value ); + else + debug_print_msg( ssl, level, file, line, "should not happen" ); + } +} + void debug_print_crt( const ssl_context *ssl, int level, const char *file, int line, const char *text, const x509_cert *crt ) @@ -250,25 +283,7 @@ void debug_print_crt( const ssl_context *ssl, int level, str[maxlen] = '\0'; ssl->f_dbg( ssl->p_dbg, level, str ); -#if defined(POLARSSL_RSA_C) - if( crt->pk.type == POLARSSL_PK_RSA ) - { - debug_print_mpi( ssl, level, file, line, - "crt->rsa.N", &pk_rsa( crt->pk )->N ); - debug_print_mpi( ssl, level, file, line, - "crt->rsa.E", &pk_rsa( crt->pk )->E ); - } else -#endif /* POLARSSL_RSA_C */ -#if defined(POLARSSL_ECP_C) - if( crt->pk.type == POLARSSL_PK_ECKEY || - crt->pk.type == POLARSSL_PK_ECKEY_DH ) - { - debug_print_ecp( ssl, level, file, line, - "crt->eckey.Q", &pk_ec( crt->pk )->Q ); - } else -#endif /* POLARSSL_ECP_C */ - debug_print_msg( ssl, level, file, line, - "crt->pk.type is not valid" ); + debug_print_pk( ssl, level, file, line, "crt->", &crt->pk ); crt = crt->next; } diff --git a/library/pk.c b/library/pk.c index ce3b88a18..f3c64cb42 100644 --- a/library/pk.c +++ b/library/pk.c @@ -56,7 +56,6 @@ void pk_init( pk_context *ctx ) return; ctx->info = NULL; - ctx->type = POLARSSL_PK_NONE; ctx->data = NULL; } @@ -72,7 +71,6 @@ void pk_free( pk_context *ctx ) ctx->data = NULL; ctx->info = NULL; - ctx->type = POLARSSL_PK_NONE; } /* @@ -107,11 +105,13 @@ int pk_set_type( pk_context *ctx, pk_type_t type ) { const pk_info_t *info; - if( ctx->type == type ) - return( 0 ); + if( ctx->info != NULL ) + { + if( ctx->info->type == type ) + return 0; - if( ctx->type != POLARSSL_PK_NONE ) return( POLARSSL_ERR_PK_TYPE_MISMATCH ); + } if( ( info = pk_info_from_type( type ) ) == NULL ) return( POLARSSL_ERR_PK_TYPE_MISMATCH ); @@ -119,7 +119,6 @@ int pk_set_type( pk_context *ctx, pk_type_t type ) if( ( ctx->data = info->ctx_alloc_func() ) == NULL ) return( POLARSSL_ERR_PK_MALLOC_FAILED ); - ctx->type = type; ctx->info = info; return( 0 ); @@ -160,3 +159,15 @@ size_t pk_get_size( const pk_context *ctx ) return( ctx->info->get_size( ctx->data ) ); } + +/* + * Export debug information + */ +int pk_debug( const pk_context *ctx, pk_debug_item *items ) +{ + if( ctx == NULL || ctx->info == NULL ) + return( POLARSSL_ERR_PK_TYPE_MISMATCH ); // TODO + + ctx->info->debug_func( ctx->data, items ); + return( 0 ); +} diff --git a/library/pk_wrap.c b/library/pk_wrap.c index 239ff78e4..284bd1dbd 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -84,6 +84,19 @@ static void rsa_free_wrap( void *ctx ) polarssl_free( ctx ); } +static void rsa_debug( const void *ctx, pk_debug_item *items ) +{ + items->type = POLARSSL_PK_DEBUG_MPI; + items->name = "rsa.N"; + items->value = &( ((rsa_context *) ctx)->N ); + + items++; + + items->type = POLARSSL_PK_DEBUG_MPI; + items->name = "rsa.E"; + items->value = &( ((rsa_context *) ctx)->E ); +} + const pk_info_t rsa_info = { POLARSSL_PK_RSA, "RSA", @@ -92,6 +105,7 @@ const pk_info_t rsa_info = { rsa_verify_wrap, rsa_alloc_wrap, rsa_free_wrap, + rsa_debug, }; #endif /* POLARSSL_RSA_C */ @@ -138,6 +152,7 @@ const pk_info_t ecdsa_info = { ecdsa_verify_wrap, ecdsa_alloc_wrap, ecdsa_free_wrap, + NULL, }; #endif /* POLARSSL_ECDSA_C */ @@ -200,6 +215,13 @@ static void eckey_free_wrap( void *ctx ) polarssl_free( ctx ); } +static void eckey_debug( const void *ctx, pk_debug_item *items ) +{ + items->type = POLARSSL_PK_DEBUG_ECP; + items->name = "eckey.Q"; + items->value = &( ((ecp_keypair *) ctx)->Q ); +} + const pk_info_t eckey_info = { POLARSSL_PK_ECKEY, "EC", @@ -208,6 +230,7 @@ const pk_info_t eckey_info = { eckey_verify_wrap, eckey_alloc_wrap, eckey_free_wrap, + eckey_debug, }; /* @@ -240,5 +263,6 @@ const pk_info_t eckeydh_info = { eckeydh_verify_wrap, eckey_alloc_wrap, /* Same underlying key structure */ eckey_free_wrap, /* Same underlying key structure */ + NULL, }; #endif /* POLARSSL_ECP_C */ diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function index cec4d8d8d..6bda6faab 100644 --- a/tests/suites/test_suite_x509parse.function +++ b/tests/suites/test_suite_x509parse.function @@ -226,7 +226,7 @@ void x509parse_public_keyfile_ec( char *key_file, int result ) if( res == 0 ) { ecp_keypair *eckey; - TEST_ASSERT( ctx.type == POLARSSL_PK_ECKEY ); + TEST_ASSERT( pk_can_do( &ctx, POLARSSL_PK_ECKEY ) ); eckey = (ecp_keypair *) ctx.data; TEST_ASSERT( ecp_check_pubkey( &eckey->grp, &eckey->Q ) == 0 ); } @@ -250,7 +250,7 @@ void x509parse_keyfile_ec( char *key_file, char *password, int result ) if( res == 0 ) { ecp_keypair *eckey; - TEST_ASSERT( ctx.type == POLARSSL_PK_ECKEY ); + TEST_ASSERT( pk_can_do( &ctx, POLARSSL_PK_ECKEY ) ); eckey = (ecp_keypair *) ctx.data; TEST_ASSERT( ecp_check_privkey( &eckey->grp, &eckey->d ) == 0 ); }