Mercurial > dropbear
comparison libtomcrypt/src/pk/rsa/rsa_import_x509.c @ 1511:5916af64acd4 fuzz
merge from main
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 17 Feb 2018 19:29:51 +0800 |
parents | 6dba84798cd5 |
children |
comparison
equal
deleted
inserted
replaced
1457:32f990cc96b1 | 1511:5916af64acd4 |
---|---|
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis | |
2 * | |
3 * LibTomCrypt is a library that provides various cryptographic | |
4 * algorithms in a highly modular and flexible manner. | |
5 * | |
6 * The library is free for all purposes without any express | |
7 * guarantee it works. | |
8 */ | |
9 #include "tomcrypt.h" | |
10 | |
11 /** | |
12 @file rsa_import.c | |
13 Import an RSA key from a X.509 certificate, Steffen Jaeckel | |
14 */ | |
15 | |
16 #ifdef LTC_MRSA | |
17 | |
18 /** | |
19 Import an RSA key from a X.509 certificate | |
20 @param in The packet to import from | |
21 @param inlen It's length (octets) | |
22 @param key [out] Destination for newly imported key | |
23 @return CRYPT_OK if successful, upon error allocated memory is freed | |
24 */ | |
25 int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key) | |
26 { | |
27 int err; | |
28 unsigned char *tmpbuf; | |
29 unsigned long tmpbuf_len, tmp_inlen; | |
30 ltc_asn1_list *decoded_list = NULL, *l; | |
31 | |
32 LTC_ARGCHK(in != NULL); | |
33 LTC_ARGCHK(key != NULL); | |
34 LTC_ARGCHK(ltc_mp.name != NULL); | |
35 | |
36 /* init key */ | |
37 if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, | |
38 &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) { | |
39 return err; | |
40 } | |
41 | |
42 tmpbuf_len = inlen; | |
43 tmpbuf = XCALLOC(1, tmpbuf_len); | |
44 if (tmpbuf == NULL) { | |
45 err = CRYPT_MEM; | |
46 goto LBL_ERR; | |
47 } | |
48 | |
49 tmp_inlen = inlen; | |
50 if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) { | |
51 l = decoded_list; | |
52 /* Move 2 levels up in the tree | |
53 SEQUENCE | |
54 SEQUENCE | |
55 ... | |
56 */ | |
57 if (l->type == LTC_ASN1_SEQUENCE && l->child) { | |
58 l = l->child; | |
59 if (l->type == LTC_ASN1_SEQUENCE && l->child) { | |
60 l = l->child; | |
61 | |
62 err = CRYPT_ERROR; | |
63 | |
64 /* Move forward in the tree until we find this combination | |
65 ... | |
66 SEQUENCE | |
67 SEQUENCE | |
68 OBJECT IDENTIFIER 1.2.840.113549.1.1.1 | |
69 NULL | |
70 BIT STRING | |
71 */ | |
72 do { | |
73 /* The additional check for l->data is there to make sure | |
74 * we won't try to decode a list that has been 'shrunk' | |
75 */ | |
76 if (l->type == LTC_ASN1_SEQUENCE && l->data && l->child && | |
77 l->child->type == LTC_ASN1_SEQUENCE && l->child->child && | |
78 l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && l->child->next && | |
79 l->child->next->type == LTC_ASN1_BIT_STRING) { | |
80 err = der_decode_subject_public_key_info(l->data, l->size, | |
81 PKA_RSA, tmpbuf, &tmpbuf_len, | |
82 LTC_ASN1_NULL, NULL, 0); | |
83 if (err == CRYPT_OK) { | |
84 /* now it should be SEQUENCE { INTEGER, INTEGER } */ | |
85 if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len, | |
86 LTC_ASN1_INTEGER, 1UL, key->N, | |
87 LTC_ASN1_INTEGER, 1UL, key->e, | |
88 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { | |
89 goto LBL_ERR; | |
90 } | |
91 key->type = PK_PUBLIC; | |
92 err = CRYPT_OK; | |
93 goto LBL_FREE; | |
94 } | |
95 } | |
96 l = l->next; | |
97 } while(l); | |
98 } | |
99 } | |
100 } | |
101 | |
102 | |
103 LBL_ERR: | |
104 rsa_free(key); | |
105 | |
106 LBL_FREE: | |
107 if (decoded_list) der_free_sequence_flexi(decoded_list); | |
108 if (tmpbuf != NULL) XFREE(tmpbuf); | |
109 | |
110 return err; | |
111 } | |
112 | |
113 #endif /* LTC_MRSA */ | |
114 | |
115 | |
116 /* ref: $Format:%D$ */ | |
117 /* git commit: $Format:%H$ */ | |
118 /* commit time: $Format:%ai$ */ |