Mercurial > dropbear

comparison libtomcrypt/src/pk/rsa/rsa_import_x509.c @ 1471:6dba84798cd5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to libtomcrypt 1.18.1, merged with Dropbear changes
author Matt Johnston <matt@ucc.asn.au>
date Fri, 09 Feb 2018 21:44:05 +0800
parents
children
comparison
equal deleted inserted replaced
1470:8bba51a55704 1471:6dba84798cd5
1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
2 *
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
5 *
6 * The library is free for all purposes without any express
7 * guarantee it works.
8 */
9 #include "tomcrypt.h"
10
11 /**
12 @file rsa_import.c
13 Import an RSA key from a X.509 certificate, Steffen Jaeckel
14 */
15
16 #ifdef LTC_MRSA
17
18 /**
19 Import an RSA key from a X.509 certificate
20 @param in The packet to import from
21 @param inlen It's length (octets)
22 @param key [out] Destination for newly imported key
23 @return CRYPT_OK if successful, upon error allocated memory is freed
24 */
25 int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
26 {
27 int err;
28 unsigned char *tmpbuf;
29 unsigned long tmpbuf_len, tmp_inlen;
30 ltc_asn1_list *decoded_list = NULL, *l;
31
32 LTC_ARGCHK(in != NULL);
33 LTC_ARGCHK(key != NULL);
34 LTC_ARGCHK(ltc_mp.name != NULL);
35
36 /* init key */
37 if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ,
38 &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
39 return err;
40 }
41
42 tmpbuf_len = inlen;
43 tmpbuf = XCALLOC(1, tmpbuf_len);
44 if (tmpbuf == NULL) {
45 err = CRYPT_MEM;
46 goto LBL_ERR;
47 }
48
49 tmp_inlen = inlen;
50 if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) {
51 l = decoded_list;
52 /* Move 2 levels up in the tree
53 SEQUENCE
54 SEQUENCE
55 ...
56 */
57 if (l->type == LTC_ASN1_SEQUENCE && l->child) {
58 l = l->child;
59 if (l->type == LTC_ASN1_SEQUENCE && l->child) {
60 l = l->child;
61
62 err = CRYPT_ERROR;
63
64 /* Move forward in the tree until we find this combination
65 ...
66 SEQUENCE
67 SEQUENCE
68 OBJECT IDENTIFIER 1.2.840.113549.1.1.1
69 NULL
70 BIT STRING
71 */
72 do {
73 /* The additional check for l->data is there to make sure
74 * we won't try to decode a list that has been 'shrunk'
75 */
76 if (l->type == LTC_ASN1_SEQUENCE && l->data && l->child &&
77 l->child->type == LTC_ASN1_SEQUENCE && l->child->child &&
78 l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && l->child->next &&
79 l->child->next->type == LTC_ASN1_BIT_STRING) {
80 err = der_decode_subject_public_key_info(l->data, l->size,
81 PKA_RSA, tmpbuf, &tmpbuf_len,
82 LTC_ASN1_NULL, NULL, 0);
83 if (err == CRYPT_OK) {
84 /* now it should be SEQUENCE { INTEGER, INTEGER } */
85 if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len,
86 LTC_ASN1_INTEGER, 1UL, key->N,
87 LTC_ASN1_INTEGER, 1UL, key->e,
88 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
89 goto LBL_ERR;
90 }
91 key->type = PK_PUBLIC;
92 err = CRYPT_OK;
93 goto LBL_FREE;
94 }
95 }
96 l = l->next;
97 } while(l);
98 }
99 }
100 }
101
102
103 LBL_ERR:
104 rsa_free(key);
105
106 LBL_FREE:
107 if (decoded_list) der_free_sequence_flexi(decoded_list);
108 if (tmpbuf != NULL) XFREE(tmpbuf);
109
110 return err;
111 }
112
113 #endif /* LTC_MRSA */
114
115
116 /* ref: $Format:%D$ */
117 /* git commit: $Format:%H$ */
118 /* commit time: $Format:%ai$ */