yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Abstract away MBEDTLS_PK_PARSE_EC_EXTENDED

Browse source 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2023-07-27 12:20:16 +02:00
parent fac9819edc
commit 12ea63a5f7
1 changed files with 52 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

69
library/pkparse.c
View file

@ -345,15 +345,51 @@ static int pk_ecc_set_pubkey(mbedtls_pk_context *pk,
/*********************************************************************** /***********************************************************************
* *
* Unsorted (yet!) from this point on until the next section header * Low-level ECC parsing: optional support for SpecifiedECDomain
*
* There are two functions here that are used by the rest of the code:
* - pk_ecc_tag_may_be_speficied_ec_domain()
* - pk_ecc_group_id_from_specified()
*
* All the other functions are internal to this section.
*
* The two "public" functions have a dummy variant provided
* in configs without MBEDTLS_PK_PARSE_EC_EXTENDED. This acts as an
* abstraction layer for this macro, which should not appear outside
* this section.
* *
**********************************************************************/ **********************************************************************/
#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) #if !defined(MBEDTLS_PK_PARSE_EC_EXTENDED)
/* See the "real" version for documentation */
static int pk_ecc_tag_may_be_specified_ec_domain(int tag)
{
(void) tag;
return 0;
}
/* See the "real" version for documentation */
static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params,
mbedtls_ecp_group_id *grp_id)
{
(void) params;
(void) grp_id;
return MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE;
}
#else /* MBEDTLS_PK_PARSE_EC_EXTENDED */
/*
* Tell if the passed tag might be the start of SpecifiedECDomain
* (that is, a sequence).
*/
static int pk_ecc_tag_may_be_specified_ec_domain(int tag)
{
return tag == (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
}
/* /*
* Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it. * Parse a SpecifiedECDomain (SEC 1 C.2) and (mostly) fill the group with it.
* WARNING: the resulting group should only be used with * WARNING: the resulting group should only be used with
* pk_group_id_from_specified(), since its base point may not be set correctly * pk_ecc_group_id_from_specified(), since its base point may not be set correctly
* if it was encoded compressed. * if it was encoded compressed.
* *
* SpecifiedECDomain ::= SEQUENCE { * SpecifiedECDomain ::= SEQUENCE {
@ -562,8 +598,8 @@ cleanup:
/* /*
* Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID * Parse a SpecifiedECDomain (SEC 1 C.2) and find the associated group ID
*/ */
static int pk_group_id_from_specified(const mbedtls_asn1_buf *params, static int pk_ecc_group_id_from_specified(const mbedtls_asn1_buf *params,
mbedtls_ecp_group_id *grp_id) mbedtls_ecp_group_id *grp_id)
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ecp_group grp; mbedtls_ecp_group grp;
@ -578,7 +614,7 @@ static int pk_group_id_from_specified(const mbedtls_asn1_buf *params,
cleanup: cleanup:
/* The API respecting lifecycle for mbedtls_ecp_group struct is /* The API respecting lifecycle for mbedtls_ecp_group struct is
* _init(), _load() and _free(). In pk_group_id_from_specified() the * _init(), _load() and _free(). In pk_ecc_group_id_from_specified() the
* temporary grp breaks that flow and it's members are populated * temporary grp breaks that flow and it's members are populated
* by pk_group_id_from_group(). As such mbedtls_ecp_group_free() * by pk_group_id_from_group(). As such mbedtls_ecp_group_free()
* which is assuming a group populated by _setup() may not clean-up * which is assuming a group populated by _setup() may not clean-up
@ -594,6 +630,11 @@ cleanup:
} }
#endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */ #endif /* MBEDTLS_PK_PARSE_EC_EXTENDED */
/***********************************************************************
*
* Unsorted (yet!) from this point on until the next section header
*
**********************************************************************/
/* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf /* Minimally parse an ECParameters buffer to and mbedtls_asn1_buf
* *
@ -613,13 +654,10 @@ static int pk_get_ecparams(unsigned char **p, const unsigned char *end,
MBEDTLS_ERR_ASN1_OUT_OF_DATA); MBEDTLS_ERR_ASN1_OUT_OF_DATA);
} }
/* Tag may be either OID or SEQUENCE */ /* Acceptable tags: OID for namedCurve, or specifiedECDomain */
params->tag = **p; params->tag = **p;
if (params->tag != MBEDTLS_ASN1_OID if (params->tag != MBEDTLS_ASN1_OID &&
#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) !pk_ecc_tag_may_be_specified_ec_domain(params->tag)) {
&& params->tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)
#endif
) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT, return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_KEY_INVALID_FORMAT,
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); MBEDTLS_ERR_ASN1_UNEXPECTED_TAG);
} }
@ -657,13 +695,10 @@ static int pk_use_ecparams(const mbedtls_asn1_buf *params, mbedtls_pk_context *p
return MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE; return MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE;
} }
} else { } else {
#if defined(MBEDTLS_PK_PARSE_EC_EXTENDED) ret = pk_ecc_group_id_from_specified(params, &grp_id);
if ((ret = pk_group_id_from_specified(params, &grp_id)) != 0) { if (ret != 0) {
return ret; return ret;
} }
#else
return MBEDTLS_ERR_PK_KEY_INVALID_FORMAT;
#endif
} }
return pk_ecc_set_group(pk, grp_id); return pk_ecc_set_group(pk, grp_id);