Resolve PR review comments

1) use `pk_get_rsapubkey` instead of reimplementing the parsing
2) rename the key files, according to their type and key size
3) comment in the data_files/Makefile hoe the keys were generated
4) Fix issue of failure parsing pkcs#1 DER format parsing, missed in previous commit
This commit is contained in:
Ron Eldor 2017-10-16 12:40:27 +03:00
parent d0c56de934
commit b006518289
8 changed files with 43 additions and 47 deletions

View file

@ -649,14 +649,6 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
p = (unsigned char *) key;
end = p + keylen;
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
}
end = p + len;
if( mode == 0 )
{
/*
@ -675,6 +667,14 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
* otherPrimeInfos OtherPrimeInfos OPTIONAL
* }
*/
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
}
end = p + len;
if( ( ret = mbedtls_asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
{
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
@ -715,36 +715,11 @@ static int pk_parse_key_pkcs1_der( mbedtls_rsa_context *rsa,
}
else /* public key*/
{
/*
* This function parses the RSAPublicKey (PKCS#1)
*
* RSAPublicKey ::= SEQUENCE {
* modulus INTEGER, -- n
* publicExponent INTEGER -- e
* }
*/
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
( ret = mbedtls_asn1_get_mpi( &p, end, &rsa->E ) ) != 0 )
if( ( ret = pk_get_rsapubkey( &p, end, rsa ) ) != 0 )
{
mbedtls_rsa_free( rsa );
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret );
return( ret );
}
rsa->len = mbedtls_mpi_size( &rsa->N );
if( p != end )
{
mbedtls_rsa_free( rsa );
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
if( ( ret = mbedtls_rsa_check_pubkey( rsa ) ) != 0 )
{
mbedtls_rsa_free( rsa );
return( ret );
}
}
return( 0 );
}
@ -1287,6 +1262,7 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
#if defined(MBEDTLS_PEM_PARSE_C)
size_t len;
mbedtls_pem_context pem;
const mbedtls_pk_info_t *pk_info;
mbedtls_pem_init( &pem );
#if defined(MBEDTLS_RSA_C)
@ -1301,7 +1277,6 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
if( ret == 0 )
{
const mbedtls_pk_info_t *pk_info;
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
@ -1319,6 +1294,21 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
mbedtls_pem_free( &pem );
return( ret );
}
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 )
return( ret );
ret = pk_parse_key_pkcs1_der( mbedtls_pk_rsa( *ctx ),
key, keylen, 1 );
if ( ret == 0 )
{
mbedtls_pem_free( &pem );
return( ret );
}
mbedtls_pk_free( ctx );
#endif /* MBEDTLS_RSA_C */
/* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */

View file

@ -64,7 +64,13 @@ server2-sha256.crt: server2-rsa.csr
$(OPENSSL) x509 -req -extfile $(cli_crt_extensions_file) -extensions cli-rsa -CA test-ca-sha256.crt -CAkey $(test_ca_key_file_rsa) -passin "pass:$(test_ca_pwd_rsa)" -set_serial 4 -days 3653 -sha256 -in server2-rsa.csr -out $@
all_final += server2-sha256.crt
rsa_pkcs1_2048_public.pem: server8.key
$(OPENSSL) rsa -in server8.key -outform PEM -RSAPublicKey_out -out $@
all_final += rsa_pkcs8_2048_public.pem
rsa_pkcs1_2048_public.der: rsa_pkcs1_2048_public.pem
$(OPENSSL) -RSAPublicKey_in -in rsa_pkcs1_2048_public.pem -outform DER -RSAPublicKey_out -out $@
all_final += rsa_pkcs8_2048_public.der
################################################################
#### Meta targets

Binary file not shown.

View file

@ -1,8 +0,0 @@
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA2UFMidUiQFATstnnSR6Q97QThcnPzkATdIM5LQ1HMLLbzmTrLRa1
mjneNIh9jE+ZpPDEXVcUAwrvgCOb/MQeqetYNxU8FHU1Baw76ZCSe91GPK6xSdIW
ovsrsPCKnu8qQBYGTV/OQ4Y6KvVL5NvcLsQfxGgOYtFuD6xn6oE25SwScqWD5y4Q
zB3Rm7u23xBBcLr+zb4fVjBOGS1vIVNnxj7aDYJTB9ZO2i+5MUch0BPHhsd3gf//
u5ECyItnc+B50apbc/7wziwX1ABMvGVIWbvEMG68Vgst2kX91ojiDPZJej/c2xLR
gpzage6SGEIQiCDQVIudSMnzZoltyMUmNwIDAQAB
-----END RSA PUBLIC KEY-----

Binary file not shown.

View file

@ -0,0 +1,8 @@
-----BEGIN RSA PUBLIC KEY-----
MIIBCgKCAQEA2xx/LgvNv87RdRCgorjOfariBeB62ERjj7W9wLAZuTe4GUoO8V10
gGdGhwbeW38GA73BjV4HFdRb9Nzlzz35wREsrmq5ir0dZ2YX6k692xWagofk8HjD
o4WHsP2fqZlf4zPszOoLtWFe8Ul+P6Mt6gEMzEKadpvE0DfTsRcBYQEWWX4cF8NT
/dFyy0xgFdp94uqtUO+O4ovUandV1nDZa7vx7jkEOKO94tHgZmvinEeZ6Sjmtvwu
ymdDhOjVg9admGsBPoHcPHrK+fOc99YoGyd4fMPQ1WOngTSJrSVqvfLq7fpX/OU0
xsEPcS3SCBAbrURB4P55oGOTirFd6bDubwIDAQAB
-----END RSA PUBLIC KEY-----

View file

@ -108,15 +108,15 @@ pk_parse_public_keyfile_rsa:"data_files/format_gen.pub":0
Parse Public RSA Key #1 (PKCS#8 wrapped, DER)
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C
pk_parse_public_keyfile_rsa:"data_files/format_gen_der.pub":0
pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs8_1024_public.der":0
Parse Public RSA Key #3 (PKCS#1 wrapped)
depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C
pk_parse_public_keyfile_rsa:"data_files/public_rsa_key.pem":0
pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs1_2048_public.pem":0
Parse Public RSA Key #4 (PKCS#1 wrapped, DER)
depends_on:MBEDTLS_RSA_C:MBEDTLS_PEM_PARSE_C
pk_parse_public_keyfile_rsa:"data_files/public_rsa_key.der":0
pk_parse_public_keyfile_rsa:"data_files/rsa_pkcs1_2048_public.der":0
Parse Public EC Key #1 (RFC 5480, DER)
depends_on:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP192R1_ENABLED