mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 04:05:41 +01:00
Rework algorithmIdentifier parsing
This commit is contained in:
parent
f4a1427ae7
commit
0a64e8f1fd
@ -160,6 +160,40 @@ static int x509_get_serial( unsigned char **p,
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Get an algorithm identifier and its parameters
|
||||||
|
*
|
||||||
|
* AlgorithmIdentifier ::= SEQUENCE {
|
||||||
|
* algorithm OBJECT IDENTIFIER,
|
||||||
|
* parameters ANY DEFINED BY algorithm OPTIONAL }
|
||||||
|
*/
|
||||||
|
static int x509_get_algid( unsigned char **p,
|
||||||
|
const unsigned char *end,
|
||||||
|
pk_type_t *pk_alg, x509_buf *params )
|
||||||
|
{
|
||||||
|
int ret;
|
||||||
|
x509_buf alg_oid;
|
||||||
|
|
||||||
|
memset( params, 0, sizeof(asn1_buf) );
|
||||||
|
|
||||||
|
if( ( ret = asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
|
||||||
|
return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
|
||||||
|
|
||||||
|
if( oid_get_pk_alg( &alg_oid, pk_alg ) != 0 )
|
||||||
|
return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* No parameters with RSA (only for EC)
|
||||||
|
*/
|
||||||
|
if( *pk_alg == POLARSSL_PK_RSA &&
|
||||||
|
( ( params->tag != ASN1_NULL && params->tag != 0 ) ||
|
||||||
|
params->len != 0 ) )
|
||||||
|
{
|
||||||
|
return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
|
||||||
|
}
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* AlgorithmIdentifier ::= SEQUENCE {
|
* AlgorithmIdentifier ::= SEQUENCE {
|
||||||
* algorithm OBJECT IDENTIFIER,
|
* algorithm OBJECT IDENTIFIER,
|
||||||
@ -201,6 +235,23 @@ static int x509_get_alg( unsigned char **p,
|
|||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Get an EC group id from an ECParameters buffer
|
||||||
|
*
|
||||||
|
* ECParameters ::= CHOICE {
|
||||||
|
* namedCurve OBJECT IDENTIFIER
|
||||||
|
* -- implicitCurve NULL
|
||||||
|
* -- specifiedCurve SpecifiedECDomain
|
||||||
|
* }
|
||||||
|
*/
|
||||||
|
static int x509_ecparams_get_grp_id( const x509_buf *params,
|
||||||
|
ecp_group_id *grp_id )
|
||||||
|
{
|
||||||
|
if( oid_get_ec_grp( params, grp_id ) != 0 )
|
||||||
|
return( POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE );
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
/* Get an EC group id from an ECParameters buffer
|
/* Get an EC group id from an ECParameters buffer
|
||||||
*
|
*
|
||||||
* ECParameters ::= CHOICE {
|
* ECParameters ::= CHOICE {
|
||||||
@ -227,10 +278,7 @@ static int x509_get_ecparams( unsigned char **p, const unsigned char *end,
|
|||||||
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
|
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
|
||||||
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
||||||
|
|
||||||
if( ( ret = oid_get_ec_grp( &curve, grp_id ) ) != 0 )
|
return( x509_ecparams_get_grp_id( &curve, grp_id ) );
|
||||||
return( POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE );
|
|
||||||
|
|
||||||
return( 0 );
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -2750,9 +2798,8 @@ static int x509parse_key_pkcs8_unencrypted_der_ec(
|
|||||||
{
|
{
|
||||||
int ret, version;
|
int ret, version;
|
||||||
size_t len;
|
size_t len;
|
||||||
x509_buf pk_alg_oid;
|
x509_buf alg_params;
|
||||||
ecp_group_id grp_id;
|
ecp_group_id grp_id;
|
||||||
const unsigned char *params_end;
|
|
||||||
unsigned char *p = (unsigned char *) key;
|
unsigned char *p = (unsigned char *) key;
|
||||||
unsigned char *end = p + keylen;
|
unsigned char *end = p + keylen;
|
||||||
pk_type_t pk_alg = POLARSSL_PK_NONE;
|
pk_type_t pk_alg = POLARSSL_PK_NONE;
|
||||||
@ -2787,19 +2834,16 @@ static int x509parse_key_pkcs8_unencrypted_der_ec(
|
|||||||
if( version != 0 )
|
if( version != 0 )
|
||||||
return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
|
return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
|
||||||
|
|
||||||
if( ( ret = x509_get_alg( &p, end, &pk_alg_oid, ¶ms_end ) ) != 0 )
|
if( ( ret = x509_get_algid( &p, end, &pk_alg, &alg_params ) ) != 0 )
|
||||||
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
|
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
|
||||||
|
|
||||||
if( oid_get_pk_alg( &pk_alg_oid, &pk_alg ) != 0 )
|
|
||||||
return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
|
|
||||||
|
|
||||||
if( pk_alg != POLARSSL_PK_ECKEY && pk_alg != POLARSSL_PK_ECKEY_DH )
|
if( pk_alg != POLARSSL_PK_ECKEY && pk_alg != POLARSSL_PK_ECKEY_DH )
|
||||||
return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
|
return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
|
||||||
|
|
||||||
if( pk_alg == POLARSSL_PK_ECKEY_DH )
|
if( pk_alg == POLARSSL_PK_ECKEY_DH )
|
||||||
eck->alg = POLARSSL_ECP_KEY_ALG_ECDH;
|
eck->alg = POLARSSL_ECP_KEY_ALG_ECDH;
|
||||||
|
|
||||||
if( ( ret = x509_get_ecparams( &p, params_end, &grp_id ) ) != 0 )
|
if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
|
||||||
{
|
{
|
||||||
ecp_keypair_free( eck );
|
ecp_keypair_free( eck );
|
||||||
return( ret );
|
return( ret );
|
||||||
@ -2971,11 +3015,10 @@ static int x509parse_public_key_ec_der( ecp_keypair *key,
|
|||||||
{
|
{
|
||||||
int ret;
|
int ret;
|
||||||
ecp_group_id grp_id;
|
ecp_group_id grp_id;
|
||||||
x509_buf alg_oid;
|
x509_buf alg_params;
|
||||||
pk_type_t alg = POLARSSL_PK_NONE;
|
pk_type_t alg = POLARSSL_PK_NONE;
|
||||||
unsigned char *p = (unsigned char *) buf;
|
unsigned char *p = (unsigned char *) buf;
|
||||||
unsigned char *end = p + len;
|
unsigned char *end = p + len;
|
||||||
const unsigned char *params_end;
|
|
||||||
/*
|
/*
|
||||||
* SubjectPublicKeyInfo ::= SEQUENCE {
|
* SubjectPublicKeyInfo ::= SEQUENCE {
|
||||||
* algorithm AlgorithmIdentifier,
|
* algorithm AlgorithmIdentifier,
|
||||||
@ -2990,19 +3033,16 @@ static int x509parse_public_key_ec_der( ecp_keypair *key,
|
|||||||
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
|
return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509_get_alg( &p, end, &alg_oid, ¶ms_end ) ) != 0 )
|
if( ( ret = x509_get_algid( &p, end, &alg, &alg_params ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
if( oid_get_pk_alg( &alg_oid, &alg ) != 0 )
|
|
||||||
return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
|
|
||||||
|
|
||||||
if( alg != POLARSSL_PK_ECKEY && alg != POLARSSL_PK_ECKEY_DH )
|
if( alg != POLARSSL_PK_ECKEY && alg != POLARSSL_PK_ECKEY_DH )
|
||||||
return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
|
return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
|
||||||
|
|
||||||
if( alg == POLARSSL_PK_ECKEY_DH )
|
if( alg == POLARSSL_PK_ECKEY_DH )
|
||||||
key->alg = POLARSSL_ECP_KEY_ALG_ECDH;
|
key->alg = POLARSSL_ECP_KEY_ALG_ECDH;
|
||||||
|
|
||||||
if( ( ret = x509_get_ecparams( &p, params_end, &grp_id ) ) != 0 )
|
if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
if( ( ret = ecp_use_known_dp( &key->grp, grp_id ) ) != 0 )
|
if( ( ret = ecp_use_known_dp( &key->grp, grp_id ) ) != 0 )
|
||||||
|
Loading…
Reference in New Issue
Block a user