Factor more code into x509_get_pubkey()

2024-11-22 11:55:42 +01:00 · 2013-07-09 12:13:24 +02:00 · 2013-07-09 12:13:24 +02:00 · 20c12f6b5f
commit 20c12f6b5f
parent 788db112a5
1 changed files with 23 additions and 62 deletions
--- a/library/x509parse.c
+++ b/library/x509parse.c
@ -545,7 +545,7 @@ static int x509_get_dates( unsigned char **p,
 */
 static int x509_get_pubkey( unsigned char **p,
                            const unsigned char *end,
-                            mpi *N, mpi *E )
+                            rsa_context *rsa )
 {
    int ret;
    size_t len;
@ -553,6 +553,14 @@ static int x509_get_pubkey( unsigned char **p,
    unsigned char *end2;
    pk_type_t pk_alg = POLARSSL_PK_NONE;

+    if( ( ret = asn1_get_tag( p, end, &len,
+                    ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
+    {
+        return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
+    }
+
+    end = *p + len;
+
    if( ( ret = asn1_get_alg_null( p, end, &pk_alg_oid ) ) != 0 )
        return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );

@ -593,14 +601,19 @@ static int x509_get_pubkey( unsigned char **p,
        return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
                POLARSSL_ERR_ASN1_LENGTH_MISMATCH );

-    if( ( ret = asn1_get_mpi( p, end2, N ) ) != 0 ||
-        ( ret = asn1_get_mpi( p, end2, E ) ) != 0 )
+    if( ( ret = asn1_get_mpi( p, end2, &rsa->N ) ) != 0 ||
+        ( ret = asn1_get_mpi( p, end2, &rsa->E ) ) != 0 )
        return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );

    if( *p != end )
        return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
                POLARSSL_ERR_ASN1_LENGTH_MISMATCH );

+    if( ( ret = rsa_check_pubkey( rsa ) ) != 0 )
+        return( ret );
+
+    rsa->len = mpi_size( &rsa->N );
+
    return( 0 );
 }

@ -1366,32 +1379,15 @@ static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
    crt->subject_raw.len = p - crt->subject_raw.p;

    /*
-     * SubjectPublicKeyInfo  ::=  SEQUENCE
-     *      algorithm            AlgorithmIdentifier,
-     *      subjectPublicKey     BIT STRING  }
+     * SubjectPublicKeyInfo
     */
-    if( ( ret = asn1_get_tag( &p, end, &len,
-            ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
-    {
-        x509_free( crt );
-        return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
-    }
-
-    if( ( ret = x509_get_pubkey( &p, p + len,
-                                 &crt->rsa.N, &crt->rsa.E ) ) != 0 )
+    if( ( ret = x509_get_pubkey( &p, end,
+                                 &crt->rsa ) ) != 0 )
    {
        x509_free( crt );
        return( ret );
    }

-    if( ( ret = rsa_check_pubkey( &crt->rsa ) ) != 0 )
-    {
-        x509_free( crt );
-        return( ret );
-    }
-
-    crt->rsa.len = mpi_size( &crt->rsa.N );
-
    /*
     *  issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
     *                       -- If present, version shall be v2 or v3
@ -1440,6 +1436,9 @@ static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
    end = crt_end;

    /*
+     *  }
+     *  -- end of TBSCertificate
+     *
     *  signatureAlgorithm   AlgorithmIdentifier,
     *  signatureValue       BIT STRING
     */
@ -2613,43 +2612,7 @@ int x509parse_public_key_rsa( rsa_context *rsa,
 #endif
    end = p + keylen;

-    /*
-     *  PublicKeyInfo ::= SEQUENCE {
-     *    algorithm       AlgorithmIdentifier,
-     *    PublicKey       BIT STRING
-     *  }
-     *
-     *  AlgorithmIdentifier ::= SEQUENCE {
-     *    algorithm       OBJECT IDENTIFIER,
-     *    parameters      ANY DEFINED BY algorithm OPTIONAL
-     *  }
-     *
-     *  RSAPublicKey ::= SEQUENCE {
-     *      modulus           INTEGER,  -- n
-     *      publicExponent    INTEGER   -- e
-     *  }
-     */
-
-    if( ( ret = asn1_get_tag( &p, end, &len,
-                    ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
-    {
-#if defined(POLARSSL_PEM_C)
-        pem_free( &pem );
-#endif
-        rsa_free( rsa );
-        return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
-    }
-
-    if( ( ret = x509_get_pubkey( &p, end, &rsa->N, &rsa->E ) ) != 0 )
-    {
-#if defined(POLARSSL_PEM_C)
-        pem_free( &pem );
-#endif
-        rsa_free( rsa );
-        return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
-    }
-
-    if( ( ret = rsa_check_pubkey( rsa ) ) != 0 )
+    if( ( ret = x509_get_pubkey( &p, end, rsa ) ) != 0 )
    {
 #if defined(POLARSSL_PEM_C)
        pem_free( &pem );
@ -2658,8 +2621,6 @@ int x509parse_public_key_rsa( rsa_context *rsa,
        return( ret );
    }

-    rsa->len = mpi_size( &rsa->N );
-
 #if defined(POLARSSL_PEM_C)
    pem_free( &pem );
 #endif