Skip to content

Commit 10df7b4

Browse files
karel-mkarel-m
committed
ASN.1 changes needed for ECC enhancements
1 parent 1712c0e commit 10df7b4

File tree

5 files changed

+121
-179
lines changed

5 files changed

+121
-179
lines changed

src/headers/tomcrypt_pk.h

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -489,6 +489,10 @@ typedef struct ltc_asn1_list_ {
489489
unsigned long size;
490490
/** The used flag, this is used by the CHOICE ASN.1 type to indicate which choice was made */
491491
int used;
492+
/** Flag used to indicate optional items in ASN.1 sequences */
493+
int optional;
494+
/** Flag used to indicate context specific tags on ASN.1 sequence items */
495+
unsigned char tag;
492496
/** prev/next entry in the list */
493497
struct ltc_asn1_list_ *prev, *next, *child, *parent;
494498
} ltc_asn1_list;
@@ -501,6 +505,8 @@ typedef struct ltc_asn1_list_ {
501505
LTC_MACRO_list[LTC_MACRO_temp].data = (void*)(Data); \
502506
LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \
503507
LTC_MACRO_list[LTC_MACRO_temp].used = 0; \
508+
LTC_MACRO_list[LTC_MACRO_temp].tag = 0; \
509+
LTC_MACRO_list[LTC_MACRO_temp].optional = 0; \
504510
} while (0)
505511

506512
/* SEQUENCE */
@@ -516,6 +522,8 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
516522

517523
int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
518524
unsigned long *outlen);
525+
int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen,
526+
unsigned long *outlen, unsigned long *payloadlen);
519527

520528
/* SUBJECT PUBLIC KEY INFO */
521529
int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen,
@@ -526,6 +534,11 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
526534
unsigned int algorithm, void* public_key, unsigned long* public_key_len,
527535
unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len);
528536

537+
int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long inlen,
538+
unsigned int algorithm, void* public_key, unsigned long* public_key_len,
539+
unsigned long parameters_type, void* parameters, unsigned long parameters_len,
540+
unsigned long *parameters_outsize);
541+
529542
/* SET */
530543
#define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 0)
531544
#define der_length_set der_length_sequence

src/pk/asn1/der/sequence/der_decode_sequence_ex.c

Lines changed: 31 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -96,10 +96,25 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
9696
break;
9797
}
9898

99+
/* handle context specific tags - just skip the tag + len bytes */
100+
z = 0;
101+
if (list[i].tag > 0 && list[i].tag == in[x + z++]) {
102+
if (in[x+z] & 0x80) {
103+
y = in[x + z++] & 0x7F;
104+
if (y == 0 || y > 2) { return CRYPT_INVALID_PACKET; }
105+
z += y;
106+
} else {
107+
z++;
108+
}
109+
x += z;
110+
inlen -= z;
111+
}
112+
99113
switch (type) {
100114
case LTC_ASN1_BOOLEAN:
101115
z = inlen;
102116
if ((err = der_decode_boolean(in + x, z, ((int *)data))) != CRYPT_OK) {
117+
if (!ordered || list[i].optional) { continue; }
103118
goto LBL_ERR;
104119
}
105120
if ((err = der_length_boolean(&z)) != CRYPT_OK) {
@@ -110,7 +125,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
110125
case LTC_ASN1_INTEGER:
111126
z = inlen;
112127
if ((err = der_decode_integer(in + x, z, data)) != CRYPT_OK) {
113-
if (!ordered) { continue; }
128+
if (!ordered || list[i].optional) { continue; }
114129
goto LBL_ERR;
115130
}
116131
if ((err = der_length_integer(data, &z)) != CRYPT_OK) {
@@ -121,7 +136,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
121136
case LTC_ASN1_SHORT_INTEGER:
122137
z = inlen;
123138
if ((err = der_decode_short_integer(in + x, z, data)) != CRYPT_OK) {
124-
if (!ordered) { continue; }
139+
if (!ordered || list[i].optional) { continue; }
125140
goto LBL_ERR;
126141
}
127142
if ((err = der_length_short_integer(((unsigned long*)data)[0], &z)) != CRYPT_OK) {
@@ -133,7 +148,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
133148
case LTC_ASN1_BIT_STRING:
134149
z = inlen;
135150
if ((err = der_decode_bit_string(in + x, z, data, &size)) != CRYPT_OK) {
136-
if (!ordered) { continue; }
151+
if (!ordered || list[i].optional) { continue; }
137152
goto LBL_ERR;
138153
}
139154
list[i].size = size;
@@ -145,7 +160,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
145160
case LTC_ASN1_RAW_BIT_STRING:
146161
z = inlen;
147162
if ((err = der_decode_raw_bit_string(in + x, z, data, &size)) != CRYPT_OK) {
148-
if (!ordered) { continue; }
163+
if (!ordered || list[i].optional) { continue; }
149164
goto LBL_ERR;
150165
}
151166
list[i].size = size;
@@ -157,7 +172,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
157172
case LTC_ASN1_OCTET_STRING:
158173
z = inlen;
159174
if ((err = der_decode_octet_string(in + x, z, data, &size)) != CRYPT_OK) {
160-
if (!ordered) { continue; }
175+
if (!ordered || list[i].optional) { continue; }
161176
goto LBL_ERR;
162177
}
163178
list[i].size = size;
@@ -168,7 +183,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
168183

169184
case LTC_ASN1_NULL:
170185
if (inlen < 2 || in[x] != 0x05 || in[x+1] != 0x00) {
171-
if (!ordered) { continue; }
186+
if (!ordered || list[i].optional) { continue; }
172187
err = CRYPT_INVALID_PACKET;
173188
goto LBL_ERR;
174189
}
@@ -178,7 +193,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
178193
case LTC_ASN1_OBJECT_IDENTIFIER:
179194
z = inlen;
180195
if ((err = der_decode_object_identifier(in + x, z, data, &size)) != CRYPT_OK) {
181-
if (!ordered) { continue; }
196+
if (!ordered || list[i].optional) { continue; }
182197
goto LBL_ERR;
183198
}
184199
list[i].size = size;
@@ -190,7 +205,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
190205
case LTC_ASN1_TELETEX_STRING:
191206
z = inlen;
192207
if ((err = der_decode_teletex_string(in + x, z, data, &size)) != CRYPT_OK) {
193-
if (!ordered) { continue; }
208+
if (!ordered || list[i].optional) { continue; }
194209
goto LBL_ERR;
195210
}
196211
list[i].size = size;
@@ -202,7 +217,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
202217
case LTC_ASN1_IA5_STRING:
203218
z = inlen;
204219
if ((err = der_decode_ia5_string(in + x, z, data, &size)) != CRYPT_OK) {
205-
if (!ordered) { continue; }
220+
if (!ordered || list[i].optional) { continue; }
206221
goto LBL_ERR;
207222
}
208223
list[i].size = size;
@@ -215,7 +230,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
215230
case LTC_ASN1_PRINTABLE_STRING:
216231
z = inlen;
217232
if ((err = der_decode_printable_string(in + x, z, data, &size)) != CRYPT_OK) {
218-
if (!ordered) { continue; }
233+
if (!ordered || list[i].optional) { continue; }
219234
goto LBL_ERR;
220235
}
221236
list[i].size = size;
@@ -227,7 +242,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
227242
case LTC_ASN1_UTF8_STRING:
228243
z = inlen;
229244
if ((err = der_decode_utf8_string(in + x, z, data, &size)) != CRYPT_OK) {
230-
if (!ordered) { continue; }
245+
if (!ordered || list[i].optional) { continue; }
231246
goto LBL_ERR;
232247
}
233248
list[i].size = size;
@@ -239,7 +254,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
239254
case LTC_ASN1_UTCTIME:
240255
z = inlen;
241256
if ((err = der_decode_utctime(in + x, &z, data)) != CRYPT_OK) {
242-
if (!ordered) { continue; }
257+
if (!ordered || list[i].optional) { continue; }
243258
goto LBL_ERR;
244259
}
245260
break;
@@ -255,7 +270,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
255270
case LTC_ASN1_SET:
256271
z = inlen;
257272
if ((err = der_decode_set(in + x, z, data, size)) != CRYPT_OK) {
258-
if (!ordered) { continue; }
273+
if (!ordered || list[i].optional) { continue; }
259274
goto LBL_ERR;
260275
}
261276
if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) {
@@ -273,7 +288,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
273288

274289
z = inlen;
275290
if ((err = der_decode_sequence(in + x, z, data, size)) != CRYPT_OK) {
276-
if (!ordered) { continue; }
291+
if (!ordered || list[i].optional) { continue; }
277292
goto LBL_ERR;
278293
}
279294
if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) {
@@ -285,7 +300,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
285300
case LTC_ASN1_CHOICE:
286301
z = inlen;
287302
if ((err = der_decode_choice(in + x, &z, data, size)) != CRYPT_OK) {
288-
if (!ordered) { continue; }
303+
if (!ordered || list[i].optional) { continue; }
289304
goto LBL_ERR;
290305
}
291306
break;
@@ -306,7 +321,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
306321
}
307322

308323
for (i = 0; i < (int)outlen; i++) {
309-
if (list[i].used == 0) {
324+
if (list[i].used == 0 && list[i].optional == 0) {
310325
err = CRYPT_INVALID_PACKET;
311326
goto LBL_ERR;
312327
}

src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,15 @@
4040
int der_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen,
4141
unsigned int algorithm, void* public_key, unsigned long* public_key_len,
4242
unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len)
43+
{
44+
return der_decode_subject_public_key_info_ex(in, inlen, algorithm, public_key, public_key_len,
45+
parameters_type, parameters, parameters_len, NULL);
46+
}
47+
48+
int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long inlen,
49+
unsigned int algorithm, void* public_key, unsigned long* public_key_len,
50+
unsigned long parameters_type, void* parameters, unsigned long parameters_len,
51+
unsigned long *parameters_outsize)
4352
{
4453
int err;
4554
unsigned long len;
@@ -80,6 +89,8 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
8089
goto LBL_ERR;
8190
}
8291

92+
if (parameters_outsize) *parameters_outsize = alg_id[1].size;
93+
8394
if ((alg_id[0].size != oid.OIDlen) ||
8495
XMEMCMP(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) {
8596
/* OID mismatch */

0 commit comments

Comments
 (0)