Skip to content

Commit 1162ac9

Browse files
karel-mkarel-m
committed
ASN.1 changes related to ECC enhancements
1 parent 856a405 commit 1162ac9

18 files changed

+803
-193
lines changed

libtomcrypt_VS2008.vcproj

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2130,6 +2130,14 @@
21302130
RelativePath="src\pk\ecc\ecc_decrypt_key.c"
21312131
>
21322132
</File>
2133+
<File
2134+
RelativePath="src\pk\ecc\ecc_dp_alloc_bn.c"
2135+
>
2136+
</File>
2137+
<File
2138+
RelativePath="src\pk\ecc\ecc_dp_clear.c"
2139+
>
2140+
</File>
21332141
<File
21342142
RelativePath="src\pk\ecc\ecc_dp_find_by_name.c"
21352143
>
@@ -2150,6 +2158,10 @@
21502158
RelativePath="src\pk\ecc\ecc_export.c"
21512159
>
21522160
</File>
2161+
<File
2162+
RelativePath="src\pk\ecc\ecc_export_full.c"
2163+
>
2164+
</File>
21532165
<File
21542166
RelativePath="src\pk\ecc\ecc_export_raw.c"
21552167
>
@@ -2166,6 +2178,14 @@
21662178
RelativePath="src\pk\ecc\ecc_import.c"
21672179
>
21682180
</File>
2181+
<File
2182+
RelativePath="src\pk\ecc\ecc_import_full.c"
2183+
>
2184+
</File>
2185+
<File
2186+
RelativePath="src\pk\ecc\ecc_import_pkcs8.c"
2187+
>
2188+
</File>
21692189
<File
21702190
RelativePath="src\pk\ecc\ecc_import_raw.c"
21712191
>

makefile.mingw

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -165,9 +165,11 @@ src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/p
165165
src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
166166
src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
167167
src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
168-
src/pk/ecc/ecc_dp_find_by_name.o src/pk/ecc/ecc_dp_find_by_oid.o src/pk/ecc/ecc_dp_find_by_params.o \
169-
src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_raw.o src/pk/ecc/ecc_free.o \
170-
src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_raw.o src/pk/ecc/ecc_make_key.o \
168+
src/pk/ecc/ecc_dp_alloc_bn.o src/pk/ecc/ecc_dp_clear.o src/pk/ecc/ecc_dp_find_by_name.o \
169+
src/pk/ecc/ecc_dp_find_by_oid.o src/pk/ecc/ecc_dp_find_by_params.o src/pk/ecc/ecc_encrypt_key.o \
170+
src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_full.o src/pk/ecc/ecc_export_raw.o src/pk/ecc/ecc_free.o \
171+
src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_full.o \
172+
src/pk/ecc/ecc_import_pkcs8.o src/pk/ecc/ecc_import_raw.o src/pk/ecc/ecc_make_key.o \
171173
src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o \
172174
src/pk/ecc/ecc_verify_hash.o src/pk/ecc/ecc_verify_key.o src/pk/ecc/ltc_ecc_export_point.o \
173175
src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \

makefile.msvc

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -158,9 +158,11 @@ src/pk/dsa/dsa_encrypt_key.obj src/pk/dsa/dsa_export.obj src/pk/dsa/dsa_free.obj
158158
src/pk/dsa/dsa_import_radix.obj src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_shared_secret.obj \
159159
src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj \
160160
src/pk/ecc/ecc_ansi_x963_export.obj src/pk/ecc/ecc_ansi_x963_import.obj src/pk/ecc/ecc_decrypt_key.obj \
161-
src/pk/ecc/ecc_dp_find_by_name.obj src/pk/ecc/ecc_dp_find_by_oid.obj src/pk/ecc/ecc_dp_find_by_params.obj \
162-
src/pk/ecc/ecc_encrypt_key.obj src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_export_raw.obj src/pk/ecc/ecc_free.obj \
163-
src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj src/pk/ecc/ecc_import_raw.obj src/pk/ecc/ecc_make_key.obj \
161+
src/pk/ecc/ecc_dp_alloc_bn.obj src/pk/ecc/ecc_dp_clear.obj src/pk/ecc/ecc_dp_find_by_name.obj \
162+
src/pk/ecc/ecc_dp_find_by_oid.obj src/pk/ecc/ecc_dp_find_by_params.obj src/pk/ecc/ecc_encrypt_key.obj \
163+
src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_export_full.obj src/pk/ecc/ecc_export_raw.obj src/pk/ecc/ecc_free.obj \
164+
src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj src/pk/ecc/ecc_import_full.obj \
165+
src/pk/ecc/ecc_import_pkcs8.obj src/pk/ecc/ecc_import_raw.obj src/pk/ecc/ecc_make_key.obj \
164166
src/pk/ecc/ecc_shared_secret.obj src/pk/ecc/ecc_sign_hash.obj src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj \
165167
src/pk/ecc/ecc_verify_hash.obj src/pk/ecc/ecc_verify_key.obj src/pk/ecc/ltc_ecc_export_point.obj \
166168
src/pk/ecc/ltc_ecc_import_point.obj src/pk/ecc/ltc_ecc_is_point.obj \

makefile.unix

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -175,9 +175,11 @@ src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/p
175175
src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
176176
src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
177177
src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
178-
src/pk/ecc/ecc_dp_find_by_name.o src/pk/ecc/ecc_dp_find_by_oid.o src/pk/ecc/ecc_dp_find_by_params.o \
179-
src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_raw.o src/pk/ecc/ecc_free.o \
180-
src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_raw.o src/pk/ecc/ecc_make_key.o \
178+
src/pk/ecc/ecc_dp_alloc_bn.o src/pk/ecc/ecc_dp_clear.o src/pk/ecc/ecc_dp_find_by_name.o \
179+
src/pk/ecc/ecc_dp_find_by_oid.o src/pk/ecc/ecc_dp_find_by_params.o src/pk/ecc/ecc_encrypt_key.o \
180+
src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_full.o src/pk/ecc/ecc_export_raw.o src/pk/ecc/ecc_free.o \
181+
src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_full.o \
182+
src/pk/ecc/ecc_import_pkcs8.o src/pk/ecc/ecc_import_raw.o src/pk/ecc/ecc_make_key.o \
181183
src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o \
182184
src/pk/ecc/ecc_verify_hash.o src/pk/ecc/ecc_verify_key.o src/pk/ecc/ltc_ecc_export_point.o \
183185
src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \

makefile_include.mk

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -281,9 +281,11 @@ src/pk/dsa/dsa_encrypt_key.o src/pk/dsa/dsa_export.o src/pk/dsa/dsa_free.o src/p
281281
src/pk/dsa/dsa_import_radix.o src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_shared_secret.o \
282282
src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o \
283283
src/pk/ecc/ecc_ansi_x963_export.o src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o \
284-
src/pk/ecc/ecc_dp_find_by_name.o src/pk/ecc/ecc_dp_find_by_oid.o src/pk/ecc/ecc_dp_find_by_params.o \
285-
src/pk/ecc/ecc_encrypt_key.o src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_raw.o src/pk/ecc/ecc_free.o \
286-
src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_raw.o src/pk/ecc/ecc_make_key.o \
284+
src/pk/ecc/ecc_dp_alloc_bn.o src/pk/ecc/ecc_dp_clear.o src/pk/ecc/ecc_dp_find_by_name.o \
285+
src/pk/ecc/ecc_dp_find_by_oid.o src/pk/ecc/ecc_dp_find_by_params.o src/pk/ecc/ecc_encrypt_key.o \
286+
src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_full.o src/pk/ecc/ecc_export_raw.o src/pk/ecc/ecc_free.o \
287+
src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_full.o \
288+
src/pk/ecc/ecc_import_pkcs8.o src/pk/ecc/ecc_import_raw.o src/pk/ecc/ecc_make_key.o \
287289
src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o \
288290
src/pk/ecc/ecc_verify_hash.o src/pk/ecc/ecc_verify_key.o src/pk/ecc/ltc_ecc_export_point.o \
289291
src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \

src/headers/tomcrypt_custom.h

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,9 @@
3333
#ifndef XMEMCMP
3434
#define XMEMCMP memcmp
3535
#endif
36+
#ifndef XMEMMOVE
37+
#define XMEMMOVE memmove
38+
#endif
3639
#ifndef XMEM_NEQ
3740
#define XMEM_NEQ mem_neq
3841
#endif

src/headers/tomcrypt_pk.h

Lines changed: 24 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,8 @@
1212
enum {
1313
PK_PUBLIC=0,
1414
PK_PRIVATE=1,
15-
PK_PUBLIC_COMPRESSED=2 /* used only when exporting public ECC key */
15+
PK_PUBLIC_COMPRESSED=2, /* used only when exporting public ECC key */
16+
PK_CURVEOID=4 /* used only when exporting public ECC key */
1617
};
1718

1819
/* Indicates standard output formats that can be read e.g. by OpenSSL or GnuTLS */
@@ -27,7 +28,9 @@ int rand_bn_range(void *N, void *limit, prng_state *prng, int wprng);
2728

2829
enum public_key_algorithms {
2930
PKA_RSA,
30-
PKA_DSA
31+
PKA_DSA,
32+
PKA_EC,
33+
EC_PRIME_FIELD
3134
};
3235

3336
typedef struct Oid {
@@ -314,6 +317,9 @@ void ecc_free(ecc_key *key);
314317
int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
315318
int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
316319
int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp);
320+
int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen, const void *pwd, unsigned long pwdlen, ecc_key *key, ltc_ecc_set_type *dp);
321+
int ecc_export_full(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
322+
int ecc_import_full(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp);
317323
int ecc_export_raw(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
318324
int ecc_import_raw(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp);
319325

@@ -354,6 +360,9 @@ int ecc_verify_key(ecc_key *key);
354360
#ifdef LTC_SOURCE
355361
/* INTERNAL ONLY - it should be later moved to src/headers/tomcrypt_internal.h */
356362

363+
int ecc_dp_alloc_bn(ltc_ecc_set_type *dp, void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor);
364+
int ecc_dp_clear(ltc_ecc_set_type *dp);
365+
357366
/* low level functions */
358367
ecc_point *ltc_ecc_new_point(void);
359368
void ltc_ecc_del_point(ecc_point *p);
@@ -531,6 +540,10 @@ typedef struct ltc_asn1_list_ {
531540
unsigned long size;
532541
/** The used flag, this is used by the CHOICE ASN.1 type to indicate which choice was made */
533542
int used;
543+
/** Flag used to indicate optional items in ASN.1 sequences */
544+
int optional;
545+
/** Flag used to indicate context specific tags on ASN.1 sequence items */
546+
unsigned char tag;
534547
/** prev/next entry in the list */
535548
struct ltc_asn1_list_ *prev, *next, *child, *parent;
536549
} ltc_asn1_list;
@@ -543,6 +556,8 @@ typedef struct ltc_asn1_list_ {
543556
LTC_MACRO_list[LTC_MACRO_temp].data = (void*)(Data); \
544557
LTC_MACRO_list[LTC_MACRO_temp].size = (Size); \
545558
LTC_MACRO_list[LTC_MACRO_temp].used = 0; \
559+
LTC_MACRO_list[LTC_MACRO_temp].tag = 0; \
560+
LTC_MACRO_list[LTC_MACRO_temp].optional = 0; \
546561
} while (0)
547562

548563
/* SEQUENCE */
@@ -558,6 +573,8 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
558573

559574
int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
560575
unsigned long *outlen);
576+
int der_length_sequence_ex(ltc_asn1_list *list, unsigned long inlen,
577+
unsigned long *outlen, unsigned long *payloadlen);
561578

562579
/* SUBJECT PUBLIC KEY INFO */
563580
int der_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen,
@@ -568,6 +585,11 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
568585
unsigned int algorithm, void* public_key, unsigned long* public_key_len,
569586
unsigned long parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len);
570587

588+
int der_decode_subject_public_key_info_ex(const unsigned char *in, unsigned long inlen,
589+
unsigned int algorithm, void* public_key, unsigned long* public_key_len,
590+
unsigned long parameters_type, void* parameters, unsigned long parameters_len,
591+
unsigned long *parameters_outsize);
592+
571593
/* SET */
572594
#define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 0)
573595
#define der_length_set der_length_sequence

src/misc/pk_get_oid.c

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,16 @@ static const oid_st dsa_oid = {
1919
6,
2020
};
2121

22+
static const oid_st ec_oid = {
23+
{ 1, 2, 840, 10045, 2, 1 },
24+
6,
25+
};
26+
27+
static const oid_st ec_primef = {
28+
{ 1, 2, 840, 10045, 1, 1 },
29+
6,
30+
};
31+
2232
/*
2333
Returns the OID of the public key algorithm.
2434
@return CRYPT_OK if valid
@@ -32,6 +42,12 @@ int pk_get_oid(int pk, oid_st *st)
3242
case PKA_DSA:
3343
XMEMCPY(st, &dsa_oid, sizeof(*st));
3444
break;
45+
case PKA_EC:
46+
XMEMCPY(st, &ec_oid, sizeof(*st));
47+
break;
48+
case EC_PRIME_FIELD:
49+
XMEMCPY(st, &ec_primef, sizeof(*st));
50+
break;
3551
default:
3652
return CRYPT_INVALID_ARG;
3753
}

src/pk/asn1/der/sequence/der_decode_sequence_ex.c

Lines changed: 31 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -94,10 +94,25 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
9494
break;
9595
}
9696

97+
/* handle context specific tags - just skip the tag + len bytes */
98+
z = 0;
99+
if (list[i].tag > 0 && list[i].tag == in[x + z++]) {
100+
if (in[x+z] & 0x80) {
101+
y = in[x + z++] & 0x7F;
102+
if (y == 0 || y > 2) { return CRYPT_INVALID_PACKET; }
103+
z += y;
104+
} else {
105+
z++;
106+
}
107+
x += z;
108+
inlen -= z;
109+
}
110+
97111
switch (type) {
98112
case LTC_ASN1_BOOLEAN:
99113
z = inlen;
100114
if ((err = der_decode_boolean(in + x, z, ((int *)data))) != CRYPT_OK) {
115+
if (!ordered || list[i].optional) { continue; }
101116
goto LBL_ERR;
102117
}
103118
if ((err = der_length_boolean(&z)) != CRYPT_OK) {
@@ -108,7 +123,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
108123
case LTC_ASN1_INTEGER:
109124
z = inlen;
110125
if ((err = der_decode_integer(in + x, z, data)) != CRYPT_OK) {
111-
if (!ordered) { continue; }
126+
if (!ordered || list[i].optional) { continue; }
112127
goto LBL_ERR;
113128
}
114129
if ((err = der_length_integer(data, &z)) != CRYPT_OK) {
@@ -119,7 +134,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
119134
case LTC_ASN1_SHORT_INTEGER:
120135
z = inlen;
121136
if ((err = der_decode_short_integer(in + x, z, data)) != CRYPT_OK) {
122-
if (!ordered) { continue; }
137+
if (!ordered || list[i].optional) { continue; }
123138
goto LBL_ERR;
124139
}
125140
if ((err = der_length_short_integer(((unsigned long*)data)[0], &z)) != CRYPT_OK) {
@@ -131,7 +146,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
131146
case LTC_ASN1_BIT_STRING:
132147
z = inlen;
133148
if ((err = der_decode_bit_string(in + x, z, data, &size)) != CRYPT_OK) {
134-
if (!ordered) { continue; }
149+
if (!ordered || list[i].optional) { continue; }
135150
goto LBL_ERR;
136151
}
137152
list[i].size = size;
@@ -143,7 +158,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
143158
case LTC_ASN1_RAW_BIT_STRING:
144159
z = inlen;
145160
if ((err = der_decode_raw_bit_string(in + x, z, data, &size)) != CRYPT_OK) {
146-
if (!ordered) { continue; }
161+
if (!ordered || list[i].optional) { continue; }
147162
goto LBL_ERR;
148163
}
149164
list[i].size = size;
@@ -155,7 +170,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
155170
case LTC_ASN1_OCTET_STRING:
156171
z = inlen;
157172
if ((err = der_decode_octet_string(in + x, z, data, &size)) != CRYPT_OK) {
158-
if (!ordered) { continue; }
173+
if (!ordered || list[i].optional) { continue; }
159174
goto LBL_ERR;
160175
}
161176
list[i].size = size;
@@ -166,7 +181,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
166181

167182
case LTC_ASN1_NULL:
168183
if (inlen < 2 || in[x] != 0x05 || in[x+1] != 0x00) {
169-
if (!ordered) { continue; }
184+
if (!ordered || list[i].optional) { continue; }
170185
err = CRYPT_INVALID_PACKET;
171186
goto LBL_ERR;
172187
}
@@ -176,7 +191,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
176191
case LTC_ASN1_OBJECT_IDENTIFIER:
177192
z = inlen;
178193
if ((err = der_decode_object_identifier(in + x, z, data, &size)) != CRYPT_OK) {
179-
if (!ordered) { continue; }
194+
if (!ordered || list[i].optional) { continue; }
180195
goto LBL_ERR;
181196
}
182197
list[i].size = size;
@@ -188,7 +203,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
188203
case LTC_ASN1_TELETEX_STRING:
189204
z = inlen;
190205
if ((err = der_decode_teletex_string(in + x, z, data, &size)) != CRYPT_OK) {
191-
if (!ordered) { continue; }
206+
if (!ordered || list[i].optional) { continue; }
192207
goto LBL_ERR;
193208
}
194209
list[i].size = size;
@@ -200,7 +215,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
200215
case LTC_ASN1_IA5_STRING:
201216
z = inlen;
202217
if ((err = der_decode_ia5_string(in + x, z, data, &size)) != CRYPT_OK) {
203-
if (!ordered) { continue; }
218+
if (!ordered || list[i].optional) { continue; }
204219
goto LBL_ERR;
205220
}
206221
list[i].size = size;
@@ -213,7 +228,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
213228
case LTC_ASN1_PRINTABLE_STRING:
214229
z = inlen;
215230
if ((err = der_decode_printable_string(in + x, z, data, &size)) != CRYPT_OK) {
216-
if (!ordered) { continue; }
231+
if (!ordered || list[i].optional) { continue; }
217232
goto LBL_ERR;
218233
}
219234
list[i].size = size;
@@ -225,7 +240,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
225240
case LTC_ASN1_UTF8_STRING:
226241
z = inlen;
227242
if ((err = der_decode_utf8_string(in + x, z, data, &size)) != CRYPT_OK) {
228-
if (!ordered) { continue; }
243+
if (!ordered || list[i].optional) { continue; }
229244
goto LBL_ERR;
230245
}
231246
list[i].size = size;
@@ -237,7 +252,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
237252
case LTC_ASN1_UTCTIME:
238253
z = inlen;
239254
if ((err = der_decode_utctime(in + x, &z, data)) != CRYPT_OK) {
240-
if (!ordered) { continue; }
255+
if (!ordered || list[i].optional) { continue; }
241256
goto LBL_ERR;
242257
}
243258
break;
@@ -253,7 +268,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
253268
case LTC_ASN1_SET:
254269
z = inlen;
255270
if ((err = der_decode_set(in + x, z, data, size)) != CRYPT_OK) {
256-
if (!ordered) { continue; }
271+
if (!ordered || list[i].optional) { continue; }
257272
goto LBL_ERR;
258273
}
259274
if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) {
@@ -271,7 +286,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
271286

272287
z = inlen;
273288
if ((err = der_decode_sequence(in + x, z, data, size)) != CRYPT_OK) {
274-
if (!ordered) { continue; }
289+
if (!ordered || list[i].optional) { continue; }
275290
goto LBL_ERR;
276291
}
277292
if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) {
@@ -283,7 +298,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
283298
case LTC_ASN1_CHOICE:
284299
z = inlen;
285300
if ((err = der_decode_choice(in + x, &z, data, size)) != CRYPT_OK) {
286-
if (!ordered) { continue; }
301+
if (!ordered || list[i].optional) { continue; }
287302
goto LBL_ERR;
288303
}
289304
break;
@@ -304,7 +319,7 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
304319
}
305320

306321
for (i = 0; i < (int)outlen; i++) {
307-
if (list[i].used == 0) {
322+
if (list[i].used == 0 && list[i].optional == 0) {
308323
err = CRYPT_INVALID_PACKET;
309324
goto LBL_ERR;
310325
}

0 commit comments

Comments
 (0)