Skip to content

Commit

Permalink
Provide way to disable ASN but have wc_RsaPublicKeyDecodeRaw, which…
Browse files Browse the repository at this point in the history
… doesn't need ASN.1 parsing.
  • Loading branch information
dgarske committed May 3, 2023
1 parent 61dfbf5 commit 4b90afa
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 60 deletions.
4 changes: 2 additions & 2 deletions configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -3990,7 +3990,7 @@ else
fi

if test "$ENABLED_RSA" = "yes" && test "$ENABLED_RSAVFY" = "no" && \
test "$ENABLED_ASN" = "no"
test "$ENABLED_ASN" = "no" && test "$ENABLED_LOWRESOURCE" = "no"
then
AC_MSG_ERROR([please disable rsa if disabling asn.])
fi
Expand Down Expand Up @@ -8457,7 +8457,7 @@ AM_CONDITIONAL([BUILD_SAKKE],[test "x$ENABLED_SAKKE" = "xyes" || test "x$ENABLED
AM_CONDITIONAL([BUILD_MEMORY],[test "x$ENABLED_MEMORY" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_RSA],[test "x$ENABLED_RSA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_DH],[test "x$ENABLED_DH" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_ASN],[test "x$ENABLED_ASN" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_ASN],[test "x$ENABLED_ASN" != "xno" || test "x$ENABLED_RSA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_AES],[test "x$ENABLED_AES" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_CODING],[test "x$ENABLED_CODING" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
AM_CONDITIONAL([BUILD_RC4],[test "x$ENABLED_ARC4" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
Expand Down
123 changes: 65 additions & 58 deletions wolfcrypt/src/asn.c
Original file line number Diff line number Diff line change
Expand Up @@ -96,12 +96,20 @@ ASN Options:
* WC_ASN_HASH_SHA256: Force use of SHA2-256 for the internal hash ID calcs.
*/

#include <wolfssl/wolfcrypt/error-crypt.h>
#ifndef NO_RSA
#include <wolfssl/wolfcrypt/rsa.h>
#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_CRYPTOCELL)
extern int wc_InitRsaHw(RsaKey* key);
#endif
#endif

#ifndef NO_ASN

#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/wolfcrypt/coding.h>
#include <wolfssl/wolfcrypt/md2.h>
#include <wolfssl/wolfcrypt/hmac.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/pwdbased.h>
#include <wolfssl/wolfcrypt/des3.h>
#include <wolfssl/wolfcrypt/aes.h>
Expand Down Expand Up @@ -168,13 +176,6 @@ ASN Options:
#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
#endif

#ifndef NO_RSA
#include <wolfssl/wolfcrypt/rsa.h>
#if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_CRYPTOCELL)
extern int wc_InitRsaHw(RsaKey* key);
#endif
#endif

#ifndef NO_DSA
#include <wolfssl/wolfcrypt/dsa.h>
#else
Expand Down Expand Up @@ -9518,56 +9519,6 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,

return ret;
}

/* import RSA public key elements (n, e) into RsaKey structure (key) */
int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
word32 eSz, RsaKey* key)
{
if (n == NULL || e == NULL || key == NULL)
return BAD_FUNC_ARG;

key->type = RSA_PUBLIC;

if (mp_init(&key->n) != MP_OKAY)
return MP_INIT_E;

if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
mp_clear(&key->n);
return ASN_GETINT_E;
}
#ifdef HAVE_WOLF_BIGINT
if ((int)nSz > 0 && wc_bigint_from_unsigned_bin(&key->n.raw, n, nSz) != 0) {
mp_clear(&key->n);
return ASN_GETINT_E;
}
#endif /* HAVE_WOLF_BIGINT */

if (mp_init(&key->e) != MP_OKAY) {
mp_clear(&key->n);
return MP_INIT_E;
}

if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
mp_clear(&key->n);
mp_clear(&key->e);
return ASN_GETINT_E;
}
#ifdef HAVE_WOLF_BIGINT
if ((int)eSz > 0 && wc_bigint_from_unsigned_bin(&key->e.raw, e, eSz) != 0) {
mp_clear(&key->n);
mp_clear(&key->e);
return ASN_GETINT_E;
}
#endif /* HAVE_WOLF_BIGINT */

#ifdef WOLFSSL_XILINX_CRYPT
if (wc_InitRsaHw(key) != 0) {
return BAD_STATE_E;
}
#endif

return 0;
}
#endif /* HAVE_USER_RSA */
#endif /* !NO_RSA */

Expand Down Expand Up @@ -37022,6 +36973,62 @@ int wc_MIME_free_hdrs(MimeHdr* head)

#endif /* !NO_ASN */

/* Functions that parse, but are not using ASN.1 */
#if !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
(!defined(NO_BIG_INT) || defined(WOLFSSL_SP_MATH))
/* import RSA public key elements (n, e) into RsaKey structure (key) */
/* this function does not use any ASN.1 parsing */
int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
word32 eSz, RsaKey* key)
{
if (n == NULL || e == NULL || key == NULL)
return BAD_FUNC_ARG;

key->type = RSA_PUBLIC;

if (mp_init(&key->n) != MP_OKAY)
return MP_INIT_E;

if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
mp_clear(&key->n);
return ASN_GETINT_E;
}
#ifdef HAVE_WOLF_BIGINT
if ((int)nSz > 0 && wc_bigint_from_unsigned_bin(&key->n.raw, n, nSz) != 0) {
mp_clear(&key->n);
return ASN_GETINT_E;
}
#endif /* HAVE_WOLF_BIGINT */

if (mp_init(&key->e) != MP_OKAY) {
mp_clear(&key->n);
return MP_INIT_E;
}

if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
mp_clear(&key->n);
mp_clear(&key->e);
return ASN_GETINT_E;
}
#ifdef HAVE_WOLF_BIGINT
if ((int)eSz > 0 && wc_bigint_from_unsigned_bin(&key->e.raw, e, eSz) != 0) {
mp_clear(&key->n);
mp_clear(&key->e);
return ASN_GETINT_E;
}
#endif /* HAVE_WOLF_BIGINT */

#ifdef WOLFSSL_XILINX_CRYPT
if (wc_InitRsaHw(key) != 0) {
return BAD_STATE_E;
}
#endif

return 0;
}
#endif /* !NO_RSA && !HAVE_USER_RSA && (!NO_BIG_INT || WOLFSSL_SP_MATH) */


#ifdef WOLFSSL_SEP


Expand Down
2 changes: 2 additions & 0 deletions wolfcrypt/test/test.c
Original file line number Diff line number Diff line change
Expand Up @@ -13301,7 +13301,9 @@ static int random_rng_test(void)
if (rng == NULL)
return WC_TEST_RET_ENC_ERRNO;

#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
rng->devId = devId;
#endif
ret = _rng_test(rng, WC_TEST_RET_ENC_NC);

wc_rng_free(rng);
Expand Down

0 comments on commit 4b90afa

Please sign in to comment.