[Cryptech-Commits] [sw/libhal] 10/11: First round of fixes for new ASN.1 and test code.
git at cryptech.is
git at cryptech.is
Wed Dec 23 07:22:29 UTC 2015
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch rpc
in repository sw/libhal.
commit 8c427a7b537a35d6685fb8a95e9b64732d6b4c49
Author: Rob Austein <sra at hactrn.net>
Date: Wed Dec 23 01:59:40 2015 -0500
First round of fixes for new ASN.1 and test code.
---
asn1.c | 24 +++++++++++++-----------
tests/GNUmakefile | 2 +-
tests/test-ecdsa.c | 3 +++
tests/test-rsa.c | 17 +++++++++++++----
4 files changed, 30 insertions(+), 16 deletions(-)
diff --git a/asn1.c b/asn1.c
index 3786cbd..c50a7b4 100644
--- a/asn1.c
+++ b/asn1.c
@@ -170,9 +170,9 @@ hal_error_t hal_asn1_encode_spki(const uint8_t * const alg_oid, const size_t a
size_t hlen, hlen_spki, hlen_algid, hlen_alg, hlen_curve, hlen_bit;
- if ((err = hal_asn1_encode_header(ASN1_OBJECT_IDENTIFIER, alg_oid_len, NULL, &hlen_alg, 0)) != HAL_OK ||
- (err = hal_asn1_encode_header(curve_oid_tag, curve_oid_len, NULL, &hlen_curve, 0)) != HAL_OK ||
- (err = hal_asn1_encode_header(ASN1_BIT_STRING, pubkey_len, NULL, &hlen_bit, 0)) != HAL_OK)
+ if ((err = hal_asn1_encode_header(ASN1_OBJECT_IDENTIFIER, alg_oid_len, NULL, &hlen_alg, 0)) != HAL_OK ||
+ (err = hal_asn1_encode_header(curve_oid_tag, curve_oid_len, NULL, &hlen_curve, 0)) != HAL_OK ||
+ (err = hal_asn1_encode_header(ASN1_BIT_STRING, 1 + pubkey_len, NULL, &hlen_bit, 0)) != HAL_OK)
return err;
const size_t algid_len = hlen_alg + alg_oid_len + hlen_curve + curve_oid_len;
@@ -180,7 +180,7 @@ hal_error_t hal_asn1_encode_spki(const uint8_t * const alg_oid, const size_t a
if ((err = hal_asn1_encode_header(ASN1_SEQUENCE, algid_len, NULL, &hlen_algid, 0)) != HAL_OK)
return err;
- const size_t vlen = hlen_algid + hlen_alg + alg_oid_len + hlen_curve + curve_oid_len + hlen_bit + pubkey_len;
+ const size_t vlen = hlen_algid + hlen_alg + alg_oid_len + hlen_curve + curve_oid_len + hlen_bit + 1 + pubkey_len;
if ((err = hal_asn1_encode_header(ASN1_SEQUENCE, vlen, NULL, &hlen_spki, 0)) != HAL_OK)
return err;
@@ -200,7 +200,7 @@ hal_error_t hal_asn1_encode_spki(const uint8_t * const alg_oid, const size_t a
return err;
uint8_t *d = der + hlen;
- memset(d, 0, vlen);
+ memset(d, 0, vlen - pubkey_len);
if ((err = hal_asn1_encode_header(ASN1_SEQUENCE, algid_len, d, &hlen, der + der_max - d)) != HAL_OK)
return err;
@@ -219,9 +219,10 @@ hal_error_t hal_asn1_encode_spki(const uint8_t * const alg_oid, const size_t a
memcpy(d, curve_oid, curve_oid_len);
d += curve_oid_len;
- if ((err = hal_asn1_encode_header(ASN1_BIT_STRING, pubkey_len, d, &hlen, der + der_max - d)) != HAL_OK)
+ if ((err = hal_asn1_encode_header(ASN1_BIT_STRING, 1 + pubkey_len, d, &hlen, der + der_max - d)) != HAL_OK)
return err;
d += hlen;
+ *d++ = 0x00;
d += pubkey_len; /* pubkey handled early, above. */
@@ -310,16 +311,17 @@ hal_error_t hal_asn1_decode_spki(const uint8_t **alg_oid, size_t *alg_oid_len,
pubkey == NULL || pubkey_len == NULL || der == NULL)
return HAL_ERROR_BAD_ARGUMENTS;
+ const uint8_t * const der_end = der + der_len;
+ const uint8_t *d = der;
+
size_t hlen, vlen;
hal_error_t err;
- if ((err = hal_asn1_decode_header(ASN1_SEQUENCE, der, der_len, &hlen, &vlen)) != HAL_OK)
+ if ((err = hal_asn1_decode_header(ASN1_SEQUENCE, d, der_end - d, &hlen, &vlen)) != HAL_OK)
return err;
+ d += hlen;
- const uint8_t * const der_end = der + hlen + vlen;
- const uint8_t *d = der + hlen;
-
- if ((err = hal_asn1_decode_header(ASN1_SEQUENCE, der, der_end - d, &hlen, &vlen)) != HAL_OK)
+ if ((err = hal_asn1_decode_header(ASN1_SEQUENCE, d, der_end - d, &hlen, &vlen)) != HAL_OK)
return err;
d += hlen;
diff --git a/tests/GNUmakefile b/tests/GNUmakefile
index 50b33a1..ba515f7 100644
--- a/tests/GNUmakefile
+++ b/tests/GNUmakefile
@@ -36,7 +36,7 @@ CFLAGS = -g3 -Wall -fPIC -std=c99 -I..
all: ${BIN}
test: all
- for i in ${BIN}; do ./$$i; done
+ for i in ${BIN}; do (set -x; ./$$i); done
clean:
rm -f *.o ${BIN}
diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c
index bdcfca6..da2b367 100644
--- a/tests/test-ecdsa.c
+++ b/tests/test-ecdsa.c
@@ -231,6 +231,9 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
if (err != HAL_OK)
return printf("hal_ecdsa_public_key_to_der() failed: %s\n", hal_error_string(err)), 0;
+ if ((err = hal_ecdsa_public_key_from_der(&key2, keybuf2, sizeof(keybuf2), der, der_len)) != HAL_OK)
+ return printf("hal_ecdsa_public_key_from_der() failed: %s\n", hal_error_string(err)), 0;
+
if (memcmp(key1, key2, hal_ecdsa_key_t_size) != 0)
return printf("Public key mismatch after second read/write cycle\n"), 0;
diff --git a/tests/test-rsa.c b/tests/test-rsa.c
index 737387c..1fc516b 100644
--- a/tests/test-rsa.c
+++ b/tests/test-rsa.c
@@ -161,7 +161,7 @@ static int test_gen(const hal_core_t *core,
return printf("Converting RSA key back from DER failed: %s\n", hal_error_string(err)), 0;
if (memcmp(keybuf1, keybuf2, hal_rsa_key_t_size) != 0)
- return printf("RSA key mismatch after conversion to and back from DER\n"), 0;
+ return printf("RSA private key mismatch after conversion to and back from DER\n"), 0;
uint8_t result[tc->n.len];
@@ -175,7 +175,7 @@ static int test_gen(const hal_core_t *core,
return printf("Couldn't open %s: %s\n", fn, strerror(errno)), 0;
if (fwrite(result, sizeof(result), 1, f) != 1)
- return printf("Length mismatch writing %s key\n", fn), 0;
+ return printf("Length mismatch writing %s\n", fn), 0;
if (fclose(f) == EOF)
return printf("Couldn't close %s: %s\n", fn, strerror(errno)), 0;
@@ -194,6 +194,15 @@ static int test_gen(const hal_core_t *core,
hal_rsa_key_clear(key2);
key2 = NULL;
+ if ((f = fopen(fn, "rb")) == NULL)
+ return printf("Couldn't open %s: %s\n", fn, strerror(errno)), 0;
+
+ if (fread(result, sizeof(result), 1, f) != 1)
+ return printf("Length mismatch reading %s\n", fn), 0;
+
+ if (fclose(f) == EOF)
+ return printf("Couldn't close %s: %s\n", fn, strerror(errno)), 0;
+
err = hal_rsa_public_key_to_der(key1, der, &der_len, sizeof(der));
snprintf(fn, sizeof(fn), "test-rsa-public-key-%04lu.der", (unsigned long) tc->size);
@@ -212,8 +221,8 @@ static int test_gen(const hal_core_t *core,
if (err != HAL_OK)
return printf("Converting RSA public key to DER failed: %s\n", hal_error_string(err)), 0;
- if ((err = hal_rsa_private_key_from_der(&key2, keybuf2, sizeof(keybuf2), der, sizeof(der))) != HAL_OK)
- return printf("Converting RSA key back from DER failed: %s\n", hal_error_string(err)), 0;
+ if ((err = hal_rsa_public_key_from_der(&key2, keybuf2, sizeof(keybuf2), der, der_len)) != HAL_OK)
+ return printf("Converting RSA public key back from DER failed: %s\n", hal_error_string(err)), 0;
/*
* Can't directly compare private key with public key. We could
More information about the Commits
mailing list