tomcrypt/src/pk/rsa/rsa_import.c

/* LibTomCrypt, modular cryptographic library -- Tom St Denis
 *
 * LibTomCrypt is a library that provides various cryptographic
 * algorithms in a highly modular and flexible manner.
 *
 * The library is free for all purposes without any express
 * guarantee it works.
 *
 * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
 */
#include "tomcrypt.h"

/**
  @file rsa_import.c
  Import a PKCS RSA key, Tom St Denis
*/  

#ifdef MRSA

/**
  Import an RSAPublicKey or RSAPrivateKey [two-prime only, only support >= 1024-bit keys, defined in PKCS #1 v2.1]
  @param in      The packet to import from
  @param inlen   It's length (octets)
  @param key     [out] Destination for newly imported key
  @return CRYPT_OK if successful, upon error allocated memory is freed
*/
int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
{
   int           err;
   void         *zero;
   unsigned char *tmpbuf;
   unsigned long  t, x, y, z, tmpoid[16];
   ltc_asn1_list ssl_pubkey_hashoid[2];
   ltc_asn1_list ssl_pubkey[2];

   LTC_ARGCHK(in  != NULL);
   LTC_ARGCHK(key != NULL);
   LTC_ARGCHK(ltc_mp.name != NULL);

   /* init key */
   if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, 
                            &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
      return err;
   }

   /* see if the OpenSSL DER format RSA public key will work */
   tmpbuf = XCALLOC(1, MAX_RSA_SIZE*8);
   if (tmpbuf == NULL) {
       err = CRYPT_MEM;
       goto LBL_ERR;
   }

   /* this includes the internal hash ID and optional params (NULL in this case) */
   LTC_SET_ASN1(ssl_pubkey_hashoid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid,                sizeof(tmpoid)/sizeof(tmpoid[0]));   
   LTC_SET_ASN1(ssl_pubkey_hashoid, 1, LTC_ASN1_NULL,              NULL,                  0);

   /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey in a **BIT** string ... so we have to extract it
      then proceed to convert bit to octet 
    */
   LTC_SET_ASN1(ssl_pubkey, 0,         LTC_ASN1_SEQUENCE,          &ssl_pubkey_hashoid,   2);
   LTC_SET_ASN1(ssl_pubkey, 1,         LTC_ASN1_BIT_STRING,        tmpbuf,                MAX_RSA_SIZE*8);

   if (der_decode_sequence(in, inlen,
                           ssl_pubkey, 2UL) == CRYPT_OK) {

      /* ok now we have to reassemble the BIT STRING to an OCTET STRING.  Thanks OpenSSL... */
      for (t = y = z = x = 0; x < ssl_pubkey[1].size; x++) {
          y = (y << 1) | tmpbuf[x];
          if (++z == 8) {
             tmpbuf[t++] = y;
             y           = 0;
             z           = 0;
          }
      }

      /* now it should be SEQUENCE { INTEGER, INTEGER } */
      if ((err = der_decode_sequence_multi(tmpbuf, t,
                                           LTC_ASN1_INTEGER, 1UL, key->N, 
                                           LTC_ASN1_INTEGER, 1UL, key->e, 
                                           LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
         XFREE(tmpbuf);
         goto LBL_ERR;
      }
      XFREE(tmpbuf);
      key->type = PK_PUBLIC;
      return CRYPT_OK;
   }
   XFREE(tmpbuf);

   /* not SSL public key, try to match against PKCS #1 standards */
   if ((err = der_decode_sequence_multi(in, inlen, 
                                  LTC_ASN1_INTEGER, 1UL, key->N, 
                                  LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
      goto LBL_ERR;
   }

   if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) {
      if ((err = mp_init(&zero)) != CRYPT_OK) { 
         goto LBL_ERR;
      }
      /* it's a private key */
      if ((err = der_decode_sequence_multi(in, inlen, 
                          LTC_ASN1_INTEGER, 1UL, zero, 
                          LTC_ASN1_INTEGER, 1UL, key->N, 
                          LTC_ASN1_INTEGER, 1UL, key->e,
                          LTC_ASN1_INTEGER, 1UL, key->d, 
                          LTC_ASN1_INTEGER, 1UL, key->p, 
                          LTC_ASN1_INTEGER, 1UL, key->q, 
                          LTC_ASN1_INTEGER, 1UL, key->dP,
                          LTC_ASN1_INTEGER, 1UL, key->dQ, 
                          LTC_ASN1_INTEGER, 1UL, key->qP, 
                          LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
         mp_clear(zero);
         goto LBL_ERR;
      }
      mp_clear(zero);
      key->type = PK_PRIVATE;
   } else if (mp_cmp_d(key->N, 1) == LTC_MP_EQ) {
      /* we don't support multi-prime RSA */
      err = CRYPT_PK_INVALID_TYPE;
      goto LBL_ERR;
   } else {
      /* it's a public key and we lack e */
      if ((err = der_decode_sequence_multi(in, inlen, 
                                     LTC_ASN1_INTEGER, 1UL, key->N, 
                                     LTC_ASN1_INTEGER, 1UL, key->e, 
                                     LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
         goto LBL_ERR;
      }
      key->type = PK_PUBLIC;
   }
   return CRYPT_OK;
LBL_ERR:
   mp_clear_multi(key->d,  key->e, key->N, key->dQ, key->dP,
                  key->qP, key->p, key->q, NULL);
   return err;
}

#endif /* MRSA */


/* $Source$ */
/* $Revision$ */
/* $Date$ */
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00			`/* LibTomCrypt, modular cryptographic library -- Tom St Denis`
			`*`
			`* LibTomCrypt is a library that provides various cryptographic`
			`* algorithms in a highly modular and flexible manner.`
			`*`
			`* The library is free for all purposes without any express`
			`* guarantee it works.`
			`*`
added libtomcrypt-1.11 2006-04-06 19:48:32 +00:00			`* Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00			`*/`
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`#include "tomcrypt.h"`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`/**`
			`@file rsa_import.c`
			`Import a PKCS RSA key, Tom St Denis`
			`*/`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00
			`#ifdef MRSA`

added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`/**`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`Import an RSAPublicKey or RSAPrivateKey [two-prime only, only support >= 1024-bit keys, defined in PKCS #1 v2.1]`
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`@param in The packet to import from`
			`@param inlen It's length (octets)`
			`@param key [out] Destination for newly imported key`
			`@return CRYPT_OK if successful, upon error allocated memory is freed`
			`*/`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00			`int rsa_import(const unsigned char in, unsigned long inlen, rsa_key key)`
			`{`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`int err;`
added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`void *zero;`
			`unsigned char *tmpbuf;`
			`unsigned long t, x, y, z, tmpoid[16];`
			`ltc_asn1_list ssl_pubkey_hashoid[2];`
			`ltc_asn1_list ssl_pubkey[2];`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`LTC_ARGCHK(in != NULL);`
			`LTC_ARGCHK(key != NULL);`
added libtomcrypt-1.07 2005-11-18 05:15:37 +00:00			`LTC_ARGCHK(ltc_mp.name != NULL);`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00
			`/* init key */`
added libtomcrypt-1.10 2006-02-11 08:19:10 +00:00			`if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ,`
added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`&key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {`
			`return err;`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00			`}`

added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`/* see if the OpenSSL DER format RSA public key will work */`
			`tmpbuf = XCALLOC(1, MAX_RSA_SIZE*8);`
			`if (tmpbuf == NULL) {`
			`err = CRYPT_MEM;`
			`goto LBL_ERR;`
			`}`

			`/* this includes the internal hash ID and optional params (NULL in this case) */`
			`LTC_SET_ASN1(ssl_pubkey_hashoid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0]));`
			`LTC_SET_ASN1(ssl_pubkey_hashoid, 1, LTC_ASN1_NULL, NULL, 0);`

			`/* the actual format of the SSL DER key is odd, it stores a RSAPublicKey in a BIT string ... so we have to extract it`
			`then proceed to convert bit to octet`
			`*/`
			`LTC_SET_ASN1(ssl_pubkey, 0, LTC_ASN1_SEQUENCE, &ssl_pubkey_hashoid, 2);`
			`LTC_SET_ASN1(ssl_pubkey, 1, LTC_ASN1_BIT_STRING, tmpbuf, MAX_RSA_SIZE*8);`

			`if (der_decode_sequence(in, inlen,`
			`ssl_pubkey, 2UL) == CRYPT_OK) {`

			`/* ok now we have to reassemble the BIT STRING to an OCTET STRING. Thanks OpenSSL... */`
			`for (t = y = z = x = 0; x < ssl_pubkey[1].size; x++) {`
			`y = (y << 1) \| tmpbuf[x];`
			`if (++z == 8) {`
			`tmpbuf[t++] = y;`
			`y = 0;`
			`z = 0;`
			`}`
			`}`

			`/* now it should be SEQUENCE { INTEGER, INTEGER } */`
			`if ((err = der_decode_sequence_multi(tmpbuf, t,`
			`LTC_ASN1_INTEGER, 1UL, key->N,`
			`LTC_ASN1_INTEGER, 1UL, key->e,`
			`LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {`
			`XFREE(tmpbuf);`
			`goto LBL_ERR;`
			`}`
			`XFREE(tmpbuf);`
			`key->type = PK_PUBLIC;`
			`return CRYPT_OK;`
			`}`
			`XFREE(tmpbuf);`

			`/* not SSL public key, try to match against PKCS #1 standards */`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`if ((err = der_decode_sequence_multi(in, inlen,`
added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`LTC_ASN1_INTEGER, 1UL, key->N,`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {`
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`goto LBL_ERR;`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00			`}`

added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) {`
added libtomcrypt-1.10 2006-02-11 08:19:10 +00:00			`if ((err = mp_init(&zero)) != CRYPT_OK) {`
			`goto LBL_ERR;`
			`}`
added libtomcrypt-0.99 2004-10-30 03:00:26 +00:00			`/* it's a private key */`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`if ((err = der_decode_sequence_multi(in, inlen,`
added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`LTC_ASN1_INTEGER, 1UL, zero,`
			`LTC_ASN1_INTEGER, 1UL, key->N,`
			`LTC_ASN1_INTEGER, 1UL, key->e,`
			`LTC_ASN1_INTEGER, 1UL, key->d,`
			`LTC_ASN1_INTEGER, 1UL, key->p,`
			`LTC_ASN1_INTEGER, 1UL, key->q,`
			`LTC_ASN1_INTEGER, 1UL, key->dP,`
			`LTC_ASN1_INTEGER, 1UL, key->dQ,`
			`LTC_ASN1_INTEGER, 1UL, key->qP,`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {`
added libtomcrypt-1.10 2006-02-11 08:19:10 +00:00			`mp_clear(zero);`
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`goto LBL_ERR;`
added libtomcrypt-0.99 2004-10-30 03:00:26 +00:00			`}`
added libtomcrypt-1.10 2006-02-11 08:19:10 +00:00			`mp_clear(zero);`
added libtomcrypt-0.99 2004-10-30 03:00:26 +00:00			`key->type = PK_PRIVATE;`
added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`} else if (mp_cmp_d(key->N, 1) == LTC_MP_EQ) {`
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`/* we don't support multi-prime RSA */`
			`err = CRYPT_PK_INVALID_TYPE;`
			`goto LBL_ERR;`
added libtomcrypt-0.99 2004-10-30 03:00:26 +00:00			`} else {`
			`/* it's a public key and we lack e */`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`if ((err = der_decode_sequence_multi(in, inlen,`
added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`LTC_ASN1_INTEGER, 1UL, key->N,`
			`LTC_ASN1_INTEGER, 1UL, key->e,`
added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00			`LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {`
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`goto LBL_ERR;`
added libtomcrypt-0.99 2004-10-30 03:00:26 +00:00			`}`
			`key->type = PK_PUBLIC;`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00			`}`
			`return CRYPT_OK;`
added libtomcrypt-1.00 2004-12-30 23:55:53 +00:00			`LBL_ERR:`
added libtomcrypt-1.10 2006-02-11 08:19:10 +00:00			`mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP,`
added libtomcrypt-1.06 2005-08-01 16:36:47 +00:00			`key->qP, key->p, key->q, NULL);`
added libtomcrypt-0.96 2004-05-31 02:36:47 +00:00			`return err;`
			`}`

			`#endif /* MRSA */`

added libtomcrypt-1.03 2005-06-09 00:08:13 +00:00
			`/* $Source$ */`
			`/* $Revision$ */`
			`/* $Date$ */`