1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis */
2 /* SPDX-License-Identifier: Unlicense */
3 #include "tomcrypt_private.h"
4
5 /**
6 @file rsa_import.c
7 Import a PKCS RSA key, Tom St Denis
8 */
9
10 #ifdef LTC_MRSA
11
12
13 /**
14 Import an RSAPublicKey or RSAPrivateKey as defined in PKCS #1 v2.1 [two-prime only]
15
16 The `key` passed into this function has to be already initialized and will
17 NOT be free'd on error!
18
19 @param in The packet to import from
20 @param inlen It's length (octets)
21 @param key [out] Destination for newly imported key
22 @return CRYPT_OK if successful
23 */
rsa_import_pkcs1(const unsigned char * in,unsigned long inlen,rsa_key * key)24 int rsa_import_pkcs1(const unsigned char *in, unsigned long inlen, rsa_key *key)
25 {
26 int err;
27 unsigned long version = -1;
28
29 err = der_decode_sequence_multi(in, inlen, LTC_ASN1_SHORT_INTEGER, 1UL, &version,
30 LTC_ASN1_EOL, 0UL, NULL);
31
32 if (err == CRYPT_OVERFLOW) {
33 /* the version would fit into an LTC_ASN1_SHORT_INTEGER
34 * so we try to decode as a public key
35 */
36 if ((err = der_decode_sequence_multi(in, inlen,
37 LTC_ASN1_INTEGER, 1UL, key->N,
38 LTC_ASN1_INTEGER, 1UL, key->e,
39 LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) {
40 key->type = PK_PUBLIC;
41 }
42 goto LBL_OUT;
43 } else if (err != CRYPT_INPUT_TOO_LONG) {
44 /* couldn't decode the version, so error out */
45 goto LBL_OUT;
46 }
47
48 if (version == 0) {
49 /* it's a private key */
50 if ((err = der_decode_sequence_multi(in, inlen,
51 LTC_ASN1_SHORT_INTEGER, 1UL, &version,
52 LTC_ASN1_INTEGER, 1UL, key->N,
53 LTC_ASN1_INTEGER, 1UL, key->e,
54 LTC_ASN1_INTEGER, 1UL, key->d,
55 LTC_ASN1_INTEGER, 1UL, key->p,
56 LTC_ASN1_INTEGER, 1UL, key->q,
57 LTC_ASN1_INTEGER, 1UL, key->dP,
58 LTC_ASN1_INTEGER, 1UL, key->dQ,
59 LTC_ASN1_INTEGER, 1UL, key->qP,
60 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
61 goto LBL_OUT;
62 }
63 key->type = PK_PRIVATE;
64 } else if (version == 1) {
65 /* we don't support multi-prime RSA */
66 err = CRYPT_PK_INVALID_TYPE;
67 goto LBL_OUT;
68 }
69 err = CRYPT_OK;
70 LBL_OUT:
71 return err;
72 }
73
74 /**
75 Import multiple formats of RSA public and private keys.
76
77 RSAPublicKey or RSAPrivateKey as defined in PKCS #1 v2.1 [two-prime only]
78 SubjectPublicKeyInfo formatted public keys
79
80 @param in The packet to import from
81 @param inlen It's length (octets)
82 @param key [out] Destination for newly imported key
83 @return CRYPT_OK if successful, upon error allocated memory is freed
84 */
rsa_import(const unsigned char * in,unsigned long inlen,rsa_key * key)85 int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
86 {
87 int err;
88 unsigned char *tmpbuf=NULL;
89 unsigned long tmpbuf_len, len;
90
91 LTC_ARGCHK(in != NULL);
92 LTC_ARGCHK(key != NULL);
93 LTC_ARGCHK(ltc_mp.name != NULL);
94
95 /* init key */
96 if ((err = rsa_init(key)) != CRYPT_OK) {
97 return err;
98 }
99
100 /* see if the OpenSSL DER format RSA public key will work */
101 tmpbuf_len = inlen;
102 tmpbuf = XCALLOC(1, tmpbuf_len);
103 if (tmpbuf == NULL) {
104 err = CRYPT_MEM;
105 goto LBL_ERR;
106 }
107
108 len = 0;
109 err = x509_decode_subject_public_key_info(in, inlen,
110 LTC_OID_RSA, tmpbuf, &tmpbuf_len,
111 LTC_ASN1_NULL, NULL, &len);
112
113 if (err == CRYPT_OK) { /* SubjectPublicKeyInfo format */
114
115 /* now it should be SEQUENCE { INTEGER, INTEGER } */
116 if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len,
117 LTC_ASN1_INTEGER, 1UL, key->N,
118 LTC_ASN1_INTEGER, 1UL, key->e,
119 LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
120 goto LBL_ERR;
121 }
122 key->type = PK_PUBLIC;
123 err = CRYPT_OK;
124 goto LBL_FREE;
125 }
126
127 /* not SSL public key, try to match against PKCS #1 standards */
128 if ((err = rsa_import_pkcs1(in, inlen, key)) == CRYPT_OK) {
129 goto LBL_FREE;
130 }
131
132 LBL_ERR:
133 rsa_free(key);
134
135 LBL_FREE:
136 if (tmpbuf != NULL) {
137 XFREE(tmpbuf);
138 }
139 return err;
140 }
141
142 #endif /* LTC_MRSA */
143
144