26 #if !defined(POLARSSL_CONFIG_FILE)
29 #include POLARSSL_CONFIG_FILE
32 #if defined(POLARSSL_PK_PARSE_C)
38 #if defined(POLARSSL_RSA_C)
41 #if defined(POLARSSL_ECP_C)
44 #if defined(POLARSSL_ECDSA_C)
47 #if defined(POLARSSL_PEM_PARSE_C)
50 #if defined(POLARSSL_PKCS5_C)
53 #if defined(POLARSSL_PKCS12_C)
57 #if defined(POLARSSL_PLATFORM_C)
61 #define polarssl_malloc malloc
62 #define polarssl_free free
65 #if defined(POLARSSL_FS_IO)
67 static void polarssl_zeroize(
void *v,
size_t n ) {
68 volatile unsigned char *p = v;
while( n-- ) *p++ = 0;
74 static int load_file(
const char *path,
unsigned char **buf,
size_t *n )
79 if( ( f = fopen( path,
"rb" ) ) == NULL )
82 fseek( f, 0, SEEK_END );
83 if( ( size = ftell( f ) ) == -1 )
88 fseek( f, 0, SEEK_SET );
99 if( fread( *buf, 1, *n, f ) != *n )
117 const char *path,
const char *pwd )
123 if( ( ret = load_file( path, &buf, &n ) ) != 0 )
130 (
const unsigned char *) pwd, strlen( pwd ) );
132 polarssl_zeroize( buf, n + 1 );
147 if( ( ret = load_file( path, &buf, &n ) ) != 0 )
152 polarssl_zeroize( buf, n + 1 );
159 #if defined(POLARSSL_ECP_C)
168 static int pk_get_ecparams(
unsigned char **p,
const unsigned char *end,
200 #if defined(POLARSSL_PK_PARSE_EC_EXTENDED)
223 unsigned char *p = params->
p;
224 const unsigned char *
const end = params->
p + params->
len;
225 const unsigned char *end_field, *end_curve;
233 if( ver < 1 || ver > 3 )
327 (
const unsigned char *) p, len ) ) != 0 )
334 ( p[0] != 0x02 && p[0] != 0x03 ) ||
409 static int pk_group_id_from_specified(
const asn1_buf *params,
417 if( ( ret = pk_group_from_specified( params, &grp ) ) != 0 )
420 ret = pk_group_id_from_group( &grp, grp_id );
449 #if defined(POLARSSL_PK_PARSE_EC_EXTENDED)
450 if( ( ret = pk_group_id_from_specified( params, &grp_id ) ) != 0 )
476 static int pk_get_ecpubkey(
unsigned char **p,
const unsigned char *end,
482 (
const unsigned char *) *p, end - *p ) ) == 0 )
490 *p = (
unsigned char *) end;
496 #if defined(POLARSSL_RSA_C)
503 static int pk_get_rsapubkey(
unsigned char **p,
504 const unsigned char *end,
514 if( *p + len != end )
541 static int pk_get_pk_alg(
unsigned char **p,
542 const unsigned char *end,
548 memset( params, 0,
sizeof(
asn1_buf) );
550 if( ( ret =
asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
591 if( ( ret = pk_get_pk_alg( p, end, &pk_alg, &alg_params ) ) != 0 )
597 if( *p + len != end )
607 #if defined(POLARSSL_RSA_C)
610 ret = pk_get_rsapubkey( p, end,
pk_rsa( *pk ) );
613 #if defined(POLARSSL_ECP_C)
616 ret = pk_use_ecparams( &alg_params, &
pk_ec( *pk )->grp );
618 ret = pk_get_ecpubkey( p, end,
pk_ec( *pk ) );
623 if( ret == 0 && *p != end )
633 #if defined(POLARSSL_RSA_C)
637 static int pk_parse_key_pkcs1_der(
rsa_context *rsa,
638 const unsigned char *key,
643 unsigned char *p, *end;
645 p = (
unsigned char *) key;
701 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
714 #if defined(POLARSSL_ECP_C)
718 static int pk_parse_key_sec1_der(
ecp_keypair *eck,
719 const unsigned char *key,
723 int version, pubkey_done;
726 unsigned char *p = (
unsigned char *) key;
727 unsigned char *end = p + keylen;
771 if( ( ret = pk_get_ecparams( &p, p + len, ¶ms) ) != 0 ||
772 ( ret = pk_use_ecparams( ¶ms, &eck->
grp ) ) != 0 )
797 if( p + len != end2 )
799 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
801 if( ( ret = pk_get_ecpubkey( &p, end2, eck ) ) == 0 )
821 NULL, NULL ) ) != 0 )
840 static int pk_parse_key_pkcs8_unencrypted_der(
842 const unsigned char* key,
848 unsigned char *p = (
unsigned char *) key;
849 unsigned char *end = p + keylen;
883 if( ( ret = pk_get_pk_alg( &p, end, &pk_alg, ¶ms ) ) != 0 )
899 #if defined(POLARSSL_RSA_C)
902 if( ( ret = pk_parse_key_pkcs1_der(
pk_rsa( *pk ), p, len ) ) != 0 )
909 #if defined(POLARSSL_ECP_C)
912 if( ( ret = pk_use_ecparams( ¶ms, &
pk_ec( *pk )->grp ) ) != 0 ||
913 ( ret = pk_parse_key_sec1_der(
pk_ec( *pk ), p, len ) ) != 0 )
928 static int pk_parse_key_pkcs8_encrypted_der(
930 const unsigned char *key,
size_t keylen,
931 const unsigned char *pwd,
size_t pwdlen )
933 int ret, decrypted = 0;
935 unsigned char buf[2048];
936 unsigned char *p, *end;
938 #if defined(POLARSSL_PKCS12_C)
943 memset( buf, 0,
sizeof( buf ) );
945 p = (
unsigned char *) key;
973 if( ( ret =
asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 )
979 if( len >
sizeof( buf ) )
985 #if defined(POLARSSL_PKCS12_C)
990 pwd, pwdlen, p, len, buf ) ) != 0 )
1005 p, len, buf ) ) != 0 )
1020 #if defined(POLARSSL_PKCS5_C)
1024 p, len, buf ) ) != 0 )
1040 if( decrypted == 0 )
1043 return( pk_parse_key_pkcs8_unencrypted_der( pk, buf, len ) );
1050 const unsigned char *key,
size_t keylen,
1051 const unsigned char *pwd,
size_t pwdlen )
1056 #if defined(POLARSSL_PEM_PARSE_C)
1062 #if defined(POLARSSL_RSA_C)
1063 ret = pem_read_buffer( &pem,
1064 "-----BEGIN RSA PRIVATE KEY-----",
1065 "-----END RSA PRIVATE KEY-----",
1066 key, pwd, pwdlen, &len );
1073 ( ret = pk_parse_key_pkcs1_der(
pk_rsa( *pk ),
1074 pem.buf, pem.buflen ) ) != 0 )
1090 #if defined(POLARSSL_ECP_C)
1091 ret = pem_read_buffer( &pem,
1092 "-----BEGIN EC PRIVATE KEY-----",
1093 "-----END EC PRIVATE KEY-----",
1094 key, pwd, pwdlen, &len );
1101 ( ret = pk_parse_key_sec1_der(
pk_ec( *pk ),
1102 pem.buf, pem.buflen ) ) != 0 )
1118 ret = pem_read_buffer( &pem,
1119 "-----BEGIN PRIVATE KEY-----",
1120 "-----END PRIVATE KEY-----",
1121 key, NULL, 0, &len );
1124 if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk,
1125 pem.buf, pem.buflen ) ) != 0 )
1136 ret = pem_read_buffer( &pem,
1137 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
1138 "-----END ENCRYPTED PRIVATE KEY-----",
1139 key, NULL, 0, &len );
1142 if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk,
1143 pem.buf, pem.buflen,
1144 pwd, pwdlen ) ) != 0 )
1166 if( ( ret = pk_parse_key_pkcs8_encrypted_der( pk, key, keylen,
1167 pwd, pwdlen ) ) == 0 )
1179 if( ( ret = pk_parse_key_pkcs8_unencrypted_der( pk, key, keylen ) ) == 0 )
1184 #if defined(POLARSSL_RSA_C)
1189 ( ret = pk_parse_key_pkcs1_der(
pk_rsa( *pk ), key, keylen ) ) == 0 )
1197 #if defined(POLARSSL_ECP_C)
1202 ( ret = pk_parse_key_sec1_der(
pk_ec( *pk ), key, keylen ) ) == 0 )
1217 const unsigned char *key,
size_t keylen )
1221 #if defined(POLARSSL_PEM_PARSE_C)
1226 ret = pem_read_buffer( &pem,
1227 "-----BEGIN PUBLIC KEY-----",
1228 "-----END PUBLIC KEY-----",
1229 key, NULL, 0, &len );
1237 keylen = pem.buflen;
1245 p = (
unsigned char *) key;
1249 #if defined(POLARSSL_PEM_PARSE_C)