Skip to content

Commit 94b248a

Browse files
night1ridernight1rider
committed
Address feedback from Fenrir
1 parent 19d1e4a commit 94b248a

3 files changed

Lines changed: 611 additions & 416 deletions

File tree

wolfcrypt/src/asn.c

Lines changed: 60 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -8336,6 +8336,8 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
83368336
wc_RsaEncryptSize(tmpKey), NULL, 0, 0);
83378337
}
83388338

8339+
/* wc_FreeRsaKey calls mp_forcezero on all private key components,
8340+
* so no separate ForceZero of the struct is needed here. */
83398341
wc_FreeRsaKey(tmpKey);
83408342
WC_FREE_VAR(tmpKey, key->heap);
83418343

@@ -36537,6 +36539,59 @@ int wc_Asn1_PrintAll(Asn1* asn1, Asn1PrintOptions* opts, unsigned char* data,
3653736539

3653836540
/* Functions that parse, but are not using ASN.1 */
3653936541
#if !defined(NO_RSA) && (!defined(NO_BIG_INT) || defined(WOLFSSL_SP_MATH))
36542+
/* Software-only import of RSA public key elements (n, e) into RsaKey.
36543+
* This internal helper avoids recursion when called from the SETKEY path. */
36544+
static int _RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
36545+
word32 eSz, RsaKey* key)
36546+
{
36547+
if (n == NULL || e == NULL || key == NULL) {
36548+
return BAD_FUNC_ARG;
36549+
}
36550+
36551+
key->type = RSA_PUBLIC;
36552+
36553+
if (mp_init(&key->n) != MP_OKAY) {
36554+
return MP_INIT_E;
36555+
}
36556+
36557+
if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
36558+
mp_clear(&key->n);
36559+
return ASN_GETINT_E;
36560+
}
36561+
#ifdef HAVE_WOLF_BIGINT
36562+
if ((int)nSz > 0 && wc_bigint_from_unsigned_bin(&key->n.raw, n, nSz) != 0) {
36563+
mp_clear(&key->n);
36564+
return ASN_GETINT_E;
36565+
}
36566+
#endif /* HAVE_WOLF_BIGINT */
36567+
36568+
if (mp_init(&key->e) != MP_OKAY) {
36569+
mp_clear(&key->n);
36570+
return MP_INIT_E;
36571+
}
36572+
36573+
if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
36574+
mp_clear(&key->n);
36575+
mp_clear(&key->e);
36576+
return ASN_GETINT_E;
36577+
}
36578+
#ifdef HAVE_WOLF_BIGINT
36579+
if ((int)eSz > 0 && wc_bigint_from_unsigned_bin(&key->e.raw, e, eSz) != 0) {
36580+
mp_clear(&key->n);
36581+
mp_clear(&key->e);
36582+
return ASN_GETINT_E;
36583+
}
36584+
#endif /* HAVE_WOLF_BIGINT */
36585+
36586+
#ifdef WOLFSSL_XILINX_CRYPT
36587+
if (wc_InitRsaHw(key) != 0) {
36588+
return BAD_STATE_E;
36589+
}
36590+
#endif
36591+
36592+
return 0;
36593+
}
36594+
3654036595
/* import RSA public key elements (n, e) into RsaKey structure (key) */
3654136596
/* this function does not use any ASN.1 parsing */
3654236597
int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
@@ -36548,8 +36603,9 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
3654836603
WC_DECLARE_VAR(tmpKey, RsaKey, 1, NULL);
3654936604
#endif
3655036605

36551-
if (n == NULL || e == NULL || key == NULL)
36606+
if (n == NULL || e == NULL || key == NULL) {
3655236607
return BAD_FUNC_ARG;
36608+
}
3655336609

3655436610
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_SETKEY)
3655536611
#ifndef WOLF_CRYPTO_CB_FIND
@@ -36569,8 +36625,8 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
3656936625
return tmpErr;
3657036626
}
3657136627

36572-
/* Recursive call imports n, e into temp via software */
36573-
tmpErr = wc_RsaPublicKeyDecodeRaw(n, nSz, e, eSz, tmpKey);
36628+
/* Import into temp via software helper (no callback recursion) */
36629+
tmpErr = _RsaPublicKeyDecodeRaw(n, nSz, e, eSz, tmpKey);
3657436630
if (tmpErr == 0) {
3657536631
cbRet = wc_CryptoCb_SetKey(key->devId,
3657636632
WC_SETKEY_RSA_PUB, key, tmpKey,
@@ -36590,47 +36646,7 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
3659036646
}
3659136647
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_SETKEY */
3659236648

36593-
key->type = RSA_PUBLIC;
36594-
36595-
if (mp_init(&key->n) != MP_OKAY)
36596-
return MP_INIT_E;
36597-
36598-
if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
36599-
mp_clear(&key->n);
36600-
return ASN_GETINT_E;
36601-
}
36602-
#ifdef HAVE_WOLF_BIGINT
36603-
if ((int)nSz > 0 && wc_bigint_from_unsigned_bin(&key->n.raw, n, nSz) != 0) {
36604-
mp_clear(&key->n);
36605-
return ASN_GETINT_E;
36606-
}
36607-
#endif /* HAVE_WOLF_BIGINT */
36608-
36609-
if (mp_init(&key->e) != MP_OKAY) {
36610-
mp_clear(&key->n);
36611-
return MP_INIT_E;
36612-
}
36613-
36614-
if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
36615-
mp_clear(&key->n);
36616-
mp_clear(&key->e);
36617-
return ASN_GETINT_E;
36618-
}
36619-
#ifdef HAVE_WOLF_BIGINT
36620-
if ((int)eSz > 0 && wc_bigint_from_unsigned_bin(&key->e.raw, e, eSz) != 0) {
36621-
mp_clear(&key->n);
36622-
mp_clear(&key->e);
36623-
return ASN_GETINT_E;
36624-
}
36625-
#endif /* HAVE_WOLF_BIGINT */
36626-
36627-
#ifdef WOLFSSL_XILINX_CRYPT
36628-
if (wc_InitRsaHw(key) != 0) {
36629-
return BAD_STATE_E;
36630-
}
36631-
#endif
36632-
36633-
return 0;
36649+
return _RsaPublicKeyDecodeRaw(n, nSz, e, eSz, key);
3663436650
}
3663536651
#endif /* !NO_RSA && (!NO_BIG_INT || WOLFSSL_SP_MATH) */
3663636652

0 commit comments

Comments
 (0)