Skip to content

Commit a24b642

Browse files
night1ridernight1rider
committed
Address feedback from Fenrir
1 parent 9593d2a commit a24b642

3 files changed

Lines changed: 609 additions & 413 deletions

File tree

wolfcrypt/src/asn.c

Lines changed: 60 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -8333,6 +8333,8 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
83338333
wc_RsaEncryptSize(tmpKey), NULL, 0, 0);
83348334
}
83358335

8336+
/* wc_FreeRsaKey calls mp_forcezero on all private key components,
8337+
* so no separate ForceZero of the struct is needed here. */
83368338
wc_FreeRsaKey(tmpKey);
83378339
WC_FREE_VAR(tmpKey, key->heap);
83388340

@@ -36151,6 +36153,59 @@ int wc_Asn1_PrintAll(Asn1* asn1, Asn1PrintOptions* opts, unsigned char* data,
3615136153

3615236154
/* Functions that parse, but are not using ASN.1 */
3615336155
#if !defined(NO_RSA) && (!defined(NO_BIG_INT) || defined(WOLFSSL_SP_MATH))
36156+
/* Software-only import of RSA public key elements (n, e) into RsaKey.
36157+
* This internal helper avoids recursion when called from the SETKEY path. */
36158+
static int _RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
36159+
word32 eSz, RsaKey* key)
36160+
{
36161+
if (n == NULL || e == NULL || key == NULL) {
36162+
return BAD_FUNC_ARG;
36163+
}
36164+
36165+
key->type = RSA_PUBLIC;
36166+
36167+
if (mp_init(&key->n) != MP_OKAY) {
36168+
return MP_INIT_E;
36169+
}
36170+
36171+
if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
36172+
mp_clear(&key->n);
36173+
return ASN_GETINT_E;
36174+
}
36175+
#ifdef HAVE_WOLF_BIGINT
36176+
if ((int)nSz > 0 && wc_bigint_from_unsigned_bin(&key->n.raw, n, nSz) != 0) {
36177+
mp_clear(&key->n);
36178+
return ASN_GETINT_E;
36179+
}
36180+
#endif /* HAVE_WOLF_BIGINT */
36181+
36182+
if (mp_init(&key->e) != MP_OKAY) {
36183+
mp_clear(&key->n);
36184+
return MP_INIT_E;
36185+
}
36186+
36187+
if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
36188+
mp_clear(&key->n);
36189+
mp_clear(&key->e);
36190+
return ASN_GETINT_E;
36191+
}
36192+
#ifdef HAVE_WOLF_BIGINT
36193+
if ((int)eSz > 0 && wc_bigint_from_unsigned_bin(&key->e.raw, e, eSz) != 0) {
36194+
mp_clear(&key->n);
36195+
mp_clear(&key->e);
36196+
return ASN_GETINT_E;
36197+
}
36198+
#endif /* HAVE_WOLF_BIGINT */
36199+
36200+
#ifdef WOLFSSL_XILINX_CRYPT
36201+
if (wc_InitRsaHw(key) != 0) {
36202+
return BAD_STATE_E;
36203+
}
36204+
#endif
36205+
36206+
return 0;
36207+
}
36208+
3615436209
/* import RSA public key elements (n, e) into RsaKey structure (key) */
3615536210
/* this function does not use any ASN.1 parsing */
3615636211
int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
@@ -36162,8 +36217,9 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
3616236217
WC_DECLARE_VAR(tmpKey, RsaKey, 1, NULL);
3616336218
#endif
3616436219

36165-
if (n == NULL || e == NULL || key == NULL)
36220+
if (n == NULL || e == NULL || key == NULL) {
3616636221
return BAD_FUNC_ARG;
36222+
}
3616736223

3616836224
#if defined(WOLF_CRYPTO_CB) && defined(WOLF_CRYPTO_CB_SETKEY)
3616936225
#ifndef WOLF_CRYPTO_CB_FIND
@@ -36183,8 +36239,8 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
3618336239
return tmpErr;
3618436240
}
3618536241

36186-
/* Recursive call imports n, e into temp via software */
36187-
tmpErr = wc_RsaPublicKeyDecodeRaw(n, nSz, e, eSz, tmpKey);
36242+
/* Import into temp via software helper (no callback recursion) */
36243+
tmpErr = _RsaPublicKeyDecodeRaw(n, nSz, e, eSz, tmpKey);
3618836244
if (tmpErr == 0) {
3618936245
cbRet = wc_CryptoCb_SetKey(key->devId,
3619036246
WC_SETKEY_RSA_PUB, key, tmpKey,
@@ -36204,47 +36260,7 @@ int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
3620436260
}
3620536261
#endif /* WOLF_CRYPTO_CB && WOLF_CRYPTO_CB_SETKEY */
3620636262

36207-
key->type = RSA_PUBLIC;
36208-
36209-
if (mp_init(&key->n) != MP_OKAY)
36210-
return MP_INIT_E;
36211-
36212-
if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
36213-
mp_clear(&key->n);
36214-
return ASN_GETINT_E;
36215-
}
36216-
#ifdef HAVE_WOLF_BIGINT
36217-
if ((int)nSz > 0 && wc_bigint_from_unsigned_bin(&key->n.raw, n, nSz) != 0) {
36218-
mp_clear(&key->n);
36219-
return ASN_GETINT_E;
36220-
}
36221-
#endif /* HAVE_WOLF_BIGINT */
36222-
36223-
if (mp_init(&key->e) != MP_OKAY) {
36224-
mp_clear(&key->n);
36225-
return MP_INIT_E;
36226-
}
36227-
36228-
if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
36229-
mp_clear(&key->n);
36230-
mp_clear(&key->e);
36231-
return ASN_GETINT_E;
36232-
}
36233-
#ifdef HAVE_WOLF_BIGINT
36234-
if ((int)eSz > 0 && wc_bigint_from_unsigned_bin(&key->e.raw, e, eSz) != 0) {
36235-
mp_clear(&key->n);
36236-
mp_clear(&key->e);
36237-
return ASN_GETINT_E;
36238-
}
36239-
#endif /* HAVE_WOLF_BIGINT */
36240-
36241-
#ifdef WOLFSSL_XILINX_CRYPT
36242-
if (wc_InitRsaHw(key) != 0) {
36243-
return BAD_STATE_E;
36244-
}
36245-
#endif
36246-
36247-
return 0;
36263+
return _RsaPublicKeyDecodeRaw(n, nSz, e, eSz, key);
3624836264
}
3624936265
#endif /* !NO_RSA && (!NO_BIG_INT || WOLFSSL_SP_MATH) */
3625036266

0 commit comments

Comments
 (0)