Line data Source code
1 : /**
2 : * Copyright Notice:
3 : * Copyright 2021-2022 DMTF. All rights reserved.
4 : * License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
5 : **/
6 :
7 : /** @file
8 : * DER (Distinguished Encoding Rules) format Handler Wrapper Implementation.
9 : **/
10 :
11 : #include "internal_crypt_lib.h"
12 : #include <mbedtls/pk.h>
13 : #include <mbedtls/rsa.h>
14 : #include <mbedtls/ecp.h>
15 : #include <mbedtls/ecdh.h>
16 : #include <mbedtls/ecdsa.h>
17 :
18 : #if (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT)
19 : /**
20 : * Retrieve the RSA Public key from the DER key data.
21 : *
22 : * The public key is ASN.1 DER-encoded as RFC7250 describes,
23 : * namely, the SubjectPublicKeyInfo structure of a X.509 certificate.
24 : *
25 : * @param[in] der_data Pointer to the DER-encoded key data to be retrieved.
26 : * @param[in] der_size size of the DER key data in bytes.
27 : * @param[out] rsa_context Pointer to newly generated RSA context which contain the retrieved
28 : * RSA public key component. Use libspdm_rsa_free() function to free the
29 : * resource.
30 : *
31 : * If der_data is NULL, then return false.
32 : * If rsa_context is NULL, then return false.
33 : *
34 : * @retval true RSA Public key was retrieved successfully.
35 : * @retval false Invalid DER key data.
36 : *
37 : **/
38 5 : bool libspdm_rsa_get_public_key_from_der(const uint8_t *der_data,
39 : size_t der_size,
40 : void **rsa_context)
41 : {
42 : int ret;
43 : mbedtls_pk_context pk;
44 : mbedtls_rsa_context *rsa;
45 :
46 5 : if (der_data == NULL || rsa_context == NULL || der_size > INT_MAX) {
47 0 : return false;
48 : }
49 :
50 5 : mbedtls_pk_init(&pk);
51 :
52 5 : ret = mbedtls_pk_parse_public_key(&pk, der_data, der_size);
53 5 : if (ret != 0) {
54 0 : mbedtls_pk_free(&pk);
55 0 : return false;
56 : }
57 :
58 5 : if (mbedtls_pk_get_type(&pk) != MBEDTLS_PK_RSA) {
59 0 : mbedtls_pk_free(&pk);
60 0 : return false;
61 : }
62 :
63 5 : rsa = libspdm_rsa_new();
64 5 : if (rsa == NULL) {
65 0 : return false;
66 : }
67 5 : ret = mbedtls_rsa_copy(rsa, mbedtls_pk_rsa(pk));
68 5 : if (ret != 0) {
69 0 : libspdm_rsa_free(rsa);
70 0 : mbedtls_pk_free(&pk);
71 0 : return false;
72 : }
73 5 : mbedtls_pk_free(&pk);
74 :
75 5 : *rsa_context = rsa;
76 5 : return true;
77 : }
78 : #endif /* (LIBSPDM_RSA_SSA_SUPPORT) || (LIBSPDM_RSA_PSS_SUPPORT) */
79 :
80 : #if LIBSPDM_ECDSA_SUPPORT
81 : /**
82 : * Retrieve the EC Public key from the DER key data.
83 : *
84 : * The public key is ASN.1 DER-encoded as RFC7250 describes,
85 : * namely, the SubjectPublicKeyInfo structure of a X.509 certificate.
86 : *
87 : * @param[in] der_data Pointer to the DER-encoded key data to be retrieved.
88 : * @param[in] der_size size of the DER key data in bytes.
89 : * @param[out] ec_context Pointer to newly generated EC DSA context which contain the retrieved
90 : * EC public key component. Use libspdm_ec_free() function to free the
91 : * resource.
92 : *
93 : * If der_data is NULL, then return false.
94 : * If ec_context is NULL, then return false.
95 : *
96 : * @retval true EC Public key was retrieved successfully.
97 : * @retval false Invalid DER key data.
98 : *
99 : **/
100 5 : bool libspdm_ec_get_public_key_from_der(const uint8_t *der_data,
101 : size_t der_size,
102 : void **ec_context)
103 : {
104 : int ret;
105 : mbedtls_pk_context pk;
106 : mbedtls_ecdh_context *ecdh;
107 :
108 5 : if (der_data == NULL || ec_context == NULL || der_size > INT_MAX) {
109 0 : return false;
110 : }
111 :
112 5 : mbedtls_pk_init(&pk);
113 :
114 5 : ret = mbedtls_pk_parse_public_key(&pk, der_data, der_size);
115 5 : if (ret != 0) {
116 0 : mbedtls_pk_free(&pk);
117 0 : return false;
118 : }
119 :
120 5 : if (mbedtls_pk_get_type(&pk) != MBEDTLS_PK_ECKEY) {
121 0 : mbedtls_pk_free(&pk);
122 0 : return false;
123 : }
124 :
125 5 : ecdh = allocate_zero_pool(sizeof(mbedtls_ecdh_context));
126 5 : if (ecdh == NULL) {
127 0 : mbedtls_pk_free(&pk);
128 0 : return false;
129 : }
130 5 : mbedtls_ecdh_init(ecdh);
131 :
132 5 : ret = mbedtls_ecdh_get_params(ecdh, mbedtls_pk_ec(pk),
133 : MBEDTLS_ECDH_OURS);
134 5 : if (ret != 0) {
135 0 : mbedtls_ecdh_free(ecdh);
136 0 : free_pool(ecdh);
137 0 : mbedtls_pk_free(&pk);
138 0 : return false;
139 : }
140 5 : mbedtls_pk_free(&pk);
141 :
142 5 : *ec_context = ecdh;
143 5 : return true;
144 : }
145 : #endif /* LIBSPDM_ECDSA_SUPPORT */
146 :
147 : #if (LIBSPDM_EDDSA_ED25519_SUPPORT) || (LIBSPDM_EDDSA_ED448_SUPPORT)
148 : /**
149 : * Retrieve the Ed Public key from the DER key data.
150 : *
151 : * The public key is ASN.1 DER-encoded as RFC7250 describes,
152 : * namely, the SubjectPublicKeyInfo structure of a X.509 certificate.
153 : *
154 : * @param[in] der_data Pointer to the DER-encoded key data to be retrieved.
155 : * @param[in] der_size size of the DER key data in bytes.
156 : * @param[out] ecd_context Pointer to newly generated Ed DSA context which contain the retrieved
157 : * Ed public key component. Use libspdm_ecd_free() function to free the
158 : * resource.
159 : *
160 : * If der_data is NULL, then return false.
161 : * If ecd_context is NULL, then return false.
162 : *
163 : * @retval true Ed Public key was retrieved successfully.
164 : * @retval false Invalid DER key data.
165 : *
166 : **/
167 : bool libspdm_ecd_get_public_key_from_der(const uint8_t *der_data,
168 : size_t der_size,
169 : void **ecd_context)
170 : {
171 : return false;
172 : }
173 : #endif /* (LIBSPDM_EDDSA_ED25519_SUPPORT) || (LIBSPDM_EDDSA_ED448_SUPPORT) */
174 :
175 : #if LIBSPDM_SM2_DSA_SUPPORT
176 : /**
177 : * Retrieve the sm2 Public key from the DER key data.
178 : *
179 : * The public key is ASN.1 DER-encoded as RFC7250 describes,
180 : * namely, the SubjectPublicKeyInfo structure of a X.509 certificate.
181 : *
182 : * @param[in] der_data Pointer to the DER-encoded key data to be retrieved.
183 : * @param[in] der_size size of the DER key data in bytes.
184 : * @param[out] sm2_context Pointer to newly generated sm2 context which contain the retrieved
185 : * sm2 public key component. Use sm2_free() function to free the
186 : * resource.
187 : *
188 : * If der_data is NULL, then return false.
189 : * If sm2_context is NULL, then return false.
190 : *
191 : * @retval true sm2 Public key was retrieved successfully.
192 : * @retval false Invalid DER key data.
193 : *
194 : **/
195 : bool libspdm_sm2_get_public_key_from_der(const uint8_t *der_data,
196 : size_t der_size,
197 : void **sm2_context)
198 : {
199 : return false;
200 : }
201 : #endif /* LIBSPDM_SM2_DSA_SUPPORT */
|
