Refactor SubjectPublicKeyInfo import

Slightly minimize both space and time when importing a
SubjectPublicKeyInfo. Time for ECC keys stays the same.

Those tests were done with X.509 support already available, but later these
commits were split up to be independent of the X.509 feature.

Running the entire set of pem files through `x509_verify` via [0]
resp. the timing app via [1] resulted in the following data:

Before this patch:

[0]
```
==1031519== HEAP SUMMARY:
==1031519==     in use at exit: 0 bytes in 0 blocks
==1031519==   total heap usage: 424,057 allocs, 424,057 frees, 73,527,730 bytes allocated
```

[1]
```
x509 cert-rsa-pss.pem    :     50021 cycles
x509 LTC_CA.pem          :     10335 cycles
x509 LTC_S0.pem          :     47284 cycles
x509 LTC_SS0.pem         :     36687 cycles
x509 secp384r1.pem       :   1985416 cycles
x509 secp521r1.pem       :   3287773 cycles
x509 LTC_SSS0.pem        :     25086 cycles
x509 secp224r1.pem       :    775807 cycles
```

After this patch:

[0]
```
==1043548== HEAP SUMMARY:
==1043548==     in use at exit: 0 bytes in 0 blocks
==1043548==   total heap usage: 337,244 allocs, 337,244 frees, 65,047,463 bytes allocated
```

[1]
```
x509 cert-rsa-pss.pem    :     32568 cycles
x509 LTC_CA.pem          :      5478 cycles
x509 LTC_S0.pem          :     36093 cycles
x509 LTC_SS0.pem         :     23351 cycles
x509 secp384r1.pem       :   1984030 cycles
x509 secp521r1.pem       :   3303396 cycles
x509 LTC_SSS0.pem        :     13220 cycles
x509 secp224r1.pem       :    781534 cycles
```

[0] find tests/x509 -name '*.pem' -exec valgrind --leak-check=full --show-leak-kinds=all './x509_verify' {} \+
[1] ./timing x509

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>

Author: sjaeckel

src/headers/tomcrypt_private.h

@@ -426,6 +426,8 @@ int rsa_make_key_bn_e(prng_state *prng, int wprng, int size, void *e,
                       rsa_key *key); /* used by op-tee */
 int rsa_import_pkcs1(const unsigned char *in, unsigned long inlen, rsa_key *key);
 int rsa_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, rsa_key *key);
+int rsa_import_spki(const unsigned char *in, unsigned long inlen, rsa_key *key);
+int rsa_decode_parameters(const ltc_asn1_list *parameters, ltc_rsa_parameters *rsa_params);
 #endif /* LTC_MRSA */
 
 /* ---- DH Routines ---- */
@@ -533,8 +535,8 @@ int dsa_int_validate(const dsa_key *key, int *stat);
 int dsa_int_validate_xy(const dsa_key *key, int *stat);
 int dsa_int_validate_pqg(const dsa_key *key, int *stat);
 int dsa_int_validate_primes(const dsa_key *key, int *stat);
-int dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key);
 int dsa_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, dsa_key *key);
+int dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key);
 #endif /* LTC_MDSA */
 
 
@@ -649,17 +651,17 @@ int der_teletex_value_decode(int v);
 
 int der_utf8_valid_char(const wchar_t c);
 
-typedef int (*public_key_decode_cb)(const unsigned char *in, unsigned long inlen, void *ctx);
+typedef int (*public_key_decode_cb)(const unsigned char *in, unsigned long inlen, void *key);
 
 int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned long inlen,
                                             enum ltc_oid_id algorithm, ltc_asn1_type param_type,
                                             ltc_asn1_list* parameters, unsigned long *parameters_len,
-                                            public_key_decode_cb callback, void *ctx);
+                                            public_key_decode_cb callback, void *key);
 int x509_decode_spki(const unsigned char *in, unsigned long inlen, ltc_asn1_list **out, const ltc_asn1_list **spki);
 int x509_process_public_key_from_spki(const unsigned char *in, unsigned long inlen,
                                       enum ltc_oid_id algorithm, ltc_asn1_type param_type,
                                       ltc_asn1_list* parameters, unsigned long *parameters_len,
-                                      public_key_decode_cb callback, void *ctx);
+                                      public_key_decode_cb callback, void *key);
 
 /* SUBJECT PUBLIC KEY INFO */
 int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen,

src/pk/asn1/x509/x509_decode_public_key_from_certificate.c

@@ -24,7 +24,7 @@
 int x509_process_public_key_from_spki(const unsigned char *in, unsigned long inlen,
                                       enum ltc_oid_id algorithm, ltc_asn1_type param_type,
                                       ltc_asn1_list* parameters, unsigned long *parameters_len,
-                                      public_key_decode_cb callback, void *ctx)
+                                      public_key_decode_cb callback, void *key)
 {
    int err;
    unsigned char *tmpbuf = NULL;
@@ -34,7 +34,7 @@ int x509_process_public_key_from_spki(const unsigned char *in, unsigned long inl
    LTC_ARGCHK(callback  != NULL);
 
    if (algorithm == LTC_OID_EC) {
-      err = callback(in, inlen, ctx);
+      err = callback(in, inlen, key);
    } else {
 
       tmpbuf_len = inlen;
@@ -47,7 +47,7 @@ int x509_process_public_key_from_spki(const unsigned char *in, unsigned long inl
                                                 algorithm, tmpbuf, &tmpbuf_len,
                                                 param_type, parameters, parameters_len);
       if (err == CRYPT_OK) {
-         err = callback(tmpbuf, tmpbuf_len, ctx);
+         err = callback(tmpbuf, tmpbuf_len, key);
       }
    }
 
@@ -73,7 +73,7 @@ int x509_process_public_key_from_spki(const unsigned char *in, unsigned long inl
 int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned long inlen,
                                             enum ltc_oid_id algorithm, ltc_asn1_type param_type,
                                             ltc_asn1_list* parameters, unsigned long *parameters_len,
-                                            public_key_decode_cb callback, void *ctx)
+                                            public_key_decode_cb callback, void *key)
 {
    int err;
    ltc_asn1_list *decoded_list;
@@ -90,7 +90,7 @@ int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned lo
    err = x509_process_public_key_from_spki(spki->data, spki->size,
                                            algorithm, param_type,
                                            parameters, parameters_len,
-                                           callback, ctx);
+                                           callback, key);
 
    if (decoded_list) der_free_sequence_flexi(decoded_list);
 

src/pk/asn1/x509/x509_import_spki.c

@@ -9,22 +9,48 @@
 
 #ifdef LTC_DER
 
-typedef int (*import_fn)(const unsigned char *, unsigned long, void*);
+typedef int (*import_fn)(const unsigned char *, unsigned long, void *);
 
-static const import_fn s_import_x509_fns[LTC_PKA_NUM] = {
+#ifdef LTC_CURVE25519
+static int s_x25519_import_pub(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x25519_import_raw(in, inlen, PK_PUBLIC, key);
+}
+static int s_x25519_import_spki(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_X25519,
+                                            LTC_ASN1_EOL, NULL, NULL,
+                                            s_x25519_import_pub, key);
+}
+
+static int s_ed25519_import_pub(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return ed25519_import_raw(in, inlen, PK_PUBLIC, key);
+}
+static int s_ed25519_import_spki(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_ED25519,
+                                            LTC_ASN1_EOL, NULL, NULL,
+                                            s_ed25519_import_pub, key);
+}
+#endif
+
+static const import_fn s_import_spki_fns[LTC_PKA_NUM] = {
 #ifdef LTC_MRSA
-                                                [LTC_PKA_RSA] = (import_fn)rsa_import_x509,
-                                                [LTC_PKA_RSA_PSS] = (import_fn)rsa_import_x509,
+                                                [LTC_PKA_RSA] = (import_fn)rsa_import_spki,
+                                                [LTC_PKA_RSA_PSS] = (import_fn)rsa_import_spki,
 #endif
 #ifdef LTC_MDSA
-                                                [LTC_PKA_DSA] = (import_fn)dsa_import,
+                                                [LTC_PKA_DSA] = (import_fn)dsa_import_spki,
 #endif
 #ifdef LTC_MECC
-                                                [LTC_PKA_EC] = (import_fn)ecc_import_x509,
+                                                [LTC_PKA_EC] = (import_fn)ecc_import_subject_public_key_info,
 #endif
 #ifdef LTC_CURVE25519
-                                                [LTC_PKA_X25519] = (import_fn)x25519_import_x509,
-                                                [LTC_PKA_ED25519] = (import_fn)ed25519_import_x509,
+                                                [LTC_PKA_X25519] = (import_fn)s_x25519_import_spki,
+                                                [LTC_PKA_ED25519] = (import_fn)s_ed25519_import_spki,
 #endif
 };
 
@@ -41,12 +67,12 @@ int x509_import_spki(const unsigned char *asn1_cert, unsigned long asn1_len, ltc
       goto err_out;
    }
    if (pka < 0
-         || pka > LTC_ARRAY_SIZE(s_import_x509_fns)
-         || s_import_x509_fns[pka] == NULL) {
+         || pka > LTC_ARRAY_SIZE(s_import_spki_fns)
+         || s_import_spki_fns[pka] == NULL) {
       err = CRYPT_PK_INVALID_TYPE;
       goto err_out;
    }
-   if ((err = s_import_x509_fns[pka](asn1_cert, asn1_len, &k->u)) == CRYPT_OK) {
+   if ((err = s_import_spki_fns[pka](spki->data, spki->size, &k->u)) == CRYPT_OK) {
       k->id = pka;
    }
 err_out:

src/pk/dsa/dsa_import.c

@@ -9,7 +9,7 @@
 
 #ifdef LTC_MDSA
 
-int dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key)
+static int s_dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int           err;
    unsigned long zero = 0;
@@ -33,14 +33,32 @@ static int s_dsa_import_y(const unsigned char *in, unsigned long inlen, dsa_key
    return der_decode_integer(in, inlen, key->y);
 }
 
-LTC_INLINE static int s_dsa_set_params(dsa_key *key, ltc_asn1_list *params)
+static LTC_INLINE int s_dsa_set_params(dsa_key *key, ltc_asn1_list *params)
 {
    LTC_SET_ASN1(params, 0, LTC_ASN1_INTEGER, key->p, 1UL);
    LTC_SET_ASN1(params, 1, LTC_ASN1_INTEGER, key->q, 1UL);
    LTC_SET_ASN1(params, 2, LTC_ASN1_INTEGER, key->g, 1UL);
    return 3;
 }
 
+static LTC_INLINE int s_dsa_validate(dsa_key *key)
+{
+   int           err, stat;
+   key->qord = ltc_mp_unsigned_bin_size(key->q);
+
+   /* quick p, q, g validation, without primality testing
+    * + x, y validation */
+   if ((err = dsa_int_validate(key, &stat)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (stat == 0) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   return CRYPT_OK;
+}
+
 static int s_dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int err;
@@ -72,6 +90,28 @@ static int s_dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_k
    return err;
 }
 
+int dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key)
+{
+   int           err;
+
+   LTC_ARGCHK(in  != NULL);
+
+   /* init key */
+   if ((err = dsa_int_init(key)) != CRYPT_OK) return err;
+
+   if ((err = s_dsa_import_spki(in, inlen, key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+   if ((err = s_dsa_validate(key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   return CRYPT_OK;
+LBL_ERR:
+   dsa_free(key);
+   return err;
+}
+
 static int s_dsa_import_x509(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int err;
@@ -100,7 +140,7 @@ static int s_dsa_import_x509(const unsigned char *in, unsigned long inlen, dsa_k
 */
 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
-   int           err, stat;
+   int           err;
    unsigned char flags[1];
 
    LTC_ARGCHK(in  != NULL);
@@ -148,26 +188,18 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
        }
    }
 
-   if (dsa_import_pkcs1(in, inlen, key) == CRYPT_OK) {
+   if (s_dsa_import_pkcs1(in, inlen, key) == CRYPT_OK) {
       goto LBL_OK;
    }
-   if ((err = s_dsa_import_spki(in, inlen, key)) == CRYPT_OK) {
+   if (s_dsa_import_spki(in, inlen, key) == CRYPT_OK) {
       goto LBL_OK;
    }
    if ((err = s_dsa_import_x509(in, inlen, key)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
 LBL_OK:
-   key->qord = ltc_mp_unsigned_bin_size(key->q);
-
-   /* quick p, q, g validation, without primality testing
-    * + x, y validation */
-   if ((err = dsa_int_validate(key, &stat)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-   if (stat == 0) {
-      err = CRYPT_INVALID_PACKET;
+   if ((err = s_dsa_validate(key)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 

src/pk/rsa/rsa_import.c

@@ -99,23 +99,18 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
    LTC_ARGCHK(key         != NULL);
    LTC_ARGCHK(ltc_mp.name != NULL);
 
-   if ((err = rsa_import_x509(in, inlen, key)) == CRYPT_OK) { /* SubjectPublicKeyInfo format */
+   /* SubjectPublicKeyInfo or X.509 certificate format */
+   if (rsa_import_x509(in, inlen, key) == CRYPT_OK) {
       return CRYPT_OK;
    }
 
    /* init key */
    if ((err = rsa_init(key)) != CRYPT_OK) {
       return err;
    }
-
-   if ((err = x509_process_public_key_from_spki(in, inlen,
-                                                LTC_OID_RSA,
-                                                LTC_ASN1_NULL, NULL, NULL,
-                                                (public_key_decode_cb)s_rsa_decode, key)) != CRYPT_OK) {
-      /* not SSL public key, try to match against PKCS #1 standards */
-      if ((err = rsa_import_pkcs1(in, inlen, key)) != CRYPT_OK) {
-         rsa_free(key);
-      }
+   /* Try to match against PKCS #1 standards */
+   if ((err = rsa_import_pkcs1(in, inlen, key)) != CRYPT_OK) {
+      rsa_free(key);
    }
 
    return err;