Add support for more PEM file types + some fixes

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>

Author: sjaeckel

src/headers/tomcrypt_pk.h

@@ -30,6 +30,7 @@ enum ltc_pka_id {
    LTC_PKA_X25519,
    LTC_PKA_ED25519,
    LTC_PKA_DH,
+   LTC_PKA_NUM
 };
 
 enum public_key_type {

src/headers/tomcrypt_private.h

@@ -297,6 +297,7 @@ enum pem_flags {
    pf_encrypted = 0x01u,
    pf_pkcs8 = 0x02u,
    pf_public = 0x04u,
+   pf_x509 = 0x08u,
    pf_encrypted_pkcs8 = pf_encrypted | pf_pkcs8,
 };
 
@@ -568,14 +569,15 @@ int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned lo
                                             enum ltc_oid_id algorithm, ltc_asn1_type param_type,
                                             ltc_asn1_list* parameters, unsigned long *parameters_len,
                                             public_key_decode_cb callback, void *ctx);
+int x509_decode_spki(const unsigned char *in, unsigned long inlen, ltc_asn1_list **out, ltc_asn1_list **spki);
 
 /* SUBJECT PUBLIC KEY INFO */
 int x509_encode_subject_public_key_info(unsigned char *out, unsigned long *outlen,
-        unsigned int algorithm, const void* public_key, unsigned long public_key_len,
+        enum ltc_oid_id algorithm, const void* public_key, unsigned long public_key_len,
         ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long parameters_len);
 
 int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long inlen,
-        unsigned int algorithm, void* public_key, unsigned long* public_key_len,
+        enum ltc_oid_id algorithm, void *public_key, unsigned long *public_key_len,
         ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len);
 
 int pk_oid_cmp_with_ulong(const char *o1, const unsigned long *o2, unsigned long o2size);

src/misc/pem/pem.c

@@ -24,13 +24,27 @@ const struct pem_header_id pem_std_headers[] = {
      .has_more_headers = no,
      .flags = pf_pkcs8,
    },
+   {
+     /* X.509 Certificates */
+     SET_CSTR(.start, "-----BEGIN CERTIFICATE-----"),
+     SET_CSTR(.end, "-----END CERTIFICATE-----"),
+     .has_more_headers = no,
+     .flags = pf_x509,
+   },
    {
      /* Regular (plain) public keys */
      SET_CSTR(.start, "-----BEGIN PUBLIC KEY-----"),
      SET_CSTR(.end, "-----END PUBLIC KEY-----"),
      .has_more_headers = no,
      .flags = pf_public,
    },
+   {
+     SET_CSTR(.start, "-----BEGIN RSA PUBLIC KEY-----"),
+     SET_CSTR(.end, "-----END RSA PUBLIC KEY-----"),
+     .has_more_headers = no,
+     .pka = LTC_PKA_RSA,
+     .flags = pf_public,
+   },
    /* Regular plain or encrypted private keys */
    {
      SET_CSTR(.start, "-----BEGIN RSA PRIVATE KEY-----"),
@@ -55,6 +69,9 @@ const unsigned long pem_std_headers_num = sizeof(pem_std_headers)/sizeof(pem_std
 
 /* Encrypted PEM files */
 const struct str pem_proc_type_encrypted = { SET_CSTR(, "Proc-Type: 4,ENCRYPTED") };
+#if defined(LTC_SSH)
+const struct str pem_ssh_comment = { SET_CSTR(, "Comment: ") };
+#endif
 const struct str pem_dek_info_start = { SET_CSTR(, "DEK-Info: ") };
 const struct blockcipher_info pem_dek_infos[] =
    {

src/misc/pem/pem_pkcs.c

@@ -45,6 +45,71 @@ static int s_decrypt_pem(unsigned char *pem, unsigned long *l, const struct pem_
    return err;
 }
 
+static int s_get_pka(ltc_asn1_list *pub, enum ltc_pka_id *pka)
+{
+   der_flexi_check flexi_should[4];
+   ltc_asn1_list *seqid, *id;
+   enum ltc_oid_id oid_id;
+   int err;
+   unsigned long n = 0;
+   LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_SEQUENCE, &seqid);
+   LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_BIT_STRING, NULL);
+   LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
+   if ((err = der_flexi_sequence_cmp(pub, flexi_should)) != CRYPT_OK) {
+      return err;
+   }
+   n = 0;
+   LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_OBJECT_IDENTIFIER, &id);
+   LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
+   err = der_flexi_sequence_cmp(seqid, flexi_should);
+   if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) {
+      return err;
+   }
+   if ((err = pk_get_oid_from_asn1(id, &oid_id)) != CRYPT_OK) {
+      return err;
+   }
+   return pk_get_pka_id(oid_id, pka);
+}
+
+typedef int (*import_fn)(const unsigned char *, unsigned long, void*);
+
+static import_fn s_import_x509_fns[LTC_PKA_NUM] = {
+#ifdef LTC_MRSA
+                                                [LTC_PKA_RSA] = (import_fn)rsa_import_x509,
+#endif
+#ifdef LTC_MECC
+                                                [LTC_PKA_EC] = (import_fn)ecc_import_x509,
+#endif
+#ifdef LTC_CURVE25519
+                                                [LTC_PKA_X25519] = (import_fn)x25519_import_x509,
+                                                [LTC_PKA_ED25519] = (import_fn)ed25519_import_x509,
+#endif
+};
+
+static int s_import_x509(unsigned char *pem, unsigned long l, ltc_pka_key *k)
+{
+   enum ltc_pka_id pka = LTC_PKA_UNDEF;
+   ltc_asn1_list *d, *spki;
+   int err;
+   if ((err = x509_decode_spki(pem, l, &d, &spki)) != CRYPT_OK) {
+      return err;
+   }
+   err = s_get_pka(spki, &pka);
+   der_free_sequence_flexi(d);
+   if (err != CRYPT_OK) {
+      return err;
+   }
+   if (pka < 0
+         || pka > sizeof(s_import_x509_fns)/sizeof(s_import_x509_fns[0])
+         || s_import_x509_fns[pka] == NULL) {
+      return CRYPT_PK_INVALID_TYPE;
+   }
+   if ((err = s_import_x509_fns[pka](pem, l, &k->u)) == CRYPT_OK) {
+      k->id = pka;
+   }
+   return err;
+}
+
 static int s_import_pkcs8(unsigned char *pem, unsigned long l, ltc_pka_key *k, const password_ctx *pw_ctx)
 {
    int err;
@@ -103,16 +168,41 @@ static int s_import_pkcs8(unsigned char *pem, unsigned long l, ltc_pka_key *k, c
    return err;
 }
 
+int s_extract_pka(unsigned char *pem, unsigned long w, enum ltc_pka_id *pka)
+{
+   ltc_asn1_list *pub;
+   int err = CRYPT_ERROR;
+   if ((err = der_decode_sequence_flexi(pem, &w, &pub)) != CRYPT_OK) {
+      return err;
+   }
+   err = s_get_pka(pub, pka);
+   der_sequence_free(pub);
+   return err;
+}
+
+static import_fn s_import_openssl_fns[LTC_PKA_NUM] = {
+#ifdef LTC_MRSA
+                                                [LTC_PKA_RSA] = (import_fn)rsa_import,
+#endif
+#ifdef LTC_MDSA
+                                                [LTC_PKA_DSA] = (import_fn)dsa_import,
+#endif
+#ifdef LTC_MECC
+                                                [LTC_PKA_EC] = (import_fn)ecc_import_openssl,
+#endif
+#ifdef LTC_CURVE25519
+                                                [LTC_PKA_X25519] = (import_fn)x25519_import,
+                                                [LTC_PKA_ED25519] = (import_fn)ed25519_import,
+#endif
+};
+
 static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_ctx)
 {
    unsigned char *pem = NULL;
    unsigned long w, l, n;
    int err = CRYPT_ERROR;
    struct pem_headers hdr = { 0 };
    struct password pw;
-   ltc_asn1_list *pub = NULL, *seqid, *id;
-   der_flexi_check flexi_should[4];
-   enum ltc_oid_id oid_id;
    enum ltc_pka_id pka;
    XMEMSET(k, 0, sizeof(*k));
    w = LTC_PEM_READ_BUFSIZE * 2;
@@ -135,28 +225,11 @@ static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_c
    if (hdr.id->flags & pf_pkcs8) {
       err = s_import_pkcs8(pem, l, k, pw_ctx);
       goto cleanup;
-   } else if (hdr.id->flags & pf_public) {
-      if ((err = der_decode_sequence_flexi(pem, &w, &pub)) != CRYPT_OK) {
-         goto cleanup;
-      }
-      n = 0;
-      LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_SEQUENCE, &seqid);
-      LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_BIT_STRING, NULL);
-      LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
-      if ((err = der_flexi_sequence_cmp(pub, flexi_should)) != CRYPT_OK) {
-         goto cleanup;
-      }
-      n = 0;
-      LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_OBJECT_IDENTIFIER, &id);
-      LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
-      err = der_flexi_sequence_cmp(seqid, flexi_should);
-      if (err != CRYPT_OK && err != CRYPT_INPUT_TOO_LONG) {
-         goto cleanup;
-      }
-      if ((err = pk_get_oid_from_asn1(id, &oid_id)) != CRYPT_OK) {
-         goto cleanup;
-      }
-      if ((err = pk_get_pka_id(oid_id, &pka)) != CRYPT_OK) {
+   } else if (hdr.id->flags == pf_x509) {
+      err = s_import_x509(pem, l, k);
+      goto cleanup;
+   } else if ((hdr.id->flags & pf_public) && hdr.id->pka == LTC_PKA_UNDEF) {
+      if ((err = s_extract_pka(pem, w, &pka)) != CRYPT_OK) {
          goto cleanup;
       }
    } else if (hdr.encrypted) {
@@ -178,44 +251,18 @@ static int s_decode(struct get_char *g, ltc_pka_key *k, const password_ctx *pw_c
    } else {
       pka = hdr.id->pka;
    }
-   switch (pka) {
-#ifdef LTC_MDSA
-      case LTC_OID_DSA:
-         err = dsa_import(pem, l, &k->u.dsa);
-         k->id = LTC_PKA_DSA;
-         break;
-#endif
-#ifdef LTC_MRSA
-      case LTC_OID_RSA:
-         err = rsa_import(pem, l, &k->u.rsa);
-         k->id = LTC_PKA_RSA;
-         break;
-#endif
-#ifdef LTC_MECC
-      case LTC_OID_EC:
-         err = ecc_import_openssl(pem, l, &k->u.ecc);
-         k->id = LTC_PKA_EC;
-         break;
-#endif
-#ifdef LTC_CURVE25519
-      case LTC_PKA_ED25519:
-         err = ed25519_import(pem, l, &k->u.ed25519);
-         k->id = LTC_PKA_ED25519;
-         break;
-      case LTC_PKA_X25519:
-         err = x25519_import(pem, l, &k->u.x25519);
-         k->id = LTC_PKA_X25519;
-         break;
-#endif
-      default:
-         err = CRYPT_PK_INVALID_TYPE;
-         goto cleanup;
+
+   if (pka < 0
+         || pka > sizeof(s_import_openssl_fns)/sizeof(s_import_openssl_fns[0])
+         || s_import_openssl_fns[pka] == NULL) {
+      err = CRYPT_PK_INVALID_TYPE;
+      goto cleanup;
+   }
+   if ((err = s_import_openssl_fns[pka](pem, l, &k->u)) == CRYPT_OK) {
+      k->id = pka;
    }
 
 cleanup:
-   if (pub) {
-      der_sequence_free(pub);
-   }
    if (hdr.pw) {
       zeromem(hdr.pw->pw, hdr.pw->l);
       XFREE(hdr.pw->pw);

src/misc/pem/pem_read.c

@@ -10,6 +10,9 @@
 #ifdef LTC_PEM
 
 extern const struct str pem_proc_type_encrypted;
+#ifdef LTC_SSH
+extern const struct str pem_ssh_comment;
+#endif
 extern const struct str pem_dek_info_start;
 extern const struct blockcipher_info pem_dek_infos[];
 extern const unsigned long pem_dek_infos_num;
@@ -107,7 +110,10 @@ static int s_pem_decode_headers(struct pem_headers *hdr, struct get_char *g)
       switch (has_more_headers) {
          case 3:
             if (XMEMCMP(buf, pem_proc_type_encrypted.p, pem_proc_type_encrypted.len)) {
-               s_unget_line(buf, slen, g);
+#ifdef LTC_SSH
+               if (XMEMCMP(buf, pem_ssh_comment.p, pem_ssh_comment.len))
+#endif
+                  s_unget_line(buf, slen, g);
                if (hdr->id->has_more_headers == maybe)
                   return CRYPT_OK;
                else