Skip to content

Commit dfa5258

Browse files
sjaeckelsjaeckel
committed
update rsa_import_x509()
1 parent 5119e71 commit dfa5258

File tree

1 file changed

+16
-70
lines changed

1 file changed

+16
-70
lines changed

src/pk/rsa/rsa_import_x509.c

Lines changed: 16 additions & 70 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,15 @@
1515

1616
#ifdef LTC_MRSA
1717

18+
static int _rsa_decode(const unsigned char *in, unsigned long inlen, rsa_key *key)
19+
{
20+
/* now it should be SEQUENCE { INTEGER, INTEGER } */
21+
return der_decode_sequence_multi(in, inlen,
22+
LTC_ASN1_INTEGER, 1UL, key->N,
23+
LTC_ASN1_INTEGER, 1UL, key->e,
24+
LTC_ASN1_EOL, 0UL, NULL);
25+
}
26+
1827
/**
1928
Import an RSA key from a X.509 certificate
2029
@param in The packet to import from
@@ -25,9 +34,6 @@
2534
int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
2635
{
2736
int err;
28-
unsigned char *tmpbuf;
29-
unsigned long tmpbuf_len, tmp_inlen, len;
30-
ltc_asn1_list *decoded_list = NULL, *l;
3137

3238
LTC_ARGCHK(in != NULL);
3339
LTC_ARGCHK(key != NULL);
@@ -39,75 +45,15 @@ int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
3945
return err;
4046
}
4147

42-
tmpbuf_len = inlen;
43-
tmpbuf = XCALLOC(1, tmpbuf_len);
44-
if (tmpbuf == NULL) {
45-
err = CRYPT_MEM;
46-
goto LBL_ERR;
47-
}
48-
49-
tmp_inlen = inlen;
50-
if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) {
51-
l = decoded_list;
52-
/* Move 2 levels up in the tree
53-
SEQUENCE
54-
SEQUENCE
55-
...
56-
*/
57-
if (l->type == LTC_ASN1_SEQUENCE && l->child) {
58-
l = l->child;
59-
if (l->type == LTC_ASN1_SEQUENCE && l->child) {
60-
l = l->child;
61-
62-
err = CRYPT_ERROR;
63-
64-
/* Move forward in the tree until we find this combination
65-
...
66-
SEQUENCE
67-
SEQUENCE
68-
OBJECT IDENTIFIER 1.2.840.113549.1.1.1
69-
NULL
70-
BIT STRING
71-
*/
72-
do {
73-
/* The additional check for l->data is there to make sure
74-
* we won't try to decode a list that has been 'shrunk'
75-
*/
76-
if (l->type == LTC_ASN1_SEQUENCE && l->data && l->child &&
77-
l->child->type == LTC_ASN1_SEQUENCE && l->child->child &&
78-
l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && l->child->next &&
79-
l->child->next->type == LTC_ASN1_BIT_STRING) {
80-
len = 0;
81-
err = x509_decode_subject_public_key_info(l->data, l->size,
82-
PKA_RSA, tmpbuf, &tmpbuf_len,
83-
LTC_ASN1_NULL, NULL, &len);
84-
if (err == CRYPT_OK) {
85-
/* now it should be SEQUENCE { INTEGER, INTEGER } */
86-
if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len,
87-
LTC_ASN1_INTEGER, 1UL, key->N,
88-
LTC_ASN1_INTEGER, 1UL, key->e,
89-
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
90-
goto LBL_ERR;
91-
}
92-
key->type = PK_PUBLIC;
93-
err = CRYPT_OK;
94-
goto LBL_FREE;
95-
}
96-
}
97-
l = l->next;
98-
} while(l);
99-
}
100-
}
48+
if ((err = x509_decode_public_key_from_certificate(in, inlen,
49+
PKA_RSA, LTC_ASN1_NULL,
50+
NULL, NULL,
51+
(public_key_decode_cb)_rsa_decode, key)) != CRYPT_OK) {
52+
rsa_free(key);
53+
} else {
54+
key->type = PK_PUBLIC;
10155
}
10256

103-
104-
LBL_ERR:
105-
rsa_free(key);
106-
107-
LBL_FREE:
108-
if (decoded_list) der_free_sequence_flexi(decoded_list);
109-
if (tmpbuf != NULL) XFREE(tmpbuf);
110-
11157
return err;
11258
}
11359

0 commit comments

Comments
 (0)