pkcs8_key_format.c
Go to the documentation of this file.
1 /**
2  * @file pkcs8_key_format.c
3  * @brief PKCS #8 key formatting
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.4
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkix/pkcs8_key_format.h"
37 #include "pkix/x509_key_format.h"
38 #include "encoding/asn1.h"
39 #include "encoding/oid.h"
40 #include "debug.h"
41 
42 //Check crypto library configuration
43 #if (PEM_SUPPORT == ENABLED)
44 
45 
46 /**
47  * @brief Format an RSA private key
48  * @param[in] privateKey Pointer to the RSA private key
49  * @param[out] output Buffer where to store the ASN.1 structure
50  * @param[out] written Length of the resulting ASN.1 structure
51  * @return Error code
52  **/
53 
54 error_t pkcs8FormatRsaPrivateKey(const RsaPrivateKey *privateKey,
55  uint8_t *output, size_t *written)
56 {
57  error_t error;
58  size_t n;
59  Asn1Tag tag;
60 
61  //Export the RSA private key to ASN.1 format
62  error = x509ExportRsaPrivateKey(privateKey, output, &n);
63  //Any error to report?
64  if(error)
65  return error;
66 
67  //The RSAPrivateKey structure is encapsulated within an octet string
68  tag.constructed = FALSE;
69  tag.objClass = ASN1_CLASS_UNIVERSAL;
70  tag.objType = ASN1_TYPE_OCTET_STRING;
71  tag.length = n;
72  tag.value = output;
73 
74  //Write PrivateKey structure
75  error = asn1WriteTag(&tag, FALSE, output, &n);
76  //Any error to report?
77  if(error)
78  return error;
79 
80  //Total number of bytes that have been written
81  *written = tag.totalLength;
82 
83  //Successful processing
84  return NO_ERROR;
85 }
86 
87 
88 /**
89  * @brief Format a DSA private key
90  * @param[in] privateKey Pointer to the RSA private key
91  * @param[out] output Buffer where to store the ASN.1 structure
92  * @param[out] written Length of the resulting ASN.1 structure
93  * @return Error code
94  **/
95 
96 error_t pkcs8FormatDsaPrivateKey(const DsaPrivateKey *privateKey,
97  uint8_t *output, size_t *written)
98 {
99  error_t error;
100  size_t n;
101  Asn1Tag tag;
102 
103  //Export the DSA private key to ASN.1 format
104  error = x509ExportDsaPrivateKey(privateKey, output, &n);
105  //Any error to report?
106  if(error)
107  return error;
108 
109  //The DSAPrivateKey structure is encapsulated within an octet string
110  tag.constructed = FALSE;
111  tag.objClass = ASN1_CLASS_UNIVERSAL;
112  tag.objType = ASN1_TYPE_OCTET_STRING;
113  tag.length = n;
114  tag.value = output;
115 
116  //Write PrivateKey structure
117  error = asn1WriteTag(&tag, FALSE, output, &n);
118  //Any error to report?
119  if(error)
120  return error;
121 
122  //Total number of bytes that have been written
123  *written = tag.totalLength;
124 
125  //Successful processing
126  return NO_ERROR;
127 }
128 
129 
130 /**
131  * @brief Format an EC private key
132  * @param[in] curveInfo Elliptic curve parameters
133  * @param[in] privateKey EC private key
134  * @param[in] publicKey EC public key (optional parameter)
135  * @param[out] output Buffer where to format the ASN.1 structure
136  * @param[out] written Length of the resulting ASN.1 structure
137  * @return Error code
138  **/
139 
140 error_t pkcs8FormatEcPrivateKey(const EcCurveInfo *curveInfo,
141  const EcPrivateKey *privateKey, const EcPublicKey *publicKey,
142  uint8_t *output, size_t *written)
143 {
144  error_t error;
145  size_t n;
146  size_t length;
147  uint8_t *p;
148  Asn1Tag tag;
149 
150  //Point to the buffer where to write the ASN.1 structure
151  p = output;
152  //Length of the ASN.1 structure
153  length = 0;
154 
155  //Format Version field (refer to RFC 5915, section 3)
156  error = asn1WriteInt32(1, FALSE, p, &n);
157  //Any error to report?
158  if(error)
159  return error;
160 
161  //Update the length of the ECPrivateKey structure
162  length += n;
163 
164  //If the output parameter is NULL, then the function calculates the
165  //length of the resulting PEM file without copying any data
166  if(output != NULL)
167  {
168  //Advance data pointer
169  p += n;
170 
171  //Write the EC private key
172  error = mpiWriteRaw(&privateKey->d, p, curveInfo->pLen);
173  //Any error to report?
174  if(error)
175  return error;
176  }
177 
178  //Format PrivateKey field
179  tag.constructed = FALSE;
180  tag.objClass = ASN1_CLASS_UNIVERSAL;
181  tag.objType = ASN1_TYPE_OCTET_STRING;
182  tag.length = curveInfo->pLen;
183  tag.value = p;
184 
185  //Write the corresponding ASN.1 tag
186  error = asn1WriteTag(&tag, FALSE, p, &n);
187  //Any error to report?
188  if(error)
189  return error;
190 
191  //Update the length of the ECPrivateKey structure
192  n = tag.totalLength;
193  length += n;
194 
195  //Advance data pointer
196  if(output != NULL)
197  p += n;
198 
199  //The public key is optional
200  if(publicKey != NULL)
201  {
202  //Format PublicKey field
203  error = pkcs8FormatEcPublicKey(curveInfo, publicKey, p, &n);
204  //Any error to report?
205  if(error)
206  return error;
207 
208  //Update the length of the ECPrivateKey structure
209  length += n;
210 
211  //Advance data pointer
212  if(output != NULL)
213  p += n;
214  }
215 
216  //Format ECPrivateKey field
217  tag.constructed = TRUE;
218  tag.objClass = ASN1_CLASS_UNIVERSAL;
219  tag.objType = ASN1_TYPE_SEQUENCE;
220  tag.length = length;
221  tag.value = output;
222 
223  //Write the corresponding ASN.1 tag
224  error = asn1WriteTag(&tag, FALSE, output, &n);
225  //Any error to report?
226  if(error)
227  return error;
228 
229  //Get the length of the ECPrivateKey structure
230  n = tag.totalLength;
231 
232  //The PrivateKey field is an octet string whose contents are the value
233  //of the private key
234  tag.constructed = FALSE;
235  tag.objClass = ASN1_CLASS_UNIVERSAL;
236  tag.objType = ASN1_TYPE_OCTET_STRING;
237  tag.length = n;
238  tag.value = output;
239 
240  //Write the corresponding ASN.1 tag
241  error = asn1WriteTag(&tag, FALSE, output, &n);
242  //Any error to report?
243  if(error)
244  return error;
245 
246  //Total number of bytes that have been written
247  *written = tag.totalLength;
248 
249  //Successful processing
250  return NO_ERROR;
251 }
252 
253 
254 /**
255  * @brief Format an EC public key
256  * @param[in] curveInfo Elliptic curve parameters
257  * @param[in] publicKey EC public key
258  * @param[out] output Buffer where to format the ASN.1 structure
259  * @param[out] written Length of the resulting ASN.1 structure
260  * @return Error code
261  **/
262 
263 error_t pkcs8FormatEcPublicKey(const EcCurveInfo *curveInfo,
264  const EcPublicKey *publicKey, uint8_t *output, size_t *written)
265 {
266 #if (EC_SUPPORT == ENABLED)
267  error_t error;
268  size_t n;
269  EcDomainParameters params;
270  Asn1Tag tag;
271 
272  //Initialize EC domain parameters
273  ecInitDomainParameters(&params);
274 
275  //The bit string shall contain an initial octet which encodes the number
276  //of unused bits in the final subsequent octet
277  output[0] = 0;
278 
279  //Load EC domain parameters
280  error = ecLoadDomainParameters(&params, curveInfo);
281 
282  //Check status code
283  if(!error)
284  {
285  //Format ECPublicKey structure
286  error = ecExport(&params, &publicKey->q, output + 1, &n);
287  }
288 
289  //Check status code
290  if(!error)
291  {
292  //The public key is encapsulated within a bit string
293  tag.constructed = FALSE;
294  tag.objClass = ASN1_CLASS_UNIVERSAL;
295  tag.objType = ASN1_TYPE_BIT_STRING;
296  tag.length = n + 1;
297  tag.value = output;
298 
299  //Write the corresponding ASN.1 tag
300  error = asn1WriteTag(&tag, FALSE, output, &n);
301  }
302 
303  //Check status code
304  if(!error)
305  {
306  //Explicit tagging shall be used to encode the public key
307  tag.constructed = TRUE;
308  tag.objClass = ASN1_CLASS_CONTEXT_SPECIFIC;
309  tag.objType = 1;
310  tag.length = n;
311  tag.value = output;
312 
313  //Write the corresponding ASN.1 tag
314  error = asn1WriteTag(&tag, FALSE, output, written);
315  }
316 
317  //Release EC domain parameters
318  ecFreeDomainParameters(&params);
319 
320  //Return status code
321  return error;
322 #else
323  //Not implemented
324  return ERROR_NOT_IMPLEMENTED;
325 #endif
326 }
327 
328 
329 /**
330  * @brief Format an EdDSA private key
331  * @param[in] curveInfo Elliptic curve parameters
332  * @param[in] privateKey EdDSA private key
333  * @param[out] output Buffer where to format the ASN.1 structure
334  * @param[out] written Length of the resulting ASN.1 structure
335  * @return Error code
336  **/
337 
338 error_t pkcs8FormatEddsaPrivateKey(const EcCurveInfo *curveInfo,
339  const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written)
340 {
341  error_t error;
342  size_t n;
343  Asn1Tag tag;
344 
345  //Length of the ASN.1 structure
346  n = 0;
347 
348 #if (ED25519_SUPPORT == ENABLED)
349  //Ed25519 curve identifier?
350  if(!oidComp(curveInfo->oid, curveInfo->oidSize, ED25519_OID,
351  sizeof(ED25519_OID)))
352  {
353  //Export the EdDSA private key to ASN.1 format
354  error = x509ExportEddsaPrivateKey(privateKey, ED25519_PRIVATE_KEY_LEN,
355  output, &n);
356  }
357  else
358 #endif
359 #if (ED448_SUPPORT == ENABLED)
360  //Ed448 curve identifier?
361  if(!oidComp(curveInfo->oid, curveInfo->oidSize, ED448_OID,
362  sizeof(ED448_OID)))
363  {
364  //Export the EdDSA private key to ASN.1 format
365  error = x509ExportEddsaPrivateKey(privateKey, ED448_PRIVATE_KEY_LEN,
366  output, &n);
367  }
368  else
369 #endif
370  //Unknown curve identifier?
371  {
372  //Report an error
373  error = ERROR_INVALID_PARAMETER;
374  }
375 
376  //Any error to report?
377  if(error)
378  return error;
379 
380  //The CurvePrivateKey structure is encapsulated within an octet string
381  tag.constructed = FALSE;
382  tag.objClass = ASN1_CLASS_UNIVERSAL;
383  tag.objType = ASN1_TYPE_OCTET_STRING;
384  tag.length = n;
385  tag.value = output;
386 
387  //Write PrivateKey structure
388  error = asn1WriteTag(&tag, FALSE, output, &n);
389  //Any error to report?
390  if(error)
391  return error;
392 
393  //Total number of bytes that have been written
394  *written = tag.totalLength;
395 
396  //Successful processing
397  return NO_ERROR;
398 }
399 
400 #endif
pkcs8_key_format.h
PKCS #8 key formatting.
pkcs8FormatEcPrivateKey
error_t pkcs8FormatEcPrivateKey(const EcCurveInfo *curveInfo, const EcPrivateKey *privateKey, const EcPublicKey *publicKey, uint8_t *output, size_t *written)
Format an EC private key.
Definition: pkcs8_key_format.c:140
ERROR_NOT_IMPLEMENTED
@ ERROR_NOT_IMPLEMENTED
Definition: error.h:66
ecInitDomainParameters
void ecInitDomainParameters(EcDomainParameters *params)
Initialize EC domain parameters.
Definition: ec.c:51
oid.h
OID (Object Identifier)
p
uint8_t p
Definition: ndp.h:300
TRUE
#define TRUE
Definition: os_port.h:50
pkcs8FormatEcPublicKey
error_t pkcs8FormatEcPublicKey(const EcCurveInfo *curveInfo, const EcPublicKey *publicKey, uint8_t *output, size_t *written)
Format an EC public key.
Definition: pkcs8_key_format.c:263
x509ExportEddsaPrivateKey
error_t x509ExportEddsaPrivateKey(const EddsaPrivateKey *privateKey, size_t privateKeyLen, uint8_t *output, size_t *written)
Export an EdDSA private key to ASN.1 format.
Definition: x509_key_format.c:1152
EcPrivateKey::d
Mpi d
Private key.
Definition: ec.h:105
mpiWriteRaw
#define mpiWriteRaw(a, data, length)
Definition: crypto_legacy.h:36
pkcs8FormatRsaPrivateKey
error_t pkcs8FormatRsaPrivateKey(const RsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Format an RSA private key.
Definition: pkcs8_key_format.c:54
EcCurveInfo::oid
const uint8_t * oid
Object identifier.
Definition: ec_curves.h:304
EcDomainParameters
EC domain parameters.
Definition: ec.h:76
pkcs8FormatDsaPrivateKey
error_t pkcs8FormatDsaPrivateKey(const DsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Format a DSA private key.
Definition: pkcs8_key_format.c:96
ecFreeDomainParameters
void ecFreeDomainParameters(EcDomainParameters *params)
Release EC domain parameters.
Definition: ec.c:72
ED25519_PRIVATE_KEY_LEN
#define ED25519_PRIVATE_KEY_LEN
Definition: ed25519.h:40
oidComp
int_t oidComp(const uint8_t *oid1, size_t oidLen1, const uint8_t *oid2, size_t oidLen2)
Compare object identifiers.
Definition: oid.c:103
Asn1Tag::totalLength
size_t totalLength
Definition: asn1.h:108
Asn1Tag::length
size_t length
Definition: asn1.h:106
ecLoadDomainParameters
error_t ecLoadDomainParameters(EcDomainParameters *params, const EcCurveInfo *curveInfo)
Load EC domain parameters.
Definition: ec.c:90
FALSE
#define FALSE
Definition: os_port.h:46
EcCurveInfo
Elliptic curve parameters.
Definition: ec_curves.h:302
ERROR_INVALID_PARAMETER
@ ERROR_INVALID_PARAMETER
Invalid parameter.
Definition: error.h:47
error_t
error_t
Error codes.
Definition: error.h:43
x509ExportDsaPrivateKey
error_t x509ExportDsaPrivateKey(const DsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Export a DSA private key to ASN.1 format.
Definition: x509_key_format.c:966
ASN1_CLASS_UNIVERSAL
#define ASN1_CLASS_UNIVERSAL
Definition: asn1.h:52
Asn1Tag
ASN.1 tag.
Definition: asn1.h:102
crypto.h
General definitions for cryptographic algorithms.
asn1WriteTag
error_t asn1WriteTag(Asn1Tag *tag, bool_t reverse, uint8_t *data, size_t *written)
Write an ASN.1 tag.
Definition: asn1.c:334
EcPrivateKey
EC private key.
Definition: ec.h:104
DsaPrivateKey
DSA private key.
Definition: dsa.h:72
Asn1Tag::objClass
uint_t objClass
Definition: asn1.h:104
length
uint8_t length
Definition: tcp.h:368
x509ExportRsaPrivateKey
error_t x509ExportRsaPrivateKey(const RsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Export an RSA private key to ASN.1 format.
Definition: x509_key_format.c:760
ED448_OID
const uint8_t ED448_OID[3]
Definition: ec_curves.c:102
EddsaPrivateKey
EdDSA private key.
Definition: eddsa.h:59
ED25519_OID
const uint8_t ED25519_OID[3]
Definition: ec_curves.c:100
ED448_PRIVATE_KEY_LEN
#define ED448_PRIVATE_KEY_LEN
Definition: ed448.h:40
EcPublicKey
EC public key.
Definition: ec.h:94
ASN1_TYPE_OCTET_STRING
@ ASN1_TYPE_OCTET_STRING
Definition: asn1.h:72
x509_key_format.h
Formatting of ASN.1 encoded keys.
n
uint8_t n
Definition: dhcpv6_common.h:416
RsaPrivateKey
RSA private key.
Definition: rsa.h:68
ASN1_CLASS_CONTEXT_SPECIFIC
#define ASN1_CLASS_CONTEXT_SPECIFIC
Definition: asn1.h:54
EcPublicKey::q
EcPoint q
Public key.
Definition: ec.h:95
Asn1Tag::constructed
bool_t constructed
Definition: asn1.h:103
ecExport
error_t ecExport(const EcDomainParameters *params, const EcPoint *a, uint8_t *data, size_t *length)
Convert an EC point to an octet string.
Definition: ec.c:438
ASN1_TYPE_SEQUENCE
@ ASN1_TYPE_SEQUENCE
Definition: asn1.h:80
EcCurveInfo::oidSize
size_t oidSize
OID size.
Definition: ec_curves.h:305
pkcs8FormatEddsaPrivateKey
error_t pkcs8FormatEddsaPrivateKey(const EcCurveInfo *curveInfo, const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Format an EdDSA private key.
Definition: pkcs8_key_format.c:338
ASN1_TYPE_BIT_STRING
@ ASN1_TYPE_BIT_STRING
Definition: asn1.h:71
asn1WriteInt32
error_t asn1WriteInt32(int32_t value, bool_t reverse, uint8_t *data, size_t *written)
Write a 32-bit integer to the output stream.
Definition: asn1.c:495
EcCurveInfo::pLen
size_t pLen
Length of p.
Definition: ec_curves.h:308
Asn1Tag::value
const uint8_t * value
Definition: asn1.h:107
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
debug.h
Debugging facilities.
Asn1Tag::objType
uint_t objType
Definition: asn1.h:105
asn1.h
ASN.1 (Abstract Syntax Notation One)