pkcs8_key_format.c
Go to the documentation of this file.
1 /**
2  * @file pkcs8_key_format.c
3  * @brief PKCS #8 key formatting
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2019 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCrypto Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 1.9.6
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkix/pkcs8_key_format.h"
37 #include "pkix/x509_key_format.h"
38 #include "encoding/asn1.h"
39 #include "encoding/oid.h"
40 #include "ecc/ed25519.h"
41 #include "ecc/ed448.h"
42 #include "debug.h"
43 
44 //Check crypto library configuration
45 #if (PEM_SUPPORT == ENABLED)
46 
47 
48 /**
49  * @brief Format an RSA private key
50  * @param[in] privateKey Pointer to the RSA private key
51  * @param[out] output Buffer where to store the ASN.1 structure
52  * @param[out] written Length of the resulting ASN.1 structure
53  * @return Error code
54  **/
55 
57  uint8_t *output, size_t *written)
58 {
59  error_t error;
60  size_t n;
61  Asn1Tag tag;
62 
63  //Export the RSA private key to ASN.1 format
64  error = x509ExportRsaPrivateKey(privateKey, output, &n);
65  //Any error to report?
66  if(error)
67  return error;
68 
69  //The RSAPrivateKey structure is encapsulated within an octet string
70  tag.constructed = FALSE;
73  tag.length = n;
74  tag.value = output;
75 
76  //Write PrivateKey structure
77  error = asn1WriteTag(&tag, FALSE, output, &n);
78  //Any error to report?
79  if(error)
80  return error;
81 
82  //Total number of bytes that have been written
83  *written = tag.totalLength;
84 
85  //Successful processing
86  return NO_ERROR;
87 }
88 
89 
90 /**
91  * @brief Format a DSA private key
92  * @param[in] privateKey Pointer to the RSA private key
93  * @param[out] output Buffer where to store the ASN.1 structure
94  * @param[out] written Length of the resulting ASN.1 structure
95  * @return Error code
96  **/
97 
99  uint8_t *output, size_t *written)
100 {
101  error_t error;
102  size_t n;
103  Asn1Tag tag;
104 
105  //Export the DSA private key to ASN.1 format
106  error = x509ExportDsaPrivateKey(privateKey, output, &n);
107  //Any error to report?
108  if(error)
109  return error;
110 
111  //The DSAPrivateKey structure is encapsulated within an octet string
112  tag.constructed = FALSE;
115  tag.length = n;
116  tag.value = output;
117 
118  //Write PrivateKey structure
119  error = asn1WriteTag(&tag, FALSE, output, &n);
120  //Any error to report?
121  if(error)
122  return error;
123 
124  //Total number of bytes that have been written
125  *written = tag.totalLength;
126 
127  //Successful processing
128  return NO_ERROR;
129 }
130 
131 
132 /**
133  * @brief Format an EC private key
134  * @param[in] curveInfo Elliptic curve parameters
135  * @param[in] privateKey EC private key
136  * @param[in] publicKey EC public key (optional parameter)
137  * @param[out] output Buffer where to format the ASN.1 structure
138  * @param[out] written Length of the resulting ASN.1 structure
139  * @return Error code
140  **/
141 
143  const Mpi *privateKey, const EcPoint *publicKey, uint8_t *output,
144  size_t *written)
145 {
146  error_t error;
147  size_t n;
148  size_t length;
149  uint8_t *p;
150  Asn1Tag tag;
151 
152  //Point to the buffer where to write the ASN.1 structure
153  p = output;
154  //Length of the ASN.1 structure
155  length = 0;
156 
157  //Format Version field (refer to RFC 5915, section 3)
158  error = asn1WriteInt32(1, FALSE, p, &n);
159  //Any error to report?
160  if(error)
161  return error;
162 
163  //Update the length of the ECPrivateKey structure
164  length += n;
165 
166  //If the output parameter is NULL, then the function calculates the
167  //length of the resulting PEM file without copying any data
168  if(output != NULL)
169  {
170  //Advance data pointer
171  p += n;
172 
173  //Write the EC private key
174  error = mpiWriteRaw(privateKey, p, curveInfo->pLen);
175  //Any error to report?
176  if(error)
177  return error;
178  }
179 
180  //Format PrivateKey field
181  tag.constructed = FALSE;
184  tag.length = curveInfo->pLen;
185  tag.value = p;
186 
187  //Write the corresponding ASN.1 tag
188  error = asn1WriteTag(&tag, FALSE, p, &n);
189  //Any error to report?
190  if(error)
191  return error;
192 
193  //Update the length of the ECPrivateKey structure
194  n = tag.totalLength;
195  length += n;
196 
197  //Advance data pointer
198  if(output != NULL)
199  p += n;
200 
201  //The public key is optional
202  if(publicKey != NULL)
203  {
204  //Format PublicKey field
205  error = pkcs8FormatEcPublicKey(curveInfo, publicKey, p, &n);
206  //Any error to report?
207  if(error)
208  return error;
209 
210  //Update the length of the ECPrivateKey structure
211  length += n;
212 
213  //Advance data pointer
214  if(output != NULL)
215  p += n;
216  }
217 
218  //Format ECPrivateKey field
219  tag.constructed = TRUE;
222  tag.length = length;
223  tag.value = output;
224 
225  //Write the corresponding ASN.1 tag
226  error = asn1WriteTag(&tag, FALSE, output, &n);
227  //Any error to report?
228  if(error)
229  return error;
230 
231  //Get the length of the ECPrivateKey structure
232  n = tag.totalLength;
233 
234  //The PrivateKey field is an octet string whose contents are the value
235  //of the private key
236  tag.constructed = FALSE;
239  tag.length = n;
240  tag.value = output;
241 
242  //Write the corresponding ASN.1 tag
243  error = asn1WriteTag(&tag, FALSE, output, &n);
244  //Any error to report?
245  if(error)
246  return error;
247 
248  //Total number of bytes that have been written
249  *written = tag.totalLength;
250 
251  //Successful processing
252  return NO_ERROR;
253 }
254 
255 
256 /**
257  * @brief Format an EC public key
258  * @param[in] curveInfo Elliptic curve parameters
259  * @param[in] publicKey EC public key
260  * @param[out] output Buffer where to format the ASN.1 structure
261  * @param[out] written Length of the resulting ASN.1 structure
262  * @return Error code
263  **/
264 
266  const EcPoint *publicKey, uint8_t *output, size_t *written)
267 {
268 #if (EC_SUPPORT == ENABLED)
269  error_t error;
270  size_t n;
271  EcDomainParameters params;
272  Asn1Tag tag;
273 
274  //Initialize EC domain parameters
275  ecInitDomainParameters(&params);
276 
277  //The bit string shall contain an initial octet which encodes the number
278  //of unused bits in the final subsequent octet
279  output[0] = 0;
280 
281  //Load EC domain parameters
282  error = ecLoadDomainParameters(&params, curveInfo);
283 
284  //Check status code
285  if(!error)
286  {
287  //Format ECPublicKey structure
288  error = ecExport(&params, publicKey, output + 1, &n);
289  }
290 
291  //Check status code
292  if(!error)
293  {
294  //The public key is encapsulated within a bit string
295  tag.constructed = FALSE;
298  tag.length = n + 1;
299  tag.value = output;
300 
301  //Write the corresponding ASN.1 tag
302  error = asn1WriteTag(&tag, FALSE, output, &n);
303  }
304 
305  //Check status code
306  if(!error)
307  {
308  //Explicit tagging shall be used to encode the public key
309  tag.constructed = TRUE;
311  tag.objType = 1;
312  tag.length = n;
313  tag.value = output;
314 
315  //Write the corresponding ASN.1 tag
316  error = asn1WriteTag(&tag, FALSE, output, written);
317  }
318 
319  //Release EC domain parameters
320  ecFreeDomainParameters(&params);
321 
322  //Return status code
323  return error;
324 #else
325  //Not implemented
326  return ERROR_NOT_IMPLEMENTED;
327 #endif
328 }
329 
330 
331 /**
332  * @brief Format an EdDSA private key
333  * @param[in] curveInfo Elliptic curve parameters
334  * @param[in] privateKey EdDSA private key
335  * @param[out] output Buffer where to format the ASN.1 structure
336  * @param[out] written Length of the resulting ASN.1 structure
337  * @return Error code
338  **/
339 
341  const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written)
342 {
343  error_t error;
344  size_t n;
345  Asn1Tag tag;
346 
347  //Length of the ASN.1 structure
348  n = 0;
349 
350 #if (ED25519_SUPPORT == ENABLED)
351  //Ed25519 curve identifier?
352  if(!oidComp(curveInfo->oid, curveInfo->oidSize, ED25519_OID,
353  sizeof(ED25519_OID)))
354  {
355  //Export the EdDSA private key to ASN.1 format
357  output, &n);
358  }
359  else
360 #endif
361 #if (ED448_SUPPORT == ENABLED)
362  //Ed448 curve identifier?
363  if(!oidComp(curveInfo->oid, curveInfo->oidSize, ED448_OID,
364  sizeof(ED448_OID)))
365  {
366  //Export the EdDSA private key to ASN.1 format
368  output, &n);
369  }
370  else
371 #endif
372  //Unknown curve identifier?
373  {
374  //Report an error
375  error = ERROR_INVALID_PARAMETER;;
376  }
377 
378  //Any error to report?
379  if(error)
380  return error;
381 
382  //The CurvePrivateKey structure is encapsulated within an octet string
383  tag.constructed = FALSE;
386  tag.length = n;
387  tag.value = output;
388 
389  //Write PrivateKey structure
390  error = asn1WriteTag(&tag, FALSE, output, &n);
391  //Any error to report?
392  if(error)
393  return error;
394 
395  //Total number of bytes that have been written
396  *written = tag.totalLength;
397 
398  //Successful processing
399  return NO_ERROR;
400 }
401 
402 #endif
PKCS #8 key formatting.
uint8_t length
Definition: dtls_misc.h:149
Ed25519 elliptic curve (constant-time implementation)
Arbitrary precision integer.
Definition: mpi.h:69
void ecInitDomainParameters(EcDomainParameters *params)
Initialize EC domain parameters.
Definition: ec.c:55
OID (Object Identifier)
uint8_t p
Definition: ndp.h:298
#define TRUE
Definition: os_port.h:50
error_t x509ExportEddsaPrivateKey(const EddsaPrivateKey *privateKey, size_t privateKeyLen, uint8_t *output, size_t *written)
Export an EdDSA private key to ASN.1 format.
#define mpiWriteRaw(a, data, length)
Definition: crypto_legacy.h:36
error_t pkcs8FormatRsaPrivateKey(const RsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Format an RSA private key.
const uint8_t * oid
Object identifier.
Definition: ec_curves.h:295
EC domain parameters.
Definition: ec.h:63
error_t pkcs8FormatDsaPrivateKey(const DsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Format a DSA private key.
void ecFreeDomainParameters(EcDomainParameters *params)
Release EC domain parameters.
Definition: ec.c:75
#define ED25519_PRIVATE_KEY_LEN
Definition: ed25519.h:39
int_t oidComp(const uint8_t *oid1, size_t oidLen1, const uint8_t *oid2, size_t oidLen2)
Compare object identifiers.
Definition: oid.c:101
size_t totalLength
Definition: asn1.h:104
size_t length
Definition: asn1.h:102
error_t ecLoadDomainParameters(EcDomainParameters *params, const EcCurveInfo *curveInfo)
Load EC domain parameters.
Definition: ec.c:93
#define FALSE
Definition: os_port.h:46
Elliptic curve parameters.
Definition: ec_curves.h:292
Invalid parameter.
Definition: error.h:47
error_t
Error codes.
Definition: error.h:42
error_t x509ExportDsaPrivateKey(const DsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Export a DSA private key to ASN.1 format.
#define ASN1_CLASS_UNIVERSAL
Definition: asn1.h:48
ASN.1 tag.
Definition: asn1.h:97
General definitions for cryptographic algorithms.
error_t asn1WriteTag(Asn1Tag *tag, bool_t reverse, uint8_t *data, size_t *written)
Write an ASN.1 tag.
Definition: asn1.c:377
DSA private key.
Definition: dsa.h:73
uint_t objClass
Definition: asn1.h:100
Elliptic curve point.
Definition: ec.h:51
error_t x509ExportRsaPrivateKey(const RsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Export an RSA private key to ASN.1 format.
const uint8_t ED448_OID[3]
Definition: ec_curves.c:98
EdDSA private key.
Definition: eddsa.h:58
const uint8_t ED25519_OID[3]
Definition: ec_curves.c:96
#define ED448_PRIVATE_KEY_LEN
Definition: ed448.h:39
Formatting of ASN.1 encoded keys.
uint8_t n
RSA private key.
Definition: rsa.h:59
#define ASN1_CLASS_CONTEXT_SPECIFIC
Definition: asn1.h:50
bool_t constructed
Definition: asn1.h:99
error_t pkcs8FormatEcPrivateKey(const EcCurveInfo *curveInfo, const Mpi *privateKey, const EcPoint *publicKey, uint8_t *output, size_t *written)
Format an EC private key.
error_t ecExport(const EcDomainParameters *params, const EcPoint *a, uint8_t *data, size_t *length)
Convert an EC point to an octet string.
Definition: ec.c:287
size_t oidSize
OID size.
Definition: ec_curves.h:296
error_t pkcs8FormatEddsaPrivateKey(const EcCurveInfo *curveInfo, const EddsaPrivateKey *privateKey, uint8_t *output, size_t *written)
Format an EdDSA private key.
error_t asn1WriteInt32(int32_t value, bool_t reverse, uint8_t *data, size_t *written)
Write a 32-bit integer to the output stream.
Definition: asn1.c:516
Ed448 elliptic curve (constant-time implementation)
error_t pkcs8FormatEcPublicKey(const EcCurveInfo *curveInfo, const EcPoint *publicKey, uint8_t *output, size_t *written)
Format an EC public key.
size_t pLen
Length of p.
Definition: ec_curves.h:299
const uint8_t * value
Definition: asn1.h:103
Success.
Definition: error.h:44
Debugging facilities.
uint_t objType
Definition: asn1.h:101
ASN.1 (Abstract Syntax Notation One)