pkcs8_key_parse.c
Go to the documentation of this file.
1 /**
2  * @file pkcs8_key_parse.c
3  * @brief PKCS #8 key parsing
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.5.0
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "core/crypto.h"
36 #include "pkix/pkcs8_key_parse.h"
37 #include "pkix/x509_key_parse.h"
38 #include "ecc/ec_misc.h"
39 #include "encoding/asn1.h"
40 #include "encoding/oid.h"
41 #include "debug.h"
42 
43 //Check crypto library configuration
44 #if (PEM_SUPPORT == ENABLED)
45 
46 
47 /**
48  * @brief Parse PrivateKeyInfo structure
49  * @param[in] data Pointer to the ASN.1 structure to parse
50  * @param[in] length Length of the ASN.1 structure
51  * @param[out] privateKeyInfo Information resulting from the parsing process
52  * @return Error code
53  **/
54 
55 error_t pkcs8ParsePrivateKeyInfo(const uint8_t *data, size_t length,
56  Pkcs8PrivateKeyInfo *privateKeyInfo)
57 {
58  error_t error;
59  size_t n;
60  size_t oidLen;
61  const uint8_t *oid;
62  Asn1Tag tag;
63 
64  //Clear the PrivateKeyInfo structure
65  osMemset(privateKeyInfo, 0, sizeof(Pkcs8PrivateKeyInfo));
66 
67  //The private key information is encapsulated within a sequence
68  error = asn1ReadSequence(data, length, &tag);
69  //Failed to decode ASN.1 tag?
70  if(error)
71  return error;
72 
73  //Point to the first field of the sequence
74  data = tag.value;
75  length = tag.length;
76 
77  //Read Version field
78  error = asn1ReadInt32(data, length, &tag, &privateKeyInfo->version);
79  //Failed to decode ASN.1 tag?
80  if(error)
81  return error;
82 
83  //Point to the next field
84  data += tag.totalLength;
85  length -= tag.totalLength;
86 
87  //Read PrivateKeyAlgorithm field
88  error = pkcs8ParsePrivateKeyAlgo(data, length, &n, privateKeyInfo);
89  //Failed to decode ASN.1 tag?
90  if(error)
91  return error;
92 
93  //Point to the next field
94  data += n;
95  length -= n;
96 
97  //The PrivateKey is encapsulated within an octet string
98  error = asn1ReadOctetString(data, length, &tag);
99  //Failed to decode ASN.1 tag?
100  if(error)
101  return error;
102 
103  //Get the private key algorithm identifier
104  oid = privateKeyInfo->oid.value;
105  oidLen = privateKeyInfo->oid.length;
106 
107 #if (RSA_SUPPORT == ENABLED)
108  //RSA or RSA-PSS algorithm identifier?
109  if(OID_COMP(oid, oidLen, RSA_ENCRYPTION_OID) == 0 ||
110  OID_COMP(oid, oidLen, RSASSA_PSS_OID) == 0)
111  {
112  //Read RSAPrivateKey structure
113  error = pkcs8ParseRsaPrivateKey(tag.value, tag.length,
114  &privateKeyInfo->rsaPrivateKey);
115  }
116  else
117 #endif
118 #if (DSA_SUPPORT == ENABLED)
119  //DSA algorithm identifier?
120  if(OID_COMP(oid, oidLen, DSA_OID) == 0)
121  {
122  //Read DSAPrivateKey structure
123  error = pkcs8ParseDsaPrivateKey(tag.value, tag.length, NULL,
124  &privateKeyInfo->dsaPrivateKey, NULL);
125  }
126  else
127 #endif
128 #if (EC_SUPPORT == ENABLED)
129  //EC public key identifier?
130  if(OID_COMP(oid, oidLen, EC_PUBLIC_KEY_OID) == 0)
131  {
132  //Read ECPrivateKey structure
133  error = pkcs8ParseEcPrivateKey(tag.value, tag.length,
134  &privateKeyInfo->ecParams, &privateKeyInfo->ecPrivateKey,
135  &privateKeyInfo->ecPublicKey);
136  }
137  else
138 #endif
139 #if (ED25519_SUPPORT == ENABLED)
140  //X25519 or Ed25519 algorithm identifier?
141  if(OID_COMP(oid, oidLen, X25519_OID) == 0 ||
142  OID_COMP(oid, oidLen, ED25519_OID) == 0)
143  {
144  //Read CurvePrivateKey structure
145  error = pkcs8ParseEddsaPrivateKey(tag.value, tag.length,
146  &privateKeyInfo->eddsaPrivateKey);
147  }
148  else
149 #endif
150 #if (ED448_SUPPORT == ENABLED)
151  //X448 or Ed448 algorithm identifier?
152  if(OID_COMP(oid, oidLen, X448_OID) == 0 ||
153  OID_COMP(oid, oidLen, ED448_OID) == 0)
154  {
155  //Read CurvePrivateKey structure
156  error = pkcs8ParseEddsaPrivateKey(tag.value, tag.length,
157  &privateKeyInfo->eddsaPrivateKey);
158  }
159  else
160 #endif
161  //Unknown algorithm identifier?
162  {
163  //Report an error
164  error = ERROR_WRONG_IDENTIFIER;
165  }
166 
167  //Any error to report?
168  if(error)
169  return error;
170 
171  //Point to the next field
172  data += tag.totalLength;
173  length -= tag.totalLength;
174 
175 #if (ED25519_SUPPORT == ENABLED || ED448_SUPPORT == ENABLED)
176  //X25519, Ed25519, X448 or Ed448 algorithm identifier?
177  if(OID_COMP(oid, oidLen, X25519_OID) == 0 ||
178  OID_COMP(oid, oidLen, ED25519_OID) == 0 ||
179  OID_COMP(oid, oidLen, X448_OID) == 0 ||
180  OID_COMP(oid, oidLen, ED448_OID) == 0)
181  {
182  //The OneAsymmetricKey structure allows for the public key and additional
183  //attributes about the key to be included as well (refer to RFC 8410,
184  //section 7)
185  while(length > 0)
186  {
187  //Read current attribute
188  error = asn1ReadTag(data, length, &tag);
189  //Failed to decode ASN.1 tag?
190  if(error)
191  return error;
192 
193  //Explicit tagging shall be used to encode each optional attribute
194  if(tag.objClass != ASN1_CLASS_CONTEXT_SPECIFIC)
195  return ERROR_INVALID_CLASS;
196 
197  //Check attribute type
198  if(tag.objType == 1)
199  {
200  //The publicKey field contains the elliptic curve public key
201  //associated with the private key in question
202  error = pkcs8ParseEddsaPublicKey(tag.value, tag.length,
203  &privateKeyInfo->eddsaPublicKey);
204  //Any error to report?
205  if(error)
206  return error;
207  }
208 
209  //Next attribute
210  data += tag.totalLength;
211  length -= tag.totalLength;
212  }
213  }
214 #endif
215 
216  //Successful processing
217  return NO_ERROR;
218 }
219 
220 
221 /**
222  * @brief Parse PrivateKeyAlgorithm structure
223  * @param[in] data Pointer to the ASN.1 structure to parse
224  * @param[in] length Length of the ASN.1 structure
225  * @param[out] totalLength Number of bytes that have been parsed
226  * @param[out] privateKeyInfo Information resulting from the parsing process
227  * @return Error code
228  **/
229 
230 error_t pkcs8ParsePrivateKeyAlgo(const uint8_t *data, size_t length,
231  size_t *totalLength, Pkcs8PrivateKeyInfo *privateKeyInfo)
232 {
233  error_t error;
234  Asn1Tag tag;
235 
236  //Read the contents of the PrivateKeyAlgorithm structure
237  error = asn1ReadSequence(data, length, &tag);
238  //Failed to decode ASN.1 tag?
239  if(error)
240  return error;
241 
242  //Save the total length of the field
243  *totalLength = tag.totalLength;
244 
245  //Point to the first field of the sequence
246  data = tag.value;
247  length = tag.length;
248 
249  //Read the private key algorithm identifier
250  error = asn1ReadOid(data, length, &tag);
251  //Failed to decode ASN.1 tag?
252  if(error)
253  return error;
254 
255  //Save the private key algorithm identifier
256  privateKeyInfo->oid.value = tag.value;
257  privateKeyInfo->oid.length = tag.length;
258 
259  //Point to the next field (if any)
260  data += tag.totalLength;
261  length -= tag.totalLength;
262 
263 #if (RSA_SUPPORT == ENABLED)
264  //RSA algorithm identifier?
265  if(!asn1CheckOid(&tag, RSA_ENCRYPTION_OID, sizeof(RSA_ENCRYPTION_OID)))
266  {
267  //The parameters field must have ASN.1 type NULL for this algorithm
268  //identifier (refer to RFC 3279, section 2.3.1)
269  error = NO_ERROR;
270  }
271  //RSA-PSS algorithm identifier?
272  else if(!asn1CheckOid(&tag, RSASSA_PSS_OID, sizeof(RSASSA_PSS_OID)))
273  {
274  //The parameters may be either absent or present when used as subject
275  //public key information (refer to RFC 4055, section 3.1)
276  error = NO_ERROR;
277  }
278  else
279 #endif
280 #if (DSA_SUPPORT == ENABLED)
281  //DSA algorithm identifier?
282  if(!asn1CheckOid(&tag, DSA_OID, sizeof(DSA_OID)))
283  {
284  //Read DsaParameters structure
285  error = x509ParseDsaParameters(data, length, &privateKeyInfo->dsaParams);
286  }
287  else
288 #endif
289 #if (EC_SUPPORT == ENABLED)
290  //EC public key identifier?
291  if(!asn1CheckOid(&tag, EC_PUBLIC_KEY_OID, sizeof(EC_PUBLIC_KEY_OID)))
292  {
293  //Read ECParameters structure
294  error = x509ParseEcParameters(data, length, &privateKeyInfo->ecParams);
295  }
296  else
297 #endif
298 #if (ED25519_SUPPORT == ENABLED)
299  //X25519 or Ed25519 algorithm identifier?
300  if(!asn1CheckOid(&tag, X25519_OID, sizeof(X25519_OID)) ||
301  !asn1CheckOid(&tag, ED25519_OID, sizeof(ED25519_OID)))
302  {
303  //For all of the OIDs, the parameters must be absent (refer to RFC 8410,
304  //section 3)
305  error = NO_ERROR;
306  }
307  else
308 #endif
309 #if (ED448_SUPPORT == ENABLED)
310  //X448 or Ed448 algorithm identifier?
311  if(!asn1CheckOid(&tag, X448_OID, sizeof(X448_OID)) ||
312  !asn1CheckOid(&tag, ED448_OID, sizeof(ED448_OID)))
313  {
314  //For all of the OIDs, the parameters must be absent (refer to RFC 8410,
315  //section 3)
316  error = NO_ERROR;
317  }
318  else
319 #endif
320  //Unknown algorithm identifier?
321  {
322  //Report an error
323  error = ERROR_WRONG_IDENTIFIER;
324  }
325 
326  //Return status code
327  return error;
328 }
329 
330 
331 /**
332  * @brief Parse RSAPrivateKey structure
333  * @param[in] data Pointer to the ASN.1 structure to parse
334  * @param[in] length Length of the ASN.1 structure
335  * @param[out] rsaPrivateKey Information resulting from the parsing process
336  * @return Error code
337  **/
338 
339 error_t pkcs8ParseRsaPrivateKey(const uint8_t *data, size_t length,
340  Pkcs8RsaPrivateKey *rsaPrivateKey)
341 {
342  error_t error;
343  Asn1Tag tag;
344 
345  //Read RSAPrivateKey structure
346  error = asn1ReadSequence(data, length, &tag);
347  //Failed to decode ASN.1 tag?
348  if(error)
349  return error;
350 
351  //Point to the first field
352  data = tag.value;
353  length = tag.length;
354 
355  //Read Version field
356  error = asn1ReadInt32(data, length, &tag, &rsaPrivateKey->version);
357  //Failed to decode ASN.1 tag?
358  if(error)
359  return error;
360 
361  //Point to the next field
362  data += tag.totalLength;
363  length -= tag.totalLength;
364 
365  //Read Modulus field
366  error = asn1ReadTag(data, length, &tag);
367  //Failed to decode ASN.1 tag?
368  if(error)
369  return error;
370 
371  //Enforce encoding, class and type
372  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
373  //Invalid tag?
374  if(error)
375  return error;
376 
377  //Save the modulus
378  rsaPrivateKey->n.value = tag.value;
379  rsaPrivateKey->n.length = tag.length;
380 
381  //Point to the next field
382  data += tag.totalLength;
383  length -= tag.totalLength;
384 
385  //Read PublicExponent field
386  error = asn1ReadTag(data, length, &tag);
387  //Failed to decode ASN.1 tag?
388  if(error)
389  return error;
390 
391  //Enforce encoding, class and type
392  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
393  //Invalid tag?
394  if(error)
395  return error;
396 
397  //Save the public exponent
398  rsaPrivateKey->e.value = tag.value;
399  rsaPrivateKey->e.length = tag.length;
400 
401  //Point to the next field
402  data += tag.totalLength;
403  length -= tag.totalLength;
404 
405  //Read PrivateExponent field
406  error = asn1ReadTag(data, length, &tag);
407  //Failed to decode ASN.1 tag?
408  if(error)
409  return error;
410 
411  //Enforce encoding, class and type
412  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
413  //Invalid tag?
414  if(error)
415  return error;
416 
417  //Save the private exponent
418  rsaPrivateKey->d.value = tag.value;
419  rsaPrivateKey->d.length = tag.length;
420 
421  //Point to the next field
422  data += tag.totalLength;
423  length -= tag.totalLength;
424 
425  //Read Prime1 field
426  error = asn1ReadTag(data, length, &tag);
427  //Failed to decode ASN.1 tag?
428  if(error)
429  return error;
430 
431  //Enforce encoding, class and type
432  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
433  //Invalid tag?
434  if(error)
435  return error;
436 
437  //Save the first factor
438  rsaPrivateKey->p.value = tag.value;
439  rsaPrivateKey->p.length = tag.length;
440 
441  //Point to the next field
442  data += tag.totalLength;
443  length -= tag.totalLength;
444 
445  //Read Prime2 field
446  error = asn1ReadTag(data, length, &tag);
447  //Failed to decode ASN.1 tag?
448  if(error)
449  return error;
450 
451  //Enforce encoding, class and type
452  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
453  //Invalid tag?
454  if(error)
455  return error;
456 
457  //Save the second factor
458  rsaPrivateKey->q.value = tag.value;
459  rsaPrivateKey->q.length = tag.length;
460 
461  //Point to the next field
462  data += tag.totalLength;
463  length -= tag.totalLength;
464 
465  //Read Exponent1 field
466  error = asn1ReadTag(data, length, &tag);
467  //Failed to decode ASN.1 tag?
468  if(error)
469  return error;
470 
471  //Enforce encoding, class and type
472  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
473  //Invalid tag?
474  if(error)
475  return error;
476 
477  //Save the first exponent
478  rsaPrivateKey->dp.value = tag.value;
479  rsaPrivateKey->dp.length = tag.length;
480 
481  //Point to the next field
482  data += tag.totalLength;
483  length -= tag.totalLength;
484 
485  //Read Exponent2 field
486  error = asn1ReadTag(data, length, &tag);
487  //Failed to decode ASN.1 tag?
488  if(error)
489  return error;
490 
491  //Enforce encoding, class and type
492  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
493  //Invalid tag?
494  if(error)
495  return error;
496 
497  //Save the second exponent
498  rsaPrivateKey->dq.value = tag.value;
499  rsaPrivateKey->dq.length = tag.length;
500 
501  //Point to the next field
502  data += tag.totalLength;
503  length -= tag.totalLength;
504 
505  //Read Coefficient field
506  error = asn1ReadTag(data, length, &tag);
507  //Failed to decode ASN.1 tag?
508  if(error)
509  return error;
510 
511  //Enforce encoding, class and type
512  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
513  //Invalid tag?
514  if(error)
515  return error;
516 
517  //Save the coefficient
518  rsaPrivateKey->qinv.value = tag.value;
519  rsaPrivateKey->qinv.length = tag.length;
520 
521  //Successful processing
522  return NO_ERROR;
523 }
524 
525 
526 /**
527  * @brief Parse DSAPrivateKey structure
528  * @param[in] data Pointer to the ASN.1 structure to parse
529  * @param[in] length Length of the ASN.1 structure
530  * @param[out] dsaParams DSA domain parameters
531  * @param[out] dsaPrivateKey DSA private key
532  * @param[out] dsaPublicKey DSA public key
533  * @return Error code
534  **/
535 
536 error_t pkcs8ParseDsaPrivateKey(const uint8_t *data, size_t length,
537  X509DsaParameters *dsaParams, Pkcs8DsaPrivateKey *dsaPrivateKey,
538  X509DsaPublicKey *dsaPublicKey)
539 {
540  error_t error;
541  int32_t version;
542  Asn1Tag tag;
543 
544  //The DSA domain parameters can be optionally parsed
545  if(dsaParams != NULL && dsaPublicKey != NULL)
546  {
547  //Read DSAPrivateKey structure
548  error = asn1ReadSequence(data, length, &tag);
549  //Failed to decode ASN.1 tag?
550  if(error)
551  return error;
552 
553  //Point to the first field of the sequence
554  data = tag.value;
555  length = tag.length;
556 
557  //Read version
558  error = asn1ReadInt32(data, length, &tag, &version);
559  //Failed to decode ASN.1 tag?
560  if(error)
561  return error;
562 
563  //Point to the next field
564  data += tag.totalLength;
565  length -= tag.totalLength;
566 
567  //Read the parameter p
568  error = asn1ReadTag(data, length, &tag);
569  //Failed to decode ASN.1 tag?
570  if(error)
571  return error;
572 
573  //Enforce encoding, class and type
574  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL,
575  ASN1_TYPE_INTEGER);
576  //Invalid tag?
577  if(error)
578  return error;
579 
580  //Save the parameter p
581  dsaParams->p.value = tag.value;
582  dsaParams->p.length = tag.length;
583 
584  //Point to the next field
585  data += tag.totalLength;
586  length -= tag.totalLength;
587 
588  //Read the parameter q
589  error = asn1ReadTag(data, length, &tag);
590  //Failed to decode ASN.1 tag?
591  if(error)
592  return error;
593 
594  //Enforce encoding, class and type
595  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL,
596  ASN1_TYPE_INTEGER);
597  //Invalid tag?
598  if(error)
599  return error;
600 
601  //Save the parameter q
602  dsaParams->q.value = tag.value;
603  dsaParams->q.length = tag.length;
604 
605  //Point to the next field
606  data += tag.totalLength;
607  length -= tag.totalLength;
608 
609  //Read the parameter g
610  error = asn1ReadTag(data, length, &tag);
611  //Failed to decode ASN.1 tag?
612  if(error)
613  return error;
614 
615  //Enforce encoding, class and type
616  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL,
617  ASN1_TYPE_INTEGER);
618  //Invalid tag?
619  if(error)
620  return error;
621 
622  //Save the parameter g
623  dsaParams->g.value = tag.value;
624  dsaParams->g.length = tag.length;
625 
626  //Point to the next field
627  data += tag.totalLength;
628  length -= tag.totalLength;
629 
630  //Read the public value y
631  error = asn1ReadTag(data, length, &tag);
632  //Failed to decode ASN.1 tag?
633  if(error)
634  return error;
635 
636  //Enforce encoding, class and type
637  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL,
638  ASN1_TYPE_INTEGER);
639  //Invalid tag?
640  if(error)
641  return error;
642 
643  //Save the public value y
644  dsaPublicKey->y.value = tag.value;
645  dsaPublicKey->y.length = tag.length;
646 
647  //Point to the next field
648  data += tag.totalLength;
649  length -= tag.totalLength;
650  }
651 
652  //Read the private value x
653  error = asn1ReadTag(data, length, &tag);
654  //Failed to decode ASN.1 tag?
655  if(error)
656  return error;
657 
658  //Enforce encoding, class and type
659  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL, ASN1_TYPE_INTEGER);
660  //Invalid tag?
661  if(error)
662  return error;
663 
664  //Save the private value x
665  dsaPrivateKey->x.value = tag.value;
666  dsaPrivateKey->x.length = tag.length;
667 
668  //Successful processing
669  return NO_ERROR;
670 }
671 
672 
673 /**
674  * @brief Parse ECPrivateKey structure
675  * @param[in] data Pointer to the ASN.1 structure to parse
676  * @param[in] length Length of the ASN.1 structure
677  * @param[out] ecParams EC domain parameters
678  * @param[out] ecPrivateKey EC private key
679  * @param[out] ecPublicKey EC public key
680  * @return Error code
681  **/
682 
683 error_t pkcs8ParseEcPrivateKey(const uint8_t *data, size_t length,
684  X509EcParameters *ecParams, Pkcs8EcPrivateKey *ecPrivateKey,
685  X509EcPublicKey *ecPublicKey)
686 {
687  error_t error;
688  Asn1Tag tag;
689 
690  //Read ECPrivateKey structure
691  error = asn1ReadSequence(data, length, &tag);
692  //Failed to decode ASN.1 tag?
693  if(error)
694  return error;
695 
696  //Point to the first field
697  data = tag.value;
698  length = tag.length;
699 
700  //Read Version field
701  error = asn1ReadInt32(data, length, &tag, &ecPrivateKey->version);
702  //Failed to decode ASN.1 tag?
703  if(error)
704  return error;
705 
706  //Point to the next field
707  data += tag.totalLength;
708  length -= tag.totalLength;
709 
710  //Read PrivateKey field
711  error = asn1ReadOctetString(data, length, &tag);
712  //Failed to decode ASN.1 tag?
713  if(error)
714  return error;
715 
716  //Save the EC private key
717  ecPrivateKey->d.value = tag.value;
718  ecPrivateKey->d.length = tag.length;
719 
720  //Point to the next field
721  data += tag.totalLength;
722  length -= tag.totalLength;
723 
724  //Loop through optional attributes
725  while(length > 0)
726  {
727  //Read current attribute
728  error = asn1ReadTag(data, length, &tag);
729  //Failed to decode ASN.1 tag?
730  if(error)
731  return error;
732 
733  //Explicit tagging shall be used to encode each optional attribute
734  if(tag.objClass != ASN1_CLASS_CONTEXT_SPECIFIC)
735  return ERROR_INVALID_CLASS;
736 
737  //Check attribute type
738  if(tag.objType == 0)
739  {
740  //The parameters field specifies the elliptic curve domain parameters
741  //associated to the private key
742  error = x509ParseEcParameters(tag.value, tag.length, ecParams);
743  //Any error to report?
744  if(error)
745  return error;
746  }
747  else if(tag.objType == 1)
748  {
749  //The publicKey field contains the elliptic curve public key associated
750  //with the private key in question
751  error = pkcs8ParseEcPublicKey(tag.value, tag.length, ecPublicKey);
752  //Any error to report?
753  if(error)
754  return error;
755  }
756  else
757  {
758  //Ignore unknown attribute
759  }
760 
761  //Next attribute
762  data += tag.totalLength;
763  length -= tag.totalLength;
764  }
765 
766  //Successful processing
767  return NO_ERROR;
768 }
769 
770 
771 /**
772  * @brief Parse publicKey structure
773  * @param[in] data Pointer to the ASN.1 structure to parse
774  * @param[in] length Length of the ASN.1 structure
775  * @param[out] ecPublicKey EC public key
776  * @return Error code
777  **/
778 
779 error_t pkcs8ParseEcPublicKey(const uint8_t *data, size_t length,
780  X509EcPublicKey *ecPublicKey)
781 {
782  error_t error;
783  Asn1Tag tag;
784 
785  //The public key is encapsulated within a bit string
786  error = asn1ReadTag(data, length, &tag);
787  //Failed to decode ASN.1 tag?
788  if(error)
789  return error;
790 
791  //Enforce encoding, class and type
792  error = asn1CheckTag(&tag, FALSE, ASN1_CLASS_UNIVERSAL,
793  ASN1_TYPE_BIT_STRING);
794  //Failed to decode ASN.1 tag?
795  if(error)
796  return error;
797 
798  //The bit string shall contain an initial octet which encodes the number
799  //of unused bits in the final subsequent octet
800  if(tag.length < 1 || tag.value[0] != 0)
801  return ERROR_INVALID_SYNTAX;
802 
803  //Save the EC public key
804  ecPublicKey->q.value = tag.value + 1;
805  ecPublicKey->q.length = tag.length - 1;
806 
807  //Successful processing
808  return NO_ERROR;
809 }
810 
811 
812 /**
813  * @brief Parse CurvePrivateKey structure
814  * @param[in] data Pointer to the ASN.1 structure to parse
815  * @param[in] length Length of the ASN.1 structure
816  * @param[out] eddsaPrivateKey EdDSA private key
817  * @return Error code
818  **/
819 
820 error_t pkcs8ParseEddsaPrivateKey(const uint8_t *data, size_t length,
821  Pkcs8EddsaPrivateKey *eddsaPrivateKey)
822 {
823  error_t error;
824  Asn1Tag tag;
825 
826  //The CurvePrivateKey structure is encapsulated within an octet string
827  error = asn1ReadOctetString(data, length, &tag);
828  //Failed to decode ASN.1 tag?
829  if(error)
830  return error;
831 
832  //Save the EdDSA private key
833  eddsaPrivateKey->d.value = tag.value;
834  eddsaPrivateKey->d.length = tag.length;
835 
836  //Successful processing
837  return NO_ERROR;
838 }
839 
840 
841 /**
842  * @brief Parse publicKey structure
843  * @param[in] data Pointer to the ASN.1 structure to parse
844  * @param[in] length Length of the ASN.1 structure
845  * @param[out] eddsaPublicKey EdDSA public key
846  * @return Error code
847  **/
848 
849 error_t pkcs8ParseEddsaPublicKey(const uint8_t *data, size_t length,
850  Pkcs8EddsaPublicKey *eddsaPublicKey)
851 {
852  //The bit string shall contain an initial octet which encodes the number
853  //of unused bits in the final subsequent octet
854  if(length < 1 || data[0] != 0)
855  return ERROR_INVALID_SYNTAX;
856 
857  //Save the EdDSA public key
858  eddsaPublicKey->q.value = data + 1;
859  eddsaPublicKey->q.length = length - 1;
860 
861  //Successful processing
862  return NO_ERROR;
863 }
864 
865 
866 /**
867  * @brief Parse EncryptedPrivateKeyInfo structure
868  * @param[in] data Pointer to the ASN.1 structure to parse
869  * @param[in] length Length of the ASN.1 structure
870  * @param[out] encryptedPrivateKeyInfo Information resulting from the parsing process
871  * @return Error code
872  **/
873 
874 error_t pkcs8ParseEncryptedPrivateKeyInfo(const uint8_t *data, size_t length,
875  Pkcs8EncryptedPrivateKeyInfo *encryptedPrivateKeyInfo)
876 {
877  error_t error;
878  size_t n;
879  Asn1Tag tag;
880 
881  //Read EncryptedPrivateKeyInfo structure
882  error = asn1ReadSequence(data, length, &tag);
883  //Failed to decode ASN.1 tag?
884  if(error)
885  return error;
886 
887  //Point to the first field
888  data = tag.value;
889  length = tag.length;
890 
891  //Parse EncryptionAlgorithmIdentifier structure
892  error = pkcs8ParseEncryptionAlgoId(data, length, &n,
893  &encryptedPrivateKeyInfo->encryptionAlgo);
894  //Any error to report?
895  if(error)
896  return error;
897 
898  //Point to the next field
899  data += n;
900  length -= n;
901 
902  //The EncryptedData is encapsulated within an octet string
903  error = asn1ReadOctetString(data, length, &tag);
904  //Failed to decode ASN.1 tag?
905  if(error)
906  return error;
907 
908  //The EncryptedData is the result of encrypting the private-key information
909  encryptedPrivateKeyInfo->encryptedData.value = tag.value;
910  encryptedPrivateKeyInfo->encryptedData.length = tag.length;
911 
912  //Successful processing
913  return NO_ERROR;
914 }
915 
916 
917 /**
918  * @brief Parse EncryptionAlgorithmIdentifier structure
919  * @param[in] data Pointer to the ASN.1 structure to parse
920  * @param[in] length Length of the ASN.1 structure
921  * @param[out] totalLength Number of bytes that have been parsed
922  * @param[out] encryptionAlgoId Information resulting from the parsing process
923  * @return Error code
924  **/
925 
926 error_t pkcs8ParseEncryptionAlgoId(const uint8_t *data, size_t length,
927  size_t *totalLength, X509AlgoId *encryptionAlgoId)
928 {
929  error_t error;
930  Asn1Tag tag;
931 
932  //Read the contents of the EncryptionAlgorithmIdentifier structure
933  error = asn1ReadSequence(data, length, &tag);
934  //Failed to decode ASN.1 tag?
935  if(error)
936  return error;
937 
938  //Save the total length of the field
939  *totalLength = tag.totalLength;
940 
941  //Point to the first field of the sequence
942  data = tag.value;
943  length = tag.length;
944 
945  //Read the encryption algorithm identifier
946  error = asn1ReadOid(data, length, &tag);
947  //Failed to decode ASN.1 tag?
948  if(error)
949  return error;
950 
951  //Save the encryption algorithm identifier
952  encryptionAlgoId->oid.value = tag.value;
953  encryptionAlgoId->oid.length = tag.length;
954 
955  //Point to the next field (if any)
956  data += tag.totalLength;
957  length -= tag.totalLength;
958 
959  //The contents of the optional parameters field will vary according to the
960  //algorithm identified
961  encryptionAlgoId->params.value = data;
962  encryptionAlgoId->params.length = length;
963 
964  //Return status code
965  return error;
966 }
967 
968 
969 /**
970  * @brief Import an RSA private key
971  * @param[out] privateKey RSA private key
972  * @param[in] privateKeyInfo Private key information
973  * @return Error code
974  **/
975 
976 error_t pkcs8ImportRsaPrivateKey(RsaPrivateKey *privateKey,
977  const Pkcs8PrivateKeyInfo *privateKeyInfo)
978 {
979  error_t error;
980 
981 #if (RSA_SUPPORT == ENABLED)
982  const uint8_t *oid;
983  size_t oidLen;
984 
985  //Get the private key algorithm identifier
986  oid = privateKeyInfo->oid.value;
987  oidLen = privateKeyInfo->oid.length;
988 
989  //RSA or RSA-PSS algorithm identifier?
990  if(OID_COMP(oid, oidLen, RSA_ENCRYPTION_OID) == 0 ||
991  OID_COMP(oid, oidLen, RSASSA_PSS_OID) == 0)
992  {
993  //Sanity check
994  if(privateKeyInfo->rsaPrivateKey.n.value != NULL &&
995  privateKeyInfo->rsaPrivateKey.e.value != NULL &&
996  privateKeyInfo->rsaPrivateKey.d.value != NULL &&
997  privateKeyInfo->rsaPrivateKey.p.value != NULL &&
998  privateKeyInfo->rsaPrivateKey.q.value != NULL &&
999  privateKeyInfo->rsaPrivateKey.dp.value != NULL &&
1000  privateKeyInfo->rsaPrivateKey.dq.value != NULL &&
1001  privateKeyInfo->rsaPrivateKey.qinv.value != NULL)
1002  {
1003  //Read modulus
1004  error = mpiImport(&privateKey->n, privateKeyInfo->rsaPrivateKey.n.value,
1005  privateKeyInfo->rsaPrivateKey.n.length, MPI_FORMAT_BIG_ENDIAN);
1006 
1007  //Check status code
1008  if(!error)
1009  {
1010  //Read public exponent
1011  error = mpiImport(&privateKey->e, privateKeyInfo->rsaPrivateKey.e.value,
1012  privateKeyInfo->rsaPrivateKey.e.length, MPI_FORMAT_BIG_ENDIAN);
1013  }
1014 
1015  //Check status code
1016  if(!error)
1017  {
1018  //Read private exponent
1019  error = mpiImport(&privateKey->d, privateKeyInfo->rsaPrivateKey.d.value,
1020  privateKeyInfo->rsaPrivateKey.d.length, MPI_FORMAT_BIG_ENDIAN);
1021  }
1022 
1023  //Check status code
1024  if(!error)
1025  {
1026  //Read first factor
1027  error = mpiImport(&privateKey->p, privateKeyInfo->rsaPrivateKey.p.value,
1028  privateKeyInfo->rsaPrivateKey.p.length, MPI_FORMAT_BIG_ENDIAN);
1029  }
1030 
1031  //Check status code
1032  if(!error)
1033  {
1034  //Read second factor
1035  error = mpiImport(&privateKey->q, privateKeyInfo->rsaPrivateKey.q.value,
1036  privateKeyInfo->rsaPrivateKey.q.length, MPI_FORMAT_BIG_ENDIAN);
1037  }
1038 
1039  //Check status code
1040  if(!error)
1041  {
1042  //Read first exponent
1043  error = mpiImport(&privateKey->dp, privateKeyInfo->rsaPrivateKey.dp.value,
1044  privateKeyInfo->rsaPrivateKey.dp.length, MPI_FORMAT_BIG_ENDIAN);
1045  }
1046 
1047  //Check status code
1048  if(!error)
1049  {
1050  //Read second exponent
1051  error = mpiImport(&privateKey->dq, privateKeyInfo->rsaPrivateKey.dq.value,
1052  privateKeyInfo->rsaPrivateKey.dq.length, MPI_FORMAT_BIG_ENDIAN);
1053  }
1054 
1055  //Check status code
1056  if(!error)
1057  {
1058  //Read coefficient
1059  error = mpiImport(&privateKey->qinv, privateKeyInfo->rsaPrivateKey.qinv.value,
1060  privateKeyInfo->rsaPrivateKey.qinv.length, MPI_FORMAT_BIG_ENDIAN);
1061  }
1062 
1063  //Check status code
1064  if(!error)
1065  {
1066  //Dump RSA private key
1067  TRACE_DEBUG("RSA private key:\r\n");
1068  TRACE_DEBUG(" Modulus:\r\n");
1069  TRACE_DEBUG_MPI(" ", &privateKey->n);
1070  TRACE_DEBUG(" Public exponent:\r\n");
1071  TRACE_DEBUG_MPI(" ", &privateKey->e);
1072  TRACE_DEBUG(" Private exponent:\r\n");
1073  TRACE_DEBUG_MPI(" ", &privateKey->d);
1074  TRACE_DEBUG(" Prime 1:\r\n");
1075  TRACE_DEBUG_MPI(" ", &privateKey->p);
1076  TRACE_DEBUG(" Prime 2:\r\n");
1077  TRACE_DEBUG_MPI(" ", &privateKey->q);
1078  TRACE_DEBUG(" Prime exponent 1:\r\n");
1079  TRACE_DEBUG_MPI(" ", &privateKey->dp);
1080  TRACE_DEBUG(" Prime exponent 2:\r\n");
1081  TRACE_DEBUG_MPI(" ", &privateKey->dq);
1082  TRACE_DEBUG(" Coefficient:\r\n");
1083  TRACE_DEBUG_MPI(" ", &privateKey->qinv);
1084  }
1085  }
1086  else
1087  {
1088  //The private key is not valid
1089  error = ERROR_INVALID_KEY;
1090  }
1091  }
1092  else
1093 #endif
1094  //Invalid algorithm identifier?
1095  {
1096  //Report an error
1097  error = ERROR_WRONG_IDENTIFIER;
1098  }
1099 
1100  //Return status code
1101  return error;
1102 }
1103 
1104 
1105 /**
1106  * @brief Import a DSA private key
1107  * @param[out] privateKey DSA private key
1108  * @param[in] privateKeyInfo Private key information
1109  * @return Error code
1110  **/
1111 
1112 error_t pkcs8ImportDsaPrivateKey(DsaPrivateKey *privateKey,
1113  const Pkcs8PrivateKeyInfo *privateKeyInfo)
1114 {
1115  error_t error;
1116 
1117 #if (DSA_SUPPORT == ENABLED)
1118  //DSA algorithm identifier?
1119  if(OID_COMP(privateKeyInfo->oid.value, privateKeyInfo->oid.length,
1120  DSA_OID) == 0)
1121  {
1122  //Sanity check
1123  if(privateKeyInfo->dsaParams.p.value != NULL &&
1124  privateKeyInfo->dsaParams.q.value != NULL &&
1125  privateKeyInfo->dsaParams.g.value != NULL &&
1126  privateKeyInfo->dsaPrivateKey.x.value != NULL)
1127  {
1128  //Read parameter p
1129  error = mpiImport(&privateKey->params.p, privateKeyInfo->dsaParams.p.value,
1130  privateKeyInfo->dsaParams.p.length, MPI_FORMAT_BIG_ENDIAN);
1131 
1132  //Check status code
1133  if(!error)
1134  {
1135  //Read parameter q
1136  error = mpiImport(&privateKey->params.q, privateKeyInfo->dsaParams.q.value,
1137  privateKeyInfo->dsaParams.q.length, MPI_FORMAT_BIG_ENDIAN);
1138  }
1139 
1140  //Check status code
1141  if(!error)
1142  {
1143  //Read parameter g
1144  error = mpiImport(&privateKey->params.g, privateKeyInfo->dsaParams.g.value,
1145  privateKeyInfo->dsaParams.g.length, MPI_FORMAT_BIG_ENDIAN);
1146  }
1147 
1148  //Check status code
1149  if(!error)
1150  {
1151  //Read private value
1152  error = mpiImport(&privateKey->x, privateKeyInfo->dsaPrivateKey.x.value,
1153  privateKeyInfo->dsaPrivateKey.x.length, MPI_FORMAT_BIG_ENDIAN);
1154  }
1155 
1156  //Check status code
1157  if(!error)
1158  {
1159  //Read public value
1160  error = mpiImport(&privateKey->y, privateKeyInfo->dsaPublicKey.y.value,
1161  privateKeyInfo->dsaPublicKey.y.length, MPI_FORMAT_BIG_ENDIAN);
1162  }
1163 
1164  //Check status code
1165  if(!error)
1166  {
1167  //Dump DSA private key
1168  TRACE_DEBUG("DSA private key:\r\n");
1169  TRACE_DEBUG(" Parameter p:\r\n");
1170  TRACE_DEBUG_MPI(" ", &privateKey->params.p);
1171  TRACE_DEBUG(" Parameter q:\r\n");
1172  TRACE_DEBUG_MPI(" ", &privateKey->params.q);
1173  TRACE_DEBUG(" Parameter g:\r\n");
1174  TRACE_DEBUG_MPI(" ", &privateKey->params.g);
1175  TRACE_DEBUG(" Private value x:\r\n");
1176  TRACE_DEBUG_MPI(" ", &privateKey->x);
1177  TRACE_DEBUG(" Public value y:\r\n");
1178  TRACE_DEBUG_MPI(" ", &privateKey->y);
1179  }
1180  }
1181  else
1182  {
1183  //The private key is not valid
1184  error = ERROR_INVALID_KEY;
1185  }
1186  }
1187  else
1188 #endif
1189  //Invalid algorithm identifier?
1190  {
1191  //Report an error
1192  error = ERROR_WRONG_IDENTIFIER;
1193  }
1194 
1195  //Return status code
1196  return error;
1197 }
1198 
1199 
1200 /**
1201  * @brief Import an EC private key
1202  * @param[out] privateKey EC private key
1203  * @param[in] privateKeyInfo Private key information
1204  * @return Error code
1205  **/
1206 
1207 error_t pkcs8ImportEcPrivateKey(EcPrivateKey *privateKey,
1208  const Pkcs8PrivateKeyInfo *privateKeyInfo)
1209 {
1210  error_t error;
1211 
1212 #if (EC_SUPPORT == ENABLED)
1213  //EC public key algorithm identifier?
1214  if(OID_COMP(privateKeyInfo->oid.value, privateKeyInfo->oid.length,
1215  EC_PUBLIC_KEY_OID) == 0)
1216  {
1217  //Sanity check
1218  if(privateKeyInfo->ecParams.namedCurve.value != NULL &&
1219  privateKeyInfo->ecPrivateKey.d.value != NULL)
1220  {
1221  const EcCurve *curve;
1222 
1223  //Get the elliptic curve that matches the OID
1224  curve = ecGetCurve(privateKeyInfo->ecParams.namedCurve.value,
1225  privateKeyInfo->ecParams.namedCurve.length);
1226 
1227  //Make sure the specified elliptic curve is supported
1228  if(curve != NULL)
1229  {
1230  //Read the EC private key
1231  error = ecImportPrivateKey(privateKey, curve,
1232  privateKeyInfo->ecPrivateKey.d.value,
1233  privateKeyInfo->ecPrivateKey.d.length);
1234 
1235  //Check status code
1236  if(!error)
1237  {
1238  //The public key is optional
1239  if(privateKeyInfo->ecPublicKey.q.value != NULL)
1240  {
1241  //Read the EC public key
1242  error = ecImportPublicKey(&privateKey->q, curve,
1243  privateKeyInfo->ecPublicKey.q.value,
1244  privateKeyInfo->ecPublicKey.q.length,
1245  EC_PUBLIC_KEY_FORMAT_X963);
1246  }
1247  else
1248  {
1249  //The EC public key is not present
1250  ecInitPublicKey(&privateKey->q);
1251  }
1252  }
1253  }
1254  else
1255  {
1256  //Invalid elliptic curve
1257  error = ERROR_WRONG_IDENTIFIER;
1258  }
1259 
1260  //Check status code
1261  if(!error)
1262  {
1263  //Dump EC private key
1264  TRACE_DEBUG("EC private key:\r\n");
1265  TRACE_DEBUG_EC_SCALAR(" ", privateKey->d, (curve->orderSize + 31) / 32);
1266 
1267  //Valid public key?
1268  if(privateKey->q.curve != NULL)
1269  {
1270  //Dump EC public key
1271  TRACE_DEBUG("EC public key X:\r\n");
1272  TRACE_DEBUG_EC_SCALAR(" ", privateKey->q.q.x, (curve->fieldSize + 31) / 32);
1273  TRACE_DEBUG("EC public key Y:\r\n");
1274  TRACE_DEBUG_EC_SCALAR(" ", privateKey->q.q.y, (curve->fieldSize + 31) / 32);
1275  }
1276  }
1277  }
1278  else
1279  {
1280  //The private key is not valid
1281  error = ERROR_INVALID_KEY;
1282  }
1283  }
1284  else
1285 #endif
1286  //Invalid algorithm identifier?
1287  {
1288  //Report an error
1289  error = ERROR_WRONG_IDENTIFIER;
1290  }
1291 
1292  //Return status code
1293  return error;
1294 }
1295 
1296 
1297 /**
1298  * @brief Import an EdDSA private key
1299  * @param[out] privateKey EdDSA private key
1300  * @param[in] privateKeyInfo Private key information
1301  * @return Error code
1302  **/
1303 
1304 error_t pkcs8ImportEddsaPrivateKey(EddsaPrivateKey *privateKey,
1305  const Pkcs8PrivateKeyInfo *privateKeyInfo)
1306 {
1307 #if (ED25519_SUPPORT == ENABLED || ED448_SUPPORT == ENABLED)
1308  error_t error;
1309  const EcCurve *curve;
1310 
1311  //Get the elliptic curve that matches the OID
1312  curve = ecGetCurve(privateKeyInfo->oid.value, privateKeyInfo->oid.length);
1313 
1314  //Edwards elliptic curve?
1315  if(curve != NULL && curve->type == EC_CURVE_TYPE_EDWARDS)
1316  {
1317  //Read the EdDSA private key
1318  error = eddsaImportPrivateKey(privateKey, curve,
1319  privateKeyInfo->eddsaPrivateKey.d.value,
1320  privateKeyInfo->eddsaPrivateKey.d.length);
1321 
1322  //Check status code
1323  if(!error)
1324  {
1325  //The public key is optional
1326  if(privateKeyInfo->eddsaPublicKey.q.value != NULL)
1327  {
1328  //Read the EdDSA public key
1329  error = eddsaImportPublicKey(&privateKey->q, curve,
1330  privateKeyInfo->eddsaPublicKey.q.value,
1331  privateKeyInfo->eddsaPublicKey.q.length);
1332  }
1333  else
1334  {
1335  //The EdDSA public key is not present
1336  eddsaInitPublicKey(&privateKey->q);
1337  }
1338  }
1339  }
1340  else
1341  {
1342  //Report an error
1343  error = ERROR_WRONG_IDENTIFIER;
1344  }
1345 
1346  //Check status code
1347  if(!error)
1348  {
1349  //Dump EdDSA private key
1350  TRACE_DEBUG("EdDSA private key:\r\n");
1351  TRACE_DEBUG_ARRAY(" ", privateKey->d, privateKeyInfo->eddsaPrivateKey.d.length);
1352 
1353  //Valid public key?
1354  if(privateKey->q.curve != NULL)
1355  {
1356  //Dump EdDSA public key
1357  TRACE_DEBUG("EdDSA public key:\r\n");
1358  TRACE_DEBUG_ARRAY(" ", privateKey->q.q, privateKeyInfo->eddsaPublicKey.q.length);
1359  }
1360  }
1361 
1362  //Return status code
1363  return error;
1364 #else
1365  //Not implemented
1366  return ERROR_NOT_IMPLEMENTED;
1367 #endif
1368 }
1369 
1370 #endif
eddsaImportPublicKey
error_t eddsaImportPublicKey(EddsaPublicKey *key, const EcCurve *curve, const uint8_t *data, size_t length)
Import an EdDSA public key.
Definition: eddsa.c:274
Pkcs8RsaPrivateKey::dq
X509OctetString dq
Definition: pkcs8_key_parse.h:57
pkcs8ParsePrivateKeyInfo
error_t pkcs8ParsePrivateKeyInfo(const uint8_t *data, size_t length, Pkcs8PrivateKeyInfo *privateKeyInfo)
Parse PrivateKeyInfo structure.
Definition: pkcs8_key_parse.c:55
Pkcs8PrivateKeyInfo::rsaPrivateKey
Pkcs8RsaPrivateKey rsaPrivateKey
Definition: pkcs8_key_parse.h:112
EC_CURVE_TYPE_EDWARDS
@ EC_CURVE_TYPE_EDWARDS
Definition: ec.h:364
Pkcs8PrivateKeyInfo
Private key information.
Definition: pkcs8_key_parse.h:108
ecImportPublicKey
error_t ecImportPublicKey(EcPublicKey *key, const EcCurve *curve, const uint8_t *data, size_t length, EcPublicKeyFormat format)
Import an EC public key.
Definition: ec.c:263
X509AlgoId::params
X509OctetString params
Definition: x509_common.h:776
RsaPrivateKey::p
Mpi p
First factor.
Definition: rsa.h:72
EddsaPrivateKey::d
uint8_t d[EDDSA_MAX_PRIVATE_KEY_LEN]
Private key.
Definition: eddsa.h:77
X25519_OID
const uint8_t X25519_OID[3]
Definition: ec_curves.c:108
Pkcs8EddsaPublicKey
EdDSA public key.
Definition: pkcs8_key_parse.h:98
X509DsaParameters::g
X509OctetString g
Definition: x509_common.h:799
X509DsaParameters::p
X509OctetString p
Definition: x509_common.h:797
ERROR_NOT_IMPLEMENTED
@ ERROR_NOT_IMPLEMENTED
Definition: error.h:66
oid.h
OID (Object Identifier)
DsaDomainParameters::q
Mpi q
Group order.
Definition: dsa.h:51
data
uint8_t data[]
Definition: ethernet.h:222
EC_PUBLIC_KEY_OID
const uint8_t EC_PUBLIC_KEY_OID[7]
Definition: ec.c:44
Pkcs8EncryptedPrivateKeyInfo
Encrypted private key information.
Definition: pkcs8_key_parse.h:136
RsaPrivateKey::n
Mpi n
Modulus.
Definition: rsa.h:69
Pkcs8RsaPrivateKey
RSA private key.
Definition: pkcs8_key_parse.h:49
Pkcs8PrivateKeyInfo::dsaPublicKey
X509DsaPublicKey dsaPublicKey
Definition: pkcs8_key_parse.h:117
Pkcs8EcPrivateKey::d
X509OctetString d
Definition: pkcs8_key_parse.h:79
TRACE_DEBUG_EC_SCALAR
#define TRACE_DEBUG_EC_SCALAR(p, a, n)
Definition: debug.h:123
EC_PUBLIC_KEY_FORMAT_X963
@ EC_PUBLIC_KEY_FORMAT_X963
Definition: ec.h:386
totalLength
uint16_t totalLength
Definition: ipv4.h:323
DsaDomainParameters::p
Mpi p
Prime modulus.
Definition: dsa.h:50
pkcs8ImportDsaPrivateKey
error_t pkcs8ImportDsaPrivateKey(DsaPrivateKey *privateKey, const Pkcs8PrivateKeyInfo *privateKeyInfo)
Import a DSA private key.
Definition: pkcs8_key_parse.c:1112
RSASSA_PSS_OID
const uint8_t RSASSA_PSS_OID[9]
Definition: rsa.c:85
version
uint8_t version
Definition: coap_common.h:177
asn1ReadTag
error_t asn1ReadTag(const uint8_t *data, size_t length, Asn1Tag *tag)
Read an ASN.1 tag from the input stream.
Definition: asn1.c:52
EcPoint::y
uint32_t y[EC_MAX_MODULUS_SIZE]
y-coordinate
Definition: ec.h:400
x509ParseDsaParameters
error_t x509ParseDsaParameters(const uint8_t *data, size_t length, X509DsaParameters *dsaParams)
Parse DSA domain parameters.
Definition: x509_key_parse.c:415
pkcs8ParseEddsaPublicKey
error_t pkcs8ParseEddsaPublicKey(const uint8_t *data, size_t length, Pkcs8EddsaPublicKey *eddsaPublicKey)
Parse publicKey structure.
Definition: pkcs8_key_parse.c:849
oid
uint8_t oid[]
Definition: lldp_tlv.h:300
RsaPrivateKey::d
Mpi d
Private exponent.
Definition: rsa.h:71
Pkcs8EddsaPrivateKey
EdDSA private key.
Definition: pkcs8_key_parse.h:88
X509DsaParameters::q
X509OctetString q
Definition: x509_common.h:798
asn1ReadOid
error_t asn1ReadOid(const uint8_t *data, size_t length, Asn1Tag *tag)
Read an object identifier from the input stream.
Definition: asn1.c:218
X509EcPublicKey
EC public key.
Definition: x509_common.h:828
DSA_OID
const uint8_t DSA_OID[7]
Definition: dsa.c:51
Pkcs8RsaPrivateKey::n
X509OctetString n
Definition: pkcs8_key_parse.h:51
Asn1Tag::totalLength
size_t totalLength
Definition: asn1.h:108
Asn1Tag::length
size_t length
Definition: asn1.h:106
X509DsaPublicKey::y
X509OctetString y
Definition: x509_common.h:809
Pkcs8PrivateKeyInfo::ecPrivateKey
Pkcs8EcPrivateKey ecPrivateKey
Definition: pkcs8_key_parse.h:121
FALSE
#define FALSE
Definition: os_port.h:46
asn1ReadOctetString
error_t asn1ReadOctetString(const uint8_t *data, size_t length, Asn1Tag *tag)
Read an octet string from the input stream.
Definition: asn1.c:190
pkcs8ParsePrivateKeyAlgo
error_t pkcs8ParsePrivateKeyAlgo(const uint8_t *data, size_t length, size_t *totalLength, Pkcs8PrivateKeyInfo *privateKeyInfo)
Parse PrivateKeyAlgorithm structure.
Definition: pkcs8_key_parse.c:230
pkcs8ParseEddsaPrivateKey
error_t pkcs8ParseEddsaPrivateKey(const uint8_t *data, size_t length, Pkcs8EddsaPrivateKey *eddsaPrivateKey)
Parse CurvePrivateKey structure.
Definition: pkcs8_key_parse.c:820
EddsaPublicKey::q
uint8_t q[EDDSA_MAX_PUBLIC_KEY_LEN]
Public key.
Definition: eddsa.h:66
EddsaPublicKey::curve
const EcCurve * curve
Elliptic curve parameters.
Definition: eddsa.h:65
error_t
error_t
Error codes.
Definition: error.h:43
DsaDomainParameters::g
Mpi g
Group generator.
Definition: dsa.h:52
X509EcParameters
EC parameters.
Definition: x509_common.h:818
Pkcs8RsaPrivateKey::dp
X509OctetString dp
Definition: pkcs8_key_parse.h:56
ecInitPublicKey
void ecInitPublicKey(EcPublicKey *key)
Initialize an EC public key.
Definition: ec.c:52
Pkcs8RsaPrivateKey::e
X509OctetString e
Definition: pkcs8_key_parse.h:52
ASN1_CLASS_UNIVERSAL
#define ASN1_CLASS_UNIVERSAL
Definition: asn1.h:52
pkcs8ImportRsaPrivateKey
error_t pkcs8ImportRsaPrivateKey(RsaPrivateKey *privateKey, const Pkcs8PrivateKeyInfo *privateKeyInfo)
Import an RSA private key.
Definition: pkcs8_key_parse.c:976
Asn1Tag
ASN.1 tag.
Definition: asn1.h:102
RsaPrivateKey::q
Mpi q
Second factor.
Definition: rsa.h:73
ec_misc.h
Helper routines for ECC.
Pkcs8RsaPrivateKey::p
X509OctetString p
Definition: pkcs8_key_parse.h:54
mpiImport
error_t mpiImport(Mpi *r, const uint8_t *input, size_t length, MpiFormat format)
Octet string to integer conversion.
Definition: mpi.c:712
asn1ReadInt32
error_t asn1ReadInt32(const uint8_t *data, size_t length, Asn1Tag *tag, int32_t *value)
Read a 32-bit integer from the input stream.
Definition: asn1.c:285
Pkcs8PrivateKeyInfo::ecPublicKey
X509EcPublicKey ecPublicKey
Definition: pkcs8_key_parse.h:122
Pkcs8PrivateKeyInfo::dsaParams
X509DsaParameters dsaParams
Definition: pkcs8_key_parse.h:115
X509AlgoId::oid
X509OctetString oid
Definition: x509_common.h:775
Pkcs8PrivateKeyInfo::eddsaPublicKey
Pkcs8EddsaPublicKey eddsaPublicKey
Definition: pkcs8_key_parse.h:126
crypto.h
General definitions for cryptographic algorithms.
DsaPrivateKey::y
Mpi y
Public key value.
Definition: dsa.h:75
EcPrivateKey::q
EcPublicKey q
Public key.
Definition: ec.h:436
Pkcs8RsaPrivateKey::q
X509OctetString q
Definition: pkcs8_key_parse.h:55
EcPrivateKey
EC private key.
Definition: ec.h:432
Pkcs8PrivateKeyInfo::eddsaPrivateKey
Pkcs8EddsaPrivateKey eddsaPrivateKey
Definition: pkcs8_key_parse.h:125
DsaPrivateKey
DSA private key.
Definition: dsa.h:72
Asn1Tag::objClass
uint_t objClass
Definition: asn1.h:104
length
uint8_t length
Definition: tcp.h:375
pkcs8ParseRsaPrivateKey
error_t pkcs8ParseRsaPrivateKey(const uint8_t *data, size_t length, Pkcs8RsaPrivateKey *rsaPrivateKey)
Parse RSAPrivateKey structure.
Definition: pkcs8_key_parse.c:339
RsaPrivateKey::e
Mpi e
Public exponent.
Definition: rsa.h:70
asn1CheckOid
error_t asn1CheckOid(const Asn1Tag *tag, const uint8_t *oid, size_t length)
Check ASN.1 tag against a specified OID.
Definition: asn1.c:829
pkcs8ParseDsaPrivateKey
error_t pkcs8ParseDsaPrivateKey(const uint8_t *data, size_t length, X509DsaParameters *dsaParams, Pkcs8DsaPrivateKey *dsaPrivateKey, X509DsaPublicKey *dsaPublicKey)
Parse DSAPrivateKey structure.
Definition: pkcs8_key_parse.c:536
pkcs8ParseEncryptionAlgoId
error_t pkcs8ParseEncryptionAlgoId(const uint8_t *data, size_t length, size_t *totalLength, X509AlgoId *encryptionAlgoId)
Parse EncryptionAlgorithmIdentifier structure.
Definition: pkcs8_key_parse.c:926
X509EcParameters::namedCurve
X509OctetString namedCurve
Definition: x509_common.h:819
ED448_OID
const uint8_t ED448_OID[3]
Definition: ec_curves.c:114
RsaPrivateKey::qinv
Mpi qinv
CRT coefficient.
Definition: rsa.h:76
EddsaPrivateKey
EdDSA private key.
Definition: eddsa.h:75
RsaPrivateKey::dq
Mpi dq
Second factor's CRT exponent.
Definition: rsa.h:75
ED25519_OID
const uint8_t ED25519_OID[3]
Definition: ec_curves.c:112
RSA_ENCRYPTION_OID
const uint8_t RSA_ENCRYPTION_OID[9]
Definition: rsa.c:54
X448_OID
const uint8_t X448_OID[3]
Definition: ec_curves.c:110
ASN1_TYPE_INTEGER
@ ASN1_TYPE_INTEGER
Definition: asn1.h:70
TRACE_DEBUG
#define TRACE_DEBUG(...)
Definition: debug.h:119
pkcs8ImportEddsaPrivateKey
error_t pkcs8ImportEddsaPrivateKey(EddsaPrivateKey *privateKey, const Pkcs8PrivateKeyInfo *privateKeyInfo)
Import an EdDSA private key.
Definition: pkcs8_key_parse.c:1304
pkcs8ImportEcPrivateKey
error_t pkcs8ImportEcPrivateKey(EcPrivateKey *privateKey, const Pkcs8PrivateKeyInfo *privateKeyInfo)
Import an EC private key.
Definition: pkcs8_key_parse.c:1207
Pkcs8RsaPrivateKey::d
X509OctetString d
Definition: pkcs8_key_parse.h:53
TRACE_DEBUG_ARRAY
#define TRACE_DEBUG_ARRAY(p, a, n)
Definition: debug.h:120
Pkcs8EddsaPrivateKey::d
X509OctetString d
Definition: pkcs8_key_parse.h:89
X509EcPublicKey::q
X509OctetString q
Definition: x509_common.h:829
EcPrivateKey::d
uint32_t d[EC_MAX_ORDER_SIZE]
Private key.
Definition: ec.h:434
OID_COMP
#define OID_COMP(oid1, oidLen1, oid2)
Definition: oid.h:42
n
uint8_t n
Definition: dhcpv6_common.h:416
RsaPrivateKey
RSA private key.
Definition: rsa.h:68
pkcs8ParseEncryptedPrivateKeyInfo
error_t pkcs8ParseEncryptedPrivateKeyInfo(const uint8_t *data, size_t length, Pkcs8EncryptedPrivateKeyInfo *encryptedPrivateKeyInfo)
Parse EncryptedPrivateKeyInfo structure.
Definition: pkcs8_key_parse.c:874
X509DsaParameters
DSA domain parameters.
Definition: x509_common.h:796
ASN1_CLASS_CONTEXT_SPECIFIC
#define ASN1_CLASS_CONTEXT_SPECIFIC
Definition: asn1.h:54
Pkcs8RsaPrivateKey::qinv
X509OctetString qinv
Definition: pkcs8_key_parse.h:58
pkcs8_key_parse.h
PKCS #8 key parsing.
DsaPrivateKey::x
Mpi x
Secret exponent.
Definition: dsa.h:74
EcPublicKey::q
EcPoint q
Public key.
Definition: ec.h:423
oidLen
uint8_t oidLen
Definition: lldp_tlv.h:299
MPI_FORMAT_BIG_ENDIAN
@ MPI_FORMAT_BIG_ENDIAN
Definition: mpi.h:93
ERROR_WRONG_IDENTIFIER
@ ERROR_WRONG_IDENTIFIER
Definition: error.h:89
ERROR_INVALID_SYNTAX
@ ERROR_INVALID_SYNTAX
Definition: error.h:68
EddsaPrivateKey::q
EddsaPublicKey q
Public key.
Definition: eddsa.h:79
x509ParseEcParameters
error_t x509ParseEcParameters(const uint8_t *data, size_t length, X509EcParameters *ecParams)
Parse ECParameters structure.
Definition: x509_key_parse.c:530
ecGetCurve
const EcCurve * ecGetCurve(const uint8_t *oid, size_t length)
Get the elliptic curve that matches the specified OID.
Definition: ec_curves.c:5888
DsaPrivateKey::params
DsaDomainParameters params
DSA domain parameters.
Definition: dsa.h:73
X509OctetString::value
const uint8_t * value
Definition: x509_common.h:702
Pkcs8EddsaPublicKey::q
X509OctetString q
Definition: pkcs8_key_parse.h:99
eddsaImportPrivateKey
error_t eddsaImportPrivateKey(EddsaPrivateKey *key, const EcCurve *curve, const uint8_t *data, size_t length)
Import an EdDSA private key.
Definition: eddsa.c:371
EcCurve
#define EcCurve
Definition: ec.h:346
RsaPrivateKey::dp
Mpi dp
First factor's CRT exponent.
Definition: rsa.h:74
x509_key_parse.h
Parsing of ASN.1 encoded keys.
Pkcs8PrivateKeyInfo::dsaPrivateKey
Pkcs8DsaPrivateKey dsaPrivateKey
Definition: pkcs8_key_parse.h:116
ecImportPrivateKey
error_t ecImportPrivateKey(EcPrivateKey *key, const EcCurve *curve, const uint8_t *data, size_t length)
Import an EC private key.
Definition: ec.c:490
ASN1_TYPE_BIT_STRING
@ ASN1_TYPE_BIT_STRING
Definition: asn1.h:71
ERROR_INVALID_CLASS
@ ERROR_INVALID_CLASS
Definition: error.h:117
EcPoint::x
uint32_t x[EC_MAX_MODULUS_SIZE]
x-coordinate
Definition: ec.h:399
TRACE_DEBUG_MPI
#define TRACE_DEBUG_MPI(p, a)
Definition: debug.h:122
osMemset
#define osMemset(p, value, length)
Definition: os_port.h:138
Pkcs8EcPrivateKey
EC private key.
Definition: pkcs8_key_parse.h:77
asn1ReadSequence
error_t asn1ReadSequence(const uint8_t *data, size_t length, Asn1Tag *tag)
Read an ASN.1 sequence from the input stream.
Definition: asn1.c:163
Pkcs8DsaPrivateKey
DSA private key.
Definition: pkcs8_key_parse.h:67
X509DsaPublicKey
DSA public key.
Definition: x509_common.h:808
Pkcs8PrivateKeyInfo::ecParams
X509EcParameters ecParams
Definition: pkcs8_key_parse.h:120
Pkcs8PrivateKeyInfo::oid
X509OctetString oid
Definition: pkcs8_key_parse.h:110
eddsaInitPublicKey
void eddsaInitPublicKey(EddsaPublicKey *key)
Initialize an EdDSA public key.
Definition: eddsa.c:48
pkcs8ParseEcPrivateKey
error_t pkcs8ParseEcPrivateKey(const uint8_t *data, size_t length, X509EcParameters *ecParams, Pkcs8EcPrivateKey *ecPrivateKey, X509EcPublicKey *ecPublicKey)
Parse ECPrivateKey structure.
Definition: pkcs8_key_parse.c:683
EcPublicKey::curve
const EcCurve * curve
Elliptic curve parameters.
Definition: ec.h:422
Pkcs8DsaPrivateKey::x
X509OctetString x
Definition: pkcs8_key_parse.h:68
Asn1Tag::value
const uint8_t * value
Definition: asn1.h:107
pkcs8ParseEcPublicKey
error_t pkcs8ParseEcPublicKey(const uint8_t *data, size_t length, X509EcPublicKey *ecPublicKey)
Parse publicKey structure.
Definition: pkcs8_key_parse.c:779
asn1CheckTag
error_t asn1CheckTag(const Asn1Tag *tag, bool_t constructed, uint_t objClass, uint_t objType)
Enforce the type of a specified tag.
Definition: asn1.c:803
ERROR_INVALID_KEY
@ ERROR_INVALID_KEY
Definition: error.h:106
X509AlgoId
Algorithm identifier.
Definition: x509_common.h:774
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
debug.h
Debugging facilities.
Asn1Tag::objType
uint_t objType
Definition: asn1.h:105
asn1.h
ASN.1 (Abstract Syntax Notation One)