pkcs15-algo.c, pkcs15-prkey.c and pkcs15-pubkey.c

Various changes for RFC8410 curves On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-algo.c modified: libopensc/pkcs15-prkey.c modified: libopensc/pkcs15-pubkey.c
OpenSC · May 16, 2024 · 0c542d9 · 0c542d9
1 parent 87eae94
commit 0c542d9
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 16 deletions.
diff --git a/src/libopensc/pkcs15-algo.c b/src/libopensc/pkcs15-algo.c
@@ -574,6 +574,7 @@ sc_asn1_encode_algorithm_id(struct sc_context *ctx, u8 **buf, size_t *len,
  /* no parameters, write NULL tag */
  /* If it's EDDSA/XEDDSA, according to RFC8410, params
  * MUST be absent */
+ /* PKCS11 3.0 list them under ec_params */
  if (id->algorithm != SC_ALGORITHM_EDDSA &&
  id->algorithm != SC_ALGORITHM_XEDDSA &&
  (!id->params || !alg_info->encode))

diff --git a/src/libopensc/pkcs15-prkey.c b/src/libopensc/pkcs15-prkey.c
@@ -573,8 +573,7 @@ sc_pkcs15_erase_prkey(struct sc_pkcs15_prkey *key)
  case SC_ALGORITHM_EDDSA:
  case SC_ALGORITHM_XEDDSA:
  /* EC, Edwards and Montgomery use common ec params */
- free(key->u.ec.params.der.value);
- free(key->u.ec.params.named_curve);
+ sc_clear_ec_params(&key->u.ec.params);
  free(key->u.ec.privateD.data);
  free(key->u.ec.ecpointQ.value);
  break;

diff --git a/src/libopensc/pkcs15-pubkey.c b/src/libopensc/pkcs15-pubkey.c
@@ -545,6 +545,14 @@ static struct sc_asn1_entry c_asn1_ec_pointQ[C_ASN1_EC_POINTQ_SIZE] = {
  { "ecpointQ-OS", SC_ASN1_OCTET_STRING, SC_ASN1_TAG_OCTET_STRING, SC_ASN1_OPTIONAL | SC_ASN1_ALLOC, NULL, NULL },
  { NULL, 0, 0, 0, NULL, NULL }
 };
+
+/* See RFC8410 */
+#define C_ASN1_EDDSA_PUBKEY_SIZE 3
+static struct sc_asn1_entry c_asn1_eddsa_pubkey[C_ASN1_EDDSA_PUBKEY_SIZE] = {
+ { "ecpointQ", SC_ASN1_BIT_STRING_NI, SC_ASN1_TAG_BIT_STRING, SC_ASN1_OPTIONAL | SC_ASN1_ALLOC, NULL, NULL },
+ { "ecpointQ-OS", SC_ASN1_OCTET_STRING, SC_ASN1_TAG_OCTET_STRING, SC_ASN1_OPTIONAL | SC_ASN1_ALLOC, NULL, NULL },
+ { NULL, 0, 0, 0, NULL, NULL }
+};
 // clang-format on
 
 int
@@ -676,7 +684,7 @@ sc_pkcs15_encode_pubkey_ec(sc_context_t *ctx, struct sc_pkcs15_pubkey_ec *key,
 {
  struct sc_asn1_entry asn1_ec_pointQ[C_ASN1_EC_POINTQ_SIZE];
  size_t key_len;
- volatile int gdb_test = 0; /* so can reset via gdb for testing new way */
+ volatile int gdb_test = 1; /* so can reset via gdb for testing new way */
 
  LOG_FUNC_CALLED(ctx);
  sc_copy_asn1_entry(c_asn1_ec_pointQ, asn1_ec_pointQ);
@@ -725,15 +733,19 @@ sc_pkcs15_decode_pubkey_eddsa(sc_context_t *ctx,
  LOG_FUNC_RETURN(ctx, SC_SUCCESS);
 }
 
-/*
- * all "ec" keys uses same pubkey format, keep this external entrypoint
- */
 int
 sc_pkcs15_encode_pubkey_eddsa(sc_context_t *ctx, struct sc_pkcs15_pubkey_ec *key,
  u8 **buf, size_t *buflen)
 {
- /* same format */
- return sc_pkcs15_encode_pubkey_ec(ctx, key, buf, buflen);
+struct sc_asn1_entry asn1_eddsa_pubkey[C_ASN1_EDDSA_PUBKEY_SIZE];
+
+ LOG_FUNC_CALLED(ctx);
+ sc_copy_asn1_entry(c_asn1_eddsa_pubkey, asn1_eddsa_pubkey);
+ sc_format_asn1_entry(asn1_eddsa_pubkey + 0, key->ecpointQ.value, &key->ecpointQ.len, 1);
+
+ LOG_FUNC_RETURN(ctx,
+ sc_asn1_encode(ctx, asn1_eddsa_pubkey, buf, buflen));
+
 }
 
 int
@@ -1109,6 +1121,12 @@ sc_pkcs15_dup_pubkey(struct sc_context *ctx, struct sc_pkcs15_pubkey *key, struc
  memcpy(pubkey->u.ec.ecpointQ.value, key->u.ec.ecpointQ.value, key->u.ec.ecpointQ.len);
  pubkey->u.ec.ecpointQ.len = key->u.ec.ecpointQ.len;
 
+ if (key->u.ec.params.named_curve){
+ rv = sc_pkcs15_fix_ec_parameters(ctx, &key->u.ec.params);
+ if (rv)
+ break;
+ }
+
  pubkey->u.ec.params.der.value = malloc(key->u.ec.params.der.len);
  if (!pubkey->u.ec.params.der.value) {
  rv = SC_ERROR_OUT_OF_MEMORY;
@@ -1117,14 +1135,17 @@ sc_pkcs15_dup_pubkey(struct sc_context *ctx, struct sc_pkcs15_pubkey *key, struc
  memcpy(pubkey->u.ec.params.der.value, key->u.ec.params.der.value, key->u.ec.params.der.len);
  pubkey->u.ec.params.der.len = key->u.ec.params.der.len;
 
- if (key->u.ec.params.named_curve){
- pubkey->u.ec.params.named_curve = strdup(key->u.ec.params.named_curve);
- if (!pubkey->u.ec.params.named_curve)
- rv = SC_ERROR_OUT_OF_MEMORY;
- }
- else {
- sc_log(ctx, "named_curve parameter missing");
- rv = SC_ERROR_NOT_SUPPORTED;
+ /* RFC4810 no named_curve */
+ if ((key->algorithm != SC_ALGORITHM_EDDSA) && (key->algorithm != SC_ALGORITHM_XEDDSA)) {
+ if (key->u.ec.params.named_curve){
+ pubkey->u.ec.params.named_curve = strdup(key->u.ec.params.named_curve);
+ if (!pubkey->u.ec.params.named_curve)
+ rv = SC_ERROR_OUT_OF_MEMORY;
+ }
+ else {
+ sc_log(ctx, "named_curve parameter missing");
+ rv = SC_ERROR_NOT_SUPPORTED;
+ }
  }
 
  break;