From: Richard Levitte Date: Mon, 27 Jul 2020 16:40:02 +0000 (+0200) Subject: DESERIALIZER: Make it possible to deserialize public keys too X-Git-Tag: openssl-3.0.0-alpha6~27 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3ff8159a8af6ab4e945318c56cd2fffcdd817cf8;p=thirdparty%2Fopenssl.git DESERIALIZER: Make it possible to deserialize public keys too Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12544) --- diff --git a/providers/implementations/serializers/deserialize_der2rsa.c b/providers/implementations/serializers/deserialize_der2rsa.c index 80be281ec94..710fd2d1a8f 100644 --- a/providers/implementations/serializers/deserialize_der2rsa.c +++ b/providers/implementations/serializers/deserialize_der2rsa.c @@ -123,8 +123,13 @@ static int der2rsa_deserialize(void *vctx, OSSL_CORE_BIO *cin, } derp = der; - if ((pkey = d2i_PrivateKey_ex(ctx->type, NULL, &derp, der_len, - libctx, NULL)) != NULL) { + pkey = d2i_PrivateKey_ex(ctx->type, NULL, &derp, der_len, libctx, NULL); + if (pkey == NULL) { + derp = der; + pkey = d2i_PUBKEY(NULL, &derp, der_len); + } + + if (pkey != NULL) { /* Tear out the RSA pointer from the pkey */ rsa = EVP_PKEY_get1_RSA(pkey); EVP_PKEY_free(pkey); diff --git a/test/serdes_test.c b/test/serdes_test.c index d5ba3940e90..df6008a6f6f 100644 --- a/test/serdes_test.c +++ b/test/serdes_test.c @@ -426,6 +426,64 @@ static int test_protected_RSA_PSS_via_legacy_PEM(void) NULL, 1); } +static int check_public_DER(int type, const void *data, size_t data_len) +{ + const unsigned char *datap = data; + EVP_PKEY *pkey = d2i_PUBKEY(NULL, &datap, data_len); + int ok = (TEST_ptr(pkey) && TEST_true(EVP_PKEY_is_a(pkey, "RSA"))); + + EVP_PKEY_free(pkey); + return ok; +} + +static int test_public_RSA_via_DER(void) +{ + return test_serialize_deserialize("RSA", NULL, NULL, + serialize_EVP_PKEY_prov, + deserialize_EVP_PKEY_prov, + check_public_DER, dump_der, + OSSL_SERIALIZER_PUBKEY_TO_DER_PQ, + 0); +} + +static int test_public_RSA_PSS_via_DER(void) +{ + return test_serialize_deserialize("RSA-PSS", NULL, NULL, + serialize_EVP_PKEY_prov, + deserialize_EVP_PKEY_prov, + check_public_DER, dump_der, + OSSL_SERIALIZER_PUBKEY_TO_DER_PQ, + 0); +} + +static int check_public_PEM(int type, const void *data, size_t data_len) +{ + static const char pem_header[] = "-----BEGIN " PEM_STRING_PUBLIC "-----"; + + return + TEST_strn_eq(data, pem_header, sizeof(pem_header) - 1); +} + +static int test_public_RSA_via_PEM(void) +{ + return test_serialize_deserialize("RSA", NULL, NULL, + serialize_EVP_PKEY_prov, + deserialize_EVP_PKEY_prov, + check_public_PEM, dump_pem, + OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ, + 0); +} + +static int test_public_RSA_PSS_via_PEM(void) +{ + return test_serialize_deserialize("RSA-PSS", NULL, NULL, + serialize_EVP_PKEY_prov, + deserialize_EVP_PKEY_prov, + check_public_PEM, dump_pem, + OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ, + 0); +} + int setup_tests(void) { TEST_info("Generating keys..."); @@ -447,12 +505,16 @@ int setup_tests(void) ADD_TEST(test_protected_RSA_via_DER); ADD_TEST(test_protected_RSA_via_PEM); ADD_TEST(test_protected_RSA_via_legacy_PEM); + ADD_TEST(test_public_RSA_via_DER); + ADD_TEST(test_public_RSA_via_PEM); ADD_TEST(test_unprotected_RSA_PSS_via_DER); ADD_TEST(test_unprotected_RSA_PSS_via_PEM); ADD_TEST(test_unprotected_RSA_PSS_via_legacy_PEM); ADD_TEST(test_protected_RSA_PSS_via_DER); ADD_TEST(test_protected_RSA_PSS_via_PEM); ADD_TEST(test_protected_RSA_PSS_via_legacy_PEM); + ADD_TEST(test_public_RSA_PSS_via_DER); + ADD_TEST(test_public_RSA_PSS_via_PEM); return 1; }