Merge pull request #5072 from JacobBarthelmeh/Compatibility-Layer

add support for importing private only EC key to a WOLFSSL_EVP_PKEY s…
This commit is contained in:
David Garske 2022-06-27 12:34:00 -07:00 committed by GitHub
commit 94e7eacc5f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 5 deletions

View File

@ -26465,6 +26465,21 @@ static int test_wc_EccPrivateKeyToDer (void)
if (ret == 0) {
ret = wc_EccPrivateKeyToDer(&eccKey, output, inLen);
if (ret > 0) {
#if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
/* test importing private only into a PKEY struct */
EC_KEY* ec;
EVP_PKEY* pkey;
const unsigned char* der = output;
pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, ret);
AssertNotNull(pkey);
der = output;
ec = d2i_ECPrivateKey(NULL, &der, ret);
AssertNotNull(ec);
AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
#endif
ret = 0;
}
}

View File

@ -7974,6 +7974,12 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
else
#endif /* HAVE_PKCS8 */
{
if (ecc->type == ECC_PRIVATEKEY_ONLY) {
if (wc_ecc_make_pub(ecc, NULL) != MP_OKAY) {
return WOLFSSL_FAILURE;
}
}
/* if not, the pkey will be traditional ecc key */
if ((derSz = wc_EccKeyDerSize(ecc, 1)) > 0) {
derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_OPENSSL);
@ -8058,15 +8064,21 @@ void* wolfSSL_EVP_X_STATE(const WOLFSSL_EVP_CIPHER_CTX* ctx)
}
int wolfSSL_EVP_PKEY_assign_EC_KEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY* key)
{
int ret;
if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE;
pkey->type = EVP_PKEY_EC;
pkey->ecc = key;
pkey->ownEcc = 1;
/* try and populate public pkey_sz and pkey.ptr */
return ECC_populate_EVP_PKEY(pkey, key);
ret = ECC_populate_EVP_PKEY(pkey, key);
if (ret == WOLFSSL_SUCCESS) { /* take ownership of key if can be used */
clearEVPPkeyKeys(pkey); /* clear out any previous keys */
pkey->type = EVP_PKEY_EC;
pkey->ecc = key;
pkey->ownEcc = 1;
}
return ret;
}
#endif /* HAVE_ECC */
@ -8565,6 +8577,7 @@ int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key)
if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE;
clearEVPPkeyKeys(pkey);
pkey->type = EVP_PKEY_RSA;
pkey->rsa = key;
pkey->ownRsa = 1;
@ -8600,6 +8613,7 @@ int wolfSSL_EVP_PKEY_assign_DSA(EVP_PKEY* pkey, WOLFSSL_DSA* key)
if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE;
clearEVPPkeyKeys(pkey);
pkey->type = EVP_PKEY_DSA;
pkey->dsa = key;
pkey->ownDsa = 1;
@ -8614,6 +8628,7 @@ int wolfSSL_EVP_PKEY_assign_DH(EVP_PKEY* pkey, WOLFSSL_DH* key)
if (pkey == NULL || key == NULL)
return WOLFSSL_FAILURE;
clearEVPPkeyKeys(pkey);
pkey->type = EVP_PKEY_DH;
pkey->dh = key;
pkey->ownDh = 1;