Merge pull request #631 from dgarske/ecc_privkey_import_oid

Fix for "wc_EccPrivateKeyDecode" to handle custom curve OID.

wolfcrypt/src/asn.c

@@ -1313,7 +1313,7 @@ int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
             #endif /* HAVE_OID_DECODING */
         #endif
 
-            if (checkOid != NULL && 
+            if (checkOid != NULL &&
                 (checkOidSz != actualOidSz ||
                     XMEMCMP(actualOid, checkOid, checkOidSz) != 0)) {
                 WOLFSSL_MSG("OID Check Failed");
@@ -8864,11 +8864,12 @@ int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
 int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
                         word32 inSz)
 {
-    word32 oid = 0;
+    word32 oidSum = 0;
     int    version, length;
     int    privSz, pubSz;
     byte   b;
     int    ret = 0;
+    int    curve_id = ECC_CURVE_DEF;
 #ifdef WOLFSSL_SMALL_STACK
     byte* priv;
     byte* pub;
@@ -8936,11 +8937,16 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
             }
             else {
                 while(length--) {
-                    oid += input[*inOutIdx];
+                    oidSum += input[*inOutIdx];
                     *inOutIdx += 1;
                 }
-                if (CheckCurve(oid) < 0)
+                if ((ret = CheckCurve(oidSum)) < 0) {
                     ret = ECC_CURVE_OID_E;
+                }
+                else {
+                    curve_id = ret;
+                    ret = 0;
+                }
             }
         }
     }
@@ -8984,8 +8990,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
                     if (pubSz < 2*(ECC_MAXSIZE+1)) {
                         XMEMCPY(pub, &input[*inOutIdx], pubSz);
                         *inOutIdx += length;
-                        ret = wc_ecc_import_private_key(priv, privSz, pub, pubSz,
+                        ret = wc_ecc_import_private_key_ex(priv, privSz, pub,
-                                                     key);
+                                                        pubSz, key, curve_id);
                     } else
                         ret = BUFFER_E;
                 }

wolfcrypt/src/ecc.c

@@ -4085,11 +4085,10 @@ int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen)
 #endif /* HAVE_ECC_KEY_EXPORT */
 
 #ifdef HAVE_ECC_KEY_IMPORT
-/* ecc private key import, public key in ANSI X9.63 format, private raw */
+int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz, const byte* pub,
-int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
+                           word32 pubSz, ecc_key* key, int curve_id)
-                           word32 pubSz, ecc_key* key)
 {
-    int ret = wc_ecc_import_x963(pub, pubSz, key);
+    int ret = wc_ecc_import_x963_ex(pub, pubSz, key, curve_id);
     if (ret != 0)
         return ret;
 
@@ -4104,6 +4103,14 @@ int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
 
     return ret;
 }
+
+/* ecc private key import, public key in ANSI X9.63 format, private raw */
+int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
+                           word32 pubSz, ecc_key* key)
+{
+    return wc_ecc_import_private_key_ex(priv, privSz, pub, pubSz, key,
+                                                                ECC_CURVE_DEF);
+}
 #endif /* HAVE_ECC_KEY_IMPORT */
 
 #ifndef NO_ASN

wolfssl/wolfcrypt/ecc.h

@@ -331,6 +331,9 @@ WOLFSSL_API
 int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
                            word32 pubSz, ecc_key* key);
 WOLFSSL_API
+int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
+                const byte* pub, word32 pubSz, ecc_key* key, int curve_id);
+WOLFSSL_API
 int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
 WOLFSSL_API
 int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,