CryptX
view release on metacpan or search on metacpan
inc/CryptX_PK_DSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { dsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_DSA) croak("FATAL: pem_decode_pkcs decoded non-DSA key");
self->key = key_from_pem.u.dsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::DSA self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
unsigned char *data = NULL;
inc/CryptX_PK_DSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { dsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_DSA) croak("FATAL: pem_decode_openssh decoded non-DSA key");
self->key = key_from_pem.u.dsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_hex(Crypt::PK::DSA self, char *p, char *q, char *g, char *x, char *y)
PPCODE:
{
int rv;
unsigned char pbin[512], qbin[512], gbin[512], xbin[512], ybin[512];
inc/CryptX_PK_ECC.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_EC) croak("FATAL: pem_decode_pkcs decoded non-ECC key");
self->key = key_from_pem.u.ecc;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::ECC self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
unsigned char *data = NULL;
inc/CryptX_PK_ECC.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_EC) croak("FATAL: pem_decode_openssh decoded non-ECC key");
self->key = key_from_pem.u.ecc;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::ECC self, SV * key_data)
PPCODE:
{
int rv;
unsigned char *data=NULL;
inc/CryptX_PK_Ed25519.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_ED25519) croak("FATAL: pem_decode_pkcs decoded non-Ed25519 key");
self->key = key_from_pem.u.ed25519;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::Ed25519 self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
inc/CryptX_PK_Ed25519.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_ED25519) croak("FATAL: pem_decode_openssh decoded non-Ed25519 key");
self->key = key_from_pem.u.ed25519;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::Ed25519 self, SV * key_data)
PPCODE:
{
int rv;
inc/CryptX_PK_RSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_RSA) croak("FATAL: pem_decode_pkcs decoded non-RSA key");
self->key = key_from_pem.u.rsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::RSA self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
inc/CryptX_PK_RSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_RSA) croak("FATAL: pem_decode_openssh decoded non-RSA key");
self->key = key_from_pem.u.rsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::RSA self, SV * key_data)
PPCODE:
{
int rv;
unsigned char *data=NULL;
inc/CryptX_PK_X25519.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_X25519) croak("FATAL: pem_decode_pkcs decoded non-X25519 key");
self->key = key_from_pem.u.x25519;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::X25519 self, SV * key_data)
PPCODE:
{
int rv;
src/ltc/headers/tomcrypt_custom.h view on Meta::CPAN
#endif
#endif
#if defined(LTC_PEM)
/* Size of the line-buffer */
#ifndef LTC_PEM_DECODE_BUFSZ
#define LTC_PEM_DECODE_BUFSZ 80
#elif LTC_PEM_DECODE_BUFSZ < 72
#error "LTC_PEM_DECODE_BUFSZ shall not be < 72 bytes"
#endif
/* Size of the decoded data buffer */
#ifndef LTC_PEM_READ_BUFSIZE
#ifdef LTC_FILE_READ_BUFSIZE
#define LTC_PEM_READ_BUFSIZE LTC_FILE_READ_BUFSIZE
#else
#define LTC_PEM_READ_BUFSIZE 4096
#endif
#endif
#if defined(LTC_SSH)
#define LTC_PEM_SSH
#endif
src/ltc/headers/tomcrypt_private.h view on Meta::CPAN
* EncryptedPrivateKeyInfo ::= SEQUENCE {
* encryptionAlgorithm EncryptionAlgorithmIdentifier,
* encryptedData EncryptedData }
* where:
* - EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
* - EncryptedData ::= OCTET STRING
*/
int pkcs8_decode_flexi(const unsigned char *in, unsigned long inlen,
const password_ctx *pw_ctx,
ltc_asn1_list **decoded_list);
int pkcs8_get_children(const ltc_asn1_list *decoded_list, enum ltc_oid_id *pka,
ltc_asn1_list **alg_id, ltc_asn1_list **priv_key);
#endif /* LTC_PKCS_8 */
#ifdef LTC_PKCS_12
int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen);
src/ltc/misc/base16/base16_decode.c view on Meta::CPAN
Based on https://stackoverflow.com/a/23898449
Adapted for libtomcrypt by Steffen Jaeckel
*/
#ifdef LTC_BASE16
/**
Base16 decode a string
@param in The Base16 string to decode
@param inlen The length of the Base16 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base16_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
unsigned long pos, out_len;
unsigned char idx0, idx1;
char in0, in1;
const unsigned char hashmap[] = {
src/ltc/misc/base32/base32_decode.c view on Meta::CPAN
/* SPDX-License-Identifier: Unlicense */
#include "tomcrypt_private.h"
#ifdef LTC_BASE32
/**
Base32 decode a buffer
@param in The Base32 data to decode
@param inlen The length of the Base32 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD
@return CRYPT_OK if successful
*/
int base32_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
base32_alphabet id)
{
unsigned long x;
int y = 0;
ulong64 t = 0;
src/ltc/misc/base64/base64_decode.c view on Meta::CPAN
}
*outlen = z;
return CRYPT_OK;
}
#if defined(LTC_BASE64)
/**
Dangerously relaxed base64 decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64, insane);
}
/**
Strict base64 decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64_strict_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64, strict);
}
/**
Sane base64 decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64_sane_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed);
}
#endif /* LTC_BASE64 */
#if defined(LTC_BASE64_URL)
/**
Dangerously relaxed base64 (URL Safe, RFC 4648 section 5) decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64url_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, insane);
}
/**
Strict base64 (URL Safe, RFC 4648 section 5) decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64url_strict_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, strict);
}
/**
Sane base64 (URL Safe, RFC 4648 section 5) decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64url_sane_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, relaxed);
}
#endif /* LTC_BASE64_URL */
#endif
src/ltc/misc/ssh/ssh_decode_sequence_multi.c view on Meta::CPAN
/**
@file ssh_decode_sequence_multi.c
SSH data type representation as per RFC4251, Russ Williams
*/
#ifdef LTC_SSH
/**
Decode a SSH sequence using a VA list
@param in The input buffer
@param inlen [in/out] The length of the input buffer and on output the amount of decoded data
@remark <...> is of the form <type, data*> (int, <unsigned char*,ulong32*,ulong64*>) except for string&name-list <type, data, size*> (int, void*, unsigned long*)
@return CRYPT_OK on success
*/
int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...)
{
int err;
va_list args;
ssh_data_type type;
void *vdata;
unsigned char *cdata;
src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c view on Meta::CPAN
}
for (i = 0; i < (int)outlen; i++) {
if (list[i].used == 0 && list[i].optional == 0) {
err = CRYPT_INVALID_PACKET;
goto LBL_ERR;
}
}
if (blksize == x && seq_err == CRYPT_OK && inlen == 0) {
/* everything decoded and no errors in nested sequences */
err = CRYPT_OK;
} else if (blksize == x && seq_err == CRYPT_INPUT_TOO_LONG && inlen == 0) {
/* a sequence reported too-long input, but now we've decoded everything */
err = CRYPT_OK;
} else if (blksize != x && ((flags & LTC_DER_SEQ_STRICT) == LTC_DER_SEQ_STRICT)) {
err = CRYPT_INVALID_PACKET;
} else {
err = CRYPT_INPUT_TOO_LONG;
}
LBL_ERR:
if (in_new != NULL) {
XFREE(in_new);
src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c view on Meta::CPAN
/* 25 */
LTC_ASN1_PC_PRIMITIVE,
LTC_ASN1_PC_PRIMITIVE,
LTC_ASN1_PC_PRIMITIVE,
LTC_ASN1_PC_PRIMITIVE,
};
static const unsigned long tag_constructed_map_sz = sizeof(tag_constructed_map)/sizeof(tag_constructed_map[0]);
/**
Decode the ASN.1 Identifier
@param id Where to store the decoded Identifier
@param in Where to read the Identifier from
@param inlen [in/out] The size of in available/read
@return CRYPT_OK if successful
*/
int der_decode_asn1_identifier(const unsigned char *in, unsigned long *inlen, ltc_asn1_list *id)
{
ulong64 tmp;
unsigned long tag_len;
int err;
src/ltc/pk/asn1/der/general/der_decode_asn1_length.c view on Meta::CPAN
/**
@file der_decode_asn1_length.c
ASN.1 DER, decode the ASN.1 Length field, Steffen Jaeckel
*/
#ifdef LTC_DER
/**
Decode the ASN.1 Length field
@param in Where to read the length field from
@param inlen [in/out] The size of in available/read
@param outlen [out] The decoded ASN.1 length
@return CRYPT_OK if successful
*/
int der_decode_asn1_length(const unsigned char *in, unsigned long *inlen, unsigned long *outlen)
{
unsigned long real_len, decoded_len, offset, i;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != NULL);
if (*inlen < 1) {
return CRYPT_BUFFER_OVERFLOW;
}
real_len = in[0];
if (real_len < 128) {
decoded_len = real_len;
offset = 1;
} else {
real_len &= 0x7F;
if (real_len == 0) {
return CRYPT_PK_ASN1_ERROR;
}
if (real_len > sizeof(decoded_len)) {
return CRYPT_OVERFLOW;
}
if (real_len > (*inlen - 1)) {
return CRYPT_BUFFER_OVERFLOW;
}
decoded_len = 0;
offset = 1 + real_len;
for (i = 0; i < real_len; i++) {
decoded_len = (decoded_len << 8) | in[1 + i];
}
}
if (outlen != NULL) *outlen = decoded_len;
if (decoded_len > (*inlen - offset)) return CRYPT_OVERFLOW;
*inlen = offset;
return CRYPT_OK;
}
#endif
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
if ((*l)->next == NULL) {
return CRYPT_MEM;
}
(*l)->next->prev = *l;
*l = (*l)->next;
}
return CRYPT_OK;
}
/**
ASN.1 DER Flexi(ble) decoder will decode arbitrary DER packets and create a linked list of the decoded elements.
@param in The input buffer
@param inlen [in/out] The length of the input buffer and on output the amount of decoded data
@param out [out] A pointer to the linked list
@param depth The depth/level of decoding recursion we've already reached
@return CRYPT_OK on success.
*/
static int s_der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out, unsigned long depth)
{
ltc_asn1_list *l;
unsigned long err, identifier, len, totlen, data_offset, id_len, len_len;
void *realloc_tmp;
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
}
break;
case 0x03: /* BIT */
if (l->type != LTC_ASN1_BIT_STRING) {
err = CRYPT_PK_ASN1_ERROR;
goto error;
}
/* init field */
l->size = len * 8; /* *8 because we store decoded bits one per char and they are encoded 8 per char. */
if ((l->data = XCALLOC(1, l->size)) == NULL) {
err = CRYPT_MEM;
goto error;
}
if ((err = der_decode_bit_string(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
goto error;
}
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
XMEMCPY(l->data, in, len);
l->size = len;
/* jump to the start of the data */
in += data_offset;
*inlen -= data_offset;
len -= data_offset;
/* save the decoded ASN.1 len */
len_len = len;
/* Sequence elements go as child */
if ((err = s_der_decode_sequence_flexi(in, &len, &(l->child), depth+1)) != CRYPT_OK) {
goto error;
}
if (len_len != len) {
err = CRYPT_PK_ASN1_ERROR;
goto error;
}
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
return CRYPT_OK;
error:
/* free list */
der_sequence_free(l);
return err;
}
/**
ASN.1 DER Flexi(ble) decoder will decode arbitrary DER packets and create a linked list of the decoded elements.
@param in The input buffer
@param inlen [in/out] The length of the input buffer and on output the amount of decoded data
@param out [out] A pointer to the linked list
@return CRYPT_OK on success.
*/
int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out)
{
return s_der_decode_sequence_flexi(in, inlen, out, 0);
}
#endif
src/ltc/pk/asn1/oid/pk_oid_cmp.c view on Meta::CPAN
if (XSTRCMP(o1, tmp) != 0) {
return CRYPT_PK_INVALID_TYPE;
}
return CRYPT_OK;
}
#ifdef LTC_DER
/*
Compare an OID string to an OID element decoded from ASN.1.
@return CRYPT_OK if equal
*/
int pk_oid_cmp_with_asn1(const char *o1, const ltc_asn1_list *o2)
{
if (o1 == NULL || o2 == NULL) return CRYPT_ERROR;
if (o2->type != LTC_ASN1_OBJECT_IDENTIFIER) return CRYPT_INVALID_ARG;
return pk_oid_cmp_with_ulong(o1, o2->data, o2->size);
}
src/ltc/pk/asn1/pkcs8/pkcs8_decode_flexi.c view on Meta::CPAN
#ifdef LTC_PKCS_8
/**
PKCS#8 decrypt if necessary & flexi-decode
@param in Pointer to the ASN.1 encoded input data
@param inlen Length of the input data
@param pwd Pointer to the password that was used when encrypting
@param pwdlen Length of the password
@param decoded_list Pointer to a pointer for the flexi-decoded list
@return CRYPT_OK on success
*/
int pkcs8_decode_flexi(const unsigned char *in, unsigned long inlen,
const password_ctx *pw_ctx,
ltc_asn1_list **decoded_list)
{
unsigned long len = inlen;
unsigned long dec_size;
unsigned char *dec_data = NULL;
ltc_asn1_list *l = NULL;
int err;
pbes_arg pbes;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(decoded_list != NULL);
XMEMSET(&pbes, 0, sizeof(pbes));
*decoded_list = NULL;
if ((err = der_decode_sequence_flexi(in, &len, &l)) == CRYPT_OK) {
/* the following "if" detects whether it is encrypted or not */
/* PKCS8 Setup
* 0:d=0 hl=4 l= 380 cons: SEQUENCE
* 4:d=1 hl=2 l= 78 cons: SEQUENCE
* 6:d=2 hl=2 l= 9 prim: OBJECT :OID indicating PBES1 or PBES2 (== *lalgoid)
* 17:d=2 hl=2 l= 65 cons: SEQUENCE
* Stuff in between is dependent on whether it's PBES1 or PBES2
* 84:d=1 hl=4 l= 296 prim: OCTET STRING :bytes (== encrypted data)
*/
src/ltc/pk/asn1/pkcs8/pkcs8_decode_flexi.c view on Meta::CPAN
err = CRYPT_MEM;
goto LBL_DONE;
}
if ((err = pbes_decrypt(&pbes, dec_data, &dec_size)) != CRYPT_OK) goto LBL_DONE;
der_free_sequence_flexi(l);
l = NULL;
err = der_decode_sequence_flexi(dec_data, &dec_size, &l);
if (err != CRYPT_OK) goto LBL_DONE;
*decoded_list = l;
}
else {
/* not encrypted */
err = CRYPT_OK;
*decoded_list = l;
}
/* Set l to NULL so it won't be free'd */
l = NULL;
}
LBL_DONE:
if (dec_data) {
zeromem(dec_data, dec_size);
XFREE(dec_data);
}
src/ltc/pk/asn1/pkcs8/pkcs8_get.c view on Meta::CPAN
/* SPDX-License-Identifier: Unlicense */
#include "tomcrypt_private.h"
/**
@file pkcs8_get.c
PKCS#8 utility functions
*/
#ifdef LTC_PKCS_8
int pkcs8_get_children(const ltc_asn1_list *decoded_list, enum ltc_oid_id *pka, ltc_asn1_list **alg_id, ltc_asn1_list **priv_key)
{
int err;
unsigned long n;
der_flexi_check flexi_should[4];
ltc_asn1_list *seq_l, *version;
LTC_ARGCHK(ltc_mp.name != NULL);
if (alg_id == NULL) alg_id = &seq_l;
/* Setup for basic structure */
n=0;
LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_INTEGER, &version);
LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_SEQUENCE, alg_id);
LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_OCTET_STRING, priv_key);
LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
err = der_flexi_sequence_cmp(decoded_list, flexi_should);
switch (err) {
case CRYPT_OK:
case CRYPT_INPUT_TOO_LONG:
/* If there are attributes added after the private_key it is tagged with version 1 and
* we get an 'input too long' error but the rest is already decoded and can be
* handled the same as for version 0
*/
if (ltc_mp_cmp_d(version->data, 0) != LTC_MP_EQ && ltc_mp_cmp_d(version->data, 1) != LTC_MP_EQ) {
return CRYPT_INVALID_PACKET;
}
break;
default:
return err;
}
return pk_get_oid_from_asn1((*alg_id)->child, pka);
src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c view on Meta::CPAN
another error if decoding or memory allocation failed
*/
int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned long inlen,
enum ltc_oid_id algorithm, ltc_asn1_type param_type,
ltc_asn1_list* parameters, unsigned long *parameters_len,
public_key_decode_cb callback, void *ctx)
{
int err;
unsigned char *tmpbuf = NULL;
unsigned long tmpbuf_len;
ltc_asn1_list *decoded_list = NULL, *spki;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != 0);
LTC_ARGCHK(callback != NULL);
if ((err = x509_decode_spki(in, inlen, &decoded_list, &spki)) != CRYPT_OK) {
return err;
}
if (algorithm == LTC_OID_EC) {
err = callback(spki->data, spki->size, ctx);
} else {
tmpbuf_len = inlen;
tmpbuf = XCALLOC(1, tmpbuf_len);
if (tmpbuf == NULL) {
src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c view on Meta::CPAN
err = x509_decode_subject_public_key_info(spki->data, spki->size,
algorithm, tmpbuf, &tmpbuf_len,
param_type, parameters, parameters_len);
if (err == CRYPT_OK) {
err = callback(tmpbuf, tmpbuf_len, ctx);
goto LBL_OUT;
}
}
LBL_OUT:
if (decoded_list) der_free_sequence_flexi(decoded_list);
if (tmpbuf != NULL) XFREE(tmpbuf);
return err;
}
#endif
src/ltc/pk/asn1/x509/x509_decode_spki.c view on Meta::CPAN
&& ((l)->type == LTC_ASN1_SEQUENCE) \
&& ((l)->child != NULL) \
&& ((l)->child->type == LTC_ASN1_OBJECT_IDENTIFIER) \
&& ((l)->next != NULL) \
&& ((l)->next->type == LTC_ASN1_BIT_STRING)
/**
DER decode a X.509 certificate and return the SubjectPublicKeyInfo
@param in The input buffer
@param inlen The length of the input buffer
@param out [out] A pointer to the decoded linked list (you take ownership of this one and
`der_free_sequence_flexi()` it when you're done)
@param spki [out] A pointer to the SubjectPublicKeyInfo
@return CRYPT_OK on success, CRYPT_NOP if no SubjectPublicKeyInfo was found, another error if decoding failed
*/
int x509_decode_spki(const unsigned char *in, unsigned long inlen, ltc_asn1_list **out, ltc_asn1_list **spki)
{
int err;
unsigned long tmp_inlen;
ltc_asn1_list *decoded_list = NULL, *l;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != 0);
tmp_inlen = inlen;
if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) {
l = decoded_list;
err = CRYPT_NOP;
/* Move 2 levels up in the tree
SEQUENCE
SEQUENCE
...
*/
if ((l->type == LTC_ASN1_SEQUENCE) && (l->child != NULL)) {
l = l->child;
src/ltc/pk/asn1/x509/x509_decode_spki.c view on Meta::CPAN
NULL
BIT STRING
*/
do {
/* The additional check for l->data is there to make sure
* we won't try to decode a list that has been 'shrunk'
*/
if ((l->type == LTC_ASN1_SEQUENCE)
&& (l->data != NULL)
&& LOOKS_LIKE_SPKI(l->child)) {
*out = decoded_list;
*spki = l;
return CRYPT_OK;
}
l = l->next;
} while(l);
}
}
}
if (decoded_list) der_free_sequence_flexi(decoded_list);
return err;
}
#endif
src/ltc/pk/rsa/rsa_verify_hash.c view on Meta::CPAN
/* get modulus len in bits */
modulus_bitlen = ltc_mp_count_bits( (key->N));
/* outlen must be at least the size of the modulus */
modulus_bytelen = ltc_mp_unsigned_bin_size( (key->N));
if (modulus_bytelen != siglen) {
return CRYPT_INVALID_PACKET;
}
/* allocate temp buffer for decoded sig */
tmpbuf = XMALLOC(siglen);
if (tmpbuf == NULL) {
return CRYPT_MEM;
}
/* RSA decode it */
x = siglen;
if ((err = ltc_mp.rsa_me(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) {
XFREE(tmpbuf);
return err;
src/ltc/pk/rsa/rsa_verify_hash.c view on Meta::CPAN
err = pkcs_1_pss_decode(hash, hashlen, tmpbuf+1, x-1, saltlen, hash_idx, modulus_bitlen, stat);
}
else{
err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat);
}
} else {
/* PKCS #1 v1.5 decode it */
unsigned char *out;
unsigned long outlen;
int decoded;
/* allocate temp buffer for decoded hash */
outlen = ((modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0)) - 3;
out = XMALLOC(outlen);
if (out == NULL) {
err = CRYPT_MEM;
goto bail_2;
}
if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) {
XFREE(out);
goto bail_2;
}
if (padding == LTC_PKCS_1_V1_5) {
unsigned long loid[16], reallen;
ltc_asn1_list digestinfo[2], siginfo[2];
/* not all hashes have OIDs... so sad */
if (hash_descriptor[hash_idx].OIDlen == 0) {
( run in 0.486 second using v1.01-cache-2.11-cpan-a9ef4e587e4 )