Skip to content

Commit

Permalink
Implement support for ec point compression query
Browse files Browse the repository at this point in the history
OpenSSL TLS code needs to know if the EC public key is in compressed or
uncompressed representation, for peer keys.
Add support to return this information from public keys.

Signed-off-by: Simo Sorce <[email protected]>
  • Loading branch information
simo5 committed Oct 1, 2024
1 parent 6b51b63 commit bc17192
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 1 deletion.
15 changes: 14 additions & 1 deletion src/keymgmt.c
Original file line number Diff line number Diff line change
Expand Up @@ -1640,6 +1640,18 @@ static int p11prov_ec_get_params(void *keydata, OSSL_PARAM params[])
memcpy(p->data, pub_key->pValue, pub_key->ulValueLen);
}
}
p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT);
if (p) {
bool compressed = p11prov_obj_get_ec_compressed(key);
if (compressed) {
ret = OSSL_PARAM_set_utf8_string(p, "compressed");
} else {
ret = OSSL_PARAM_set_utf8_string(p, "uncompressed");
}
if (ret != RET_OSSL_OK) {
return ret;
}
}

return RET_OSSL_OK;
}
Expand All @@ -1655,10 +1667,11 @@ static const OSSL_PARAM *p11prov_ec_gettable_params(void *provctx)
OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_PUB_X, NULL, 0),
OSSL_PARAM_BN(OSSL_PKEY_PARAM_EC_PUB_Y, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT, NULL,
0),
/*
* OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAM
* OSSL_PKEY_PARAM_EC_ENCODING
* OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT
* OSSL_PKEY_PARAM_EC_FIELD_TYPE
* OSSL_PKEY_PARAM_EC_P
* OSSL_PKEY_PARAM_EC_A
Expand Down
14 changes: 14 additions & 0 deletions src/objects.c
Original file line number Diff line number Diff line change
Expand Up @@ -1728,6 +1728,20 @@ const char *p11prov_obj_get_ec_group_name(P11PROV_OBJ *obj)
return (const char *)attr->pValue;
}

bool p11prov_obj_get_ec_compressed(P11PROV_OBJ *obj)
{
CK_ATTRIBUTE *pub_key;
uint8_t *buf;

pub_key = p11prov_obj_get_attr(obj, CKA_P11PROV_PUB_KEY);
if (!pub_key) {
return false;
}
buf = pub_key->pValue;

return (buf[0] & 0x01) == 0x01;
}

static int ossl_param_construct_bn(P11PROV_CTX *provctx, OSSL_PARAM *param,
const char *key, const BIGNUM *val)
{
Expand Down
1 change: 1 addition & 0 deletions src/objects.h
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ CK_RV p11prov_obj_set_attributes(P11PROV_CTX *ctx, P11PROV_SESSION *session,
P11PROV_OBJ *obj, CK_ATTRIBUTE *template,
CK_ULONG tsize);
const char *p11prov_obj_get_ec_group_name(P11PROV_OBJ *obj);
bool p11prov_obj_get_ec_compressed(P11PROV_OBJ *obj);
int p11prov_obj_export_public_key(P11PROV_OBJ *obj, CK_KEY_TYPE key_type,
bool search_related, OSSL_CALLBACK *cb_fn,
void *cb_arg);
Expand Down

0 comments on commit bc17192

Please sign in to comment.