Skip to content

Commit

Permalink
Implement SignaturePrivateKey::parse_der
Browse files Browse the repository at this point in the history
  • Loading branch information
plq committed Aug 1, 2023
1 parent 16ffaf7 commit 1b51a2b
Show file tree
Hide file tree
Showing 7 changed files with 64 additions and 1 deletion.
1 change: 1 addition & 0 deletions include/mls/crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,7 @@ struct SignaturePrivateKey
{
static SignaturePrivateKey generate(CipherSuite suite);
static SignaturePrivateKey parse(CipherSuite suite, const bytes& data);
static SignaturePrivateKey parse_der(CipherSuite suite, const bytes& data);
static SignaturePrivateKey derive(CipherSuite suite, const bytes& secret);

SignaturePrivateKey() = default;
Expand Down
3 changes: 3 additions & 0 deletions lib/hpke/include/hpke/signature.h
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,9 @@ struct Signature
virtual std::unique_ptr<PrivateKey> deserialize_private(
const bytes& skm) const;

virtual std::unique_ptr<PrivateKey> deserialize_private_der(
const bytes& der) const;

virtual bytes sign(const bytes& data, const PrivateKey& sk) const = 0;
virtual bool verify(const bytes& data,
const bytes& sig,
Expand Down
33 changes: 33 additions & 0 deletions lib/hpke/src/group.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
#include "openssl/ec.h"
#include "openssl/evp.h"
#include "openssl/obj_mac.h"
#include "openssl/pem.h"
#if defined(WITH_OPENSSL3)
#include "openssl/core_names.h"
#include "openssl/param_build.h"
Expand Down Expand Up @@ -526,6 +527,22 @@ struct ECKeyGroup : public EVPGroup
#endif
}

std::unique_ptr<Group::PrivateKey> deserialize_private_der(
const bytes& der) const override
{
BIO* mem = BIO_new_mem_buf(der.data(), static_cast<int>(der.size()));
if (!mem) {
throw openssl_error();
}
EVP_PKEY* pkey = d2i_PrivateKey_bio(mem, NULL);
BIO_free(mem);
if (!pkey) {
throw openssl_error();
}

return std::make_unique<EVPGroup::PrivateKey>(pkey);
}

private:
int curve_nid;

Expand Down Expand Up @@ -651,6 +668,22 @@ struct RawKeyGroup : public EVPGroup
return std::make_unique<EVPGroup::PrivateKey>(pkey);
}

std::unique_ptr<Group::PrivateKey> deserialize_private_der(
const bytes& der) const override
{
BIO* mem = BIO_new_mem_buf(der.data(), static_cast<int>(der.size()));
if (!mem) {
throw openssl_error();
}
EVP_PKEY* pkey = d2i_PrivateKey_bio(mem, NULL);
BIO_free(mem);
if (!pkey) {
throw openssl_error();
}

return std::make_unique<RawKeyGroup::PrivateKey>(pkey);
}

private:
const int evp_type;

Expand Down
2 changes: 2 additions & 0 deletions lib/hpke/src/group.h
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,8 @@ struct Group
virtual bytes serialize_private(const PrivateKey& sk) const = 0;
virtual std::unique_ptr<PrivateKey> deserialize_private(
const bytes& skm) const = 0;
virtual std::unique_ptr<PrivateKey> deserialize_private_der(
const bytes& der) const = 0;

virtual bytes dh(const PrivateKey& sk, const PublicKey& pk) const = 0;

Expand Down
14 changes: 14 additions & 0 deletions lib/hpke/src/signature.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
#include "group.h"
#include "rsa.h"
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>

namespace hpke {
Expand Down Expand Up @@ -89,6 +90,13 @@ struct GroupSignature : public Signature
group.deserialize_private(skm).release());
}

std::unique_ptr<Signature::PrivateKey> deserialize_private_der(
const bytes& der) const override
{
return std::make_unique<PrivateKey>(
group.deserialize_private_der(der).release());
}

bytes sign(const bytes& data, const Signature::PrivateKey& sk) const override
{
const auto& rsk = dynamic_cast<const PrivateKey&>(sk);
Expand Down Expand Up @@ -188,6 +196,12 @@ Signature::deserialize_private(const bytes& /* unused */) const
throw std::runtime_error("Not implemented");
}

std::unique_ptr<Signature::PrivateKey>
Signature::deserialize_private_der(const bytes&) const
{
throw std::runtime_error("Not implemented");
}

std::unique_ptr<Signature::PrivateKey>
Signature::generate_rsa(size_t bits)
{
Expand Down
10 changes: 10 additions & 0 deletions src/crypto.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -402,6 +402,16 @@ SignaturePrivateKey::parse(CipherSuite suite, const bytes& data)
return { data, pub_data };
}

SignaturePrivateKey
SignaturePrivateKey::parse_der(CipherSuite suite, const bytes& data)
{
auto priv = suite.sig().deserialize_private_der(data);
auto pub = priv->public_key();
auto pub_data = suite.sig().serialize(*pub);
auto priv_data = suite.sig().serialize_private(*priv);
return { priv_data, pub_data };
}

SignaturePrivateKey
SignaturePrivateKey::derive(CipherSuite suite, const bytes& secret)
{
Expand Down
2 changes: 1 addition & 1 deletion test/credential.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ TEST_CASE("X509 Credential EC certificates")

const std::vector<bytes> der_in{ cert };

auto key = SignaturePrivateKey::parse(
auto key = SignaturePrivateKey::parse_der(
mls::CipherSuite::ID::P256_AES128GCM_SHA256_P256, keydata);

auto cred = Credential::x509(der_in);
Expand Down

0 comments on commit 1b51a2b

Please sign in to comment.