/*
Get the BIT STRING key and plug into RSA structure. Not included in
asn1.c because it deals directly with the sslRsaKey_t struct.
*/
int32 getPubKey(psPool_t *pool, unsigned char **pp, int32 len,
sslRsaKey_t *pubKey)
{
unsigned char *p = *pp;
int32 pubKeyLen, ignore_bits, seqLen;
if (len < 1 || (*(p++) != ASN_BIT_STRING) ||
asnParseLength(&p, len - 1, &pubKeyLen) < 0 ||
(len - 1) < pubKeyLen) {
return -1;
}
ignore_bits = *p++;
/*
We assume this is always zero
*/
sslAssert(ignore_bits == 0);
if (getSequence(&p, pubKeyLen, &seqLen) < 0 ||
getBig(pool, &p, seqLen, &pubKey->N) < 0 ||
getBig(pool, &p, seqLen, &pubKey->e) < 0) {
return -1;
}
pubKey->size = mp_unsigned_bin_size(&pubKey->N);
*pp = p;
return 0;
}
/**
Parse an RSA private key from a PKCS#1 byte stream.
@see ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
*/
int32_t psRsaParsePkcs1PrivKey(psPool_t *pool,
const unsigned char *p, psSize_t size,
psRsaKey_t *key)
{
RSA *rsa;
# ifndef USE_D2I
const unsigned char *end, *seq;
int32_t version;
psSize_t seqlen;
# endif
# ifdef USE_D2I
if ((rsa = d2i_RSAPrivateKey(NULL, &p, size)) == NULL)
{
return PS_PARSE_FAIL;
}
# else
if ((rsa = RSA_new()) == NULL)
{
return PS_MEM_FAIL;
}
end = p + size;
if (getAsnSequence(&p, size, &seqlen) < 0)
{
RSA_free(rsa);
goto L_FAIL;
}
seq = p;
if (getAsnInteger(&p, (uint16_t) (end - p), &version) < 0 || version != 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->n) < 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->e) < 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->d) < 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->p) < 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->q) < 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->dmp1) < 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->dmq1) < 0 ||
getBig(&p, (uint16_t) (end - p), &rsa->iqmp) < 0 ||
(uint16_t) (p - seq) != seqlen)
{
RSA_free(rsa);
goto L_FAIL;
}
rsa->version = version;
# endif
/* RSA_print_fp(stdout, rsa, 0); */
*key = rsa;
return PS_SUCCESS;
L_FAIL:
psTraceIntCrypto("psRsaParsePkcs1PrivKey error on byte %d\n", p - (end - size));
return PS_PARSE_FAIL;
}
bool
SMT::decompile()
{
ImageBuf *bigBuf = getBig();
char filename[256];
sprintf(filename, "%s_tiles.png", outPrefix.c_str());
if(verbose )cout << "INFO: Saving to " << filename << endl;
bigBuf->save(filename);
return false;
}
static int32 psAsnParsePrivateKey(psPool_t *pool, unsigned char **pp,
int32 size, sslRsaKey_t *key)
{
unsigned char *p, *end, *seq;
int32 version, seqlen;
key->optimized = 0;
p = *pp;
end = p + size;
if (getSequence(&p, size, &seqlen) < 0) {
matrixStrDebugMsg("ASN sequence parse error\n", NULL);
return -1;
}
seq = p;
if (getInteger(&p, (int32)(end - p), &version) < 0 || version != 0 ||
getBig(pool, &p, (int32)(end - p), &(key->N)) < 0 ||
mp_shrink(&key->N) != MP_OKAY ||
getBig(pool, &p, (int32)(end - p), &(key->e)) < 0 ||
mp_shrink(&key->e) != MP_OKAY ||
getBig(pool, &p, (int32)(end - p), &(key->d)) < 0 ||
mp_shrink(&key->d) != MP_OKAY ||
getBig(pool, &p, (int32)(end - p), &(key->p)) < 0 ||
mp_shrink(&key->p) != MP_OKAY ||
getBig(pool, &p, (int32)(end - p), &(key->q)) < 0 ||
mp_shrink(&key->q) != MP_OKAY ||
getBig(pool, &p, (int32)(end - p), &(key->dP)) < 0 ||
mp_shrink(&key->dP) != MP_OKAY ||
getBig(pool, &p, (int32)(end - p), &(key->dQ)) < 0 ||
mp_shrink(&key->dQ) != MP_OKAY ||
getBig(pool, &p, (int32)(end - p), &(key->qP)) < 0 ||
mp_shrink(&key->qP) != MP_OKAY ||
(int32)(p - seq) != seqlen) {
matrixStrDebugMsg("ASN key extract parse error\n", NULL);
return -1;
}
/*
If we made it here, the key is ready for optimized decryption
*/
key->optimized = 1;
*pp = p;
/*
Set the key length of the key
*/
key->size = mp_unsigned_bin_size(&key->N);
return 0;
}
/*
Parse DER encoded asn.1 RSA public key out of a certificate stream.
We reach here with 'pp' pointing to the byte after the algorithm identifier.
*/
int32_t psRsaParseAsnPubKey(psPool_t *pool,
const unsigned char **pp, psSize_t len,
psRsaKey_t *key, unsigned char sha1KeyHash[SHA1_HASH_SIZE])
{
# ifdef USE_SHA1
psDigestContext_t dc;
# endif
const unsigned char *p = *pp;
RSA *rsa;
psSize_t keylen;
# ifndef USE_D2I
psSize_t seqlen;
# endif
if (len < 1 || (*(p++) != ASN_BIT_STRING) ||
getAsnLength(&p, len - 1, &keylen))
{
goto L_FAIL;
}
/* ignored bits field should be zero */
if (*p++ != 0)
{
goto L_FAIL;
}
keylen--;
# ifdef USE_SHA1
/* A public key hash is used in PKI tools (OCSP, Trusted CA indication).
Standard RSA form - SHA-1 hash of the value of the BIT STRING
subjectPublicKey [excluding the tag, length, and number of unused
bits] */
psSha1Init(&dc.sha1);
psSha1Update(&dc.sha1, p, keylen);
psSha1Final(&dc.sha1, sha1KeyHash);
# endif
# ifdef USE_D2I
/* OpenSSL expects to parse after the ignored bits field */
if ((rsa = d2i_RSAPublicKey(NULL, &p, keylen)) == NULL)
{
goto L_FAIL;
}
# else
/* We can manually create the structures as OpenSSL would */
rsa = RSA_new();
if (getAsnSequence(&p, keylen, &seqlen) < 0 ||
getBig(&p, seqlen, &rsa->n) < 0 ||
getBig(&p, seqlen, &rsa->e) < 0)
{
RSA_free(rsa);
goto L_FAIL;
}
# endif
/* RSA_print_fp(stdout, rsa, 0); */
*pp = p;
*key = rsa;
return PS_SUCCESS;
L_FAIL:
psTraceIntCrypto("psRsaParseAsnPubKey error on byte %d\n", p - *pp);
return PS_PARSE_FAIL;
}
