Merge pull request #79 from libtom/feature/rsa_import_x509

RSA import x509
2017-03-30 22:28:24 +02:00 · 2017-03-30 22:28:24 +02:00 · 77019928dd
commit 77019928dd
parent 0a400f465f ac7915ed13
16 changed files with 320 additions and 56 deletions
--- a/libtomcrypt_VS2005.vcproj
+++ b/libtomcrypt_VS2005.vcproj
@ -1575,6 +1575,10 @@
 							RelativePath="src\pk\asn1\der\sequence\der_sequence_free.c"
 							>
 						</File>
 						<File
 							RelativePath="src\pk\asn1\der\sequence\der_sequence_shrink.c"
 							>
 						</File>
 					</Filter>
 					<Filter
 						Name="set"
@ -1921,6 +1925,10 @@
 					RelativePath="src\pk\rsa\rsa_import_radix.c"
 					>
 				</File>
 				<File
 					RelativePath="src\pk\rsa\rsa_import_x509.c"
 					>
 				</File>
 				<File
 					RelativePath="src\pk\rsa\rsa_make_key.c"
 					>
--- a/libtomcrypt_VS2008.vcproj
+++ b/libtomcrypt_VS2008.vcproj
@ -1816,6 +1816,10 @@
 							RelativePath="src\pk\asn1\der\sequence\der_sequence_free.c"
 							>
 						</File>
 						<File
 							RelativePath="src\pk\asn1\der\sequence\der_sequence_shrink.c"
 							>
 						</File>
 					</Filter>
 					<Filter
 						Name="set"
@ -2162,6 +2166,10 @@
 					RelativePath="src\pk\rsa\rsa_import_radix.c"
 					>
 				</File>
 				<File
 					RelativePath="src\pk\rsa\rsa_import_x509.c"
 					>
 				</File>
 				<File
 					RelativePath="src\pk\rsa\rsa_make_key.c"
 					>
--- a/12
+++ b/12
@ -141,8 +141,8 @@ src/pk/asn1/der/sequence/der_encode_sequence_ex.o \
 src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
 src/pk/asn1/der/sequence/der_encode_subject_public_key_info.o \
 src/pk/asn1/der/sequence/der_length_sequence.o src/pk/asn1/der/sequence/der_sequence_free.o \
-src/pk/asn1/der/set/der_encode_set.o src/pk/asn1/der/set/der_encode_setof.o \
+src/pk/asn1/der/sequence/der_sequence_shrink.o src/pk/asn1/der/set/der_encode_set.o \
-src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/set/der_encode_setof.o src/pk/asn1/der/short_integer/der_decode_short_integer.o \
 src/pk/asn1/der/short_integer/der_encode_short_integer.o \
 src/pk/asn1/der/short_integer/der_length_short_integer.o \
 src/pk/asn1/der/teletex_string/der_decode_teletex_string.o \
@ -168,10 +168,10 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_make_key.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_import_x509.o \
-src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o \
-src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o \
+src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
+src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
 src/headers/tomcrypt_cipher.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_hash.h \
--- a/makefile.icc
+++ b/makefile.icc
@ -198,8 +198,8 @@ src/pk/asn1/der/sequence/der_encode_sequence_ex.o \
 src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
 src/pk/asn1/der/sequence/der_encode_subject_public_key_info.o \
 src/pk/asn1/der/sequence/der_length_sequence.o src/pk/asn1/der/sequence/der_sequence_free.o \
-src/pk/asn1/der/set/der_encode_set.o src/pk/asn1/der/set/der_encode_setof.o \
+src/pk/asn1/der/sequence/der_sequence_shrink.o src/pk/asn1/der/set/der_encode_set.o \
-src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/set/der_encode_setof.o src/pk/asn1/der/short_integer/der_decode_short_integer.o \
 src/pk/asn1/der/short_integer/der_encode_short_integer.o \
 src/pk/asn1/der/short_integer/der_length_short_integer.o \
 src/pk/asn1/der/teletex_string/der_decode_teletex_string.o \
@ -225,10 +225,10 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_make_key.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_import_x509.o \
-src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o \
-src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o \
+src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
+src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
 src/headers/tomcrypt_cipher.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_hash.h \
--- a/makefile.mingw
+++ b/makefile.mingw
@ -134,8 +134,8 @@ src/pk/asn1/der/sequence/der_encode_sequence_ex.o \
 src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
 src/pk/asn1/der/sequence/der_encode_subject_public_key_info.o \
 src/pk/asn1/der/sequence/der_length_sequence.o src/pk/asn1/der/sequence/der_sequence_free.o \
-src/pk/asn1/der/set/der_encode_set.o src/pk/asn1/der/set/der_encode_setof.o \
+src/pk/asn1/der/sequence/der_sequence_shrink.o src/pk/asn1/der/set/der_encode_set.o \
-src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/set/der_encode_setof.o src/pk/asn1/der/short_integer/der_decode_short_integer.o \
 src/pk/asn1/der/short_integer/der_encode_short_integer.o \
 src/pk/asn1/der/short_integer/der_length_short_integer.o \
 src/pk/asn1/der/teletex_string/der_decode_teletex_string.o \
@ -161,10 +161,10 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_make_key.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_import_x509.o \
-src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o \
-src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o \
+src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
+src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
 src/headers/tomcrypt_cipher.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_hash.h \
--- a/makefile.msvc
+++ b/makefile.msvc
@ -108,8 +108,8 @@ src/pk/asn1/der/sequence/der_encode_sequence_ex.obj \
 src/pk/asn1/der/sequence/der_encode_sequence_multi.obj \
 src/pk/asn1/der/sequence/der_encode_subject_public_key_info.obj \
 src/pk/asn1/der/sequence/der_length_sequence.obj src/pk/asn1/der/sequence/der_sequence_free.obj \
-src/pk/asn1/der/set/der_encode_set.obj src/pk/asn1/der/set/der_encode_setof.obj \
+src/pk/asn1/der/sequence/der_sequence_shrink.obj src/pk/asn1/der/set/der_encode_set.obj \
-src/pk/asn1/der/short_integer/der_decode_short_integer.obj \
+src/pk/asn1/der/set/der_encode_setof.obj src/pk/asn1/der/short_integer/der_decode_short_integer.obj \
 src/pk/asn1/der/short_integer/der_encode_short_integer.obj \
 src/pk/asn1/der/short_integer/der_length_short_integer.obj \
 src/pk/asn1/der/teletex_string/der_decode_teletex_string.obj \
@ -135,10 +135,10 @@ src/pk/pkcs1/pkcs_1_oaep_decode.obj src/pk/pkcs1/pkcs_1_oaep_encode.obj src/pk/p
 src/pk/pkcs1/pkcs_1_pss_decode.obj src/pk/pkcs1/pkcs_1_pss_encode.obj src/pk/pkcs1/pkcs_1_v1_5_decode.obj \
 src/pk/pkcs1/pkcs_1_v1_5_encode.obj src/pk/rsa/rsa_decrypt_key.obj src/pk/rsa/rsa_encrypt_key.obj \
 src/pk/rsa/rsa_export.obj src/pk/rsa/rsa_exptmod.obj src/pk/rsa/rsa_free.obj src/pk/rsa/rsa_get_size.obj \
-src/pk/rsa/rsa_import.obj src/pk/rsa/rsa_import_radix.obj src/pk/rsa/rsa_make_key.obj \
+src/pk/rsa/rsa_import.obj src/pk/rsa/rsa_import_radix.obj src/pk/rsa/rsa_import_x509.obj \
-src/pk/rsa/rsa_sign_hash.obj src/pk/rsa/rsa_sign_saltlen_get.obj src/pk/rsa/rsa_verify_hash.obj \
+src/pk/rsa/rsa_make_key.obj src/pk/rsa/rsa_sign_hash.obj src/pk/rsa/rsa_sign_saltlen_get.obj \
-src/prngs/fortuna.obj src/prngs/rc4.obj src/prngs/rng_get_bytes.obj src/prngs/rng_make_prng.obj \
+src/pk/rsa/rsa_verify_hash.obj src/prngs/fortuna.obj src/prngs/rc4.obj src/prngs/rng_get_bytes.obj \
-src/prngs/sober128.obj src/prngs/sprng.obj src/prngs/yarrow.obj
+src/prngs/rng_make_prng.obj src/prngs/sober128.obj src/prngs/sprng.obj src/prngs/yarrow.obj
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
 src/headers/tomcrypt_cipher.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_hash.h \
--- a/makefile.shared
+++ b/makefile.shared
@ -131,8 +131,8 @@ src/pk/asn1/der/sequence/der_encode_sequence_ex.o \
 src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
 src/pk/asn1/der/sequence/der_encode_subject_public_key_info.o \
 src/pk/asn1/der/sequence/der_length_sequence.o src/pk/asn1/der/sequence/der_sequence_free.o \
-src/pk/asn1/der/set/der_encode_set.o src/pk/asn1/der/set/der_encode_setof.o \
+src/pk/asn1/der/sequence/der_sequence_shrink.o src/pk/asn1/der/set/der_encode_set.o \
-src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/set/der_encode_setof.o src/pk/asn1/der/short_integer/der_decode_short_integer.o \
 src/pk/asn1/der/short_integer/der_encode_short_integer.o \
 src/pk/asn1/der/short_integer/der_length_short_integer.o \
 src/pk/asn1/der/teletex_string/der_decode_teletex_string.o \
@ -158,10 +158,10 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_make_key.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_import_x509.o \
-src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o \
-src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o \
+src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
+src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
 src/headers/tomcrypt_cipher.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_hash.h \
--- a/makefile.unix
+++ b/makefile.unix
@ -139,8 +139,8 @@ src/pk/asn1/der/sequence/der_encode_sequence_ex.o \
 src/pk/asn1/der/sequence/der_encode_sequence_multi.o \
 src/pk/asn1/der/sequence/der_encode_subject_public_key_info.o \
 src/pk/asn1/der/sequence/der_length_sequence.o src/pk/asn1/der/sequence/der_sequence_free.o \
-src/pk/asn1/der/set/der_encode_set.o src/pk/asn1/der/set/der_encode_setof.o \
+src/pk/asn1/der/sequence/der_sequence_shrink.o src/pk/asn1/der/set/der_encode_set.o \
-src/pk/asn1/der/short_integer/der_decode_short_integer.o \
+src/pk/asn1/der/set/der_encode_setof.o src/pk/asn1/der/short_integer/der_decode_short_integer.o \
 src/pk/asn1/der/short_integer/der_encode_short_integer.o \
 src/pk/asn1/der/short_integer/der_length_short_integer.o \
 src/pk/asn1/der/teletex_string/der_decode_teletex_string.o \
@ -166,10 +166,10 @@ src/pk/pkcs1/pkcs_1_oaep_decode.o src/pk/pkcs1/pkcs_1_oaep_encode.o src/pk/pkcs1
 src/pk/pkcs1/pkcs_1_pss_decode.o src/pk/pkcs1/pkcs_1_pss_encode.o src/pk/pkcs1/pkcs_1_v1_5_decode.o \
 src/pk/pkcs1/pkcs_1_v1_5_encode.o src/pk/rsa/rsa_decrypt_key.o src/pk/rsa/rsa_encrypt_key.o \
 src/pk/rsa/rsa_export.o src/pk/rsa/rsa_exptmod.o src/pk/rsa/rsa_free.o src/pk/rsa/rsa_get_size.o \
-src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_make_key.o \
+src/pk/rsa/rsa_import.o src/pk/rsa/rsa_import_radix.o src/pk/rsa/rsa_import_x509.o \
-src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o src/pk/rsa/rsa_verify_hash.o \
+src/pk/rsa/rsa_make_key.o src/pk/rsa/rsa_sign_hash.o src/pk/rsa/rsa_sign_saltlen_get.o \
-src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o src/prngs/rng_make_prng.o \
+src/pk/rsa/rsa_verify_hash.o src/prngs/fortuna.o src/prngs/rc4.o src/prngs/rng_get_bytes.o \
-src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
+src/prngs/rng_make_prng.o src/prngs/sober128.o src/prngs/sprng.o src/prngs/yarrow.o
 HEADERS=src/headers/tomcrypt.h src/headers/tomcrypt_argchk.h src/headers/tomcrypt_cfg.h \
 src/headers/tomcrypt_cipher.h src/headers/tomcrypt_custom.h src/headers/tomcrypt_hash.h \
--- a/src/headers/tomcrypt_pk.h
+++ b/src/headers/tomcrypt_pk.h
@ -107,6 +107,7 @@ int rsa_sign_saltlen_get_max_ex(int padding, int hash_idx, rsa_key *key);
 int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key);
 int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key);
 int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key);
 int rsa_import_radix(int radix, char *N, char *e, char *d, char *p, char *q, char *dP, char *dQ, char *qP, rsa_key *key);
 #endif
@ -540,6 +541,7 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
 int  der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out);
 #define der_free_sequence_flexi         der_sequence_free
 void der_sequence_free(ltc_asn1_list *in);
 void der_sequence_shrink(ltc_asn1_list *in);
 /* BOOLEAN */
 int der_length_boolean(unsigned long *outlen);
--- a/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
+++ b/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
@ -53,6 +53,25 @@ static unsigned long fetch_length(const unsigned char *in, unsigned long inlen,
   return z+*data_offset;
 }
 static int new_element(ltc_asn1_list **l)
 {
   /* alloc new link */
   if (*l == NULL) {
      *l = XCALLOC(1, sizeof(ltc_asn1_list));
      if (*l == NULL) {
         return CRYPT_MEM;
      }
   } else {
      (*l)->next = XCALLOC(1, sizeof(ltc_asn1_list));
      if ((*l)->next == NULL) {
         return CRYPT_MEM;
      }
      (*l)->next->prev = *l;
      *l = (*l)->next;
   }
   return CRYPT_OK;
 }
 /**
   ASN.1 DER Flexi(ble) decoder will decode arbitrary DER packets and create a linked list of the decoded elements.
   @param in      The input buffer
@ -73,6 +92,13 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc
   l = NULL;
   totlen = 0;
   if (*inlen == 0) {
      /* alloc new link */
      if ((err = new_element(&l)) != CRYPT_OK) {
         goto error;
      }
   }
   /* scan the input and and get lengths and what not */
   while (*inlen) {
      /* read the type byte */
@ -86,20 +112,8 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc
      }
      /* alloc new link */
-      if (l == NULL) {
+      if ((err = new_element(&l)) != CRYPT_OK) {
-         l = XCALLOC(1, sizeof(*l));
+         goto error;
         if (l == NULL) {
            err = CRYPT_MEM;
            goto error;
         }
      } else {
         l->next = XCALLOC(1, sizeof(*l));
         if (l->next == NULL) {
            err = CRYPT_MEM;
            goto error;
         }
         l->next->prev = l;
         l = l->next;
      }
      if ((type & 0x20) && (type != 0x30) && (type != 0x31)) {
@ -348,6 +362,15 @@ int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc
                l->type = LTC_ASN1_SET;
             }
             if ((l->data = XMALLOC(len)) == NULL) {
                err = CRYPT_MEM;
                goto error;
             }
             XMEMCPY(l->data, in, len);
             l->size = len;
             /* jump to the start of the data */
             in     += data_offset;
             *inlen -= data_offset;
--- a/src/pk/asn1/der/sequence/der_sequence_free.c
+++ b/src/pk/asn1/der/sequence/der_sequence_free.c
@ -46,9 +46,7 @@ void der_sequence_free(ltc_asn1_list *in)
      }
      switch (in->type) {
-         case LTC_ASN1_SET:
+         case LTC_ASN1_SETOF: break;
         case LTC_ASN1_SETOF:
         case LTC_ASN1_SEQUENCE: break;
         case LTC_ASN1_INTEGER : if (in->data != NULL) { mp_clear(in->data); } break;
         default               : if (in->data != NULL) { XFREE(in->data);    }
      }
--- a/src/pk/asn1/der/sequence/der_sequence_shrink.c
+++ b/src/pk/asn1/der/sequence/der_sequence_shrink.c
@ -0,0 +1,52 @@
 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
 *
 * LibTomCrypt is a library that provides various cryptographic
 * algorithms in a highly modular and flexible manner.
 *
 * The library is free for all purposes without any express
 * guarantee it works.
 *
 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
 */
 #include "tomcrypt.h"
 /**
  @file der_sequence_shrink.c
  Free memory allocated for CONSTRUCTED, SET or SEQUENCE elements by der_decode_sequence_flexi(), Steffen Jaeckel
 */
 #ifdef LTC_DER
 /**
  Free memory allocated for CONSTRUCTED,
  SET or SEQUENCE elements by der_decode_sequence_flexi()
  @param in     The list to shrink
 */
 void der_sequence_shrink(ltc_asn1_list *in)
 {
   if (!in) return;
   /* now walk the list and free stuff */
   while (in != NULL) {
      /* is there a child? */
      if (in->child) {
         der_sequence_shrink(in->child);
      }
      switch (in->type) {
         case LTC_ASN1_CONSTRUCTED:
         case LTC_ASN1_SET:
         case LTC_ASN1_SEQUENCE : if (in->data != NULL) { XFREE(in->data); in->data = NULL; } break;
         default: break;
      }
      /* move to next and free current */
      in = in->next;
   }
 }
 #endif
 /* $Source$ */
 /* $Revision$ */
 /* $Date$ */
--- a/src/pk/rsa/rsa_free.c
+++ b/src/pk/rsa/rsa_free.c
@ -24,7 +24,7 @@
 void rsa_free(rsa_key *key)
 {
   LTC_ARGCHKVD(key != NULL);
-   mp_clear_multi(key->e, key->d, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
+   mp_clear_multi(key->q, key->p, key->qP, key->dP, key->dQ, key->N, key->d, key->e, NULL);
 }
 #endif
--- a/src/pk/rsa/rsa_import_x509.c
+++ b/src/pk/rsa/rsa_import_x509.c
@ -0,0 +1,120 @@
 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
 *
 * LibTomCrypt is a library that provides various cryptographic
 * algorithms in a highly modular and flexible manner.
 *
 * The library is free for all purposes without any express
 * guarantee it works.
 *
 * Tom St Denis, tomstdenis@gmail.com, http://libtom.org
 */
 #include "tomcrypt.h"
 /**
  @file rsa_import.c
  Import an RSA key from a X.509 certificate, Steffen Jaeckel
 */
 #ifdef LTC_MRSA
 /**
  Import an RSA key from a X.509 certificate
  @param in      The packet to import from
  @param inlen   It's length (octets)
  @param key     [out] Destination for newly imported key
  @return CRYPT_OK if successful, upon error allocated memory is freed
 */
 int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
 {
   int           err;
   unsigned char *tmpbuf=NULL;
   unsigned long tmpbuf_len, tmp_inlen;
   ltc_asn1_list *decoded_list = NULL, *l;
   LTC_ARGCHK(in          != NULL);
   LTC_ARGCHK(key         != NULL);
   LTC_ARGCHK(ltc_mp.name != NULL);
   /* init key */
   if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ,
                            &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
      return err;
   }
   tmpbuf_len = MAX_RSA_SIZE * 8;
   tmpbuf = XCALLOC(1, tmpbuf_len);
   if (tmpbuf == NULL) {
       err = CRYPT_MEM;
       goto LBL_ERR;
   }
   tmp_inlen = inlen;
   if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) {
      l = decoded_list;
      /* Move 2 levels up in the tree
         SEQUENCE
             SEQUENCE
                 ...
       */
      if (l->type == LTC_ASN1_SEQUENCE && l->child) {
         l = l->child;
         if (l->type == LTC_ASN1_SEQUENCE && l->child) {
            l = l->child;
            err = CRYPT_ERROR;
            /* Move forward in the tree until we find this combination
                 ...
                 SEQUENCE
                     SEQUENCE
                         OBJECT IDENTIFIER 1.2.840.113549.1.1.1
                         NULL
                     BIT STRING
             */
            do {
               /* The additional check for l->data is there to make sure
                * we won't try to decode a list that has been 'shrunk'
                */
               if (l->type == LTC_ASN1_SEQUENCE && l->data && l->child &&
                     l->child->type == LTC_ASN1_SEQUENCE && l->child->child &&
                     l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER && l->child->next &&
                     l->child->next->type == LTC_ASN1_BIT_STRING) {
                  err = der_decode_subject_public_key_info(l->data, l->size,
                       PKA_RSA, tmpbuf, &tmpbuf_len,
                       LTC_ASN1_NULL, NULL, 0);
                  if (err == CRYPT_OK) {
                     /* now it should be SEQUENCE { INTEGER, INTEGER } */
                     if ((err = der_decode_sequence_multi(tmpbuf, tmpbuf_len,
                                                          LTC_ASN1_INTEGER, 1UL, key->N,
                                                          LTC_ASN1_INTEGER, 1UL, key->e,
                                                          LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
                        goto LBL_ERR;
                     }
                     key->type = PK_PUBLIC;
                     err = CRYPT_OK;
                     goto LBL_FREE;
                  }
               }
               l = l->next;
            } while(l);
         }
      }
   }
 LBL_ERR:
   rsa_free(key);
 LBL_FREE:
   if (decoded_list) der_free_sequence_flexi(decoded_list);
   if (tmpbuf != NULL) XFREE(tmpbuf);
   return err;
 }
 #endif /* LTC_MRSA */
 /* $Source$ */
 /* $Revision$ */
 /* $Date$ */
--- a/testprof/der_tests.c
+++ b/testprof/der_tests.c
@ -13,7 +13,36 @@ int der_tests(void)
 #else
-static const unsigned char _der_tests_cacert_root_cert[] =
+static const unsigned char _der_tests_stinky_root_cert[] =
   "MIIFETCCA/mgAwIBAgIQbv53JNmv518t5lkCHE272jANBgkqhkiG9w0BAQUFADCB\
    lTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug\
    Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho\
    dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3Qt\
    T2JqZWN0MB4XDTA4MDQyOTAwMDAwMFoXDTEwMDQyOTIzNTk1OVowgbUxCzAJBgNV\
    BAYTAlVTMQ4wDAYDVQQRDAU0NDE0MzELMAkGA1UECAwCT0gxGTAXBgNVBAcMEE1h\
    eWZpZWxkIFZpbGxhZ2UxEDAOBgNVBAkMB1N1aXRlIEExFDASBgNVBAkMCzc2NyBC\
    ZXRhIERyMSIwIAYDVQQKDBlQcmVlbXB0aXZlIFNvbHV0aW9ucywgTExDMSIwIAYD\
    VQQDDBlQcmVlbXB0aXZlIFNvbHV0aW9ucywgTExDMIIBIjANBgkqhkiG9w0BAQEF\
    AAOCAQ8AMIIBCgKCAQEAzH7ZBkMcBuHx8d2f10RGTHAf7gzzVteGbOihJGH2BwlS\
    ZvNp6WEE4DfL+s1vp0wzk1XeLN5tRjg2qum9YqyCk7okh7pXGy46f5mWbLQiefGA\
    j5UXRcr6WJ3xeACdbXxKrYMV0REia+4Jb2UbFA8S81PjhRon6vcRz76ziUWwt8NC\
    igX+4ZC0skhhKzKszel6KGL7bJCtLG7ukw9DZCrvPCRcKFeM/GwQ6ACMgP88CSCL\
    t1fbIXDH1vd/x2XM3QlaSDN6hYDbef8m1T+9TCkXVKeqG1GYjSUrHzYnCZUmTRrR\
    38jgC3qXxiIpDKW105uM0nlXe2XF9c+ot2MdWvV4TwIDAQABo4IBOTCCATUwHwYD\
    VR0jBBgwFoAU2u1kdBScFDyr3ZmpvVsoTYs8ydgwHQYDVR0OBBYEFK+1HzZE4i28\
    oLIzuqlFR9SspiCIMA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMBMGA1Ud\
    JQQMMAoGCCsGAQUFBwMDMBEGCWCGSAGG+EIBAQQEAwIEEDBGBgNVHSAEPzA9MDsG\
    DCsGAQQBsjEBAgEDAjArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3VyZS5jb21v\
    ZG8ubmV0L0NQUzBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsLnVzZXJ0cnVz\
    dC5jb20vVVROLVVTRVJGaXJzdC1PYmplY3QuY3JsMCEGA1UdEQQaMBiBFnN1cHBv\
    cnRAcHJlZW1wdGl2ZS5jb20wDQYJKoZIhvcNAQEFBQADggEBAC+JM26Dokvonudl\
    JXe/Yun7IBhimkagZUjbk9l/GQWN6i+v1o95UJ1wGJtBdm2+MxbSaPoNTDZR4B+2\
    lYL9MW57UVmePrnfUPXQKZZG+8gTRDz8+7ol/CEAKmS3MLKCRcH5oe+J5345sGxi\
    FC/KWNKedTNraW95xlg8NTlL2yRP7TMsjvBxgLmkbaFUoXzPTbQWmtovIagIT8GC\
    JeXwdFaRjbamiz3Irl+u7x/mhxdza6RvgBYylXRFMudANpeGsV7gDXlnfzpFDKHQ\
    niVwB7P5sbPFIlmIc+4/xRItkLIRjCVXaepgN9KYu3VOgiSDI6wXiTwP44/LUXQM\
    hetwa7s=";
 const unsigned char _der_tests_cacert_root_cert[] =
   "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290\
    IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB\
    IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA\
@ -53,6 +82,7 @@ static const unsigned char _der_tests_cacert_root_cert[] =
    GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk\
    zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW\
    omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD";
 const unsigned long _der_tests_cacert_root_cert_size = sizeof(_der_tests_cacert_root_cert);
 /*
 SEQUENCE(3 elem)
@ -195,6 +225,8 @@ SEQUENCE(3 elem)
 #define CHECK_ASN1_HAS_NO_CHILD(l) __CHECK_ASN1_HAS_NO(l, child)
 #define CHECK_ASN1_HAS_NEXT(l) __CHECK_ASN1_HAS(l, next)
 #define CHECK_ASN1_HAS_NO_NEXT(l) __CHECK_ASN1_HAS_NO(l, next)
 #define CHECK_ASN1_HAS_DATA(l) __CHECK_ASN1_HAS(l, data)
 #define CHECK_ASN1_HAS_NO_DATA(l) __CHECK_ASN1_HAS_NO(l, data)
 #ifdef LTC_DER_TESTS_PRINT_FLEXI
 static void _der_tests_print_flexi(ltc_asn1_list* l, unsigned int level)
@ -392,9 +424,22 @@ static void der_cacert_test(void)
  ltc_asn1_list *decoded_list, *l, *l1, *l2;
  DO(base64_decode(_der_tests_stinky_root_cert, sizeof(_der_tests_stinky_root_cert), buf, &len1));
  len2 = len1;
  DO(der_decode_sequence_flexi(buf, &len2, &decoded_list));
  der_free_sequence_flexi(decoded_list);
  len1 = sizeof(buf);
  DO(base64_decode(_der_tests_cacert_root_cert, sizeof(_der_tests_cacert_root_cert), buf, &len1));
  len2 = len1;
  DO(der_decode_sequence_flexi(buf, &len2, &decoded_list));
  CHECK_ASN1_TYPE(decoded_list, LTC_ASN1_SEQUENCE);
  CHECK_ASN1_HAS_DATA(decoded_list);
  der_sequence_shrink(decoded_list);
  CHECK_ASN1_TYPE(decoded_list, LTC_ASN1_SEQUENCE);
  CHECK_ASN1_HAS_NO_DATA(decoded_list);
 #ifdef LTC_DER_TESTS_PRINT_FLEXI
  printf("\n\n--- test print start ---\n\n");
--- a/testprof/rsa_test.c
+++ b/testprof/rsa_test.c
@ -93,6 +93,9 @@ static const unsigned char openssl_public_rsa_stripped[] = {
   0x60, 0x3f, 0x8b, 0x54, 0x3a, 0xc3, 0x4d, 0x31, 0xe7, 0x94, 0xa4, 0x44, 0xfd, 0x02, 0x03, 0x01,
   0x00, 0x01,  };
 extern const unsigned char _der_tests_cacert_root_cert[];
 extern const unsigned long _der_tests_cacert_root_cert_size;
 static int rsa_compat_test(void)
 {
   rsa_key key;
@ -195,7 +198,7 @@ static int rsa_compat_test(void)
 int rsa_test(void)
 {
-   unsigned char in[1024], out[1024], tmp[1024];
+   unsigned char in[1024], out[1024], tmp[3072];
   rsa_key       key, privKey, pubKey;
   int           hash_idx, prng_idx, stat, stat2, i, err;
   unsigned long rsa_msgsize, len, len2, len3, cnt, cnt2;
@ -537,6 +540,11 @@ for (cnt = 0; cnt < len; ) {
     DOX(stat == 0?CRYPT_OK:CRYPT_FAIL_TESTVECTOR, "should fail");
   }
   len3 = sizeof(tmp);
   DO(base64_decode(_der_tests_cacert_root_cert, _der_tests_cacert_root_cert_size, tmp, &len3));
   DO(rsa_import_x509(tmp, len3, &key));
   /* free the key and return */
   rsa_free(&key);
   rsa_free(&pubKey);