add `der_flexi_sequence_cmp()`

Signed-off-by: Steffen Jaeckel <[email protected]>

src/headers/tomcrypt_private.h

@@ -465,12 +465,27 @@ int der_length_asn1_length(unsigned long len, unsigned long *outlen);
 int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen,
                            unsigned long *outlen, unsigned long *payloadlen);
 
+typedef struct {
+   ltc_asn1_type t;
+   ltc_asn1_list **pp;
+} der_flexi_check;
+
+#define LTC_SET_DER_FLEXI_CHECK(list, index, Type, P)    \
+   do {                                         \
+      int LTC_SDFC_temp##__LINE__ = (index);   \
+      list[LTC_SDFC_temp##__LINE__].t = Type;  \
+      list[LTC_SDFC_temp##__LINE__].pp = P;    \
+   } while (0)
+
+
 extern const ltc_asn1_type  der_asn1_tag_to_type_map[];
 extern const unsigned long  der_asn1_tag_to_type_map_sz;
 
 extern const int der_asn1_type_to_identifier_map[];
 extern const unsigned long der_asn1_type_to_identifier_map_sz;
 
+int der_flexi_sequence_cmp(const ltc_asn1_list *flexi, der_flexi_check *check);
+
 int der_decode_sequence_multi_ex(const unsigned char *in, unsigned long inlen, unsigned int flags, ...)
                                  LTC_NULL_TERMINATED;
 

src/pk/asn1/der/sequence/der_flexi_sequence_cmp.c

@@ -0,0 +1,38 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis */
+/* SPDX-License-Identifier: Unlicense */
+#include "tomcrypt_private.h"
+
+/**
+  @file der_length_sequence.c
+  ASN.1 DER, length a SEQUENCE, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+   Get the length of a DER sequence
+   @param list   The sequences of items in the SEQUENCE
+   @param inlen  The number of items
+   @param outlen [out] The length required in octets to store it
+   @return CRYPT_OK on success
+*/
+
+int der_flexi_sequence_cmp(const ltc_asn1_list *flexi, der_flexi_check *check)
+{
+   ltc_asn1_list *cur;
+   if (flexi->type != LTC_ASN1_SEQUENCE) {
+      return CRYPT_INVALID_PACKET;
+   }
+   cur = flexi->child;
+   while(check->t != LTC_ASN1_EOL) {
+      if (!LTC_ASN1_IS_TYPE(cur, check->t)) {
+         return CRYPT_INVALID_PACKET;
+      }
+      if (check->pp != NULL) *check->pp = cur;
+      cur = cur->next;
+      check++;
+   }
+   return CRYPT_OK;
+}
+
+#endif

src/pk/ecc/ecc_import_pkcs8.c

@@ -5,36 +5,6 @@
 
 #ifdef LTC_MECC
 
-typedef struct {
-   ltc_asn1_type t;
-   ltc_asn1_list **pp;
-} der_flexi_check;
-
-#define LTC_SET_DER_FLEXI_CHECK(list, index, Type, P)    \
-   do {                                         \
-      int LTC_SDFC_temp##__LINE__ = (index);   \
-      list[LTC_SDFC_temp##__LINE__].t = Type;  \
-      list[LTC_SDFC_temp##__LINE__].pp = P;    \
-   } while (0)
-
-static int s_der_flexi_sequence_cmp(const ltc_asn1_list *flexi, der_flexi_check *check)
-{
-   const ltc_asn1_list *cur;
-   if (flexi->type != LTC_ASN1_SEQUENCE) {
-      return CRYPT_INVALID_PACKET;
-   }
-   cur = flexi->child;
-   while(check->t != LTC_ASN1_EOL) {
-      if (!LTC_ASN1_IS_TYPE(cur, check->t)) {
-         return CRYPT_INVALID_PACKET;
-      }
-      if (check->pp != NULL) *check->pp = (ltc_asn1_list*)cur;
-      cur = cur->next;
-      check++;
-   }
-   return CRYPT_OK;
-}
-
 /* NOTE: s_der_decode_pkcs8_flexi & related stuff can be shared with rsa_import_pkcs8() */
 
 int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen,
@@ -73,7 +43,7 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen,
       LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_OCTET_STRING, &priv_key);
       LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
 
-      if ((s_der_flexi_sequence_cmp(l, flexi_should) == CRYPT_OK) &&
+      if ((der_flexi_sequence_cmp(l, flexi_should) == CRYPT_OK) &&
             (pk_oid_cmp_with_asn1(pka_ec_oid, seq->child) == CRYPT_OK)) {
          ltc_asn1_list *version, *field, *point, *point_g, *order, *p_cofactor;
 
@@ -102,7 +72,7 @@ int ecc_import_pkcs8(const unsigned char *in, unsigned long inlen,
             if ((err = ecc_find_curve(OID, &curve)) != CRYPT_OK)                          { goto LBL_DONE; }
             if ((err = ecc_set_curve(curve, key)) != CRYPT_OK)                            { goto LBL_DONE; }
          }
-         else if ((err = s_der_flexi_sequence_cmp(seq->child->next, flexi_should)) == CRYPT_OK) {
+         else if ((err = der_flexi_sequence_cmp(seq->child->next, flexi_should)) == CRYPT_OK) {
             /* CASE 2: explicit curve parameters (AKA long variant):
              *   0:d=0  hl=3 l= 227 cons: SEQUENCE
              *   3:d=1  hl=2 l=   1 prim:   INTEGER              :00