mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-11-22 07:30:19 +00:00
LibTLS: Add support for parsing curve25519 and curve448
This commit is contained in:
stelar7
Andreas Kling
parent
944f00c489
commit
5e98c3f763
Notes:
github-actions[bot]
2024-10-31 08:53:37 +00:00
Author: https://github.com/stelar7 Commit: https://github.com/LadybirdBrowser/ladybird/commit/5e98c3f7638 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/1983 Reviewed-by: https://github.com/BenWiederhake
2 changed files with 48 additions and 11 deletions
|
|
@ -202,15 +202,23 @@ static ErrorOr<AlgorithmIdentifier> parse_algorithm_identifier(Crypto::ASN1::Dec
|
|||
return AlgorithmIdentifier(algorithm);
|
||||
}
|
||||
|
||||
// https://www.ietf.org/rfc/rfc5758.txt
|
||||
// When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or
|
||||
// ecdsa-with-SHA512 algorithm identifier appears in the algorithm field
|
||||
// as an AlgorithmIdentifier, the encoding MUST omit the parameters
|
||||
// field.
|
||||
|
||||
// https://datatracker.ietf.org/doc/html/rfc8410#section-9
|
||||
// For all of the OIDs, the parameters MUST be absent.
|
||||
Array<Array<int, 7>, 8> no_parameter_algorithms = {
|
||||
ecdsa_with_sha224_encryption_oid,
|
||||
ecdsa_with_sha256_encryption_oid,
|
||||
ecdsa_with_sha384_encryption_oid,
|
||||
ecdsa_with_sha512_encryption_oid,
|
||||
x25519_oid,
|
||||
x448_oid,
|
||||
ed25519_oid,
|
||||
ed448_oid
|
||||
};
|
||||
|
||||
bool is_no_parameter_algorithm = false;
|
||||
|
|
@ -379,11 +387,23 @@ ErrorOr<SubjectPublicKey> parse_subject_public_key_info(Crypto::ASN1::Decoder& d
|
|||
return public_key;
|
||||
}
|
||||
|
||||
if (public_key.algorithm.identifier.span() == ec_public_key_encryption_oid.span()) {
|
||||
// https://datatracker.ietf.org/doc/html/rfc8410#section-9
|
||||
// For all of the OIDs, the parameters MUST be absent.
|
||||
Array<Array<int, 7>, 5> no_parameter_algorithms = {
|
||||
ec_public_key_encryption_oid,
|
||||
x25519_oid,
|
||||
x448_oid,
|
||||
ed25519_oid,
|
||||
ed448_oid
|
||||
};
|
||||
|
||||
for (auto const& inner : no_parameter_algorithms) {
|
||||
if (public_key.algorithm.identifier.span() == inner.span()) {
|
||||
// Note: Raw key is already stored, so we can just exit out at this point.
|
||||
EXIT_SCOPE();
|
||||
return public_key;
|
||||
}
|
||||
}
|
||||
|
||||
String algo_oid = TRY(String::join("."sv, public_key.algorithm.identifier));
|
||||
ERROR_WITH_SCOPE(TRY(String::formatted("Unhandled algorithm {}", algo_oid)));
|
||||
|
|
@ -426,11 +446,23 @@ ErrorOr<PrivateKey> parse_private_key_info(Crypto::ASN1::Decoder& decoder, Vecto
|
|||
return private_key;
|
||||
}
|
||||
|
||||
if (private_key.algorithm.identifier.span() == ec_public_key_encryption_oid.span()) {
|
||||
// https://datatracker.ietf.org/doc/html/rfc8410#section-9
|
||||
// For all of the OIDs, the parameters MUST be absent.
|
||||
Array<Array<int, 7>, 5> no_parameter_algorithms = {
|
||||
ec_public_key_encryption_oid,
|
||||
x25519_oid,
|
||||
x448_oid,
|
||||
ed25519_oid,
|
||||
ed448_oid
|
||||
};
|
||||
|
||||
for (auto const& inner : no_parameter_algorithms) {
|
||||
if (private_key.algorithm.identifier.span() == inner.span()) {
|
||||
// Note: Raw key is already stored, so we can just exit out at this point.
|
||||
EXIT_SCOPE();
|
||||
return private_key;
|
||||
}
|
||||
}
|
||||
|
||||
String algo_oid = TRY(String::join("."sv, private_key.algorithm.identifier));
|
||||
ERROR_WITH_SCOPE(TRY(String::formatted("Unhandled algorithm {}", algo_oid)));
|
||||
|
|
|
|||
|
|
@ -31,9 +31,13 @@ constexpr static Array<int, 7>
|
|||
ecdsa_with_sha256_encryption_oid { 1, 2, 840, 10045, 4, 3, 2 },
|
||||
ecdsa_with_sha384_encryption_oid { 1, 2, 840, 10045, 4, 3, 3 },
|
||||
ecdsa_with_sha512_encryption_oid { 1, 2, 840, 10045, 4, 3, 4 },
|
||||
ec_public_key_encryption_oid { 1, 2, 840, 10045, 2, 1 };
|
||||
ec_public_key_encryption_oid { 1, 2, 840, 10045, 2, 1 },
|
||||
x25519_oid { 1, 3, 101, 110 },
|
||||
x448_oid { 1, 3, 101, 111 },
|
||||
ed25519_oid { 1, 3, 101, 112 },
|
||||
ed448_oid { 1, 3, 101, 113 };
|
||||
|
||||
constexpr static Array<Array<int, 7>, 9> known_algorithm_identifiers {
|
||||
constexpr static Array<Array<int, 7>, 10> known_algorithm_identifiers {
|
||||
rsa_encryption_oid,
|
||||
rsa_md5_encryption_oid,
|
||||
rsa_sha1_encryption_oid,
|
||||
|
|
@ -42,7 +46,8 @@ constexpr static Array<Array<int, 7>, 9> known_algorithm_identifiers {
|
|||
rsa_sha512_encryption_oid,
|
||||
ecdsa_with_sha256_encryption_oid,
|
||||
ecdsa_with_sha384_encryption_oid,
|
||||
ec_public_key_encryption_oid
|
||||
ec_public_key_encryption_oid,
|
||||
x25519_oid
|
||||
};
|
||||
|
||||
constexpr static Array<int, 7>
|
||||
|
|
|
|||
Loading…
Reference in a new issue