Changeset 100493 in vbox for trunk/src/VBox/Runtime/common/crypto

Timestamp:

Jul 10, 2023 11:17:15 PM (19 months ago)

Author:

vboxsync

Message:

IPRT/PKCS8: Some corrections and adjustments (bugref:10299):

• Always put curly brackets around case bodies that declares variables.
• Removed copy & paste RTCRRSA_MAX_MODULUS_BITS define from pkcs8-internal.h.
• We don't need to compile the PKCS8 files for ring-0 libraries, since these does not include the key-file.cpp that needs them.
• Use RTCRX509ALGORITHMIDENTIFIERID_RSA instead of "1.2.840.113549.1.1.1".
• rTCrPkcs8PrivateKeyInfo should be RTCrPkcs8PrivateKeyInfo in pkcs8-templace.h.

Location:

trunk/src/VBox/Runtime/common/crypto

Files:

• key-file.cpp (modified) (2 diffs)
• pkcs8-internal.h (modified) (1 diff)
• pkcs8-template.h (modified) (1 diff)

trunk/src/VBox/Runtime/common/crypto/key-file.cpp

@@ -471 +471 @@
 
         case kKeyFormat_PrivateKeyInfo:
+        {
             RTAsn1CursorInitPrimary(&PrimaryCursor, pSection->pbData, (uint32_t)pSection->cbData,
                                     pErrInfo, &g_RTAsn1DefaultAllocator, RTASN1CURSOR_FLAGS_DER, pszErrorTag);
@@ -479 +480 @@
             if (RT_SUCCESS(rc))
             {
-                /*
-                 * Check if the algorithm is pkcs1-RsaEncryption
+                /* 
+                 * Load the private key according to it's algorithm. 
+                 * We currently only support RSA (pkcs1-RsaEncryption).
                  */
-                if (strcmp(PrivateKeyInfo.PrivateKeyAlgorithm.Algorithm.szObjId,"1.2.840.113549.1.1.1") == 0)
-                {
-                    uint32_t cbContent = PrivateKeyInfo.PrivateKey.Asn1Core.cb;
-                    rc = rtCrKeyCreateRsaPrivate(phKey, PrivateKeyInfo.PrivateKey.Asn1Core.uData.pv, cbContent, pErrInfo, pszErrorTag);
-                }
+                if (RTAsn1ObjId_CompareWithString(&PrivateKeyInfo.PrivateKeyAlgorithm.Algorithm,
+                                                  RTCRX509ALGORITHMIDENTIFIERID_RSA) == 0)
+                    rc = rtCrKeyCreateRsaPrivate(phKey, PrivateKeyInfo.PrivateKey.Asn1Core.uData.pv,
+                                                 PrivateKeyInfo.PrivateKey.Asn1Core.cb, pErrInfo, pszErrorTag);
                 else
-                {
                     rc = RTErrInfoSet(pErrInfo, VERR_CR_KEY_FORMAT_NOT_SUPPORTED,
-                                    "Support for PKCS#8 PrivateKeyInfo (with no RSA encryption) is not yet implemented");
-                }
+                                      "Support for PKCS#8 PrivateKeyInfo for non-RSA keys is not yet implemented");
             }
             break;
+        }
 
         case kKeyFormat_EncryptedPrivateKeyInfo:

trunk/src/VBox/Runtime/common/crypto/pkcs8-internal.h

@@ -41 +41 @@
 #endif
 
-/** The max number of bits we support in the modulus. */
-#define RTCRRSA_MAX_MODULUS_BITS        16384
-
 #define RTASN1TMPL_TEMPLATE_FILE "../common/crypto/pkcs8-template.h"
 #include <iprt/asn1-generator-internal-header.h>

trunk/src/VBox/Runtime/common/crypto/pkcs8-template.h

@@ -42 +42 @@
 #define RTASN1TMPL_TYPE         RTCRPKCS8PRIVATEKEYINFO
 #define RTASN1TMPL_EXT_NAME     RTCrPkcs8PrivateKeyInfo
-#define RTASN1TMPL_INT_NAME     rTCrPkcs8PrivateKeyInfo
+#define RTASN1TMPL_INT_NAME     RTCrPkcs8PrivateKeyInfo
 RTASN1TMPL_BEGIN_SEQCORE();
 RTASN1TMPL_MEMBER(              Version,                RTASN1INTEGER,                  RTAsn1Integer);