Refactor SubjectPublicKeyInfo import

Slightly minimize both space and time when importing a
SubjectPublicKeyInfo.

Running the entire set of pem files through `x509_verify` via [0]
resp. the timing app via [1] resulted in the following data:

Before this patch:

[0]
```
==1980544== HEAP SUMMARY:
==1980544==     in use at exit: 0 bytes in 0 blocks
==1980544==   total heap usage: 292,202 allocs, 292,202 frees, 41,089,931 bytes allocated
```

[1]
```
x509 cert-rsa-pss.pem    :     50436 cycles
x509 LTC_CA.pem          :     10669 cycles
x509 LTC_S0.pem          :     49137 cycles
x509 LTC_SS0.pem         :     38253 cycles
x509 secp384r1.pem       :   2152532 cycles
x509 secp521r1.pem       :   3401689 cycles
x509 LTC_SSS0.pem        :     24910 cycles
x509 secp224r1.pem       :    830851 cycles
```

After this patch:

[0]
```
==1973920== HEAP SUMMARY:
==1973920==     in use at exit: 0 bytes in 0 blocks
==1973920==   total heap usage: 229,984 allocs, 229,984 frees, 35,093,923 bytes allocated
```

[1]
```
x509 cert-rsa-pss.pem    :     33132 cycles
x509 LTC_CA.pem          :      5348 cycles
x509 LTC_S0.pem          :     36368 cycles
x509 LTC_SS0.pem         :     24032 cycles
x509 secp384r1.pem       :   2059992 cycles
x509 secp521r1.pem       :   3291269 cycles
x509 LTC_SSS0.pem        :     14192 cycles
x509 secp224r1.pem       :    844587 cycles
```

[0] find tests/x509 -name '*.pem' -exec valgrind --leak-check=full --show-leak-kinds=all './x509_verify' {} \+
[1] ./timing x509

Signed-off-by: Steffen Jaeckel <[email protected]>

Author: sjaeckel

src/headers/tomcrypt_pk.h

@@ -163,6 +163,7 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, const rsa_ke
 int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key);
 
 int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key);
+int rsa_import_spki(const unsigned char *in, unsigned long inlen, rsa_key *key);
 int rsa_import_pkcs8(const unsigned char *in, unsigned long inlen,
                      const password_ctx  *pw_ctx, rsa_key *key);
 

src/headers/tomcrypt_private.h

@@ -561,8 +561,8 @@ int dsa_int_validate(const dsa_key *key, int *stat);
 int dsa_int_validate_xy(const dsa_key *key, int *stat);
 int dsa_int_validate_pqg(const dsa_key *key, int *stat);
 int dsa_int_validate_primes(const dsa_key *key, int *stat);
-int dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key);
 int dsa_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, dsa_key *key);
+int dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key);
 #endif /* LTC_MDSA */
 
 

src/pk/asn1/x509/x509_import_spki.c

@@ -9,22 +9,48 @@
 
 #ifdef LTC_DER
 
-typedef int (*import_fn)(const unsigned char *, unsigned long, void*);
+typedef int (*import_fn)(const unsigned char *, unsigned long, void *);
 
-static const import_fn s_import_x509_fns[LTC_PKA_NUM] = {
+#ifdef LTC_CURVE25519
+static int s_x25519_import_pub(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x25519_import_raw(in, inlen, PK_PUBLIC, key);
+}
+static int s_x25519_import_spki(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_X25519,
+                                            LTC_ASN1_EOL, NULL, NULL,
+                                            s_x25519_import_pub, key);
+}
+
+static int s_ed25519_import_pub(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return ed25519_import_raw(in, inlen, PK_PUBLIC, key);
+}
+static int s_ed25519_import_spki(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_ED25519,
+                                            LTC_ASN1_EOL, NULL, NULL,
+                                            s_ed25519_import_pub, key);
+}
+#endif
+
+static const import_fn s_import_spki_fns[LTC_PKA_NUM] = {
 #ifdef LTC_MRSA
-                                                [LTC_PKA_RSA] = (import_fn)rsa_import_x509,
-                                                [LTC_PKA_RSA_PSS] = (import_fn)rsa_import_x509,
+                                                [LTC_PKA_RSA] = (import_fn)rsa_import_spki,
+                                                [LTC_PKA_RSA_PSS] = (import_fn)rsa_import_spki,
 #endif
 #ifdef LTC_MDSA
-                                                [LTC_PKA_DSA] = (import_fn)dsa_import,
+                                                [LTC_PKA_DSA] = (import_fn)dsa_import_spki,
 #endif
 #ifdef LTC_MECC
-                                                [LTC_PKA_EC] = (import_fn)ecc_import_x509,
+                                                [LTC_PKA_EC] = (import_fn)ecc_import_subject_public_key_info,
 #endif
 #ifdef LTC_CURVE25519
-                                                [LTC_PKA_X25519] = (import_fn)x25519_import_x509,
-                                                [LTC_PKA_ED25519] = (import_fn)ed25519_import_x509,
+                                                [LTC_PKA_X25519] = (import_fn)s_x25519_import_spki,
+                                                [LTC_PKA_ED25519] = (import_fn)s_ed25519_import_spki,
 #endif
 };
 
@@ -41,12 +67,12 @@ int x509_import_spki(const unsigned char *asn1_cert, unsigned long asn1_len, ltc
       goto err_out;
    }
    if (pka < 0
-         || pka > LTC_ARRAY_SIZE(s_import_x509_fns)
-         || s_import_x509_fns[pka] == NULL) {
+         || pka > LTC_ARRAY_SIZE(s_import_spki_fns)
+         || s_import_spki_fns[pka] == NULL) {
       err = CRYPT_PK_INVALID_TYPE;
       goto err_out;
    }
-   if ((err = s_import_x509_fns[pka](asn1_cert, asn1_len, &k->u)) == CRYPT_OK) {
+   if ((err = s_import_spki_fns[pka](spki->data, spki->size, &k->u)) == CRYPT_OK) {
       k->id = pka;
    }
 err_out:

src/pk/dsa/dsa_import.c

@@ -9,7 +9,7 @@
 
 #ifdef LTC_MDSA
 
-int dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key)
+static int s_dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int           err;
    unsigned long zero = 0;
@@ -41,6 +41,24 @@ LTC_INLINE static int s_dsa_set_params(dsa_key *key, ltc_asn1_list *params)
    return 3;
 }
 
+LTC_INLINE static int s_dsa_validate(dsa_key *key)
+{
+   int           err, stat;
+   key->qord = ltc_mp_unsigned_bin_size(key->q);
+
+   /* quick p, q, g validation, without primality testing
+    * + x, y validation */
+   if ((err = dsa_int_validate(key, &stat)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (stat == 0) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   return CRYPT_OK;
+}
+
 static int s_dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int err;
@@ -72,6 +90,28 @@ static int s_dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_k
    return err;
 }
 
+int dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key)
+{
+   int           err;
+
+   LTC_ARGCHK(in  != NULL);
+
+   /* init key */
+   if ((err = dsa_int_init(key)) != CRYPT_OK) return err;
+
+   if ((err = s_dsa_import_spki(in, inlen, key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+   if ((err = s_dsa_validate(key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   return CRYPT_OK;
+LBL_ERR:
+   dsa_free(key);
+   return err;
+}
+
 static int s_dsa_import_x509(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int err;
@@ -100,7 +140,7 @@ static int s_dsa_import_x509(const unsigned char *in, unsigned long inlen, dsa_k
 */
 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
-   int           err, stat;
+   int           err;
    unsigned char flags[1];
 
    LTC_ARGCHK(in  != NULL);
@@ -148,26 +188,18 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
        }
    }
 
-   if (dsa_import_pkcs1(in, inlen, key) == CRYPT_OK) {
+   if (s_dsa_import_pkcs1(in, inlen, key) == CRYPT_OK) {
       goto LBL_OK;
    }
-   if ((err = s_dsa_import_spki(in, inlen, key)) == CRYPT_OK) {
+   if (s_dsa_import_spki(in, inlen, key) == CRYPT_OK) {
       goto LBL_OK;
    }
    if ((err = s_dsa_import_x509(in, inlen, key)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
 LBL_OK:
-   key->qord = ltc_mp_unsigned_bin_size(key->q);
-
-   /* quick p, q, g validation, without primality testing
-    * + x, y validation */
-   if ((err = dsa_int_validate(key, &stat)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-   if (stat == 0) {
-      err = CRYPT_INVALID_PACKET;
+   if ((err = s_dsa_validate(key)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 

src/pk/rsa/rsa_import.c

@@ -99,23 +99,18 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
    LTC_ARGCHK(key         != NULL);
    LTC_ARGCHK(ltc_mp.name != NULL);
 
-   if ((err = rsa_import_x509(in, inlen, key)) == CRYPT_OK) { /* SubjectPublicKeyInfo format */
+   /* SubjectPublicKeyInfo or X.509 certificate format */
+   if (rsa_import_x509(in, inlen, key) == CRYPT_OK) {
       return CRYPT_OK;
    }
 
    /* init key */
    if ((err = rsa_init(key)) != CRYPT_OK) {
       return err;
    }
-
-   if ((err = x509_process_public_key_from_spki(in, inlen,
-                                                LTC_OID_RSA,
-                                                LTC_ASN1_NULL, NULL, NULL,
-                                                (public_key_decode_cb)s_rsa_decode, key)) != CRYPT_OK) {
-      /* not SSL public key, try to match against PKCS #1 standards */
-      if ((err = rsa_import_pkcs1(in, inlen, key)) != CRYPT_OK) {
-         rsa_free(key);
-      }
+   /* Try to match against PKCS #1 standards */
+   if ((err = rsa_import_pkcs1(in, inlen, key)) != CRYPT_OK) {
+      rsa_free(key);
    }
 
    return err;

src/pk/rsa/rsa_import_x509.c

@@ -126,51 +126,58 @@ int rsa_decode_parameters(const ltc_asn1_list *parameters, ltc_rsa_parameters *r
       }
    }
 
-
    rsa_params->pss_oaep = 1;
 
    return CRYPT_OK;
 }
 
-static int s_rsa_import_pss(const unsigned char *in, unsigned long inlen, rsa_key *key)
+LTC_INLINE static int s_rsa_1_5_import_spki(const unsigned char *in, unsigned long inlen, rsa_key *key)
+{
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_RSA,
+                                            LTC_ASN1_NULL, NULL, NULL,
+                                            (public_key_decode_cb)s_rsa_decode, key);
+}
+
+LTC_INLINE static int s_rsa_pss_import_spki(const unsigned char *in, unsigned long inlen, rsa_key *key)
 {
    rsa_pss_parameters_data d;
-   ltc_asn1_list *decoded_list;
-   const ltc_asn1_list *spki;
-   int           err;
    unsigned long n_params = LTC_ARRAY_SIZE(d.params);
 
-   if ((err = x509_process_public_key_from_spki(in, inlen,
-                                                LTC_OID_RSA_PSS,
-                                                LTC_ASN1_NULL, NULL, NULL,
-                                                (public_key_decode_cb)s_rsa_decode, key)) != CRYPT_OK) {
-      if ((err = x509_decode_spki(in, inlen, &decoded_list, &spki)) != CRYPT_OK) {
-         return err;
-      }
-      if ((err = x509_process_public_key_from_spki(spki->data, spki->size,
-                                              LTC_OID_RSA_PSS,
-                                              LTC_ASN1_NULL, NULL, NULL,
-                                              (public_key_decode_cb)s_rsa_decode, key)) != CRYPT_OK) {
-         s_rsa_pss_parameters_data_setup(&d);
-         err = x509_process_public_key_from_spki(spki->data, spki->size,
-                                                 LTC_OID_RSA_PSS,
-                                                 LTC_ASN1_SEQUENCE, d.params, &n_params,
-                                                 (public_key_decode_cb)s_rsa_decode, key);
-      }
+   if (x509_process_public_key_from_spki(in, inlen,
+                                         LTC_OID_RSA_PSS,
+                                         LTC_ASN1_NULL, NULL, NULL,
+                                         (public_key_decode_cb)s_rsa_decode, key) == CRYPT_OK) {
+      return CRYPT_OK;
    }
+   s_rsa_pss_parameters_data_setup(&d);
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_RSA_PSS,
+                                            LTC_ASN1_SEQUENCE, d.params, &n_params,
+                                            (public_key_decode_cb)s_rsa_decode, key);
+}
 
-   der_free_sequence_flexi(decoded_list);
+LTC_INLINE static int s_rsa_import_spki(const unsigned char *in, unsigned long inlen, rsa_key *key)
+{
+   int err;
+   if (s_rsa_1_5_import_spki(in, inlen, key) == CRYPT_OK) {
+      return CRYPT_OK;
+   }
+
+   if ((err = s_rsa_pss_import_spki(in, inlen, key)) == CRYPT_OK) {
+      return CRYPT_OK;
+   }
    return err;
 }
 
 /**
-  Import an RSA key from a X.509 certificate
+  Import an RSA key from SubjectPublicKeyInfo
   @param in      The packet to import from
   @param inlen   It's length (octets)
   @param key     [out] Destination for newly imported key
   @return CRYPT_OK if successful, upon error allocated memory is freed
 */
-int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
+int rsa_import_spki(const unsigned char *in, unsigned long inlen, rsa_key *key)
 {
    int           err;
 
@@ -183,22 +190,58 @@ int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
       return err;
    }
 
-   if ((err = x509_decode_public_key_from_certificate(in, inlen,
-                                                      LTC_OID_RSA,
-                                                      LTC_ASN1_NULL, NULL, NULL,
-                                                      (public_key_decode_cb)s_rsa_decode, key)) == CRYPT_OK) {
+   if ((err = s_rsa_import_spki(in, inlen, key)) == CRYPT_OK) {
       key->type = PK_PUBLIC;
       return CRYPT_OK;
    }
 
-   if ((err = s_rsa_import_pss(in, inlen, key)) == CRYPT_OK) {
+   rsa_free(key);
+
+   return err;
+}
+
+/**
+  Import an RSA key from a X.509 certificate
+  @param in      The packet to import from
+  @param inlen   It's length (octets)
+  @param key     [out] Destination for newly imported key
+  @return CRYPT_OK if successful, upon error allocated memory is freed
+*/
+int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
+{
+   ltc_asn1_list *decoded_list;
+   const ltc_asn1_list *spki;
+   int           err;
+
+   LTC_ARGCHK(in          != NULL);
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   /* init key */
+   if ((err = rsa_init(key)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* First try to decode as SubjectPublicKeyInfo */
+   if (s_rsa_import_spki(in, inlen, key) == CRYPT_OK) {
       key->type = PK_PUBLIC;
       return CRYPT_OK;
    }
 
-   rsa_free(key);
+   /* Now try to extract the SubjectPublicKeyInfo from the Certificate */
+   if ((err = x509_decode_spki(in, inlen, &decoded_list, &spki)) != CRYPT_OK) {
+      rsa_free(key);
+      return err;
+   }
+   err = s_rsa_import_spki(spki->data, spki->size, key);
 
-   return err;
+   der_free_sequence_flexi(decoded_list);
+   if (err != CRYPT_OK) {
+      rsa_free(key);
+      return err;
+   }
+   key->type = PK_PUBLIC;
+   return CRYPT_OK;
 }
 
 #endif /* LTC_MRSA */