[openssl-dev] [openssl.org #3887] PATCH: rsautl and intelligent retry for Public Key parse after Traditional/Subject Public Key Info parse fails

Mon Jun 1 19:14:21 UTC 2015

On 5/31/2015 2:46 AM, noloader at gmail.com via RT wrote:
> apps.c has a couple of parsing routines called load_pubkey and
> load_key. rsautl uses those routines.
>
> However, there's no option in rsautil to use anything other than a
> ASN.1/DER or PEM encoded traditional key (or subject public key info).
> The code paths are present, we just can't seem to get to them.

The load_pubkey already has code to support FORMAT_PEMRSA
and call PEM_read_bio_RSAPublicKey

Looking at OpenSSL 1.0.2, it looks like the problem is more in
apps.c in the str2fmt that does not have an option to set FORMAT_PEMRSA
or FORMAT_ASN1RSA.

>
> Folks in the field have problem with it on occasion. See, for example,
> "Can't load programmatically generated public key,"
> http://stackoverflow.com/q/30547646.
>
> This patch adds an intelligent fallback:
>
>      /* rsautl does not offer a way to specify just a public key. It
> requires a */
>      /*   subjectPublicKeyInfo, and there's no argument or option to
> switch to  */
>      /*   the other type with either ASN.1/DER or PEM. This attempts to
> make an */
>      /*   intelligent retry. */
>      if(keyformat == FORMAT_PEM) {
>          next_format = FORMAT_PEMRSA;
>      } if(keyformat == FORMAT_ASN1) {
>          next_format = FORMAT_ASN1RSA;
>      } else {
>          next_format = -1;
>      }
>
>      switch (key_type) {
>      case KEY_PRIVKEY:
>          pkey = load_key(keyfile, keyformat, 0, passin, e, "Private
> Key", 0 /*last_try*/);
>          if(!pkey && next_format != -1) { pkey = load_key(keyfile,
> next_format, 0, passin, e, "Private Key", 1 /*last_try*/); }
>          break;
>
>      case KEY_PUBKEY:
>          pkey = load_pubkey(keyfile, keyformat, 0, NULL, e, "Public
> Key", 0 /*last_try*/);
>          if(!pkey && next_format != -1) { pkey = load_pubkey(keyfile,
> next_format, 0, NULL, e, "Public Key", 1 /*last_try*/); }
>          break;
>
> Then, functions load_key and load_pubkey suppress the error messages
> if last_try is 0:
>
>      if (pkey == NULL && last_try) {
>          BIO_printf(bio_err, "unable to load %s\n", key_descrip);
>      }
>
> All in all, existing behavior and error messages are maintained. The
> subcommand is just a little more robust.
>
> Related, we might be able to make similar changes to rsa.c. But
> there's some extra special sauce present, so it was not a clear
> cut-in. I think the special sauce kid of attempts to do the same thing
> as above. (Maybe this patch should act more like rsa.c?)
>
>
>
> _______________________________________________
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>

-- 

  Douglas E. Engert  <DEEngert at gmail.com>