Skip to content

Commit

Permalink
[release/5.x] Cherry pick: OpenSSL 3.3: proper public key loading for…
Browse files Browse the repository at this point in the history 
… EC keys (#6613) (#6614)

Co-authored-by: Max <[email protected]>
  • Loading branch information
@maxtropets
CCF [bot] and maxtropets authored Nov 6, 2024
1 parent 916b0ee commit ea9f1a1
Showing 1 changed file with 17 additions and 11 deletions.
28 changes: 17 additions & 11 deletions src/crypto/openssl/public_key.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -287,23 +287,29 @@ namespace ccf::crypto
Unique_PKEY key_from_raw_ec_point(const std::vector<uint8_t>& raw, int nid)
{
#if defined(OPENSSL_VERSION_MAJOR) && OPENSSL_VERSION_MAJOR >= 3
const unsigned char* pp = raw.data();
EVP_PKEY* pkey = NULL;
OSSL_PARAM params[2];
const auto curve_name = (char*)OSSL_EC_curve_nid2name(nid);

OSSL_PARAM params[3];
params[0] = OSSL_PARAM_construct_utf8_string(
OSSL_PKEY_PARAM_GROUP_NAME, (char*)OSSL_EC_curve_nid2name(nid), 0);
params[1] = OSSL_PARAM_construct_end();
OSSL_PKEY_PARAM_GROUP_NAME, curve_name, 0);
params[1] = OSSL_PARAM_construct_octet_string(
OSSL_PKEY_PARAM_PUB_KEY, (void*)raw.data(), raw.size());
params[2] = OSSL_PARAM_construct_end();

Unique_EVP_PKEY_CTX pctx("EC");
EVP_PKEY_fromdata_init(pctx);
EVP_PKEY_fromdata(
pctx, &pkey, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, params);
auto pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL);
CHECK1(EVP_PKEY_fromdata_init(pctx));

EVP_PKEY* pkey = NULL;
CHECK1(EVP_PKEY_fromdata(pctx, &pkey, EVP_PKEY_PUBLIC_KEY, params));

pkey = d2i_PublicKey(EVP_PKEY_EC, &pkey, &pp, raw.size());
if (pkey == NULL)
{
EVP_PKEY_free(pkey);
throw std::logic_error("Error loading public key");

throw std::logic_error(fmt::format(
"Error loading public key. Curve: {}, err: {}",
curve_name,
OpenSSL::error_string(ERR_get_error())));
}

Unique_PKEY pk(pkey);
Expand Down

0 comments on commit ea9f1a1

Please sign in to comment.