Skip to content

This issue was moved to a discussion.

You can continue the conversation there. Go to discussion →

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

regression: creating an EC Public key using affine coordinates and non-deprecated calls #21871

Closed
ldts opened this issue Aug 28, 2023 · 0 comments
Closed

regression: creating an EC Public key using affine coordinates and non-deprecated calls #21871

ldts opened this issue Aug 28, 2023 · 0 comments

Comments

@ldts
Copy link
Contributor

ldts commented Aug 28, 2023
edited
Loading

Some criptoIPs can generate the EC PUB_X/PUB_Y affine coordinates on EC curves (their private keys never accessible outside the silicon)

These cryptographic IPs can be under control of a Trusted Execution Environment (see)
OP-TEE/optee_client#352 and the TEE at https://github.com/OP-TEE/optee_os/blob/master/core/pta/imx/manufacturing_protection.c

The following code, allows the user to validate the values read from the cryptographic IP and convert the public key to DER or PEM format

foundriesio/lmp-device-register@e763be5#diff-2d0eeb1947d28eea137eceb59a6a329480209c4848d432396bcb6c1fe49fd327R189

The issue with the code is that it uses many deprecated calls.

I have been trying to rewrite the function using EVP_KEY but I believe there is a regression:

static int foo(string &raw)
{
	EVP_PKEY_CTX *genctx = NULL;
	OSSL_LIB_CTX *libctx = NULL;
	const char *propq = NULL;
	EVP_PKEY *key = NULL;

	genctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq);
	
	if (genctx == NULL)
		leave;

	if (EVP_PKEY_keygen_init(genctx) <= 0)
		leave;

	BIGNUM *x_bn = nullptr;
	BIGNUM *y_bn = nullptr;
	
	x_bn = BN_bin2bn((unsigned char *)raw.c_str(),
			raw.size() / 2, nullptr);

	y_bn = BN_bin2bn((unsigned char *)raw.c_str() + raw.size() / 2,
			raw.size() / 2, nullptr);

	OSSL_PARAM_BLD *bld = OSSL_PARAM_BLD_new();

	OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
					(char *) SN_X9_62_prime256v1, 0);

	OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_PUB_X, x_bn);

	OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_PUB_Y, y_bn);

	OSSL_PARAM *params = OSSL_PARAM_BLD_to_param(bld);

	if (!EVP_PKEY_CTX_set_params(genctx, params))
		leave;

	if (EVP_PKEY_generate(genctx, &key) <= 0)
		leave;
}

Keys generated using this method above will overwrite the PUB_X/PUB_Y values without generating any errors.
I believe this to be a regression unless there is an interface that I am not aware for this use case.

From the documentation it seems that OSSL_PKEY_PARAM_EC_PUB_X and OSSL_PKEY_PARAM_EC_PUB_Y can only be used to read those values back - not to set them.

If anyone could help either by accepting the bug report or proposing an alternative that would be much appreciated .
@ldts ldts added the issue: bug report The issue was opened to report a bug label Aug 28, 2023
@ldts ldts changed the title regression: regression: creating an EC Public key using affine coordinates and non-deprecated calls Aug 28, 2023
@ldts ldts mentioned this issue Aug 28, 2023
Closed
@t8m t8m removed the issue: bug report The issue was opened to report a bug label Aug 28, 2023
@openssl openssl locked and limited conversation to collaborators Aug 28, 2023
@t8m t8m converted this issue into discussion #21872 Aug 28, 2023

This issue was moved to a discussion.

You can continue the conversation there. Go to discussion →

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@t8m @ldts