export-object: Recover public key from algorithm specific attributes

Some tokens such as SoftHSMv2 omits CKA_PUBLIC_KEY_INFO when it can be derived from algorithm specific attributes, such as CKA_MODULUS and CKA_PUBLIC_EXPONENT for RSA. This adds support for it if libtasn1 is available at compile time. Signed-off-by: Daiki Ueno <[email protected]>
ueno · Sep 21, 2023 · 4b69824 · 4b69824
1 parent c17d7a9
commit 4b69824
Show file tree

Hide file tree

Showing 5 changed files with 339 additions and 55 deletions.
diff --git a/common/oid.h b/common/oid.h
@@ -241,4 +241,7 @@ static const unsigned char P11_OID_RESERVED_PURPOSE[] =
 	{ 0x06, 0x0a, 0x2b, 0x06, 0x01, 0x04, 0x01, 0x99, 0x77, 0x06, 0x0a, 0x10 };
 static const char P11_OID_RESERVED_PURPOSE_STR[] = "1.3.6.1.4.1.3319.6.10.16";
 
+static const char P11_OID_PKIX1_RSA_STR[] = "1.2.840.113549.1.1.1";
+static const char P11_OID_PKIX1_EC_STR[] = "1.2.840.10045.2.1";
+
 #endif
diff --git a/common/pkix.asn b/common/pkix.asn
@@ -537,4 +537,11 @@ ProxyPolicy ::= SEQUENCE {
   policyLanguage   OBJECT IDENTIFIER,
   policy           OCTET STRING OPTIONAL }
 
+RSAPublicKey ::= SEQUENCE {
+    modulus INTEGER,
+    publicExponent INTEGER }
+
+ECParameters ::= CHOICE {
+    namedCurve         OBJECT IDENTIFIER }
+
 END
diff --git a/p11-kit/Makefile.am b/p11-kit/Makefile.am
@@ -283,6 +283,11 @@ p11_kit_p11_kit_LDADD = \
 	$(LTLIBINTL) \
 	$(NULL)
 
+if WITH_ASN1
+p11_kit_p11_kit_CFLAGS += $(LIBTASN1_CFLAGS)
+p11_kit_p11_kit_LDADD += libp11-asn1.la $(LIBTASN1_LIBS)
+endif
+
 if WITH_BASH_COMPLETION
 bashcomp_DATA += bash-completion/p11-kit
 endif
@@ -312,6 +317,11 @@ p11_kit_p11_kit_testable_CFLAGS = \
 	$(COMMON_CFLAGS) \
 	$(NULL)
 
+if WITH_ASN1
+p11_kit_p11_kit_testable_CFLAGS += $(LIBTASN1_CFLAGS)
+p11_kit_p11_kit_testable_LDADD += libp11-asn1.la $(LIBTASN1_LIBS)
+endif
+
 private_PROGRAMS += p11-kit/p11-kit-remote
 
 p11_kit_p11_kit_remote_SOURCES = \