diff options
| author | Rob Austein <sra@hactrn.net> | 2017-09-13 11:28:13 -0400 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2017-09-13 11:28:13 -0400 |
| commit | 5522df4f68bfa66b9b4446fdfb92783694586f70 (patch) | |
| tree | fa89fbd09f8ad3633b81de89ad8e2f973b6978f0 /hal.h | |
| parent | ae2985215d2329ac9663bbbedd925ec1b61cfaa1 (diff) | |
Sort-of-working, large (4096-bit) RSA keys broken.
Snapshot of mostly but not entirely working code to include the extra
ModExpA7 key components in the keystore. Need to investigate whether
a more compact representation is practical for these components, as
the current one bloats the key object so much that a bare 4096-bit key
won't fit in a single hash block, and there may not be enough room for
PKCS #11 attributes even for smaller keys.
If more compact representation not possible or insufficient, the other
option is to double the size of a keystore object, making it two flash
subsectors for a total of 8192 octets. Which would of course halve
the number of keys we can store and require a bunch of little tweaks
all through the ks code (particularly flash erase), so definitely
worth trying for a more compact representation first.
Diffstat (limited to 'hal.h')
| -rw-r--r-- | hal.h | 14 |
1 files changed, 12 insertions, 2 deletions
@@ -479,8 +479,6 @@ extern hal_error_t hal_rsa_private_key_to_der(const hal_rsa_key_t * const key, extern hal_error_t hal_rsa_private_key_to_der_extra(const hal_rsa_key_t * const key, uint8_t *der, size_t *der_len, const size_t der_max); -extern size_t hal_rsa_private_key_to_der_len(const hal_rsa_key_t * const key); - extern hal_error_t hal_rsa_private_key_from_der(hal_rsa_key_t **key, void *keybuf, const size_t keybuf_len, const uint8_t * const der, const size_t der_len); @@ -496,6 +494,18 @@ extern hal_error_t hal_rsa_public_key_from_der(hal_rsa_key_t **key, extern int hal_rsa_key_needs_saving(const hal_rsa_key_t * const key); +static inline size_t hal_rsa_private_key_to_der_len(const hal_rsa_key_t * const key) +{ + size_t len = 0; + return hal_rsa_private_key_to_der(key, NULL, &len, 0) == HAL_OK ? len : 0; +} + +static inline size_t hal_rsa_private_key_to_der_extra_len(const hal_rsa_key_t * const key) +{ + size_t len = 0; + return hal_rsa_private_key_to_der_extra(key, NULL, &len, 0) == HAL_OK ? len : 0; +} + /* * ECDSA. */ |