Add RNG params to private key parsing

This is necessary for the case where the public part of an EC keypair needs to be computed from the private part - either because it was not included (it's an optional component) or because it was compressed (a format we can't parse). This changes the API of two public functions: mbedtls_pk_parse_key() and mbedtls_pk_parse_keyfile(). Tests and programs have been adapted. Some programs use a non-secure RNG (from the test library) just to get things to compile and run; in a future commit this should be improved in order to demonstrate best practice. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2025-07-28 00:21:48 +03:00 · 2021-06-15 11:29:26 +02:00
parent 39be1410fd
commit 84dea01f36
25 changed files with 175 additions and 121 deletions
--- a/programs/fuzz/fuzz_dtlsserver.c
+++ b/programs/fuzz/fuzz_dtlsserver.c
@ -6,6 +6,7 @@
 #include "common.h"
 #include "mbedtls/ssl.h"
 #include "test/certs.h"
+#include "test/random.h"
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
 #include "mbedtls/entropy.h"
 #include "mbedtls/ctr_drbg.h"
@ -55,7 +56,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
                                   mbedtls_test_cas_pem_len ) != 0)
            return 1;
        if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                                 mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+                                 mbedtls_test_srv_key_len, NULL, 0,
+                                 mbedtls_test_rnd_std_rand, NULL ) != 0)
            return 1;
 #endif
        dummy_init();
--- a/programs/fuzz/fuzz_privkey.c
+++ b/programs/fuzz/fuzz_privkey.c
@ -3,6 +3,7 @@
 #include <stdint.h>
 #include <stdlib.h>
 #include "mbedtls/pk.h"
+#include "test/random.h"

 //4 Kb should be enough for every bug ;-)
 #define MAX_LEN 0x1000
@ -19,7 +20,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
    }

    mbedtls_pk_init( &pk );
-    ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0 );
+    ret = mbedtls_pk_parse_key( &pk, Data, Size, NULL, 0,
+                                mbedtls_test_rnd_std_rand, NULL );
    if (ret == 0) {
 #if defined(MBEDTLS_RSA_C)
        if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
--- a/programs/fuzz/fuzz_server.c
+++ b/programs/fuzz/fuzz_server.c
@ -66,7 +66,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
                                   mbedtls_test_cas_pem_len ) != 0)
            return 1;
        if (mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                                 mbedtls_test_srv_key_len, NULL, 0 ) != 0)
+                                 mbedtls_test_srv_key_len, NULL, 0,
+                                 mbedtls_ctr_drbg_random, &ctr_drbg ) != 0)
            return 1;
 #endif

--- a/programs/pkey/key_app.c
+++ b/programs/pkey/key_app.c
@ -40,6 +40,8 @@
 #include "mbedtls/rsa.h"
 #include "mbedtls/pk.h"

+#include "test/random.h"
+
 #include <string.h>
 #endif

@ -181,7 +183,8 @@ int main( int argc, char *argv[] )
        mbedtls_printf( "\n  . Loading the private key ..." );
        fflush( stdout );

-        ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password );
+        ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password,
+                                        mbedtls_test_rnd_std_rand, NULL );

        if( ret != 0 )
        {
--- a/programs/pkey/key_app_writer.c
+++ b/programs/pkey/key_app_writer.c
@ -39,6 +39,8 @@
 #include "mbedtls/pk.h"
 #include "mbedtls/error.h"

+#include "test/random.h"
+
 #include <stdio.h>
 #include <string.h>
 #endif
@ -292,8 +294,8 @@ int main( int argc, char *argv[] )
        mbedtls_printf( "\n  . Loading the private key ..." );
        fflush( stdout );

-        ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL );
-
+        ret = mbedtls_pk_parse_keyfile( &key, opt.filename, NULL,
+                                        mbedtls_test_rnd_std_rand, NULL );
        if( ret != 0 )
        {
            mbedtls_strerror( ret, (char *) buf, sizeof(buf) );
--- a/programs/pkey/pk_decrypt.c
+++ b/programs/pkey/pk_decrypt.c
@ -106,7 +106,8 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "\n  . Reading private key from '%s'", argv[1] );
    fflush( stdout );

-    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+                    mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! mbedtls_pk_parse_keyfile returned -0x%04x\n", (unsigned int) -ret );
        goto exit;
--- a/programs/pkey/pk_sign.c
+++ b/programs/pkey/pk_sign.c
@ -101,7 +101,8 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "\n  . Reading private key from '%s'", argv[1] );
    fflush( stdout );

-    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+                    mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! Could not parse '%s'\n", argv[1] );
        goto exit;
--- a/programs/pkey/rsa_sign_pss.c
+++ b/programs/pkey/rsa_sign_pss.c
@ -102,7 +102,8 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "\n  . Reading private key from '%s'", argv[1] );
    fflush( stdout );

-    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "" ) ) != 0 )
+    if( ( ret = mbedtls_pk_parse_keyfile( &pk, argv[1], "",
+                    mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
    {
        mbedtls_printf( " failed\n  ! Could not read key from '%s'\n", argv[1] );
        mbedtls_printf( "  ! mbedtls_pk_parse_public_keyfile returned %d\n\n", ret );
--- a/programs/ssl/dtls_server.c
+++ b/programs/ssl/dtls_server.c
@ -79,7 +79,9 @@ int main( void )
 #include "mbedtls/error.h"
 #include "mbedtls/debug.h"
 #include "mbedtls/timing.h"
+
 #include "test/certs.h"
+#include "test/random.h"

 #if defined(MBEDTLS_SSL_CACHE_C)
 #include "mbedtls/ssl_cache.h"
@ -138,7 +140,23 @@ int main( void )
 #endif

    /*
-     * 1. Load the certificates and private RSA key
+     * 1. Seed the RNG
+     */
+    printf( "  . Seeding the random number generator..." );
+    fflush( stdout );
+
+    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+                               (const unsigned char *) pers,
+                               strlen( pers ) ) ) != 0 )
+    {
+        printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+        goto exit;
+    }
+
+    printf( " ok\n" );
+
+    /*
+     * 2. Load the certificates and private RSA key
     */
    printf( "\n  . Loading the server cert. and key..." );
    fflush( stdout );
@ -165,7 +183,7 @@ int main( void )
    }

    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                         mbedtls_test_srv_key_len, NULL, 0 );
+                         mbedtls_test_srv_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg );
    if( ret != 0 )
    {
        printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
@ -175,7 +193,7 @@ int main( void )
    printf( " ok\n" );

    /*
-     * 2. Setup the "listening" UDP socket
+     * 3. Setup the "listening" UDP socket
     */
    printf( "  . Bind on udp/*/4433 ..." );
    fflush( stdout );
@ -188,22 +206,6 @@ int main( void )

    printf( " ok\n" );

-    /*
-     * 3. Seed the RNG
-     */
-    printf( "  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    printf( " ok\n" );
-
    /*
     * 4. Setup stuff
     */
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@ -1548,12 +1548,12 @@ int main( int argc, char *argv[] )
    else
 #if defined(MBEDTLS_FS_IO)
    if( strlen( opt.key_file ) )
-        ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd );
+        ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, opt.key_pwd, rng_get, &rng );
    else
 #endif
        ret = mbedtls_pk_parse_key( &pkey,
                (const unsigned char *) mbedtls_test_cli_key,
-                mbedtls_test_cli_key_len, NULL, 0 );
+                mbedtls_test_cli_key_len, NULL, 0, rng_get, &rng );
    if( ret != 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n",
--- a/programs/ssl/ssl_fork_server.c
+++ b/programs/ssl/ssl_fork_server.c
@ -166,7 +166,8 @@ int main( void )
    }

    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                          mbedtls_test_srv_key_len, NULL, 0 );
+                          mbedtls_test_srv_key_len, NULL, 0,
+                          mbedtls_ctr_drbg_random, &ctr_drbg );
    if( ret != 0 )
    {
        mbedtls_printf( " failed!  mbedtls_pk_parse_key returned %d\n\n", ret );
--- a/programs/ssl/ssl_mail_client.c
+++ b/programs/ssl/ssl_mail_client.c
@ -556,12 +556,17 @@ int main( int argc, char *argv[] )

 #if defined(MBEDTLS_FS_IO)
    if( strlen( opt.key_file ) )
-        ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "" );
+    {
+        ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file, "",
+                mbedtls_ctr_drbg_random, &ctr_drbg );
+    }
    else
 #endif
 #if defined(MBEDTLS_PEM_PARSE_C)
+    {
        ret = mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_cli_key,
-                mbedtls_test_cli_key_len, NULL, 0 );
+                mbedtls_test_cli_key_len, NULL, 0, mbedtls_ctr_drbg_random, &ctr_drbg );
+    }
 #else
    {
        mbedtls_printf("MBEDTLS_PEM_PARSE_C not defined.");
--- a/programs/ssl/ssl_pthread_server.c
+++ b/programs/ssl/ssl_pthread_server.c
@ -360,7 +360,23 @@ int main( void )
    mbedtls_entropy_init( &entropy );

    /*
-     * 1. Load the certificates and private RSA key
+     * 1a. Seed the random number generator
+     */
+    mbedtls_printf( "  . Seeding the random number generator..." );
+
+    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+                               (const unsigned char *) pers,
+                               strlen( pers ) ) ) != 0 )
+    {
+        mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
+                ( unsigned int ) -ret );
+        goto exit;
+    }
+
+    mbedtls_printf( " ok\n" );
+
+    /*
+     * 1b. Load the certificates and private RSA key
     */
    mbedtls_printf( "\n  . Loading the server cert. and key..." );
    fflush( stdout );
@ -388,7 +404,8 @@ int main( void )

    mbedtls_pk_init( &pkey );
    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                         mbedtls_test_srv_key_len, NULL, 0 );
+                         mbedtls_test_srv_key_len, NULL, 0,
+                         mbedtls_ctr_drbg_random, &ctr_drbg );
    if( ret != 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
@ -397,22 +414,6 @@ int main( void )

    mbedtls_printf( " ok\n" );

-    /*
-     * 1b. Seed the random number generator
-     */
-    mbedtls_printf( "  . Seeding the random number generator..." );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n",
-                ( unsigned int ) -ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
    /*
     * 1c. Prepare SSL configuration
     */
--- a/programs/ssl/ssl_server.c
+++ b/programs/ssl/ssl_server.c
@ -125,7 +125,23 @@ int main( void )
 #endif

    /*
-     * 1. Load the certificates and private RSA key
+     * 1. Seed the RNG
+     */
+    mbedtls_printf( "  . Seeding the random number generator..." );
+    fflush( stdout );
+
+    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
+                               (const unsigned char *) pers,
+                               strlen( pers ) ) ) != 0 )
+    {
+        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
+        goto exit;
+    }
+
+    mbedtls_printf( " ok\n" );
+
+    /*
+     * 2. Load the certificates and private RSA key
     */
    mbedtls_printf( "\n  . Loading the server cert. and key..." );
    fflush( stdout );
@ -152,7 +168,8 @@ int main( void )
    }

    ret =  mbedtls_pk_parse_key( &pkey, (const unsigned char *) mbedtls_test_srv_key,
-                         mbedtls_test_srv_key_len, NULL, 0 );
+                         mbedtls_test_srv_key_len, NULL, 0,
+                         mbedtls_ctr_drbg_random, &ctr_drbg );
    if( ret != 0 )
    {
        mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned %d\n\n", ret );
@ -162,7 +179,7 @@ int main( void )
    mbedtls_printf( " ok\n" );

    /*
-     * 2. Setup the listening TCP socket
+     * 3. Setup the listening TCP socket
     */
    mbedtls_printf( "  . Bind on https://localhost:4433/ ..." );
    fflush( stdout );
@ -175,22 +192,6 @@ int main( void )

    mbedtls_printf( " ok\n" );

-    /*
-     * 3. Seed the RNG
-     */
-    mbedtls_printf( "  . Seeding the random number generator..." );
-    fflush( stdout );
-
-    if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
-                               (const unsigned char *) pers,
-                               strlen( pers ) ) ) != 0 )
-    {
-        mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
-        goto exit;
-    }
-
-    mbedtls_printf( " ok\n" );
-
    /*
     * 4. Setup stuff
     */
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@ -20,6 +20,7 @@
 #define MBEDTLS_ALLOW_PRIVATE_ACCESS

 #include "ssl_test_lib.h"
+#include "test/random.h"

 #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE)
 int main( void )
@ -727,7 +728,8 @@ sni_entry *sni_parse( char *sni_string )
        mbedtls_pk_init( new->key );

        if( mbedtls_x509_crt_parse_file( new->cert, crt_file ) != 0 ||
-            mbedtls_pk_parse_keyfile( new->key, key_file, "" ) != 0 )
+            mbedtls_pk_parse_keyfile( new->key, key_file, "",
+                mbedtls_test_rnd_std_rand, NULL ) != 0 )
            goto error;

        if( strcmp( ca_file, "-" ) != 0 )
@ -2257,7 +2259,7 @@ int main( int argc, char *argv[] )
    {
        key_cert_init++;
        if( ( ret = mbedtls_pk_parse_keyfile( &pkey, opt.key_file,
-                                              opt.key_pwd ) ) != 0 )
+                                              opt.key_pwd, rng_get, &rng ) ) != 0 )
        {
            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile returned -0x%x\n\n", (unsigned int) -ret );
            goto exit;
@ -2283,7 +2285,7 @@ int main( int argc, char *argv[] )
    {
        key_cert_init2++;
        if( ( ret = mbedtls_pk_parse_keyfile( &pkey2, opt.key_file2,
-                                              opt.key_pwd2 ) ) != 0 )
+                                              opt.key_pwd2, rng_get, &rng ) ) != 0 )
        {
            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_keyfile(2) returned -0x%x\n\n",
                            (unsigned int) -ret );
@ -2314,7 +2316,8 @@ int main( int argc, char *argv[] )
        }
        if( ( ret = mbedtls_pk_parse_key( &pkey,
                                  (const unsigned char *) mbedtls_test_srv_key_rsa,
-                                  mbedtls_test_srv_key_rsa_len, NULL, 0 ) ) != 0 )
+                                  mbedtls_test_srv_key_rsa_len, NULL, 0,
+                                  rng_get, &rng ) ) != 0 )
        {
            mbedtls_printf( " failed\n  !  mbedtls_pk_parse_key returned -0x%x\n\n",
                            (unsigned int) -ret );
@ -2333,7 +2336,8 @@ int main( int argc, char *argv[] )
        }
        if( ( ret = mbedtls_pk_parse_key( &pkey2,
                                  (const unsigned char *) mbedtls_test_srv_key_ec,
-                                  mbedtls_test_srv_key_ec_len, NULL, 0 ) ) != 0 )
+                                  mbedtls_test_srv_key_ec_len, NULL, 0,
+                                  rng_get, &rng ) ) != 0 )
        {
            mbedtls_printf( " failed\n  !  pk_parse_key2 returned -0x%x\n\n",
                            (unsigned int) -ret );
--- a/programs/x509/cert_req.c
+++ b/programs/x509/cert_req.c
@ -346,7 +346,8 @@ int main( int argc, char *argv[] )
    mbedtls_printf( "  . Loading the private key ..." );
    fflush( stdout );

-    ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password );
+    ret = mbedtls_pk_parse_keyfile( &key, opt.filename, opt.password,
+                                    mbedtls_ctr_drbg_random, &ctr_drbg );

    if( ret != 0 )
    {
--- a/programs/x509/cert_write.c
+++ b/programs/x509/cert_write.c
@ -577,7 +577,7 @@ int main( int argc, char *argv[] )
        fflush( stdout );

        ret = mbedtls_pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
-                                 opt.subject_pwd );
+                opt.subject_pwd, mbedtls_ctr_drbg_random, &ctr_drbg );
        if( ret != 0 )
        {
            mbedtls_strerror( ret, buf, 1024 );
@ -593,7 +593,7 @@ int main( int argc, char *argv[] )
    fflush( stdout );

    ret = mbedtls_pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
-                             opt.issuer_pwd );
+            opt.issuer_pwd, mbedtls_ctr_drbg_random, &ctr_drbg );
    if( ret != 0 )
    {
        mbedtls_strerror( ret, buf, 1024 );