Refactor SubjectPublicKeyInfo import

sjaeckel · sjaeckel · commit e6605ca422c8 · 2025-09-13T12:05:23.000+02:00
Slightly minimize both space and time when importing a
SubjectPublicKeyInfo. Time for ECC keys stays the same.

Running the entire set of pem files through `x509_verify` via [0]
resp. the timing app via [1] resulted in the following data:

Before this patch:

[0]
```
==1031519== HEAP SUMMARY:
==1031519==     in use at exit: 0 bytes in 0 blocks
==1031519==   total heap usage: 424,057 allocs, 424,057 frees, 73,527,730 bytes allocated
```

[1]
```
x509 cert-rsa-pss.pem    :     50021 cycles
x509 LTC_CA.pem          :     10335 cycles
x509 LTC_S0.pem          :     47284 cycles
x509 LTC_SS0.pem         :     36687 cycles
x509 secp384r1.pem       :   1985416 cycles
x509 secp521r1.pem       :   3287773 cycles
x509 LTC_SSS0.pem        :     25086 cycles
x509 secp224r1.pem       :    775807 cycles
```

After this patch:

[0]
```
==1043548== HEAP SUMMARY:
==1043548==     in use at exit: 0 bytes in 0 blocks
==1043548==   total heap usage: 337,244 allocs, 337,244 frees, 65,047,463 bytes allocated
```

[1]
```
x509 cert-rsa-pss.pem    :     32568 cycles
x509 LTC_CA.pem          :      5478 cycles
x509 LTC_S0.pem          :     36093 cycles
x509 LTC_SS0.pem         :     23351 cycles
x509 secp384r1.pem       :   1984030 cycles
x509 secp521r1.pem       :   3303396 cycles
x509 LTC_SSS0.pem        :     13220 cycles
x509 secp224r1.pem       :    781534 cycles
```

[0] find tests/x509 -name '*.pem' -exec valgrind --leak-check=full --show-leak-kinds=all './x509_verify' {} \+
[1] ./timing x509

Signed-off-by: Steffen Jaeckel &lt;s@jaeckel.eu&gt;
diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h
@@ -454,6 +454,8 @@ int rsa_make_key_bn_e(prng_state *prng, int wprng, int size, void *e,
                       rsa_key *key); /* used by op-tee */
 int rsa_import_pkcs1(const unsigned char *in, unsigned long inlen, rsa_key *key);
 int rsa_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, rsa_key *key);
+int rsa_import_spki(const unsigned char *in, unsigned long inlen, rsa_key *key);
+int rsa_decode_parameters(const ltc_asn1_list *parameters, ltc_rsa_parameters *rsa_params);
 #endif /* LTC_MRSA */
 
 /* ---- DH Routines ---- */
@@ -561,8 +563,8 @@ int dsa_int_validate(const dsa_key *key, int *stat);
 int dsa_int_validate_xy(const dsa_key *key, int *stat);
 int dsa_int_validate_pqg(const dsa_key *key, int *stat);
 int dsa_int_validate_primes(const dsa_key *key, int *stat);
-int dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key);
 int dsa_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, dsa_key *key);
+int dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key);
 #endif /* LTC_MDSA */
 
 
diff --git a/src/pk/asn1/x509/x509_import.c b/src/pk/asn1/x509/x509_import.c
@@ -272,6 +272,11 @@ static int s_x509_get_sig_alg(const ltc_asn1_list *seq, ltc_x509_signature_algor
    if ((err = x509_get_sig_alg(&fake_sig_parent, sig_alg)) != CRYPT_OK) {
       return err;
    }
+   if (sig_alg->pka == LTC_PKA_RSA_PSS && seq->child && seq->child->next) {
+      if ((err = rsa_decode_parameters(seq->child->next, &sig_alg->u.rsa_params)) != CRYPT_OK) {
+         return err;
+      }
+   }
    sig_alg->asn1 = seq;
    return err;
 }
diff --git a/src/pk/asn1/x509/x509_import_spki.c b/src/pk/asn1/x509/x509_import_spki.c
@@ -9,22 +9,48 @@
 
 #ifdef LTC_DER
 
-typedef int (*import_fn)(const unsigned char *, unsigned long, void*);
+typedef int (*import_fn)(const unsigned char *, unsigned long, void *);
 
-static const import_fn s_import_x509_fns[LTC_PKA_NUM] = {
+#ifdef LTC_CURVE25519
+static int s_x25519_import_pub(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x25519_import_raw(in, inlen, PK_PUBLIC, key);
+}
+static int s_x25519_import_spki(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_X25519,
+                                            LTC_ASN1_EOL, NULL, NULL,
+                                            s_x25519_import_pub, key);
+}
+
+static int s_ed25519_import_pub(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return ed25519_import_raw(in, inlen, PK_PUBLIC, key);
+}
+static int s_ed25519_import_spki(const unsigned char *in, unsigned long inlen, void *key)
+{
+   return x509_process_public_key_from_spki(in, inlen,
+                                            LTC_OID_ED25519,
+                                            LTC_ASN1_EOL, NULL, NULL,
+                                            s_ed25519_import_pub, key);
+}
+#endif
+
+static const import_fn s_import_spki_fns[LTC_PKA_NUM] = {
 #ifdef LTC_MRSA
-                                                [LTC_PKA_RSA] = (import_fn)rsa_import_x509,
-                                                [LTC_PKA_RSA_PSS] = (import_fn)rsa_import_x509,
+                                                [LTC_PKA_RSA] = (import_fn)rsa_import_spki,
+                                                [LTC_PKA_RSA_PSS] = (import_fn)rsa_import_spki,
 #endif
 #ifdef LTC_MDSA
-                                                [LTC_PKA_DSA] = (import_fn)dsa_import,
+                                                [LTC_PKA_DSA] = (import_fn)dsa_import_spki,
 #endif
 #ifdef LTC_MECC
-                                                [LTC_PKA_EC] = (import_fn)ecc_import_x509,
+                                                [LTC_PKA_EC] = (import_fn)ecc_import_subject_public_key_info,
 #endif
 #ifdef LTC_CURVE25519
-                                                [LTC_PKA_X25519] = (import_fn)x25519_import_x509,
-                                                [LTC_PKA_ED25519] = (import_fn)ed25519_import_x509,
+                                                [LTC_PKA_X25519] = (import_fn)s_x25519_import_spki,
+                                                [LTC_PKA_ED25519] = (import_fn)s_ed25519_import_spki,
 #endif
 };
 
@@ -41,12 +67,12 @@ int x509_import_spki(const unsigned char *asn1_cert, unsigned long asn1_len, ltc
       goto err_out;
    }
    if (pka < 0
-         || pka > LTC_ARRAY_SIZE(s_import_x509_fns)
-         || s_import_x509_fns[pka] == NULL) {
+         || pka > LTC_ARRAY_SIZE(s_import_spki_fns)
+         || s_import_spki_fns[pka] == NULL) {
       err = CRYPT_PK_INVALID_TYPE;
       goto err_out;
    }
-   if ((err = s_import_x509_fns[pka](asn1_cert, asn1_len, &k->u)) == CRYPT_OK) {
+   if ((err = s_import_spki_fns[pka](spki->data, spki->size, &k->u)) == CRYPT_OK) {
       k->id = pka;
    }
 err_out:
diff --git a/src/pk/dsa/dsa_import.c b/src/pk/dsa/dsa_import.c
@@ -9,7 +9,7 @@
 
 #ifdef LTC_MDSA
 
-int dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key)
+static int s_dsa_import_pkcs1(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int           err;
    unsigned long zero = 0;
@@ -33,14 +33,32 @@ static int s_dsa_import_y(const unsigned char *in, unsigned long inlen, dsa_key
    return der_decode_integer(in, inlen, key->y);
 }
 
-LTC_INLINE static int s_dsa_set_params(dsa_key *key, ltc_asn1_list *params)
+static LTC_INLINE int s_dsa_set_params(dsa_key *key, ltc_asn1_list *params)
 {
    LTC_SET_ASN1(params, 0, LTC_ASN1_INTEGER, key->p, 1UL);
    LTC_SET_ASN1(params, 1, LTC_ASN1_INTEGER, key->q, 1UL);
    LTC_SET_ASN1(params, 2, LTC_ASN1_INTEGER, key->g, 1UL);
    return 3;
 }
 
+static LTC_INLINE int s_dsa_validate(dsa_key *key)
+{
+   int           err, stat;
+   key->qord = ltc_mp_unsigned_bin_size(key->q);
+
+   /* quick p, q, g validation, without primality testing
+    * + x, y validation */
+   if ((err = dsa_int_validate(key, &stat)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (stat == 0) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   return CRYPT_OK;
+}
+
 static int s_dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int err;
@@ -72,6 +90,28 @@ static int s_dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_k
    return err;
 }
 
+int dsa_import_spki(const unsigned char *in, unsigned long inlen, dsa_key *key)
+{
+   int           err;
+
+   LTC_ARGCHK(in  != NULL);
+
+   /* init key */
+   if ((err = dsa_int_init(key)) != CRYPT_OK) return err;
+
+   if ((err = s_dsa_import_spki(in, inlen, key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+   if ((err = s_dsa_validate(key)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   return CRYPT_OK;
+LBL_ERR:
+   dsa_free(key);
+   return err;
+}
+
 static int s_dsa_import_x509(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
    int err;
@@ -100,7 +140,7 @@ static int s_dsa_import_x509(const unsigned char *in, unsigned long inlen, dsa_k
 */
 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
 {
-   int           err, stat;
+   int           err;
    unsigned char flags[1];
 
    LTC_ARGCHK(in  != NULL);
@@ -148,26 +188,18 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
        }
    }
 
-   if (dsa_import_pkcs1(in, inlen, key) == CRYPT_OK) {
+   if (s_dsa_import_pkcs1(in, inlen, key) == CRYPT_OK) {
       goto LBL_OK;
    }
-   if ((err = s_dsa_import_spki(in, inlen, key)) == CRYPT_OK) {
+   if (s_dsa_import_spki(in, inlen, key) == CRYPT_OK) {
       goto LBL_OK;
    }
    if ((err = s_dsa_import_x509(in, inlen, key)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
 LBL_OK:
-   key->qord = ltc_mp_unsigned_bin_size(key->q);
-
-   /* quick p, q, g validation, without primality testing
-    * + x, y validation */
-   if ((err = dsa_int_validate(key, &stat)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-   if (stat == 0) {
-      err = CRYPT_INVALID_PACKET;
+   if ((err = s_dsa_validate(key)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
diff --git a/src/pk/rsa/rsa_import.c b/src/pk/rsa/rsa_import.c
@@ -99,23 +99,18 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
    LTC_ARGCHK(key         != NULL);
    LTC_ARGCHK(ltc_mp.name != NULL);
 
-   if ((err = rsa_import_x509(in, inlen, key)) == CRYPT_OK) { /* SubjectPublicKeyInfo format */
+   /* SubjectPublicKeyInfo or X.509 certificate format */
+   if (rsa_import_x509(in, inlen, key) == CRYPT_OK) {
       return CRYPT_OK;
    }
 
    /* init key */
    if ((err = rsa_init(key)) != CRYPT_OK) {
       return err;
    }
-
-   if ((err = x509_process_public_key_from_spki(in, inlen,
-                                                LTC_OID_RSA,
-                                                LTC_ASN1_NULL, NULL, NULL,
-                                                (public_key_decode_cb)s_rsa_decode, key)) != CRYPT_OK) {
-      /* not SSL public key, try to match against PKCS #1 standards */
-      if ((err = rsa_import_pkcs1(in, inlen, key)) != CRYPT_OK) {
-         rsa_free(key);
-      }
+   /* Try to match against PKCS #1 standards */
+   if ((err = rsa_import_pkcs1(in, inlen, key)) != CRYPT_OK) {
+      rsa_free(key);
    }
 
    return err;
diff --git a/src/pk/rsa/rsa_import_x509.c b/src/pk/rsa/rsa_import_x509.c

Original file line number	Diff line number	Diff line change
`@@ -272,6 +272,11 @@ static int s_x509_get_sig_alg(const ltc_asn1_list *seq, ltc_x509_signature_algor`
`272`	`272`	`if ((err = x509_get_sig_alg(&fake_sig_parent, sig_alg)) != CRYPT_OK) {`
`273`	`273`	`return err;`
`274`	`274`	`}`
	`275`	`+ if (sig_alg->pka == LTC_PKA_RSA_PSS && seq->child && seq->child->next) {`
	`276`	`+ if ((err = rsa_decode_parameters(seq->child->next, &sig_alg->u.rsa_params)) != CRYPT_OK) {`
	`277`	`+ return err;`
	`278`	`+ }`
	`279`	`+ }`
`275`	`280`	`sig_alg->asn1 = seq;`
`276`	`281`	`return err;`
`277`	`282`	`}`