Fix for getting the sigSz and the e and n from the public key

examples/client/common.c

@@ -60,7 +60,7 @@ static byte userPrivateKeyBuf[1191]; /* Size equal to hanselPrivateRsaSz. */
 static byte* userPrivateKey = userPrivateKeyBuf;
 static word32 userPublicKeyTypeSz = 0;
 static byte userPrivateKeyAlloc = 0;
-static word32 userPrivateKeySz = sizeof(userPrivateKeyBuf);
+static word32 userPrivateKeySz = 0;
 static word32 userPrivateKeyTypeSz = 0;
 static byte isPrivate = 0;
 
@@ -942,13 +942,15 @@ int ClientSetPrivateKey(const char* privKeyName, int userEcc, void* heap)
     if (privKeyName == NULL) {
         if (userEcc) {
         #ifndef WOLFSSH_NO_ECC
+            userPrivateKeySz = sizeof(userPrivateKeyBuf);
             ret = wolfSSH_ReadKey_buffer(hanselPrivateEcc, hanselPrivateEccSz,
                     WOLFSSH_FORMAT_ASN1, &userPrivateKey, &userPrivateKeySz,
                     &userPrivateKeyType, &userPrivateKeyTypeSz, heap);
         #endif
         }
         else {
         #ifndef WOLFSSH_NO_RSA
+            userPrivateKeySz = sizeof(userPrivateKeyBuf);
             ret = wolfSSH_ReadKey_buffer(hanselPrivateRsa, hanselPrivateRsaSz,
                     WOLFSSH_FORMAT_ASN1, &userPrivateKey, &userPrivateKeySz,
                     &userPrivateKeyType, &userPrivateKeyTypeSz, heap);
@@ -973,6 +975,7 @@ int ClientSetPrivateKey(const char* privKeyName, int userEcc, void* heap)
     #elif !defined(NO_FILESYSTEM)
         userPrivateKey = NULL; /* create new buffer based on parsed input */
         userPrivateKeyAlloc = 1;
+        userPrivateKeySz = sizeof(userPrivateKeyBuf);
         ret = wolfSSH_ReadKey_file(privKeyName,
                 (byte**)&userPrivateKey, &userPrivateKeySz,
                 (const byte**)&userPrivateKeyType, &userPrivateKeyTypeSz,

src/internal.c

@@ -1544,6 +1544,92 @@ static int GetOpenSshKeyEd25519(ed25519_key* key,
     return ret;
 }
 #endif
+
+#ifndef WOLFSSH_NO_ECDSA
+static int GetOpenSshPublicKeyEcc(ecc_key* key, const byte* buf, word32 len,
+    word32* idx)
+{
+    int ret = WS_CRYPTO_FAILED;
+    (void)key;
+    (void)buf;
+    (void)len;
+    (void)idx;
+    /* TODO: Add ECC public key: See DoUserAuthRequestEcc and wc_ecc_import_x963 */
+    return ret;
+}
+#endif
+#ifndef WOLFSSH_NO_ED25519
+static int GetOpenSshKeyPublicEd25519(ed25519_key* key, const byte* buf,
+    word32 len, word32* idx)
+{
+    int ret = WS_CRYPTO_FAILED;
+    (void)key;
+    (void)buf;
+    (void)len;
+    (void)idx;
+    /* TODO: Add ECC public key: See DoUserAuthRequestEd25519 and wc_ed25519_import_public */
+    return ret;
+}
+#endif
+#ifndef WOLFSSH_NO_RSA
+static int GetOpenSshPublicKeyRsa(RsaKey* key, const byte* buf, word32 len,
+    word32* idx)
+{
+    int ret;
+    const byte *n = NULL, *e = NULL;
+    word32 nSz = 0, eSz = 0;
+
+    ret = GetMpint(&eSz, &e, buf, len, idx);
+    if (ret == WS_SUCCESS) {
+        ret = GetMpint(&nSz, &n, buf, len, idx);
+    }
+    if (ret == WS_SUCCESS) {
+        ret = wc_RsaPublicKeyDecodeRaw(n, nSz, e, eSz, key);
+        if (ret != 0) {
+            WLOG(WS_LOG_DEBUG, "Could not decode RSA public key");
+            ret = WS_CRYPTO_FAILED;
+        }
+    }
+    return ret;
+}
+#endif
+
+static int GetOpenSshPublicKey(WS_KeySignature *key,
+        const byte* buf, word32 len, word32* idx)
+{
+    int ret = WS_SUCCESS;
+    const byte* publicKeyType;
+    word32 publicKeyTypeSz = 0;
+    byte keyId;
+
+    ret = GetStringRef(&publicKeyTypeSz, &publicKeyType, buf, len, idx);
+    keyId = NameToId((const char*)publicKeyType, publicKeyTypeSz);
+
+    switch (keyId) {
+    #ifndef WOLFSSH_NO_RSA
+        case ID_SSH_RSA:
+            ret = GetOpenSshPublicKeyRsa(&key->ks.rsa.key, buf, len, idx);
+            break;
+    #endif
+    #ifndef WOLFSSH_NO_ECDSA
+        case ID_ECDSA_SHA2_NISTP256:
+        case ID_ECDSA_SHA2_NISTP384:
+        case ID_ECDSA_SHA2_NISTP521:
+            ret = GetOpenSshPublicKeyEcc(&key->ks.ecc.key, buf, len, idx);
+            break;
+    #endif
+    #ifndef WOLFSSH_NO_ED25519
+        case ID_ED25519:
+            ret = GetOpenSshKeyPublicEd25519(&key->ks.ed25519.key, buf, len, idx);
+            break;
+    #endif
+        default:
+            ret = WS_UNIMPLEMENTED_E;
+            break;
+    }
+    return ret;
+}
+
 /*
  * Decodes an OpenSSH format key.
  */
@@ -12696,24 +12782,18 @@ static int PrepareUserAuthRequestRsa(WOLFSSH* ssh, word32* payloadSz,
             ret = wc_RsaPublicKeyDecode(authData->sf.publicKey.publicKey,
                     &idx, &keySig->ks.rsa.key,
                     authData->sf.publicKey.publicKeySz);
-        } else
+        }
+        else
         #endif /* WOLFSSH_AGENT */
         #ifdef WOLFSSH_TPM
-        {
-        #if 0
-            ret = wc_RsaPublicKeyDecode(authData->sf.publicKey.publicKey,
-                    &idx, &keySig->ks.rsa.key,
-                    authData->sf.publicKey.publicKeySz);
-        #else
-            int sigSz = 256;
-            *payloadSz += (LENGTH_SZ * 3) + (word32)sigSz +
-                    authData->sf.publicKey.publicKeyTypeSz;
-            keySig->sigSz = sigSz;
-            (void)idx;
-            return 0;
-        #endif
+        if (authData->sf.publicKey.privateKey == NULL ||
+            authData->sf.publicKey.privateKeySz == 0) {
+            ret = GetOpenSshPublicKey(keySig,
+                    authData->sf.publicKey.publicKey,
+                    authData->sf.publicKey.publicKeySz, &idx);
         }
-        #else /* !WOLFSSH_TPM */
+        else
+        #endif
         {
             ret = wc_RsaPrivateKeyDecode(authData->sf.publicKey.privateKey,
                     &idx, &keySig->ks.rsa.key,
@@ -12725,7 +12805,6 @@ static int PrepareUserAuthRequestRsa(WOLFSSH* ssh, word32* payloadSz,
                         authData->sf.publicKey.privateKeySz, &idx);
             }
         }
-        #endif /* WOLFSSH_TPM */
     }
 
     if (ret == WS_SUCCESS) {