Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Added new ASN X509 API: wc_GetSubjectPubKeyInfoDerFromCert #8758

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dgarske merged 3 commits into from
May 14, 2025
Merged

Added new ASN X509 API: wc_GetSubjectPubKeyInfoDerFromCert #8758

dgarske merged 3 commits into from
May 14, 2025

Conversation

@bigbrett
Copy link
Contributor

@bigbrett bigbrett commented May 9, 2025
edited
Loading

Description

Adds a new ASN API function to export the FULL public key from an X509, including subject public key info (SPKI). Currently we have wc_GetPubKeyDerFromCert() but this is only the raw public key DER fields and does not include SPKI headers.

Need something like this for wolfHSM cert management.

Testing

Added test to api.c

Checklist

  • added tests
  • updated/added doxygen
  • updated appropriate READMEs
  • [] Updated manual and documentation

@bigbrett bigbrett requested a review from Copilot May 9, 2025 18:34
Copilot AI reviewed May 9, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@bigbrett bigbrett requested a review from Copilot May 9, 2025 18:35
Copilot AI reviewed May 9, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a new ASN API function to export the full X509 public key including the Subject Public Key Info (SPKI) section. Key changes include:

  • Declaring the new function wc_ExportX509PubKeyWithSpki in asn_public.h.
  • Implementing the new API in asn.c with proper error checking and SPKI extraction.
  • Adding corresponding tests in tests/api.c to verify the functionality with RSA and ECC certificates.

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File Description
wolfssl/wolfcrypt/asn_public.h Added the function declaration for wc_ExportX509PubKeyWithSpki.
wolfcrypt/src/asn.c Implemented the new API function with SPKI extraction logic.
tests/api.c Introduced tests for the new API function covering valid and error cases.
Comments suppressed due to low confidence (1)

wolfssl/wolfcrypt/asn_public.h:882

  • [nitpick] The parameter name 'cert' in the header is inconsistent with 'certDer' used in the implementation; consider using consistent naming across header and source for clarity.
WOLFSSL_API int wc_ExportX509PubKeyWithSpki(const byte* cert, word32 certSz,

@bigbrett bigbrett force-pushed the exportx509pubkey-api branch from b1d2b53 to 95690ee Compare May 9, 2025 19:43
@bigbrett bigbrett force-pushed the exportx509pubkey-api branch from 95690ee to 79f214f Compare May 9, 2025 20:41
@anhu
Copy link
Member

anhu commented May 9, 2025

I'm not sure if its me thats weird, but shouldn't it be wc_ExportX509PubKeyAsSpki()

@bigbrett
Copy link
Contributor Author

bigbrett commented May 9, 2025

@anhu figured it was returning the public key portion of the cert WITH SPKI as opposed to our other version of it that returns just the raw stuff. But you are probably right here

@bigbrett
Copy link
Contributor Author

bigbrett commented May 9, 2025

Jenkins retest this please

@bigbrett bigbrett mentioned this pull request May 10, 2025
Merged
@bigbrett
Copy link
Contributor Author

bigbrett commented May 12, 2025

Accepting peanut gallery comments on an appropriate name for the function, Anthony makes a good point. If a reviewer has an opinion on what makes more sense please LMK

dgarske
dgarske requested changes May 12, 2025
View reviewed changes
@bigbrett
Copy link
Contributor Author

bigbrett commented May 12, 2025

Jenkins retest this please

@bigbrett bigbrett removed their assignment May 12, 2025
@bigbrett bigbrett requested a review from dgarske May 12, 2025 19:44
@dgarske dgarske changed the title add new ASN X509 API: wc_ExportX509PubKeyWithSpki add new ASN X509 API: wc_GetSubjectPubKeyInfoDerFromCert May 14, 2025
@dgarske dgarske changed the title add new ASN X509 API: wc_GetSubjectPubKeyInfoDerFromCert Added new ASN X509 API: wc_GetSubjectPubKeyInfoDerFromCert May 14, 2025
dgarske
dgarske requested changes May 14, 2025
View reviewed changes
@dgarske dgarske assigned bigbrett and unassigned dgarske May 14, 2025
@bigbrett
Copy link
Contributor Author

bigbrett commented May 14, 2025

Jenkins retest this please

@dgarske dgarske merged commit 49d9bfa into wolfSSL:master May 14, 2025
196 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dgarske dgarske dgarske approved these changes

Assignees

@bigbrett bigbrett

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bigbrett @anhu @dgarske @wolfSSL-Bot