feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

expose ASN.1 helper fns, add blkType

Browse Source
This commit is contained in:
Chris Conlon
2014-01-10 16:13:56 -07:00
parent 0024db221f
commit 71e13a3c3a
2 changed files with 105 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

124
ctaocrypt/src/asn.c
View File

@ -398,8 +398,8 @@ CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format,
#endif /* MICRIUM */ #endif /* MICRIUM */
static int GetLength(const byte* input, word32* inOutIdx, int* len, CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx) word32 maxIdx)
{ {
int length = 0; int length = 0;
word32 i = *inOutIdx; word32 i = *inOutIdx;
@ -1280,6 +1280,10 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
XMEMSET(cert->extAuthKeyId, 0, SHA_SIZE); XMEMSET(cert->extAuthKeyId, 0, SHA_SIZE);
cert->extAuthKeyIdSet = 0; cert->extAuthKeyIdSet = 0;
cert->isCA = 0; cert->isCA = 0;
#ifdef HAVE_PKCS7
cert->issuerRaw = NULL;
cert->issuerRawLen = 0;
#endif
#ifdef CYASSL_CERT_GEN #ifdef CYASSL_CERT_GEN
cert->subjectSN = 0; cert->subjectSN = 0;
cert->subjectSNLen = 0; cert->subjectSNLen = 0;
@ -1611,6 +1615,12 @@ static int GetName(DecodedCert* cert, int nameType)
length += cert->srcIdx; length += cert->srcIdx;
idx = 0; idx = 0;
#ifdef HAVE_PKCS7
/* store pointer to raw issuer */
cert->issuerRaw = &cert->source[cert->srcIdx];
cert->issuerRawLen = length - cert->srcIdx;
#endif
while (cert->srcIdx < (word32)length) { while (cert->srcIdx < (word32)length) {
byte b; byte b;
byte joint[2]; byte joint[2];
@ -2230,7 +2240,7 @@ static word32 BytePrecision(word32 value)
} }
static word32 SetLength(word32 length, byte* output) CYASSL_LOCAL word32 SetLength(word32 length, byte* output)
{ {
word32 i = 0, j; word32 i = 0, j;
@ -2249,12 +2259,25 @@ static word32 SetLength(word32 length, byte* output)
} }
static word32 SetSequence(word32 len, byte* output) CYASSL_LOCAL word32 SetSequence(word32 len, byte* output)
{ {
output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED; output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED;
return SetLength(len, output + 1) + 1; return SetLength(len, output + 1) + 1;
} }
CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output)
{
output[0] = ASN_OCTET_STRING;
return SetLength(len, output + 1) + 1;
}
/* Write a set header to output */
CYASSL_LOCAL word32 SetSet(word32 len, byte* output)
{
output[0] = ASN_SET | ASN_CONSTRUCTED;
return SetLength(len, output + 1) + 1;
}
#if defined(HAVE_ECC) && defined(CYASSL_CERT_GEN) #if defined(HAVE_ECC) && defined(CYASSL_CERT_GEN)
@ -2329,7 +2352,7 @@ static word32 SetCurve(ecc_key* key, byte* output)
#endif /* HAVE_ECC && CYASSL_CERT_GEN */ #endif /* HAVE_ECC && CYASSL_CERT_GEN */
static word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
{ {
/* adding TAG_NULL and 0 to end */ /* adding TAG_NULL and 0 to end */
@ -2347,6 +2370,12 @@ static word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x02, 0x02, 0x05, 0x00}; 0x02, 0x02, 0x05, 0x00};
/* blkTypes */
static const byte desCbcAlgoID[] = { 0x2B, 0x0E, 0x03, 0x02, 0x07,
0x05, 0x00 };
static const byte des3CbcAlgoID[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x03, 0x07, 0x05, 0x00};
/* RSA sigTypes */ /* RSA sigTypes */
#ifndef NO_RSA #ifndef NO_RSA
static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
@ -2430,6 +2459,21 @@ static word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
return 0; /* UNKOWN_HASH_E; */ return 0; /* UNKOWN_HASH_E; */
} }
} }
else if (type == blkType) {
switch (algoOID) {
case DESb:
algoSz = sizeof(desCbcAlgoID);
algoName = desCbcAlgoID;
break;
case DES3b:
algoSz = sizeof(des3CbcAlgoID);
algoName = des3CbcAlgoID;
break;
default:
CYASSL_MSG("Unknown Block Algo");
return 0;
}
}
else if (type == sigType) { /* sigType */ else if (type == sigType) { /* sigType */
switch (algoOID) { switch (algoOID) {
#ifndef NO_RSA #ifndef NO_RSA
@ -3534,9 +3578,7 @@ void FreeSignerTable(Signer** table, int rows, void* heap)
} }
#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header)
static int SetMyVersion(word32 version, byte* output, int header)
{ {
int i = 0; int i = 0;
@ -3552,6 +3594,37 @@ static int SetMyVersion(word32 version, byte* output, int header)
} }
CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
{
int result = 0;
CYASSL_ENTER("SetSerialNumber");
if (snSz <= EXTERNAL_SERIAL_SIZE) {
output[0] = ASN_INTEGER;
/* The serial number is always positive. When encoding the
* INTEGER, if the MSB is 1, add a padding zero to keep the
* number positive. */
if (sn[0] & 0x80) {
output[1] = (byte)snSz + 1;
output[2] = 0;
XMEMCPY(&output[3], sn, snSz);
result = snSz + 3;
}
else {
output[1] = (byte)snSz;
XMEMCPY(&output[2], sn, snSz);
result = snSz + 2;
}
}
return result;
}
#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN)
/* convert der buffer to pem into output, can't do inplace, der and output /* convert der buffer to pem into output, can't do inplace, der and output
need to be different */ need to be different */
int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
@ -3837,14 +3910,6 @@ typedef struct DerCert {
} DerCert; } DerCert;
/* Write a set header to output */
static word32 SetSet(word32 len, byte* output)
{
output[0] = ASN_SET | ASN_CONSTRUCTED;
return SetLength(len, output + 1) + 1;
}
#ifdef CYASSL_CERT_REQ #ifdef CYASSL_CERT_REQ
/* Write a set header to output */ /* Write a set header to output */
@ -5785,33 +5850,6 @@ int OcspResponseDecode(OcspResponse* resp)
} }
static int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
{
int result = 0;
CYASSL_ENTER("SetSerialNumber");
if (snSz <= EXTERNAL_SERIAL_SIZE) {
output[0] = ASN_INTEGER;
/* The serial number is always positive. When encoding the
* INTEGER, if the MSB is 1, add a padding zero to keep the
* number positive. */
if (sn[0] & 0x80) {
output[1] = (byte)snSz + 1;
output[2] = 0;
XMEMCPY(&output[3], sn, snSz);
result = snSz + 3;
}
else {
output[1] = (byte)snSz;
XMEMCPY(&output[2], sn, snSz);
result = snSz + 2;
}
}
return result;
}
static word32 SetOcspReqExtensions(word32 extSz, byte* output, static word32 SetOcspReqExtensions(word32 extSz, byte* output,
const byte* nonce, word32 nonceSz) const byte* nonce, word32 nonceSz)
{ {

25
cyassl/ctaocrypt/asn.h
View File

@ -126,6 +126,7 @@ enum Misc_ASN {
MAX_ALGO_SZ = 20, MAX_ALGO_SZ = 20,
MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */
MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ MAX_SET_SZ = 5, /* enum(set | con) + length(4) */
MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */
MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */ MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */ MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */
@ -161,7 +162,8 @@ enum Oid_Types {
hashType = 0, hashType = 0,
sigType = 1, sigType = 1,
keyType = 2, keyType = 2,
curveType = 3 curveType = 3,
blkType = 4
}; };
@ -175,6 +177,12 @@ enum Hash_Sum {
}; };
enum Block_Sum {
DESb = 69,
DES3b = 652
};
enum Key_Sum { enum Key_Sum {
DSAk = 515, DSAk = 515,
RSAk = 645, RSAk = 645,
@ -342,6 +350,10 @@ struct DecodedCert {
int beforeDateLen; int beforeDateLen;
byte* afterDate; byte* afterDate;
int afterDateLen; int afterDateLen;
#ifdef HAVE_PKCS7
byte* issuerRaw; /* pointer to issuer inside source */
int issuerRawLen;
#endif
#if defined(CYASSL_CERT_GEN) #if defined(CYASSL_CERT_GEN)
/* easy access to subject info for other sign */ /* easy access to subject info for other sign */
char* subjectSN; char* subjectSN;
@ -430,6 +442,17 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
/* ASN.1 helper functions */
CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx);
CYASSL_LOCAL word32 SetLength(word32 length, byte* output);
CYASSL_LOCAL word32 SetSequence(word32 len, byte* output);
CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output);
CYASSL_LOCAL word32 SetSet(word32 len, byte* output);
CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
#ifdef HAVE_ECC #ifdef HAVE_ECC
/* ASN sig helpers */ /* ASN sig helpers */
CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,