| /* asn.c |
| * |
| * Copyright (C) 2006-2015 wolfSSL Inc. |
| * |
| * This file is part of wolfSSL. (formerly known as CyaSSL) |
| * |
| * wolfSSL is free software; you can redistribute it and/or modify |
| * it under the terms of the GNU General Public License as published by |
| * the Free Software Foundation; either version 2 of the License, or |
| * (at your option) any later version. |
| * |
| * wolfSSL is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| * GNU General Public License for more details. |
| * |
| * You should have received a copy of the GNU General Public License |
| * along with this program; if not, write to the Free Software |
| * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
| */ |
| |
| #ifdef HAVE_CONFIG_H |
| #include <config.h> |
| #endif |
| |
| #include <wolfssl/wolfcrypt/settings.h> |
| |
| #ifndef NO_ASN |
| |
| #ifdef HAVE_RTP_SYS |
| #include "os.h" /* dc_rtc_api needs */ |
| #include "dc_rtc_api.h" /* to get current time */ |
| #endif |
| |
| #include <wolfssl/wolfcrypt/asn.h> |
| #include <wolfssl/wolfcrypt/coding.h> |
| #include <wolfssl/wolfcrypt/md2.h> |
| #include <wolfssl/wolfcrypt/hmac.h> |
| #include <wolfssl/wolfcrypt/error-crypt.h> |
| #include <wolfssl/wolfcrypt/pwdbased.h> |
| #include <wolfssl/wolfcrypt/des3.h> |
| #include <wolfssl/wolfcrypt/logging.h> |
| |
| #include <wolfssl/wolfcrypt/random.h> |
| |
| |
| #ifndef NO_RC4 |
| #include <wolfssl/wolfcrypt/arc4.h> |
| #endif |
| |
| #ifdef HAVE_NTRU |
| #include "ntru_crypto.h" |
| #endif |
| |
| #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) |
| #include <wolfssl/wolfcrypt/sha512.h> |
| #endif |
| |
| #ifndef NO_SHA256 |
| #include <wolfssl/wolfcrypt/sha256.h> |
| #endif |
| |
| #ifdef HAVE_ECC |
| #include <wolfssl/wolfcrypt/ecc.h> |
| #endif |
| |
| #ifdef WOLFSSL_DEBUG_ENCODING |
| #ifdef FREESCALE_MQX |
| #include <fio.h> |
| #else |
| #include <stdio.h> |
| #endif |
| #endif |
| |
| #ifdef _MSC_VER |
| /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */ |
| #pragma warning(disable: 4996) |
| #endif |
| |
| |
| #ifndef TRUE |
| #define TRUE 1 |
| #endif |
| #ifndef FALSE |
| #define FALSE 0 |
| #endif |
| |
| |
| #ifdef HAVE_RTP_SYS |
| /* uses parital <time.h> structures */ |
| #define XTIME(tl) (0) |
| #define XGMTIME(c, t) my_gmtime((c)) |
| #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) |
| #elif defined(MICRIUM) |
| #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) |
| #define XVALIDATE_DATE(d,f,t) NetSecure_ValidateDateHandler((d),(f),(t)) |
| #else |
| #define XVALIDATE_DATE(d, f, t) (0) |
| #endif |
| #define NO_TIME_H |
| /* since Micrium not defining XTIME or XGMTIME, CERT_GEN not available */ |
| #elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP) |
| #include <time.h> |
| #define XTIME(t1) pic32_time((t1)) |
| #define XGMTIME(c, t) gmtime((c)) |
| #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) |
| #elif defined(FREESCALE_MQX) |
| #define XTIME(t1) mqx_time((t1)) |
| #define XGMTIME(c, t) mqx_gmtime((c), (t)) |
| #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) |
| #elif defined(WOLFSSL_MDK_ARM) |
| #if defined(WOLFSSL_MDK5) |
| #include "cmsis_os.h" |
| #else |
| #include <rtl.h> |
| #endif |
| #undef RNG |
| #include "wolfssl_MDK_ARM.h" |
| #undef RNG |
| #define RNG wolfSSL_RNG /*for avoiding name conflict in "stm32f2xx.h" */ |
| #define XTIME(tl) (0) |
| #define XGMTIME(c, t) wolfssl_MDK_gmtime((c)) |
| #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) |
| #elif defined(USER_TIME) |
| /* user time, and gmtime compatible functions, there is a gmtime |
| implementation here that WINCE uses, so really just need some ticks |
| since the EPOCH |
| */ |
| |
| struct tm { |
| int tm_sec; /* seconds after the minute [0-60] */ |
| int tm_min; /* minutes after the hour [0-59] */ |
| int tm_hour; /* hours since midnight [0-23] */ |
| int tm_mday; /* day of the month [1-31] */ |
| int tm_mon; /* months since January [0-11] */ |
| int tm_year; /* years since 1900 */ |
| int tm_wday; /* days since Sunday [0-6] */ |
| int tm_yday; /* days since January 1 [0-365] */ |
| int tm_isdst; /* Daylight Savings Time flag */ |
| long tm_gmtoff; /* offset from CUT in seconds */ |
| char *tm_zone; /* timezone abbreviation */ |
| }; |
| typedef long time_t; |
| |
| /* forward declaration */ |
| struct tm* gmtime(const time_t* timer); |
| extern time_t XTIME(time_t * timer); |
| |
| #define XGMTIME(c, t) gmtime((c)) |
| #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) |
| |
| #ifdef STACK_TRAP |
| /* for stack trap tracking, don't call os gmtime on OS X/linux, |
| uses a lot of stack spce */ |
| extern time_t time(time_t * timer); |
| #define XTIME(tl) time((tl)) |
| #endif /* STACK_TRAP */ |
| |
| #elif defined(TIME_OVERRIDES) |
| /* user would like to override time() and gmtime() functionality */ |
| |
| #ifndef HAVE_TIME_T_TYPE |
| typedef long time_t; |
| #endif |
| extern time_t XTIME(time_t * timer); |
| |
| #ifndef HAVE_TM_TYPE |
| struct tm { |
| int tm_sec; /* seconds after the minute [0-60] */ |
| int tm_min; /* minutes after the hour [0-59] */ |
| int tm_hour; /* hours since midnight [0-23] */ |
| int tm_mday; /* day of the month [1-31] */ |
| int tm_mon; /* months since January [0-11] */ |
| int tm_year; /* years since 1900 */ |
| int tm_wday; /* days since Sunday [0-6] */ |
| int tm_yday; /* days since January 1 [0-365] */ |
| int tm_isdst; /* Daylight Savings Time flag */ |
| long tm_gmtoff; /* offset from CUT in seconds */ |
| char *tm_zone; /* timezone abbreviation */ |
| }; |
| #endif |
| extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp); |
| |
| #ifndef HAVE_VALIDATE_DATE |
| #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) |
| #endif |
| #else |
| /* default */ |
| /* uses complete <time.h> facility */ |
| #include <time.h> |
| #define XTIME(tl) time((tl)) |
| #define XGMTIME(c, t) gmtime((c)) |
| #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) |
| #endif |
| |
| |
| #ifdef _WIN32_WCE |
| /* no time() or gmtime() even though in time.h header?? */ |
| |
| #include <windows.h> |
| |
| |
| time_t time(time_t* timer) |
| { |
| SYSTEMTIME sysTime; |
| FILETIME fTime; |
| ULARGE_INTEGER intTime; |
| time_t localTime; |
| |
| if (timer == NULL) |
| timer = &localTime; |
| |
| GetSystemTime(&sysTime); |
| SystemTimeToFileTime(&sysTime, &fTime); |
| |
| XMEMCPY(&intTime, &fTime, sizeof(FILETIME)); |
| /* subtract EPOCH */ |
| intTime.QuadPart -= 0x19db1ded53e8000; |
| /* to secs */ |
| intTime.QuadPart /= 10000000; |
| *timer = (time_t)intTime.QuadPart; |
| |
| return *timer; |
| } |
| |
| #endif /* _WIN32_WCE */ |
| #if defined( _WIN32_WCE ) || defined( USER_TIME ) |
| |
| struct tm* gmtime(const time_t* timer) |
| { |
| #define YEAR0 1900 |
| #define EPOCH_YEAR 1970 |
| #define SECS_DAY (24L * 60L * 60L) |
| #define LEAPYEAR(year) (!((year) % 4) && (((year) % 100) || !((year) %400))) |
| #define YEARSIZE(year) (LEAPYEAR(year) ? 366 : 365) |
| |
| static const int _ytab[2][12] = |
| { |
| {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}, |
| {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31} |
| }; |
| |
| static struct tm st_time; |
| struct tm* ret = &st_time; |
| time_t secs = *timer; |
| unsigned long dayclock, dayno; |
| int year = EPOCH_YEAR; |
| |
| dayclock = (unsigned long)secs % SECS_DAY; |
| dayno = (unsigned long)secs / SECS_DAY; |
| |
| ret->tm_sec = (int) dayclock % 60; |
| ret->tm_min = (int)(dayclock % 3600) / 60; |
| ret->tm_hour = (int) dayclock / 3600; |
| ret->tm_wday = (int) (dayno + 4) % 7; /* day 0 a Thursday */ |
| |
| while(dayno >= (unsigned long)YEARSIZE(year)) { |
| dayno -= YEARSIZE(year); |
| year++; |
| } |
| |
| ret->tm_year = year - YEAR0; |
| ret->tm_yday = (int)dayno; |
| ret->tm_mon = 0; |
| |
| while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) { |
| dayno -= _ytab[LEAPYEAR(year)][ret->tm_mon]; |
| ret->tm_mon++; |
| } |
| |
| ret->tm_mday = (int)++dayno; |
| ret->tm_isdst = 0; |
| |
| return ret; |
| } |
| |
| #endif /* _WIN32_WCE || USER_TIME */ |
| |
| |
| #ifdef HAVE_RTP_SYS |
| |
| #define YEAR0 1900 |
| |
| struct tm* my_gmtime(const time_t* timer) /* has a gmtime() but hangs */ |
| { |
| static struct tm st_time; |
| struct tm* ret = &st_time; |
| |
| DC_RTC_CALENDAR cal; |
| dc_rtc_time_get(&cal, TRUE); |
| |
| ret->tm_year = cal.year - YEAR0; /* gm starts at 1900 */ |
| ret->tm_mon = cal.month - 1; /* gm starts at 0 */ |
| ret->tm_mday = cal.day; |
| ret->tm_hour = cal.hour; |
| ret->tm_min = cal.minute; |
| ret->tm_sec = cal.second; |
| |
| return ret; |
| } |
| |
| #endif /* HAVE_RTP_SYS */ |
| |
| |
| #if defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP) |
| |
| /* |
| * time() is just a stub in Microchip libraries. We need our own |
| * implementation. Use SNTP client to get seconds since epoch. |
| */ |
| time_t pic32_time(time_t* timer) |
| { |
| #ifdef MICROCHIP_TCPIP_V5 |
| DWORD sec = 0; |
| #else |
| uint32_t sec = 0; |
| #endif |
| time_t localTime; |
| |
| if (timer == NULL) |
| timer = &localTime; |
| |
| #ifdef MICROCHIP_MPLAB_HARMONY |
| sec = TCPIP_SNTP_UTCSecondsGet(); |
| #else |
| sec = SNTPGetUTCSeconds(); |
| #endif |
| *timer = (time_t) sec; |
| |
| return *timer; |
| } |
| |
| #endif /* MICROCHIP_TCPIP */ |
| |
| |
| #ifdef FREESCALE_MQX |
| |
| time_t mqx_time(time_t* timer) |
| { |
| time_t localTime; |
| TIME_STRUCT time_s; |
| |
| if (timer == NULL) |
| timer = &localTime; |
| |
| _time_get(&time_s); |
| *timer = (time_t) time_s.SECONDS; |
| |
| return *timer; |
| } |
| |
| /* CodeWarrior GCC toolchain only has gmtime_r(), no gmtime() */ |
| struct tm* mqx_gmtime(const time_t* clock, struct tm* tmpTime) |
| { |
| return gmtime_r(clock, tmpTime); |
| } |
| |
| #endif /* FREESCALE_MQX */ |
| |
| #ifdef WOLFSSL_TIRTOS |
| |
| time_t XTIME(time_t * timer) |
| { |
| time_t sec = 0; |
| |
| sec = (time_t) Seconds_get(); |
| |
| if (timer != NULL) |
| *timer = sec; |
| |
| return sec; |
| } |
| |
| #endif /* WOLFSSL_TIRTOS */ |
| |
| static INLINE word32 btoi(byte b) |
| { |
| return b - 0x30; |
| } |
| |
| |
| /* two byte date/time, add to value */ |
| static INLINE void GetTime(int* value, const byte* date, int* idx) |
| { |
| int i = *idx; |
| |
| *value += btoi(date[i++]) * 10; |
| *value += btoi(date[i++]); |
| |
| *idx = i; |
| } |
| |
| |
| #if defined(MICRIUM) |
| |
| CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format, |
| CPU_INT08U dateType) |
| { |
| CPU_BOOLEAN rtn_code; |
| CPU_INT32S i; |
| CPU_INT32S val; |
| CPU_INT16U year; |
| CPU_INT08U month; |
| CPU_INT16U day; |
| CPU_INT08U hour; |
| CPU_INT08U min; |
| CPU_INT08U sec; |
| |
| i = 0; |
| year = 0u; |
| |
| if (format == ASN_UTC_TIME) { |
| if (btoi(date[0]) >= 5) |
| year = 1900; |
| else |
| year = 2000; |
| } |
| else { /* format == GENERALIZED_TIME */ |
| year += btoi(date[i++]) * 1000; |
| year += btoi(date[i++]) * 100; |
| } |
| |
| val = year; |
| GetTime(&val, date, &i); |
| year = (CPU_INT16U)val; |
| |
| val = 0; |
| GetTime(&val, date, &i); |
| month = (CPU_INT08U)val; |
| |
| val = 0; |
| GetTime(&val, date, &i); |
| day = (CPU_INT16U)val; |
| |
| val = 0; |
| GetTime(&val, date, &i); |
| hour = (CPU_INT08U)val; |
| |
| val = 0; |
| GetTime(&val, date, &i); |
| min = (CPU_INT08U)val; |
| |
| val = 0; |
| GetTime(&val, date, &i); |
| sec = (CPU_INT08U)val; |
| |
| return NetSecure_ValidateDate(year, month, day, hour, min, sec, dateType); |
| } |
| |
| #endif /* MICRIUM */ |
| |
| |
| WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, |
| word32 maxIdx) |
| { |
| int length = 0; |
| word32 i = *inOutIdx; |
| byte b; |
| |
| *len = 0; /* default length */ |
| |
| if ( (i+1) > maxIdx) { /* for first read */ |
| WOLFSSL_MSG("GetLength bad index on input"); |
| return BUFFER_E; |
| } |
| |
| b = input[i++]; |
| if (b >= ASN_LONG_LENGTH) { |
| word32 bytes = b & 0x7F; |
| |
| if ( (i+bytes) > maxIdx) { /* for reading bytes */ |
| WOLFSSL_MSG("GetLength bad long length"); |
| return BUFFER_E; |
| } |
| |
| while (bytes--) { |
| b = input[i++]; |
| length = (length << 8) | b; |
| } |
| } |
| else |
| length = b; |
| |
| if ( (i+length) > maxIdx) { /* for user of length */ |
| WOLFSSL_MSG("GetLength value exceeds buffer length"); |
| return BUFFER_E; |
| } |
| |
| *inOutIdx = i; |
| if (length > 0) |
| *len = length; |
| |
| return length; |
| } |
| |
| |
| WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len, |
| word32 maxIdx) |
| { |
| int length = -1; |
| word32 idx = *inOutIdx; |
| |
| if (input[idx++] != (ASN_SEQUENCE | ASN_CONSTRUCTED) || |
| GetLength(input, &idx, &length, maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| *len = length; |
| *inOutIdx = idx; |
| |
| return length; |
| } |
| |
| |
| WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, |
| word32 maxIdx) |
| { |
| int length = -1; |
| word32 idx = *inOutIdx; |
| |
| if (input[idx++] != (ASN_SET | ASN_CONSTRUCTED) || |
| GetLength(input, &idx, &length, maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| *len = length; |
| *inOutIdx = idx; |
| |
| return length; |
| } |
| |
| |
| /* winodws header clash for WinCE using GetVersion */ |
| WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, int* version) |
| { |
| word32 idx = *inOutIdx; |
| |
| WOLFSSL_ENTER("GetMyVersion"); |
| |
| if (input[idx++] != ASN_INTEGER) |
| return ASN_PARSE_E; |
| |
| if (input[idx++] != 0x01) |
| return ASN_VERSION_E; |
| |
| *version = input[idx++]; |
| *inOutIdx = idx; |
| |
| return *version; |
| } |
| |
| |
| #ifndef NO_PWDBASED |
| /* Get small count integer, 32 bits or less */ |
| static int GetShortInt(const byte* input, word32* inOutIdx, int* number) |
| { |
| word32 idx = *inOutIdx; |
| word32 len; |
| |
| *number = 0; |
| |
| if (input[idx++] != ASN_INTEGER) |
| return ASN_PARSE_E; |
| |
| len = input[idx++]; |
| if (len > 4) |
| return ASN_PARSE_E; |
| |
| while (len--) { |
| *number = *number << 8 | input[idx++]; |
| } |
| |
| *inOutIdx = idx; |
| |
| return *number; |
| } |
| #endif /* !NO_PWDBASED */ |
| |
| |
| /* May not have one, not an error */ |
| static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version) |
| { |
| word32 idx = *inOutIdx; |
| |
| WOLFSSL_ENTER("GetExplicitVersion"); |
| if (input[idx++] == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) { |
| *inOutIdx = ++idx; /* eat header */ |
| return GetMyVersion(input, inOutIdx, version); |
| } |
| |
| /* go back as is */ |
| *version = 0; |
| |
| return 0; |
| } |
| |
| |
| WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, |
| word32 maxIdx) |
| { |
| word32 i = *inOutIdx; |
| byte b = input[i++]; |
| int length; |
| |
| if (b != ASN_INTEGER) |
| return ASN_PARSE_E; |
| |
| if (GetLength(input, &i, &length, maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| if ( (b = input[i++]) == 0x00) |
| length--; |
| else |
| i--; |
| |
| if (mp_init(mpi) != MP_OKAY) |
| return MP_INIT_E; |
| |
| if (mp_read_unsigned_bin(mpi, (byte*)input + i, length) != 0) { |
| mp_clear(mpi); |
| return ASN_GETINT_E; |
| } |
| |
| *inOutIdx = i + length; |
| return 0; |
| } |
| |
| |
| static int GetObjectId(const byte* input, word32* inOutIdx, word32* oid, |
| word32 maxIdx) |
| { |
| int length; |
| word32 i = *inOutIdx; |
| byte b; |
| *oid = 0; |
| |
| b = input[i++]; |
| if (b != ASN_OBJECT_ID) |
| return ASN_OBJECT_ID_E; |
| |
| if (GetLength(input, &i, &length, maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| while(length--) |
| *oid += input[i++]; |
| /* just sum it up for now */ |
| |
| *inOutIdx = i; |
| |
| return 0; |
| } |
| |
| |
| WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, |
| word32 maxIdx) |
| { |
| int length; |
| word32 i = *inOutIdx; |
| byte b; |
| *oid = 0; |
| |
| WOLFSSL_ENTER("GetAlgoId"); |
| |
| if (GetSequence(input, &i, &length, maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| b = input[i++]; |
| if (b != ASN_OBJECT_ID) |
| return ASN_OBJECT_ID_E; |
| |
| if (GetLength(input, &i, &length, maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| while(length--) { |
| /* odd HC08 compiler behavior here when input[i++] */ |
| *oid += input[i]; |
| i++; |
| } |
| /* just sum it up for now */ |
| |
| /* could have NULL tag and 0 terminator, but may not */ |
| b = input[i++]; |
| |
| if (b == ASN_TAG_NULL) { |
| b = input[i++]; |
| if (b != 0) |
| return ASN_EXPECT_0_E; |
| } |
| else |
| /* go back, didn't have it */ |
| i--; |
| |
| *inOutIdx = i; |
| |
| return 0; |
| } |
| |
| #ifndef NO_RSA |
| |
| |
| #ifdef HAVE_CAVIUM |
| |
| static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input, |
| word32* inOutIdx, word32 maxIdx, void* heap) |
| { |
| word32 i = *inOutIdx; |
| byte b = input[i++]; |
| int length; |
| |
| if (b != ASN_INTEGER) |
| return ASN_PARSE_E; |
| |
| if (GetLength(input, &i, &length, maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| if ( (b = input[i++]) == 0x00) |
| length--; |
| else |
| i--; |
| |
| *buffSz = (word16)length; |
| *buff = XMALLOC(*buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA); |
| if (*buff == NULL) |
| return MEMORY_E; |
| |
| XMEMCPY(*buff, input + i, *buffSz); |
| |
| *inOutIdx = i + length; |
| return 0; |
| } |
| |
| static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx, |
| RsaKey* key, word32 inSz) |
| { |
| int version, length; |
| void* h = key->heap; |
| |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetMyVersion(input, inOutIdx, &version) < 0) |
| return ASN_PARSE_E; |
| |
| key->type = RSA_PRIVATE; |
| |
| if (GetCaviumInt(&key->c_n, &key->c_nSz, input, inOutIdx, inSz, h) < 0 || |
| GetCaviumInt(&key->c_e, &key->c_eSz, input, inOutIdx, inSz, h) < 0 || |
| GetCaviumInt(&key->c_d, &key->c_dSz, input, inOutIdx, inSz, h) < 0 || |
| GetCaviumInt(&key->c_p, &key->c_pSz, input, inOutIdx, inSz, h) < 0 || |
| GetCaviumInt(&key->c_q, &key->c_qSz, input, inOutIdx, inSz, h) < 0 || |
| GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 || |
| GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 || |
| GetCaviumInt(&key->c_u, &key->c_uSz, input, inOutIdx, inSz, h) < 0 ) |
| return ASN_RSA_KEY_E; |
| |
| return 0; |
| } |
| |
| |
| #endif /* HAVE_CAVIUM */ |
| |
| int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, |
| word32 inSz) |
| { |
| int version, length; |
| |
| #ifdef HAVE_CAVIUM |
| if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC) |
| return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz); |
| #endif |
| |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetMyVersion(input, inOutIdx, &version) < 0) |
| return ASN_PARSE_E; |
| |
| key->type = RSA_PRIVATE; |
| |
| if (GetInt(&key->n, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->e, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->d, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->p, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->q, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->dP, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->dQ, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E; |
| |
| return 0; |
| } |
| |
| #endif /* NO_RSA */ |
| |
| /* Remove PKCS8 header, move beginning of traditional to beginning of input */ |
| int ToTraditional(byte* input, word32 sz) |
| { |
| word32 inOutIdx = 0, oid; |
| int version, length; |
| |
| if (GetSequence(input, &inOutIdx, &length, sz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetMyVersion(input, &inOutIdx, &version) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) |
| return ASN_PARSE_E; |
| |
| if (input[inOutIdx] == ASN_OBJECT_ID) { |
| /* pkcs8 ecc uses slightly different format */ |
| inOutIdx++; /* past id */ |
| if (GetLength(input, &inOutIdx, &length, sz) < 0) |
| return ASN_PARSE_E; |
| inOutIdx += length; /* over sub id, key input will verify */ |
| } |
| |
| if (input[inOutIdx++] != ASN_OCTET_STRING) |
| return ASN_PARSE_E; |
| |
| if (GetLength(input, &inOutIdx, &length, sz) < 0) |
| return ASN_PARSE_E; |
| |
| XMEMMOVE(input, input + inOutIdx, length); |
| |
| return length; |
| } |
| |
| |
| #ifndef NO_PWDBASED |
| |
| /* Check To see if PKCS version algo is supported, set id if it is return 0 |
| < 0 on error */ |
| static int CheckAlgo(int first, int second, int* id, int* version) |
| { |
| *id = ALGO_ID_E; |
| *version = PKCS5; /* default */ |
| |
| if (first == 1) { |
| switch (second) { |
| case 1: |
| *id = PBE_SHA1_RC4_128; |
| *version = PKCS12; |
| return 0; |
| case 3: |
| *id = PBE_SHA1_DES3; |
| *version = PKCS12; |
| return 0; |
| default: |
| return ALGO_ID_E; |
| } |
| } |
| |
| if (first != PKCS5) |
| return ASN_INPUT_E; /* VERSION ERROR */ |
| |
| if (second == PBES2) { |
| *version = PKCS5v2; |
| return 0; |
| } |
| |
| switch (second) { |
| case 3: /* see RFC 2898 for ids */ |
| *id = PBE_MD5_DES; |
| return 0; |
| case 10: |
| *id = PBE_SHA1_DES; |
| return 0; |
| default: |
| return ALGO_ID_E; |
| |
| } |
| } |
| |
| |
| /* Check To see if PKCS v2 algo is supported, set id if it is return 0 |
| < 0 on error */ |
| static int CheckAlgoV2(int oid, int* id) |
| { |
| switch (oid) { |
| case 69: |
| *id = PBE_SHA1_DES; |
| return 0; |
| case 652: |
| *id = PBE_SHA1_DES3; |
| return 0; |
| default: |
| return ALGO_ID_E; |
| |
| } |
| } |
| |
| |
| /* Decrypt intput in place from parameters based on id */ |
| static int DecryptKey(const char* password, int passwordSz, byte* salt, |
| int saltSz, int iterations, int id, byte* input, |
| int length, int version, byte* cbcIv) |
| { |
| int typeH; |
| int derivedLen; |
| int decryptionType; |
| int ret = 0; |
| #ifdef WOLFSSL_SMALL_STACK |
| byte* key; |
| #else |
| byte key[MAX_KEY_SIZE]; |
| #endif |
| |
| switch (id) { |
| case PBE_MD5_DES: |
| typeH = MD5; |
| derivedLen = 16; /* may need iv for v1.5 */ |
| decryptionType = DES_TYPE; |
| break; |
| |
| case PBE_SHA1_DES: |
| typeH = SHA; |
| derivedLen = 16; /* may need iv for v1.5 */ |
| decryptionType = DES_TYPE; |
| break; |
| |
| case PBE_SHA1_DES3: |
| typeH = SHA; |
| derivedLen = 32; /* may need iv for v1.5 */ |
| decryptionType = DES3_TYPE; |
| break; |
| |
| case PBE_SHA1_RC4_128: |
| typeH = SHA; |
| derivedLen = 16; |
| decryptionType = RC4_TYPE; |
| break; |
| |
| default: |
| return ALGO_ID_E; |
| } |
| |
| #ifdef WOLFSSL_SMALL_STACK |
| key = (byte*)XMALLOC(MAX_KEY_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| if (key == NULL) |
| return MEMORY_E; |
| #endif |
| |
| if (version == PKCS5v2) |
| ret = wc_PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations, |
| derivedLen, typeH); |
| #ifndef NO_SHA |
| else if (version == PKCS5) |
| ret = wc_PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations, |
| derivedLen, typeH); |
| #endif |
| else if (version == PKCS12) { |
| int i, idx = 0; |
| byte unicodePasswd[MAX_UNICODE_SZ]; |
| |
| if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return UNICODE_SIZE_E; |
| } |
| |
| for (i = 0; i < passwordSz; i++) { |
| unicodePasswd[idx++] = 0x00; |
| unicodePasswd[idx++] = (byte)password[i]; |
| } |
| /* add trailing NULL */ |
| unicodePasswd[idx++] = 0x00; |
| unicodePasswd[idx++] = 0x00; |
| |
| ret = wc_PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz, |
| iterations, derivedLen, typeH, 1); |
| if (decryptionType != RC4_TYPE) |
| ret += wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz, |
| iterations, 8, typeH, 2); |
| } |
| else { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ALGO_ID_E; |
| } |
| |
| if (ret != 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ret; |
| } |
| |
| switch (decryptionType) { |
| #ifndef NO_DES3 |
| case DES_TYPE: |
| { |
| Des dec; |
| byte* desIv = key + 8; |
| |
| if (version == PKCS5v2 || version == PKCS12) |
| desIv = cbcIv; |
| |
| ret = wc_Des_SetKey(&dec, key, desIv, DES_DECRYPTION); |
| if (ret != 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ret; |
| } |
| |
| wc_Des_CbcDecrypt(&dec, input, input, length); |
| break; |
| } |
| |
| case DES3_TYPE: |
| { |
| Des3 dec; |
| byte* desIv = key + 24; |
| |
| if (version == PKCS5v2 || version == PKCS12) |
| desIv = cbcIv; |
| ret = wc_Des3_SetKey(&dec, key, desIv, DES_DECRYPTION); |
| if (ret != 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ret; |
| } |
| ret = wc_Des3_CbcDecrypt(&dec, input, input, length); |
| if (ret != 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ret; |
| } |
| break; |
| } |
| #endif |
| #ifndef NO_RC4 |
| case RC4_TYPE: |
| { |
| Arc4 dec; |
| |
| wc_Arc4SetKey(&dec, key, derivedLen); |
| wc_Arc4Process(&dec, input, input, length); |
| break; |
| } |
| #endif |
| |
| default: |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ALGO_ID_E; |
| } |
| |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| |
| return 0; |
| } |
| |
| |
| /* Remove Encrypted PKCS8 header, move beginning of traditional to beginning |
| of input */ |
| int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz) |
| { |
| word32 inOutIdx = 0, oid; |
| int first, second, length, version, saltSz, id; |
| int iterations = 0; |
| #ifdef WOLFSSL_SMALL_STACK |
| byte* salt = NULL; |
| byte* cbcIv = NULL; |
| #else |
| byte salt[MAX_SALT_SIZE]; |
| byte cbcIv[MAX_IV_SIZE]; |
| #endif |
| |
| if (GetSequence(input, &inOutIdx, &length, sz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) |
| return ASN_PARSE_E; |
| |
| first = input[inOutIdx - 2]; /* PKCS version alwyas 2nd to last byte */ |
| second = input[inOutIdx - 1]; /* version.algo, algo id last byte */ |
| |
| if (CheckAlgo(first, second, &id, &version) < 0) |
| return ASN_INPUT_E; /* Algo ID error */ |
| |
| if (version == PKCS5v2) { |
| |
| if (GetSequence(input, &inOutIdx, &length, sz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) |
| return ASN_PARSE_E; |
| |
| if (oid != PBKDF2_OID) |
| return ASN_PARSE_E; |
| } |
| |
| if (GetSequence(input, &inOutIdx, &length, sz) < 0) |
| return ASN_PARSE_E; |
| |
| if (input[inOutIdx++] != ASN_OCTET_STRING) |
| return ASN_PARSE_E; |
| |
| if (GetLength(input, &inOutIdx, &saltSz, sz) < 0) |
| return ASN_PARSE_E; |
| |
| if (saltSz > MAX_SALT_SIZE) |
| return ASN_PARSE_E; |
| |
| #ifdef WOLFSSL_SMALL_STACK |
| salt = (byte*)XMALLOC(MAX_SALT_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| if (salt == NULL) |
| return MEMORY_E; |
| #endif |
| |
| XMEMCPY(salt, &input[inOutIdx], saltSz); |
| inOutIdx += saltSz; |
| |
| if (GetShortInt(input, &inOutIdx, &iterations) < 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; |
| } |
| |
| #ifdef WOLFSSL_SMALL_STACK |
| cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| if (cbcIv == NULL) { |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| return MEMORY_E; |
| } |
| #endif |
| |
| if (version == PKCS5v2) { |
| /* get encryption algo */ |
| if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; |
| } |
| |
| if (CheckAlgoV2(oid, &id) < 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; /* PKCS v2 algo id error */ |
| } |
| |
| if (input[inOutIdx++] != ASN_OCTET_STRING) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; |
| } |
| |
| if (GetLength(input, &inOutIdx, &length, sz) < 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; |
| } |
| |
| XMEMCPY(cbcIv, &input[inOutIdx], length); |
| inOutIdx += length; |
| } |
| |
| if (input[inOutIdx++] != ASN_OCTET_STRING) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; |
| } |
| |
| if (GetLength(input, &inOutIdx, &length, sz) < 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; |
| } |
| |
| if (DecryptKey(password, passwordSz, salt, saltSz, iterations, id, |
| input + inOutIdx, length, version, cbcIv) < 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_INPUT_E; /* decrypt failure */ |
| } |
| |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| |
| XMEMMOVE(input, input + inOutIdx, length); |
| return ToTraditional(input, length); |
| } |
| |
| #endif /* NO_PWDBASED */ |
| |
| #ifndef NO_RSA |
| |
| int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, |
| word32 inSz) |
| { |
| int length; |
| |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| key->type = RSA_PUBLIC; |
| |
| #if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA) |
| { |
| byte b = input[*inOutIdx]; |
| if (b != ASN_INTEGER) { |
| /* not from decoded cert, will have algo id, skip past */ |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| b = input[(*inOutIdx)++]; |
| if (b != ASN_OBJECT_ID) |
| return ASN_OBJECT_ID_E; |
| |
| if (GetLength(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| *inOutIdx += length; /* skip past */ |
| |
| /* could have NULL tag and 0 terminator, but may not */ |
| b = input[(*inOutIdx)++]; |
| |
| if (b == ASN_TAG_NULL) { |
| b = input[(*inOutIdx)++]; |
| if (b != 0) |
| return ASN_EXPECT_0_E; |
| } |
| else |
| /* go back, didn't have it */ |
| (*inOutIdx)--; |
| |
| /* should have bit tag length and seq next */ |
| b = input[(*inOutIdx)++]; |
| if (b != ASN_BIT_STRING) |
| return ASN_BITSTR_E; |
| |
| if (GetLength(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| /* could have 0 */ |
| b = input[(*inOutIdx)++]; |
| if (b != 0) |
| (*inOutIdx)--; |
| |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| } /* end if */ |
| } /* openssl var block */ |
| #endif /* OPENSSL_EXTRA */ |
| |
| if (GetInt(&key->n, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->e, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E; |
| |
| return 0; |
| } |
| |
| /* import RSA public key elements (n, e) into RsaKey structure (key) */ |
| int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e, |
| word32 eSz, RsaKey* key) |
| { |
| if (n == NULL || e == NULL || key == NULL) |
| return BAD_FUNC_ARG; |
| |
| key->type = RSA_PUBLIC; |
| |
| if (mp_init(&key->n) != MP_OKAY) |
| return MP_INIT_E; |
| |
| if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) { |
| mp_clear(&key->n); |
| return ASN_GETINT_E; |
| } |
| |
| if (mp_init(&key->e) != MP_OKAY) { |
| mp_clear(&key->n); |
| return MP_INIT_E; |
| } |
| |
| if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) { |
| mp_clear(&key->n); |
| mp_clear(&key->e); |
| return ASN_GETINT_E; |
| } |
| |
| return 0; |
| } |
| |
| #endif |
| |
| #ifndef NO_DH |
| |
| int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz) |
| { |
| int length; |
| |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetInt(&key->p, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->g, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E; |
| |
| return 0; |
| } |
| |
| |
| int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz, |
| byte* g, word32* gInOutSz) |
| { |
| word32 i = 0; |
| byte b; |
| int length; |
| |
| if (GetSequence(input, &i, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| b = input[i++]; |
| if (b != ASN_INTEGER) |
| return ASN_PARSE_E; |
| |
| if (GetLength(input, &i, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| if ( (b = input[i++]) == 0x00) |
| length--; |
| else |
| i--; |
| |
| if (length <= (int)*pInOutSz) { |
| XMEMCPY(p, &input[i], length); |
| *pInOutSz = length; |
| } |
| else |
| return BUFFER_E; |
| |
| i += length; |
| |
| b = input[i++]; |
| if (b != ASN_INTEGER) |
| return ASN_PARSE_E; |
| |
| if (GetLength(input, &i, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| if (length <= (int)*gInOutSz) { |
| XMEMCPY(g, &input[i], length); |
| *gInOutSz = length; |
| } |
| else |
| return BUFFER_E; |
| |
| return 0; |
| } |
| |
| #endif /* NO_DH */ |
| |
| |
| #ifndef NO_DSA |
| |
| int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key, |
| word32 inSz) |
| { |
| int length; |
| |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetInt(&key->p, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->q, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->g, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->y, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E; |
| |
| key->type = DSA_PUBLIC; |
| return 0; |
| } |
| |
| |
| int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key, |
| word32 inSz) |
| { |
| int length, version; |
| |
| if (GetSequence(input, inOutIdx, &length, inSz) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetMyVersion(input, inOutIdx, &version) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetInt(&key->p, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->q, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->g, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->y, input, inOutIdx, inSz) < 0 || |
| GetInt(&key->x, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E; |
| |
| key->type = DSA_PRIVATE; |
| return 0; |
| } |
| |
| #endif /* NO_DSA */ |
| |
| |
| void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) |
| { |
| cert->publicKey = 0; |
| cert->pubKeySize = 0; |
| cert->pubKeyStored = 0; |
| cert->version = 0; |
| cert->signature = 0; |
| cert->subjectCN = 0; |
| cert->subjectCNLen = 0; |
| cert->subjectCNEnc = CTC_UTF8; |
| cert->subjectCNStored = 0; |
| cert->weOwnAltNames = 0; |
| cert->altNames = NULL; |
| #ifndef IGNORE_NAME_CONSTRAINTS |
| cert->altEmailNames = NULL; |
| cert->permittedNames = NULL; |
| cert->excludedNames = NULL; |
| #endif /* IGNORE_NAME_CONSTRAINTS */ |
| cert->issuer[0] = '\0'; |
| cert->subject[0] = '\0'; |
| cert->source = source; /* don't own */ |
| cert->srcIdx = 0; |
| cert->maxIdx = inSz; /* can't go over this index */ |
| cert->heap = heap; |
| XMEMSET(cert->serial, 0, EXTERNAL_SERIAL_SIZE); |
| cert->serialSz = 0; |
| cert->extensions = 0; |
| cert->extensionsSz = 0; |
| cert->extensionsIdx = 0; |
| cert->extAuthInfo = NULL; |
| cert->extAuthInfoSz = 0; |
| cert->extCrlInfo = NULL; |
| cert->extCrlInfoSz = 0; |
| XMEMSET(cert->extSubjKeyId, 0, KEYID_SIZE); |
| cert->extSubjKeyIdSet = 0; |
| XMEMSET(cert->extAuthKeyId, 0, KEYID_SIZE); |
| cert->extAuthKeyIdSet = 0; |
| cert->extKeyUsageSet = 0; |
| cert->extKeyUsage = 0; |
| cert->extExtKeyUsageSet = 0; |
| cert->extExtKeyUsage = 0; |
| cert->isCA = 0; |
| #ifdef HAVE_PKCS7 |
| cert->issuerRaw = NULL; |
| cert->issuerRawLen = 0; |
| #endif |
| #ifdef WOLFSSL_CERT_GEN |
| cert->subjectSN = 0; |
| cert->subjectSNLen = 0; |
| cert->subjectSNEnc = CTC_UTF8; |
| cert->subjectC = 0; |
| cert->subjectCLen = 0; |
| cert->subjectCEnc = CTC_PRINTABLE; |
| cert->subjectL = 0; |
| cert->subjectLLen = 0; |
| cert->subjectLEnc = CTC_UTF8; |
| cert->subjectST = 0; |
| cert->subjectSTLen = 0; |
| cert->subjectSTEnc = CTC_UTF8; |
| cert->subjectO = 0; |
| cert->subjectOLen = 0; |
| cert->subjectOEnc = CTC_UTF8; |
| cert->subjectOU = 0; |
| cert->subjectOULen = 0; |
| cert->subjectOUEnc = CTC_UTF8; |
| cert->subjectEmail = 0; |
| cert->subjectEmailLen = 0; |
| #endif /* WOLFSSL_CERT_GEN */ |
| cert->beforeDate = NULL; |
| cert->beforeDateLen = 0; |
| cert->afterDate = NULL; |
| cert->afterDateLen = 0; |
| #ifdef OPENSSL_EXTRA |
| XMEMSET(&cert->issuerName, 0, sizeof(DecodedName)); |
| XMEMSET(&cert->subjectName, 0, sizeof(DecodedName)); |
| cert->extBasicConstSet = 0; |
| cert->extBasicConstCrit = 0; |
| cert->extBasicConstPlSet = 0; |
| cert->pathLength = 0; |
| cert->extSubjAltNameSet = 0; |
| cert->extSubjAltNameCrit = 0; |
| cert->extAuthKeyIdCrit = 0; |
| cert->extSubjKeyIdCrit = 0; |
| cert->extKeyUsageCrit = 0; |
| cert->extExtKeyUsageCrit = 0; |
| cert->extExtKeyUsageSrc = NULL; |
| cert->extExtKeyUsageSz = 0; |
| cert->extExtKeyUsageCount = 0; |
| cert->extAuthKeyIdSrc = NULL; |
| cert->extAuthKeyIdSz = 0; |
| cert->extSubjKeyIdSrc = NULL; |
| cert->extSubjKeyIdSz = 0; |
| #endif /* OPENSSL_EXTRA */ |
| #if defined(OPENSSL_EXTRA) || !defined(IGNORE_NAME_CONSTRAINTS) |
| cert->extNameConstraintSet = 0; |
| #endif /* OPENSSL_EXTRA || !IGNORE_NAME_CONSTRAINTS */ |
| #ifdef HAVE_ECC |
| cert->pkCurveOID = 0; |
| #endif /* HAVE_ECC */ |
| #ifdef WOLFSSL_SEP |
| cert->deviceTypeSz = 0; |
| cert->deviceType = NULL; |
| cert->hwTypeSz = 0; |
| cert->hwType = NULL; |
| cert->hwSerialNumSz = 0; |
| cert->hwSerialNum = NULL; |
| #ifdef OPENSSL_EXTRA |
| cert->extCertPolicySet = 0; |
| cert->extCertPolicyCrit = 0; |
| #endif /* OPENSSL_EXTRA */ |
| #endif /* WOLFSSL_SEP */ |
| } |
| |
| |
| void FreeAltNames(DNS_entry* altNames, void* heap) |
| { |
| (void)heap; |
| |
| while (altNames) { |
| DNS_entry* tmp = altNames->next; |
| |
| XFREE(altNames->name, heap, DYNAMIC_TYPE_ALTNAME); |
| XFREE(altNames, heap, DYNAMIC_TYPE_ALTNAME); |
| altNames = tmp; |
| } |
| } |
| |
| #ifndef IGNORE_NAME_CONSTRAINTS |
| |
| void FreeNameSubtrees(Base_entry* names, void* heap) |
| { |
| (void)heap; |
| |
| while (names) { |
| Base_entry* tmp = names->next; |
| |
| XFREE(names->name, heap, DYNAMIC_TYPE_ALTNAME); |
| XFREE(names, heap, DYNAMIC_TYPE_ALTNAME); |
| names = tmp; |
| } |
| } |
| |
| #endif /* IGNORE_NAME_CONSTRAINTS */ |
| |
| void FreeDecodedCert(DecodedCert* cert) |
| { |
| if (cert->subjectCNStored == 1) |
| XFREE(cert->subjectCN, cert->heap, DYNAMIC_TYPE_SUBJECT_CN); |
| if (cert->pubKeyStored == 1) |
| XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); |
| if (cert->weOwnAltNames && cert->altNames) |
| FreeAltNames(cert->altNames, cert->heap); |
| #ifndef IGNORE_NAME_CONSTRAINTS |
| if (cert->altEmailNames) |
| FreeAltNames(cert->altEmailNames, cert->heap); |
| if (cert->permittedNames) |
| FreeNameSubtrees(cert->permittedNames, cert->heap); |
| if (cert->excludedNames) |
| FreeNameSubtrees(cert->excludedNames, cert->heap); |
| #endif /* IGNORE_NAME_CONSTRAINTS */ |
| #ifdef WOLFSSL_SEP |
| XFREE(cert->deviceType, cert->heap, 0); |
| XFREE(cert->hwType, cert->heap, 0); |
| XFREE(cert->hwSerialNum, cert->heap, 0); |
| #endif /* WOLFSSL_SEP */ |
| #ifdef OPENSSL_EXTRA |
| if (cert->issuerName.fullName != NULL) |
| XFREE(cert->issuerName.fullName, NULL, DYNAMIC_TYPE_X509); |
| if (cert->subjectName.fullName != NULL) |
| XFREE(cert->subjectName.fullName, NULL, DYNAMIC_TYPE_X509); |
| #endif /* OPENSSL_EXTRA */ |
| } |
| |
| |
| static int GetCertHeader(DecodedCert* cert) |
| { |
| int ret = 0, len; |
| byte serialTmp[EXTERNAL_SERIAL_SIZE]; |
| #if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH) |
| mp_int* mpi = NULL; |
| #else |
| mp_int stack_mpi; |
| mp_int* mpi = &stack_mpi; |
| #endif |
| |
| if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| cert->certBegin = cert->srcIdx; |
| |
| if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| cert->sigIndex = len + cert->srcIdx; |
| |
| if (GetExplicitVersion(cert->source, &cert->srcIdx, &cert->version) < 0) |
| return ASN_PARSE_E; |
| |
| #if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH) |
| mpi = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| if (mpi == NULL) |
| return MEMORY_E; |
| #endif |
| |
| if (GetInt(mpi, cert->source, &cert->srcIdx, cert->maxIdx) < 0) { |
| #if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH) |
| XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_PARSE_E; |
| } |
| |
| len = mp_unsigned_bin_size(mpi); |
| if (len < (int)sizeof(serialTmp)) { |
| if ( (ret = mp_to_unsigned_bin(mpi, serialTmp)) == MP_OKAY) { |
| XMEMCPY(cert->serial, serialTmp, len); |
| cert->serialSz = len; |
| } |
| } |
| mp_clear(mpi); |
| |
| #if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH) |
| XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| |
| return ret; |
| } |
| |
| #if !defined(NO_RSA) |
| /* Store Rsa Key, may save later, Dsa could use in future */ |
| static int StoreRsaKey(DecodedCert* cert) |
| { |
| int length; |
| word32 recvd = cert->srcIdx; |
| |
| if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| recvd = cert->srcIdx - recvd; |
| length += recvd; |
| |
| while (recvd--) |
| cert->srcIdx--; |
| |
| cert->pubKeySize = length; |
| cert->publicKey = cert->source + cert->srcIdx; |
| cert->srcIdx += length; |
| |
| return 0; |
| } |
| #endif |
| |
| |
| #ifdef HAVE_ECC |
| |
| /* return 0 on sucess if the ECC curve oid sum is supported */ |
| static int CheckCurve(word32 oid) |
| { |
| int ret = 0; |
| |
| switch (oid) { |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC160) |
| case ECC_160R1: |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC192) |
| case ECC_192R1: |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC224) |
| case ECC_224R1: |
| #endif |
| #if defined(HAVE_ALL_CURVES) || !defined(NO_ECC256) |
| case ECC_256R1: |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC384) |
| case ECC_384R1: |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC521) |
| case ECC_521R1: |
| #endif |
| break; |
| |
| default: |
| ret = ALGO_ID_E; |
| } |
| |
| return ret; |
| } |
| |
| #endif /* HAVE_ECC */ |
| |
| |
| static int GetKey(DecodedCert* cert) |
| { |
| int length; |
| #ifdef HAVE_NTRU |
| int tmpIdx = cert->srcIdx; |
| #endif |
| |
| if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetAlgoId(cert->source, &cert->srcIdx, &cert->keyOID, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| switch (cert->keyOID) { |
| #ifndef NO_RSA |
| case RSAk: |
| { |
| byte b = cert->source[cert->srcIdx++]; |
| if (b != ASN_BIT_STRING) |
| return ASN_BITSTR_E; |
| |
| if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| b = cert->source[cert->srcIdx++]; |
| if (b != 0x00) |
| return ASN_EXPECT_0_E; |
| |
| return StoreRsaKey(cert); |
| } |
| |
| #endif /* NO_RSA */ |
| #ifdef HAVE_NTRU |
| case NTRUk: |
| { |
| const byte* key = &cert->source[tmpIdx]; |
| byte* next = (byte*)key; |
| word16 keyLen; |
| word32 rc; |
| word32 remaining = cert->maxIdx - cert->srcIdx; |
| #ifdef WOLFSSL_SMALL_STACK |
| byte* keyBlob = NULL; |
| #else |
| byte keyBlob[MAX_NTRU_KEY_SZ]; |
| #endif |
| rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key, |
| &keyLen, NULL, &next, &remaining); |
| if (rc != NTRU_OK) |
| return ASN_NTRU_KEY_E; |
| if (keyLen > MAX_NTRU_KEY_SZ) |
| return ASN_NTRU_KEY_E; |
| |
| #ifdef WOLFSSL_SMALL_STACK |
| keyBlob = (byte*)XMALLOC(MAX_NTRU_KEY_SZ, NULL, |
| DYNAMIC_TYPE_TMP_BUFFER); |
| if (keyBlob == NULL) |
| return MEMORY_E; |
| #endif |
| |
| rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key, |
| &keyLen, keyBlob, &next, &remaining); |
| if (rc != NTRU_OK) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_NTRU_KEY_E; |
| } |
| |
| if ( (next - key) < 0) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return ASN_NTRU_KEY_E; |
| } |
| |
| cert->srcIdx = tmpIdx + (int)(next - key); |
| |
| cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap, |
| DYNAMIC_TYPE_PUBLIC_KEY); |
| if (cert->publicKey == NULL) { |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| return MEMORY_E; |
| } |
| XMEMCPY(cert->publicKey, keyBlob, keyLen); |
| cert->pubKeyStored = 1; |
| cert->pubKeySize = keyLen; |
| |
| #ifdef WOLFSSL_SMALL_STACK |
| XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
| #endif |
| |
| return 0; |
| } |
| #endif /* HAVE_NTRU */ |
| #ifdef HAVE_ECC |
| case ECDSAk: |
| { |
| int oidSz = 0; |
| byte b = cert->source[cert->srcIdx++]; |
| |
| if (b != ASN_OBJECT_ID) |
| return ASN_OBJECT_ID_E; |
| |
| if (GetLength(cert->source,&cert->srcIdx,&oidSz,cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| while(oidSz--) |
| cert->pkCurveOID += cert->source[cert->srcIdx++]; |
| |
| if (CheckCurve(cert->pkCurveOID) < 0) |
| return ECC_CURVE_OID_E; |
| |
| /* key header */ |
| b = cert->source[cert->srcIdx++]; |
| if (b != ASN_BIT_STRING) |
| return ASN_BITSTR_E; |
| |
| if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| b = cert->source[cert->srcIdx++]; |
| if (b != 0x00) |
| return ASN_EXPECT_0_E; |
| |
| /* actual key, use length - 1 since ate preceding 0 */ |
| length -= 1; |
| |
| cert->publicKey = (byte*) XMALLOC(length, cert->heap, |
| DYNAMIC_TYPE_PUBLIC_KEY); |
| if (cert->publicKey == NULL) |
| return MEMORY_E; |
| XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length); |
| cert->pubKeyStored = 1; |
| cert->pubKeySize = length; |
| |
| cert->srcIdx += length; |
| |
| return 0; |
| } |
| #endif /* HAVE_ECC */ |
| default: |
| return ASN_UNKNOWN_OID_E; |
| } |
| } |
| |
| |
| /* process NAME, either issuer or subject */ |
| static int GetName(DecodedCert* cert, int nameType) |
| { |
| int length; /* length of all distinguished names */ |
| int dummy; |
| int ret; |
| char* full; |
| byte* hash; |
| word32 idx; |
| #ifdef OPENSSL_EXTRA |
| DecodedName* dName = |
| (nameType == ISSUER) ? &cert->issuerName : &cert->subjectName; |
| #endif /* OPENSSL_EXTRA */ |
| |
| WOLFSSL_MSG("Getting Cert Name"); |
| |
| if (nameType == ISSUER) { |
| full = cert->issuer; |
| hash = cert->issuerHash; |
| } |
| else { |
| full = cert->subject; |
| hash = cert->subjectHash; |
| } |
| |
| if (cert->source[cert->srcIdx] == ASN_OBJECT_ID) { |
| WOLFSSL_MSG("Trying optional prefix..."); |
| |
| if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| cert->srcIdx += length; |
| WOLFSSL_MSG("Got optional prefix"); |
| } |
| |
| /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be |
| * calculated over the entire DER encoding of the Name field, including |
| * the tag and length. */ |
| idx = cert->srcIdx; |
| if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| #ifdef NO_SHA |
| ret = wc_Sha256Hash(&cert->source[idx], length + cert->srcIdx - idx, hash); |
| #else |
| ret = wc_ShaHash(&cert->source[idx], length + cert->srcIdx - idx, hash); |
| #endif |
| if (ret != 0) |
| return ret; |
| |
| length += cert->srcIdx; |
| idx = 0; |
| |
| #ifdef HAVE_PKCS7 |
| /* store pointer to raw issuer */ |
| if (nameType == ISSUER) { |
| cert->issuerRaw = &cert->source[cert->srcIdx]; |
| cert->issuerRawLen = length - cert->srcIdx; |
| } |
| #endif |
| #ifndef IGNORE_NAME_CONSTRAINTS |
| if (nameType == SUBJECT) { |
| cert->subjectRaw = &cert->source[cert->srcIdx]; |
| cert->subjectRawLen = length - cert->srcIdx; |
| } |
| #endif |
| |
| while (cert->srcIdx < (word32)length) { |
| byte b; |
| byte joint[2]; |
| byte tooBig = FALSE; |
| int oidSz; |
| |
| if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) { |
| WOLFSSL_MSG("Cert name lacks set header, trying sequence"); |
| } |
| |
| if (GetSequence(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| b = cert->source[cert->srcIdx++]; |
| if (b != ASN_OBJECT_ID) |
| return ASN_OBJECT_ID_E; |
| |
| if (GetLength(cert->source, &cert->srcIdx, &oidSz, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| XMEMCPY(joint, &cert->source[cert->srcIdx], sizeof(joint)); |
| |
| /* v1 name types */ |
| if (joint[0] == 0x55 && joint[1] == 0x04) { |
| byte id; |
| byte copy = FALSE; |
| int strLen; |
| |
| cert->srcIdx += 2; |
| id = cert->source[cert->srcIdx++]; |
| b = cert->source[cert->srcIdx++]; /* encoding */ |
| |
| if (GetLength(cert->source, &cert->srcIdx, &strLen, |
| cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| if ( (strLen + 14) > (int)(ASN_NAME_MAX - idx)) { |
| /* include biggest pre fix header too 4 = "/serialNumber=" */ |
| WOLFSSL_MSG("ASN Name too big, skipping"); |
| tooBig = TRUE; |
| } |
| |
| if (id == ASN_COMMON_NAME) { |
| if (nameType == SUBJECT) { |
| cert->subjectCN = (char *)&cert->source[cert->srcIdx]; |
| cert->subjectCNLen = strLen; |
| cert->subjectCNEnc = b; |
| } |
| |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/CN=", 4); |
| idx += 4; |
| copy = TRUE; |
| } |
| #ifdef OPENSSL_EXTRA |
| dName->cnIdx = cert->srcIdx; |
| dName->cnLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| else if (id == ASN_SUR_NAME) { |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/SN=", 4); |
| idx += 4; |
| copy = TRUE; |
| } |
| #ifdef WOLFSSL_CERT_GEN |
| if (nameType == SUBJECT) { |
| cert->subjectSN = (char*)&cert->source[cert->srcIdx]; |
| cert->subjectSNLen = strLen; |
| cert->subjectSNEnc = b; |
| } |
| #endif /* WOLFSSL_CERT_GEN */ |
| #ifdef OPENSSL_EXTRA |
| dName->snIdx = cert->srcIdx; |
| dName->snLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| else if (id == ASN_COUNTRY_NAME) { |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/C=", 3); |
| idx += 3; |
| copy = TRUE; |
| } |
| #ifdef WOLFSSL_CERT_GEN |
| if (nameType == SUBJECT) { |
| cert->subjectC = (char*)&cert->source[cert->srcIdx]; |
| cert->subjectCLen = strLen; |
| cert->subjectCEnc = b; |
| } |
| #endif /* WOLFSSL_CERT_GEN */ |
| #ifdef OPENSSL_EXTRA |
| dName->cIdx = cert->srcIdx; |
| dName->cLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| else if (id == ASN_LOCALITY_NAME) { |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/L=", 3); |
| idx += 3; |
| copy = TRUE; |
| } |
| #ifdef WOLFSSL_CERT_GEN |
| if (nameType == SUBJECT) { |
| cert->subjectL = (char*)&cert->source[cert->srcIdx]; |
| cert->subjectLLen = strLen; |
| cert->subjectLEnc = b; |
| } |
| #endif /* WOLFSSL_CERT_GEN */ |
| #ifdef OPENSSL_EXTRA |
| dName->lIdx = cert->srcIdx; |
| dName->lLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| else if (id == ASN_STATE_NAME) { |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/ST=", 4); |
| idx += 4; |
| copy = TRUE; |
| } |
| #ifdef WOLFSSL_CERT_GEN |
| if (nameType == SUBJECT) { |
| cert->subjectST = (char*)&cert->source[cert->srcIdx]; |
| cert->subjectSTLen = strLen; |
| cert->subjectSTEnc = b; |
| } |
| #endif /* WOLFSSL_CERT_GEN */ |
| #ifdef OPENSSL_EXTRA |
| dName->stIdx = cert->srcIdx; |
| dName->stLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| else if (id == ASN_ORG_NAME) { |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/O=", 3); |
| idx += 3; |
| copy = TRUE; |
| } |
| #ifdef WOLFSSL_CERT_GEN |
| if (nameType == SUBJECT) { |
| cert->subjectO = (char*)&cert->source[cert->srcIdx]; |
| cert->subjectOLen = strLen; |
| cert->subjectOEnc = b; |
| } |
| #endif /* WOLFSSL_CERT_GEN */ |
| #ifdef OPENSSL_EXTRA |
| dName->oIdx = cert->srcIdx; |
| dName->oLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| else if (id == ASN_ORGUNIT_NAME) { |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/OU=", 4); |
| idx += 4; |
| copy = TRUE; |
| } |
| #ifdef WOLFSSL_CERT_GEN |
| if (nameType == SUBJECT) { |
| cert->subjectOU = (char*)&cert->source[cert->srcIdx]; |
| cert->subjectOULen = strLen; |
| cert->subjectOUEnc = b; |
| } |
| #endif /* WOLFSSL_CERT_GEN */ |
| #ifdef OPENSSL_EXTRA |
| dName->ouIdx = cert->srcIdx; |
| dName->ouLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| else if (id == ASN_SERIAL_NUMBER) { |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/serialNumber=", 14); |
| idx += 14; |
| copy = TRUE; |
| } |
| #ifdef OPENSSL_EXTRA |
| dName->snIdx = cert->srcIdx; |
| dName->snLen = strLen; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| |
| if (copy && !tooBig) { |
| XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen); |
| idx += strLen; |
| } |
| |
| cert->srcIdx += strLen; |
| } |
| else { |
| /* skip */ |
| byte email = FALSE; |
| byte uid = FALSE; |
| int adv; |
| |
| if (joint[0] == 0x2a && joint[1] == 0x86) /* email id hdr */ |
| email = TRUE; |
| |
| if (joint[0] == 0x9 && joint[1] == 0x92) /* uid id hdr */ |
| uid = TRUE; |
| |
| cert->srcIdx += oidSz + 1; |
| |
| if (GetLength(cert->source, &cert->srcIdx, &adv, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| if (adv > (int)(ASN_NAME_MAX - idx)) { |
| WOLFSSL_MSG("ASN name too big, skipping"); |
| tooBig = TRUE; |
| } |
| |
| if (email) { |
| if ( (14 + adv) > (int)(ASN_NAME_MAX - idx)) { |
| WOLFSSL_MSG("ASN name too big, skipping"); |
| tooBig = TRUE; |
| } |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/emailAddress=", 14); |
| idx += 14; |
| } |
| |
| #ifdef WOLFSSL_CERT_GEN |
| if (nameType == SUBJECT) { |
| cert->subjectEmail = (char*)&cert->source[cert->srcIdx]; |
| cert->subjectEmailLen = adv; |
| } |
| #endif /* WOLFSSL_CERT_GEN */ |
| #ifdef OPENSSL_EXTRA |
| dName->emailIdx = cert->srcIdx; |
| dName->emailLen = adv; |
| #endif /* OPENSSL_EXTRA */ |
| #ifndef IGNORE_NAME_CONSTRAINTS |
| { |
| DNS_entry* emailName = NULL; |
| |
| emailName = (DNS_entry*)XMALLOC(sizeof(DNS_entry), |
| cert->heap, DYNAMIC_TYPE_ALTNAME); |
| if (emailName == NULL) { |
| WOLFSSL_MSG("\tOut of Memory"); |
| return MEMORY_E; |
| } |
| emailName->name = (char*)XMALLOC(adv + 1, |
| cert->heap, DYNAMIC_TYPE_ALTNAME); |
| if (emailName->name == NULL) { |
| WOLFSSL_MSG("\tOut of Memory"); |
| return MEMORY_E; |
| } |
| XMEMCPY(emailName->name, |
| &cert->source[cert->srcIdx], adv); |
| emailName->name[adv] = 0; |
| |
| emailName->next = cert->altEmailNames; |
| cert->altEmailNames = emailName; |
| } |
| #endif /* IGNORE_NAME_CONSTRAINTS */ |
| if (!tooBig) { |
| XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv); |
| idx += adv; |
| } |
| } |
| |
| if (uid) { |
| if ( (5 + adv) > (int)(ASN_NAME_MAX - idx)) { |
| WOLFSSL_MSG("ASN name too big, skipping"); |
| tooBig = TRUE; |
| } |
| if (!tooBig) { |
| XMEMCPY(&full[idx], "/UID=", 5); |
| idx += 5; |
| |
| XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv); |
| idx += adv; |
| } |
| #ifdef OPENSSL_EXTRA |
| dName->uidIdx = cert->srcIdx; |
| dName->uidLen = adv; |
| #endif /* OPENSSL_EXTRA */ |
| } |
| |
| cert->srcIdx += adv; |
| } |
| } |
| full[idx++] = 0; |
| |
| #ifdef OPENSSL_EXTRA |
| { |
| int totalLen = 0; |
| |
| if (dName->cnLen != 0) |
| totalLen += dName->cnLen + 4; |
| if (dName->snLen != 0) |
| totalLen += dName->snLen + 4; |
| if (dName->cLen != 0) |
| totalLen += dName->cLen + 3; |
| if (dName->lLen != 0) |
| totalLen += dName->lLen + 3; |
| if (dName->stLen != 0) |
| totalLen += dName->stLen + 4; |
| if (dName->oLen != 0) |
| totalLen += dName->oLen + 3; |
| if (dName->ouLen != 0) |
| totalLen += dName->ouLen + 4; |
| if (dName->emailLen != 0) |
| totalLen += dName->emailLen + 14; |
| if (dName->uidLen != 0) |
| totalLen += dName->uidLen + 5; |
| if (dName->serialLen != 0) |
| totalLen += dName->serialLen + 14; |
| |
| dName->fullName = (char*)XMALLOC(totalLen + 1, NULL, DYNAMIC_TYPE_X509); |
| if (dName->fullName != NULL) { |
| idx = 0; |
| |
| if (dName->cnLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/CN=", 4); |
| idx += 4; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->cnIdx], dName->cnLen); |
| dName->cnIdx = idx; |
| idx += dName->cnLen; |
| } |
| if (dName->snLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/SN=", 4); |
| idx += 4; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->snIdx], dName->snLen); |
| dName->snIdx = idx; |
| idx += dName->snLen; |
| } |
| if (dName->cLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/C=", 3); |
| idx += 3; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->cIdx], dName->cLen); |
| dName->cIdx = idx; |
| idx += dName->cLen; |
| } |
| if (dName->lLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/L=", 3); |
| idx += 3; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->lIdx], dName->lLen); |
| dName->lIdx = idx; |
| idx += dName->lLen; |
| } |
| if (dName->stLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/ST=", 4); |
| idx += 4; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->stIdx], dName->stLen); |
| dName->stIdx = idx; |
| idx += dName->stLen; |
| } |
| if (dName->oLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/O=", 3); |
| idx += 3; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->oIdx], dName->oLen); |
| dName->oIdx = idx; |
| idx += dName->oLen; |
| } |
| if (dName->ouLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/OU=", 4); |
| idx += 4; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->ouIdx], dName->ouLen); |
| dName->ouIdx = idx; |
| idx += dName->ouLen; |
| } |
| if (dName->emailLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/emailAddress=", 14); |
| idx += 14; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->emailIdx], dName->emailLen); |
| dName->emailIdx = idx; |
| idx += dName->emailLen; |
| } |
| if (dName->uidLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/UID=", 5); |
| idx += 5; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->uidIdx], dName->uidLen); |
| dName->uidIdx = idx; |
| idx += dName->uidLen; |
| } |
| if (dName->serialLen != 0) { |
| dName->entryCount++; |
| XMEMCPY(&dName->fullName[idx], "/serialNumber=", 14); |
| idx += 14; |
| XMEMCPY(&dName->fullName[idx], |
| &cert->source[dName->serialIdx], dName->serialLen); |
| dName->serialIdx = idx; |
| idx += dName->serialLen; |
| } |
| dName->fullName[idx] = '\0'; |
| dName->fullNameLen = totalLen; |
| } |
| } |
| #endif /* OPENSSL_EXTRA */ |
| |
| return 0; |
| } |
| |
| |
| #ifndef NO_TIME_H |
| |
| /* to the second */ |
| static int DateGreaterThan(const struct tm* a, const struct tm* b) |
| { |
| if (a->tm_year > b->tm_year) |
| return 1; |
| |
| if (a->tm_year == b->tm_year && a->tm_mon > b->tm_mon) |
| return 1; |
| |
| if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon && |
| a->tm_mday > b->tm_mday) |
| return 1; |
| |
| if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon && |
| a->tm_mday == b->tm_mday && a->tm_hour > b->tm_hour) |
| return 1; |
| |
| if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon && |
| a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour && |
| a->tm_min > b->tm_min) |
| return 1; |
| |
| if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon && |
| a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour && |
| a->tm_min == b->tm_min && a->tm_sec > b->tm_sec) |
| return 1; |
| |
| return 0; /* false */ |
| } |
| |
| |
| static INLINE int DateLessThan(const struct tm* a, const struct tm* b) |
| { |
| return DateGreaterThan(b,a); |
| } |
| |
| |
| /* like atoi but only use first byte */ |
| /* Make sure before and after dates are valid */ |
| int ValidateDate(const byte* date, byte format, int dateType) |
| { |
| time_t ltime; |
| struct tm certTime; |
| struct tm* localTime; |
| struct tm* tmpTime = NULL; |
| int i = 0; |
| |
| #if defined(FREESCALE_MQX) || defined(TIME_OVERRIDES) |
| struct tm tmpTimeStorage; |
| tmpTime = &tmpTimeStorage; |
| #else |
| (void)tmpTime; |
| #endif |
| |
| ltime = XTIME(0); |
| XMEMSET(&certTime, 0, sizeof(certTime)); |
| |
| if (format == ASN_UTC_TIME) { |
| if (btoi(date[0]) >= 5) |
| certTime.tm_year = 1900; |
| else |
| certTime.tm_year = 2000; |
| } |
| else { /* format == GENERALIZED_TIME */ |
| certTime.tm_year += btoi(date[i++]) * 1000; |
| certTime.tm_year += btoi(date[i++]) * 100; |
| } |
| |
| /* adjust tm_year, tm_mon */ |
| GetTime((int*)&certTime.tm_year, date, &i); certTime.tm_year -= 1900; |
| GetTime((int*)&certTime.tm_mon, date, &i); certTime.tm_mon -= 1; |
| GetTime((int*)&certTime.tm_mday, date, &i); |
| GetTime((int*)&certTime.tm_hour, date, &i); |
| GetTime((int*)&certTime.tm_min, date, &i); |
| GetTime((int*)&certTime.tm_sec, date, &i); |
| |
| if (date[i] != 'Z') { /* only Zulu supported for this profile */ |
| WOLFSSL_MSG("Only Zulu time supported for this profile"); |
| return 0; |
| } |
| |
| localTime = XGMTIME(<ime, tmpTime); |
| |
| if (dateType == BEFORE) { |
| if (DateLessThan(localTime, &certTime)) |
| return 0; |
| } |
| else |
| if (DateGreaterThan(localTime, &certTime)) |
| return 0; |
| |
| return 1; |
| } |
| |
| #endif /* NO_TIME_H */ |
| |
| |
| static int GetDate(DecodedCert* cert, int dateType) |
| { |
| int length; |
| byte date[MAX_DATE_SIZE]; |
| byte b; |
| word32 startIdx = 0; |
| |
| if (dateType == BEFORE) |
| cert->beforeDate = &cert->source[cert->srcIdx]; |
| else |
| cert->afterDate = &cert->source[cert->srcIdx]; |
| startIdx = cert->srcIdx; |
| |
| b = cert->source[cert->srcIdx++]; |
| if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME) |
| return ASN_TIME_E; |
| |
| if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| if (length > MAX_DATE_SIZE || length < MIN_DATE_SIZE) |
| return ASN_DATE_SZ_E; |
| |
| XMEMCPY(date, &cert->source[cert->srcIdx], length); |
| cert->srcIdx += length; |
| |
| if (dateType == BEFORE) |
| cert->beforeDateLen = cert->srcIdx - startIdx; |
| else |
| cert->afterDateLen = cert->srcIdx - startIdx; |
| |
| if (!XVALIDATE_DATE(date, b, dateType)) { |
| if (dateType == BEFORE) |
| return ASN_BEFORE_DATE_E; |
| else |
| return ASN_AFTER_DATE_E; |
| } |
| |
| return 0; |
| } |
| |
| |
| static int GetValidity(DecodedCert* cert, int verify) |
| { |
| int length; |
| int badDate = 0; |
| |
| if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| if (GetDate(cert, BEFORE) < 0 && verify) |
| badDate = ASN_BEFORE_DATE_E; /* continue parsing */ |
| |
| if (GetDate(cert, AFTER) < 0 && verify) |
| return ASN_AFTER_DATE_E; |
| |
| if (badDate != 0) |
| return badDate; |
| |
| return 0; |
| } |
| |
| |
| int DecodeToKey(DecodedCert* cert, int verify) |
| { |
| int badDate = 0; |
| int ret; |
| |
| if ( (ret = GetCertHeader(cert)) < 0) |
| return ret; |
| |
| WOLFSSL_MSG("Got Cert Header"); |
| |
| if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID, |
| cert->maxIdx)) < 0) |
| return ret; |
| |
| WOLFSSL_MSG("Got Algo ID"); |
| |
| if ( (ret = GetName(cert, ISSUER)) < 0) |
| return ret; |
| |
| if ( (ret = GetValidity(cert, verify)) < 0) |
| badDate = ret; |
| |
| if ( (ret = GetName(cert, SUBJECT)) < 0) |
| return ret; |
| |
| WOLFSSL_MSG("Got Subject Name"); |
| |
| if ( (ret = GetKey(cert)) < 0) |
| return ret; |
| |
| WOLFSSL_MSG("Got Key"); |
| |
| if (badDate != 0) |
| return badDate; |
| |
| return ret; |
| } |
| |
| |
| static int GetSignature(DecodedCert* cert) |
| { |
| int length; |
| byte b = cert->source[cert->srcIdx++]; |
| |
| if (b != ASN_BIT_STRING) |
| return ASN_BITSTR_E; |
| |
| if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) |
| return ASN_PARSE_E; |
| |
| cert->sigLength = length; |
| |
| b = cert->source[cert->srcIdx++]; |
| if (b != 0x00) |
| return ASN_EXPECT_0_E; |
| |
| cert->sigLength--; |
| cert->signature = &cert->source[cert->srcIdx]; |
| cert->srcIdx += cert->sigLength; |
| |
| return 0; |
| } |
| |
| |
| static word32 SetDigest(const byte* digest, word32 digSz, byte* output) |
| { |
| output[0] = ASN_OCTET_STRING; |
| output[1] = (byte)digSz; |
| XMEMCPY(&output[2], digest, digSz); |
| |
| return digSz + 2; |
| } |
| |
| |
| static word32 BytePrecision(word32 value) |
| { |
| word32 i; |
| for (i = sizeof(value); i; --i) |
| if (value >> ((i - 1) * WOLFSSL_BIT_SIZE)) |
| break; |
| |
| return i; |
| } |
| |
| |
| WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output) |
| { |
| word32 i = 0, j; |
| |
| if (length < ASN_LONG_LENGTH) |
| output[i++] = (byte)length; |
| else { |
| output[i++] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH); |
| |
| for (j = BytePrecision(length); j; --j) { |
| output[i] = (byte)(length >> ((j - 1) * WOLFSSL_BIT_SIZE)); |
| i++; |
| } |
| } |
| |
| return i; |
| } |
| |
| |
| WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output) |
| { |
| output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED; |
| return SetLength(len, output + 1) + 1; |
| } |
| |
| WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output) |
| { |
| output[0] = ASN_OCTET_STRING; |
| return SetLength(len, output + 1) + 1; |
| } |
| |
| /* Write a set header to output */ |
| WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output) |
| { |
| output[0] = ASN_SET | ASN_CONSTRUCTED; |
| return SetLength(len, output + 1) + 1; |
| } |
| |
| WOLFSSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len, byte* output) |
| { |
| |
| output[0] = ((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0) |
| | ASN_CONTEXT_SPECIFIC | number; |
| return SetLength(len, output + 1) + 1; |
| } |
| |
| WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output) |
| { |
| output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | number; |
| return SetLength(len, output + 1) + 1; |
| } |
| |
| |
| #if defined(HAVE_ECC) && (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)) |
| |
| static word32 SetCurve(ecc_key* key, byte* output) |
| { |
| |
| /* curve types */ |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC192) |
| static const byte ECC_192v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, |
| 0x03, 0x01, 0x01}; |
| #endif |
| #if defined(HAVE_ALL_CURVES) || !defined(NO_ECC256) |
| static const byte ECC_256v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, |
| 0x03, 0x01, 0x07}; |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC160) |
| static const byte ECC_160r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, |
| 0x02}; |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC224) |
| static const byte ECC_224r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, |
| 0x21}; |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC384) |
| static const byte ECC_384r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, |
| 0x22}; |
| #endif |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC521) |
| static const byte ECC_521r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, |
| 0x23}; |
| #endif |
| |
| int oidSz = 0; |
| int idx = 0; |
| int lenSz = 0; |
| const byte* oid = 0; |
| |
| output[0] = ASN_OBJECT_ID; |
| idx++; |
| |
| switch (key->dp->size) { |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC160) |
| case 20: |
| oidSz = sizeof(ECC_160r1_AlgoID); |
| oid = ECC_160r1_AlgoID; |
| break; |
| #endif |
| |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC192) |
| case 24: |
| oidSz = sizeof(ECC_192v1_AlgoID); |
| oid = ECC_192v1_AlgoID; |
| break; |
| #endif |
| |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC224) |
| case 28: |
| oidSz = sizeof(ECC_224r1_AlgoID); |
| oid = ECC_224r1_AlgoID; |
| break; |
| #endif |
| |
| #if defined(HAVE_ALL_CURVES) || !defined(NO_ECC256) |
| case 32: |
| oidSz = sizeof(ECC_256v1_AlgoID); |
| oid = ECC_256v1_AlgoID; |
| break; |
| #endif |
| |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC384) |
| case 48: |
| oidSz = sizeof(ECC_384r1_AlgoID); |
| oid = ECC_384r1_AlgoID; |
| break; |
| #endif |
| |
| #if defined(HAVE_ALL_CURVES) || defined(HAVE_ECC521) |
| case 66: |
| oidSz = sizeof(ECC_521r1_AlgoID); |
| oid = ECC_521r1_AlgoID; |
| break; |
| #endif |
| |
| default: |
| return ASN_UNKNOWN_OID_E; |
| } |
| lenSz = SetLength(oidSz, output+idx); |
| idx += lenSz; |
| |
| XMEMCPY(output+idx, oid, oidSz); |
| idx += oidSz; |
| |
| return idx; |
| } |
| |
| #endif /* HAVE_ECC && WOLFSSL_CERT_GEN */ |
| |
| |
| WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) |
| { |
| /* adding TAG_NULL and 0 to end */ |
| |
| /* hashTypes */ |
| static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a, |
| 0x05, 0x00 }; |
| static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, |
| 0x04, 0x02, 0x01, 0x05, 0x00 }; |
| static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, |
| 0x04, 0x02, 0x02, 0x05, 0x00 }; |
| static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, |
| 0x04, 0x02, 0x03, 0x05, 0x00 }; |
| static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, |
| 0x02, 0x05, 0x05, 0x00 }; |
| static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, |
| 0x02, 0x02, 0x05, 0x00}; |
| |
| /* blkTypes, no NULL tags because IV is there instead */ |
| static const byte desCbcAlgoID[] = { 0x2B, 0x0E, 0x03, 0x02, 0x07 }; |
| static const byte des3CbcAlgoID[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, |
| 0x0D, 0x03, 0x07 }; |
| |
| /* RSA sigTypes */ |
| #ifndef NO_RSA |
| static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00}; |
| static const byte shawRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00}; |
| static const byte sha256wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00}; |
| static const byte sha384wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 0x0d, 0x01, 0x01, 0x0c, 0x05, 0x00}; |
| static const byte sha512wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 0x0d, 0x01, 0x01, 0x0d, 0x05, 0x00}; |
| #endif /* NO_RSA */ |
| |
| /* ECDSA sigTypes */ |
| #ifdef HAVE_ECC |
| static const byte shawECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, |
| 0x04, 0x01, 0x05, 0x00}; |
| static const byte sha256wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, |
| 0x04, 0x03, 0x02, 0x05, 0x00}; |
| static const byte sha384wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, |
| 0x04, 0x03, 0x03, 0x05, 0x00}; |
| static const byte sha512wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, |
| 0x04, 0x03, 0x04, 0x05, 0x00}; |
| #endif /* HAVE_ECC */ |
| |
| /* RSA keyType */ |
| #ifndef NO_RSA |
| static const byte RSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, |
| 0x01, 0x01, 0x01, 0x05, 0x00}; |
| #endif /* NO_RSA */ |
| |
| #ifdef HAVE_ECC |
| /* ECC keyType */ |
| /* no tags, so set tagSz smaller later */ |
| static const byte ECC_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, |
| 0x02, 0x01}; |
| #endif /* HAVE_ECC */ |
| |
| int algoSz = 0; |
| int tagSz = 2; /* tag null and terminator */ |
| word32 idSz, seqSz; |
| const byte* algoName = 0; |
| byte ID_Length[MAX_LENGTH_SZ]; |
| byte seqArray[MAX_SEQ_SZ + 1]; /* add object_id to end */ |
| |
| if (type == hashType) { |
| switch (algoOID) { |
| case SHAh: |
| algoSz = sizeof(shaAlgoID); |
| algoName = shaAlgoID; |
| break; |
| |
| case SHA256h: |
| algoSz = sizeof(sha256AlgoID); |
| algoName = sha256AlgoID; |
| break; |
| |
| case SHA384h: |
| algoSz = sizeof(sha384AlgoID); |
| algoName = sha384AlgoID; |
| break; |
| |
| case SHA512h: |
| algoSz = sizeof(sha512AlgoID); |
| algoName = sha512AlgoID; |
| break; |
| |
| case MD2h: |
| algoSz = sizeof(md2AlgoID); |
| algoName = md2AlgoID; |
| break; |
| |
| case MD5h: |
| algoSz = sizeof(md5AlgoID); |
| algoName = md5AlgoID; |
| break; |
| |
| default: |
| WOLFSSL_MSG("Unknown Hash Algo"); |
| return 0; /* UNKOWN_HASH_E; */ |
| } |
| } |
| else if (type == blkType) { |
| switch (algoOID) { |
| case DESb: |
| algoSz = sizeof(desCbcAlgoID); |
| algoName = desCbcAlgoID; |
| tagSz = 0; |
| break; |
| case DES3b: |
| algoSz = sizeof(des3CbcAlgoID); |
| algoName = des3CbcAlgoID; |
| tagSz = 0; |
| break; |
| default: |
| WOLFSSL_MSG("Unknown Block Algo"); |
| return 0; |
| } |
| } |
| else if (type == sigType) { /* sigType */ |
| switch (algoOID) { |
| #ifndef NO_RSA |
| case CTC_MD5wRSA: |
| algoSz = sizeof(md5wRSA_AlgoID); |
| algoName = md5wRSA_AlgoID; |
| break; |
| |
| case CTC_SHAwRSA: |
| algoSz = sizeof(shawRSA_AlgoID); |
| algoName = shawRSA_AlgoID; |
| break; |
| |
| case CTC_SHA256wRSA: |
| algoSz = sizeof(sha256wRSA_AlgoID); |
| algoName = sha256wRSA_AlgoID; |
| break; |
| |
| case CTC_SHA384wRSA: |
| algoSz = sizeof(sha384wRSA_AlgoID); |
| algoName = sha384wRSA_AlgoID; |
| break; |
| |
| case CTC_SHA512wRSA: |
| algoSz = sizeof(sha512wRSA_AlgoID); |
| algoName = sha512wRSA_AlgoID; |
| break; |
| #endif /* NO_RSA */ |
| #ifdef HAVE_ECC |
| case CTC_SHAwECDSA: |
| algoSz = sizeof(shawECDSA_AlgoID); |
| algoName = shawECDSA_AlgoID; |
| break; |
| |
| case CTC_SHA256wECDSA: |
| algoSz = sizeof(sha256wECDSA_AlgoID); |
| algoName = sha256wECDSA_AlgoID; |
| break; |
| |
| case CTC_SHA384wECDSA: |
| algoSz = sizeof(sha384wECDSA_AlgoID); |
| algoName = sha384wECDSA_AlgoID; |
| break; |
| |
| case CTC_SHA512wECDSA: |
| algoSz = sizeof(sha512wECDSA_AlgoID); |
| algoName = sha512wECDSA_AlgoID; |
| break; |
| #endif /* HAVE_ECC */ |
| default: |
| WOLFSSL_MSG("Unknown Signature Algo"); |
| return 0; |
| } |
| } |
| else if (type == keyType) { /* keyType */ |
| switch (algoOID) { |
| #ifndef NO_RSA |
| case RSAk: |
| algoSz = sizeof(RSA_AlgoID); | <