/ctaocrypt/src/asn.c
C | 5110 lines | 3782 code | 1041 blank | 287 comment | 881 complexity | 7ce215fd4d2dff86b6113ab1abcbab72 MD5 | raw file
Possible License(s): GPL-2.0
Large files files are truncated, but you can click here to view the full file
- /* asn.c
- *
- * Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
- *
- * This file is part of CyaSSL.
- *
- * CyaSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * CyaSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #ifndef NO_ASN
- #ifdef THREADX
- #include "os.h" /* dc_rtc_api needs */
- #include "dc_rtc_api.h" /* to get current time */
- #endif
- #include <cyassl/ctaocrypt/integer.h>
- #include <cyassl/ctaocrypt/asn.h>
- #include <cyassl/ctaocrypt/coding.h>
- #include <cyassl/ctaocrypt/sha.h>
- #include <cyassl/ctaocrypt/md5.h>
- #include <cyassl/ctaocrypt/md2.h>
- #include <cyassl/ctaocrypt/error.h>
- #include <cyassl/ctaocrypt/pwdbased.h>
- #include <cyassl/ctaocrypt/des3.h>
- #include <cyassl/ctaocrypt/sha256.h>
- #include <cyassl/ctaocrypt/sha512.h>
- #include <cyassl/ctaocrypt/logging.h>
- #include <cyassl/ctaocrypt/random.h>
- #ifndef NO_RC4
- #include <cyassl/ctaocrypt/arc4.h>
- #endif
- #ifdef HAVE_NTRU
- #include "crypto_ntru.h"
- #endif
- #ifdef HAVE_ECC
- #include <cyassl/ctaocrypt/ecc.h>
- #endif
- #ifdef CYASSL_DEBUG_ENCODING
- #ifdef FREESCALE_MQX
- #include <fio.h>
- #else
- #include <stdio.h>
- #endif
- #endif
- #ifdef _MSC_VER
- /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
- #pragma warning(disable: 4996)
- #endif
- #ifndef TRUE
- enum {
- FALSE = 0,
- TRUE = 1
- };
- #endif
- #ifdef THREADX
- /* uses parital <time.h> structures */
- #define XTIME(tl) (0)
- #define XGMTIME(c) my_gmtime((c))
- #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
- #elif defined(MICRIUM)
- #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
- #define XVALIDATE_DATE(d,f,t) NetSecure_ValidateDateHandler((d),(f),(t))
- #else
- #define XVALIDATE_DATE(d, f, t) (0)
- #endif
- #define NO_TIME_H
- /* since Micrium not defining XTIME or XGMTIME, CERT_GEN not available */
- #elif defined(USER_TIME)
- /* no <time.h> structures used */
- #define NO_TIME_H
- /* user time, and gmtime compatible functions, there is a gmtime
- implementation here that WINCE uses, so really just need some ticks
- since the EPOCH
- */
- #else
- /* default */
- /* uses complete <time.h> facility */
- #include <time.h>
- #define XTIME(tl) time((tl))
- #define XGMTIME(c) gmtime((c))
- #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
- #endif
- #ifdef _WIN32_WCE
- /* no time() or gmtime() even though in time.h header?? */
- #include <windows.h>
- time_t time(time_t* timer)
- {
- SYSTEMTIME sysTime;
- FILETIME fTime;
- ULARGE_INTEGER intTime;
- time_t localTime;
- if (timer == NULL)
- timer = &localTime;
- GetSystemTime(&sysTime);
- SystemTimeToFileTime(&sysTime, &fTime);
-
- XMEMCPY(&intTime, &fTime, sizeof(FILETIME));
- /* subtract EPOCH */
- intTime.QuadPart -= 0x19db1ded53e8000;
- /* to secs */
- intTime.QuadPart /= 10000000;
- *timer = (time_t)intTime.QuadPart;
- return *timer;
- }
- struct tm* gmtime(const time_t* timer)
- {
- #define YEAR0 1900
- #define EPOCH_YEAR 1970
- #define SECS_DAY (24L * 60L * 60L)
- #define LEAPYEAR(year) (!((year) % 4) && (((year) % 100) || !((year) %400)))
- #define YEARSIZE(year) (LEAPYEAR(year) ? 366 : 365)
- static const int _ytab[2][12] =
- {
- {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
- {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
- };
- static struct tm st_time;
- struct tm* ret = &st_time;
- time_t time = *timer;
- unsigned long dayclock, dayno;
- int year = EPOCH_YEAR;
- dayclock = (unsigned long)time % SECS_DAY;
- dayno = (unsigned long)time / SECS_DAY;
- ret->tm_sec = dayclock % 60;
- ret->tm_min = (dayclock % 3600) / 60;
- ret->tm_hour = dayclock / 3600;
- ret->tm_wday = (dayno + 4) % 7; /* day 0 a Thursday */
- while(dayno >= (unsigned long)YEARSIZE(year)) {
- dayno -= YEARSIZE(year);
- year++;
- }
- ret->tm_year = year - YEAR0;
- ret->tm_yday = dayno;
- ret->tm_mon = 0;
- while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) {
- dayno -= _ytab[LEAPYEAR(year)][ret->tm_mon];
- ret->tm_mon++;
- }
- ret->tm_mday = ++dayno;
- ret->tm_isdst = 0;
- return ret;
- }
- #endif /* _WIN32_WCE */
- #ifdef THREADX
- #define YEAR0 1900
- struct tm* my_gmtime(const time_t* timer) /* has a gmtime() but hangs */
- {
- static struct tm st_time;
- struct tm* ret = &st_time;
- DC_RTC_CALENDAR cal;
- dc_rtc_time_get(&cal, TRUE);
- ret->tm_year = cal.year - YEAR0; /* gm starts at 1900 */
- ret->tm_mon = cal.month - 1; /* gm starts at 0 */
- ret->tm_mday = cal.day;
- ret->tm_hour = cal.hour;
- ret->tm_min = cal.minute;
- ret->tm_sec = cal.second;
- return ret;
- }
- #endif /* THREADX */
- static INLINE word32 btoi(byte b)
- {
- return b - 0x30;
- }
- /* two byte date/time, add to value */
- static INLINE void GetTime(int* value, const byte* date, int* idx)
- {
- int i = *idx;
- *value += btoi(date[i++]) * 10;
- *value += btoi(date[i++]);
- *idx = i;
- }
- #if defined(MICRIUM)
- CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format,
- CPU_INT08U dateType)
- {
- CPU_BOOLEAN rtn_code;
- CPU_INT32S i;
- CPU_INT32S val;
- CPU_INT16U year;
- CPU_INT08U month;
- CPU_INT16U day;
- CPU_INT08U hour;
- CPU_INT08U min;
- CPU_INT08U sec;
- i = 0;
- year = 0u;
- if (format == ASN_UTC_TIME) {
- if (btoi(date[0]) >= 5)
- year = 1900;
- else
- year = 2000;
- }
- else { /* format == GENERALIZED_TIME */
- year += btoi(date[i++]) * 1000;
- year += btoi(date[i++]) * 100;
- }
- val = year;
- GetTime(&val, date, &i);
- year = (CPU_INT16U)val;
- val = 0;
- GetTime(&val, date, &i);
- month = (CPU_INT08U)val;
- val = 0;
- GetTime(&val, date, &i);
- day = (CPU_INT16U)val;
- val = 0;
- GetTime(&val, date, &i);
- hour = (CPU_INT08U)val;
- val = 0;
- GetTime(&val, date, &i);
- min = (CPU_INT08U)val;
- val = 0;
- GetTime(&val, date, &i);
- sec = (CPU_INT08U)val;
- return NetSecure_ValidateDate(year, month, day, hour, min, sec, dateType);
- }
- #endif /* MICRIUM */
- static int GetLength(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- int length = 0;
- word32 i = *inOutIdx;
- byte b;
- if ( (i+1) > maxIdx) { /* for first read */
- CYASSL_MSG("GetLength bad index on input");
- return BUFFER_E;
- }
- b = input[i++];
- if (b >= ASN_LONG_LENGTH) {
- word32 bytes = b & 0x7F;
- if ( (i+bytes) > maxIdx) { /* for reading bytes */
- CYASSL_MSG("GetLength bad long length");
- return BUFFER_E;
- }
- while (bytes--) {
- b = input[i++];
- length = (length << 8) | b;
- }
- }
- else
- length = b;
-
- if ( (i+length) > maxIdx) { /* for user of length */
- CYASSL_MSG("GetLength value exceeds buffer length");
- return BUFFER_E;
- }
- *inOutIdx = i;
- *len = length;
- return length;
- }
- static int GetSequence(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- int length = -1;
- word32 idx = *inOutIdx;
- if (input[idx++] != (ASN_SEQUENCE | ASN_CONSTRUCTED) ||
- GetLength(input, &idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- *len = length;
- *inOutIdx = idx;
- return length;
- }
- static int GetSet(const byte* input, word32* inOutIdx, int* len, word32 maxIdx)
- {
- int length = -1;
- word32 idx = *inOutIdx;
- if (input[idx++] != (ASN_SET | ASN_CONSTRUCTED) ||
- GetLength(input, &idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- *len = length;
- *inOutIdx = idx;
- return length;
- }
- /* winodws header clash for WinCE using GetVersion */
- static int GetMyVersion(const byte* input, word32* inOutIdx, int* version)
- {
- word32 idx = *inOutIdx;
- CYASSL_ENTER("GetMyVersion");
- if (input[idx++] != ASN_INTEGER)
- return ASN_PARSE_E;
- if (input[idx++] != 0x01)
- return ASN_VERSION_E;
- *version = input[idx++];
- *inOutIdx = idx;
- return *version;
- }
- /* Get small count integer, 32 bits or less */
- static int GetShortInt(const byte* input, word32* inOutIdx, int* number)
- {
- word32 idx = *inOutIdx;
- word32 len;
- *number = 0;
- if (input[idx++] != ASN_INTEGER)
- return ASN_PARSE_E;
- len = input[idx++];
- if (len > 4)
- return ASN_PARSE_E;
- while (len--) {
- *number = *number << 8 | input[idx++];
- }
- *inOutIdx = idx;
- return *number;
- }
- /* May not have one, not an error */
- static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
- {
- word32 idx = *inOutIdx;
- CYASSL_ENTER("GetExplicitVersion");
- if (input[idx++] == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) {
- *inOutIdx = ++idx; /* eat header */
- return GetMyVersion(input, inOutIdx, version);
- }
- /* go back as is */
- *version = 0;
- return 0;
- }
- static int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
- word32 maxIdx)
- {
- word32 i = *inOutIdx;
- byte b = input[i++];
- int length;
- if (b != ASN_INTEGER)
- return ASN_PARSE_E;
- if (GetLength(input, &i, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- if ( (b = input[i++]) == 0x00)
- length--;
- else
- i--;
- if (mp_init(mpi) != MP_OKAY)
- return MP_INIT_E;
- if (mp_read_unsigned_bin(mpi, (byte*)input + i, length) != 0) {
- mp_clear(mpi);
- return ASN_GETINT_E;
- }
- *inOutIdx = i + length;
- return 0;
- }
- static int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
- word32 maxIdx)
- {
- int length;
- word32 i = *inOutIdx;
- byte b;
- *oid = 0;
-
- b = input[i++];
- if (b != ASN_OBJECT_ID)
- return ASN_OBJECT_ID_E;
-
- if (GetLength(input, &i, &length, maxIdx) < 0)
- return ASN_PARSE_E;
-
- while(length--)
- *oid += input[i++];
- /* just sum it up for now */
-
- *inOutIdx = i;
-
- return 0;
- }
- static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
- word32 maxIdx)
- {
- int length;
- word32 i = *inOutIdx;
- byte b;
- *oid = 0;
-
- CYASSL_ENTER("GetAlgoId");
- if (GetSequence(input, &i, &length, maxIdx) < 0)
- return ASN_PARSE_E;
-
- b = input[i++];
- if (b != ASN_OBJECT_ID)
- return ASN_OBJECT_ID_E;
-
- if (GetLength(input, &i, &length, maxIdx) < 0)
- return ASN_PARSE_E;
-
- while(length--) {
- /* odd HC08 compiler behavior here when input[i++] */
- *oid += input[i];
- i++;
- }
- /* just sum it up for now */
-
- /* could have NULL tag and 0 terminator, but may not */
- b = input[i++];
-
- if (b == ASN_TAG_NULL) {
- b = input[i++];
- if (b != 0)
- return ASN_EXPECT_0_E;
- }
- else
- /* go back, didn't have it */
- i--;
-
- *inOutIdx = i;
-
- return 0;
- }
- #ifndef NO_RSA
- #ifdef HAVE_CAVIUM
- static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input,
- word32* inOutIdx, word32 maxIdx, void* heap)
- {
- word32 i = *inOutIdx;
- byte b = input[i++];
- int length;
- if (b != ASN_INTEGER)
- return ASN_PARSE_E;
- if (GetLength(input, &i, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- if ( (b = input[i++]) == 0x00)
- length--;
- else
- i--;
- *buffSz = (word16)length;
- *buff = XMALLOC(*buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA);
- if (*buff == NULL)
- return MEMORY_E;
- XMEMCPY(*buff, input + i, *buffSz);
- *inOutIdx = i + length;
- return 0;
- }
- static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
- RsaKey* key, word32 inSz)
- {
- int version, length;
- void* h = key->heap;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetMyVersion(input, inOutIdx, &version) < 0)
- return ASN_PARSE_E;
- key->type = RSA_PRIVATE;
- if (GetCaviumInt(&key->c_n, &key->c_nSz, input, inOutIdx, inSz, h) < 0 ||
- GetCaviumInt(&key->c_e, &key->c_eSz, input, inOutIdx, inSz, h) < 0 ||
- GetCaviumInt(&key->c_d, &key->c_dSz, input, inOutIdx, inSz, h) < 0 ||
- GetCaviumInt(&key->c_p, &key->c_pSz, input, inOutIdx, inSz, h) < 0 ||
- GetCaviumInt(&key->c_q, &key->c_qSz, input, inOutIdx, inSz, h) < 0 ||
- GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 ||
- GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 ||
- GetCaviumInt(&key->c_u, &key->c_uSz, input, inOutIdx, inSz, h) < 0 )
- return ASN_RSA_KEY_E;
- return 0;
- }
- #endif /* HAVE_CAVIUM */
- int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
- word32 inSz)
- {
- int version, length;
- #ifdef HAVE_CAVIUM
- if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
- return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz);
- #endif
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetMyVersion(input, inOutIdx, &version) < 0)
- return ASN_PARSE_E;
- key->type = RSA_PRIVATE;
- if (GetInt(&key->n, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->e, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->d, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->dP, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->dQ, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
- return 0;
- }
- #endif /* NO_RSA */
- /* Remove PKCS8 header, move beginning of traditional to beginning of input */
- int ToTraditional(byte* input, word32 sz)
- {
- word32 inOutIdx = 0, oid;
- int version, length;
- if (GetSequence(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (GetMyVersion(input, &inOutIdx, &version) < 0)
- return ASN_PARSE_E;
-
- if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
- return ASN_PARSE_E;
- if (input[inOutIdx] == ASN_OBJECT_ID) {
- /* pkcs8 ecc uses slightly different format */
- inOutIdx++; /* past id */
- if (GetLength(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
- inOutIdx += length; /* over sub id, key input will verify */
- }
-
- if (input[inOutIdx++] != ASN_OCTET_STRING)
- return ASN_PARSE_E;
-
- if (GetLength(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
-
- XMEMMOVE(input, input + inOutIdx, length);
- return 0;
- }
- #ifndef NO_PWDBASED
- /* Check To see if PKCS version algo is supported, set id if it is return 0
- < 0 on error */
- static int CheckAlgo(int first, int second, int* id, int* version)
- {
- *id = ALGO_ID_E;
- *version = PKCS5; /* default */
- if (first == 1) {
- switch (second) {
- case 1:
- *id = PBE_SHA1_RC4_128;
- *version = PKCS12;
- return 0;
- case 3:
- *id = PBE_SHA1_DES3;
- *version = PKCS12;
- return 0;
- default:
- return ALGO_ID_E;
- }
- }
- if (first != PKCS5)
- return ASN_INPUT_E; /* VERSION ERROR */
- if (second == PBES2) {
- *version = PKCS5v2;
- return 0;
- }
- switch (second) {
- case 3: /* see RFC 2898 for ids */
- *id = PBE_MD5_DES;
- return 0;
- case 10:
- *id = PBE_SHA1_DES;
- return 0;
- default:
- return ALGO_ID_E;
- }
- }
- /* Check To see if PKCS v2 algo is supported, set id if it is return 0
- < 0 on error */
- static int CheckAlgoV2(int oid, int* id)
- {
- switch (oid) {
- case 69:
- *id = PBE_SHA1_DES;
- return 0;
- case 652:
- *id = PBE_SHA1_DES3;
- return 0;
- default:
- return ALGO_ID_E;
- }
- }
- /* Decrypt intput in place from parameters based on id */
- static int DecryptKey(const char* password, int passwordSz, byte* salt,
- int saltSz, int iterations, int id, byte* input,
- int length, int version, byte* cbcIv)
- {
- byte key[MAX_KEY_SIZE];
- int typeH;
- int derivedLen;
- int decryptionType;
- int ret = 0;
- switch (id) {
- case PBE_MD5_DES:
- typeH = MD5;
- derivedLen = 16; /* may need iv for v1.5 */
- decryptionType = DES_TYPE;
- break;
- case PBE_SHA1_DES:
- typeH = SHA;
- derivedLen = 16; /* may need iv for v1.5 */
- decryptionType = DES_TYPE;
- break;
- case PBE_SHA1_DES3:
- typeH = SHA;
- derivedLen = 32; /* may need iv for v1.5 */
- decryptionType = DES3_TYPE;
- break;
- case PBE_SHA1_RC4_128:
- typeH = SHA;
- derivedLen = 16;
- decryptionType = RC4_TYPE;
- break;
- default:
- return ALGO_ID_E;
- }
- if (version == PKCS5v2)
- ret = PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations,
- derivedLen, typeH);
- else if (version == PKCS5)
- ret = PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations,
- derivedLen, typeH);
- else if (version == PKCS12) {
- int i, idx = 0;
- byte unicodePasswd[MAX_UNICODE_SZ];
- if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd))
- return UNICODE_SIZE_E;
- for (i = 0; i < passwordSz; i++) {
- unicodePasswd[idx++] = 0x00;
- unicodePasswd[idx++] = (byte)password[i];
- }
- /* add trailing NULL */
- unicodePasswd[idx++] = 0x00;
- unicodePasswd[idx++] = 0x00;
- ret = PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
- iterations, derivedLen, typeH, 1);
- if (decryptionType != RC4_TYPE)
- ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
- iterations, 8, typeH, 2);
- }
- if (ret != 0)
- return ret;
- switch (decryptionType) {
- #ifndef NO_DES3
- case DES_TYPE:
- {
- Des dec;
- byte* desIv = key + 8;
- if (version == PKCS5v2 || version == PKCS12)
- desIv = cbcIv;
- Des_SetKey(&dec, key, desIv, DES_DECRYPTION);
- Des_CbcDecrypt(&dec, input, input, length);
- break;
- }
- case DES3_TYPE:
- {
- Des3 dec;
- byte* desIv = key + 24;
- if (version == PKCS5v2 || version == PKCS12)
- desIv = cbcIv;
- Des3_SetKey(&dec, key, desIv, DES_DECRYPTION);
- Des3_CbcDecrypt(&dec, input, input, length);
- break;
- }
- #endif
- #ifndef NO_RC4
- case RC4_TYPE:
- {
- Arc4 dec;
- Arc4SetKey(&dec, key, derivedLen);
- Arc4Process(&dec, input, input, length);
- break;
- }
- #endif
- default:
- return ALGO_ID_E;
- }
- return 0;
- }
- /* Remove Encrypted PKCS8 header, move beginning of traditional to beginning
- of input */
- int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
- {
- word32 inOutIdx = 0, oid;
- int first, second, length, version, saltSz, id;
- int iterations = 0;
- byte salt[MAX_SALT_SIZE];
- byte cbcIv[MAX_IV_SIZE];
-
- if (GetSequence(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
- return ASN_PARSE_E;
-
- first = input[inOutIdx - 2]; /* PKCS version alwyas 2nd to last byte */
- second = input[inOutIdx - 1]; /* version.algo, algo id last byte */
- if (CheckAlgo(first, second, &id, &version) < 0)
- return ASN_INPUT_E; /* Algo ID error */
- if (version == PKCS5v2) {
- if (GetSequence(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
- return ASN_PARSE_E;
- if (oid != PBKDF2_OID)
- return ASN_PARSE_E;
- }
- if (GetSequence(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (input[inOutIdx++] != ASN_OCTET_STRING)
- return ASN_PARSE_E;
-
- if (GetLength(input, &inOutIdx, &saltSz, sz) < 0)
- return ASN_PARSE_E;
- if (saltSz > MAX_SALT_SIZE)
- return ASN_PARSE_E;
-
- XMEMCPY(salt, &input[inOutIdx], saltSz);
- inOutIdx += saltSz;
- if (GetShortInt(input, &inOutIdx, &iterations) < 0)
- return ASN_PARSE_E;
- if (version == PKCS5v2) {
- /* get encryption algo */
- if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
- return ASN_PARSE_E;
- if (CheckAlgoV2(oid, &id) < 0)
- return ASN_PARSE_E; /* PKCS v2 algo id error */
- if (input[inOutIdx++] != ASN_OCTET_STRING)
- return ASN_PARSE_E;
-
- if (GetLength(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
- XMEMCPY(cbcIv, &input[inOutIdx], length);
- inOutIdx += length;
- }
- if (input[inOutIdx++] != ASN_OCTET_STRING)
- return ASN_PARSE_E;
-
- if (GetLength(input, &inOutIdx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (DecryptKey(password, passwordSz, salt, saltSz, iterations, id,
- input + inOutIdx, length, version, cbcIv) < 0)
- return ASN_INPUT_E; /* decrypt failure */
- XMEMMOVE(input, input + inOutIdx, length);
- return ToTraditional(input, length);
- }
- #endif /* NO_PWDBASED */
- #ifndef NO_RSA
- int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
- word32 inSz)
- {
- int length;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- key->type = RSA_PUBLIC;
- #ifdef OPENSSL_EXTRA
- {
- byte b = input[*inOutIdx];
- if (b != ASN_INTEGER) {
- /* not from decoded cert, will have algo id, skip past */
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
-
- b = input[(*inOutIdx)++];
- if (b != ASN_OBJECT_ID)
- return ASN_OBJECT_ID_E;
-
- if (GetLength(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
-
- *inOutIdx += length; /* skip past */
-
- /* could have NULL tag and 0 terminator, but may not */
- b = input[(*inOutIdx)++];
-
- if (b == ASN_TAG_NULL) {
- b = input[(*inOutIdx)++];
- if (b != 0)
- return ASN_EXPECT_0_E;
- }
- else
- /* go back, didn't have it */
- (*inOutIdx)--;
-
- /* should have bit tag length and seq next */
- b = input[(*inOutIdx)++];
- if (b != ASN_BIT_STRING)
- return ASN_BITSTR_E;
-
- if (GetLength(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
-
- /* could have 0 */
- b = input[(*inOutIdx)++];
- if (b != 0)
- (*inOutIdx)--;
-
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- } /* end if */
- } /* openssl var block */
- #endif /* OPENSSL_EXTRA */
- if (GetInt(&key->n, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->e, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
- return 0;
- }
- #endif
- #ifndef NO_DH
- int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
- {
- int length;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->g, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
- return 0;
- }
- int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz)
- {
- /* may have leading 0 */
- if (p[0] == 0) {
- pSz--; p++;
- }
- if (g[0] == 0) {
- gSz--; g++;
- }
- if (mp_init(&key->p) != MP_OKAY)
- return MP_INIT_E;
- if (mp_read_unsigned_bin(&key->p, p, pSz) != 0) {
- mp_clear(&key->p);
- return ASN_DH_KEY_E;
- }
- if (mp_init(&key->g) != MP_OKAY) {
- mp_clear(&key->p);
- return MP_INIT_E;
- }
- if (mp_read_unsigned_bin(&key->g, g, gSz) != 0) {
- mp_clear(&key->g);
- mp_clear(&key->p);
- return ASN_DH_KEY_E;
- }
- return 0;
- }
- #ifdef OPENSSL_EXTRA
- int DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
- byte* g, word32* gInOutSz)
- {
- word32 i = 0;
- byte b;
- int length;
- if (GetSequence(input, &i, &length, inSz) < 0)
- return ASN_PARSE_E;
- b = input[i++];
- if (b != ASN_INTEGER)
- return ASN_PARSE_E;
- if (GetLength(input, &i, &length, inSz) < 0)
- return ASN_PARSE_E;
- if ( (b = input[i++]) == 0x00)
- length--;
- else
- i--;
- if (length <= (int)*pInOutSz) {
- XMEMCPY(p, &input[i], length);
- *pInOutSz = length;
- }
- else
- return BUFFER_E;
- i += length;
- b = input[i++];
- if (b != ASN_INTEGER)
- return ASN_PARSE_E;
- if (GetLength(input, &i, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (length <= (int)*gInOutSz) {
- XMEMCPY(g, &input[i], length);
- *gInOutSz = length;
- }
- else
- return BUFFER_E;
- return 0;
- }
- #endif /* OPENSSL_EXTRA */
- #endif /* NO_DH */
- #ifndef NO_DSA
- int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
- word32 inSz)
- {
- int length;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->y, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
- key->type = DSA_PUBLIC;
- return 0;
- }
- int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
- word32 inSz)
- {
- int length, version;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetMyVersion(input, inOutIdx, &version) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->y, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->x, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
- key->type = DSA_PRIVATE;
- return 0;
- }
- #endif /* NO_DSA */
- void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
- {
- cert->publicKey = 0;
- cert->pubKeyStored = 0;
- cert->signature = 0;
- cert->subjectCN = 0;
- cert->subjectCNLen = 0;
- cert->subjectCNStored = 0;
- cert->altNames = NULL;
- cert->issuer[0] = '\0';
- cert->subject[0] = '\0';
- cert->source = source; /* don't own */
- cert->srcIdx = 0;
- cert->maxIdx = inSz; /* can't go over this index */
- cert->heap = heap;
- XMEMSET(cert->serial, 0, EXTERNAL_SERIAL_SIZE);
- cert->serialSz = 0;
- cert->extensions = 0;
- cert->extensionsSz = 0;
- cert->extensionsIdx = 0;
- cert->extAuthInfo = NULL;
- cert->extAuthInfoSz = 0;
- cert->extCrlInfo = NULL;
- cert->extCrlInfoSz = 0;
- cert->isCA = 0;
- #ifdef CYASSL_CERT_GEN
- cert->subjectSN = 0;
- cert->subjectSNLen = 0;
- cert->subjectC = 0;
- cert->subjectCLen = 0;
- cert->subjectL = 0;
- cert->subjectLLen = 0;
- cert->subjectST = 0;
- cert->subjectSTLen = 0;
- cert->subjectO = 0;
- cert->subjectOLen = 0;
- cert->subjectOU = 0;
- cert->subjectOULen = 0;
- cert->subjectEmail = 0;
- cert->subjectEmailLen = 0;
- cert->beforeDate = 0;
- cert->beforeDateLen = 0;
- cert->afterDate = 0;
- cert->afterDateLen = 0;
- #endif /* CYASSL_CERT_GEN */
- }
- void FreeAltNames(DNS_entry* altNames, void* heap)
- {
- (void)heap;
- while (altNames) {
- DNS_entry* tmp = altNames->next;
- XFREE(altNames->name, heap, DYNAMIC_TYPE_ALTNAME);
- XFREE(altNames, heap, DYNAMIC_TYPE_ALTNAME);
- altNames = tmp;
- }
- }
- void FreeDecodedCert(DecodedCert* cert)
- {
- if (cert->subjectCNStored == 1)
- XFREE(cert->subjectCN, cert->heap, DYNAMIC_TYPE_SUBJECT_CN);
- if (cert->pubKeyStored == 1)
- XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
- if (cert->altNames)
- FreeAltNames(cert->altNames, cert->heap);
- }
- static int GetCertHeader(DecodedCert* cert)
- {
- int ret = 0, version, len;
- byte serialTmp[EXTERNAL_SERIAL_SIZE];
- mp_int mpi;
- if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- cert->certBegin = cert->srcIdx;
- if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- cert->sigIndex = len + cert->srcIdx;
- if (GetExplicitVersion(cert->source, &cert->srcIdx, &version) < 0)
- return ASN_PARSE_E;
- if (GetInt(&mpi, cert->source, &cert->srcIdx, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- len = mp_unsigned_bin_size(&mpi);
- if (len < (int)sizeof(serialTmp)) {
- if (mp_to_unsigned_bin(&mpi, serialTmp) == MP_OKAY) {
- if (len > EXTERNAL_SERIAL_SIZE)
- len = EXTERNAL_SERIAL_SIZE;
- XMEMCPY(cert->serial, serialTmp, len);
- cert->serialSz = len;
- }
- }
- mp_clear(&mpi);
- return ret;
- }
- #if !defined(NO_RSA)
- /* Store Rsa Key, may save later, Dsa could use in future */
- static int StoreRsaKey(DecodedCert* cert)
- {
- int length;
- word32 read = cert->srcIdx;
- if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
-
- read = cert->srcIdx - read;
- length += read;
- while (read--)
- cert->srcIdx--;
- cert->pubKeySize = length;
- cert->publicKey = cert->source + cert->srcIdx;
- cert->srcIdx += length;
- return 0;
- }
- #endif
- #ifdef HAVE_ECC
- /* return 0 on sucess if the ECC curve oid sum is supported */
- static int CheckCurve(word32 oid)
- {
- if (oid != ECC_256R1 && oid != ECC_384R1 && oid != ECC_521R1 && oid !=
- ECC_160R1 && oid != ECC_192R1 && oid != ECC_224R1)
- return ALGO_ID_E;
- return 0;
- }
- #endif /* HAVE_ECC */
- static int GetKey(DecodedCert* cert)
- {
- int length;
- #ifdef HAVE_NTRU
- int tmpIdx = cert->srcIdx;
- #endif
- if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
-
- if (GetAlgoId(cert->source, &cert->srcIdx, &cert->keyOID, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- switch (cert->keyOID) {
- case DSAk:
- /* do nothing */
- break;
- #ifndef NO_RSA
- case RSAk:
- {
- byte b = cert->source[cert->srcIdx++];
- if (b != ASN_BIT_STRING)
- return ASN_BITSTR_E;
- if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
- return ASN_PARSE_E;
- b = cert->source[cert->srcIdx++];
- if (b != 0x00)
- return ASN_EXPECT_0_E;
-
- return StoreRsaKey(cert);
- }
- break;
- #endif /* NO_RSA */
- #ifdef HAVE_NTRU
- case NTRUk:
- {
- const byte* key = &cert->source[tmpIdx];
- byte* next = (byte*)key;
- word16 keyLen;
- byte keyBlob[MAX_NTRU_KEY_SZ];
- word32 rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
- &keyLen, NULL, &next);
- if (rc != NTRU_OK)
- return ASN_NTRU_KEY_E;
- if (keyLen > sizeof(keyBlob))
- return ASN_NTRU_KEY_E;
- rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,&keyLen,
- keyBlob, &next);
- if (rc != NTRU_OK)
- return ASN_NTRU_KEY_E;
- if ( (next - key) < 0)
- return ASN_NTRU_KEY_E;
- cert->srcIdx = tmpIdx + (int)(next - key);
- cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (cert->publicKey == NULL)
- return MEMORY_E;
- XMEMCPY(cert->publicKey, keyBlob, keyLen);
- cert->pubKeyStored = 1;
- cert->pubKeySize = keyLen;
- }
- break;
- #endif /* HAVE_NTRU */
- #ifdef HAVE_ECC
- case ECDSAk:
- {
- word32 oid = 0;
- int oidSz = 0;
- byte b = cert->source[cert->srcIdx++];
-
- if (b != ASN_OBJECT_ID)
- return ASN_OBJECT_ID_E;
- if (GetLength(cert->source,&cert->srcIdx,&oidSz,cert->maxIdx) < 0)
- return ASN_PARSE_E;
- while(oidSz--)
- oid += cert->source[cert->srcIdx++];
- if (CheckCurve(oid) < 0)
- return ECC_CURVE_OID_E;
- /* key header */
- b = cert->source[cert->srcIdx++];
- if (b != ASN_BIT_STRING)
- return ASN_BITSTR_E;
- if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
- return ASN_PARSE_E;
- b = cert->source[cert->srcIdx++];
- if (b != 0x00)
- return ASN_EXPECT_0_E;
- /* actual key, use length - 1 since ate preceding 0 */
- length -= 1;
- cert->publicKey = (byte*) XMALLOC(length, cert->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (cert->publicKey == NULL)
- return MEMORY_E;
- XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length);
- cert->pubKeyStored = 1;
- cert->pubKeySize = length;
- cert->srcIdx += length;
- }
- break;
- #endif /* HAVE_ECC */
- default:
- return ASN_UNKNOWN_OID_E;
- }
-
- return 0;
- }
- /* process NAME, either issuer or subject */
- static int GetName(DecodedCert* cert, int nameType)
- {
- Sha sha;
- int length; /* length of all distinguished names */
- int dummy;
- char* full = (nameType == ISSUER) ? cert->issuer : cert->subject;
- word32 idx;
- CYASSL_MSG("Getting Cert Name");
- if (cert->source[cert->srcIdx] == ASN_OBJECT_ID) {
- CYASSL_MSG("Trying optional prefix...");
- if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- cert->srcIdx += length;
- CYASSL_MSG("Got optional prefix");
- }
- /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
- * calculated over the entire DER encoding of the Name field, including
- * the tag and length. */
- idx = cert->srcIdx;
- if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- InitSha(&sha);
- ShaUpdate(&sha, &cert->source[idx], length + cert->srcIdx - idx);
- if (nameType == ISSUER)
- ShaFinal(&sha, cert->issuerHash);
- else
- ShaFinal(&sha, cert->subjectHash);
- length += cert->srcIdx;
- idx = 0;
- while (cert->srcIdx < (word32)length) {
- byte b;
- byte joint[2];
- byte tooBig = FALSE;
- int oidSz;
- if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) {
- CYASSL_MSG("Cert name lacks set header, trying sequence");
- }
- if (GetSequence(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- b = cert->source[cert->srcIdx++];
- if (b != ASN_OBJECT_ID)
- return ASN_OBJECT_ID_E;
- if (GetLength(cert->source, &cert->srcIdx, &oidSz, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- XMEMCPY(joint, &cert->source[cert->srcIdx], sizeof(joint));
- /* v1 name types */
- if (joint[0] == 0x55 && joint[1] == 0x04) {
- byte id;
- byte copy = FALSE;
- int strLen;
- cert->srcIdx += 2;
- id = cert->source[cert->srcIdx++];
- b = cert->source[cert->srcIdx++]; /* strType */
- (void)b; /* may want to validate? */
- if (GetLength(cert->source, &cert->srcIdx, &strLen,
- cert->maxIdx) < 0)
- return ASN_PARSE_E;
- if ( (strLen + 4) > (int)(ASN_NAME_MAX - idx)) {
- /* include biggest pre fix header too 4 = "/CN=" */
- CYASSL_MSG("ASN Name too big, skipping");
- tooBig = TRUE;
- }
- if (id == ASN_COMMON_NAME) {
- if (nameType == SUBJECT) {
- cert->subjectCN = (char *)&cert->source[cert->srcIdx];
- cert->subjectCNLen = strLen;
- }
- if (!tooBig) {
- XMEMCPY(&full[idx], "/CN=", 4);
- idx += 4;
- copy = TRUE;
- }
- }
- else if (id == ASN_SUR_NAME) {
- if (!tooBig) {
- XMEMCPY(&full[idx], "/SN=", 4);
- idx += 4;
- copy = TRUE;
- }
- #ifdef CYASSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectSN = (char*)&cert->source[cert->srcIdx];
- cert->subjectSNLen = strLen;
- }
- #endif /* CYASSL_CERT_GEN */
- }
- else if (id == ASN_COUNTRY_NAME) {
- if (!tooBig) {
- XMEMCPY(&full[idx], "/C=", 3);
- idx += 3;
- copy = TRUE;
- }
- #ifdef CYASSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectC = (char*)&cert->source[cert->srcIdx];
- cert->subjectCLen = strLen;
- }
- #endif /* CYASSL_CERT_GEN */
- }
- else if (id == ASN_LOCALITY_NAME) {
- if (!tooBig) {
- XMEMCPY(&full[idx], "/L=", 3);
- idx += 3;
- copy = TRUE;
- }
- #ifdef CYASSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectL = (char*)&cert->source[cert->srcIdx];
- cert->subjectLLen = strLen;
- }
- #endif /* CYASSL_CERT_GEN */
- }
- else if (id == ASN_STATE_NAME) {
- if (!tooBig) {
- XMEMCPY(&full[idx], "/ST=", 4);
- idx += 4;
- copy = TRUE;
- }
- #ifdef CYASSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectST = (char*)&cert->source[cert->srcIdx];
- cert->subjectSTLen = strLen;
- }
- #endif /* CYASSL_CERT_GEN */
- }
- else if (id == ASN_ORG_NAME) {
- if (!tooBig) {
- XMEMCPY(&full[idx], "/O=", 3);
- idx += 3;
- copy = TRUE;
- }
- #ifdef CYASSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectO = (char*)&cert->source[cert->srcIdx];
- cert->subjectOLen = strLen;
- }
- #endif /* CYASSL_CERT_GEN */
- }
- else if (id == ASN_ORGUNIT_NAME) {
- if (!tooBig) {
- XMEMCPY(&full[idx], "/OU=", 4);
- idx += 4;
- copy = TRUE;
- }
- #ifdef CYASSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectOU = (char*)&cert->source[cert->srcIdx];
- cert->subjectOULen = strLen;
- }
- #endif /* CYASSL_CERT_GEN */
- }
- if (copy && !tooBig) {
- XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen);
- idx += strLen;
- }
- cert->srcIdx += strLen;
- }
- else {
- /* skip */
- byte email = FALSE;
- byte uid = FALSE;
- int adv;
- if (joint[0] == 0x2a && joint[1] == 0x86) /* email id hdr */
- email = TRUE;
- if (joint[0] == 0x9 && joint[1] == 0x92) /* uid id hdr */
- uid = TRUE;
- cert->srcIdx += oidSz + 1;
- if (GetLength(cert->source, &cert->srcIdx, &adv, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- if (adv > (int)(ASN_NAME_MAX - idx)) {
- CYASSL_MSG("ASN name too big, skipping");
- tooBig = TRUE;
- }
- if (email) {
- if (14 > (ASN_NAME_MAX - idx)) {
- CYASSL_MSG("ASN name too big, skipping");
- tooBig = TRUE;
- }
- if (!tooBig) {
- XMEMCPY(&full[idx], "/emailAddress=", 14);
- idx += 14;
- }
- #ifdef CYASSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectEmail = (char*)&cert->source[cert->srcIdx];
- cert->subjectEmailLen = adv;
- }
- #endif /* CYASSL_CERT_GEN */
- if (!tooBig) {
- XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
- idx += adv;
- }
- }
- if (uid) {
- if (5 > (ASN_NAME_MAX - idx)) {
- CYASSL_MSG("ASN name too big, skipping");
- tooBig = TRUE;
- }
- if (!tooBig) {
- XMEMCPY(&full[idx], "/UID=", 5);
- idx += 5;
- XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
- idx += adv;
- }
- }
- cert->srcIdx += adv;
- }
- }
- full[idx++] = 0;
- return 0;
- }
- #ifndef NO_TIME_H
- /* to the second */
- static int DateGreaterThan(const struct tm* a, const struct tm* b)
- {
- if (a->tm_year > b->tm_year)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon > b->tm_mon)
- return 1;
-
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday > b->tm_mday)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday == b->tm_mday && a->tm_hour > b->tm_hour)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
- a->tm_min > b->tm_min)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
- a->tm_min == b->tm_min && a->tm_sec > b->tm_sec)
- return 1;
- return 0; /* false */
- }
- static INLINE int DateLessThan(const struct tm* a, const struct tm* b)
- {
- return !DateGreaterThan(a,b);
- }
- /* like atoi but only use first byte */
- /* Make sure before and after dates are valid */
- int ValidateDate(const byte* date, byte format, int dateType)
- {
- time_t ltime;
- struct tm certTime;
- struct tm* localTime;
- int i = 0;
- ltime = XTIME(0);
- XMEMSET(&certTime, 0, sizeof(certTime));
- if (format == ASN_UTC_TIME) {
- if (btoi(date[0]) >= 5)
- certTime.tm_year = 1900;
- else
- certTime.tm_year = 2000;
- }
- else { /* format == GENERALIZED_TIME */
- certTime.tm_year += btoi(date[i++]) * 1000;
- certTime.tm_year += btoi(date[i++]) * 100;
- }
- GetTime(&certTime.tm_year, date, &i); certTime.tm_year -= 1900; /* adjust */
- GetTime(&certTime.tm_mon, date, &i); certTime.tm_mon -= 1; /* adjust */
- GetTime(&certTime.tm_mday, date, &i);
- GetTime(&certTime.tm_hour, date, &i);
- GetTime(&certTime.tm_min, date, &i);
- GetTime(&certTime.tm_sec, date, &i);
- if (date[i] != 'Z') { /* only Zulu supported for this profile */
- CYASSL_MSG("Only Zulu time supported for this profile");
- return 0;
- }
- localTime = XGMTIME(<ime);
- if (dateType == BEFORE) {
- if (DateLessThan(localTime, &certTime))
- return 0;
- }
- else
- if (DateGreaterThan(localTime, &certTime))
- return 0;
- return 1;
- }
- #endif /* NO_TIME_H */
- static int GetDate(DecodedCert* cert, int dateType)
- {
- int length;
- byte date[MAX_DATE_SIZE];
- byte b;
- #ifdef CYASSL_CERT_GEN
- word32 startIdx = 0;
- if (dateType == BEFORE)
- cert->beforeDate = &cert->source[cert->srcIdx];
- else
- cert->afterDate = &cert->source[cert->srcIdx];
- startIdx = cert->srcIdx;
- #endif
- b = cert->source[cert->srcIdx++];
- if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME)
- return ASN_TIME_E;
- if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- if (length > MAX_DATE_SIZE || length < MIN_DATE_SIZE)
- return ASN_DATE_SZ_E;
- XMEMCPY(date, &cert->source[cert->srcIdx], length);
- cert->srcIdx += length;
- #ifdef CYASSL_CERT_GEN
- if (dateType == BEFORE)
- cert->beforeDateLen = cert->srcIdx - startIdx;
- else
- cert->afterDateLen = cert->srcIdx - startIdx;
- #endif
- if (!XVALIDATE_DATE(date, b, dateType)) {
- if (dateType == BEFORE)
- return ASN_BEFORE_DATE_E;
- else
- return ASN_AFTER_DATE_E;
- }
- return 0;
- }
- static int GetValidity(DecodedCert* cert, int verify)
- {
- int length;
- int badDate = 0;
- if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- if (GetDate(cert, BEFORE) < 0 && verify)
- badDate = ASN_BEFORE_DATE_E; /* continue parsing */
-
- if (GetDate(cert, AFTER) < 0 && verify)
- return ASN_AFTER_DATE_E;
-
- if (badDate != 0)
- return badDate;
- return 0;
- }
- int DecodeToKey(DecodedCert* cert, int verify)
- {
- int badDate = 0;
- int ret;
- if ( (ret = GetCertHeader(cert)) < 0)
- return ret;
- if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID,
- cert->maxIdx)) < 0)
- return ret;
- if ( (ret = GetName(cert, ISSUER)) < 0)
- return ret;
- if ( (ret = GetValidity(cert, verify)) < 0)
- badDate = ret;
- if ( (ret = GetName(cert, SUBJECT)) < 0)
- return ret;
- if ( (ret = GetKey(cert)) < 0)
- return ret;
- if (badDate != 0)
- return badDate;
- return ret;
- }
- static int GetSignature(DecodedCert* cert)
- {
- int length;
- byte b = cert->source[cert->srcIdx++];
- if (b != ASN_BIT_STRING)
- return ASN_BITSTR_E;
- if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- cert->sigLength = length;
- b = cert->source[cert->srcIdx++];
- if (b != 0x00)
- return ASN_EXPECT_0_E;
- cert->sigLength--;
- cert->signature = &cert->source[cert->srcIdx];
- cert->srcIdx += cert->sigLength;
- return 0;
- }
- static word32 SetDigest(const byte* digest, word32 digSz, byte* output)
- {
- output[0] = ASN_OCTET_STRING;
- output[1] = (byte)digSz;
- XMEMCPY(&output[2], digest, digSz);
- return digSz + 2;
- }
- static word32 BytePrecision(word32 value)
- {
- word32 i;
- for (i = sizeof(value); i; --i)
- if (value >> ((i - 1) * BIT_SIZE))
- break;
- return i;
- }
- static word32 SetLength(word32 length, byte* output)
- {
- word32 i = 0, j;
- if (length < ASN_LONG_LENGTH)
- output[i++] = (byte)length;
- else {
- output[i++] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH);
-
- for (j = BytePrecision(length); j; --j) {
- output[i] = (byte)(length >> ((j - 1) * BIT_SIZE));
- i++;
- }
- }
- return i;
- }
- static word32 SetSequence(word32 len, byte* output)
- {
- output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED;
- return SetLength(len, output + 1) + 1;
- }
- static word32 SetAlgoID(int algoOID, byte* output, int type)
- {
- /* adding TAG_NULL and 0 to end */
-
- /* hashTypes */
- static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a,
- 0x05, 0x00 };
- static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
- 0x04, 0x02, 0x01, 0x05, 0x00 };
- static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
- 0x04, 0x02, 0x02, …
Large files files are truncated, but you can click here to view the full file