MultiTech
A library for setting up Secure Socket Layer (SSL) connections and verifying remote hosts using certificates. Contains only the source files for mbed platform implementation of the library.
Dependents: HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL
cyassl/ctaocrypt/asn_public.h@6:cf58d49e1a86, 2015-03-23 (annotated)
- Committer:
- Mike Fiore
- Date:
- Mon Mar 23 16:51:07 2015 -0500
- Revision:
- 6:cf58d49e1a86
- Parent:
- 0:b86d15c6ba29
fix whitespace in sha512.c
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| Vanger | 0:b86d15c6ba29 | 1 | /* asn_public.h |
| Vanger | 0:b86d15c6ba29 | 2 | * |
| Vanger | 0:b86d15c6ba29 | 3 | * Copyright (C) 2006-2014 wolfSSL Inc. |
| Vanger | 0:b86d15c6ba29 | 4 | * |
| Vanger | 0:b86d15c6ba29 | 5 | * This file is part of CyaSSL. |
| Vanger | 0:b86d15c6ba29 | 6 | * |
| Vanger | 0:b86d15c6ba29 | 7 | * CyaSSL is free software; you can redistribute it and/or modify |
| Vanger | 0:b86d15c6ba29 | 8 | * it under the terms of the GNU General Public License as published by |
| Vanger | 0:b86d15c6ba29 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| Vanger | 0:b86d15c6ba29 | 10 | * (at your option) any later version. |
| Vanger | 0:b86d15c6ba29 | 11 | * |
| Vanger | 0:b86d15c6ba29 | 12 | * CyaSSL is distributed in the hope that it will be useful, |
| Vanger | 0:b86d15c6ba29 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| Vanger | 0:b86d15c6ba29 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| Vanger | 0:b86d15c6ba29 | 15 | * GNU General Public License for more details. |
| Vanger | 0:b86d15c6ba29 | 16 | * |
| Vanger | 0:b86d15c6ba29 | 17 | * You should have received a copy of the GNU General Public License |
| Vanger | 0:b86d15c6ba29 | 18 | * along with this program; if not, write to the Free Software |
| Vanger | 0:b86d15c6ba29 | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
| Vanger | 0:b86d15c6ba29 | 20 | */ |
| Vanger | 0:b86d15c6ba29 | 21 | |
| Vanger | 0:b86d15c6ba29 | 22 | |
| Vanger | 0:b86d15c6ba29 | 23 | #ifndef CTAO_CRYPT_ASN_PUBLIC_H |
| Vanger | 0:b86d15c6ba29 | 24 | #define CTAO_CRYPT_ASN_PUBLIC_H |
| Vanger | 0:b86d15c6ba29 | 25 | |
| Vanger | 0:b86d15c6ba29 | 26 | #include <cyassl/ctaocrypt/types.h> |
| Vanger | 0:b86d15c6ba29 | 27 | #include <cyassl/ctaocrypt/ecc.h> |
| Vanger | 0:b86d15c6ba29 | 28 | #ifdef CYASSL_CERT_GEN |
| Vanger | 0:b86d15c6ba29 | 29 | #include <cyassl/ctaocrypt/rsa.h> |
| Vanger | 0:b86d15c6ba29 | 30 | #endif |
| Vanger | 0:b86d15c6ba29 | 31 | |
| Vanger | 0:b86d15c6ba29 | 32 | |
| Vanger | 0:b86d15c6ba29 | 33 | #ifdef __cplusplus |
| Vanger | 0:b86d15c6ba29 | 34 | extern "C" { |
| Vanger | 0:b86d15c6ba29 | 35 | #endif |
| Vanger | 0:b86d15c6ba29 | 36 | |
| Vanger | 0:b86d15c6ba29 | 37 | |
| Vanger | 0:b86d15c6ba29 | 38 | /* Certificate file Type */ |
| Vanger | 0:b86d15c6ba29 | 39 | enum CertType { |
| Vanger | 0:b86d15c6ba29 | 40 | CERT_TYPE = 0, |
| Vanger | 0:b86d15c6ba29 | 41 | PRIVATEKEY_TYPE, |
| Vanger | 0:b86d15c6ba29 | 42 | DH_PARAM_TYPE, |
| Vanger | 0:b86d15c6ba29 | 43 | CRL_TYPE, |
| Vanger | 0:b86d15c6ba29 | 44 | CA_TYPE, |
| Vanger | 0:b86d15c6ba29 | 45 | ECC_PRIVATEKEY_TYPE, |
| Vanger | 0:b86d15c6ba29 | 46 | CERTREQ_TYPE |
| Vanger | 0:b86d15c6ba29 | 47 | }; |
| Vanger | 0:b86d15c6ba29 | 48 | |
| Vanger | 0:b86d15c6ba29 | 49 | |
| Vanger | 0:b86d15c6ba29 | 50 | /* Signature type, by OID sum */ |
| Vanger | 0:b86d15c6ba29 | 51 | enum Ctc_SigType { |
| Vanger | 0:b86d15c6ba29 | 52 | CTC_SHAwDSA = 517, |
| Vanger | 0:b86d15c6ba29 | 53 | CTC_MD2wRSA = 646, |
| Vanger | 0:b86d15c6ba29 | 54 | CTC_MD5wRSA = 648, |
| Vanger | 0:b86d15c6ba29 | 55 | CTC_SHAwRSA = 649, |
| Vanger | 0:b86d15c6ba29 | 56 | CTC_SHAwECDSA = 520, |
| Vanger | 0:b86d15c6ba29 | 57 | CTC_SHA256wRSA = 655, |
| Vanger | 0:b86d15c6ba29 | 58 | CTC_SHA256wECDSA = 524, |
| Vanger | 0:b86d15c6ba29 | 59 | CTC_SHA384wRSA = 656, |
| Vanger | 0:b86d15c6ba29 | 60 | CTC_SHA384wECDSA = 525, |
| Vanger | 0:b86d15c6ba29 | 61 | CTC_SHA512wRSA = 657, |
| Vanger | 0:b86d15c6ba29 | 62 | CTC_SHA512wECDSA = 526 |
| Vanger | 0:b86d15c6ba29 | 63 | }; |
| Vanger | 0:b86d15c6ba29 | 64 | |
| Vanger | 0:b86d15c6ba29 | 65 | enum Ctc_Encoding { |
| Vanger | 0:b86d15c6ba29 | 66 | CTC_UTF8 = 0x0c, /* utf8 */ |
| Vanger | 0:b86d15c6ba29 | 67 | CTC_PRINTABLE = 0x13 /* printable */ |
| Vanger | 0:b86d15c6ba29 | 68 | }; |
| Vanger | 0:b86d15c6ba29 | 69 | |
| Vanger | 0:b86d15c6ba29 | 70 | |
| Vanger | 0:b86d15c6ba29 | 71 | #ifdef CYASSL_CERT_GEN |
| Vanger | 0:b86d15c6ba29 | 72 | |
| Vanger | 0:b86d15c6ba29 | 73 | #ifndef HAVE_ECC |
| Vanger | 0:b86d15c6ba29 | 74 | typedef struct ecc_key ecc_key; |
| Vanger | 0:b86d15c6ba29 | 75 | #endif |
| Vanger | 0:b86d15c6ba29 | 76 | |
| Vanger | 0:b86d15c6ba29 | 77 | enum Ctc_Misc { |
| Vanger | 0:b86d15c6ba29 | 78 | CTC_NAME_SIZE = 64, |
| Vanger | 0:b86d15c6ba29 | 79 | CTC_DATE_SIZE = 32, |
| Vanger | 0:b86d15c6ba29 | 80 | CTC_MAX_ALT_SIZE = 16384, /* may be huge */ |
| Vanger | 0:b86d15c6ba29 | 81 | CTC_SERIAL_SIZE = 8 |
| Vanger | 0:b86d15c6ba29 | 82 | }; |
| Vanger | 0:b86d15c6ba29 | 83 | |
| Vanger | 0:b86d15c6ba29 | 84 | typedef struct CertName { |
| Vanger | 0:b86d15c6ba29 | 85 | char country[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 86 | char countryEnc; |
| Vanger | 0:b86d15c6ba29 | 87 | char state[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 88 | char stateEnc; |
| Vanger | 0:b86d15c6ba29 | 89 | char locality[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 90 | char localityEnc; |
| Vanger | 0:b86d15c6ba29 | 91 | char sur[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 92 | char surEnc; |
| Vanger | 0:b86d15c6ba29 | 93 | char org[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 94 | char orgEnc; |
| Vanger | 0:b86d15c6ba29 | 95 | char unit[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 96 | char unitEnc; |
| Vanger | 0:b86d15c6ba29 | 97 | char commonName[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 98 | char commonNameEnc; |
| Vanger | 0:b86d15c6ba29 | 99 | char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */ |
| Vanger | 0:b86d15c6ba29 | 100 | } CertName; |
| Vanger | 0:b86d15c6ba29 | 101 | |
| Vanger | 0:b86d15c6ba29 | 102 | |
| Vanger | 0:b86d15c6ba29 | 103 | /* for user to fill for certificate generation */ |
| Vanger | 0:b86d15c6ba29 | 104 | typedef struct Cert { |
| Vanger | 0:b86d15c6ba29 | 105 | int version; /* x509 version */ |
| Vanger | 0:b86d15c6ba29 | 106 | byte serial[CTC_SERIAL_SIZE]; /* serial number */ |
| Vanger | 0:b86d15c6ba29 | 107 | int sigType; /* signature algo type */ |
| Vanger | 0:b86d15c6ba29 | 108 | CertName issuer; /* issuer info */ |
| Vanger | 0:b86d15c6ba29 | 109 | int daysValid; /* validity days */ |
| Vanger | 0:b86d15c6ba29 | 110 | int selfSigned; /* self signed flag */ |
| Vanger | 0:b86d15c6ba29 | 111 | CertName subject; /* subject info */ |
| Vanger | 0:b86d15c6ba29 | 112 | int isCA; /* is this going to be a CA */ |
| Vanger | 0:b86d15c6ba29 | 113 | /* internal use only */ |
| Vanger | 0:b86d15c6ba29 | 114 | int bodySz; /* pre sign total size */ |
| Vanger | 0:b86d15c6ba29 | 115 | int keyType; /* public key type of subject */ |
| Vanger | 0:b86d15c6ba29 | 116 | #ifdef CYASSL_ALT_NAMES |
| Vanger | 0:b86d15c6ba29 | 117 | byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */ |
| Vanger | 0:b86d15c6ba29 | 118 | int altNamesSz; /* altNames size in bytes */ |
| Vanger | 0:b86d15c6ba29 | 119 | byte beforeDate[CTC_DATE_SIZE]; /* before date copy */ |
| Vanger | 0:b86d15c6ba29 | 120 | int beforeDateSz; /* size of copy */ |
| Vanger | 0:b86d15c6ba29 | 121 | byte afterDate[CTC_DATE_SIZE]; /* after date copy */ |
| Vanger | 0:b86d15c6ba29 | 122 | int afterDateSz; /* size of copy */ |
| Vanger | 0:b86d15c6ba29 | 123 | #endif |
| Vanger | 0:b86d15c6ba29 | 124 | #ifdef CYASSL_CERT_REQ |
| Vanger | 0:b86d15c6ba29 | 125 | char challengePw[CTC_NAME_SIZE]; |
| Vanger | 0:b86d15c6ba29 | 126 | #endif |
| Vanger | 0:b86d15c6ba29 | 127 | } Cert; |
| Vanger | 0:b86d15c6ba29 | 128 | |
| Vanger | 0:b86d15c6ba29 | 129 | |
| Vanger | 0:b86d15c6ba29 | 130 | |
| Vanger | 0:b86d15c6ba29 | 131 | |
| Vanger | 0:b86d15c6ba29 | 132 | /* Initialize and Set Certficate defaults: |
| Vanger | 0:b86d15c6ba29 | 133 | version = 3 (0x2) |
| Vanger | 0:b86d15c6ba29 | 134 | serial = 0 (Will be randomly generated) |
| Vanger | 0:b86d15c6ba29 | 135 | sigType = SHA_WITH_RSA |
| Vanger | 0:b86d15c6ba29 | 136 | issuer = blank |
| Vanger | 0:b86d15c6ba29 | 137 | daysValid = 500 |
| Vanger | 0:b86d15c6ba29 | 138 | selfSigned = 1 (true) use subject as issuer |
| Vanger | 0:b86d15c6ba29 | 139 | subject = blank |
| Vanger | 0:b86d15c6ba29 | 140 | isCA = 0 (false) |
| Vanger | 0:b86d15c6ba29 | 141 | keyType = RSA_KEY (default) |
| Vanger | 0:b86d15c6ba29 | 142 | */ |
| Vanger | 0:b86d15c6ba29 | 143 | CYASSL_API void InitCert(Cert*); |
| Vanger | 0:b86d15c6ba29 | 144 | CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, |
| Vanger | 0:b86d15c6ba29 | 145 | ecc_key*, RNG*); |
| Vanger | 0:b86d15c6ba29 | 146 | #ifdef CYASSL_CERT_REQ |
| Vanger | 0:b86d15c6ba29 | 147 | CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*, |
| Vanger | 0:b86d15c6ba29 | 148 | ecc_key*); |
| Vanger | 0:b86d15c6ba29 | 149 | #endif |
| Vanger | 0:b86d15c6ba29 | 150 | CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer, |
| Vanger | 0:b86d15c6ba29 | 151 | word32 derSz, RsaKey*, ecc_key*, RNG*); |
| Vanger | 0:b86d15c6ba29 | 152 | CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, |
| Vanger | 0:b86d15c6ba29 | 153 | RNG*); |
| Vanger | 0:b86d15c6ba29 | 154 | CYASSL_API int SetIssuer(Cert*, const char*); |
| Vanger | 0:b86d15c6ba29 | 155 | CYASSL_API int SetSubject(Cert*, const char*); |
| Vanger | 0:b86d15c6ba29 | 156 | #ifdef CYASSL_ALT_NAMES |
| Vanger | 0:b86d15c6ba29 | 157 | CYASSL_API int SetAltNames(Cert*, const char*); |
| Vanger | 0:b86d15c6ba29 | 158 | #endif |
| Vanger | 0:b86d15c6ba29 | 159 | CYASSL_API int SetIssuerBuffer(Cert*, const byte*, int); |
| Vanger | 0:b86d15c6ba29 | 160 | CYASSL_API int SetSubjectBuffer(Cert*, const byte*, int); |
| Vanger | 0:b86d15c6ba29 | 161 | CYASSL_API int SetAltNamesBuffer(Cert*, const byte*, int); |
| Vanger | 0:b86d15c6ba29 | 162 | CYASSL_API int SetDatesBuffer(Cert*, const byte*, int); |
| Vanger | 0:b86d15c6ba29 | 163 | |
| Vanger | 0:b86d15c6ba29 | 164 | #ifdef HAVE_NTRU |
| Vanger | 0:b86d15c6ba29 | 165 | CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, |
| Vanger | 0:b86d15c6ba29 | 166 | const byte* ntruKey, word16 keySz, RNG*); |
| Vanger | 0:b86d15c6ba29 | 167 | #endif |
| Vanger | 0:b86d15c6ba29 | 168 | |
| Vanger | 0:b86d15c6ba29 | 169 | #endif /* CYASSL_CERT_GEN */ |
| Vanger | 0:b86d15c6ba29 | 170 | |
| Vanger | 0:b86d15c6ba29 | 171 | |
| Vanger | 0:b86d15c6ba29 | 172 | #if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) |
| Vanger | 0:b86d15c6ba29 | 173 | CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output, |
| Vanger | 0:b86d15c6ba29 | 174 | word32 outputSz, int type); |
| Vanger | 0:b86d15c6ba29 | 175 | #endif |
| Vanger | 0:b86d15c6ba29 | 176 | |
| Vanger | 0:b86d15c6ba29 | 177 | #ifdef HAVE_ECC |
| Vanger | 0:b86d15c6ba29 | 178 | /* private key helpers */ |
| Vanger | 0:b86d15c6ba29 | 179 | CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx, |
| Vanger | 0:b86d15c6ba29 | 180 | ecc_key*,word32); |
| Vanger | 0:b86d15c6ba29 | 181 | CYASSL_API int EccKeyToDer(ecc_key*, byte* output, word32 inLen); |
| Vanger | 0:b86d15c6ba29 | 182 | #endif |
| Vanger | 0:b86d15c6ba29 | 183 | |
| Vanger | 0:b86d15c6ba29 | 184 | /* DER encode signature */ |
| Vanger | 0:b86d15c6ba29 | 185 | CYASSL_API word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, |
| Vanger | 0:b86d15c6ba29 | 186 | int hashOID); |
| Vanger | 0:b86d15c6ba29 | 187 | CYASSL_API int GetCTC_HashOID(int type); |
| Vanger | 0:b86d15c6ba29 | 188 | |
| Vanger | 0:b86d15c6ba29 | 189 | #ifdef __cplusplus |
| Vanger | 0:b86d15c6ba29 | 190 | } /* extern "C" */ |
| Vanger | 0:b86d15c6ba29 | 191 | #endif |
| Vanger | 0:b86d15c6ba29 | 192 | |
| Vanger | 0:b86d15c6ba29 | 193 | #endif /* CTAO_CRYPT_ASN_PUBLIC_H */ |
| Vanger | 0:b86d15c6ba29 | 194 |