Ashley Mills / axTLS

Rough and ready port of axTLS

ssl/crypto_misc.h@0:5a29fd060ac8, 2013-05-13 (annotated)

Committer:
ashleymills
Date:
Mon May 13 18:15:18 2013 +0000
Revision:
0:5a29fd060ac8
initial commit

Who changed what in which revision?

UserRevisionLine numberNew contents of line
ashleymills 0:5a29fd060ac8 1 /*
ashleymills 0:5a29fd060ac8 2 * Copyright (c) 2007, Cameron Rich
ashleymills 0:5a29fd060ac8 3 *
ashleymills 0:5a29fd060ac8 4 * All rights reserved.
ashleymills 0:5a29fd060ac8 5 *
ashleymills 0:5a29fd060ac8 6 * Redistribution and use in source and binary forms, with or without
ashleymills 0:5a29fd060ac8 7 * modification, are permitted provided that the following conditions are met:
ashleymills 0:5a29fd060ac8 8 *
ashleymills 0:5a29fd060ac8 9 * * Redistributions of source code must retain the above copyright notice,
ashleymills 0:5a29fd060ac8 10 * this list of conditions and the following disclaimer.
ashleymills 0:5a29fd060ac8 11 * * Redistributions in binary form must reproduce the above copyright notice,
ashleymills 0:5a29fd060ac8 12 * this list of conditions and the following disclaimer in the documentation
ashleymills 0:5a29fd060ac8 13 * and/or other materials provided with the distribution.
ashleymills 0:5a29fd060ac8 14 * * Neither the name of the axTLS project nor the names of its contributors
ashleymills 0:5a29fd060ac8 15 * may be used to endorse or promote products derived from this software
ashleymills 0:5a29fd060ac8 16 * without specific prior written permission.
ashleymills 0:5a29fd060ac8 17 *
ashleymills 0:5a29fd060ac8 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
ashleymills 0:5a29fd060ac8 19 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
ashleymills 0:5a29fd060ac8 20 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
ashleymills 0:5a29fd060ac8 21 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
ashleymills 0:5a29fd060ac8 22 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
ashleymills 0:5a29fd060ac8 23 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
ashleymills 0:5a29fd060ac8 24 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
ashleymills 0:5a29fd060ac8 25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
ashleymills 0:5a29fd060ac8 26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
ashleymills 0:5a29fd060ac8 27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
ashleymills 0:5a29fd060ac8 28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
ashleymills 0:5a29fd060ac8 29 */
ashleymills 0:5a29fd060ac8 30
ashleymills 0:5a29fd060ac8 31 /**
ashleymills 0:5a29fd060ac8 32 * @file crypto_misc.h
ashleymills 0:5a29fd060ac8 33 */
ashleymills 0:5a29fd060ac8 34
ashleymills 0:5a29fd060ac8 35 #ifndef HEADER_CRYPTO_MISC_H
ashleymills 0:5a29fd060ac8 36 #define HEADER_CRYPTO_MISC_H
ashleymills 0:5a29fd060ac8 37
ashleymills 0:5a29fd060ac8 38 #ifdef __cplusplus
ashleymills 0:5a29fd060ac8 39 extern "C" {
ashleymills 0:5a29fd060ac8 40 #endif
ashleymills 0:5a29fd060ac8 41
ashleymills 0:5a29fd060ac8 42 #include "crypto.h"
ashleymills 0:5a29fd060ac8 43 #include "bigint.h"
ashleymills 0:5a29fd060ac8 44 #include "config.h"
ashleymills 0:5a29fd060ac8 45
ashleymills 0:5a29fd060ac8 46 /**************************************************************************
ashleymills 0:5a29fd060ac8 47 * X509 declarations
ashleymills 0:5a29fd060ac8 48 **************************************************************************/
ashleymills 0:5a29fd060ac8 49 #define X509_OK 0
ashleymills 0:5a29fd060ac8 50 #define X509_NOT_OK -1
ashleymills 0:5a29fd060ac8 51 #define X509_VFY_ERROR_NO_TRUSTED_CERT -2
ashleymills 0:5a29fd060ac8 52 #define X509_VFY_ERROR_BAD_SIGNATURE -3
ashleymills 0:5a29fd060ac8 53 #define X509_VFY_ERROR_NOT_YET_VALID -4
ashleymills 0:5a29fd060ac8 54 #define X509_VFY_ERROR_EXPIRED -5
ashleymills 0:5a29fd060ac8 55 #define X509_VFY_ERROR_SELF_SIGNED -6
ashleymills 0:5a29fd060ac8 56 #define X509_VFY_ERROR_INVALID_CHAIN -7
ashleymills 0:5a29fd060ac8 57 #define X509_VFY_ERROR_UNSUPPORTED_DIGEST -8
ashleymills 0:5a29fd060ac8 58 #define X509_INVALID_PRIV_KEY -9
ashleymills 0:5a29fd060ac8 59
ashleymills 0:5a29fd060ac8 60 /*
ashleymills 0:5a29fd060ac8 61 * The Distinguished Name
ashleymills 0:5a29fd060ac8 62 */
ashleymills 0:5a29fd060ac8 63 #define X509_NUM_DN_TYPES 3
ashleymills 0:5a29fd060ac8 64 #define X509_COMMON_NAME 0
ashleymills 0:5a29fd060ac8 65 #define X509_ORGANIZATION 1
ashleymills 0:5a29fd060ac8 66 #define X509_ORGANIZATIONAL_UNIT 2
ashleymills 0:5a29fd060ac8 67
ashleymills 0:5a29fd060ac8 68 #include <time.h>
ashleymills 0:5a29fd060ac8 69
ashleymills 0:5a29fd060ac8 70 struct _x509_ctx
ashleymills 0:5a29fd060ac8 71 {
ashleymills 0:5a29fd060ac8 72 char *ca_cert_dn[X509_NUM_DN_TYPES];
ashleymills 0:5a29fd060ac8 73 char *cert_dn[X509_NUM_DN_TYPES];
ashleymills 0:5a29fd060ac8 74 char **subject_alt_dnsnames;
ashleymills 0:5a29fd060ac8 75 time_t not_before;
ashleymills 0:5a29fd060ac8 76 time_t not_after;
ashleymills 0:5a29fd060ac8 77 uint8_t *signature;
ashleymills 0:5a29fd060ac8 78 uint16_t sig_len;
ashleymills 0:5a29fd060ac8 79 uint8_t sig_type;
ashleymills 0:5a29fd060ac8 80 RSA_CTX *rsa_ctx;
ashleymills 0:5a29fd060ac8 81 bigint *digest;
ashleymills 0:5a29fd060ac8 82 struct _x509_ctx *next;
ashleymills 0:5a29fd060ac8 83 };
ashleymills 0:5a29fd060ac8 84
ashleymills 0:5a29fd060ac8 85 typedef struct _x509_ctx X509_CTX;
ashleymills 0:5a29fd060ac8 86
ashleymills 0:5a29fd060ac8 87 #ifdef CONFIG_SSL_CERT_VERIFICATION
ashleymills 0:5a29fd060ac8 88 typedef struct
ashleymills 0:5a29fd060ac8 89 {
ashleymills 0:5a29fd060ac8 90 X509_CTX *cert[CONFIG_X509_MAX_CA_CERTS];
ashleymills 0:5a29fd060ac8 91 } CA_CERT_CTX;
ashleymills 0:5a29fd060ac8 92 #endif
ashleymills 0:5a29fd060ac8 93
ashleymills 0:5a29fd060ac8 94 int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx);
ashleymills 0:5a29fd060ac8 95 void x509_free(X509_CTX *x509_ctx);
ashleymills 0:5a29fd060ac8 96 #ifdef CONFIG_SSL_CERT_VERIFICATION
ashleymills 0:5a29fd060ac8 97 int x509_verify(const CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert);
ashleymills 0:5a29fd060ac8 98 #endif
ashleymills 0:5a29fd060ac8 99 #ifdef CONFIG_SSL_FULL_MODE
ashleymills 0:5a29fd060ac8 100 void x509_print(const X509_CTX *cert, CA_CERT_CTX *ca_cert_ctx);
ashleymills 0:5a29fd060ac8 101 const char * x509_display_error(int error);
ashleymills 0:5a29fd060ac8 102 #endif
ashleymills 0:5a29fd060ac8 103
ashleymills 0:5a29fd060ac8 104 /**************************************************************************
ashleymills 0:5a29fd060ac8 105 * ASN1 declarations
ashleymills 0:5a29fd060ac8 106 **************************************************************************/
ashleymills 0:5a29fd060ac8 107 #define ASN1_INTEGER 0x02
ashleymills 0:5a29fd060ac8 108 #define ASN1_BIT_STRING 0x03
ashleymills 0:5a29fd060ac8 109 #define ASN1_OCTET_STRING 0x04
ashleymills 0:5a29fd060ac8 110 #define ASN1_NULL 0x05
ashleymills 0:5a29fd060ac8 111 #define ASN1_PRINTABLE_STR2 0x0C
ashleymills 0:5a29fd060ac8 112 #define ASN1_OID 0x06
ashleymills 0:5a29fd060ac8 113 #define ASN1_PRINTABLE_STR2 0x0C
ashleymills 0:5a29fd060ac8 114 #define ASN1_PRINTABLE_STR 0x13
ashleymills 0:5a29fd060ac8 115 #define ASN1_TELETEX_STR 0x14
ashleymills 0:5a29fd060ac8 116 #define ASN1_IA5_STR 0x16
ashleymills 0:5a29fd060ac8 117 #define ASN1_UTC_TIME 0x17
ashleymills 0:5a29fd060ac8 118 #define ASN1_UNICODE_STR 0x1e
ashleymills 0:5a29fd060ac8 119 #define ASN1_SEQUENCE 0x30
ashleymills 0:5a29fd060ac8 120 #define ASN1_CONTEXT_DNSNAME 0x82
ashleymills 0:5a29fd060ac8 121 #define ASN1_SET 0x31
ashleymills 0:5a29fd060ac8 122 #define ASN1_V3_DATA 0xa3
ashleymills 0:5a29fd060ac8 123 #define ASN1_IMPLICIT_TAG 0x80
ashleymills 0:5a29fd060ac8 124 #define ASN1_CONTEXT_DNSNAME 0x82
ashleymills 0:5a29fd060ac8 125 #define ASN1_EXPLICIT_TAG 0xa0
ashleymills 0:5a29fd060ac8 126 #define ASN1_V3_DATA 0xa3
ashleymills 0:5a29fd060ac8 127
ashleymills 0:5a29fd060ac8 128 #define SIG_TYPE_MD2 0x02
ashleymills 0:5a29fd060ac8 129 #define SIG_TYPE_MD5 0x04
ashleymills 0:5a29fd060ac8 130 #define SIG_TYPE_SHA1 0x05
ashleymills 0:5a29fd060ac8 131
ashleymills 0:5a29fd060ac8 132 int get_asn1_length(const uint8_t *buf, int *offset);
ashleymills 0:5a29fd060ac8 133 int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx);
ashleymills 0:5a29fd060ac8 134 int asn1_next_obj(const uint8_t *buf, int *offset, int obj_type);
ashleymills 0:5a29fd060ac8 135 int asn1_skip_obj(const uint8_t *buf, int *offset, int obj_type);
ashleymills 0:5a29fd060ac8 136 int asn1_get_int(const uint8_t *buf, int *offset, uint8_t **object);
ashleymills 0:5a29fd060ac8 137 int asn1_version(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
ashleymills 0:5a29fd060ac8 138 int asn1_validity(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
ashleymills 0:5a29fd060ac8 139 int asn1_name(const uint8_t *cert, int *offset, char *dn[]);
ashleymills 0:5a29fd060ac8 140 int asn1_public_key(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
ashleymills 0:5a29fd060ac8 141 #ifdef CONFIG_SSL_CERT_VERIFICATION
ashleymills 0:5a29fd060ac8 142 int asn1_signature(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
ashleymills 0:5a29fd060ac8 143 int asn1_find_subjectaltname(const uint8_t* cert, int offset);
ashleymills 0:5a29fd060ac8 144 int asn1_compare_dn(char * const dn1[], char * const dn2[]);
ashleymills 0:5a29fd060ac8 145 #endif /* CONFIG_SSL_CERT_VERIFICATION */
ashleymills 0:5a29fd060ac8 146 int asn1_signature_type(const uint8_t *cert,
ashleymills 0:5a29fd060ac8 147 int *offset, X509_CTX *x509_ctx);
ashleymills 0:5a29fd060ac8 148
ashleymills 0:5a29fd060ac8 149 /**************************************************************************
ashleymills 0:5a29fd060ac8 150 * MISC declarations
ashleymills 0:5a29fd060ac8 151 **************************************************************************/
ashleymills 0:5a29fd060ac8 152 #define SALT_SIZE 8
ashleymills 0:5a29fd060ac8 153
ashleymills 0:5a29fd060ac8 154 extern const char * const unsupported_str;
ashleymills 0:5a29fd060ac8 155
ashleymills 0:5a29fd060ac8 156 typedef void (*crypt_func)(void *, const uint8_t *, uint8_t *, int);
ashleymills 0:5a29fd060ac8 157 typedef void (*hmac_func)(const uint8_t *msg, int length, const uint8_t *key,
ashleymills 0:5a29fd060ac8 158 int key_len, uint8_t *digest);
ashleymills 0:5a29fd060ac8 159
ashleymills 0:5a29fd060ac8 160 int get_file(const char *filename, uint8_t **buf);
ashleymills 0:5a29fd060ac8 161
ashleymills 0:5a29fd060ac8 162 #if defined(CONFIG_SSL_FULL_MODE) || defined(WIN32) || defined(CONFIG_DEBUG)
ashleymills 0:5a29fd060ac8 163 EXP_FUNC void STDCALL print_blob(const char *format, const uint8_t *data, int size, ...);
ashleymills 0:5a29fd060ac8 164 #else
ashleymills 0:5a29fd060ac8 165 #define print_blob(...)
ashleymills 0:5a29fd060ac8 166 #endif
ashleymills 0:5a29fd060ac8 167
ashleymills 0:5a29fd060ac8 168 EXP_FUNC int STDCALL base64_decode(const char *in, int len,
ashleymills 0:5a29fd060ac8 169 uint8_t *out, int *outlen);
ashleymills 0:5a29fd060ac8 170
ashleymills 0:5a29fd060ac8 171 #ifdef __cplusplus
ashleymills 0:5a29fd060ac8 172 }
ashleymills 0:5a29fd060ac8 173 #endif
ashleymills 0:5a29fd060ac8 174
ashleymills 0:5a29fd060ac8 175 #endif