cyassl-lib - fork of cyassl-lib

Users » feb11 » Code » cyassl-lib

fork of cyassl-lib

ctaocrypt/src/asn.c@4:f377303c41be, 2013-09-16 (annotated)

Committer:: feb11
Date:: Mon Sep 16 09:53:35 2013 +0000
Revision:: 4:f377303c41be
Parent:: 0:714293de3836

changed settings

Who changed what in which revision?

User	Revision	Line number	New contents of line
ashleymills	0:714293de3836	1	/* asn.c
ashleymills	0:714293de3836	2	*
ashleymills	0:714293de3836	3	* Copyright (C) 2006-2013 wolfSSL Inc.
ashleymills	0:714293de3836	4	*
ashleymills	0:714293de3836	5	* This file is part of CyaSSL.
ashleymills	0:714293de3836	6	*
ashleymills	0:714293de3836	7	* CyaSSL is free software; you can redistribute it and/or modify
ashleymills	0:714293de3836	8	* it under the terms of the GNU General Public License as published by
ashleymills	0:714293de3836	9	* the Free Software Foundation; either version 2 of the License, or
ashleymills	0:714293de3836	10	* (at your option) any later version.
ashleymills	0:714293de3836	11	*
ashleymills	0:714293de3836	12	* CyaSSL is distributed in the hope that it will be useful,
ashleymills	0:714293de3836	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
ashleymills	0:714293de3836	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
ashleymills	0:714293de3836	15	* GNU General Public License for more details.
ashleymills	0:714293de3836	16	*
ashleymills	0:714293de3836	17	* You should have received a copy of the GNU General Public License
ashleymills	0:714293de3836	18	* along with this program; if not, write to the Free Software
ashleymills	0:714293de3836	19	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
ashleymills	0:714293de3836	20	*/
ashleymills	0:714293de3836	21
ashleymills	0:714293de3836	22	#ifdef HAVE_CONFIG_H
ashleymills	0:714293de3836	23	#include <config.h>
ashleymills	0:714293de3836	24	#endif
ashleymills	0:714293de3836	25
ashleymills	0:714293de3836	26	#include <cyassl/ctaocrypt/settings.h>
ashleymills	0:714293de3836	27
ashleymills	0:714293de3836	28	#ifndef NO_ASN
ashleymills	0:714293de3836	29
ashleymills	0:714293de3836	30	#ifdef HAVE_RTP_SYS
ashleymills	0:714293de3836	31	#include "os.h" /* dc_rtc_api needs */
ashleymills	0:714293de3836	32	#include "dc_rtc_api.h" /* to get current time */
ashleymills	0:714293de3836	33	#endif
ashleymills	0:714293de3836	34
ashleymills	0:714293de3836	35	#include <cyassl/ctaocrypt/integer.h>
ashleymills	0:714293de3836	36	#include <cyassl/ctaocrypt/asn.h>
ashleymills	0:714293de3836	37	#include <cyassl/ctaocrypt/coding.h>
ashleymills	0:714293de3836	38	#include <cyassl/ctaocrypt/sha.h>
ashleymills	0:714293de3836	39	#include <cyassl/ctaocrypt/md5.h>
ashleymills	0:714293de3836	40	#include <cyassl/ctaocrypt/md2.h>
ashleymills	0:714293de3836	41	#include <cyassl/ctaocrypt/ctaoerror2.h>
ashleymills	0:714293de3836	42	#include <cyassl/ctaocrypt/pwdbased.h>
ashleymills	0:714293de3836	43	#include <cyassl/ctaocrypt/des3.h>
ashleymills	0:714293de3836	44	#include <cyassl/ctaocrypt/sha256.h>
ashleymills	0:714293de3836	45	#include <cyassl/ctaocrypt/sha512.h>
ashleymills	0:714293de3836	46	#include <cyassl/ctaocrypt/logging.h>
ashleymills	0:714293de3836	47
ashleymills	0:714293de3836	48	#include <cyassl/ctaocrypt/random.h>
ashleymills	0:714293de3836	49
ashleymills	0:714293de3836	50
ashleymills	0:714293de3836	51	#ifndef NO_RC4
ashleymills	0:714293de3836	52	#include <cyassl/ctaocrypt/arc4.h>
ashleymills	0:714293de3836	53	#endif
ashleymills	0:714293de3836	54
ashleymills	0:714293de3836	55	#ifdef HAVE_NTRU
ashleymills	0:714293de3836	56	#include "crypto_ntru.h"
ashleymills	0:714293de3836	57	#endif
ashleymills	0:714293de3836	58
ashleymills	0:714293de3836	59	#ifdef HAVE_ECC
ashleymills	0:714293de3836	60	#include <cyassl/ctaocrypt/ecc.h>
ashleymills	0:714293de3836	61	#endif
ashleymills	0:714293de3836	62
ashleymills	0:714293de3836	63	#ifdef CYASSL_DEBUG_ENCODING
ashleymills	0:714293de3836	64	#ifdef FREESCALE_MQX
ashleymills	0:714293de3836	65	#include <fio.h>
ashleymills	0:714293de3836	66	#else
ashleymills	0:714293de3836	67	#include <stdio.h>
ashleymills	0:714293de3836	68	#endif
ashleymills	0:714293de3836	69	#endif
ashleymills	0:714293de3836	70
ashleymills	0:714293de3836	71	#ifdef _MSC_VER
ashleymills	0:714293de3836	72	/* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
ashleymills	0:714293de3836	73	#pragma warning(disable: 4996)
ashleymills	0:714293de3836	74	#endif
ashleymills	0:714293de3836	75
ashleymills	0:714293de3836	76
ashleymills	0:714293de3836	77	#ifndef TRUE
ashleymills	0:714293de3836	78	#define TRUE 1
ashleymills	0:714293de3836	79	#endif
ashleymills	0:714293de3836	80	#ifndef FALSE
ashleymills	0:714293de3836	81	#define FALSE 0
ashleymills	0:714293de3836	82	#endif
ashleymills	0:714293de3836	83
ashleymills	0:714293de3836	84
ashleymills	0:714293de3836	85	#ifdef HAVE_RTP_SYS
ashleymills	0:714293de3836	86	/* uses parital <time.h> structures */
ashleymills	0:714293de3836	87	#define XTIME(tl) (0)
ashleymills	0:714293de3836	88	#define XGMTIME(c) my_gmtime((c))
ashleymills	0:714293de3836	89	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
ashleymills	0:714293de3836	90	#elif defined(MICRIUM)
ashleymills	0:714293de3836	91	#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
ashleymills	0:714293de3836	92	#define XVALIDATE_DATE(d,f,t) NetSecure_ValidateDateHandler((d),(f),(t))
ashleymills	0:714293de3836	93	#else
ashleymills	0:714293de3836	94	#define XVALIDATE_DATE(d, f, t) (0)
ashleymills	0:714293de3836	95	#endif
ashleymills	0:714293de3836	96	#define NO_TIME_H
ashleymills	0:714293de3836	97	/* since Micrium not defining XTIME or XGMTIME, CERT_GEN not available */
ashleymills	0:714293de3836	98	#elif defined(MICROCHIP_TCPIP_V5) \|\| defined(MICROCHIP_TCPIP)
ashleymills	0:714293de3836	99	#include <time.h>
ashleymills	0:714293de3836	100	#define XTIME(t1) pic32_time((t1))
ashleymills	0:714293de3836	101	#define XGMTIME(c) gmtime((c))
ashleymills	0:714293de3836	102	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
ashleymills	0:714293de3836	103	#elif defined(CYASSL_MDK_ARM)
ashleymills	0:714293de3836	104	#include <rtl.h>
ashleymills	0:714293de3836	105	#undef RNG
ashleymills	0:714293de3836	106	#include "cyassl_MDK_ARM.h"
ashleymills	0:714293de3836	107	#undef RNG
ashleymills	0:714293de3836	108	#define RNG CyaSSL_RNG /for avoiding name conflict in "stm32f2xx.h" /
ashleymills	0:714293de3836	109	#define XTIME(tl) (0)
ashleymills	0:714293de3836	110	#define XGMTIME(c) Cyassl_MDK_gmtime((c))
ashleymills	0:714293de3836	111	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
ashleymills	0:714293de3836	112	#elif defined(USER_TIME)
ashleymills	0:714293de3836	113	/* user time, and gmtime compatible functions, there is a gmtime
ashleymills	0:714293de3836	114	implementation here that WINCE uses, so really just need some ticks
ashleymills	0:714293de3836	115	since the EPOCH
ashleymills	0:714293de3836	116	*/
ashleymills	0:714293de3836	117
ashleymills	0:714293de3836	118	struct tm {
ashleymills	0:714293de3836	119	int tm_sec; /* seconds after the minute [0-60] */
ashleymills	0:714293de3836	120	int tm_min; /* minutes after the hour [0-59] */
ashleymills	0:714293de3836	121	int tm_hour; /* hours since midnight [0-23] */
ashleymills	0:714293de3836	122	int tm_mday; /* day of the month [1-31] */
ashleymills	0:714293de3836	123	int tm_mon; /* months since January [0-11] */
ashleymills	0:714293de3836	124	int tm_year; /* years since 1900 */
ashleymills	0:714293de3836	125	int tm_wday; /* days since Sunday [0-6] */
ashleymills	0:714293de3836	126	int tm_yday; /* days since January 1 [0-365] */
ashleymills	0:714293de3836	127	int tm_isdst; /* Daylight Savings Time flag */
ashleymills	0:714293de3836	128	long tm_gmtoff; /* offset from CUT in seconds */
ashleymills	0:714293de3836	129	char tm_zone; / timezone abbreviation */
ashleymills	0:714293de3836	130	};
ashleymills	0:714293de3836	131	typedef long time_t;
ashleymills	0:714293de3836	132
ashleymills	0:714293de3836	133	/* forward declaration */
ashleymills	0:714293de3836	134	struct tm* gmtime(const time_t* timer);
ashleymills	0:714293de3836	135	extern time_t XTIME(time_t * timer);
ashleymills	0:714293de3836	136
ashleymills	0:714293de3836	137	#define XGMTIME(c) gmtime((c))
ashleymills	0:714293de3836	138	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
ashleymills	0:714293de3836	139
ashleymills	0:714293de3836	140	#ifdef STACK_TRAP
ashleymills	0:714293de3836	141	/* for stack trap tracking, don't call os gmtime on OS X/linux,
ashleymills	0:714293de3836	142	uses a lot of stack spce */
ashleymills	0:714293de3836	143	extern time_t time(time_t * timer);
ashleymills	0:714293de3836	144	#define XTIME(tl) time((tl))
ashleymills	0:714293de3836	145	#endif /* STACK_TRAP */
ashleymills	0:714293de3836	146	#else
ashleymills	0:714293de3836	147	/* default */
ashleymills	0:714293de3836	148	/* uses complete <time.h> facility */
ashleymills	0:714293de3836	149	#include <time.h>
ashleymills	0:714293de3836	150	#define XTIME(tl) time((tl))
ashleymills	0:714293de3836	151	#define XGMTIME(c) gmtime((c))
ashleymills	0:714293de3836	152	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
ashleymills	0:714293de3836	153	#endif
ashleymills	0:714293de3836	154
ashleymills	0:714293de3836	155
ashleymills	0:714293de3836	156	#ifdef _WIN32_WCE
ashleymills	0:714293de3836	157	/* no time() or gmtime() even though in time.h header?? */
ashleymills	0:714293de3836	158
ashleymills	0:714293de3836	159	#include <windows.h>
ashleymills	0:714293de3836	160
ashleymills	0:714293de3836	161
ashleymills	0:714293de3836	162	time_t time(time_t* timer)
ashleymills	0:714293de3836	163	{
ashleymills	0:714293de3836	164	SYSTEMTIME sysTime;
ashleymills	0:714293de3836	165	FILETIME fTime;
ashleymills	0:714293de3836	166	ULARGE_INTEGER intTime;
ashleymills	0:714293de3836	167	time_t localTime;
ashleymills	0:714293de3836	168
ashleymills	0:714293de3836	169	if (timer == NULL)
ashleymills	0:714293de3836	170	timer = &localTime;
ashleymills	0:714293de3836	171
ashleymills	0:714293de3836	172	GetSystemTime(&sysTime);
ashleymills	0:714293de3836	173	SystemTimeToFileTime(&sysTime, &fTime);
ashleymills	0:714293de3836	174
ashleymills	0:714293de3836	175	XMEMCPY(&intTime, &fTime, sizeof(FILETIME));
ashleymills	0:714293de3836	176	/* subtract EPOCH */
ashleymills	0:714293de3836	177	intTime.QuadPart -= 0x19db1ded53e8000;
ashleymills	0:714293de3836	178	/* to secs */
ashleymills	0:714293de3836	179	intTime.QuadPart /= 10000000;
ashleymills	0:714293de3836	180	*timer = (time_t)intTime.QuadPart;
ashleymills	0:714293de3836	181
ashleymills	0:714293de3836	182	return *timer;
ashleymills	0:714293de3836	183	}
ashleymills	0:714293de3836	184
ashleymills	0:714293de3836	185	#endif /* _WIN32_WCE */
ashleymills	0:714293de3836	186	#if defined( _WIN32_WCE ) \|\| defined( USER_TIME )
ashleymills	0:714293de3836	187
ashleymills	0:714293de3836	188	struct tm* gmtime(const time_t* timer)
ashleymills	0:714293de3836	189	{
ashleymills	0:714293de3836	190	#define YEAR0 1900
ashleymills	0:714293de3836	191	#define EPOCH_YEAR 1970
ashleymills	0:714293de3836	192	#define SECS_DAY (24L * 60L * 60L)
ashleymills	0:714293de3836	193	#define LEAPYEAR(year) (!((year) % 4) && (((year) % 100) \|\| !((year) %400)))
ashleymills	0:714293de3836	194	#define YEARSIZE(year) (LEAPYEAR(year) ? 366 : 365)
ashleymills	0:714293de3836	195
ashleymills	0:714293de3836	196	static const int _ytab[2][12] =
ashleymills	0:714293de3836	197	{
ashleymills	0:714293de3836	198	{31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
ashleymills	0:714293de3836	199	{31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
ashleymills	0:714293de3836	200	};
ashleymills	0:714293de3836	201
ashleymills	0:714293de3836	202	static struct tm st_time;
ashleymills	0:714293de3836	203	struct tm* ret = &st_time;
ashleymills	0:714293de3836	204	time_t secs = *timer;
ashleymills	0:714293de3836	205	unsigned long dayclock, dayno;
ashleymills	0:714293de3836	206	int year = EPOCH_YEAR;
ashleymills	0:714293de3836	207
ashleymills	0:714293de3836	208	dayclock = (unsigned long)secs % SECS_DAY;
ashleymills	0:714293de3836	209	dayno = (unsigned long)secs / SECS_DAY;
ashleymills	0:714293de3836	210
ashleymills	0:714293de3836	211	ret->tm_sec = (int) dayclock % 60;
ashleymills	0:714293de3836	212	ret->tm_min = (int)(dayclock % 3600) / 60;
ashleymills	0:714293de3836	213	ret->tm_hour = (int) dayclock / 3600;
ashleymills	0:714293de3836	214	ret->tm_wday = (int) (dayno + 4) % 7; /* day 0 a Thursday */
ashleymills	0:714293de3836	215
ashleymills	0:714293de3836	216	while(dayno >= (unsigned long)YEARSIZE(year)) {
ashleymills	0:714293de3836	217	dayno -= YEARSIZE(year);
ashleymills	0:714293de3836	218	year++;
ashleymills	0:714293de3836	219	}
ashleymills	0:714293de3836	220
ashleymills	0:714293de3836	221	ret->tm_year = year - YEAR0;
ashleymills	0:714293de3836	222	ret->tm_yday = (int)dayno;
ashleymills	0:714293de3836	223	ret->tm_mon = 0;
ashleymills	0:714293de3836	224
ashleymills	0:714293de3836	225	while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) {
ashleymills	0:714293de3836	226	dayno -= _ytab[LEAPYEAR(year)][ret->tm_mon];
ashleymills	0:714293de3836	227	ret->tm_mon++;
ashleymills	0:714293de3836	228	}
ashleymills	0:714293de3836	229
ashleymills	0:714293de3836	230	ret->tm_mday = (int)++dayno;
ashleymills	0:714293de3836	231	ret->tm_isdst = 0;
ashleymills	0:714293de3836	232
ashleymills	0:714293de3836	233	return ret;
ashleymills	0:714293de3836	234	}
ashleymills	0:714293de3836	235
ashleymills	0:714293de3836	236	#endif /* _WIN32_WCE \|\| USER_TIME */
ashleymills	0:714293de3836	237
ashleymills	0:714293de3836	238
ashleymills	0:714293de3836	239	#ifdef HAVE_RTP_SYS
ashleymills	0:714293de3836	240
ashleymills	0:714293de3836	241	#define YEAR0 1900
ashleymills	0:714293de3836	242
ashleymills	0:714293de3836	243	struct tm* my_gmtime(const time_t* timer) /* has a gmtime() but hangs */
ashleymills	0:714293de3836	244	{
ashleymills	0:714293de3836	245	static struct tm st_time;
ashleymills	0:714293de3836	246	struct tm* ret = &st_time;
ashleymills	0:714293de3836	247
ashleymills	0:714293de3836	248	DC_RTC_CALENDAR cal;
ashleymills	0:714293de3836	249	dc_rtc_time_get(&cal, TRUE);
ashleymills	0:714293de3836	250
ashleymills	0:714293de3836	251	ret->tm_year = cal.year - YEAR0; /* gm starts at 1900 */
ashleymills	0:714293de3836	252	ret->tm_mon = cal.month - 1; /* gm starts at 0 */
ashleymills	0:714293de3836	253	ret->tm_mday = cal.day;
ashleymills	0:714293de3836	254	ret->tm_hour = cal.hour;
ashleymills	0:714293de3836	255	ret->tm_min = cal.minute;
ashleymills	0:714293de3836	256	ret->tm_sec = cal.second;
ashleymills	0:714293de3836	257
ashleymills	0:714293de3836	258	return ret;
ashleymills	0:714293de3836	259	}
ashleymills	0:714293de3836	260
ashleymills	0:714293de3836	261	#endif /* HAVE_RTP_SYS */
ashleymills	0:714293de3836	262
ashleymills	0:714293de3836	263
ashleymills	0:714293de3836	264	#if defined(MICROCHIP_TCPIP_V5) \|\| defined(MICROCHIP_TCPIP)
ashleymills	0:714293de3836	265
ashleymills	0:714293de3836	266	/*
ashleymills	0:714293de3836	267	* time() is just a stub in Microchip libraries. We need our own
ashleymills	0:714293de3836	268	* implementation. Use SNTP client to get seconds since epoch.
ashleymills	0:714293de3836	269	*/
ashleymills	0:714293de3836	270	time_t pic32_time(time_t* timer)
ashleymills	0:714293de3836	271	{
ashleymills	0:714293de3836	272	#ifdef MICROCHIP_TCPIP_V5
ashleymills	0:714293de3836	273	DWORD sec = 0;
ashleymills	0:714293de3836	274	#else
ashleymills	0:714293de3836	275	uint32_t sec = 0;
ashleymills	0:714293de3836	276	#endif
ashleymills	0:714293de3836	277	time_t localTime;
ashleymills	0:714293de3836	278
ashleymills	0:714293de3836	279	if (timer == NULL)
ashleymills	0:714293de3836	280	timer = &localTime;
ashleymills	0:714293de3836	281
ashleymills	0:714293de3836	282	sec = SNTPGetUTCSeconds();
ashleymills	0:714293de3836	283	*timer = (time_t) sec;
ashleymills	0:714293de3836	284
ashleymills	0:714293de3836	285	return *timer;
ashleymills	0:714293de3836	286	}
ashleymills	0:714293de3836	287
ashleymills	0:714293de3836	288	#endif /* MICROCHIP_TCPIP */
ashleymills	0:714293de3836	289
ashleymills	0:714293de3836	290
ashleymills	0:714293de3836	291	static INLINE word32 btoi(byte b)
ashleymills	0:714293de3836	292	{
ashleymills	0:714293de3836	293	return b - 0x30;
ashleymills	0:714293de3836	294	}
ashleymills	0:714293de3836	295
ashleymills	0:714293de3836	296
ashleymills	0:714293de3836	297	/* two byte date/time, add to value */
ashleymills	0:714293de3836	298	static INLINE void GetTime(int* value, const byte* date, int* idx)
ashleymills	0:714293de3836	299	{
ashleymills	0:714293de3836	300	int i = *idx;
ashleymills	0:714293de3836	301
ashleymills	0:714293de3836	302	value += btoi(date[i++]) 10;
ashleymills	0:714293de3836	303	*value += btoi(date[i++]);
ashleymills	0:714293de3836	304
ashleymills	0:714293de3836	305	*idx = i;
ashleymills	0:714293de3836	306	}
ashleymills	0:714293de3836	307
ashleymills	0:714293de3836	308
ashleymills	0:714293de3836	309	#if defined(MICRIUM)
ashleymills	0:714293de3836	310
ashleymills	0:714293de3836	311	CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format,
ashleymills	0:714293de3836	312	CPU_INT08U dateType)
ashleymills	0:714293de3836	313	{
ashleymills	0:714293de3836	314	CPU_BOOLEAN rtn_code;
ashleymills	0:714293de3836	315	CPU_INT32S i;
ashleymills	0:714293de3836	316	CPU_INT32S val;
ashleymills	0:714293de3836	317	CPU_INT16U year;
ashleymills	0:714293de3836	318	CPU_INT08U month;
ashleymills	0:714293de3836	319	CPU_INT16U day;
ashleymills	0:714293de3836	320	CPU_INT08U hour;
ashleymills	0:714293de3836	321	CPU_INT08U min;
ashleymills	0:714293de3836	322	CPU_INT08U sec;
ashleymills	0:714293de3836	323
ashleymills	0:714293de3836	324	i = 0;
ashleymills	0:714293de3836	325	year = 0u;
ashleymills	0:714293de3836	326
ashleymills	0:714293de3836	327	if (format == ASN_UTC_TIME) {
ashleymills	0:714293de3836	328	if (btoi(date[0]) >= 5)
ashleymills	0:714293de3836	329	year = 1900;
ashleymills	0:714293de3836	330	else
ashleymills	0:714293de3836	331	year = 2000;
ashleymills	0:714293de3836	332	}
ashleymills	0:714293de3836	333	else { /* format == GENERALIZED_TIME */
ashleymills	0:714293de3836	334	year += btoi(date[i++]) * 1000;
ashleymills	0:714293de3836	335	year += btoi(date[i++]) * 100;
ashleymills	0:714293de3836	336	}
ashleymills	0:714293de3836	337
ashleymills	0:714293de3836	338	val = year;
ashleymills	0:714293de3836	339	GetTime(&val, date, &i);
ashleymills	0:714293de3836	340	year = (CPU_INT16U)val;
ashleymills	0:714293de3836	341
ashleymills	0:714293de3836	342	val = 0;
ashleymills	0:714293de3836	343	GetTime(&val, date, &i);
ashleymills	0:714293de3836	344	month = (CPU_INT08U)val;
ashleymills	0:714293de3836	345
ashleymills	0:714293de3836	346	val = 0;
ashleymills	0:714293de3836	347	GetTime(&val, date, &i);
ashleymills	0:714293de3836	348	day = (CPU_INT16U)val;
ashleymills	0:714293de3836	349
ashleymills	0:714293de3836	350	val = 0;
ashleymills	0:714293de3836	351	GetTime(&val, date, &i);
ashleymills	0:714293de3836	352	hour = (CPU_INT08U)val;
ashleymills	0:714293de3836	353
ashleymills	0:714293de3836	354	val = 0;
ashleymills	0:714293de3836	355	GetTime(&val, date, &i);
ashleymills	0:714293de3836	356	min = (CPU_INT08U)val;
ashleymills	0:714293de3836	357
ashleymills	0:714293de3836	358	val = 0;
ashleymills	0:714293de3836	359	GetTime(&val, date, &i);
ashleymills	0:714293de3836	360	sec = (CPU_INT08U)val;
ashleymills	0:714293de3836	361
ashleymills	0:714293de3836	362	return NetSecure_ValidateDate(year, month, day, hour, min, sec, dateType);
ashleymills	0:714293de3836	363	}
ashleymills	0:714293de3836	364
ashleymills	0:714293de3836	365	#endif /* MICRIUM */
ashleymills	0:714293de3836	366
ashleymills	0:714293de3836	367
ashleymills	0:714293de3836	368	static int GetLength(const byte* input, word32* inOutIdx, int* len,
ashleymills	0:714293de3836	369	word32 maxIdx)
ashleymills	0:714293de3836	370	{
ashleymills	0:714293de3836	371	int length = 0;
ashleymills	0:714293de3836	372	word32 i = *inOutIdx;
ashleymills	0:714293de3836	373	byte b;
ashleymills	0:714293de3836	374
ashleymills	0:714293de3836	375	if ( (i+1) > maxIdx) { /* for first read */
ashleymills	0:714293de3836	376	CYASSL_MSG("GetLength bad index on input");
ashleymills	0:714293de3836	377	return BUFFER_E;
ashleymills	0:714293de3836	378	}
ashleymills	0:714293de3836	379
ashleymills	0:714293de3836	380	b = input[i++];
ashleymills	0:714293de3836	381	if (b >= ASN_LONG_LENGTH) {
ashleymills	0:714293de3836	382	word32 bytes = b & 0x7F;
ashleymills	0:714293de3836	383
ashleymills	0:714293de3836	384	if ( (i+bytes) > maxIdx) { /* for reading bytes */
ashleymills	0:714293de3836	385	CYASSL_MSG("GetLength bad long length");
ashleymills	0:714293de3836	386	return BUFFER_E;
ashleymills	0:714293de3836	387	}
ashleymills	0:714293de3836	388
ashleymills	0:714293de3836	389	while (bytes--) {
ashleymills	0:714293de3836	390	b = input[i++];
ashleymills	0:714293de3836	391	length = (length << 8) \| b;
ashleymills	0:714293de3836	392	}
ashleymills	0:714293de3836	393	}
ashleymills	0:714293de3836	394	else
ashleymills	0:714293de3836	395	length = b;
ashleymills	0:714293de3836	396
ashleymills	0:714293de3836	397	if ( (i+length) > maxIdx) { /* for user of length */
ashleymills	0:714293de3836	398	CYASSL_MSG("GetLength value exceeds buffer length");
ashleymills	0:714293de3836	399	return BUFFER_E;
ashleymills	0:714293de3836	400	}
ashleymills	0:714293de3836	401
ashleymills	0:714293de3836	402	*inOutIdx = i;
ashleymills	0:714293de3836	403	*len = length;
ashleymills	0:714293de3836	404
ashleymills	0:714293de3836	405	return length;
ashleymills	0:714293de3836	406	}
ashleymills	0:714293de3836	407
ashleymills	0:714293de3836	408
ashleymills	0:714293de3836	409	static int GetSequence(const byte* input, word32* inOutIdx, int* len,
ashleymills	0:714293de3836	410	word32 maxIdx)
ashleymills	0:714293de3836	411	{
ashleymills	0:714293de3836	412	int length = -1;
ashleymills	0:714293de3836	413	word32 idx = *inOutIdx;
ashleymills	0:714293de3836	414
ashleymills	0:714293de3836	415	if (input[idx++] != (ASN_SEQUENCE \| ASN_CONSTRUCTED) \|\|
ashleymills	0:714293de3836	416	GetLength(input, &idx, &length, maxIdx) < 0)
ashleymills	0:714293de3836	417	return ASN_PARSE_E;
ashleymills	0:714293de3836	418
ashleymills	0:714293de3836	419	*len = length;
ashleymills	0:714293de3836	420	*inOutIdx = idx;
ashleymills	0:714293de3836	421
ashleymills	0:714293de3836	422	return length;
ashleymills	0:714293de3836	423	}
ashleymills	0:714293de3836	424
ashleymills	0:714293de3836	425
ashleymills	0:714293de3836	426	static int GetSet(const byte* input, word32* inOutIdx, int* len, word32 maxIdx)
ashleymills	0:714293de3836	427	{
ashleymills	0:714293de3836	428	int length = -1;
ashleymills	0:714293de3836	429	word32 idx = *inOutIdx;
ashleymills	0:714293de3836	430
ashleymills	0:714293de3836	431	if (input[idx++] != (ASN_SET \| ASN_CONSTRUCTED) \|\|
ashleymills	0:714293de3836	432	GetLength(input, &idx, &length, maxIdx) < 0)
ashleymills	0:714293de3836	433	return ASN_PARSE_E;
ashleymills	0:714293de3836	434
ashleymills	0:714293de3836	435	*len = length;
ashleymills	0:714293de3836	436	*inOutIdx = idx;
ashleymills	0:714293de3836	437
ashleymills	0:714293de3836	438	return length;
ashleymills	0:714293de3836	439	}
ashleymills	0:714293de3836	440
ashleymills	0:714293de3836	441
ashleymills	0:714293de3836	442	/* winodws header clash for WinCE using GetVersion */
ashleymills	0:714293de3836	443	static int GetMyVersion(const byte* input, word32* inOutIdx, int* version)
ashleymills	0:714293de3836	444	{
ashleymills	0:714293de3836	445	word32 idx = *inOutIdx;
ashleymills	0:714293de3836	446
ashleymills	0:714293de3836	447	CYASSL_ENTER("GetMyVersion");
ashleymills	0:714293de3836	448
ashleymills	0:714293de3836	449	if (input[idx++] != ASN_INTEGER)
ashleymills	0:714293de3836	450	return ASN_PARSE_E;
ashleymills	0:714293de3836	451
ashleymills	0:714293de3836	452	if (input[idx++] != 0x01)
ashleymills	0:714293de3836	453	return ASN_VERSION_E;
ashleymills	0:714293de3836	454
ashleymills	0:714293de3836	455	*version = input[idx++];
ashleymills	0:714293de3836	456	*inOutIdx = idx;
ashleymills	0:714293de3836	457
ashleymills	0:714293de3836	458	return *version;
ashleymills	0:714293de3836	459	}
ashleymills	0:714293de3836	460
ashleymills	0:714293de3836	461
ashleymills	0:714293de3836	462	#ifndef NO_PWDBASED
ashleymills	0:714293de3836	463	/* Get small count integer, 32 bits or less */
ashleymills	0:714293de3836	464	static int GetShortInt(const byte* input, word32* inOutIdx, int* number)
ashleymills	0:714293de3836	465	{
ashleymills	0:714293de3836	466	word32 idx = *inOutIdx;
ashleymills	0:714293de3836	467	word32 len;
ashleymills	0:714293de3836	468
ashleymills	0:714293de3836	469	*number = 0;
ashleymills	0:714293de3836	470
ashleymills	0:714293de3836	471	if (input[idx++] != ASN_INTEGER)
ashleymills	0:714293de3836	472	return ASN_PARSE_E;
ashleymills	0:714293de3836	473
ashleymills	0:714293de3836	474	len = input[idx++];
ashleymills	0:714293de3836	475	if (len > 4)
ashleymills	0:714293de3836	476	return ASN_PARSE_E;
ashleymills	0:714293de3836	477
ashleymills	0:714293de3836	478	while (len--) {
ashleymills	0:714293de3836	479	number = number << 8 \| input[idx++];
ashleymills	0:714293de3836	480	}
ashleymills	0:714293de3836	481
ashleymills	0:714293de3836	482	*inOutIdx = idx;
ashleymills	0:714293de3836	483
ashleymills	0:714293de3836	484	return *number;
ashleymills	0:714293de3836	485	}
ashleymills	0:714293de3836	486	#endif /* !NO_PWDBASED */
ashleymills	0:714293de3836	487
ashleymills	0:714293de3836	488
ashleymills	0:714293de3836	489	/* May not have one, not an error */
ashleymills	0:714293de3836	490	static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
ashleymills	0:714293de3836	491	{
ashleymills	0:714293de3836	492	word32 idx = *inOutIdx;
ashleymills	0:714293de3836	493
ashleymills	0:714293de3836	494	CYASSL_ENTER("GetExplicitVersion");
ashleymills	0:714293de3836	495	if (input[idx++] == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED)) {
ashleymills	0:714293de3836	496	inOutIdx = ++idx; / eat header */
ashleymills	0:714293de3836	497	return GetMyVersion(input, inOutIdx, version);
ashleymills	0:714293de3836	498	}
ashleymills	0:714293de3836	499
ashleymills	0:714293de3836	500	/* go back as is */
ashleymills	0:714293de3836	501	*version = 0;
ashleymills	0:714293de3836	502
ashleymills	0:714293de3836	503	return 0;
ashleymills	0:714293de3836	504	}
ashleymills	0:714293de3836	505
ashleymills	0:714293de3836	506
ashleymills	0:714293de3836	507	static int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
ashleymills	0:714293de3836	508	word32 maxIdx)
ashleymills	0:714293de3836	509	{
ashleymills	0:714293de3836	510	word32 i = *inOutIdx;
ashleymills	0:714293de3836	511	byte b = input[i++];
ashleymills	0:714293de3836	512	int length;
ashleymills	0:714293de3836	513
ashleymills	0:714293de3836	514	if (b != ASN_INTEGER)
ashleymills	0:714293de3836	515	return ASN_PARSE_E;
ashleymills	0:714293de3836	516
ashleymills	0:714293de3836	517	if (GetLength(input, &i, &length, maxIdx) < 0)
ashleymills	0:714293de3836	518	return ASN_PARSE_E;
ashleymills	0:714293de3836	519
ashleymills	0:714293de3836	520	if ( (b = input[i++]) == 0x00)
ashleymills	0:714293de3836	521	length--;
ashleymills	0:714293de3836	522	else
ashleymills	0:714293de3836	523	i--;
ashleymills	0:714293de3836	524
ashleymills	0:714293de3836	525	if (mp_init(mpi) != MP_OKAY)
ashleymills	0:714293de3836	526	return MP_INIT_E;
ashleymills	0:714293de3836	527
ashleymills	0:714293de3836	528	if (mp_read_unsigned_bin(mpi, (byte*)input + i, length) != 0) {
ashleymills	0:714293de3836	529	mp_clear(mpi);
ashleymills	0:714293de3836	530	return ASN_GETINT_E;
ashleymills	0:714293de3836	531	}
ashleymills	0:714293de3836	532
ashleymills	0:714293de3836	533	*inOutIdx = i + length;
ashleymills	0:714293de3836	534	return 0;
ashleymills	0:714293de3836	535	}
ashleymills	0:714293de3836	536
ashleymills	0:714293de3836	537
ashleymills	0:714293de3836	538	static int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
ashleymills	0:714293de3836	539	word32 maxIdx)
ashleymills	0:714293de3836	540	{
ashleymills	0:714293de3836	541	int length;
ashleymills	0:714293de3836	542	word32 i = *inOutIdx;
ashleymills	0:714293de3836	543	byte b;
ashleymills	0:714293de3836	544	*oid = 0;
ashleymills	0:714293de3836	545
ashleymills	0:714293de3836	546	b = input[i++];
ashleymills	0:714293de3836	547	if (b != ASN_OBJECT_ID)
ashleymills	0:714293de3836	548	return ASN_OBJECT_ID_E;
ashleymills	0:714293de3836	549
ashleymills	0:714293de3836	550	if (GetLength(input, &i, &length, maxIdx) < 0)
ashleymills	0:714293de3836	551	return ASN_PARSE_E;
ashleymills	0:714293de3836	552
ashleymills	0:714293de3836	553	while(length--)
ashleymills	0:714293de3836	554	*oid += input[i++];
ashleymills	0:714293de3836	555	/* just sum it up for now */
ashleymills	0:714293de3836	556
ashleymills	0:714293de3836	557	*inOutIdx = i;
ashleymills	0:714293de3836	558
ashleymills	0:714293de3836	559	return 0;
ashleymills	0:714293de3836	560	}
ashleymills	0:714293de3836	561
ashleymills	0:714293de3836	562
ashleymills	0:714293de3836	563	static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
ashleymills	0:714293de3836	564	word32 maxIdx)
ashleymills	0:714293de3836	565	{
ashleymills	0:714293de3836	566	int length;
ashleymills	0:714293de3836	567	word32 i = *inOutIdx;
ashleymills	0:714293de3836	568	byte b;
ashleymills	0:714293de3836	569	*oid = 0;
ashleymills	0:714293de3836	570
ashleymills	0:714293de3836	571	CYASSL_ENTER("GetAlgoId");
ashleymills	0:714293de3836	572
ashleymills	0:714293de3836	573	if (GetSequence(input, &i, &length, maxIdx) < 0)
ashleymills	0:714293de3836	574	return ASN_PARSE_E;
ashleymills	0:714293de3836	575
ashleymills	0:714293de3836	576	b = input[i++];
ashleymills	0:714293de3836	577	if (b != ASN_OBJECT_ID)
ashleymills	0:714293de3836	578	return ASN_OBJECT_ID_E;
ashleymills	0:714293de3836	579
ashleymills	0:714293de3836	580	if (GetLength(input, &i, &length, maxIdx) < 0)
ashleymills	0:714293de3836	581	return ASN_PARSE_E;
ashleymills	0:714293de3836	582
ashleymills	0:714293de3836	583	while(length--) {
ashleymills	0:714293de3836	584	/* odd HC08 compiler behavior here when input[i++] */
ashleymills	0:714293de3836	585	*oid += input[i];
ashleymills	0:714293de3836	586	i++;
ashleymills	0:714293de3836	587	}
ashleymills	0:714293de3836	588	/* just sum it up for now */
ashleymills	0:714293de3836	589
ashleymills	0:714293de3836	590	/* could have NULL tag and 0 terminator, but may not */
ashleymills	0:714293de3836	591	b = input[i++];
ashleymills	0:714293de3836	592
ashleymills	0:714293de3836	593	if (b == ASN_TAG_NULL) {
ashleymills	0:714293de3836	594	b = input[i++];
ashleymills	0:714293de3836	595	if (b != 0)
ashleymills	0:714293de3836	596	return ASN_EXPECT_0_E;
ashleymills	0:714293de3836	597	}
ashleymills	0:714293de3836	598	else
ashleymills	0:714293de3836	599	/* go back, didn't have it */
ashleymills	0:714293de3836	600	i--;
ashleymills	0:714293de3836	601
ashleymills	0:714293de3836	602	*inOutIdx = i;
ashleymills	0:714293de3836	603
ashleymills	0:714293de3836	604	return 0;
ashleymills	0:714293de3836	605	}
ashleymills	0:714293de3836	606
ashleymills	0:714293de3836	607	#ifndef NO_RSA
ashleymills	0:714293de3836	608
ashleymills	0:714293de3836	609
ashleymills	0:714293de3836	610	#ifdef HAVE_CAVIUM
ashleymills	0:714293de3836	611
ashleymills	0:714293de3836	612	static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input,
ashleymills	0:714293de3836	613	word32* inOutIdx, word32 maxIdx, void* heap)
ashleymills	0:714293de3836	614	{
ashleymills	0:714293de3836	615	word32 i = *inOutIdx;
ashleymills	0:714293de3836	616	byte b = input[i++];
ashleymills	0:714293de3836	617	int length;
ashleymills	0:714293de3836	618
ashleymills	0:714293de3836	619	if (b != ASN_INTEGER)
ashleymills	0:714293de3836	620	return ASN_PARSE_E;
ashleymills	0:714293de3836	621
ashleymills	0:714293de3836	622	if (GetLength(input, &i, &length, maxIdx) < 0)
ashleymills	0:714293de3836	623	return ASN_PARSE_E;
ashleymills	0:714293de3836	624
ashleymills	0:714293de3836	625	if ( (b = input[i++]) == 0x00)
ashleymills	0:714293de3836	626	length--;
ashleymills	0:714293de3836	627	else
ashleymills	0:714293de3836	628	i--;
ashleymills	0:714293de3836	629
ashleymills	0:714293de3836	630	*buffSz = (word16)length;
ashleymills	0:714293de3836	631	buff = XMALLOC(buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA);
ashleymills	0:714293de3836	632	if (*buff == NULL)
ashleymills	0:714293de3836	633	return MEMORY_E;
ashleymills	0:714293de3836	634
ashleymills	0:714293de3836	635	XMEMCPY(buff, input + i, buffSz);
ashleymills	0:714293de3836	636
ashleymills	0:714293de3836	637	*inOutIdx = i + length;
ashleymills	0:714293de3836	638	return 0;
ashleymills	0:714293de3836	639	}
ashleymills	0:714293de3836	640
ashleymills	0:714293de3836	641	static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
ashleymills	0:714293de3836	642	RsaKey* key, word32 inSz)
ashleymills	0:714293de3836	643	{
ashleymills	0:714293de3836	644	int version, length;
ashleymills	0:714293de3836	645	void* h = key->heap;
ashleymills	0:714293de3836	646
ashleymills	0:714293de3836	647	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	648	return ASN_PARSE_E;
ashleymills	0:714293de3836	649
ashleymills	0:714293de3836	650	if (GetMyVersion(input, inOutIdx, &version) < 0)
ashleymills	0:714293de3836	651	return ASN_PARSE_E;
ashleymills	0:714293de3836	652
ashleymills	0:714293de3836	653	key->type = RSA_PRIVATE;
ashleymills	0:714293de3836	654
ashleymills	0:714293de3836	655	if (GetCaviumInt(&key->c_n, &key->c_nSz, input, inOutIdx, inSz, h) < 0 \|\|
ashleymills	0:714293de3836	656	GetCaviumInt(&key->c_e, &key->c_eSz, input, inOutIdx, inSz, h) < 0 \|\|
ashleymills	0:714293de3836	657	GetCaviumInt(&key->c_d, &key->c_dSz, input, inOutIdx, inSz, h) < 0 \|\|
ashleymills	0:714293de3836	658	GetCaviumInt(&key->c_p, &key->c_pSz, input, inOutIdx, inSz, h) < 0 \|\|
ashleymills	0:714293de3836	659	GetCaviumInt(&key->c_q, &key->c_qSz, input, inOutIdx, inSz, h) < 0 \|\|
ashleymills	0:714293de3836	660	GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 \|\|
ashleymills	0:714293de3836	661	GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 \|\|
ashleymills	0:714293de3836	662	GetCaviumInt(&key->c_u, &key->c_uSz, input, inOutIdx, inSz, h) < 0 )
ashleymills	0:714293de3836	663	return ASN_RSA_KEY_E;
ashleymills	0:714293de3836	664
ashleymills	0:714293de3836	665	return 0;
ashleymills	0:714293de3836	666	}
ashleymills	0:714293de3836	667
ashleymills	0:714293de3836	668
ashleymills	0:714293de3836	669	#endif /* HAVE_CAVIUM */
ashleymills	0:714293de3836	670
ashleymills	0:714293de3836	671	int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
ashleymills	0:714293de3836	672	word32 inSz)
ashleymills	0:714293de3836	673	{
ashleymills	0:714293de3836	674	int version, length;
ashleymills	0:714293de3836	675
ashleymills	0:714293de3836	676	#ifdef HAVE_CAVIUM
ashleymills	0:714293de3836	677	if (key->magic == CYASSL_RSA_CAVIUM_MAGIC)
ashleymills	0:714293de3836	678	return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz);
ashleymills	0:714293de3836	679	#endif
ashleymills	0:714293de3836	680
ashleymills	0:714293de3836	681	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	682	return ASN_PARSE_E;
ashleymills	0:714293de3836	683
ashleymills	0:714293de3836	684	if (GetMyVersion(input, inOutIdx, &version) < 0)
ashleymills	0:714293de3836	685	return ASN_PARSE_E;
ashleymills	0:714293de3836	686
ashleymills	0:714293de3836	687	key->type = RSA_PRIVATE;
ashleymills	0:714293de3836	688
ashleymills	0:714293de3836	689	if (GetInt(&key->n, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	690	GetInt(&key->e, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	691	GetInt(&key->d, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	692	GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	693	GetInt(&key->q, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	694	GetInt(&key->dP, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	695	GetInt(&key->dQ, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	696	GetInt(&key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
ashleymills	0:714293de3836	697
ashleymills	0:714293de3836	698	return 0;
ashleymills	0:714293de3836	699	}
ashleymills	0:714293de3836	700
ashleymills	0:714293de3836	701	#endif /* NO_RSA */
ashleymills	0:714293de3836	702
ashleymills	0:714293de3836	703	/* Remove PKCS8 header, move beginning of traditional to beginning of input */
ashleymills	0:714293de3836	704	int ToTraditional(byte* input, word32 sz)
ashleymills	0:714293de3836	705	{
ashleymills	0:714293de3836	706	word32 inOutIdx = 0, oid;
ashleymills	0:714293de3836	707	int version, length;
ashleymills	0:714293de3836	708
ashleymills	0:714293de3836	709	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	710	return ASN_PARSE_E;
ashleymills	0:714293de3836	711
ashleymills	0:714293de3836	712	if (GetMyVersion(input, &inOutIdx, &version) < 0)
ashleymills	0:714293de3836	713	return ASN_PARSE_E;
ashleymills	0:714293de3836	714
ashleymills	0:714293de3836	715	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
ashleymills	0:714293de3836	716	return ASN_PARSE_E;
ashleymills	0:714293de3836	717
ashleymills	0:714293de3836	718	if (input[inOutIdx] == ASN_OBJECT_ID) {
ashleymills	0:714293de3836	719	/* pkcs8 ecc uses slightly different format */
ashleymills	0:714293de3836	720	inOutIdx++; /* past id */
ashleymills	0:714293de3836	721	if (GetLength(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	722	return ASN_PARSE_E;
ashleymills	0:714293de3836	723	inOutIdx += length; /* over sub id, key input will verify */
ashleymills	0:714293de3836	724	}
ashleymills	0:714293de3836	725
ashleymills	0:714293de3836	726	if (input[inOutIdx++] != ASN_OCTET_STRING)
ashleymills	0:714293de3836	727	return ASN_PARSE_E;
ashleymills	0:714293de3836	728
ashleymills	0:714293de3836	729	if (GetLength(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	730	return ASN_PARSE_E;
ashleymills	0:714293de3836	731
ashleymills	0:714293de3836	732	XMEMMOVE(input, input + inOutIdx, length);
ashleymills	0:714293de3836	733
ashleymills	0:714293de3836	734	return 0;
ashleymills	0:714293de3836	735	}
ashleymills	0:714293de3836	736
ashleymills	0:714293de3836	737
ashleymills	0:714293de3836	738	#ifndef NO_PWDBASED
ashleymills	0:714293de3836	739
ashleymills	0:714293de3836	740	/* Check To see if PKCS version algo is supported, set id if it is return 0
ashleymills	0:714293de3836	741	< 0 on error */
ashleymills	0:714293de3836	742	static int CheckAlgo(int first, int second, int* id, int* version)
ashleymills	0:714293de3836	743	{
ashleymills	0:714293de3836	744	*id = ALGO_ID_E;
ashleymills	0:714293de3836	745	version = PKCS5; / default */
ashleymills	0:714293de3836	746
ashleymills	0:714293de3836	747	if (first == 1) {
ashleymills	0:714293de3836	748	switch (second) {
ashleymills	0:714293de3836	749	case 1:
ashleymills	0:714293de3836	750	*id = PBE_SHA1_RC4_128;
ashleymills	0:714293de3836	751	*version = PKCS12;
ashleymills	0:714293de3836	752	return 0;
ashleymills	0:714293de3836	753	case 3:
ashleymills	0:714293de3836	754	*id = PBE_SHA1_DES3;
ashleymills	0:714293de3836	755	*version = PKCS12;
ashleymills	0:714293de3836	756	return 0;
ashleymills	0:714293de3836	757	default:
ashleymills	0:714293de3836	758	return ALGO_ID_E;
ashleymills	0:714293de3836	759	}
ashleymills	0:714293de3836	760	}
ashleymills	0:714293de3836	761
ashleymills	0:714293de3836	762	if (first != PKCS5)
ashleymills	0:714293de3836	763	return ASN_INPUT_E; /* VERSION ERROR */
ashleymills	0:714293de3836	764
ashleymills	0:714293de3836	765	if (second == PBES2) {
ashleymills	0:714293de3836	766	*version = PKCS5v2;
ashleymills	0:714293de3836	767	return 0;
ashleymills	0:714293de3836	768	}
ashleymills	0:714293de3836	769
ashleymills	0:714293de3836	770	switch (second) {
ashleymills	0:714293de3836	771	case 3: /* see RFC 2898 for ids */
ashleymills	0:714293de3836	772	*id = PBE_MD5_DES;
ashleymills	0:714293de3836	773	return 0;
ashleymills	0:714293de3836	774	case 10:
ashleymills	0:714293de3836	775	*id = PBE_SHA1_DES;
ashleymills	0:714293de3836	776	return 0;
ashleymills	0:714293de3836	777	default:
ashleymills	0:714293de3836	778	return ALGO_ID_E;
ashleymills	0:714293de3836	779
ashleymills	0:714293de3836	780	}
ashleymills	0:714293de3836	781	}
ashleymills	0:714293de3836	782
ashleymills	0:714293de3836	783
ashleymills	0:714293de3836	784	/* Check To see if PKCS v2 algo is supported, set id if it is return 0
ashleymills	0:714293de3836	785	< 0 on error */
ashleymills	0:714293de3836	786	static int CheckAlgoV2(int oid, int* id)
ashleymills	0:714293de3836	787	{
ashleymills	0:714293de3836	788	switch (oid) {
ashleymills	0:714293de3836	789	case 69:
ashleymills	0:714293de3836	790	*id = PBE_SHA1_DES;
ashleymills	0:714293de3836	791	return 0;
ashleymills	0:714293de3836	792	case 652:
ashleymills	0:714293de3836	793	*id = PBE_SHA1_DES3;
ashleymills	0:714293de3836	794	return 0;
ashleymills	0:714293de3836	795	default:
ashleymills	0:714293de3836	796	return ALGO_ID_E;
ashleymills	0:714293de3836	797
ashleymills	0:714293de3836	798	}
ashleymills	0:714293de3836	799	}
ashleymills	0:714293de3836	800
ashleymills	0:714293de3836	801
ashleymills	0:714293de3836	802	/* Decrypt intput in place from parameters based on id */
ashleymills	0:714293de3836	803	static int DecryptKey(const char* password, int passwordSz, byte* salt,
ashleymills	0:714293de3836	804	int saltSz, int iterations, int id, byte* input,
ashleymills	0:714293de3836	805	int length, int version, byte* cbcIv)
ashleymills	0:714293de3836	806	{
ashleymills	0:714293de3836	807	byte key[MAX_KEY_SIZE];
ashleymills	0:714293de3836	808	int typeH;
ashleymills	0:714293de3836	809	int derivedLen;
ashleymills	0:714293de3836	810	int decryptionType;
ashleymills	0:714293de3836	811	int ret = 0;
ashleymills	0:714293de3836	812
ashleymills	0:714293de3836	813	switch (id) {
ashleymills	0:714293de3836	814	case PBE_MD5_DES:
ashleymills	0:714293de3836	815	typeH = MD5;
ashleymills	0:714293de3836	816	derivedLen = 16; /* may need iv for v1.5 */
ashleymills	0:714293de3836	817	decryptionType = DES_TYPE;
ashleymills	0:714293de3836	818	break;
ashleymills	0:714293de3836	819
ashleymills	0:714293de3836	820	case PBE_SHA1_DES:
ashleymills	0:714293de3836	821	typeH = SHA;
ashleymills	0:714293de3836	822	derivedLen = 16; /* may need iv for v1.5 */
ashleymills	0:714293de3836	823	decryptionType = DES_TYPE;
ashleymills	0:714293de3836	824	break;
ashleymills	0:714293de3836	825
ashleymills	0:714293de3836	826	case PBE_SHA1_DES3:
ashleymills	0:714293de3836	827	typeH = SHA;
ashleymills	0:714293de3836	828	derivedLen = 32; /* may need iv for v1.5 */
ashleymills	0:714293de3836	829	decryptionType = DES3_TYPE;
ashleymills	0:714293de3836	830	break;
ashleymills	0:714293de3836	831
ashleymills	0:714293de3836	832	case PBE_SHA1_RC4_128:
ashleymills	0:714293de3836	833	typeH = SHA;
ashleymills	0:714293de3836	834	derivedLen = 16;
ashleymills	0:714293de3836	835	decryptionType = RC4_TYPE;
ashleymills	0:714293de3836	836	break;
ashleymills	0:714293de3836	837
ashleymills	0:714293de3836	838	default:
ashleymills	0:714293de3836	839	return ALGO_ID_E;
ashleymills	0:714293de3836	840	}
ashleymills	0:714293de3836	841
ashleymills	0:714293de3836	842	if (version == PKCS5v2)
ashleymills	0:714293de3836	843	ret = PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations,
ashleymills	0:714293de3836	844	derivedLen, typeH);
ashleymills	0:714293de3836	845	else if (version == PKCS5)
ashleymills	0:714293de3836	846	ret = PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations,
ashleymills	0:714293de3836	847	derivedLen, typeH);
ashleymills	0:714293de3836	848	else if (version == PKCS12) {
ashleymills	0:714293de3836	849	int i, idx = 0;
ashleymills	0:714293de3836	850	byte unicodePasswd[MAX_UNICODE_SZ];
ashleymills	0:714293de3836	851
ashleymills	0:714293de3836	852	if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd))
ashleymills	0:714293de3836	853	return UNICODE_SIZE_E;
ashleymills	0:714293de3836	854
ashleymills	0:714293de3836	855	for (i = 0; i < passwordSz; i++) {
ashleymills	0:714293de3836	856	unicodePasswd[idx++] = 0x00;
ashleymills	0:714293de3836	857	unicodePasswd[idx++] = (byte)password[i];
ashleymills	0:714293de3836	858	}
ashleymills	0:714293de3836	859	/* add trailing NULL */
ashleymills	0:714293de3836	860	unicodePasswd[idx++] = 0x00;
ashleymills	0:714293de3836	861	unicodePasswd[idx++] = 0x00;
ashleymills	0:714293de3836	862
ashleymills	0:714293de3836	863	ret = PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
ashleymills	0:714293de3836	864	iterations, derivedLen, typeH, 1);
ashleymills	0:714293de3836	865	if (decryptionType != RC4_TYPE)
ashleymills	0:714293de3836	866	ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
ashleymills	0:714293de3836	867	iterations, 8, typeH, 2);
ashleymills	0:714293de3836	868	}
ashleymills	0:714293de3836	869	else
ashleymills	0:714293de3836	870	return ALGO_ID_E;
ashleymills	0:714293de3836	871
ashleymills	0:714293de3836	872	if (ret != 0)
ashleymills	0:714293de3836	873	return ret;
ashleymills	0:714293de3836	874
ashleymills	0:714293de3836	875	switch (decryptionType) {
ashleymills	0:714293de3836	876	#ifndef NO_DES3
ashleymills	0:714293de3836	877	case DES_TYPE:
ashleymills	0:714293de3836	878	{
ashleymills	0:714293de3836	879	Des dec;
ashleymills	0:714293de3836	880	byte* desIv = key + 8;
ashleymills	0:714293de3836	881
ashleymills	0:714293de3836	882	if (version == PKCS5v2 \|\| version == PKCS12)
ashleymills	0:714293de3836	883	desIv = cbcIv;
ashleymills	0:714293de3836	884	Des_SetKey(&dec, key, desIv, DES_DECRYPTION);
ashleymills	0:714293de3836	885	Des_CbcDecrypt(&dec, input, input, length);
ashleymills	0:714293de3836	886	break;
ashleymills	0:714293de3836	887	}
ashleymills	0:714293de3836	888
ashleymills	0:714293de3836	889	case DES3_TYPE:
ashleymills	0:714293de3836	890	{
ashleymills	0:714293de3836	891	Des3 dec;
ashleymills	0:714293de3836	892	byte* desIv = key + 24;
ashleymills	0:714293de3836	893
ashleymills	0:714293de3836	894	if (version == PKCS5v2 \|\| version == PKCS12)
ashleymills	0:714293de3836	895	desIv = cbcIv;
ashleymills	0:714293de3836	896	Des3_SetKey(&dec, key, desIv, DES_DECRYPTION);
ashleymills	0:714293de3836	897	Des3_CbcDecrypt(&dec, input, input, length);
ashleymills	0:714293de3836	898	break;
ashleymills	0:714293de3836	899	}
ashleymills	0:714293de3836	900	#endif
ashleymills	0:714293de3836	901	#ifndef NO_RC4
ashleymills	0:714293de3836	902	case RC4_TYPE:
ashleymills	0:714293de3836	903	{
ashleymills	0:714293de3836	904	Arc4 dec;
ashleymills	0:714293de3836	905
ashleymills	0:714293de3836	906	Arc4SetKey(&dec, key, derivedLen);
ashleymills	0:714293de3836	907	Arc4Process(&dec, input, input, length);
ashleymills	0:714293de3836	908	break;
ashleymills	0:714293de3836	909	}
ashleymills	0:714293de3836	910	#endif
ashleymills	0:714293de3836	911
ashleymills	0:714293de3836	912	default:
ashleymills	0:714293de3836	913	return ALGO_ID_E;
ashleymills	0:714293de3836	914	}
ashleymills	0:714293de3836	915
ashleymills	0:714293de3836	916	return 0;
ashleymills	0:714293de3836	917	}
ashleymills	0:714293de3836	918
ashleymills	0:714293de3836	919
ashleymills	0:714293de3836	920	/* Remove Encrypted PKCS8 header, move beginning of traditional to beginning
ashleymills	0:714293de3836	921	of input */
ashleymills	0:714293de3836	922	int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
ashleymills	0:714293de3836	923	{
ashleymills	0:714293de3836	924	word32 inOutIdx = 0, oid;
ashleymills	0:714293de3836	925	int first, second, length, version, saltSz, id;
ashleymills	0:714293de3836	926	int iterations = 0;
ashleymills	0:714293de3836	927	byte salt[MAX_SALT_SIZE];
ashleymills	0:714293de3836	928	byte cbcIv[MAX_IV_SIZE];
ashleymills	0:714293de3836	929
ashleymills	0:714293de3836	930	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	931	return ASN_PARSE_E;
ashleymills	0:714293de3836	932
ashleymills	0:714293de3836	933	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
ashleymills	0:714293de3836	934	return ASN_PARSE_E;
ashleymills	0:714293de3836	935
ashleymills	0:714293de3836	936	first = input[inOutIdx - 2]; /* PKCS version alwyas 2nd to last byte */
ashleymills	0:714293de3836	937	second = input[inOutIdx - 1]; /* version.algo, algo id last byte */
ashleymills	0:714293de3836	938
ashleymills	0:714293de3836	939	if (CheckAlgo(first, second, &id, &version) < 0)
ashleymills	0:714293de3836	940	return ASN_INPUT_E; /* Algo ID error */
ashleymills	0:714293de3836	941
ashleymills	0:714293de3836	942	if (version == PKCS5v2) {
ashleymills	0:714293de3836	943
ashleymills	0:714293de3836	944	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	945	return ASN_PARSE_E;
ashleymills	0:714293de3836	946
ashleymills	0:714293de3836	947	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
ashleymills	0:714293de3836	948	return ASN_PARSE_E;
ashleymills	0:714293de3836	949
ashleymills	0:714293de3836	950	if (oid != PBKDF2_OID)
ashleymills	0:714293de3836	951	return ASN_PARSE_E;
ashleymills	0:714293de3836	952	}
ashleymills	0:714293de3836	953
ashleymills	0:714293de3836	954	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	955	return ASN_PARSE_E;
ashleymills	0:714293de3836	956
ashleymills	0:714293de3836	957	if (input[inOutIdx++] != ASN_OCTET_STRING)
ashleymills	0:714293de3836	958	return ASN_PARSE_E;
ashleymills	0:714293de3836	959
ashleymills	0:714293de3836	960	if (GetLength(input, &inOutIdx, &saltSz, sz) < 0)
ashleymills	0:714293de3836	961	return ASN_PARSE_E;
ashleymills	0:714293de3836	962
ashleymills	0:714293de3836	963	if (saltSz > MAX_SALT_SIZE)
ashleymills	0:714293de3836	964	return ASN_PARSE_E;
ashleymills	0:714293de3836	965
ashleymills	0:714293de3836	966	XMEMCPY(salt, &input[inOutIdx], saltSz);
ashleymills	0:714293de3836	967	inOutIdx += saltSz;
ashleymills	0:714293de3836	968
ashleymills	0:714293de3836	969	if (GetShortInt(input, &inOutIdx, &iterations) < 0)
ashleymills	0:714293de3836	970	return ASN_PARSE_E;
ashleymills	0:714293de3836	971
ashleymills	0:714293de3836	972	if (version == PKCS5v2) {
ashleymills	0:714293de3836	973	/* get encryption algo */
ashleymills	0:714293de3836	974	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
ashleymills	0:714293de3836	975	return ASN_PARSE_E;
ashleymills	0:714293de3836	976
ashleymills	0:714293de3836	977	if (CheckAlgoV2(oid, &id) < 0)
ashleymills	0:714293de3836	978	return ASN_PARSE_E; /* PKCS v2 algo id error */
ashleymills	0:714293de3836	979
ashleymills	0:714293de3836	980	if (input[inOutIdx++] != ASN_OCTET_STRING)
ashleymills	0:714293de3836	981	return ASN_PARSE_E;
ashleymills	0:714293de3836	982
ashleymills	0:714293de3836	983	if (GetLength(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	984	return ASN_PARSE_E;
ashleymills	0:714293de3836	985
ashleymills	0:714293de3836	986	XMEMCPY(cbcIv, &input[inOutIdx], length);
ashleymills	0:714293de3836	987	inOutIdx += length;
ashleymills	0:714293de3836	988	}
ashleymills	0:714293de3836	989
ashleymills	0:714293de3836	990	if (input[inOutIdx++] != ASN_OCTET_STRING)
ashleymills	0:714293de3836	991	return ASN_PARSE_E;
ashleymills	0:714293de3836	992
ashleymills	0:714293de3836	993	if (GetLength(input, &inOutIdx, &length, sz) < 0)
ashleymills	0:714293de3836	994	return ASN_PARSE_E;
ashleymills	0:714293de3836	995
ashleymills	0:714293de3836	996	if (DecryptKey(password, passwordSz, salt, saltSz, iterations, id,
ashleymills	0:714293de3836	997	input + inOutIdx, length, version, cbcIv) < 0)
ashleymills	0:714293de3836	998	return ASN_INPUT_E; /* decrypt failure */
ashleymills	0:714293de3836	999
ashleymills	0:714293de3836	1000	XMEMMOVE(input, input + inOutIdx, length);
ashleymills	0:714293de3836	1001	return ToTraditional(input, length);
ashleymills	0:714293de3836	1002	}
ashleymills	0:714293de3836	1003
ashleymills	0:714293de3836	1004	#endif /* NO_PWDBASED */
ashleymills	0:714293de3836	1005
ashleymills	0:714293de3836	1006	#ifndef NO_RSA
ashleymills	0:714293de3836	1007
ashleymills	0:714293de3836	1008	int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
ashleymills	0:714293de3836	1009	word32 inSz)
ashleymills	0:714293de3836	1010	{
ashleymills	0:714293de3836	1011	int length;
ashleymills	0:714293de3836	1012
ashleymills	0:714293de3836	1013	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1014	return ASN_PARSE_E;
ashleymills	0:714293de3836	1015
ashleymills	0:714293de3836	1016	key->type = RSA_PUBLIC;
ashleymills	0:714293de3836	1017
ashleymills	0:714293de3836	1018	#ifdef OPENSSL_EXTRA
ashleymills	0:714293de3836	1019	{
ashleymills	0:714293de3836	1020	byte b = input[*inOutIdx];
ashleymills	0:714293de3836	1021	if (b != ASN_INTEGER) {
ashleymills	0:714293de3836	1022	/* not from decoded cert, will have algo id, skip past */
ashleymills	0:714293de3836	1023	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1024	return ASN_PARSE_E;
ashleymills	0:714293de3836	1025
ashleymills	0:714293de3836	1026	b = input[(*inOutIdx)++];
ashleymills	0:714293de3836	1027	if (b != ASN_OBJECT_ID)
ashleymills	0:714293de3836	1028	return ASN_OBJECT_ID_E;
ashleymills	0:714293de3836	1029
ashleymills	0:714293de3836	1030	if (GetLength(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1031	return ASN_PARSE_E;
ashleymills	0:714293de3836	1032
ashleymills	0:714293de3836	1033	inOutIdx += length; / skip past */
ashleymills	0:714293de3836	1034
ashleymills	0:714293de3836	1035	/* could have NULL tag and 0 terminator, but may not */
ashleymills	0:714293de3836	1036	b = input[(*inOutIdx)++];
ashleymills	0:714293de3836	1037
ashleymills	0:714293de3836	1038	if (b == ASN_TAG_NULL) {
ashleymills	0:714293de3836	1039	b = input[(*inOutIdx)++];
ashleymills	0:714293de3836	1040	if (b != 0)
ashleymills	0:714293de3836	1041	return ASN_EXPECT_0_E;
ashleymills	0:714293de3836	1042	}
ashleymills	0:714293de3836	1043	else
ashleymills	0:714293de3836	1044	/* go back, didn't have it */
ashleymills	0:714293de3836	1045	(*inOutIdx)--;
ashleymills	0:714293de3836	1046
ashleymills	0:714293de3836	1047	/* should have bit tag length and seq next */
ashleymills	0:714293de3836	1048	b = input[(*inOutIdx)++];
ashleymills	0:714293de3836	1049	if (b != ASN_BIT_STRING)
ashleymills	0:714293de3836	1050	return ASN_BITSTR_E;
ashleymills	0:714293de3836	1051
ashleymills	0:714293de3836	1052	if (GetLength(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1053	return ASN_PARSE_E;
ashleymills	0:714293de3836	1054
ashleymills	0:714293de3836	1055	/* could have 0 */
ashleymills	0:714293de3836	1056	b = input[(*inOutIdx)++];
ashleymills	0:714293de3836	1057	if (b != 0)
ashleymills	0:714293de3836	1058	(*inOutIdx)--;
ashleymills	0:714293de3836	1059
ashleymills	0:714293de3836	1060	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1061	return ASN_PARSE_E;
ashleymills	0:714293de3836	1062	} /* end if */
ashleymills	0:714293de3836	1063	} /* openssl var block */
ashleymills	0:714293de3836	1064	#endif /* OPENSSL_EXTRA */
ashleymills	0:714293de3836	1065
ashleymills	0:714293de3836	1066	if (GetInt(&key->n, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1067	GetInt(&key->e, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
ashleymills	0:714293de3836	1068
ashleymills	0:714293de3836	1069	return 0;
ashleymills	0:714293de3836	1070	}
ashleymills	0:714293de3836	1071
ashleymills	0:714293de3836	1072	#endif
ashleymills	0:714293de3836	1073
ashleymills	0:714293de3836	1074	#ifndef NO_DH
ashleymills	0:714293de3836	1075
ashleymills	0:714293de3836	1076	int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
ashleymills	0:714293de3836	1077	{
ashleymills	0:714293de3836	1078	int length;
ashleymills	0:714293de3836	1079
ashleymills	0:714293de3836	1080	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1081	return ASN_PARSE_E;
ashleymills	0:714293de3836	1082
ashleymills	0:714293de3836	1083	if (GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1084	GetInt(&key->g, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
ashleymills	0:714293de3836	1085
ashleymills	0:714293de3836	1086	return 0;
ashleymills	0:714293de3836	1087	}
ashleymills	0:714293de3836	1088
ashleymills	0:714293de3836	1089	int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz)
ashleymills	0:714293de3836	1090	{
ashleymills	0:714293de3836	1091	/* may have leading 0 */
ashleymills	0:714293de3836	1092	if (p[0] == 0) {
ashleymills	0:714293de3836	1093	pSz--; p++;
ashleymills	0:714293de3836	1094	}
ashleymills	0:714293de3836	1095
ashleymills	0:714293de3836	1096	if (g[0] == 0) {
ashleymills	0:714293de3836	1097	gSz--; g++;
ashleymills	0:714293de3836	1098	}
ashleymills	0:714293de3836	1099
ashleymills	0:714293de3836	1100	if (mp_init(&key->p) != MP_OKAY)
ashleymills	0:714293de3836	1101	return MP_INIT_E;
ashleymills	0:714293de3836	1102	if (mp_read_unsigned_bin(&key->p, p, pSz) != 0) {
ashleymills	0:714293de3836	1103	mp_clear(&key->p);
ashleymills	0:714293de3836	1104	return ASN_DH_KEY_E;
ashleymills	0:714293de3836	1105	}
ashleymills	0:714293de3836	1106
ashleymills	0:714293de3836	1107	if (mp_init(&key->g) != MP_OKAY) {
ashleymills	0:714293de3836	1108	mp_clear(&key->p);
ashleymills	0:714293de3836	1109	return MP_INIT_E;
ashleymills	0:714293de3836	1110	}
ashleymills	0:714293de3836	1111	if (mp_read_unsigned_bin(&key->g, g, gSz) != 0) {
ashleymills	0:714293de3836	1112	mp_clear(&key->g);
ashleymills	0:714293de3836	1113	mp_clear(&key->p);
ashleymills	0:714293de3836	1114	return ASN_DH_KEY_E;
ashleymills	0:714293de3836	1115	}
ashleymills	0:714293de3836	1116
ashleymills	0:714293de3836	1117	return 0;
ashleymills	0:714293de3836	1118	}
ashleymills	0:714293de3836	1119
ashleymills	0:714293de3836	1120
ashleymills	0:714293de3836	1121	#ifdef OPENSSL_EXTRA
ashleymills	0:714293de3836	1122
ashleymills	0:714293de3836	1123	int DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
ashleymills	0:714293de3836	1124	byte* g, word32* gInOutSz)
ashleymills	0:714293de3836	1125	{
ashleymills	0:714293de3836	1126	word32 i = 0;
ashleymills	0:714293de3836	1127	byte b;
ashleymills	0:714293de3836	1128	int length;
ashleymills	0:714293de3836	1129
ashleymills	0:714293de3836	1130	if (GetSequence(input, &i, &length, inSz) < 0)
ashleymills	0:714293de3836	1131	return ASN_PARSE_E;
ashleymills	0:714293de3836	1132
ashleymills	0:714293de3836	1133	b = input[i++];
ashleymills	0:714293de3836	1134	if (b != ASN_INTEGER)
ashleymills	0:714293de3836	1135	return ASN_PARSE_E;
ashleymills	0:714293de3836	1136
ashleymills	0:714293de3836	1137	if (GetLength(input, &i, &length, inSz) < 0)
ashleymills	0:714293de3836	1138	return ASN_PARSE_E;
ashleymills	0:714293de3836	1139
ashleymills	0:714293de3836	1140	if ( (b = input[i++]) == 0x00)
ashleymills	0:714293de3836	1141	length--;
ashleymills	0:714293de3836	1142	else
ashleymills	0:714293de3836	1143	i--;
ashleymills	0:714293de3836	1144
ashleymills	0:714293de3836	1145	if (length <= (int)*pInOutSz) {
ashleymills	0:714293de3836	1146	XMEMCPY(p, &input[i], length);
ashleymills	0:714293de3836	1147	*pInOutSz = length;
ashleymills	0:714293de3836	1148	}
ashleymills	0:714293de3836	1149	else
ashleymills	0:714293de3836	1150	return BUFFER_E;
ashleymills	0:714293de3836	1151
ashleymills	0:714293de3836	1152	i += length;
ashleymills	0:714293de3836	1153
ashleymills	0:714293de3836	1154	b = input[i++];
ashleymills	0:714293de3836	1155	if (b != ASN_INTEGER)
ashleymills	0:714293de3836	1156	return ASN_PARSE_E;
ashleymills	0:714293de3836	1157
ashleymills	0:714293de3836	1158	if (GetLength(input, &i, &length, inSz) < 0)
ashleymills	0:714293de3836	1159	return ASN_PARSE_E;
ashleymills	0:714293de3836	1160
ashleymills	0:714293de3836	1161	if (length <= (int)*gInOutSz) {
ashleymills	0:714293de3836	1162	XMEMCPY(g, &input[i], length);
ashleymills	0:714293de3836	1163	*gInOutSz = length;
ashleymills	0:714293de3836	1164	}
ashleymills	0:714293de3836	1165	else
ashleymills	0:714293de3836	1166	return BUFFER_E;
ashleymills	0:714293de3836	1167
ashleymills	0:714293de3836	1168	return 0;
ashleymills	0:714293de3836	1169	}
ashleymills	0:714293de3836	1170
ashleymills	0:714293de3836	1171	#endif /* OPENSSL_EXTRA */
ashleymills	0:714293de3836	1172	#endif /* NO_DH */
ashleymills	0:714293de3836	1173
ashleymills	0:714293de3836	1174
ashleymills	0:714293de3836	1175	#ifndef NO_DSA
ashleymills	0:714293de3836	1176
ashleymills	0:714293de3836	1177	int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
ashleymills	0:714293de3836	1178	word32 inSz)
ashleymills	0:714293de3836	1179	{
ashleymills	0:714293de3836	1180	int length;
ashleymills	0:714293de3836	1181
ashleymills	0:714293de3836	1182	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1183	return ASN_PARSE_E;
ashleymills	0:714293de3836	1184
ashleymills	0:714293de3836	1185	if (GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1186	GetInt(&key->q, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1187	GetInt(&key->g, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1188	GetInt(&key->y, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
ashleymills	0:714293de3836	1189
ashleymills	0:714293de3836	1190	key->type = DSA_PUBLIC;
ashleymills	0:714293de3836	1191	return 0;
ashleymills	0:714293de3836	1192	}
ashleymills	0:714293de3836	1193
ashleymills	0:714293de3836	1194
ashleymills	0:714293de3836	1195	int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
ashleymills	0:714293de3836	1196	word32 inSz)
ashleymills	0:714293de3836	1197	{
ashleymills	0:714293de3836	1198	int length, version;
ashleymills	0:714293de3836	1199
ashleymills	0:714293de3836	1200	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	1201	return ASN_PARSE_E;
ashleymills	0:714293de3836	1202
ashleymills	0:714293de3836	1203	if (GetMyVersion(input, inOutIdx, &version) < 0)
ashleymills	0:714293de3836	1204	return ASN_PARSE_E;
ashleymills	0:714293de3836	1205
ashleymills	0:714293de3836	1206	if (GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1207	GetInt(&key->q, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1208	GetInt(&key->g, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1209	GetInt(&key->y, input, inOutIdx, inSz) < 0 \|\|
ashleymills	0:714293de3836	1210	GetInt(&key->x, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
ashleymills	0:714293de3836	1211
ashleymills	0:714293de3836	1212	key->type = DSA_PRIVATE;
ashleymills	0:714293de3836	1213	return 0;
ashleymills	0:714293de3836	1214	}
ashleymills	0:714293de3836	1215
ashleymills	0:714293de3836	1216	#endif /* NO_DSA */
ashleymills	0:714293de3836	1217
ashleymills	0:714293de3836	1218
ashleymills	0:714293de3836	1219	void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
ashleymills	0:714293de3836	1220	{
ashleymills	0:714293de3836	1221	cert->publicKey = 0;
ashleymills	0:714293de3836	1222	cert->pubKeyStored = 0;
ashleymills	0:714293de3836	1223	cert->signature = 0;
ashleymills	0:714293de3836	1224	cert->subjectCN = 0;
ashleymills	0:714293de3836	1225	cert->subjectCNLen = 0;
ashleymills	0:714293de3836	1226	cert->subjectCNStored = 0;
ashleymills	0:714293de3836	1227	cert->altNames = NULL;
ashleymills	0:714293de3836	1228	cert->issuer[0] = '\0';
ashleymills	0:714293de3836	1229	cert->subject[0] = '\0';
ashleymills	0:714293de3836	1230	cert->source = source; /* don't own */
ashleymills	0:714293de3836	1231	cert->srcIdx = 0;
ashleymills	0:714293de3836	1232	cert->maxIdx = inSz; /* can't go over this index */
ashleymills	0:714293de3836	1233	cert->heap = heap;
ashleymills	0:714293de3836	1234	XMEMSET(cert->serial, 0, EXTERNAL_SERIAL_SIZE);
ashleymills	0:714293de3836	1235	cert->serialSz = 0;
ashleymills	0:714293de3836	1236	cert->extensions = 0;
ashleymills	0:714293de3836	1237	cert->extensionsSz = 0;
ashleymills	0:714293de3836	1238	cert->extensionsIdx = 0;
ashleymills	0:714293de3836	1239	cert->extAuthInfo = NULL;
ashleymills	0:714293de3836	1240	cert->extAuthInfoSz = 0;
ashleymills	0:714293de3836	1241	cert->extCrlInfo = NULL;
ashleymills	0:714293de3836	1242	cert->extCrlInfoSz = 0;
ashleymills	0:714293de3836	1243	XMEMSET(cert->extSubjKeyId, 0, SHA_SIZE);
ashleymills	0:714293de3836	1244	cert->extSubjKeyIdSet = 0;
ashleymills	0:714293de3836	1245	XMEMSET(cert->extAuthKeyId, 0, SHA_SIZE);
ashleymills	0:714293de3836	1246	cert->extAuthKeyIdSet = 0;
ashleymills	0:714293de3836	1247	cert->isCA = 0;
ashleymills	0:714293de3836	1248	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1249	cert->subjectSN = 0;
ashleymills	0:714293de3836	1250	cert->subjectSNLen = 0;
ashleymills	0:714293de3836	1251	cert->subjectC = 0;
ashleymills	0:714293de3836	1252	cert->subjectCLen = 0;
ashleymills	0:714293de3836	1253	cert->subjectL = 0;
ashleymills	0:714293de3836	1254	cert->subjectLLen = 0;
ashleymills	0:714293de3836	1255	cert->subjectST = 0;
ashleymills	0:714293de3836	1256	cert->subjectSTLen = 0;
ashleymills	0:714293de3836	1257	cert->subjectO = 0;
ashleymills	0:714293de3836	1258	cert->subjectOLen = 0;
ashleymills	0:714293de3836	1259	cert->subjectOU = 0;
ashleymills	0:714293de3836	1260	cert->subjectOULen = 0;
ashleymills	0:714293de3836	1261	cert->subjectEmail = 0;
ashleymills	0:714293de3836	1262	cert->subjectEmailLen = 0;
ashleymills	0:714293de3836	1263	cert->beforeDate = 0;
ashleymills	0:714293de3836	1264	cert->beforeDateLen = 0;
ashleymills	0:714293de3836	1265	cert->afterDate = 0;
ashleymills	0:714293de3836	1266	cert->afterDateLen = 0;
ashleymills	0:714293de3836	1267	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1268	}
ashleymills	0:714293de3836	1269
ashleymills	0:714293de3836	1270
ashleymills	0:714293de3836	1271	void FreeAltNames(DNS_entry* altNames, void* heap)
ashleymills	0:714293de3836	1272	{
ashleymills	0:714293de3836	1273	(void)heap;
ashleymills	0:714293de3836	1274
ashleymills	0:714293de3836	1275	while (altNames) {
ashleymills	0:714293de3836	1276	DNS_entry* tmp = altNames->next;
ashleymills	0:714293de3836	1277
ashleymills	0:714293de3836	1278	XFREE(altNames->name, heap, DYNAMIC_TYPE_ALTNAME);
ashleymills	0:714293de3836	1279	XFREE(altNames, heap, DYNAMIC_TYPE_ALTNAME);
ashleymills	0:714293de3836	1280	altNames = tmp;
ashleymills	0:714293de3836	1281	}
ashleymills	0:714293de3836	1282	}
ashleymills	0:714293de3836	1283
ashleymills	0:714293de3836	1284
ashleymills	0:714293de3836	1285	void FreeDecodedCert(DecodedCert* cert)
ashleymills	0:714293de3836	1286	{
ashleymills	0:714293de3836	1287	if (cert->subjectCNStored == 1)
ashleymills	0:714293de3836	1288	XFREE(cert->subjectCN, cert->heap, DYNAMIC_TYPE_SUBJECT_CN);
ashleymills	0:714293de3836	1289	if (cert->pubKeyStored == 1)
ashleymills	0:714293de3836	1290	XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
ashleymills	0:714293de3836	1291	if (cert->altNames)
ashleymills	0:714293de3836	1292	FreeAltNames(cert->altNames, cert->heap);
ashleymills	0:714293de3836	1293	}
ashleymills	0:714293de3836	1294
ashleymills	0:714293de3836	1295
ashleymills	0:714293de3836	1296	static int GetCertHeader(DecodedCert* cert)
ashleymills	0:714293de3836	1297	{
ashleymills	0:714293de3836	1298	int ret = 0, version, len;
ashleymills	0:714293de3836	1299	byte serialTmp[EXTERNAL_SERIAL_SIZE];
ashleymills	0:714293de3836	1300	mp_int mpi;
ashleymills	0:714293de3836	1301
ashleymills	0:714293de3836	1302	if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1303	return ASN_PARSE_E;
ashleymills	0:714293de3836	1304
ashleymills	0:714293de3836	1305	cert->certBegin = cert->srcIdx;
ashleymills	0:714293de3836	1306
ashleymills	0:714293de3836	1307	if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1308	return ASN_PARSE_E;
ashleymills	0:714293de3836	1309	cert->sigIndex = len + cert->srcIdx;
ashleymills	0:714293de3836	1310
ashleymills	0:714293de3836	1311	if (GetExplicitVersion(cert->source, &cert->srcIdx, &version) < 0)
ashleymills	0:714293de3836	1312	return ASN_PARSE_E;
ashleymills	0:714293de3836	1313
ashleymills	0:714293de3836	1314	if (GetInt(&mpi, cert->source, &cert->srcIdx, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1315	return ASN_PARSE_E;
ashleymills	0:714293de3836	1316
ashleymills	0:714293de3836	1317	len = mp_unsigned_bin_size(&mpi);
ashleymills	0:714293de3836	1318	if (len < (int)sizeof(serialTmp)) {
ashleymills	0:714293de3836	1319	if (mp_to_unsigned_bin(&mpi, serialTmp) == MP_OKAY) {
ashleymills	0:714293de3836	1320	if (len > EXTERNAL_SERIAL_SIZE)
ashleymills	0:714293de3836	1321	len = EXTERNAL_SERIAL_SIZE;
ashleymills	0:714293de3836	1322	XMEMCPY(cert->serial, serialTmp, len);
ashleymills	0:714293de3836	1323	cert->serialSz = len;
ashleymills	0:714293de3836	1324	}
ashleymills	0:714293de3836	1325	}
ashleymills	0:714293de3836	1326	mp_clear(&mpi);
ashleymills	0:714293de3836	1327	return ret;
ashleymills	0:714293de3836	1328	}
ashleymills	0:714293de3836	1329
ashleymills	0:714293de3836	1330	#if !defined(NO_RSA)
ashleymills	0:714293de3836	1331	/* Store Rsa Key, may save later, Dsa could use in future */
ashleymills	0:714293de3836	1332	static int StoreRsaKey(DecodedCert* cert)
ashleymills	0:714293de3836	1333	{
ashleymills	0:714293de3836	1334	int length;
ashleymills	0:714293de3836	1335	word32 read = cert->srcIdx;
ashleymills	0:714293de3836	1336
ashleymills	0:714293de3836	1337	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1338	return ASN_PARSE_E;
ashleymills	0:714293de3836	1339
ashleymills	0:714293de3836	1340	read = cert->srcIdx - read;
ashleymills	0:714293de3836	1341	length += read;
ashleymills	0:714293de3836	1342
ashleymills	0:714293de3836	1343	while (read--)
ashleymills	0:714293de3836	1344	cert->srcIdx--;
ashleymills	0:714293de3836	1345
ashleymills	0:714293de3836	1346	cert->pubKeySize = length;
ashleymills	0:714293de3836	1347	cert->publicKey = cert->source + cert->srcIdx;
ashleymills	0:714293de3836	1348	cert->srcIdx += length;
ashleymills	0:714293de3836	1349
ashleymills	0:714293de3836	1350	return 0;
ashleymills	0:714293de3836	1351	}
ashleymills	0:714293de3836	1352	#endif
ashleymills	0:714293de3836	1353
ashleymills	0:714293de3836	1354
ashleymills	0:714293de3836	1355	#ifdef HAVE_ECC
ashleymills	0:714293de3836	1356
ashleymills	0:714293de3836	1357	/* return 0 on sucess if the ECC curve oid sum is supported */
ashleymills	0:714293de3836	1358	static int CheckCurve(word32 oid)
ashleymills	0:714293de3836	1359	{
ashleymills	0:714293de3836	1360	if (oid != ECC_256R1 && oid != ECC_384R1 && oid != ECC_521R1 && oid !=
ashleymills	0:714293de3836	1361	ECC_160R1 && oid != ECC_192R1 && oid != ECC_224R1)
ashleymills	0:714293de3836	1362	return ALGO_ID_E;
ashleymills	0:714293de3836	1363
ashleymills	0:714293de3836	1364	return 0;
ashleymills	0:714293de3836	1365	}
ashleymills	0:714293de3836	1366
ashleymills	0:714293de3836	1367	#endif /* HAVE_ECC */
ashleymills	0:714293de3836	1368
ashleymills	0:714293de3836	1369
ashleymills	0:714293de3836	1370	static int GetKey(DecodedCert* cert)
ashleymills	0:714293de3836	1371	{
ashleymills	0:714293de3836	1372	int length;
ashleymills	0:714293de3836	1373	#ifdef HAVE_NTRU
ashleymills	0:714293de3836	1374	int tmpIdx = cert->srcIdx;
ashleymills	0:714293de3836	1375	#endif
ashleymills	0:714293de3836	1376
ashleymills	0:714293de3836	1377	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1378	return ASN_PARSE_E;
ashleymills	0:714293de3836	1379
ashleymills	0:714293de3836	1380	if (GetAlgoId(cert->source, &cert->srcIdx, &cert->keyOID, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1381	return ASN_PARSE_E;
ashleymills	0:714293de3836	1382
ashleymills	0:714293de3836	1383	switch (cert->keyOID) {
ashleymills	0:714293de3836	1384	case DSAk:
ashleymills	0:714293de3836	1385	/* do nothing */
ashleymills	0:714293de3836	1386	break;
ashleymills	0:714293de3836	1387	#ifndef NO_RSA
ashleymills	0:714293de3836	1388	case RSAk:
ashleymills	0:714293de3836	1389	{
ashleymills	0:714293de3836	1390	byte b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1391	if (b != ASN_BIT_STRING)
ashleymills	0:714293de3836	1392	return ASN_BITSTR_E;
ashleymills	0:714293de3836	1393
ashleymills	0:714293de3836	1394	if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
ashleymills	0:714293de3836	1395	return ASN_PARSE_E;
ashleymills	0:714293de3836	1396	b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1397	if (b != 0x00)
ashleymills	0:714293de3836	1398	return ASN_EXPECT_0_E;
ashleymills	0:714293de3836	1399
ashleymills	0:714293de3836	1400	return StoreRsaKey(cert);
ashleymills	0:714293de3836	1401	}
ashleymills	0:714293de3836	1402
ashleymills	0:714293de3836	1403	#endif /* NO_RSA */
ashleymills	0:714293de3836	1404	#ifdef HAVE_NTRU
ashleymills	0:714293de3836	1405	case NTRUk:
ashleymills	0:714293de3836	1406	{
ashleymills	0:714293de3836	1407	const byte* key = &cert->source[tmpIdx];
ashleymills	0:714293de3836	1408	byte* next = (byte*)key;
ashleymills	0:714293de3836	1409	word16 keyLen;
ashleymills	0:714293de3836	1410	byte keyBlob[MAX_NTRU_KEY_SZ];
ashleymills	0:714293de3836	1411
ashleymills	0:714293de3836	1412	word32 rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
ashleymills	0:714293de3836	1413	&keyLen, NULL, &next);
ashleymills	0:714293de3836	1414
ashleymills	0:714293de3836	1415	if (rc != NTRU_OK)
ashleymills	0:714293de3836	1416	return ASN_NTRU_KEY_E;
ashleymills	0:714293de3836	1417	if (keyLen > sizeof(keyBlob))
ashleymills	0:714293de3836	1418	return ASN_NTRU_KEY_E;
ashleymills	0:714293de3836	1419
ashleymills	0:714293de3836	1420	rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,&keyLen,
ashleymills	0:714293de3836	1421	keyBlob, &next);
ashleymills	0:714293de3836	1422	if (rc != NTRU_OK)
ashleymills	0:714293de3836	1423	return ASN_NTRU_KEY_E;
ashleymills	0:714293de3836	1424
ashleymills	0:714293de3836	1425	if ( (next - key) < 0)
ashleymills	0:714293de3836	1426	return ASN_NTRU_KEY_E;
ashleymills	0:714293de3836	1427
ashleymills	0:714293de3836	1428	cert->srcIdx = tmpIdx + (int)(next - key);
ashleymills	0:714293de3836	1429
ashleymills	0:714293de3836	1430	cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap,
ashleymills	0:714293de3836	1431	DYNAMIC_TYPE_PUBLIC_KEY);
ashleymills	0:714293de3836	1432	if (cert->publicKey == NULL)
ashleymills	0:714293de3836	1433	return MEMORY_E;
ashleymills	0:714293de3836	1434	XMEMCPY(cert->publicKey, keyBlob, keyLen);
ashleymills	0:714293de3836	1435	cert->pubKeyStored = 1;
ashleymills	0:714293de3836	1436	cert->pubKeySize = keyLen;
ashleymills	0:714293de3836	1437	}
ashleymills	0:714293de3836	1438	break;
ashleymills	0:714293de3836	1439	#endif /* HAVE_NTRU */
ashleymills	0:714293de3836	1440	#ifdef HAVE_ECC
ashleymills	0:714293de3836	1441	case ECDSAk:
ashleymills	0:714293de3836	1442	{
ashleymills	0:714293de3836	1443	word32 oid = 0;
ashleymills	0:714293de3836	1444	int oidSz = 0;
ashleymills	0:714293de3836	1445	byte b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1446
ashleymills	0:714293de3836	1447	if (b != ASN_OBJECT_ID)
ashleymills	0:714293de3836	1448	return ASN_OBJECT_ID_E;
ashleymills	0:714293de3836	1449
ashleymills	0:714293de3836	1450	if (GetLength(cert->source,&cert->srcIdx,&oidSz,cert->maxIdx) < 0)
ashleymills	0:714293de3836	1451	return ASN_PARSE_E;
ashleymills	0:714293de3836	1452
ashleymills	0:714293de3836	1453	while(oidSz--)
ashleymills	0:714293de3836	1454	oid += cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1455	if (CheckCurve(oid) < 0)
ashleymills	0:714293de3836	1456	return ECC_CURVE_OID_E;
ashleymills	0:714293de3836	1457
ashleymills	0:714293de3836	1458	/* key header */
ashleymills	0:714293de3836	1459	b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1460	if (b != ASN_BIT_STRING)
ashleymills	0:714293de3836	1461	return ASN_BITSTR_E;
ashleymills	0:714293de3836	1462
ashleymills	0:714293de3836	1463	if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
ashleymills	0:714293de3836	1464	return ASN_PARSE_E;
ashleymills	0:714293de3836	1465	b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1466	if (b != 0x00)
ashleymills	0:714293de3836	1467	return ASN_EXPECT_0_E;
ashleymills	0:714293de3836	1468
ashleymills	0:714293de3836	1469	/* actual key, use length - 1 since ate preceding 0 */
ashleymills	0:714293de3836	1470	length -= 1;
ashleymills	0:714293de3836	1471
ashleymills	0:714293de3836	1472	cert->publicKey = (byte*) XMALLOC(length, cert->heap,
ashleymills	0:714293de3836	1473	DYNAMIC_TYPE_PUBLIC_KEY);
ashleymills	0:714293de3836	1474	if (cert->publicKey == NULL)
ashleymills	0:714293de3836	1475	return MEMORY_E;
ashleymills	0:714293de3836	1476	XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length);
ashleymills	0:714293de3836	1477	cert->pubKeyStored = 1;
ashleymills	0:714293de3836	1478	cert->pubKeySize = length;
ashleymills	0:714293de3836	1479
ashleymills	0:714293de3836	1480	cert->srcIdx += length;
ashleymills	0:714293de3836	1481	}
ashleymills	0:714293de3836	1482	break;
ashleymills	0:714293de3836	1483	#endif /* HAVE_ECC */
ashleymills	0:714293de3836	1484	default:
ashleymills	0:714293de3836	1485	return ASN_UNKNOWN_OID_E;
ashleymills	0:714293de3836	1486	}
ashleymills	0:714293de3836	1487
ashleymills	0:714293de3836	1488	return 0;
ashleymills	0:714293de3836	1489	}
ashleymills	0:714293de3836	1490
ashleymills	0:714293de3836	1491
ashleymills	0:714293de3836	1492	/* process NAME, either issuer or subject */
ashleymills	0:714293de3836	1493	static int GetName(DecodedCert* cert, int nameType)
ashleymills	0:714293de3836	1494	{
ashleymills	0:714293de3836	1495	Sha sha; /* MUST have SHA-1 hash for cert names */
ashleymills	0:714293de3836	1496	int length; /* length of all distinguished names */
ashleymills	0:714293de3836	1497	int dummy;
ashleymills	0:714293de3836	1498	char* full = (nameType == ISSUER) ? cert->issuer : cert->subject;
ashleymills	0:714293de3836	1499	word32 idx;
ashleymills	0:714293de3836	1500
ashleymills	0:714293de3836	1501	CYASSL_MSG("Getting Cert Name");
ashleymills	0:714293de3836	1502
ashleymills	0:714293de3836	1503	if (cert->source[cert->srcIdx] == ASN_OBJECT_ID) {
ashleymills	0:714293de3836	1504	CYASSL_MSG("Trying optional prefix...");
ashleymills	0:714293de3836	1505
ashleymills	0:714293de3836	1506	if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1507	return ASN_PARSE_E;
ashleymills	0:714293de3836	1508
ashleymills	0:714293de3836	1509	cert->srcIdx += length;
ashleymills	0:714293de3836	1510	CYASSL_MSG("Got optional prefix");
ashleymills	0:714293de3836	1511	}
ashleymills	0:714293de3836	1512
ashleymills	0:714293de3836	1513	/* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
ashleymills	0:714293de3836	1514	* calculated over the entire DER encoding of the Name field, including
ashleymills	0:714293de3836	1515	* the tag and length. */
ashleymills	0:714293de3836	1516	idx = cert->srcIdx;
ashleymills	0:714293de3836	1517	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1518	return ASN_PARSE_E;
ashleymills	0:714293de3836	1519
ashleymills	0:714293de3836	1520	InitSha(&sha);
ashleymills	0:714293de3836	1521	ShaUpdate(&sha, &cert->source[idx], length + cert->srcIdx - idx);
ashleymills	0:714293de3836	1522	if (nameType == ISSUER)
ashleymills	0:714293de3836	1523	ShaFinal(&sha, cert->issuerHash);
ashleymills	0:714293de3836	1524	else
ashleymills	0:714293de3836	1525	ShaFinal(&sha, cert->subjectHash);
ashleymills	0:714293de3836	1526
ashleymills	0:714293de3836	1527	length += cert->srcIdx;
ashleymills	0:714293de3836	1528	idx = 0;
ashleymills	0:714293de3836	1529
ashleymills	0:714293de3836	1530	while (cert->srcIdx < (word32)length) {
ashleymills	0:714293de3836	1531	byte b;
ashleymills	0:714293de3836	1532	byte joint[2];
ashleymills	0:714293de3836	1533	byte tooBig = FALSE;
ashleymills	0:714293de3836	1534	int oidSz;
ashleymills	0:714293de3836	1535
ashleymills	0:714293de3836	1536	if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) {
ashleymills	0:714293de3836	1537	CYASSL_MSG("Cert name lacks set header, trying sequence");
ashleymills	0:714293de3836	1538	}
ashleymills	0:714293de3836	1539
ashleymills	0:714293de3836	1540	if (GetSequence(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1541	return ASN_PARSE_E;
ashleymills	0:714293de3836	1542
ashleymills	0:714293de3836	1543	b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1544	if (b != ASN_OBJECT_ID)
ashleymills	0:714293de3836	1545	return ASN_OBJECT_ID_E;
ashleymills	0:714293de3836	1546
ashleymills	0:714293de3836	1547	if (GetLength(cert->source, &cert->srcIdx, &oidSz, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1548	return ASN_PARSE_E;
ashleymills	0:714293de3836	1549
ashleymills	0:714293de3836	1550	XMEMCPY(joint, &cert->source[cert->srcIdx], sizeof(joint));
ashleymills	0:714293de3836	1551
ashleymills	0:714293de3836	1552	/* v1 name types */
ashleymills	0:714293de3836	1553	if (joint[0] == 0x55 && joint[1] == 0x04) {
ashleymills	0:714293de3836	1554	byte id;
ashleymills	0:714293de3836	1555	byte copy = FALSE;
ashleymills	0:714293de3836	1556	int strLen;
ashleymills	0:714293de3836	1557
ashleymills	0:714293de3836	1558	cert->srcIdx += 2;
ashleymills	0:714293de3836	1559	id = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1560	b = cert->source[cert->srcIdx++]; /* strType */
ashleymills	0:714293de3836	1561	(void)b; /* may want to validate? */
ashleymills	0:714293de3836	1562
ashleymills	0:714293de3836	1563	if (GetLength(cert->source, &cert->srcIdx, &strLen,
ashleymills	0:714293de3836	1564	cert->maxIdx) < 0)
ashleymills	0:714293de3836	1565	return ASN_PARSE_E;
ashleymills	0:714293de3836	1566
ashleymills	0:714293de3836	1567	if ( (strLen + 4) > (int)(ASN_NAME_MAX - idx)) {
ashleymills	0:714293de3836	1568	/* include biggest pre fix header too 4 = "/CN=" */
ashleymills	0:714293de3836	1569	CYASSL_MSG("ASN Name too big, skipping");
ashleymills	0:714293de3836	1570	tooBig = TRUE;
ashleymills	0:714293de3836	1571	}
ashleymills	0:714293de3836	1572
ashleymills	0:714293de3836	1573	if (id == ASN_COMMON_NAME) {
ashleymills	0:714293de3836	1574	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1575	cert->subjectCN = (char *)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1576	cert->subjectCNLen = strLen;
ashleymills	0:714293de3836	1577	}
ashleymills	0:714293de3836	1578
ashleymills	0:714293de3836	1579	if (!tooBig) {
ashleymills	0:714293de3836	1580	XMEMCPY(&full[idx], "/CN=", 4);
ashleymills	0:714293de3836	1581	idx += 4;
ashleymills	0:714293de3836	1582	copy = TRUE;
ashleymills	0:714293de3836	1583	}
ashleymills	0:714293de3836	1584	}
ashleymills	0:714293de3836	1585	else if (id == ASN_SUR_NAME) {
ashleymills	0:714293de3836	1586	if (!tooBig) {
ashleymills	0:714293de3836	1587	XMEMCPY(&full[idx], "/SN=", 4);
ashleymills	0:714293de3836	1588	idx += 4;
ashleymills	0:714293de3836	1589	copy = TRUE;
ashleymills	0:714293de3836	1590	}
ashleymills	0:714293de3836	1591	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1592	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1593	cert->subjectSN = (char*)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1594	cert->subjectSNLen = strLen;
ashleymills	0:714293de3836	1595	}
ashleymills	0:714293de3836	1596	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1597	}
ashleymills	0:714293de3836	1598	else if (id == ASN_COUNTRY_NAME) {
ashleymills	0:714293de3836	1599	if (!tooBig) {
ashleymills	0:714293de3836	1600	XMEMCPY(&full[idx], "/C=", 3);
ashleymills	0:714293de3836	1601	idx += 3;
ashleymills	0:714293de3836	1602	copy = TRUE;
ashleymills	0:714293de3836	1603	}
ashleymills	0:714293de3836	1604	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1605	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1606	cert->subjectC = (char*)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1607	cert->subjectCLen = strLen;
ashleymills	0:714293de3836	1608	}
ashleymills	0:714293de3836	1609	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1610	}
ashleymills	0:714293de3836	1611	else if (id == ASN_LOCALITY_NAME) {
ashleymills	0:714293de3836	1612	if (!tooBig) {
ashleymills	0:714293de3836	1613	XMEMCPY(&full[idx], "/L=", 3);
ashleymills	0:714293de3836	1614	idx += 3;
ashleymills	0:714293de3836	1615	copy = TRUE;
ashleymills	0:714293de3836	1616	}
ashleymills	0:714293de3836	1617	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1618	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1619	cert->subjectL = (char*)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1620	cert->subjectLLen = strLen;
ashleymills	0:714293de3836	1621	}
ashleymills	0:714293de3836	1622	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1623	}
ashleymills	0:714293de3836	1624	else if (id == ASN_STATE_NAME) {
ashleymills	0:714293de3836	1625	if (!tooBig) {
ashleymills	0:714293de3836	1626	XMEMCPY(&full[idx], "/ST=", 4);
ashleymills	0:714293de3836	1627	idx += 4;
ashleymills	0:714293de3836	1628	copy = TRUE;
ashleymills	0:714293de3836	1629	}
ashleymills	0:714293de3836	1630	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1631	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1632	cert->subjectST = (char*)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1633	cert->subjectSTLen = strLen;
ashleymills	0:714293de3836	1634	}
ashleymills	0:714293de3836	1635	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1636	}
ashleymills	0:714293de3836	1637	else if (id == ASN_ORG_NAME) {
ashleymills	0:714293de3836	1638	if (!tooBig) {
ashleymills	0:714293de3836	1639	XMEMCPY(&full[idx], "/O=", 3);
ashleymills	0:714293de3836	1640	idx += 3;
ashleymills	0:714293de3836	1641	copy = TRUE;
ashleymills	0:714293de3836	1642	}
ashleymills	0:714293de3836	1643	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1644	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1645	cert->subjectO = (char*)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1646	cert->subjectOLen = strLen;
ashleymills	0:714293de3836	1647	}
ashleymills	0:714293de3836	1648	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1649	}
ashleymills	0:714293de3836	1650	else if (id == ASN_ORGUNIT_NAME) {
ashleymills	0:714293de3836	1651	if (!tooBig) {
ashleymills	0:714293de3836	1652	XMEMCPY(&full[idx], "/OU=", 4);
ashleymills	0:714293de3836	1653	idx += 4;
ashleymills	0:714293de3836	1654	copy = TRUE;
ashleymills	0:714293de3836	1655	}
ashleymills	0:714293de3836	1656	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1657	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1658	cert->subjectOU = (char*)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1659	cert->subjectOULen = strLen;
ashleymills	0:714293de3836	1660	}
ashleymills	0:714293de3836	1661	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1662	}
ashleymills	0:714293de3836	1663
ashleymills	0:714293de3836	1664	if (copy && !tooBig) {
ashleymills	0:714293de3836	1665	XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen);
ashleymills	0:714293de3836	1666	idx += strLen;
ashleymills	0:714293de3836	1667	}
ashleymills	0:714293de3836	1668
ashleymills	0:714293de3836	1669	cert->srcIdx += strLen;
ashleymills	0:714293de3836	1670	}
ashleymills	0:714293de3836	1671	else {
ashleymills	0:714293de3836	1672	/* skip */
ashleymills	0:714293de3836	1673	byte email = FALSE;
ashleymills	0:714293de3836	1674	byte uid = FALSE;
ashleymills	0:714293de3836	1675	int adv;
ashleymills	0:714293de3836	1676
ashleymills	0:714293de3836	1677	if (joint[0] == 0x2a && joint[1] == 0x86) /* email id hdr */
ashleymills	0:714293de3836	1678	email = TRUE;
ashleymills	0:714293de3836	1679
ashleymills	0:714293de3836	1680	if (joint[0] == 0x9 && joint[1] == 0x92) /* uid id hdr */
ashleymills	0:714293de3836	1681	uid = TRUE;
ashleymills	0:714293de3836	1682
ashleymills	0:714293de3836	1683	cert->srcIdx += oidSz + 1;
ashleymills	0:714293de3836	1684
ashleymills	0:714293de3836	1685	if (GetLength(cert->source, &cert->srcIdx, &adv, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1686	return ASN_PARSE_E;
ashleymills	0:714293de3836	1687
ashleymills	0:714293de3836	1688	if (adv > (int)(ASN_NAME_MAX - idx)) {
ashleymills	0:714293de3836	1689	CYASSL_MSG("ASN name too big, skipping");
ashleymills	0:714293de3836	1690	tooBig = TRUE;
ashleymills	0:714293de3836	1691	}
ashleymills	0:714293de3836	1692
ashleymills	0:714293de3836	1693	if (email) {
ashleymills	0:714293de3836	1694	if ( (14 + adv) > (int)(ASN_NAME_MAX - idx)) {
ashleymills	0:714293de3836	1695	CYASSL_MSG("ASN name too big, skipping");
ashleymills	0:714293de3836	1696	tooBig = TRUE;
ashleymills	0:714293de3836	1697	}
ashleymills	0:714293de3836	1698	if (!tooBig) {
ashleymills	0:714293de3836	1699	XMEMCPY(&full[idx], "/emailAddress=", 14);
ashleymills	0:714293de3836	1700	idx += 14;
ashleymills	0:714293de3836	1701	}
ashleymills	0:714293de3836	1702
ashleymills	0:714293de3836	1703	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1704	if (nameType == SUBJECT) {
ashleymills	0:714293de3836	1705	cert->subjectEmail = (char*)&cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1706	cert->subjectEmailLen = adv;
ashleymills	0:714293de3836	1707	}
ashleymills	0:714293de3836	1708	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	1709
ashleymills	0:714293de3836	1710	if (!tooBig) {
ashleymills	0:714293de3836	1711	XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
ashleymills	0:714293de3836	1712	idx += adv;
ashleymills	0:714293de3836	1713	}
ashleymills	0:714293de3836	1714	}
ashleymills	0:714293de3836	1715
ashleymills	0:714293de3836	1716	if (uid) {
ashleymills	0:714293de3836	1717	if ( (5 + adv) > (int)(ASN_NAME_MAX - idx)) {
ashleymills	0:714293de3836	1718	CYASSL_MSG("ASN name too big, skipping");
ashleymills	0:714293de3836	1719	tooBig = TRUE;
ashleymills	0:714293de3836	1720	}
ashleymills	0:714293de3836	1721	if (!tooBig) {
ashleymills	0:714293de3836	1722	XMEMCPY(&full[idx], "/UID=", 5);
ashleymills	0:714293de3836	1723	idx += 5;
ashleymills	0:714293de3836	1724
ashleymills	0:714293de3836	1725	XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
ashleymills	0:714293de3836	1726	idx += adv;
ashleymills	0:714293de3836	1727	}
ashleymills	0:714293de3836	1728	}
ashleymills	0:714293de3836	1729
ashleymills	0:714293de3836	1730	cert->srcIdx += adv;
ashleymills	0:714293de3836	1731	}
ashleymills	0:714293de3836	1732	}
ashleymills	0:714293de3836	1733	full[idx++] = 0;
ashleymills	0:714293de3836	1734
ashleymills	0:714293de3836	1735	return 0;
ashleymills	0:714293de3836	1736	}
ashleymills	0:714293de3836	1737
ashleymills	0:714293de3836	1738
ashleymills	0:714293de3836	1739	#ifndef NO_TIME_H
ashleymills	0:714293de3836	1740
ashleymills	0:714293de3836	1741	/* to the second */
ashleymills	0:714293de3836	1742	static int DateGreaterThan(const struct tm* a, const struct tm* b)
ashleymills	0:714293de3836	1743	{
ashleymills	0:714293de3836	1744	if (a->tm_year > b->tm_year)
ashleymills	0:714293de3836	1745	return 1;
ashleymills	0:714293de3836	1746
ashleymills	0:714293de3836	1747	if (a->tm_year == b->tm_year && a->tm_mon > b->tm_mon)
ashleymills	0:714293de3836	1748	return 1;
ashleymills	0:714293de3836	1749
ashleymills	0:714293de3836	1750	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
ashleymills	0:714293de3836	1751	a->tm_mday > b->tm_mday)
ashleymills	0:714293de3836	1752	return 1;
ashleymills	0:714293de3836	1753
ashleymills	0:714293de3836	1754	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
ashleymills	0:714293de3836	1755	a->tm_mday == b->tm_mday && a->tm_hour > b->tm_hour)
ashleymills	0:714293de3836	1756	return 1;
ashleymills	0:714293de3836	1757
ashleymills	0:714293de3836	1758	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
ashleymills	0:714293de3836	1759	a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
ashleymills	0:714293de3836	1760	a->tm_min > b->tm_min)
ashleymills	0:714293de3836	1761	return 1;
ashleymills	0:714293de3836	1762
ashleymills	0:714293de3836	1763	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
ashleymills	0:714293de3836	1764	a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
ashleymills	0:714293de3836	1765	a->tm_min == b->tm_min && a->tm_sec > b->tm_sec)
ashleymills	0:714293de3836	1766	return 1;
ashleymills	0:714293de3836	1767
ashleymills	0:714293de3836	1768	return 0; /* false */
ashleymills	0:714293de3836	1769	}
ashleymills	0:714293de3836	1770
ashleymills	0:714293de3836	1771
ashleymills	0:714293de3836	1772	static INLINE int DateLessThan(const struct tm* a, const struct tm* b)
ashleymills	0:714293de3836	1773	{
ashleymills	0:714293de3836	1774	return !DateGreaterThan(a,b);
ashleymills	0:714293de3836	1775	}
ashleymills	0:714293de3836	1776
ashleymills	0:714293de3836	1777
ashleymills	0:714293de3836	1778	/* like atoi but only use first byte */
ashleymills	0:714293de3836	1779	/* Make sure before and after dates are valid */
ashleymills	0:714293de3836	1780	int ValidateDate(const byte* date, byte format, int dateType)
ashleymills	0:714293de3836	1781	{
ashleymills	0:714293de3836	1782	time_t ltime;
ashleymills	0:714293de3836	1783	struct tm certTime;
ashleymills	0:714293de3836	1784	struct tm* localTime;
ashleymills	0:714293de3836	1785	int i = 0;
ashleymills	0:714293de3836	1786
ashleymills	0:714293de3836	1787	ltime = XTIME(0);
ashleymills	0:714293de3836	1788
ashleymills	0:714293de3836	1789	XMEMSET(&certTime, 0, sizeof(certTime));
ashleymills	0:714293de3836	1790
ashleymills	0:714293de3836	1791	if (format == ASN_UTC_TIME) {
ashleymills	0:714293de3836	1792	if (btoi(date[0]) >= 5)
ashleymills	0:714293de3836	1793	certTime.tm_year = 1900;
ashleymills	0:714293de3836	1794	else
ashleymills	0:714293de3836	1795	certTime.tm_year = 2000;
ashleymills	0:714293de3836	1796	}
ashleymills	0:714293de3836	1797	else { /* format == GENERALIZED_TIME */
ashleymills	0:714293de3836	1798	certTime.tm_year += btoi(date[i++]) * 1000;
ashleymills	0:714293de3836	1799	certTime.tm_year += btoi(date[i++]) * 100;
ashleymills	0:714293de3836	1800	}
ashleymills	0:714293de3836	1801
ashleymills	0:714293de3836	1802	GetTime(&certTime.tm_year, date, &i); certTime.tm_year -= 1900; /* adjust */
ashleymills	0:714293de3836	1803	GetTime(&certTime.tm_mon, date, &i); certTime.tm_mon -= 1; /* adjust */
ashleymills	0:714293de3836	1804	GetTime(&certTime.tm_mday, date, &i);
ashleymills	0:714293de3836	1805	GetTime(&certTime.tm_hour, date, &i);
ashleymills	0:714293de3836	1806	GetTime(&certTime.tm_min, date, &i);
ashleymills	0:714293de3836	1807	GetTime(&certTime.tm_sec, date, &i);
ashleymills	0:714293de3836	1808
ashleymills	0:714293de3836	1809	if (date[i] != 'Z') { /* only Zulu supported for this profile */
ashleymills	0:714293de3836	1810	CYASSL_MSG("Only Zulu time supported for this profile");
ashleymills	0:714293de3836	1811	return 0;
ashleymills	0:714293de3836	1812	}
ashleymills	0:714293de3836	1813
ashleymills	0:714293de3836	1814	//localTime = XGMTIME(&ltime);
ashleymills	0:714293de3836	1815	// XXX gmtime seems to be broken on mbed, need to find out why
ashleymills	0:714293de3836	1816	localTime = localtime(&ltime);
ashleymills	0:714293de3836	1817
ashleymills	0:714293de3836	1818	if (dateType == BEFORE) {
ashleymills	0:714293de3836	1819	if (DateLessThan(localTime, &certTime))
ashleymills	0:714293de3836	1820	return 0;
ashleymills	0:714293de3836	1821	}
ashleymills	0:714293de3836	1822	else
ashleymills	0:714293de3836	1823	if (DateGreaterThan(localTime, &certTime))
ashleymills	0:714293de3836	1824	return 0;
ashleymills	0:714293de3836	1825
ashleymills	0:714293de3836	1826	return 1;
ashleymills	0:714293de3836	1827	}
ashleymills	0:714293de3836	1828
ashleymills	0:714293de3836	1829	#endif /* NO_TIME_H */
ashleymills	0:714293de3836	1830
ashleymills	0:714293de3836	1831
ashleymills	0:714293de3836	1832	static int GetDate(DecodedCert* cert, int dateType)
ashleymills	0:714293de3836	1833	{
ashleymills	0:714293de3836	1834	int length;
ashleymills	0:714293de3836	1835	byte date[MAX_DATE_SIZE];
ashleymills	0:714293de3836	1836	byte b;
ashleymills	0:714293de3836	1837
ashleymills	0:714293de3836	1838	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1839	word32 startIdx = 0;
ashleymills	0:714293de3836	1840	if (dateType == BEFORE)
ashleymills	0:714293de3836	1841	cert->beforeDate = &cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1842	else
ashleymills	0:714293de3836	1843	cert->afterDate = &cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1844	startIdx = cert->srcIdx;
ashleymills	0:714293de3836	1845	#endif
ashleymills	0:714293de3836	1846
ashleymills	0:714293de3836	1847	b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1848	if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME)
ashleymills	0:714293de3836	1849	return ASN_TIME_E;
ashleymills	0:714293de3836	1850
ashleymills	0:714293de3836	1851	if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1852	return ASN_PARSE_E;
ashleymills	0:714293de3836	1853
ashleymills	0:714293de3836	1854	if (length > MAX_DATE_SIZE \|\| length < MIN_DATE_SIZE)
ashleymills	0:714293de3836	1855	return ASN_DATE_SZ_E;
ashleymills	0:714293de3836	1856
ashleymills	0:714293de3836	1857	XMEMCPY(date, &cert->source[cert->srcIdx], length);
ashleymills	0:714293de3836	1858	cert->srcIdx += length;
ashleymills	0:714293de3836	1859
ashleymills	0:714293de3836	1860	#ifdef CYASSL_CERT_GEN
ashleymills	0:714293de3836	1861	if (dateType == BEFORE)
ashleymills	0:714293de3836	1862	cert->beforeDateLen = cert->srcIdx - startIdx;
ashleymills	0:714293de3836	1863	else
ashleymills	0:714293de3836	1864	cert->afterDateLen = cert->srcIdx - startIdx;
ashleymills	0:714293de3836	1865	#endif
ashleymills	0:714293de3836	1866
ashleymills	0:714293de3836	1867	if (!XVALIDATE_DATE(date, b, dateType)) {
ashleymills	0:714293de3836	1868	if (dateType == BEFORE)
ashleymills	0:714293de3836	1869	return ASN_BEFORE_DATE_E;
ashleymills	0:714293de3836	1870	else
ashleymills	0:714293de3836	1871	return ASN_AFTER_DATE_E;
ashleymills	0:714293de3836	1872	}
ashleymills	0:714293de3836	1873
ashleymills	0:714293de3836	1874	return 0;
ashleymills	0:714293de3836	1875	}
ashleymills	0:714293de3836	1876
ashleymills	0:714293de3836	1877
ashleymills	0:714293de3836	1878	static int GetValidity(DecodedCert* cert, int verify)
ashleymills	0:714293de3836	1879	{
ashleymills	0:714293de3836	1880	int length;
ashleymills	0:714293de3836	1881	int badDate = 0;
ashleymills	0:714293de3836	1882
ashleymills	0:714293de3836	1883	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1884	return ASN_PARSE_E;
ashleymills	0:714293de3836	1885
ashleymills	0:714293de3836	1886	if (GetDate(cert, BEFORE) < 0 && verify)
ashleymills	0:714293de3836	1887	badDate = ASN_BEFORE_DATE_E; /* continue parsing */
ashleymills	0:714293de3836	1888
ashleymills	0:714293de3836	1889	if (GetDate(cert, AFTER) < 0 && verify)
ashleymills	0:714293de3836	1890	return ASN_AFTER_DATE_E;
ashleymills	0:714293de3836	1891
ashleymills	0:714293de3836	1892	if (badDate != 0)
ashleymills	0:714293de3836	1893	return badDate;
ashleymills	0:714293de3836	1894
ashleymills	0:714293de3836	1895	return 0;
ashleymills	0:714293de3836	1896	}
ashleymills	0:714293de3836	1897
ashleymills	0:714293de3836	1898
ashleymills	0:714293de3836	1899	int DecodeToKey(DecodedCert* cert, int verify)
ashleymills	0:714293de3836	1900	{
ashleymills	0:714293de3836	1901	int badDate = 0;
ashleymills	0:714293de3836	1902	int ret;
ashleymills	0:714293de3836	1903
ashleymills	0:714293de3836	1904	if ( (ret = GetCertHeader(cert)) < 0)
ashleymills	0:714293de3836	1905	return ret;
ashleymills	0:714293de3836	1906
ashleymills	0:714293de3836	1907	if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID,
ashleymills	0:714293de3836	1908	cert->maxIdx)) < 0)
ashleymills	0:714293de3836	1909	return ret;
ashleymills	0:714293de3836	1910
ashleymills	0:714293de3836	1911	if ( (ret = GetName(cert, ISSUER)) < 0)
ashleymills	0:714293de3836	1912	return ret;
ashleymills	0:714293de3836	1913
ashleymills	0:714293de3836	1914	if ( (ret = GetValidity(cert, verify)) < 0)
ashleymills	0:714293de3836	1915	badDate = ret;
ashleymills	0:714293de3836	1916
ashleymills	0:714293de3836	1917	if ( (ret = GetName(cert, SUBJECT)) < 0)
ashleymills	0:714293de3836	1918	return ret;
ashleymills	0:714293de3836	1919
ashleymills	0:714293de3836	1920	if ( (ret = GetKey(cert)) < 0)
ashleymills	0:714293de3836	1921	return ret;
ashleymills	0:714293de3836	1922
ashleymills	0:714293de3836	1923	if (badDate != 0)
ashleymills	0:714293de3836	1924	return badDate;
ashleymills	0:714293de3836	1925
ashleymills	0:714293de3836	1926	return ret;
ashleymills	0:714293de3836	1927	}
ashleymills	0:714293de3836	1928
ashleymills	0:714293de3836	1929
ashleymills	0:714293de3836	1930	static int GetSignature(DecodedCert* cert)
ashleymills	0:714293de3836	1931	{
ashleymills	0:714293de3836	1932	int length;
ashleymills	0:714293de3836	1933	byte b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1934
ashleymills	0:714293de3836	1935	if (b != ASN_BIT_STRING)
ashleymills	0:714293de3836	1936	return ASN_BITSTR_E;
ashleymills	0:714293de3836	1937
ashleymills	0:714293de3836	1938	if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
ashleymills	0:714293de3836	1939	return ASN_PARSE_E;
ashleymills	0:714293de3836	1940
ashleymills	0:714293de3836	1941	cert->sigLength = length;
ashleymills	0:714293de3836	1942
ashleymills	0:714293de3836	1943	b = cert->source[cert->srcIdx++];
ashleymills	0:714293de3836	1944	if (b != 0x00)
ashleymills	0:714293de3836	1945	return ASN_EXPECT_0_E;
ashleymills	0:714293de3836	1946
ashleymills	0:714293de3836	1947	cert->sigLength--;
ashleymills	0:714293de3836	1948	cert->signature = &cert->source[cert->srcIdx];
ashleymills	0:714293de3836	1949	cert->srcIdx += cert->sigLength;
ashleymills	0:714293de3836	1950
ashleymills	0:714293de3836	1951	return 0;
ashleymills	0:714293de3836	1952	}
ashleymills	0:714293de3836	1953
ashleymills	0:714293de3836	1954
ashleymills	0:714293de3836	1955	static word32 SetDigest(const byte* digest, word32 digSz, byte* output)
ashleymills	0:714293de3836	1956	{
ashleymills	0:714293de3836	1957	output[0] = ASN_OCTET_STRING;
ashleymills	0:714293de3836	1958	output[1] = (byte)digSz;
ashleymills	0:714293de3836	1959	XMEMCPY(&output[2], digest, digSz);
ashleymills	0:714293de3836	1960
ashleymills	0:714293de3836	1961	return digSz + 2;
ashleymills	0:714293de3836	1962	}
ashleymills	0:714293de3836	1963
ashleymills	0:714293de3836	1964
ashleymills	0:714293de3836	1965	static word32 BytePrecision(word32 value)
ashleymills	0:714293de3836	1966	{
ashleymills	0:714293de3836	1967	word32 i;
ashleymills	0:714293de3836	1968	for (i = sizeof(value); i; --i)
ashleymills	0:714293de3836	1969	if (value >> ((i - 1) * CYASSL_BIT_SIZE))
ashleymills	0:714293de3836	1970	break;
ashleymills	0:714293de3836	1971
ashleymills	0:714293de3836	1972	return i;
ashleymills	0:714293de3836	1973	}
ashleymills	0:714293de3836	1974
ashleymills	0:714293de3836	1975
ashleymills	0:714293de3836	1976	static word32 SetLength(word32 length, byte* output)
ashleymills	0:714293de3836	1977	{
ashleymills	0:714293de3836	1978	word32 i = 0, j;
ashleymills	0:714293de3836	1979
ashleymills	0:714293de3836	1980	if (length < ASN_LONG_LENGTH)
ashleymills	0:714293de3836	1981	output[i++] = (byte)length;
ashleymills	0:714293de3836	1982	else {
ashleymills	0:714293de3836	1983	output[i++] = (byte)(BytePrecision(length) \| ASN_LONG_LENGTH);
ashleymills	0:714293de3836	1984
ashleymills	0:714293de3836	1985	for (j = BytePrecision(length); j; --j) {
ashleymills	0:714293de3836	1986	output[i] = (byte)(length >> ((j - 1) * CYASSL_BIT_SIZE));
ashleymills	0:714293de3836	1987	i++;
ashleymills	0:714293de3836	1988	}
ashleymills	0:714293de3836	1989	}
ashleymills	0:714293de3836	1990
ashleymills	0:714293de3836	1991	return i;
ashleymills	0:714293de3836	1992	}
ashleymills	0:714293de3836	1993
ashleymills	0:714293de3836	1994
ashleymills	0:714293de3836	1995	static word32 SetSequence(word32 len, byte* output)
ashleymills	0:714293de3836	1996	{
ashleymills	0:714293de3836	1997	output[0] = ASN_SEQUENCE \| ASN_CONSTRUCTED;
ashleymills	0:714293de3836	1998	return SetLength(len, output + 1) + 1;
ashleymills	0:714293de3836	1999	}
ashleymills	0:714293de3836	2000
ashleymills	0:714293de3836	2001
ashleymills	0:714293de3836	2002	static word32 SetAlgoID(int algoOID, byte* output, int type)
ashleymills	0:714293de3836	2003	{
ashleymills	0:714293de3836	2004	/* adding TAG_NULL and 0 to end */
ashleymills	0:714293de3836	2005
ashleymills	0:714293de3836	2006	/* hashTypes */
ashleymills	0:714293de3836	2007	static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a,
ashleymills	0:714293de3836	2008	0x05, 0x00 };
ashleymills	0:714293de3836	2009	static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
ashleymills	0:714293de3836	2010	0x04, 0x02, 0x01, 0x05, 0x00 };
ashleymills	0:714293de3836	2011	static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
ashleymills	0:714293de3836	2012	0x04, 0x02, 0x02, 0x05, 0x00 };
ashleymills	0:714293de3836	2013	static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
ashleymills	0:714293de3836	2014	0x04, 0x02, 0x03, 0x05, 0x00 };
ashleymills	0:714293de3836	2015	static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
ashleymills	0:714293de3836	2016	0x02, 0x05, 0x05, 0x00 };
ashleymills	0:714293de3836	2017	static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
ashleymills	0:714293de3836	2018	0x02, 0x02, 0x05, 0x00};
ashleymills	0:714293de3836	2019
ashleymills	0:714293de3836	2020	/* sigTypes */
ashleymills	0:714293de3836	2021	#ifndef NO_RSA
ashleymills	0:714293de3836	2022	static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
ashleymills	0:714293de3836	2023	0x0d, 0x01, 0x01, 0x04, 0x05, 0x00};
ashleymills	0:714293de3836	2024	static const byte shawRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
ashleymills	0:714293de3836	2025	0x0d, 0x01, 0x01, 0x05, 0x05, 0x00};
ashleymills	0:714293de3836	2026	static const byte sha256wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
ashleymills	0:714293de3836	2027	0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00};
ashleymills	0:714293de3836	2028	static const byte sha384wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
ashleymills	0:714293de3836	2029	0x0d, 0x01, 0x01, 0x0c, 0x05, 0x00};
ashleymills	0:714293de3836	2030	static const byte sha512wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
ashleymills	0:714293de3836	2031	0x0d, 0x01, 0x01, 0x0d, 0x05, 0x00};
ashleymills	0:714293de3836	2032	#endif /* NO_RSA */
ashleymills	0:714293de3836	2033
ashleymills	0:714293de3836	2034	/* keyTypes */
ashleymills	0:714293de3836	2035	#ifndef NO_RSA
ashleymills	0:714293de3836	2036	static const byte RSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
ashleymills	0:714293de3836	2037	0x01, 0x01, 0x01, 0x05, 0x00};
ashleymills	0:714293de3836	2038	#endif /* NO_RSA */
ashleymills	0:714293de3836	2039
ashleymills	0:714293de3836	2040	int algoSz = 0;
ashleymills	0:714293de3836	2041	word32 idSz, seqSz;
ashleymills	0:714293de3836	2042	const byte* algoName = 0;
ashleymills	0:714293de3836	2043	byte ID_Length[MAX_LENGTH_SZ];
ashleymills	0:714293de3836	2044	byte seqArray[MAX_SEQ_SZ + 1]; /* add object_id to end */
ashleymills	0:714293de3836	2045
ashleymills	0:714293de3836	2046	if (type == hashType) {
ashleymills	0:714293de3836	2047	switch (algoOID) {
ashleymills	0:714293de3836	2048	case SHAh:
ashleymills	0:714293de3836	2049	algoSz = sizeof(shaAlgoID);
ashleymills	0:714293de3836	2050	algoName = shaAlgoID;
ashleymills	0:714293de3836	2051	break;
ashleymills	0:714293de3836	2052
ashleymills	0:714293de3836	2053	case SHA256h:
ashleymills	0:714293de3836	2054	algoSz = sizeof(sha256AlgoID);
ashleymills	0:714293de3836	2055	algoName = sha256AlgoID;
ashleymills	0:714293de3836	2056	break;
ashleymills	0:714293de3836	2057
ashleymills	0:714293de3836	2058	case SHA384h:
ashleymills	0:714293de3836	2059	algoSz = sizeof(sha384AlgoID);
ashleymills	0:714293de3836	2060	algoName = sha384AlgoID;
ashleymills	0:714293de3836	2061	break;
ashleymills	0:714293de3836	2062
ashleymills	0:714293de3836	2063	case SHA512h:
ashleymills	0:714293de3836	2064	algoSz = sizeof(sha512AlgoID);
ashleymills	0:714293de3836	2065	algoName = sha512AlgoID;
ashleymills	0:714293de3836	2066	break;
ashleymills	0:714293de3836	2067
ashleymills	0:714293de3836	2068	case MD2h:
ashleymills	0:714293de3836	2069	algoSz = sizeof(md2AlgoID);
ashleymills	0:714293de3836	2070	algoName = md2AlgoID;
ashleymills	0:714293de3836	2071	break;
ashleymills	0:714293de3836	2072
ashleymills	0:714293de3836	2073	case MD5h:
ashleymills	0:714293de3836	2074	algoSz = sizeof(md5AlgoID);
ashleymills	0:714293de3836	2075	algoName = md5AlgoID;
ashleymills	0:714293de3836	2076	break;
ashleymills	0:714293de3836	2077
ashleymills	0:714293de3836	2078	default:
ashleymills	0:714293de3836	2079	CYASSL_MSG("Unknown Hash Algo");
ashleymills	0:714293de3836	2080	return 0; /* UNKOWN_HASH_E; */
ashleymills	0:714293de3836	2081	}
ashleymills	0:714293de3836	2082	}
ashleymills	0:714293de3836	2083	else if (type == sigType) { /* sigType */
ashleymills	0:714293de3836	2084	switch (algoOID) {
ashleymills	0:714293de3836	2085	#ifndef NO_RSA
ashleymills	0:714293de3836	2086	case CTC_MD5wRSA:
ashleymills	0:714293de3836	2087	algoSz = sizeof(md5wRSA_AlgoID);
ashleymills	0:714293de3836	2088	algoName = md5wRSA_AlgoID;
ashleymills	0:714293de3836	2089	break;
ashleymills	0:714293de3836	2090
ashleymills	0:714293de3836	2091	case CTC_SHAwRSA:
ashleymills	0:714293de3836	2092	algoSz = sizeof(shawRSA_AlgoID);
ashleymills	0:714293de3836	2093	algoName = shawRSA_AlgoID;
ashleymills	0:714293de3836	2094	break;
ashleymills	0:714293de3836	2095
ashleymills	0:714293de3836	2096	case CTC_SHA256wRSA:
ashleymills	0:714293de3836	2097	algoSz = sizeof(sha256wRSA_AlgoID);
ashleymills	0:714293de3836	2098	algoName = sha256wRSA_AlgoID;
ashleymills	0:714293de3836	2099	break;
ashleymills	0:714293de3836	2100
ashleymills	0:714293de3836	2101	case CTC_SHA384wRSA:
ashleymills	0:714293de3836	2102	algoSz = sizeof(sha384wRSA_AlgoID);
ashleymills	0:714293de3836	2103	algoName = sha384wRSA_AlgoID;
ashleymills	0:714293de3836	2104	break;
ashleymills	0:714293de3836	2105
ashleymills	0:714293de3836	2106	case CTC_SHA512wRSA:
ashleymills	0:714293de3836	2107	algoSz = sizeof(sha512wRSA_AlgoID);
ashleymills	0:714293de3836	2108	algoName = sha512wRSA_AlgoID;
ashleymills	0:714293de3836	2109	break;
ashleymills	0:714293de3836	2110	#endif /* NO_RSA */
ashleymills	0:714293de3836	2111	default:
ashleymills	0:714293de3836	2112	CYASSL_MSG("Unknown Signature Algo");
ashleymills	0:714293de3836	2113	return 0;
ashleymills	0:714293de3836	2114	}
ashleymills	0:714293de3836	2115	}
ashleymills	0:714293de3836	2116	else if (type == keyType) { /* keyType */
ashleymills	0:714293de3836	2117	switch (algoOID) {
ashleymills	0:714293de3836	2118	#ifndef NO_RSA
ashleymills	0:714293de3836	2119	case RSAk:
ashleymills	0:714293de3836	2120	algoSz = sizeof(RSA_AlgoID);
ashleymills	0:714293de3836	2121	algoName = RSA_AlgoID;
ashleymills	0:714293de3836	2122	break;
ashleymills	0:714293de3836	2123	#endif /* NO_RSA */
ashleymills	0:714293de3836	2124	default:
ashleymills	0:714293de3836	2125	CYASSL_MSG("Unknown Key Algo");
ashleymills	0:714293de3836	2126	return 0;
ashleymills	0:714293de3836	2127	}
ashleymills	0:714293de3836	2128	}
ashleymills	0:714293de3836	2129	else {
ashleymills	0:714293de3836	2130	CYASSL_MSG("Unknown Algo type");
ashleymills	0:714293de3836	2131	return 0;
ashleymills	0:714293de3836	2132	}
ashleymills	0:714293de3836	2133
ashleymills	0:714293de3836	2134	idSz = SetLength(algoSz - 2, ID_Length); /* don't include TAG_NULL/0 */
ashleymills	0:714293de3836	2135	seqSz = SetSequence(idSz + algoSz + 1, seqArray);
ashleymills	0:714293de3836	2136	seqArray[seqSz++] = ASN_OBJECT_ID;
ashleymills	0:714293de3836	2137
ashleymills	0:714293de3836	2138	XMEMCPY(output, seqArray, seqSz);
ashleymills	0:714293de3836	2139	XMEMCPY(output + seqSz, ID_Length, idSz);
ashleymills	0:714293de3836	2140	XMEMCPY(output + seqSz + idSz, algoName, algoSz);
ashleymills	0:714293de3836	2141
ashleymills	0:714293de3836	2142	return seqSz + idSz + algoSz;
ashleymills	0:714293de3836	2143
ashleymills	0:714293de3836	2144	}
ashleymills	0:714293de3836	2145
ashleymills	0:714293de3836	2146
ashleymills	0:714293de3836	2147	word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID)
ashleymills	0:714293de3836	2148	{
ashleymills	0:714293de3836	2149	byte digArray[MAX_ENCODED_DIG_SZ];
ashleymills	0:714293de3836	2150	byte algoArray[MAX_ALGO_SZ];
ashleymills	0:714293de3836	2151	byte seqArray[MAX_SEQ_SZ];
ashleymills	0:714293de3836	2152	word32 encDigSz, algoSz, seqSz;
ashleymills	0:714293de3836	2153
ashleymills	0:714293de3836	2154	encDigSz = SetDigest(digest, digSz, digArray);
ashleymills	0:714293de3836	2155	algoSz = SetAlgoID(hashOID, algoArray, hashType);
ashleymills	0:714293de3836	2156	seqSz = SetSequence(encDigSz + algoSz, seqArray);
ashleymills	0:714293de3836	2157
ashleymills	0:714293de3836	2158	XMEMCPY(out, seqArray, seqSz);
ashleymills	0:714293de3836	2159	XMEMCPY(out + seqSz, algoArray, algoSz);
ashleymills	0:714293de3836	2160	XMEMCPY(out + seqSz + algoSz, digArray, encDigSz);
ashleymills	0:714293de3836	2161
ashleymills	0:714293de3836	2162	return encDigSz + algoSz + seqSz;
ashleymills	0:714293de3836	2163	}
ashleymills	0:714293de3836	2164
ashleymills	0:714293de3836	2165
ashleymills	0:714293de3836	2166	/* return true (1) for Confirmation */
ashleymills	0:714293de3836	2167	static int ConfirmSignature(const byte* buf, word32 bufSz,
ashleymills	0:714293de3836	2168	const byte* key, word32 keySz, word32 keyOID,
ashleymills	0:714293de3836	2169	const byte* sig, word32 sigSz, word32 sigOID,
ashleymills	0:714293de3836	2170	void* heap)
ashleymills	0:714293de3836	2171	{
ashleymills	0:714293de3836	2172	#ifdef CYASSL_SHA512
ashleymills	0:714293de3836	2173	byte digest[SHA512_DIGEST_SIZE]; /* max size */
ashleymills	0:714293de3836	2174	#elif !defined(NO_SHA256)
ashleymills	0:714293de3836	2175	byte digest[SHA256_DIGEST_SIZE]; /* max size */
ashleymills	0:714293de3836	2176	#else
ashleymills	0:714293de3836	2177	byte digest[SHA_DIGEST_SIZE]; /* max size */
ashleymills	0:714293de3836	2178	#endif
ashleymills	0:714293de3836	2179	int typeH, digestSz, ret = 0;
ashleymills	0:714293de3836	2180
ashleymills	0:714293de3836	2181	(void)key;
ashleymills	0:714293de3836	2182	(void)keySz;
ashleymills	0:714293de3836	2183	(void)sig;
ashleymills	0:714293de3836	2184	(void)sigSz;
ashleymills	0:714293de3836	2185	(void)heap;
ashleymills	0:714293de3836	2186	(void)ret;
ashleymills	0:714293de3836	2187
ashleymills	0:714293de3836	2188	switch (sigOID) {
ashleymills	0:714293de3836	2189	#ifndef NO_MD5
ashleymills	0:714293de3836	2190	case CTC_MD5wRSA:
ashleymills	0:714293de3836	2191	{
ashleymills	0:714293de3836	2192	Md5 md5;
ashleymills	0:714293de3836	2193	InitMd5(&md5);
ashleymills	0:714293de3836	2194	Md5Update(&md5, buf, bufSz);
ashleymills	0:714293de3836	2195	Md5Final(&md5, digest);
ashleymills	0:714293de3836	2196	typeH = MD5h;
ashleymills	0:714293de3836	2197	digestSz = MD5_DIGEST_SIZE;
ashleymills	0:714293de3836	2198	}
ashleymills	0:714293de3836	2199	break;
ashleymills	0:714293de3836	2200	#endif
ashleymills	0:714293de3836	2201	#if defined(CYASSL_MD2)
ashleymills	0:714293de3836	2202	case CTC_MD2wRSA:
ashleymills	0:714293de3836	2203	{
ashleymills	0:714293de3836	2204	Md2 md2;
ashleymills	0:714293de3836	2205	InitMd2(&md2);
ashleymills	0:714293de3836	2206	Md2Update(&md2, buf, bufSz);
ashleymills	0:714293de3836	2207	Md2Final(&md2, digest);
ashleymills	0:714293de3836	2208	typeH = MD2h;
ashleymills	0:714293de3836	2209	digestSz = MD2_DIGEST_SIZE;
ashleymills	0:714293de3836	2210	}
ashleymills	0:714293de3836	2211	break;
ashleymills	0:714293de3836	2212	#endif
ashleymills	0:714293de3836	2213	#ifndef NO_SHA
ashleymills	0:714293de3836	2214	case CTC_SHAwRSA:
ashleymills	0:714293de3836	2215	case CTC_SHAwDSA:
ashleymills	0:714293de3836	2216	case CTC_SHAwECDSA:
ashleymills	0:714293de3836	2217	{
ashleymills	0:714293de3836	2218	Sha sha;
ashleymills	0:714293de3836	2219	InitSha(&sha);
ashleymills	0:714293de3836	2220	ShaUpdate(&sha, buf, bufSz);
ashleymills	0:714293de3836	2221	ShaFinal(&sha, digest);
ashleymills	0:714293de3836	2222	typeH = SHAh;
ashleymills	0:714293de3836	2223	digestSz = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	2224	}
ashleymills	0:714293de3836	2225	break;
ashleymills	0:714293de3836	2226	#endif
ashleymills	0:714293de3836	2227	#ifndef NO_SHA256
ashleymills	0:714293de3836	2228	case CTC_SHA256wRSA:
ashleymills	0:714293de3836	2229	case CTC_SHA256wECDSA:
ashleymills	0:714293de3836	2230	{
ashleymills	0:714293de3836	2231	Sha256 sha256;
ashleymills	0:714293de3836	2232	InitSha256(&sha256);
ashleymills	0:714293de3836	2233	Sha256Update(&sha256, buf, bufSz);
ashleymills	0:714293de3836	2234	Sha256Final(&sha256, digest);
ashleymills	0:714293de3836	2235	typeH = SHA256h;
ashleymills	0:714293de3836	2236	digestSz = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	2237	}
ashleymills	0:714293de3836	2238	break;
ashleymills	0:714293de3836	2239	#endif
ashleymills	0:714293de3836	2240	#ifdef CYASSL_SHA512
ashleymills	0:714293de3836	2241	case CTC_SHA512wRSA:
ashleymills	0:714293de3836	2242	case CTC_SHA512wECDSA:
ashleymills	0:714293de3836	2243	{
ashleymills	0:714293de3836	2244	Sha512 sha512;
ashleymills	0:714293de3836	2245	InitSha512(&sha512);
ashleymills	0:714293de3836	2246	Sha512Update(&sha512, buf, bufSz);
ashleymills	0:714293de3836	2247	Sha512Final(&sha512, digest);
ashleymills	0:714293de3836	2248	typeH = SHA512h;
ashleymills	0:714293de3836	2249	digestSz = SHA512_DIGEST_SIZE;
ashleymills	0:714293de3836	2250	}
ashleymills	0:714293de3836	2251	break;
ashleymills	0:714293de3836	2252	#endif
ashleymills	0:714293de3836	2253	#ifdef CYASSL_SHA384
ashleymills	0:714293de3836	2254	case CTC_SHA384wRSA:
ashleymills	0:714293de3836	2255	case CTC_SHA384wECDSA:
ashleymills	0:714293de3836	2256	{
ashleymills	0:714293de3836	2257	Sha384 sha384;
ashleymills	0:714293de3836	2258	InitSha384(&sha384);
ashleymills	0:714293de3836	2259	Sha384Update(&sha384, buf, bufSz);
ashleymills	0:714293de3836	2260	Sha384Final(&sha384, digest);
ashleymills	0:714293de3836	2261	typeH = SHA384h;
ashleymills	0:714293de3836	2262	digestSz = SHA384_DIGEST_SIZE;
ashleymills	0:714293de3836	2263	}
ashleymills	0:714293de3836	2264	break;
ashleymills	0:714293de3836	2265	#endif
ashleymills	0:714293de3836	2266	default:
ashleymills	0:714293de3836	2267	CYASSL_MSG("Verify Signautre has unsupported type");
ashleymills	0:714293de3836	2268	return 0;
ashleymills	0:714293de3836	2269	}
ashleymills	0:714293de3836	2270
ashleymills	0:714293de3836	2271	switch (keyOID) {
ashleymills	0:714293de3836	2272	#ifndef NO_RSA
ashleymills	0:714293de3836	2273	case RSAk:
ashleymills	0:714293de3836	2274	{
ashleymills	0:714293de3836	2275	RsaKey pubKey;
ashleymills	0:714293de3836	2276	byte encodedSig[MAX_ENCODED_SIG_SZ];
ashleymills	0:714293de3836	2277	byte plain[MAX_ENCODED_SIG_SZ];
ashleymills	0:714293de3836	2278	word32 idx = 0;
ashleymills	0:714293de3836	2279	int encodedSigSz, verifySz;
ashleymills	0:714293de3836	2280	byte* out;
ashleymills	0:714293de3836	2281
ashleymills	0:714293de3836	2282	if (sigSz > MAX_ENCODED_SIG_SZ) {
ashleymills	0:714293de3836	2283	CYASSL_MSG("Verify Signautre is too big");
ashleymills	0:714293de3836	2284	return 0;
ashleymills	0:714293de3836	2285	}
ashleymills	0:714293de3836	2286
ashleymills	0:714293de3836	2287	InitRsaKey(&pubKey, heap);
ashleymills	0:714293de3836	2288	if (RsaPublicKeyDecode(key, &idx, &pubKey, keySz) < 0) {
ashleymills	0:714293de3836	2289	CYASSL_MSG("ASN Key decode error RSA");
ashleymills	0:714293de3836	2290	ret = 0;
ashleymills	0:714293de3836	2291	}
ashleymills	0:714293de3836	2292	else {
ashleymills	0:714293de3836	2293	XMEMCPY(plain, sig, sigSz);
ashleymills	0:714293de3836	2294	if ( (verifySz = RsaSSL_VerifyInline(plain, sigSz, &out,
ashleymills	0:714293de3836	2295	&pubKey)) < 0) {
ashleymills	0:714293de3836	2296	CYASSL_MSG("Rsa SSL verify error");
ashleymills	0:714293de3836	2297	ret = 0;
ashleymills	0:714293de3836	2298	}
ashleymills	0:714293de3836	2299	else {
ashleymills	0:714293de3836	2300	/* make sure we're right justified */
ashleymills	0:714293de3836	2301	encodedSigSz =
ashleymills	0:714293de3836	2302	EncodeSignature(encodedSig, digest, digestSz, typeH);
ashleymills	0:714293de3836	2303	if (encodedSigSz != verifySz \|\|
ashleymills	0:714293de3836	2304	XMEMCMP(out, encodedSig, encodedSigSz) != 0) {
ashleymills	0:714293de3836	2305	CYASSL_MSG("Rsa SSL verify match encode error");
ashleymills	0:714293de3836	2306	ret = 0;
ashleymills	0:714293de3836	2307	}
ashleymills	0:714293de3836	2308	else
ashleymills	0:714293de3836	2309	ret = 1; /* match */
ashleymills	0:714293de3836	2310
ashleymills	0:714293de3836	2311	#ifdef CYASSL_DEBUG_ENCODING
ashleymills	0:714293de3836	2312	{
ashleymills	0:714293de3836	2313	int x;
ashleymills	0:714293de3836	2314	printf("cyassl encodedSig:\n");
ashleymills	0:714293de3836	2315	for (x = 0; x < encodedSigSz; x++) {
ashleymills	0:714293de3836	2316	printf("%02x ", encodedSig[x]);
ashleymills	0:714293de3836	2317	if ( (x % 16) == 15)
ashleymills	0:714293de3836	2318	printf("\n");
ashleymills	0:714293de3836	2319	}
ashleymills	0:714293de3836	2320	printf("\n");
ashleymills	0:714293de3836	2321	printf("actual digest:\n");
ashleymills	0:714293de3836	2322	for (x = 0; x < verifySz; x++) {
ashleymills	0:714293de3836	2323	printf("%02x ", out[x]);
ashleymills	0:714293de3836	2324	if ( (x % 16) == 15)
ashleymills	0:714293de3836	2325	printf("\n");
ashleymills	0:714293de3836	2326	}
ashleymills	0:714293de3836	2327	printf("\n");
ashleymills	0:714293de3836	2328	}
ashleymills	0:714293de3836	2329	#endif /* CYASSL_DEBUG_ENCODING */
ashleymills	0:714293de3836	2330	}
ashleymills	0:714293de3836	2331	}
ashleymills	0:714293de3836	2332	FreeRsaKey(&pubKey);
ashleymills	0:714293de3836	2333	return ret;
ashleymills	0:714293de3836	2334	}
ashleymills	0:714293de3836	2335
ashleymills	0:714293de3836	2336	#endif /* NO_RSA */
ashleymills	0:714293de3836	2337	#ifdef HAVE_ECC
ashleymills	0:714293de3836	2338	case ECDSAk:
ashleymills	0:714293de3836	2339	{
ashleymills	0:714293de3836	2340	ecc_key pubKey;
ashleymills	0:714293de3836	2341	int verify = 0;
ashleymills	0:714293de3836	2342
ashleymills	0:714293de3836	2343	if (ecc_import_x963(key, keySz, &pubKey) < 0) {
ashleymills	0:714293de3836	2344	CYASSL_MSG("ASN Key import error ECC");
ashleymills	0:714293de3836	2345	return 0;
ashleymills	0:714293de3836	2346	}
ashleymills	0:714293de3836	2347
ashleymills	0:714293de3836	2348	ret = ecc_verify_hash(sig,sigSz,digest,digestSz,&verify,&pubKey);
ashleymills	0:714293de3836	2349	ecc_free(&pubKey);
ashleymills	0:714293de3836	2350	if (ret == 0 && verify == 1)
ashleymills	0:714293de3836	2351	return 1; /* match */
ashleymills	0:714293de3836	2352
ashleymills	0:714293de3836	2353	CYASSL_MSG("ECC Verify didn't match");
ashleymills	0:714293de3836	2354	return 0;
ashleymills	0:714293de3836	2355	}
ashleymills	0:714293de3836	2356	#endif /* HAVE_ECC */
ashleymills	0:714293de3836	2357	default:
ashleymills	0:714293de3836	2358	CYASSL_MSG("Verify Key type unknown");
ashleymills	0:714293de3836	2359	return 0;
ashleymills	0:714293de3836	2360	}
ashleymills	0:714293de3836	2361	}
ashleymills	0:714293de3836	2362
ashleymills	0:714293de3836	2363
ashleymills	0:714293de3836	2364	static void DecodeAltNames(byte* input, int sz, DecodedCert* cert)
ashleymills	0:714293de3836	2365	{
ashleymills	0:714293de3836	2366	word32 idx = 0;
ashleymills	0:714293de3836	2367	int length = 0;
ashleymills	0:714293de3836	2368
ashleymills	0:714293de3836	2369	CYASSL_ENTER("DecodeAltNames");
ashleymills	0:714293de3836	2370
ashleymills	0:714293de3836	2371	if (GetSequence(input, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	2372	CYASSL_MSG("\tBad Sequence");
ashleymills	0:714293de3836	2373	return;
ashleymills	0:714293de3836	2374	}
ashleymills	0:714293de3836	2375
ashleymills	0:714293de3836	2376	while (length > 0) {
ashleymills	0:714293de3836	2377	DNS_entry* entry;
ashleymills	0:714293de3836	2378	int strLen;
ashleymills	0:714293de3836	2379	byte b = input[idx++];
ashleymills	0:714293de3836	2380
ashleymills	0:714293de3836	2381	length--;
ashleymills	0:714293de3836	2382
ashleymills	0:714293de3836	2383	if (b != (ASN_CONTEXT_SPECIFIC \| ASN_DNS_TYPE)) {
ashleymills	0:714293de3836	2384	CYASSL_MSG("\tNot DNS type");
ashleymills	0:714293de3836	2385	return;
ashleymills	0:714293de3836	2386	}
ashleymills	0:714293de3836	2387
ashleymills	0:714293de3836	2388	if (GetLength(input, &idx, &strLen, sz) < 0) {
ashleymills	0:714293de3836	2389	CYASSL_MSG("\tfail: str length");
ashleymills	0:714293de3836	2390	return;
ashleymills	0:714293de3836	2391	}
ashleymills	0:714293de3836	2392
ashleymills	0:714293de3836	2393	entry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
ashleymills	0:714293de3836	2394	DYNAMIC_TYPE_ALTNAME);
ashleymills	0:714293de3836	2395	if (entry == NULL) {
ashleymills	0:714293de3836	2396	CYASSL_MSG("\tOut of Memory");
ashleymills	0:714293de3836	2397	return;
ashleymills	0:714293de3836	2398	}
ashleymills	0:714293de3836	2399
ashleymills	0:714293de3836	2400	entry->name = (char*)XMALLOC(strLen + 1, cert->heap,
ashleymills	0:714293de3836	2401	DYNAMIC_TYPE_ALTNAME);
ashleymills	0:714293de3836	2402	if (entry->name == NULL) {
ashleymills	0:714293de3836	2403	CYASSL_MSG("\tOut of Memory");
ashleymills	0:714293de3836	2404	XFREE(entry, cert->heap, DYNAMIC_TYPE_ALTNAME);
ashleymills	0:714293de3836	2405	return;
ashleymills	0:714293de3836	2406	}
ashleymills	0:714293de3836	2407
ashleymills	0:714293de3836	2408	XMEMCPY(entry->name, &input[idx], strLen);
ashleymills	0:714293de3836	2409	entry->name[strLen] = '\0';
ashleymills	0:714293de3836	2410
ashleymills	0:714293de3836	2411	entry->next = cert->altNames;
ashleymills	0:714293de3836	2412	cert->altNames = entry;
ashleymills	0:714293de3836	2413
ashleymills	0:714293de3836	2414	length -= strLen;
ashleymills	0:714293de3836	2415	idx += strLen;
ashleymills	0:714293de3836	2416	}
ashleymills	0:714293de3836	2417	}
ashleymills	0:714293de3836	2418
ashleymills	0:714293de3836	2419
ashleymills	0:714293de3836	2420	static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert)
ashleymills	0:714293de3836	2421	{
ashleymills	0:714293de3836	2422	word32 idx = 0;
ashleymills	0:714293de3836	2423	int length = 0;
ashleymills	0:714293de3836	2424
ashleymills	0:714293de3836	2425	CYASSL_ENTER("DecodeBasicCaConstraint");
ashleymills	0:714293de3836	2426	if (GetSequence(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2427
ashleymills	0:714293de3836	2428	if (length == 0) return;
ashleymills	0:714293de3836	2429	/* If the basic ca constraint is false, this extension may be named, but
ashleymills	0:714293de3836	2430	* left empty. So, if the length is 0, just return. */
ashleymills	0:714293de3836	2431
ashleymills	0:714293de3836	2432	if (input[idx++] != ASN_BOOLEAN)
ashleymills	0:714293de3836	2433	{
ashleymills	0:714293de3836	2434	CYASSL_MSG("\tfail: constraint not BOOLEAN");
ashleymills	0:714293de3836	2435	return;
ashleymills	0:714293de3836	2436	}
ashleymills	0:714293de3836	2437
ashleymills	0:714293de3836	2438	if (GetLength(input, &idx, &length, sz) < 0)
ashleymills	0:714293de3836	2439	{
ashleymills	0:714293de3836	2440	CYASSL_MSG("\tfail: length");
ashleymills	0:714293de3836	2441	return;
ashleymills	0:714293de3836	2442	}
ashleymills	0:714293de3836	2443
ashleymills	0:714293de3836	2444	if (input[idx])
ashleymills	0:714293de3836	2445	cert->isCA = 1;
ashleymills	0:714293de3836	2446	}
ashleymills	0:714293de3836	2447
ashleymills	0:714293de3836	2448
ashleymills	0:714293de3836	2449	#define CRLDP_FULL_NAME 0
ashleymills	0:714293de3836	2450	/* From RFC3280 SS4.2.1.14, Distribution Point Name*/
ashleymills	0:714293de3836	2451	#define GENERALNAME_URI 6
ashleymills	0:714293de3836	2452	/* From RFC3280 SS4.2.1.7, GeneralName */
ashleymills	0:714293de3836	2453
ashleymills	0:714293de3836	2454	static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert)
ashleymills	0:714293de3836	2455	{
ashleymills	0:714293de3836	2456	word32 idx = 0;
ashleymills	0:714293de3836	2457	int length = 0;
ashleymills	0:714293de3836	2458
ashleymills	0:714293de3836	2459	CYASSL_ENTER("DecodeCrlDist");
ashleymills	0:714293de3836	2460
ashleymills	0:714293de3836	2461	/* Unwrap the list of Distribution Points*/
ashleymills	0:714293de3836	2462	if (GetSequence(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2463
ashleymills	0:714293de3836	2464	/* Unwrap a single Distribution Point */
ashleymills	0:714293de3836	2465	if (GetSequence(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2466
ashleymills	0:714293de3836	2467	/* The Distribution Point has three explicit optional members
ashleymills	0:714293de3836	2468	* First check for a DistributionPointName
ashleymills	0:714293de3836	2469	*/
ashleymills	0:714293de3836	2470	if (input[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 0))
ashleymills	0:714293de3836	2471	{
ashleymills	0:714293de3836	2472	idx++;
ashleymills	0:714293de3836	2473	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2474
ashleymills	0:714293de3836	2475	if (input[idx] ==
ashleymills	0:714293de3836	2476	(ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| CRLDP_FULL_NAME))
ashleymills	0:714293de3836	2477	{
ashleymills	0:714293de3836	2478	idx++;
ashleymills	0:714293de3836	2479	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2480
ashleymills	0:714293de3836	2481	if (input[idx] == (ASN_CONTEXT_SPECIFIC \| GENERALNAME_URI))
ashleymills	0:714293de3836	2482	{
ashleymills	0:714293de3836	2483	idx++;
ashleymills	0:714293de3836	2484	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2485
ashleymills	0:714293de3836	2486	cert->extCrlInfoSz = length;
ashleymills	0:714293de3836	2487	cert->extCrlInfo = input + idx;
ashleymills	0:714293de3836	2488	idx += length;
ashleymills	0:714293de3836	2489	}
ashleymills	0:714293de3836	2490	else
ashleymills	0:714293de3836	2491	/* This isn't a URI, skip it. */
ashleymills	0:714293de3836	2492	idx += length;
ashleymills	0:714293de3836	2493	}
ashleymills	0:714293de3836	2494	else
ashleymills	0:714293de3836	2495	/* This isn't a FULLNAME, skip it. */
ashleymills	0:714293de3836	2496	idx += length;
ashleymills	0:714293de3836	2497	}
ashleymills	0:714293de3836	2498
ashleymills	0:714293de3836	2499	/* Check for reasonFlags */
ashleymills	0:714293de3836	2500	if (idx < (word32)sz &&
ashleymills	0:714293de3836	2501	input[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 1))
ashleymills	0:714293de3836	2502	{
ashleymills	0:714293de3836	2503	idx++;
ashleymills	0:714293de3836	2504	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2505	idx += length;
ashleymills	0:714293de3836	2506	}
ashleymills	0:714293de3836	2507
ashleymills	0:714293de3836	2508	/* Check for cRLIssuer */
ashleymills	0:714293de3836	2509	if (idx < (word32)sz &&
ashleymills	0:714293de3836	2510	input[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 2))
ashleymills	0:714293de3836	2511	{
ashleymills	0:714293de3836	2512	idx++;
ashleymills	0:714293de3836	2513	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2514	idx += length;
ashleymills	0:714293de3836	2515	}
ashleymills	0:714293de3836	2516
ashleymills	0:714293de3836	2517	if (idx < (word32)sz)
ashleymills	0:714293de3836	2518	{
ashleymills	0:714293de3836	2519	CYASSL_MSG("\tThere are more CRL Distribution Point records, "
ashleymills	0:714293de3836	2520	"but we only use the first one.");
ashleymills	0:714293de3836	2521	}
ashleymills	0:714293de3836	2522
ashleymills	0:714293de3836	2523	return;
ashleymills	0:714293de3836	2524	}
ashleymills	0:714293de3836	2525
ashleymills	0:714293de3836	2526
ashleymills	0:714293de3836	2527	static void DecodeAuthInfo(byte* input, int sz, DecodedCert* cert)
ashleymills	0:714293de3836	2528	/*
ashleymills	0:714293de3836	2529	* Read the first of the Authority Information Access records. If there are
ashleymills	0:714293de3836	2530	* any issues, return without saving the record.
ashleymills	0:714293de3836	2531	*/
ashleymills	0:714293de3836	2532	{
ashleymills	0:714293de3836	2533	word32 idx = 0;
ashleymills	0:714293de3836	2534	int length = 0;
ashleymills	0:714293de3836	2535	word32 oid;
ashleymills	0:714293de3836	2536
ashleymills	0:714293de3836	2537	/* Unwrap the list of AIAs */
ashleymills	0:714293de3836	2538	if (GetSequence(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2539
ashleymills	0:714293de3836	2540	/* Unwrap a single AIA */
ashleymills	0:714293de3836	2541	if (GetSequence(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2542
ashleymills	0:714293de3836	2543	oid = 0;
ashleymills	0:714293de3836	2544	if (GetObjectId(input, &idx, &oid, sz) < 0) return;
ashleymills	0:714293de3836	2545
ashleymills	0:714293de3836	2546	/* Only supporting URIs right now. */
ashleymills	0:714293de3836	2547	if (input[idx] == (ASN_CONTEXT_SPECIFIC \| GENERALNAME_URI))
ashleymills	0:714293de3836	2548	{
ashleymills	0:714293de3836	2549	idx++;
ashleymills	0:714293de3836	2550	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2551
ashleymills	0:714293de3836	2552	cert->extAuthInfoSz = length;
ashleymills	0:714293de3836	2553	cert->extAuthInfo = input + idx;
ashleymills	0:714293de3836	2554	idx += length;
ashleymills	0:714293de3836	2555	}
ashleymills	0:714293de3836	2556	else
ashleymills	0:714293de3836	2557	{
ashleymills	0:714293de3836	2558	/* Skip anything else. */
ashleymills	0:714293de3836	2559	idx++;
ashleymills	0:714293de3836	2560	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2561	idx += length;
ashleymills	0:714293de3836	2562	}
ashleymills	0:714293de3836	2563
ashleymills	0:714293de3836	2564	if (idx < (word32)sz)
ashleymills	0:714293de3836	2565	{
ashleymills	0:714293de3836	2566	CYASSL_MSG("\tThere are more Authority Information Access records, "
ashleymills	0:714293de3836	2567	"but we only use first one.");
ashleymills	0:714293de3836	2568	}
ashleymills	0:714293de3836	2569
ashleymills	0:714293de3836	2570	return;
ashleymills	0:714293de3836	2571	}
ashleymills	0:714293de3836	2572
ashleymills	0:714293de3836	2573
ashleymills	0:714293de3836	2574	static void DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert)
ashleymills	0:714293de3836	2575	{
ashleymills	0:714293de3836	2576	word32 idx = 0;
ashleymills	0:714293de3836	2577	int length = 0;
ashleymills	0:714293de3836	2578
ashleymills	0:714293de3836	2579	CYASSL_ENTER("DecodeAuthKeyId");
ashleymills	0:714293de3836	2580
ashleymills	0:714293de3836	2581	if (GetSequence(input, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	2582	CYASSL_MSG("\tfail: should be a SEQUENCE\n");
ashleymills	0:714293de3836	2583	return;
ashleymills	0:714293de3836	2584	}
ashleymills	0:714293de3836	2585
ashleymills	0:714293de3836	2586	if (input[idx++] != (ASN_CONTEXT_SPECIFIC \| 0)) {
ashleymills	0:714293de3836	2587	CYASSL_MSG("\tfail: wanted OPTIONAL item 0, not available\n");
ashleymills	0:714293de3836	2588	}
ashleymills	0:714293de3836	2589
ashleymills	0:714293de3836	2590	if (GetLength(input, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	2591	CYASSL_MSG("\tfail: extension data length");
ashleymills	0:714293de3836	2592	return;
ashleymills	0:714293de3836	2593	}
ashleymills	0:714293de3836	2594
ashleymills	0:714293de3836	2595	if (length == SHA_SIZE) {
ashleymills	0:714293de3836	2596	XMEMCPY(cert->extAuthKeyId, input + idx, length);
ashleymills	0:714293de3836	2597	}
ashleymills	0:714293de3836	2598	else {
ashleymills	0:714293de3836	2599	Sha sha;
ashleymills	0:714293de3836	2600	InitSha(&sha);
ashleymills	0:714293de3836	2601	ShaUpdate(&sha, input + idx, length);
ashleymills	0:714293de3836	2602	ShaFinal(&sha, cert->extAuthKeyId);
ashleymills	0:714293de3836	2603	}
ashleymills	0:714293de3836	2604	cert->extAuthKeyIdSet = 1;
ashleymills	0:714293de3836	2605
ashleymills	0:714293de3836	2606	return;
ashleymills	0:714293de3836	2607	}
ashleymills	0:714293de3836	2608
ashleymills	0:714293de3836	2609
ashleymills	0:714293de3836	2610	static void DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert)
ashleymills	0:714293de3836	2611	{
ashleymills	0:714293de3836	2612	word32 idx = 0;
ashleymills	0:714293de3836	2613	int length = 0;
ashleymills	0:714293de3836	2614
ashleymills	0:714293de3836	2615	CYASSL_ENTER("DecodeSubjKeyId");
ashleymills	0:714293de3836	2616
ashleymills	0:714293de3836	2617	if (input[idx++] != ASN_OCTET_STRING) {
ashleymills	0:714293de3836	2618	CYASSL_MSG("\tfail: should be an OCTET STRING");
ashleymills	0:714293de3836	2619	return;
ashleymills	0:714293de3836	2620	}
ashleymills	0:714293de3836	2621
ashleymills	0:714293de3836	2622	if (GetLength(input, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	2623	CYASSL_MSG("\tfail: extension data length");
ashleymills	0:714293de3836	2624	return;
ashleymills	0:714293de3836	2625	}
ashleymills	0:714293de3836	2626
ashleymills	0:714293de3836	2627	if (length == SIGNER_DIGEST_SIZE) {
ashleymills	0:714293de3836	2628	XMEMCPY(cert->extSubjKeyId, input + idx, length);
ashleymills	0:714293de3836	2629	}
ashleymills	0:714293de3836	2630	else {
ashleymills	0:714293de3836	2631	Sha sha;
ashleymills	0:714293de3836	2632	InitSha(&sha);
ashleymills	0:714293de3836	2633	ShaUpdate(&sha, input + idx, length);
ashleymills	0:714293de3836	2634	ShaFinal(&sha, cert->extSubjKeyId);
ashleymills	0:714293de3836	2635	}
ashleymills	0:714293de3836	2636	cert->extSubjKeyIdSet = 1;
ashleymills	0:714293de3836	2637
ashleymills	0:714293de3836	2638	return;
ashleymills	0:714293de3836	2639	}
ashleymills	0:714293de3836	2640
ashleymills	0:714293de3836	2641
ashleymills	0:714293de3836	2642	static void DecodeCertExtensions(DecodedCert* cert)
ashleymills	0:714293de3836	2643	/*
ashleymills	0:714293de3836	2644	* Processing the Certificate Extensions. This does not modify the current
ashleymills	0:714293de3836	2645	* index. It is works starting with the recorded extensions pointer.
ashleymills	0:714293de3836	2646	*/
ashleymills	0:714293de3836	2647	{
ashleymills	0:714293de3836	2648	word32 idx = 0;
ashleymills	0:714293de3836	2649	int sz = cert->extensionsSz;
ashleymills	0:714293de3836	2650	byte* input = cert->extensions;
ashleymills	0:714293de3836	2651	int length;
ashleymills	0:714293de3836	2652	word32 oid;
ashleymills	0:714293de3836	2653
ashleymills	0:714293de3836	2654	CYASSL_ENTER("DecodeCertExtensions");
ashleymills	0:714293de3836	2655
ashleymills	0:714293de3836	2656	if (input == NULL \|\| sz == 0) return;
ashleymills	0:714293de3836	2657
ashleymills	0:714293de3836	2658	if (input[idx++] != ASN_EXTENSIONS) return;
ashleymills	0:714293de3836	2659
ashleymills	0:714293de3836	2660	if (GetLength(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2661
ashleymills	0:714293de3836	2662	if (GetSequence(input, &idx, &length, sz) < 0) return;
ashleymills	0:714293de3836	2663
ashleymills	0:714293de3836	2664	while (idx < (word32)sz) {
ashleymills	0:714293de3836	2665	if (GetSequence(input, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	2666	CYASSL_MSG("\tfail: should be a SEQUENCE");
ashleymills	0:714293de3836	2667	return;
ashleymills	0:714293de3836	2668	}
ashleymills	0:714293de3836	2669
ashleymills	0:714293de3836	2670	oid = 0;
ashleymills	0:714293de3836	2671	if (GetObjectId(input, &idx, &oid, sz) < 0) {
ashleymills	0:714293de3836	2672	CYASSL_MSG("\tfail: OBJECT ID");
ashleymills	0:714293de3836	2673	return;
ashleymills	0:714293de3836	2674	}
ashleymills	0:714293de3836	2675
ashleymills	0:714293de3836	2676	/* check for critical flag */
ashleymills	0:714293de3836	2677	if (input[idx] == ASN_BOOLEAN) {
ashleymills	0:714293de3836	2678	CYASSL_MSG("\tfound optional critical flag, moving past");
ashleymills	0:714293de3836	2679	idx += (ASN_BOOL_SIZE + 1);
ashleymills	0:714293de3836	2680	}
ashleymills	0:714293de3836	2681
ashleymills	0:714293de3836	2682	/* process the extension based on the OID */
ashleymills	0:714293de3836	2683	if (input[idx++] != ASN_OCTET_STRING) {
ashleymills	0:714293de3836	2684	CYASSL_MSG("\tfail: should be an OCTET STRING");
ashleymills	0:714293de3836	2685	return;
ashleymills	0:714293de3836	2686	}
ashleymills	0:714293de3836	2687
ashleymills	0:714293de3836	2688	if (GetLength(input, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	2689	CYASSL_MSG("\tfail: extension data length");
ashleymills	0:714293de3836	2690	return;
ashleymills	0:714293de3836	2691	}
ashleymills	0:714293de3836	2692
ashleymills	0:714293de3836	2693	switch (oid) {
ashleymills	0:714293de3836	2694	case BASIC_CA_OID:
ashleymills	0:714293de3836	2695	DecodeBasicCaConstraint(&input[idx], length, cert);
ashleymills	0:714293de3836	2696	break;
ashleymills	0:714293de3836	2697
ashleymills	0:714293de3836	2698	case CRL_DIST_OID:
ashleymills	0:714293de3836	2699	DecodeCrlDist(&input[idx], length, cert);
ashleymills	0:714293de3836	2700	break;
ashleymills	0:714293de3836	2701
ashleymills	0:714293de3836	2702	case AUTH_INFO_OID:
ashleymills	0:714293de3836	2703	DecodeAuthInfo(&input[idx], length, cert);
ashleymills	0:714293de3836	2704	break;
ashleymills	0:714293de3836	2705
ashleymills	0:714293de3836	2706	case ALT_NAMES_OID:
ashleymills	0:714293de3836	2707	DecodeAltNames(&input[idx], length, cert);
ashleymills	0:714293de3836	2708
ashleymills	0:714293de3836	2709	case AUTH_KEY_OID:
ashleymills	0:714293de3836	2710	DecodeAuthKeyId(&input[idx], length, cert);
ashleymills	0:714293de3836	2711	break;
ashleymills	0:714293de3836	2712
ashleymills	0:714293de3836	2713	case SUBJ_KEY_OID:
ashleymills	0:714293de3836	2714	DecodeSubjKeyId(&input[idx], length, cert);
ashleymills	0:714293de3836	2715	break;
ashleymills	0:714293de3836	2716
ashleymills	0:714293de3836	2717	default:
ashleymills	0:714293de3836	2718	CYASSL_MSG("\tExtension type not handled, skipping");
ashleymills	0:714293de3836	2719	break;
ashleymills	0:714293de3836	2720	}
ashleymills	0:714293de3836	2721	idx += length;
ashleymills	0:714293de3836	2722	}
ashleymills	0:714293de3836	2723
ashleymills	0:714293de3836	2724	return;
ashleymills	0:714293de3836	2725	}
ashleymills	0:714293de3836	2726
ashleymills	0:714293de3836	2727
ashleymills	0:714293de3836	2728	int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
ashleymills	0:714293de3836	2729	{
ashleymills	0:714293de3836	2730	int ret;
ashleymills	0:714293de3836	2731	char* ptr;
ashleymills	0:714293de3836	2732
ashleymills	0:714293de3836	2733	ret = ParseCertRelative(cert, type, verify, cm);
ashleymills	0:714293de3836	2734	if (ret < 0)
ashleymills	0:714293de3836	2735	return ret;
ashleymills	0:714293de3836	2736
ashleymills	0:714293de3836	2737	if (cert->subjectCNLen > 0) {
ashleymills	0:714293de3836	2738	ptr = (char*) XMALLOC(cert->subjectCNLen + 1, cert->heap,
ashleymills	0:714293de3836	2739	DYNAMIC_TYPE_SUBJECT_CN);
ashleymills	0:714293de3836	2740	if (ptr == NULL)
ashleymills	0:714293de3836	2741	return MEMORY_E;
ashleymills	0:714293de3836	2742	XMEMCPY(ptr, cert->subjectCN, cert->subjectCNLen);
ashleymills	0:714293de3836	2743	ptr[cert->subjectCNLen] = '\0';
ashleymills	0:714293de3836	2744	cert->subjectCN = ptr;
ashleymills	0:714293de3836	2745	cert->subjectCNStored = 1;
ashleymills	0:714293de3836	2746	}
ashleymills	0:714293de3836	2747
ashleymills	0:714293de3836	2748	if (cert->keyOID == RSAk && cert->pubKeySize > 0) {
ashleymills	0:714293de3836	2749	ptr = (char*) XMALLOC(cert->pubKeySize, cert->heap,
ashleymills	0:714293de3836	2750	DYNAMIC_TYPE_PUBLIC_KEY);
ashleymills	0:714293de3836	2751	if (ptr == NULL)
ashleymills	0:714293de3836	2752	return MEMORY_E;
ashleymills	0:714293de3836	2753	XMEMCPY(ptr, cert->publicKey, cert->pubKeySize);
ashleymills	0:714293de3836	2754	cert->publicKey = (byte *)ptr;
ashleymills	0:714293de3836	2755	cert->pubKeyStored = 1;
ashleymills	0:714293de3836	2756	}
ashleymills	0:714293de3836	2757
ashleymills	0:714293de3836	2758	return ret;
ashleymills	0:714293de3836	2759	}
ashleymills	0:714293de3836	2760
ashleymills	0:714293de3836	2761
ashleymills	0:714293de3836	2762	/* from SSL proper, for locking can't do find here anymore */
ashleymills	0:714293de3836	2763	#ifdef __cplusplus
ashleymills	0:714293de3836	2764	extern "C" {
ashleymills	0:714293de3836	2765	#endif
ashleymills	0:714293de3836	2766	CYASSL_LOCAL Signer* GetCA(void* signers, byte* hash);
ashleymills	0:714293de3836	2767	#ifndef NO_SKID
ashleymills	0:714293de3836	2768	CYASSL_LOCAL Signer* GetCAByName(void* signers, byte* hash);
ashleymills	0:714293de3836	2769	#endif
ashleymills	0:714293de3836	2770	#ifdef __cplusplus
ashleymills	0:714293de3836	2771	}
ashleymills	0:714293de3836	2772	#endif
ashleymills	0:714293de3836	2773
ashleymills	0:714293de3836	2774
ashleymills	0:714293de3836	2775	int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
ashleymills	0:714293de3836	2776	{
ashleymills	0:714293de3836	2777	word32 confirmOID;
ashleymills	0:714293de3836	2778	int ret;
ashleymills	0:714293de3836	2779	int badDate = 0;
ashleymills	0:714293de3836	2780
ashleymills	0:714293de3836	2781	if ((ret = DecodeToKey(cert, verify)) < 0) {
ashleymills	0:714293de3836	2782	if (ret == ASN_BEFORE_DATE_E \|\| ret == ASN_AFTER_DATE_E)
ashleymills	0:714293de3836	2783	badDate = ret;
ashleymills	0:714293de3836	2784	else
ashleymills	0:714293de3836	2785	return ret;
ashleymills	0:714293de3836	2786	}
ashleymills	0:714293de3836	2787
ashleymills	0:714293de3836	2788	if (cert->srcIdx != cert->sigIndex) {
ashleymills	0:714293de3836	2789	if (cert->srcIdx < cert->sigIndex) {
ashleymills	0:714293de3836	2790	/* save extensions */
ashleymills	0:714293de3836	2791	cert->extensions = &cert->source[cert->srcIdx];
ashleymills	0:714293de3836	2792	cert->extensionsSz = cert->sigIndex - cert->srcIdx;
ashleymills	0:714293de3836	2793	cert->extensionsIdx = cert->srcIdx; /* for potential later use */
ashleymills	0:714293de3836	2794	}
ashleymills	0:714293de3836	2795	DecodeCertExtensions(cert);
ashleymills	0:714293de3836	2796	/* advance past extensions */
ashleymills	0:714293de3836	2797	cert->srcIdx = cert->sigIndex;
ashleymills	0:714293de3836	2798	}
ashleymills	0:714293de3836	2799
ashleymills	0:714293de3836	2800	if ((ret = GetAlgoId(cert->source, &cert->srcIdx, &confirmOID,
ashleymills	0:714293de3836	2801	cert->maxIdx)) < 0)
ashleymills	0:714293de3836	2802	return ret;
ashleymills	0:714293de3836	2803
ashleymills	0:714293de3836	2804	if ((ret = GetSignature(cert)) < 0)
ashleymills	0:714293de3836	2805	return ret;
ashleymills	0:714293de3836	2806
ashleymills	0:714293de3836	2807	if (confirmOID != cert->signatureOID)
ashleymills	0:714293de3836	2808	return ASN_SIG_OID_E;
ashleymills	0:714293de3836	2809
ashleymills	0:714293de3836	2810	#ifndef NO_SKID
ashleymills	0:714293de3836	2811	if (cert->extSubjKeyIdSet == 0) {
ashleymills	0:714293de3836	2812	Sha sha;
ashleymills	0:714293de3836	2813	InitSha(&sha);
ashleymills	0:714293de3836	2814	ShaUpdate(&sha, cert->publicKey, cert->pubKeySize);
ashleymills	0:714293de3836	2815	ShaFinal(&sha, cert->extSubjKeyId);
ashleymills	0:714293de3836	2816	cert->extSubjKeyIdSet = 1;
ashleymills	0:714293de3836	2817	}
ashleymills	0:714293de3836	2818	#endif
ashleymills	0:714293de3836	2819
ashleymills	0:714293de3836	2820	if (verify && type != CA_TYPE) {
ashleymills	0:714293de3836	2821	Signer* ca = NULL;
ashleymills	0:714293de3836	2822	#ifndef NO_SKID
ashleymills	0:714293de3836	2823	if (cert->extAuthKeyIdSet)
ashleymills	0:714293de3836	2824	ca = GetCA(cm, cert->extAuthKeyId);
ashleymills	0:714293de3836	2825	if (ca == NULL)
ashleymills	0:714293de3836	2826	ca = GetCAByName(cm, cert->issuerHash);
ashleymills	0:714293de3836	2827	#else /* NO_SKID */
ashleymills	0:714293de3836	2828	ca = GetCA(cm, cert->issuerHash);
ashleymills	0:714293de3836	2829	#endif /* NO SKID */
ashleymills	0:714293de3836	2830	CYASSL_MSG("About to verify certificate signature");
ashleymills	0:714293de3836	2831
ashleymills	0:714293de3836	2832	if (ca) {
ashleymills	0:714293de3836	2833	#ifdef HAVE_OCSP
ashleymills	0:714293de3836	2834	/* Need the ca's public key hash for OCSP */
ashleymills	0:714293de3836	2835	{
ashleymills	0:714293de3836	2836	Sha sha;
ashleymills	0:714293de3836	2837	InitSha(&sha);
ashleymills	0:714293de3836	2838	ShaUpdate(&sha, ca->publicKey, ca->pubKeySize);
ashleymills	0:714293de3836	2839	ShaFinal(&sha, cert->issuerKeyHash);
ashleymills	0:714293de3836	2840	}
ashleymills	0:714293de3836	2841	#endif /* HAVE_OCSP */
ashleymills	0:714293de3836	2842	/* try to confirm/verify signature */
ashleymills	0:714293de3836	2843	if (!ConfirmSignature(cert->source + cert->certBegin,
ashleymills	0:714293de3836	2844	cert->sigIndex - cert->certBegin,
ashleymills	0:714293de3836	2845	ca->publicKey, ca->pubKeySize, ca->keyOID,
ashleymills	0:714293de3836	2846	cert->signature, cert->sigLength, cert->signatureOID,
ashleymills	0:714293de3836	2847	cert->heap)) {
ashleymills	0:714293de3836	2848	CYASSL_MSG("Confirm signature failed");
ashleymills	0:714293de3836	2849	return ASN_SIG_CONFIRM_E;
ashleymills	0:714293de3836	2850	}
ashleymills	0:714293de3836	2851	}
ashleymills	0:714293de3836	2852	else {
ashleymills	0:714293de3836	2853	/* no signer */
ashleymills	0:714293de3836	2854	CYASSL_MSG("No CA signer to verify with");
ashleymills	0:714293de3836	2855	return ASN_NO_SIGNER_E;
ashleymills	0:714293de3836	2856	}
ashleymills	0:714293de3836	2857	}
ashleymills	0:714293de3836	2858
ashleymills	0:714293de3836	2859	if (badDate != 0)
ashleymills	0:714293de3836	2860	return badDate;
ashleymills	0:714293de3836	2861
ashleymills	0:714293de3836	2862	return 0;
ashleymills	0:714293de3836	2863	}
ashleymills	0:714293de3836	2864
ashleymills	0:714293de3836	2865
ashleymills	0:714293de3836	2866	/* Create and init an new signer */
ashleymills	0:714293de3836	2867	Signer* MakeSigner(void* heap)
ashleymills	0:714293de3836	2868	{
ashleymills	0:714293de3836	2869	Signer* signer = (Signer*) XMALLOC(sizeof(Signer), heap,
ashleymills	0:714293de3836	2870	DYNAMIC_TYPE_SIGNER);
ashleymills	0:714293de3836	2871	if (signer) {
ashleymills	0:714293de3836	2872	signer->pubKeySize = 0;
ashleymills	0:714293de3836	2873	signer->keyOID = 0;
ashleymills	0:714293de3836	2874	signer->publicKey = NULL;
ashleymills	0:714293de3836	2875	signer->nameLen = 0;
ashleymills	0:714293de3836	2876	signer->name = NULL;
ashleymills	0:714293de3836	2877	signer->next = NULL;
ashleymills	0:714293de3836	2878	}
ashleymills	0:714293de3836	2879	(void)heap;
ashleymills	0:714293de3836	2880
ashleymills	0:714293de3836	2881	return signer;
ashleymills	0:714293de3836	2882	}
ashleymills	0:714293de3836	2883
ashleymills	0:714293de3836	2884
ashleymills	0:714293de3836	2885	/* Free an individual signer */
ashleymills	0:714293de3836	2886	void FreeSigner(Signer* signer, void* heap)
ashleymills	0:714293de3836	2887	{
ashleymills	0:714293de3836	2888	XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
ashleymills	0:714293de3836	2889	XFREE(signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
ashleymills	0:714293de3836	2890	XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
ashleymills	0:714293de3836	2891
ashleymills	0:714293de3836	2892	(void)heap;
ashleymills	0:714293de3836	2893	}
ashleymills	0:714293de3836	2894
ashleymills	0:714293de3836	2895
ashleymills	0:714293de3836	2896	/* Free the whole singer table with number of rows */
ashleymills	0:714293de3836	2897	void FreeSignerTable(Signer** table, int rows, void* heap)
ashleymills	0:714293de3836	2898	{
ashleymills	0:714293de3836	2899	int i;
ashleymills	0:714293de3836	2900
ashleymills	0:714293de3836	2901	for (i = 0; i < rows; i++) {
ashleymills	0:714293de3836	2902	Signer* signer = table[i];
ashleymills	0:714293de3836	2903	while (signer) {
ashleymills	0:714293de3836	2904	Signer* next = signer->next;
ashleymills	0:714293de3836	2905	FreeSigner(signer, heap);
ashleymills	0:714293de3836	2906	signer = next;
ashleymills	0:714293de3836	2907	}
ashleymills	0:714293de3836	2908	table[i] = NULL;
ashleymills	0:714293de3836	2909	}
ashleymills	0:714293de3836	2910	}
ashleymills	0:714293de3836	2911
ashleymills	0:714293de3836	2912
ashleymills	0:714293de3836	2913	#if defined(CYASSL_KEY_GEN) \|\| defined(CYASSL_CERT_GEN)
ashleymills	0:714293de3836	2914
ashleymills	0:714293de3836	2915	static int SetMyVersion(word32 version, byte* output, int header)
ashleymills	0:714293de3836	2916	{
ashleymills	0:714293de3836	2917	int i = 0;
ashleymills	0:714293de3836	2918
ashleymills	0:714293de3836	2919	if (header) {
ashleymills	0:714293de3836	2920	output[i++] = ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED;
ashleymills	0:714293de3836	2921	output[i++] = ASN_BIT_STRING;
ashleymills	0:714293de3836	2922	}
ashleymills	0:714293de3836	2923	output[i++] = ASN_INTEGER;
ashleymills	0:714293de3836	2924	output[i++] = 0x01;
ashleymills	0:714293de3836	2925	output[i++] = (byte)version;
ashleymills	0:714293de3836	2926
ashleymills	0:714293de3836	2927	return i;
ashleymills	0:714293de3836	2928	}
ashleymills	0:714293de3836	2929
ashleymills	0:714293de3836	2930
ashleymills	0:714293de3836	2931	int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
ashleymills	0:714293de3836	2932	int type)
ashleymills	0:714293de3836	2933	{
ashleymills	0:714293de3836	2934	char header[80];
ashleymills	0:714293de3836	2935	char footer[80];
ashleymills	0:714293de3836	2936
ashleymills	0:714293de3836	2937	int headerLen;
ashleymills	0:714293de3836	2938	int footerLen;
ashleymills	0:714293de3836	2939	int i;
ashleymills	0:714293de3836	2940	int err;
ashleymills	0:714293de3836	2941	int outLen; /* return length or error */
ashleymills	0:714293de3836	2942
ashleymills	0:714293de3836	2943	if (type == CERT_TYPE) {
ashleymills	0:714293de3836	2944	XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", sizeof(header));
ashleymills	0:714293de3836	2945	XSTRNCPY(footer, "-----END CERTIFICATE-----\n", sizeof(footer));
ashleymills	0:714293de3836	2946	}
ashleymills	0:714293de3836	2947	else if (type == PRIVATEKEY_TYPE) {
ashleymills	0:714293de3836	2948	XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", sizeof(header));
ashleymills	0:714293de3836	2949	XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n", sizeof(footer));
ashleymills	0:714293de3836	2950	}
ashleymills	0:714293de3836	2951	#ifdef HAVE_ECC
ashleymills	0:714293de3836	2952	else if (type == ECC_PRIVATEKEY_TYPE) {
ashleymills	0:714293de3836	2953	XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----\n", sizeof(header));
ashleymills	0:714293de3836	2954	XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n", sizeof(footer));
ashleymills	0:714293de3836	2955	}
ashleymills	0:714293de3836	2956	#endif
ashleymills	0:714293de3836	2957	else
ashleymills	0:714293de3836	2958	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	2959
ashleymills	0:714293de3836	2960	headerLen = (int)XSTRLEN(header);
ashleymills	0:714293de3836	2961	footerLen = (int)XSTRLEN(footer);
ashleymills	0:714293de3836	2962
ashleymills	0:714293de3836	2963	if (!der \|\| !output)
ashleymills	0:714293de3836	2964	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	2965
ashleymills	0:714293de3836	2966	/* don't even try if outSz too short */
ashleymills	0:714293de3836	2967	if (outSz < headerLen + footerLen + derSz)
ashleymills	0:714293de3836	2968	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	2969
ashleymills	0:714293de3836	2970	/* header */
ashleymills	0:714293de3836	2971	XMEMCPY(output, header, headerLen);
ashleymills	0:714293de3836	2972	i = headerLen;
ashleymills	0:714293de3836	2973
ashleymills	0:714293de3836	2974	/* body */
ashleymills	0:714293de3836	2975	outLen = outSz - (headerLen + footerLen); /* input to Base64_Encode */
ashleymills	0:714293de3836	2976	if ( (err = Base64_Encode(der, derSz, output + i, (word32*)&outLen)) < 0)
ashleymills	0:714293de3836	2977	return err;
ashleymills	0:714293de3836	2978	i += outLen;
ashleymills	0:714293de3836	2979
ashleymills	0:714293de3836	2980	/* footer */
ashleymills	0:714293de3836	2981	if ( (i + footerLen) > (int)outSz)
ashleymills	0:714293de3836	2982	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	2983	XMEMCPY(output + i, footer, footerLen);
ashleymills	0:714293de3836	2984
ashleymills	0:714293de3836	2985	return outLen + headerLen + footerLen;
ashleymills	0:714293de3836	2986	}
ashleymills	0:714293de3836	2987
ashleymills	0:714293de3836	2988
ashleymills	0:714293de3836	2989	#endif /* CYASSL_KEY_GEN \|\| CYASSL_CERT_GEN */
ashleymills	0:714293de3836	2990
ashleymills	0:714293de3836	2991
ashleymills	0:714293de3836	2992	#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA)
ashleymills	0:714293de3836	2993
ashleymills	0:714293de3836	2994
ashleymills	0:714293de3836	2995	static mp_int* GetRsaInt(RsaKey* key, int idx)
ashleymills	0:714293de3836	2996	{
ashleymills	0:714293de3836	2997	if (idx == 0)
ashleymills	0:714293de3836	2998	return &key->n;
ashleymills	0:714293de3836	2999	if (idx == 1)
ashleymills	0:714293de3836	3000	return &key->e;
ashleymills	0:714293de3836	3001	if (idx == 2)
ashleymills	0:714293de3836	3002	return &key->d;
ashleymills	0:714293de3836	3003	if (idx == 3)
ashleymills	0:714293de3836	3004	return &key->p;
ashleymills	0:714293de3836	3005	if (idx == 4)
ashleymills	0:714293de3836	3006	return &key->q;
ashleymills	0:714293de3836	3007	if (idx == 5)
ashleymills	0:714293de3836	3008	return &key->dP;
ashleymills	0:714293de3836	3009	if (idx == 6)
ashleymills	0:714293de3836	3010	return &key->dQ;
ashleymills	0:714293de3836	3011	if (idx == 7)
ashleymills	0:714293de3836	3012	return &key->u;
ashleymills	0:714293de3836	3013
ashleymills	0:714293de3836	3014	return NULL;
ashleymills	0:714293de3836	3015	}
ashleymills	0:714293de3836	3016
ashleymills	0:714293de3836	3017
ashleymills	0:714293de3836	3018	/* Release Tmp RSA resources */
ashleymills	0:714293de3836	3019	static INLINE void FreeTmpRsas(byte** tmps, void* heap)
ashleymills	0:714293de3836	3020	{
ashleymills	0:714293de3836	3021	int i;
ashleymills	0:714293de3836	3022
ashleymills	0:714293de3836	3023	(void)heap;
ashleymills	0:714293de3836	3024
ashleymills	0:714293de3836	3025	for (i = 0; i < RSA_INTS; i++)
ashleymills	0:714293de3836	3026	XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA);
ashleymills	0:714293de3836	3027	}
ashleymills	0:714293de3836	3028
ashleymills	0:714293de3836	3029
ashleymills	0:714293de3836	3030	/* Convert RsaKey key to DER format, write to output (inLen), return bytes
ashleymills	0:714293de3836	3031	written */
ashleymills	0:714293de3836	3032	int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
ashleymills	0:714293de3836	3033	{
ashleymills	0:714293de3836	3034	word32 seqSz, verSz, rawLen, intTotalLen = 0;
ashleymills	0:714293de3836	3035	word32 sizes[RSA_INTS];
ashleymills	0:714293de3836	3036	int i, j, outLen, ret = 0;
ashleymills	0:714293de3836	3037
ashleymills	0:714293de3836	3038	byte seq[MAX_SEQ_SZ];
ashleymills	0:714293de3836	3039	byte ver[MAX_VERSION_SZ];
ashleymills	0:714293de3836	3040	byte* tmps[RSA_INTS];
ashleymills	0:714293de3836	3041
ashleymills	0:714293de3836	3042	if (!key \|\| !output)
ashleymills	0:714293de3836	3043	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	3044
ashleymills	0:714293de3836	3045	if (key->type != RSA_PRIVATE)
ashleymills	0:714293de3836	3046	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	3047
ashleymills	0:714293de3836	3048	for (i = 0; i < RSA_INTS; i++)
ashleymills	0:714293de3836	3049	tmps[i] = NULL;
ashleymills	0:714293de3836	3050
ashleymills	0:714293de3836	3051	/* write all big ints from key to DER tmps */
ashleymills	0:714293de3836	3052	for (i = 0; i < RSA_INTS; i++) {
ashleymills	0:714293de3836	3053	mp_int* keyInt = GetRsaInt(key, i);
ashleymills	0:714293de3836	3054	rawLen = mp_unsigned_bin_size(keyInt);
ashleymills	0:714293de3836	3055	tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
ashleymills	0:714293de3836	3056	DYNAMIC_TYPE_RSA);
ashleymills	0:714293de3836	3057	if (tmps[i] == NULL) {
ashleymills	0:714293de3836	3058	ret = MEMORY_E;
ashleymills	0:714293de3836	3059	break;
ashleymills	0:714293de3836	3060	}
ashleymills	0:714293de3836	3061
ashleymills	0:714293de3836	3062	tmps[i][0] = ASN_INTEGER;
ashleymills	0:714293de3836	3063	sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
ashleymills	0:714293de3836	3064
ashleymills	0:714293de3836	3065	if (sizes[i] <= MAX_SEQ_SZ) {
ashleymills	0:714293de3836	3066	int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
ashleymills	0:714293de3836	3067	if (err == MP_OKAY) {
ashleymills	0:714293de3836	3068	sizes[i] += rawLen;
ashleymills	0:714293de3836	3069	intTotalLen += sizes[i];
ashleymills	0:714293de3836	3070	}
ashleymills	0:714293de3836	3071	else {
ashleymills	0:714293de3836	3072	ret = err;
ashleymills	0:714293de3836	3073	break;
ashleymills	0:714293de3836	3074	}
ashleymills	0:714293de3836	3075	}
ashleymills	0:714293de3836	3076	else {
ashleymills	0:714293de3836	3077	ret = ASN_INPUT_E;
ashleymills	0:714293de3836	3078	break;
ashleymills	0:714293de3836	3079	}
ashleymills	0:714293de3836	3080	}
ashleymills	0:714293de3836	3081
ashleymills	0:714293de3836	3082	if (ret != 0) {
ashleymills	0:714293de3836	3083	FreeTmpRsas(tmps, key->heap);
ashleymills	0:714293de3836	3084	return ret;
ashleymills	0:714293de3836	3085	}
ashleymills	0:714293de3836	3086
ashleymills	0:714293de3836	3087	/* make headers */
ashleymills	0:714293de3836	3088	verSz = SetMyVersion(0, ver, FALSE);
ashleymills	0:714293de3836	3089	seqSz = SetSequence(verSz + intTotalLen, seq);
ashleymills	0:714293de3836	3090
ashleymills	0:714293de3836	3091	outLen = seqSz + verSz + intTotalLen;
ashleymills	0:714293de3836	3092	if (outLen > (int)inLen)
ashleymills	0:714293de3836	3093	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	3094
ashleymills	0:714293de3836	3095	/* write to output */
ashleymills	0:714293de3836	3096	XMEMCPY(output, seq, seqSz);
ashleymills	0:714293de3836	3097	j = seqSz;
ashleymills	0:714293de3836	3098	XMEMCPY(output + j, ver, verSz);
ashleymills	0:714293de3836	3099	j += verSz;
ashleymills	0:714293de3836	3100
ashleymills	0:714293de3836	3101	for (i = 0; i < RSA_INTS; i++) {
ashleymills	0:714293de3836	3102	XMEMCPY(output + j, tmps[i], sizes[i]);
ashleymills	0:714293de3836	3103	j += sizes[i];
ashleymills	0:714293de3836	3104	}
ashleymills	0:714293de3836	3105	FreeTmpRsas(tmps, key->heap);
ashleymills	0:714293de3836	3106
ashleymills	0:714293de3836	3107	return outLen;
ashleymills	0:714293de3836	3108	}
ashleymills	0:714293de3836	3109
ashleymills	0:714293de3836	3110	#endif /* CYASSL_KEY_GEN && !NO_RSA */
ashleymills	0:714293de3836	3111
ashleymills	0:714293de3836	3112
ashleymills	0:714293de3836	3113	#if defined(CYASSL_CERT_GEN) && !defined(NO_RSA)
ashleymills	0:714293de3836	3114
ashleymills	0:714293de3836	3115
ashleymills	0:714293de3836	3116	#ifndef min
ashleymills	0:714293de3836	3117
ashleymills	0:714293de3836	3118	static INLINE word32 min(word32 a, word32 b)
ashleymills	0:714293de3836	3119	{
ashleymills	0:714293de3836	3120	return a > b ? b : a;
ashleymills	0:714293de3836	3121	}
ashleymills	0:714293de3836	3122
ashleymills	0:714293de3836	3123	#endif /* min */
ashleymills	0:714293de3836	3124
ashleymills	0:714293de3836	3125
ashleymills	0:714293de3836	3126	/* Initialize and Set Certficate defaults:
ashleymills	0:714293de3836	3127	version = 3 (0x2)
ashleymills	0:714293de3836	3128	serial = 0
ashleymills	0:714293de3836	3129	sigType = SHA_WITH_RSA
ashleymills	0:714293de3836	3130	issuer = blank
ashleymills	0:714293de3836	3131	daysValid = 500
ashleymills	0:714293de3836	3132	selfSigned = 1 (true) use subject as issuer
ashleymills	0:714293de3836	3133	subject = blank
ashleymills	0:714293de3836	3134	*/
ashleymills	0:714293de3836	3135	void InitCert(Cert* cert)
ashleymills	0:714293de3836	3136	{
ashleymills	0:714293de3836	3137	cert->version = 2; /* version 3 is hex 2 */
ashleymills	0:714293de3836	3138	cert->sigType = CTC_SHAwRSA;
ashleymills	0:714293de3836	3139	cert->daysValid = 500;
ashleymills	0:714293de3836	3140	cert->selfSigned = 1;
ashleymills	0:714293de3836	3141	cert->isCA = 0;
ashleymills	0:714293de3836	3142	cert->bodySz = 0;
ashleymills	0:714293de3836	3143	#ifdef CYASSL_ALT_NAMES
ashleymills	0:714293de3836	3144	cert->altNamesSz = 0;
ashleymills	0:714293de3836	3145	cert->beforeDateSz = 0;
ashleymills	0:714293de3836	3146	cert->afterDateSz = 0;
ashleymills	0:714293de3836	3147	#endif
ashleymills	0:714293de3836	3148	cert->keyType = RSA_KEY;
ashleymills	0:714293de3836	3149	XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
ashleymills	0:714293de3836	3150
ashleymills	0:714293de3836	3151	cert->issuer.country[0] = '\0';
ashleymills	0:714293de3836	3152	cert->issuer.state[0] = '\0';
ashleymills	0:714293de3836	3153	cert->issuer.locality[0] = '\0';
ashleymills	0:714293de3836	3154	cert->issuer.sur[0] = '\0';
ashleymills	0:714293de3836	3155	cert->issuer.org[0] = '\0';
ashleymills	0:714293de3836	3156	cert->issuer.unit[0] = '\0';
ashleymills	0:714293de3836	3157	cert->issuer.commonName[0] = '\0';
ashleymills	0:714293de3836	3158	cert->issuer.email[0] = '\0';
ashleymills	0:714293de3836	3159
ashleymills	0:714293de3836	3160	cert->subject.country[0] = '\0';
ashleymills	0:714293de3836	3161	cert->subject.state[0] = '\0';
ashleymills	0:714293de3836	3162	cert->subject.locality[0] = '\0';
ashleymills	0:714293de3836	3163	cert->subject.sur[0] = '\0';
ashleymills	0:714293de3836	3164	cert->subject.org[0] = '\0';
ashleymills	0:714293de3836	3165	cert->subject.unit[0] = '\0';
ashleymills	0:714293de3836	3166	cert->subject.commonName[0] = '\0';
ashleymills	0:714293de3836	3167	cert->subject.email[0] = '\0';
ashleymills	0:714293de3836	3168	}
ashleymills	0:714293de3836	3169
ashleymills	0:714293de3836	3170
ashleymills	0:714293de3836	3171	/* DER encoded x509 Certificate */
ashleymills	0:714293de3836	3172	typedef struct DerCert {
ashleymills	0:714293de3836	3173	byte size[MAX_LENGTH_SZ]; /* length encoded */
ashleymills	0:714293de3836	3174	byte version[MAX_VERSION_SZ]; /* version encoded */
ashleymills	0:714293de3836	3175	byte serial[CTC_SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */
ashleymills	0:714293de3836	3176	byte sigAlgo[MAX_ALGO_SZ]; /* signature algo encoded */
ashleymills	0:714293de3836	3177	byte issuer[ASN_NAME_MAX]; /* issuer encoded */
ashleymills	0:714293de3836	3178	byte subject[ASN_NAME_MAX]; /* subject encoded */
ashleymills	0:714293de3836	3179	byte validity[MAX_DATE_SIZE2 + MAX_SEQ_SZ2]; /* before and after dates */
ashleymills	0:714293de3836	3180	byte publicKey[MAX_PUBLIC_KEY_SZ]; /* rsa / ntru public key encoded */
ashleymills	0:714293de3836	3181	byte ca[MAX_CA_SZ]; /* basic constraint CA true size */
ashleymills	0:714293de3836	3182	byte extensions[MAX_EXTENSIONS_SZ]; /* all extensions */
ashleymills	0:714293de3836	3183	int sizeSz; /* encoded size length */
ashleymills	0:714293de3836	3184	int versionSz; /* encoded version length */
ashleymills	0:714293de3836	3185	int serialSz; /* encoded serial length */
ashleymills	0:714293de3836	3186	int sigAlgoSz; /* enocded sig alog length */
ashleymills	0:714293de3836	3187	int issuerSz; /* encoded issuer length */
ashleymills	0:714293de3836	3188	int subjectSz; /* encoded subject length */
ashleymills	0:714293de3836	3189	int validitySz; /* encoded validity length */
ashleymills	0:714293de3836	3190	int publicKeySz; /* encoded public key length */
ashleymills	0:714293de3836	3191	int caSz; /* encoded CA extension length */
ashleymills	0:714293de3836	3192	int extensionsSz; /* encoded extensions total length */
ashleymills	0:714293de3836	3193	int total; /* total encoded lengths */
ashleymills	0:714293de3836	3194	} DerCert;
ashleymills	0:714293de3836	3195
ashleymills	0:714293de3836	3196
ashleymills	0:714293de3836	3197	/* Write a set header to output */
ashleymills	0:714293de3836	3198	static word32 SetSet(word32 len, byte* output)
ashleymills	0:714293de3836	3199	{
ashleymills	0:714293de3836	3200	output[0] = ASN_SET \| ASN_CONSTRUCTED;
ashleymills	0:714293de3836	3201	return SetLength(len, output + 1) + 1;
ashleymills	0:714293de3836	3202	}
ashleymills	0:714293de3836	3203
ashleymills	0:714293de3836	3204
ashleymills	0:714293de3836	3205	/* Write a serial number to output */
ashleymills	0:714293de3836	3206	static int SetSerial(const byte* serial, byte* output)
ashleymills	0:714293de3836	3207	{
ashleymills	0:714293de3836	3208	int length = 0;
ashleymills	0:714293de3836	3209
ashleymills	0:714293de3836	3210	output[length++] = ASN_INTEGER;
ashleymills	0:714293de3836	3211	length += SetLength(CTC_SERIAL_SIZE, &output[length]);
ashleymills	0:714293de3836	3212	XMEMCPY(&output[length], serial, CTC_SERIAL_SIZE);
ashleymills	0:714293de3836	3213
ashleymills	0:714293de3836	3214	return length + CTC_SERIAL_SIZE;
ashleymills	0:714293de3836	3215	}
ashleymills	0:714293de3836	3216
ashleymills	0:714293de3836	3217
ashleymills	0:714293de3836	3218	/* Write a public RSA key to output */
ashleymills	0:714293de3836	3219	static int SetPublicKey(byte* output, RsaKey* key)
ashleymills	0:714293de3836	3220	{
ashleymills	0:714293de3836	3221	byte n[MAX_RSA_INT_SZ];
ashleymills	0:714293de3836	3222	byte e[MAX_RSA_E_SZ];
ashleymills	0:714293de3836	3223	byte algo[MAX_ALGO_SZ];
ashleymills	0:714293de3836	3224	byte seq[MAX_SEQ_SZ];
ashleymills	0:714293de3836	3225	byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */
ashleymills	0:714293de3836	3226	int nSz;
ashleymills	0:714293de3836	3227	int eSz;
ashleymills	0:714293de3836	3228	int algoSz;
ashleymills	0:714293de3836	3229	int seqSz;
ashleymills	0:714293de3836	3230	int lenSz;
ashleymills	0:714293de3836	3231	int idx;
ashleymills	0:714293de3836	3232	int rawLen;
ashleymills	0:714293de3836	3233
ashleymills	0:714293de3836	3234	/* n */
ashleymills	0:714293de3836	3235	rawLen = mp_unsigned_bin_size(&key->n);
ashleymills	0:714293de3836	3236	n[0] = ASN_INTEGER;
ashleymills	0:714293de3836	3237	nSz = SetLength(rawLen, n + 1) + 1; /* int tag */
ashleymills	0:714293de3836	3238
ashleymills	0:714293de3836	3239	if ( (nSz + rawLen) < (int)sizeof(n)) {
ashleymills	0:714293de3836	3240	int err = mp_to_unsigned_bin(&key->n, n + nSz);
ashleymills	0:714293de3836	3241	if (err == MP_OKAY)
ashleymills	0:714293de3836	3242	nSz += rawLen;
ashleymills	0:714293de3836	3243	else
ashleymills	0:714293de3836	3244	return MP_TO_E;
ashleymills	0:714293de3836	3245	}
ashleymills	0:714293de3836	3246	else
ashleymills	0:714293de3836	3247	return BUFFER_E;
ashleymills	0:714293de3836	3248
ashleymills	0:714293de3836	3249	/* e */
ashleymills	0:714293de3836	3250	rawLen = mp_unsigned_bin_size(&key->e);
ashleymills	0:714293de3836	3251	e[0] = ASN_INTEGER;
ashleymills	0:714293de3836	3252	eSz = SetLength(rawLen, e + 1) + 1; /* int tag */
ashleymills	0:714293de3836	3253
ashleymills	0:714293de3836	3254	if ( (eSz + rawLen) < (int)sizeof(e)) {
ashleymills	0:714293de3836	3255	int err = mp_to_unsigned_bin(&key->e, e + eSz);
ashleymills	0:714293de3836	3256	if (err == MP_OKAY)
ashleymills	0:714293de3836	3257	eSz += rawLen;
ashleymills	0:714293de3836	3258	else
ashleymills	0:714293de3836	3259	return MP_TO_E;
ashleymills	0:714293de3836	3260	}
ashleymills	0:714293de3836	3261	else
ashleymills	0:714293de3836	3262	return BUFFER_E;
ashleymills	0:714293de3836	3263
ashleymills	0:714293de3836	3264	/* headers */
ashleymills	0:714293de3836	3265	algoSz = SetAlgoID(RSAk, algo, keyType);
ashleymills	0:714293de3836	3266	seqSz = SetSequence(nSz + eSz, seq);
ashleymills	0:714293de3836	3267	lenSz = SetLength(seqSz + nSz + eSz + 1, len);
ashleymills	0:714293de3836	3268	len[lenSz++] = 0; /* trailing 0 */
ashleymills	0:714293de3836	3269
ashleymills	0:714293de3836	3270	/* write */
ashleymills	0:714293de3836	3271	idx = SetSequence(nSz + eSz + seqSz + lenSz + 1 + algoSz, output);
ashleymills	0:714293de3836	3272	/* 1 is for ASN_BIT_STRING */
ashleymills	0:714293de3836	3273	/* algo */
ashleymills	0:714293de3836	3274	XMEMCPY(output + idx, algo, algoSz);
ashleymills	0:714293de3836	3275	idx += algoSz;
ashleymills	0:714293de3836	3276	/* bit string */
ashleymills	0:714293de3836	3277	output[idx++] = ASN_BIT_STRING;
ashleymills	0:714293de3836	3278	/* length */
ashleymills	0:714293de3836	3279	XMEMCPY(output + idx, len, lenSz);
ashleymills	0:714293de3836	3280	idx += lenSz;
ashleymills	0:714293de3836	3281	/* seq */
ashleymills	0:714293de3836	3282	XMEMCPY(output + idx, seq, seqSz);
ashleymills	0:714293de3836	3283	idx += seqSz;
ashleymills	0:714293de3836	3284	/* n */
ashleymills	0:714293de3836	3285	XMEMCPY(output + idx, n, nSz);
ashleymills	0:714293de3836	3286	idx += nSz;
ashleymills	0:714293de3836	3287	/* e */
ashleymills	0:714293de3836	3288	XMEMCPY(output + idx, e, eSz);
ashleymills	0:714293de3836	3289	idx += eSz;
ashleymills	0:714293de3836	3290
ashleymills	0:714293de3836	3291	return idx;
ashleymills	0:714293de3836	3292	}
ashleymills	0:714293de3836	3293
ashleymills	0:714293de3836	3294
ashleymills	0:714293de3836	3295	static INLINE byte itob(int number)
ashleymills	0:714293de3836	3296	{
ashleymills	0:714293de3836	3297	return (byte)number + 0x30;
ashleymills	0:714293de3836	3298	}
ashleymills	0:714293de3836	3299
ashleymills	0:714293de3836	3300
ashleymills	0:714293de3836	3301	/* write time to output, format */
ashleymills	0:714293de3836	3302	static void SetTime(struct tm* date, byte* output)
ashleymills	0:714293de3836	3303	{
ashleymills	0:714293de3836	3304	int i = 0;
ashleymills	0:714293de3836	3305
ashleymills	0:714293de3836	3306	output[i++] = itob((date->tm_year % 10000) / 1000);
ashleymills	0:714293de3836	3307	output[i++] = itob((date->tm_year % 1000) / 100);
ashleymills	0:714293de3836	3308	output[i++] = itob((date->tm_year % 100) / 10);
ashleymills	0:714293de3836	3309	output[i++] = itob( date->tm_year % 10);
ashleymills	0:714293de3836	3310
ashleymills	0:714293de3836	3311	output[i++] = itob(date->tm_mon / 10);
ashleymills	0:714293de3836	3312	output[i++] = itob(date->tm_mon % 10);
ashleymills	0:714293de3836	3313
ashleymills	0:714293de3836	3314	output[i++] = itob(date->tm_mday / 10);
ashleymills	0:714293de3836	3315	output[i++] = itob(date->tm_mday % 10);
ashleymills	0:714293de3836	3316
ashleymills	0:714293de3836	3317	output[i++] = itob(date->tm_hour / 10);
ashleymills	0:714293de3836	3318	output[i++] = itob(date->tm_hour % 10);
ashleymills	0:714293de3836	3319
ashleymills	0:714293de3836	3320	output[i++] = itob(date->tm_min / 10);
ashleymills	0:714293de3836	3321	output[i++] = itob(date->tm_min % 10);
ashleymills	0:714293de3836	3322
ashleymills	0:714293de3836	3323	output[i++] = itob(date->tm_sec / 10);
ashleymills	0:714293de3836	3324	output[i++] = itob(date->tm_sec % 10);
ashleymills	0:714293de3836	3325
ashleymills	0:714293de3836	3326	output[i] = 'Z'; /* Zulu profile */
ashleymills	0:714293de3836	3327	}
ashleymills	0:714293de3836	3328
ashleymills	0:714293de3836	3329
ashleymills	0:714293de3836	3330	#ifdef CYASSL_ALT_NAMES
ashleymills	0:714293de3836	3331
ashleymills	0:714293de3836	3332	/* Copy Dates from cert, return bytes written */
ashleymills	0:714293de3836	3333	static int CopyValidity(byte* output, Cert* cert)
ashleymills	0:714293de3836	3334	{
ashleymills	0:714293de3836	3335	int seqSz;
ashleymills	0:714293de3836	3336
ashleymills	0:714293de3836	3337	CYASSL_ENTER("CopyValidity");
ashleymills	0:714293de3836	3338
ashleymills	0:714293de3836	3339	/* headers and output */
ashleymills	0:714293de3836	3340	seqSz = SetSequence(cert->beforeDateSz + cert->afterDateSz, output);
ashleymills	0:714293de3836	3341	XMEMCPY(output + seqSz, cert->beforeDate, cert->beforeDateSz);
ashleymills	0:714293de3836	3342	XMEMCPY(output + seqSz + cert->beforeDateSz, cert->afterDate,
ashleymills	0:714293de3836	3343	cert->afterDateSz);
ashleymills	0:714293de3836	3344	return seqSz + cert->beforeDateSz + cert->afterDateSz;
ashleymills	0:714293de3836	3345	}
ashleymills	0:714293de3836	3346
ashleymills	0:714293de3836	3347	#endif
ashleymills	0:714293de3836	3348
ashleymills	0:714293de3836	3349
ashleymills	0:714293de3836	3350	/* Set Date validity from now until now + daysValid */
ashleymills	0:714293de3836	3351	static int SetValidity(byte* output, int daysValid)
ashleymills	0:714293de3836	3352	{
ashleymills	0:714293de3836	3353	byte before[MAX_DATE_SIZE];
ashleymills	0:714293de3836	3354	byte after[MAX_DATE_SIZE];
ashleymills	0:714293de3836	3355
ashleymills	0:714293de3836	3356	int beforeSz;
ashleymills	0:714293de3836	3357	int afterSz;
ashleymills	0:714293de3836	3358	int seqSz;
ashleymills	0:714293de3836	3359
ashleymills	0:714293de3836	3360	time_t ticks;
ashleymills	0:714293de3836	3361	struct tm* now;
ashleymills	0:714293de3836	3362	struct tm local;
ashleymills	0:714293de3836	3363
ashleymills	0:714293de3836	3364	ticks = XTIME(0);
ashleymills	0:714293de3836	3365	now = XGMTIME(&ticks);
ashleymills	0:714293de3836	3366
ashleymills	0:714293de3836	3367	/* before now */
ashleymills	0:714293de3836	3368	local = *now;
ashleymills	0:714293de3836	3369	before[0] = ASN_GENERALIZED_TIME;
ashleymills	0:714293de3836	3370	beforeSz = SetLength(ASN_GEN_TIME_SZ, before + 1) + 1; /* gen tag */
ashleymills	0:714293de3836	3371
ashleymills	0:714293de3836	3372	/* subtract 1 day for more compliance */
ashleymills	0:714293de3836	3373	local.tm_mday -= 1;
ashleymills	0:714293de3836	3374	mktime(&local);
ashleymills	0:714293de3836	3375
ashleymills	0:714293de3836	3376	/* adjust */
ashleymills	0:714293de3836	3377	local.tm_year += 1900;
ashleymills	0:714293de3836	3378	local.tm_mon += 1;
ashleymills	0:714293de3836	3379
ashleymills	0:714293de3836	3380	SetTime(&local, before + beforeSz);
ashleymills	0:714293de3836	3381	beforeSz += ASN_GEN_TIME_SZ;
ashleymills	0:714293de3836	3382
ashleymills	0:714293de3836	3383	/* after now + daysValid */
ashleymills	0:714293de3836	3384	local = *now;
ashleymills	0:714293de3836	3385	after[0] = ASN_GENERALIZED_TIME;
ashleymills	0:714293de3836	3386	afterSz = SetLength(ASN_GEN_TIME_SZ, after + 1) + 1; /* gen tag */
ashleymills	0:714293de3836	3387
ashleymills	0:714293de3836	3388	/* add daysValid */
ashleymills	0:714293de3836	3389	local.tm_mday += daysValid;
ashleymills	0:714293de3836	3390	mktime(&local);
ashleymills	0:714293de3836	3391
ashleymills	0:714293de3836	3392	/* adjust */
ashleymills	0:714293de3836	3393	local.tm_year += 1900;
ashleymills	0:714293de3836	3394	local.tm_mon += 1;
ashleymills	0:714293de3836	3395
ashleymills	0:714293de3836	3396	SetTime(&local, after + afterSz);
ashleymills	0:714293de3836	3397	afterSz += ASN_GEN_TIME_SZ;
ashleymills	0:714293de3836	3398
ashleymills	0:714293de3836	3399	/* headers and output */
ashleymills	0:714293de3836	3400	seqSz = SetSequence(beforeSz + afterSz, output);
ashleymills	0:714293de3836	3401	XMEMCPY(output + seqSz, before, beforeSz);
ashleymills	0:714293de3836	3402	XMEMCPY(output + seqSz + beforeSz, after, afterSz);
ashleymills	0:714293de3836	3403
ashleymills	0:714293de3836	3404	return seqSz + beforeSz + afterSz;
ashleymills	0:714293de3836	3405	}
ashleymills	0:714293de3836	3406
ashleymills	0:714293de3836	3407
ashleymills	0:714293de3836	3408	/* ASN Encoded Name field */
ashleymills	0:714293de3836	3409	typedef struct EncodedName {
ashleymills	0:714293de3836	3410	int nameLen; /* actual string value length */
ashleymills	0:714293de3836	3411	int totalLen; /* total encoded length */
ashleymills	0:714293de3836	3412	int type; /* type of name */
ashleymills	0:714293de3836	3413	int used; /* are we actually using this one */
ashleymills	0:714293de3836	3414	byte encoded[CTC_NAME_SIZE * 2]; /* encoding */
ashleymills	0:714293de3836	3415	} EncodedName;
ashleymills	0:714293de3836	3416
ashleymills	0:714293de3836	3417
ashleymills	0:714293de3836	3418	/* Get Which Name from index */
ashleymills	0:714293de3836	3419	static const char* GetOneName(CertName* name, int idx)
ashleymills	0:714293de3836	3420	{
ashleymills	0:714293de3836	3421	switch (idx) {
ashleymills	0:714293de3836	3422	case 0:
ashleymills	0:714293de3836	3423	return name->country;
ashleymills	0:714293de3836	3424
ashleymills	0:714293de3836	3425	case 1:
ashleymills	0:714293de3836	3426	return name->state;
ashleymills	0:714293de3836	3427
ashleymills	0:714293de3836	3428	case 2:
ashleymills	0:714293de3836	3429	return name->locality;
ashleymills	0:714293de3836	3430
ashleymills	0:714293de3836	3431	case 3:
ashleymills	0:714293de3836	3432	return name->sur;
ashleymills	0:714293de3836	3433
ashleymills	0:714293de3836	3434	case 4:
ashleymills	0:714293de3836	3435	return name->org;
ashleymills	0:714293de3836	3436
ashleymills	0:714293de3836	3437	case 5:
ashleymills	0:714293de3836	3438	return name->unit;
ashleymills	0:714293de3836	3439
ashleymills	0:714293de3836	3440	case 6:
ashleymills	0:714293de3836	3441	return name->commonName;
ashleymills	0:714293de3836	3442
ashleymills	0:714293de3836	3443	case 7:
ashleymills	0:714293de3836	3444	return name->email;
ashleymills	0:714293de3836	3445
ashleymills	0:714293de3836	3446	default:
ashleymills	0:714293de3836	3447	return 0;
ashleymills	0:714293de3836	3448	}
ashleymills	0:714293de3836	3449	}
ashleymills	0:714293de3836	3450
ashleymills	0:714293de3836	3451
ashleymills	0:714293de3836	3452	/* Get ASN Name from index */
ashleymills	0:714293de3836	3453	static byte GetNameId(int idx)
ashleymills	0:714293de3836	3454	{
ashleymills	0:714293de3836	3455	switch (idx) {
ashleymills	0:714293de3836	3456	case 0:
ashleymills	0:714293de3836	3457	return ASN_COUNTRY_NAME;
ashleymills	0:714293de3836	3458
ashleymills	0:714293de3836	3459	case 1:
ashleymills	0:714293de3836	3460	return ASN_STATE_NAME;
ashleymills	0:714293de3836	3461
ashleymills	0:714293de3836	3462	case 2:
ashleymills	0:714293de3836	3463	return ASN_LOCALITY_NAME;
ashleymills	0:714293de3836	3464
ashleymills	0:714293de3836	3465	case 3:
ashleymills	0:714293de3836	3466	return ASN_SUR_NAME;
ashleymills	0:714293de3836	3467
ashleymills	0:714293de3836	3468	case 4:
ashleymills	0:714293de3836	3469	return ASN_ORG_NAME;
ashleymills	0:714293de3836	3470
ashleymills	0:714293de3836	3471	case 5:
ashleymills	0:714293de3836	3472	return ASN_ORGUNIT_NAME;
ashleymills	0:714293de3836	3473
ashleymills	0:714293de3836	3474	case 6:
ashleymills	0:714293de3836	3475	return ASN_COMMON_NAME;
ashleymills	0:714293de3836	3476
ashleymills	0:714293de3836	3477	case 7:
ashleymills	0:714293de3836	3478	/* email uses different id type */
ashleymills	0:714293de3836	3479	return 0;
ashleymills	0:714293de3836	3480
ashleymills	0:714293de3836	3481	default:
ashleymills	0:714293de3836	3482	return 0;
ashleymills	0:714293de3836	3483	}
ashleymills	0:714293de3836	3484	}
ashleymills	0:714293de3836	3485
ashleymills	0:714293de3836	3486
ashleymills	0:714293de3836	3487	/* encode all extensions, return total bytes written */
ashleymills	0:714293de3836	3488	static int SetExtensions(byte* output, const byte* ext, int extSz)
ashleymills	0:714293de3836	3489	{
ashleymills	0:714293de3836	3490	byte sequence[MAX_SEQ_SZ];
ashleymills	0:714293de3836	3491	byte len[MAX_LENGTH_SZ];
ashleymills	0:714293de3836	3492
ashleymills	0:714293de3836	3493	int sz = 0;
ashleymills	0:714293de3836	3494	int seqSz = SetSequence(extSz, sequence);
ashleymills	0:714293de3836	3495	int lenSz = SetLength(seqSz + extSz, len);
ashleymills	0:714293de3836	3496
ashleymills	0:714293de3836	3497	output[0] = ASN_EXTENSIONS; /* extensions id */
ashleymills	0:714293de3836	3498	sz++;
ashleymills	0:714293de3836	3499	XMEMCPY(&output[sz], len, lenSz); /* length */
ashleymills	0:714293de3836	3500	sz += lenSz;
ashleymills	0:714293de3836	3501	XMEMCPY(&output[sz], sequence, seqSz); /* sequence */
ashleymills	0:714293de3836	3502	sz += seqSz;
ashleymills	0:714293de3836	3503	XMEMCPY(&output[sz], ext, extSz); /* extensions */
ashleymills	0:714293de3836	3504	sz += extSz;
ashleymills	0:714293de3836	3505
ashleymills	0:714293de3836	3506	return sz;
ashleymills	0:714293de3836	3507	}
ashleymills	0:714293de3836	3508
ashleymills	0:714293de3836	3509
ashleymills	0:714293de3836	3510	/* encode CA basic constraint true, return total bytes written */
ashleymills	0:714293de3836	3511	static int SetCa(byte* output)
ashleymills	0:714293de3836	3512	{
ashleymills	0:714293de3836	3513	static const byte ca[] = { 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,
ashleymills	0:714293de3836	3514	0x05, 0x30, 0x03, 0x01, 0x01, 0xff };
ashleymills	0:714293de3836	3515
ashleymills	0:714293de3836	3516	XMEMCPY(output, ca, sizeof(ca));
ashleymills	0:714293de3836	3517
ashleymills	0:714293de3836	3518	return (int)sizeof(ca);
ashleymills	0:714293de3836	3519	}
ashleymills	0:714293de3836	3520
ashleymills	0:714293de3836	3521
ashleymills	0:714293de3836	3522	/* encode CertName into output, return total bytes written */
ashleymills	0:714293de3836	3523	static int SetName(byte* output, CertName* name)
ashleymills	0:714293de3836	3524	{
ashleymills	0:714293de3836	3525	int totalBytes = 0, i, idx;
ashleymills	0:714293de3836	3526	EncodedName names[NAME_ENTRIES];
ashleymills	0:714293de3836	3527
ashleymills	0:714293de3836	3528	for (i = 0; i < NAME_ENTRIES; i++) {
ashleymills	0:714293de3836	3529	const char* nameStr = GetOneName(name, i);
ashleymills	0:714293de3836	3530	if (nameStr) {
ashleymills	0:714293de3836	3531	/* bottom up */
ashleymills	0:714293de3836	3532	byte firstLen[MAX_LENGTH_SZ];
ashleymills	0:714293de3836	3533	byte secondLen[MAX_LENGTH_SZ];
ashleymills	0:714293de3836	3534	byte sequence[MAX_SEQ_SZ];
ashleymills	0:714293de3836	3535	byte set[MAX_SET_SZ];
ashleymills	0:714293de3836	3536
ashleymills	0:714293de3836	3537	int email = i == (NAME_ENTRIES - 1) ? 1 : 0;
ashleymills	0:714293de3836	3538	int strLen = (int)XSTRLEN(nameStr);
ashleymills	0:714293de3836	3539	int thisLen = strLen;
ashleymills	0:714293de3836	3540	int firstSz, secondSz, seqSz, setSz;
ashleymills	0:714293de3836	3541
ashleymills	0:714293de3836	3542	if (strLen == 0) { /* no user data for this item */
ashleymills	0:714293de3836	3543	names[i].used = 0;
ashleymills	0:714293de3836	3544	continue;
ashleymills	0:714293de3836	3545	}
ashleymills	0:714293de3836	3546
ashleymills	0:714293de3836	3547	secondSz = SetLength(strLen, secondLen);
ashleymills	0:714293de3836	3548	thisLen += secondSz;
ashleymills	0:714293de3836	3549	if (email) {
ashleymills	0:714293de3836	3550	thisLen += EMAIL_JOINT_LEN;
ashleymills	0:714293de3836	3551	thisLen ++; /* id type */
ashleymills	0:714293de3836	3552	firstSz = SetLength(EMAIL_JOINT_LEN, firstLen);
ashleymills	0:714293de3836	3553	}
ashleymills	0:714293de3836	3554	else {
ashleymills	0:714293de3836	3555	thisLen++; /* str type */
ashleymills	0:714293de3836	3556	thisLen++; /* id type */
ashleymills	0:714293de3836	3557	thisLen += JOINT_LEN;
ashleymills	0:714293de3836	3558	firstSz = SetLength(JOINT_LEN + 1, firstLen);
ashleymills	0:714293de3836	3559	}
ashleymills	0:714293de3836	3560	thisLen += firstSz;
ashleymills	0:714293de3836	3561	thisLen++; /* object id */
ashleymills	0:714293de3836	3562
ashleymills	0:714293de3836	3563	seqSz = SetSequence(thisLen, sequence);
ashleymills	0:714293de3836	3564	thisLen += seqSz;
ashleymills	0:714293de3836	3565	setSz = SetSet(thisLen, set);
ashleymills	0:714293de3836	3566	thisLen += setSz;
ashleymills	0:714293de3836	3567
ashleymills	0:714293de3836	3568	if (thisLen > (int)sizeof(names[i].encoded))
ashleymills	0:714293de3836	3569	return BUFFER_E;
ashleymills	0:714293de3836	3570
ashleymills	0:714293de3836	3571	/* store it */
ashleymills	0:714293de3836	3572	idx = 0;
ashleymills	0:714293de3836	3573	/* set */
ashleymills	0:714293de3836	3574	XMEMCPY(names[i].encoded, set, setSz);
ashleymills	0:714293de3836	3575	idx += setSz;
ashleymills	0:714293de3836	3576	/* seq */
ashleymills	0:714293de3836	3577	XMEMCPY(names[i].encoded + idx, sequence, seqSz);
ashleymills	0:714293de3836	3578	idx += seqSz;
ashleymills	0:714293de3836	3579	/* asn object id */
ashleymills	0:714293de3836	3580	names[i].encoded[idx++] = ASN_OBJECT_ID;
ashleymills	0:714293de3836	3581	/* first length */
ashleymills	0:714293de3836	3582	XMEMCPY(names[i].encoded + idx, firstLen, firstSz);
ashleymills	0:714293de3836	3583	idx += firstSz;
ashleymills	0:714293de3836	3584	if (email) {
ashleymills	0:714293de3836	3585	const byte EMAIL_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
ashleymills	0:714293de3836	3586	0x01, 0x09, 0x01, 0x16 };
ashleymills	0:714293de3836	3587	/* email joint id */
ashleymills	0:714293de3836	3588	XMEMCPY(names[i].encoded + idx, EMAIL_OID, sizeof(EMAIL_OID));
ashleymills	0:714293de3836	3589	idx += (int)sizeof(EMAIL_OID);
ashleymills	0:714293de3836	3590	}
ashleymills	0:714293de3836	3591	else {
ashleymills	0:714293de3836	3592	/* joint id */
ashleymills	0:714293de3836	3593	names[i].encoded[idx++] = 0x55;
ashleymills	0:714293de3836	3594	names[i].encoded[idx++] = 0x04;
ashleymills	0:714293de3836	3595	/* id type */
ashleymills	0:714293de3836	3596	names[i].encoded[idx++] = GetNameId(i);
ashleymills	0:714293de3836	3597	/* str type */
ashleymills	0:714293de3836	3598	names[i].encoded[idx++] = 0x13;
ashleymills	0:714293de3836	3599	}
ashleymills	0:714293de3836	3600	/* second length */
ashleymills	0:714293de3836	3601	XMEMCPY(names[i].encoded + idx, secondLen, secondSz);
ashleymills	0:714293de3836	3602	idx += secondSz;
ashleymills	0:714293de3836	3603	/* str value */
ashleymills	0:714293de3836	3604	XMEMCPY(names[i].encoded + idx, nameStr, strLen);
ashleymills	0:714293de3836	3605	idx += strLen;
ashleymills	0:714293de3836	3606
ashleymills	0:714293de3836	3607	totalBytes += idx;
ashleymills	0:714293de3836	3608	names[i].totalLen = idx;
ashleymills	0:714293de3836	3609	names[i].used = 1;
ashleymills	0:714293de3836	3610	}
ashleymills	0:714293de3836	3611	else
ashleymills	0:714293de3836	3612	names[i].used = 0;
ashleymills	0:714293de3836	3613	}
ashleymills	0:714293de3836	3614
ashleymills	0:714293de3836	3615	/* header */
ashleymills	0:714293de3836	3616	idx = SetSequence(totalBytes, output);
ashleymills	0:714293de3836	3617	totalBytes += idx;
ashleymills	0:714293de3836	3618	if (totalBytes > ASN_NAME_MAX)
ashleymills	0:714293de3836	3619	return BUFFER_E;
ashleymills	0:714293de3836	3620
ashleymills	0:714293de3836	3621	for (i = 0; i < NAME_ENTRIES; i++) {
ashleymills	0:714293de3836	3622	if (names[i].used) {
ashleymills	0:714293de3836	3623	XMEMCPY(output + idx, names[i].encoded, names[i].totalLen);
ashleymills	0:714293de3836	3624	idx += names[i].totalLen;
ashleymills	0:714293de3836	3625	}
ashleymills	0:714293de3836	3626	}
ashleymills	0:714293de3836	3627	return totalBytes;
ashleymills	0:714293de3836	3628	}
ashleymills	0:714293de3836	3629
ashleymills	0:714293de3836	3630	/* encode info from cert into DER enocder format */
ashleymills	0:714293de3836	3631	static int EncodeCert(
ashleymills	0:714293de3836	3632	Cert* cert,
ashleymills	0:714293de3836	3633	DerCert* der,
ashleymills	0:714293de3836	3634	RsaKey* rsaKey,
ashleymills	0:714293de3836	3635	RNG* rng,
ashleymills	0:714293de3836	3636	const byte* ntruKey,
ashleymills	0:714293de3836	3637	word16 ntruSz)
ashleymills	0:714293de3836	3638	{
ashleymills	0:714293de3836	3639	(void)ntruKey;
ashleymills	0:714293de3836	3640	(void)ntruSz;
ashleymills	0:714293de3836	3641
ashleymills	0:714293de3836	3642	/* init */
ashleymills	0:714293de3836	3643	XMEMSET(der, 0, sizeof(DerCert));
ashleymills	0:714293de3836	3644
ashleymills	0:714293de3836	3645	/* version */
ashleymills	0:714293de3836	3646	der->versionSz = SetMyVersion(cert->version, der->version, TRUE);
ashleymills	0:714293de3836	3647
ashleymills	0:714293de3836	3648	/* serial number */
ashleymills	0:714293de3836	3649	RNG_GenerateBlock(rng, cert->serial, CTC_SERIAL_SIZE);
ashleymills	0:714293de3836	3650	cert->serial[0] = 0x01; /* ensure positive */
ashleymills	0:714293de3836	3651	der->serialSz = SetSerial(cert->serial, der->serial);
ashleymills	0:714293de3836	3652
ashleymills	0:714293de3836	3653	/* signature algo */
ashleymills	0:714293de3836	3654	der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType);
ashleymills	0:714293de3836	3655	if (der->sigAlgoSz == 0)
ashleymills	0:714293de3836	3656	return ALGO_ID_E;
ashleymills	0:714293de3836	3657
ashleymills	0:714293de3836	3658	/* public key */
ashleymills	0:714293de3836	3659	if (cert->keyType == RSA_KEY) {
ashleymills	0:714293de3836	3660	der->publicKeySz = SetPublicKey(der->publicKey, rsaKey);
ashleymills	0:714293de3836	3661	if (der->publicKeySz == 0)
ashleymills	0:714293de3836	3662	return PUBLIC_KEY_E;
ashleymills	0:714293de3836	3663	}
ashleymills	0:714293de3836	3664	else {
ashleymills	0:714293de3836	3665	#ifdef HAVE_NTRU
ashleymills	0:714293de3836	3666	word32 rc;
ashleymills	0:714293de3836	3667	word16 encodedSz;
ashleymills	0:714293de3836	3668
ashleymills	0:714293de3836	3669	rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ashleymills	0:714293de3836	3670	ntruKey, &encodedSz, NULL);
ashleymills	0:714293de3836	3671	if (rc != NTRU_OK)
ashleymills	0:714293de3836	3672	return PUBLIC_KEY_E;
ashleymills	0:714293de3836	3673	if (encodedSz > MAX_PUBLIC_KEY_SZ)
ashleymills	0:714293de3836	3674	return PUBLIC_KEY_E;
ashleymills	0:714293de3836	3675
ashleymills	0:714293de3836	3676	rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
ashleymills	0:714293de3836	3677	ntruKey, &encodedSz, der->publicKey);
ashleymills	0:714293de3836	3678	if (rc != NTRU_OK)
ashleymills	0:714293de3836	3679	return PUBLIC_KEY_E;
ashleymills	0:714293de3836	3680
ashleymills	0:714293de3836	3681	der->publicKeySz = encodedSz;
ashleymills	0:714293de3836	3682	#endif
ashleymills	0:714293de3836	3683	}
ashleymills	0:714293de3836	3684
ashleymills	0:714293de3836	3685	der->validitySz = 0;
ashleymills	0:714293de3836	3686	#ifdef CYASSL_ALT_NAMES
ashleymills	0:714293de3836	3687	/* date validity copy ? */
ashleymills	0:714293de3836	3688	if (cert->beforeDateSz && cert->afterDateSz) {
ashleymills	0:714293de3836	3689	der->validitySz = CopyValidity(der->validity, cert);
ashleymills	0:714293de3836	3690	if (der->validitySz == 0)
ashleymills	0:714293de3836	3691	return DATE_E;
ashleymills	0:714293de3836	3692	}
ashleymills	0:714293de3836	3693	#endif
ashleymills	0:714293de3836	3694
ashleymills	0:714293de3836	3695	/* date validity */
ashleymills	0:714293de3836	3696	if (der->validitySz == 0) {
ashleymills	0:714293de3836	3697	der->validitySz = SetValidity(der->validity, cert->daysValid);
ashleymills	0:714293de3836	3698	if (der->validitySz == 0)
ashleymills	0:714293de3836	3699	return DATE_E;
ashleymills	0:714293de3836	3700	}
ashleymills	0:714293de3836	3701
ashleymills	0:714293de3836	3702	/* subject name */
ashleymills	0:714293de3836	3703	der->subjectSz = SetName(der->subject, &cert->subject);
ashleymills	0:714293de3836	3704	if (der->subjectSz == 0)
ashleymills	0:714293de3836	3705	return SUBJECT_E;
ashleymills	0:714293de3836	3706
ashleymills	0:714293de3836	3707	/* issuer name */
ashleymills	0:714293de3836	3708	der->issuerSz = SetName(der->issuer, cert->selfSigned ?
ashleymills	0:714293de3836	3709	&cert->subject : &cert->issuer);
ashleymills	0:714293de3836	3710	if (der->issuerSz == 0)
ashleymills	0:714293de3836	3711	return ISSUER_E;
ashleymills	0:714293de3836	3712
ashleymills	0:714293de3836	3713	/* CA */
ashleymills	0:714293de3836	3714	if (cert->isCA) {
ashleymills	0:714293de3836	3715	der->caSz = SetCa(der->ca);
ashleymills	0:714293de3836	3716	if (der->caSz == 0)
ashleymills	0:714293de3836	3717	return CA_TRUE_E;
ashleymills	0:714293de3836	3718	}
ashleymills	0:714293de3836	3719	else
ashleymills	0:714293de3836	3720	der->caSz = 0;
ashleymills	0:714293de3836	3721
ashleymills	0:714293de3836	3722	/* extensions, just CA now */
ashleymills	0:714293de3836	3723	if (cert->isCA) {
ashleymills	0:714293de3836	3724	der->extensionsSz = SetExtensions(der->extensions, der->ca, der->caSz);
ashleymills	0:714293de3836	3725	if (der->extensionsSz == 0)
ashleymills	0:714293de3836	3726	return EXTENSIONS_E;
ashleymills	0:714293de3836	3727	}
ashleymills	0:714293de3836	3728	else
ashleymills	0:714293de3836	3729	der->extensionsSz = 0;
ashleymills	0:714293de3836	3730
ashleymills	0:714293de3836	3731	#ifdef CYASSL_ALT_NAMES
ashleymills	0:714293de3836	3732	if (der->extensionsSz == 0 && cert->altNamesSz) {
ashleymills	0:714293de3836	3733	der->extensionsSz = SetExtensions(der->extensions, cert->altNames,
ashleymills	0:714293de3836	3734	cert->altNamesSz);
ashleymills	0:714293de3836	3735	if (der->extensionsSz == 0)
ashleymills	0:714293de3836	3736	return EXTENSIONS_E;
ashleymills	0:714293de3836	3737	}
ashleymills	0:714293de3836	3738	#endif
ashleymills	0:714293de3836	3739
ashleymills	0:714293de3836	3740	der->total = der->versionSz + der->serialSz + der->sigAlgoSz +
ashleymills	0:714293de3836	3741	der->publicKeySz + der->validitySz + der->subjectSz + der->issuerSz +
ashleymills	0:714293de3836	3742	der->extensionsSz;
ashleymills	0:714293de3836	3743
ashleymills	0:714293de3836	3744	return 0;
ashleymills	0:714293de3836	3745	}
ashleymills	0:714293de3836	3746
ashleymills	0:714293de3836	3747
ashleymills	0:714293de3836	3748	/* write DER encoded cert to buffer, size already checked */
ashleymills	0:714293de3836	3749	static int WriteCertBody(DerCert* der, byte* buffer)
ashleymills	0:714293de3836	3750	{
ashleymills	0:714293de3836	3751	int idx;
ashleymills	0:714293de3836	3752
ashleymills	0:714293de3836	3753	/* signed part header */
ashleymills	0:714293de3836	3754	idx = SetSequence(der->total, buffer);
ashleymills	0:714293de3836	3755	/* version */
ashleymills	0:714293de3836	3756	XMEMCPY(buffer + idx, der->version, der->versionSz);
ashleymills	0:714293de3836	3757	idx += der->versionSz;
ashleymills	0:714293de3836	3758	/* serial */
ashleymills	0:714293de3836	3759	XMEMCPY(buffer + idx, der->serial, der->serialSz);
ashleymills	0:714293de3836	3760	idx += der->serialSz;
ashleymills	0:714293de3836	3761	/* sig algo */
ashleymills	0:714293de3836	3762	XMEMCPY(buffer + idx, der->sigAlgo, der->sigAlgoSz);
ashleymills	0:714293de3836	3763	idx += der->sigAlgoSz;
ashleymills	0:714293de3836	3764	/* issuer */
ashleymills	0:714293de3836	3765	XMEMCPY(buffer + idx, der->issuer, der->issuerSz);
ashleymills	0:714293de3836	3766	idx += der->issuerSz;
ashleymills	0:714293de3836	3767	/* validity */
ashleymills	0:714293de3836	3768	XMEMCPY(buffer + idx, der->validity, der->validitySz);
ashleymills	0:714293de3836	3769	idx += der->validitySz;
ashleymills	0:714293de3836	3770	/* subject */
ashleymills	0:714293de3836	3771	XMEMCPY(buffer + idx, der->subject, der->subjectSz);
ashleymills	0:714293de3836	3772	idx += der->subjectSz;
ashleymills	0:714293de3836	3773	/* public key */
ashleymills	0:714293de3836	3774	XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz);
ashleymills	0:714293de3836	3775	idx += der->publicKeySz;
ashleymills	0:714293de3836	3776	if (der->extensionsSz) {
ashleymills	0:714293de3836	3777	/* extensions */
ashleymills	0:714293de3836	3778	XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
ashleymills	0:714293de3836	3779	sizeof(der->extensions)));
ashleymills	0:714293de3836	3780	idx += der->extensionsSz;
ashleymills	0:714293de3836	3781	}
ashleymills	0:714293de3836	3782
ashleymills	0:714293de3836	3783	return idx;
ashleymills	0:714293de3836	3784	}
ashleymills	0:714293de3836	3785
ashleymills	0:714293de3836	3786
ashleymills	0:714293de3836	3787	/* Make RSA signature from buffer (sz), write to sig (sigSz) */
ashleymills	0:714293de3836	3788	static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
ashleymills	0:714293de3836	3789	RsaKey* key, RNG* rng, int sigAlgoType)
ashleymills	0:714293de3836	3790	{
ashleymills	0:714293de3836	3791	byte digest[SHA256_DIGEST_SIZE]; /* max size */
ashleymills	0:714293de3836	3792	byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ];
ashleymills	0:714293de3836	3793	int encSigSz, digestSz, typeH;
ashleymills	0:714293de3836	3794
ashleymills	0:714293de3836	3795	if (sigAlgoType == CTC_MD5wRSA) {
ashleymills	0:714293de3836	3796	Md5 md5;
ashleymills	0:714293de3836	3797	InitMd5(&md5);
ashleymills	0:714293de3836	3798	Md5Update(&md5, buffer, sz);
ashleymills	0:714293de3836	3799	Md5Final(&md5, digest);
ashleymills	0:714293de3836	3800	digestSz = MD5_DIGEST_SIZE;
ashleymills	0:714293de3836	3801	typeH = MD5h;
ashleymills	0:714293de3836	3802	}
ashleymills	0:714293de3836	3803	else if (sigAlgoType == CTC_SHAwRSA) {
ashleymills	0:714293de3836	3804	Sha sha;
ashleymills	0:714293de3836	3805	InitSha(&sha);
ashleymills	0:714293de3836	3806	ShaUpdate(&sha, buffer, sz);
ashleymills	0:714293de3836	3807	ShaFinal(&sha, digest);
ashleymills	0:714293de3836	3808	digestSz = SHA_DIGEST_SIZE;
ashleymills	0:714293de3836	3809	typeH = SHAh;
ashleymills	0:714293de3836	3810	}
ashleymills	0:714293de3836	3811	else if (sigAlgoType == CTC_SHA256wRSA) {
ashleymills	0:714293de3836	3812	Sha256 sha256;
ashleymills	0:714293de3836	3813	InitSha256(&sha256);
ashleymills	0:714293de3836	3814	Sha256Update(&sha256, buffer, sz);
ashleymills	0:714293de3836	3815	Sha256Final(&sha256, digest);
ashleymills	0:714293de3836	3816	digestSz = SHA256_DIGEST_SIZE;
ashleymills	0:714293de3836	3817	typeH = SHA256h;
ashleymills	0:714293de3836	3818	}
ashleymills	0:714293de3836	3819	else
ashleymills	0:714293de3836	3820	return ALGO_ID_E;
ashleymills	0:714293de3836	3821
ashleymills	0:714293de3836	3822	/* signature */
ashleymills	0:714293de3836	3823	encSigSz = EncodeSignature(encSig, digest, digestSz, typeH);
ashleymills	0:714293de3836	3824	return RsaSSL_Sign(encSig, encSigSz, sig, sigSz, key, rng);
ashleymills	0:714293de3836	3825	}
ashleymills	0:714293de3836	3826
ashleymills	0:714293de3836	3827
ashleymills	0:714293de3836	3828	/* add signature to end of buffer, size of buffer assumed checked, return
ashleymills	0:714293de3836	3829	new length */
ashleymills	0:714293de3836	3830	static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz,
ashleymills	0:714293de3836	3831	int sigAlgoType)
ashleymills	0:714293de3836	3832	{
ashleymills	0:714293de3836	3833	byte seq[MAX_SEQ_SZ];
ashleymills	0:714293de3836	3834	int idx = bodySz, seqSz;
ashleymills	0:714293de3836	3835
ashleymills	0:714293de3836	3836	/* algo */
ashleymills	0:714293de3836	3837	idx += SetAlgoID(sigAlgoType, buffer + idx, sigType);
ashleymills	0:714293de3836	3838	/* bit string */
ashleymills	0:714293de3836	3839	buffer[idx++] = ASN_BIT_STRING;
ashleymills	0:714293de3836	3840	/* length */
ashleymills	0:714293de3836	3841	idx += SetLength(sigSz + 1, buffer + idx);
ashleymills	0:714293de3836	3842	buffer[idx++] = 0; /* trailing 0 */
ashleymills	0:714293de3836	3843	/* signature */
ashleymills	0:714293de3836	3844	XMEMCPY(buffer + idx, sig, sigSz);
ashleymills	0:714293de3836	3845	idx += sigSz;
ashleymills	0:714293de3836	3846
ashleymills	0:714293de3836	3847	/* make room for overall header */
ashleymills	0:714293de3836	3848	seqSz = SetSequence(idx, seq);
ashleymills	0:714293de3836	3849	XMEMMOVE(buffer + seqSz, buffer, idx);
ashleymills	0:714293de3836	3850	XMEMCPY(buffer, seq, seqSz);
ashleymills	0:714293de3836	3851
ashleymills	0:714293de3836	3852	return idx + seqSz;
ashleymills	0:714293de3836	3853	}
ashleymills	0:714293de3836	3854
ashleymills	0:714293de3836	3855
ashleymills	0:714293de3836	3856	/* Make an x509 Certificate v3 any key type from cert input, write to buffer */
ashleymills	0:714293de3836	3857	static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
ashleymills	0:714293de3836	3858	RsaKey* rsaKey, RNG* rng, const byte* ntruKey, word16 ntruSz)
ashleymills	0:714293de3836	3859	{
ashleymills	0:714293de3836	3860	DerCert der;
ashleymills	0:714293de3836	3861	int ret;
ashleymills	0:714293de3836	3862
ashleymills	0:714293de3836	3863	cert->keyType = rsaKey ? RSA_KEY : NTRU_KEY;
ashleymills	0:714293de3836	3864	ret = EncodeCert(cert, &der, rsaKey, rng, ntruKey, ntruSz);
ashleymills	0:714293de3836	3865	if (ret != 0)
ashleymills	0:714293de3836	3866	return ret;
ashleymills	0:714293de3836	3867
ashleymills	0:714293de3836	3868	if (der.total + MAX_SEQ_SZ * 2 > (int)derSz)
ashleymills	0:714293de3836	3869	return BUFFER_E;
ashleymills	0:714293de3836	3870
ashleymills	0:714293de3836	3871	return cert->bodySz = WriteCertBody(&der, derBuffer);
ashleymills	0:714293de3836	3872	}
ashleymills	0:714293de3836	3873
ashleymills	0:714293de3836	3874
ashleymills	0:714293de3836	3875	/* Make an x509 Certificate v3 RSA from cert input, write to buffer */
ashleymills	0:714293de3836	3876	int MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,RNG* rng)
ashleymills	0:714293de3836	3877	{
ashleymills	0:714293de3836	3878	return MakeAnyCert(cert, derBuffer, derSz, rsaKey, rng, NULL, 0);
ashleymills	0:714293de3836	3879	}
ashleymills	0:714293de3836	3880
ashleymills	0:714293de3836	3881
ashleymills	0:714293de3836	3882	#ifdef HAVE_NTRU
ashleymills	0:714293de3836	3883
ashleymills	0:714293de3836	3884	int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz,
ashleymills	0:714293de3836	3885	const byte* ntruKey, word16 keySz, RNG* rng)
ashleymills	0:714293de3836	3886	{
ashleymills	0:714293de3836	3887	return MakeAnyCert(cert, derBuffer, derSz, NULL, rng, ntruKey, keySz);
ashleymills	0:714293de3836	3888	}
ashleymills	0:714293de3836	3889
ashleymills	0:714293de3836	3890	#endif /* HAVE_NTRU */
ashleymills	0:714293de3836	3891
ashleymills	0:714293de3836	3892
ashleymills	0:714293de3836	3893	int SignCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng)
ashleymills	0:714293de3836	3894	{
ashleymills	0:714293de3836	3895	byte sig[MAX_ENCODED_SIG_SZ];
ashleymills	0:714293de3836	3896	int sigSz;
ashleymills	0:714293de3836	3897	int bodySz = cert->bodySz;
ashleymills	0:714293de3836	3898
ashleymills	0:714293de3836	3899	if (bodySz < 0)
ashleymills	0:714293de3836	3900	return bodySz;
ashleymills	0:714293de3836	3901
ashleymills	0:714293de3836	3902	sigSz = MakeSignature(buffer, bodySz, sig, sizeof(sig), key, rng,
ashleymills	0:714293de3836	3903	cert->sigType);
ashleymills	0:714293de3836	3904	if (sigSz < 0)
ashleymills	0:714293de3836	3905	return sigSz;
ashleymills	0:714293de3836	3906
ashleymills	0:714293de3836	3907	if (bodySz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz)
ashleymills	0:714293de3836	3908	return BUFFER_E;
ashleymills	0:714293de3836	3909
ashleymills	0:714293de3836	3910	return AddSignature(buffer, bodySz, sig, sigSz, cert->sigType);
ashleymills	0:714293de3836	3911	}
ashleymills	0:714293de3836	3912
ashleymills	0:714293de3836	3913
ashleymills	0:714293de3836	3914	int MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng)
ashleymills	0:714293de3836	3915	{
ashleymills	0:714293de3836	3916	int ret = MakeCert(cert, buffer, buffSz, key, rng);
ashleymills	0:714293de3836	3917
ashleymills	0:714293de3836	3918	if (ret < 0)
ashleymills	0:714293de3836	3919	return ret;
ashleymills	0:714293de3836	3920
ashleymills	0:714293de3836	3921	return SignCert(cert, buffer, buffSz, key, rng);
ashleymills	0:714293de3836	3922	}
ashleymills	0:714293de3836	3923
ashleymills	0:714293de3836	3924
ashleymills	0:714293de3836	3925	#ifdef CYASSL_ALT_NAMES
ashleymills	0:714293de3836	3926
ashleymills	0:714293de3836	3927	/* Set Alt Names from der cert, return 0 on success */
ashleymills	0:714293de3836	3928	static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
ashleymills	0:714293de3836	3929	{
ashleymills	0:714293de3836	3930	DecodedCert decoded;
ashleymills	0:714293de3836	3931	int ret;
ashleymills	0:714293de3836	3932
ashleymills	0:714293de3836	3933	if (derSz < 0)
ashleymills	0:714293de3836	3934	return derSz;
ashleymills	0:714293de3836	3935
ashleymills	0:714293de3836	3936	InitDecodedCert(&decoded, (byte*)der, derSz, 0);
ashleymills	0:714293de3836	3937	ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0);
ashleymills	0:714293de3836	3938
ashleymills	0:714293de3836	3939	if (ret < 0) {
ashleymills	0:714293de3836	3940	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	3941	return ret;
ashleymills	0:714293de3836	3942	}
ashleymills	0:714293de3836	3943
ashleymills	0:714293de3836	3944	if (decoded.extensions) {
ashleymills	0:714293de3836	3945	byte b;
ashleymills	0:714293de3836	3946	int length;
ashleymills	0:714293de3836	3947	word32 maxExtensionsIdx;
ashleymills	0:714293de3836	3948
ashleymills	0:714293de3836	3949	decoded.srcIdx = decoded.extensionsIdx;
ashleymills	0:714293de3836	3950	b = decoded.source[decoded.srcIdx++];
ashleymills	0:714293de3836	3951	if (b != ASN_EXTENSIONS) {
ashleymills	0:714293de3836	3952	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	3953	return ASN_PARSE_E;
ashleymills	0:714293de3836	3954	}
ashleymills	0:714293de3836	3955
ashleymills	0:714293de3836	3956	if (GetLength(decoded.source, &decoded.srcIdx, &length,
ashleymills	0:714293de3836	3957	decoded.maxIdx) < 0) {
ashleymills	0:714293de3836	3958	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	3959	return ASN_PARSE_E;
ashleymills	0:714293de3836	3960	}
ashleymills	0:714293de3836	3961
ashleymills	0:714293de3836	3962	if (GetSequence(decoded.source, &decoded.srcIdx, &length,
ashleymills	0:714293de3836	3963	decoded.maxIdx) < 0) {
ashleymills	0:714293de3836	3964	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	3965	return ASN_PARSE_E;
ashleymills	0:714293de3836	3966	}
ashleymills	0:714293de3836	3967
ashleymills	0:714293de3836	3968	maxExtensionsIdx = decoded.srcIdx + length;
ashleymills	0:714293de3836	3969
ashleymills	0:714293de3836	3970	while (decoded.srcIdx < maxExtensionsIdx) {
ashleymills	0:714293de3836	3971	word32 oid;
ashleymills	0:714293de3836	3972	word32 startIdx = decoded.srcIdx;
ashleymills	0:714293de3836	3973	word32 tmpIdx;
ashleymills	0:714293de3836	3974
ashleymills	0:714293de3836	3975	if (GetSequence(decoded.source, &decoded.srcIdx, &length,
ashleymills	0:714293de3836	3976	decoded.maxIdx) < 0) {
ashleymills	0:714293de3836	3977	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	3978	return ASN_PARSE_E;
ashleymills	0:714293de3836	3979	}
ashleymills	0:714293de3836	3980
ashleymills	0:714293de3836	3981	tmpIdx = decoded.srcIdx;
ashleymills	0:714293de3836	3982	decoded.srcIdx = startIdx;
ashleymills	0:714293de3836	3983
ashleymills	0:714293de3836	3984	if (GetAlgoId(decoded.source, &decoded.srcIdx, &oid,
ashleymills	0:714293de3836	3985	decoded.maxIdx) < 0) {
ashleymills	0:714293de3836	3986	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	3987	return ASN_PARSE_E;
ashleymills	0:714293de3836	3988	}
ashleymills	0:714293de3836	3989
ashleymills	0:714293de3836	3990	if (oid == ALT_NAMES_OID) {
ashleymills	0:714293de3836	3991	cert->altNamesSz = length + (tmpIdx - startIdx);
ashleymills	0:714293de3836	3992
ashleymills	0:714293de3836	3993	if (cert->altNamesSz < (int)sizeof(cert->altNames))
ashleymills	0:714293de3836	3994	XMEMCPY(cert->altNames, &decoded.source[startIdx],
ashleymills	0:714293de3836	3995	cert->altNamesSz);
ashleymills	0:714293de3836	3996	else {
ashleymills	0:714293de3836	3997	cert->altNamesSz = 0;
ashleymills	0:714293de3836	3998	CYASSL_MSG("AltNames extensions too big");
ashleymills	0:714293de3836	3999	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	4000	return ALT_NAME_E;
ashleymills	0:714293de3836	4001	}
ashleymills	0:714293de3836	4002	}
ashleymills	0:714293de3836	4003	decoded.srcIdx = tmpIdx + length;
ashleymills	0:714293de3836	4004	}
ashleymills	0:714293de3836	4005	}
ashleymills	0:714293de3836	4006	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	4007
ashleymills	0:714293de3836	4008	return 0;
ashleymills	0:714293de3836	4009	}
ashleymills	0:714293de3836	4010
ashleymills	0:714293de3836	4011
ashleymills	0:714293de3836	4012	/* Set Dates from der cert, return 0 on success */
ashleymills	0:714293de3836	4013	static int SetDatesFromCert(Cert* cert, const byte* der, int derSz)
ashleymills	0:714293de3836	4014	{
ashleymills	0:714293de3836	4015	DecodedCert decoded;
ashleymills	0:714293de3836	4016	int ret;
ashleymills	0:714293de3836	4017
ashleymills	0:714293de3836	4018	CYASSL_ENTER("SetDatesFromCert");
ashleymills	0:714293de3836	4019	if (derSz < 0)
ashleymills	0:714293de3836	4020	return derSz;
ashleymills	0:714293de3836	4021
ashleymills	0:714293de3836	4022	InitDecodedCert(&decoded, (byte*)der, derSz, 0);
ashleymills	0:714293de3836	4023	ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0);
ashleymills	0:714293de3836	4024
ashleymills	0:714293de3836	4025	if (ret < 0) {
ashleymills	0:714293de3836	4026	CYASSL_MSG("ParseCertRelative error");
ashleymills	0:714293de3836	4027	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	4028	return ret;
ashleymills	0:714293de3836	4029	}
ashleymills	0:714293de3836	4030
ashleymills	0:714293de3836	4031	if (decoded.beforeDate == NULL \|\| decoded.afterDate == NULL) {
ashleymills	0:714293de3836	4032	CYASSL_MSG("Couldn't extract dates");
ashleymills	0:714293de3836	4033	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	4034	return -1;
ashleymills	0:714293de3836	4035	}
ashleymills	0:714293de3836	4036
ashleymills	0:714293de3836	4037	if (decoded.beforeDateLen > MAX_DATE_SIZE \|\| decoded.afterDateLen >
ashleymills	0:714293de3836	4038	MAX_DATE_SIZE) {
ashleymills	0:714293de3836	4039	CYASSL_MSG("Bad date size");
ashleymills	0:714293de3836	4040	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	4041	return -1;
ashleymills	0:714293de3836	4042	}
ashleymills	0:714293de3836	4043
ashleymills	0:714293de3836	4044	XMEMCPY(cert->beforeDate, decoded.beforeDate, decoded.beforeDateLen);
ashleymills	0:714293de3836	4045	XMEMCPY(cert->afterDate, decoded.afterDate, decoded.afterDateLen);
ashleymills	0:714293de3836	4046
ashleymills	0:714293de3836	4047	cert->beforeDateSz = decoded.beforeDateLen;
ashleymills	0:714293de3836	4048	cert->afterDateSz = decoded.afterDateLen;
ashleymills	0:714293de3836	4049
ashleymills	0:714293de3836	4050	return 0;
ashleymills	0:714293de3836	4051	}
ashleymills	0:714293de3836	4052
ashleymills	0:714293de3836	4053
ashleymills	0:714293de3836	4054	#endif /* CYASSL_ALT_NAMES && !NO_RSA */
ashleymills	0:714293de3836	4055
ashleymills	0:714293de3836	4056
ashleymills	0:714293de3836	4057	/* Set cn name from der buffer, return 0 on success */
ashleymills	0:714293de3836	4058	static int SetNameFromCert(CertName* cn, const byte* der, int derSz)
ashleymills	0:714293de3836	4059	{
ashleymills	0:714293de3836	4060	DecodedCert decoded;
ashleymills	0:714293de3836	4061	int ret;
ashleymills	0:714293de3836	4062	int sz;
ashleymills	0:714293de3836	4063
ashleymills	0:714293de3836	4064	if (derSz < 0)
ashleymills	0:714293de3836	4065	return derSz;
ashleymills	0:714293de3836	4066
ashleymills	0:714293de3836	4067	InitDecodedCert(&decoded, (byte*)der, derSz, 0);
ashleymills	0:714293de3836	4068	ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0);
ashleymills	0:714293de3836	4069
ashleymills	0:714293de3836	4070	if (ret < 0)
ashleymills	0:714293de3836	4071	return ret;
ashleymills	0:714293de3836	4072
ashleymills	0:714293de3836	4073	if (decoded.subjectCN) {
ashleymills	0:714293de3836	4074	sz = (decoded.subjectCNLen < CTC_NAME_SIZE) ? decoded.subjectCNLen :
ashleymills	0:714293de3836	4075	CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4076	strncpy(cn->commonName, decoded.subjectCN, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4077	cn->commonName[sz] = 0;
ashleymills	0:714293de3836	4078	}
ashleymills	0:714293de3836	4079	if (decoded.subjectC) {
ashleymills	0:714293de3836	4080	sz = (decoded.subjectCLen < CTC_NAME_SIZE) ? decoded.subjectCLen :
ashleymills	0:714293de3836	4081	CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4082	strncpy(cn->country, decoded.subjectC, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4083	cn->country[sz] = 0;
ashleymills	0:714293de3836	4084	}
ashleymills	0:714293de3836	4085	if (decoded.subjectST) {
ashleymills	0:714293de3836	4086	sz = (decoded.subjectSTLen < CTC_NAME_SIZE) ? decoded.subjectSTLen :
ashleymills	0:714293de3836	4087	CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4088	strncpy(cn->state, decoded.subjectST, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4089	cn->state[sz] = 0;
ashleymills	0:714293de3836	4090	}
ashleymills	0:714293de3836	4091	if (decoded.subjectL) {
ashleymills	0:714293de3836	4092	sz = (decoded.subjectLLen < CTC_NAME_SIZE) ? decoded.subjectLLen :
ashleymills	0:714293de3836	4093	CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4094	strncpy(cn->locality, decoded.subjectL, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4095	cn->locality[sz] = 0;
ashleymills	0:714293de3836	4096	}
ashleymills	0:714293de3836	4097	if (decoded.subjectO) {
ashleymills	0:714293de3836	4098	sz = (decoded.subjectOLen < CTC_NAME_SIZE) ? decoded.subjectOLen :
ashleymills	0:714293de3836	4099	CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4100	strncpy(cn->org, decoded.subjectO, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4101	cn->org[sz] = 0;
ashleymills	0:714293de3836	4102	}
ashleymills	0:714293de3836	4103	if (decoded.subjectOU) {
ashleymills	0:714293de3836	4104	sz = (decoded.subjectOULen < CTC_NAME_SIZE) ? decoded.subjectOULen :
ashleymills	0:714293de3836	4105	CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4106	strncpy(cn->unit, decoded.subjectOU, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4107	cn->unit[sz] = 0;
ashleymills	0:714293de3836	4108	}
ashleymills	0:714293de3836	4109	if (decoded.subjectSN) {
ashleymills	0:714293de3836	4110	sz = (decoded.subjectSNLen < CTC_NAME_SIZE) ? decoded.subjectSNLen :
ashleymills	0:714293de3836	4111	CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4112	strncpy(cn->sur, decoded.subjectSN, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4113	cn->sur[sz] = 0;
ashleymills	0:714293de3836	4114	}
ashleymills	0:714293de3836	4115	if (decoded.subjectEmail) {
ashleymills	0:714293de3836	4116	sz = (decoded.subjectEmailLen < CTC_NAME_SIZE) ?
ashleymills	0:714293de3836	4117	decoded.subjectEmailLen : CTC_NAME_SIZE - 1;
ashleymills	0:714293de3836	4118	strncpy(cn->email, decoded.subjectEmail, CTC_NAME_SIZE);
ashleymills	0:714293de3836	4119	cn->email[sz] = 0;
ashleymills	0:714293de3836	4120	}
ashleymills	0:714293de3836	4121
ashleymills	0:714293de3836	4122	FreeDecodedCert(&decoded);
ashleymills	0:714293de3836	4123
ashleymills	0:714293de3836	4124	return 0;
ashleymills	0:714293de3836	4125	}
ashleymills	0:714293de3836	4126
ashleymills	0:714293de3836	4127
ashleymills	0:714293de3836	4128	#ifndef NO_FILESYSTEM
ashleymills	0:714293de3836	4129
ashleymills	0:714293de3836	4130	/* forward from CyaSSL */
ashleymills	0:714293de3836	4131	int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz);
ashleymills	0:714293de3836	4132
ashleymills	0:714293de3836	4133	/* Set cert issuer from issuerFile in PEM */
ashleymills	0:714293de3836	4134	int SetIssuer(Cert* cert, const char* issuerFile)
ashleymills	0:714293de3836	4135	{
ashleymills	0:714293de3836	4136	int ret;
ashleymills	0:714293de3836	4137	int derSz;
ashleymills	0:714293de3836	4138	byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
ashleymills	0:714293de3836	4139
ashleymills	0:714293de3836	4140	if (der == NULL) {
ashleymills	0:714293de3836	4141	CYASSL_MSG("SetIssuer OOF Problem");
ashleymills	0:714293de3836	4142	return MEMORY_E;
ashleymills	0:714293de3836	4143	}
ashleymills	0:714293de3836	4144	derSz = CyaSSL_PemCertToDer(issuerFile, der, EIGHTK_BUF);
ashleymills	0:714293de3836	4145	cert->selfSigned = 0;
ashleymills	0:714293de3836	4146	ret = SetNameFromCert(&cert->issuer, der, derSz);
ashleymills	0:714293de3836	4147	XFREE(der, NULL, DYNAMIC_TYPE_CERT);
ashleymills	0:714293de3836	4148
ashleymills	0:714293de3836	4149	return ret;
ashleymills	0:714293de3836	4150	}
ashleymills	0:714293de3836	4151
ashleymills	0:714293de3836	4152
ashleymills	0:714293de3836	4153	/* Set cert subject from subjectFile in PEM */
ashleymills	0:714293de3836	4154	int SetSubject(Cert* cert, const char* subjectFile)
ashleymills	0:714293de3836	4155	{
ashleymills	0:714293de3836	4156	int ret;
ashleymills	0:714293de3836	4157	int derSz;
ashleymills	0:714293de3836	4158	byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
ashleymills	0:714293de3836	4159
ashleymills	0:714293de3836	4160	if (der == NULL) {
ashleymills	0:714293de3836	4161	CYASSL_MSG("SetSubject OOF Problem");
ashleymills	0:714293de3836	4162	return MEMORY_E;
ashleymills	0:714293de3836	4163	}
ashleymills	0:714293de3836	4164	derSz = CyaSSL_PemCertToDer(subjectFile, der, EIGHTK_BUF);
ashleymills	0:714293de3836	4165	ret = SetNameFromCert(&cert->subject, der, derSz);
ashleymills	0:714293de3836	4166	XFREE(der, NULL, DYNAMIC_TYPE_CERT);
ashleymills	0:714293de3836	4167
ashleymills	0:714293de3836	4168	return ret;
ashleymills	0:714293de3836	4169	}
ashleymills	0:714293de3836	4170
ashleymills	0:714293de3836	4171
ashleymills	0:714293de3836	4172	#ifdef CYASSL_ALT_NAMES
ashleymills	0:714293de3836	4173
ashleymills	0:714293de3836	4174	/* Set atl names from file in PEM */
ashleymills	0:714293de3836	4175	int SetAltNames(Cert* cert, const char* file)
ashleymills	0:714293de3836	4176	{
ashleymills	0:714293de3836	4177	int ret;
ashleymills	0:714293de3836	4178	int derSz;
ashleymills	0:714293de3836	4179	byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
ashleymills	0:714293de3836	4180
ashleymills	0:714293de3836	4181	if (der == NULL) {
ashleymills	0:714293de3836	4182	CYASSL_MSG("SetAltNames OOF Problem");
ashleymills	0:714293de3836	4183	return MEMORY_E;
ashleymills	0:714293de3836	4184	}
ashleymills	0:714293de3836	4185	derSz = CyaSSL_PemCertToDer(file, der, EIGHTK_BUF);
ashleymills	0:714293de3836	4186	ret = SetAltNamesFromCert(cert, der, derSz);
ashleymills	0:714293de3836	4187	XFREE(der, NULL, DYNAMIC_TYPE_CERT);
ashleymills	0:714293de3836	4188
ashleymills	0:714293de3836	4189	return ret;
ashleymills	0:714293de3836	4190	}
ashleymills	0:714293de3836	4191
ashleymills	0:714293de3836	4192	#endif /* CYASSL_ALT_NAMES */
ashleymills	0:714293de3836	4193
ashleymills	0:714293de3836	4194	#endif /* NO_FILESYSTEM */
ashleymills	0:714293de3836	4195
ashleymills	0:714293de3836	4196	/* Set cert issuer from DER buffer */
ashleymills	0:714293de3836	4197	int SetIssuerBuffer(Cert* cert, const byte* der, int derSz)
ashleymills	0:714293de3836	4198	{
ashleymills	0:714293de3836	4199	cert->selfSigned = 0;
ashleymills	0:714293de3836	4200	return SetNameFromCert(&cert->issuer, der, derSz);
ashleymills	0:714293de3836	4201	}
ashleymills	0:714293de3836	4202
ashleymills	0:714293de3836	4203
ashleymills	0:714293de3836	4204	/* Set cert subject from DER buffer */
ashleymills	0:714293de3836	4205	int SetSubjectBuffer(Cert* cert, const byte* der, int derSz)
ashleymills	0:714293de3836	4206	{
ashleymills	0:714293de3836	4207	return SetNameFromCert(&cert->subject, der, derSz);
ashleymills	0:714293de3836	4208	}
ashleymills	0:714293de3836	4209
ashleymills	0:714293de3836	4210
ashleymills	0:714293de3836	4211	#ifdef CYASSL_ALT_NAMES
ashleymills	0:714293de3836	4212
ashleymills	0:714293de3836	4213	/* Set cert alt names from DER buffer */
ashleymills	0:714293de3836	4214	int SetAltNamesBuffer(Cert* cert, const byte* der, int derSz)
ashleymills	0:714293de3836	4215	{
ashleymills	0:714293de3836	4216	return SetAltNamesFromCert(cert, der, derSz);
ashleymills	0:714293de3836	4217	}
ashleymills	0:714293de3836	4218
ashleymills	0:714293de3836	4219	/* Set cert dates from DER buffer */
ashleymills	0:714293de3836	4220	int SetDatesBuffer(Cert* cert, const byte* der, int derSz)
ashleymills	0:714293de3836	4221	{
ashleymills	0:714293de3836	4222	return SetDatesFromCert(cert, der, derSz);
ashleymills	0:714293de3836	4223	}
ashleymills	0:714293de3836	4224
ashleymills	0:714293de3836	4225	#endif /* CYASSL_ALT_NAMES */
ashleymills	0:714293de3836	4226
ashleymills	0:714293de3836	4227	#endif /* CYASSL_CERT_GEN */
ashleymills	0:714293de3836	4228
ashleymills	0:714293de3836	4229
ashleymills	0:714293de3836	4230	#ifdef HAVE_ECC
ashleymills	0:714293de3836	4231
ashleymills	0:714293de3836	4232	/* Der Encode r & s ints into out, outLen is (in/out) size */
ashleymills	0:714293de3836	4233	int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
ashleymills	0:714293de3836	4234	{
ashleymills	0:714293de3836	4235	word32 idx = 0;
ashleymills	0:714293de3836	4236	word32 rSz; /* encoding size */
ashleymills	0:714293de3836	4237	word32 sSz;
ashleymills	0:714293de3836	4238	word32 headerSz = 4; /* 2ASN_TAG + 2LEN(ENUM) */
ashleymills	0:714293de3836	4239
ashleymills	0:714293de3836	4240	int rLen = mp_unsigned_bin_size(r); /* big int size */
ashleymills	0:714293de3836	4241	int sLen = mp_unsigned_bin_size(s);
ashleymills	0:714293de3836	4242	int err;
ashleymills	0:714293de3836	4243
ashleymills	0:714293de3836	4244	if (outLen < (rLen + sLen + headerSz + 2)) / SEQ_TAG + LEN(ENUM) */
ashleymills	0:714293de3836	4245	return BAD_FUNC_ARG;
ashleymills	0:714293de3836	4246
ashleymills	0:714293de3836	4247	idx = SetSequence(rLen + sLen + headerSz, out);
ashleymills	0:714293de3836	4248
ashleymills	0:714293de3836	4249	/* store r */
ashleymills	0:714293de3836	4250	out[idx++] = ASN_INTEGER;
ashleymills	0:714293de3836	4251	rSz = SetLength(rLen, &out[idx]);
ashleymills	0:714293de3836	4252	idx += rSz;
ashleymills	0:714293de3836	4253	err = mp_to_unsigned_bin(r, &out[idx]);
ashleymills	0:714293de3836	4254	if (err != MP_OKAY) return err;
ashleymills	0:714293de3836	4255	idx += rLen;
ashleymills	0:714293de3836	4256
ashleymills	0:714293de3836	4257	/* store s */
ashleymills	0:714293de3836	4258	out[idx++] = ASN_INTEGER;
ashleymills	0:714293de3836	4259	sSz = SetLength(sLen, &out[idx]);
ashleymills	0:714293de3836	4260	idx += sSz;
ashleymills	0:714293de3836	4261	err = mp_to_unsigned_bin(s, &out[idx]);
ashleymills	0:714293de3836	4262	if (err != MP_OKAY) return err;
ashleymills	0:714293de3836	4263	idx += sLen;
ashleymills	0:714293de3836	4264
ashleymills	0:714293de3836	4265	*outLen = idx;
ashleymills	0:714293de3836	4266
ashleymills	0:714293de3836	4267	return 0;
ashleymills	0:714293de3836	4268	}
ashleymills	0:714293de3836	4269
ashleymills	0:714293de3836	4270
ashleymills	0:714293de3836	4271	/* Der Decode ECC-DSA Signautre, r & s stored as big ints */
ashleymills	0:714293de3836	4272	int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
ashleymills	0:714293de3836	4273	{
ashleymills	0:714293de3836	4274	word32 idx = 0;
ashleymills	0:714293de3836	4275	int len = 0;
ashleymills	0:714293de3836	4276
ashleymills	0:714293de3836	4277	if (GetSequence(sig, &idx, &len, sigLen) < 0)
ashleymills	0:714293de3836	4278	return ASN_ECC_KEY_E;
ashleymills	0:714293de3836	4279
ashleymills	0:714293de3836	4280	if ((word32)len > (sigLen - idx))
ashleymills	0:714293de3836	4281	return ASN_ECC_KEY_E;
ashleymills	0:714293de3836	4282
ashleymills	0:714293de3836	4283	if (GetInt(r, sig, &idx, sigLen) < 0)
ashleymills	0:714293de3836	4284	return ASN_ECC_KEY_E;
ashleymills	0:714293de3836	4285
ashleymills	0:714293de3836	4286	if (GetInt(s, sig, &idx, sigLen) < 0)
ashleymills	0:714293de3836	4287	return ASN_ECC_KEY_E;
ashleymills	0:714293de3836	4288
ashleymills	0:714293de3836	4289	return 0;
ashleymills	0:714293de3836	4290	}
ashleymills	0:714293de3836	4291
ashleymills	0:714293de3836	4292
ashleymills	0:714293de3836	4293	int EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
ashleymills	0:714293de3836	4294	word32 inSz)
ashleymills	0:714293de3836	4295	{
ashleymills	0:714293de3836	4296	word32 oid = 0;
ashleymills	0:714293de3836	4297	int version, length;
ashleymills	0:714293de3836	4298	int privSz, pubSz;
ashleymills	0:714293de3836	4299	byte b;
ashleymills	0:714293de3836	4300	byte priv[ECC_MAXSIZE];
ashleymills	0:714293de3836	4301	byte pub[ECC_MAXSIZE * 2 + 1]; /* public key has two parts plus header */
ashleymills	0:714293de3836	4302
ashleymills	0:714293de3836	4303	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	4304	return ASN_PARSE_E;
ashleymills	0:714293de3836	4305
ashleymills	0:714293de3836	4306	if (GetMyVersion(input, inOutIdx, &version) < 0)
ashleymills	0:714293de3836	4307	return ASN_PARSE_E;
ashleymills	0:714293de3836	4308
ashleymills	0:714293de3836	4309	b = input[*inOutIdx];
ashleymills	0:714293de3836	4310	*inOutIdx += 1;
ashleymills	0:714293de3836	4311
ashleymills	0:714293de3836	4312	/* priv type */
ashleymills	0:714293de3836	4313	if (b != 4 && b != 6 && b != 7)
ashleymills	0:714293de3836	4314	return ASN_PARSE_E;
ashleymills	0:714293de3836	4315
ashleymills	0:714293de3836	4316	if (GetLength(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	4317	return ASN_PARSE_E;
ashleymills	0:714293de3836	4318
ashleymills	0:714293de3836	4319	/* priv key */
ashleymills	0:714293de3836	4320	privSz = length;
ashleymills	0:714293de3836	4321	XMEMCPY(priv, &input[*inOutIdx], privSz);
ashleymills	0:714293de3836	4322	*inOutIdx += length;
ashleymills	0:714293de3836	4323
ashleymills	0:714293de3836	4324	/* prefix 0, may have */
ashleymills	0:714293de3836	4325	b = input[*inOutIdx];
ashleymills	0:714293de3836	4326	if (b == ECC_PREFIX_0) {
ashleymills	0:714293de3836	4327	*inOutIdx += 1;
ashleymills	0:714293de3836	4328
ashleymills	0:714293de3836	4329	if (GetLength(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	4330	return ASN_PARSE_E;
ashleymills	0:714293de3836	4331
ashleymills	0:714293de3836	4332	/* object id */
ashleymills	0:714293de3836	4333	b = input[*inOutIdx];
ashleymills	0:714293de3836	4334	*inOutIdx += 1;
ashleymills	0:714293de3836	4335
ashleymills	0:714293de3836	4336	if (b != ASN_OBJECT_ID)
ashleymills	0:714293de3836	4337	return ASN_OBJECT_ID_E;
ashleymills	0:714293de3836	4338
ashleymills	0:714293de3836	4339	if (GetLength(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	4340	return ASN_PARSE_E;
ashleymills	0:714293de3836	4341
ashleymills	0:714293de3836	4342	while(length--) {
ashleymills	0:714293de3836	4343	oid += input[*inOutIdx];
ashleymills	0:714293de3836	4344	*inOutIdx += 1;
ashleymills	0:714293de3836	4345	}
ashleymills	0:714293de3836	4346	if (CheckCurve(oid) < 0)
ashleymills	0:714293de3836	4347	return ECC_CURVE_OID_E;
ashleymills	0:714293de3836	4348	}
ashleymills	0:714293de3836	4349
ashleymills	0:714293de3836	4350	/* prefix 1 */
ashleymills	0:714293de3836	4351	b = input[*inOutIdx];
ashleymills	0:714293de3836	4352	*inOutIdx += 1;
ashleymills	0:714293de3836	4353	if (b != ECC_PREFIX_1)
ashleymills	0:714293de3836	4354	return ASN_ECC_KEY_E;
ashleymills	0:714293de3836	4355
ashleymills	0:714293de3836	4356	if (GetLength(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	4357	return ASN_PARSE_E;
ashleymills	0:714293de3836	4358
ashleymills	0:714293de3836	4359	/* key header */
ashleymills	0:714293de3836	4360	b = input[*inOutIdx];
ashleymills	0:714293de3836	4361	*inOutIdx += 1;
ashleymills	0:714293de3836	4362	if (b != ASN_BIT_STRING)
ashleymills	0:714293de3836	4363	return ASN_BITSTR_E;
ashleymills	0:714293de3836	4364
ashleymills	0:714293de3836	4365	if (GetLength(input, inOutIdx, &length, inSz) < 0)
ashleymills	0:714293de3836	4366	return ASN_PARSE_E;
ashleymills	0:714293de3836	4367	b = input[*inOutIdx];
ashleymills	0:714293de3836	4368	*inOutIdx += 1;
ashleymills	0:714293de3836	4369	if (b != 0x00)
ashleymills	0:714293de3836	4370	return ASN_EXPECT_0_E;
ashleymills	0:714293de3836	4371
ashleymills	0:714293de3836	4372	pubSz = length - 1; /* null prefix */
ashleymills	0:714293de3836	4373	XMEMCPY(pub, &input[*inOutIdx], pubSz);
ashleymills	0:714293de3836	4374
ashleymills	0:714293de3836	4375	*inOutIdx += length;
ashleymills	0:714293de3836	4376
ashleymills	0:714293de3836	4377	return ecc_import_private_key(priv, privSz, pub, pubSz, key);
ashleymills	0:714293de3836	4378	}
ashleymills	0:714293de3836	4379
ashleymills	0:714293de3836	4380	#endif /* HAVE_ECC */
ashleymills	0:714293de3836	4381
ashleymills	0:714293de3836	4382
ashleymills	0:714293de3836	4383	#if defined(HAVE_OCSP) \|\| defined(HAVE_CRL)
ashleymills	0:714293de3836	4384
ashleymills	0:714293de3836	4385	/* Get raw Date only, no processing, 0 on success */
ashleymills	0:714293de3836	4386	static int GetBasicDate(const byte* source, word32* idx, byte* date,
ashleymills	0:714293de3836	4387	byte* format, int maxIdx)
ashleymills	0:714293de3836	4388	{
ashleymills	0:714293de3836	4389	int length;
ashleymills	0:714293de3836	4390
ashleymills	0:714293de3836	4391	CYASSL_ENTER("GetBasicDate");
ashleymills	0:714293de3836	4392
ashleymills	0:714293de3836	4393	format = source[idx];
ashleymills	0:714293de3836	4394	*idx += 1;
ashleymills	0:714293de3836	4395	if (format != ASN_UTC_TIME && format != ASN_GENERALIZED_TIME)
ashleymills	0:714293de3836	4396	return ASN_TIME_E;
ashleymills	0:714293de3836	4397
ashleymills	0:714293de3836	4398	if (GetLength(source, idx, &length, maxIdx) < 0)
ashleymills	0:714293de3836	4399	return ASN_PARSE_E;
ashleymills	0:714293de3836	4400
ashleymills	0:714293de3836	4401	if (length > MAX_DATE_SIZE \|\| length < MIN_DATE_SIZE)
ashleymills	0:714293de3836	4402	return ASN_DATE_SZ_E;
ashleymills	0:714293de3836	4403
ashleymills	0:714293de3836	4404	XMEMCPY(date, &source[*idx], length);
ashleymills	0:714293de3836	4405	*idx += length;
ashleymills	0:714293de3836	4406
ashleymills	0:714293de3836	4407	return 0;
ashleymills	0:714293de3836	4408	}
ashleymills	0:714293de3836	4409
ashleymills	0:714293de3836	4410	#endif
ashleymills	0:714293de3836	4411
ashleymills	0:714293de3836	4412
ashleymills	0:714293de3836	4413	#ifdef HAVE_OCSP
ashleymills	0:714293de3836	4414
ashleymills	0:714293de3836	4415	static int GetEnumerated(const byte* input, word32* inOutIdx, int *value)
ashleymills	0:714293de3836	4416	{
ashleymills	0:714293de3836	4417	word32 idx = *inOutIdx;
ashleymills	0:714293de3836	4418	word32 len;
ashleymills	0:714293de3836	4419
ashleymills	0:714293de3836	4420	CYASSL_ENTER("GetEnumerated");
ashleymills	0:714293de3836	4421
ashleymills	0:714293de3836	4422	*value = 0;
ashleymills	0:714293de3836	4423
ashleymills	0:714293de3836	4424	if (input[idx++] != ASN_ENUMERATED)
ashleymills	0:714293de3836	4425	return ASN_PARSE_E;
ashleymills	0:714293de3836	4426
ashleymills	0:714293de3836	4427	len = input[idx++];
ashleymills	0:714293de3836	4428	if (len > 4)
ashleymills	0:714293de3836	4429	return ASN_PARSE_E;
ashleymills	0:714293de3836	4430
ashleymills	0:714293de3836	4431	while (len--) {
ashleymills	0:714293de3836	4432	value = value << 8 \| input[idx++];
ashleymills	0:714293de3836	4433	}
ashleymills	0:714293de3836	4434
ashleymills	0:714293de3836	4435	*inOutIdx = idx;
ashleymills	0:714293de3836	4436
ashleymills	0:714293de3836	4437	return *value;
ashleymills	0:714293de3836	4438	}
ashleymills	0:714293de3836	4439
ashleymills	0:714293de3836	4440
ashleymills	0:714293de3836	4441	static int DecodeSingleResponse(byte* source,
ashleymills	0:714293de3836	4442	word32* ioIndex, OcspResponse* resp, word32 size)
ashleymills	0:714293de3836	4443	{
ashleymills	0:714293de3836	4444	word32 idx = *ioIndex, prevIndex, oid;
ashleymills	0:714293de3836	4445	int length, wrapperSz;
ashleymills	0:714293de3836	4446	CertStatus* cs = resp->status;
ashleymills	0:714293de3836	4447
ashleymills	0:714293de3836	4448	CYASSL_ENTER("DecodeSingleResponse");
ashleymills	0:714293de3836	4449
ashleymills	0:714293de3836	4450	/* Outer wrapper of the SEQUENCE OF Single Responses. */
ashleymills	0:714293de3836	4451	if (GetSequence(source, &idx, &wrapperSz, size) < 0)
ashleymills	0:714293de3836	4452	return ASN_PARSE_E;
ashleymills	0:714293de3836	4453
ashleymills	0:714293de3836	4454	prevIndex = idx;
ashleymills	0:714293de3836	4455
ashleymills	0:714293de3836	4456	/* When making a request, we only request one status on one certificate
ashleymills	0:714293de3836	4457	* at a time. There should only be one SingleResponse */
ashleymills	0:714293de3836	4458
ashleymills	0:714293de3836	4459	/* Wrapper around the Single Response */
ashleymills	0:714293de3836	4460	if (GetSequence(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4461	return ASN_PARSE_E;
ashleymills	0:714293de3836	4462
ashleymills	0:714293de3836	4463	/* Wrapper around the CertID */
ashleymills	0:714293de3836	4464	if (GetSequence(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4465	return ASN_PARSE_E;
ashleymills	0:714293de3836	4466	/* Skip the hash algorithm */
ashleymills	0:714293de3836	4467	if (GetAlgoId(source, &idx, &oid, size) < 0)
ashleymills	0:714293de3836	4468	return ASN_PARSE_E;
ashleymills	0:714293de3836	4469	/* Save reference to the hash of CN */
ashleymills	0:714293de3836	4470	if (source[idx++] != ASN_OCTET_STRING)
ashleymills	0:714293de3836	4471	return ASN_PARSE_E;
ashleymills	0:714293de3836	4472	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4473	return ASN_PARSE_E;
ashleymills	0:714293de3836	4474	resp->issuerHash = source + idx;
ashleymills	0:714293de3836	4475	idx += length;
ashleymills	0:714293de3836	4476	/* Save reference to the hash of the issuer public key */
ashleymills	0:714293de3836	4477	if (source[idx++] != ASN_OCTET_STRING)
ashleymills	0:714293de3836	4478	return ASN_PARSE_E;
ashleymills	0:714293de3836	4479	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4480	return ASN_PARSE_E;
ashleymills	0:714293de3836	4481	resp->issuerKeyHash = source + idx;
ashleymills	0:714293de3836	4482	idx += length;
ashleymills	0:714293de3836	4483
ashleymills	0:714293de3836	4484	/* Read the serial number, it is handled as a string, not as a
ashleymills	0:714293de3836	4485	* proper number. Just XMEMCPY the data over, rather than load it
ashleymills	0:714293de3836	4486	* as an mp_int. */
ashleymills	0:714293de3836	4487	if (source[idx++] != ASN_INTEGER)
ashleymills	0:714293de3836	4488	return ASN_PARSE_E;
ashleymills	0:714293de3836	4489	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4490	return ASN_PARSE_E;
ashleymills	0:714293de3836	4491	if (length <= EXTERNAL_SERIAL_SIZE)
ashleymills	0:714293de3836	4492	{
ashleymills	0:714293de3836	4493	if (source[idx] == 0)
ashleymills	0:714293de3836	4494	{
ashleymills	0:714293de3836	4495	idx++;
ashleymills	0:714293de3836	4496	length--;
ashleymills	0:714293de3836	4497	}
ashleymills	0:714293de3836	4498	XMEMCPY(cs->serial, source + idx, length);
ashleymills	0:714293de3836	4499	cs->serialSz = length;
ashleymills	0:714293de3836	4500	}
ashleymills	0:714293de3836	4501	else
ashleymills	0:714293de3836	4502	{
ashleymills	0:714293de3836	4503	return ASN_GETINT_E;
ashleymills	0:714293de3836	4504	}
ashleymills	0:714293de3836	4505	idx += length;
ashleymills	0:714293de3836	4506
ashleymills	0:714293de3836	4507	/* CertStatus */
ashleymills	0:714293de3836	4508	switch (source[idx++])
ashleymills	0:714293de3836	4509	{
ashleymills	0:714293de3836	4510	case (ASN_CONTEXT_SPECIFIC \| CERT_GOOD):
ashleymills	0:714293de3836	4511	cs->status = CERT_GOOD;
ashleymills	0:714293de3836	4512	idx++;
ashleymills	0:714293de3836	4513	break;
ashleymills	0:714293de3836	4514	case (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| CERT_REVOKED):
ashleymills	0:714293de3836	4515	cs->status = CERT_REVOKED;
ashleymills	0:714293de3836	4516	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4517	return ASN_PARSE_E;
ashleymills	0:714293de3836	4518	idx += length;
ashleymills	0:714293de3836	4519	break;
ashleymills	0:714293de3836	4520	case (ASN_CONTEXT_SPECIFIC \| CERT_UNKNOWN):
ashleymills	0:714293de3836	4521	cs->status = CERT_UNKNOWN;
ashleymills	0:714293de3836	4522	idx++;
ashleymills	0:714293de3836	4523	break;
ashleymills	0:714293de3836	4524	default:
ashleymills	0:714293de3836	4525	return ASN_PARSE_E;
ashleymills	0:714293de3836	4526	}
ashleymills	0:714293de3836	4527
ashleymills	0:714293de3836	4528	if (GetBasicDate(source, &idx, cs->thisDate,
ashleymills	0:714293de3836	4529	&cs->thisDateFormat, size) < 0)
ashleymills	0:714293de3836	4530	return ASN_PARSE_E;
ashleymills	0:714293de3836	4531	if (!XVALIDATE_DATE(cs->thisDate, cs->thisDateFormat, BEFORE))
ashleymills	0:714293de3836	4532	return ASN_BEFORE_DATE_E;
ashleymills	0:714293de3836	4533
ashleymills	0:714293de3836	4534	/* The following items are optional. Only check for them if there is more
ashleymills	0:714293de3836	4535	* unprocessed data in the singleResponse wrapper. */
ashleymills	0:714293de3836	4536
ashleymills	0:714293de3836	4537	if (((int)(idx - prevIndex) < wrapperSz) &&
ashleymills	0:714293de3836	4538	(source[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 0)))
ashleymills	0:714293de3836	4539	{
ashleymills	0:714293de3836	4540	idx++;
ashleymills	0:714293de3836	4541	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4542	return ASN_PARSE_E;
ashleymills	0:714293de3836	4543	if (GetBasicDate(source, &idx, cs->nextDate,
ashleymills	0:714293de3836	4544	&cs->nextDateFormat, size) < 0)
ashleymills	0:714293de3836	4545	return ASN_PARSE_E;
ashleymills	0:714293de3836	4546	}
ashleymills	0:714293de3836	4547	if (((int)(idx - prevIndex) < wrapperSz) &&
ashleymills	0:714293de3836	4548	(source[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 1)))
ashleymills	0:714293de3836	4549	{
ashleymills	0:714293de3836	4550	idx++;
ashleymills	0:714293de3836	4551	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4552	return ASN_PARSE_E;
ashleymills	0:714293de3836	4553	idx += length;
ashleymills	0:714293de3836	4554	}
ashleymills	0:714293de3836	4555
ashleymills	0:714293de3836	4556	*ioIndex = idx;
ashleymills	0:714293de3836	4557
ashleymills	0:714293de3836	4558	return 0;
ashleymills	0:714293de3836	4559	}
ashleymills	0:714293de3836	4560
ashleymills	0:714293de3836	4561	static int DecodeOcspRespExtensions(byte* source,
ashleymills	0:714293de3836	4562	word32* ioIndex, OcspResponse* resp, word32 sz)
ashleymills	0:714293de3836	4563	{
ashleymills	0:714293de3836	4564	word32 idx = *ioIndex;
ashleymills	0:714293de3836	4565	int length;
ashleymills	0:714293de3836	4566	int ext_bound; /* boundary index for the sequence of extensions */
ashleymills	0:714293de3836	4567	word32 oid;
ashleymills	0:714293de3836	4568
ashleymills	0:714293de3836	4569	CYASSL_ENTER("DecodeOcspRespExtensions");
ashleymills	0:714293de3836	4570
ashleymills	0:714293de3836	4571	if (source[idx++] != (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 1))
ashleymills	0:714293de3836	4572	return ASN_PARSE_E;
ashleymills	0:714293de3836	4573
ashleymills	0:714293de3836	4574	if (GetLength(source, &idx, &length, sz) < 0) return ASN_PARSE_E;
ashleymills	0:714293de3836	4575
ashleymills	0:714293de3836	4576	if (GetSequence(source, &idx, &length, sz) < 0) return ASN_PARSE_E;
ashleymills	0:714293de3836	4577
ashleymills	0:714293de3836	4578	ext_bound = idx + length;
ashleymills	0:714293de3836	4579
ashleymills	0:714293de3836	4580	while (idx < (word32)ext_bound) {
ashleymills	0:714293de3836	4581	if (GetSequence(source, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	4582	CYASSL_MSG("\tfail: should be a SEQUENCE");
ashleymills	0:714293de3836	4583	return ASN_PARSE_E;
ashleymills	0:714293de3836	4584	}
ashleymills	0:714293de3836	4585
ashleymills	0:714293de3836	4586	oid = 0;
ashleymills	0:714293de3836	4587	if (GetObjectId(source, &idx, &oid, sz) < 0) {
ashleymills	0:714293de3836	4588	CYASSL_MSG("\tfail: OBJECT ID");
ashleymills	0:714293de3836	4589	return ASN_PARSE_E;
ashleymills	0:714293de3836	4590	}
ashleymills	0:714293de3836	4591
ashleymills	0:714293de3836	4592	/* check for critical flag */
ashleymills	0:714293de3836	4593	if (source[idx] == ASN_BOOLEAN) {
ashleymills	0:714293de3836	4594	CYASSL_MSG("\tfound optional critical flag, moving past");
ashleymills	0:714293de3836	4595	idx += (ASN_BOOL_SIZE + 1);
ashleymills	0:714293de3836	4596	}
ashleymills	0:714293de3836	4597
ashleymills	0:714293de3836	4598	/* process the extension based on the OID */
ashleymills	0:714293de3836	4599	if (source[idx++] != ASN_OCTET_STRING) {
ashleymills	0:714293de3836	4600	CYASSL_MSG("\tfail: should be an OCTET STRING");
ashleymills	0:714293de3836	4601	return ASN_PARSE_E;
ashleymills	0:714293de3836	4602	}
ashleymills	0:714293de3836	4603
ashleymills	0:714293de3836	4604	if (GetLength(source, &idx, &length, sz) < 0) {
ashleymills	0:714293de3836	4605	CYASSL_MSG("\tfail: extension data length");
ashleymills	0:714293de3836	4606	return ASN_PARSE_E;
ashleymills	0:714293de3836	4607	}
ashleymills	0:714293de3836	4608
ashleymills	0:714293de3836	4609	if (oid == OCSP_NONCE_OID) {
ashleymills	0:714293de3836	4610	resp->nonce = source + idx;
ashleymills	0:714293de3836	4611	resp->nonceSz = length;
ashleymills	0:714293de3836	4612	}
ashleymills	0:714293de3836	4613
ashleymills	0:714293de3836	4614	idx += length;
ashleymills	0:714293de3836	4615	}
ashleymills	0:714293de3836	4616
ashleymills	0:714293de3836	4617	*ioIndex = idx;
ashleymills	0:714293de3836	4618	return 0;
ashleymills	0:714293de3836	4619	}
ashleymills	0:714293de3836	4620
ashleymills	0:714293de3836	4621
ashleymills	0:714293de3836	4622	static int DecodeResponseData(byte* source,
ashleymills	0:714293de3836	4623	word32* ioIndex, OcspResponse* resp, word32 size)
ashleymills	0:714293de3836	4624	{
ashleymills	0:714293de3836	4625	word32 idx = *ioIndex, prev_idx;
ashleymills	0:714293de3836	4626	int length;
ashleymills	0:714293de3836	4627	int version;
ashleymills	0:714293de3836	4628	word32 responderId = 0;
ashleymills	0:714293de3836	4629
ashleymills	0:714293de3836	4630	CYASSL_ENTER("DecodeResponseData");
ashleymills	0:714293de3836	4631
ashleymills	0:714293de3836	4632	resp->response = source + idx;
ashleymills	0:714293de3836	4633	prev_idx = idx;
ashleymills	0:714293de3836	4634	if (GetSequence(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4635	return ASN_PARSE_E;
ashleymills	0:714293de3836	4636	resp->responseSz = length + idx - prev_idx;
ashleymills	0:714293de3836	4637
ashleymills	0:714293de3836	4638	/* Get version. It is an EXPLICIT[0] DEFAULT(0) value. If this
ashleymills	0:714293de3836	4639	* item isn't an EXPLICIT[0], then set version to zero and move
ashleymills	0:714293de3836	4640	* onto the next item.
ashleymills	0:714293de3836	4641	*/
ashleymills	0:714293de3836	4642	if (source[idx] == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED))
ashleymills	0:714293de3836	4643	{
ashleymills	0:714293de3836	4644	idx += 2; /* Eat the value and length */
ashleymills	0:714293de3836	4645	if (GetMyVersion(source, &idx, &version) < 0)
ashleymills	0:714293de3836	4646	return ASN_PARSE_E;
ashleymills	0:714293de3836	4647	} else
ashleymills	0:714293de3836	4648	version = 0;
ashleymills	0:714293de3836	4649
ashleymills	0:714293de3836	4650	responderId = source[idx++];
ashleymills	0:714293de3836	4651	if ((responderId == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| 1)) \|\|
ashleymills	0:714293de3836	4652	(responderId == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| 2)))
ashleymills	0:714293de3836	4653	{
ashleymills	0:714293de3836	4654	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4655	return ASN_PARSE_E;
ashleymills	0:714293de3836	4656	idx += length;
ashleymills	0:714293de3836	4657	}
ashleymills	0:714293de3836	4658	else
ashleymills	0:714293de3836	4659	return ASN_PARSE_E;
ashleymills	0:714293de3836	4660
ashleymills	0:714293de3836	4661	/* save pointer to the producedAt time */
ashleymills	0:714293de3836	4662	if (GetBasicDate(source, &idx, resp->producedDate,
ashleymills	0:714293de3836	4663	&resp->producedDateFormat, size) < 0)
ashleymills	0:714293de3836	4664	return ASN_PARSE_E;
ashleymills	0:714293de3836	4665
ashleymills	0:714293de3836	4666	if (DecodeSingleResponse(source, &idx, resp, size) < 0)
ashleymills	0:714293de3836	4667	return ASN_PARSE_E;
ashleymills	0:714293de3836	4668
ashleymills	0:714293de3836	4669	if (DecodeOcspRespExtensions(source, &idx, resp, size) < 0)
ashleymills	0:714293de3836	4670	return ASN_PARSE_E;
ashleymills	0:714293de3836	4671
ashleymills	0:714293de3836	4672	*ioIndex = idx;
ashleymills	0:714293de3836	4673	return 0;
ashleymills	0:714293de3836	4674	}
ashleymills	0:714293de3836	4675
ashleymills	0:714293de3836	4676
ashleymills	0:714293de3836	4677	static int DecodeCerts(byte* source,
ashleymills	0:714293de3836	4678	word32* ioIndex, OcspResponse* resp, word32 size)
ashleymills	0:714293de3836	4679	{
ashleymills	0:714293de3836	4680	word32 idx = *ioIndex;
ashleymills	0:714293de3836	4681
ashleymills	0:714293de3836	4682	CYASSL_ENTER("DecodeCerts");
ashleymills	0:714293de3836	4683
ashleymills	0:714293de3836	4684	if (source[idx++] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC))
ashleymills	0:714293de3836	4685	{
ashleymills	0:714293de3836	4686	int length;
ashleymills	0:714293de3836	4687
ashleymills	0:714293de3836	4688	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4689	return ASN_PARSE_E;
ashleymills	0:714293de3836	4690
ashleymills	0:714293de3836	4691	if (GetSequence(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4692	return ASN_PARSE_E;
ashleymills	0:714293de3836	4693
ashleymills	0:714293de3836	4694	resp->cert = source + idx;
ashleymills	0:714293de3836	4695	resp->certSz = length;
ashleymills	0:714293de3836	4696
ashleymills	0:714293de3836	4697	idx += length;
ashleymills	0:714293de3836	4698	}
ashleymills	0:714293de3836	4699	*ioIndex = idx;
ashleymills	0:714293de3836	4700	return 0;
ashleymills	0:714293de3836	4701	}
ashleymills	0:714293de3836	4702
ashleymills	0:714293de3836	4703	static int DecodeBasicOcspResponse(byte* source,
ashleymills	0:714293de3836	4704	word32* ioIndex, OcspResponse* resp, word32 size)
ashleymills	0:714293de3836	4705	{
ashleymills	0:714293de3836	4706	int length;
ashleymills	0:714293de3836	4707	word32 idx = *ioIndex;
ashleymills	0:714293de3836	4708	word32 end_index;
ashleymills	0:714293de3836	4709
ashleymills	0:714293de3836	4710	CYASSL_ENTER("DecodeBasicOcspResponse");
ashleymills	0:714293de3836	4711
ashleymills	0:714293de3836	4712	if (GetSequence(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4713	return ASN_PARSE_E;
ashleymills	0:714293de3836	4714
ashleymills	0:714293de3836	4715	if (idx + length > size)
ashleymills	0:714293de3836	4716	return ASN_INPUT_E;
ashleymills	0:714293de3836	4717	end_index = idx + length;
ashleymills	0:714293de3836	4718
ashleymills	0:714293de3836	4719	if (DecodeResponseData(source, &idx, resp, size) < 0)
ashleymills	0:714293de3836	4720	return ASN_PARSE_E;
ashleymills	0:714293de3836	4721
ashleymills	0:714293de3836	4722	/* Get the signature algorithm */
ashleymills	0:714293de3836	4723	if (GetAlgoId(source, &idx, &resp->sigOID, size) < 0)
ashleymills	0:714293de3836	4724	return ASN_PARSE_E;
ashleymills	0:714293de3836	4725
ashleymills	0:714293de3836	4726	/* Obtain pointer to the start of the signature, and save the size */
ashleymills	0:714293de3836	4727	if (source[idx++] == ASN_BIT_STRING)
ashleymills	0:714293de3836	4728	{
ashleymills	0:714293de3836	4729	int sigLength = 0;
ashleymills	0:714293de3836	4730	if (GetLength(source, &idx, &sigLength, size) < 0)
ashleymills	0:714293de3836	4731	return ASN_PARSE_E;
ashleymills	0:714293de3836	4732	resp->sigSz = sigLength;
ashleymills	0:714293de3836	4733	resp->sig = source + idx;
ashleymills	0:714293de3836	4734	idx += sigLength;
ashleymills	0:714293de3836	4735	}
ashleymills	0:714293de3836	4736
ashleymills	0:714293de3836	4737	/*
ashleymills	0:714293de3836	4738	* Check the length of the BasicOcspResponse against the current index to
ashleymills	0:714293de3836	4739	* see if there are certificates, they are optional.
ashleymills	0:714293de3836	4740	*/
ashleymills	0:714293de3836	4741	if (idx < end_index)
ashleymills	0:714293de3836	4742	{
ashleymills	0:714293de3836	4743	DecodedCert cert;
ashleymills	0:714293de3836	4744	int ret;
ashleymills	0:714293de3836	4745
ashleymills	0:714293de3836	4746	if (DecodeCerts(source, &idx, resp, size) < 0)
ashleymills	0:714293de3836	4747	return ASN_PARSE_E;
ashleymills	0:714293de3836	4748
ashleymills	0:714293de3836	4749	InitDecodedCert(&cert, resp->cert, resp->certSz, 0);
ashleymills	0:714293de3836	4750	ret = ParseCertRelative(&cert, CA_TYPE, NO_VERIFY, 0);
ashleymills	0:714293de3836	4751	if (ret < 0)
ashleymills	0:714293de3836	4752	return ret;
ashleymills	0:714293de3836	4753
ashleymills	0:714293de3836	4754	ret = ConfirmSignature(resp->response, resp->responseSz,
ashleymills	0:714293de3836	4755	cert.publicKey, cert.pubKeySize, cert.keyOID,
ashleymills	0:714293de3836	4756	resp->sig, resp->sigSz, resp->sigOID, NULL);
ashleymills	0:714293de3836	4757	FreeDecodedCert(&cert);
ashleymills	0:714293de3836	4758
ashleymills	0:714293de3836	4759	if (ret == 0)
ashleymills	0:714293de3836	4760	{
ashleymills	0:714293de3836	4761	CYASSL_MSG("\tOCSP Confirm signature failed");
ashleymills	0:714293de3836	4762	return ASN_OCSP_CONFIRM_E;
ashleymills	0:714293de3836	4763	}
ashleymills	0:714293de3836	4764	}
ashleymills	0:714293de3836	4765
ashleymills	0:714293de3836	4766	*ioIndex = idx;
ashleymills	0:714293de3836	4767	return 0;
ashleymills	0:714293de3836	4768	}
ashleymills	0:714293de3836	4769
ashleymills	0:714293de3836	4770
ashleymills	0:714293de3836	4771	void InitOcspResponse(OcspResponse* resp, CertStatus* status,
ashleymills	0:714293de3836	4772	byte* source, word32 inSz)
ashleymills	0:714293de3836	4773	{
ashleymills	0:714293de3836	4774	CYASSL_ENTER("InitOcspResponse");
ashleymills	0:714293de3836	4775
ashleymills	0:714293de3836	4776	resp->responseStatus = -1;
ashleymills	0:714293de3836	4777	resp->response = NULL;
ashleymills	0:714293de3836	4778	resp->responseSz = 0;
ashleymills	0:714293de3836	4779	resp->producedDateFormat = 0;
ashleymills	0:714293de3836	4780	resp->issuerHash = NULL;
ashleymills	0:714293de3836	4781	resp->issuerKeyHash = NULL;
ashleymills	0:714293de3836	4782	resp->sig = NULL;
ashleymills	0:714293de3836	4783	resp->sigSz = 0;
ashleymills	0:714293de3836	4784	resp->sigOID = 0;
ashleymills	0:714293de3836	4785	resp->status = status;
ashleymills	0:714293de3836	4786	resp->nonce = NULL;
ashleymills	0:714293de3836	4787	resp->nonceSz = 0;
ashleymills	0:714293de3836	4788	resp->source = source;
ashleymills	0:714293de3836	4789	resp->maxIdx = inSz;
ashleymills	0:714293de3836	4790	}
ashleymills	0:714293de3836	4791
ashleymills	0:714293de3836	4792
ashleymills	0:714293de3836	4793	int OcspResponseDecode(OcspResponse* resp)
ashleymills	0:714293de3836	4794	{
ashleymills	0:714293de3836	4795	int length = 0;
ashleymills	0:714293de3836	4796	word32 idx = 0;
ashleymills	0:714293de3836	4797	byte* source = resp->source;
ashleymills	0:714293de3836	4798	word32 size = resp->maxIdx;
ashleymills	0:714293de3836	4799	word32 oid;
ashleymills	0:714293de3836	4800
ashleymills	0:714293de3836	4801	CYASSL_ENTER("OcspResponseDecode");
ashleymills	0:714293de3836	4802
ashleymills	0:714293de3836	4803	/* peel the outer SEQUENCE wrapper */
ashleymills	0:714293de3836	4804	if (GetSequence(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4805	return ASN_PARSE_E;
ashleymills	0:714293de3836	4806
ashleymills	0:714293de3836	4807	/* First get the responseStatus, an ENUMERATED */
ashleymills	0:714293de3836	4808	if (GetEnumerated(source, &idx, &resp->responseStatus) < 0)
ashleymills	0:714293de3836	4809	return ASN_PARSE_E;
ashleymills	0:714293de3836	4810
ashleymills	0:714293de3836	4811	if (resp->responseStatus != OCSP_SUCCESSFUL)
ashleymills	0:714293de3836	4812	return 0;
ashleymills	0:714293de3836	4813
ashleymills	0:714293de3836	4814	/* Next is an EXPLICIT record called ResponseBytes, OPTIONAL */
ashleymills	0:714293de3836	4815	if (idx >= size)
ashleymills	0:714293de3836	4816	return ASN_INPUT_E;
ashleymills	0:714293de3836	4817	if (source[idx++] != (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC))
ashleymills	0:714293de3836	4818	return ASN_PARSE_E;
ashleymills	0:714293de3836	4819	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4820	return ASN_PARSE_E;
ashleymills	0:714293de3836	4821
ashleymills	0:714293de3836	4822	/* Get the responseBytes SEQUENCE */
ashleymills	0:714293de3836	4823	if (GetSequence(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4824	return ASN_PARSE_E;
ashleymills	0:714293de3836	4825
ashleymills	0:714293de3836	4826	/* Check ObjectID for the resposeBytes */
ashleymills	0:714293de3836	4827	if (GetObjectId(source, &idx, &oid, size) < 0)
ashleymills	0:714293de3836	4828	return ASN_PARSE_E;
ashleymills	0:714293de3836	4829	if (oid != OCSP_BASIC_OID)
ashleymills	0:714293de3836	4830	return ASN_PARSE_E;
ashleymills	0:714293de3836	4831	if (source[idx++] != ASN_OCTET_STRING)
ashleymills	0:714293de3836	4832	return ASN_PARSE_E;
ashleymills	0:714293de3836	4833
ashleymills	0:714293de3836	4834	if (GetLength(source, &idx, &length, size) < 0)
ashleymills	0:714293de3836	4835	return ASN_PARSE_E;
ashleymills	0:714293de3836	4836
ashleymills	0:714293de3836	4837	if (DecodeBasicOcspResponse(source, &idx, resp, size) < 0)
ashleymills	0:714293de3836	4838	return ASN_PARSE_E;
ashleymills	0:714293de3836	4839
ashleymills	0:714293de3836	4840	return 0;
ashleymills	0:714293de3836	4841	}
ashleymills	0:714293de3836	4842
ashleymills	0:714293de3836	4843
ashleymills	0:714293de3836	4844	static int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
ashleymills	0:714293de3836	4845	{
ashleymills	0:714293de3836	4846	int result = 0;
ashleymills	0:714293de3836	4847
ashleymills	0:714293de3836	4848	CYASSL_ENTER("SetSerialNumber");
ashleymills	0:714293de3836	4849
ashleymills	0:714293de3836	4850	if (snSz <= EXTERNAL_SERIAL_SIZE) {
ashleymills	0:714293de3836	4851	output[0] = ASN_INTEGER;
ashleymills	0:714293de3836	4852	output[1] = snSz + 1;
ashleymills	0:714293de3836	4853	output[2] = 0;
ashleymills	0:714293de3836	4854	XMEMCPY(&output[3], sn, snSz);
ashleymills	0:714293de3836	4855	result = snSz + 3;
ashleymills	0:714293de3836	4856	}
ashleymills	0:714293de3836	4857	return result;
ashleymills	0:714293de3836	4858	}
ashleymills	0:714293de3836	4859
ashleymills	0:714293de3836	4860
ashleymills	0:714293de3836	4861	static word32 SetOcspReqExtensions(word32 extSz, byte* output,
ashleymills	0:714293de3836	4862	const byte* nonce, word32 nonceSz)
ashleymills	0:714293de3836	4863	{
ashleymills	0:714293de3836	4864	static const byte NonceObjId[] = { 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
ashleymills	0:714293de3836	4865	0x30, 0x01, 0x02 };
ashleymills	0:714293de3836	4866	byte seqArray[5][MAX_SEQ_SZ];
ashleymills	0:714293de3836	4867	word32 seqSz[5], totalSz;
ashleymills	0:714293de3836	4868
ashleymills	0:714293de3836	4869	CYASSL_ENTER("SetOcspReqExtensions");
ashleymills	0:714293de3836	4870
ashleymills	0:714293de3836	4871	if (nonce == NULL \|\| nonceSz == 0) return 0;
ashleymills	0:714293de3836	4872
ashleymills	0:714293de3836	4873	seqArray[0][0] = ASN_OCTET_STRING;
ashleymills	0:714293de3836	4874	seqSz[0] = 1 + SetLength(nonceSz, &seqArray[0][1]);
ashleymills	0:714293de3836	4875
ashleymills	0:714293de3836	4876	seqArray[1][0] = ASN_OBJECT_ID;
ashleymills	0:714293de3836	4877	seqSz[1] = 1 + SetLength(sizeof(NonceObjId), &seqArray[1][1]);
ashleymills	0:714293de3836	4878
ashleymills	0:714293de3836	4879	totalSz = seqSz[0] + seqSz[1] + nonceSz + (word32)sizeof(NonceObjId);
ashleymills	0:714293de3836	4880
ashleymills	0:714293de3836	4881	seqSz[2] = SetSequence(totalSz, seqArray[2]);
ashleymills	0:714293de3836	4882	totalSz += seqSz[2];
ashleymills	0:714293de3836	4883
ashleymills	0:714293de3836	4884	seqSz[3] = SetSequence(totalSz, seqArray[3]);
ashleymills	0:714293de3836	4885	totalSz += seqSz[3];
ashleymills	0:714293de3836	4886
ashleymills	0:714293de3836	4887	seqArray[4][0] = (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 2);
ashleymills	0:714293de3836	4888	seqSz[4] = 1 + SetLength(totalSz, &seqArray[4][1]);
ashleymills	0:714293de3836	4889	totalSz += seqSz[4];
ashleymills	0:714293de3836	4890
ashleymills	0:714293de3836	4891	if (totalSz < extSz)
ashleymills	0:714293de3836	4892	{
ashleymills	0:714293de3836	4893	totalSz = 0;
ashleymills	0:714293de3836	4894	XMEMCPY(output + totalSz, seqArray[4], seqSz[4]);
ashleymills	0:714293de3836	4895	totalSz += seqSz[4];
ashleymills	0:714293de3836	4896	XMEMCPY(output + totalSz, seqArray[3], seqSz[3]);
ashleymills	0:714293de3836	4897	totalSz += seqSz[3];
ashleymills	0:714293de3836	4898	XMEMCPY(output + totalSz, seqArray[2], seqSz[2]);
ashleymills	0:714293de3836	4899	totalSz += seqSz[2];
ashleymills	0:714293de3836	4900	XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
ashleymills	0:714293de3836	4901	totalSz += seqSz[1];
ashleymills	0:714293de3836	4902	XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
ashleymills	0:714293de3836	4903	totalSz += (word32)sizeof(NonceObjId);
ashleymills	0:714293de3836	4904	XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
ashleymills	0:714293de3836	4905	totalSz += seqSz[0];
ashleymills	0:714293de3836	4906	XMEMCPY(output + totalSz, nonce, nonceSz);
ashleymills	0:714293de3836	4907	totalSz += nonceSz;
ashleymills	0:714293de3836	4908	}
ashleymills	0:714293de3836	4909
ashleymills	0:714293de3836	4910	return totalSz;
ashleymills	0:714293de3836	4911	}
ashleymills	0:714293de3836	4912
ashleymills	0:714293de3836	4913
ashleymills	0:714293de3836	4914	int EncodeOcspRequest(OcspRequest* req)
ashleymills	0:714293de3836	4915	{
ashleymills	0:714293de3836	4916	byte seqArray[5][MAX_SEQ_SZ];
ashleymills	0:714293de3836	4917	/* The ASN.1 of the OCSP Request is an onion of sequences */
ashleymills	0:714293de3836	4918	byte algoArray[MAX_ALGO_SZ];
ashleymills	0:714293de3836	4919	byte issuerArray[MAX_ENCODED_DIG_SZ];
ashleymills	0:714293de3836	4920	byte issuerKeyArray[MAX_ENCODED_DIG_SZ];
ashleymills	0:714293de3836	4921	byte snArray[MAX_SN_SZ];
ashleymills	0:714293de3836	4922	byte extArray[MAX_OCSP_EXT_SZ];
ashleymills	0:714293de3836	4923	byte* output = req->dest;
ashleymills	0:714293de3836	4924	word32 seqSz[5], algoSz, issuerSz, issuerKeySz, snSz, extSz, totalSz;
ashleymills	0:714293de3836	4925	int i;
ashleymills	0:714293de3836	4926
ashleymills	0:714293de3836	4927	CYASSL_ENTER("EncodeOcspRequest");
ashleymills	0:714293de3836	4928
ashleymills	0:714293de3836	4929	algoSz = SetAlgoID(SHAh, algoArray, hashType);
ashleymills	0:714293de3836	4930
ashleymills	0:714293de3836	4931	req->issuerHash = req->cert->issuerHash;
ashleymills	0:714293de3836	4932	issuerSz = SetDigest(req->cert->issuerHash, SHA_SIZE, issuerArray);
ashleymills	0:714293de3836	4933
ashleymills	0:714293de3836	4934	req->issuerKeyHash = req->cert->issuerKeyHash;
ashleymills	0:714293de3836	4935	issuerKeySz = SetDigest(req->cert->issuerKeyHash, SHA_SIZE, issuerKeyArray);
ashleymills	0:714293de3836	4936
ashleymills	0:714293de3836	4937	req->serial = req->cert->serial;
ashleymills	0:714293de3836	4938	req->serialSz = req->cert->serialSz;
ashleymills	0:714293de3836	4939	snSz = SetSerialNumber(req->cert->serial, req->cert->serialSz, snArray);
ashleymills	0:714293de3836	4940
ashleymills	0:714293de3836	4941	extSz = 0;
ashleymills	0:714293de3836	4942	if (req->useNonce) {
ashleymills	0:714293de3836	4943	RNG rng;
ashleymills	0:714293de3836	4944	if (InitRng(&rng) != 0) {
ashleymills	0:714293de3836	4945	CYASSL_MSG("\tCannot initialize RNG. Skipping the OSCP Nonce.");
ashleymills	0:714293de3836	4946	} else {
ashleymills	0:714293de3836	4947	req->nonceSz = MAX_OCSP_NONCE_SZ;
ashleymills	0:714293de3836	4948	RNG_GenerateBlock(&rng, req->nonce, req->nonceSz);
ashleymills	0:714293de3836	4949	extSz = SetOcspReqExtensions(MAX_OCSP_EXT_SZ, extArray,
ashleymills	0:714293de3836	4950	req->nonce, req->nonceSz);
ashleymills	0:714293de3836	4951	}
ashleymills	0:714293de3836	4952	}
ashleymills	0:714293de3836	4953
ashleymills	0:714293de3836	4954	totalSz = algoSz + issuerSz + issuerKeySz + snSz;
ashleymills	0:714293de3836	4955
ashleymills	0:714293de3836	4956	for (i = 4; i >= 0; i--) {
ashleymills	0:714293de3836	4957	seqSz[i] = SetSequence(totalSz, seqArray[i]);
ashleymills	0:714293de3836	4958	totalSz += seqSz[i];
ashleymills	0:714293de3836	4959	if (i == 2) totalSz += extSz;
ashleymills	0:714293de3836	4960	}
ashleymills	0:714293de3836	4961	totalSz = 0;
ashleymills	0:714293de3836	4962	for (i = 0; i < 5; i++) {
ashleymills	0:714293de3836	4963	XMEMCPY(output + totalSz, seqArray[i], seqSz[i]);
ashleymills	0:714293de3836	4964	totalSz += seqSz[i];
ashleymills	0:714293de3836	4965	}
ashleymills	0:714293de3836	4966	XMEMCPY(output + totalSz, algoArray, algoSz);
ashleymills	0:714293de3836	4967	totalSz += algoSz;
ashleymills	0:714293de3836	4968	XMEMCPY(output + totalSz, issuerArray, issuerSz);
ashleymills	0:714293de3836	4969	totalSz += issuerSz;
ashleymills	0:714293de3836	4970	XMEMCPY(output + totalSz, issuerKeyArray, issuerKeySz);
ashleymills	0:714293de3836	4971	totalSz += issuerKeySz;
ashleymills	0:714293de3836	4972	XMEMCPY(output + totalSz, snArray, snSz);
ashleymills	0:714293de3836	4973	totalSz += snSz;
ashleymills	0:714293de3836	4974	if (extSz != 0) {
ashleymills	0:714293de3836	4975	XMEMCPY(output + totalSz, extArray, extSz);
ashleymills	0:714293de3836	4976	totalSz += extSz;
ashleymills	0:714293de3836	4977	}
ashleymills	0:714293de3836	4978
ashleymills	0:714293de3836	4979	return totalSz;
ashleymills	0:714293de3836	4980	}
ashleymills	0:714293de3836	4981
ashleymills	0:714293de3836	4982
ashleymills	0:714293de3836	4983	void InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce,
ashleymills	0:714293de3836	4984	byte* dest, word32 destSz)
ashleymills	0:714293de3836	4985	{
ashleymills	0:714293de3836	4986	CYASSL_ENTER("InitOcspRequest");
ashleymills	0:714293de3836	4987
ashleymills	0:714293de3836	4988	req->cert = cert;
ashleymills	0:714293de3836	4989	req->useNonce = useNonce;
ashleymills	0:714293de3836	4990	req->nonceSz = 0;
ashleymills	0:714293de3836	4991	req->issuerHash = NULL;
ashleymills	0:714293de3836	4992	req->issuerKeyHash = NULL;
ashleymills	0:714293de3836	4993	req->serial = NULL;
ashleymills	0:714293de3836	4994	req->dest = dest;
ashleymills	0:714293de3836	4995	req->destSz = destSz;
ashleymills	0:714293de3836	4996	}
ashleymills	0:714293de3836	4997
ashleymills	0:714293de3836	4998
ashleymills	0:714293de3836	4999	int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
ashleymills	0:714293de3836	5000	{
ashleymills	0:714293de3836	5001	int cmp;
ashleymills	0:714293de3836	5002
ashleymills	0:714293de3836	5003	CYASSL_ENTER("CompareOcspReqResp");
ashleymills	0:714293de3836	5004
ashleymills	0:714293de3836	5005	if (req == NULL)
ashleymills	0:714293de3836	5006	{
ashleymills	0:714293de3836	5007	CYASSL_MSG("\tReq missing");
ashleymills	0:714293de3836	5008	return -1;
ashleymills	0:714293de3836	5009	}
ashleymills	0:714293de3836	5010
ashleymills	0:714293de3836	5011	if (resp == NULL)
ashleymills	0:714293de3836	5012	{
ashleymills	0:714293de3836	5013	CYASSL_MSG("\tResp missing");
ashleymills	0:714293de3836	5014	return 1;
ashleymills	0:714293de3836	5015	}
ashleymills	0:714293de3836	5016
ashleymills	0:714293de3836	5017	if (req->useNonce) {
ashleymills	0:714293de3836	5018	cmp = req->nonceSz - resp->nonceSz;
ashleymills	0:714293de3836	5019	if (cmp != 0)
ashleymills	0:714293de3836	5020	{
ashleymills	0:714293de3836	5021	CYASSL_MSG("\tnonceSz mismatch");
ashleymills	0:714293de3836	5022	return cmp;
ashleymills	0:714293de3836	5023	}
ashleymills	0:714293de3836	5024
ashleymills	0:714293de3836	5025	cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz);
ashleymills	0:714293de3836	5026	if (cmp != 0)
ashleymills	0:714293de3836	5027	{
ashleymills	0:714293de3836	5028	CYASSL_MSG("\tnonce mismatch");
ashleymills	0:714293de3836	5029	return cmp;
ashleymills	0:714293de3836	5030	}
ashleymills	0:714293de3836	5031	}
ashleymills	0:714293de3836	5032
ashleymills	0:714293de3836	5033	cmp = XMEMCMP(req->issuerHash, resp->issuerHash, SHA_DIGEST_SIZE);
ashleymills	0:714293de3836	5034	if (cmp != 0)
ashleymills	0:714293de3836	5035	{
ashleymills	0:714293de3836	5036	CYASSL_MSG("\tissuerHash mismatch");
ashleymills	0:714293de3836	5037	return cmp;
ashleymills	0:714293de3836	5038	}
ashleymills	0:714293de3836	5039
ashleymills	0:714293de3836	5040	cmp = XMEMCMP(req->issuerKeyHash, resp->issuerKeyHash, SHA_DIGEST_SIZE);
ashleymills	0:714293de3836	5041	if (cmp != 0)
ashleymills	0:714293de3836	5042	{
ashleymills	0:714293de3836	5043	CYASSL_MSG("\tissuerKeyHash mismatch");
ashleymills	0:714293de3836	5044	return cmp;
ashleymills	0:714293de3836	5045	}
ashleymills	0:714293de3836	5046
ashleymills	0:714293de3836	5047	cmp = req->serialSz - resp->status->serialSz;
ashleymills	0:714293de3836	5048	if (cmp != 0)
ashleymills	0:714293de3836	5049	{
ashleymills	0:714293de3836	5050	CYASSL_MSG("\tserialSz mismatch");
ashleymills	0:714293de3836	5051	return cmp;
ashleymills	0:714293de3836	5052	}
ashleymills	0:714293de3836	5053
ashleymills	0:714293de3836	5054	cmp = XMEMCMP(req->serial, resp->status->serial, req->serialSz);
ashleymills	0:714293de3836	5055	if (cmp != 0)
ashleymills	0:714293de3836	5056	{
ashleymills	0:714293de3836	5057	CYASSL_MSG("\tserial mismatch");
ashleymills	0:714293de3836	5058	return cmp;
ashleymills	0:714293de3836	5059	}
ashleymills	0:714293de3836	5060
ashleymills	0:714293de3836	5061	return 0;
ashleymills	0:714293de3836	5062	}
ashleymills	0:714293de3836	5063
ashleymills	0:714293de3836	5064	#endif
ashleymills	0:714293de3836	5065
ashleymills	0:714293de3836	5066
ashleymills	0:714293de3836	5067	#ifdef HAVE_CRL
ashleymills	0:714293de3836	5068
ashleymills	0:714293de3836	5069	/* initialize decoded CRL */
ashleymills	0:714293de3836	5070	void InitDecodedCRL(DecodedCRL* dcrl)
ashleymills	0:714293de3836	5071	{
ashleymills	0:714293de3836	5072	CYASSL_MSG("InitDecodedCRL");
ashleymills	0:714293de3836	5073
ashleymills	0:714293de3836	5074	dcrl->certBegin = 0;
ashleymills	0:714293de3836	5075	dcrl->sigIndex = 0;
ashleymills	0:714293de3836	5076	dcrl->sigLength = 0;
ashleymills	0:714293de3836	5077	dcrl->signatureOID = 0;
ashleymills	0:714293de3836	5078	dcrl->certs = NULL;
ashleymills	0:714293de3836	5079	dcrl->totalCerts = 0;
ashleymills	0:714293de3836	5080	}
ashleymills	0:714293de3836	5081
ashleymills	0:714293de3836	5082
ashleymills	0:714293de3836	5083	/* free decoded CRL resources */
ashleymills	0:714293de3836	5084	void FreeDecodedCRL(DecodedCRL* dcrl)
ashleymills	0:714293de3836	5085	{
ashleymills	0:714293de3836	5086	RevokedCert* tmp = dcrl->certs;
ashleymills	0:714293de3836	5087
ashleymills	0:714293de3836	5088	CYASSL_MSG("FreeDecodedCRL");
ashleymills	0:714293de3836	5089
ashleymills	0:714293de3836	5090	while(tmp) {
ashleymills	0:714293de3836	5091	RevokedCert* next = tmp->next;
ashleymills	0:714293de3836	5092	XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED);
ashleymills	0:714293de3836	5093	tmp = next;
ashleymills	0:714293de3836	5094	}
ashleymills	0:714293de3836	5095	}
ashleymills	0:714293de3836	5096
ashleymills	0:714293de3836	5097
ashleymills	0:714293de3836	5098	/* store SHA1 hash of NAME */
ashleymills	0:714293de3836	5099	static int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx)
ashleymills	0:714293de3836	5100	{
ashleymills	0:714293de3836	5101	Sha sha;
ashleymills	0:714293de3836	5102	int length; /* length of all distinguished names */
ashleymills	0:714293de3836	5103	word32 dummy;
ashleymills	0:714293de3836	5104
ashleymills	0:714293de3836	5105	CYASSL_ENTER("GetNameHash");
ashleymills	0:714293de3836	5106
ashleymills	0:714293de3836	5107	if (source[*idx] == ASN_OBJECT_ID) {
ashleymills	0:714293de3836	5108	CYASSL_MSG("Trying optional prefix...");
ashleymills	0:714293de3836	5109
ashleymills	0:714293de3836	5110	if (GetLength(source, idx, &length, maxIdx) < 0)
ashleymills	0:714293de3836	5111	return ASN_PARSE_E;
ashleymills	0:714293de3836	5112
ashleymills	0:714293de3836	5113	*idx += length;
ashleymills	0:714293de3836	5114	CYASSL_MSG("Got optional prefix");
ashleymills	0:714293de3836	5115	}
ashleymills	0:714293de3836	5116
ashleymills	0:714293de3836	5117	/* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
ashleymills	0:714293de3836	5118	* calculated over the entire DER encoding of the Name field, including
ashleymills	0:714293de3836	5119	* the tag and length. */
ashleymills	0:714293de3836	5120	dummy = *idx;
ashleymills	0:714293de3836	5121	if (GetSequence(source, idx, &length, maxIdx) < 0)
ashleymills	0:714293de3836	5122	return ASN_PARSE_E;
ashleymills	0:714293de3836	5123
ashleymills	0:714293de3836	5124	InitSha(&sha);
ashleymills	0:714293de3836	5125	ShaUpdate(&sha, source + dummy, length + *idx - dummy);
ashleymills	0:714293de3836	5126	ShaFinal(&sha, hash);
ashleymills	0:714293de3836	5127
ashleymills	0:714293de3836	5128	*idx += length;
ashleymills	0:714293de3836	5129
ashleymills	0:714293de3836	5130	return 0;
ashleymills	0:714293de3836	5131	}
ashleymills	0:714293de3836	5132
ashleymills	0:714293de3836	5133
ashleymills	0:714293de3836	5134	/* Get Revoked Cert list, 0 on success */
ashleymills	0:714293de3836	5135	static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl,
ashleymills	0:714293de3836	5136	int maxIdx)
ashleymills	0:714293de3836	5137	{
ashleymills	0:714293de3836	5138	int len;
ashleymills	0:714293de3836	5139	word32 end;
ashleymills	0:714293de3836	5140	byte b;
ashleymills	0:714293de3836	5141	RevokedCert* rc;
ashleymills	0:714293de3836	5142
ashleymills	0:714293de3836	5143	CYASSL_ENTER("GetRevoked");
ashleymills	0:714293de3836	5144
ashleymills	0:714293de3836	5145	if (GetSequence(buff, idx, &len, maxIdx) < 0)
ashleymills	0:714293de3836	5146	return ASN_PARSE_E;
ashleymills	0:714293de3836	5147
ashleymills	0:714293de3836	5148	end = *idx + len;
ashleymills	0:714293de3836	5149
ashleymills	0:714293de3836	5150	/* get serial number */
ashleymills	0:714293de3836	5151	b = buff[*idx];
ashleymills	0:714293de3836	5152	*idx += 1;
ashleymills	0:714293de3836	5153
ashleymills	0:714293de3836	5154	if (b != ASN_INTEGER) {
ashleymills	0:714293de3836	5155	CYASSL_MSG("Expecting Integer");
ashleymills	0:714293de3836	5156	return ASN_PARSE_E;
ashleymills	0:714293de3836	5157	}
ashleymills	0:714293de3836	5158
ashleymills	0:714293de3836	5159	if (GetLength(buff, idx, &len, maxIdx) < 0)
ashleymills	0:714293de3836	5160	return ASN_PARSE_E;
ashleymills	0:714293de3836	5161
ashleymills	0:714293de3836	5162	if (len > EXTERNAL_SERIAL_SIZE) {
ashleymills	0:714293de3836	5163	CYASSL_MSG("Serial Size too big");
ashleymills	0:714293de3836	5164	return ASN_PARSE_E;
ashleymills	0:714293de3836	5165	}
ashleymills	0:714293de3836	5166
ashleymills	0:714293de3836	5167	rc = (RevokedCert*)XMALLOC(sizeof(RevokedCert), NULL, DYNAMIC_TYPE_CRL);
ashleymills	0:714293de3836	5168	if (rc == NULL) {
ashleymills	0:714293de3836	5169	CYASSL_MSG("Alloc Revoked Cert failed");
ashleymills	0:714293de3836	5170	return MEMORY_E;
ashleymills	0:714293de3836	5171	}
ashleymills	0:714293de3836	5172
ashleymills	0:714293de3836	5173	XMEMCPY(rc->serialNumber, &buff[*idx], len);
ashleymills	0:714293de3836	5174	rc->serialSz = len;
ashleymills	0:714293de3836	5175
ashleymills	0:714293de3836	5176	/* add to list */
ashleymills	0:714293de3836	5177	rc->next = dcrl->certs;
ashleymills	0:714293de3836	5178	dcrl->certs = rc;
ashleymills	0:714293de3836	5179	dcrl->totalCerts++;
ashleymills	0:714293de3836	5180
ashleymills	0:714293de3836	5181	*idx += len;
ashleymills	0:714293de3836	5182
ashleymills	0:714293de3836	5183	/* get date */
ashleymills	0:714293de3836	5184	b = buff[*idx];
ashleymills	0:714293de3836	5185	*idx += 1;
ashleymills	0:714293de3836	5186
ashleymills	0:714293de3836	5187	if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME) {
ashleymills	0:714293de3836	5188	CYASSL_MSG("Expecting Date");
ashleymills	0:714293de3836	5189	return ASN_PARSE_E;
ashleymills	0:714293de3836	5190	}
ashleymills	0:714293de3836	5191
ashleymills	0:714293de3836	5192	if (GetLength(buff, idx, &len, maxIdx) < 0)
ashleymills	0:714293de3836	5193	return ASN_PARSE_E;
ashleymills	0:714293de3836	5194
ashleymills	0:714293de3836	5195	/* skip for now */
ashleymills	0:714293de3836	5196	*idx += len;
ashleymills	0:714293de3836	5197
ashleymills	0:714293de3836	5198	if (idx != end) / skip extensions */
ashleymills	0:714293de3836	5199	*idx = end;
ashleymills	0:714293de3836	5200
ashleymills	0:714293de3836	5201	return 0;
ashleymills	0:714293de3836	5202	}
ashleymills	0:714293de3836	5203
ashleymills	0:714293de3836	5204
ashleymills	0:714293de3836	5205	/* Get CRL Signature, 0 on success */
ashleymills	0:714293de3836	5206	static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl,
ashleymills	0:714293de3836	5207	int maxIdx)
ashleymills	0:714293de3836	5208	{
ashleymills	0:714293de3836	5209	int length;
ashleymills	0:714293de3836	5210	byte b;
ashleymills	0:714293de3836	5211
ashleymills	0:714293de3836	5212	CYASSL_ENTER("GetCRL_Signature");
ashleymills	0:714293de3836	5213
ashleymills	0:714293de3836	5214	b = source[*idx];
ashleymills	0:714293de3836	5215	*idx += 1;
ashleymills	0:714293de3836	5216	if (b != ASN_BIT_STRING)
ashleymills	0:714293de3836	5217	return ASN_BITSTR_E;
ashleymills	0:714293de3836	5218
ashleymills	0:714293de3836	5219	if (GetLength(source, idx, &length, maxIdx) < 0)
ashleymills	0:714293de3836	5220	return ASN_PARSE_E;
ashleymills	0:714293de3836	5221
ashleymills	0:714293de3836	5222	dcrl->sigLength = length;
ashleymills	0:714293de3836	5223
ashleymills	0:714293de3836	5224	b = source[*idx];
ashleymills	0:714293de3836	5225	*idx += 1;
ashleymills	0:714293de3836	5226	if (b != 0x00)
ashleymills	0:714293de3836	5227	return ASN_EXPECT_0_E;
ashleymills	0:714293de3836	5228
ashleymills	0:714293de3836	5229	dcrl->sigLength--;
ashleymills	0:714293de3836	5230	dcrl->signature = (byte)&source[idx];
ashleymills	0:714293de3836	5231
ashleymills	0:714293de3836	5232	*idx += dcrl->sigLength;
ashleymills	0:714293de3836	5233
ashleymills	0:714293de3836	5234	return 0;
ashleymills	0:714293de3836	5235	}
ashleymills	0:714293de3836	5236
ashleymills	0:714293de3836	5237
ashleymills	0:714293de3836	5238	/* prase crl buffer into decoded state, 0 on success */
ashleymills	0:714293de3836	5239	int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
ashleymills	0:714293de3836	5240	{
ashleymills	0:714293de3836	5241	int version, len;
ashleymills	0:714293de3836	5242	word32 oid, idx = 0;
ashleymills	0:714293de3836	5243	Signer* ca = NULL;
ashleymills	0:714293de3836	5244
ashleymills	0:714293de3836	5245	CYASSL_MSG("ParseCRL");
ashleymills	0:714293de3836	5246
ashleymills	0:714293de3836	5247	/* raw crl hash */
ashleymills	0:714293de3836	5248	/* hash here if needed for optimized comparisons
ashleymills	0:714293de3836	5249	* Sha sha;
ashleymills	0:714293de3836	5250	* InitSha(&sha);
ashleymills	0:714293de3836	5251	* ShaUpdate(&sha, buff, sz);
ashleymills	0:714293de3836	5252	* ShaFinal(&sha, dcrl->crlHash); */
ashleymills	0:714293de3836	5253
ashleymills	0:714293de3836	5254	if (GetSequence(buff, &idx, &len, sz) < 0)
ashleymills	0:714293de3836	5255	return ASN_PARSE_E;
ashleymills	0:714293de3836	5256
ashleymills	0:714293de3836	5257	dcrl->certBegin = idx;
ashleymills	0:714293de3836	5258
ashleymills	0:714293de3836	5259	if (GetSequence(buff, &idx, &len, sz) < 0)
ashleymills	0:714293de3836	5260	return ASN_PARSE_E;
ashleymills	0:714293de3836	5261	dcrl->sigIndex = len + idx;
ashleymills	0:714293de3836	5262
ashleymills	0:714293de3836	5263	/* may have version */
ashleymills	0:714293de3836	5264	if (buff[idx] == ASN_INTEGER) {
ashleymills	0:714293de3836	5265	if (GetMyVersion(buff, &idx, &version) < 0)
ashleymills	0:714293de3836	5266	return ASN_PARSE_E;
ashleymills	0:714293de3836	5267	}
ashleymills	0:714293de3836	5268
ashleymills	0:714293de3836	5269	if (GetAlgoId(buff, &idx, &oid, sz) < 0)
ashleymills	0:714293de3836	5270	return ASN_PARSE_E;
ashleymills	0:714293de3836	5271
ashleymills	0:714293de3836	5272	if (GetNameHash(buff, &idx, dcrl->issuerHash, sz) < 0)
ashleymills	0:714293de3836	5273	return ASN_PARSE_E;
ashleymills	0:714293de3836	5274
ashleymills	0:714293de3836	5275	if (GetBasicDate(buff, &idx, dcrl->lastDate, &dcrl->lastDateFormat, sz) < 0)
ashleymills	0:714293de3836	5276	return ASN_PARSE_E;
ashleymills	0:714293de3836	5277
ashleymills	0:714293de3836	5278	if (GetBasicDate(buff, &idx, dcrl->nextDate, &dcrl->nextDateFormat, sz) < 0)
ashleymills	0:714293de3836	5279	return ASN_PARSE_E;
ashleymills	0:714293de3836	5280
ashleymills	0:714293de3836	5281	if (!XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, AFTER)) {
ashleymills	0:714293de3836	5282	CYASSL_MSG("CRL after date is no longer valid");
ashleymills	0:714293de3836	5283	return ASN_AFTER_DATE_E;
ashleymills	0:714293de3836	5284	}
ashleymills	0:714293de3836	5285
ashleymills	0:714293de3836	5286	if (idx != dcrl->sigIndex && buff[idx] != CRL_EXTENSIONS) {
ashleymills	0:714293de3836	5287	if (GetSequence(buff, &idx, &len, sz) < 0)
ashleymills	0:714293de3836	5288	return ASN_PARSE_E;
ashleymills	0:714293de3836	5289
ashleymills	0:714293de3836	5290	len += idx;
ashleymills	0:714293de3836	5291
ashleymills	0:714293de3836	5292	while (idx < (word32)len) {
ashleymills	0:714293de3836	5293	if (GetRevoked(buff, &idx, dcrl, sz) < 0)
ashleymills	0:714293de3836	5294	return ASN_PARSE_E;
ashleymills	0:714293de3836	5295	}
ashleymills	0:714293de3836	5296	}
ashleymills	0:714293de3836	5297
ashleymills	0:714293de3836	5298	if (idx != dcrl->sigIndex)
ashleymills	0:714293de3836	5299	idx = dcrl->sigIndex; /* skip extensions */
ashleymills	0:714293de3836	5300
ashleymills	0:714293de3836	5301	if (GetAlgoId(buff, &idx, &dcrl->signatureOID, sz) < 0)
ashleymills	0:714293de3836	5302	return ASN_PARSE_E;
ashleymills	0:714293de3836	5303
ashleymills	0:714293de3836	5304	if (GetCRL_Signature(buff, &idx, dcrl, sz) < 0)
ashleymills	0:714293de3836	5305	return ASN_PARSE_E;
ashleymills	0:714293de3836	5306
ashleymills	0:714293de3836	5307	/* openssl doesn't add skid by default for CRLs cause firefox chokes
ashleymills	0:714293de3836	5308	we're not assuming it's available yet */
ashleymills	0:714293de3836	5309	#if !defined(NO_SKID) && defined(CRL_SKID_READY)
ashleymills	0:714293de3836	5310	if (dcrl->extAuthKeyIdSet)
ashleymills	0:714293de3836	5311	ca = GetCA(cm, dcrl->extAuthKeyId);
ashleymills	0:714293de3836	5312	if (ca == NULL)
ashleymills	0:714293de3836	5313	ca = GetCAByName(cm, dcrl->issuerHash);
ashleymills	0:714293de3836	5314	#else /* NO_SKID */
ashleymills	0:714293de3836	5315	ca = GetCA(cm, dcrl->issuerHash);
ashleymills	0:714293de3836	5316	#endif /* NO_SKID */
ashleymills	0:714293de3836	5317	CYASSL_MSG("About to verify CRL signature");
ashleymills	0:714293de3836	5318
ashleymills	0:714293de3836	5319	if (ca) {
ashleymills	0:714293de3836	5320	CYASSL_MSG("Found CRL issuer CA");
ashleymills	0:714293de3836	5321	/* try to confirm/verify signature */
ashleymills	0:714293de3836	5322	if (!ConfirmSignature(buff + dcrl->certBegin,
ashleymills	0:714293de3836	5323	dcrl->sigIndex - dcrl->certBegin,
ashleymills	0:714293de3836	5324	ca->publicKey, ca->pubKeySize, ca->keyOID,
ashleymills	0:714293de3836	5325	dcrl->signature, dcrl->sigLength, dcrl->signatureOID, NULL)) {
ashleymills	0:714293de3836	5326	CYASSL_MSG("CRL Confirm signature failed");
ashleymills	0:714293de3836	5327	return ASN_CRL_CONFIRM_E;
ashleymills	0:714293de3836	5328	}
ashleymills	0:714293de3836	5329	}
ashleymills	0:714293de3836	5330	else {
ashleymills	0:714293de3836	5331	CYASSL_MSG("Did NOT find CRL issuer CA");
ashleymills	0:714293de3836	5332	return ASN_CRL_NO_SIGNER_E;
ashleymills	0:714293de3836	5333	}
ashleymills	0:714293de3836	5334
ashleymills	0:714293de3836	5335	return 0;
ashleymills	0:714293de3836	5336	}
ashleymills	0:714293de3836	5337
ashleymills	0:714293de3836	5338	#endif /* HAVE_CRL */
ashleymills	0:714293de3836	5339	#endif
ashleymills	0:714293de3836	5340

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	18 Sep 2013
Imports:	7
Forks:	0
Commits:	5
Dependents:	2
Dependencies:	0
Followers:	2

The code in this repository is Apache licensed.

ctaocrypt/src/asn.c@4:f377303c41be, 2013-09-16 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning