Varun Bahl
/
CyaSSL-Encryp
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
CyaSSL-forEncrypt
by 
Mobius IoT
Embed:
(wiki syntax)
Show/hide line numbers
asn.h
00001 /* asn.h 00002 * 00003 * Copyright (C) 2006-2009 Sawtooth Consulting Ltd. 00004 * 00005 * This file is part of CyaSSL. 00006 * 00007 * CyaSSL is free software; you can redistribute it and/or modify 00008 * it under the terms of the GNU General Public License as published by 00009 * the Free Software Foundation; either version 2 of the License, or 00010 * (at your option) any later version. 00011 * 00012 * CyaSSL is distributed in the hope that it will be useful, 00013 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00015 * GNU General Public License for more details. 00016 * 00017 * You should have received a copy of the GNU General Public License 00018 * along with this program; if not, write to the Free Software 00019 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA 00020 */ 00021 00022 00023 #ifndef CTAO_CRYPT_ASN_H 00024 #define CTAO_CRYPT_ASN_H 00025 00026 #include "types.h" 00027 #include "ctc_rsa.h" 00028 #include "ctc_dh.h" 00029 #include "ctc_dsa.h" 00030 #include "ctc_sha.h" 00031 00032 00033 #ifdef __cplusplus 00034 extern "C" { 00035 #endif 00036 00037 /* ASN Tags */ 00038 enum ASN_Tags { 00039 ASN_INTEGER = 0x02, 00040 ASN_BIT_STRING = 0x03, 00041 ASN_OCTET_STRING = 0x04, 00042 ASN_TAG_NULL = 0x05, 00043 ASN_OBJECT_ID = 0x06, 00044 ASN_SEQUENCE = 0x10, 00045 ASN_SET = 0x11, 00046 ASN_UTC_TIME = 0x17, 00047 ASN_GENERALIZED_TIME = 0x18, 00048 ASN_LONG_LENGTH = 0x80 00049 }; 00050 00051 00052 enum ASN_Flags{ 00053 ASN_CONSTRUCTED = 0x20, 00054 ASN_CONTEXT_SPECIFIC = 0x80 00055 }; 00056 00057 enum DN_Tags { 00058 ASN_COMMON_NAME = 0x03, /* CN */ 00059 ASN_SUR_NAME = 0x04, /* SN */ 00060 ASN_COUNTRY_NAME = 0x06, /* C */ 00061 ASN_LOCALITY_NAME = 0x07, /* L */ 00062 ASN_STATE_NAME = 0x08, /* ST */ 00063 ASN_ORG_NAME = 0x0a, /* O */ 00064 ASN_ORGUNIT_NAME = 0x0b /* OU */ 00065 }; 00066 00067 enum Misc_ASN { 00068 ASN_NAME_MAX = 256, 00069 SHA_SIZE = 20, 00070 RSA_INTS = 8, /* RSA ints in private key */ 00071 MIN_DATE_SIZE = 13, 00072 MAX_DATE_SIZE = 32, 00073 ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */ 00074 MAX_ENCODED_SIG_SZ = 512, 00075 MAX_SIG_SZ = 256, 00076 MAX_ALGO_SZ = 20, 00077 MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ 00078 MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ 00079 MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ 00080 MAX_ENCODED_DIG_SZ = 25, /* sha + enum(bit or octet) + legnth(4) */ 00081 MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ 00082 MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */ 00083 MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */ 00084 MAX_RSA_E_SZ = 16, /* Max RSA public e size */ 00085 MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2, 00086 /* use bigger NTRU size */ 00087 MAX_LENGTH_SZ = 4 00088 }; 00089 00090 00091 enum Oid_Types { 00092 hashType = 0, 00093 sigType = 1, 00094 keyType = 2 00095 }; 00096 00097 00098 enum Sig_Sum { 00099 SHAwDSA = 517, 00100 MD2wRSA = 646, 00101 MD5wRSA = 648, 00102 SHAwRSA = 649 00103 }; 00104 00105 enum Hash_Sum { 00106 MD2h = 646, 00107 MD5h = 649, 00108 SHAh = 88 00109 }; 00110 00111 enum Key_Sum { 00112 DSAk = 515, 00113 RSAk = 645, 00114 NTRUk = 364 00115 }; 00116 00117 00118 /* Certificate file Type */ 00119 enum CertType { 00120 CERT_TYPE = 0, 00121 PRIVATEKEY_TYPE, 00122 CA_TYPE 00123 }; 00124 00125 00126 enum VerifyType { 00127 NO_VERIFY = 0, 00128 VERIFY = 1 00129 }; 00130 00131 00132 typedef struct DecodedCert { 00133 byte* publicKey; 00134 word32 pubKeySize; 00135 int pubKeyStored; 00136 word32 certBegin; /* offset to start of cert */ 00137 word32 sigIndex; /* offset to start of signature */ 00138 word32 sigLength; /* length of signature */ 00139 word32 signatureOID; /* sum of algorithm object id */ 00140 word32 keyOID; /* sum of key algo object id */ 00141 byte subjectHash[SHA_SIZE]; /* hash of all Names */ 00142 byte issuerHash[SHA_SIZE]; /* hash of all Names */ 00143 byte* signature; /* not owned, points into raw cert */ 00144 char* subjectCN; /* CommonName */ 00145 int subjectCNLen; 00146 char issuer[ASN_NAME_MAX]; /* full name including common name */ 00147 char subject[ASN_NAME_MAX]; /* full name including common name */ 00148 int verify; /* Default to yes, but could be off */ 00149 byte* source; /* byte buffer holder cert, NOT owner */ 00150 word32 srcIdx; /* current offset into buffer */ 00151 void* heap; /* for user memory overrides */ 00152 #ifdef CYASSL_CERT_GEN 00153 /* easy access to sujbect info for other sign */ 00154 char* subjectSN; 00155 int subjectSNLen; 00156 char* subjectC; 00157 int subjectCLen; 00158 char* subjectL; 00159 int subjectLLen; 00160 char* subjectST; 00161 int subjectSTLen; 00162 char* subjectO; 00163 int subjectOLen; 00164 char* subjectOU; 00165 int subjectOULen; 00166 char* subjectEmail; 00167 int subjectEmailLen; 00168 #endif /* CYASSL_CERT_GEN */ 00169 } DecodedCert; 00170 00171 00172 typedef struct Signer Signer; 00173 00174 /* CA Signers */ 00175 struct Signer { 00176 byte* publicKey; 00177 word32 pubKeySize; 00178 word32 keyOID; /* key type */ 00179 char* name; /* common name */ 00180 byte hash[SHA_DIGEST_SIZE]; /* sha hash of names in certificate */ 00181 Signer* next; 00182 }; 00183 00184 00185 void InitDecodedCert(DecodedCert*, byte*, void*); 00186 void FreeDecodedCert(DecodedCert*); 00187 int ParseCert(DecodedCert*, word32, int type, int verify, Signer* signer); 00188 int ParseCertRelative(DecodedCert*, word32, int type, int verify, 00189 Signer* signer); 00190 00191 word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,int hashOID); 00192 00193 Signer* MakeSigner(void*); 00194 void FreeSigners(Signer*, void*); 00195 00196 00197 int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32); 00198 int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, word32); 00199 int ToTraditional(byte* buffer, word32 length); 00200 00201 #ifndef NO_DH 00202 int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32); 00203 int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz); 00204 #endif 00205 00206 #ifndef NO_DSA 00207 int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32); 00208 int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey*, word32); 00209 #endif 00210 00211 #ifdef CYASSL_KEY_GEN 00212 int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); 00213 #endif 00214 00215 00216 #if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) 00217 int DerToPem(const byte* der, word32 derSz, byte* output, word32 outputSz, 00218 int type); 00219 #endif 00220 00221 #ifdef CYASSL_CERT_GEN 00222 00223 enum cert_enums { 00224 SERIAL_SIZE = 8, 00225 NAME_SIZE = 64, 00226 NAME_ENTRIES = 8, 00227 JOINT_LEN = 2, 00228 EMAIL_JOINT_LEN = 9, 00229 RSA_KEY = 10, 00230 NTRU_KEY = 11 00231 }; 00232 00233 00234 typedef struct CertName { 00235 char country[NAME_SIZE]; 00236 char state[NAME_SIZE]; 00237 char locality[NAME_SIZE]; 00238 char sur[NAME_SIZE]; 00239 char org[NAME_SIZE]; 00240 char unit[NAME_SIZE]; 00241 char commonName[NAME_SIZE]; 00242 char email[NAME_SIZE]; /* !!!! email has to be last !!!! */ 00243 } CertName; 00244 00245 00246 /* for user to fill for certificate generation */ 00247 typedef struct Cert { 00248 int version; /* x509 version */ 00249 byte serial[SERIAL_SIZE]; /* serial number */ 00250 int sigType; /* signature algo type */ 00251 CertName issuer; /* issuer info */ 00252 int daysValid; /* validity days */ 00253 int selfSigned; /* self signed flag */ 00254 CertName subject; /* subject info */ 00255 /* internal use only */ 00256 int bodySz; /* pre sign total size */ 00257 int keyType; /* public key type of subject */ 00258 } Cert; 00259 00260 00261 /* Initialize and Set Certficate defaults: 00262 version = 3 (0x2) 00263 serial = 0 (Will be randomly generated) 00264 sigType = MD5_WITH_RSA 00265 issuer = blank 00266 daysValid = 500 00267 selfSigned = 1 (true) use subject as issuer 00268 subject = blank 00269 keyType = RSA_KEY (default) 00270 */ 00271 void InitCert(Cert*); 00272 int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); 00273 int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); 00274 int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); 00275 int SetIssuer(Cert*, const char*); 00276 #ifdef HAVE_NTRU 00277 int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, const byte* ntruKey, 00278 word16 keySz, RNG*); 00279 #endif 00280 00281 00282 #endif /* CYASSL_CERT_GEN */ 00283 00284 00285 #ifdef __cplusplus 00286 } /* extern "C" */ 00287 #endif 00288 00289 #endif /* CTAO_CRYPT_ASN_H */ 00290
Generated on Mon Jul 25 2022 10:27:44 by
1.7.2