CyaSSL-2.9.4 - SSL/TLS Library

Users » wolfSSL » Code » CyaSSL-2.9.4

wolf SSL / CyaSSL-2.9.4

SSL/TLS Library

Dependents:

CyaSSL is SSL/TLS library for embedded systems.

wolfssl.com

cyassl/ctaocrypt/asn.h@0:9d17e4342598, 2014-04-20 (annotated)

Committer:: wolfSSL
Date:: Sun Apr 20 12:40:57 2014 +0000
Revision:: 0:9d17e4342598

CyaSSL SSL/TLS Library 2.9.4;

Who changed what in which revision?

User	Revision	Line number	New contents of line
wolfSSL	0:9d17e4342598	1	/* asn.h
wolfSSL	0:9d17e4342598	2	*
wolfSSL	0:9d17e4342598	3	* Copyright (C) 2006-2013 wolfSSL Inc.
wolfSSL	0:9d17e4342598	4	*
wolfSSL	0:9d17e4342598	5	* This file is part of CyaSSL.
wolfSSL	0:9d17e4342598	6	*
wolfSSL	0:9d17e4342598	7	* CyaSSL is free software; you can redistribute it and/or modify
wolfSSL	0:9d17e4342598	8	* it under the terms of the GNU General Public License as published by
wolfSSL	0:9d17e4342598	9	* the Free Software Foundation; either version 2 of the License, or
wolfSSL	0:9d17e4342598	10	* (at your option) any later version.
wolfSSL	0:9d17e4342598	11	*
wolfSSL	0:9d17e4342598	12	* CyaSSL is distributed in the hope that it will be useful,
wolfSSL	0:9d17e4342598	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL	0:9d17e4342598	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL	0:9d17e4342598	15	* GNU General Public License for more details.
wolfSSL	0:9d17e4342598	16	*
wolfSSL	0:9d17e4342598	17	* You should have received a copy of the GNU General Public License
wolfSSL	0:9d17e4342598	18	* along with this program; if not, write to the Free Software
wolfSSL	0:9d17e4342598	19	* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
wolfSSL	0:9d17e4342598	20	*/
wolfSSL	0:9d17e4342598	21
wolfSSL	0:9d17e4342598	22	#ifndef NO_ASN
wolfSSL	0:9d17e4342598	23
wolfSSL	0:9d17e4342598	24	#ifndef CTAO_CRYPT_ASN_H
wolfSSL	0:9d17e4342598	25	#define CTAO_CRYPT_ASN_H
wolfSSL	0:9d17e4342598	26
wolfSSL	0:9d17e4342598	27	#include <cyassl/ctaocrypt/types.h>
wolfSSL	0:9d17e4342598	28	#include <cyassl/ctaocrypt/rsa.h>
wolfSSL	0:9d17e4342598	29	#include <cyassl/ctaocrypt/dh.h>
wolfSSL	0:9d17e4342598	30	#include <cyassl/ctaocrypt/dsa.h>
wolfSSL	0:9d17e4342598	31	#include <cyassl/ctaocrypt/sha.h>
wolfSSL	0:9d17e4342598	32	#include <cyassl/ctaocrypt/md5.h>
wolfSSL	0:9d17e4342598	33	#include <cyassl/ctaocrypt/asn_public.h> /* public interface */
wolfSSL	0:9d17e4342598	34	#ifdef HAVE_ECC
wolfSSL	0:9d17e4342598	35	#include <cyassl/ctaocrypt/ecc.h>
wolfSSL	0:9d17e4342598	36	#endif
wolfSSL	0:9d17e4342598	37
wolfSSL	0:9d17e4342598	38	#ifdef __cplusplus
wolfSSL	0:9d17e4342598	39	extern "C" {
wolfSSL	0:9d17e4342598	40	#endif
wolfSSL	0:9d17e4342598	41
wolfSSL	0:9d17e4342598	42
wolfSSL	0:9d17e4342598	43	enum {
wolfSSL	0:9d17e4342598	44	ISSUER = 0,
wolfSSL	0:9d17e4342598	45	SUBJECT = 1,
wolfSSL	0:9d17e4342598	46
wolfSSL	0:9d17e4342598	47	EXTERNAL_SERIAL_SIZE = 32,
wolfSSL	0:9d17e4342598	48
wolfSSL	0:9d17e4342598	49	BEFORE = 0,
wolfSSL	0:9d17e4342598	50	AFTER = 1
wolfSSL	0:9d17e4342598	51	};
wolfSSL	0:9d17e4342598	52
wolfSSL	0:9d17e4342598	53	/* ASN Tags */
wolfSSL	0:9d17e4342598	54	enum ASN_Tags {
wolfSSL	0:9d17e4342598	55	ASN_BOOLEAN = 0x01,
wolfSSL	0:9d17e4342598	56	ASN_INTEGER = 0x02,
wolfSSL	0:9d17e4342598	57	ASN_BIT_STRING = 0x03,
wolfSSL	0:9d17e4342598	58	ASN_OCTET_STRING = 0x04,
wolfSSL	0:9d17e4342598	59	ASN_TAG_NULL = 0x05,
wolfSSL	0:9d17e4342598	60	ASN_OBJECT_ID = 0x06,
wolfSSL	0:9d17e4342598	61	ASN_ENUMERATED = 0x0a,
wolfSSL	0:9d17e4342598	62	ASN_UTF8STRING = 0x0c,
wolfSSL	0:9d17e4342598	63	ASN_SEQUENCE = 0x10,
wolfSSL	0:9d17e4342598	64	ASN_SET = 0x11,
wolfSSL	0:9d17e4342598	65	ASN_UTC_TIME = 0x17,
wolfSSL	0:9d17e4342598	66	ASN_OTHER_TYPE = 0x00,
wolfSSL	0:9d17e4342598	67	ASN_DNS_TYPE = 0x02,
wolfSSL	0:9d17e4342598	68	ASN_GENERALIZED_TIME = 0x18,
wolfSSL	0:9d17e4342598	69	CRL_EXTENSIONS = 0xa0,
wolfSSL	0:9d17e4342598	70	ASN_EXTENSIONS = 0xa3,
wolfSSL	0:9d17e4342598	71	ASN_LONG_LENGTH = 0x80
wolfSSL	0:9d17e4342598	72	};
wolfSSL	0:9d17e4342598	73
wolfSSL	0:9d17e4342598	74	enum ASN_Flags{
wolfSSL	0:9d17e4342598	75	ASN_CONSTRUCTED = 0x20,
wolfSSL	0:9d17e4342598	76	ASN_CONTEXT_SPECIFIC = 0x80
wolfSSL	0:9d17e4342598	77	};
wolfSSL	0:9d17e4342598	78
wolfSSL	0:9d17e4342598	79	enum DN_Tags {
wolfSSL	0:9d17e4342598	80	ASN_COMMON_NAME = 0x03, /* CN */
wolfSSL	0:9d17e4342598	81	ASN_SUR_NAME = 0x04, /* SN */
wolfSSL	0:9d17e4342598	82	ASN_SERIAL_NUMBER = 0x05, /* serialNumber */
wolfSSL	0:9d17e4342598	83	ASN_COUNTRY_NAME = 0x06, /* C */
wolfSSL	0:9d17e4342598	84	ASN_LOCALITY_NAME = 0x07, /* L */
wolfSSL	0:9d17e4342598	85	ASN_STATE_NAME = 0x08, /* ST */
wolfSSL	0:9d17e4342598	86	ASN_ORG_NAME = 0x0a, /* O */
wolfSSL	0:9d17e4342598	87	ASN_ORGUNIT_NAME = 0x0b /* OU */
wolfSSL	0:9d17e4342598	88	};
wolfSSL	0:9d17e4342598	89
wolfSSL	0:9d17e4342598	90	enum PBES {
wolfSSL	0:9d17e4342598	91	PBE_MD5_DES = 0,
wolfSSL	0:9d17e4342598	92	PBE_SHA1_DES = 1,
wolfSSL	0:9d17e4342598	93	PBE_SHA1_DES3 = 2,
wolfSSL	0:9d17e4342598	94	PBE_SHA1_RC4_128 = 3,
wolfSSL	0:9d17e4342598	95	PBES2 = 13 /* algo ID */
wolfSSL	0:9d17e4342598	96	};
wolfSSL	0:9d17e4342598	97
wolfSSL	0:9d17e4342598	98	enum ENCRYPTION_TYPES {
wolfSSL	0:9d17e4342598	99	DES_TYPE = 0,
wolfSSL	0:9d17e4342598	100	DES3_TYPE = 1,
wolfSSL	0:9d17e4342598	101	RC4_TYPE = 2
wolfSSL	0:9d17e4342598	102	};
wolfSSL	0:9d17e4342598	103
wolfSSL	0:9d17e4342598	104	enum ECC_TYPES {
wolfSSL	0:9d17e4342598	105	ECC_PREFIX_0 = 160,
wolfSSL	0:9d17e4342598	106	ECC_PREFIX_1 = 161
wolfSSL	0:9d17e4342598	107	};
wolfSSL	0:9d17e4342598	108
wolfSSL	0:9d17e4342598	109	enum Misc_ASN {
wolfSSL	0:9d17e4342598	110	ASN_NAME_MAX = 256,
wolfSSL	0:9d17e4342598	111	MAX_SALT_SIZE = 64, /* MAX PKCS Salt length */
wolfSSL	0:9d17e4342598	112	MAX_IV_SIZE = 64, /* MAX PKCS Iv length */
wolfSSL	0:9d17e4342598	113	MAX_KEY_SIZE = 64, /* MAX PKCS Key length */
wolfSSL	0:9d17e4342598	114	PKCS5 = 5, /* PKCS oid tag */
wolfSSL	0:9d17e4342598	115	PKCS5v2 = 6, /* PKCS #5 v2.0 */
wolfSSL	0:9d17e4342598	116	PKCS12 = 12, /* PKCS #12 */
wolfSSL	0:9d17e4342598	117	MAX_UNICODE_SZ = 256,
wolfSSL	0:9d17e4342598	118	ASN_BOOL_SIZE = 2, /* including type */
wolfSSL	0:9d17e4342598	119	SHA_SIZE = 20,
wolfSSL	0:9d17e4342598	120	RSA_INTS = 8, /* RSA ints in private key */
wolfSSL	0:9d17e4342598	121	MIN_DATE_SIZE = 13,
wolfSSL	0:9d17e4342598	122	MAX_DATE_SIZE = 32,
wolfSSL	0:9d17e4342598	123	ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */
wolfSSL	0:9d17e4342598	124	MAX_ENCODED_SIG_SZ = 512,
wolfSSL	0:9d17e4342598	125	MAX_SIG_SZ = 256,
wolfSSL	0:9d17e4342598	126	MAX_ALGO_SZ = 20,
wolfSSL	0:9d17e4342598	127	MAX_SEQ_SZ = 5, /* enum(seq \| con) + length(4) */
wolfSSL	0:9d17e4342598	128	MAX_SET_SZ = 5, /* enum(set \| con) + length(4) */
wolfSSL	0:9d17e4342598	129	MAX_OCTET_STR_SZ = 5, /* enum(set \| con) + length(4) */
wolfSSL	0:9d17e4342598	130	MAX_EXP_SZ = 5, /* enum(contextspec\|con\|exp) + length(4) */
wolfSSL	0:9d17e4342598	131	MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
wolfSSL	0:9d17e4342598	132	MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
wolfSSL	0:9d17e4342598	133	MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */
wolfSSL	0:9d17e4342598	134	MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
wolfSSL	0:9d17e4342598	135	MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */
wolfSSL	0:9d17e4342598	136	MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */
wolfSSL	0:9d17e4342598	137	MAX_LENGTH_SZ = 4, /* Max length size for DER encoding */
wolfSSL	0:9d17e4342598	138	MAX_RSA_E_SZ = 16, /* Max RSA public e size */
wolfSSL	0:9d17e4342598	139	MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
wolfSSL	0:9d17e4342598	140	MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */
wolfSSL	0:9d17e4342598	141	#ifdef CYASSL_CERT_GEN
wolfSSL	0:9d17e4342598	142	#ifdef CYASSL_CERT_REQ
wolfSSL	0:9d17e4342598	143	/* Max encoded cert req attributes length */
wolfSSL	0:9d17e4342598	144	MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
wolfSSL	0:9d17e4342598	145	MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
wolfSSL	0:9d17e4342598	146	#endif
wolfSSL	0:9d17e4342598	147	#ifdef CYASSL_ALT_NAMES
wolfSSL	0:9d17e4342598	148	MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
wolfSSL	0:9d17e4342598	149	#else
wolfSSL	0:9d17e4342598	150	MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + MAX_CA_SZ,
wolfSSL	0:9d17e4342598	151	#endif
wolfSSL	0:9d17e4342598	152	/* Max total extensions, id + len + others */
wolfSSL	0:9d17e4342598	153	#endif
wolfSSL	0:9d17e4342598	154	MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
wolfSSL	0:9d17e4342598	155	MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */
wolfSSL	0:9d17e4342598	156	EIGHTK_BUF = 8192, /* Tmp buffer size */
wolfSSL	0:9d17e4342598	157	MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2
wolfSSL	0:9d17e4342598	158	/* use bigger NTRU size */
wolfSSL	0:9d17e4342598	159	};
wolfSSL	0:9d17e4342598	160
wolfSSL	0:9d17e4342598	161
wolfSSL	0:9d17e4342598	162	enum Oid_Types {
wolfSSL	0:9d17e4342598	163	hashType = 0,
wolfSSL	0:9d17e4342598	164	sigType = 1,
wolfSSL	0:9d17e4342598	165	keyType = 2,
wolfSSL	0:9d17e4342598	166	curveType = 3,
wolfSSL	0:9d17e4342598	167	blkType = 4
wolfSSL	0:9d17e4342598	168	};
wolfSSL	0:9d17e4342598	169
wolfSSL	0:9d17e4342598	170
wolfSSL	0:9d17e4342598	171	enum Hash_Sum {
wolfSSL	0:9d17e4342598	172	MD2h = 646,
wolfSSL	0:9d17e4342598	173	MD5h = 649,
wolfSSL	0:9d17e4342598	174	SHAh = 88,
wolfSSL	0:9d17e4342598	175	SHA256h = 414,
wolfSSL	0:9d17e4342598	176	SHA384h = 415,
wolfSSL	0:9d17e4342598	177	SHA512h = 416
wolfSSL	0:9d17e4342598	178	};
wolfSSL	0:9d17e4342598	179
wolfSSL	0:9d17e4342598	180
wolfSSL	0:9d17e4342598	181	enum Block_Sum {
wolfSSL	0:9d17e4342598	182	DESb = 69,
wolfSSL	0:9d17e4342598	183	DES3b = 652
wolfSSL	0:9d17e4342598	184	};
wolfSSL	0:9d17e4342598	185
wolfSSL	0:9d17e4342598	186
wolfSSL	0:9d17e4342598	187	enum Key_Sum {
wolfSSL	0:9d17e4342598	188	DSAk = 515,
wolfSSL	0:9d17e4342598	189	RSAk = 645,
wolfSSL	0:9d17e4342598	190	NTRUk = 364,
wolfSSL	0:9d17e4342598	191	ECDSAk = 518
wolfSSL	0:9d17e4342598	192	};
wolfSSL	0:9d17e4342598	193
wolfSSL	0:9d17e4342598	194
wolfSSL	0:9d17e4342598	195	enum Ecc_Sum {
wolfSSL	0:9d17e4342598	196	ECC_256R1 = 526,
wolfSSL	0:9d17e4342598	197	ECC_384R1 = 210,
wolfSSL	0:9d17e4342598	198	ECC_521R1 = 211,
wolfSSL	0:9d17e4342598	199	ECC_160R1 = 184,
wolfSSL	0:9d17e4342598	200	ECC_192R1 = 520,
wolfSSL	0:9d17e4342598	201	ECC_224R1 = 209
wolfSSL	0:9d17e4342598	202	};
wolfSSL	0:9d17e4342598	203
wolfSSL	0:9d17e4342598	204
wolfSSL	0:9d17e4342598	205	enum KDF_Sum {
wolfSSL	0:9d17e4342598	206	PBKDF2_OID = 660
wolfSSL	0:9d17e4342598	207	};
wolfSSL	0:9d17e4342598	208
wolfSSL	0:9d17e4342598	209
wolfSSL	0:9d17e4342598	210	enum Extensions_Sum {
wolfSSL	0:9d17e4342598	211	BASIC_CA_OID = 133,
wolfSSL	0:9d17e4342598	212	ALT_NAMES_OID = 131,
wolfSSL	0:9d17e4342598	213	CRL_DIST_OID = 145,
wolfSSL	0:9d17e4342598	214	AUTH_INFO_OID = 69,
wolfSSL	0:9d17e4342598	215	CA_ISSUER_OID = 117,
wolfSSL	0:9d17e4342598	216	AUTH_KEY_OID = 149,
wolfSSL	0:9d17e4342598	217	SUBJ_KEY_OID = 128,
wolfSSL	0:9d17e4342598	218	CERT_POLICY_OID = 146,
wolfSSL	0:9d17e4342598	219	KEY_USAGE_OID = 129, /* 2.5.29.15 */
wolfSSL	0:9d17e4342598	220	INHIBIT_ANY_OID = 168, /* 2.5.29.54 */
wolfSSL	0:9d17e4342598	221	EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */
wolfSSL	0:9d17e4342598	222	};
wolfSSL	0:9d17e4342598	223
wolfSSL	0:9d17e4342598	224	enum CertificatePolicy_Sum {
wolfSSL	0:9d17e4342598	225	CP_ANY_OID = 146 /* id-ce 32 0 */
wolfSSL	0:9d17e4342598	226	};
wolfSSL	0:9d17e4342598	227
wolfSSL	0:9d17e4342598	228	enum SepHardwareName_Sum {
wolfSSL	0:9d17e4342598	229	HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/
wolfSSL	0:9d17e4342598	230	};
wolfSSL	0:9d17e4342598	231
wolfSSL	0:9d17e4342598	232	enum AuthInfo_Sum {
wolfSSL	0:9d17e4342598	233	AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1 */
wolfSSL	0:9d17e4342598	234	AIA_CA_ISSUER_OID = 117 /* 1.3.6.1.5.5.7.48.2 */
wolfSSL	0:9d17e4342598	235	};
wolfSSL	0:9d17e4342598	236
wolfSSL	0:9d17e4342598	237	enum ExtKeyUsage_Sum { /* From RFC 5280 */
wolfSSL	0:9d17e4342598	238	EKU_ANY_OID = 151, /* 2.5.29.37.0, anyExtendedKeyUsage */
wolfSSL	0:9d17e4342598	239	EKU_SERVER_AUTH_OID = 71, /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth */
wolfSSL	0:9d17e4342598	240	EKU_CLIENT_AUTH_OID = 72, /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth */
wolfSSL	0:9d17e4342598	241	EKU_OCSP_SIGN_OID = 79, /* 1.3.6.1.5.5.7.3.9, OCSPSigning */
wolfSSL	0:9d17e4342598	242	};
wolfSSL	0:9d17e4342598	243
wolfSSL	0:9d17e4342598	244
wolfSSL	0:9d17e4342598	245	enum VerifyType {
wolfSSL	0:9d17e4342598	246	NO_VERIFY = 0,
wolfSSL	0:9d17e4342598	247	VERIFY = 1
wolfSSL	0:9d17e4342598	248	};
wolfSSL	0:9d17e4342598	249
wolfSSL	0:9d17e4342598	250
wolfSSL	0:9d17e4342598	251	/* Key usage extension bits */
wolfSSL	0:9d17e4342598	252	#define KEYUSE_DIGITAL_SIG 0x0100
wolfSSL	0:9d17e4342598	253	#define KEYUSE_CONTENT_COMMIT 0x0080
wolfSSL	0:9d17e4342598	254	#define KEYUSE_KEY_ENCIPHER 0x0040
wolfSSL	0:9d17e4342598	255	#define KEYUSE_DATA_ENCIPHER 0x0020
wolfSSL	0:9d17e4342598	256	#define KEYUSE_KEY_AGREE 0x0010
wolfSSL	0:9d17e4342598	257	#define KEYUSE_KEY_CERT_SIGN 0x0008
wolfSSL	0:9d17e4342598	258	#define KEYUSE_CRL_SIGN 0x0004
wolfSSL	0:9d17e4342598	259	#define KEYUSE_ENCIPHER_ONLY 0x0002
wolfSSL	0:9d17e4342598	260	#define KEYUSE_DECIPHER_ONLY 0x0001
wolfSSL	0:9d17e4342598	261
wolfSSL	0:9d17e4342598	262	#define EXTKEYUSE_ANY 0x08
wolfSSL	0:9d17e4342598	263	#define EXTKEYUSE_OCSP_SIGN 0x04
wolfSSL	0:9d17e4342598	264	#define EXTKEYUSE_CLIENT_AUTH 0x02
wolfSSL	0:9d17e4342598	265	#define EXTKEYUSE_SERVER_AUTH 0x01
wolfSSL	0:9d17e4342598	266
wolfSSL	0:9d17e4342598	267	typedef struct DNS_entry DNS_entry;
wolfSSL	0:9d17e4342598	268
wolfSSL	0:9d17e4342598	269	struct DNS_entry {
wolfSSL	0:9d17e4342598	270	DNS_entry* next; /* next on DNS list */
wolfSSL	0:9d17e4342598	271	char* name; /* actual DNS name */
wolfSSL	0:9d17e4342598	272	};
wolfSSL	0:9d17e4342598	273
wolfSSL	0:9d17e4342598	274
wolfSSL	0:9d17e4342598	275	struct DecodedName {
wolfSSL	0:9d17e4342598	276	char* fullName;
wolfSSL	0:9d17e4342598	277	int fullNameLen;
wolfSSL	0:9d17e4342598	278	int entryCount;
wolfSSL	0:9d17e4342598	279	int cnIdx;
wolfSSL	0:9d17e4342598	280	int cnLen;
wolfSSL	0:9d17e4342598	281	int snIdx;
wolfSSL	0:9d17e4342598	282	int snLen;
wolfSSL	0:9d17e4342598	283	int cIdx;
wolfSSL	0:9d17e4342598	284	int cLen;
wolfSSL	0:9d17e4342598	285	int lIdx;
wolfSSL	0:9d17e4342598	286	int lLen;
wolfSSL	0:9d17e4342598	287	int stIdx;
wolfSSL	0:9d17e4342598	288	int stLen;
wolfSSL	0:9d17e4342598	289	int oIdx;
wolfSSL	0:9d17e4342598	290	int oLen;
wolfSSL	0:9d17e4342598	291	int ouIdx;
wolfSSL	0:9d17e4342598	292	int ouLen;
wolfSSL	0:9d17e4342598	293	int emailIdx;
wolfSSL	0:9d17e4342598	294	int emailLen;
wolfSSL	0:9d17e4342598	295	int uidIdx;
wolfSSL	0:9d17e4342598	296	int uidLen;
wolfSSL	0:9d17e4342598	297	int serialIdx;
wolfSSL	0:9d17e4342598	298	int serialLen;
wolfSSL	0:9d17e4342598	299	};
wolfSSL	0:9d17e4342598	300
wolfSSL	0:9d17e4342598	301
wolfSSL	0:9d17e4342598	302	typedef struct DecodedCert DecodedCert;
wolfSSL	0:9d17e4342598	303	typedef struct DecodedName DecodedName;
wolfSSL	0:9d17e4342598	304	typedef struct Signer Signer;
wolfSSL	0:9d17e4342598	305
wolfSSL	0:9d17e4342598	306
wolfSSL	0:9d17e4342598	307	struct DecodedCert {
wolfSSL	0:9d17e4342598	308	byte* publicKey;
wolfSSL	0:9d17e4342598	309	word32 pubKeySize;
wolfSSL	0:9d17e4342598	310	int pubKeyStored;
wolfSSL	0:9d17e4342598	311	word32 certBegin; /* offset to start of cert */
wolfSSL	0:9d17e4342598	312	word32 sigIndex; /* offset to start of signature */
wolfSSL	0:9d17e4342598	313	word32 sigLength; /* length of signature */
wolfSSL	0:9d17e4342598	314	word32 signatureOID; /* sum of algorithm object id */
wolfSSL	0:9d17e4342598	315	word32 keyOID; /* sum of key algo object id */
wolfSSL	0:9d17e4342598	316	int version; /* cert version, 1 or 3 */
wolfSSL	0:9d17e4342598	317	DNS_entry* altNames; /* alt names list of dns entries */
wolfSSL	0:9d17e4342598	318	byte subjectHash[SHA_SIZE]; /* hash of all Names */
wolfSSL	0:9d17e4342598	319	byte issuerHash[SHA_SIZE]; /* hash of all Names */
wolfSSL	0:9d17e4342598	320	#ifdef HAVE_OCSP
wolfSSL	0:9d17e4342598	321	byte issuerKeyHash[SHA_SIZE]; /* hash of the public Key */
wolfSSL	0:9d17e4342598	322	#endif /* HAVE_OCSP */
wolfSSL	0:9d17e4342598	323	byte* signature; /* not owned, points into raw cert */
wolfSSL	0:9d17e4342598	324	char* subjectCN; /* CommonName */
wolfSSL	0:9d17e4342598	325	int subjectCNLen;
wolfSSL	0:9d17e4342598	326	int subjectCNStored; /* have we saved a copy we own */
wolfSSL	0:9d17e4342598	327	char issuer[ASN_NAME_MAX]; /* full name including common name */
wolfSSL	0:9d17e4342598	328	char subject[ASN_NAME_MAX]; /* full name including common name */
wolfSSL	0:9d17e4342598	329	int verify; /* Default to yes, but could be off */
wolfSSL	0:9d17e4342598	330	byte* source; /* byte buffer holder cert, NOT owner */
wolfSSL	0:9d17e4342598	331	word32 srcIdx; /* current offset into buffer */
wolfSSL	0:9d17e4342598	332	word32 maxIdx; /* max offset based on init size */
wolfSSL	0:9d17e4342598	333	void* heap; /* for user memory overrides */
wolfSSL	0:9d17e4342598	334	byte serial[EXTERNAL_SERIAL_SIZE]; /* raw serial number */
wolfSSL	0:9d17e4342598	335	int serialSz; /* raw serial bytes stored */
wolfSSL	0:9d17e4342598	336	byte* extensions; /* not owned, points into raw cert */
wolfSSL	0:9d17e4342598	337	int extensionsSz; /* length of cert extensions */
wolfSSL	0:9d17e4342598	338	word32 extensionsIdx; /* if want to go back and parse later */
wolfSSL	0:9d17e4342598	339	byte* extAuthInfo; /* Authority Information Access URI */
wolfSSL	0:9d17e4342598	340	int extAuthInfoSz; /* length of the URI */
wolfSSL	0:9d17e4342598	341	byte* extCrlInfo; /* CRL Distribution Points */
wolfSSL	0:9d17e4342598	342	int extCrlInfoSz; /* length of the URI */
wolfSSL	0:9d17e4342598	343	byte extSubjKeyId[SHA_SIZE]; /* Subject Key ID */
wolfSSL	0:9d17e4342598	344	byte extSubjKeyIdSet; /* Set when the SKID was read from cert */
wolfSSL	0:9d17e4342598	345	byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */
wolfSSL	0:9d17e4342598	346	byte extAuthKeyIdSet; /* Set when the AKID was read from cert */
wolfSSL	0:9d17e4342598	347	byte isCA; /* CA basic constraint true */
wolfSSL	0:9d17e4342598	348	byte extKeyUsageSet;
wolfSSL	0:9d17e4342598	349	word16 extKeyUsage; /* Key usage bitfield */
wolfSSL	0:9d17e4342598	350	byte extExtKeyUsageSet; /* Extended Key Usage */
wolfSSL	0:9d17e4342598	351	byte extExtKeyUsage; /* Extended Key usage bitfield */
wolfSSL	0:9d17e4342598	352	#ifdef OPENSSL_EXTRA
wolfSSL	0:9d17e4342598	353	byte extBasicConstSet;
wolfSSL	0:9d17e4342598	354	byte extBasicConstCrit;
wolfSSL	0:9d17e4342598	355	byte extBasicConstPlSet;
wolfSSL	0:9d17e4342598	356	word32 pathLength; /* CA basic constraint path length, opt */
wolfSSL	0:9d17e4342598	357	byte extSubjAltNameSet;
wolfSSL	0:9d17e4342598	358	byte extSubjAltNameCrit;
wolfSSL	0:9d17e4342598	359	byte extAuthKeyIdCrit;
wolfSSL	0:9d17e4342598	360	byte extSubjKeyIdCrit;
wolfSSL	0:9d17e4342598	361	byte extKeyUsageCrit;
wolfSSL	0:9d17e4342598	362	byte extExtKeyUsageCrit;
wolfSSL	0:9d17e4342598	363	byte* extExtKeyUsageSrc;
wolfSSL	0:9d17e4342598	364	word32 extExtKeyUsageSz;
wolfSSL	0:9d17e4342598	365	word32 extExtKeyUsageCount;
wolfSSL	0:9d17e4342598	366	byte* extAuthKeyIdSrc;
wolfSSL	0:9d17e4342598	367	word32 extAuthKeyIdSz;
wolfSSL	0:9d17e4342598	368	byte* extSubjKeyIdSrc;
wolfSSL	0:9d17e4342598	369	word32 extSubjKeyIdSz;
wolfSSL	0:9d17e4342598	370	#endif
wolfSSL	0:9d17e4342598	371	#ifdef HAVE_ECC
wolfSSL	0:9d17e4342598	372	word32 pkCurveOID; /* Public Key's curve OID */
wolfSSL	0:9d17e4342598	373	#endif /* HAVE_ECC */
wolfSSL	0:9d17e4342598	374	byte* beforeDate;
wolfSSL	0:9d17e4342598	375	int beforeDateLen;
wolfSSL	0:9d17e4342598	376	byte* afterDate;
wolfSSL	0:9d17e4342598	377	int afterDateLen;
wolfSSL	0:9d17e4342598	378	#ifdef HAVE_PKCS7
wolfSSL	0:9d17e4342598	379	byte* issuerRaw; /* pointer to issuer inside source */
wolfSSL	0:9d17e4342598	380	int issuerRawLen;
wolfSSL	0:9d17e4342598	381	#endif
wolfSSL	0:9d17e4342598	382	#if defined(CYASSL_CERT_GEN)
wolfSSL	0:9d17e4342598	383	/* easy access to subject info for other sign */
wolfSSL	0:9d17e4342598	384	char* subjectSN;
wolfSSL	0:9d17e4342598	385	int subjectSNLen;
wolfSSL	0:9d17e4342598	386	char* subjectC;
wolfSSL	0:9d17e4342598	387	int subjectCLen;
wolfSSL	0:9d17e4342598	388	char* subjectL;
wolfSSL	0:9d17e4342598	389	int subjectLLen;
wolfSSL	0:9d17e4342598	390	char* subjectST;
wolfSSL	0:9d17e4342598	391	int subjectSTLen;
wolfSSL	0:9d17e4342598	392	char* subjectO;
wolfSSL	0:9d17e4342598	393	int subjectOLen;
wolfSSL	0:9d17e4342598	394	char* subjectOU;
wolfSSL	0:9d17e4342598	395	int subjectOULen;
wolfSSL	0:9d17e4342598	396	char* subjectEmail;
wolfSSL	0:9d17e4342598	397	int subjectEmailLen;
wolfSSL	0:9d17e4342598	398	#endif /* CYASSL_CERT_GEN */
wolfSSL	0:9d17e4342598	399	#ifdef OPENSSL_EXTRA
wolfSSL	0:9d17e4342598	400	DecodedName issuerName;
wolfSSL	0:9d17e4342598	401	DecodedName subjectName;
wolfSSL	0:9d17e4342598	402	#endif /* OPENSSL_EXTRA */
wolfSSL	0:9d17e4342598	403	#ifdef CYASSL_SEP
wolfSSL	0:9d17e4342598	404	int deviceTypeSz;
wolfSSL	0:9d17e4342598	405	byte* deviceType;
wolfSSL	0:9d17e4342598	406	int hwTypeSz;
wolfSSL	0:9d17e4342598	407	byte* hwType;
wolfSSL	0:9d17e4342598	408	int hwSerialNumSz;
wolfSSL	0:9d17e4342598	409	byte* hwSerialNum;
wolfSSL	0:9d17e4342598	410	#ifdef OPENSSL_EXTRA
wolfSSL	0:9d17e4342598	411	byte extCertPolicySet;
wolfSSL	0:9d17e4342598	412	byte extCertPolicyCrit;
wolfSSL	0:9d17e4342598	413	#endif /* OPENSSL_EXTRA */
wolfSSL	0:9d17e4342598	414	#endif /* CYASSL_SEP */
wolfSSL	0:9d17e4342598	415	};
wolfSSL	0:9d17e4342598	416
wolfSSL	0:9d17e4342598	417
wolfSSL	0:9d17e4342598	418	#ifdef SHA_DIGEST_SIZE
wolfSSL	0:9d17e4342598	419	#define SIGNER_DIGEST_SIZE SHA_DIGEST_SIZE
wolfSSL	0:9d17e4342598	420	#else
wolfSSL	0:9d17e4342598	421	#define SIGNER_DIGEST_SIZE 20
wolfSSL	0:9d17e4342598	422	#endif
wolfSSL	0:9d17e4342598	423
wolfSSL	0:9d17e4342598	424	/* CA Signers */
wolfSSL	0:9d17e4342598	425	/* if change layout change PERSIST_CERT_CACHE functions too */
wolfSSL	0:9d17e4342598	426	struct Signer {
wolfSSL	0:9d17e4342598	427	word32 pubKeySize;
wolfSSL	0:9d17e4342598	428	word32 keyOID; /* key type */
wolfSSL	0:9d17e4342598	429	byte* publicKey;
wolfSSL	0:9d17e4342598	430	int nameLen;
wolfSSL	0:9d17e4342598	431	char* name; /* common name */
wolfSSL	0:9d17e4342598	432	byte subjectNameHash[SIGNER_DIGEST_SIZE];
wolfSSL	0:9d17e4342598	433	/* sha hash of names in certificate */
wolfSSL	0:9d17e4342598	434	#ifndef NO_SKID
wolfSSL	0:9d17e4342598	435	byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
wolfSSL	0:9d17e4342598	436	/* sha hash of names in certificate */
wolfSSL	0:9d17e4342598	437	#endif
wolfSSL	0:9d17e4342598	438	Signer* next;
wolfSSL	0:9d17e4342598	439	};
wolfSSL	0:9d17e4342598	440
wolfSSL	0:9d17e4342598	441
wolfSSL	0:9d17e4342598	442	/* not for public consumption but may use for testing sometimes */
wolfSSL	0:9d17e4342598	443	#ifdef CYASSL_TEST_CERT
wolfSSL	0:9d17e4342598	444	#define CYASSL_TEST_API CYASSL_API
wolfSSL	0:9d17e4342598	445	#else
wolfSSL	0:9d17e4342598	446	#define CYASSL_TEST_API CYASSL_LOCAL
wolfSSL	0:9d17e4342598	447	#endif
wolfSSL	0:9d17e4342598	448
wolfSSL	0:9d17e4342598	449	CYASSL_TEST_API void FreeAltNames(DNS_entry, void);
wolfSSL	0:9d17e4342598	450	CYASSL_TEST_API void InitDecodedCert(DecodedCert, byte, word32, void*);
wolfSSL	0:9d17e4342598	451	CYASSL_TEST_API void FreeDecodedCert(DecodedCert*);
wolfSSL	0:9d17e4342598	452	CYASSL_TEST_API int ParseCert(DecodedCert, int type, int verify, void cm);
wolfSSL	0:9d17e4342598	453
wolfSSL	0:9d17e4342598	454	CYASSL_LOCAL int ParseCertRelative(DecodedCert, int type, int verify,void cm);
wolfSSL	0:9d17e4342598	455	CYASSL_LOCAL int DecodeToKey(DecodedCert*, int verify);
wolfSSL	0:9d17e4342598	456
wolfSSL	0:9d17e4342598	457	CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz,
wolfSSL	0:9d17e4342598	458	int hashOID);
wolfSSL	0:9d17e4342598	459
wolfSSL	0:9d17e4342598	460	CYASSL_LOCAL Signer* MakeSigner(void*);
wolfSSL	0:9d17e4342598	461	CYASSL_LOCAL void FreeSigner(Signer, void);
wolfSSL	0:9d17e4342598	462	CYASSL_LOCAL void FreeSignerTable(Signer*, int, void);
wolfSSL	0:9d17e4342598	463
wolfSSL	0:9d17e4342598	464
wolfSSL	0:9d17e4342598	465	CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length);
wolfSSL	0:9d17e4342598	466	CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int);
wolfSSL	0:9d17e4342598	467
wolfSSL	0:9d17e4342598	468	CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType);
wolfSSL	0:9d17e4342598	469
wolfSSL	0:9d17e4342598	470	/* ASN.1 helper functions */
wolfSSL	0:9d17e4342598	471	CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
wolfSSL	0:9d17e4342598	472	word32 maxIdx);
wolfSSL	0:9d17e4342598	473	CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
wolfSSL	0:9d17e4342598	474	word32 maxIdx);
wolfSSL	0:9d17e4342598	475	CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
wolfSSL	0:9d17e4342598	476	word32 maxIdx);
wolfSSL	0:9d17e4342598	477	CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
wolfSSL	0:9d17e4342598	478	int* version);
wolfSSL	0:9d17e4342598	479	CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
wolfSSL	0:9d17e4342598	480	word32 maxIdx);
wolfSSL	0:9d17e4342598	481	CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
wolfSSL	0:9d17e4342598	482	word32 maxIdx);
wolfSSL	0:9d17e4342598	483	CYASSL_LOCAL word32 SetLength(word32 length, byte* output);
wolfSSL	0:9d17e4342598	484	CYASSL_LOCAL word32 SetSequence(word32 len, byte* output);
wolfSSL	0:9d17e4342598	485	CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output);
wolfSSL	0:9d17e4342598	486	CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output);
wolfSSL	0:9d17e4342598	487	CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
wolfSSL	0:9d17e4342598	488	CYASSL_LOCAL word32 SetSet(word32 len, byte* output);
wolfSSL	0:9d17e4342598	489	CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz);
wolfSSL	0:9d17e4342598	490	CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
wolfSSL	0:9d17e4342598	491	CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output);
wolfSSL	0:9d17e4342598	492	CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
wolfSSL	0:9d17e4342598	493	int maxIdx);
wolfSSL	0:9d17e4342598	494
wolfSSL	0:9d17e4342598	495	#ifdef HAVE_ECC
wolfSSL	0:9d17e4342598	496	/* ASN sig helpers */
wolfSSL	0:9d17e4342598	497	CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
wolfSSL	0:9d17e4342598	498	mp_int* s);
wolfSSL	0:9d17e4342598	499	CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
wolfSSL	0:9d17e4342598	500	mp_int* r, mp_int* s);
wolfSSL	0:9d17e4342598	501	#endif
wolfSSL	0:9d17e4342598	502
wolfSSL	0:9d17e4342598	503	#ifdef CYASSL_CERT_GEN
wolfSSL	0:9d17e4342598	504
wolfSSL	0:9d17e4342598	505	enum cert_enums {
wolfSSL	0:9d17e4342598	506	NAME_ENTRIES = 8,
wolfSSL	0:9d17e4342598	507	JOINT_LEN = 2,
wolfSSL	0:9d17e4342598	508	EMAIL_JOINT_LEN = 9,
wolfSSL	0:9d17e4342598	509	RSA_KEY = 10,
wolfSSL	0:9d17e4342598	510	NTRU_KEY = 11,
wolfSSL	0:9d17e4342598	511	ECC_KEY = 12
wolfSSL	0:9d17e4342598	512	};
wolfSSL	0:9d17e4342598	513
wolfSSL	0:9d17e4342598	514
wolfSSL	0:9d17e4342598	515	#endif /* CYASSL_CERT_GEN */
wolfSSL	0:9d17e4342598	516
wolfSSL	0:9d17e4342598	517
wolfSSL	0:9d17e4342598	518
wolfSSL	0:9d17e4342598	519	/* for pointer use */
wolfSSL	0:9d17e4342598	520	typedef struct CertStatus CertStatus;
wolfSSL	0:9d17e4342598	521
wolfSSL	0:9d17e4342598	522	#ifdef HAVE_OCSP
wolfSSL	0:9d17e4342598	523
wolfSSL	0:9d17e4342598	524	enum Ocsp_Response_Status {
wolfSSL	0:9d17e4342598	525	OCSP_SUCCESSFUL = 0, /* Response has valid confirmations */
wolfSSL	0:9d17e4342598	526	OCSP_MALFORMED_REQUEST = 1, /* Illegal confirmation request */
wolfSSL	0:9d17e4342598	527	OCSP_INTERNAL_ERROR = 2, /* Internal error in issuer */
wolfSSL	0:9d17e4342598	528	OCSP_TRY_LATER = 3, /* Try again later */
wolfSSL	0:9d17e4342598	529	OCSP_SIG_REQUIRED = 5, /* Must sign the request (4 is skipped) */
wolfSSL	0:9d17e4342598	530	OCSP_UNAUTHROIZED = 6 /* Request unauthorized */
wolfSSL	0:9d17e4342598	531	};
wolfSSL	0:9d17e4342598	532
wolfSSL	0:9d17e4342598	533
wolfSSL	0:9d17e4342598	534	enum Ocsp_Cert_Status {
wolfSSL	0:9d17e4342598	535	CERT_GOOD = 0,
wolfSSL	0:9d17e4342598	536	CERT_REVOKED = 1,
wolfSSL	0:9d17e4342598	537	CERT_UNKNOWN = 2
wolfSSL	0:9d17e4342598	538	};
wolfSSL	0:9d17e4342598	539
wolfSSL	0:9d17e4342598	540
wolfSSL	0:9d17e4342598	541	enum Ocsp_Sums {
wolfSSL	0:9d17e4342598	542	OCSP_BASIC_OID = 117,
wolfSSL	0:9d17e4342598	543	OCSP_NONCE_OID = 118
wolfSSL	0:9d17e4342598	544	};
wolfSSL	0:9d17e4342598	545
wolfSSL	0:9d17e4342598	546
wolfSSL	0:9d17e4342598	547	typedef struct OcspRequest OcspRequest;
wolfSSL	0:9d17e4342598	548	typedef struct OcspResponse OcspResponse;
wolfSSL	0:9d17e4342598	549
wolfSSL	0:9d17e4342598	550
wolfSSL	0:9d17e4342598	551	struct CertStatus {
wolfSSL	0:9d17e4342598	552	CertStatus* next;
wolfSSL	0:9d17e4342598	553
wolfSSL	0:9d17e4342598	554	byte serial[EXTERNAL_SERIAL_SIZE];
wolfSSL	0:9d17e4342598	555	int serialSz;
wolfSSL	0:9d17e4342598	556
wolfSSL	0:9d17e4342598	557	int status;
wolfSSL	0:9d17e4342598	558
wolfSSL	0:9d17e4342598	559	byte thisDate[MAX_DATE_SIZE];
wolfSSL	0:9d17e4342598	560	byte nextDate[MAX_DATE_SIZE];
wolfSSL	0:9d17e4342598	561	byte thisDateFormat;
wolfSSL	0:9d17e4342598	562	byte nextDateFormat;
wolfSSL	0:9d17e4342598	563	};
wolfSSL	0:9d17e4342598	564
wolfSSL	0:9d17e4342598	565
wolfSSL	0:9d17e4342598	566	struct OcspResponse {
wolfSSL	0:9d17e4342598	567	int responseStatus; /* return code from Responder */
wolfSSL	0:9d17e4342598	568
wolfSSL	0:9d17e4342598	569	byte* response; /* Pointer to beginning of OCSP Response */
wolfSSL	0:9d17e4342598	570	word32 responseSz; /* length of the OCSP Response */
wolfSSL	0:9d17e4342598	571
wolfSSL	0:9d17e4342598	572	byte producedDate[MAX_DATE_SIZE];
wolfSSL	0:9d17e4342598	573	/* Date at which this response was signed */
wolfSSL	0:9d17e4342598	574	byte producedDateFormat; /* format of the producedDate */
wolfSSL	0:9d17e4342598	575	byte* issuerHash;
wolfSSL	0:9d17e4342598	576	byte* issuerKeyHash;
wolfSSL	0:9d17e4342598	577
wolfSSL	0:9d17e4342598	578	byte* cert;
wolfSSL	0:9d17e4342598	579	word32 certSz;
wolfSSL	0:9d17e4342598	580
wolfSSL	0:9d17e4342598	581	byte* sig; /* Pointer to sig in source */
wolfSSL	0:9d17e4342598	582	word32 sigSz; /* Length in octets for the sig */
wolfSSL	0:9d17e4342598	583	word32 sigOID; /* OID for hash used for sig */
wolfSSL	0:9d17e4342598	584
wolfSSL	0:9d17e4342598	585	CertStatus* status; /* certificate status to fill out */
wolfSSL	0:9d17e4342598	586
wolfSSL	0:9d17e4342598	587	byte* nonce; /* pointer to nonce inside ASN.1 response */
wolfSSL	0:9d17e4342598	588	int nonceSz; /* length of the nonce string */
wolfSSL	0:9d17e4342598	589
wolfSSL	0:9d17e4342598	590	byte* source; /* pointer to source buffer, not owned */
wolfSSL	0:9d17e4342598	591	word32 maxIdx; /* max offset based on init size */
wolfSSL	0:9d17e4342598	592	};
wolfSSL	0:9d17e4342598	593
wolfSSL	0:9d17e4342598	594
wolfSSL	0:9d17e4342598	595	struct OcspRequest {
wolfSSL	0:9d17e4342598	596	DecodedCert* cert;
wolfSSL	0:9d17e4342598	597
wolfSSL	0:9d17e4342598	598	byte useNonce;
wolfSSL	0:9d17e4342598	599	byte nonce[MAX_OCSP_NONCE_SZ];
wolfSSL	0:9d17e4342598	600	int nonceSz;
wolfSSL	0:9d17e4342598	601
wolfSSL	0:9d17e4342598	602	byte* issuerHash; /* pointer to issuerHash in source cert */
wolfSSL	0:9d17e4342598	603	byte* issuerKeyHash; /* pointer to issuerKeyHash in source cert */
wolfSSL	0:9d17e4342598	604	byte* serial; /* pointer to serial number in source cert */
wolfSSL	0:9d17e4342598	605	int serialSz; /* length of the serial number */
wolfSSL	0:9d17e4342598	606
wolfSSL	0:9d17e4342598	607	byte* dest; /* pointer to the destination ASN.1 buffer */
wolfSSL	0:9d17e4342598	608	word32 destSz; /* length of the destination buffer */
wolfSSL	0:9d17e4342598	609	};
wolfSSL	0:9d17e4342598	610
wolfSSL	0:9d17e4342598	611
wolfSSL	0:9d17e4342598	612	CYASSL_LOCAL void InitOcspResponse(OcspResponse, CertStatus, byte*, word32);
wolfSSL	0:9d17e4342598	613	CYASSL_LOCAL int OcspResponseDecode(OcspResponse*);
wolfSSL	0:9d17e4342598	614
wolfSSL	0:9d17e4342598	615	CYASSL_LOCAL void InitOcspRequest(OcspRequest, DecodedCert,
wolfSSL	0:9d17e4342598	616	byte, byte*, word32);
wolfSSL	0:9d17e4342598	617	CYASSL_LOCAL int EncodeOcspRequest(OcspRequest*);
wolfSSL	0:9d17e4342598	618
wolfSSL	0:9d17e4342598	619	CYASSL_LOCAL int CompareOcspReqResp(OcspRequest, OcspResponse);
wolfSSL	0:9d17e4342598	620
wolfSSL	0:9d17e4342598	621
wolfSSL	0:9d17e4342598	622	#endif /* HAVE_OCSP */
wolfSSL	0:9d17e4342598	623
wolfSSL	0:9d17e4342598	624
wolfSSL	0:9d17e4342598	625	/* for pointer use */
wolfSSL	0:9d17e4342598	626	typedef struct RevokedCert RevokedCert;
wolfSSL	0:9d17e4342598	627
wolfSSL	0:9d17e4342598	628	#ifdef HAVE_CRL
wolfSSL	0:9d17e4342598	629
wolfSSL	0:9d17e4342598	630	struct RevokedCert {
wolfSSL	0:9d17e4342598	631	byte serialNumber[EXTERNAL_SERIAL_SIZE];
wolfSSL	0:9d17e4342598	632	int serialSz;
wolfSSL	0:9d17e4342598	633	RevokedCert* next;
wolfSSL	0:9d17e4342598	634	};
wolfSSL	0:9d17e4342598	635
wolfSSL	0:9d17e4342598	636	typedef struct DecodedCRL DecodedCRL;
wolfSSL	0:9d17e4342598	637
wolfSSL	0:9d17e4342598	638	struct DecodedCRL {
wolfSSL	0:9d17e4342598	639	word32 certBegin; /* offset to start of cert */
wolfSSL	0:9d17e4342598	640	word32 sigIndex; /* offset to start of signature */
wolfSSL	0:9d17e4342598	641	word32 sigLength; /* length of signature */
wolfSSL	0:9d17e4342598	642	word32 signatureOID; /* sum of algorithm object id */
wolfSSL	0:9d17e4342598	643	byte* signature; /* pointer into raw source, not owned */
wolfSSL	0:9d17e4342598	644	byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */
wolfSSL	0:9d17e4342598	645	byte crlHash[SHA_DIGEST_SIZE]; /* raw crl data hash */
wolfSSL	0:9d17e4342598	646	byte lastDate[MAX_DATE_SIZE]; /* last date updated */
wolfSSL	0:9d17e4342598	647	byte nextDate[MAX_DATE_SIZE]; /* next update date */
wolfSSL	0:9d17e4342598	648	byte lastDateFormat; /* format of last date */
wolfSSL	0:9d17e4342598	649	byte nextDateFormat; /* format of next date */
wolfSSL	0:9d17e4342598	650	RevokedCert* certs; /* revoked cert list */
wolfSSL	0:9d17e4342598	651	int totalCerts; /* number on list */
wolfSSL	0:9d17e4342598	652	};
wolfSSL	0:9d17e4342598	653
wolfSSL	0:9d17e4342598	654	CYASSL_LOCAL void InitDecodedCRL(DecodedCRL*);
wolfSSL	0:9d17e4342598	655	CYASSL_LOCAL int ParseCRL(DecodedCRL, const byte buff, word32 sz, void* cm);
wolfSSL	0:9d17e4342598	656	CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
wolfSSL	0:9d17e4342598	657
wolfSSL	0:9d17e4342598	658
wolfSSL	0:9d17e4342598	659	#endif /* HAVE_CRL */
wolfSSL	0:9d17e4342598	660
wolfSSL	0:9d17e4342598	661
wolfSSL	0:9d17e4342598	662	#ifdef __cplusplus
wolfSSL	0:9d17e4342598	663	} /* extern "C" */
wolfSSL	0:9d17e4342598	664	#endif
wolfSSL	0:9d17e4342598	665
wolfSSL	0:9d17e4342598	666	#endif /* CTAO_CRYPT_ASN_H */
wolfSSL	0:9d17e4342598	667
wolfSSL	0:9d17e4342598	668	#endif /* !NO_ASN */

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	20 Apr 2014
Imports:	21
Forks:	0
Commits:	1
Dependents:	1
Dependencies:	0
Followers:	3

This repository is Public (Unlisted).

cyassl/ctaocrypt/asn.h@0:9d17e4342598, 2014-04-20 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning