wolf SSL
CyaSSL 3.0.0
Dependents: HTTPClient-SSL HTTPClient HTTPClient-SSL http_access ... more
cyassl/ctaocrypt/asn_public.h@3:64d4f7cb83d5, 2014-12-03 (annotated)
- Committer:
- wolfSSL
- Date:
- Wed Dec 03 05:24:18 2014 +0000
- Revision:
- 3:64d4f7cb83d5
- Parent:
- 0:1239e9b70ca2
added IGNORE_KEY_EXTENSIONS
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| wolfSSL | 0:1239e9b70ca2 | 1 | /* asn_public.h |
| wolfSSL | 0:1239e9b70ca2 | 2 | * |
| wolfSSL | 0:1239e9b70ca2 | 3 | * Copyright (C) 2006-2014 wolfSSL Inc. |
| wolfSSL | 0:1239e9b70ca2 | 4 | * |
| wolfSSL | 0:1239e9b70ca2 | 5 | * This file is part of CyaSSL. |
| wolfSSL | 0:1239e9b70ca2 | 6 | * |
| wolfSSL | 0:1239e9b70ca2 | 7 | * CyaSSL is free software; you can redistribute it and/or modify |
| wolfSSL | 0:1239e9b70ca2 | 8 | * it under the terms of the GNU General Public License as published by |
| wolfSSL | 0:1239e9b70ca2 | 9 | * the Free Software Foundation; either version 2 of the License, or |
| wolfSSL | 0:1239e9b70ca2 | 10 | * (at your option) any later version. |
| wolfSSL | 0:1239e9b70ca2 | 11 | * |
| wolfSSL | 0:1239e9b70ca2 | 12 | * CyaSSL is distributed in the hope that it will be useful, |
| wolfSSL | 0:1239e9b70ca2 | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| wolfSSL | 0:1239e9b70ca2 | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| wolfSSL | 0:1239e9b70ca2 | 15 | * GNU General Public License for more details. |
| wolfSSL | 0:1239e9b70ca2 | 16 | * |
| wolfSSL | 0:1239e9b70ca2 | 17 | * You should have received a copy of the GNU General Public License |
| wolfSSL | 0:1239e9b70ca2 | 18 | * along with this program; if not, write to the Free Software |
| wolfSSL | 0:1239e9b70ca2 | 19 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
| wolfSSL | 0:1239e9b70ca2 | 20 | */ |
| wolfSSL | 0:1239e9b70ca2 | 21 | |
| wolfSSL | 0:1239e9b70ca2 | 22 | |
| wolfSSL | 0:1239e9b70ca2 | 23 | #ifndef CTAO_CRYPT_ASN_PUBLIC_H |
| wolfSSL | 0:1239e9b70ca2 | 24 | #define CTAO_CRYPT_ASN_PUBLIC_H |
| wolfSSL | 0:1239e9b70ca2 | 25 | |
| wolfSSL | 0:1239e9b70ca2 | 26 | #include <cyassl/ctaocrypt/types.h> |
| wolfSSL | 0:1239e9b70ca2 | 27 | #include <cyassl/ctaocrypt/ecc.h> |
| wolfSSL | 0:1239e9b70ca2 | 28 | #ifdef CYASSL_CERT_GEN |
| wolfSSL | 0:1239e9b70ca2 | 29 | #include <cyassl/ctaocrypt/rsa.h> |
| wolfSSL | 0:1239e9b70ca2 | 30 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 31 | |
| wolfSSL | 0:1239e9b70ca2 | 32 | |
| wolfSSL | 0:1239e9b70ca2 | 33 | #ifdef __cplusplus |
| wolfSSL | 0:1239e9b70ca2 | 34 | extern "C" { |
| wolfSSL | 0:1239e9b70ca2 | 35 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 36 | |
| wolfSSL | 0:1239e9b70ca2 | 37 | |
| wolfSSL | 0:1239e9b70ca2 | 38 | /* Certificate file Type */ |
| wolfSSL | 0:1239e9b70ca2 | 39 | enum CertType { |
| wolfSSL | 0:1239e9b70ca2 | 40 | CERT_TYPE = 0, |
| wolfSSL | 0:1239e9b70ca2 | 41 | PRIVATEKEY_TYPE, |
| wolfSSL | 0:1239e9b70ca2 | 42 | DH_PARAM_TYPE, |
| wolfSSL | 0:1239e9b70ca2 | 43 | CRL_TYPE, |
| wolfSSL | 0:1239e9b70ca2 | 44 | CA_TYPE, |
| wolfSSL | 0:1239e9b70ca2 | 45 | ECC_PRIVATEKEY_TYPE, |
| wolfSSL | 0:1239e9b70ca2 | 46 | CERTREQ_TYPE |
| wolfSSL | 0:1239e9b70ca2 | 47 | }; |
| wolfSSL | 0:1239e9b70ca2 | 48 | |
| wolfSSL | 0:1239e9b70ca2 | 49 | |
| wolfSSL | 0:1239e9b70ca2 | 50 | /* Signature type, by OID sum */ |
| wolfSSL | 0:1239e9b70ca2 | 51 | enum Ctc_SigType { |
| wolfSSL | 0:1239e9b70ca2 | 52 | CTC_SHAwDSA = 517, |
| wolfSSL | 0:1239e9b70ca2 | 53 | CTC_MD2wRSA = 646, |
| wolfSSL | 0:1239e9b70ca2 | 54 | CTC_MD5wRSA = 648, |
| wolfSSL | 0:1239e9b70ca2 | 55 | CTC_SHAwRSA = 649, |
| wolfSSL | 0:1239e9b70ca2 | 56 | CTC_SHAwECDSA = 520, |
| wolfSSL | 0:1239e9b70ca2 | 57 | CTC_SHA256wRSA = 655, |
| wolfSSL | 0:1239e9b70ca2 | 58 | CTC_SHA256wECDSA = 524, |
| wolfSSL | 0:1239e9b70ca2 | 59 | CTC_SHA384wRSA = 656, |
| wolfSSL | 0:1239e9b70ca2 | 60 | CTC_SHA384wECDSA = 525, |
| wolfSSL | 0:1239e9b70ca2 | 61 | CTC_SHA512wRSA = 657, |
| wolfSSL | 0:1239e9b70ca2 | 62 | CTC_SHA512wECDSA = 526 |
| wolfSSL | 0:1239e9b70ca2 | 63 | }; |
| wolfSSL | 0:1239e9b70ca2 | 64 | |
| wolfSSL | 0:1239e9b70ca2 | 65 | |
| wolfSSL | 0:1239e9b70ca2 | 66 | #ifdef CYASSL_CERT_GEN |
| wolfSSL | 0:1239e9b70ca2 | 67 | |
| wolfSSL | 0:1239e9b70ca2 | 68 | #ifndef HAVE_ECC |
| wolfSSL | 0:1239e9b70ca2 | 69 | typedef struct ecc_key ecc_key; |
| wolfSSL | 0:1239e9b70ca2 | 70 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 71 | |
| wolfSSL | 0:1239e9b70ca2 | 72 | enum Ctc_Misc { |
| wolfSSL | 0:1239e9b70ca2 | 73 | CTC_NAME_SIZE = 64, |
| wolfSSL | 0:1239e9b70ca2 | 74 | CTC_DATE_SIZE = 32, |
| wolfSSL | 0:1239e9b70ca2 | 75 | CTC_MAX_ALT_SIZE = 8192, /* may be huge */ |
| wolfSSL | 0:1239e9b70ca2 | 76 | CTC_SERIAL_SIZE = 8 |
| wolfSSL | 0:1239e9b70ca2 | 77 | }; |
| wolfSSL | 0:1239e9b70ca2 | 78 | |
| wolfSSL | 0:1239e9b70ca2 | 79 | typedef struct CertName { |
| wolfSSL | 0:1239e9b70ca2 | 80 | char country[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 81 | char state[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 82 | char locality[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 83 | char sur[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 84 | char org[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 85 | char unit[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 86 | char commonName[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 87 | char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */ |
| wolfSSL | 0:1239e9b70ca2 | 88 | } CertName; |
| wolfSSL | 0:1239e9b70ca2 | 89 | |
| wolfSSL | 0:1239e9b70ca2 | 90 | |
| wolfSSL | 0:1239e9b70ca2 | 91 | /* for user to fill for certificate generation */ |
| wolfSSL | 0:1239e9b70ca2 | 92 | typedef struct Cert { |
| wolfSSL | 0:1239e9b70ca2 | 93 | int version; /* x509 version */ |
| wolfSSL | 0:1239e9b70ca2 | 94 | byte serial[CTC_SERIAL_SIZE]; /* serial number */ |
| wolfSSL | 0:1239e9b70ca2 | 95 | int sigType; /* signature algo type */ |
| wolfSSL | 0:1239e9b70ca2 | 96 | CertName issuer; /* issuer info */ |
| wolfSSL | 0:1239e9b70ca2 | 97 | int daysValid; /* validity days */ |
| wolfSSL | 0:1239e9b70ca2 | 98 | int selfSigned; /* self signed flag */ |
| wolfSSL | 0:1239e9b70ca2 | 99 | CertName subject; /* subject info */ |
| wolfSSL | 0:1239e9b70ca2 | 100 | int isCA; /* is this going to be a CA */ |
| wolfSSL | 0:1239e9b70ca2 | 101 | /* internal use only */ |
| wolfSSL | 0:1239e9b70ca2 | 102 | int bodySz; /* pre sign total size */ |
| wolfSSL | 0:1239e9b70ca2 | 103 | int keyType; /* public key type of subject */ |
| wolfSSL | 0:1239e9b70ca2 | 104 | #ifdef CYASSL_ALT_NAMES |
| wolfSSL | 0:1239e9b70ca2 | 105 | byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */ |
| wolfSSL | 0:1239e9b70ca2 | 106 | int altNamesSz; /* altNames size in bytes */ |
| wolfSSL | 0:1239e9b70ca2 | 107 | byte beforeDate[CTC_DATE_SIZE]; /* before date copy */ |
| wolfSSL | 0:1239e9b70ca2 | 108 | int beforeDateSz; /* size of copy */ |
| wolfSSL | 0:1239e9b70ca2 | 109 | byte afterDate[CTC_DATE_SIZE]; /* after date copy */ |
| wolfSSL | 0:1239e9b70ca2 | 110 | int afterDateSz; /* size of copy */ |
| wolfSSL | 0:1239e9b70ca2 | 111 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 112 | #ifdef CYASSL_CERT_REQ |
| wolfSSL | 0:1239e9b70ca2 | 113 | char challengePw[CTC_NAME_SIZE]; |
| wolfSSL | 0:1239e9b70ca2 | 114 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 115 | } Cert; |
| wolfSSL | 0:1239e9b70ca2 | 116 | |
| wolfSSL | 0:1239e9b70ca2 | 117 | |
| wolfSSL | 0:1239e9b70ca2 | 118 | |
| wolfSSL | 0:1239e9b70ca2 | 119 | |
| wolfSSL | 0:1239e9b70ca2 | 120 | /* Initialize and Set Certficate defaults: |
| wolfSSL | 0:1239e9b70ca2 | 121 | version = 3 (0x2) |
| wolfSSL | 0:1239e9b70ca2 | 122 | serial = 0 (Will be randomly generated) |
| wolfSSL | 0:1239e9b70ca2 | 123 | sigType = SHA_WITH_RSA |
| wolfSSL | 0:1239e9b70ca2 | 124 | issuer = blank |
| wolfSSL | 0:1239e9b70ca2 | 125 | daysValid = 500 |
| wolfSSL | 0:1239e9b70ca2 | 126 | selfSigned = 1 (true) use subject as issuer |
| wolfSSL | 0:1239e9b70ca2 | 127 | subject = blank |
| wolfSSL | 0:1239e9b70ca2 | 128 | isCA = 0 (false) |
| wolfSSL | 0:1239e9b70ca2 | 129 | keyType = RSA_KEY (default) |
| wolfSSL | 0:1239e9b70ca2 | 130 | */ |
| wolfSSL | 0:1239e9b70ca2 | 131 | CYASSL_API void InitCert(Cert*); |
| wolfSSL | 0:1239e9b70ca2 | 132 | CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, |
| wolfSSL | 0:1239e9b70ca2 | 133 | ecc_key*, RNG*); |
| wolfSSL | 0:1239e9b70ca2 | 134 | #ifdef CYASSL_CERT_REQ |
| wolfSSL | 0:1239e9b70ca2 | 135 | CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*, |
| wolfSSL | 0:1239e9b70ca2 | 136 | ecc_key*); |
| wolfSSL | 0:1239e9b70ca2 | 137 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 138 | CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer, |
| wolfSSL | 0:1239e9b70ca2 | 139 | word32 derSz, RsaKey*, ecc_key*, RNG*); |
| wolfSSL | 0:1239e9b70ca2 | 140 | CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, |
| wolfSSL | 0:1239e9b70ca2 | 141 | RNG*); |
| wolfSSL | 0:1239e9b70ca2 | 142 | CYASSL_API int SetIssuer(Cert*, const char*); |
| wolfSSL | 0:1239e9b70ca2 | 143 | CYASSL_API int SetSubject(Cert*, const char*); |
| wolfSSL | 0:1239e9b70ca2 | 144 | #ifdef CYASSL_ALT_NAMES |
| wolfSSL | 0:1239e9b70ca2 | 145 | CYASSL_API int SetAltNames(Cert*, const char*); |
| wolfSSL | 0:1239e9b70ca2 | 146 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 147 | CYASSL_API int SetIssuerBuffer(Cert*, const byte*, int); |
| wolfSSL | 0:1239e9b70ca2 | 148 | CYASSL_API int SetSubjectBuffer(Cert*, const byte*, int); |
| wolfSSL | 0:1239e9b70ca2 | 149 | CYASSL_API int SetAltNamesBuffer(Cert*, const byte*, int); |
| wolfSSL | 0:1239e9b70ca2 | 150 | CYASSL_API int SetDatesBuffer(Cert*, const byte*, int); |
| wolfSSL | 0:1239e9b70ca2 | 151 | |
| wolfSSL | 0:1239e9b70ca2 | 152 | #ifdef HAVE_NTRU |
| wolfSSL | 0:1239e9b70ca2 | 153 | CYASSL_API int MakeNtruCert(Cert*, byte* derBuffer, word32 derSz, |
| wolfSSL | 0:1239e9b70ca2 | 154 | const byte* ntruKey, word16 keySz, RNG*); |
| wolfSSL | 0:1239e9b70ca2 | 155 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 156 | |
| wolfSSL | 0:1239e9b70ca2 | 157 | #endif /* CYASSL_CERT_GEN */ |
| wolfSSL | 0:1239e9b70ca2 | 158 | |
| wolfSSL | 0:1239e9b70ca2 | 159 | |
| wolfSSL | 0:1239e9b70ca2 | 160 | #if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) |
| wolfSSL | 0:1239e9b70ca2 | 161 | CYASSL_API int DerToPem(const byte* der, word32 derSz, byte* output, |
| wolfSSL | 0:1239e9b70ca2 | 162 | word32 outputSz, int type); |
| wolfSSL | 0:1239e9b70ca2 | 163 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 164 | |
| wolfSSL | 0:1239e9b70ca2 | 165 | #ifdef HAVE_ECC |
| wolfSSL | 0:1239e9b70ca2 | 166 | /* private key helpers */ |
| wolfSSL | 0:1239e9b70ca2 | 167 | CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx, |
| wolfSSL | 0:1239e9b70ca2 | 168 | ecc_key*,word32); |
| wolfSSL | 0:1239e9b70ca2 | 169 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 170 | |
| wolfSSL | 0:1239e9b70ca2 | 171 | |
| wolfSSL | 0:1239e9b70ca2 | 172 | #ifdef __cplusplus |
| wolfSSL | 0:1239e9b70ca2 | 173 | } /* extern "C" */ |
| wolfSSL | 0:1239e9b70ca2 | 174 | #endif |
| wolfSSL | 0:1239e9b70ca2 | 175 | |
| wolfSSL | 0:1239e9b70ca2 | 176 | #endif /* CTAO_CRYPT_ASN_PUBLIC_H */ |
| wolfSSL | 0:1239e9b70ca2 | 177 | |
| wolfSSL | 0:1239e9b70ca2 | 178 |
