wolf SSL / wolfSSL-TLS13-Beta

wolfSSL 3.11.1 for TLS1.3 beta

Fork of wolfSSL by wolf SSL

wolfssl/wolfcrypt/asn_public.h@0:d92f9d21154c, 2015-06-26 (annotated)

Committer:
wolfSSL
Date:
Fri Jun 26 00:39:20 2015 +0000
Revision:
0:d92f9d21154c
wolfSSL 3.6.0

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wolfSSL 0:d92f9d21154c 1 /* asn_public.h
wolfSSL 0:d92f9d21154c 2 *
wolfSSL 0:d92f9d21154c 3 * Copyright (C) 2006-2015 wolfSSL Inc.
wolfSSL 0:d92f9d21154c 4 *
wolfSSL 0:d92f9d21154c 5 * This file is part of wolfSSL. (formerly known as CyaSSL)
wolfSSL 0:d92f9d21154c 6 *
wolfSSL 0:d92f9d21154c 7 * wolfSSL is free software; you can redistribute it and/or modify
wolfSSL 0:d92f9d21154c 8 * it under the terms of the GNU General Public License as published by
wolfSSL 0:d92f9d21154c 9 * the Free Software Foundation; either version 2 of the License, or
wolfSSL 0:d92f9d21154c 10 * (at your option) any later version.
wolfSSL 0:d92f9d21154c 11 *
wolfSSL 0:d92f9d21154c 12 * wolfSSL is distributed in the hope that it will be useful,
wolfSSL 0:d92f9d21154c 13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL 0:d92f9d21154c 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL 0:d92f9d21154c 15 * GNU General Public License for more details.
wolfSSL 0:d92f9d21154c 16 *
wolfSSL 0:d92f9d21154c 17 * You should have received a copy of the GNU General Public License
wolfSSL 0:d92f9d21154c 18 * along with this program; if not, write to the Free Software
wolfSSL 0:d92f9d21154c 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
wolfSSL 0:d92f9d21154c 20 */
wolfSSL 0:d92f9d21154c 21
wolfSSL 0:d92f9d21154c 22
wolfSSL 0:d92f9d21154c 23 #ifndef WOLF_CRYPT_ASN_PUBLIC_H
wolfSSL 0:d92f9d21154c 24 #define WOLF_CRYPT_ASN_PUBLIC_H
wolfSSL 0:d92f9d21154c 25
wolfSSL 0:d92f9d21154c 26 #include <wolfssl/wolfcrypt/types.h>
wolfSSL 0:d92f9d21154c 27 #ifdef HAVE_ECC
wolfSSL 0:d92f9d21154c 28 #include <wolfssl/wolfcrypt/ecc.h>
wolfSSL 0:d92f9d21154c 29 #endif
wolfSSL 0:d92f9d21154c 30 #if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
wolfSSL 0:d92f9d21154c 31 #include <wolfssl/wolfcrypt/rsa.h>
wolfSSL 0:d92f9d21154c 32 #endif
wolfSSL 0:d92f9d21154c 33
wolfSSL 0:d92f9d21154c 34 #ifdef __cplusplus
wolfSSL 0:d92f9d21154c 35 extern "C" {
wolfSSL 0:d92f9d21154c 36 #endif
wolfSSL 0:d92f9d21154c 37
wolfSSL 0:d92f9d21154c 38 /* Certificate file Type */
wolfSSL 0:d92f9d21154c 39 enum CertType {
wolfSSL 0:d92f9d21154c 40 CERT_TYPE = 0,
wolfSSL 0:d92f9d21154c 41 PRIVATEKEY_TYPE,
wolfSSL 0:d92f9d21154c 42 DH_PARAM_TYPE,
wolfSSL 0:d92f9d21154c 43 CRL_TYPE,
wolfSSL 0:d92f9d21154c 44 CA_TYPE,
wolfSSL 0:d92f9d21154c 45 ECC_PRIVATEKEY_TYPE,
wolfSSL 0:d92f9d21154c 46 CERTREQ_TYPE
wolfSSL 0:d92f9d21154c 47 };
wolfSSL 0:d92f9d21154c 48
wolfSSL 0:d92f9d21154c 49
wolfSSL 0:d92f9d21154c 50 /* Signature type, by OID sum */
wolfSSL 0:d92f9d21154c 51 enum Ctc_SigType {
wolfSSL 0:d92f9d21154c 52 CTC_SHAwDSA = 517,
wolfSSL 0:d92f9d21154c 53 CTC_MD2wRSA = 646,
wolfSSL 0:d92f9d21154c 54 CTC_MD5wRSA = 648,
wolfSSL 0:d92f9d21154c 55 CTC_SHAwRSA = 649,
wolfSSL 0:d92f9d21154c 56 CTC_SHAwECDSA = 520,
wolfSSL 0:d92f9d21154c 57 CTC_SHA256wRSA = 655,
wolfSSL 0:d92f9d21154c 58 CTC_SHA256wECDSA = 524,
wolfSSL 0:d92f9d21154c 59 CTC_SHA384wRSA = 656,
wolfSSL 0:d92f9d21154c 60 CTC_SHA384wECDSA = 525,
wolfSSL 0:d92f9d21154c 61 CTC_SHA512wRSA = 657,
wolfSSL 0:d92f9d21154c 62 CTC_SHA512wECDSA = 526
wolfSSL 0:d92f9d21154c 63 };
wolfSSL 0:d92f9d21154c 64
wolfSSL 0:d92f9d21154c 65 enum Ctc_Encoding {
wolfSSL 0:d92f9d21154c 66 CTC_UTF8 = 0x0c, /* utf8 */
wolfSSL 0:d92f9d21154c 67 CTC_PRINTABLE = 0x13 /* printable */
wolfSSL 0:d92f9d21154c 68 };
wolfSSL 0:d92f9d21154c 69
wolfSSL 0:d92f9d21154c 70
wolfSSL 0:d92f9d21154c 71 #ifdef WOLFSSL_CERT_GEN
wolfSSL 0:d92f9d21154c 72
wolfSSL 0:d92f9d21154c 73 #ifndef HAVE_ECC
wolfSSL 0:d92f9d21154c 74 typedef struct ecc_key ecc_key;
wolfSSL 0:d92f9d21154c 75 #endif
wolfSSL 0:d92f9d21154c 76
wolfSSL 0:d92f9d21154c 77 enum Ctc_Misc {
wolfSSL 0:d92f9d21154c 78 CTC_NAME_SIZE = 64,
wolfSSL 0:d92f9d21154c 79 CTC_DATE_SIZE = 32,
wolfSSL 0:d92f9d21154c 80 CTC_MAX_ALT_SIZE = 16384, /* may be huge */
wolfSSL 0:d92f9d21154c 81 CTC_SERIAL_SIZE = 8
wolfSSL 0:d92f9d21154c 82 };
wolfSSL 0:d92f9d21154c 83
wolfSSL 0:d92f9d21154c 84 typedef struct CertName {
wolfSSL 0:d92f9d21154c 85 char country[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 86 char countryEnc;
wolfSSL 0:d92f9d21154c 87 char state[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 88 char stateEnc;
wolfSSL 0:d92f9d21154c 89 char locality[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 90 char localityEnc;
wolfSSL 0:d92f9d21154c 91 char sur[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 92 char surEnc;
wolfSSL 0:d92f9d21154c 93 char org[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 94 char orgEnc;
wolfSSL 0:d92f9d21154c 95 char unit[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 96 char unitEnc;
wolfSSL 0:d92f9d21154c 97 char commonName[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 98 char commonNameEnc;
wolfSSL 0:d92f9d21154c 99 char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */
wolfSSL 0:d92f9d21154c 100 } CertName;
wolfSSL 0:d92f9d21154c 101
wolfSSL 0:d92f9d21154c 102
wolfSSL 0:d92f9d21154c 103 /* for user to fill for certificate generation */
wolfSSL 0:d92f9d21154c 104 typedef struct Cert {
wolfSSL 0:d92f9d21154c 105 int version; /* x509 version */
wolfSSL 0:d92f9d21154c 106 byte serial[CTC_SERIAL_SIZE]; /* serial number */
wolfSSL 0:d92f9d21154c 107 int sigType; /* signature algo type */
wolfSSL 0:d92f9d21154c 108 CertName issuer; /* issuer info */
wolfSSL 0:d92f9d21154c 109 int daysValid; /* validity days */
wolfSSL 0:d92f9d21154c 110 int selfSigned; /* self signed flag */
wolfSSL 0:d92f9d21154c 111 CertName subject; /* subject info */
wolfSSL 0:d92f9d21154c 112 int isCA; /* is this going to be a CA */
wolfSSL 0:d92f9d21154c 113 /* internal use only */
wolfSSL 0:d92f9d21154c 114 int bodySz; /* pre sign total size */
wolfSSL 0:d92f9d21154c 115 int keyType; /* public key type of subject */
wolfSSL 0:d92f9d21154c 116 #ifdef WOLFSSL_ALT_NAMES
wolfSSL 0:d92f9d21154c 117 byte altNames[CTC_MAX_ALT_SIZE]; /* altNames copy */
wolfSSL 0:d92f9d21154c 118 int altNamesSz; /* altNames size in bytes */
wolfSSL 0:d92f9d21154c 119 byte beforeDate[CTC_DATE_SIZE]; /* before date copy */
wolfSSL 0:d92f9d21154c 120 int beforeDateSz; /* size of copy */
wolfSSL 0:d92f9d21154c 121 byte afterDate[CTC_DATE_SIZE]; /* after date copy */
wolfSSL 0:d92f9d21154c 122 int afterDateSz; /* size of copy */
wolfSSL 0:d92f9d21154c 123 #endif
wolfSSL 0:d92f9d21154c 124 #ifdef WOLFSSL_CERT_REQ
wolfSSL 0:d92f9d21154c 125 char challengePw[CTC_NAME_SIZE];
wolfSSL 0:d92f9d21154c 126 #endif
wolfSSL 0:d92f9d21154c 127 } Cert;
wolfSSL 0:d92f9d21154c 128 #endif /* WOLFSSL_CERT_GEN */
wolfSSL 0:d92f9d21154c 129
wolfSSL 0:d92f9d21154c 130
wolfSSL 0:d92f9d21154c 131 #ifdef WOLFSSL_CERT_GEN
wolfSSL 0:d92f9d21154c 132
wolfSSL 0:d92f9d21154c 133
wolfSSL 0:d92f9d21154c 134
wolfSSL 0:d92f9d21154c 135 /* Initialize and Set Certficate defaults:
wolfSSL 0:d92f9d21154c 136 version = 3 (0x2)
wolfSSL 0:d92f9d21154c 137 serial = 0 (Will be randomly generated)
wolfSSL 0:d92f9d21154c 138 sigType = SHA_WITH_RSA
wolfSSL 0:d92f9d21154c 139 issuer = blank
wolfSSL 0:d92f9d21154c 140 daysValid = 500
wolfSSL 0:d92f9d21154c 141 selfSigned = 1 (true) use subject as issuer
wolfSSL 0:d92f9d21154c 142 subject = blank
wolfSSL 0:d92f9d21154c 143 isCA = 0 (false)
wolfSSL 0:d92f9d21154c 144 keyType = RSA_KEY (default)
wolfSSL 0:d92f9d21154c 145 */
wolfSSL 0:d92f9d21154c 146 WOLFSSL_API void wc_InitCert(Cert*);
wolfSSL 0:d92f9d21154c 147 WOLFSSL_API int wc_MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
wolfSSL 0:d92f9d21154c 148 ecc_key*, RNG*);
wolfSSL 0:d92f9d21154c 149 #ifdef WOLFSSL_CERT_REQ
wolfSSL 0:d92f9d21154c 150 WOLFSSL_API int wc_MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
wolfSSL 0:d92f9d21154c 151 ecc_key*);
wolfSSL 0:d92f9d21154c 152 #endif
wolfSSL 0:d92f9d21154c 153 WOLFSSL_API int wc_SignCert(int requestSz, int sigType, byte* derBuffer,
wolfSSL 0:d92f9d21154c 154 word32 derSz, RsaKey*, ecc_key*, RNG*);
wolfSSL 0:d92f9d21154c 155 WOLFSSL_API int wc_MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*,
wolfSSL 0:d92f9d21154c 156 RNG*);
wolfSSL 0:d92f9d21154c 157 WOLFSSL_API int wc_SetIssuer(Cert*, const char*);
wolfSSL 0:d92f9d21154c 158 WOLFSSL_API int wc_SetSubject(Cert*, const char*);
wolfSSL 0:d92f9d21154c 159 #ifdef WOLFSSL_ALT_NAMES
wolfSSL 0:d92f9d21154c 160 WOLFSSL_API int wc_SetAltNames(Cert*, const char*);
wolfSSL 0:d92f9d21154c 161 #endif
wolfSSL 0:d92f9d21154c 162 WOLFSSL_API int wc_SetIssuerBuffer(Cert*, const byte*, int);
wolfSSL 0:d92f9d21154c 163 WOLFSSL_API int wc_SetSubjectBuffer(Cert*, const byte*, int);
wolfSSL 0:d92f9d21154c 164 WOLFSSL_API int wc_SetAltNamesBuffer(Cert*, const byte*, int);
wolfSSL 0:d92f9d21154c 165 WOLFSSL_API int wc_SetDatesBuffer(Cert*, const byte*, int);
wolfSSL 0:d92f9d21154c 166
wolfSSL 0:d92f9d21154c 167 #ifdef HAVE_NTRU
wolfSSL 0:d92f9d21154c 168 WOLFSSL_API int wc_MakeNtruCert(Cert*, byte* derBuffer, word32 derSz,
wolfSSL 0:d92f9d21154c 169 const byte* ntruKey, word16 keySz, RNG*);
wolfSSL 0:d92f9d21154c 170 #endif
wolfSSL 0:d92f9d21154c 171
wolfSSL 0:d92f9d21154c 172 #endif /* WOLFSSL_CERT_GEN */
wolfSSL 0:d92f9d21154c 173
wolfSSL 0:d92f9d21154c 174
wolfSSL 0:d92f9d21154c 175 #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
wolfSSL 0:d92f9d21154c 176 WOLFSSL_API int wc_DerToPem(const byte* der, word32 derSz, byte* output,
wolfSSL 0:d92f9d21154c 177 word32 outputSz, int type);
wolfSSL 0:d92f9d21154c 178 #endif
wolfSSL 0:d92f9d21154c 179
wolfSSL 0:d92f9d21154c 180 #ifdef HAVE_ECC
wolfSSL 0:d92f9d21154c 181 /* private key helpers */
wolfSSL 0:d92f9d21154c 182 WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input,word32* inOutIdx,
wolfSSL 0:d92f9d21154c 183 ecc_key*,word32);
wolfSSL 0:d92f9d21154c 184 WOLFSSL_API int wc_EccKeyToDer(ecc_key*, byte* output, word32 inLen);
wolfSSL 0:d92f9d21154c 185 #endif
wolfSSL 0:d92f9d21154c 186
wolfSSL 0:d92f9d21154c 187 /* DER encode signature */
wolfSSL 0:d92f9d21154c 188 WOLFSSL_API word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
wolfSSL 0:d92f9d21154c 189 int hashOID);
wolfSSL 0:d92f9d21154c 190 WOLFSSL_API int wc_GetCTC_HashOID(int type);
wolfSSL 0:d92f9d21154c 191
wolfSSL 0:d92f9d21154c 192 #ifdef __cplusplus
wolfSSL 0:d92f9d21154c 193 } /* extern "C" */
wolfSSL 0:d92f9d21154c 194 #endif
wolfSSL 0:d92f9d21154c 195
wolfSSL 0:d92f9d21154c 196 #endif /* WOLF_CRYPT_ASN_PUBLIC_H */
wolfSSL 0:d92f9d21154c 197
wolfSSL 0:d92f9d21154c 198