wolfSSL - wolfSSL SSL/TLS library, support up to TLS1.3

Users » wolfSSL » Code » wolfSSL

wolfSSL SSL/TLS library, support up to TLS1.3

Dependents: CyaSSL-Twitter-OAuth4Tw Example-client-tls-cert TwitterReader TweetTest ... more

wolfcrypt/src/asn.c@2:28278596c2a2, 2015-07-21 (annotated)

Committer:: wolfSSL
Date:: Tue Jul 21 11:37:09 2015 +0000
Revision:: 2:28278596c2a2
Parent:: 0:d92f9d21154c

better MBED option set

Who changed what in which revision?

User	Revision	Line number	New contents of line
wolfSSL	2:28278596c2a2	1	/* asn.c
wolfSSL	2:28278596c2a2	2	*
wolfSSL	2:28278596c2a2	3	* Copyright (C) 2006-2015 wolfSSL Inc.
wolfSSL	2:28278596c2a2	4	*
wolfSSL	2:28278596c2a2	5	* This file is part of wolfSSL. (formerly known as CyaSSL)
wolfSSL	2:28278596c2a2	6	*
wolfSSL	2:28278596c2a2	7	* wolfSSL is free software; you can redistribute it and/or modify
wolfSSL	2:28278596c2a2	8	* it under the terms of the GNU General Public License as published by
wolfSSL	2:28278596c2a2	9	* the Free Software Foundation; either version 2 of the License, or
wolfSSL	2:28278596c2a2	10	* (at your option) any later version.
wolfSSL	2:28278596c2a2	11	*
wolfSSL	2:28278596c2a2	12	* wolfSSL is distributed in the hope that it will be useful,
wolfSSL	2:28278596c2a2	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
wolfSSL	2:28278596c2a2	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
wolfSSL	2:28278596c2a2	15	* GNU General Public License for more details.
wolfSSL	2:28278596c2a2	16	*
wolfSSL	2:28278596c2a2	17	* You should have received a copy of the GNU General Public License
wolfSSL	2:28278596c2a2	18	* along with this program; if not, write to the Free Software
wolfSSL	2:28278596c2a2	19	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
wolfSSL	2:28278596c2a2	20	*/
wolfSSL	2:28278596c2a2	21
wolfSSL	2:28278596c2a2	22	#ifdef HAVE_CONFIG_H
wolfSSL	2:28278596c2a2	23	#include <config.h>
wolfSSL	2:28278596c2a2	24	#endif
wolfSSL	2:28278596c2a2	25
wolfSSL	2:28278596c2a2	26	#include <wolfssl/wolfcrypt/settings.h>
wolfSSL	2:28278596c2a2	27
wolfSSL	2:28278596c2a2	28	#ifndef NO_ASN
wolfSSL	2:28278596c2a2	29
wolfSSL	2:28278596c2a2	30	#ifdef HAVE_RTP_SYS
wolfSSL	2:28278596c2a2	31	#include "os.h" /* dc_rtc_api needs */
wolfSSL	2:28278596c2a2	32	#include "dc_rtc_api.h" /* to get current time */
wolfSSL	2:28278596c2a2	33	#endif
wolfSSL	2:28278596c2a2	34
wolfSSL	2:28278596c2a2	35	#include <wolfssl/wolfcrypt/asn.h>
wolfSSL	2:28278596c2a2	36	#include <wolfssl/wolfcrypt/coding.h>
wolfSSL	2:28278596c2a2	37	#include <wolfssl/wolfcrypt/md2.h>
wolfSSL	2:28278596c2a2	38	#include <wolfssl/wolfcrypt/hmac.h>
wolfSSL	2:28278596c2a2	39	#include <wolfssl/wolfcrypt/error-crypt.h>
wolfSSL	2:28278596c2a2	40	#include <wolfssl/wolfcrypt/pwdbased.h>
wolfSSL	2:28278596c2a2	41	#include <wolfssl/wolfcrypt/des3.h>
wolfSSL	2:28278596c2a2	42	#include <wolfssl/wolfcrypt/logging.h>
wolfSSL	2:28278596c2a2	43
wolfSSL	2:28278596c2a2	44	#include <wolfssl/wolfcrypt/random.h>
wolfSSL	2:28278596c2a2	45
wolfSSL	2:28278596c2a2	46
wolfSSL	2:28278596c2a2	47	#ifndef NO_RC4
wolfSSL	2:28278596c2a2	48	#include <wolfssl/wolfcrypt/arc4.h>
wolfSSL	2:28278596c2a2	49	#endif
wolfSSL	2:28278596c2a2	50
wolfSSL	2:28278596c2a2	51	#ifdef HAVE_NTRU
wolfSSL	2:28278596c2a2	52	#include "ntru_crypto.h"
wolfSSL	2:28278596c2a2	53	#endif
wolfSSL	2:28278596c2a2	54
wolfSSL	2:28278596c2a2	55	#if defined(WOLFSSL_SHA512) \|\| defined(WOLFSSL_SHA384)
wolfSSL	2:28278596c2a2	56	#include <wolfssl/wolfcrypt/sha512.h>
wolfSSL	2:28278596c2a2	57	#endif
wolfSSL	2:28278596c2a2	58
wolfSSL	2:28278596c2a2	59	#ifndef NO_SHA256
wolfSSL	2:28278596c2a2	60	#include <wolfssl/wolfcrypt/sha256.h>
wolfSSL	2:28278596c2a2	61	#endif
wolfSSL	2:28278596c2a2	62
wolfSSL	2:28278596c2a2	63	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	64	#include <wolfssl/wolfcrypt/ecc.h>
wolfSSL	2:28278596c2a2	65	#endif
wolfSSL	2:28278596c2a2	66
wolfSSL	2:28278596c2a2	67	#ifdef WOLFSSL_DEBUG_ENCODING
wolfSSL	2:28278596c2a2	68	#ifdef FREESCALE_MQX
wolfSSL	2:28278596c2a2	69	#include <fio.h>
wolfSSL	2:28278596c2a2	70	#else
wolfSSL	2:28278596c2a2	71	#include <stdio.h>
wolfSSL	2:28278596c2a2	72	#endif
wolfSSL	2:28278596c2a2	73	#endif
wolfSSL	2:28278596c2a2	74
wolfSSL	2:28278596c2a2	75	#ifdef _MSC_VER
wolfSSL	2:28278596c2a2	76	/* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
wolfSSL	2:28278596c2a2	77	#pragma warning(disable: 4996)
wolfSSL	2:28278596c2a2	78	#endif
wolfSSL	2:28278596c2a2	79
wolfSSL	2:28278596c2a2	80
wolfSSL	2:28278596c2a2	81	#ifndef TRUE
wolfSSL	2:28278596c2a2	82	#define TRUE 1
wolfSSL	2:28278596c2a2	83	#endif
wolfSSL	2:28278596c2a2	84	#ifndef FALSE
wolfSSL	2:28278596c2a2	85	#define FALSE 0
wolfSSL	2:28278596c2a2	86	#endif
wolfSSL	2:28278596c2a2	87
wolfSSL	2:28278596c2a2	88
wolfSSL	2:28278596c2a2	89	#ifdef HAVE_RTP_SYS
wolfSSL	2:28278596c2a2	90	/* uses parital <time.h> structures */
wolfSSL	2:28278596c2a2	91	#define XTIME(tl) (0)
wolfSSL	2:28278596c2a2	92	#define XGMTIME(c, t) my_gmtime((c))
wolfSSL	2:28278596c2a2	93	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
wolfSSL	2:28278596c2a2	94	#elif defined(MICRIUM)
wolfSSL	2:28278596c2a2	95	#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
wolfSSL	2:28278596c2a2	96	#define XVALIDATE_DATE(d,f,t) NetSecure_ValidateDateHandler((d),(f),(t))
wolfSSL	2:28278596c2a2	97	#else
wolfSSL	2:28278596c2a2	98	#define XVALIDATE_DATE(d, f, t) (0)
wolfSSL	2:28278596c2a2	99	#endif
wolfSSL	2:28278596c2a2	100	#define NO_TIME_H
wolfSSL	2:28278596c2a2	101	/* since Micrium not defining XTIME or XGMTIME, CERT_GEN not available */
wolfSSL	2:28278596c2a2	102	#elif defined(MICROCHIP_TCPIP_V5) \|\| defined(MICROCHIP_TCPIP)
wolfSSL	2:28278596c2a2	103	#include <time.h>
wolfSSL	2:28278596c2a2	104	#define XTIME(t1) pic32_time((t1))
wolfSSL	2:28278596c2a2	105	#define XGMTIME(c, t) gmtime((c))
wolfSSL	2:28278596c2a2	106	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
wolfSSL	2:28278596c2a2	107	#elif defined(FREESCALE_MQX)
wolfSSL	2:28278596c2a2	108	#define XTIME(t1) mqx_time((t1))
wolfSSL	2:28278596c2a2	109	#define XGMTIME(c, t) mqx_gmtime((c), (t))
wolfSSL	2:28278596c2a2	110	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
wolfSSL	2:28278596c2a2	111	#elif defined(WOLFSSL_MDK_ARM)
wolfSSL	2:28278596c2a2	112	#if defined(WOLFSSL_MDK5)
wolfSSL	2:28278596c2a2	113	#include "cmsis_os.h"
wolfSSL	2:28278596c2a2	114	#else
wolfSSL	2:28278596c2a2	115	#include <rtl.h>
wolfSSL	2:28278596c2a2	116	#endif
wolfSSL	2:28278596c2a2	117	#undef RNG
wolfSSL	2:28278596c2a2	118	#include "wolfssl_MDK_ARM.h"
wolfSSL	2:28278596c2a2	119	#undef RNG
wolfSSL	2:28278596c2a2	120	#define RNG wolfSSL_RNG /for avoiding name conflict in "stm32f2xx.h" /
wolfSSL	2:28278596c2a2	121	#define XTIME(tl) (0)
wolfSSL	2:28278596c2a2	122	#define XGMTIME(c, t) wolfssl_MDK_gmtime((c))
wolfSSL	2:28278596c2a2	123	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
wolfSSL	2:28278596c2a2	124	#elif defined(USER_TIME)
wolfSSL	2:28278596c2a2	125	/* user time, and gmtime compatible functions, there is a gmtime
wolfSSL	2:28278596c2a2	126	implementation here that WINCE uses, so really just need some ticks
wolfSSL	2:28278596c2a2	127	since the EPOCH
wolfSSL	2:28278596c2a2	128	*/
wolfSSL	2:28278596c2a2	129
wolfSSL	2:28278596c2a2	130	struct tm {
wolfSSL	2:28278596c2a2	131	int tm_sec; /* seconds after the minute [0-60] */
wolfSSL	2:28278596c2a2	132	int tm_min; /* minutes after the hour [0-59] */
wolfSSL	2:28278596c2a2	133	int tm_hour; /* hours since midnight [0-23] */
wolfSSL	2:28278596c2a2	134	int tm_mday; /* day of the month [1-31] */
wolfSSL	2:28278596c2a2	135	int tm_mon; /* months since January [0-11] */
wolfSSL	2:28278596c2a2	136	int tm_year; /* years since 1900 */
wolfSSL	2:28278596c2a2	137	int tm_wday; /* days since Sunday [0-6] */
wolfSSL	2:28278596c2a2	138	int tm_yday; /* days since January 1 [0-365] */
wolfSSL	2:28278596c2a2	139	int tm_isdst; /* Daylight Savings Time flag */
wolfSSL	2:28278596c2a2	140	long tm_gmtoff; /* offset from CUT in seconds */
wolfSSL	2:28278596c2a2	141	char tm_zone; / timezone abbreviation */
wolfSSL	2:28278596c2a2	142	};
wolfSSL	2:28278596c2a2	143	typedef long time_t;
wolfSSL	2:28278596c2a2	144
wolfSSL	2:28278596c2a2	145	/* forward declaration */
wolfSSL	2:28278596c2a2	146	struct tm* gmtime(const time_t* timer);
wolfSSL	2:28278596c2a2	147	extern time_t XTIME(time_t * timer);
wolfSSL	2:28278596c2a2	148
wolfSSL	2:28278596c2a2	149	#define XGMTIME(c, t) gmtime((c))
wolfSSL	2:28278596c2a2	150	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
wolfSSL	2:28278596c2a2	151
wolfSSL	2:28278596c2a2	152	#ifdef STACK_TRAP
wolfSSL	2:28278596c2a2	153	/* for stack trap tracking, don't call os gmtime on OS X/linux,
wolfSSL	2:28278596c2a2	154	uses a lot of stack spce */
wolfSSL	2:28278596c2a2	155	extern time_t time(time_t * timer);
wolfSSL	2:28278596c2a2	156	#define XTIME(tl) time((tl))
wolfSSL	2:28278596c2a2	157	#endif /* STACK_TRAP */
wolfSSL	2:28278596c2a2	158
wolfSSL	2:28278596c2a2	159	#elif defined(TIME_OVERRIDES)
wolfSSL	2:28278596c2a2	160	/* user would like to override time() and gmtime() functionality */
wolfSSL	2:28278596c2a2	161
wolfSSL	2:28278596c2a2	162	#ifndef HAVE_TIME_T_TYPE
wolfSSL	2:28278596c2a2	163	typedef long time_t;
wolfSSL	2:28278596c2a2	164	#endif
wolfSSL	2:28278596c2a2	165	extern time_t XTIME(time_t * timer);
wolfSSL	2:28278596c2a2	166
wolfSSL	2:28278596c2a2	167	#ifndef HAVE_TM_TYPE
wolfSSL	2:28278596c2a2	168	struct tm {
wolfSSL	2:28278596c2a2	169	int tm_sec; /* seconds after the minute [0-60] */
wolfSSL	2:28278596c2a2	170	int tm_min; /* minutes after the hour [0-59] */
wolfSSL	2:28278596c2a2	171	int tm_hour; /* hours since midnight [0-23] */
wolfSSL	2:28278596c2a2	172	int tm_mday; /* day of the month [1-31] */
wolfSSL	2:28278596c2a2	173	int tm_mon; /* months since January [0-11] */
wolfSSL	2:28278596c2a2	174	int tm_year; /* years since 1900 */
wolfSSL	2:28278596c2a2	175	int tm_wday; /* days since Sunday [0-6] */
wolfSSL	2:28278596c2a2	176	int tm_yday; /* days since January 1 [0-365] */
wolfSSL	2:28278596c2a2	177	int tm_isdst; /* Daylight Savings Time flag */
wolfSSL	2:28278596c2a2	178	long tm_gmtoff; /* offset from CUT in seconds */
wolfSSL	2:28278596c2a2	179	char tm_zone; / timezone abbreviation */
wolfSSL	2:28278596c2a2	180	};
wolfSSL	2:28278596c2a2	181	#endif
wolfSSL	2:28278596c2a2	182	extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);
wolfSSL	2:28278596c2a2	183
wolfSSL	2:28278596c2a2	184	#ifndef HAVE_VALIDATE_DATE
wolfSSL	2:28278596c2a2	185	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
wolfSSL	2:28278596c2a2	186	#endif
wolfSSL	2:28278596c2a2	187	#else
wolfSSL	2:28278596c2a2	188	/* default */
wolfSSL	2:28278596c2a2	189	/* uses complete <time.h> facility */
wolfSSL	2:28278596c2a2	190	#include <time.h>
wolfSSL	2:28278596c2a2	191	#define XTIME(tl) time((tl))
wolfSSL	2:28278596c2a2	192	#define XGMTIME(c, t) gmtime((c))
wolfSSL	2:28278596c2a2	193	#define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t))
wolfSSL	2:28278596c2a2	194	#endif
wolfSSL	2:28278596c2a2	195
wolfSSL	2:28278596c2a2	196
wolfSSL	2:28278596c2a2	197	#ifdef _WIN32_WCE
wolfSSL	2:28278596c2a2	198	/* no time() or gmtime() even though in time.h header?? */
wolfSSL	2:28278596c2a2	199
wolfSSL	2:28278596c2a2	200	#include <windows.h>
wolfSSL	2:28278596c2a2	201
wolfSSL	2:28278596c2a2	202
wolfSSL	2:28278596c2a2	203	time_t time(time_t* timer)
wolfSSL	2:28278596c2a2	204	{
wolfSSL	2:28278596c2a2	205	SYSTEMTIME sysTime;
wolfSSL	2:28278596c2a2	206	FILETIME fTime;
wolfSSL	2:28278596c2a2	207	ULARGE_INTEGER intTime;
wolfSSL	2:28278596c2a2	208	time_t localTime;
wolfSSL	2:28278596c2a2	209
wolfSSL	2:28278596c2a2	210	if (timer == NULL)
wolfSSL	2:28278596c2a2	211	timer = &localTime;
wolfSSL	2:28278596c2a2	212
wolfSSL	2:28278596c2a2	213	GetSystemTime(&sysTime);
wolfSSL	2:28278596c2a2	214	SystemTimeToFileTime(&sysTime, &fTime);
wolfSSL	2:28278596c2a2	215
wolfSSL	2:28278596c2a2	216	XMEMCPY(&intTime, &fTime, sizeof(FILETIME));
wolfSSL	2:28278596c2a2	217	/* subtract EPOCH */
wolfSSL	2:28278596c2a2	218	intTime.QuadPart -= 0x19db1ded53e8000;
wolfSSL	2:28278596c2a2	219	/* to secs */
wolfSSL	2:28278596c2a2	220	intTime.QuadPart /= 10000000;
wolfSSL	2:28278596c2a2	221	*timer = (time_t)intTime.QuadPart;
wolfSSL	2:28278596c2a2	222
wolfSSL	2:28278596c2a2	223	return *timer;
wolfSSL	2:28278596c2a2	224	}
wolfSSL	2:28278596c2a2	225
wolfSSL	2:28278596c2a2	226	#endif /* _WIN32_WCE */
wolfSSL	2:28278596c2a2	227	#if defined( _WIN32_WCE ) \|\| defined( USER_TIME )
wolfSSL	2:28278596c2a2	228
wolfSSL	2:28278596c2a2	229	struct tm* gmtime(const time_t* timer)
wolfSSL	2:28278596c2a2	230	{
wolfSSL	2:28278596c2a2	231	#define YEAR0 1900
wolfSSL	2:28278596c2a2	232	#define EPOCH_YEAR 1970
wolfSSL	2:28278596c2a2	233	#define SECS_DAY (24L * 60L * 60L)
wolfSSL	2:28278596c2a2	234	#define LEAPYEAR(year) (!((year) % 4) && (((year) % 100) \|\| !((year) %400)))
wolfSSL	2:28278596c2a2	235	#define YEARSIZE(year) (LEAPYEAR(year) ? 366 : 365)
wolfSSL	2:28278596c2a2	236
wolfSSL	2:28278596c2a2	237	static const int _ytab[2][12] =
wolfSSL	2:28278596c2a2	238	{
wolfSSL	2:28278596c2a2	239	{31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
wolfSSL	2:28278596c2a2	240	{31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
wolfSSL	2:28278596c2a2	241	};
wolfSSL	2:28278596c2a2	242
wolfSSL	2:28278596c2a2	243	static struct tm st_time;
wolfSSL	2:28278596c2a2	244	struct tm* ret = &st_time;
wolfSSL	2:28278596c2a2	245	time_t secs = *timer;
wolfSSL	2:28278596c2a2	246	unsigned long dayclock, dayno;
wolfSSL	2:28278596c2a2	247	int year = EPOCH_YEAR;
wolfSSL	2:28278596c2a2	248
wolfSSL	2:28278596c2a2	249	dayclock = (unsigned long)secs % SECS_DAY;
wolfSSL	2:28278596c2a2	250	dayno = (unsigned long)secs / SECS_DAY;
wolfSSL	2:28278596c2a2	251
wolfSSL	2:28278596c2a2	252	ret->tm_sec = (int) dayclock % 60;
wolfSSL	2:28278596c2a2	253	ret->tm_min = (int)(dayclock % 3600) / 60;
wolfSSL	2:28278596c2a2	254	ret->tm_hour = (int) dayclock / 3600;
wolfSSL	2:28278596c2a2	255	ret->tm_wday = (int) (dayno + 4) % 7; /* day 0 a Thursday */
wolfSSL	2:28278596c2a2	256
wolfSSL	2:28278596c2a2	257	while(dayno >= (unsigned long)YEARSIZE(year)) {
wolfSSL	2:28278596c2a2	258	dayno -= YEARSIZE(year);
wolfSSL	2:28278596c2a2	259	year++;
wolfSSL	2:28278596c2a2	260	}
wolfSSL	2:28278596c2a2	261
wolfSSL	2:28278596c2a2	262	ret->tm_year = year - YEAR0;
wolfSSL	2:28278596c2a2	263	ret->tm_yday = (int)dayno;
wolfSSL	2:28278596c2a2	264	ret->tm_mon = 0;
wolfSSL	2:28278596c2a2	265
wolfSSL	2:28278596c2a2	266	while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) {
wolfSSL	2:28278596c2a2	267	dayno -= _ytab[LEAPYEAR(year)][ret->tm_mon];
wolfSSL	2:28278596c2a2	268	ret->tm_mon++;
wolfSSL	2:28278596c2a2	269	}
wolfSSL	2:28278596c2a2	270
wolfSSL	2:28278596c2a2	271	ret->tm_mday = (int)++dayno;
wolfSSL	2:28278596c2a2	272	ret->tm_isdst = 0;
wolfSSL	2:28278596c2a2	273
wolfSSL	2:28278596c2a2	274	return ret;
wolfSSL	2:28278596c2a2	275	}
wolfSSL	2:28278596c2a2	276
wolfSSL	2:28278596c2a2	277	#endif /* _WIN32_WCE \|\| USER_TIME */
wolfSSL	2:28278596c2a2	278
wolfSSL	2:28278596c2a2	279
wolfSSL	2:28278596c2a2	280	#ifdef HAVE_RTP_SYS
wolfSSL	2:28278596c2a2	281
wolfSSL	2:28278596c2a2	282	#define YEAR0 1900
wolfSSL	2:28278596c2a2	283
wolfSSL	2:28278596c2a2	284	struct tm* my_gmtime(const time_t* timer) /* has a gmtime() but hangs */
wolfSSL	2:28278596c2a2	285	{
wolfSSL	2:28278596c2a2	286	static struct tm st_time;
wolfSSL	2:28278596c2a2	287	struct tm* ret = &st_time;
wolfSSL	2:28278596c2a2	288
wolfSSL	2:28278596c2a2	289	DC_RTC_CALENDAR cal;
wolfSSL	2:28278596c2a2	290	dc_rtc_time_get(&cal, TRUE);
wolfSSL	2:28278596c2a2	291
wolfSSL	2:28278596c2a2	292	ret->tm_year = cal.year - YEAR0; /* gm starts at 1900 */
wolfSSL	2:28278596c2a2	293	ret->tm_mon = cal.month - 1; /* gm starts at 0 */
wolfSSL	2:28278596c2a2	294	ret->tm_mday = cal.day;
wolfSSL	2:28278596c2a2	295	ret->tm_hour = cal.hour;
wolfSSL	2:28278596c2a2	296	ret->tm_min = cal.minute;
wolfSSL	2:28278596c2a2	297	ret->tm_sec = cal.second;
wolfSSL	2:28278596c2a2	298
wolfSSL	2:28278596c2a2	299	return ret;
wolfSSL	2:28278596c2a2	300	}
wolfSSL	2:28278596c2a2	301
wolfSSL	2:28278596c2a2	302	#endif /* HAVE_RTP_SYS */
wolfSSL	2:28278596c2a2	303
wolfSSL	2:28278596c2a2	304
wolfSSL	2:28278596c2a2	305	#if defined(MICROCHIP_TCPIP_V5) \|\| defined(MICROCHIP_TCPIP)
wolfSSL	2:28278596c2a2	306
wolfSSL	2:28278596c2a2	307	/*
wolfSSL	2:28278596c2a2	308	* time() is just a stub in Microchip libraries. We need our own
wolfSSL	2:28278596c2a2	309	* implementation. Use SNTP client to get seconds since epoch.
wolfSSL	2:28278596c2a2	310	*/
wolfSSL	2:28278596c2a2	311	time_t pic32_time(time_t* timer)
wolfSSL	2:28278596c2a2	312	{
wolfSSL	2:28278596c2a2	313	#ifdef MICROCHIP_TCPIP_V5
wolfSSL	2:28278596c2a2	314	DWORD sec = 0;
wolfSSL	2:28278596c2a2	315	#else
wolfSSL	2:28278596c2a2	316	uint32_t sec = 0;
wolfSSL	2:28278596c2a2	317	#endif
wolfSSL	2:28278596c2a2	318	time_t localTime;
wolfSSL	2:28278596c2a2	319
wolfSSL	2:28278596c2a2	320	if (timer == NULL)
wolfSSL	2:28278596c2a2	321	timer = &localTime;
wolfSSL	2:28278596c2a2	322
wolfSSL	2:28278596c2a2	323	#ifdef MICROCHIP_MPLAB_HARMONY
wolfSSL	2:28278596c2a2	324	sec = TCPIP_SNTP_UTCSecondsGet();
wolfSSL	2:28278596c2a2	325	#else
wolfSSL	2:28278596c2a2	326	sec = SNTPGetUTCSeconds();
wolfSSL	2:28278596c2a2	327	#endif
wolfSSL	2:28278596c2a2	328	*timer = (time_t) sec;
wolfSSL	2:28278596c2a2	329
wolfSSL	2:28278596c2a2	330	return *timer;
wolfSSL	2:28278596c2a2	331	}
wolfSSL	2:28278596c2a2	332
wolfSSL	2:28278596c2a2	333	#endif /* MICROCHIP_TCPIP */
wolfSSL	2:28278596c2a2	334
wolfSSL	2:28278596c2a2	335
wolfSSL	2:28278596c2a2	336	#ifdef FREESCALE_MQX
wolfSSL	2:28278596c2a2	337
wolfSSL	2:28278596c2a2	338	time_t mqx_time(time_t* timer)
wolfSSL	2:28278596c2a2	339	{
wolfSSL	2:28278596c2a2	340	time_t localTime;
wolfSSL	2:28278596c2a2	341	TIME_STRUCT time_s;
wolfSSL	2:28278596c2a2	342
wolfSSL	2:28278596c2a2	343	if (timer == NULL)
wolfSSL	2:28278596c2a2	344	timer = &localTime;
wolfSSL	2:28278596c2a2	345
wolfSSL	2:28278596c2a2	346	_time_get(&time_s);
wolfSSL	2:28278596c2a2	347	*timer = (time_t) time_s.SECONDS;
wolfSSL	2:28278596c2a2	348
wolfSSL	2:28278596c2a2	349	return *timer;
wolfSSL	2:28278596c2a2	350	}
wolfSSL	2:28278596c2a2	351
wolfSSL	2:28278596c2a2	352	/* CodeWarrior GCC toolchain only has gmtime_r(), no gmtime() */
wolfSSL	2:28278596c2a2	353	struct tm* mqx_gmtime(const time_t* clock, struct tm* tmpTime)
wolfSSL	2:28278596c2a2	354	{
wolfSSL	2:28278596c2a2	355	return gmtime_r(clock, tmpTime);
wolfSSL	2:28278596c2a2	356	}
wolfSSL	2:28278596c2a2	357
wolfSSL	2:28278596c2a2	358	#endif /* FREESCALE_MQX */
wolfSSL	2:28278596c2a2	359
wolfSSL	2:28278596c2a2	360	#ifdef WOLFSSL_TIRTOS
wolfSSL	2:28278596c2a2	361
wolfSSL	2:28278596c2a2	362	time_t XTIME(time_t * timer)
wolfSSL	2:28278596c2a2	363	{
wolfSSL	2:28278596c2a2	364	time_t sec = 0;
wolfSSL	2:28278596c2a2	365
wolfSSL	2:28278596c2a2	366	sec = (time_t) Seconds_get();
wolfSSL	2:28278596c2a2	367
wolfSSL	2:28278596c2a2	368	if (timer != NULL)
wolfSSL	2:28278596c2a2	369	*timer = sec;
wolfSSL	2:28278596c2a2	370
wolfSSL	2:28278596c2a2	371	return sec;
wolfSSL	2:28278596c2a2	372	}
wolfSSL	2:28278596c2a2	373
wolfSSL	2:28278596c2a2	374	#endif /* WOLFSSL_TIRTOS */
wolfSSL	2:28278596c2a2	375
wolfSSL	2:28278596c2a2	376	static INLINE word32 btoi(byte b)
wolfSSL	2:28278596c2a2	377	{
wolfSSL	2:28278596c2a2	378	return b - 0x30;
wolfSSL	2:28278596c2a2	379	}
wolfSSL	2:28278596c2a2	380
wolfSSL	2:28278596c2a2	381
wolfSSL	2:28278596c2a2	382	/* two byte date/time, add to value */
wolfSSL	2:28278596c2a2	383	static INLINE void GetTime(int* value, const byte* date, int* idx)
wolfSSL	2:28278596c2a2	384	{
wolfSSL	2:28278596c2a2	385	int i = *idx;
wolfSSL	2:28278596c2a2	386
wolfSSL	2:28278596c2a2	387	value += btoi(date[i++]) 10;
wolfSSL	2:28278596c2a2	388	*value += btoi(date[i++]);
wolfSSL	2:28278596c2a2	389
wolfSSL	2:28278596c2a2	390	*idx = i;
wolfSSL	2:28278596c2a2	391	}
wolfSSL	2:28278596c2a2	392
wolfSSL	2:28278596c2a2	393
wolfSSL	2:28278596c2a2	394	#if defined(MICRIUM)
wolfSSL	2:28278596c2a2	395
wolfSSL	2:28278596c2a2	396	CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format,
wolfSSL	2:28278596c2a2	397	CPU_INT08U dateType)
wolfSSL	2:28278596c2a2	398	{
wolfSSL	2:28278596c2a2	399	CPU_BOOLEAN rtn_code;
wolfSSL	2:28278596c2a2	400	CPU_INT32S i;
wolfSSL	2:28278596c2a2	401	CPU_INT32S val;
wolfSSL	2:28278596c2a2	402	CPU_INT16U year;
wolfSSL	2:28278596c2a2	403	CPU_INT08U month;
wolfSSL	2:28278596c2a2	404	CPU_INT16U day;
wolfSSL	2:28278596c2a2	405	CPU_INT08U hour;
wolfSSL	2:28278596c2a2	406	CPU_INT08U min;
wolfSSL	2:28278596c2a2	407	CPU_INT08U sec;
wolfSSL	2:28278596c2a2	408
wolfSSL	2:28278596c2a2	409	i = 0;
wolfSSL	2:28278596c2a2	410	year = 0u;
wolfSSL	2:28278596c2a2	411
wolfSSL	2:28278596c2a2	412	if (format == ASN_UTC_TIME) {
wolfSSL	2:28278596c2a2	413	if (btoi(date[0]) >= 5)
wolfSSL	2:28278596c2a2	414	year = 1900;
wolfSSL	2:28278596c2a2	415	else
wolfSSL	2:28278596c2a2	416	year = 2000;
wolfSSL	2:28278596c2a2	417	}
wolfSSL	2:28278596c2a2	418	else { /* format == GENERALIZED_TIME */
wolfSSL	2:28278596c2a2	419	year += btoi(date[i++]) * 1000;
wolfSSL	2:28278596c2a2	420	year += btoi(date[i++]) * 100;
wolfSSL	2:28278596c2a2	421	}
wolfSSL	2:28278596c2a2	422
wolfSSL	2:28278596c2a2	423	val = year;
wolfSSL	2:28278596c2a2	424	GetTime(&val, date, &i);
wolfSSL	2:28278596c2a2	425	year = (CPU_INT16U)val;
wolfSSL	2:28278596c2a2	426
wolfSSL	2:28278596c2a2	427	val = 0;
wolfSSL	2:28278596c2a2	428	GetTime(&val, date, &i);
wolfSSL	2:28278596c2a2	429	month = (CPU_INT08U)val;
wolfSSL	2:28278596c2a2	430
wolfSSL	2:28278596c2a2	431	val = 0;
wolfSSL	2:28278596c2a2	432	GetTime(&val, date, &i);
wolfSSL	2:28278596c2a2	433	day = (CPU_INT16U)val;
wolfSSL	2:28278596c2a2	434
wolfSSL	2:28278596c2a2	435	val = 0;
wolfSSL	2:28278596c2a2	436	GetTime(&val, date, &i);
wolfSSL	2:28278596c2a2	437	hour = (CPU_INT08U)val;
wolfSSL	2:28278596c2a2	438
wolfSSL	2:28278596c2a2	439	val = 0;
wolfSSL	2:28278596c2a2	440	GetTime(&val, date, &i);
wolfSSL	2:28278596c2a2	441	min = (CPU_INT08U)val;
wolfSSL	2:28278596c2a2	442
wolfSSL	2:28278596c2a2	443	val = 0;
wolfSSL	2:28278596c2a2	444	GetTime(&val, date, &i);
wolfSSL	2:28278596c2a2	445	sec = (CPU_INT08U)val;
wolfSSL	2:28278596c2a2	446
wolfSSL	2:28278596c2a2	447	return NetSecure_ValidateDate(year, month, day, hour, min, sec, dateType);
wolfSSL	2:28278596c2a2	448	}
wolfSSL	2:28278596c2a2	449
wolfSSL	2:28278596c2a2	450	#endif /* MICRIUM */
wolfSSL	2:28278596c2a2	451
wolfSSL	2:28278596c2a2	452
wolfSSL	2:28278596c2a2	453	WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
wolfSSL	2:28278596c2a2	454	word32 maxIdx)
wolfSSL	2:28278596c2a2	455	{
wolfSSL	2:28278596c2a2	456	int length = 0;
wolfSSL	2:28278596c2a2	457	word32 i = *inOutIdx;
wolfSSL	2:28278596c2a2	458	byte b;
wolfSSL	2:28278596c2a2	459
wolfSSL	2:28278596c2a2	460	len = 0; / default length */
wolfSSL	2:28278596c2a2	461
wolfSSL	2:28278596c2a2	462	if ( (i+1) > maxIdx) { /* for first read */
wolfSSL	2:28278596c2a2	463	WOLFSSL_MSG("GetLength bad index on input");
wolfSSL	2:28278596c2a2	464	return BUFFER_E;
wolfSSL	2:28278596c2a2	465	}
wolfSSL	2:28278596c2a2	466
wolfSSL	2:28278596c2a2	467	b = input[i++];
wolfSSL	2:28278596c2a2	468	if (b >= ASN_LONG_LENGTH) {
wolfSSL	2:28278596c2a2	469	word32 bytes = b & 0x7F;
wolfSSL	2:28278596c2a2	470
wolfSSL	2:28278596c2a2	471	if ( (i+bytes) > maxIdx) { /* for reading bytes */
wolfSSL	2:28278596c2a2	472	WOLFSSL_MSG("GetLength bad long length");
wolfSSL	2:28278596c2a2	473	return BUFFER_E;
wolfSSL	2:28278596c2a2	474	}
wolfSSL	2:28278596c2a2	475
wolfSSL	2:28278596c2a2	476	while (bytes--) {
wolfSSL	2:28278596c2a2	477	b = input[i++];
wolfSSL	2:28278596c2a2	478	length = (length << 8) \| b;
wolfSSL	2:28278596c2a2	479	}
wolfSSL	2:28278596c2a2	480	}
wolfSSL	2:28278596c2a2	481	else
wolfSSL	2:28278596c2a2	482	length = b;
wolfSSL	2:28278596c2a2	483
wolfSSL	2:28278596c2a2	484	if ( (i+length) > maxIdx) { /* for user of length */
wolfSSL	2:28278596c2a2	485	WOLFSSL_MSG("GetLength value exceeds buffer length");
wolfSSL	2:28278596c2a2	486	return BUFFER_E;
wolfSSL	2:28278596c2a2	487	}
wolfSSL	2:28278596c2a2	488
wolfSSL	2:28278596c2a2	489	*inOutIdx = i;
wolfSSL	2:28278596c2a2	490	if (length > 0)
wolfSSL	2:28278596c2a2	491	*len = length;
wolfSSL	2:28278596c2a2	492
wolfSSL	2:28278596c2a2	493	return length;
wolfSSL	2:28278596c2a2	494	}
wolfSSL	2:28278596c2a2	495
wolfSSL	2:28278596c2a2	496
wolfSSL	2:28278596c2a2	497	WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
wolfSSL	2:28278596c2a2	498	word32 maxIdx)
wolfSSL	2:28278596c2a2	499	{
wolfSSL	2:28278596c2a2	500	int length = -1;
wolfSSL	2:28278596c2a2	501	word32 idx = *inOutIdx;
wolfSSL	2:28278596c2a2	502
wolfSSL	2:28278596c2a2	503	if (input[idx++] != (ASN_SEQUENCE \| ASN_CONSTRUCTED) \|\|
wolfSSL	2:28278596c2a2	504	GetLength(input, &idx, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	505	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	506
wolfSSL	2:28278596c2a2	507	*len = length;
wolfSSL	2:28278596c2a2	508	*inOutIdx = idx;
wolfSSL	2:28278596c2a2	509
wolfSSL	2:28278596c2a2	510	return length;
wolfSSL	2:28278596c2a2	511	}
wolfSSL	2:28278596c2a2	512
wolfSSL	2:28278596c2a2	513
wolfSSL	2:28278596c2a2	514	WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
wolfSSL	2:28278596c2a2	515	word32 maxIdx)
wolfSSL	2:28278596c2a2	516	{
wolfSSL	2:28278596c2a2	517	int length = -1;
wolfSSL	2:28278596c2a2	518	word32 idx = *inOutIdx;
wolfSSL	2:28278596c2a2	519
wolfSSL	2:28278596c2a2	520	if (input[idx++] != (ASN_SET \| ASN_CONSTRUCTED) \|\|
wolfSSL	2:28278596c2a2	521	GetLength(input, &idx, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	522	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	523
wolfSSL	2:28278596c2a2	524	*len = length;
wolfSSL	2:28278596c2a2	525	*inOutIdx = idx;
wolfSSL	2:28278596c2a2	526
wolfSSL	2:28278596c2a2	527	return length;
wolfSSL	2:28278596c2a2	528	}
wolfSSL	2:28278596c2a2	529
wolfSSL	2:28278596c2a2	530
wolfSSL	2:28278596c2a2	531	/* winodws header clash for WinCE using GetVersion */
wolfSSL	2:28278596c2a2	532	WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, int* version)
wolfSSL	2:28278596c2a2	533	{
wolfSSL	2:28278596c2a2	534	word32 idx = *inOutIdx;
wolfSSL	2:28278596c2a2	535
wolfSSL	2:28278596c2a2	536	WOLFSSL_ENTER("GetMyVersion");
wolfSSL	2:28278596c2a2	537
wolfSSL	2:28278596c2a2	538	if (input[idx++] != ASN_INTEGER)
wolfSSL	2:28278596c2a2	539	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	540
wolfSSL	2:28278596c2a2	541	if (input[idx++] != 0x01)
wolfSSL	2:28278596c2a2	542	return ASN_VERSION_E;
wolfSSL	2:28278596c2a2	543
wolfSSL	2:28278596c2a2	544	*version = input[idx++];
wolfSSL	2:28278596c2a2	545	*inOutIdx = idx;
wolfSSL	2:28278596c2a2	546
wolfSSL	2:28278596c2a2	547	return *version;
wolfSSL	2:28278596c2a2	548	}
wolfSSL	2:28278596c2a2	549
wolfSSL	2:28278596c2a2	550
wolfSSL	2:28278596c2a2	551	#ifndef NO_PWDBASED
wolfSSL	2:28278596c2a2	552	/* Get small count integer, 32 bits or less */
wolfSSL	2:28278596c2a2	553	static int GetShortInt(const byte* input, word32* inOutIdx, int* number)
wolfSSL	2:28278596c2a2	554	{
wolfSSL	2:28278596c2a2	555	word32 idx = *inOutIdx;
wolfSSL	2:28278596c2a2	556	word32 len;
wolfSSL	2:28278596c2a2	557
wolfSSL	2:28278596c2a2	558	*number = 0;
wolfSSL	2:28278596c2a2	559
wolfSSL	2:28278596c2a2	560	if (input[idx++] != ASN_INTEGER)
wolfSSL	2:28278596c2a2	561	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	562
wolfSSL	2:28278596c2a2	563	len = input[idx++];
wolfSSL	2:28278596c2a2	564	if (len > 4)
wolfSSL	2:28278596c2a2	565	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	566
wolfSSL	2:28278596c2a2	567	while (len--) {
wolfSSL	2:28278596c2a2	568	number = number << 8 \| input[idx++];
wolfSSL	2:28278596c2a2	569	}
wolfSSL	2:28278596c2a2	570
wolfSSL	2:28278596c2a2	571	*inOutIdx = idx;
wolfSSL	2:28278596c2a2	572
wolfSSL	2:28278596c2a2	573	return *number;
wolfSSL	2:28278596c2a2	574	}
wolfSSL	2:28278596c2a2	575	#endif /* !NO_PWDBASED */
wolfSSL	2:28278596c2a2	576
wolfSSL	2:28278596c2a2	577
wolfSSL	2:28278596c2a2	578	/* May not have one, not an error */
wolfSSL	2:28278596c2a2	579	static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version)
wolfSSL	2:28278596c2a2	580	{
wolfSSL	2:28278596c2a2	581	word32 idx = *inOutIdx;
wolfSSL	2:28278596c2a2	582
wolfSSL	2:28278596c2a2	583	WOLFSSL_ENTER("GetExplicitVersion");
wolfSSL	2:28278596c2a2	584	if (input[idx++] == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED)) {
wolfSSL	2:28278596c2a2	585	inOutIdx = ++idx; / eat header */
wolfSSL	2:28278596c2a2	586	return GetMyVersion(input, inOutIdx, version);
wolfSSL	2:28278596c2a2	587	}
wolfSSL	2:28278596c2a2	588
wolfSSL	2:28278596c2a2	589	/* go back as is */
wolfSSL	2:28278596c2a2	590	*version = 0;
wolfSSL	2:28278596c2a2	591
wolfSSL	2:28278596c2a2	592	return 0;
wolfSSL	2:28278596c2a2	593	}
wolfSSL	2:28278596c2a2	594
wolfSSL	2:28278596c2a2	595
wolfSSL	2:28278596c2a2	596	WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
wolfSSL	2:28278596c2a2	597	word32 maxIdx)
wolfSSL	2:28278596c2a2	598	{
wolfSSL	2:28278596c2a2	599	word32 i = *inOutIdx;
wolfSSL	2:28278596c2a2	600	byte b = input[i++];
wolfSSL	2:28278596c2a2	601	int length;
wolfSSL	2:28278596c2a2	602
wolfSSL	2:28278596c2a2	603	if (b != ASN_INTEGER)
wolfSSL	2:28278596c2a2	604	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	605
wolfSSL	2:28278596c2a2	606	if (GetLength(input, &i, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	607	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	608
wolfSSL	2:28278596c2a2	609	if ( (b = input[i++]) == 0x00)
wolfSSL	2:28278596c2a2	610	length--;
wolfSSL	2:28278596c2a2	611	else
wolfSSL	2:28278596c2a2	612	i--;
wolfSSL	2:28278596c2a2	613
wolfSSL	2:28278596c2a2	614	if (mp_init(mpi) != MP_OKAY)
wolfSSL	2:28278596c2a2	615	return MP_INIT_E;
wolfSSL	2:28278596c2a2	616
wolfSSL	2:28278596c2a2	617	if (mp_read_unsigned_bin(mpi, (byte*)input + i, length) != 0) {
wolfSSL	2:28278596c2a2	618	mp_clear(mpi);
wolfSSL	2:28278596c2a2	619	return ASN_GETINT_E;
wolfSSL	2:28278596c2a2	620	}
wolfSSL	2:28278596c2a2	621
wolfSSL	2:28278596c2a2	622	*inOutIdx = i + length;
wolfSSL	2:28278596c2a2	623	return 0;
wolfSSL	2:28278596c2a2	624	}
wolfSSL	2:28278596c2a2	625
wolfSSL	2:28278596c2a2	626
wolfSSL	2:28278596c2a2	627	static int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
wolfSSL	2:28278596c2a2	628	word32 maxIdx)
wolfSSL	2:28278596c2a2	629	{
wolfSSL	2:28278596c2a2	630	int length;
wolfSSL	2:28278596c2a2	631	word32 i = *inOutIdx;
wolfSSL	2:28278596c2a2	632	byte b;
wolfSSL	2:28278596c2a2	633	*oid = 0;
wolfSSL	2:28278596c2a2	634
wolfSSL	2:28278596c2a2	635	b = input[i++];
wolfSSL	2:28278596c2a2	636	if (b != ASN_OBJECT_ID)
wolfSSL	2:28278596c2a2	637	return ASN_OBJECT_ID_E;
wolfSSL	2:28278596c2a2	638
wolfSSL	2:28278596c2a2	639	if (GetLength(input, &i, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	640	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	641
wolfSSL	2:28278596c2a2	642	while(length--)
wolfSSL	2:28278596c2a2	643	*oid += input[i++];
wolfSSL	2:28278596c2a2	644	/* just sum it up for now */
wolfSSL	2:28278596c2a2	645
wolfSSL	2:28278596c2a2	646	*inOutIdx = i;
wolfSSL	2:28278596c2a2	647
wolfSSL	2:28278596c2a2	648	return 0;
wolfSSL	2:28278596c2a2	649	}
wolfSSL	2:28278596c2a2	650
wolfSSL	2:28278596c2a2	651
wolfSSL	2:28278596c2a2	652	WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
wolfSSL	2:28278596c2a2	653	word32 maxIdx)
wolfSSL	2:28278596c2a2	654	{
wolfSSL	2:28278596c2a2	655	int length;
wolfSSL	2:28278596c2a2	656	word32 i = *inOutIdx;
wolfSSL	2:28278596c2a2	657	byte b;
wolfSSL	2:28278596c2a2	658	*oid = 0;
wolfSSL	2:28278596c2a2	659
wolfSSL	2:28278596c2a2	660	WOLFSSL_ENTER("GetAlgoId");
wolfSSL	2:28278596c2a2	661
wolfSSL	2:28278596c2a2	662	if (GetSequence(input, &i, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	663	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	664
wolfSSL	2:28278596c2a2	665	b = input[i++];
wolfSSL	2:28278596c2a2	666	if (b != ASN_OBJECT_ID)
wolfSSL	2:28278596c2a2	667	return ASN_OBJECT_ID_E;
wolfSSL	2:28278596c2a2	668
wolfSSL	2:28278596c2a2	669	if (GetLength(input, &i, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	670	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	671
wolfSSL	2:28278596c2a2	672	while(length--) {
wolfSSL	2:28278596c2a2	673	/* odd HC08 compiler behavior here when input[i++] */
wolfSSL	2:28278596c2a2	674	*oid += input[i];
wolfSSL	2:28278596c2a2	675	i++;
wolfSSL	2:28278596c2a2	676	}
wolfSSL	2:28278596c2a2	677	/* just sum it up for now */
wolfSSL	2:28278596c2a2	678
wolfSSL	2:28278596c2a2	679	/* could have NULL tag and 0 terminator, but may not */
wolfSSL	2:28278596c2a2	680	b = input[i++];
wolfSSL	2:28278596c2a2	681
wolfSSL	2:28278596c2a2	682	if (b == ASN_TAG_NULL) {
wolfSSL	2:28278596c2a2	683	b = input[i++];
wolfSSL	2:28278596c2a2	684	if (b != 0)
wolfSSL	2:28278596c2a2	685	return ASN_EXPECT_0_E;
wolfSSL	2:28278596c2a2	686	}
wolfSSL	2:28278596c2a2	687	else
wolfSSL	2:28278596c2a2	688	/* go back, didn't have it */
wolfSSL	2:28278596c2a2	689	i--;
wolfSSL	2:28278596c2a2	690
wolfSSL	2:28278596c2a2	691	*inOutIdx = i;
wolfSSL	2:28278596c2a2	692
wolfSSL	2:28278596c2a2	693	return 0;
wolfSSL	2:28278596c2a2	694	}
wolfSSL	2:28278596c2a2	695
wolfSSL	2:28278596c2a2	696	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	697
wolfSSL	2:28278596c2a2	698
wolfSSL	2:28278596c2a2	699	#ifdef HAVE_CAVIUM
wolfSSL	2:28278596c2a2	700
wolfSSL	2:28278596c2a2	701	static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input,
wolfSSL	2:28278596c2a2	702	word32* inOutIdx, word32 maxIdx, void* heap)
wolfSSL	2:28278596c2a2	703	{
wolfSSL	2:28278596c2a2	704	word32 i = *inOutIdx;
wolfSSL	2:28278596c2a2	705	byte b = input[i++];
wolfSSL	2:28278596c2a2	706	int length;
wolfSSL	2:28278596c2a2	707
wolfSSL	2:28278596c2a2	708	if (b != ASN_INTEGER)
wolfSSL	2:28278596c2a2	709	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	710
wolfSSL	2:28278596c2a2	711	if (GetLength(input, &i, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	712	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	713
wolfSSL	2:28278596c2a2	714	if ( (b = input[i++]) == 0x00)
wolfSSL	2:28278596c2a2	715	length--;
wolfSSL	2:28278596c2a2	716	else
wolfSSL	2:28278596c2a2	717	i--;
wolfSSL	2:28278596c2a2	718
wolfSSL	2:28278596c2a2	719	*buffSz = (word16)length;
wolfSSL	2:28278596c2a2	720	buff = XMALLOC(buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA);
wolfSSL	2:28278596c2a2	721	if (*buff == NULL)
wolfSSL	2:28278596c2a2	722	return MEMORY_E;
wolfSSL	2:28278596c2a2	723
wolfSSL	2:28278596c2a2	724	XMEMCPY(buff, input + i, buffSz);
wolfSSL	2:28278596c2a2	725
wolfSSL	2:28278596c2a2	726	*inOutIdx = i + length;
wolfSSL	2:28278596c2a2	727	return 0;
wolfSSL	2:28278596c2a2	728	}
wolfSSL	2:28278596c2a2	729
wolfSSL	2:28278596c2a2	730	static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
wolfSSL	2:28278596c2a2	731	RsaKey* key, word32 inSz)
wolfSSL	2:28278596c2a2	732	{
wolfSSL	2:28278596c2a2	733	int version, length;
wolfSSL	2:28278596c2a2	734	void* h = key->heap;
wolfSSL	2:28278596c2a2	735
wolfSSL	2:28278596c2a2	736	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	737	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	738
wolfSSL	2:28278596c2a2	739	if (GetMyVersion(input, inOutIdx, &version) < 0)
wolfSSL	2:28278596c2a2	740	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	741
wolfSSL	2:28278596c2a2	742	key->type = RSA_PRIVATE;
wolfSSL	2:28278596c2a2	743
wolfSSL	2:28278596c2a2	744	if (GetCaviumInt(&key->c_n, &key->c_nSz, input, inOutIdx, inSz, h) < 0 \|\|
wolfSSL	2:28278596c2a2	745	GetCaviumInt(&key->c_e, &key->c_eSz, input, inOutIdx, inSz, h) < 0 \|\|
wolfSSL	2:28278596c2a2	746	GetCaviumInt(&key->c_d, &key->c_dSz, input, inOutIdx, inSz, h) < 0 \|\|
wolfSSL	2:28278596c2a2	747	GetCaviumInt(&key->c_p, &key->c_pSz, input, inOutIdx, inSz, h) < 0 \|\|
wolfSSL	2:28278596c2a2	748	GetCaviumInt(&key->c_q, &key->c_qSz, input, inOutIdx, inSz, h) < 0 \|\|
wolfSSL	2:28278596c2a2	749	GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 \|\|
wolfSSL	2:28278596c2a2	750	GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 \|\|
wolfSSL	2:28278596c2a2	751	GetCaviumInt(&key->c_u, &key->c_uSz, input, inOutIdx, inSz, h) < 0 )
wolfSSL	2:28278596c2a2	752	return ASN_RSA_KEY_E;
wolfSSL	2:28278596c2a2	753
wolfSSL	2:28278596c2a2	754	return 0;
wolfSSL	2:28278596c2a2	755	}
wolfSSL	2:28278596c2a2	756
wolfSSL	2:28278596c2a2	757
wolfSSL	2:28278596c2a2	758	#endif /* HAVE_CAVIUM */
wolfSSL	2:28278596c2a2	759
wolfSSL	2:28278596c2a2	760	int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
wolfSSL	2:28278596c2a2	761	word32 inSz)
wolfSSL	2:28278596c2a2	762	{
wolfSSL	2:28278596c2a2	763	int version, length;
wolfSSL	2:28278596c2a2	764
wolfSSL	2:28278596c2a2	765	#ifdef HAVE_CAVIUM
wolfSSL	2:28278596c2a2	766	if (key->magic == WOLFSSL_RSA_CAVIUM_MAGIC)
wolfSSL	2:28278596c2a2	767	return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz);
wolfSSL	2:28278596c2a2	768	#endif
wolfSSL	2:28278596c2a2	769
wolfSSL	2:28278596c2a2	770	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	771	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	772
wolfSSL	2:28278596c2a2	773	if (GetMyVersion(input, inOutIdx, &version) < 0)
wolfSSL	2:28278596c2a2	774	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	775
wolfSSL	2:28278596c2a2	776	key->type = RSA_PRIVATE;
wolfSSL	2:28278596c2a2	777
wolfSSL	2:28278596c2a2	778	if (GetInt(&key->n, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	779	GetInt(&key->e, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	780	GetInt(&key->d, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	781	GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	782	GetInt(&key->q, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	783	GetInt(&key->dP, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	784	GetInt(&key->dQ, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	785	GetInt(&key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
wolfSSL	2:28278596c2a2	786
wolfSSL	2:28278596c2a2	787	return 0;
wolfSSL	2:28278596c2a2	788	}
wolfSSL	2:28278596c2a2	789
wolfSSL	2:28278596c2a2	790	#endif /* NO_RSA */
wolfSSL	2:28278596c2a2	791
wolfSSL	2:28278596c2a2	792	/* Remove PKCS8 header, move beginning of traditional to beginning of input */
wolfSSL	2:28278596c2a2	793	int ToTraditional(byte* input, word32 sz)
wolfSSL	2:28278596c2a2	794	{
wolfSSL	2:28278596c2a2	795	word32 inOutIdx = 0, oid;
wolfSSL	2:28278596c2a2	796	int version, length;
wolfSSL	2:28278596c2a2	797
wolfSSL	2:28278596c2a2	798	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	799	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	800
wolfSSL	2:28278596c2a2	801	if (GetMyVersion(input, &inOutIdx, &version) < 0)
wolfSSL	2:28278596c2a2	802	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	803
wolfSSL	2:28278596c2a2	804	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
wolfSSL	2:28278596c2a2	805	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	806
wolfSSL	2:28278596c2a2	807	if (input[inOutIdx] == ASN_OBJECT_ID) {
wolfSSL	2:28278596c2a2	808	/* pkcs8 ecc uses slightly different format */
wolfSSL	2:28278596c2a2	809	inOutIdx++; /* past id */
wolfSSL	2:28278596c2a2	810	if (GetLength(input, &inOutIdx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	811	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	812	inOutIdx += length; /* over sub id, key input will verify */
wolfSSL	2:28278596c2a2	813	}
wolfSSL	2:28278596c2a2	814
wolfSSL	2:28278596c2a2	815	if (input[inOutIdx++] != ASN_OCTET_STRING)
wolfSSL	2:28278596c2a2	816	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	817
wolfSSL	2:28278596c2a2	818	if (GetLength(input, &inOutIdx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	819	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	820
wolfSSL	2:28278596c2a2	821	XMEMMOVE(input, input + inOutIdx, length);
wolfSSL	2:28278596c2a2	822
wolfSSL	2:28278596c2a2	823	return length;
wolfSSL	2:28278596c2a2	824	}
wolfSSL	2:28278596c2a2	825
wolfSSL	2:28278596c2a2	826
wolfSSL	2:28278596c2a2	827	#ifndef NO_PWDBASED
wolfSSL	2:28278596c2a2	828
wolfSSL	2:28278596c2a2	829	/* Check To see if PKCS version algo is supported, set id if it is return 0
wolfSSL	2:28278596c2a2	830	< 0 on error */
wolfSSL	2:28278596c2a2	831	static int CheckAlgo(int first, int second, int* id, int* version)
wolfSSL	2:28278596c2a2	832	{
wolfSSL	2:28278596c2a2	833	*id = ALGO_ID_E;
wolfSSL	2:28278596c2a2	834	version = PKCS5; / default */
wolfSSL	2:28278596c2a2	835
wolfSSL	2:28278596c2a2	836	if (first == 1) {
wolfSSL	2:28278596c2a2	837	switch (second) {
wolfSSL	2:28278596c2a2	838	case 1:
wolfSSL	2:28278596c2a2	839	*id = PBE_SHA1_RC4_128;
wolfSSL	2:28278596c2a2	840	*version = PKCS12;
wolfSSL	2:28278596c2a2	841	return 0;
wolfSSL	2:28278596c2a2	842	case 3:
wolfSSL	2:28278596c2a2	843	*id = PBE_SHA1_DES3;
wolfSSL	2:28278596c2a2	844	*version = PKCS12;
wolfSSL	2:28278596c2a2	845	return 0;
wolfSSL	2:28278596c2a2	846	default:
wolfSSL	2:28278596c2a2	847	return ALGO_ID_E;
wolfSSL	2:28278596c2a2	848	}
wolfSSL	2:28278596c2a2	849	}
wolfSSL	2:28278596c2a2	850
wolfSSL	2:28278596c2a2	851	if (first != PKCS5)
wolfSSL	2:28278596c2a2	852	return ASN_INPUT_E; /* VERSION ERROR */
wolfSSL	2:28278596c2a2	853
wolfSSL	2:28278596c2a2	854	if (second == PBES2) {
wolfSSL	2:28278596c2a2	855	*version = PKCS5v2;
wolfSSL	2:28278596c2a2	856	return 0;
wolfSSL	2:28278596c2a2	857	}
wolfSSL	2:28278596c2a2	858
wolfSSL	2:28278596c2a2	859	switch (second) {
wolfSSL	2:28278596c2a2	860	case 3: /* see RFC 2898 for ids */
wolfSSL	2:28278596c2a2	861	*id = PBE_MD5_DES;
wolfSSL	2:28278596c2a2	862	return 0;
wolfSSL	2:28278596c2a2	863	case 10:
wolfSSL	2:28278596c2a2	864	*id = PBE_SHA1_DES;
wolfSSL	2:28278596c2a2	865	return 0;
wolfSSL	2:28278596c2a2	866	default:
wolfSSL	2:28278596c2a2	867	return ALGO_ID_E;
wolfSSL	2:28278596c2a2	868
wolfSSL	2:28278596c2a2	869	}
wolfSSL	2:28278596c2a2	870	}
wolfSSL	2:28278596c2a2	871
wolfSSL	2:28278596c2a2	872
wolfSSL	2:28278596c2a2	873	/* Check To see if PKCS v2 algo is supported, set id if it is return 0
wolfSSL	2:28278596c2a2	874	< 0 on error */
wolfSSL	2:28278596c2a2	875	static int CheckAlgoV2(int oid, int* id)
wolfSSL	2:28278596c2a2	876	{
wolfSSL	2:28278596c2a2	877	switch (oid) {
wolfSSL	2:28278596c2a2	878	case 69:
wolfSSL	2:28278596c2a2	879	*id = PBE_SHA1_DES;
wolfSSL	2:28278596c2a2	880	return 0;
wolfSSL	2:28278596c2a2	881	case 652:
wolfSSL	2:28278596c2a2	882	*id = PBE_SHA1_DES3;
wolfSSL	2:28278596c2a2	883	return 0;
wolfSSL	2:28278596c2a2	884	default:
wolfSSL	2:28278596c2a2	885	return ALGO_ID_E;
wolfSSL	2:28278596c2a2	886
wolfSSL	2:28278596c2a2	887	}
wolfSSL	2:28278596c2a2	888	}
wolfSSL	2:28278596c2a2	889
wolfSSL	2:28278596c2a2	890
wolfSSL	2:28278596c2a2	891	/* Decrypt intput in place from parameters based on id */
wolfSSL	2:28278596c2a2	892	static int DecryptKey(const char* password, int passwordSz, byte* salt,
wolfSSL	2:28278596c2a2	893	int saltSz, int iterations, int id, byte* input,
wolfSSL	2:28278596c2a2	894	int length, int version, byte* cbcIv)
wolfSSL	2:28278596c2a2	895	{
wolfSSL	2:28278596c2a2	896	int typeH;
wolfSSL	2:28278596c2a2	897	int derivedLen;
wolfSSL	2:28278596c2a2	898	int decryptionType;
wolfSSL	2:28278596c2a2	899	int ret = 0;
wolfSSL	2:28278596c2a2	900	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	901	byte* key;
wolfSSL	2:28278596c2a2	902	#else
wolfSSL	2:28278596c2a2	903	byte key[MAX_KEY_SIZE];
wolfSSL	2:28278596c2a2	904	#endif
wolfSSL	2:28278596c2a2	905
wolfSSL	2:28278596c2a2	906	switch (id) {
wolfSSL	2:28278596c2a2	907	case PBE_MD5_DES:
wolfSSL	2:28278596c2a2	908	typeH = MD5;
wolfSSL	2:28278596c2a2	909	derivedLen = 16; /* may need iv for v1.5 */
wolfSSL	2:28278596c2a2	910	decryptionType = DES_TYPE;
wolfSSL	2:28278596c2a2	911	break;
wolfSSL	2:28278596c2a2	912
wolfSSL	2:28278596c2a2	913	case PBE_SHA1_DES:
wolfSSL	2:28278596c2a2	914	typeH = SHA;
wolfSSL	2:28278596c2a2	915	derivedLen = 16; /* may need iv for v1.5 */
wolfSSL	2:28278596c2a2	916	decryptionType = DES_TYPE;
wolfSSL	2:28278596c2a2	917	break;
wolfSSL	2:28278596c2a2	918
wolfSSL	2:28278596c2a2	919	case PBE_SHA1_DES3:
wolfSSL	2:28278596c2a2	920	typeH = SHA;
wolfSSL	2:28278596c2a2	921	derivedLen = 32; /* may need iv for v1.5 */
wolfSSL	2:28278596c2a2	922	decryptionType = DES3_TYPE;
wolfSSL	2:28278596c2a2	923	break;
wolfSSL	2:28278596c2a2	924
wolfSSL	2:28278596c2a2	925	case PBE_SHA1_RC4_128:
wolfSSL	2:28278596c2a2	926	typeH = SHA;
wolfSSL	2:28278596c2a2	927	derivedLen = 16;
wolfSSL	2:28278596c2a2	928	decryptionType = RC4_TYPE;
wolfSSL	2:28278596c2a2	929	break;
wolfSSL	2:28278596c2a2	930
wolfSSL	2:28278596c2a2	931	default:
wolfSSL	2:28278596c2a2	932	return ALGO_ID_E;
wolfSSL	2:28278596c2a2	933	}
wolfSSL	2:28278596c2a2	934
wolfSSL	2:28278596c2a2	935	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	936	key = (byte*)XMALLOC(MAX_KEY_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	937	if (key == NULL)
wolfSSL	2:28278596c2a2	938	return MEMORY_E;
wolfSSL	2:28278596c2a2	939	#endif
wolfSSL	2:28278596c2a2	940
wolfSSL	2:28278596c2a2	941	if (version == PKCS5v2)
wolfSSL	2:28278596c2a2	942	ret = wc_PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations,
wolfSSL	2:28278596c2a2	943	derivedLen, typeH);
wolfSSL	2:28278596c2a2	944	#ifndef NO_SHA
wolfSSL	2:28278596c2a2	945	else if (version == PKCS5)
wolfSSL	2:28278596c2a2	946	ret = wc_PBKDF1(key, (byte*)password, passwordSz, salt, saltSz, iterations,
wolfSSL	2:28278596c2a2	947	derivedLen, typeH);
wolfSSL	2:28278596c2a2	948	#endif
wolfSSL	2:28278596c2a2	949	else if (version == PKCS12) {
wolfSSL	2:28278596c2a2	950	int i, idx = 0;
wolfSSL	2:28278596c2a2	951	byte unicodePasswd[MAX_UNICODE_SZ];
wolfSSL	2:28278596c2a2	952
wolfSSL	2:28278596c2a2	953	if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
wolfSSL	2:28278596c2a2	954	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	955	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	956	#endif
wolfSSL	2:28278596c2a2	957	return UNICODE_SIZE_E;
wolfSSL	2:28278596c2a2	958	}
wolfSSL	2:28278596c2a2	959
wolfSSL	2:28278596c2a2	960	for (i = 0; i < passwordSz; i++) {
wolfSSL	2:28278596c2a2	961	unicodePasswd[idx++] = 0x00;
wolfSSL	2:28278596c2a2	962	unicodePasswd[idx++] = (byte)password[i];
wolfSSL	2:28278596c2a2	963	}
wolfSSL	2:28278596c2a2	964	/* add trailing NULL */
wolfSSL	2:28278596c2a2	965	unicodePasswd[idx++] = 0x00;
wolfSSL	2:28278596c2a2	966	unicodePasswd[idx++] = 0x00;
wolfSSL	2:28278596c2a2	967
wolfSSL	2:28278596c2a2	968	ret = wc_PKCS12_PBKDF(key, unicodePasswd, idx, salt, saltSz,
wolfSSL	2:28278596c2a2	969	iterations, derivedLen, typeH, 1);
wolfSSL	2:28278596c2a2	970	if (decryptionType != RC4_TYPE)
wolfSSL	2:28278596c2a2	971	ret += wc_PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz,
wolfSSL	2:28278596c2a2	972	iterations, 8, typeH, 2);
wolfSSL	2:28278596c2a2	973	}
wolfSSL	2:28278596c2a2	974	else {
wolfSSL	2:28278596c2a2	975	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	976	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	977	#endif
wolfSSL	2:28278596c2a2	978	return ALGO_ID_E;
wolfSSL	2:28278596c2a2	979	}
wolfSSL	2:28278596c2a2	980
wolfSSL	2:28278596c2a2	981	if (ret != 0) {
wolfSSL	2:28278596c2a2	982	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	983	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	984	#endif
wolfSSL	2:28278596c2a2	985	return ret;
wolfSSL	2:28278596c2a2	986	}
wolfSSL	2:28278596c2a2	987
wolfSSL	2:28278596c2a2	988	switch (decryptionType) {
wolfSSL	2:28278596c2a2	989	#ifndef NO_DES3
wolfSSL	2:28278596c2a2	990	case DES_TYPE:
wolfSSL	2:28278596c2a2	991	{
wolfSSL	2:28278596c2a2	992	Des dec;
wolfSSL	2:28278596c2a2	993	byte* desIv = key + 8;
wolfSSL	2:28278596c2a2	994
wolfSSL	2:28278596c2a2	995	if (version == PKCS5v2 \|\| version == PKCS12)
wolfSSL	2:28278596c2a2	996	desIv = cbcIv;
wolfSSL	2:28278596c2a2	997
wolfSSL	2:28278596c2a2	998	ret = wc_Des_SetKey(&dec, key, desIv, DES_DECRYPTION);
wolfSSL	2:28278596c2a2	999	if (ret != 0) {
wolfSSL	2:28278596c2a2	1000	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1001	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1002	#endif
wolfSSL	2:28278596c2a2	1003	return ret;
wolfSSL	2:28278596c2a2	1004	}
wolfSSL	2:28278596c2a2	1005
wolfSSL	2:28278596c2a2	1006	wc_Des_CbcDecrypt(&dec, input, input, length);
wolfSSL	2:28278596c2a2	1007	break;
wolfSSL	2:28278596c2a2	1008	}
wolfSSL	2:28278596c2a2	1009
wolfSSL	2:28278596c2a2	1010	case DES3_TYPE:
wolfSSL	2:28278596c2a2	1011	{
wolfSSL	2:28278596c2a2	1012	Des3 dec;
wolfSSL	2:28278596c2a2	1013	byte* desIv = key + 24;
wolfSSL	2:28278596c2a2	1014
wolfSSL	2:28278596c2a2	1015	if (version == PKCS5v2 \|\| version == PKCS12)
wolfSSL	2:28278596c2a2	1016	desIv = cbcIv;
wolfSSL	2:28278596c2a2	1017	ret = wc_Des3_SetKey(&dec, key, desIv, DES_DECRYPTION);
wolfSSL	2:28278596c2a2	1018	if (ret != 0) {
wolfSSL	2:28278596c2a2	1019	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1020	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1021	#endif
wolfSSL	2:28278596c2a2	1022	return ret;
wolfSSL	2:28278596c2a2	1023	}
wolfSSL	2:28278596c2a2	1024	ret = wc_Des3_CbcDecrypt(&dec, input, input, length);
wolfSSL	2:28278596c2a2	1025	if (ret != 0) {
wolfSSL	2:28278596c2a2	1026	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1027	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1028	#endif
wolfSSL	2:28278596c2a2	1029	return ret;
wolfSSL	2:28278596c2a2	1030	}
wolfSSL	2:28278596c2a2	1031	break;
wolfSSL	2:28278596c2a2	1032	}
wolfSSL	2:28278596c2a2	1033	#endif
wolfSSL	2:28278596c2a2	1034	#ifndef NO_RC4
wolfSSL	2:28278596c2a2	1035	case RC4_TYPE:
wolfSSL	2:28278596c2a2	1036	{
wolfSSL	2:28278596c2a2	1037	Arc4 dec;
wolfSSL	2:28278596c2a2	1038
wolfSSL	2:28278596c2a2	1039	wc_Arc4SetKey(&dec, key, derivedLen);
wolfSSL	2:28278596c2a2	1040	wc_Arc4Process(&dec, input, input, length);
wolfSSL	2:28278596c2a2	1041	break;
wolfSSL	2:28278596c2a2	1042	}
wolfSSL	2:28278596c2a2	1043	#endif
wolfSSL	2:28278596c2a2	1044
wolfSSL	2:28278596c2a2	1045	default:
wolfSSL	2:28278596c2a2	1046	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1047	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1048	#endif
wolfSSL	2:28278596c2a2	1049	return ALGO_ID_E;
wolfSSL	2:28278596c2a2	1050	}
wolfSSL	2:28278596c2a2	1051
wolfSSL	2:28278596c2a2	1052	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1053	XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1054	#endif
wolfSSL	2:28278596c2a2	1055
wolfSSL	2:28278596c2a2	1056	return 0;
wolfSSL	2:28278596c2a2	1057	}
wolfSSL	2:28278596c2a2	1058
wolfSSL	2:28278596c2a2	1059
wolfSSL	2:28278596c2a2	1060	/* Remove Encrypted PKCS8 header, move beginning of traditional to beginning
wolfSSL	2:28278596c2a2	1061	of input */
wolfSSL	2:28278596c2a2	1062	int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz)
wolfSSL	2:28278596c2a2	1063	{
wolfSSL	2:28278596c2a2	1064	word32 inOutIdx = 0, oid;
wolfSSL	2:28278596c2a2	1065	int first, second, length, version, saltSz, id;
wolfSSL	2:28278596c2a2	1066	int iterations = 0;
wolfSSL	2:28278596c2a2	1067	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1068	byte* salt = NULL;
wolfSSL	2:28278596c2a2	1069	byte* cbcIv = NULL;
wolfSSL	2:28278596c2a2	1070	#else
wolfSSL	2:28278596c2a2	1071	byte salt[MAX_SALT_SIZE];
wolfSSL	2:28278596c2a2	1072	byte cbcIv[MAX_IV_SIZE];
wolfSSL	2:28278596c2a2	1073	#endif
wolfSSL	2:28278596c2a2	1074
wolfSSL	2:28278596c2a2	1075	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	1076	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1077
wolfSSL	2:28278596c2a2	1078	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
wolfSSL	2:28278596c2a2	1079	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1080
wolfSSL	2:28278596c2a2	1081	first = input[inOutIdx - 2]; /* PKCS version alwyas 2nd to last byte */
wolfSSL	2:28278596c2a2	1082	second = input[inOutIdx - 1]; /* version.algo, algo id last byte */
wolfSSL	2:28278596c2a2	1083
wolfSSL	2:28278596c2a2	1084	if (CheckAlgo(first, second, &id, &version) < 0)
wolfSSL	2:28278596c2a2	1085	return ASN_INPUT_E; /* Algo ID error */
wolfSSL	2:28278596c2a2	1086
wolfSSL	2:28278596c2a2	1087	if (version == PKCS5v2) {
wolfSSL	2:28278596c2a2	1088
wolfSSL	2:28278596c2a2	1089	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	1090	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1091
wolfSSL	2:28278596c2a2	1092	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0)
wolfSSL	2:28278596c2a2	1093	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1094
wolfSSL	2:28278596c2a2	1095	if (oid != PBKDF2_OID)
wolfSSL	2:28278596c2a2	1096	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1097	}
wolfSSL	2:28278596c2a2	1098
wolfSSL	2:28278596c2a2	1099	if (GetSequence(input, &inOutIdx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	1100	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1101
wolfSSL	2:28278596c2a2	1102	if (input[inOutIdx++] != ASN_OCTET_STRING)
wolfSSL	2:28278596c2a2	1103	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1104
wolfSSL	2:28278596c2a2	1105	if (GetLength(input, &inOutIdx, &saltSz, sz) < 0)
wolfSSL	2:28278596c2a2	1106	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1107
wolfSSL	2:28278596c2a2	1108	if (saltSz > MAX_SALT_SIZE)
wolfSSL	2:28278596c2a2	1109	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1110
wolfSSL	2:28278596c2a2	1111	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1112	salt = (byte*)XMALLOC(MAX_SALT_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1113	if (salt == NULL)
wolfSSL	2:28278596c2a2	1114	return MEMORY_E;
wolfSSL	2:28278596c2a2	1115	#endif
wolfSSL	2:28278596c2a2	1116
wolfSSL	2:28278596c2a2	1117	XMEMCPY(salt, &input[inOutIdx], saltSz);
wolfSSL	2:28278596c2a2	1118	inOutIdx += saltSz;
wolfSSL	2:28278596c2a2	1119
wolfSSL	2:28278596c2a2	1120	if (GetShortInt(input, &inOutIdx, &iterations) < 0) {
wolfSSL	2:28278596c2a2	1121	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1122	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1123	#endif
wolfSSL	2:28278596c2a2	1124	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1125	}
wolfSSL	2:28278596c2a2	1126
wolfSSL	2:28278596c2a2	1127	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1128	cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1129	if (cbcIv == NULL) {
wolfSSL	2:28278596c2a2	1130	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1131	return MEMORY_E;
wolfSSL	2:28278596c2a2	1132	}
wolfSSL	2:28278596c2a2	1133	#endif
wolfSSL	2:28278596c2a2	1134
wolfSSL	2:28278596c2a2	1135	if (version == PKCS5v2) {
wolfSSL	2:28278596c2a2	1136	/* get encryption algo */
wolfSSL	2:28278596c2a2	1137	if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) {
wolfSSL	2:28278596c2a2	1138	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1139	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1140	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1141	#endif
wolfSSL	2:28278596c2a2	1142	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1143	}
wolfSSL	2:28278596c2a2	1144
wolfSSL	2:28278596c2a2	1145	if (CheckAlgoV2(oid, &id) < 0) {
wolfSSL	2:28278596c2a2	1146	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1147	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1148	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1149	#endif
wolfSSL	2:28278596c2a2	1150	return ASN_PARSE_E; /* PKCS v2 algo id error */
wolfSSL	2:28278596c2a2	1151	}
wolfSSL	2:28278596c2a2	1152
wolfSSL	2:28278596c2a2	1153	if (input[inOutIdx++] != ASN_OCTET_STRING) {
wolfSSL	2:28278596c2a2	1154	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1155	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1156	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1157	#endif
wolfSSL	2:28278596c2a2	1158	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1159	}
wolfSSL	2:28278596c2a2	1160
wolfSSL	2:28278596c2a2	1161	if (GetLength(input, &inOutIdx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	1162	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1163	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1164	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1165	#endif
wolfSSL	2:28278596c2a2	1166	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1167	}
wolfSSL	2:28278596c2a2	1168
wolfSSL	2:28278596c2a2	1169	XMEMCPY(cbcIv, &input[inOutIdx], length);
wolfSSL	2:28278596c2a2	1170	inOutIdx += length;
wolfSSL	2:28278596c2a2	1171	}
wolfSSL	2:28278596c2a2	1172
wolfSSL	2:28278596c2a2	1173	if (input[inOutIdx++] != ASN_OCTET_STRING) {
wolfSSL	2:28278596c2a2	1174	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1175	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1176	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1177	#endif
wolfSSL	2:28278596c2a2	1178	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1179	}
wolfSSL	2:28278596c2a2	1180
wolfSSL	2:28278596c2a2	1181	if (GetLength(input, &inOutIdx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	1182	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1183	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1184	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1185	#endif
wolfSSL	2:28278596c2a2	1186	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1187	}
wolfSSL	2:28278596c2a2	1188
wolfSSL	2:28278596c2a2	1189	if (DecryptKey(password, passwordSz, salt, saltSz, iterations, id,
wolfSSL	2:28278596c2a2	1190	input + inOutIdx, length, version, cbcIv) < 0) {
wolfSSL	2:28278596c2a2	1191	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1192	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1193	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1194	#endif
wolfSSL	2:28278596c2a2	1195	return ASN_INPUT_E; /* decrypt failure */
wolfSSL	2:28278596c2a2	1196	}
wolfSSL	2:28278596c2a2	1197
wolfSSL	2:28278596c2a2	1198	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1199	XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1200	XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1201	#endif
wolfSSL	2:28278596c2a2	1202
wolfSSL	2:28278596c2a2	1203	XMEMMOVE(input, input + inOutIdx, length);
wolfSSL	2:28278596c2a2	1204	return ToTraditional(input, length);
wolfSSL	2:28278596c2a2	1205	}
wolfSSL	2:28278596c2a2	1206
wolfSSL	2:28278596c2a2	1207	#endif /* NO_PWDBASED */
wolfSSL	2:28278596c2a2	1208
wolfSSL	2:28278596c2a2	1209	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	1210
wolfSSL	2:28278596c2a2	1211	int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
wolfSSL	2:28278596c2a2	1212	word32 inSz)
wolfSSL	2:28278596c2a2	1213	{
wolfSSL	2:28278596c2a2	1214	int length;
wolfSSL	2:28278596c2a2	1215
wolfSSL	2:28278596c2a2	1216	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1217	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1218
wolfSSL	2:28278596c2a2	1219	key->type = RSA_PUBLIC;
wolfSSL	2:28278596c2a2	1220
wolfSSL	2:28278596c2a2	1221	#if defined(OPENSSL_EXTRA) \|\| defined(RSA_DECODE_EXTRA)
wolfSSL	2:28278596c2a2	1222	{
wolfSSL	2:28278596c2a2	1223	byte b = input[*inOutIdx];
wolfSSL	2:28278596c2a2	1224	if (b != ASN_INTEGER) {
wolfSSL	2:28278596c2a2	1225	/* not from decoded cert, will have algo id, skip past */
wolfSSL	2:28278596c2a2	1226	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1227	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1228
wolfSSL	2:28278596c2a2	1229	b = input[(*inOutIdx)++];
wolfSSL	2:28278596c2a2	1230	if (b != ASN_OBJECT_ID)
wolfSSL	2:28278596c2a2	1231	return ASN_OBJECT_ID_E;
wolfSSL	2:28278596c2a2	1232
wolfSSL	2:28278596c2a2	1233	if (GetLength(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1234	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1235
wolfSSL	2:28278596c2a2	1236	inOutIdx += length; / skip past */
wolfSSL	2:28278596c2a2	1237
wolfSSL	2:28278596c2a2	1238	/* could have NULL tag and 0 terminator, but may not */
wolfSSL	2:28278596c2a2	1239	b = input[(*inOutIdx)++];
wolfSSL	2:28278596c2a2	1240
wolfSSL	2:28278596c2a2	1241	if (b == ASN_TAG_NULL) {
wolfSSL	2:28278596c2a2	1242	b = input[(*inOutIdx)++];
wolfSSL	2:28278596c2a2	1243	if (b != 0)
wolfSSL	2:28278596c2a2	1244	return ASN_EXPECT_0_E;
wolfSSL	2:28278596c2a2	1245	}
wolfSSL	2:28278596c2a2	1246	else
wolfSSL	2:28278596c2a2	1247	/* go back, didn't have it */
wolfSSL	2:28278596c2a2	1248	(*inOutIdx)--;
wolfSSL	2:28278596c2a2	1249
wolfSSL	2:28278596c2a2	1250	/* should have bit tag length and seq next */
wolfSSL	2:28278596c2a2	1251	b = input[(*inOutIdx)++];
wolfSSL	2:28278596c2a2	1252	if (b != ASN_BIT_STRING)
wolfSSL	2:28278596c2a2	1253	return ASN_BITSTR_E;
wolfSSL	2:28278596c2a2	1254
wolfSSL	2:28278596c2a2	1255	if (GetLength(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1256	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1257
wolfSSL	2:28278596c2a2	1258	/* could have 0 */
wolfSSL	2:28278596c2a2	1259	b = input[(*inOutIdx)++];
wolfSSL	2:28278596c2a2	1260	if (b != 0)
wolfSSL	2:28278596c2a2	1261	(*inOutIdx)--;
wolfSSL	2:28278596c2a2	1262
wolfSSL	2:28278596c2a2	1263	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1264	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1265	} /* end if */
wolfSSL	2:28278596c2a2	1266	} /* openssl var block */
wolfSSL	2:28278596c2a2	1267	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	1268
wolfSSL	2:28278596c2a2	1269	if (GetInt(&key->n, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1270	GetInt(&key->e, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
wolfSSL	2:28278596c2a2	1271
wolfSSL	2:28278596c2a2	1272	return 0;
wolfSSL	2:28278596c2a2	1273	}
wolfSSL	2:28278596c2a2	1274
wolfSSL	2:28278596c2a2	1275	/* import RSA public key elements (n, e) into RsaKey structure (key) */
wolfSSL	2:28278596c2a2	1276	int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
wolfSSL	2:28278596c2a2	1277	word32 eSz, RsaKey* key)
wolfSSL	2:28278596c2a2	1278	{
wolfSSL	2:28278596c2a2	1279	if (n == NULL \|\| e == NULL \|\| key == NULL)
wolfSSL	2:28278596c2a2	1280	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	1281
wolfSSL	2:28278596c2a2	1282	key->type = RSA_PUBLIC;
wolfSSL	2:28278596c2a2	1283
wolfSSL	2:28278596c2a2	1284	if (mp_init(&key->n) != MP_OKAY)
wolfSSL	2:28278596c2a2	1285	return MP_INIT_E;
wolfSSL	2:28278596c2a2	1286
wolfSSL	2:28278596c2a2	1287	if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
wolfSSL	2:28278596c2a2	1288	mp_clear(&key->n);
wolfSSL	2:28278596c2a2	1289	return ASN_GETINT_E;
wolfSSL	2:28278596c2a2	1290	}
wolfSSL	2:28278596c2a2	1291
wolfSSL	2:28278596c2a2	1292	if (mp_init(&key->e) != MP_OKAY) {
wolfSSL	2:28278596c2a2	1293	mp_clear(&key->n);
wolfSSL	2:28278596c2a2	1294	return MP_INIT_E;
wolfSSL	2:28278596c2a2	1295	}
wolfSSL	2:28278596c2a2	1296
wolfSSL	2:28278596c2a2	1297	if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
wolfSSL	2:28278596c2a2	1298	mp_clear(&key->n);
wolfSSL	2:28278596c2a2	1299	mp_clear(&key->e);
wolfSSL	2:28278596c2a2	1300	return ASN_GETINT_E;
wolfSSL	2:28278596c2a2	1301	}
wolfSSL	2:28278596c2a2	1302
wolfSSL	2:28278596c2a2	1303	return 0;
wolfSSL	2:28278596c2a2	1304	}
wolfSSL	2:28278596c2a2	1305
wolfSSL	2:28278596c2a2	1306	#endif
wolfSSL	2:28278596c2a2	1307
wolfSSL	2:28278596c2a2	1308	#ifndef NO_DH
wolfSSL	2:28278596c2a2	1309
wolfSSL	2:28278596c2a2	1310	int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
wolfSSL	2:28278596c2a2	1311	{
wolfSSL	2:28278596c2a2	1312	int length;
wolfSSL	2:28278596c2a2	1313
wolfSSL	2:28278596c2a2	1314	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1315	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1316
wolfSSL	2:28278596c2a2	1317	if (GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1318	GetInt(&key->g, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
wolfSSL	2:28278596c2a2	1319
wolfSSL	2:28278596c2a2	1320	return 0;
wolfSSL	2:28278596c2a2	1321	}
wolfSSL	2:28278596c2a2	1322
wolfSSL	2:28278596c2a2	1323
wolfSSL	2:28278596c2a2	1324	int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
wolfSSL	2:28278596c2a2	1325	byte* g, word32* gInOutSz)
wolfSSL	2:28278596c2a2	1326	{
wolfSSL	2:28278596c2a2	1327	word32 i = 0;
wolfSSL	2:28278596c2a2	1328	byte b;
wolfSSL	2:28278596c2a2	1329	int length;
wolfSSL	2:28278596c2a2	1330
wolfSSL	2:28278596c2a2	1331	if (GetSequence(input, &i, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1332	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1333
wolfSSL	2:28278596c2a2	1334	b = input[i++];
wolfSSL	2:28278596c2a2	1335	if (b != ASN_INTEGER)
wolfSSL	2:28278596c2a2	1336	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1337
wolfSSL	2:28278596c2a2	1338	if (GetLength(input, &i, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1339	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1340
wolfSSL	2:28278596c2a2	1341	if ( (b = input[i++]) == 0x00)
wolfSSL	2:28278596c2a2	1342	length--;
wolfSSL	2:28278596c2a2	1343	else
wolfSSL	2:28278596c2a2	1344	i--;
wolfSSL	2:28278596c2a2	1345
wolfSSL	2:28278596c2a2	1346	if (length <= (int)*pInOutSz) {
wolfSSL	2:28278596c2a2	1347	XMEMCPY(p, &input[i], length);
wolfSSL	2:28278596c2a2	1348	*pInOutSz = length;
wolfSSL	2:28278596c2a2	1349	}
wolfSSL	2:28278596c2a2	1350	else
wolfSSL	2:28278596c2a2	1351	return BUFFER_E;
wolfSSL	2:28278596c2a2	1352
wolfSSL	2:28278596c2a2	1353	i += length;
wolfSSL	2:28278596c2a2	1354
wolfSSL	2:28278596c2a2	1355	b = input[i++];
wolfSSL	2:28278596c2a2	1356	if (b != ASN_INTEGER)
wolfSSL	2:28278596c2a2	1357	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1358
wolfSSL	2:28278596c2a2	1359	if (GetLength(input, &i, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1360	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1361
wolfSSL	2:28278596c2a2	1362	if (length <= (int)*gInOutSz) {
wolfSSL	2:28278596c2a2	1363	XMEMCPY(g, &input[i], length);
wolfSSL	2:28278596c2a2	1364	*gInOutSz = length;
wolfSSL	2:28278596c2a2	1365	}
wolfSSL	2:28278596c2a2	1366	else
wolfSSL	2:28278596c2a2	1367	return BUFFER_E;
wolfSSL	2:28278596c2a2	1368
wolfSSL	2:28278596c2a2	1369	return 0;
wolfSSL	2:28278596c2a2	1370	}
wolfSSL	2:28278596c2a2	1371
wolfSSL	2:28278596c2a2	1372	#endif /* NO_DH */
wolfSSL	2:28278596c2a2	1373
wolfSSL	2:28278596c2a2	1374
wolfSSL	2:28278596c2a2	1375	#ifndef NO_DSA
wolfSSL	2:28278596c2a2	1376
wolfSSL	2:28278596c2a2	1377	int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
wolfSSL	2:28278596c2a2	1378	word32 inSz)
wolfSSL	2:28278596c2a2	1379	{
wolfSSL	2:28278596c2a2	1380	int length;
wolfSSL	2:28278596c2a2	1381
wolfSSL	2:28278596c2a2	1382	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1383	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1384
wolfSSL	2:28278596c2a2	1385	if (GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1386	GetInt(&key->q, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1387	GetInt(&key->g, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1388	GetInt(&key->y, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
wolfSSL	2:28278596c2a2	1389
wolfSSL	2:28278596c2a2	1390	key->type = DSA_PUBLIC;
wolfSSL	2:28278596c2a2	1391	return 0;
wolfSSL	2:28278596c2a2	1392	}
wolfSSL	2:28278596c2a2	1393
wolfSSL	2:28278596c2a2	1394
wolfSSL	2:28278596c2a2	1395	int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
wolfSSL	2:28278596c2a2	1396	word32 inSz)
wolfSSL	2:28278596c2a2	1397	{
wolfSSL	2:28278596c2a2	1398	int length, version;
wolfSSL	2:28278596c2a2	1399
wolfSSL	2:28278596c2a2	1400	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	1401	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1402
wolfSSL	2:28278596c2a2	1403	if (GetMyVersion(input, inOutIdx, &version) < 0)
wolfSSL	2:28278596c2a2	1404	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1405
wolfSSL	2:28278596c2a2	1406	if (GetInt(&key->p, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1407	GetInt(&key->q, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1408	GetInt(&key->g, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1409	GetInt(&key->y, input, inOutIdx, inSz) < 0 \|\|
wolfSSL	2:28278596c2a2	1410	GetInt(&key->x, input, inOutIdx, inSz) < 0 ) return ASN_DH_KEY_E;
wolfSSL	2:28278596c2a2	1411
wolfSSL	2:28278596c2a2	1412	key->type = DSA_PRIVATE;
wolfSSL	2:28278596c2a2	1413	return 0;
wolfSSL	2:28278596c2a2	1414	}
wolfSSL	2:28278596c2a2	1415
wolfSSL	2:28278596c2a2	1416	#endif /* NO_DSA */
wolfSSL	2:28278596c2a2	1417
wolfSSL	2:28278596c2a2	1418
wolfSSL	2:28278596c2a2	1419	void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap)
wolfSSL	2:28278596c2a2	1420	{
wolfSSL	2:28278596c2a2	1421	cert->publicKey = 0;
wolfSSL	2:28278596c2a2	1422	cert->pubKeySize = 0;
wolfSSL	2:28278596c2a2	1423	cert->pubKeyStored = 0;
wolfSSL	2:28278596c2a2	1424	cert->version = 0;
wolfSSL	2:28278596c2a2	1425	cert->signature = 0;
wolfSSL	2:28278596c2a2	1426	cert->subjectCN = 0;
wolfSSL	2:28278596c2a2	1427	cert->subjectCNLen = 0;
wolfSSL	2:28278596c2a2	1428	cert->subjectCNEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	1429	cert->subjectCNStored = 0;
wolfSSL	2:28278596c2a2	1430	cert->weOwnAltNames = 0;
wolfSSL	2:28278596c2a2	1431	cert->altNames = NULL;
wolfSSL	2:28278596c2a2	1432	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	1433	cert->altEmailNames = NULL;
wolfSSL	2:28278596c2a2	1434	cert->permittedNames = NULL;
wolfSSL	2:28278596c2a2	1435	cert->excludedNames = NULL;
wolfSSL	2:28278596c2a2	1436	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	1437	cert->issuer[0] = '\0';
wolfSSL	2:28278596c2a2	1438	cert->subject[0] = '\0';
wolfSSL	2:28278596c2a2	1439	cert->source = source; /* don't own */
wolfSSL	2:28278596c2a2	1440	cert->srcIdx = 0;
wolfSSL	2:28278596c2a2	1441	cert->maxIdx = inSz; /* can't go over this index */
wolfSSL	2:28278596c2a2	1442	cert->heap = heap;
wolfSSL	2:28278596c2a2	1443	XMEMSET(cert->serial, 0, EXTERNAL_SERIAL_SIZE);
wolfSSL	2:28278596c2a2	1444	cert->serialSz = 0;
wolfSSL	2:28278596c2a2	1445	cert->extensions = 0;
wolfSSL	2:28278596c2a2	1446	cert->extensionsSz = 0;
wolfSSL	2:28278596c2a2	1447	cert->extensionsIdx = 0;
wolfSSL	2:28278596c2a2	1448	cert->extAuthInfo = NULL;
wolfSSL	2:28278596c2a2	1449	cert->extAuthInfoSz = 0;
wolfSSL	2:28278596c2a2	1450	cert->extCrlInfo = NULL;
wolfSSL	2:28278596c2a2	1451	cert->extCrlInfoSz = 0;
wolfSSL	2:28278596c2a2	1452	XMEMSET(cert->extSubjKeyId, 0, KEYID_SIZE);
wolfSSL	2:28278596c2a2	1453	cert->extSubjKeyIdSet = 0;
wolfSSL	2:28278596c2a2	1454	XMEMSET(cert->extAuthKeyId, 0, KEYID_SIZE);
wolfSSL	2:28278596c2a2	1455	cert->extAuthKeyIdSet = 0;
wolfSSL	2:28278596c2a2	1456	cert->extKeyUsageSet = 0;
wolfSSL	2:28278596c2a2	1457	cert->extKeyUsage = 0;
wolfSSL	2:28278596c2a2	1458	cert->extExtKeyUsageSet = 0;
wolfSSL	2:28278596c2a2	1459	cert->extExtKeyUsage = 0;
wolfSSL	2:28278596c2a2	1460	cert->isCA = 0;
wolfSSL	2:28278596c2a2	1461	#ifdef HAVE_PKCS7
wolfSSL	2:28278596c2a2	1462	cert->issuerRaw = NULL;
wolfSSL	2:28278596c2a2	1463	cert->issuerRawLen = 0;
wolfSSL	2:28278596c2a2	1464	#endif
wolfSSL	2:28278596c2a2	1465	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	1466	cert->subjectSN = 0;
wolfSSL	2:28278596c2a2	1467	cert->subjectSNLen = 0;
wolfSSL	2:28278596c2a2	1468	cert->subjectSNEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	1469	cert->subjectC = 0;
wolfSSL	2:28278596c2a2	1470	cert->subjectCLen = 0;
wolfSSL	2:28278596c2a2	1471	cert->subjectCEnc = CTC_PRINTABLE;
wolfSSL	2:28278596c2a2	1472	cert->subjectL = 0;
wolfSSL	2:28278596c2a2	1473	cert->subjectLLen = 0;
wolfSSL	2:28278596c2a2	1474	cert->subjectLEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	1475	cert->subjectST = 0;
wolfSSL	2:28278596c2a2	1476	cert->subjectSTLen = 0;
wolfSSL	2:28278596c2a2	1477	cert->subjectSTEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	1478	cert->subjectO = 0;
wolfSSL	2:28278596c2a2	1479	cert->subjectOLen = 0;
wolfSSL	2:28278596c2a2	1480	cert->subjectOEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	1481	cert->subjectOU = 0;
wolfSSL	2:28278596c2a2	1482	cert->subjectOULen = 0;
wolfSSL	2:28278596c2a2	1483	cert->subjectOUEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	1484	cert->subjectEmail = 0;
wolfSSL	2:28278596c2a2	1485	cert->subjectEmailLen = 0;
wolfSSL	2:28278596c2a2	1486	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	1487	cert->beforeDate = NULL;
wolfSSL	2:28278596c2a2	1488	cert->beforeDateLen = 0;
wolfSSL	2:28278596c2a2	1489	cert->afterDate = NULL;
wolfSSL	2:28278596c2a2	1490	cert->afterDateLen = 0;
wolfSSL	2:28278596c2a2	1491	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	1492	XMEMSET(&cert->issuerName, 0, sizeof(DecodedName));
wolfSSL	2:28278596c2a2	1493	XMEMSET(&cert->subjectName, 0, sizeof(DecodedName));
wolfSSL	2:28278596c2a2	1494	cert->extBasicConstSet = 0;
wolfSSL	2:28278596c2a2	1495	cert->extBasicConstCrit = 0;
wolfSSL	2:28278596c2a2	1496	cert->extBasicConstPlSet = 0;
wolfSSL	2:28278596c2a2	1497	cert->pathLength = 0;
wolfSSL	2:28278596c2a2	1498	cert->extSubjAltNameSet = 0;
wolfSSL	2:28278596c2a2	1499	cert->extSubjAltNameCrit = 0;
wolfSSL	2:28278596c2a2	1500	cert->extAuthKeyIdCrit = 0;
wolfSSL	2:28278596c2a2	1501	cert->extSubjKeyIdCrit = 0;
wolfSSL	2:28278596c2a2	1502	cert->extKeyUsageCrit = 0;
wolfSSL	2:28278596c2a2	1503	cert->extExtKeyUsageCrit = 0;
wolfSSL	2:28278596c2a2	1504	cert->extExtKeyUsageSrc = NULL;
wolfSSL	2:28278596c2a2	1505	cert->extExtKeyUsageSz = 0;
wolfSSL	2:28278596c2a2	1506	cert->extExtKeyUsageCount = 0;
wolfSSL	2:28278596c2a2	1507	cert->extAuthKeyIdSrc = NULL;
wolfSSL	2:28278596c2a2	1508	cert->extAuthKeyIdSz = 0;
wolfSSL	2:28278596c2a2	1509	cert->extSubjKeyIdSrc = NULL;
wolfSSL	2:28278596c2a2	1510	cert->extSubjKeyIdSz = 0;
wolfSSL	2:28278596c2a2	1511	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	1512	#if defined(OPENSSL_EXTRA) \|\| !defined(IGNORE_NAME_CONSTRAINTS)
wolfSSL	2:28278596c2a2	1513	cert->extNameConstraintSet = 0;
wolfSSL	2:28278596c2a2	1514	#endif /* OPENSSL_EXTRA \|\| !IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	1515	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	1516	cert->pkCurveOID = 0;
wolfSSL	2:28278596c2a2	1517	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	1518	#ifdef WOLFSSL_SEP
wolfSSL	2:28278596c2a2	1519	cert->deviceTypeSz = 0;
wolfSSL	2:28278596c2a2	1520	cert->deviceType = NULL;
wolfSSL	2:28278596c2a2	1521	cert->hwTypeSz = 0;
wolfSSL	2:28278596c2a2	1522	cert->hwType = NULL;
wolfSSL	2:28278596c2a2	1523	cert->hwSerialNumSz = 0;
wolfSSL	2:28278596c2a2	1524	cert->hwSerialNum = NULL;
wolfSSL	2:28278596c2a2	1525	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	1526	cert->extCertPolicySet = 0;
wolfSSL	2:28278596c2a2	1527	cert->extCertPolicyCrit = 0;
wolfSSL	2:28278596c2a2	1528	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	1529	#endif /* WOLFSSL_SEP */
wolfSSL	2:28278596c2a2	1530	}
wolfSSL	2:28278596c2a2	1531
wolfSSL	2:28278596c2a2	1532
wolfSSL	2:28278596c2a2	1533	void FreeAltNames(DNS_entry* altNames, void* heap)
wolfSSL	2:28278596c2a2	1534	{
wolfSSL	2:28278596c2a2	1535	(void)heap;
wolfSSL	2:28278596c2a2	1536
wolfSSL	2:28278596c2a2	1537	while (altNames) {
wolfSSL	2:28278596c2a2	1538	DNS_entry* tmp = altNames->next;
wolfSSL	2:28278596c2a2	1539
wolfSSL	2:28278596c2a2	1540	XFREE(altNames->name, heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	1541	XFREE(altNames, heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	1542	altNames = tmp;
wolfSSL	2:28278596c2a2	1543	}
wolfSSL	2:28278596c2a2	1544	}
wolfSSL	2:28278596c2a2	1545
wolfSSL	2:28278596c2a2	1546	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	1547
wolfSSL	2:28278596c2a2	1548	void FreeNameSubtrees(Base_entry* names, void* heap)
wolfSSL	2:28278596c2a2	1549	{
wolfSSL	2:28278596c2a2	1550	(void)heap;
wolfSSL	2:28278596c2a2	1551
wolfSSL	2:28278596c2a2	1552	while (names) {
wolfSSL	2:28278596c2a2	1553	Base_entry* tmp = names->next;
wolfSSL	2:28278596c2a2	1554
wolfSSL	2:28278596c2a2	1555	XFREE(names->name, heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	1556	XFREE(names, heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	1557	names = tmp;
wolfSSL	2:28278596c2a2	1558	}
wolfSSL	2:28278596c2a2	1559	}
wolfSSL	2:28278596c2a2	1560
wolfSSL	2:28278596c2a2	1561	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	1562
wolfSSL	2:28278596c2a2	1563	void FreeDecodedCert(DecodedCert* cert)
wolfSSL	2:28278596c2a2	1564	{
wolfSSL	2:28278596c2a2	1565	if (cert->subjectCNStored == 1)
wolfSSL	2:28278596c2a2	1566	XFREE(cert->subjectCN, cert->heap, DYNAMIC_TYPE_SUBJECT_CN);
wolfSSL	2:28278596c2a2	1567	if (cert->pubKeyStored == 1)
wolfSSL	2:28278596c2a2	1568	XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	2:28278596c2a2	1569	if (cert->weOwnAltNames && cert->altNames)
wolfSSL	2:28278596c2a2	1570	FreeAltNames(cert->altNames, cert->heap);
wolfSSL	2:28278596c2a2	1571	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	1572	if (cert->altEmailNames)
wolfSSL	2:28278596c2a2	1573	FreeAltNames(cert->altEmailNames, cert->heap);
wolfSSL	2:28278596c2a2	1574	if (cert->permittedNames)
wolfSSL	2:28278596c2a2	1575	FreeNameSubtrees(cert->permittedNames, cert->heap);
wolfSSL	2:28278596c2a2	1576	if (cert->excludedNames)
wolfSSL	2:28278596c2a2	1577	FreeNameSubtrees(cert->excludedNames, cert->heap);
wolfSSL	2:28278596c2a2	1578	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	1579	#ifdef WOLFSSL_SEP
wolfSSL	2:28278596c2a2	1580	XFREE(cert->deviceType, cert->heap, 0);
wolfSSL	2:28278596c2a2	1581	XFREE(cert->hwType, cert->heap, 0);
wolfSSL	2:28278596c2a2	1582	XFREE(cert->hwSerialNum, cert->heap, 0);
wolfSSL	2:28278596c2a2	1583	#endif /* WOLFSSL_SEP */
wolfSSL	2:28278596c2a2	1584	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	1585	if (cert->issuerName.fullName != NULL)
wolfSSL	2:28278596c2a2	1586	XFREE(cert->issuerName.fullName, NULL, DYNAMIC_TYPE_X509);
wolfSSL	2:28278596c2a2	1587	if (cert->subjectName.fullName != NULL)
wolfSSL	2:28278596c2a2	1588	XFREE(cert->subjectName.fullName, NULL, DYNAMIC_TYPE_X509);
wolfSSL	2:28278596c2a2	1589	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	1590	}
wolfSSL	2:28278596c2a2	1591
wolfSSL	2:28278596c2a2	1592
wolfSSL	2:28278596c2a2	1593	static int GetCertHeader(DecodedCert* cert)
wolfSSL	2:28278596c2a2	1594	{
wolfSSL	2:28278596c2a2	1595	int ret = 0, len;
wolfSSL	2:28278596c2a2	1596	byte serialTmp[EXTERNAL_SERIAL_SIZE];
wolfSSL	2:28278596c2a2	1597	#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
wolfSSL	2:28278596c2a2	1598	mp_int* mpi = NULL;
wolfSSL	2:28278596c2a2	1599	#else
wolfSSL	2:28278596c2a2	1600	mp_int stack_mpi;
wolfSSL	2:28278596c2a2	1601	mp_int* mpi = &stack_mpi;
wolfSSL	2:28278596c2a2	1602	#endif
wolfSSL	2:28278596c2a2	1603
wolfSSL	2:28278596c2a2	1604	if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1605	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1606
wolfSSL	2:28278596c2a2	1607	cert->certBegin = cert->srcIdx;
wolfSSL	2:28278596c2a2	1608
wolfSSL	2:28278596c2a2	1609	if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1610	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1611	cert->sigIndex = len + cert->srcIdx;
wolfSSL	2:28278596c2a2	1612
wolfSSL	2:28278596c2a2	1613	if (GetExplicitVersion(cert->source, &cert->srcIdx, &cert->version) < 0)
wolfSSL	2:28278596c2a2	1614	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1615
wolfSSL	2:28278596c2a2	1616	#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
wolfSSL	2:28278596c2a2	1617	mpi = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1618	if (mpi == NULL)
wolfSSL	2:28278596c2a2	1619	return MEMORY_E;
wolfSSL	2:28278596c2a2	1620	#endif
wolfSSL	2:28278596c2a2	1621
wolfSSL	2:28278596c2a2	1622	if (GetInt(mpi, cert->source, &cert->srcIdx, cert->maxIdx) < 0) {
wolfSSL	2:28278596c2a2	1623	#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
wolfSSL	2:28278596c2a2	1624	XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1625	#endif
wolfSSL	2:28278596c2a2	1626	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1627	}
wolfSSL	2:28278596c2a2	1628
wolfSSL	2:28278596c2a2	1629	len = mp_unsigned_bin_size(mpi);
wolfSSL	2:28278596c2a2	1630	if (len < (int)sizeof(serialTmp)) {
wolfSSL	2:28278596c2a2	1631	if ( (ret = mp_to_unsigned_bin(mpi, serialTmp)) == MP_OKAY) {
wolfSSL	2:28278596c2a2	1632	XMEMCPY(cert->serial, serialTmp, len);
wolfSSL	2:28278596c2a2	1633	cert->serialSz = len;
wolfSSL	2:28278596c2a2	1634	}
wolfSSL	2:28278596c2a2	1635	}
wolfSSL	2:28278596c2a2	1636	mp_clear(mpi);
wolfSSL	2:28278596c2a2	1637
wolfSSL	2:28278596c2a2	1638	#if defined(WOLFSSL_SMALL_STACK) && defined(USE_FAST_MATH)
wolfSSL	2:28278596c2a2	1639	XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1640	#endif
wolfSSL	2:28278596c2a2	1641
wolfSSL	2:28278596c2a2	1642	return ret;
wolfSSL	2:28278596c2a2	1643	}
wolfSSL	2:28278596c2a2	1644
wolfSSL	2:28278596c2a2	1645	#if !defined(NO_RSA)
wolfSSL	2:28278596c2a2	1646	/* Store Rsa Key, may save later, Dsa could use in future */
wolfSSL	2:28278596c2a2	1647	static int StoreRsaKey(DecodedCert* cert)
wolfSSL	2:28278596c2a2	1648	{
wolfSSL	2:28278596c2a2	1649	int length;
wolfSSL	2:28278596c2a2	1650	word32 recvd = cert->srcIdx;
wolfSSL	2:28278596c2a2	1651
wolfSSL	2:28278596c2a2	1652	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1653	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1654
wolfSSL	2:28278596c2a2	1655	recvd = cert->srcIdx - recvd;
wolfSSL	2:28278596c2a2	1656	length += recvd;
wolfSSL	2:28278596c2a2	1657
wolfSSL	2:28278596c2a2	1658	while (recvd--)
wolfSSL	2:28278596c2a2	1659	cert->srcIdx--;
wolfSSL	2:28278596c2a2	1660
wolfSSL	2:28278596c2a2	1661	cert->pubKeySize = length;
wolfSSL	2:28278596c2a2	1662	cert->publicKey = cert->source + cert->srcIdx;
wolfSSL	2:28278596c2a2	1663	cert->srcIdx += length;
wolfSSL	2:28278596c2a2	1664
wolfSSL	2:28278596c2a2	1665	return 0;
wolfSSL	2:28278596c2a2	1666	}
wolfSSL	2:28278596c2a2	1667	#endif
wolfSSL	2:28278596c2a2	1668
wolfSSL	2:28278596c2a2	1669
wolfSSL	2:28278596c2a2	1670	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	1671
wolfSSL	2:28278596c2a2	1672	/* return 0 on sucess if the ECC curve oid sum is supported */
wolfSSL	2:28278596c2a2	1673	static int CheckCurve(word32 oid)
wolfSSL	2:28278596c2a2	1674	{
wolfSSL	2:28278596c2a2	1675	int ret = 0;
wolfSSL	2:28278596c2a2	1676
wolfSSL	2:28278596c2a2	1677	switch (oid) {
wolfSSL	2:28278596c2a2	1678	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC160)
wolfSSL	2:28278596c2a2	1679	case ECC_160R1:
wolfSSL	2:28278596c2a2	1680	#endif
wolfSSL	2:28278596c2a2	1681	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC192)
wolfSSL	2:28278596c2a2	1682	case ECC_192R1:
wolfSSL	2:28278596c2a2	1683	#endif
wolfSSL	2:28278596c2a2	1684	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC224)
wolfSSL	2:28278596c2a2	1685	case ECC_224R1:
wolfSSL	2:28278596c2a2	1686	#endif
wolfSSL	2:28278596c2a2	1687	#if defined(HAVE_ALL_CURVES) \|\| !defined(NO_ECC256)
wolfSSL	2:28278596c2a2	1688	case ECC_256R1:
wolfSSL	2:28278596c2a2	1689	#endif
wolfSSL	2:28278596c2a2	1690	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC384)
wolfSSL	2:28278596c2a2	1691	case ECC_384R1:
wolfSSL	2:28278596c2a2	1692	#endif
wolfSSL	2:28278596c2a2	1693	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC521)
wolfSSL	2:28278596c2a2	1694	case ECC_521R1:
wolfSSL	2:28278596c2a2	1695	#endif
wolfSSL	2:28278596c2a2	1696	break;
wolfSSL	2:28278596c2a2	1697
wolfSSL	2:28278596c2a2	1698	default:
wolfSSL	2:28278596c2a2	1699	ret = ALGO_ID_E;
wolfSSL	2:28278596c2a2	1700	}
wolfSSL	2:28278596c2a2	1701
wolfSSL	2:28278596c2a2	1702	return ret;
wolfSSL	2:28278596c2a2	1703	}
wolfSSL	2:28278596c2a2	1704
wolfSSL	2:28278596c2a2	1705	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	1706
wolfSSL	2:28278596c2a2	1707
wolfSSL	2:28278596c2a2	1708	static int GetKey(DecodedCert* cert)
wolfSSL	2:28278596c2a2	1709	{
wolfSSL	2:28278596c2a2	1710	int length;
wolfSSL	2:28278596c2a2	1711	#ifdef HAVE_NTRU
wolfSSL	2:28278596c2a2	1712	int tmpIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	1713	#endif
wolfSSL	2:28278596c2a2	1714
wolfSSL	2:28278596c2a2	1715	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1716	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1717
wolfSSL	2:28278596c2a2	1718	if (GetAlgoId(cert->source, &cert->srcIdx, &cert->keyOID, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1719	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1720
wolfSSL	2:28278596c2a2	1721	switch (cert->keyOID) {
wolfSSL	2:28278596c2a2	1722	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	1723	case RSAk:
wolfSSL	2:28278596c2a2	1724	{
wolfSSL	2:28278596c2a2	1725	byte b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1726	if (b != ASN_BIT_STRING)
wolfSSL	2:28278596c2a2	1727	return ASN_BITSTR_E;
wolfSSL	2:28278596c2a2	1728
wolfSSL	2:28278596c2a2	1729	if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1730	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1731	b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1732	if (b != 0x00)
wolfSSL	2:28278596c2a2	1733	return ASN_EXPECT_0_E;
wolfSSL	2:28278596c2a2	1734
wolfSSL	2:28278596c2a2	1735	return StoreRsaKey(cert);
wolfSSL	2:28278596c2a2	1736	}
wolfSSL	2:28278596c2a2	1737
wolfSSL	2:28278596c2a2	1738	#endif /* NO_RSA */
wolfSSL	2:28278596c2a2	1739	#ifdef HAVE_NTRU
wolfSSL	2:28278596c2a2	1740	case NTRUk:
wolfSSL	2:28278596c2a2	1741	{
wolfSSL	2:28278596c2a2	1742	const byte* key = &cert->source[tmpIdx];
wolfSSL	2:28278596c2a2	1743	byte* next = (byte*)key;
wolfSSL	2:28278596c2a2	1744	word16 keyLen;
wolfSSL	2:28278596c2a2	1745	word32 rc;
wolfSSL	2:28278596c2a2	1746	word32 remaining = cert->maxIdx - cert->srcIdx;
wolfSSL	2:28278596c2a2	1747	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1748	byte* keyBlob = NULL;
wolfSSL	2:28278596c2a2	1749	#else
wolfSSL	2:28278596c2a2	1750	byte keyBlob[MAX_NTRU_KEY_SZ];
wolfSSL	2:28278596c2a2	1751	#endif
wolfSSL	2:28278596c2a2	1752	rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
wolfSSL	2:28278596c2a2	1753	&keyLen, NULL, &next, &remaining);
wolfSSL	2:28278596c2a2	1754	if (rc != NTRU_OK)
wolfSSL	2:28278596c2a2	1755	return ASN_NTRU_KEY_E;
wolfSSL	2:28278596c2a2	1756	if (keyLen > MAX_NTRU_KEY_SZ)
wolfSSL	2:28278596c2a2	1757	return ASN_NTRU_KEY_E;
wolfSSL	2:28278596c2a2	1758
wolfSSL	2:28278596c2a2	1759	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1760	keyBlob = (byte*)XMALLOC(MAX_NTRU_KEY_SZ, NULL,
wolfSSL	2:28278596c2a2	1761	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1762	if (keyBlob == NULL)
wolfSSL	2:28278596c2a2	1763	return MEMORY_E;
wolfSSL	2:28278596c2a2	1764	#endif
wolfSSL	2:28278596c2a2	1765
wolfSSL	2:28278596c2a2	1766	rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
wolfSSL	2:28278596c2a2	1767	&keyLen, keyBlob, &next, &remaining);
wolfSSL	2:28278596c2a2	1768	if (rc != NTRU_OK) {
wolfSSL	2:28278596c2a2	1769	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1770	XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1771	#endif
wolfSSL	2:28278596c2a2	1772	return ASN_NTRU_KEY_E;
wolfSSL	2:28278596c2a2	1773	}
wolfSSL	2:28278596c2a2	1774
wolfSSL	2:28278596c2a2	1775	if ( (next - key) < 0) {
wolfSSL	2:28278596c2a2	1776	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1777	XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1778	#endif
wolfSSL	2:28278596c2a2	1779	return ASN_NTRU_KEY_E;
wolfSSL	2:28278596c2a2	1780	}
wolfSSL	2:28278596c2a2	1781
wolfSSL	2:28278596c2a2	1782	cert->srcIdx = tmpIdx + (int)(next - key);
wolfSSL	2:28278596c2a2	1783
wolfSSL	2:28278596c2a2	1784	cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap,
wolfSSL	2:28278596c2a2	1785	DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	2:28278596c2a2	1786	if (cert->publicKey == NULL) {
wolfSSL	2:28278596c2a2	1787	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1788	XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1789	#endif
wolfSSL	2:28278596c2a2	1790	return MEMORY_E;
wolfSSL	2:28278596c2a2	1791	}
wolfSSL	2:28278596c2a2	1792	XMEMCPY(cert->publicKey, keyBlob, keyLen);
wolfSSL	2:28278596c2a2	1793	cert->pubKeyStored = 1;
wolfSSL	2:28278596c2a2	1794	cert->pubKeySize = keyLen;
wolfSSL	2:28278596c2a2	1795
wolfSSL	2:28278596c2a2	1796	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	1797	XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	1798	#endif
wolfSSL	2:28278596c2a2	1799
wolfSSL	2:28278596c2a2	1800	return 0;
wolfSSL	2:28278596c2a2	1801	}
wolfSSL	2:28278596c2a2	1802	#endif /* HAVE_NTRU */
wolfSSL	2:28278596c2a2	1803	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	1804	case ECDSAk:
wolfSSL	2:28278596c2a2	1805	{
wolfSSL	2:28278596c2a2	1806	int oidSz = 0;
wolfSSL	2:28278596c2a2	1807	byte b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1808
wolfSSL	2:28278596c2a2	1809	if (b != ASN_OBJECT_ID)
wolfSSL	2:28278596c2a2	1810	return ASN_OBJECT_ID_E;
wolfSSL	2:28278596c2a2	1811
wolfSSL	2:28278596c2a2	1812	if (GetLength(cert->source,&cert->srcIdx,&oidSz,cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1813	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1814
wolfSSL	2:28278596c2a2	1815	while(oidSz--)
wolfSSL	2:28278596c2a2	1816	cert->pkCurveOID += cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1817
wolfSSL	2:28278596c2a2	1818	if (CheckCurve(cert->pkCurveOID) < 0)
wolfSSL	2:28278596c2a2	1819	return ECC_CURVE_OID_E;
wolfSSL	2:28278596c2a2	1820
wolfSSL	2:28278596c2a2	1821	/* key header */
wolfSSL	2:28278596c2a2	1822	b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1823	if (b != ASN_BIT_STRING)
wolfSSL	2:28278596c2a2	1824	return ASN_BITSTR_E;
wolfSSL	2:28278596c2a2	1825
wolfSSL	2:28278596c2a2	1826	if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1827	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1828	b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1829	if (b != 0x00)
wolfSSL	2:28278596c2a2	1830	return ASN_EXPECT_0_E;
wolfSSL	2:28278596c2a2	1831
wolfSSL	2:28278596c2a2	1832	/* actual key, use length - 1 since ate preceding 0 */
wolfSSL	2:28278596c2a2	1833	length -= 1;
wolfSSL	2:28278596c2a2	1834
wolfSSL	2:28278596c2a2	1835	cert->publicKey = (byte*) XMALLOC(length, cert->heap,
wolfSSL	2:28278596c2a2	1836	DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	2:28278596c2a2	1837	if (cert->publicKey == NULL)
wolfSSL	2:28278596c2a2	1838	return MEMORY_E;
wolfSSL	2:28278596c2a2	1839	XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length);
wolfSSL	2:28278596c2a2	1840	cert->pubKeyStored = 1;
wolfSSL	2:28278596c2a2	1841	cert->pubKeySize = length;
wolfSSL	2:28278596c2a2	1842
wolfSSL	2:28278596c2a2	1843	cert->srcIdx += length;
wolfSSL	2:28278596c2a2	1844
wolfSSL	2:28278596c2a2	1845	return 0;
wolfSSL	2:28278596c2a2	1846	}
wolfSSL	2:28278596c2a2	1847	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	1848	default:
wolfSSL	2:28278596c2a2	1849	return ASN_UNKNOWN_OID_E;
wolfSSL	2:28278596c2a2	1850	}
wolfSSL	2:28278596c2a2	1851	}
wolfSSL	2:28278596c2a2	1852
wolfSSL	2:28278596c2a2	1853
wolfSSL	2:28278596c2a2	1854	/* process NAME, either issuer or subject */
wolfSSL	2:28278596c2a2	1855	static int GetName(DecodedCert* cert, int nameType)
wolfSSL	2:28278596c2a2	1856	{
wolfSSL	2:28278596c2a2	1857	int length; /* length of all distinguished names */
wolfSSL	2:28278596c2a2	1858	int dummy;
wolfSSL	2:28278596c2a2	1859	int ret;
wolfSSL	2:28278596c2a2	1860	char* full;
wolfSSL	2:28278596c2a2	1861	byte* hash;
wolfSSL	2:28278596c2a2	1862	word32 idx;
wolfSSL	2:28278596c2a2	1863	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	1864	DecodedName* dName =
wolfSSL	2:28278596c2a2	1865	(nameType == ISSUER) ? &cert->issuerName : &cert->subjectName;
wolfSSL	2:28278596c2a2	1866	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	1867
wolfSSL	2:28278596c2a2	1868	WOLFSSL_MSG("Getting Cert Name");
wolfSSL	2:28278596c2a2	1869
wolfSSL	2:28278596c2a2	1870	if (nameType == ISSUER) {
wolfSSL	2:28278596c2a2	1871	full = cert->issuer;
wolfSSL	2:28278596c2a2	1872	hash = cert->issuerHash;
wolfSSL	2:28278596c2a2	1873	}
wolfSSL	2:28278596c2a2	1874	else {
wolfSSL	2:28278596c2a2	1875	full = cert->subject;
wolfSSL	2:28278596c2a2	1876	hash = cert->subjectHash;
wolfSSL	2:28278596c2a2	1877	}
wolfSSL	2:28278596c2a2	1878
wolfSSL	2:28278596c2a2	1879	if (cert->source[cert->srcIdx] == ASN_OBJECT_ID) {
wolfSSL	2:28278596c2a2	1880	WOLFSSL_MSG("Trying optional prefix...");
wolfSSL	2:28278596c2a2	1881
wolfSSL	2:28278596c2a2	1882	if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1883	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1884
wolfSSL	2:28278596c2a2	1885	cert->srcIdx += length;
wolfSSL	2:28278596c2a2	1886	WOLFSSL_MSG("Got optional prefix");
wolfSSL	2:28278596c2a2	1887	}
wolfSSL	2:28278596c2a2	1888
wolfSSL	2:28278596c2a2	1889	/* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
wolfSSL	2:28278596c2a2	1890	* calculated over the entire DER encoding of the Name field, including
wolfSSL	2:28278596c2a2	1891	* the tag and length. */
wolfSSL	2:28278596c2a2	1892	idx = cert->srcIdx;
wolfSSL	2:28278596c2a2	1893	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1894	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1895
wolfSSL	2:28278596c2a2	1896	#ifdef NO_SHA
wolfSSL	2:28278596c2a2	1897	ret = wc_Sha256Hash(&cert->source[idx], length + cert->srcIdx - idx, hash);
wolfSSL	2:28278596c2a2	1898	#else
wolfSSL	2:28278596c2a2	1899	ret = wc_ShaHash(&cert->source[idx], length + cert->srcIdx - idx, hash);
wolfSSL	2:28278596c2a2	1900	#endif
wolfSSL	2:28278596c2a2	1901	if (ret != 0)
wolfSSL	2:28278596c2a2	1902	return ret;
wolfSSL	2:28278596c2a2	1903
wolfSSL	2:28278596c2a2	1904	length += cert->srcIdx;
wolfSSL	2:28278596c2a2	1905	idx = 0;
wolfSSL	2:28278596c2a2	1906
wolfSSL	2:28278596c2a2	1907	#ifdef HAVE_PKCS7
wolfSSL	2:28278596c2a2	1908	/* store pointer to raw issuer */
wolfSSL	2:28278596c2a2	1909	if (nameType == ISSUER) {
wolfSSL	2:28278596c2a2	1910	cert->issuerRaw = &cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	1911	cert->issuerRawLen = length - cert->srcIdx;
wolfSSL	2:28278596c2a2	1912	}
wolfSSL	2:28278596c2a2	1913	#endif
wolfSSL	2:28278596c2a2	1914	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	1915	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	1916	cert->subjectRaw = &cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	1917	cert->subjectRawLen = length - cert->srcIdx;
wolfSSL	2:28278596c2a2	1918	}
wolfSSL	2:28278596c2a2	1919	#endif
wolfSSL	2:28278596c2a2	1920
wolfSSL	2:28278596c2a2	1921	while (cert->srcIdx < (word32)length) {
wolfSSL	2:28278596c2a2	1922	byte b;
wolfSSL	2:28278596c2a2	1923	byte joint[2];
wolfSSL	2:28278596c2a2	1924	byte tooBig = FALSE;
wolfSSL	2:28278596c2a2	1925	int oidSz;
wolfSSL	2:28278596c2a2	1926
wolfSSL	2:28278596c2a2	1927	if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) {
wolfSSL	2:28278596c2a2	1928	WOLFSSL_MSG("Cert name lacks set header, trying sequence");
wolfSSL	2:28278596c2a2	1929	}
wolfSSL	2:28278596c2a2	1930
wolfSSL	2:28278596c2a2	1931	if (GetSequence(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1932	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1933
wolfSSL	2:28278596c2a2	1934	b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1935	if (b != ASN_OBJECT_ID)
wolfSSL	2:28278596c2a2	1936	return ASN_OBJECT_ID_E;
wolfSSL	2:28278596c2a2	1937
wolfSSL	2:28278596c2a2	1938	if (GetLength(cert->source, &cert->srcIdx, &oidSz, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1939	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1940
wolfSSL	2:28278596c2a2	1941	XMEMCPY(joint, &cert->source[cert->srcIdx], sizeof(joint));
wolfSSL	2:28278596c2a2	1942
wolfSSL	2:28278596c2a2	1943	/* v1 name types */
wolfSSL	2:28278596c2a2	1944	if (joint[0] == 0x55 && joint[1] == 0x04) {
wolfSSL	2:28278596c2a2	1945	byte id;
wolfSSL	2:28278596c2a2	1946	byte copy = FALSE;
wolfSSL	2:28278596c2a2	1947	int strLen;
wolfSSL	2:28278596c2a2	1948
wolfSSL	2:28278596c2a2	1949	cert->srcIdx += 2;
wolfSSL	2:28278596c2a2	1950	id = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	1951	b = cert->source[cert->srcIdx++]; /* encoding */
wolfSSL	2:28278596c2a2	1952
wolfSSL	2:28278596c2a2	1953	if (GetLength(cert->source, &cert->srcIdx, &strLen,
wolfSSL	2:28278596c2a2	1954	cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	1955	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	1956
wolfSSL	2:28278596c2a2	1957	if ( (strLen + 14) > (int)(ASN_NAME_MAX - idx)) {
wolfSSL	2:28278596c2a2	1958	/* include biggest pre fix header too 4 = "/serialNumber=" */
wolfSSL	2:28278596c2a2	1959	WOLFSSL_MSG("ASN Name too big, skipping");
wolfSSL	2:28278596c2a2	1960	tooBig = TRUE;
wolfSSL	2:28278596c2a2	1961	}
wolfSSL	2:28278596c2a2	1962
wolfSSL	2:28278596c2a2	1963	if (id == ASN_COMMON_NAME) {
wolfSSL	2:28278596c2a2	1964	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	1965	cert->subjectCN = (char *)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	1966	cert->subjectCNLen = strLen;
wolfSSL	2:28278596c2a2	1967	cert->subjectCNEnc = b;
wolfSSL	2:28278596c2a2	1968	}
wolfSSL	2:28278596c2a2	1969
wolfSSL	2:28278596c2a2	1970	if (!tooBig) {
wolfSSL	2:28278596c2a2	1971	XMEMCPY(&full[idx], "/CN=", 4);
wolfSSL	2:28278596c2a2	1972	idx += 4;
wolfSSL	2:28278596c2a2	1973	copy = TRUE;
wolfSSL	2:28278596c2a2	1974	}
wolfSSL	2:28278596c2a2	1975	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	1976	dName->cnIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	1977	dName->cnLen = strLen;
wolfSSL	2:28278596c2a2	1978	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	1979	}
wolfSSL	2:28278596c2a2	1980	else if (id == ASN_SUR_NAME) {
wolfSSL	2:28278596c2a2	1981	if (!tooBig) {
wolfSSL	2:28278596c2a2	1982	XMEMCPY(&full[idx], "/SN=", 4);
wolfSSL	2:28278596c2a2	1983	idx += 4;
wolfSSL	2:28278596c2a2	1984	copy = TRUE;
wolfSSL	2:28278596c2a2	1985	}
wolfSSL	2:28278596c2a2	1986	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	1987	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	1988	cert->subjectSN = (char*)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	1989	cert->subjectSNLen = strLen;
wolfSSL	2:28278596c2a2	1990	cert->subjectSNEnc = b;
wolfSSL	2:28278596c2a2	1991	}
wolfSSL	2:28278596c2a2	1992	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	1993	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	1994	dName->snIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	1995	dName->snLen = strLen;
wolfSSL	2:28278596c2a2	1996	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	1997	}
wolfSSL	2:28278596c2a2	1998	else if (id == ASN_COUNTRY_NAME) {
wolfSSL	2:28278596c2a2	1999	if (!tooBig) {
wolfSSL	2:28278596c2a2	2000	XMEMCPY(&full[idx], "/C=", 3);
wolfSSL	2:28278596c2a2	2001	idx += 3;
wolfSSL	2:28278596c2a2	2002	copy = TRUE;
wolfSSL	2:28278596c2a2	2003	}
wolfSSL	2:28278596c2a2	2004	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	2005	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	2006	cert->subjectC = (char*)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2007	cert->subjectCLen = strLen;
wolfSSL	2:28278596c2a2	2008	cert->subjectCEnc = b;
wolfSSL	2:28278596c2a2	2009	}
wolfSSL	2:28278596c2a2	2010	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	2011	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2012	dName->cIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2013	dName->cLen = strLen;
wolfSSL	2:28278596c2a2	2014	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2015	}
wolfSSL	2:28278596c2a2	2016	else if (id == ASN_LOCALITY_NAME) {
wolfSSL	2:28278596c2a2	2017	if (!tooBig) {
wolfSSL	2:28278596c2a2	2018	XMEMCPY(&full[idx], "/L=", 3);
wolfSSL	2:28278596c2a2	2019	idx += 3;
wolfSSL	2:28278596c2a2	2020	copy = TRUE;
wolfSSL	2:28278596c2a2	2021	}
wolfSSL	2:28278596c2a2	2022	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	2023	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	2024	cert->subjectL = (char*)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2025	cert->subjectLLen = strLen;
wolfSSL	2:28278596c2a2	2026	cert->subjectLEnc = b;
wolfSSL	2:28278596c2a2	2027	}
wolfSSL	2:28278596c2a2	2028	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	2029	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2030	dName->lIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2031	dName->lLen = strLen;
wolfSSL	2:28278596c2a2	2032	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2033	}
wolfSSL	2:28278596c2a2	2034	else if (id == ASN_STATE_NAME) {
wolfSSL	2:28278596c2a2	2035	if (!tooBig) {
wolfSSL	2:28278596c2a2	2036	XMEMCPY(&full[idx], "/ST=", 4);
wolfSSL	2:28278596c2a2	2037	idx += 4;
wolfSSL	2:28278596c2a2	2038	copy = TRUE;
wolfSSL	2:28278596c2a2	2039	}
wolfSSL	2:28278596c2a2	2040	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	2041	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	2042	cert->subjectST = (char*)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2043	cert->subjectSTLen = strLen;
wolfSSL	2:28278596c2a2	2044	cert->subjectSTEnc = b;
wolfSSL	2:28278596c2a2	2045	}
wolfSSL	2:28278596c2a2	2046	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	2047	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2048	dName->stIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2049	dName->stLen = strLen;
wolfSSL	2:28278596c2a2	2050	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2051	}
wolfSSL	2:28278596c2a2	2052	else if (id == ASN_ORG_NAME) {
wolfSSL	2:28278596c2a2	2053	if (!tooBig) {
wolfSSL	2:28278596c2a2	2054	XMEMCPY(&full[idx], "/O=", 3);
wolfSSL	2:28278596c2a2	2055	idx += 3;
wolfSSL	2:28278596c2a2	2056	copy = TRUE;
wolfSSL	2:28278596c2a2	2057	}
wolfSSL	2:28278596c2a2	2058	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	2059	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	2060	cert->subjectO = (char*)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2061	cert->subjectOLen = strLen;
wolfSSL	2:28278596c2a2	2062	cert->subjectOEnc = b;
wolfSSL	2:28278596c2a2	2063	}
wolfSSL	2:28278596c2a2	2064	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	2065	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2066	dName->oIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2067	dName->oLen = strLen;
wolfSSL	2:28278596c2a2	2068	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2069	}
wolfSSL	2:28278596c2a2	2070	else if (id == ASN_ORGUNIT_NAME) {
wolfSSL	2:28278596c2a2	2071	if (!tooBig) {
wolfSSL	2:28278596c2a2	2072	XMEMCPY(&full[idx], "/OU=", 4);
wolfSSL	2:28278596c2a2	2073	idx += 4;
wolfSSL	2:28278596c2a2	2074	copy = TRUE;
wolfSSL	2:28278596c2a2	2075	}
wolfSSL	2:28278596c2a2	2076	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	2077	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	2078	cert->subjectOU = (char*)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2079	cert->subjectOULen = strLen;
wolfSSL	2:28278596c2a2	2080	cert->subjectOUEnc = b;
wolfSSL	2:28278596c2a2	2081	}
wolfSSL	2:28278596c2a2	2082	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	2083	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2084	dName->ouIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2085	dName->ouLen = strLen;
wolfSSL	2:28278596c2a2	2086	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2087	}
wolfSSL	2:28278596c2a2	2088	else if (id == ASN_SERIAL_NUMBER) {
wolfSSL	2:28278596c2a2	2089	if (!tooBig) {
wolfSSL	2:28278596c2a2	2090	XMEMCPY(&full[idx], "/serialNumber=", 14);
wolfSSL	2:28278596c2a2	2091	idx += 14;
wolfSSL	2:28278596c2a2	2092	copy = TRUE;
wolfSSL	2:28278596c2a2	2093	}
wolfSSL	2:28278596c2a2	2094	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2095	dName->snIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2096	dName->snLen = strLen;
wolfSSL	2:28278596c2a2	2097	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2098	}
wolfSSL	2:28278596c2a2	2099
wolfSSL	2:28278596c2a2	2100	if (copy && !tooBig) {
wolfSSL	2:28278596c2a2	2101	XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen);
wolfSSL	2:28278596c2a2	2102	idx += strLen;
wolfSSL	2:28278596c2a2	2103	}
wolfSSL	2:28278596c2a2	2104
wolfSSL	2:28278596c2a2	2105	cert->srcIdx += strLen;
wolfSSL	2:28278596c2a2	2106	}
wolfSSL	2:28278596c2a2	2107	else {
wolfSSL	2:28278596c2a2	2108	/* skip */
wolfSSL	2:28278596c2a2	2109	byte email = FALSE;
wolfSSL	2:28278596c2a2	2110	byte uid = FALSE;
wolfSSL	2:28278596c2a2	2111	int adv;
wolfSSL	2:28278596c2a2	2112
wolfSSL	2:28278596c2a2	2113	if (joint[0] == 0x2a && joint[1] == 0x86) /* email id hdr */
wolfSSL	2:28278596c2a2	2114	email = TRUE;
wolfSSL	2:28278596c2a2	2115
wolfSSL	2:28278596c2a2	2116	if (joint[0] == 0x9 && joint[1] == 0x92) /* uid id hdr */
wolfSSL	2:28278596c2a2	2117	uid = TRUE;
wolfSSL	2:28278596c2a2	2118
wolfSSL	2:28278596c2a2	2119	cert->srcIdx += oidSz + 1;
wolfSSL	2:28278596c2a2	2120
wolfSSL	2:28278596c2a2	2121	if (GetLength(cert->source, &cert->srcIdx, &adv, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	2122	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	2123
wolfSSL	2:28278596c2a2	2124	if (adv > (int)(ASN_NAME_MAX - idx)) {
wolfSSL	2:28278596c2a2	2125	WOLFSSL_MSG("ASN name too big, skipping");
wolfSSL	2:28278596c2a2	2126	tooBig = TRUE;
wolfSSL	2:28278596c2a2	2127	}
wolfSSL	2:28278596c2a2	2128
wolfSSL	2:28278596c2a2	2129	if (email) {
wolfSSL	2:28278596c2a2	2130	if ( (14 + adv) > (int)(ASN_NAME_MAX - idx)) {
wolfSSL	2:28278596c2a2	2131	WOLFSSL_MSG("ASN name too big, skipping");
wolfSSL	2:28278596c2a2	2132	tooBig = TRUE;
wolfSSL	2:28278596c2a2	2133	}
wolfSSL	2:28278596c2a2	2134	if (!tooBig) {
wolfSSL	2:28278596c2a2	2135	XMEMCPY(&full[idx], "/emailAddress=", 14);
wolfSSL	2:28278596c2a2	2136	idx += 14;
wolfSSL	2:28278596c2a2	2137	}
wolfSSL	2:28278596c2a2	2138
wolfSSL	2:28278596c2a2	2139	#ifdef WOLFSSL_CERT_GEN
wolfSSL	2:28278596c2a2	2140	if (nameType == SUBJECT) {
wolfSSL	2:28278596c2a2	2141	cert->subjectEmail = (char*)&cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2142	cert->subjectEmailLen = adv;
wolfSSL	2:28278596c2a2	2143	}
wolfSSL	2:28278596c2a2	2144	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	2145	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2146	dName->emailIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2147	dName->emailLen = adv;
wolfSSL	2:28278596c2a2	2148	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2149	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	2150	{
wolfSSL	2:28278596c2a2	2151	DNS_entry* emailName = NULL;
wolfSSL	2:28278596c2a2	2152
wolfSSL	2:28278596c2a2	2153	emailName = (DNS_entry*)XMALLOC(sizeof(DNS_entry),
wolfSSL	2:28278596c2a2	2154	cert->heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	2155	if (emailName == NULL) {
wolfSSL	2:28278596c2a2	2156	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	2157	return MEMORY_E;
wolfSSL	2:28278596c2a2	2158	}
wolfSSL	2:28278596c2a2	2159	emailName->name = (char*)XMALLOC(adv + 1,
wolfSSL	2:28278596c2a2	2160	cert->heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	2161	if (emailName->name == NULL) {
wolfSSL	2:28278596c2a2	2162	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	2163	return MEMORY_E;
wolfSSL	2:28278596c2a2	2164	}
wolfSSL	2:28278596c2a2	2165	XMEMCPY(emailName->name,
wolfSSL	2:28278596c2a2	2166	&cert->source[cert->srcIdx], adv);
wolfSSL	2:28278596c2a2	2167	emailName->name[adv] = 0;
wolfSSL	2:28278596c2a2	2168
wolfSSL	2:28278596c2a2	2169	emailName->next = cert->altEmailNames;
wolfSSL	2:28278596c2a2	2170	cert->altEmailNames = emailName;
wolfSSL	2:28278596c2a2	2171	}
wolfSSL	2:28278596c2a2	2172	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	2173	if (!tooBig) {
wolfSSL	2:28278596c2a2	2174	XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
wolfSSL	2:28278596c2a2	2175	idx += adv;
wolfSSL	2:28278596c2a2	2176	}
wolfSSL	2:28278596c2a2	2177	}
wolfSSL	2:28278596c2a2	2178
wolfSSL	2:28278596c2a2	2179	if (uid) {
wolfSSL	2:28278596c2a2	2180	if ( (5 + adv) > (int)(ASN_NAME_MAX - idx)) {
wolfSSL	2:28278596c2a2	2181	WOLFSSL_MSG("ASN name too big, skipping");
wolfSSL	2:28278596c2a2	2182	tooBig = TRUE;
wolfSSL	2:28278596c2a2	2183	}
wolfSSL	2:28278596c2a2	2184	if (!tooBig) {
wolfSSL	2:28278596c2a2	2185	XMEMCPY(&full[idx], "/UID=", 5);
wolfSSL	2:28278596c2a2	2186	idx += 5;
wolfSSL	2:28278596c2a2	2187
wolfSSL	2:28278596c2a2	2188	XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv);
wolfSSL	2:28278596c2a2	2189	idx += adv;
wolfSSL	2:28278596c2a2	2190	}
wolfSSL	2:28278596c2a2	2191	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2192	dName->uidIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2193	dName->uidLen = adv;
wolfSSL	2:28278596c2a2	2194	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2195	}
wolfSSL	2:28278596c2a2	2196
wolfSSL	2:28278596c2a2	2197	cert->srcIdx += adv;
wolfSSL	2:28278596c2a2	2198	}
wolfSSL	2:28278596c2a2	2199	}
wolfSSL	2:28278596c2a2	2200	full[idx++] = 0;
wolfSSL	2:28278596c2a2	2201
wolfSSL	2:28278596c2a2	2202	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	2203	{
wolfSSL	2:28278596c2a2	2204	int totalLen = 0;
wolfSSL	2:28278596c2a2	2205
wolfSSL	2:28278596c2a2	2206	if (dName->cnLen != 0)
wolfSSL	2:28278596c2a2	2207	totalLen += dName->cnLen + 4;
wolfSSL	2:28278596c2a2	2208	if (dName->snLen != 0)
wolfSSL	2:28278596c2a2	2209	totalLen += dName->snLen + 4;
wolfSSL	2:28278596c2a2	2210	if (dName->cLen != 0)
wolfSSL	2:28278596c2a2	2211	totalLen += dName->cLen + 3;
wolfSSL	2:28278596c2a2	2212	if (dName->lLen != 0)
wolfSSL	2:28278596c2a2	2213	totalLen += dName->lLen + 3;
wolfSSL	2:28278596c2a2	2214	if (dName->stLen != 0)
wolfSSL	2:28278596c2a2	2215	totalLen += dName->stLen + 4;
wolfSSL	2:28278596c2a2	2216	if (dName->oLen != 0)
wolfSSL	2:28278596c2a2	2217	totalLen += dName->oLen + 3;
wolfSSL	2:28278596c2a2	2218	if (dName->ouLen != 0)
wolfSSL	2:28278596c2a2	2219	totalLen += dName->ouLen + 4;
wolfSSL	2:28278596c2a2	2220	if (dName->emailLen != 0)
wolfSSL	2:28278596c2a2	2221	totalLen += dName->emailLen + 14;
wolfSSL	2:28278596c2a2	2222	if (dName->uidLen != 0)
wolfSSL	2:28278596c2a2	2223	totalLen += dName->uidLen + 5;
wolfSSL	2:28278596c2a2	2224	if (dName->serialLen != 0)
wolfSSL	2:28278596c2a2	2225	totalLen += dName->serialLen + 14;
wolfSSL	2:28278596c2a2	2226
wolfSSL	2:28278596c2a2	2227	dName->fullName = (char*)XMALLOC(totalLen + 1, NULL, DYNAMIC_TYPE_X509);
wolfSSL	2:28278596c2a2	2228	if (dName->fullName != NULL) {
wolfSSL	2:28278596c2a2	2229	idx = 0;
wolfSSL	2:28278596c2a2	2230
wolfSSL	2:28278596c2a2	2231	if (dName->cnLen != 0) {
wolfSSL	2:28278596c2a2	2232	dName->entryCount++;
wolfSSL	2:28278596c2a2	2233	XMEMCPY(&dName->fullName[idx], "/CN=", 4);
wolfSSL	2:28278596c2a2	2234	idx += 4;
wolfSSL	2:28278596c2a2	2235	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2236	&cert->source[dName->cnIdx], dName->cnLen);
wolfSSL	2:28278596c2a2	2237	dName->cnIdx = idx;
wolfSSL	2:28278596c2a2	2238	idx += dName->cnLen;
wolfSSL	2:28278596c2a2	2239	}
wolfSSL	2:28278596c2a2	2240	if (dName->snLen != 0) {
wolfSSL	2:28278596c2a2	2241	dName->entryCount++;
wolfSSL	2:28278596c2a2	2242	XMEMCPY(&dName->fullName[idx], "/SN=", 4);
wolfSSL	2:28278596c2a2	2243	idx += 4;
wolfSSL	2:28278596c2a2	2244	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2245	&cert->source[dName->snIdx], dName->snLen);
wolfSSL	2:28278596c2a2	2246	dName->snIdx = idx;
wolfSSL	2:28278596c2a2	2247	idx += dName->snLen;
wolfSSL	2:28278596c2a2	2248	}
wolfSSL	2:28278596c2a2	2249	if (dName->cLen != 0) {
wolfSSL	2:28278596c2a2	2250	dName->entryCount++;
wolfSSL	2:28278596c2a2	2251	XMEMCPY(&dName->fullName[idx], "/C=", 3);
wolfSSL	2:28278596c2a2	2252	idx += 3;
wolfSSL	2:28278596c2a2	2253	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2254	&cert->source[dName->cIdx], dName->cLen);
wolfSSL	2:28278596c2a2	2255	dName->cIdx = idx;
wolfSSL	2:28278596c2a2	2256	idx += dName->cLen;
wolfSSL	2:28278596c2a2	2257	}
wolfSSL	2:28278596c2a2	2258	if (dName->lLen != 0) {
wolfSSL	2:28278596c2a2	2259	dName->entryCount++;
wolfSSL	2:28278596c2a2	2260	XMEMCPY(&dName->fullName[idx], "/L=", 3);
wolfSSL	2:28278596c2a2	2261	idx += 3;
wolfSSL	2:28278596c2a2	2262	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2263	&cert->source[dName->lIdx], dName->lLen);
wolfSSL	2:28278596c2a2	2264	dName->lIdx = idx;
wolfSSL	2:28278596c2a2	2265	idx += dName->lLen;
wolfSSL	2:28278596c2a2	2266	}
wolfSSL	2:28278596c2a2	2267	if (dName->stLen != 0) {
wolfSSL	2:28278596c2a2	2268	dName->entryCount++;
wolfSSL	2:28278596c2a2	2269	XMEMCPY(&dName->fullName[idx], "/ST=", 4);
wolfSSL	2:28278596c2a2	2270	idx += 4;
wolfSSL	2:28278596c2a2	2271	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2272	&cert->source[dName->stIdx], dName->stLen);
wolfSSL	2:28278596c2a2	2273	dName->stIdx = idx;
wolfSSL	2:28278596c2a2	2274	idx += dName->stLen;
wolfSSL	2:28278596c2a2	2275	}
wolfSSL	2:28278596c2a2	2276	if (dName->oLen != 0) {
wolfSSL	2:28278596c2a2	2277	dName->entryCount++;
wolfSSL	2:28278596c2a2	2278	XMEMCPY(&dName->fullName[idx], "/O=", 3);
wolfSSL	2:28278596c2a2	2279	idx += 3;
wolfSSL	2:28278596c2a2	2280	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2281	&cert->source[dName->oIdx], dName->oLen);
wolfSSL	2:28278596c2a2	2282	dName->oIdx = idx;
wolfSSL	2:28278596c2a2	2283	idx += dName->oLen;
wolfSSL	2:28278596c2a2	2284	}
wolfSSL	2:28278596c2a2	2285	if (dName->ouLen != 0) {
wolfSSL	2:28278596c2a2	2286	dName->entryCount++;
wolfSSL	2:28278596c2a2	2287	XMEMCPY(&dName->fullName[idx], "/OU=", 4);
wolfSSL	2:28278596c2a2	2288	idx += 4;
wolfSSL	2:28278596c2a2	2289	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2290	&cert->source[dName->ouIdx], dName->ouLen);
wolfSSL	2:28278596c2a2	2291	dName->ouIdx = idx;
wolfSSL	2:28278596c2a2	2292	idx += dName->ouLen;
wolfSSL	2:28278596c2a2	2293	}
wolfSSL	2:28278596c2a2	2294	if (dName->emailLen != 0) {
wolfSSL	2:28278596c2a2	2295	dName->entryCount++;
wolfSSL	2:28278596c2a2	2296	XMEMCPY(&dName->fullName[idx], "/emailAddress=", 14);
wolfSSL	2:28278596c2a2	2297	idx += 14;
wolfSSL	2:28278596c2a2	2298	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2299	&cert->source[dName->emailIdx], dName->emailLen);
wolfSSL	2:28278596c2a2	2300	dName->emailIdx = idx;
wolfSSL	2:28278596c2a2	2301	idx += dName->emailLen;
wolfSSL	2:28278596c2a2	2302	}
wolfSSL	2:28278596c2a2	2303	if (dName->uidLen != 0) {
wolfSSL	2:28278596c2a2	2304	dName->entryCount++;
wolfSSL	2:28278596c2a2	2305	XMEMCPY(&dName->fullName[idx], "/UID=", 5);
wolfSSL	2:28278596c2a2	2306	idx += 5;
wolfSSL	2:28278596c2a2	2307	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2308	&cert->source[dName->uidIdx], dName->uidLen);
wolfSSL	2:28278596c2a2	2309	dName->uidIdx = idx;
wolfSSL	2:28278596c2a2	2310	idx += dName->uidLen;
wolfSSL	2:28278596c2a2	2311	}
wolfSSL	2:28278596c2a2	2312	if (dName->serialLen != 0) {
wolfSSL	2:28278596c2a2	2313	dName->entryCount++;
wolfSSL	2:28278596c2a2	2314	XMEMCPY(&dName->fullName[idx], "/serialNumber=", 14);
wolfSSL	2:28278596c2a2	2315	idx += 14;
wolfSSL	2:28278596c2a2	2316	XMEMCPY(&dName->fullName[idx],
wolfSSL	2:28278596c2a2	2317	&cert->source[dName->serialIdx], dName->serialLen);
wolfSSL	2:28278596c2a2	2318	dName->serialIdx = idx;
wolfSSL	2:28278596c2a2	2319	idx += dName->serialLen;
wolfSSL	2:28278596c2a2	2320	}
wolfSSL	2:28278596c2a2	2321	dName->fullName[idx] = '\0';
wolfSSL	2:28278596c2a2	2322	dName->fullNameLen = totalLen;
wolfSSL	2:28278596c2a2	2323	}
wolfSSL	2:28278596c2a2	2324	}
wolfSSL	2:28278596c2a2	2325	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	2326
wolfSSL	2:28278596c2a2	2327	return 0;
wolfSSL	2:28278596c2a2	2328	}
wolfSSL	2:28278596c2a2	2329
wolfSSL	2:28278596c2a2	2330
wolfSSL	2:28278596c2a2	2331	#ifndef NO_TIME_H
wolfSSL	2:28278596c2a2	2332
wolfSSL	2:28278596c2a2	2333	/* to the second */
wolfSSL	2:28278596c2a2	2334	static int DateGreaterThan(const struct tm* a, const struct tm* b)
wolfSSL	2:28278596c2a2	2335	{
wolfSSL	2:28278596c2a2	2336	if (a->tm_year > b->tm_year)
wolfSSL	2:28278596c2a2	2337	return 1;
wolfSSL	2:28278596c2a2	2338
wolfSSL	2:28278596c2a2	2339	if (a->tm_year == b->tm_year && a->tm_mon > b->tm_mon)
wolfSSL	2:28278596c2a2	2340	return 1;
wolfSSL	2:28278596c2a2	2341
wolfSSL	2:28278596c2a2	2342	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
wolfSSL	2:28278596c2a2	2343	a->tm_mday > b->tm_mday)
wolfSSL	2:28278596c2a2	2344	return 1;
wolfSSL	2:28278596c2a2	2345
wolfSSL	2:28278596c2a2	2346	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
wolfSSL	2:28278596c2a2	2347	a->tm_mday == b->tm_mday && a->tm_hour > b->tm_hour)
wolfSSL	2:28278596c2a2	2348	return 1;
wolfSSL	2:28278596c2a2	2349
wolfSSL	2:28278596c2a2	2350	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
wolfSSL	2:28278596c2a2	2351	a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
wolfSSL	2:28278596c2a2	2352	a->tm_min > b->tm_min)
wolfSSL	2:28278596c2a2	2353	return 1;
wolfSSL	2:28278596c2a2	2354
wolfSSL	2:28278596c2a2	2355	if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
wolfSSL	2:28278596c2a2	2356	a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
wolfSSL	2:28278596c2a2	2357	a->tm_min == b->tm_min && a->tm_sec > b->tm_sec)
wolfSSL	2:28278596c2a2	2358	return 1;
wolfSSL	2:28278596c2a2	2359
wolfSSL	2:28278596c2a2	2360	return 0; /* false */
wolfSSL	2:28278596c2a2	2361	}
wolfSSL	2:28278596c2a2	2362
wolfSSL	2:28278596c2a2	2363
wolfSSL	2:28278596c2a2	2364	static INLINE int DateLessThan(const struct tm* a, const struct tm* b)
wolfSSL	2:28278596c2a2	2365	{
wolfSSL	2:28278596c2a2	2366	return DateGreaterThan(b,a);
wolfSSL	2:28278596c2a2	2367	}
wolfSSL	2:28278596c2a2	2368
wolfSSL	2:28278596c2a2	2369
wolfSSL	2:28278596c2a2	2370	/* like atoi but only use first byte */
wolfSSL	2:28278596c2a2	2371	/* Make sure before and after dates are valid */
wolfSSL	2:28278596c2a2	2372	int ValidateDate(const byte* date, byte format, int dateType)
wolfSSL	2:28278596c2a2	2373	{
wolfSSL	2:28278596c2a2	2374	time_t ltime;
wolfSSL	2:28278596c2a2	2375	struct tm certTime;
wolfSSL	2:28278596c2a2	2376	struct tm* localTime;
wolfSSL	2:28278596c2a2	2377	struct tm* tmpTime = NULL;
wolfSSL	2:28278596c2a2	2378	int i = 0;
wolfSSL	2:28278596c2a2	2379
wolfSSL	2:28278596c2a2	2380	#if defined(FREESCALE_MQX) \|\| defined(TIME_OVERRIDES)
wolfSSL	2:28278596c2a2	2381	struct tm tmpTimeStorage;
wolfSSL	2:28278596c2a2	2382	tmpTime = &tmpTimeStorage;
wolfSSL	2:28278596c2a2	2383	#else
wolfSSL	2:28278596c2a2	2384	(void)tmpTime;
wolfSSL	2:28278596c2a2	2385	#endif
wolfSSL	2:28278596c2a2	2386
wolfSSL	2:28278596c2a2	2387	ltime = XTIME(0);
wolfSSL	2:28278596c2a2	2388	XMEMSET(&certTime, 0, sizeof(certTime));
wolfSSL	2:28278596c2a2	2389
wolfSSL	2:28278596c2a2	2390	if (format == ASN_UTC_TIME) {
wolfSSL	2:28278596c2a2	2391	if (btoi(date[0]) >= 5)
wolfSSL	2:28278596c2a2	2392	certTime.tm_year = 1900;
wolfSSL	2:28278596c2a2	2393	else
wolfSSL	2:28278596c2a2	2394	certTime.tm_year = 2000;
wolfSSL	2:28278596c2a2	2395	}
wolfSSL	2:28278596c2a2	2396	else { /* format == GENERALIZED_TIME */
wolfSSL	2:28278596c2a2	2397	certTime.tm_year += btoi(date[i++]) * 1000;
wolfSSL	2:28278596c2a2	2398	certTime.tm_year += btoi(date[i++]) * 100;
wolfSSL	2:28278596c2a2	2399	}
wolfSSL	2:28278596c2a2	2400
wolfSSL	2:28278596c2a2	2401	/* adjust tm_year, tm_mon */
wolfSSL	2:28278596c2a2	2402	GetTime((int*)&certTime.tm_year, date, &i); certTime.tm_year -= 1900;
wolfSSL	2:28278596c2a2	2403	GetTime((int*)&certTime.tm_mon, date, &i); certTime.tm_mon -= 1;
wolfSSL	2:28278596c2a2	2404	GetTime((int*)&certTime.tm_mday, date, &i);
wolfSSL	2:28278596c2a2	2405	GetTime((int*)&certTime.tm_hour, date, &i);
wolfSSL	2:28278596c2a2	2406	GetTime((int*)&certTime.tm_min, date, &i);
wolfSSL	2:28278596c2a2	2407	GetTime((int*)&certTime.tm_sec, date, &i);
wolfSSL	2:28278596c2a2	2408
wolfSSL	2:28278596c2a2	2409	if (date[i] != 'Z') { /* only Zulu supported for this profile */
wolfSSL	2:28278596c2a2	2410	WOLFSSL_MSG("Only Zulu time supported for this profile");
wolfSSL	2:28278596c2a2	2411	return 0;
wolfSSL	2:28278596c2a2	2412	}
wolfSSL	2:28278596c2a2	2413
wolfSSL	2:28278596c2a2	2414	localTime = XGMTIME(&ltime, tmpTime);
wolfSSL	2:28278596c2a2	2415
wolfSSL	2:28278596c2a2	2416	if (dateType == BEFORE) {
wolfSSL	2:28278596c2a2	2417	if (DateLessThan(localTime, &certTime))
wolfSSL	2:28278596c2a2	2418	return 0;
wolfSSL	2:28278596c2a2	2419	}
wolfSSL	2:28278596c2a2	2420	else
wolfSSL	2:28278596c2a2	2421	if (DateGreaterThan(localTime, &certTime))
wolfSSL	2:28278596c2a2	2422	return 0;
wolfSSL	2:28278596c2a2	2423
wolfSSL	2:28278596c2a2	2424	return 1;
wolfSSL	2:28278596c2a2	2425	}
wolfSSL	2:28278596c2a2	2426
wolfSSL	2:28278596c2a2	2427	#endif /* NO_TIME_H */
wolfSSL	2:28278596c2a2	2428
wolfSSL	2:28278596c2a2	2429
wolfSSL	2:28278596c2a2	2430	static int GetDate(DecodedCert* cert, int dateType)
wolfSSL	2:28278596c2a2	2431	{
wolfSSL	2:28278596c2a2	2432	int length;
wolfSSL	2:28278596c2a2	2433	byte date[MAX_DATE_SIZE];
wolfSSL	2:28278596c2a2	2434	byte b;
wolfSSL	2:28278596c2a2	2435	word32 startIdx = 0;
wolfSSL	2:28278596c2a2	2436
wolfSSL	2:28278596c2a2	2437	if (dateType == BEFORE)
wolfSSL	2:28278596c2a2	2438	cert->beforeDate = &cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2439	else
wolfSSL	2:28278596c2a2	2440	cert->afterDate = &cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2441	startIdx = cert->srcIdx;
wolfSSL	2:28278596c2a2	2442
wolfSSL	2:28278596c2a2	2443	b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	2444	if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME)
wolfSSL	2:28278596c2a2	2445	return ASN_TIME_E;
wolfSSL	2:28278596c2a2	2446
wolfSSL	2:28278596c2a2	2447	if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	2448	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	2449
wolfSSL	2:28278596c2a2	2450	if (length > MAX_DATE_SIZE \|\| length < MIN_DATE_SIZE)
wolfSSL	2:28278596c2a2	2451	return ASN_DATE_SZ_E;
wolfSSL	2:28278596c2a2	2452
wolfSSL	2:28278596c2a2	2453	XMEMCPY(date, &cert->source[cert->srcIdx], length);
wolfSSL	2:28278596c2a2	2454	cert->srcIdx += length;
wolfSSL	2:28278596c2a2	2455
wolfSSL	2:28278596c2a2	2456	if (dateType == BEFORE)
wolfSSL	2:28278596c2a2	2457	cert->beforeDateLen = cert->srcIdx - startIdx;
wolfSSL	2:28278596c2a2	2458	else
wolfSSL	2:28278596c2a2	2459	cert->afterDateLen = cert->srcIdx - startIdx;
wolfSSL	2:28278596c2a2	2460
wolfSSL	2:28278596c2a2	2461	if (!XVALIDATE_DATE(date, b, dateType)) {
wolfSSL	2:28278596c2a2	2462	if (dateType == BEFORE)
wolfSSL	2:28278596c2a2	2463	return ASN_BEFORE_DATE_E;
wolfSSL	2:28278596c2a2	2464	else
wolfSSL	2:28278596c2a2	2465	return ASN_AFTER_DATE_E;
wolfSSL	2:28278596c2a2	2466	}
wolfSSL	2:28278596c2a2	2467
wolfSSL	2:28278596c2a2	2468	return 0;
wolfSSL	2:28278596c2a2	2469	}
wolfSSL	2:28278596c2a2	2470
wolfSSL	2:28278596c2a2	2471
wolfSSL	2:28278596c2a2	2472	static int GetValidity(DecodedCert* cert, int verify)
wolfSSL	2:28278596c2a2	2473	{
wolfSSL	2:28278596c2a2	2474	int length;
wolfSSL	2:28278596c2a2	2475	int badDate = 0;
wolfSSL	2:28278596c2a2	2476
wolfSSL	2:28278596c2a2	2477	if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	2478	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	2479
wolfSSL	2:28278596c2a2	2480	if (GetDate(cert, BEFORE) < 0 && verify)
wolfSSL	2:28278596c2a2	2481	badDate = ASN_BEFORE_DATE_E; /* continue parsing */
wolfSSL	2:28278596c2a2	2482
wolfSSL	2:28278596c2a2	2483	if (GetDate(cert, AFTER) < 0 && verify)
wolfSSL	2:28278596c2a2	2484	return ASN_AFTER_DATE_E;
wolfSSL	2:28278596c2a2	2485
wolfSSL	2:28278596c2a2	2486	if (badDate != 0)
wolfSSL	2:28278596c2a2	2487	return badDate;
wolfSSL	2:28278596c2a2	2488
wolfSSL	2:28278596c2a2	2489	return 0;
wolfSSL	2:28278596c2a2	2490	}
wolfSSL	2:28278596c2a2	2491
wolfSSL	2:28278596c2a2	2492
wolfSSL	2:28278596c2a2	2493	int DecodeToKey(DecodedCert* cert, int verify)
wolfSSL	2:28278596c2a2	2494	{
wolfSSL	2:28278596c2a2	2495	int badDate = 0;
wolfSSL	2:28278596c2a2	2496	int ret;
wolfSSL	2:28278596c2a2	2497
wolfSSL	2:28278596c2a2	2498	if ( (ret = GetCertHeader(cert)) < 0)
wolfSSL	2:28278596c2a2	2499	return ret;
wolfSSL	2:28278596c2a2	2500
wolfSSL	2:28278596c2a2	2501	WOLFSSL_MSG("Got Cert Header");
wolfSSL	2:28278596c2a2	2502
wolfSSL	2:28278596c2a2	2503	if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID,
wolfSSL	2:28278596c2a2	2504	cert->maxIdx)) < 0)
wolfSSL	2:28278596c2a2	2505	return ret;
wolfSSL	2:28278596c2a2	2506
wolfSSL	2:28278596c2a2	2507	WOLFSSL_MSG("Got Algo ID");
wolfSSL	2:28278596c2a2	2508
wolfSSL	2:28278596c2a2	2509	if ( (ret = GetName(cert, ISSUER)) < 0)
wolfSSL	2:28278596c2a2	2510	return ret;
wolfSSL	2:28278596c2a2	2511
wolfSSL	2:28278596c2a2	2512	if ( (ret = GetValidity(cert, verify)) < 0)
wolfSSL	2:28278596c2a2	2513	badDate = ret;
wolfSSL	2:28278596c2a2	2514
wolfSSL	2:28278596c2a2	2515	if ( (ret = GetName(cert, SUBJECT)) < 0)
wolfSSL	2:28278596c2a2	2516	return ret;
wolfSSL	2:28278596c2a2	2517
wolfSSL	2:28278596c2a2	2518	WOLFSSL_MSG("Got Subject Name");
wolfSSL	2:28278596c2a2	2519
wolfSSL	2:28278596c2a2	2520	if ( (ret = GetKey(cert)) < 0)
wolfSSL	2:28278596c2a2	2521	return ret;
wolfSSL	2:28278596c2a2	2522
wolfSSL	2:28278596c2a2	2523	WOLFSSL_MSG("Got Key");
wolfSSL	2:28278596c2a2	2524
wolfSSL	2:28278596c2a2	2525	if (badDate != 0)
wolfSSL	2:28278596c2a2	2526	return badDate;
wolfSSL	2:28278596c2a2	2527
wolfSSL	2:28278596c2a2	2528	return ret;
wolfSSL	2:28278596c2a2	2529	}
wolfSSL	2:28278596c2a2	2530
wolfSSL	2:28278596c2a2	2531
wolfSSL	2:28278596c2a2	2532	static int GetSignature(DecodedCert* cert)
wolfSSL	2:28278596c2a2	2533	{
wolfSSL	2:28278596c2a2	2534	int length;
wolfSSL	2:28278596c2a2	2535	byte b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	2536
wolfSSL	2:28278596c2a2	2537	if (b != ASN_BIT_STRING)
wolfSSL	2:28278596c2a2	2538	return ASN_BITSTR_E;
wolfSSL	2:28278596c2a2	2539
wolfSSL	2:28278596c2a2	2540	if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
wolfSSL	2:28278596c2a2	2541	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	2542
wolfSSL	2:28278596c2a2	2543	cert->sigLength = length;
wolfSSL	2:28278596c2a2	2544
wolfSSL	2:28278596c2a2	2545	b = cert->source[cert->srcIdx++];
wolfSSL	2:28278596c2a2	2546	if (b != 0x00)
wolfSSL	2:28278596c2a2	2547	return ASN_EXPECT_0_E;
wolfSSL	2:28278596c2a2	2548
wolfSSL	2:28278596c2a2	2549	cert->sigLength--;
wolfSSL	2:28278596c2a2	2550	cert->signature = &cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	2551	cert->srcIdx += cert->sigLength;
wolfSSL	2:28278596c2a2	2552
wolfSSL	2:28278596c2a2	2553	return 0;
wolfSSL	2:28278596c2a2	2554	}
wolfSSL	2:28278596c2a2	2555
wolfSSL	2:28278596c2a2	2556
wolfSSL	2:28278596c2a2	2557	static word32 SetDigest(const byte* digest, word32 digSz, byte* output)
wolfSSL	2:28278596c2a2	2558	{
wolfSSL	2:28278596c2a2	2559	output[0] = ASN_OCTET_STRING;
wolfSSL	2:28278596c2a2	2560	output[1] = (byte)digSz;
wolfSSL	2:28278596c2a2	2561	XMEMCPY(&output[2], digest, digSz);
wolfSSL	2:28278596c2a2	2562
wolfSSL	2:28278596c2a2	2563	return digSz + 2;
wolfSSL	2:28278596c2a2	2564	}
wolfSSL	2:28278596c2a2	2565
wolfSSL	2:28278596c2a2	2566
wolfSSL	2:28278596c2a2	2567	static word32 BytePrecision(word32 value)
wolfSSL	2:28278596c2a2	2568	{
wolfSSL	2:28278596c2a2	2569	word32 i;
wolfSSL	2:28278596c2a2	2570	for (i = sizeof(value); i; --i)
wolfSSL	2:28278596c2a2	2571	if (value >> ((i - 1) * WOLFSSL_BIT_SIZE))
wolfSSL	2:28278596c2a2	2572	break;
wolfSSL	2:28278596c2a2	2573
wolfSSL	2:28278596c2a2	2574	return i;
wolfSSL	2:28278596c2a2	2575	}
wolfSSL	2:28278596c2a2	2576
wolfSSL	2:28278596c2a2	2577
wolfSSL	2:28278596c2a2	2578	WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output)
wolfSSL	2:28278596c2a2	2579	{
wolfSSL	2:28278596c2a2	2580	word32 i = 0, j;
wolfSSL	2:28278596c2a2	2581
wolfSSL	2:28278596c2a2	2582	if (length < ASN_LONG_LENGTH)
wolfSSL	2:28278596c2a2	2583	output[i++] = (byte)length;
wolfSSL	2:28278596c2a2	2584	else {
wolfSSL	2:28278596c2a2	2585	output[i++] = (byte)(BytePrecision(length) \| ASN_LONG_LENGTH);
wolfSSL	2:28278596c2a2	2586
wolfSSL	2:28278596c2a2	2587	for (j = BytePrecision(length); j; --j) {
wolfSSL	2:28278596c2a2	2588	output[i] = (byte)(length >> ((j - 1) * WOLFSSL_BIT_SIZE));
wolfSSL	2:28278596c2a2	2589	i++;
wolfSSL	2:28278596c2a2	2590	}
wolfSSL	2:28278596c2a2	2591	}
wolfSSL	2:28278596c2a2	2592
wolfSSL	2:28278596c2a2	2593	return i;
wolfSSL	2:28278596c2a2	2594	}
wolfSSL	2:28278596c2a2	2595
wolfSSL	2:28278596c2a2	2596
wolfSSL	2:28278596c2a2	2597	WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output)
wolfSSL	2:28278596c2a2	2598	{
wolfSSL	2:28278596c2a2	2599	output[0] = ASN_SEQUENCE \| ASN_CONSTRUCTED;
wolfSSL	2:28278596c2a2	2600	return SetLength(len, output + 1) + 1;
wolfSSL	2:28278596c2a2	2601	}
wolfSSL	2:28278596c2a2	2602
wolfSSL	2:28278596c2a2	2603	WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output)
wolfSSL	2:28278596c2a2	2604	{
wolfSSL	2:28278596c2a2	2605	output[0] = ASN_OCTET_STRING;
wolfSSL	2:28278596c2a2	2606	return SetLength(len, output + 1) + 1;
wolfSSL	2:28278596c2a2	2607	}
wolfSSL	2:28278596c2a2	2608
wolfSSL	2:28278596c2a2	2609	/* Write a set header to output */
wolfSSL	2:28278596c2a2	2610	WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output)
wolfSSL	2:28278596c2a2	2611	{
wolfSSL	2:28278596c2a2	2612	output[0] = ASN_SET \| ASN_CONSTRUCTED;
wolfSSL	2:28278596c2a2	2613	return SetLength(len, output + 1) + 1;
wolfSSL	2:28278596c2a2	2614	}
wolfSSL	2:28278596c2a2	2615
wolfSSL	2:28278596c2a2	2616	WOLFSSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len, byte* output)
wolfSSL	2:28278596c2a2	2617	{
wolfSSL	2:28278596c2a2	2618
wolfSSL	2:28278596c2a2	2619	output[0] = ((tag == ASN_SEQUENCE \|\| tag == ASN_SET) ? ASN_CONSTRUCTED : 0)
wolfSSL	2:28278596c2a2	2620	\| ASN_CONTEXT_SPECIFIC \| number;
wolfSSL	2:28278596c2a2	2621	return SetLength(len, output + 1) + 1;
wolfSSL	2:28278596c2a2	2622	}
wolfSSL	2:28278596c2a2	2623
wolfSSL	2:28278596c2a2	2624	WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output)
wolfSSL	2:28278596c2a2	2625	{
wolfSSL	2:28278596c2a2	2626	output[0] = ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| number;
wolfSSL	2:28278596c2a2	2627	return SetLength(len, output + 1) + 1;
wolfSSL	2:28278596c2a2	2628	}
wolfSSL	2:28278596c2a2	2629
wolfSSL	2:28278596c2a2	2630
wolfSSL	2:28278596c2a2	2631	#if defined(HAVE_ECC) && (defined(WOLFSSL_CERT_GEN) \|\| defined(WOLFSSL_KEY_GEN))
wolfSSL	2:28278596c2a2	2632
wolfSSL	2:28278596c2a2	2633	static word32 SetCurve(ecc_key* key, byte* output)
wolfSSL	2:28278596c2a2	2634	{
wolfSSL	2:28278596c2a2	2635
wolfSSL	2:28278596c2a2	2636	/* curve types */
wolfSSL	2:28278596c2a2	2637	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC192)
wolfSSL	2:28278596c2a2	2638	static const byte ECC_192v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
wolfSSL	2:28278596c2a2	2639	0x03, 0x01, 0x01};
wolfSSL	2:28278596c2a2	2640	#endif
wolfSSL	2:28278596c2a2	2641	#if defined(HAVE_ALL_CURVES) \|\| !defined(NO_ECC256)
wolfSSL	2:28278596c2a2	2642	static const byte ECC_256v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
wolfSSL	2:28278596c2a2	2643	0x03, 0x01, 0x07};
wolfSSL	2:28278596c2a2	2644	#endif
wolfSSL	2:28278596c2a2	2645	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC160)
wolfSSL	2:28278596c2a2	2646	static const byte ECC_160r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
wolfSSL	2:28278596c2a2	2647	0x02};
wolfSSL	2:28278596c2a2	2648	#endif
wolfSSL	2:28278596c2a2	2649	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC224)
wolfSSL	2:28278596c2a2	2650	static const byte ECC_224r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
wolfSSL	2:28278596c2a2	2651	0x21};
wolfSSL	2:28278596c2a2	2652	#endif
wolfSSL	2:28278596c2a2	2653	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC384)
wolfSSL	2:28278596c2a2	2654	static const byte ECC_384r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
wolfSSL	2:28278596c2a2	2655	0x22};
wolfSSL	2:28278596c2a2	2656	#endif
wolfSSL	2:28278596c2a2	2657	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC521)
wolfSSL	2:28278596c2a2	2658	static const byte ECC_521r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00,
wolfSSL	2:28278596c2a2	2659	0x23};
wolfSSL	2:28278596c2a2	2660	#endif
wolfSSL	2:28278596c2a2	2661
wolfSSL	2:28278596c2a2	2662	int oidSz = 0;
wolfSSL	2:28278596c2a2	2663	int idx = 0;
wolfSSL	2:28278596c2a2	2664	int lenSz = 0;
wolfSSL	2:28278596c2a2	2665	const byte* oid = 0;
wolfSSL	2:28278596c2a2	2666
wolfSSL	2:28278596c2a2	2667	output[0] = ASN_OBJECT_ID;
wolfSSL	2:28278596c2a2	2668	idx++;
wolfSSL	2:28278596c2a2	2669
wolfSSL	2:28278596c2a2	2670	switch (key->dp->size) {
wolfSSL	2:28278596c2a2	2671	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC160)
wolfSSL	2:28278596c2a2	2672	case 20:
wolfSSL	2:28278596c2a2	2673	oidSz = sizeof(ECC_160r1_AlgoID);
wolfSSL	2:28278596c2a2	2674	oid = ECC_160r1_AlgoID;
wolfSSL	2:28278596c2a2	2675	break;
wolfSSL	2:28278596c2a2	2676	#endif
wolfSSL	2:28278596c2a2	2677
wolfSSL	2:28278596c2a2	2678	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC192)
wolfSSL	2:28278596c2a2	2679	case 24:
wolfSSL	2:28278596c2a2	2680	oidSz = sizeof(ECC_192v1_AlgoID);
wolfSSL	2:28278596c2a2	2681	oid = ECC_192v1_AlgoID;
wolfSSL	2:28278596c2a2	2682	break;
wolfSSL	2:28278596c2a2	2683	#endif
wolfSSL	2:28278596c2a2	2684
wolfSSL	2:28278596c2a2	2685	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC224)
wolfSSL	2:28278596c2a2	2686	case 28:
wolfSSL	2:28278596c2a2	2687	oidSz = sizeof(ECC_224r1_AlgoID);
wolfSSL	2:28278596c2a2	2688	oid = ECC_224r1_AlgoID;
wolfSSL	2:28278596c2a2	2689	break;
wolfSSL	2:28278596c2a2	2690	#endif
wolfSSL	2:28278596c2a2	2691
wolfSSL	2:28278596c2a2	2692	#if defined(HAVE_ALL_CURVES) \|\| !defined(NO_ECC256)
wolfSSL	2:28278596c2a2	2693	case 32:
wolfSSL	2:28278596c2a2	2694	oidSz = sizeof(ECC_256v1_AlgoID);
wolfSSL	2:28278596c2a2	2695	oid = ECC_256v1_AlgoID;
wolfSSL	2:28278596c2a2	2696	break;
wolfSSL	2:28278596c2a2	2697	#endif
wolfSSL	2:28278596c2a2	2698
wolfSSL	2:28278596c2a2	2699	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC384)
wolfSSL	2:28278596c2a2	2700	case 48:
wolfSSL	2:28278596c2a2	2701	oidSz = sizeof(ECC_384r1_AlgoID);
wolfSSL	2:28278596c2a2	2702	oid = ECC_384r1_AlgoID;
wolfSSL	2:28278596c2a2	2703	break;
wolfSSL	2:28278596c2a2	2704	#endif
wolfSSL	2:28278596c2a2	2705
wolfSSL	2:28278596c2a2	2706	#if defined(HAVE_ALL_CURVES) \|\| defined(HAVE_ECC521)
wolfSSL	2:28278596c2a2	2707	case 66:
wolfSSL	2:28278596c2a2	2708	oidSz = sizeof(ECC_521r1_AlgoID);
wolfSSL	2:28278596c2a2	2709	oid = ECC_521r1_AlgoID;
wolfSSL	2:28278596c2a2	2710	break;
wolfSSL	2:28278596c2a2	2711	#endif
wolfSSL	2:28278596c2a2	2712
wolfSSL	2:28278596c2a2	2713	default:
wolfSSL	2:28278596c2a2	2714	return ASN_UNKNOWN_OID_E;
wolfSSL	2:28278596c2a2	2715	}
wolfSSL	2:28278596c2a2	2716	lenSz = SetLength(oidSz, output+idx);
wolfSSL	2:28278596c2a2	2717	idx += lenSz;
wolfSSL	2:28278596c2a2	2718
wolfSSL	2:28278596c2a2	2719	XMEMCPY(output+idx, oid, oidSz);
wolfSSL	2:28278596c2a2	2720	idx += oidSz;
wolfSSL	2:28278596c2a2	2721
wolfSSL	2:28278596c2a2	2722	return idx;
wolfSSL	2:28278596c2a2	2723	}
wolfSSL	2:28278596c2a2	2724
wolfSSL	2:28278596c2a2	2725	#endif /* HAVE_ECC && WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	2726
wolfSSL	2:28278596c2a2	2727
wolfSSL	2:28278596c2a2	2728	WOLFSSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
wolfSSL	2:28278596c2a2	2729	{
wolfSSL	2:28278596c2a2	2730	/* adding TAG_NULL and 0 to end */
wolfSSL	2:28278596c2a2	2731
wolfSSL	2:28278596c2a2	2732	/* hashTypes */
wolfSSL	2:28278596c2a2	2733	static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a,
wolfSSL	2:28278596c2a2	2734	0x05, 0x00 };
wolfSSL	2:28278596c2a2	2735	static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
wolfSSL	2:28278596c2a2	2736	0x04, 0x02, 0x01, 0x05, 0x00 };
wolfSSL	2:28278596c2a2	2737	static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
wolfSSL	2:28278596c2a2	2738	0x04, 0x02, 0x02, 0x05, 0x00 };
wolfSSL	2:28278596c2a2	2739	static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
wolfSSL	2:28278596c2a2	2740	0x04, 0x02, 0x03, 0x05, 0x00 };
wolfSSL	2:28278596c2a2	2741	static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
wolfSSL	2:28278596c2a2	2742	0x02, 0x05, 0x05, 0x00 };
wolfSSL	2:28278596c2a2	2743	static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
wolfSSL	2:28278596c2a2	2744	0x02, 0x02, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2745
wolfSSL	2:28278596c2a2	2746	/* blkTypes, no NULL tags because IV is there instead */
wolfSSL	2:28278596c2a2	2747	static const byte desCbcAlgoID[] = { 0x2B, 0x0E, 0x03, 0x02, 0x07 };
wolfSSL	2:28278596c2a2	2748	static const byte des3CbcAlgoID[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
wolfSSL	2:28278596c2a2	2749	0x0D, 0x03, 0x07 };
wolfSSL	2:28278596c2a2	2750
wolfSSL	2:28278596c2a2	2751	/* RSA sigTypes */
wolfSSL	2:28278596c2a2	2752	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	2753	static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
wolfSSL	2:28278596c2a2	2754	0x0d, 0x01, 0x01, 0x04, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2755	static const byte shawRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
wolfSSL	2:28278596c2a2	2756	0x0d, 0x01, 0x01, 0x05, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2757	static const byte sha256wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7,
wolfSSL	2:28278596c2a2	2758	0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2759	static const byte sha384wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
wolfSSL	2:28278596c2a2	2760	0x0d, 0x01, 0x01, 0x0c, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2761	static const byte sha512wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7,
wolfSSL	2:28278596c2a2	2762	0x0d, 0x01, 0x01, 0x0d, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2763	#endif /* NO_RSA */
wolfSSL	2:28278596c2a2	2764
wolfSSL	2:28278596c2a2	2765	/* ECDSA sigTypes */
wolfSSL	2:28278596c2a2	2766	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	2767	static const byte shawECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
wolfSSL	2:28278596c2a2	2768	0x04, 0x01, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2769	static const byte sha256wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d,
wolfSSL	2:28278596c2a2	2770	0x04, 0x03, 0x02, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2771	static const byte sha384wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d,
wolfSSL	2:28278596c2a2	2772	0x04, 0x03, 0x03, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2773	static const byte sha512wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d,
wolfSSL	2:28278596c2a2	2774	0x04, 0x03, 0x04, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2775	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	2776
wolfSSL	2:28278596c2a2	2777	/* RSA keyType */
wolfSSL	2:28278596c2a2	2778	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	2779	static const byte RSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
wolfSSL	2:28278596c2a2	2780	0x01, 0x01, 0x01, 0x05, 0x00};
wolfSSL	2:28278596c2a2	2781	#endif /* NO_RSA */
wolfSSL	2:28278596c2a2	2782
wolfSSL	2:28278596c2a2	2783	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	2784	/* ECC keyType */
wolfSSL	2:28278596c2a2	2785	/* no tags, so set tagSz smaller later */
wolfSSL	2:28278596c2a2	2786	static const byte ECC_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d,
wolfSSL	2:28278596c2a2	2787	0x02, 0x01};
wolfSSL	2:28278596c2a2	2788	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	2789
wolfSSL	2:28278596c2a2	2790	int algoSz = 0;
wolfSSL	2:28278596c2a2	2791	int tagSz = 2; /* tag null and terminator */
wolfSSL	2:28278596c2a2	2792	word32 idSz, seqSz;
wolfSSL	2:28278596c2a2	2793	const byte* algoName = 0;
wolfSSL	2:28278596c2a2	2794	byte ID_Length[MAX_LENGTH_SZ];
wolfSSL	2:28278596c2a2	2795	byte seqArray[MAX_SEQ_SZ + 1]; /* add object_id to end */
wolfSSL	2:28278596c2a2	2796
wolfSSL	2:28278596c2a2	2797	if (type == hashType) {
wolfSSL	2:28278596c2a2	2798	switch (algoOID) {
wolfSSL	2:28278596c2a2	2799	case SHAh:
wolfSSL	2:28278596c2a2	2800	algoSz = sizeof(shaAlgoID);
wolfSSL	2:28278596c2a2	2801	algoName = shaAlgoID;
wolfSSL	2:28278596c2a2	2802	break;
wolfSSL	2:28278596c2a2	2803
wolfSSL	2:28278596c2a2	2804	case SHA256h:
wolfSSL	2:28278596c2a2	2805	algoSz = sizeof(sha256AlgoID);
wolfSSL	2:28278596c2a2	2806	algoName = sha256AlgoID;
wolfSSL	2:28278596c2a2	2807	break;
wolfSSL	2:28278596c2a2	2808
wolfSSL	2:28278596c2a2	2809	case SHA384h:
wolfSSL	2:28278596c2a2	2810	algoSz = sizeof(sha384AlgoID);
wolfSSL	2:28278596c2a2	2811	algoName = sha384AlgoID;
wolfSSL	2:28278596c2a2	2812	break;
wolfSSL	2:28278596c2a2	2813
wolfSSL	2:28278596c2a2	2814	case SHA512h:
wolfSSL	2:28278596c2a2	2815	algoSz = sizeof(sha512AlgoID);
wolfSSL	2:28278596c2a2	2816	algoName = sha512AlgoID;
wolfSSL	2:28278596c2a2	2817	break;
wolfSSL	2:28278596c2a2	2818
wolfSSL	2:28278596c2a2	2819	case MD2h:
wolfSSL	2:28278596c2a2	2820	algoSz = sizeof(md2AlgoID);
wolfSSL	2:28278596c2a2	2821	algoName = md2AlgoID;
wolfSSL	2:28278596c2a2	2822	break;
wolfSSL	2:28278596c2a2	2823
wolfSSL	2:28278596c2a2	2824	case MD5h:
wolfSSL	2:28278596c2a2	2825	algoSz = sizeof(md5AlgoID);
wolfSSL	2:28278596c2a2	2826	algoName = md5AlgoID;
wolfSSL	2:28278596c2a2	2827	break;
wolfSSL	2:28278596c2a2	2828
wolfSSL	2:28278596c2a2	2829	default:
wolfSSL	2:28278596c2a2	2830	WOLFSSL_MSG("Unknown Hash Algo");
wolfSSL	2:28278596c2a2	2831	return 0; /* UNKOWN_HASH_E; */
wolfSSL	2:28278596c2a2	2832	}
wolfSSL	2:28278596c2a2	2833	}
wolfSSL	2:28278596c2a2	2834	else if (type == blkType) {
wolfSSL	2:28278596c2a2	2835	switch (algoOID) {
wolfSSL	2:28278596c2a2	2836	case DESb:
wolfSSL	2:28278596c2a2	2837	algoSz = sizeof(desCbcAlgoID);
wolfSSL	2:28278596c2a2	2838	algoName = desCbcAlgoID;
wolfSSL	2:28278596c2a2	2839	tagSz = 0;
wolfSSL	2:28278596c2a2	2840	break;
wolfSSL	2:28278596c2a2	2841	case DES3b:
wolfSSL	2:28278596c2a2	2842	algoSz = sizeof(des3CbcAlgoID);
wolfSSL	2:28278596c2a2	2843	algoName = des3CbcAlgoID;
wolfSSL	2:28278596c2a2	2844	tagSz = 0;
wolfSSL	2:28278596c2a2	2845	break;
wolfSSL	2:28278596c2a2	2846	default:
wolfSSL	2:28278596c2a2	2847	WOLFSSL_MSG("Unknown Block Algo");
wolfSSL	2:28278596c2a2	2848	return 0;
wolfSSL	2:28278596c2a2	2849	}
wolfSSL	2:28278596c2a2	2850	}
wolfSSL	2:28278596c2a2	2851	else if (type == sigType) { /* sigType */
wolfSSL	2:28278596c2a2	2852	switch (algoOID) {
wolfSSL	2:28278596c2a2	2853	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	2854	case CTC_MD5wRSA:
wolfSSL	2:28278596c2a2	2855	algoSz = sizeof(md5wRSA_AlgoID);
wolfSSL	2:28278596c2a2	2856	algoName = md5wRSA_AlgoID;
wolfSSL	2:28278596c2a2	2857	break;
wolfSSL	2:28278596c2a2	2858
wolfSSL	2:28278596c2a2	2859	case CTC_SHAwRSA:
wolfSSL	2:28278596c2a2	2860	algoSz = sizeof(shawRSA_AlgoID);
wolfSSL	2:28278596c2a2	2861	algoName = shawRSA_AlgoID;
wolfSSL	2:28278596c2a2	2862	break;
wolfSSL	2:28278596c2a2	2863
wolfSSL	2:28278596c2a2	2864	case CTC_SHA256wRSA:
wolfSSL	2:28278596c2a2	2865	algoSz = sizeof(sha256wRSA_AlgoID);
wolfSSL	2:28278596c2a2	2866	algoName = sha256wRSA_AlgoID;
wolfSSL	2:28278596c2a2	2867	break;
wolfSSL	2:28278596c2a2	2868
wolfSSL	2:28278596c2a2	2869	case CTC_SHA384wRSA:
wolfSSL	2:28278596c2a2	2870	algoSz = sizeof(sha384wRSA_AlgoID);
wolfSSL	2:28278596c2a2	2871	algoName = sha384wRSA_AlgoID;
wolfSSL	2:28278596c2a2	2872	break;
wolfSSL	2:28278596c2a2	2873
wolfSSL	2:28278596c2a2	2874	case CTC_SHA512wRSA:
wolfSSL	2:28278596c2a2	2875	algoSz = sizeof(sha512wRSA_AlgoID);
wolfSSL	2:28278596c2a2	2876	algoName = sha512wRSA_AlgoID;
wolfSSL	2:28278596c2a2	2877	break;
wolfSSL	2:28278596c2a2	2878	#endif /* NO_RSA */
wolfSSL	2:28278596c2a2	2879	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	2880	case CTC_SHAwECDSA:
wolfSSL	2:28278596c2a2	2881	algoSz = sizeof(shawECDSA_AlgoID);
wolfSSL	2:28278596c2a2	2882	algoName = shawECDSA_AlgoID;
wolfSSL	2:28278596c2a2	2883	break;
wolfSSL	2:28278596c2a2	2884
wolfSSL	2:28278596c2a2	2885	case CTC_SHA256wECDSA:
wolfSSL	2:28278596c2a2	2886	algoSz = sizeof(sha256wECDSA_AlgoID);
wolfSSL	2:28278596c2a2	2887	algoName = sha256wECDSA_AlgoID;
wolfSSL	2:28278596c2a2	2888	break;
wolfSSL	2:28278596c2a2	2889
wolfSSL	2:28278596c2a2	2890	case CTC_SHA384wECDSA:
wolfSSL	2:28278596c2a2	2891	algoSz = sizeof(sha384wECDSA_AlgoID);
wolfSSL	2:28278596c2a2	2892	algoName = sha384wECDSA_AlgoID;
wolfSSL	2:28278596c2a2	2893	break;
wolfSSL	2:28278596c2a2	2894
wolfSSL	2:28278596c2a2	2895	case CTC_SHA512wECDSA:
wolfSSL	2:28278596c2a2	2896	algoSz = sizeof(sha512wECDSA_AlgoID);
wolfSSL	2:28278596c2a2	2897	algoName = sha512wECDSA_AlgoID;
wolfSSL	2:28278596c2a2	2898	break;
wolfSSL	2:28278596c2a2	2899	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	2900	default:
wolfSSL	2:28278596c2a2	2901	WOLFSSL_MSG("Unknown Signature Algo");
wolfSSL	2:28278596c2a2	2902	return 0;
wolfSSL	2:28278596c2a2	2903	}
wolfSSL	2:28278596c2a2	2904	}
wolfSSL	2:28278596c2a2	2905	else if (type == keyType) { /* keyType */
wolfSSL	2:28278596c2a2	2906	switch (algoOID) {
wolfSSL	2:28278596c2a2	2907	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	2908	case RSAk:
wolfSSL	2:28278596c2a2	2909	algoSz = sizeof(RSA_AlgoID);
wolfSSL	2:28278596c2a2	2910	algoName = RSA_AlgoID;
wolfSSL	2:28278596c2a2	2911	break;
wolfSSL	2:28278596c2a2	2912	#endif /* NO_RSA */
wolfSSL	2:28278596c2a2	2913	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	2914	case ECDSAk:
wolfSSL	2:28278596c2a2	2915	algoSz = sizeof(ECC_AlgoID);
wolfSSL	2:28278596c2a2	2916	algoName = ECC_AlgoID;
wolfSSL	2:28278596c2a2	2917	tagSz = 0;
wolfSSL	2:28278596c2a2	2918	break;
wolfSSL	2:28278596c2a2	2919	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	2920	default:
wolfSSL	2:28278596c2a2	2921	WOLFSSL_MSG("Unknown Key Algo");
wolfSSL	2:28278596c2a2	2922	return 0;
wolfSSL	2:28278596c2a2	2923	}
wolfSSL	2:28278596c2a2	2924	}
wolfSSL	2:28278596c2a2	2925	else {
wolfSSL	2:28278596c2a2	2926	WOLFSSL_MSG("Unknown Algo type");
wolfSSL	2:28278596c2a2	2927	return 0;
wolfSSL	2:28278596c2a2	2928	}
wolfSSL	2:28278596c2a2	2929
wolfSSL	2:28278596c2a2	2930	idSz = SetLength(algoSz - tagSz, ID_Length); /* don't include tags */
wolfSSL	2:28278596c2a2	2931	seqSz = SetSequence(idSz + algoSz + 1 + curveSz, seqArray);
wolfSSL	2:28278596c2a2	2932	/* +1 for object id, curveID of curveSz follows for ecc */
wolfSSL	2:28278596c2a2	2933	seqArray[seqSz++] = ASN_OBJECT_ID;
wolfSSL	2:28278596c2a2	2934
wolfSSL	2:28278596c2a2	2935	XMEMCPY(output, seqArray, seqSz);
wolfSSL	2:28278596c2a2	2936	XMEMCPY(output + seqSz, ID_Length, idSz);
wolfSSL	2:28278596c2a2	2937	XMEMCPY(output + seqSz + idSz, algoName, algoSz);
wolfSSL	2:28278596c2a2	2938
wolfSSL	2:28278596c2a2	2939	return seqSz + idSz + algoSz;
wolfSSL	2:28278596c2a2	2940
wolfSSL	2:28278596c2a2	2941	}
wolfSSL	2:28278596c2a2	2942
wolfSSL	2:28278596c2a2	2943
wolfSSL	2:28278596c2a2	2944	word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
wolfSSL	2:28278596c2a2	2945	int hashOID)
wolfSSL	2:28278596c2a2	2946	{
wolfSSL	2:28278596c2a2	2947	byte digArray[MAX_ENCODED_DIG_SZ];
wolfSSL	2:28278596c2a2	2948	byte algoArray[MAX_ALGO_SZ];
wolfSSL	2:28278596c2a2	2949	byte seqArray[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	2950	word32 encDigSz, algoSz, seqSz;
wolfSSL	2:28278596c2a2	2951
wolfSSL	2:28278596c2a2	2952	encDigSz = SetDigest(digest, digSz, digArray);
wolfSSL	2:28278596c2a2	2953	algoSz = SetAlgoID(hashOID, algoArray, hashType, 0);
wolfSSL	2:28278596c2a2	2954	seqSz = SetSequence(encDigSz + algoSz, seqArray);
wolfSSL	2:28278596c2a2	2955
wolfSSL	2:28278596c2a2	2956	XMEMCPY(out, seqArray, seqSz);
wolfSSL	2:28278596c2a2	2957	XMEMCPY(out + seqSz, algoArray, algoSz);
wolfSSL	2:28278596c2a2	2958	XMEMCPY(out + seqSz + algoSz, digArray, encDigSz);
wolfSSL	2:28278596c2a2	2959
wolfSSL	2:28278596c2a2	2960	return encDigSz + algoSz + seqSz;
wolfSSL	2:28278596c2a2	2961	}
wolfSSL	2:28278596c2a2	2962
wolfSSL	2:28278596c2a2	2963
wolfSSL	2:28278596c2a2	2964	int wc_GetCTC_HashOID(int type)
wolfSSL	2:28278596c2a2	2965	{
wolfSSL	2:28278596c2a2	2966	switch (type) {
wolfSSL	2:28278596c2a2	2967	#ifdef WOLFSSL_MD2
wolfSSL	2:28278596c2a2	2968	case MD2:
wolfSSL	2:28278596c2a2	2969	return MD2h;
wolfSSL	2:28278596c2a2	2970	#endif
wolfSSL	2:28278596c2a2	2971	#ifndef NO_MD5
wolfSSL	2:28278596c2a2	2972	case MD5:
wolfSSL	2:28278596c2a2	2973	return MD5h;
wolfSSL	2:28278596c2a2	2974	#endif
wolfSSL	2:28278596c2a2	2975	#ifndef NO_SHA
wolfSSL	2:28278596c2a2	2976	case SHA:
wolfSSL	2:28278596c2a2	2977	return SHAh;
wolfSSL	2:28278596c2a2	2978	#endif
wolfSSL	2:28278596c2a2	2979	#ifndef NO_SHA256
wolfSSL	2:28278596c2a2	2980	case SHA256:
wolfSSL	2:28278596c2a2	2981	return SHA256h;
wolfSSL	2:28278596c2a2	2982	#endif
wolfSSL	2:28278596c2a2	2983	#ifdef WOLFSSL_SHA384
wolfSSL	2:28278596c2a2	2984	case SHA384:
wolfSSL	2:28278596c2a2	2985	return SHA384h;
wolfSSL	2:28278596c2a2	2986	#endif
wolfSSL	2:28278596c2a2	2987	#ifdef WOLFSSL_SHA512
wolfSSL	2:28278596c2a2	2988	case SHA512:
wolfSSL	2:28278596c2a2	2989	return SHA512h;
wolfSSL	2:28278596c2a2	2990	#endif
wolfSSL	2:28278596c2a2	2991	default:
wolfSSL	2:28278596c2a2	2992	return 0;
wolfSSL	2:28278596c2a2	2993	};
wolfSSL	2:28278596c2a2	2994	}
wolfSSL	2:28278596c2a2	2995
wolfSSL	2:28278596c2a2	2996
wolfSSL	2:28278596c2a2	2997	/* return true (1) or false (0) for Confirmation */
wolfSSL	2:28278596c2a2	2998	static int ConfirmSignature(const byte* buf, word32 bufSz,
wolfSSL	2:28278596c2a2	2999	const byte* key, word32 keySz, word32 keyOID,
wolfSSL	2:28278596c2a2	3000	const byte* sig, word32 sigSz, word32 sigOID,
wolfSSL	2:28278596c2a2	3001	void* heap)
wolfSSL	2:28278596c2a2	3002	{
wolfSSL	2:28278596c2a2	3003	int typeH = 0, digestSz = 0, ret = 0;
wolfSSL	2:28278596c2a2	3004	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3005	byte* digest;
wolfSSL	2:28278596c2a2	3006	#else
wolfSSL	2:28278596c2a2	3007	byte digest[MAX_DIGEST_SIZE];
wolfSSL	2:28278596c2a2	3008	#endif
wolfSSL	2:28278596c2a2	3009
wolfSSL	2:28278596c2a2	3010	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3011	digest = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3012	if (digest == NULL)
wolfSSL	2:28278596c2a2	3013	return 0; /* not confirmed */
wolfSSL	2:28278596c2a2	3014	#endif
wolfSSL	2:28278596c2a2	3015
wolfSSL	2:28278596c2a2	3016	(void)key;
wolfSSL	2:28278596c2a2	3017	(void)keySz;
wolfSSL	2:28278596c2a2	3018	(void)sig;
wolfSSL	2:28278596c2a2	3019	(void)sigSz;
wolfSSL	2:28278596c2a2	3020	(void)heap;
wolfSSL	2:28278596c2a2	3021
wolfSSL	2:28278596c2a2	3022	switch (sigOID) {
wolfSSL	2:28278596c2a2	3023	#ifndef NO_MD5
wolfSSL	2:28278596c2a2	3024	case CTC_MD5wRSA:
wolfSSL	2:28278596c2a2	3025	if (wc_Md5Hash(buf, bufSz, digest) == 0) {
wolfSSL	2:28278596c2a2	3026	typeH = MD5h;
wolfSSL	2:28278596c2a2	3027	digestSz = MD5_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	3028	}
wolfSSL	2:28278596c2a2	3029	break;
wolfSSL	2:28278596c2a2	3030	#endif
wolfSSL	2:28278596c2a2	3031	#if defined(WOLFSSL_MD2)
wolfSSL	2:28278596c2a2	3032	case CTC_MD2wRSA:
wolfSSL	2:28278596c2a2	3033	if (wc_Md2Hash(buf, bufSz, digest) == 0) {
wolfSSL	2:28278596c2a2	3034	typeH = MD2h;
wolfSSL	2:28278596c2a2	3035	digestSz = MD2_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	3036	}
wolfSSL	2:28278596c2a2	3037	break;
wolfSSL	2:28278596c2a2	3038	#endif
wolfSSL	2:28278596c2a2	3039	#ifndef NO_SHA
wolfSSL	2:28278596c2a2	3040	case CTC_SHAwRSA:
wolfSSL	2:28278596c2a2	3041	case CTC_SHAwDSA:
wolfSSL	2:28278596c2a2	3042	case CTC_SHAwECDSA:
wolfSSL	2:28278596c2a2	3043	if (wc_ShaHash(buf, bufSz, digest) == 0) {
wolfSSL	2:28278596c2a2	3044	typeH = SHAh;
wolfSSL	2:28278596c2a2	3045	digestSz = SHA_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	3046	}
wolfSSL	2:28278596c2a2	3047	break;
wolfSSL	2:28278596c2a2	3048	#endif
wolfSSL	2:28278596c2a2	3049	#ifndef NO_SHA256
wolfSSL	2:28278596c2a2	3050	case CTC_SHA256wRSA:
wolfSSL	2:28278596c2a2	3051	case CTC_SHA256wECDSA:
wolfSSL	2:28278596c2a2	3052	if (wc_Sha256Hash(buf, bufSz, digest) == 0) {
wolfSSL	2:28278596c2a2	3053	typeH = SHA256h;
wolfSSL	2:28278596c2a2	3054	digestSz = SHA256_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	3055	}
wolfSSL	2:28278596c2a2	3056	break;
wolfSSL	2:28278596c2a2	3057	#endif
wolfSSL	2:28278596c2a2	3058	#ifdef WOLFSSL_SHA512
wolfSSL	2:28278596c2a2	3059	case CTC_SHA512wRSA:
wolfSSL	2:28278596c2a2	3060	case CTC_SHA512wECDSA:
wolfSSL	2:28278596c2a2	3061	if (wc_Sha512Hash(buf, bufSz, digest) == 0) {
wolfSSL	2:28278596c2a2	3062	typeH = SHA512h;
wolfSSL	2:28278596c2a2	3063	digestSz = SHA512_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	3064	}
wolfSSL	2:28278596c2a2	3065	break;
wolfSSL	2:28278596c2a2	3066	#endif
wolfSSL	2:28278596c2a2	3067	#ifdef WOLFSSL_SHA384
wolfSSL	2:28278596c2a2	3068	case CTC_SHA384wRSA:
wolfSSL	2:28278596c2a2	3069	case CTC_SHA384wECDSA:
wolfSSL	2:28278596c2a2	3070	if (wc_Sha384Hash(buf, bufSz, digest) == 0) {
wolfSSL	2:28278596c2a2	3071	typeH = SHA384h;
wolfSSL	2:28278596c2a2	3072	digestSz = SHA384_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	3073	}
wolfSSL	2:28278596c2a2	3074	break;
wolfSSL	2:28278596c2a2	3075	#endif
wolfSSL	2:28278596c2a2	3076	default:
wolfSSL	2:28278596c2a2	3077	WOLFSSL_MSG("Verify Signautre has unsupported type");
wolfSSL	2:28278596c2a2	3078	}
wolfSSL	2:28278596c2a2	3079
wolfSSL	2:28278596c2a2	3080	if (typeH == 0) {
wolfSSL	2:28278596c2a2	3081	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3082	XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3083	#endif
wolfSSL	2:28278596c2a2	3084	return 0; /* not confirmed */
wolfSSL	2:28278596c2a2	3085	}
wolfSSL	2:28278596c2a2	3086
wolfSSL	2:28278596c2a2	3087	switch (keyOID) {
wolfSSL	2:28278596c2a2	3088	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	3089	case RSAk:
wolfSSL	2:28278596c2a2	3090	{
wolfSSL	2:28278596c2a2	3091	word32 idx = 0;
wolfSSL	2:28278596c2a2	3092	int encodedSigSz, verifySz;
wolfSSL	2:28278596c2a2	3093	byte* out;
wolfSSL	2:28278596c2a2	3094	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3095	RsaKey* pubKey;
wolfSSL	2:28278596c2a2	3096	byte* plain;
wolfSSL	2:28278596c2a2	3097	byte* encodedSig;
wolfSSL	2:28278596c2a2	3098	#else
wolfSSL	2:28278596c2a2	3099	RsaKey pubKey[1];
wolfSSL	2:28278596c2a2	3100	byte plain[MAX_ENCODED_SIG_SZ];
wolfSSL	2:28278596c2a2	3101	byte encodedSig[MAX_ENCODED_SIG_SZ];
wolfSSL	2:28278596c2a2	3102	#endif
wolfSSL	2:28278596c2a2	3103
wolfSSL	2:28278596c2a2	3104	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3105	pubKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL,
wolfSSL	2:28278596c2a2	3106	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3107	plain = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
wolfSSL	2:28278596c2a2	3108	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3109	encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
wolfSSL	2:28278596c2a2	3110	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3111
wolfSSL	2:28278596c2a2	3112	if (pubKey == NULL \|\| plain == NULL \|\| encodedSig == NULL) {
wolfSSL	2:28278596c2a2	3113	WOLFSSL_MSG("Failed to allocate memory at ConfirmSignature");
wolfSSL	2:28278596c2a2	3114
wolfSSL	2:28278596c2a2	3115	if (pubKey)
wolfSSL	2:28278596c2a2	3116	XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3117	if (plain)
wolfSSL	2:28278596c2a2	3118	XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3119	if (encodedSig)
wolfSSL	2:28278596c2a2	3120	XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3121
wolfSSL	2:28278596c2a2	3122	break; /* not confirmed */
wolfSSL	2:28278596c2a2	3123	}
wolfSSL	2:28278596c2a2	3124	#endif
wolfSSL	2:28278596c2a2	3125
wolfSSL	2:28278596c2a2	3126	if (sigSz > MAX_ENCODED_SIG_SZ) {
wolfSSL	2:28278596c2a2	3127	WOLFSSL_MSG("Verify Signautre is too big");
wolfSSL	2:28278596c2a2	3128	}
wolfSSL	2:28278596c2a2	3129	else if (wc_InitRsaKey(pubKey, heap) != 0) {
wolfSSL	2:28278596c2a2	3130	WOLFSSL_MSG("InitRsaKey failed");
wolfSSL	2:28278596c2a2	3131	}
wolfSSL	2:28278596c2a2	3132	else if (wc_RsaPublicKeyDecode(key, &idx, pubKey, keySz) < 0) {
wolfSSL	2:28278596c2a2	3133	WOLFSSL_MSG("ASN Key decode error RSA");
wolfSSL	2:28278596c2a2	3134	}
wolfSSL	2:28278596c2a2	3135	else {
wolfSSL	2:28278596c2a2	3136	XMEMCPY(plain, sig, sigSz);
wolfSSL	2:28278596c2a2	3137
wolfSSL	2:28278596c2a2	3138	if ((verifySz = wc_RsaSSL_VerifyInline(plain, sigSz, &out,
wolfSSL	2:28278596c2a2	3139	pubKey)) < 0) {
wolfSSL	2:28278596c2a2	3140	WOLFSSL_MSG("Rsa SSL verify error");
wolfSSL	2:28278596c2a2	3141	}
wolfSSL	2:28278596c2a2	3142	else {
wolfSSL	2:28278596c2a2	3143	/* make sure we're right justified */
wolfSSL	2:28278596c2a2	3144	encodedSigSz =
wolfSSL	2:28278596c2a2	3145	wc_EncodeSignature(encodedSig, digest, digestSz, typeH);
wolfSSL	2:28278596c2a2	3146	if (encodedSigSz != verifySz \|\|
wolfSSL	2:28278596c2a2	3147	XMEMCMP(out, encodedSig, encodedSigSz) != 0) {
wolfSSL	2:28278596c2a2	3148	WOLFSSL_MSG("Rsa SSL verify match encode error");
wolfSSL	2:28278596c2a2	3149	}
wolfSSL	2:28278596c2a2	3150	else
wolfSSL	2:28278596c2a2	3151	ret = 1; /* match */
wolfSSL	2:28278596c2a2	3152
wolfSSL	2:28278596c2a2	3153	#ifdef WOLFSSL_DEBUG_ENCODING
wolfSSL	2:28278596c2a2	3154	{
wolfSSL	2:28278596c2a2	3155	int x;
wolfSSL	2:28278596c2a2	3156
wolfSSL	2:28278596c2a2	3157	printf("wolfssl encodedSig:\n");
wolfSSL	2:28278596c2a2	3158
wolfSSL	2:28278596c2a2	3159	for (x = 0; x < encodedSigSz; x++) {
wolfSSL	2:28278596c2a2	3160	printf("%02x ", encodedSig[x]);
wolfSSL	2:28278596c2a2	3161	if ( (x % 16) == 15)
wolfSSL	2:28278596c2a2	3162	printf("\n");
wolfSSL	2:28278596c2a2	3163	}
wolfSSL	2:28278596c2a2	3164
wolfSSL	2:28278596c2a2	3165	printf("\n");
wolfSSL	2:28278596c2a2	3166	printf("actual digest:\n");
wolfSSL	2:28278596c2a2	3167
wolfSSL	2:28278596c2a2	3168	for (x = 0; x < verifySz; x++) {
wolfSSL	2:28278596c2a2	3169	printf("%02x ", out[x]);
wolfSSL	2:28278596c2a2	3170	if ( (x % 16) == 15)
wolfSSL	2:28278596c2a2	3171	printf("\n");
wolfSSL	2:28278596c2a2	3172	}
wolfSSL	2:28278596c2a2	3173
wolfSSL	2:28278596c2a2	3174	printf("\n");
wolfSSL	2:28278596c2a2	3175	}
wolfSSL	2:28278596c2a2	3176	#endif /* WOLFSSL_DEBUG_ENCODING */
wolfSSL	2:28278596c2a2	3177
wolfSSL	2:28278596c2a2	3178	}
wolfSSL	2:28278596c2a2	3179
wolfSSL	2:28278596c2a2	3180	}
wolfSSL	2:28278596c2a2	3181
wolfSSL	2:28278596c2a2	3182	wc_FreeRsaKey(pubKey);
wolfSSL	2:28278596c2a2	3183
wolfSSL	2:28278596c2a2	3184	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3185	XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3186	XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3187	XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3188	#endif
wolfSSL	2:28278596c2a2	3189	break;
wolfSSL	2:28278596c2a2	3190	}
wolfSSL	2:28278596c2a2	3191
wolfSSL	2:28278596c2a2	3192	#endif /* NO_RSA */
wolfSSL	2:28278596c2a2	3193	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	3194	case ECDSAk:
wolfSSL	2:28278596c2a2	3195	{
wolfSSL	2:28278596c2a2	3196	int verify = 0;
wolfSSL	2:28278596c2a2	3197	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3198	ecc_key* pubKey;
wolfSSL	2:28278596c2a2	3199	#else
wolfSSL	2:28278596c2a2	3200	ecc_key pubKey[1];
wolfSSL	2:28278596c2a2	3201	#endif
wolfSSL	2:28278596c2a2	3202
wolfSSL	2:28278596c2a2	3203	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3204	pubKey = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL,
wolfSSL	2:28278596c2a2	3205	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3206	if (pubKey == NULL) {
wolfSSL	2:28278596c2a2	3207	WOLFSSL_MSG("Failed to allocate pubKey");
wolfSSL	2:28278596c2a2	3208	break; /* not confirmed */
wolfSSL	2:28278596c2a2	3209	}
wolfSSL	2:28278596c2a2	3210	#endif
wolfSSL	2:28278596c2a2	3211
wolfSSL	2:28278596c2a2	3212	if (wc_ecc_init(pubKey) < 0) {
wolfSSL	2:28278596c2a2	3213	WOLFSSL_MSG("Failed to initialize key");
wolfSSL	2:28278596c2a2	3214	break; /* not confirmed */
wolfSSL	2:28278596c2a2	3215	}
wolfSSL	2:28278596c2a2	3216	if (wc_ecc_import_x963(key, keySz, pubKey) < 0) {
wolfSSL	2:28278596c2a2	3217	WOLFSSL_MSG("ASN Key import error ECC");
wolfSSL	2:28278596c2a2	3218	}
wolfSSL	2:28278596c2a2	3219	else {
wolfSSL	2:28278596c2a2	3220	if (wc_ecc_verify_hash(sig, sigSz, digest, digestSz, &verify,
wolfSSL	2:28278596c2a2	3221	pubKey) != 0) {
wolfSSL	2:28278596c2a2	3222	WOLFSSL_MSG("ECC verify hash error");
wolfSSL	2:28278596c2a2	3223	}
wolfSSL	2:28278596c2a2	3224	else if (1 != verify) {
wolfSSL	2:28278596c2a2	3225	WOLFSSL_MSG("ECC Verify didn't match");
wolfSSL	2:28278596c2a2	3226	} else
wolfSSL	2:28278596c2a2	3227	ret = 1; /* match */
wolfSSL	2:28278596c2a2	3228
wolfSSL	2:28278596c2a2	3229	}
wolfSSL	2:28278596c2a2	3230	wc_ecc_free(pubKey);
wolfSSL	2:28278596c2a2	3231
wolfSSL	2:28278596c2a2	3232	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3233	XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3234	#endif
wolfSSL	2:28278596c2a2	3235	break;
wolfSSL	2:28278596c2a2	3236	}
wolfSSL	2:28278596c2a2	3237	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	3238	default:
wolfSSL	2:28278596c2a2	3239	WOLFSSL_MSG("Verify Key type unknown");
wolfSSL	2:28278596c2a2	3240	}
wolfSSL	2:28278596c2a2	3241
wolfSSL	2:28278596c2a2	3242	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	3243	XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	3244	#endif
wolfSSL	2:28278596c2a2	3245
wolfSSL	2:28278596c2a2	3246	return ret;
wolfSSL	2:28278596c2a2	3247	}
wolfSSL	2:28278596c2a2	3248
wolfSSL	2:28278596c2a2	3249
wolfSSL	2:28278596c2a2	3250	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	3251
wolfSSL	2:28278596c2a2	3252	static int MatchBaseName(int type, const char* name, int nameSz,
wolfSSL	2:28278596c2a2	3253	const char* base, int baseSz)
wolfSSL	2:28278596c2a2	3254	{
wolfSSL	2:28278596c2a2	3255	if (base == NULL \|\| baseSz <= 0 \|\| name == NULL \|\| nameSz <= 0 \|\|
wolfSSL	2:28278596c2a2	3256	name[0] == '.' \|\| nameSz < baseSz \|\|
wolfSSL	2:28278596c2a2	3257	(type != ASN_RFC822_TYPE && type != ASN_DNS_TYPE))
wolfSSL	2:28278596c2a2	3258	return 0;
wolfSSL	2:28278596c2a2	3259
wolfSSL	2:28278596c2a2	3260	/* If an email type, handle special cases where the base is only
wolfSSL	2:28278596c2a2	3261	* a domain, or is an email address itself. */
wolfSSL	2:28278596c2a2	3262	if (type == ASN_RFC822_TYPE) {
wolfSSL	2:28278596c2a2	3263	const char* p = NULL;
wolfSSL	2:28278596c2a2	3264	int count = 0;
wolfSSL	2:28278596c2a2	3265
wolfSSL	2:28278596c2a2	3266	if (base[0] != '.') {
wolfSSL	2:28278596c2a2	3267	p = base;
wolfSSL	2:28278596c2a2	3268	count = 0;
wolfSSL	2:28278596c2a2	3269
wolfSSL	2:28278596c2a2	3270	/* find the '@' in the base */
wolfSSL	2:28278596c2a2	3271	while (*p != '@' && count < baseSz) {
wolfSSL	2:28278596c2a2	3272	count++;
wolfSSL	2:28278596c2a2	3273	p++;
wolfSSL	2:28278596c2a2	3274	}
wolfSSL	2:28278596c2a2	3275
wolfSSL	2:28278596c2a2	3276	/* No '@' in base, reset p to NULL */
wolfSSL	2:28278596c2a2	3277	if (count >= baseSz)
wolfSSL	2:28278596c2a2	3278	p = NULL;
wolfSSL	2:28278596c2a2	3279	}
wolfSSL	2:28278596c2a2	3280
wolfSSL	2:28278596c2a2	3281	if (p == NULL) {
wolfSSL	2:28278596c2a2	3282	/* Base isn't an email address, it is a domain name,
wolfSSL	2:28278596c2a2	3283	* wind the name forward one character past its '@'. */
wolfSSL	2:28278596c2a2	3284	p = name;
wolfSSL	2:28278596c2a2	3285	count = 0;
wolfSSL	2:28278596c2a2	3286	while (*p != '@' && count < baseSz) {
wolfSSL	2:28278596c2a2	3287	count++;
wolfSSL	2:28278596c2a2	3288	p++;
wolfSSL	2:28278596c2a2	3289	}
wolfSSL	2:28278596c2a2	3290
wolfSSL	2:28278596c2a2	3291	if (count < baseSz && *p == '@') {
wolfSSL	2:28278596c2a2	3292	name = p + 1;
wolfSSL	2:28278596c2a2	3293	nameSz -= count + 1;
wolfSSL	2:28278596c2a2	3294	}
wolfSSL	2:28278596c2a2	3295	}
wolfSSL	2:28278596c2a2	3296	}
wolfSSL	2:28278596c2a2	3297
wolfSSL	2:28278596c2a2	3298	if ((type == ASN_DNS_TYPE \|\| type == ASN_RFC822_TYPE) && base[0] == '.') {
wolfSSL	2:28278596c2a2	3299	int szAdjust = nameSz - baseSz;
wolfSSL	2:28278596c2a2	3300	name += szAdjust;
wolfSSL	2:28278596c2a2	3301	nameSz -= szAdjust;
wolfSSL	2:28278596c2a2	3302	}
wolfSSL	2:28278596c2a2	3303
wolfSSL	2:28278596c2a2	3304	while (nameSz > 0) {
wolfSSL	2:28278596c2a2	3305	if (XTOLOWER((unsigned char)*name++) !=
wolfSSL	2:28278596c2a2	3306	XTOLOWER((unsigned char)*base++))
wolfSSL	2:28278596c2a2	3307	return 0;
wolfSSL	2:28278596c2a2	3308	nameSz--;
wolfSSL	2:28278596c2a2	3309	}
wolfSSL	2:28278596c2a2	3310
wolfSSL	2:28278596c2a2	3311	return 1;
wolfSSL	2:28278596c2a2	3312	}
wolfSSL	2:28278596c2a2	3313
wolfSSL	2:28278596c2a2	3314
wolfSSL	2:28278596c2a2	3315	static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3316	{
wolfSSL	2:28278596c2a2	3317	if (signer == NULL \|\| cert == NULL)
wolfSSL	2:28278596c2a2	3318	return 0;
wolfSSL	2:28278596c2a2	3319
wolfSSL	2:28278596c2a2	3320	/* Check against the excluded list */
wolfSSL	2:28278596c2a2	3321	if (signer->excludedNames) {
wolfSSL	2:28278596c2a2	3322	Base_entry* base = signer->excludedNames;
wolfSSL	2:28278596c2a2	3323
wolfSSL	2:28278596c2a2	3324	while (base != NULL) {
wolfSSL	2:28278596c2a2	3325	if (base->type == ASN_DNS_TYPE) {
wolfSSL	2:28278596c2a2	3326	DNS_entry* name = cert->altNames;
wolfSSL	2:28278596c2a2	3327	while (name != NULL) {
wolfSSL	2:28278596c2a2	3328	if (MatchBaseName(ASN_DNS_TYPE,
wolfSSL	2:28278596c2a2	3329	name->name, (int)XSTRLEN(name->name),
wolfSSL	2:28278596c2a2	3330	base->name, base->nameSz))
wolfSSL	2:28278596c2a2	3331	return 0;
wolfSSL	2:28278596c2a2	3332	name = name->next;
wolfSSL	2:28278596c2a2	3333	}
wolfSSL	2:28278596c2a2	3334	}
wolfSSL	2:28278596c2a2	3335	else if (base->type == ASN_RFC822_TYPE) {
wolfSSL	2:28278596c2a2	3336	DNS_entry* name = cert->altEmailNames;
wolfSSL	2:28278596c2a2	3337	while (name != NULL) {
wolfSSL	2:28278596c2a2	3338	if (MatchBaseName(ASN_RFC822_TYPE,
wolfSSL	2:28278596c2a2	3339	name->name, (int)XSTRLEN(name->name),
wolfSSL	2:28278596c2a2	3340	base->name, base->nameSz))
wolfSSL	2:28278596c2a2	3341	return 0;
wolfSSL	2:28278596c2a2	3342
wolfSSL	2:28278596c2a2	3343	name = name->next;
wolfSSL	2:28278596c2a2	3344	}
wolfSSL	2:28278596c2a2	3345	}
wolfSSL	2:28278596c2a2	3346	else if (base->type == ASN_DIR_TYPE) {
wolfSSL	2:28278596c2a2	3347	if (cert->subjectRawLen == base->nameSz &&
wolfSSL	2:28278596c2a2	3348	XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) {
wolfSSL	2:28278596c2a2	3349
wolfSSL	2:28278596c2a2	3350	return 0;
wolfSSL	2:28278596c2a2	3351	}
wolfSSL	2:28278596c2a2	3352	}
wolfSSL	2:28278596c2a2	3353	base = base->next;
wolfSSL	2:28278596c2a2	3354	}
wolfSSL	2:28278596c2a2	3355	}
wolfSSL	2:28278596c2a2	3356
wolfSSL	2:28278596c2a2	3357	/* Check against the permitted list */
wolfSSL	2:28278596c2a2	3358	if (signer->permittedNames != NULL) {
wolfSSL	2:28278596c2a2	3359	int needDns = 0;
wolfSSL	2:28278596c2a2	3360	int matchDns = 0;
wolfSSL	2:28278596c2a2	3361	int needEmail = 0;
wolfSSL	2:28278596c2a2	3362	int matchEmail = 0;
wolfSSL	2:28278596c2a2	3363	int needDir = 0;
wolfSSL	2:28278596c2a2	3364	int matchDir = 0;
wolfSSL	2:28278596c2a2	3365	Base_entry* base = signer->permittedNames;
wolfSSL	2:28278596c2a2	3366
wolfSSL	2:28278596c2a2	3367	while (base != NULL) {
wolfSSL	2:28278596c2a2	3368	if (base->type == ASN_DNS_TYPE) {
wolfSSL	2:28278596c2a2	3369	DNS_entry* name = cert->altNames;
wolfSSL	2:28278596c2a2	3370
wolfSSL	2:28278596c2a2	3371	if (name != NULL)
wolfSSL	2:28278596c2a2	3372	needDns = 1;
wolfSSL	2:28278596c2a2	3373
wolfSSL	2:28278596c2a2	3374	while (name != NULL) {
wolfSSL	2:28278596c2a2	3375	matchDns = MatchBaseName(ASN_DNS_TYPE,
wolfSSL	2:28278596c2a2	3376	name->name, (int)XSTRLEN(name->name),
wolfSSL	2:28278596c2a2	3377	base->name, base->nameSz);
wolfSSL	2:28278596c2a2	3378	name = name->next;
wolfSSL	2:28278596c2a2	3379	}
wolfSSL	2:28278596c2a2	3380	}
wolfSSL	2:28278596c2a2	3381	else if (base->type == ASN_RFC822_TYPE) {
wolfSSL	2:28278596c2a2	3382	DNS_entry* name = cert->altEmailNames;
wolfSSL	2:28278596c2a2	3383
wolfSSL	2:28278596c2a2	3384	if (name != NULL)
wolfSSL	2:28278596c2a2	3385	needEmail = 1;
wolfSSL	2:28278596c2a2	3386
wolfSSL	2:28278596c2a2	3387	while (name != NULL) {
wolfSSL	2:28278596c2a2	3388	matchEmail = MatchBaseName(ASN_DNS_TYPE,
wolfSSL	2:28278596c2a2	3389	name->name, (int)XSTRLEN(name->name),
wolfSSL	2:28278596c2a2	3390	base->name, base->nameSz);
wolfSSL	2:28278596c2a2	3391	name = name->next;
wolfSSL	2:28278596c2a2	3392	}
wolfSSL	2:28278596c2a2	3393	}
wolfSSL	2:28278596c2a2	3394	else if (base->type == ASN_DIR_TYPE) {
wolfSSL	2:28278596c2a2	3395	needDir = 1;
wolfSSL	2:28278596c2a2	3396	if (cert->subjectRaw != NULL &&
wolfSSL	2:28278596c2a2	3397	cert->subjectRawLen == base->nameSz &&
wolfSSL	2:28278596c2a2	3398	XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) {
wolfSSL	2:28278596c2a2	3399
wolfSSL	2:28278596c2a2	3400	matchDir = 1;
wolfSSL	2:28278596c2a2	3401	}
wolfSSL	2:28278596c2a2	3402	}
wolfSSL	2:28278596c2a2	3403	base = base->next;
wolfSSL	2:28278596c2a2	3404	}
wolfSSL	2:28278596c2a2	3405
wolfSSL	2:28278596c2a2	3406	if ((needDns && !matchDns) \|\| (needEmail && !matchEmail) \|\|
wolfSSL	2:28278596c2a2	3407	(needDir && !matchDir)) {
wolfSSL	2:28278596c2a2	3408
wolfSSL	2:28278596c2a2	3409	return 0;
wolfSSL	2:28278596c2a2	3410	}
wolfSSL	2:28278596c2a2	3411	}
wolfSSL	2:28278596c2a2	3412
wolfSSL	2:28278596c2a2	3413	return 1;
wolfSSL	2:28278596c2a2	3414	}
wolfSSL	2:28278596c2a2	3415
wolfSSL	2:28278596c2a2	3416	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	3417
wolfSSL	2:28278596c2a2	3418
wolfSSL	2:28278596c2a2	3419	static int DecodeAltNames(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3420	{
wolfSSL	2:28278596c2a2	3421	word32 idx = 0;
wolfSSL	2:28278596c2a2	3422	int length = 0;
wolfSSL	2:28278596c2a2	3423
wolfSSL	2:28278596c2a2	3424	WOLFSSL_ENTER("DecodeAltNames");
wolfSSL	2:28278596c2a2	3425
wolfSSL	2:28278596c2a2	3426	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	3427	WOLFSSL_MSG("\tBad Sequence");
wolfSSL	2:28278596c2a2	3428	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3429	}
wolfSSL	2:28278596c2a2	3430
wolfSSL	2:28278596c2a2	3431	cert->weOwnAltNames = 1;
wolfSSL	2:28278596c2a2	3432
wolfSSL	2:28278596c2a2	3433	while (length > 0) {
wolfSSL	2:28278596c2a2	3434	byte b = input[idx++];
wolfSSL	2:28278596c2a2	3435
wolfSSL	2:28278596c2a2	3436	length--;
wolfSSL	2:28278596c2a2	3437
wolfSSL	2:28278596c2a2	3438	/* Save DNS Type names in the altNames list. */
wolfSSL	2:28278596c2a2	3439	/* Save Other Type names in the cert's OidMap */
wolfSSL	2:28278596c2a2	3440	if (b == (ASN_CONTEXT_SPECIFIC \| ASN_DNS_TYPE)) {
wolfSSL	2:28278596c2a2	3441	DNS_entry* dnsEntry;
wolfSSL	2:28278596c2a2	3442	int strLen;
wolfSSL	2:28278596c2a2	3443	word32 lenStartIdx = idx;
wolfSSL	2:28278596c2a2	3444
wolfSSL	2:28278596c2a2	3445	if (GetLength(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3446	WOLFSSL_MSG("\tfail: str length");
wolfSSL	2:28278596c2a2	3447	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3448	}
wolfSSL	2:28278596c2a2	3449	length -= (idx - lenStartIdx);
wolfSSL	2:28278596c2a2	3450
wolfSSL	2:28278596c2a2	3451	dnsEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
wolfSSL	2:28278596c2a2	3452	DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3453	if (dnsEntry == NULL) {
wolfSSL	2:28278596c2a2	3454	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	3455	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3456	}
wolfSSL	2:28278596c2a2	3457
wolfSSL	2:28278596c2a2	3458	dnsEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
wolfSSL	2:28278596c2a2	3459	DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3460	if (dnsEntry->name == NULL) {
wolfSSL	2:28278596c2a2	3461	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	3462	XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3463	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3464	}
wolfSSL	2:28278596c2a2	3465
wolfSSL	2:28278596c2a2	3466	XMEMCPY(dnsEntry->name, &input[idx], strLen);
wolfSSL	2:28278596c2a2	3467	dnsEntry->name[strLen] = '\0';
wolfSSL	2:28278596c2a2	3468
wolfSSL	2:28278596c2a2	3469	dnsEntry->next = cert->altNames;
wolfSSL	2:28278596c2a2	3470	cert->altNames = dnsEntry;
wolfSSL	2:28278596c2a2	3471
wolfSSL	2:28278596c2a2	3472	length -= strLen;
wolfSSL	2:28278596c2a2	3473	idx += strLen;
wolfSSL	2:28278596c2a2	3474	}
wolfSSL	2:28278596c2a2	3475	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	3476	else if (b == (ASN_CONTEXT_SPECIFIC \| ASN_RFC822_TYPE)) {
wolfSSL	2:28278596c2a2	3477	DNS_entry* emailEntry;
wolfSSL	2:28278596c2a2	3478	int strLen;
wolfSSL	2:28278596c2a2	3479	word32 lenStartIdx = idx;
wolfSSL	2:28278596c2a2	3480
wolfSSL	2:28278596c2a2	3481	if (GetLength(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3482	WOLFSSL_MSG("\tfail: str length");
wolfSSL	2:28278596c2a2	3483	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3484	}
wolfSSL	2:28278596c2a2	3485	length -= (idx - lenStartIdx);
wolfSSL	2:28278596c2a2	3486
wolfSSL	2:28278596c2a2	3487	emailEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
wolfSSL	2:28278596c2a2	3488	DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3489	if (emailEntry == NULL) {
wolfSSL	2:28278596c2a2	3490	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	3491	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3492	}
wolfSSL	2:28278596c2a2	3493
wolfSSL	2:28278596c2a2	3494	emailEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
wolfSSL	2:28278596c2a2	3495	DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3496	if (emailEntry->name == NULL) {
wolfSSL	2:28278596c2a2	3497	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	3498	XFREE(emailEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3499	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3500	}
wolfSSL	2:28278596c2a2	3501
wolfSSL	2:28278596c2a2	3502	XMEMCPY(emailEntry->name, &input[idx], strLen);
wolfSSL	2:28278596c2a2	3503	emailEntry->name[strLen] = '\0';
wolfSSL	2:28278596c2a2	3504
wolfSSL	2:28278596c2a2	3505	emailEntry->next = cert->altEmailNames;
wolfSSL	2:28278596c2a2	3506	cert->altEmailNames = emailEntry;
wolfSSL	2:28278596c2a2	3507
wolfSSL	2:28278596c2a2	3508	length -= strLen;
wolfSSL	2:28278596c2a2	3509	idx += strLen;
wolfSSL	2:28278596c2a2	3510	}
wolfSSL	2:28278596c2a2	3511	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	3512	#ifdef WOLFSSL_SEP
wolfSSL	2:28278596c2a2	3513	else if (b == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| ASN_OTHER_TYPE))
wolfSSL	2:28278596c2a2	3514	{
wolfSSL	2:28278596c2a2	3515	int strLen;
wolfSSL	2:28278596c2a2	3516	word32 lenStartIdx = idx;
wolfSSL	2:28278596c2a2	3517	word32 oid = 0;
wolfSSL	2:28278596c2a2	3518
wolfSSL	2:28278596c2a2	3519	if (GetLength(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3520	WOLFSSL_MSG("\tfail: other name length");
wolfSSL	2:28278596c2a2	3521	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3522	}
wolfSSL	2:28278596c2a2	3523	/* Consume the rest of this sequence. */
wolfSSL	2:28278596c2a2	3524	length -= (strLen + idx - lenStartIdx);
wolfSSL	2:28278596c2a2	3525
wolfSSL	2:28278596c2a2	3526	if (GetObjectId(input, &idx, &oid, sz) < 0) {
wolfSSL	2:28278596c2a2	3527	WOLFSSL_MSG("\tbad OID");
wolfSSL	2:28278596c2a2	3528	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3529	}
wolfSSL	2:28278596c2a2	3530
wolfSSL	2:28278596c2a2	3531	if (oid != HW_NAME_OID) {
wolfSSL	2:28278596c2a2	3532	WOLFSSL_MSG("\tincorrect OID");
wolfSSL	2:28278596c2a2	3533	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3534	}
wolfSSL	2:28278596c2a2	3535
wolfSSL	2:28278596c2a2	3536	if (input[idx++] != (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED)) {
wolfSSL	2:28278596c2a2	3537	WOLFSSL_MSG("\twrong type");
wolfSSL	2:28278596c2a2	3538	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3539	}
wolfSSL	2:28278596c2a2	3540
wolfSSL	2:28278596c2a2	3541	if (GetLength(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3542	WOLFSSL_MSG("\tfail: str len");
wolfSSL	2:28278596c2a2	3543	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3544	}
wolfSSL	2:28278596c2a2	3545
wolfSSL	2:28278596c2a2	3546	if (GetSequence(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3547	WOLFSSL_MSG("\tBad Sequence");
wolfSSL	2:28278596c2a2	3548	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3549	}
wolfSSL	2:28278596c2a2	3550
wolfSSL	2:28278596c2a2	3551	if (input[idx++] != ASN_OBJECT_ID) {
wolfSSL	2:28278596c2a2	3552	WOLFSSL_MSG("\texpected OID");
wolfSSL	2:28278596c2a2	3553	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3554	}
wolfSSL	2:28278596c2a2	3555
wolfSSL	2:28278596c2a2	3556	if (GetLength(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3557	WOLFSSL_MSG("\tfailed: str len");
wolfSSL	2:28278596c2a2	3558	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3559	}
wolfSSL	2:28278596c2a2	3560
wolfSSL	2:28278596c2a2	3561	cert->hwType = (byte*)XMALLOC(strLen, cert->heap, 0);
wolfSSL	2:28278596c2a2	3562	if (cert->hwType == NULL) {
wolfSSL	2:28278596c2a2	3563	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	3564	return MEMORY_E;
wolfSSL	2:28278596c2a2	3565	}
wolfSSL	2:28278596c2a2	3566
wolfSSL	2:28278596c2a2	3567	XMEMCPY(cert->hwType, &input[idx], strLen);
wolfSSL	2:28278596c2a2	3568	cert->hwTypeSz = strLen;
wolfSSL	2:28278596c2a2	3569	idx += strLen;
wolfSSL	2:28278596c2a2	3570
wolfSSL	2:28278596c2a2	3571	if (input[idx++] != ASN_OCTET_STRING) {
wolfSSL	2:28278596c2a2	3572	WOLFSSL_MSG("\texpected Octet String");
wolfSSL	2:28278596c2a2	3573	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3574	}
wolfSSL	2:28278596c2a2	3575
wolfSSL	2:28278596c2a2	3576	if (GetLength(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3577	WOLFSSL_MSG("\tfailed: str len");
wolfSSL	2:28278596c2a2	3578	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3579	}
wolfSSL	2:28278596c2a2	3580
wolfSSL	2:28278596c2a2	3581	cert->hwSerialNum = (byte*)XMALLOC(strLen + 1, cert->heap, 0);
wolfSSL	2:28278596c2a2	3582	if (cert->hwSerialNum == NULL) {
wolfSSL	2:28278596c2a2	3583	WOLFSSL_MSG("\tOut of Memory");
wolfSSL	2:28278596c2a2	3584	return MEMORY_E;
wolfSSL	2:28278596c2a2	3585	}
wolfSSL	2:28278596c2a2	3586
wolfSSL	2:28278596c2a2	3587	XMEMCPY(cert->hwSerialNum, &input[idx], strLen);
wolfSSL	2:28278596c2a2	3588	cert->hwSerialNum[strLen] = '\0';
wolfSSL	2:28278596c2a2	3589	cert->hwSerialNumSz = strLen;
wolfSSL	2:28278596c2a2	3590	idx += strLen;
wolfSSL	2:28278596c2a2	3591	}
wolfSSL	2:28278596c2a2	3592	#endif /* WOLFSSL_SEP */
wolfSSL	2:28278596c2a2	3593	else {
wolfSSL	2:28278596c2a2	3594	int strLen;
wolfSSL	2:28278596c2a2	3595	word32 lenStartIdx = idx;
wolfSSL	2:28278596c2a2	3596
wolfSSL	2:28278596c2a2	3597	WOLFSSL_MSG("\tUnsupported name type, skipping");
wolfSSL	2:28278596c2a2	3598
wolfSSL	2:28278596c2a2	3599	if (GetLength(input, &idx, &strLen, sz) < 0) {
wolfSSL	2:28278596c2a2	3600	WOLFSSL_MSG("\tfail: unsupported name length");
wolfSSL	2:28278596c2a2	3601	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3602	}
wolfSSL	2:28278596c2a2	3603	length -= (strLen + idx - lenStartIdx);
wolfSSL	2:28278596c2a2	3604	idx += strLen;
wolfSSL	2:28278596c2a2	3605	}
wolfSSL	2:28278596c2a2	3606	}
wolfSSL	2:28278596c2a2	3607	return 0;
wolfSSL	2:28278596c2a2	3608	}
wolfSSL	2:28278596c2a2	3609
wolfSSL	2:28278596c2a2	3610
wolfSSL	2:28278596c2a2	3611	static int DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3612	{
wolfSSL	2:28278596c2a2	3613	word32 idx = 0;
wolfSSL	2:28278596c2a2	3614	int length = 0;
wolfSSL	2:28278596c2a2	3615
wolfSSL	2:28278596c2a2	3616	WOLFSSL_ENTER("DecodeBasicCaConstraint");
wolfSSL	2:28278596c2a2	3617	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	3618	WOLFSSL_MSG("\tfail: bad SEQUENCE");
wolfSSL	2:28278596c2a2	3619	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3620	}
wolfSSL	2:28278596c2a2	3621
wolfSSL	2:28278596c2a2	3622	if (length == 0)
wolfSSL	2:28278596c2a2	3623	return 0;
wolfSSL	2:28278596c2a2	3624
wolfSSL	2:28278596c2a2	3625	/* If the basic ca constraint is false, this extension may be named, but
wolfSSL	2:28278596c2a2	3626	* left empty. So, if the length is 0, just return. */
wolfSSL	2:28278596c2a2	3627
wolfSSL	2:28278596c2a2	3628	if (input[idx++] != ASN_BOOLEAN)
wolfSSL	2:28278596c2a2	3629	{
wolfSSL	2:28278596c2a2	3630	WOLFSSL_MSG("\tfail: constraint not BOOLEAN");
wolfSSL	2:28278596c2a2	3631	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3632	}
wolfSSL	2:28278596c2a2	3633
wolfSSL	2:28278596c2a2	3634	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3635	{
wolfSSL	2:28278596c2a2	3636	WOLFSSL_MSG("\tfail: length");
wolfSSL	2:28278596c2a2	3637	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3638	}
wolfSSL	2:28278596c2a2	3639
wolfSSL	2:28278596c2a2	3640	if (input[idx++])
wolfSSL	2:28278596c2a2	3641	cert->isCA = 1;
wolfSSL	2:28278596c2a2	3642
wolfSSL	2:28278596c2a2	3643	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	3644	/* If there isn't any more data, return. */
wolfSSL	2:28278596c2a2	3645	if (idx >= (word32)sz)
wolfSSL	2:28278596c2a2	3646	return 0;
wolfSSL	2:28278596c2a2	3647
wolfSSL	2:28278596c2a2	3648	/* Anything left should be the optional pathlength */
wolfSSL	2:28278596c2a2	3649	if (input[idx++] != ASN_INTEGER) {
wolfSSL	2:28278596c2a2	3650	WOLFSSL_MSG("\tfail: pathlen not INTEGER");
wolfSSL	2:28278596c2a2	3651	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3652	}
wolfSSL	2:28278596c2a2	3653
wolfSSL	2:28278596c2a2	3654	if (input[idx++] != 1) {
wolfSSL	2:28278596c2a2	3655	WOLFSSL_MSG("\tfail: pathlen too long");
wolfSSL	2:28278596c2a2	3656	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3657	}
wolfSSL	2:28278596c2a2	3658
wolfSSL	2:28278596c2a2	3659	cert->pathLength = input[idx];
wolfSSL	2:28278596c2a2	3660	cert->extBasicConstPlSet = 1;
wolfSSL	2:28278596c2a2	3661	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	3662
wolfSSL	2:28278596c2a2	3663	return 0;
wolfSSL	2:28278596c2a2	3664	}
wolfSSL	2:28278596c2a2	3665
wolfSSL	2:28278596c2a2	3666
wolfSSL	2:28278596c2a2	3667	#define CRLDP_FULL_NAME 0
wolfSSL	2:28278596c2a2	3668	/* From RFC3280 SS4.2.1.14, Distribution Point Name*/
wolfSSL	2:28278596c2a2	3669	#define GENERALNAME_URI 6
wolfSSL	2:28278596c2a2	3670	/* From RFC3280 SS4.2.1.7, GeneralName */
wolfSSL	2:28278596c2a2	3671
wolfSSL	2:28278596c2a2	3672	static int DecodeCrlDist(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3673	{
wolfSSL	2:28278596c2a2	3674	word32 idx = 0;
wolfSSL	2:28278596c2a2	3675	int length = 0;
wolfSSL	2:28278596c2a2	3676
wolfSSL	2:28278596c2a2	3677	WOLFSSL_ENTER("DecodeCrlDist");
wolfSSL	2:28278596c2a2	3678
wolfSSL	2:28278596c2a2	3679	/* Unwrap the list of Distribution Points*/
wolfSSL	2:28278596c2a2	3680	if (GetSequence(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3681	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3682
wolfSSL	2:28278596c2a2	3683	/* Unwrap a single Distribution Point */
wolfSSL	2:28278596c2a2	3684	if (GetSequence(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3685	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3686
wolfSSL	2:28278596c2a2	3687	/* The Distribution Point has three explicit optional members
wolfSSL	2:28278596c2a2	3688	* First check for a DistributionPointName
wolfSSL	2:28278596c2a2	3689	*/
wolfSSL	2:28278596c2a2	3690	if (input[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 0))
wolfSSL	2:28278596c2a2	3691	{
wolfSSL	2:28278596c2a2	3692	idx++;
wolfSSL	2:28278596c2a2	3693	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3694	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3695
wolfSSL	2:28278596c2a2	3696	if (input[idx] ==
wolfSSL	2:28278596c2a2	3697	(ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| CRLDP_FULL_NAME))
wolfSSL	2:28278596c2a2	3698	{
wolfSSL	2:28278596c2a2	3699	idx++;
wolfSSL	2:28278596c2a2	3700	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3701	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3702
wolfSSL	2:28278596c2a2	3703	if (input[idx] == (ASN_CONTEXT_SPECIFIC \| GENERALNAME_URI))
wolfSSL	2:28278596c2a2	3704	{
wolfSSL	2:28278596c2a2	3705	idx++;
wolfSSL	2:28278596c2a2	3706	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3707	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3708
wolfSSL	2:28278596c2a2	3709	cert->extCrlInfoSz = length;
wolfSSL	2:28278596c2a2	3710	cert->extCrlInfo = input + idx;
wolfSSL	2:28278596c2a2	3711	idx += length;
wolfSSL	2:28278596c2a2	3712	}
wolfSSL	2:28278596c2a2	3713	else
wolfSSL	2:28278596c2a2	3714	/* This isn't a URI, skip it. */
wolfSSL	2:28278596c2a2	3715	idx += length;
wolfSSL	2:28278596c2a2	3716	}
wolfSSL	2:28278596c2a2	3717	else
wolfSSL	2:28278596c2a2	3718	/* This isn't a FULLNAME, skip it. */
wolfSSL	2:28278596c2a2	3719	idx += length;
wolfSSL	2:28278596c2a2	3720	}
wolfSSL	2:28278596c2a2	3721
wolfSSL	2:28278596c2a2	3722	/* Check for reasonFlags */
wolfSSL	2:28278596c2a2	3723	if (idx < (word32)sz &&
wolfSSL	2:28278596c2a2	3724	input[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 1))
wolfSSL	2:28278596c2a2	3725	{
wolfSSL	2:28278596c2a2	3726	idx++;
wolfSSL	2:28278596c2a2	3727	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3728	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3729	idx += length;
wolfSSL	2:28278596c2a2	3730	}
wolfSSL	2:28278596c2a2	3731
wolfSSL	2:28278596c2a2	3732	/* Check for cRLIssuer */
wolfSSL	2:28278596c2a2	3733	if (idx < (word32)sz &&
wolfSSL	2:28278596c2a2	3734	input[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 2))
wolfSSL	2:28278596c2a2	3735	{
wolfSSL	2:28278596c2a2	3736	idx++;
wolfSSL	2:28278596c2a2	3737	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3738	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3739	idx += length;
wolfSSL	2:28278596c2a2	3740	}
wolfSSL	2:28278596c2a2	3741
wolfSSL	2:28278596c2a2	3742	if (idx < (word32)sz)
wolfSSL	2:28278596c2a2	3743	{
wolfSSL	2:28278596c2a2	3744	WOLFSSL_MSG("\tThere are more CRL Distribution Point records, "
wolfSSL	2:28278596c2a2	3745	"but we only use the first one.");
wolfSSL	2:28278596c2a2	3746	}
wolfSSL	2:28278596c2a2	3747
wolfSSL	2:28278596c2a2	3748	return 0;
wolfSSL	2:28278596c2a2	3749	}
wolfSSL	2:28278596c2a2	3750
wolfSSL	2:28278596c2a2	3751
wolfSSL	2:28278596c2a2	3752	static int DecodeAuthInfo(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3753	/*
wolfSSL	2:28278596c2a2	3754	* Read the first of the Authority Information Access records. If there are
wolfSSL	2:28278596c2a2	3755	* any issues, return without saving the record.
wolfSSL	2:28278596c2a2	3756	*/
wolfSSL	2:28278596c2a2	3757	{
wolfSSL	2:28278596c2a2	3758	word32 idx = 0;
wolfSSL	2:28278596c2a2	3759	int length = 0;
wolfSSL	2:28278596c2a2	3760	byte b;
wolfSSL	2:28278596c2a2	3761	word32 oid;
wolfSSL	2:28278596c2a2	3762
wolfSSL	2:28278596c2a2	3763	WOLFSSL_ENTER("DecodeAuthInfo");
wolfSSL	2:28278596c2a2	3764
wolfSSL	2:28278596c2a2	3765	/* Unwrap the list of AIAs */
wolfSSL	2:28278596c2a2	3766	if (GetSequence(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3767	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3768
wolfSSL	2:28278596c2a2	3769	while (idx < (word32)sz) {
wolfSSL	2:28278596c2a2	3770	/* Unwrap a single AIA */
wolfSSL	2:28278596c2a2	3771	if (GetSequence(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3772	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3773
wolfSSL	2:28278596c2a2	3774	oid = 0;
wolfSSL	2:28278596c2a2	3775	if (GetObjectId(input, &idx, &oid, sz) < 0)
wolfSSL	2:28278596c2a2	3776	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3777
wolfSSL	2:28278596c2a2	3778	/* Only supporting URIs right now. */
wolfSSL	2:28278596c2a2	3779	b = input[idx++];
wolfSSL	2:28278596c2a2	3780	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	3781	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3782
wolfSSL	2:28278596c2a2	3783	if (b == (ASN_CONTEXT_SPECIFIC \| GENERALNAME_URI) &&
wolfSSL	2:28278596c2a2	3784	oid == AIA_OCSP_OID)
wolfSSL	2:28278596c2a2	3785	{
wolfSSL	2:28278596c2a2	3786	cert->extAuthInfoSz = length;
wolfSSL	2:28278596c2a2	3787	cert->extAuthInfo = input + idx;
wolfSSL	2:28278596c2a2	3788	break;
wolfSSL	2:28278596c2a2	3789	}
wolfSSL	2:28278596c2a2	3790	idx += length;
wolfSSL	2:28278596c2a2	3791	}
wolfSSL	2:28278596c2a2	3792
wolfSSL	2:28278596c2a2	3793	return 0;
wolfSSL	2:28278596c2a2	3794	}
wolfSSL	2:28278596c2a2	3795
wolfSSL	2:28278596c2a2	3796
wolfSSL	2:28278596c2a2	3797	static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3798	{
wolfSSL	2:28278596c2a2	3799	word32 idx = 0;
wolfSSL	2:28278596c2a2	3800	int length = 0, ret = 0;
wolfSSL	2:28278596c2a2	3801
wolfSSL	2:28278596c2a2	3802	WOLFSSL_ENTER("DecodeAuthKeyId");
wolfSSL	2:28278596c2a2	3803
wolfSSL	2:28278596c2a2	3804	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	3805	WOLFSSL_MSG("\tfail: should be a SEQUENCE\n");
wolfSSL	2:28278596c2a2	3806	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3807	}
wolfSSL	2:28278596c2a2	3808
wolfSSL	2:28278596c2a2	3809	if (input[idx++] != (ASN_CONTEXT_SPECIFIC \| 0)) {
wolfSSL	2:28278596c2a2	3810	WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available\n");
wolfSSL	2:28278596c2a2	3811	return 0;
wolfSSL	2:28278596c2a2	3812	}
wolfSSL	2:28278596c2a2	3813
wolfSSL	2:28278596c2a2	3814	if (GetLength(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	3815	WOLFSSL_MSG("\tfail: extension data length");
wolfSSL	2:28278596c2a2	3816	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3817	}
wolfSSL	2:28278596c2a2	3818
wolfSSL	2:28278596c2a2	3819	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	3820	cert->extAuthKeyIdSrc = &input[idx];
wolfSSL	2:28278596c2a2	3821	cert->extAuthKeyIdSz = length;
wolfSSL	2:28278596c2a2	3822	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	3823
wolfSSL	2:28278596c2a2	3824	if (length == KEYID_SIZE) {
wolfSSL	2:28278596c2a2	3825	XMEMCPY(cert->extAuthKeyId, input + idx, length);
wolfSSL	2:28278596c2a2	3826	}
wolfSSL	2:28278596c2a2	3827	else {
wolfSSL	2:28278596c2a2	3828	#ifdef NO_SHA
wolfSSL	2:28278596c2a2	3829	ret = wc_Sha256Hash(input + idx, length, cert->extAuthKeyId);
wolfSSL	2:28278596c2a2	3830	#else
wolfSSL	2:28278596c2a2	3831	ret = wc_ShaHash(input + idx, length, cert->extAuthKeyId);
wolfSSL	2:28278596c2a2	3832	#endif
wolfSSL	2:28278596c2a2	3833	}
wolfSSL	2:28278596c2a2	3834
wolfSSL	2:28278596c2a2	3835	return ret;
wolfSSL	2:28278596c2a2	3836	}
wolfSSL	2:28278596c2a2	3837
wolfSSL	2:28278596c2a2	3838
wolfSSL	2:28278596c2a2	3839	static int DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3840	{
wolfSSL	2:28278596c2a2	3841	word32 idx = 0;
wolfSSL	2:28278596c2a2	3842	int length = 0, ret = 0;
wolfSSL	2:28278596c2a2	3843
wolfSSL	2:28278596c2a2	3844	WOLFSSL_ENTER("DecodeSubjKeyId");
wolfSSL	2:28278596c2a2	3845
wolfSSL	2:28278596c2a2	3846	if (input[idx++] != ASN_OCTET_STRING) {
wolfSSL	2:28278596c2a2	3847	WOLFSSL_MSG("\tfail: should be an OCTET STRING");
wolfSSL	2:28278596c2a2	3848	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3849	}
wolfSSL	2:28278596c2a2	3850
wolfSSL	2:28278596c2a2	3851	if (GetLength(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	3852	WOLFSSL_MSG("\tfail: extension data length");
wolfSSL	2:28278596c2a2	3853	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3854	}
wolfSSL	2:28278596c2a2	3855
wolfSSL	2:28278596c2a2	3856	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	3857	cert->extSubjKeyIdSrc = &input[idx];
wolfSSL	2:28278596c2a2	3858	cert->extSubjKeyIdSz = length;
wolfSSL	2:28278596c2a2	3859	#endif /* OPENSSL_EXTRA */
wolfSSL	2:28278596c2a2	3860
wolfSSL	2:28278596c2a2	3861	if (length == SIGNER_DIGEST_SIZE) {
wolfSSL	2:28278596c2a2	3862	XMEMCPY(cert->extSubjKeyId, input + idx, length);
wolfSSL	2:28278596c2a2	3863	}
wolfSSL	2:28278596c2a2	3864	else {
wolfSSL	2:28278596c2a2	3865	#ifdef NO_SHA
wolfSSL	2:28278596c2a2	3866	ret = wc_Sha256Hash(input + idx, length, cert->extSubjKeyId);
wolfSSL	2:28278596c2a2	3867	#else
wolfSSL	2:28278596c2a2	3868	ret = wc_ShaHash(input + idx, length, cert->extSubjKeyId);
wolfSSL	2:28278596c2a2	3869	#endif
wolfSSL	2:28278596c2a2	3870	}
wolfSSL	2:28278596c2a2	3871
wolfSSL	2:28278596c2a2	3872	return ret;
wolfSSL	2:28278596c2a2	3873	}
wolfSSL	2:28278596c2a2	3874
wolfSSL	2:28278596c2a2	3875
wolfSSL	2:28278596c2a2	3876	static int DecodeKeyUsage(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3877	{
wolfSSL	2:28278596c2a2	3878	word32 idx = 0;
wolfSSL	2:28278596c2a2	3879	int length;
wolfSSL	2:28278596c2a2	3880	byte unusedBits;
wolfSSL	2:28278596c2a2	3881	WOLFSSL_ENTER("DecodeKeyUsage");
wolfSSL	2:28278596c2a2	3882
wolfSSL	2:28278596c2a2	3883	if (input[idx++] != ASN_BIT_STRING) {
wolfSSL	2:28278596c2a2	3884	WOLFSSL_MSG("\tfail: key usage expected bit string");
wolfSSL	2:28278596c2a2	3885	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3886	}
wolfSSL	2:28278596c2a2	3887
wolfSSL	2:28278596c2a2	3888	if (GetLength(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	3889	WOLFSSL_MSG("\tfail: key usage bad length");
wolfSSL	2:28278596c2a2	3890	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3891	}
wolfSSL	2:28278596c2a2	3892
wolfSSL	2:28278596c2a2	3893	unusedBits = input[idx++];
wolfSSL	2:28278596c2a2	3894	length--;
wolfSSL	2:28278596c2a2	3895
wolfSSL	2:28278596c2a2	3896	if (length == 2) {
wolfSSL	2:28278596c2a2	3897	cert->extKeyUsage = (word16)((input[idx] << 8) \| input[idx+1]);
wolfSSL	2:28278596c2a2	3898	cert->extKeyUsage >>= unusedBits;
wolfSSL	2:28278596c2a2	3899	}
wolfSSL	2:28278596c2a2	3900	else if (length == 1)
wolfSSL	2:28278596c2a2	3901	cert->extKeyUsage = (word16)(input[idx] << 1);
wolfSSL	2:28278596c2a2	3902
wolfSSL	2:28278596c2a2	3903	return 0;
wolfSSL	2:28278596c2a2	3904	}
wolfSSL	2:28278596c2a2	3905
wolfSSL	2:28278596c2a2	3906
wolfSSL	2:28278596c2a2	3907	static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	3908	{
wolfSSL	2:28278596c2a2	3909	word32 idx = 0, oid;
wolfSSL	2:28278596c2a2	3910	int length;
wolfSSL	2:28278596c2a2	3911
wolfSSL	2:28278596c2a2	3912	WOLFSSL_ENTER("DecodeExtKeyUsage");
wolfSSL	2:28278596c2a2	3913
wolfSSL	2:28278596c2a2	3914	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	3915	WOLFSSL_MSG("\tfail: should be a SEQUENCE");
wolfSSL	2:28278596c2a2	3916	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3917	}
wolfSSL	2:28278596c2a2	3918
wolfSSL	2:28278596c2a2	3919	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	3920	cert->extExtKeyUsageSrc = input + idx;
wolfSSL	2:28278596c2a2	3921	cert->extExtKeyUsageSz = length;
wolfSSL	2:28278596c2a2	3922	#endif
wolfSSL	2:28278596c2a2	3923
wolfSSL	2:28278596c2a2	3924	while (idx < (word32)sz) {
wolfSSL	2:28278596c2a2	3925	if (GetObjectId(input, &idx, &oid, sz) < 0)
wolfSSL	2:28278596c2a2	3926	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3927
wolfSSL	2:28278596c2a2	3928	switch (oid) {
wolfSSL	2:28278596c2a2	3929	case EKU_ANY_OID:
wolfSSL	2:28278596c2a2	3930	cert->extExtKeyUsage \|= EXTKEYUSE_ANY;
wolfSSL	2:28278596c2a2	3931	break;
wolfSSL	2:28278596c2a2	3932	case EKU_SERVER_AUTH_OID:
wolfSSL	2:28278596c2a2	3933	cert->extExtKeyUsage \|= EXTKEYUSE_SERVER_AUTH;
wolfSSL	2:28278596c2a2	3934	break;
wolfSSL	2:28278596c2a2	3935	case EKU_CLIENT_AUTH_OID:
wolfSSL	2:28278596c2a2	3936	cert->extExtKeyUsage \|= EXTKEYUSE_CLIENT_AUTH;
wolfSSL	2:28278596c2a2	3937	break;
wolfSSL	2:28278596c2a2	3938	case EKU_OCSP_SIGN_OID:
wolfSSL	2:28278596c2a2	3939	cert->extExtKeyUsage \|= EXTKEYUSE_OCSP_SIGN;
wolfSSL	2:28278596c2a2	3940	break;
wolfSSL	2:28278596c2a2	3941	}
wolfSSL	2:28278596c2a2	3942
wolfSSL	2:28278596c2a2	3943	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	3944	cert->extExtKeyUsageCount++;
wolfSSL	2:28278596c2a2	3945	#endif
wolfSSL	2:28278596c2a2	3946	}
wolfSSL	2:28278596c2a2	3947
wolfSSL	2:28278596c2a2	3948	return 0;
wolfSSL	2:28278596c2a2	3949	}
wolfSSL	2:28278596c2a2	3950
wolfSSL	2:28278596c2a2	3951
wolfSSL	2:28278596c2a2	3952	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	3953	static int DecodeSubtree(byte* input, int sz, Base_entry** head, void* heap)
wolfSSL	2:28278596c2a2	3954	{
wolfSSL	2:28278596c2a2	3955	word32 idx = 0;
wolfSSL	2:28278596c2a2	3956
wolfSSL	2:28278596c2a2	3957	(void)heap;
wolfSSL	2:28278596c2a2	3958
wolfSSL	2:28278596c2a2	3959	while (idx < (word32)sz) {
wolfSSL	2:28278596c2a2	3960	int seqLength, strLength;
wolfSSL	2:28278596c2a2	3961	word32 nameIdx;
wolfSSL	2:28278596c2a2	3962	byte b;
wolfSSL	2:28278596c2a2	3963
wolfSSL	2:28278596c2a2	3964	if (GetSequence(input, &idx, &seqLength, sz) < 0) {
wolfSSL	2:28278596c2a2	3965	WOLFSSL_MSG("\tfail: should be a SEQUENCE");
wolfSSL	2:28278596c2a2	3966	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3967	}
wolfSSL	2:28278596c2a2	3968
wolfSSL	2:28278596c2a2	3969	nameIdx = idx;
wolfSSL	2:28278596c2a2	3970	b = input[nameIdx++];
wolfSSL	2:28278596c2a2	3971	if (GetLength(input, &nameIdx, &strLength, sz) <= 0) {
wolfSSL	2:28278596c2a2	3972	WOLFSSL_MSG("\tinvalid length");
wolfSSL	2:28278596c2a2	3973	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	3974	}
wolfSSL	2:28278596c2a2	3975
wolfSSL	2:28278596c2a2	3976	if (b == (ASN_CONTEXT_SPECIFIC \| ASN_DNS_TYPE) \|\|
wolfSSL	2:28278596c2a2	3977	b == (ASN_CONTEXT_SPECIFIC \| ASN_RFC822_TYPE) \|\|
wolfSSL	2:28278596c2a2	3978	b == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| ASN_DIR_TYPE)) {
wolfSSL	2:28278596c2a2	3979
wolfSSL	2:28278596c2a2	3980	Base_entry* entry = (Base_entry*)XMALLOC(sizeof(Base_entry),
wolfSSL	2:28278596c2a2	3981	heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3982
wolfSSL	2:28278596c2a2	3983	if (entry == NULL) {
wolfSSL	2:28278596c2a2	3984	WOLFSSL_MSG("allocate error");
wolfSSL	2:28278596c2a2	3985	return MEMORY_E;
wolfSSL	2:28278596c2a2	3986	}
wolfSSL	2:28278596c2a2	3987
wolfSSL	2:28278596c2a2	3988	entry->name = (char*)XMALLOC(strLength, heap, DYNAMIC_TYPE_ALTNAME);
wolfSSL	2:28278596c2a2	3989	if (entry->name == NULL) {
wolfSSL	2:28278596c2a2	3990	WOLFSSL_MSG("allocate error");
wolfSSL	2:28278596c2a2	3991	return MEMORY_E;
wolfSSL	2:28278596c2a2	3992	}
wolfSSL	2:28278596c2a2	3993
wolfSSL	2:28278596c2a2	3994	XMEMCPY(entry->name, &input[nameIdx], strLength);
wolfSSL	2:28278596c2a2	3995	entry->nameSz = strLength;
wolfSSL	2:28278596c2a2	3996	entry->type = b & 0x0F;
wolfSSL	2:28278596c2a2	3997
wolfSSL	2:28278596c2a2	3998	entry->next = *head;
wolfSSL	2:28278596c2a2	3999	*head = entry;
wolfSSL	2:28278596c2a2	4000	}
wolfSSL	2:28278596c2a2	4001
wolfSSL	2:28278596c2a2	4002	idx += seqLength;
wolfSSL	2:28278596c2a2	4003	}
wolfSSL	2:28278596c2a2	4004
wolfSSL	2:28278596c2a2	4005	return 0;
wolfSSL	2:28278596c2a2	4006	}
wolfSSL	2:28278596c2a2	4007
wolfSSL	2:28278596c2a2	4008
wolfSSL	2:28278596c2a2	4009	static int DecodeNameConstraints(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	4010	{
wolfSSL	2:28278596c2a2	4011	word32 idx = 0;
wolfSSL	2:28278596c2a2	4012	int length = 0;
wolfSSL	2:28278596c2a2	4013
wolfSSL	2:28278596c2a2	4014	WOLFSSL_ENTER("DecodeNameConstraints");
wolfSSL	2:28278596c2a2	4015
wolfSSL	2:28278596c2a2	4016	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	4017	WOLFSSL_MSG("\tfail: should be a SEQUENCE");
wolfSSL	2:28278596c2a2	4018	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4019	}
wolfSSL	2:28278596c2a2	4020
wolfSSL	2:28278596c2a2	4021	while (idx < (word32)sz) {
wolfSSL	2:28278596c2a2	4022	byte b = input[idx++];
wolfSSL	2:28278596c2a2	4023	Base_entry** subtree = NULL;
wolfSSL	2:28278596c2a2	4024
wolfSSL	2:28278596c2a2	4025	if (GetLength(input, &idx, &length, sz) <= 0) {
wolfSSL	2:28278596c2a2	4026	WOLFSSL_MSG("\tinvalid length");
wolfSSL	2:28278596c2a2	4027	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4028	}
wolfSSL	2:28278596c2a2	4029
wolfSSL	2:28278596c2a2	4030	if (b == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| 0))
wolfSSL	2:28278596c2a2	4031	subtree = &cert->permittedNames;
wolfSSL	2:28278596c2a2	4032	else if (b == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| 1))
wolfSSL	2:28278596c2a2	4033	subtree = &cert->excludedNames;
wolfSSL	2:28278596c2a2	4034	else {
wolfSSL	2:28278596c2a2	4035	WOLFSSL_MSG("\tinvalid subtree");
wolfSSL	2:28278596c2a2	4036	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4037	}
wolfSSL	2:28278596c2a2	4038
wolfSSL	2:28278596c2a2	4039	DecodeSubtree(input + idx, length, subtree, cert->heap);
wolfSSL	2:28278596c2a2	4040
wolfSSL	2:28278596c2a2	4041	idx += length;
wolfSSL	2:28278596c2a2	4042	}
wolfSSL	2:28278596c2a2	4043
wolfSSL	2:28278596c2a2	4044	return 0;
wolfSSL	2:28278596c2a2	4045	}
wolfSSL	2:28278596c2a2	4046	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	4047
wolfSSL	2:28278596c2a2	4048
wolfSSL	2:28278596c2a2	4049	#ifdef WOLFSSL_SEP
wolfSSL	2:28278596c2a2	4050	static int DecodeCertPolicy(byte* input, int sz, DecodedCert* cert)
wolfSSL	2:28278596c2a2	4051	{
wolfSSL	2:28278596c2a2	4052	word32 idx = 0;
wolfSSL	2:28278596c2a2	4053	int length = 0;
wolfSSL	2:28278596c2a2	4054
wolfSSL	2:28278596c2a2	4055	WOLFSSL_ENTER("DecodeCertPolicy");
wolfSSL	2:28278596c2a2	4056
wolfSSL	2:28278596c2a2	4057	/* Unwrap certificatePolicies */
wolfSSL	2:28278596c2a2	4058	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	4059	WOLFSSL_MSG("\tdeviceType isn't OID");
wolfSSL	2:28278596c2a2	4060	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4061	}
wolfSSL	2:28278596c2a2	4062
wolfSSL	2:28278596c2a2	4063	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	4064	WOLFSSL_MSG("\tdeviceType isn't OID");
wolfSSL	2:28278596c2a2	4065	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4066	}
wolfSSL	2:28278596c2a2	4067
wolfSSL	2:28278596c2a2	4068	if (input[idx++] != ASN_OBJECT_ID) {
wolfSSL	2:28278596c2a2	4069	WOLFSSL_MSG("\tdeviceType isn't OID");
wolfSSL	2:28278596c2a2	4070	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4071	}
wolfSSL	2:28278596c2a2	4072
wolfSSL	2:28278596c2a2	4073	if (GetLength(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	4074	WOLFSSL_MSG("\tCouldn't read length of deviceType");
wolfSSL	2:28278596c2a2	4075	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4076	}
wolfSSL	2:28278596c2a2	4077
wolfSSL	2:28278596c2a2	4078	if (length > 0) {
wolfSSL	2:28278596c2a2	4079	cert->deviceType = (byte*)XMALLOC(length, cert->heap, 0);
wolfSSL	2:28278596c2a2	4080	if (cert->deviceType == NULL) {
wolfSSL	2:28278596c2a2	4081	WOLFSSL_MSG("\tCouldn't alloc memory for deviceType");
wolfSSL	2:28278596c2a2	4082	return MEMORY_E;
wolfSSL	2:28278596c2a2	4083	}
wolfSSL	2:28278596c2a2	4084	cert->deviceTypeSz = length;
wolfSSL	2:28278596c2a2	4085	XMEMCPY(cert->deviceType, input + idx, length);
wolfSSL	2:28278596c2a2	4086	}
wolfSSL	2:28278596c2a2	4087
wolfSSL	2:28278596c2a2	4088	WOLFSSL_LEAVE("DecodeCertPolicy", 0);
wolfSSL	2:28278596c2a2	4089	return 0;
wolfSSL	2:28278596c2a2	4090	}
wolfSSL	2:28278596c2a2	4091	#endif /* WOLFSSL_SEP */
wolfSSL	2:28278596c2a2	4092
wolfSSL	2:28278596c2a2	4093
wolfSSL	2:28278596c2a2	4094	static int DecodeCertExtensions(DecodedCert* cert)
wolfSSL	2:28278596c2a2	4095	/*
wolfSSL	2:28278596c2a2	4096	* Processing the Certificate Extensions. This does not modify the current
wolfSSL	2:28278596c2a2	4097	* index. It is works starting with the recorded extensions pointer.
wolfSSL	2:28278596c2a2	4098	*/
wolfSSL	2:28278596c2a2	4099	{
wolfSSL	2:28278596c2a2	4100	word32 idx = 0;
wolfSSL	2:28278596c2a2	4101	int sz = cert->extensionsSz;
wolfSSL	2:28278596c2a2	4102	byte* input = cert->extensions;
wolfSSL	2:28278596c2a2	4103	int length;
wolfSSL	2:28278596c2a2	4104	word32 oid;
wolfSSL	2:28278596c2a2	4105	byte critical = 0;
wolfSSL	2:28278596c2a2	4106	byte criticalFail = 0;
wolfSSL	2:28278596c2a2	4107
wolfSSL	2:28278596c2a2	4108	WOLFSSL_ENTER("DecodeCertExtensions");
wolfSSL	2:28278596c2a2	4109
wolfSSL	2:28278596c2a2	4110	if (input == NULL \|\| sz == 0)
wolfSSL	2:28278596c2a2	4111	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4112
wolfSSL	2:28278596c2a2	4113	if (input[idx++] != ASN_EXTENSIONS)
wolfSSL	2:28278596c2a2	4114	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4115
wolfSSL	2:28278596c2a2	4116	if (GetLength(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	4117	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4118
wolfSSL	2:28278596c2a2	4119	if (GetSequence(input, &idx, &length, sz) < 0)
wolfSSL	2:28278596c2a2	4120	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4121
wolfSSL	2:28278596c2a2	4122	while (idx < (word32)sz) {
wolfSSL	2:28278596c2a2	4123	if (GetSequence(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	4124	WOLFSSL_MSG("\tfail: should be a SEQUENCE");
wolfSSL	2:28278596c2a2	4125	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4126	}
wolfSSL	2:28278596c2a2	4127
wolfSSL	2:28278596c2a2	4128	oid = 0;
wolfSSL	2:28278596c2a2	4129	if (GetObjectId(input, &idx, &oid, sz) < 0) {
wolfSSL	2:28278596c2a2	4130	WOLFSSL_MSG("\tfail: OBJECT ID");
wolfSSL	2:28278596c2a2	4131	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4132	}
wolfSSL	2:28278596c2a2	4133
wolfSSL	2:28278596c2a2	4134	/* check for critical flag */
wolfSSL	2:28278596c2a2	4135	critical = 0;
wolfSSL	2:28278596c2a2	4136	if (input[idx] == ASN_BOOLEAN) {
wolfSSL	2:28278596c2a2	4137	int boolLength = 0;
wolfSSL	2:28278596c2a2	4138	idx++;
wolfSSL	2:28278596c2a2	4139	if (GetLength(input, &idx, &boolLength, sz) < 0) {
wolfSSL	2:28278596c2a2	4140	WOLFSSL_MSG("\tfail: critical boolean length");
wolfSSL	2:28278596c2a2	4141	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4142	}
wolfSSL	2:28278596c2a2	4143	if (input[idx++])
wolfSSL	2:28278596c2a2	4144	critical = 1;
wolfSSL	2:28278596c2a2	4145	}
wolfSSL	2:28278596c2a2	4146
wolfSSL	2:28278596c2a2	4147	/* process the extension based on the OID */
wolfSSL	2:28278596c2a2	4148	if (input[idx++] != ASN_OCTET_STRING) {
wolfSSL	2:28278596c2a2	4149	WOLFSSL_MSG("\tfail: should be an OCTET STRING");
wolfSSL	2:28278596c2a2	4150	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4151	}
wolfSSL	2:28278596c2a2	4152
wolfSSL	2:28278596c2a2	4153	if (GetLength(input, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	4154	WOLFSSL_MSG("\tfail: extension data length");
wolfSSL	2:28278596c2a2	4155	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4156	}
wolfSSL	2:28278596c2a2	4157
wolfSSL	2:28278596c2a2	4158	switch (oid) {
wolfSSL	2:28278596c2a2	4159	case BASIC_CA_OID:
wolfSSL	2:28278596c2a2	4160	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4161	cert->extBasicConstSet = 1;
wolfSSL	2:28278596c2a2	4162	cert->extBasicConstCrit = critical;
wolfSSL	2:28278596c2a2	4163	#endif
wolfSSL	2:28278596c2a2	4164	if (DecodeBasicCaConstraint(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4165	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4166	break;
wolfSSL	2:28278596c2a2	4167
wolfSSL	2:28278596c2a2	4168	case CRL_DIST_OID:
wolfSSL	2:28278596c2a2	4169	if (DecodeCrlDist(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4170	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4171	break;
wolfSSL	2:28278596c2a2	4172
wolfSSL	2:28278596c2a2	4173	case AUTH_INFO_OID:
wolfSSL	2:28278596c2a2	4174	if (DecodeAuthInfo(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4175	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4176	break;
wolfSSL	2:28278596c2a2	4177
wolfSSL	2:28278596c2a2	4178	case ALT_NAMES_OID:
wolfSSL	2:28278596c2a2	4179	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4180	cert->extSubjAltNameSet = 1;
wolfSSL	2:28278596c2a2	4181	cert->extSubjAltNameCrit = critical;
wolfSSL	2:28278596c2a2	4182	#endif
wolfSSL	2:28278596c2a2	4183	if (DecodeAltNames(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4184	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4185	break;
wolfSSL	2:28278596c2a2	4186
wolfSSL	2:28278596c2a2	4187	case AUTH_KEY_OID:
wolfSSL	2:28278596c2a2	4188	cert->extAuthKeyIdSet = 1;
wolfSSL	2:28278596c2a2	4189	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4190	cert->extAuthKeyIdCrit = critical;
wolfSSL	2:28278596c2a2	4191	#endif
wolfSSL	2:28278596c2a2	4192	if (DecodeAuthKeyId(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4193	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4194	break;
wolfSSL	2:28278596c2a2	4195
wolfSSL	2:28278596c2a2	4196	case SUBJ_KEY_OID:
wolfSSL	2:28278596c2a2	4197	cert->extSubjKeyIdSet = 1;
wolfSSL	2:28278596c2a2	4198	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4199	cert->extSubjKeyIdCrit = critical;
wolfSSL	2:28278596c2a2	4200	#endif
wolfSSL	2:28278596c2a2	4201	if (DecodeSubjKeyId(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4202	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4203	break;
wolfSSL	2:28278596c2a2	4204
wolfSSL	2:28278596c2a2	4205	case CERT_POLICY_OID:
wolfSSL	2:28278596c2a2	4206	WOLFSSL_MSG("Certificate Policy extension not supported yet.");
wolfSSL	2:28278596c2a2	4207	#ifdef WOLFSSL_SEP
wolfSSL	2:28278596c2a2	4208	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4209	cert->extCertPolicySet = 1;
wolfSSL	2:28278596c2a2	4210	cert->extCertPolicyCrit = critical;
wolfSSL	2:28278596c2a2	4211	#endif
wolfSSL	2:28278596c2a2	4212	if (DecodeCertPolicy(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4213	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4214	#endif
wolfSSL	2:28278596c2a2	4215	break;
wolfSSL	2:28278596c2a2	4216
wolfSSL	2:28278596c2a2	4217	case KEY_USAGE_OID:
wolfSSL	2:28278596c2a2	4218	cert->extKeyUsageSet = 1;
wolfSSL	2:28278596c2a2	4219	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4220	cert->extKeyUsageCrit = critical;
wolfSSL	2:28278596c2a2	4221	#endif
wolfSSL	2:28278596c2a2	4222	if (DecodeKeyUsage(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4223	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4224	break;
wolfSSL	2:28278596c2a2	4225
wolfSSL	2:28278596c2a2	4226	case EXT_KEY_USAGE_OID:
wolfSSL	2:28278596c2a2	4227	cert->extExtKeyUsageSet = 1;
wolfSSL	2:28278596c2a2	4228	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4229	cert->extExtKeyUsageCrit = critical;
wolfSSL	2:28278596c2a2	4230	#endif
wolfSSL	2:28278596c2a2	4231	if (DecodeExtKeyUsage(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4232	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4233	break;
wolfSSL	2:28278596c2a2	4234
wolfSSL	2:28278596c2a2	4235	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	4236	case NAME_CONS_OID:
wolfSSL	2:28278596c2a2	4237	cert->extNameConstraintSet = 1;
wolfSSL	2:28278596c2a2	4238	#ifdef OPENSSL_EXTRA
wolfSSL	2:28278596c2a2	4239	cert->extNameConstraintCrit = critical;
wolfSSL	2:28278596c2a2	4240	#endif
wolfSSL	2:28278596c2a2	4241	if (DecodeNameConstraints(&input[idx], length, cert) < 0)
wolfSSL	2:28278596c2a2	4242	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	4243	break;
wolfSSL	2:28278596c2a2	4244	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	4245
wolfSSL	2:28278596c2a2	4246	case INHIBIT_ANY_OID:
wolfSSL	2:28278596c2a2	4247	WOLFSSL_MSG("Inhibit anyPolicy extension not supported yet.");
wolfSSL	2:28278596c2a2	4248	break;
wolfSSL	2:28278596c2a2	4249
wolfSSL	2:28278596c2a2	4250	default:
wolfSSL	2:28278596c2a2	4251	/* While it is a failure to not support critical extensions,
wolfSSL	2:28278596c2a2	4252	* still parse the certificate ignoring the unsupported
wolfSSL	2:28278596c2a2	4253	* extention to allow caller to accept it with the verify
wolfSSL	2:28278596c2a2	4254	* callback. */
wolfSSL	2:28278596c2a2	4255	if (critical)
wolfSSL	2:28278596c2a2	4256	criticalFail = 1;
wolfSSL	2:28278596c2a2	4257	break;
wolfSSL	2:28278596c2a2	4258	}
wolfSSL	2:28278596c2a2	4259	idx += length;
wolfSSL	2:28278596c2a2	4260	}
wolfSSL	2:28278596c2a2	4261
wolfSSL	2:28278596c2a2	4262	return criticalFail ? ASN_CRIT_EXT_E : 0;
wolfSSL	2:28278596c2a2	4263	}
wolfSSL	2:28278596c2a2	4264
wolfSSL	2:28278596c2a2	4265
wolfSSL	2:28278596c2a2	4266	int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
wolfSSL	2:28278596c2a2	4267	{
wolfSSL	2:28278596c2a2	4268	int ret;
wolfSSL	2:28278596c2a2	4269	char* ptr;
wolfSSL	2:28278596c2a2	4270
wolfSSL	2:28278596c2a2	4271	ret = ParseCertRelative(cert, type, verify, cm);
wolfSSL	2:28278596c2a2	4272	if (ret < 0)
wolfSSL	2:28278596c2a2	4273	return ret;
wolfSSL	2:28278596c2a2	4274
wolfSSL	2:28278596c2a2	4275	if (cert->subjectCNLen > 0) {
wolfSSL	2:28278596c2a2	4276	ptr = (char*) XMALLOC(cert->subjectCNLen + 1, cert->heap,
wolfSSL	2:28278596c2a2	4277	DYNAMIC_TYPE_SUBJECT_CN);
wolfSSL	2:28278596c2a2	4278	if (ptr == NULL)
wolfSSL	2:28278596c2a2	4279	return MEMORY_E;
wolfSSL	2:28278596c2a2	4280	XMEMCPY(ptr, cert->subjectCN, cert->subjectCNLen);
wolfSSL	2:28278596c2a2	4281	ptr[cert->subjectCNLen] = '\0';
wolfSSL	2:28278596c2a2	4282	cert->subjectCN = ptr;
wolfSSL	2:28278596c2a2	4283	cert->subjectCNStored = 1;
wolfSSL	2:28278596c2a2	4284	}
wolfSSL	2:28278596c2a2	4285
wolfSSL	2:28278596c2a2	4286	if (cert->keyOID == RSAk &&
wolfSSL	2:28278596c2a2	4287	cert->publicKey != NULL && cert->pubKeySize > 0) {
wolfSSL	2:28278596c2a2	4288	ptr = (char*) XMALLOC(cert->pubKeySize, cert->heap,
wolfSSL	2:28278596c2a2	4289	DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	2:28278596c2a2	4290	if (ptr == NULL)
wolfSSL	2:28278596c2a2	4291	return MEMORY_E;
wolfSSL	2:28278596c2a2	4292	XMEMCPY(ptr, cert->publicKey, cert->pubKeySize);
wolfSSL	2:28278596c2a2	4293	cert->publicKey = (byte *)ptr;
wolfSSL	2:28278596c2a2	4294	cert->pubKeyStored = 1;
wolfSSL	2:28278596c2a2	4295	}
wolfSSL	2:28278596c2a2	4296
wolfSSL	2:28278596c2a2	4297	return ret;
wolfSSL	2:28278596c2a2	4298	}
wolfSSL	2:28278596c2a2	4299
wolfSSL	2:28278596c2a2	4300
wolfSSL	2:28278596c2a2	4301	/* from SSL proper, for locking can't do find here anymore */
wolfSSL	2:28278596c2a2	4302	#ifdef __cplusplus
wolfSSL	2:28278596c2a2	4303	extern "C" {
wolfSSL	2:28278596c2a2	4304	#endif
wolfSSL	2:28278596c2a2	4305	WOLFSSL_LOCAL Signer* GetCA(void* signers, byte* hash);
wolfSSL	2:28278596c2a2	4306	#ifndef NO_SKID
wolfSSL	2:28278596c2a2	4307	WOLFSSL_LOCAL Signer* GetCAByName(void* signers, byte* hash);
wolfSSL	2:28278596c2a2	4308	#endif
wolfSSL	2:28278596c2a2	4309	#ifdef __cplusplus
wolfSSL	2:28278596c2a2	4310	}
wolfSSL	2:28278596c2a2	4311	#endif
wolfSSL	2:28278596c2a2	4312
wolfSSL	2:28278596c2a2	4313
wolfSSL	2:28278596c2a2	4314	int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
wolfSSL	2:28278596c2a2	4315	{
wolfSSL	2:28278596c2a2	4316	word32 confirmOID;
wolfSSL	2:28278596c2a2	4317	int ret;
wolfSSL	2:28278596c2a2	4318	int badDate = 0;
wolfSSL	2:28278596c2a2	4319	int criticalExt = 0;
wolfSSL	2:28278596c2a2	4320
wolfSSL	2:28278596c2a2	4321	if ((ret = DecodeToKey(cert, verify)) < 0) {
wolfSSL	2:28278596c2a2	4322	if (ret == ASN_BEFORE_DATE_E \|\| ret == ASN_AFTER_DATE_E)
wolfSSL	2:28278596c2a2	4323	badDate = ret;
wolfSSL	2:28278596c2a2	4324	else
wolfSSL	2:28278596c2a2	4325	return ret;
wolfSSL	2:28278596c2a2	4326	}
wolfSSL	2:28278596c2a2	4327
wolfSSL	2:28278596c2a2	4328	WOLFSSL_MSG("Parsed Past Key");
wolfSSL	2:28278596c2a2	4329
wolfSSL	2:28278596c2a2	4330	if (cert->srcIdx < cert->sigIndex) {
wolfSSL	2:28278596c2a2	4331	#ifndef ALLOW_V1_EXTENSIONS
wolfSSL	2:28278596c2a2	4332	if (cert->version < 2) {
wolfSSL	2:28278596c2a2	4333	WOLFSSL_MSG(" v1 and v2 certs not allowed extensions");
wolfSSL	2:28278596c2a2	4334	return ASN_VERSION_E;
wolfSSL	2:28278596c2a2	4335	}
wolfSSL	2:28278596c2a2	4336	#endif
wolfSSL	2:28278596c2a2	4337	/* save extensions */
wolfSSL	2:28278596c2a2	4338	cert->extensions = &cert->source[cert->srcIdx];
wolfSSL	2:28278596c2a2	4339	cert->extensionsSz = cert->sigIndex - cert->srcIdx;
wolfSSL	2:28278596c2a2	4340	cert->extensionsIdx = cert->srcIdx; /* for potential later use */
wolfSSL	2:28278596c2a2	4341
wolfSSL	2:28278596c2a2	4342	if ((ret = DecodeCertExtensions(cert)) < 0) {
wolfSSL	2:28278596c2a2	4343	if (ret == ASN_CRIT_EXT_E)
wolfSSL	2:28278596c2a2	4344	criticalExt = ret;
wolfSSL	2:28278596c2a2	4345	else
wolfSSL	2:28278596c2a2	4346	return ret;
wolfSSL	2:28278596c2a2	4347	}
wolfSSL	2:28278596c2a2	4348
wolfSSL	2:28278596c2a2	4349	/* advance past extensions */
wolfSSL	2:28278596c2a2	4350	cert->srcIdx = cert->sigIndex;
wolfSSL	2:28278596c2a2	4351	}
wolfSSL	2:28278596c2a2	4352
wolfSSL	2:28278596c2a2	4353	if ((ret = GetAlgoId(cert->source, &cert->srcIdx, &confirmOID,
wolfSSL	2:28278596c2a2	4354	cert->maxIdx)) < 0)
wolfSSL	2:28278596c2a2	4355	return ret;
wolfSSL	2:28278596c2a2	4356
wolfSSL	2:28278596c2a2	4357	if ((ret = GetSignature(cert)) < 0)
wolfSSL	2:28278596c2a2	4358	return ret;
wolfSSL	2:28278596c2a2	4359
wolfSSL	2:28278596c2a2	4360	if (confirmOID != cert->signatureOID)
wolfSSL	2:28278596c2a2	4361	return ASN_SIG_OID_E;
wolfSSL	2:28278596c2a2	4362
wolfSSL	2:28278596c2a2	4363	#ifndef NO_SKID
wolfSSL	2:28278596c2a2	4364	if (cert->extSubjKeyIdSet == 0
wolfSSL	2:28278596c2a2	4365	&& cert->publicKey != NULL && cert->pubKeySize > 0) {
wolfSSL	2:28278596c2a2	4366	#ifdef NO_SHA
wolfSSL	2:28278596c2a2	4367	ret = wc_Sha256Hash(cert->publicKey, cert->pubKeySize,
wolfSSL	2:28278596c2a2	4368	cert->extSubjKeyId);
wolfSSL	2:28278596c2a2	4369	#else
wolfSSL	2:28278596c2a2	4370	ret = wc_ShaHash(cert->publicKey, cert->pubKeySize,
wolfSSL	2:28278596c2a2	4371	cert->extSubjKeyId);
wolfSSL	2:28278596c2a2	4372	#endif
wolfSSL	2:28278596c2a2	4373	if (ret != 0)
wolfSSL	2:28278596c2a2	4374	return ret;
wolfSSL	2:28278596c2a2	4375	}
wolfSSL	2:28278596c2a2	4376	#endif
wolfSSL	2:28278596c2a2	4377
wolfSSL	2:28278596c2a2	4378	if (verify && type != CA_TYPE) {
wolfSSL	2:28278596c2a2	4379	Signer* ca = NULL;
wolfSSL	2:28278596c2a2	4380	#ifndef NO_SKID
wolfSSL	2:28278596c2a2	4381	if (cert->extAuthKeyIdSet)
wolfSSL	2:28278596c2a2	4382	ca = GetCA(cm, cert->extAuthKeyId);
wolfSSL	2:28278596c2a2	4383	if (ca == NULL)
wolfSSL	2:28278596c2a2	4384	ca = GetCAByName(cm, cert->issuerHash);
wolfSSL	2:28278596c2a2	4385	#else /* NO_SKID */
wolfSSL	2:28278596c2a2	4386	ca = GetCA(cm, cert->issuerHash);
wolfSSL	2:28278596c2a2	4387	#endif /* NO SKID */
wolfSSL	2:28278596c2a2	4388	WOLFSSL_MSG("About to verify certificate signature");
wolfSSL	2:28278596c2a2	4389
wolfSSL	2:28278596c2a2	4390	if (ca) {
wolfSSL	2:28278596c2a2	4391	#ifdef HAVE_OCSP
wolfSSL	2:28278596c2a2	4392	/* Need the ca's public key hash for OCSP */
wolfSSL	2:28278596c2a2	4393	#ifdef NO_SHA
wolfSSL	2:28278596c2a2	4394	ret = wc_Sha256Hash(ca->publicKey, ca->pubKeySize,
wolfSSL	2:28278596c2a2	4395	cert->issuerKeyHash);
wolfSSL	2:28278596c2a2	4396	#else /* NO_SHA */
wolfSSL	2:28278596c2a2	4397	ret = wc_ShaHash(ca->publicKey, ca->pubKeySize,
wolfSSL	2:28278596c2a2	4398	cert->issuerKeyHash);
wolfSSL	2:28278596c2a2	4399	#endif /* NO_SHA */
wolfSSL	2:28278596c2a2	4400	if (ret != 0)
wolfSSL	2:28278596c2a2	4401	return ret;
wolfSSL	2:28278596c2a2	4402	#endif /* HAVE_OCSP */
wolfSSL	2:28278596c2a2	4403	/* try to confirm/verify signature */
wolfSSL	2:28278596c2a2	4404	if (!ConfirmSignature(cert->source + cert->certBegin,
wolfSSL	2:28278596c2a2	4405	cert->sigIndex - cert->certBegin,
wolfSSL	2:28278596c2a2	4406	ca->publicKey, ca->pubKeySize, ca->keyOID,
wolfSSL	2:28278596c2a2	4407	cert->signature, cert->sigLength, cert->signatureOID,
wolfSSL	2:28278596c2a2	4408	cert->heap)) {
wolfSSL	2:28278596c2a2	4409	WOLFSSL_MSG("Confirm signature failed");
wolfSSL	2:28278596c2a2	4410	return ASN_SIG_CONFIRM_E;
wolfSSL	2:28278596c2a2	4411	}
wolfSSL	2:28278596c2a2	4412	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	4413	/* check that this cert's name is permitted by the signer's
wolfSSL	2:28278596c2a2	4414	* name constraints */
wolfSSL	2:28278596c2a2	4415	if (!ConfirmNameConstraints(ca, cert)) {
wolfSSL	2:28278596c2a2	4416	WOLFSSL_MSG("Confirm name constraint failed");
wolfSSL	2:28278596c2a2	4417	return ASN_NAME_INVALID_E;
wolfSSL	2:28278596c2a2	4418	}
wolfSSL	2:28278596c2a2	4419	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	4420	}
wolfSSL	2:28278596c2a2	4421	else {
wolfSSL	2:28278596c2a2	4422	/* no signer */
wolfSSL	2:28278596c2a2	4423	WOLFSSL_MSG("No CA signer to verify with");
wolfSSL	2:28278596c2a2	4424	return ASN_NO_SIGNER_E;
wolfSSL	2:28278596c2a2	4425	}
wolfSSL	2:28278596c2a2	4426	}
wolfSSL	2:28278596c2a2	4427	if (badDate != 0)
wolfSSL	2:28278596c2a2	4428	return badDate;
wolfSSL	2:28278596c2a2	4429
wolfSSL	2:28278596c2a2	4430	if (criticalExt != 0)
wolfSSL	2:28278596c2a2	4431	return criticalExt;
wolfSSL	2:28278596c2a2	4432
wolfSSL	2:28278596c2a2	4433	return 0;
wolfSSL	2:28278596c2a2	4434	}
wolfSSL	2:28278596c2a2	4435
wolfSSL	2:28278596c2a2	4436
wolfSSL	2:28278596c2a2	4437	/* Create and init an new signer */
wolfSSL	2:28278596c2a2	4438	Signer* MakeSigner(void* heap)
wolfSSL	2:28278596c2a2	4439	{
wolfSSL	2:28278596c2a2	4440	Signer* signer = (Signer*) XMALLOC(sizeof(Signer), heap,
wolfSSL	2:28278596c2a2	4441	DYNAMIC_TYPE_SIGNER);
wolfSSL	2:28278596c2a2	4442	if (signer) {
wolfSSL	2:28278596c2a2	4443	signer->pubKeySize = 0;
wolfSSL	2:28278596c2a2	4444	signer->keyOID = 0;
wolfSSL	2:28278596c2a2	4445	signer->publicKey = NULL;
wolfSSL	2:28278596c2a2	4446	signer->nameLen = 0;
wolfSSL	2:28278596c2a2	4447	signer->name = NULL;
wolfSSL	2:28278596c2a2	4448	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	4449	signer->permittedNames = NULL;
wolfSSL	2:28278596c2a2	4450	signer->excludedNames = NULL;
wolfSSL	2:28278596c2a2	4451	#endif /* IGNORE_NAME_CONSTRAINTS */
wolfSSL	2:28278596c2a2	4452	signer->next = NULL;
wolfSSL	2:28278596c2a2	4453	}
wolfSSL	2:28278596c2a2	4454	(void)heap;
wolfSSL	2:28278596c2a2	4455
wolfSSL	2:28278596c2a2	4456	return signer;
wolfSSL	2:28278596c2a2	4457	}
wolfSSL	2:28278596c2a2	4458
wolfSSL	2:28278596c2a2	4459
wolfSSL	2:28278596c2a2	4460	/* Free an individual signer */
wolfSSL	2:28278596c2a2	4461	void FreeSigner(Signer* signer, void* heap)
wolfSSL	2:28278596c2a2	4462	{
wolfSSL	2:28278596c2a2	4463	XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
wolfSSL	2:28278596c2a2	4464	XFREE(signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
wolfSSL	2:28278596c2a2	4465	#ifndef IGNORE_NAME_CONSTRAINTS
wolfSSL	2:28278596c2a2	4466	if (signer->permittedNames)
wolfSSL	2:28278596c2a2	4467	FreeNameSubtrees(signer->permittedNames, heap);
wolfSSL	2:28278596c2a2	4468	if (signer->excludedNames)
wolfSSL	2:28278596c2a2	4469	FreeNameSubtrees(signer->excludedNames, heap);
wolfSSL	2:28278596c2a2	4470	#endif
wolfSSL	2:28278596c2a2	4471	XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
wolfSSL	2:28278596c2a2	4472
wolfSSL	2:28278596c2a2	4473	(void)heap;
wolfSSL	2:28278596c2a2	4474	}
wolfSSL	2:28278596c2a2	4475
wolfSSL	2:28278596c2a2	4476
wolfSSL	2:28278596c2a2	4477	/* Free the whole singer table with number of rows */
wolfSSL	2:28278596c2a2	4478	void FreeSignerTable(Signer** table, int rows, void* heap)
wolfSSL	2:28278596c2a2	4479	{
wolfSSL	2:28278596c2a2	4480	int i;
wolfSSL	2:28278596c2a2	4481
wolfSSL	2:28278596c2a2	4482	for (i = 0; i < rows; i++) {
wolfSSL	2:28278596c2a2	4483	Signer* signer = table[i];
wolfSSL	2:28278596c2a2	4484	while (signer) {
wolfSSL	2:28278596c2a2	4485	Signer* next = signer->next;
wolfSSL	2:28278596c2a2	4486	FreeSigner(signer, heap);
wolfSSL	2:28278596c2a2	4487	signer = next;
wolfSSL	2:28278596c2a2	4488	}
wolfSSL	2:28278596c2a2	4489	table[i] = NULL;
wolfSSL	2:28278596c2a2	4490	}
wolfSSL	2:28278596c2a2	4491	}
wolfSSL	2:28278596c2a2	4492
wolfSSL	2:28278596c2a2	4493
wolfSSL	2:28278596c2a2	4494	WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header)
wolfSSL	2:28278596c2a2	4495	{
wolfSSL	2:28278596c2a2	4496	int i = 0;
wolfSSL	2:28278596c2a2	4497
wolfSSL	2:28278596c2a2	4498	if (header) {
wolfSSL	2:28278596c2a2	4499	output[i++] = ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED;
wolfSSL	2:28278596c2a2	4500	output[i++] = ASN_BIT_STRING;
wolfSSL	2:28278596c2a2	4501	}
wolfSSL	2:28278596c2a2	4502	output[i++] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	4503	output[i++] = 0x01;
wolfSSL	2:28278596c2a2	4504	output[i++] = (byte)version;
wolfSSL	2:28278596c2a2	4505
wolfSSL	2:28278596c2a2	4506	return i;
wolfSSL	2:28278596c2a2	4507	}
wolfSSL	2:28278596c2a2	4508
wolfSSL	2:28278596c2a2	4509
wolfSSL	2:28278596c2a2	4510	WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output)
wolfSSL	2:28278596c2a2	4511	{
wolfSSL	2:28278596c2a2	4512	int result = 0;
wolfSSL	2:28278596c2a2	4513
wolfSSL	2:28278596c2a2	4514	WOLFSSL_ENTER("SetSerialNumber");
wolfSSL	2:28278596c2a2	4515
wolfSSL	2:28278596c2a2	4516	if (snSz <= EXTERNAL_SERIAL_SIZE) {
wolfSSL	2:28278596c2a2	4517	output[0] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	4518	/* The serial number is always positive. When encoding the
wolfSSL	2:28278596c2a2	4519	* INTEGER, if the MSB is 1, add a padding zero to keep the
wolfSSL	2:28278596c2a2	4520	* number positive. */
wolfSSL	2:28278596c2a2	4521	if (sn[0] & 0x80) {
wolfSSL	2:28278596c2a2	4522	output[1] = (byte)snSz + 1;
wolfSSL	2:28278596c2a2	4523	output[2] = 0;
wolfSSL	2:28278596c2a2	4524	XMEMCPY(&output[3], sn, snSz);
wolfSSL	2:28278596c2a2	4525	result = snSz + 3;
wolfSSL	2:28278596c2a2	4526	}
wolfSSL	2:28278596c2a2	4527	else {
wolfSSL	2:28278596c2a2	4528	output[1] = (byte)snSz;
wolfSSL	2:28278596c2a2	4529	XMEMCPY(&output[2], sn, snSz);
wolfSSL	2:28278596c2a2	4530	result = snSz + 2;
wolfSSL	2:28278596c2a2	4531	}
wolfSSL	2:28278596c2a2	4532	}
wolfSSL	2:28278596c2a2	4533	return result;
wolfSSL	2:28278596c2a2	4534	}
wolfSSL	2:28278596c2a2	4535
wolfSSL	2:28278596c2a2	4536
wolfSSL	2:28278596c2a2	4537
wolfSSL	2:28278596c2a2	4538
wolfSSL	2:28278596c2a2	4539	#if defined(WOLFSSL_KEY_GEN) \|\| defined(WOLFSSL_CERT_GEN)
wolfSSL	2:28278596c2a2	4540
wolfSSL	2:28278596c2a2	4541	/* convert der buffer to pem into output, can't do inplace, der and output
wolfSSL	2:28278596c2a2	4542	need to be different */
wolfSSL	2:28278596c2a2	4543	int wc_DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz,
wolfSSL	2:28278596c2a2	4544	int type)
wolfSSL	2:28278596c2a2	4545	{
wolfSSL	2:28278596c2a2	4546	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4547	char* header = NULL;
wolfSSL	2:28278596c2a2	4548	char* footer = NULL;
wolfSSL	2:28278596c2a2	4549	#else
wolfSSL	2:28278596c2a2	4550	char header[80];
wolfSSL	2:28278596c2a2	4551	char footer[80];
wolfSSL	2:28278596c2a2	4552	#endif
wolfSSL	2:28278596c2a2	4553
wolfSSL	2:28278596c2a2	4554	int headerLen = 80;
wolfSSL	2:28278596c2a2	4555	int footerLen = 80;
wolfSSL	2:28278596c2a2	4556	int i;
wolfSSL	2:28278596c2a2	4557	int err;
wolfSSL	2:28278596c2a2	4558	int outLen; /* return length or error */
wolfSSL	2:28278596c2a2	4559
wolfSSL	2:28278596c2a2	4560	if (der == output) /* no in place conversion */
wolfSSL	2:28278596c2a2	4561	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4562
wolfSSL	2:28278596c2a2	4563	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4564	header = (char*)XMALLOC(headerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4565	if (header == NULL)
wolfSSL	2:28278596c2a2	4566	return MEMORY_E;
wolfSSL	2:28278596c2a2	4567
wolfSSL	2:28278596c2a2	4568	footer = (char*)XMALLOC(footerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4569	if (footer == NULL) {
wolfSSL	2:28278596c2a2	4570	XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4571	return MEMORY_E;
wolfSSL	2:28278596c2a2	4572	}
wolfSSL	2:28278596c2a2	4573	#endif
wolfSSL	2:28278596c2a2	4574
wolfSSL	2:28278596c2a2	4575	if (type == CERT_TYPE) {
wolfSSL	2:28278596c2a2	4576	XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", headerLen);
wolfSSL	2:28278596c2a2	4577	XSTRNCPY(footer, "-----END CERTIFICATE-----\n", footerLen);
wolfSSL	2:28278596c2a2	4578	}
wolfSSL	2:28278596c2a2	4579	else if (type == PRIVATEKEY_TYPE) {
wolfSSL	2:28278596c2a2	4580	XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", headerLen);
wolfSSL	2:28278596c2a2	4581	XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n", footerLen);
wolfSSL	2:28278596c2a2	4582	}
wolfSSL	2:28278596c2a2	4583	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	4584	else if (type == ECC_PRIVATEKEY_TYPE) {
wolfSSL	2:28278596c2a2	4585	XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----\n", headerLen);
wolfSSL	2:28278596c2a2	4586	XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n", footerLen);
wolfSSL	2:28278596c2a2	4587	}
wolfSSL	2:28278596c2a2	4588	#endif
wolfSSL	2:28278596c2a2	4589	#ifdef WOLFSSL_CERT_REQ
wolfSSL	2:28278596c2a2	4590	else if (type == CERTREQ_TYPE)
wolfSSL	2:28278596c2a2	4591	{
wolfSSL	2:28278596c2a2	4592	XSTRNCPY(header,
wolfSSL	2:28278596c2a2	4593	"-----BEGIN CERTIFICATE REQUEST-----\n", headerLen);
wolfSSL	2:28278596c2a2	4594	XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----\n", footerLen);
wolfSSL	2:28278596c2a2	4595	}
wolfSSL	2:28278596c2a2	4596	#endif
wolfSSL	2:28278596c2a2	4597	else {
wolfSSL	2:28278596c2a2	4598	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4599	XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4600	XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4601	#endif
wolfSSL	2:28278596c2a2	4602	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4603	}
wolfSSL	2:28278596c2a2	4604
wolfSSL	2:28278596c2a2	4605	headerLen = (int)XSTRLEN(header);
wolfSSL	2:28278596c2a2	4606	footerLen = (int)XSTRLEN(footer);
wolfSSL	2:28278596c2a2	4607
wolfSSL	2:28278596c2a2	4608	if (!der \|\| !output) {
wolfSSL	2:28278596c2a2	4609	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4610	XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4611	XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4612	#endif
wolfSSL	2:28278596c2a2	4613	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4614	}
wolfSSL	2:28278596c2a2	4615
wolfSSL	2:28278596c2a2	4616	/* don't even try if outSz too short */
wolfSSL	2:28278596c2a2	4617	if (outSz < headerLen + footerLen + derSz) {
wolfSSL	2:28278596c2a2	4618	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4619	XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4620	XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4621	#endif
wolfSSL	2:28278596c2a2	4622	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4623	}
wolfSSL	2:28278596c2a2	4624
wolfSSL	2:28278596c2a2	4625	/* header */
wolfSSL	2:28278596c2a2	4626	XMEMCPY(output, header, headerLen);
wolfSSL	2:28278596c2a2	4627	i = headerLen;
wolfSSL	2:28278596c2a2	4628
wolfSSL	2:28278596c2a2	4629	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4630	XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4631	#endif
wolfSSL	2:28278596c2a2	4632
wolfSSL	2:28278596c2a2	4633	/* body */
wolfSSL	2:28278596c2a2	4634	outLen = outSz - (headerLen + footerLen); /* input to Base64_Encode */
wolfSSL	2:28278596c2a2	4635	if ( (err = Base64_Encode(der, derSz, output + i, (word32*)&outLen)) < 0) {
wolfSSL	2:28278596c2a2	4636	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4637	XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4638	#endif
wolfSSL	2:28278596c2a2	4639	return err;
wolfSSL	2:28278596c2a2	4640	}
wolfSSL	2:28278596c2a2	4641	i += outLen;
wolfSSL	2:28278596c2a2	4642
wolfSSL	2:28278596c2a2	4643	/* footer */
wolfSSL	2:28278596c2a2	4644	if ( (i + footerLen) > (int)outSz) {
wolfSSL	2:28278596c2a2	4645	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4646	XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4647	#endif
wolfSSL	2:28278596c2a2	4648	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4649	}
wolfSSL	2:28278596c2a2	4650	XMEMCPY(output + i, footer, footerLen);
wolfSSL	2:28278596c2a2	4651
wolfSSL	2:28278596c2a2	4652	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4653	XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4654	#endif
wolfSSL	2:28278596c2a2	4655
wolfSSL	2:28278596c2a2	4656	return outLen + headerLen + footerLen;
wolfSSL	2:28278596c2a2	4657	}
wolfSSL	2:28278596c2a2	4658
wolfSSL	2:28278596c2a2	4659
wolfSSL	2:28278596c2a2	4660	#endif /* WOLFSSL_KEY_GEN \|\| WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	4661
wolfSSL	2:28278596c2a2	4662
wolfSSL	2:28278596c2a2	4663	#if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA)
wolfSSL	2:28278596c2a2	4664
wolfSSL	2:28278596c2a2	4665
wolfSSL	2:28278596c2a2	4666	static mp_int* GetRsaInt(RsaKey* key, int idx)
wolfSSL	2:28278596c2a2	4667	{
wolfSSL	2:28278596c2a2	4668	if (idx == 0)
wolfSSL	2:28278596c2a2	4669	return &key->n;
wolfSSL	2:28278596c2a2	4670	if (idx == 1)
wolfSSL	2:28278596c2a2	4671	return &key->e;
wolfSSL	2:28278596c2a2	4672	if (idx == 2)
wolfSSL	2:28278596c2a2	4673	return &key->d;
wolfSSL	2:28278596c2a2	4674	if (idx == 3)
wolfSSL	2:28278596c2a2	4675	return &key->p;
wolfSSL	2:28278596c2a2	4676	if (idx == 4)
wolfSSL	2:28278596c2a2	4677	return &key->q;
wolfSSL	2:28278596c2a2	4678	if (idx == 5)
wolfSSL	2:28278596c2a2	4679	return &key->dP;
wolfSSL	2:28278596c2a2	4680	if (idx == 6)
wolfSSL	2:28278596c2a2	4681	return &key->dQ;
wolfSSL	2:28278596c2a2	4682	if (idx == 7)
wolfSSL	2:28278596c2a2	4683	return &key->u;
wolfSSL	2:28278596c2a2	4684
wolfSSL	2:28278596c2a2	4685	return NULL;
wolfSSL	2:28278596c2a2	4686	}
wolfSSL	2:28278596c2a2	4687
wolfSSL	2:28278596c2a2	4688
wolfSSL	2:28278596c2a2	4689	/* Release Tmp RSA resources */
wolfSSL	2:28278596c2a2	4690	static INLINE void FreeTmpRsas(byte** tmps, void* heap)
wolfSSL	2:28278596c2a2	4691	{
wolfSSL	2:28278596c2a2	4692	int i;
wolfSSL	2:28278596c2a2	4693
wolfSSL	2:28278596c2a2	4694	(void)heap;
wolfSSL	2:28278596c2a2	4695
wolfSSL	2:28278596c2a2	4696	for (i = 0; i < RSA_INTS; i++)
wolfSSL	2:28278596c2a2	4697	XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA);
wolfSSL	2:28278596c2a2	4698	}
wolfSSL	2:28278596c2a2	4699
wolfSSL	2:28278596c2a2	4700
wolfSSL	2:28278596c2a2	4701	/* Convert RsaKey key to DER format, write to output (inLen), return bytes
wolfSSL	2:28278596c2a2	4702	written */
wolfSSL	2:28278596c2a2	4703	int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
wolfSSL	2:28278596c2a2	4704	{
wolfSSL	2:28278596c2a2	4705	word32 seqSz, verSz, rawLen, intTotalLen = 0;
wolfSSL	2:28278596c2a2	4706	word32 sizes[RSA_INTS];
wolfSSL	2:28278596c2a2	4707	int i, j, outLen, ret = 0;
wolfSSL	2:28278596c2a2	4708
wolfSSL	2:28278596c2a2	4709	byte seq[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	4710	byte ver[MAX_VERSION_SZ];
wolfSSL	2:28278596c2a2	4711	byte* tmps[RSA_INTS];
wolfSSL	2:28278596c2a2	4712
wolfSSL	2:28278596c2a2	4713	if (!key \|\| !output)
wolfSSL	2:28278596c2a2	4714	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4715
wolfSSL	2:28278596c2a2	4716	if (key->type != RSA_PRIVATE)
wolfSSL	2:28278596c2a2	4717	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4718
wolfSSL	2:28278596c2a2	4719	for (i = 0; i < RSA_INTS; i++)
wolfSSL	2:28278596c2a2	4720	tmps[i] = NULL;
wolfSSL	2:28278596c2a2	4721
wolfSSL	2:28278596c2a2	4722	/* write all big ints from key to DER tmps */
wolfSSL	2:28278596c2a2	4723	for (i = 0; i < RSA_INTS; i++) {
wolfSSL	2:28278596c2a2	4724	mp_int* keyInt = GetRsaInt(key, i);
wolfSSL	2:28278596c2a2	4725	rawLen = mp_unsigned_bin_size(keyInt);
wolfSSL	2:28278596c2a2	4726	tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
wolfSSL	2:28278596c2a2	4727	DYNAMIC_TYPE_RSA);
wolfSSL	2:28278596c2a2	4728	if (tmps[i] == NULL) {
wolfSSL	2:28278596c2a2	4729	ret = MEMORY_E;
wolfSSL	2:28278596c2a2	4730	break;
wolfSSL	2:28278596c2a2	4731	}
wolfSSL	2:28278596c2a2	4732
wolfSSL	2:28278596c2a2	4733	tmps[i][0] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	4734	sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */
wolfSSL	2:28278596c2a2	4735
wolfSSL	2:28278596c2a2	4736	if (sizes[i] <= MAX_SEQ_SZ) {
wolfSSL	2:28278596c2a2	4737	int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]);
wolfSSL	2:28278596c2a2	4738	if (err == MP_OKAY) {
wolfSSL	2:28278596c2a2	4739	sizes[i] += rawLen;
wolfSSL	2:28278596c2a2	4740	intTotalLen += sizes[i];
wolfSSL	2:28278596c2a2	4741	}
wolfSSL	2:28278596c2a2	4742	else {
wolfSSL	2:28278596c2a2	4743	ret = err;
wolfSSL	2:28278596c2a2	4744	break;
wolfSSL	2:28278596c2a2	4745	}
wolfSSL	2:28278596c2a2	4746	}
wolfSSL	2:28278596c2a2	4747	else {
wolfSSL	2:28278596c2a2	4748	ret = ASN_INPUT_E;
wolfSSL	2:28278596c2a2	4749	break;
wolfSSL	2:28278596c2a2	4750	}
wolfSSL	2:28278596c2a2	4751	}
wolfSSL	2:28278596c2a2	4752
wolfSSL	2:28278596c2a2	4753	if (ret != 0) {
wolfSSL	2:28278596c2a2	4754	FreeTmpRsas(tmps, key->heap);
wolfSSL	2:28278596c2a2	4755	return ret;
wolfSSL	2:28278596c2a2	4756	}
wolfSSL	2:28278596c2a2	4757
wolfSSL	2:28278596c2a2	4758	/* make headers */
wolfSSL	2:28278596c2a2	4759	verSz = SetMyVersion(0, ver, FALSE);
wolfSSL	2:28278596c2a2	4760	seqSz = SetSequence(verSz + intTotalLen, seq);
wolfSSL	2:28278596c2a2	4761
wolfSSL	2:28278596c2a2	4762	outLen = seqSz + verSz + intTotalLen;
wolfSSL	2:28278596c2a2	4763	if (outLen > (int)inLen)
wolfSSL	2:28278596c2a2	4764	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	4765
wolfSSL	2:28278596c2a2	4766	/* write to output */
wolfSSL	2:28278596c2a2	4767	XMEMCPY(output, seq, seqSz);
wolfSSL	2:28278596c2a2	4768	j = seqSz;
wolfSSL	2:28278596c2a2	4769	XMEMCPY(output + j, ver, verSz);
wolfSSL	2:28278596c2a2	4770	j += verSz;
wolfSSL	2:28278596c2a2	4771
wolfSSL	2:28278596c2a2	4772	for (i = 0; i < RSA_INTS; i++) {
wolfSSL	2:28278596c2a2	4773	XMEMCPY(output + j, tmps[i], sizes[i]);
wolfSSL	2:28278596c2a2	4774	j += sizes[i];
wolfSSL	2:28278596c2a2	4775	}
wolfSSL	2:28278596c2a2	4776	FreeTmpRsas(tmps, key->heap);
wolfSSL	2:28278596c2a2	4777
wolfSSL	2:28278596c2a2	4778	return outLen;
wolfSSL	2:28278596c2a2	4779	}
wolfSSL	2:28278596c2a2	4780
wolfSSL	2:28278596c2a2	4781	#endif /* WOLFSSL_KEY_GEN && !NO_RSA */
wolfSSL	2:28278596c2a2	4782
wolfSSL	2:28278596c2a2	4783
wolfSSL	2:28278596c2a2	4784	#if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
wolfSSL	2:28278596c2a2	4785
wolfSSL	2:28278596c2a2	4786
wolfSSL	2:28278596c2a2	4787	#ifndef WOLFSSL_HAVE_MIN
wolfSSL	2:28278596c2a2	4788	#define WOLFSSL_HAVE_MIN
wolfSSL	2:28278596c2a2	4789
wolfSSL	2:28278596c2a2	4790	static INLINE word32 min(word32 a, word32 b)
wolfSSL	2:28278596c2a2	4791	{
wolfSSL	2:28278596c2a2	4792	return a > b ? b : a;
wolfSSL	2:28278596c2a2	4793	}
wolfSSL	2:28278596c2a2	4794
wolfSSL	2:28278596c2a2	4795	#endif /* WOLFSSL_HAVE_MIN */
wolfSSL	2:28278596c2a2	4796
wolfSSL	2:28278596c2a2	4797
wolfSSL	2:28278596c2a2	4798	/* Initialize and Set Certficate defaults:
wolfSSL	2:28278596c2a2	4799	version = 3 (0x2)
wolfSSL	2:28278596c2a2	4800	serial = 0
wolfSSL	2:28278596c2a2	4801	sigType = SHA_WITH_RSA
wolfSSL	2:28278596c2a2	4802	issuer = blank
wolfSSL	2:28278596c2a2	4803	daysValid = 500
wolfSSL	2:28278596c2a2	4804	selfSigned = 1 (true) use subject as issuer
wolfSSL	2:28278596c2a2	4805	subject = blank
wolfSSL	2:28278596c2a2	4806	*/
wolfSSL	2:28278596c2a2	4807	void wc_InitCert(Cert* cert)
wolfSSL	2:28278596c2a2	4808	{
wolfSSL	2:28278596c2a2	4809	cert->version = 2; /* version 3 is hex 2 */
wolfSSL	2:28278596c2a2	4810	cert->sigType = CTC_SHAwRSA;
wolfSSL	2:28278596c2a2	4811	cert->daysValid = 500;
wolfSSL	2:28278596c2a2	4812	cert->selfSigned = 1;
wolfSSL	2:28278596c2a2	4813	cert->isCA = 0;
wolfSSL	2:28278596c2a2	4814	cert->bodySz = 0;
wolfSSL	2:28278596c2a2	4815	#ifdef WOLFSSL_ALT_NAMES
wolfSSL	2:28278596c2a2	4816	cert->altNamesSz = 0;
wolfSSL	2:28278596c2a2	4817	cert->beforeDateSz = 0;
wolfSSL	2:28278596c2a2	4818	cert->afterDateSz = 0;
wolfSSL	2:28278596c2a2	4819	#endif
wolfSSL	2:28278596c2a2	4820	cert->keyType = RSA_KEY;
wolfSSL	2:28278596c2a2	4821	XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE);
wolfSSL	2:28278596c2a2	4822
wolfSSL	2:28278596c2a2	4823	cert->issuer.country[0] = '\0';
wolfSSL	2:28278596c2a2	4824	cert->issuer.countryEnc = CTC_PRINTABLE;
wolfSSL	2:28278596c2a2	4825	cert->issuer.state[0] = '\0';
wolfSSL	2:28278596c2a2	4826	cert->issuer.stateEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4827	cert->issuer.locality[0] = '\0';
wolfSSL	2:28278596c2a2	4828	cert->issuer.localityEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4829	cert->issuer.sur[0] = '\0';
wolfSSL	2:28278596c2a2	4830	cert->issuer.surEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4831	cert->issuer.org[0] = '\0';
wolfSSL	2:28278596c2a2	4832	cert->issuer.orgEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4833	cert->issuer.unit[0] = '\0';
wolfSSL	2:28278596c2a2	4834	cert->issuer.unitEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4835	cert->issuer.commonName[0] = '\0';
wolfSSL	2:28278596c2a2	4836	cert->issuer.commonNameEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4837	cert->issuer.email[0] = '\0';
wolfSSL	2:28278596c2a2	4838
wolfSSL	2:28278596c2a2	4839	cert->subject.country[0] = '\0';
wolfSSL	2:28278596c2a2	4840	cert->subject.countryEnc = CTC_PRINTABLE;
wolfSSL	2:28278596c2a2	4841	cert->subject.state[0] = '\0';
wolfSSL	2:28278596c2a2	4842	cert->subject.stateEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4843	cert->subject.locality[0] = '\0';
wolfSSL	2:28278596c2a2	4844	cert->subject.localityEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4845	cert->subject.sur[0] = '\0';
wolfSSL	2:28278596c2a2	4846	cert->subject.surEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4847	cert->subject.org[0] = '\0';
wolfSSL	2:28278596c2a2	4848	cert->subject.orgEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4849	cert->subject.unit[0] = '\0';
wolfSSL	2:28278596c2a2	4850	cert->subject.unitEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4851	cert->subject.commonName[0] = '\0';
wolfSSL	2:28278596c2a2	4852	cert->subject.commonNameEnc = CTC_UTF8;
wolfSSL	2:28278596c2a2	4853	cert->subject.email[0] = '\0';
wolfSSL	2:28278596c2a2	4854
wolfSSL	2:28278596c2a2	4855	#ifdef WOLFSSL_CERT_REQ
wolfSSL	2:28278596c2a2	4856	cert->challengePw[0] ='\0';
wolfSSL	2:28278596c2a2	4857	#endif
wolfSSL	2:28278596c2a2	4858	}
wolfSSL	2:28278596c2a2	4859
wolfSSL	2:28278596c2a2	4860
wolfSSL	2:28278596c2a2	4861	/* DER encoded x509 Certificate */
wolfSSL	2:28278596c2a2	4862	typedef struct DerCert {
wolfSSL	2:28278596c2a2	4863	byte size[MAX_LENGTH_SZ]; /* length encoded */
wolfSSL	2:28278596c2a2	4864	byte version[MAX_VERSION_SZ]; /* version encoded */
wolfSSL	2:28278596c2a2	4865	byte serial[CTC_SERIAL_SIZE + MAX_LENGTH_SZ]; /* serial number encoded */
wolfSSL	2:28278596c2a2	4866	byte sigAlgo[MAX_ALGO_SZ]; /* signature algo encoded */
wolfSSL	2:28278596c2a2	4867	byte issuer[ASN_NAME_MAX]; /* issuer encoded */
wolfSSL	2:28278596c2a2	4868	byte subject[ASN_NAME_MAX]; /* subject encoded */
wolfSSL	2:28278596c2a2	4869	byte validity[MAX_DATE_SIZE2 + MAX_SEQ_SZ2]; /* before and after dates */
wolfSSL	2:28278596c2a2	4870	byte publicKey[MAX_PUBLIC_KEY_SZ]; /* rsa / ntru public key encoded */
wolfSSL	2:28278596c2a2	4871	byte ca[MAX_CA_SZ]; /* basic constraint CA true size */
wolfSSL	2:28278596c2a2	4872	byte extensions[MAX_EXTENSIONS_SZ]; /* all extensions */
wolfSSL	2:28278596c2a2	4873	#ifdef WOLFSSL_CERT_REQ
wolfSSL	2:28278596c2a2	4874	byte attrib[MAX_ATTRIB_SZ]; /* Cert req attributes encoded */
wolfSSL	2:28278596c2a2	4875	#endif
wolfSSL	2:28278596c2a2	4876	int sizeSz; /* encoded size length */
wolfSSL	2:28278596c2a2	4877	int versionSz; /* encoded version length */
wolfSSL	2:28278596c2a2	4878	int serialSz; /* encoded serial length */
wolfSSL	2:28278596c2a2	4879	int sigAlgoSz; /* enocded sig alog length */
wolfSSL	2:28278596c2a2	4880	int issuerSz; /* encoded issuer length */
wolfSSL	2:28278596c2a2	4881	int subjectSz; /* encoded subject length */
wolfSSL	2:28278596c2a2	4882	int validitySz; /* encoded validity length */
wolfSSL	2:28278596c2a2	4883	int publicKeySz; /* encoded public key length */
wolfSSL	2:28278596c2a2	4884	int caSz; /* encoded CA extension length */
wolfSSL	2:28278596c2a2	4885	int extensionsSz; /* encoded extensions total length */
wolfSSL	2:28278596c2a2	4886	int total; /* total encoded lengths */
wolfSSL	2:28278596c2a2	4887	#ifdef WOLFSSL_CERT_REQ
wolfSSL	2:28278596c2a2	4888	int attribSz;
wolfSSL	2:28278596c2a2	4889	#endif
wolfSSL	2:28278596c2a2	4890	} DerCert;
wolfSSL	2:28278596c2a2	4891
wolfSSL	2:28278596c2a2	4892
wolfSSL	2:28278596c2a2	4893	#ifdef WOLFSSL_CERT_REQ
wolfSSL	2:28278596c2a2	4894
wolfSSL	2:28278596c2a2	4895	/* Write a set header to output */
wolfSSL	2:28278596c2a2	4896	static word32 SetUTF8String(word32 len, byte* output)
wolfSSL	2:28278596c2a2	4897	{
wolfSSL	2:28278596c2a2	4898	output[0] = ASN_UTF8STRING;
wolfSSL	2:28278596c2a2	4899	return SetLength(len, output + 1) + 1;
wolfSSL	2:28278596c2a2	4900	}
wolfSSL	2:28278596c2a2	4901
wolfSSL	2:28278596c2a2	4902	#endif /* WOLFSSL_CERT_REQ */
wolfSSL	2:28278596c2a2	4903
wolfSSL	2:28278596c2a2	4904
wolfSSL	2:28278596c2a2	4905	/* Write a serial number to output */
wolfSSL	2:28278596c2a2	4906	static int SetSerial(const byte* serial, byte* output)
wolfSSL	2:28278596c2a2	4907	{
wolfSSL	2:28278596c2a2	4908	int length = 0;
wolfSSL	2:28278596c2a2	4909
wolfSSL	2:28278596c2a2	4910	output[length++] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	4911	length += SetLength(CTC_SERIAL_SIZE, &output[length]);
wolfSSL	2:28278596c2a2	4912	XMEMCPY(&output[length], serial, CTC_SERIAL_SIZE);
wolfSSL	2:28278596c2a2	4913
wolfSSL	2:28278596c2a2	4914	return length + CTC_SERIAL_SIZE;
wolfSSL	2:28278596c2a2	4915	}
wolfSSL	2:28278596c2a2	4916
wolfSSL	2:28278596c2a2	4917
wolfSSL	2:28278596c2a2	4918	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	4919
wolfSSL	2:28278596c2a2	4920
wolfSSL	2:28278596c2a2	4921	/* Write a public ECC key to output */
wolfSSL	2:28278596c2a2	4922	static int SetEccPublicKey(byte* output, ecc_key* key)
wolfSSL	2:28278596c2a2	4923	{
wolfSSL	2:28278596c2a2	4924	byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */
wolfSSL	2:28278596c2a2	4925	int algoSz;
wolfSSL	2:28278596c2a2	4926	int curveSz;
wolfSSL	2:28278596c2a2	4927	int lenSz;
wolfSSL	2:28278596c2a2	4928	int idx;
wolfSSL	2:28278596c2a2	4929	word32 pubSz = ECC_BUFSIZE;
wolfSSL	2:28278596c2a2	4930	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4931	byte* algo = NULL;
wolfSSL	2:28278596c2a2	4932	byte* curve = NULL;
wolfSSL	2:28278596c2a2	4933	byte* pub = NULL;
wolfSSL	2:28278596c2a2	4934	#else
wolfSSL	2:28278596c2a2	4935	byte algo[MAX_ALGO_SZ];
wolfSSL	2:28278596c2a2	4936	byte curve[MAX_ALGO_SZ];
wolfSSL	2:28278596c2a2	4937	byte pub[ECC_BUFSIZE];
wolfSSL	2:28278596c2a2	4938	#endif
wolfSSL	2:28278596c2a2	4939
wolfSSL	2:28278596c2a2	4940	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4941	pub = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4942	if (pub == NULL)
wolfSSL	2:28278596c2a2	4943	return MEMORY_E;
wolfSSL	2:28278596c2a2	4944	#endif
wolfSSL	2:28278596c2a2	4945
wolfSSL	2:28278596c2a2	4946	int ret = wc_ecc_export_x963(key, pub, &pubSz);
wolfSSL	2:28278596c2a2	4947	if (ret != 0) {
wolfSSL	2:28278596c2a2	4948	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4949	XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4950	#endif
wolfSSL	2:28278596c2a2	4951	return ret;
wolfSSL	2:28278596c2a2	4952	}
wolfSSL	2:28278596c2a2	4953
wolfSSL	2:28278596c2a2	4954	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4955	curve = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4956	if (curve == NULL) {
wolfSSL	2:28278596c2a2	4957	XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4958	return MEMORY_E;
wolfSSL	2:28278596c2a2	4959	}
wolfSSL	2:28278596c2a2	4960	#endif
wolfSSL	2:28278596c2a2	4961
wolfSSL	2:28278596c2a2	4962	/* headers */
wolfSSL	2:28278596c2a2	4963	curveSz = SetCurve(key, curve);
wolfSSL	2:28278596c2a2	4964	if (curveSz <= 0) {
wolfSSL	2:28278596c2a2	4965	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4966	XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4967	XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4968	#endif
wolfSSL	2:28278596c2a2	4969	return curveSz;
wolfSSL	2:28278596c2a2	4970	}
wolfSSL	2:28278596c2a2	4971
wolfSSL	2:28278596c2a2	4972	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	4973	algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4974	if (algo == NULL) {
wolfSSL	2:28278596c2a2	4975	XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4976	XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	4977	return MEMORY_E;
wolfSSL	2:28278596c2a2	4978	}
wolfSSL	2:28278596c2a2	4979	#endif
wolfSSL	2:28278596c2a2	4980
wolfSSL	2:28278596c2a2	4981	algoSz = SetAlgoID(ECDSAk, algo, keyType, curveSz);
wolfSSL	2:28278596c2a2	4982	lenSz = SetLength(pubSz + 1, len);
wolfSSL	2:28278596c2a2	4983	len[lenSz++] = 0; /* trailing 0 */
wolfSSL	2:28278596c2a2	4984
wolfSSL	2:28278596c2a2	4985	/* write */
wolfSSL	2:28278596c2a2	4986	idx = SetSequence(pubSz + curveSz + lenSz + 1 + algoSz, output);
wolfSSL	2:28278596c2a2	4987	/* 1 is for ASN_BIT_STRING */
wolfSSL	2:28278596c2a2	4988	/* algo */
wolfSSL	2:28278596c2a2	4989	XMEMCPY(output + idx, algo, algoSz);
wolfSSL	2:28278596c2a2	4990	idx += algoSz;
wolfSSL	2:28278596c2a2	4991	/* curve */
wolfSSL	2:28278596c2a2	4992	XMEMCPY(output + idx, curve, curveSz);
wolfSSL	2:28278596c2a2	4993	idx += curveSz;
wolfSSL	2:28278596c2a2	4994	/* bit string */
wolfSSL	2:28278596c2a2	4995	output[idx++] = ASN_BIT_STRING;
wolfSSL	2:28278596c2a2	4996	/* length */
wolfSSL	2:28278596c2a2	4997	XMEMCPY(output + idx, len, lenSz);
wolfSSL	2:28278596c2a2	4998	idx += lenSz;
wolfSSL	2:28278596c2a2	4999	/* pub */
wolfSSL	2:28278596c2a2	5000	XMEMCPY(output + idx, pub, pubSz);
wolfSSL	2:28278596c2a2	5001	idx += pubSz;
wolfSSL	2:28278596c2a2	5002
wolfSSL	2:28278596c2a2	5003	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5004	XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5005	XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5006	XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5007	#endif
wolfSSL	2:28278596c2a2	5008
wolfSSL	2:28278596c2a2	5009	return idx;
wolfSSL	2:28278596c2a2	5010	}
wolfSSL	2:28278596c2a2	5011
wolfSSL	2:28278596c2a2	5012
wolfSSL	2:28278596c2a2	5013	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	5014
wolfSSL	2:28278596c2a2	5015
wolfSSL	2:28278596c2a2	5016	/* Write a public RSA key to output */
wolfSSL	2:28278596c2a2	5017	static int SetRsaPublicKey(byte* output, RsaKey* key)
wolfSSL	2:28278596c2a2	5018	{
wolfSSL	2:28278596c2a2	5019	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5020	byte* n = NULL;
wolfSSL	2:28278596c2a2	5021	byte* e = NULL;
wolfSSL	2:28278596c2a2	5022	byte* algo = NULL;
wolfSSL	2:28278596c2a2	5023	#else
wolfSSL	2:28278596c2a2	5024	byte n[MAX_RSA_INT_SZ];
wolfSSL	2:28278596c2a2	5025	byte e[MAX_RSA_E_SZ];
wolfSSL	2:28278596c2a2	5026	byte algo[MAX_ALGO_SZ];
wolfSSL	2:28278596c2a2	5027	#endif
wolfSSL	2:28278596c2a2	5028	byte seq[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	5029	byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */
wolfSSL	2:28278596c2a2	5030	int nSz;
wolfSSL	2:28278596c2a2	5031	int eSz;
wolfSSL	2:28278596c2a2	5032	int algoSz;
wolfSSL	2:28278596c2a2	5033	int seqSz;
wolfSSL	2:28278596c2a2	5034	int lenSz;
wolfSSL	2:28278596c2a2	5035	int idx;
wolfSSL	2:28278596c2a2	5036	int rawLen;
wolfSSL	2:28278596c2a2	5037	int leadingBit;
wolfSSL	2:28278596c2a2	5038	int err;
wolfSSL	2:28278596c2a2	5039
wolfSSL	2:28278596c2a2	5040	/* n */
wolfSSL	2:28278596c2a2	5041	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5042	n = (byte*)XMALLOC(MAX_RSA_INT_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5043	if (n == NULL)
wolfSSL	2:28278596c2a2	5044	return MEMORY_E;
wolfSSL	2:28278596c2a2	5045	#endif
wolfSSL	2:28278596c2a2	5046
wolfSSL	2:28278596c2a2	5047	leadingBit = mp_leading_bit(&key->n);
wolfSSL	2:28278596c2a2	5048	rawLen = mp_unsigned_bin_size(&key->n) + leadingBit;
wolfSSL	2:28278596c2a2	5049	n[0] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	5050	nSz = SetLength(rawLen, n + 1) + 1; /* int tag */
wolfSSL	2:28278596c2a2	5051
wolfSSL	2:28278596c2a2	5052	if ( (nSz + rawLen) < MAX_RSA_INT_SZ) {
wolfSSL	2:28278596c2a2	5053	if (leadingBit)
wolfSSL	2:28278596c2a2	5054	n[nSz] = 0;
wolfSSL	2:28278596c2a2	5055	err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit);
wolfSSL	2:28278596c2a2	5056	if (err == MP_OKAY)
wolfSSL	2:28278596c2a2	5057	nSz += rawLen;
wolfSSL	2:28278596c2a2	5058	else {
wolfSSL	2:28278596c2a2	5059	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5060	XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5061	#endif
wolfSSL	2:28278596c2a2	5062	return MP_TO_E;
wolfSSL	2:28278596c2a2	5063	}
wolfSSL	2:28278596c2a2	5064	}
wolfSSL	2:28278596c2a2	5065	else {
wolfSSL	2:28278596c2a2	5066	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5067	XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5068	#endif
wolfSSL	2:28278596c2a2	5069	return BUFFER_E;
wolfSSL	2:28278596c2a2	5070	}
wolfSSL	2:28278596c2a2	5071
wolfSSL	2:28278596c2a2	5072	/* e */
wolfSSL	2:28278596c2a2	5073	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5074	e = (byte*)XMALLOC(MAX_RSA_E_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5075	if (e == NULL) {
wolfSSL	2:28278596c2a2	5076	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5077	XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5078	#endif
wolfSSL	2:28278596c2a2	5079	return MEMORY_E;
wolfSSL	2:28278596c2a2	5080	}
wolfSSL	2:28278596c2a2	5081	#endif
wolfSSL	2:28278596c2a2	5082
wolfSSL	2:28278596c2a2	5083	leadingBit = mp_leading_bit(&key->e);
wolfSSL	2:28278596c2a2	5084	rawLen = mp_unsigned_bin_size(&key->e) + leadingBit;
wolfSSL	2:28278596c2a2	5085	e[0] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	5086	eSz = SetLength(rawLen, e + 1) + 1; /* int tag */
wolfSSL	2:28278596c2a2	5087
wolfSSL	2:28278596c2a2	5088	if ( (eSz + rawLen) < MAX_RSA_E_SZ) {
wolfSSL	2:28278596c2a2	5089	if (leadingBit)
wolfSSL	2:28278596c2a2	5090	e[eSz] = 0;
wolfSSL	2:28278596c2a2	5091	err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit);
wolfSSL	2:28278596c2a2	5092	if (err == MP_OKAY)
wolfSSL	2:28278596c2a2	5093	eSz += rawLen;
wolfSSL	2:28278596c2a2	5094	else {
wolfSSL	2:28278596c2a2	5095	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5096	XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5097	XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5098	#endif
wolfSSL	2:28278596c2a2	5099	return MP_TO_E;
wolfSSL	2:28278596c2a2	5100	}
wolfSSL	2:28278596c2a2	5101	}
wolfSSL	2:28278596c2a2	5102	else {
wolfSSL	2:28278596c2a2	5103	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5104	XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5105	XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5106	#endif
wolfSSL	2:28278596c2a2	5107	return BUFFER_E;
wolfSSL	2:28278596c2a2	5108	}
wolfSSL	2:28278596c2a2	5109
wolfSSL	2:28278596c2a2	5110	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5111	algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5112	if (algo == NULL) {
wolfSSL	2:28278596c2a2	5113	XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5114	XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5115	return MEMORY_E;
wolfSSL	2:28278596c2a2	5116	}
wolfSSL	2:28278596c2a2	5117	#endif
wolfSSL	2:28278596c2a2	5118
wolfSSL	2:28278596c2a2	5119	/* headers */
wolfSSL	2:28278596c2a2	5120	algoSz = SetAlgoID(RSAk, algo, keyType, 0);
wolfSSL	2:28278596c2a2	5121	seqSz = SetSequence(nSz + eSz, seq);
wolfSSL	2:28278596c2a2	5122	lenSz = SetLength(seqSz + nSz + eSz + 1, len);
wolfSSL	2:28278596c2a2	5123	len[lenSz++] = 0; /* trailing 0 */
wolfSSL	2:28278596c2a2	5124
wolfSSL	2:28278596c2a2	5125	/* write */
wolfSSL	2:28278596c2a2	5126	idx = SetSequence(nSz + eSz + seqSz + lenSz + 1 + algoSz, output);
wolfSSL	2:28278596c2a2	5127	/* 1 is for ASN_BIT_STRING */
wolfSSL	2:28278596c2a2	5128	/* algo */
wolfSSL	2:28278596c2a2	5129	XMEMCPY(output + idx, algo, algoSz);
wolfSSL	2:28278596c2a2	5130	idx += algoSz;
wolfSSL	2:28278596c2a2	5131	/* bit string */
wolfSSL	2:28278596c2a2	5132	output[idx++] = ASN_BIT_STRING;
wolfSSL	2:28278596c2a2	5133	/* length */
wolfSSL	2:28278596c2a2	5134	XMEMCPY(output + idx, len, lenSz);
wolfSSL	2:28278596c2a2	5135	idx += lenSz;
wolfSSL	2:28278596c2a2	5136	/* seq */
wolfSSL	2:28278596c2a2	5137	XMEMCPY(output + idx, seq, seqSz);
wolfSSL	2:28278596c2a2	5138	idx += seqSz;
wolfSSL	2:28278596c2a2	5139	/* n */
wolfSSL	2:28278596c2a2	5140	XMEMCPY(output + idx, n, nSz);
wolfSSL	2:28278596c2a2	5141	idx += nSz;
wolfSSL	2:28278596c2a2	5142	/* e */
wolfSSL	2:28278596c2a2	5143	XMEMCPY(output + idx, e, eSz);
wolfSSL	2:28278596c2a2	5144	idx += eSz;
wolfSSL	2:28278596c2a2	5145
wolfSSL	2:28278596c2a2	5146	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5147	XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5148	XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5149	XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5150	#endif
wolfSSL	2:28278596c2a2	5151
wolfSSL	2:28278596c2a2	5152	return idx;
wolfSSL	2:28278596c2a2	5153	}
wolfSSL	2:28278596c2a2	5154
wolfSSL	2:28278596c2a2	5155
wolfSSL	2:28278596c2a2	5156	static INLINE byte itob(int number)
wolfSSL	2:28278596c2a2	5157	{
wolfSSL	2:28278596c2a2	5158	return (byte)number + 0x30;
wolfSSL	2:28278596c2a2	5159	}
wolfSSL	2:28278596c2a2	5160
wolfSSL	2:28278596c2a2	5161
wolfSSL	2:28278596c2a2	5162	/* write time to output, format */
wolfSSL	2:28278596c2a2	5163	static void SetTime(struct tm* date, byte* output)
wolfSSL	2:28278596c2a2	5164	{
wolfSSL	2:28278596c2a2	5165	int i = 0;
wolfSSL	2:28278596c2a2	5166
wolfSSL	2:28278596c2a2	5167	output[i++] = itob((date->tm_year % 10000) / 1000);
wolfSSL	2:28278596c2a2	5168	output[i++] = itob((date->tm_year % 1000) / 100);
wolfSSL	2:28278596c2a2	5169	output[i++] = itob((date->tm_year % 100) / 10);
wolfSSL	2:28278596c2a2	5170	output[i++] = itob( date->tm_year % 10);
wolfSSL	2:28278596c2a2	5171
wolfSSL	2:28278596c2a2	5172	output[i++] = itob(date->tm_mon / 10);
wolfSSL	2:28278596c2a2	5173	output[i++] = itob(date->tm_mon % 10);
wolfSSL	2:28278596c2a2	5174
wolfSSL	2:28278596c2a2	5175	output[i++] = itob(date->tm_mday / 10);
wolfSSL	2:28278596c2a2	5176	output[i++] = itob(date->tm_mday % 10);
wolfSSL	2:28278596c2a2	5177
wolfSSL	2:28278596c2a2	5178	output[i++] = itob(date->tm_hour / 10);
wolfSSL	2:28278596c2a2	5179	output[i++] = itob(date->tm_hour % 10);
wolfSSL	2:28278596c2a2	5180
wolfSSL	2:28278596c2a2	5181	output[i++] = itob(date->tm_min / 10);
wolfSSL	2:28278596c2a2	5182	output[i++] = itob(date->tm_min % 10);
wolfSSL	2:28278596c2a2	5183
wolfSSL	2:28278596c2a2	5184	output[i++] = itob(date->tm_sec / 10);
wolfSSL	2:28278596c2a2	5185	output[i++] = itob(date->tm_sec % 10);
wolfSSL	2:28278596c2a2	5186
wolfSSL	2:28278596c2a2	5187	output[i] = 'Z'; /* Zulu profile */
wolfSSL	2:28278596c2a2	5188	}
wolfSSL	2:28278596c2a2	5189
wolfSSL	2:28278596c2a2	5190
wolfSSL	2:28278596c2a2	5191	#ifdef WOLFSSL_ALT_NAMES
wolfSSL	2:28278596c2a2	5192
wolfSSL	2:28278596c2a2	5193	/* Copy Dates from cert, return bytes written */
wolfSSL	2:28278596c2a2	5194	static int CopyValidity(byte* output, Cert* cert)
wolfSSL	2:28278596c2a2	5195	{
wolfSSL	2:28278596c2a2	5196	int seqSz;
wolfSSL	2:28278596c2a2	5197
wolfSSL	2:28278596c2a2	5198	WOLFSSL_ENTER("CopyValidity");
wolfSSL	2:28278596c2a2	5199
wolfSSL	2:28278596c2a2	5200	/* headers and output */
wolfSSL	2:28278596c2a2	5201	seqSz = SetSequence(cert->beforeDateSz + cert->afterDateSz, output);
wolfSSL	2:28278596c2a2	5202	XMEMCPY(output + seqSz, cert->beforeDate, cert->beforeDateSz);
wolfSSL	2:28278596c2a2	5203	XMEMCPY(output + seqSz + cert->beforeDateSz, cert->afterDate,
wolfSSL	2:28278596c2a2	5204	cert->afterDateSz);
wolfSSL	2:28278596c2a2	5205	return seqSz + cert->beforeDateSz + cert->afterDateSz;
wolfSSL	2:28278596c2a2	5206	}
wolfSSL	2:28278596c2a2	5207
wolfSSL	2:28278596c2a2	5208	#endif
wolfSSL	2:28278596c2a2	5209
wolfSSL	2:28278596c2a2	5210
wolfSSL	2:28278596c2a2	5211	/* for systems where mktime() doesn't normalize fully */
wolfSSL	2:28278596c2a2	5212	static void RebuildTime(time_t* in, struct tm* out)
wolfSSL	2:28278596c2a2	5213	{
wolfSSL	2:28278596c2a2	5214	#ifdef FREESCALE_MQX
wolfSSL	2:28278596c2a2	5215	out = localtime_r(in, out);
wolfSSL	2:28278596c2a2	5216	#else
wolfSSL	2:28278596c2a2	5217	(void)in;
wolfSSL	2:28278596c2a2	5218	(void)out;
wolfSSL	2:28278596c2a2	5219	#endif
wolfSSL	2:28278596c2a2	5220	}
wolfSSL	2:28278596c2a2	5221
wolfSSL	2:28278596c2a2	5222
wolfSSL	2:28278596c2a2	5223	/* Set Date validity from now until now + daysValid */
wolfSSL	2:28278596c2a2	5224	static int SetValidity(byte* output, int daysValid)
wolfSSL	2:28278596c2a2	5225	{
wolfSSL	2:28278596c2a2	5226	byte before[MAX_DATE_SIZE];
wolfSSL	2:28278596c2a2	5227	byte after[MAX_DATE_SIZE];
wolfSSL	2:28278596c2a2	5228
wolfSSL	2:28278596c2a2	5229	int beforeSz;
wolfSSL	2:28278596c2a2	5230	int afterSz;
wolfSSL	2:28278596c2a2	5231	int seqSz;
wolfSSL	2:28278596c2a2	5232
wolfSSL	2:28278596c2a2	5233	time_t ticks;
wolfSSL	2:28278596c2a2	5234	time_t normalTime;
wolfSSL	2:28278596c2a2	5235	struct tm* now;
wolfSSL	2:28278596c2a2	5236	struct tm* tmpTime = NULL;
wolfSSL	2:28278596c2a2	5237	struct tm local;
wolfSSL	2:28278596c2a2	5238
wolfSSL	2:28278596c2a2	5239	#if defined(FREESCALE_MQX) \|\| defined(TIME_OVERRIDES)
wolfSSL	2:28278596c2a2	5240	/* for use with gmtime_r */
wolfSSL	2:28278596c2a2	5241	struct tm tmpTimeStorage;
wolfSSL	2:28278596c2a2	5242	tmpTime = &tmpTimeStorage;
wolfSSL	2:28278596c2a2	5243	#else
wolfSSL	2:28278596c2a2	5244	(void)tmpTime;
wolfSSL	2:28278596c2a2	5245	#endif
wolfSSL	2:28278596c2a2	5246
wolfSSL	2:28278596c2a2	5247	ticks = XTIME(0);
wolfSSL	2:28278596c2a2	5248	now = XGMTIME(&ticks, tmpTime);
wolfSSL	2:28278596c2a2	5249
wolfSSL	2:28278596c2a2	5250	/* before now */
wolfSSL	2:28278596c2a2	5251	local = *now;
wolfSSL	2:28278596c2a2	5252	before[0] = ASN_GENERALIZED_TIME;
wolfSSL	2:28278596c2a2	5253	beforeSz = SetLength(ASN_GEN_TIME_SZ, before + 1) + 1; /* gen tag */
wolfSSL	2:28278596c2a2	5254
wolfSSL	2:28278596c2a2	5255	/* subtract 1 day for more compliance */
wolfSSL	2:28278596c2a2	5256	local.tm_mday -= 1;
wolfSSL	2:28278596c2a2	5257	normalTime = mktime(&local);
wolfSSL	2:28278596c2a2	5258	RebuildTime(&normalTime, &local);
wolfSSL	2:28278596c2a2	5259
wolfSSL	2:28278596c2a2	5260	/* adjust */
wolfSSL	2:28278596c2a2	5261	local.tm_year += 1900;
wolfSSL	2:28278596c2a2	5262	local.tm_mon += 1;
wolfSSL	2:28278596c2a2	5263
wolfSSL	2:28278596c2a2	5264	SetTime(&local, before + beforeSz);
wolfSSL	2:28278596c2a2	5265	beforeSz += ASN_GEN_TIME_SZ;
wolfSSL	2:28278596c2a2	5266
wolfSSL	2:28278596c2a2	5267	/* after now + daysValid */
wolfSSL	2:28278596c2a2	5268	local = *now;
wolfSSL	2:28278596c2a2	5269	after[0] = ASN_GENERALIZED_TIME;
wolfSSL	2:28278596c2a2	5270	afterSz = SetLength(ASN_GEN_TIME_SZ, after + 1) + 1; /* gen tag */
wolfSSL	2:28278596c2a2	5271
wolfSSL	2:28278596c2a2	5272	/* add daysValid */
wolfSSL	2:28278596c2a2	5273	local.tm_mday += daysValid;
wolfSSL	2:28278596c2a2	5274	normalTime = mktime(&local);
wolfSSL	2:28278596c2a2	5275	RebuildTime(&normalTime, &local);
wolfSSL	2:28278596c2a2	5276
wolfSSL	2:28278596c2a2	5277	/* adjust */
wolfSSL	2:28278596c2a2	5278	local.tm_year += 1900;
wolfSSL	2:28278596c2a2	5279	local.tm_mon += 1;
wolfSSL	2:28278596c2a2	5280
wolfSSL	2:28278596c2a2	5281	SetTime(&local, after + afterSz);
wolfSSL	2:28278596c2a2	5282	afterSz += ASN_GEN_TIME_SZ;
wolfSSL	2:28278596c2a2	5283
wolfSSL	2:28278596c2a2	5284	/* headers and output */
wolfSSL	2:28278596c2a2	5285	seqSz = SetSequence(beforeSz + afterSz, output);
wolfSSL	2:28278596c2a2	5286	XMEMCPY(output + seqSz, before, beforeSz);
wolfSSL	2:28278596c2a2	5287	XMEMCPY(output + seqSz + beforeSz, after, afterSz);
wolfSSL	2:28278596c2a2	5288
wolfSSL	2:28278596c2a2	5289	return seqSz + beforeSz + afterSz;
wolfSSL	2:28278596c2a2	5290	}
wolfSSL	2:28278596c2a2	5291
wolfSSL	2:28278596c2a2	5292
wolfSSL	2:28278596c2a2	5293	/* ASN Encoded Name field */
wolfSSL	2:28278596c2a2	5294	typedef struct EncodedName {
wolfSSL	2:28278596c2a2	5295	int nameLen; /* actual string value length */
wolfSSL	2:28278596c2a2	5296	int totalLen; /* total encoded length */
wolfSSL	2:28278596c2a2	5297	int type; /* type of name */
wolfSSL	2:28278596c2a2	5298	int used; /* are we actually using this one */
wolfSSL	2:28278596c2a2	5299	byte encoded[CTC_NAME_SIZE * 2]; /* encoding */
wolfSSL	2:28278596c2a2	5300	} EncodedName;
wolfSSL	2:28278596c2a2	5301
wolfSSL	2:28278596c2a2	5302
wolfSSL	2:28278596c2a2	5303	/* Get Which Name from index */
wolfSSL	2:28278596c2a2	5304	static const char* GetOneName(CertName* name, int idx)
wolfSSL	2:28278596c2a2	5305	{
wolfSSL	2:28278596c2a2	5306	switch (idx) {
wolfSSL	2:28278596c2a2	5307	case 0:
wolfSSL	2:28278596c2a2	5308	return name->country;
wolfSSL	2:28278596c2a2	5309
wolfSSL	2:28278596c2a2	5310	case 1:
wolfSSL	2:28278596c2a2	5311	return name->state;
wolfSSL	2:28278596c2a2	5312
wolfSSL	2:28278596c2a2	5313	case 2:
wolfSSL	2:28278596c2a2	5314	return name->locality;
wolfSSL	2:28278596c2a2	5315
wolfSSL	2:28278596c2a2	5316	case 3:
wolfSSL	2:28278596c2a2	5317	return name->sur;
wolfSSL	2:28278596c2a2	5318
wolfSSL	2:28278596c2a2	5319	case 4:
wolfSSL	2:28278596c2a2	5320	return name->org;
wolfSSL	2:28278596c2a2	5321
wolfSSL	2:28278596c2a2	5322	case 5:
wolfSSL	2:28278596c2a2	5323	return name->unit;
wolfSSL	2:28278596c2a2	5324
wolfSSL	2:28278596c2a2	5325	case 6:
wolfSSL	2:28278596c2a2	5326	return name->commonName;
wolfSSL	2:28278596c2a2	5327
wolfSSL	2:28278596c2a2	5328	case 7:
wolfSSL	2:28278596c2a2	5329	return name->email;
wolfSSL	2:28278596c2a2	5330
wolfSSL	2:28278596c2a2	5331	default:
wolfSSL	2:28278596c2a2	5332	return 0;
wolfSSL	2:28278596c2a2	5333	}
wolfSSL	2:28278596c2a2	5334	}
wolfSSL	2:28278596c2a2	5335
wolfSSL	2:28278596c2a2	5336
wolfSSL	2:28278596c2a2	5337	/* Get Which Name Encoding from index */
wolfSSL	2:28278596c2a2	5338	static char GetNameType(CertName* name, int idx)
wolfSSL	2:28278596c2a2	5339	{
wolfSSL	2:28278596c2a2	5340	switch (idx) {
wolfSSL	2:28278596c2a2	5341	case 0:
wolfSSL	2:28278596c2a2	5342	return name->countryEnc;
wolfSSL	2:28278596c2a2	5343
wolfSSL	2:28278596c2a2	5344	case 1:
wolfSSL	2:28278596c2a2	5345	return name->stateEnc;
wolfSSL	2:28278596c2a2	5346
wolfSSL	2:28278596c2a2	5347	case 2:
wolfSSL	2:28278596c2a2	5348	return name->localityEnc;
wolfSSL	2:28278596c2a2	5349
wolfSSL	2:28278596c2a2	5350	case 3:
wolfSSL	2:28278596c2a2	5351	return name->surEnc;
wolfSSL	2:28278596c2a2	5352
wolfSSL	2:28278596c2a2	5353	case 4:
wolfSSL	2:28278596c2a2	5354	return name->orgEnc;
wolfSSL	2:28278596c2a2	5355
wolfSSL	2:28278596c2a2	5356	case 5:
wolfSSL	2:28278596c2a2	5357	return name->unitEnc;
wolfSSL	2:28278596c2a2	5358
wolfSSL	2:28278596c2a2	5359	case 6:
wolfSSL	2:28278596c2a2	5360	return name->commonNameEnc;
wolfSSL	2:28278596c2a2	5361
wolfSSL	2:28278596c2a2	5362	default:
wolfSSL	2:28278596c2a2	5363	return 0;
wolfSSL	2:28278596c2a2	5364	}
wolfSSL	2:28278596c2a2	5365	}
wolfSSL	2:28278596c2a2	5366
wolfSSL	2:28278596c2a2	5367
wolfSSL	2:28278596c2a2	5368	/* Get ASN Name from index */
wolfSSL	2:28278596c2a2	5369	static byte GetNameId(int idx)
wolfSSL	2:28278596c2a2	5370	{
wolfSSL	2:28278596c2a2	5371	switch (idx) {
wolfSSL	2:28278596c2a2	5372	case 0:
wolfSSL	2:28278596c2a2	5373	return ASN_COUNTRY_NAME;
wolfSSL	2:28278596c2a2	5374
wolfSSL	2:28278596c2a2	5375	case 1:
wolfSSL	2:28278596c2a2	5376	return ASN_STATE_NAME;
wolfSSL	2:28278596c2a2	5377
wolfSSL	2:28278596c2a2	5378	case 2:
wolfSSL	2:28278596c2a2	5379	return ASN_LOCALITY_NAME;
wolfSSL	2:28278596c2a2	5380
wolfSSL	2:28278596c2a2	5381	case 3:
wolfSSL	2:28278596c2a2	5382	return ASN_SUR_NAME;
wolfSSL	2:28278596c2a2	5383
wolfSSL	2:28278596c2a2	5384	case 4:
wolfSSL	2:28278596c2a2	5385	return ASN_ORG_NAME;
wolfSSL	2:28278596c2a2	5386
wolfSSL	2:28278596c2a2	5387	case 5:
wolfSSL	2:28278596c2a2	5388	return ASN_ORGUNIT_NAME;
wolfSSL	2:28278596c2a2	5389
wolfSSL	2:28278596c2a2	5390	case 6:
wolfSSL	2:28278596c2a2	5391	return ASN_COMMON_NAME;
wolfSSL	2:28278596c2a2	5392
wolfSSL	2:28278596c2a2	5393	case 7:
wolfSSL	2:28278596c2a2	5394	/* email uses different id type */
wolfSSL	2:28278596c2a2	5395	return 0;
wolfSSL	2:28278596c2a2	5396
wolfSSL	2:28278596c2a2	5397	default:
wolfSSL	2:28278596c2a2	5398	return 0;
wolfSSL	2:28278596c2a2	5399	}
wolfSSL	2:28278596c2a2	5400	}
wolfSSL	2:28278596c2a2	5401
wolfSSL	2:28278596c2a2	5402
wolfSSL	2:28278596c2a2	5403	/* encode all extensions, return total bytes written */
wolfSSL	2:28278596c2a2	5404	static int SetExtensions(byte* output, const byte* ext, int extSz, int header)
wolfSSL	2:28278596c2a2	5405	{
wolfSSL	2:28278596c2a2	5406	byte sequence[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	5407	byte len[MAX_LENGTH_SZ];
wolfSSL	2:28278596c2a2	5408
wolfSSL	2:28278596c2a2	5409	int sz = 0;
wolfSSL	2:28278596c2a2	5410	int seqSz = SetSequence(extSz, sequence);
wolfSSL	2:28278596c2a2	5411
wolfSSL	2:28278596c2a2	5412	if (header) {
wolfSSL	2:28278596c2a2	5413	int lenSz = SetLength(seqSz + extSz, len);
wolfSSL	2:28278596c2a2	5414	output[0] = ASN_EXTENSIONS; /* extensions id */
wolfSSL	2:28278596c2a2	5415	sz++;
wolfSSL	2:28278596c2a2	5416	XMEMCPY(&output[sz], len, lenSz); /* length */
wolfSSL	2:28278596c2a2	5417	sz += lenSz;
wolfSSL	2:28278596c2a2	5418	}
wolfSSL	2:28278596c2a2	5419	XMEMCPY(&output[sz], sequence, seqSz); /* sequence */
wolfSSL	2:28278596c2a2	5420	sz += seqSz;
wolfSSL	2:28278596c2a2	5421	XMEMCPY(&output[sz], ext, extSz); /* extensions */
wolfSSL	2:28278596c2a2	5422	sz += extSz;
wolfSSL	2:28278596c2a2	5423
wolfSSL	2:28278596c2a2	5424	return sz;
wolfSSL	2:28278596c2a2	5425	}
wolfSSL	2:28278596c2a2	5426
wolfSSL	2:28278596c2a2	5427
wolfSSL	2:28278596c2a2	5428	/* encode CA basic constraint true, return total bytes written */
wolfSSL	2:28278596c2a2	5429	static int SetCa(byte* output)
wolfSSL	2:28278596c2a2	5430	{
wolfSSL	2:28278596c2a2	5431	static const byte ca[] = { 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,
wolfSSL	2:28278596c2a2	5432	0x05, 0x30, 0x03, 0x01, 0x01, 0xff };
wolfSSL	2:28278596c2a2	5433
wolfSSL	2:28278596c2a2	5434	XMEMCPY(output, ca, sizeof(ca));
wolfSSL	2:28278596c2a2	5435
wolfSSL	2:28278596c2a2	5436	return (int)sizeof(ca);
wolfSSL	2:28278596c2a2	5437	}
wolfSSL	2:28278596c2a2	5438
wolfSSL	2:28278596c2a2	5439
wolfSSL	2:28278596c2a2	5440	/* encode CertName into output, return total bytes written */
wolfSSL	2:28278596c2a2	5441	static int SetName(byte* output, CertName* name)
wolfSSL	2:28278596c2a2	5442	{
wolfSSL	2:28278596c2a2	5443	int totalBytes = 0, i, idx;
wolfSSL	2:28278596c2a2	5444	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5445	EncodedName* names = NULL;
wolfSSL	2:28278596c2a2	5446	#else
wolfSSL	2:28278596c2a2	5447	EncodedName names[NAME_ENTRIES];
wolfSSL	2:28278596c2a2	5448	#endif
wolfSSL	2:28278596c2a2	5449
wolfSSL	2:28278596c2a2	5450	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5451	names = (EncodedName)XMALLOC(sizeof(EncodedName) NAME_ENTRIES, NULL,
wolfSSL	2:28278596c2a2	5452	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5453	if (names == NULL)
wolfSSL	2:28278596c2a2	5454	return MEMORY_E;
wolfSSL	2:28278596c2a2	5455	#endif
wolfSSL	2:28278596c2a2	5456
wolfSSL	2:28278596c2a2	5457	for (i = 0; i < NAME_ENTRIES; i++) {
wolfSSL	2:28278596c2a2	5458	const char* nameStr = GetOneName(name, i);
wolfSSL	2:28278596c2a2	5459	if (nameStr) {
wolfSSL	2:28278596c2a2	5460	/* bottom up */
wolfSSL	2:28278596c2a2	5461	byte firstLen[MAX_LENGTH_SZ];
wolfSSL	2:28278596c2a2	5462	byte secondLen[MAX_LENGTH_SZ];
wolfSSL	2:28278596c2a2	5463	byte sequence[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	5464	byte set[MAX_SET_SZ];
wolfSSL	2:28278596c2a2	5465
wolfSSL	2:28278596c2a2	5466	int email = i == (NAME_ENTRIES - 1) ? 1 : 0;
wolfSSL	2:28278596c2a2	5467	int strLen = (int)XSTRLEN(nameStr);
wolfSSL	2:28278596c2a2	5468	int thisLen = strLen;
wolfSSL	2:28278596c2a2	5469	int firstSz, secondSz, seqSz, setSz;
wolfSSL	2:28278596c2a2	5470
wolfSSL	2:28278596c2a2	5471	if (strLen == 0) { /* no user data for this item */
wolfSSL	2:28278596c2a2	5472	names[i].used = 0;
wolfSSL	2:28278596c2a2	5473	continue;
wolfSSL	2:28278596c2a2	5474	}
wolfSSL	2:28278596c2a2	5475
wolfSSL	2:28278596c2a2	5476	secondSz = SetLength(strLen, secondLen);
wolfSSL	2:28278596c2a2	5477	thisLen += secondSz;
wolfSSL	2:28278596c2a2	5478	if (email) {
wolfSSL	2:28278596c2a2	5479	thisLen += EMAIL_JOINT_LEN;
wolfSSL	2:28278596c2a2	5480	thisLen ++; /* id type */
wolfSSL	2:28278596c2a2	5481	firstSz = SetLength(EMAIL_JOINT_LEN, firstLen);
wolfSSL	2:28278596c2a2	5482	}
wolfSSL	2:28278596c2a2	5483	else {
wolfSSL	2:28278596c2a2	5484	thisLen++; /* str type */
wolfSSL	2:28278596c2a2	5485	thisLen++; /* id type */
wolfSSL	2:28278596c2a2	5486	thisLen += JOINT_LEN;
wolfSSL	2:28278596c2a2	5487	firstSz = SetLength(JOINT_LEN + 1, firstLen);
wolfSSL	2:28278596c2a2	5488	}
wolfSSL	2:28278596c2a2	5489	thisLen += firstSz;
wolfSSL	2:28278596c2a2	5490	thisLen++; /* object id */
wolfSSL	2:28278596c2a2	5491
wolfSSL	2:28278596c2a2	5492	seqSz = SetSequence(thisLen, sequence);
wolfSSL	2:28278596c2a2	5493	thisLen += seqSz;
wolfSSL	2:28278596c2a2	5494	setSz = SetSet(thisLen, set);
wolfSSL	2:28278596c2a2	5495	thisLen += setSz;
wolfSSL	2:28278596c2a2	5496
wolfSSL	2:28278596c2a2	5497	if (thisLen > (int)sizeof(names[i].encoded)) {
wolfSSL	2:28278596c2a2	5498	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5499	XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5500	#endif
wolfSSL	2:28278596c2a2	5501	return BUFFER_E;
wolfSSL	2:28278596c2a2	5502	}
wolfSSL	2:28278596c2a2	5503
wolfSSL	2:28278596c2a2	5504	/* store it */
wolfSSL	2:28278596c2a2	5505	idx = 0;
wolfSSL	2:28278596c2a2	5506	/* set */
wolfSSL	2:28278596c2a2	5507	XMEMCPY(names[i].encoded, set, setSz);
wolfSSL	2:28278596c2a2	5508	idx += setSz;
wolfSSL	2:28278596c2a2	5509	/* seq */
wolfSSL	2:28278596c2a2	5510	XMEMCPY(names[i].encoded + idx, sequence, seqSz);
wolfSSL	2:28278596c2a2	5511	idx += seqSz;
wolfSSL	2:28278596c2a2	5512	/* asn object id */
wolfSSL	2:28278596c2a2	5513	names[i].encoded[idx++] = ASN_OBJECT_ID;
wolfSSL	2:28278596c2a2	5514	/* first length */
wolfSSL	2:28278596c2a2	5515	XMEMCPY(names[i].encoded + idx, firstLen, firstSz);
wolfSSL	2:28278596c2a2	5516	idx += firstSz;
wolfSSL	2:28278596c2a2	5517	if (email) {
wolfSSL	2:28278596c2a2	5518	const byte EMAIL_OID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
wolfSSL	2:28278596c2a2	5519	0x01, 0x09, 0x01, 0x16 };
wolfSSL	2:28278596c2a2	5520	/* email joint id */
wolfSSL	2:28278596c2a2	5521	XMEMCPY(names[i].encoded + idx, EMAIL_OID, sizeof(EMAIL_OID));
wolfSSL	2:28278596c2a2	5522	idx += (int)sizeof(EMAIL_OID);
wolfSSL	2:28278596c2a2	5523	}
wolfSSL	2:28278596c2a2	5524	else {
wolfSSL	2:28278596c2a2	5525	/* joint id */
wolfSSL	2:28278596c2a2	5526	byte bType = GetNameId(i);
wolfSSL	2:28278596c2a2	5527	names[i].encoded[idx++] = 0x55;
wolfSSL	2:28278596c2a2	5528	names[i].encoded[idx++] = 0x04;
wolfSSL	2:28278596c2a2	5529	/* id type */
wolfSSL	2:28278596c2a2	5530	names[i].encoded[idx++] = bType;
wolfSSL	2:28278596c2a2	5531	/* str type */
wolfSSL	2:28278596c2a2	5532	names[i].encoded[idx++] = GetNameType(name, i);
wolfSSL	2:28278596c2a2	5533	}
wolfSSL	2:28278596c2a2	5534	/* second length */
wolfSSL	2:28278596c2a2	5535	XMEMCPY(names[i].encoded + idx, secondLen, secondSz);
wolfSSL	2:28278596c2a2	5536	idx += secondSz;
wolfSSL	2:28278596c2a2	5537	/* str value */
wolfSSL	2:28278596c2a2	5538	XMEMCPY(names[i].encoded + idx, nameStr, strLen);
wolfSSL	2:28278596c2a2	5539	idx += strLen;
wolfSSL	2:28278596c2a2	5540
wolfSSL	2:28278596c2a2	5541	totalBytes += idx;
wolfSSL	2:28278596c2a2	5542	names[i].totalLen = idx;
wolfSSL	2:28278596c2a2	5543	names[i].used = 1;
wolfSSL	2:28278596c2a2	5544	}
wolfSSL	2:28278596c2a2	5545	else
wolfSSL	2:28278596c2a2	5546	names[i].used = 0;
wolfSSL	2:28278596c2a2	5547	}
wolfSSL	2:28278596c2a2	5548
wolfSSL	2:28278596c2a2	5549	/* header */
wolfSSL	2:28278596c2a2	5550	idx = SetSequence(totalBytes, output);
wolfSSL	2:28278596c2a2	5551	totalBytes += idx;
wolfSSL	2:28278596c2a2	5552	if (totalBytes > ASN_NAME_MAX) {
wolfSSL	2:28278596c2a2	5553	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5554	XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5555	#endif
wolfSSL	2:28278596c2a2	5556	return BUFFER_E;
wolfSSL	2:28278596c2a2	5557	}
wolfSSL	2:28278596c2a2	5558
wolfSSL	2:28278596c2a2	5559	for (i = 0; i < NAME_ENTRIES; i++) {
wolfSSL	2:28278596c2a2	5560	if (names[i].used) {
wolfSSL	2:28278596c2a2	5561	XMEMCPY(output + idx, names[i].encoded, names[i].totalLen);
wolfSSL	2:28278596c2a2	5562	idx += names[i].totalLen;
wolfSSL	2:28278596c2a2	5563	}
wolfSSL	2:28278596c2a2	5564	}
wolfSSL	2:28278596c2a2	5565
wolfSSL	2:28278596c2a2	5566	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5567	XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5568	#endif
wolfSSL	2:28278596c2a2	5569
wolfSSL	2:28278596c2a2	5570	return totalBytes;
wolfSSL	2:28278596c2a2	5571	}
wolfSSL	2:28278596c2a2	5572
wolfSSL	2:28278596c2a2	5573	/* encode info from cert into DER encoded format */
wolfSSL	2:28278596c2a2	5574	static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
wolfSSL	2:28278596c2a2	5575	RNG* rng, const byte* ntruKey, word16 ntruSz)
wolfSSL	2:28278596c2a2	5576	{
wolfSSL	2:28278596c2a2	5577	int ret;
wolfSSL	2:28278596c2a2	5578
wolfSSL	2:28278596c2a2	5579	(void)eccKey;
wolfSSL	2:28278596c2a2	5580	(void)ntruKey;
wolfSSL	2:28278596c2a2	5581	(void)ntruSz;
wolfSSL	2:28278596c2a2	5582
wolfSSL	2:28278596c2a2	5583	/* init */
wolfSSL	2:28278596c2a2	5584	XMEMSET(der, 0, sizeof(DerCert));
wolfSSL	2:28278596c2a2	5585
wolfSSL	2:28278596c2a2	5586	/* version */
wolfSSL	2:28278596c2a2	5587	der->versionSz = SetMyVersion(cert->version, der->version, TRUE);
wolfSSL	2:28278596c2a2	5588
wolfSSL	2:28278596c2a2	5589	/* serial number */
wolfSSL	2:28278596c2a2	5590	ret = wc_RNG_GenerateBlock(rng, cert->serial, CTC_SERIAL_SIZE);
wolfSSL	2:28278596c2a2	5591	if (ret != 0)
wolfSSL	2:28278596c2a2	5592	return ret;
wolfSSL	2:28278596c2a2	5593
wolfSSL	2:28278596c2a2	5594	cert->serial[0] = 0x01; /* ensure positive */
wolfSSL	2:28278596c2a2	5595	der->serialSz = SetSerial(cert->serial, der->serial);
wolfSSL	2:28278596c2a2	5596
wolfSSL	2:28278596c2a2	5597	/* signature algo */
wolfSSL	2:28278596c2a2	5598	der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType, 0);
wolfSSL	2:28278596c2a2	5599	if (der->sigAlgoSz == 0)
wolfSSL	2:28278596c2a2	5600	return ALGO_ID_E;
wolfSSL	2:28278596c2a2	5601
wolfSSL	2:28278596c2a2	5602	/* public key */
wolfSSL	2:28278596c2a2	5603	if (cert->keyType == RSA_KEY) {
wolfSSL	2:28278596c2a2	5604	if (rsaKey == NULL)
wolfSSL	2:28278596c2a2	5605	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	5606	der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey);
wolfSSL	2:28278596c2a2	5607	if (der->publicKeySz <= 0)
wolfSSL	2:28278596c2a2	5608	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	5609	}
wolfSSL	2:28278596c2a2	5610
wolfSSL	2:28278596c2a2	5611	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	5612	if (cert->keyType == ECC_KEY) {
wolfSSL	2:28278596c2a2	5613	if (eccKey == NULL)
wolfSSL	2:28278596c2a2	5614	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	5615	der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey);
wolfSSL	2:28278596c2a2	5616	if (der->publicKeySz <= 0)
wolfSSL	2:28278596c2a2	5617	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	5618	}
wolfSSL	2:28278596c2a2	5619	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	5620
wolfSSL	2:28278596c2a2	5621	#ifdef HAVE_NTRU
wolfSSL	2:28278596c2a2	5622	if (cert->keyType == NTRU_KEY) {
wolfSSL	2:28278596c2a2	5623	word32 rc;
wolfSSL	2:28278596c2a2	5624	word16 encodedSz;
wolfSSL	2:28278596c2a2	5625
wolfSSL	2:28278596c2a2	5626	rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
wolfSSL	2:28278596c2a2	5627	ntruKey, &encodedSz, NULL);
wolfSSL	2:28278596c2a2	5628	if (rc != NTRU_OK)
wolfSSL	2:28278596c2a2	5629	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	5630	if (encodedSz > MAX_PUBLIC_KEY_SZ)
wolfSSL	2:28278596c2a2	5631	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	5632
wolfSSL	2:28278596c2a2	5633	rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz,
wolfSSL	2:28278596c2a2	5634	ntruKey, &encodedSz, der->publicKey);
wolfSSL	2:28278596c2a2	5635	if (rc != NTRU_OK)
wolfSSL	2:28278596c2a2	5636	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	5637
wolfSSL	2:28278596c2a2	5638	der->publicKeySz = encodedSz;
wolfSSL	2:28278596c2a2	5639	}
wolfSSL	2:28278596c2a2	5640	#endif /* HAVE_NTRU */
wolfSSL	2:28278596c2a2	5641
wolfSSL	2:28278596c2a2	5642	der->validitySz = 0;
wolfSSL	2:28278596c2a2	5643	#ifdef WOLFSSL_ALT_NAMES
wolfSSL	2:28278596c2a2	5644	/* date validity copy ? */
wolfSSL	2:28278596c2a2	5645	if (cert->beforeDateSz && cert->afterDateSz) {
wolfSSL	2:28278596c2a2	5646	der->validitySz = CopyValidity(der->validity, cert);
wolfSSL	2:28278596c2a2	5647	if (der->validitySz == 0)
wolfSSL	2:28278596c2a2	5648	return DATE_E;
wolfSSL	2:28278596c2a2	5649	}
wolfSSL	2:28278596c2a2	5650	#endif
wolfSSL	2:28278596c2a2	5651
wolfSSL	2:28278596c2a2	5652	/* date validity */
wolfSSL	2:28278596c2a2	5653	if (der->validitySz == 0) {
wolfSSL	2:28278596c2a2	5654	der->validitySz = SetValidity(der->validity, cert->daysValid);
wolfSSL	2:28278596c2a2	5655	if (der->validitySz == 0)
wolfSSL	2:28278596c2a2	5656	return DATE_E;
wolfSSL	2:28278596c2a2	5657	}
wolfSSL	2:28278596c2a2	5658
wolfSSL	2:28278596c2a2	5659	/* subject name */
wolfSSL	2:28278596c2a2	5660	der->subjectSz = SetName(der->subject, &cert->subject);
wolfSSL	2:28278596c2a2	5661	if (der->subjectSz == 0)
wolfSSL	2:28278596c2a2	5662	return SUBJECT_E;
wolfSSL	2:28278596c2a2	5663
wolfSSL	2:28278596c2a2	5664	/* issuer name */
wolfSSL	2:28278596c2a2	5665	der->issuerSz = SetName(der->issuer, cert->selfSigned ?
wolfSSL	2:28278596c2a2	5666	&cert->subject : &cert->issuer);
wolfSSL	2:28278596c2a2	5667	if (der->issuerSz == 0)
wolfSSL	2:28278596c2a2	5668	return ISSUER_E;
wolfSSL	2:28278596c2a2	5669
wolfSSL	2:28278596c2a2	5670	/* CA */
wolfSSL	2:28278596c2a2	5671	if (cert->isCA) {
wolfSSL	2:28278596c2a2	5672	der->caSz = SetCa(der->ca);
wolfSSL	2:28278596c2a2	5673	if (der->caSz == 0)
wolfSSL	2:28278596c2a2	5674	return CA_TRUE_E;
wolfSSL	2:28278596c2a2	5675	}
wolfSSL	2:28278596c2a2	5676	else
wolfSSL	2:28278596c2a2	5677	der->caSz = 0;
wolfSSL	2:28278596c2a2	5678
wolfSSL	2:28278596c2a2	5679	/* extensions, just CA now */
wolfSSL	2:28278596c2a2	5680	if (cert->isCA) {
wolfSSL	2:28278596c2a2	5681	der->extensionsSz = SetExtensions(der->extensions,
wolfSSL	2:28278596c2a2	5682	der->ca, der->caSz, TRUE);
wolfSSL	2:28278596c2a2	5683	if (der->extensionsSz == 0)
wolfSSL	2:28278596c2a2	5684	return EXTENSIONS_E;
wolfSSL	2:28278596c2a2	5685	}
wolfSSL	2:28278596c2a2	5686	else
wolfSSL	2:28278596c2a2	5687	der->extensionsSz = 0;
wolfSSL	2:28278596c2a2	5688
wolfSSL	2:28278596c2a2	5689	#ifdef WOLFSSL_ALT_NAMES
wolfSSL	2:28278596c2a2	5690	if (der->extensionsSz == 0 && cert->altNamesSz) {
wolfSSL	2:28278596c2a2	5691	der->extensionsSz = SetExtensions(der->extensions, cert->altNames,
wolfSSL	2:28278596c2a2	5692	cert->altNamesSz, TRUE);
wolfSSL	2:28278596c2a2	5693	if (der->extensionsSz == 0)
wolfSSL	2:28278596c2a2	5694	return EXTENSIONS_E;
wolfSSL	2:28278596c2a2	5695	}
wolfSSL	2:28278596c2a2	5696	#endif
wolfSSL	2:28278596c2a2	5697
wolfSSL	2:28278596c2a2	5698	der->total = der->versionSz + der->serialSz + der->sigAlgoSz +
wolfSSL	2:28278596c2a2	5699	der->publicKeySz + der->validitySz + der->subjectSz + der->issuerSz +
wolfSSL	2:28278596c2a2	5700	der->extensionsSz;
wolfSSL	2:28278596c2a2	5701
wolfSSL	2:28278596c2a2	5702	return 0;
wolfSSL	2:28278596c2a2	5703	}
wolfSSL	2:28278596c2a2	5704
wolfSSL	2:28278596c2a2	5705
wolfSSL	2:28278596c2a2	5706	/* write DER encoded cert to buffer, size already checked */
wolfSSL	2:28278596c2a2	5707	static int WriteCertBody(DerCert* der, byte* buffer)
wolfSSL	2:28278596c2a2	5708	{
wolfSSL	2:28278596c2a2	5709	int idx;
wolfSSL	2:28278596c2a2	5710
wolfSSL	2:28278596c2a2	5711	/* signed part header */
wolfSSL	2:28278596c2a2	5712	idx = SetSequence(der->total, buffer);
wolfSSL	2:28278596c2a2	5713	/* version */
wolfSSL	2:28278596c2a2	5714	XMEMCPY(buffer + idx, der->version, der->versionSz);
wolfSSL	2:28278596c2a2	5715	idx += der->versionSz;
wolfSSL	2:28278596c2a2	5716	/* serial */
wolfSSL	2:28278596c2a2	5717	XMEMCPY(buffer + idx, der->serial, der->serialSz);
wolfSSL	2:28278596c2a2	5718	idx += der->serialSz;
wolfSSL	2:28278596c2a2	5719	/* sig algo */
wolfSSL	2:28278596c2a2	5720	XMEMCPY(buffer + idx, der->sigAlgo, der->sigAlgoSz);
wolfSSL	2:28278596c2a2	5721	idx += der->sigAlgoSz;
wolfSSL	2:28278596c2a2	5722	/* issuer */
wolfSSL	2:28278596c2a2	5723	XMEMCPY(buffer + idx, der->issuer, der->issuerSz);
wolfSSL	2:28278596c2a2	5724	idx += der->issuerSz;
wolfSSL	2:28278596c2a2	5725	/* validity */
wolfSSL	2:28278596c2a2	5726	XMEMCPY(buffer + idx, der->validity, der->validitySz);
wolfSSL	2:28278596c2a2	5727	idx += der->validitySz;
wolfSSL	2:28278596c2a2	5728	/* subject */
wolfSSL	2:28278596c2a2	5729	XMEMCPY(buffer + idx, der->subject, der->subjectSz);
wolfSSL	2:28278596c2a2	5730	idx += der->subjectSz;
wolfSSL	2:28278596c2a2	5731	/* public key */
wolfSSL	2:28278596c2a2	5732	XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz);
wolfSSL	2:28278596c2a2	5733	idx += der->publicKeySz;
wolfSSL	2:28278596c2a2	5734	if (der->extensionsSz) {
wolfSSL	2:28278596c2a2	5735	/* extensions */
wolfSSL	2:28278596c2a2	5736	XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
wolfSSL	2:28278596c2a2	5737	sizeof(der->extensions)));
wolfSSL	2:28278596c2a2	5738	idx += der->extensionsSz;
wolfSSL	2:28278596c2a2	5739	}
wolfSSL	2:28278596c2a2	5740
wolfSSL	2:28278596c2a2	5741	return idx;
wolfSSL	2:28278596c2a2	5742	}
wolfSSL	2:28278596c2a2	5743
wolfSSL	2:28278596c2a2	5744
wolfSSL	2:28278596c2a2	5745	/* Make RSA signature from buffer (sz), write to sig (sigSz) */
wolfSSL	2:28278596c2a2	5746	static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz,
wolfSSL	2:28278596c2a2	5747	RsaKey* rsaKey, ecc_key* eccKey, RNG* rng,
wolfSSL	2:28278596c2a2	5748	int sigAlgoType)
wolfSSL	2:28278596c2a2	5749	{
wolfSSL	2:28278596c2a2	5750	int encSigSz, digestSz, typeH = 0, ret = 0;
wolfSSL	2:28278596c2a2	5751	byte digest[SHA256_DIGEST_SIZE]; /* max size */
wolfSSL	2:28278596c2a2	5752	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5753	byte* encSig;
wolfSSL	2:28278596c2a2	5754	#else
wolfSSL	2:28278596c2a2	5755	byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	5756	#endif
wolfSSL	2:28278596c2a2	5757
wolfSSL	2:28278596c2a2	5758	(void)digest;
wolfSSL	2:28278596c2a2	5759	(void)digestSz;
wolfSSL	2:28278596c2a2	5760	(void)encSig;
wolfSSL	2:28278596c2a2	5761	(void)encSigSz;
wolfSSL	2:28278596c2a2	5762	(void)typeH;
wolfSSL	2:28278596c2a2	5763
wolfSSL	2:28278596c2a2	5764	(void)buffer;
wolfSSL	2:28278596c2a2	5765	(void)sz;
wolfSSL	2:28278596c2a2	5766	(void)sig;
wolfSSL	2:28278596c2a2	5767	(void)sigSz;
wolfSSL	2:28278596c2a2	5768	(void)rsaKey;
wolfSSL	2:28278596c2a2	5769	(void)eccKey;
wolfSSL	2:28278596c2a2	5770	(void)rng;
wolfSSL	2:28278596c2a2	5771
wolfSSL	2:28278596c2a2	5772	switch (sigAlgoType) {
wolfSSL	2:28278596c2a2	5773	#ifndef NO_MD5
wolfSSL	2:28278596c2a2	5774	case CTC_MD5wRSA:
wolfSSL	2:28278596c2a2	5775	if ((ret = wc_Md5Hash(buffer, sz, digest)) == 0) {
wolfSSL	2:28278596c2a2	5776	typeH = MD5h;
wolfSSL	2:28278596c2a2	5777	digestSz = MD5_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	5778	}
wolfSSL	2:28278596c2a2	5779	break;
wolfSSL	2:28278596c2a2	5780	#endif
wolfSSL	2:28278596c2a2	5781	#ifndef NO_SHA
wolfSSL	2:28278596c2a2	5782	case CTC_SHAwRSA:
wolfSSL	2:28278596c2a2	5783	case CTC_SHAwECDSA:
wolfSSL	2:28278596c2a2	5784	if ((ret = wc_ShaHash(buffer, sz, digest)) == 0) {
wolfSSL	2:28278596c2a2	5785	typeH = SHAh;
wolfSSL	2:28278596c2a2	5786	digestSz = SHA_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	5787	}
wolfSSL	2:28278596c2a2	5788	break;
wolfSSL	2:28278596c2a2	5789	#endif
wolfSSL	2:28278596c2a2	5790	#ifndef NO_SHA256
wolfSSL	2:28278596c2a2	5791	case CTC_SHA256wRSA:
wolfSSL	2:28278596c2a2	5792	case CTC_SHA256wECDSA:
wolfSSL	2:28278596c2a2	5793	if ((ret = wc_Sha256Hash(buffer, sz, digest)) == 0) {
wolfSSL	2:28278596c2a2	5794	typeH = SHA256h;
wolfSSL	2:28278596c2a2	5795	digestSz = SHA256_DIGEST_SIZE;
wolfSSL	2:28278596c2a2	5796	}
wolfSSL	2:28278596c2a2	5797	break;
wolfSSL	2:28278596c2a2	5798	#endif
wolfSSL	2:28278596c2a2	5799	default:
wolfSSL	2:28278596c2a2	5800	WOLFSSL_MSG("MakeSignautre called with unsupported type");
wolfSSL	2:28278596c2a2	5801	ret = ALGO_ID_E;
wolfSSL	2:28278596c2a2	5802	}
wolfSSL	2:28278596c2a2	5803
wolfSSL	2:28278596c2a2	5804	if (ret != 0)
wolfSSL	2:28278596c2a2	5805	return ret;
wolfSSL	2:28278596c2a2	5806
wolfSSL	2:28278596c2a2	5807	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5808	encSig = (byte*)XMALLOC(MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ,
wolfSSL	2:28278596c2a2	5809	NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5810	if (encSig == NULL)
wolfSSL	2:28278596c2a2	5811	return MEMORY_E;
wolfSSL	2:28278596c2a2	5812	#endif
wolfSSL	2:28278596c2a2	5813
wolfSSL	2:28278596c2a2	5814	ret = ALGO_ID_E;
wolfSSL	2:28278596c2a2	5815
wolfSSL	2:28278596c2a2	5816	#ifndef NO_RSA
wolfSSL	2:28278596c2a2	5817	if (rsaKey) {
wolfSSL	2:28278596c2a2	5818	/* signature */
wolfSSL	2:28278596c2a2	5819	encSigSz = wc_EncodeSignature(encSig, digest, digestSz, typeH);
wolfSSL	2:28278596c2a2	5820	ret = wc_RsaSSL_Sign(encSig, encSigSz, sig, sigSz, rsaKey, rng);
wolfSSL	2:28278596c2a2	5821	}
wolfSSL	2:28278596c2a2	5822	#endif
wolfSSL	2:28278596c2a2	5823
wolfSSL	2:28278596c2a2	5824	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	5825	if (!rsaKey && eccKey) {
wolfSSL	2:28278596c2a2	5826	word32 outSz = sigSz;
wolfSSL	2:28278596c2a2	5827	ret = wc_ecc_sign_hash(digest, digestSz, sig, &outSz, rng, eccKey);
wolfSSL	2:28278596c2a2	5828
wolfSSL	2:28278596c2a2	5829	if (ret == 0)
wolfSSL	2:28278596c2a2	5830	ret = outSz;
wolfSSL	2:28278596c2a2	5831	}
wolfSSL	2:28278596c2a2	5832	#endif
wolfSSL	2:28278596c2a2	5833
wolfSSL	2:28278596c2a2	5834	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5835	XFREE(encSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5836	#endif
wolfSSL	2:28278596c2a2	5837
wolfSSL	2:28278596c2a2	5838	return ret;
wolfSSL	2:28278596c2a2	5839	}
wolfSSL	2:28278596c2a2	5840
wolfSSL	2:28278596c2a2	5841
wolfSSL	2:28278596c2a2	5842	/* add signature to end of buffer, size of buffer assumed checked, return
wolfSSL	2:28278596c2a2	5843	new length */
wolfSSL	2:28278596c2a2	5844	static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz,
wolfSSL	2:28278596c2a2	5845	int sigAlgoType)
wolfSSL	2:28278596c2a2	5846	{
wolfSSL	2:28278596c2a2	5847	byte seq[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	5848	int idx = bodySz, seqSz;
wolfSSL	2:28278596c2a2	5849
wolfSSL	2:28278596c2a2	5850	/* algo */
wolfSSL	2:28278596c2a2	5851	idx += SetAlgoID(sigAlgoType, buffer + idx, sigType, 0);
wolfSSL	2:28278596c2a2	5852	/* bit string */
wolfSSL	2:28278596c2a2	5853	buffer[idx++] = ASN_BIT_STRING;
wolfSSL	2:28278596c2a2	5854	/* length */
wolfSSL	2:28278596c2a2	5855	idx += SetLength(sigSz + 1, buffer + idx);
wolfSSL	2:28278596c2a2	5856	buffer[idx++] = 0; /* trailing 0 */
wolfSSL	2:28278596c2a2	5857	/* signature */
wolfSSL	2:28278596c2a2	5858	XMEMCPY(buffer + idx, sig, sigSz);
wolfSSL	2:28278596c2a2	5859	idx += sigSz;
wolfSSL	2:28278596c2a2	5860
wolfSSL	2:28278596c2a2	5861	/* make room for overall header */
wolfSSL	2:28278596c2a2	5862	seqSz = SetSequence(idx, seq);
wolfSSL	2:28278596c2a2	5863	XMEMMOVE(buffer + seqSz, buffer, idx);
wolfSSL	2:28278596c2a2	5864	XMEMCPY(buffer, seq, seqSz);
wolfSSL	2:28278596c2a2	5865
wolfSSL	2:28278596c2a2	5866	return idx + seqSz;
wolfSSL	2:28278596c2a2	5867	}
wolfSSL	2:28278596c2a2	5868
wolfSSL	2:28278596c2a2	5869
wolfSSL	2:28278596c2a2	5870	/* Make an x509 Certificate v3 any key type from cert input, write to buffer */
wolfSSL	2:28278596c2a2	5871	static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
wolfSSL	2:28278596c2a2	5872	RsaKey* rsaKey, ecc_key* eccKey, RNG* rng,
wolfSSL	2:28278596c2a2	5873	const byte* ntruKey, word16 ntruSz)
wolfSSL	2:28278596c2a2	5874	{
wolfSSL	2:28278596c2a2	5875	int ret;
wolfSSL	2:28278596c2a2	5876	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5877	DerCert* der;
wolfSSL	2:28278596c2a2	5878	#else
wolfSSL	2:28278596c2a2	5879	DerCert der[1];
wolfSSL	2:28278596c2a2	5880	#endif
wolfSSL	2:28278596c2a2	5881
wolfSSL	2:28278596c2a2	5882	cert->keyType = eccKey ? ECC_KEY : (rsaKey ? RSA_KEY : NTRU_KEY);
wolfSSL	2:28278596c2a2	5883
wolfSSL	2:28278596c2a2	5884	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5885	der = (DerCert*)XMALLOC(sizeof(DerCert), NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5886	if (der == NULL)
wolfSSL	2:28278596c2a2	5887	return MEMORY_E;
wolfSSL	2:28278596c2a2	5888	#endif
wolfSSL	2:28278596c2a2	5889
wolfSSL	2:28278596c2a2	5890	ret = EncodeCert(cert, der, rsaKey, eccKey, rng, ntruKey, ntruSz);
wolfSSL	2:28278596c2a2	5891
wolfSSL	2:28278596c2a2	5892	if (ret == 0) {
wolfSSL	2:28278596c2a2	5893	if (der->total + MAX_SEQ_SZ * 2 > (int)derSz)
wolfSSL	2:28278596c2a2	5894	ret = BUFFER_E;
wolfSSL	2:28278596c2a2	5895	else
wolfSSL	2:28278596c2a2	5896	ret = cert->bodySz = WriteCertBody(der, derBuffer);
wolfSSL	2:28278596c2a2	5897	}
wolfSSL	2:28278596c2a2	5898
wolfSSL	2:28278596c2a2	5899	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	5900	XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	5901	#endif
wolfSSL	2:28278596c2a2	5902
wolfSSL	2:28278596c2a2	5903	return ret;
wolfSSL	2:28278596c2a2	5904	}
wolfSSL	2:28278596c2a2	5905
wolfSSL	2:28278596c2a2	5906
wolfSSL	2:28278596c2a2	5907	/* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */
wolfSSL	2:28278596c2a2	5908	int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
wolfSSL	2:28278596c2a2	5909	ecc_key* eccKey, RNG* rng)
wolfSSL	2:28278596c2a2	5910	{
wolfSSL	2:28278596c2a2	5911	return MakeAnyCert(cert, derBuffer, derSz, rsaKey, eccKey, rng, NULL, 0);
wolfSSL	2:28278596c2a2	5912	}
wolfSSL	2:28278596c2a2	5913
wolfSSL	2:28278596c2a2	5914
wolfSSL	2:28278596c2a2	5915	#ifdef HAVE_NTRU
wolfSSL	2:28278596c2a2	5916
wolfSSL	2:28278596c2a2	5917	int wc_MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz,
wolfSSL	2:28278596c2a2	5918	const byte* ntruKey, word16 keySz, RNG* rng)
wolfSSL	2:28278596c2a2	5919	{
wolfSSL	2:28278596c2a2	5920	return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng, ntruKey, keySz);
wolfSSL	2:28278596c2a2	5921	}
wolfSSL	2:28278596c2a2	5922
wolfSSL	2:28278596c2a2	5923	#endif /* HAVE_NTRU */
wolfSSL	2:28278596c2a2	5924
wolfSSL	2:28278596c2a2	5925
wolfSSL	2:28278596c2a2	5926	#ifdef WOLFSSL_CERT_REQ
wolfSSL	2:28278596c2a2	5927
wolfSSL	2:28278596c2a2	5928	static int SetReqAttrib(byte* output, char* pw, int extSz)
wolfSSL	2:28278596c2a2	5929	{
wolfSSL	2:28278596c2a2	5930	static const byte cpOid[] =
wolfSSL	2:28278596c2a2	5931	{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
wolfSSL	2:28278596c2a2	5932	0x09, 0x07 };
wolfSSL	2:28278596c2a2	5933	static const byte erOid[] =
wolfSSL	2:28278596c2a2	5934	{ ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
wolfSSL	2:28278596c2a2	5935	0x09, 0x0e };
wolfSSL	2:28278596c2a2	5936
wolfSSL	2:28278596c2a2	5937	int sz = 0; /* overall size */
wolfSSL	2:28278596c2a2	5938	int cpSz = 0; /* Challenge Password section size */
wolfSSL	2:28278596c2a2	5939	int cpSeqSz = 0;
wolfSSL	2:28278596c2a2	5940	int cpSetSz = 0;
wolfSSL	2:28278596c2a2	5941	int cpStrSz = 0;
wolfSSL	2:28278596c2a2	5942	int pwSz = 0;
wolfSSL	2:28278596c2a2	5943	int erSz = 0; /* Extension Request section size */
wolfSSL	2:28278596c2a2	5944	int erSeqSz = 0;
wolfSSL	2:28278596c2a2	5945	int erSetSz = 0;
wolfSSL	2:28278596c2a2	5946	byte cpSeq[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	5947	byte cpSet[MAX_SET_SZ];
wolfSSL	2:28278596c2a2	5948	byte cpStr[MAX_PRSTR_SZ];
wolfSSL	2:28278596c2a2	5949	byte erSeq[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	5950	byte erSet[MAX_SET_SZ];
wolfSSL	2:28278596c2a2	5951
wolfSSL	2:28278596c2a2	5952	output[0] = 0xa0;
wolfSSL	2:28278596c2a2	5953	sz++;
wolfSSL	2:28278596c2a2	5954
wolfSSL	2:28278596c2a2	5955	if (pw && pw[0]) {
wolfSSL	2:28278596c2a2	5956	pwSz = (int)XSTRLEN(pw);
wolfSSL	2:28278596c2a2	5957	cpStrSz = SetUTF8String(pwSz, cpStr);
wolfSSL	2:28278596c2a2	5958	cpSetSz = SetSet(cpStrSz + pwSz, cpSet);
wolfSSL	2:28278596c2a2	5959	cpSeqSz = SetSequence(sizeof(cpOid) + cpSetSz + cpStrSz + pwSz, cpSeq);
wolfSSL	2:28278596c2a2	5960	cpSz = cpSeqSz + sizeof(cpOid) + cpSetSz + cpStrSz + pwSz;
wolfSSL	2:28278596c2a2	5961	}
wolfSSL	2:28278596c2a2	5962
wolfSSL	2:28278596c2a2	5963	if (extSz) {
wolfSSL	2:28278596c2a2	5964	erSetSz = SetSet(extSz, erSet);
wolfSSL	2:28278596c2a2	5965	erSeqSz = SetSequence(erSetSz + sizeof(erOid) + extSz, erSeq);
wolfSSL	2:28278596c2a2	5966	erSz = extSz + erSetSz + erSeqSz + sizeof(erOid);
wolfSSL	2:28278596c2a2	5967	}
wolfSSL	2:28278596c2a2	5968
wolfSSL	2:28278596c2a2	5969	/* Put the pieces together. */
wolfSSL	2:28278596c2a2	5970	sz += SetLength(cpSz + erSz, &output[sz]);
wolfSSL	2:28278596c2a2	5971
wolfSSL	2:28278596c2a2	5972	if (cpSz) {
wolfSSL	2:28278596c2a2	5973	XMEMCPY(&output[sz], cpSeq, cpSeqSz);
wolfSSL	2:28278596c2a2	5974	sz += cpSeqSz;
wolfSSL	2:28278596c2a2	5975	XMEMCPY(&output[sz], cpOid, sizeof(cpOid));
wolfSSL	2:28278596c2a2	5976	sz += sizeof(cpOid);
wolfSSL	2:28278596c2a2	5977	XMEMCPY(&output[sz], cpSet, cpSetSz);
wolfSSL	2:28278596c2a2	5978	sz += cpSetSz;
wolfSSL	2:28278596c2a2	5979	XMEMCPY(&output[sz], cpStr, cpStrSz);
wolfSSL	2:28278596c2a2	5980	sz += cpStrSz;
wolfSSL	2:28278596c2a2	5981	XMEMCPY(&output[sz], pw, pwSz);
wolfSSL	2:28278596c2a2	5982	sz += pwSz;
wolfSSL	2:28278596c2a2	5983	}
wolfSSL	2:28278596c2a2	5984
wolfSSL	2:28278596c2a2	5985	if (erSz) {
wolfSSL	2:28278596c2a2	5986	XMEMCPY(&output[sz], erSeq, erSeqSz);
wolfSSL	2:28278596c2a2	5987	sz += erSeqSz;
wolfSSL	2:28278596c2a2	5988	XMEMCPY(&output[sz], erOid, sizeof(erOid));
wolfSSL	2:28278596c2a2	5989	sz += sizeof(erOid);
wolfSSL	2:28278596c2a2	5990	XMEMCPY(&output[sz], erSet, erSetSz);
wolfSSL	2:28278596c2a2	5991	sz += erSetSz;
wolfSSL	2:28278596c2a2	5992	/* The actual extension data will be tacked onto the output later. */
wolfSSL	2:28278596c2a2	5993	}
wolfSSL	2:28278596c2a2	5994
wolfSSL	2:28278596c2a2	5995	return sz;
wolfSSL	2:28278596c2a2	5996	}
wolfSSL	2:28278596c2a2	5997
wolfSSL	2:28278596c2a2	5998
wolfSSL	2:28278596c2a2	5999	/* encode info from cert into DER encoded format */
wolfSSL	2:28278596c2a2	6000	static int EncodeCertReq(Cert* cert, DerCert* der,
wolfSSL	2:28278596c2a2	6001	RsaKey* rsaKey, ecc_key* eccKey)
wolfSSL	2:28278596c2a2	6002	{
wolfSSL	2:28278596c2a2	6003	(void)eccKey;
wolfSSL	2:28278596c2a2	6004
wolfSSL	2:28278596c2a2	6005	/* init */
wolfSSL	2:28278596c2a2	6006	XMEMSET(der, 0, sizeof(DerCert));
wolfSSL	2:28278596c2a2	6007
wolfSSL	2:28278596c2a2	6008	/* version */
wolfSSL	2:28278596c2a2	6009	der->versionSz = SetMyVersion(cert->version, der->version, FALSE);
wolfSSL	2:28278596c2a2	6010
wolfSSL	2:28278596c2a2	6011	/* subject name */
wolfSSL	2:28278596c2a2	6012	der->subjectSz = SetName(der->subject, &cert->subject);
wolfSSL	2:28278596c2a2	6013	if (der->subjectSz == 0)
wolfSSL	2:28278596c2a2	6014	return SUBJECT_E;
wolfSSL	2:28278596c2a2	6015
wolfSSL	2:28278596c2a2	6016	/* public key */
wolfSSL	2:28278596c2a2	6017	if (cert->keyType == RSA_KEY) {
wolfSSL	2:28278596c2a2	6018	if (rsaKey == NULL)
wolfSSL	2:28278596c2a2	6019	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	6020	der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey);
wolfSSL	2:28278596c2a2	6021	if (der->publicKeySz <= 0)
wolfSSL	2:28278596c2a2	6022	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	6023	}
wolfSSL	2:28278596c2a2	6024
wolfSSL	2:28278596c2a2	6025	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	6026	if (cert->keyType == ECC_KEY) {
wolfSSL	2:28278596c2a2	6027	if (eccKey == NULL)
wolfSSL	2:28278596c2a2	6028	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	6029	der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey);
wolfSSL	2:28278596c2a2	6030	if (der->publicKeySz <= 0)
wolfSSL	2:28278596c2a2	6031	return PUBLIC_KEY_E;
wolfSSL	2:28278596c2a2	6032	}
wolfSSL	2:28278596c2a2	6033	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	6034
wolfSSL	2:28278596c2a2	6035	/* CA */
wolfSSL	2:28278596c2a2	6036	if (cert->isCA) {
wolfSSL	2:28278596c2a2	6037	der->caSz = SetCa(der->ca);
wolfSSL	2:28278596c2a2	6038	if (der->caSz == 0)
wolfSSL	2:28278596c2a2	6039	return CA_TRUE_E;
wolfSSL	2:28278596c2a2	6040	}
wolfSSL	2:28278596c2a2	6041	else
wolfSSL	2:28278596c2a2	6042	der->caSz = 0;
wolfSSL	2:28278596c2a2	6043
wolfSSL	2:28278596c2a2	6044	/* extensions, just CA now */
wolfSSL	2:28278596c2a2	6045	if (cert->isCA) {
wolfSSL	2:28278596c2a2	6046	der->extensionsSz = SetExtensions(der->extensions,
wolfSSL	2:28278596c2a2	6047	der->ca, der->caSz, FALSE);
wolfSSL	2:28278596c2a2	6048	if (der->extensionsSz == 0)
wolfSSL	2:28278596c2a2	6049	return EXTENSIONS_E;
wolfSSL	2:28278596c2a2	6050	}
wolfSSL	2:28278596c2a2	6051	else
wolfSSL	2:28278596c2a2	6052	der->extensionsSz = 0;
wolfSSL	2:28278596c2a2	6053
wolfSSL	2:28278596c2a2	6054	der->attribSz = SetReqAttrib(der->attrib,
wolfSSL	2:28278596c2a2	6055	cert->challengePw, der->extensionsSz);
wolfSSL	2:28278596c2a2	6056	if (der->attribSz == 0)
wolfSSL	2:28278596c2a2	6057	return REQ_ATTRIBUTE_E;
wolfSSL	2:28278596c2a2	6058
wolfSSL	2:28278596c2a2	6059	der->total = der->versionSz + der->subjectSz + der->publicKeySz +
wolfSSL	2:28278596c2a2	6060	der->extensionsSz + der->attribSz;
wolfSSL	2:28278596c2a2	6061
wolfSSL	2:28278596c2a2	6062	return 0;
wolfSSL	2:28278596c2a2	6063	}
wolfSSL	2:28278596c2a2	6064
wolfSSL	2:28278596c2a2	6065
wolfSSL	2:28278596c2a2	6066	/* write DER encoded cert req to buffer, size already checked */
wolfSSL	2:28278596c2a2	6067	static int WriteCertReqBody(DerCert* der, byte* buffer)
wolfSSL	2:28278596c2a2	6068	{
wolfSSL	2:28278596c2a2	6069	int idx;
wolfSSL	2:28278596c2a2	6070
wolfSSL	2:28278596c2a2	6071	/* signed part header */
wolfSSL	2:28278596c2a2	6072	idx = SetSequence(der->total, buffer);
wolfSSL	2:28278596c2a2	6073	/* version */
wolfSSL	2:28278596c2a2	6074	XMEMCPY(buffer + idx, der->version, der->versionSz);
wolfSSL	2:28278596c2a2	6075	idx += der->versionSz;
wolfSSL	2:28278596c2a2	6076	/* subject */
wolfSSL	2:28278596c2a2	6077	XMEMCPY(buffer + idx, der->subject, der->subjectSz);
wolfSSL	2:28278596c2a2	6078	idx += der->subjectSz;
wolfSSL	2:28278596c2a2	6079	/* public key */
wolfSSL	2:28278596c2a2	6080	XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz);
wolfSSL	2:28278596c2a2	6081	idx += der->publicKeySz;
wolfSSL	2:28278596c2a2	6082	/* attributes */
wolfSSL	2:28278596c2a2	6083	XMEMCPY(buffer + idx, der->attrib, der->attribSz);
wolfSSL	2:28278596c2a2	6084	idx += der->attribSz;
wolfSSL	2:28278596c2a2	6085	/* extensions */
wolfSSL	2:28278596c2a2	6086	if (der->extensionsSz) {
wolfSSL	2:28278596c2a2	6087	XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz,
wolfSSL	2:28278596c2a2	6088	sizeof(der->extensions)));
wolfSSL	2:28278596c2a2	6089	idx += der->extensionsSz;
wolfSSL	2:28278596c2a2	6090	}
wolfSSL	2:28278596c2a2	6091
wolfSSL	2:28278596c2a2	6092	return idx;
wolfSSL	2:28278596c2a2	6093	}
wolfSSL	2:28278596c2a2	6094
wolfSSL	2:28278596c2a2	6095
wolfSSL	2:28278596c2a2	6096	int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
wolfSSL	2:28278596c2a2	6097	RsaKey* rsaKey, ecc_key* eccKey)
wolfSSL	2:28278596c2a2	6098	{
wolfSSL	2:28278596c2a2	6099	int ret;
wolfSSL	2:28278596c2a2	6100	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6101	DerCert* der;
wolfSSL	2:28278596c2a2	6102	#else
wolfSSL	2:28278596c2a2	6103	DerCert der[1];
wolfSSL	2:28278596c2a2	6104	#endif
wolfSSL	2:28278596c2a2	6105
wolfSSL	2:28278596c2a2	6106	cert->keyType = eccKey ? ECC_KEY : RSA_KEY;
wolfSSL	2:28278596c2a2	6107
wolfSSL	2:28278596c2a2	6108	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6109	der = (DerCert*)XMALLOC(sizeof(DerCert), NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6110	if (der == NULL)
wolfSSL	2:28278596c2a2	6111	return MEMORY_E;
wolfSSL	2:28278596c2a2	6112	#endif
wolfSSL	2:28278596c2a2	6113
wolfSSL	2:28278596c2a2	6114	ret = EncodeCertReq(cert, der, rsaKey, eccKey);
wolfSSL	2:28278596c2a2	6115
wolfSSL	2:28278596c2a2	6116	if (ret == 0) {
wolfSSL	2:28278596c2a2	6117	if (der->total + MAX_SEQ_SZ * 2 > (int)derSz)
wolfSSL	2:28278596c2a2	6118	ret = BUFFER_E;
wolfSSL	2:28278596c2a2	6119	else
wolfSSL	2:28278596c2a2	6120	ret = cert->bodySz = WriteCertReqBody(der, derBuffer);
wolfSSL	2:28278596c2a2	6121	}
wolfSSL	2:28278596c2a2	6122
wolfSSL	2:28278596c2a2	6123	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6124	XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6125	#endif
wolfSSL	2:28278596c2a2	6126
wolfSSL	2:28278596c2a2	6127	return ret;
wolfSSL	2:28278596c2a2	6128	}
wolfSSL	2:28278596c2a2	6129
wolfSSL	2:28278596c2a2	6130	#endif /* WOLFSSL_CERT_REQ */
wolfSSL	2:28278596c2a2	6131
wolfSSL	2:28278596c2a2	6132
wolfSSL	2:28278596c2a2	6133	int wc_SignCert(int requestSz, int sType, byte* buffer, word32 buffSz,
wolfSSL	2:28278596c2a2	6134	RsaKey* rsaKey, ecc_key* eccKey, RNG* rng)
wolfSSL	2:28278596c2a2	6135	{
wolfSSL	2:28278596c2a2	6136	int sigSz;
wolfSSL	2:28278596c2a2	6137	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6138	byte* sig;
wolfSSL	2:28278596c2a2	6139	#else
wolfSSL	2:28278596c2a2	6140	byte sig[MAX_ENCODED_SIG_SZ];
wolfSSL	2:28278596c2a2	6141	#endif
wolfSSL	2:28278596c2a2	6142
wolfSSL	2:28278596c2a2	6143	if (requestSz < 0)
wolfSSL	2:28278596c2a2	6144	return requestSz;
wolfSSL	2:28278596c2a2	6145
wolfSSL	2:28278596c2a2	6146	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6147	sig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6148	if (sig == NULL)
wolfSSL	2:28278596c2a2	6149	return MEMORY_E;
wolfSSL	2:28278596c2a2	6150	#endif
wolfSSL	2:28278596c2a2	6151
wolfSSL	2:28278596c2a2	6152	sigSz = MakeSignature(buffer, requestSz, sig, MAX_ENCODED_SIG_SZ, rsaKey,
wolfSSL	2:28278596c2a2	6153	eccKey, rng, sType);
wolfSSL	2:28278596c2a2	6154
wolfSSL	2:28278596c2a2	6155	if (sigSz >= 0) {
wolfSSL	2:28278596c2a2	6156	if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz)
wolfSSL	2:28278596c2a2	6157	sigSz = BUFFER_E;
wolfSSL	2:28278596c2a2	6158	else
wolfSSL	2:28278596c2a2	6159	sigSz = AddSignature(buffer, requestSz, sig, sigSz, sType);
wolfSSL	2:28278596c2a2	6160	}
wolfSSL	2:28278596c2a2	6161
wolfSSL	2:28278596c2a2	6162	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6163	XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6164	#endif
wolfSSL	2:28278596c2a2	6165
wolfSSL	2:28278596c2a2	6166	return sigSz;
wolfSSL	2:28278596c2a2	6167	}
wolfSSL	2:28278596c2a2	6168
wolfSSL	2:28278596c2a2	6169
wolfSSL	2:28278596c2a2	6170	int wc_MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng)
wolfSSL	2:28278596c2a2	6171	{
wolfSSL	2:28278596c2a2	6172	int ret = wc_MakeCert(cert, buffer, buffSz, key, NULL, rng);
wolfSSL	2:28278596c2a2	6173
wolfSSL	2:28278596c2a2	6174	if (ret < 0)
wolfSSL	2:28278596c2a2	6175	return ret;
wolfSSL	2:28278596c2a2	6176
wolfSSL	2:28278596c2a2	6177	return wc_SignCert(cert->bodySz, cert->sigType, buffer, buffSz, key, NULL,rng);
wolfSSL	2:28278596c2a2	6178	}
wolfSSL	2:28278596c2a2	6179
wolfSSL	2:28278596c2a2	6180
wolfSSL	2:28278596c2a2	6181	#ifdef WOLFSSL_ALT_NAMES
wolfSSL	2:28278596c2a2	6182
wolfSSL	2:28278596c2a2	6183	/* Set Alt Names from der cert, return 0 on success */
wolfSSL	2:28278596c2a2	6184	static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
wolfSSL	2:28278596c2a2	6185	{
wolfSSL	2:28278596c2a2	6186	int ret;
wolfSSL	2:28278596c2a2	6187	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6188	DecodedCert* decoded;
wolfSSL	2:28278596c2a2	6189	#else
wolfSSL	2:28278596c2a2	6190	DecodedCert decoded[1];
wolfSSL	2:28278596c2a2	6191	#endif
wolfSSL	2:28278596c2a2	6192
wolfSSL	2:28278596c2a2	6193	if (derSz < 0)
wolfSSL	2:28278596c2a2	6194	return derSz;
wolfSSL	2:28278596c2a2	6195
wolfSSL	2:28278596c2a2	6196	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6197	decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
wolfSSL	2:28278596c2a2	6198	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6199	if (decoded == NULL)
wolfSSL	2:28278596c2a2	6200	return MEMORY_E;
wolfSSL	2:28278596c2a2	6201	#endif
wolfSSL	2:28278596c2a2	6202
wolfSSL	2:28278596c2a2	6203	InitDecodedCert(decoded, (byte*)der, derSz, 0);
wolfSSL	2:28278596c2a2	6204	ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
wolfSSL	2:28278596c2a2	6205
wolfSSL	2:28278596c2a2	6206	if (ret < 0) {
wolfSSL	2:28278596c2a2	6207	WOLFSSL_MSG("ParseCertRelative error");
wolfSSL	2:28278596c2a2	6208	}
wolfSSL	2:28278596c2a2	6209	else if (decoded->extensions) {
wolfSSL	2:28278596c2a2	6210	byte b;
wolfSSL	2:28278596c2a2	6211	int length;
wolfSSL	2:28278596c2a2	6212	word32 maxExtensionsIdx;
wolfSSL	2:28278596c2a2	6213
wolfSSL	2:28278596c2a2	6214	decoded->srcIdx = decoded->extensionsIdx;
wolfSSL	2:28278596c2a2	6215	b = decoded->source[decoded->srcIdx++];
wolfSSL	2:28278596c2a2	6216
wolfSSL	2:28278596c2a2	6217	if (b != ASN_EXTENSIONS) {
wolfSSL	2:28278596c2a2	6218	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6219	}
wolfSSL	2:28278596c2a2	6220	else if (GetLength(decoded->source, &decoded->srcIdx, &length,
wolfSSL	2:28278596c2a2	6221	decoded->maxIdx) < 0) {
wolfSSL	2:28278596c2a2	6222	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6223	}
wolfSSL	2:28278596c2a2	6224	else if (GetSequence(decoded->source, &decoded->srcIdx, &length,
wolfSSL	2:28278596c2a2	6225	decoded->maxIdx) < 0) {
wolfSSL	2:28278596c2a2	6226	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6227	}
wolfSSL	2:28278596c2a2	6228	else {
wolfSSL	2:28278596c2a2	6229	maxExtensionsIdx = decoded->srcIdx + length;
wolfSSL	2:28278596c2a2	6230
wolfSSL	2:28278596c2a2	6231	while (decoded->srcIdx < maxExtensionsIdx) {
wolfSSL	2:28278596c2a2	6232	word32 oid;
wolfSSL	2:28278596c2a2	6233	word32 startIdx = decoded->srcIdx;
wolfSSL	2:28278596c2a2	6234	word32 tmpIdx;
wolfSSL	2:28278596c2a2	6235
wolfSSL	2:28278596c2a2	6236	if (GetSequence(decoded->source, &decoded->srcIdx, &length,
wolfSSL	2:28278596c2a2	6237	decoded->maxIdx) < 0) {
wolfSSL	2:28278596c2a2	6238	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6239	break;
wolfSSL	2:28278596c2a2	6240	}
wolfSSL	2:28278596c2a2	6241
wolfSSL	2:28278596c2a2	6242	tmpIdx = decoded->srcIdx;
wolfSSL	2:28278596c2a2	6243	decoded->srcIdx = startIdx;
wolfSSL	2:28278596c2a2	6244
wolfSSL	2:28278596c2a2	6245	if (GetAlgoId(decoded->source, &decoded->srcIdx, &oid,
wolfSSL	2:28278596c2a2	6246	decoded->maxIdx) < 0) {
wolfSSL	2:28278596c2a2	6247	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6248	break;
wolfSSL	2:28278596c2a2	6249	}
wolfSSL	2:28278596c2a2	6250
wolfSSL	2:28278596c2a2	6251	if (oid == ALT_NAMES_OID) {
wolfSSL	2:28278596c2a2	6252	cert->altNamesSz = length + (tmpIdx - startIdx);
wolfSSL	2:28278596c2a2	6253
wolfSSL	2:28278596c2a2	6254	if (cert->altNamesSz < (int)sizeof(cert->altNames))
wolfSSL	2:28278596c2a2	6255	XMEMCPY(cert->altNames, &decoded->source[startIdx],
wolfSSL	2:28278596c2a2	6256	cert->altNamesSz);
wolfSSL	2:28278596c2a2	6257	else {
wolfSSL	2:28278596c2a2	6258	cert->altNamesSz = 0;
wolfSSL	2:28278596c2a2	6259	WOLFSSL_MSG("AltNames extensions too big");
wolfSSL	2:28278596c2a2	6260	ret = ALT_NAME_E;
wolfSSL	2:28278596c2a2	6261	break;
wolfSSL	2:28278596c2a2	6262	}
wolfSSL	2:28278596c2a2	6263	}
wolfSSL	2:28278596c2a2	6264	decoded->srcIdx = tmpIdx + length;
wolfSSL	2:28278596c2a2	6265	}
wolfSSL	2:28278596c2a2	6266	}
wolfSSL	2:28278596c2a2	6267	}
wolfSSL	2:28278596c2a2	6268
wolfSSL	2:28278596c2a2	6269	FreeDecodedCert(decoded);
wolfSSL	2:28278596c2a2	6270	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6271	XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6272	#endif
wolfSSL	2:28278596c2a2	6273
wolfSSL	2:28278596c2a2	6274	return ret < 0 ? ret : 0;
wolfSSL	2:28278596c2a2	6275	}
wolfSSL	2:28278596c2a2	6276
wolfSSL	2:28278596c2a2	6277
wolfSSL	2:28278596c2a2	6278	/* Set Dates from der cert, return 0 on success */
wolfSSL	2:28278596c2a2	6279	static int SetDatesFromCert(Cert* cert, const byte* der, int derSz)
wolfSSL	2:28278596c2a2	6280	{
wolfSSL	2:28278596c2a2	6281	int ret;
wolfSSL	2:28278596c2a2	6282	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6283	DecodedCert* decoded;
wolfSSL	2:28278596c2a2	6284	#else
wolfSSL	2:28278596c2a2	6285	DecodedCert decoded[1];
wolfSSL	2:28278596c2a2	6286	#endif
wolfSSL	2:28278596c2a2	6287
wolfSSL	2:28278596c2a2	6288	WOLFSSL_ENTER("SetDatesFromCert");
wolfSSL	2:28278596c2a2	6289	if (derSz < 0)
wolfSSL	2:28278596c2a2	6290	return derSz;
wolfSSL	2:28278596c2a2	6291
wolfSSL	2:28278596c2a2	6292	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6293	decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
wolfSSL	2:28278596c2a2	6294	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6295	if (decoded == NULL)
wolfSSL	2:28278596c2a2	6296	return MEMORY_E;
wolfSSL	2:28278596c2a2	6297	#endif
wolfSSL	2:28278596c2a2	6298
wolfSSL	2:28278596c2a2	6299	InitDecodedCert(decoded, (byte*)der, derSz, 0);
wolfSSL	2:28278596c2a2	6300	ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
wolfSSL	2:28278596c2a2	6301
wolfSSL	2:28278596c2a2	6302	if (ret < 0) {
wolfSSL	2:28278596c2a2	6303	WOLFSSL_MSG("ParseCertRelative error");
wolfSSL	2:28278596c2a2	6304	}
wolfSSL	2:28278596c2a2	6305	else if (decoded->beforeDate == NULL \|\| decoded->afterDate == NULL) {
wolfSSL	2:28278596c2a2	6306	WOLFSSL_MSG("Couldn't extract dates");
wolfSSL	2:28278596c2a2	6307	ret = -1;
wolfSSL	2:28278596c2a2	6308	}
wolfSSL	2:28278596c2a2	6309	else if (decoded->beforeDateLen > MAX_DATE_SIZE \|\|
wolfSSL	2:28278596c2a2	6310	decoded->afterDateLen > MAX_DATE_SIZE) {
wolfSSL	2:28278596c2a2	6311	WOLFSSL_MSG("Bad date size");
wolfSSL	2:28278596c2a2	6312	ret = -1;
wolfSSL	2:28278596c2a2	6313	}
wolfSSL	2:28278596c2a2	6314	else {
wolfSSL	2:28278596c2a2	6315	XMEMCPY(cert->beforeDate, decoded->beforeDate, decoded->beforeDateLen);
wolfSSL	2:28278596c2a2	6316	XMEMCPY(cert->afterDate, decoded->afterDate, decoded->afterDateLen);
wolfSSL	2:28278596c2a2	6317
wolfSSL	2:28278596c2a2	6318	cert->beforeDateSz = decoded->beforeDateLen;
wolfSSL	2:28278596c2a2	6319	cert->afterDateSz = decoded->afterDateLen;
wolfSSL	2:28278596c2a2	6320	}
wolfSSL	2:28278596c2a2	6321
wolfSSL	2:28278596c2a2	6322	FreeDecodedCert(decoded);
wolfSSL	2:28278596c2a2	6323
wolfSSL	2:28278596c2a2	6324	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6325	XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6326	#endif
wolfSSL	2:28278596c2a2	6327
wolfSSL	2:28278596c2a2	6328	return ret < 0 ? ret : 0;
wolfSSL	2:28278596c2a2	6329	}
wolfSSL	2:28278596c2a2	6330
wolfSSL	2:28278596c2a2	6331
wolfSSL	2:28278596c2a2	6332	#endif /* WOLFSSL_ALT_NAMES && !NO_RSA */
wolfSSL	2:28278596c2a2	6333
wolfSSL	2:28278596c2a2	6334
wolfSSL	2:28278596c2a2	6335	/* Set cn name from der buffer, return 0 on success */
wolfSSL	2:28278596c2a2	6336	static int SetNameFromCert(CertName* cn, const byte* der, int derSz)
wolfSSL	2:28278596c2a2	6337	{
wolfSSL	2:28278596c2a2	6338	int ret, sz;
wolfSSL	2:28278596c2a2	6339	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6340	DecodedCert* decoded;
wolfSSL	2:28278596c2a2	6341	#else
wolfSSL	2:28278596c2a2	6342	DecodedCert decoded[1];
wolfSSL	2:28278596c2a2	6343	#endif
wolfSSL	2:28278596c2a2	6344
wolfSSL	2:28278596c2a2	6345	if (derSz < 0)
wolfSSL	2:28278596c2a2	6346	return derSz;
wolfSSL	2:28278596c2a2	6347
wolfSSL	2:28278596c2a2	6348	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6349	decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
wolfSSL	2:28278596c2a2	6350	DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6351	if (decoded == NULL)
wolfSSL	2:28278596c2a2	6352	return MEMORY_E;
wolfSSL	2:28278596c2a2	6353	#endif
wolfSSL	2:28278596c2a2	6354
wolfSSL	2:28278596c2a2	6355	InitDecodedCert(decoded, (byte*)der, derSz, 0);
wolfSSL	2:28278596c2a2	6356	ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
wolfSSL	2:28278596c2a2	6357
wolfSSL	2:28278596c2a2	6358	if (ret < 0) {
wolfSSL	2:28278596c2a2	6359	WOLFSSL_MSG("ParseCertRelative error");
wolfSSL	2:28278596c2a2	6360	}
wolfSSL	2:28278596c2a2	6361	else {
wolfSSL	2:28278596c2a2	6362	if (decoded->subjectCN) {
wolfSSL	2:28278596c2a2	6363	sz = (decoded->subjectCNLen < CTC_NAME_SIZE) ? decoded->subjectCNLen
wolfSSL	2:28278596c2a2	6364	: CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6365	strncpy(cn->commonName, decoded->subjectCN, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6366	cn->commonName[sz] = 0;
wolfSSL	2:28278596c2a2	6367	cn->commonNameEnc = decoded->subjectCNEnc;
wolfSSL	2:28278596c2a2	6368	}
wolfSSL	2:28278596c2a2	6369	if (decoded->subjectC) {
wolfSSL	2:28278596c2a2	6370	sz = (decoded->subjectCLen < CTC_NAME_SIZE) ? decoded->subjectCLen
wolfSSL	2:28278596c2a2	6371	: CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6372	strncpy(cn->country, decoded->subjectC, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6373	cn->country[sz] = 0;
wolfSSL	2:28278596c2a2	6374	cn->countryEnc = decoded->subjectCEnc;
wolfSSL	2:28278596c2a2	6375	}
wolfSSL	2:28278596c2a2	6376	if (decoded->subjectST) {
wolfSSL	2:28278596c2a2	6377	sz = (decoded->subjectSTLen < CTC_NAME_SIZE) ? decoded->subjectSTLen
wolfSSL	2:28278596c2a2	6378	: CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6379	strncpy(cn->state, decoded->subjectST, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6380	cn->state[sz] = 0;
wolfSSL	2:28278596c2a2	6381	cn->stateEnc = decoded->subjectSTEnc;
wolfSSL	2:28278596c2a2	6382	}
wolfSSL	2:28278596c2a2	6383	if (decoded->subjectL) {
wolfSSL	2:28278596c2a2	6384	sz = (decoded->subjectLLen < CTC_NAME_SIZE) ? decoded->subjectLLen
wolfSSL	2:28278596c2a2	6385	: CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6386	strncpy(cn->locality, decoded->subjectL, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6387	cn->locality[sz] = 0;
wolfSSL	2:28278596c2a2	6388	cn->localityEnc = decoded->subjectLEnc;
wolfSSL	2:28278596c2a2	6389	}
wolfSSL	2:28278596c2a2	6390	if (decoded->subjectO) {
wolfSSL	2:28278596c2a2	6391	sz = (decoded->subjectOLen < CTC_NAME_SIZE) ? decoded->subjectOLen
wolfSSL	2:28278596c2a2	6392	: CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6393	strncpy(cn->org, decoded->subjectO, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6394	cn->org[sz] = 0;
wolfSSL	2:28278596c2a2	6395	cn->orgEnc = decoded->subjectOEnc;
wolfSSL	2:28278596c2a2	6396	}
wolfSSL	2:28278596c2a2	6397	if (decoded->subjectOU) {
wolfSSL	2:28278596c2a2	6398	sz = (decoded->subjectOULen < CTC_NAME_SIZE) ? decoded->subjectOULen
wolfSSL	2:28278596c2a2	6399	: CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6400	strncpy(cn->unit, decoded->subjectOU, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6401	cn->unit[sz] = 0;
wolfSSL	2:28278596c2a2	6402	cn->unitEnc = decoded->subjectOUEnc;
wolfSSL	2:28278596c2a2	6403	}
wolfSSL	2:28278596c2a2	6404	if (decoded->subjectSN) {
wolfSSL	2:28278596c2a2	6405	sz = (decoded->subjectSNLen < CTC_NAME_SIZE) ? decoded->subjectSNLen
wolfSSL	2:28278596c2a2	6406	: CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6407	strncpy(cn->sur, decoded->subjectSN, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6408	cn->sur[sz] = 0;
wolfSSL	2:28278596c2a2	6409	cn->surEnc = decoded->subjectSNEnc;
wolfSSL	2:28278596c2a2	6410	}
wolfSSL	2:28278596c2a2	6411	if (decoded->subjectEmail) {
wolfSSL	2:28278596c2a2	6412	sz = (decoded->subjectEmailLen < CTC_NAME_SIZE)
wolfSSL	2:28278596c2a2	6413	? decoded->subjectEmailLen : CTC_NAME_SIZE - 1;
wolfSSL	2:28278596c2a2	6414	strncpy(cn->email, decoded->subjectEmail, CTC_NAME_SIZE);
wolfSSL	2:28278596c2a2	6415	cn->email[sz] = 0;
wolfSSL	2:28278596c2a2	6416	}
wolfSSL	2:28278596c2a2	6417	}
wolfSSL	2:28278596c2a2	6418
wolfSSL	2:28278596c2a2	6419	FreeDecodedCert(decoded);
wolfSSL	2:28278596c2a2	6420
wolfSSL	2:28278596c2a2	6421	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6422	XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6423	#endif
wolfSSL	2:28278596c2a2	6424
wolfSSL	2:28278596c2a2	6425	return ret < 0 ? ret : 0;
wolfSSL	2:28278596c2a2	6426	}
wolfSSL	2:28278596c2a2	6427
wolfSSL	2:28278596c2a2	6428
wolfSSL	2:28278596c2a2	6429	#ifndef NO_FILESYSTEM
wolfSSL	2:28278596c2a2	6430
wolfSSL	2:28278596c2a2	6431	/* Set cert issuer from issuerFile in PEM */
wolfSSL	2:28278596c2a2	6432	int wc_SetIssuer(Cert* cert, const char* issuerFile)
wolfSSL	2:28278596c2a2	6433	{
wolfSSL	2:28278596c2a2	6434	int ret;
wolfSSL	2:28278596c2a2	6435	int derSz;
wolfSSL	2:28278596c2a2	6436	byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
wolfSSL	2:28278596c2a2	6437
wolfSSL	2:28278596c2a2	6438	if (der == NULL) {
wolfSSL	2:28278596c2a2	6439	WOLFSSL_MSG("wc_SetIssuer OOF Problem");
wolfSSL	2:28278596c2a2	6440	return MEMORY_E;
wolfSSL	2:28278596c2a2	6441	}
wolfSSL	2:28278596c2a2	6442	derSz = wolfSSL_PemCertToDer(issuerFile, der, EIGHTK_BUF);
wolfSSL	2:28278596c2a2	6443	cert->selfSigned = 0;
wolfSSL	2:28278596c2a2	6444	ret = SetNameFromCert(&cert->issuer, der, derSz);
wolfSSL	2:28278596c2a2	6445	XFREE(der, NULL, DYNAMIC_TYPE_CERT);
wolfSSL	2:28278596c2a2	6446
wolfSSL	2:28278596c2a2	6447	return ret;
wolfSSL	2:28278596c2a2	6448	}
wolfSSL	2:28278596c2a2	6449
wolfSSL	2:28278596c2a2	6450
wolfSSL	2:28278596c2a2	6451	/* Set cert subject from subjectFile in PEM */
wolfSSL	2:28278596c2a2	6452	int wc_SetSubject(Cert* cert, const char* subjectFile)
wolfSSL	2:28278596c2a2	6453	{
wolfSSL	2:28278596c2a2	6454	int ret;
wolfSSL	2:28278596c2a2	6455	int derSz;
wolfSSL	2:28278596c2a2	6456	byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
wolfSSL	2:28278596c2a2	6457
wolfSSL	2:28278596c2a2	6458	if (der == NULL) {
wolfSSL	2:28278596c2a2	6459	WOLFSSL_MSG("wc_SetSubject OOF Problem");
wolfSSL	2:28278596c2a2	6460	return MEMORY_E;
wolfSSL	2:28278596c2a2	6461	}
wolfSSL	2:28278596c2a2	6462	derSz = wolfSSL_PemCertToDer(subjectFile, der, EIGHTK_BUF);
wolfSSL	2:28278596c2a2	6463	ret = SetNameFromCert(&cert->subject, der, derSz);
wolfSSL	2:28278596c2a2	6464	XFREE(der, NULL, DYNAMIC_TYPE_CERT);
wolfSSL	2:28278596c2a2	6465
wolfSSL	2:28278596c2a2	6466	return ret;
wolfSSL	2:28278596c2a2	6467	}
wolfSSL	2:28278596c2a2	6468
wolfSSL	2:28278596c2a2	6469
wolfSSL	2:28278596c2a2	6470	#ifdef WOLFSSL_ALT_NAMES
wolfSSL	2:28278596c2a2	6471
wolfSSL	2:28278596c2a2	6472	/* Set atl names from file in PEM */
wolfSSL	2:28278596c2a2	6473	int wc_SetAltNames(Cert* cert, const char* file)
wolfSSL	2:28278596c2a2	6474	{
wolfSSL	2:28278596c2a2	6475	int ret;
wolfSSL	2:28278596c2a2	6476	int derSz;
wolfSSL	2:28278596c2a2	6477	byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT);
wolfSSL	2:28278596c2a2	6478
wolfSSL	2:28278596c2a2	6479	if (der == NULL) {
wolfSSL	2:28278596c2a2	6480	WOLFSSL_MSG("wc_SetAltNames OOF Problem");
wolfSSL	2:28278596c2a2	6481	return MEMORY_E;
wolfSSL	2:28278596c2a2	6482	}
wolfSSL	2:28278596c2a2	6483	derSz = wolfSSL_PemCertToDer(file, der, EIGHTK_BUF);
wolfSSL	2:28278596c2a2	6484	ret = SetAltNamesFromCert(cert, der, derSz);
wolfSSL	2:28278596c2a2	6485	XFREE(der, NULL, DYNAMIC_TYPE_CERT);
wolfSSL	2:28278596c2a2	6486
wolfSSL	2:28278596c2a2	6487	return ret;
wolfSSL	2:28278596c2a2	6488	}
wolfSSL	2:28278596c2a2	6489
wolfSSL	2:28278596c2a2	6490	#endif /* WOLFSSL_ALT_NAMES */
wolfSSL	2:28278596c2a2	6491
wolfSSL	2:28278596c2a2	6492	#endif /* NO_FILESYSTEM */
wolfSSL	2:28278596c2a2	6493
wolfSSL	2:28278596c2a2	6494	/* Set cert issuer from DER buffer */
wolfSSL	2:28278596c2a2	6495	int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz)
wolfSSL	2:28278596c2a2	6496	{
wolfSSL	2:28278596c2a2	6497	cert->selfSigned = 0;
wolfSSL	2:28278596c2a2	6498	return SetNameFromCert(&cert->issuer, der, derSz);
wolfSSL	2:28278596c2a2	6499	}
wolfSSL	2:28278596c2a2	6500
wolfSSL	2:28278596c2a2	6501
wolfSSL	2:28278596c2a2	6502	/* Set cert subject from DER buffer */
wolfSSL	2:28278596c2a2	6503	int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz)
wolfSSL	2:28278596c2a2	6504	{
wolfSSL	2:28278596c2a2	6505	return SetNameFromCert(&cert->subject, der, derSz);
wolfSSL	2:28278596c2a2	6506	}
wolfSSL	2:28278596c2a2	6507
wolfSSL	2:28278596c2a2	6508
wolfSSL	2:28278596c2a2	6509	#ifdef WOLFSSL_ALT_NAMES
wolfSSL	2:28278596c2a2	6510
wolfSSL	2:28278596c2a2	6511	/* Set cert alt names from DER buffer */
wolfSSL	2:28278596c2a2	6512	int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz)
wolfSSL	2:28278596c2a2	6513	{
wolfSSL	2:28278596c2a2	6514	return SetAltNamesFromCert(cert, der, derSz);
wolfSSL	2:28278596c2a2	6515	}
wolfSSL	2:28278596c2a2	6516
wolfSSL	2:28278596c2a2	6517	/* Set cert dates from DER buffer */
wolfSSL	2:28278596c2a2	6518	int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz)
wolfSSL	2:28278596c2a2	6519	{
wolfSSL	2:28278596c2a2	6520	return SetDatesFromCert(cert, der, derSz);
wolfSSL	2:28278596c2a2	6521	}
wolfSSL	2:28278596c2a2	6522
wolfSSL	2:28278596c2a2	6523	#endif /* WOLFSSL_ALT_NAMES */
wolfSSL	2:28278596c2a2	6524
wolfSSL	2:28278596c2a2	6525	#endif /* WOLFSSL_CERT_GEN */
wolfSSL	2:28278596c2a2	6526
wolfSSL	2:28278596c2a2	6527
wolfSSL	2:28278596c2a2	6528	#ifdef HAVE_ECC
wolfSSL	2:28278596c2a2	6529
wolfSSL	2:28278596c2a2	6530	/* Der Encode r & s ints into out, outLen is (in/out) size */
wolfSSL	2:28278596c2a2	6531	int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
wolfSSL	2:28278596c2a2	6532	{
wolfSSL	2:28278596c2a2	6533	word32 idx = 0;
wolfSSL	2:28278596c2a2	6534	word32 rSz; /* encoding size */
wolfSSL	2:28278596c2a2	6535	word32 sSz;
wolfSSL	2:28278596c2a2	6536	word32 headerSz = 4; /* 2ASN_TAG + 2LEN(ENUM) */
wolfSSL	2:28278596c2a2	6537
wolfSSL	2:28278596c2a2	6538	/* If the leading bit on the INTEGER is a 1, add a leading zero */
wolfSSL	2:28278596c2a2	6539	int rLeadingZero = mp_leading_bit(r);
wolfSSL	2:28278596c2a2	6540	int sLeadingZero = mp_leading_bit(s);
wolfSSL	2:28278596c2a2	6541	int rLen = mp_unsigned_bin_size(r); /* big int size */
wolfSSL	2:28278596c2a2	6542	int sLen = mp_unsigned_bin_size(s);
wolfSSL	2:28278596c2a2	6543	int err;
wolfSSL	2:28278596c2a2	6544
wolfSSL	2:28278596c2a2	6545	if (*outLen < (rLen + rLeadingZero + sLen + sLeadingZero +
wolfSSL	2:28278596c2a2	6546	headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */
wolfSSL	2:28278596c2a2	6547	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	6548
wolfSSL	2:28278596c2a2	6549	idx = SetSequence(rLen+rLeadingZero+sLen+sLeadingZero+headerSz, out);
wolfSSL	2:28278596c2a2	6550
wolfSSL	2:28278596c2a2	6551	/* store r */
wolfSSL	2:28278596c2a2	6552	out[idx++] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	6553	rSz = SetLength(rLen + rLeadingZero, &out[idx]);
wolfSSL	2:28278596c2a2	6554	idx += rSz;
wolfSSL	2:28278596c2a2	6555	if (rLeadingZero)
wolfSSL	2:28278596c2a2	6556	out[idx++] = 0;
wolfSSL	2:28278596c2a2	6557	err = mp_to_unsigned_bin(r, &out[idx]);
wolfSSL	2:28278596c2a2	6558	if (err != MP_OKAY) return err;
wolfSSL	2:28278596c2a2	6559	idx += rLen;
wolfSSL	2:28278596c2a2	6560
wolfSSL	2:28278596c2a2	6561	/* store s */
wolfSSL	2:28278596c2a2	6562	out[idx++] = ASN_INTEGER;
wolfSSL	2:28278596c2a2	6563	sSz = SetLength(sLen + sLeadingZero, &out[idx]);
wolfSSL	2:28278596c2a2	6564	idx += sSz;
wolfSSL	2:28278596c2a2	6565	if (sLeadingZero)
wolfSSL	2:28278596c2a2	6566	out[idx++] = 0;
wolfSSL	2:28278596c2a2	6567	err = mp_to_unsigned_bin(s, &out[idx]);
wolfSSL	2:28278596c2a2	6568	if (err != MP_OKAY) return err;
wolfSSL	2:28278596c2a2	6569	idx += sLen;
wolfSSL	2:28278596c2a2	6570
wolfSSL	2:28278596c2a2	6571	*outLen = idx;
wolfSSL	2:28278596c2a2	6572
wolfSSL	2:28278596c2a2	6573	return 0;
wolfSSL	2:28278596c2a2	6574	}
wolfSSL	2:28278596c2a2	6575
wolfSSL	2:28278596c2a2	6576
wolfSSL	2:28278596c2a2	6577	/* Der Decode ECC-DSA Signautre, r & s stored as big ints */
wolfSSL	2:28278596c2a2	6578	int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
wolfSSL	2:28278596c2a2	6579	{
wolfSSL	2:28278596c2a2	6580	word32 idx = 0;
wolfSSL	2:28278596c2a2	6581	int len = 0;
wolfSSL	2:28278596c2a2	6582
wolfSSL	2:28278596c2a2	6583	if (GetSequence(sig, &idx, &len, sigLen) < 0)
wolfSSL	2:28278596c2a2	6584	return ASN_ECC_KEY_E;
wolfSSL	2:28278596c2a2	6585
wolfSSL	2:28278596c2a2	6586	if ((word32)len > (sigLen - idx))
wolfSSL	2:28278596c2a2	6587	return ASN_ECC_KEY_E;
wolfSSL	2:28278596c2a2	6588
wolfSSL	2:28278596c2a2	6589	if (GetInt(r, sig, &idx, sigLen) < 0)
wolfSSL	2:28278596c2a2	6590	return ASN_ECC_KEY_E;
wolfSSL	2:28278596c2a2	6591
wolfSSL	2:28278596c2a2	6592	if (GetInt(s, sig, &idx, sigLen) < 0)
wolfSSL	2:28278596c2a2	6593	return ASN_ECC_KEY_E;
wolfSSL	2:28278596c2a2	6594
wolfSSL	2:28278596c2a2	6595	return 0;
wolfSSL	2:28278596c2a2	6596	}
wolfSSL	2:28278596c2a2	6597
wolfSSL	2:28278596c2a2	6598
wolfSSL	2:28278596c2a2	6599	int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
wolfSSL	2:28278596c2a2	6600	word32 inSz)
wolfSSL	2:28278596c2a2	6601	{
wolfSSL	2:28278596c2a2	6602	word32 oid = 0;
wolfSSL	2:28278596c2a2	6603	int version, length;
wolfSSL	2:28278596c2a2	6604	int privSz, pubSz;
wolfSSL	2:28278596c2a2	6605	byte b;
wolfSSL	2:28278596c2a2	6606	int ret = 0;
wolfSSL	2:28278596c2a2	6607	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6608	byte* priv;
wolfSSL	2:28278596c2a2	6609	byte* pub;
wolfSSL	2:28278596c2a2	6610	#else
wolfSSL	2:28278596c2a2	6611	byte priv[ECC_MAXSIZE];
wolfSSL	2:28278596c2a2	6612	byte pub[ECC_MAXSIZE * 2 + 1]; /* public key has two parts plus header */
wolfSSL	2:28278596c2a2	6613	#endif
wolfSSL	2:28278596c2a2	6614
wolfSSL	2:28278596c2a2	6615	if (input == NULL \|\| inOutIdx == NULL \|\| key == NULL \|\| inSz == 0)
wolfSSL	2:28278596c2a2	6616	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	6617
wolfSSL	2:28278596c2a2	6618	if (GetSequence(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	6619	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6620
wolfSSL	2:28278596c2a2	6621	if (GetMyVersion(input, inOutIdx, &version) < 0)
wolfSSL	2:28278596c2a2	6622	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6623
wolfSSL	2:28278596c2a2	6624	b = input[*inOutIdx];
wolfSSL	2:28278596c2a2	6625	*inOutIdx += 1;
wolfSSL	2:28278596c2a2	6626
wolfSSL	2:28278596c2a2	6627	/* priv type */
wolfSSL	2:28278596c2a2	6628	if (b != 4 && b != 6 && b != 7)
wolfSSL	2:28278596c2a2	6629	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6630
wolfSSL	2:28278596c2a2	6631	if (GetLength(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	6632	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6633
wolfSSL	2:28278596c2a2	6634	if (length > ECC_MAXSIZE)
wolfSSL	2:28278596c2a2	6635	return BUFFER_E;
wolfSSL	2:28278596c2a2	6636
wolfSSL	2:28278596c2a2	6637	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6638	priv = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6639	if (priv == NULL)
wolfSSL	2:28278596c2a2	6640	return MEMORY_E;
wolfSSL	2:28278596c2a2	6641
wolfSSL	2:28278596c2a2	6642	pub = (byte)XMALLOC(ECC_MAXSIZE 2 + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6643	if (pub == NULL) {
wolfSSL	2:28278596c2a2	6644	XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6645	return MEMORY_E;
wolfSSL	2:28278596c2a2	6646	}
wolfSSL	2:28278596c2a2	6647	#endif
wolfSSL	2:28278596c2a2	6648
wolfSSL	2:28278596c2a2	6649	/* priv key */
wolfSSL	2:28278596c2a2	6650	privSz = length;
wolfSSL	2:28278596c2a2	6651	XMEMCPY(priv, &input[*inOutIdx], privSz);
wolfSSL	2:28278596c2a2	6652	*inOutIdx += length;
wolfSSL	2:28278596c2a2	6653
wolfSSL	2:28278596c2a2	6654	/* prefix 0, may have */
wolfSSL	2:28278596c2a2	6655	b = input[*inOutIdx];
wolfSSL	2:28278596c2a2	6656	if (b == ECC_PREFIX_0) {
wolfSSL	2:28278596c2a2	6657	*inOutIdx += 1;
wolfSSL	2:28278596c2a2	6658
wolfSSL	2:28278596c2a2	6659	if (GetLength(input, inOutIdx, &length, inSz) < 0)
wolfSSL	2:28278596c2a2	6660	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6661	else {
wolfSSL	2:28278596c2a2	6662	/* object id */
wolfSSL	2:28278596c2a2	6663	b = input[*inOutIdx];
wolfSSL	2:28278596c2a2	6664	*inOutIdx += 1;
wolfSSL	2:28278596c2a2	6665
wolfSSL	2:28278596c2a2	6666	if (b != ASN_OBJECT_ID) {
wolfSSL	2:28278596c2a2	6667	ret = ASN_OBJECT_ID_E;
wolfSSL	2:28278596c2a2	6668	}
wolfSSL	2:28278596c2a2	6669	else if (GetLength(input, inOutIdx, &length, inSz) < 0) {
wolfSSL	2:28278596c2a2	6670	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6671	}
wolfSSL	2:28278596c2a2	6672	else {
wolfSSL	2:28278596c2a2	6673	while(length--) {
wolfSSL	2:28278596c2a2	6674	oid += input[*inOutIdx];
wolfSSL	2:28278596c2a2	6675	*inOutIdx += 1;
wolfSSL	2:28278596c2a2	6676	}
wolfSSL	2:28278596c2a2	6677	if (CheckCurve(oid) < 0)
wolfSSL	2:28278596c2a2	6678	ret = ECC_CURVE_OID_E;
wolfSSL	2:28278596c2a2	6679	}
wolfSSL	2:28278596c2a2	6680	}
wolfSSL	2:28278596c2a2	6681	}
wolfSSL	2:28278596c2a2	6682
wolfSSL	2:28278596c2a2	6683	if (ret == 0) {
wolfSSL	2:28278596c2a2	6684	/* prefix 1 */
wolfSSL	2:28278596c2a2	6685	b = input[*inOutIdx];
wolfSSL	2:28278596c2a2	6686	*inOutIdx += 1;
wolfSSL	2:28278596c2a2	6687
wolfSSL	2:28278596c2a2	6688	if (b != ECC_PREFIX_1) {
wolfSSL	2:28278596c2a2	6689	ret = ASN_ECC_KEY_E;
wolfSSL	2:28278596c2a2	6690	}
wolfSSL	2:28278596c2a2	6691	else if (GetLength(input, inOutIdx, &length, inSz) < 0) {
wolfSSL	2:28278596c2a2	6692	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6693	}
wolfSSL	2:28278596c2a2	6694	else {
wolfSSL	2:28278596c2a2	6695	/* key header */
wolfSSL	2:28278596c2a2	6696	b = input[*inOutIdx];
wolfSSL	2:28278596c2a2	6697	*inOutIdx += 1;
wolfSSL	2:28278596c2a2	6698
wolfSSL	2:28278596c2a2	6699	if (b != ASN_BIT_STRING) {
wolfSSL	2:28278596c2a2	6700	ret = ASN_BITSTR_E;
wolfSSL	2:28278596c2a2	6701	}
wolfSSL	2:28278596c2a2	6702	else if (GetLength(input, inOutIdx, &length, inSz) < 0) {
wolfSSL	2:28278596c2a2	6703	ret = ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6704	}
wolfSSL	2:28278596c2a2	6705	else {
wolfSSL	2:28278596c2a2	6706	b = input[*inOutIdx];
wolfSSL	2:28278596c2a2	6707	*inOutIdx += 1;
wolfSSL	2:28278596c2a2	6708
wolfSSL	2:28278596c2a2	6709	if (b != 0x00) {
wolfSSL	2:28278596c2a2	6710	ret = ASN_EXPECT_0_E;
wolfSSL	2:28278596c2a2	6711	}
wolfSSL	2:28278596c2a2	6712	else {
wolfSSL	2:28278596c2a2	6713	/* pub key */
wolfSSL	2:28278596c2a2	6714	pubSz = length - 1; /* null prefix */
wolfSSL	2:28278596c2a2	6715	if (pubSz < (ECC_MAXSIZE*2 + 1)) {
wolfSSL	2:28278596c2a2	6716	XMEMCPY(pub, &input[*inOutIdx], pubSz);
wolfSSL	2:28278596c2a2	6717	*inOutIdx += length;
wolfSSL	2:28278596c2a2	6718	ret = wc_ecc_import_private_key(priv, privSz, pub, pubSz,
wolfSSL	2:28278596c2a2	6719	key);
wolfSSL	2:28278596c2a2	6720	} else
wolfSSL	2:28278596c2a2	6721	ret = BUFFER_E;
wolfSSL	2:28278596c2a2	6722	}
wolfSSL	2:28278596c2a2	6723	}
wolfSSL	2:28278596c2a2	6724	}
wolfSSL	2:28278596c2a2	6725	}
wolfSSL	2:28278596c2a2	6726
wolfSSL	2:28278596c2a2	6727	#ifdef WOLFSSL_SMALL_STACK
wolfSSL	2:28278596c2a2	6728	XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6729	XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
wolfSSL	2:28278596c2a2	6730	#endif
wolfSSL	2:28278596c2a2	6731
wolfSSL	2:28278596c2a2	6732	return ret;
wolfSSL	2:28278596c2a2	6733	}
wolfSSL	2:28278596c2a2	6734
wolfSSL	2:28278596c2a2	6735
wolfSSL	2:28278596c2a2	6736	#ifdef WOLFSSL_KEY_GEN
wolfSSL	2:28278596c2a2	6737
wolfSSL	2:28278596c2a2	6738	/* Write a Private ecc key to DER format, length on success else < 0 */
wolfSSL	2:28278596c2a2	6739	int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
wolfSSL	2:28278596c2a2	6740	{
wolfSSL	2:28278596c2a2	6741	byte curve[MAX_ALGO_SZ];
wolfSSL	2:28278596c2a2	6742	byte ver[MAX_VERSION_SZ];
wolfSSL	2:28278596c2a2	6743	byte seq[MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	6744	int ret;
wolfSSL	2:28278596c2a2	6745	int curveSz;
wolfSSL	2:28278596c2a2	6746	int verSz;
wolfSSL	2:28278596c2a2	6747	int privHdrSz = ASN_ECC_HEADER_SZ;
wolfSSL	2:28278596c2a2	6748	int pubHdrSz = ASN_ECC_CONTEXT_SZ + ASN_ECC_HEADER_SZ;
wolfSSL	2:28278596c2a2	6749	int curveHdrSz = ASN_ECC_CONTEXT_SZ;
wolfSSL	2:28278596c2a2	6750	word32 seqSz;
wolfSSL	2:28278596c2a2	6751	word32 idx = 0;
wolfSSL	2:28278596c2a2	6752	word32 pubSz = ECC_BUFSIZE;
wolfSSL	2:28278596c2a2	6753	word32 privSz;
wolfSSL	2:28278596c2a2	6754	word32 totalSz;
wolfSSL	2:28278596c2a2	6755
wolfSSL	2:28278596c2a2	6756	if (key == NULL \|\| output == NULL \|\| inLen == 0)
wolfSSL	2:28278596c2a2	6757	return BAD_FUNC_ARG;
wolfSSL	2:28278596c2a2	6758
wolfSSL	2:28278596c2a2	6759	ret = wc_ecc_export_x963(key, NULL, &pubSz);
wolfSSL	2:28278596c2a2	6760	if (ret != LENGTH_ONLY_E) {
wolfSSL	2:28278596c2a2	6761	return ret;
wolfSSL	2:28278596c2a2	6762	}
wolfSSL	2:28278596c2a2	6763	curveSz = SetCurve(key, curve);
wolfSSL	2:28278596c2a2	6764	if (curveSz < 0) {
wolfSSL	2:28278596c2a2	6765	return curveSz;
wolfSSL	2:28278596c2a2	6766	}
wolfSSL	2:28278596c2a2	6767
wolfSSL	2:28278596c2a2	6768	privSz = key->dp->size;
wolfSSL	2:28278596c2a2	6769
wolfSSL	2:28278596c2a2	6770	verSz = SetMyVersion(1, ver, FALSE);
wolfSSL	2:28278596c2a2	6771	if (verSz < 0) {
wolfSSL	2:28278596c2a2	6772	return verSz;
wolfSSL	2:28278596c2a2	6773	}
wolfSSL	2:28278596c2a2	6774
wolfSSL	2:28278596c2a2	6775	totalSz = verSz + privSz + privHdrSz + curveSz + curveHdrSz +
wolfSSL	2:28278596c2a2	6776	pubSz + pubHdrSz + 1; /* plus null byte b4 public */
wolfSSL	2:28278596c2a2	6777	seqSz = SetSequence(totalSz, seq);
wolfSSL	2:28278596c2a2	6778	totalSz += seqSz;
wolfSSL	2:28278596c2a2	6779
wolfSSL	2:28278596c2a2	6780	if (totalSz > inLen) {
wolfSSL	2:28278596c2a2	6781	return BUFFER_E;
wolfSSL	2:28278596c2a2	6782	}
wolfSSL	2:28278596c2a2	6783
wolfSSL	2:28278596c2a2	6784	/* write it out */
wolfSSL	2:28278596c2a2	6785	/* seq */
wolfSSL	2:28278596c2a2	6786	XMEMCPY(output + idx, seq, seqSz);
wolfSSL	2:28278596c2a2	6787	idx += seqSz;
wolfSSL	2:28278596c2a2	6788
wolfSSL	2:28278596c2a2	6789	/* ver */
wolfSSL	2:28278596c2a2	6790	XMEMCPY(output + idx, ver, verSz);
wolfSSL	2:28278596c2a2	6791	idx += verSz;
wolfSSL	2:28278596c2a2	6792
wolfSSL	2:28278596c2a2	6793	/* private */
wolfSSL	2:28278596c2a2	6794	output[idx++] = ASN_OCTET_STRING;
wolfSSL	2:28278596c2a2	6795	output[idx++] = (byte)privSz;
wolfSSL	2:28278596c2a2	6796	ret = wc_ecc_export_private_only(key, output + idx, &privSz);
wolfSSL	2:28278596c2a2	6797	if (ret < 0) {
wolfSSL	2:28278596c2a2	6798	return ret;
wolfSSL	2:28278596c2a2	6799	}
wolfSSL	2:28278596c2a2	6800	idx += privSz;
wolfSSL	2:28278596c2a2	6801
wolfSSL	2:28278596c2a2	6802	/* curve */
wolfSSL	2:28278596c2a2	6803	output[idx++] = ECC_PREFIX_0;
wolfSSL	2:28278596c2a2	6804	output[idx++] = (byte)curveSz;
wolfSSL	2:28278596c2a2	6805	XMEMCPY(output + idx, curve, curveSz);
wolfSSL	2:28278596c2a2	6806	idx += curveSz;
wolfSSL	2:28278596c2a2	6807
wolfSSL	2:28278596c2a2	6808	/* public */
wolfSSL	2:28278596c2a2	6809	output[idx++] = ECC_PREFIX_1;
wolfSSL	2:28278596c2a2	6810	output[idx++] = (byte)pubSz + ASN_ECC_CONTEXT_SZ + 1; /* plus null byte */
wolfSSL	2:28278596c2a2	6811	output[idx++] = ASN_BIT_STRING;
wolfSSL	2:28278596c2a2	6812	output[idx++] = (byte)pubSz + 1; /* plus null byte */
wolfSSL	2:28278596c2a2	6813	output[idx++] = (byte)0; /* null byte */
wolfSSL	2:28278596c2a2	6814	ret = wc_ecc_export_x963(key, output + idx, &pubSz);
wolfSSL	2:28278596c2a2	6815	if (ret != 0) {
wolfSSL	2:28278596c2a2	6816	return ret;
wolfSSL	2:28278596c2a2	6817	}
wolfSSL	2:28278596c2a2	6818	/* idx += pubSz if do more later */
wolfSSL	2:28278596c2a2	6819
wolfSSL	2:28278596c2a2	6820	return totalSz;
wolfSSL	2:28278596c2a2	6821	}
wolfSSL	2:28278596c2a2	6822
wolfSSL	2:28278596c2a2	6823	#endif /* WOLFSSL_KEY_GEN */
wolfSSL	2:28278596c2a2	6824
wolfSSL	2:28278596c2a2	6825	#endif /* HAVE_ECC */
wolfSSL	2:28278596c2a2	6826
wolfSSL	2:28278596c2a2	6827
wolfSSL	2:28278596c2a2	6828	#if defined(HAVE_OCSP) \|\| defined(HAVE_CRL)
wolfSSL	2:28278596c2a2	6829
wolfSSL	2:28278596c2a2	6830	/* Get raw Date only, no processing, 0 on success */
wolfSSL	2:28278596c2a2	6831	static int GetBasicDate(const byte* source, word32* idx, byte* date,
wolfSSL	2:28278596c2a2	6832	byte* format, int maxIdx)
wolfSSL	2:28278596c2a2	6833	{
wolfSSL	2:28278596c2a2	6834	int length;
wolfSSL	2:28278596c2a2	6835
wolfSSL	2:28278596c2a2	6836	WOLFSSL_ENTER("GetBasicDate");
wolfSSL	2:28278596c2a2	6837
wolfSSL	2:28278596c2a2	6838	format = source[idx];
wolfSSL	2:28278596c2a2	6839	*idx += 1;
wolfSSL	2:28278596c2a2	6840	if (format != ASN_UTC_TIME && format != ASN_GENERALIZED_TIME)
wolfSSL	2:28278596c2a2	6841	return ASN_TIME_E;
wolfSSL	2:28278596c2a2	6842
wolfSSL	2:28278596c2a2	6843	if (GetLength(source, idx, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	6844	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6845
wolfSSL	2:28278596c2a2	6846	if (length > MAX_DATE_SIZE \|\| length < MIN_DATE_SIZE)
wolfSSL	2:28278596c2a2	6847	return ASN_DATE_SZ_E;
wolfSSL	2:28278596c2a2	6848
wolfSSL	2:28278596c2a2	6849	XMEMCPY(date, &source[*idx], length);
wolfSSL	2:28278596c2a2	6850	*idx += length;
wolfSSL	2:28278596c2a2	6851
wolfSSL	2:28278596c2a2	6852	return 0;
wolfSSL	2:28278596c2a2	6853	}
wolfSSL	2:28278596c2a2	6854
wolfSSL	2:28278596c2a2	6855	#endif
wolfSSL	2:28278596c2a2	6856
wolfSSL	2:28278596c2a2	6857
wolfSSL	2:28278596c2a2	6858	#ifdef HAVE_OCSP
wolfSSL	2:28278596c2a2	6859
wolfSSL	2:28278596c2a2	6860	static int GetEnumerated(const byte* input, word32* inOutIdx, int *value)
wolfSSL	2:28278596c2a2	6861	{
wolfSSL	2:28278596c2a2	6862	word32 idx = *inOutIdx;
wolfSSL	2:28278596c2a2	6863	word32 len;
wolfSSL	2:28278596c2a2	6864
wolfSSL	2:28278596c2a2	6865	WOLFSSL_ENTER("GetEnumerated");
wolfSSL	2:28278596c2a2	6866
wolfSSL	2:28278596c2a2	6867	*value = 0;
wolfSSL	2:28278596c2a2	6868
wolfSSL	2:28278596c2a2	6869	if (input[idx++] != ASN_ENUMERATED)
wolfSSL	2:28278596c2a2	6870	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6871
wolfSSL	2:28278596c2a2	6872	len = input[idx++];
wolfSSL	2:28278596c2a2	6873	if (len > 4)
wolfSSL	2:28278596c2a2	6874	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6875
wolfSSL	2:28278596c2a2	6876	while (len--) {
wolfSSL	2:28278596c2a2	6877	value = value << 8 \| input[idx++];
wolfSSL	2:28278596c2a2	6878	}
wolfSSL	2:28278596c2a2	6879
wolfSSL	2:28278596c2a2	6880	*inOutIdx = idx;
wolfSSL	2:28278596c2a2	6881
wolfSSL	2:28278596c2a2	6882	return *value;
wolfSSL	2:28278596c2a2	6883	}
wolfSSL	2:28278596c2a2	6884
wolfSSL	2:28278596c2a2	6885
wolfSSL	2:28278596c2a2	6886	static int DecodeSingleResponse(byte* source,
wolfSSL	2:28278596c2a2	6887	word32* ioIndex, OcspResponse* resp, word32 size)
wolfSSL	2:28278596c2a2	6888	{
wolfSSL	2:28278596c2a2	6889	word32 idx = *ioIndex, prevIndex, oid;
wolfSSL	2:28278596c2a2	6890	int length, wrapperSz;
wolfSSL	2:28278596c2a2	6891	CertStatus* cs = resp->status;
wolfSSL	2:28278596c2a2	6892
wolfSSL	2:28278596c2a2	6893	WOLFSSL_ENTER("DecodeSingleResponse");
wolfSSL	2:28278596c2a2	6894
wolfSSL	2:28278596c2a2	6895	/* Outer wrapper of the SEQUENCE OF Single Responses. */
wolfSSL	2:28278596c2a2	6896	if (GetSequence(source, &idx, &wrapperSz, size) < 0)
wolfSSL	2:28278596c2a2	6897	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6898
wolfSSL	2:28278596c2a2	6899	prevIndex = idx;
wolfSSL	2:28278596c2a2	6900
wolfSSL	2:28278596c2a2	6901	/* When making a request, we only request one status on one certificate
wolfSSL	2:28278596c2a2	6902	* at a time. There should only be one SingleResponse */
wolfSSL	2:28278596c2a2	6903
wolfSSL	2:28278596c2a2	6904	/* Wrapper around the Single Response */
wolfSSL	2:28278596c2a2	6905	if (GetSequence(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6906	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6907
wolfSSL	2:28278596c2a2	6908	/* Wrapper around the CertID */
wolfSSL	2:28278596c2a2	6909	if (GetSequence(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6910	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6911	/* Skip the hash algorithm */
wolfSSL	2:28278596c2a2	6912	if (GetAlgoId(source, &idx, &oid, size) < 0)
wolfSSL	2:28278596c2a2	6913	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6914	/* Save reference to the hash of CN */
wolfSSL	2:28278596c2a2	6915	if (source[idx++] != ASN_OCTET_STRING)
wolfSSL	2:28278596c2a2	6916	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6917	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6918	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6919	resp->issuerHash = source + idx;
wolfSSL	2:28278596c2a2	6920	idx += length;
wolfSSL	2:28278596c2a2	6921	/* Save reference to the hash of the issuer public key */
wolfSSL	2:28278596c2a2	6922	if (source[idx++] != ASN_OCTET_STRING)
wolfSSL	2:28278596c2a2	6923	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6924	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6925	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6926	resp->issuerKeyHash = source + idx;
wolfSSL	2:28278596c2a2	6927	idx += length;
wolfSSL	2:28278596c2a2	6928
wolfSSL	2:28278596c2a2	6929	/* Read the serial number, it is handled as a string, not as a
wolfSSL	2:28278596c2a2	6930	* proper number. Just XMEMCPY the data over, rather than load it
wolfSSL	2:28278596c2a2	6931	* as an mp_int. */
wolfSSL	2:28278596c2a2	6932	if (source[idx++] != ASN_INTEGER)
wolfSSL	2:28278596c2a2	6933	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6934	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6935	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6936	if (length <= EXTERNAL_SERIAL_SIZE)
wolfSSL	2:28278596c2a2	6937	{
wolfSSL	2:28278596c2a2	6938	if (source[idx] == 0)
wolfSSL	2:28278596c2a2	6939	{
wolfSSL	2:28278596c2a2	6940	idx++;
wolfSSL	2:28278596c2a2	6941	length--;
wolfSSL	2:28278596c2a2	6942	}
wolfSSL	2:28278596c2a2	6943	XMEMCPY(cs->serial, source + idx, length);
wolfSSL	2:28278596c2a2	6944	cs->serialSz = length;
wolfSSL	2:28278596c2a2	6945	}
wolfSSL	2:28278596c2a2	6946	else
wolfSSL	2:28278596c2a2	6947	{
wolfSSL	2:28278596c2a2	6948	return ASN_GETINT_E;
wolfSSL	2:28278596c2a2	6949	}
wolfSSL	2:28278596c2a2	6950	idx += length;
wolfSSL	2:28278596c2a2	6951
wolfSSL	2:28278596c2a2	6952	/* CertStatus */
wolfSSL	2:28278596c2a2	6953	switch (source[idx++])
wolfSSL	2:28278596c2a2	6954	{
wolfSSL	2:28278596c2a2	6955	case (ASN_CONTEXT_SPECIFIC \| CERT_GOOD):
wolfSSL	2:28278596c2a2	6956	cs->status = CERT_GOOD;
wolfSSL	2:28278596c2a2	6957	idx++;
wolfSSL	2:28278596c2a2	6958	break;
wolfSSL	2:28278596c2a2	6959	case (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| CERT_REVOKED):
wolfSSL	2:28278596c2a2	6960	cs->status = CERT_REVOKED;
wolfSSL	2:28278596c2a2	6961	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6962	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6963	idx += length;
wolfSSL	2:28278596c2a2	6964	break;
wolfSSL	2:28278596c2a2	6965	case (ASN_CONTEXT_SPECIFIC \| CERT_UNKNOWN):
wolfSSL	2:28278596c2a2	6966	cs->status = CERT_UNKNOWN;
wolfSSL	2:28278596c2a2	6967	idx++;
wolfSSL	2:28278596c2a2	6968	break;
wolfSSL	2:28278596c2a2	6969	default:
wolfSSL	2:28278596c2a2	6970	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6971	}
wolfSSL	2:28278596c2a2	6972
wolfSSL	2:28278596c2a2	6973	if (GetBasicDate(source, &idx, cs->thisDate,
wolfSSL	2:28278596c2a2	6974	&cs->thisDateFormat, size) < 0)
wolfSSL	2:28278596c2a2	6975	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6976	if (!XVALIDATE_DATE(cs->thisDate, cs->thisDateFormat, BEFORE))
wolfSSL	2:28278596c2a2	6977	return ASN_BEFORE_DATE_E;
wolfSSL	2:28278596c2a2	6978
wolfSSL	2:28278596c2a2	6979	/* The following items are optional. Only check for them if there is more
wolfSSL	2:28278596c2a2	6980	* unprocessed data in the singleResponse wrapper. */
wolfSSL	2:28278596c2a2	6981
wolfSSL	2:28278596c2a2	6982	if (((int)(idx - prevIndex) < wrapperSz) &&
wolfSSL	2:28278596c2a2	6983	(source[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 0)))
wolfSSL	2:28278596c2a2	6984	{
wolfSSL	2:28278596c2a2	6985	idx++;
wolfSSL	2:28278596c2a2	6986	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6987	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6988	if (GetBasicDate(source, &idx, cs->nextDate,
wolfSSL	2:28278596c2a2	6989	&cs->nextDateFormat, size) < 0)
wolfSSL	2:28278596c2a2	6990	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6991	}
wolfSSL	2:28278596c2a2	6992	if (((int)(idx - prevIndex) < wrapperSz) &&
wolfSSL	2:28278596c2a2	6993	(source[idx] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 1)))
wolfSSL	2:28278596c2a2	6994	{
wolfSSL	2:28278596c2a2	6995	idx++;
wolfSSL	2:28278596c2a2	6996	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	6997	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	6998	idx += length;
wolfSSL	2:28278596c2a2	6999	}
wolfSSL	2:28278596c2a2	7000
wolfSSL	2:28278596c2a2	7001	*ioIndex = idx;
wolfSSL	2:28278596c2a2	7002
wolfSSL	2:28278596c2a2	7003	return 0;
wolfSSL	2:28278596c2a2	7004	}
wolfSSL	2:28278596c2a2	7005
wolfSSL	2:28278596c2a2	7006	static int DecodeOcspRespExtensions(byte* source,
wolfSSL	2:28278596c2a2	7007	word32* ioIndex, OcspResponse* resp, word32 sz)
wolfSSL	2:28278596c2a2	7008	{
wolfSSL	2:28278596c2a2	7009	word32 idx = *ioIndex;
wolfSSL	2:28278596c2a2	7010	int length;
wolfSSL	2:28278596c2a2	7011	int ext_bound; /* boundary index for the sequence of extensions */
wolfSSL	2:28278596c2a2	7012	word32 oid;
wolfSSL	2:28278596c2a2	7013
wolfSSL	2:28278596c2a2	7014	WOLFSSL_ENTER("DecodeOcspRespExtensions");
wolfSSL	2:28278596c2a2	7015
wolfSSL	2:28278596c2a2	7016	if (source[idx++] != (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 1))
wolfSSL	2:28278596c2a2	7017	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7018
wolfSSL	2:28278596c2a2	7019	if (GetLength(source, &idx, &length, sz) < 0) return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7020
wolfSSL	2:28278596c2a2	7021	if (GetSequence(source, &idx, &length, sz) < 0) return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7022
wolfSSL	2:28278596c2a2	7023	ext_bound = idx + length;
wolfSSL	2:28278596c2a2	7024
wolfSSL	2:28278596c2a2	7025	while (idx < (word32)ext_bound) {
wolfSSL	2:28278596c2a2	7026	if (GetSequence(source, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	7027	WOLFSSL_MSG("\tfail: should be a SEQUENCE");
wolfSSL	2:28278596c2a2	7028	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7029	}
wolfSSL	2:28278596c2a2	7030
wolfSSL	2:28278596c2a2	7031	oid = 0;
wolfSSL	2:28278596c2a2	7032	if (GetObjectId(source, &idx, &oid, sz) < 0) {
wolfSSL	2:28278596c2a2	7033	WOLFSSL_MSG("\tfail: OBJECT ID");
wolfSSL	2:28278596c2a2	7034	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7035	}
wolfSSL	2:28278596c2a2	7036
wolfSSL	2:28278596c2a2	7037	/* check for critical flag */
wolfSSL	2:28278596c2a2	7038	if (source[idx] == ASN_BOOLEAN) {
wolfSSL	2:28278596c2a2	7039	WOLFSSL_MSG("\tfound optional critical flag, moving past");
wolfSSL	2:28278596c2a2	7040	idx += (ASN_BOOL_SIZE + 1);
wolfSSL	2:28278596c2a2	7041	}
wolfSSL	2:28278596c2a2	7042
wolfSSL	2:28278596c2a2	7043	/* process the extension based on the OID */
wolfSSL	2:28278596c2a2	7044	if (source[idx++] != ASN_OCTET_STRING) {
wolfSSL	2:28278596c2a2	7045	WOLFSSL_MSG("\tfail: should be an OCTET STRING");
wolfSSL	2:28278596c2a2	7046	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7047	}
wolfSSL	2:28278596c2a2	7048
wolfSSL	2:28278596c2a2	7049	if (GetLength(source, &idx, &length, sz) < 0) {
wolfSSL	2:28278596c2a2	7050	WOLFSSL_MSG("\tfail: extension data length");
wolfSSL	2:28278596c2a2	7051	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7052	}
wolfSSL	2:28278596c2a2	7053
wolfSSL	2:28278596c2a2	7054	if (oid == OCSP_NONCE_OID) {
wolfSSL	2:28278596c2a2	7055	resp->nonce = source + idx;
wolfSSL	2:28278596c2a2	7056	resp->nonceSz = length;
wolfSSL	2:28278596c2a2	7057	}
wolfSSL	2:28278596c2a2	7058
wolfSSL	2:28278596c2a2	7059	idx += length;
wolfSSL	2:28278596c2a2	7060	}
wolfSSL	2:28278596c2a2	7061
wolfSSL	2:28278596c2a2	7062	*ioIndex = idx;
wolfSSL	2:28278596c2a2	7063	return 0;
wolfSSL	2:28278596c2a2	7064	}
wolfSSL	2:28278596c2a2	7065
wolfSSL	2:28278596c2a2	7066
wolfSSL	2:28278596c2a2	7067	static int DecodeResponseData(byte* source,
wolfSSL	2:28278596c2a2	7068	word32* ioIndex, OcspResponse* resp, word32 size)
wolfSSL	2:28278596c2a2	7069	{
wolfSSL	2:28278596c2a2	7070	word32 idx = *ioIndex, prev_idx;
wolfSSL	2:28278596c2a2	7071	int length;
wolfSSL	2:28278596c2a2	7072	int version;
wolfSSL	2:28278596c2a2	7073	word32 responderId = 0;
wolfSSL	2:28278596c2a2	7074
wolfSSL	2:28278596c2a2	7075	WOLFSSL_ENTER("DecodeResponseData");
wolfSSL	2:28278596c2a2	7076
wolfSSL	2:28278596c2a2	7077	resp->response = source + idx;
wolfSSL	2:28278596c2a2	7078	prev_idx = idx;
wolfSSL	2:28278596c2a2	7079	if (GetSequence(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7080	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7081	resp->responseSz = length + idx - prev_idx;
wolfSSL	2:28278596c2a2	7082
wolfSSL	2:28278596c2a2	7083	/* Get version. It is an EXPLICIT[0] DEFAULT(0) value. If this
wolfSSL	2:28278596c2a2	7084	* item isn't an EXPLICIT[0], then set version to zero and move
wolfSSL	2:28278596c2a2	7085	* onto the next item.
wolfSSL	2:28278596c2a2	7086	*/
wolfSSL	2:28278596c2a2	7087	if (source[idx] == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED))
wolfSSL	2:28278596c2a2	7088	{
wolfSSL	2:28278596c2a2	7089	idx += 2; /* Eat the value and length */
wolfSSL	2:28278596c2a2	7090	if (GetMyVersion(source, &idx, &version) < 0)
wolfSSL	2:28278596c2a2	7091	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7092	} else
wolfSSL	2:28278596c2a2	7093	version = 0;
wolfSSL	2:28278596c2a2	7094
wolfSSL	2:28278596c2a2	7095	responderId = source[idx++];
wolfSSL	2:28278596c2a2	7096	if ((responderId == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| 1)) \|\|
wolfSSL	2:28278596c2a2	7097	(responderId == (ASN_CONTEXT_SPECIFIC \| ASN_CONSTRUCTED \| 2)))
wolfSSL	2:28278596c2a2	7098	{
wolfSSL	2:28278596c2a2	7099	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7100	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7101	idx += length;
wolfSSL	2:28278596c2a2	7102	}
wolfSSL	2:28278596c2a2	7103	else
wolfSSL	2:28278596c2a2	7104	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7105
wolfSSL	2:28278596c2a2	7106	/* save pointer to the producedAt time */
wolfSSL	2:28278596c2a2	7107	if (GetBasicDate(source, &idx, resp->producedDate,
wolfSSL	2:28278596c2a2	7108	&resp->producedDateFormat, size) < 0)
wolfSSL	2:28278596c2a2	7109	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7110
wolfSSL	2:28278596c2a2	7111	if (DecodeSingleResponse(source, &idx, resp, size) < 0)
wolfSSL	2:28278596c2a2	7112	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7113
wolfSSL	2:28278596c2a2	7114	if (DecodeOcspRespExtensions(source, &idx, resp, size) < 0)
wolfSSL	2:28278596c2a2	7115	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7116
wolfSSL	2:28278596c2a2	7117	*ioIndex = idx;
wolfSSL	2:28278596c2a2	7118	return 0;
wolfSSL	2:28278596c2a2	7119	}
wolfSSL	2:28278596c2a2	7120
wolfSSL	2:28278596c2a2	7121
wolfSSL	2:28278596c2a2	7122	static int DecodeCerts(byte* source,
wolfSSL	2:28278596c2a2	7123	word32* ioIndex, OcspResponse* resp, word32 size)
wolfSSL	2:28278596c2a2	7124	{
wolfSSL	2:28278596c2a2	7125	word32 idx = *ioIndex;
wolfSSL	2:28278596c2a2	7126
wolfSSL	2:28278596c2a2	7127	WOLFSSL_ENTER("DecodeCerts");
wolfSSL	2:28278596c2a2	7128
wolfSSL	2:28278596c2a2	7129	if (source[idx++] == (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC))
wolfSSL	2:28278596c2a2	7130	{
wolfSSL	2:28278596c2a2	7131	int length;
wolfSSL	2:28278596c2a2	7132
wolfSSL	2:28278596c2a2	7133	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7134	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7135
wolfSSL	2:28278596c2a2	7136	if (GetSequence(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7137	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7138
wolfSSL	2:28278596c2a2	7139	resp->cert = source + idx;
wolfSSL	2:28278596c2a2	7140	resp->certSz = length;
wolfSSL	2:28278596c2a2	7141
wolfSSL	2:28278596c2a2	7142	idx += length;
wolfSSL	2:28278596c2a2	7143	}
wolfSSL	2:28278596c2a2	7144	*ioIndex = idx;
wolfSSL	2:28278596c2a2	7145	return 0;
wolfSSL	2:28278596c2a2	7146	}
wolfSSL	2:28278596c2a2	7147
wolfSSL	2:28278596c2a2	7148	static int DecodeBasicOcspResponse(byte* source,
wolfSSL	2:28278596c2a2	7149	word32* ioIndex, OcspResponse* resp, word32 size)
wolfSSL	2:28278596c2a2	7150	{
wolfSSL	2:28278596c2a2	7151	int length;
wolfSSL	2:28278596c2a2	7152	word32 idx = *ioIndex;
wolfSSL	2:28278596c2a2	7153	word32 end_index;
wolfSSL	2:28278596c2a2	7154
wolfSSL	2:28278596c2a2	7155	WOLFSSL_ENTER("DecodeBasicOcspResponse");
wolfSSL	2:28278596c2a2	7156
wolfSSL	2:28278596c2a2	7157	if (GetSequence(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7158	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7159
wolfSSL	2:28278596c2a2	7160	if (idx + length > size)
wolfSSL	2:28278596c2a2	7161	return ASN_INPUT_E;
wolfSSL	2:28278596c2a2	7162	end_index = idx + length;
wolfSSL	2:28278596c2a2	7163
wolfSSL	2:28278596c2a2	7164	if (DecodeResponseData(source, &idx, resp, size) < 0)
wolfSSL	2:28278596c2a2	7165	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7166
wolfSSL	2:28278596c2a2	7167	/* Get the signature algorithm */
wolfSSL	2:28278596c2a2	7168	if (GetAlgoId(source, &idx, &resp->sigOID, size) < 0)
wolfSSL	2:28278596c2a2	7169	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7170
wolfSSL	2:28278596c2a2	7171	/* Obtain pointer to the start of the signature, and save the size */
wolfSSL	2:28278596c2a2	7172	if (source[idx++] == ASN_BIT_STRING)
wolfSSL	2:28278596c2a2	7173	{
wolfSSL	2:28278596c2a2	7174	int sigLength = 0;
wolfSSL	2:28278596c2a2	7175	if (GetLength(source, &idx, &sigLength, size) < 0)
wolfSSL	2:28278596c2a2	7176	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7177	resp->sigSz = sigLength;
wolfSSL	2:28278596c2a2	7178	resp->sig = source + idx;
wolfSSL	2:28278596c2a2	7179	idx += sigLength;
wolfSSL	2:28278596c2a2	7180	}
wolfSSL	2:28278596c2a2	7181
wolfSSL	2:28278596c2a2	7182	/*
wolfSSL	2:28278596c2a2	7183	* Check the length of the BasicOcspResponse against the current index to
wolfSSL	2:28278596c2a2	7184	* see if there are certificates, they are optional.
wolfSSL	2:28278596c2a2	7185	*/
wolfSSL	2:28278596c2a2	7186	if (idx < end_index)
wolfSSL	2:28278596c2a2	7187	{
wolfSSL	2:28278596c2a2	7188	DecodedCert cert;
wolfSSL	2:28278596c2a2	7189	int ret;
wolfSSL	2:28278596c2a2	7190
wolfSSL	2:28278596c2a2	7191	if (DecodeCerts(source, &idx, resp, size) < 0)
wolfSSL	2:28278596c2a2	7192	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7193
wolfSSL	2:28278596c2a2	7194	InitDecodedCert(&cert, resp->cert, resp->certSz, 0);
wolfSSL	2:28278596c2a2	7195	ret = ParseCertRelative(&cert, CA_TYPE, NO_VERIFY, 0);
wolfSSL	2:28278596c2a2	7196	if (ret < 0)
wolfSSL	2:28278596c2a2	7197	return ret;
wolfSSL	2:28278596c2a2	7198
wolfSSL	2:28278596c2a2	7199	ret = ConfirmSignature(resp->response, resp->responseSz,
wolfSSL	2:28278596c2a2	7200	cert.publicKey, cert.pubKeySize, cert.keyOID,
wolfSSL	2:28278596c2a2	7201	resp->sig, resp->sigSz, resp->sigOID, NULL);
wolfSSL	2:28278596c2a2	7202	FreeDecodedCert(&cert);
wolfSSL	2:28278596c2a2	7203
wolfSSL	2:28278596c2a2	7204	if (ret == 0)
wolfSSL	2:28278596c2a2	7205	{
wolfSSL	2:28278596c2a2	7206	WOLFSSL_MSG("\tOCSP Confirm signature failed");
wolfSSL	2:28278596c2a2	7207	return ASN_OCSP_CONFIRM_E;
wolfSSL	2:28278596c2a2	7208	}
wolfSSL	2:28278596c2a2	7209	}
wolfSSL	2:28278596c2a2	7210
wolfSSL	2:28278596c2a2	7211	*ioIndex = idx;
wolfSSL	2:28278596c2a2	7212	return 0;
wolfSSL	2:28278596c2a2	7213	}
wolfSSL	2:28278596c2a2	7214
wolfSSL	2:28278596c2a2	7215
wolfSSL	2:28278596c2a2	7216	void InitOcspResponse(OcspResponse* resp, CertStatus* status,
wolfSSL	2:28278596c2a2	7217	byte* source, word32 inSz)
wolfSSL	2:28278596c2a2	7218	{
wolfSSL	2:28278596c2a2	7219	WOLFSSL_ENTER("InitOcspResponse");
wolfSSL	2:28278596c2a2	7220
wolfSSL	2:28278596c2a2	7221	resp->responseStatus = -1;
wolfSSL	2:28278596c2a2	7222	resp->response = NULL;
wolfSSL	2:28278596c2a2	7223	resp->responseSz = 0;
wolfSSL	2:28278596c2a2	7224	resp->producedDateFormat = 0;
wolfSSL	2:28278596c2a2	7225	resp->issuerHash = NULL;
wolfSSL	2:28278596c2a2	7226	resp->issuerKeyHash = NULL;
wolfSSL	2:28278596c2a2	7227	resp->sig = NULL;
wolfSSL	2:28278596c2a2	7228	resp->sigSz = 0;
wolfSSL	2:28278596c2a2	7229	resp->sigOID = 0;
wolfSSL	2:28278596c2a2	7230	resp->status = status;
wolfSSL	2:28278596c2a2	7231	resp->nonce = NULL;
wolfSSL	2:28278596c2a2	7232	resp->nonceSz = 0;
wolfSSL	2:28278596c2a2	7233	resp->source = source;
wolfSSL	2:28278596c2a2	7234	resp->maxIdx = inSz;
wolfSSL	2:28278596c2a2	7235	}
wolfSSL	2:28278596c2a2	7236
wolfSSL	2:28278596c2a2	7237
wolfSSL	2:28278596c2a2	7238	int OcspResponseDecode(OcspResponse* resp)
wolfSSL	2:28278596c2a2	7239	{
wolfSSL	2:28278596c2a2	7240	int length = 0;
wolfSSL	2:28278596c2a2	7241	word32 idx = 0;
wolfSSL	2:28278596c2a2	7242	byte* source = resp->source;
wolfSSL	2:28278596c2a2	7243	word32 size = resp->maxIdx;
wolfSSL	2:28278596c2a2	7244	word32 oid;
wolfSSL	2:28278596c2a2	7245
wolfSSL	2:28278596c2a2	7246	WOLFSSL_ENTER("OcspResponseDecode");
wolfSSL	2:28278596c2a2	7247
wolfSSL	2:28278596c2a2	7248	/* peel the outer SEQUENCE wrapper */
wolfSSL	2:28278596c2a2	7249	if (GetSequence(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7250	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7251
wolfSSL	2:28278596c2a2	7252	/* First get the responseStatus, an ENUMERATED */
wolfSSL	2:28278596c2a2	7253	if (GetEnumerated(source, &idx, &resp->responseStatus) < 0)
wolfSSL	2:28278596c2a2	7254	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7255
wolfSSL	2:28278596c2a2	7256	if (resp->responseStatus != OCSP_SUCCESSFUL)
wolfSSL	2:28278596c2a2	7257	return 0;
wolfSSL	2:28278596c2a2	7258
wolfSSL	2:28278596c2a2	7259	/* Next is an EXPLICIT record called ResponseBytes, OPTIONAL */
wolfSSL	2:28278596c2a2	7260	if (idx >= size)
wolfSSL	2:28278596c2a2	7261	return ASN_INPUT_E;
wolfSSL	2:28278596c2a2	7262	if (source[idx++] != (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC))
wolfSSL	2:28278596c2a2	7263	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7264	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7265	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7266
wolfSSL	2:28278596c2a2	7267	/* Get the responseBytes SEQUENCE */
wolfSSL	2:28278596c2a2	7268	if (GetSequence(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7269	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7270
wolfSSL	2:28278596c2a2	7271	/* Check ObjectID for the resposeBytes */
wolfSSL	2:28278596c2a2	7272	if (GetObjectId(source, &idx, &oid, size) < 0)
wolfSSL	2:28278596c2a2	7273	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7274	if (oid != OCSP_BASIC_OID)
wolfSSL	2:28278596c2a2	7275	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7276	if (source[idx++] != ASN_OCTET_STRING)
wolfSSL	2:28278596c2a2	7277	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7278
wolfSSL	2:28278596c2a2	7279	if (GetLength(source, &idx, &length, size) < 0)
wolfSSL	2:28278596c2a2	7280	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7281
wolfSSL	2:28278596c2a2	7282	if (DecodeBasicOcspResponse(source, &idx, resp, size) < 0)
wolfSSL	2:28278596c2a2	7283	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7284
wolfSSL	2:28278596c2a2	7285	return 0;
wolfSSL	2:28278596c2a2	7286	}
wolfSSL	2:28278596c2a2	7287
wolfSSL	2:28278596c2a2	7288
wolfSSL	2:28278596c2a2	7289	static word32 SetOcspReqExtensions(word32 extSz, byte* output,
wolfSSL	2:28278596c2a2	7290	const byte* nonce, word32 nonceSz)
wolfSSL	2:28278596c2a2	7291	{
wolfSSL	2:28278596c2a2	7292	static const byte NonceObjId[] = { 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
wolfSSL	2:28278596c2a2	7293	0x30, 0x01, 0x02 };
wolfSSL	2:28278596c2a2	7294	byte seqArray[5][MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	7295	word32 seqSz[5], totalSz;
wolfSSL	2:28278596c2a2	7296
wolfSSL	2:28278596c2a2	7297	WOLFSSL_ENTER("SetOcspReqExtensions");
wolfSSL	2:28278596c2a2	7298
wolfSSL	2:28278596c2a2	7299	if (nonce == NULL \|\| nonceSz == 0) return 0;
wolfSSL	2:28278596c2a2	7300
wolfSSL	2:28278596c2a2	7301	seqArray[0][0] = ASN_OCTET_STRING;
wolfSSL	2:28278596c2a2	7302	seqSz[0] = 1 + SetLength(nonceSz, &seqArray[0][1]);
wolfSSL	2:28278596c2a2	7303
wolfSSL	2:28278596c2a2	7304	seqArray[1][0] = ASN_OBJECT_ID;
wolfSSL	2:28278596c2a2	7305	seqSz[1] = 1 + SetLength(sizeof(NonceObjId), &seqArray[1][1]);
wolfSSL	2:28278596c2a2	7306
wolfSSL	2:28278596c2a2	7307	totalSz = seqSz[0] + seqSz[1] + nonceSz + (word32)sizeof(NonceObjId);
wolfSSL	2:28278596c2a2	7308
wolfSSL	2:28278596c2a2	7309	seqSz[2] = SetSequence(totalSz, seqArray[2]);
wolfSSL	2:28278596c2a2	7310	totalSz += seqSz[2];
wolfSSL	2:28278596c2a2	7311
wolfSSL	2:28278596c2a2	7312	seqSz[3] = SetSequence(totalSz, seqArray[3]);
wolfSSL	2:28278596c2a2	7313	totalSz += seqSz[3];
wolfSSL	2:28278596c2a2	7314
wolfSSL	2:28278596c2a2	7315	seqArray[4][0] = (ASN_CONSTRUCTED \| ASN_CONTEXT_SPECIFIC \| 2);
wolfSSL	2:28278596c2a2	7316	seqSz[4] = 1 + SetLength(totalSz, &seqArray[4][1]);
wolfSSL	2:28278596c2a2	7317	totalSz += seqSz[4];
wolfSSL	2:28278596c2a2	7318
wolfSSL	2:28278596c2a2	7319	if (totalSz < extSz)
wolfSSL	2:28278596c2a2	7320	{
wolfSSL	2:28278596c2a2	7321	totalSz = 0;
wolfSSL	2:28278596c2a2	7322	XMEMCPY(output + totalSz, seqArray[4], seqSz[4]);
wolfSSL	2:28278596c2a2	7323	totalSz += seqSz[4];
wolfSSL	2:28278596c2a2	7324	XMEMCPY(output + totalSz, seqArray[3], seqSz[3]);
wolfSSL	2:28278596c2a2	7325	totalSz += seqSz[3];
wolfSSL	2:28278596c2a2	7326	XMEMCPY(output + totalSz, seqArray[2], seqSz[2]);
wolfSSL	2:28278596c2a2	7327	totalSz += seqSz[2];
wolfSSL	2:28278596c2a2	7328	XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
wolfSSL	2:28278596c2a2	7329	totalSz += seqSz[1];
wolfSSL	2:28278596c2a2	7330	XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
wolfSSL	2:28278596c2a2	7331	totalSz += (word32)sizeof(NonceObjId);
wolfSSL	2:28278596c2a2	7332	XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
wolfSSL	2:28278596c2a2	7333	totalSz += seqSz[0];
wolfSSL	2:28278596c2a2	7334	XMEMCPY(output + totalSz, nonce, nonceSz);
wolfSSL	2:28278596c2a2	7335	totalSz += nonceSz;
wolfSSL	2:28278596c2a2	7336	}
wolfSSL	2:28278596c2a2	7337
wolfSSL	2:28278596c2a2	7338	return totalSz;
wolfSSL	2:28278596c2a2	7339	}
wolfSSL	2:28278596c2a2	7340
wolfSSL	2:28278596c2a2	7341
wolfSSL	2:28278596c2a2	7342	int EncodeOcspRequest(OcspRequest* req)
wolfSSL	2:28278596c2a2	7343	{
wolfSSL	2:28278596c2a2	7344	byte seqArray[5][MAX_SEQ_SZ];
wolfSSL	2:28278596c2a2	7345	/* The ASN.1 of the OCSP Request is an onion of sequences */
wolfSSL	2:28278596c2a2	7346	byte algoArray[MAX_ALGO_SZ];
wolfSSL	2:28278596c2a2	7347	byte issuerArray[MAX_ENCODED_DIG_SZ];
wolfSSL	2:28278596c2a2	7348	byte issuerKeyArray[MAX_ENCODED_DIG_SZ];
wolfSSL	2:28278596c2a2	7349	byte snArray[MAX_SN_SZ];
wolfSSL	2:28278596c2a2	7350	byte extArray[MAX_OCSP_EXT_SZ];
wolfSSL	2:28278596c2a2	7351	byte* output = req->dest;
wolfSSL	2:28278596c2a2	7352	word32 seqSz[5], algoSz, issuerSz, issuerKeySz, snSz, extSz, totalSz;
wolfSSL	2:28278596c2a2	7353	int i;
wolfSSL	2:28278596c2a2	7354
wolfSSL	2:28278596c2a2	7355	WOLFSSL_ENTER("EncodeOcspRequest");
wolfSSL	2:28278596c2a2	7356
wolfSSL	2:28278596c2a2	7357	#ifdef NO_SHA
wolfSSL	2:28278596c2a2	7358	algoSz = SetAlgoID(SHA256h, algoArray, hashType, 0);
wolfSSL	2:28278596c2a2	7359	#else
wolfSSL	2:28278596c2a2	7360	algoSz = SetAlgoID(SHAh, algoArray, hashType, 0);
wolfSSL	2:28278596c2a2	7361	#endif
wolfSSL	2:28278596c2a2	7362
wolfSSL	2:28278596c2a2	7363	req->issuerHash = req->cert->issuerHash;
wolfSSL	2:28278596c2a2	7364	issuerSz = SetDigest(req->cert->issuerHash, KEYID_SIZE, issuerArray);
wolfSSL	2:28278596c2a2	7365
wolfSSL	2:28278596c2a2	7366	req->issuerKeyHash = req->cert->issuerKeyHash;
wolfSSL	2:28278596c2a2	7367	issuerKeySz = SetDigest(req->cert->issuerKeyHash,
wolfSSL	2:28278596c2a2	7368	KEYID_SIZE, issuerKeyArray);
wolfSSL	2:28278596c2a2	7369
wolfSSL	2:28278596c2a2	7370	req->serial = req->cert->serial;
wolfSSL	2:28278596c2a2	7371	req->serialSz = req->cert->serialSz;
wolfSSL	2:28278596c2a2	7372	snSz = SetSerialNumber(req->cert->serial, req->cert->serialSz, snArray);
wolfSSL	2:28278596c2a2	7373
wolfSSL	2:28278596c2a2	7374	extSz = 0;
wolfSSL	2:28278596c2a2	7375	if (req->useNonce) {
wolfSSL	2:28278596c2a2	7376	RNG rng;
wolfSSL	2:28278596c2a2	7377	if (wc_InitRng(&rng) != 0) {
wolfSSL	2:28278596c2a2	7378	WOLFSSL_MSG("\tCannot initialize RNG. Skipping the OSCP Nonce.");
wolfSSL	2:28278596c2a2	7379	} else {
wolfSSL	2:28278596c2a2	7380	if (wc_RNG_GenerateBlock(&rng, req->nonce, MAX_OCSP_NONCE_SZ) != 0)
wolfSSL	2:28278596c2a2	7381	WOLFSSL_MSG("\tCannot run RNG. Skipping the OSCP Nonce.");
wolfSSL	2:28278596c2a2	7382	else {
wolfSSL	2:28278596c2a2	7383	req->nonceSz = MAX_OCSP_NONCE_SZ;
wolfSSL	2:28278596c2a2	7384	extSz = SetOcspReqExtensions(MAX_OCSP_EXT_SZ, extArray,
wolfSSL	2:28278596c2a2	7385	req->nonce, req->nonceSz);
wolfSSL	2:28278596c2a2	7386	}
wolfSSL	2:28278596c2a2	7387	wc_FreeRng(&rng);
wolfSSL	2:28278596c2a2	7388	}
wolfSSL	2:28278596c2a2	7389	}
wolfSSL	2:28278596c2a2	7390
wolfSSL	2:28278596c2a2	7391	totalSz = algoSz + issuerSz + issuerKeySz + snSz;
wolfSSL	2:28278596c2a2	7392
wolfSSL	2:28278596c2a2	7393	for (i = 4; i >= 0; i--) {
wolfSSL	2:28278596c2a2	7394	seqSz[i] = SetSequence(totalSz, seqArray[i]);
wolfSSL	2:28278596c2a2	7395	totalSz += seqSz[i];
wolfSSL	2:28278596c2a2	7396	if (i == 2) totalSz += extSz;
wolfSSL	2:28278596c2a2	7397	}
wolfSSL	2:28278596c2a2	7398	totalSz = 0;
wolfSSL	2:28278596c2a2	7399	for (i = 0; i < 5; i++) {
wolfSSL	2:28278596c2a2	7400	XMEMCPY(output + totalSz, seqArray[i], seqSz[i]);
wolfSSL	2:28278596c2a2	7401	totalSz += seqSz[i];
wolfSSL	2:28278596c2a2	7402	}
wolfSSL	2:28278596c2a2	7403	XMEMCPY(output + totalSz, algoArray, algoSz);
wolfSSL	2:28278596c2a2	7404	totalSz += algoSz;
wolfSSL	2:28278596c2a2	7405	XMEMCPY(output + totalSz, issuerArray, issuerSz);
wolfSSL	2:28278596c2a2	7406	totalSz += issuerSz;
wolfSSL	2:28278596c2a2	7407	XMEMCPY(output + totalSz, issuerKeyArray, issuerKeySz);
wolfSSL	2:28278596c2a2	7408	totalSz += issuerKeySz;
wolfSSL	2:28278596c2a2	7409	XMEMCPY(output + totalSz, snArray, snSz);
wolfSSL	2:28278596c2a2	7410	totalSz += snSz;
wolfSSL	2:28278596c2a2	7411	if (extSz != 0) {
wolfSSL	2:28278596c2a2	7412	XMEMCPY(output + totalSz, extArray, extSz);
wolfSSL	2:28278596c2a2	7413	totalSz += extSz;
wolfSSL	2:28278596c2a2	7414	}
wolfSSL	2:28278596c2a2	7415
wolfSSL	2:28278596c2a2	7416	return totalSz;
wolfSSL	2:28278596c2a2	7417	}
wolfSSL	2:28278596c2a2	7418
wolfSSL	2:28278596c2a2	7419
wolfSSL	2:28278596c2a2	7420	void InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce,
wolfSSL	2:28278596c2a2	7421	byte* dest, word32 destSz)
wolfSSL	2:28278596c2a2	7422	{
wolfSSL	2:28278596c2a2	7423	WOLFSSL_ENTER("InitOcspRequest");
wolfSSL	2:28278596c2a2	7424
wolfSSL	2:28278596c2a2	7425	req->cert = cert;
wolfSSL	2:28278596c2a2	7426	req->useNonce = useNonce;
wolfSSL	2:28278596c2a2	7427	req->nonceSz = 0;
wolfSSL	2:28278596c2a2	7428	req->issuerHash = NULL;
wolfSSL	2:28278596c2a2	7429	req->issuerKeyHash = NULL;
wolfSSL	2:28278596c2a2	7430	req->serial = NULL;
wolfSSL	2:28278596c2a2	7431	req->dest = dest;
wolfSSL	2:28278596c2a2	7432	req->destSz = destSz;
wolfSSL	2:28278596c2a2	7433	}
wolfSSL	2:28278596c2a2	7434
wolfSSL	2:28278596c2a2	7435
wolfSSL	2:28278596c2a2	7436	int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
wolfSSL	2:28278596c2a2	7437	{
wolfSSL	2:28278596c2a2	7438	int cmp;
wolfSSL	2:28278596c2a2	7439
wolfSSL	2:28278596c2a2	7440	WOLFSSL_ENTER("CompareOcspReqResp");
wolfSSL	2:28278596c2a2	7441
wolfSSL	2:28278596c2a2	7442	if (req == NULL)
wolfSSL	2:28278596c2a2	7443	{
wolfSSL	2:28278596c2a2	7444	WOLFSSL_MSG("\tReq missing");
wolfSSL	2:28278596c2a2	7445	return -1;
wolfSSL	2:28278596c2a2	7446	}
wolfSSL	2:28278596c2a2	7447
wolfSSL	2:28278596c2a2	7448	if (resp == NULL)
wolfSSL	2:28278596c2a2	7449	{
wolfSSL	2:28278596c2a2	7450	WOLFSSL_MSG("\tResp missing");
wolfSSL	2:28278596c2a2	7451	return 1;
wolfSSL	2:28278596c2a2	7452	}
wolfSSL	2:28278596c2a2	7453
wolfSSL	2:28278596c2a2	7454	/* Nonces are not critical. The responder may not necessarily add
wolfSSL	2:28278596c2a2	7455	* the nonce to the response. */
wolfSSL	2:28278596c2a2	7456	if (req->useNonce && resp->nonceSz != 0) {
wolfSSL	2:28278596c2a2	7457	cmp = req->nonceSz - resp->nonceSz;
wolfSSL	2:28278596c2a2	7458	if (cmp != 0)
wolfSSL	2:28278596c2a2	7459	{
wolfSSL	2:28278596c2a2	7460	WOLFSSL_MSG("\tnonceSz mismatch");
wolfSSL	2:28278596c2a2	7461	return cmp;
wolfSSL	2:28278596c2a2	7462	}
wolfSSL	2:28278596c2a2	7463
wolfSSL	2:28278596c2a2	7464	cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz);
wolfSSL	2:28278596c2a2	7465	if (cmp != 0)
wolfSSL	2:28278596c2a2	7466	{
wolfSSL	2:28278596c2a2	7467	WOLFSSL_MSG("\tnonce mismatch");
wolfSSL	2:28278596c2a2	7468	return cmp;
wolfSSL	2:28278596c2a2	7469	}
wolfSSL	2:28278596c2a2	7470	}
wolfSSL	2:28278596c2a2	7471
wolfSSL	2:28278596c2a2	7472	cmp = XMEMCMP(req->issuerHash, resp->issuerHash, KEYID_SIZE);
wolfSSL	2:28278596c2a2	7473	if (cmp != 0)
wolfSSL	2:28278596c2a2	7474	{
wolfSSL	2:28278596c2a2	7475	WOLFSSL_MSG("\tissuerHash mismatch");
wolfSSL	2:28278596c2a2	7476	return cmp;
wolfSSL	2:28278596c2a2	7477	}
wolfSSL	2:28278596c2a2	7478
wolfSSL	2:28278596c2a2	7479	cmp = XMEMCMP(req->issuerKeyHash, resp->issuerKeyHash, KEYID_SIZE);
wolfSSL	2:28278596c2a2	7480	if (cmp != 0)
wolfSSL	2:28278596c2a2	7481	{
wolfSSL	2:28278596c2a2	7482	WOLFSSL_MSG("\tissuerKeyHash mismatch");
wolfSSL	2:28278596c2a2	7483	return cmp;
wolfSSL	2:28278596c2a2	7484	}
wolfSSL	2:28278596c2a2	7485
wolfSSL	2:28278596c2a2	7486	cmp = req->serialSz - resp->status->serialSz;
wolfSSL	2:28278596c2a2	7487	if (cmp != 0)
wolfSSL	2:28278596c2a2	7488	{
wolfSSL	2:28278596c2a2	7489	WOLFSSL_MSG("\tserialSz mismatch");
wolfSSL	2:28278596c2a2	7490	return cmp;
wolfSSL	2:28278596c2a2	7491	}
wolfSSL	2:28278596c2a2	7492
wolfSSL	2:28278596c2a2	7493	cmp = XMEMCMP(req->serial, resp->status->serial, req->serialSz);
wolfSSL	2:28278596c2a2	7494	if (cmp != 0)
wolfSSL	2:28278596c2a2	7495	{
wolfSSL	2:28278596c2a2	7496	WOLFSSL_MSG("\tserial mismatch");
wolfSSL	2:28278596c2a2	7497	return cmp;
wolfSSL	2:28278596c2a2	7498	}
wolfSSL	2:28278596c2a2	7499
wolfSSL	2:28278596c2a2	7500	return 0;
wolfSSL	2:28278596c2a2	7501	}
wolfSSL	2:28278596c2a2	7502
wolfSSL	2:28278596c2a2	7503	#endif
wolfSSL	2:28278596c2a2	7504
wolfSSL	2:28278596c2a2	7505
wolfSSL	2:28278596c2a2	7506	/* store SHA hash of NAME */
wolfSSL	2:28278596c2a2	7507	WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
wolfSSL	2:28278596c2a2	7508	int maxIdx)
wolfSSL	2:28278596c2a2	7509	{
wolfSSL	2:28278596c2a2	7510	int length; /* length of all distinguished names */
wolfSSL	2:28278596c2a2	7511	int ret;
wolfSSL	2:28278596c2a2	7512	word32 dummy;
wolfSSL	2:28278596c2a2	7513
wolfSSL	2:28278596c2a2	7514	WOLFSSL_ENTER("GetNameHash");
wolfSSL	2:28278596c2a2	7515
wolfSSL	2:28278596c2a2	7516	if (source[*idx] == ASN_OBJECT_ID) {
wolfSSL	2:28278596c2a2	7517	WOLFSSL_MSG("Trying optional prefix...");
wolfSSL	2:28278596c2a2	7518
wolfSSL	2:28278596c2a2	7519	if (GetLength(source, idx, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	7520	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7521
wolfSSL	2:28278596c2a2	7522	*idx += length;
wolfSSL	2:28278596c2a2	7523	WOLFSSL_MSG("Got optional prefix");
wolfSSL	2:28278596c2a2	7524	}
wolfSSL	2:28278596c2a2	7525
wolfSSL	2:28278596c2a2	7526	/* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
wolfSSL	2:28278596c2a2	7527	* calculated over the entire DER encoding of the Name field, including
wolfSSL	2:28278596c2a2	7528	* the tag and length. */
wolfSSL	2:28278596c2a2	7529	dummy = *idx;
wolfSSL	2:28278596c2a2	7530	if (GetSequence(source, idx, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	7531	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7532
wolfSSL	2:28278596c2a2	7533	#ifdef NO_SHA
wolfSSL	2:28278596c2a2	7534	ret = wc_Sha256Hash(source + dummy, length + *idx - dummy, hash);
wolfSSL	2:28278596c2a2	7535	#else
wolfSSL	2:28278596c2a2	7536	ret = wc_ShaHash(source + dummy, length + *idx - dummy, hash);
wolfSSL	2:28278596c2a2	7537	#endif
wolfSSL	2:28278596c2a2	7538
wolfSSL	2:28278596c2a2	7539	*idx += length;
wolfSSL	2:28278596c2a2	7540
wolfSSL	2:28278596c2a2	7541	return ret;
wolfSSL	2:28278596c2a2	7542	}
wolfSSL	2:28278596c2a2	7543
wolfSSL	2:28278596c2a2	7544
wolfSSL	2:28278596c2a2	7545	#ifdef HAVE_CRL
wolfSSL	2:28278596c2a2	7546
wolfSSL	2:28278596c2a2	7547	/* initialize decoded CRL */
wolfSSL	2:28278596c2a2	7548	void InitDecodedCRL(DecodedCRL* dcrl)
wolfSSL	2:28278596c2a2	7549	{
wolfSSL	2:28278596c2a2	7550	WOLFSSL_MSG("InitDecodedCRL");
wolfSSL	2:28278596c2a2	7551
wolfSSL	2:28278596c2a2	7552	dcrl->certBegin = 0;
wolfSSL	2:28278596c2a2	7553	dcrl->sigIndex = 0;
wolfSSL	2:28278596c2a2	7554	dcrl->sigLength = 0;
wolfSSL	2:28278596c2a2	7555	dcrl->signatureOID = 0;
wolfSSL	2:28278596c2a2	7556	dcrl->certs = NULL;
wolfSSL	2:28278596c2a2	7557	dcrl->totalCerts = 0;
wolfSSL	2:28278596c2a2	7558	}
wolfSSL	2:28278596c2a2	7559
wolfSSL	2:28278596c2a2	7560
wolfSSL	2:28278596c2a2	7561	/* free decoded CRL resources */
wolfSSL	2:28278596c2a2	7562	void FreeDecodedCRL(DecodedCRL* dcrl)
wolfSSL	2:28278596c2a2	7563	{
wolfSSL	2:28278596c2a2	7564	RevokedCert* tmp = dcrl->certs;
wolfSSL	2:28278596c2a2	7565
wolfSSL	2:28278596c2a2	7566	WOLFSSL_MSG("FreeDecodedCRL");
wolfSSL	2:28278596c2a2	7567
wolfSSL	2:28278596c2a2	7568	while(tmp) {
wolfSSL	2:28278596c2a2	7569	RevokedCert* next = tmp->next;
wolfSSL	2:28278596c2a2	7570	XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED);
wolfSSL	2:28278596c2a2	7571	tmp = next;
wolfSSL	2:28278596c2a2	7572	}
wolfSSL	2:28278596c2a2	7573	}
wolfSSL	2:28278596c2a2	7574
wolfSSL	2:28278596c2a2	7575
wolfSSL	2:28278596c2a2	7576	/* Get Revoked Cert list, 0 on success */
wolfSSL	2:28278596c2a2	7577	static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl,
wolfSSL	2:28278596c2a2	7578	int maxIdx)
wolfSSL	2:28278596c2a2	7579	{
wolfSSL	2:28278596c2a2	7580	int len;
wolfSSL	2:28278596c2a2	7581	word32 end;
wolfSSL	2:28278596c2a2	7582	byte b;
wolfSSL	2:28278596c2a2	7583	RevokedCert* rc;
wolfSSL	2:28278596c2a2	7584
wolfSSL	2:28278596c2a2	7585	WOLFSSL_ENTER("GetRevoked");
wolfSSL	2:28278596c2a2	7586
wolfSSL	2:28278596c2a2	7587	if (GetSequence(buff, idx, &len, maxIdx) < 0)
wolfSSL	2:28278596c2a2	7588	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7589
wolfSSL	2:28278596c2a2	7590	end = *idx + len;
wolfSSL	2:28278596c2a2	7591
wolfSSL	2:28278596c2a2	7592	/* get serial number */
wolfSSL	2:28278596c2a2	7593	b = buff[*idx];
wolfSSL	2:28278596c2a2	7594	*idx += 1;
wolfSSL	2:28278596c2a2	7595
wolfSSL	2:28278596c2a2	7596	if (b != ASN_INTEGER) {
wolfSSL	2:28278596c2a2	7597	WOLFSSL_MSG("Expecting Integer");
wolfSSL	2:28278596c2a2	7598	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7599	}
wolfSSL	2:28278596c2a2	7600
wolfSSL	2:28278596c2a2	7601	if (GetLength(buff, idx, &len, maxIdx) < 0)
wolfSSL	2:28278596c2a2	7602	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7603
wolfSSL	2:28278596c2a2	7604	if (len > EXTERNAL_SERIAL_SIZE) {
wolfSSL	2:28278596c2a2	7605	WOLFSSL_MSG("Serial Size too big");
wolfSSL	2:28278596c2a2	7606	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7607	}
wolfSSL	2:28278596c2a2	7608
wolfSSL	2:28278596c2a2	7609	rc = (RevokedCert*)XMALLOC(sizeof(RevokedCert), NULL, DYNAMIC_TYPE_CRL);
wolfSSL	2:28278596c2a2	7610	if (rc == NULL) {
wolfSSL	2:28278596c2a2	7611	WOLFSSL_MSG("Alloc Revoked Cert failed");
wolfSSL	2:28278596c2a2	7612	return MEMORY_E;
wolfSSL	2:28278596c2a2	7613	}
wolfSSL	2:28278596c2a2	7614
wolfSSL	2:28278596c2a2	7615	XMEMCPY(rc->serialNumber, &buff[*idx], len);
wolfSSL	2:28278596c2a2	7616	rc->serialSz = len;
wolfSSL	2:28278596c2a2	7617
wolfSSL	2:28278596c2a2	7618	/* add to list */
wolfSSL	2:28278596c2a2	7619	rc->next = dcrl->certs;
wolfSSL	2:28278596c2a2	7620	dcrl->certs = rc;
wolfSSL	2:28278596c2a2	7621	dcrl->totalCerts++;
wolfSSL	2:28278596c2a2	7622
wolfSSL	2:28278596c2a2	7623	*idx += len;
wolfSSL	2:28278596c2a2	7624
wolfSSL	2:28278596c2a2	7625	/* get date */
wolfSSL	2:28278596c2a2	7626	b = buff[*idx];
wolfSSL	2:28278596c2a2	7627	*idx += 1;
wolfSSL	2:28278596c2a2	7628
wolfSSL	2:28278596c2a2	7629	if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME) {
wolfSSL	2:28278596c2a2	7630	WOLFSSL_MSG("Expecting Date");
wolfSSL	2:28278596c2a2	7631	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7632	}
wolfSSL	2:28278596c2a2	7633
wolfSSL	2:28278596c2a2	7634	if (GetLength(buff, idx, &len, maxIdx) < 0)
wolfSSL	2:28278596c2a2	7635	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7636
wolfSSL	2:28278596c2a2	7637	/* skip for now */
wolfSSL	2:28278596c2a2	7638	*idx += len;
wolfSSL	2:28278596c2a2	7639
wolfSSL	2:28278596c2a2	7640	if (idx != end) / skip extensions */
wolfSSL	2:28278596c2a2	7641	*idx = end;
wolfSSL	2:28278596c2a2	7642
wolfSSL	2:28278596c2a2	7643	return 0;
wolfSSL	2:28278596c2a2	7644	}
wolfSSL	2:28278596c2a2	7645
wolfSSL	2:28278596c2a2	7646
wolfSSL	2:28278596c2a2	7647	/* Get CRL Signature, 0 on success */
wolfSSL	2:28278596c2a2	7648	static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl,
wolfSSL	2:28278596c2a2	7649	int maxIdx)
wolfSSL	2:28278596c2a2	7650	{
wolfSSL	2:28278596c2a2	7651	int length;
wolfSSL	2:28278596c2a2	7652	byte b;
wolfSSL	2:28278596c2a2	7653
wolfSSL	2:28278596c2a2	7654	WOLFSSL_ENTER("GetCRL_Signature");
wolfSSL	2:28278596c2a2	7655
wolfSSL	2:28278596c2a2	7656	b = source[*idx];
wolfSSL	2:28278596c2a2	7657	*idx += 1;
wolfSSL	2:28278596c2a2	7658	if (b != ASN_BIT_STRING)
wolfSSL	2:28278596c2a2	7659	return ASN_BITSTR_E;
wolfSSL	2:28278596c2a2	7660
wolfSSL	2:28278596c2a2	7661	if (GetLength(source, idx, &length, maxIdx) < 0)
wolfSSL	2:28278596c2a2	7662	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7663
wolfSSL	2:28278596c2a2	7664	dcrl->sigLength = length;
wolfSSL	2:28278596c2a2	7665
wolfSSL	2:28278596c2a2	7666	b = source[*idx];
wolfSSL	2:28278596c2a2	7667	*idx += 1;
wolfSSL	2:28278596c2a2	7668	if (b != 0x00)
wolfSSL	2:28278596c2a2	7669	return ASN_EXPECT_0_E;
wolfSSL	2:28278596c2a2	7670
wolfSSL	2:28278596c2a2	7671	dcrl->sigLength--;
wolfSSL	2:28278596c2a2	7672	dcrl->signature = (byte)&source[idx];
wolfSSL	2:28278596c2a2	7673
wolfSSL	2:28278596c2a2	7674	*idx += dcrl->sigLength;
wolfSSL	2:28278596c2a2	7675
wolfSSL	2:28278596c2a2	7676	return 0;
wolfSSL	2:28278596c2a2	7677	}
wolfSSL	2:28278596c2a2	7678
wolfSSL	2:28278596c2a2	7679
wolfSSL	2:28278596c2a2	7680	/* prase crl buffer into decoded state, 0 on success */
wolfSSL	2:28278596c2a2	7681	int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
wolfSSL	2:28278596c2a2	7682	{
wolfSSL	2:28278596c2a2	7683	int version, len;
wolfSSL	2:28278596c2a2	7684	word32 oid, idx = 0;
wolfSSL	2:28278596c2a2	7685	Signer* ca = NULL;
wolfSSL	2:28278596c2a2	7686
wolfSSL	2:28278596c2a2	7687	WOLFSSL_MSG("ParseCRL");
wolfSSL	2:28278596c2a2	7688
wolfSSL	2:28278596c2a2	7689	/* raw crl hash */
wolfSSL	2:28278596c2a2	7690	/* hash here if needed for optimized comparisons
wolfSSL	2:28278596c2a2	7691	* Sha sha;
wolfSSL	2:28278596c2a2	7692	* wc_InitSha(&sha);
wolfSSL	2:28278596c2a2	7693	* wc_ShaUpdate(&sha, buff, sz);
wolfSSL	2:28278596c2a2	7694	* wc_ShaFinal(&sha, dcrl->crlHash); */
wolfSSL	2:28278596c2a2	7695
wolfSSL	2:28278596c2a2	7696	if (GetSequence(buff, &idx, &len, sz) < 0)
wolfSSL	2:28278596c2a2	7697	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7698
wolfSSL	2:28278596c2a2	7699	dcrl->certBegin = idx;
wolfSSL	2:28278596c2a2	7700
wolfSSL	2:28278596c2a2	7701	if (GetSequence(buff, &idx, &len, sz) < 0)
wolfSSL	2:28278596c2a2	7702	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7703	dcrl->sigIndex = len + idx;
wolfSSL	2:28278596c2a2	7704
wolfSSL	2:28278596c2a2	7705	/* may have version */
wolfSSL	2:28278596c2a2	7706	if (buff[idx] == ASN_INTEGER) {
wolfSSL	2:28278596c2a2	7707	if (GetMyVersion(buff, &idx, &version) < 0)
wolfSSL	2:28278596c2a2	7708	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7709	}
wolfSSL	2:28278596c2a2	7710
wolfSSL	2:28278596c2a2	7711	if (GetAlgoId(buff, &idx, &oid, sz) < 0)
wolfSSL	2:28278596c2a2	7712	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7713
wolfSSL	2:28278596c2a2	7714	if (GetNameHash(buff, &idx, dcrl->issuerHash, sz) < 0)
wolfSSL	2:28278596c2a2	7715	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7716
wolfSSL	2:28278596c2a2	7717	if (GetBasicDate(buff, &idx, dcrl->lastDate, &dcrl->lastDateFormat, sz) < 0)
wolfSSL	2:28278596c2a2	7718	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7719
wolfSSL	2:28278596c2a2	7720	if (GetBasicDate(buff, &idx, dcrl->nextDate, &dcrl->nextDateFormat, sz) < 0)
wolfSSL	2:28278596c2a2	7721	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7722
wolfSSL	2:28278596c2a2	7723	if (!XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, AFTER)) {
wolfSSL	2:28278596c2a2	7724	WOLFSSL_MSG("CRL after date is no longer valid");
wolfSSL	2:28278596c2a2	7725	return ASN_AFTER_DATE_E;
wolfSSL	2:28278596c2a2	7726	}
wolfSSL	2:28278596c2a2	7727
wolfSSL	2:28278596c2a2	7728	if (idx != dcrl->sigIndex && buff[idx] != CRL_EXTENSIONS) {
wolfSSL	2:28278596c2a2	7729	if (GetSequence(buff, &idx, &len, sz) < 0)
wolfSSL	2:28278596c2a2	7730	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7731
wolfSSL	2:28278596c2a2	7732	len += idx;
wolfSSL	2:28278596c2a2	7733
wolfSSL	2:28278596c2a2	7734	while (idx < (word32)len) {
wolfSSL	2:28278596c2a2	7735	if (GetRevoked(buff, &idx, dcrl, sz) < 0)
wolfSSL	2:28278596c2a2	7736	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7737	}
wolfSSL	2:28278596c2a2	7738	}
wolfSSL	2:28278596c2a2	7739
wolfSSL	2:28278596c2a2	7740	if (idx != dcrl->sigIndex)
wolfSSL	2:28278596c2a2	7741	idx = dcrl->sigIndex; /* skip extensions */
wolfSSL	2:28278596c2a2	7742
wolfSSL	2:28278596c2a2	7743	if (GetAlgoId(buff, &idx, &dcrl->signatureOID, sz) < 0)
wolfSSL	2:28278596c2a2	7744	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7745
wolfSSL	2:28278596c2a2	7746	if (GetCRL_Signature(buff, &idx, dcrl, sz) < 0)
wolfSSL	2:28278596c2a2	7747	return ASN_PARSE_E;
wolfSSL	2:28278596c2a2	7748
wolfSSL	2:28278596c2a2	7749	/* openssl doesn't add skid by default for CRLs cause firefox chokes
wolfSSL	2:28278596c2a2	7750	we're not assuming it's available yet */
wolfSSL	2:28278596c2a2	7751	#if !defined(NO_SKID) && defined(CRL_SKID_READY)
wolfSSL	2:28278596c2a2	7752	if (dcrl->extAuthKeyIdSet)
wolfSSL	2:28278596c2a2	7753	ca = GetCA(cm, dcrl->extAuthKeyId);
wolfSSL	2:28278596c2a2	7754	if (ca == NULL)
wolfSSL	2:28278596c2a2	7755	ca = GetCAByName(cm, dcrl->issuerHash);
wolfSSL	2:28278596c2a2	7756	#else /* NO_SKID */
wolfSSL	2:28278596c2a2	7757	ca = GetCA(cm, dcrl->issuerHash);
wolfSSL	2:28278596c2a2	7758	#endif /* NO_SKID */
wolfSSL	2:28278596c2a2	7759	WOLFSSL_MSG("About to verify CRL signature");
wolfSSL	2:28278596c2a2	7760
wolfSSL	2:28278596c2a2	7761	if (ca) {
wolfSSL	2:28278596c2a2	7762	WOLFSSL_MSG("Found CRL issuer CA");
wolfSSL	2:28278596c2a2	7763	/* try to confirm/verify signature */
wolfSSL	2:28278596c2a2	7764	#ifndef IGNORE_KEY_EXTENSIONS
wolfSSL	2:28278596c2a2	7765	if ((ca->keyUsage & KEYUSE_CRL_SIGN) == 0) {
wolfSSL	2:28278596c2a2	7766	WOLFSSL_MSG("CA cannot sign CRLs");
wolfSSL	2:28278596c2a2	7767	return ASN_CRL_NO_SIGNER_E;
wolfSSL	2:28278596c2a2	7768	}
wolfSSL	2:28278596c2a2	7769	#endif /* IGNORE_KEY_EXTENSIONS */
wolfSSL	2:28278596c2a2	7770	if (!ConfirmSignature(buff + dcrl->certBegin,
wolfSSL	2:28278596c2a2	7771	dcrl->sigIndex - dcrl->certBegin,
wolfSSL	2:28278596c2a2	7772	ca->publicKey, ca->pubKeySize, ca->keyOID,
wolfSSL	2:28278596c2a2	7773	dcrl->signature, dcrl->sigLength, dcrl->signatureOID, NULL)) {
wolfSSL	2:28278596c2a2	7774	WOLFSSL_MSG("CRL Confirm signature failed");
wolfSSL	2:28278596c2a2	7775	return ASN_CRL_CONFIRM_E;
wolfSSL	2:28278596c2a2	7776	}
wolfSSL	2:28278596c2a2	7777	}
wolfSSL	2:28278596c2a2	7778	else {
wolfSSL	2:28278596c2a2	7779	WOLFSSL_MSG("Did NOT find CRL issuer CA");
wolfSSL	2:28278596c2a2	7780	return ASN_CRL_NO_SIGNER_E;
wolfSSL	2:28278596c2a2	7781	}
wolfSSL	2:28278596c2a2	7782
wolfSSL	2:28278596c2a2	7783	return 0;
wolfSSL	2:28278596c2a2	7784	}
wolfSSL	2:28278596c2a2	7785
wolfSSL	2:28278596c2a2	7786	#endif /* HAVE_CRL */
wolfSSL	2:28278596c2a2	7787	#endif
wolfSSL	2:28278596c2a2	7788
wolfSSL	2:28278596c2a2	7789	#ifdef WOLFSSL_SEP
wolfSSL	2:28278596c2a2	7790
wolfSSL	2:28278596c2a2	7791
wolfSSL	2:28278596c2a2	7792
wolfSSL	2:28278596c2a2	7793	#endif /* WOLFSSL_SEP */
wolfSSL	2:28278596c2a2	7794
wolfSSL	2:28278596c2a2	7795

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	26 Jun 2015
Imports:	673
Forks:	0
Commits:	18
Dependents:	29
Dependencies:	0
Followers:	21

wolfcrypt/src/asn.c@2:28278596c2a2, 2015-07-21 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning