/src/wolfssl/wolfcrypt/src/asn.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* asn.c |
2 | | * |
3 | | * Copyright (C) 2006-2023 wolfSSL Inc. |
4 | | * |
5 | | * This file is part of wolfSSL. |
6 | | * |
7 | | * wolfSSL is free software; you can redistribute it and/or modify |
8 | | * it under the terms of the GNU General Public License as published by |
9 | | * the Free Software Foundation; either version 2 of the License, or |
10 | | * (at your option) any later version. |
11 | | * |
12 | | * wolfSSL is distributed in the hope that it will be useful, |
13 | | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 | | * GNU General Public License for more details. |
16 | | * |
17 | | * You should have received a copy of the GNU General Public License |
18 | | * along with this program; if not, write to the Free Software |
19 | | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA |
20 | | */ |
21 | | |
22 | | /* |
23 | | * DESCRIPTION |
24 | | * This library provides the interface to Abstract Syntax Notation One (ASN.1) |
25 | | * objects. |
26 | | * ASN.1 is a standard interface description language for defining data |
27 | | * structures that can be serialized and deserialized in a cross-platform way. |
28 | | * |
29 | | * Encoding of ASN.1 is either using Basic Encoding Rules (BER) or |
30 | | * Distinguished Encoding Rules (DER). DER has only one possible encoding for a |
31 | | * ASN.1 description and the data. |
32 | | * Encode using DER and decode BER or DER. |
33 | | * |
34 | | * Provides routines to convert BER into DER. Replaces indefinite length |
35 | | * encoded items with explicit lengths. |
36 | | */ |
37 | | #ifdef HAVE_CONFIG_H |
38 | | #include <config.h> |
39 | | #endif |
40 | | |
41 | | #include <wolfssl/wolfcrypt/settings.h> |
42 | | |
43 | | /* |
44 | | ASN Options: |
45 | | * NO_ASN_TIME_CHECK: Disables ASN time checks (avoiding the ASN_BEFORE_DATE_E |
46 | | * and ASN_AFTER_DATE_E errors). Safer ways to avoid date errors would be to |
47 | | * set the WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY flag when calling the _ex versions of |
48 | | * cert loading functions or to define the WOLFSSL_NO_OCSP_DATE_CHECK macro to |
49 | | * skip OCSP date errors. Defining NO_ASN_TIME_CHECK will skip ALL date checks |
50 | | * and could pose a security risk. |
51 | | * NO_ASN_TIME: Disables time parts of the ASN code for systems without an RTC |
52 | | or wishing to save space. |
53 | | * IGNORE_NAME_CONSTRAINTS: Skip ASN name checks. |
54 | | * ASN_DUMP_OID: Allows dump of OID information for debugging. |
55 | | * RSA_DECODE_EXTRA: Decodes extra information in RSA public key. |
56 | | * WOLFSSL_CERT_GEN: Cert generation. Saves extra certificate info in GetName. |
57 | | * WOLFSSL_NO_ASN_STRICT: Disable strict RFC compliance checks to |
58 | | restore 3.13.0 behavior. |
59 | | * WOLFSSL_NO_OCSP_OPTIONAL_CERTS: Skip optional OCSP certs (responder issuer |
60 | | must still be trusted) |
61 | | * WOLFSSL_NO_TRUSTED_CERTS_VERIFY: Workaround for situation where entire cert |
62 | | chain is not loaded. This only matches on subject and public key and |
63 | | does not perform a PKI validation, so it is not a secure solution. |
64 | | Only enabled for OCSP. |
65 | | * WOLFSSL_NO_OCSP_ISSUER_CHECK: Can be defined for backwards compatibility to |
66 | | disable checking of https://www.rfc-editor.org/rfc/rfc6960#section-4.2.2.2. |
67 | | * WOLFSSL_SMALL_CERT_VERIFY: Verify the certificate signature without using |
68 | | DecodedCert. Doubles up on some code but allows smaller dynamic memory |
69 | | usage. |
70 | | * WOLFSSL_NO_OCSP_DATE_CHECK: Disable date checks for OCSP responses. This |
71 | | may be required when the system's real-time clock is not very accurate. |
72 | | It is recommended to enforce the nonce check instead if possible. |
73 | | * WOLFSSL_FORCE_OCSP_NONCE_CHECK: Require nonces to be available in OCSP |
74 | | responses. The nonces are optional and may not be supported by all |
75 | | responders. If it can be ensured that the used responder sends nonces this |
76 | | option may improve security. |
77 | | * WOLFSSL_ASN_TEMPLATE: Encoding and decoding using a template. |
78 | | * WOLFSSL_DEBUG_ASN_TEMPLATE: Enables debugging output when using ASN.1 |
79 | | templates. |
80 | | * WOLFSSL_ASN_TEMPLATE_TYPE_CHECK: Use ASN functions to better test compiler |
81 | | type issues for testing |
82 | | * CRLDP_VALIDATE_DATA: For ASN template only, validates the reason data |
83 | | * WOLFSSL_AKID_NAME: Enable support for full AuthorityKeyIdentifier extension. |
84 | | Only supports copying full AKID from an existing certificate. |
85 | | * WOLFSSL_CUSTOM_OID: Enable custom OID support for subject and request |
86 | | extensions |
87 | | * WOLFSSL_HAVE_ISSUER_NAMES: Store pointers to issuer name components and their |
88 | | lengths and encodings. |
89 | | * WOLFSSL_SUBJ_DIR_ATTR: Enable support for SubjectDirectoryAttributes |
90 | | extension. |
91 | | * WOLFSSL_SUBJ_INFO_ACC: Enable support for SubjectInfoAccess extension. |
92 | | * WOLFSSL_FPKI: Enable support for FPKI (Federal PKI) extensions. |
93 | | * WOLFSSL_CERT_NAME_ALL: Adds more certificate name capability at the |
94 | | cost of taking up more memory. Adds initials, givenname, dnQualifer for |
95 | | example. |
96 | | * WC_ASN_HASH_SHA256: Force use of SHA2-256 for the internal hash ID calcs. |
97 | | */ |
98 | | |
99 | | #include <wolfssl/wolfcrypt/error-crypt.h> |
100 | | #ifndef NO_RSA |
101 | | #include <wolfssl/wolfcrypt/rsa.h> |
102 | | #if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_CRYPTOCELL) |
103 | | extern int wc_InitRsaHw(RsaKey* key); |
104 | | #endif |
105 | | #endif |
106 | | |
107 | | #ifndef NO_ASN |
108 | | |
109 | | #include <wolfssl/wolfcrypt/asn.h> |
110 | | #include <wolfssl/wolfcrypt/coding.h> |
111 | | #include <wolfssl/wolfcrypt/md2.h> |
112 | | #include <wolfssl/wolfcrypt/hmac.h> |
113 | | #include <wolfssl/wolfcrypt/pwdbased.h> |
114 | | #include <wolfssl/wolfcrypt/des3.h> |
115 | | #include <wolfssl/wolfcrypt/aes.h> |
116 | | #include <wolfssl/wolfcrypt/rc2.h> |
117 | | #include <wolfssl/wolfcrypt/wc_encrypt.h> |
118 | | #include <wolfssl/wolfcrypt/logging.h> |
119 | | |
120 | | #include <wolfssl/wolfcrypt/random.h> |
121 | | #include <wolfssl/wolfcrypt/hash.h> |
122 | | #ifdef NO_INLINE |
123 | | #include <wolfssl/wolfcrypt/misc.h> |
124 | | #else |
125 | | #define WOLFSSL_MISC_INCLUDED |
126 | | #include <wolfcrypt/src/misc.c> |
127 | | #endif |
128 | | |
129 | | #ifndef NO_RC4 |
130 | | #include <wolfssl/wolfcrypt/arc4.h> |
131 | | #endif |
132 | | |
133 | | #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384) |
134 | | #include <wolfssl/wolfcrypt/sha512.h> |
135 | | #endif |
136 | | |
137 | | #ifndef NO_SHA256 |
138 | | #include <wolfssl/wolfcrypt/sha256.h> |
139 | | #endif |
140 | | |
141 | | #ifdef HAVE_ECC |
142 | | #include <wolfssl/wolfcrypt/ecc.h> |
143 | | #endif |
144 | | |
145 | | #ifdef WOLFSSL_SM2 |
146 | | #include <wolfssl/wolfcrypt/sm2.h> |
147 | | #endif |
148 | | |
149 | | #ifdef HAVE_ED25519 |
150 | | #include <wolfssl/wolfcrypt/ed25519.h> |
151 | | #endif |
152 | | #ifdef HAVE_CURVE25519 |
153 | | #include <wolfssl/wolfcrypt/curve25519.h> |
154 | | #endif |
155 | | |
156 | | #ifdef HAVE_ED448 |
157 | | #include <wolfssl/wolfcrypt/ed448.h> |
158 | | #endif |
159 | | #ifdef HAVE_CURVE448 |
160 | | #include <wolfssl/wolfcrypt/curve448.h> |
161 | | #endif |
162 | | |
163 | | #ifdef HAVE_PQC |
164 | | #if defined(HAVE_FALCON) |
165 | | #include <wolfssl/wolfcrypt/falcon.h> |
166 | | #endif |
167 | | #if defined(HAVE_DILITHIUM) |
168 | | #include <wolfssl/wolfcrypt/dilithium.h> |
169 | | #endif |
170 | | #if defined(HAVE_SPHINCS) |
171 | | #include <wolfssl/wolfcrypt/sphincs.h> |
172 | | #endif |
173 | | #endif |
174 | | |
175 | | #ifdef WOLFSSL_QNX_CAAM |
176 | | #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h> |
177 | | #endif |
178 | | |
179 | | #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS) |
180 | | #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h> |
181 | | #endif |
182 | | |
183 | | #ifndef NO_DSA |
184 | | #include <wolfssl/wolfcrypt/dsa.h> |
185 | | #else |
186 | | typedef void* DsaKey; |
187 | | #endif |
188 | | |
189 | | #ifdef WOLF_CRYPTO_CB |
190 | | #include <wolfssl/wolfcrypt/cryptocb.h> |
191 | | #endif |
192 | | |
193 | | #ifndef WOLFCRYPT_ONLY |
194 | | #include <wolfssl/internal.h> |
195 | | #endif |
196 | | |
197 | | #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) |
198 | | #include <wolfssl/openssl/objects.h> |
199 | | #endif |
200 | | |
201 | | #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \ |
202 | | !defined(WOLFCRYPT_ONLY) |
203 | | #define WOLFSSL_X509_NAME_AVAILABLE |
204 | | #endif |
205 | | |
206 | | #ifdef _MSC_VER |
207 | | /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */ |
208 | | #pragma warning(disable: 4996) |
209 | | #endif |
210 | | |
211 | 0 | #define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; } |
212 | | |
213 | | #if !defined(NO_SKID) && (!defined(HAVE_FIPS) || !defined(HAVE_FIPS_VERSION)) |
214 | | #if !defined(HAVE_SELFTEST) || (defined(HAVE_SELFTEST) && \ |
215 | | (!defined(HAVE_SELFTEST_VERSION) || \ |
216 | | HAVE_SELFTEST_VERSION < 2)) |
217 | | #ifndef WOLFSSL_AES_KEY_SIZE_ENUM |
218 | | #define WOLFSSL_AES_KEY_SIZE_ENUM |
219 | | enum Asn_Misc { |
220 | | AES_IV_SIZE = 16, |
221 | | AES_128_KEY_SIZE = 16, |
222 | | AES_192_KEY_SIZE = 24, |
223 | | AES_256_KEY_SIZE = 32 |
224 | | }; |
225 | | #endif |
226 | | #endif /* HAVE_SELFTEST */ |
227 | | #endif |
228 | | |
229 | | #if defined(WOLFSSL_ASN_PRINT) || defined(WOLFSSL_DEBUG_ASN_TEMPLATE) |
230 | | |
231 | | /* String representations of tags. */ |
232 | | static const char* tagString[4][32] = { |
233 | | /* Universal */ |
234 | | { |
235 | | "EOC", |
236 | | "BOOLEAN", |
237 | | "INTEGER", |
238 | | "BIT STRING", |
239 | | "OCTET STRING", |
240 | | "NULL", |
241 | | "OBJECT ID", |
242 | | "ObjectDescriptor", |
243 | | "INSTANCE OF", |
244 | | "REAL", |
245 | | "ENUMERATED", |
246 | | "EMBEDDED PDV", |
247 | | "UT8String", |
248 | | "RELATIVE-OID", |
249 | | "(0x0e) 14", |
250 | | "(0x0f) 15", |
251 | | "SEQUENCE", |
252 | | "SET", |
253 | | "NumericString", |
254 | | "PrintableString", |
255 | | "T61String", |
256 | | "VideotexString", |
257 | | "IA5String", |
258 | | "UTCTime", |
259 | | "GeneralizedTime", |
260 | | "GraphicString", |
261 | | "ISO646String", |
262 | | "GeneralString", |
263 | | "UniversalString", |
264 | | "CHARACTER STRING", |
265 | | "BMPString", |
266 | | "(0x1f) 31", |
267 | | }, |
268 | | /* Application */ |
269 | | { |
270 | | "[A 0]", "[A 1]", "[A 2]", "[A 3]", |
271 | | "[A 4]", "[A 5]", "[A 6]", "[A 7]", |
272 | | "[A 8]", "[A 9]", "[A 10]", "[A 11]", |
273 | | "[A 12]", "[A 13]", "[A 14]", "[A 15]", |
274 | | "[A 16]", "[A 17]", "[A 18]", "[A 19]", |
275 | | "[A 20]", "[A 21]", "[A 22]", "[A 23]", |
276 | | "[A 24]", "[A 25]", "[A 26]", "[A 27]", |
277 | | "[A 28]", "[A 20]", "[A 30]", "[A 31]" |
278 | | }, |
279 | | /* Context-Specific */ |
280 | | { |
281 | | "[0]", "[1]", "[2]", "[3]", "[4]", "[5]", "[6]", "[7]", |
282 | | "[8]", "[9]", "[10]", "[11]", "[12]", "[13]", "[14]", "[15]", |
283 | | "[16]", "[17]", "[18]", "[19]", "[20]", "[21]", "[22]", "[23]", |
284 | | "[24]", "[25]", "[26]", "[27]", "[28]", "[20]", "[30]", "[31]" |
285 | | }, |
286 | | /* Private */ |
287 | | { |
288 | | "[P 0]", "[P 1]", "[P 2]", "[P 3]", |
289 | | "[P 4]", "[P 5]", "[P 6]", "[P 7]", |
290 | | "[P 8]", "[P 9]", "[P 10]", "[P 11]", |
291 | | "[P 12]", "[P 13]", "[P 14]", "[P 15]", |
292 | | "[P 16]", "[P 17]", "[P 18]", "[P 19]", |
293 | | "[P 20]", "[P 21]", "[P 22]", "[P 23]", |
294 | | "[P 24]", "[P 25]", "[P 26]", "[P 27]", |
295 | | "[P 28]", "[P 20]", "[P 30]", "[P 31]" |
296 | | } |
297 | | }; |
298 | | |
299 | | /* Converts a tag byte to string. |
300 | | * |
301 | | * @param [in] tag BER tag value to interpret. |
302 | | * @return String corresponding to tag. |
303 | | */ |
304 | | static const char* TagString(byte tag) |
305 | 0 | { |
306 | 0 | return tagString[tag >> 6][tag & ASN_TYPE_MASK]; |
307 | 0 | } |
308 | | |
309 | | #endif |
310 | | |
311 | | |
312 | | /* Calculates the minimum number of bytes required to encode the value. |
313 | | * |
314 | | * Only support up to 2^24-1. |
315 | | * |
316 | | * @param [in] value Value to be encoded. |
317 | | * @return Number of bytes to encode value. |
318 | | */ |
319 | | static word32 BytePrecision(word32 value) |
320 | 304 | { |
321 | 304 | word32 i; |
322 | 903 | for (i = (word32)sizeof(value) - 1; i; --i) |
323 | 903 | if (value >> ((i - 1) * WOLFSSL_BIT_SIZE)) |
324 | 304 | break; |
325 | | |
326 | 304 | return i; |
327 | 304 | } |
328 | | |
329 | | /* DER encodes the length value in output buffer. |
330 | | * |
331 | | * 0 -> 2^7-1: <len byte>. |
332 | | * 2^7 -> : <0x80 + #bytes> <len big-endian bytes> |
333 | | * |
334 | | * @param [in] length Value to encode. |
335 | | * @param [in, out] output Buffer to encode into. |
336 | | * @return Number of bytes used in encoding. |
337 | | */ |
338 | | WOLFSSL_LOCAL word32 SetASNLength(word32 length, byte* output) |
339 | 1.62k | { |
340 | 1.62k | word32 i = 0; |
341 | | |
342 | 1.62k | if (length < ASN_LONG_LENGTH) |
343 | 1.52k | output[i++] = (byte)length; |
344 | 94 | else { |
345 | 94 | word32 j; |
346 | | |
347 | 94 | output[i++] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH); |
348 | | |
349 | 188 | for (j = BytePrecision(length); j; --j) { |
350 | 94 | output[i] = (byte)(length >> ((j - 1) * WOLFSSL_BIT_SIZE)); |
351 | 94 | i++; |
352 | 94 | } |
353 | 94 | } |
354 | | |
355 | 1.62k | return i; |
356 | 1.62k | } |
357 | | |
358 | | #ifdef WOLFSSL_ASN_TEMPLATE |
359 | | /* Calculate the size of a DER encoded length value. |
360 | | * |
361 | | * 0 -> 2^7-1: <length byte>. |
362 | | * 2^7 -> : <0x80 + #bytes> <big-endian length bytes> |
363 | | * |
364 | | * @param [in] length Value to encode. |
365 | | * @return Number of bytes required to encode. |
366 | | */ |
367 | | static word32 SizeASNLength(word32 length) |
368 | 1.68k | { |
369 | 1.68k | return 1 + ((length >= ASN_LONG_LENGTH) ? BytePrecision(length) : 0); |
370 | 1.68k | } |
371 | | |
372 | | /* Calculate the size of a DER encoded header. |
373 | | * |
374 | | * Header = Tag | Encoded length |
375 | | * |
376 | | * @param [in] length Length value to encode. |
377 | | * @return Number of bytes required to encode a DER header. |
378 | | */ |
379 | | #define SizeASNHeader(length) \ |
380 | 1.68k | (1 + SizeASNLength(length)) |
381 | | #endif |
382 | | |
383 | | #ifdef WOLFSSL_ASN_TEMPLATE |
384 | | #ifdef WOLFSSL_SMALL_STACK |
385 | | /* Declare the variable that is the dynamic data for decoding BER data. |
386 | | * |
387 | | * @param [in] name Variable name to declare. |
388 | | * @param [in] cnt Number of elements required. |
389 | | */ |
390 | | #define DECL_ASNGETDATA(name, cnt) \ |
391 | 0 | ASNGetData* name = NULL |
392 | | |
393 | | /* Allocates the dynamic BER decoding data. |
394 | | * |
395 | | * @param [in] name Variable name to declare. |
396 | | * @param [in] cnt Number of elements required. |
397 | | * @param [in, out] err Error variable. |
398 | | * @param [in] heap Dynamic memory allocation hint. |
399 | | */ |
400 | | #define ALLOC_ASNGETDATA(name, cnt, err, heap) \ |
401 | 0 | do { \ |
402 | 0 | if ((err) == 0) { \ |
403 | 0 | (name) = (ASNGetData*)XMALLOC(sizeof(ASNGetData) * (cnt), (heap), \ |
404 | 0 | DYNAMIC_TYPE_TMP_BUFFER); \ |
405 | 0 | if ((name) == NULL) { \ |
406 | 0 | (err) = MEMORY_E; \ |
407 | 0 | } \ |
408 | 0 | } \ |
409 | 0 | } \ |
410 | 0 | while (0) |
411 | | |
412 | | /* Allocates the dynamic BER decoding data and clears the memory. |
413 | | * |
414 | | * @param [in] name Variable name to declare. |
415 | | * @param [in] cnt Number of elements required. |
416 | | * @param [in, out] err Error variable. |
417 | | * @param [in] heap Dynamic memory allocation hint. |
418 | | */ |
419 | | #define CALLOC_ASNGETDATA(name, cnt, err, heap) \ |
420 | 0 | do { \ |
421 | 0 | ALLOC_ASNGETDATA(name, cnt, err, heap); \ |
422 | 0 | if ((err) == 0) { \ |
423 | 0 | XMEMSET((name), 0, sizeof(ASNGetData) * (cnt)); \ |
424 | 0 | } \ |
425 | 0 | } \ |
426 | 0 | while (0) |
427 | | |
428 | | /* Disposes of the dynamic BER decoding data. |
429 | | * |
430 | | * @param [in] name Variable name to declare. |
431 | | * @param [in] heap Dynamic memory allocation hint. |
432 | | */ |
433 | | #define FREE_ASNGETDATA(name, heap) \ |
434 | 0 | do { \ |
435 | 0 | if ((name) != NULL) { \ |
436 | 0 | XFREE((name), (heap), DYNAMIC_TYPE_TMP_BUFFER); \ |
437 | 0 | } \ |
438 | 0 | } \ |
439 | 0 | while (0) |
440 | | |
441 | | /* Declare the variable that is the dynamic data for encoding DER data. |
442 | | * |
443 | | * @param [in] name Variable name to declare. |
444 | | * @param [in] cnt Number of elements required. |
445 | | */ |
446 | | #define DECL_ASNSETDATA(name, cnt) \ |
447 | 0 | ASNSetData* name = NULL |
448 | | |
449 | | /* Allocates the dynamic DER encoding data. |
450 | | * |
451 | | * @param [in] name Variable name to declare. |
452 | | * @param [in] cnt Number of elements required. |
453 | | * @param [in, out] err Error variable. |
454 | | * @param [in] heap Dynamic memory allocation hint. |
455 | | */ |
456 | | #define ALLOC_ASNSETDATA(name, cnt, err, heap) \ |
457 | 0 | do { \ |
458 | 0 | if ((err) == 0) { \ |
459 | 0 | (name) = (ASNSetData*)XMALLOC(sizeof(ASNGetData) * (cnt), (heap), \ |
460 | 0 | DYNAMIC_TYPE_TMP_BUFFER); \ |
461 | 0 | if ((name) == NULL) { \ |
462 | 0 | (err) = MEMORY_E; \ |
463 | 0 | } \ |
464 | 0 | } \ |
465 | 0 | } \ |
466 | 0 | while (0) |
467 | | |
468 | | /* Allocates the dynamic DER encoding data and clears the memory. |
469 | | * |
470 | | * @param [in] name Variable name to declare. |
471 | | * @param [in] cnt Number of elements required. |
472 | | * @param [in, out] err Error variable. |
473 | | * @param [in] heap Dynamic memory allocation hint. |
474 | | */ |
475 | | #define CALLOC_ASNSETDATA(name, cnt, err, heap) \ |
476 | 0 | do { \ |
477 | 0 | ALLOC_ASNSETDATA(name, cnt, err, heap); \ |
478 | 0 | if ((err) == 0) { \ |
479 | 0 | XMEMSET(name, 0, sizeof(ASNSetData) * (cnt)); \ |
480 | 0 | } \ |
481 | 0 | } \ |
482 | 0 | while (0) |
483 | | |
484 | | /* Disposes of the dynamic DER encoding data. |
485 | | * |
486 | | * @param [in] name Variable name to declare. |
487 | | * @param [in] heap Dynamic memory allocation hint. |
488 | | */ |
489 | | #define FREE_ASNSETDATA(name, heap) \ |
490 | 0 | do { \ |
491 | 0 | if ((name) != NULL) { \ |
492 | 0 | XFREE(name, heap, DYNAMIC_TYPE_TMP_BUFFER); \ |
493 | 0 | } \ |
494 | 0 | } \ |
495 | 0 | while (0) |
496 | | #else |
497 | | /* Declare the variable that is the dynamic data for decoding BER data. |
498 | | * |
499 | | * @param [in] name Variable name to declare. |
500 | | * @param [in] cnt Number of elements required. |
501 | | */ |
502 | | #define DECL_ASNGETDATA(name, cnt) \ |
503 | | ASNGetData name[cnt] |
504 | | |
505 | | /* No implementation as declaration is static. |
506 | | * |
507 | | * @param [in] name Variable name to declare. |
508 | | * @param [in] cnt Number of elements required. |
509 | | * @param [in, out] err Error variable. |
510 | | * @param [in] heap Dynamic memory allocation hint. |
511 | | */ |
512 | | #define ALLOC_ASNGETDATA(name, cnt, err, heap) |
513 | | |
514 | | /* Clears the memory of the dynamic BER encoding data. |
515 | | * |
516 | | * @param [in] name Variable name to declare. |
517 | | * @param [in] cnt Number of elements required. |
518 | | * @param [in, out] err Error variable. |
519 | | * @param [in] heap Dynamic memory allocation hint. |
520 | | */ |
521 | | #define CALLOC_ASNGETDATA(name, cnt, err, heap) \ |
522 | | XMEMSET(name, 0, sizeof(name)) |
523 | | |
524 | | /* No implementation as declaration is static. |
525 | | * |
526 | | * @param [in] name Variable name to declare. |
527 | | * @param [in] heap Dynamic memory allocation hint. |
528 | | */ |
529 | | #define FREE_ASNGETDATA(name, heap) |
530 | | |
531 | | /* Declare the variable that is the dynamic data for encoding DER data. |
532 | | * |
533 | | * @param [in] name Variable name to declare. |
534 | | * @param [in] cnt Number of elements required. |
535 | | */ |
536 | | #define DECL_ASNSETDATA(name, cnt) \ |
537 | | ASNSetData name[cnt] |
538 | | |
539 | | /* No implementation as declaration is static. |
540 | | * |
541 | | * @param [in] name Variable name to declare. |
542 | | * @param [in] cnt Number of elements required. |
543 | | * @param [in, out] err Error variable. |
544 | | * @param [in] heap Dynamic memory allocation hint. |
545 | | */ |
546 | | #define ALLOC_ASNSETDATA(name, cnt, err, heap) |
547 | | |
548 | | /* Clears the memory of the dynamic BER encoding data. |
549 | | * |
550 | | * @param [in] name Variable name to declare. |
551 | | * @param [in] cnt Number of elements required. |
552 | | * @param [in, out] err Error variable. |
553 | | * @param [in] heap Dynamic memory allocation hint. |
554 | | */ |
555 | | #define CALLOC_ASNSETDATA(name, cnt, err, heap) \ |
556 | | XMEMSET(name, 0, sizeof(name)) |
557 | | |
558 | | /* No implementation as declaration is static. |
559 | | * |
560 | | * @param [in] name Variable name to declare. |
561 | | * @param [in] heap Dynamic memory allocation hint. |
562 | | */ |
563 | | #define FREE_ASNSETDATA(name, heap) |
564 | | #endif |
565 | | |
566 | | |
567 | | #ifdef DEBUG_WOLFSSL |
568 | | /* Enable this when debugging the parsing or creation of ASN.1 data. */ |
569 | | #if 0 |
570 | | #define WOLFSSL_DEBUG_ASN_TEMPLATE |
571 | | #endif |
572 | | #endif |
573 | | |
574 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
575 | | |
576 | | #include <stdarg.h> |
577 | | |
578 | | /* Log a message that has the printf format string. |
579 | | * |
580 | | * @param [in] <va_args> printf style arguments. |
581 | | */ |
582 | | #define WOLFSSL_MSG_VSNPRINTF(...) \ |
583 | | do { \ |
584 | | char line[81]; \ |
585 | | snprintf(line, sizeof(line) - 1, __VA_ARGS__); \ |
586 | | line[sizeof(line) - 1] = '\0'; \ |
587 | | WOLFSSL_MSG(line); \ |
588 | | } \ |
589 | | while (0) |
590 | | #endif |
591 | | |
592 | | /* Returns whether ASN.1 item is an integer and the Most-Significant Bit is set. |
593 | | * |
594 | | * @param [in] asn ASN.1 items to encode. |
595 | | * @param [in] data_a Data to place in each item. Lengths set were not known. |
596 | | * @param [in] i Index of item to check. |
597 | | * @return 1 when ASN.1 item is an integer and MSB is 1. |
598 | | * @erturn 0 otherwise. |
599 | | */ |
600 | | #define ASNIntMSBSet(asn, data_a, i) \ |
601 | 1.64k | (((asn)[i].tag == ASN_INTEGER) && \ |
602 | 1.64k | ((data_a)[i].data.buffer.data != NULL && \ |
603 | 0 | ((data_a)[i].data.buffer.data[0] & 0x80) == 0x80)) |
604 | | |
605 | | |
606 | | /* Calculate the size of a DER encoded number. |
607 | | * |
608 | | * @param [in] n Number to be encoded. |
609 | | * @param [in] bits Maximum number of bits to encode. |
610 | | * @param [in] tag BER tag e.g. INTEGER, BIT_STRING, etc. |
611 | | * @return Number of bytes to the ASN.1 item. |
612 | | */ |
613 | | static word32 SizeASN_Num(word32 n, int bits, byte tag) |
614 | 0 | { |
615 | 0 | int j; |
616 | 0 | word32 len; |
617 | |
|
618 | 0 | len = 1 + 1 + (word32)bits / 8; |
619 | | /* Discover actual size by checking for high zeros. */ |
620 | 0 | for (j = bits - 8; j > 0; j -= 8) { |
621 | 0 | if (n >> j) |
622 | 0 | break; |
623 | 0 | len--; |
624 | 0 | } |
625 | 0 | if (tag == ASN_BIT_STRING) |
626 | 0 | len++; |
627 | 0 | else if ((tag == ASN_INTEGER) && (((n >> j) & 0x80) == 0x80)) |
628 | 0 | len++; |
629 | |
|
630 | 0 | return len; |
631 | 0 | } |
632 | | |
633 | | /* Calculate the size of the data in the constructed item based on the |
634 | | * length of the ASN.1 items below. |
635 | | * |
636 | | * @param [in] asn ASN.1 items to encode. |
637 | | * @param [in, out] data Data to place in each item. Lengths set were not |
638 | | * known. |
639 | | * @param [in] idx Index of item working on. |
640 | | */ |
641 | | static void SizeASN_CalcDataLength(const ASNItem* asn, ASNSetData *data, |
642 | | int idx, int max) |
643 | 562 | { |
644 | 562 | int j; |
645 | | |
646 | 562 | data[idx].data.buffer.length = 0; |
647 | | /* Sum the item length of all items underneath. */ |
648 | 1.68k | for (j = idx + 1; j < max; j++) { |
649 | | /* Stop looking if the next ASN.1 is same level or higher. */ |
650 | 1.12k | if (asn[j].depth <= asn[idx].depth) |
651 | 0 | break; |
652 | | /* Only add in length if it is one level below. */ |
653 | 1.12k | if (asn[j].depth - 1 == asn[idx].depth) { |
654 | 1.12k | data[idx].data.buffer.length += data[j].length; |
655 | | /* The length of a header only item doesn't include the data unless |
656 | | * a replacement buffer is supplied. |
657 | | */ |
658 | 1.12k | if (asn[j].headerOnly && data[j].data.buffer.data == NULL && |
659 | 1.12k | data[j].dataType != ASN_DATA_TYPE_REPLACE_BUFFER) { |
660 | 0 | data[idx].data.buffer.length += data[j].data.buffer.length; |
661 | 0 | } |
662 | 1.12k | } |
663 | 1.12k | } |
664 | 562 | } |
665 | | |
666 | | /* Calculate the size of the DER encoding. |
667 | | * |
668 | | * Call SetASN_Items() to write encoding to a buffer. |
669 | | * |
670 | | * @param [in] asn ASN.1 items to encode. |
671 | | * @param [in, out] data Data to place in each item. Lengths set where not |
672 | | * known. |
673 | | * @param [in] count Count of items to encode. |
674 | | * @param [out] encSz Length of the DER encoding. |
675 | | * @return 0 on success. |
676 | | * @return BAD_STATE_E when the data type is not supported. |
677 | | */ |
678 | | int SizeASN_Items(const ASNItem* asn, ASNSetData *data, int count, int* encSz) |
679 | 562 | { |
680 | 562 | int i; |
681 | 562 | word32 sz = 0; |
682 | 562 | word32 len; |
683 | 562 | word32 dataLen; |
684 | 562 | int length; |
685 | | |
686 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
687 | | WOLFSSL_ENTER("SizeASN_Items"); |
688 | | #endif |
689 | | |
690 | 2.24k | for (i = count - 1; i >= 0; i--) { |
691 | | /* Skip this ASN.1 item when encoding. */ |
692 | 1.68k | if (data[i].noOut) { |
693 | | /* Set the offset to the current size - used in writing DER. */ |
694 | 0 | data[i].offset = sz; |
695 | 0 | continue; |
696 | 0 | } |
697 | | |
698 | 1.68k | len = 0; |
699 | 1.68k | switch (data[i].dataType) { |
700 | | /* Calculate the size of the number of different sizes. */ |
701 | 0 | case ASN_DATA_TYPE_WORD8: |
702 | 0 | len = SizeASN_Num(data[i].data.u8, 8, asn[i].tag); |
703 | 0 | break; |
704 | 0 | case ASN_DATA_TYPE_WORD16: |
705 | 0 | len = SizeASN_Num(data[i].data.u16, 16, asn[i].tag); |
706 | 0 | break; |
707 | | #ifdef WOLFSSL_ASN_TEMPLATE_NEED_SET_INT32 |
708 | | /* Not used yet! */ |
709 | | case ASN_DATA_TYPE_WORD32: |
710 | | len = SizeASN_Num(data[i].data.u32, 32, asn[i].tag); |
711 | | break; |
712 | | #endif |
713 | | |
714 | 1.12k | case ASN_DATA_TYPE_MP: |
715 | | /* Calculate the size of the MP integer data. */ |
716 | 1.12k | length = mp_unsigned_bin_size(data[i].data.mp); |
717 | 1.12k | length += mp_leading_bit(data[i].data.mp) ? 1 : 0; |
718 | 1.12k | len = (word32)SizeASNHeader((word32)length) + (word32)length; |
719 | 1.12k | break; |
720 | | |
721 | 0 | case ASN_DATA_TYPE_REPLACE_BUFFER: |
722 | | /* Buffer is put in directly - use the length. */ |
723 | 0 | len = data[i].data.buffer.length; |
724 | 0 | break; |
725 | | |
726 | 562 | case ASN_DATA_TYPE_NONE: |
727 | | /* Calculate the size based on the data to be included. |
728 | | * Mostly used for constructed items. |
729 | | */ |
730 | 562 | if (asn[i].headerOnly) { |
731 | 562 | if (data[i].data.buffer.data != NULL) { |
732 | | /* Force all child nodes to be ignored. Buffer |
733 | | * overwrites children. */ |
734 | 0 | { |
735 | 0 | int ii; |
736 | 0 | for (ii = i + 1; ii < count; ii++) { |
737 | 0 | if (asn[ii].depth <= asn[i].depth) |
738 | 0 | break; |
739 | 0 | sz -= data[ii].length; |
740 | 0 | data[ii].noOut = 1; |
741 | 0 | } |
742 | 0 | } |
743 | 0 | } |
744 | 562 | else { |
745 | | /* Calculate data length from items below if no buffer |
746 | | * supplied. */ |
747 | 562 | SizeASN_CalcDataLength(asn, data, i, count); |
748 | 562 | } |
749 | 562 | } |
750 | 562 | if (asn[i].tag == ASN_BOOLEAN) { |
751 | 0 | dataLen = 1; |
752 | 0 | } |
753 | 562 | else { |
754 | 562 | dataLen = data[i].data.buffer.length; |
755 | 562 | } |
756 | | /* BIT_STRING and INTEGER have one byte prepended. */ |
757 | 562 | if ((asn[i].tag == ASN_BIT_STRING) || |
758 | 562 | ASNIntMSBSet(asn, data, i)) { |
759 | 0 | dataLen++; |
760 | | /* ASN.1 items are below and cannot include extra byte. */ |
761 | 0 | if (asn[i].headerOnly) { |
762 | 0 | len++; |
763 | 0 | } |
764 | 0 | } |
765 | | /* Add in the size of tag and length. */ |
766 | 562 | len += SizeASNHeader(dataLen); |
767 | | /* Include data in length if not header only or if |
768 | | * buffer supplied. */ |
769 | 562 | if (!asn[i].headerOnly || data[i].data.buffer.data != NULL) { |
770 | 0 | len += dataLen; |
771 | 0 | } |
772 | 562 | break; |
773 | | |
774 | | #ifdef DEBUG_WOLFSSL |
775 | | default: |
776 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
777 | | WOLFSSL_MSG_VSNPRINTF("%2d: %d", i, data[i].dataType); |
778 | | WOLFSSL_MSG("Bad data type"); |
779 | | #endif |
780 | | return BAD_STATE_E; |
781 | | #endif |
782 | 1.68k | } |
783 | | |
784 | | /* Set the total length of the item. */ |
785 | 1.68k | data[i].length = len; |
786 | | /* Add length to total size. */ |
787 | 1.68k | sz += len; |
788 | | /* Set the offset to the current size - used in writing DER. */ |
789 | 1.68k | data[i].offset = sz; |
790 | | |
791 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
792 | | WOLFSSL_MSG_VSNPRINTF("%2d: %4d %4d %c %*s %-16s", i, |
793 | | data[i].offset, data[i].length, asn[i].constructed ? '+' : ' ', |
794 | | asn[i].depth, "", TagString(asn[i].tag)); |
795 | | #endif |
796 | 1.68k | } |
797 | | |
798 | 562 | *encSz = (int)sz; |
799 | 562 | return 0; |
800 | 562 | } |
801 | | |
802 | | /* Create the DER encoding of a number. |
803 | | * |
804 | | * Assumes that the out buffer is large enough for encoding. |
805 | | * |
806 | | * @param [in] n Number to be encoded. |
807 | | * @param [in] bits Maximum number of bits to encode. |
808 | | * @param [in] tag DER tag e.g. INTEGER, BIT_STRING, etc. |
809 | | */ |
810 | | static void SetASN_Num(word32 n, int bits, byte* out, byte tag) |
811 | 0 | { |
812 | 0 | int j; |
813 | 0 | word32 idx; |
814 | 0 | byte len; |
815 | | |
816 | | /* Encoding: Tag (1 byte) | Length (1 byte) | Data (number) */ |
817 | | |
818 | | /* Data will start at index 2 unless BIT_STRING or INTEGER */ |
819 | 0 | idx = 2; |
820 | | |
821 | | /* Set the length of the number based on maximum bit length. */ |
822 | 0 | len = (byte)(bits / 8); |
823 | | /* Discover actual size by checking for leading zero bytes. */ |
824 | 0 | for (j = bits - 8; j > 0; j -= 8) { |
825 | 0 | if ((n >> j) != 0) { |
826 | 0 | break; |
827 | 0 | } |
828 | 0 | len--; |
829 | 0 | } |
830 | | /* Keep j, index of first non-zero byte, for writing out. */ |
831 | | |
832 | | /* A BIT_STRING has the number of unused bits in last byte prepended to |
833 | | * data. |
834 | | */ |
835 | 0 | if (tag == ASN_BIT_STRING) { |
836 | 0 | byte unusedBits = 0; |
837 | 0 | byte lastByte = (byte)(n >> j); |
838 | | |
839 | | /* Quick check last bit. */ |
840 | 0 | if ((lastByte & 0x01) == 0x00) { |
841 | 0 | unusedBits++; |
842 | | /* Check each bit for first least significant bit set. */ |
843 | 0 | while (((lastByte >> unusedBits) & 0x01) == 0x00) |
844 | 0 | unusedBits++; |
845 | 0 | } |
846 | | /* Add unused bits byte. */ |
847 | 0 | len++; |
848 | 0 | out[idx++] = unusedBits; |
849 | 0 | } |
850 | | |
851 | | /* An INTEGER has a prepended byte if MSB of number is 1 - makes encoded |
852 | | * value positive. */ |
853 | 0 | if ((tag == ASN_INTEGER) && (((n >> j) & 0x80) == 0x80)) { |
854 | 0 | len++; |
855 | 0 | out[idx++] = 0; |
856 | 0 | } |
857 | | |
858 | | /* Go back and put in length. */ |
859 | 0 | out[1] = len; |
860 | | /* Place in the required bytes of the number. */ |
861 | 0 | for (; j >= 0; j -= 8) |
862 | 0 | out[idx++] = (byte)(n >> j); |
863 | 0 | } |
864 | | |
865 | | /* Creates the DER encoding of the ASN.1 items. |
866 | | * |
867 | | * Assumes the output buffer is large enough to hold encoding. |
868 | | * Must call SizeASN_Items() to determine size of encoding and offsets. |
869 | | * |
870 | | * @param [in] asn ASN.1 items to encode. |
871 | | * @param [in] data Data to place in each item. |
872 | | * @param [in] count Count of items to encode. |
873 | | * @param [in, out] output Buffer to write encoding into. |
874 | | * @return Size of the DER encoding in bytes. |
875 | | */ |
876 | | int SetASN_Items(const ASNItem* asn, ASNSetData *data, int count, byte* output) |
877 | 541 | { |
878 | 541 | int i; |
879 | 541 | int length; |
880 | 541 | int err; |
881 | 541 | word32 sz; |
882 | 541 | word32 idx; |
883 | 541 | byte* out; |
884 | | |
885 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
886 | | WOLFSSL_ENTER("SetASN_Items"); |
887 | | #endif |
888 | | |
889 | | /* Offset of first item is the total length. |
890 | | * SizeASN_Items() calculated this. */ |
891 | 541 | sz = data[0].offset; |
892 | | |
893 | | /* Write out each item. */ |
894 | 2.16k | for (i = 0; i < count; i++) { |
895 | | /* Skip items not writing out. */ |
896 | 1.62k | if (data[i].noOut) |
897 | 0 | continue; |
898 | | |
899 | | /* Start position to write item based on reverse offsets. */ |
900 | 1.62k | out = output + sz - data[i].offset; |
901 | | /* Index from start of item out. */ |
902 | 1.62k | idx = 0; |
903 | | |
904 | 1.62k | if (data[i].dataType != ASN_DATA_TYPE_REPLACE_BUFFER) { |
905 | | /* Put in the tag - not dumping in DER from buffer. */ |
906 | 1.62k | out[idx++] = asn[i].tag | |
907 | 1.62k | (asn[i].constructed ? ASN_CONSTRUCTED : 0); |
908 | 1.62k | } |
909 | | |
910 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
911 | | WOLFSSL_MSG_VSNPRINTF("%2d: %4d %4d %c %*s %-16s", i, |
912 | | sz - data[i].offset, |
913 | | data[i].length, asn[i].constructed ? '+' : ' ', asn[i].depth, |
914 | | "", TagString(asn[i].tag)); |
915 | | #endif |
916 | | |
917 | 1.62k | switch (data[i].dataType) { |
918 | | /* Write out the length and data of a number. */ |
919 | 0 | case ASN_DATA_TYPE_WORD8: |
920 | 0 | SetASN_Num(data[i].data.u8, 8, out, asn[i].tag); |
921 | 0 | break; |
922 | 0 | case ASN_DATA_TYPE_WORD16: |
923 | 0 | SetASN_Num(data[i].data.u16, 16, out, asn[i].tag); |
924 | 0 | break; |
925 | | #ifdef WOLFSSL_ASN_TEMPLATE_NEED_SET_INT32 |
926 | | /* Not used yet! */ |
927 | | case ASN_DATA_TYPE_WORD32: |
928 | | SetASN_Num(data[i].data.u32, 32, out, asn[i].tag); |
929 | | break; |
930 | | #endif |
931 | | |
932 | | /* Write out the length and data of a multi-precision number. */ |
933 | 1.08k | case ASN_DATA_TYPE_MP: |
934 | | /* Get length in bytes. */ |
935 | 1.08k | length = mp_unsigned_bin_size(data[i].data.mp); |
936 | | /* Add one for leading zero to make encoding a positive num. */ |
937 | 1.08k | length += mp_leading_bit(data[i].data.mp) ? 1 : 0; |
938 | | /* Write out length. */ |
939 | 1.08k | idx += SetASNLength((word32)length, out + idx); |
940 | | /* Write out leading zero to make positive. */ |
941 | 1.08k | if (mp_leading_bit(data[i].data.mp)) { |
942 | 416 | out[idx++] = 0; |
943 | 416 | } |
944 | | /* Encode number in big-endian byte array. */ |
945 | 1.08k | err = mp_to_unsigned_bin(data[i].data.mp, out + idx); |
946 | 1.08k | if (err != MP_OKAY) { |
947 | 0 | WOLFSSL_MSG("SetASN_Items: Failed to write mp_int"); |
948 | 0 | return MP_TO_E; |
949 | 0 | } |
950 | 1.08k | break; |
951 | | |
952 | 1.08k | case ASN_DATA_TYPE_REPLACE_BUFFER: |
953 | 0 | if (data[i].data.buffer.data == NULL) { |
954 | | /* Return pointer for caller to use. */ |
955 | 0 | data[i].data.buffer.data = out + idx; |
956 | 0 | } |
957 | 0 | else { |
958 | | /* Dump in the DER encoded data. */ |
959 | 0 | XMEMCPY(out + idx, data[i].data.buffer.data, |
960 | 0 | data[i].data.buffer.length); |
961 | 0 | } |
962 | 0 | break; |
963 | | |
964 | 541 | case ASN_DATA_TYPE_NONE: |
965 | 541 | if (asn[i].tag == ASN_BOOLEAN) { |
966 | | /* Always one byte of data. */ |
967 | 0 | out[idx++] = 1; |
968 | | /* TRUE = 0xff, FALSE = 0x00 */ |
969 | 0 | out[idx] = data[i].data.u8 ? 0xffU : 0x00U; |
970 | 0 | } |
971 | 541 | else if (asn[i].tag == ASN_TAG_NULL) { |
972 | | /* NULL tag is always a zero length item. */ |
973 | 0 | out[idx] = 0; |
974 | 0 | } |
975 | 541 | else { |
976 | 541 | word32 dataLen = data[i].data.buffer.length; |
977 | | /* Add one to data length for BIT_STRING unused bits and |
978 | | * INTEGER leading zero to make positive. |
979 | | */ |
980 | 541 | if ((asn[i].tag == ASN_BIT_STRING) || |
981 | 541 | ASNIntMSBSet(asn, data, i)) { |
982 | 0 | dataLen++; |
983 | 0 | } |
984 | | /* Write out length. */ |
985 | 541 | idx += SetASNLength(dataLen, out + idx); |
986 | 541 | if ((asn[i].tag == ASN_BIT_STRING) || |
987 | 541 | ASNIntMSBSet(asn, data, i)) { |
988 | | /* Write out leading byte. BIT_STRING has no unused bits |
989 | | * - use number data types if needed. */ |
990 | 0 | out[idx++] = 0x00; |
991 | 0 | } |
992 | | /* Record pointer for caller if data not supplied. */ |
993 | 541 | if (data[i].data.buffer.data == NULL) { |
994 | 541 | data[i].data.buffer.data = out + idx; |
995 | 541 | } |
996 | | /* Copy supplied data if not putting out header only or |
997 | | * if buffer supplied. */ |
998 | 0 | else if (!asn[i].headerOnly || |
999 | 0 | data[i].data.buffer.data != NULL) { |
1000 | | /* Allow data to come from output buffer. */ |
1001 | 0 | XMEMMOVE(out + idx, data[i].data.buffer.data, |
1002 | 0 | data[i].data.buffer.length); |
1003 | 0 | } |
1004 | 541 | } |
1005 | 541 | break; |
1006 | | |
1007 | | #ifdef DEBUG_WOLFSSL |
1008 | | default: |
1009 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1010 | | WOLFSSL_MSG_VSNPRINTF("Bad data type: %d", data[i].dataType); |
1011 | | #endif |
1012 | | return BAD_STATE_E; |
1013 | | #endif |
1014 | 1.62k | } |
1015 | 1.62k | } |
1016 | | |
1017 | 541 | return (int)sz; |
1018 | 541 | } |
1019 | | |
1020 | | |
1021 | | static int GetOID(const byte* input, word32* inOutIdx, word32* oid, |
1022 | | word32 oidType, int length); |
1023 | | |
1024 | | /* Maximum supported depth in ASN.1 description. */ |
1025 | | #define GET_ASN_MAX_DEPTH 7 |
1026 | | /* Maximum number of checked numbered choices. Only one of the items with the |
1027 | | * number is allowed. |
1028 | | */ |
1029 | 2.29k | #define GET_ASN_MAX_CHOICES 2 |
1030 | | |
1031 | | /* Use existing function to decode BER length encoding. */ |
1032 | 2.30k | #define GetASN_Length GetLength_ex |
1033 | | |
1034 | | /* Check an INTEGER's first byte - must be a positive number. |
1035 | | * |
1036 | | * @param [in] input BER encoded data. |
1037 | | * @param [in] idx Index of BIT_STRING data. |
1038 | | * @param [in] length Length of input data. |
1039 | | * @param [in] positive Indicates number must be positive. |
1040 | | * @return 0 on success. |
1041 | | * @return ASN_PARSE_E when 0 is not required but seen. |
1042 | | * @return ASN_EXPECT_0_E when 0 is required and not seen. |
1043 | | */ |
1044 | | static int GetASN_Integer(const byte* input, word32 idx, int length, |
1045 | | int positive) |
1046 | 1.53k | { |
1047 | 1.53k | #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) || \ |
1048 | 1.53k | (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) |
1049 | | /* Check contents consist of one or more octets. */ |
1050 | 1.53k | if (length == 0) { |
1051 | 0 | WOLFSSL_MSG("Zero length INTEGER not allowed"); |
1052 | 0 | return ASN_PARSE_E; |
1053 | 0 | } |
1054 | 1.53k | #endif |
1055 | 1.53k | if (input[idx] == 0) { |
1056 | | /* Check leading zero byte required. */ |
1057 | 602 | if ((length > 1) && ((input[idx + 1] & 0x80) == 0)) { |
1058 | 0 | WOLFSSL_MSG("Zero not required on INTEGER"); |
1059 | 0 | #ifndef WOLFSSL_ASN_INT_LEAD_0_ANY |
1060 | 0 | return ASN_PARSE_E; |
1061 | 0 | #endif |
1062 | 0 | } |
1063 | 602 | } |
1064 | | /* Check whether a leading zero byte was required. */ |
1065 | 935 | else if (positive && (input[idx] & 0x80)) { |
1066 | 0 | WOLFSSL_MSG("INTEGER is negative"); |
1067 | 0 | #ifndef WOLFSSL_ASN_INT_LEAD_0_ANY |
1068 | 0 | return ASN_EXPECT_0_E; |
1069 | 0 | #endif /* WOLFSSL_ASN_INT_LEAD_0_ANY */ |
1070 | 0 | } |
1071 | | |
1072 | 1.53k | return 0; |
1073 | 1.53k | } |
1074 | | |
1075 | | /* Check a BIT_STRING's first byte - unused bits. |
1076 | | * |
1077 | | * @param [in] input BER encoded data. |
1078 | | * @param [in] idx Index of BIT_STRING data. |
1079 | | * @param [in] length Length of input data. |
1080 | | * @return 0 on success. |
1081 | | * @return ASN_PARSE_E when unused bits is invalid. |
1082 | | */ |
1083 | | static int GetASN_BitString(const byte* input, word32 idx, int length) |
1084 | 0 | { |
1085 | 0 | #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) || \ |
1086 | 0 | (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)) |
1087 | | /* Check contents consist of one or more octets. */ |
1088 | 0 | if (length == 0) { |
1089 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1090 | | WOLFSSL_MSG("Zero length BIT STRING not allowed"); |
1091 | | #endif |
1092 | 0 | return ASN_PARSE_E; |
1093 | 0 | } |
1094 | 0 | #endif |
1095 | | /* Ensure unused bits value is valid range. */ |
1096 | 0 | if (input[idx] > 7) { |
1097 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1098 | | WOLFSSL_MSG_VSNPRINTF("BIT STRING unused bits too big: %d > 7", |
1099 | | input[idx]); |
1100 | | #endif |
1101 | 0 | return ASN_PARSE_E; |
1102 | 0 | } |
1103 | | /* Ensure unused bits are zero. */ |
1104 | 0 | if ((byte)(input[idx + (word32)length - 1] << (8 - input[idx])) != 0) { |
1105 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1106 | | WOLFSSL_MSG_VSNPRINTF("BIT STRING unused bits used: %d %02x", |
1107 | | input[idx], input[idx + length - 1]); |
1108 | | #endif |
1109 | 0 | return ASN_PARSE_E; |
1110 | 0 | } |
1111 | | |
1112 | 0 | return 0; |
1113 | 0 | } |
1114 | | |
1115 | | /* Get the ASN.1 items from the BER encoding. |
1116 | | * |
1117 | | * @param [in] asn ASN.1 item expected. |
1118 | | * @param [in] data Data array to place found item into. |
1119 | | * @param [in] input BER encoded data. |
1120 | | * @param [in] idx Starting index of item data. |
1121 | | * @param [in] len Length of input buffer upto end of this item's data. |
1122 | | * @param [in] zeroPadded INTEGER was zero padded to make positive. |
1123 | | * @return 0 on success. |
1124 | | * @return ASN_PARSE_E when BER encoded data is invalid. |
1125 | | * @return ASN_EXPECT_0_E when NULL tagged item has a non-zero length. |
1126 | | * @return MP_INIT_E when the unable to initialize an mp_int. |
1127 | | * @return ASN_GETINT_E when the unable to convert data to an mp_int. |
1128 | | * @return BAD_STATE_E when the data type is not supported. |
1129 | | * @return ASN_UNKNOWN_OID_E when the OID cannot be verified. |
1130 | | */ |
1131 | | static int GetASN_StoreData(const ASNItem* asn, ASNGetData* data, |
1132 | | const byte* input, word32 idx, int len, |
1133 | | int zeroPadded) |
1134 | 1.53k | { |
1135 | 1.53k | int i; |
1136 | 1.53k | int err; |
1137 | | |
1138 | | /* Parse data based on data type to extract. */ |
1139 | 1.53k | switch (data->dataType) { |
1140 | | /* Parse a data into a number of specified bits. */ |
1141 | 0 | case ASN_DATA_TYPE_WORD8: |
1142 | | /* Check data is small enough to fit. */ |
1143 | 0 | if (len != 1) { |
1144 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1145 | | WOLFSSL_MSG_VSNPRINTF("Expecting one byte: %d", len); |
1146 | | #endif |
1147 | 0 | return ASN_PARSE_E; |
1148 | 0 | } |
1149 | | /* Fill number with all of data. */ |
1150 | 0 | *data->data.u8 = input[idx]; |
1151 | 0 | break; |
1152 | 0 | case ASN_DATA_TYPE_WORD16: |
1153 | | /* Check data is small enough to fit. */ |
1154 | 0 | if (len == 0 || len > 2) { |
1155 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1156 | | WOLFSSL_MSG_VSNPRINTF("Expecting 1 or 2 bytes: %d", len); |
1157 | | #endif |
1158 | 0 | return ASN_PARSE_E; |
1159 | 0 | } |
1160 | | /* Fill number with all of data. */ |
1161 | 0 | *data->data.u16 = 0; |
1162 | 0 | for (i = 0; i < len; i++) { |
1163 | 0 | *data->data.u16 <<= 8; |
1164 | 0 | *data->data.u16 |= input[idx + (word32)i] ; |
1165 | 0 | } |
1166 | 0 | break; |
1167 | 0 | case ASN_DATA_TYPE_WORD32: |
1168 | | /* Check data is small enough to fit. */ |
1169 | 0 | if (len == 0 || len > 4) { |
1170 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1171 | | WOLFSSL_MSG_VSNPRINTF("Expecting 1 to 4 bytes: %d", len); |
1172 | | #endif |
1173 | 0 | return ASN_PARSE_E; |
1174 | 0 | } |
1175 | | /* Fill number with all of data. */ |
1176 | 0 | *data->data.u32 = 0; |
1177 | 0 | for (i = 0; i < len; i++) { |
1178 | 0 | *data->data.u32 <<= 8; |
1179 | 0 | *data->data.u32 |= input[idx + (word32)i] ; |
1180 | 0 | } |
1181 | 0 | break; |
1182 | | |
1183 | 0 | case ASN_DATA_TYPE_BUFFER: |
1184 | | /* Check buffer is big enough to hold data. */ |
1185 | 0 | if (len > (int)*data->data.buffer.length) { |
1186 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1187 | | WOLFSSL_MSG_VSNPRINTF("Buffer too small for data: %d %d", len, |
1188 | | *data->data.buffer.length); |
1189 | | #endif |
1190 | 0 | return ASN_PARSE_E; |
1191 | 0 | } |
1192 | | /* Copy in data and record actual length seen. */ |
1193 | 0 | XMEMCPY(data->data.buffer.data, input + idx, (size_t)len); |
1194 | 0 | *data->data.buffer.length = (word32)len; |
1195 | 0 | break; |
1196 | | |
1197 | 0 | case ASN_DATA_TYPE_EXP_BUFFER: |
1198 | | /* Check data is same size expected. */ |
1199 | 0 | if (len != (int)data->data.ref.length) { |
1200 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1201 | | WOLFSSL_MSG_VSNPRINTF("Data not expected length: %d %d", len, |
1202 | | data->data.ref.length); |
1203 | | #endif |
1204 | 0 | return ASN_PARSE_E; |
1205 | 0 | } |
1206 | | /* Check data is same as expected. */ |
1207 | 0 | if (XMEMCMP(data->data.ref.data, input + idx, (size_t)len) != 0) { |
1208 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1209 | | WOLFSSL_MSG("Data not as expected"); |
1210 | | #endif |
1211 | 0 | return ASN_PARSE_E; |
1212 | 0 | } |
1213 | 0 | break; |
1214 | | |
1215 | 480 | case ASN_DATA_TYPE_MP: |
1216 | 480 | case ASN_DATA_TYPE_MP_POS_NEG: |
1217 | | /* Initialize mp_int and read in big-endian byte array. */ |
1218 | 480 | if (mp_init(data->data.mp) != MP_OKAY) { |
1219 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1220 | | WOLFSSL_MSG_VSNPRINTF("Failed to init mp: %p", data->data.mp); |
1221 | | #endif |
1222 | 0 | return MP_INIT_E; |
1223 | 0 | } |
1224 | 480 | FALL_THROUGH; |
1225 | 1.53k | case ASN_DATA_TYPE_MP_INITED: |
1226 | 1.53k | err = mp_read_unsigned_bin(data->data.mp, (byte*)input + idx, |
1227 | 1.53k | (word32)len); |
1228 | 1.53k | if (err != 0) { |
1229 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1230 | | WOLFSSL_MSG_VSNPRINTF("Failed to read mp: %d", err); |
1231 | | #endif |
1232 | 3 | mp_clear(data->data.mp); |
1233 | 3 | return ASN_GETINT_E; |
1234 | 3 | } |
1235 | | #ifdef HAVE_WOLF_BIGINT |
1236 | | err = wc_bigint_from_unsigned_bin(&data->data.mp->raw, input + idx, |
1237 | | len); |
1238 | | if (err != 0) { |
1239 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1240 | | WOLFSSL_MSG_VSNPRINTF("Failed to create bigint: %d", err); |
1241 | | #endif |
1242 | | mp_clear(data->data.mp); |
1243 | | return ASN_GETINT_E; |
1244 | | } |
1245 | | #endif /* HAVE_WOLF_BIGINT */ |
1246 | | |
1247 | 1.53k | #ifdef WOLFSSL_SP_INT_NEGATIVE |
1248 | | /* Don't always read as positive. */ |
1249 | 1.53k | if ((data->dataType == ASN_DATA_TYPE_MP_POS_NEG) && (!zeroPadded) && |
1250 | 1.53k | (input[idx] & 0x80)) { |
1251 | 0 | #ifdef MP_NEG |
1252 | 0 | data->data.mp->sign = MP_NEG; |
1253 | | #else |
1254 | | #ifdef OPENSSL_EXTRA |
1255 | | /* public API wolfSSL_ASN1_INTEGER_get() depends |
1256 | | * indirectly on negative bignum handling here. |
1257 | | */ |
1258 | | #error OPENSSL_EXTRA requires negative bignum support. |
1259 | | #endif |
1260 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1261 | | WOLFSSL_MSG_VSNPRINTF("ASN negative integer without bignum support."); |
1262 | | #endif |
1263 | | mp_clear(data->data.mp); |
1264 | | return ASN_GETINT_E; |
1265 | | #endif |
1266 | 0 | } |
1267 | | #else |
1268 | | (void)zeroPadded; |
1269 | | #endif |
1270 | 1.53k | break; |
1271 | | |
1272 | 0 | case ASN_DATA_TYPE_CHOICE: |
1273 | | /* Check if tag matched any of the choices specified. */ |
1274 | 0 | for (i = 0; data->data.choice[i] != 0; i++) |
1275 | 0 | if (data->data.choice[i] == data->tag) |
1276 | 0 | break; |
1277 | 0 | if (data->data.choice[i] == 0) { |
1278 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1279 | | WOLFSSL_MSG("Tag didn't match a choice"); |
1280 | | #endif |
1281 | 0 | return ASN_PARSE_E; |
1282 | 0 | } |
1283 | | |
1284 | | /* Store data pointer and length for caller. */ |
1285 | 0 | data->data.ref.data = input + idx; |
1286 | 0 | data->data.ref.length = (word32)len; |
1287 | 0 | break; |
1288 | | |
1289 | 0 | case ASN_DATA_TYPE_NONE: |
1290 | | /* Default behaviour based on tag. */ |
1291 | 0 | if (asn->tag == ASN_BOOLEAN) { |
1292 | | /* BOOLEAN has only one byte of data in BER. */ |
1293 | 0 | if (len != 1) { |
1294 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1295 | | WOLFSSL_MSG_VSNPRINTF("BOOLEAN length too long: %d", len); |
1296 | | #endif |
1297 | 0 | return ASN_PARSE_E; |
1298 | 0 | } |
1299 | 0 | if (data->data.u8 == NULL) |
1300 | 0 | return BAD_STATE_E; |
1301 | | /* Store C boolean value. */ |
1302 | 0 | *data->data.u8 = (input[idx] != 0); |
1303 | 0 | break; |
1304 | 0 | } |
1305 | 0 | if (asn->tag == ASN_TAG_NULL) { |
1306 | | /* NULL has no data in BER. */ |
1307 | 0 | if (len != 0) { |
1308 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1309 | | WOLFSSL_MSG_VSNPRINTF("NULL length too long: %d", len); |
1310 | | #endif |
1311 | 0 | return ASN_EXPECT_0_E; |
1312 | 0 | } |
1313 | 0 | data->data.ref.data = input + idx; |
1314 | 0 | break; |
1315 | 0 | } |
1316 | 0 | if (asn->tag == ASN_OBJECT_ID) { |
1317 | 0 | word32 oidIdx = 0; |
1318 | | /* Store OID data pointer and length */ |
1319 | 0 | data->data.oid.data = input + idx; |
1320 | 0 | data->data.oid.length = (word32)len; |
1321 | | /* Get the OID sum. */ |
1322 | 0 | err = GetOID(input + idx, &oidIdx, &data->data.oid.sum, |
1323 | 0 | data->data.oid.type, len); |
1324 | 0 | if (err < 0) { |
1325 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1326 | | WOLFSSL_MSG_VSNPRINTF("OID check failed: %d", err); |
1327 | | #endif |
1328 | 0 | return err; |
1329 | 0 | } |
1330 | 0 | break; |
1331 | 0 | } |
1332 | | |
1333 | | /* Otherwise store data pointer and length. */ |
1334 | 0 | data->data.ref.data = input + idx; |
1335 | 0 | data->data.ref.length = (word32)len; |
1336 | 0 | break; |
1337 | | |
1338 | | #ifdef DEBUG_WOLFSSL |
1339 | | default: |
1340 | | /* Bad ASN data type. */ |
1341 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1342 | | WOLFSSL_MSG_VSNPRINTF("Bad data type: %d", data->dataType); |
1343 | | #endif |
1344 | | return BAD_STATE_E; |
1345 | | #endif |
1346 | 1.53k | } |
1347 | | |
1348 | 1.53k | return 0; |
1349 | 1.53k | } |
1350 | | |
1351 | | /* Get the ASN.1 items from the BER encoding. |
1352 | | * |
1353 | | * @param [in] asn ASN.1 items expected. |
1354 | | * @param [in] data Data array to place found items into. |
1355 | | * @param [in] count Count of items to parse. |
1356 | | * @param [in] complete Whether the whole buffer is to be used up. |
1357 | | * @param [in] input BER encoded data. |
1358 | | * @param [in, out] inOutIdx On in, starting index of data. |
1359 | | * On out, end of parsed data. |
1360 | | * @param [in] length Length of input buffer. |
1361 | | * @return 0 on success. |
1362 | | * @return ASN_PARSE_E when BER encoded data does not match ASN.1 items or |
1363 | | * is invalid. |
1364 | | * @return BUFFER_E when data in buffer is too small. |
1365 | | * @return ASN_OBJECT_ID_E when the expected OBJECT_ID tag is not found. |
1366 | | * @return ASN_BITSTR_E when the expected BIT_STRING tag is not found. |
1367 | | * @return ASN_EXPECT_0_E when the INTEGER has the MSB set or NULL has a |
1368 | | * non-zero length. |
1369 | | * @return MP_INIT_E when the unable to initialize an mp_int. |
1370 | | * @return ASN_GETINT_E when the unable to convert data to an mp_int. |
1371 | | * @return BAD_STATE_E when the data type is not supported. |
1372 | | * @return ASN_UNKNOWN_OID_E when the OID cannot be verified. |
1373 | | */ |
1374 | | int GetASN_Items(const ASNItem* asn, ASNGetData *data, int count, int complete, |
1375 | | const byte* input, word32* inOutIdx, word32 length) |
1376 | 769 | { |
1377 | 769 | int i; |
1378 | 769 | int j; |
1379 | 769 | int err; |
1380 | 769 | int len; |
1381 | | /* Current index into buffer. */ |
1382 | 769 | word32 idx = *inOutIdx; |
1383 | | /* Initialize the end index at each depth to be the length. */ |
1384 | 769 | word32 endIdx[GET_ASN_MAX_DEPTH] = { length, length, length, length, length, |
1385 | 769 | length, length }; |
1386 | | /* Set choices to -1 to indicate they haven't been seen or found. */ |
1387 | 769 | signed char choiceMet[GET_ASN_MAX_CHOICES] = { -1, -1 }; |
1388 | | /* Not matching a choice right now. */ |
1389 | 769 | int choice = 0; |
1390 | | /* Current depth of ASN.1 item. */ |
1391 | 769 | int depth; |
1392 | | /* Minimum depth value seen. */ |
1393 | 769 | int minDepth; |
1394 | | /* Integer had a zero prepended. */ |
1395 | 769 | int zeroPadded; |
1396 | | |
1397 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1398 | | WOLFSSL_ENTER("GetASN_Items"); |
1399 | | #endif |
1400 | | |
1401 | | /* Start depth at first items depth. */ |
1402 | 769 | minDepth = depth = asn[0].depth; |
1403 | | /* Check every ASN.1 item. */ |
1404 | 3.07k | for (i = 0; i < count; i++) { |
1405 | | /* Store offset of ASN.1 item. */ |
1406 | 2.30k | data[i].offset = idx; |
1407 | | /* Length of data in ASN.1 item starts empty. */ |
1408 | 2.30k | data[i].length = 0; |
1409 | | /* Get current item depth. */ |
1410 | 2.30k | depth = asn[i].depth; |
1411 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1412 | | if (depth > GET_ASN_MAX_DEPTH) { |
1413 | | WOLFSSL_MSG("Depth in template too large"); |
1414 | | return ASN_PARSE_E; |
1415 | | } |
1416 | | #endif |
1417 | | /* Keep track of minimum depth. */ |
1418 | 2.30k | if (depth < minDepth) { |
1419 | 0 | minDepth = depth; |
1420 | 0 | } |
1421 | | |
1422 | | /* Reset choice if different from previous. */ |
1423 | 2.30k | if (choice > 0 && asn[i].optional != choice) { |
1424 | 0 | choice = 0; |
1425 | 0 | } |
1426 | | /* Check if first of numbered choice. */ |
1427 | 2.30k | if (choice == 0 && asn[i].optional > 1) { |
1428 | 0 | choice = asn[i].optional; |
1429 | 0 | if (choiceMet[choice - 2] == -1) { |
1430 | | /* Choice seen but not found a match yet. */ |
1431 | 0 | choiceMet[choice - 2] = 0; |
1432 | 0 | } |
1433 | 0 | } |
1434 | | |
1435 | | /* Check for end of data or not a choice and tag not matching. */ |
1436 | 2.30k | if (idx == endIdx[depth] || (data[i].dataType != ASN_DATA_TYPE_CHOICE && |
1437 | 2.30k | (input[idx] & ~ASN_CONSTRUCTED) != asn[i].tag)) { |
1438 | 0 | if (asn[i].optional) { |
1439 | | /* Skip over ASN.1 items underneath this optional item. */ |
1440 | 0 | for (j = i + 1; j < count; j++) { |
1441 | 0 | if (asn[i].depth >= asn[j].depth) |
1442 | 0 | break; |
1443 | 0 | data[j].offset = idx; |
1444 | 0 | data[j].length = 0; |
1445 | 0 | } |
1446 | 0 | i = j - 1; |
1447 | 0 | continue; |
1448 | 0 | } |
1449 | | |
1450 | | /* Check for end of data. */ |
1451 | 0 | if (idx == length) { |
1452 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1453 | | WOLFSSL_MSG_VSNPRINTF( |
1454 | | "%2d: %4d %4d %c %*s %-16s%*s (index past end)", |
1455 | | i, data[i].offset, data[i].length, |
1456 | | asn[i].constructed ? '+' : ' ', asn[i].depth, "", |
1457 | | TagString(asn[i].tag), 6 - asn[i].depth, ""); |
1458 | | WOLFSSL_MSG_VSNPRINTF("Index past end of data: %d %d", idx, |
1459 | | length); |
1460 | | #endif |
1461 | 0 | return BUFFER_E; |
1462 | 0 | } |
1463 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1464 | | /* Show expected versus found. */ |
1465 | | WOLFSSL_MSG_VSNPRINTF( |
1466 | | "%2d: %4d %4d %c %*s %-16s%*s Tag=0x%02x (%s)", |
1467 | | i, data[i].offset, data[i].length, |
1468 | | asn[i].constructed ? '+' : ' ', asn[i].depth, "", |
1469 | | TagString(asn[i].tag), 6 - asn[i].depth, "", |
1470 | | input[idx], TagString(input[idx])); |
1471 | | #endif |
1472 | | /* Check for end of data at this depth. */ |
1473 | 0 | if (idx == endIdx[depth]) { |
1474 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1475 | | WOLFSSL_MSG_VSNPRINTF("Index past outer item: %d %d", idx, |
1476 | | endIdx[depth]); |
1477 | | #endif |
1478 | 0 | return ASN_PARSE_E; |
1479 | 0 | } |
1480 | | |
1481 | | /* Expecting an OBJECT_ID */ |
1482 | 0 | if (asn[i].tag == ASN_OBJECT_ID) { |
1483 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1484 | | WOLFSSL_MSG("Expecting OBJECT ID"); |
1485 | | #endif |
1486 | 0 | return ASN_OBJECT_ID_E; |
1487 | 0 | } |
1488 | | /* Expecting a BIT_STRING */ |
1489 | 0 | if (asn[i].tag == ASN_BIT_STRING) { |
1490 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1491 | | WOLFSSL_MSG("Expecting BIT STRING"); |
1492 | | #endif |
1493 | 0 | return ASN_BITSTR_E; |
1494 | 0 | } |
1495 | | /* Not the expected tag. */ |
1496 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1497 | | WOLFSSL_MSG("Bad tag"); |
1498 | | #endif |
1499 | 0 | return ASN_PARSE_E; |
1500 | 0 | } |
1501 | | |
1502 | | /* Store found tag in data. */ |
1503 | 2.30k | data[i].tag = input[idx]; |
1504 | 2.30k | if (data[i].dataType != ASN_DATA_TYPE_CHOICE) { |
1505 | 2.30k | int constructed = (input[idx] & ASN_CONSTRUCTED) == ASN_CONSTRUCTED; |
1506 | | /* Check constructed match expected for non-choice ASN.1 item. */ |
1507 | 2.30k | if (asn[i].constructed != constructed) { |
1508 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1509 | | WOLFSSL_MSG_VSNPRINTF( |
1510 | | "%2d: %4d %4d %c %*s %-16s%*s Tag=0x%02x (%s)", |
1511 | | i, data[i].offset, data[i].length, |
1512 | | asn[i].constructed ? '+' : ' ', asn[i].depth, "", |
1513 | | TagString(asn[i].tag), 6 - asn[i].depth, "", |
1514 | | input[idx], TagString(input[idx])); |
1515 | | if (!constructed) { |
1516 | | WOLFSSL_MSG("Not constructed"); |
1517 | | } |
1518 | | else { |
1519 | | WOLFSSL_MSG("Not expected to be constructed"); |
1520 | | } |
1521 | | #endif |
1522 | 0 | return ASN_PARSE_E; |
1523 | 0 | } |
1524 | 2.30k | } |
1525 | | /* Move index to start of length. */ |
1526 | 2.30k | idx++; |
1527 | | /* Get the encoded length. */ |
1528 | 2.30k | if (GetASN_Length(input, &idx, &len, endIdx[depth], 1) < 0) { |
1529 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1530 | | WOLFSSL_MSG_VSNPRINTF("%2d: idx=%d len=%d end=%d", i, idx, len, |
1531 | | endIdx[depth]); |
1532 | | #endif |
1533 | 0 | return ASN_PARSE_E; |
1534 | 0 | } |
1535 | | /* Store length of data. */ |
1536 | 2.30k | data[i].length = (word32)len; |
1537 | | /* Note the max length of items under this one. */ |
1538 | 2.30k | endIdx[depth + 1] = idx + (word32)len; |
1539 | 2.30k | if (choice > 1) { |
1540 | | /* Note we found a number choice. */ |
1541 | 0 | choiceMet[choice - 2] = 1; |
1542 | 0 | } |
1543 | | |
1544 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1545 | | WOLFSSL_MSG_VSNPRINTF("%2d: %4d %4d %c %*s %-16s", i, |
1546 | | data[i].offset, data[i].length, asn[i].constructed ? '+' : ' ', |
1547 | | asn[i].depth, "", TagString(data[i].tag)); |
1548 | | #endif |
1549 | | |
1550 | | /* Assume no zero padding on INTEGER. */ |
1551 | 2.30k | zeroPadded = 0; |
1552 | | /* Check data types that prepended a byte. */ |
1553 | 2.30k | if (asn[i].tag == ASN_INTEGER) { |
1554 | | /* Check validity of first byte. */ |
1555 | 1.53k | err = GetASN_Integer(input, idx, len, |
1556 | 1.53k | data[i].dataType == ASN_DATA_TYPE_MP || |
1557 | 1.53k | data[i].dataType == ASN_DATA_TYPE_MP_INITED); |
1558 | 1.53k | if (err != 0) |
1559 | 0 | return err; |
1560 | 1.53k | if (len > 1 && input[idx] == 0) { |
1561 | 602 | zeroPadded = 1; |
1562 | | /* Move over prepended byte. */ |
1563 | 602 | idx++; |
1564 | 602 | len--; |
1565 | 602 | } |
1566 | 1.53k | } |
1567 | 769 | else if (asn[i].tag == ASN_BIT_STRING) { |
1568 | | /* Check prepended byte is correct. */ |
1569 | 0 | err = GetASN_BitString(input, idx, len); |
1570 | 0 | if (err != 0) |
1571 | 0 | return err; |
1572 | | /* Move over prepended byte. */ |
1573 | 0 | idx++; |
1574 | 0 | len--; |
1575 | 0 | } |
1576 | 769 | else if ((asn[i].tag == ASN_OBJECT_ID) && (len < 3)) { |
1577 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1578 | | WOLFSSL_MSG_VSNPRINTF("OID length must be 3 or more: %d", len); |
1579 | | #endif |
1580 | 0 | return ASN_PARSE_E; |
1581 | 0 | } |
1582 | | |
1583 | | /* Don't parse data if only header required. */ |
1584 | 2.30k | if (asn[i].headerOnly) { |
1585 | | /* Store reference to data and length. */ |
1586 | 769 | data[i].data.ref.data = input + idx; |
1587 | 769 | data[i].data.ref.length = (word32)len; |
1588 | 769 | continue; |
1589 | 769 | } |
1590 | | |
1591 | | /* Store the data at idx in the ASN data item. */ |
1592 | 1.53k | err = GetASN_StoreData(&asn[i], &data[i], input, idx, len, zeroPadded); |
1593 | 1.53k | if (err != 0) { |
1594 | 3 | return err; |
1595 | 3 | } |
1596 | | |
1597 | | /* Move index to next item. */ |
1598 | 1.53k | idx += (word32)len; |
1599 | | |
1600 | | /* When matched numbered choice ... */ |
1601 | 1.53k | if (asn[i].optional > 1) { |
1602 | | /* Skip over other ASN.1 items of the same number. */ |
1603 | 0 | for (j = i + 1; j < count; j++) { |
1604 | 0 | if (asn[j].depth <= asn[i].depth && |
1605 | 0 | asn[j].optional != asn[i].optional) { |
1606 | 0 | break; |
1607 | 0 | } |
1608 | 0 | } |
1609 | 0 | i = j - 1; |
1610 | 0 | } |
1611 | 1.53k | } |
1612 | | |
1613 | 766 | if (complete) { |
1614 | | /* When expecting ASN.1 items to completely use data, check we did. */ |
1615 | 0 | for (j = depth; j > minDepth; j--) { |
1616 | 0 | if (idx < endIdx[j]) { |
1617 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1618 | | WOLFSSL_MSG_VSNPRINTF( |
1619 | | "More data in constructed item at depth: %d", j - 1); |
1620 | | #endif |
1621 | 0 | return ASN_PARSE_E; |
1622 | 0 | } |
1623 | 0 | } |
1624 | 0 | } |
1625 | | |
1626 | | /* Check all choices where met - found an item for them. */ |
1627 | 2.29k | for (j = 0; j < GET_ASN_MAX_CHOICES; j++) { |
1628 | 1.53k | if (choiceMet[j] == 0) { |
1629 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1630 | | WOLFSSL_MSG_VSNPRINTF("No choice seen: %d", j + 2); |
1631 | | #endif |
1632 | 0 | return ASN_PARSE_E; |
1633 | 0 | } |
1634 | 1.53k | } |
1635 | | |
1636 | | /* Return index after ASN.1 data has been parsed. */ |
1637 | 766 | *inOutIdx = idx; |
1638 | | |
1639 | 766 | return 0; |
1640 | 766 | } |
1641 | | |
1642 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
1643 | | /* Calculate the size of the DER encoding. |
1644 | | * |
1645 | | * Call SetASN_Items() to write encoding to a buffer. |
1646 | | * |
1647 | | * @param [in] asn ASN.1 items to encode. |
1648 | | * @param [in, out] data Data to place in each item. Lengths set were not |
1649 | | * known. |
1650 | | * @param [in] count Count of items to encode. |
1651 | | * @param [out] len Length of the DER encoding. |
1652 | | * @return Size of the DER encoding in bytes. |
1653 | | */ |
1654 | | static int SizeASN_ItemsDebug(const char* name, const ASNItem* asn, |
1655 | | ASNSetData *data, int count, int* encSz) |
1656 | | { |
1657 | | WOLFSSL_MSG_VSNPRINTF("TEMPLATE: %s", name); |
1658 | | return SizeASN_Items(asn, data, count, encSz); |
1659 | | } |
1660 | | |
1661 | | /* Creates the DER encoding of the ASN.1 items. |
1662 | | * |
1663 | | * Assumes the output buffer is large enough to hold encoding. |
1664 | | * Must call SizeASN_Items() to determine size of encoding and offsets. |
1665 | | * |
1666 | | * Displays the template name first. |
1667 | | * |
1668 | | * @param [in] name Name of ASN.1 template. |
1669 | | * @param [in] asn ASN.1 items to encode. |
1670 | | * @param [in] data Data to place in each item. |
1671 | | * @param [in] count Count of items to encode. |
1672 | | * @param [in, out] output Buffer to write encoding into. |
1673 | | * @return Size of the DER encoding in bytes. |
1674 | | */ |
1675 | | static int SetASN_ItemsDebug(const char* name, const ASNItem* asn, |
1676 | | ASNSetData *data, int count, byte* output) |
1677 | | { |
1678 | | WOLFSSL_MSG_VSNPRINTF("TEMPLATE: %s", name); |
1679 | | return SetASN_Items(asn, data, count, output); |
1680 | | } |
1681 | | |
1682 | | /* Get the ASN.1 items from the BER encoding. |
1683 | | * |
1684 | | * Displays the template name first. |
1685 | | * |
1686 | | * @param [in] name Name of ASN.1 template. |
1687 | | * @param [in] asn ASN.1 items expected. |
1688 | | * @param [in] data Data array to place found items into. |
1689 | | * @param [in] count Count of items to parse. |
1690 | | * @param [in] complete Whether the whole buffer is to be used up. |
1691 | | * @param [in] input BER encoded data. |
1692 | | * @param [in, out] inOutIdx On in, starting index of data. |
1693 | | * On out, end of parsed data. |
1694 | | * @param [in] maxIdx Maximum index of input data. |
1695 | | * @return 0 on success. |
1696 | | * @return ASN_PARSE_E when BER encoded data does not match ASN.1 items or |
1697 | | * is invalid. |
1698 | | * @return BUFFER_E when data in buffer is too small. |
1699 | | * @return ASN_OBJECT_ID_E when the expected OBJECT_ID tag is not found. |
1700 | | * @return ASN_BITSTR_E when the expected BIT_STRING tag is not found. |
1701 | | * @return ASN_EXPECT_0_E when the INTEGER has the MSB set or NULL has a |
1702 | | * non-zero length. |
1703 | | * @return MP_INIT_E when the unable to initialize an mp_int. |
1704 | | * @return ASN_GETINT_E when the unable to convert data to an mp_int. |
1705 | | * @return BAD_STATE_E when the data type is not supported. |
1706 | | */ |
1707 | | static int GetASN_ItemsDebug(const char* name, const ASNItem* asn, |
1708 | | ASNGetData *data, int count, int complete, const byte* input, |
1709 | | word32* inOutIdx, word32 maxIdx) |
1710 | | { |
1711 | | WOLFSSL_MSG_VSNPRINTF("TEMPLATE: %s", name); |
1712 | | return GetASN_Items(asn, data, count, complete, input, inOutIdx, maxIdx); |
1713 | | } |
1714 | | |
1715 | | /* Calculate the size of the DER encoding. |
1716 | | * |
1717 | | * Call SetASN_Items() to write encoding to a buffer. |
1718 | | * |
1719 | | * @param [in] asn ASN.1 items to encode. |
1720 | | * @param [in, out] data Data to place in each item. Lengths set were not |
1721 | | * known. |
1722 | | * @param [in] count Count of items to encode. |
1723 | | * @param [out] len Length of the DER encoding. |
1724 | | * @return Size of the DER encoding in bytes. |
1725 | | */ |
1726 | | #define SizeASN_Items(asn, data, count, encSz) \ |
1727 | | SizeASN_ItemsDebug(#asn, asn, data, count, encSz) |
1728 | | |
1729 | | /* Creates the DER encoding of the ASN.1 items. |
1730 | | * |
1731 | | * Assumes the output buffer is large enough to hold encoding. |
1732 | | * Must call SizeASN_Items() to determine size of encoding and offsets. |
1733 | | * |
1734 | | * Displays the template name first. |
1735 | | * |
1736 | | * @param [in] name Name of ASN.1 template. |
1737 | | * @param [in] asn ASN.1 items to encode. |
1738 | | * @param [in] data Data to place in each item. |
1739 | | * @param [in] count Count of items to encode. |
1740 | | * @param [in, out] output Buffer to write encoding into. |
1741 | | * @return Size of the DER encoding in bytes. |
1742 | | */ |
1743 | | #define SetASN_Items(asn, data, count, output) \ |
1744 | | SetASN_ItemsDebug(#asn, asn, data, count, output) |
1745 | | |
1746 | | /* Get the ASN.1 items from the BER encoding. |
1747 | | * |
1748 | | * Displays the template name first. |
1749 | | * |
1750 | | * @param [in] name Name of ASN.1 template. |
1751 | | * @param [in] asn ASN.1 items expected. |
1752 | | * @param [in] data Data array to place found items into. |
1753 | | * @param [in] count Count of items to parse. |
1754 | | * @param [in] complete Whether the whole buffer is to be used up. |
1755 | | * @param [in] input BER encoded data. |
1756 | | * @param [in, out] inOutIdx On in, starting index of data. |
1757 | | * On out, end of parsed data. |
1758 | | * @param [in] maxIdx Maximum index of input data. |
1759 | | * @return 0 on success. |
1760 | | * @return ASN_PARSE_E when BER encoded data does not match ASN.1 items or |
1761 | | * is invalid. |
1762 | | * @return BUFFER_E when data in buffer is too small. |
1763 | | * @return ASN_OBJECT_ID_E when the expected OBJECT_ID tag is not found. |
1764 | | * @return ASN_BITSTR_E when the expected BIT_STRING tag is not found. |
1765 | | * @return ASN_EXPECT_0_E when the INTEGER has the MSB set or NULL has a |
1766 | | * non-zero length. |
1767 | | * @return MP_INIT_E when the unable to initialize an mp_int. |
1768 | | * @return ASN_GETINT_E when the unable to convert data to an mp_int. |
1769 | | * @return BAD_STATE_E when the data type is not supported. |
1770 | | */ |
1771 | | #define GetASN_Items(asn, data, count, complete, input, inOutIdx, maxIdx) \ |
1772 | | GetASN_ItemsDebug(#asn, asn, data, count, complete, input, inOutIdx, maxIdx) |
1773 | | #endif /* WOLFSSL_DEBUG_ASN_TEMPLATE */ |
1774 | | |
1775 | | /* Decode a BER encoded constructed sequence. |
1776 | | * |
1777 | | * @param [in] input Buffer of BER encoded data. |
1778 | | * @param [in, out] inOutIdx On in, index to start decoding from. |
1779 | | * On out, index of next encoded byte. |
1780 | | * @param [out] len Length of data under SEQUENCE. |
1781 | | * @param [in] maxIdx Maximim index of data. Index of byte after SEQ. |
1782 | | * @param [in] complete All data used with SEQUENCE and data under. |
1783 | | * @return 0 on success. |
1784 | | * @return BUFFER_E when not enough data to complete decode. |
1785 | | * @return ASN_PARSE when decoding failed. |
1786 | | */ |
1787 | | static int GetASN_Sequence(const byte* input, word32* inOutIdx, int* len, |
1788 | | word32 maxIdx, int complete) |
1789 | 0 | { |
1790 | 0 | int ret = 0; |
1791 | 0 | word32 idx = *inOutIdx; |
1792 | | |
1793 | | /* Check buffer big enough for tag. */ |
1794 | 0 | if (idx + 1 > maxIdx) { |
1795 | 0 | ret = BUFFER_E; |
1796 | 0 | } |
1797 | | /* Check it is a constructed SEQUENCE. */ |
1798 | 0 | if ((ret == 0) && (input[idx++] != (ASN_SEQUENCE | ASN_CONSTRUCTED))) { |
1799 | 0 | ret = ASN_PARSE_E; |
1800 | 0 | } |
1801 | | /* Get the length. */ |
1802 | 0 | if ((ret == 0) && (GetASN_Length(input, &idx, len, maxIdx, 1) < 0)) { |
1803 | 0 | ret = ASN_PARSE_E; |
1804 | 0 | } |
1805 | | /* Check all data used if complete set. */ |
1806 | 0 | if ((ret == 0) && complete && (idx + (word32)*len != maxIdx)) { |
1807 | 0 | ret = ASN_PARSE_E; |
1808 | 0 | } |
1809 | 0 | if (ret == 0) { |
1810 | | /* Return index of next byte of encoded data. */ |
1811 | 0 | *inOutIdx = idx; |
1812 | 0 | } |
1813 | |
|
1814 | 0 | return ret; |
1815 | 0 | } |
1816 | | |
1817 | | |
1818 | | #ifdef WOLFSSL_ASN_TEMPLATE_TYPE_CHECK |
1819 | | /* Setup ASN data item to get an 8-bit number. |
1820 | | * |
1821 | | * @param [in] dataASN Dynamic ASN data item. |
1822 | | * @param [in] num Pointer to an 8-bit variable. |
1823 | | */ |
1824 | | void GetASN_Int8Bit(ASNGetData *dataASN, byte* num) |
1825 | | { |
1826 | | dataASN->dataType = ASN_DATA_TYPE_WORD8; |
1827 | | dataASN->data.u8 = num; |
1828 | | } |
1829 | | |
1830 | | /* Setup ASN data item to get a 16-bit number. |
1831 | | * |
1832 | | * @param [in] dataASN Dynamic ASN data item. |
1833 | | * @param [in] num Pointer to a 16-bit variable. |
1834 | | */ |
1835 | | void GetASN_Int16Bit(ASNGetData *dataASN, word16* num) |
1836 | | { |
1837 | | dataASN->dataType = ASN_DATA_TYPE_WORD16; |
1838 | | dataASN->data.u16 = num; |
1839 | | } |
1840 | | |
1841 | | /* Setup ASN data item to get a 32-bit number. |
1842 | | * |
1843 | | * @param [in] dataASN Dynamic ASN data item. |
1844 | | * @param [in] num Pointer to a 32-bit variable. |
1845 | | */ |
1846 | | void GetASN_Int32Bit(ASNGetData *dataASN, word32* num) |
1847 | | { |
1848 | | dataASN->dataType = ASN_DATA_TYPE_WORD32; |
1849 | | dataASN->data.u32 = num; |
1850 | | } |
1851 | | |
1852 | | /* Setup ASN data item to get data into a buffer of a specific length. |
1853 | | * |
1854 | | * @param [in] dataASN Dynamic ASN data item. |
1855 | | * @param [in] data Buffer to hold data. |
1856 | | * @param [in] length Length of buffer in bytes. |
1857 | | */ |
1858 | | void GetASN_Buffer(ASNGetData *dataASN, byte* data, word32* length) |
1859 | | { |
1860 | | dataASN->dataType = ASN_DATA_TYPE_BUFFER; |
1861 | | dataASN->data.buffer.data = data; |
1862 | | dataASN->data.buffer.length = length; |
1863 | | } |
1864 | | |
1865 | | /* Setup ASN data item to check parsed data against expected buffer. |
1866 | | * |
1867 | | * @param [in] dataASN Dynamic ASN data item. |
1868 | | * @param [in] data Buffer containing expected data. |
1869 | | * @param [in] length Length of buffer in bytes. |
1870 | | */ |
1871 | | void GetASN_ExpBuffer(ASNGetData *dataASN, const byte* data, word32 length) |
1872 | | { |
1873 | | dataASN->dataType = ASN_DATA_TYPE_EXP_BUFFER; |
1874 | | dataASN->data.ref.data = data; |
1875 | | dataASN->data.ref.length = length; |
1876 | | } |
1877 | | |
1878 | | /* Setup ASN data item to get a number into an mp_int. |
1879 | | * |
1880 | | * @param [in] dataASN Dynamic ASN data item. |
1881 | | * @param [in] num Multi-precision number object. |
1882 | | */ |
1883 | | void GetASN_MP(ASNGetData *dataASN, mp_int* num) |
1884 | | { |
1885 | | dataASN->dataType = ASN_DATA_TYPE_MP; |
1886 | | dataASN->data.mp = num; |
1887 | | } |
1888 | | |
1889 | | /* Setup ASN data item to get a number into an mp_int that is initialized. |
1890 | | * |
1891 | | * @param [in] dataASN Dynamic ASN data item. |
1892 | | * @param [in] num Multi-precision number object. |
1893 | | */ |
1894 | | void GetASN_MP_Inited(ASNGetData *dataASN, mp_int* num) |
1895 | | { |
1896 | | dataASN->dataType = ASN_DATA_TYPE_MP_INITED; |
1897 | | dataASN->data.mp = num; |
1898 | | } |
1899 | | |
1900 | | /* Setup ASN data item to get a positive or negative number into an mp_int. |
1901 | | * |
1902 | | * @param [in] dataASN Dynamic ASN data item. |
1903 | | * @param [in] num Multi-precision number object. |
1904 | | */ |
1905 | | void GetASN_MP_PosNeg(ASNGetData *dataASN, mp_int* num) |
1906 | | { |
1907 | | dataASN->dataType = ASN_DATA_TYPE_MP_POS_NEG; |
1908 | | dataASN->data.mp = num; |
1909 | | } |
1910 | | |
1911 | | /* Setup ASN data item to be a choice of tags. |
1912 | | * |
1913 | | * @param [in] dataASN Dynamic ASN data item. |
1914 | | * @param [in] options 0 terminated list of tags that are valid. |
1915 | | */ |
1916 | | void GetASN_Choice(ASNGetData *dataASN, const byte* options) |
1917 | | { |
1918 | | dataASN->dataType = ASN_DATA_TYPE_CHOICE; |
1919 | | dataASN->data.choice = options; |
1920 | | } |
1921 | | |
1922 | | /* Setup ASN data item to get a boolean value. |
1923 | | * |
1924 | | * @param [in] dataASN Dynamic ASN data item. |
1925 | | * @param [in] num Pointer to an 8-bit variable. |
1926 | | */ |
1927 | | void GetASN_Boolean(ASNGetData *dataASN, byte* num) |
1928 | | { |
1929 | | dataASN->dataType = ASN_DATA_TYPE_NONE; |
1930 | | dataASN->data.choice = num; |
1931 | | } |
1932 | | |
1933 | | /* Setup ASN data item to be a an OID of a specific type. |
1934 | | * |
1935 | | * @param [in] dataASN Dynamic ASN data item. |
1936 | | * @param [in] oidType Type of OID to expect. |
1937 | | */ |
1938 | | void GetASN_OID(ASNGetData *dataASN, int oidType) |
1939 | | { |
1940 | | dataASN->data.oid.type = oidType; |
1941 | | } |
1942 | | |
1943 | | /* Get the data and length from an ASN data item. |
1944 | | * |
1945 | | * @param [in] dataASN Dynamic ASN data item. |
1946 | | * @param [out] data Pointer to data of item. |
1947 | | * @param [out] length Length of buffer in bytes. |
1948 | | */ |
1949 | | void GetASN_GetConstRef(ASNGetData * dataASN, const byte** data, word32* length) |
1950 | | { |
1951 | | *data = dataASN->data.ref.data; |
1952 | | *length = dataASN->data.ref.length; |
1953 | | } |
1954 | | |
1955 | | /* Get the data and length from an ASN data item. |
1956 | | * |
1957 | | * @param [in] dataASN Dynamic ASN data item. |
1958 | | * @param [out] data Pointer to data of item. |
1959 | | * @param [out] length Length of buffer in bytes. |
1960 | | */ |
1961 | | void GetASN_GetRef(ASNGetData * dataASN, byte** data, word32* length) |
1962 | | { |
1963 | | *data = (byte*)dataASN->data.ref.data; |
1964 | | *length = dataASN->data.ref.length; |
1965 | | } |
1966 | | |
1967 | | /* Get the data and length from an ASN data item that is an OID. |
1968 | | * |
1969 | | * @param [in] dataASN Dynamic ASN data item. |
1970 | | * @param [out] data Pointer to . |
1971 | | * @param [out] length Length of buffer in bytes. |
1972 | | */ |
1973 | | void GetASN_OIDData(ASNGetData * dataASN, byte** data, word32* length) |
1974 | | { |
1975 | | *data = (byte*)dataASN->data.oid.data; |
1976 | | *length = dataASN->data.oid.length; |
1977 | | } |
1978 | | |
1979 | | /* Setup an ASN data item to set a boolean. |
1980 | | * |
1981 | | * @param [in] dataASN Dynamic ASN data item. |
1982 | | * @param [in] val Boolean value. |
1983 | | */ |
1984 | | void SetASN_Boolean(ASNSetData *dataASN, byte val) |
1985 | | { |
1986 | | dataASN->dataType = ASN_DATA_TYPE_NONE; |
1987 | | dataASN->data.u8 = val; |
1988 | | } |
1989 | | |
1990 | | /* Setup an ASN data item to set an 8-bit number. |
1991 | | * |
1992 | | * @param [in] dataASN Dynamic ASN data item. |
1993 | | * @param [in] num 8-bit number to set. |
1994 | | */ |
1995 | | void SetASN_Int8Bit(ASNSetData *dataASN, byte num) |
1996 | | { |
1997 | | dataASN->dataType = ASN_DATA_TYPE_WORD8; |
1998 | | dataASN->data.u8 = num; |
1999 | | } |
2000 | | |
2001 | | /* Setup an ASN data item to set a 16-bit number. |
2002 | | * |
2003 | | * @param [in] dataASN Dynamic ASN data item. |
2004 | | * @param [in] num 16-bit number to set. |
2005 | | */ |
2006 | | void SetASN_Int16Bit(ASNSetData *dataASN, word16 num) |
2007 | | { |
2008 | | dataASN->dataType = ASN_DATA_TYPE_WORD16; |
2009 | | dataASN->data.u16 = num; |
2010 | | } |
2011 | | |
2012 | | /* Setup an ASN data item to set the data in a buffer. |
2013 | | * |
2014 | | * @param [in] dataASN Dynamic ASN data item. |
2015 | | * @param [in] data Buffer containing data to set. |
2016 | | * @param [in] length Length of data in buffer in bytes. |
2017 | | */ |
2018 | | void SetASN_Buffer(ASNSetData *dataASN, const byte* data, word32 length) |
2019 | | { |
2020 | | dataASN->data.buffer.data = data; |
2021 | | dataASN->data.buffer.length = length; |
2022 | | } |
2023 | | |
2024 | | /* Setup an ASN data item to set the DER encode data in a buffer. |
2025 | | * |
2026 | | * @param [in] dataASN Dynamic ASN data item. |
2027 | | * @param [in] data Buffer containing BER encoded data to set. |
2028 | | * @param [in] length Length of data in buffer in bytes. |
2029 | | */ |
2030 | | void SetASN_ReplaceBuffer(ASNSetData *dataASN, const byte* data, word32 length) |
2031 | | { |
2032 | | dataASN->dataType = ASN_DATA_TYPE_REPLACE_BUFFER; |
2033 | | dataASN->data.buffer.data = data; |
2034 | | dataASN->data.buffer.length = length; |
2035 | | } |
2036 | | |
2037 | | /* Setup an ASN data item to set an multi-precision number. |
2038 | | * |
2039 | | * @param [in] dataASN Dynamic ASN data item. |
2040 | | * @param [in] num Multi-precision number. |
2041 | | */ |
2042 | | void SetASN_MP(ASNSetData *dataASN, mp_int* num) |
2043 | | { |
2044 | | dataASN->dataType = ASN_DATA_TYPE_MP; |
2045 | | dataASN->data.mp = num; |
2046 | | } |
2047 | | |
2048 | | /* Setup an ASN data item to set an OID based on id and type. |
2049 | | * |
2050 | | * oid and oidType pair are unique. |
2051 | | * |
2052 | | * @param [in] dataASN Dynamic ASN data item. |
2053 | | * @param [in] oid OID identifier. |
2054 | | * @param [in] oidType Type of OID. |
2055 | | */ |
2056 | | void SetASN_OID(ASNSetData *dataASN, int oid, int oidType) |
2057 | | { |
2058 | | dataASN->data.buffer.data = OidFromId(oid, oidType, |
2059 | | &dataASN->data.buffer.length); |
2060 | | } |
2061 | | #endif /* WOLFSSL_ASN_TEMPLATE_TYPE_CHECK */ |
2062 | | |
2063 | | #ifdef CRLDP_VALIDATE_DATA |
2064 | | /* Get the data of the BIT_STRING as a 16-bit number. |
2065 | | * |
2066 | | * @param [in] dataASN Dynamic ASN data item. |
2067 | | * @param [out] val ASN.1 item's data as a 16-bit number. |
2068 | | * @return 0 on success. |
2069 | | * @return ASN_PARSE_E when BITSTRING value is more than 2 bytes. |
2070 | | * @return ASN_PARSE_E when unused bits of BITSTRING is invalid. |
2071 | | */ |
2072 | | static int GetASN_BitString_Int16Bit(ASNGetData* dataASN, word16* val) |
2073 | | { |
2074 | | int ret; |
2075 | | int i; |
2076 | | const byte* input = dataASN->data.ref.data; |
2077 | | int length = dataASN->data.ref.length; |
2078 | | |
2079 | | /* Validate the BIT_STRING data. */ |
2080 | | ret = GetASN_BitString(input, 0, length); |
2081 | | if (ret == 0) { |
2082 | | /* Skip unused bits byte. */ |
2083 | | input++; |
2084 | | length--; |
2085 | | |
2086 | | /* Check the data is usable. */ |
2087 | | if (length == 0 || length > 2) { |
2088 | | #ifdef WOLFSSL_DEBUG_ASN_TEMPLATE |
2089 | | WOLFSSL_MSG_VSNPRINTF("Expecting 1 or 2 bytes: %d", length); |
2090 | | #endif |
2091 | | ret = ASN_PARSE_E; |
2092 | | } |
2093 | | } |
2094 | | if (ret == 0) { |
2095 | | /* Fill 16-bit var with all the data. */ |
2096 | | *val = 0; |
2097 | | for (i = 0; i < length; i++) { |
2098 | | *val <<= 8; |
2099 | | *val |= input[i]; |
2100 | | } |
2101 | | } |
2102 | | return ret; |
2103 | | } |
2104 | | #endif /* CRLDP_VALIDATE_DATA */ |
2105 | | |
2106 | | #endif /* WOLFSSL_ASN_TEMPLATE */ |
2107 | | |
2108 | | |
2109 | | /* Decode the BER/DER length field. |
2110 | | * |
2111 | | * @param [in] input BER encoded data. |
2112 | | * @param [in, out] inOutIdx On in, starting index of length. |
2113 | | * On out, end of parsed length. |
2114 | | * @param [out] len Length value decoded. |
2115 | | * @param [in] maxIdx Maximum index of input data. |
2116 | | * @return Length on success. |
2117 | | * @return ASN_PARSE_E if the encoding is invalid. |
2118 | | * @return BUFFER_E when not enough data to complete decode. |
2119 | | */ |
2120 | | int GetLength(const byte* input, word32* inOutIdx, int* len, word32 maxIdx) |
2121 | 0 | { |
2122 | 0 | return GetLength_ex(input, inOutIdx, len, maxIdx, 1); |
2123 | 0 | } |
2124 | | |
2125 | | |
2126 | | /* Decode the BER/DER length field and check the length is valid on request. |
2127 | | * |
2128 | | * BER/DER has Type-Length-Value triplets. |
2129 | | * When requested will check that the Length decoded, indicating the number |
2130 | | * of bytes in the Value, is available in the buffer after the Length bytes. |
2131 | | * |
2132 | | * Only supporting a length upto INT_MAX. |
2133 | | * |
2134 | | * @param [in] input BER encoded data. |
2135 | | * @param [in, out] inOutIdx On in, starting index of length. |
2136 | | * On out, end of parsed length. |
2137 | | * @param [out] len Length value decoded. |
2138 | | * @param [in] maxIdx Maximum index of input data. |
2139 | | * @param [in] check Whether to check the buffer has at least the |
2140 | | * decoded length of bytes remaining. |
2141 | | * @return Length on success. |
2142 | | * @return ASN_PARSE_E if the encoding is invalid. |
2143 | | * @return BUFFER_E when not enough data to complete decode. |
2144 | | */ |
2145 | | int GetLength_ex(const byte* input, word32* inOutIdx, int* len, word32 maxIdx, |
2146 | | int check) |
2147 | 2.30k | { |
2148 | 2.30k | int length = 0; |
2149 | 2.30k | word32 idx = (word32)*inOutIdx; |
2150 | 2.30k | byte b; |
2151 | | |
2152 | | /* Ensure zero return length on error. */ |
2153 | 2.30k | *len = 0; |
2154 | | |
2155 | | /* Check there is at least one byte available containing length information. |
2156 | | */ |
2157 | 2.30k | if ((idx + 1) > maxIdx) { |
2158 | 0 | WOLFSSL_MSG("GetLength - bad index on input"); |
2159 | 0 | return BUFFER_E; |
2160 | 0 | } |
2161 | | |
2162 | | /* Get the first length byte. */ |
2163 | 2.30k | b = input[idx++]; |
2164 | | /* Check if the first byte indicates the count of bytes. */ |
2165 | 2.30k | if (b >= ASN_LONG_LENGTH) { |
2166 | | /* Bottom 7 bits are the number of bytes to calculate length with. |
2167 | | * Note: 0 indicates indefinite length encoding *not* 0 bytes of length. |
2168 | | */ |
2169 | 140 | word32 bytes = (word32)b & 0x7FU; |
2170 | 140 | int minLen; |
2171 | | |
2172 | | /* Calculate minimum length to be encoded with bytes. */ |
2173 | 140 | if (b == ASN_INDEF_LENGTH) { |
2174 | | /* Indefinite length encoding - no length bytes. */ |
2175 | 0 | minLen = 0; |
2176 | 0 | } |
2177 | 140 | else if (bytes == 1) { |
2178 | 140 | minLen = 0x80; |
2179 | 140 | } |
2180 | | /* Only support up to the number of bytes that fit into return var. */ |
2181 | 0 | else if (bytes > sizeof(length)) { |
2182 | 0 | WOLFSSL_MSG("GetLength - overlong data length spec"); |
2183 | 0 | return ASN_PARSE_E; |
2184 | 0 | } else { |
2185 | 0 | minLen = 1 << ((bytes - 1) * 8); |
2186 | 0 | } |
2187 | | |
2188 | | /* Check the number of bytes required are available. */ |
2189 | 140 | if ((idx + bytes) > maxIdx) { |
2190 | 0 | WOLFSSL_MSG("GetLength - bad long length"); |
2191 | 0 | return BUFFER_E; |
2192 | 0 | } |
2193 | | |
2194 | | /* Big-endian encoding of number. */ |
2195 | 280 | while (bytes--) { |
2196 | 140 | b = input[idx++]; |
2197 | 140 | length = (length << 8) | b; |
2198 | 140 | } |
2199 | | /* Negative value indicates we overflowed the signed int. */ |
2200 | 140 | if (length < 0) { |
2201 | 0 | return ASN_PARSE_E; |
2202 | 0 | } |
2203 | | /* Don't allow lengths that are longer than strictly required. */ |
2204 | 140 | if (length < minLen) { |
2205 | 0 | return ASN_PARSE_E; |
2206 | 0 | } |
2207 | 140 | } |
2208 | 2.16k | else { |
2209 | | /* Length in first byte. */ |
2210 | 2.16k | length = b; |
2211 | 2.16k | } |
2212 | | |
2213 | | /* When requested, check the buffer has at least length bytes left. */ |
2214 | 2.30k | if (check && ((idx + (word32)length) > maxIdx)) { |
2215 | 0 | WOLFSSL_MSG("GetLength - value exceeds buffer length"); |
2216 | 0 | return BUFFER_E; |
2217 | 0 | } |
2218 | | |
2219 | | /* Return index after length encoding. */ |
2220 | 2.30k | *inOutIdx = idx; |
2221 | | /* Return length if valid. */ |
2222 | 2.30k | if (length > 0) { |
2223 | 2.30k | *len = length; |
2224 | 2.30k | } |
2225 | | |
2226 | | /* Return length calculated or error code. */ |
2227 | 2.30k | return length; |
2228 | 2.30k | } |
2229 | | |
2230 | | |
2231 | | /* Gets the tag of next BER/DER encoded item. |
2232 | | * |
2233 | | * Checks there is enough data in the buffer for the tag byte. |
2234 | | * |
2235 | | * @param [in] input BER encoded data. |
2236 | | * @param [in, out] inOutIdx On in, starting index of tag. |
2237 | | * On out, end of parsed tag. |
2238 | | * @param [out] tag Tag value found. |
2239 | | * @param [in] maxIdx Maximum index of input data. |
2240 | | * |
2241 | | * return 0 on success |
2242 | | * return BAD_FUNC_ARG when tag, inOutIdx or input is NULL. |
2243 | | * return BUFFER_E when not enough space in buffer for tag. |
2244 | | */ |
2245 | | int GetASNTag(const byte* input, word32* inOutIdx, byte* tag, word32 maxIdx) |
2246 | 0 | { |
2247 | 0 | int ret = 0; |
2248 | 0 | word32 idx = 0; |
2249 | | |
2250 | | /* Check validity of parameters. */ |
2251 | 0 | if ((tag == NULL) || (inOutIdx == NULL) || (input == NULL)) { |
2252 | 0 | ret = BAD_FUNC_ARG; |
2253 | 0 | } |
2254 | 0 | if (ret == 0) { |
2255 | | /* Get index and ensure space for tag. */ |
2256 | 0 | idx = *inOutIdx; |
2257 | 0 | if (idx + ASN_TAG_SZ > maxIdx) { |
2258 | 0 | WOLFSSL_MSG("Buffer too small for ASN tag"); |
2259 | 0 | ret = BUFFER_E; |
2260 | 0 | } |
2261 | 0 | } |
2262 | 0 | if (ret == 0) { |
2263 | | /* Return the tag and the index after tag. */ |
2264 | 0 | *tag = input[idx]; |
2265 | 0 | *inOutIdx = idx + ASN_TAG_SZ; |
2266 | 0 | } |
2267 | | /* Return error code. */ |
2268 | 0 | return ret; |
2269 | 0 | } |
2270 | | |
2271 | | |
2272 | | /* Decode the DER/BER header (Type-Length) and check the length when requested. |
2273 | | * |
2274 | | * BER/DER has Type-Length-Value triplets. |
2275 | | * Check that the tag/type is the required value. |
2276 | | * When requested will check that the Length decoded, indicating the number |
2277 | | * of bytes in the Value, is available in the buffer after the Length bytes. |
2278 | | * |
2279 | | * Only supporting a length upto INT_MAX. |
2280 | | * |
2281 | | * @param [in] input Buffer holding DER/BER encoded data. |
2282 | | * @param [in] tag ASN.1 tag value expected in header. |
2283 | | * @param [in, out] inOutIdx On in, starting index of header. |
2284 | | * On out, end of parsed header. |
2285 | | * @param [out] len Number of bytes in the ASN.1 data. |
2286 | | * @param [in] maxIdx Length of data in buffer. |
2287 | | * @param [in] check Whether to check the buffer has at least the |
2288 | | * decoded length of bytes remaining. |
2289 | | * @return Number of bytes in the ASN.1 data on success. |
2290 | | * @return BUFFER_E when there is not enough data to parse. |
2291 | | * @return ASN_PARSE_E when the expected tag is not found or length is invalid. |
2292 | | */ |
2293 | | static int GetASNHeader_ex(const byte* input, byte tag, word32* inOutIdx, |
2294 | | int* len, word32 maxIdx, int check) |
2295 | 0 | { |
2296 | 0 | int ret = 0; |
2297 | 0 | word32 idx = *inOutIdx; |
2298 | 0 | byte tagFound; |
2299 | 0 | int length = 0; |
2300 | | |
2301 | | /* Get tag/type. */ |
2302 | 0 | if (GetASNTag(input, &idx, &tagFound, maxIdx) != 0) { |
2303 | 0 | ret = ASN_PARSE_E; |
2304 | 0 | } |
2305 | | /* Ensure tag is the expected value. */ |
2306 | 0 | if ((ret == 0) && (tagFound != tag)) { |
2307 | 0 | ret = ASN_PARSE_E; |
2308 | 0 | } |
2309 | | /* Get the encoded length. */ |
2310 | 0 | if ((ret == 0) && (GetLength_ex(input, &idx, &length, maxIdx, check) < 0)) { |
2311 | 0 | ret = ASN_PARSE_E; |
2312 | 0 | } |
2313 | 0 | if (ret == 0) { |
2314 | | /* Return the length of data and index after header. */ |
2315 | 0 | *len = length; |
2316 | 0 | *inOutIdx = idx; |
2317 | 0 | ret = length; |
2318 | 0 | } |
2319 | | /* Return number of data bytes or error code. */ |
2320 | 0 | return ret; |
2321 | 0 | } |
2322 | | |
2323 | | |
2324 | | /* Decode the DER/BER header (Type-Length) and check the length. |
2325 | | * |
2326 | | * BER/DER has Type-Length-Value triplets. |
2327 | | * Check that the tag/type is the required value. |
2328 | | * Checks that the Length decoded, indicating the number of bytes in the Value, |
2329 | | * is available in the buffer after the Length bytes. |
2330 | | * |
2331 | | * @param [in] input Buffer holding DER/BER encoded data. |
2332 | | * @param [in] tag ASN.1 tag value expected in header. |
2333 | | * @param [in, out] inOutIdx On in, starting index of header. |
2334 | | * On out, end of parsed header. |
2335 | | * @param [out] len Number of bytes in the ASN.1 data. |
2336 | | * @param [in] maxIdx Length of data in buffer. |
2337 | | * @return Number of bytes in the ASN.1 data on success. |
2338 | | * @return BUFFER_E when there is not enough data to parse. |
2339 | | * @return ASN_PARSE_E when the expected tag is not found or length is invalid. |
2340 | | */ |
2341 | | static int GetASNHeader(const byte* input, byte tag, word32* inOutIdx, int* len, |
2342 | | word32 maxIdx) |
2343 | 0 | { |
2344 | 0 | return GetASNHeader_ex(input, tag, inOutIdx, len, maxIdx, 1); |
2345 | 0 | } |
2346 | | |
2347 | | #ifndef WOLFSSL_ASN_TEMPLATE |
2348 | | static int GetHeader(const byte* input, byte* tag, word32* inOutIdx, int* len, |
2349 | | word32 maxIdx, int check) |
2350 | | { |
2351 | | word32 idx = *inOutIdx; |
2352 | | int length; |
2353 | | |
2354 | | if ((idx + 1) > maxIdx) |
2355 | | return BUFFER_E; |
2356 | | |
2357 | | *tag = input[idx++]; |
2358 | | |
2359 | | if (GetLength_ex(input, &idx, &length, maxIdx, check) < 0) |
2360 | | return ASN_PARSE_E; |
2361 | | |
2362 | | *len = length; |
2363 | | *inOutIdx = idx; |
2364 | | return length; |
2365 | | } |
2366 | | #endif |
2367 | | |
2368 | | /* Decode the header of a BER/DER encoded SEQUENCE. |
2369 | | * |
2370 | | * @param [in] input Buffer holding DER/BER encoded data. |
2371 | | * @param [in, out] inOutIdx On in, starting index of header. |
2372 | | * On out, end of parsed header. |
2373 | | * @param [out] len Number of bytes in the ASN.1 data. |
2374 | | * @param [in] maxIdx Length of data in buffer. |
2375 | | * @return Number of bytes in the ASN.1 data on success. |
2376 | | * @return BUFFER_E when there is not enough data to parse. |
2377 | | * @return ASN_PARSE_E when the tag is not a SEQUENCE or length is invalid. |
2378 | | */ |
2379 | | int GetSequence(const byte* input, word32* inOutIdx, int* len, |
2380 | | word32 maxIdx) |
2381 | 0 | { |
2382 | 0 | return GetASNHeader(input, ASN_SEQUENCE | ASN_CONSTRUCTED, inOutIdx, len, |
2383 | 0 | maxIdx); |
2384 | 0 | } |
2385 | | |
2386 | | /* Decode the header of a BER/DER encoded SEQUENCE. |
2387 | | * |
2388 | | * @param [in] input Buffer holding DER/BER encoded data. |
2389 | | * @param [in, out] inOutIdx On in, starting index of header. |
2390 | | * On out, end of parsed header. |
2391 | | * @param [out] len Number of bytes in the ASN.1 data. |
2392 | | * @param [in] maxIdx Length of data in buffer. |
2393 | | * @param [in] check Whether to check the buffer has at least the |
2394 | | * decoded length of bytes remaining. |
2395 | | * @return Number of bytes in the ASN.1 data on success. |
2396 | | * @return BUFFER_E when there is not enough data to parse. |
2397 | | * @return ASN_PARSE_E when the tag is not a SEQUENCE or length is invalid. |
2398 | | */ |
2399 | | int GetSequence_ex(const byte* input, word32* inOutIdx, int* len, |
2400 | | word32 maxIdx, int check) |
2401 | 0 | { |
2402 | 0 | return GetASNHeader_ex(input, ASN_SEQUENCE | ASN_CONSTRUCTED, inOutIdx, len, |
2403 | 0 | maxIdx, check); |
2404 | 0 | } |
2405 | | |
2406 | | /* Decode the header of a BER/DER encoded SET. |
2407 | | * |
2408 | | * @param [in] input Buffer holding DER/BER encoded data. |
2409 | | * @param [in, out] inOutIdx On in, starting index of header. |
2410 | | * On out, end of parsed header. |
2411 | | * @param [out] len Number of bytes in the ASN.1 data. |
2412 | | * @param [in] maxIdx Length of data in buffer. |
2413 | | * @return Number of bytes in the ASN.1 data on success. |
2414 | | * @return BUFFER_E when there is not enough data to parse. |
2415 | | * @return ASN_PARSE_E when the tag is not a SET or length is invalid. |
2416 | | */ |
2417 | | int GetSet(const byte* input, word32* inOutIdx, int* len, |
2418 | | word32 maxIdx) |
2419 | 0 | { |
2420 | 0 | return GetASNHeader(input, ASN_SET | ASN_CONSTRUCTED, inOutIdx, len, |
2421 | 0 | maxIdx); |
2422 | 0 | } |
2423 | | |
2424 | | /* Decode the header of a BER/DER encoded SET. |
2425 | | * |
2426 | | * @param [in] input Buffer holding DER/BER encoded data. |
2427 | | * @param [in, out] inOutIdx On in, starting index of header. |
2428 | | * On out, end of parsed header. |
2429 | | * @param [out] len Number of bytes in the ASN.1 data. |
2430 | | * @param [in] maxIdx Length of data in buffer. |
2431 | | * @param [in] check Whether to check the buffer has at least the |
2432 | | * decoded length of bytes remaining. |
2433 | | * @return Number of bytes in the ASN.1 data on success. |
2434 | | * @return BUFFER_E when there is not enough data to parse. |
2435 | | * @return ASN_PARSE_E when the tag is not a SET or length is invalid. |
2436 | | */ |
2437 | | int GetSet_ex(const byte* input, word32* inOutIdx, int* len, |
2438 | | word32 maxIdx, int check) |
2439 | 0 | { |
2440 | 0 | return GetASNHeader_ex(input, ASN_SET | ASN_CONSTRUCTED, inOutIdx, len, |
2441 | 0 | maxIdx, check); |
2442 | 0 | } |
2443 | | |
2444 | | #if !defined(WOLFSSL_ASN_TEMPLATE) || defined(HAVE_OCSP) |
2445 | | /* Decode the BER/DER encoded NULL. |
2446 | | * |
2447 | | * No data in a NULL ASN.1 item. |
2448 | | * Ensure that the all fields are as expected and move index past the element. |
2449 | | * |
2450 | | * @param [in] input Buffer holding DER/BER encoded data. |
2451 | | * @param [in, out] inOutIdx On in, starting index of NULL item. |
2452 | | * On out, end of parsed NULL item. |
2453 | | * @param [in] maxIdx Length of data in buffer. |
2454 | | * @return 0 on success. |
2455 | | * @return BUFFER_E when there is not enough data to parse. |
2456 | | * @return ASN_TAG_NULL_E when the NULL tag is not found. |
2457 | | * @return ASN_EXPECT_0_E when the length is not zero. |
2458 | | */ |
2459 | | static int GetASNNull(const byte* input, word32* inOutIdx, word32 maxIdx) |
2460 | | { |
2461 | | int ret = 0; |
2462 | | word32 idx = *inOutIdx; |
2463 | | |
2464 | | /* Check buffer has enough data for a NULL item. */ |
2465 | | if ((idx + 2) > maxIdx) { |
2466 | | ret = BUFFER_E; |
2467 | | } |
2468 | | /* Check the tag is NULL. */ |
2469 | | if ((ret == 0) && (input[idx++] != ASN_TAG_NULL)) { |
2470 | | ret = ASN_TAG_NULL_E; |
2471 | | } |
2472 | | /* Check the length is zero. */ |
2473 | | if ((ret == 0) && (input[idx++] != 0)) { |
2474 | | ret = ASN_EXPECT_0_E; |
2475 | | } |
2476 | | if (ret == 0) { |
2477 | | /* Return the index after NULL tag. */ |
2478 | | *inOutIdx = idx; |
2479 | | } |
2480 | | /* Return error code. */ |
2481 | | return ret; |
2482 | | } |
2483 | | #endif |
2484 | | |
2485 | | #ifndef WOLFSSL_ASN_TEMPLATE |
2486 | | /* Set the DER/BER encoding of the ASN.1 NULL element. |
2487 | | * |
2488 | | * output Buffer to write into. |
2489 | | * returns the number of bytes added to the buffer. |
2490 | | */ |
2491 | | static int SetASNNull(byte* output) |
2492 | | { |
2493 | | output[0] = ASN_TAG_NULL; |
2494 | | output[1] = 0; |
2495 | | |
2496 | | return 2; |
2497 | | } |
2498 | | #endif |
2499 | | |
2500 | | #ifndef NO_CERTS |
2501 | | #ifndef WOLFSSL_ASN_TEMPLATE |
2502 | | /* Get the DER/BER encoding of an ASN.1 BOOLEAN. |
2503 | | * |
2504 | | * input Buffer holding DER/BER encoded data. |
2505 | | * inOutIdx Current index into buffer to parse. |
2506 | | * maxIdx Length of data in buffer. |
2507 | | * returns BUFFER_E when there is not enough data to parse. |
2508 | | * ASN_PARSE_E when the BOOLEAN tag is not found or length is not 1. |
2509 | | * Otherwise, 0 to indicate the value was false and 1 to indicate true. |
2510 | | */ |
2511 | | static int GetBoolean(const byte* input, word32* inOutIdx, word32 maxIdx) |
2512 | | { |
2513 | | word32 idx = *inOutIdx; |
2514 | | byte b; |
2515 | | |
2516 | | if ((idx + 3) > maxIdx) |
2517 | | return BUFFER_E; |
2518 | | |
2519 | | b = input[idx++]; |
2520 | | if (b != ASN_BOOLEAN) |
2521 | | return ASN_PARSE_E; |
2522 | | |
2523 | | if (input[idx++] != 1) |
2524 | | return ASN_PARSE_E; |
2525 | | |
2526 | | b = input[idx++] != 0; |
2527 | | |
2528 | | *inOutIdx = idx; |
2529 | | return b; |
2530 | | } |
2531 | | #endif |
2532 | | #endif /* !NO_CERTS*/ |
2533 | | |
2534 | | |
2535 | | /* Decode the header of a BER/DER encoded OCTET STRING. |
2536 | | * |
2537 | | * @param [in] input Buffer holding DER/BER encoded data. |
2538 | | * @param [in, out] inOutIdx On in, starting index of header. |
2539 | | * On out, end of parsed header. |
2540 | | * @param [out] len Number of bytes in the ASN.1 data. |
2541 | | * @param [in] maxIdx Length of data in buffer. |
2542 | | * @return Number of bytes in the ASN.1 data on success. |
2543 | | * @return BUFFER_E when there is not enough data to parse. |
2544 | | * @return ASN_PARSE_E when the tag is not a OCTET STRING or length is invalid. |
2545 | | */ |
2546 | | int GetOctetString(const byte* input, word32* inOutIdx, int* len, word32 maxIdx) |
2547 | 0 | { |
2548 | 0 | return GetASNHeader(input, ASN_OCTET_STRING, inOutIdx, len, maxIdx); |
2549 | 0 | } |
2550 | | |
2551 | | #ifndef WOLFSSL_ASN_TEMPLATE |
2552 | | /* Get the DER/BER encoding of an ASN.1 INTEGER header. |
2553 | | * |
2554 | | * Removes the leading zero byte when found. |
2555 | | * |
2556 | | * input Buffer holding DER/BER encoded data. |
2557 | | * inOutIdx Current index into buffer to parse. |
2558 | | * len The number of bytes in the ASN.1 data (excluding any leading zero). |
2559 | | * maxIdx Length of data in buffer. |
2560 | | * returns BUFFER_E when there is not enough data to parse. |
2561 | | * ASN_PARSE_E when the INTEGER tag is not found, length is invalid, |
2562 | | * or invalid use of or missing leading zero. |
2563 | | * Otherwise, 0 to indicate success. |
2564 | | */ |
2565 | | static int GetASNInt(const byte* input, word32* inOutIdx, int* len, |
2566 | | word32 maxIdx) |
2567 | | { |
2568 | | int ret; |
2569 | | |
2570 | | ret = GetASNHeader(input, ASN_INTEGER, inOutIdx, len, maxIdx); |
2571 | | if (ret < 0) |
2572 | | return ret; |
2573 | | |
2574 | | if (*len > 0) { |
2575 | | |
2576 | | #ifndef WOLFSSL_ASN_INT_LEAD_0_ANY |
2577 | | /* check for invalid padding on negative integer. |
2578 | | * c.f. X.690 (ISO/IEC 8825-2:2003 (E)) 10.4.6; RFC 5280 4.1 |
2579 | | */ |
2580 | | if (*len > 1) { |
2581 | | if ((input[*inOutIdx] == 0xff) && (input[*inOutIdx + 1] & 0x80)) |
2582 | | return ASN_PARSE_E; |
2583 | | } |
2584 | | #endif |
2585 | | |
2586 | | /* remove leading zero, unless there is only one 0x00 byte */ |
2587 | | if ((input[*inOutIdx] == 0x00) && (*len > 1)) { |
2588 | | (*inOutIdx)++; |
2589 | | (*len)--; |
2590 | | |
2591 | | #ifndef WOLFSSL_ASN_INT_LEAD_0_ANY |
2592 | | if (*len > 0 && (input[*inOutIdx] & 0x80) == 0) |
2593 | | return ASN_PARSE_E; |
2594 | | #endif |
2595 | | } |
2596 | | } |
2597 | | |
2598 | | return 0; |
2599 | | } |
2600 | | |
2601 | | #ifndef NO_CERTS |
2602 | | /* Get the DER/BER encoding of an ASN.1 INTEGER that has a value of no more than |
2603 | | * 7 bits. |
2604 | | * |
2605 | | * input Buffer holding DER/BER encoded data. |
2606 | | * inOutIdx Current index into buffer to parse. |
2607 | | * maxIdx Length of data in buffer. |
2608 | | * returns BUFFER_E when there is not enough data to parse. |
2609 | | * ASN_PARSE_E when the INTEGER tag is not found or length is invalid. |
2610 | | * Otherwise, the 7-bit value. |
2611 | | */ |
2612 | | static int GetInteger7Bit(const byte* input, word32* inOutIdx, word32 maxIdx) |
2613 | | { |
2614 | | word32 idx = *inOutIdx; |
2615 | | byte b; |
2616 | | |
2617 | | if ((idx + 3) > maxIdx) |
2618 | | return BUFFER_E; |
2619 | | |
2620 | | if (GetASNTag(input, &idx, &b, maxIdx) != 0) |
2621 | | return ASN_PARSE_E; |
2622 | | if (b != ASN_INTEGER) |
2623 | | return ASN_PARSE_E; |
2624 | | if (input[idx++] != 1) |
2625 | | return ASN_PARSE_E; |
2626 | | b = input[idx++]; |
2627 | | |
2628 | | *inOutIdx = idx; |
2629 | | return b; |
2630 | | } |
2631 | | #endif /* !NO_CERTS */ |
2632 | | |
2633 | | #if defined(WC_RSA_PSS) && !defined(NO_RSA) |
2634 | | /* Get the DER/BER encoding of an ASN.1 INTEGER that has a value of no more than |
2635 | | * 16 bits. |
2636 | | * |
2637 | | * input Buffer holding DER/BER encoded data. |
2638 | | * inOutIdx Current index into buffer to parse. |
2639 | | * maxIdx Length of data in buffer. |
2640 | | * returns BUFFER_E when there is not enough data to parse. |
2641 | | * ASN_PARSE_E when the INTEGER tag is not found or length is invalid. |
2642 | | * Otherwise, the 16-bit value. |
2643 | | */ |
2644 | | static int GetInteger16Bit(const byte* input, word32* inOutIdx, word32 maxIdx) |
2645 | | { |
2646 | | word32 idx = *inOutIdx; |
2647 | | byte tag; |
2648 | | word16 n; |
2649 | | |
2650 | | if ((idx + 2) > maxIdx) |
2651 | | return BUFFER_E; |
2652 | | |
2653 | | if (GetASNTag(input, &idx, &tag, maxIdx) != 0) |
2654 | | return ASN_PARSE_E; |
2655 | | if (tag != ASN_INTEGER) |
2656 | | return ASN_PARSE_E; |
2657 | | if (input[idx] == 1) { |
2658 | | idx++; |
2659 | | if ((idx + 1) > maxIdx) { |
2660 | | return ASN_PARSE_E; |
2661 | | } |
2662 | | n = input[idx++]; |
2663 | | } |
2664 | | else if (input[idx] == 2) { |
2665 | | idx++; |
2666 | | if ((idx + 2) > maxIdx) { |
2667 | | return ASN_PARSE_E; |
2668 | | } |
2669 | | n = input[idx++]; |
2670 | | n = (n << 8) | input[idx++]; |
2671 | | } |
2672 | | else |
2673 | | return ASN_PARSE_E; |
2674 | | |
2675 | | *inOutIdx = idx; |
2676 | | return n; |
2677 | | } |
2678 | | #endif /* WC_RSA_PSS && !NO_RSA */ |
2679 | | #endif /* !WOLFSSL_ASN_TEMPLATE */ |
2680 | | |
2681 | | #if !defined(NO_DSA) && !defined(NO_SHA) |
2682 | | static const char sigSha1wDsaName[] = "SHAwDSA"; |
2683 | | static const char sigSha256wDsaName[] = "SHA256wDSA"; |
2684 | | #endif /* NO_DSA */ |
2685 | | #ifndef NO_RSA |
2686 | | #ifdef WOLFSSL_MD2 |
2687 | | static const char sigMd2wRsaName[] = "md2WithRSAEncryption"; |
2688 | | #endif |
2689 | | #ifndef NO_MD5 |
2690 | | static const char sigMd5wRsaName[] = "md5WithRSAEncryption"; |
2691 | | #endif |
2692 | | #ifndef NO_SHA |
2693 | | static const char sigSha1wRsaName[] = "sha1WithRSAEncryption"; |
2694 | | #endif |
2695 | | #ifdef WOLFSSL_SHA224 |
2696 | | static const char sigSha224wRsaName[] = "sha224WithRSAEncryption"; |
2697 | | #endif |
2698 | | #ifndef NO_SHA256 |
2699 | | static const char sigSha256wRsaName[] = "sha256WithRSAEncryption"; |
2700 | | #endif |
2701 | | #ifdef WOLFSSL_SHA384 |
2702 | | static const char sigSha384wRsaName[] = "sha384WithRSAEncryption"; |
2703 | | #endif |
2704 | | #ifdef WOLFSSL_SHA512 |
2705 | | static const char sigSha512wRsaName[] = "sha512WithRSAEncryption"; |
2706 | | #endif |
2707 | | #ifdef WOLFSSL_SHA3 |
2708 | | #ifndef WOLFSSL_NOSHA3_224 |
2709 | | static const char sigSha3_224wRsaName[] = "sha3_224WithRSAEncryption"; |
2710 | | #endif |
2711 | | #ifndef WOLFSSL_NOSHA3_256 |
2712 | | static const char sigSha3_256wRsaName[] = "sha3_256WithRSAEncryption"; |
2713 | | #endif |
2714 | | #ifndef WOLFSSL_NOSHA3_384 |
2715 | | static const char sigSha3_384wRsaName[] = "sha3_384WithRSAEncryption"; |
2716 | | #endif |
2717 | | #ifndef WOLFSSL_NOSHA3_512 |
2718 | | static const char sigSha3_512wRsaName[] = "sha3_512WithRSAEncryption"; |
2719 | | #endif |
2720 | | #endif |
2721 | | #ifdef WC_RSA_PSS |
2722 | | static const char sigRsaSsaPssName[] = "rsassaPss"; |
2723 | | #endif |
2724 | | #endif /* NO_RSA */ |
2725 | | #ifdef HAVE_ECC |
2726 | | #ifndef NO_SHA |
2727 | | static const char sigSha1wEcdsaName[] = "SHAwECDSA"; |
2728 | | #endif |
2729 | | #ifdef WOLFSSL_SHA224 |
2730 | | static const char sigSha224wEcdsaName[] = "SHA224wECDSA"; |
2731 | | #endif |
2732 | | #ifndef NO_SHA256 |
2733 | | static const char sigSha256wEcdsaName[] = "SHA256wECDSA"; |
2734 | | #endif |
2735 | | #ifdef WOLFSSL_SHA384 |
2736 | | static const char sigSha384wEcdsaName[] = "SHA384wECDSA"; |
2737 | | #endif |
2738 | | #ifdef WOLFSSL_SHA512 |
2739 | | static const char sigSha512wEcdsaName[] = "SHA512wECDSA"; |
2740 | | #endif |
2741 | | #ifdef WOLFSSL_SHA3 |
2742 | | #ifndef WOLFSSL_NOSHA3_224 |
2743 | | static const char sigSha3_224wEcdsaName[] = "SHA3_224wECDSA"; |
2744 | | #endif |
2745 | | #ifndef WOLFSSL_NOSHA3_256 |
2746 | | static const char sigSha3_256wEcdsaName[] = "SHA3_256wECDSA"; |
2747 | | #endif |
2748 | | #ifndef WOLFSSL_NOSHA3_384 |
2749 | | static const char sigSha3_384wEcdsaName[] = "SHA3_384wECDSA"; |
2750 | | #endif |
2751 | | #ifndef WOLFSSL_NOSHA3_512 |
2752 | | static const char sigSha3_512wEcdsaName[] = "SHA3_512wECDSA"; |
2753 | | #endif |
2754 | | #endif |
2755 | | #endif /* HAVE_ECC */ |
2756 | | static const char sigUnknownName[] = "Unknown"; |
2757 | | |
2758 | | |
2759 | | /* Get the human readable string for a signature type |
2760 | | * |
2761 | | * oid Oid value for signature |
2762 | | */ |
2763 | 0 | const char* GetSigName(int oid) { |
2764 | 0 | switch (oid) { |
2765 | | #if !defined(NO_DSA) && !defined(NO_SHA) |
2766 | | case CTC_SHAwDSA: |
2767 | | return sigSha1wDsaName; |
2768 | | case CTC_SHA256wDSA: |
2769 | | return sigSha256wDsaName; |
2770 | | #endif /* NO_DSA && NO_SHA */ |
2771 | 0 | #ifndef NO_RSA |
2772 | 0 | #ifdef WOLFSSL_MD2 |
2773 | 0 | case CTC_MD2wRSA: |
2774 | 0 | return sigMd2wRsaName; |
2775 | 0 | #endif |
2776 | 0 | #ifndef NO_MD5 |
2777 | 0 | case CTC_MD5wRSA: |
2778 | 0 | return sigMd5wRsaName; |
2779 | 0 | #endif |
2780 | 0 | #ifndef NO_SHA |
2781 | 0 | case CTC_SHAwRSA: |
2782 | 0 | return sigSha1wRsaName; |
2783 | 0 | #endif |
2784 | 0 | #ifdef WOLFSSL_SHA224 |
2785 | 0 | case CTC_SHA224wRSA: |
2786 | 0 | return sigSha224wRsaName; |
2787 | 0 | #endif |
2788 | 0 | #ifndef NO_SHA256 |
2789 | 0 | case CTC_SHA256wRSA: |
2790 | 0 | return sigSha256wRsaName; |
2791 | 0 | #endif |
2792 | 0 | #ifdef WOLFSSL_SHA384 |
2793 | 0 | case CTC_SHA384wRSA: |
2794 | 0 | return sigSha384wRsaName; |
2795 | 0 | #endif |
2796 | 0 | #ifdef WOLFSSL_SHA512 |
2797 | 0 | case CTC_SHA512wRSA: |
2798 | 0 | return sigSha512wRsaName; |
2799 | 0 | #endif |
2800 | 0 | #ifdef WOLFSSL_SHA3 |
2801 | 0 | #ifndef WOLFSSL_NOSHA3_224 |
2802 | 0 | case CTC_SHA3_224wRSA: |
2803 | 0 | return sigSha3_224wRsaName; |
2804 | 0 | #endif |
2805 | 0 | #ifndef WOLFSSL_NOSHA3_256 |
2806 | 0 | case CTC_SHA3_256wRSA: |
2807 | 0 | return sigSha3_256wRsaName; |
2808 | 0 | #endif |
2809 | 0 | #ifndef WOLFSSL_NOSHA3_384 |
2810 | 0 | case CTC_SHA3_384wRSA: |
2811 | 0 | return sigSha3_384wRsaName; |
2812 | 0 | #endif |
2813 | 0 | #ifndef WOLFSSL_NOSHA3_512 |
2814 | 0 | case CTC_SHA3_512wRSA: |
2815 | 0 | return sigSha3_512wRsaName; |
2816 | 0 | #endif |
2817 | 0 | #endif |
2818 | 0 | #ifdef WC_RSA_PSS |
2819 | 0 | case CTC_RSASSAPSS: |
2820 | 0 | return sigRsaSsaPssName; |
2821 | 0 | #endif |
2822 | 0 | #endif /* NO_RSA */ |
2823 | 0 | #ifdef HAVE_ECC |
2824 | 0 | #ifndef NO_SHA |
2825 | 0 | case CTC_SHAwECDSA: |
2826 | 0 | return sigSha1wEcdsaName; |
2827 | 0 | #endif |
2828 | 0 | #ifdef WOLFSSL_SHA224 |
2829 | 0 | case CTC_SHA224wECDSA: |
2830 | 0 | return sigSha224wEcdsaName; |
2831 | 0 | #endif |
2832 | 0 | #ifndef NO_SHA256 |
2833 | 0 | case CTC_SHA256wECDSA: |
2834 | 0 | return sigSha256wEcdsaName; |
2835 | 0 | #endif |
2836 | 0 | #ifdef WOLFSSL_SHA384 |
2837 | 0 | case CTC_SHA384wECDSA: |
2838 | 0 | return sigSha384wEcdsaName; |
2839 | 0 | #endif |
2840 | 0 | #ifdef WOLFSSL_SHA512 |
2841 | 0 | case CTC_SHA512wECDSA: |
2842 | 0 | return sigSha512wEcdsaName; |
2843 | 0 | #endif |
2844 | 0 | #ifdef WOLFSSL_SHA3 |
2845 | 0 | #ifndef WOLFSSL_NOSHA3_224 |
2846 | 0 | case CTC_SHA3_224wECDSA: |
2847 | 0 | return sigSha3_224wEcdsaName; |
2848 | 0 | #endif |
2849 | 0 | #ifndef WOLFSSL_NOSHA3_256 |
2850 | 0 | case CTC_SHA3_256wECDSA: |
2851 | 0 | return sigSha3_256wEcdsaName; |
2852 | 0 | #endif |
2853 | 0 | #ifndef WOLFSSL_NOSHA3_384 |
2854 | 0 | case CTC_SHA3_384wECDSA: |
2855 | 0 | return sigSha3_384wEcdsaName; |
2856 | 0 | #endif |
2857 | 0 | #ifndef WOLFSSL_NOSHA3_512 |
2858 | 0 | case CTC_SHA3_512wECDSA: |
2859 | 0 | return sigSha3_512wEcdsaName; |
2860 | 0 | #endif |
2861 | 0 | #endif |
2862 | 0 | #endif /* HAVE_ECC */ |
2863 | 0 | default: |
2864 | 0 | return sigUnknownName; |
2865 | 0 | } |
2866 | 0 | } |
2867 | | |
2868 | | |
2869 | | #if !defined(WOLFSSL_ASN_TEMPLATE) || defined(HAVE_PKCS7) || \ |
2870 | | defined(OPENSSL_EXTRA) |
2871 | | #if !defined(NO_DSA) || defined(HAVE_ECC) || !defined(NO_CERTS) || \ |
2872 | | (!defined(NO_RSA) && \ |
2873 | | (defined(WOLFSSL_CERT_GEN) || \ |
2874 | | ((defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)) && !defined(HAVE_USER_RSA)))) |
2875 | | /* Set the DER/BER encoding of the ASN.1 INTEGER header. |
2876 | | * |
2877 | | * When output is NULL, calculate the header length only. |
2878 | | * |
2879 | | * @param [in] len Length of INTEGER data in bytes. |
2880 | | * @param [in] firstByte First byte of data, most significant byte of integer, |
2881 | | * to encode. |
2882 | | * @param [out] output Buffer to write into. |
2883 | | * @return Number of bytes added to the buffer. |
2884 | | */ |
2885 | | int SetASNInt(int len, byte firstByte, byte* output) |
2886 | | { |
2887 | | int idx = 0; |
2888 | | |
2889 | | if (output) { |
2890 | | /* Write out tag. */ |
2891 | | output[idx] = ASN_INTEGER; |
2892 | | } |
2893 | | /* Step over tag. */ |
2894 | | idx += ASN_TAG_SZ; |
2895 | | /* Check if first byte has top bit set in which case a 0 is needed to |
2896 | | * maintain positive value. */ |
2897 | | if (firstByte & 0x80) { |
2898 | | /* Add pre-prepended byte to length of data in INTEGER. */ |
2899 | | len++; |
2900 | | } |
2901 | | /* Encode length - passing NULL for output will not encode. */ |
2902 | | idx += (int)SetLength((word32)len, output ? output + idx : NULL); |
2903 | | /* Put out pre-pended 0 as well. */ |
2904 | | if (firstByte & 0x80) { |
2905 | | if (output) { |
2906 | | /* Write out 0 byte. */ |
2907 | | output[idx] = 0x00; |
2908 | | } |
2909 | | /* Update index. */ |
2910 | | idx++; |
2911 | | } |
2912 | | |
2913 | | /* Return index after header. */ |
2914 | | return idx; |
2915 | | } |
2916 | | #endif |
2917 | | #endif |
2918 | | |
2919 | | #ifndef WOLFSSL_ASN_TEMPLATE |
2920 | | #if !defined(NO_DSA) || defined(HAVE_ECC) || (defined(WOLFSSL_CERT_GEN) && \ |
2921 | | !defined(NO_RSA)) || ((defined(WOLFSSL_KEY_GEN) || \ |
2922 | | (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || \ |
2923 | | defined(OPENSSL_EXTRA)) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)) |
2924 | | /* Set the DER/BER encoding of the ASN.1 INTEGER element with an mp_int. |
2925 | | * The number is assumed to be positive. |
2926 | | * |
2927 | | * n Multi-precision integer to encode. |
2928 | | * maxSz Maximum size of the encoded integer. |
2929 | | * A negative value indicates no check of length requested. |
2930 | | * output Buffer to write into. |
2931 | | * returns BUFFER_E when the data is too long for the buffer. |
2932 | | * MP_TO_E when encoding the integer fails. |
2933 | | * Otherwise, the number of bytes added to the buffer. |
2934 | | */ |
2935 | | static int SetASNIntMP(mp_int* n, int maxSz, byte* output) |
2936 | | { |
2937 | | int idx = 0; |
2938 | | int leadingBit; |
2939 | | int length; |
2940 | | |
2941 | | leadingBit = mp_leading_bit(n); |
2942 | | length = mp_unsigned_bin_size(n); |
2943 | | if (maxSz >= 0 && (1 + length + (leadingBit ? 1 : 0)) > maxSz) |
2944 | | return BUFFER_E; |
2945 | | idx = SetASNInt(length, (byte)(leadingBit ? 0x80U : 0x00U), output); |
2946 | | if (maxSz >= 0 && (idx + length) > maxSz) |
2947 | | return BUFFER_E; |
2948 | | |
2949 | | if (output) { |
2950 | | int err = mp_to_unsigned_bin(n, output + idx); |
2951 | | if (err != MP_OKAY) |
2952 | | return MP_TO_E; |
2953 | | } |
2954 | | idx += length; |
2955 | | |
2956 | | return idx; |
2957 | | } |
2958 | | #endif |
2959 | | |
2960 | | #if !defined(NO_RSA) && defined(HAVE_USER_RSA) && \ |
2961 | | (defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA)) |
2962 | | /* Set the DER/BER encoding of the ASN.1 INTEGER element with an mp_int from |
2963 | | * an RSA key. |
2964 | | * The number is assumed to be positive. |
2965 | | * |
2966 | | * n Multi-precision integer to encode. |
2967 | | * output Buffer to write into. |
2968 | | * returns BUFFER_E when the data is too long for the buffer. |
2969 | | * MP_TO_E when encoding the integer fails. |
2970 | | * Otherwise, the number of bytes added to the buffer. |
2971 | | */ |
2972 | | static int SetASNIntRSA(void* n, byte* output) |
2973 | | { |
2974 | | int idx = 0; |
2975 | | int leadingBit; |
2976 | | int length; |
2977 | | |
2978 | | leadingBit = wc_Rsa_leading_bit(n); |
2979 | | length = wc_Rsa_unsigned_bin_size(n); |
2980 | | idx = SetASNInt(length, leadingBit ? 0x80 : 0x00, output); |
2981 | | if ((idx + length) > MAX_RSA_INT_SZ) |
2982 | | return BUFFER_E; |
2983 | | |
2984 | | if (output) { |
2985 | | int err = wc_Rsa_to_unsigned_bin(n, output + idx, length); |
2986 | | if (err != MP_OKAY) |
2987 | | return MP_TO_E; |
2988 | | } |
2989 | | idx += length; |
2990 | | |
2991 | | return idx; |
2992 | | } |
2993 | | #endif /* !NO_RSA && HAVE_USER_RSA && WOLFSSL_CERT_GEN */ |
2994 | | #endif /* !WOLFSSL_ASN_TEMPLATE */ |
2995 | | |
2996 | | #ifdef WOLFSSL_ASN_TEMPLATE |
2997 | | /* ASN.1 template for an INTEGER. */ |
2998 | | static const ASNItem intASN[] = { |
2999 | | /* INT */ { 0, ASN_INTEGER, 0, 0, 0 } |
3000 | | }; |
3001 | | enum { |
3002 | | INTASN_IDX_INT = 0 |
3003 | | }; |
3004 | | |
3005 | | /* Number of items in ASN.1 template for an INTEGER. */ |
3006 | 0 | #define intASN_Length (sizeof(intASN) / sizeof(ASNItem)) |
3007 | | #endif /* WOLFSSL_ASN_TEMPLATE */ |
3008 | | |
3009 | | /* Windows header clash for WinCE using GetVersion */ |
3010 | | /* Decode Version - one byte INTEGER. |
3011 | | * |
3012 | | * @param [in] input Buffer of BER data. |
3013 | | * @param [in, out] inOutIdx On in, start of encoded Version. |
3014 | | * On out, start of next encode ASN.1 item. |
3015 | | * @param [out] version Number encoded in INTEGER. |
3016 | | * @param [in] maxIdx Maximum index of data in buffer. |
3017 | | * @return 0 on success. |
3018 | | * @return ASN_PARSE_E when encoding is invalid. |
3019 | | * @return BUFFER_E when data in buffer is too small. |
3020 | | * @return ASN_EXPECT_0_E when the most significant bit is set. |
3021 | | */ |
3022 | | int GetMyVersion(const byte* input, word32* inOutIdx, |
3023 | | int* version, word32 maxIdx) |
3024 | 0 | { |
3025 | | #ifndef WOLFSSL_ASN_TEMPLATE |
3026 | | word32 idx = *inOutIdx; |
3027 | | byte tag; |
3028 | | |
3029 | | if ((idx + MIN_VERSION_SZ) > maxIdx) |
3030 | | return ASN_PARSE_E; |
3031 | | |
3032 | | if (GetASNTag(input, &idx, &tag, maxIdx) != 0) |
3033 | | return ASN_PARSE_E; |
3034 | | |
3035 | | if (tag != ASN_INTEGER) |
3036 | | return ASN_PARSE_E; |
3037 | | |
3038 | | if (input[idx++] != 0x01) |
3039 | | return ASN_VERSION_E; |
3040 | | |
3041 | | *version = input[idx++]; |
3042 | | *inOutIdx = idx; |
3043 | | |
3044 | | return *version; |
3045 | | #else |
3046 | 0 | ASNGetData dataASN[intASN_Length]; |
3047 | 0 | int ret; |
3048 | 0 | byte num; |
3049 | | |
3050 | | /* Clear dynamic data and set the version number variable. */ |
3051 | 0 | XMEMSET(dataASN, 0, sizeof(dataASN)); |
3052 | 0 | GetASN_Int8Bit(&dataASN[INTASN_IDX_INT], &num); |
3053 | | /* Decode the version (INTEGER). */ |
3054 | 0 | ret = GetASN_Items(intASN, dataASN, intASN_Length, 0, input, inOutIdx, |
3055 | 0 | maxIdx); |
3056 | 0 | if (ret == 0) { |
3057 | | /* Return version through variable and return value. */ |
3058 | 0 | *version = num; |
3059 | 0 | ret = num; |
3060 | 0 | } |
3061 | 0 | return ret; |
3062 | 0 | #endif /* WOLFSSL_ASN_TEMPLATE */ |
3063 | 0 | } |
3064 | | |
3065 | | |
3066 | | #ifndef NO_PWDBASED |
3067 | | /* Decode small integer, 32 bits or less. |
3068 | | * |
3069 | | * @param [in] input Buffer of BER data. |
3070 | | * @param [in, out] inOutIdx On in, start of encoded INTEGER. |
3071 | | * On out, start of next encode ASN.1 item. |
3072 | | * @param [out] number Number encoded in INTEGER. |
3073 | | * @param [in] maxIdx Maximum index of data in buffer. |
3074 | | * @return 0 on success. |
3075 | | * @return ASN_PARSE_E when encoding is invalid. |
3076 | | * @return BUFFER_E when data in buffer is too small. |
3077 | | * @return ASN_EXPECT_0_E when the most significant bit is set. |
3078 | | */ |
3079 | | int GetShortInt(const byte* input, word32* inOutIdx, int* number, word32 maxIdx) |
3080 | 0 | { |
3081 | | #ifndef WOLFSSL_ASN_TEMPLATE |
3082 | | word32 idx = *inOutIdx; |
3083 | | word32 len; |
3084 | | byte tag; |
3085 | | |
3086 | | *number = 0; |
3087 | | |
3088 | | /* check for type and length bytes */ |
3089 | | if ((idx + 2) > maxIdx) |
3090 | | return BUFFER_E; |
3091 | | |
3092 | | if (GetASNTag(input, &idx, &tag, maxIdx) != 0) |
3093 | | return ASN_PARSE_E; |
3094 | | |
3095 | | if (tag != ASN_INTEGER) |
3096 | | return ASN_PARSE_E; |
3097 | | |
3098 | | len = input[idx++]; |
3099 | | if (len > 4) |
3100 | | return ASN_PARSE_E; |
3101 | | |
3102 | | if (len + idx > maxIdx) |
3103 | | return ASN_PARSE_E; |
3104 | | |
3105 | | while (len--) { |
3106 | | *number = *number << 8 | input[idx++]; |
3107 | | } |
3108 | | |
3109 | | *inOutIdx = idx; |
3110 | | |
3111 | | return *number; |
3112 | | #else |
3113 | 0 | ASNGetData dataASN[intASN_Length]; |
3114 | 0 | int ret; |
3115 | 0 | word32 num; |
3116 | | |
3117 | | /* Clear dynamic data and set the 32-bit number variable. */ |
3118 | 0 | XMEMSET(dataASN, 0, sizeof(dataASN)); |
3119 | 0 | GetASN_Int32Bit(&dataASN[INTASN_IDX_INT], &num); |
3120 | | /* Decode the short int (INTEGER). */ |
3121 | 0 | ret = GetASN_Items(intASN, dataASN, intASN_Length, 0, input, inOutIdx, |
3122 | 0 | maxIdx); |
3123 | 0 | if (ret == 0) { |
3124 | | /* Return number through variable and return value. */ |
3125 | 0 | *number = (int)num; |
3126 | 0 | ret = (int)num; |
3127 | 0 | } |
3128 | 0 | return ret; |
3129 | 0 | #endif |
3130 | 0 | } |
3131 | | |
3132 | | |
3133 | | #if !defined(WOLFSSL_ASN_TEMPLATE) || defined(HAVE_PKCS8) || \ |
3134 | | defined(HAVE_PKCS12) |
3135 | | /* Set small integer, 32 bits or less. DER encoding with no leading 0s |
3136 | | * returns total amount written including ASN tag and length byte on success */ |
3137 | | int SetShortInt(byte* input, word32* inOutIdx, word32 number, word32 maxIdx) |
3138 | 0 | { |
3139 | 0 | word32 idx = *inOutIdx; |
3140 | 0 | int len = 0; |
3141 | 0 | int i; |
3142 | 0 | byte ar[MAX_LENGTH_SZ]; |
3143 | | |
3144 | | /* check for room for type and length bytes */ |
3145 | 0 | if ((idx + 2) > maxIdx) |
3146 | 0 | return BUFFER_E; |
3147 | | |
3148 | 0 | input[idx++] = ASN_INTEGER; |
3149 | 0 | idx++; /* place holder for length byte */ |
3150 | 0 | if (MAX_LENGTH_SZ + idx > maxIdx) |
3151 | 0 | return ASN_PARSE_E; |
3152 | | |
3153 | | /* find first non zero byte */ |
3154 | 0 | XMEMSET(ar, 0, MAX_LENGTH_SZ); |
3155 | 0 | c32toa(number, ar); |
3156 | 0 | for (i = 0; i < MAX_LENGTH_SZ; i++) { |
3157 | 0 | if (ar[i] != 0) { |
3158 | 0 | break; |
3159 | 0 | } |
3160 | 0 | } |
3161 | | |
3162 | | /* handle case of 0 */ |
3163 | 0 | if (i == MAX_LENGTH_SZ) { |
3164 | 0 | input[idx++] = 0; len++; |
3165 | 0 | } |
3166 | |
|
3167 | 0 | for (; i < MAX_LENGTH_SZ && idx < maxIdx; i++) { |
3168 | 0 | input[idx++] = ar[i]; len++; |
3169 | 0 | } |
3170 | | |
3171 | | /* jump back to beginning of input buffer using unaltered inOutIdx value |
3172 | | * and set number of bytes for integer, then update the index value */ |
3173 | 0 | input[*inOutIdx + 1] = (byte)len; |
3174 | 0 | *inOutIdx = idx; |
3175 | |
|
3176 | 0 | return len + 2; /* size of integer bytes plus ASN TAG and length byte */ |
3177 | 0 | } |
3178 | | #endif /* !WOLFSSL_ASN_TEMPLATE || HAVE_PKCS8 || HAVE_PKCS12 */ |
3179 | | #endif /* !NO_PWDBASED */ |
3180 | | |
3181 | | #if !defined(WOLFSSL_ASN_TEMPLATE) && !defined(NO_CERTS) |
3182 | | /* May not have one, not an error */ |
3183 | | static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version, |
3184 | | word32 maxIdx) |
3185 | | { |
3186 | | word32 idx = *inOutIdx; |
3187 | | byte tag; |
3188 | | |
3189 | | WOLFSSL_ENTER("GetExplicitVersion"); |
3190 | | |
3191 | | if (GetASNTag(input, &idx, &tag, maxIdx) != 0) |
3192 | | return ASN_PARSE_E; |
3193 | | |
3194 | | if (tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) { |
3195 | | int ret; |
3196 | | |
3197 | | *inOutIdx = ++idx; /* skip header */ |
3198 | | ret = GetMyVersion(input, inOutIdx, version, maxIdx); |
3199 | | if (ret >= 0) { |
3200 | | /* check if version is expected value rfc 5280 4.1 {0, 1, 2} */ |
3201 | | if (*version > MAX_X509_VERSION || *version < MIN_X509_VERSION) { |
3202 | | WOLFSSL_MSG("Unexpected certificate version"); |
3203 | | WOLFSSL_ERROR_VERBOSE(ASN_VERSION_E); |
3204 | | ret = ASN_VERSION_E; |
3205 | | } |
3206 | | } |
3207 | | return ret; |
3208 | | } |
3209 | | |
3210 | | /* go back as is */ |
3211 | | *version = 0; |
3212 | | |
3213 | | return 0; |
3214 | | } |
3215 | | #endif |
3216 | | |
3217 | | /* Decode small integer, 32 bits or less. |
3218 | | * |
3219 | | * mp_int is initialized. |
3220 | | * |
3221 | | * @param [out] mpi mp_int to hold number. |
3222 | | * @param [in] input Buffer of BER data. |
3223 | | * @param [in, out] inOutIdx On in, start of encoded INTEGER. |
3224 | | * On out, start of next encode ASN.1 item. |
3225 | | * @param [in] maxIdx Maximum index of data in buffer. |
3226 | | * @return 0 on success. |
3227 | | * @return ASN_PARSE_E when encoding is invalid. |
3228 | | * @return BUFFER_E when data in buffer is too small. |
3229 | | * @return ASN_EXPECT_0_E when the most significant bit is set. |
3230 | | * @return MP_INIT_E when the unable to initialize an mp_int. |
3231 | | * @return ASN_GETINT_E when the unable to convert data to an mp_int. |
3232 | | */ |
3233 | | int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, word32 maxIdx) |
3234 | 0 | { |
3235 | | #ifndef WOLFSSL_ASN_TEMPLATE |
3236 | | word32 idx = *inOutIdx; |
3237 | | int ret; |
3238 | | int length; |
3239 | | |
3240 | | ret = GetASNInt(input, &idx, &length, maxIdx); |
3241 | | if (ret != 0) |
3242 | | return ret; |
3243 | | |
3244 | | if (mp_init(mpi) != MP_OKAY) |
3245 | | return MP_INIT_E; |
3246 | | |
3247 | | if (mp_read_unsigned_bin(mpi, input + idx, (word32)length) != 0) { |
3248 | | mp_clear(mpi); |
3249 | | return ASN_GETINT_E; |
3250 | | } |
3251 | | |
3252 | | #ifdef HAVE_WOLF_BIGINT |
3253 | | if (wc_bigint_from_unsigned_bin(&mpi->raw, input + idx, length) != 0) { |
3254 | | mp_clear(mpi); |
3255 | | return ASN_GETINT_E; |
3256 | | } |
3257 | | #endif /* HAVE_WOLF_BIGINT */ |
3258 | | |
3259 | | *inOutIdx = idx + (word32)length; |
3260 | | |
3261 | | return 0; |
3262 | | #else |
3263 | 0 | ASNGetData dataASN[intASN_Length]; |
3264 | | |
3265 | | /* Clear dynamic data and set the mp_int to fill with value. */ |
3266 | 0 | XMEMSET(dataASN, 0, sizeof(dataASN)); |
3267 | 0 | GetASN_MP_PosNeg(&dataASN[INTASN_IDX_INT], mpi); |
3268 | | /* Decode the big number (INTEGER). */ |
3269 | 0 | return GetASN_Items(intASN, dataASN, intASN_Length, 0, input, inOutIdx, |
3270 | 0 | maxIdx); |
3271 | 0 | #endif |
3272 | 0 | } |
3273 | | |
3274 | | #if (defined(HAVE_ECC) || !defined(NO_DSA)) && !defined(WOLFSSL_ASN_TEMPLATE) |
3275 | | static int GetIntPositive(mp_int* mpi, const byte* input, word32* inOutIdx, |
3276 | | word32 maxIdx, int initNum) |
3277 | | { |
3278 | | word32 idx = *inOutIdx; |
3279 | | int ret; |
3280 | | int length; |
3281 | | |
3282 | | ret = GetASNInt(input, &idx, &length, maxIdx); |
3283 | | if (ret != 0) |
3284 | | return ret; |
3285 | | |
3286 | | if (((input[idx] & 0x80) == 0x80) && (input[idx - 1] != 0x00)) |
3287 | | return MP_INIT_E; |
3288 | | |
3289 | | if (initNum) { |
3290 | | if (mp_init(mpi) != MP_OKAY) |
3291 | | return MP_INIT_E; |
3292 | | } |
3293 | | |
3294 | | if (mp_read_unsigned_bin(mpi, input + idx, (word32)length) != 0) { |
3295 | | mp_clear(mpi); |
3296 | | return ASN_GETINT_E; |
3297 | | } |
3298 | | |
3299 | | #ifdef HAVE_WOLF_BIGINT |
3300 | | if (wc_bigint_from_unsigned_bin(&mpi->raw, input + idx, length) != 0) { |
3301 | | mp_clear(mpi); |
3302 | | return ASN_GETINT_E; |
3303 | | } |
3304 | | #endif /* HAVE_WOLF_BIGINT */ |
3305 | | |
3306 | | *inOutIdx = idx + (word32)length; |
3307 | | |
3308 | | return 0; |
3309 | | } |
3310 | | #endif /* (ECC || !NO_DSA) && !WOLFSSL_ASN_TEMPLATE */ |
3311 | | |
3312 | | #ifndef WOLFSSL_ASN_TEMPLATE |
3313 | | #if (!defined(NO_RSA) && !defined(HAVE_USER_RSA)) || !defined(NO_DSA) |
3314 | | static int SkipInt(const byte* input, word32* inOutIdx, word32 maxIdx) |
3315 | | { |
3316 | | word32 idx = *inOutIdx; |
3317 | | int ret; |
3318 | | int length; |
3319 | | |
3320 | | ret = GetASNInt(input, &idx, &length, maxIdx); |
3321 | | if (ret != 0) |
3322 | | return ret; |
3323 | | |
3324 | | *inOutIdx = idx + (word32)length; |
3325 | | |
3326 | | return 0; |
3327 | | } |
3328 | | #endif |
3329 | | #endif /* !WOLFSSL_ASN_TEMPLATE */ |
3330 | | |
3331 | | #ifdef WOLFSSL_ASN_TEMPLATE |
3332 | | /* ASN.1 template for a BIT_STRING. */ |
3333 | | static const ASNItem bitStringASN[] = { |
3334 | | /* BIT_STR */ { 0, ASN_BIT_STRING, 0, 1, 0 } |
3335 | | }; |
3336 | | enum { |
3337 | | BITSTRINGASN_IDX_BIT_STR = 0 |
3338 | | }; |
3339 | | |
3340 | | /* Number of items in ASN.1 template for a BIT_STRING. */ |
3341 | 0 | #define bitStringASN_Length (sizeof(bitStringASN) / sizeof(ASNItem)) |
3342 | | #endif |
3343 | | |
3344 | | /* Decode and check the BIT_STRING is valid. Return length and unused bits. |
3345 | | * |
3346 | | * @param [in] input Buffer holding BER encoding. |
3347 | | * @param [in, out] inOutIdx On in, start of BIT_STRING. |
3348 | | * On out, start of ASN.1 item after BIT_STRING. |
3349 | | * @param [out] len Length of BIT_STRING data. |
3350 | | * @param [in] maxIdx Maximum index of data in buffer. |
3351 | | * @param [in] zeroBits Indicates whether zero unused bits is expected. |
3352 | | * @param [in] unusedBits Number of unused bits in last byte. |
3353 | | * @return 0 on success. |
3354 | | * @return ASN_PARSE_E when encoding is invalid. |
3355 | | * @return ASN_BITSTR_E when the expected BIT_STRING tag is not found. |
3356 | | * @return BUFFER_E when data in buffer is too small. |
3357 | | * @return ASN_EXPECT_0_E when unused bits is not zero when expected. |
3358 | | */ |
3359 | | int CheckBitString(const byte* input, word32* inOutIdx, int* len, |
3360 | | word32 maxIdx, int zeroBits, byte* unusedBits) |
3361 | 0 | { |
3362 | | #ifndef WOLFSSL_ASN_TEMPLATE |
3363 | | word32 idx = *inOutIdx; |
3364 | | int length; |
3365 | | byte b; |
3366 | | |
3367 | | if (GetASNTag(input, &idx, &b, maxIdx) != 0) { |
3368 | | return ASN_BITSTR_E; |
3369 | | } |
3370 | | |
3371 | | if (b != ASN_BIT_STRING) { |
3372 | | return ASN_BITSTR_E; |
3373 | | } |
3374 | | |
3375 | | if (GetLength(input, &idx, &length, maxIdx) < 0) |
3376 | | return ASN_PARSE_E; |
3377 | | |
3378 | | /* extra sanity check that length is greater than 0 */ |
3379 | | if (length <= 0) { |
3380 | | WOLFSSL_MSG("Error length was 0 in CheckBitString"); |
3381 | | return BUFFER_E; |
3382 | | } |
3383 | | |
3384 | | if (idx + 1 > maxIdx) { |
3385 | | WOLFSSL_MSG("Attempted buffer read larger than input buffer"); |
3386 | | return BUFFER_E; |
3387 | | } |
3388 | | |
3389 | | b = input[idx]; |
3390 | | if (zeroBits && b != 0x00) |
3391 | | return ASN_EXPECT_0_E; |
3392 | | if (b >= 0x08) |
3393 | | return ASN_PARSE_E; |
3394 | | if (b != 0) { |
3395 | | if ((byte)(input[idx + (word32)length - 1] << (8 - b)) != 0) |
3396 | | return ASN_PARSE_E; |
3397 | | } |
3398 | | idx++; |
3399 | | length--; /* length has been checked for greater than 0 */ |
3400 | | |
3401 | | *inOutIdx = idx; |
3402 | | if (len != NULL) |
3403 | | *len = length; |
3404 | | if (unusedBits != NULL) |
3405 | | *unusedBits = b; |
3406 | | |
3407 | | return 0; |
3408 | | #else |
3409 | 0 | ASNGetData dataASN[bitStringASN_Length]; |
3410 | 0 | int ret; |
3411 | 0 | int bits; |
3412 | | |
3413 | | /* Parse BIT_STRING and check validity of unused bits. */ |
3414 | 0 | XMEMSET(dataASN, 0, sizeof(dataASN)); |
3415 | | /* Decode BIT_STRING. */ |
3416 | 0 | ret = GetASN_Items(bitStringASN, dataASN, bitStringASN_Length, 0, input, |
3417 | 0 | inOutIdx, maxIdx); |
3418 | 0 | if (ret == 0) { |
3419 | | /* Get unused bits from dynamic ASN.1 data. */ |
3420 | 0 | bits = GetASNItem_UnusedBits(dataASN[BITSTRINGASN_IDX_BIT_STR]); |
3421 | | /* Check unused bits is 0 when expected. */ |
3422 | 0 | if (zeroBits && (bits != 0)) { |
3423 | 0 | ret = ASN_EXPECT_0_E; |
3424 | 0 | } |
3425 | 0 | } |
3426 | 0 | if (ret == 0) { |
3427 | | /* Return length of data and unused bits if required. */ |
3428 | 0 | if (len != NULL) { |
3429 | 0 | *len = (int)dataASN[BITSTRINGASN_IDX_BIT_STR].data.ref.length; |
3430 | 0 | } |
3431 | 0 | if (unusedBits != NULL) { |
3432 | 0 | *unusedBits = (byte)bits; |
3433 | 0 | } |
3434 | 0 | } |
3435 | |
|
3436 | 0 | return ret; |
3437 | 0 | #endif |
3438 | 0 | } |
3439 | | |
3440 | | /* RSA (with CertGen or KeyGen) OR ECC OR ED25519 OR ED448 (with CertGen or |
3441 | | * KeyGen) */ |
3442 | | #if (!defined(NO_RSA) && !defined(HAVE_USER_RSA) && \ |
3443 | | (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) || \ |
3444 | | defined(OPENSSL_EXTRA))) || \ |
3445 | | (defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)) || \ |
3446 | | ((defined(HAVE_ED25519) || defined(HAVE_ED448)) && \ |
3447 | | (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) || \ |
3448 | | defined(OPENSSL_EXTRA))) || \ |
3449 | | (defined(WC_ENABLE_ASYM_KEY_EXPORT) && !defined(NO_CERT)) || \ |
3450 | | (!defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)) || \ |
3451 | | (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) |
3452 | | |
3453 | | /* Set the DER/BER encoding of the ASN.1 BIT STRING header. |
3454 | | * |
3455 | | * When output is NULL, calculate the header length only. |
3456 | | * |
3457 | | * @param [in] len Length of BIT STRING data. |
3458 | | * That is, the number of least significant zero bits |
3459 | | * before a one. |
3460 | | * The last byte is the most-significant non-zero byte |
3461 | | * of a number. |
3462 | | * @param [out] output Buffer to write into. |
3463 | | * @return Number of bytes added to the buffer. |
3464 | | */ |
3465 | | word32 SetBitString(word32 len, byte unusedBits, byte* output) |
3466 | 0 | { |
3467 | 0 | word32 idx = 0; |
3468 | |
|
3469 | 0 | if (output) { |
3470 | | /* Write out tag. */ |
3471 | 0 | output[idx] = ASN_BIT_STRING; |
3472 | 0 | } |
3473 | | /* Step over tag. */ |
3474 | 0 | idx += ASN_TAG_SZ; |
3475 | | |
3476 | | /* Encode length - passing NULL for output will not encode. |
3477 | | * Add one to length for unused bits. */ |
3478 | 0 | idx += SetLength(len + 1, output ? output + idx : NULL); |
3479 | 0 | if (output) { |
3480 | | /* Write out unused bits. */ |
3481 | 0 | output[idx] = unusedBits; |
3482 | 0 | } |
3483 | | /* Skip over unused bits. */ |
3484 | 0 | idx++; |
3485 | | |
3486 | | /* Return index after header. */ |
3487 | 0 | return idx; |
3488 | 0 | } |
3489 | | #endif /* !NO_RSA || HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */ |
3490 | | |
3491 | | #ifdef ASN_BER_TO_DER |
3492 | | /* Convert BER to DER */ |
3493 | | |
3494 | | /* Pull informtation from the ASN.1 BER encoded item header */ |
3495 | | static int GetBerHeader(const byte* data, word32* idx, word32 maxIdx, |
3496 | | byte* pTag, word32* pLen, int* indef) |
3497 | | { |
3498 | | int len = 0; |
3499 | | byte tag; |
3500 | | word32 i = *idx; |
3501 | | |
3502 | | *indef = 0; |
3503 | | |
3504 | | /* Check there is enough data for a minimal header */ |
3505 | | if (i + 2 > maxIdx) { |
3506 | | return ASN_PARSE_E; |
3507 | | } |
3508 | | |
3509 | | /* Retrieve tag */ |
3510 | | tag = data[i++]; |
3511 | | |
3512 | | /* Indefinite length handled specially */ |
3513 | | if (data[i] == ASN_INDEF_LENGTH) { |
3514 | | /* Check valid tag for indefinite */ |
3515 | | if (((tag & 0xc0) == 0) && ((tag & ASN_CONSTRUCTED) == 0x00)) { |
3516 | | return ASN_PARSE_E; |
3517 | | } |
3518 | | i++; |
3519 | | *indef = 1; |
3520 | | } |
3521 | | else if (GetLength(data, &i, &len, maxIdx) < 0) { |
3522 | | return ASN_PARSE_E; |
3523 | | } |
3524 | | |
3525 | | /* Return tag, length and index after BER item header */ |
3526 | | *pTag = tag; |
3527 | | *pLen = (word32)len; |
3528 | | *idx = i; |
3529 | | return 0; |
3530 | | } |
3531 | | |
3532 | | #ifndef INDEF_ITEMS_MAX |
3533 | | #define INDEF_ITEMS_MAX 20 |
3534 | | #endif |
3535 | | |
3536 | | /* Indef length item data */ |
3537 | | typedef struct Indef { |
3538 | | word32 start; |
3539 | | int depth; |
3540 | | int headerLen; |
3541 | | word32 len; |
3542 | | } Indef; |
3543 | | |
3544 | | /* Indef length items */ |
3545 | | typedef struct IndefItems |
3546 | | { |
3547 | | Indef len[INDEF_ITEMS_MAX]; |
3548 | | int cnt; |
3549 | | int idx; |
3550 | | int depth; |
3551 | | } IndefItems; |
3552 | | |
3553 | | |
3554 | | /* Get header length of current item */ |
3555 | | static int IndefItems_HeaderLen(IndefItems* items) |
3556 | | { |
3557 | | return items->len[items->idx].headerLen; |
3558 | | } |
3559 | | |
3560 | | /* Get data length of current item */ |
3561 | | static word32 IndefItems_Len(IndefItems* items) |
3562 | | { |
3563 | | return items->len[items->idx].len; |
3564 | | } |
3565 | | |
3566 | | /* Add a indefinite length item */ |
3567 | | static int IndefItems_AddItem(IndefItems* items, word32 start) |
3568 | | { |
3569 | | int ret = 0; |
3570 | | int i; |
3571 | | |
3572 | | if (items->cnt == INDEF_ITEMS_MAX) { |
3573 | | ret = MEMORY_E; |
3574 | | } |
3575 | | else { |
3576 | | i = items->cnt++; |
3577 | | items->len[i].start = start; |
3578 | | items->len[i].depth = items->depth++; |
3579 | | items->len[i].headerLen = 1; |
3580 | | items->len[i].len = 0; |
3581 | | items->idx = i; |
3582 | | } |
3583 | | |
3584 | | return ret; |
3585 | | } |
3586 | | |
3587 | | /* Increase data length of current item */ |
3588 | | static void IndefItems_AddData(IndefItems* items, word32 length) |
3589 | | { |
3590 | | items->len[items->idx].len += length; |
3591 | | } |
3592 | | |
3593 | | /* Update header length of current item to reflect data length */ |
3594 | | static void IndefItems_UpdateHeaderLen(IndefItems* items) |
3595 | | { |
3596 | | items->len[items->idx].headerLen += |
3597 | | (int)SetLength(items->len[items->idx].len, NULL); |
3598 | | } |
3599 | | |
3600 | | /* Go to indefinite parent of current item */ |
3601 | | static void IndefItems_Up(IndefItems* items) |
3602 | | { |
3603 | | int i; |
3604 | | int depth = items->len[items->idx].depth - 1; |
3605 | | |
3606 | | for (i = items->cnt - 1; i >= 0; i--) { |
3607 | | if (items->len[i].depth == depth) { |
3608 | | break; |
3609 | | } |
3610 | | } |
3611 | | items->idx = i; |
3612 | | items->depth = depth + 1; |
3613 | | } |
3614 | | |
3615 | | /* Calculate final length by adding length of indefinite child items */ |
3616 | | static void IndefItems_CalcLength(IndefItems* items) |
3617 | | { |
3618 | | int i; |
3619 | | int idx = items->idx; |
3620 | | |
3621 | | for (i = idx + 1; i < items->cnt; i++) { |
3622 | | if (items->len[i].depth == items->depth) { |
3623 | | items->len[idx].len += (word32)items->len[i].headerLen; |
3624 | | items->len[idx].len += items->len[i].len; |
3625 | | } |
3626 | | } |
3627 | | items->len[idx].headerLen += (int)SetLength(items->len[idx].len, NULL); |
3628 | | } |
3629 | | |
3630 | | /* Add more data to indefinite length item */ |
3631 | | static void IndefItems_MoreData(IndefItems* items, word32 length) |
3632 | | { |
3633 | | if (items->cnt > 0 && items->idx >= 0) { |
3634 | | items->len[items->idx].len += length; |
3635 | | } |
3636 | | } |
3637 | | |
3638 | | /* Convert a BER encoding with indefinite length items to DER. |
3639 | | * |
3640 | | * ber BER encoded data. |
3641 | | * berSz Length of BER encoded data. |
3642 | | * der Buffer to hold DER encoded version of data. |
3643 | | * NULL indicates only the length is required. |
3644 | | * derSz The size of the buffer to hold the DER encoded data. |
3645 | | * Will be set if der is NULL, otherwise the value is checked as der is |
3646 | | * filled. |
3647 | | * returns ASN_PARSE_E if the BER data is invalid and BAD_FUNC_ARG if ber or |
3648 | | * derSz are NULL. |
3649 | | */ |
3650 | | int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz) |
3651 | | { |
3652 | | int ret = 0; |
3653 | | word32 i, j; |
3654 | | #ifdef WOLFSSL_SMALL_STACK |
3655 | | IndefItems* indefItems = NULL; |
3656 | | #else |
3657 | | IndefItems indefItems[1]; |
3658 | | #endif |
3659 | | byte tag, basic; |
3660 | | word32 length; |
3661 | | int indef; |
3662 | | |
3663 | | if (ber == NULL || derSz == NULL) |
3664 | | return BAD_FUNC_ARG; |
3665 | | |
3666 | | #ifdef WOLFSSL_SMALL_STACK |
3667 | | indefItems = (IndefItems *)XMALLOC(sizeof(IndefItems), NULL, |
3668 | | DYNAMIC_TYPE_TMP_BUFFER); |
3669 | | if (indefItems == NULL) { |
3670 | | ret = MEMORY_E; |
3671 | | goto end; |
3672 | | } |
3673 | | #endif |
3674 | | |
3675 | | XMEMSET(indefItems, 0, sizeof(*indefItems)); |
3676 | | |
3677 | | /* Calculate indefinite item lengths */ |
3678 | | for (i = 0; i < berSz; ) { |
3679 | | word32 start = i; |
3680 | | |
3681 | | /* Get next BER item */ |
3682 | | ret = GetBerHeader(ber, &i, berSz, &tag, &length, &indef); |
3683 | | if (ret != 0) { |
3684 | | goto end; |
3685 | | } |
3686 | | |
3687 | | if (indef) { |
3688 | | /* Indefinite item - add to list */ |
3689 | | ret = IndefItems_AddItem(indefItems, i); |
3690 | | if (ret != 0) { |
3691 | | goto end; |
3692 | | } |
3693 | | |
3694 | | if ((tag & 0xC0) == 0 && |
3695 | | tag != (ASN_SEQUENCE | ASN_CONSTRUCTED) && |
3696 | | tag != (ASN_SET | ASN_CONSTRUCTED)) { |
3697 | | /* Constructed basic type - get repeating tag */ |
3698 | | basic = (byte)(tag & (~ASN_CONSTRUCTED)); |
3699 | | |
3700 | | /* Add up lengths of each item below */ |
3701 | | for (; i < berSz; ) { |
3702 | | /* Get next BER_item */ |
3703 | | ret = GetBerHeader(ber, &i, berSz, &tag, &length, &indef); |
3704 | | if (ret != 0) { |
3705 | | goto end; |
3706 | | } |
3707 | | |
3708 | | /* End of content closes item */ |
3709 | | if (tag == ASN_EOC) { |
3710 | | /* Must be zero length */ |
3711 | | if (length != 0) { |
3712 | | ret = ASN_PARSE_E; |
3713 | | goto end; |
3714 | | } |
3715 | | break; |
3716 | | } |
3717 | | |
3718 | | /* Must not be indefinite and tag must match parent */ |
3719 | | if (indef || tag != basic) { |
3720 | | ret = ASN_PARSE_E; |
3721 | | goto end; |
3722 | | } |
3723 | | |
3724 | | /* Add to length */ |
3725 | | IndefItems_AddData(indefItems, length); |
3726 | | /* Skip data */ |
3727 | | i += length; |
3728 | | } |
3729 | | |
3730 | | /* Ensure we got an EOC and not end of data */ |
3731 | | if (tag != ASN_EOC) { |
3732 | | ret = ASN_PARSE_E; |
3733 | | goto end; |
3734 | | } |
3735 | | |
3736 | | /* Set the header length to include the length field */ |
3737 | | IndefItems_UpdateHeaderLen(indefItems); |
3738 | | /* Go to indefinite parent item */ |
3739 | | IndefItems_Up(indefItems); |
3740 | | } |
3741 | | } |
3742 | | else if (tag == ASN_EOC) { |
3743 | | /* End-of-content must be 0 length */ |
3744 | | if (length != 0) { |
3745 | | ret = ASN_PARSE_E; |
3746 | | goto end; |
3747 | | } |
3748 | | /* Check there is an item to close - missing EOC */ |
3749 | | if (indefItems->depth == 0) { |
3750 | | ret = ASN_PARSE_E; |
3751 | | goto end; |
3752 | | } |
3753 | | |
3754 | | /* Finish calculation of data length for indefinite item */ |
3755 | | IndefItems_CalcLength(indefItems); |
3756 | | /* Go to indefinite parent item */ |
3757 | | IndefItems_Up(indefItems); |
3758 | | } |
3759 | | else { |
3760 | | /* Known length item to add in - make sure enough data for it */ |
3761 | | if (i + length > berSz) { |
3762 | | ret = ASN_PARSE_E; |
3763 | | goto end; |
3764 | | } |
3765 | | |
3766 | | /* Include all data - can't have indefinite inside definite */ |
3767 | | i += length; |
3768 | | /* Add entire item to current indefinite item */ |
3769 | | IndefItems_MoreData(indefItems, i - start); |
3770 | | } |
3771 | | } |
3772 | | /* Check we had a EOC for each indefinite item */ |
3773 | | if (indefItems->depth != 0) { |
3774 | | ret = ASN_PARSE_E; |
3775 | | goto end; |
3776 | | } |
3777 | | |
3778 | | /* Write out DER */ |
3779 | | |
3780 | | j = 0; |
3781 | | /* Reset index */ |
3782 | | indefItems->idx = 0; |
3783 | | for (i = 0; i < berSz; ) { |
3784 | | word32 start = i; |
3785 | | |
3786 | | /* Get item - checked above */ |
3787 | | (void)GetBerHeader(ber, &i, berSz, &tag, &length, &indef); |
3788 | | if (indef) { |
3789 | | if (der != NULL) { |
3790 | | /* Check enough space for header */ |
3791 | | if (j + (word32)IndefItems_HeaderLen(indefItems) > *derSz) { |
3792 | | ret = BUFFER_E; |
3793 | | goto end; |
3794 | | } |
3795 | | |
3796 | | if ((tag & 0xC0) == 0 && |
3797 | | tag != (ASN_SEQUENCE | ASN_CONSTRUCTED) && |
3798 | | tag != (ASN_SET | ASN_CONSTRUCTED)) { |
3799 | | /* Remove constructed tag for basic types */ |
3800 | | tag &= (byte)~ASN_CONSTRUCTED; |
3801 | | } |
3802 | | /* Add tag and length */ |
3803 | | der[j] = tag; |
3804 | | (void)SetLength(IndefItems_Len(indefItems), der + j + 1); |
3805 | | } |
3806 | | /* Add header length of indefinite item */ |
3807 | | j += (word32)IndefItems_HeaderLen(indefItems); |
3808 | | |
3809 | | if ((tag & 0xC0) == 0 && |
3810 | | tag != (ASN_SEQUENCE | ASN_CONSTRUCTED) && |
3811 | | tag != (ASN_SET | ASN_CONSTRUCTED)) { |
3812 | | /* For basic type - get each child item and add data */ |
3813 | | for (; i < berSz; ) { |
3814 | | (void)GetBerHeader(ber, &i, berSz, &tag, &length, &indef); |
3815 | | if (tag == ASN_EOC) { |
3816 | | break; |
3817 | | } |
3818 | | if (der != NULL) { |
3819 | | if (j + length > *derSz) { |
3820 | | ret = BUFFER_E; |
3821 | | goto end; |
3822 | | } |
3823 | | XMEMCPY(der + j, ber + i, length); |
3824 | | } |
3825 | | j += length; |
3826 | | i += length; |
3827 | | } |
3828 | | } |
3829 | | |
3830 | | /* Move to next indef item in list */ |
3831 | | indefItems->idx++; |
3832 | | } |
3833 | | else if (tag == ASN_EOC) { |
3834 | | /* End-Of-Content is not written out in DER */ |
3835 | | } |
3836 | | else { |
3837 | | /* Write out definite length item as is. */ |
3838 | | i += length; |
3839 | | if (der != NULL) { |
3840 | | /* Ensure space for item */ |
3841 | | if (j + i - start > *derSz) { |
3842 | | ret = BUFFER_E; |
3843 | | goto end; |
3844 | | } |
3845 | | /* Copy item as is */ |
3846 | | XMEMCPY(der + j, ber + start, i - start); |
3847 | | } |
3848 | | j += i - start; |
3849 | | } |
3850 | | } |
3851 | | |
3852 | | /* Return the length of the DER encoded ASN.1 */ |
3853 | | *derSz = j; |
3854 | | if (der == NULL) { |
3855 | | ret = LENGTH_ONLY_E; |
3856 | | } |
3857 | | end: |
3858 | | #ifdef WOLFSSL_SMALL_STACK |
3859 | | if (indefItems != NULL) { |
3860 | | XFREE(indefItems, NULL, DYNAMIC_TYPE_TMP_BUFFER); |
3861 | | } |
3862 | | #endif |
3863 | | return ret; |
3864 | | } |
3865 | | #endif |
3866 | | |
3867 | | #ifndef WOLFSSL_ASN_TEMPLATE |
3868 | | #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) |
3869 | | /* Set the DER/BER encoding of the ASN.1 BIT_STRING with a 16-bit value. |
3870 | | * |
3871 | | * val 16-bit value to encode. |
3872 | | * output Buffer to write into. |
3873 | | * returns the number of bytes added to the buffer. |
3874 | | */ |
3875 | | static word32 SetBitString16Bit(word16 val, byte* output) |
3876 | | { |
3877 | | word32 idx; |
3878 | | int len; |
3879 | | byte lastByte; |
3880 | | byte unusedBits = 0; |
3881 | | |
3882 | | if ((val >> 8) != 0) { |
3883 | | len = 2; |
3884 | | lastByte = (byte)(val >> 8); |
3885 | | } |
3886 | | else { |
3887 | | len = 1; |
3888 | | lastByte = (byte)val; |
3889 | | } |
3890 | | |
3891 | | while (((lastByte >> unusedBits) & 0x01) == 0x00) |
3892 | | unusedBits++; |
3893 | | |
3894 | | idx = SetBitString((word32)len, unusedBits, output); |
3895 | | output[idx++] = (byte)val; |
3896 | | if (len > 1) |
3897 | | output[idx++] = (byte)(val >> 8); |
3898 | | |
3899 | | return idx; |
3900 | | } |
3901 | | #endif /* WOLFSSL_CERT_EXT || WOLFSSL_CERT_GEN */ |
3902 | | #endif /* !WOLFSSL_ASN_TEMPLATE */ |
3903 | | |
3904 | | /* hashType */ |
3905 | | #ifdef WOLFSSL_MD2 |
3906 | | static const byte hashMd2hOid[] = {42, 134, 72, 134, 247, 13, 2, 2}; |
3907 | | #endif |
3908 | | #ifndef NO_MD5 |
3909 | | static const byte hashMd5hOid[] = {42, 134, 72, 134, 247, 13, 2, 5}; |
3910 | | #endif |
3911 | | #ifndef NO_SHA |
3912 | | static const byte hashSha1hOid[] = {43, 14, 3, 2, 26}; |
3913 | | #endif |
3914 | | #ifdef WOLFSSL_SHA224 |
3915 | | static const byte hashSha224hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 4}; |
3916 | | #endif |
3917 | | #ifndef NO_SHA256 |
3918 | | static const byte hashSha256hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 1}; |
3919 | | #endif |
3920 | | #ifdef WOLFSSL_SHA384 |
3921 | | static const byte hashSha384hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 2}; |
3922 | | #endif |
3923 | | #ifdef WOLFSSL_SHA512 |
3924 | | static const byte hashSha512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 3}; |
3925 | | #ifndef WOLFSSL_NOSHA512_224 |
3926 | | static const byte hashSha512_224hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 5}; |
3927 | | #endif |
3928 | | #ifndef WOLFSSL_NOSHA512_256 |
3929 | | static const byte hashSha512_256hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 6}; |
3930 | | #endif |
3931 | | #endif |
3932 | | #ifdef WOLFSSL_SHA3 |
3933 | | #ifndef WOLFSSL_NOSHA3_224 |
3934 | | static const byte hashSha3_224hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 7}; |
3935 | | #endif /* WOLFSSL_NOSHA3_224 */ |
3936 | | #ifndef WOLFSSL_NOSHA3_256 |
3937 | | static const byte hashSha3_256hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 8}; |
3938 | | #endif /* WOLFSSL_NOSHA3_256 */ |
3939 | | #ifndef WOLFSSL_NOSHA3_384 |
3940 | | static const byte hashSha3_384hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 9}; |
3941 | | #endif /* WOLFSSL_NOSHA3_384 */ |
3942 | | #ifndef WOLFSSL_NOSHA3_512 |
3943 | | static const byte hashSha3_512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 10}; |
3944 | | #endif /* WOLFSSL_NOSHA3_512 */ |
3945 | | #endif /* WOLFSSL_SHA3 */ |
3946 | | |
3947 | | /* hmacType */ |
3948 | | #ifndef NO_HMAC |
3949 | | #ifdef WOLFSSL_SHA224 |
3950 | | static const byte hmacSha224Oid[] = {42, 134, 72, 134, 247, 13, 2, 8}; |
3951 | | #endif |
3952 | | #ifndef NO_SHA256 |
3953 | | static const byte hmacSha256Oid[] = {42, 134, 72, 134, 247, 13, 2, 9}; |
3954 | | #endif |
3955 | | #ifdef WOLFSSL_SHA384 |
3956 | | static const byte hmacSha384Oid[] = {42, 134, 72, 134, 247, 13, 2, 10}; |
3957 | | #endif |
3958 | | #ifdef WOLFSSL_SHA512 |
3959 | | static const byte hmacSha512Oid[] = {42, 134, 72, 134, 247, 13, 2, 11}; |
3960 | | #endif |
3961 | | #endif |
3962 | | |
3963 | | /* sigType */ |
3964 | | #if !defined(NO_DSA) && !defined(NO_SHA) |
3965 | | static const byte sigSha1wDsaOid[] = {42, 134, 72, 206, 56, 4, 3}; |
3966 | | static const byte sigSha256wDsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 2}; |
3967 | | #endif /* NO_DSA */ |
3968 | | #ifndef NO_RSA |
3969 | | #ifdef WOLFSSL_MD2 |
3970 | | static const byte sigMd2wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 2}; |
3971 | | #endif |
3972 | | #ifndef NO_MD5 |
3973 | | static const byte sigMd5wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 4}; |
3974 | | #endif |
3975 | | #ifndef NO_SHA |
3976 | | static const byte sigSha1wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 5}; |
3977 | | #endif |
3978 | | #ifdef WOLFSSL_SHA224 |
3979 | | static const byte sigSha224wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,14}; |
3980 | | #endif |
3981 | | #ifndef NO_SHA256 |
3982 | | static const byte sigSha256wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,11}; |
3983 | | #endif |
3984 | | #ifdef WOLFSSL_SHA384 |
3985 | | static const byte sigSha384wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,12}; |
3986 | | #endif |
3987 | | #ifdef WOLFSSL_SHA512 |
3988 | | static const byte sigSha512wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,13}; |
3989 | | #endif |
3990 | | #ifdef WOLFSSL_SHA3 |
3991 | | #ifndef WOLFSSL_NOSHA3_224 |
3992 | | static const byte sigSha3_224wRsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 13}; |
3993 | | #endif |
3994 | | #ifndef WOLFSSL_NOSHA3_256 |
3995 | | static const byte sigSha3_256wRsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 14}; |
3996 | | #endif |
3997 | | #ifndef WOLFSSL_NOSHA3_384 |
3998 | | static const byte sigSha3_384wRsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 15}; |
3999 | | #endif |
4000 | | #ifndef WOLFSSL_NOSHA3_512 |
4001 | | static const byte sigSha3_512wRsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 16}; |
4002 | | #endif |
4003 | | #endif |
4004 | | #ifdef WC_RSA_PSS |
4005 | | static const byte sigRsaSsaPssOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 10}; |
4006 | | #endif |
4007 | | #endif /* NO_RSA */ |
4008 | | #ifdef HAVE_ECC |
4009 | | #ifndef NO_SHA |
4010 | | static const byte sigSha1wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 1}; |
4011 | | #endif |
4012 | | #ifdef WOLFSSL_SHA224 |
4013 | | static const byte sigSha224wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 1}; |
4014 | | #endif |
4015 | | #ifndef NO_SHA256 |
4016 | | static const byte sigSha256wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 2}; |
4017 | | #endif |
4018 | | #ifdef WOLFSSL_SHA384 |
4019 | | static const byte sigSha384wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 3}; |
4020 | | #endif |
4021 | | #ifdef WOLFSSL_SHA512 |
4022 | | static const byte sigSha512wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 4}; |
4023 | | #endif |
4024 | | #ifdef WOLFSSL_SHA3 |
4025 | | #ifndef WOLFSSL_NOSHA3_224 |
4026 | | static const byte sigSha3_224wEcdsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 9}; |
4027 | | #endif |
4028 | | #ifndef WOLFSSL_NOSHA3_256 |
4029 | | static const byte sigSha3_256wEcdsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 10}; |
4030 | | #endif |
4031 | | #ifndef WOLFSSL_NOSHA3_384 |
4032 | | static const byte sigSha3_384wEcdsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 11}; |
4033 | | #endif |
4034 | | #ifndef WOLFSSL_NOSHA3_512 |
4035 | | static const byte sigSha3_512wEcdsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 12}; |
4036 | | #endif |
4037 | | #endif |
4038 | | #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) |
4039 | | /* 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75 */ |
4040 | | static const byte sigSm3wSm2Oid[] = {42, 129, 28, 207, 85, 1, 131, 117}; |
4041 | | #endif |
4042 | | #endif /* HAVE_ECC */ |
4043 | | #ifdef HAVE_ED25519 |
4044 | | static const byte sigEd25519Oid[] = {43, 101, 112}; |
4045 | | #endif /* HAVE_ED25519 */ |
4046 | | #ifdef HAVE_ED448 |
4047 | | static const byte sigEd448Oid[] = {43, 101, 113}; |
4048 | | #endif /* HAVE_ED448 */ |
4049 | | #ifdef HAVE_PQC |
4050 | | #ifdef HAVE_FALCON |
4051 | | /* Falcon Level 1: 1 3 9999 3 1 */ |
4052 | | static const byte sigFalcon_Level1Oid[] = {43, 206, 15, 3, 1}; |
4053 | | |
4054 | | /* Falcon Level 5: 1 3 9999 3 4 */ |
4055 | | static const byte sigFalcon_Level5Oid[] = {43, 206, 15, 3, 4}; |
4056 | | #endif /* HAVE_FACON */ |
4057 | | #ifdef HAVE_DILITHIUM |
4058 | | /* Dilithium Level 2: 1.3.6.1.4.1.2.267.7.4.4 */ |
4059 | | static const byte sigDilithium_Level2Oid[] = |
4060 | | {43, 6, 1, 4, 1, 2, 130, 11, 7, 4, 4}; |
4061 | | |
4062 | | /* Dilithium Level 3: 1.3.6.1.4.1.2.267.7.6.5 */ |
4063 | | static const byte sigDilithium_Level3Oid[] = |
4064 | | {43, 6, 1, 4, 1, 2, 130, 11, 7, 6, 5}; |
4065 | | |
4066 | | /* Dilithium Level 5: 1.3.6.1.4.1.2.267.7.8.7 */ |
4067 | | static const byte sigDilithium_Level5Oid[] = |
4068 | | {43, 6, 1, 4, 1, 2, 130, 11, 7, 8, 7}; |
4069 | | #endif /* HAVE_DILITHIUM */ |
4070 | | #ifdef HAVE_SPHINCS |
4071 | | /* Sphincs Fast Level 1: 1 3 9999 6 7 4 */ |
4072 | | static const byte sigSphincsFast_Level1Oid[] = |
4073 | | {43, 206, 15, 6, 7, 4}; |
4074 | | |
4075 | | /* Sphincs Fast Level 3: 1 3 9999 6 8 3 */ |
4076 | | static const byte sigSphincsFast_Level3Oid[] = |
4077 | | {43, 206, 15, 6, 8, 3}; |
4078 | | |
4079 | | /* Sphincs Fast Level 5: 1 3 9999 6 9 3 */ |
4080 | | static const byte sigSphincsFast_Level5Oid[] = |
4081 | | {43, 206, 15, 6, 9, 3}; |
4082 | | |
4083 | | /* Sphincs Small Level 1: 1 3 9999 6 7 10 */ |
4084 | | static const byte sigSphincsSmall_Level1Oid[] = |
4085 | | {43, 206, 15, 6, 7, 10}; |
4086 | | |
4087 | | /* Sphincs Small Level 3: 1 3 9999 6 8 7 */ |
4088 | | static const byte sigSphincsSmall_Level3Oid[] = |
4089 | | {43, 206, 15, 6, 8, 7}; |
4090 | | |
4091 | | /* Sphincs Small Level 5: 1 3 9999 6 9 7 */ |
4092 | | static const byte sigSphincsSmall_Level5Oid[] = |
4093 | | {43, 206, 15, 6, 9, 7}; |
4094 | | #endif /* HAVE_SPHINCS */ |
4095 | | #endif /* HAVE_PQC */ |
4096 | | |
4097 | | /* keyType */ |
4098 | | #ifndef NO_DSA |
4099 | | static const byte keyDsaOid[] = {42, 134, 72, 206, 56, 4, 1}; |
4100 | | #endif /* NO_DSA */ |
4101 | | #ifndef NO_RSA |
4102 | | static const byte keyRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 1}; |
4103 | | #ifdef WC_RSA_PSS |
4104 | | static const byte keyRsaPssOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 10}; |
4105 | | #endif |
4106 | | #endif /* NO_RSA */ |
4107 | | #ifdef HAVE_ECC |
4108 | | static const byte keyEcdsaOid[] = {42, 134, 72, 206, 61, 2, 1}; |
4109 | | #endif /* HAVE_ECC */ |
4110 | | #ifdef HAVE_ED25519 |
4111 | | static const byte keyEd25519Oid[] = {43, 101, 112}; |
4112 | | #endif /* HAVE_ED25519 */ |
4113 | | #ifdef HAVE_CURVE25519 |
4114 | | static const byte keyCurve25519Oid[] = {43, 101, 110}; |
4115 | | #endif |
4116 | | #ifdef HAVE_ED448 |
4117 | | static const byte keyEd448Oid[] = {43, 101, 113}; |
4118 | | #endif /* HAVE_ED448 */ |
4119 | | #ifdef HAVE_CURVE448 |
4120 | | static const byte keyCurve448Oid[] = {43, 101, 111}; |
4121 | | #endif /* HAVE_CURVE448 */ |
4122 | | #ifndef NO_DH |
4123 | | static const byte keyDhOid[] = {42, 134, 72, 134, 247, 13, 1, 3, 1}; |
4124 | | #endif /* !NO_DH */ |
4125 | | #ifdef HAVE_PQC |
4126 | | #ifdef HAVE_FALCON |
4127 | | /* Falcon Level 1: 1 3 9999 3 1 */ |
4128 | | static const byte keyFalcon_Level1Oid[] = {43, 206, 15, 3, 1}; |
4129 | | |
4130 | | /* Falcon Level 5: 1 3 9999 3 4 */ |
4131 | | static const byte keyFalcon_Level5Oid[] = {43, 206, 15, 3, 4}; |
4132 | | #endif /* HAVE_FALCON */ |
4133 | | #ifdef HAVE_DILITHIUM |
4134 | | /* Dilithium Level 2: 1.3.6.1.4.1.2.267.7.4.4 */ |
4135 | | static const byte keyDilithium_Level2Oid[] = |
4136 | | {43, 6, 1, 4, 1, 2, 130, 11, 7, 4, 4}; |
4137 | | |
4138 | | /* Dilithium Level 3: 1.3.6.1.4.1.2.267.7.6.5 */ |
4139 | | static const byte keyDilithium_Level3Oid[] = |
4140 | | {43, 6, 1, 4, 1, 2, 130, 11, 7, 6, 5}; |
4141 | | |
4142 | | /* Dilithium Level 5: 1.3.6.1.4.1.2.267.7.8.7 */ |
4143 | | static const byte keyDilithium_Level5Oid[] = |
4144 | | {43, 6, 1, 4, 1, 2, 130, 11, 7, 8, 7}; |
4145 | | #endif /* HAVE_DILITHIUM */ |
4146 | | #ifdef HAVE_SPHINCS |
4147 | | /* Sphincs Fast Level 1: 1 3 9999 6 7 4 */ |
4148 | | static const byte keySphincsFast_Level1Oid[] = |
4149 | | {43, 206, 15, 6, 7, 4}; |
4150 | | |
4151 | | /* Sphincs Fast Level 3: 1 3 9999 6 8 3 */ |
4152 | | static const byte keySphincsFast_Level3Oid[] = |
4153 | | {43, 206, 15, 6, 8, 3}; |
4154 | | |
4155 | | /* Sphincs Fast Level 5: 1 3 9999 6 9 3 */ |
4156 | | static const byte keySphincsFast_Level5Oid[] = |
4157 | | {43, 206, 15, 6, 9, 3}; |
4158 | | |
4159 | | /* Sphincs Small Level 1: 1 3 9999 6 7 10 */ |
4160 | | static const byte keySphincsSmall_Level1Oid[] = |
4161 | | {43, 206, 15, 6, 7, 10}; |
4162 | | |
4163 | | /* Sphincs Small Level 3: 1 3 9999 6 8 7 */ |
4164 | | static const byte keySphincsSmall_Level3Oid[] = |
4165 | | {43, 206, 15, 6, 8, 7}; |
4166 | | |
4167 | | /* Sphincs Small Level 5: 1 3 9999 6 9 7 */ |
4168 | | static const byte keySphincsSmall_Level5Oid[] = |
4169 | | {43, 206, 15, 6, 9, 7}; |
4170 | | #endif /* HAVE_SPHINCS */ |
4171 | | #endif /* HAVE_PQC */ |
4172 | | |
4173 | | /* curveType */ |
4174 | | #ifdef HAVE_ECC |
4175 | | /* See "ecc_sets" table in ecc.c */ |
4176 | | #endif /* HAVE_ECC */ |
4177 | | |
4178 | | #ifdef HAVE_AES_CBC |
4179 | | /* blkType */ |
4180 | | #ifdef WOLFSSL_AES_128 |
4181 | | static const byte blkAes128CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 2}; |
4182 | | #endif |
4183 | | #ifdef WOLFSSL_AES_192 |
4184 | | static const byte blkAes192CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 22}; |
4185 | | #endif |
4186 | | #ifdef WOLFSSL_AES_256 |
4187 | | static const byte blkAes256CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 42}; |
4188 | | #endif |
4189 | | #endif /* HAVE_AES_CBC */ |
4190 | | #ifdef HAVE_AESGCM |
4191 | | #ifdef WOLFSSL_AES_128 |
4192 | | static const byte blkAes128GcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 6}; |
4193 | | #endif |
4194 | | #ifdef WOLFSSL_AES_192 |
4195 | | static const byte blkAes192GcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 26}; |
4196 | | #endif |
4197 | | #ifdef WOLFSSL_AES_256 |
4198 | | static const byte blkAes256GcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 46}; |
4199 | | #endif |
4200 | | #endif /* HAVE_AESGCM */ |
4201 | | #ifdef HAVE_AESCCM |
4202 | | #ifdef WOLFSSL_AES_128 |
4203 | | static const byte blkAes128CcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 7}; |
4204 | | #endif |
4205 | | #ifdef WOLFSSL_AES_192 |
4206 | | static const byte blkAes192CcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 27}; |
4207 | | #endif |
4208 | | #ifdef WOLFSSL_AES_256 |
4209 | | static const byte blkAes256CcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 47}; |
4210 | | #endif |
4211 | | #endif /* HAVE_AESCCM */ |
4212 | | |
4213 | | #ifndef NO_DES3 |
4214 | | static const byte blkDesCbcOid[] = {43, 14, 3, 2, 7}; |
4215 | | static const byte blkDes3CbcOid[] = {42, 134, 72, 134, 247, 13, 3, 7}; |
4216 | | #endif |
4217 | | |
4218 | | /* keyWrapType */ |
4219 | | #ifdef WOLFSSL_AES_128 |
4220 | | static const byte wrapAes128Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 5}; |
4221 | | #endif |
4222 | | #ifdef WOLFSSL_AES_192 |
4223 | | static const byte wrapAes192Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 25}; |
4224 | | #endif |
4225 | | #ifdef WOLFSSL_AES_256 |
4226 | | static const byte wrapAes256Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 45}; |
4227 | | #endif |
4228 | | #ifdef HAVE_PKCS7 |
4229 | | /* From RFC 3211 */ |
4230 | | static const byte wrapPwriKekOid[] = {42, 134, 72, 134, 247, 13, 1, 9, 16, 3,9}; |
4231 | | #endif |
4232 | | |
4233 | | /* cmsKeyAgreeType */ |
4234 | | #ifndef NO_SHA |
4235 | | static const byte dhSinglePass_stdDH_sha1kdf_Oid[] = |
4236 | | {43, 129, 5, 16, 134, 72, 63, 0, 2}; |
4237 | | #endif |
4238 | | #ifdef WOLFSSL_SHA224 |
4239 | | static const byte dhSinglePass_stdDH_sha224kdf_Oid[] = {43, 129, 4, 1, 11, 0}; |
4240 | | #endif |
4241 | | #ifndef NO_SHA256 |
4242 | | static const byte dhSinglePass_stdDH_sha256kdf_Oid[] = {43, 129, 4, 1, 11, 1}; |
4243 | | #endif |
4244 | | #ifdef WOLFSSL_SHA384 |
4245 | | static const byte dhSinglePass_stdDH_sha384kdf_Oid[] = {43, 129, 4, 1, 11, 2}; |
4246 | | #endif |
4247 | | #ifdef WOLFSSL_SHA512 |
4248 | | static const byte dhSinglePass_stdDH_sha512kdf_Oid[] = {43, 129, 4, 1, 11, 3}; |
4249 | | #endif |
4250 | | |
4251 | | /* ocspType */ |
4252 | | #ifdef HAVE_OCSP |
4253 | | static const byte ocspBasicOid[] = {43, 6, 1, 5, 5, 7, 48, 1, 1}; |
4254 | | static const byte ocspNonceOid[] = {43, 6, 1, 5, 5, 7, 48, 1, 2}; |
4255 | | static const byte ocspNoCheckOid[] = {43, 6, 1, 5, 5, 7, 48, 1, 5}; |
4256 | | #endif /* HAVE_OCSP */ |
4257 | | |
4258 | | /* certExtType */ |
4259 | | static const byte extBasicCaOid[] = {85, 29, 19}; |
4260 | | static const byte extAltNamesOid[] = {85, 29, 17}; |
4261 | | static const byte extCrlDistOid[] = {85, 29, 31}; |
4262 | | static const byte extAuthInfoOid[] = {43, 6, 1, 5, 5, 7, 1, 1}; |
4263 | | static const byte extAuthKeyOid[] = {85, 29, 35}; |
4264 | | static const byte extSubjKeyOid[] = {85, 29, 14}; |
4265 | | static const byte extCertPolicyOid[] = {85, 29, 32}; |
4266 | | static const byte extKeyUsageOid[] = {85, 29, 15}; |
4267 | | static const byte extInhibitAnyOid[] = {85, 29, 54}; |
4268 | | static const byte extExtKeyUsageOid[] = {85, 29, 37}; |
4269 | | #ifndef IGNORE_NAME_CONSTRAINTS |
4270 | | static const byte extNameConsOid[] = {85, 29, 30}; |
4271 | | #endif |
4272 | | #ifdef HAVE_CRL |
4273 | | static const byte extCrlNumberOid[] = {85, 29, 20}; |
4274 | | #endif |
4275 | | #ifdef WOLFSSL_SUBJ_DIR_ATTR |
4276 | | static const byte extSubjDirAttrOid[] = {85, 29, 9}; |
4277 | | #endif |
4278 | | #ifdef WOLFSSL_SUBJ_INFO_ACC |
4279 | | static const byte extSubjInfoAccessOid[] = {43, 6, 1, 5, 5, 7, 1, 11}; |
4280 | | #endif |
4281 | | |
4282 | | /* certAuthInfoType */ |
4283 | | static const byte extAuthInfoOcspOid[] = {43, 6, 1, 5, 5, 7, 48, 1}; |
4284 | | static const byte extAuthInfoCaIssuerOid[] = {43, 6, 1, 5, 5, 7, 48, 2}; |
4285 | | #ifdef WOLFSSL_SUBJ_INFO_ACC |
4286 | | static const byte extAuthInfoCaRespOid[] = {43, 6, 1, 5, 5, 7, 48, 5}; |
4287 | | #endif /* WOLFSSL_SUBJ_INFO_ACC */ |
4288 | | |
4289 | | /* certPolicyType */ |
4290 | | static const byte extCertPolicyAnyOid[] = {85, 29, 32, 0}; |
4291 | | #ifdef WOLFSSL_FPKI |
4292 | | #define CERT_POLICY_TYPE_OID_BASE(num) {96, 134, 72, 1, 101, 3, 2, 1, 3, num} |
4293 | | static const byte extCertPolicyFpkiCommonAuthOid[] = |
4294 | | CERT_POLICY_TYPE_OID_BASE(13); |
4295 | | static const byte extCertPolicyFpkiPivAuthOid[] = |
4296 | | CERT_POLICY_TYPE_OID_BASE(40); |
4297 | | static const byte extCertPolicyFpkiPivAuthHwOid[] = |
4298 | | CERT_POLICY_TYPE_OID_BASE(41); |
4299 | | static const byte extCertPolicyFpkiPiviAuthOid[] = |
4300 | | CERT_POLICY_TYPE_OID_BASE(45); |
4301 | | #endif /* WOLFSSL_FPKI */ |
4302 | | |
4303 | | /* certAltNameType */ |
4304 | | static const byte extAltNamesHwNameOid[] = {43, 6, 1, 5, 5, 7, 8, 4}; |
4305 | | |
4306 | | /* certKeyUseType */ |
4307 | | static const byte extExtKeyUsageAnyOid[] = {85, 29, 37, 0}; |
4308 | | static const byte extExtKeyUsageServerAuthOid[] = {43, 6, 1, 5, 5, 7, 3, 1}; |
4309 | | static const byte extExtKeyUsageClientAuthOid[] = {43, 6, 1, 5, 5, 7, 3, 2}; |
4310 | | static const byte extExtKeyUsageCodeSigningOid[] = {43, 6, 1, 5, 5, 7, 3, 3}; |
4311 | | static const byte extExtKeyUsageEmailProtectOid[] = {43, 6, 1, 5, 5, 7, 3, 4}; |
4312 | | static const byte extExtKeyUsageTimestampOid[] = {43, 6, 1, 5, 5, 7, 3, 8}; |
4313 | | static const byte extExtKeyUsageOcspSignOid[] = {43, 6, 1, 5, 5, 7, 3, 9}; |
4314 | | #ifdef WOLFSSL_WOLFSSH |
4315 | | #define EXT_KEY_USAGE_OID_BASE(num) {43, 6, 1, 5, 5, 7, 3, num} |
4316 | | static const byte extExtKeyUsageSshClientAuthOid[] = |
4317 | | EXT_KEY_USAGE_OID_BASE(21); |
4318 | | static const byte extExtKeyUsageSshMSCLOid[] = |
4319 | | {43, 6, 1, 4, 1, 130, 55, 20, 2, 2}; |
4320 | | static const byte extExtKeyUsageSshKpClientAuthOid[] = |
4321 | | {43, 6, 1, 5, 2, 3, 4}; |
4322 | | #endif /* WOLFSSL_WOLFSSH */ |
4323 | | |
4324 | | #ifdef WOLFSSL_SUBJ_DIR_ATTR |
4325 | | #define SUBJ_DIR_ATTR_TYPE_OID_BASE(num) {43, 6, 1, 5, 5, 7, 9, num} |
4326 | | static const byte extSubjDirAttrDobOid[] = SUBJ_DIR_ATTR_TYPE_OID_BASE(1); |
4327 | | static const byte extSubjDirAttrPobOid[] = SUBJ_DIR_ATTR_TYPE_OID_BASE(2); |
4328 | | static const byte extSubjDirAttrGenderOid[] = |
4329 | | SUBJ_DIR_ATTR_TYPE_OID_BASE(3); |
4330 | | static const byte extSubjDirAttrCocOid[] = SUBJ_DIR_ATTR_TYPE_OID_BASE(4); |
4331 | | static const byte extSubjDirAttrCorOid[] = SUBJ_DIR_ATTR_TYPE_OID_BASE(5); |
4332 | | #endif |
4333 | | |
4334 | | #if defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_GEN) || \ |
4335 | | defined(WOLFSSL_ASN_TEMPLATE) || defined(OPENSSL_EXTRA) || \ |
4336 | | defined(OPENSSL_EXTRA_X509_SMALL) |
4337 | | /* csrAttrType */ |
4338 | | #define CSR_ATTR_TYPE_OID_BASE(num) {42, 134, 72, 134, 247, 13, 1, 9, num} |
4339 | | #if !defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_GEN) || \ |
4340 | | defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ |
4341 | | defined(WOLFSSL_ASN_TEMPLATE) |
4342 | | static const byte attrEmailOid[] = CSR_ATTR_TYPE_OID_BASE(1); |
4343 | | #endif |
4344 | | #ifdef WOLFSSL_CERT_REQ |
4345 | | static const byte attrUnstructuredNameOid[] = CSR_ATTR_TYPE_OID_BASE(2); |
4346 | | static const byte attrPkcs9ContentTypeOid[] = CSR_ATTR_TYPE_OID_BASE(3); |
4347 | | static const byte attrChallengePasswordOid[] = CSR_ATTR_TYPE_OID_BASE(7); |
4348 | | static const byte attrExtensionRequestOid[] = CSR_ATTR_TYPE_OID_BASE(14); |
4349 | | static const byte attrSerialNumberOid[] = {85, 4, 5}; |
4350 | | static const byte attrDnQualifier[] = {85, 4, 46}; |
4351 | | static const byte attrInitals[] = {85, 4, 43}; |
4352 | | static const byte attrSurname[] = {85, 4, 4}; |
4353 | | static const byte attrGivenName[] = {85, 4, 42}; |
4354 | | #endif |
4355 | | #endif |
4356 | | |
4357 | | /* kdfType */ |
4358 | | static const byte pbkdf2Oid[] = {42, 134, 72, 134, 247, 13, 1, 5, 12}; |
4359 | | |
4360 | | /* PKCS5 */ |
4361 | | #if !defined(NO_DES3) && !defined(NO_MD5) |
4362 | | static const byte pbeMd5Des[] = {42, 134, 72, 134, 247, 13, 1, 5, 3}; |
4363 | | #endif |
4364 | | #if !defined(NO_DES3) && !defined(NO_SHA) |
4365 | | static const byte pbeSha1Des[] = {42, 134, 72, 134, 247, 13, 1, 5, 10}; |
4366 | | #endif |
4367 | | static const byte pbes2[] = {42, 134, 72, 134, 247, 13, 1, 5, 13}; |
4368 | | |
4369 | | /* PKCS12 */ |
4370 | | #if !defined(NO_RC4) && !defined(NO_SHA) |
4371 | | static const byte pbeSha1RC4128[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 1}; |
4372 | | #endif |
4373 | | #if !defined(NO_DES3) && !defined(NO_SHA) |
4374 | | static const byte pbeSha1Des3[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 3}; |
4375 | | #endif |
4376 | | #if defined(WC_RC2) && !defined(NO_SHA) |
4377 | | static const byte pbe40Rc2Cbc[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 6}; |
4378 | | #endif |
4379 | | |
4380 | | #ifdef HAVE_LIBZ |
4381 | | /* zlib compression */ |
4382 | | static const byte zlibCompress[] = {42, 134, 72, 134, 247, 13, 1, 9, 16, 3, 8}; |
4383 | | #endif |
4384 | | #ifdef WOLFSSL_APACHE_HTTPD |
4385 | | /* tlsExtType */ |
4386 | | static const byte tlsFeatureOid[] = {43, 6, 1, 5, 5, 7, 1, 24}; |
4387 | | /* certNameType */ |
4388 | | static const byte dnsSRVOid[] = {43, 6, 1, 5, 5, 7, 8, 7}; |
4389 | | #endif |
4390 | | |
4391 | | #if defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_GEN) || \ |
4392 | | defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ |
4393 | | defined(WOLFSSL_ASN_TEMPLATE) |
4394 | | /* Pilot attribute types (0.9.2342.19200300.100.1.*) */ |
4395 | | #define PLT_ATTR_TYPE_OID_BASE(num) {9, 146, 38, 137, 147, 242, 44, 100, 1, num} |
4396 | | static const byte uidOid[] = PLT_ATTR_TYPE_OID_BASE(1); /* user id */ |
4397 | | static const byte fvrtDrk[] = PLT_ATTR_TYPE_OID_BASE(5);/* favourite drink*/ |
4398 | | #endif |
4399 | | |
4400 | | #if defined(WOLFSSL_CERT_GEN) || \ |
4401 | | defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \ |
4402 | | defined(WOLFSSL_ASN_TEMPLATE) |
4403 | | static const byte dcOid[] = {9, 146, 38, 137, 147, 242, 44, 100, 1, 25}; /* domain component */ |
4404 | | #endif |
4405 | | |
4406 | | |
4407 | | /* Looks up the ID/type of an OID. |
4408 | | * |
4409 | | * When known returns the OID as a byte array and its length. |
4410 | | * ID-type are unique. |
4411 | | * |
4412 | | * Use oidIgnoreType to autofail. |
4413 | | * |
4414 | | * @param [in] id OID id. |
4415 | | * @param [in] type Type of OID (enum Oid_Types). |
4416 | | * @param [out] oidSz Length of OID byte array returned. |
4417 | | * @return Array of bytes for the OID. |
4418 | | * @return NULL when ID/type not recognized. |
4419 | | */ |
4420 | | const byte* OidFromId(word32 id, word32 type, word32* oidSz) |
4421 | 0 | { |
4422 | 0 | const byte* oid = NULL; |
4423 | |
|
4424 | 0 | *oidSz = 0; |
4425 | |
|
4426 | 0 | switch (type) { |
4427 | | |
4428 | 0 | case oidHashType: |
4429 | 0 | switch (id) { |
4430 | 0 | #ifdef WOLFSSL_MD2 |
4431 | 0 | case MD2h: |
4432 | 0 | oid = hashMd2hOid; |
4433 | 0 | *oidSz = sizeof(hashMd2hOid); |
4434 | 0 | break; |
4435 | 0 | #endif |
4436 | 0 | #ifndef NO_MD5 |
4437 | 0 | case MD5h: |
4438 | 0 | oid = hashMd5hOid; |
4439 | 0 | *oidSz = sizeof(hashMd5hOid); |
4440 | 0 | break; |
4441 | 0 | #endif |
4442 | 0 | #ifndef NO_SHA |
4443 | 0 | case SHAh: |
4444 | 0 | oid = hashSha1hOid; |
4445 | 0 | *oidSz = sizeof(hashSha1hOid); |
4446 | 0 | break; |
4447 | 0 | #endif |
4448 | 0 | #ifdef WOLFSSL_SHA224 |
4449 | 0 | case SHA224h: |
4450 | 0 | oid = hashSha224hOid; |
4451 | 0 | *oidSz = sizeof(hashSha224hOid); |
4452 | 0 | break; |
4453 | 0 | #endif |
4454 | 0 | #ifndef NO_SHA256 |
4455 | 0 | case SHA256h: |
4456 | 0 | oid = hashSha256hOid; |
4457 | 0 | *oidSz = sizeof(hashSha256hOid); |
4458 | 0 | break; |
4459 | 0 | #endif |
4460 | 0 | #ifdef WOLFSSL_SHA384 |
4461 | 0 | case SHA384h: |
4462 | 0 | oid = hashSha384hOid; |
4463 | 0 | *oidSz = sizeof(hashSha384hOid); |
4464 | 0 | break; |
4465 | 0 | #endif |
4466 | 0 | #ifdef WOLFSSL_SHA512 |
4467 | 0 | #ifndef WOLFSSL_NOSHA512_224 |
4468 | 0 | case SHA512_224h: |
4469 | 0 | oid = hashSha512_224hOid; |
4470 | 0 | *oidSz = sizeof(hashSha512_224hOid); |
4471 | 0 | break; |
4472 | 0 | #endif |
4473 | 0 | #ifndef WOLFSSL_NOSHA512_256 |
4474 | 0 | case SHA512_256h: |
4475 | 0 | oid = hashSha512_256hOid; |
4476 | 0 | *oidSz = sizeof(hashSha512_256hOid); |
4477 | 0 | break; |
4478 | 0 | #endif |
4479 | 0 | case SHA512h: |
4480 | 0 | oid = hashSha512hOid; |
4481 | 0 | *oidSz = sizeof(hashSha512hOid); |
4482 | 0 | break; |
4483 | 0 | #endif |
4484 | 0 | #ifdef WOLFSSL_SHA3 |
4485 | 0 | #ifndef WOLFSSL_NOSHA3_224 |
4486 | 0 | case SHA3_224h: |
4487 | 0 | oid = hashSha3_224hOid; |
4488 | 0 | *oidSz = sizeof(hashSha3_224hOid); |
4489 | 0 | break; |
4490 | 0 | #endif /* WOLFSSL_NOSHA3_224 */ |
4491 | 0 | #ifndef WOLFSSL_NOSHA3_256 |
4492 | 0 | case SHA3_256h: |
4493 | 0 | oid = hashSha3_256hOid; |
4494 | 0 | *oidSz = sizeof(hashSha3_256hOid); |
4495 | 0 | break; |
4496 | 0 | #endif /* WOLFSSL_NOSHA3_256 */ |
4497 | 0 | #ifndef WOLFSSL_NOSHA3_384 |
4498 | 0 | case SHA3_384h: |
4499 | 0 | oid = hashSha3_384hOid; |
4500 | 0 | *oidSz = sizeof(hashSha3_384hOid); |
4501 | 0 | break; |
4502 | 0 | #endif /* WOLFSSL_NOSHA3_384 */ |
4503 | 0 | #ifndef WOLFSSL_NOSHA3_512 |
4504 | 0 | case SHA3_512h: |
4505 | 0 | oid = hashSha3_512hOid; |
4506 | 0 | *oidSz = sizeof(hashSha3_512hOid); |
4507 | 0 | break; |
4508 | 0 | #endif /* WOLFSSL_NOSHA3_512 */ |
4509 | 0 | #endif /* WOLFSSL_SHA3 */ |
4510 | 0 | default: |
4511 | 0 | break; |
4512 | 0 | } |
4513 | 0 | break; |
4514 | | |
4515 | 0 | case oidSigType: |
4516 | 0 | switch (id) { |
4517 | | #if !defined(NO_DSA) && !defined(NO_SHA) |
4518 | | case CTC_SHAwDSA: |
4519 | | oid = sigSha1wDsaOid; |
4520 | | *oidSz = sizeof(sigSha1wDsaOid); |
4521 | | break; |
4522 | | case CTC_SHA256wDSA: |
4523 | | oid = sigSha256wDsaOid; |
4524 | | *oidSz = sizeof(sigSha256wDsaOid); |
4525 | | break; |
4526 | | #endif /* NO_DSA */ |
4527 | 0 | #ifndef NO_RSA |
4528 | 0 | #ifdef WOLFSSL_MD2 |
4529 | 0 | case CTC_MD2wRSA: |
4530 | 0 | oid = sigMd2wRsaOid; |
4531 | 0 | *oidSz = sizeof(sigMd2wRsaOid); |
4532 | 0 | break; |
4533 | 0 | #endif |
4534 | 0 | #ifndef NO_MD5 |
4535 | 0 | case CTC_MD5wRSA: |
4536 | 0 | oid = sigMd5wRsaOid; |
4537 | 0 | *oidSz = sizeof(sigMd5wRsaOid); |
4538 | 0 | break; |
4539 | 0 | #endif |
4540 | 0 | #ifndef NO_SHA |
4541 | 0 | case CTC_SHAwRSA: |
4542 | 0 | oid = sigSha1wRsaOid; |
4543 | 0 | *oidSz = sizeof(sigSha1wRsaOid); |
4544 | 0 | break; |
4545 | 0 | #endif |
4546 | 0 | #ifdef WOLFSSL_SHA224 |
4547 | 0 | case CTC_SHA224wRSA: |
4548 | 0 | oid = sigSha224wRsaOid; |
4549 | 0 | *oidSz = sizeof(sigSha224wRsaOid); |
4550 | 0 | break; |
4551 | 0 | #endif |
4552 | 0 | #ifndef NO_SHA256 |
4553 | 0 | case CTC_SHA256wRSA: |
4554 | 0 | oid = sigSha256wRsaOid; |
4555 | 0 | *oidSz = sizeof(sigSha256wRsaOid); |
4556 | 0 | break; |
4557 | 0 | #endif |
4558 | 0 | #ifdef WOLFSSL_SHA384 |
4559 | 0 | case CTC_SHA384wRSA: |
4560 | 0 | oid = sigSha384wRsaOid; |
4561 | 0 | *oidSz = sizeof(sigSha384wRsaOid); |
4562 | 0 | break; |
4563 | 0 | #endif |
4564 | 0 | #ifdef WOLFSSL_SHA512 |
4565 | 0 | case CTC_SHA512wRSA: |
4566 | 0 | oid = sigSha512wRsaOid; |
4567 | 0 | *oidSz = sizeof(sigSha512wRsaOid); |
4568 | 0 | break; |
4569 | 0 | #endif /* WOLFSSL_SHA512 */ |
4570 | 0 | #ifdef WOLFSSL_SHA3 |
4571 | 0 | #ifndef WOLFSSL_NOSHA3_224 |
4572 | 0 | case CTC_SHA3_224wRSA: |
4573 | 0 | oid = sigSha3_224wRsaOid; |
4574 | 0 | *oidSz = sizeof(sigSha3_224wRsaOid); |
4575 | 0 | break; |
4576 | 0 | #endif |
4577 | 0 | #ifndef WOLFSSL_NOSHA3_256 |
4578 | 0 | case CTC_SHA3_256wRSA: |
4579 | 0 | oid = sigSha3_256wRsaOid; |
4580 | 0 | *oidSz = sizeof(sigSha3_256wRsaOid); |
4581 | 0 | break; |
4582 | 0 | #endif |
4583 | 0 | #ifndef WOLFSSL_NOSHA3_384 |
4584 | 0 | case CTC_SHA3_384wRSA: |
4585 | 0 | oid = sigSha3_384wRsaOid; |
4586 | 0 | *oidSz = sizeof(sigSha3_384wRsaOid); |
4587 | 0 | break; |
4588 | 0 | #endif |
4589 | 0 | #ifndef WOLFSSL_NOSHA3_512 |
4590 | 0 | case CTC_SHA3_512wRSA: |
4591 | 0 | oid = sigSha3_512wRsaOid; |
4592 | 0 | *oidSz = sizeof(sigSha3_512wRsaOid); |
4593 | 0 | break; |
4594 | 0 | #endif |
4595 | 0 | #endif |
4596 | 0 | #ifdef WC_RSA_PSS |
4597 | 0 | case CTC_RSASSAPSS: |
4598 | 0 | oid = sigRsaSsaPssOid; |
4599 | 0 | *oidSz = sizeof(sigRsaSsaPssOid); |
4600 | 0 | break; |
4601 | 0 | #endif |
4602 | 0 | #endif /* NO_RSA */ |
4603 | 0 | #ifdef HAVE_ECC |
4604 | 0 | #ifndef NO_SHA |
4605 | 0 | case CTC_SHAwECDSA: |
4606 | 0 | oid = sigSha1wEcdsaOid; |
4607 | 0 | *oidSz = sizeof(sigSha1wEcdsaOid); |
4608 | 0 | break; |
4609 | 0 | #endif |
4610 | 0 | #ifdef WOLFSSL_SHA224 |
4611 | 0 | case CTC_SHA224wECDSA: |
4612 | 0 | oid = sigSha224wEcdsaOid; |
4613 | 0 | *oidSz = sizeof(sigSha224wEcdsaOid); |
4614 | 0 | break; |
4615 | 0 | #endif |
4616 | 0 | #ifndef NO_SHA256 |
4617 | 0 | case CTC_SHA256wECDSA: |
4618 | 0 | oid = sigSha256wEcdsaOid; |
4619 | 0 | *oidSz = sizeof(sigSha256wEcdsaOid); |
4620 | 0 | break; |
4621 | 0 | #endif |
4622 | 0 | #ifdef WOLFSSL_SHA384 |
4623 | 0 | case CTC_SHA384wECDSA: |
4624 | 0 | oid = sigSha384wEcdsaOid; |
4625 | 0 | *oidSz = sizeof(sigSha384wEcdsaOid); |
4626 | 0 | break; |
4627 | 0 | #endif |
4628 | 0 | #ifdef WOLFSSL_SHA512 |
4629 | 0 | case CTC_SHA512wECDSA: |
4630 | 0 | oid = sigSha512wEcdsaOid; |
4631 | 0 | *oidSz = sizeof(sigSha512wEcdsaOid); |
4632 | 0 | break; |
4633 | 0 | #endif |
4634 | 0 | #ifdef WOLFSSL_SHA3 |
4635 | 0 | #ifndef WOLFSSL_NOSHA3_224 |
4636 | 0 | case CTC_SHA3_224wECDSA: |
4637 | 0 | oid = sigSha3_224wEcdsaOid; |
4638 | 0 | *oidSz = sizeof(sigSha3_224wEcdsaOid); |
4639 | 0 | break; |
4640 | 0 | #endif |
4641 | 0 | #ifndef WOLFSSL_NOSHA3_256 |
4642 | 0 | case CTC_SHA3_256wECDSA: |
4643 | 0 | oid = sigSha3_256wEcdsaOid; |
4644 | 0 | *oidSz = sizeof(sigSha3_256wEcdsaOid); |
4645 | 0 | break; |
4646 | 0 | #endif |
4647 | 0 | #ifndef WOLFSSL_NOSHA3_384 |
4648 | 0 | case CTC_SHA3_384wECDSA: |
4649 | 0 | oid = sigSha3_384wEcdsaOid; |
4650 | 0 | *oidSz = sizeof(sigSha3_384wEcdsaOid); |
4651 | 0 | break; |
4652 | 0 | #endif |
4653 | 0 | #ifndef WOLFSSL_NOSHA3_512 |
4654 | 0 | case CTC_SHA3_512wECDSA: |
4655 | 0 | oid = sigSha3_512wEcdsaOid; |
4656 | 0 | *oidSz = sizeof(sigSha3_512wEcdsaOid); |
4657 | 0 | break; |
4658 | 0 | #endif |
4659 | 0 | #endif |
4660 | 0 | #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) |
4661 | 0 | case CTC_SM3wSM2: |
4662 | 0 | oid = sigSm3wSm2Oid; |
4663 | 0 | *oidSz = sizeof(sigSm3wSm2Oid); |
4664 | 0 | break; |
4665 | 0 | #endif |
4666 | 0 | #endif /* HAVE_ECC */ |
4667 | 0 | #ifdef HAVE_ED25519 |
4668 | 0 | case CTC_ED25519: |
4669 | 0 | oid = sigEd25519Oid; |
4670 | 0 | *oidSz = sizeof(sigEd25519Oid); |
4671 | 0 | break; |
4672 | 0 | #endif |
4673 | 0 | #ifdef HAVE_ED448 |
4674 | 0 | case CTC_ED448: |
4675 | 0 | oid = sigEd448Oid; |
4676 | 0 | *oidSz = sizeof(sigEd448Oid); |
4677 | 0 | break; |
4678 | 0 | #endif |
4679 | | #ifdef HAVE_PQC |
4680 | | #ifdef HAVE_FALCON |
4681 | | case CTC_FALCON_LEVEL1: |
4682 | | oid = sigFalcon_Level1Oid; |
4683 | | *oidSz = sizeof(sigFalcon_Level1Oid); |
4684 | | break; |
4685 | | case CTC_FALCON_LEVEL5: |
4686 | | oid = sigFalcon_Level5Oid; |
4687 | | *oidSz = sizeof(sigFalcon_Level5Oid); |
4688 | | break; |
4689 | | #endif /* HAVE_FALCON */ |
4690 | | #ifdef HAVE_DILITHIUM |
4691 | | case CTC_DILITHIUM_LEVEL2: |
4692 | | oid = sigDilithium_Level2Oid; |
4693 | | *oidSz = sizeof(sigDilithium_Level2Oid); |
4694 | | break; |
4695 | | case CTC_DILITHIUM_LEVEL3: |
4696 | | oid = sigDilithium_Level3Oid; |
4697 | | *oidSz = sizeof(sigDilithium_Level3Oid); |
4698 | | break; |
4699 | | case CTC_DILITHIUM_LEVEL5: |
4700 | | oid = sigDilithium_Level5Oid; |
4701 | | *oidSz = sizeof(sigDilithium_Level5Oid); |
4702 | | break; |
4703 | | #endif /* HAVE_DILITHIUM */ |
4704 | | #ifdef HAVE_SPHINCS |
4705 | | case CTC_SPHINCS_FAST_LEVEL1: |
4706 | | oid = sigSphincsFast_Level1Oid; |
4707 | | *oidSz = sizeof(sigSphincsFast_Level1Oid); |
4708 | | break; |
4709 | | case CTC_SPHINCS_FAST_LEVEL3: |
4710 | | oid = sigSphincsFast_Level3Oid; |
4711 | | *oidSz = sizeof(sigSphincsFast_Level3Oid); |
4712 | | break; |
4713 | | case CTC_SPHINCS_FAST_LEVEL5: |
4714 | | oid = sigSphincsFast_Level5Oid; |
4715 | | *oidSz = sizeof(sigSphincsFast_Level5Oid); |
4716 | | break; |
4717 | | case CTC_SPHINCS_SMALL_LEVEL1: |
4718 | | oid = sigSphincsSmall_Level1Oid; |
4719 | | *oidSz = sizeof(sigSphincsSmall_Level1Oid); |
4720 | | break; |
4721 | | case CTC_SPHINCS_SMALL_LEVEL3: |
4722 | | oid = sigSphincsSmall_Level3Oid; |
4723 | | *oidSz = sizeof(sigSphincsSmall_Level3Oid); |
4724 | | break; |
4725 | | case CTC_SPHINCS_SMALL_LEVEL5: |
4726 | | oid = sigSphincsSmall_Level5Oid; |
4727 | | *oidSz = sizeof(sigSphincsSmall_Level5Oid); |
4728 | | break; |
4729 | | #endif /* HAVE_SPHINCS */ |
4730 | | #endif /* HAVE_PQC */ |
4731 | 0 | default: |
4732 | 0 | break; |
4733 | 0 | } |
4734 | 0 | break; |
4735 | | |
4736 | 0 | case oidKeyType: |
4737 | 0 | switch (id) { |
4738 | | #ifndef NO_DSA |
4739 | | case DSAk: |
4740 | | oid = keyDsaOid; |
4741 | | *oidSz = sizeof(keyDsaOid); |
4742 | | break; |
4743 | | #endif /* NO_DSA */ |
4744 | 0 | #ifndef NO_RSA |
4745 | 0 | case RSAk: |
4746 | 0 | oid = keyRsaOid; |
4747 | 0 | *oidSz = sizeof(keyRsaOid); |
4748 | 0 | break; |
4749 | 0 | #ifdef WC_RSA_PSS |
4750 | 0 | case RSAPSSk: |
4751 | 0 | oid = keyRsaPssOid; |
4752 | 0 | *oidSz = sizeof(keyRsaPssOid); |
4753 | 0 | break; |
4754 | 0 | #endif |
4755 | 0 | #endif /* NO_RSA */ |
4756 | 0 | #ifdef HAVE_ECC |
4757 | 0 | case ECDSAk: |
4758 | 0 | oid = keyEcdsaOid; |
4759 | 0 | *oidSz = sizeof(keyEcdsaOid); |
4760 | 0 | break; |
4761 | 0 | #endif /* HAVE_ECC */ |
4762 | 0 | #ifdef HAVE_ED25519 |
4763 | 0 | case ED25519k: |
4764 | 0 | oid = keyEd25519Oid; |
4765 | 0 | *oidSz = sizeof(keyEd25519Oid); |
4766 | 0 | break; |
4767 | 0 | #endif /* HAVE_ED25519 */ |
4768 | 0 | #ifdef HAVE_CURVE25519 |
4769 | 0 | case X25519k: |
4770 | 0 | oid = keyCurve25519Oid; |
4771 | 0 | *oidSz = sizeof(keyCurve25519Oid); |
4772 | 0 | break; |
4773 | 0 | #endif /* HAVE_CURVE25519 */ |
4774 | 0 | #ifdef HAVE_ED448 |
4775 | 0 | case ED448k: |
4776 | 0 | oid = keyEd448Oid; |
4777 | 0 | *oidSz = sizeof(keyEd448Oid); |
4778 | 0 | break; |
4779 | 0 | #endif /* HAVE_ED448 */ |
4780 | 0 | #ifdef HAVE_CURVE448 |
4781 | 0 | case X448k: |
4782 | 0 | oid = keyCurve448Oid; |
4783 | 0 | *oidSz = sizeof(keyCurve448Oid); |
4784 | 0 | break; |
4785 | 0 | #endif /* HAVE_CURVE448 */ |
4786 | 0 | #ifndef NO_DH |
4787 | 0 | case DHk: |
4788 | 0 | oid = keyDhOid; |
4789 | 0 | *oidSz = sizeof(keyDhOid); |
4790 | 0 | break; |
4791 | 0 | #endif /* !NO_DH */ |
4792 | | #ifdef HAVE_PQC |
4793 | | #ifdef HAVE_FALCON |
4794 | | case FALCON_LEVEL1k: |
4795 | | oid = keyFalcon_Level1Oid; |
4796 | | *oidSz = sizeof(keyFalcon_Level1Oid); |
4797 | | break; |
4798 | | case FALCON_LEVEL5k: |
4799 | | oid = keyFalcon_Level5Oid; |
4800 | | *oidSz = sizeof(keyFalcon_Level5Oid); |
4801 | | break; |
4802 | | #endif /* HAVE_FALCON */ |
4803 | | #ifdef HAVE_DILITHIUM |
4804 | | case DILITHIUM_LEVEL2k: |
4805 | | oid = keyDilithium_Level2Oid; |
4806 | | *oidSz = sizeof(keyDilithium_Level2Oid); |
4807 | | break; |
4808 | | case DILITHIUM_LEVEL3k: |
4809 | | oid = keyDilithium_Level3Oid; |
4810 | | *oidSz = sizeof(keyDilithium_Level3Oid); |
4811 | | break; |
4812 | | case DILITHIUM_LEVEL5k: |
4813 | | oid = keyDilithium_Level5Oid; |
4814 | | *oidSz = sizeof(keyDilithium_Level5Oid); |
4815 | | break; |
4816 | | #endif /* HAVE_DILITHIUM */ |
4817 | | #ifdef HAVE_SPHINCS |
4818 | | case SPHINCS_FAST_LEVEL1k: |
4819 | | oid = keySphincsFast_Level1Oid; |
4820 | | *oidSz = sizeof(keySphincsFast_Level1Oid); |
4821 | | break; |
4822 | | case SPHINCS_FAST_LEVEL3k: |
4823 | | oid = keySphincsFast_Level3Oid; |
4824 | | *oidSz = sizeof(keySphincsFast_Level3Oid); |
4825 | | break; |
4826 | | case SPHINCS_FAST_LEVEL5k: |
4827 | | oid = keySphincsFast_Level5Oid; |
4828 | | *oidSz = sizeof(keySphincsFast_Level5Oid); |
4829 | | break; |
4830 | | case SPHINCS_SMALL_LEVEL1k: |
4831 | | oid = keySphincsSmall_Level1Oid; |
4832 | | *oidSz = sizeof(keySphincsSmall_Level1Oid); |
4833 | | break; |
4834 | | case SPHINCS_SMALL_LEVEL3k: |
4835 | | oid = keySphincsSmall_Level3Oid; |
4836 | | *oidSz = sizeof(keySphincsSmall_Level3Oid); |
4837 | | break; |
4838 | | case SPHINCS_SMALL_LEVEL5k: |
4839 | | oid = keySphincsSmall_Level5Oid; |
4840 | | *oidSz = sizeof(keySphincsSmall_Level5Oid); |
4841 | | break; |
4842 | | #endif /* HAVE_SPHINCS */ |
4843 | | #endif /* HAVE_PQC */ |
4844 | 0 | default: |
4845 | 0 | break; |
4846 | 0 | } |
4847 | 0 | break; |
4848 | | |
4849 | 0 | #ifdef HAVE_ECC |
4850 | 0 | case oidCurveType: |
4851 | 0 | if (wc_ecc_get_oid(id, &oid, oidSz) < 0) { |
4852 | 0 | WOLFSSL_MSG("ECC OID not found"); |
4853 | 0 | } |
4854 | 0 | break; |
4855 | 0 | #endif /* HAVE_ECC */ |
4856 | | |
4857 | 0 | case oidBlkType: |
4858 | 0 | switch (id) { |
4859 | 0 | #ifdef HAVE_AES_CBC |
4860 | 0 | #ifdef WOLFSSL_AES_128 |
4861 | 0 | case AES128CBCb: |
4862 | 0 | oid = blkAes128CbcOid; |
4863 | 0 | *oidSz = sizeof(blkAes128CbcOid); |
4864 | 0 | break; |
4865 | 0 | #endif |
4866 | 0 | #ifdef WOLFSSL_AES_192 |
4867 | 0 | case AES192CBCb: |
4868 | 0 | oid = blkAes192CbcOid; |
4869 | 0 | *oidSz = sizeof(blkAes192CbcOid); |
4870 | 0 | break; |
4871 | 0 | #endif |
4872 | 0 | #ifdef WOLFSSL_AES_256 |
4873 | 0 | case AES256CBCb: |
4874 | 0 | oid = blkAes256CbcOid; |
4875 | 0 | *oidSz = sizeof(blkAes256CbcOid); |
4876 | 0 | break; |
4877 | 0 | #endif |
4878 | 0 | #endif /* HAVE_AES_CBC */ |
4879 | 0 | #ifdef HAVE_AESGCM |
4880 | 0 | #ifdef WOLFSSL_AES_128 |
4881 | 0 | case AES128GCMb: |
4882 | 0 | oid = blkAes128GcmOid; |
4883 | 0 | *oidSz = sizeof(blkAes128GcmOid); |
4884 | 0 | break; |
4885 | 0 | #endif |
4886 | 0 | #ifdef WOLFSSL_AES_192 |
4887 | 0 | case AES192GCMb: |
4888 | 0 | oid = blkAes192GcmOid; |
4889 | 0 | *oidSz = sizeof(blkAes192GcmOid); |
4890 | 0 | break; |
4891 | 0 | #endif |
4892 | 0 | #ifdef WOLFSSL_AES_256 |
4893 | 0 | case AES256GCMb: |
4894 | 0 | oid = blkAes256GcmOid; |
4895 | 0 | *oidSz = sizeof(blkAes256GcmOid); |
4896 | 0 | break; |
4897 | 0 | #endif |
4898 | 0 | #endif /* HAVE_AESGCM */ |
4899 | 0 | #ifdef HAVE_AESCCM |
4900 | 0 | #ifdef WOLFSSL_AES_128 |
4901 | 0 | case AES128CCMb: |
4902 | 0 | oid = blkAes128CcmOid; |
4903 | 0 | *oidSz = sizeof(blkAes128CcmOid); |
4904 | 0 | break; |
4905 | 0 | #endif |
4906 | 0 | #ifdef WOLFSSL_AES_192 |
4907 | 0 | case AES192CCMb: |
4908 | 0 | oid = blkAes192CcmOid; |
4909 | 0 | *oidSz = sizeof(blkAes192CcmOid); |
4910 | 0 | break; |
4911 | 0 | #endif |
4912 | 0 | #ifdef WOLFSSL_AES_256 |
4913 | 0 | case AES256CCMb: |
4914 | 0 | oid = blkAes256CcmOid; |
4915 | 0 | *oidSz = sizeof(blkAes256CcmOid); |
4916 | 0 | break; |
4917 | 0 | #endif |
4918 | 0 | #endif /* HAVE_AESCCM */ |
4919 | 0 | #ifndef NO_DES3 |
4920 | 0 | case DESb: |
4921 | 0 | oid = blkDesCbcOid; |
4922 | 0 | *oidSz = sizeof(blkDesCbcOid); |
4923 | 0 | break; |
4924 | 0 | case DES3b: |
4925 | 0 | oid = blkDes3CbcOid; |
4926 | 0 | *oidSz = sizeof(blkDes3CbcOid); |
4927 | 0 | break; |
4928 | 0 | #endif /* !NO_DES3 */ |
4929 | 0 | default: |
4930 | 0 | break; |
4931 | 0 | } |
4932 | 0 | break; |
4933 | | |
4934 | | #ifdef HAVE_OCSP |
4935 | | case oidOcspType: |
4936 | | switch (id) { |
4937 | | case OCSP_BASIC_OID: |
4938 | | oid = ocspBasicOid; |
4939 | | *oidSz = sizeof(ocspBasicOid); |
4940 | | break; |
4941 | | case OCSP_NONCE_OID: |
4942 | | oid = ocspNonceOid; |
4943 | | *oidSz = sizeof(ocspNonceOid); |
4944 | | break; |
4945 | | default: |
4946 | | break; |
4947 | | } |
4948 | | break; |
4949 | | #endif /* HAVE_OCSP */ |
4950 | | |
4951 | 0 | case oidCertExtType: |
4952 | 0 | switch (id) { |
4953 | 0 | case BASIC_CA_OID: |
4954 | 0 | oid = extBasicCaOid; |
4955 | 0 | *oidSz = sizeof(extBasicCaOid); |
4956 | 0 | break; |
4957 | 0 | case ALT_NAMES_OID: |
4958 | 0 | oid = extAltNamesOid; |
4959 | 0 | *oidSz = sizeof(extAltNamesOid); |
4960 | 0 | break; |
4961 | 0 | case CRL_DIST_OID: |
4962 | 0 | oid = extCrlDistOid; |
4963 | 0 | *oidSz = sizeof(extCrlDistOid); |
4964 | 0 | break; |
4965 | 0 | case AUTH_INFO_OID: |
4966 | 0 | oid = extAuthInfoOid; |
4967 | 0 | *oidSz = sizeof(extAuthInfoOid); |
4968 | 0 | break; |
4969 | 0 | case AUTH_KEY_OID: |
4970 | 0 | oid = extAuthKeyOid; |
4971 | 0 | *oidSz = sizeof(extAuthKeyOid); |
4972 | 0 | break; |
4973 | 0 | case SUBJ_KEY_OID: |
4974 | 0 | oid = extSubjKeyOid; |
4975 | 0 | *oidSz = sizeof(extSubjKeyOid); |
4976 | 0 | break; |
4977 | 0 | case CERT_POLICY_OID: |
4978 | 0 | oid = extCertPolicyOid; |
4979 | 0 | *oidSz = sizeof(extCertPolicyOid); |
4980 | 0 | break; |
4981 | 0 | case KEY_USAGE_OID: |
4982 | 0 | oid = extKeyUsageOid; |
4983 | 0 | *oidSz = sizeof(extKeyUsageOid); |
4984 | 0 | break; |
4985 | 0 | case INHIBIT_ANY_OID: |
4986 | 0 | oid = extInhibitAnyOid; |
4987 | 0 | *oidSz = sizeof(extInhibitAnyOid); |
4988 | 0 | break; |
4989 | 0 | case EXT_KEY_USAGE_OID: |
4990 | 0 | oid = extExtKeyUsageOid; |
4991 | 0 | *oidSz = sizeof(extExtKeyUsageOid); |
4992 | 0 | break; |
4993 | 0 | #ifndef IGNORE_NAME_CONSTRAINTS |
4994 | 0 | case NAME_CONS_OID: |
4995 | 0 | oid = extNameConsOid; |
4996 | 0 | *oidSz = sizeof(extNameConsOid); |
4997 | 0 | break; |
4998 | 0 | #endif |
4999 | | #ifdef HAVE_OCSP |
5000 | | case OCSP_NOCHECK_OID: |
5001 | | oid = ocspNoCheckOid; |
5002 | | *oidSz = sizeof(ocspNoCheckOid); |
5003 | | break; |
5004 | | #endif |
5005 | | #ifdef WOLFSSL_SUBJ_DIR_ATTR |
5006 | | case SUBJ_DIR_ATTR_OID: |
5007 | | oid = extSubjDirAttrOid; |
5008 | | *oidSz = sizeof(extSubjDirAttrOid); |
5009 | | break; |
5010 | | #endif |
5011 | | #ifdef WOLFSSL_SUBJ_INFO_ACC |
5012 | | case SUBJ_INFO_ACC_OID: |
5013 | | oid = extSubjInfoAccessOid; |
5014 | | *oidSz = sizeof(extSubjInfoAccessOid); |
5015 | | break; |
5016 | | #endif |
5017 | 0 | default: |
5018 | 0 | break; |
5019 | 0 | } |
5020 | 0 | break; |
5021 | | |
5022 | 0 | case oidCrlExtType: |
5023 | | #ifdef HAVE_CRL |
5024 | | switch (id) { |
5025 | | case AUTH_KEY_OID: |
5026 | | oid = extAuthKeyOid; |
5027 | | *oidSz = sizeof(extAuthKeyOid); |
5028 | | break; |
5029 | | case CRL_NUMBER_OID: |
5030 | | oid = extCrlNumberOid; |
5031 | | *oidSz = sizeof(extCrlNumberOid); |
5032 | | break; |
5033 | | default: |
5034 | | break; |
5035 | | } |
5036 | | #endif |
5037 | 0 | break; |
5038 | | |
5039 | 0 | case oidCertAuthInfoType: |
5040 | 0 | switch (id) { |
5041 | 0 | case AIA_OCSP_OID: |
5042 | 0 | oid = extAuthInfoOcspOid; |
5043 | 0 | *oidSz = sizeof(extAuthInfoOcspOid); |
5044 | 0 | break; |
5045 | 0 | case AIA_CA_ISSUER_OID: |
5046 | 0 | oid = extAuthInfoCaIssuerOid; |
5047 | 0 | *oidSz = sizeof(extAuthInfoCaIssuerOid); |
5048 | 0 | break; |
5049 | | #ifdef WOLFSSL_SUBJ_INFO_ACC |
5050 | | case AIA_CA_REPO_OID: |
5051 | | oid = extAuthInfoCaRespOid; |
5052 | | *oidSz = sizeof(extAuthInfoCaRespOid); |
5053 | | break; |
5054 | | #endif /* WOLFSSL_SUBJ_INFO_ACC */ |
5055 | 0 | default: |
5056 | 0 | break; |
5057 | 0 | } |
5058 | 0 | break; |
5059 | | |
5060 | 0 | case oidCertPolicyType: |
5061 | 0 | switch (id) { |
5062 | 0 | case CP_ANY_OID: |
5063 | 0 | oid = extCertPolicyAnyOid; |
5064 | 0 | *oidSz = sizeof(extCertPolicyAnyOid); |
5065 | 0 | break; |
5066 | | #if defined(WOLFSSL_FPKI) |
5067 | | case CP_FPKI_COMMON_AUTH_OID: |
5068 | | oid = extCertPolicyFpkiCommonAuthOid; |
5069 | | *oidSz = sizeof(extCertPolicyFpkiCommonAuthOid); |
5070 | | break; |
5071 | | case CP_FPKI_PIV_AUTH_OID: |
5072 | | oid = extCertPolicyFpkiPivAuthOid; |
5073 | | *oidSz = sizeof(extCertPolicyFpkiPivAuthOid); |
5074 | | break; |
5075 | | case CP_FPKI_PIV_AUTH_HW_OID: /* collision with AES256CBCb */ |
5076 | | oid = extCertPolicyFpkiPivAuthHwOid; |
5077 | | *oidSz = sizeof(extCertPolicyFpkiPivAuthHwOid); |
5078 | | break; |
5079 | | case CP_FPKI_PIVI_AUTH_OID: |
5080 | | oid = extCertPolicyFpkiPiviAuthOid; |
5081 | | *oidSz = sizeof(extCertPolicyFpkiPiviAuthOid); |
5082 | | break; |
5083 | | #endif /* WOLFSSL_FPKI */ |
5084 | 0 | default: |
5085 | 0 | break; |
5086 | 0 | } |
5087 | 0 | break; |
5088 | | |
5089 | 0 | case oidCertAltNameType: |
5090 | 0 | switch (id) { |
5091 | 0 | case HW_NAME_OID: |
5092 | 0 | oid = extAltNamesHwNameOid; |
5093 | 0 | *oidSz = sizeof(extAltNamesHwNameOid); |
5094 | 0 | break; |
5095 | 0 | default: |
5096 | 0 | break; |
5097 | 0 | } |
5098 | 0 | break; |
5099 | | |
5100 | 0 | case oidCertKeyUseType: |
5101 | 0 | switch (id) { |
5102 | 0 | case EKU_ANY_OID: |
5103 | 0 | oid = extExtKeyUsageAnyOid; |
5104 | 0 | *oidSz = sizeof(extExtKeyUsageAnyOid); |
5105 | 0 | break; |
5106 | 0 | case EKU_SERVER_AUTH_OID: |
5107 | 0 | oid = extExtKeyUsageServerAuthOid; |
5108 | 0 | *oidSz = sizeof(extExtKeyUsageServerAuthOid); |
5109 | 0 | break; |
5110 | 0 | case EKU_CLIENT_AUTH_OID: |
5111 | 0 | oid = extExtKeyUsageClientAuthOid; |
5112 | 0 | *oidSz = sizeof(extExtKeyUsageClientAuthOid); |
5113 | 0 | break; |
5114 | 0 | case EKU_CODESIGNING_OID: |
5115 | 0 | oid = extExtKeyUsageCodeSigningOid; |
5116 | 0 | *oidSz = sizeof(extExtKeyUsageCodeSigningOid); |
5117 | 0 | break; |
5118 | 0 | case EKU_EMAILPROTECT_OID: |
5119 | 0 | oid = extExtKeyUsageEmailProtectOid; |
5120 | 0 | *oidSz = sizeof(extExtKeyUsageEmailProtectOid); |
5121 | 0 | break; |
5122 | 0 | case EKU_TIMESTAMP_OID: |
5123 | 0 | oid = extExtKeyUsageTimestampOid; |
5124 | 0 | *oidSz = sizeof(extExtKeyUsageTimestampOid); |
5125 | 0 | break; |
5126 | 0 | case EKU_OCSP_SIGN_OID: |
5127 | 0 | oid = extExtKeyUsageOcspSignOid; |
5128 | 0 | *oidSz = sizeof(extExtKeyUsageOcspSignOid); |
5129 | 0 | break; |
5130 | | #ifdef WOLFSSL_WOLFSSH |
5131 | | case EKU_SSH_CLIENT_AUTH_OID: |
5132 | | oid = extExtKeyUsageSshClientAuthOid; |
5133 | | *oidSz = sizeof(extExtKeyUsageSshClientAuthOid); |
5134 | | break; |
5135 | | case EKU_SSH_MSCL_OID: |
5136 | | oid = extExtKeyUsageSshMSCLOid; |
5137 | | *oidSz = sizeof(extExtKeyUsageSshMSCLOid); |
5138 | | break; |
5139 | | case EKU_SSH_KP_CLIENT_AUTH_OID: |
5140 | | oid = extExtKeyUsageSshKpClientAuthOid; |
5141 | | *oidSz = sizeof(extExtKeyUsageSshKpClientAuthOid); |
5142 | | break; |
5143 | | #endif /* WOLFSSL_WOLFSSH */ |
5144 | 0 | default: |
5145 | 0 | break; |
5146 | 0 | } |
5147 | 0 | break; |
5148 | | |
5149 | 0 | case oidKdfType: |
5150 | 0 | switch (id) { |
5151 | 0 | case PBKDF2_OID: |
5152 | 0 | oid = pbkdf2Oid; |
5153 | 0 | *oidSz = sizeof(pbkdf2Oid); |
5154 | 0 | break; |
5155 | 0 | default: |
5156 | 0 | break; |
5157 | 0 | } |
5158 | 0 | break; |
5159 | | |
5160 | 0 | case oidPBEType: |
5161 | 0 | switch (id) { |
5162 | 0 | #if !defined(NO_SHA) && !defined(NO_RC4) |
5163 | 0 | case PBE_SHA1_RC4_128_SUM: |
5164 | 0 | case PBE_SHA1_RC4_128: |
5165 | 0 | oid = pbeSha1RC4128; |
5166 | 0 | *oidSz = sizeof(pbeSha1RC4128); |
5167 | 0 | break; |
5168 | 0 | #endif |
5169 | 0 | #if !defined(NO_MD5) && !defined(NO_DES3) |
5170 | 0 | case PBE_MD5_DES_SUM: |
5171 | 0 | case PBE_MD5_DES: |
5172 | 0 | oid = pbeMd5Des; |
5173 | 0 | *oidSz = sizeof(pbeMd5Des); |
5174 | 0 | break; |
5175 | | |
5176 | 0 | #endif |
5177 | 0 | #if !defined(NO_SHA) && !defined(NO_DES3) |
5178 | 0 | case PBE_SHA1_DES_SUM: |
5179 | 0 | case PBE_SHA1_DES: |
5180 | 0 | oid = pbeSha1Des; |
5181 | 0 | *oidSz = sizeof(pbeSha1Des); |
5182 | 0 | break; |
5183 | | |
5184 | 0 | #endif |
5185 | 0 | #if !defined(NO_SHA) && !defined(NO_DES3) |
5186 | 0 | case PBE_SHA1_DES3_SUM: |
5187 | 0 | case PBE_SHA1_DES3: |
5188 | 0 | oid = pbeSha1Des3; |
5189 | 0 | *oidSz = sizeof(pbeSha1Des3); |
5190 | 0 | break; |
5191 | 0 | #endif |
5192 | | #if !defined(NO_SHA) && defined(WC_RC2) |
5193 | | case PBE_SHA1_40RC2_CBC_SUM: |
5194 | | case PBE_SHA1_40RC2_CBC: |
5195 | | oid = pbe40Rc2Cbc; |
5196 | | *oidSz = sizeof(pbe40Rc2Cbc); |
5197 | | break; |
5198 | | #endif |
5199 | 0 | case PBES2_SUM: |
5200 | 0 | case PBES2: |
5201 | 0 | oid = pbes2; |
5202 | 0 | *oidSz = sizeof(pbes2); |
5203 | 0 | break; |
5204 | 0 | default: |
5205 | 0 | break; |
5206 | 0 | } |
5207 | 0 | break; |
5208 | | |
5209 | 0 | case oidKeyWrapType: |
5210 | 0 | switch (id) { |
5211 | 0 | #ifdef WOLFSSL_AES_128 |
5212 | 0 | case AES128_WRAP: |
5213 | 0 | oid = wrapAes128Oid; |
5214 | 0 | *oidSz = sizeof(wrapAes128Oid); |
5215 | 0 | break; |
5216 | 0 | #endif |
5217 | 0 | #ifdef WOLFSSL_AES_192 |
5218 | 0 | case AES192_WRAP: |
5219 | 0 | oid = wrapAes192Oid; |
5220 | 0 | *oidSz = sizeof(wrapAes192Oid); |
5221 | 0 | break; |
5222 | 0 | #endif |
5223 | 0 | #ifdef WOLFSSL_AES_256 |
5224 | 0 | case AES256_WRAP: |
5225 | 0 | oid = wrapAes256Oid; |
5226 | 0 | *oidSz = sizeof(wrapAes256Oid); |
5227 | 0 | break; |
5228 | 0 | #endif |
5229 | | #ifdef HAVE_PKCS7 |
5230 | | case PWRI_KEK_WRAP: |
5231 | | oid = wrapPwriKekOid; |
5232 | | *oidSz = sizeof(wrapPwriKekOid); |
5233 | | break; |
5234 | | #endif |
5235 | 0 | default: |
5236 | 0 | break; |
5237 | 0 | } |
5238 | 0 | break; |
5239 | | |
5240 | 0 | case oidCmsKeyAgreeType: |
5241 | 0 | switch (id) { |
5242 | 0 | #ifndef NO_SHA |
5243 | 0 | case dhSinglePass_stdDH_sha1kdf_scheme: |
5244 | 0 | oid = dhSinglePass_stdDH_sha1kdf_Oid; |
5245 | 0 | *oidSz = sizeof(dhSinglePass_stdDH_sha1kdf_Oid); |
5246 | 0 | break; |
5247 | 0 | #endif |
5248 | 0 | #ifdef WOLFSSL_SHA224 |
5249 | 0 | case dhSinglePass_stdDH_sha224kdf_scheme: |
5250 | 0 | oid = dhSinglePass_stdDH_sha224kdf_Oid; |
5251 | 0 | *oidSz = sizeof(dhSinglePass_stdDH_sha224kdf_Oid); |
5252 | 0 | break; |
5253 | 0 | #endif |
5254 | 0 | #ifndef NO_SHA256 |
5255 | 0 | case dhSinglePass_stdDH_sha256kdf_scheme: |
5256 | 0 | oid = dhSinglePass_stdDH_sha256kdf_Oid; |
5257 | 0 | *oidSz = sizeof(dhSinglePass_stdDH_sha256kdf_Oid); |
5258 | 0 | break; |
5259 | 0 | #endif |
5260 | 0 | #ifdef WOLFSSL_SHA384 |
5261 | 0 | case dhSinglePass_stdDH_sha384kdf_scheme: |
5262 | 0 | oid = dhSinglePass_stdDH_sha384kdf_Oid; |
5263 | 0 | *oidSz = sizeof(dhSinglePass_stdDH_sha384kdf_Oid); |
5264 | 0 | break; |
5265 | 0 | #endif |
5266 | 0 | #ifdef WOLFSSL_SHA512 |
5267 | 0 | case dhSinglePass_stdDH_sha512kdf_scheme: |
5268 | 0 | oid = dhSinglePass_stdDH_sha512kdf_Oid; |
5269 | 0 | *oidSz = sizeof(dhSinglePass_stdDH_sha512kdf_Oid); |
5270 | 0 | break; |
5271 | 0 | #endif |
5272 | 0 | default: |
5273 | 0 | break; |
5274 | 0 | } |
5275 | 0 | break; |
5276 | | |
5277 | 0 | #ifndef NO_HMAC |
5278 | 0 | case oidHmacType: |
5279 | 0 | switch (id) { |
5280 | 0 | #ifdef WOLFSSL_SHA224 |
5281 | 0 | case HMAC_SHA224_OID: |
5282 | 0 | oid = hmacSha224Oid; |
5283 | 0 | *oidSz = sizeof(hmacSha224Oid); |
5284 | 0 | break; |
5285 | 0 | #endif |
5286 | 0 | #ifndef NO_SHA256 |
5287 | 0 | case HMAC_SHA256_OID: |
5288 | 0 | oid = hmacSha256Oid; |
5289 | 0 | *oidSz = sizeof(hmacSha256Oid); |
5290 | 0 | break; |
5291 | 0 | #endif |
5292 | 0 | #ifdef WOLFSSL_SHA384 |
5293 | 0 | case HMAC_SHA384_OID: |
5294 | 0 | oid = hmacSha384Oid; |
|