12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268426942704271427242734274427542764277427842794280428142824283428442854286428742884289429042914292429342944295429642974298429943004301430243034304430543064307430843094310431143124313431443154316431743184319432043214322432343244325432643274328432943304331433243334334433543364337433843394340434143424343434443454346434743484349435043514352435343544355435643574358435943604361436243634364436543664367436843694370437143724373437443754376437743784379438043814382438343844385438643874388438943904391439243934394439543964397439843994400440144024403440444054406440744084409441044114412441344144415441644174418441944204421442244234424442544264427442844294430443144324433443444354436443744384439444044414442444344444445444644474448444944504451445244534454445544564457445844594460446144624463446444654466446744684469447044714472447344744475447644774478447944804481448244834484448544864487448844894490449144924493449444954496449744984499450045014502450345044505450645074508450945104511451245134514451545164517451845194520452145224523452445254526452745284529453045314532453345344535453645374538453945404541454245434544454545464547454845494550455145524553455445554556455745584559456045614562456345644565456645674568456945704571457245734574457545764577457845794580458145824583458445854586458745884589459045914592459345944595459645974598459946004601460246034604460546064607460846094610461146124613461446154616461746184619462046214622462346244625462646274628462946304631463246334634463546364637463846394640464146424643464446454646464746484649465046514652465346544655465646574658465946604661466246634664466546664667466846694670467146724673467446754676467746784679468046814682468346844685468646874688468946904691469246934694469546964697469846994700470147024703470447054706470747084709471047114712471347144715471647174718471947204721472247234724472547264727472847294730473147324733473447354736473747384739474047414742474347444745474647474748474947504751475247534754475547564757475847594760476147624763476447654766476747684769477047714772477347744775477647774778477947804781478247834784478547864787478847894790479147924793479447954796479747984799480048014802480348044805480648074808480948104811481248134814481548164817481848194820482148224823482448254826482748284829483048314832483348344835483648374838483948404841484248434844484548464847484848494850485148524853485448554856485748584859486048614862486348644865486648674868486948704871487248734874487548764877487848794880488148824883488448854886488748884889489048914892489348944895489648974898489949004901490249034904490549064907490849094910491149124913491449154916491749184919492049214922492349244925492649274928492949304931493249334934493549364937493849394940494149424943494449454946494749484949495049514952495349544955495649574958495949604961496249634964496549664967496849694970497149724973497449754976497749784979498049814982498349844985498649874988498949904991499249934994499549964997499849995000500150025003500450055006500750085009501050115012501350145015501650175018501950205021502250235024502550265027502850295030503150325033503450355036503750385039504050415042504350445045504650475048504950505051505250535054505550565057505850595060506150625063506450655066506750685069507050715072507350745075507650775078507950805081508250835084508550865087508850895090509150925093509450955096509750985099510051015102510351045105510651075108510951105111511251135114511551165117511851195120512151225123512451255126512751285129513051315132513351345135513651375138513951405141514251435144514551465147514851495150515151525153515451555156515751585159516051615162516351645165516651675168516951705171517251735174517551765177517851795180518151825183518451855186518751885189519051915192519351945195519651975198519952005201520252035204520552065207520852095210521152125213521452155216521752185219522052215222522352245225522652275228522952305231523252335234523552365237523852395240524152425243524452455246524752485249525052515252525352545255525652575258525952605261526252635264526552665267526852695270527152725273527452755276527752785279528052815282528352845285528652875288528952905291529252935294529552965297529852995300530153025303530453055306530753085309531053115312531353145315531653175318531953205321532253235324532553265327532853295330533153325333533453355336533753385339534053415342534353445345534653475348534953505351535253535354535553565357535853595360536153625363536453655366536753685369537053715372537353745375537653775378537953805381538253835384538553865387538853895390539153925393539453955396539753985399540054015402540354045405540654075408540954105411541254135414541554165417541854195420542154225423542454255426542754285429543054315432543354345435543654375438543954405441544254435444544554465447544854495450545154525453545454555456545754585459546054615462546354645465546654675468546954705471547254735474547554765477547854795480548154825483548454855486548754885489549054915492549354945495549654975498549955005501550255035504550555065507550855095510551155125513551455155516551755185519552055215522552355245525552655275528552955305531553255335534553555365537553855395540554155425543554455455546554755485549555055515552555355545555555655575558555955605561556255635564556555665567556855695570557155725573557455755576557755785579558055815582558355845585558655875588558955905591559255935594559555965597559855995600560156025603560456055606560756085609561056115612561356145615561656175618561956205621562256235624562556265627562856295630563156325633563456355636563756385639564056415642564356445645564656475648564956505651565256535654565556565657565856595660566156625663566456655666566756685669567056715672567356745675567656775678567956805681568256835684568556865687568856895690569156925693569456955696569756985699570057015702570357045705570657075708570957105711571257135714571557165717571857195720572157225723572457255726572757285729573057315732573357345735573657375738573957405741574257435744574557465747574857495750575157525753575457555756575757585759576057615762576357645765576657675768576957705771577257735774577557765777577857795780578157825783578457855786578757885789579057915792579357945795579657975798579958005801580258035804580558065807580858095810581158125813581458155816581758185819582058215822582358245825582658275828582958305831583258335834583558365837583858395840584158425843584458455846584758485849585058515852585358545855585658575858585958605861586258635864586558665867586858695870587158725873587458755876587758785879588058815882588358845885588658875888588958905891589258935894589558965897589858995900590159025903590459055906590759085909591059115912591359145915591659175918591959205921592259235924592559265927592859295930593159325933593459355936593759385939594059415942594359445945594659475948594959505951595259535954595559565957595859595960596159625963596459655966596759685969597059715972597359745975597659775978597959805981598259835984598559865987598859895990599159925993599459955996599759985999600060016002600360046005600660076008600960106011601260136014601560166017601860196020602160226023602460256026602760286029603060316032603360346035603660376038603960406041604260436044604560466047604860496050605160526053605460556056605760586059606060616062606360646065606660676068606960706071607260736074607560766077607860796080608160826083608460856086608760886089609060916092609360946095609660976098609961006101610261036104610561066107610861096110611161126113611461156116611761186119612061216122612361246125612661276128612961306131613261336134613561366137613861396140614161426143614461456146614761486149615061516152615361546155615661576158615961606161616261636164616561666167616861696170617161726173617461756176617761786179618061816182618361846185618661876188618961906191619261936194619561966197619861996200620162026203620462056206620762086209621062116212621362146215621662176218621962206221622262236224622562266227622862296230623162326233623462356236623762386239624062416242624362446245624662476248624962506251625262536254625562566257625862596260626162626263626462656266626762686269627062716272627362746275627662776278627962806281628262836284628562866287628862896290629162926293629462956296629762986299630063016302630363046305630663076308630963106311631263136314631563166317631863196320632163226323632463256326632763286329633063316332633363346335633663376338633963406341634263436344634563466347634863496350635163526353635463556356635763586359636063616362636363646365636663676368636963706371637263736374637563766377637863796380638163826383638463856386638763886389639063916392639363946395639663976398639964006401640264036404640564066407640864096410641164126413641464156416641764186419642064216422642364246425642664276428642964306431643264336434643564366437643864396440644164426443644464456446644764486449645064516452645364546455645664576458645964606461646264636464646564666467646864696470647164726473647464756476647764786479648064816482648364846485648664876488648964906491649264936494649564966497649864996500650165026503650465056506650765086509651065116512651365146515651665176518651965206521652265236524652565266527652865296530653165326533653465356536653765386539654065416542654365446545654665476548654965506551655265536554655565566557655865596560656165626563656465656566656765686569657065716572657365746575657665776578657965806581658265836584658565866587658865896590659165926593659465956596659765986599660066016602660366046605660666076608660966106611661266136614661566166617661866196620662166226623662466256626662766286629663066316632663366346635663666376638663966406641664266436644664566466647664866496650665166526653665466556656665766586659666066616662666366646665666666676668666966706671667266736674667566766677667866796680668166826683668466856686668766886689669066916692669366946695669666976698669967006701670267036704670567066707670867096710671167126713671467156716671767186719672067216722672367246725672667276728672967306731673267336734673567366737673867396740674167426743674467456746674767486749675067516752675367546755675667576758675967606761676267636764676567666767676867696770677167726773677467756776677767786779678067816782678367846785678667876788678967906791679267936794679567966797679867996800680168026803680468056806680768086809681068116812681368146815681668176818681968206821682268236824682568266827682868296830683168326833683468356836683768386839684068416842684368446845684668476848684968506851685268536854685568566857685868596860686168626863686468656866686768686869687068716872687368746875687668776878687968806881688268836884688568866887688868896890689168926893689468956896689768986899690069016902690369046905690669076908690969106911691269136914691569166917691869196920692169226923692469256926692769286929693069316932693369346935693669376938693969406941694269436944694569466947694869496950695169526953695469556956695769586959696069616962696369646965696669676968696969706971697269736974697569766977697869796980698169826983698469856986698769886989699069916992699369946995699669976998699970007001700270037004700570067007700870097010701170127013701470157016701770187019702070217022702370247025702670277028702970307031703270337034703570367037703870397040704170427043704470457046704770487049705070517052705370547055705670577058705970607061706270637064706570667067706870697070707170727073707470757076707770787079708070817082708370847085708670877088708970907091709270937094709570967097709870997100710171027103710471057106710771087109711071117112711371147115711671177118711971207121712271237124712571267127712871297130713171327133713471357136713771387139714071417142714371447145714671477148714971507151715271537154715571567157715871597160716171627163716471657166716771687169717071717172717371747175717671777178717971807181718271837184718571867187718871897190719171927193719471957196719771987199720072017202720372047205720672077208720972107211721272137214721572167217721872197220722172227223722472257226722772287229723072317232723372347235723672377238723972407241724272437244724572467247724872497250725172527253725472557256725772587259726072617262726372647265726672677268726972707271727272737274727572767277727872797280728172827283728472857286728772887289729072917292729372947295729672977298729973007301730273037304730573067307730873097310731173127313731473157316731773187319732073217322732373247325732673277328732973307331733273337334733573367337733873397340734173427343734473457346734773487349735073517352735373547355735673577358735973607361736273637364736573667367736873697370737173727373737473757376737773787379738073817382738373847385738673877388738973907391739273937394739573967397739873997400740174027403740474057406740774087409741074117412741374147415741674177418741974207421742274237424742574267427742874297430743174327433743474357436743774387439744074417442744374447445744674477448744974507451745274537454745574567457745874597460746174627463746474657466746774687469747074717472747374747475747674777478747974807481748274837484748574867487748874897490749174927493749474957496749774987499750075017502750375047505750675077508750975107511751275137514751575167517751875197520752175227523752475257526752775287529753075317532753375347535753675377538753975407541754275437544754575467547754875497550755175527553755475557556755775587559756075617562756375647565756675677568756975707571757275737574757575767577757875797580758175827583758475857586758775887589759075917592759375947595759675977598759976007601760276037604760576067607760876097610761176127613761476157616761776187619762076217622762376247625762676277628762976307631763276337634763576367637763876397640764176427643764476457646764776487649765076517652765376547655765676577658765976607661766276637664766576667667766876697670767176727673767476757676767776787679768076817682768376847685768676877688768976907691769276937694769576967697769876997700770177027703770477057706770777087709771077117712771377147715771677177718771977207721772277237724772577267727772877297730773177327733773477357736773777387739774077417742774377447745774677477748774977507751775277537754775577567757775877597760776177627763776477657766776777687769777077717772777377747775777677777778777977807781778277837784778577867787778877897790779177927793779477957796779777987799780078017802780378047805780678077808780978107811781278137814781578167817781878197820782178227823782478257826782778287829783078317832783378347835783678377838783978407841784278437844784578467847784878497850785178527853785478557856785778587859786078617862786378647865786678677868786978707871787278737874787578767877787878797880788178827883788478857886788778887889789078917892789378947895789678977898789979007901790279037904790579067907790879097910791179127913791479157916791779187919792079217922792379247925792679277928792979307931793279337934793579367937793879397940794179427943794479457946794779487949795079517952795379547955795679577958795979607961796279637964796579667967796879697970797179727973797479757976797779787979798079817982798379847985798679877988798979907991799279937994799579967997799879998000800180028003800480058006800780088009801080118012801380148015801680178018801980208021802280238024802580268027802880298030803180328033803480358036803780388039804080418042804380448045804680478048804980508051805280538054805580568057805880598060806180628063806480658066806780688069807080718072807380748075807680778078807980808081808280838084808580868087808880898090809180928093809480958096809780988099810081018102810381048105810681078108810981108111811281138114811581168117811881198120812181228123812481258126812781288129813081318132813381348135813681378138813981408141814281438144814581468147814881498150815181528153815481558156815781588159816081618162816381648165816681678168816981708171817281738174817581768177817881798180818181828183818481858186818781888189819081918192819381948195819681978198819982008201820282038204820582068207820882098210821182128213821482158216821782188219822082218222822382248225822682278228822982308231823282338234823582368237823882398240824182428243824482458246824782488249825082518252825382548255825682578258825982608261826282638264826582668267826882698270827182728273827482758276827782788279828082818282828382848285828682878288828982908291829282938294829582968297829882998300830183028303830483058306830783088309831083118312831383148315831683178318831983208321832283238324832583268327832883298330833183328333833483358336833783388339834083418342834383448345834683478348834983508351835283538354835583568357835883598360836183628363836483658366836783688369837083718372837383748375837683778378837983808381838283838384838583868387838883898390839183928393839483958396839783988399840084018402840384048405840684078408840984108411841284138414841584168417841884198420842184228423842484258426842784288429843084318432843384348435843684378438843984408441844284438444844584468447844884498450845184528453845484558456845784588459846084618462846384648465846684678468846984708471847284738474847584768477847884798480848184828483848484858486848784888489849084918492849384948495849684978498849985008501850285038504850585068507850885098510851185128513851485158516851785188519852085218522852385248525852685278528852985308531853285338534853585368537853885398540854185428543854485458546854785488549855085518552855385548555855685578558855985608561856285638564856585668567856885698570857185728573857485758576857785788579858085818582858385848585858685878588858985908591859285938594859585968597859885998600860186028603860486058606860786088609861086118612861386148615861686178618861986208621862286238624862586268627862886298630863186328633863486358636863786388639864086418642864386448645864686478648864986508651865286538654865586568657865886598660866186628663866486658666866786688669867086718672867386748675867686778678867986808681868286838684868586868687868886898690869186928693869486958696869786988699870087018702870387048705870687078708870987108711871287138714871587168717871887198720872187228723872487258726872787288729873087318732873387348735873687378738873987408741874287438744874587468747874887498750875187528753875487558756875787588759876087618762876387648765876687678768876987708771877287738774877587768777877887798780878187828783878487858786878787888789879087918792879387948795879687978798879988008801880288038804880588068807880888098810881188128813881488158816881788188819882088218822882388248825882688278828882988308831883288338834883588368837883888398840884188428843884488458846884788488849885088518852885388548855885688578858885988608861886288638864886588668867886888698870887188728873887488758876887788788879888088818882888388848885888688878888888988908891889288938894889588968897889888998900890189028903890489058906890789088909891089118912891389148915891689178918891989208921892289238924892589268927892889298930893189328933893489358936893789388939894089418942894389448945894689478948894989508951895289538954895589568957895889598960896189628963896489658966896789688969897089718972897389748975897689778978897989808981898289838984898589868987898889898990899189928993899489958996899789988999900090019002900390049005900690079008900990109011901290139014901590169017901890199020902190229023902490259026902790289029903090319032903390349035903690379038903990409041904290439044904590469047904890499050905190529053905490559056905790589059906090619062906390649065906690679068906990709071907290739074907590769077907890799080908190829083908490859086908790889089909090919092909390949095909690979098909991009101910291039104910591069107910891099110911191129113911491159116911791189119912091219122912391249125912691279128912991309131913291339134913591369137913891399140914191429143914491459146914791489149915091519152915391549155915691579158915991609161916291639164916591669167916891699170917191729173917491759176917791789179918091819182918391849185918691879188918991909191919291939194919591969197919891999200920192029203920492059206920792089209921092119212921392149215921692179218921992209221922292239224922592269227922892299230923192329233923492359236923792389239924092419242924392449245924692479248924992509251925292539254925592569257925892599260926192629263926492659266926792689269927092719272927392749275927692779278927992809281928292839284928592869287928892899290929192929293929492959296929792989299930093019302930393049305930693079308930993109311931293139314931593169317931893199320932193229323932493259326932793289329933093319332933393349335933693379338933993409341934293439344934593469347934893499350935193529353935493559356935793589359936093619362936393649365936693679368936993709371937293739374937593769377937893799380938193829383938493859386938793889389939093919392939393949395939693979398939994009401940294039404940594069407940894099410941194129413941494159416941794189419942094219422942394249425942694279428942994309431943294339434943594369437943894399440944194429443944494459446944794489449945094519452945394549455945694579458945994609461946294639464946594669467946894699470947194729473947494759476947794789479948094819482948394849485948694879488948994909491949294939494949594969497949894999500950195029503950495059506950795089509951095119512951395149515951695179518951995209521952295239524952595269527952895299530953195329533953495359536953795389539954095419542954395449545954695479548954995509551955295539554955595569557955895599560956195629563956495659566956795689569957095719572957395749575957695779578957995809581958295839584958595869587958895899590959195929593959495959596959795989599960096019602960396049605960696079608960996109611961296139614961596169617961896199620962196229623962496259626962796289629963096319632963396349635963696379638963996409641964296439644964596469647964896499650965196529653965496559656965796589659966096619662966396649665966696679668966996709671967296739674967596769677967896799680968196829683968496859686968796889689969096919692969396949695969696979698969997009701970297039704970597069707970897099710971197129713971497159716971797189719972097219722972397249725972697279728972997309731973297339734973597369737973897399740974197429743974497459746974797489749975097519752975397549755975697579758975997609761976297639764976597669767976897699770977197729773977497759776977797789779978097819782978397849785978697879788978997909791979297939794979597969797979897999800980198029803980498059806980798089809981098119812981398149815981698179818981998209821982298239824982598269827982898299830983198329833983498359836983798389839984098419842984398449845984698479848984998509851985298539854985598569857985898599860986198629863986498659866986798689869987098719872987398749875987698779878987998809881988298839884988598869887988898899890989198929893989498959896989798989899990099019902990399049905990699079908990999109911991299139914991599169917991899199920992199229923992499259926992799289929993099319932993399349935993699379938993999409941994299439944994599469947994899499950995199529953995499559956995799589959996099619962996399649965996699679968996999709971997299739974997599769977997899799980998199829983998499859986998799889989999099919992999399949995999699979998999910000100011000210003100041000510006100071000810009100101001110012100131001410015100161001710018100191002010021100221002310024100251002610027100281002910030100311003210033100341003510036100371003810039100401004110042100431004410045100461004710048100491005010051100521005310054100551005610057100581005910060100611006210063100641006510066100671006810069100701007110072100731007410075100761007710078100791008010081100821008310084100851008610087100881008910090100911009210093100941009510096100971009810099101001010110102101031010410105101061010710108101091011010111101121011310114101151011610117101181011910120101211012210123101241012510126101271012810129101301013110132101331013410135101361013710138101391014010141101421014310144101451014610147101481014910150101511015210153101541015510156101571015810159101601016110162101631016410165101661016710168101691017010171101721017310174101751017610177101781017910180101811018210183101841018510186101871018810189101901019110192101931019410195101961019710198101991020010201102021020310204102051020610207102081020910210102111021210213102141021510216102171021810219102201022110222102231022410225102261022710228102291023010231102321023310234102351023610237102381023910240102411024210243102441024510246102471024810249102501025110252102531025410255102561025710258102591026010261102621026310264102651026610267102681026910270102711027210273102741027510276102771027810279102801028110282102831028410285102861028710288102891029010291102921029310294102951029610297102981029910300103011030210303103041030510306103071030810309103101031110312103131031410315103161031710318103191032010321103221032310324103251032610327103281032910330103311033210333103341033510336103371033810339103401034110342103431034410345103461034710348103491035010351103521035310354103551035610357103581035910360103611036210363103641036510366103671036810369103701037110372103731037410375103761037710378103791038010381103821038310384103851038610387103881038910390103911039210393103941039510396103971039810399104001040110402104031040410405104061040710408104091041010411104121041310414104151041610417104181041910420104211042210423104241042510426104271042810429104301043110432104331043410435104361043710438104391044010441104421044310444104451044610447104481044910450104511045210453104541045510456104571045810459104601046110462104631046410465104661046710468104691047010471104721047310474104751047610477104781047910480104811048210483104841048510486104871048810489104901049110492104931049410495104961049710498104991050010501105021050310504105051050610507105081050910510105111051210513105141051510516105171051810519105201052110522105231052410525105261052710528105291053010531105321053310534105351053610537105381053910540105411054210543105441054510546105471054810549105501055110552105531055410555105561055710558105591056010561105621056310564105651056610567105681056910570105711057210573105741057510576105771057810579105801058110582105831058410585105861058710588105891059010591105921059310594105951059610597105981059910600106011060210603106041060510606106071060810609106101061110612106131061410615106161061710618106191062010621106221062310624106251062610627106281062910630106311063210633106341063510636106371063810639106401064110642106431064410645106461064710648106491065010651106521065310654106551065610657106581065910660106611066210663106641066510666106671066810669106701067110672106731067410675106761067710678106791068010681106821068310684106851068610687106881068910690106911069210693106941069510696106971069810699107001070110702107031070410705107061070710708107091071010711107121071310714107151071610717107181071910720107211072210723107241072510726107271072810729107301073110732107331073410735107361073710738107391074010741107421074310744107451074610747107481074910750107511075210753107541075510756107571075810759107601076110762107631076410765107661076710768107691077010771107721077310774107751077610777107781077910780107811078210783107841078510786107871078810789107901079110792107931079410795107961079710798107991080010801108021080310804108051080610807108081080910810108111081210813108141081510816108171081810819108201082110822108231082410825108261082710828108291083010831108321083310834108351083610837108381083910840108411084210843108441084510846108471084810849108501085110852108531085410855108561085710858108591086010861108621086310864108651086610867108681086910870108711087210873108741087510876108771087810879108801088110882108831088410885108861088710888108891089010891108921089310894108951089610897108981089910900109011090210903109041090510906109071090810909109101091110912109131091410915109161091710918109191092010921109221092310924109251092610927109281092910930109311093210933109341093510936109371093810939109401094110942109431094410945109461094710948109491095010951109521095310954109551095610957109581095910960109611096210963109641096510966109671096810969109701097110972109731097410975109761097710978109791098010981109821098310984109851098610987109881098910990109911099210993109941099510996109971099810999110001100111002110031100411005110061100711008110091101011011110121101311014110151101611017110181101911020110211102211023110241102511026110271102811029110301103111032110331103411035110361103711038110391104011041110421104311044110451104611047110481104911050110511105211053110541105511056110571105811059110601106111062110631106411065110661106711068110691107011071110721107311074110751107611077110781107911080110811108211083110841108511086110871108811089110901109111092110931109411095110961109711098110991110011101111021110311104111051110611107111081110911110111111111211113111141111511116111171111811119111201112111122111231112411125111261112711128111291113011131111321113311134111351113611137111381113911140111411114211143111441114511146111471114811149111501115111152111531115411155111561115711158111591116011161111621116311164111651116611167111681116911170111711117211173111741117511176111771117811179111801118111182111831118411185111861118711188111891119011191111921119311194111951119611197111981119911200112011120211203112041120511206112071120811209112101121111212112131121411215112161121711218112191122011221112221122311224112251122611227112281122911230112311123211233112341123511236112371123811239112401124111242112431124411245112461124711248112491125011251112521125311254112551125611257112581125911260112611126211263112641126511266112671126811269112701127111272112731127411275112761127711278112791128011281112821128311284112851128611287112881128911290112911129211293112941129511296112971129811299113001130111302113031130411305113061130711308113091131011311113121131311314113151131611317113181131911320113211132211323113241132511326113271132811329113301133111332113331133411335113361133711338113391134011341113421134311344113451134611347113481134911350113511135211353113541135511356113571135811359113601136111362113631136411365113661136711368113691137011371113721137311374113751137611377113781137911380113811138211383113841138511386113871138811389113901139111392113931139411395113961139711398113991140011401114021140311404114051140611407114081140911410114111141211413114141141511416114171141811419114201142111422114231142411425114261142711428114291143011431114321143311434114351143611437114381143911440114411144211443114441144511446114471144811449114501145111452114531145411455114561145711458114591146011461114621146311464114651146611467114681146911470114711147211473114741147511476114771147811479114801148111482114831148411485114861148711488114891149011491114921149311494114951149611497114981149911500115011150211503115041150511506115071150811509115101151111512115131151411515115161151711518115191152011521115221152311524115251152611527115281152911530115311153211533115341153511536115371153811539115401154111542115431154411545115461154711548115491155011551115521155311554115551155611557115581155911560115611156211563115641156511566115671156811569115701157111572115731157411575115761157711578115791158011581115821158311584115851158611587115881158911590115911159211593115941159511596115971159811599116001160111602116031160411605116061160711608116091161011611116121161311614116151161611617116181161911620116211162211623116241162511626116271162811629116301163111632116331163411635116361163711638116391164011641116421164311644116451164611647116481164911650116511165211653116541165511656116571165811659116601166111662116631166411665116661166711668116691167011671116721167311674116751167611677116781167911680116811168211683116841168511686116871168811689116901169111692116931169411695116961169711698116991170011701117021170311704117051170611707117081170911710117111171211713117141171511716117171171811719117201172111722117231172411725117261172711728117291173011731117321173311734117351173611737117381173911740117411174211743117441174511746117471174811749117501175111752117531175411755117561175711758117591176011761117621176311764117651176611767117681176911770117711177211773117741177511776117771177811779117801178111782117831178411785117861178711788117891179011791117921179311794117951179611797117981179911800118011180211803118041180511806118071180811809118101181111812118131181411815118161181711818118191182011821118221182311824118251182611827118281182911830118311183211833118341183511836118371183811839118401184111842118431184411845118461184711848118491185011851118521185311854118551185611857118581185911860118611186211863118641186511866118671186811869118701187111872118731187411875118761187711878118791188011881118821188311884118851188611887118881188911890118911189211893118941189511896118971189811899119001190111902119031190411905119061190711908119091191011911119121191311914119151191611917119181191911920119211192211923119241192511926119271192811929119301193111932119331193411935119361193711938119391194011941119421194311944119451194611947119481194911950119511195211953119541195511956119571195811959119601196111962119631196411965119661196711968119691197011971119721197311974119751197611977119781197911980119811198211983119841198511986119871198811989119901199111992119931199411995119961199711998119991200012001120021200312004120051200612007120081200912010120111201212013120141201512016120171201812019120201202112022120231202412025120261202712028120291203012031120321203312034120351203612037120381203912040120411204212043120441204512046120471204812049120501205112052120531205412055120561205712058120591206012061120621206312064120651206612067120681206912070120711207212073120741207512076120771207812079120801208112082120831208412085120861208712088120891209012091120921209312094120951209612097120981209912100121011210212103121041210512106121071210812109121101211112112121131211412115121161211712118121191212012121121221212312124121251212612127121281212912130121311213212133121341213512136121371213812139121401214112142121431214412145121461214712148121491215012151121521215312154121551215612157121581215912160121611216212163121641216512166121671216812169121701217112172121731217412175121761217712178121791218012181121821218312184121851218612187121881218912190121911219212193121941219512196121971219812199122001220112202122031220412205122061220712208122091221012211122121221312214122151221612217122181221912220122211222212223122241222512226122271222812229122301223112232122331223412235122361223712238122391224012241122421224312244122451224612247122481224912250122511225212253122541225512256122571225812259122601226112262122631226412265122661226712268122691227012271122721227312274122751227612277122781227912280122811228212283122841228512286122871228812289122901229112292122931229412295122961229712298122991230012301123021230312304123051230612307123081230912310123111231212313123141231512316123171231812319123201232112322123231232412325123261232712328123291233012331123321233312334123351233612337123381233912340123411234212343123441234512346123471234812349123501235112352123531235412355123561235712358123591236012361123621236312364123651236612367123681236912370123711237212373123741237512376123771237812379123801238112382123831238412385123861238712388123891239012391123921239312394123951239612397123981239912400124011240212403124041240512406124071240812409124101241112412124131241412415124161241712418124191242012421124221242312424124251242612427124281242912430124311243212433124341243512436124371243812439124401244112442124431244412445124461244712448124491245012451124521245312454124551245612457124581245912460124611246212463124641246512466124671246812469124701247112472124731247412475124761247712478124791248012481124821248312484124851248612487124881248912490124911249212493124941249512496124971249812499125001250112502125031250412505125061250712508125091251012511125121251312514125151251612517125181251912520125211252212523125241252512526125271252812529125301253112532125331253412535125361253712538125391254012541125421254312544125451254612547125481254912550125511255212553125541255512556125571255812559125601256112562125631256412565125661256712568125691257012571125721257312574125751257612577125781257912580125811258212583125841258512586125871258812589125901259112592125931259412595125961259712598125991260012601126021260312604126051260612607126081260912610126111261212613126141261512616126171261812619126201262112622126231262412625126261262712628126291263012631126321263312634126351263612637126381263912640126411264212643126441264512646126471264812649126501265112652126531265412655126561265712658126591266012661126621266312664126651266612667126681266912670126711267212673126741267512676126771267812679126801268112682126831268412685126861268712688126891269012691126921269312694126951269612697126981269912700127011270212703127041270512706127071270812709127101271112712127131271412715127161271712718127191272012721127221272312724127251272612727127281272912730127311273212733127341273512736127371273812739127401274112742127431274412745127461274712748127491275012751127521275312754127551275612757127581275912760127611276212763127641276512766127671276812769127701277112772127731277412775127761277712778127791278012781127821278312784127851278612787127881278912790127911279212793127941279512796127971279812799128001280112802128031280412805128061280712808128091281012811128121281312814128151281612817128181281912820128211282212823128241282512826128271282812829128301283112832128331283412835128361283712838128391284012841128421284312844128451284612847128481284912850128511285212853128541285512856128571285812859128601286112862128631286412865128661286712868128691287012871128721287312874128751287612877128781287912880128811288212883128841288512886128871288812889128901289112892128931289412895128961289712898128991290012901129021290312904129051290612907129081290912910129111291212913129141291512916129171291812919129201292112922129231292412925129261292712928129291293012931129321293312934129351293612937129381293912940129411294212943129441294512946129471294812949129501295112952129531295412955129561295712958129591296012961129621296312964129651296612967129681296912970129711297212973129741297512976129771297812979129801298112982129831298412985129861298712988129891299012991129921299312994129951299612997129981299913000130011300213003130041300513006130071300813009130101301113012130131301413015130161301713018130191302013021130221302313024130251302613027130281302913030130311303213033130341303513036130371303813039130401304113042130431304413045130461304713048130491305013051130521305313054130551305613057130581305913060130611306213063130641306513066130671306813069130701307113072130731307413075130761307713078130791308013081130821308313084130851308613087130881308913090130911309213093130941309513096130971309813099131001310113102131031310413105131061310713108131091311013111131121311313114131151311613117131181311913120131211312213123131241312513126131271312813129131301313113132131331313413135131361313713138131391314013141131421314313144131451314613147131481314913150131511315213153131541315513156131571315813159131601316113162131631316413165131661316713168131691317013171131721317313174131751317613177131781317913180131811318213183131841318513186131871318813189131901319113192131931319413195131961319713198131991320013201132021320313204132051320613207132081320913210132111321213213132141321513216132171321813219132201322113222132231322413225132261322713228132291323013231132321323313234132351323613237132381323913240132411324213243132441324513246132471324813249132501325113252132531325413255132561325713258132591326013261132621326313264132651326613267132681326913270132711327213273132741327513276132771327813279132801328113282132831328413285132861328713288132891329013291132921329313294132951329613297132981329913300133011330213303133041330513306133071330813309133101331113312133131331413315133161331713318133191332013321133221332313324133251332613327133281332913330133311333213333133341333513336133371333813339133401334113342133431334413345133461334713348133491335013351133521335313354133551335613357133581335913360133611336213363133641336513366133671336813369133701337113372133731337413375133761337713378133791338013381133821338313384133851338613387133881338913390133911339213393133941339513396133971339813399134001340113402134031340413405134061340713408134091341013411134121341313414134151341613417134181341913420134211342213423134241342513426134271342813429134301343113432134331343413435134361343713438134391344013441134421344313444134451344613447134481344913450134511345213453134541345513456134571345813459134601346113462134631346413465134661346713468134691347013471134721347313474134751347613477134781347913480134811348213483134841348513486134871348813489134901349113492134931349413495134961349713498134991350013501135021350313504135051350613507135081350913510135111351213513135141351513516135171351813519135201352113522135231352413525135261352713528135291353013531135321353313534135351353613537135381353913540135411354213543135441354513546135471354813549135501355113552135531355413555135561355713558135591356013561135621356313564135651356613567135681356913570135711357213573135741357513576135771357813579135801358113582135831358413585135861358713588135891359013591135921359313594135951359613597135981359913600136011360213603136041360513606136071360813609136101361113612136131361413615136161361713618136191362013621136221362313624136251362613627136281362913630136311363213633136341363513636136371363813639136401364113642136431364413645136461364713648136491365013651136521365313654136551365613657136581365913660136611366213663136641366513666136671366813669136701367113672136731367413675136761367713678136791368013681136821368313684136851368613687136881368913690136911369213693136941369513696136971369813699137001370113702137031370413705137061370713708137091371013711137121371313714137151371613717137181371913720137211372213723137241372513726137271372813729137301373113732137331373413735137361373713738137391374013741137421374313744137451374613747137481374913750137511375213753137541375513756137571375813759137601376113762137631376413765137661376713768137691377013771137721377313774137751377613777137781377913780137811378213783137841378513786137871378813789137901379113792137931379413795137961379713798137991380013801138021380313804138051380613807138081380913810138111381213813138141381513816138171381813819138201382113822138231382413825138261382713828138291383013831138321383313834138351383613837138381383913840138411384213843138441384513846138471384813849138501385113852138531385413855138561385713858138591386013861138621386313864138651386613867138681386913870138711387213873138741387513876138771387813879138801388113882138831388413885138861388713888138891389013891138921389313894138951389613897138981389913900139011390213903139041390513906139071390813909139101391113912139131391413915139161391713918139191392013921139221392313924139251392613927139281392913930139311393213933139341393513936139371393813939139401394113942139431394413945139461394713948139491395013951139521395313954139551395613957139581395913960139611396213963139641396513966139671396813969139701397113972139731397413975139761397713978139791398013981139821398313984139851398613987139881398913990139911399213993139941399513996139971399813999140001400114002140031400414005140061400714008140091401014011140121401314014140151401614017140181401914020140211402214023140241402514026140271402814029140301403114032140331403414035140361403714038140391404014041140421404314044140451404614047140481404914050140511405214053140541405514056140571405814059140601406114062140631406414065140661406714068140691407014071140721407314074140751407614077140781407914080140811408214083140841408514086140871408814089140901409114092140931409414095140961409714098140991410014101141021410314104141051410614107141081410914110141111411214113141141411514116141171411814119141201412114122141231412414125141261412714128141291413014131141321413314134141351413614137141381413914140141411414214143141441414514146141471414814149141501415114152141531415414155141561415714158141591416014161141621416314164141651416614167141681416914170141711417214173141741417514176141771417814179141801418114182141831418414185141861418714188141891419014191141921419314194141951419614197141981419914200142011420214203142041420514206142071420814209142101421114212142131421414215142161421714218142191422014221142221422314224142251422614227142281422914230142311423214233142341423514236142371423814239142401424114242142431424414245142461424714248142491425014251142521425314254142551425614257142581425914260142611426214263142641426514266142671426814269142701427114272142731427414275142761427714278142791428014281142821428314284142851428614287142881428914290142911429214293142941429514296142971429814299143001430114302143031430414305143061430714308143091431014311143121431314314143151431614317143181431914320143211432214323143241432514326143271432814329143301433114332143331433414335143361433714338143391434014341143421434314344143451434614347143481434914350143511435214353143541435514356143571435814359143601436114362143631436414365143661436714368143691437014371143721437314374143751437614377143781437914380143811438214383143841438514386143871438814389143901439114392143931439414395143961439714398143991440014401144021440314404144051440614407144081440914410144111441214413144141441514416144171441814419144201442114422144231442414425144261442714428144291443014431144321443314434144351443614437144381443914440144411444214443144441444514446144471444814449144501445114452144531445414455144561445714458144591446014461144621446314464144651446614467144681446914470144711447214473144741447514476144771447814479144801448114482144831448414485144861448714488144891449014491144921449314494144951449614497144981449914500145011450214503145041450514506145071450814509145101451114512145131451414515145161451714518145191452014521145221452314524145251452614527145281452914530145311453214533145341453514536145371453814539145401454114542145431454414545145461454714548145491455014551145521455314554145551455614557145581455914560145611456214563145641456514566145671456814569145701457114572145731457414575145761457714578145791458014581145821458314584145851458614587145881458914590145911459214593145941459514596145971459814599146001460114602146031460414605146061460714608146091461014611146121461314614146151461614617146181461914620146211462214623146241462514626146271462814629146301463114632146331463414635146361463714638146391464014641146421464314644146451464614647146481464914650146511465214653146541465514656146571465814659146601466114662146631466414665146661466714668146691467014671146721467314674146751467614677146781467914680146811468214683146841468514686146871468814689146901469114692146931469414695146961469714698146991470014701147021470314704147051470614707147081470914710147111471214713147141471514716147171471814719147201472114722147231472414725147261472714728147291473014731147321473314734147351473614737147381473914740147411474214743147441474514746147471474814749147501475114752147531475414755147561475714758147591476014761147621476314764147651476614767147681476914770147711477214773147741477514776147771477814779147801478114782147831478414785147861478714788147891479014791147921479314794147951479614797147981479914800148011480214803148041480514806148071480814809148101481114812148131481414815148161481714818148191482014821148221482314824148251482614827148281482914830148311483214833148341483514836148371483814839148401484114842148431484414845148461484714848148491485014851148521485314854148551485614857148581485914860148611486214863148641486514866148671486814869148701487114872148731487414875148761487714878148791488014881148821488314884148851488614887148881488914890148911489214893148941489514896148971489814899149001490114902149031490414905149061490714908149091491014911149121491314914149151491614917149181491914920149211492214923149241492514926149271492814929149301493114932149331493414935149361493714938149391494014941149421494314944149451494614947149481494914950149511495214953149541495514956149571495814959149601496114962149631496414965149661496714968149691497014971149721497314974149751497614977149781497914980149811498214983149841498514986149871498814989149901499114992149931499414995149961499714998149991500015001150021500315004150051500615007150081500915010150111501215013150141501515016150171501815019150201502115022150231502415025150261502715028150291503015031150321503315034150351503615037150381503915040150411504215043150441504515046150471504815049150501505115052150531505415055150561505715058150591506015061150621506315064150651506615067150681506915070150711507215073150741507515076150771507815079150801508115082150831508415085150861508715088150891509015091150921509315094150951509615097150981509915100151011510215103151041510515106151071510815109151101511115112151131511415115151161511715118151191512015121151221512315124151251512615127151281512915130151311513215133151341513515136151371513815139151401514115142151431514415145151461514715148151491515015151151521515315154151551515615157151581515915160151611516215163151641516515166151671516815169151701517115172151731517415175151761517715178151791518015181151821518315184151851518615187151881518915190151911519215193151941519515196151971519815199152001520115202152031520415205152061520715208152091521015211152121521315214152151521615217152181521915220152211522215223152241522515226152271522815229152301523115232152331523415235152361523715238152391524015241152421524315244152451524615247152481524915250152511525215253152541525515256152571525815259152601526115262152631526415265152661526715268152691527015271152721527315274152751527615277152781527915280152811528215283152841528515286152871528815289152901529115292152931529415295152961529715298152991530015301153021530315304153051530615307153081530915310153111531215313153141531515316153171531815319153201532115322153231532415325153261532715328153291533015331153321533315334153351533615337153381533915340153411534215343153441534515346153471534815349153501535115352153531535415355153561535715358153591536015361153621536315364153651536615367153681536915370153711537215373153741537515376153771537815379153801538115382153831538415385153861538715388153891539015391153921539315394153951539615397153981539915400154011540215403154041540515406154071540815409154101541115412154131541415415154161541715418154191542015421154221542315424154251542615427154281542915430154311543215433154341543515436154371543815439154401544115442154431544415445154461544715448154491545015451154521545315454154551545615457154581545915460154611546215463154641546515466154671546815469154701547115472154731547415475154761547715478154791548015481154821548315484154851548615487154881548915490154911549215493154941549515496154971549815499155001550115502155031550415505155061550715508155091551015511155121551315514155151551615517155181551915520155211552215523155241552515526155271552815529155301553115532155331553415535155361553715538155391554015541155421554315544155451554615547155481554915550155511555215553155541555515556155571555815559155601556115562155631556415565155661556715568155691557015571155721557315574155751557615577155781557915580155811558215583155841558515586155871558815589155901559115592155931559415595155961559715598155991560015601156021560315604156051560615607156081560915610156111561215613156141561515616156171561815619156201562115622156231562415625156261562715628156291563015631156321563315634156351563615637156381563915640156411564215643156441564515646156471564815649156501565115652156531565415655156561565715658156591566015661156621566315664156651566615667156681566915670156711567215673156741567515676156771567815679156801568115682156831568415685156861568715688156891569015691156921569315694156951569615697156981569915700157011570215703157041570515706157071570815709157101571115712157131571415715157161571715718157191572015721157221572315724157251572615727157281572915730157311573215733157341573515736157371573815739157401574115742157431574415745157461574715748157491575015751157521575315754157551575615757157581575915760157611576215763157641576515766157671576815769157701577115772157731577415775157761577715778157791578015781157821578315784157851578615787157881578915790157911579215793157941579515796157971579815799158001580115802158031580415805158061580715808158091581015811158121581315814158151581615817158181581915820158211582215823158241582515826158271582815829158301583115832158331583415835158361583715838158391584015841158421584315844158451584615847158481584915850158511585215853158541585515856158571585815859158601586115862158631586415865158661586715868158691587015871158721587315874158751587615877158781587915880158811588215883158841588515886158871588815889158901589115892158931589415895158961589715898158991590015901159021590315904159051590615907159081590915910159111591215913159141591515916159171591815919159201592115922159231592415925159261592715928159291593015931159321593315934159351593615937159381593915940159411594215943159441594515946159471594815949159501595115952159531595415955159561595715958159591596015961159621596315964159651596615967159681596915970159711597215973159741597515976159771597815979159801598115982159831598415985159861598715988159891599015991159921599315994159951599615997159981599916000160011600216003160041600516006160071600816009160101601116012160131601416015160161601716018160191602016021160221602316024160251602616027160281602916030160311603216033160341603516036160371603816039160401604116042160431604416045160461604716048160491605016051160521605316054160551605616057160581605916060160611606216063160641606516066160671606816069160701607116072160731607416075160761607716078160791608016081160821608316084160851608616087160881608916090160911609216093160941609516096160971609816099161001610116102161031610416105161061610716108161091611016111161121611316114161151611616117161181611916120161211612216123161241612516126161271612816129161301613116132161331613416135161361613716138161391614016141161421614316144161451614616147161481614916150161511615216153161541615516156161571615816159161601616116162161631616416165161661616716168161691617016171161721617316174161751617616177161781617916180161811618216183161841618516186161871618816189161901619116192161931619416195161961619716198161991620016201162021620316204162051620616207162081620916210162111621216213162141621516216162171621816219162201622116222162231622416225162261622716228162291623016231162321623316234162351623616237162381623916240162411624216243162441624516246162471624816249162501625116252162531625416255162561625716258162591626016261162621626316264162651626616267162681626916270162711627216273162741627516276162771627816279162801628116282162831628416285162861628716288162891629016291162921629316294162951629616297162981629916300163011630216303163041630516306163071630816309163101631116312163131631416315163161631716318163191632016321163221632316324163251632616327163281632916330163311633216333163341633516336163371633816339163401634116342163431634416345163461634716348163491635016351163521635316354163551635616357163581635916360163611636216363163641636516366163671636816369163701637116372163731637416375163761637716378163791638016381163821638316384163851638616387163881638916390163911639216393163941639516396163971639816399164001640116402164031640416405164061640716408164091641016411164121641316414164151641616417164181641916420164211642216423164241642516426164271642816429164301643116432164331643416435164361643716438164391644016441164421644316444164451644616447164481644916450164511645216453164541645516456164571645816459164601646116462164631646416465164661646716468164691647016471164721647316474164751647616477164781647916480164811648216483164841648516486164871648816489164901649116492164931649416495164961649716498164991650016501165021650316504165051650616507165081650916510165111651216513165141651516516165171651816519165201652116522165231652416525165261652716528165291653016531165321653316534165351653616537165381653916540165411654216543165441654516546165471654816549165501655116552165531655416555165561655716558165591656016561165621656316564165651656616567165681656916570165711657216573165741657516576165771657816579165801658116582165831658416585165861658716588165891659016591165921659316594165951659616597165981659916600166011660216603166041660516606166071660816609166101661116612166131661416615166161661716618166191662016621166221662316624166251662616627166281662916630166311663216633166341663516636166371663816639166401664116642166431664416645166461664716648166491665016651166521665316654166551665616657166581665916660166611666216663166641666516666166671666816669166701667116672166731667416675166761667716678166791668016681166821668316684166851668616687166881668916690166911669216693166941669516696166971669816699167001670116702167031670416705167061670716708167091671016711167121671316714167151671616717167181671916720167211672216723167241672516726167271672816729167301673116732167331673416735167361673716738167391674016741167421674316744167451674616747167481674916750167511675216753167541675516756167571675816759167601676116762167631676416765167661676716768167691677016771167721677316774167751677616777167781677916780167811678216783167841678516786167871678816789167901679116792167931679416795167961679716798167991680016801168021680316804168051680616807168081680916810168111681216813168141681516816168171681816819168201682116822168231682416825168261682716828168291683016831168321683316834168351683616837168381683916840168411684216843168441684516846168471684816849168501685116852168531685416855168561685716858168591686016861168621686316864168651686616867168681686916870168711687216873168741687516876168771687816879168801688116882168831688416885168861688716888168891689016891168921689316894168951689616897168981689916900169011690216903169041690516906169071690816909169101691116912169131691416915169161691716918169191692016921169221692316924169251692616927169281692916930169311693216933169341693516936169371693816939169401694116942169431694416945169461694716948169491695016951169521695316954169551695616957169581695916960169611696216963169641696516966169671696816969169701697116972169731697416975169761697716978169791698016981169821698316984169851698616987169881698916990169911699216993169941699516996169971699816999170001700117002170031700417005170061700717008170091701017011170121701317014170151701617017170181701917020170211702217023170241702517026170271702817029170301703117032170331703417035170361703717038170391704017041170421704317044170451704617047170481704917050170511705217053170541705517056170571705817059170601706117062170631706417065170661706717068170691707017071170721707317074170751707617077170781707917080170811708217083170841708517086170871708817089170901709117092170931709417095170961709717098170991710017101171021710317104171051710617107171081710917110171111711217113171141711517116171171711817119171201712117122171231712417125171261712717128171291713017131171321713317134171351713617137171381713917140171411714217143171441714517146171471714817149171501715117152171531715417155171561715717158171591716017161171621716317164171651716617167171681716917170171711717217173171741717517176171771717817179171801718117182171831718417185171861718717188171891719017191171921719317194171951719617197171981719917200172011720217203172041720517206172071720817209172101721117212172131721417215172161721717218172191722017221172221722317224172251722617227172281722917230172311723217233172341723517236172371723817239172401724117242172431724417245172461724717248172491725017251172521725317254172551725617257172581725917260172611726217263172641726517266172671726817269172701727117272172731727417275172761727717278172791728017281172821728317284172851728617287172881728917290172911729217293172941729517296172971729817299173001730117302173031730417305173061730717308173091731017311173121731317314173151731617317173181731917320173211732217323173241732517326173271732817329173301733117332173331733417335173361733717338173391734017341173421734317344173451734617347173481734917350173511735217353173541735517356173571735817359173601736117362173631736417365173661736717368173691737017371173721737317374173751737617377173781737917380173811738217383173841738517386173871738817389173901739117392173931739417395173961739717398173991740017401174021740317404174051740617407174081740917410174111741217413174141741517416174171741817419174201742117422174231742417425174261742717428174291743017431174321743317434174351743617437174381743917440174411744217443174441744517446174471744817449174501745117452174531745417455174561745717458174591746017461174621746317464174651746617467174681746917470174711747217473174741747517476174771747817479174801748117482174831748417485174861748717488174891749017491174921749317494174951749617497174981749917500175011750217503175041750517506175071750817509175101751117512175131751417515175161751717518175191752017521175221752317524175251752617527175281752917530175311753217533175341753517536175371753817539175401754117542175431754417545175461754717548175491755017551175521755317554175551755617557175581755917560175611756217563175641756517566175671756817569175701757117572175731757417575175761757717578175791758017581175821758317584175851758617587175881758917590175911759217593175941759517596175971759817599176001760117602176031760417605176061760717608176091761017611176121761317614176151761617617176181761917620176211762217623176241762517626176271762817629176301763117632176331763417635176361763717638176391764017641176421764317644176451764617647176481764917650176511765217653176541765517656176571765817659176601766117662176631766417665176661766717668176691767017671176721767317674176751767617677176781767917680176811768217683176841768517686176871768817689176901769117692176931769417695176961769717698176991770017701177021770317704177051770617707177081770917710177111771217713177141771517716177171771817719177201772117722177231772417725177261772717728177291773017731177321773317734177351773617737177381773917740177411774217743177441774517746177471774817749177501775117752177531775417755177561775717758177591776017761177621776317764177651776617767177681776917770177711777217773177741777517776177771777817779177801778117782177831778417785177861778717788177891779017791177921779317794177951779617797177981779917800178011780217803178041780517806178071780817809178101781117812178131781417815178161781717818178191782017821178221782317824178251782617827178281782917830178311783217833178341783517836178371783817839178401784117842178431784417845178461784717848178491785017851178521785317854178551785617857178581785917860178611786217863178641786517866178671786817869178701787117872178731787417875178761787717878178791788017881178821788317884178851788617887178881788917890178911789217893178941789517896178971789817899179001790117902179031790417905179061790717908179091791017911179121791317914179151791617917179181791917920179211792217923179241792517926179271792817929179301793117932179331793417935179361793717938179391794017941179421794317944179451794617947179481794917950179511795217953179541795517956179571795817959179601796117962179631796417965179661796717968179691797017971179721797317974179751797617977179781797917980179811798217983179841798517986179871798817989179901799117992179931799417995179961799717998179991800018001180021800318004180051800618007180081800918010180111801218013180141801518016180171801818019180201802118022180231802418025180261802718028180291803018031180321803318034180351803618037180381803918040180411804218043180441804518046180471804818049180501805118052180531805418055180561805718058180591806018061180621806318064180651806618067180681806918070180711807218073180741807518076180771807818079180801808118082180831808418085180861808718088180891809018091180921809318094180951809618097180981809918100181011810218103181041810518106181071810818109181101811118112181131811418115181161811718118181191812018121181221812318124181251812618127181281812918130181311813218133181341813518136181371813818139181401814118142181431814418145181461814718148181491815018151181521815318154181551815618157181581815918160181611816218163181641816518166181671816818169181701817118172181731817418175181761817718178181791818018181181821818318184181851818618187181881818918190181911819218193181941819518196181971819818199182001820118202182031820418205182061820718208182091821018211182121821318214182151821618217182181821918220182211822218223182241822518226182271822818229182301823118232182331823418235182361823718238182391824018241182421824318244182451824618247182481824918250182511825218253182541825518256182571825818259182601826118262182631826418265182661826718268182691827018271182721827318274182751827618277182781827918280182811828218283182841828518286182871828818289182901829118292182931829418295182961829718298182991830018301183021830318304183051830618307183081830918310183111831218313183141831518316183171831818319183201832118322183231832418325183261832718328183291833018331183321833318334183351833618337183381833918340183411834218343183441834518346183471834818349183501835118352183531835418355183561835718358183591836018361183621836318364183651836618367183681836918370183711837218373183741837518376183771837818379183801838118382183831838418385183861838718388183891839018391183921839318394183951839618397183981839918400184011840218403184041840518406184071840818409184101841118412184131841418415184161841718418184191842018421184221842318424184251842618427184281842918430184311843218433184341843518436184371843818439184401844118442184431844418445184461844718448184491845018451184521845318454184551845618457184581845918460184611846218463184641846518466184671846818469184701847118472184731847418475184761847718478184791848018481184821848318484184851848618487184881848918490184911849218493184941849518496184971849818499185001850118502185031850418505185061850718508185091851018511185121851318514185151851618517185181851918520185211852218523185241852518526185271852818529185301853118532185331853418535185361853718538185391854018541185421854318544185451854618547185481854918550185511855218553185541855518556185571855818559185601856118562185631856418565185661856718568185691857018571185721857318574185751857618577185781857918580185811858218583185841858518586185871858818589185901859118592185931859418595185961859718598185991860018601186021860318604186051860618607186081860918610186111861218613186141861518616186171861818619186201862118622186231862418625186261862718628186291863018631186321863318634186351863618637186381863918640186411864218643186441864518646186471864818649186501865118652186531865418655186561865718658186591866018661186621866318664186651866618667186681866918670186711867218673186741867518676186771867818679186801868118682186831868418685186861868718688186891869018691186921869318694186951869618697186981869918700187011870218703187041870518706187071870818709187101871118712187131871418715187161871718718187191872018721187221872318724187251872618727187281872918730187311873218733187341873518736187371873818739187401874118742187431874418745187461874718748187491875018751187521875318754187551875618757187581875918760187611876218763187641876518766187671876818769187701877118772187731877418775187761877718778187791878018781187821878318784187851878618787187881878918790187911879218793187941879518796187971879818799188001880118802188031880418805188061880718808188091881018811188121881318814188151881618817188181881918820188211882218823188241882518826188271882818829188301883118832188331883418835188361883718838188391884018841 |
- /* asn.c
- *
- * Copyright (C) 2006-2021 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- /*
- DESCRIPTION
- This library provides the interface to Abstract Syntax Notation One (ASN.1) objects.
- ASN.1 is a standard interface description language for defining data structures
- that can be serialized and deserialized in a cross-platform way.
- */
- #ifdef HAVE_CONFIG_H
- #include <config.h>
- #endif
- #include <wolfssl/wolfcrypt/settings.h>
- /*
- ASN Options:
- * NO_ASN_TIME: Disables time parts of the ASN code for systems without an RTC
- or wishing to save space.
- * IGNORE_NAME_CONSTRAINTS: Skip ASN name checks.
- * ASN_DUMP_OID: Allows dump of OID information for debugging.
- * RSA_DECODE_EXTRA: Decodes extra information in RSA public key.
- * WOLFSSL_CERT_GEN: Cert generation. Saves extra certificate info in GetName.
- * WOLFSSL_NO_ASN_STRICT: Disable strict RFC compliance checks to
- restore 3.13.0 behavior.
- * WOLFSSL_NO_OCSP_OPTIONAL_CERTS: Skip optional OCSP certs (responder issuer
- must still be trusted)
- * WOLFSSL_NO_TRUSTED_CERTS_VERIFY: Workaround for situation where entire cert
- chain is not loaded. This only matches on subject and public key and
- does not perform a PKI validation, so it is not a secure solution.
- Only enabled for OCSP.
- * WOLFSSL_NO_OCSP_ISSUER_CHECK: Can be defined for backwards compatibility to
- disable checking of OCSP subject hash with issuer hash.
- * WOLFSSL_SMALL_CERT_VERIFY: Verify the certificate signature without using
- DecodedCert. Doubles up on some code but allows smaller dynamic memory
- usage.
- * WOLFSSL_NO_OCSP_DATE_CHECK: Disable date checks for OCSP responses. This
- may be required when the system's real-time clock is not very accurate.
- It is recommended to enforce the nonce check instead if possible.
- * WOLFSSL_FORCE_OCSP_NONCE_CHECK: Require nonces to be available in OCSP
- responses. The nonces are optional and may not be supported by all
- responders. If it can be ensured that the used responder sends nonces this
- option may improve security.
- */
- #ifndef NO_ASN
- #include <wolfssl/wolfcrypt/asn.h>
- #include <wolfssl/wolfcrypt/coding.h>
- #include <wolfssl/wolfcrypt/md2.h>
- #include <wolfssl/wolfcrypt/hmac.h>
- #include <wolfssl/wolfcrypt/error-crypt.h>
- #include <wolfssl/wolfcrypt/pwdbased.h>
- #include <wolfssl/wolfcrypt/des3.h>
- #include <wolfssl/wolfcrypt/aes.h>
- #include <wolfssl/wolfcrypt/rc2.h>
- #include <wolfssl/wolfcrypt/wc_encrypt.h>
- #include <wolfssl/wolfcrypt/logging.h>
- #include <wolfssl/wolfcrypt/random.h>
- #include <wolfssl/wolfcrypt/hash.h>
- #ifdef NO_INLINE
- #include <wolfssl/wolfcrypt/misc.h>
- #else
- #define WOLFSSL_MISC_INCLUDED
- #include <wolfcrypt/src/misc.c>
- #endif
- #ifndef NO_RC4
- #include <wolfssl/wolfcrypt/arc4.h>
- #endif
- #ifdef HAVE_NTRU
- #include "libntruencrypt/ntru_crypto.h"
- #endif
- #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
- #include <wolfssl/wolfcrypt/sha512.h>
- #endif
- #ifndef NO_SHA256
- #include <wolfssl/wolfcrypt/sha256.h>
- #endif
- #ifdef HAVE_ECC
- #include <wolfssl/wolfcrypt/ecc.h>
- #endif
- #ifdef HAVE_ED25519
- #include <wolfssl/wolfcrypt/ed25519.h>
- #endif
- #ifdef HAVE_ED448
- #include <wolfssl/wolfcrypt/ed448.h>
- #endif
- #ifdef WOLFSSL_QNX_CAAM
- #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
- #endif
- #ifndef NO_RSA
- #include <wolfssl/wolfcrypt/rsa.h>
- #if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_CRYPTOCELL)
- extern int wc_InitRsaHw(RsaKey* key);
- #endif
- #endif
- #ifndef NO_DSA
- #include <wolfssl/wolfcrypt/dsa.h>
- #else
- typedef void* DsaKey;
- #endif
- #ifdef WOLF_CRYPTO_CB
- #include <wolfssl/wolfcrypt/cryptocb.h>
- #endif
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- #include <wolfssl/openssl/objects.h>
- #endif
- #ifdef _MSC_VER
- /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */
- #pragma warning(disable: 4996)
- #endif
- #define ERROR_OUT(err, eLabel) { ret = (err); goto eLabel; }
- #if !defined(NO_SKID) && (!defined(HAVE_FIPS) || !defined(HAVE_FIPS_VERSION))
- #if !defined(HAVE_SELFTEST) || (defined(HAVE_SELFTEST) && \
- (!defined(HAVE_SELFTEST_VERSION) || \
- HAVE_SELFTEST_VERSION < 2))
- #ifndef WOLFSSL_AES_KEY_SIZE_ENUM
- #define WOLFSSL_AES_KEY_SIZE_ENUM
- enum Asn_Misc {
- AES_IV_SIZE = 16,
- AES_128_KEY_SIZE = 16,
- AES_192_KEY_SIZE = 24,
- AES_256_KEY_SIZE = 32
- };
- #endif
- #endif /* HAVE_SELFTEST */
- #endif
- #ifdef WOLFSSL_RENESAS_TSIP_TLS
- void tsip_inform_key_position(const word32 key_n_start,
- const word32 key_n_len, const word32 key_e_start,
- const word32 key_e_len);
- int tsip_tls_CertVerify(const byte *cert, word32 certSz,
- const byte *signature, word32 sigSz,
- word32 key_n_start, word32 key_n_len,
- word32 key_e_start, word32 key_e_len,
- byte *tsip_encRsaKeyIdx);
- #endif
- int GetLength(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- return GetLength_ex(input, inOutIdx, len, maxIdx, 1);
- }
- /* give option to check length value found against index. 1 to check 0 to not */
- int GetLength_ex(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx, int check)
- {
- int length = 0;
- word32 idx = *inOutIdx;
- byte b;
- *len = 0; /* default length */
- if ((idx + 1) > maxIdx) { /* for first read */
- WOLFSSL_MSG("GetLength bad index on input");
- return BUFFER_E;
- }
- b = input[idx++];
- if (b >= ASN_LONG_LENGTH) {
- word32 bytes = b & 0x7F;
- if ((idx + bytes) > maxIdx) { /* for reading bytes */
- WOLFSSL_MSG("GetLength bad long length");
- return BUFFER_E;
- }
- if (bytes > sizeof(length)) {
- return ASN_PARSE_E;
- }
- while (bytes--) {
- b = input[idx++];
- length = (length << 8) | b;
- }
- if (length < 0) {
- return ASN_PARSE_E;
- }
- }
- else
- length = b;
- if (check && (idx + length) > maxIdx) { /* for user of length */
- WOLFSSL_MSG("GetLength value exceeds buffer length");
- return BUFFER_E;
- }
- *inOutIdx = idx;
- if (length > 0)
- *len = length;
- return length;
- }
- /* input : buffer to read from
- * inOutIdx : index to start reading from, gets advanced by 1 if successful
- * maxIdx : maximum index value
- * tag : ASN tag value found
- *
- * returns 0 on success
- */
- int GetASNTag(const byte* input, word32* inOutIdx, byte* tag, word32 maxIdx)
- {
- word32 idx;
- if (tag == NULL || inOutIdx == NULL || input == NULL) {
- return BAD_FUNC_ARG;
- }
- idx = *inOutIdx;
- if (idx + ASN_TAG_SZ > maxIdx) {
- WOLFSSL_MSG("Buffer too small for ASN tag");
- return BUFFER_E;
- }
- *tag = input[idx];
- *inOutIdx = idx + ASN_TAG_SZ;
- return 0;
- }
- static int GetASNHeader_ex(const byte* input, byte tag, word32* inOutIdx, int* len,
- word32 maxIdx, int check)
- {
- word32 idx = *inOutIdx;
- byte tagFound;
- int length;
- if (GetASNTag(input, &idx, &tagFound, maxIdx) != 0)
- return ASN_PARSE_E;
- if (tagFound != tag)
- return ASN_PARSE_E;
- if (GetLength_ex(input, &idx, &length, maxIdx, check) < 0)
- return ASN_PARSE_E;
- *len = length;
- *inOutIdx = idx;
- return length;
- }
- /* Get the DER/BER encoding of an ASN.1 header.
- *
- * input Buffer holding DER/BER encoded data.
- * tag ASN.1 tag value expected in header.
- * inOutIdx Current index into buffer to parse.
- * len The number of bytes in the ASN.1 data.
- * maxIdx Length of data in buffer.
- * returns BUFFER_E when there is not enough data to parse.
- * ASN_PARSE_E when the expected tag is not found or length is invalid.
- * Otherwise, the number of bytes in the ASN.1 data.
- */
- static int GetASNHeader(const byte* input, byte tag, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- return GetASNHeader_ex(input, tag, inOutIdx, len, maxIdx, 1);
- }
- static int GetHeader(const byte* input, byte* tag, word32* inOutIdx, int* len,
- word32 maxIdx, int check)
- {
- word32 idx = *inOutIdx;
- int length;
- if ((idx + 1) > maxIdx)
- return BUFFER_E;
- *tag = input[idx++];
- if (GetLength_ex(input, &idx, &length, maxIdx, check) < 0)
- return ASN_PARSE_E;
- *len = length;
- *inOutIdx = idx;
- return length;
- }
- int GetSequence(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- return GetASNHeader(input, ASN_SEQUENCE | ASN_CONSTRUCTED, inOutIdx, len,
- maxIdx);
- }
- int GetSequence_ex(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx, int check)
- {
- return GetASNHeader_ex(input, ASN_SEQUENCE | ASN_CONSTRUCTED, inOutIdx, len,
- maxIdx, check);
- }
- int GetSet(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- return GetASNHeader(input, ASN_SET | ASN_CONSTRUCTED, inOutIdx, len,
- maxIdx);
- }
- int GetSet_ex(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx, int check)
- {
- return GetASNHeader_ex(input, ASN_SET | ASN_CONSTRUCTED, inOutIdx, len,
- maxIdx, check);
- }
- /* Get the DER/BER encoded ASN.1 NULL element.
- * Ensure that the all fields are as expected and move index past the element.
- *
- * input Buffer holding DER/BER encoded data.
- * inOutIdx Current index into buffer to parse.
- * maxIdx Length of data in buffer.
- * returns BUFFER_E when there is not enough data to parse.
- * ASN_TAG_NULL_E when the NULL tag is not found.
- * ASN_EXPECT_0_E when the length is not zero.
- * Otherwise, 0 to indicate success.
- */
- static int GetASNNull(const byte* input, word32* inOutIdx, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- byte b;
- if ((idx + 2) > maxIdx)
- return BUFFER_E;
- b = input[idx++];
- if (b != ASN_TAG_NULL)
- return ASN_TAG_NULL_E;
- if (input[idx++] != 0)
- return ASN_EXPECT_0_E;
- *inOutIdx = idx;
- return 0;
- }
- /* Set the DER/BER encoding of the ASN.1 NULL element.
- *
- * output Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
- static int SetASNNull(byte* output)
- {
- output[0] = ASN_TAG_NULL;
- output[1] = 0;
- return 2;
- }
- #ifndef NO_CERTS
- /* Get the DER/BER encoding of an ASN.1 BOOLEAN.
- *
- * input Buffer holding DER/BER encoded data.
- * inOutIdx Current index into buffer to parse.
- * maxIdx Length of data in buffer.
- * returns BUFFER_E when there is not enough data to parse.
- * ASN_PARSE_E when the BOOLEAN tag is not found or length is not 1.
- * Otherwise, 0 to indicate the value was false and 1 to indicate true.
- */
- static int GetBoolean(const byte* input, word32* inOutIdx, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- byte b;
- if ((idx + 3) > maxIdx)
- return BUFFER_E;
- b = input[idx++];
- if (b != ASN_BOOLEAN)
- return ASN_PARSE_E;
- if (input[idx++] != 1)
- return ASN_PARSE_E;
- b = input[idx++] != 0;
- *inOutIdx = idx;
- return b;
- }
- #endif /* !NO_CERTS*/
- #ifdef ASN1_SET_BOOLEAN
- /* Set the DER/BER encoding of the ASN.1 NULL element.
- * Note: Function not required as yet.
- *
- * val Boolean value to encode.
- * output Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
- static int SetBoolean(int val, byte* output)
- {
- output[0] = ASN_BOOLEAN;
- output[1] = 1;
- output[2] = val ? -1 : 0;
- return 3;
- }
- #endif
- /* Get the DER/BER encoding of an ASN.1 OCTET_STRING header.
- *
- * input Buffer holding DER/BER encoded data.
- * inOutIdx Current index into buffer to parse.
- * len The number of bytes in the ASN.1 data.
- * maxIdx Length of data in buffer.
- * returns BUFFER_E when there is not enough data to parse.
- * ASN_PARSE_E when the OCTET_STRING tag is not found or length is
- * invalid.
- * Otherwise, the number of bytes in the ASN.1 data.
- */
- int GetOctetString(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- return GetASNHeader(input, ASN_OCTET_STRING, inOutIdx, len, maxIdx);
- }
- /* Get the DER/BER encoding of an ASN.1 INTEGER header.
- * Removes the leading zero byte when found.
- *
- * input Buffer holding DER/BER encoded data.
- * inOutIdx Current index into buffer to parse.
- * len The number of bytes in the ASN.1 data (excluding any leading zero).
- * maxIdx Length of data in buffer.
- * returns BUFFER_E when there is not enough data to parse.
- * ASN_PARSE_E when the INTEGER tag is not found, length is invalid,
- * or invalid use of or missing leading zero.
- * Otherwise, 0 to indicate success.
- */
- static int GetASNInt(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- int ret;
- ret = GetASNHeader(input, ASN_INTEGER, inOutIdx, len, maxIdx);
- if (ret < 0)
- return ret;
- if (*len > 0) {
- #ifndef WOLFSSL_ASN_INT_LEAD_0_ANY
- /* check for invalid padding on negative integer.
- * c.f. X.690 (ISO/IEC 8825-2:2003 (E)) 10.4.6; RFC 5280 4.1
- */
- if (*len > 1) {
- if ((input[*inOutIdx] == 0xff) && (input[*inOutIdx + 1] & 0x80))
- return ASN_PARSE_E;
- }
- #endif
- /* remove leading zero, unless there is only one 0x00 byte */
- if ((input[*inOutIdx] == 0x00) && (*len > 1)) {
- (*inOutIdx)++;
- (*len)--;
- #ifndef WOLFSSL_ASN_INT_LEAD_0_ANY
- if (*len > 0 && (input[*inOutIdx] & 0x80) == 0)
- return ASN_PARSE_E;
- #endif
- }
- }
- return 0;
- }
- #ifndef NO_CERTS
- /* Get the DER/BER encoding of an ASN.1 INTEGER that has a value of no more than
- * 7 bits.
- *
- * input Buffer holding DER/BER encoded data.
- * inOutIdx Current index into buffer to parse.
- * maxIdx Length of data in buffer.
- * returns BUFFER_E when there is not enough data to parse.
- * ASN_PARSE_E when the INTEGER tag is not found or length is invalid.
- * Otherwise, the 7-bit value.
- */
- static int GetInteger7Bit(const byte* input, word32* inOutIdx, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- byte b;
- if ((idx + 3) > maxIdx)
- return BUFFER_E;
- if (GetASNTag(input, &idx, &b, maxIdx) != 0)
- return ASN_PARSE_E;
- if (b != ASN_INTEGER)
- return ASN_PARSE_E;
- if (input[idx++] != 1)
- return ASN_PARSE_E;
- b = input[idx++];
- *inOutIdx = idx;
- return b;
- }
- #endif /* !NO_CERTS */
- #if !defined(NO_DSA) && !defined(NO_SHA)
- static const char sigSha1wDsaName[] = "SHAwDSA";
- static const char sigSha256wDsaName[] = "SHA256wDSA";
- #endif /* NO_DSA */
- #ifndef NO_RSA
- #ifdef WOLFSSL_MD2
- static const char sigMd2wRsaName[] = "md2WithRSAEncryption";
- #endif
- #ifndef NO_MD5
- static const char sigMd5wRsaName[] = "md5WithRSAEncryption";
- #endif
- #ifndef NO_SHA
- static const char sigSha1wRsaName[] = "sha1WithRSAEncryption";
- #endif
- #ifdef WOLFSSL_SHA224
- static const char sigSha224wRsaName[] = "sha224WithRSAEncryption";
- #endif
- #ifndef NO_SHA256
- static const char sigSha256wRsaName[] = "sha256WithRSAEncryption";
- #endif
- #ifdef WOLFSSL_SHA384
- static const char sigSha384wRsaName[] = "sha384WithRSAEncryption";
- #endif
- #ifdef WOLFSSL_SHA512
- static const char sigSha512wRsaName[] = "sha512WithRSAEncryption";
- #endif
- #endif /* NO_RSA */
- #ifdef HAVE_ECC
- #ifndef NO_SHA
- static const char sigSha1wEcdsaName[] = "SHAwECDSA";
- #endif
- #ifdef WOLFSSL_SHA224
- static const char sigSha224wEcdsaName[] = "SHA224wECDSA";
- #endif
- #ifndef NO_SHA256
- static const char sigSha256wEcdsaName[] = "SHA256wECDSA";
- #endif
- #ifdef WOLFSSL_SHA384
- static const char sigSha384wEcdsaName[] = "SHA384wECDSA";
- #endif
- #ifdef WOLFSSL_SHA512
- static const char sigSha512wEcdsaName[] = "SHA512wECDSA";
- #endif
- #endif /* HAVE_ECC */
- static const char sigUnknownName[] = "Unknown";
- /* Get the human readable string for a signature type
- *
- * oid Oid value for signature
- */
- const char* GetSigName(int oid) {
- switch (oid) {
- #if !defined(NO_DSA) && !defined(NO_SHA)
- case CTC_SHAwDSA:
- return sigSha1wDsaName;
- case CTC_SHA256wDSA:
- return sigSha256wDsaName;
- #endif /* NO_DSA && NO_SHA */
- #ifndef NO_RSA
- #ifdef WOLFSSL_MD2
- case CTC_MD2wRSA:
- return sigMd2wRsaName;
- #endif
- #ifndef NO_MD5
- case CTC_MD5wRSA:
- return sigMd5wRsaName;
- #endif
- #ifndef NO_SHA
- case CTC_SHAwRSA:
- return sigSha1wRsaName;
- #endif
- #ifdef WOLFSSL_SHA224
- case CTC_SHA224wRSA:
- return sigSha224wRsaName;
- #endif
- #ifndef NO_SHA256
- case CTC_SHA256wRSA:
- return sigSha256wRsaName;
- #endif
- #ifdef WOLFSSL_SHA384
- case CTC_SHA384wRSA:
- return sigSha384wRsaName;
- #endif
- #ifdef WOLFSSL_SHA512
- case CTC_SHA512wRSA:
- return sigSha512wRsaName;
- #endif
- #endif /* NO_RSA */
- #ifdef HAVE_ECC
- #ifndef NO_SHA
- case CTC_SHAwECDSA:
- return sigSha1wEcdsaName;
- #endif
- #ifdef WOLFSSL_SHA224
- case CTC_SHA224wECDSA:
- return sigSha224wEcdsaName;
- #endif
- #ifndef NO_SHA256
- case CTC_SHA256wECDSA:
- return sigSha256wEcdsaName;
- #endif
- #ifdef WOLFSSL_SHA384
- case CTC_SHA384wECDSA:
- return sigSha384wEcdsaName;
- #endif
- #ifdef WOLFSSL_SHA512
- case CTC_SHA512wECDSA:
- return sigSha512wEcdsaName;
- #endif
- #endif /* HAVE_ECC */
- default:
- return sigUnknownName;
- }
- }
- #if !defined(NO_DSA) || defined(HAVE_ECC) || !defined(NO_CERTS) || \
- (!defined(NO_RSA) && \
- (defined(WOLFSSL_CERT_GEN) || \
- ((defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)) && !defined(HAVE_USER_RSA))))
- /* Set the DER/BER encoding of the ASN.1 INTEGER header.
- *
- * len Length of data to encode.
- * firstByte First byte of data, most significant byte of integer, to encode.
- * output Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
- int SetASNInt(int len, byte firstByte, byte* output)
- {
- word32 idx = 0;
- if (output)
- output[idx] = ASN_INTEGER;
- idx++;
- if (firstByte & 0x80)
- len++;
- idx += SetLength(len, output ? output + idx : NULL);
- if (firstByte & 0x80) {
- if (output)
- output[idx] = 0x00;
- idx++;
- }
- return idx;
- }
- #endif
- #if !defined(NO_DSA) || defined(HAVE_ECC) || (defined(WOLFSSL_CERT_GEN) && \
- !defined(NO_RSA)) || ((defined(WOLFSSL_KEY_GEN) || \
- defined(OPENSSL_EXTRA)) && !defined(NO_RSA) && !defined(HAVE_USER_RSA))
- /* Set the DER/BER encoding of the ASN.1 INTEGER element with an mp_int.
- * The number is assumed to be positive.
- *
- * n Multi-precision integer to encode.
- * maxSz Maximum size of the encoded integer.
- * A negative value indicates no check of length requested.
- * output Buffer to write into.
- * returns BUFFER_E when the data is too long for the buffer.
- * MP_TO_E when encoding the integer fails.
- * Otherwise, the number of bytes added to the buffer.
- */
- static int SetASNIntMP(mp_int* n, int maxSz, byte* output)
- {
- int idx = 0;
- int leadingBit;
- int length;
- int err;
- leadingBit = mp_leading_bit(n);
- length = mp_unsigned_bin_size(n);
- if (maxSz >= 0 && (1 + length + (leadingBit ? 1 : 0)) > maxSz)
- return BUFFER_E;
- idx = SetASNInt(length, leadingBit ? 0x80 : 0x00, output);
- if (maxSz >= 0 && (idx + length) > maxSz)
- return BUFFER_E;
- if (output) {
- err = mp_to_unsigned_bin(n, output + idx);
- if (err != MP_OKAY)
- return MP_TO_E;
- }
- idx += length;
- return idx;
- }
- #endif
- #if !defined(NO_RSA) && defined(HAVE_USER_RSA) && \
- (defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA))
- /* Set the DER/BER encoding of the ASN.1 INTEGER element with an mp_int from
- * an RSA key.
- * The number is assumed to be positive.
- *
- * n Multi-precision integer to encode.
- * output Buffer to write into.
- * returns BUFFER_E when the data is too long for the buffer.
- * MP_TO_E when encoding the integer fails.
- * Otherwise, the number of bytes added to the buffer.
- */
- static int SetASNIntRSA(void* n, byte* output)
- {
- int idx = 0;
- int leadingBit;
- int length;
- int err;
- leadingBit = wc_Rsa_leading_bit(n);
- length = wc_Rsa_unsigned_bin_size(n);
- idx = SetASNInt(length, leadingBit ? 0x80 : 0x00, output);
- if ((idx + length) > MAX_RSA_INT_SZ)
- return BUFFER_E;
- if (output) {
- err = wc_Rsa_to_unsigned_bin(n, output + idx, length);
- if (err != MP_OKAY)
- return MP_TO_E;
- }
- idx += length;
- return idx;
- }
- #endif /* !NO_RSA && HAVE_USER_RSA && WOLFSSL_CERT_GEN */
- /* Windows header clash for WinCE using GetVersion */
- int GetMyVersion(const byte* input, word32* inOutIdx,
- int* version, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- byte tag;
- if ((idx + MIN_VERSION_SZ) > maxIdx)
- return ASN_PARSE_E;
- if (GetASNTag(input, &idx, &tag, maxIdx) != 0)
- return ASN_PARSE_E;
- if (tag != ASN_INTEGER)
- return ASN_PARSE_E;
- if (input[idx++] != 0x01)
- return ASN_VERSION_E;
- *version = input[idx++];
- *inOutIdx = idx;
- return *version;
- }
- #ifndef NO_PWDBASED
- /* Get small count integer, 32 bits or less */
- int GetShortInt(const byte* input, word32* inOutIdx, int* number, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- word32 len;
- byte tag;
- *number = 0;
- /* check for type and length bytes */
- if ((idx + 2) > maxIdx)
- return BUFFER_E;
- if (GetASNTag(input, &idx, &tag, maxIdx) != 0)
- return ASN_PARSE_E;
- if (tag != ASN_INTEGER)
- return ASN_PARSE_E;
- len = input[idx++];
- if (len > 4)
- return ASN_PARSE_E;
- if (len + idx > maxIdx)
- return ASN_PARSE_E;
- while (len--) {
- *number = *number << 8 | input[idx++];
- }
- *inOutIdx = idx;
- return *number;
- }
- /* Set small integer, 32 bits or less. DER encoding with no leading 0s
- * returns total amount written including ASN tag and length byte on success */
- int SetShortInt(byte* input, word32* inOutIdx, word32 number, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- word32 len = 0;
- int i;
- byte ar[MAX_LENGTH_SZ];
- /* check for room for type and length bytes */
- if ((idx + 2) > maxIdx)
- return BUFFER_E;
- input[idx++] = ASN_INTEGER;
- idx++; /* place holder for length byte */
- if (MAX_LENGTH_SZ + idx > maxIdx)
- return ASN_PARSE_E;
- /* find first non zero byte */
- XMEMSET(ar, 0, MAX_LENGTH_SZ);
- c32toa(number, ar);
- for (i = 0; i < MAX_LENGTH_SZ; i++) {
- if (ar[i] != 0) {
- break;
- }
- }
- /* handle case of 0 */
- if (i == MAX_LENGTH_SZ) {
- input[idx++] = 0; len++;
- }
- for (; i < MAX_LENGTH_SZ && idx < maxIdx; i++) {
- input[idx++] = ar[i]; len++;
- }
- /* jump back to beginning of input buffer using unaltered inOutIdx value
- * and set number of bytes for integer, then update the index value */
- input[*inOutIdx + 1] = (byte)len;
- *inOutIdx = idx;
- return len + 2; /* size of integer bytes plus ASN TAG and length byte */
- }
- #endif /* !NO_PWDBASED */
- /* May not have one, not an error */
- static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version,
- word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- byte tag;
- WOLFSSL_ENTER("GetExplicitVersion");
- if (GetASNTag(input, &idx, &tag, maxIdx) != 0)
- return ASN_PARSE_E;
- if (tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) {
- int ret;
- *inOutIdx = ++idx; /* skip header */
- ret = GetMyVersion(input, inOutIdx, version, maxIdx);
- if (ret >= 0) {
- /* check if version is expected value rfc 5280 4.1 {0, 1, 2} */
- if (*version > MAX_X509_VERSION || *version < MIN_X509_VERSION) {
- WOLFSSL_MSG("Unexpected certificate version");
- ret = ASN_VERSION_E;
- }
- }
- return ret;
- }
- /* go back as is */
- *version = 0;
- return 0;
- }
- int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- int ret;
- int length;
- ret = GetASNInt(input, &idx, &length, maxIdx);
- if (ret != 0)
- return ret;
- if (mp_init(mpi) != MP_OKAY)
- return MP_INIT_E;
- if (mp_read_unsigned_bin(mpi, input + idx, length) != 0) {
- mp_clear(mpi);
- return ASN_GETINT_E;
- }
- #ifdef HAVE_WOLF_BIGINT
- if (wc_bigint_from_unsigned_bin(&mpi->raw, input + idx, length) != 0) {
- mp_clear(mpi);
- return ASN_GETINT_E;
- }
- #endif /* HAVE_WOLF_BIGINT */
- *inOutIdx = idx + length;
- return 0;
- }
- #if (!defined(WOLFSSL_KEY_GEN) && !defined(OPENSSL_EXTRA) && defined(RSA_LOW_MEM)) \
- || defined(WOLFSSL_RSA_PUBLIC_ONLY) || (!defined(NO_DSA))
- #if (!defined(NO_RSA) && !defined(HAVE_USER_RSA)) || !defined(NO_DSA)
- static int SkipInt(const byte* input, word32* inOutIdx, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- int ret;
- int length;
- ret = GetASNInt(input, &idx, &length, maxIdx);
- if (ret != 0)
- return ret;
- *inOutIdx = idx + length;
- return 0;
- }
- #endif
- #endif
- int CheckBitString(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx, int zeroBits, byte* unusedBits)
- {
- word32 idx = *inOutIdx;
- int length;
- byte b;
- if (GetASNTag(input, &idx, &b, maxIdx) != 0) {
- return ASN_BITSTR_E;
- }
- if (b != ASN_BIT_STRING) {
- return ASN_BITSTR_E;
- }
- if (GetLength(input, &idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- /* extra sanity check that length is greater than 0 */
- if (length <= 0) {
- WOLFSSL_MSG("Error length was 0 in CheckBitString");
- return BUFFER_E;
- }
- if (idx + 1 > maxIdx) {
- WOLFSSL_MSG("Attempted buffer read larger than input buffer");
- return BUFFER_E;
- }
- b = input[idx];
- if (zeroBits && b != 0x00)
- return ASN_EXPECT_0_E;
- if (b >= 0x08)
- return ASN_PARSE_E;
- if (b != 0) {
- if ((byte)(input[idx + length - 1] << (8 - b)) != 0)
- return ASN_PARSE_E;
- }
- idx++;
- length--; /* length has been checked for greater than 0 */
- *inOutIdx = idx;
- if (len != NULL)
- *len = length;
- if (unusedBits != NULL)
- *unusedBits = b;
- return 0;
- }
- /* RSA (with CertGen or KeyGen) OR ECC OR ED25519 OR ED448 (with CertGen or
- * KeyGen) */
- #if (!defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
- (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA))) || \
- (defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)) || \
- ((defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
- (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA))) || \
- (!defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN))
- /* Set the DER/BER encoding of the ASN.1 BIT_STRING header.
- *
- * len Length of data to encode.
- * unusedBits The number of unused bits in the last byte of data.
- * That is, the number of least significant zero bits before a one.
- * The last byte is the most-significant non-zero byte of a number.
- * output Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
- word32 SetBitString(word32 len, byte unusedBits, byte* output)
- {
- word32 idx = 0;
- if (output)
- output[idx] = ASN_BIT_STRING;
- idx++;
- idx += SetLength(len + 1, output ? output + idx : NULL);
- if (output)
- output[idx] = unusedBits;
- idx++;
- return idx;
- }
- #endif /* !NO_RSA || HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */
- #ifdef ASN_BER_TO_DER
- /* Pull informtation from the ASN.1 BER encoded item header */
- static int GetBerHeader(const byte* data, word32* idx, word32 maxIdx,
- byte* pTag, word32* pLen, int* indef)
- {
- int len = 0;
- byte tag;
- word32 i = *idx;
- *indef = 0;
- /* Check there is enough data for a minimal header */
- if (i + 2 > maxIdx) {
- return ASN_PARSE_E;
- }
- /* Retrieve tag */
- tag = data[i++];
- /* Indefinite length handled specially */
- if (data[i] == 0x80) {
- /* Check valid tag for indefinite */
- if (((tag & 0xc0) == 0) && ((tag & ASN_CONSTRUCTED) == 0x00)) {
- return ASN_PARSE_E;
- }
- i++;
- *indef = 1;
- }
- else if (GetLength(data, &i, &len, maxIdx) < 0) {
- return ASN_PARSE_E;
- }
- /* Return tag, length and index after BER item header */
- *pTag = tag;
- *pLen = len;
- *idx = i;
- return 0;
- }
- #ifndef INDEF_ITEMS_MAX
- #define INDEF_ITEMS_MAX 20
- #endif
- /* Indef length item data */
- typedef struct Indef {
- word32 start;
- int depth;
- int headerLen;
- word32 len;
- } Indef;
- /* Indef length items */
- typedef struct IndefItems
- {
- Indef len[INDEF_ITEMS_MAX];
- int cnt;
- int idx;
- int depth;
- } IndefItems;
- /* Get header length of current item */
- static int IndefItems_HeaderLen(IndefItems* items)
- {
- return items->len[items->idx].headerLen;
- }
- /* Get data length of current item */
- static word32 IndefItems_Len(IndefItems* items)
- {
- return items->len[items->idx].len;
- }
- /* Add a indefinite length item */
- static int IndefItems_AddItem(IndefItems* items, word32 start)
- {
- int ret = 0;
- int i;
- if (items->cnt == INDEF_ITEMS_MAX) {
- ret = MEMORY_E;
- }
- else {
- i = items->cnt++;
- items->len[i].start = start;
- items->len[i].depth = items->depth++;
- items->len[i].headerLen = 1;
- items->len[i].len = 0;
- items->idx = i;
- }
- return ret;
- }
- /* Increase data length of current item */
- static void IndefItems_AddData(IndefItems* items, word32 length)
- {
- items->len[items->idx].len += length;
- }
- /* Update header length of current item to reflect data length */
- static void IndefItems_UpdateHeaderLen(IndefItems* items)
- {
- items->len[items->idx].headerLen +=
- SetLength(items->len[items->idx].len, NULL);
- }
- /* Go to indefinite parent of current item */
- static void IndefItems_Up(IndefItems* items)
- {
- int i;
- int depth = items->len[items->idx].depth - 1;
- for (i = items->cnt - 1; i >= 0; i--) {
- if (items->len[i].depth == depth) {
- break;
- }
- }
- items->idx = i;
- items->depth = depth + 1;
- }
- /* Calculate final length by adding length of indefinite child items */
- static void IndefItems_CalcLength(IndefItems* items)
- {
- int i;
- int idx = items->idx;
- for (i = idx + 1; i < items->cnt; i++) {
- if (items->len[i].depth == items->depth) {
- items->len[idx].len += items->len[i].headerLen;
- items->len[idx].len += items->len[i].len;
- }
- }
- items->len[idx].headerLen += SetLength(items->len[idx].len, NULL);
- }
- /* Add more data to indefinite length item */
- static void IndefItems_MoreData(IndefItems* items, word32 length)
- {
- if (items->cnt > 0 && items->idx >= 0) {
- items->len[items->idx].len += length;
- }
- }
- /* Convert a BER encoding with indefinite length items to DER.
- *
- * ber BER encoded data.
- * berSz Length of BER encoded data.
- * der Buffer to hold DER encoded version of data.
- * NULL indicates only the length is required.
- * derSz The size of the buffer to hold the DER encoded data.
- * Will be set if der is NULL, otherwise the value is checked as der is
- * filled.
- * returns ASN_PARSE_E if the BER data is invalid and BAD_FUNC_ARG if ber or
- * derSz are NULL.
- */
- int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz)
- {
- int ret = 0;
- word32 i, j;
- #ifdef WOLFSSL_SMALL_STACK
- IndefItems* indefItems = NULL;
- #else
- IndefItems indefItems[1];
- #endif
- byte tag, basic;
- word32 length;
- int indef;
- if (ber == NULL || derSz == NULL)
- return BAD_FUNC_ARG;
- #ifdef WOLFSSL_SMALL_STACK
- indefItems = (IndefItems *)XMALLOC(sizeof(IndefItems), NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (indefItems == NULL) {
- ret = MEMORY_E;
- goto end;
- }
- #endif
- XMEMSET(indefItems, 0, sizeof(*indefItems));
- /* Calculate indefinite item lengths */
- for (i = 0; i < berSz; ) {
- word32 start = i;
- /* Get next BER item */
- ret = GetBerHeader(ber, &i, berSz, &tag, &length, &indef);
- if (ret != 0) {
- goto end;
- }
- if (indef) {
- /* Indefinite item - add to list */
- ret = IndefItems_AddItem(indefItems, i);
- if (ret != 0) {
- goto end;
- }
- if ((tag & 0xC0) == 0 &&
- tag != (ASN_SEQUENCE | ASN_CONSTRUCTED) &&
- tag != (ASN_SET | ASN_CONSTRUCTED)) {
- /* Constructed basic type - get repeating tag */
- basic = tag & (~ASN_CONSTRUCTED);
- /* Add up lengths of each item below */
- for (; i < berSz; ) {
- /* Get next BER_item */
- ret = GetBerHeader(ber, &i, berSz, &tag, &length, &indef);
- if (ret != 0) {
- goto end;
- }
- /* End of content closes item */
- if (tag == ASN_EOC) {
- /* Must be zero length */
- if (length != 0) {
- ret = ASN_PARSE_E;
- goto end;
- }
- break;
- }
- /* Must not be indefinite and tag must match parent */
- if (indef || tag != basic) {
- ret = ASN_PARSE_E;
- goto end;
- }
- /* Add to length */
- IndefItems_AddData(indefItems, length);
- /* Skip data */
- i += length;
- }
- /* Ensure we got an EOC and not end of data */
- if (tag != ASN_EOC) {
- ret = ASN_PARSE_E;
- goto end;
- }
- /* Set the header length to include the length field */
- IndefItems_UpdateHeaderLen(indefItems);
- /* Go to indefinte parent item */
- IndefItems_Up(indefItems);
- }
- }
- else if (tag == ASN_EOC) {
- /* End-of-content must be 0 length */
- if (length != 0) {
- ret = ASN_PARSE_E;
- goto end;
- }
- /* Check there is an item to close - missing EOC */
- if (indefItems->depth == 0) {
- ret = ASN_PARSE_E;
- goto end;
- }
- /* Finish calculation of data length for indefinite item */
- IndefItems_CalcLength(indefItems);
- /* Go to indefinte parent item */
- IndefItems_Up(indefItems);
- }
- else {
- /* Known length item to add in - make sure enough data for it */
- if (i + length > berSz) {
- ret = ASN_PARSE_E;
- goto end;
- }
- /* Include all data - can't have indefinite inside definite */
- i += length;
- /* Add entire item to current indefinite item */
- IndefItems_MoreData(indefItems, i - start);
- }
- }
- /* Check we had a EOC for each indefinite item */
- if (indefItems->depth != 0) {
- ret = ASN_PARSE_E;
- goto end;
- }
- /* Write out DER */
- j = 0;
- /* Reset index */
- indefItems->idx = 0;
- for (i = 0; i < berSz; ) {
- word32 start = i;
- /* Get item - checked above */
- (void)GetBerHeader(ber, &i, berSz, &tag, &length, &indef);
- if (indef) {
- if (der != NULL) {
- /* Check enough space for header */
- if (j + IndefItems_HeaderLen(indefItems) > *derSz) {
- ret = BUFFER_E;
- goto end;
- }
- if ((tag & 0xC0) == 0 &&
- tag != (ASN_SEQUENCE | ASN_CONSTRUCTED) &&
- tag != (ASN_SET | ASN_CONSTRUCTED)) {
- /* Remove constructed tag for basic types */
- tag &= ~ASN_CONSTRUCTED;
- }
- /* Add tag and length */
- der[j] = tag;
- (void)SetLength(IndefItems_Len(indefItems), der + j + 1);
- }
- /* Add header length of indefinite item */
- j += IndefItems_HeaderLen(indefItems);
- if ((tag & 0xC0) == 0 &&
- tag != (ASN_SEQUENCE | ASN_CONSTRUCTED) &&
- tag != (ASN_SET | ASN_CONSTRUCTED)) {
- /* For basic type - get each child item and add data */
- for (; i < berSz; ) {
- (void)GetBerHeader(ber, &i, berSz, &tag, &length, &indef);
- if (tag == ASN_EOC) {
- break;
- }
- if (der != NULL) {
- if (j + length > *derSz) {
- ret = BUFFER_E;
- goto end;
- }
- XMEMCPY(der + j, ber + i, length);
- }
- j += length;
- i += length;
- }
- }
- /* Move to next indef item in list */
- indefItems->idx++;
- }
- else if (tag == ASN_EOC) {
- /* End-Of-Content is not written out in DER */
- }
- else {
- /* Write out definite length item as is. */
- i += length;
- if (der != NULL) {
- /* Ensure space for item */
- if (j + i - start > *derSz) {
- ret = BUFFER_E;
- goto end;
- }
- /* Copy item as is */
- XMEMCPY(der + j, ber + start, i - start);
- }
- j += i - start;
- }
- }
- /* Return the length of the DER encoded ASN.1 */
- *derSz = j;
- if (der == NULL) {
- ret = LENGTH_ONLY_E;
- }
- end:
- #ifdef WOLFSSL_SMALL_STACK
- if (indefItems != NULL) {
- XFREE(indefItems, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif
- return ret;
- }
- #endif
- #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
- /* Set the DER/BER encoding of the ASN.1 BIT_STRING with a 16-bit value.
- *
- * val 16-bit value to encode.
- * output Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
- static word32 SetBitString16Bit(word16 val, byte* output)
- {
- word32 idx;
- int len;
- byte lastByte;
- byte unusedBits = 0;
- if ((val >> 8) != 0) {
- len = 2;
- lastByte = (byte)(val >> 8);
- }
- else {
- len = 1;
- lastByte = (byte)val;
- }
- while (((lastByte >> unusedBits) & 0x01) == 0x00)
- unusedBits++;
- idx = SetBitString(len, unusedBits, output);
- output[idx++] = (byte)val;
- if (len > 1)
- output[idx++] = (byte)(val >> 8);
- return idx;
- }
- #endif /* WOLFSSL_CERT_EXT || WOLFSSL_CERT_GEN */
- /* hashType */
- #ifdef WOLFSSL_MD2
- static const byte hashMd2hOid[] = {42, 134, 72, 134, 247, 13, 2, 2};
- #endif
- #ifndef NO_MD5
- static const byte hashMd5hOid[] = {42, 134, 72, 134, 247, 13, 2, 5};
- #endif
- #ifndef NO_SHA
- static const byte hashSha1hOid[] = {43, 14, 3, 2, 26};
- #endif
- #ifdef WOLFSSL_SHA224
- static const byte hashSha224hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 4};
- #endif
- #ifndef NO_SHA256
- static const byte hashSha256hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 1};
- #endif
- #ifdef WOLFSSL_SHA384
- static const byte hashSha384hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 2};
- #endif
- #ifdef WOLFSSL_SHA512
- static const byte hashSha512hOid[] = {96, 134, 72, 1, 101, 3, 4, 2, 3};
- #endif
- /* hmacType */
- #ifndef NO_HMAC
- #ifdef WOLFSSL_SHA224
- static const byte hmacSha224Oid[] = {42, 134, 72, 134, 247, 13, 2, 8};
- #endif
- #ifndef NO_SHA256
- static const byte hmacSha256Oid[] = {42, 134, 72, 134, 247, 13, 2, 9};
- #endif
- #ifdef WOLFSSL_SHA384
- static const byte hmacSha384Oid[] = {42, 134, 72, 134, 247, 13, 2, 10};
- #endif
- #ifdef WOLFSSL_SHA512
- static const byte hmacSha512Oid[] = {42, 134, 72, 134, 247, 13, 2, 11};
- #endif
- #endif
- /* sigType */
- #if !defined(NO_DSA) && !defined(NO_SHA)
- static const byte sigSha1wDsaOid[] = {42, 134, 72, 206, 56, 4, 3};
- static const byte sigSha256wDsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 2};
- #endif /* NO_DSA */
- #ifndef NO_RSA
- #ifdef WOLFSSL_MD2
- static const byte sigMd2wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 2};
- #endif
- #ifndef NO_MD5
- static const byte sigMd5wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 4};
- #endif
- #ifndef NO_SHA
- static const byte sigSha1wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 5};
- #endif
- #ifdef WOLFSSL_SHA224
- static const byte sigSha224wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,14};
- #endif
- #ifndef NO_SHA256
- static const byte sigSha256wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,11};
- #endif
- #ifdef WOLFSSL_SHA384
- static const byte sigSha384wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,12};
- #endif
- #ifdef WOLFSSL_SHA512
- static const byte sigSha512wRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1,13};
- #endif
- #endif /* NO_RSA */
- #ifdef HAVE_ECC
- #ifndef NO_SHA
- static const byte sigSha1wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 1};
- #endif
- #ifdef WOLFSSL_SHA224
- static const byte sigSha224wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 1};
- #endif
- #ifndef NO_SHA256
- static const byte sigSha256wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 2};
- #endif
- #ifdef WOLFSSL_SHA384
- static const byte sigSha384wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 3};
- #endif
- #ifdef WOLFSSL_SHA512
- static const byte sigSha512wEcdsaOid[] = {42, 134, 72, 206, 61, 4, 3, 4};
- #endif
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- static const byte sigEd25519Oid[] = {43, 101, 112};
- #endif /* HAVE_ED25519 */
- #ifdef HAVE_ED448
- static const byte sigEd448Oid[] = {43, 101, 113};
- #endif /* HAVE_ED448 */
- /* keyType */
- #ifndef NO_DSA
- static const byte keyDsaOid[] = {42, 134, 72, 206, 56, 4, 1};
- #endif /* NO_DSA */
- #ifndef NO_RSA
- static const byte keyRsaOid[] = {42, 134, 72, 134, 247, 13, 1, 1, 1};
- #endif /* NO_RSA */
- #ifdef HAVE_NTRU
- static const byte keyNtruOid[] = {43, 6, 1, 4, 1, 193, 22, 1, 1, 1, 1};
- #endif /* HAVE_NTRU */
- #ifdef HAVE_ECC
- static const byte keyEcdsaOid[] = {42, 134, 72, 206, 61, 2, 1};
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- static const byte keyEd25519Oid[] = {43, 101, 112};
- #endif /* HAVE_ED25519 */
- #ifdef HAVE_ED448
- static const byte keyEd448Oid[] = {43, 101, 113};
- #endif /* HAVE_ED448 */
- #ifndef NO_DH
- static const byte keyDhOid[] = {42, 134, 72, 134, 247, 13, 1, 3, 1};
- #endif /* !NO_DH */
- /* curveType */
- #ifdef HAVE_ECC
- /* See "ecc_sets" table in ecc.c */
- #endif /* HAVE_ECC */
- #ifdef HAVE_AES_CBC
- /* blkType */
- #ifdef WOLFSSL_AES_128
- static const byte blkAes128CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 2};
- #endif
- #ifdef WOLFSSL_AES_192
- static const byte blkAes192CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 22};
- #endif
- #ifdef WOLFSSL_AES_256
- static const byte blkAes256CbcOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 42};
- #endif
- #endif /* HAVE_AES_CBC */
- #ifdef HAVE_AESGCM
- #ifdef WOLFSSL_AES_128
- static const byte blkAes128GcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 6};
- #endif
- #ifdef WOLFSSL_AES_192
- static const byte blkAes192GcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 26};
- #endif
- #ifdef WOLFSSL_AES_256
- static const byte blkAes256GcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 46};
- #endif
- #endif /* HAVE_AESGCM */
- #ifdef HAVE_AESCCM
- #ifdef WOLFSSL_AES_128
- static const byte blkAes128CcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 7};
- #endif
- #ifdef WOLFSSL_AES_192
- static const byte blkAes192CcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 27};
- #endif
- #ifdef WOLFSSL_AES_256
- static const byte blkAes256CcmOid[] = {96, 134, 72, 1, 101, 3, 4, 1, 47};
- #endif
- #endif /* HAVE_AESCCM */
- #ifndef NO_DES3
- static const byte blkDesCbcOid[] = {43, 14, 3, 2, 7};
- static const byte blkDes3CbcOid[] = {42, 134, 72, 134, 247, 13, 3, 7};
- #endif
- /* keyWrapType */
- #ifdef WOLFSSL_AES_128
- static const byte wrapAes128Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 5};
- #endif
- #ifdef WOLFSSL_AES_192
- static const byte wrapAes192Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 25};
- #endif
- #ifdef WOLFSSL_AES_256
- static const byte wrapAes256Oid[] = {96, 134, 72, 1, 101, 3, 4, 1, 45};
- #endif
- #ifdef HAVE_PKCS7
- /* From RFC 3211 */
- static const byte wrapPwriKekOid[] = {42, 134, 72, 134, 247, 13, 1, 9, 16, 3,9};
- #endif
- /* cmsKeyAgreeType */
- #ifndef NO_SHA
- static const byte dhSinglePass_stdDH_sha1kdf_Oid[] =
- {43, 129, 5, 16, 134, 72, 63, 0, 2};
- #endif
- #ifdef WOLFSSL_SHA224
- static const byte dhSinglePass_stdDH_sha224kdf_Oid[] = {43, 129, 4, 1, 11, 0};
- #endif
- #ifndef NO_SHA256
- static const byte dhSinglePass_stdDH_sha256kdf_Oid[] = {43, 129, 4, 1, 11, 1};
- #endif
- #ifdef WOLFSSL_SHA384
- static const byte dhSinglePass_stdDH_sha384kdf_Oid[] = {43, 129, 4, 1, 11, 2};
- #endif
- #ifdef WOLFSSL_SHA512
- static const byte dhSinglePass_stdDH_sha512kdf_Oid[] = {43, 129, 4, 1, 11, 3};
- #endif
- /* ocspType */
- #ifdef HAVE_OCSP
- static const byte ocspBasicOid[] = {43, 6, 1, 5, 5, 7, 48, 1, 1};
- static const byte ocspNonceOid[] = {43, 6, 1, 5, 5, 7, 48, 1, 2};
- static const byte ocspNoCheckOid[] = {43, 6, 1, 5, 5, 7, 48, 1, 5};
- #endif /* HAVE_OCSP */
- /* certExtType */
- static const byte extBasicCaOid[] = {85, 29, 19};
- static const byte extAltNamesOid[] = {85, 29, 17};
- static const byte extCrlDistOid[] = {85, 29, 31};
- static const byte extAuthInfoOid[] = {43, 6, 1, 5, 5, 7, 1, 1};
- static const byte extAuthKeyOid[] = {85, 29, 35};
- static const byte extSubjKeyOid[] = {85, 29, 14};
- static const byte extCertPolicyOid[] = {85, 29, 32};
- static const byte extKeyUsageOid[] = {85, 29, 15};
- static const byte extInhibitAnyOid[] = {85, 29, 54};
- static const byte extExtKeyUsageOid[] = {85, 29, 37};
- #ifndef IGNORE_NAME_CONSTRAINTS
- static const byte extNameConsOid[] = {85, 29, 30};
- #endif
- /* certAuthInfoType */
- #ifdef HAVE_OCSP
- static const byte extAuthInfoOcspOid[] = {43, 6, 1, 5, 5, 7, 48, 1};
- #endif
- static const byte extAuthInfoCaIssuerOid[] = {43, 6, 1, 5, 5, 7, 48, 2};
- /* certPolicyType */
- static const byte extCertPolicyAnyOid[] = {85, 29, 32, 0};
- /* certKeyUseType */
- static const byte extAltNamesHwNameOid[] = {43, 6, 1, 5, 5, 7, 8, 4};
- /* certKeyUseType */
- static const byte extExtKeyUsageAnyOid[] = {85, 29, 37, 0};
- static const byte extExtKeyUsageServerAuthOid[] = {43, 6, 1, 5, 5, 7, 3, 1};
- static const byte extExtKeyUsageClientAuthOid[] = {43, 6, 1, 5, 5, 7, 3, 2};
- static const byte extExtKeyUsageCodeSigningOid[] = {43, 6, 1, 5, 5, 7, 3, 3};
- static const byte extExtKeyUsageEmailProtectOid[] = {43, 6, 1, 5, 5, 7, 3, 4};
- static const byte extExtKeyUsageTimestampOid[] = {43, 6, 1, 5, 5, 7, 3, 8};
- static const byte extExtKeyUsageOcspSignOid[] = {43, 6, 1, 5, 5, 7, 3, 9};
- #ifdef WOLFSSL_CERT_REQ
- /* csrAttrType */
- static const byte attrChallengePasswordOid[] = {42, 134, 72, 134, 247, 13, 1, 9, 7};
- static const byte attrSerialNumberOid[] = {85, 4, 5};
- #endif
- /* kdfType */
- static const byte pbkdf2Oid[] = {42, 134, 72, 134, 247, 13, 1, 5, 12};
- /* PKCS5 */
- #if !defined(NO_DES3) && !defined(NO_SHA)
- static const byte pbeSha1Des[] = {42, 134, 72, 134, 247, 13, 1, 5, 10};
- #endif
- static const byte pbes2[] = {42, 134, 72, 134, 247, 13, 1, 5, 13};
- /* PKCS12 */
- #if !defined(NO_RC4) && !defined(NO_SHA)
- static const byte pbeSha1RC4128[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 1};
- #endif
- #if !defined(NO_DES3) && !defined(NO_SHA)
- static const byte pbeSha1Des3[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 3};
- #endif
- #ifdef HAVE_LIBZ
- /* zlib compression */
- static const byte zlibCompress[] = {42, 134, 72, 134, 247, 13, 1, 9, 16, 3, 8};
- #endif
- #ifdef WOLFSSL_APACHE_HTTPD
- /* tlsExtType */
- static const byte tlsFeatureOid[] = {43, 6, 1, 5, 5, 7, 1, 24};
- /* certNameType */
- static const byte dnsSRVOid[] = {43, 6, 1, 5, 5, 7, 8, 7};
- #endif
- /* returns a pointer to the OID string on success and NULL on fail */
- const byte* OidFromId(word32 id, word32 type, word32* oidSz)
- {
- const byte* oid = NULL;
- *oidSz = 0;
- switch (type) {
- case oidHashType:
- switch (id) {
- #ifdef WOLFSSL_MD2
- case MD2h:
- oid = hashMd2hOid;
- *oidSz = sizeof(hashMd2hOid);
- break;
- #endif
- #ifndef NO_MD5
- case MD5h:
- oid = hashMd5hOid;
- *oidSz = sizeof(hashMd5hOid);
- break;
- #endif
- #ifndef NO_SHA
- case SHAh:
- oid = hashSha1hOid;
- *oidSz = sizeof(hashSha1hOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA224
- case SHA224h:
- oid = hashSha224hOid;
- *oidSz = sizeof(hashSha224hOid);
- break;
- #endif
- #ifndef NO_SHA256
- case SHA256h:
- oid = hashSha256hOid;
- *oidSz = sizeof(hashSha256hOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA384
- case SHA384h:
- oid = hashSha384hOid;
- *oidSz = sizeof(hashSha384hOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA512
- case SHA512h:
- oid = hashSha512hOid;
- *oidSz = sizeof(hashSha512hOid);
- break;
- #endif
- default:
- break;
- }
- break;
- case oidSigType:
- switch (id) {
- #if !defined(NO_DSA) && !defined(NO_SHA)
- case CTC_SHAwDSA:
- oid = sigSha1wDsaOid;
- *oidSz = sizeof(sigSha1wDsaOid);
- break;
- case CTC_SHA256wDSA:
- oid = sigSha256wDsaOid;
- *oidSz = sizeof(sigSha256wDsaOid);
- break;
- #endif /* NO_DSA */
- #ifndef NO_RSA
- #ifdef WOLFSSL_MD2
- case CTC_MD2wRSA:
- oid = sigMd2wRsaOid;
- *oidSz = sizeof(sigMd2wRsaOid);
- break;
- #endif
- #ifndef NO_MD5
- case CTC_MD5wRSA:
- oid = sigMd5wRsaOid;
- *oidSz = sizeof(sigMd5wRsaOid);
- break;
- #endif
- #ifndef NO_SHA
- case CTC_SHAwRSA:
- oid = sigSha1wRsaOid;
- *oidSz = sizeof(sigSha1wRsaOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA224
- case CTC_SHA224wRSA:
- oid = sigSha224wRsaOid;
- *oidSz = sizeof(sigSha224wRsaOid);
- break;
- #endif
- #ifndef NO_SHA256
- case CTC_SHA256wRSA:
- oid = sigSha256wRsaOid;
- *oidSz = sizeof(sigSha256wRsaOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA384
- case CTC_SHA384wRSA:
- oid = sigSha384wRsaOid;
- *oidSz = sizeof(sigSha384wRsaOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA512
- case CTC_SHA512wRSA:
- oid = sigSha512wRsaOid;
- *oidSz = sizeof(sigSha512wRsaOid);
- break;
- #endif /* WOLFSSL_SHA512 */
- #endif /* NO_RSA */
- #ifdef HAVE_ECC
- #ifndef NO_SHA
- case CTC_SHAwECDSA:
- oid = sigSha1wEcdsaOid;
- *oidSz = sizeof(sigSha1wEcdsaOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA224
- case CTC_SHA224wECDSA:
- oid = sigSha224wEcdsaOid;
- *oidSz = sizeof(sigSha224wEcdsaOid);
- break;
- #endif
- #ifndef NO_SHA256
- case CTC_SHA256wECDSA:
- oid = sigSha256wEcdsaOid;
- *oidSz = sizeof(sigSha256wEcdsaOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA384
- case CTC_SHA384wECDSA:
- oid = sigSha384wEcdsaOid;
- *oidSz = sizeof(sigSha384wEcdsaOid);
- break;
- #endif
- #ifdef WOLFSSL_SHA512
- case CTC_SHA512wECDSA:
- oid = sigSha512wEcdsaOid;
- *oidSz = sizeof(sigSha512wEcdsaOid);
- break;
- #endif
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- case CTC_ED25519:
- oid = sigEd25519Oid;
- *oidSz = sizeof(sigEd25519Oid);
- break;
- #endif
- #ifdef HAVE_ED448
- case CTC_ED448:
- oid = sigEd448Oid;
- *oidSz = sizeof(sigEd448Oid);
- break;
- #endif
- default:
- break;
- }
- break;
- case oidKeyType:
- switch (id) {
- #ifndef NO_DSA
- case DSAk:
- oid = keyDsaOid;
- *oidSz = sizeof(keyDsaOid);
- break;
- #endif /* NO_DSA */
- #ifndef NO_RSA
- case RSAk:
- oid = keyRsaOid;
- *oidSz = sizeof(keyRsaOid);
- break;
- #endif /* NO_RSA */
- #ifdef HAVE_NTRU
- case NTRUk:
- oid = keyNtruOid;
- *oidSz = sizeof(keyNtruOid);
- break;
- #endif /* HAVE_NTRU */
- #ifdef HAVE_ECC
- case ECDSAk:
- oid = keyEcdsaOid;
- *oidSz = sizeof(keyEcdsaOid);
- break;
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- case ED25519k:
- oid = keyEd25519Oid;
- *oidSz = sizeof(keyEd25519Oid);
- break;
- #endif /* HAVE_ED25519 */
- #ifdef HAVE_ED448
- case ED448k:
- oid = keyEd448Oid;
- *oidSz = sizeof(keyEd448Oid);
- break;
- #endif /* HAVE_ED448 */
- #ifndef NO_DH
- case DHk:
- oid = keyDhOid;
- *oidSz = sizeof(keyDhOid);
- break;
- #endif /* !NO_DH */
- default:
- break;
- }
- break;
- #ifdef HAVE_ECC
- case oidCurveType:
- if (wc_ecc_get_oid(id, &oid, oidSz) < 0) {
- WOLFSSL_MSG("ECC OID not found");
- }
- break;
- #endif /* HAVE_ECC */
- case oidBlkType:
- switch (id) {
- #ifdef HAVE_AES_CBC
- #ifdef WOLFSSL_AES_128
- case AES128CBCb:
- oid = blkAes128CbcOid;
- *oidSz = sizeof(blkAes128CbcOid);
- break;
- #endif
- #ifdef WOLFSSL_AES_192
- case AES192CBCb:
- oid = blkAes192CbcOid;
- *oidSz = sizeof(blkAes192CbcOid);
- break;
- #endif
- #ifdef WOLFSSL_AES_256
- case AES256CBCb:
- oid = blkAes256CbcOid;
- *oidSz = sizeof(blkAes256CbcOid);
- break;
- #endif
- #endif /* HAVE_AES_CBC */
- #ifdef HAVE_AESGCM
- #ifdef WOLFSSL_AES_128
- case AES128GCMb:
- oid = blkAes128GcmOid;
- *oidSz = sizeof(blkAes128GcmOid);
- break;
- #endif
- #ifdef WOLFSSL_AES_192
- case AES192GCMb:
- oid = blkAes192GcmOid;
- *oidSz = sizeof(blkAes192GcmOid);
- break;
- #endif
- #ifdef WOLFSSL_AES_256
- case AES256GCMb:
- oid = blkAes256GcmOid;
- *oidSz = sizeof(blkAes256GcmOid);
- break;
- #endif
- #endif /* HAVE_AESGCM */
- #ifdef HAVE_AESCCM
- #ifdef WOLFSSL_AES_128
- case AES128CCMb:
- oid = blkAes128CcmOid;
- *oidSz = sizeof(blkAes128CcmOid);
- break;
- #endif
- #ifdef WOLFSSL_AES_192
- case AES192CCMb:
- oid = blkAes192CcmOid;
- *oidSz = sizeof(blkAes192CcmOid);
- break;
- #endif
- #ifdef WOLFSSL_AES_256
- case AES256CCMb:
- oid = blkAes256CcmOid;
- *oidSz = sizeof(blkAes256CcmOid);
- break;
- #endif
- #endif /* HAVE_AESCCM */
- #ifndef NO_DES3
- case DESb:
- oid = blkDesCbcOid;
- *oidSz = sizeof(blkDesCbcOid);
- break;
- case DES3b:
- oid = blkDes3CbcOid;
- *oidSz = sizeof(blkDes3CbcOid);
- break;
- #endif /* !NO_DES3 */
- default:
- break;
- }
- break;
- #ifdef HAVE_OCSP
- case oidOcspType:
- switch (id) {
- case OCSP_BASIC_OID:
- oid = ocspBasicOid;
- *oidSz = sizeof(ocspBasicOid);
- break;
- case OCSP_NONCE_OID:
- oid = ocspNonceOid;
- *oidSz = sizeof(ocspNonceOid);
- break;
- default:
- break;
- }
- break;
- #endif /* HAVE_OCSP */
- case oidCertExtType:
- switch (id) {
- case BASIC_CA_OID:
- oid = extBasicCaOid;
- *oidSz = sizeof(extBasicCaOid);
- break;
- case ALT_NAMES_OID:
- oid = extAltNamesOid;
- *oidSz = sizeof(extAltNamesOid);
- break;
- case CRL_DIST_OID:
- oid = extCrlDistOid;
- *oidSz = sizeof(extCrlDistOid);
- break;
- case AUTH_INFO_OID:
- oid = extAuthInfoOid;
- *oidSz = sizeof(extAuthInfoOid);
- break;
- case AUTH_KEY_OID:
- oid = extAuthKeyOid;
- *oidSz = sizeof(extAuthKeyOid);
- break;
- case SUBJ_KEY_OID:
- oid = extSubjKeyOid;
- *oidSz = sizeof(extSubjKeyOid);
- break;
- case CERT_POLICY_OID:
- oid = extCertPolicyOid;
- *oidSz = sizeof(extCertPolicyOid);
- break;
- case KEY_USAGE_OID:
- oid = extKeyUsageOid;
- *oidSz = sizeof(extKeyUsageOid);
- break;
- case INHIBIT_ANY_OID:
- oid = extInhibitAnyOid;
- *oidSz = sizeof(extInhibitAnyOid);
- break;
- case EXT_KEY_USAGE_OID:
- oid = extExtKeyUsageOid;
- *oidSz = sizeof(extExtKeyUsageOid);
- break;
- #ifndef IGNORE_NAME_CONSTRAINTS
- case NAME_CONS_OID:
- oid = extNameConsOid;
- *oidSz = sizeof(extNameConsOid);
- break;
- #endif
- #ifdef HAVE_OCSP
- case OCSP_NOCHECK_OID:
- oid = ocspNoCheckOid;
- *oidSz = sizeof(ocspNoCheckOid);
- break;
- #endif
- default:
- break;
- }
- break;
- case oidCrlExtType:
- #ifdef HAVE_CRL
- switch (id) {
- case AUTH_KEY_OID:
- oid = extAuthKeyOid;
- *oidSz = sizeof(extAuthKeyOid);
- break;
- default:
- break;
- }
- #endif
- break;
- case oidCertAuthInfoType:
- switch (id) {
- #ifdef HAVE_OCSP
- case AIA_OCSP_OID:
- oid = extAuthInfoOcspOid;
- *oidSz = sizeof(extAuthInfoOcspOid);
- break;
- #endif
- case AIA_CA_ISSUER_OID:
- oid = extAuthInfoCaIssuerOid;
- *oidSz = sizeof(extAuthInfoCaIssuerOid);
- break;
- default:
- break;
- }
- break;
- case oidCertPolicyType:
- switch (id) {
- case CP_ANY_OID:
- oid = extCertPolicyAnyOid;
- *oidSz = sizeof(extCertPolicyAnyOid);
- break;
- default:
- break;
- }
- break;
- case oidCertAltNameType:
- switch (id) {
- case HW_NAME_OID:
- oid = extAltNamesHwNameOid;
- *oidSz = sizeof(extAltNamesHwNameOid);
- break;
- default:
- break;
- }
- break;
- case oidCertKeyUseType:
- switch (id) {
- case EKU_ANY_OID:
- oid = extExtKeyUsageAnyOid;
- *oidSz = sizeof(extExtKeyUsageAnyOid);
- break;
- case EKU_SERVER_AUTH_OID:
- oid = extExtKeyUsageServerAuthOid;
- *oidSz = sizeof(extExtKeyUsageServerAuthOid);
- break;
- case EKU_CLIENT_AUTH_OID:
- oid = extExtKeyUsageClientAuthOid;
- *oidSz = sizeof(extExtKeyUsageClientAuthOid);
- break;
- case EKU_CODESIGNING_OID:
- oid = extExtKeyUsageCodeSigningOid;
- *oidSz = sizeof(extExtKeyUsageCodeSigningOid);
- break;
- case EKU_EMAILPROTECT_OID:
- oid = extExtKeyUsageEmailProtectOid;
- *oidSz = sizeof(extExtKeyUsageEmailProtectOid);
- break;
- case EKU_TIMESTAMP_OID:
- oid = extExtKeyUsageTimestampOid;
- *oidSz = sizeof(extExtKeyUsageTimestampOid);
- break;
- case EKU_OCSP_SIGN_OID:
- oid = extExtKeyUsageOcspSignOid;
- *oidSz = sizeof(extExtKeyUsageOcspSignOid);
- break;
- default:
- break;
- }
- break;
- case oidKdfType:
- switch (id) {
- case PBKDF2_OID:
- oid = pbkdf2Oid;
- *oidSz = sizeof(pbkdf2Oid);
- break;
- default:
- break;
- }
- break;
- case oidPBEType:
- switch (id) {
- #if !defined(NO_SHA) && !defined(NO_RC4)
- case PBE_SHA1_RC4_128:
- oid = pbeSha1RC4128;
- *oidSz = sizeof(pbeSha1RC4128);
- break;
- #endif
- #if !defined(NO_SHA) && !defined(NO_DES3)
- case PBE_SHA1_DES:
- oid = pbeSha1Des;
- *oidSz = sizeof(pbeSha1Des);
- break;
- #endif
- #if !defined(NO_SHA) && !defined(NO_DES3)
- case PBE_SHA1_DES3:
- oid = pbeSha1Des3;
- *oidSz = sizeof(pbeSha1Des3);
- break;
- #endif
- case PBES2:
- oid = pbes2;
- *oidSz = sizeof(pbes2);
- break;
- default:
- break;
- }
- break;
- case oidKeyWrapType:
- switch (id) {
- #ifdef WOLFSSL_AES_128
- case AES128_WRAP:
- oid = wrapAes128Oid;
- *oidSz = sizeof(wrapAes128Oid);
- break;
- #endif
- #ifdef WOLFSSL_AES_192
- case AES192_WRAP:
- oid = wrapAes192Oid;
- *oidSz = sizeof(wrapAes192Oid);
- break;
- #endif
- #ifdef WOLFSSL_AES_256
- case AES256_WRAP:
- oid = wrapAes256Oid;
- *oidSz = sizeof(wrapAes256Oid);
- break;
- #endif
- #ifdef HAVE_PKCS7
- case PWRI_KEK_WRAP:
- oid = wrapPwriKekOid;
- *oidSz = sizeof(wrapPwriKekOid);
- break;
- #endif
- default:
- break;
- }
- break;
- case oidCmsKeyAgreeType:
- switch (id) {
- #ifndef NO_SHA
- case dhSinglePass_stdDH_sha1kdf_scheme:
- oid = dhSinglePass_stdDH_sha1kdf_Oid;
- *oidSz = sizeof(dhSinglePass_stdDH_sha1kdf_Oid);
- break;
- #endif
- #ifdef WOLFSSL_SHA224
- case dhSinglePass_stdDH_sha224kdf_scheme:
- oid = dhSinglePass_stdDH_sha224kdf_Oid;
- *oidSz = sizeof(dhSinglePass_stdDH_sha224kdf_Oid);
- break;
- #endif
- #ifndef NO_SHA256
- case dhSinglePass_stdDH_sha256kdf_scheme:
- oid = dhSinglePass_stdDH_sha256kdf_Oid;
- *oidSz = sizeof(dhSinglePass_stdDH_sha256kdf_Oid);
- break;
- #endif
- #ifdef WOLFSSL_SHA384
- case dhSinglePass_stdDH_sha384kdf_scheme:
- oid = dhSinglePass_stdDH_sha384kdf_Oid;
- *oidSz = sizeof(dhSinglePass_stdDH_sha384kdf_Oid);
- break;
- #endif
- #ifdef WOLFSSL_SHA512
- case dhSinglePass_stdDH_sha512kdf_scheme:
- oid = dhSinglePass_stdDH_sha512kdf_Oid;
- *oidSz = sizeof(dhSinglePass_stdDH_sha512kdf_Oid);
- break;
- #endif
- default:
- break;
- }
- break;
- #ifndef NO_HMAC
- case oidHmacType:
- switch (id) {
- #ifdef WOLFSSL_SHA224
- case HMAC_SHA224_OID:
- oid = hmacSha224Oid;
- *oidSz = sizeof(hmacSha224Oid);
- break;
- #endif
- #ifndef NO_SHA256
- case HMAC_SHA256_OID:
- oid = hmacSha256Oid;
- *oidSz = sizeof(hmacSha256Oid);
- break;
- #endif
- #ifdef WOLFSSL_SHA384
- case HMAC_SHA384_OID:
- oid = hmacSha384Oid;
- *oidSz = sizeof(hmacSha384Oid);
- break;
- #endif
- #ifdef WOLFSSL_SHA512
- case HMAC_SHA512_OID:
- oid = hmacSha512Oid;
- *oidSz = sizeof(hmacSha512Oid);
- break;
- #endif
- default:
- break;
- }
- break;
- #endif /* !NO_HMAC */
- #ifdef HAVE_LIBZ
- case oidCompressType:
- switch (id) {
- case ZLIBc:
- oid = zlibCompress;
- *oidSz = sizeof(zlibCompress);
- break;
- default:
- break;
- }
- break;
- #endif /* HAVE_LIBZ */
- #ifdef WOLFSSL_APACHE_HTTPD
- case oidCertNameType:
- switch (id) {
- case NID_id_on_dnsSRV:
- oid = dnsSRVOid;
- *oidSz = sizeof(dnsSRVOid);
- break;
- default:
- break;
- }
- break;
- case oidTlsExtType:
- switch (id) {
- case TLS_FEATURE_OID:
- oid = tlsFeatureOid;
- *oidSz = sizeof(tlsFeatureOid);
- break;
- default:
- break;
- }
- break;
- #endif /* WOLFSSL_APACHE_HTTPD */
- #ifdef WOLFSSL_CERT_REQ
- case oidCsrAttrType:
- switch (id) {
- case CHALLENGE_PASSWORD_OID:
- oid = attrChallengePasswordOid;
- *oidSz = sizeof(attrChallengePasswordOid);
- break;
- case SERIAL_NUMBER_OID:
- oid = attrSerialNumberOid;
- *oidSz = sizeof(attrSerialNumberOid);
- break;
- default:
- break;
- }
- break;
- #endif
- case oidIgnoreType:
- default:
- break;
- }
- return oid;
- }
- #ifdef HAVE_OID_ENCODING
- int EncodeObjectId(const word16* in, word32 inSz, byte* out, word32* outSz)
- {
- int i, x, len;
- word32 d, t;
- /* check args */
- if (in == NULL || outSz == NULL) {
- return BAD_FUNC_ARG;
- }
- /* compute length of encoded OID */
- d = (in[0] * 40) + in[1];
- len = 0;
- for (i = 1; i < (int)inSz; i++) {
- x = 0;
- t = d;
- while (t) {
- x++;
- t >>= 1;
- }
- len += (x / 7) + ((x % 7) ? 1 : 0) + (d == 0 ? 1 : 0);
- if (i < (int)inSz - 1) {
- d = in[i + 1];
- }
- }
- if (out) {
- /* verify length */
- if ((int)*outSz < len) {
- return BUFFER_E; /* buffer provided is not large enough */
- }
- /* calc first byte */
- d = (in[0] * 40) + in[1];
- /* encode bytes */
- x = 0;
- for (i = 1; i < (int)inSz; i++) {
- if (d) {
- int y = x, z;
- byte mask = 0;
- while (d) {
- out[x++] = (byte)((d & 0x7F) | mask);
- d >>= 7;
- mask |= 0x80; /* upper bit is set on all but the last byte */
- }
- /* now swap bytes y...x-1 */
- z = x - 1;
- while (y < z) {
- mask = out[y];
- out[y] = out[z];
- out[z] = mask;
- ++y;
- --z;
- }
- }
- else {
- out[x++] = 0x00; /* zero value */
- }
- /* next word */
- if (i < (int)inSz - 1) {
- d = in[i + 1];
- }
- }
- }
- /* return length */
- *outSz = len;
- return 0;
- }
- #endif /* HAVE_OID_ENCODING */
- #ifdef HAVE_OID_DECODING
- int DecodeObjectId(const byte* in, word32 inSz, word16* out, word32* outSz)
- {
- int x = 0, y = 0;
- word32 t = 0;
- /* check args */
- if (in == NULL || outSz == NULL) {
- return BAD_FUNC_ARG;
- }
- /* decode bytes */
- while (inSz--) {
- t = (t << 7) | (in[x] & 0x7F);
- if (!(in[x] & 0x80)) {
- if (y >= (int)*outSz) {
- return BUFFER_E;
- }
- if (y == 0) {
- out[0] = (t / 40);
- out[1] = (t % 40);
- y = 2;
- }
- else {
- out[y++] = t;
- }
- t = 0; /* reset tmp */
- }
- x++;
- }
- /* return length */
- *outSz = y;
- return 0;
- }
- #endif /* HAVE_OID_DECODING */
- /* Get the DER/BER encoding of an ASN.1 OBJECT_ID header.
- *
- * input Buffer holding DER/BER encoded data.
- * inOutIdx Current index into buffer to parse.
- * len The number of bytes in the ASN.1 data.
- * maxIdx Length of data in buffer.
- * returns BUFFER_E when there is not enough data to parse.
- * ASN_OBJECt_ID_E when the OBJECT_ID tag is not found.
- * ASN_PARSE_E when length is invalid.
- * Otherwise, 0 to indicate success.
- */
- int GetASNObjectId(const byte* input, word32* inOutIdx, int* len,
- word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- int length;
- byte tag;
- if ((idx + 1) > maxIdx)
- return BUFFER_E;
- if (GetASNTag(input, &idx, &tag, maxIdx) != 0)
- return ASN_PARSE_E;
- if (tag != ASN_OBJECT_ID)
- return ASN_OBJECT_ID_E;
- if (GetLength(input, &idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- *len = length;
- *inOutIdx = idx;
- return 0;
- }
- /* Set the DER/BER encoding of the ASN.1 OBJECT_ID header.
- *
- * len Length of the OBJECT_ID data.
- * output Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
- int SetObjectId(int len, byte* output)
- {
- int idx = 0;
- if (output)
- output[idx++] = ASN_OBJECT_ID;
- else
- idx++;
- idx += SetLength(len, output ? output + idx : NULL);
- return idx;
- }
- int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
- word32 oidType, word32 maxIdx)
- {
- int ret = 0, length;
- word32 idx = *inOutIdx;
- #ifndef NO_VERIFY_OID
- word32 actualOidSz = 0;
- const byte* actualOid;
- #endif /* NO_VERIFY_OID */
- (void)oidType;
- WOLFSSL_ENTER("GetObjectId()");
- *oid = 0;
- ret = GetASNObjectId(input, &idx, &length, maxIdx);
- if (ret != 0)
- return ret;
- #ifndef NO_VERIFY_OID
- actualOid = &input[idx];
- if (length > 0)
- actualOidSz = (word32)length;
- #endif /* NO_VERIFY_OID */
- while (length--) {
- /* odd HC08 compiler behavior here when input[idx++] */
- *oid += (word32)input[idx];
- idx++;
- }
- /* just sum it up for now */
- *inOutIdx = idx;
- #ifndef NO_VERIFY_OID
- {
- const byte* checkOid = NULL;
- word32 checkOidSz;
- #ifdef ASN_DUMP_OID
- word32 i;
- #endif
- if (oidType != oidIgnoreType) {
- checkOid = OidFromId(*oid, oidType, &checkOidSz);
- #ifdef ASN_DUMP_OID
- /* support for dumping OID information */
- printf("OID (Type %d, Sz %d, Sum %d): ", oidType, actualOidSz, *oid);
- for (i=0; i<actualOidSz; i++) {
- printf("%d, ", actualOid[i]);
- }
- printf("\n");
- #ifdef HAVE_OID_DECODING
- {
- word16 decOid[16];
- word32 decOidSz = sizeof(decOid);
- ret = DecodeObjectId(actualOid, actualOidSz, decOid, &decOidSz);
- if (ret == 0) {
- printf(" Decoded (Sz %d): ", decOidSz);
- for (i=0; i<decOidSz; i++) {
- printf("%d.", decOid[i]);
- }
- printf("\n");
- }
- else {
- printf("DecodeObjectId failed: %d\n", ret);
- }
- }
- #endif /* HAVE_OID_DECODING */
- #endif /* ASN_DUMP_OID */
- if (checkOid != NULL &&
- (checkOidSz != actualOidSz ||
- XMEMCMP(actualOid, checkOid, checkOidSz) != 0)) {
- WOLFSSL_MSG("OID Check Failed");
- return ASN_UNKNOWN_OID_E;
- }
- }
- }
- #endif /* NO_VERIFY_OID */
- return ret;
- }
- static int SkipObjectId(const byte* input, word32* inOutIdx, word32 maxIdx)
- {
- word32 idx = *inOutIdx;
- int length;
- int ret;
- ret = GetASNObjectId(input, &idx, &length, maxIdx);
- if (ret != 0)
- return ret;
- idx += length;
- *inOutIdx = idx;
- return 0;
- }
- int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
- word32 oidType, word32 maxIdx)
- {
- int length;
- word32 idx = *inOutIdx;
- int ret;
- *oid = 0;
- WOLFSSL_ENTER("GetAlgoId");
- if (GetSequence(input, &idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- if (GetObjectId(input, &idx, oid, oidType, maxIdx) < 0)
- return ASN_OBJECT_ID_E;
- /* could have NULL tag and 0 terminator, but may not */
- if (idx < maxIdx) {
- word32 localIdx = idx; /*use localIdx to not advance when checking tag*/
- byte tag;
- if (GetASNTag(input, &localIdx, &tag, maxIdx) == 0) {
- if (tag == ASN_TAG_NULL) {
- ret = GetASNNull(input, &idx, maxIdx);
- if (ret != 0)
- return ret;
- }
- }
- }
- *inOutIdx = idx;
- return 0;
- }
- #ifndef NO_RSA
- #ifndef HAVE_USER_RSA
- int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
- word32 inSz)
- {
- int version, length;
- if (inOutIdx == NULL || input == NULL || key == NULL) {
- return BAD_FUNC_ARG;
- }
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetMyVersion(input, inOutIdx, &version, inSz) < 0)
- return ASN_PARSE_E;
- key->type = RSA_PRIVATE;
- if (GetInt(&key->n, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->e, input, inOutIdx, inSz) < 0 ||
- #ifndef WOLFSSL_RSA_PUBLIC_ONLY
- GetInt(&key->d, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->q, input, inOutIdx, inSz) < 0)
- #else
- SkipInt(input, inOutIdx, inSz) < 0 ||
- SkipInt(input, inOutIdx, inSz) < 0 ||
- SkipInt(input, inOutIdx, inSz) < 0 )
- #endif
- return ASN_RSA_KEY_E;
- #if (defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA) || !defined(RSA_LOW_MEM)) \
- && !defined(WOLFSSL_RSA_PUBLIC_ONLY)
- if (GetInt(&key->dP, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->dQ, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->u, input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
- #else
- if (SkipInt(input, inOutIdx, inSz) < 0 ||
- SkipInt(input, inOutIdx, inSz) < 0 ||
- SkipInt(input, inOutIdx, inSz) < 0 ) return ASN_RSA_KEY_E;
- #endif
- #if defined(WOLFSSL_XILINX_CRYPT) || defined(WOLFSSL_CRYPTOCELL)
- if (wc_InitRsaHw(key) != 0) {
- return BAD_STATE_E;
- }
- #endif
- return 0;
- }
- #endif /* HAVE_USER_RSA */
- #endif /* NO_RSA */
- #if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
- /* Remove PKCS8 header, place inOutIdx at beginning of traditional,
- * return traditional length on success, negative on error */
- int ToTraditionalInline_ex(const byte* input, word32* inOutIdx, word32 sz,
- word32* algId)
- {
- word32 idx;
- int version, length;
- int ret;
- byte tag;
- if (input == NULL || inOutIdx == NULL)
- return BAD_FUNC_ARG;
- idx = *inOutIdx;
- if (GetSequence(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (GetMyVersion(input, &idx, &version, sz) < 0)
- return ASN_PARSE_E;
- if (GetAlgoId(input, &idx, algId, oidKeyType, sz) < 0)
- return ASN_PARSE_E;
- if (GetASNTag(input, &idx, &tag, sz) < 0)
- return ASN_PARSE_E;
- idx = idx - 1; /* reset idx after finding tag */
- if (tag == ASN_OBJECT_ID) {
- if (SkipObjectId(input, &idx, sz) < 0)
- return ASN_PARSE_E;
- }
- ret = GetOctetString(input, &idx, &length, sz);
- if (ret < 0) {
- if (ret == BUFFER_E)
- return ASN_PARSE_E;
- /* Some private keys don't expect an octet string */
- WOLFSSL_MSG("Couldn't find Octet string");
- }
- *inOutIdx = idx;
- return length;
- }
- int ToTraditionalInline(const byte* input, word32* inOutIdx, word32 sz)
- {
- word32 oid;
- return ToTraditionalInline_ex(input, inOutIdx, sz, &oid);
- }
- /* Remove PKCS8 header, move beginning of traditional to beginning of input */
- int ToTraditional_ex(byte* input, word32 sz, word32* algId)
- {
- word32 inOutIdx = 0;
- int length;
- if (input == NULL)
- return BAD_FUNC_ARG;
- length = ToTraditionalInline_ex(input, &inOutIdx, sz, algId);
- if (length < 0)
- return length;
- if (length + inOutIdx > sz)
- return BUFFER_E;
- XMEMMOVE(input, input + inOutIdx, length);
- return length;
- }
- int ToTraditional(byte* input, word32 sz)
- {
- word32 oid;
- return ToTraditional_ex(input, sz, &oid);
- }
- #endif /* HAVE_PKCS8 || HAVE_PKCS12 */
- #if defined(HAVE_PKCS8) && !defined(NO_CERTS)
- /* find beginning of traditional key inside PKCS#8 unencrypted buffer
- * return traditional length on success, with inOutIdx at beginning of
- * traditional
- * return negative on failure/error */
- int wc_GetPkcs8TraditionalOffset(byte* input, word32* inOutIdx, word32 sz)
- {
- int length;
- word32 algId;
- if (input == NULL || inOutIdx == NULL || (*inOutIdx > sz))
- return BAD_FUNC_ARG;
- length = ToTraditionalInline_ex(input, inOutIdx, sz, &algId);
- return length;
- }
- /* PKCS#8 from RFC 5208
- * This function takes in a DER key and converts it to PKCS#8 format. Used
- * in creating PKCS#12 shrouded key bags.
- * Reverse of ToTraditional
- *
- * PrivateKeyInfo ::= SEQUENCE {
- * version Version,
- * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
- * privateKey PrivateKey,
- * attributes optional
- * }
- * Version ::= INTEGER
- * PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
- * PrivateKey ::= OCTET STRING
- *
- * out buffer to place result in
- * outSz size of out buffer
- * key buffer with DER key
- * keySz size of key buffer
- * algoID algorithm ID i.e. RSAk
- * curveOID ECC curve oid if used. Should be NULL for RSA keys.
- * oidSz size of curve oid. Is set to 0 if curveOID is NULL.
- *
- * Returns the size of PKCS#8 placed into out. In error cases returns negative
- * values.
- */
- int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
- int algoID, const byte* curveOID, word32 oidSz)
- {
- word32 keyIdx = 0;
- word32 tmpSz = 0;
- word32 sz;
- /* If out is NULL then return the max size needed
- * + 2 for ASN_OBJECT_ID and ASN_OCTET_STRING tags */
- if (out == NULL && outSz != NULL) {
- *outSz = keySz + MAX_SEQ_SZ + MAX_VERSION_SZ + MAX_ALGO_SZ
- + MAX_LENGTH_SZ + MAX_LENGTH_SZ + 2;
- if (curveOID != NULL)
- *outSz += oidSz + MAX_LENGTH_SZ + 1;
- WOLFSSL_MSG("Checking size of PKCS8");
- return LENGTH_ONLY_E;
- }
- WOLFSSL_ENTER("wc_CreatePKCS8Key()");
- if (key == NULL || out == NULL || outSz == NULL) {
- return BAD_FUNC_ARG;
- }
- /* check the buffer has enough room for largest possible size */
- if (curveOID != NULL) {
- if (*outSz < (keySz + MAX_SEQ_SZ + MAX_VERSION_SZ + MAX_ALGO_SZ
- + MAX_LENGTH_SZ + MAX_LENGTH_SZ + 3 + oidSz + MAX_LENGTH_SZ))
- return BUFFER_E;
- }
- else {
- oidSz = 0; /* with no curveOID oid size must be 0 */
- if (*outSz < (keySz + MAX_SEQ_SZ + MAX_VERSION_SZ + MAX_ALGO_SZ
- + MAX_LENGTH_SZ + MAX_LENGTH_SZ + 2))
- return BUFFER_E;
- }
- /* PrivateKeyInfo ::= SEQUENCE */
- keyIdx += MAX_SEQ_SZ; /* save room for sequence */
- /* version Version
- * no header information just INTEGER */
- sz = SetMyVersion(PKCS8v0, out + keyIdx, 0);
- tmpSz += sz; keyIdx += sz;
- /* privateKeyAlgorithm PrivateKeyAlgorithmIdentifier */
- sz = 0; /* set sz to 0 and get privateKey oid buffer size needed */
- if (curveOID != NULL && oidSz > 0) {
- byte buf[MAX_LENGTH_SZ];
- sz = SetLength(oidSz, buf);
- sz += 1; /* plus one for ASN object id */
- }
- sz = SetAlgoID(algoID, out + keyIdx, oidKeyType, oidSz + sz);
- tmpSz += sz; keyIdx += sz;
- /* privateKey PrivateKey *
- * pkcs8 ecc uses slightly different format. Places curve oid in
- * buffer */
- if (curveOID != NULL && oidSz > 0) {
- sz = SetObjectId(oidSz, out + keyIdx);
- keyIdx += sz; tmpSz += sz;
- XMEMCPY(out + keyIdx, curveOID, oidSz);
- keyIdx += oidSz; tmpSz += oidSz;
- }
- sz = SetOctetString(keySz, out + keyIdx);
- keyIdx += sz; tmpSz += sz;
- XMEMCPY(out + keyIdx, key, keySz);
- tmpSz += keySz;
- /* attributes optional
- * No attributes currently added */
- /* rewind and add sequence */
- sz = SetSequence(tmpSz, out);
- XMEMMOVE(out + sz, out + MAX_SEQ_SZ, tmpSz);
- return tmpSz + sz;
- }
- #endif /* HAVE_PKCS8 && !NO_CERTS */
- #if defined(HAVE_PKCS12) || !defined(NO_CHECK_PRIVATE_KEY)
- /* check that the private key is a pair for the public key
- * return 1 (true) on match
- * return 0 or negative value on failure/error
- *
- * privKey : buffer holding DER format private key
- * privKeySz : size of private key buffer
- * pubKey : buffer holding DER format public key
- * pubKeySz : size of public key buffer
- * ks : type of key */
- int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
- const byte* pubKey, word32 pubKeySz, enum Key_Sum ks)
- {
- int ret;
- (void)privKeySz;
- (void)pubKeySz;
- (void)ks;
- if (privKey == NULL || pubKey == NULL) {
- return BAD_FUNC_ARG;
- }
- #if !defined(NO_RSA) && !defined(NO_ASN_CRYPT)
- /* test if RSA key */
- if (ks == RSAk) {
- #ifdef WOLFSSL_SMALL_STACK
- RsaKey* a;
- RsaKey* b = NULL;
- #else
- RsaKey a[1], b[1];
- #endif
- word32 keyIdx = 0;
- #ifdef WOLFSSL_SMALL_STACK
- a = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
- if (a == NULL)
- return MEMORY_E;
- b = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA);
- if (b == NULL) {
- XFREE(a, NULL, DYNAMIC_TYPE_RSA);
- return MEMORY_E;
- }
- #endif
- if ((ret = wc_InitRsaKey(a, NULL)) < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(b, NULL, DYNAMIC_TYPE_RSA);
- XFREE(a, NULL, DYNAMIC_TYPE_RSA);
- #endif
- return ret;
- }
- if ((ret = wc_InitRsaKey(b, NULL)) < 0) {
- wc_FreeRsaKey(a);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(b, NULL, DYNAMIC_TYPE_RSA);
- XFREE(a, NULL, DYNAMIC_TYPE_RSA);
- #endif
- return ret;
- }
- if ((ret = wc_RsaPrivateKeyDecode(privKey, &keyIdx, a, privKeySz)) == 0) {
- WOLFSSL_MSG("Checking RSA key pair");
- keyIdx = 0; /* reset to 0 for parsing public key */
- if ((ret = wc_RsaPublicKeyDecode(pubKey, &keyIdx, b,
- pubKeySz)) == 0) {
- /* limit for user RSA crypto because of RsaKey
- * dereference. */
- #if defined(HAVE_USER_RSA)
- WOLFSSL_MSG("Cannot verify RSA pair with user RSA");
- ret = 1; /* return first RSA cert as match */
- #else
- /* both keys extracted successfully now check n and e
- * values are the same. This is dereferencing RsaKey */
- if (mp_cmp(&(a->n), &(b->n)) != MP_EQ ||
- mp_cmp(&(a->e), &(b->e)) != MP_EQ) {
- ret = MP_CMP_E;
- }
- else
- ret = 1;
- #endif
- }
- }
- wc_FreeRsaKey(b);
- wc_FreeRsaKey(a);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(b, NULL, DYNAMIC_TYPE_RSA);
- XFREE(a, NULL, DYNAMIC_TYPE_RSA);
- #endif
- }
- else
- #endif /* !NO_RSA && !NO_ASN_CRYPT */
- #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT)
- if (ks == ECDSAk) {
- #ifdef WOLFSSL_SMALL_STACK
- ecc_key* key_pair;
- byte* privDer;
- #else
- ecc_key key_pair[1];
- byte privDer[MAX_ECC_BYTES];
- #endif
- word32 privSz = MAX_ECC_BYTES;
- word32 keyIdx = 0;
- #ifdef WOLFSSL_SMALL_STACK
- key_pair = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC);
- if (key_pair == NULL)
- return MEMORY_E;
- privDer = (byte*)XMALLOC(MAX_ECC_BYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (privDer == NULL) {
- XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
- return MEMORY_E;
- }
- #endif
- if ((ret = wc_ecc_init(key_pair)) < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
- #endif
- return ret;
- }
- if ((ret = wc_EccPrivateKeyDecode(privKey, &keyIdx, key_pair,
- privKeySz)) == 0) {
- WOLFSSL_MSG("Checking ECC key pair");
- if ((ret = wc_ecc_export_private_only(key_pair, privDer, &privSz))
- == 0) {
- wc_ecc_free(key_pair);
- ret = wc_ecc_init(key_pair);
- if (ret == 0) {
- ret = wc_ecc_import_private_key(privDer,
- privSz, pubKey,
- pubKeySz, key_pair);
- }
- /* public and private extracted successfully now check if is
- * a pair and also do sanity checks on key. wc_ecc_check_key
- * checks that private * base generator equals pubkey */
- if (ret == 0) {
- if ((ret = wc_ecc_check_key(key_pair)) == 0) {
- ret = 1;
- }
- }
- ForceZero(privDer, privSz);
- }
- }
- wc_ecc_free(key_pair);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(privDer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(key_pair, NULL, DYNAMIC_TYPE_ECC);
- #endif
- }
- else
- #endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT && !NO_ASN_CRYPT */
- #if defined(HAVE_ED25519) && !defined(NO_ASN_CRYPT)
- if (ks == ED25519k) {
- #ifdef WOLFSSL_SMALL_STACK
- ed25519_key* key_pair;
- #else
- ed25519_key key_pair[1];
- #endif
- word32 keyIdx = 0;
- #ifdef WOLFSSL_SMALL_STACK
- key_pair = (ed25519_key*)XMALLOC(sizeof(ed25519_key), NULL,
- DYNAMIC_TYPE_ED25519);
- if (key_pair == NULL)
- return MEMORY_E;
- #endif
- if ((ret = wc_ed25519_init(key_pair)) < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519);
- #endif
- return ret;
- }
- if ((ret = wc_Ed25519PrivateKeyDecode(privKey, &keyIdx, key_pair,
- privKeySz)) == 0) {
- WOLFSSL_MSG("Checking ED25519 key pair");
- keyIdx = 0;
- if ((ret = wc_ed25519_import_public(pubKey, pubKeySz,
- key_pair)) == 0) {
- /* public and private extracted successfully no check if is
- * a pair and also do sanity checks on key. wc_ecc_check_key
- * checks that private * base generator equals pubkey */
- if ((ret = wc_ed25519_check_key(key_pair)) == 0)
- ret = 1;
- }
- }
- wc_ed25519_free(key_pair);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(key_pair, NULL, DYNAMIC_TYPE_ED25519);
- #endif
- }
- else
- #endif /* HAVE_ED25519 && !NO_ASN_CRYPT */
- #if defined(HAVE_ED448) && !defined(NO_ASN_CRYPT)
- if (ks == ED448k) {
- #ifdef WOLFSSL_SMALL_STACK
- ed448_key* key_pair = NULL;
- #else
- ed448_key key_pair[1];
- #endif
- word32 keyIdx = 0;
- #ifdef WOLFSSL_SMALL_STACK
- key_pair = (ed448_key*)XMALLOC(sizeof(ed448_key), NULL,
- DYNAMIC_TYPE_ED448);
- if (key_pair == NULL)
- return MEMORY_E;
- #endif
- if ((ret = wc_ed448_init(key_pair)) < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(key_pair, NULL, DYNAMIC_TYPE_ED448);
- #endif
- return ret;
- }
- if ((ret = wc_Ed448PrivateKeyDecode(privKey, &keyIdx, key_pair,
- privKeySz)) == 0) {
- WOLFSSL_MSG("Checking ED448 key pair");
- keyIdx = 0;
- if ((ret = wc_ed448_import_public(pubKey, pubKeySz,
- key_pair)) == 0) {
- /* public and private extracted successfully no check if is
- * a pair and also do sanity checks on key. wc_ecc_check_key
- * checks that private * base generator equals pubkey */
- if ((ret = wc_ed448_check_key(key_pair)) == 0)
- ret = 1;
- }
- }
- wc_ed448_free(key_pair);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(key_pair, NULL, DYNAMIC_TYPE_ED448);
- #endif
- }
- else
- #endif /* HAVE_ED448 && !NO_ASN_CRYPT */
- {
- ret = 0;
- }
- (void)ks;
- return ret;
- }
- /* check that the private key is a pair for the public key in certificate
- * return 1 (true) on match
- * return 0 or negative value on failure/error
- *
- * key : buffer holding DER format key
- * keySz : size of key buffer
- * der : a initialized and parsed DecodedCert holding a certificate */
- int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der)
- {
- if (key == NULL || der == NULL) {
- return BAD_FUNC_ARG;
- }
- return wc_CheckPrivateKey(key, keySz, der->publicKey,
- der->pubKeySize, (enum Key_Sum) der->keyOID);
- }
- #endif /* HAVE_PKCS12 || !NO_CHECK_PRIVATE_KEY */
- #ifndef NO_PWDBASED
- #if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
- /* Check To see if PKCS version algo is supported, set id if it is return 0
- < 0 on error */
- static int CheckAlgo(int first, int second, int* id, int* version, int* blockSz)
- {
- *id = ALGO_ID_E;
- *version = PKCS5; /* default */
- if (blockSz) *blockSz = 8; /* default */
- if (first == 1) {
- switch (second) {
- #if !defined(NO_SHA)
- #ifndef NO_RC4
- case PBE_SHA1_RC4_128:
- *id = PBE_SHA1_RC4_128;
- *version = PKCS12v1;
- return 0;
- #endif
- #ifndef NO_DES3
- case PBE_SHA1_DES3:
- *id = PBE_SHA1_DES3;
- *version = PKCS12v1;
- if (blockSz) *blockSz = DES_BLOCK_SIZE;
- return 0;
- case PBE_SHA1_DES:
- *id = PBE_SHA1_DES;
- *version = PKCS12v1;
- if (blockSz) *blockSz = DES_BLOCK_SIZE;
- return 0;
- #endif
- #ifdef WC_RC2
- case PBE_SHA1_40RC2_CBC:
- *id = PBE_SHA1_40RC2_CBC;
- *version = PKCS12v1;
- if (blockSz) *blockSz = RC2_BLOCK_SIZE;
- return 0;
- #endif
- #endif /* !NO_SHA */
- default:
- return ALGO_ID_E;
- }
- }
- if (first != PKCS5)
- return ASN_INPUT_E; /* VERSION ERROR */
- if (second == PBES2) {
- *version = PKCS5v2;
- return 0;
- }
- switch (second) {
- #ifndef NO_DES3
- #ifndef NO_MD5
- case 3: /* see RFC 2898 for ids */
- *id = PBE_MD5_DES;
- if (blockSz) *blockSz = DES_BLOCK_SIZE;
- return 0;
- #endif
- #ifndef NO_SHA
- case 10:
- *id = PBE_SHA1_DES;
- if (blockSz) *blockSz = DES_BLOCK_SIZE;
- return 0;
- #endif
- #endif /* !NO_DES3 */
- default:
- return ALGO_ID_E;
- }
- }
- /* Check To see if PKCS v2 algo is supported, set id if it is return 0
- < 0 on error */
- static int CheckAlgoV2(int oid, int* id, int* blockSz)
- {
- if (blockSz) *blockSz = 8; /* default */
- (void)id; /* not used if AES and DES3 disabled */
- switch (oid) {
- #if !defined(NO_DES3) && !defined(NO_SHA)
- case DESb:
- *id = PBE_SHA1_DES;
- if (blockSz) *blockSz = DES_BLOCK_SIZE;
- return 0;
- case DES3b:
- *id = PBE_SHA1_DES3;
- if (blockSz) *blockSz = DES_BLOCK_SIZE;
- return 0;
- #endif
- #ifdef WOLFSSL_AES_256
- case AES256CBCb:
- *id = PBE_AES256_CBC;
- if (blockSz) *blockSz = AES_BLOCK_SIZE;
- return 0;
- #endif
- #ifdef WOLFSSL_AES_128
- case AES128CBCb:
- *id = PBE_AES128_CBC;
- if (blockSz) *blockSz = AES_BLOCK_SIZE;
- return 0;
- #endif
- default:
- WOLFSSL_MSG("No PKCS v2 algo found");
- return ALGO_ID_E;
- }
- }
- #endif /* HAVE_PKCS8 || HAVE_PKCS12 */
- #ifdef HAVE_PKCS8
- int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID, word32* oidSz,
- int* algoID, void* heap)
- {
- word32 tmpIdx = 0;
- if (key == NULL || algoID == NULL)
- return BAD_FUNC_ARG;
- *algoID = 0;
- #if !defined(NO_RSA) && !defined(NO_ASN_CRYPT)
- {
- RsaKey *rsa = (RsaKey *)XMALLOC(sizeof *rsa, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (rsa == NULL)
- return MEMORY_E;
- wc_InitRsaKey(rsa, heap);
- if (wc_RsaPrivateKeyDecode(key, &tmpIdx, rsa, keySz) == 0) {
- *algoID = RSAk;
- }
- else {
- WOLFSSL_MSG("Not RSA DER key");
- }
- wc_FreeRsaKey(rsa);
- XFREE(rsa, heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif /* !NO_RSA && !NO_ASN_CRYPT */
- #if defined(HAVE_ECC) && !defined(NO_ASN_CRYPT)
- if (*algoID == 0) {
- ecc_key *ecc = (ecc_key *)XMALLOC(sizeof *ecc, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (ecc == NULL)
- return MEMORY_E;
- tmpIdx = 0;
- wc_ecc_init_ex(ecc, heap, INVALID_DEVID);
- if (wc_EccPrivateKeyDecode(key, &tmpIdx, ecc, keySz) == 0) {
- *algoID = ECDSAk;
- /* now find oid */
- if (wc_ecc_get_oid(ecc->dp->oidSum, curveOID, oidSz) < 0) {
- WOLFSSL_MSG("Error getting ECC curve OID");
- wc_ecc_free(ecc);
- XFREE(ecc, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return BAD_FUNC_ARG;
- }
- }
- else {
- WOLFSSL_MSG("Not ECC DER key either");
- }
- wc_ecc_free(ecc);
- XFREE(ecc, heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif /* HAVE_ECC && !NO_ASN_CRYPT */
- #if defined(HAVE_ED25519) && !defined(NO_ASN_CRYPT)
- if (*algoID != RSAk && *algoID != ECDSAk) {
- ed25519_key *ed25519 = (ed25519_key *)XMALLOC(sizeof *ed25519, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (ed25519 == NULL)
- return MEMORY_E;
- tmpIdx = 0;
- if (wc_ed25519_init(ed25519) == 0) {
- if (wc_Ed25519PrivateKeyDecode(key, &tmpIdx, ed25519, keySz) == 0) {
- *algoID = ED25519k;
- }
- else {
- WOLFSSL_MSG("Not ED25519 DER key");
- }
- wc_ed25519_free(ed25519);
- }
- else {
- WOLFSSL_MSG("GetKeyOID wc_ed25519_init failed");
- }
- XFREE(ed25519, heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif /* HAVE_ED25519 && !NO_ASN_CRYPT */
- #if defined(HAVE_ED448) && !defined(NO_ASN_CRYPT)
- if (*algoID != RSAk && *algoID != ECDSAk && *algoID != ED25519k) {
- ed448_key *ed448 = (ed448_key *)XMALLOC(sizeof *ed448, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (ed448 == NULL)
- return MEMORY_E;
- tmpIdx = 0;
- if (wc_ed448_init(ed448) == 0) {
- if (wc_Ed448PrivateKeyDecode(key, &tmpIdx, ed448, keySz) == 0) {
- *algoID = ED448k;
- }
- else {
- WOLFSSL_MSG("Not ED448 DER key");
- }
- wc_ed448_free(ed448);
- }
- else {
- WOLFSSL_MSG("GetKeyOID wc_ed448_init failed");
- }
- XFREE(ed448, heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif /* HAVE_ED448 && !NO_ASN_CRYPT */
- /* if flag is not set then is neither RSA or ECC key that could be
- * found */
- if (*algoID == 0) {
- WOLFSSL_MSG("Bad key DER or compile options");
- return BAD_FUNC_ARG;
- }
- (void)tmpIdx;
- (void)curveOID;
- (void)oidSz;
- (void)keySz;
- (void)heap;
- return 1;
- }
- #endif /* HAVE_PKCS8 */
- #if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
- #define PKCS8_MIN_BLOCK_SIZE 8
- static int Pkcs8Pad(byte* buf, int sz, int blockSz)
- {
- int i, padSz;
- /* calculate pad size */
- padSz = blockSz - (sz & (blockSz - 1));
- /* pad with padSz value */
- if (buf) {
- for (i = 0; i < padSz; i++) {
- buf[sz+i] = (byte)(padSz & 0xFF);
- }
- }
- /* return adjusted length */
- return sz + padSz;
- }
- #endif /* HAVE_PKCS8 || HAVE_PKCS12 */
- #ifdef HAVE_PKCS8
- /*
- * Used when creating PKCS12 shrouded key bags
- * vPKCS is the version of PKCS to use
- * vAlgo is the algorithm version to use
- *
- * if salt is NULL a random number is generated
- *
- * returns the size of encrypted data on success
- */
- int UnTraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz,
- const char* password, int passwordSz, int vPKCS, int vAlgo,
- byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap)
- {
- int algoID = 0;
- byte* tmp;
- word32 tmpSz = 0;
- word32 sz;
- word32 seqSz;
- word32 inOutIdx = 0;
- word32 totalSz = 0;
- int version, id;
- int ret;
- int blockSz = 0;
- const byte* curveOID = NULL;
- word32 oidSz = 0;
- #ifdef WOLFSSL_SMALL_STACK
- byte* saltTmp = NULL;
- byte* cbcIv = NULL;
- #else
- byte saltTmp[MAX_IV_SIZE];
- byte cbcIv[MAX_IV_SIZE];
- #endif
- WOLFSSL_ENTER("UnTraditionalEnc()");
- if (saltSz > MAX_SALT_SIZE)
- return ASN_PARSE_E;
- inOutIdx += MAX_SEQ_SZ; /* leave room for size of finished shroud */
- if (CheckAlgo(vPKCS, vAlgo, &id, &version, &blockSz) < 0) {
- WOLFSSL_MSG("Bad/Unsupported algorithm ID");
- return ASN_INPUT_E; /* Algo ID error */
- }
- if (out != NULL) {
- if (*outSz < inOutIdx + MAX_ALGO_SZ + MAX_SALT_SIZE + MAX_SEQ_SZ + 1 +
- MAX_LENGTH_SZ + MAX_SHORT_SZ + 1)
- return BUFFER_E;
- if (version == PKCS5v2) {
- WOLFSSL_MSG("PKCS5v2 Not supported yet\n");
- return ASN_VERSION_E;
- }
- if (salt == NULL || saltSz == 0) {
- saltSz = 8;
- #ifdef WOLFSSL_SMALL_STACK
- saltTmp = (byte*)XMALLOC(saltSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (saltTmp == NULL)
- return MEMORY_E;
- #endif
- salt = saltTmp;
- if ((ret = wc_RNG_GenerateBlock(rng, saltTmp, saltSz)) != 0) {
- WOLFSSL_MSG("Error generating random salt");
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- }
- /* leave room for a sequence (contains salt and iterations int) */
- inOutIdx += MAX_SEQ_SZ; sz = 0;
- inOutIdx += MAX_ALGO_SZ;
- /* place salt in buffer */
- out[inOutIdx++] = ASN_OCTET_STRING; sz++;
- tmpSz = SetLength(saltSz, out + inOutIdx);
- inOutIdx += tmpSz; sz += tmpSz;
- XMEMCPY(out + inOutIdx, salt, saltSz);
- inOutIdx += saltSz; sz += saltSz;
- /* place iteration count in buffer */
- ret = SetShortInt(out, &inOutIdx, itt, *outSz);
- if (ret < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- sz += (word32)ret;
- /* wind back index and set sequence then clean up buffer */
- inOutIdx -= (sz + MAX_SEQ_SZ);
- tmpSz = SetSequence(sz, out + inOutIdx);
- XMEMMOVE(out + inOutIdx + tmpSz, out + inOutIdx + MAX_SEQ_SZ, sz);
- totalSz += tmpSz + sz; sz += tmpSz;
- /* add in algo ID */
- inOutIdx -= MAX_ALGO_SZ;
- tmpSz = SetAlgoID(id, out + inOutIdx, oidPBEType, sz);
- XMEMMOVE(out + inOutIdx + tmpSz, out + inOutIdx + MAX_ALGO_SZ, sz);
- totalSz += tmpSz; inOutIdx += tmpSz + sz;
- /* octet string containing encrypted key */
- out[inOutIdx++] = ASN_OCTET_STRING; totalSz++;
- }
- /* check key type and get OID if ECC */
- if ((ret = wc_GetKeyOID(key, keySz, &curveOID, &oidSz, &algoID, heap))< 0) {
- WOLFSSL_MSG("Error getting key OID");
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- /* PKCS#8 wrapping around key */
- if (wc_CreatePKCS8Key(NULL, &tmpSz, key, keySz, algoID, curveOID, oidSz)
- != LENGTH_ONLY_E) {
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return MEMORY_E;
- }
- /* check if should return max size */
- if (out == NULL) {
- /* account for salt size */
- if (salt == NULL || saltSz == 0) {
- tmpSz += MAX_SALT_SIZE;
- }
- else {
- tmpSz += saltSz;
- }
- /* plus 3 for tags */
- *outSz = tmpSz + MAX_ALGO_SZ + MAX_LENGTH_SZ +MAX_LENGTH_SZ + MAX_SEQ_SZ
- + MAX_LENGTH_SZ + MAX_SEQ_SZ + 3;
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return LENGTH_ONLY_E;
- }
- /* reserve buffer for crypto and make sure it supports full blocks */
- tmp = (byte*)XMALLOC(tmpSz + (blockSz-1), heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmp == NULL) {
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return MEMORY_E;
- }
- if ((ret = wc_CreatePKCS8Key(tmp, &tmpSz, key, keySz, algoID, curveOID,
- oidSz)) < 0) {
- XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- WOLFSSL_MSG("Error wrapping key with PKCS#8");
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- tmpSz = ret;
- /* adjust size to pad */
- tmpSz = Pkcs8Pad(tmp, tmpSz, blockSz);
- #ifdef WOLFSSL_SMALL_STACK
- cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (cbcIv == NULL) {
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #endif
- /* encrypt PKCS#8 wrapped key */
- if ((ret = wc_CryptKey(password, passwordSz, salt, saltSz, itt, id,
- tmp, tmpSz, version, cbcIv, 1, 0)) < 0) {
- XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- WOLFSSL_MSG("Error encrypting key");
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (cbcIv != NULL)
- XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret; /* encryption failure */
- }
- totalSz += tmpSz;
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL)
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (cbcIv != NULL)
- XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- if (*outSz < inOutIdx + tmpSz + MAX_LENGTH_SZ) {
- XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return BUFFER_E;
- }
- /* set length of key and copy over encrypted key */
- seqSz = SetLength(tmpSz, out + inOutIdx);
- inOutIdx += seqSz; totalSz += seqSz;
- XMEMCPY(out + inOutIdx, tmp, tmpSz);
- XFREE(tmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- /* set total size at beginning */
- sz = SetSequence(totalSz, out);
- XMEMMOVE(out + sz, out + MAX_SEQ_SZ, totalSz);
- (void)rng;
- return totalSz + sz;
- }
- static int GetAlgoV2(int encAlgId, const byte** oid, int *len, int* id,
- int *blkSz)
- {
- int ret = 0;
- switch (encAlgId) {
- #if !defined(NO_DES3) && !defined(NO_SHA)
- case DESb:
- *len = sizeof(blkDesCbcOid);
- *oid = blkDesCbcOid;
- *id = PBE_SHA1_DES;
- *blkSz = 8;
- break;
- case DES3b:
- *len = sizeof(blkDes3CbcOid);
- *oid = blkDes3CbcOid;
- *id = PBE_SHA1_DES3;
- *blkSz = 8;
- break;
- #endif
- #if defined(WOLFSSL_AES_256) && defined(HAVE_AES_CBC)
- case AES256CBCb:
- *len = sizeof(blkAes256CbcOid);
- *oid = blkAes256CbcOid;
- *id = PBE_AES256_CBC;
- *blkSz = 16;
- break;
- #endif
- default:
- (void)len;
- (void)oid;
- (void)id;
- (void)blkSz;
- ret = ALGO_ID_E;
- }
- return ret;
- }
- /* Converts Encrypted PKCS#8 to 'traditional' (i.e. PKCS#8 removed from
- * decrypted key.)
- */
- int TraditionalEnc(byte* key, word32 keySz, byte* out, word32* outSz,
- const char* password, int passwordSz, int vPKCS, int vAlgo,
- int encAlgId, byte* salt, word32 saltSz, int itt, WC_RNG* rng,
- void* heap)
- {
- int ret = 0;
- int version, blockSz, id;
- word32 idx = 0, encIdx;
- #ifdef WOLFSSL_SMALL_STACK
- byte* saltTmp = NULL;
- #else
- byte saltTmp[MAX_SALT_SIZE];
- #endif
- byte cbcIv[MAX_IV_SIZE];
- byte *pkcs8Key = NULL;
- word32 pkcs8KeySz = 0, padSz = 0;
- int algId = 0;
- const byte* curveOid = NULL;
- word32 curveOidSz = 0;
- const byte* pbeOid = NULL;
- word32 pbeOidSz = 0;
- const byte* encOid = NULL;
- int encOidSz = 0;
- word32 pbeLen = 0, kdfLen = 0, encLen = 0;
- word32 innerLen = 0, outerLen;
- ret = CheckAlgo(vPKCS, vAlgo, &id, &version, &blockSz);
- /* create random salt if one not provided */
- if (ret == 0 && (salt == NULL || saltSz == 0)) {
- saltSz = 8;
- #ifdef WOLFSSL_SMALL_STACK
- saltTmp = (byte*)XMALLOC(saltSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (saltTmp == NULL)
- return MEMORY_E;
- #endif
- salt = saltTmp;
- if ((ret = wc_RNG_GenerateBlock(rng, saltTmp, saltSz)) != 0) {
- WOLFSSL_MSG("Error generating random salt");
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- }
- if (ret == 0) {
- /* check key type and get OID if ECC */
- ret = wc_GetKeyOID(key, keySz, &curveOid, &curveOidSz, &algId, heap);
- if (ret == 1)
- ret = 0;
- }
- if (ret == 0) {
- ret = wc_CreatePKCS8Key(NULL, &pkcs8KeySz, key, keySz, algId, curveOid,
- curveOidSz);
- if (ret == LENGTH_ONLY_E)
- ret = 0;
- }
- if (ret == 0) {
- pkcs8Key = (byte*)XMALLOC(pkcs8KeySz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (pkcs8Key == NULL)
- ret = MEMORY_E;
- }
- if (ret == 0) {
- ret = wc_CreatePKCS8Key(pkcs8Key, &pkcs8KeySz, key, keySz, algId,
- curveOid, curveOidSz);
- if (ret >= 0) {
- pkcs8KeySz = ret;
- ret = 0;
- }
- }
- if (ret == 0 && version == PKCS5v2)
- ret = GetAlgoV2(encAlgId, &encOid, &encOidSz, &id, &blockSz);
- if (ret == 0) {
- padSz = (blockSz - (pkcs8KeySz & (blockSz - 1))) & (blockSz - 1);
- /* inner = OCT salt INT itt */
- innerLen = 2 + saltSz + 2 + (itt < 256 ? 1 : 2);
- if (version != PKCS5v2) {
- pbeOid = OidFromId(id, oidPBEType, &pbeOidSz);
- /* pbe = OBJ pbse1 SEQ [ inner ] */
- pbeLen = 2 + pbeOidSz + 2 + innerLen;
- }
- else {
- pbeOid = pbes2;
- pbeOidSz = sizeof(pbes2);
- /* kdf = OBJ pbkdf2 [ SEQ innerLen ] */
- kdfLen = 2 + sizeof(pbkdf2Oid) + 2 + innerLen;
- /* enc = OBJ enc_alg OCT iv */
- encLen = 2 + encOidSz + 2 + blockSz;
- /* pbe = OBJ pbse2 SEQ [ SEQ [ kdf ] SEQ [ enc ] ] */
- pbeLen = 2 + sizeof(pbes2) + 2 + 2 + kdfLen + 2 + encLen;
- ret = wc_RNG_GenerateBlock(rng, cbcIv, blockSz);
- }
- }
- if (ret == 0) {
- /* outer = SEQ [ pbe ] OCT encrypted_PKCS#8_key */
- outerLen = 2 + pbeLen;
- outerLen += SetOctetString(pkcs8KeySz + padSz, out);
- outerLen += pkcs8KeySz + padSz;
- idx += SetSequence(outerLen, out + idx);
- encIdx = idx + outerLen - pkcs8KeySz - padSz;
- /* Put Encrypted content in place. */
- XMEMCPY(out + encIdx, pkcs8Key, pkcs8KeySz);
- if (padSz > 0) {
- XMEMSET(out + encIdx + pkcs8KeySz, padSz, padSz);
- pkcs8KeySz += padSz;
- }
- ret = wc_CryptKey(password, passwordSz, salt, saltSz, itt, id,
- out + encIdx, pkcs8KeySz, version, cbcIv, 1, 0);
- }
- if (ret == 0) {
- if (version != PKCS5v2) {
- /* PBE algorithm */
- idx += SetSequence(pbeLen, out + idx);
- idx += SetObjectId(pbeOidSz, out + idx);
- XMEMCPY(out + idx, pbeOid, pbeOidSz);
- idx += pbeOidSz;
- }
- else {
- /* PBES2 algorithm identifier */
- idx += SetSequence(pbeLen, out + idx);
- idx += SetObjectId(pbeOidSz, out + idx);
- XMEMCPY(out + idx, pbeOid, pbeOidSz);
- idx += pbeOidSz;
- /* PBES2 Parameters: SEQ [ kdf ] SEQ [ enc ] */
- idx += SetSequence(2 + kdfLen + 2 + encLen, out + idx);
- /* KDF Algorithm Identifier */
- idx += SetSequence(kdfLen, out + idx);
- idx += SetObjectId(sizeof(pbkdf2Oid), out + idx);
- XMEMCPY(out + idx, pbkdf2Oid, sizeof(pbkdf2Oid));
- idx += sizeof(pbkdf2Oid);
- }
- idx += SetSequence(innerLen, out + idx);
- idx += SetOctetString(saltSz, out + idx);
- XMEMCPY(out + idx, salt, saltSz); idx += saltSz;
- ret = SetShortInt(out, &idx, itt, *outSz);
- if (ret > 0)
- ret = 0;
- }
- if (ret == 0) {
- if (version == PKCS5v2) {
- /* Encryption Algorithm Identifier */
- idx += SetSequence(encLen, out + idx);
- idx += SetObjectId(encOidSz, out + idx);
- XMEMCPY(out + idx, encOid, encOidSz);
- idx += encOidSz;
- /* Encryption Algorithm Parameter: CBC IV */
- idx += SetOctetString(blockSz, out + idx);
- XMEMCPY(out + idx, cbcIv, blockSz);
- idx += blockSz;
- }
- idx += SetOctetString(pkcs8KeySz, out + idx);
- /* Default PRF - no need to write out OID */
- idx += pkcs8KeySz;
- ret = idx;
- }
- if (pkcs8Key != NULL) {
- ForceZero(pkcs8Key, pkcs8KeySz);
- XFREE(pkcs8Key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #ifdef WOLFSSL_SMALL_STACK
- if (saltTmp != NULL) {
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif
- (void)rng;
- return ret;
- }
- #endif /* HAVE_PKCS8 */
- #if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
- /* decrypt PKCS
- *
- * NOTE: input buffer is overwritten with decrypted data!
- *
- * input[in/out] data to decrypt and results are written to
- * sz size of input buffer
- * password password if used. Can be NULL for no password
- * passwordSz size of password buffer
- *
- * returns the total size of decrypted content on success.
- */
- int DecryptContent(byte* input, word32 sz, const char* password, int passwordSz)
- {
- word32 inOutIdx = 0, seqEnd, oid, shaOid = 0;
- int ret = 0, first, second, length = 0, version, saltSz, id;
- int iterations = 0, keySz = 0;
- #ifdef WOLFSSL_SMALL_STACK
- byte* salt = NULL;
- byte* cbcIv = NULL;
- #else
- byte salt[MAX_SALT_SIZE];
- byte cbcIv[MAX_IV_SIZE];
- #endif
- byte tag;
- if (passwordSz < 0) {
- WOLFSSL_MSG("Bad password size");
- return BAD_FUNC_ARG;
- }
- if (GetAlgoId(input, &inOutIdx, &oid, oidIgnoreType, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- first = input[inOutIdx - 2]; /* PKCS version always 2nd to last byte */
- second = input[inOutIdx - 1]; /* version.algo, algo id last byte */
- if (CheckAlgo(first, second, &id, &version, NULL) < 0) {
- ERROR_OUT(ASN_INPUT_E, exit_dc); /* Algo ID error */
- }
- if (version == PKCS5v2) {
- if (GetSequence(input, &inOutIdx, &length, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- if (GetAlgoId(input, &inOutIdx, &oid, oidKdfType, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- if (oid != PBKDF2_OID) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- }
- if (GetSequence(input, &inOutIdx, &length, sz) <= 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- /* Find the end of this SEQUENCE so we can check for the OPTIONAL and
- * DEFAULT items. */
- seqEnd = inOutIdx + length;
- ret = GetOctetString(input, &inOutIdx, &saltSz, sz);
- if (ret < 0)
- goto exit_dc;
- if (saltSz > MAX_SALT_SIZE) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- #ifdef WOLFSSL_SMALL_STACK
- salt = (byte*)XMALLOC(MAX_SALT_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (salt == NULL) {
- ERROR_OUT(MEMORY_E, exit_dc);
- }
- #endif
- XMEMCPY(salt, &input[inOutIdx], saltSz);
- inOutIdx += saltSz;
- if (GetShortInt(input, &inOutIdx, &iterations, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- /* OPTIONAL key length */
- if (seqEnd > inOutIdx) {
- word32 localIdx = inOutIdx;
- if (GetASNTag(input, &localIdx, &tag, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- if (tag == ASN_INTEGER &&
- GetShortInt(input, &inOutIdx, &keySz, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- }
- /* DEFAULT HMAC is SHA-1 */
- if (seqEnd > inOutIdx) {
- if (GetAlgoId(input, &inOutIdx, &oid, oidHmacType, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- shaOid = oid;
- }
- #ifdef WOLFSSL_SMALL_STACK
- cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (cbcIv == NULL) {
- ERROR_OUT(MEMORY_E, exit_dc);
- }
- #endif
- if (version == PKCS5v2) {
- /* get encryption algo */
- if (GetAlgoId(input, &inOutIdx, &oid, oidBlkType, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- if (CheckAlgoV2(oid, &id, NULL) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc); /* PKCS v2 algo id error */
- }
- if (shaOid == 0)
- shaOid = oid;
- ret = GetOctetString(input, &inOutIdx, &length, sz);
- if (ret < 0)
- goto exit_dc;
- if (length > MAX_IV_SIZE) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- XMEMCPY(cbcIv, &input[inOutIdx], length);
- inOutIdx += length;
- }
- if (GetASNTag(input, &inOutIdx, &tag, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- if (tag != (ASN_CONTEXT_SPECIFIC | 0) && tag != ASN_OCTET_STRING) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- if (GetLength(input, &inOutIdx, &length, sz) < 0) {
- ERROR_OUT(ASN_PARSE_E, exit_dc);
- }
- ret = wc_CryptKey(password, passwordSz, salt, saltSz, iterations, id,
- input + inOutIdx, length, version, cbcIv, 0, shaOid);
- exit_dc:
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- if (ret == 0) {
- XMEMMOVE(input, input + inOutIdx, length);
- ret = length;
- }
- return ret;
- }
- /* Remove Encrypted PKCS8 header, move beginning of traditional to beginning
- of input */
- int ToTraditionalEnc(byte* input, word32 sz,const char* password,
- int passwordSz, word32* algId)
- {
- int ret, length;
- word32 inOutIdx = 0;
- if (GetSequence(input, &inOutIdx, &length, sz) < 0) {
- ret = ASN_PARSE_E;
- }
- else {
- ret = DecryptContent(input + inOutIdx, sz - inOutIdx, password,
- passwordSz);
- if (ret > 0) {
- XMEMMOVE(input, input + inOutIdx, ret);
- ret = ToTraditional_ex(input, ret, algId);
- }
- }
- return ret;
- }
- #endif /* HAVE_PKCS8 || HAVE_PKCS12 */
- #ifdef HAVE_PKCS12
- /* encrypt PKCS 12 content
- *
- * NOTE: if out is NULL then outSz is set with the total buffer size needed and
- * the error value LENGTH_ONLY_E is returned.
- *
- * input data to encrypt
- * inputSz size of input buffer
- * out buffer to hold the result
- * outSz size of out buffer
- * password password if used. Can be NULL for no password
- * passwordSz size of password buffer
- * vPKCS version of PKCS i.e. PKCS5v2
- * vAlgo algorithm version
- * salt buffer holding salt if used. If NULL then a random salt is created
- * saltSz size of salt buffer if it is not NULL
- * itt number of iterations used
- * rng random number generator to use
- * heap possible heap hint for mallocs/frees
- *
- * returns the total size of encrypted content on success.
- *
- * data returned is :
- * [ seq - obj [ seq -salt,itt]] , construct with encrypted data
- */
- int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
- const char* password, int passwordSz, int vPKCS, int vAlgo,
- byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap)
- {
- word32 sz;
- word32 inOutIdx = 0;
- word32 tmpIdx = 0;
- word32 totalSz = 0;
- word32 seqSz;
- word32 innerSz;
- int ret;
- int version, id, blockSz = 0;
- #ifdef WOLFSSL_SMALL_STACK
- byte* saltTmp = NULL;
- byte* cbcIv = NULL;
- #else
- byte saltTmp[MAX_SALT_SIZE];
- byte cbcIv[MAX_IV_SIZE];
- #endif
- byte seq[MAX_SEQ_SZ];
- byte shr[MAX_SHORT_SZ];
- word32 maxShr = MAX_SHORT_SZ;
- word32 algoSz;
- const byte* algoName;
- (void)heap;
- WOLFSSL_ENTER("EncryptContent()");
- if (CheckAlgo(vPKCS, vAlgo, &id, &version, &blockSz) < 0)
- return ASN_INPUT_E; /* Algo ID error */
- if (version == PKCS5v2) {
- WOLFSSL_MSG("PKCS#5 version 2 not supported yet");
- return BAD_FUNC_ARG;
- }
- if (saltSz > MAX_SALT_SIZE)
- return ASN_PARSE_E;
- if (outSz == NULL) {
- return BAD_FUNC_ARG;
- }
- /* calculate size */
- /* size of constructed string at end */
- sz = Pkcs8Pad(NULL, inputSz, blockSz);
- totalSz = ASN_TAG_SZ;
- totalSz += SetLength(sz, seq);
- totalSz += sz;
- /* size of sequence holding object id and sub sequence of salt and itt */
- algoName = OidFromId(id, oidPBEType, &algoSz);
- if (algoName == NULL) {
- WOLFSSL_MSG("Unknown Algorithm");
- return 0;
- }
- innerSz = SetObjectId(algoSz, seq);
- innerSz += algoSz;
- /* get subsequence of salt and itt */
- if (salt == NULL || saltSz == 0) {
- sz = 8;
- }
- else {
- sz = saltSz;
- }
- seqSz = SetOctetString(sz, seq);
- seqSz += sz;
- tmpIdx = 0;
- ret = SetShortInt(shr, &tmpIdx, itt, maxShr);
- if (ret >= 0) {
- seqSz += ret;
- }
- else {
- return ret;
- }
- innerSz += seqSz + SetSequence(seqSz, seq);
- totalSz += innerSz + SetSequence(innerSz, seq);
- if (out == NULL) {
- *outSz = totalSz;
- return LENGTH_ONLY_E;
- }
- inOutIdx = 0;
- if (totalSz > *outSz)
- return BUFFER_E;
- inOutIdx += SetSequence(innerSz, out + inOutIdx);
- inOutIdx += SetObjectId(algoSz, out + inOutIdx);
- XMEMCPY(out + inOutIdx, algoName, algoSz);
- inOutIdx += algoSz;
- inOutIdx += SetSequence(seqSz, out + inOutIdx);
- /* create random salt if one not provided */
- if (salt == NULL || saltSz == 0) {
- saltSz = 8;
- #ifdef WOLFSSL_SMALL_STACK
- saltTmp = (byte*)XMALLOC(saltSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (saltTmp == NULL)
- return MEMORY_E;
- #endif
- salt = saltTmp;
- if ((ret = wc_RNG_GenerateBlock(rng, saltTmp, saltSz)) != 0) {
- WOLFSSL_MSG("Error generating random salt");
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- }
- inOutIdx += SetOctetString(saltSz, out + inOutIdx);
- if (saltSz + inOutIdx > *outSz) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BUFFER_E;
- }
- XMEMCPY(out + inOutIdx, salt, saltSz);
- inOutIdx += saltSz;
- /* place iteration setting in buffer */
- ret = SetShortInt(out, &inOutIdx, itt, *outSz);
- if (ret < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- if (inOutIdx + 1 > *outSz) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BUFFER_E;
- }
- out[inOutIdx++] = ASN_CONTEXT_SPECIFIC | 0;
- /* get pad size and verify buffer room */
- sz = Pkcs8Pad(NULL, inputSz, blockSz);
- if (sz + inOutIdx > *outSz) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BUFFER_E;
- }
- inOutIdx += SetLength(sz, out + inOutIdx);
- /* copy input to output buffer and pad end */
- XMEMCPY(out + inOutIdx, input, inputSz);
- sz = Pkcs8Pad(out + inOutIdx, inputSz, blockSz);
- #ifdef WOLFSSL_SMALL_STACK
- cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (cbcIv == NULL) {
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #endif
- /* encrypt */
- if ((ret = wc_CryptKey(password, passwordSz, salt, saltSz, itt, id,
- out + inOutIdx, sz, version, cbcIv, 1, 0)) < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret; /* encrypt failure */
- }
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(cbcIv, heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(saltTmp, heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- (void)rng;
- return inOutIdx + sz;
- }
- #endif /* HAVE_PKCS12 */
- #endif /* NO_PWDBASED */
- #ifndef NO_RSA
- #ifndef HAVE_USER_RSA
- #ifdef WOLFSSL_RENESAS_TSIP
- /* This function is to retrieve key position information in a cert.*
- * The information will be used to call TSIP TLS-linked API for *
- * certificate verification. */
- static int RsaPublicKeyDecodeRawIndex(const byte* input, word32* inOutIdx,
- word32 inSz, word32* key_n,
- word32* key_n_len, word32* key_e,
- word32* key_e_len)
- {
- int ret = 0;
- int length = 0;
- #if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
- byte b;
- #endif
- if (input == NULL || inOutIdx == NULL)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- #if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
- if ((*inOutIdx + 1) > inSz)
- return BUFFER_E;
- b = input[*inOutIdx];
- if (b != ASN_INTEGER) {
- /* not from decoded cert, will have algo id, skip past */
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (SkipObjectId(input, inOutIdx, inSz) < 0)
- return ASN_PARSE_E;
- /* Option NULL ASN.1 tag */
- if (*inOutIdx >= inSz) {
- return BUFFER_E;
- }
- if (input[*inOutIdx] == ASN_TAG_NULL) {
- ret = GetASNNull(input, inOutIdx, inSz);
- if (ret != 0)
- return ret;
- }
- /* should have bit tag length and seq next */
- ret = CheckBitString(input, inOutIdx, NULL, inSz, 1, NULL);
- if (ret != 0)
- return ret;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- }
- #endif /* OPENSSL_EXTRA */
- /* Get modulus */
- ret = GetASNInt(input, inOutIdx, &length, inSz);
- *key_n += *inOutIdx;
- if (ret < 0) {
- return ASN_RSA_KEY_E;
- }
- if (key_n_len)
- *key_n_len = length;
- *inOutIdx += length;
- /* Get exponent */
- ret = GetASNInt(input, inOutIdx, &length, inSz);
- *key_e += *inOutIdx;
- if (ret < 0) {
- return ASN_RSA_KEY_E;
- }
- if (key_e_len)
- *key_e_len = length;
- return ret;
- }
- #endif /* WOLFSSL_RENESAS_TSIP */
- int wc_RsaPublicKeyDecode_ex(const byte* input, word32* inOutIdx, word32 inSz,
- const byte** n, word32* nSz, const byte** e, word32* eSz)
- {
- int ret = 0;
- int length = 0;
- #if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
- word32 localIdx;
- byte tag;
- #endif
- if (input == NULL || inOutIdx == NULL)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- #if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
- localIdx = *inOutIdx;
- if (GetASNTag(input, &localIdx, &tag, inSz) < 0)
- return BUFFER_E;
- if (tag != ASN_INTEGER) {
- /* not from decoded cert, will have algo id, skip past */
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (SkipObjectId(input, inOutIdx, inSz) < 0)
- return ASN_PARSE_E;
- /* Option NULL ASN.1 tag */
- if (*inOutIdx >= inSz) {
- return BUFFER_E;
- }
- localIdx = *inOutIdx;
- if (GetASNTag(input, &localIdx, &tag, inSz) < 0)
- return ASN_PARSE_E;
- if (tag == ASN_TAG_NULL) {
- ret = GetASNNull(input, inOutIdx, inSz);
- if (ret != 0)
- return ret;
- }
- /* should have bit tag length and seq next */
- ret = CheckBitString(input, inOutIdx, NULL, inSz, 1, NULL);
- if (ret != 0)
- return ret;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- }
- #endif /* OPENSSL_EXTRA */
- /* Get modulus */
- ret = GetASNInt(input, inOutIdx, &length, inSz);
- if (ret < 0) {
- return ASN_RSA_KEY_E;
- }
- if (nSz)
- *nSz = length;
- if (n)
- *n = &input[*inOutIdx];
- *inOutIdx += length;
- /* Get exponent */
- ret = GetASNInt(input, inOutIdx, &length, inSz);
- if (ret < 0) {
- return ASN_RSA_KEY_E;
- }
- if (eSz)
- *eSz = length;
- if (e)
- *e = &input[*inOutIdx];
- *inOutIdx += length;
- return ret;
- }
- int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
- word32 inSz)
- {
- int ret;
- const byte *n = NULL, *e = NULL;
- word32 nSz = 0, eSz = 0;
- if (key == NULL)
- return BAD_FUNC_ARG;
- ret = wc_RsaPublicKeyDecode_ex(input, inOutIdx, inSz, &n, &nSz, &e, &eSz);
- if (ret == 0) {
- ret = wc_RsaPublicKeyDecodeRaw(n, nSz, e, eSz, key);
- }
- return ret;
- }
- /* import RSA public key elements (n, e) into RsaKey structure (key) */
- int wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz, const byte* e,
- word32 eSz, RsaKey* key)
- {
- if (n == NULL || e == NULL || key == NULL)
- return BAD_FUNC_ARG;
- key->type = RSA_PUBLIC;
- if (mp_init(&key->n) != MP_OKAY)
- return MP_INIT_E;
- if (mp_read_unsigned_bin(&key->n, n, nSz) != 0) {
- mp_clear(&key->n);
- return ASN_GETINT_E;
- }
- #ifdef HAVE_WOLF_BIGINT
- if ((int)nSz > 0 && wc_bigint_from_unsigned_bin(&key->n.raw, n, nSz) != 0) {
- mp_clear(&key->n);
- return ASN_GETINT_E;
- }
- #endif /* HAVE_WOLF_BIGINT */
- if (mp_init(&key->e) != MP_OKAY) {
- mp_clear(&key->n);
- return MP_INIT_E;
- }
- if (mp_read_unsigned_bin(&key->e, e, eSz) != 0) {
- mp_clear(&key->n);
- mp_clear(&key->e);
- return ASN_GETINT_E;
- }
- #ifdef HAVE_WOLF_BIGINT
- if ((int)eSz > 0 && wc_bigint_from_unsigned_bin(&key->e.raw, e, eSz) != 0) {
- mp_clear(&key->n);
- mp_clear(&key->e);
- return ASN_GETINT_E;
- }
- #endif /* HAVE_WOLF_BIGINT */
- #ifdef WOLFSSL_XILINX_CRYPT
- if (wc_InitRsaHw(key) != 0) {
- return BAD_STATE_E;
- }
- #endif
- return 0;
- }
- #endif /* HAVE_USER_RSA */
- #endif /* !NO_RSA */
- #ifndef NO_DH
- /* Supports either:
- * - DH params G/P (PKCS#3 DH) file or
- * - DH key file (if WOLFSSL_DH_EXTRA enabled) */
- /* The wc_DhParamsLoad function also loads DH params, but directly into buffers, not DhKey */
- int wc_DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz)
- {
- int ret = 0;
- int length;
- #ifdef WOLFSSL_DH_EXTRA
- #if !defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
- word32 oid = 0, temp = 0;
- #endif
- #endif
- WOLFSSL_ENTER("wc_DhKeyDecode");
- if (inOutIdx == NULL)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- #ifdef WOLFSSL_DH_EXTRA
- #if !defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
- temp = *inOutIdx;
- #endif
- #endif
- /* Assume input started after 1.2.840.113549.1.3.1 dhKeyAgreement */
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0) {
- ret = ASN_DH_KEY_E;
- }
- if (ret == 0 && GetInt(&key->g, input, inOutIdx, inSz) < 0) {
- mp_clear(&key->p);
- ret = ASN_DH_KEY_E;
- }
- #ifdef WOLFSSL_DH_EXTRA
- #if !defined(HAVE_FIPS) || \
- (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
- /* If ASN_DH_KEY_E: Check if input started at beginning of key */
- if (ret == ASN_DH_KEY_E) {
- *inOutIdx = temp;
- /* the version (0) */
- if (GetASNInt(input, inOutIdx, &length, inSz) < 0) {
- return ASN_PARSE_E;
- }
- *inOutIdx += length;
- /* Size of dhKeyAgreement section */
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- /* Check for dhKeyAgreement */
- ret = GetObjectId(input, inOutIdx, &oid, oidKeyType, inSz);
- if (oid != DHk || ret < 0)
- return ASN_DH_KEY_E;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0) {
- return ASN_DH_KEY_E;
- }
- if (ret == 0 && GetInt(&key->g, input, inOutIdx, inSz) < 0) {
- mp_clear(&key->p);
- return ASN_DH_KEY_E;
- }
- }
- temp = *inOutIdx;
- ret = (CheckBitString(input, inOutIdx, &length, inSz, 0, NULL) == 0);
- if (ret > 0) {
- /* Found Bit String */
- if (GetInt(&key->pub, input, inOutIdx, inSz) == 0) {
- WOLFSSL_MSG("Found Public Key");
- ret = 0;
- }
- } else {
- *inOutIdx = temp;
- ret = (GetOctetString(input, inOutIdx, &length, inSz) >= 0);
- if (ret > 0) {
- /* Found Octet String */
- if (GetInt(&key->priv, input, inOutIdx, inSz) == 0) {
- WOLFSSL_MSG("Found Private Key");
- /* Compute public */
- ret = mp_exptmod(&key->g, &key->priv, &key->p, &key->pub);
- }
- } else {
- /* Don't use length from failed CheckBitString/GetOctetString */
- *inOutIdx = temp;
- ret = 0;
- }
- }
- #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
- #endif /* WOLFSSL_DH_EXTRA */
- WOLFSSL_LEAVE("wc_DhKeyDecode", ret);
- return ret;
- }
- int wc_DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz,
- byte* g, word32* gInOutSz)
- {
- word32 idx = 0;
- int ret;
- int length;
- if (GetSequence(input, &idx, &length, inSz) <= 0)
- return ASN_PARSE_E;
- ret = GetASNInt(input, &idx, &length, inSz);
- if (ret != 0)
- return ret;
- if (length <= (int)*pInOutSz) {
- XMEMCPY(p, &input[idx], length);
- *pInOutSz = length;
- }
- else {
- return BUFFER_E;
- }
- idx += length;
- ret = GetASNInt(input, &idx, &length, inSz);
- if (ret != 0)
- return ret;
- if (length <= (int)*gInOutSz) {
- XMEMCPY(g, &input[idx], length);
- *gInOutSz = length;
- }
- else {
- return BUFFER_E;
- }
- return 0;
- }
- #endif /* !NO_DH */
- #ifndef NO_DSA
- int DsaPublicKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
- word32 inSz)
- {
- int length;
- int ret = 0;
- word32 oid;
- if (input == NULL || inOutIdx == NULL || key == NULL)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->y, input, inOutIdx, inSz) < 0 )
- ret = ASN_DH_KEY_E;
- if (ret != 0) {
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- ret = GetObjectId(input, inOutIdx, &oid, oidIgnoreType, inSz);
- if (ret != 0)
- return ret;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->g, input, inOutIdx, inSz) < 0)
- return ASN_DH_KEY_E;
- if (CheckBitString(input, inOutIdx, &length, inSz, 0, NULL) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->y, input, inOutIdx, inSz) < 0 )
- return ASN_DH_KEY_E;
- ret = 0;
- }
- key->type = DSA_PUBLIC;
- return ret;
- }
- int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key,
- word32 inSz)
- {
- int length, version, ret = 0, temp = 0;
- /* Sanity checks on input */
- if (input == NULL || inOutIdx == NULL || key == NULL) {
- return BAD_FUNC_ARG;
- }
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- temp = (int)*inOutIdx;
- /* Default case expects a certificate with OctetString but no version ID */
- ret = GetInt(&key->p, input, inOutIdx, inSz);
- if (ret < 0) {
- mp_clear(&key->p);
- ret = ASN_PARSE_E;
- }
- else {
- ret = GetInt(&key->q, input, inOutIdx, inSz);
- if (ret < 0) {
- mp_clear(&key->p);
- mp_clear(&key->q);
- ret = ASN_PARSE_E;
- }
- else {
- ret = GetInt(&key->g, input, inOutIdx, inSz);
- if (ret < 0) {
- mp_clear(&key->p);
- mp_clear(&key->q);
- mp_clear(&key->g);
- ret = ASN_PARSE_E;
- }
- else {
- ret = GetOctetString(input, inOutIdx, &length, inSz);
- if (ret < 0) {
- mp_clear(&key->p);
- mp_clear(&key->q);
- mp_clear(&key->g);
- ret = ASN_PARSE_E;
- }
- else {
- ret = GetInt(&key->y, input, inOutIdx, inSz);
- if (ret < 0) {
- mp_clear(&key->p);
- mp_clear(&key->q);
- mp_clear(&key->g);
- mp_clear(&key->y);
- ret = ASN_PARSE_E;
- }
- }
- }
- }
- }
- /* An alternate pass if default certificate fails parsing */
- if (ret == ASN_PARSE_E) {
- *inOutIdx = temp;
- if (GetMyVersion(input, inOutIdx, &version, inSz) < 0)
- return ASN_PARSE_E;
- if (GetInt(&key->p, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->q, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->g, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->y, input, inOutIdx, inSz) < 0 ||
- GetInt(&key->x, input, inOutIdx, inSz) < 0 )
- return ASN_DH_KEY_E;
- }
- key->type = DSA_PRIVATE;
- return 0;
- }
- static mp_int* GetDsaInt(DsaKey* key, int idx)
- {
- if (idx == 0)
- return &key->p;
- if (idx == 1)
- return &key->q;
- if (idx == 2)
- return &key->g;
- if (idx == 3)
- return &key->y;
- if (idx == 4)
- return &key->x;
- return NULL;
- }
- /* Release Tmp DSA resources */
- static WC_INLINE void FreeTmpDsas(byte** tmps, void* heap)
- {
- int i;
- for (i = 0; i < DSA_INTS; i++)
- XFREE(tmps[i], heap, DYNAMIC_TYPE_DSA);
- (void)heap;
- }
- #if !defined(HAVE_SELFTEST) && (defined(WOLFSSL_KEY_GEN) || \
- defined(WOLFSSL_CERT_GEN))
- /* Write a public DSA key to output */
- int wc_SetDsaPublicKey(byte* output, DsaKey* key,
- int outLen, int with_header)
- {
- /* p, g, q = DSA params, y = public exponent */
- #ifdef WOLFSSL_SMALL_STACK
- byte* p = NULL;
- byte* g = NULL;
- byte* q = NULL;
- byte* y = NULL;
- #else
- byte p[MAX_DSA_INT_SZ];
- byte g[MAX_DSA_INT_SZ];
- byte q[MAX_DSA_INT_SZ];
- byte y[MAX_DSA_INT_SZ];
- #endif
- byte innerSeq[MAX_SEQ_SZ];
- byte outerSeq[MAX_SEQ_SZ];
- byte bitString[1 + MAX_LENGTH_SZ + 1];
- int idx, pSz, gSz, qSz, ySz, innerSeqSz, outerSeqSz, bitStringSz = 0;
- WOLFSSL_ENTER("wc_SetDsaPublicKey");
- if (output == NULL || key == NULL || outLen < MAX_SEQ_SZ) {
- return BAD_FUNC_ARG;
- }
- /* p */
- #ifdef WOLFSSL_SMALL_STACK
- p = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (p == NULL)
- return MEMORY_E;
- #endif
- if ((pSz = SetASNIntMP(&key->p, MAX_DSA_INT_SZ, p)) < 0) {
- WOLFSSL_MSG("SetASNIntMP Error with p");
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return pSz;
- }
- /* q */
- #ifdef WOLFSSL_SMALL_STACK
- q = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (q == NULL)
- return MEMORY_E;
- #endif
- if ((qSz = SetASNIntMP(&key->q, MAX_DSA_INT_SZ, q)) < 0) {
- WOLFSSL_MSG("SetASNIntMP Error with q");
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return qSz;
- }
- /* g */
- #ifdef WOLFSSL_SMALL_STACK
- g = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (g == NULL)
- return MEMORY_E;
- #endif
- if ((gSz = SetASNIntMP(&key->g, MAX_DSA_INT_SZ, g)) < 0) {
- WOLFSSL_MSG("SetASNIntMP Error with g");
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return gSz;
- }
- /* y */
- #ifdef WOLFSSL_SMALL_STACK
- y = (byte*)XMALLOC(MAX_DSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (y == NULL)
- return MEMORY_E;
- #endif
- if ((ySz = SetASNIntMP(&key->y, MAX_DSA_INT_SZ, y)) < 0) {
- WOLFSSL_MSG("SetASNIntMP Error with y");
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ySz;
- }
- innerSeqSz = SetSequence(pSz + qSz + gSz, innerSeq);
- /* check output size */
- if ((innerSeqSz + pSz + qSz + gSz) > outLen) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- WOLFSSL_MSG("Error, output size smaller than outlen");
- return BUFFER_E;
- }
- if (with_header) {
- int algoSz;
- #ifdef WOLFSSL_SMALL_STACK
- byte* algo = NULL;
- algo = (byte*)XMALLOC(MAX_ALGO_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (algo == NULL) {
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #else
- byte algo[MAX_ALGO_SZ];
- #endif
- algoSz = SetAlgoID(DSAk, algo, oidKeyType, 0);
- bitStringSz = SetBitString(ySz, 0, bitString);
- outerSeqSz = SetSequence(algoSz + innerSeqSz + pSz + qSz + gSz,
- outerSeq);
- idx = SetSequence(algoSz + innerSeqSz + pSz + qSz + gSz + bitStringSz +
- ySz + outerSeqSz, output);
- /* check output size */
- if ((idx + algoSz + bitStringSz + innerSeqSz + pSz + qSz + gSz + ySz) >
- outLen) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- WOLFSSL_MSG("Error, output size smaller than outlen");
- return BUFFER_E;
- }
- /* outerSeq */
- XMEMCPY(output + idx, outerSeq, outerSeqSz);
- idx += outerSeqSz;
- /* algo */
- XMEMCPY(output + idx, algo, algoSz);
- idx += algoSz;
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- } else {
- idx = 0;
- }
- /* innerSeq */
- XMEMCPY(output + idx, innerSeq, innerSeqSz);
- idx += innerSeqSz;
- /* p */
- XMEMCPY(output + idx, p, pSz);
- idx += pSz;
- /* q */
- XMEMCPY(output + idx, q, qSz);
- idx += qSz;
- /* g */
- XMEMCPY(output + idx, g, gSz);
- idx += gSz;
- /* bit string */
- if (bitStringSz > 0) {
- XMEMCPY(output + idx, bitString, bitStringSz);
- idx += bitStringSz;
- }
- /* y */
- XMEMCPY(output + idx, y, ySz);
- idx += ySz;
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(p, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(q, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(g, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(y, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return idx;
- }
- /* Convert DSA Public key to DER format, write to output (inLen), return bytes
- written */
- int wc_DsaKeyToPublicDer(DsaKey* key, byte* output, word32 inLen)
- {
- return wc_SetDsaPublicKey(output, key, inLen, 1);
- }
- #endif /* !HAVE_SELFTEST && (WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN) */
- /* Convert private DsaKey key to DER format, write to output (inLen),
- return bytes written */
- int wc_DsaKeyToDer(DsaKey* key, byte* output, word32 inLen)
- {
- word32 seqSz, verSz, rawLen, intTotalLen = 0;
- word32 sizes[DSA_INTS];
- int i, j, outLen, ret = 0, mpSz;
- byte seq[MAX_SEQ_SZ];
- byte ver[MAX_VERSION_SZ];
- byte* tmps[DSA_INTS];
- if (!key || !output)
- return BAD_FUNC_ARG;
- if (key->type != DSA_PRIVATE)
- return BAD_FUNC_ARG;
- for (i = 0; i < DSA_INTS; i++)
- tmps[i] = NULL;
- /* write all big ints from key to DER tmps */
- for (i = 0; i < DSA_INTS; i++) {
- mp_int* keyInt = GetDsaInt(key, i);
- rawLen = mp_unsigned_bin_size(keyInt) + 1;
- tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
- DYNAMIC_TYPE_DSA);
- if (tmps[i] == NULL) {
- ret = MEMORY_E;
- break;
- }
- mpSz = SetASNIntMP(keyInt, -1, tmps[i]);
- if (mpSz < 0) {
- ret = mpSz;
- break;
- }
- intTotalLen += (sizes[i] = mpSz);
- }
- if (ret != 0) {
- FreeTmpDsas(tmps, key->heap);
- return ret;
- }
- /* make headers */
- verSz = SetMyVersion(0, ver, FALSE);
- seqSz = SetSequence(verSz + intTotalLen, seq);
- outLen = seqSz + verSz + intTotalLen;
- if (outLen > (int)inLen) {
- FreeTmpDsas(tmps, key->heap);
- return BAD_FUNC_ARG;
- }
- /* write to output */
- XMEMCPY(output, seq, seqSz);
- j = seqSz;
- XMEMCPY(output + j, ver, verSz);
- j += verSz;
- for (i = 0; i < DSA_INTS; i++) {
- XMEMCPY(output + j, tmps[i], sizes[i]);
- j += sizes[i];
- }
- FreeTmpDsas(tmps, key->heap);
- return outLen;
- }
- #endif /* NO_DSA */
- void InitDecodedCert(DecodedCert* cert,
- const byte* source, word32 inSz, void* heap)
- {
- if (cert != NULL) {
- XMEMSET(cert, 0, sizeof(DecodedCert));
- cert->subjectCNEnc = CTC_UTF8;
- cert->issuer[0] = '\0';
- cert->subject[0] = '\0';
- cert->source = source; /* don't own */
- cert->maxIdx = inSz; /* can't go over this index */
- cert->heap = heap;
- cert->maxPathLen = WOLFSSL_MAX_PATH_LEN;
- #ifdef WOLFSSL_CERT_GEN
- cert->subjectSNEnc = CTC_UTF8;
- cert->subjectCEnc = CTC_PRINTABLE;
- cert->subjectLEnc = CTC_UTF8;
- cert->subjectSTEnc = CTC_UTF8;
- cert->subjectOEnc = CTC_UTF8;
- cert->subjectOUEnc = CTC_UTF8;
- #endif /* WOLFSSL_CERT_GEN */
- #ifndef NO_CERTS
- InitSignatureCtx(&cert->sigCtx, heap, INVALID_DEVID);
- #endif
- }
- }
- void FreeAltNames(DNS_entry* altNames, void* heap)
- {
- (void)heap;
- while (altNames) {
- DNS_entry* tmp = altNames->next;
- XFREE(altNames->name, heap, DYNAMIC_TYPE_ALTNAME);
- XFREE(altNames, heap, DYNAMIC_TYPE_ALTNAME);
- altNames = tmp;
- }
- }
- #ifndef IGNORE_NAME_CONSTRAINTS
- void FreeNameSubtrees(Base_entry* names, void* heap)
- {
- (void)heap;
- while (names) {
- Base_entry* tmp = names->next;
- XFREE(names->name, heap, DYNAMIC_TYPE_ALTNAME);
- XFREE(names, heap, DYNAMIC_TYPE_ALTNAME);
- names = tmp;
- }
- }
- #endif /* IGNORE_NAME_CONSTRAINTS */
- void FreeDecodedCert(DecodedCert* cert)
- {
- if (cert == NULL)
- return;
- if (cert->subjectCNStored == 1)
- XFREE(cert->subjectCN, cert->heap, DYNAMIC_TYPE_SUBJECT_CN);
- if (cert->pubKeyStored == 1)
- XFREE((void*)cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY);
- if (cert->weOwnAltNames && cert->altNames)
- FreeAltNames(cert->altNames, cert->heap);
- #ifndef IGNORE_NAME_CONSTRAINTS
- if (cert->altEmailNames)
- FreeAltNames(cert->altEmailNames, cert->heap);
- if (cert->altDirNames)
- FreeAltNames(cert->altDirNames, cert->heap);
- if (cert->permittedNames)
- FreeNameSubtrees(cert->permittedNames, cert->heap);
- if (cert->excludedNames)
- FreeNameSubtrees(cert->excludedNames, cert->heap);
- #endif /* IGNORE_NAME_CONSTRAINTS */
- #ifdef WOLFSSL_SEP
- XFREE(cert->deviceType, cert->heap, DYNAMIC_TYPE_X509_EXT);
- XFREE(cert->hwType, cert->heap, DYNAMIC_TYPE_X509_EXT);
- XFREE(cert->hwSerialNum, cert->heap, DYNAMIC_TYPE_X509_EXT);
- #endif /* WOLFSSL_SEP */
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- if (cert->issuerName != NULL)
- wolfSSL_X509_NAME_free((WOLFSSL_X509_NAME*)cert->issuerName);
- if (cert->subjectName != NULL)
- wolfSSL_X509_NAME_free((WOLFSSL_X509_NAME*)cert->subjectName);
- #endif /* OPENSSL_EXTRA */
- #ifdef WOLFSSL_RENESAS_TSIP_TLS
- if (cert->tsip_encRsaKeyIdx != NULL)
- XFREE(cert->tsip_encRsaKeyIdx, cert->heap, DYNAMIC_TYPE_RSA);
- #endif
- #ifndef NO_CERTS
- FreeSignatureCtx(&cert->sigCtx);
- #endif
- }
- static int GetCertHeader(DecodedCert* cert)
- {
- int ret = 0, len;
- if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- /* Reset the max index for the size indicated in the outer wrapper. */
- cert->maxIdx = len + cert->srcIdx;
- cert->certBegin = cert->srcIdx;
- if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- cert->sigIndex = len + cert->srcIdx;
- if (cert->sigIndex > cert->maxIdx)
- return ASN_PARSE_E;
- if (GetExplicitVersion(cert->source, &cert->srcIdx, &cert->version,
- cert->sigIndex) < 0)
- return ASN_PARSE_E;
- if (GetSerialNumber(cert->source, &cert->srcIdx, cert->serial,
- &cert->serialSz, cert->sigIndex) < 0)
- return ASN_PARSE_E;
- return ret;
- }
- #if !defined(NO_RSA)
- /* Store Rsa Key, may save later, Dsa could use in future */
- static int StoreRsaKey(DecodedCert* cert, word32 bitStringEnd)
- {
- int length;
- word32 recvd = cert->srcIdx;
- if (GetSequence(cert->source, &cert->srcIdx, &length, bitStringEnd) < 0)
- return ASN_PARSE_E;
- recvd = cert->srcIdx - recvd;
- length += recvd;
- while (recvd--)
- cert->srcIdx--;
- #if defined(WOLFSSL_RENESAS_TSIP)
- cert->sigCtx.pubkey_n_start = cert->sigCtx.pubkey_e_start = cert->srcIdx;
- #endif
- cert->pubKeySize = length;
- cert->publicKey = cert->source + cert->srcIdx;
- cert->srcIdx += length;
- return 0;
- }
- #endif /* !NO_RSA */
- #ifdef HAVE_ECC
- /* return 0 on success if the ECC curve oid sum is supported */
- static int CheckCurve(word32 oid)
- {
- int ret = 0;
- word32 oidSz = 0;
- ret = wc_ecc_get_oid(oid, NULL, &oidSz);
- if (ret < 0 || oidSz == 0) {
- WOLFSSL_MSG("CheckCurve not found");
- ret = ALGO_ID_E;
- }
- return ret;
- }
- #endif /* HAVE_ECC */
- static int GetKey(DecodedCert* cert)
- {
- int length;
- #ifndef NO_DSA
- int tmpLen;
- #endif
- #if defined(HAVE_ECC) || defined(HAVE_NTRU) || !defined(NO_DSA)
- int tmpIdx = cert->srcIdx;
- #endif
- if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- #ifndef NO_DSA
- tmpLen = length + 4;
- #endif
- if (GetAlgoId(cert->source, &cert->srcIdx,
- &cert->keyOID, oidKeyType, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- switch (cert->keyOID) {
- #ifndef NO_RSA
- case RSAk:
- {
- int ret;
- ret = CheckBitString(cert->source, &cert->srcIdx, &length,
- cert->maxIdx, 1, NULL);
- if (ret != 0)
- return ret;
- #ifdef HAVE_OCSP
- ret = CalcHashId(cert->source + cert->srcIdx, length,
- cert->subjectKeyHash);
- if (ret != 0)
- return ret;
- #endif
- return StoreRsaKey(cert, cert->srcIdx + length);
- }
- #endif /* NO_RSA */
- #ifdef HAVE_NTRU
- case NTRUk:
- {
- const byte* key = &cert->source[tmpIdx];
- byte* next = (byte*)key;
- word16 keyLen;
- word32 rc;
- word32 remaining = cert->maxIdx - cert->srcIdx;
- byte* publicKey;
- #ifdef WOLFSSL_SMALL_STACK
- byte* keyBlob = NULL;
- #else
- byte keyBlob[MAX_NTRU_KEY_SZ];
- #endif
- rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
- &keyLen, NULL, &next, &remaining);
- if (rc != NTRU_OK)
- return ASN_NTRU_KEY_E;
- if (keyLen > MAX_NTRU_KEY_SZ)
- return ASN_NTRU_KEY_E;
- #ifdef WOLFSSL_SMALL_STACK
- keyBlob = (byte*)XMALLOC(MAX_NTRU_KEY_SZ, cert->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (keyBlob == NULL)
- return MEMORY_E;
- #endif
- rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key,
- &keyLen, keyBlob, &next, &remaining);
- if (rc != NTRU_OK) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(keyBlob, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ASN_NTRU_KEY_E;
- }
- if ( (next - key) < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(keyBlob, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ASN_NTRU_KEY_E;
- }
- cert->srcIdx = tmpIdx + (int)(next - key);
- publicKey = (byte*)XMALLOC(keyLen, cert->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (publicKey == NULL) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(keyBlob, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return MEMORY_E;
- }
- XMEMCPY(publicKey, keyBlob, keyLen);
- cert->publicKey = publicKey;
- cert->pubKeyStored = 1;
- cert->pubKeySize = keyLen;
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(keyBlob, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return 0;
- }
- #endif /* HAVE_NTRU */
- #ifdef HAVE_ECC
- case ECDSAk:
- {
- int ret;
- byte seq[5];
- int pubLen = length + 1 + SetLength(length, seq);
- word32 localIdx;
- byte* publicKey;
- byte tag;
- localIdx = cert->srcIdx;
- if (GetASNTag(cert->source, &localIdx, &tag, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- if (tag != (ASN_SEQUENCE | ASN_CONSTRUCTED)) {
- if (GetObjectId(cert->source, &cert->srcIdx,
- &cert->pkCurveOID, oidCurveType, cert->maxIdx) < 0)
- return ASN_PARSE_E;
- if (CheckCurve(cert->pkCurveOID) < 0)
- return ECC_CURVE_OID_E;
- /* key header */
- ret = CheckBitString(cert->source, &cert->srcIdx, &length,
- cert->maxIdx, 1, NULL);
- if (ret != 0)
- return ret;
- #ifdef HAVE_OCSP
- ret = CalcHashId(cert->source + cert->srcIdx, length,
- cert->subjectKeyHash);
- if (ret != 0)
- return ret;
- #endif
- }
- publicKey = (byte*)XMALLOC(pubLen, cert->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (publicKey == NULL)
- return MEMORY_E;
- XMEMCPY(publicKey, &cert->source[tmpIdx], pubLen);
- cert->publicKey = publicKey;
- cert->pubKeyStored = 1;
- cert->pubKeySize = pubLen;
- cert->srcIdx = tmpIdx + pubLen;
- return 0;
- }
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- case ED25519k:
- {
- byte* publicKey;
- int ret;
- cert->pkCurveOID = ED25519k;
- ret = CheckBitString(cert->source, &cert->srcIdx, &length,
- cert->maxIdx, 1, NULL);
- if (ret != 0)
- return ret;
- #ifdef HAVE_OCSP
- ret = CalcHashId(cert->source + cert->srcIdx, length,
- cert->subjectKeyHash);
- if (ret != 0)
- return ret;
- #endif
- publicKey = (byte*) XMALLOC(length, cert->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (publicKey == NULL)
- return MEMORY_E;
- XMEMCPY(publicKey, &cert->source[cert->srcIdx], length);
- cert->publicKey = publicKey;
- cert->pubKeyStored = 1;
- cert->pubKeySize = length;
- cert->srcIdx += length;
- return 0;
- }
- #endif /* HAVE_ED25519 */
- #ifdef HAVE_ED448
- case ED448k:
- {
- byte* publicKey;
- int ret;
- cert->pkCurveOID = ED448k;
- ret = CheckBitString(cert->source, &cert->srcIdx, &length,
- cert->maxIdx, 1, NULL);
- if (ret != 0)
- return ret;
- #ifdef HAVE_OCSP
- ret = CalcHashId(cert->source + cert->srcIdx, length,
- cert->subjectKeyHash);
- if (ret != 0)
- return ret;
- #endif
- publicKey = (byte*) XMALLOC(length, cert->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (publicKey == NULL)
- return MEMORY_E;
- XMEMCPY(publicKey, &cert->source[cert->srcIdx], length);
- cert->publicKey = publicKey;
- cert->pubKeyStored = 1;
- cert->pubKeySize = length;
- cert->srcIdx += length;
- return 0;
- }
- #endif /* HAVE_ED448 */
- #ifndef NO_DSA
- case DSAk:
- {
- int ret;
- ret = GetSequence(cert->source, &cert->srcIdx, &length,
- cert->maxIdx);
- if (ret < 0)
- return ret;
- ret = SkipInt(cert->source, &cert->srcIdx, cert->maxIdx);
- if (ret != 0)
- return ret;
- ret = SkipInt(cert->source, &cert->srcIdx, cert->maxIdx);
- if (ret != 0)
- return ret;
- ret = SkipInt(cert->source, &cert->srcIdx, cert->maxIdx);
- if (ret != 0)
- return ret;
- ret = CheckBitString(cert->source, &cert->srcIdx, &length,
- cert->maxIdx, 1, NULL);
- if (ret != 0)
- return ret;
- ret = GetASNInt(cert->source, &cert->srcIdx, &length, cert->maxIdx);
- if (ret !=0)
- return ASN_PARSE_E;
- cert->publicKey = cert->source + tmpIdx;
- cert->pubKeySize = tmpLen;
- cert->srcIdx += length;
- return 0;
- }
- #endif /* NO_DSA */
- default:
- WOLFSSL_MSG("Unknown or not compiled in key OID");
- return ASN_UNKNOWN_OID_E;
- }
- }
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- #if defined(HAVE_ECC)
- /* Converts ECC curve enum values in ecc_curve_id to the associated OpenSSL NID
- value */
- WOLFSSL_API int EccEnumToNID(int n)
- {
- WOLFSSL_ENTER("EccEnumToNID()");
- switch(n) {
- case ECC_SECP192R1:
- return NID_X9_62_prime192v1;
- case ECC_PRIME192V2:
- return NID_X9_62_prime192v2;
- case ECC_PRIME192V3:
- return NID_X9_62_prime192v3;
- case ECC_PRIME239V1:
- return NID_X9_62_prime239v1;
- case ECC_PRIME239V2:
- return NID_X9_62_prime239v2;
- case ECC_PRIME239V3:
- return NID_X9_62_prime239v3;
- case ECC_SECP256R1:
- return NID_X9_62_prime256v1;
- case ECC_SECP112R1:
- return NID_secp112r1;
- case ECC_SECP112R2:
- return NID_secp112r2;
- case ECC_SECP128R1:
- return NID_secp128r1;
- case ECC_SECP128R2:
- return NID_secp128r2;
- case ECC_SECP160R1:
- return NID_secp160r1;
- case ECC_SECP160R2:
- return NID_secp160r2;
- case ECC_SECP224R1:
- return NID_secp224r1;
- case ECC_SECP384R1:
- return NID_secp384r1;
- case ECC_SECP521R1:
- return NID_secp521r1;
- case ECC_SECP160K1:
- return NID_secp160k1;
- case ECC_SECP192K1:
- return NID_secp192k1;
- case ECC_SECP224K1:
- return NID_secp224k1;
- case ECC_SECP256K1:
- return NID_secp256k1;
- case ECC_BRAINPOOLP160R1:
- return NID_brainpoolP160r1;
- case ECC_BRAINPOOLP192R1:
- return NID_brainpoolP192r1;
- case ECC_BRAINPOOLP224R1:
- return NID_brainpoolP224r1;
- case ECC_BRAINPOOLP256R1:
- return NID_brainpoolP256r1;
- case ECC_BRAINPOOLP320R1:
- return NID_brainpoolP320r1;
- case ECC_BRAINPOOLP384R1:
- return NID_brainpoolP384r1;
- case ECC_BRAINPOOLP512R1:
- return NID_brainpoolP512r1;
- default:
- WOLFSSL_MSG("NID not found");
- return -1;
- }
- }
- #endif /* HAVE_ECC */
- #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- int wc_OBJ_sn2nid(const char *sn)
- {
- const struct {
- const char *sn;
- int nid;
- } sn2nid[] = {
- {WOLFSSL_COMMON_NAME, NID_commonName},
- {WOLFSSL_COUNTRY_NAME, NID_countryName},
- {WOLFSSL_LOCALITY_NAME, NID_localityName},
- {WOLFSSL_STATE_NAME, NID_stateOrProvinceName},
- {WOLFSSL_ORG_NAME, NID_organizationName},
- {WOLFSSL_ORGUNIT_NAME, NID_organizationalUnitName},
- {WOLFSSL_EMAIL_ADDR, NID_emailAddress},
- {NULL, -1}};
- int i;
- #ifdef HAVE_ECC
- char curveName[16]; /* Same as MAX_CURVE_NAME_SZ but can't include that
- * symbol in this file */
- int eccEnum;
- #endif
- WOLFSSL_ENTER("OBJ_sn2nid");
- for(i=0; sn2nid[i].sn != NULL; i++) {
- if(XSTRNCMP(sn, sn2nid[i].sn, XSTRLEN(sn2nid[i].sn)) == 0) {
- return sn2nid[i].nid;
- }
- }
- #ifdef HAVE_ECC
- /* Nginx uses this OpenSSL string. */
- if (XSTRNCMP(sn, "prime256v1", 10) == 0)
- sn = "SECP256R1";
- /* OpenSSL allows lowercase curve names */
- for (i = 0; i < (int)(sizeof(curveName) - 1) && *sn; i++) {
- curveName[i] = (char)XTOUPPER(*sn++);
- }
- curveName[i] = '\0';
- /* find based on name and return NID */
- for (i = 0;
- #ifndef WOLFSSL_ECC_CURVE_STATIC
- ecc_sets[i].size != 0 && ecc_sets[i].name != NULL;
- #else
- ecc_sets[i].size != 0;
- #endif
- i++) {
- if (XSTRNCMP(curveName, ecc_sets[i].name, ECC_MAXNAME) == 0) {
- eccEnum = ecc_sets[i].id;
- /* Convert enum value in ecc_curve_id to OpenSSL NID */
- return EccEnumToNID(eccEnum);
- }
- }
- #endif
- return NID_undef;
- }
- #endif
- /* Routine for calculating hashId */
- int CalcHashId(const byte* data, word32 len, byte* hash)
- {
- int ret;
- #if defined(NO_SHA) && !defined(NO_SHA256)
- ret = wc_Sha256Hash(data, len, hash);
- #elif !defined(NO_SHA)
- ret = wc_ShaHash(data, len, hash);
- #else
- ret = NOT_COMPILED_IN;
- (void)data;
- (void)len;
- (void)hash;
- #endif
- return ret;
- }
- /* process NAME, either issuer or subject
- * returns 0 on success and negative values on fail */
- int GetName(DecodedCert* cert, int nameType, int maxIdx)
- {
- int length; /* length of all distinguished names */
- int dummy;
- int ret;
- char* full;
- byte* hash;
- word32 idx, localIdx = 0;
- byte tag;
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- WOLFSSL_X509_NAME* dName;
- #endif /* OPENSSL_EXTRA */
- WOLFSSL_MSG("Getting Cert Name");
- if (nameType == ISSUER) {
- full = cert->issuer;
- hash = cert->issuerHash;
- }
- else {
- full = cert->subject;
- hash = cert->subjectHash;
- }
- if (cert->srcIdx >= (word32)maxIdx) {
- return BUFFER_E;
- }
- localIdx = cert->srcIdx;
- if (GetASNTag(cert->source, &localIdx, &tag, maxIdx) < 0) {
- return ASN_PARSE_E;
- }
- if (tag == ASN_OBJECT_ID) {
- WOLFSSL_MSG("Trying optional prefix...");
- if (SkipObjectId(cert->source, &cert->srcIdx, maxIdx) < 0)
- return ASN_PARSE_E;
- WOLFSSL_MSG("Got optional prefix");
- }
- /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
- * calculated over the entire DER encoding of the Name field, including
- * the tag and length. */
- idx = cert->srcIdx;
- if (GetSequence(cert->source, &cert->srcIdx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- ret = CalcHashId(&cert->source[idx], length + cert->srcIdx - idx, hash);
- if (ret != 0)
- return ret;
- length += cert->srcIdx;
- idx = 0;
- #if defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT)
- /* store pointer to raw issuer */
- if (nameType == ISSUER) {
- cert->issuerRaw = &cert->source[cert->srcIdx];
- cert->issuerRawLen = length - cert->srcIdx;
- }
- #endif
- #ifndef IGNORE_NAME_CONSTRAINTS
- if (nameType == SUBJECT) {
- cert->subjectRaw = &cert->source[cert->srcIdx];
- cert->subjectRawLen = length - cert->srcIdx;
- }
- #endif
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- dName = wolfSSL_X509_NAME_new();
- if (dName == NULL) {
- return MEMORY_E;
- }
- #endif /* OPENSSL_EXTRA */
- while (cert->srcIdx < (word32)length) {
- byte b = 0;
- byte joint[3];
- byte tooBig = FALSE;
- int oidSz;
- const char* copy = NULL;
- int copyLen = 0;
- int strLen = 0;
- byte id = 0;
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- int nid = NID_undef;
- int enc;
- #endif /* OPENSSL_EXTRA */
- if (GetSet(cert->source, &cert->srcIdx, &dummy, maxIdx) < 0) {
- WOLFSSL_MSG("Cert name lacks set header, trying sequence");
- }
- if (GetSequence(cert->source, &cert->srcIdx, &dummy, maxIdx) <= 0) {
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return ASN_PARSE_E;
- }
- ret = GetASNObjectId(cert->source, &cert->srcIdx, &oidSz, maxIdx);
- if (ret != 0) {
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return ret;
- }
- /* make sure there is room for joint */
- if ((cert->srcIdx + sizeof(joint)) > (word32)maxIdx) {
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return ASN_PARSE_E;
- }
- XMEMCPY(joint, &cert->source[cert->srcIdx], sizeof(joint));
- /* v1 name types */
- if (joint[0] == 0x55 && joint[1] == 0x04) {
- cert->srcIdx += 3;
- id = joint[2];
- if (GetHeader(cert->source, &b, &cert->srcIdx, &strLen,
- maxIdx, 1) < 0) {
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return ASN_PARSE_E;
- }
- if (id == ASN_COMMON_NAME) {
- if (nameType == SUBJECT) {
- cert->subjectCN = (char *)&cert->source[cert->srcIdx];
- cert->subjectCNLen = strLen;
- cert->subjectCNEnc = b;
- }
- copy = WOLFSSL_COMMON_NAME;
- copyLen = sizeof(WOLFSSL_COMMON_NAME) - 1;
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_commonName;
- #endif /* OPENSSL_EXTRA */
- }
- else if (id == ASN_SUR_NAME) {
- copy = WOLFSSL_SUR_NAME;
- copyLen = sizeof(WOLFSSL_SUR_NAME) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectSN = (char*)&cert->source[cert->srcIdx];
- cert->subjectSNLen = strLen;
- cert->subjectSNEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_surname;
- #endif /* OPENSSL_EXTRA */
- }
- else if (id == ASN_COUNTRY_NAME) {
- copy = WOLFSSL_COUNTRY_NAME;
- copyLen = sizeof(WOLFSSL_COUNTRY_NAME) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectC = (char*)&cert->source[cert->srcIdx];
- cert->subjectCLen = strLen;
- cert->subjectCEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_countryName;
- #endif /* OPENSSL_EXTRA */
- }
- else if (id == ASN_LOCALITY_NAME) {
- copy = WOLFSSL_LOCALITY_NAME;
- copyLen = sizeof(WOLFSSL_LOCALITY_NAME) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectL = (char*)&cert->source[cert->srcIdx];
- cert->subjectLLen = strLen;
- cert->subjectLEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_localityName;
- #endif /* OPENSSL_EXTRA */
- }
- else if (id == ASN_STATE_NAME) {
- copy = WOLFSSL_STATE_NAME;
- copyLen = sizeof(WOLFSSL_STATE_NAME) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectST = (char*)&cert->source[cert->srcIdx];
- cert->subjectSTLen = strLen;
- cert->subjectSTEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_stateOrProvinceName;
- #endif /* OPENSSL_EXTRA */
- }
- else if (id == ASN_ORG_NAME) {
- copy = WOLFSSL_ORG_NAME;
- copyLen = sizeof(WOLFSSL_ORG_NAME) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectO = (char*)&cert->source[cert->srcIdx];
- cert->subjectOLen = strLen;
- cert->subjectOEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_organizationName;
- #endif /* OPENSSL_EXTRA */
- }
- else if (id == ASN_ORGUNIT_NAME) {
- copy = WOLFSSL_ORGUNIT_NAME;
- copyLen = sizeof(WOLFSSL_ORGUNIT_NAME) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectOU = (char*)&cert->source[cert->srcIdx];
- cert->subjectOULen = strLen;
- cert->subjectOUEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_organizationalUnitName;
- #endif /* OPENSSL_EXTRA */
- }
- else if (id == ASN_SERIAL_NUMBER) {
- copy = WOLFSSL_SERIAL_NUMBER;
- copyLen = sizeof(WOLFSSL_SERIAL_NUMBER) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectSND = (char*)&cert->source[cert->srcIdx];
- cert->subjectSNDLen = strLen;
- cert->subjectSNDEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_serialNumber;
- #endif /* OPENSSL_EXTRA */
- }
- #ifdef WOLFSSL_CERT_EXT
- else if (id == ASN_BUS_CAT) {
- copy = WOLFSSL_BUS_CAT;
- copyLen = sizeof(WOLFSSL_BUS_CAT) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectBC = (char*)&cert->source[cert->srcIdx];
- cert->subjectBCLen = strLen;
- cert->subjectBCEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_businessCategory;
- #endif /* OPENSSL_EXTRA */
- }
- #endif /* WOLFSSL_CERT_EXT */
- }
- #ifdef WOLFSSL_CERT_EXT
- else if ((cert->srcIdx + ASN_JOI_PREFIX_SZ + 2 <= (word32)maxIdx) &&
- (0 == XMEMCMP(&cert->source[cert->srcIdx], ASN_JOI_PREFIX,
- ASN_JOI_PREFIX_SZ)) &&
- ((cert->source[cert->srcIdx+ASN_JOI_PREFIX_SZ] == ASN_JOI_C) ||
- (cert->source[cert->srcIdx+ASN_JOI_PREFIX_SZ] == ASN_JOI_ST)))
- {
- cert->srcIdx += ASN_JOI_PREFIX_SZ;
- id = cert->source[cert->srcIdx++];
- b = cert->source[cert->srcIdx++]; /* encoding */
- if (GetLength(cert->source, &cert->srcIdx, &strLen,
- maxIdx) < 0) {
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return ASN_PARSE_E;
- }
- /* Check for jurisdiction of incorporation country name */
- if (id == ASN_JOI_C) {
- copy = WOLFSSL_JOI_C;
- copyLen = sizeof(WOLFSSL_JOI_C) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectJC = (char*)&cert->source[cert->srcIdx];
- cert->subjectJCLen = strLen;
- cert->subjectJCEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_jurisdictionCountryName;
- #endif /* OPENSSL_EXTRA */
- }
- /* Check for jurisdiction of incorporation state name */
- else if (id == ASN_JOI_ST) {
- copy = WOLFSSL_JOI_ST;
- copyLen = sizeof(WOLFSSL_JOI_ST) - 1;
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectJS = (char*)&cert->source[cert->srcIdx];
- cert->subjectJSLen = strLen;
- cert->subjectJSEnc = b;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_jurisdictionStateOrProvinceName;
- #endif /* OPENSSL_EXTRA */
- }
- if ((strLen + copyLen) > (int)(ASN_NAME_MAX - idx)) {
- WOLFSSL_MSG("ASN Name too big, skipping");
- tooBig = TRUE;
- }
- }
- #endif /* WOLFSSL_CERT_EXT */
- else {
- /* skip */
- byte email = FALSE;
- byte pilot = FALSE;
- if (joint[0] == 0x2a && joint[1] == 0x86) { /* email id hdr */
- id = ASN_EMAIL_NAME;
- email = TRUE;
- }
- if (joint[0] == 0x9 && joint[1] == 0x92) { /* uid id hdr */
- /* last value of OID is the type of pilot attribute */
- id = cert->source[cert->srcIdx + oidSz - 1];
- pilot = TRUE;
- }
- cert->srcIdx += oidSz + 1;
- if (GetLength(cert->source, &cert->srcIdx, &strLen, maxIdx) < 0) {
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return ASN_PARSE_E;
- }
- if (strLen > (int)(ASN_NAME_MAX - idx)) {
- WOLFSSL_MSG("ASN name too big, skipping");
- tooBig = TRUE;
- }
- if (email) {
- copyLen = sizeof(WOLFSSL_EMAIL_ADDR) - 1;
- if ((copyLen + strLen) > (int)(ASN_NAME_MAX - idx)) {
- WOLFSSL_MSG("ASN name too big, skipping");
- tooBig = TRUE;
- }
- else {
- copy = WOLFSSL_EMAIL_ADDR;
- }
- #ifdef WOLFSSL_CERT_GEN
- if (nameType == SUBJECT) {
- cert->subjectEmail = (char*)&cert->source[cert->srcIdx];
- cert->subjectEmailLen = strLen;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_emailAddress;
- #endif /* OPENSSL_EXTRA */
- #ifndef IGNORE_NAME_CONSTRAINTS
- {
- DNS_entry* emailName;
- emailName = (DNS_entry*)XMALLOC(sizeof(DNS_entry),
- cert->heap, DYNAMIC_TYPE_ALTNAME);
- if (emailName == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return MEMORY_E;
- }
- emailName->type = 0;
- emailName->name = (char*)XMALLOC(strLen + 1,
- cert->heap, DYNAMIC_TYPE_ALTNAME);
- if (emailName->name == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- XFREE(emailName, cert->heap, DYNAMIC_TYPE_ALTNAME);
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return MEMORY_E;
- }
- emailName->len = strLen;
- XMEMCPY(emailName->name, &cert->source[cert->srcIdx],
- strLen);
- emailName->name[strLen] = '\0';
- emailName->next = cert->altEmailNames;
- cert->altEmailNames = emailName;
- }
- #endif /* IGNORE_NAME_CONSTRAINTS */
- }
- if (pilot) {
- switch (id) {
- case ASN_USER_ID:
- copy = WOLFSSL_USER_ID;
- copyLen = sizeof(WOLFSSL_USER_ID) - 1;
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_userId;
- #endif /* OPENSSL_EXTRA */
- break;
- case ASN_DOMAIN_COMPONENT:
- copy = WOLFSSL_DOMAIN_COMPONENT;
- copyLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1;
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_domainComponent;
- #endif /* OPENSSL_EXTRA */
- break;
- case ASN_FAVOURITE_DRINK:
- copy = WOLFSSL_FAVOURITE_DRINK;
- copyLen = sizeof(WOLFSSL_FAVOURITE_DRINK) - 1;
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) \
- && !defined(WOLFCRYPT_ONLY)
- nid = NID_favouriteDrink;
- #endif /* OPENSSL_EXTRA */
- break;
- default:
- WOLFSSL_MSG("Unknown pilot attribute type");
- #if (defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- wolfSSL_X509_NAME_free(dName);
- #endif /* OPENSSL_EXTRA */
- return ASN_PARSE_E;
- }
- }
- }
- if ((copyLen + strLen) > (int)(ASN_NAME_MAX - idx))
- {
- WOLFSSL_MSG("ASN Name too big, skipping");
- tooBig = TRUE;
- }
- if ((copy != NULL) && !tooBig) {
- XMEMCPY(&full[idx], copy, copyLen);
- idx += copyLen;
- XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen);
- idx += strLen;
- }
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- switch (b) {
- case CTC_UTF8:
- enc = MBSTRING_UTF8;
- break;
- case CTC_PRINTABLE:
- enc = V_ASN1_PRINTABLESTRING;
- break;
- default:
- WOLFSSL_MSG("Unknown encoding type, using UTF8 by default");
- enc = MBSTRING_UTF8;
- }
- if (nid != NID_undef) {
- if (wolfSSL_X509_NAME_add_entry_by_NID(dName, nid, enc,
- &cert->source[cert->srcIdx], strLen, -1, -1) !=
- WOLFSSL_SUCCESS) {
- wolfSSL_X509_NAME_free(dName);
- return ASN_PARSE_E;
- }
- }
- #endif /* OPENSSL_EXTRA */
- cert->srcIdx += strLen;
- }
- full[idx++] = 0;
- #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
- !defined(WOLFCRYPT_ONLY)
- if (nameType == ISSUER) {
- cert->issuerName = dName;
- }
- else {
- cert->subjectName = dName;
- }
- #endif
- return 0;
- }
- #ifndef NO_ASN_TIME
- /* two byte date/time, add to value */
- static WC_INLINE int GetTime(int* value, const byte* date, int* idx)
- {
- int i = *idx;
- if (date[i] < 0x30 || date[i] > 0x39 || date[i+1] < 0x30 ||
- date[i+1] > 0x39) {
- return ASN_PARSE_E;
- }
- *value += btoi(date[i++]) * 10;
- *value += btoi(date[i++]);
- *idx = i;
- return 0;
- }
- #ifdef WOLFSSL_LINUXKM
- static WC_INLINE int GetTime_Long(long* value, const byte* date, int* idx)
- {
- int i = *idx;
- if (date[i] < 0x30 || date[i] > 0x39 || date[i+1] < 0x30 ||
- date[i+1] > 0x39) {
- return ASN_PARSE_E;
- }
- *value += (long)btoi(date[i++]) * 10;
- *value += (long)btoi(date[i++]);
- *idx = i;
- return 0;
- }
- #endif
- int ExtractDate(const unsigned char* date, unsigned char format,
- struct tm* certTime, int* idx)
- {
- XMEMSET(certTime, 0, sizeof(struct tm));
- if (format == ASN_UTC_TIME) {
- if (btoi(date[*idx]) >= 5)
- certTime->tm_year = 1900;
- else
- certTime->tm_year = 2000;
- }
- else { /* format == GENERALIZED_TIME */
- #ifdef WOLFSSL_LINUXKM
- if (GetTime_Long(&certTime->tm_year, date, idx) != 0) return 0;
- #else
- if (GetTime(&certTime->tm_year, date, idx) != 0) return 0;
- #endif
- certTime->tm_year *= 100;
- }
- #ifdef AVR
- /* Extract the time from the struct tm and adjust tm_year, tm_mon */
- /* AVR libc stores these as uint8_t instead of int */
- /* AVR time_t also offsets from midnight 1 Jan 2000 */
- int tm_year = certTime->tm_year - 2000;
- int tm_mon = certTime->tm_mon - 1;
- int tm_mday = certTime->tm_mday;
- int tm_hour = certTime->tm_hour;
- int tm_min = certTime->tm_min;
- int tm_sec = certTime->tm_sec;
- #ifdef WOLFSSL_LINUXKM
- if (GetTime_Long(&tm_year, date, idx) != 0) return 0;
- #else
- if (GetTime(&tm_year, date, idx) != 0) return 0;
- #endif
- if (GetTime(&tm_mon , date, idx) != 0) return 0;
- if (GetTime(&tm_mday, date, idx) != 0) return 0;
- if (GetTime(&tm_hour, date, idx) != 0) return 0;
- if (GetTime(&tm_min , date, idx) != 0) return 0;
- if (GetTime(&tm_sec , date, idx) != 0) return 0;
- /* Re-populate certTime with computed values */
- certTime->tm_year = tm_year;
- certTime->tm_mon = tm_mon;
- certTime->tm_mday = tm_mday;
- certTime->tm_hour = tm_hour;
- certTime->tm_min = tm_min;
- certTime->tm_sec = tm_sec;
- #else
- /* adjust tm_year, tm_mon */
- #ifdef WOLFSSL_LINUXKM
- if (GetTime_Long(&certTime->tm_year, date, idx) != 0) return 0;
- #else
- if (GetTime(&certTime->tm_year, date, idx) != 0) return 0;
- #endif
- certTime->tm_year -= 1900;
- if (GetTime(&certTime->tm_mon , date, idx) != 0) return 0;
- certTime->tm_mon -= 1;
- if (GetTime(&certTime->tm_mday, date, idx) != 0) return 0;
- if (GetTime(&certTime->tm_hour, date, idx) != 0) return 0;
- if (GetTime(&certTime->tm_min , date, idx) != 0) return 0;
- if (GetTime(&certTime->tm_sec , date, idx) != 0) return 0;
- #endif
- return 1;
- }
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_MYSQL_COMPATIBLE) || \
- defined(OPENSSL_EXTRA) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
- int GetTimeString(byte* date, int format, char* buf, int len)
- {
- struct tm t;
- int idx = 0;
- if (!ExtractDate(date, (unsigned char)format, &t, &idx)) {
- return 0;
- }
- if (date[idx] != 'Z') {
- WOLFSSL_MSG("UTCtime, not Zulu") ;
- return 0;
- }
- /* place month in buffer */
- buf[0] = '\0';
- switch(t.tm_mon) {
- case 0: XSTRNCAT(buf, "Jan ", 5); break;
- case 1: XSTRNCAT(buf, "Feb ", 5); break;
- case 2: XSTRNCAT(buf, "Mar ", 5); break;
- case 3: XSTRNCAT(buf, "Apr ", 5); break;
- case 4: XSTRNCAT(buf, "May ", 5); break;
- case 5: XSTRNCAT(buf, "Jun ", 5); break;
- case 6: XSTRNCAT(buf, "Jul ", 5); break;
- case 7: XSTRNCAT(buf, "Aug ", 5); break;
- case 8: XSTRNCAT(buf, "Sep ", 5); break;
- case 9: XSTRNCAT(buf, "Oct ", 5); break;
- case 10: XSTRNCAT(buf, "Nov ", 5); break;
- case 11: XSTRNCAT(buf, "Dec ", 5); break;
- default:
- return 0;
- }
- idx = 4; /* use idx now for char buffer */
- XSNPRINTF(buf + idx, len - idx, "%2d %02d:%02d:%02d %d GMT",
- t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec, (int)t.tm_year + 1900);
- return 1;
- }
- #endif /* OPENSSL_ALL || WOLFSSL_MYSQL_COMPATIBLE || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
- #if !defined(NO_ASN_TIME) && defined(HAVE_PKCS7)
- /* Set current time string, either UTC or GeneralizedTime.
- * (void*) tm should be a pointer to time_t, output is placed in buf.
- *
- * Return time string length placed in buf on success, negative on error */
- int GetAsnTimeString(void* currTime, byte* buf, word32 len)
- {
- struct tm* ts = NULL;
- struct tm* tmpTime = NULL;
- byte* data_ptr = buf;
- word32 data_len = 0;
- int year, mon, day, hour, mini, sec;
- #if defined(NEED_TMP_TIME)
- struct tm tmpTimeStorage;
- tmpTime = &tmpTimeStorage;
- #else
- (void)tmpTime;
- #endif
- WOLFSSL_ENTER("SetAsnTimeString");
- if (buf == NULL || len == 0)
- return BAD_FUNC_ARG;
- ts = (struct tm *)XGMTIME((time_t*)currTime, tmpTime);
- if (ts == NULL){
- WOLFSSL_MSG("failed to get time data.");
- return ASN_TIME_E;
- }
- /* Note ASN_UTC_TIME_SIZE and ASN_GENERALIZED_TIME_SIZE include space for
- * the null terminator. ASN encoded values leave off the terminator. */
- if (ts->tm_year >= 50 && ts->tm_year < 150) {
- /* UTC Time */
- char utc_str[ASN_UTC_TIME_SIZE];
- data_len = ASN_UTC_TIME_SIZE - 1 + 2;
- if (len < data_len)
- return BUFFER_E;
- if (ts->tm_year >= 50 && ts->tm_year < 100) {
- year = ts->tm_year;
- } else if (ts->tm_year >= 100 && ts->tm_year < 150) {
- year = ts->tm_year - 100;
- }
- else {
- WOLFSSL_MSG("unsupported year range");
- return BAD_FUNC_ARG;
- }
- mon = ts->tm_mon + 1;
- day = ts->tm_mday;
- hour = ts->tm_hour;
- mini = ts->tm_min;
- sec = ts->tm_sec;
- XSNPRINTF((char *)utc_str, ASN_UTC_TIME_SIZE,
- "%02d%02d%02d%02d%02d%02dZ", year, mon, day, hour, mini, sec);
- *data_ptr = (byte) ASN_UTC_TIME; data_ptr++;
- /* -1 below excludes null terminator */
- *data_ptr = (byte) ASN_UTC_TIME_SIZE - 1; data_ptr++;
- XMEMCPY(data_ptr,(byte *)utc_str, ASN_UTC_TIME_SIZE - 1);
- } else {
- /* GeneralizedTime */
- char gt_str[ASN_GENERALIZED_TIME_SIZE];
- data_len = ASN_GENERALIZED_TIME_SIZE - 1 + 2;
- if (len < data_len)
- return BUFFER_E;
- year = ts->tm_year + 1900;
- mon = ts->tm_mon + 1;
- day = ts->tm_mday;
- hour = ts->tm_hour;
- mini = ts->tm_min;
- sec = ts->tm_sec;
- XSNPRINTF((char *)gt_str, ASN_GENERALIZED_TIME_SIZE,
- "%4d%02d%02d%02d%02d%02dZ", year, mon, day, hour, mini, sec);
- *data_ptr = (byte) ASN_GENERALIZED_TIME; data_ptr++;
- /* -1 below excludes null terminator */
- *data_ptr = (byte) ASN_GENERALIZED_TIME_SIZE - 1; data_ptr++;
- XMEMCPY(data_ptr,(byte *)gt_str, ASN_GENERALIZED_TIME_SIZE - 1);
- }
- return data_len;
- }
- #endif /* !NO_ASN_TIME && HAVE_PKCS7 */
- #if defined(USE_WOLF_VALIDDATE)
- /* to the second */
- int DateGreaterThan(const struct tm* a, const struct tm* b)
- {
- if (a->tm_year > b->tm_year)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon > b->tm_mon)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday > b->tm_mday)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday == b->tm_mday && a->tm_hour > b->tm_hour)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
- a->tm_min > b->tm_min)
- return 1;
- if (a->tm_year == b->tm_year && a->tm_mon == b->tm_mon &&
- a->tm_mday == b->tm_mday && a->tm_hour == b->tm_hour &&
- a->tm_min == b->tm_min && a->tm_sec > b->tm_sec)
- return 1;
- return 0; /* false */
- }
- static WC_INLINE int DateLessThan(const struct tm* a, const struct tm* b)
- {
- return DateGreaterThan(b,a);
- }
- /* like atoi but only use first byte */
- /* Make sure before and after dates are valid */
- int wc_ValidateDate(const byte* date, byte format, int dateType)
- {
- time_t ltime;
- struct tm certTime;
- struct tm* localTime;
- struct tm* tmpTime;
- int i = 0;
- int timeDiff = 0 ;
- int diffHH = 0 ; int diffMM = 0 ;
- int diffSign = 0 ;
- #if defined(NEED_TMP_TIME)
- struct tm tmpTimeStorage;
- tmpTime = &tmpTimeStorage;
- #else
- tmpTime = NULL;
- #endif
- (void)tmpTime;
- ltime = XTIME(0);
- #ifdef WOLFSSL_BEFORE_DATE_CLOCK_SKEW
- if (dateType == BEFORE) {
- WOLFSSL_MSG("Skewing local time for before date check");
- ltime += WOLFSSL_BEFORE_DATE_CLOCK_SKEW;
- }
- #endif
- #ifdef WOLFSSL_AFTER_DATE_CLOCK_SKEW
- if (dateType == AFTER) {
- WOLFSSL_MSG("Skewing local time for after date check");
- ltime -= WOLFSSL_AFTER_DATE_CLOCK_SKEW;
- }
- #endif
- if (!ExtractDate(date, format, &certTime, &i)) {
- WOLFSSL_MSG("Error extracting the date");
- return 0;
- }
- if ((date[i] == '+') || (date[i] == '-')) {
- WOLFSSL_MSG("Using time differential, not Zulu") ;
- diffSign = date[i++] == '+' ? 1 : -1 ;
- if (GetTime(&diffHH, date, &i) != 0)
- return 0;
- if (GetTime(&diffMM, date, &i) != 0)
- return 0;
- timeDiff = diffSign * (diffHH*60 + diffMM) * 60 ;
- } else if (date[i] != 'Z') {
- WOLFSSL_MSG("UTCtime, neither Zulu or time differential") ;
- return 0;
- }
- ltime -= (time_t)timeDiff ;
- localTime = XGMTIME(<ime, tmpTime);
- if (localTime == NULL) {
- WOLFSSL_MSG("XGMTIME failed");
- return 0;
- }
- if (dateType == BEFORE) {
- if (DateLessThan(localTime, &certTime)) {
- WOLFSSL_MSG("Date BEFORE check failed");
- return 0;
- }
- }
- else { /* dateType == AFTER */
- if (DateGreaterThan(localTime, &certTime)) {
- WOLFSSL_MSG("Date AFTER check failed");
- return 0;
- }
- }
- return 1;
- }
- #endif /* USE_WOLF_VALIDDATE */
- int wc_GetTime(void* timePtr, word32 timeSize)
- {
- time_t* ltime = (time_t*)timePtr;
- if (timePtr == NULL) {
- return BAD_FUNC_ARG;
- }
- if ((word32)sizeof(time_t) > timeSize) {
- return BUFFER_E;
- }
- *ltime = XTIME(0);
- return 0;
- }
- #endif /* !NO_ASN_TIME */
- /* Get date buffer, format and length. Returns 0=success or error */
- static int GetDateInfo(const byte* source, word32* idx, const byte** pDate,
- byte* pFormat, int* pLength, word32 maxIdx)
- {
- int length;
- byte format;
- if (source == NULL || idx == NULL)
- return BAD_FUNC_ARG;
- /* get ASN format header */
- if (*idx+1 > maxIdx)
- return BUFFER_E;
- format = source[*idx];
- *idx += 1;
- if (format != ASN_UTC_TIME && format != ASN_GENERALIZED_TIME)
- return ASN_TIME_E;
- /* get length */
- if (GetLength(source, idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- if (length > MAX_DATE_SIZE || length < MIN_DATE_SIZE)
- return ASN_DATE_SZ_E;
- /* return format, date and length */
- if (pFormat)
- *pFormat = format;
- if (pDate)
- *pDate = &source[*idx];
- if (pLength)
- *pLength = length;
- *idx += length;
- return 0;
- }
- static int GetDate(DecodedCert* cert, int dateType, int verify, int maxIdx)
- {
- int ret, length;
- const byte *datePtr = NULL;
- byte date[MAX_DATE_SIZE];
- byte format;
- word32 startIdx = 0;
- if (dateType == BEFORE)
- cert->beforeDate = &cert->source[cert->srcIdx];
- else
- cert->afterDate = &cert->source[cert->srcIdx];
- startIdx = cert->srcIdx;
- ret = GetDateInfo(cert->source, &cert->srcIdx, &datePtr, &format,
- &length, maxIdx);
- if (ret < 0)
- return ret;
- XMEMSET(date, 0, MAX_DATE_SIZE);
- XMEMCPY(date, datePtr, length);
- if (dateType == BEFORE)
- cert->beforeDateLen = cert->srcIdx - startIdx;
- else
- cert->afterDateLen = cert->srcIdx - startIdx;
- #ifndef NO_ASN_TIME
- if (verify != NO_VERIFY && verify != VERIFY_SKIP_DATE &&
- !XVALIDATE_DATE(date, format, dateType)) {
- if (dateType == BEFORE)
- return ASN_BEFORE_DATE_E;
- else
- return ASN_AFTER_DATE_E;
- }
- #else
- (void)verify;
- #endif
- return 0;
- }
- static int GetValidity(DecodedCert* cert, int verify, int maxIdx)
- {
- int length;
- int badDate = 0;
- if (GetSequence(cert->source, &cert->srcIdx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- maxIdx = cert->srcIdx + length;
- if (GetDate(cert, BEFORE, verify, maxIdx) < 0)
- badDate = ASN_BEFORE_DATE_E; /* continue parsing */
- if (GetDate(cert, AFTER, verify, maxIdx) < 0)
- return ASN_AFTER_DATE_E;
- if (badDate != 0)
- return badDate;
- return 0;
- }
- int wc_GetDateInfo(const byte* certDate, int certDateSz, const byte** date,
- byte* format, int* length)
- {
- int ret;
- word32 idx = 0;
- ret = GetDateInfo(certDate, &idx, date, format, length, certDateSz);
- if (ret < 0)
- return ret;
- return 0;
- }
- #ifndef NO_ASN_TIME
- int wc_GetDateAsCalendarTime(const byte* date, int length, byte format,
- struct tm* timearg)
- {
- int idx = 0;
- (void)length;
- if (!ExtractDate(date, format, timearg, &idx))
- return ASN_TIME_E;
- return 0;
- }
- #if defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_ALT_NAMES)
- int wc_GetCertDates(Cert* cert, struct tm* before, struct tm* after)
- {
- int ret = 0;
- const byte* date;
- byte format;
- int length;
- if (cert == NULL)
- return BAD_FUNC_ARG;
- if (before && cert->beforeDateSz > 0) {
- ret = wc_GetDateInfo(cert->beforeDate, cert->beforeDateSz, &date,
- &format, &length);
- if (ret == 0)
- ret = wc_GetDateAsCalendarTime(date, length, format, before);
- }
- if (after && cert->afterDateSz > 0) {
- ret = wc_GetDateInfo(cert->afterDate, cert->afterDateSz, &date,
- &format, &length);
- if (ret == 0)
- ret = wc_GetDateAsCalendarTime(date, length, format, after);
- }
- return ret;
- }
- #endif /* WOLFSSL_CERT_GEN && WOLFSSL_ALT_NAMES */
- #endif /* !NO_ASN_TIME */
- /* parses certificate up to point of X.509 public key
- *
- * if cert date is invalid then badDate gets set to error value, otherwise is 0
- *
- * returns a negative value on fail case
- */
- int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate)
- {
- int ret;
- if (cert == NULL || badDate == NULL)
- return BAD_FUNC_ARG;
- *badDate = 0;
- if ( (ret = GetCertHeader(cert)) < 0)
- return ret;
- WOLFSSL_MSG("Got Cert Header");
- #ifdef WOLFSSL_CERT_REQ
- if (!cert->isCSR) {
- #endif
- /* Using the sigIndex as the upper bound because that's where the
- * actual certificate data ends. */
- if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID,
- oidSigType, cert->sigIndex)) < 0)
- return ret;
- WOLFSSL_MSG("Got Algo ID");
- if ( (ret = GetName(cert, ISSUER, cert->sigIndex)) < 0)
- return ret;
- if ( (ret = GetValidity(cert, verify, cert->sigIndex)) < 0)
- *badDate = ret;
- #ifdef WOLFSSL_CERT_REQ
- }
- #endif
- if ( (ret = GetName(cert, SUBJECT, cert->sigIndex)) < 0)
- return ret;
- WOLFSSL_MSG("Got Subject Name");
- return ret;
- }
- int DecodeToKey(DecodedCert* cert, int verify)
- {
- int badDate = 0;
- int ret;
- if ( (ret = wc_GetPubX509(cert, verify, &badDate)) < 0)
- return ret;
- /* Determine if self signed */
- cert->selfSigned = XMEMCMP(cert->issuerHash,
- cert->subjectHash,
- KEYID_SIZE) == 0 ? 1 : 0;
- if ( (ret = GetKey(cert)) < 0)
- return ret;
- WOLFSSL_MSG("Got Key");
- if (badDate != 0)
- return badDate;
- return ret;
- }
- #ifndef NO_CERTS
- static int GetSignature(DecodedCert* cert)
- {
- int length;
- int ret;
- ret = CheckBitString(cert->source, &cert->srcIdx, &length, cert->maxIdx, 1,
- NULL);
- if (ret != 0)
- return ret;
- cert->sigLength = length;
- cert->signature = &cert->source[cert->srcIdx];
- cert->srcIdx += cert->sigLength;
- if (cert->srcIdx != cert->maxIdx)
- return ASN_PARSE_E;
- return 0;
- }
- #endif
- static word32 SetOctetString8Bit(word32 len, byte* output)
- {
- output[0] = ASN_OCTET_STRING;
- output[1] = (byte)len;
- return 2;
- }
- static word32 SetDigest(const byte* digest, word32 digSz, byte* output)
- {
- word32 idx = SetOctetString8Bit(digSz, output);
- XMEMCPY(&output[idx], digest, digSz);
- return idx + digSz;
- }
- static word32 BytePrecision(word32 value)
- {
- word32 i;
- for (i = (word32)sizeof(value); i; --i)
- if (value >> ((i - 1) * WOLFSSL_BIT_SIZE))
- break;
- return i;
- }
- word32 SetLength(word32 length, byte* output)
- {
- word32 i = 0, j;
- if (length < ASN_LONG_LENGTH) {
- if (output)
- output[i] = (byte)length;
- i++;
- }
- else {
- if (output)
- output[i] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH);
- i++;
- for (j = BytePrecision(length); j; --j) {
- if (output)
- output[i] = (byte)(length >> ((j - 1) * WOLFSSL_BIT_SIZE));
- i++;
- }
- }
- return i;
- }
- word32 SetSequence(word32 len, byte* output)
- {
- if (output)
- output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED;
- return SetLength(len, output ? output + 1 : NULL) + 1;
- }
- word32 SetOctetString(word32 len, byte* output)
- {
- output[0] = ASN_OCTET_STRING;
- return SetLength(len, output + 1) + 1;
- }
- /* Write a set header to output */
- word32 SetSet(word32 len, byte* output)
- {
- output[0] = ASN_SET | ASN_CONSTRUCTED;
- return SetLength(len, output + 1) + 1;
- }
- word32 SetImplicit(byte tag, byte number, word32 len, byte* output)
- {
- output[0] = ((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0)
- | ASN_CONTEXT_SPECIFIC | number;
- return SetLength(len, output + 1) + 1;
- }
- word32 SetExplicit(byte number, word32 len, byte* output)
- {
- output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | number;
- return SetLength(len, output + 1) + 1;
- }
- #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
- static int SetCurve(ecc_key* key, byte* output)
- {
- #ifdef HAVE_OID_ENCODING
- int ret;
- #endif
- int idx = 0;
- word32 oidSz = 0;
- /* validate key */
- if (key == NULL || key->dp == NULL) {
- return BAD_FUNC_ARG;
- }
- #ifdef HAVE_OID_ENCODING
- ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, NULL, &oidSz);
- if (ret != 0) {
- return ret;
- }
- #else
- oidSz = key->dp->oidSz;
- #endif
- idx += SetObjectId(oidSz, output);
- #ifdef HAVE_OID_ENCODING
- ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, output+idx, &oidSz);
- if (ret != 0) {
- return ret;
- }
- #else
- XMEMCPY(output+idx, key->dp->oid, oidSz);
- #endif
- idx += oidSz;
- return idx;
- }
- #endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
- #ifdef HAVE_ECC
- static WC_INLINE int IsSigAlgoECDSA(int algoOID)
- {
- /* ECDSA sigAlgo must not have ASN1 NULL parameters */
- if (algoOID == CTC_SHAwECDSA || algoOID == CTC_SHA256wECDSA ||
- algoOID == CTC_SHA384wECDSA || algoOID == CTC_SHA512wECDSA) {
- return 1;
- }
- return 0;
- }
- #endif
- word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz)
- {
- word32 tagSz, idSz, seqSz, algoSz = 0;
- const byte* algoName = 0;
- byte ID_Length[1 + MAX_LENGTH_SZ];
- byte seqArray[MAX_SEQ_SZ + 1]; /* add object_id to end */
- int length = 0;
- tagSz = (type == oidHashType ||
- (type == oidSigType
- #ifdef HAVE_ECC
- && !IsSigAlgoECDSA(algoOID)
- #endif
- #ifdef HAVE_ED25519
- && algoOID != ED25519k
- #endif
- #ifdef HAVE_ED448
- && algoOID != ED448k
- #endif
- ) ||
- (type == oidKeyType && algoOID == RSAk)) ? 2 : 0;
- algoName = OidFromId(algoOID, type, &algoSz);
- if (algoName == NULL) {
- WOLFSSL_MSG("Unknown Algorithm");
- return 0;
- }
- idSz = SetObjectId(algoSz, ID_Length);
- seqSz = SetSequence(idSz + algoSz + tagSz + curveSz, seqArray);
- /* Copy only algo to output for DSA keys */
- if (algoOID == DSAk && output) {
- XMEMCPY(output, ID_Length, idSz);
- XMEMCPY(output + idSz, algoName, algoSz);
- if (tagSz == 2)
- SetASNNull(&output[seqSz + idSz + algoSz]);
- }
- else if (output) {
- XMEMCPY(output, seqArray, seqSz);
- XMEMCPY(output + seqSz, ID_Length, idSz);
- XMEMCPY(output + seqSz + idSz, algoName, algoSz);
- if (tagSz == 2)
- SetASNNull(&output[seqSz + idSz + algoSz]);
- }
- if (algoOID == DSAk)
- length = idSz + algoSz + tagSz;
- else
- length = seqSz + idSz + algoSz + tagSz;
- return length;
- }
- word32 wc_EncodeSignature(byte* out, const byte* digest, word32 digSz,
- int hashOID)
- {
- byte digArray[MAX_ENCODED_DIG_SZ];
- byte algoArray[MAX_ALGO_SZ];
- byte seqArray[MAX_SEQ_SZ];
- word32 encDigSz, algoSz, seqSz;
- encDigSz = SetDigest(digest, digSz, digArray);
- algoSz = SetAlgoID(hashOID, algoArray, oidHashType, 0);
- seqSz = SetSequence(encDigSz + algoSz, seqArray);
- XMEMCPY(out, seqArray, seqSz);
- XMEMCPY(out + seqSz, algoArray, algoSz);
- XMEMCPY(out + seqSz + algoSz, digArray, encDigSz);
- return encDigSz + algoSz + seqSz;
- }
- #ifndef NO_CERTS
- int wc_GetCTC_HashOID(int type)
- {
- int ret;
- enum wc_HashType hType;
- hType = wc_HashTypeConvert(type);
- ret = wc_HashGetOID(hType);
- if (ret < 0)
- ret = 0; /* backwards compatibility */
- return ret;
- }
- void InitSignatureCtx(SignatureCtx* sigCtx, void* heap, int devId)
- {
- if (sigCtx) {
- XMEMSET(sigCtx, 0, sizeof(SignatureCtx));
- sigCtx->devId = devId;
- sigCtx->heap = heap;
- }
- }
- void FreeSignatureCtx(SignatureCtx* sigCtx)
- {
- if (sigCtx == NULL)
- return;
- if (sigCtx->digest) {
- XFREE(sigCtx->digest, sigCtx->heap, DYNAMIC_TYPE_DIGEST);
- sigCtx->digest = NULL;
- }
- #if !(defined(NO_RSA) && defined(NO_DSA))
- if (sigCtx->sigCpy) {
- XFREE(sigCtx->sigCpy, sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
- sigCtx->sigCpy = NULL;
- }
- #endif
- #ifndef NO_ASN_CRYPT
- if (sigCtx->key.ptr) {
- switch (sigCtx->keyOID) {
- #ifndef NO_RSA
- case RSAk:
- wc_FreeRsaKey(sigCtx->key.rsa);
- XFREE(sigCtx->key.ptr, sigCtx->heap, DYNAMIC_TYPE_RSA);
- break;
- #endif /* !NO_RSA */
- #ifndef NO_DSA
- case DSAk:
- wc_FreeDsaKey(sigCtx->key.dsa);
- XFREE(sigCtx->key.dsa, sigCtx->heap, DYNAMIC_TYPE_DSA);
- break;
- #endif
- #ifdef HAVE_ECC
- case ECDSAk:
- wc_ecc_free(sigCtx->key.ecc);
- XFREE(sigCtx->key.ecc, sigCtx->heap, DYNAMIC_TYPE_ECC);
- break;
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- case ED25519k:
- wc_ed25519_free(sigCtx->key.ed25519);
- XFREE(sigCtx->key.ed25519, sigCtx->heap, DYNAMIC_TYPE_ED25519);
- break;
- #endif /* HAVE_ED25519 */
- #ifdef HAVE_ED448
- case ED448k:
- wc_ed448_free(sigCtx->key.ed448);
- XFREE(sigCtx->key.ed448, sigCtx->heap, DYNAMIC_TYPE_ED448);
- break;
- #endif /* HAVE_ED448 */
- default:
- break;
- } /* switch (keyOID) */
- sigCtx->key.ptr = NULL;
- }
- #endif
- /* reset state, we are done */
- sigCtx->state = SIG_STATE_BEGIN;
- }
- #ifndef NO_ASN_CRYPT
- static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
- byte* digest, int* typeH, int* digestSz, int verify)
- {
- int ret = 0;
- switch (sigOID) {
- #if defined(WOLFSSL_MD2)
- case CTC_MD2wRSA:
- if (!verify) {
- ret = HASH_TYPE_E;
- WOLFSSL_MSG("MD2 not supported for signing");
- }
- else if ((ret = wc_Md2Hash(buf, bufSz, digest)) == 0) {
- *typeH = MD2h;
- *digestSz = MD2_DIGEST_SIZE;
- }
- break;
- #endif
- #ifndef NO_MD5
- case CTC_MD5wRSA:
- if ((ret = wc_Md5Hash(buf, bufSz, digest)) == 0) {
- *typeH = MD5h;
- *digestSz = WC_MD5_DIGEST_SIZE;
- }
- break;
- #endif
- #ifndef NO_SHA
- case CTC_SHAwRSA:
- case CTC_SHAwDSA:
- case CTC_SHAwECDSA:
- if ((ret = wc_ShaHash(buf, bufSz, digest)) == 0) {
- *typeH = SHAh;
- *digestSz = WC_SHA_DIGEST_SIZE;
- }
- break;
- #endif
- #ifdef WOLFSSL_SHA224
- case CTC_SHA224wRSA:
- case CTC_SHA224wECDSA:
- if ((ret = wc_Sha224Hash(buf, bufSz, digest)) == 0) {
- *typeH = SHA224h;
- *digestSz = WC_SHA224_DIGEST_SIZE;
- }
- break;
- #endif
- #ifndef NO_SHA256
- case CTC_SHA256wRSA:
- case CTC_SHA256wECDSA:
- case CTC_SHA256wDSA:
- if ((ret = wc_Sha256Hash(buf, bufSz, digest)) == 0) {
- *typeH = SHA256h;
- *digestSz = WC_SHA256_DIGEST_SIZE;
- }
- break;
- #endif
- #ifdef WOLFSSL_SHA384
- case CTC_SHA384wRSA:
- case CTC_SHA384wECDSA:
- if ((ret = wc_Sha384Hash(buf, bufSz, digest)) == 0) {
- *typeH = SHA384h;
- *digestSz = WC_SHA384_DIGEST_SIZE;
- }
- break;
- #endif
- #ifdef WOLFSSL_SHA512
- case CTC_SHA512wRSA:
- case CTC_SHA512wECDSA:
- if ((ret = wc_Sha512Hash(buf, bufSz, digest)) == 0) {
- *typeH = SHA512h;
- *digestSz = WC_SHA512_DIGEST_SIZE;
- }
- break;
- #endif
- #ifdef HAVE_ED25519
- case CTC_ED25519:
- /* Hashes done in signing operation.
- * Two dependent hashes with prefixes performed.
- */
- break;
- #endif
- #ifdef HAVE_ED448
- case CTC_ED448:
- /* Hashes done in signing operation.
- * Two dependent hashes with prefixes performed.
- */
- break;
- #endif
- default:
- ret = HASH_TYPE_E;
- WOLFSSL_MSG("Hash for Signature has unsupported type");
- }
- (void)buf;
- (void)bufSz;
- (void)sigOID;
- (void)digest;
- (void)digestSz;
- (void)typeH;
- (void)verify;
- return ret;
- }
- #endif /* !NO_ASN_CRYPT */
- /* Return codes: 0=Success, Negative (see error-crypt.h), ASN_SIG_CONFIRM_E */
- static int ConfirmSignature(SignatureCtx* sigCtx,
- const byte* buf, word32 bufSz,
- const byte* key, word32 keySz, word32 keyOID,
- const byte* sig, word32 sigSz, word32 sigOID, byte* rsaKeyIdx)
- {
- int ret = 0;
- #ifndef WOLFSSL_RENESAS_TSIP_TLS
- (void)rsaKeyIdx;
- #endif
- if (sigCtx == NULL || buf == NULL || bufSz == 0 || key == NULL ||
- keySz == 0 || sig == NULL || sigSz == 0) {
- return BAD_FUNC_ARG;
- }
- (void)key;
- (void)keySz;
- (void)sig;
- (void)sigSz;
- WOLFSSL_ENTER("ConfirmSignature");
- #ifndef NO_ASN_CRYPT
- switch (sigCtx->state) {
- case SIG_STATE_BEGIN:
- {
- sigCtx->keyOID = keyOID; /* must set early for cleanup */
- sigCtx->digest = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, sigCtx->heap,
- DYNAMIC_TYPE_DIGEST);
- if (sigCtx->digest == NULL) {
- ERROR_OUT(MEMORY_E, exit_cs);
- }
- sigCtx->state = SIG_STATE_HASH;
- } /* SIG_STATE_BEGIN */
- FALL_THROUGH;
- case SIG_STATE_HASH:
- {
- ret = HashForSignature(buf, bufSz, sigOID, sigCtx->digest,
- &sigCtx->typeH, &sigCtx->digestSz, 1);
- if (ret != 0) {
- goto exit_cs;
- }
- sigCtx->state = SIG_STATE_KEY;
- } /* SIG_STATE_HASH */
- FALL_THROUGH;
- case SIG_STATE_KEY:
- {
- switch (keyOID) {
- #ifndef NO_RSA
- case RSAk:
- {
- word32 idx = 0;
- sigCtx->key.rsa = (RsaKey*)XMALLOC(sizeof(RsaKey),
- sigCtx->heap, DYNAMIC_TYPE_RSA);
- sigCtx->sigCpy = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ,
- sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
- if (sigCtx->key.rsa == NULL || sigCtx->sigCpy == NULL) {
- ERROR_OUT(MEMORY_E, exit_cs);
- }
- if ((ret = wc_InitRsaKey_ex(sigCtx->key.rsa, sigCtx->heap,
- sigCtx->devId)) != 0) {
- goto exit_cs;
- }
- if (sigSz > MAX_ENCODED_SIG_SZ) {
- WOLFSSL_MSG("Verify Signature is too big");
- ERROR_OUT(BUFFER_E, exit_cs);
- }
- if ((ret = wc_RsaPublicKeyDecode(key, &idx, sigCtx->key.rsa,
- keySz)) != 0) {
- WOLFSSL_MSG("ASN Key decode error RSA");
- goto exit_cs;
- }
- XMEMCPY(sigCtx->sigCpy, sig, sigSz);
- sigCtx->out = NULL;
- #ifdef WOLFSSL_ASYNC_CRYPT
- sigCtx->asyncDev = &sigCtx->key.rsa->asyncDev;
- #endif
- break;
- }
- #endif /* !NO_RSA */
- #if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
- case DSAk:
- {
- word32 idx = 0;
- if (sigSz < DSA_SIG_SIZE) {
- WOLFSSL_MSG("Verify Signature is too small");
- ERROR_OUT(BUFFER_E, exit_cs);
- }
- sigCtx->key.dsa = (DsaKey*)XMALLOC(sizeof(DsaKey),
- sigCtx->heap, DYNAMIC_TYPE_DSA);
- sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
- sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
- if (sigCtx->key.dsa == NULL || sigCtx->sigCpy == NULL) {
- ERROR_OUT(MEMORY_E, exit_cs);
- }
- if ((ret = wc_InitDsaKey_h(sigCtx->key.dsa, sigCtx->heap)) != 0) {
- WOLFSSL_MSG("wc_InitDsaKey_h error");
- goto exit_cs;
- }
- if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa,
- keySz)) != 0) {
- WOLFSSL_MSG("ASN Key decode error RSA");
- goto exit_cs;
- }
- if (sigSz != DSA_SIG_SIZE) {
- #ifdef HAVE_ECC
- /* Try to parse it as the contents of a bitstring */
- mp_int r, s;
- idx = 0;
- if (DecodeECC_DSA_Sig(sig + idx, sigSz - idx,
- &r, &s) != 0) {
- WOLFSSL_MSG("DSA Sig is in unrecognized or "
- "incorrect format");
- ERROR_OUT(ASN_SIG_CONFIRM_E, exit_cs);
- }
- if (mp_to_unsigned_bin_len(&r, sigCtx->sigCpy,
- DSA_HALF_SIZE) != MP_OKAY ||
- mp_to_unsigned_bin_len(&s,
- sigCtx->sigCpy + DSA_HALF_SIZE,
- DSA_HALF_SIZE) != MP_OKAY) {
- WOLFSSL_MSG("DSA Sig is in unrecognized or "
- "incorrect format");
- ERROR_OUT(ASN_SIG_CONFIRM_E, exit_cs);
- }
- mp_free(&r);
- mp_free(&s);
- #else
- WOLFSSL_MSG("DSA Sig is in unrecognized or "
- "incorrect format");
- ERROR_OUT(ASN_SIG_CONFIRM_E, exit_cs);
- #endif
- }
- else {
- XMEMCPY(sigCtx->sigCpy, sig, DSA_SIG_SIZE);
- }
- break;
- }
- #endif /* !NO_DSA && !HAVE_SELFTEST */
- #ifdef HAVE_ECC
- case ECDSAk:
- {
- word32 idx = 0;
- sigCtx->verify = 0;
- sigCtx->key.ecc = (ecc_key*)XMALLOC(sizeof(ecc_key),
- sigCtx->heap, DYNAMIC_TYPE_ECC);
- if (sigCtx->key.ecc == NULL) {
- ERROR_OUT(MEMORY_E, exit_cs);
- }
- if ((ret = wc_ecc_init_ex(sigCtx->key.ecc, sigCtx->heap,
- sigCtx->devId)) < 0) {
- goto exit_cs;
- }
- ret = wc_EccPublicKeyDecode(key, &idx, sigCtx->key.ecc,
- keySz);
- if (ret < 0) {
- WOLFSSL_MSG("ASN Key import error ECC");
- goto exit_cs;
- }
- #ifdef WOLFSSL_ASYNC_CRYPT
- sigCtx->asyncDev = &sigCtx->key.ecc->asyncDev;
- #endif
- break;
- }
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- case ED25519k:
- {
- sigCtx->verify = 0;
- sigCtx->key.ed25519 = (ed25519_key*)XMALLOC(
- sizeof(ed25519_key), sigCtx->heap,
- DYNAMIC_TYPE_ED25519);
- if (sigCtx->key.ed25519 == NULL) {
- ERROR_OUT(MEMORY_E, exit_cs);
- }
- if ((ret = wc_ed25519_init(sigCtx->key.ed25519)) < 0) {
- goto exit_cs;
- }
- if ((ret = wc_ed25519_import_public(key, keySz,
- sigCtx->key.ed25519)) < 0) {
- WOLFSSL_MSG("ASN Key import error ED25519");
- goto exit_cs;
- }
- #ifdef WOLFSSL_ASYNC_CRYPT
- sigCtx->asyncDev = &sigCtx->key.ed25519->asyncDev;
- #endif
- break;
- }
- #endif
- #ifdef HAVE_ED448
- case ED448k:
- {
- sigCtx->verify = 0;
- sigCtx->key.ed448 = (ed448_key*)XMALLOC(
- sizeof(ed448_key), sigCtx->heap,
- DYNAMIC_TYPE_ED448);
- if (sigCtx->key.ed448 == NULL) {
- ERROR_OUT(MEMORY_E, exit_cs);
- }
- if ((ret = wc_ed448_init(sigCtx->key.ed448)) < 0) {
- goto exit_cs;
- }
- if ((ret = wc_ed448_import_public(key, keySz,
- sigCtx->key.ed448)) < 0) {
- WOLFSSL_MSG("ASN Key import error ED448");
- goto exit_cs;
- }
- #ifdef WOLFSSL_ASYNC_CRYPT
- sigCtx->asyncDev = &sigCtx->key.ed448->asyncDev;
- #endif
- break;
- }
- #endif
- default:
- WOLFSSL_MSG("Verify Key type unknown");
- ret = ASN_UNKNOWN_OID_E;
- break;
- } /* switch (keyOID) */
- if (ret != 0) {
- goto exit_cs;
- }
- sigCtx->state = SIG_STATE_DO;
- #ifdef WOLFSSL_ASYNC_CRYPT
- if (sigCtx->devId != INVALID_DEVID && sigCtx->asyncDev && sigCtx->asyncCtx) {
- /* make sure event is initialized */
- WOLF_EVENT* event = &sigCtx->asyncDev->event;
- ret = wolfAsync_EventInit(event, WOLF_EVENT_TYPE_ASYNC_WOLFSSL,
- sigCtx->asyncCtx, WC_ASYNC_FLAG_CALL_AGAIN);
- }
- #endif
- } /* SIG_STATE_KEY */
- FALL_THROUGH;
- case SIG_STATE_DO:
- {
- switch (keyOID) {
- #ifndef NO_RSA
- case RSAk:
- {
- #ifdef HAVE_PK_CALLBACKS
- if (sigCtx->pkCbRsa) {
- ret = sigCtx->pkCbRsa(
- sigCtx->sigCpy, sigSz, &sigCtx->out,
- key, keySz,
- sigCtx->pkCtxRsa);
- }
- else
- #endif /* HAVE_PK_CALLBACKS */
- {
- #ifdef WOLFSSL_RENESAS_TSIP_TLS
- if (rsaKeyIdx != NULL)
- {
- ret = tsip_tls_CertVerify(buf, bufSz, sigCtx->sigCpy,
- sigSz,
- sigCtx->pubkey_n_start - sigCtx->certBegin,
- sigCtx->pubkey_n_len - 1,
- sigCtx->pubkey_e_start - sigCtx->certBegin,
- sigCtx->pubkey_e_len - 1,
- rsaKeyIdx);
- if (ret == 0){
- sigCtx->verifyByTSIP = 1;
- ret = 0;
- } else {
- WOLFSSL_MSG("RSA Verify by tsip didn't match");
- ret = ASN_SIG_CONFIRM_E;
- }
- } else
- #endif
- ret = wc_RsaSSL_VerifyInline(sigCtx->sigCpy, sigSz,
- &sigCtx->out, sigCtx->key.rsa);
- }
- break;
- }
- #endif /* !NO_RSA */
- #if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
- case DSAk:
- {
- ret = wc_DsaVerify(sigCtx->digest, sigCtx->sigCpy,
- sigCtx->key.dsa, &sigCtx->verify);
- break;
- }
- #endif /* !NO_DSA && !HAVE_SELFTEST */
- #if defined(HAVE_ECC)
- case ECDSAk:
- {
- #ifdef HAVE_PK_CALLBACKS
- if (sigCtx->pkCbEcc) {
- ret = sigCtx->pkCbEcc(
- sig, sigSz,
- sigCtx->digest, sigCtx->digestSz,
- key, keySz, &sigCtx->verify,
- sigCtx->pkCtxEcc);
- }
- else
- #endif /* HAVE_PK_CALLBACKS */
- {
- ret = wc_ecc_verify_hash(sig, sigSz, sigCtx->digest,
- sigCtx->digestSz, &sigCtx->verify,
- sigCtx->key.ecc);
- }
- break;
- }
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- case ED25519k:
- {
- ret = wc_ed25519_verify_msg(sig, sigSz, buf, bufSz,
- &sigCtx->verify, sigCtx->key.ed25519);
- break;
- }
- #endif
- #ifdef HAVE_ED448
- case ED448k:
- {
- ret = wc_ed448_verify_msg(sig, sigSz, buf, bufSz,
- &sigCtx->verify, sigCtx->key.ed448,
- NULL, 0);
- break;
- }
- #endif
- default:
- break;
- } /* switch (keyOID) */
- #ifdef WOLFSSL_ASYNC_CRYPT
- if (ret == WC_PENDING_E) {
- goto exit_cs;
- }
- #endif
- if (ret < 0) {
- /* treat all RSA errors as ASN_SIG_CONFIRM_E */
- ret = ASN_SIG_CONFIRM_E;
- goto exit_cs;
- }
- sigCtx->state = SIG_STATE_CHECK;
- } /* SIG_STATE_DO */
- FALL_THROUGH;
- case SIG_STATE_CHECK:
- {
- switch (keyOID) {
- #ifndef NO_RSA
- case RSAk:
- {
- int encodedSigSz, verifySz;
- #ifdef WOLFSSL_RENESAS_TSIP
- if (sigCtx->verifyByTSIP == 1) break;
- #endif
- #ifdef WOLFSSL_SMALL_STACK
- byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ,
- sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (encodedSig == NULL) {
- ERROR_OUT(MEMORY_E, exit_cs);
- }
- #else
- byte encodedSig[MAX_ENCODED_SIG_SZ];
- #endif
- verifySz = ret;
- /* make sure we're right justified */
- encodedSigSz = wc_EncodeSignature(encodedSig,
- sigCtx->digest, sigCtx->digestSz, sigCtx->typeH);
- if (encodedSigSz == verifySz && sigCtx->out != NULL &&
- XMEMCMP(sigCtx->out, encodedSig, encodedSigSz) == 0) {
- ret = 0;
- }
- else {
- WOLFSSL_MSG("RSA SSL verify match encode error");
- ret = ASN_SIG_CONFIRM_E;
- }
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(encodedSig, sigCtx->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- break;
- }
- #endif /* NO_RSA */
- #if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
- case DSAk:
- {
- if (sigCtx->verify == 1) {
- ret = 0;
- }
- else {
- WOLFSSL_MSG("DSA Verify didn't match");
- ret = ASN_SIG_CONFIRM_E;
- }
- break;
- }
- #endif /* !NO_DSA && !HAVE_SELFTEST */
- #ifdef HAVE_ECC
- case ECDSAk:
- {
- if (sigCtx->verify == 1) {
- ret = 0;
- }
- else {
- WOLFSSL_MSG("ECC Verify didn't match");
- ret = ASN_SIG_CONFIRM_E;
- }
- break;
- }
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- case ED25519k:
- {
- if (sigCtx->verify == 1) {
- ret = 0;
- }
- else {
- WOLFSSL_MSG("ED25519 Verify didn't match");
- ret = ASN_SIG_CONFIRM_E;
- }
- break;
- }
- #endif /* HAVE_ED25519 */
- #ifdef HAVE_ED448
- case ED448k:
- {
- if (sigCtx->verify == 1) {
- ret = 0;
- }
- else {
- WOLFSSL_MSG("ED448 Verify didn't match");
- ret = ASN_SIG_CONFIRM_E;
- }
- break;
- }
- #endif /* HAVE_ED448 */
- default:
- break;
- } /* switch (keyOID) */
- break;
- } /* SIG_STATE_CHECK */
- default:
- break;
- } /* switch (sigCtx->state) */
- exit_cs:
- #endif /* !NO_ASN_CRYPT */
- (void)keyOID;
- (void)sigOID;
- WOLFSSL_LEAVE("ConfirmSignature", ret);
- #ifdef WOLFSSL_ASYNC_CRYPT
- if (ret == WC_PENDING_E)
- return ret;
- #endif
- FreeSignatureCtx(sigCtx);
- return ret;
- }
- #ifndef IGNORE_NAME_CONSTRAINTS
- static int MatchBaseName(int type, const char* name, int nameSz,
- const char* base, int baseSz)
- {
- if (base == NULL || baseSz <= 0 || name == NULL || nameSz <= 0 ||
- name[0] == '.' || nameSz < baseSz ||
- (type != ASN_RFC822_TYPE && type != ASN_DNS_TYPE))
- return 0;
- /* If an email type, handle special cases where the base is only
- * a domain, or is an email address itself. */
- if (type == ASN_RFC822_TYPE) {
- const char* p = NULL;
- int count = 0;
- if (base[0] != '.') {
- p = base;
- count = 0;
- /* find the '@' in the base */
- while (*p != '@' && count < baseSz) {
- count++;
- p++;
- }
- /* No '@' in base, reset p to NULL */
- if (count >= baseSz)
- p = NULL;
- }
- if (p == NULL) {
- /* Base isn't an email address, it is a domain name,
- * wind the name forward one character past its '@'. */
- p = name;
- count = 0;
- while (*p != '@' && count < baseSz) {
- count++;
- p++;
- }
- if (count < baseSz && *p == '@') {
- name = p + 1;
- nameSz -= count + 1;
- }
- }
- }
- if ((type == ASN_DNS_TYPE || type == ASN_RFC822_TYPE) && base[0] == '.') {
- int szAdjust = nameSz - baseSz;
- name += szAdjust;
- nameSz -= szAdjust;
- }
- while (nameSz > 0) {
- if (XTOLOWER((unsigned char)*name++) !=
- XTOLOWER((unsigned char)*base++))
- return 0;
- nameSz--;
- }
- return 1;
- }
- static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
- {
- if (signer == NULL || cert == NULL)
- return 0;
- /* Check against the excluded list */
- if (signer->excludedNames) {
- Base_entry* base = signer->excludedNames;
- while (base != NULL) {
- switch (base->type) {
- case ASN_DNS_TYPE:
- {
- DNS_entry* name = cert->altNames;
- while (name != NULL) {
- if (MatchBaseName(ASN_DNS_TYPE,
- name->name, name->len,
- base->name, base->nameSz)) {
- return 0;
- }
- name = name->next;
- }
- break;
- }
- case ASN_RFC822_TYPE:
- {
- DNS_entry* name = cert->altEmailNames;
- while (name != NULL) {
- if (MatchBaseName(ASN_RFC822_TYPE,
- name->name, name->len,
- base->name, base->nameSz)) {
- return 0;
- }
- name = name->next;
- }
- break;
- }
- case ASN_DIR_TYPE:
- {
- /* allow permitted dirName smaller than actual subject */
- if (cert->subjectRawLen >= base->nameSz &&
- XMEMCMP(cert->subjectRaw, base->name,
- base->nameSz) == 0) {
- return 0;
- }
- #ifndef WOLFSSL_NO_ASN_STRICT
- /* RFC 5280 section 4.2.1.10
- "Restrictions of the form directoryName MUST be
- applied to the subject field .... and to any names
- of type directoryName in the subjectAltName
- extension"
- */
- if (cert->altDirNames != NULL) {
- DNS_entry* cur = cert->altDirNames;
- while (cur != NULL) {
- if (XMEMCMP(cur->name, base->name, base->nameSz)
- == 0) {
- WOLFSSL_MSG("DIR alt name constraint err");
- return 0;
- }
- cur = cur->next;
- }
- }
- #endif /* !WOLFSSL_NO_ASN_STRICT */
- break;
- }
- default:
- break;
- }; /* switch */
- base = base->next;
- }
- }
- /* Check against the permitted list */
- if (signer->permittedNames != NULL) {
- int needDns = 0;
- int matchDns = 0;
- int needEmail = 0;
- int matchEmail = 0;
- int needDir = 0;
- int matchDir = 0;
- Base_entry* base = signer->permittedNames;
- while (base != NULL) {
- switch (base->type) {
- case ASN_DNS_TYPE:
- {
- DNS_entry* name = cert->altNames;
- if (name != NULL)
- needDns = 1;
- while (name != NULL) {
- matchDns = MatchBaseName(ASN_DNS_TYPE,
- name->name, name->len,
- base->name, base->nameSz);
- name = name->next;
- }
- break;
- }
- case ASN_RFC822_TYPE:
- {
- DNS_entry* name = cert->altEmailNames;
- if (name != NULL)
- needEmail = 1;
- while (name != NULL) {
- matchEmail = MatchBaseName(ASN_DNS_TYPE,
- name->name, name->len,
- base->name, base->nameSz);
- name = name->next;
- }
- break;
- }
- case ASN_DIR_TYPE:
- {
- /* allow permitted dirName smaller than actual subject */
- needDir = 1;
- if (cert->subjectRaw != NULL &&
- cert->subjectRawLen >= base->nameSz &&
- XMEMCMP(cert->subjectRaw, base->name,
- base->nameSz) == 0) {
- matchDir = 1;
- #ifndef WOLFSSL_NO_ASN_STRICT
- /* RFC 5280 section 4.2.1.10
- "Restrictions of the form directoryName MUST be
- applied to the subject field .... and to any names
- of type directoryName in the subjectAltName
- extension"
- */
- if (cert->altDirNames != NULL) {
- DNS_entry* cur = cert->altDirNames;
- while (cur != NULL) {
- if (XMEMCMP(cur->name, base->name, base->nameSz)
- != 0) {
- WOLFSSL_MSG("DIR alt name constraint err");
- matchDir = 0; /* did not match */
- }
- cur = cur->next;
- }
- }
- #endif /* !WOLFSSL_NO_ASN_STRICT */
- }
- break;
- }
- default:
- break;
- } /* switch */
- base = base->next;
- }
- if ((needDns && !matchDns) ||
- (needEmail && !matchEmail) ||
- (needDir && !matchDir)) {
- return 0;
- }
- }
- return 1;
- }
- #endif /* IGNORE_NAME_CONSTRAINTS */
- static int DecodeAltNames(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0;
- int length = 0;
- WOLFSSL_ENTER("DecodeAltNames");
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tBad Sequence");
- return ASN_PARSE_E;
- }
- if (length == 0) {
- /* RFC 5280 4.2.1.6. Subject Alternative Name
- If the subjectAltName extension is present, the sequence MUST
- contain at least one entry. */
- return ASN_PARSE_E;
- }
- cert->weOwnAltNames = 1;
- while (length > 0) {
- byte b = input[idx++];
- length--;
- /* Save DNS Type names in the altNames list. */
- /* Save Other Type names in the cert's OidMap */
- if (b == (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE)) {
- DNS_entry* dnsEntry;
- int strLen;
- word32 lenStartIdx = idx;
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: str length");
- return ASN_PARSE_E;
- }
- length -= (idx - lenStartIdx);
- dnsEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (dnsEntry == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- return MEMORY_E;
- }
- dnsEntry->type = ASN_DNS_TYPE;
- dnsEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (dnsEntry->name == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
- return MEMORY_E;
- }
- dnsEntry->len = strLen;
- XMEMCPY(dnsEntry->name, &input[idx], strLen);
- dnsEntry->name[strLen] = '\0';
- dnsEntry->next = cert->altNames;
- cert->altNames = dnsEntry;
- length -= strLen;
- idx += strLen;
- }
- #ifndef IGNORE_NAME_CONSTRAINTS
- else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_DIR_TYPE)) {
- DNS_entry* dirEntry;
- int strLen;
- word32 lenStartIdx = idx;
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: str length");
- return ASN_PARSE_E;
- }
- if (GetSequence(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: seq length");
- return ASN_PARSE_E;
- }
- length -= (idx - lenStartIdx);
- dirEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (dirEntry == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- return MEMORY_E;
- }
- dirEntry->type = ASN_DIR_TYPE;
- dirEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (dirEntry->name == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- XFREE(dirEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
- return MEMORY_E;
- }
- dirEntry->len = strLen;
- XMEMCPY(dirEntry->name, &input[idx], strLen);
- dirEntry->name[strLen] = '\0';
- dirEntry->next = cert->altDirNames;
- cert->altDirNames = dirEntry;
- length -= strLen;
- idx += strLen;
- }
- else if (b == (ASN_CONTEXT_SPECIFIC | ASN_RFC822_TYPE)) {
- DNS_entry* emailEntry;
- int strLen;
- word32 lenStartIdx = idx;
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: str length");
- return ASN_PARSE_E;
- }
- length -= (idx - lenStartIdx);
- emailEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (emailEntry == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- return MEMORY_E;
- }
- emailEntry->type = ASN_RFC822_TYPE;
- emailEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (emailEntry->name == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- XFREE(emailEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
- return MEMORY_E;
- }
- emailEntry->len = strLen;
- XMEMCPY(emailEntry->name, &input[idx], strLen);
- emailEntry->name[strLen] = '\0';
- emailEntry->next = cert->altEmailNames;
- cert->altEmailNames = emailEntry;
- length -= strLen;
- idx += strLen;
- }
- else if (b == (ASN_CONTEXT_SPECIFIC | ASN_URI_TYPE)) {
- DNS_entry* uriEntry;
- int strLen;
- word32 lenStartIdx = idx;
- WOLFSSL_MSG("\tPutting URI into list but not using");
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: str length");
- return ASN_PARSE_E;
- }
- length -= (idx - lenStartIdx);
- /* check that strLen at index is not past input buffer */
- if (strLen + (int)idx > sz) {
- return BUFFER_E;
- }
- #ifndef WOLFSSL_NO_ASN_STRICT
- /* Verify RFC 5280 Sec 4.2.1.6 rule:
- "The name MUST NOT be a relative URI" */
- {
- int i;
- /* skip past scheme (i.e http,ftp,...) finding first ':' char */
- for (i = 0; i < strLen; i++) {
- if (input[idx + i] == ':') {
- break;
- }
- if (input[idx + i] == '/') {
- WOLFSSL_MSG("\tAlt Name must be absolute URI");
- return ASN_ALT_NAME_E;
- }
- }
- /* test if no ':' char was found and test that the next two
- * chars are // to match the pattern "://" */
- if (i >= strLen - 2 || (input[idx + i + 1] != '/' ||
- input[idx + i + 2] != '/')) {
- WOLFSSL_MSG("\tAlt Name must be absolute URI");
- return ASN_ALT_NAME_E;
- }
- }
- #endif
- uriEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (uriEntry == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- return MEMORY_E;
- }
- uriEntry->type = ASN_URI_TYPE;
- uriEntry->name = (char*)XMALLOC(strLen + 1, cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (uriEntry->name == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- XFREE(uriEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
- return MEMORY_E;
- }
- uriEntry->len = strLen;
- XMEMCPY(uriEntry->name, &input[idx], strLen);
- uriEntry->name[strLen] = '\0';
- uriEntry->next = cert->altNames;
- cert->altNames = uriEntry;
- length -= strLen;
- idx += strLen;
- }
- #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
- else if (b == (ASN_CONTEXT_SPECIFIC | ASN_IP_TYPE)) {
- DNS_entry* ipAddr;
- int strLen;
- word32 lenStartIdx = idx;
- WOLFSSL_MSG("Decoding Subject Alt. Name: IP Address");
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: str length");
- return ASN_PARSE_E;
- }
- length -= (idx - lenStartIdx);
- /* check that strLen at index is not past input buffer */
- if (strLen + (int)idx > sz) {
- return BUFFER_E;
- }
- ipAddr = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (ipAddr == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- return MEMORY_E;
- }
- ipAddr->type = ASN_IP_TYPE;
- ipAddr->name = (char*)XMALLOC(strLen + 1, cert->heap,
- DYNAMIC_TYPE_ALTNAME);
- if (ipAddr->name == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- XFREE(ipAddr, cert->heap, DYNAMIC_TYPE_ALTNAME);
- return MEMORY_E;
- }
- ipAddr->len = strLen;
- XMEMCPY(ipAddr->name, &input[idx], strLen);
- ipAddr->name[strLen] = '\0';
- ipAddr->next = cert->altNames;
- cert->altNames = ipAddr;
- length -= strLen;
- idx += strLen;
- }
- #endif /* WOLFSSL_QT || OPENSSL_ALL */
- #endif /* IGNORE_NAME_CONSTRAINTS */
- #ifdef WOLFSSL_SEP
- else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_OTHER_TYPE))
- {
- int strLen;
- word32 lenStartIdx = idx;
- word32 oid = 0;
- int ret;
- byte tag;
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: other name length");
- return ASN_PARSE_E;
- }
- /* Consume the rest of this sequence. */
- length -= (strLen + idx - lenStartIdx);
- if (GetObjectId(input, &idx, &oid, oidCertAltNameType, sz) < 0) {
- WOLFSSL_MSG("\tbad OID");
- return ASN_PARSE_E;
- }
- if (oid != HW_NAME_OID) {
- WOLFSSL_MSG("\tincorrect OID");
- return ASN_PARSE_E;
- }
- if (GetASNTag(input, &idx, &tag, sz) < 0) {
- return ASN_PARSE_E;
- }
- if (tag != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) {
- WOLFSSL_MSG("\twrong type");
- return ASN_PARSE_E;
- }
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: str len");
- return ASN_PARSE_E;
- }
- if (GetSequence(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tBad Sequence");
- return ASN_PARSE_E;
- }
- ret = GetASNObjectId(input, &idx, &strLen, sz);
- if (ret != 0) {
- WOLFSSL_MSG("\tbad OID");
- return ret;
- }
- cert->hwType = (byte*)XMALLOC(strLen, cert->heap,
- DYNAMIC_TYPE_X509_EXT);
- if (cert->hwType == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- return MEMORY_E;
- }
- XMEMCPY(cert->hwType, &input[idx], strLen);
- cert->hwTypeSz = strLen;
- idx += strLen;
- ret = GetOctetString(input, &idx, &strLen, sz);
- if (ret < 0)
- return ret;
- cert->hwSerialNum = (byte*)XMALLOC(strLen + 1, cert->heap,
- DYNAMIC_TYPE_X509_EXT);
- if (cert->hwSerialNum == NULL) {
- WOLFSSL_MSG("\tOut of Memory");
- return MEMORY_E;
- }
- XMEMCPY(cert->hwSerialNum, &input[idx], strLen);
- cert->hwSerialNum[strLen] = '\0';
- cert->hwSerialNumSz = strLen;
- idx += strLen;
- }
- #endif /* WOLFSSL_SEP */
- else {
- int strLen;
- word32 lenStartIdx = idx;
- WOLFSSL_MSG("\tUnsupported name type, skipping");
- if (GetLength(input, &idx, &strLen, sz) < 0) {
- WOLFSSL_MSG("\tfail: unsupported name length");
- return ASN_PARSE_E;
- }
- length -= (strLen + idx - lenStartIdx);
- idx += strLen;
- }
- }
- return 0;
- }
- static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0;
- int length = 0;
- int ret;
- WOLFSSL_ENTER("DecodeBasicCaConstraint");
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: bad SEQUENCE");
- return ASN_PARSE_E;
- }
- if (length == 0)
- return 0;
- /* If the basic ca constraint is false, this extension may be named, but
- * left empty. So, if the length is 0, just return. */
- ret = GetBoolean(input, &idx, sz);
- #ifndef WOLFSSL_X509_BASICCONS_INT
- if (ret < 0) {
- WOLFSSL_MSG("\tfail: constraint not valid BOOLEAN");
- return ret;
- }
- cert->isCA = (byte)ret;
- #else
- if (ret < 0) {
- if(input[idx] == ASN_INTEGER) {
- /* For OpenSSL compatibility, if ASN_INTEGER it is valid format */
- cert->isCA = FALSE;
- } else return ret;
- } else
- cert->isCA = (byte)ret;
- #endif
- /* If there isn't any more data, return. */
- if (idx >= (word32)sz) {
- return 0;
- }
- ret = GetInteger7Bit(input, &idx, sz);
- if (ret < 0)
- return ret;
- cert->pathLength = (byte)ret;
- cert->pathLengthSet = 1;
- return 0;
- }
- #define CRLDP_FULL_NAME 0
- /* From RFC3280 SS4.2.1.14, Distribution Point Name*/
- #define GENERALNAME_URI 6
- /* From RFC3280 SS4.2.1.7, GeneralName */
- static int DecodeCrlDist(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0, localIdx;
- int length = 0;
- byte tag = 0;
- WOLFSSL_ENTER("DecodeCrlDist");
- /* Unwrap the list of Distribution Points*/
- if (GetSequence(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- /* Unwrap a single Distribution Point */
- if (GetSequence(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- /* The Distribution Point has three explicit optional members
- * First check for a DistributionPointName
- */
- localIdx = idx;
- if (GetASNTag(input, &localIdx, &tag, sz) == 0 &&
- tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
- {
- idx++;
- if (GetLength(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- localIdx = idx;
- if (GetASNTag(input, &localIdx, &tag, sz) == 0 &&
- tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED |
- CRLDP_FULL_NAME))
- {
- idx++;
- if (GetLength(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- localIdx = idx;
- if (GetASNTag(input, &localIdx, &tag, sz) == 0 &&
- tag == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI))
- {
- idx++;
- if (GetLength(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- cert->extCrlInfoSz = length;
- cert->extCrlInfo = input + idx;
- idx += length;
- }
- else
- /* This isn't a URI, skip it. */
- idx += length;
- }
- else {
- /* This isn't a FULLNAME, skip it. */
- idx += length;
- }
- }
- /* Check for reasonFlags */
- localIdx = idx;
- if (idx < (word32)sz &&
- GetASNTag(input, &localIdx, &tag, sz) == 0 &&
- tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
- {
- idx++;
- if (GetLength(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- idx += length;
- }
- /* Check for cRLIssuer */
- localIdx = idx;
- if (idx < (word32)sz &&
- GetASNTag(input, &localIdx, &tag, sz) == 0 &&
- tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 2))
- {
- idx++;
- if (GetLength(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- idx += length;
- }
- if (idx < (word32)sz)
- {
- WOLFSSL_MSG("\tThere are more CRL Distribution Point records, "
- "but we only use the first one.");
- }
- return 0;
- }
- static int DecodeAuthInfo(const byte* input, int sz, DecodedCert* cert)
- /*
- * Read Authority Information Access records. If there are
- * any issues, return without saving the record.
- */
- {
- word32 idx = 0;
- int length = 0;
- int count = 0;
- byte b = 0;
- word32 oid;
- WOLFSSL_ENTER("DecodeAuthInfo");
- /* Unwrap the list of AIAs */
- if (GetSequence(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- while ((idx < (word32)sz) && (count < MAX_AIA_SZ)) {
- /* Unwrap a single AIA */
- if (GetSequence(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- oid = 0;
- if (GetObjectId(input, &idx, &oid, oidCertAuthInfoType, sz) < 0)
- return ASN_PARSE_E;
- /* Only supporting URIs right now. */
- if (GetASNTag(input, &idx, &b, sz) < 0)
- return ASN_PARSE_E;
- if (GetLength(input, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- /* Set ocsp entry */
- if (b == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI) &&
- oid == AIA_OCSP_OID)
- {
- cert->extAuthInfoSz = length;
- cert->extAuthInfo = input + idx;
- count++;
- #if !defined(OPENSSL_ALL) || !defined(WOLFSSL_QT)
- break;
- #endif
- }
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
- /* Set CaIssuers entry */
- else if ((b == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI)) &&
- oid == AIA_CA_ISSUER_OID)
- {
- cert->extAuthInfoCaIssuerSz = length;
- cert->extAuthInfoCaIssuer = input + idx;
- count++;
- }
- #endif
- idx += length;
- }
- return 0;
- }
- static int DecodeAuthKeyId(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0;
- int length = 0, ret = 0;
- byte tag;
- WOLFSSL_ENTER("DecodeAuthKeyId");
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE\n");
- return ASN_PARSE_E;
- }
- if (GetASNTag(input, &idx, &tag, sz) < 0) {
- return ASN_PARSE_E;
- }
- if (tag != (ASN_CONTEXT_SPECIFIC | 0)) {
- WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available\n");
- cert->extAuthKeyIdSet = 0;
- return 0;
- }
- if (GetLength(input, &idx, &length, sz) <= 0) {
- WOLFSSL_MSG("\tfail: extension data length");
- return ASN_PARSE_E;
- }
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extAuthKeyIdSrc = &input[idx];
- cert->extAuthKeyIdSz = length;
- #endif /* OPENSSL_EXTRA */
- if (length == KEYID_SIZE) {
- XMEMCPY(cert->extAuthKeyId, input + idx, length);
- }
- else
- ret = CalcHashId(input + idx, length, cert->extAuthKeyId);
- return ret;
- }
- static int DecodeSubjKeyId(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0;
- int length = 0, ret = 0;
- WOLFSSL_ENTER("DecodeSubjKeyId");
- if (sz <= 0)
- return ASN_PARSE_E;
- ret = GetOctetString(input, &idx, &length, sz);
- if (ret < 0)
- return ret;
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extSubjKeyIdSrc = &input[idx];
- cert->extSubjKeyIdSz = length;
- #endif /* OPENSSL_EXTRA */
- if (length == KEYID_SIZE) {
- XMEMCPY(cert->extSubjKeyId, input + idx, length);
- }
- else
- ret = CalcHashId(input + idx, length, cert->extSubjKeyId);
- return ret;
- }
- static int DecodeKeyUsage(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0;
- int length;
- int ret;
- WOLFSSL_ENTER("DecodeKeyUsage");
- ret = CheckBitString(input, &idx, &length, sz, 0, NULL);
- if (ret != 0)
- return ret;
- cert->extKeyUsage = (word16)(input[idx]);
- if (length == 2)
- cert->extKeyUsage |= (word16)(input[idx+1] << 8);
- return 0;
- }
- static int DecodeExtKeyUsage(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0, oid;
- int length, ret;
- WOLFSSL_MSG("DecodeExtKeyUsage");
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE");
- return ASN_PARSE_E;
- }
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extExtKeyUsageSrc = input + idx;
- cert->extExtKeyUsageSz = length;
- #endif
- while (idx < (word32)sz) {
- ret = GetObjectId(input, &idx, &oid, oidCertKeyUseType, sz);
- if (ret == ASN_UNKNOWN_OID_E)
- continue;
- else if (ret < 0)
- return ret;
- switch (oid) {
- case EKU_ANY_OID:
- cert->extExtKeyUsage |= EXTKEYUSE_ANY;
- break;
- case EKU_SERVER_AUTH_OID:
- cert->extExtKeyUsage |= EXTKEYUSE_SERVER_AUTH;
- break;
- case EKU_CLIENT_AUTH_OID:
- cert->extExtKeyUsage |= EXTKEYUSE_CLIENT_AUTH;
- break;
- case EKU_CODESIGNING_OID:
- cert->extExtKeyUsage |= EXTKEYUSE_CODESIGN;
- break;
- case EKU_EMAILPROTECT_OID:
- cert->extExtKeyUsage |= EXTKEYUSE_EMAILPROT;
- break;
- case EKU_TIMESTAMP_OID:
- cert->extExtKeyUsage |= EXTKEYUSE_TIMESTAMP;
- break;
- case EKU_OCSP_SIGN_OID:
- cert->extExtKeyUsage |= EXTKEYUSE_OCSP_SIGN;
- break;
- default:
- break;
- }
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extExtKeyUsageCount++;
- #endif
- }
- return 0;
- }
- #ifndef IGNORE_NAME_CONSTRAINTS
- #define ASN_TYPE_MASK 0xF
- static int DecodeSubtree(const byte* input, int sz,
- Base_entry** head, void* heap)
- {
- word32 idx = 0;
- (void)heap;
- while (idx < (word32)sz) {
- int seqLength, strLength;
- word32 nameIdx;
- byte b, bType;
- if (GetSequence(input, &idx, &seqLength, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE");
- return ASN_PARSE_E;
- }
- nameIdx = idx;
- b = input[nameIdx++];
- if (GetLength(input, &nameIdx, &strLength, sz) <= 0) {
- WOLFSSL_MSG("\tinvalid length");
- return ASN_PARSE_E;
- }
- /* Get type, LSB 4-bits */
- bType = (b & ASN_TYPE_MASK);
- if (bType == ASN_DNS_TYPE || bType == ASN_RFC822_TYPE ||
- bType == ASN_DIR_TYPE) {
- Base_entry* entry;
- /* if constructed has leading sequence */
- if (b & ASN_CONSTRUCTED) {
- if (GetSequence(input, &nameIdx, &strLength, sz) < 0) {
- WOLFSSL_MSG("\tfail: constructed be a SEQUENCE");
- return ASN_PARSE_E;
- }
- }
- entry = (Base_entry*)XMALLOC(sizeof(Base_entry), heap,
- DYNAMIC_TYPE_ALTNAME);
- if (entry == NULL) {
- WOLFSSL_MSG("allocate error");
- return MEMORY_E;
- }
- entry->name = (char*)XMALLOC(strLength, heap, DYNAMIC_TYPE_ALTNAME);
- if (entry->name == NULL) {
- WOLFSSL_MSG("allocate error");
- XFREE(entry, heap, DYNAMIC_TYPE_ALTNAME);
- return MEMORY_E;
- }
- XMEMCPY(entry->name, &input[nameIdx], strLength);
- entry->nameSz = strLength;
- entry->type = bType;
- entry->next = *head;
- *head = entry;
- }
- idx += seqLength;
- }
- return 0;
- }
- static int DecodeNameConstraints(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0;
- int length = 0;
- WOLFSSL_ENTER("DecodeNameConstraints");
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE");
- return ASN_PARSE_E;
- }
- while (idx < (word32)sz) {
- byte b = input[idx++];
- Base_entry** subtree = NULL;
- if (GetLength(input, &idx, &length, sz) <= 0) {
- WOLFSSL_MSG("\tinvalid length");
- return ASN_PARSE_E;
- }
- if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0))
- subtree = &cert->permittedNames;
- else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1))
- subtree = &cert->excludedNames;
- else {
- WOLFSSL_MSG("\tinvalid subtree");
- return ASN_PARSE_E;
- }
- if (DecodeSubtree(input + idx, length, subtree, cert->heap) < 0) {
- WOLFSSL_MSG("\terror parsing subtree");
- return ASN_PARSE_E;
- }
- idx += length;
- }
- return 0;
- }
- #endif /* IGNORE_NAME_CONSTRAINTS */
- #if (defined(WOLFSSL_CERT_EXT) && !defined(WOLFSSL_SEP)) || \
- defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- /* Decode ITU-T X.690 OID format to a string representation
- * return string length */
- int DecodePolicyOID(char *out, word32 outSz, const byte *in, word32 inSz)
- {
- word32 val, inIdx = 0, outIdx = 0;
- int w = 0;
- if (out == NULL || in == NULL || outSz < 4 || inSz < 2)
- return BAD_FUNC_ARG;
- /* The first byte expands into b/40 dot b%40. */
- val = in[inIdx++];
- w = XSNPRINTF(out, outSz, "%u.%u", val / 40, val % 40);
- if (w < 0)
- goto exit;
- outIdx += w;
- val = 0;
- while (inIdx < inSz && outIdx < outSz) {
- /* extract the next OID digit from in to val */
- /* first bit is used to set if value is coded on 1 or multiple bytes */
- if (in[inIdx] & 0x80) {
- val += in[inIdx] & 0x7F;
- val *= 128;
- }
- else {
- /* write val as text into out */
- val += in[inIdx];
- w = XSNPRINTF(out + outIdx, outSz - outIdx, ".%u", val);
- if (w < 0)
- goto exit;
- outIdx += w;
- val = 0;
- }
- inIdx++;
- }
- if (outIdx == outSz)
- outIdx--;
- out[outIdx] = 0;
- w = (int)outIdx;
- exit:
- return w;
- }
- #endif /* WOLFSSL_CERT_EXT && !WOLFSSL_SEP */
- #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_QT)
- /* Reference: https://tools.ietf.org/html/rfc5280#section-4.2.1.4 */
- static int DecodeCertPolicy(const byte* input, int sz, DecodedCert* cert)
- {
- word32 idx = 0;
- word32 oldIdx;
- int ret;
- int total_length = 0, policy_length = 0, length = 0;
- #if !defined(WOLFSSL_SEP) && defined(WOLFSSL_CERT_EXT) && \
- !defined(WOLFSSL_DUP_CERTPOL)
- int i;
- #endif
- WOLFSSL_ENTER("DecodeCertPolicy");
- #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT)
- /* Check if cert is null before dereferencing below */
- if (cert == NULL)
- return BAD_FUNC_ARG;
- #endif
- #if defined(WOLFSSL_CERT_EXT)
- cert->extCertPoliciesNb = 0;
- #endif
- if (GetSequence(input, &idx, &total_length, sz) < 0) {
- WOLFSSL_MSG("\tGet CertPolicy total seq failed");
- return ASN_PARSE_E;
- }
- /* Validate total length */
- if (total_length > (sz - (int)idx)) {
- WOLFSSL_MSG("\tCertPolicy length mismatch");
- return ASN_PARSE_E;
- }
- /* Unwrap certificatePolicies */
- do {
- if (GetSequence(input, &idx, &policy_length, sz) < 0) {
- WOLFSSL_MSG("\tGet CertPolicy seq failed");
- return ASN_PARSE_E;
- }
- oldIdx = idx;
- ret = GetASNObjectId(input, &idx, &length, sz);
- if (ret != 0)
- return ret;
- policy_length -= idx - oldIdx;
- if (length > 0) {
- /* Verify length won't overrun buffer */
- if (length > (sz - (int)idx)) {
- WOLFSSL_MSG("\tCertPolicy length exceeds input buffer");
- return ASN_PARSE_E;
- }
- #if defined(WOLFSSL_SEP)
- cert->deviceType = (byte*)XMALLOC(length, cert->heap,
- DYNAMIC_TYPE_X509_EXT);
- if (cert->deviceType == NULL) {
- WOLFSSL_MSG("\tCouldn't alloc memory for deviceType");
- return MEMORY_E;
- }
- cert->deviceTypeSz = length;
- XMEMCPY(cert->deviceType, input + idx, length);
- break;
- #elif defined(WOLFSSL_CERT_EXT)
- /* decode cert policy */
- if (DecodePolicyOID(cert->extCertPolicies[
- cert->extCertPoliciesNb], MAX_CERTPOL_SZ,
- input + idx, length) <= 0) {
- WOLFSSL_MSG("\tCouldn't decode CertPolicy");
- return ASN_PARSE_E;
- }
- #ifndef WOLFSSL_DUP_CERTPOL
- /* From RFC 5280 section 4.2.1.3 "A certificate policy OID MUST
- * NOT appear more than once in a certificate policies
- * extension". This is a sanity check for duplicates.
- * extCertPolicies should only have OID values, additional
- * qualifiers need to be stored in a separate array. */
- for (i = 0; i < cert->extCertPoliciesNb; i++) {
- if (XMEMCMP(cert->extCertPolicies[i],
- cert->extCertPolicies[cert->extCertPoliciesNb],
- MAX_CERTPOL_SZ) == 0) {
- WOLFSSL_MSG("Duplicate policy OIDs not allowed");
- WOLFSSL_MSG("Use WOLFSSL_DUP_CERTPOL if wanted");
- return CERTPOLICIES_E;
- }
- }
- #endif /* !WOLFSSL_DUP_CERTPOL */
- cert->extCertPoliciesNb++;
- #else
- WOLFSSL_LEAVE("DecodeCertPolicy : unsupported mode", 0);
- return 0;
- #endif
- }
- idx += policy_length;
- } while((int)idx < total_length
- #if defined(WOLFSSL_CERT_EXT)
- && cert->extCertPoliciesNb < MAX_CERTPOL_NB
- #endif
- );
- WOLFSSL_LEAVE("DecodeCertPolicy", 0);
- return 0;
- }
- #endif /* WOLFSSL_SEP */
- /* Macro to check if bit is set, if not sets and return success.
- Otherwise returns failure */
- /* Macro required here because bit-field operation */
- #ifndef WOLFSSL_NO_ASN_STRICT
- #define VERIFY_AND_SET_OID(bit) \
- if (bit == 0) \
- bit = 1; \
- else \
- return ASN_OBJECT_ID_E;
- #else
- /* With no strict defined, the verify is skipped */
- #define VERIFY_AND_SET_OID(bit) bit = 1;
- #endif
- static int DecodeCertExtensions(DecodedCert* cert)
- /*
- * Processing the Certificate Extensions. This does not modify the current
- * index. It is works starting with the recorded extensions pointer.
- */
- {
- int ret = 0;
- word32 idx = 0;
- int sz = cert->extensionsSz;
- const byte* input = cert->extensions;
- int length;
- word32 oid;
- byte critical = 0;
- byte criticalFail = 0;
- byte tag = 0;
- WOLFSSL_ENTER("DecodeCertExtensions");
- if (input == NULL || sz == 0)
- return BAD_FUNC_ARG;
- #ifdef WOLFSSL_CERT_REQ
- if (!cert->isCSR)
- #endif
- { /* Not included in CSR */
- if (GetASNTag(input, &idx, &tag, sz) < 0) {
- return ASN_PARSE_E;
- }
- if (tag != ASN_EXTENSIONS) {
- WOLFSSL_MSG("\tfail: should be an EXTENSIONS");
- return ASN_PARSE_E;
- }
- if (GetLength(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: invalid length");
- return ASN_PARSE_E;
- }
- }
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE (1)");
- return ASN_PARSE_E;
- }
- while (idx < (word32)sz) {
- word32 localIdx;
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE");
- return ASN_PARSE_E;
- }
- oid = 0;
- if ((ret = GetObjectId(input, &idx, &oid, oidCertExtType, sz)) < 0) {
- WOLFSSL_MSG("\tfail: OBJECT ID");
- return ret;
- }
- /* check for critical flag */
- critical = 0;
- if ((idx + 1) > (word32)sz) {
- WOLFSSL_MSG("\tfail: malformed buffer");
- return BUFFER_E;
- }
- localIdx = idx;
- if (GetASNTag(input, &localIdx, &tag, sz) == 0) {
- if (tag == ASN_BOOLEAN) {
- ret = GetBoolean(input, &idx, sz);
- if (ret < 0) {
- WOLFSSL_MSG("\tfail: critical boolean");
- return ret;
- }
- critical = (byte)ret;
- }
- }
- /* process the extension based on the OID */
- ret = GetOctetString(input, &idx, &length, sz);
- if (ret < 0) {
- WOLFSSL_MSG("\tfail: bad OCTET STRING");
- return ret;
- }
- switch (oid) {
- case BASIC_CA_OID:
- VERIFY_AND_SET_OID(cert->extBasicConstSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extBasicConstCrit = critical;
- #endif
- if (DecodeBasicCaConstraint(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- case CRL_DIST_OID:
- VERIFY_AND_SET_OID(cert->extCRLdistSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extCRLdistCrit = critical;
- #endif
- if (DecodeCrlDist(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- case AUTH_INFO_OID:
- VERIFY_AND_SET_OID(cert->extAuthInfoSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extAuthInfoCrit = critical;
- #endif
- if (DecodeAuthInfo(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- case ALT_NAMES_OID:
- VERIFY_AND_SET_OID(cert->extSubjAltNameSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extSubjAltNameCrit = critical;
- #endif
- ret = DecodeAltNames(&input[idx], length, cert);
- if (ret < 0)
- return ret;
- break;
- case AUTH_KEY_OID:
- VERIFY_AND_SET_OID(cert->extAuthKeyIdSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extAuthKeyIdCrit = critical;
- #endif
- #ifndef WOLFSSL_ALLOW_CRIT_SKID
- /* This check is added due to RFC 5280 section 4.2.1.1
- * stating that conforming CA's must mark this extension
- * as non-critical. When parsing extensions check that
- * certificate was made in compliance with this. */
- if (critical) {
- WOLFSSL_MSG("Critical Auth Key ID is not allowed");
- WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
- return ASN_CRIT_EXT_E;
- }
- #endif
- if (DecodeAuthKeyId(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- case SUBJ_KEY_OID:
- VERIFY_AND_SET_OID(cert->extSubjKeyIdSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extSubjKeyIdCrit = critical;
- #endif
- #ifndef WOLFSSL_ALLOW_CRIT_SKID
- /* This check is added due to RFC 5280 section 4.2.1.2
- * stating that conforming CA's must mark this extension
- * as non-critical. When parsing extensions check that
- * certificate was made in compliance with this. */
- if (critical) {
- WOLFSSL_MSG("Critical Subject Key ID is not allowed");
- WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
- return ASN_CRIT_EXT_E;
- }
- #endif
- if (DecodeSubjKeyId(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- case CERT_POLICY_OID:
- #if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
- VERIFY_AND_SET_OID(cert->extCertPolicySet);
- #if defined(OPENSSL_EXTRA) || \
- defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extCertPolicyCrit = critical;
- #endif
- #endif
- #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT) || \
- defined(WOLFSSL_QT)
- if (DecodeCertPolicy(&input[idx], length, cert) < 0) {
- return ASN_PARSE_E;
- }
- #else
- WOLFSSL_MSG("Certificate Policy extension not supported yet.");
- #endif
- break;
- case KEY_USAGE_OID:
- VERIFY_AND_SET_OID(cert->extKeyUsageSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extKeyUsageCrit = critical;
- #endif
- if (DecodeKeyUsage(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- case EXT_KEY_USAGE_OID:
- VERIFY_AND_SET_OID(cert->extExtKeyUsageSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extExtKeyUsageCrit = critical;
- #endif
- if (DecodeExtKeyUsage(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- #ifndef IGNORE_NAME_CONSTRAINTS
- case NAME_CONS_OID:
- #ifndef WOLFSSL_NO_ASN_STRICT
- /* Verify RFC 5280 Sec 4.2.1.10 rule:
- "The name constraints extension,
- which MUST be used only in a CA certificate" */
- if (!cert->isCA) {
- WOLFSSL_MSG("Name constraints allowed only for CA certs");
- return ASN_NAME_INVALID_E;
- }
- #endif
- VERIFY_AND_SET_OID(cert->extNameConstraintSet);
- #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
- cert->extNameConstraintCrit = critical;
- #endif
- if (DecodeNameConstraints(&input[idx], length, cert) < 0)
- return ASN_PARSE_E;
- break;
- #endif /* IGNORE_NAME_CONSTRAINTS */
- case INHIBIT_ANY_OID:
- VERIFY_AND_SET_OID(cert->inhibitAnyOidSet);
- WOLFSSL_MSG("Inhibit anyPolicy extension not supported yet.");
- break;
- #ifndef IGNORE_NETSCAPE_CERT_TYPE
- case NETSCAPE_CT_OID:
- WOLFSSL_MSG("Netscape certificate type extension not supported "
- "yet.");
- if (CheckBitString(input, &idx, &length, idx + length, 0,
- NULL) < 0) {
- return ASN_PARSE_E;
- }
- break;
- #endif
- #ifdef HAVE_OCSP
- case OCSP_NOCHECK_OID:
- VERIFY_AND_SET_OID(cert->ocspNoCheckSet);
- ret = GetASNNull(input, &idx, sz);
- length = 0; /* idx is already incremented, reset length to 0 */
- if (ret != 0)
- return ASN_PARSE_E;
- break;
- #endif
- default:
- #ifndef WOLFSSL_NO_ASN_STRICT
- /* While it is a failure to not support critical extensions,
- * still parse the certificate ignoring the unsupported
- * extension to allow caller to accept it with the verify
- * callback. */
- if (critical)
- criticalFail = 1;
- #endif
- break;
- }
- idx += length;
- }
- return criticalFail ? ASN_CRIT_EXT_E : 0;
- }
- int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
- {
- int ret;
- char* ptr;
- ret = ParseCertRelative(cert, type, verify, cm);
- if (ret < 0)
- return ret;
- if (cert->subjectCNLen > 0) {
- ptr = (char*) XMALLOC(cert->subjectCNLen + 1, cert->heap,
- DYNAMIC_TYPE_SUBJECT_CN);
- if (ptr == NULL)
- return MEMORY_E;
- XMEMCPY(ptr, cert->subjectCN, cert->subjectCNLen);
- ptr[cert->subjectCNLen] = '\0';
- cert->subjectCN = ptr;
- cert->subjectCNStored = 1;
- }
- if (cert->keyOID == RSAk &&
- cert->publicKey != NULL && cert->pubKeySize > 0) {
- ptr = (char*) XMALLOC(cert->pubKeySize, cert->heap,
- DYNAMIC_TYPE_PUBLIC_KEY);
- if (ptr == NULL)
- return MEMORY_E;
- XMEMCPY(ptr, cert->publicKey, cert->pubKeySize);
- cert->publicKey = (byte *)ptr;
- cert->pubKeyStored = 1;
- }
- return ret;
- }
- /* from SSL proper, for locking can't do find here anymore */
- #ifdef __cplusplus
- extern "C" {
- #endif
- Signer* GetCA(void* signers, byte* hash);
- #ifndef NO_SKID
- Signer* GetCAByName(void* signers, byte* hash);
- #endif
- #ifdef __cplusplus
- }
- #endif
- #if defined(WOLFCRYPT_ONLY) || defined(NO_CERTS)
- /* dummy functions, not using wolfSSL so don't need actual ones */
- Signer* GetCA(void* signers, byte* hash)
- {
- (void)hash;
- return (Signer*)signers;
- }
- #ifndef NO_SKID
- Signer* GetCAByName(void* signers, byte* hash)
- {
- (void)hash;
- return (Signer*)signers;
- }
- #endif /* NO_SKID */
- #endif /* WOLFCRYPT_ONLY || NO_CERTS */
- #if defined(WOLFSSL_NO_TRUSTED_CERTS_VERIFY) && !defined(NO_SKID)
- static Signer* GetCABySubjectAndPubKey(DecodedCert* cert, void* cm)
- {
- Signer* ca = NULL;
- if (cert->extSubjKeyIdSet)
- ca = GetCA(cm, cert->extSubjKeyId);
- if (ca == NULL)
- ca = GetCAByName(cm, cert->subjectHash);
- if (ca) {
- if ((ca->pubKeySize == cert->pubKeySize) &&
- (XMEMCMP(ca->publicKey, cert->publicKey, ca->pubKeySize) == 0)) {
- return ca;
- }
- }
- return NULL;
- }
- #endif
- #if defined(WOLFSSL_SMALL_CERT_VERIFY) || defined(OPENSSL_EXTRA)
- /* Only quick step through the certificate to find fields that are then used
- * in certificate signature verification.
- * Must use the signature OID from the signed part of the certificate.
- * Works also on certificate signing requests.
- *
- * This is only for minimizing dynamic memory usage during TLS certificate
- * chain processing.
- * Doesn't support:
- * OCSP Only: alt lookup using subject and pub key w/o sig check
- */
- static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
- void* cm, const byte* pubKey, word32 pubKeySz, int pubKeyOID, int req)
- {
- #ifndef WOLFSSL_SMALL_STACK
- SignatureCtx sigCtx[1];
- #else
- SignatureCtx* sigCtx;
- #endif
- byte hash[KEYID_SIZE];
- Signer* ca = NULL;
- word32 idx = 0;
- int len;
- word32 tbsCertIdx = 0;
- word32 sigIndex = 0;
- word32 signatureOID = 0;
- word32 oid = 0;
- word32 issuerIdx = 0;
- word32 issuerSz = 0;
- #ifndef NO_SKID
- int extLen = 0;
- word32 extIdx = 0;
- word32 extEndIdx = 0;
- int extAuthKeyIdSet = 0;
- #endif
- int ret = 0;
- word32 localIdx;
- byte tag;
- if (cert == NULL) {
- return BAD_FUNC_ARG;
- }
- #ifdef WOLFSSL_SMALL_STACK
- sigCtx = (SignatureCtx*)XMALLOC(sizeof(*sigCtx), heap, DYNAMIC_TYPE_SIGNATURE);
- if (sigCtx == NULL)
- return MEMORY_E;
- #endif
- InitSignatureCtx(sigCtx, heap, INVALID_DEVID);
- /* Certificate SEQUENCE */
- if (GetSequence(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- if (ret == 0) {
- tbsCertIdx = idx;
- /* TBSCertificate SEQUENCE */
- if (GetSequence(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- sigIndex = len + idx;
- if ((idx + 1) > certSz)
- ret = BUFFER_E;
- }
- if (ret == 0) {
- /* version - optional */
- localIdx = idx;
- if (GetASNTag(cert, &localIdx, &tag, certSz) == 0) {
- if (tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) {
- idx++;
- if (GetLength(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- idx += len;
- }
- }
- }
- if (ret == 0) {
- /* serialNumber */
- if (GetASNHeader(cert, ASN_INTEGER, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- idx += len;
- /* signature */
- if (!req &&
- GetAlgoId(cert, &idx, &signatureOID, oidSigType, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- issuerIdx = idx;
- /* issuer for cert or subject for csr */
- if (GetSequence(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- issuerSz = len + idx - issuerIdx;
- }
- #ifndef NO_SKID
- if (!req && ret == 0) {
- idx += len;
- /* validity */
- if (GetSequence(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (!req && ret == 0) {
- idx += len;
- /* subject */
- if (GetSequence(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- idx += len;
- /* subjectPublicKeyInfo */
- if (GetSequence(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (req && ret == 0) {
- idx += len;
- /* attributes */
- if (GetASNHeader_ex(cert,
- ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED, &idx,
- &len, certSz, 1) < 0)
- ret = ASN_PARSE_E;
- }
- if (!req) {
- if (ret == 0) {
- idx += len;
- if ((idx + 1) > certSz)
- ret = BUFFER_E;
- }
- if (ret == 0) {
- /* issuerUniqueID - optional */
- localIdx = idx;
- if (GetASNTag(cert, &localIdx, &tag, certSz) == 0) {
- if (tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1)) {
- idx++;
- if (GetLength(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- idx += len;
- }
- }
- }
- if (ret == 0) {
- if ((idx + 1) > certSz)
- ret = BUFFER_E;
- }
- if (ret == 0) {
- /* subjectUniqueID - optional */
- localIdx = idx;
- if (GetASNTag(cert, &localIdx, &tag, certSz) == 0) {
- if (tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 2)) {
- idx++;
- if (GetLength(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- idx += len;
- }
- }
- }
- if (ret == 0) {
- if ((idx + 1) > certSz)
- ret = BUFFER_E;
- }
- /* extensions - optional */
- localIdx = idx;
- if (ret == 0 && GetASNTag(cert, &localIdx, &tag, certSz) == 0 &&
- tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 3)) {
- idx++;
- if (GetLength(cert, &idx, &extLen, certSz) < 0)
- ret = ASN_PARSE_E;
- if (ret == 0) {
- if (GetSequence(cert, &idx, &extLen, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- extEndIdx = idx + extLen;
- /* Check each extension for the ones we want. */
- while (ret == 0 && idx < extEndIdx) {
- if (GetSequence(cert, &idx, &len, certSz) < 0)
- ret = ASN_PARSE_E;
- if (ret == 0) {
- extIdx = idx;
- if (GetObjectId(cert, &extIdx, &oid, oidCertExtType,
- certSz) < 0) {
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- if ((extIdx + 1) > certSz)
- ret = BUFFER_E;
- }
- }
- if (ret == 0) {
- localIdx = extIdx;
- if (GetASNTag(cert, &localIdx, &tag, certSz) == 0 &&
- tag == ASN_BOOLEAN) {
- if (GetBoolean(cert, &extIdx, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- }
- if (ret == 0) {
- if (GetOctetString(cert, &extIdx, &extLen, certSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- switch (oid) {
- case AUTH_KEY_OID:
- if (GetSequence(cert, &extIdx, &extLen, certSz) < 0)
- ret = ASN_PARSE_E;
- if (ret == 0 && (extIdx + 1) >= certSz)
- ret = BUFFER_E;
- if (ret == 0 &&
- GetASNTag(cert, &extIdx, &tag, certSz) == 0 &&
- tag == (ASN_CONTEXT_SPECIFIC | 0)) {
- if (GetLength(cert, &extIdx, &extLen, certSz) <= 0)
- ret = ASN_PARSE_E;
- if (ret == 0) {
- extAuthKeyIdSet = 1;
- if (extLen == KEYID_SIZE)
- XMEMCPY(hash, cert + extIdx, extLen);
- else {
- ret = CalcHashId(cert + extIdx, extLen,
- hash);
- }
- }
- }
- break;
- default:
- break;
- }
- }
- idx += len;
- }
- }
- }
- }
- else if (ret == 0) {
- idx += len;
- }
- if (ret == 0 && pubKey == NULL) {
- if (extAuthKeyIdSet)
- ca = GetCA(cm, hash);
- if (ca == NULL) {
- ret = CalcHashId(cert + issuerIdx, issuerSz, hash);
- if (ret == 0)
- ca = GetCAByName(cm, hash);
- }
- }
- #else
- if (ret == 0 && pubKey == NULL) {
- ret = CalcHashId(cert + issuerIdx, issuerSz, hash);
- if (ret == 0)
- ca = GetCA(cm, hash);
- }
- #endif /* !NO_SKID */
- if (ca == NULL && pubKey == NULL)
- ret = ASN_NO_SIGNER_E;
- if (ret == 0) {
- idx = sigIndex;
- /* signatureAlgorithm */
- if (GetAlgoId(cert, &idx, &oid, oidSigType, certSz) < 0)
- ret = ASN_PARSE_E;
- /* In CSR signature data is not present in body */
- if (req)
- signatureOID = oid;
- }
- if (ret == 0) {
- if (oid != signatureOID)
- ret = ASN_SIG_OID_E;
- }
- if (ret == 0) {
- /* signatureValue */
- if (CheckBitString(cert, &idx, &len, certSz, 1, NULL) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- if (pubKey != NULL) {
- ret = ConfirmSignature(sigCtx, cert + tbsCertIdx,
- sigIndex - tbsCertIdx,
- pubKey, pubKeySz, pubKeyOID,
- cert + idx, len, signatureOID, NULL);
- }
- else {
- ret = ConfirmSignature(sigCtx, cert + tbsCertIdx,
- sigIndex - tbsCertIdx,
- ca->publicKey, ca->pubKeySize, ca->keyOID,
- cert + idx, len, signatureOID, NULL);
- }
- if (ret != 0) {
- WOLFSSL_MSG("Confirm signature failed");
- }
- }
- FreeSignatureCtx(sigCtx);
- #ifdef WOLFSSL_SMALL_STACK
- if (sigCtx != NULL)
- XFREE(sigCtx, heap, DYNAMIC_TYPE_SIGNATURE);
- #endif
- return ret;
- }
- #ifdef OPENSSL_EXTRA
- /* Call CheckCertSignature_ex using a public key buffer for verification
- */
- int CheckCertSignaturePubKey(const byte* cert, word32 certSz, void* heap,
- const byte* pubKey, word32 pubKeySz, int pubKeyOID)
- {
- return CheckCertSignature_ex(cert, certSz, heap, NULL,
- pubKey, pubKeySz, pubKeyOID, 0);
- }
- #ifdef WOLFSSL_CERT_REQ
- int CheckCSRSignaturePubKey(const byte* cert, word32 certSz, void* heap,
- const byte* pubKey, word32 pubKeySz, int pubKeyOID)
- {
- return CheckCertSignature_ex(cert, certSz, heap, NULL,
- pubKey, pubKeySz, pubKeyOID, 1);
- }
- #endif /* WOLFSSL_CERT_REQ */
- #endif /* OPENSSL_EXTRA */
- #ifdef WOLFSSL_SMALL_CERT_VERIFY
- /* Call CheckCertSignature_ex using a certificate manager (cm)
- */
- int CheckCertSignature(const byte* cert, word32 certSz, void* heap, void* cm)
- {
- return CheckCertSignature_ex(cert, certSz, heap, cm, NULL, 0, 0, 0);
- }
- #endif /* WOLFSSL_SMALL_CERT_VERIFY */
- #endif /* WOLFSSL_SMALL_CERT_VERIFY || OPENSSL_EXTRA */
- int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
- {
- int ret = 0;
- int checkPathLen = 0;
- int decrementMaxPathLen = 0;
- word32 confirmOID = 0;
- #if defined(WOLFSSL_RENESAS_TSIP)
- int idx = 0;
- #endif
- byte* tsip_encRsaKeyIdx;
- #ifdef WOLFSSL_CERT_REQ
- int len = 0;
- #endif
- if (cert == NULL) {
- return BAD_FUNC_ARG;
- }
- #ifdef WOLFSSL_CERT_REQ
- if (type == CERTREQ_TYPE)
- cert->isCSR = 1;
- #endif
- if (cert->sigCtx.state == SIG_STATE_BEGIN) {
- cert->badDate = 0;
- cert->criticalExt = 0;
- if ((ret = DecodeToKey(cert, verify)) < 0) {
- if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E)
- cert->badDate = ret;
- else
- return ret;
- }
- WOLFSSL_MSG("Parsed Past Key");
- #ifdef WOLFSSL_CERT_REQ
- /* Read attributes */
- if (cert->isCSR) {
- if (GetASNHeader_ex(cert->source,
- ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED, &cert->srcIdx,
- &len, cert->maxIdx, 1) < 0) {
- WOLFSSL_MSG("GetASNHeader_ex error");
- return ASN_PARSE_E;
- }
- if (len) {
- word32 attrMaxIdx = cert->srcIdx + len;
- word32 oid;
- byte tag;
- if (attrMaxIdx > cert->maxIdx) {
- WOLFSSL_MSG("Attribute length greater than CSR length");
- return ASN_PARSE_E;
- }
- while (cert->srcIdx < attrMaxIdx) {
- /* Attributes have the structure:
- * SEQ -> OID -> SET -> ATTRIBUTE */
- if (GetSequence(cert->source, &cert->srcIdx, &len,
- attrMaxIdx) < 0) {
- WOLFSSL_MSG("attr GetSequence error");
- return ASN_PARSE_E;
- }
- if (GetObjectId(cert->source, &cert->srcIdx, &oid,
- oidCsrAttrType, attrMaxIdx) < 0) {
- WOLFSSL_MSG("attr GetObjectId error");
- return ASN_PARSE_E;
- }
- if (GetSet(cert->source, &cert->srcIdx, &len,
- attrMaxIdx) < 0) {
- WOLFSSL_MSG("attr GetSet error");
- return ASN_PARSE_E;
- }
- switch (oid) {
- case CHALLENGE_PASSWORD_OID:
- if (GetHeader(cert->source, &tag,
- &cert->srcIdx, &len, attrMaxIdx, 1) < 0) {
- WOLFSSL_MSG("attr GetHeader error");
- return ASN_PARSE_E;
- }
- if (tag != ASN_PRINTABLE_STRING && tag != ASN_UTF8STRING &&
- tag != ASN_IA5_STRING) {
- WOLFSSL_MSG("Unsupported attribute value format");
- return ASN_PARSE_E;
- }
- cert->cPwd = (char*)cert->source + cert->srcIdx;
- cert->cPwdLen = len;
- cert->srcIdx += len;
- break;
- case SERIAL_NUMBER_OID:
- if (GetHeader(cert->source, &tag,
- &cert->srcIdx, &len, attrMaxIdx, 1) < 0) {
- WOLFSSL_MSG("attr GetHeader error");
- return ASN_PARSE_E;
- }
- if (tag != ASN_PRINTABLE_STRING && tag != ASN_UTF8STRING &&
- tag != ASN_IA5_STRING) {
- WOLFSSL_MSG("Unsupported attribute value format");
- return ASN_PARSE_E;
- }
- cert->sNum = (char*)cert->source + cert->srcIdx;
- cert->sNumLen = len;
- cert->srcIdx += len;
- if (cert->sNumLen <= EXTERNAL_SERIAL_SIZE) {
- XMEMCPY(cert->serial, cert->sNum, cert->sNumLen);
- cert->serialSz = cert->sNumLen;
- }
- break;
- case EXTENSION_REQUEST_OID:
- /* save extensions */
- cert->extensions = &cert->source[cert->srcIdx];
- cert->extensionsSz = len;
- cert->extensionsIdx = cert->srcIdx; /* for potential later use */
- if ((ret = DecodeCertExtensions(cert)) < 0) {
- if (ret == ASN_CRIT_EXT_E)
- cert->criticalExt = ret;
- else
- return ret;
- }
- cert->srcIdx += len;
- break;
- default:
- WOLFSSL_MSG("Unsupported attribute type");
- return ASN_PARSE_E;
- }
- }
- }
- }
- #endif
- if (cert->srcIdx < cert->sigIndex) {
- #ifndef ALLOW_V1_EXTENSIONS
- if (cert->version < 2) {
- WOLFSSL_MSG("\tv1 and v2 certs not allowed extensions");
- return ASN_VERSION_E;
- }
- #endif
- /* save extensions */
- cert->extensions = &cert->source[cert->srcIdx];
- cert->extensionsSz = cert->sigIndex - cert->srcIdx;
- cert->extensionsIdx = cert->srcIdx; /* for potential later use */
- if ((ret = DecodeCertExtensions(cert)) < 0) {
- if (ret == ASN_CRIT_EXT_E)
- cert->criticalExt = ret;
- else
- return ret;
- }
- #ifdef HAVE_OCSP
- /* trust for the lifetime of the responder's cert*/
- if (cert->ocspNoCheckSet && verify == VERIFY_OCSP)
- verify = NO_VERIFY;
- #endif
- /* advance past extensions */
- cert->srcIdx = cert->sigIndex;
- }
- if ((ret = GetAlgoId(cert->source, &cert->srcIdx,
- #ifdef WOLFSSL_CERT_REQ
- !cert->isCSR ? &confirmOID : &cert->signatureOID,
- #else
- &confirmOID,
- #endif
- oidSigType, cert->maxIdx)) < 0)
- return ret;
- if ((ret = GetSignature(cert)) < 0)
- return ret;
- if (confirmOID != cert->signatureOID
- #ifdef WOLFSSL_CERT_REQ
- && !cert->isCSR
- #endif
- )
- return ASN_SIG_OID_E;
- #ifndef NO_SKID
- if (cert->extSubjKeyIdSet == 0 && cert->publicKey != NULL &&
- cert->pubKeySize > 0) {
- ret = CalcHashId(cert->publicKey, cert->pubKeySize,
- cert->extSubjKeyId);
- if (ret != 0)
- return ret;
- }
- #endif /* !NO_SKID */
- if (!cert->selfSigned || (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE)) {
- cert->ca = NULL;
- #ifndef NO_SKID
- if (cert->extAuthKeyIdSet) {
- cert->ca = GetCA(cm, cert->extAuthKeyId);
- }
- if (cert->ca == NULL && cert->extSubjKeyIdSet
- && verify != VERIFY_OCSP) {
- cert->ca = GetCA(cm, cert->extSubjKeyId);
- }
- if (cert->ca != NULL && XMEMCMP(cert->issuerHash,
- cert->ca->subjectNameHash, KEYID_SIZE) != 0) {
- cert->ca = NULL;
- }
- if (cert->ca == NULL) {
- cert->ca = GetCAByName(cm, cert->issuerHash);
- /* If AKID is available then this CA doesn't have the public
- * key required */
- if (cert->ca && cert->extAuthKeyIdSet) {
- WOLFSSL_MSG("CA SKID doesn't match AKID");
- cert->ca = NULL;
- }
- }
- /* OCSP Only: alt lookup using subject and pub key w/o sig check */
- #ifdef WOLFSSL_NO_TRUSTED_CERTS_VERIFY
- if (cert->ca == NULL && verify == VERIFY_OCSP) {
- cert->ca = GetCABySubjectAndPubKey(cert, cm);
- if (cert->ca) {
- ret = 0; /* success */
- goto exit_pcr;
- }
- }
- #endif /* WOLFSSL_NO_TRUSTED_CERTS_VERIFY */
- #else
- cert->ca = GetCA(cm, cert->issuerHash);
- #endif /* !NO_SKID */
- if (cert->ca) {
- WOLFSSL_MSG("CA found");
- }
- }
- if (cert->selfSigned) {
- cert->maxPathLen = WOLFSSL_MAX_PATH_LEN;
- } else {
- /* RFC 5280 Section 4.2.1.9:
- *
- * load/receive check
- *
- * 1) Is CA boolean set?
- * No - SKIP CHECK
- * Yes - Check key usage
- * 2) Is Key usage extension present?
- * No - goto 3
- * Yes - check keyCertSign assertion
- * 2.a) Is keyCertSign asserted?
- * No - goto 4
- * Yes - goto 3
- * 3) Is pathLen set?
- * No - goto 4
- * Yes - check pathLen against maxPathLen.
- * 3.a) Is pathLen less than maxPathLen?
- * No - goto 4
- * Yes - set maxPathLen to pathLen and EXIT
- * 4) Is maxPathLen > 0?
- * Yes - Reduce by 1
- * No - ERROR
- */
- if (cert->ca && cert->pathLengthSet) {
- cert->maxPathLen = cert->pathLength;
- if (cert->isCA) {
- WOLFSSL_MSG("\tCA boolean set");
- if (cert->extKeyUsageSet) {
- WOLFSSL_MSG("\tExtension Key Usage Set");
- if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) {
- checkPathLen = 1;
- } else {
- decrementMaxPathLen = 1;
- }
- } else {
- checkPathLen = 1;
- } /* !cert->ca check */
- } /* cert is not a CA (assuming entity cert) */
- if (checkPathLen && cert->pathLengthSet) {
- if (cert->pathLength < cert->ca->maxPathLen) {
- WOLFSSL_MSG("\tmaxPathLen status: set to pathLength");
- cert->maxPathLen = cert->pathLength;
- } else {
- decrementMaxPathLen = 1;
- }
- }
- if (decrementMaxPathLen && cert->ca->maxPathLen > 0) {
- WOLFSSL_MSG("\tmaxPathLen status: reduce by 1");
- cert->maxPathLen = cert->ca->maxPathLen - 1;
- if (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE) {
- WOLFSSL_MSG("\tmaxPathLen status: OK");
- }
- } else if (decrementMaxPathLen && cert->ca->maxPathLen == 0) {
- cert->maxPathLen = 0;
- if (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE) {
- WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0");
- WOLFSSL_MSG("\tmaxPathLen status: ERROR");
- return ASN_PATHLEN_INV_E;
- }
- }
- } else if (cert->ca && cert->isCA) {
- /* case where cert->pathLength extension is not set */
- if (cert->ca->maxPathLen > 0) {
- cert->maxPathLen = cert->ca->maxPathLen - 1;
- } else {
- cert->maxPathLen = 0;
- if (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE) {
- WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0");
- WOLFSSL_MSG("\tmaxPathLen status: ERROR");
- return ASN_PATHLEN_INV_E;
- }
- }
- }
- }
- #ifdef HAVE_OCSP
- if (verify != NO_VERIFY && type != CA_TYPE &&
- type != TRUSTED_PEER_TYPE) {
- if (cert->ca) {
- /* Need the CA's public key hash for OCSP */
- XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash,
- KEYID_SIZE);
- }
- }
- #endif /* HAVE_OCSP */
- }
- #if defined(WOLFSSL_RENESAS_TSIP)
- /* prepare for TSIP TLS cert verification API use */
- if (cert->keyOID == RSAk) {
- /* to call TSIP API, it needs keys position info in bytes */
- if ((ret = RsaPublicKeyDecodeRawIndex(cert->publicKey, (word32*)&idx,
- cert->pubKeySize,
- &cert->sigCtx.pubkey_n_start,
- &cert->sigCtx.pubkey_n_len,
- &cert->sigCtx.pubkey_e_start,
- &cert->sigCtx.pubkey_e_len)) != 0) {
- WOLFSSL_MSG("Decoding index from cert failed.");
- return ret;
- }
- cert->sigCtx.certBegin = cert->certBegin;
- }
- /* check if we can use TSIP for cert verification */
- /* if the ca is verified as tsip root ca. */
- /* TSIP can only handle 2048 bits(256 byte) key. */
- if (cert->ca && tsip_checkCA(cert->ca->cm_idx) != 0 &&
- cert->sigCtx.pubkey_n_len == 256) {
- /* assign memory to encrypted tsip Rsa key index */
- if (!cert->tsip_encRsaKeyIdx)
- cert->tsip_encRsaKeyIdx =
- (byte*)XMALLOC(TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY,
- cert->heap, DYNAMIC_TYPE_RSA);
- if (cert->tsip_encRsaKeyIdx == NULL)
- return MEMORY_E;
- } else {
- if (cert->ca) {
- /* TSIP isn't usable */
- if (tsip_checkCA(cert->ca->cm_idx) == 0)
- WOLFSSL_MSG("TSIP isn't usable because the ca isn't verified "
- "by TSIP.");
- else if (cert->sigCtx.pubkey_n_len != 256)
- WOLFSSL_MSG("TSIP isn't usable because the ca isn't signed by "
- "RSA 2048.");
- else
- WOLFSSL_MSG("TSIP isn't usable");
- }
- cert->tsip_encRsaKeyIdx = NULL;
- }
- tsip_encRsaKeyIdx = cert->tsip_encRsaKeyIdx;
- #else
- tsip_encRsaKeyIdx = NULL;
- #endif
- if (verify != NO_VERIFY && type != CA_TYPE && type != TRUSTED_PEER_TYPE) {
- if (cert->ca) {
- if (verify == VERIFY || verify == VERIFY_OCSP ||
- verify == VERIFY_SKIP_DATE) {
- /* try to confirm/verify signature */
- if ((ret = ConfirmSignature(&cert->sigCtx,
- cert->source + cert->certBegin,
- cert->sigIndex - cert->certBegin,
- cert->ca->publicKey, cert->ca->pubKeySize,
- cert->ca->keyOID, cert->signature,
- cert->sigLength, cert->signatureOID,
- tsip_encRsaKeyIdx)) != 0) {
- if (ret != WC_PENDING_E) {
- WOLFSSL_MSG("Confirm signature failed");
- }
- return ret;
- }
- }
- #ifndef IGNORE_NAME_CONSTRAINTS
- if (verify == VERIFY || verify == VERIFY_OCSP ||
- verify == VERIFY_NAME || verify == VERIFY_SKIP_DATE) {
- /* check that this cert's name is permitted by the signer's
- * name constraints */
- if (!ConfirmNameConstraints(cert->ca, cert)) {
- WOLFSSL_MSG("Confirm name constraint failed");
- return ASN_NAME_INVALID_E;
- }
- }
- #endif /* IGNORE_NAME_CONSTRAINTS */
- }
- else {
- /* no signer */
- WOLFSSL_MSG("No CA signer to verify with");
- return ASN_NO_SIGNER_E;
- }
- }
- #if defined(WOLFSSL_NO_TRUSTED_CERTS_VERIFY) && !defined(NO_SKID)
- exit_pcr:
- #endif
- if (cert->badDate != 0) {
- if (verify != VERIFY_SKIP_DATE) {
- return cert->badDate;
- }
- WOLFSSL_MSG("Date error: Verify option is skipping");
- }
- if (cert->criticalExt != 0)
- return cert->criticalExt;
- return ret;
- }
- /* Create and init an new signer */
- Signer* MakeSigner(void* heap)
- {
- Signer* signer = (Signer*) XMALLOC(sizeof(Signer), heap,
- DYNAMIC_TYPE_SIGNER);
- if (signer) {
- XMEMSET(signer, 0, sizeof(Signer));
- }
- (void)heap;
- return signer;
- }
- /* Free an individual signer */
- void FreeSigner(Signer* signer, void* heap)
- {
- XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
- XFREE((void*)signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY);
- #ifndef IGNORE_NAME_CONSTRAINTS
- if (signer->permittedNames)
- FreeNameSubtrees(signer->permittedNames, heap);
- if (signer->excludedNames)
- FreeNameSubtrees(signer->excludedNames, heap);
- #endif
- #ifdef WOLFSSL_SIGNER_DER_CERT
- FreeDer(&signer->derCert);
- #endif
- XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
- (void)heap;
- }
- /* Free the whole singer table with number of rows */
- void FreeSignerTable(Signer** table, int rows, void* heap)
- {
- int i;
- for (i = 0; i < rows; i++) {
- Signer* signer = table[i];
- while (signer) {
- Signer* next = signer->next;
- FreeSigner(signer, heap);
- signer = next;
- }
- table[i] = NULL;
- }
- }
- #ifdef WOLFSSL_TRUST_PEER_CERT
- /* Free an individual trusted peer cert */
- void FreeTrustedPeer(TrustedPeerCert* tp, void* heap)
- {
- if (tp == NULL) {
- return;
- }
- if (tp->name) {
- XFREE(tp->name, heap, DYNAMIC_TYPE_SUBJECT_CN);
- }
- if (tp->sig) {
- XFREE(tp->sig, heap, DYNAMIC_TYPE_SIGNATURE);
- }
- #ifndef IGNORE_NAME_CONSTRAINTS
- if (tp->permittedNames)
- FreeNameSubtrees(tp->permittedNames, heap);
- if (tp->excludedNames)
- FreeNameSubtrees(tp->excludedNames, heap);
- #endif
- XFREE(tp, heap, DYNAMIC_TYPE_CERT);
- (void)heap;
- }
- /* Free the whole Trusted Peer linked list */
- void FreeTrustedPeerTable(TrustedPeerCert** table, int rows, void* heap)
- {
- int i;
- for (i = 0; i < rows; i++) {
- TrustedPeerCert* tp = table[i];
- while (tp) {
- TrustedPeerCert* next = tp->next;
- FreeTrustedPeer(tp, heap);
- tp = next;
- }
- table[i] = NULL;
- }
- }
- #endif /* WOLFSSL_TRUST_PEER_CERT */
- int SetMyVersion(word32 version, byte* output, int header)
- {
- int i = 0;
- if (output == NULL)
- return BAD_FUNC_ARG;
- if (header) {
- output[i++] = ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED;
- output[i++] = 3;
- }
- output[i++] = ASN_INTEGER;
- output[i++] = 0x01;
- output[i++] = (byte)version;
- return i;
- }
- int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
- word32 outputSz, int maxSnSz)
- {
- int i;
- int snSzInt = (int)snSz;
- if (sn == NULL || output == NULL || snSzInt < 0)
- return BAD_FUNC_ARG;
- /* remove leading zeros */
- while (snSzInt > 0 && sn[0] == 0) {
- snSzInt--;
- sn++;
- }
- /* RFC 5280 - 4.1.2.2:
- * Serial numbers must be a positive value (and not zero) */
- if (snSzInt == 0)
- return BAD_FUNC_ARG;
- if (sn[0] & 0x80)
- maxSnSz--;
- /* truncate if input is too long */
- if (snSzInt > maxSnSz)
- snSzInt = maxSnSz;
- i = SetASNInt(snSzInt, sn[0], NULL);
- /* truncate if input is too long */
- if (snSzInt > (int)outputSz - i)
- snSzInt = (int)outputSz - i;
- /* sanity check number of bytes to copy */
- if (snSzInt <= 0) {
- return BUFFER_E;
- }
- /* write out ASN.1 Integer */
- (void)SetASNInt(snSzInt, sn[0], output);
- XMEMCPY(output + i, sn, snSzInt);
- /* compute final length */
- i += snSzInt;
- return i;
- }
- #endif /* !NO_CERTS */
- int GetSerialNumber(const byte* input, word32* inOutIdx,
- byte* serial, int* serialSz, word32 maxIdx)
- {
- int result = 0;
- int ret;
- WOLFSSL_ENTER("GetSerialNumber");
- if (serial == NULL || input == NULL || serialSz == NULL) {
- return BAD_FUNC_ARG;
- }
- /* First byte is ASN type */
- if ((*inOutIdx+1) > maxIdx) {
- WOLFSSL_MSG("Bad idx first");
- return BUFFER_E;
- }
- ret = GetASNInt(input, inOutIdx, serialSz, maxIdx);
- if (ret != 0)
- return ret;
- if (*serialSz > EXTERNAL_SERIAL_SIZE) {
- WOLFSSL_MSG("Serial size bad");
- return ASN_PARSE_E;
- }
- /* return serial */
- XMEMCPY(serial, &input[*inOutIdx], *serialSz);
- *inOutIdx += *serialSz;
- return result;
- }
- #ifndef NO_CERTS
- int AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)
- {
- int ret = BAD_FUNC_ARG;
- if (pDer) {
- int dynType = 0;
- DerBuffer* der;
- /* Determine dynamic type */
- switch (type) {
- case CA_TYPE: dynType = DYNAMIC_TYPE_CA; break;
- case CERT_TYPE: dynType = DYNAMIC_TYPE_CERT; break;
- case CRL_TYPE: dynType = DYNAMIC_TYPE_CRL; break;
- case DSA_TYPE: dynType = DYNAMIC_TYPE_DSA; break;
- case ECC_TYPE: dynType = DYNAMIC_TYPE_ECC; break;
- case RSA_TYPE: dynType = DYNAMIC_TYPE_RSA; break;
- default: dynType = DYNAMIC_TYPE_KEY; break;
- }
- /* Setup new buffer */
- *pDer = (DerBuffer*)XMALLOC(sizeof(DerBuffer) + length, heap, dynType);
- if (*pDer == NULL) {
- return MEMORY_E;
- }
- XMEMSET(*pDer, 0, sizeof(DerBuffer) + length);
- der = *pDer;
- der->type = type;
- der->dynType = dynType; /* Cache this for FreeDer */
- der->heap = heap;
- der->buffer = (byte*)der + sizeof(DerBuffer);
- der->length = length;
- ret = 0; /* Success */
- }
- return ret;
- }
- void FreeDer(DerBuffer** pDer)
- {
- if (pDer && *pDer)
- {
- DerBuffer* der = (DerBuffer*)*pDer;
- /* ForceZero private keys */
- if (der->type == PRIVATEKEY_TYPE) {
- ForceZero(der->buffer, der->length);
- }
- der->buffer = NULL;
- der->length = 0;
- XFREE(der, der->heap, der->dynType);
- *pDer = NULL;
- }
- }
- int wc_AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)
- {
- return AllocDer(pDer, length, type, heap);
- }
- void wc_FreeDer(DerBuffer** pDer)
- {
- FreeDer(pDer);
- }
- #if defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM)
- /* Note: If items added make sure MAX_X509_HEADER_SZ is
- updated to reflect maximum length and pem_struct_min_sz
- to reflect minimum size */
- wcchar BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
- wcchar END_CERT = "-----END CERTIFICATE-----";
- #ifdef WOLFSSL_CERT_REQ
- wcchar BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
- wcchar END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
- #endif
- #ifndef NO_DH
- wcchar BEGIN_DH_PARAM = "-----BEGIN DH PARAMETERS-----";
- wcchar END_DH_PARAM = "-----END DH PARAMETERS-----";
- #endif
- #ifndef NO_DSA
- wcchar BEGIN_DSA_PARAM = "-----BEGIN DSA PARAMETERS-----";
- wcchar END_DSA_PARAM = "-----END DSA PARAMETERS-----";
- #endif
- wcchar BEGIN_X509_CRL = "-----BEGIN X509 CRL-----";
- wcchar END_X509_CRL = "-----END X509 CRL-----";
- wcchar BEGIN_RSA_PRIV = "-----BEGIN RSA PRIVATE KEY-----";
- wcchar END_RSA_PRIV = "-----END RSA PRIVATE KEY-----";
- wcchar BEGIN_PRIV_KEY = "-----BEGIN PRIVATE KEY-----";
- wcchar END_PRIV_KEY = "-----END PRIVATE KEY-----";
- wcchar BEGIN_ENC_PRIV_KEY = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
- wcchar END_ENC_PRIV_KEY = "-----END ENCRYPTED PRIVATE KEY-----";
- #ifdef HAVE_ECC
- wcchar BEGIN_EC_PRIV = "-----BEGIN EC PRIVATE KEY-----";
- wcchar END_EC_PRIV = "-----END EC PRIVATE KEY-----";
- #endif
- #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448) || \
- !defined(NO_DSA)
- wcchar BEGIN_DSA_PRIV = "-----BEGIN DSA PRIVATE KEY-----";
- wcchar END_DSA_PRIV = "-----END DSA PRIVATE KEY-----";
- #endif
- #ifdef OPENSSL_EXTRA
- const char BEGIN_PRIV_KEY_PREFIX[] = "-----BEGIN";
- const char PRIV_KEY_SUFFIX[] = "PRIVATE KEY-----";
- const char END_PRIV_KEY_PREFIX[] = "-----END";
- #endif
- wcchar BEGIN_PUB_KEY = "-----BEGIN PUBLIC KEY-----";
- wcchar END_PUB_KEY = "-----END PUBLIC KEY-----";
- #if defined(HAVE_ED25519) || defined(HAVE_ED448)
- wcchar BEGIN_EDDSA_PRIV = "-----BEGIN EDDSA PRIVATE KEY-----";
- wcchar END_EDDSA_PRIV = "-----END EDDSA PRIVATE KEY-----";
- #endif
- const int pem_struct_min_sz = XSTR_SIZEOF("-----BEGIN X509 CRL-----"
- "-----END X509 CRL-----");
- static WC_INLINE const char* SkipEndOfLineChars(const char* line,
- const char* endOfLine)
- {
- /* eat end of line characters */
- while (line < endOfLine &&
- (line[0] == '\r' || line[0] == '\n')) {
- line++;
- }
- return line;
- }
- int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
- {
- int ret = BAD_FUNC_ARG;
- switch (type) {
- case CA_TYPE: /* same as below */
- case TRUSTED_PEER_TYPE:
- case CERT_TYPE:
- if (header) *header = BEGIN_CERT;
- if (footer) *footer = END_CERT;
- ret = 0;
- break;
- case CRL_TYPE:
- if (header) *header = BEGIN_X509_CRL;
- if (footer) *footer = END_X509_CRL;
- ret = 0;
- break;
- #ifndef NO_DH
- case DH_PARAM_TYPE:
- if (header) *header = BEGIN_DH_PARAM;
- if (footer) *footer = END_DH_PARAM;
- ret = 0;
- break;
- #endif
- #ifndef NO_DSA
- case DSA_PARAM_TYPE:
- if (header) *header = BEGIN_DSA_PARAM;
- if (footer) *footer = END_DSA_PARAM;
- ret = 0;
- break;
- #endif
- #ifdef WOLFSSL_CERT_REQ
- case CERTREQ_TYPE:
- if (header) *header = BEGIN_CERT_REQ;
- if (footer) *footer = END_CERT_REQ;
- ret = 0;
- break;
- #endif
- #ifndef NO_DSA
- case DSA_TYPE:
- case DSA_PRIVATEKEY_TYPE:
- if (header) *header = BEGIN_DSA_PRIV;
- if (footer) *footer = END_DSA_PRIV;
- ret = 0;
- break;
- #endif
- #ifdef HAVE_ECC
- case ECC_TYPE:
- case ECC_PRIVATEKEY_TYPE:
- if (header) *header = BEGIN_EC_PRIV;
- if (footer) *footer = END_EC_PRIV;
- ret = 0;
- break;
- #endif
- case RSA_TYPE:
- case PRIVATEKEY_TYPE:
- if (header) *header = BEGIN_RSA_PRIV;
- if (footer) *footer = END_RSA_PRIV;
- ret = 0;
- break;
- #ifdef HAVE_ED25519
- case ED25519_TYPE:
- #endif
- #ifdef HAVE_ED448
- case ED448_TYPE:
- #endif
- #if defined(HAVE_ED25519) || defined(HAVE_ED448)
- case EDDSA_PRIVATEKEY_TYPE:
- if (header) *header = BEGIN_EDDSA_PRIV;
- if (footer) *footer = END_EDDSA_PRIV;
- ret = 0;
- break;
- #endif
- case PUBLICKEY_TYPE:
- case ECC_PUBLICKEY_TYPE:
- if (header) *header = BEGIN_PUB_KEY;
- if (footer) *footer = END_PUB_KEY;
- ret = 0;
- break;
- #ifndef NO_DH
- case DH_PRIVATEKEY_TYPE:
- #endif
- case PKCS8_PRIVATEKEY_TYPE:
- if (header) *header = BEGIN_PRIV_KEY;
- if (footer) *footer = END_PRIV_KEY;
- ret = 0;
- break;
- case PKCS8_ENC_PRIVATEKEY_TYPE:
- if (header) *header = BEGIN_ENC_PRIV_KEY;
- if (footer) *footer = END_ENC_PRIV_KEY;
- ret = 0;
- break;
- default:
- break;
- }
- return ret;
- }
- #ifdef WOLFSSL_ENCRYPTED_KEYS
- static wcchar kProcTypeHeader = "Proc-Type";
- static wcchar kDecInfoHeader = "DEK-Info";
- #ifdef WOLFSSL_PEM_TO_DER
- #ifndef NO_DES3
- static wcchar kEncTypeDes = "DES-CBC";
- static wcchar kEncTypeDes3 = "DES-EDE3-CBC";
- #endif
- #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
- static wcchar kEncTypeAesCbc128 = "AES-128-CBC";
- #endif
- #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_192)
- static wcchar kEncTypeAesCbc192 = "AES-192-CBC";
- #endif
- #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
- static wcchar kEncTypeAesCbc256 = "AES-256-CBC";
- #endif
- int wc_EncryptedInfoGet(EncryptedInfo* info, const char* cipherInfo)
- {
- int ret = 0;
- if (info == NULL || cipherInfo == NULL)
- return BAD_FUNC_ARG;
- /* determine cipher information */
- #ifndef NO_DES3
- if (XSTRNCMP(cipherInfo, kEncTypeDes, XSTRLEN(kEncTypeDes)) == 0) {
- info->cipherType = WC_CIPHER_DES;
- info->keySz = DES_KEY_SIZE;
- if (info->ivSz == 0) info->ivSz = DES_IV_SIZE;
- }
- else if (XSTRNCMP(cipherInfo, kEncTypeDes3, XSTRLEN(kEncTypeDes3)) == 0) {
- info->cipherType = WC_CIPHER_DES3;
- info->keySz = DES3_KEY_SIZE;
- if (info->ivSz == 0) info->ivSz = DES_IV_SIZE;
- }
- else
- #endif /* !NO_DES3 */
- #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
- if (XSTRNCMP(cipherInfo, kEncTypeAesCbc128, XSTRLEN(kEncTypeAesCbc128)) == 0) {
- info->cipherType = WC_CIPHER_AES_CBC;
- info->keySz = AES_128_KEY_SIZE;
- if (info->ivSz == 0) info->ivSz = AES_IV_SIZE;
- }
- else
- #endif
- #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_192)
- if (XSTRNCMP(cipherInfo, kEncTypeAesCbc192, XSTRLEN(kEncTypeAesCbc192)) == 0) {
- info->cipherType = WC_CIPHER_AES_CBC;
- info->keySz = AES_192_KEY_SIZE;
- if (info->ivSz == 0) info->ivSz = AES_IV_SIZE;
- }
- else
- #endif
- #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
- if (XSTRNCMP(cipherInfo, kEncTypeAesCbc256, XSTRLEN(kEncTypeAesCbc256)) == 0) {
- info->cipherType = WC_CIPHER_AES_CBC;
- info->keySz = AES_256_KEY_SIZE;
- if (info->ivSz == 0) info->ivSz = AES_IV_SIZE;
- }
- else
- #endif
- {
- ret = NOT_COMPILED_IN;
- }
- return ret;
- }
- int wc_EncryptedInfoParse(EncryptedInfo* info, const char** pBuffer,
- size_t bufSz)
- {
- int err = 0;
- const char* bufferStart;
- const char* bufferEnd;
- char* line;
- word32 lineSz;
- char* finish;
- word32 finishSz;
- char* start = NULL;
- word32 startSz;
- const char* newline = NULL;
- if (info == NULL || pBuffer == NULL || bufSz == 0)
- return BAD_FUNC_ARG;
- bufferStart = *pBuffer;
- bufferEnd = bufferStart + bufSz;
- /* find encrypted info marker */
- line = XSTRNSTR(bufferStart, kProcTypeHeader,
- min((word32)bufSz, PEM_LINE_LEN));
- if (line != NULL) {
- if (line >= bufferEnd) {
- return BUFFER_E;
- }
- lineSz = (word32)(bufferEnd - line);
- /* find DEC-Info marker */
- start = XSTRNSTR(line, kDecInfoHeader, min(lineSz, PEM_LINE_LEN));
- if (start == NULL)
- return BUFFER_E;
- /* skip dec-info and ": " */
- start += XSTRLEN(kDecInfoHeader);
- if (start >= bufferEnd)
- return BUFFER_E;
- if (start[0] == ':') {
- start++;
- if (start >= bufferEnd)
- return BUFFER_E;
- }
- if (start[0] == ' ')
- start++;
- startSz = (word32)(bufferEnd - start);
- finish = XSTRNSTR(start, ",", min(startSz, PEM_LINE_LEN));
- if ((start != NULL) && (finish != NULL) && (start < finish)) {
- if (finish >= bufferEnd) {
- return BUFFER_E;
- }
- finishSz = (word32)(bufferEnd - finish);
- newline = XSTRNSTR(finish, "\r", min(finishSz, PEM_LINE_LEN));
- /* get cipher name */
- if (NAME_SZ < (finish - start)) /* buffer size of info->name */
- return BUFFER_E;
- if (XMEMCPY(info->name, start, finish - start) == NULL)
- return BUFFER_E;
- info->name[finish - start] = '\0'; /* null term */
- /* populate info */
- err = wc_EncryptedInfoGet(info, info->name);
- if (err != 0)
- return err;
- /* get IV */
- if (finishSz < info->ivSz + 1)
- return BUFFER_E;
- if (newline == NULL) {
- newline = XSTRNSTR(finish, "\n", min(finishSz,
- PEM_LINE_LEN));
- }
- if ((newline != NULL) && (newline > finish)) {
- finish++;
- info->ivSz = (word32)(newline - finish);
- if (info->ivSz > IV_SZ)
- return BUFFER_E;
- if (XMEMCPY(info->iv, finish, info->ivSz) == NULL)
- return BUFFER_E;
- info->set = 1;
- }
- else
- return BUFFER_E;
- }
- else
- return BUFFER_E;
- /* eat end of line characters */
- newline = SkipEndOfLineChars(newline, bufferEnd);
- /* return new headerEnd */
- *pBuffer = newline;
- }
- return err;
- }
- #endif /* WOLFSSL_PEM_TO_DER */
- #ifdef WOLFSSL_DER_TO_PEM
- static int wc_EncryptedInfoAppend(char* dest, int destSz, char* cipherInfo)
- {
- if (cipherInfo != NULL) {
- int cipherInfoStrLen = (int)XSTRLEN((char*)cipherInfo);
- if (cipherInfoStrLen > HEADER_ENCRYPTED_KEY_SIZE - (9+14+10+3))
- cipherInfoStrLen = HEADER_ENCRYPTED_KEY_SIZE - (9+14+10+3);
- if (destSz - (int)XSTRLEN(dest) >= cipherInfoStrLen + (9+14+8+2+2+1)) {
- /* strncat's src length needs to include the NULL */
- XSTRNCAT(dest, kProcTypeHeader, 10);
- XSTRNCAT(dest, ": 4,ENCRYPTED\n", 15);
- XSTRNCAT(dest, kDecInfoHeader, 9);
- XSTRNCAT(dest, ": ", 3);
- XSTRNCAT(dest, cipherInfo, destSz - (int)XSTRLEN(dest) - 1);
- XSTRNCAT(dest, "\n\n", 4);
- }
- }
- return 0;
- }
- #endif /* WOLFSSL_DER_TO_PEM */
- #endif /* WOLFSSL_ENCRYPTED_KEYS */
- #ifdef WOLFSSL_DER_TO_PEM
- /* Used for compatibility API */
- int wc_DerToPem(const byte* der, word32 derSz,
- byte* output, word32 outSz, int type)
- {
- return wc_DerToPemEx(der, derSz, output, outSz, NULL, type);
- }
- /* convert der buffer to pem into output, can't do inplace, der and output
- need to be different */
- int wc_DerToPemEx(const byte* der, word32 derSz, byte* output, word32 outSz,
- byte *cipher_info, int type)
- {
- const char* headerStr = NULL;
- const char* footerStr = NULL;
- #ifdef WOLFSSL_SMALL_STACK
- char* header = NULL;
- char* footer = NULL;
- #else
- char header[MAX_X509_HEADER_SZ + HEADER_ENCRYPTED_KEY_SIZE];
- char footer[MAX_X509_HEADER_SZ];
- #endif
- int headerLen = MAX_X509_HEADER_SZ + HEADER_ENCRYPTED_KEY_SIZE;
- int footerLen = MAX_X509_HEADER_SZ;
- int i;
- int err;
- int outLen; /* return length or error */
- (void)cipher_info;
- if (der == output) /* no in place conversion */
- return BAD_FUNC_ARG;
- err = wc_PemGetHeaderFooter(type, &headerStr, &footerStr);
- if (err != 0)
- return err;
- #ifdef WOLFSSL_SMALL_STACK
- header = (char*)XMALLOC(headerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (header == NULL)
- return MEMORY_E;
- footer = (char*)XMALLOC(footerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (footer == NULL) {
- XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #endif
- /* build header and footer based on type */
- XSTRNCPY(header, headerStr, headerLen - 1);
- header[headerLen - 2] = 0;
- XSTRNCPY(footer, footerStr, footerLen - 1);
- footer[footerLen - 2] = 0;
- /* add new line to end */
- XSTRNCAT(header, "\n", 2);
- XSTRNCAT(footer, "\n", 2);
- #ifdef WOLFSSL_ENCRYPTED_KEYS
- err = wc_EncryptedInfoAppend(header, headerLen, (char*)cipher_info);
- if (err != 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return err;
- }
- #endif
- headerLen = (int)XSTRLEN(header);
- footerLen = (int)XSTRLEN(footer);
- /* if null output and 0 size passed in then return size needed */
- if (!output && outSz == 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- outLen = 0;
- if ((err = Base64_Encode(der, derSz, NULL, (word32*)&outLen))
- != LENGTH_ONLY_E) {
- return err;
- }
- return headerLen + footerLen + outLen;
- }
- if (!der || !output) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BAD_FUNC_ARG;
- }
- /* don't even try if outSz too short */
- if (outSz < headerLen + footerLen + derSz) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BAD_FUNC_ARG;
- }
- /* header */
- XMEMCPY(output, header, headerLen);
- i = headerLen;
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- /* body */
- outLen = outSz - (headerLen + footerLen); /* input to Base64_Encode */
- if ( (err = Base64_Encode(der, derSz, output + i, (word32*)&outLen)) < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return err;
- }
- i += outLen;
- /* footer */
- if ( (i + footerLen) > (int)outSz) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BAD_FUNC_ARG;
- }
- XMEMCPY(output + i, footer, footerLen);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return outLen + headerLen + footerLen;
- }
- #endif /* WOLFSSL_DER_TO_PEM */
- #ifdef WOLFSSL_PEM_TO_DER
- /* Remove PEM header/footer, convert to ASN1, store any encrypted data
- info->consumed tracks of PEM bytes consumed in case multiple parts */
- int PemToDer(const unsigned char* buff, long longSz, int type,
- DerBuffer** pDer, void* heap, EncryptedInfo* info, int* keyFormat)
- {
- const char* header = NULL;
- const char* footer = NULL;
- const char* headerEnd;
- const char* footerEnd;
- const char* consumedEnd;
- const char* bufferEnd = (const char*)(buff + longSz);
- long neededSz;
- int ret = 0;
- int sz = (int)longSz;
- int encrypted_key = 0;
- DerBuffer* der;
- #if defined(HAVE_PKCS8) || defined(WOLFSSL_ENCRYPTED_KEYS)
- word32 algId = 0;
- #if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3) && !defined(NO_WOLFSSL_SKIP_TRAILING_PAD)
- int padVal = 0;
- #endif
- #endif
- #ifdef OPENSSL_EXTRA
- char beginBuf[PEM_LINE_LEN + 1]; /* add 1 for null terminator */
- char endBuf[PEM_LINE_LEN + 1]; /* add 1 for null terminator */
- #endif
- WOLFSSL_ENTER("PemToDer");
- /* get PEM header and footer based on type */
- ret = wc_PemGetHeaderFooter(type, &header, &footer);
- if (ret != 0)
- return ret;
- /* map header if not found for type */
- for (;;) {
- headerEnd = XSTRNSTR((char*)buff, header, sz);
- if (headerEnd) {
- break;
- } else
- if (type == PRIVATEKEY_TYPE) {
- if (header == BEGIN_RSA_PRIV) {
- header = BEGIN_PRIV_KEY; footer = END_PRIV_KEY;
- } else
- if (header == BEGIN_PRIV_KEY) {
- header = BEGIN_ENC_PRIV_KEY; footer = END_ENC_PRIV_KEY;
- } else
- #ifdef HAVE_ECC
- if (header == BEGIN_ENC_PRIV_KEY) {
- header = BEGIN_EC_PRIV; footer = END_EC_PRIV;
- } else
- if (header == BEGIN_EC_PRIV) {
- header = BEGIN_DSA_PRIV; footer = END_DSA_PRIV;
- } else
- #endif
- #if defined(HAVE_ED25519) || defined(HAVE_ED448)
- #ifdef HAVE_ECC
- if (header == BEGIN_DSA_PRIV)
- #else
- if (header == BEGIN_ENC_PRIV_KEY)
- #endif
- {
- header = BEGIN_EDDSA_PRIV; footer = END_EDDSA_PRIV;
- } else
- #endif
- {
- break;
- }
- } else
- #ifdef HAVE_CRL
- if ((type == CRL_TYPE) && (header != BEGIN_X509_CRL)) {
- header = BEGIN_X509_CRL; footer = END_X509_CRL;
- } else
- #endif
- {
- break;
- }
- }
- if (!headerEnd) {
- #ifdef OPENSSL_EXTRA
- if (type == PRIVATEKEY_TYPE) {
- const char* beginEnd;
- int endLen;
- /* see if there is a -----BEGIN * PRIVATE KEY----- header */
- headerEnd = XSTRNSTR((char*)buff, PRIV_KEY_SUFFIX, sz);
- if (headerEnd) {
- beginEnd = headerEnd + XSTR_SIZEOF(PRIV_KEY_SUFFIX);
- if (beginEnd >= (char*)buff + sz) {
- return BUFFER_E;
- }
- /* back up to BEGIN_PRIV_KEY_PREFIX */
- while (headerEnd > (char*)buff &&
- XSTRNCMP(headerEnd, BEGIN_PRIV_KEY_PREFIX,
- XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX)) != 0 &&
- *headerEnd != '\n') {
- headerEnd--;
- }
- if (headerEnd <= (char*)buff ||
- XSTRNCMP(headerEnd, BEGIN_PRIV_KEY_PREFIX,
- XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX)) != 0 ||
- beginEnd - headerEnd > PEM_LINE_LEN) {
- WOLFSSL_MSG("Couldn't find PEM header");
- return ASN_NO_PEM_HEADER;
- }
- /* headerEnd now points to beginning of header */
- XMEMCPY(beginBuf, headerEnd, beginEnd - headerEnd);
- beginBuf[beginEnd - headerEnd] = '\0';
- /* look for matching footer */
- footer = XSTRNSTR(beginEnd,
- beginBuf + XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX),
- (unsigned int)((char*)buff + sz - beginEnd));
- if (!footer) {
- WOLFSSL_MSG("Couldn't find PEM footer");
- return ASN_NO_PEM_HEADER;
- }
- footer -= XSTR_SIZEOF(END_PRIV_KEY_PREFIX);
- if (footer > (char*)buff + sz - XSTR_SIZEOF(END_PRIV_KEY_PREFIX)
- || XSTRNCMP(footer, END_PRIV_KEY_PREFIX,
- XSTR_SIZEOF(END_PRIV_KEY_PREFIX)) != 0) {
- WOLFSSL_MSG("Unexpected footer for PEM");
- return BUFFER_E;
- }
- endLen = (unsigned int)(beginEnd - headerEnd -
- (XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX) -
- XSTR_SIZEOF(END_PRIV_KEY_PREFIX)));
- XMEMCPY(endBuf, footer, endLen);
- endBuf[endLen] = '\0';
- header = beginBuf;
- footer = endBuf;
- headerEnd = beginEnd;
- }
- }
- if (!headerEnd) {
- WOLFSSL_MSG("Couldn't find PEM header");
- return ASN_NO_PEM_HEADER;
- }
- #else
- WOLFSSL_MSG("Couldn't find PEM header");
- return ASN_NO_PEM_HEADER;
- #endif
- } else {
- headerEnd += XSTRLEN(header);
- }
- /* eat end of line characters */
- headerEnd = SkipEndOfLineChars(headerEnd, bufferEnd);
- if (type == PRIVATEKEY_TYPE) {
- /* keyFormat is Key_Sum enum */
- if (keyFormat) {
- #ifdef HAVE_ECC
- if (header == BEGIN_EC_PRIV)
- *keyFormat = ECDSAk;
- #endif
- #if !defined(NO_DSA)
- if (header == BEGIN_DSA_PRIV)
- *keyFormat = DSAk;
- #endif
- }
- }
- #ifdef WOLFSSL_ENCRYPTED_KEYS
- if (info) {
- ret = wc_EncryptedInfoParse(info, &headerEnd, bufferEnd - headerEnd);
- if (ret < 0)
- return ret;
- if (info->set)
- encrypted_key = 1;
- }
- #endif /* WOLFSSL_ENCRYPTED_KEYS */
- /* find footer */
- footerEnd = XSTRNSTR(headerEnd, footer, (unsigned int)((char*)buff + sz - headerEnd));
- if (!footerEnd) {
- if (info)
- info->consumed = longSz; /* No more certs if no footer */
- return BUFFER_E;
- }
- consumedEnd = footerEnd + XSTRLEN(footer);
- if (consumedEnd < bufferEnd) { /* handle no end of line on last line */
- /* eat end of line characters */
- consumedEnd = SkipEndOfLineChars(consumedEnd, bufferEnd);
- /* skip possible null term */
- if (consumedEnd < bufferEnd && consumedEnd[0] == '\0')
- consumedEnd++;
- }
- if (info)
- info->consumed = (long)(consumedEnd - (const char*)buff);
- /* set up der buffer */
- neededSz = (long)(footerEnd - headerEnd);
- if (neededSz > sz || neededSz <= 0)
- return BUFFER_E;
- ret = AllocDer(pDer, (word32)neededSz, type, heap);
- if (ret < 0) {
- return ret;
- }
- der = *pDer;
- if (Base64_Decode((byte*)headerEnd, (word32)neededSz,
- der->buffer, &der->length) < 0)
- return BUFFER_E;
- if ((header == BEGIN_PRIV_KEY
- #ifdef OPENSSL_EXTRA
- || header == beginBuf
- #endif
- #ifdef HAVE_ECC
- || header == BEGIN_EC_PRIV
- #endif
- ) && !encrypted_key)
- {
- #ifdef HAVE_PKCS8
- /* pkcs8 key, convert and adjust length */
- if ((ret = ToTraditional_ex(der->buffer, der->length, &algId)) > 0) {
- der->length = ret;
- if (keyFormat) {
- *keyFormat = algId;
- }
- }
- else {
- /* ignore failure here and assume key is not pkcs8 wrapped */
- }
- #endif
- return 0;
- }
- #ifdef WOLFSSL_ENCRYPTED_KEYS
- if (encrypted_key || header == BEGIN_ENC_PRIV_KEY) {
- int passwordSz = NAME_SZ;
- #ifdef WOLFSSL_SMALL_STACK
- char* password = NULL;
- #else
- char password[NAME_SZ];
- #endif
- if (!info || !info->passwd_cb) {
- WOLFSSL_MSG("No password callback set");
- return NO_PASSWORD;
- }
- #ifdef WOLFSSL_SMALL_STACK
- password = (char*)XMALLOC(passwordSz, heap, DYNAMIC_TYPE_STRING);
- if (password == NULL)
- return MEMORY_E;
- #endif
- /* get password */
- ret = info->passwd_cb(password, passwordSz, PEM_PASS_READ,
- info->passwd_userdata);
- if (ret >= 0) {
- passwordSz = ret;
- /* convert and adjust length */
- if (header == BEGIN_ENC_PRIV_KEY) {
- #ifndef NO_PWDBASED
- ret = ToTraditionalEnc(der->buffer, der->length,
- password, passwordSz, &algId);
- if (ret >= 0) {
- der->length = ret;
- if (keyFormat) {
- *keyFormat = algId;
- }
- ret = 0;
- }
- #else
- ret = NOT_COMPILED_IN;
- #endif
- }
- /* decrypt the key */
- else {
- if (passwordSz == 0) {
- /* The key is encrypted but does not have a password */
- WOLFSSL_MSG("No password for encrypted key");
- ret = NO_PASSWORD;
- }
- else {
- ret = wc_BufferKeyDecrypt(info, der->buffer, der->length,
- (byte*)password, passwordSz, WC_MD5);
- #ifndef NO_WOLFSSL_SKIP_TRAILING_PAD
- #ifndef NO_DES3
- if (info->cipherType == WC_CIPHER_DES3) {
- /* Assuming there is padding:
- * (der->length > 0 && der->length > DES_BLOCK_SIZE &&
- * (der->length % DES_BLOCK_SIZE) != 0)
- * and assuming the last value signifies the number of
- * padded bytes IE if last value is 0x08 then there are
- * 8 bytes of padding:
- * padVal = der->buffer[der->length-1];
- * then strip this padding before proceeding:
- * der->length -= padVal;
- */
- if (der->length > DES_BLOCK_SIZE &&
- (der->length % DES_BLOCK_SIZE) != 0) {
- padVal = der->buffer[der->length-1];
- if (padVal < DES_BLOCK_SIZE) {
- der->length -= padVal;
- }
- }
- }
- #endif /* !NO_DES3 */
- #endif /* !NO_WOLFSSL_SKIP_TRAILING_PAD */
- }
- }
- #ifdef OPENSSL_EXTRA
- if (ret) {
- PEMerr(0, PEM_R_BAD_DECRYPT);
- }
- #endif
- ForceZero(password, passwordSz);
- }
- #ifdef OPENSSL_EXTRA
- else {
- PEMerr(0, PEM_R_BAD_PASSWORD_READ);
- }
- #endif
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(password, heap, DYNAMIC_TYPE_STRING);
- #endif
- }
- #endif /* WOLFSSL_ENCRYPTED_KEYS */
- return ret;
- }
- int wc_PemToDer(const unsigned char* buff, long longSz, int type,
- DerBuffer** pDer, void* heap, EncryptedInfo* info, int* eccKey)
- {
- return PemToDer(buff, longSz, type, pDer, heap, info, eccKey);
- }
- /* our KeyPemToDer password callback, password in userData */
- static WC_INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata)
- {
- (void)rw;
- if (userdata == NULL)
- return 0;
- XSTRNCPY(passwd, (char*)userdata, sz);
- return min((word32)sz, (word32)XSTRLEN((char*)userdata));
- }
- /* Return bytes written to buff or < 0 for error */
- int wc_KeyPemToDer(const unsigned char* pem, int pemSz,
- unsigned char* buff, int buffSz, const char* pass)
- {
- int eccKey = 0;
- int ret;
- DerBuffer* der = NULL;
- #ifdef WOLFSSL_SMALL_STACK
- EncryptedInfo* info = NULL;
- #else
- EncryptedInfo info[1];
- #endif
- WOLFSSL_ENTER("wc_KeyPemToDer");
- if (pem == NULL || buff == NULL || buffSz <= 0) {
- WOLFSSL_MSG("Bad pem der args");
- return BAD_FUNC_ARG;
- }
- #ifdef WOLFSSL_SMALL_STACK
- info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), NULL,
- DYNAMIC_TYPE_ENCRYPTEDINFO);
- if (info == NULL)
- return MEMORY_E;
- #endif
- XMEMSET(info, 0, sizeof(EncryptedInfo));
- info->passwd_cb = OurPasswordCb;
- info->passwd_userdata = (void*)pass;
- ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, info, &eccKey);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(info, NULL, DYNAMIC_TYPE_ENCRYPTEDINFO);
- #endif
- if (ret < 0 || der == NULL) {
- WOLFSSL_MSG("Bad Pem To Der");
- }
- else {
- if (der->length <= (word32)buffSz) {
- XMEMCPY(buff, der->buffer, der->length);
- ret = der->length;
- }
- else {
- WOLFSSL_MSG("Bad der length");
- ret = BAD_FUNC_ARG;
- }
- }
- FreeDer(&der);
- return ret;
- }
- /* Return bytes written to buff or < 0 for error */
- int wc_CertPemToDer(const unsigned char* pem, int pemSz,
- unsigned char* buff, int buffSz, int type)
- {
- int eccKey = 0;
- int ret;
- DerBuffer* der = NULL;
- WOLFSSL_ENTER("wc_CertPemToDer");
- if (pem == NULL || buff == NULL || buffSz <= 0) {
- WOLFSSL_MSG("Bad pem der args");
- return BAD_FUNC_ARG;
- }
- if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) {
- WOLFSSL_MSG("Bad cert type");
- return BAD_FUNC_ARG;
- }
- ret = PemToDer(pem, pemSz, type, &der, NULL, NULL, &eccKey);
- if (ret < 0 || der == NULL) {
- WOLFSSL_MSG("Bad Pem To Der");
- }
- else {
- if (der->length <= (word32)buffSz) {
- XMEMCPY(buff, der->buffer, der->length);
- ret = der->length;
- }
- else {
- WOLFSSL_MSG("Bad der length");
- ret = BAD_FUNC_ARG;
- }
- }
- FreeDer(&der);
- return ret;
- }
- #endif /* WOLFSSL_PEM_TO_DER */
- #endif /* WOLFSSL_PEM_TO_DER || WOLFSSL_DER_TO_PEM */
- #ifdef WOLFSSL_PEM_TO_DER
- #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
- /* Return bytes written to buff or < 0 for error */
- int wc_PubKeyPemToDer(const unsigned char* pem, int pemSz,
- unsigned char* buff, int buffSz)
- {
- int ret;
- DerBuffer* der = NULL;
- WOLFSSL_ENTER("wc_PubKeyPemToDer");
- if (pem == NULL || buff == NULL || buffSz <= 0) {
- WOLFSSL_MSG("Bad pem der args");
- return BAD_FUNC_ARG;
- }
- ret = PemToDer(pem, pemSz, PUBLICKEY_TYPE, &der, NULL, NULL, NULL);
- if (ret < 0 || der == NULL) {
- WOLFSSL_MSG("Bad Pem To Der");
- }
- else {
- if (der->length <= (word32)buffSz) {
- XMEMCPY(buff, der->buffer, der->length);
- ret = der->length;
- }
- else {
- WOLFSSL_MSG("Bad der length");
- ret = BAD_FUNC_ARG;
- }
- }
- FreeDer(&der);
- return ret;
- }
- #endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
- #endif /* WOLFSSL_PEM_TO_DER */
- #ifndef NO_FILESYSTEM
- #ifdef WOLFSSL_CERT_GEN
- /* load pem cert from file into der buffer, return der size or error */
- int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz)
- {
- #ifdef WOLFSSL_SMALL_STACK
- byte staticBuffer[1]; /* force XMALLOC */
- #else
- byte staticBuffer[FILE_BUFFER_SIZE];
- #endif
- byte* fileBuf = staticBuffer;
- int dynamic = 0;
- int ret = 0;
- long sz = 0;
- XFILE file;
- DerBuffer* converted = NULL;
- WOLFSSL_ENTER("wc_PemCertToDer");
- if (fileName == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- file = XFOPEN(fileName, "rb");
- if (file == XBADFILE) {
- ret = BUFFER_E;
- }
- }
- if (ret == 0) {
- if(XFSEEK(file, 0, XSEEK_END) != 0)
- ret = BUFFER_E;
- sz = XFTELL(file);
- XREWIND(file);
- if (sz <= 0) {
- ret = BUFFER_E;
- }
- else if (sz > (long)sizeof(staticBuffer)) {
- #ifdef WOLFSSL_STATIC_MEMORY
- WOLFSSL_MSG("File was larger then static buffer");
- return MEMORY_E;
- #endif
- fileBuf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE);
- if (fileBuf == NULL)
- ret = MEMORY_E;
- else
- dynamic = 1;
- }
- if (ret == 0) {
- if ((size_t)XFREAD(fileBuf, 1, sz, file) != (size_t)sz) {
- ret = BUFFER_E;
- }
- #ifdef WOLFSSL_PEM_TO_DER
- else {
- ret = PemToDer(fileBuf, sz, CA_TYPE, &converted, 0, NULL,NULL);
- }
- #endif
- if (ret == 0) {
- if (converted->length < (word32)derSz) {
- XMEMCPY(derBuf, converted->buffer, converted->length);
- ret = converted->length;
- }
- else
- ret = BUFFER_E;
- }
- FreeDer(&converted);
- }
- XFCLOSE(file);
- if (dynamic)
- XFREE(fileBuf, NULL, DYNAMIC_TYPE_FILE);
- }
- return ret;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)
- /* load pem public key from file into der buffer, return der size or error */
- int wc_PemPubKeyToDer(const char* fileName,
- unsigned char* derBuf, int derSz)
- {
- #ifdef WOLFSSL_SMALL_STACK
- byte staticBuffer[1]; /* force XMALLOC */
- #else
- byte staticBuffer[FILE_BUFFER_SIZE];
- #endif
- byte* fileBuf = staticBuffer;
- int dynamic = 0;
- int ret = 0;
- long sz = 0;
- XFILE file;
- DerBuffer* converted = NULL;
- WOLFSSL_ENTER("wc_PemPubKeyToDer");
- if (fileName == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- file = XFOPEN(fileName, "rb");
- if (file == XBADFILE) {
- ret = BUFFER_E;
- }
- }
- if (ret == 0) {
- if(XFSEEK(file, 0, XSEEK_END) != 0)
- ret = BUFFER_E;
- sz = XFTELL(file);
- XREWIND(file);
- if (sz <= 0) {
- ret = BUFFER_E;
- }
- else if (sz > (long)sizeof(staticBuffer)) {
- #ifdef WOLFSSL_STATIC_MEMORY
- WOLFSSL_MSG("File was larger then static buffer");
- return MEMORY_E;
- #endif
- fileBuf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE);
- if (fileBuf == NULL)
- ret = MEMORY_E;
- else
- dynamic = 1;
- }
- if (ret == 0) {
- if ((size_t)XFREAD(fileBuf, 1, sz, file) != (size_t)sz) {
- ret = BUFFER_E;
- }
- #ifdef WOLFSSL_PEM_TO_DER
- else {
- ret = PemToDer(fileBuf, sz, PUBLICKEY_TYPE, &converted,
- 0, NULL, NULL);
- }
- #endif
- if (ret == 0) {
- if (converted->length < (word32)derSz) {
- XMEMCPY(derBuf, converted->buffer, converted->length);
- ret = converted->length;
- }
- else
- ret = BUFFER_E;
- }
- FreeDer(&converted);
- }
- XFCLOSE(file);
- if (dynamic)
- XFREE(fileBuf, NULL, DYNAMIC_TYPE_FILE);
- }
- return ret;
- }
- #endif /* WOLFSSL_CERT_EXT || WOLFSSL_PUB_PEM_TO_DER */
- #endif /* !NO_FILESYSTEM */
- #if !defined(NO_RSA) && (defined(WOLFSSL_CERT_GEN) || \
- ((defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)) && !defined(HAVE_USER_RSA)))
- /* USER RSA ifdef portions used instead of refactor in consideration for
- possible fips build */
- /* Write a public RSA key to output */
- static int SetRsaPublicKey(byte* output, RsaKey* key,
- int outLen, int with_header)
- {
- #ifdef WOLFSSL_SMALL_STACK
- byte* n = NULL;
- byte* e = NULL;
- #else
- byte n[MAX_RSA_INT_SZ];
- byte e[MAX_RSA_E_SZ];
- #endif
- byte seq[MAX_SEQ_SZ];
- byte bitString[1 + MAX_LENGTH_SZ + 1];
- int nSz;
- int eSz;
- int seqSz;
- int bitStringSz;
- int idx;
- if (output == NULL || key == NULL || outLen < MAX_SEQ_SZ)
- return BAD_FUNC_ARG;
- /* n */
- #ifdef WOLFSSL_SMALL_STACK
- n = (byte*)XMALLOC(MAX_RSA_INT_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (n == NULL)
- return MEMORY_E;
- #endif
- #ifdef HAVE_USER_RSA
- nSz = SetASNIntRSA(key->n, n);
- #else
- nSz = SetASNIntMP(&key->n, MAX_RSA_INT_SZ, n);
- #endif
- if (nSz < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(n, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return nSz;
- }
- /* e */
- #ifdef WOLFSSL_SMALL_STACK
- e = (byte*)XMALLOC(MAX_RSA_E_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (e == NULL) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(n, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return MEMORY_E;
- }
- #endif
- #ifdef HAVE_USER_RSA
- eSz = SetASNIntRSA(key->e, e);
- #else
- eSz = SetASNIntMP(&key->e, MAX_RSA_INT_SZ, e);
- #endif
- if (eSz < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(n, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(e, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return eSz;
- }
- seqSz = SetSequence(nSz + eSz, seq);
- /* check output size */
- if ( (seqSz + nSz + eSz) > outLen) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(n, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(e, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BUFFER_E;
- }
- /* headers */
- if (with_header) {
- int algoSz;
- #ifdef WOLFSSL_SMALL_STACK
- byte* algo;
- algo = (byte*)XMALLOC(MAX_ALGO_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (algo == NULL) {
- XFREE(n, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(e, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #else
- byte algo[MAX_ALGO_SZ];
- #endif
- algoSz = SetAlgoID(RSAk, algo, oidKeyType, 0);
- bitStringSz = SetBitString(seqSz + nSz + eSz, 0, bitString);
- idx = SetSequence(nSz + eSz + seqSz + bitStringSz + algoSz, output);
- /* check output size */
- if ( (idx + algoSz + bitStringSz + seqSz + nSz + eSz) > outLen) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(n, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(e, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BUFFER_E;
- }
- /* algo */
- XMEMCPY(output + idx, algo, algoSz);
- idx += algoSz;
- /* bit string */
- XMEMCPY(output + idx, bitString, bitStringSz);
- idx += bitStringSz;
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- }
- else
- idx = 0;
- /* seq */
- XMEMCPY(output + idx, seq, seqSz);
- idx += seqSz;
- /* n */
- XMEMCPY(output + idx, n, nSz);
- idx += nSz;
- /* e */
- XMEMCPY(output + idx, e, eSz);
- idx += eSz;
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(n, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(e, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return idx;
- }
- #endif /* !NO_RSA && (WOLFSSL_CERT_GEN || (WOLFSSL_KEY_GEN &&
- !HAVE_USER_RSA))) */
- #if !defined(NO_RSA) && (defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA))
- int wc_RsaPublicKeyDerSize(RsaKey* key, int with_header)
- {
- int idx = 0;
- int nSz, eSz, seqSz, bitStringSz, algoSz;
- if (key == NULL)
- return BAD_FUNC_ARG;
- /* n */
- #ifdef HAVE_USER_RSA
- nSz = SetASNIntRSA(key->n, NULL);
- #else
- nSz = SetASNIntMP(&key->n, MAX_RSA_INT_SZ, NULL);
- #endif
- if (nSz < 0) {
- return nSz;
- }
- /* e */
- #ifdef HAVE_USER_RSA
- eSz = SetASNIntRSA(key->e, NULL);
- #else
- eSz = SetASNIntMP(&key->e, MAX_RSA_INT_SZ, NULL);
- #endif
- if (eSz < 0) {
- return eSz;
- }
- seqSz = SetSequence(nSz + eSz, NULL);
- /* headers */
- if (with_header) {
- algoSz = SetAlgoID(RSAk, NULL, oidKeyType, 0);
- bitStringSz = SetBitString(seqSz + nSz + eSz, 0, NULL);
- idx += SetSequence(nSz + eSz + seqSz + bitStringSz + algoSz, NULL);
- /* algo */
- idx += algoSz;
- /* bit string */
- idx += bitStringSz;
- }
- /* seq */
- idx += seqSz;
- /* n */
- idx += nSz;
- /* e */
- idx += eSz;
- return idx;
- }
- #endif /* !NO_RSA && WOLFSSL_CERT_GEN */
- #if defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
- static mp_int* GetRsaInt(RsaKey* key, int idx)
- {
- if (idx == 0)
- return &key->n;
- if (idx == 1)
- return &key->e;
- if (idx == 2)
- return &key->d;
- if (idx == 3)
- return &key->p;
- if (idx == 4)
- return &key->q;
- if (idx == 5)
- return &key->dP;
- if (idx == 6)
- return &key->dQ;
- if (idx == 7)
- return &key->u;
- return NULL;
- }
- /* Release Tmp RSA resources */
- static WC_INLINE void FreeTmpRsas(byte** tmps, void* heap)
- {
- int i;
- (void)heap;
- for (i = 0; i < RSA_INTS; i++)
- XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA);
- }
- /* Convert RsaKey key to DER format, write to output (inLen), return bytes
- written */
- int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
- {
- word32 seqSz, verSz, rawLen, intTotalLen = 0;
- word32 sizes[RSA_INTS];
- int i, j, outLen, ret = 0, mpSz;
- byte seq[MAX_SEQ_SZ];
- byte ver[MAX_VERSION_SZ];
- byte* tmps[RSA_INTS];
- if (!key)
- return BAD_FUNC_ARG;
- if (key->type != RSA_PRIVATE)
- return BAD_FUNC_ARG;
- for (i = 0; i < RSA_INTS; i++)
- tmps[i] = NULL;
- /* write all big ints from key to DER tmps */
- for (i = 0; i < RSA_INTS; i++) {
- mp_int* keyInt = GetRsaInt(key, i);
- rawLen = mp_unsigned_bin_size(keyInt) + 1;
- tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
- DYNAMIC_TYPE_RSA);
- if (tmps[i] == NULL) {
- ret = MEMORY_E;
- break;
- }
- mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, tmps[i]);
- if (mpSz < 0) {
- ret = mpSz;
- break;
- }
- intTotalLen += (sizes[i] = mpSz);
- }
- if (ret != 0) {
- FreeTmpRsas(tmps, key->heap);
- return ret;
- }
- /* make headers */
- verSz = SetMyVersion(0, ver, FALSE);
- seqSz = SetSequence(verSz + intTotalLen, seq);
- outLen = seqSz + verSz + intTotalLen;
- if (output) {
- if (outLen > (int)inLen) {
- FreeTmpRsas(tmps, key->heap);
- return BAD_FUNC_ARG;
- }
- /* write to output */
- XMEMCPY(output, seq, seqSz);
- j = seqSz;
- XMEMCPY(output + j, ver, verSz);
- j += verSz;
- for (i = 0; i < RSA_INTS; i++) {
- XMEMCPY(output + j, tmps[i], sizes[i]);
- j += sizes[i];
- }
- }
- FreeTmpRsas(tmps, key->heap);
- return outLen;
- }
- #endif
- #if (defined(WOLFSSL_KEY_GEN) || defined(OPENSSL_EXTRA)) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
- /* Convert Rsa Public key to DER format, write to output (inLen), return bytes
- written */
- int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen)
- {
- return SetRsaPublicKey(output, key, inLen, 1);
- }
- #endif /* (WOLFSSL_KEY_GEN || OPENSSL_EXTRA) && !NO_RSA && !HAVE_USER_RSA */
- #ifdef WOLFSSL_CERT_GEN
- /* Initialize and Set Certificate defaults:
- version = 3 (0x2)
- serial = 0
- sigType = SHA_WITH_RSA
- issuer = blank
- daysValid = 500
- selfSigned = 1 (true) use subject as issuer
- subject = blank
- */
- int wc_InitCert(Cert* cert)
- {
- #ifdef WOLFSSL_MULTI_ATTRIB
- int i = 0;
- #endif
- if (cert == NULL) {
- return BAD_FUNC_ARG;
- }
- XMEMSET(cert, 0, sizeof(Cert));
- cert->version = 2; /* version 3 is hex 2 */
- #ifndef NO_SHA
- cert->sigType = CTC_SHAwRSA;
- #elif !defined(NO_SHA256)
- cert->sigType = CTC_SHA256wRSA;
- #else
- cert->sigType = 0;
- #endif
- cert->daysValid = 500;
- cert->selfSigned = 1;
- cert->keyType = RSA_KEY;
- cert->issuer.countryEnc = CTC_PRINTABLE;
- cert->issuer.stateEnc = CTC_UTF8;
- cert->issuer.localityEnc = CTC_UTF8;
- cert->issuer.surEnc = CTC_UTF8;
- cert->issuer.orgEnc = CTC_UTF8;
- cert->issuer.unitEnc = CTC_UTF8;
- cert->issuer.commonNameEnc = CTC_UTF8;
- cert->subject.countryEnc = CTC_PRINTABLE;
- cert->subject.stateEnc = CTC_UTF8;
- cert->subject.localityEnc = CTC_UTF8;
- cert->subject.surEnc = CTC_UTF8;
- cert->subject.orgEnc = CTC_UTF8;
- cert->subject.unitEnc = CTC_UTF8;
- cert->subject.commonNameEnc = CTC_UTF8;
- #ifdef WOLFSSL_MULTI_ATTRIB
- for (i = 0; i < CTC_MAX_ATTRIB; i++) {
- cert->issuer.name[i].type = CTC_UTF8;
- cert->subject.name[i].type = CTC_UTF8;
- }
- #endif /* WOLFSSL_MULTI_ATTRIB */
- #ifdef WOLFSSL_HEAP_TEST
- cert->heap = (void*)WOLFSSL_HEAP_TEST;
- #endif
- return 0;
- }
- /* DER encoded x509 Certificate */
- typedef struct DerCert {
- byte size[MAX_LENGTH_SZ]; /* length encoded */
- byte version[MAX_VERSION_SZ]; /* version encoded */
- byte serial[(int)CTC_SERIAL_SIZE + (int)MAX_LENGTH_SZ]; /* serial number encoded */
- byte sigAlgo[MAX_ALGO_SZ]; /* signature algo encoded */
- byte issuer[ASN_NAME_MAX]; /* issuer encoded */
- byte subject[ASN_NAME_MAX]; /* subject encoded */
- byte validity[MAX_DATE_SIZE*2 + MAX_SEQ_SZ*2]; /* before and after dates */
- byte publicKey[MAX_PUBLIC_KEY_SZ]; /* rsa / ntru public key encoded */
- byte ca[MAX_CA_SZ]; /* basic constraint CA true size */
- byte extensions[MAX_EXTENSIONS_SZ]; /* all extensions */
- #ifdef WOLFSSL_CERT_EXT
- byte skid[MAX_KID_SZ]; /* Subject Key Identifier extension */
- byte akid[MAX_KID_SZ]; /* Authority Key Identifier extension */
- byte keyUsage[MAX_KEYUSAGE_SZ]; /* Key Usage extension */
- byte extKeyUsage[MAX_EXTKEYUSAGE_SZ]; /* Extended Key Usage extension */
- byte certPolicies[MAX_CERTPOL_NB*MAX_CERTPOL_SZ]; /* Certificate Policies */
- #endif
- #ifdef WOLFSSL_CERT_REQ
- byte attrib[MAX_ATTRIB_SZ]; /* Cert req attributes encoded */
- #endif
- #ifdef WOLFSSL_ALT_NAMES
- byte altNames[CTC_MAX_ALT_SIZE]; /* Alternative Names encoded */
- #endif
- int sizeSz; /* encoded size length */
- int versionSz; /* encoded version length */
- int serialSz; /* encoded serial length */
- int sigAlgoSz; /* encoded sig algo length */
- int issuerSz; /* encoded issuer length */
- int subjectSz; /* encoded subject length */
- int validitySz; /* encoded validity length */
- int publicKeySz; /* encoded public key length */
- int caSz; /* encoded CA extension length */
- #ifdef WOLFSSL_CERT_EXT
- int skidSz; /* encoded SKID extension length */
- int akidSz; /* encoded SKID extension length */
- int keyUsageSz; /* encoded KeyUsage extension length */
- int extKeyUsageSz; /* encoded ExtendedKeyUsage extension length */
- int certPoliciesSz; /* encoded CertPolicies extension length*/
- #endif
- #ifdef WOLFSSL_ALT_NAMES
- int altNamesSz; /* encoded AltNames extension length */
- #endif
- int extensionsSz; /* encoded extensions total length */
- int total; /* total encoded lengths */
- #ifdef WOLFSSL_CERT_REQ
- int attribSz;
- #endif
- } DerCert;
- #ifdef WOLFSSL_CERT_REQ
- /* Write a set header to output */
- static word32 SetPrintableString(word32 len, byte* output)
- {
- output[0] = ASN_PRINTABLE_STRING;
- return SetLength(len, output + 1) + 1;
- }
- static word32 SetUTF8String(word32 len, byte* output)
- {
- output[0] = ASN_UTF8STRING;
- return SetLength(len, output + 1) + 1;
- }
- #endif /* WOLFSSL_CERT_REQ */
- #ifndef WOLFSSL_CERT_GEN_CACHE
- /* wc_SetCert_Free is only public when WOLFSSL_CERT_GEN_CACHE is not defined */
- static
- #endif
- void wc_SetCert_Free(Cert* cert)
- {
- if (cert != NULL) {
- cert->der = NULL;
- if (cert->decodedCert) {
- FreeDecodedCert((DecodedCert*)cert->decodedCert);
- XFREE(cert->decodedCert, cert->heap, DYNAMIC_TYPE_DCERT);
- cert->decodedCert = NULL;
- }
- }
- }
- static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz)
- {
- int ret;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- /* Allocate DecodedCert struct and Zero */
- cert->decodedCert = (void*)XMALLOC(sizeof(DecodedCert), cert->heap,
- DYNAMIC_TYPE_DCERT);
- if (cert->decodedCert == NULL) {
- ret = MEMORY_E;
- }
- else {
- XMEMSET(cert->decodedCert, 0, sizeof(DecodedCert));
- InitDecodedCert((DecodedCert*)cert->decodedCert, der, derSz,
- cert->heap);
- ret = ParseCertRelative((DecodedCert*)cert->decodedCert,
- CERT_TYPE, 0, NULL);
- if (ret >= 0) {
- cert->der = (byte*)der;
- }
- else {
- wc_SetCert_Free(cert);
- }
- }
- }
- return ret;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
- /* Write a public ECC key to output */
- static int SetEccPublicKey(byte* output, ecc_key* key, int with_header)
- {
- byte bitString[1 + MAX_LENGTH_SZ + 1];
- int algoSz;
- int curveSz;
- int bitStringSz;
- int idx;
- word32 pubSz = ECC_BUFSIZE;
- #ifdef WOLFSSL_SMALL_STACK
- byte* algo = NULL;
- byte* curve = NULL;
- byte* pub;
- #else
- byte algo[MAX_ALGO_SZ];
- byte curve[MAX_ALGO_SZ];
- byte pub[ECC_BUFSIZE];
- #endif
- int ret;
- #ifdef WOLFSSL_SMALL_STACK
- pub = (byte*)XMALLOC(ECC_BUFSIZE, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (pub == NULL)
- return MEMORY_E;
- #endif
- #if defined(HAVE_SELFTEST) || defined(HAVE_FIPS)
- /* older version of ecc.c can not handle dp being NULL */
- if (key != NULL && key->dp == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- ret = wc_ecc_export_x963(key, pub, &pubSz);
- }
- #else
- ret = wc_ecc_export_x963(key, pub, &pubSz);
- #endif
- if (ret != 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- /* headers */
- if (with_header) {
- #ifdef WOLFSSL_SMALL_STACK
- curve = (byte*)XMALLOC(MAX_ALGO_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (curve == NULL) {
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #endif
- curveSz = SetCurve(key, curve);
- if (curveSz <= 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(curve, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return curveSz;
- }
- #ifdef WOLFSSL_SMALL_STACK
- algo = (byte*)XMALLOC(MAX_ALGO_SZ, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (algo == NULL) {
- XFREE(curve, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #endif
- algoSz = SetAlgoID(ECDSAk, algo, oidKeyType, curveSz);
- bitStringSz = SetBitString(pubSz, 0, bitString);
- idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz, output);
- /* algo */
- if (output)
- XMEMCPY(output + idx, algo, algoSz);
- idx += algoSz;
- /* curve */
- if (output)
- XMEMCPY(output + idx, curve, curveSz);
- idx += curveSz;
- /* bit string */
- if (output)
- XMEMCPY(output + idx, bitString, bitStringSz);
- idx += bitStringSz;
- }
- else
- idx = 0;
- /* pub */
- if (output)
- XMEMCPY(output + idx, pub, pubSz);
- idx += pubSz;
- #ifdef WOLFSSL_SMALL_STACK
- if (with_header) {
- XFREE(algo, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(curve, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return idx;
- }
- /* returns the size of buffer used, the public ECC key in DER format is stored
- in output buffer
- with_AlgCurve is a flag for when to include a header that has the Algorithm
- and Curve information */
- int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
- int with_AlgCurve)
- {
- word32 infoSz = 0;
- word32 keySz = 0;
- int ret;
- if (key == NULL) {
- return BAD_FUNC_ARG;
- }
- if (with_AlgCurve) {
- /* buffer space for algorithm/curve */
- infoSz += MAX_SEQ_SZ;
- infoSz += 2 * MAX_ALGO_SZ;
- /* buffer space for public key sequence */
- infoSz += MAX_SEQ_SZ;
- infoSz += TRAILING_ZERO;
- }
- #if defined(HAVE_SELFTEST) || defined(HAVE_FIPS)
- /* older version of ecc.c can not handle dp being NULL */
- if (key->dp == NULL) {
- keySz = 1 + 2 * MAX_ECC_BYTES;
- ret = LENGTH_ONLY_E;
- }
- else {
- ret = wc_ecc_export_x963(key, NULL, &keySz);
- }
- #else
- ret = wc_ecc_export_x963(key, NULL, &keySz);
- #endif
- if (ret != LENGTH_ONLY_E) {
- WOLFSSL_MSG("Error in getting ECC public key size");
- return ret;
- }
- /* if output null then just return size */
- if (output == NULL) {
- return keySz + infoSz;
- }
- if (inLen < keySz + infoSz) {
- return BUFFER_E;
- }
- return SetEccPublicKey(output, key, with_AlgCurve);
- }
- int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve)
- {
- return wc_EccPublicKeyToDer(key, NULL, 0, with_AlgCurve);
- }
- #endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
- #if defined(HAVE_ED25519) && (defined(WOLFSSL_CERT_GEN) || \
- defined(WOLFSSL_KEY_GEN))
- /* Write a public ECC key to output */
- static int SetEd25519PublicKey(byte* output, ed25519_key* key, int with_header)
- {
- byte bitString[1 + MAX_LENGTH_SZ + 1];
- int algoSz;
- int bitStringSz;
- int idx;
- word32 pubSz = ED25519_PUB_KEY_SIZE;
- #ifdef WOLFSSL_SMALL_STACK
- byte* algo = NULL;
- byte* pub;
- #else
- byte algo[MAX_ALGO_SZ];
- byte pub[ED25519_PUB_KEY_SIZE];
- #endif
- #ifdef WOLFSSL_SMALL_STACK
- pub = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (pub == NULL)
- return MEMORY_E;
- #endif
- idx = wc_ed25519_export_public(key, pub, &pubSz);
- if (idx != 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return idx;
- }
- /* headers */
- if (with_header) {
- #ifdef WOLFSSL_SMALL_STACK
- algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (algo == NULL) {
- XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #endif
- algoSz = SetAlgoID(ED25519k, algo, oidKeyType, 0);
- bitStringSz = SetBitString(pubSz, 0, bitString);
- idx = SetSequence(pubSz + bitStringSz + algoSz, output);
- /* algo */
- XMEMCPY(output + idx, algo, algoSz);
- idx += algoSz;
- /* bit string */
- XMEMCPY(output + idx, bitString, bitStringSz);
- idx += bitStringSz;
- }
- else
- idx = 0;
- /* pub */
- XMEMCPY(output + idx, pub, pubSz);
- idx += pubSz;
- #ifdef WOLFSSL_SMALL_STACK
- if (with_header) {
- XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return idx;
- }
- int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output, word32 inLen,
- int withAlg)
- {
- word32 infoSz = 0;
- word32 keySz = 0;
- int ret;
- if (output == NULL || key == NULL) {
- return BAD_FUNC_ARG;
- }
- if (withAlg) {
- /* buffer space for algorithm */
- infoSz += MAX_SEQ_SZ;
- infoSz += MAX_ALGO_SZ;
- /* buffer space for public key sequence */
- infoSz += MAX_SEQ_SZ;
- infoSz += TRAILING_ZERO;
- }
- if ((ret = wc_ed25519_export_public(key, output, &keySz)) != BUFFER_E) {
- WOLFSSL_MSG("Error in getting ECC public key size");
- return ret;
- }
- if (inLen < keySz + infoSz) {
- return BUFFER_E;
- }
- return SetEd25519PublicKey(output, key, withAlg);
- }
- #endif /* HAVE_ED25519 && (WOLFSSL_CERT_GEN || WOLFSSL_KEY_GEN) */
- #if defined(HAVE_ED448) && (defined(WOLFSSL_CERT_GEN) || \
- defined(WOLFSSL_KEY_GEN))
- /* Write a public ECC key to output */
- static int SetEd448PublicKey(byte* output, ed448_key* key, int with_header)
- {
- byte bitString[1 + MAX_LENGTH_SZ + 1];
- int algoSz;
- int bitStringSz;
- int idx;
- word32 pubSz = ED448_PUB_KEY_SIZE;
- #ifdef WOLFSSL_SMALL_STACK
- byte* algo = NULL;
- byte* pub = NULL;
- #else
- byte algo[MAX_ALGO_SZ];
- byte pub[ED448_PUB_KEY_SIZE];
- #endif
- #ifdef WOLFSSL_SMALL_STACK
- pub = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (pub == NULL)
- return MEMORY_E;
- #endif
- idx = wc_ed448_export_public(key, pub, &pubSz);
- if (idx != 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return idx;
- }
- /* headers */
- if (with_header) {
- #ifdef WOLFSSL_SMALL_STACK
- algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- if (algo == NULL) {
- XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #endif
- algoSz = SetAlgoID(ED448k, algo, oidKeyType, 0);
- bitStringSz = SetBitString(pubSz, 0, bitString);
- idx = SetSequence(pubSz + bitStringSz + algoSz, output);
- /* algo */
- XMEMCPY(output + idx, algo, algoSz);
- idx += algoSz;
- /* bit string */
- XMEMCPY(output + idx, bitString, bitStringSz);
- idx += bitStringSz;
- }
- else
- idx = 0;
- /* pub */
- XMEMCPY(output + idx, pub, pubSz);
- idx += pubSz;
- #ifdef WOLFSSL_SMALL_STACK
- if (with_header) {
- XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- }
- XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return idx;
- }
- int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
- int withAlg)
- {
- word32 infoSz = 0;
- word32 keySz = 0;
- int ret;
- if (output == NULL || key == NULL) {
- return BAD_FUNC_ARG;
- }
- if (withAlg) {
- /* buffer space for algorithm */
- infoSz += MAX_SEQ_SZ;
- infoSz += MAX_ALGO_SZ;
- /* buffer space for public key sequence */
- infoSz += MAX_SEQ_SZ;
- infoSz += TRAILING_ZERO;
- }
- if ((ret = wc_ed448_export_public(key, output, &keySz)) != BUFFER_E) {
- WOLFSSL_MSG("Error in getting ECC public key size");
- return ret;
- }
- if (inLen < keySz + infoSz) {
- return BUFFER_E;
- }
- return SetEd448PublicKey(output, key, withAlg);
- }
- #endif /* HAVE_ED448 && (WOLFSSL_CERT_GEN || WOLFSSL_KEY_GEN) */
- #ifdef WOLFSSL_CERT_GEN
- static WC_INLINE byte itob(int number)
- {
- return (byte)number + 0x30;
- }
- /* write time to output, format */
- static void SetTime(struct tm* date, byte* output)
- {
- int i = 0;
- output[i++] = itob((date->tm_year % 10000) / 1000);
- output[i++] = itob((date->tm_year % 1000) / 100);
- output[i++] = itob((date->tm_year % 100) / 10);
- output[i++] = itob( date->tm_year % 10);
- output[i++] = itob(date->tm_mon / 10);
- output[i++] = itob(date->tm_mon % 10);
- output[i++] = itob(date->tm_mday / 10);
- output[i++] = itob(date->tm_mday % 10);
- output[i++] = itob(date->tm_hour / 10);
- output[i++] = itob(date->tm_hour % 10);
- output[i++] = itob(date->tm_min / 10);
- output[i++] = itob(date->tm_min % 10);
- output[i++] = itob(date->tm_sec / 10);
- output[i++] = itob(date->tm_sec % 10);
- output[i] = 'Z'; /* Zulu profile */
- }
- #ifdef WOLFSSL_ALT_NAMES
- /* Copy Dates from cert, return bytes written */
- static int CopyValidity(byte* output, Cert* cert)
- {
- int seqSz;
- WOLFSSL_ENTER("CopyValidity");
- /* headers and output */
- seqSz = SetSequence(cert->beforeDateSz + cert->afterDateSz, output);
- if (output) {
- XMEMCPY(output + seqSz, cert->beforeDate, cert->beforeDateSz);
- XMEMCPY(output + seqSz + cert->beforeDateSz, cert->afterDate,
- cert->afterDateSz);
- }
- return seqSz + cert->beforeDateSz + cert->afterDateSz;
- }
- #endif
- /* Get Which Name from index */
- const char* GetOneCertName(CertName* name, int idx)
- {
- switch (idx) {
- case 0:
- return name->country;
- case 1:
- return name->state;
- case 2:
- return name->locality;
- case 3:
- return name->sur;
- case 4:
- return name->org;
- case 5:
- return name->unit;
- case 6:
- return name->commonName;
- case 7:
- return name->serialDev;
- #ifdef WOLFSSL_CERT_EXT
- case 8:
- return name->busCat;
- case 9:
- #else
- case 8:
- #endif
- return name->email;
- default:
- return 0;
- }
- }
- /* Get Which Name Encoding from index */
- static char GetNameType(CertName* name, int idx)
- {
- switch (idx) {
- case 0:
- return name->countryEnc;
- case 1:
- return name->stateEnc;
- case 2:
- return name->localityEnc;
- case 3:
- return name->surEnc;
- case 4:
- return name->orgEnc;
- case 5:
- return name->unitEnc;
- case 6:
- return name->commonNameEnc;
- case 7:
- return name->serialDevEnc;
- #ifdef WOLFSSL_CERT_EXT
- case 8:
- return name->busCatEnc;
- case 9:
- #else
- case 8:
- #endif
- /* FALL THROUGH */
- /* The last index, email name, does not have encoding type.
- The empty case here is to keep track of it for future reference. */
- default:
- return 0;
- }
- }
- /* Get ASN Name from index */
- byte GetCertNameId(int idx)
- {
- switch (idx) {
- case 0:
- return ASN_COUNTRY_NAME;
- case 1:
- return ASN_STATE_NAME;
- case 2:
- return ASN_LOCALITY_NAME;
- case 3:
- return ASN_SUR_NAME;
- case 4:
- return ASN_ORG_NAME;
- case 5:
- return ASN_ORGUNIT_NAME;
- case 6:
- return ASN_COMMON_NAME;
- case 7:
- return ASN_SERIAL_NUMBER;
- #ifdef WOLFSSL_CERT_EXT
- case 8:
- return ASN_BUS_CAT;
- case 9:
- #else
- case 8:
- #endif
- return ASN_EMAIL_NAME;
- default:
- return 0;
- }
- }
- /*
- Extensions ::= SEQUENCE OF Extension
- Extension ::= SEQUENCE {
- extnId OBJECT IDENTIFIER,
- critical BOOLEAN DEFAULT FALSE,
- extnValue OCTET STRING }
- */
- /* encode all extensions, return total bytes written */
- static int SetExtensions(byte* out, word32 outSz, int *IdxInOut,
- const byte* ext, int extSz)
- {
- if (out == NULL || IdxInOut == NULL || ext == NULL)
- return BAD_FUNC_ARG;
- if (outSz < (word32)(*IdxInOut+extSz))
- return BUFFER_E;
- XMEMCPY(&out[*IdxInOut], ext, extSz); /* extensions */
- *IdxInOut += extSz;
- return *IdxInOut;
- }
- /* encode extensions header, return total bytes written */
- static int SetExtensionsHeader(byte* out, word32 outSz, int extSz)
- {
- byte sequence[MAX_SEQ_SZ];
- byte len[MAX_LENGTH_SZ];
- int seqSz, lenSz, idx = 0;
- if (out == NULL)
- return BAD_FUNC_ARG;
- if (outSz < 3)
- return BUFFER_E;
- seqSz = SetSequence(extSz, sequence);
- /* encode extensions length provided */
- lenSz = SetLength(extSz+seqSz, len);
- if (outSz < (word32)(lenSz+seqSz+1))
- return BUFFER_E;
- out[idx++] = ASN_EXTENSIONS; /* extensions id */
- XMEMCPY(&out[idx], len, lenSz); /* length */
- idx += lenSz;
- XMEMCPY(&out[idx], sequence, seqSz); /* sequence */
- idx += seqSz;
- return idx;
- }
- /* encode CA basic constraint true, return total bytes written */
- static int SetCa(byte* out, word32 outSz)
- {
- const byte ca[] = { 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04,
- 0x05, 0x30, 0x03, 0x01, 0x01, 0xff };
- if (out == NULL)
- return BAD_FUNC_ARG;
- if (outSz < sizeof(ca))
- return BUFFER_E;
- XMEMCPY(out, ca, sizeof(ca));
- return (int)sizeof(ca);
- }
- #ifdef WOLFSSL_CERT_EXT
- /* encode OID and associated value, return total bytes written */
- static int SetOidValue(byte* out, word32 outSz, const byte *oid, word32 oidSz,
- byte *in, word32 inSz)
- {
- int idx = 0;
- if (out == NULL || oid == NULL || in == NULL)
- return BAD_FUNC_ARG;
- if (outSz < 3)
- return BUFFER_E;
- /* sequence, + 1 => byte to put value size */
- idx = SetSequence(inSz + oidSz + 1, out);
- if ((idx + inSz + oidSz + 1) > outSz)
- return BUFFER_E;
- XMEMCPY(out+idx, oid, oidSz);
- idx += oidSz;
- out[idx++] = (byte)inSz;
- XMEMCPY(out+idx, in, inSz);
- return (idx+inSz);
- }
- /* encode Subject Key Identifier, return total bytes written
- * RFC5280 : non-critical */
- static int SetSKID(byte* output, word32 outSz, const byte *input, word32 length)
- {
- byte skid_len[1 + MAX_LENGTH_SZ];
- byte skid_enc_len[MAX_LENGTH_SZ];
- int idx = 0, skid_lenSz, skid_enc_lenSz;
- const byte skid_oid[] = { 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04 };
- if (output == NULL || input == NULL)
- return BAD_FUNC_ARG;
- /* Octet String header */
- skid_lenSz = SetOctetString(length, skid_len);
- /* length of encoded value */
- skid_enc_lenSz = SetLength(length + skid_lenSz, skid_enc_len);
- if (outSz < 3)
- return BUFFER_E;
- idx = SetSequence(length + sizeof(skid_oid) + skid_lenSz + skid_enc_lenSz,
- output);
- if ((length + sizeof(skid_oid) + skid_lenSz + skid_enc_lenSz) > outSz)
- return BUFFER_E;
- /* put oid */
- XMEMCPY(output+idx, skid_oid, sizeof(skid_oid));
- idx += sizeof(skid_oid);
- /* put encoded len */
- XMEMCPY(output+idx, skid_enc_len, skid_enc_lenSz);
- idx += skid_enc_lenSz;
- /* put octet header */
- XMEMCPY(output+idx, skid_len, skid_lenSz);
- idx += skid_lenSz;
- /* put value */
- XMEMCPY(output+idx, input, length);
- idx += length;
- return idx;
- }
- /* encode Authority Key Identifier, return total bytes written
- * RFC5280 : non-critical */
- static int SetAKID(byte* output, word32 outSz,
- byte *input, word32 length, void* heap)
- {
- byte *enc_val;
- int ret, enc_valSz;
- const byte akid_oid[] = { 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04 };
- const byte akid_cs[] = { 0x80 };
- (void)heap;
- if (output == NULL || input == NULL)
- return BAD_FUNC_ARG;
- enc_valSz = length + 3 + sizeof(akid_cs);
- enc_val = (byte *)XMALLOC(enc_valSz, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (enc_val == NULL)
- return MEMORY_E;
- /* sequence for ContentSpec & value */
- ret = SetOidValue(enc_val, enc_valSz, akid_cs, sizeof(akid_cs),
- input, length);
- if (ret > 0) {
- enc_valSz = ret;
- ret = SetOidValue(output, outSz, akid_oid, sizeof(akid_oid),
- enc_val, enc_valSz);
- }
- XFREE(enc_val, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return ret;
- }
- /* encode Key Usage, return total bytes written
- * RFC5280 : critical */
- static int SetKeyUsage(byte* output, word32 outSz, word16 input)
- {
- byte ku[5];
- int idx;
- const byte keyusage_oid[] = { 0x06, 0x03, 0x55, 0x1d, 0x0f,
- 0x01, 0x01, 0xff, 0x04};
- if (output == NULL)
- return BAD_FUNC_ARG;
- idx = SetBitString16Bit(input, ku);
- return SetOidValue(output, outSz, keyusage_oid, sizeof(keyusage_oid),
- ku, idx);
- }
- static int SetOjectIdValue(byte* output, word32 outSz, int* idx,
- const byte* oid, word32 oidSz)
- {
- /* verify room */
- if (*idx + 2 + oidSz >= outSz)
- return ASN_PARSE_E;
- *idx += SetObjectId(oidSz, &output[*idx]);
- XMEMCPY(&output[*idx], oid, oidSz);
- *idx += oidSz;
- return 0;
- }
- /* encode Extended Key Usage (RFC 5280 4.2.1.12), return total bytes written */
- static int SetExtKeyUsage(Cert* cert, byte* output, word32 outSz, byte input)
- {
- int idx = 0, oidListSz = 0, totalSz, ret = 0;
- const byte extkeyusage_oid[] = { 0x06, 0x03, 0x55, 0x1d, 0x25 };
- if (output == NULL)
- return BAD_FUNC_ARG;
- /* Skip to OID List */
- totalSz = 2 + sizeof(extkeyusage_oid) + 4;
- idx = totalSz;
- /* Build OID List */
- /* If any set, then just use it */
- if (input & EXTKEYUSE_ANY) {
- ret |= SetOjectIdValue(output, outSz, &idx,
- extExtKeyUsageAnyOid, sizeof(extExtKeyUsageAnyOid));
- }
- else {
- if (input & EXTKEYUSE_SERVER_AUTH)
- ret |= SetOjectIdValue(output, outSz, &idx,
- extExtKeyUsageServerAuthOid, sizeof(extExtKeyUsageServerAuthOid));
- if (input & EXTKEYUSE_CLIENT_AUTH)
- ret |= SetOjectIdValue(output, outSz, &idx,
- extExtKeyUsageClientAuthOid, sizeof(extExtKeyUsageClientAuthOid));
- if (input & EXTKEYUSE_CODESIGN)
- ret |= SetOjectIdValue(output, outSz, &idx,
- extExtKeyUsageCodeSigningOid, sizeof(extExtKeyUsageCodeSigningOid));
- if (input & EXTKEYUSE_EMAILPROT)
- ret |= SetOjectIdValue(output, outSz, &idx,
- extExtKeyUsageEmailProtectOid, sizeof(extExtKeyUsageEmailProtectOid));
- if (input & EXTKEYUSE_TIMESTAMP)
- ret |= SetOjectIdValue(output, outSz, &idx,
- extExtKeyUsageTimestampOid, sizeof(extExtKeyUsageTimestampOid));
- if (input & EXTKEYUSE_OCSP_SIGN)
- ret |= SetOjectIdValue(output, outSz, &idx,
- extExtKeyUsageOcspSignOid, sizeof(extExtKeyUsageOcspSignOid));
- #ifdef WOLFSSL_EKU_OID
- /* iterate through OID values */
- if (input & EXTKEYUSE_USER) {
- int i, sz;
- for (i = 0; i < CTC_MAX_EKU_NB; i++) {
- sz = cert->extKeyUsageOIDSz[i];
- if (sz > 0) {
- ret |= SetOjectIdValue(output, outSz, &idx,
- cert->extKeyUsageOID[i], sz);
- }
- }
- }
- #endif /* WOLFSSL_EKU_OID */
- }
- if (ret != 0)
- return ASN_PARSE_E;
- /* Calculate Sizes */
- oidListSz = idx - totalSz;
- totalSz = idx - 2; /* exclude first seq/len (2) */
- /* 1. Seq + Total Len (2) */
- idx = SetSequence(totalSz, output);
- /* 2. Object ID (2) */
- XMEMCPY(&output[idx], extkeyusage_oid, sizeof(extkeyusage_oid));
- idx += sizeof(extkeyusage_oid);
- /* 3. Octet String (2) */
- idx += SetOctetString(totalSz - idx, &output[idx]);
- /* 4. Seq + OidListLen (2) */
- idx += SetSequence(oidListSz, &output[idx]);
- /* 5. Oid List (already set in-place above) */
- idx += oidListSz;
- (void)cert;
- return idx;
- }
- /* encode Certificate Policies, return total bytes written
- * each input value must be ITU-T X.690 formatted : a.b.c...
- * input must be an array of values with a NULL terminated for the latest
- * RFC5280 : non-critical */
- static int SetCertificatePolicies(byte *output,
- word32 outputSz,
- char input[MAX_CERTPOL_NB][MAX_CERTPOL_SZ],
- word16 nb_certpol,
- void* heap)
- {
- byte oid[MAX_OID_SZ],
- der_oid[MAX_CERTPOL_NB][MAX_OID_SZ],
- out[MAX_CERTPOL_SZ];
- word32 oidSz;
- word32 outSz, i = 0, der_oidSz[MAX_CERTPOL_NB];
- int ret;
- const byte certpol_oid[] = { 0x06, 0x03, 0x55, 0x1d, 0x20, 0x04 };
- const byte oid_oid[] = { 0x06 };
- if (output == NULL || input == NULL || nb_certpol > MAX_CERTPOL_NB)
- return BAD_FUNC_ARG;
- for (i = 0; i < nb_certpol; i++) {
- oidSz = sizeof(oid);
- XMEMSET(oid, 0, oidSz);
- ret = EncodePolicyOID(oid, &oidSz, input[i], heap);
- if (ret != 0)
- return ret;
- /* compute sequence value for the oid */
- ret = SetOidValue(der_oid[i], MAX_OID_SZ, oid_oid,
- sizeof(oid_oid), oid, oidSz);
- if (ret <= 0)
- return ret;
- else
- der_oidSz[i] = (word32)ret;
- }
- /* concatenate oid, keep two byte for sequence/size of the created value */
- for (i = 0, outSz = 2; i < nb_certpol; i++) {
- XMEMCPY(out+outSz, der_oid[i], der_oidSz[i]);
- outSz += der_oidSz[i];
- }
- /* add sequence */
- ret = SetSequence(outSz-2, out);
- if (ret <= 0)
- return ret;
- /* add Policy OID to compute final value */
- return SetOidValue(output, outputSz, certpol_oid, sizeof(certpol_oid),
- out, outSz);
- }
- #endif /* WOLFSSL_CERT_EXT */
- #ifdef WOLFSSL_ALT_NAMES
- /* encode Alternative Names, return total bytes written */
- static int SetAltNames(byte *output, word32 outSz,
- const byte *input, word32 length)
- {
- byte san_len[1 + MAX_LENGTH_SZ];
- int idx = 0, san_lenSz;
- const byte san_oid[] = { 0x06, 0x03, 0x55, 0x1d, 0x11 };
- if (output == NULL || input == NULL)
- return BAD_FUNC_ARG;
- if (outSz < length)
- return BUFFER_E;
- /* Octet String header */
- san_lenSz = SetOctetString(length, san_len);
- if (outSz < MAX_SEQ_SZ)
- return BUFFER_E;
- idx = SetSequence(length + sizeof(san_oid) + san_lenSz, output);
- if ((length + sizeof(san_oid) + san_lenSz) > outSz)
- return BUFFER_E;
- /* put oid */
- XMEMCPY(output+idx, san_oid, sizeof(san_oid));
- idx += sizeof(san_oid);
- /* put octet header */
- XMEMCPY(output+idx, san_len, san_lenSz);
- idx += san_lenSz;
- /* put value */
- XMEMCPY(output+idx, input, length);
- idx += length;
- return idx;
- }
- #ifdef WOLFSSL_CERT_GEN
- int FlattenAltNames(byte* output, word32 outputSz, const DNS_entry* names)
- {
- word32 idx;
- const DNS_entry* curName;
- word32 namesSz = 0;
- if (output == NULL)
- return BAD_FUNC_ARG;
- if (names == NULL)
- return 0;
- curName = names;
- do {
- namesSz += curName->len + 2 +
- ((curName->len < ASN_LONG_LENGTH) ? 0
- : BytePrecision(curName->len));
- curName = curName->next;
- } while (curName != NULL);
- if (outputSz < MAX_SEQ_SZ + namesSz)
- return BUFFER_E;
- idx = SetSequence(namesSz, output);
- curName = names;
- do {
- output[idx] = ASN_CONTEXT_SPECIFIC | curName->type;
- if (curName->type == ASN_DIR_TYPE) {
- output[idx] |= ASN_CONSTRUCTED;
- }
- idx++;
- idx += SetLength(curName->len, output + idx);
- XMEMCPY(output + idx, curName->name, curName->len);
- idx += curName->len;
- curName = curName->next;
- } while (curName != NULL);
- return idx;
- }
- #endif /* WOLFSSL_CERT_GEN */
- #endif /* WOLFSSL_ALT_NAMES */
- /* Encodes one attribute of the name (issuer/subject)
- *
- * name structure to hold result of encoding
- * nameStr value to be encoded
- * nameType type of encoding i.e CTC_UTF8
- * type id of attribute i.e ASN_COMMON_NAME
- * emailType type of email i.e CTC_UTF8
- * returns length on success
- */
- static int wc_EncodeName_ex(EncodedName* name, const char* nameStr, char nameType,
- byte type, byte emailType)
- {
- word32 idx = 0;
- /* bottom up */
- byte firstLen[1 + MAX_LENGTH_SZ];
- byte secondLen[MAX_LENGTH_SZ];
- byte sequence[MAX_SEQ_SZ];
- byte set[MAX_SET_SZ];
- int strLen;
- int thisLen;
- int firstSz, secondSz, seqSz, setSz;
- if (nameStr == NULL) {
- name->used = 0;
- return 0;
- }
- thisLen = strLen = (int)XSTRLEN(nameStr);
- if (strLen == 0) { /* no user data for this item */
- name->used = 0;
- return 0;
- }
- /* Restrict country code size */
- if (ASN_COUNTRY_NAME == type && strLen != CTC_COUNTRY_SIZE) {
- WOLFSSL_MSG("Country code size error");
- return ASN_COUNTRY_SIZE_E;
- }
- secondSz = SetLength(strLen, secondLen);
- thisLen += secondSz;
- switch (type) {
- case ASN_EMAIL_NAME: /* email */
- thisLen += EMAIL_JOINT_LEN;
- firstSz = EMAIL_JOINT_LEN;
- break;
- case ASN_DOMAIN_COMPONENT:
- thisLen += PILOT_JOINT_LEN;
- firstSz = PILOT_JOINT_LEN;
- break;
- default:
- thisLen++; /* str type */
- thisLen += JOINT_LEN;
- firstSz = JOINT_LEN + 1;
- }
- thisLen++; /* id type */
- firstSz = SetObjectId(firstSz, firstLen);
- thisLen += firstSz;
- seqSz = SetSequence(thisLen, sequence);
- thisLen += seqSz;
- setSz = SetSet(thisLen, set);
- thisLen += setSz;
- if (thisLen > (int)sizeof(name->encoded)) {
- return BUFFER_E;
- }
- /* store it */
- idx = 0;
- /* set */
- XMEMCPY(name->encoded, set, setSz);
- idx += setSz;
- /* seq */
- XMEMCPY(name->encoded + idx, sequence, seqSz);
- idx += seqSz;
- /* asn object id */
- XMEMCPY(name->encoded + idx, firstLen, firstSz);
- idx += firstSz;
- switch (type) {
- case ASN_EMAIL_NAME:
- {
- const byte EMAIL_OID[] = {
- 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01
- };
- /* email joint id */
- XMEMCPY(name->encoded + idx, EMAIL_OID, sizeof(EMAIL_OID));
- idx += (int)sizeof(EMAIL_OID);
- name->encoded[idx++] = emailType;
- break;
- }
- case ASN_DOMAIN_COMPONENT:
- {
- const byte PILOT_OID[] = {
- 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01
- };
- XMEMCPY(name->encoded + idx, PILOT_OID, sizeof(PILOT_OID));
- idx += (int)sizeof(PILOT_OID);
- /* id type */
- name->encoded[idx++] = type;
- /* str type */
- name->encoded[idx++] = nameType;
- break;
- }
- default:
- name->encoded[idx++] = 0x55;
- name->encoded[idx++] = 0x04;
- /* id type */
- name->encoded[idx++] = type;
- /* str type */
- name->encoded[idx++] = nameType;
- }
- /* second length */
- XMEMCPY(name->encoded + idx, secondLen, secondSz);
- idx += secondSz;
- /* str value */
- XMEMCPY(name->encoded + idx, nameStr, strLen);
- idx += strLen;
- name->type = type;
- name->totalLen = idx;
- name->used = 1;
- return idx;
- }
- /* canonical encoding one attribute of the name (issuer/subject)
- * call wc_EncodeName_ex with CTC_UTF8 for email type
- *
- * name structure to hold result of encoding
- * nameStr value to be encoded
- * nameType type of encoding i.e CTC_UTF8
- * type id of attribute i.e ASN_COMMON_NAME
- *
- * returns length on success
- */
- int wc_EncodeNameCanonical(EncodedName* name, const char* nameStr, char nameType,
- byte type)
- {
- return wc_EncodeName_ex(name, nameStr, nameType, type, 0x0c/* CTC_UTF8 */);
- }
- /* Encodes one attribute of the name (issuer/subject)
- * call we_EncodeName_ex with 0x16, IA5String for email type
- * name structure to hold result of encoding
- * nameStr value to be encoded
- * nameType type of encoding i.e CTC_UTF8
- * type id of attribute i.e ASN_COMMON_NAME
- *
- * returns length on success
- */
- int wc_EncodeName(EncodedName* name, const char* nameStr, char nameType,
- byte type)
- {
- return wc_EncodeName_ex(name, nameStr, nameType, type, ASN_IA5_STRING);
- }
- /* encode CertName into output, return total bytes written */
- int SetName(byte* output, word32 outputSz, CertName* name)
- {
- int totalBytes = 0, i, idx;
- #ifdef WOLFSSL_SMALL_STACK
- EncodedName* names = NULL;
- #else
- EncodedName names[NAME_ENTRIES];
- #endif
- #ifdef WOLFSSL_MULTI_ATTRIB
- EncodedName addNames[CTC_MAX_ATTRIB];
- int j, type;
- #endif
- if (output == NULL || name == NULL)
- return BAD_FUNC_ARG;
- if (outputSz < 3)
- return BUFFER_E;
- #ifdef WOLFSSL_SMALL_STACK
- names = (EncodedName*)XMALLOC(sizeof(EncodedName) * NAME_ENTRIES, NULL,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (names == NULL)
- return MEMORY_E;
- #endif
- for (i = 0; i < NAME_ENTRIES; i++) {
- int ret;
- const char* nameStr = GetOneCertName(name, i);
- ret = wc_EncodeName(&names[i], nameStr, GetNameType(name, i),
- GetCertNameId(i));
- if (ret < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- WOLFSSL_MSG("EncodeName failed");
- return BUFFER_E;
- }
- totalBytes += ret;
- }
- #ifdef WOLFSSL_MULTI_ATTRIB
- for (i = 0; i < CTC_MAX_ATTRIB; i++) {
- if (name->name[i].sz > 0) {
- int ret;
- ret = wc_EncodeName(&addNames[i], name->name[i].value,
- name->name[i].type, name->name[i].id);
- if (ret < 0) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- WOLFSSL_MSG("EncodeName on multiple attributes failed\n");
- return BUFFER_E;
- }
- totalBytes += ret;
- }
- else {
- addNames[i].used = 0;
- }
- }
- #endif /* WOLFSSL_MULTI_ATTRIB */
- /* header */
- idx = SetSequence(totalBytes, output);
- totalBytes += idx;
- if (totalBytes > ASN_NAME_MAX) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- WOLFSSL_MSG("Total Bytes is greater than ASN_NAME_MAX");
- return BUFFER_E;
- }
- for (i = 0; i < NAME_ENTRIES; i++) {
- #ifdef WOLFSSL_MULTI_ATTRIB
- type = GetCertNameId(i);
- /* list all DC values before OUs */
- if (type == ASN_ORGUNIT_NAME) {
- type = ASN_DOMAIN_COMPONENT;
- for (j = 0; j < CTC_MAX_ATTRIB; j++) {
- if (name->name[j].sz > 0 && type == name->name[j].id) {
- if (outputSz < (word32)(idx+addNames[j].totalLen)) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- WOLFSSL_MSG("Not enough space left for DC value");
- return BUFFER_E;
- }
- XMEMCPY(output + idx, addNames[j].encoded,
- addNames[j].totalLen);
- idx += addNames[j].totalLen;
- }
- }
- type = ASN_ORGUNIT_NAME;
- }
- /* write all similar types to the buffer */
- for (j = 0; j < CTC_MAX_ATTRIB; j++) {
- if (name->name[j].sz > 0 && type == name->name[j].id) {
- if (outputSz < (word32)(idx+addNames[j].totalLen)) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BUFFER_E;
- }
- XMEMCPY(output + idx, addNames[j].encoded,
- addNames[j].totalLen);
- idx += addNames[j].totalLen;
- }
- }
- #endif /* WOLFSSL_MULTI_ATTRIB */
- if (names[i].used) {
- if (outputSz < (word32)(idx+names[i].totalLen)) {
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return BUFFER_E;
- }
- XMEMCPY(output + idx, names[i].encoded, names[i].totalLen);
- idx += names[i].totalLen;
- }
- }
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return totalBytes;
- }
- /* Set Date validity from now until now + daysValid
- * return size in bytes written to output, 0 on error */
- static int SetValidity(byte* output, int daysValid)
- {
- byte before[MAX_DATE_SIZE];
- byte after[MAX_DATE_SIZE];
- int beforeSz;
- int afterSz;
- int seqSz;
- time_t now;
- time_t then;
- struct tm* tmpTime;
- struct tm* expandedTime;
- struct tm localTime;
- #if defined(NEED_TMP_TIME)
- /* for use with gmtime_r */
- struct tm tmpTimeStorage;
- tmpTime = &tmpTimeStorage;
- #else
- tmpTime = NULL;
- #endif
- (void)tmpTime;
- now = XTIME(0);
- /* before now */
- before[0] = ASN_GENERALIZED_TIME;
- beforeSz = SetLength(ASN_GEN_TIME_SZ, before + 1) + 1; /* gen tag */
- /* subtract 1 day of seconds for more compliance */
- then = now - 86400;
- expandedTime = XGMTIME(&then, tmpTime);
- if (expandedTime == NULL) {
- WOLFSSL_MSG("XGMTIME failed");
- return 0; /* error */
- }
- localTime = *expandedTime;
- /* adjust */
- localTime.tm_year += 1900;
- localTime.tm_mon += 1;
- SetTime(&localTime, before + beforeSz);
- beforeSz += ASN_GEN_TIME_SZ;
- after[0] = ASN_GENERALIZED_TIME;
- afterSz = SetLength(ASN_GEN_TIME_SZ, after + 1) + 1; /* gen tag */
- /* add daysValid of seconds */
- then = now + (daysValid * (time_t)86400);
- expandedTime = XGMTIME(&then, tmpTime);
- if (expandedTime == NULL) {
- WOLFSSL_MSG("XGMTIME failed");
- return 0; /* error */
- }
- localTime = *expandedTime;
- /* adjust */
- localTime.tm_year += 1900;
- localTime.tm_mon += 1;
- SetTime(&localTime, after + afterSz);
- afterSz += ASN_GEN_TIME_SZ;
- /* headers and output */
- seqSz = SetSequence(beforeSz + afterSz, output);
- XMEMCPY(output + seqSz, before, beforeSz);
- XMEMCPY(output + seqSz + beforeSz, after, afterSz);
- return seqSz + beforeSz + afterSz;
- }
- /* encode info from cert into DER encoded format */
- static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
- WC_RNG* rng, const byte* ntruKey, word16 ntruSz, DsaKey* dsaKey,
- ed25519_key* ed25519Key, ed448_key* ed448Key)
- {
- int ret;
- if (cert == NULL || der == NULL || rng == NULL)
- return BAD_FUNC_ARG;
- /* make sure at least one key type is provided */
- if (rsaKey == NULL && eccKey == NULL && ed25519Key == NULL &&
- dsaKey == NULL && ed448Key == NULL && ntruKey == NULL) {
- return PUBLIC_KEY_E;
- }
- /* init */
- XMEMSET(der, 0, sizeof(DerCert));
- /* version */
- der->versionSz = SetMyVersion(cert->version, der->version, TRUE);
- /* serial number (must be positive) */
- if (cert->serialSz == 0) {
- /* generate random serial */
- cert->serialSz = CTC_GEN_SERIAL_SZ;
- ret = wc_RNG_GenerateBlock(rng, cert->serial, cert->serialSz);
- if (ret != 0)
- return ret;
- /* Clear the top bit to avoid a negative value */
- cert->serial[0] &= 0x7f;
- }
- der->serialSz = SetSerialNumber(cert->serial, cert->serialSz, der->serial,
- sizeof(der->serial), CTC_SERIAL_SIZE);
- if (der->serialSz < 0)
- return der->serialSz;
- /* signature algo */
- der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, oidSigType, 0);
- if (der->sigAlgoSz <= 0)
- return ALGO_ID_E;
- /* public key */
- #ifndef NO_RSA
- if (cert->keyType == RSA_KEY) {
- if (rsaKey == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey,
- sizeof(der->publicKey), 1);
- }
- #endif
- #ifdef HAVE_ECC
- if (cert->keyType == ECC_KEY) {
- if (eccKey == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey, 1);
- }
- #endif
- #if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
- if (cert->keyType == DSA_KEY) {
- if (dsaKey == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = wc_SetDsaPublicKey(der->publicKey, dsaKey,
- sizeof(der->publicKey), 1);
- }
- #endif
- #ifdef HAVE_ED25519
- if (cert->keyType == ED25519_KEY) {
- if (ed25519Key == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetEd25519PublicKey(der->publicKey, ed25519Key, 1);
- }
- #endif
- #ifdef HAVE_ED448
- if (cert->keyType == ED448_KEY) {
- if (ed448Key == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetEd448PublicKey(der->publicKey, ed448Key, 1);
- }
- #endif
- #ifdef HAVE_NTRU
- if (cert->keyType == NTRU_KEY) {
- word32 rc;
- word16 encodedSz;
- if (ntruKey == NULL)
- return PUBLIC_KEY_E;
- rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo(ntruSz,
- ntruKey, &encodedSz, NULL);
- if (rc != NTRU_OK)
- return PUBLIC_KEY_E;
- if (encodedSz > MAX_PUBLIC_KEY_SZ)
- return PUBLIC_KEY_E;
- rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo(ntruSz,
- ntruKey, &encodedSz, der->publicKey);
- if (rc != NTRU_OK)
- return PUBLIC_KEY_E;
- der->publicKeySz = encodedSz;
- }
- #else
- (void)ntruSz;
- #endif /* HAVE_NTRU */
- if (der->publicKeySz <= 0)
- return PUBLIC_KEY_E;
- der->validitySz = 0;
- #ifdef WOLFSSL_ALT_NAMES
- /* date validity copy ? */
- if (cert->beforeDateSz && cert->afterDateSz) {
- der->validitySz = CopyValidity(der->validity, cert);
- if (der->validitySz <= 0)
- return DATE_E;
- }
- #endif
- /* date validity */
- if (der->validitySz == 0) {
- der->validitySz = SetValidity(der->validity, cert->daysValid);
- if (der->validitySz <= 0)
- return DATE_E;
- }
- /* subject name */
- #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA)
- if (XSTRLEN((const char*)cert->sbjRaw) > 0) {
- /* Use the raw subject */
- int idx;
- der->subjectSz = min(sizeof(der->subject),
- (word32)XSTRLEN((const char*)cert->sbjRaw));
- /* header */
- idx = SetSequence(der->subjectSz, der->subject);
- if (der->subjectSz + idx > (int)sizeof(der->subject)) {
- return SUBJECT_E;
- }
- XMEMCPY((char*)der->subject + idx, (const char*)cert->sbjRaw,
- der->subjectSz);
- der->subjectSz += idx;
- }
- else
- #endif
- {
- /* Use the name structure */
- der->subjectSz = SetName(der->subject, sizeof(der->subject),
- &cert->subject);
- }
- if (der->subjectSz <= 0)
- return SUBJECT_E;
- /* issuer name */
- #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA)
- if (XSTRLEN((const char*)cert->issRaw) > 0) {
- /* Use the raw issuer */
- int idx;
- der->issuerSz = min(sizeof(der->issuer),
- (word32)XSTRLEN((const char*)cert->issRaw));
- /* header */
- idx = SetSequence(der->issuerSz, der->issuer);
- if (der->issuerSz + idx > (int)sizeof(der->issuer)) {
- return ISSUER_E;
- }
- XMEMCPY((char*)der->issuer + idx, (const char*)cert->issRaw,
- der->issuerSz);
- der->issuerSz += idx;
- }
- else
- #endif
- {
- /* Use the name structure */
- der->issuerSz = SetName(der->issuer, sizeof(der->issuer),
- cert->selfSigned ? &cert->subject : &cert->issuer);
- }
- if (der->issuerSz <= 0)
- return ISSUER_E;
- /* set the extensions */
- der->extensionsSz = 0;
- /* CA */
- if (cert->isCA) {
- der->caSz = SetCa(der->ca, sizeof(der->ca));
- if (der->caSz <= 0)
- return CA_TRUE_E;
- der->extensionsSz += der->caSz;
- }
- else
- der->caSz = 0;
- #ifdef WOLFSSL_ALT_NAMES
- /* Alternative Name */
- if (cert->altNamesSz) {
- der->altNamesSz = SetAltNames(der->altNames, sizeof(der->altNames),
- cert->altNames, cert->altNamesSz);
- if (der->altNamesSz <= 0)
- return ALT_NAME_E;
- der->extensionsSz += der->altNamesSz;
- }
- else
- der->altNamesSz = 0;
- #endif
- #ifdef WOLFSSL_CERT_EXT
- /* SKID */
- if (cert->skidSz) {
- /* check the provided SKID size */
- if (cert->skidSz > (int)min(CTC_MAX_SKID_SIZE, sizeof(der->skid)))
- return SKID_E;
- /* Note: different skid buffers sizes for der (MAX_KID_SZ) and
- cert (CTC_MAX_SKID_SIZE). */
- der->skidSz = SetSKID(der->skid, sizeof(der->skid),
- cert->skid, cert->skidSz);
- if (der->skidSz <= 0)
- return SKID_E;
- der->extensionsSz += der->skidSz;
- }
- else
- der->skidSz = 0;
- /* AKID */
- if (cert->akidSz) {
- /* check the provided AKID size */
- if (cert->akidSz > (int)min(CTC_MAX_AKID_SIZE, sizeof(der->akid)))
- return AKID_E;
- der->akidSz = SetAKID(der->akid, sizeof(der->akid),
- cert->akid, cert->akidSz, cert->heap);
- if (der->akidSz <= 0)
- return AKID_E;
- der->extensionsSz += der->akidSz;
- }
- else
- der->akidSz = 0;
- /* Key Usage */
- if (cert->keyUsage != 0){
- der->keyUsageSz = SetKeyUsage(der->keyUsage, sizeof(der->keyUsage),
- cert->keyUsage);
- if (der->keyUsageSz <= 0)
- return KEYUSAGE_E;
- der->extensionsSz += der->keyUsageSz;
- }
- else
- der->keyUsageSz = 0;
- /* Extended Key Usage */
- if (cert->extKeyUsage != 0){
- der->extKeyUsageSz = SetExtKeyUsage(cert, der->extKeyUsage,
- sizeof(der->extKeyUsage), cert->extKeyUsage);
- if (der->extKeyUsageSz <= 0)
- return EXTKEYUSAGE_E;
- der->extensionsSz += der->extKeyUsageSz;
- }
- else
- der->extKeyUsageSz = 0;
- /* Certificate Policies */
- if (cert->certPoliciesNb != 0) {
- der->certPoliciesSz = SetCertificatePolicies(der->certPolicies,
- sizeof(der->certPolicies),
- cert->certPolicies,
- cert->certPoliciesNb,
- cert->heap);
- if (der->certPoliciesSz <= 0)
- return CERTPOLICIES_E;
- der->extensionsSz += der->certPoliciesSz;
- }
- else
- der->certPoliciesSz = 0;
- #endif /* WOLFSSL_CERT_EXT */
- /* put extensions */
- if (der->extensionsSz > 0) {
- /* put the start of extensions sequence (ID, Size) */
- der->extensionsSz = SetExtensionsHeader(der->extensions,
- sizeof(der->extensions),
- der->extensionsSz);
- if (der->extensionsSz <= 0)
- return EXTENSIONS_E;
- /* put CA */
- if (der->caSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->ca, der->caSz);
- if (ret == 0)
- return EXTENSIONS_E;
- }
- #ifdef WOLFSSL_ALT_NAMES
- /* put Alternative Names */
- if (der->altNamesSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->altNames, der->altNamesSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- #endif
- #ifdef WOLFSSL_CERT_EXT
- /* put SKID */
- if (der->skidSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->skid, der->skidSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- /* put AKID */
- if (der->akidSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->akid, der->akidSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- /* put KeyUsage */
- if (der->keyUsageSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->keyUsage, der->keyUsageSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- /* put ExtendedKeyUsage */
- if (der->extKeyUsageSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->extKeyUsage, der->extKeyUsageSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- /* put Certificate Policies */
- if (der->certPoliciesSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->certPolicies, der->certPoliciesSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- #endif /* WOLFSSL_CERT_EXT */
- }
- der->total = der->versionSz + der->serialSz + der->sigAlgoSz +
- der->publicKeySz + der->validitySz + der->subjectSz + der->issuerSz +
- der->extensionsSz;
- return 0;
- }
- /* write DER encoded cert to buffer, size already checked */
- static int WriteCertBody(DerCert* der, byte* buf)
- {
- int idx;
- /* signed part header */
- idx = SetSequence(der->total, buf);
- /* version */
- XMEMCPY(buf + idx, der->version, der->versionSz);
- idx += der->versionSz;
- /* serial */
- XMEMCPY(buf + idx, der->serial, der->serialSz);
- idx += der->serialSz;
- /* sig algo */
- XMEMCPY(buf + idx, der->sigAlgo, der->sigAlgoSz);
- idx += der->sigAlgoSz;
- /* issuer */
- XMEMCPY(buf + idx, der->issuer, der->issuerSz);
- idx += der->issuerSz;
- /* validity */
- XMEMCPY(buf + idx, der->validity, der->validitySz);
- idx += der->validitySz;
- /* subject */
- XMEMCPY(buf + idx, der->subject, der->subjectSz);
- idx += der->subjectSz;
- /* public key */
- XMEMCPY(buf + idx, der->publicKey, der->publicKeySz);
- idx += der->publicKeySz;
- if (der->extensionsSz) {
- /* extensions */
- XMEMCPY(buf + idx, der->extensions, min(der->extensionsSz,
- (int)sizeof(der->extensions)));
- idx += der->extensionsSz;
- }
- return idx;
- }
- /* Make RSA signature from buffer (sz), write to sig (sigSz) */
- static int MakeSignature(CertSignCtx* certSignCtx, const byte* buf, int sz,
- byte* sig, int sigSz, RsaKey* rsaKey, ecc_key* eccKey,
- ed25519_key* ed25519Key, ed448_key* ed448Key, WC_RNG* rng, int sigAlgoType,
- void* heap)
- {
- int digestSz = 0, typeH = 0, ret = 0;
- (void)digestSz;
- (void)typeH;
- (void)buf;
- (void)sz;
- (void)sig;
- (void)sigSz;
- (void)rsaKey;
- (void)eccKey;
- (void)ed25519Key;
- (void)ed448Key;
- (void)rng;
- (void)heap;
- switch (certSignCtx->state) {
- case CERTSIGN_STATE_BEGIN:
- case CERTSIGN_STATE_DIGEST:
- certSignCtx->state = CERTSIGN_STATE_DIGEST;
- certSignCtx->digest = (byte*)XMALLOC(WC_MAX_DIGEST_SIZE, heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (certSignCtx->digest == NULL) {
- ret = MEMORY_E; goto exit_ms;
- }
- ret = HashForSignature(buf, sz, sigAlgoType, certSignCtx->digest,
- &typeH, &digestSz, 0);
- /* set next state, since WC_PENDING_E rentry for these are not "call again" */
- certSignCtx->state = CERTSIGN_STATE_ENCODE;
- if (ret != 0) {
- goto exit_ms;
- }
- FALL_THROUGH;
- case CERTSIGN_STATE_ENCODE:
- #ifndef NO_RSA
- if (rsaKey) {
- certSignCtx->encSig = (byte*)XMALLOC(MAX_DER_DIGEST_SZ, heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (certSignCtx->encSig == NULL) {
- ret = MEMORY_E; goto exit_ms;
- }
- /* signature */
- certSignCtx->encSigSz = wc_EncodeSignature(certSignCtx->encSig,
- certSignCtx->digest, digestSz, typeH);
- }
- #endif /* !NO_RSA */
- FALL_THROUGH;
- case CERTSIGN_STATE_DO:
- certSignCtx->state = CERTSIGN_STATE_DO;
- ret = ALGO_ID_E; /* default to error */
- #ifndef NO_RSA
- if (rsaKey) {
- /* signature */
- ret = wc_RsaSSL_Sign(certSignCtx->encSig, certSignCtx->encSigSz,
- sig, sigSz, rsaKey, rng);
- }
- #endif /* !NO_RSA */
- #ifdef HAVE_ECC
- if (!rsaKey && eccKey) {
- word32 outSz = sigSz;
- ret = wc_ecc_sign_hash(certSignCtx->digest, digestSz,
- sig, &outSz, rng, eccKey);
- if (ret == 0)
- ret = outSz;
- }
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- if (!rsaKey && !eccKey && ed25519Key) {
- word32 outSz = sigSz;
- ret = wc_ed25519_sign_msg(buf, sz, sig, &outSz, ed25519Key);
- if (ret == 0)
- ret = outSz;
- }
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED448
- if (!rsaKey && !eccKey && !ed25519Key && ed448Key) {
- word32 outSz = sigSz;
- ret = wc_ed448_sign_msg(buf, sz, sig, &outSz, ed448Key, NULL, 0);
- if (ret == 0)
- ret = outSz;
- }
- #endif /* HAVE_ECC */
- break;
- }
- exit_ms:
- #ifdef WOLFSSL_ASYNC_CRYPT
- if (ret == WC_PENDING_E) {
- return ret;
- }
- #endif
- #ifndef NO_RSA
- if (rsaKey) {
- XFREE(certSignCtx->encSig, heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif /* !NO_RSA */
- XFREE(certSignCtx->digest, heap, DYNAMIC_TYPE_TMP_BUFFER);
- certSignCtx->digest = NULL;
- /* reset state */
- certSignCtx->state = CERTSIGN_STATE_BEGIN;
- return ret;
- }
- /* add signature to end of buffer, size of buffer assumed checked, return
- new length */
- int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
- int sigAlgoType)
- {
- byte seq[MAX_SEQ_SZ];
- int idx = bodySz, seqSz;
- /* algo */
- idx += SetAlgoID(sigAlgoType, buf ? buf + idx : NULL, oidSigType, 0);
- /* bit string */
- idx += SetBitString(sigSz, 0, buf ? buf + idx : NULL);
- /* signature */
- if (buf)
- XMEMCPY(buf + idx, sig, sigSz);
- idx += sigSz;
- /* make room for overall header */
- seqSz = SetSequence(idx, seq);
- if (buf) {
- XMEMMOVE(buf + seqSz, buf, idx);
- XMEMCPY(buf, seq, seqSz);
- }
- return idx + seqSz;
- }
- /* Make an x509 Certificate v3 any key type from cert input, write to buffer */
- static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
- RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng,
- DsaKey* dsaKey, const byte* ntruKey, word16 ntruSz,
- ed25519_key* ed25519Key, ed448_key* ed448Key)
- {
- int ret;
- #ifdef WOLFSSL_SMALL_STACK
- DerCert* der;
- #else
- DerCert der[1];
- #endif
- if (derBuffer == NULL)
- return BAD_FUNC_ARG;
- if (eccKey)
- cert->keyType = ECC_KEY;
- else if (rsaKey)
- cert->keyType = RSA_KEY;
- else if (dsaKey)
- cert->keyType = DSA_KEY;
- else if (ed25519Key)
- cert->keyType = ED25519_KEY;
- else if (ed448Key)
- cert->keyType = ED448_KEY;
- else if (ntruKey)
- cert->keyType = NTRU_KEY;
- else
- return BAD_FUNC_ARG;
- #ifdef WOLFSSL_SMALL_STACK
- der = (DerCert*)XMALLOC(sizeof(DerCert), cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (der == NULL)
- return MEMORY_E;
- #endif
- ret = EncodeCert(cert, der, rsaKey, eccKey, rng, ntruKey, ntruSz, dsaKey,
- ed25519Key, ed448Key);
- if (ret == 0) {
- if (der->total + MAX_SEQ_SZ * 2 > (int)derSz)
- ret = BUFFER_E;
- else
- ret = cert->bodySz = WriteCertBody(der, derBuffer);
- }
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(der, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- /* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */
- int wc_MakeCert_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType,
- void* key, WC_RNG* rng)
- {
- RsaKey* rsaKey = NULL;
- DsaKey* dsaKey = NULL;
- ecc_key* eccKey = NULL;
- ed25519_key* ed25519Key = NULL;
- ed448_key* ed448Key = NULL;
- if (keyType == RSA_TYPE)
- rsaKey = (RsaKey*)key;
- else if (keyType == DSA_TYPE)
- dsaKey = (DsaKey*)key;
- else if (keyType == ECC_TYPE)
- eccKey = (ecc_key*)key;
- else if (keyType == ED25519_TYPE)
- ed25519Key = (ed25519_key*)key;
- else if (keyType == ED448_TYPE)
- ed448Key = (ed448_key*)key;
- return MakeAnyCert(cert, derBuffer, derSz, rsaKey, eccKey, rng, dsaKey,
- NULL, 0, ed25519Key, ed448Key);
- }
- /* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */
- int wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
- ecc_key* eccKey, WC_RNG* rng)
- {
- return MakeAnyCert(cert, derBuffer, derSz, rsaKey, eccKey, rng, NULL, NULL, 0,
- NULL, NULL);
- }
- #ifdef HAVE_NTRU
- int wc_MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz,
- const byte* ntruKey, word16 keySz, WC_RNG* rng)
- {
- return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng, NULL,
- ntruKey, keySz, NULL, NULL);
- }
- #endif /* HAVE_NTRU */
- #ifdef WOLFSSL_CERT_REQ
- static int SetReqAttrib(byte* output, char* pw, int pwPrintableString,
- int extSz)
- {
- const byte erOid[] =
- { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
- 0x09, 0x0e };
- int sz = 0; /* overall size */
- int cpSz = 0; /* Challenge Password section size */
- int cpSeqSz = 0;
- int cpSetSz = 0;
- int cpStrSz = 0;
- int pwSz = 0;
- int erSz = 0; /* Extension Request section size */
- int erSeqSz = 0;
- int erSetSz = 0;
- byte cpSeq[MAX_SEQ_SZ];
- byte cpSet[MAX_SET_SZ];
- byte cpStr[MAX_PRSTR_SZ];
- byte erSeq[MAX_SEQ_SZ];
- byte erSet[MAX_SET_SZ];
- output[0] = ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED;
- sz++;
- if (pw && pw[0]) {
- pwSz = (int)XSTRLEN(pw);
- if (pwPrintableString) {
- cpStrSz = SetPrintableString(pwSz, cpStr);
- } else {
- cpStrSz = SetUTF8String(pwSz, cpStr);
- }
- cpSetSz = SetSet(cpStrSz + pwSz, cpSet);
- /* +2 for tag and length parts of the TLV triplet */
- cpSeqSz = SetSequence(2 + sizeof(attrChallengePasswordOid) + cpSetSz +
- cpStrSz + pwSz, cpSeq);
- cpSz = cpSeqSz + 2 + sizeof(attrChallengePasswordOid) + cpSetSz +
- cpStrSz + pwSz;
- }
- if (extSz) {
- erSetSz = SetSet(extSz, erSet);
- erSeqSz = SetSequence(erSetSz + sizeof(erOid) + extSz, erSeq);
- erSz = extSz + erSetSz + erSeqSz + sizeof(erOid);
- }
- /* Put the pieces together. */
- sz += SetLength(cpSz + erSz, &output[sz]);
- if (cpSz) {
- XMEMCPY(&output[sz], cpSeq, cpSeqSz);
- sz += cpSeqSz;
- sz += SetObjectId(sizeof(attrChallengePasswordOid), output + sz);
- XMEMCPY(&output[sz], attrChallengePasswordOid,
- sizeof(attrChallengePasswordOid));
- sz += sizeof(attrChallengePasswordOid);
- XMEMCPY(&output[sz], cpSet, cpSetSz);
- sz += cpSetSz;
- XMEMCPY(&output[sz], cpStr, cpStrSz);
- sz += cpStrSz;
- XMEMCPY(&output[sz], pw, pwSz);
- sz += pwSz;
- }
- if (erSz) {
- XMEMCPY(&output[sz], erSeq, erSeqSz);
- sz += erSeqSz;
- XMEMCPY(&output[sz], erOid, sizeof(erOid));
- sz += sizeof(erOid);
- XMEMCPY(&output[sz], erSet, erSetSz);
- sz += erSetSz;
- /* The actual extension data will be tacked onto the output later. */
- }
- return sz;
- }
- /* encode info from cert into DER encoded format */
- static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
- DsaKey* dsaKey, ecc_key* eccKey,
- ed25519_key* ed25519Key, ed448_key* ed448Key)
- {
- (void)eccKey;
- (void)ed25519Key;
- (void)ed448Key;
- if (cert == NULL || der == NULL)
- return BAD_FUNC_ARG;
- if (rsaKey == NULL && eccKey == NULL && ed25519Key == NULL &&
- dsaKey == NULL && ed448Key == NULL) {
- return PUBLIC_KEY_E;
- }
- /* init */
- XMEMSET(der, 0, sizeof(DerCert));
- /* version */
- der->versionSz = SetMyVersion(cert->version, der->version, FALSE);
- /* subject name */
- #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA)
- if (XSTRLEN((const char*)cert->sbjRaw) > 0) {
- /* Use the raw subject */
- int idx;
- der->subjectSz = min(sizeof(der->subject),
- (word32)XSTRLEN((const char*)cert->sbjRaw));
- /* header */
- idx = SetSequence(der->subjectSz, der->subject);
- if (der->subjectSz + idx > (int)sizeof(der->subject)) {
- return SUBJECT_E;
- }
- XMEMCPY((char*)der->subject + idx, (const char*)cert->sbjRaw,
- der->subjectSz);
- der->subjectSz += idx;
- }
- else
- #endif
- {
- der->subjectSz = SetName(der->subject, sizeof(der->subject),
- &cert->subject);
- }
- if (der->subjectSz <= 0)
- return SUBJECT_E;
- /* public key */
- #ifndef NO_RSA
- if (cert->keyType == RSA_KEY) {
- if (rsaKey == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey,
- sizeof(der->publicKey), 1);
- }
- #endif
- #if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
- if (cert->keyType == DSA_KEY) {
- if (dsaKey == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = wc_SetDsaPublicKey(der->publicKey, dsaKey,
- sizeof(der->publicKey), 1);
- }
- #endif
- #ifdef HAVE_ECC
- if (cert->keyType == ECC_KEY) {
- if (eccKey == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey, 1);
- }
- #endif
- #ifdef HAVE_ED25519
- if (cert->keyType == ED25519_KEY) {
- if (ed25519Key == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetEd25519PublicKey(der->publicKey, ed25519Key, 1);
- }
- #endif
- #ifdef HAVE_ED448
- if (cert->keyType == ED448_KEY) {
- if (ed448Key == NULL)
- return PUBLIC_KEY_E;
- der->publicKeySz = SetEd448PublicKey(der->publicKey, ed448Key, 1);
- }
- #endif
- if (der->publicKeySz <= 0)
- return PUBLIC_KEY_E;
- /* set the extensions */
- der->extensionsSz = 0;
- /* CA */
- if (cert->isCA) {
- der->caSz = SetCa(der->ca, sizeof(der->ca));
- if (der->caSz <= 0)
- return CA_TRUE_E;
- der->extensionsSz += der->caSz;
- }
- else
- der->caSz = 0;
- #ifdef WOLFSSL_ALT_NAMES
- /* Alternative Name */
- if (cert->altNamesSz) {
- der->altNamesSz = SetAltNames(der->altNames, sizeof(der->altNames),
- cert->altNames, cert->altNamesSz);
- if (der->altNamesSz <= 0)
- return ALT_NAME_E;
- der->extensionsSz += der->altNamesSz;
- }
- else
- der->altNamesSz = 0;
- #endif
- #ifdef WOLFSSL_CERT_EXT
- /* SKID */
- if (cert->skidSz) {
- /* check the provided SKID size */
- if (cert->skidSz > (int)min(CTC_MAX_SKID_SIZE, sizeof(der->skid)))
- return SKID_E;
- der->skidSz = SetSKID(der->skid, sizeof(der->skid),
- cert->skid, cert->skidSz);
- if (der->skidSz <= 0)
- return SKID_E;
- der->extensionsSz += der->skidSz;
- }
- else
- der->skidSz = 0;
- /* Key Usage */
- if (cert->keyUsage != 0){
- der->keyUsageSz = SetKeyUsage(der->keyUsage, sizeof(der->keyUsage),
- cert->keyUsage);
- if (der->keyUsageSz <= 0)
- return KEYUSAGE_E;
- der->extensionsSz += der->keyUsageSz;
- }
- else
- der->keyUsageSz = 0;
- /* Extended Key Usage */
- if (cert->extKeyUsage != 0){
- der->extKeyUsageSz = SetExtKeyUsage(cert, der->extKeyUsage,
- sizeof(der->extKeyUsage), cert->extKeyUsage);
- if (der->extKeyUsageSz <= 0)
- return EXTKEYUSAGE_E;
- der->extensionsSz += der->extKeyUsageSz;
- }
- else
- der->extKeyUsageSz = 0;
- #endif /* WOLFSSL_CERT_EXT */
- /* put extensions */
- if (der->extensionsSz > 0) {
- int ret;
- /* put the start of sequence (ID, Size) */
- der->extensionsSz = SetSequence(der->extensionsSz, der->extensions);
- if (der->extensionsSz <= 0)
- return EXTENSIONS_E;
- /* put CA */
- if (der->caSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->ca, der->caSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- #ifdef WOLFSSL_ALT_NAMES
- /* put Alternative Names */
- if (der->altNamesSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->altNames, der->altNamesSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- #endif
- #ifdef WOLFSSL_CERT_EXT
- /* put SKID */
- if (der->skidSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->skid, der->skidSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- /* put AKID */
- if (der->akidSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->akid, der->akidSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- /* put KeyUsage */
- if (der->keyUsageSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->keyUsage, der->keyUsageSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- /* put ExtendedKeyUsage */
- if (der->extKeyUsageSz) {
- ret = SetExtensions(der->extensions, sizeof(der->extensions),
- &der->extensionsSz,
- der->extKeyUsage, der->extKeyUsageSz);
- if (ret <= 0)
- return EXTENSIONS_E;
- }
- #endif /* WOLFSSL_CERT_EXT */
- }
- der->attribSz = SetReqAttrib(der->attrib, cert->challengePw,
- cert->challengePwPrintableString,
- der->extensionsSz);
- if (der->attribSz <= 0)
- return REQ_ATTRIBUTE_E;
- der->total = der->versionSz + der->subjectSz + der->publicKeySz +
- der->extensionsSz + der->attribSz;
- return 0;
- }
- /* write DER encoded cert req to buffer, size already checked */
- static int WriteCertReqBody(DerCert* der, byte* buf)
- {
- int idx;
- /* signed part header */
- idx = SetSequence(der->total, buf);
- /* version */
- if (buf)
- XMEMCPY(buf + idx, der->version, der->versionSz);
- idx += der->versionSz;
- /* subject */
- if (buf)
- XMEMCPY(buf + idx, der->subject, der->subjectSz);
- idx += der->subjectSz;
- /* public key */
- if (buf)
- XMEMCPY(buf + idx, der->publicKey, der->publicKeySz);
- idx += der->publicKeySz;
- /* attributes */
- if (buf)
- XMEMCPY(buf + idx, der->attrib, der->attribSz);
- idx += der->attribSz;
- /* extensions */
- if (der->extensionsSz) {
- if (buf)
- XMEMCPY(buf + idx, der->extensions, min(der->extensionsSz,
- (int)sizeof(der->extensions)));
- idx += der->extensionsSz;
- }
- return idx;
- }
- static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
- RsaKey* rsaKey, DsaKey* dsaKey, ecc_key* eccKey,
- ed25519_key* ed25519Key, ed448_key* ed448Key)
- {
- int ret;
- #ifdef WOLFSSL_SMALL_STACK
- DerCert* der;
- #else
- DerCert der[1];
- #endif
- if (eccKey)
- cert->keyType = ECC_KEY;
- else if (rsaKey)
- cert->keyType = RSA_KEY;
- else if (dsaKey)
- cert->keyType = DSA_KEY;
- else if (ed25519Key)
- cert->keyType = ED25519_KEY;
- else if (ed448Key)
- cert->keyType = ED448_KEY;
- else
- return BAD_FUNC_ARG;
- #ifdef WOLFSSL_SMALL_STACK
- der = (DerCert*)XMALLOC(sizeof(DerCert), cert->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (der == NULL)
- return MEMORY_E;
- #endif
- ret = EncodeCertReq(cert, der, rsaKey, dsaKey, eccKey, ed25519Key, ed448Key);
- if (ret == 0) {
- if (der->total + MAX_SEQ_SZ * 2 > (int)derSz)
- ret = BUFFER_E;
- else
- ret = cert->bodySz = WriteCertReqBody(der, derBuffer);
- }
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(der, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- int wc_MakeCertReq_ex(Cert* cert, byte* derBuffer, word32 derSz, int keyType,
- void* key)
- {
- RsaKey* rsaKey = NULL;
- DsaKey* dsaKey = NULL;
- ecc_key* eccKey = NULL;
- ed25519_key* ed25519Key = NULL;
- ed448_key* ed448Key = NULL;
- if (keyType == RSA_TYPE)
- rsaKey = (RsaKey*)key;
- else if (keyType == DSA_TYPE)
- dsaKey = (DsaKey*)key;
- else if (keyType == ECC_TYPE)
- eccKey = (ecc_key*)key;
- else if (keyType == ED25519_TYPE)
- ed25519Key = (ed25519_key*)key;
- else if (keyType == ED448_TYPE)
- ed448Key = (ed448_key*)key;
- return MakeCertReq(cert, derBuffer, derSz, rsaKey, dsaKey, eccKey, ed25519Key,
- ed448Key);
- }
- int wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
- RsaKey* rsaKey, ecc_key* eccKey)
- {
- return MakeCertReq(cert, derBuffer, derSz, rsaKey, NULL, eccKey, NULL, NULL);
- }
- #endif /* WOLFSSL_CERT_REQ */
- static int SignCert(int requestSz, int sType, byte* buf, word32 buffSz,
- RsaKey* rsaKey, ecc_key* eccKey, ed25519_key* ed25519Key,
- ed448_key* ed448Key, WC_RNG* rng)
- {
- int sigSz = 0;
- void* heap = NULL;
- CertSignCtx* certSignCtx;
- #ifndef WOLFSSL_ASYNC_CRYPT
- CertSignCtx certSignCtx_lcl;
- certSignCtx = &certSignCtx_lcl;
- XMEMSET(certSignCtx, 0, sizeof(CertSignCtx));
- #else
- certSignCtx = NULL;
- #endif
- if (requestSz < 0)
- return requestSz;
- /* locate ctx */
- if (rsaKey) {
- #ifndef NO_RSA
- #ifdef WOLFSSL_ASYNC_CRYPT
- certSignCtx = &rsaKey->certSignCtx;
- #endif
- heap = rsaKey->heap;
- #else
- return NOT_COMPILED_IN;
- #endif /* NO_RSA */
- }
- else if (eccKey) {
- #ifdef HAVE_ECC
- #ifdef WOLFSSL_ASYNC_CRYPT
- certSignCtx = &eccKey->certSignCtx;
- #endif
- heap = eccKey->heap;
- #else
- return NOT_COMPILED_IN;
- #endif /* HAVE_ECC */
- }
- #ifdef WOLFSSL_ASYNC_CRYPT
- if (certSignCtx == NULL) {
- return BAD_FUNC_ARG;
- }
- #endif
- if (certSignCtx->sig == NULL) {
- certSignCtx->sig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (certSignCtx->sig == NULL)
- return MEMORY_E;
- }
- sigSz = MakeSignature(certSignCtx, buf, requestSz, certSignCtx->sig,
- MAX_ENCODED_SIG_SZ, rsaKey, eccKey, ed25519Key, ed448Key, rng, sType,
- heap);
- #ifdef WOLFSSL_ASYNC_CRYPT
- if (sigSz == WC_PENDING_E) {
- /* Not free'ing certSignCtx->sig here because it could still be in use
- * with async operations. */
- return sigSz;
- }
- #endif
- if (sigSz >= 0) {
- if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz)
- sigSz = BUFFER_E;
- else
- sigSz = AddSignature(buf, requestSz, certSignCtx->sig, sigSz,
- sType);
- }
- XFREE(certSignCtx->sig, heap, DYNAMIC_TYPE_TMP_BUFFER);
- certSignCtx->sig = NULL;
- return sigSz;
- }
- int wc_SignCert_ex(int requestSz, int sType, byte* buf, word32 buffSz,
- int keyType, void* key, WC_RNG* rng)
- {
- RsaKey* rsaKey = NULL;
- ecc_key* eccKey = NULL;
- ed25519_key* ed25519Key = NULL;
- ed448_key* ed448Key = NULL;
- if (keyType == RSA_TYPE)
- rsaKey = (RsaKey*)key;
- else if (keyType == ECC_TYPE)
- eccKey = (ecc_key*)key;
- else if (keyType == ED25519_TYPE)
- ed25519Key = (ed25519_key*)key;
- else if (keyType == ED448_TYPE)
- ed448Key = (ed448_key*)key;
- return SignCert(requestSz, sType, buf, buffSz, rsaKey, eccKey, ed25519Key,
- ed448Key, rng);
- }
- int wc_SignCert(int requestSz, int sType, byte* buf, word32 buffSz,
- RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng)
- {
- return SignCert(requestSz, sType, buf, buffSz, rsaKey, eccKey, NULL, NULL,
- rng);
- }
- int wc_MakeSelfCert(Cert* cert, byte* buf, word32 buffSz,
- RsaKey* key, WC_RNG* rng)
- {
- int ret;
- ret = wc_MakeCert(cert, buf, buffSz, key, NULL, rng);
- if (ret < 0)
- return ret;
- return wc_SignCert(cert->bodySz, cert->sigType,
- buf, buffSz, key, NULL, rng);
- }
- #ifdef WOLFSSL_CERT_EXT
- /* Get raw subject from cert, which may contain OIDs not parsed by Decode.
- The raw subject pointer will only be valid while "cert" is valid. */
- int wc_GetSubjectRaw(byte **subjectRaw, Cert *cert)
- {
- int rc = BAD_FUNC_ARG;
- if ((subjectRaw != NULL) && (cert != NULL)) {
- *subjectRaw = cert->sbjRaw;
- rc = 0;
- }
- return rc;
- }
- /* Set KID from public key */
- static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
- byte *ntruKey, word16 ntruKeySz,
- ed25519_key* ed25519Key, ed448_key* ed448Key,
- int kid_type)
- {
- byte *buf;
- int bufferSz, ret;
- if (cert == NULL ||
- (rsakey == NULL && eckey == NULL && ntruKey == NULL &&
- ed25519Key == NULL && ed448Key == NULL) ||
- (kid_type != SKID_TYPE && kid_type != AKID_TYPE))
- return BAD_FUNC_ARG;
- buf = (byte *)XMALLOC(MAX_PUBLIC_KEY_SZ, cert->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (buf == NULL)
- return MEMORY_E;
- /* Public Key */
- bufferSz = -1;
- #ifndef NO_RSA
- /* RSA public key */
- if (rsakey != NULL)
- bufferSz = SetRsaPublicKey(buf, rsakey, MAX_PUBLIC_KEY_SZ, 0);
- #endif
- #ifdef HAVE_ECC
- /* ECC public key */
- if (eckey != NULL)
- bufferSz = SetEccPublicKey(buf, eckey, 0);
- #endif
- #ifdef HAVE_NTRU
- /* NTRU public key */
- if (ntruKey != NULL) {
- bufferSz = MAX_PUBLIC_KEY_SZ;
- ret = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo(
- ntruKeySz, ntruKey, (word16 *)(&bufferSz), buf);
- if (ret != NTRU_OK)
- bufferSz = -1;
- }
- #else
- (void)ntruKeySz;
- #endif
- #ifdef HAVE_ED25519
- /* ED25519 public key */
- if (ed25519Key != NULL)
- bufferSz = SetEd25519PublicKey(buf, ed25519Key, 0);
- #endif
- #ifdef HAVE_ED448
- /* ED448 public key */
- if (ed448Key != NULL)
- bufferSz = SetEd448PublicKey(buf, ed448Key, 0);
- #endif
- if (bufferSz <= 0) {
- XFREE(buf, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return PUBLIC_KEY_E;
- }
- /* Compute SKID by hashing public key */
- if (kid_type == SKID_TYPE) {
- ret = CalcHashId(buf, bufferSz, cert->skid);
- cert->skidSz = KEYID_SIZE;
- }
- else if (kid_type == AKID_TYPE) {
- ret = CalcHashId(buf, bufferSz, cert->akid);
- cert->akidSz = KEYID_SIZE;
- }
- else
- ret = BAD_FUNC_ARG;
- XFREE(buf, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return ret;
- }
- int wc_SetSubjectKeyIdFromPublicKey_ex(Cert *cert, int keyType, void* key)
- {
- RsaKey* rsaKey = NULL;
- ecc_key* eccKey = NULL;
- ed25519_key* ed25519Key = NULL;
- ed448_key* ed448Key = NULL;
- if (keyType == RSA_TYPE)
- rsaKey = (RsaKey*)key;
- else if (keyType == ECC_TYPE)
- eccKey = (ecc_key*)key;
- else if (keyType == ED25519_TYPE)
- ed25519Key = (ed25519_key*)key;
- else if (keyType == ED448_TYPE)
- ed448Key = (ed448_key*)key;
- return SetKeyIdFromPublicKey(cert, rsaKey, eccKey, NULL, 0, ed25519Key,
- ed448Key, SKID_TYPE);
- }
- /* Set SKID from RSA or ECC public key */
- int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey)
- {
- return SetKeyIdFromPublicKey(cert, rsakey, eckey, NULL, 0, NULL, NULL,
- SKID_TYPE);
- }
- #ifdef HAVE_NTRU
- /* Set SKID from NTRU public key */
- int wc_SetSubjectKeyIdFromNtruPublicKey(Cert *cert,
- byte *ntruKey, word16 ntruKeySz)
- {
- return SetKeyIdFromPublicKey(cert, NULL,NULL,ntruKey, ntruKeySz, NULL, NULL,
- SKID_TYPE);
- }
- #endif
- int wc_SetAuthKeyIdFromPublicKey_ex(Cert *cert, int keyType, void* key)
- {
- RsaKey* rsaKey = NULL;
- ecc_key* eccKey = NULL;
- ed25519_key* ed25519Key = NULL;
- ed448_key* ed448Key = NULL;
- if (keyType == RSA_TYPE)
- rsaKey = (RsaKey*)key;
- else if (keyType == ECC_TYPE)
- eccKey = (ecc_key*)key;
- else if (keyType == ED25519_TYPE)
- ed25519Key = (ed25519_key*)key;
- else if (keyType == ED448_TYPE)
- ed448Key = (ed448_key*)key;
- return SetKeyIdFromPublicKey(cert, rsaKey, eccKey, NULL, 0, ed25519Key,
- ed448Key, AKID_TYPE);
- }
- /* Set SKID from RSA or ECC public key */
- int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey)
- {
- return SetKeyIdFromPublicKey(cert, rsakey, eckey, NULL, 0, NULL, NULL,
- AKID_TYPE);
- }
- #if !defined(NO_FILESYSTEM) && !defined(NO_ASN_CRYPT)
- /* Set SKID from public key file in PEM */
- int wc_SetSubjectKeyId(Cert *cert, const char* file)
- {
- int ret, derSz;
- byte* der;
- word32 idx;
- RsaKey *rsakey = NULL;
- ecc_key *eckey = NULL;
- if (cert == NULL || file == NULL)
- return BAD_FUNC_ARG;
- der = (byte*)XMALLOC(MAX_PUBLIC_KEY_SZ, cert->heap, DYNAMIC_TYPE_CERT);
- if (der == NULL) {
- WOLFSSL_MSG("wc_SetSubjectKeyId memory Problem");
- return MEMORY_E;
- }
- derSz = MAX_PUBLIC_KEY_SZ;
- XMEMSET(der, 0, derSz);
- derSz = wc_PemPubKeyToDer(file, der, derSz);
- if (derSz <= 0) {
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return derSz;
- }
- /* Load PubKey in internal structure */
- #ifndef NO_RSA
- rsakey = (RsaKey*) XMALLOC(sizeof(RsaKey), cert->heap, DYNAMIC_TYPE_RSA);
- if (rsakey == NULL) {
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return MEMORY_E;
- }
- if (wc_InitRsaKey(rsakey, cert->heap) != 0) {
- WOLFSSL_MSG("wc_InitRsaKey failure");
- XFREE(rsakey, cert->heap, DYNAMIC_TYPE_RSA);
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return MEMORY_E;
- }
- idx = 0;
- ret = wc_RsaPublicKeyDecode(der, &idx, rsakey, derSz);
- if (ret != 0)
- #endif
- {
- #ifndef NO_RSA
- WOLFSSL_MSG("wc_RsaPublicKeyDecode failed");
- wc_FreeRsaKey(rsakey);
- XFREE(rsakey, cert->heap, DYNAMIC_TYPE_RSA);
- rsakey = NULL;
- #endif
- #ifdef HAVE_ECC
- /* Check to load ecc public key */
- eckey = (ecc_key*) XMALLOC(sizeof(ecc_key), cert->heap,
- DYNAMIC_TYPE_ECC);
- if (eckey == NULL) {
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return MEMORY_E;
- }
- if (wc_ecc_init(eckey) != 0) {
- WOLFSSL_MSG("wc_ecc_init failure");
- wc_ecc_free(eckey);
- XFREE(eckey, cert->heap, DYNAMIC_TYPE_ECC);
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return MEMORY_E;
- }
- idx = 0;
- ret = wc_EccPublicKeyDecode(der, &idx, eckey, derSz);
- if (ret != 0) {
- WOLFSSL_MSG("wc_EccPublicKeyDecode failed");
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- wc_ecc_free(eckey);
- XFREE(eckey, cert->heap, DYNAMIC_TYPE_ECC);
- return PUBLIC_KEY_E;
- }
- #else
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return PUBLIC_KEY_E;
- #endif /* HAVE_ECC */
- }
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- ret = wc_SetSubjectKeyIdFromPublicKey(cert, rsakey, eckey);
- #ifndef NO_RSA
- wc_FreeRsaKey(rsakey);
- XFREE(rsakey, cert->heap, DYNAMIC_TYPE_RSA);
- #endif
- #ifdef HAVE_ECC
- wc_ecc_free(eckey);
- XFREE(eckey, cert->heap, DYNAMIC_TYPE_ECC);
- #endif
- return ret;
- }
- #endif /* !NO_FILESYSTEM && !NO_ASN_CRYPT */
- static int SetAuthKeyIdFromDcert(Cert* cert, DecodedCert* decoded)
- {
- int ret = 0;
- /* Subject Key Id not found !! */
- if (decoded->extSubjKeyIdSet == 0) {
- ret = ASN_NO_SKID;
- }
- /* SKID invalid size */
- else if (sizeof(cert->akid) < sizeof(decoded->extSubjKeyId)) {
- ret = MEMORY_E;
- }
- else {
- /* Put the SKID of CA to AKID of certificate */
- XMEMCPY(cert->akid, decoded->extSubjKeyId, KEYID_SIZE);
- cert->akidSz = KEYID_SIZE;
- }
- return ret;
- }
- /* Set AKID from certificate contains in buffer (DER encoded) */
- int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz)
- {
- int ret = 0;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- /* Check if decodedCert is cached */
- if (cert->der != der) {
- /* Allocate cache for the decoded cert */
- ret = wc_SetCert_LoadDer(cert, der, derSz);
- }
- if (ret >= 0) {
- ret = SetAuthKeyIdFromDcert(cert, (DecodedCert*)cert->decodedCert);
- #ifndef WOLFSSL_CERT_GEN_CACHE
- wc_SetCert_Free(cert);
- #endif
- }
- }
- return ret;
- }
- #ifndef NO_FILESYSTEM
- /* Set AKID from certificate file in PEM */
- int wc_SetAuthKeyId(Cert *cert, const char* file)
- {
- int ret;
- int derSz;
- byte* der;
- if (cert == NULL || file == NULL)
- return BAD_FUNC_ARG;
- der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
- if (der == NULL) {
- WOLFSSL_MSG("wc_SetAuthKeyId OOF Problem");
- return MEMORY_E;
- }
- derSz = wc_PemCertToDer(file, der, EIGHTK_BUF);
- if (derSz <= 0)
- {
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return derSz;
- }
- ret = wc_SetAuthKeyIdFromCert(cert, der, derSz);
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return ret;
- }
- #endif /* !NO_FILESYSTEM */
- /* Set KeyUsage from human readable string */
- int wc_SetKeyUsage(Cert *cert, const char *value)
- {
- int ret = 0;
- char *token, *str, *ptr;
- word32 len;
- if (cert == NULL || value == NULL)
- return BAD_FUNC_ARG;
- cert->keyUsage = 0;
- /* duplicate string (including terminator) */
- len = (word32)XSTRLEN(value);
- str = (char*)XMALLOC(len+1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (str == NULL)
- return MEMORY_E;
- XMEMCPY(str, value, len+1);
- /* parse value, and set corresponding Key Usage value */
- if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return KEYUSAGE_E;
- }
- while (token != NULL)
- {
- len = (word32)XSTRLEN(token);
- if (!XSTRNCASECMP(token, "digitalSignature", len))
- cert->keyUsage |= KEYUSE_DIGITAL_SIG;
- else if (!XSTRNCASECMP(token, "nonRepudiation", len) ||
- !XSTRNCASECMP(token, "contentCommitment", len))
- cert->keyUsage |= KEYUSE_CONTENT_COMMIT;
- else if (!XSTRNCASECMP(token, "keyEncipherment", len))
- cert->keyUsage |= KEYUSE_KEY_ENCIPHER;
- else if (!XSTRNCASECMP(token, "dataEncipherment", len))
- cert->keyUsage |= KEYUSE_DATA_ENCIPHER;
- else if (!XSTRNCASECMP(token, "keyAgreement", len))
- cert->keyUsage |= KEYUSE_KEY_AGREE;
- else if (!XSTRNCASECMP(token, "keyCertSign", len))
- cert->keyUsage |= KEYUSE_KEY_CERT_SIGN;
- else if (!XSTRNCASECMP(token, "cRLSign", len))
- cert->keyUsage |= KEYUSE_CRL_SIGN;
- else if (!XSTRNCASECMP(token, "encipherOnly", len))
- cert->keyUsage |= KEYUSE_ENCIPHER_ONLY;
- else if (!XSTRNCASECMP(token, "decipherOnly", len))
- cert->keyUsage |= KEYUSE_DECIPHER_ONLY;
- else {
- ret = KEYUSAGE_E;
- break;
- }
- token = XSTRTOK(NULL, ",", &ptr);
- }
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return ret;
- }
- /* Set ExtendedKeyUsage from human readable string */
- int wc_SetExtKeyUsage(Cert *cert, const char *value)
- {
- int ret = 0;
- char *token, *str, *ptr;
- word32 len;
- if (cert == NULL || value == NULL)
- return BAD_FUNC_ARG;
- cert->extKeyUsage = 0;
- /* duplicate string (including terminator) */
- len = (word32)XSTRLEN(value);
- str = (char*)XMALLOC(len+1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (str == NULL)
- return MEMORY_E;
- XMEMCPY(str, value, len+1);
- /* parse value, and set corresponding Key Usage value */
- if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return EXTKEYUSAGE_E;
- }
- while (token != NULL)
- {
- len = (word32)XSTRLEN(token);
- if (!XSTRNCASECMP(token, "any", len))
- cert->extKeyUsage |= EXTKEYUSE_ANY;
- else if (!XSTRNCASECMP(token, "serverAuth", len))
- cert->extKeyUsage |= EXTKEYUSE_SERVER_AUTH;
- else if (!XSTRNCASECMP(token, "clientAuth", len))
- cert->extKeyUsage |= EXTKEYUSE_CLIENT_AUTH;
- else if (!XSTRNCASECMP(token, "codeSigning", len))
- cert->extKeyUsage |= EXTKEYUSE_CODESIGN;
- else if (!XSTRNCASECMP(token, "emailProtection", len))
- cert->extKeyUsage |= EXTKEYUSE_EMAILPROT;
- else if (!XSTRNCASECMP(token, "timeStamping", len))
- cert->extKeyUsage |= EXTKEYUSE_TIMESTAMP;
- else if (!XSTRNCASECMP(token, "OCSPSigning", len))
- cert->extKeyUsage |= EXTKEYUSE_OCSP_SIGN;
- else {
- ret = EXTKEYUSAGE_E;
- break;
- }
- token = XSTRTOK(NULL, ",", &ptr);
- }
- XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return ret;
- }
- #ifdef WOLFSSL_EKU_OID
- /*
- * cert structure to set EKU oid in
- * oid the oid in byte representation
- * sz size of oid buffer
- * idx index of array to place oid
- *
- * returns 0 on success
- */
- int wc_SetExtKeyUsageOID(Cert *cert, const char *in, word32 sz, byte idx,
- void* heap)
- {
- byte oid[MAX_OID_SZ];
- word32 oidSz = MAX_OID_SZ;
- if (idx >= CTC_MAX_EKU_NB || sz >= CTC_MAX_EKU_OID_SZ) {
- WOLFSSL_MSG("Either idx or sz was too large");
- return BAD_FUNC_ARG;
- }
- if (EncodePolicyOID(oid, &oidSz, in, heap) != 0) {
- return BUFFER_E;
- }
- XMEMCPY(cert->extKeyUsageOID[idx], oid, oidSz);
- cert->extKeyUsageOIDSz[idx] = oidSz;
- cert->extKeyUsage |= EXTKEYUSE_USER;
- return 0;
- }
- #endif /* WOLFSSL_EKU_OID */
- #endif /* WOLFSSL_CERT_EXT */
- #ifdef WOLFSSL_ALT_NAMES
- static int SetAltNamesFromDcert(Cert* cert, DecodedCert* decoded)
- {
- int ret = 0;
- cert->altNamesSz = 0;
- if (decoded->altNames) {
- ret = FlattenAltNames(cert->altNames,
- sizeof(cert->altNames), decoded->altNames);
- if (ret >= 0) {
- cert->altNamesSz = ret;
- ret = 0;
- }
- }
- return ret;
- }
- #ifndef NO_FILESYSTEM
- /* Set Alt Names from der cert, return 0 on success */
- static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz)
- {
- int ret;
- #ifdef WOLFSSL_SMALL_STACK
- DecodedCert* decoded;
- #else
- DecodedCert decoded[1];
- #endif
- if (derSz < 0)
- return derSz;
- #ifdef WOLFSSL_SMALL_STACK
- decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cert->heap,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (decoded == NULL)
- return MEMORY_E;
- #endif
- InitDecodedCert(decoded, der, derSz, NULL);
- ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
- if (ret < 0) {
- WOLFSSL_MSG("ParseCertRelative error");
- }
- else {
- ret = SetAltNamesFromDcert(cert, decoded);
- }
- FreeDecodedCert(decoded);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(decoded, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret < 0 ? ret : 0;
- }
- #endif
- static int SetDatesFromDcert(Cert* cert, DecodedCert* decoded)
- {
- int ret = 0;
- if (decoded->beforeDate == NULL || decoded->afterDate == NULL) {
- WOLFSSL_MSG("Couldn't extract dates");
- ret = -1;
- }
- else if (decoded->beforeDateLen > MAX_DATE_SIZE ||
- decoded->afterDateLen > MAX_DATE_SIZE) {
- WOLFSSL_MSG("Bad date size");
- ret = -1;
- }
- else {
- XMEMCPY(cert->beforeDate, decoded->beforeDate, decoded->beforeDateLen);
- XMEMCPY(cert->afterDate, decoded->afterDate, decoded->afterDateLen);
- cert->beforeDateSz = decoded->beforeDateLen;
- cert->afterDateSz = decoded->afterDateLen;
- }
- return ret;
- }
- #endif /* WOLFSSL_ALT_NAMES */
- static void SetNameFromDcert(CertName* cn, DecodedCert* decoded)
- {
- int sz;
- if (decoded->subjectCN) {
- sz = (decoded->subjectCNLen < CTC_NAME_SIZE) ? decoded->subjectCNLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->commonName, decoded->subjectCN, sz);
- cn->commonName[sz] = '\0';
- cn->commonNameEnc = decoded->subjectCNEnc;
- }
- if (decoded->subjectC) {
- sz = (decoded->subjectCLen < CTC_NAME_SIZE) ? decoded->subjectCLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->country, decoded->subjectC, sz);
- cn->country[sz] = '\0';
- cn->countryEnc = decoded->subjectCEnc;
- }
- if (decoded->subjectST) {
- sz = (decoded->subjectSTLen < CTC_NAME_SIZE) ? decoded->subjectSTLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->state, decoded->subjectST, sz);
- cn->state[sz] = '\0';
- cn->stateEnc = decoded->subjectSTEnc;
- }
- if (decoded->subjectL) {
- sz = (decoded->subjectLLen < CTC_NAME_SIZE) ? decoded->subjectLLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->locality, decoded->subjectL, sz);
- cn->locality[sz] = '\0';
- cn->localityEnc = decoded->subjectLEnc;
- }
- if (decoded->subjectO) {
- sz = (decoded->subjectOLen < CTC_NAME_SIZE) ? decoded->subjectOLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->org, decoded->subjectO, sz);
- cn->org[sz] = '\0';
- cn->orgEnc = decoded->subjectOEnc;
- }
- if (decoded->subjectOU) {
- sz = (decoded->subjectOULen < CTC_NAME_SIZE) ? decoded->subjectOULen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->unit, decoded->subjectOU, sz);
- cn->unit[sz] = '\0';
- cn->unitEnc = decoded->subjectOUEnc;
- }
- if (decoded->subjectSN) {
- sz = (decoded->subjectSNLen < CTC_NAME_SIZE) ? decoded->subjectSNLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->sur, decoded->subjectSN, sz);
- cn->sur[sz] = '\0';
- cn->surEnc = decoded->subjectSNEnc;
- }
- if (decoded->subjectSND) {
- sz = (decoded->subjectSNDLen < CTC_NAME_SIZE) ? decoded->subjectSNDLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->serialDev, decoded->subjectSND, sz);
- cn->serialDev[sz] = '\0';
- cn->serialDevEnc = decoded->subjectSNDEnc;
- }
- #ifdef WOLFSSL_CERT_EXT
- if (decoded->subjectBC) {
- sz = (decoded->subjectBCLen < CTC_NAME_SIZE) ? decoded->subjectBCLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->busCat, decoded->subjectBC, sz);
- cn->busCat[sz] = '\0';
- cn->busCatEnc = decoded->subjectBCEnc;
- }
- if (decoded->subjectJC) {
- sz = (decoded->subjectJCLen < CTC_NAME_SIZE) ? decoded->subjectJCLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->joiC, decoded->subjectJC, sz);
- cn->joiC[sz] = '\0';
- cn->joiCEnc = decoded->subjectJCEnc;
- }
- if (decoded->subjectJS) {
- sz = (decoded->subjectJSLen < CTC_NAME_SIZE) ? decoded->subjectJSLen
- : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->joiSt, decoded->subjectJS, sz);
- cn->joiSt[sz] = '\0';
- cn->joiStEnc = decoded->subjectJSEnc;
- }
- #endif
- if (decoded->subjectEmail) {
- sz = (decoded->subjectEmailLen < CTC_NAME_SIZE)
- ? decoded->subjectEmailLen : CTC_NAME_SIZE - 1;
- XSTRNCPY(cn->email, decoded->subjectEmail, sz);
- cn->email[sz] = '\0';
- }
- }
- #ifndef NO_FILESYSTEM
- /* Set cn name from der buffer, return 0 on success */
- static int SetNameFromCert(CertName* cn, const byte* der, int derSz)
- {
- int ret;
- #ifdef WOLFSSL_SMALL_STACK
- DecodedCert* decoded;
- #else
- DecodedCert decoded[1];
- #endif
- if (derSz < 0)
- return derSz;
- #ifdef WOLFSSL_SMALL_STACK
- decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
- DYNAMIC_TYPE_TMP_BUFFER);
- if (decoded == NULL)
- return MEMORY_E;
- #endif
- InitDecodedCert(decoded, der, derSz, NULL);
- ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0);
- if (ret < 0) {
- WOLFSSL_MSG("ParseCertRelative error");
- }
- else {
- SetNameFromDcert(cn, decoded);
- }
- FreeDecodedCert(decoded);
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret < 0 ? ret : 0;
- }
- /* Set cert issuer from issuerFile in PEM */
- int wc_SetIssuer(Cert* cert, const char* issuerFile)
- {
- int ret;
- int derSz;
- byte* der;
- if (cert == NULL) {
- return BAD_FUNC_ARG;
- }
- der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
- if (der == NULL) {
- WOLFSSL_MSG("wc_SetIssuer OOF Problem");
- return MEMORY_E;
- }
- derSz = wc_PemCertToDer(issuerFile, der, EIGHTK_BUF);
- cert->selfSigned = 0;
- ret = SetNameFromCert(&cert->issuer, der, derSz);
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return ret;
- }
- /* Set cert subject from subjectFile in PEM */
- int wc_SetSubject(Cert* cert, const char* subjectFile)
- {
- int ret;
- int derSz;
- byte* der;
- if (cert == NULL) {
- return BAD_FUNC_ARG;
- }
- der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
- if (der == NULL) {
- WOLFSSL_MSG("wc_SetSubject OOF Problem");
- return MEMORY_E;
- }
- derSz = wc_PemCertToDer(subjectFile, der, EIGHTK_BUF);
- ret = SetNameFromCert(&cert->subject, der, derSz);
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return ret;
- }
- #ifdef WOLFSSL_ALT_NAMES
- /* Set alt names from file in PEM */
- int wc_SetAltNames(Cert* cert, const char* file)
- {
- int ret;
- int derSz;
- byte* der;
- if (cert == NULL) {
- return BAD_FUNC_ARG;
- }
- der = (byte*)XMALLOC(EIGHTK_BUF, cert->heap, DYNAMIC_TYPE_CERT);
- if (der == NULL) {
- WOLFSSL_MSG("wc_SetAltNames OOF Problem");
- return MEMORY_E;
- }
- derSz = wc_PemCertToDer(file, der, EIGHTK_BUF);
- ret = SetAltNamesFromCert(cert, der, derSz);
- XFREE(der, cert->heap, DYNAMIC_TYPE_CERT);
- return ret;
- }
- #endif /* WOLFSSL_ALT_NAMES */
- #endif /* !NO_FILESYSTEM */
- /* Set cert issuer from DER buffer */
- int wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz)
- {
- int ret = 0;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- cert->selfSigned = 0;
- /* Check if decodedCert is cached */
- if (cert->der != der) {
- /* Allocate cache for the decoded cert */
- ret = wc_SetCert_LoadDer(cert, der, derSz);
- }
- if (ret >= 0) {
- SetNameFromDcert(&cert->issuer, (DecodedCert*)cert->decodedCert);
- #ifndef WOLFSSL_CERT_GEN_CACHE
- wc_SetCert_Free(cert);
- #endif
- }
- }
- return ret;
- }
- /* Set cert subject from DER buffer */
- int wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz)
- {
- int ret = 0;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- /* Check if decodedCert is cached */
- if (cert->der != der) {
- /* Allocate cache for the decoded cert */
- ret = wc_SetCert_LoadDer(cert, der, derSz);
- }
- if (ret >= 0) {
- SetNameFromDcert(&cert->subject, (DecodedCert*)cert->decodedCert);
- #ifndef WOLFSSL_CERT_GEN_CACHE
- wc_SetCert_Free(cert);
- #endif
- }
- }
- return ret;
- }
- #ifdef WOLFSSL_CERT_EXT
- /* Set cert raw subject from DER buffer */
- int wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz)
- {
- int ret = 0;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- /* Check if decodedCert is cached */
- if (cert->der != der) {
- /* Allocate cache for the decoded cert */
- ret = wc_SetCert_LoadDer(cert, der, derSz);
- }
- if (ret >= 0) {
- if ((((DecodedCert*)cert->decodedCert)->subjectRaw) &&
- (((DecodedCert*)cert->decodedCert)->subjectRawLen <=
- (int)sizeof(CertName))) {
- XMEMCPY(cert->sbjRaw,
- ((DecodedCert*)cert->decodedCert)->subjectRaw,
- ((DecodedCert*)cert->decodedCert)->subjectRawLen);
- }
- #ifndef WOLFSSL_CERT_GEN_CACHE
- wc_SetCert_Free(cert);
- #endif
- }
- }
- return ret;
- }
- /* Set cert raw issuer from DER buffer */
- int wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz)
- {
- int ret = 0;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- /* Check if decodedCert is cached */
- if (cert->der != der) {
- /* Allocate cache for the decoded cert */
- ret = wc_SetCert_LoadDer(cert, der, derSz);
- }
- if (ret >= 0) {
- if ((((DecodedCert*)cert->decodedCert)->subjectRaw) &&
- (((DecodedCert*)cert->decodedCert)->subjectRawLen <=
- (int)sizeof(CertName))) {
- /* Copy the subject to the issuer field */
- XMEMCPY(cert->issRaw,
- ((DecodedCert*)cert->decodedCert)->subjectRaw,
- ((DecodedCert*)cert->decodedCert)->subjectRawLen);
- }
- #ifndef WOLFSSL_CERT_GEN_CACHE
- wc_SetCert_Free(cert);
- #endif
- }
- }
- return ret;
- }
- #endif
- #ifdef WOLFSSL_ALT_NAMES
- /* Set cert alt names from DER buffer */
- int wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz)
- {
- int ret = 0;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- /* Check if decodedCert is cached */
- if (cert->der != der) {
- /* Allocate cache for the decoded cert */
- ret = wc_SetCert_LoadDer(cert, der, derSz);
- }
- if (ret >= 0) {
- ret = SetAltNamesFromDcert(cert, (DecodedCert*)cert->decodedCert);
- #ifndef WOLFSSL_CERT_GEN_CACHE
- wc_SetCert_Free(cert);
- #endif
- }
- }
- return(ret);
- }
- /* Set cert dates from DER buffer */
- int wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz)
- {
- int ret = 0;
- if (cert == NULL) {
- ret = BAD_FUNC_ARG;
- }
- else {
- /* Check if decodedCert is cached */
- if (cert->der != der) {
- /* Allocate cache for the decoded cert */
- ret = wc_SetCert_LoadDer(cert, der, derSz);
- }
- if (ret >= 0) {
- ret = SetDatesFromDcert(cert, (DecodedCert*)cert->decodedCert);
- #ifndef WOLFSSL_CERT_GEN_CACHE
- wc_SetCert_Free(cert);
- #endif
- }
- }
- return(ret);
- }
- #endif /* WOLFSSL_ALT_NAMES */
- #endif /* WOLFSSL_CERT_GEN */
- #if (defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)) \
- || defined(OPENSSL_EXTRA)
- /* Encode OID string representation to ITU-T X.690 format */
- int EncodePolicyOID(byte *out, word32 *outSz, const char *in, void* heap)
- {
- word32 val, idx = 0, nb_val;
- char *token, *str, *ptr;
- word32 len;
- (void)heap;
- if (out == NULL || outSz == NULL || *outSz < 2 || in == NULL)
- return BAD_FUNC_ARG;
- /* duplicate string (including terminator) */
- len = (word32)XSTRLEN(in);
- str = (char *)XMALLOC(len+1, heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (str == NULL)
- return MEMORY_E;
- XMEMCPY(str, in, len+1);
- nb_val = 0;
- /* parse value, and set corresponding Policy OID value */
- token = XSTRTOK(str, ".", &ptr);
- while (token != NULL)
- {
- val = (word32)XATOI(token);
- if (nb_val == 0) {
- if (val > 2) {
- XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return ASN_OBJECT_ID_E;
- }
- out[idx] = (byte)(40 * val);
- }
- else if (nb_val == 1) {
- if (val > 127) {
- XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return ASN_OBJECT_ID_E;
- }
- if (idx > *outSz) {
- XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return BUFFER_E;
- }
- out[idx++] += (byte)val;
- }
- else {
- word32 tb = 0, x;
- int i = 0;
- byte oid[MAX_OID_SZ];
- while (val >= 128) {
- x = val % 128;
- val /= 128;
- oid[i++] = (byte) (((tb++) ? 0x80 : 0) | x);
- }
- if ((idx+(word32)i) > *outSz) {
- XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return BUFFER_E;
- }
- oid[i] = (byte) (((tb++) ? 0x80 : 0) | val);
- /* push value in the right order */
- while (i >= 0)
- out[idx++] = oid[i--];
- }
- token = XSTRTOK(NULL, ".", &ptr);
- nb_val++;
- }
- *outSz = idx;
- XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
- return 0;
- }
- #endif /* WOLFSSL_CERT_EXT || OPENSSL_EXTRA */
- #endif /* !NO_CERTS */
- #if !defined(NO_DH) && (defined(WOLFSSL_QT) || defined(OPENSSL_ALL))
- /* Helper function for wolfSSL_i2d_DHparams */
- int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g)
- {
- word32 idx = 0;
- int pSz;
- int gSz;
- unsigned int tmp;
- word32 headerSz = 4; /* 2*ASN_TAG + 2*LEN(ENUM) */
- /* If the leading bit on the INTEGER is a 1, add a leading zero */
- int pLeadingZero = mp_leading_bit(p);
- int gLeadingZero = mp_leading_bit(g);
- int pLen = mp_unsigned_bin_size(p);
- int gLen = mp_unsigned_bin_size(g);
- WOLFSSL_ENTER("StoreDHparams");
- if (out == NULL) {
- WOLFSSL_MSG("Null buffer error");
- return BUFFER_E;
- }
- tmp = pLeadingZero + gLeadingZero + pLen + gLen;
- if (*outLen < (tmp + headerSz)) {
- return BUFFER_E;
- }
- /* Set sequence */
- idx = SetSequence(tmp + headerSz + 2, out);
- /* Encode p */
- pSz = SetASNIntMP(p, -1, &out[idx]);
- if (pSz < 0) {
- WOLFSSL_MSG("SetASNIntMP failed");
- return pSz;
- }
- idx += pSz;
- /* Encode g */
- gSz = SetASNIntMP(g, -1, &out[idx]);
- if (gSz < 0) {
- WOLFSSL_MSG("SetASNIntMP failed");
- return gSz;
- }
- idx += gSz;
- *outLen = idx;
- return 0;
- }
- #endif /* !NO_DH && (WOLFSSL_QT || OPENSSL_ALL) */
- #ifdef HAVE_ECC
- /* Der Encode r & s ints into out, outLen is (in/out) size */
- int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
- {
- word32 idx = 0;
- int rSz; /* encoding size */
- int sSz;
- word32 headerSz = 4; /* 2*ASN_TAG + 2*LEN(ENUM) */
- /* If the leading bit on the INTEGER is a 1, add a leading zero */
- int rLeadingZero = mp_leading_bit(r);
- int sLeadingZero = mp_leading_bit(s);
- int rLen = mp_unsigned_bin_size(r); /* big int size */
- int sLen = mp_unsigned_bin_size(s);
- if (*outLen < (rLen + rLeadingZero + sLen + sLeadingZero +
- headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */
- return BUFFER_E;
- idx = SetSequence(rLen + rLeadingZero + sLen+sLeadingZero + headerSz, out);
- /* store r */
- rSz = SetASNIntMP(r, *outLen - idx, &out[idx]);
- if (rSz < 0)
- return rSz;
- idx += rSz;
- /* store s */
- sSz = SetASNIntMP(s, *outLen - idx, &out[idx]);
- if (sSz < 0)
- return sSz;
- idx += sSz;
- *outLen = idx;
- return 0;
- }
- /* determine if leading bit is set */
- static int is_leading_bit_set(const byte* input, word32 sz)
- {
- byte c = 0;
- if (sz > 0)
- c = input[0];
- return (c & 0x80) != 0;
- }
- static int trim_leading_zeros(const byte** input, word32 sz)
- {
- int i, leadingZeroCount = 0;
- const byte* tmp = *input;
- for (i=0; i<(int)sz; i++) {
- if (tmp[i] != 0)
- break;
- leadingZeroCount++;
- }
- /* catch all zero case */
- if (sz > 0 && leadingZeroCount == (int)sz) {
- leadingZeroCount--;
- }
- *input += leadingZeroCount;
- sz -= leadingZeroCount;
- return sz;
- }
- /* Der Encode r & s ints into out, outLen is (in/out) size */
- /* All input/outputs are assumed to be big-endian */
- int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, const byte* r, word32 rLen,
- const byte* s, word32 sLen)
- {
- int ret;
- word32 idx;
- word32 headerSz = 4; /* 2*ASN_TAG + 2*LEN(ENUM) */
- int rAddLeadZero, sAddLeadZero;
- if ((out == NULL) || (outLen == NULL) || (r == NULL) || (s == NULL))
- return BAD_FUNC_ARG;
- /* Trim leading zeros */
- rLen = trim_leading_zeros(&r, rLen);
- sLen = trim_leading_zeros(&s, sLen);
- /* If the leading bit on the INTEGER is a 1, add a leading zero */
- /* Add leading zero if MSB is set */
- rAddLeadZero = is_leading_bit_set(r, rLen);
- sAddLeadZero = is_leading_bit_set(s, sLen);
- if (*outLen < (rLen + rAddLeadZero + sLen + sAddLeadZero +
- headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */
- return BUFFER_E;
- idx = SetSequence(rLen+rAddLeadZero + sLen+sAddLeadZero + headerSz, out);
- /* store r */
- ret = SetASNInt(rLen, rAddLeadZero ? 0x80 : 0x00, &out[idx]);
- if (ret < 0)
- return ret;
- idx += ret;
- XMEMCPY(&out[idx], r, rLen);
- idx += rLen;
- /* store s */
- ret = SetASNInt(sLen, sAddLeadZero ? 0x80 : 0x00, &out[idx]);
- if (ret < 0)
- return ret;
- idx += ret;
- XMEMCPY(&out[idx], s, sLen);
- idx += sLen;
- *outLen = idx;
- return 0;
- }
- /* Der Decode ECC-DSA Signature with R/S as unsigned bin */
- /* All input/outputs are assumed to be big-endian */
- int DecodeECC_DSA_Sig_Bin(const byte* sig, word32 sigLen, byte* r, word32* rLen,
- byte* s, word32* sLen)
- {
- int ret;
- word32 idx = 0;
- int len = 0;
- if (GetSequence(sig, &idx, &len, sigLen) < 0) {
- return ASN_ECC_KEY_E;
- }
- #ifndef NO_STRICT_ECDSA_LEN
- /* enable strict length checking for signature */
- if (sigLen != idx + (word32)len) {
- return ASN_ECC_KEY_E;
- }
- #else
- /* allow extra signature bytes at end */
- if ((word32)len > (sigLen - idx)) {
- return ASN_ECC_KEY_E;
- }
- #endif
- ret = GetASNInt(sig, &idx, &len, sigLen);
- if (ret != 0)
- return ret;
- if (rLen)
- *rLen = len;
- if (r)
- XMEMCPY(r, (byte*)sig + idx, len);
- idx += len;
- ret = GetASNInt(sig, &idx, &len, sigLen);
- if (ret != 0)
- return ret;
- if (sLen)
- *sLen = len;
- if (s)
- XMEMCPY(s, (byte*)sig + idx, len);
- return ret;
- }
- #endif
- #if defined(HAVE_ECC) || !defined(NO_DSA)
- int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s)
- {
- word32 idx = 0;
- int len = 0;
- if (GetSequence(sig, &idx, &len, sigLen) < 0) {
- return ASN_ECC_KEY_E;
- }
- #ifndef NO_STRICT_ECDSA_LEN
- /* enable strict length checking for signature */
- if (sigLen != idx + (word32)len) {
- return ASN_ECC_KEY_E;
- }
- #else
- /* allow extra signature bytes at end */
- if ((word32)len > (sigLen - idx)) {
- return ASN_ECC_KEY_E;
- }
- #endif
- if (GetInt(r, sig, &idx, sigLen) < 0) {
- return ASN_ECC_KEY_E;
- }
- if (GetInt(s, sig, &idx, sigLen) < 0) {
- mp_clear(r);
- return ASN_ECC_KEY_E;
- }
- return 0;
- }
- #endif
- #ifdef HAVE_ECC
- int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
- word32 inSz)
- {
- word32 oidSum;
- int version, length;
- int privSz, pubSz = 0;
- byte b;
- int ret = 0;
- int curve_id = ECC_CURVE_DEF;
- #ifdef WOLFSSL_SMALL_STACK
- byte* priv;
- byte* pub = NULL;
- #else
- byte priv[ECC_MAXSIZE+1];
- byte pub[2*(ECC_MAXSIZE+1)]; /* public key has two parts plus header */
- #endif
- byte* pubData = NULL;
- if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetMyVersion(input, inOutIdx, &version, inSz) < 0)
- return ASN_PARSE_E;
- if (*inOutIdx >= inSz)
- return ASN_PARSE_E;
- b = input[*inOutIdx];
- *inOutIdx += 1;
- /* priv type */
- if (b != 4 && b != 6 && b != 7)
- return ASN_PARSE_E;
- if (GetLength(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- privSz = length;
- if (privSz > ECC_MAXSIZE)
- return BUFFER_E;
- #ifdef WOLFSSL_SMALL_STACK
- priv = (byte*)XMALLOC(privSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (priv == NULL)
- return MEMORY_E;
- #endif
- /* priv key */
- XMEMCPY(priv, &input[*inOutIdx], privSz);
- *inOutIdx += length;
- if ((*inOutIdx + 1) < inSz) {
- /* prefix 0, may have */
- b = input[*inOutIdx];
- if (b == ECC_PREFIX_0) {
- *inOutIdx += 1;
- if (GetLength(input, inOutIdx, &length, inSz) <= 0)
- ret = ASN_PARSE_E;
- else {
- ret = GetObjectId(input, inOutIdx, &oidSum, oidIgnoreType,
- inSz);
- if (ret == 0) {
- if ((ret = CheckCurve(oidSum)) < 0)
- ret = ECC_CURVE_OID_E;
- else {
- curve_id = ret;
- ret = 0;
- }
- }
- }
- }
- }
- if (ret == 0 && (*inOutIdx + 1) < inSz) {
- /* prefix 1 */
- b = input[*inOutIdx];
- *inOutIdx += 1;
- if (b != ECC_PREFIX_1) {
- ret = ASN_ECC_KEY_E;
- }
- else if (GetLength(input, inOutIdx, &length, inSz) <= 0) {
- ret = ASN_PARSE_E;
- }
- else {
- /* key header */
- ret = CheckBitString(input, inOutIdx, &length, inSz, 0, NULL);
- if (ret == 0) {
- /* pub key */
- pubSz = length;
- if (pubSz > 2*(ECC_MAXSIZE+1))
- ret = BUFFER_E;
- else {
- #ifdef WOLFSSL_SMALL_STACK
- pub = (byte*)XMALLOC(pubSz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (pub == NULL)
- ret = MEMORY_E;
- else
- #endif
- {
- XMEMCPY(pub, &input[*inOutIdx], pubSz);
- *inOutIdx += length;
- pubData = pub;
- }
- }
- }
- }
- }
- if (ret == 0) {
- ret = wc_ecc_import_private_key_ex(priv, privSz, pubData, pubSz, key,
- curve_id);
- }
- #ifdef WOLFSSL_SMALL_STACK
- XFREE(priv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- #ifdef WOLFSSL_CUSTOM_CURVES
- static void ByteToHex(byte n, char* str)
- {
- const char hexChar[] = { '0', '1', '2', '3', '4', '5', '6', '7',
- '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
- str[0] = hexChar[n >> 4];
- str[1] = hexChar[n & 0xf];
- }
- /* returns 0 on success */
- static int ASNToHexString(const byte* input, word32* inOutIdx, char** out,
- word32 inSz, void* heap, int heapType)
- {
- int len;
- int i;
- char* str;
- word32 localIdx;
- byte tag;
- if (*inOutIdx >= inSz) {
- return BUFFER_E;
- }
- localIdx = *inOutIdx;
- if (GetASNTag(input, &localIdx, &tag, inSz) == 0 && tag == ASN_INTEGER) {
- if (GetASNInt(input, inOutIdx, &len, inSz) < 0)
- return ASN_PARSE_E;
- }
- else {
- if (GetOctetString(input, inOutIdx, &len, inSz) < 0)
- return ASN_PARSE_E;
- }
- str = (char*)XMALLOC(len * 2 + 1, heap, heapType);
- for (i=0; i<len; i++)
- ByteToHex(input[*inOutIdx + i], str + i*2);
- str[len*2] = '\0';
- *inOutIdx += len;
- *out = str;
- (void)heap;
- (void)heapType;
- return 0;
- }
- #endif /* WOLFSSL_CUSTOM_CURVES */
- #ifdef WOLFSSL_CUSTOM_CURVES
- static int EccKeyParamCopy(char** dst, char* src)
- {
- int ret = 0;
- #ifdef WOLFSSL_ECC_CURVE_STATIC
- word32 length;
- #endif
- if (dst == NULL || src == NULL)
- return BAD_FUNC_ARG;
- #ifndef WOLFSSL_ECC_CURVE_STATIC
- *dst = src;
- #else
- length = (int)XSTRLEN(src) + 1;
- if (length > MAX_ECC_STRING) {
- WOLFSSL_MSG("ECC Param too large for buffer");
- ret = BUFFER_E;
- }
- else {
- XSTRNCPY(*dst, src, length);
- }
- XFREE(src, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- #endif
- return ret;
- }
- #endif /* WOLFSSL_CUSTOM_CURVES */
- int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
- ecc_key* key, word32 inSz)
- {
- int ret;
- int version, length;
- int curve_id = ECC_CURVE_DEF;
- word32 oidSum, localIdx;
- byte tag, isPrivFormat = 0;
- if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- /* Check if ECC private key is being used and skip private portion */
- if (GetMyVersion(input, inOutIdx, &version, inSz) >= 0) {
- isPrivFormat = 1;
- /* Type private key */
- if (*inOutIdx >= inSz)
- return ASN_PARSE_E;
- tag = input[*inOutIdx];
- *inOutIdx += 1;
- if (tag != 4 && tag != 6 && tag != 7)
- return ASN_PARSE_E;
- /* Skip Private Key */
- if (GetLength(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (length > ECC_MAXSIZE)
- return BUFFER_E;
- *inOutIdx += length;
- /* Private Curve Header */
- if (*inOutIdx >= inSz)
- return ASN_PARSE_E;
- tag = input[*inOutIdx];
- *inOutIdx += 1;
- if (tag != ECC_PREFIX_0)
- return ASN_ECC_KEY_E;
- if (GetLength(input, inOutIdx, &length, inSz) <= 0)
- return ASN_PARSE_E;
- }
- /* Standard ECC public key */
- else {
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- ret = SkipObjectId(input, inOutIdx, inSz);
- if (ret != 0)
- return ret;
- }
- if (*inOutIdx >= inSz) {
- return BUFFER_E;
- }
- localIdx = *inOutIdx;
- if (GetASNTag(input, &localIdx, &tag, inSz) == 0 &&
- tag == (ASN_SEQUENCE | ASN_CONSTRUCTED)) {
- #ifdef WOLFSSL_CUSTOM_CURVES
- ecc_set_type* curve;
- int len;
- char* point = NULL;
- ret = 0;
- curve = (ecc_set_type*)XMALLOC(sizeof(*curve), key->heap,
- DYNAMIC_TYPE_ECC_BUFFER);
- if (curve == NULL)
- ret = MEMORY_E;
- if (ret == 0) {
- static const char customName[] = "Custom";
- XMEMSET(curve, 0, sizeof(*curve));
- #ifndef WOLFSSL_ECC_CURVE_STATIC
- curve->name = customName;
- #else
- XMEMCPY((void*)curve->name, customName, sizeof(customName));
- #endif
- curve->id = ECC_CURVE_CUSTOM;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- GetInteger7Bit(input, inOutIdx, inSz);
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- char* p = NULL;
- SkipObjectId(input, inOutIdx, inSz);
- ret = ASNToHexString(input, inOutIdx, &p, inSz,
- key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- if (ret == 0)
- ret = EccKeyParamCopy((char**)&curve->prime, p);
- }
- if (ret == 0) {
- curve->size = (int)XSTRLEN(curve->prime) / 2;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- ret = ASN_PARSE_E;
- }
- if (ret == 0) {
- char* af = NULL;
- ret = ASNToHexString(input, inOutIdx, &af, inSz,
- key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- if (ret == 0)
- ret = EccKeyParamCopy((char**)&curve->Af, af);
- }
- if (ret == 0) {
- char* bf = NULL;
- ret = ASNToHexString(input, inOutIdx, &bf, inSz,
- key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- if (ret == 0)
- ret = EccKeyParamCopy((char**)&curve->Bf, bf);
- }
- if (ret == 0) {
- localIdx = *inOutIdx;
- if (*inOutIdx < inSz && GetASNTag(input, &localIdx, &tag, inSz)
- == 0 && tag == ASN_BIT_STRING) {
- len = 0;
- ret = GetASNHeader(input, ASN_BIT_STRING, inOutIdx, &len, inSz);
- *inOutIdx += len;
- }
- }
- if (ret == 0) {
- ret = ASNToHexString(input, inOutIdx, (char**)&point, inSz,
- key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- /* sanity check that point buffer is not smaller than the expected
- * size to hold ( 0 4 || Gx || Gy )
- * where Gx and Gy are each the size of curve->size * 2 */
- if (ret == 0 && (int)XSTRLEN(point) < (curve->size * 4) + 2) {
- XFREE(point, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- ret = BUFFER_E;
- }
- }
- if (ret == 0) {
- #ifndef WOLFSSL_ECC_CURVE_STATIC
- curve->Gx = (const char*)XMALLOC(curve->size * 2 + 2, key->heap,
- DYNAMIC_TYPE_ECC_BUFFER);
- curve->Gy = (const char*)XMALLOC(curve->size * 2 + 2, key->heap,
- DYNAMIC_TYPE_ECC_BUFFER);
- if (curve->Gx == NULL || curve->Gy == NULL) {
- XFREE(point, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- ret = MEMORY_E;
- }
- #else
- if (curve->size * 2 + 2 > MAX_ECC_STRING) {
- WOLFSSL_MSG("curve size is too large to fit in buffer");
- ret = BUFFER_E;
- }
- #endif
- }
- if (ret == 0) {
- char* o = NULL;
- XMEMCPY((char*)curve->Gx, point + 2, curve->size * 2);
- XMEMCPY((char*)curve->Gy, point + curve->size * 2 + 2,
- curve->size * 2);
- ((char*)curve->Gx)[curve->size * 2] = '\0';
- ((char*)curve->Gy)[curve->size * 2] = '\0';
- XFREE(point, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- ret = ASNToHexString(input, inOutIdx, &o, inSz,
- key->heap, DYNAMIC_TYPE_ECC_BUFFER);
- if (ret == 0)
- ret = EccKeyParamCopy((char**)&curve->order, o);
- }
- if (ret == 0) {
- curve->cofactor = GetInteger7Bit(input, inOutIdx, inSz);
- #ifndef WOLFSSL_ECC_CURVE_STATIC
- curve->oid = NULL;
- #else
- XMEMSET((void*)curve->oid, 0, sizeof(curve->oid));
- #endif
- curve->oidSz = 0;
- curve->oidSum = 0;
- if (wc_ecc_set_custom_curve(key, curve) < 0) {
- ret = ASN_PARSE_E;
- }
- #ifdef WOLFSSL_CUSTOM_CURVES
- key->deallocSet = 1;
- #endif
- curve = NULL;
- }
- if (curve != NULL)
- wc_ecc_free_curve(curve, key->heap);
- if (ret < 0)
- return ret;
- #else
- return ASN_PARSE_E;
- #endif /* WOLFSSL_CUSTOM_CURVES */
- }
- else {
- /* ecc params information */
- ret = GetObjectId(input, inOutIdx, &oidSum, oidIgnoreType, inSz);
- if (ret != 0)
- return ret;
- /* get curve id */
- if ((ret = CheckCurve(oidSum)) < 0)
- return ECC_CURVE_OID_E;
- else {
- curve_id = ret;
- }
- }
- if (isPrivFormat) {
- /* Public Curve Header - skip */
- if (*inOutIdx >= inSz)
- return ASN_PARSE_E;
- tag = input[*inOutIdx];
- *inOutIdx += 1;
- if (tag != ECC_PREFIX_1)
- return ASN_ECC_KEY_E;
- if (GetLength(input, inOutIdx, &length, inSz) <= 0)
- return ASN_PARSE_E;
- }
- /* key header */
- ret = CheckBitString(input, inOutIdx, &length, inSz, 1, NULL);
- if (ret != 0)
- return ret;
- /* This is the raw point data compressed or uncompressed. */
- if (wc_ecc_import_x963_ex(input + *inOutIdx, length, key,
- curve_id) != 0) {
- return ASN_ECC_KEY_E;
- }
- *inOutIdx += length;
- return 0;
- }
- #if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT)
- /* build DER formatted ECC key, include optional public key if requested,
- * return length on success, negative on error */
- static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
- int pubIn)
- {
- byte curve[MAX_ALGO_SZ+2];
- byte ver[MAX_VERSION_SZ];
- byte seq[MAX_SEQ_SZ];
- int ret, totalSz, curveSz, verSz;
- int privHdrSz = ASN_ECC_HEADER_SZ;
- int pubHdrSz = ASN_ECC_CONTEXT_SZ + ASN_ECC_HEADER_SZ;
- #ifdef WOLFSSL_NO_MALLOC
- byte prv[MAX_ECC_BYTES + ASN_ECC_HEADER_SZ + MAX_SEQ_SZ];
- byte pub[(MAX_ECC_BYTES * 2) + 1 + ASN_ECC_CONTEXT_SZ +
- ASN_ECC_HEADER_SZ + MAX_SEQ_SZ];
- #else
- byte *prv = NULL, *pub = NULL;
- #endif
- word32 idx = 0, prvidx = 0, pubidx = 0, curveidx = 0;
- word32 seqSz, privSz, pubSz = ECC_BUFSIZE;
- if (key == NULL || (output == NULL && inLen == NULL))
- return BAD_FUNC_ARG;
- /* curve */
- curve[curveidx++] = ECC_PREFIX_0;
- curveidx++ /* to put the size after computation */;
- curveSz = SetCurve(key, curve+curveidx);
- if (curveSz < 0)
- return curveSz;
- /* set computed size */
- curve[1] = (byte)curveSz;
- curveidx += curveSz;
- /* private */
- privSz = key->dp->size;
- #ifdef WOLFSSL_QNX_CAAM
- /* check if is a black key, and add MAC size if so */
- if (key->blackKey > 0) {
- privSz = privSz + WC_CAAM_MAC_SZ;
- }
- #endif
- #ifndef WOLFSSL_NO_MALLOC
- prv = (byte*)XMALLOC(privSz + privHdrSz + MAX_SEQ_SZ,
- key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (prv == NULL) {
- return MEMORY_E;
- }
- #else
- if (sizeof(prv) < privSz + privHdrSz + MAX_SEQ_SZ) {
- return BUFFER_E;
- }
- #endif
- if (privSz < ASN_LONG_LENGTH) {
- prvidx += SetOctetString8Bit(privSz, &prv[prvidx]);
- }
- else {
- prvidx += SetOctetString(privSz, &prv[prvidx]);
- }
- ret = wc_ecc_export_private_only(key, prv + prvidx, &privSz);
- if (ret < 0) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- prvidx += privSz;
- /* pubIn */
- if (pubIn) {
- ret = wc_ecc_export_x963(key, NULL, &pubSz);
- if (ret != LENGTH_ONLY_E) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- #ifndef WOLFSSL_NO_MALLOC
- pub = (byte*)XMALLOC(pubSz + pubHdrSz + MAX_SEQ_SZ,
- key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (pub == NULL) {
- XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- return MEMORY_E;
- }
- #else
- if (sizeof(pub) < pubSz + pubHdrSz + MAX_SEQ_SZ) {
- return BUFFER_E;
- }
- #endif
- pub[pubidx++] = ECC_PREFIX_1;
- if (pubSz > 128) /* leading zero + extra size byte */
- pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 2, pub+pubidx);
- else /* leading zero */
- pubidx += SetLength(pubSz + ASN_ECC_CONTEXT_SZ + 1, pub+pubidx);
- /* SetBitString adds leading zero */
- pubidx += SetBitString(pubSz, 0, pub + pubidx);
- ret = wc_ecc_export_x963(key, pub + pubidx, &pubSz);
- if (ret != 0) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- pubidx += pubSz;
- }
- /* make headers */
- verSz = SetMyVersion(1, ver, FALSE);
- seqSz = SetSequence(verSz + prvidx + pubidx + curveidx, seq);
- totalSz = prvidx + pubidx + curveidx + verSz + seqSz;
- if (output == NULL) {
- *inLen = totalSz;
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (pub) {
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif
- return LENGTH_ONLY_E;
- }
- if (inLen != NULL && totalSz > (int)*inLen) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (pubIn) {
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- }
- #endif
- return BAD_FUNC_ARG;
- }
- /* write out */
- /* seq */
- XMEMCPY(output + idx, seq, seqSz);
- idx = seqSz;
- /* ver */
- XMEMCPY(output + idx, ver, verSz);
- idx += verSz;
- /* private */
- XMEMCPY(output + idx, prv, prvidx);
- idx += prvidx;
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(prv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- /* curve */
- XMEMCPY(output + idx, curve, curveidx);
- idx += curveidx;
- /* pubIn */
- if (pubIn) {
- XMEMCPY(output + idx, pub, pubidx);
- /* idx += pubidx; not used after write, if more data remove comment */
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- }
- return totalSz;
- }
- /* Write a Private ecc key, including public to DER format,
- * length on success else < 0 */
- int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen)
- {
- return wc_BuildEccKeyDer(key, output, &inLen, 1);
- }
- /* Write only private ecc key to DER format,
- * length on success else < 0 */
- int wc_EccKeyDerSize(ecc_key* key, int pub)
- {
- word32 sz = 0;
- int ret;
- ret = wc_BuildEccKeyDer(key, NULL, &sz, pub);
- if (ret != LENGTH_ONLY_E) {
- return ret;
- }
- return sz;
- }
- /* Write only private ecc key to DER format,
- * length on success else < 0 */
- int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen)
- {
- return wc_BuildEccKeyDer(key, output, &inLen, 0);
- }
- #ifdef HAVE_PKCS8
- /* Write only private ecc key or both private and public parts to unencrypted
- * PKCS#8 format.
- *
- * If output is NULL, places required PKCS#8 buffer size in outLen and
- * returns LENGTH_ONLY_E.
- *
- * return length on success else < 0 */
- static int eccToPKCS8(ecc_key* key, byte* output, word32* outLen,
- int includePublic)
- {
- int ret, tmpDerSz;
- int algoID = 0;
- word32 oidSz = 0;
- word32 pkcs8Sz = 0;
- const byte* curveOID = NULL;
- #ifdef WOLFSSL_NO_MALLOC
- byte tmpDer[ECC_BUFSIZE];
- #else
- byte* tmpDer = NULL;
- #endif
- word32 sz = ECC_BUFSIZE;
- if (key == NULL || key->dp == NULL || outLen == NULL)
- return BAD_FUNC_ARG;
- /* set algoID, get curve OID */
- algoID = ECDSAk;
- ret = wc_ecc_get_oid(key->dp->oidSum, &curveOID, &oidSz);
- if (ret < 0)
- return ret;
- #ifndef WOLFSSL_NO_MALLOC
- /* temp buffer for plain DER key */
- tmpDer = (byte*)XMALLOC(ECC_BUFSIZE, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- if (tmpDer == NULL)
- return MEMORY_E;
- #endif
- XMEMSET(tmpDer, 0, ECC_BUFSIZE);
- tmpDerSz = wc_BuildEccKeyDer(key, tmpDer, &sz, includePublic);
- if (tmpDerSz < 0) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return tmpDerSz;
- }
- /* get pkcs8 expected output size */
- ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, tmpDer, tmpDerSz, algoID,
- curveOID, oidSz);
- if (ret != LENGTH_ONLY_E) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- if (output == NULL) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- *outLen = pkcs8Sz;
- return LENGTH_ONLY_E;
- }
- else if (*outLen < pkcs8Sz) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- WOLFSSL_MSG("Input buffer too small for ECC PKCS#8 key");
- return BUFFER_E;
- }
- ret = wc_CreatePKCS8Key(output, &pkcs8Sz, tmpDer, tmpDerSz,
- algoID, curveOID, oidSz);
- if (ret < 0) {
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- return ret;
- }
- #ifndef WOLFSSL_NO_MALLOC
- XFREE(tmpDer, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
- #endif
- *outLen = ret;
- return ret;
- }
- /* Write only private ecc key to unencrypted PKCS#8 format.
- *
- * return length on success else < 0 */
- int wc_EccPrivateKeyToPKCS8(ecc_key* key, byte* output, word32* outLen)
- {
- return eccToPKCS8(key, output, outLen, 0);
- }
- /* Write both private and public ecc keys to unencrypted PKCS#8 format.
- *
- * return length on success else < 0 */
- int wc_EccKeyToPKCS8(ecc_key* key, byte* output,
- word32* outLen)
- {
- return eccToPKCS8(key, output, outLen, 1);
- }
- #endif /* HAVE_PKCS8 */
- #endif /* HAVE_ECC_KEY_EXPORT && !NO_ASN_CRYPT */
- #endif /* HAVE_ECC */
- #ifdef HAVE_ED25519
- int wc_Ed25519PrivateKeyDecode(const byte* input, word32* inOutIdx,
- ed25519_key* key, word32 inSz)
- {
- word32 oid;
- int ret, version, length, endKeyIdx, privSz, pubSz;
- const byte* priv;
- const byte* pub;
- if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) >= 0) {
- endKeyIdx = *inOutIdx + length;
- if (GetMyVersion(input, inOutIdx, &version, inSz) < 0)
- return ASN_PARSE_E;
- if (version != 0) {
- WOLFSSL_MSG("Unrecognized version of ED25519 private key");
- return ASN_PARSE_E;
- }
- if (GetAlgoId(input, inOutIdx, &oid, oidKeyType, inSz) < 0)
- return ASN_PARSE_E;
- if (oid != ED25519k)
- return ASN_PARSE_E;
- if (GetOctetString(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetOctetString(input, inOutIdx, &privSz, inSz) < 0)
- return ASN_PARSE_E;
- priv = input + *inOutIdx;
- *inOutIdx += privSz;
- }
- else {
- if (GetOctetString(input, inOutIdx, &privSz, inSz) < 0)
- return ASN_PARSE_E;
- if (privSz != 32)
- return ASN_PARSE_E;
- priv = input + *inOutIdx;
- *inOutIdx += privSz;
- endKeyIdx = *inOutIdx;
- }
- if (endKeyIdx == (int)*inOutIdx) {
- ret = wc_ed25519_import_private_only(priv, privSz, key);
- }
- else {
- if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1,
- inOutIdx, &length, inSz) < 0) {
- return ASN_PARSE_E;
- }
- if (GetOctetString(input, inOutIdx, &pubSz, inSz) < 0)
- return ASN_PARSE_E;
- pub = input + *inOutIdx;
- *inOutIdx += pubSz;
- ret = wc_ed25519_import_private_key(priv, privSz, pub, pubSz, key);
- }
- if (ret == 0 && endKeyIdx != (int)*inOutIdx)
- return ASN_PARSE_E;
- return ret;
- }
- int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
- ed25519_key* key, word32 inSz)
- {
- int length;
- int ret;
- if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- ret = SkipObjectId(input, inOutIdx, inSz);
- if (ret != 0)
- return ret;
- /* key header */
- ret = CheckBitString(input, inOutIdx, NULL, inSz, 1, NULL);
- if (ret != 0)
- return ret;
- /* This is the raw point data compressed or uncompressed. */
- if (wc_ed25519_import_public(input + *inOutIdx, inSz - *inOutIdx, key) != 0)
- return ASN_ECC_KEY_E;
- return 0;
- }
- #ifdef WOLFSSL_KEY_GEN
- /* build DER formatted ED25519 key,
- * return length on success, negative on error */
- static int wc_BuildEd25519KeyDer(ed25519_key* key, byte* output, word32 inLen,
- int pubOut)
- {
- byte algoArray[MAX_ALGO_SZ];
- byte ver[MAX_VERSION_SZ];
- byte seq[MAX_SEQ_SZ];
- int ret;
- word32 idx = 0, seqSz, verSz, algoSz, privSz, pubSz = 0;
- if (key == NULL || output == NULL || inLen == 0)
- return BAD_FUNC_ARG;
- if (pubOut)
- pubSz = 2 + 2 + ED25519_PUB_KEY_SIZE;
- privSz = 2 + 2 + ED25519_KEY_SIZE;
- algoSz = SetAlgoID(ED25519k, algoArray, oidKeyType, 0);
- verSz = SetMyVersion(0, ver, FALSE);
- seqSz = SetSequence(verSz + algoSz + privSz + pubSz, seq);
- if (seqSz + verSz + algoSz + privSz + pubSz > inLen)
- return BAD_FUNC_ARG;
- /* write out */
- /* seq */
- XMEMCPY(output + idx, seq, seqSz);
- idx = seqSz;
- /* ver */
- XMEMCPY(output + idx, ver, verSz);
- idx += verSz;
- /* algo */
- XMEMCPY(output + idx, algoArray, algoSz);
- idx += algoSz;
- /* privKey */
- idx += SetOctetString(2 + ED25519_KEY_SIZE, output + idx);
- idx += SetOctetString(ED25519_KEY_SIZE, output + idx);
- ret = wc_ed25519_export_private_only(key, output + idx, &privSz);
- if (ret != 0)
- return ret;
- idx += privSz;
- /* pubKey */
- if (pubOut) {
- idx += SetExplicit(1, 2 + ED25519_PUB_KEY_SIZE, output + idx);
- idx += SetOctetString(ED25519_KEY_SIZE, output + idx);
- ret = wc_ed25519_export_public(key, output + idx, &pubSz);
- if (ret != 0)
- return ret;
- idx += pubSz;
- }
- return idx;
- }
- /* Write a Private ecc key, including public to DER format,
- * length on success else < 0 */
- int wc_Ed25519KeyToDer(ed25519_key* key, byte* output, word32 inLen)
- {
- return wc_BuildEd25519KeyDer(key, output, inLen, 1);
- }
- /* Write only private ecc key to DER format,
- * length on success else < 0 */
- int wc_Ed25519PrivateKeyToDer(ed25519_key* key, byte* output, word32 inLen)
- {
- return wc_BuildEd25519KeyDer(key, output, inLen, 0);
- }
- #endif /* WOLFSSL_KEY_GEN */
- #endif /* HAVE_ED25519 */
- #ifdef HAVE_ED448
- int wc_Ed448PrivateKeyDecode(const byte* input, word32* inOutIdx,
- ed448_key* key, word32 inSz)
- {
- word32 oid;
- int ret, version, length, endKeyIdx, privSz, pubSz;
- const byte* priv;
- const byte* pub;
- if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) >= 0) {
- endKeyIdx = *inOutIdx + length;
- if (GetMyVersion(input, inOutIdx, &version, inSz) < 0)
- return ASN_PARSE_E;
- if (version != 0) {
- WOLFSSL_MSG("Unrecognized version of ED448 private key");
- return ASN_PARSE_E;
- }
- if (GetAlgoId(input, inOutIdx, &oid, oidKeyType, inSz) < 0)
- return ASN_PARSE_E;
- if (oid != ED448k)
- return ASN_PARSE_E;
- if (GetOctetString(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetOctetString(input, inOutIdx, &privSz, inSz) < 0)
- return ASN_PARSE_E;
- priv = input + *inOutIdx;
- *inOutIdx += privSz;
- }
- else {
- if (GetOctetString(input, inOutIdx, &privSz, inSz) < 0)
- return ASN_PARSE_E;
- if (privSz != 57)
- return ASN_PARSE_E;
- priv = input + *inOutIdx;
- *inOutIdx += privSz;
- endKeyIdx = *inOutIdx;
- }
- if (endKeyIdx == (int)*inOutIdx) {
- ret = wc_ed448_import_private_only(priv, privSz, key);
- }
- else {
- if (GetASNHeader(input, ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1,
- inOutIdx, &length, inSz) < 0) {
- return ASN_PARSE_E;
- }
- if (GetOctetString(input, inOutIdx, &pubSz, inSz) < 0)
- return ASN_PARSE_E;
- pub = input + *inOutIdx;
- *inOutIdx += pubSz;
- ret = wc_ed448_import_private_key(priv, privSz, pub, pubSz, key);
- }
- if (ret == 0 && endKeyIdx != (int)*inOutIdx)
- return ASN_PARSE_E;
- return ret;
- }
- int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx,
- ed448_key* key, word32 inSz)
- {
- int length;
- int ret;
- if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
- return BAD_FUNC_ARG;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- if (GetSequence(input, inOutIdx, &length, inSz) < 0)
- return ASN_PARSE_E;
- ret = SkipObjectId(input, inOutIdx, inSz);
- if (ret != 0)
- return ret;
- /* key header */
- ret = CheckBitString(input, inOutIdx, NULL, inSz, 1, NULL);
- if (ret != 0)
- return ret;
- /* This is the raw point data compressed or uncompressed. */
- if (wc_ed448_import_public(input + *inOutIdx, inSz - *inOutIdx, key) != 0)
- return ASN_ECC_KEY_E;
- return 0;
- }
- #ifdef WOLFSSL_KEY_GEN
- /* build DER formatted ED448 key,
- * return length on success, negative on error */
- static int wc_BuildEd448KeyDer(ed448_key* key, byte* output, word32 inLen,
- int pubOut)
- {
- byte algoArray[MAX_ALGO_SZ];
- byte ver[MAX_VERSION_SZ];
- byte seq[MAX_SEQ_SZ];
- int ret;
- word32 idx = 0, seqSz, verSz, algoSz, privSz, pubSz = 0;
- if (key == NULL || output == NULL || inLen == 0)
- return BAD_FUNC_ARG;
- if (pubOut) {
- pubSz = 2 + 2 + ED448_PUB_KEY_SIZE;
- }
- privSz = 2 + 2 + ED448_KEY_SIZE;
- algoSz = SetAlgoID(ED448k, algoArray, oidKeyType, 0);
- verSz = SetMyVersion(0, ver, FALSE);
- seqSz = SetSequence(verSz + algoSz + privSz + pubSz, seq);
- if (seqSz + verSz + algoSz + privSz + pubSz > inLen)
- return BAD_FUNC_ARG;
- /* write out */
- /* seq */
- XMEMCPY(output + idx, seq, seqSz);
- idx = seqSz;
- /* ver */
- XMEMCPY(output + idx, ver, verSz);
- idx += verSz;
- /* algo */
- XMEMCPY(output + idx, algoArray, algoSz);
- idx += algoSz;
- /* privKey */
- idx += SetOctetString(2 + ED448_KEY_SIZE, output + idx);
- idx += SetOctetString(ED448_KEY_SIZE, output + idx);
- ret = wc_ed448_export_private_only(key, output + idx, &privSz);
- if (ret != 0)
- return ret;
- idx += privSz;
- /* pubKey */
- if (pubOut) {
- idx += SetExplicit(1, 2 + ED448_PUB_KEY_SIZE, output + idx);
- idx += SetOctetString(ED448_KEY_SIZE, output + idx);
- ret = wc_ed448_export_public(key, output + idx, &pubSz);
- if (ret != 0)
- return ret;
- idx += pubSz;
- }
- return idx;
- }
- /* Write a Private ecc key, including public to DER format,
- * length on success else < 0 */
- int wc_Ed448KeyToDer(ed448_key* key, byte* output, word32 inLen)
- {
- return wc_BuildEd448KeyDer(key, output, inLen, 1);
- }
- /* Write only private ecc key to DER format,
- * length on success else < 0 */
- int wc_Ed448PrivateKeyToDer(ed448_key* key, byte* output, word32 inLen)
- {
- return wc_BuildEd448KeyDer(key, output, inLen, 0);
- }
- #endif /* WOLFSSL_KEY_GEN */
- #endif /* HAVE_ED448 */
- #if defined(HAVE_OCSP) || defined(HAVE_CRL)
- /* Get raw Date only, no processing, 0 on success */
- static int GetBasicDate(const byte* source, word32* idx, byte* date,
- byte* format, int maxIdx)
- {
- int ret, length;
- const byte *datePtr = NULL;
- WOLFSSL_ENTER("GetBasicDate");
- ret = GetDateInfo(source, idx, &datePtr, format, &length, maxIdx);
- if (ret < 0)
- return ret;
- XMEMCPY(date, datePtr, length);
- return 0;
- }
- #endif /* HAVE_OCSP || HAVE_CRL */
- #ifdef HAVE_OCSP
- static int GetEnumerated(const byte* input, word32* inOutIdx, int *value,
- int sz)
- {
- word32 idx = *inOutIdx;
- word32 len;
- byte tag;
- WOLFSSL_ENTER("GetEnumerated");
- *value = 0;
- if (GetASNTag(input, &idx, &tag, sz) < 0)
- return ASN_PARSE_E;
- if (tag != ASN_ENUMERATED)
- return ASN_PARSE_E;
- if ((int)idx >= sz)
- return BUFFER_E;
- len = input[idx++];
- if (len > 4 || (int)(len + idx) > sz)
- return ASN_PARSE_E;
- while (len--) {
- *value = *value << 8 | input[idx++];
- }
- *inOutIdx = idx;
- return *value;
- }
- static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
- int wrapperSz, OcspEntry* single)
- {
- word32 idx = *ioIndex, prevIndex, oid, localIdx, certIdIdx;
- int length;
- int ret;
- byte tag;
- WOLFSSL_ENTER("DecodeSingleResponse");
- prevIndex = idx;
- /* Wrapper around the Single Response */
- if (GetSequence(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- /* Wrapper around the CertID */
- certIdIdx = idx;
- if (GetSequence(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- single->rawCertId = source + certIdIdx;
- /* Hash algorithm */
- ret = GetAlgoId(source, &idx, &oid, oidIgnoreType, size);
- if (ret < 0)
- return ret;
- single->hashAlgoOID = oid;
- /* Save reference to the hash of CN */
- ret = GetOctetString(source, &idx, &length, size);
- if (ret < 0)
- return ret;
- XMEMCPY(single->issuerHash, source + idx, length);
- idx += length;
- /* Save reference to the hash of the issuer public key */
- ret = GetOctetString(source, &idx, &length, size);
- if (ret < 0)
- return ret;
- XMEMCPY(single->issuerKeyHash, source + idx, length);
- idx += length;
- /* Get serial number */
- if (GetSerialNumber(source, &idx, single->status->serial, &single->status->serialSz, size) < 0)
- return ASN_PARSE_E;
- single->rawCertIdSize = idx - certIdIdx;
- if (idx >= size)
- return BUFFER_E;
- /* CertStatus */
- switch (source[idx++])
- {
- case (ASN_CONTEXT_SPECIFIC | CERT_GOOD):
- single->status->status = CERT_GOOD;
- idx++;
- break;
- case (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CERT_REVOKED):
- single->status->status = CERT_REVOKED;
- if (GetLength(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- idx += length;
- break;
- case (ASN_CONTEXT_SPECIFIC | CERT_UNKNOWN):
- single->status->status = CERT_UNKNOWN;
- idx++;
- break;
- default:
- return ASN_PARSE_E;
- }
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
- single->status->thisDateAsn = source + idx;
- localIdx = 0;
- if (GetDateInfo(single->status->thisDateAsn, &localIdx, NULL,
- (byte*)&single->status->thisDateParsed.type,
- &single->status->thisDateParsed.length, size) < 0)
- return ASN_PARSE_E;
- XMEMCPY(single->status->thisDateParsed.data,
- single->status->thisDateAsn + localIdx - single->status->thisDateParsed.length,
- single->status->thisDateParsed.length);
- #endif
- if (GetBasicDate(source, &idx, single->status->thisDate,
- &single->status->thisDateFormat, size) < 0)
- return ASN_PARSE_E;
- #ifndef NO_ASN_TIME
- #ifndef WOLFSSL_NO_OCSP_DATE_CHECK
- if (!XVALIDATE_DATE(single->status->thisDate, single->status->thisDateFormat, BEFORE))
- return ASN_BEFORE_DATE_E;
- #endif
- #endif
- /* The following items are optional. Only check for them if there is more
- * unprocessed data in the singleResponse wrapper. */
- localIdx = idx;
- if (((int)(idx - prevIndex) < wrapperSz) &&
- GetASNTag(source, &localIdx, &tag, size) == 0 &&
- tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
- {
- idx++;
- if (GetLength(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
- single->status->nextDateAsn = source + idx;
- localIdx = 0;
- if (GetDateInfo(single->status->nextDateAsn, &localIdx, NULL,
- (byte*)&single->status->nextDateParsed.type,
- &single->status->nextDateParsed.length, size) < 0)
- return ASN_PARSE_E;
- XMEMCPY(single->status->nextDateParsed.data,
- single->status->nextDateAsn + localIdx - single->status->nextDateParsed.length,
- single->status->nextDateParsed.length);
- #endif
- if (GetBasicDate(source, &idx, single->status->nextDate,
- &single->status->nextDateFormat, size) < 0)
- return ASN_PARSE_E;
- #ifndef NO_ASN_TIME
- #ifndef WOLFSSL_NO_OCSP_DATE_CHECK
- if (!XVALIDATE_DATE(single->status->nextDate, single->status->nextDateFormat, AFTER))
- return ASN_AFTER_DATE_E;
- #endif
- #endif
- }
- /* Skip the optional extensions in singleResponse. */
- localIdx = idx;
- if (((int)(idx - prevIndex) < wrapperSz) &&
- GetASNTag(source, &localIdx, &tag, size) == 0 &&
- tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
- {
- idx++;
- if (GetLength(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- idx += length;
- }
- *ioIndex = idx;
- return 0;
- }
- static int DecodeOcspRespExtensions(byte* source,
- word32* ioIndex, OcspResponse* resp, word32 sz)
- {
- word32 idx = *ioIndex;
- int length;
- int ext_bound; /* boundary index for the sequence of extensions */
- word32 oid;
- int ret;
- byte tag;
- WOLFSSL_ENTER("DecodeOcspRespExtensions");
- if ((idx + 1) > sz)
- return BUFFER_E;
- if (GetASNTag(source, &idx, &tag, sz) < 0)
- return ASN_PARSE_E;
- if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
- return ASN_PARSE_E;
- if (GetLength(source, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (GetSequence(source, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- ext_bound = idx + length;
- while (idx < (word32)ext_bound) {
- word32 localIdx;
- if (GetSequence(source, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE");
- return ASN_PARSE_E;
- }
- oid = 0;
- if (GetObjectId(source, &idx, &oid, oidOcspType, sz) < 0) {
- WOLFSSL_MSG("\tfail: OBJECT ID");
- return ASN_PARSE_E;
- }
- /* check for critical flag */
- if ((idx + 1) > (word32)sz) {
- WOLFSSL_MSG("\tfail: malformed buffer");
- return BUFFER_E;
- }
- localIdx = idx;
- if (GetASNTag(source, &localIdx, &tag, sz) == 0 && tag == ASN_BOOLEAN) {
- WOLFSSL_MSG("\tfound optional critical flag, moving past");
- ret = GetBoolean(source, &idx, sz);
- if (ret < 0)
- return ret;
- }
- ret = GetOctetString(source, &idx, &length, sz);
- if (ret < 0)
- return ret;
- if (oid == OCSP_NONCE_OID) {
- /* get data inside extra OCTET_STRING */
- ret = GetOctetString(source, &idx, &length, sz);
- if (ret < 0)
- return ret;
- resp->nonce = source + idx;
- resp->nonceSz = length;
- }
- idx += length;
- }
- *ioIndex = idx;
- return 0;
- }
- static int DecodeResponseData(byte* source,
- word32* ioIndex, OcspResponse* resp, word32 size)
- {
- word32 idx = *ioIndex, prev_idx, localIdx;
- int length;
- int version;
- int ret;
- byte tag;
- int wrapperSz;
- OcspEntry* single;
- WOLFSSL_ENTER("DecodeResponseData");
- resp->response = source + idx;
- prev_idx = idx;
- if (GetSequence(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- resp->responseSz = length + idx - prev_idx;
- /* Get version. It is an EXPLICIT[0] DEFAULT(0) value. If this
- * item isn't an EXPLICIT[0], then set version to zero and move
- * onto the next item.
- */
- localIdx = idx;
- if (GetASNTag(source, &localIdx, &tag, size) == 0 &&
- tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED))
- {
- idx += 2; /* Eat the value and length */
- if (GetMyVersion(source, &idx, &version, size) < 0)
- return ASN_PARSE_E;
- } else
- version = 0;
- localIdx = idx;
- if (GetASNTag(source, &localIdx, &tag, size) == 0 &&
- ( tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1) ||
- tag == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 2) ))
- {
- idx++; /* advance past ASN tag */
- if (GetLength(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- idx += length;
- }
- else
- return ASN_PARSE_E;
- /* save pointer to the producedAt time */
- if (GetBasicDate(source, &idx, resp->producedDate,
- &resp->producedDateFormat, size) < 0)
- return ASN_PARSE_E;
- /* Outer wrapper of the SEQUENCE OF Single Responses. */
- if (GetSequence(source, &idx, &wrapperSz, size) < 0)
- return ASN_PARSE_E;
- localIdx = idx;
- single = resp->single;
- while (idx - localIdx < (word32)wrapperSz) {
- ret = DecodeSingleResponse(source, &idx, size, wrapperSz, single);
- if (ret < 0)
- return ret; /* ASN_PARSE_E, ASN_BEFORE_DATE_E, ASN_AFTER_DATE_E */
- if (idx - localIdx < (word32)wrapperSz) {
- single->next = (OcspEntry*)XMALLOC(sizeof(OcspEntry), resp->heap,
- DYNAMIC_TYPE_OCSP_ENTRY);
- if (single->next == NULL) {
- return MEMORY_E;
- }
- single = single->next;
- XMEMSET(single, 0, sizeof(OcspEntry));
- single->isDynamic = 1;
- }
- }
- /*
- * Check the length of the ResponseData against the current index to
- * see if there are extensions, they are optional.
- */
- if (idx - prev_idx < resp->responseSz)
- if (DecodeOcspRespExtensions(source, &idx, resp, size) < 0)
- return ASN_PARSE_E;
- *ioIndex = idx;
- return 0;
- }
- #ifndef WOLFSSL_NO_OCSP_OPTIONAL_CERTS
- static int DecodeCerts(byte* source,
- word32* ioIndex, OcspResponse* resp, word32 size)
- {
- word32 idx = *ioIndex;
- byte tag;
- WOLFSSL_ENTER("DecodeCerts");
- if (GetASNTag(source, &idx, &tag, size) < 0)
- return ASN_PARSE_E;
- if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC))
- {
- int length;
- if (GetLength(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- if (GetSequence(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- resp->cert = source + idx;
- resp->certSz = length;
- idx += length;
- }
- *ioIndex = idx;
- return 0;
- }
- #endif /* WOLFSSL_NO_OCSP_OPTIONAL_CERTS */
- static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
- OcspResponse* resp, word32 size, void* cm, void* heap, int noVerify)
- {
- int length;
- word32 idx = *ioIndex;
- word32 end_index;
- int ret;
- int sigLength;
- WOLFSSL_ENTER("DecodeBasicOcspResponse");
- (void)heap;
- if (GetSequence(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- if (idx + length > size)
- return ASN_INPUT_E;
- end_index = idx + length;
- if ((ret = DecodeResponseData(source, &idx, resp, size)) < 0)
- return ret; /* ASN_PARSE_E, ASN_BEFORE_DATE_E, ASN_AFTER_DATE_E */
- /* Get the signature algorithm */
- if (GetAlgoId(source, &idx, &resp->sigOID, oidSigType, size) < 0)
- return ASN_PARSE_E;
- ret = CheckBitString(source, &idx, &sigLength, size, 1, NULL);
- if (ret != 0)
- return ret;
- resp->sigSz = sigLength;
- resp->sig = source + idx;
- idx += sigLength;
- /*
- * Check the length of the BasicOcspResponse against the current index to
- * see if there are certificates, they are optional.
- */
- #ifndef WOLFSSL_NO_OCSP_OPTIONAL_CERTS
- if (idx < end_index)
- {
- DecodedCert cert;
- if (DecodeCerts(source, &idx, resp, size) < 0)
- return ASN_PARSE_E;
- InitDecodedCert(&cert, resp->cert, resp->certSz, heap);
- /* Don't verify if we don't have access to Cert Manager. */
- ret = ParseCertRelative(&cert, CERT_TYPE,
- noVerify ? NO_VERIFY : VERIFY_OCSP, cm);
- if (ret < 0) {
- WOLFSSL_MSG("\tOCSP Responder certificate parsing failed");
- FreeDecodedCert(&cert);
- return ret;
- }
- #ifndef WOLFSSL_NO_OCSP_ISSUER_CHECK
- if ((cert.extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) == 0) {
- if (XMEMCMP(cert.subjectHash,
- resp->single->issuerHash, OCSP_DIGEST_SIZE) == 0) {
- WOLFSSL_MSG("\tOCSP Response signed by issuer");
- }
- else {
- WOLFSSL_MSG("\tOCSP Responder key usage check failed");
- #ifdef OPENSSL_EXTRA
- resp->verifyError = OCSP_BAD_ISSUER;
- #else
- FreeDecodedCert(&cert);
- return BAD_OCSP_RESPONDER;
- #endif
- }
- }
- #endif
- /* ConfirmSignature is blocking here */
- ret = ConfirmSignature(&cert.sigCtx,
- resp->response, resp->responseSz,
- cert.publicKey, cert.pubKeySize, cert.keyOID,
- resp->sig, resp->sigSz, resp->sigOID, NULL);
- FreeDecodedCert(&cert);
- if (ret != 0) {
- WOLFSSL_MSG("\tOCSP Confirm signature failed");
- return ASN_OCSP_CONFIRM_E;
- }
- }
- else
- #endif /* WOLFSSL_NO_OCSP_OPTIONAL_CERTS */
- {
- Signer* ca;
- int sigValid = -1;
- #ifndef NO_SKID
- ca = GetCA(cm, resp->single->issuerKeyHash);
- #else
- ca = GetCA(cm, resp->single->issuerHash);
- #endif
- if (ca) {
- SignatureCtx sigCtx;
- InitSignatureCtx(&sigCtx, heap, INVALID_DEVID);
- /* ConfirmSignature is blocking here */
- sigValid = ConfirmSignature(&sigCtx, resp->response,
- resp->responseSz, ca->publicKey, ca->pubKeySize, ca->keyOID,
- resp->sig, resp->sigSz, resp->sigOID, NULL);
- }
- if (ca == NULL || sigValid != 0) {
- WOLFSSL_MSG("\tOCSP Confirm signature failed");
- return ASN_OCSP_CONFIRM_E;
- }
- (void)noVerify;
- }
- *ioIndex = idx;
- return 0;
- }
- void InitOcspResponse(OcspResponse* resp, OcspEntry* single, CertStatus* status,
- byte* source, word32 inSz, void* heap)
- {
- WOLFSSL_ENTER("InitOcspResponse");
- XMEMSET(status, 0, sizeof(CertStatus));
- XMEMSET(single, 0, sizeof(OcspEntry));
- XMEMSET(resp, 0, sizeof(OcspResponse));
- single->status = status;
- resp->responseStatus = -1;
- resp->single = single;
- resp->source = source;
- resp->maxIdx = inSz;
- resp->heap = heap;
- }
- void FreeOcspResponse(OcspResponse* resp)
- {
- OcspEntry *single, *next;
- for (single = resp->single; single; single = next) {
- next = single->next;
- if (single->isDynamic)
- XFREE(single, resp->heap, DYNAMIC_TYPE_OCSP_ENTRY);
- }
- }
- int OcspResponseDecode(OcspResponse* resp, void* cm, void* heap, int noVerify)
- {
- int ret;
- int length = 0;
- word32 idx = 0;
- byte* source = resp->source;
- word32 size = resp->maxIdx;
- word32 oid;
- byte tag;
- WOLFSSL_ENTER("OcspResponseDecode");
- /* peel the outer SEQUENCE wrapper */
- if (GetSequence(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- /* First get the responseStatus, an ENUMERATED */
- if (GetEnumerated(source, &idx, &resp->responseStatus, size) < 0)
- return ASN_PARSE_E;
- if (resp->responseStatus != OCSP_SUCCESSFUL)
- return 0;
- /* Next is an EXPLICIT record called ResponseBytes, OPTIONAL */
- if (idx >= size)
- return ASN_INPUT_E;
- if (GetASNTag(source, &idx, &tag, size) < 0)
- return ASN_PARSE_E;
- if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC))
- return ASN_PARSE_E;
- if (GetLength(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- /* Get the responseBytes SEQUENCE */
- if (GetSequence(source, &idx, &length, size) < 0)
- return ASN_PARSE_E;
- /* Check ObjectID for the resposeBytes */
- if (GetObjectId(source, &idx, &oid, oidOcspType, size) < 0)
- return ASN_PARSE_E;
- if (oid != OCSP_BASIC_OID)
- return ASN_PARSE_E;
- ret = GetOctetString(source, &idx, &length, size);
- if (ret < 0)
- return ret;
- ret = DecodeBasicOcspResponse(source, &idx, resp, size, cm, heap, noVerify);
- if (ret < 0)
- return ret;
- return 0;
- }
- word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
- {
- const byte NonceObjId[] = { 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07,
- 0x30, 0x01, 0x02 };
- byte seqArray[5][MAX_SEQ_SZ];
- word32 seqSz[5], totalSz = (word32)sizeof(NonceObjId);
- WOLFSSL_ENTER("SetOcspReqExtensions");
- if (!req || !output || !req->nonceSz)
- return 0;
- totalSz += req->nonceSz;
- totalSz += seqSz[0] = SetOctetString(req->nonceSz, seqArray[0]);
- totalSz += seqSz[1] = SetOctetString(req->nonceSz + seqSz[0], seqArray[1]);
- totalSz += seqSz[2] = SetObjectId(sizeof(NonceObjId), seqArray[2]);
- totalSz += seqSz[3] = SetSequence(totalSz, seqArray[3]);
- totalSz += seqSz[4] = SetSequence(totalSz, seqArray[4]);
- if (totalSz > size)
- return 0;
- totalSz = 0;
- XMEMCPY(output + totalSz, seqArray[4], seqSz[4]);
- totalSz += seqSz[4];
- XMEMCPY(output + totalSz, seqArray[3], seqSz[3]);
- totalSz += seqSz[3];
- XMEMCPY(output + totalSz, seqArray[2], seqSz[2]);
- totalSz += seqSz[2];
- XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId));
- totalSz += (word32)sizeof(NonceObjId);
- XMEMCPY(output + totalSz, seqArray[1], seqSz[1]);
- totalSz += seqSz[1];
- XMEMCPY(output + totalSz, seqArray[0], seqSz[0]);
- totalSz += seqSz[0];
- XMEMCPY(output + totalSz, req->nonce, req->nonceSz);
- totalSz += req->nonceSz;
- return totalSz;
- }
- int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
- {
- byte seqArray[5][MAX_SEQ_SZ];
- /* The ASN.1 of the OCSP Request is an onion of sequences */
- byte algoArray[MAX_ALGO_SZ];
- byte issuerArray[MAX_ENCODED_DIG_SZ];
- byte issuerKeyArray[MAX_ENCODED_DIG_SZ];
- byte snArray[MAX_SN_SZ];
- byte extArray[MAX_OCSP_EXT_SZ];
- word32 seqSz[5], algoSz, issuerSz, issuerKeySz, extSz, totalSz;
- int i, snSz;
- WOLFSSL_ENTER("EncodeOcspRequest");
- #ifdef NO_SHA
- algoSz = SetAlgoID(SHA256h, algoArray, oidHashType, 0);
- #else
- algoSz = SetAlgoID(SHAh, algoArray, oidHashType, 0);
- #endif
- issuerSz = SetDigest(req->issuerHash, KEYID_SIZE, issuerArray);
- issuerKeySz = SetDigest(req->issuerKeyHash, KEYID_SIZE, issuerKeyArray);
- snSz = SetSerialNumber(req->serial, req->serialSz, snArray,
- MAX_SN_SZ, MAX_SN_SZ);
- extSz = 0;
- if (snSz < 0)
- return snSz;
- if (req->nonceSz) {
- /* TLS Extensions use this function too - put extensions after
- * ASN.1: Context Specific [2].
- */
- extSz = EncodeOcspRequestExtensions(req, extArray + 2,
- OCSP_NONCE_EXT_SZ);
- extSz += SetExplicit(2, extSz, extArray);
- }
- totalSz = algoSz + issuerSz + issuerKeySz + snSz;
- for (i = 4; i >= 0; i--) {
- seqSz[i] = SetSequence(totalSz, seqArray[i]);
- totalSz += seqSz[i];
- if (i == 2) totalSz += extSz;
- }
- if (output == NULL)
- return totalSz;
- if (totalSz > size)
- return BUFFER_E;
- totalSz = 0;
- for (i = 0; i < 5; i++) {
- XMEMCPY(output + totalSz, seqArray[i], seqSz[i]);
- totalSz += seqSz[i];
- }
- XMEMCPY(output + totalSz, algoArray, algoSz);
- totalSz += algoSz;
- XMEMCPY(output + totalSz, issuerArray, issuerSz);
- totalSz += issuerSz;
- XMEMCPY(output + totalSz, issuerKeyArray, issuerKeySz);
- totalSz += issuerKeySz;
- XMEMCPY(output + totalSz, snArray, snSz);
- totalSz += snSz;
- if (extSz != 0) {
- XMEMCPY(output + totalSz, extArray, extSz);
- totalSz += extSz;
- }
- return totalSz;
- }
- int InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce,
- void* heap)
- {
- int ret;
- WOLFSSL_ENTER("InitOcspRequest");
- if (req == NULL)
- return BAD_FUNC_ARG;
- ForceZero(req, sizeof(OcspRequest));
- req->heap = heap;
- if (cert) {
- XMEMCPY(req->issuerHash, cert->issuerHash, KEYID_SIZE);
- XMEMCPY(req->issuerKeyHash, cert->issuerKeyHash, KEYID_SIZE);
- req->serial = (byte*)XMALLOC(cert->serialSz, req->heap,
- DYNAMIC_TYPE_OCSP_REQUEST);
- if (req->serial == NULL)
- return MEMORY_E;
- XMEMCPY(req->serial, cert->serial, cert->serialSz);
- req->serialSz = cert->serialSz;
- if (cert->extAuthInfoSz != 0 && cert->extAuthInfo != NULL) {
- req->url = (byte*)XMALLOC(cert->extAuthInfoSz + 1, req->heap,
- DYNAMIC_TYPE_OCSP_REQUEST);
- if (req->url == NULL) {
- XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP);
- return MEMORY_E;
- }
- XMEMCPY(req->url, cert->extAuthInfo, cert->extAuthInfoSz);
- req->urlSz = cert->extAuthInfoSz;
- req->url[req->urlSz] = 0;
- }
- }
- if (useNonce) {
- WC_RNG rng;
- #ifndef HAVE_FIPS
- ret = wc_InitRng_ex(&rng, req->heap, INVALID_DEVID);
- #else
- ret = wc_InitRng(&rng);
- #endif
- if (ret != 0) {
- WOLFSSL_MSG("\tCannot initialize RNG. Skipping the OSCP Nonce.");
- } else {
- if (wc_RNG_GenerateBlock(&rng, req->nonce, MAX_OCSP_NONCE_SZ) != 0)
- WOLFSSL_MSG("\tCannot run RNG. Skipping the OSCP Nonce.");
- else
- req->nonceSz = MAX_OCSP_NONCE_SZ;
- wc_FreeRng(&rng);
- }
- }
- return 0;
- }
- void FreeOcspRequest(OcspRequest* req)
- {
- WOLFSSL_ENTER("FreeOcspRequest");
- if (req) {
- if (req->serial)
- XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
- req->serial = NULL;
- #ifdef OPENSSL_EXTRA
- if (req->serialInt) {
- if (req->serialInt->isDynamic) {
- XFREE(req->serialInt->data, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- XFREE(req->serialInt, NULL, DYNAMIC_TYPE_OPENSSL);
- }
- req->serialInt = NULL;
- #endif
- if (req->url)
- XFREE(req->url, req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
- req->url = NULL;
- }
- }
- int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
- {
- int cmp = -1; /* default as not matching, cmp gets set on each check */
- OcspEntry *single, *next, *prev = NULL, *top;
- WOLFSSL_ENTER("CompareOcspReqResp");
- if (req == NULL) {
- WOLFSSL_MSG("\tReq missing");
- return -1;
- }
- if (resp == NULL || resp->single == NULL) {
- WOLFSSL_MSG("\tResp missing");
- return 1;
- }
- /* Nonces are not critical. The responder may not necessarily add
- * the nonce to the response. */
- if (req->nonceSz && resp->nonce != NULL
- #ifndef WOLFSSL_FORCE_OCSP_NONCE_CHECK
- && resp->nonceSz != 0
- #endif
- ) {
- cmp = req->nonceSz - resp->nonceSz;
- if (cmp != 0) {
- WOLFSSL_MSG("\tnonceSz mismatch");
- return cmp;
- }
- cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz);
- if (cmp != 0) {
- WOLFSSL_MSG("\tnonce mismatch");
- return cmp;
- }
- }
- /* match based on found status and return */
- for (single = resp->single; single; single = next) {
- cmp = req->serialSz - single->status->serialSz;
- if (cmp == 0) {
- cmp = XMEMCMP(req->serial, single->status->serial, req->serialSz)
- || XMEMCMP(req->issuerHash, single->issuerHash, OCSP_DIGEST_SIZE)
- || XMEMCMP(req->issuerKeyHash, single->issuerKeyHash, OCSP_DIGEST_SIZE);
- if (cmp == 0) {
- /* match found */
- if (resp->single != single && prev) {
- /* move to top of list */
- top = resp->single;
- resp->single = single;
- prev->next = single->next;
- single->next = top;
- }
- break;
- }
- }
- next = single->next;
- prev = single;
- }
- if (cmp != 0) {
- WOLFSSL_MSG("\trequest and response mismatch");
- return cmp;
- }
- return 0;
- }
- #endif /* HAVE_OCSP */
- /* store WC_SHA hash of NAME */
- int GetNameHash(const byte* source, word32* idx, byte* hash,
- int maxIdx)
- {
- int length; /* length of all distinguished names */
- int ret;
- word32 dummy;
- byte tag;
- WOLFSSL_ENTER("GetNameHash");
- dummy = *idx;
- if (GetASNTag(source, &dummy, &tag, maxIdx) == 0 && tag == ASN_OBJECT_ID) {
- WOLFSSL_MSG("Trying optional prefix...");
- if (GetLength(source, idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- *idx += length;
- WOLFSSL_MSG("Got optional prefix");
- }
- /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
- * calculated over the entire DER encoding of the Name field, including
- * the tag and length. */
- dummy = *idx;
- if (GetSequence(source, idx, &length, maxIdx) < 0)
- return ASN_PARSE_E;
- ret = CalcHashId(source + dummy, length + *idx - dummy, hash);
- *idx += length;
- return ret;
- }
- #ifdef HAVE_CRL
- /* initialize decoded CRL */
- void InitDecodedCRL(DecodedCRL* dcrl, void* heap)
- {
- WOLFSSL_MSG("InitDecodedCRL");
- XMEMSET(dcrl, 0, sizeof(DecodedCRL));
- dcrl->heap = heap;
- #ifdef WOLFSSL_HEAP_TEST
- dcrl->heap = (void*)WOLFSSL_HEAP_TEST;
- #endif
- }
- /* free decoded CRL resources */
- void FreeDecodedCRL(DecodedCRL* dcrl)
- {
- RevokedCert* tmp = dcrl->certs;
- WOLFSSL_MSG("FreeDecodedCRL");
- while(tmp) {
- RevokedCert* next = tmp->next;
- XFREE(tmp, dcrl->heap, DYNAMIC_TYPE_REVOKED);
- tmp = next;
- }
- }
- /* Get Revoked Cert list, 0 on success */
- static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl,
- int maxIdx)
- {
- int ret, len;
- word32 end;
- byte b;
- RevokedCert* rc;
- WOLFSSL_ENTER("GetRevoked");
- if (GetSequence(buff, idx, &len, maxIdx) < 0)
- return ASN_PARSE_E;
- end = *idx + len;
- rc = (RevokedCert*)XMALLOC(sizeof(RevokedCert), dcrl->heap,
- DYNAMIC_TYPE_REVOKED);
- if (rc == NULL) {
- WOLFSSL_MSG("Alloc Revoked Cert failed");
- return MEMORY_E;
- }
- if (GetSerialNumber(buff, idx, rc->serialNumber, &rc->serialSz,
- maxIdx) < 0) {
- XFREE(rc, dcrl->heap, DYNAMIC_TYPE_REVOKED);
- return ASN_PARSE_E;
- }
- /* add to list */
- rc->next = dcrl->certs;
- dcrl->certs = rc;
- dcrl->totalCerts++;
- /* get date */
- ret = GetDateInfo(buff, idx, NULL, &b, NULL, maxIdx);
- if (ret < 0) {
- WOLFSSL_MSG("Expecting Date");
- return ret;
- }
- /* skip extensions */
- *idx = end;
- return 0;
- }
- /* Get CRL Signature, 0 on success */
- static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl,
- int maxIdx)
- {
- int length;
- int ret;
- WOLFSSL_ENTER("GetCRL_Signature");
- ret = CheckBitString(source, idx, &length, maxIdx, 1, NULL);
- if (ret != 0)
- return ret;
- dcrl->sigLength = length;
- dcrl->signature = (byte*)&source[*idx];
- *idx += dcrl->sigLength;
- return 0;
- }
- int VerifyCRL_Signature(SignatureCtx* sigCtx, const byte* toBeSigned,
- word32 tbsSz, const byte* signature, word32 sigSz,
- word32 signatureOID, Signer *ca, void* heap)
- {
- /* try to confirm/verify signature */
- #ifndef IGNORE_KEY_EXTENSIONS
- if ((ca->keyUsage & KEYUSE_CRL_SIGN) == 0) {
- WOLFSSL_MSG("CA cannot sign CRLs");
- return ASN_CRL_NO_SIGNER_E;
- }
- #endif /* IGNORE_KEY_EXTENSIONS */
- InitSignatureCtx(sigCtx, heap, INVALID_DEVID);
- if (ConfirmSignature(sigCtx, toBeSigned, tbsSz, ca->publicKey,
- ca->pubKeySize, ca->keyOID, signature, sigSz,
- signatureOID, NULL) != 0) {
- WOLFSSL_MSG("CRL Confirm signature failed");
- return ASN_CRL_CONFIRM_E;
- }
- return 0;
- }
- static int ParseCRL_CertList(DecodedCRL* dcrl, const byte* buf,
- word32* inOutIdx, int sz)
- {
- word32 oid, dateIdx, idx, checkIdx;
- int version;
- #ifdef WOLFSSL_NO_CRL_NEXT_DATE
- int doNextDate = 1;
- #endif
- byte tag;
- if (dcrl == NULL || inOutIdx == NULL || buf == NULL) {
- return BAD_FUNC_ARG;
- }
- /* may have version */
- idx = *inOutIdx;
- checkIdx = idx;
- if (GetASNTag(buf, &checkIdx, &tag, sz) == 0 && tag == ASN_INTEGER) {
- if (GetMyVersion(buf, &idx, &version, sz) < 0)
- return ASN_PARSE_E;
- }
- if (GetAlgoId(buf, &idx, &oid, oidIgnoreType, sz) < 0)
- return ASN_PARSE_E;
- if (GetNameHash(buf, &idx, dcrl->issuerHash, sz) < 0)
- return ASN_PARSE_E;
- if (GetBasicDate(buf, &idx, dcrl->lastDate, &dcrl->lastDateFormat, sz) < 0)
- return ASN_PARSE_E;
- dateIdx = idx;
- if (GetBasicDate(buf, &idx, dcrl->nextDate, &dcrl->nextDateFormat, sz) < 0)
- {
- #ifndef WOLFSSL_NO_CRL_NEXT_DATE
- (void)dateIdx;
- return ASN_PARSE_E;
- #else
- dcrl->nextDateFormat = ASN_OTHER_TYPE; /* skip flag */
- doNextDate = 0;
- idx = dateIdx;
- #endif
- }
- #ifdef WOLFSSL_NO_CRL_NEXT_DATE
- if (doNextDate)x
- #endif
- {
- #ifndef NO_ASN_TIME
- if (!XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, AFTER)) {
- WOLFSSL_MSG("CRL after date is no longer valid");
- return ASN_AFTER_DATE_E;
- }
- #endif
- }
- checkIdx = idx;
- if (idx != dcrl->sigIndex &&
- GetASNTag(buf, &checkIdx, &tag, sz) == 0 && tag != CRL_EXTENSIONS) {
- int len;
- if (GetSequence(buf, &idx, &len, sz) < 0)
- return ASN_PARSE_E;
- len += idx;
- while (idx < (word32)len) {
- if (GetRevoked(buf, &idx, dcrl, len) < 0)
- return ASN_PARSE_E;
- }
- }
- *inOutIdx = idx;
- return 0;
- }
- #ifndef NO_SKID
- static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
- {
- word32 idx = 0;
- int length = 0, ret = 0;
- byte tag;
- WOLFSSL_ENTER("ParseCRL_AuthKeyIdExt");
- if (GetSequence(input, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE\n");
- return ASN_PARSE_E;
- }
- if (GetASNTag(input, &idx, &tag, sz) < 0) {
- return ASN_PARSE_E;
- }
- if (tag != (ASN_CONTEXT_SPECIFIC | 0)) {
- WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available\n");
- return 0;
- }
- if (GetLength(input, &idx, &length, sz) <= 0) {
- WOLFSSL_MSG("\tfail: extension data length");
- return ASN_PARSE_E;
- }
- dcrl->extAuthKeyIdSet = 1;
- if (length == KEYID_SIZE) {
- XMEMCPY(dcrl->extAuthKeyId, input + idx, length);
- }
- else {
- ret = CalcHashId(input + idx, length, dcrl->extAuthKeyId);
- }
- return ret;
- }
- #endif
- static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf,
- word32* inOutIdx, word32 sz)
- {
- int length;
- word32 idx;
- word32 ext_bound; /* boundary index for the sequence of extensions */
- word32 oid;
- byte tag;
- WOLFSSL_ENTER("ParseCRL_Extensions");
- (void)dcrl;
- if (inOutIdx == NULL)
- return BAD_FUNC_ARG;
- idx = *inOutIdx;
- /* CRL Extensions are optional */
- if ((idx + 1) > sz)
- return 0;
- /* CRL Extensions are optional */
- if (GetASNTag(buf, &idx, &tag, sz) < 0)
- return 0;
- /* CRL Extensions are optional */
- if (tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
- return 0;
- if (GetLength(buf, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- if (GetSequence(buf, &idx, &length, sz) < 0)
- return ASN_PARSE_E;
- ext_bound = idx + length;
- while (idx < (word32)ext_bound) {
- word32 localIdx;
- int ret;
- if (GetSequence(buf, &idx, &length, sz) < 0) {
- WOLFSSL_MSG("\tfail: should be a SEQUENCE");
- return ASN_PARSE_E;
- }
- oid = 0;
- if (GetObjectId(buf, &idx, &oid, oidCrlExtType, sz) < 0) {
- WOLFSSL_MSG("\tfail: OBJECT ID");
- return ASN_PARSE_E;
- }
- /* check for critical flag */
- if ((idx + 1) > (word32)sz) {
- WOLFSSL_MSG("\tfail: malformed buffer");
- return BUFFER_E;
- }
- localIdx = idx;
- if (GetASNTag(buf, &localIdx, &tag, sz) == 0 && tag == ASN_BOOLEAN) {
- WOLFSSL_MSG("\tfound optional critical flag, moving past");
- ret = GetBoolean(buf, &idx, sz);
- if (ret < 0)
- return ret;
- }
- ret = GetOctetString(buf, &idx, &length, sz);
- if (ret < 0)
- return ret;
- if (oid == AUTH_KEY_OID) {
- #ifndef NO_SKID
- ret = ParseCRL_AuthKeyIdExt(buf + idx, length, dcrl);
- if (ret < 0) {
- WOLFSSL_MSG("\tcouldn't parse AuthKeyId extension");
- return ret;
- }
- #endif
- }
- idx += length;
- }
- *inOutIdx = idx;
- return 0;
- }
- /* parse crl buffer into decoded state, 0 on success */
- int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm)
- {
- int len;
- word32 idx = 0;
- Signer* ca = NULL;
- SignatureCtx sigCtx;
- WOLFSSL_MSG("ParseCRL");
- /* raw crl hash */
- /* hash here if needed for optimized comparisons
- * wc_Sha sha;
- * wc_InitSha(&sha);
- * wc_ShaUpdate(&sha, buff, sz);
- * wc_ShaFinal(&sha, dcrl->crlHash); */
- if (GetSequence(buff, &idx, &len, sz) < 0)
- return ASN_PARSE_E;
- dcrl->certBegin = idx;
- /* Normalize sz for the length inside the outer sequence. */
- sz = len + idx;
- if (GetSequence(buff, &idx, &len, sz) < 0)
- return ASN_PARSE_E;
- dcrl->sigIndex = len + idx;
- if (ParseCRL_CertList(dcrl, buff, &idx, dcrl->sigIndex) < 0)
- return ASN_PARSE_E;
- if (ParseCRL_Extensions(dcrl, buff, &idx, dcrl->sigIndex) < 0)
- return ASN_PARSE_E;
- idx = dcrl->sigIndex;
- if (GetAlgoId(buff, &idx, &dcrl->signatureOID, oidSigType, sz) < 0)
- return ASN_PARSE_E;
- if (GetCRL_Signature(buff, &idx, dcrl, sz) < 0)
- return ASN_PARSE_E;
- /* openssl doesn't add skid by default for CRLs cause firefox chokes
- if experiencing issues uncomment NO_SKID define in CRL section of
- wolfssl/wolfcrypt/settings.h */
- #ifndef NO_SKID
- if (dcrl->extAuthKeyIdSet) {
- ca = GetCA(cm, dcrl->extAuthKeyId); /* more unique than issuerHash */
- }
- if (ca != NULL && XMEMCMP(dcrl->issuerHash, ca->subjectNameHash,
- KEYID_SIZE) != 0) {
- ca = NULL;
- }
- if (ca == NULL) {
- ca = GetCAByName(cm, dcrl->issuerHash); /* last resort */
- /* If AKID is available then this CA doesn't have the public
- * key required */
- if (ca && dcrl->extAuthKeyIdSet) {
- WOLFSSL_MSG("CA SKID doesn't match AKID");
- ca = NULL;
- }
- }
- #else
- ca = GetCA(cm, dcrl->issuerHash);
- #endif /* !NO_SKID */
- WOLFSSL_MSG("About to verify CRL signature");
- if (ca == NULL) {
- WOLFSSL_MSG("Did NOT find CRL issuer CA");
- return ASN_CRL_NO_SIGNER_E;
- }
- WOLFSSL_MSG("Found CRL issuer CA");
- return VerifyCRL_Signature(&sigCtx, buff + dcrl->certBegin,
- dcrl->sigIndex - dcrl->certBegin, dcrl->signature, dcrl->sigLength,
- dcrl->signatureOID, ca, dcrl->heap);
- }
- #endif /* HAVE_CRL */
- #ifdef WOLFSSL_CERT_PIV
- int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz)
- {
- int length = 0;
- word32 idx = 0;
- WOLFSSL_ENTER("wc_ParseCertPIV");
- if (piv == NULL || buf == NULL || totalSz == 0)
- return BAD_FUNC_ARG;
- XMEMSET(piv, 0, sizeof(wc_CertPIV));
- /* Detect Identiv PIV (with 0x0A, 0x0B and 0x0C sections) */
- /* Certificate (0A 82 05FA) */
- if (GetASNHeader(buf, ASN_PIV_CERT, &idx, &length, totalSz) >= 0) {
- /* Identiv Type PIV card */
- piv->isIdentiv = 1;
- piv->cert = &buf[idx];
- piv->certSz = length;
- idx += length;
- /* Nonce (0B 14) */
- if (GetASNHeader(buf, ASN_PIV_NONCE, &idx, &length, totalSz) >= 0) {
- piv->nonce = &buf[idx];
- piv->nonceSz = length;
- idx += length;
- }
- /* Signed Nonce (0C 82 0100) */
- if (GetASNHeader(buf, ASN_PIV_SIGNED_NONCE, &idx, &length, totalSz) >= 0) {
- piv->signedNonce = &buf[idx];
- piv->signedNonceSz = length;
- }
- idx = 0;
- buf = piv->cert;
- totalSz = piv->certSz;
- }
- /* Certificate Buffer Total Size (53 82 05F6) */
- if (GetASNHeader(buf, ASN_APPLICATION | ASN_PRINTABLE_STRING, &idx,
- &length, totalSz) < 0) {
- return ASN_PARSE_E;
- }
- /* PIV Certificate (70 82 05ED) */
- if (GetASNHeader(buf, ASN_PIV_TAG_CERT, &idx, &length,
- totalSz) < 0) {
- return ASN_PARSE_E;
- }
- /* Capture certificate buffer pointer and length */
- piv->cert = &buf[idx];
- piv->certSz = length;
- idx += length;
- /* PIV Certificate Info (71 01 00) */
- if (GetASNHeader(buf, ASN_PIV_TAG_CERT_INFO, &idx, &length,
- totalSz) >= 0) {
- if (length >= 1) {
- piv->compression = (buf[idx] & ASN_PIV_CERT_INFO_COMPRESSED);
- piv->isX509 = (buf[idx] & ASN_PIV_CERT_INFO_ISX509);
- }
- idx += length;
- }
- /* PIV Error Detection (FE 00) */
- if (GetASNHeader(buf, ASN_PIV_TAG_ERR_DET, &idx, &length,
- totalSz) >= 0) {
- piv->certErrDet = &buf[idx];
- piv->certErrDetSz = length;
- idx += length;
- }
- return 0;
- }
- #endif /* WOLFSSL_CERT_PIV */
- #ifdef HAVE_SMIME
- /*****************************************************************************
- * wc_MIME_parse_headers - Reads the char array in and parses out MIME headers
- * and parameters into headers. Will continue until in has no more content.
- *
- * RETURNS:
- * returns zero on success, non-zero on error.
- */
- int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** headers)
- {
- MimeHdr* nextHdr = NULL;
- MimeHdr* curHdr = NULL;
- MimeParam* nextParam = NULL;
- size_t start = 0;
- size_t end = 0;
- char* nameAttr = NULL;
- char* bodyVal = NULL;
- MimeTypes mimeType = MIME_HDR;
- MimeStatus mimeStatus = MIME_NAMEATTR;
- int ret = -1;
- size_t pos = 0;
- size_t lineLen = 0;
- char* curLine = NULL;
- char* ptr = NULL;
- if (in == NULL || inLen <= 0 || in[inLen] != '\0' || headers == NULL) {
- ret = BAD_FUNC_ARG;
- goto error;
- }
- nextHdr = (MimeHdr*)XMALLOC(sizeof(MimeHdr), NULL, DYNAMIC_TYPE_PKCS7);
- nextParam = (MimeParam*)XMALLOC(sizeof(MimeParam), NULL,
- DYNAMIC_TYPE_PKCS7);
- if (nextHdr == NULL || nextParam == NULL) {
- ret = MEMORY_E;
- goto error;
- }
- XMEMSET(nextHdr, 0, (word32)sizeof(MimeHdr));
- XMEMSET(nextParam, 0, (word32)sizeof(MimeParam));
- curLine = XSTRTOK(in, "\r\n", &ptr);
- if (curLine == NULL) {
- ret = ASN_PARSE_E;
- goto error;
- }
- while (curLine != NULL) {
- /* Leftover from previous line, add params to previous header. */
- if (curLine[0] == ' ' && curHdr) {
- mimeType = MIME_PARAM;
- }
- else {
- mimeType = MIME_HDR;
- }
- start = end = 0;
- lineLen = XSTRLEN(curLine);
- if (lineLen == 0) {
- ret = BAD_FUNC_ARG;
- goto error;
- }
- for (pos = 0; pos < lineLen; pos++) {
- char cur = curLine[pos];
- if (mimeStatus == MIME_NAMEATTR && ((cur == ':' &&
- mimeType == MIME_HDR) || (cur == '=' &&
- mimeType == MIME_PARAM)) && pos >= 1) {
- mimeStatus = MIME_BODYVAL;
- end = pos-1;
- ret = wc_MIME_header_strip(curLine, &nameAttr, start, end);
- if (ret) {
- goto error;
- }
- start = pos+1;
- }
- else if (mimeStatus == MIME_BODYVAL && cur == ';' && pos >= 1) {
- end = pos-1;
- ret = wc_MIME_header_strip(curLine, &bodyVal, start, end);
- if (ret) {
- goto error;
- }
- if (mimeType == MIME_HDR) {
- nextHdr->name = nameAttr;
- nameAttr = NULL;
- nextHdr->body = bodyVal;
- bodyVal = NULL;
- nextHdr->next = curHdr;
- curHdr = nextHdr;
- nextHdr = (MimeHdr*)XMALLOC(sizeof(MimeHdr), NULL,
- DYNAMIC_TYPE_PKCS7);
- if (nextHdr == NULL) {
- ret = MEMORY_E;
- goto error;
- }
- XMEMSET(nextHdr, 0, (word32)sizeof(MimeHdr));
- }
- else {
- nextParam->attribute = nameAttr;
- nameAttr = NULL;
- nextParam->value = bodyVal;
- bodyVal = NULL;
- nextParam->next = curHdr->params;
- curHdr->params = nextParam;
- nextParam = (MimeParam*)XMALLOC(sizeof(MimeParam), NULL,
- DYNAMIC_TYPE_PKCS7);
- if (nextParam == NULL) {
- ret = MEMORY_E;
- goto error;
- }
- XMEMSET(nextParam, 0, (word32)sizeof(MimeParam));
- }
- mimeType = MIME_PARAM;
- mimeStatus = MIME_NAMEATTR;
- start = pos+1;
- }
- }
- end = lineLen-1;
- /* Omit newline characters. */
- while ((curLine[end] == '\r' || curLine[end] == '\n') && end > 0) {
- end--;
- }
- if (end >= start && mimeStatus == MIME_BODYVAL) {
- ret = wc_MIME_header_strip(curLine, &bodyVal, start, end);
- if (ret) {
- goto error;
- }
- if (mimeType == MIME_HDR) {
- nextHdr->name = nameAttr;
- nameAttr = NULL;
- nextHdr->body = bodyVal;
- bodyVal = NULL;
- nextHdr->next = curHdr;
- curHdr = nextHdr;
- nextHdr = (MimeHdr*)XMALLOC(sizeof(MimeHdr), NULL,
- DYNAMIC_TYPE_PKCS7);
- if (nextHdr == NULL) {
- ret = MEMORY_E;
- goto error;
- }
- XMEMSET(nextHdr, 0, (word32)sizeof(MimeHdr));
- } else {
- nextParam->attribute = nameAttr;
- nameAttr = NULL;
- nextParam->value = bodyVal;
- bodyVal = NULL;
- nextParam->next = curHdr->params;
- curHdr->params = nextParam;
- nextParam = (MimeParam*)XMALLOC(sizeof(MimeParam), NULL,
- DYNAMIC_TYPE_PKCS7);
- if (nextParam == NULL) {
- ret = MEMORY_E;
- goto error;
- }
- XMEMSET(nextParam, 0, (word32)sizeof(MimeParam));
- }
- }
- curLine = XSTRTOK(NULL, "\r\n", &ptr);
- mimeStatus = MIME_NAMEATTR;
- }
- *headers = curHdr;
- XFREE(nextHdr, NULL, DYNAMIC_TYPE_PKCS7);
- XFREE(nextParam, NULL, DYNAMIC_TYPE_PKCS7);
- return 0;
- error:
- wc_MIME_free_hdrs(curHdr);
- wc_MIME_free_hdrs(nextHdr);
- if (nameAttr != NULL)
- XFREE(nameAttr, NULL, DYNAMIC_TYPE_PKCS7);
- if (bodyVal != NULL)
- XFREE(bodyVal, NULL, DYNAMIC_TYPE_PKCS7);
- XFREE(nextParam, NULL, DYNAMIC_TYPE_PKCS7);
- return ret;
- }
- /*****************************************************************************
- * wc_MIME_header_strip - Reads the string in from indices start to end, strips
- * out disallowed/separator characters and places the rest into *out.
- *
- * RETURNS:
- * returns zero on success, non-zero on error.
- */
- int wc_MIME_header_strip(char* in, char** out, size_t start, size_t end)
- {
- size_t inPos = start;
- size_t outPos = 0;
- size_t inLen = 0;
- if (end < start || in == NULL || out == NULL) {
- return BAD_FUNC_ARG;
- }
- inLen = XSTRLEN(in);
- if (start > inLen || end > inLen) {
- return BAD_FUNC_ARG;
- }
- *out = (char*)XMALLOC(((end-start)+2)*sizeof(char), NULL,
- DYNAMIC_TYPE_PKCS7);
- if (*out == NULL) {
- return MEMORY_E;
- }
- while (inPos <= end) {
- if (in[inPos] >= MIME_HEADER_ASCII_MIN && in[inPos] <=
- MIME_HEADER_ASCII_MAX && in[inPos] != ';' && in[inPos] != '\"') {
- (*out)[outPos] = in[inPos];
- outPos++;
- }
- inPos++;
- }
- (*out)[outPos] = '\0';
- return 0;
- }
- /*****************************************************************************
- * wc_MIME_find_header_name - Searches through all given headers until a header with
- * a name matching the provided name is found.
- *
- * RETURNS:
- * returns a pointer to the found header, if no match was found, returns NULL.
- */
- MimeHdr* wc_MIME_find_header_name(const char* name, MimeHdr* header)
- {
- size_t len = XSTRLEN(name);
- while (header) {
- if (!XSTRNCMP(name, header->name, len)) {
- return header;
- }
- header = header->next;
- }
- return header;
- }
- /*****************************************************************************
- * wc_MIME_find_param_attr - Searches through all parameters until a parameter
- * with a attribute matching the provided attribute is found.
- *
- * RETURNS:
- * returns a pointer to the found parameter, if no match was found,
- * returns NULL.
- */
- MimeParam* wc_MIME_find_param_attr(const char* attribute,
- MimeParam* param)
- {
- size_t len = XSTRLEN(attribute);
- while (param) {
- if (!XSTRNCMP(attribute, param->attribute, len)) {
- return param;
- }
- param = param->next;
- }
- return param;
- }
- /*****************************************************************************
- * wc_MIME_canonicalize - Canonicalize a line by converting all line endings
- * to CRLF.
- *
- * RETURNS:
- * returns a pointer to a canonicalized line on success, NULL on error.
- */
- char* wc_MIME_canonicalize(const char* line)
- {
- size_t end = 0;
- char* canonLine = NULL;
- if (line == NULL || XSTRLEN(line) == 0) {
- return NULL;
- }
- end = XSTRLEN(line);
- while (end >= 1 && ((line[end-1] == '\r') || (line[end-1] == '\n'))) {
- end--;
- }
- /* Need 2 chars for \r\n and 1 for EOL */
- canonLine = (char*)XMALLOC((end+3)*sizeof(char), NULL, DYNAMIC_TYPE_PKCS7);
- if (canonLine == NULL) {
- return NULL;
- }
- XSTRNCPY(canonLine, line, end);
- canonLine[end] = '\r';
- canonLine[end+1] = '\n';
- canonLine[end+2] = '\0';
- return canonLine;
- }
- /*****************************************************************************
- * wc_MIME_free_hdrs - Frees all MIME headers, parameters and strings starting from
- * the provided header pointer.
- *
- * RETURNS:
- * returns zero on success, non-zero on error.
- */
- int wc_MIME_free_hdrs(MimeHdr* head)
- {
- MimeHdr* curHdr = NULL;
- MimeParam* curParam = NULL;
- while (head) {
- while (head->params) {
- curParam = head->params;
- head->params = head->params->next;
- XFREE(curParam->attribute, NULL, DYNAMIC_TYPE_PKCS7);
- XFREE(curParam->value, NULL, DYNAMIC_TYPE_PKCS7);
- XFREE(curParam, NULL, DYNAMIC_TYPE_PKCS7);
- }
- curHdr = head;
- head = head->next;
- XFREE(curHdr->name, NULL, DYNAMIC_TYPE_PKCS7);
- XFREE(curHdr->body, NULL, DYNAMIC_TYPE_PKCS7);
- XFREE(curHdr, NULL, DYNAMIC_TYPE_PKCS7);
- }
- return 0;
- }
- #endif /* HAVE_SMIME */
- #undef ERROR_OUT
- #endif /* !NO_ASN */
- #ifdef WOLFSSL_SEP
- #endif /* WOLFSSL_SEP */
|