search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Use the new asn1_read_node_value()
[gnutls.git] / lib / x509 / mpi.c
blobbaef1ee89fcac9d27ff1c1d34193b21fe17723f8
1 /*
2 * Copyright (C) 2003-2012 Free Software Foundation, Inc.
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GnuTLS.
7 *
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 *
21 */
22
23 #include <gnutls_int.h>
24 #include <gnutls_errors.h>
25 #include <gnutls_global.h>
26 #include <libtasn1.h>
27 #include <gnutls_datum.h>
28 #include "common.h"
29 #include "x509_int.h"
30 #include <gnutls_num.h>
31
32 /* Reads an Integer from the DER encoded data
33 */
34
35 int
36 _gnutls_x509_read_der_int (uint8_t * der, int dersize, bigint_t * out)
37 {
38 int result;
39 ASN1_TYPE spk = ASN1_TYPE_EMPTY;
40
41 /* == INTEGER */
42 if ((result = asn1_create_element
43 (_gnutls_get_gnutls_asn (), "GNUTLS.DSAPublicKey",
44 &spk)) != ASN1_SUCCESS)
45 {
46 gnutls_assert ();
47 return _gnutls_asn2err (result);
48 }
49
50 result = asn1_der_decoding (&spk, der, dersize, NULL);
51
52 if (result != ASN1_SUCCESS)
53 {
54 gnutls_assert ();
55 asn1_delete_structure (&spk);
56 return _gnutls_asn2err (result);
57 }
58
59 /* Read Y */
60
61 if ((result = _gnutls_x509_read_int (spk, "", out)) < 0)
62 {
63 gnutls_assert ();
64 asn1_delete_structure (&spk);
65 return _gnutls_asn2err (result);
66 }
67
68 asn1_delete_structure (&spk);
69
70 return 0;
71
72 }
73
74
75 /* Extracts DSA and RSA parameters from a certificate.
76 */
77 int
78 _gnutls_get_asn_mpis (ASN1_TYPE asn, const char *root,
79 gnutls_pk_params_st * params)
80 {
81 int result;
82 char name[256];
83 gnutls_datum_t tmp = { NULL, 0 };
84 gnutls_pk_algorithm_t pk_algorithm;
85
86 gnutls_pk_params_init(params);
87
88 result = _gnutls_x509_get_pk_algorithm (asn, root, NULL);
89 if (result < 0)
90 {
91 gnutls_assert ();
92 return result;
93 }
94
95 pk_algorithm = result;
96
97 /* Read the algorithm's parameters
98 */
99 _asnstr_append_name (name, sizeof (name), root, ".subjectPublicKey");
100 result = _gnutls_x509_read_value (asn, name, &tmp, 2);
101
102 if (result < 0)
103 {
104 gnutls_assert ();
105 return result;
106 }
107
108 if ((result =
109 _gnutls_x509_read_pubkey (pk_algorithm, tmp.data, tmp.size, params)) < 0)
110 {
111 gnutls_assert ();
112 goto error;
113 }
114
115 /* Now read the parameters
116 */
117 _gnutls_free_datum (&tmp);
118
119 _asnstr_append_name (name, sizeof (name), root,
120 ".algorithm.parameters");
121
122 /* FIXME: If the parameters are not included in the certificate
123 * then the issuer's parameters should be used. This is not
124 * done yet.
125 */
126
127 if (pk_algorithm != GNUTLS_PK_RSA) /* RSA doesn't use parameters */
128 {
129 result = _gnutls_x509_read_value (asn, name, &tmp, 0);
130 if (result < 0)
131 {
132 gnutls_assert ();
133 goto error;
134 }
135
136 if ((result =
137 _gnutls_x509_read_pubkey_params (pk_algorithm, tmp.data, tmp.size, params)) < 0)
138 {
139 gnutls_assert ();
140 goto error;
141 }
142 }
143
144 result = 0;
145
146 error:
147 _gnutls_free_datum (&tmp);
148 return result;
149 }
150
151 /* Extracts DSA and RSA parameters from a certificate.
152 */
153 int
154 _gnutls_x509_crt_get_mpis (gnutls_x509_crt_t cert,
155 gnutls_pk_params_st * params)
156 {
157 /* Read the algorithm's OID
158 */
159 return _gnutls_get_asn_mpis (cert->cert,
160 "tbsCertificate.subjectPublicKeyInfo", params);
161 }
162
163 /* Extracts DSA and RSA parameters from a certificate.
164 */
165 int
166 _gnutls_x509_crq_get_mpis (gnutls_x509_crq_t cert,
167 gnutls_pk_params_st* params)
168 {
169 /* Read the algorithm's OID
170 */
171 return _gnutls_get_asn_mpis (cert->crq,
172 "certificationRequestInfo.subjectPKInfo",
173 params);
174 }
175
176 /*
177 * This function writes and encodes the parameters for DSS or RSA keys.
178 * This is the "signatureAlgorithm" fields.
179 */
180 int
181 _gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name,
182 gnutls_pk_algorithm_t pk_algorithm,
183 gnutls_digest_algorithm_t dig)
184 {
185 int result;
186 char name[128];
187 const char *pk;
188
189 _gnutls_str_cpy (name, sizeof (name), dst_name);
190 _gnutls_str_cat (name, sizeof (name), ".algorithm");
191
192 pk = _gnutls_x509_sign_to_oid (pk_algorithm, dig);
193 if (pk == NULL)
194 {
195 gnutls_assert ();
196 _gnutls_debug_log
197 ("Cannot find OID for sign algorithm pk: %d dig: %d\n",
198 (int) pk_algorithm, (int) dig);
199 return GNUTLS_E_INVALID_REQUEST;
200 }
201
202 /* write the OID.
203 */
204 result = asn1_write_value (dst, name, pk, 1);
205 if (result != ASN1_SUCCESS)
206 {
207 gnutls_assert ();
208 return _gnutls_asn2err (result);
209 }
210
211
212 _gnutls_str_cpy (name, sizeof (name), dst_name);
213 _gnutls_str_cat (name, sizeof (name), ".parameters");
214
215 if (pk_algorithm == GNUTLS_PK_RSA)
216 result = asn1_write_value (dst, name, ASN1_NULL, ASN1_NULL_SIZE);
217 else
218 result = asn1_write_value (dst, name, NULL, 0);
219
220 if (result != ASN1_SUCCESS && result != ASN1_ELEMENT_NOT_FOUND)
221 {
222 /* Here we ignore the element not found error, since this
223 * may have been disabled before.
224 */
225 gnutls_assert ();
226 return _gnutls_asn2err (result);
227 }
228
229 return 0;
230 }
231
232
233
234
235 /* this function reads a (small) unsigned integer
236 * from asn1 structs. Combines the read and the convertion
237 * steps.
238 */
239 int
240 _gnutls_x509_read_uint (ASN1_TYPE node, const char *value, unsigned int *ret)
241 {
242 int len, result;
243 uint8_t *tmpstr;
244
245 len = 0;
246 result = asn1_read_value (node, value, NULL, &len);
247 if (result != ASN1_MEM_ERROR)
248 {
249 gnutls_assert ();
250 return _gnutls_asn2err (result);
251 }
252
253 tmpstr = gnutls_malloc (len);
254 if (tmpstr == NULL)
255 {
256 gnutls_assert ();
257 return GNUTLS_E_MEMORY_ERROR;
258 }
259
260 result = asn1_read_value (node, value, tmpstr, &len);
261
262 if (result != ASN1_SUCCESS)
263 {
264 gnutls_assert ();
265 gnutls_free (tmpstr);
266 return _gnutls_asn2err (result);
267 }
268
269 if (len == 1)
270 *ret = tmpstr[0];
271 else if (len == 2)
272 *ret = _gnutls_read_uint16 (tmpstr);
273 else if (len == 3)
274 *ret = _gnutls_read_uint24 (tmpstr);
275 else if (len == 4)
276 *ret = _gnutls_read_uint32 (tmpstr);
277 else
278 {
279 gnutls_assert ();
280 gnutls_free (tmpstr);
281 return GNUTLS_E_INTERNAL_ERROR;
282 }
283
284 gnutls_free (tmpstr);
285
286 return 0;
287 }
288
289 /* Writes the specified integer into the specified node.
290 */
291 int
292 _gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value, uint32_t num)
293 {
294 uint8_t tmpstr[4];
295 int result;
296
297 _gnutls_write_uint32 (num, tmpstr);
298
299 result = asn1_write_value (node, value, tmpstr, 4);
300
301 if (result != ASN1_SUCCESS)
302 {
303 gnutls_assert ();
304 return _gnutls_asn2err (result);
305 }
306
307 return 0;
308 }
Implementation of the SSL/TLS protocol