release/src/router/mysql/extra/yassl/taocrypt/include/asn.hpp

   1 /*
   2    Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
   3
   4    This program is free software; you can redistribute it and/or modify
   5    it under the terms of the GNU General Public License as published by
   6    the Free Software Foundation; version 2 of the License.
   7
   8    This program is distributed in the hope that it will be useful,
   9    but WITHOUT ANY WARRANTY; without even the implied warranty of
  10    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  11    GNU General Public License for more details.
  12
  13    You should have received a copy of the GNU General Public License
  14    along with this program; see the file COPYING. If not, write to the
  15    Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
  16    MA  02110-1301  USA.
  17 */
  18
  19 /* asn.hpp provides ASN1 BER, PublicKey, and x509v3 decoding
  20 */
  21
  22
  23 #ifndef TAO_CRYPT_ASN_HPP
  24 #define TAO_CRYPT_ASN_HPP
  25
  26
  27 #include "misc.hpp"
  28 #include "block.hpp"
  29 #include "error.hpp"
  30 #ifdef USE_SYS_STL
  31     #include <list>
  32 #else
  33     #include "list.hpp"
  34 #endif
  35
  36
  37 namespace STL = STL_NAMESPACE;
  38
  39
  40 namespace TaoCrypt {
  41
  42 // these tags and flags are not complete
  43 enum ASNTag
  44 {
  45     BOOLEAN             = 0x01,
  46     INTEGER             = 0x02,
  47     BIT_STRING          = 0x03,
  48     OCTET_STRING        = 0x04,
  49     TAG_NULL            = 0x05,
  50     OBJECT_IDENTIFIER   = 0x06,
  51     OBJECT_DESCRIPTOR   = 0x07,
  52     EXTERNAL            = 0x08,
  53     REAL                = 0x09,
  54     ENUMERATED          = 0x0a,
  55     UTF8_STRING         = 0x0c,
  56     SEQUENCE            = 0x10,
  57     SET                 = 0x11,
  58     NUMERIC_STRING      = 0x12,
  59     PRINTABLE_STRING    = 0x13,
  60     T61_STRING          = 0x14,
  61     VIDEOTEXT_STRING    = 0x15,
  62     IA5_STRING          = 0x16,
  63     UTC_TIME            = 0x17,
  64     GENERALIZED_TIME    = 0x18,
  65     GRAPHIC_STRING      = 0x19,
  66     VISIBLE_STRING      = 0x1a,
  67     GENERAL_STRING      = 0x1b,
  68     LONG_LENGTH         = 0x80
  69 };
  70
  71 enum ASNIdFlag
  72 {
  73     UNIVERSAL           = 0x00,
  74     DATA                = 0x01,
  75     HEADER              = 0x02,
  76     CONSTRUCTED         = 0x20,
  77     APPLICATION         = 0x40,
  78     CONTEXT_SPECIFIC    = 0x80,
  79     PRIVATE             = 0xc0
  80 };
  81
  82
  83 enum DNTags
  84 {
  85     COMMON_NAME         = 0x03,  // CN
  86     SUR_NAME            = 0x04,  // SN
  87     COUNTRY_NAME        = 0x06,  // C
  88     LOCALITY_NAME       = 0x07,  // L
  89     STATE_NAME          = 0x08,  // ST
  90     ORG_NAME            = 0x0a,  // O
  91     ORGUNIT_NAME        = 0x0b   // OU
  92 };
  93
  94
  95 enum PCKS12_Tags
  96 {
  97     /* DATA                      = 1, */ // from ASN1
  98     SIGNED_DATA               = 2,
  99     ENVELOPED_DATA            = 3,
 100     SIGNED_AND_ENVELOPED_DATA = 4,
 101     DIGESTED_DATA             = 5,
 102     ENCRYPTED_DATA            = 6
 103 };
 104
 105
 106 enum Constants
 107 {
 108     MIN_DATE_SZ   = 13,
 109     MAX_DATE_SZ   = 16,
 110     MAX_ALGO_SZ   = 16,
 111     MAX_LENGTH_SZ =  5,
 112     MAX_SEQ_SZ    =  5,    // enum(seq|con) + length(4)
 113     MAX_ALGO_SIZE =  9,
 114     MAX_DIGEST_SZ = 25,    // SHA + enum(Bit or Octet) + length(4)
 115     DSA_SIG_SZ    = 40,
 116     ASN_NAME_MAX  = 512    // max total of all included names
 117 };
 118
 119
 120 class Source;
 121 class RSA_PublicKey;
 122 class RSA_PrivateKey;
 123 class DSA_PublicKey;
 124 class DSA_PrivateKey;
 125 class Integer;
 126 class DH;
 127
 128
 129 // General BER decoding
 130 class BER_Decoder : public virtual_base {
 131 protected:
 132     Source& source_;
 133 public:
 134     explicit BER_Decoder(Source& s) : source_(s) {}
 135     virtual ~BER_Decoder() {}
 136
 137     Integer& GetInteger(Integer&);
 138     word32   GetSequence();
 139     word32   GetSet();
 140     word32   GetVersion();
 141     word32   GetExplicitVersion();
 142
 143     Error GetError();
 144 private:
 145     virtual void ReadHeader() = 0;
 146
 147     BER_Decoder(const BER_Decoder&);            // hide copy
 148     BER_Decoder& operator=(const BER_Decoder&); // and assign
 149 };
 150
 151
 152 // RSA Private Key BER Decoder
 153 class RSA_Private_Decoder : public BER_Decoder {
 154 public:
 155     explicit RSA_Private_Decoder(Source& s) : BER_Decoder(s) {}
 156     void Decode(RSA_PrivateKey&);
 157 private:
 158     void ReadHeader();
 159 };
 160
 161
 162 // RSA Public Key BER Decoder
 163 class RSA_Public_Decoder : public BER_Decoder {
 164 public:
 165     explicit RSA_Public_Decoder(Source& s) : BER_Decoder(s) {}
 166     void Decode(RSA_PublicKey&);
 167 private:
 168     void ReadHeader();
 169     void ReadHeaderOpenSSL();
 170 };
 171
 172
 173 // DSA Private Key BER Decoder
 174 class DSA_Private_Decoder : public BER_Decoder {
 175 public:
 176     explicit DSA_Private_Decoder(Source& s) : BER_Decoder(s) {}
 177     void Decode(DSA_PrivateKey&);
 178 private:
 179     void ReadHeader();
 180 };
 181
 182
 183 // DSA Public Key BER Decoder
 184 class DSA_Public_Decoder : public BER_Decoder {
 185 public:
 186     explicit DSA_Public_Decoder(Source& s) : BER_Decoder(s) {}
 187     void Decode(DSA_PublicKey&);
 188 private:
 189     void ReadHeader();
 190 };
 191
 192
 193 // DH Key BER Decoder
 194 class DH_Decoder : public BER_Decoder {
 195 public:
 196     explicit DH_Decoder(Source& s) : BER_Decoder(s) {}
 197     void Decode(DH&);
 198 private:
 199     void ReadHeader();
 200 };
 201
 202
 203 // PKCS12 BER Decoder
 204 class PKCS12_Decoder : public BER_Decoder {
 205 public:
 206     explicit PKCS12_Decoder(Source& s) : BER_Decoder(s) {}
 207     void Decode();
 208 private:
 209     void ReadHeader();
 210 };
 211
 212
 213 // General PublicKey
 214 class PublicKey {
 215     byte*  key_;
 216     word32 sz_;
 217 public:
 218     explicit PublicKey(const byte* k = 0, word32 s = 0);
 219     ~PublicKey() { tcArrayDelete(key_); }
 220
 221     const byte* GetKey() const { return key_; }
 222     word32      size()   const { return sz_; }
 223
 224     void SetKey(const byte*);
 225     void SetSize(word32 s);
 226
 227     void AddToEnd(const byte*, word32);
 228 private:
 229     PublicKey(const PublicKey&);            // hide copy
 230     PublicKey& operator=(const PublicKey&); // and assign
 231 };
 232
 233
 234 enum { SHA_SIZE = 20 };
 235
 236
 237 // A Signing Authority
 238 class Signer {
 239     PublicKey key_;
 240     char      name_[ASN_NAME_MAX];
 241     byte      hash_[SHA_SIZE];
 242 public:
 243     Signer(const byte* k, word32 kSz, const char* n, const byte* h);
 244     ~Signer();
 245
 246     const PublicKey& GetPublicKey()  const { return key_; }
 247     const char*      GetName()       const { return name_; }
 248     const byte*      GetHash()       const { return hash_; }
 249
 250 private:
 251     Signer(const Signer&);              // hide copy
 252     Signer& operator=(const Signer&);   // and assign
 253 };
 254
 255
 256 typedef STL::list<Signer*> SignerList;
 257
 258
 259 enum ContentType { HUH = 651 };
 260 enum SigType  { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA =649};
 261 enum HashType { MD2h = 646, MD5h = 649, SHAh = 88 };
 262 enum KeyType  { DSAk = 515, RSAk = 645 };     // sums of algo OID
 263
 264
 265 // an x509v Certificate BER Decoder
 266 class CertDecoder : public BER_Decoder {
 267 public:
 268     enum DateType { BEFORE, AFTER };
 269     enum NameType { ISSUER, SUBJECT };
 270     enum CertType { CA, USER };
 271
 272     explicit CertDecoder(Source&, bool decode = true, SignerList* sl = 0,
 273                          bool noVerify = false, CertType ct = USER);
 274     ~CertDecoder();
 275
 276     const PublicKey& GetPublicKey()  const { return key_; }
 277     KeyType          GetKeyType()    const { return KeyType(keyOID_); }
 278     const char*      GetIssuer()     const { return issuer_; }
 279     const char*      GetCommonName() const { return subject_; }
 280     const byte*      GetHash()       const { return subjectHash_; }
 281     const char*      GetBeforeDate() const { return beforeDate_; }
 282     const char*      GetAfterDate()  const { return afterDate_; }
 283
 284     void DecodeToKey();
 285 private:
 286     PublicKey key_;
 287     word32    certBegin_;               // offset to start of cert
 288     word32    sigIndex_;                // offset to start of signature
 289     word32    sigLength_;               // length of signature
 290     word32    signatureOID_;            // sum of algorithm object id
 291     word32    keyOID_;                  // sum of key algo  object id
 292     byte      subjectHash_[SHA_SIZE];   // hash of all Names
 293     byte      issuerHash_[SHA_SIZE];    // hash of all Names
 294     byte*     signature_;
 295     char      issuer_[ASN_NAME_MAX];    // Names
 296     char      subject_[ASN_NAME_MAX];   // Names
 297     char      beforeDate_[MAX_DATE_SZ]; // valid before date
 298     char      afterDate_[MAX_DATE_SZ];  // valid after date
 299     bool      verify_;                  // Default to yes, but could be off
 300
 301     void   ReadHeader();
 302     void   Decode(SignerList*, CertType);
 303     void   StoreKey();
 304     void   AddDSA();
 305     bool   ValidateSelfSignature();
 306     bool   ValidateSignature(SignerList*);
 307     bool   ConfirmSignature(Source&);
 308     void   GetKey();
 309     char*  AddTag(char*, const char*, const char*, word32, word32);
 310     void   GetName(NameType);
 311     void   GetValidity();
 312     void   GetDate(DateType);
 313     void   GetCompareHash(const byte*, word32, byte*, word32);
 314     word32 GetAlgoId();
 315     word32 GetSignature();
 316     word32 GetDigest();
 317 };
 318
 319
 320 word32 GetLength(Source&);
 321
 322 word32 SetLength(word32, byte*);
 323 word32 SetSequence(word32, byte*);
 324
 325 word32 EncodeDSA_Signature(const byte* signature, byte* output);
 326 word32 EncodeDSA_Signature(const Integer& r, const Integer& s, byte* output);
 327 word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz);
 328
 329
 330 // General DER encoding
 331 class DER_Encoder : public virtual_base {
 332 public:
 333     DER_Encoder() {}
 334     virtual ~DER_Encoder() {}
 335
 336     word32 SetAlgoID(HashType, byte*);
 337
 338     Error  GetError() const { return error_; }
 339 private:
 340     //virtual void WriteHeader() = 0;
 341     Error error_;
 342
 343     DER_Encoder(const DER_Encoder&);            // hide copy
 344     DER_Encoder& operator=(const DER_Encoder&); // and assign
 345 };
 346
 347
 348
 349 class Signature_Encoder : public DER_Encoder {
 350     const byte* digest_;
 351     word32      digestSz_;
 352     SigType     digestOID_;
 353 public:
 354     explicit Signature_Encoder(const byte*, word32, HashType, Source&);
 355
 356 private:
 357     void   WriteHeader();
 358     word32 SetDigest(const byte*, word32, byte*);
 359
 360     Signature_Encoder(const Signature_Encoder&);            // hide copy
 361     Signature_Encoder& operator=(const Signature_Encoder&); // and assign
 362 };
 363
 364
 365 // Get Cert in PEM format from BEGIN to END
 366 int GetCert(Source&);
 367
 368 // Get Cert in PEM format from pkcs12 file
 369 int GetPKCS_Cert(const char* password, Source&);
 370
 371 } // namespace
 372
 373
 374 #endif // TAO_CRYPT_ASN_HPP