2 Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License as published by
6 the Free Software Foundation; version 2 of the License.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program; see the file COPYING. If not, write to the
15 Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
19 /* asn.hpp provides ASN1 BER, PublicKey, and x509v3 decoding
23 #ifndef TAO_CRYPT_ASN_HPP
24 #define TAO_CRYPT_ASN_HPP
37 namespace STL
= STL_NAMESPACE
;
42 // these tags and flags are not complete
50 OBJECT_IDENTIFIER
= 0x06,
51 OBJECT_DESCRIPTOR
= 0x07,
58 NUMERIC_STRING
= 0x12,
59 PRINTABLE_STRING
= 0x13,
61 VIDEOTEXT_STRING
= 0x15,
64 GENERALIZED_TIME
= 0x18,
65 GRAPHIC_STRING
= 0x19,
66 VISIBLE_STRING
= 0x1a,
67 GENERAL_STRING
= 0x1b,
78 CONTEXT_SPECIFIC
= 0x80,
85 COMMON_NAME
= 0x03, // CN
86 SUR_NAME
= 0x04, // SN
87 COUNTRY_NAME
= 0x06, // C
88 LOCALITY_NAME
= 0x07, // L
89 STATE_NAME
= 0x08, // ST
91 ORGUNIT_NAME
= 0x0b // OU
97 /* DATA = 1, */ // from ASN1
100 SIGNED_AND_ENVELOPED_DATA
= 4,
112 MAX_SEQ_SZ
= 5, // enum(seq|con) + length(4)
114 MAX_DIGEST_SZ
= 25, // SHA + enum(Bit or Octet) + length(4)
116 ASN_NAME_MAX
= 512 // max total of all included names
122 class RSA_PrivateKey
;
124 class DSA_PrivateKey
;
129 // General BER decoding
130 class BER_Decoder
: public virtual_base
{
134 explicit BER_Decoder(Source
& s
) : source_(s
) {}
135 virtual ~BER_Decoder() {}
137 Integer
& GetInteger(Integer
&);
138 word32
GetSequence();
141 word32
GetExplicitVersion();
145 virtual void ReadHeader() = 0;
147 BER_Decoder(const BER_Decoder
&); // hide copy
148 BER_Decoder
& operator=(const BER_Decoder
&); // and assign
152 // RSA Private Key BER Decoder
153 class RSA_Private_Decoder
: public BER_Decoder
{
155 explicit RSA_Private_Decoder(Source
& s
) : BER_Decoder(s
) {}
156 void Decode(RSA_PrivateKey
&);
162 // RSA Public Key BER Decoder
163 class RSA_Public_Decoder
: public BER_Decoder
{
165 explicit RSA_Public_Decoder(Source
& s
) : BER_Decoder(s
) {}
166 void Decode(RSA_PublicKey
&);
169 void ReadHeaderOpenSSL();
173 // DSA Private Key BER Decoder
174 class DSA_Private_Decoder
: public BER_Decoder
{
176 explicit DSA_Private_Decoder(Source
& s
) : BER_Decoder(s
) {}
177 void Decode(DSA_PrivateKey
&);
183 // DSA Public Key BER Decoder
184 class DSA_Public_Decoder
: public BER_Decoder
{
186 explicit DSA_Public_Decoder(Source
& s
) : BER_Decoder(s
) {}
187 void Decode(DSA_PublicKey
&);
193 // DH Key BER Decoder
194 class DH_Decoder
: public BER_Decoder
{
196 explicit DH_Decoder(Source
& s
) : BER_Decoder(s
) {}
203 // PKCS12 BER Decoder
204 class PKCS12_Decoder
: public BER_Decoder
{
206 explicit PKCS12_Decoder(Source
& s
) : BER_Decoder(s
) {}
218 explicit PublicKey(const byte
* k
= 0, word32 s
= 0);
219 ~PublicKey() { tcArrayDelete(key_
); }
221 const byte
* GetKey() const { return key_
; }
222 word32
size() const { return sz_
; }
224 void SetKey(const byte
*);
225 void SetSize(word32 s
);
227 void AddToEnd(const byte
*, word32
);
229 PublicKey(const PublicKey
&); // hide copy
230 PublicKey
& operator=(const PublicKey
&); // and assign
234 enum { SHA_SIZE
= 20 };
237 // A Signing Authority
240 char name_
[ASN_NAME_MAX
];
241 byte hash_
[SHA_SIZE
];
243 Signer(const byte
* k
, word32 kSz
, const char* n
, const byte
* h
);
246 const PublicKey
& GetPublicKey() const { return key_
; }
247 const char* GetName() const { return name_
; }
248 const byte
* GetHash() const { return hash_
; }
251 Signer(const Signer
&); // hide copy
252 Signer
& operator=(const Signer
&); // and assign
256 typedef STL::list
<Signer
*> SignerList
;
259 enum ContentType
{ HUH
= 651 };
260 enum SigType
{ SHAwDSA
= 517, MD2wRSA
= 646, MD5wRSA
= 648, SHAwRSA
=649};
261 enum HashType
{ MD2h
= 646, MD5h
= 649, SHAh
= 88 };
262 enum KeyType
{ DSAk
= 515, RSAk
= 645 }; // sums of algo OID
265 // an x509v Certificate BER Decoder
266 class CertDecoder
: public BER_Decoder
{
268 enum DateType
{ BEFORE
, AFTER
};
269 enum NameType
{ ISSUER
, SUBJECT
};
270 enum CertType
{ CA
, USER
};
272 explicit CertDecoder(Source
&, bool decode
= true, SignerList
* sl
= 0,
273 bool noVerify
= false, CertType ct
= USER
);
276 const PublicKey
& GetPublicKey() const { return key_
; }
277 KeyType
GetKeyType() const { return KeyType(keyOID_
); }
278 const char* GetIssuer() const { return issuer_
; }
279 const char* GetCommonName() const { return subject_
; }
280 const byte
* GetHash() const { return subjectHash_
; }
281 const char* GetBeforeDate() const { return beforeDate_
; }
282 const char* GetAfterDate() const { return afterDate_
; }
287 word32 certBegin_
; // offset to start of cert
288 word32 sigIndex_
; // offset to start of signature
289 word32 sigLength_
; // length of signature
290 word32 signatureOID_
; // sum of algorithm object id
291 word32 keyOID_
; // sum of key algo object id
292 byte subjectHash_
[SHA_SIZE
]; // hash of all Names
293 byte issuerHash_
[SHA_SIZE
]; // hash of all Names
295 char issuer_
[ASN_NAME_MAX
]; // Names
296 char subject_
[ASN_NAME_MAX
]; // Names
297 char beforeDate_
[MAX_DATE_SZ
]; // valid before date
298 char afterDate_
[MAX_DATE_SZ
]; // valid after date
299 bool verify_
; // Default to yes, but could be off
302 void Decode(SignerList
*, CertType
);
305 bool ValidateSelfSignature();
306 bool ValidateSignature(SignerList
*);
307 bool ConfirmSignature(Source
&);
309 char* AddTag(char*, const char*, const char*, word32
, word32
);
310 void GetName(NameType
);
312 void GetDate(DateType
);
313 void GetCompareHash(const byte
*, word32
, byte
*, word32
);
315 word32
GetSignature();
320 word32
GetLength(Source
&);
322 word32
SetLength(word32
, byte
*);
323 word32
SetSequence(word32
, byte
*);
325 word32
EncodeDSA_Signature(const byte
* signature
, byte
* output
);
326 word32
EncodeDSA_Signature(const Integer
& r
, const Integer
& s
, byte
* output
);
327 word32
DecodeDSA_Signature(byte
* decoded
, const byte
* encoded
, word32 sz
);
330 // General DER encoding
331 class DER_Encoder
: public virtual_base
{
334 virtual ~DER_Encoder() {}
336 word32
SetAlgoID(HashType
, byte
*);
338 Error
GetError() const { return error_
; }
340 //virtual void WriteHeader() = 0;
343 DER_Encoder(const DER_Encoder
&); // hide copy
344 DER_Encoder
& operator=(const DER_Encoder
&); // and assign
349 class Signature_Encoder
: public DER_Encoder
{
354 explicit Signature_Encoder(const byte
*, word32
, HashType
, Source
&);
358 word32
SetDigest(const byte
*, word32
, byte
*);
360 Signature_Encoder(const Signature_Encoder
&); // hide copy
361 Signature_Encoder
& operator=(const Signature_Encoder
&); // and assign
365 // Get Cert in PEM format from BEGIN to END
366 int GetCert(Source
&);
368 // Get Cert in PEM format from pkcs12 file
369 int GetPKCS_Cert(const char* password
, Source
&);
374 #endif // TAO_CRYPT_ASN_HPP