Subversion Repositories Kolibri OS

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
8774 rgimad 1 
/**
2 
 * \file asn1.h
3 
 *
4 
 * \brief Generic ASN.1 parsing
5 
 */
6 
/*
7 
 *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
8 
 *  SPDX-License-Identifier: GPL-2.0
9 
 *
10 
 *  This program is free software; you can redistribute it and/or modify
11 
 *  it under the terms of the GNU General Public License as published by
12 
 *  the Free Software Foundation; either version 2 of the License, or
13 
 *  (at your option) any later version.
14 
 *
15 
 *  This program is distributed in the hope that it will be useful,
16 
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
17 
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 
 *  GNU General Public License for more details.
19 
 *
20 
 *  You should have received a copy of the GNU General Public License along
21 
 *  with this program; if not, write to the Free Software Foundation, Inc.,
22 
 *  51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 
 *
24 
 *  This file is part of mbed TLS (https://tls.mbed.org)
25 
 */
26 
#ifndef MBEDTLS_ASN1_H
27 
#define MBEDTLS_ASN1_H
28 
 
29 
#if !defined(MBEDTLS_CONFIG_FILE)
30 
#include "config.h"
31 
#else
32 
#include MBEDTLS_CONFIG_FILE
33 
#endif
34 
 
35 
#include
36 
 
37 
#if defined(MBEDTLS_BIGNUM_C)
38 
#include "bignum.h"
39 
#endif
40 
 
41 
/**
42 
 * \addtogroup asn1_module
43 
 * \{
44 
 */
45 
 
46 
/**
47 
 * \name ASN1 Error codes
48 
 * These error codes are OR'ed to X509 error codes for
49 
 * higher error granularity.
50 
 * ASN1 is a standard to specify data structures.
51 
 * \{
52 
 */
53 
#define MBEDTLS_ERR_ASN1_OUT_OF_DATA                      -0x0060  /**< Out of data when parsing an ASN1 data structure. */
54 
#define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG                   -0x0062  /**< ASN1 tag was of an unexpected value. */
55 
#define MBEDTLS_ERR_ASN1_INVALID_LENGTH                   -0x0064  /**< Error when trying to determine the length or invalid length. */
56 
#define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH                  -0x0066  /**< Actual length differs from expected length. */
57 
#define MBEDTLS_ERR_ASN1_INVALID_DATA                     -0x0068  /**< Data is invalid. (not used) */
58 
#define MBEDTLS_ERR_ASN1_ALLOC_FAILED                     -0x006A  /**< Memory allocation failed */
59 
#define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL                    -0x006C  /**< Buffer too small when writing ASN.1 data structure. */
60 
 
61 
/* \} name */
62 
 
63 
/**
64 
 * \name DER constants
65 
 * These constants comply with the DER encoded ASN.1 type tags.
66 
 * DER encoding uses hexadecimal representation.
67 
 * An example DER sequence is:\n
68 
 * - 0x02 -- tag indicating INTEGER
69 
 * - 0x01 -- length in octets
70 
 * - 0x05 -- value
71 
 * Such sequences are typically read into \c ::mbedtls_x509_buf.
72 
 * \{
73 
 */
74 
#define MBEDTLS_ASN1_BOOLEAN                 0x01
75 
#define MBEDTLS_ASN1_INTEGER                 0x02
76 
#define MBEDTLS_ASN1_BIT_STRING              0x03
77 
#define MBEDTLS_ASN1_OCTET_STRING            0x04
78 
#define MBEDTLS_ASN1_NULL                    0x05
79 
#define MBEDTLS_ASN1_OID                     0x06
80 
#define MBEDTLS_ASN1_UTF8_STRING             0x0C
81 
#define MBEDTLS_ASN1_SEQUENCE                0x10
82 
#define MBEDTLS_ASN1_SET                     0x11
83 
#define MBEDTLS_ASN1_PRINTABLE_STRING        0x13
84 
#define MBEDTLS_ASN1_T61_STRING              0x14
85 
#define MBEDTLS_ASN1_IA5_STRING              0x16
86 
#define MBEDTLS_ASN1_UTC_TIME                0x17
87 
#define MBEDTLS_ASN1_GENERALIZED_TIME        0x18
88 
#define MBEDTLS_ASN1_UNIVERSAL_STRING        0x1C
89 
#define MBEDTLS_ASN1_BMP_STRING              0x1E
90 
#define MBEDTLS_ASN1_PRIMITIVE               0x00
91 
#define MBEDTLS_ASN1_CONSTRUCTED             0x20
92 
#define MBEDTLS_ASN1_CONTEXT_SPECIFIC        0x80
93 
 
94 
/*
95 
 * Bit masks for each of the components of an ASN.1 tag as specified in
96 
 * ITU X.690 (08/2015), section 8.1 "General rules for encoding",
97 
 * paragraph 8.1.2.2:
98 
 *
99 
 * Bit  8     7   6   5          1
100 
 *     +-------+-----+------------+
101 
 *     | Class | P/C | Tag number |
102 
 *     +-------+-----+------------+
103 
 */
104 
#define MBEDTLS_ASN1_TAG_CLASS_MASK          0xC0
105 
#define MBEDTLS_ASN1_TAG_PC_MASK             0x20
106 
#define MBEDTLS_ASN1_TAG_VALUE_MASK          0x1F
107 
 
108 
/* \} name */
109 
/* \} addtogroup asn1_module */
110 
 
111 
/** Returns the size of the binary string, without the trailing \\0 */
112 
#define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1)
113 
 
114 
/**
115 
 * Compares an mbedtls_asn1_buf structure to a reference OID.
116 
 *
117 
 * Only works for 'defined' oid_str values (MBEDTLS_OID_HMAC_SHA1), you cannot use a
118 
 * 'unsigned char *oid' here!
119 
 */
120 
#define MBEDTLS_OID_CMP(oid_str, oid_buf)                                   \
121 
        ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) ||                \
122 
          memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 )
123 
 
124 
#ifdef __cplusplus
125 
extern "C" {
126 
#endif
127 
 
128 
/**
129 
 * \name Functions to parse ASN.1 data structures
130 
 * \{
131 
 */
132 
 
133 
/**
134 
 * Type-length-value structure that allows for ASN1 using DER.
135 
 */
136 
typedef struct mbedtls_asn1_buf
137 
{
138 
    int tag;                /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
139 
    size_t len;             /**< ASN1 length, in octets. */
140 
    unsigned char *p;       /**< ASN1 data, e.g. in ASCII. */
141 
}
142 
mbedtls_asn1_buf;
143 
 
144 
/**
145 
 * Container for ASN1 bit strings.
146 
 */
147 
typedef struct mbedtls_asn1_bitstring
148 
{
149 
    size_t len;                 /**< ASN1 length, in octets. */
150 
    unsigned char unused_bits;  /**< Number of unused bits at the end of the string */
151 
    unsigned char *p;           /**< Raw ASN1 data for the bit string */
152 
}
153 
mbedtls_asn1_bitstring;
154 
 
155 
/**
156 
 * Container for a sequence of ASN.1 items
157 
 */
158 
typedef struct mbedtls_asn1_sequence
159 
{
160 
    mbedtls_asn1_buf buf;                   /**< Buffer containing the given ASN.1 item. */
161 
    struct mbedtls_asn1_sequence *next;    /**< The next entry in the sequence. */
162 
}
163 
mbedtls_asn1_sequence;
164 
 
165 
/**
166 
 * Container for a sequence or list of 'named' ASN.1 data items
167 
 */
168 
typedef struct mbedtls_asn1_named_data
169 
{
170 
    mbedtls_asn1_buf oid;                   /**< The object identifier. */
171 
    mbedtls_asn1_buf val;                   /**< The named value. */
172 
    struct mbedtls_asn1_named_data *next;  /**< The next entry in the sequence. */
173 
    unsigned char next_merged;      /**< Merge next item into the current one? */
174 
}
175 
mbedtls_asn1_named_data;
176 
 
177 
/**
178 
 * \brief       Get the length of an ASN.1 element.
179 
 *              Updates the pointer to immediately behind the length.
180 
 *
181 
 * \param p     The position in the ASN.1 data
182 
 * \param end   End of data
183 
 * \param len   The variable that will receive the value
184 
 *
185 
 * \return      0 if successful, MBEDTLS_ERR_ASN1_OUT_OF_DATA on reaching
186 
 *              end of data, MBEDTLS_ERR_ASN1_INVALID_LENGTH if length is
187 
 *              unparseable.
188 
 */
189 
int mbedtls_asn1_get_len( unsigned char **p,
190 
                  const unsigned char *end,
191 
                  size_t *len );
192 
 
193 
/**
194 
 * \brief       Get the tag and length of the tag. Check for the requested tag.
195 
 *              Updates the pointer to immediately behind the tag and length.
196 
 *
197 
 * \param p     The position in the ASN.1 data
198 
 * \param end   End of data
199 
 * \param len   The variable that will receive the length
200 
 * \param tag   The expected tag
201 
 *
202 
 * \return      0 if successful, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if tag did
203 
 *              not match requested tag, or another specific ASN.1 error code.
204 
 */
205 
int mbedtls_asn1_get_tag( unsigned char **p,
206 
                  const unsigned char *end,
207 
                  size_t *len, int tag );
208 
 
209 
/**
210 
 * \brief       Retrieve a boolean ASN.1 tag and its value.
211 
 *              Updates the pointer to immediately behind the full tag.
212 
 *
213 
 * \param p     The position in the ASN.1 data
214 
 * \param end   End of data
215 
 * \param val   The variable that will receive the value
216 
 *
217 
 * \return      0 if successful or a specific ASN.1 error code.
218 
 */
219 
int mbedtls_asn1_get_bool( unsigned char **p,
220 
                   const unsigned char *end,
221 
                   int *val );
222 
 
223 
/**
224 
 * \brief       Retrieve an integer ASN.1 tag and its value.
225 
 *              Updates the pointer to immediately behind the full tag.
226 
 *
227 
 * \param p     The position in the ASN.1 data
228 
 * \param end   End of data
229 
 * \param val   The variable that will receive the value
230 
 *
231 
 * \return      0 if successful or a specific ASN.1 error code.
232 
 */
233 
int mbedtls_asn1_get_int( unsigned char **p,
234 
                  const unsigned char *end,
235 
                  int *val );
236 
 
237 
/**
238 
 * \brief       Retrieve a bitstring ASN.1 tag and its value.
239 
 *              Updates the pointer to immediately behind the full tag.
240 
 *
241 
 * \param p     The position in the ASN.1 data
242 
 * \param end   End of data
243 
 * \param bs    The variable that will receive the value
244 
 *
245 
 * \return      0 if successful or a specific ASN.1 error code.
246 
 */
247 
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
248 
                        mbedtls_asn1_bitstring *bs);
249 
 
250 
/**
251 
 * \brief       Retrieve a bitstring ASN.1 tag without unused bits and its
252 
 *              value.
253 
 *              Updates the pointer to the beginning of the bit/octet string.
254 
 *
255 
 * \param p     The position in the ASN.1 data
256 
 * \param end   End of data
257 
 * \param len   Length of the actual bit/octect string in bytes
258 
 *
259 
 * \return      0 if successful or a specific ASN.1 error code.
260 
 */
261 
int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
262 
                             size_t *len );
263 
 
264 
/**
265 
 * \brief       Parses and splits an ASN.1 "SEQUENCE OF "
266 
 *              Updated the pointer to immediately behind the full sequence tag.
267 
 *
268 
 * \param p     The position in the ASN.1 data
269 
 * \param end   End of data
270 
 * \param cur   First variable in the chain to fill
271 
 * \param tag   Type of sequence
272 
 *
273 
 * \return      0 if successful or a specific ASN.1 error code.
274 
 */
275 
int mbedtls_asn1_get_sequence_of( unsigned char **p,
276 
                          const unsigned char *end,
277 
                          mbedtls_asn1_sequence *cur,
278 
                          int tag);
279 
 
280 
#if defined(MBEDTLS_BIGNUM_C)
281 
/**
282 
 * \brief       Retrieve a MPI value from an integer ASN.1 tag.
283 
 *              Updates the pointer to immediately behind the full tag.
284 
 *
285 
 * \param p     The position in the ASN.1 data
286 
 * \param end   End of data
287 
 * \param X     The MPI that will receive the value
288 
 *
289 
 * \return      0 if successful or a specific ASN.1 or MPI error code.
290 
 */
291 
int mbedtls_asn1_get_mpi( unsigned char **p,
292 
                  const unsigned char *end,
293 
                  mbedtls_mpi *X );
294 
#endif /* MBEDTLS_BIGNUM_C */
295 
 
296 
/**
297 
 * \brief       Retrieve an AlgorithmIdentifier ASN.1 sequence.
298 
 *              Updates the pointer to immediately behind the full
299 
 *              AlgorithmIdentifier.
300 
 *
301 
 * \param p     The position in the ASN.1 data
302 
 * \param end   End of data
303 
 * \param alg   The buffer to receive the OID
304 
 * \param params The buffer to receive the params (if any)
305 
 *
306 
 * \return      0 if successful or a specific ASN.1 or MPI error code.
307 
 */
308 
int mbedtls_asn1_get_alg( unsigned char **p,
309 
                  const unsigned char *end,
310 
                  mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params );
311 
 
312 
/**
313 
 * \brief       Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
314 
 *              params.
315 
 *              Updates the pointer to immediately behind the full
316 
 *              AlgorithmIdentifier.
317 
 *
318 
 * \param p     The position in the ASN.1 data
319 
 * \param end   End of data
320 
 * \param alg   The buffer to receive the OID
321 
 *
322 
 * \return      0 if successful or a specific ASN.1 or MPI error code.
323 
 */
324 
int mbedtls_asn1_get_alg_null( unsigned char **p,
325 
                       const unsigned char *end,
326 
                       mbedtls_asn1_buf *alg );
327 
 
328 
/**
329 
 * \brief       Find a specific named_data entry in a sequence or list based on
330 
 *              the OID.
331 
 *
332 
 * \param list  The list to seek through
333 
 * \param oid   The OID to look for
334 
 * \param len   Size of the OID
335 
 *
336 
 * \return      NULL if not found, or a pointer to the existing entry.
337 
 */
338 
mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
339 
                                       const char *oid, size_t len );
340 
 
341 
/**
342 
 * \brief       Free a mbedtls_asn1_named_data entry
343 
 *
344 
 * \param entry The named data entry to free
345 
 */
346 
void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
347 
 
348 
/**
349 
 * \brief       Free all entries in a mbedtls_asn1_named_data list
350 
 *              Head will be set to NULL
351 
 *
352 
 * \param head  Pointer to the head of the list of named data entries to free
353 
 */
354 
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
355 
 
356 
#ifdef __cplusplus
357 
}
358 
#endif
359 
 
360 
#endif /* asn1.h */