ASN.1 encoding. More...

#include <stddef.h>
#include <stdint.h>
#include <stdarg.h>
#include <assert.h>
#include <time.h>
#include <ipxe/tables.h>

Data Structures
struct	asn1_cursor
	An ASN.1 object cursor. More...

struct	asn1_builder
	An ASN.1 object builder. More...

struct	asn1_builder_header
	An ASN.1 header. More...

struct	asn1_algorithm
	An ASN.1 OID-identified algorithm. More...

Macros
#define	ASN1_MAX_LEN_LEN ( 1 + sizeof ( size_t ) )
	Maximum (viable) length of ASN.1 length. More...

#define	ASN1_END 0x00
	ASN.1 end. More...

#define	ASN1_BOOLEAN 0x01
	ASN.1 boolean. More...

#define	ASN1_INTEGER 0x02
	ASN.1 integer. More...

#define	ASN1_BIT_STRING 0x03
	ASN.1 bit string. More...

#define	ASN1_OCTET_STRING 0x04
	ASN.1 octet string. More...

#define	ASN1_NULL 0x05
	ASN.1 null. More...

#define	ASN1_OID 0x06
	ASN.1 object identifier. More...

#define	ASN1_ENUMERATED 0x0a
	ASN.1 enumeration. More...

#define	ASN1_UTF8_STRING 0x0c
	ASN.1 UTF-8 string. More...

#define	ASN1_UTC_TIME 0x17
	ASN.1 UTC time. More...

#define	ASN1_GENERALIZED_TIME 0x18
	ASN.1 generalized time. More...

#define	ASN1_SEQUENCE 0x30
	ASN.1 sequence. More...

#define	ASN1_SET 0x31
	ASN.1 set. More...

#define	ASN1_IMPLICIT_TAG(number) ( 0x80 \| (number) )
	ASN.1 implicit tag. More...

#define	ASN1_EXPLICIT_TAG(number) ( 0xa0 \| (number) )
	ASN.1 explicit tag. More...

#define	ASN1_ANY -1U
	ASN.1 "any tag" magic value. More...

#define	ASN1_SHORT(tag, ...) (tag), VA_ARG_COUNT ( __VA_ARGS__ ), __VA_ARGS__
	Construct a short ASN.1 value. More...

#define	ASN1_OID_INITIAL(first, second) ( ( (first) * 40 ) + (second) )
	Initial OID byte. More...

#define	ASN1_OID_SINGLE(value) ( (value) & 0x7f )
	Single-byte OID value. More...

#define	ASN1_OID_DOUBLE(value) ( 0x80 \| ( ( (value) >> 7 ) & 0x7f ) ), ASN1_OID_SINGLE ( (value) )
	Double-byte OID value. More...

#define	ASN1_OID_TRIPLE(value) ( 0x80 \| ( ( (value) >> 14 ) & 0x7f ) ), ASN1_OID_DOUBLE ( (value) )
	Double-byte OID value. More...

#define	ASN1_OID_ECPUBLICKEY
	ASN.1 OID for ecPublicKey (1.2.840.10045.2.1) More...

#define	ASN1_OID_PRIME256V1
	ASN.1 OID for prime256v1 (1.2.840.10045.3.1.7) More...

#define	ASN1_OID_ECDSA_WITH_SHA224
	ASN.1 OID for ecdsa-with-SHA224 (1.2.840.10045.4.3.1) More...

#define	ASN1_OID_ECDSA_WITH_SHA256
	ASN.1 OID for ecdsa-with-SHA256 (1.2.840.10045.4.3.2) More...

#define	ASN1_OID_ECDSA_WITH_SHA384
	ASN.1 OID for ecdsa-with-SHA384 (1.2.840.10045.4.3.3) More...

#define	ASN1_OID_ECDSA_WITH_SHA512
	ASN.1 OID for ecdsa-with-SHA512 (1.2.840.10045.4.3.4) More...

#define	ASN1_OID_RSAENCRYPTION
	ASN.1 OID for rsaEncryption (1.2.840.113549.1.1.1) More...

#define	ASN1_OID_MD5WITHRSAENCRYPTION
	ASN.1 OID for md5WithRSAEncryption (1.2.840.113549.1.1.4) More...

#define	ASN1_OID_SHA1WITHRSAENCRYPTION
	ASN.1 OID for sha1WithRSAEncryption (1.2.840.113549.1.1.5) More...

#define	ASN1_OID_SHA256WITHRSAENCRYPTION
	ASN.1 OID for sha256WithRSAEncryption (1.2.840.113549.1.1.11) More...

#define	ASN1_OID_SHA384WITHRSAENCRYPTION
	ASN.1 OID for sha384WithRSAEncryption (1.2.840.113549.1.1.12) More...

#define	ASN1_OID_SHA512WITHRSAENCRYPTION
	ASN.1 OID for sha512WithRSAEncryption (1.2.840.113549.1.1.13) More...

#define	ASN1_OID_SHA224WITHRSAENCRYPTION
	ASN.1 OID for sha224WithRSAEncryption (1.2.840.113549.1.1.14) More...

#define	ASN1_OID_MD4
	ASN.1 OID for id-md4 (1.2.840.113549.2.4) More...

#define	ASN1_OID_MD5
	ASN.1 OID for id-md5 (1.2.840.113549.2.5) More...

#define	ASN1_OID_SHA1
	ASN.1 OID for id-sha1 (1.3.14.3.2.26) More...

#define	ASN1_OID_X25519
	ASN.1 OID for id-x25519 (1.3.101.110) More...

#define	ASN1_OID_SECP384R1
	ASN.1 OID for secp384r1 (1.3.132.0.34) More...

#define	ASN1_OID_AES128_CBC
	ASN.1 OID for id-aes128-cbc (2.16.840.1.101.3.4.1.2) More...

#define	ASN1_OID_AES128_GCM
	ASN.1 OID for id-aes128-gcm (2.16.840.1.101.3.4.1.6) More...

#define	ASN1_OID_AES192_CBC
	ASN.1 OID for id-aes192-cbc (2.16.840.1.101.3.4.1.22) More...

#define	ASN1_OID_AES192_GCM
	ASN.1 OID for id-aes192-gcm (2.16.840.1.101.3.4.1.26) More...

#define	ASN1_OID_AES256_CBC
	ASN.1 OID for id-aes256-cbc (2.16.840.1.101.3.4.1.42) More...

#define	ASN1_OID_AES256_GCM
	ASN.1 OID for id-aes256-gcm (2.16.840.1.101.3.4.1.46) More...

#define	ASN1_OID_SHA256
	ASN.1 OID for id-sha256 (2.16.840.1.101.3.4.2.1) More...

#define	ASN1_OID_SHA384
	ASN.1 OID for id-sha384 (2.16.840.1.101.3.4.2.2) More...

#define	ASN1_OID_SHA512
	ASN.1 OID for id-sha512 (2.16.840.1.101.3.4.2.3) More...

#define	ASN1_OID_SHA224
	ASN.1 OID for id-sha224 (2.16.840.1.101.3.4.2.4) More...

#define	ASN1_OID_SHA512_224
	ASN.1 OID for id-sha512-224 (2.16.840.1.101.3.4.2.5) More...

#define	ASN1_OID_SHA512_256
	ASN.1 OID for id-sha512-256 (2.16.840.1.101.3.4.2.6) More...

#define	ASN1_OID_COMMON_NAME
	ASN.1 OID for commonName (2.5.4.3) More...

#define	ASN1_OID_KEYUSAGE
	ASN.1 OID for id-ce-keyUsage (2.5.29.15) More...

#define	ASN1_OID_BASICCONSTRAINTS
	ASN.1 OID for id-ce-basicConstraints (2.5.29.19) More...

#define	ASN1_OID_EXTKEYUSAGE
	ASN.1 OID for id-ce-extKeyUsage (2.5.29.37) More...

#define	ASN1_OID_CODESIGNING
	ASN.1 OID for id-kp-codeSigning (1.3.6.1.5.5.7.3.3) More...

#define	ASN1_OID_SIGNEDDATA
	ASN.1 OID for id-signedData (1.2.840.113549.1.7.2) More...

#define	ASN1_OID_ENVELOPEDDATA
	ASN.1 OID for id-envelopedData (1.2.840.113549.1.7.3) More...

#define	ASN1_OID_AUTHENVELOPEDDATA
	ASN.1 OID for id-authEnvelopedData (1.2.840.113549.1.9.16.1.23) More...

#define	ASN1_OID_AUTHORITYINFOACCESS
	ASN.1 OID for id-pe-authorityInfoAccess (1.3.6.1.5.5.7.1.1) More...

#define	ASN1_OID_OCSP
	ASN.1 OID for id-ad-ocsp (1.3.6.1.5.5.7.48.1) More...

#define	ASN1_OID_OCSP_BASIC
	ASN.1 OID for id-pkix-ocsp-basic ( 1.3.6.1.5.5.7.48.1.1) More...

#define	ASN1_OID_OCSPSIGNING
	ASN.1 OID for id-kp-OCSPSigning (1.3.6.1.5.5.7.3.9) More...

#define	ASN1_OID_SUBJECTALTNAME
	ASN.1 OID for id-ce-subjectAltName (2.5.29.17) More...

#define	ASN1_CURSOR(value)
	Define an ASN.1 cursor for a static value. More...

#define	ASN1_ALGORITHMS __table ( struct asn1_algorithm, "asn1_algorithms" )
	ASN.1 OID-identified algorithms. More...

#define	__asn1_algorithm __table_entry ( ASN1_ALGORITHMS, 01 )
	Declare an ASN.1 OID-identified algorithm. More...

Functions
	FILE_LICENCE (GPL2_OR_LATER_OR_UBDL)

	FILE_SECBOOT (PERMITTED)

static void	asn1_invalidate_cursor (struct asn1_cursor *cursor)
	Invalidate ASN.1 object cursor. More...

static unsigned int	asn1_type (const struct asn1_cursor *cursor)
	Extract ASN.1 type. More...

static struct asn1_cursor *	asn1_built (struct asn1_builder *builder)
	Get cursor for built object. More...

int	asn1_enter (struct asn1_cursor *cursor, unsigned int type)
	Enter ASN.1 object. More...

int	asn1_skip_if_exists (struct asn1_cursor *cursor, unsigned int type)
	Skip ASN.1 object if present. More...

int	asn1_skip (struct asn1_cursor *cursor, unsigned int type)
	Skip ASN.1 object. More...

int	asn1_shrink (struct asn1_cursor *cursor, unsigned int type)
	Shrink ASN.1 cursor to fit object. More...

int	asn1_enter_any (struct asn1_cursor *cursor)
	Enter ASN.1 object of any type. More...

int	asn1_skip_any (struct asn1_cursor *cursor)
	Skip ASN.1 object of any type. More...

int	asn1_shrink_any (struct asn1_cursor *cursor)
	Shrink ASN.1 object of any type. More...

int	asn1_enter_bits (struct asn1_cursor cursor, unsigned int unused)
	Enter ASN.1 bit string. More...

int	asn1_enter_unsigned (struct asn1_cursor *cursor)
	Enter ASN.1 unsigned integer. More...

int	asn1_boolean (const struct asn1_cursor *cursor)
	Parse value of ASN.1 boolean. More...

int	asn1_integer (const struct asn1_cursor cursor, int value)
	Parse value of ASN.1 integer. More...

int	asn1_compare (const struct asn1_cursor cursor1, const struct asn1_cursor cursor2)
	Compare two ASN.1 objects. More...

int	asn1_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm algorithm, struct asn1_cursor params)
	Parse ASN.1 OID-identified algorithm. More...

int	asn1_pubkey_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm *algorithm)
	Parse ASN.1 OID-identified public-key algorithm. More...

int	asn1_digest_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm *algorithm)
	Parse ASN.1 OID-identified digest algorithm. More...

int	asn1_cipher_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm algorithm, struct asn1_cursor params)
	Parse ASN.1 OID-identified cipher algorithm. More...

int	asn1_signature_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm *algorithm)
	Parse ASN.1 OID-identified signature algorithm. More...

int	asn1_curve_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm wrapper, struct asn1_algorithm **algorithm)
	Parse ASN.1 OID-identified elliptic curve algorithm. More...

int	asn1_check_algorithm (const struct asn1_cursor cursor, struct asn1_algorithm expected, struct asn1_cursor *params)
	Check ASN.1 OID-identified algorithm. More...

int	asn1_parse_cbc (struct asn1_algorithm algorithm, struct asn1_cursor params)
	Parse ASN.1 CBC cipher parameters. More...

int	asn1_parse_gcm (struct asn1_algorithm algorithm, struct asn1_cursor params)

int	asn1_generalized_time (const struct asn1_cursor cursor, time_t time)
	Parse ASN.1 GeneralizedTime. More...

int	asn1_grow (struct asn1_builder *builder, size_t extra)
	Grow ASN.1 builder. More...

int	asn1_prepend_raw (struct asn1_builder builder, const void data, size_t len)
	Prepend raw data to ASN.1 builder. More...

int	asn1_prepend (struct asn1_builder builder, unsigned int type, const void data, size_t len)
	Prepend data to ASN.1 builder. More...

int	asn1_wrap (struct asn1_builder *builder, unsigned int type)
	Wrap ASN.1 builder. More...

Variables
struct asn1_algorithm rsa_encryption_algorithm	__asn1_algorithm
	Generic elliptic curve container algorithm. More...

Detailed Description

ASN.1 encoding.

Definition in file asn1.h.

Macro Definition Documentation

◆ ASN1_MAX_LEN_LEN

#define ASN1_MAX_LEN_LEN ( 1 + sizeof ( size_t ) )

Maximum (viable) length of ASN.1 length.

While in theory unlimited, this length is sufficient to contain a size_t.

Definition at line 46 of file asn1.h.

◆ ASN1_END

#define ASN1_END 0x00

ASN.1 end.

Definition at line 57 of file asn1.h.

◆ ASN1_BOOLEAN

#define ASN1_BOOLEAN 0x01

ASN.1 boolean.

Definition at line 60 of file asn1.h.

◆ ASN1_INTEGER

#define ASN1_INTEGER 0x02

ASN.1 integer.

Definition at line 63 of file asn1.h.

◆ ASN1_BIT_STRING

#define ASN1_BIT_STRING 0x03

ASN.1 bit string.

Definition at line 66 of file asn1.h.

◆ ASN1_OCTET_STRING

#define ASN1_OCTET_STRING 0x04

ASN.1 octet string.

Definition at line 69 of file asn1.h.

◆ ASN1_NULL

#define ASN1_NULL 0x05

ASN.1 null.

Definition at line 72 of file asn1.h.

◆ ASN1_OID

#define ASN1_OID 0x06

ASN.1 object identifier.

Definition at line 75 of file asn1.h.

◆ ASN1_ENUMERATED

#define ASN1_ENUMERATED 0x0a

ASN.1 enumeration.

Definition at line 78 of file asn1.h.

◆ ASN1_UTF8_STRING

#define ASN1_UTF8_STRING 0x0c

ASN.1 UTF-8 string.

Definition at line 81 of file asn1.h.

◆ ASN1_UTC_TIME

#define ASN1_UTC_TIME 0x17

ASN.1 UTC time.

Definition at line 84 of file asn1.h.

◆ ASN1_GENERALIZED_TIME

#define ASN1_GENERALIZED_TIME 0x18

ASN.1 generalized time.

Definition at line 87 of file asn1.h.

◆ ASN1_SEQUENCE

#define ASN1_SEQUENCE 0x30

ASN.1 sequence.

Definition at line 90 of file asn1.h.

◆ ASN1_SET

#define ASN1_SET 0x31

ASN.1 set.

Definition at line 93 of file asn1.h.

◆ ASN1_IMPLICIT_TAG

#define ASN1_IMPLICIT_TAG ( number ) ( 0x80 | (number) )

ASN.1 implicit tag.

Definition at line 96 of file asn1.h.

◆ ASN1_EXPLICIT_TAG

#define ASN1_EXPLICIT_TAG ( number ) ( 0xa0 | (number) )

ASN.1 explicit tag.

Definition at line 99 of file asn1.h.

◆ ASN1_ANY

#define ASN1_ANY -1U

ASN.1 "any tag" magic value.

Definition at line 102 of file asn1.h.

◆ ASN1_SHORT

#define ASN1_SHORT	(	tag,
		...
	)	(tag), VA_ARG_COUNT ( __VA_ARGS__ ), __VA_ARGS__

Construct a short ASN.1 value.

Definition at line 105 of file asn1.h.

◆ ASN1_OID_INITIAL

#define ASN1_OID_INITIAL	(	first,
		second
	)	( ( (first) * 40 ) + (second) )

Initial OID byte.

Definition at line 109 of file asn1.h.

◆ ASN1_OID_SINGLE

#define ASN1_OID_SINGLE ( value ) ( (value) & 0x7f )

Single-byte OID value.

Valid for values up to 127

Definition at line 115 of file asn1.h.

◆ ASN1_OID_DOUBLE

#define ASN1_OID_DOUBLE ( value ) ( 0x80 | ( ( (value) >> 7 ) & 0x7f ) ), ASN1_OID_SINGLE ( (value) )

Double-byte OID value.

Valid for values up to 16383

Definition at line 121 of file asn1.h.

◆ ASN1_OID_TRIPLE

#define ASN1_OID_TRIPLE ( value ) ( 0x80 | ( ( (value) >> 14 ) & 0x7f ) ), ASN1_OID_DOUBLE ( (value) )

Double-byte OID value.

Valid for values up to 2097151

Definition at line 128 of file asn1.h.

◆ ASN1_OID_ECPUBLICKEY

#define ASN1_OID_ECPUBLICKEY

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_DOUBLE ( 10045 ), ASN1_OID_SINGLE ( 2 ),       \
        ASN1_OID_SINGLE ( 1 )

ASN.1 OID for ecPublicKey (1.2.840.10045.2.1)

Definition at line 132 of file asn1.h.

◆ ASN1_OID_PRIME256V1

#define ASN1_OID_PRIME256V1

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_DOUBLE ( 10045 ), ASN1_OID_SINGLE ( 3 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 7 )

ASN.1 OID for prime256v1 (1.2.840.10045.3.1.7)

Definition at line 138 of file asn1.h.

◆ ASN1_OID_ECDSA_WITH_SHA224

#define ASN1_OID_ECDSA_WITH_SHA224

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_DOUBLE ( 10045 ), ASN1_OID_SINGLE ( 4 ),       \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for ecdsa-with-SHA224 (1.2.840.10045.4.3.1)

Definition at line 144 of file asn1.h.

◆ ASN1_OID_ECDSA_WITH_SHA256

#define ASN1_OID_ECDSA_WITH_SHA256

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_DOUBLE ( 10045 ), ASN1_OID_SINGLE ( 4 ),       \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 2 )

ASN.1 OID for ecdsa-with-SHA256 (1.2.840.10045.4.3.2)

Definition at line 150 of file asn1.h.

◆ ASN1_OID_ECDSA_WITH_SHA384

#define ASN1_OID_ECDSA_WITH_SHA384

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_DOUBLE ( 10045 ), ASN1_OID_SINGLE ( 4 ),       \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 3 )

ASN.1 OID for ecdsa-with-SHA384 (1.2.840.10045.4.3.3)

Definition at line 156 of file asn1.h.

◆ ASN1_OID_ECDSA_WITH_SHA512

#define ASN1_OID_ECDSA_WITH_SHA512

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_DOUBLE ( 10045 ), ASN1_OID_SINGLE ( 4 ),       \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 )

ASN.1 OID for ecdsa-with-SHA512 (1.2.840.10045.4.3.4)

Definition at line 162 of file asn1.h.

◆ ASN1_OID_RSAENCRYPTION

#define ASN1_OID_RSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for rsaEncryption (1.2.840.113549.1.1.1)

Definition at line 168 of file asn1.h.

◆ ASN1_OID_MD5WITHRSAENCRYPTION

#define ASN1_OID_MD5WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 4 )

ASN.1 OID for md5WithRSAEncryption (1.2.840.113549.1.1.4)

Definition at line 174 of file asn1.h.

◆ ASN1_OID_SHA1WITHRSAENCRYPTION

#define ASN1_OID_SHA1WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 )

ASN.1 OID for sha1WithRSAEncryption (1.2.840.113549.1.1.5)

Definition at line 180 of file asn1.h.

◆ ASN1_OID_SHA256WITHRSAENCRYPTION

#define ASN1_OID_SHA256WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 11 )

ASN.1 OID for sha256WithRSAEncryption (1.2.840.113549.1.1.11)

Definition at line 186 of file asn1.h.

◆ ASN1_OID_SHA384WITHRSAENCRYPTION

#define ASN1_OID_SHA384WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 12 )

ASN.1 OID for sha384WithRSAEncryption (1.2.840.113549.1.1.12)

Definition at line 192 of file asn1.h.

◆ ASN1_OID_SHA512WITHRSAENCRYPTION

#define ASN1_OID_SHA512WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 13 )

ASN.1 OID for sha512WithRSAEncryption (1.2.840.113549.1.1.13)

Definition at line 198 of file asn1.h.

◆ ASN1_OID_SHA224WITHRSAENCRYPTION

#define ASN1_OID_SHA224WITHRSAENCRYPTION

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 14 )

ASN.1 OID for sha224WithRSAEncryption (1.2.840.113549.1.1.14)

Definition at line 204 of file asn1.h.

◆ ASN1_OID_MD4

#define ASN1_OID_MD4

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 2 ),      \
        ASN1_OID_SINGLE ( 4 )

ASN.1 OID for id-md4 (1.2.840.113549.2.4)

Definition at line 210 of file asn1.h.

◆ ASN1_OID_MD5

#define ASN1_OID_MD5

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 2 ),      \
        ASN1_OID_SINGLE ( 5 )

ASN.1 OID for id-md5 (1.2.840.113549.2.5)

Definition at line 216 of file asn1.h.

◆ ASN1_OID_SHA1

#define ASN1_OID_SHA1

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 14 ),      \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 2 ),           \
        ASN1_OID_SINGLE ( 26 )

ASN.1 OID for id-sha1 (1.3.14.3.2.26)

Definition at line 222 of file asn1.h.

◆ ASN1_OID_X25519

#define ASN1_OID_X25519

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 101 ), \

ASN1_OID_SINGLE ( 110 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:115

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:109

ASN.1 OID for id-x25519 (1.3.101.110)

Definition at line 228 of file asn1.h.

◆ ASN1_OID_SECP384R1

#define ASN1_OID_SECP384R1

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_DOUBLE ( 132 ), \

ASN1_OID_SINGLE ( 0 ), ASN1_OID_SINGLE ( 34 )

ASN1_OID_DOUBLE

#define ASN1_OID_DOUBLE(value)

Double-byte OID value.

Definition: asn1.h:121

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:115

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:109

ASN.1 OID for secp384r1 (1.3.132.0.34)

Definition at line 233 of file asn1.h.

◆ ASN1_OID_AES128_CBC

#define ASN1_OID_AES128_CBC

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 2 )

ASN.1 OID for id-aes128-cbc (2.16.840.1.101.3.4.1.2)

Definition at line 238 of file asn1.h.

◆ ASN1_OID_AES128_GCM

#define ASN1_OID_AES128_GCM

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 6 )

ASN.1 OID for id-aes128-gcm (2.16.840.1.101.3.4.1.6)

Definition at line 245 of file asn1.h.

◆ ASN1_OID_AES192_CBC

#define ASN1_OID_AES192_CBC

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 22 )

ASN.1 OID for id-aes192-cbc (2.16.840.1.101.3.4.1.22)

Definition at line 252 of file asn1.h.

◆ ASN1_OID_AES192_GCM

#define ASN1_OID_AES192_GCM

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 26 )

ASN.1 OID for id-aes192-gcm (2.16.840.1.101.3.4.1.26)

Definition at line 259 of file asn1.h.

◆ ASN1_OID_AES256_CBC

#define ASN1_OID_AES256_CBC

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 42 )

ASN.1 OID for id-aes256-cbc (2.16.840.1.101.3.4.1.42)

Definition at line 266 of file asn1.h.

◆ ASN1_OID_AES256_GCM

#define ASN1_OID_AES256_GCM

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 46 )

ASN.1 OID for id-aes256-gcm (2.16.840.1.101.3.4.1.46)

Definition at line 273 of file asn1.h.

◆ ASN1_OID_SHA256

#define ASN1_OID_SHA256

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-sha256 (2.16.840.1.101.3.4.2.1)

Definition at line 280 of file asn1.h.

◆ ASN1_OID_SHA384

#define ASN1_OID_SHA384

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 2 )

ASN.1 OID for id-sha384 (2.16.840.1.101.3.4.2.2)

Definition at line 287 of file asn1.h.

◆ ASN1_OID_SHA512

#define ASN1_OID_SHA512

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 3 )

ASN.1 OID for id-sha512 (2.16.840.1.101.3.4.2.3)

Definition at line 294 of file asn1.h.

◆ ASN1_OID_SHA224

#define ASN1_OID_SHA224

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 4 )

ASN.1 OID for id-sha224 (2.16.840.1.101.3.4.2.4)

Definition at line 301 of file asn1.h.

◆ ASN1_OID_SHA512_224

#define ASN1_OID_SHA512_224

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 5 )

ASN.1 OID for id-sha512-224 (2.16.840.1.101.3.4.2.5)

Definition at line 308 of file asn1.h.

◆ ASN1_OID_SHA512_256

#define ASN1_OID_SHA512_256

Value:

ASN1_OID_INITIAL ( 2, 16 ), ASN1_OID_DOUBLE ( 840 ),    \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 101 ),         \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 4 ),           \
        ASN1_OID_SINGLE ( 2 ), ASN1_OID_SINGLE ( 6 )

ASN.1 OID for id-sha512-256 (2.16.840.1.101.3.4.2.6)

Definition at line 315 of file asn1.h.

◆ ASN1_OID_COMMON_NAME

#define ASN1_OID_COMMON_NAME

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 4 ), \

ASN1_OID_SINGLE ( 3 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:115

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:109

ASN.1 OID for commonName (2.5.4.3)

Definition at line 322 of file asn1.h.

◆ ASN1_OID_KEYUSAGE

#define ASN1_OID_KEYUSAGE

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 15 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:115

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:109

ASN.1 OID for id-ce-keyUsage (2.5.29.15)

Definition at line 327 of file asn1.h.

◆ ASN1_OID_BASICCONSTRAINTS

#define ASN1_OID_BASICCONSTRAINTS

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 19 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:115

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:109

ASN.1 OID for id-ce-basicConstraints (2.5.29.19)

Definition at line 332 of file asn1.h.

◆ ASN1_OID_EXTKEYUSAGE

#define ASN1_OID_EXTKEYUSAGE

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 37 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:115

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:109

ASN.1 OID for id-ce-extKeyUsage (2.5.29.37)

Definition at line 337 of file asn1.h.

◆ ASN1_OID_CODESIGNING

#define ASN1_OID_CODESIGNING

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 3 )

ASN.1 OID for id-kp-codeSigning (1.3.6.1.5.5.7.3.3)

Definition at line 342 of file asn1.h.

◆ ASN1_OID_SIGNEDDATA

#define ASN1_OID_SIGNEDDATA

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 7 ), ASN1_OID_SINGLE ( 2 )

ASN.1 OID for id-signedData (1.2.840.113549.1.7.2)

Definition at line 349 of file asn1.h.

◆ ASN1_OID_ENVELOPEDDATA

#define ASN1_OID_ENVELOPEDDATA

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 7 ), ASN1_OID_SINGLE ( 3 )

ASN.1 OID for id-envelopedData (1.2.840.113549.1.7.3)

Definition at line 355 of file asn1.h.

◆ ASN1_OID_AUTHENVELOPEDDATA

#define ASN1_OID_AUTHENVELOPEDDATA

Value:

ASN1_OID_INITIAL ( 1, 2 ), ASN1_OID_DOUBLE ( 840 ),     \
        ASN1_OID_TRIPLE ( 113549 ), ASN1_OID_SINGLE ( 1 ),      \
        ASN1_OID_SINGLE ( 9 ), ASN1_OID_SINGLE ( 16 ),          \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 23 )

ASN.1 OID for id-authEnvelopedData (1.2.840.113549.1.9.16.1.23)

Definition at line 361 of file asn1.h.

◆ ASN1_OID_AUTHORITYINFOACCESS

#define ASN1_OID_AUTHORITYINFOACCESS

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-pe-authorityInfoAccess (1.3.6.1.5.5.7.1.1)

Definition at line 368 of file asn1.h.

◆ ASN1_OID_OCSP

#define ASN1_OID_OCSP

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 48 ), ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-ad-ocsp (1.3.6.1.5.5.7.48.1)

Definition at line 375 of file asn1.h.

◆ ASN1_OID_OCSP_BASIC

#define ASN1_OID_OCSP_BASIC

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 48 ), ASN1_OID_SINGLE ( 1 ),          \
        ASN1_OID_SINGLE ( 1 )

ASN.1 OID for id-pkix-ocsp-basic ( 1.3.6.1.5.5.7.48.1.1)

Definition at line 382 of file asn1.h.

◆ ASN1_OID_OCSPSIGNING

#define ASN1_OID_OCSPSIGNING

Value:

ASN1_OID_INITIAL ( 1, 3 ), ASN1_OID_SINGLE ( 6 ),       \
        ASN1_OID_SINGLE ( 1 ), ASN1_OID_SINGLE ( 5 ),           \
        ASN1_OID_SINGLE ( 5 ), ASN1_OID_SINGLE ( 7 ),           \
        ASN1_OID_SINGLE ( 3 ), ASN1_OID_SINGLE ( 9 )

ASN.1 OID for id-kp-OCSPSigning (1.3.6.1.5.5.7.3.9)

Definition at line 390 of file asn1.h.

◆ ASN1_OID_SUBJECTALTNAME

#define ASN1_OID_SUBJECTALTNAME

Value:

ASN1_OID_INITIAL ( 2, 5 ), ASN1_OID_SINGLE ( 29 ), \

ASN1_OID_SINGLE ( 17 )

ASN1_OID_SINGLE

#define ASN1_OID_SINGLE(value)

Single-byte OID value.

Definition: asn1.h:115

ASN1_OID_INITIAL

#define ASN1_OID_INITIAL(first, second)

Initial OID byte.

Definition: asn1.h:109

ASN.1 OID for id-ce-subjectAltName (2.5.29.17)

Definition at line 397 of file asn1.h.

◆ ASN1_CURSOR

#define ASN1_CURSOR ( value )

Value:

{                                       \
                .data = value,                                  \
                .len = sizeof ( value ),                        \
        }

Define an ASN.1 cursor for a static value.

Definition at line 402 of file asn1.h.

◆ ASN1_ALGORITHMS

#define ASN1_ALGORITHMS __table ( struct asn1_algorithm, "asn1_algorithms" )

ASN.1 OID-identified algorithms.

Definition at line 433 of file asn1.h.

◆ __asn1_algorithm

struct asn1_algorithm ecpubkey_algorithm __asn1_algorithm __table_entry ( ASN1_ALGORITHMS, 01 )

Declare an ASN.1 OID-identified algorithm.

"aes256-gcm" OID-identified algorithm

"aes192-gcm" OID-identified algorithm

"aes256-cbc" OID-identified algorithm

"aes192-cbc" OID-identified algorithm

Definition at line 436 of file asn1.h.

Function Documentation

◆ FILE_LICENCE()

FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL )

◆ FILE_SECBOOT()

FILE_SECBOOT ( PERMITTED )

◆ asn1_invalidate_cursor()

static void asn1_invalidate_cursor ( struct asn1_cursor * cursor )

inlinestatic

Invalidate ASN.1 object cursor.

Parameters

cursor ASN.1 object cursor

Definition at line 468 of file asn1.h.

                                                       {
         cursor->len = 0;
 }

References asn1_cursor::len.

Referenced by asn1_enter(), asn1_enter_bits(), asn1_shrink(), asn1_skip(), asn1_start(), and ecdsa_parse_key().

◆ asn1_type()

static unsigned int asn1_type ( const struct asn1_cursor * cursor )

inlinestatic

Extract ASN.1 type.

Parameters

cursor ASN.1 object cursor

Return values

type	Type, or ASN1_END if cursor is invalid

Definition at line 479 of file asn1.h.

                                                {
         const uint8_t *type = cursor->data;
 
         return ( ( cursor->len >= sizeof ( *type ) ) ? *type : ASN1_END );
 }

References ASN1_END, asn1_cursor::data, asn1_cursor::len, and type.

Referenced by asn1_generalized_time(), asn1_start(), ecdsa_parse_key(), ocsp_parse_basic_response(), ocsp_parse_responder_id(), ocsp_parse_responses(), rsa_parse_mod_exp(), x509_check_alt_name(), x509_parse_basic_constraints(), x509_parse_extension(), and x509_parse_tbscertificate().

◆ asn1_built()

static struct asn1_cursor* asn1_built ( struct asn1_builder * builder )

inlinestatic

Get cursor for built object.

Parameters

builder ASN.1 object builder

Return values

cursor ASN.1 object cursor

Definition at line 492 of file asn1.h.

                                             {
         union {
                 struct asn1_builder builder;
                 struct asn1_cursor cursor;
         } *u = container_of ( builder, typeof ( *u ), builder );
 
         /* Sanity check */
         build_assert ( ( ( const void * ) &u->builder.data ) ==
                        &u->cursor.data );
         build_assert ( &u->builder.len == &u->cursor.len );
 
         return &u->cursor;
 }

References build_assert, container_of, typeof(), and u.

Referenced by icert_certs(), privkey_cursor(), pubkey_okx(), and pubkey_sign_okx().

◆ asn1_enter()

int asn1_enter	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Enter ASN.1 object.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be updated to point to the body of the current ASN.1 object.

If any error occurs, the object cursor will be invalidated.

Definition at line 169 of file asn1.c.

                                                                  {
         int len;
 
         /* Parse current object */
         len = asn1_start ( cursor, type );
         if ( len < 0 ) {
                 asn1_invalidate_cursor ( cursor );
                 return len;
         }
 
         /* Update cursor */
         if ( ( ( size_t ) len ) <= cursor->len )
                 cursor->len = len;
 
         DBGC ( cursor, "ASN1 %p entered object type %02x (len %x)\n",
                cursor, type, len );
         return 0;
 }

References asn1_invalidate_cursor(), asn1_start(), DBGC, asn1_cursor::len, len, and type.

Referenced by asn1_algorithm(), asn1_boolean(), asn1_curve_algorithm(), asn1_enter_any(), asn1_enter_bits(), asn1_enter_unsigned(), asn1_generalized_time(), asn1_integer(), asn1_parse_cbc(), asn1_parse_gcm(), cms_parse(), cms_parse_certificates(), cms_parse_content_type(), cms_parse_encrypted(), cms_parse_enveloped(), cms_parse_identifier(), cms_parse_mac(), cms_parse_participant(), cms_parse_participants(), cms_parse_signed(), cms_parse_value(), ecdsa_parse_key(), ecdsa_verify(), ocsp_compare_responder_key_hash(), ocsp_parse_basic_response(), ocsp_parse_cert_id(), ocsp_parse_certs(), ocsp_parse_response(), ocsp_parse_response_bytes(), ocsp_parse_response_status(), ocsp_parse_response_type(), ocsp_parse_responses(), ocsp_parse_tbs_response_data(), ocsp_request(), rsa_parse_mod_exp(), validator_append(), x509_parse(), x509_parse_access_description(), x509_parse_authority_info_access(), x509_parse_basic_constraints(), x509_parse_common_name(), x509_parse_extended_key_usage(), x509_parse_extension(), x509_parse_extensions(), x509_parse_key_purpose(), x509_parse_ocsp(), x509_parse_public_key(), x509_parse_subject_alt_name(), x509_parse_tbscertificate(), x509_parse_validity(), and x509_parse_version().

◆ asn1_skip_if_exists()

int asn1_skip_if_exists	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Skip ASN.1 object if present.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be updated to point to the next ASN.1 object.

If the expected type is not found, the object cursor will not be modified. If any other error occurs, the object cursor will be invalidated.

Definition at line 202 of file asn1.c.

                                                                           {
         int len;
 
         /* Parse current object */
         len = asn1_start ( cursor, type );
         if ( len < 0 )
                 return len;
 
         /* Update cursor */
         cursor->data += len;
         cursor->len -= len;
 
         DBGC ( cursor, "ASN1 %p skipped object type %02x (len %x)\n",
                cursor, type, len );
         return 0;
 }

References asn1_start(), asn1_cursor::data, DBGC, asn1_cursor::len, len, and type.

Referenced by asn1_skip(), cms_parse_enveloped(), cms_parse_participant(), cms_parse_signed(), and ocsp_parse_tbs_response_data().

◆ asn1_skip()

int asn1_skip	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Skip ASN.1 object.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be updated to point to the next ASN.1 object.

If any error occurs, the object cursor will be invalidated.

Definition at line 231 of file asn1.c.

                                                                 {
         int rc;
 
         if ( ( rc = asn1_skip_if_exists ( cursor, type ) ) != 0 ) {
                 asn1_invalidate_cursor ( cursor );
                 return rc;
         }
 
         return 0;
 }

References asn1_invalidate_cursor(), asn1_skip_if_exists(), rc, and type.

Referenced by asn1_skip_any(), cms_parse_encrypted(), cms_parse_enveloped(), cms_parse_participant(), cms_parse_signed(), der_image_probe(), ecdsa_parse_key(), ocsp_parse_cert_id(), ocsp_request(), and rsa_parse_mod_exp().

◆ asn1_shrink()

int asn1_shrink	(	struct asn1_cursor *	cursor,
		unsigned int	type
	)

Shrink ASN.1 cursor to fit object.

Parameters

cursor	ASN.1 object cursor
type	Expected type, or ASN1_ANY

Return values

rc	Return status code

The object cursor will be shrunk to contain only the current ASN.1 object.

If any error occurs, the object cursor will be invalidated.

Definition at line 254 of file asn1.c.

                                                                   {
         struct asn1_cursor temp;
         const void *end;
         int len;
 
         /* Find end of object */
         memcpy ( &temp, cursor, sizeof ( temp ) );
         len = asn1_start ( &temp, type );
         if ( len < 0 ) {
                 asn1_invalidate_cursor ( cursor );
                 return len;
         }
         end = ( temp.data + len );
 
         /* Shrink original cursor to contain only its first object */
         cursor->len = ( end - cursor->data );
 
         return 0;
 }

References asn1_invalidate_cursor(), asn1_start(), asn1_cursor::data, end, asn1_cursor::len, len, memcpy(), and type.

Referenced by asn1_shrink_any(), cms_parse_identifier(), ocsp_parse_cert_id(), x509_parse_issuer(), and x509_parse_serial().

◆ asn1_enter_any()

int asn1_enter_any ( struct asn1_cursor * cursor )

Enter ASN.1 object of any type.

Parameters

cursor ASN.1 object cursor

Return values

rc	Return status code

Definition at line 280 of file asn1.c.

                                                   {
         return asn1_enter ( cursor, ASN1_ANY );
 }

References ASN1_ANY, and asn1_enter().

Referenced by ecdsa_parse_key(), ocsp_parse_responder_id(), x509_check_alt_name(), and x509_parse_common_name().

◆ asn1_skip_any()

int asn1_skip_any ( struct asn1_cursor * cursor )

Skip ASN.1 object of any type.

Parameters

cursor ASN.1 object cursor

Return values

rc	Return status code

Definition at line 290 of file asn1.c.

                                                  {
         return asn1_skip ( cursor, ASN1_ANY );
 }

References ASN1_ANY, and asn1_skip().

Referenced by asn1_algorithm(), cms_parse(), cms_parse_certificates(), cms_parse_enveloped(), cms_parse_identifier(), cms_parse_participant(), cms_parse_participants(), cms_parse_signed(), ecdsa_parse_key(), ecdsa_verify(), ocsp_parse_basic_response(), ocsp_parse_certs(), ocsp_parse_response(), ocsp_parse_response_bytes(), ocsp_parse_responses(), ocsp_parse_tbs_response_data(), rsa_parse_mod_exp(), validator_append(), x509_check_name(), x509_parse(), x509_parse_access_description(), x509_parse_authority_info_access(), x509_parse_basic_constraints(), x509_parse_common_name(), x509_parse_extended_key_usage(), x509_parse_extension(), x509_parse_extensions(), x509_parse_public_key(), x509_parse_tbscertificate(), and x509_parse_validity().

◆ asn1_shrink_any()

int asn1_shrink_any ( struct asn1_cursor * cursor )

Shrink ASN.1 object of any type.

Parameters

cursor ASN.1 object cursor

Return values

rc	Return status code

Definition at line 300 of file asn1.c.

                                                    {
         return asn1_shrink ( cursor, ASN1_ANY );
 }

References ASN1_ANY, and asn1_shrink().

Referenced by cms_message(), der_asn1(), ocsp_parse_tbs_response_data(), x509_certificate(), x509_parse_public_key(), x509_parse_subject(), and x509_parse_tbscertificate().

◆ asn1_enter_bits()

int asn1_enter_bits	(	struct asn1_cursor *	cursor,
		unsigned int *	unused
	)

Enter ASN.1 bit string.

Parameters

cursor	ASN.1 cursor
unused	Unused bits to fill in (or NULL to require all used)

Return values

rc	Return status code

Definition at line 311 of file asn1.c.

                                                                          {
         const struct {
                 uint8_t unused;
                 uint8_t data[0];
         } __attribute__ (( packed )) *bit_string;
         const uint8_t *last;
         unsigned int unused_bits;
         uint8_t unused_mask;
         int rc;
 
         /* Enter bit string */
         if ( ( rc = asn1_enter ( cursor, ASN1_BIT_STRING ) ) != 0 )
                 return rc;
 
         /* Check that bit string header exists */
         if ( cursor->len < sizeof ( *bit_string ) ) {
                 DBGC ( cursor, "ASN1 %p invalid bit string:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 asn1_invalidate_cursor ( cursor );
                 return -EINVAL_BIT_STRING;
         }
         bit_string = cursor->data;
         cursor->data = &bit_string->data;
         cursor->len -= offsetof ( typeof ( *bit_string ), data );
         unused_bits = bit_string->unused;
 
         /* Check validity of unused bits */
         unused_mask = ( 0xff >> ( 8 - unused_bits ) );
         last = ( cursor->data + cursor->len - 1 );
         if ( ( unused_bits >= 8 ) ||
              ( ( unused_bits > 0 ) && ( cursor->len == 0 ) ) ||
              ( ( *last & unused_mask ) != 0 ) ) {
                 DBGC ( cursor, "ASN1 %p invalid bit string:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 asn1_invalidate_cursor ( cursor );
                 return -EINVAL_BIT_STRING;
         }
 
         /* Record or check number of unused bits, as applicable */
         if ( unused ) {
                 *unused = unused_bits;
         } else if ( unused_bits ) {
                 DBGC ( cursor, "ASN1 %p invalid integral bit string:\n",
                        cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 asn1_invalidate_cursor ( cursor );
                 return -EINVAL_BIT_STRING;
         }
 
         return 0;
 }

References __attribute__, ASN1_BIT_STRING, asn1_enter(), asn1_invalidate_cursor(), data, asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_BIT_STRING, asn1_cursor::len, offsetof, rc, typeof(), and unused.

Referenced by ecdsa_parse_key(), ocsp_parse_basic_response(), rsa_parse_mod_exp(), x509_parse(), x509_parse_key_usage(), and x509_parse_public_key().

◆ asn1_enter_unsigned()

int asn1_enter_unsigned ( struct asn1_cursor * cursor )

Enter ASN.1 unsigned integer.

Parameters

cursor ASN.1 object cursor

Return values

rc	Return status code

Definition at line 369 of file asn1.c.

                                                        {
         int rc;
 
         /* Enter integer */
         if ( ( rc = asn1_enter ( cursor, ASN1_INTEGER ) ) != 0 )
                 return rc;
 
         /* Skip initial positive sign byte if applicable */
         if ( ( cursor->len > 1 ) &&
              ( *( ( uint8_t * ) cursor->data ) == 0x00 ) ) {
                 cursor->data++;
                 cursor->len--;
         }
 
         return 0;
 }

References asn1_enter(), ASN1_INTEGER, asn1_cursor::data, asn1_cursor::len, and rc.

Referenced by ecdsa_parse_signature(), and rsa_parse_mod_exp().

◆ asn1_boolean()

int asn1_boolean ( const struct asn1_cursor * cursor )

Parse value of ASN.1 boolean.

Parameters

cursor ASN.1 object cursor

Return values

value Value, or negative error

Definition at line 392 of file asn1.c.

                                                       {
         struct asn1_cursor contents;
         const struct {
                 uint8_t value;
         } __attribute__ (( packed )) *boolean;
 
         /* Enter boolean */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         asn1_enter ( &contents, ASN1_BOOLEAN );
         if ( contents.len != sizeof ( *boolean ) )
                 return -EINVAL_ASN1_BOOLEAN;
 
         /* Extract value */
         boolean = contents.data;
         return boolean->value;
 }

References __attribute__, ASN1_BOOLEAN, asn1_enter(), asn1_cursor::data, EINVAL_ASN1_BOOLEAN, asn1_cursor::len, memcpy(), and value.

Referenced by x509_parse_basic_constraints(), and x509_parse_extension().

◆ asn1_integer()

int asn1_integer	(	const struct asn1_cursor *	cursor,
		int *	value
	)

Parse value of ASN.1 integer.

Parameters

cursor	ASN.1 object cursor
value	Value to fill in

Return values

rc	Return status code

Definition at line 416 of file asn1.c.

                                                                   {
         struct asn1_cursor contents;
         uint8_t high_byte;
         int rc;
 
         /* Enter integer */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         if ( ( rc = asn1_enter ( &contents, ASN1_INTEGER ) ) != 0 )
                 return rc;
         if ( contents.len < 1 )
                 return -EINVAL_ASN1_INTEGER;
 
         /* Initialise value according to sign byte */
         *value = *( ( int8_t * ) contents.data );
         contents.data++;
         contents.len--;
 
         /* Process value */
         while ( contents.len ) {
                 high_byte = ( (*value) >> ( 8 * ( sizeof ( *value ) - 1 ) ) );
                 if ( ( high_byte != 0x00 ) && ( high_byte != 0xff ) ) {
                         DBGC ( cursor, "ASN1 %p integer overflow\n", cursor );
                         return -EINVAL_ASN1_INTEGER;
                 }
                 *value = ( ( *value << 8 ) | *( ( uint8_t * ) contents.data ) );
                 contents.data++;
                 contents.len--;
         }
 
         return 0;
 }

References asn1_enter(), ASN1_INTEGER, asn1_cursor::data, DBGC, EINVAL_ASN1_INTEGER, asn1_cursor::len, memcpy(), rc, and value.

Referenced by x509_parse_basic_constraints(), and x509_parse_version().

◆ asn1_compare()

int asn1_compare	(	const struct asn1_cursor *	cursor1,
		const struct asn1_cursor *	cursor2
	)

Compare two ASN.1 objects.

Parameters

cursor1	ASN.1 object cursor
cursor2	ASN.1 object cursor

Return values

difference Difference as returned by memcmp()

Note that invalid and empty cursors will compare as equal with each other.

Definition at line 458 of file asn1.c.

                                                        {
         int difference;
 
         difference = ( cursor2->len - cursor1->len );
         return ( difference ? difference :
                  memcmp ( cursor1->data, cursor2->data, cursor1->len ) );
 }

References asn1_cursor::data, asn1_cursor::len, and memcmp().

Referenced by asn1_find_algorithm(), cms_parse_content_type(), ocsp_compare_responder_name(), ocsp_parse_cert_id(), ocsp_parse_response_type(), pubkey_okx(), pubkey_sign_okx(), rsa_match(), x509_check_issuer(), x509_find(), x509_find_access_method(), x509_find_extension(), x509_find_issuer_serial(), x509_find_subject(), x509_is_self_signed(), x509_parse_common_name(), and x509_parse_key_purpose().

◆ asn1_algorithm()

int asn1_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm,
		struct asn1_cursor *	params
	)

Parse ASN.1 OID-identified algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
params	Algorithm parameters, or NULL
rc	Return status code

Definition at line 494 of file asn1.c.

                                                   {
         struct asn1_cursor contents;
         int rc;
 
         /* Enter algorithm */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         asn1_enter ( &contents, ASN1_SEQUENCE );
 
         /* Get raw parameters, if applicable */
         if ( params ) {
                 memcpy ( params, &contents, sizeof ( *params ) );
                 asn1_skip_any ( params );
         }
 
         /* Enter algorithm identifier */
         if ( ( rc = asn1_enter ( &contents, ASN1_OID ) ) != 0 ) {
                 DBGC ( cursor, "ASN1 %p cannot locate algorithm OID:\n",
                        cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_ASN1_ALGORITHM;
         }
 
         /* Identify algorithm */
         *algorithm = asn1_find_algorithm ( &contents );
         if ( ! *algorithm ) {
                 DBGC ( cursor, "ASN1 %p unrecognised algorithm:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTSUP_ALGORITHM;
         }
 
         /* Parse parameters, if applicable */
         if ( params && (*algorithm)->parse &&
              ( ( rc = (*algorithm)->parse ( *algorithm, params ) ) != 0 ) ) {
                 DBGC ( cursor, "ASN1 %p cannot parse %s parameters: %s\n",
                        cursor, (*algorithm)->name, strerror ( rc ) );
                 return rc;
         }
 
         return 0;
 }

References algorithm, asn1_enter(), asn1_find_algorithm(), ASN1_OID, ASN1_SEQUENCE, asn1_skip_any(), asn1_cursor::data, DBGC, DBGC_HDA, EINVAL_ASN1_ALGORITHM, ENOTSUP_ALGORITHM, asn1_cursor::len, memcpy(), rc, and strerror().

◆ asn1_pubkey_algorithm()

int asn1_pubkey_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified public-key algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 544 of file asn1.c.

                                                                 {
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, algorithm, NULL ) ) != 0 )
                 return rc;
 
         /* Check algorithm has a public key */
         if ( ! (*algorithm)->pubkey ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a public-key "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, NULL, and rc.

Referenced by cms_parse_pubkey_algorithm(), and x509_parse_public_key().

◆ asn1_digest_algorithm()

int asn1_digest_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified digest algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 570 of file asn1.c.

                                                                 {
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, algorithm, NULL ) ) != 0 )
                 return rc;
 
         /* Check algorithm has a digest */
         if ( ! (*algorithm)->digest ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a digest "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, NULL, and rc.

Referenced by cms_parse_digest_algorithm().

◆ asn1_cipher_algorithm()

int asn1_cipher_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm,
		struct asn1_cursor *	params
	)

Parse ASN.1 OID-identified cipher algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
params	Algorithm parameters, or NULL
rc	Return status code

Definition at line 597 of file asn1.c.

                                                          {
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, algorithm, params ) ) != 0 )
                 return rc;
 
         /* Check algorithm has a cipher */
         if ( ! (*algorithm)->cipher ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a cipher "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, and rc.

Referenced by cms_parse_cipher_algorithm().

◆ asn1_signature_algorithm()

int asn1_signature_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified signature algorithm.

Parameters

cursor ASN.1 object cursor

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 624 of file asn1.c.

                                                                    {
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, algorithm, NULL ) ) != 0 )
                 return rc;
 
         /* Check algorithm has a public key */
         if ( ! (*algorithm)->pubkey ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a signature "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         /* Check algorithm has a digest */
         if ( ! (*algorithm)->digest ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not a signature "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_cursor::data, DBGC, DBGC_HDA, ENOTTY_ALGORITHM, asn1_cursor::len, NULL, and rc.

Referenced by ocsp_parse_basic_response(), x509_parse(), and x509_parse_tbscertificate().

◆ asn1_curve_algorithm()

int asn1_curve_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm *	wrapper,
		struct asn1_algorithm **	algorithm
	)

Parse ASN.1 OID-identified elliptic curve algorithm.

Parameters

cursor	ASN.1 object cursor
wrapper	Optional wrapper algorithm, or NULL

Return values

algorithm	Algorithm
rc	Return status code

Definition at line 659 of file asn1.c.

                                                                {
         struct asn1_cursor curve;
 
         /* Elliptic curves are identified as either:
          *
          * - a wrapper algorithm "id-ecPublicKey" with the actual
          *   curve specified in the algorithm parameters, or
          *
          * - a standalone object identifier for the curve
          */
         if ( ( wrapper == NULL ) ||
              ( asn1_check_algorithm ( cursor, wrapper, &curve ) != 0 ) ) {
                 memcpy ( &curve, cursor, sizeof ( curve ) );
         }
 
         /* Identify curve */
         asn1_enter ( &curve, ASN1_OID );
         *algorithm = asn1_find_algorithm ( &curve );
         if ( ! *algorithm ) {
                 DBGC ( cursor, "ASN1 %p unrecognised EC algorithm:\n",
                        cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTSUP_ALGORITHM;
         }
 
         /* Check algorithm has an elliptic curve */
         if ( ! (*algorithm)->curve ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s is not an elliptic curve "
                        "algorithm:\n", cursor, (*algorithm)->name );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References algorithm, asn1_check_algorithm(), asn1_enter(), asn1_find_algorithm(), ASN1_OID, asn1_cursor::data, DBGC, DBGC_HDA, ENOTSUP_ALGORITHM, ENOTTY_ALGORITHM, asn1_cursor::len, memcpy(), and NULL.

Referenced by ecdsa_parse_key().

◆ asn1_check_algorithm()

int asn1_check_algorithm	(	const struct asn1_cursor *	cursor,
		struct asn1_algorithm *	expected,
		struct asn1_cursor *	params
	)

Check ASN.1 OID-identified algorithm.

Parameters

cursor	ASN.1 object cursor
expected	Expected algorithm

Return values

params	Algorithm parameters, or NULL
rc	Return status code

Definition at line 705 of file asn1.c.

                                                         {
         struct asn1_algorithm *actual;
         int rc;
 
         /* Parse algorithm */
         if ( ( rc = asn1_algorithm ( cursor, &actual, params ) ) != 0 )
                 return rc;
 
         /* Check algorithm matches */
         if ( actual != expected ) {
                 DBGC ( cursor, "ASN1 %p algorithm %s does not match %s\n",
                        cursor, actual->name, expected->name );
                 return -ENOTTY_ALGORITHM;
         }
 
         return 0;
 }

References DBGC, ENOTTY_ALGORITHM, asn1_algorithm::name, and rc.

Referenced by asn1_curve_algorithm(), and rsa_parse_mod_exp().

◆ asn1_parse_cbc()

int asn1_parse_cbc	(	struct asn1_algorithm *	algorithm,
		struct asn1_cursor *	params
	)

Parse ASN.1 CBC cipher parameters.

Parameters

algorithm	Algorithm
param	Parameters to parse

Return values

rc	Return status code

Definition at line 732 of file asn1.c.

                                                   {
         struct cipher_algorithm *cipher = algorithm->cipher;
 
         /* Sanity check */
         assert ( cipher != NULL );
 
         /* Enter parameters */
         asn1_enter ( params, ASN1_OCTET_STRING );
 
         /* Check length */
         if ( params->len != cipher->blocksize )
                 return -EINVAL;
 
         return 0;
 }

References algorithm, asn1_enter(), ASN1_OCTET_STRING, assert(), cipher_algorithm::blocksize, EINVAL, asn1_cursor::len, and NULL.

◆ asn1_parse_gcm()

int asn1_parse_gcm	(	struct asn1_algorithm *	algorithm,
		struct asn1_cursor *	params
	)

◆ asn1_generalized_time()

int asn1_generalized_time	(	const struct asn1_cursor *	cursor,
		time_t *	time
	)

Parse ASN.1 GeneralizedTime.

Parameters

cursor	ASN.1 cursor
time	Time to fill in

Return values

rc	Return status code

RFC 5280 section 4.1.2.5 places several restrictions on the allowed formats for UTCTime and GeneralizedTime, and mandates the interpretation of centuryless year values.

Definition at line 777 of file asn1.c.

                                                                              {
         struct asn1_cursor contents;
         unsigned int have_century;
         unsigned int type;
         union {
                 struct {
                         uint8_t century;
                         uint8_t year;
                         uint8_t month;
                         uint8_t day;
                         uint8_t hour;
                         uint8_t minute;
                         uint8_t second;
                 } __attribute__ (( packed )) named;
                 uint8_t raw[7];
         } pairs;
         struct tm tm;
         const uint8_t *data;
         size_t remaining;
         unsigned int tens;
         unsigned int units;
         unsigned int i;
         int rc;
 
         /* Determine time format utcTime/generalizedTime */
         memcpy ( &contents, cursor, sizeof ( contents ) );
         type = asn1_type ( &contents );
         switch ( type ) {
         case ASN1_UTC_TIME:
                 have_century = 0;
                 break;
         case ASN1_GENERALIZED_TIME:
                 have_century = 1;
                 break;
         default:
                 DBGC ( cursor, "ASN1 %p invalid time type %02x\n",
                        cursor, type );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_ASN1_TIME;
         }
 
         /* Enter utcTime/generalizedTime */
         if ( ( rc = asn1_enter ( &contents, type ) ) != 0 ) {
                 DBGC ( cursor, "ASN1 %p cannot locate %s time:\n", cursor,
                        ( ( type == ASN1_UTC_TIME ) ? "UTC" : "generalized" ) );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return rc;
         }
 
         /* Parse digit string a pair at a time */
         memset ( &pairs, 0, sizeof ( pairs ) );
         data = contents.data;
         remaining = contents.len;
         for ( i = ( have_century ? 0 : 1 ) ; i < sizeof ( pairs.raw ) ; i++ ) {
                 if ( remaining < 2 ) {
                         /* Some certificates violate the X.509 RFC by
                          * omitting the "seconds" value.
                          */
                         if ( i == ( sizeof ( pairs.raw ) - 1 ) )
                                 break;
                         DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
                         DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                         return -EINVAL_ASN1_TIME;
                 }
                 tens = data[0];
                 units = data[1];
                 if ( ! ( isdigit ( tens ) && isdigit ( units ) ) ) {
                         DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
                         DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                         return -EINVAL_ASN1_TIME;
                 }
                 pairs.raw[i] = ( ( 10 * ( tens - '0' ) ) + ( units - '0' ) );
                 data += 2;
                 remaining -= 2;
         }
 
         /* Determine century if applicable */
         if ( ! have_century )
                 pairs.named.century = ( ( pairs.named.year >= 50 ) ? 19 : 20 );
 
         /* Check for trailing "Z" */
         if ( ( remaining != 1 ) || ( data[0] != 'Z' ) ) {
                 DBGC ( cursor, "ASN1 %p invalid time:\n", cursor );
                 DBGC_HDA ( cursor, 0, cursor->data, cursor->len );
                 return -EINVAL_ASN1_TIME;
         }
 
         /* Fill in time */
         tm.tm_year = ( ( ( pairs.named.century - 19 ) * 100 ) +
                        pairs.named.year );
         tm.tm_mon = ( pairs.named.month - 1 );
         tm.tm_mday = pairs.named.day;
         tm.tm_hour = pairs.named.hour;
         tm.tm_min = pairs.named.minute;
         tm.tm_sec = pairs.named.second;
 
         /* Convert to seconds since the Epoch */
         *time = mktime ( &tm );
 
         return 0;
 }

References __attribute__, asn1_enter(), ASN1_GENERALIZED_TIME, asn1_type(), ASN1_UTC_TIME, century, data, asn1_cursor::data, day, DBGC, DBGC_HDA, EINVAL_ASN1_TIME, isdigit(), asn1_cursor::len, memcpy(), memset(), mktime(), month, raw, rc, tm::tm_hour, tm::tm_mday, tm::tm_min, tm::tm_mon, tm::tm_sec, tm::tm_year, type, and year.

Referenced by ocsp_parse_responses(), and x509_parse_validity().

◆ asn1_grow()

int asn1_grow	(	struct asn1_builder *	builder,
		size_t	extra
	)

Grow ASN.1 builder.

Parameters

builder	ASN.1 builder
extra	Extra space to prepend

Return values

rc	Return status code

Definition at line 916 of file asn1.c.

                                                              {
         size_t new_len;
         void *new;
 
         /* As with the ASN1 parsing functions, make errors permanent */
         if ( builder->len && ! builder->data )
                 return -ENOMEM;
 
         /* Reallocate data buffer */
         new_len = ( builder->len + extra );
         new = realloc ( builder->data, new_len );
         if ( ! new ) {
                 free ( builder->data );
                 builder->data = NULL;
                 return -ENOMEM;
         }
         builder->data = new;
 
         /* Move existing data to end of buffer */
         memmove ( ( builder->data + extra ), builder->data, builder->len );
         builder->len = new_len;
 
         return 0;
 }

References asn1_builder::data, ENOMEM, extra, free, asn1_builder::len, memmove(), NULL, and realloc().

Referenced by asn1_prepend(), asn1_prepend_raw(), asn1_wrap(), rsa_decrypt(), rsa_encrypt(), and rsa_sign().

◆ asn1_prepend_raw()

int asn1_prepend_raw	(	struct asn1_builder *	builder,
		const void *	data,
		size_t	len
	)

Prepend raw data to ASN.1 builder.

Parameters

builder	ASN.1 builder
data	Data to prepend
len	Length of data to prepend

Return values

rc	Return status code

Definition at line 949 of file asn1.c.

                                     {
         int rc;
 
         /* Grow buffer */
         if ( ( rc = asn1_grow ( builder, len ) ) != 0 )
                 return rc;
 
         /* Populate data buffer */
         memcpy ( builder->data, data, len );
 
         return 0;
 }

References asn1_grow(), data, asn1_builder::data, len, memcpy(), and rc.

Referenced by icert_cert(), icert_certs(), ocsp_request(), tls_send_certificate_verify(), and tls_send_client_key_exchange_pubkey().

◆ asn1_prepend()

int asn1_prepend	(	struct asn1_builder *	builder,
		unsigned int	type,
		const void *	data,
		size_t	len
	)

Prepend data to ASN.1 builder.

Parameters

builder	ASN.1 builder
type	Type
data	Data to prepend
len	Length of data to prepend

Return values

rc	Return status code

Definition at line 972 of file asn1.c.

                                                   {
         struct asn1_builder_header header;
         size_t header_len;
         int rc;
 
         /* Construct header */
         header_len = asn1_header ( &header, type, len );
 
         /* Grow buffer */
         if ( ( rc = asn1_grow ( builder, header_len + len ) ) != 0 )
                 return rc;
 
         /* Populate data buffer */
         memcpy ( builder->data, &header, header_len );
         memcpy ( ( builder->data + header_len ), data, len );
 
         return 0;
 }

References asn1_grow(), asn1_header(), data, asn1_builder::data, header, len, memcpy(), rc, and type.

Referenced by ecdsa_prepend_signature(), icert_certs(), and ocsp_request().

◆ asn1_wrap()

int asn1_wrap	(	struct asn1_builder *	builder,
		unsigned int	type
	)

Wrap ASN.1 builder.

Parameters

builder	ASN.1 builder
type	Type

Return values

rc	Return status code

Definition at line 999 of file asn1.c.

                                                                   {
         struct asn1_builder_header header;
         size_t header_len;
         int rc;
 
         /* Construct header */
         header_len = asn1_header ( &header, type, builder->len );
 
         /* Grow buffer */
         if ( ( rc = asn1_grow ( builder, header_len ) ) != 0 )
                 return rc;
 
         /* Populate data buffer */
         memcpy ( builder->data, &header, header_len );
 
         return 0;
 }

References asn1_grow(), asn1_header(), asn1_builder::data, header, asn1_builder::len, memcpy(), rc, and type.

Referenced by ecdsa_sign(), icert_cert(), icert_certs(), and ocsp_request().

Variable Documentation

◆ __asn1_algorithm

struct asn1_algorithm ecpubkey_algorithm __asn1_algorithm

Generic elliptic curve container algorithm.

The actual curve to be used is identified via the algorithm parameters, rather than the top-level OID.

Generic elliptic curve container algorithm.

"aes256-cbc" OID-identified algorithm

"aes192-cbc" OID-identified algorithm

Generic elliptic curve container algorithm.

"aes256-gcm" OID-identified algorithm

"aes192-gcm" OID-identified algorithm

Definition at line 440 of file asn1.h.

Data Structures

Macros

Functions

Variables

Detailed Description

Macro Definition Documentation

◆ ASN1_MAX_LEN_LEN

◆ ASN1_END

◆ ASN1_BOOLEAN

◆ ASN1_INTEGER

◆ ASN1_BIT_STRING

◆ ASN1_OCTET_STRING

◆ ASN1_NULL

◆ ASN1_OID

◆ ASN1_ENUMERATED

◆ ASN1_UTF8_STRING

◆ ASN1_UTC_TIME

◆ ASN1_GENERALIZED_TIME

◆ ASN1_SEQUENCE

◆ ASN1_SET

◆ ASN1_IMPLICIT_TAG

◆ ASN1_EXPLICIT_TAG

◆ ASN1_ANY

◆ ASN1_SHORT

◆ ASN1_OID_INITIAL

◆ ASN1_OID_SINGLE

◆ ASN1_OID_DOUBLE

◆ ASN1_OID_TRIPLE

◆ ASN1_OID_ECPUBLICKEY

◆ ASN1_OID_PRIME256V1

◆ ASN1_OID_ECDSA_WITH_SHA224

◆ ASN1_OID_ECDSA_WITH_SHA256

◆ ASN1_OID_ECDSA_WITH_SHA384

◆ ASN1_OID_ECDSA_WITH_SHA512

◆ ASN1_OID_RSAENCRYPTION

◆ ASN1_OID_MD5WITHRSAENCRYPTION

◆ ASN1_OID_SHA1WITHRSAENCRYPTION

◆ ASN1_OID_SHA256WITHRSAENCRYPTION

◆ ASN1_OID_SHA384WITHRSAENCRYPTION

◆ ASN1_OID_SHA512WITHRSAENCRYPTION

◆ ASN1_OID_SHA224WITHRSAENCRYPTION

◆ ASN1_OID_MD4

◆ ASN1_OID_MD5

◆ ASN1_OID_SHA1

◆ ASN1_OID_X25519

◆ ASN1_OID_SECP384R1

◆ ASN1_OID_AES128_CBC

◆ ASN1_OID_AES128_GCM

◆ ASN1_OID_AES192_CBC

◆ ASN1_OID_AES192_GCM

◆ ASN1_OID_AES256_CBC

◆ ASN1_OID_AES256_GCM

◆ ASN1_OID_SHA256

◆ ASN1_OID_SHA384

◆ ASN1_OID_SHA512

◆ ASN1_OID_SHA224

◆ ASN1_OID_SHA512_224

◆ ASN1_OID_SHA512_256

◆ ASN1_OID_COMMON_NAME

◆ ASN1_OID_KEYUSAGE

◆ ASN1_OID_BASICCONSTRAINTS

◆ ASN1_OID_EXTKEYUSAGE

◆ ASN1_OID_CODESIGNING

◆ ASN1_OID_SIGNEDDATA

◆ ASN1_OID_ENVELOPEDDATA

◆ ASN1_OID_AUTHENVELOPEDDATA

◆ ASN1_OID_AUTHORITYINFOACCESS

◆ ASN1_OID_OCSP

◆ ASN1_OID_OCSP_BASIC

◆ ASN1_OID_OCSPSIGNING

◆ ASN1_OID_SUBJECTALTNAME

◆ ASN1_CURSOR

◆ ASN1_ALGORITHMS

◆ __asn1_algorithm

Function Documentation

◆ FILE_LICENCE()

◆ FILE_SECBOOT()

◆ asn1_invalidate_cursor()

◆ asn1_type()

◆ asn1_built()