PROV: Add the beginning of a DER writing library
This library is meant to be small and quick. It's based on WPACKET,
which was extended to support DER writing. The way it's used is a
bit unusual, as it's used to write the structures backward into a
given buffer. A typical quick call looks like this:
/*
* Fill in this structure:
*
* something ::= SEQUENCE {
* id OBJECT IDENTIFIER,
* x [0] INTEGER OPTIONAL,
* y [1] BOOLEAN OPTIONAL,
* n INTEGER
* }
*/
unsigned char buf[nnnn], *p = NULL;
size_t encoded_len = 0;
WPACKET pkt;
int ok;
ok = WPACKET_init_der(&pkt, buf, sizeof(buf)
&& DER_w_start_sequence(&pkt, -1)
&& DER_w_bn(&pkt, -1, bn)
&& DER_w_boolean(&pkt, 1, bool)
&& DER_w_precompiled(&pkt, -1, OID, sizeof(OID))
&& DER_w_end_sequence(&pkt, -1)
&& WPACKET_finish(&pkt)
&& WPACKET_get_total_written(&pkt, &encoded_len)
&& (p = WPACKET_get_curr(&pkt)) != NULL;
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11450)
2020-03-31 22:54:43 +08:00
|
|
|
/*
|
|
|
|
* Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
* this file except in compliance with the License. You can obtain a copy
|
|
|
|
* in the file LICENSE in the source distribution or at
|
|
|
|
* https://www.openssl.org/source/license.html
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <openssl/bn.h>
|
|
|
|
#include "internal/packet.h"
|
|
|
|
|
|
|
|
/*
|
|
|
|
* NOTE: X.690 numbers the identifier octet bits 1 to 8.
|
|
|
|
* We use the same numbering in comments here.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* Well known primitive tags */
|
|
|
|
|
|
|
|
/*
|
|
|
|
* DER UNIVERSAL tags, occupying bits 1-5 in the DER identifier byte
|
|
|
|
* These are only valid for the UNIVERSAL class. With the other classes,
|
|
|
|
* these bits have a different meaning.
|
|
|
|
*/
|
|
|
|
#define DER_P_EOC 0 /* BER End Of Contents tag */
|
|
|
|
#define DER_P_BOOLEAN 1
|
|
|
|
#define DER_P_INTEGER 2
|
|
|
|
#define DER_P_BIT_STRING 3
|
|
|
|
#define DER_P_OCTET_STRING 4
|
|
|
|
#define DER_P_NULL 5
|
|
|
|
#define DER_P_OBJECT 6
|
|
|
|
#define DER_P_OBJECT_DESCRIPTOR 7
|
|
|
|
#define DER_P_EXTERNAL 8
|
|
|
|
#define DER_P_REAL 9
|
|
|
|
#define DER_P_ENUMERATED 10
|
|
|
|
#define DER_P_UTF8STRING 12
|
|
|
|
#define DER_P_SEQUENCE 16
|
|
|
|
#define DER_P_SET 17
|
|
|
|
#define DER_P_NUMERICSTRING 18
|
|
|
|
#define DER_P_PRINTABLESTRING 19
|
|
|
|
#define DER_P_T61STRING 20
|
|
|
|
#define DER_P_VIDEOTEXSTRING 21
|
|
|
|
#define DER_P_IA5STRING 22
|
|
|
|
#define DER_P_UTCTIME 23
|
|
|
|
#define DER_P_GENERALIZEDTIME 24
|
|
|
|
#define DER_P_GRAPHICSTRING 25
|
|
|
|
#define DER_P_ISO64STRING 26
|
|
|
|
#define DER_P_GENERALSTRING 27
|
|
|
|
#define DER_P_UNIVERSALSTRING 28
|
|
|
|
#define DER_P_BMPSTRING 30
|
|
|
|
|
|
|
|
/* DER Flags, occupying bit 6 in the DER identifier byte */
|
|
|
|
#define DER_F_PRIMITIVE 0x00
|
|
|
|
#define DER_F_CONSTRUCTED 0x20
|
|
|
|
|
|
|
|
/* DER classes tags, occupying bits 7-8 in the DER identifier byte */
|
|
|
|
#define DER_C_UNIVERSAL 0x00
|
|
|
|
#define DER_C_APPLICATION 0x40
|
|
|
|
#define DER_C_CONTEXT 0x80
|
|
|
|
#define DER_C_PRIVATE 0xC0
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Run-time constructors.
|
|
|
|
*
|
|
|
|
* They all construct DER backwards, so care should be taken to use them
|
|
|
|
* that way.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* This can be used for all items that don't have a context */
|
|
|
|
#define DER_NO_CONTEXT -1
|
|
|
|
|
|
|
|
int DER_w_precompiled(WPACKET *pkt, int tag,
|
|
|
|
const unsigned char *precompiled, size_t precompiled_n);
|
|
|
|
|
|
|
|
int DER_w_boolean(WPACKET *pkt, int tag, int b);
|
|
|
|
int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v);
|
|
|
|
int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v);
|
|
|
|
int DER_w_null(WPACKET *pkt, int tag);
|
2020-08-04 10:18:51 +08:00
|
|
|
int DER_w_octet_string(WPACKET *pkt, int tag,
|
|
|
|
const unsigned char *data, size_t data_n);
|
|
|
|
int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value);
|
PROV: Add the beginning of a DER writing library
This library is meant to be small and quick. It's based on WPACKET,
which was extended to support DER writing. The way it's used is a
bit unusual, as it's used to write the structures backward into a
given buffer. A typical quick call looks like this:
/*
* Fill in this structure:
*
* something ::= SEQUENCE {
* id OBJECT IDENTIFIER,
* x [0] INTEGER OPTIONAL,
* y [1] BOOLEAN OPTIONAL,
* n INTEGER
* }
*/
unsigned char buf[nnnn], *p = NULL;
size_t encoded_len = 0;
WPACKET pkt;
int ok;
ok = WPACKET_init_der(&pkt, buf, sizeof(buf)
&& DER_w_start_sequence(&pkt, -1)
&& DER_w_bn(&pkt, -1, bn)
&& DER_w_boolean(&pkt, 1, bool)
&& DER_w_precompiled(&pkt, -1, OID, sizeof(OID))
&& DER_w_end_sequence(&pkt, -1)
&& WPACKET_finish(&pkt)
&& WPACKET_get_total_written(&pkt, &encoded_len)
&& (p = WPACKET_get_curr(&pkt)) != NULL;
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11450)
2020-03-31 22:54:43 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* All constructors for constructed elements have a begin and a end function
|
|
|
|
*/
|
|
|
|
int DER_w_begin_sequence(WPACKET *pkt, int tag);
|
|
|
|
int DER_w_end_sequence(WPACKET *pkt, int tag);
|