Francois Berder / TLS_axTLS

This is a fork of the mbed port of axTLS

Dependents:   TLS_axTLS-Example HTTPSClientExample

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers crypto_misc.h Source File

crypto_misc.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (c) 2007, Cameron Rich
00003  * 
00004  * All rights reserved.
00005  * 
00006  * Redistribution and use in source and binary forms, with or without 
00007  * modification, are permitted provided that the following conditions are met:
00008  *
00009  * * Redistributions of source code must retain the above copyright notice, 
00010  *   this list of conditions and the following disclaimer.
00011  * * Redistributions in binary form must reproduce the above copyright notice, 
00012  *   this list of conditions and the following disclaimer in the documentation 
00013  *   and/or other materials provided with the distribution.
00014  * * Neither the name of the axTLS project nor the names of its contributors 
00015  *   may be used to endorse or promote products derived from this software 
00016  *   without specific prior written permission.
00017  *
00018  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
00019  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
00020  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
00021  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
00022  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
00023  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
00024  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
00025  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
00026  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
00027  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
00028  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
00029 */
00030 
00031 /**
00032  * @file crypto_misc.h
00033  */
00034 
00035 #ifndef HEADER_CRYPTO_MISC_H
00036 #define HEADER_CRYPTO_MISC_H
00037 
00038 #ifdef __cplusplus
00039 extern "C" {
00040 #endif
00041 
00042 #include "config.h"
00043 #include "crypto.h "
00044 #include "bigint.h"
00045 
00046 /**************************************************************************
00047  * X509 declarations 
00048  **************************************************************************/
00049 #define X509_OK                             0
00050 #define X509_NOT_OK                         -1
00051 #define X509_VFY_ERROR_NO_TRUSTED_CERT      -2
00052 #define X509_VFY_ERROR_BAD_SIGNATURE        -3      
00053 #define X509_VFY_ERROR_NOT_YET_VALID        -4
00054 #define X509_VFY_ERROR_EXPIRED              -5
00055 #define X509_VFY_ERROR_SELF_SIGNED          -6
00056 #define X509_VFY_ERROR_INVALID_CHAIN        -7
00057 #define X509_VFY_ERROR_UNSUPPORTED_DIGEST   -8
00058 #define X509_INVALID_PRIV_KEY               -9
00059 #define X509_KEY_SIZE_TOO_BIG               -10
00060 
00061 /*
00062  * The Distinguished Name
00063  */
00064 #define X509_NUM_DN_TYPES                   3
00065 #define X509_COMMON_NAME                    0
00066 #define X509_ORGANIZATION                   1
00067 #define X509_ORGANIZATIONAL_UNIT            2
00068 
00069 #include <time.h>
00070 
00071 struct PrecomputedCertificate;
00072 typedef struct PrecomputedCertificate PrecomputedCertificate;
00073 
00074 
00075 struct _x509_ctx
00076 {
00077     char *ca_cert_dn[X509_NUM_DN_TYPES];
00078     char *cert_dn[X509_NUM_DN_TYPES];
00079     char **subject_alt_dnsnames;
00080     time_t not_before;
00081     time_t not_after;
00082     uint8_t *signature;
00083     uint16_t sig_len;
00084     uint8_t sig_type;
00085     RSA_CTX *rsa_ctx;
00086     bigint *digest;
00087     struct _x509_ctx *next;
00088 };
00089 
00090 typedef struct _x509_ctx X509_CTX;
00091 typedef struct 
00092 {
00093     X509_CTX *cert[CONFIG_X509_MAX_CA_CERTS];
00094 } CA_CERT_CTX;
00095 
00096 
00097 int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx);
00098 void x509_free(X509_CTX *x509_ctx);
00099 int x509_verify(PrecomputedCertificate *cert);
00100 bigint *sig_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
00101         bigint *modulus, bigint *pub_exp);
00102 
00103 #ifdef CONFIG_SSL_FULL_MODE
00104 void x509_print(const X509_CTX *cert, CA_CERT_CTX *ca_cert_ctx);
00105 const char * x509_display_error(int error);
00106 #endif
00107 
00108 /**************************************************************************
00109  * ASN1 declarations 
00110  **************************************************************************/
00111 #define ASN1_INTEGER            0x02
00112 #define ASN1_BIT_STRING         0x03
00113 #define ASN1_OCTET_STRING       0x04
00114 #define ASN1_NULL               0x05
00115 #define ASN1_PRINTABLE_STR2     0x0C
00116 #define ASN1_OID                0x06
00117 #define ASN1_PRINTABLE_STR2     0x0C
00118 #define ASN1_PRINTABLE_STR      0x13
00119 #define ASN1_TELETEX_STR        0x14
00120 #define ASN1_IA5_STR            0x16
00121 #define ASN1_UTC_TIME           0x17
00122 #define ASN1_UNICODE_STR        0x1e
00123 #define ASN1_SEQUENCE           0x30
00124 #define ASN1_CONTEXT_DNSNAME    0x82
00125 #define ASN1_SET                0x31
00126 #define ASN1_V3_DATA            0xa3
00127 #define ASN1_IMPLICIT_TAG       0x80
00128 #define ASN1_CONTEXT_DNSNAME    0x82
00129 #define ASN1_EXPLICIT_TAG       0xa0
00130 #define ASN1_V3_DATA            0xa3
00131 
00132 #define SIG_TYPE_MD2            0x02
00133 #define SIG_TYPE_MD5            0x04
00134 #define SIG_TYPE_SHA1           0x05
00135 
00136 int get_asn1_length(const uint8_t *buf, int *offset);
00137 int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx);
00138 int asn1_next_obj(const uint8_t *buf, int *offset, int obj_type);
00139 int asn1_skip_obj(const uint8_t *buf, int *offset, int obj_type);
00140 int asn1_get_int(const uint8_t *buf, int *offset, uint8_t **object);
00141 int asn1_version(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
00142 int asn1_validity(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
00143 int asn1_name(const uint8_t *cert, int *offset, char *dn[]);
00144 int asn1_public_key(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
00145 #ifdef CONFIG_SSL_CERT_VERIFICATION
00146 int asn1_signature(const uint8_t *cert, int *offset, X509_CTX *x509_ctx);
00147 int asn1_find_subjectaltname(const uint8_t* cert, int offset);
00148 int asn1_compare_dn(char * const dn1[], char * const dn2[]);
00149 #endif /* CONFIG_SSL_CERT_VERIFICATION */
00150 int asn1_signature_type(const uint8_t *cert, 
00151                                 int *offset, X509_CTX *x509_ctx);
00152 
00153 /**************************************************************************
00154  * MISC declarations 
00155  **************************************************************************/
00156 #define SALT_SIZE               8
00157 
00158 extern const char * const unsupported_str;
00159 
00160 typedef void (*crypt_func)(void *, const uint8_t *, uint8_t *, int);
00161 typedef void (*hmac_func)(const uint8_t *msg, int length, const uint8_t *key, 
00162         int key_len, uint8_t *digest);
00163 
00164 int get_file(const char *filename, uint8_t **buf);
00165 
00166 #if defined(CONFIG_SSL_FULL_MODE) || defined(WIN32) || defined(CONFIG_DEBUG)
00167 EXP_FUNC void STDCALL print_blob(const char *format, const uint8_t *data, int size, ...);
00168 #else
00169     #define print_blob(...)
00170 #endif
00171 
00172 EXP_FUNC int STDCALL base64_decode(const char *in,  int len,
00173                     uint8_t *out, int *outlen);
00174 
00175 #ifdef __cplusplus
00176 }
00177 #endif
00178 
00179 #endif 
00180 
00181
Generated on Wed Jul 13 2022 19:30:07 by  doxygen 1.7.2