Add X.509 APIs

Signed-off-by: Steffen Jaeckel <s@jaeckel.eu>

Author: sjaeckel

src/headers/tomcrypt_custom.h

@@ -602,6 +602,10 @@
       /* Maximum recursion limit when processing nested ASN.1 types. */
       #define LTC_DER_MAX_RECURSION 30
    #endif
+   #ifndef LTC_DER_OID_DEFAULT_NODES
+      /* Default number of nodes when decoding an OID. */
+      #define LTC_DER_OID_DEFAULT_NODES 12
+   #endif
 #endif
 
 #if defined(LTC_MECC) || defined(LTC_MRSA) || defined(LTC_MDSA) || defined(LTC_SSH)

src/headers/tomcrypt_macros.h

@@ -6,6 +6,8 @@
 #define LTC_TMPVAR_(n, l) LTC_TMPVAR__(n, l)
 #define LTC_TMPVAR(n) LTC_TMPVAR_(LTC_ ## n ## _, __LINE__)
 
+#define LTC_BIT(n) (1u << (n))
+
 /* ---- HELPER MACROS ---- */
 #ifdef ENDIAN_NEUTRAL
 

src/headers/tomcrypt_pk.h

@@ -723,9 +723,10 @@ typedef struct ltc_asn1_list_ {
 #define LTC_SET_ASN1_CUSTOM_PRIMITIVE(list, index, Class, Tag, Type, Data, Size)          \
    do {                                                                                   \
       int LTC_TMPVAR(SACP) = (index);                                                     \
+      ltc_asn1_list *LTC_TMPVAR(SACP_list) = (list);                        \
       LTC_SET_ASN1(list, LTC_TMPVAR(SACP), LTC_ASN1_CUSTOM_TYPE, Data, Size);             \
       LTC_SET_ASN1_IDENTIFIER(list, LTC_TMPVAR(SACP), Class, LTC_ASN1_PC_PRIMITIVE, Tag); \
-      list[LTC_TMPVAR(SACP)].used = (int)(Type);                                          \
+      LTC_TMPVAR(SACP_list)[LTC_TMPVAR(SACP)].used = (int)(Type);                                          \
    } while (0)
 
 extern const char*          der_asn1_class_to_string_map[];
@@ -933,4 +934,244 @@ int der_decode_generalizedtime(const unsigned char *in, unsigned long *inlen,
 
 int der_length_generalizedtime(const ltc_generalizedtime *gtime, unsigned long *outlen);
 
+/* X.509 specific enums, structs and APIs */
+
+typedef enum ltc_x509_details {
+   /* The Serial is an integer, but we provide it as a hex string. */
+   LTC_X509_SERIAL = 0,
+   /* The most commonly used elements in an X.509 Name.
+    * These ones will be converted to a UTF-8 String and
+    * stored inside the `str` pointer of the `ltc_x509_string`.
+    */
+   /* CommonName */
+   LTC_X509_CN,
+   /* Country Code */
+   LTC_X509_C,
+   /* Locality */
+   LTC_X509_L,
+   /* State or Province */
+   LTC_X509_ST,
+   /* Organisation */
+   LTC_X509_O,
+   /* OrganisationalUnit */
+   LTC_X509_OU,
+   /* EmailAddress */
+   LTC_X509_EMAIL,
+
+   /* GeneralName subtypes
+    *    GeneralName ::= CHOICE {
+    *         otherName                       [0]     OtherName,
+    *         rfc822Name                      [1]     IA5String,
+    *         dNSName                         [2]     IA5String,
+    *         x400Address                     [3]     ORAddress,
+    *         directoryName                   [4]     Name,
+    *         ediPartyName                    [5]     EDIPartyName,
+    *         uniformResourceIdentifier       [6]     IA5String,
+    *         iPAddress                       [7]     OCTET STRING,
+    *         registeredID                    [8]     OBJECT IDENTIFIER }
+    */
+   LTC_X509_OTHER_NAME = 30,
+   LTC_X509_RFC822_NAME,
+   LTC_X509_DNS_NAME,
+   LTC_X509_X400_ADDRESS,
+   LTC_X509_DIRECTORY_NAME,
+   LTC_X509_EDI_PARTY_NAME,
+   LTC_X509_UNIFORM_RESOURCE_IDENTIFIER,
+   LTC_X509_IP_ADDRESS,
+   LTC_X509_REGISTERED_ID,
+
+   /* Value was encoded as an OCTET STRING */
+   LTC_X509_OCTET_STRING,
+
+   /* The most commonly used X.509 Certificate Extension. */
+   /* AuthorityKeyIdentifier */
+   LTC_X509_CE_AUTHORITY_KEY_ID = 100,
+   /* SubjectKeyIdentifier */
+   LTC_X509_CE_SUBJECT_KEY_ID,
+   /* KeyUsage */
+   LTC_X509_CE_KEY_USAGE,
+   /* SubjectAltName */
+   LTC_X509_CE_SUBJECT_ALT_NAME,
+   /* BasicConstraints */
+   LTC_X509_CE_BASIC_CONSTRAINTS,
+   /* ExtendedKeyUsage */
+   LTC_X509_CE_EXT_KEY_USAGE,
+
+   /* The rest will not be decoded and has to be treated
+    * manually through the `asn1` pointer of the struct.
+    */
+   LTC_X509_UNKNOWN = 0x7fff,
+} ltc_x509_details;
+
+typedef struct ltc_x509_string {
+   ltc_x509_details type;
+   const char *str;
+   const ltc_asn1_list *asn1;
+} ltc_x509_string;
+
+typedef struct ltc_x509_name {
+   const ltc_x509_string *names;
+   unsigned long names_num;
+   const ltc_asn1_list *asn1;
+} ltc_x509_name;
+
+typedef struct ltc_x509_time {
+   union {
+      ltc_utctime *utc;
+      ltc_generalizedtime *generalized;
+   } u;
+   int utc;
+   const char *str;
+   const ltc_asn1_list *asn1;
+} ltc_x509_time;
+
+typedef struct ltc_x509_signature_algorithm {
+   enum ltc_pka_id pka;
+   const char *hash;
+} ltc_x509_signature_algorithm;
+
+typedef struct ltc_x509_validity {
+   ltc_x509_time not_before, not_after;
+} ltc_x509_validity;
+
+/*
+ * Certificate Extensions
+ */
+
+/* KeyUsage ::= BIT STRING */
+typedef enum ltc_x509_ce_key_usage {
+   /* digitalSignature        (0) */
+   LTC_KU_DS   = LTC_BIT(0),
+   /* contentCommitment       (1) */
+   LTC_KU_CC   = LTC_BIT(1),
+   /* keyEncipherment         (2) */
+   LTC_KU_KE   = LTC_BIT(2),
+   /* dataEncipherment        (3) */
+   LTC_KU_DE   = LTC_BIT(3),
+   /* keyAgreement            (4) */
+   LTC_KU_KA   = LTC_BIT(4),
+   /* keyCertSign             (5) */
+   LTC_KU_KCS  = LTC_BIT(5),
+   /* cRLSign                 (6) */
+   LTC_KU_CRLS = LTC_BIT(6),
+   /* encipherOnly            (7) */
+   LTC_KU_EO   = LTC_BIT(7),
+   /* decipherOnly            (8) */
+   LTC_KU_DO   = LTC_BIT(8),
+} ltc_x509_ce_key_usage;
+
+/* ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ * KeyPurposeId ::= OBJECT IDENTIFIER
+ */
+typedef enum ltc_x509_ce_ext_key_usage {
+   /* anyExtendedKeyUsage */
+   LTC_EKU_ANY  = LTC_BIT(0),
+   /* serverAuth */
+   LTC_EKU_SA   = LTC_BIT(1),
+   /* clientAuth */
+   LTC_EKU_CA   = LTC_BIT(2),
+   /* codeSigning */
+   LTC_EKU_CS   = LTC_BIT(3),
+   /* emailProtection */
+   LTC_EKU_EP   = LTC_BIT(4),
+   /* timeStamping */
+   LTC_EKU_TS   = LTC_BIT(5),
+   /* OCSPSigning */
+   LTC_EKU_OS   = LTC_BIT(6),
+} ltc_x509_ce_ext_key_usage;
+
+typedef struct ltc_x509_extensions ltc_x509_extensions;
+
+typedef struct ltc_x509_extension {
+   ltc_x509_details type;
+   const ltc_asn1_list *oid;
+   int critical;
+   union {
+      /* .type = LTC_X509_AUTHORITY_KEY_ID */
+      struct {
+         ltc_x509_string key_identifier;
+         ltc_x509_string authority_cert_issuer;
+         ltc_x509_string authority_cert_serial_number;
+      } authority_key_id;
+      /* .type = LTC_X509_SUBJECT_KEY_ID */
+      ltc_x509_string subject_key_identifier;
+      /* .type = LTC_X509_KEY_USAGE
+       * Bitmask of `enum ltc_x509_ce_key_usage`
+       */
+      ulong32 key_usage;
+      /* .type = LTC_X509_SUBJECT_ALT_NAME */
+      ltc_x509_name subject_alt_name;
+      /* .type = LTC_X509_BASIC_CONSTRAINTS */
+      struct {
+         int ca;
+         /* pathLenConstraint is marked as OPTIONAL:
+          * -1 -> value missing
+          * 0..INT_MAX -> valid values
+          */
+         int path_len;
+      } basic_constraints;
+      /* .type = LTC_X509_EXT_KEY_USAGE
+       * Bitmask of `enum ltc_x509_ce_ext_key_usage`
+       */
+      ulong32 ext_key_usage;
+   } u;
+   const ltc_asn1_list *asn1;
+} ltc_x509_extension;
+
+struct ltc_x509_extensions {
+   const ltc_x509_extension *extensions;
+   unsigned long extensions_num;
+   const ltc_asn1_list *asn1;
+
+   const ltc_x509_extension *authority_key_id;
+   const ltc_x509_extension *subject_key_identifier;
+   const ltc_x509_extension *key_usage;
+   const ltc_x509_extension *subject_alt_name;
+   const ltc_x509_extension *basic_constraints;
+   const ltc_x509_extension *ext_key_usage;
+   /* let's pre-reserve this for future extensions */
+   const ltc_x509_extension *more[7];
+};
+
+typedef struct ltc_x509_tbs_certificate {
+   unsigned long version;
+   ltc_x509_string serial_number;
+   ltc_x509_signature_algorithm signature_algorithm;
+   ltc_x509_name issuer;
+   ltc_x509_validity validity;
+   ltc_x509_name subject;
+   ltc_pka_key subject_public_key_info;
+   const ltc_asn1_list *issuer_uid;
+   const ltc_asn1_list *subject_uid;
+   ltc_x509_extensions extensions;
+   const ltc_asn1_list *asn1;
+} ltc_x509_tbs_certificate;
+
+typedef struct ltc_x509_signature {
+   const unsigned char *signature;
+   /* The signature length is given in bits, but it is stored as bytes.
+    * I.e. a signature of 123 bits will be stored in 128bits resp. 16bytes.
+    */
+   unsigned long signature_len;
+   const ltc_asn1_list *asn1;
+} ltc_x509_signature;
+
+typedef struct ltc_x509_certificate {
+   ltc_x509_tbs_certificate tbs_certificate;
+   ltc_x509_signature_algorithm signature_algorithm;
+   ltc_x509_signature signature;
+   const ltc_asn1_list *asn1;
+} ltc_x509_certificate;
+
+int x509_import(const unsigned char *asn1_cert, unsigned long asn1_len, const ltc_x509_certificate **out);
+int x509_import_pem(const char *pem, unsigned long *pem_len, const ltc_x509_certificate **out);
+#ifndef LTC_NO_FILE
+int x509_import_pem_filehandle(FILE *f, const ltc_x509_certificate **out);
+#endif
+int x509_cert_is_signed_by(const ltc_x509_certificate *cert, const ltc_pka_key *key, int *stat);
+int x509_cmp_name(const ltc_x509_name *a, const ltc_x509_name *b);
+int x509_name_detail_get(const ltc_x509_name *name, ltc_x509_details type, const ltc_x509_string **str);
+int x509_extension_by_oid(const ltc_x509_certificate *cert, const char *oid, const ltc_x509_extension **extension);
+void x509_free(const ltc_x509_certificate **cert);
+
 #endif

src/headers/tomcrypt_private.h

@@ -60,6 +60,33 @@ enum ltc_oid_id {
    LTC_OID_X25519,
    LTC_OID_ED25519,
    LTC_OID_DH,
+   LTC_OID_RSA_WITH_MD5,
+   LTC_OID_RSA_WITH_SHA1,
+   LTC_OID_RSA_WITH_SHA224,
+   LTC_OID_RSA_WITH_SHA256,
+   LTC_OID_RSA_WITH_SHA384,
+   LTC_OID_RSA_WITH_SHA512,
+   LTC_OID_RSA_WITH_SHA512_224,
+   LTC_OID_RSA_WITH_SHA512_512,
+   LTC_OID_ECDSA_WITH_SHA1,
+   LTC_OID_ECDSA_WITH_SHA224,
+   LTC_OID_ECDSA_WITH_SHA256,
+   LTC_OID_ECDSA_WITH_SHA384,
+   LTC_OID_ECDSA_WITH_SHA512,
+   LTC_OID_DSA_WITH_SHA1,
+   LTC_OID_DSA_WITH_SHA224,
+   LTC_OID_DSA_WITH_SHA256,
+   LTC_OID_DSA_WITH_SHA384,
+   LTC_OID_DSA_WITH_SHA512,
+   LTC_OID_ECDSA_WITH_SHA3_224,
+   LTC_OID_ECDSA_WITH_SHA3_256,
+   LTC_OID_ECDSA_WITH_SHA3_384,
+   LTC_OID_ECDSA_WITH_SHA3_512,
+   LTC_OID_RSA_WITH_SHA3_224,
+   LTC_OID_RSA_WITH_SHA3_256,
+   LTC_OID_RSA_WITH_SHA3_384,
+   LTC_OID_RSA_WITH_SHA3_512,
+
    LTC_OID_NUM
 };
 
@@ -400,13 +427,14 @@ int rand_bn_upto(void *N, void *limit, prng_state *prng, int wprng);
 
 int pk_get_oid(enum ltc_oid_id id, const char **st);
 int pk_get_pka_id(enum ltc_oid_id id, enum ltc_pka_id *pka);
+int pk_get_sig_alg(enum ltc_oid_id id, ltc_x509_signature_algorithm *sig_alg);
 int pk_get_oid_id(enum ltc_pka_id pka, enum ltc_oid_id *oid);
+int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen);
+int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen);
 #ifdef LTC_DER
 int pk_get_oid_from_asn1(const ltc_asn1_list *oid, enum ltc_oid_id *id);
+int pk_oid_cmp_with_asn1(const char *o1, const ltc_asn1_list *o2);
 #endif
-int pk_oid_str_to_num(const char *OID, unsigned long *oid, unsigned long *oidlen);
-int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, unsigned long *outlen);
-
 int pk_oid_cmp_with_ulong(const char *o1, const unsigned long *o2, unsigned long o2size);
 
 /* ---- DH Routines ---- */
@@ -573,6 +601,7 @@ int ec25519_crypto_ctx(      unsigned char *out, unsigned long *outlen,
 #define LTC_ASN1_IS_TYPE(e, t) (((e) != NULL) && ((e)->type == (t)))
 
 /* DER handling */
+int der_decode_sequence_flexi_limited(const unsigned char *in, unsigned long *inlen, long max_depth, ltc_asn1_list **out);
 int der_decode_custom_type_ex(const unsigned char *in, unsigned long  inlen,
                            ltc_asn1_list *root,
                            ltc_asn1_list *list,     unsigned long  outlen, unsigned int flags);
@@ -588,6 +617,12 @@ int der_length_asn1_length(unsigned long len, unsigned long *outlen);
 int der_length_sequence_ex(const ltc_asn1_list *list, unsigned long inlen,
                            unsigned long *outlen, unsigned long *payloadlen);
 
+
+int der_decode_ia5_string_data(const unsigned char *in, unsigned long inlen,
+                                              char *out, unsigned long *outlen);
+int der_decode_object_identifier_data(const unsigned char *in,    unsigned long  inlen,
+                                            unsigned long *words, unsigned long *outlen);
+
 unsigned long der_object_identifier_bits(unsigned long x);
 
 int der_ia5_char_encode(int c);
@@ -656,10 +691,12 @@ int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long i
         enum ltc_oid_id algorithm, void *public_key, unsigned long *public_key_len,
         ltc_asn1_type parameters_type, ltc_asn1_list* parameters, unsigned long *parameters_len);
 
-int x509_get_pka(ltc_asn1_list *pub, enum ltc_pka_id *pka);
+int x509_get_pka(const ltc_asn1_list *pub, enum ltc_pka_id *pka);
+int x509_get_sig_alg(const ltc_asn1_list *pub, ltc_x509_signature_algorithm *sig_alg);
 int x509_import_spki(const unsigned char *asn1_cert, unsigned long asn1_len, ltc_pka_key *k, ltc_asn1_list **root);
-
-int pk_oid_cmp_with_asn1(const char *o1, const ltc_asn1_list *o2);
+int x509_get_extensions(const ltc_asn1_list *seq, ltc_x509_extensions *extensions);
+void x509_free_extensions(const ltc_x509_extensions *extensions);
+int x509_get_serial(const ltc_asn1_list *asn1, ltc_x509_string *serial);
 
 #endif /* LTC_DER */
 

src/misc/crypt/crypt.c

@@ -455,6 +455,7 @@ const char *crypt_build_settings =
 #if defined(LTC_DER)
     " DER "
     " " NAME_VALUE(LTC_DER_MAX_RECURSION) " "
+    " " NAME_VALUE(LTC_DER_OID_DEFAULT_NODES) " "
 #endif
 #if defined(LTC_PKCS_1)
     " PKCS#1 "