std::vector<uint8_t> Buf4() {
std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
long oneT1;
oneT1 = 123;
long twoT1;
twoT1 = 456;
long threeT1;
threeT1 = 789;
SetOfT2setof rec;
memset(&rec, 0, sizeof(rec));
SetOfT1_t one;
memset(&one, 0, sizeof(one));
ASN_SEQUENCE_ADD(&one, &oneT1);
ASN_SEQUENCE_ADD(&one, &twoT1);
SetOfT1_t two;
memset(&two, 0, sizeof(two));
ASN_SEQUENCE_ADD(&two, &threeT1);
ASN_SET_ADD(&rec, &one);
ASN_SET_ADD(&rec, &two);
asn_enc_rval_t rval;
rval = der_encode_to_buffer(&asn_DEF_SetOfT2setof, &rec, (void*)buf.data(), buf.size());
if (rval.encoded >= 0) {
buf.resize(rval.encoded);
} else {
printf("cannot encode record in Buf3");
exit(0);
}
return std::move(buf);
}
std::vector<uint8_t> Buf4() {
std::vector<uint8_t> buf(DEFAULT_BUF_SIZE);
SetOfT2seq rec;
memset(&rec, 0, sizeof(rec));
SeqT1_t one;
memset(&one, 0, sizeof(one));
one.first = 123;
one.second = 321;
SeqT1_t two;
memset(&two, 0, sizeof(two));
two.first = 654;
two.second = 456;
ASN_SET_ADD(&rec, &one);
ASN_SET_ADD(&rec, &two);
asn_enc_rval_t rval;
rval = der_encode_to_buffer(&asn_DEF_SetOfT2seq, &rec, (void*)buf.data(), buf.size());
if (rval.encoded >= 0) {
buf.resize(rval.encoded);
} else {
printf("cannot encode record in Buf3");
exit(0);
}
return std::move(buf);
}
static void
check_serialize() {
LogLine_t ll;
VariablePartSet_t vps;
VariablePart_t vp;
VisibleString_t vpart;
asn_enc_rval_t erval;
int i;
memset(&ll, 0, sizeof(ll));
memset(&vps, 0, sizeof(vps));
memset(&vp, 0, sizeof(vp));
memset(&vpart, 0, sizeof(vpart));
vpart.buf = "123";
vpart.size = 3;
vp.present = VariablePart_PR_vset;
ASN_SET_ADD(&vp.choice.vset, &vpart);
vps.resolution.accept_as = accept_as_unknown;
ASN_SEQUENCE_ADD(&vps.vparts, &vp);
ASN_SEQUENCE_ADD(&ll.varsets, &vps);
ll.line_digest.buf = "zzz\007";
ll.line_digest.size = 4;
asn_fprint(stderr, &asn_DEF_LogLine, &ll);
buf_size = 128;
buf = alloca(buf_size);
erval = der_encode(&asn_DEF_LogLine, &ll, buf_fill, 0);
assert(erval.encoded > 1);
fprintf(stderr, "Encoded in %d bytes\n", erval.encoded);
fprintf(stderr, "\n");
for(i = 0; i < buf_pos; i++) {
fprintf(stderr, "%d ", buf[i]);
}
fprintf(stderr, "\n\n");
assert(erval.encoded == sizeof(buf0));
assert(memcmp(buf0, buf, sizeof(buf0)) == 0);
}
static void
check_serialize() {
LogLine_t ll;
VariablePartSet_t *vps;
VariablePart_t *vp;
VisibleString_t *vpart;
asn_enc_rval_t erval;
int i;
memset(&ll, 0, sizeof(ll));
vps = calloc(1, sizeof(*vps));
vp = calloc(1, sizeof(*vp));
vpart = OCTET_STRING_new_fromBuf(&asn_DEF_VisibleString, "123", 3);
vp->present = VariablePart_PR_vset;
ASN_SET_ADD(&vp->choice.vset, vpart);
vps->resolution.accept_as = accept_as_unknown;
ASN_SEQUENCE_ADD(&vps->vparts, vp);
ASN_SEQUENCE_ADD(&ll.varsets, vps);
OCTET_STRING_fromBuf(&ll.line_digest, "zzz\007", 4);
asn_fprint(stderr, &asn_DEF_LogLine, &ll);
buf_size = 128;
uint8_t scratch[buf_size];
buf = scratch;
erval = der_encode(&asn_DEF_LogLine, &ll, buf_fill, 0);
assert(erval.encoded > 1);
fprintf(stderr, "Encoded in %zd bytes\n", erval.encoded);
fprintf(stderr, "\n");
for(i = 0; i < buf_pos; i++) {
fprintf(stderr, "%d ", buf[i]);
}
fprintf(stderr, "\n\n");
assert(erval.encoded == sizeof(buf0));
assert(memcmp(buf0, buf, sizeof(buf0)) == 0);
ASN_STRUCT_FREE_CONTENTS_ONLY(asn_DEF_LogLine, &ll);
return;
}
void getCADESSigningTime(Attribute_t **at_ext, struct tm *local){
/** SINGING TIME **/
//AtributeValue
int ret;
Attribute_t *atSigningTime;
atSigningTime = calloc(1, sizeof(*atSigningTime));
atSigningTime -> type = makeOID(SIGNING_TIME_OID);
AttributeValue_t *atSigningTimeValue;
atSigningTimeValue = calloc(1,sizeof( *atSigningTimeValue));
UTCTime_t *time;
time = calloc (1, sizeof(*time));
asn_time2UT(time, local, 1);
atSigningTimeValue = ANY_new_fromType(&asn_DEF_UTCTime, time);
ret = ASN_SET_ADD(&atSigningTime-> values, atSigningTimeValue);
*at_ext = atSigningTime;
/** FIN SIGNING TIME **/
}
asn_dec_rval_t
SET_OF_decode_uper(asn_codec_ctx_t *opt_codec_ctx, asn_TYPE_descriptor_t *td,
asn_per_constraints_t *constraints, void **sptr, asn_per_data_t *pd) {
asn_dec_rval_t rv;
asn_SET_OF_specifics_t *specs = (asn_SET_OF_specifics_t *)td->specifics;
asn_TYPE_member_t *elm = td->elements; /* Single one */
void *st = *sptr;
asn_anonymous_set_ *list;
asn_per_constraint_t *ct;
int repeat = 0;
ssize_t nelems;
if(_ASN_STACK_OVERFLOW_CHECK(opt_codec_ctx))
_ASN_DECODE_FAILED;
/*
* Create the target structure if it is not present already.
*/
if(!st) {
st = *sptr = CALLOC(1, specs->struct_size);
if(!st) _ASN_DECODE_FAILED;
}
list = _A_SET_FROM_VOID(st);
/* Figure out which constraints to use */
if(constraints) ct = &constraints->size;
else if(td->per_constraints) ct = &td->per_constraints->size;
else ct = 0;
if(ct && ct->flags & APC_EXTENSIBLE) {
int value = per_get_few_bits(pd, 1);
if(value < 0) _ASN_DECODE_STARVED;
if(value) ct = 0; /* Not restricted! */
}
if(ct && ct->effective_bits >= 0) {
/* X.691, #19.5: No length determinant */
nelems = per_get_few_bits(pd, ct->effective_bits);
ASN_DEBUG("Preparing to fetch %ld+%ld elements from %s",
(long)nelems, ct->lower_bound, td->name);
if(nelems < 0) _ASN_DECODE_STARVED;
nelems += ct->lower_bound;
} else {
nelems = -1;
}
do {
int i;
if(nelems < 0) {
nelems = uper_get_length(pd,
ct ? ct->effective_bits : -1, &repeat);
ASN_DEBUG("Got to decode %d elements (eff %d)",
(int)nelems, (int)ct ? ct->effective_bits : -1);
if(nelems < 0) _ASN_DECODE_STARVED;
}
for(i = 0; i < nelems; i++) {
void *ptr = 0;
ASN_DEBUG("SET OF %s decoding", elm->type->name);
rv = elm->type->uper_decoder(opt_codec_ctx, elm->type,
elm->per_constraints, &ptr, pd);
ASN_DEBUG("%s SET OF %s decoded %d, %p",
td->name, elm->type->name, rv.code, ptr);
if(rv.code == RC_OK) {
if(ASN_SET_ADD(list, ptr) == 0)
continue;
ASN_DEBUG("Failed to add element into %s",
td->name);
/* Fall through */
rv.code = RC_FAIL;
} else {
ASN_DEBUG("Failed decoding %s of %s (SET OF)",
elm->type->name, td->name);
}
if(ptr) ASN_STRUCT_FREE(*elm->type, ptr);
return rv;
}
nelems = -1; /* Allow uper_get_length() */
} while(repeat);
ASN_DEBUG("Decoded %s as SET OF", td->name);
rv.code = RC_OK;
rv.consumed = 0;
return rv;
}
/*
* The decoder of the SET OF type.
*/
asn_dec_rval_t
SET_OF_decode_ber(asn_codec_ctx_t *opt_codec_ctx, asn_TYPE_descriptor_t *td,
void **struct_ptr, const void *ptr, size_t size, int tag_mode) {
/*
* Bring closer parts of structure description.
*/
asn_SET_OF_specifics_t *specs = (asn_SET_OF_specifics_t *)td->specifics;
asn_TYPE_member_t *elm = td->elements; /* Single one */
/*
* Parts of the structure being constructed.
*/
void *st = *struct_ptr; /* Target structure. */
asn_struct_ctx_t *ctx; /* Decoder context */
ber_tlv_tag_t tlv_tag; /* T from TLV */
asn_dec_rval_t rval; /* Return code from subparsers */
ssize_t consumed_myself = 0; /* Consumed bytes from ptr */
ASN_DEBUG("Decoding %s as SET OF", td->name);
/*
* Create the target structure if it is not present already.
*/
if(st == 0) {
st = *struct_ptr = CALLOC(1, specs->struct_size);
if(st == 0) {
RETURN(RC_FAIL);
}
}
/*
* Restore parsing context.
*/
ctx = (asn_struct_ctx_t *)((char *)st + specs->ctx_offset);
/*
* Start to parse where left previously
*/
switch(ctx->phase) {
case 0:
/*
* PHASE 0.
* Check that the set of tags associated with given structure
* perfectly fits our expectations.
*/
rval = ber_check_tags(opt_codec_ctx, td, ctx, ptr, size,
tag_mode, 1, &ctx->left, 0);
if(rval.code != RC_OK) {
ASN_DEBUG("%s tagging check failed: %d",
td->name, rval.code);
return rval;
}
if(ctx->left >= 0)
ctx->left += rval.consumed; /* ?Substracted below! */
ADVANCE(rval.consumed);
ASN_DEBUG("Structure consumes %ld bytes, "
"buffer %ld", (long)ctx->left, (long)size);
NEXT_PHASE(ctx);
/* Fall through */
case 1:
/*
* PHASE 1.
* From the place where we've left it previously,
* try to decode the next item.
*/
for(;; ctx->step = 0) {
ssize_t tag_len; /* Length of TLV's T */
if(ctx->step & 1)
goto microphase2;
/*
* MICROPHASE 1: Synchronize decoding.
*/
if(ctx->left == 0) {
ASN_DEBUG("End of SET OF %s", td->name);
/*
* No more things to decode.
* Exit out of here.
*/
PHASE_OUT(ctx);
RETURN(RC_OK);
}
/*
* Fetch the T from TLV.
*/
tag_len = ber_fetch_tag(ptr, LEFT, &tlv_tag);
switch(tag_len) {
case 0: if(!SIZE_VIOLATION) RETURN(RC_WMORE);
/* Fall through */
case -1: RETURN(RC_FAIL);
}
if(ctx->left < 0 && ((const uint8_t *)ptr)[0] == 0) {
if(LEFT < 2) {
if(SIZE_VIOLATION)
RETURN(RC_FAIL);
else
RETURN(RC_WMORE);
} else if(((const uint8_t *)ptr)[1] == 0) {
/*
* Found the terminator of the
* indefinite length structure.
*/
break;
}
}
/* Outmost tag may be unknown and cannot be fetched/compared */
if(elm->tag != (ber_tlv_tag_t)-1) {
if(BER_TAGS_EQUAL(tlv_tag, elm->tag)) {
/*
* The new list member of expected type has arrived.
*/
} else {
ASN_DEBUG("Unexpected tag %s fixed SET OF %s",
ber_tlv_tag_string(tlv_tag), td->name);
ASN_DEBUG("%s SET OF has tag %s",
td->name, ber_tlv_tag_string(elm->tag));
RETURN(RC_FAIL);
}
}
/*
* MICROPHASE 2: Invoke the member-specific decoder.
*/
ctx->step |= 1; /* Confirm entering next microphase */
microphase2:
/*
* Invoke the member fetch routine according to member's type
*/
rval = elm->type->ber_decoder(opt_codec_ctx,
elm->type, &ctx->ptr, ptr, LEFT, 0);
ASN_DEBUG("In %s SET OF %s code %d consumed %d",
td->name, elm->type->name,
rval.code, (int)rval.consumed);
switch(rval.code) {
case RC_OK:
{
asn_anonymous_set_ *list = _A_SET_FROM_VOID(st);
if(ASN_SET_ADD(list, ctx->ptr) != 0)
RETURN(RC_FAIL);
else
ctx->ptr = 0;
}
break;
case RC_WMORE: /* More data expected */
if(!SIZE_VIOLATION) {
ADVANCE(rval.consumed);
RETURN(RC_WMORE);
}
/* Fall through */
case RC_FAIL: /* Fatal error */
ASN_STRUCT_FREE(*elm->type, ctx->ptr);
ctx->ptr = 0;
RETURN(RC_FAIL);
} /* switch(rval) */
ADVANCE(rval.consumed);
} /* for(all list members) */
NEXT_PHASE(ctx);
case 2:
/*
* Read in all "end of content" TLVs.
*/
while(ctx->left < 0) {
if(LEFT < 2) {
if(LEFT > 0 && ((const char *)ptr)[0] != 0) {
/* Unexpected tag */
RETURN(RC_FAIL);
} else {
RETURN(RC_WMORE);
}
}
if(((const char *)ptr)[0] == 0
&& ((const char *)ptr)[1] == 0) {
ADVANCE(2);
ctx->left++;
} else {
RETURN(RC_FAIL);
}
}
PHASE_OUT(ctx);
}
RETURN(RC_OK);
}
/*
* Decode the XER (XML) data.
*/
asn_dec_rval_t
SET_OF_decode_xer(asn_codec_ctx_t *opt_codec_ctx, asn_TYPE_descriptor_t *td,
void **struct_ptr, const char *opt_mname,
const void *buf_ptr, size_t size) {
/*
* Bring closer parts of structure description.
*/
asn_SET_OF_specifics_t *specs = (asn_SET_OF_specifics_t *)td->specifics;
asn_TYPE_member_t *element = td->elements;
const char *elm_tag;
const char *xml_tag = opt_mname ? opt_mname : td->xml_tag;
/*
* ... and parts of the structure being constructed.
*/
void *st = *struct_ptr; /* Target structure. */
asn_struct_ctx_t *ctx; /* Decoder context */
asn_dec_rval_t rval; /* Return value from a decoder */
ssize_t consumed_myself = 0; /* Consumed bytes from ptr */
/*
* Create the target structure if it is not present already.
*/
if(st == 0) {
st = *struct_ptr = CALLOC(1, specs->struct_size);
if(st == 0) RETURN(RC_FAIL);
}
/* Which tag is expected for the downstream */
if(specs->as_XMLValueList) {
elm_tag = (specs->as_XMLValueList == 1) ? 0 : "";
} else {
elm_tag = (*element->name)
? element->name : element->type->xml_tag;
}
/*
* Restore parsing context.
*/
ctx = (asn_struct_ctx_t *)((char *)st + specs->ctx_offset);
/*
* Phases of XER/XML processing:
* Phase 0: Check that the opening tag matches our expectations.
* Phase 1: Processing body and reacting on closing tag.
* Phase 2: Processing inner type.
*/
for(; ctx->phase <= 2;) {
pxer_chunk_type_e ch_type; /* XER chunk type */
ssize_t ch_size; /* Chunk size */
xer_check_tag_e tcv; /* Tag check value */
/*
* Go inside the inner member of a set.
*/
if(ctx->phase == 2) {
asn_dec_rval_t tmprval;
/* Invoke the inner type decoder, m.b. multiple times */
ASN_DEBUG("XER/SET OF element [%s]", elm_tag);
tmprval = element->type->xer_decoder(opt_codec_ctx,
element->type, &ctx->ptr, elm_tag,
buf_ptr, size);
if(tmprval.code == RC_OK) {
asn_anonymous_set_ *list = _A_SET_FROM_VOID(st);
if(ASN_SET_ADD(list, ctx->ptr) != 0)
RETURN(RC_FAIL);
ctx->ptr = 0;
XER_ADVANCE(tmprval.consumed);
} else {
XER_ADVANCE(tmprval.consumed);
RETURN(tmprval.code);
}
ctx->phase = 1; /* Back to body processing */
ASN_DEBUG("XER/SET OF phase => %d", ctx->phase);
/* Fall through */
}
/*
* Get the next part of the XML stream.
*/
ch_size = xer_next_token(&ctx->context,
buf_ptr, size, &ch_type);
switch(ch_size) {
case -1: RETURN(RC_FAIL);
case 0: RETURN(RC_WMORE);
default:
switch(ch_type) {
case PXER_COMMENT: /* Got XML comment */
case PXER_TEXT: /* Ignore free-standing text */
XER_ADVANCE(ch_size); /* Skip silently */
continue;
case PXER_TAG:
break; /* Check the rest down there */
}
}
tcv = xer_check_tag(buf_ptr, ch_size, xml_tag);
ASN_DEBUG("XER/SET OF: tcv = %d, ph=%d t=%s",
tcv, ctx->phase, xml_tag);
switch(tcv) {
case XCT_CLOSING:
if(ctx->phase == 0) break;
ctx->phase = 0;
/* Fall through */
case XCT_BOTH:
if(ctx->phase == 0) {
/* No more things to decode */
XER_ADVANCE(ch_size);
ctx->phase = 3; /* Phase out */
RETURN(RC_OK);
}
/* Fall through */
case XCT_OPENING:
if(ctx->phase == 0) {
XER_ADVANCE(ch_size);
ctx->phase = 1; /* Processing body phase */
continue;
}
/* Fall through */
case XCT_UNKNOWN_OP:
case XCT_UNKNOWN_BO:
ASN_DEBUG("XER/SET OF: tcv=%d, ph=%d", tcv, ctx->phase);
if(ctx->phase == 1) {
/*
* Process a single possible member.
*/
ctx->phase = 2;
continue;
}
/* Fall through */
default:
break;
}
ASN_DEBUG("Unexpected XML tag in SET OF");
break;
}
ctx->phase = 3; /* "Phase out" on hard failure */
RETURN(RC_FAIL);
}
asn_random_fill_result_t
SET_OF_random_fill(const asn_TYPE_descriptor_t *td, void **sptr,
const asn_encoding_constraints_t *constraints,
size_t max_length) {
const asn_SET_OF_specifics_t *specs =
(const asn_SET_OF_specifics_t *)td->specifics;
asn_random_fill_result_t res_ok = {ARFILL_OK, 0};
asn_random_fill_result_t result_failed = {ARFILL_FAILED, 0};
asn_random_fill_result_t result_skipped = {ARFILL_SKIPPED, 0};
const asn_TYPE_member_t *elm = td->elements;
void *st = *sptr;
long max_elements = 5;
long slb = 0; /* Lower size bound */
long sub = 0; /* Upper size bound */
size_t rnd_len;
if(max_length == 0) return result_skipped;
if(st == NULL) {
st = (*sptr = CALLOC(1, specs->struct_size));
if(st == NULL) {
return result_failed;
}
}
switch(asn_random_between(0, 6)) {
case 0: max_elements = 0; break;
case 1: max_elements = 1; break;
case 2: max_elements = 5; break;
case 3: max_elements = max_length; break;
case 4: max_elements = max_length / 2; break;
case 5: max_elements = max_length / 4; break;
default: break;
}
sub = slb + max_elements;
if(!constraints || !constraints->per_constraints)
constraints = &td->encoding_constraints;
if(constraints->per_constraints) {
const asn_per_constraint_t *pc = &constraints->per_constraints->size;
if(pc->flags & APC_SEMI_CONSTRAINED) {
slb = pc->lower_bound;
sub = pc->lower_bound + max_elements;
} else if(pc->flags & APC_CONSTRAINED) {
slb = pc->lower_bound;
sub = pc->upper_bound;
if(sub - slb > max_elements) sub = slb + max_elements;
}
}
/* Bias towards edges of allowed space */
switch(asn_random_between(-1, 4)) {
default:
case -1:
/* Prepare lengths somewhat outside of constrained range. */
if(constraints->per_constraints
&& (constraints->per_constraints->size.flags & APC_EXTENSIBLE)) {
switch(asn_random_between(0, 5)) {
default:
case 0:
rnd_len = 0;
break;
case 1:
if(slb > 0) {
rnd_len = slb - 1;
} else {
rnd_len = 0;
}
break;
case 2:
rnd_len = asn_random_between(0, slb);
break;
case 3:
if(sub < (ssize_t)max_length) {
rnd_len = sub + 1;
} else {
rnd_len = max_length;
}
break;
case 4:
if(sub < (ssize_t)max_length) {
rnd_len = asn_random_between(sub + 1, max_length);
} else {
rnd_len = max_length;
}
break;
case 5:
rnd_len = max_length;
break;
}
break;
}
/* Fall through */
case 0:
rnd_len = asn_random_between(slb, sub);
break;
case 1:
if(slb < sub) {
rnd_len = asn_random_between(slb + 1, sub);
break;
}
/* Fall through */
case 2:
rnd_len = asn_random_between(slb, slb);
break;
case 3:
if(slb < sub) {
rnd_len = asn_random_between(slb, sub - 1);
break;
}
/* Fall through */
case 4:
rnd_len = asn_random_between(sub, sub);
break;
}
for(; rnd_len > 0; rnd_len--) {
asn_anonymous_set_ *list = _A_SET_FROM_VOID(st);
void *ptr = 0;
asn_random_fill_result_t tmpres = elm->type->op->random_fill(
elm->type, &ptr, &elm->encoding_constraints,
(max_length > res_ok.length ? max_length - res_ok.length : 0)
/ rnd_len);
switch(tmpres.code) {
case ARFILL_OK:
ASN_SET_ADD(list, ptr);
res_ok.length += tmpres.length;
break;
case ARFILL_SKIPPED:
break;
case ARFILL_FAILED:
assert(ptr == 0);
return tmpres;
}
}
return res_ok;
}
PKIError GenerateCertificate (const UTF8String_t *subjectName, const UTF8String_t *issuerName,
const UTCTime_t *notBefore, const UTCTime_t *notAfter,
const BIT_STRING_t *subjectPublicKey, const BIT_STRING_t *issuerPrivateKey,
ByteArray *encodedCertificate)
{
FUNCTION_INIT();
asn_enc_rval_t ec; /* Encoder return value */
Certificate_t *certificate = NULL; /* Type to encode */
AttributeTypeAndValue_t *issuerTypeAndValue = NULL;
AttributeTypeAndValue_t *subjectTypeAndValue = NULL;
RelativeDistinguishedName_t *issuerRDN = NULL;
RelativeDistinguishedName_t *subjectRDN = NULL;
uint8_t *uint8Pointer = NULL;
ByteArray tbs = BYTE_ARRAY_INITIALIZER;
uint8_t signature[SIGN_FULL_SIZE];
uint8_t sha256[SHA_256_HASH_LEN];
uint8_t tbsDer[ISSUER_MAX_CERT_SIZE];
long serialNumber = 0;
CHECK_NULL(subjectName, ISSUER_X509_NULL_PASSED);
CHECK_NULL(issuerName, ISSUER_X509_NULL_PASSED);
CHECK_NULL(notBefore, ISSUER_X509_NULL_PASSED);
CHECK_NULL(notAfter, ISSUER_X509_NULL_PASSED);
CHECK_NULL(subjectPublicKey, ISSUER_X509_NULL_PASSED);
CHECK_NULL(issuerPrivateKey, ISSUER_X509_NULL_PASSED);
CHECK_NULL_BYTE_ARRAY_PTR(encodedCertificate, ISSUER_X509_NULL_PASSED);
CHECK_LESS_EQUAL(ISSUER_MAX_CERT_SIZE, encodedCertificate->len,
ISSUER_X509_WRONG_BYTE_ARRAY_LEN);
/* Allocate the memory */
certificate = OICCalloc(1, sizeof(Certificate_t)); // not malloc!
CHECK_NULL(certificate, ISSUER_X509_MEMORY_ALLOC_FAILED);
issuerTypeAndValue = OICCalloc(1, sizeof(AttributeTypeAndValue_t));
CHECK_NULL(issuerTypeAndValue, ISSUER_X509_MEMORY_ALLOC_FAILED);
issuerRDN = OICCalloc(1, sizeof(RelativeDistinguishedName_t));
CHECK_NULL(issuerRDN, ISSUER_X509_MEMORY_ALLOC_FAILED);
subjectTypeAndValue = OICCalloc(1, sizeof(AttributeTypeAndValue_t));
CHECK_NULL(subjectTypeAndValue, ISSUER_X509_MEMORY_ALLOC_FAILED);
subjectRDN = OICCalloc(1, sizeof(RelativeDistinguishedName_t));
CHECK_NULL(subjectRDN, ISSUER_X509_MEMORY_ALLOC_FAILED);
//set issuer name
issuerTypeAndValue->value = *issuerName;
issuerTypeAndValue->type.buf = (uint8_t *)g_COMMON_NAME_OID; //2.5.4.3
issuerTypeAndValue->type.size = sizeof(g_COMMON_NAME_OID) / sizeof(g_COMMON_NAME_OID[0]);
ASN_SET_ADD(issuerRDN, issuerTypeAndValue);
ASN_SEQUENCE_ADD(&(certificate->tbsCertificate.issuer), issuerRDN);
//set subject name
subjectTypeAndValue->value = *subjectName;
subjectTypeAndValue->type.buf = (uint8_t *)g_COMMON_NAME_OID; //2.5.4.3
subjectTypeAndValue->type.size = sizeof(g_COMMON_NAME_OID) / sizeof(g_COMMON_NAME_OID[0]);
ASN_SET_ADD(subjectRDN, subjectTypeAndValue);
ASN_SEQUENCE_ADD(&(certificate->tbsCertificate.subject), subjectRDN);
//set validity
certificate->tbsCertificate.validity.notBefore = *notBefore;
certificate->tbsCertificate.validity.notAfter = *notAfter;
//set X.509 certificate version
certificate->tbsCertificate.version = X509_V2;
//set serial number
certificate->tbsCertificate.serialNumber = 0;
CHECK_CALL(InitCKMInfo);
CHECK_CALL(GetNextSerialNumber, &serialNumber);
certificate->tbsCertificate.serialNumber = serialNumber;
serialNumber++;
CHECK_CALL(SetNextSerialNumber, serialNumber);
CHECK_CALL(SaveCKMInfo);
//set signature algorithm in TBS
certificate->tbsCertificate.signature.algorithm.buf =
(uint8_t *)g_ECDSA_WITH_SHA256_OID; //1.2.840.10045.4.3.2
certificate->tbsCertificate.signature.algorithm.size =
sizeof(g_ECDSA_WITH_SHA256_OID) / sizeof(g_ECDSA_WITH_SHA256_OID[0]);
certificate->tbsCertificate.signature.nul = OICCalloc(1, sizeof(NULL_t));
CHECK_NULL(certificate->tbsCertificate.signature.nul, ISSUER_X509_MEMORY_ALLOC_FAILED);
//set subject Public Key algorithm
certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm.buf =
(uint8_t *)g_EC_PUBLIC_KEY_OID; //1.2.840.10045.2.1
certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm.size =
sizeof(g_EC_PUBLIC_KEY_OID) / sizeof(g_EC_PUBLIC_KEY_OID[0]);
//set subject Public Key curve
certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey =
OICCalloc(1, sizeof(OBJECT_IDENTIFIER_t));
CHECK_NULL(certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey,
ISSUER_X509_MEMORY_ALLOC_FAILED);
certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey->buf =
(uint8_t *)g_PRIME_256_V1_OID; //1.2.840.10045.3.1.7
certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey->size =
sizeof(g_PRIME_256_V1_OID) / sizeof(g_PRIME_256_V1_OID[0]);
//set subject Public Key
certificate->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey = *subjectPublicKey;
//set signature algorithm
certificate->signatureAlgorithm.algorithm.buf = (uint8_t *)g_ECDSA_WITH_SHA256_OID;
certificate->signatureAlgorithm.algorithm.size =
sizeof(g_ECDSA_WITH_SHA256_OID) / sizeof(g_ECDSA_WITH_SHA256_OID[0]);
certificate->signatureAlgorithm.nul = OICCalloc(1, sizeof(NULL_t));
CHECK_NULL(certificate->signatureAlgorithm.nul, ISSUER_X509_MEMORY_ALLOC_FAILED);
//encode TBS to DER
ec = der_encode_to_buffer(&asn_DEF_TBSCertificate, &(certificate->tbsCertificate),
tbsDer, ISSUER_MAX_CERT_SIZE);
CHECK_COND(ec.encoded > 0, ISSUER_X509_DER_ENCODE_FAIL);
tbs.len = ec.encoded;
tbs.data = tbsDer;
GET_SHA_256(tbs, sha256);
CHECK_COND(uECC_sign((issuerPrivateKey->buf) + 1, sha256, signature),
ISSUER_X509_SIGNATURE_FAIL);
//additional byte for ASN1_UNCOMPRESSED_KEY_ID
// ECDSA-Sig-Value ::= SEQUENCE { r INTEGER, s INTEGER } (RFC 5480)
certificate->signatureValue.size = SIGN_FULL_SIZE + 6;// size for SEQUENCE ID + 2 * INTEGER ID
// if first byte of positive INTEGER exceed 127 add 0 byte before
if (signature[0] > 127)
{
certificate->signatureValue.size ++;
}
// if first byte of positive INTEGER exceed 127 add 0 byte before
if (signature[SIGN_R_LEN] > 127)
{
certificate->signatureValue.size ++;
}
certificate->signatureValue.buf = OICCalloc(certificate->signatureValue.size, sizeof(uint8_t));
CHECK_NULL(certificate->signatureValue.buf, ISSUER_X509_MEMORY_ALLOC_FAILED);
*(certificate->signatureValue.buf) = (12 << 2); //ASN.1 SEQUENCE ID
*(certificate->signatureValue.buf + 1) = certificate->signatureValue.size - 2;
//ASN.1 SEQUENCE size
uint8Pointer = certificate->signatureValue.buf + 2; //skip SEQUENCE ID and size
*uint8Pointer = (2 << 0); //ASN.1 INTEGER ID
// if first byte of positive INTEGER exceed 127 add 0 byte before
if (signature[0] > 127)
{
*(uint8Pointer + 1) = SIGN_R_LEN + 1; //ASN.1 INTEGER size
uint8Pointer += 3; //skip INTEGER ID and size
}
else
{
*(uint8Pointer + 1) = SIGN_R_LEN; //ASN.1 INTEGER SIZE
uint8Pointer += 2; //skip INTEGER ID and size
}
memcpy(uint8Pointer, signature, SIGN_R_LEN);
uint8Pointer += SIGN_R_LEN; //skip first part of signature
*uint8Pointer = (2 << 0); //ASN.1 INTEGER ID
// if first byte of positive INTEGER exceed 127 add 0 byte before
if (signature [SIGN_R_LEN] > 127)
{
*(uint8Pointer + 1) = SIGN_S_LEN + 1; //ASN.1 INTEGER size
uint8Pointer += 3; //skip INTEGER ID and size
}
else
{
*(uint8Pointer + 1) = SIGN_S_LEN; //ASN.1 INTEGER size
uint8Pointer += 2; //skip INTEGER ID and size
}
memcpy(uint8Pointer, signature + SIGN_R_LEN, SIGN_S_LEN);
ec = der_encode_to_buffer(&asn_DEF_Certificate, certificate,
encodedCertificate->data, ISSUER_MAX_CERT_SIZE);
CHECK_COND(ec.encoded > 0, ISSUER_X509_DER_ENCODE_FAIL);
encodedCertificate->len = ec.encoded;
FUNCTION_CLEAR(
if (issuerTypeAndValue)
{
issuerTypeAndValue->value.buf = NULL;
issuerTypeAndValue->type.buf = NULL;
}
if (subjectTypeAndValue)
{
subjectTypeAndValue->value.buf = NULL;
subjectTypeAndValue->type.buf = NULL;
}
if (certificate)
{
certificate->tbsCertificate.validity.notBefore.buf = NULL;
certificate->tbsCertificate.validity.notAfter.buf = NULL;
certificate->tbsCertificate.subjectPublicKeyInfo.subjectPublicKey.buf = NULL;
certificate->tbsCertificate.signature.algorithm.buf = NULL;
certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.algorithm.buf = NULL;
certificate->tbsCertificate.subjectPublicKeyInfo.algorithm.id_ecPublicKey->buf = NULL;
certificate->signatureAlgorithm.algorithm.buf = NULL;
}
ASN_STRUCT_FREE(asn_DEF_Certificate, certificate);
certificate = NULL;
);
void getSignedDataStructure(SignedData_t **sig_dat,
X509 *certificateX509,
char *contentData,
const char *certBuffer,
int certLenght,
char *dataSigned,
int lengthdataSigned,
char *messageDigest,
int lengthMessageDigest,
char *contentDescription,
char *policyOID,
char *policyHash,
char *policyHashAlg,
char *policyUri,
char *certHash,
int lengthCertHash,
char *hashAlgorithm,
int signingCertificateV2,
char *signAlgorithm,
struct tm *local){
int rec;
//creamos el objeto signedData
SignedData_t *signedData;
signedData = calloc(1, sizeof(*signedData));
/*****VERSION SIGNEDDATA*****/
//creamos el objeto CMSVersion
CMSVersion_t *version;
version = calloc(1, sizeof(*version));
version = CMSVersion_v1;
signedData -> version = version;
/*****DIGEST ALGORITHMS*****/
DigestAlgorithmIdentifiers_t *digestAlgorithms;
digestAlgorithms = calloc(1, sizeof(*digestAlgorithms));
DigestAlgorithmIdentifier_t *digestAlgorithm;
digestAlgorithm = calloc(1, sizeof(*digestAlgorithm));
digestAlgorithm -> algorithm = makeOID(hashAlgorithm);
NULL_t *null;
null = calloc(1, sizeof(*null));
digestAlgorithm -> parameters = ANY_new_fromType(&asn_DEF_NULL, null);
rec = ASN_SET_ADD(&digestAlgorithms ->list, digestAlgorithm);
signedData -> digestAlgorithms = *digestAlgorithms;
/*****ENCAPCONTENTINFO*****/
EncapsulatedContentInfo_t *encapsulatedContentInfo;
encapsulatedContentInfo = calloc(1, sizeof(*encapsulatedContentInfo));
ContentType_t *eContentType;
eContentType = calloc(1,sizeof(*eContentType));
*eContentType = makeOID(DATA_OID);
encapsulatedContentInfo->eContentType = *eContentType;
//NSString *contentData= @"datos";
//NSString *contentData= NULL;
if (contentData != NULL){
OCTET_STRING_t *osContentData;
osContentData = calloc(1,sizeof(*osContentData));
OCTET_STRING_fromString(osContentData,contentData);
encapsulatedContentInfo->eContent = osContentData;
}
signedData -> encapContentInfo = *encapsulatedContentInfo;
/*****CERTIFICATES (OPTIONAL)*****/
CertificateSet_t *certificateSet;
certificateSet = calloc(1, sizeof(*certificateSet));
certificateSet = ANY_new_fromBuf(certBuffer, certLenght);
signedData -> certificates = certificateSet;
/*****SIGNERINFO******/
SignerInfos_t *CADESSignerInfos;
getCADESSignerInfos(&CADESSignerInfos,
certificateX509,
dataSigned,
lengthdataSigned,
messageDigest,
lengthMessageDigest,
contentDescription,
policyOID,
policyHash,
policyHashAlg,
policyUri,
certHash,
lengthCertHash,
hashAlgorithm,
signingCertificateV2,
signAlgorithm,
local);
signedData-> signerInfos = *CADESSignerInfos;
*sig_dat = signedData;
}
