static AJ_Status DecodeCertificatePub(DER_Element* der, AJ_KeyInfo* keyinfo) { AJ_Status status; DER_Element seq; DER_Element bit; DER_Element oid1; DER_Element oid2; uint8_t tags1[] = { ASN_SEQ, ASN_BITS }; uint8_t tags2[] = { ASN_OID, ASN_OID }; status = AJ_ASN1DecodeElements(der, tags1, sizeof (tags1), &seq, &bit); if (AJ_OK != status) { return status; } /* * We only accept NISTP256 ECC keys at the moment. */ status = AJ_ASN1DecodeElements(&seq, tags2, sizeof (tags2), &oid1, &oid2); if (AJ_OK != status) { return status; } if (sizeof (OID_KEY_ECC) != oid1.size) { return AJ_ERR_INVALID; } if (0 != memcmp(OID_KEY_ECC, oid1.data, oid1.size)) { return AJ_ERR_INVALID; } if (sizeof (OID_CRV_PRIME256V1) != oid2.size) { return AJ_ERR_INVALID; } if (0 != memcmp(OID_CRV_PRIME256V1, oid2.data, oid2.size)) { return AJ_ERR_INVALID; } /* * We only accept uncompressed ECC points. */ if ((2 + KEY_ECC_PUB_SZ) != bit.size) { return AJ_ERR_INVALID; } if ((0x00 != bit.data[0]) || (0x04 != bit.data[1])) { return AJ_ERR_INVALID; } bit.data += 2; bit.size -= 2; memset(keyinfo, 0, sizeof (AJ_KeyInfo)); keyinfo->fmt = KEY_FMT_ALLJOYN; keyinfo->use = KEY_USE_SIG; keyinfo->kty = KEY_TYP_ECC; keyinfo->alg = KEY_ALG_ECDSA_SHA256; keyinfo->crv = KEY_CRV_NISTP256; AJ_BigvalDecode(bit.data, &keyinfo->key.publickey.x, KEY_ECC_SZ); bit.data += KEY_ECC_SZ; bit.size -= KEY_ECC_SZ; AJ_BigvalDecode(bit.data, &keyinfo->key.publickey.y, KEY_ECC_SZ); return status; }
AJ_Status AJ_X509DecodeCertificateDER(X509Certificate* certificate, DER_Element* der) { AJ_Status status; DER_Element seq; DER_Element tbs; DER_Element tmp; DER_Element oid; DER_Element sig; const uint8_t tags1[] = { ASN_SEQ }; const uint8_t tags2[] = { ASN_SEQ, ASN_SEQ, ASN_BITS }; AJ_InfoPrintf(("AJ_X509DecodeCertificateDER(certificate=%p, der=%p)\n", certificate, der)); if ((NULL == certificate) || (NULL == der)) { return AJ_ERR_INVALID; } status = AJ_ASN1DecodeElements(der, tags1, sizeof (tags1), &seq); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElements(&seq, tags2, sizeof (tags2), &tbs, &tmp, &sig); if (AJ_OK != status) { return status; } /* * The signed TBS includes the sequence and length fields. */ certificate->raw.data = tbs.data - 4; certificate->raw.size = tbs.size + 4; status = DecodeCertificateTBS(&certificate->tbs, &tbs); if (AJ_OK != status) { return status; } /* * We only accept ECDSA-SHA256 signed certificates at the moment. */ status = AJ_ASN1DecodeElement(&tmp, ASN_OID, &oid); if (AJ_OK != status) { return status; } if (!CompareOID(&oid, OID_SIG_ECDSA_SHA256, sizeof (OID_SIG_ECDSA_SHA256))) { return AJ_ERR_INVALID; } /* * Remove the byte specifying unused bits, this should always be zero. */ if ((0 == sig.size) || (0 != *sig.data)) { return AJ_ERR_INVALID; } sig.data++; sig.size--; status = DecodeCertificateSig(&certificate->signature, &sig); return status; }
AJ_Status AJ_DecodePrivateKeyDER(ecc_privatekey* key, DER_Element* der) { AJ_Status status; DER_Element seq; DER_Element ver; DER_Element prv; DER_Element alg; const uint8_t tags1[] = { ASN_SEQ }; const uint8_t tags2[] = { ASN_INTEGER, ASN_OCTETS, ASN_CONTEXT_SPECIFIC }; status = AJ_ASN1DecodeElements(der, tags1, sizeof (tags1), &seq); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElements(&seq, tags2, sizeof (tags2), &ver, &prv, 0, &alg); if (AJ_OK != status) { return status; } if ((1 != ver.size) || (1 != *ver.data)) { return AJ_ERR_INVALID; } if (KEY_ECC_PRV_SZ != prv.size) { return AJ_ERR_INVALID; } AJ_BigvalDecode(prv.data, key, KEY_ECC_SZ); return status; }
static AJ_Status DecodeCertificatePub(ecc_publickey* pub, DER_Element* der) { AJ_Status status; DER_Element seq; DER_Element bit; DER_Element oid1; DER_Element oid2; const uint8_t tags1[] = { ASN_SEQ, ASN_BITS }; const uint8_t tags2[] = { ASN_OID, ASN_OID }; memset(pub, 0, sizeof (ecc_publickey)); status = AJ_ASN1DecodeElements(der, tags1, sizeof (tags1), &seq, &bit); if (AJ_OK != status) { return status; } /* * We only accept NISTP256 ECC keys at the moment. */ status = AJ_ASN1DecodeElements(&seq, tags2, sizeof (tags2), &oid1, &oid2); if (AJ_OK != status) { return status; } if (!CompareOID(&oid1, OID_KEY_ECC, sizeof (OID_KEY_ECC))) { return AJ_ERR_INVALID; } if (!CompareOID(&oid2, OID_CRV_PRIME256V1, sizeof (OID_CRV_PRIME256V1))) { return AJ_ERR_INVALID; } /* * We only accept uncompressed ECC points. */ if ((2 + KEY_ECC_PUB_SZ) != bit.size) { return AJ_ERR_INVALID; } if ((0x00 != bit.data[0]) || (0x04 != bit.data[1])) { return AJ_ERR_INVALID; } bit.data += 2; bit.size -= 2; AJ_BigvalDecode(bit.data, &pub->x, KEY_ECC_SZ); bit.data += KEY_ECC_SZ; bit.size -= KEY_ECC_SZ; AJ_BigvalDecode(bit.data, &pub->y, KEY_ECC_SZ); return status; }
static AJ_Status DecodeCertificateSig(DER_Element* der, ecc_signature* signature) { AJ_Status status; DER_Element seq; DER_Element int1; DER_Element int2; uint8_t tags[] = { ASN_INTEGER, ASN_INTEGER }; status = AJ_ASN1DecodeElement(der, ASN_SEQ, &seq); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElements(&seq, tags, sizeof (tags), &int1, &int2); if (AJ_OK != status) { return status; } /* * Skip over unused bits. */ if ((0 < int1.size) && (0 == *int1.data)) { int1.data++; int1.size--; } if ((0 < int2.size) && (0 == *int2.data)) { int2.data++; int2.size--; } memset(signature, 0, sizeof (ecc_signature)); AJ_BigvalDecode(int1.data, &signature->r, int1.size); AJ_BigvalDecode(int2.data, &signature->s, int2.size); return status; }
static AJ_Status DecodeCertificateTBS(X509Certificate* certificate, DER_Element* tbs) { AJ_Status status; DER_Element ver; DER_Element oid; DER_Element iss; DER_Element utc; DER_Element sub; DER_Element pub; DER_Element ext; DER_Element tmp; DER_Element time1; DER_Element time2; uint8_t tags1[] = { ASN_CONTEXT_SPECIFIC, ASN_INTEGER, ASN_SEQ, ASN_SEQ, ASN_SEQ, ASN_SEQ, ASN_SEQ, ASN_CONTEXT_SPECIFIC }; uint8_t tags2[] = { ASN_UTC_TIME, ASN_UTC_TIME }; status = AJ_ASN1DecodeElements(tbs, tags1, sizeof (tags1), 0, &ver, &certificate->serial, &oid, &iss, &utc, &sub, &pub, 3, &ext); if (AJ_OK != status) { return status; } /* * We only accept X.509v3 certificates. */ status = AJ_ASN1DecodeElement(&ver, ASN_INTEGER, &tmp); if (AJ_OK != status) { return status; } if ((0x1 != tmp.size) || (0x2 != *tmp.data)) { return AJ_ERR_INVALID; } /* * We only accept ECDSA-SHA256 signed certificates at the moment. */ status = AJ_ASN1DecodeElement(&oid, ASN_OID, &tmp); if (AJ_OK != status) { return status; } if (!CompareOID(&tmp, OID_SIG_ECDSA_SHA256, sizeof (OID_SIG_ECDSA_SHA256))) { return AJ_ERR_INVALID; } status = DecodeCertificateName(&iss, 0, NULL, &certificate->issuer); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElements(&utc, tags2, sizeof (tags2), &time1, &time2); if (AJ_OK != status) { return status; } status = DecodeCertificateName(&sub, 0, &certificate->guild, &certificate->subject); if (AJ_OK != status) { return status; } status = DecodeCertificatePub(&pub, &certificate->keyinfo); if (AJ_OK != status) { return status; } memset(certificate->digest, 0, SHA256_DIGEST_LENGTH); status = DecodeCertificateExt(certificate, &ext); return status; }
static AJ_Status DecodeCertificateExt(X509Certificate* certificate, DER_Element* der) { AJ_Status status; DER_Element tmp; DER_Element seq; DER_Element oid; DER_Element oct; uint8_t tags[] = { ASN_OID, ASN_OCTETS }; certificate->type = UNKNOWN_CERTIFICATE; status = AJ_ASN1DecodeElement(der, ASN_SEQ, &tmp); if (AJ_OK != status) { return status; } der->size = tmp.size; der->data = tmp.data; while ((AJ_OK == status) && (der->size)) { status = AJ_ASN1DecodeElement(der, ASN_SEQ, &seq); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElements(&seq, tags, sizeof (tags), &oid, &oct); if (AJ_OK != status) { return status; } if (CompareOID(&oid, OID_BASIC_CONSTRAINTS, sizeof (OID_BASIC_CONSTRAINTS))) { status = AJ_ASN1DecodeElement(&oct, ASN_SEQ, &seq); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElement(&seq, ASN_BOOLEAN, &tmp); if (AJ_OK != status) { return status; } } else if (CompareOID(&oid, OID_CUSTOM_CERT_TYPE, sizeof (OID_CUSTOM_CERT_TYPE))) { status = AJ_ASN1DecodeElement(&oct, ASN_SEQ, &seq); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElement(&seq, ASN_INTEGER, &tmp); if (AJ_OK != status) { return status; } if (sizeof (uint32_t) < tmp.size) { return AJ_ERR_INVALID; } certificate->type = 0; while (tmp.size--) { certificate->type <<= 8; certificate->type |= *tmp.data++; } } else if (CompareOID(&oid, OID_SUB_ALTNAME, sizeof (OID_SUB_ALTNAME))) { certificate->alias.size = oct.size; certificate->alias.data = oct.data; } else if (CompareOID(&oid, OID_CUSTOM_DIGEST, sizeof (OID_CUSTOM_DIGEST))) { status = AJ_ASN1DecodeElement(&oct, ASN_SEQ, &seq); if (AJ_OK != status) { return status; } status = AJ_ASN1DecodeElements(&seq, tags, sizeof (tags), &oid, &oct); if (AJ_OK != status) { return status; } if (!CompareOID(&oid, OID_DIG_SHA256, sizeof (OID_DIG_SHA256))) { return AJ_ERR_INVALID; } if (SHA256_DIGEST_LENGTH != oct.size) { return AJ_ERR_INVALID; } memcpy(certificate->digest, oct.data, SHA256_DIGEST_LENGTH); } else { // Ignore extensions we don't know AJ_DumpBytes("UNKNOWN", oid.data, oid.size); AJ_DumpBytes("UNKNOWN", oct.data, oct.size); } } return status; }
static AJ_Status DecodeCertificateTBS(X509TbsCertificate* tbs, DER_Element* der) { AJ_Status status; DER_Element ver; DER_Element oid; DER_Element iss; DER_Element utc; DER_Element sub; DER_Element pub; DER_Element ext; DER_Element tmp; const uint8_t tags[] = { ASN_CONTEXT_SPECIFIC, ASN_INTEGER, ASN_SEQ, ASN_SEQ, ASN_SEQ, ASN_SEQ, ASN_SEQ, ASN_CONTEXT_SPECIFIC }; memset(tbs, 0, sizeof (X509TbsCertificate)); status = AJ_ASN1DecodeElements(der, tags, sizeof (tags), 0, &ver, &tbs->serial, &oid, &iss, &utc, &sub, &pub, 3, &ext); if (AJ_OK != status) { return status; } /* * We only accept X.509v3 certificates. */ status = AJ_ASN1DecodeElement(&ver, ASN_INTEGER, &tmp); if (AJ_OK != status) { return status; } if ((0x1 != tmp.size) || (0x2 != *tmp.data)) { return AJ_ERR_INVALID; } /* * We only accept ECDSA-SHA256 signed certificates at the moment. */ status = AJ_ASN1DecodeElement(&oid, ASN_OID, &tmp); if (AJ_OK != status) { return status; } if (!CompareOID(&tmp, OID_SIG_ECDSA_SHA256, sizeof (OID_SIG_ECDSA_SHA256))) { return AJ_ERR_INVALID; } status = DecodeCertificateName(&tbs->issuer, &iss); if (AJ_OK != status) { return status; } status = DecodeCertificateTime(&tbs->validity, &utc); if (AJ_OK != status) { return status; } status = DecodeCertificateName(&tbs->subject, &sub); if (AJ_OK != status) { return status; } status = DecodeCertificatePub(&tbs->publickey, &pub); if (AJ_OK != status) { return status; } status = DecodeCertificateExt(&tbs->extensions, &ext); if (AJ_OK != status) { return status; } return status; }
static AJ_Status DecodeCertificateExt(X509Extensions* extensions, DER_Element* der) { AJ_Status status; DER_Element tmp; DER_Element seq; DER_Element savedSeq; DER_Element boolVal; DER_Element intVal; DER_Element oid; DER_Element oct; const uint8_t tags[] = { ASN_OID, ASN_OCTETS }; const uint8_t tagsWithCritical[] = { ASN_OID, ASN_BOOLEAN, ASN_OCTETS }; const uint8_t tagsCAPathLen[] = { ASN_BOOLEAN, ASN_INTEGER }; memset(extensions, 0, sizeof (X509Extensions)); status = AJ_ASN1DecodeElement(der, ASN_SEQ, &tmp); if (AJ_OK != status) { return status; } der->size = tmp.size; der->data = tmp.data; while ((AJ_OK == status) && (der->size)) { status = AJ_ASN1DecodeElement(der, ASN_SEQ, &seq); if (AJ_OK != status) { return status; } savedSeq.size = seq.size; savedSeq.data = seq.data; status = AJ_ASN1DecodeElements(&seq, tagsWithCritical, sizeof (tagsWithCritical), &oid, &boolVal, &oct); if (AJ_OK != status) { status = AJ_ASN1DecodeElements(&savedSeq, tags, sizeof (tags), &oid, &oct); if (AJ_OK != status) { return status; } } if (CompareOID(&oid, OID_BASIC_CONSTRAINTS, sizeof (OID_BASIC_CONSTRAINTS))) { status = AJ_ASN1DecodeElement(&oct, ASN_SEQ, &seq); if (AJ_OK != status) { return status; } // Explicit boolean (non-empty sequence) if (seq.size) { savedSeq.size = seq.size; savedSeq.data = seq.data; status = AJ_ASN1DecodeElements(&seq, tagsCAPathLen, sizeof (tagsCAPathLen), &tmp, &intVal); if (AJ_OK != status) { status = AJ_ASN1DecodeElement(&savedSeq, ASN_BOOLEAN, &tmp); if (AJ_OK != status) { return status; } } if (tmp.size) { extensions->ca = *tmp.data; } } } } return status; }