From 1d39620b3489d957978ef038be4533300d7c4179 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 31 Mar 2020 16:54:43 +0200 Subject: PROV: Add the beginning of a DER writing library This library is meant to be small and quick. It's based on WPACKET, which was extended to support DER writing. The way it's used is a bit unusual, as it's used to write the structures backward into a given buffer. A typical quick call looks like this: /* * Fill in this structure: * * something ::= SEQUENCE { * id OBJECT IDENTIFIER, * x [0] INTEGER OPTIONAL, * y [1] BOOLEAN OPTIONAL, * n INTEGER * } */ unsigned char buf[nnnn], *p = NULL; size_t encoded_len = 0; WPACKET pkt; int ok; ok = WPACKET_init_der(&pkt, buf, sizeof(buf) && DER_w_start_sequence(&pkt, -1) && DER_w_bn(&pkt, -1, bn) && DER_w_boolean(&pkt, 1, bool) && DER_w_precompiled(&pkt, -1, OID, sizeof(OID)) && DER_w_end_sequence(&pkt, -1) && WPACKET_finish(&pkt) && WPACKET_get_total_written(&pkt, &encoded_len) && (p = WPACKET_get_curr(&pkt)) != NULL; Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/11450) --- include/internal/der.h | 84 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 include/internal/der.h (limited to 'include') diff --git a/include/internal/der.h b/include/internal/der.h new file mode 100644 index 0000000000..118aa9857c --- /dev/null +++ b/include/internal/der.h @@ -0,0 +1,84 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include "internal/packet.h" + +/* + * NOTE: X.690 numbers the identifier octet bits 1 to 8. + * We use the same numbering in comments here. + */ + +/* Well known primitive tags */ + +/* + * DER UNIVERSAL tags, occupying bits 1-5 in the DER identifier byte + * These are only valid for the UNIVERSAL class. With the other classes, + * these bits have a different meaning. + */ +#define DER_P_EOC 0 /* BER End Of Contents tag */ +#define DER_P_BOOLEAN 1 +#define DER_P_INTEGER 2 +#define DER_P_BIT_STRING 3 +#define DER_P_OCTET_STRING 4 +#define DER_P_NULL 5 +#define DER_P_OBJECT 6 +#define DER_P_OBJECT_DESCRIPTOR 7 +#define DER_P_EXTERNAL 8 +#define DER_P_REAL 9 +#define DER_P_ENUMERATED 10 +#define DER_P_UTF8STRING 12 +#define DER_P_SEQUENCE 16 +#define DER_P_SET 17 +#define DER_P_NUMERICSTRING 18 +#define DER_P_PRINTABLESTRING 19 +#define DER_P_T61STRING 20 +#define DER_P_VIDEOTEXSTRING 21 +#define DER_P_IA5STRING 22 +#define DER_P_UTCTIME 23 +#define DER_P_GENERALIZEDTIME 24 +#define DER_P_GRAPHICSTRING 25 +#define DER_P_ISO64STRING 26 +#define DER_P_GENERALSTRING 27 +#define DER_P_UNIVERSALSTRING 28 +#define DER_P_BMPSTRING 30 + +/* DER Flags, occupying bit 6 in the DER identifier byte */ +#define DER_F_PRIMITIVE 0x00 +#define DER_F_CONSTRUCTED 0x20 + +/* DER classes tags, occupying bits 7-8 in the DER identifier byte */ +#define DER_C_UNIVERSAL 0x00 +#define DER_C_APPLICATION 0x40 +#define DER_C_CONTEXT 0x80 +#define DER_C_PRIVATE 0xC0 + +/* + * Run-time constructors. + * + * They all construct DER backwards, so care should be taken to use them + * that way. + */ + +/* This can be used for all items that don't have a context */ +#define DER_NO_CONTEXT -1 + +int DER_w_precompiled(WPACKET *pkt, int tag, + const unsigned char *precompiled, size_t precompiled_n); + +int DER_w_boolean(WPACKET *pkt, int tag, int b); +int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v); +int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v); +int DER_w_null(WPACKET *pkt, int tag); + +/* + * All constructors for constructed elements have a begin and a end function + */ +int DER_w_begin_sequence(WPACKET *pkt, int tag); +int DER_w_end_sequence(WPACKET *pkt, int tag); -- cgit v1.2.3