1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
/*
* Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdlib.h>
#include <openssl/objects.h>
#include "crypto/ec.h"
#define ASN1_SEQUENCE 0x30
#define ASN1_OID 0x06
#define OID_FIRST(a, b) a * 40 + b
#define DER_840() 0x86, 0x48 /* DER encoding of number 840 is 2 bytes */
#define DER_10045() 0xCE, 0x3D /* DER encoding of number 10045 is 2 bytes */
#define SHA1_SZ 7
#define SHA2_SZ 8
#define SHA3_SZ 9
/*
* -- RFC 3279
* ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) 10045 }
* id-ecSigType OBJECT IDENTIFIER ::= { ansi-X9-62 signatures(4) }
*
* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { id-ecSigType 1 }
*/
#define ENCODE_ALGORITHMIDENTIFIER_SHA1(name) \
static const unsigned char algorithmidentifier_##name##_der[] = { \
ASN1_SEQUENCE, 2 + SHA1_SZ, \
ASN1_OID, SHA1_SZ, OID_FIRST(1, 2), DER_840(), DER_10045(), 4, 1 \
}
/*
* -- RFC 5758
*
* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
* us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 1 }
*
* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
* us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 }
*
* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
* us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 3 }
*
* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
* us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 4 }
*/
#define ENCODE_ALGORITHMIDENTIFIER_SHA2(name, n) \
static const unsigned char algorithmidentifier_##name##_der[] = { \
ASN1_SEQUENCE, 2 + SHA2_SZ, \
ASN1_OID, SHA2_SZ, OID_FIRST(1, 2), DER_840(), DER_10045(), 4, 3, n \
}
/*
* https://csrc.nist.gov/projects/computer-security-objects-register/algorithm-registration
*
* sigAlgs OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 4 3 }
*
* id-ecdsa-with-sha3-224 ::= { sigAlgs 9 }
* id-ecdsa-with-sha3-256 ::= { sigAlgs 10 }
* id-ecdsa-with-sha3-384 ::= { sigAlgs 11 }
* id-ecdsa-with-sha3-512 ::= { sigAlgs 12 }
*/
#define ENCODE_ALGORITHMIDENTIFIER_SHA3(name, n) \
static const unsigned char algorithmidentifier_##name##_der[] = { \
ASN1_SEQUENCE, 2 + SHA3_SZ, \
ASN1_OID, SHA3_SZ, OID_FIRST(2, 16), DER_840(), 1, 101, 3, 4, 3, n \
}
ENCODE_ALGORITHMIDENTIFIER_SHA1(sha1);
ENCODE_ALGORITHMIDENTIFIER_SHA2(sha224, 1);
ENCODE_ALGORITHMIDENTIFIER_SHA2(sha256, 2);
ENCODE_ALGORITHMIDENTIFIER_SHA2(sha384, 3);
ENCODE_ALGORITHMIDENTIFIER_SHA2(sha512, 4);
ENCODE_ALGORITHMIDENTIFIER_SHA3(sha3_224, 9);
ENCODE_ALGORITHMIDENTIFIER_SHA3(sha3_256, 10);
ENCODE_ALGORITHMIDENTIFIER_SHA3(sha3_384, 11);
ENCODE_ALGORITHMIDENTIFIER_SHA3(sha3_512, 12);
/* TODO - Add SHAKE OIDS when they are standardized */
#define MD_CASE(name) \
case NID_##name: \
*len = sizeof(algorithmidentifier_##name##_der); \
return algorithmidentifier_##name##_der
const unsigned char *ecdsa_algorithmidentifier_encoding(int md_nid, size_t *len)
{
switch (md_nid) {
MD_CASE(sha1);
MD_CASE(sha224);
MD_CASE(sha256);
MD_CASE(sha384);
MD_CASE(sha512);
MD_CASE(sha3_224);
MD_CASE(sha3_256);
MD_CASE(sha3_384);
MD_CASE(sha3_512);
default:
return NULL;
}
}
|