Microchip® Advanced Software Framework

x509_cert.c File Reference

X.509 certificate module.

Copyright (c) 2017-2018 Microchip Technology Inc. and its subsidiaries.

Data Structures

struct  tstrX509AlgID
 
struct  tstrX520DistinguishedName
 

Macros

#define ANSI_X9_62   0x2A, 0x86, 0x48, 0xCE, 0x3D
 
#define EC_SECP256R1_OID   {PRIME_CURVE, 7}
 
#define EC_SECP384R1_OID   {0x2B, 0x81, 0x04, 0x00, 0x22} /* 1.3.132.0.34 */
 
#define EC_SECP521R1_OID   {0x2B, 0x81, 0x04, 0x00, 0x23} /* 1.3.132.0.35 */
 
#define ECC_NUM_SUPP_CURVES   ((sizeof(gastrECCSuppList)) / (sizeof(tstrEllipticCurve)))
 
#define ECDSA_WITH_SHA1   {ID_EC_SIG_TYPE, 1}
 
#define ECDSA_WITH_SHA224   {ID_EC_SIG_TYPE, 3, 1}
 
#define ECDSA_WITH_SHA256   {ID_EC_SIG_TYPE, 3, 2}
 
#define ECDSA_WITH_SHA384   {ID_EC_SIG_TYPE, 3, 3}
 
#define ECDSA_WITH_SHA512   {ID_EC_SIG_TYPE, 3, 4}
 
#define ELLIPTIC_CURVE   ANSI_X9_62, 3
 
#define GET_VAL(BUF, OFFSET)   (((BUF)[OFFSET] * 10) + ((BUF)[OFFSET + 1]))
 
#define ID_AT   85 , 0x04 ,
 
#define ID_AT_COMMONNAME   {ID_AT 3 }
 
#define ID_AT_COUNTRYNAME   {ID_AT 6 }
 
#define ID_AT_ORGANIZATIONALUNITNAME   {ID_AT 11}
 
#define ID_AT_ORGANIZATIONNAME   {ID_AT 10}
 
#define ID_AT_SERIALNUMBER   {ID_AT 5 }
 
#define ID_CE   85 , 29 ,
 
#define ID_CE_AUTHORITY_KEY_ID   {ID_CE 35}
 
#define ID_CE_SUBJECT_KEY_ID   {ID_CE 14}
 
#define ID_EC_PUBLIC_KEY   {ID_PUBLIC_KEY_TYPE, 1}
 
#define ID_EC_SIG_TYPE   ANSI_X9_62, 0x04
 
#define ID_PUBLIC_KEY_TYPE   ANSI_X9_62, 02
 
#define MD5_WITH_RSA_ENCRYPTION   {PKCS_1, 4} /* 1.2.840.113549.1.1.4 */
 
#define PKCS_1   0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, 0x01
 
#define PRIME_CURVE   ELLIPTIC_CURVE, 1
 
#define RSA_ENCRYPTION   {PKCS_1, 1} /* 1.2.840.113549.1.1 */
 
#define SHA1_WITH_RSA_ENCRYPTION   {PKCS_1, 5} /* 1.2.840.113549.1.1.5 */
 
#define SHA224_WITH_RSA_ENCRYPTION   {PKCS_1, 14} /* 1.2.840.113549.1.1.14 */
 
#define SHA256_WITH_RSA_ENCRYPTION   {PKCS_1, 11} /* 1.2.840.113549.1.1.11 */
 
#define SHA384_WITH_RSA_ENCRYPTION   {PKCS_1, 12} /* 1.2.840.113549.1.1.12 */
 
#define SHA512_WITH_RSA_ENCRYPTION   {PKCS_1, 13} /* 1.2.840.113549.1.1.13 */
 
#define X509_EXTENSIONS_ID   0xA3
 
#define X509_GENERALIZED_TIME_LENGTH   0x0F
 
#define X509_ISSUER   ASN1_SEQUENCE
 
#define X509_ISSUER_UNIQUE_ID   0x81
 
#define X509_NUM_SUPPORTED_SEC_ALGORITHMS   (sizeof(gastrSecAlgorithms)/sizeof(tstrX509AlgID))
 
#define X509_SERIAL_NO   ASN1_INTEGER
 
#define X509_SIGNATURE   ASN1_SEQUENCE
 
#define X509_SUBJECT   ASN1_SEQUENCE
 
#define X509_SUBJECT_KEY_INFO   ASN1_SEQUENCE
 
#define X509_SUBJECT_UNIQUE_ID   0x82
 
#define X509_UTC_TIME_LENGTH   0x0D
 
#define X509_VALIDITY   ASN1_SEQUENCE
 
#define X509_VER_1   0
 
#define X509_VER_2   1
 
#define X509_VER_3   2
 
#define X509_VERSION   0xA0
 
#define X520_COMMON_NAME   1
 
#define X520_ORG   3
 
#define X520_ORG_UNIT   2
 

Enumerations

enum  tenuCertParsingState {
  CERT_VERSION_PENDING,
  CERT_SERIAL_PENDING,
  CERT_SIGNATURE_PENDING,
  CERT_ISSUER_PENDING,
  CERT_VALIDITY_PENDING,
  CERT_SUBJECT_PENDING,
  CERT_SUBECTKEYINFO_PENDING,
  CERT_EXTENSIONS_PENDING
}
 

Functions

sint8 Cert_CompareTime (tstrSystemTime *pstrT1, tstrSystemTime *pstrT2)
 
sint8 Cert_ComputeTBSCertHash (tstrTlsBuffer *pstrCrtBuff, tstrTLSBufferPos *pstrTBSCrt, uint16 u16TBSSize, tstrX509Cert *pstrCert)
 
TLS_CLIENT_API tstrX509AlgIDCert_DecodeAlgID (tstrAsn1Context *pstrX509Asn1Cxt, uint32 u32Size, tstrAsn1Element *pstrParam)
 
TLS_CLIENT_API sint8 Cert_DecodeDistinguishedName (tstrAsn1Context *pstrX509Asn1Cxt, uint32 u32Size, tstrX520DistinguishedName *pstrDN)
 
TLS_CLIENT_API sint8 Cert_DecodeECCPubKey (tstrAsn1Context *pstrX509Asn1Cxt, tstrAsn1Element *pstrKeyParam, tstrMemPool *pstrMemPool, tstrECPublicKey *pstrEcdsaKey)
 
TLS_CLIENT_API sint8 Cert_DecodeRSAPubKey (tstrAsn1Context *pstrX509Asn1Cxt, tstrAsn1Element *pstrKeyParam, tstrMemPool *pstrMemPool, tstrRSAPublicKey *pstrRsaPublicKey)
 
TLS_CLIENT_API sint8 Cert_DecodeSignature (tstrAsn1Context *pstrX509Asn1Cxt, uint16 u16SigSize, tstrX509Cert *pstrCert)
 
TLS_CLIENT_API sint8 Cert_DecodeSubjectPubKey (tstrAsn1Context *pstrX509Asn1Cxt, uint32 u32Size, tstrMemPool *pstrMemPool, tstrPublicKey *pstrPubKey)
 
TLS_CLIENT_API sint8 Cert_DecodeTBSCertificate (tstrAsn1Context *pstrX509Asn1Cxt, uint16 u16CertSize, tstrX509Cert *pstrCert)
 
sint8 Cert_DecodeTime (uint8 *pu8Time, tstrSystemTime *pstrTime)
 
TLS_CLIENT_API sint8 Cert_DecodeValidity (tstrAsn1Context *pstrX509Asn1Cxt, uint32 u32Size, tstrX509Cert *pstrCer)
 
TLS_CLIENT_API sint8 Cert_DecodeX520Name (tstrAsn1Context *pstrX509Asn1Cxt, uint32 u32Size, tstrX520Name *pstrName, tstrMemPool *pstrMemPool)
 
tstrEllipticCurveECC_GetCurveInfo (uint16 u16CurveID)
 
TLS_CLIENT_API sint8 X509_DecodeEcdsaSignature (tstrAsn1Context *pstrX509Asn1Cxt, uint8 *pu8Sig, uint16 *pu16SigSz)
 
TLS_CLIENT_API sint8 X509Cert_Decode (tstrTlsBuffer *pstrX509Buffer, uint32 u32CertSize, tstrMemPool *pstrPool, tstrX509Cert *pstrCert, uint8 bDumpX509)
 
TLS_CLIENT_API void X509Cert_Dump (tstrX509Cert *pstrCert)
 

Variables

static tstrEllipticCurve gastrECCSuppList []
 
static tstrX509AlgID gastrSecAlgorithms []
 

#define ANSI_X9_62   0x2A, 0x86, 0x48, 0xCE, 0x3D
#define EC_SECP256R1_OID   {PRIME_CURVE, 7}
#define EC_SECP384R1_OID   {0x2B, 0x81, 0x04, 0x00, 0x22} /* 1.3.132.0.34 */
#define EC_SECP521R1_OID   {0x2B, 0x81, 0x04, 0x00, 0x23} /* 1.3.132.0.35 */
#define ECC_NUM_SUPP_CURVES   ((sizeof(gastrECCSuppList)) / (sizeof(tstrEllipticCurve)))

Referenced by ECC_GetCurveInfo().

#define ECDSA_WITH_SHA1   {ID_EC_SIG_TYPE, 1}
#define ECDSA_WITH_SHA224   {ID_EC_SIG_TYPE, 3, 1}
#define ECDSA_WITH_SHA256   {ID_EC_SIG_TYPE, 3, 2}
#define ECDSA_WITH_SHA384   {ID_EC_SIG_TYPE, 3, 3}
#define ECDSA_WITH_SHA512   {ID_EC_SIG_TYPE, 3, 4}
#define ELLIPTIC_CURVE   ANSI_X9_62, 3
#define GET_VAL (   BUF,
  OFFSET 
)    (((BUF)[OFFSET] * 10) + ((BUF)[OFFSET + 1]))

Referenced by Cert_DecodeTime().

#define ID_AT   85 , 0x04 ,
#define ID_AT_COMMONNAME   {ID_AT 3 }
#define ID_AT_COUNTRYNAME   {ID_AT 6 }
#define ID_AT_ORGANIZATIONALUNITNAME   {ID_AT 11}
#define ID_AT_ORGANIZATIONNAME   {ID_AT 10}
#define ID_AT_SERIALNUMBER   {ID_AT 5 }
#define ID_CE   85 , 29 ,
#define ID_CE_AUTHORITY_KEY_ID   {ID_CE 35}
#define ID_CE_SUBJECT_KEY_ID   {ID_CE 14}
#define ID_EC_PUBLIC_KEY   {ID_PUBLIC_KEY_TYPE, 1}
#define ID_EC_SIG_TYPE   ANSI_X9_62, 0x04
#define ID_PUBLIC_KEY_TYPE   ANSI_X9_62, 02
#define MD5_WITH_RSA_ENCRYPTION   {PKCS_1, 4} /* 1.2.840.113549.1.1.4 */
#define PKCS_1   0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, 0x01
#define PRIME_CURVE   ELLIPTIC_CURVE, 1
#define RSA_ENCRYPTION   {PKCS_1, 1} /* 1.2.840.113549.1.1 */
#define SHA1_WITH_RSA_ENCRYPTION   {PKCS_1, 5} /* 1.2.840.113549.1.1.5 */
#define SHA224_WITH_RSA_ENCRYPTION   {PKCS_1, 14} /* 1.2.840.113549.1.1.14 */
#define SHA256_WITH_RSA_ENCRYPTION   {PKCS_1, 11} /* 1.2.840.113549.1.1.11 */
#define SHA384_WITH_RSA_ENCRYPTION   {PKCS_1, 12} /* 1.2.840.113549.1.1.12 */
#define SHA512_WITH_RSA_ENCRYPTION   {PKCS_1, 13} /* 1.2.840.113549.1.1.13 */
#define X509_EXTENSIONS_ID   0xA3

Encoded value for the issuerUniqueID tag. It is defined as [3] EXPLICIT Context-Specific class (10) | constructed (1) | 00011

#define X509_GENERALIZED_TIME_LENGTH   0x0F

The UTC time for the X.509 encoding takes the format YYYYMMDDHHMMSSZ. Each digit is BCD encoded as ASCII digit.

Referenced by Cert_DecodeTime().

#define X509_ISSUER   ASN1_SEQUENCE

Identifier for the certificate ISSUER element.

Referenced by Cert_DecodeTBSCertificate().

#define X509_ISSUER_UNIQUE_ID   0x81

Encoded value for the issuerUniqueID tag. It is defined as [1] IMPLICIT BIT STRING Context-Specific class (10) | primitive (0) | 00001

#define X509_NUM_SUPPORTED_SEC_ALGORITHMS   (sizeof(gastrSecAlgorithms)/sizeof(tstrX509AlgID))
#define X509_SERIAL_NO   ASN1_INTEGER

Identifier for the certificate serial num ber element.

Referenced by Cert_DecodeTBSCertificate().

#define X509_SIGNATURE   ASN1_SEQUENCE

Identifier for the Signature algorithm ID element.

Referenced by Cert_DecodeTBSCertificate().

#define X509_SUBJECT   ASN1_SEQUENCE

Identifier for the certificate SUBJECT information element.

Referenced by Cert_DecodeTBSCertificate().

#define X509_SUBJECT_KEY_INFO   ASN1_SEQUENCE

Identifier for the publick key information element.

Referenced by Cert_DecodeTBSCertificate().

#define X509_SUBJECT_UNIQUE_ID   0x82

Encoded value for the subjectUniqueID tag. It is defined as [2] IMPLICIT BIT STRING Context-Specific class (10) | primitive (0) | 00010

#define X509_UTC_TIME_LENGTH   0x0D

The UTC time for the X.509 encoding takes the format YYMMDDHHMMSSZ. Each digit is BCD encoded as ASCII digit.

Referenced by Cert_DecodeTime().

#define X509_VALIDITY   ASN1_SEQUENCE

Identifier for the certificate validity interval element.

Referenced by Cert_DecodeTBSCertificate().

#define X509_VER_1   0
#define X509_VER_2   1
#define X509_VER_3   2
#define X509_VERSION   0xA0

Identifier of the version field in the X.509 certificate encoding. It is given in the ASN.1 syntax as [0] EXPLICIT Context-Specific class (10) | constructed (1) | 00000

Referenced by Cert_DecodeTBSCertificate().

#define X520_COMMON_NAME   1
#define X520_ORG   3

Referenced by Cert_DecodeX520Name().

#define X520_ORG_UNIT   2

Enumerator
CERT_VERSION_PENDING 
CERT_SERIAL_PENDING 
CERT_SIGNATURE_PENDING 
CERT_ISSUER_PENDING 
CERT_VALIDITY_PENDING 
CERT_SUBJECT_PENDING 
CERT_SUBECTKEYINFO_PENDING 
CERT_EXTENSIONS_PENDING 

tstrEllipticCurve * ECC_GetCurveInfo ( uint16  u16CurveID)

References ECC_NUM_SUPP_CURVES, and NULL.

Referenced by Cert_DecodeECCPubKey().

TLS_CLIENT_API sint8 X509_DecodeEcdsaSignature ( tstrAsn1Context pstrX509Asn1Cxt,
uint8 pu8Sig,
uint16 pu16SigSz 
)

tstrEllipticCurve gastrECCSuppList[]
static
Initial value:
= {
{
{
{0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF},
{0xFFFFFFFC, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, 0x00000000, 0x00000001, 0xFFFFFFFF},
{0x27D2604B, 0x3BCE3C3E, 0xCC53B0F6, 0x651D06B0, 0x769886BC, 0xB3EBBD55, 0xAA3A93E7, 0x5AC635D8},
{
{
0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, 0x63, 0xA4, 0x40, 0xF2,
0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96
},
{
0x4F, 0xE3, 0x42, 0xE2, 0xFE, 0x1A, 0x7F, 0x9B, 0x8E, 0xE7, 0xEB, 0x4A, 0x7C, 0x0F, 0x9E, 0x16,
0x2B, 0xCE, 0x33, 0x57, 0x6B, 0x31, 0x5E, 0xCE, 0xCB, 0xB6, 0x40, 0x68, 0x37, 0xBF, 0x51, 0xF5
},
32
}
}
}
}
Definition: ecc_types.h:93
tstrX509AlgID gastrSecAlgorithms[]
static
Initial value:
=
{
}
#define ID_EC_PUBLIC_KEY
Definition: x509_cert.c:201
#define RSA_ENCRYPTION
Definition: x509_cert.c:177
#define MD5_WITH_RSA_ENCRYPTION
Definition: x509_cert.c:178
Definition: ecc_types.h:93
#define ECDSA_WITH_SHA256
Definition: x509_cert.c:196
#define EC_SECP256R1_OID
Definition: x509_cert.c:205
#define ECDSA_WITH_SHA512
Definition: x509_cert.c:198
#define EC_SECP384R1_OID
Definition: x509_cert.c:206
Definition: crypto.h:325
#define ECDSA_WITH_SHA1
Definition: x509_cert.c:194
Definition: crypto.h:125
#define SHA1_WITH_RSA_ENCRYPTION
Definition: x509_cert.c:179
#define ECDSA_WITH_SHA384
Definition: x509_cert.c:197
Definition: crypto.h:324
#define SHA224_WITH_RSA_ENCRYPTION
Definition: x509_cert.c:180
#define EC_SECP521R1_OID
Definition: x509_cert.c:207
#define SHA256_WITH_RSA_ENCRYPTION
Definition: x509_cert.c:181
#define SHA512_WITH_RSA_ENCRYPTION
Definition: x509_cert.c:183
#define SHA384_WITH_RSA_ENCRYPTION
Definition: x509_cert.c:182
Definition: ecc_types.h:101
#define ECDSA_WITH_SHA224
Definition: x509_cert.c:195
Definition: crypto.h:326
Definition: crypto.h:327
Definition: crypto.h:145
Definition: crypto.h:143
Definition: crypto.h:329
Definition: ecc_types.h:97
Definition: crypto.h:328
Definition: crypto.h:127