X.509 certificate module.
Copyright (c) 2017-2018 Microchip Technology Inc. and its subsidiaries.
Data Structures | |
struct | tstrX509AlgID |
struct | tstrX520DistinguishedName |
Variables | |
static tstrEllipticCurve | gastrECCSuppList [] |
static tstrX509AlgID | gastrSecAlgorithms [] |
#define ANSI_X9_62 0x2A, 0x86, 0x48, 0xCE, 0x3D |
#define EC_SECP256R1_OID {PRIME_CURVE, 7} |
#define EC_SECP384R1_OID {0x2B, 0x81, 0x04, 0x00, 0x22} /* 1.3.132.0.34 */ |
#define EC_SECP521R1_OID {0x2B, 0x81, 0x04, 0x00, 0x23} /* 1.3.132.0.35 */ |
#define ECC_NUM_SUPP_CURVES ((sizeof(gastrECCSuppList)) / (sizeof(tstrEllipticCurve))) |
Referenced by ECC_GetCurveInfo().
#define ECDSA_WITH_SHA1 {ID_EC_SIG_TYPE, 1} |
#define ECDSA_WITH_SHA224 {ID_EC_SIG_TYPE, 3, 1} |
#define ECDSA_WITH_SHA256 {ID_EC_SIG_TYPE, 3, 2} |
#define ECDSA_WITH_SHA384 {ID_EC_SIG_TYPE, 3, 3} |
#define ECDSA_WITH_SHA512 {ID_EC_SIG_TYPE, 3, 4} |
#define ELLIPTIC_CURVE ANSI_X9_62, 3 |
#define GET_VAL | ( | BUF, | |
OFFSET | |||
) | (((BUF)[OFFSET] * 10) + ((BUF)[OFFSET + 1])) |
Referenced by Cert_DecodeTime().
#define ID_AT 85 , 0x04 , |
#define ID_AT_COMMONNAME {ID_AT 3 } |
Referenced by Cert_DecodeDistinguishedName().
#define ID_AT_COUNTRYNAME {ID_AT 6 } |
#define ID_AT_ORGANIZATIONALUNITNAME {ID_AT 11} |
#define ID_AT_ORGANIZATIONNAME {ID_AT 10} |
#define ID_AT_SERIALNUMBER {ID_AT 5 } |
#define ID_CE 85 , 29 , |
#define ID_CE_AUTHORITY_KEY_ID {ID_CE 35} |
#define ID_CE_SUBJECT_KEY_ID {ID_CE 14} |
#define ID_EC_PUBLIC_KEY {ID_PUBLIC_KEY_TYPE, 1} |
#define ID_EC_SIG_TYPE ANSI_X9_62, 0x04 |
#define ID_PUBLIC_KEY_TYPE ANSI_X9_62, 02 |
#define MD5_WITH_RSA_ENCRYPTION {PKCS_1, 4} /* 1.2.840.113549.1.1.4 */ |
#define PKCS_1 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, 0x01 |
#define PRIME_CURVE ELLIPTIC_CURVE, 1 |
#define RSA_ENCRYPTION {PKCS_1, 1} /* 1.2.840.113549.1.1 */ |
#define SHA1_WITH_RSA_ENCRYPTION {PKCS_1, 5} /* 1.2.840.113549.1.1.5 */ |
#define SHA224_WITH_RSA_ENCRYPTION {PKCS_1, 14} /* 1.2.840.113549.1.1.14 */ |
#define SHA256_WITH_RSA_ENCRYPTION {PKCS_1, 11} /* 1.2.840.113549.1.1.11 */ |
#define SHA384_WITH_RSA_ENCRYPTION {PKCS_1, 12} /* 1.2.840.113549.1.1.12 */ |
#define SHA512_WITH_RSA_ENCRYPTION {PKCS_1, 13} /* 1.2.840.113549.1.1.13 */ |
#define X509_EXTENSIONS_ID 0xA3 |
Encoded value for the issuerUniqueID tag. It is defined as [3] EXPLICIT Context-Specific class (10) | constructed (1) | 00011
#define X509_GENERALIZED_TIME_LENGTH 0x0F |
The UTC time for the X.509 encoding takes the format YYYYMMDDHHMMSSZ. Each digit is BCD encoded as ASCII digit.
Referenced by Cert_DecodeTime().
#define X509_ISSUER ASN1_SEQUENCE |
Identifier for the certificate ISSUER element.
Referenced by Cert_DecodeTBSCertificate().
#define X509_ISSUER_UNIQUE_ID 0x81 |
Encoded value for the issuerUniqueID tag. It is defined as [1] IMPLICIT BIT STRING Context-Specific class (10) | primitive (0) | 00001
#define X509_NUM_SUPPORTED_SEC_ALGORITHMS (sizeof(gastrSecAlgorithms)/sizeof(tstrX509AlgID)) |
Referenced by Cert_DecodeAlgID(), and Cert_DecodeECCPubKey().
#define X509_SERIAL_NO ASN1_INTEGER |
Identifier for the certificate serial num ber element.
Referenced by Cert_DecodeTBSCertificate().
#define X509_SIGNATURE ASN1_SEQUENCE |
Identifier for the Signature algorithm ID element.
Referenced by Cert_DecodeTBSCertificate().
#define X509_SUBJECT ASN1_SEQUENCE |
Identifier for the certificate SUBJECT information element.
Referenced by Cert_DecodeTBSCertificate().
#define X509_SUBJECT_KEY_INFO ASN1_SEQUENCE |
Identifier for the publick key information element.
Referenced by Cert_DecodeTBSCertificate().
#define X509_SUBJECT_UNIQUE_ID 0x82 |
Encoded value for the subjectUniqueID tag. It is defined as [2] IMPLICIT BIT STRING Context-Specific class (10) | primitive (0) | 00010
#define X509_UTC_TIME_LENGTH 0x0D |
The UTC time for the X.509 encoding takes the format YYMMDDHHMMSSZ. Each digit is BCD encoded as ASCII digit.
Referenced by Cert_DecodeTime().
#define X509_VALIDITY ASN1_SEQUENCE |
Identifier for the certificate validity interval element.
Referenced by Cert_DecodeTBSCertificate().
#define X509_VER_1 0 |
Referenced by Cert_DecodeTBSCertificate().
#define X509_VER_2 1 |
#define X509_VER_3 2 |
#define X509_VERSION 0xA0 |
Identifier of the version field in the X.509 certificate encoding. It is given in the ASN.1 syntax as [0] EXPLICIT Context-Specific class (10) | constructed (1) | 00000
Referenced by Cert_DecodeTBSCertificate().
#define X520_COMMON_NAME 1 |
Referenced by Cert_DecodeDistinguishedName(), and Cert_DecodeX520Name().
#define X520_ORG 3 |
Referenced by Cert_DecodeX520Name().
#define X520_ORG_UNIT 2 |
enum tenuCertParsingState |
sint8 Cert_CompareTime | ( | tstrSystemTime * | pstrT1, |
tstrSystemTime * | pstrT2 | ||
) |
References NULL, tstrSystemTime::u16Year, tstrSystemTime::u8Day, tstrSystemTime::u8Hour, tstrSystemTime::u8Minute, tstrSystemTime::u8Month, and tstrSystemTime::u8Second.
Referenced by Cert_DecodeValidity().
sint8 Cert_ComputeTBSCertHash | ( | tstrTlsBuffer * | pstrCrtBuff, |
tstrTLSBufferPos * | pstrTBSCrt, | ||
uint16 | u16TBSSize, | ||
tstrX509Cert * | pstrCert | ||
) |
References BTRUE, eastrTlsHashes, tstrX509Cert::enuHashAlg, tstrMemPool::fpAlloc, tstrHashInfo::fpHash, HASH_ALG_MAX, NULL, tstrX509Cert::pstrMemPool, tstrX509Cert::pu8Hash, tstrMemPool::pvPoolHandle, SHA_FLAGS_FINISH, SHA_FLAGS_INIT, SHA_FLAGS_UPDATE, TLS_BufferGetPos(), TLS_BufferReadCurrEntry(), TLS_BufferSetPos(), tstrX509Cert::u16HashSz, tstrHashInfo::u16HashSz, X509_FAIL, and X509_SUCCESS.
Referenced by X509Cert_Decode().
TLS_CLIENT_API tstrX509AlgID * Cert_DecodeAlgID | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint32 | u32Size, | ||
tstrAsn1Element * | pstrParam | ||
) |
TLS_CLIENT_API sint8 Cert_DecodeDistinguishedName | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint32 | u32Size, | ||
tstrX520DistinguishedName * | pstrDN | ||
) |
References ASN1_FAIL, ASN1_GetNextElement(), ASN1_OBJECT_IDENTIFIER, ASN1_Read(), ID_AT_COMMONNAME, M2M_MEMCMP, NULL, tstrX520DistinguishedName::pu8Name, tstrAsn1Element::u32Length, tstrX520DistinguishedName::u8Length, tstrAsn1Element::u8Tag, tstrX520DistinguishedName::u8Type, X509_FAIL, X509_SUCCESS, and X520_COMMON_NAME.
Referenced by Cert_DecodeX520Name().
TLS_CLIENT_API sint8 Cert_DecodeECCPubKey | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
tstrAsn1Element * | pstrKeyParam, | ||
tstrMemPool * | pstrMemPool, | ||
tstrECPublicKey * | pstrEcdsaKey | ||
) |
References ASN1_BIT_STRING, ASN1_GetNextElement(), ASN1_NULL, ASN1_OBJECT_IDENTIFIER, ASN1_Read(), ASN1_SEQUENCE, ECC_GetCurveInfo(), M2M_MEMCMP, NULL, tstrECPublicKey::pstrCurve, tstrECPublicKey::strQ, TLS_ERR, tstrAsn1Element::u32Length, tstrAsn1Element::u8Tag, X509_FAIL, X509_NUM_SUPPORTED_SEC_ALGORITHMS, and X509_SUCCESS.
Referenced by Cert_DecodeSubjectPubKey().
TLS_CLIENT_API sint8 Cert_DecodeRSAPubKey | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
tstrAsn1Element * | pstrKeyParam, | ||
tstrMemPool * | pstrMemPool, | ||
tstrRSAPublicKey * | pstrRsaPublicKey | ||
) |
References ASN1_BIT_STRING, ASN1_GetNextElement(), ASN1_INTEGER, ASN1_NULL, ASN1_Read(), ASN1_SEQUENCE, tstrMemPool::fpAlloc, NULL, tstrRSAPublicKey::pu8E, tstrRSAPublicKey::pu8N, tstrMemPool::pvPoolHandle, tstrRSAPublicKey::u16ESize, tstrRSAPublicKey::u16NSize, tstrAsn1Element::u32Length, tstrAsn1Element::u8Tag, X509_FAIL, and X509_SUCCESS.
Referenced by Cert_DecodeSubjectPubKey().
TLS_CLIENT_API sint8 Cert_DecodeSignature | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint16 | u16SigSize, | ||
tstrX509Cert * | pstrCert | ||
) |
References ASN1_BIT_STRING, ASN1_GetNextElement(), ASN1_Read(), tstrX509Cert::enuSignAlg, tstrMemPool::fpAlloc, NULL, tstrX509Cert::pstrMemPool, tstrX509Cert::pu8Sig, tstrMemPool::pvPoolHandle, TLS_SIG_ALG_ECDSA, TLS_SIG_ALG_RSA, tstrX509Cert::u16SigSz, tstrAsn1Element::u32Length, tstrAsn1Element::u8Tag, X509_DecodeEcdsaSignature(), X509_FAIL, and X509_SUCCESS.
Referenced by X509Cert_Decode().
TLS_CLIENT_API sint8 Cert_DecodeSubjectPubKey | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint32 | u32Size, | ||
tstrMemPool * | pstrMemPool, | ||
tstrPublicKey * | pstrPubKey | ||
) |
References ASN1_GetNextElement(), ASN1_SEQUENCE, Cert_DecodeAlgID(), Cert_DecodeECCPubKey(), Cert_DecodeRSAPubKey(), tstrPublicKey::enuType, NULL, PUBKEY_ALG_ECC, PUBKEY_ALG_RSA, tstrPublicKey::strEccKey, tstrPublicKey::strRSAKey, tstrAsn1Element::u32Length, tstrX509AlgID::u8AlgParam1, tstrAsn1Element::u8Tag, and X509_FAIL.
Referenced by Cert_DecodeTBSCertificate().
TLS_CLIENT_API sint8 Cert_DecodeTBSCertificate | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint16 | u16CertSize, | ||
tstrX509Cert * | pstrCert | ||
) |
References ASN1_GetNextElement(), ASN1_Read(), tstrX509Cert::au8SerialNo, Cert_DecodeAlgID(), Cert_DecodeSubjectPubKey(), Cert_DecodeValidity(), Cert_DecodeX520Name(), CERT_EXTENSIONS_PENDING, CERT_ISSUER_PENDING, CERT_SERIAL_PENDING, CERT_SIGNATURE_PENDING, CERT_SUBECTKEYINFO_PENDING, CERT_SUBJECT_PENDING, CERT_VALIDITY_PENDING, CERT_VERSION_PENDING, tstrX509Cert::enuHashAlg, tstrX509Cert::enuSignAlg, NULL, tstrX509Cert::pstrMemPool, tstrX509Cert::strIssuer, tstrX509Cert::strPubKey, tstrX509Cert::strSubject, tstrAsn1Element::u32Length, tstrX509AlgID::u8AlgParam1, tstrX509AlgID::u8AlgParam2, tstrX509Cert::u8SerialNumberLength, tstrAsn1Element::u8Tag, tstrX509Cert::u8Version, X509_FAIL, X509_ISSUER, X509_SERIAL_NO, X509_SERIAL_NO_MAX_SZ, X509_SIGNATURE, X509_SUBJECT, X509_SUBJECT_KEY_INFO, X509_SUCCESS, X509_VALIDITY, X509_VER_1, and X509_VERSION.
Referenced by X509Cert_Decode().
TLS_CLIENT_API sint8 Cert_DecodeTime | ( | uint8 * | pu8Time, |
tstrSystemTime * | pstrTime | ||
) |
References GET_VAL, M2M_MEMCPY, NULL, tstrSystemTime::u16Year, tstrSystemTime::u8Day, tstrSystemTime::u8Hour, tstrSystemTime::u8Minute, tstrSystemTime::u8Month, tstrSystemTime::u8Second, X509_FAIL, X509_GENERALIZED_TIME_LENGTH, X509_SUCCESS, and X509_UTC_TIME_LENGTH.
Referenced by Cert_DecodeValidity().
TLS_CLIENT_API sint8 Cert_DecodeValidity | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint32 | u32Size, | ||
tstrX509Cert * | pstrCer | ||
) |
References ASN1_GetNextElement(), ASN1_INVALID, ASN1_Read(), Cert_CompareTime(), Cert_DecodeTime(), M2M_SUCCESS, NULL, tstrX509Cert::strExpiryDate, tstrX509Cert::strStartDate, tstrSystemTime::u16Year, tstrAsn1Element::u32Length, tstrX509Cert::u8ValidityStatus, X509_FAIL, X509_GET_SYS_TIME, X509_STATUS_DECODE_ERR, X509_STATUS_EXPIRED, X509_STATUS_VALID, and X509_SUCCESS.
Referenced by Cert_DecodeTBSCertificate().
TLS_CLIENT_API sint8 Cert_DecodeX520Name | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint32 | u32Size, | ||
tstrX520Name * | pstrName, | ||
tstrMemPool * | pstrMemPool | ||
) |
References tstrX520Name::acCmnName, ASN1_GetNextElement(), ASN1_SEQUENCE, ASN1_SET, tstrX520Name::au8NameSHA1, Cert_DecodeDistinguishedName(), tstrMemPool::fpAlloc, M2M_MEMCPY, NULL, tstrX520DistinguishedName::pu8Name, tstrMemPool::pvPoolHandle, SHA1_FINISH, SHA1_INIT, SHA1_UPDATE, tstrAsn1Element::u32Length, tstrX520DistinguishedName::u8Length, tstrAsn1Element::u8Tag, tstrX520DistinguishedName::u8Type, X509_FAIL, X509_NAME_MAX_SZ, X509_SUCCESS, X520_COMMON_NAME, and X520_ORG.
Referenced by Cert_DecodeTBSCertificate().
tstrEllipticCurve * ECC_GetCurveInfo | ( | uint16 | u16CurveID | ) |
References ECC_NUM_SUPP_CURVES, and NULL.
Referenced by Cert_DecodeECCPubKey().
TLS_CLIENT_API sint8 X509_DecodeEcdsaSignature | ( | tstrAsn1Context * | pstrX509Asn1Cxt, |
uint8 * | pu8Sig, | ||
uint16 * | pu16SigSz | ||
) |
References ASN1_GetNextElement(), ASN1_INTEGER, ASN1_Read(), ASN1_SEQUENCE, NULL, tstrAsn1Element::u32Length, tstrAsn1Element::u8Tag, X509_FAIL, and X509_SUCCESS.
Referenced by Cert_DecodeSignature().
TLS_CLIENT_API sint8 X509Cert_Decode | ( | tstrTlsBuffer * | pstrX509Buffer, |
uint32 | u32CertSize, | ||
tstrMemPool * | pstrPool, | ||
tstrX509Cert * | pstrCert, | ||
uint8 | bDumpX509 | ||
) |
References ASN1_GetNextElement(), ASN1_SEQUENCE, Cert_ComputeTBSCertHash(), Cert_DecodeAlgID(), Cert_DecodeSignature(), Cert_DecodeTBSCertificate(), tstrX509Cert::enuHashAlg, tstrX509Cert::enuSignAlg, tstrMemPool::fpAlloc, NULL, tstrX509Cert::pstrMemPool, tstrAsn1Context::pstrTlsBuffer, TLS_BufferGetPos(), tstrAsn1Element::u32Length, tstrX509AlgID::u8AlgParam1, tstrX509AlgID::u8AlgParam2, tstrAsn1Element::u8Tag, X509_FAIL, X509_SUCCESS, and X509Cert_Dump().
Referenced by CryptoX509CertDecode().
TLS_CLIENT_API void X509Cert_Dump | ( | tstrX509Cert * | pstrCert | ) |
References tstrX520Name::acCmnName, tstrX509Cert::au8SerialNo, tstrX509Cert::enuHashAlg, tstrX509Cert::enuSignAlg, tstrPublicKey::enuType, HASH_ALG_SHA1, HASH_ALG_SHA224, HASH_ALG_SHA256, HASH_ALG_SHA512, i, M2M_DUMP_BUF, NULL, tstrRSAPublicKey::pu8E, tstrRSAPublicKey::pu8N, tstrX509Cert::pu8Sig, PUBKEY_ALG_ECC, PUBKEY_ALG_RSA, tstrPublicKey::strEccKey, tstrX509Cert::strExpiryDate, tstrX509Cert::strIssuer, tstrX509Cert::strPubKey, tstrECPublicKey::strQ, tstrPublicKey::strRSAKey, tstrX509Cert::strStartDate, tstrX509Cert::strSubject, TLS_INFO, TLS_LOG, TLS_SIG_ALG_ECDSA, TLS_SIG_ALG_RSA, tstrRSAPublicKey::u16ESize, tstrRSAPublicKey::u16NSize, tstrX509Cert::u16SigSz, tstrSystemTime::u16Year, tstrSystemTime::u8Day, tstrSystemTime::u8Hour, tstrSystemTime::u8Minute, tstrSystemTime::u8Month, tstrSystemTime::u8Second, tstrX509Cert::u8SerialNumberLength, and tstrX509Cert::u8Version.
Referenced by X509Cert_Decode().
|
static |
|
static |