PROV: Add the beginning of a DER writing library

This library is meant to be small and quick. It's based on WPACKET, which was extended to support DER writing. The way it's used is a bit unusual, as it's used to write the structures backward into a given buffer. A typical quick call looks like this: /* * Fill in this structure: * * something ::= SEQUENCE { * id OBJECT IDENTIFIER, * x [0] INTEGER OPTIONAL, * y [1] BOOLEAN OPTIONAL, * n INTEGER * } */ unsigned char buf[nnnn], *p = NULL; size_t encoded_len = 0; WPACKET pkt; int ok; ok = WPACKET_init_der(&pkt, buf, sizeof(buf) && DER_w_start_sequence(&pkt, -1) && DER_w_bn(&pkt, -1, bn) && DER_w_boolean(&pkt, 1, bool) && DER_w_precompiled(&pkt, -1, OID, sizeof(OID)) && DER_w_end_sequence(&pkt, -1) && WPACKET_finish(&pkt) && WPACKET_get_total_written(&pkt, &encoded_len) && (p = WPACKET_get_curr(&pkt)) != NULL; Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11450)
author: Richard Levitte <levitte@openssl.org> 2020-03-31 16:54:43 +0200
committer: Richard Levitte <levitte@openssl.org> 2020-04-07 11:16:56 +0200
commit: 1d39620b3489d957978ef038be4533300d7c4179 (patch)
tree: 85cc10b7ac0a12e9dae84ff52fd22d566baf7d26 /include/internal
parent: 77de6bb38d3bc247eac548715969b01cc2b752bb (diff)
download: openssl-new-1d39620b3489d957978ef038be4533300d7c4179.tar.gz
1 files changed, 84 insertions, 0 deletions
diff --git a/include/internal/der.h b/include/internal/der.h
new file mode 100644
index 0000000000..118aa9857c
--- /dev/null
+++ b/include/internal/der.h
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/bn.h>
+#include "internal/packet.h"
+
+/*
+ * NOTE: X.690 numbers the identifier octet bits 1 to 8.
+ * We use the same numbering in comments here.
+ */
+
+/* Well known primitive tags */
+
+/*
+ * DER UNIVERSAL tags, occupying bits 1-5 in the DER identifier byte
+ * These are only valid for the UNIVERSAL class.  With the other classes,
+ * these bits have a different meaning.
+ */
+#define DER_P_EOC                       0 /* BER End Of Contents tag */
+#define DER_P_BOOLEAN                   1
+#define DER_P_INTEGER                   2
+#define DER_P_BIT_STRING                3
+#define DER_P_OCTET_STRING              4
+#define DER_P_NULL                      5
+#define DER_P_OBJECT                    6
+#define DER_P_OBJECT_DESCRIPTOR         7
+#define DER_P_EXTERNAL                  8
+#define DER_P_REAL                      9
+#define DER_P_ENUMERATED               10
+#define DER_P_UTF8STRING               12
+#define DER_P_SEQUENCE                 16
+#define DER_P_SET                      17
+#define DER_P_NUMERICSTRING            18
+#define DER_P_PRINTABLESTRING          19
+#define DER_P_T61STRING                20
+#define DER_P_VIDEOTEXSTRING           21
+#define DER_P_IA5STRING                22
+#define DER_P_UTCTIME                  23
+#define DER_P_GENERALIZEDTIME          24
+#define DER_P_GRAPHICSTRING            25
+#define DER_P_ISO64STRING              26
+#define DER_P_GENERALSTRING            27
+#define DER_P_UNIVERSALSTRING          28
+#define DER_P_BMPSTRING                30
+
+/* DER Flags, occupying bit 6 in the DER identifier byte */
+#define DER_F_PRIMITIVE              0x00
+#define DER_F_CONSTRUCTED            0x20
+
+/* DER classes tags, occupying bits 7-8 in the DER identifier byte */
+#define DER_C_UNIVERSAL              0x00
+#define DER_C_APPLICATION            0x40
+#define DER_C_CONTEXT                0x80
+#define DER_C_PRIVATE                0xC0
+
+/*
+ * Run-time constructors.
+ *
+ * They all construct DER backwards, so care should be taken to use them
+ * that way.
+ */
+
+/* This can be used for all items that don't have a context */
+#define DER_NO_CONTEXT  -1
+
+int DER_w_precompiled(WPACKET *pkt, int tag,
+                      const unsigned char *precompiled, size_t precompiled_n);
+
+int DER_w_boolean(WPACKET *pkt, int tag, int b);
+int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v);
+int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v);
+int DER_w_null(WPACKET *pkt, int tag);
+
+/*
+ * All constructors for constructed elements have a begin and a end function
+ */
+int DER_w_begin_sequence(WPACKET *pkt, int tag);
+int DER_w_end_sequence(WPACKET *pkt, int tag);
author	Richard Levitte <levitte@openssl.org>	2020-03-31 16:54:43 +0200
committer	Richard Levitte <levitte@openssl.org>	2020-04-07 11:16:56 +0200
commit	1d39620b3489d957978ef038be4533300d7c4179 (patch)
tree	85cc10b7ac0a12e9dae84ff52fd22d566baf7d26 /include/internal
parent	77de6bb38d3bc247eac548715969b01cc2b752bb (diff)
download	openssl-new-1d39620b3489d957978ef038be4533300d7c4179.tar.gz