initial PKCS#7 stubs, tie into ./configure
This commit is contained in:
parent
9e55d71ccc
commit
1d67d9217e
15
configure.ac
15
configure.ac
@ -1215,6 +1215,20 @@ then
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC"
|
||||
fi
|
||||
|
||||
# PKCS#7
|
||||
AC_ARG_ENABLE([pkcs7],
|
||||
[ --enable-pkcs7 Enable PKCS7 (default: disabled)],
|
||||
[ ENABLED_PKCS7=$enableval ],
|
||||
[ ENABLED_PKCS7=no ]
|
||||
)
|
||||
|
||||
if test "ENABLED_PKCS7" = "yes"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7"
|
||||
fi
|
||||
|
||||
AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"])
|
||||
|
||||
#valgrind
|
||||
AC_ARG_ENABLE([valgrind],
|
||||
[ --enable-valgrind Enable valgrind for unit tests (default: disabled)],
|
||||
@ -1600,6 +1614,7 @@ echo " * SNI: $ENABLED_SNI"
|
||||
echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT"
|
||||
echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC"
|
||||
echo " * All TLS Extensions: $ENABLED_TLSX"
|
||||
echo " * PKCS#7 $ENABLED_PKCS7"
|
||||
echo " * valgrind unit tests: $ENABLED_VALGRIND"
|
||||
echo " * LIBZ: $ENABLED_LIBZ"
|
||||
echo " * Examples: $ENABLED_EXAMPLES"
|
||||
|
135
ctaocrypt/src/pkcs7.c
Normal file
135
ctaocrypt/src/pkcs7.c
Normal file
@ -0,0 +1,135 @@
|
||||
/* pkcs7.c
|
||||
*
|
||||
* Copyright (C) 2006-2013 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of CyaSSL.
|
||||
*
|
||||
* CyaSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* CyaSSL is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#include <cyassl/ctaocrypt/settings.h>
|
||||
|
||||
#ifdef HAVE_PKCS7
|
||||
|
||||
#include <cyassl/ctaocrypt/pkcs7.h>
|
||||
#include <cyassl/ctaocrypt/error.h>
|
||||
#include <cyassl/ctaocrypt/logging.h>
|
||||
|
||||
CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output)
|
||||
{
|
||||
/* PKCS#7 content types */
|
||||
static const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
|
||||
0x0D, 0x01, 0x07 };
|
||||
static const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
|
||||
0x0D, 0x01, 0x07, 0x01 };
|
||||
static const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
|
||||
0x0D, 0x01, 0x07, 0x02};
|
||||
static const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
|
||||
0x0D, 0x01, 0x07, 0x03 };
|
||||
static const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
|
||||
0x0D, 0x01, 0x07, 0x04 };
|
||||
static const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
|
||||
0x0D, 0x01, 0x07, 0x05 };
|
||||
static const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7,
|
||||
0x0D, 0x01, 0x07, 0x06 };
|
||||
|
||||
int idSz;
|
||||
int typeSz = 0, idx = 0;
|
||||
const byte* typeName = 0;
|
||||
byte ID_Length[MAX_LENGTH_SZ];
|
||||
|
||||
switch (pkcs7TypeOID) {
|
||||
case PKCS7:
|
||||
typeSz = sizeof(pkcs7);
|
||||
typeName = pkcs7;
|
||||
break;
|
||||
|
||||
case DATA:
|
||||
typeSz = sizeof(data);
|
||||
typeName = data;
|
||||
break;
|
||||
|
||||
case SIGNED_DATA:
|
||||
typeSz = sizeof(signedData);
|
||||
typeName = signedData;
|
||||
break;
|
||||
|
||||
case ENVELOPED_DATA:
|
||||
typeSz = sizeof(envelopedData);
|
||||
typeName = envelopedData;
|
||||
break;
|
||||
|
||||
case SIGNED_AND_ENVELOPED_DATA:
|
||||
typeSz = sizeof(signedAndEnveloped);
|
||||
typeName = signedAndEnveloped;
|
||||
break;
|
||||
|
||||
case DIGESTED_DATA:
|
||||
typeSz = sizeof(digestedData);
|
||||
typeName = digestedData;
|
||||
break;
|
||||
|
||||
case ENCRYPTED_DATA:
|
||||
typeSz = sizeof(encryptedData);
|
||||
typeName = encryptedData;
|
||||
break;
|
||||
|
||||
default:
|
||||
CYASSL_MSG("Unknown PKCS#7 Type");
|
||||
return 0;
|
||||
};
|
||||
|
||||
idSz = SetLength(typeSz, ID_Length);
|
||||
output[idx++] = ASN_OBJECT_ID;
|
||||
XMEMCPY(output + idx, ID_Length, idSz);
|
||||
idx += idSz;
|
||||
XMEMCPY(output + idx, typeName, typeSz);
|
||||
idx += typeSz;
|
||||
|
||||
return idx;
|
||||
|
||||
}
|
||||
|
||||
/* Create PKCS#7 envelopedData structure */
|
||||
int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data, word32 dataSz,
|
||||
int cipher, byte* out, word32* outSz, word32 flags)
|
||||
{
|
||||
(void)certs;
|
||||
(void)certSz;
|
||||
(void)data;
|
||||
(void)dataSz;
|
||||
(void)cipher;
|
||||
(void)out;
|
||||
(void)outSz;
|
||||
(void)flags;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#else /* HAVE_PKCS7 */
|
||||
|
||||
|
||||
#ifdef _MSC_VER
|
||||
/* 4206 warning for blank file */
|
||||
#pragma warning(disable: 4206)
|
||||
#endif
|
||||
|
||||
|
||||
#endif /* HAVE_PKCS7 */
|
||||
|
@ -21,6 +21,7 @@ nobase_include_HEADERS+= \
|
||||
cyassl/ctaocrypt/md4.h \
|
||||
cyassl/ctaocrypt/md5.h \
|
||||
cyassl/ctaocrypt/misc.h \
|
||||
cyassl/ctaocrypt/pkcs7.h \
|
||||
cyassl/ctaocrypt/port.h \
|
||||
cyassl/ctaocrypt/pwdbased.h \
|
||||
cyassl/ctaocrypt/rabbit.h \
|
||||
|
70
cyassl/ctaocrypt/pkcs7.h
Normal file
70
cyassl/ctaocrypt/pkcs7.h
Normal file
@ -0,0 +1,70 @@
|
||||
/* pkcs7.h
|
||||
*
|
||||
* Copyright (C) 2006-2013 wolfSSL Inc.
|
||||
*
|
||||
* This file is part of CyaSSL.
|
||||
*
|
||||
* CyaSSL is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* CyaSSL is distributed in the hope that it will be useful,
|
||||
* * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
|
||||
*/
|
||||
|
||||
|
||||
#ifdef HAVE_PKCS7
|
||||
|
||||
#ifndef CTAO_CRYPT_PKCS7_H
|
||||
#define CTAO_CRYPT_PKCS7_H
|
||||
|
||||
#include <cyassl/ctaocrypt/types.h>
|
||||
#include <cyassl/ctaocrypt/asn.h>
|
||||
#include <cyassl/ctaocrypt/asn_public.h>
|
||||
#include <cyassl/ctaocrypt/random.h>
|
||||
#include <cyassl/ctaocrypt/des3.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
enum PKCS7_TYPES {
|
||||
PKCS7 = 650, /* 1.2.840.113549.1.7 */
|
||||
DATA = 651, /* 1.2.840.113549.1.7.1 */
|
||||
SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
|
||||
ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
|
||||
SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
|
||||
DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
|
||||
ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */
|
||||
};
|
||||
|
||||
enum Pkcs7_Misc {
|
||||
MAX_RECIP_SZ = MAX_VERSION_SZ +
|
||||
MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
|
||||
MAX_SEQ_SZ + MAX_ALGO_SZ + 1 +
|
||||
MAX_ENCRYPTED_KEY_SZ
|
||||
MAX_CONTENT_KEY_LEN = DES3_KEYLEN,
|
||||
MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */
|
||||
};
|
||||
|
||||
CYASSL_API int Pkcs7_encrypt(const byte* certs, word32 certSz, byte* data,
|
||||
word32 dataSz, int cipher, byte* out,
|
||||
word32* outSz, word32 flags);
|
||||
|
||||
CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* extern "C" */
|
||||
#endif
|
||||
|
||||
#endif /* CTAO_CRYPT_PKCS7_H */
|
||||
|
||||
#endif /* HAVE_PKCS7 */
|
||||
|
@ -136,3 +136,7 @@ if BUILD_LIBZ
|
||||
src_libcyassl_la_SOURCES += ctaocrypt/src/compress.c
|
||||
endif
|
||||
|
||||
if BUILD_PKCS7
|
||||
src_libcyassl_la_SOURCES += ctaocrypt/src/pkcs7.c
|
||||
endif
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user