Context Navigation

asn.h

Last change on this file was 464, checked in by coas-nagasima, 3 years ago
WolfSSLとAzure IoT SDKを更新
Property svn:eol-style set to `native` Property svn:mime-type set to `text/x-chdr;charset=UTF-8`
File size: 52.4 KB

Line
1	/* asn.h
2	*
3	* Copyright (C) 2006-2020 wolfSSL Inc.
4	*
5	* This file is part of wolfSSL.
6	*
7	* wolfSSL is free software; you can redistribute it and/or modify
8	* it under the terms of the GNU General Public License as published by
9	* the Free Software Foundation; either version 2 of the License, or
10	* (at your option) any later version.
11	*
12	* wolfSSL is distributed in the hope that it will be useful,
13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	* GNU General Public License for more details.
16	*
17	* You should have received a copy of the GNU General Public License
18	* along with this program; if not, write to the Free Software
19	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
20	*/
21
22	/*!
23	\file wolfssl/wolfcrypt/asn.h
24	*/
25
26	/*
27
28	DESCRIPTION
29	This library provides the interface to Abstract Syntax Notation One (ASN.1) objects.
30	ASN.1 is a standard interface description language for defining data structures
31	that can be serialized and deserialized in a cross-platform way.
32
33	*/
34	#ifndef WOLF_CRYPT_ASN_H
35	#define WOLF_CRYPT_ASN_H
36
37	#include <wolfssl/wolfcrypt/types.h>
38
39	#ifndef NO_ASN
40
41
42	#if !defined(NO_ASN_TIME) && defined(NO_TIME_H)
43	#define NO_ASN_TIME /* backwards compatibility with NO_TIME_H */
44	#endif
45
46	#include <wolfssl/wolfcrypt/integer.h>
47
48	/* fips declare of RsaPrivateKeyDecode @wc_fips */
49	#if defined(HAVE_FIPS) && !defined(NO_RSA) && \
50	(!defined(HAVE_FIPS_VERSION) \|\| (HAVE_FIPS_VERSION < 2))
51	#include <cyassl/ctaocrypt/rsa.h>
52	#endif
53
54	#ifndef NO_DH
55	#include <wolfssl/wolfcrypt/dh.h>
56	#endif
57	#ifndef NO_DSA
58	#include <wolfssl/wolfcrypt/dsa.h>
59	#endif
60	#ifndef NO_SHA
61	#include <wolfssl/wolfcrypt/sha.h>
62	#endif
63	#ifndef NO_MD5
64	#include <wolfssl/wolfcrypt/md5.h>
65	#endif
66	#include <wolfssl/wolfcrypt/sha256.h>
67	#include <wolfssl/wolfcrypt/asn_public.h> /* public interface */
68
69	#if defined(NO_SHA) && defined(NO_SHA256)
70	#define WC_SHA256_DIGEST_SIZE 32
71	#endif
72
73	#ifdef __cplusplus
74	extern "C" {
75	#endif
76
77	#ifndef EXTERNAL_SERIAL_SIZE
78	#define EXTERNAL_SERIAL_SIZE 32
79	#endif
80
81	enum {
82	ISSUER = 0,
83	SUBJECT = 1,
84
85	BEFORE = 0,
86	AFTER = 1
87	};
88
89	/* ASN Tags */
90	enum ASN_Tags {
91	ASN_EOC = 0x00,
92	ASN_BOOLEAN = 0x01,
93	ASN_INTEGER = 0x02,
94	ASN_BIT_STRING = 0x03,
95	ASN_OCTET_STRING = 0x04,
96	ASN_TAG_NULL = 0x05,
97	ASN_OBJECT_ID = 0x06,
98	ASN_ENUMERATED = 0x0a,
99	ASN_UTF8STRING = 0x0c,
100	ASN_SEQUENCE = 0x10,
101	ASN_SET = 0x11,
102	ASN_PRINTABLE_STRING = 0x13,
103	ASN_IA5_STRING = 0x16,
104	ASN_UTC_TIME = 0x17,
105	ASN_OTHER_TYPE = 0x00,
106	ASN_RFC822_TYPE = 0x01,
107	ASN_DNS_TYPE = 0x02,
108	ASN_DIR_TYPE = 0x04,
109	ASN_URI_TYPE = 0x06, /* the value 6 is from GeneralName OID */
110	ASN_IP_TYPE = 0x07, /* the value 7 is from GeneralName OID */
111	ASN_GENERALIZED_TIME = 0x18,
112	CRL_EXTENSIONS = 0xa0,
113	ASN_EXTENSIONS = 0xa3,
114	ASN_LONG_LENGTH = 0x80,
115	ASN_INDEF_LENGTH = 0x80,
116
117	/* ASN_Flags - Bitmask */
118	ASN_CONSTRUCTED = 0x20,
119	ASN_APPLICATION = 0x40,
120	ASN_CONTEXT_SPECIFIC = 0x80,
121	};
122
123	#define ASN_UTC_TIME_SIZE 14
124	#define ASN_GENERALIZED_TIME_SIZE 16
125	#define ASN_GENERALIZED_TIME_MAX 68
126
127	enum DN_Tags {
128	ASN_DN_NULL = 0x00,
129	ASN_COMMON_NAME = 0x03, /* CN */
130	ASN_SUR_NAME = 0x04, /* SN */
131	ASN_SERIAL_NUMBER = 0x05, /* serialNumber */
132	ASN_COUNTRY_NAME = 0x06, /* C */
133	ASN_LOCALITY_NAME = 0x07, /* L */
134	ASN_STATE_NAME = 0x08, /* ST */
135	ASN_ORG_NAME = 0x0a, /* O */
136	ASN_ORGUNIT_NAME = 0x0b, /* OU */
137	ASN_BUS_CAT = 0x0f, /* businessCategory */
138	ASN_EMAIL_NAME = 0x98, /* not oid number there is 97 in 2.5.4.0-97 */
139
140	/* pilot attribute types
141	* OID values of 0.9.2342.19200300.100.1.* */
142	ASN_USER_ID = 0x01, /* UID */
143	ASN_DOMAIN_COMPONENT = 0x19 /* DC */
144	};
145
146	/* This is the size of the smallest possible PEM header and footer */
147	extern const int pem_struct_min_sz;
148
149	#if defined(OPENSSL_EXTRA) \|\| defined(OPENSSL_EXTRA_X509_SMALL)
150	typedef struct WOLFSSL_ObjectInfo {
151	int nid;
152	int id;
153	word32 type;
154	const char* sName;
155	const char* lName;
156	} WOLFSSL_ObjectInfo;
157	extern const size_t wolfssl_object_info_sz;
158	extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
159	#endif /* defined(OPENSSL_EXTRA) \|\| defined(OPENSSL_EXTRA_X509_SMALL) */
160
161	/* DN Tag Strings */
162	#define WOLFSSL_COMMON_NAME "/CN="
163	#define WOLFSSL_LN_COMMON_NAME "/commonName="
164	#define WOLFSSL_SUR_NAME "/SN="
165	#define WOLFSSL_SERIAL_NUMBER "/serialNumber="
166	#define WOLFSSL_COUNTRY_NAME "/C="
167	#define WOLFSSL_LN_COUNTRY_NAME "/countryName="
168	#define WOLFSSL_LOCALITY_NAME "/L="
169	#define WOLFSSL_LN_LOCALITY_NAME "/localityName="
170	#define WOLFSSL_STATE_NAME "/ST="
171	#define WOLFSSL_LN_STATE_NAME "/stateOrProvinceName="
172	#define WOLFSSL_ORG_NAME "/O="
173	#define WOLFSSL_LN_ORG_NAME "/organizationName="
174	#define WOLFSSL_ORGUNIT_NAME "/OU="
175	#define WOLFSSL_LN_ORGUNIT_NAME "/organizationalUnitName="
176	#define WOLFSSL_DOMAIN_COMPONENT "/DC="
177	#define WOLFSSL_LN_DOMAIN_COMPONENT "/domainComponent="
178	#define WOLFSSL_BUS_CAT "/businessCategory="
179	#define WOLFSSL_JOI_C "/jurisdictionC="
180	#define WOLFSSL_JOI_ST "/jurisdictionST="
181	#define WOLFSSL_EMAIL_ADDR "/emailAddress="
182
183	#define WOLFSSL_USER_ID "/UID="
184	#define WOLFSSL_DOMAIN_COMPONENT "/DC="
185
186	#if defined(WOLFSSL_APACHE_HTTPD)
187	/* otherName strings */
188	#define WOLFSSL_SN_MS_UPN "msUPN"
189	#define WOLFSSL_LN_MS_UPN "Microsoft User Principal Name"
190	#define WOLFSSL_MS_UPN_SUM 265
191	#define WOLFSSL_SN_DNS_SRV "id-on-dnsSRV"
192	#define WOLFSSL_LN_DNS_SRV "SRVName"
193	/* TLS features extension strings */
194	#define WOLFSSL_SN_TLS_FEATURE "tlsfeature"
195	#define WOLFSSL_LN_TLS_FEATURE "TLS Feature"
196	#define WOLFSSL_TLS_FEATURE_SUM 92
197	#endif
198
199	/* NIDs */
200	enum
201	{
202	NID_undef = 0,
203	NID_netscape_cert_type = NID_undef,
204	NID_des = 66,
205	NID_des3 = 67,
206	NID_sha256 = 672,
207	NID_sha384 = 673,
208	NID_sha512 = 674,
209	NID_pkcs9_challengePassword = 54,
210	NID_hw_name_oid = 73,
211	NID_id_pkix_OCSP_basic = 74,
212	NID_any_policy = 75,
213	NID_anyExtendedKeyUsage = 76,
214	NID_givenName = 99,
215	NID_initials = 101,
216	NID_title = 106,
217	NID_description = 107,
218	NID_basic_constraints = 133,
219	NID_key_usage = 129, /* 2.5.29.15 */
220	NID_ext_key_usage = 151, /* 2.5.29.37 */
221	NID_subject_key_identifier = 128,
222	NID_authority_key_identifier = 149,
223	NID_private_key_usage_period = 130, /* 2.5.29.16 */
224	NID_subject_alt_name = 131,
225	NID_issuer_alt_name = 132,
226	NID_info_access = 69,
227	NID_sinfo_access = 79, /* id-pe 11 */
228	NID_name_constraints = 144, /* 2.5.29.30 */
229	NID_crl_distribution_points = 145, /* 2.5.29.31 */
230	NID_certificate_policies = 146,
231	NID_policy_mappings = 147,
232	NID_policy_constraints = 150,
233	NID_inhibit_any_policy = 168, /* 2.5.29.54 */
234	NID_tlsfeature = 1020, /* id-pe 24 */
235	NID_commonName = 0x03, /* matches ASN_COMMON_NAME in asn.h */
236	NID_buildingName = 1494,
237
238
239	NID_surname = 0x04, /* SN */
240	NID_serialNumber = 0x05, /* serialNumber */
241	NID_countryName = 0x06, /* C */
242	NID_localityName = 0x07, /* L */
243	NID_stateOrProvinceName = 0x08, /* ST */
244	NID_organizationName = 0x0a, /* O */
245	NID_organizationalUnitName = 0x0b, /* OU */
246	NID_jurisdictionCountryName = 0xc,
247	NID_jurisdictionStateOrProvinceName = 0xd,
248	NID_businessCategory = ASN_BUS_CAT,
249	NID_domainComponent = ASN_DOMAIN_COMPONENT,
250	NID_userId = 458,
251	NID_emailAddress = 0x30, /* emailAddress */
252	NID_id_on_dnsSRV = 82, /* 1.3.6.1.5.5.7.8.7 */
253	NID_ms_upn = 265, /* 1.3.6.1.4.1.311.20.2.3 */
254
255	NID_X9_62_prime_field = 406 /* 1.2.840.10045.1.1 */
256	};
257
258	enum ECC_TYPES
259	{
260	ECC_PREFIX_0 = 160,
261	ECC_PREFIX_1 = 161
262	};
263
264	#ifdef WOLFSSL_CERT_PIV
265	enum PIV_Tags {
266	ASN_PIV_CERT = 0x0A,
267	ASN_PIV_NONCE = 0x0B,
268	ASN_PIV_SIGNED_NONCE = 0x0C,
269
270	ASN_PIV_TAG_CERT = 0x70,
271	ASN_PIV_TAG_CERT_INFO = 0x71,
272	ASN_PIV_TAG_MSCUID = 0x72,
273	ASN_PIV_TAG_ERR_DET = 0xFE,
274
275	/* certificate info masks */
276	ASN_PIV_CERT_INFO_COMPRESSED = 0x03,
277	ASN_PIV_CERT_INFO_ISX509 = 0x04,
278	};
279	#endif /* WOLFSSL_CERT_PIV */
280
281
282	#define ASN_JOI_PREFIX_SZ 10
283	#define ASN_JOI_PREFIX "\x2b\x06\x01\x04\x01\x82\x37\x3c\x02\x01"
284	#define ASN_JOI_C 0x3
285	#define ASN_JOI_ST 0x2
286
287	#ifndef WC_ASN_NAME_MAX
288	#ifdef OPENSSL_EXTRA
289	#define WC_ASN_NAME_MAX 300
290	#else
291	#define WC_ASN_NAME_MAX 256
292	#endif
293	#endif
294	#define ASN_NAME_MAX WC_ASN_NAME_MAX
295
296	enum Misc_ASN {
297	MAX_SALT_SIZE = 64, /* MAX PKCS Salt length */
298	MAX_IV_SIZE = 64, /* MAX PKCS Iv length */
299	ASN_BOOL_SIZE = 2, /* including type */
300	ASN_ECC_HEADER_SZ = 2, /* String type + 1 byte len */
301	ASN_ECC_CONTEXT_SZ = 2, /* Content specific type + 1 byte len */
302	#ifdef NO_SHA
303	KEYID_SIZE = WC_SHA256_DIGEST_SIZE,
304	#else
305	KEYID_SIZE = WC_SHA_DIGEST_SIZE,
306	#endif
307	RSA_INTS = 8, /* RSA ints in private key */
308	DSA_INTS = 5, /* DSA ints in private key */
309	MIN_DATE_SIZE = 12,
310	MAX_DATE_SIZE = 32,
311	ASN_GEN_TIME_SZ = 15, /* 7 numbers * 2 + Zulu tag */
312	#ifndef NO_RSA
313	MAX_ENCODED_SIG_SZ = 512,
314	#elif defined(HAVE_ECC)
315	MAX_ENCODED_SIG_SZ = 140,
316	#elif defined(HAVE_CURVE448)
317	MAX_ENCODED_SIG_SZ = 114,
318	#else
319	MAX_ENCODED_SIG_SZ = 64,
320	#endif
321	MAX_SIG_SZ = 256,
322	MAX_ALGO_SZ = 20,
323	MAX_SHORT_SZ = 6, /* asn int + byte len + 4 byte length */
324	MAX_SEQ_SZ = 5, /* enum(seq \| con) + length(4) */
325	MAX_SET_SZ = 5, /* enum(set \| con) + length(4) */
326	MAX_OCTET_STR_SZ = 5, /* enum(set \| con) + length(4) */
327	MAX_EXP_SZ = 5, /* enum(contextspec\|con\|exp) + length(4) */
328	MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */
329	MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/
330	MAX_ENCODED_DIG_ASN_SZ= 9, /* enum(bit or octet) + length(4) */
331	MAX_ENCODED_DIG_SZ = 64 + MAX_ENCODED_DIG_ASN_SZ, /* asn header + sha512 */
332	MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */
333	MAX_DSA_INT_SZ = 261, /* DSA raw sz 2048 for bits + tag + len(4) */
334	MAX_NTRU_KEY_SZ = 610, /* NTRU 112 bit public key */
335	MAX_NTRU_ENC_SZ = 628, /* NTRU 112 bit DER public encoding */
336	MAX_LENGTH_SZ = 4, /* Max length size for DER encoding */
337	MAX_RSA_E_SZ = 16, /* Max RSA public e size */
338	MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */
339	MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */
340	MAX_DER_DIGEST_SZ = MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ,
341	/* Maximum DER digest size */
342	MAX_DER_DIGEST_ASN_SZ = MAX_ENCODED_DIG_ASN_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ,
343	/* Maximum DER digest ASN header size */
344	/* Max X509 header length indicates the max length + 2 ('\n', '\0') */
345	MAX_X509_HEADER_SZ = (37 + 2), /* Maximum PEM Header/Footer Size */
346	#ifdef WOLFSSL_CERT_GEN
347	#ifdef WOLFSSL_CERT_REQ
348	/* Max encoded cert req attributes length */
349	MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 +
350	MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */
351	#endif
352	#if defined(WOLFSSL_ALT_NAMES) \|\| defined(WOLFSSL_CERT_EXT)
353	MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE,
354	#else
355	MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + MAX_CA_SZ,
356	#endif
357	/* Max total extensions, id + len + others */
358	#endif
359	#if defined(WOLFSSL_CERT_EXT) \|\| defined(OPENSSL_EXTRA) \|\| \
360	defined(HAVE_PKCS7) \|\| defined(OPENSSL_EXTRA_X509_SMALL)
361	MAX_OID_SZ = 32, /* Max DER length of OID*/
362	MAX_OID_STRING_SZ = 64, /* Max string length representation of OID*/
363	#endif
364	#ifdef WOLFSSL_CERT_EXT
365	MAX_KID_SZ = 45, /* Max encoded KID length (SHA-256 case) */
366	MAX_KEYUSAGE_SZ = 18, /* Max encoded Key Usage length */
367	MAX_EXTKEYUSAGE_SZ = 12 + (6 * (8 + 2)) +
368	CTC_MAX_EKU_OID_SZ, /* Max encoded ExtKeyUsage
369	(SEQ/LEN + OBJID + OCTSTR/LEN + SEQ +
370	(6 * (SEQ + OID))) */
371	MAX_CERTPOL_NB = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */
372	MAX_CERTPOL_SZ = CTC_MAX_CERTPOL_SZ,
373	#endif
374	MAX_AIA_SZ = 2, /* Max Authority Info Access extension size*/
375	OCSP_NONCE_EXT_SZ = 35, /* OCSP Nonce Extension size */
376	MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */
377	MAX_OCSP_NONCE_SZ = 16, /* OCSP Nonce size */
378	EIGHTK_BUF = 8192, /* Tmp buffer size */
379	MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2,
380	/* use bigger NTRU size */
381	#ifdef WOLFSSL_ENCRYPTED_KEYS
382	HEADER_ENCRYPTED_KEY_SIZE = 88,/* Extra header size for encrypted key */
383	#else
384	HEADER_ENCRYPTED_KEY_SIZE = 0,
385	#endif
386	TRAILING_ZERO = 1, /* Used for size of zero pad */
387	ASN_TAG_SZ = 1, /* single byte ASN.1 tag */
388	MIN_VERSION_SZ = 3, /* Min bytes needed for GetMyVersion */
389	MAX_X509_VERSION = 3, /* Max X509 version allowed */
390	MIN_X509_VERSION = 0, /* Min X509 version allowed */
391	WOLFSSL_X509_V1 = 0,
392	WOLFSSL_X509_V2 = 1,
393	WOLFSSL_X509_V3 = 2,
394	#if defined(OPENSSL_ALL) \|\| defined(WOLFSSL_MYSQL_COMPATIBLE) \|\| \
395	defined(WOLFSSL_NGINX) \|\| defined(WOLFSSL_HAPROXY) \|\| \
396	defined(OPENSSL_EXTRA) \|\| defined(HAVE_PKCS7)
397	MAX_TIME_STRING_SZ = 25, /* Max length of formatted time string */
398	#endif
399
400	PKCS5_SALT_SZ = 8,
401
402	PEM_LINE_SZ = 64, /* Length of Base64 encoded line, not including new line */
403	PEM_LINE_LEN = PEM_LINE_SZ + 12, /* PEM line max + fudge */
404	};
405
406	#ifndef WC_MAX_NAME_ENTRIES
407	/* entries added to x509 name struct */
408	#define WC_MAX_NAME_ENTRIES 13
409	#endif
410	#define MAX_NAME_ENTRIES WC_MAX_NAME_ENTRIES
411
412
413	enum Oid_Types {
414	oidHashType = 0,
415	oidSigType = 1,
416	oidKeyType = 2,
417	oidCurveType = 3,
418	oidBlkType = 4,
419	oidOcspType = 5,
420	oidCertExtType = 6,
421	oidCertAuthInfoType = 7,
422	oidCertPolicyType = 8,
423	oidCertAltNameType = 9,
424	oidCertKeyUseType = 10,
425	oidKdfType = 11,
426	oidKeyWrapType = 12,
427	oidCmsKeyAgreeType = 13,
428	oidPBEType = 14,
429	oidHmacType = 15,
430	oidCompressType = 16,
431	oidCertNameType = 17,
432	oidTlsExtType = 18,
433	oidCrlExtType = 19,
434	oidCsrAttrType = 20,
435	oidIgnoreType
436	};
437
438
439	enum Hash_Sum {
440	MD2h = 646,
441	MD5h = 649,
442	SHAh = 88,
443	SHA224h = 417,
444	SHA256h = 414,
445	SHA384h = 415,
446	SHA512h = 416,
447	SHA3_224h = 420,
448	SHA3_256h = 421,
449	SHA3_384h = 422,
450	SHA3_512h = 423
451	};
452
453
454	#if !defined(NO_DES3) \|\| !defined(NO_AES)
455	enum Block_Sum {
456	#ifdef WOLFSSL_AES_128
457	AES128CBCb = 414,
458	AES128GCMb = 418,
459	AES128CCMb = 419,
460	#endif
461	#ifdef WOLFSSL_AES_192
462	AES192CBCb = 434,
463	AES192GCMb = 438,
464	AES192CCMb = 439,
465	#endif
466	#ifdef WOLFSSL_AES_256
467	AES256CBCb = 454,
468	AES256GCMb = 458,
469	AES256CCMb = 459,
470	#endif
471	#ifndef NO_DES3
472	DESb = 69,
473	DES3b = 652
474	#endif
475	};
476	#endif /* !NO_DES3 \|\| !NO_AES */
477
478
479	enum Key_Sum {
480	DSAk = 515,
481	RSAk = 645,
482	NTRUk = 274,
483	ECDSAk = 518,
484	ED25519k = 256,
485	ED448k = 257,
486	DHk = 647, /* dhKeyAgreement OID: 1.2.840.113549.1.3.1 */
487	};
488
489	#if !defined(NO_AES) \|\| defined(HAVE_PKCS7)
490	enum KeyWrap_Sum {
491	#ifdef WOLFSSL_AES_128
492	AES128_WRAP = 417,
493	#endif
494	#ifdef WOLFSSL_AES_192
495	AES192_WRAP = 437,
496	#endif
497	#ifdef WOLFSSL_AES_256
498	AES256_WRAP = 457,
499	#endif
500	#ifdef HAVE_PKCS7
501	PWRI_KEK_WRAP = 680 /id-alg-PWRI-KEK, 1.2.840.113549.1.9.16.3.9 /
502	#endif
503	};
504	#endif /* !NO_AES \|\| PKCS7 */
505
506	enum Key_Agree {
507	dhSinglePass_stdDH_sha1kdf_scheme = 464,
508	dhSinglePass_stdDH_sha224kdf_scheme = 188,
509	dhSinglePass_stdDH_sha256kdf_scheme = 189,
510	dhSinglePass_stdDH_sha384kdf_scheme = 190,
511	dhSinglePass_stdDH_sha512kdf_scheme = 191,
512	};
513
514
515
516	enum KDF_Sum {
517	PBKDF2_OID = 660
518	};
519
520
521	enum HMAC_Sum {
522	HMAC_SHA224_OID = 652,
523	HMAC_SHA256_OID = 653,
524	HMAC_SHA384_OID = 654,
525	HMAC_SHA512_OID = 655,
526	HMAC_SHA3_224_OID = 426,
527	HMAC_SHA3_256_OID = 427,
528	HMAC_SHA3_384_OID = 428,
529	HMAC_SHA3_512_OID = 429
530	};
531
532
533	enum Extensions_Sum {
534	BASIC_CA_OID = 133,
535	ALT_NAMES_OID = 131,
536	CRL_DIST_OID = 145,
537	AUTH_INFO_OID = 69, /* id-pe 1 */
538	AUTH_KEY_OID = 149,
539	SUBJ_KEY_OID = 128,
540	CERT_POLICY_OID = 146,
541	KEY_USAGE_OID = 129, /* 2.5.29.15 */
542	INHIBIT_ANY_OID = 168, /* 2.5.29.54 */
543	EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */
544	NAME_CONS_OID = 144, /* 2.5.29.30 */
545	PRIV_KEY_USAGE_PERIOD_OID = 130, /* 2.5.29.16 */
546	SUBJECT_INFO_ACCESS = 79, /* id-pe 11 */
547	POLICY_MAP_OID = 147,
548	POLICY_CONST_OID = 150,
549	ISSUE_ALT_NAMES_OID = 132,
550	TLS_FEATURE_OID = 92, /* id-pe 24 */
551	NETSCAPE_CT_OID = 753, /* 2.16.840.1.113730.1.1 */
552	OCSP_NOCHECK_OID = 121 /* 1.3.6.1.5.5.7.48.1.5
553	id-pkix-ocsp-nocheck */
554	};
555
556	enum CertificatePolicy_Sum {
557	CP_ANY_OID = 146 /* id-ce 32 0 */
558	};
559
560	enum SepHardwareName_Sum {
561	HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/
562	};
563
564	enum AuthInfo_Sum {
565	AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1 */
566	AIA_CA_ISSUER_OID = 117 /* 1.3.6.1.5.5.7.48.2 */
567	};
568
569	enum ExtKeyUsage_Sum { /* From RFC 5280 */
570	EKU_ANY_OID = 151, /* 2.5.29.37.0, anyExtendedKeyUsage */
571	EKU_SERVER_AUTH_OID = 71, /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth */
572	EKU_CLIENT_AUTH_OID = 72, /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth */
573	EKU_CODESIGNING_OID = 73, /* 1.3.6.1.5.5.7.3.3, id-kp-codeSigning */
574	EKU_EMAILPROTECT_OID = 74, /* 1.3.6.1.5.5.7.3.4, id-kp-emailProtection */
575	EKU_TIMESTAMP_OID = 78, /* 1.3.6.1.5.5.7.3.8, id-kp-timeStamping */
576	EKU_OCSP_SIGN_OID = 79 /* 1.3.6.1.5.5.7.3.9, id-kp-OCSPSigning */
577	};
578
579	#ifdef HAVE_LIBZ
580	enum CompressAlg_Sum {
581	ZLIBc = 679 /* 1.2.840.113549.1.9.16.3.8, id-alg-zlibCompress */
582	};
583	#endif
584
585	enum VerifyType {
586	NO_VERIFY = 0,
587	VERIFY = 1,
588	VERIFY_CRL = 2,
589	VERIFY_OCSP = 3,
590	VERIFY_NAME = 4,
591	VERIFY_SKIP_DATE = 5,
592	};
593
594	#ifdef WOLFSSL_CERT_EXT
595	enum KeyIdType {
596	SKID_TYPE = 0,
597	AKID_TYPE = 1
598	};
599	#endif
600
601	#ifdef WOLFSSL_CERT_REQ
602	enum CsrAttrType {
603	CHALLENGE_PASSWORD_OID = 659,
604	SERIAL_NUMBER_OID = 94,
605	EXTENSION_REQUEST_OID = 666,
606	};
607	#endif
608
609	/* Key usage extension bits (based on RFC 5280) */
610	#define KEYUSE_DIGITAL_SIG 0x0080
611	#define KEYUSE_CONTENT_COMMIT 0x0040
612	#define KEYUSE_KEY_ENCIPHER 0x0020
613	#define KEYUSE_DATA_ENCIPHER 0x0010
614	#define KEYUSE_KEY_AGREE 0x0008
615	#define KEYUSE_KEY_CERT_SIGN 0x0004
616	#define KEYUSE_CRL_SIGN 0x0002
617	#define KEYUSE_ENCIPHER_ONLY 0x0001
618	#define KEYUSE_DECIPHER_ONLY 0x8000
619
620	/* Extended Key Usage bits (internal mapping only) */
621	#define EXTKEYUSE_USER 0x80
622	#define EXTKEYUSE_OCSP_SIGN 0x40
623	#define EXTKEYUSE_TIMESTAMP 0x20
624	#define EXTKEYUSE_EMAILPROT 0x10
625	#define EXTKEYUSE_CODESIGN 0x08
626	#define EXTKEYUSE_CLIENT_AUTH 0x04
627	#define EXTKEYUSE_SERVER_AUTH 0x02
628	#define EXTKEYUSE_ANY 0x01
629
630	typedef struct DNS_entry DNS_entry;
631
632	struct DNS_entry {
633	DNS_entry* next; /* next on DNS list */
634	int type; /* i.e. ASN_DNS_TYPE */
635	int len; /* actual DNS len */
636	char* name; /* actual DNS name */
637	};
638
639
640	typedef struct Base_entry Base_entry;
641
642	struct Base_entry {
643	Base_entry* next; /* next on name base list */
644	char* name; /* actual name base */
645	int nameSz; /* name length */
646	byte type; /* Name base type (DNS or RFC822) */
647	};
648
649
650	enum SignatureState {
651	SIG_STATE_BEGIN,
652	SIG_STATE_HASH,
653	SIG_STATE_KEY,
654	SIG_STATE_DO,
655	SIG_STATE_CHECK,
656	};
657
658
659	#ifdef HAVE_PK_CALLBACKS
660	#ifdef HAVE_ECC
661	typedef int (*wc_CallbackEccVerify)(
662	const unsigned char* sig, unsigned int sigSz,
663	const unsigned char* hash, unsigned int hashSz,
664	const unsigned char* keyDer, unsigned int keySz,
665	int* result, void* ctx);
666	#endif
667	#ifndef NO_RSA
668	typedef int (*wc_CallbackRsaVerify)(
669	unsigned char* sig, unsigned int sigSz,
670	unsigned char** out,
671	const unsigned char* keyDer, unsigned int keySz,
672	void* ctx);
673	#endif
674	#endif /* HAVE_PK_CALLBACKS */
675
676	struct SignatureCtx {
677	void* heap;
678	byte* digest;
679	#ifndef NO_RSA
680	byte* out;
681	#endif
682	#if !(defined(NO_RSA) && defined(NO_DSA))
683	byte* sigCpy;
684	#endif
685	#if defined(HAVE_ECC) \|\| defined(HAVE_ED25519) \|\| defined(HAVE_ED448) \|\| \
686	!defined(NO_DSA)
687	int verify;
688	#endif
689	union {
690	#ifndef NO_RSA
691	struct RsaKey* rsa;
692	#endif
693	#ifndef NO_DSA
694	struct DsaKey* dsa;
695	#endif
696	#ifdef HAVE_ECC
697	struct ecc_key* ecc;
698	#endif
699	#ifdef HAVE_ED25519
700	struct ed25519_key* ed25519;
701	#endif
702	#ifdef HAVE_ED448
703	struct ed448_key* ed448;
704	#endif
705	void* ptr;
706	} key;
707	int devId;
708	int state;
709	int typeH;
710	int digestSz;
711	word32 keyOID;
712	#ifdef WOLFSSL_ASYNC_CRYPT
713	WC_ASYNC_DEV* asyncDev;
714	void* asyncCtx;
715	#endif
716
717	#ifdef HAVE_PK_CALLBACKS
718	#ifdef HAVE_ECC
719	wc_CallbackEccVerify pkCbEcc;
720	void* pkCtxEcc;
721	#endif
722	#ifndef NO_RSA
723	wc_CallbackRsaVerify pkCbRsa;
724	void* pkCtxRsa;
725	#endif
726	#endif /* HAVE_PK_CALLBACKS */
727	#ifndef NO_RSA
728	#ifdef WOLFSSL_RENESAS_TSIP_TLS
729	byte verifyByTSIP;
730	word32 certBegin;
731	word32 pubkey_n_start;
732	word32 pubkey_n_len;
733	word32 pubkey_e_start;
734	word32 pubkey_e_len;
735	#endif
736	#endif
737	};
738
739	enum CertSignState {
740	CERTSIGN_STATE_BEGIN,
741	CERTSIGN_STATE_DIGEST,
742	CERTSIGN_STATE_ENCODE,
743	CERTSIGN_STATE_DO,
744	};
745
746	struct CertSignCtx {
747	byte* sig;
748	byte* digest;
749	#ifndef NO_RSA
750	byte* encSig;
751	int encSigSz;
752	#endif
753	int state; /* enum CertSignState */
754	};
755
756	#ifndef WOLFSSL_MAX_PATH_LEN
757	/* RFC 5280 Section 6.1.2. "Initialization" - item (k) defines
758	* (k) max_path_length: this integer is initialized to "n", is
759	* decremented for each non-self-issued certificate in the path,
760	* and may be reduced to the value in the path length constraint
761	* field within the basic constraints extension of a CA
762	* certificate.
763	*
764	* wolfSSL has arbitrarily selected the value 127 for "n" in the above
765	* description. Users can modify the maximum path length by setting
766	* WOLFSSL_MAX_PATH_LEN to a preferred value at build time
767	*/
768	#define WOLFSSL_MAX_PATH_LEN 127
769	#endif
770
771	typedef struct DecodedCert DecodedCert;
772	typedef struct Signer Signer;
773	#ifdef WOLFSSL_TRUST_PEER_CERT
774	typedef struct TrustedPeerCert TrustedPeerCert;
775	#endif /* WOLFSSL_TRUST_PEER_CERT */
776	typedef struct SignatureCtx SignatureCtx;
777	typedef struct CertSignCtx CertSignCtx;
778
779
780	struct DecodedCert {
781	const byte* publicKey;
782	word32 pubKeySize;
783	int pubKeyStored;
784	word32 certBegin; /* offset to start of cert */
785	word32 sigIndex; /* offset to start of signature */
786	word32 sigLength; /* length of signature */
787	word32 signatureOID; /* sum of algorithm object id */
788	word32 keyOID; /* sum of key algo object id */
789	int version; /* cert version, 1 or 3 */
790	DNS_entry* altNames; /* alt names list of dns entries */
791	#ifndef IGNORE_NAME_CONSTRAINTS
792	DNS_entry* altEmailNames; /* alt names list of RFC822 entries */
793	DNS_entry* altDirNames; /* alt names list of DIR entries */
794	Base_entry* permittedNames; /* Permitted name bases */
795	Base_entry* excludedNames; /* Excluded name bases */
796	#endif /* IGNORE_NAME_CONSTRAINTS */
797	byte subjectHash[KEYID_SIZE]; /* hash of all Names */
798	byte issuerHash[KEYID_SIZE]; /* hash of all Names */
799	#ifdef HAVE_OCSP
800	byte subjectKeyHash[KEYID_SIZE]; /* hash of the public Key */
801	byte issuerKeyHash[KEYID_SIZE]; /* hash of the public Key */
802	#endif /* HAVE_OCSP */
803	const byte* signature; /* not owned, points into raw cert */
804	char* subjectCN; /* CommonName */
805	int subjectCNLen; /* CommonName Length */
806	char subjectCNEnc; /* CommonName Encoding */
807	char issuer[ASN_NAME_MAX]; /* full name including common name */
808	char subject[ASN_NAME_MAX]; /* full name including common name */
809	int verify; /* Default to yes, but could be off */
810	const byte* source; /* byte buffer holder cert, NOT owner */
811	word32 srcIdx; /* current offset into buffer */
812	word32 maxIdx; /* max offset based on init size */
813	void* heap; /* for user memory overrides */
814	byte serial[EXTERNAL_SERIAL_SIZE]; /* raw serial number */
815	int serialSz; /* raw serial bytes stored */
816	const byte* extensions; /* not owned, points into raw cert */
817	int extensionsSz; /* length of cert extensions */
818	word32 extensionsIdx; /* if want to go back and parse later */
819	const byte* extAuthInfo; /* Authority Information Access URI */
820	int extAuthInfoSz; /* length of the URI */
821	#if defined(OPENSSL_ALL) \|\| defined(WOLFSSL_QT)
822	const byte* extAuthInfoCaIssuer; /* Authority Info Access caIssuer URI */
823	int extAuthInfoCaIssuerSz; /* length of the caIssuer URI */
824	#endif
825	const byte* extCrlInfo; /* CRL Distribution Points */
826	int extCrlInfoSz; /* length of the URI */
827	byte extSubjKeyId[KEYID_SIZE]; /* Subject Key ID */
828	byte extAuthKeyId[KEYID_SIZE]; /* Authority Key ID */
829	byte pathLength; /* CA basic constraint path length */
830	byte maxPathLen; /* max_path_len see RFC 5280 section
831	* 6.1.2 "Initialization" - (k) for
832	* description of max_path_len */
833	word16 extKeyUsage; /* Key usage bitfield */
834	byte extExtKeyUsage; /* Extended Key usage bitfield */
835
836	#if defined(OPENSSL_EXTRA) \|\| defined(OPENSSL_EXTRA_X509_SMALL)
837	const byte* extExtKeyUsageSrc;
838	word32 extExtKeyUsageSz;
839	word32 extExtKeyUsageCount;
840	const byte* extAuthKeyIdSrc;
841	word32 extAuthKeyIdSz;
842	const byte* extSubjKeyIdSrc;
843	word32 extSubjKeyIdSz;
844	#endif
845
846	#if defined(HAVE_ECC) \|\| defined(HAVE_ED25519) \|\| defined(HAVE_ED448)
847	word32 pkCurveOID; /* Public Key's curve OID */
848	#endif /* HAVE_ECC */
849	const byte* beforeDate;
850	int beforeDateLen;
851	const byte* afterDate;
852	int afterDateLen;
853	#if defined(HAVE_PKCS7) \|\| defined(WOLFSSL_CERT_EXT)
854	const byte* issuerRaw; /* pointer to issuer inside source */
855	int issuerRawLen;
856	#endif
857	#if !defined(IGNORE_NAME_CONSTRAINTS) \|\| defined(WOLFSSL_CERT_EXT)
858	const byte* subjectRaw; /* pointer to subject inside source */
859	int subjectRawLen;
860	#endif
861	#if defined(WOLFSSL_CERT_GEN) \|\| defined(WOLFSSL_CERT_EXT)
862	/* easy access to subject info for other sign */
863	char* subjectSN;
864	int subjectSNLen;
865	char subjectSNEnc;
866	char* subjectC;
867	int subjectCLen;
868	char subjectCEnc;
869	char* subjectL;
870	int subjectLLen;
871	char subjectLEnc;
872	char* subjectST;
873	int subjectSTLen;
874	char subjectSTEnc;
875	char* subjectO;
876	int subjectOLen;
877	char subjectOEnc;
878	char* subjectOU;
879	int subjectOULen;
880	char subjectOUEnc;
881	char* subjectSND;
882	int subjectSNDLen;
883	char subjectSNDEnc;
884	#ifdef WOLFSSL_CERT_EXT
885	char* subjectBC;
886	int subjectBCLen;
887	char subjectBCEnc;
888	char* subjectJC;
889	int subjectJCLen;
890	char subjectJCEnc;
891	char* subjectJS;
892	int subjectJSLen;
893	char subjectJSEnc;
894	#endif
895	char* subjectEmail;
896	int subjectEmailLen;
897	#endif /* WOLFSSL_CERT_GEN */
898	#if defined(OPENSSL_EXTRA) \|\| defined(OPENSSL_EXTRA_X509_SMALL)
899	/* WOLFSSL_X509_NAME structures (used void* to avoid including ssl.h) */
900	void* issuerName;
901	void* subjectName;
902	#endif /* OPENSSL_EXTRA */
903	#ifdef WOLFSSL_SEP
904	int deviceTypeSz;
905	byte* deviceType;
906	int hwTypeSz;
907	byte* hwType;
908	int hwSerialNumSz;
909	byte* hwSerialNum;
910	#endif /* WOLFSSL_SEP */
911	#ifdef WOLFSSL_CERT_EXT
912	char extCertPolicies[MAX_CERTPOL_NB][MAX_CERTPOL_SZ];
913	int extCertPoliciesNb;
914	#endif /* defined(WOLFSSL_CERT_GEN) \|\| defined(WOLFSSL_CERT_EXT) */
915
916	#ifdef WOLFSSL_CERT_REQ
917	/* CSR attributes */
918	char* cPwd; /* challengePassword */
919	int cPwdLen;
920	char* sNum; /* Serial Number */
921	int sNumLen;
922	#endif /* WOLFSSL_CERT_REQ */
923
924	Signer* ca;
925	#ifndef NO_CERTS
926	SignatureCtx sigCtx;
927	#endif
928	#ifdef WOLFSSL_RENESAS_TSIP
929	byte* tsip_encRsaKeyIdx;
930	#endif
931
932	int badDate;
933	int criticalExt;
934
935	/* Option Bits */
936	byte subjectCNStored : 1; /* have we saved a copy we own */
937	byte extSubjKeyIdSet : 1; /* Set when the SKID was read from cert */
938	byte extAuthKeyIdSet : 1; /* Set when the AKID was read from cert */
939	#ifndef IGNORE_NAME_CONSTRAINTS
940	byte extNameConstraintSet : 1;
941	#endif
942	byte isCA : 1; /* CA basic constraint true */
943	byte pathLengthSet : 1; /* CA basic const path length set */
944	byte weOwnAltNames : 1; /* altNames haven't been given to copy */
945	byte extKeyUsageSet : 1;
946	byte extExtKeyUsageSet : 1; /* Extended Key Usage set */
947	#ifdef HAVE_OCSP
948	byte ocspNoCheckSet : 1; /* id-pkix-ocsp-nocheck set */
949	#endif
950	byte extCRLdistSet : 1;
951	byte extAuthInfoSet : 1;
952	byte extBasicConstSet : 1;
953	byte extSubjAltNameSet : 1;
954	byte inhibitAnyOidSet : 1;
955	byte selfSigned : 1; /* Indicates subject and issuer are same */
956	#if defined(WOLFSSL_SEP) \|\| defined(WOLFSSL_QT)
957	byte extCertPolicySet : 1;
958	#endif
959	#if defined(OPENSSL_EXTRA) \|\| defined(OPENSSL_EXTRA_X509_SMALL)
960	byte extCRLdistCrit : 1;
961	byte extAuthInfoCrit : 1;
962	byte extBasicConstCrit : 1;
963	byte extSubjAltNameCrit : 1;
964	byte extAuthKeyIdCrit : 1;
965	#ifndef IGNORE_NAME_CONSTRAINTS
966	byte extNameConstraintCrit : 1;
967	#endif
968	byte extSubjKeyIdCrit : 1;
969	byte extKeyUsageCrit : 1;
970	byte extExtKeyUsageCrit : 1;
971	#endif /* OPENSSL_EXTRA */
972	#if defined(WOLFSSL_SEP) \|\| defined(WOLFSSL_QT)
973	byte extCertPolicyCrit : 1;
974	#endif
975	#ifdef WOLFSSL_CERT_REQ
976	byte isCSR : 1; /* Do we intend on parsing a CSR? */
977	#endif
978	};
979
980
981	#ifdef NO_SHA
982	#define SIGNER_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
983	#else
984	#define SIGNER_DIGEST_SIZE WC_SHA_DIGEST_SIZE
985	#endif
986
987	/* CA Signers */
988	/* if change layout change PERSIST_CERT_CACHE functions too */
989	struct Signer {
990	word32 pubKeySize;
991	word32 keyOID; /* key type */
992	word16 keyUsage;
993	byte maxPathLen;
994	byte pathLength;
995	byte pathLengthSet : 1;
996	byte selfSigned : 1;
997	const byte* publicKey;
998	int nameLen;
999	char* name; /* common name */
1000	#ifndef IGNORE_NAME_CONSTRAINTS
1001	Base_entry* permittedNames;
1002	Base_entry* excludedNames;
1003	#endif /* IGNORE_NAME_CONSTRAINTS */
1004	byte subjectNameHash[SIGNER_DIGEST_SIZE];
1005	/* sha hash of names in certificate */
1006	#ifndef NO_SKID
1007	byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
1008	/* sha hash of names in certificate */
1009	#endif
1010	#ifdef HAVE_OCSP
1011	byte subjectKeyHash[KEYID_SIZE];
1012	#endif
1013	#ifdef WOLFSSL_SIGNER_DER_CERT
1014	DerBuffer* derCert;
1015	#endif
1016	#ifdef WOLFSSL_RENESAS_TSIP_TLS
1017	word32 cm_idx;
1018	#endif
1019	Signer* next;
1020	};
1021
1022
1023	#ifdef WOLFSSL_TRUST_PEER_CERT
1024	/* used for having trusted peer certs rather then CA */
1025	struct TrustedPeerCert {
1026	int nameLen;
1027	char* name; /* common name */
1028	#ifndef IGNORE_NAME_CONSTRAINTS
1029	Base_entry* permittedNames;
1030	Base_entry* excludedNames;
1031	#endif /* IGNORE_NAME_CONSTRAINTS */
1032	byte subjectNameHash[SIGNER_DIGEST_SIZE];
1033	/* sha hash of names in certificate */
1034	#ifndef NO_SKID
1035	byte subjectKeyIdHash[SIGNER_DIGEST_SIZE];
1036	/* sha hash of names in certificate */
1037	#endif
1038	word32 sigLen;
1039	byte* sig;
1040	struct TrustedPeerCert* next;
1041	};
1042	#endif /* WOLFSSL_TRUST_PEER_CERT */
1043
1044
1045	/* for testing or custom openssl wrappers */
1046	#if defined(WOLFSSL_TEST_CERT) \|\| defined(OPENSSL_EXTRA) \|\| \
1047	defined(OPENSSL_EXTRA_X509_SMALL)
1048	#define WOLFSSL_ASN_API WOLFSSL_API
1049	#else
1050	#define WOLFSSL_ASN_API WOLFSSL_LOCAL
1051	#endif
1052
1053	#ifdef HAVE_SMIME
1054	#define MIME_HEADER_ASCII_MIN 33
1055	#define MIME_HEADER_ASCII_MAX 126
1056
1057	typedef struct MimeParam MimeParam;
1058	typedef struct MimeHdr MimeHdr;
1059
1060	struct MimeParam
1061	{
1062	MimeParam* next;
1063	char* attribute;
1064	char* value;
1065	};
1066
1067	struct MimeHdr
1068	{
1069	MimeHdr* next;
1070	MimeParam* params;
1071	char* name;
1072	char* body;
1073	};
1074
1075	typedef enum MimeTypes
1076	{
1077	MIME_HDR,
1078	MIME_PARAM
1079	} MimeTypes;
1080
1081	typedef enum MimeStatus
1082	{
1083	MIME_NAMEATTR,
1084	MIME_BODYVAL
1085	} MimeStatus;
1086	#endif /* HAVE_SMIME */
1087
1088
1089	WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash);
1090	WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
1091
1092	WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
1093	word32* derSz);
1094
1095	WOLFSSL_ASN_API void FreeAltNames(DNS_entry, void);
1096	#ifndef IGNORE_NAME_CONSTRAINTS
1097	WOLFSSL_ASN_API void FreeNameSubtrees(Base_entry, void);
1098	#endif /* IGNORE_NAME_CONSTRAINTS */
1099	WOLFSSL_ASN_API void InitDecodedCert(DecodedCert, const byte, word32, void*);
1100	WOLFSSL_ASN_API void FreeDecodedCert(DecodedCert*);
1101	WOLFSSL_ASN_API int ParseCert(DecodedCert, int type, int verify, void cm);
1102
1103	WOLFSSL_LOCAL int DecodePolicyOID(char *o, word32 oSz,
1104	const byte *in, word32 inSz);
1105	WOLFSSL_LOCAL int EncodePolicyOID(byte out, word32 outSz,
1106	const char in, void heap);
1107	WOLFSSL_API int CheckCertSignature(const byte,word32,void,void* cm);
1108	WOLFSSL_LOCAL int CheckCertSignaturePubKey(const byte* cert, word32 certSz,
1109	void* heap, const byte* pubKey, word32 pubKeySz, int pubKeyOID);
1110	#ifdef WOLFSSL_CERT_REQ
1111	WOLFSSL_LOCAL int CheckCSRSignaturePubKey(const byte* cert, word32 certSz, void* heap,
1112	const byte* pubKey, word32 pubKeySz, int pubKeyOID);
1113	#endif /* WOLFSSL_CERT_REQ */
1114	WOLFSSL_LOCAL int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
1115	int sigAlgoType);
1116	WOLFSSL_LOCAL int ParseCertRelative(DecodedCert,int type,int verify,void cm);
1117	WOLFSSL_LOCAL int DecodeToKey(DecodedCert*, int verify);
1118	WOLFSSL_LOCAL int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate);
1119
1120	WOLFSSL_LOCAL const byte* OidFromId(word32 id, word32 type, word32* oidSz);
1121	WOLFSSL_LOCAL Signer* MakeSigner(void*);
1122	WOLFSSL_LOCAL void FreeSigner(Signer, void);
1123	WOLFSSL_LOCAL void FreeSignerTable(Signer*, int, void);
1124	#ifdef WOLFSSL_TRUST_PEER_CERT
1125	WOLFSSL_LOCAL void FreeTrustedPeer(TrustedPeerCert, void);
1126	WOLFSSL_LOCAL void FreeTrustedPeerTable(TrustedPeerCert*, int, void);
1127	#endif /* WOLFSSL_TRUST_PEER_CERT */
1128
1129	WOLFSSL_ASN_API int ToTraditional(byte* buffer, word32 length);
1130	WOLFSSL_ASN_API int ToTraditional_ex(byte* buffer, word32 length,
1131	word32* algId);
1132	WOLFSSL_LOCAL int ToTraditionalInline(const byte* input, word32* inOutIdx,
1133	word32 length);
1134	WOLFSSL_LOCAL int ToTraditionalInline_ex(const byte* input, word32* inOutIdx,
1135	word32 length, word32* algId);
1136	WOLFSSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*,int,
1137	word32* algId);
1138	WOLFSSL_ASN_API int UnTraditionalEnc(byte* key, word32 keySz, byte* out,
1139	word32* outSz, const char* password, int passwordSz, int vPKCS,
1140	int vAlgo, byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap);
1141	WOLFSSL_ASN_API int TraditionalEnc(byte* key, word32 keySz, byte* out,
1142	word32* outSz, const char* password, int passwordSz, int vPKCS,
1143	int vAlgo, int encAlgId, byte* salt, word32 saltSz, int itt,
1144	WC_RNG* rng, void* heap);
1145	WOLFSSL_LOCAL int DecryptContent(byte* input, word32 sz,const char* psw,int pswSz);
1146	WOLFSSL_LOCAL int EncryptContent(byte* input, word32 sz, byte* out, word32* outSz,
1147	const char* password,int passwordSz, int vPKCS, int vAlgo,
1148	byte* salt, word32 saltSz, int itt, WC_RNG* rng, void* heap);
1149	WOLFSSL_LOCAL int wc_GetKeyOID(byte* key, word32 keySz, const byte** curveOID,
1150	word32* oidSz, int* algoID, void* heap);
1151
1152	typedef struct tm wolfssl_tm;
1153	#if defined(OPENSSL_ALL) \|\| defined(WOLFSSL_MYSQL_COMPATIBLE) \|\| defined(OPENSSL_EXTRA) \|\| \
1154	defined(WOLFSSL_NGINX) \|\| defined(WOLFSSL_HAPROXY)
1155	WOLFSSL_LOCAL int GetTimeString(byte* date, int format, char* buf, int len);
1156	#endif
1157	#if !defined(NO_ASN_TIME) && defined(HAVE_PKCS7)
1158	WOLFSSL_LOCAL int GetAsnTimeString(void* currTime, byte* buf, word32 len);
1159	#endif
1160	WOLFSSL_LOCAL int ExtractDate(const unsigned char* date, unsigned char format,
1161	wolfssl_tm* certTime, int* idx);
1162	WOLFSSL_LOCAL int DateGreaterThan(const struct tm* a, const struct tm* b);
1163	WOLFSSL_LOCAL int wc_ValidateDate(const byte* date, byte format, int dateType);
1164	WOLFSSL_LOCAL int wc_OBJ_sn2nid(const char *sn);
1165
1166	/* ASN.1 helper functions */
1167	#ifdef WOLFSSL_CERT_GEN
1168	WOLFSSL_ASN_API int SetName(byte* output, word32 outputSz, CertName* name);
1169	WOLFSSL_LOCAL const char* GetOneCertName(CertName* name, int idx);
1170	WOLFSSL_LOCAL byte GetCertNameId(int idx);
1171	#endif
1172	WOLFSSL_LOCAL int GetShortInt(const byte* input, word32* inOutIdx, int* number,
1173	word32 maxIdx);
1174	WOLFSSL_LOCAL int SetShortInt(byte* input, word32* inOutIdx, word32 number,
1175	word32 maxIdx);
1176
1177	WOLFSSL_LOCAL const char* GetSigName(int oid);
1178	WOLFSSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len,
1179	word32 maxIdx);
1180	WOLFSSL_LOCAL int GetLength_ex(const byte* input, word32* inOutIdx, int* len,
1181	word32 maxIdx, int check);
1182	WOLFSSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len,
1183	word32 maxIdx);
1184	WOLFSSL_LOCAL int GetSequence_ex(const byte* input, word32* inOutIdx, int* len,
1185	word32 maxIdx, int check);
1186	WOLFSSL_LOCAL int GetOctetString(const byte* input, word32* inOutIdx, int* len,
1187	word32 maxIdx);
1188	WOLFSSL_LOCAL int CheckBitString(const byte* input, word32* inOutIdx, int* len,
1189	word32 maxIdx, int zeroBits, byte* unusedBits);
1190	WOLFSSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len,
1191	word32 maxIdx);
1192	WOLFSSL_LOCAL int GetSet_ex(const byte* input, word32* inOutIdx, int* len,
1193	word32 maxIdx, int check);
1194	WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
1195	int* version, word32 maxIdx);
1196	WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
1197	word32 maxIdx);
1198	#ifdef HAVE_OID_ENCODING
1199	WOLFSSL_LOCAL int EncodeObjectId(const word16* in, word32 inSz,
1200	byte* out, word32* outSz);
1201	#endif
1202	#ifdef HAVE_OID_DECODING
1203	WOLFSSL_LOCAL int DecodeObjectId(const byte* in, word32 inSz,
1204	word16* out, word32* outSz);
1205	#endif
1206	WOLFSSL_LOCAL int GetASNObjectId(const byte* input, word32* inOutIdx, int* len,
1207	word32 maxIdx);
1208	WOLFSSL_LOCAL int SetObjectId(int len, byte* output);
1209	WOLFSSL_LOCAL int GetObjectId(const byte* input, word32* inOutIdx, word32* oid,
1210	word32 oidType, word32 maxIdx);
1211	WOLFSSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid,
1212	word32 oidType, word32 maxIdx);
1213	WOLFSSL_LOCAL int GetASNTag(const byte* input, word32* idx, byte* tag,
1214	word32 inputSz);
1215	WOLFSSL_LOCAL word32 SetLength(word32 length, byte* output);
1216	WOLFSSL_LOCAL word32 SetSequence(word32 len, byte* output);
1217	WOLFSSL_LOCAL word32 SetOctetString(word32 len, byte* output);
1218	#if (defined(WOLFSSL_QT) \|\| defined(OPENSSL_ALL)) && !defined(NO_DH) \
1219	\|\| defined(WOLFSSL_OPENSSH)
1220	WOLFSSL_LOCAL int wc_DhParamsToDer(DhKey* key, byte* out, word32* outSz);
1221	WOLFSSL_LOCAL int wc_DhPubKeyToDer(DhKey* key, byte* out, word32* outSz);
1222	WOLFSSL_LOCAL int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
1223	#endif
1224	WOLFSSL_LOCAL int SetASNInt(int len, byte firstByte, byte* output);
1225	WOLFSSL_LOCAL word32 SetBitString(word32 len, byte unusedBits, byte* output);
1226	WOLFSSL_LOCAL word32 SetImplicit(byte tag,byte number,word32 len,byte* output);
1227	WOLFSSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output);
1228	WOLFSSL_LOCAL word32 SetSet(word32 len, byte* output);
1229	WOLFSSL_LOCAL word32 SetAlgoID(int algoOID,byte* output,int type,int curveSz);
1230	WOLFSSL_LOCAL int SetMyVersion(word32 version, byte* output, int header);
1231	WOLFSSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
1232	word32 outputSz, int maxSnSz);
1233	WOLFSSL_LOCAL int GetSerialNumber(const byte* input, word32* inOutIdx,
1234	byte* serial, int* serialSz, word32 maxIdx);
1235	WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
1236	int maxIdx);
1237	WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der);
1238	WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
1239	const byte* pubKey, word32 pubKeySz, enum Key_Sum ks);
1240	WOLFSSL_LOCAL int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g);
1241	WOLFSSL_LOCAL int FlattenAltNames( byte, word32, const DNS_entry);
1242
1243	#ifdef HAVE_ECC
1244	/* ASN sig helpers */
1245	WOLFSSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r,
1246	mp_int* s);
1247	WOLFSSL_LOCAL int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen,
1248	const byte* r, word32 rLen, const byte* s, word32 sLen);
1249	WOLFSSL_LOCAL int DecodeECC_DSA_Sig_Bin(const byte* sig, word32 sigLen,
1250	byte* r, word32* rLen, byte* s, word32* sLen);
1251	#endif
1252	#if defined(HAVE_ECC) \|\| !defined(NO_DSA)
1253	WOLFSSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen,
1254	mp_int* r, mp_int* s);
1255	#endif
1256	#if defined HAVE_ECC && (defined(OPENSSL_EXTRA) \|\| defined(OPENSSL_EXTRA_X509_SMALL))
1257	WOLFSSL_API int EccEnumToNID(int n);
1258	#endif
1259
1260	WOLFSSL_LOCAL void InitSignatureCtx(SignatureCtx* sigCtx, void* heap, int devId);
1261	WOLFSSL_LOCAL void FreeSignatureCtx(SignatureCtx* sigCtx);
1262
1263	#ifndef NO_CERTS
1264
1265	WOLFSSL_LOCAL int wc_EncryptedInfoParse(EncryptedInfo* info, char** pBuffer,
1266	size_t bufSz);
1267
1268	WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
1269	DerBuffer** pDer, void* heap, EncryptedInfo* info,
1270	int* eccKey);
1271	WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap);
1272	WOLFSSL_LOCAL void FreeDer(DerBuffer** der);
1273
1274	#endif /* !NO_CERTS */
1275
1276	#ifdef HAVE_SMIME
1277	WOLFSSL_LOCAL int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** hdrs);
1278	WOLFSSL_LOCAL int wc_MIME_header_strip(char* in, char** out, size_t start, size_t end);
1279	WOLFSSL_LOCAL int wc_MIME_create_header(char* name, char* body, MimeHdr** hdr);
1280	WOLFSSL_LOCAL int wc_MIME_create_parameter(char* attribute, char* value, MimeParam** param);
1281	WOLFSSL_LOCAL MimeHdr* wc_MIME_find_header_name(const char* name, MimeHdr* hdr);
1282	WOLFSSL_LOCAL MimeParam* wc_MIME_find_param_attr(const char* attribute, MimeParam* param);
1283	WOLFSSL_LOCAL int wc_MIME_free_hdrs(MimeHdr* head);
1284	#endif /* HAVE_SMIME */
1285
1286	#ifdef WOLFSSL_CERT_GEN
1287
1288	enum cert_enums {
1289	#ifdef WOLFSSL_CERT_EXT
1290	NAME_ENTRIES = 10,
1291	#else
1292	NAME_ENTRIES = 9,
1293	#endif
1294	JOINT_LEN = 2,
1295	EMAIL_JOINT_LEN = 9,
1296	PILOT_JOINT_LEN = 10,
1297	RSA_KEY = 10,
1298	NTRU_KEY = 11,
1299	ECC_KEY = 12,
1300	ED25519_KEY = 13,
1301	ED448_KEY = 14,
1302	DSA_KEY = 15
1303	};
1304
1305	#endif /* WOLFSSL_CERT_GEN */
1306
1307
1308
1309	/* for pointer use */
1310	typedef struct CertStatus CertStatus;
1311
1312	#ifdef HAVE_OCSP
1313
1314	enum Ocsp_Response_Status {
1315	OCSP_SUCCESSFUL = 0, /* Response has valid confirmations */
1316	OCSP_MALFORMED_REQUEST = 1, /* Illegal confirmation request */
1317	OCSP_INTERNAL_ERROR = 2, /* Internal error in issuer */
1318	OCSP_TRY_LATER = 3, /* Try again later */
1319	OCSP_SIG_REQUIRED = 5, /* Must sign the request (4 is skipped) */
1320	OCSP_UNAUTHROIZED = 6 /* Request unauthorized */
1321	};
1322
1323
1324	enum Ocsp_Cert_Status {
1325	CERT_GOOD = 0,
1326	CERT_REVOKED = 1,
1327	CERT_UNKNOWN = 2
1328	};
1329
1330
1331	enum Ocsp_Sums {
1332	OCSP_BASIC_OID = 117,
1333	OCSP_NONCE_OID = 118
1334	};
1335
1336	#ifdef OPENSSL_EXTRA
1337	enum Ocsp_Verify_Error {
1338	OCSP_VERIFY_ERROR_NONE = 0,
1339	OCSP_BAD_ISSUER = 1
1340	};
1341	#endif
1342
1343
1344	typedef struct OcspRequest OcspRequest;
1345	typedef struct OcspResponse OcspResponse;
1346
1347
1348	struct CertStatus {
1349	CertStatus* next;
1350
1351	byte serial[EXTERNAL_SERIAL_SIZE];
1352	int serialSz;
1353	#ifdef OPENSSL_EXTRA
1354	WOLFSSL_ASN1_INTEGER* serialInt;
1355	#endif
1356
1357	int status;
1358
1359	byte thisDate[MAX_DATE_SIZE];
1360	byte nextDate[MAX_DATE_SIZE];
1361	byte thisDateFormat;
1362	byte nextDateFormat;
1363	#if defined(OPENSSL_ALL) \|\| defined(WOLFSSL_NGINX) \|\| defined(WOLFSSL_HAPROXY) \|\| defined(HAVE_LIGHTY)
1364	WOLFSSL_ASN1_TIME thisDateParsed;
1365	WOLFSSL_ASN1_TIME nextDateParsed;
1366	byte* thisDateAsn;
1367	byte* nextDateAsn;
1368	#endif
1369
1370	byte* rawOcspResponse;
1371	word32 rawOcspResponseSz;
1372	};
1373
1374	typedef struct OcspEntry OcspEntry;
1375
1376	#ifdef NO_SHA
1377	#define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
1378	#else
1379	#define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE
1380	#endif
1381
1382	struct OcspEntry
1383	{
1384	OcspEntry next; / next entry */
1385	word32 hashAlgoOID; /* hash algo ID */
1386	byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */
1387	byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */
1388	CertStatus status; / OCSP response list */
1389	int totalStatus; /* number on list */
1390	byte* rawCertId; /* raw bytes of the CertID */
1391	int rawCertIdSize; /* num bytes in raw CertID */
1392	/* option bits - using 32-bit for alignment */
1393	word32 isDynamic:1; /* was dynamically allocated */
1394
1395	};
1396
1397	/* TODO: Long-term, it would be helpful if we made this struct and other OCSP
1398	structs conform to the ASN spec as described in RFC 6960. It will help
1399	with readability and with implementing OpenSSL compatibility API
1400	functions, because OpenSSL's OCSP data structures conform to the
1401	RFC. */
1402	struct OcspResponse {
1403	int responseStatus; /* return code from Responder */
1404
1405	byte* response; /* Pointer to beginning of OCSP Response */
1406	word32 responseSz; /* length of the OCSP Response */
1407
1408	byte producedDate[MAX_DATE_SIZE];
1409	/* Date at which this response was signed */
1410	byte producedDateFormat; /* format of the producedDate */
1411
1412	byte* cert;
1413	word32 certSz;
1414
1415	byte* sig; /* Pointer to sig in source */
1416	word32 sigSz; /* Length in octets for the sig */
1417	word32 sigOID; /* OID for hash used for sig */
1418
1419	OcspEntry* single; /* chain of OCSP single responses */
1420
1421	byte* nonce; /* pointer to nonce inside ASN.1 response */
1422	int nonceSz; /* length of the nonce string */
1423
1424	byte* source; /* pointer to source buffer, not owned */
1425	word32 maxIdx; /* max offset based on init size */
1426
1427	#ifdef OPENSSL_EXTRA
1428	int verifyError;
1429	#endif
1430	void* heap;
1431	};
1432
1433
1434	struct OcspRequest {
1435	byte issuerHash[KEYID_SIZE];
1436	byte issuerKeyHash[KEYID_SIZE];
1437	byte* serial; /* copy of the serial number in source cert */
1438	int serialSz;
1439	#ifdef OPENSSL_EXTRA
1440	WOLFSSL_ASN1_INTEGER* serialInt;
1441	#endif
1442	byte* url; /* copy of the extAuthInfo in source cert */
1443	int urlSz;
1444
1445	byte nonce[MAX_OCSP_NONCE_SZ];
1446	int nonceSz;
1447	void* heap;
1448	void* ssl;
1449	};
1450
1451	WOLFSSL_LOCAL void InitOcspResponse(OcspResponse, OcspEntry, CertStatus, byte, word32, void*);
1452	WOLFSSL_LOCAL void FreeOcspResponse(OcspResponse*);
1453	WOLFSSL_LOCAL int OcspResponseDecode(OcspResponse, void, void* heap, int);
1454
1455	WOLFSSL_LOCAL int InitOcspRequest(OcspRequest, DecodedCert, byte, void*);
1456	WOLFSSL_LOCAL void FreeOcspRequest(OcspRequest*);
1457	WOLFSSL_LOCAL int EncodeOcspRequest(OcspRequest, byte, word32);
1458	WOLFSSL_LOCAL word32 EncodeOcspRequestExtensions(OcspRequest, byte, word32);
1459
1460
1461	WOLFSSL_LOCAL int CompareOcspReqResp(OcspRequest, OcspResponse);
1462
1463
1464	#endif /* HAVE_OCSP */
1465
1466
1467	/* for pointer use */
1468	typedef struct RevokedCert RevokedCert;
1469
1470	#ifdef HAVE_CRL
1471
1472	struct RevokedCert {
1473	byte serialNumber[EXTERNAL_SERIAL_SIZE];
1474	int serialSz;
1475	RevokedCert* next;
1476	};
1477
1478	typedef struct DecodedCRL DecodedCRL;
1479
1480	struct DecodedCRL {
1481	word32 certBegin; /* offset to start of cert */
1482	word32 sigIndex; /* offset to start of signature */
1483	word32 sigLength; /* length of signature */
1484	word32 signatureOID; /* sum of algorithm object id */
1485	byte* signature; /* pointer into raw source, not owned */
1486	byte issuerHash[SIGNER_DIGEST_SIZE]; /* issuer name hash */
1487	byte crlHash[SIGNER_DIGEST_SIZE]; /* raw crl data hash */
1488	byte lastDate[MAX_DATE_SIZE]; /* last date updated */
1489	byte nextDate[MAX_DATE_SIZE]; /* next update date */
1490	byte lastDateFormat; /* format of last date */
1491	byte nextDateFormat; /* format of next date */
1492	RevokedCert* certs; /* revoked cert list */
1493	int totalCerts; /* number on list */
1494	void* heap;
1495	#ifndef NO_SKID
1496	byte extAuthKeyIdSet;
1497	byte extAuthKeyId[SIGNER_DIGEST_SIZE]; /* Authority Key ID */
1498	#endif
1499	};
1500
1501	WOLFSSL_LOCAL void InitDecodedCRL(DecodedCRL, void heap);
1502	WOLFSSL_LOCAL int VerifyCRL_Signature(SignatureCtx* sigCtx,
1503	const byte* toBeSigned, word32 tbsSz,
1504	const byte* signature, word32 sigSz,
1505	word32 signatureOID, Signer *ca,
1506	void* heap);
1507	WOLFSSL_LOCAL int ParseCRL(DecodedCRL, const byte buff, word32 sz, void* cm);
1508	WOLFSSL_LOCAL void FreeDecodedCRL(DecodedCRL*);
1509
1510
1511	#endif /* HAVE_CRL */
1512
1513
1514	#ifdef __cplusplus
1515	} /* extern "C" */
1516	#endif
1517
1518	#endif /* !NO_ASN */
1519
1520
1521	#if !defined(NO_ASN) \|\| !defined(NO_PWDBASED)
1522
1523	#ifndef MAX_KEY_SIZE
1524	#define MAX_KEY_SIZE 64 /* MAX PKCS Key length */
1525	#endif
1526	#ifndef MAX_UNICODE_SZ
1527	#define MAX_UNICODE_SZ 256
1528	#endif
1529
1530	enum PBESTypes {
1531	PBE_MD5_DES = 0,
1532	PBE_SHA1_RC4_128 = 1,
1533	PBE_SHA1_DES = 2,
1534	PBE_SHA1_DES3 = 3,
1535	PBE_AES256_CBC = 4,
1536	PBE_AES128_CBC = 5,
1537	PBE_SHA1_40RC2_CBC = 6,
1538
1539	PBE_SHA1_RC4_128_SUM = 657,
1540	PBE_SHA1_DES3_SUM = 659,
1541	PBES2 = 13 /* algo ID */
1542	};
1543
1544	enum PKCSTypes {
1545	PKCS5v2 = 6, /* PKCS #5 v2.0 */
1546	PKCS12v1 = 12, /* PKCS #12 */
1547	PKCS5 = 5, /* PKCS oid tag */
1548	PKCS8v0 = 0, /* default PKCS#8 version */
1549	};
1550
1551	#endif /* !NO_ASN \|\| !NO_PWDBASED */
1552
1553	#endif /* WOLF_CRYPT_ASN_H */

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: azure_iot_hub_f767zi/trunk/wolfssl-4.7.0/wolfssl/wolfcrypt/asn.h

Download in other formats: