diff --git a/include/gmssl/asn1.h b/include/gmssl/asn1.h index 78892bb0..bbd62f82 100644 --- a/include/gmssl/asn1.h +++ b/include/gmssl/asn1.h @@ -110,182 +110,186 @@ int asn1_tag_from_der(int tag, const uint8_t **in, size_t *inlen); int asn1_any_tag_from_der(int *tag, const uint8_t **in, size_t *inlen); int asn1_tag_get(int *tag, const uint8_t **in, size_t *inlen); // 这个函数是看看下一个tag是什么,并不修改in,inlen int asn1_tag_is_cstring(int tag); -int asn1_length_to_der(size_t len, uint8_t **in, size_t *inlen); -int asn1_length_from_der(size_t *len, const uint8_t **in, size_t *inlen); +int asn1_length_to_der(size_t dlen, uint8_t **out, size_t *outlen); +int asn1_length_from_der(size_t *dlen, const uint8_t **in, size_t *inlen); int asn1_length_is_zero(size_t len); +int asn1_length_le(size_t len1, size_t len2); int asn1_data_to_der(const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_data_from_der(const uint8_t **d, size_t dlen, const uint8_t **in, size_t *inlen); int asn1_type_to_der(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_type_from_der(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); int asn1_any_type_from_der(int *tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); -int asn1_any_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen); -int asn1_any_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen); +int asn1_any_to_der(const uint8_t *a, size_t alen, uint8_t **out, size_t *outlen); // 调用方应保证a,alen为TLV +int asn1_any_from_der(const uint8_t **a, size_t *alen, const uint8_t **in, size_t *inlen); // 检查输入为TLV int asn1_boolean_to_der_ex(int tag, int val, uint8_t **out, size_t *outlen); int asn1_boolean_from_der_ex(int tag, int *val, const uint8_t **in, size_t *inlen); -#define asn1_boolean_to_der(val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_BOOLEAN,val,out,outlen) -#define asn1_boolean_from_der(val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_BOOLEAN,val,in,inlen) -#define asn1_implicit_boolean_to_der(idx,val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_IMPLICIT(idx),val,out,outlen) -#define asn1_implicit_boolean_from_der(idx,val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_IMPLICIT(idx),val,in,inlen) +#define asn1_boolean_to_der(val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_BOOLEAN,val,out,outlen) +#define asn1_boolean_from_der(val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_BOOLEAN,val,in,inlen) +#define asn1_implicit_boolean_to_der(i,val,out,outlen) asn1_boolean_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +#define asn1_implicit_boolean_from_der(i,val,in,inlen) asn1_boolean_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen) +// asn1_integer_ 不支持负数编解码 int asn1_integer_to_der_ex(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_integer_from_der_ex(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); -#define asn1_integer_to_der(d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_INTEGER,d,dlen,out,outlen) -#define asn1_integer_from_der(d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_INTEGER,d,dlen,in,inlen) -#define asn1_implicit_integer_to_der(idx,d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_IMPLICIT(idx),d,dlen,out,outlen) -#define asn1_implicit_integer_from_der(idx,d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_IMPLICIT(idx),d,dlen,in,inlen) +#define asn1_integer_to_der(d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_INTEGER,d,dlen,out,outlen) +#define asn1_integer_from_der(d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_INTEGER,d,dlen,in,inlen) +#define asn1_implicit_integer_to_der(i,d,dlen,out,outlen) asn1_integer_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_integer_from_der(i,d,dlen,in,inlen) asn1_integer_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen) -int asn1_int_to_der_ex(int tag, int a, uint8_t **out, size_t *outlen); -int asn1_int_from_der_ex(int tag, int *a, const uint8_t **in, size_t *inlen); -#define asn1_int_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_INTEGER,val,out,outlen) -#define asn1_int_from_der(val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_INTEGER,val,in,inlen) -#define asn1_implicit_int_to_der(idx,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(idx),val,out,outlen) -#define asn1_implicit_int_from_der(idx,val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(idx),val,in,inlen) +// asn1_int_ 只支持小的无符号整数的编解码,不支持负数 +int asn1_int_to_der_ex(int tag, int val, uint8_t **out, size_t *outlen); // 当 val == -1 时,不输出,返回 0 +int asn1_int_from_der_ex(int tag, int *val, const uint8_t **in, size_t *inlen); // 不支持负数,返回0时 *val 设置为 -1 +#define asn1_int_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_INTEGER,val,out,outlen) +#define asn1_int_from_der(val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_INTEGER,val,in,inlen) +#define asn1_implicit_int_to_der(i,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +#define asn1_implicit_int_from_der(i,val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen) +// 比特长度不必须为8的整数倍 int asn1_bit_string_to_der_ex(int tag, const uint8_t *d, size_t nbits, uint8_t **out, size_t *outlen); int asn1_bit_string_from_der_ex(int tag, const uint8_t **d, size_t *nbits, const uint8_t **in, size_t *inlen); -#define asn1_bit_string_to_der(d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_BIT_STRING,d,nbits,out,outlen) -#define asn1_bit_string_from_der(d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_BIT_STRING,d,nbits,in,inlen) -#define asn1_implicit_bit_string_to_der(idx,d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_IMPLICIT(idx),d,nbits,out,outlen) -#define asn1_implicit_bit_string_from_der(idx,d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_IMPLICIT(idx),d,nbits,in,inlen) +#define asn1_bit_string_to_der(d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_BIT_STRING,d,nbits,out,outlen) +#define asn1_bit_string_from_der(d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_BIT_STRING,d,nbits,in,inlen) +#define asn1_implicit_bit_string_to_der(i,d,nbits,out,outlen) asn1_bit_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,nbits,out,outlen) +#define asn1_implicit_bit_string_from_der(i,d,nbits,in,inlen) asn1_bit_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,nbits,in,inlen) +// 比特长度必须为8的整数倍,因此使用字节长度 int asn1_bit_octets_to_der_ex(int tag, const uint8_t *d, size_t dlen, uint8_t **out, size_t *outlen); int asn1_bit_octets_from_der_ex(int tag, const uint8_t **d, size_t *dlen, const uint8_t **in, size_t *inlen); -#define asn1_bit_octets_to_der(d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_BIT_STRING,d,dlen,out,outlen) -#define asn1_bit_octets_from_der(d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_BIT_STRING,d,dlen,out,outlen) -#define asn1_implicit_bit_octets_to_der(idx,d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_IMPLICIT(idx),d,dlen,out,outlen) -#define asn1_implicit_bit_octets_from_der(idx,d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_IMPLICIT(idx),d,dlen,out,outlen) +#define asn1_bit_octets_to_der(d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_BIT_STRING,d,dlen,out,outlen) +#define asn1_bit_octets_from_der(d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_BIT_STRING,d,dlen,in,inlen) +#define asn1_implicit_bit_octets_to_der(i,d,dlen,out,outlen) asn1_bit_octets_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_bit_octets_from_der(i,d,dlen,in,inlen) asn1_bit_octets_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen) +// bits == -1 不编码,只支持较少的比特数量 int asn1_bits_to_der_ex(int tag, int bits, uint8_t **out, size_t *outlen); int asn1_bits_from_der_ex(int tag, int *bits, const uint8_t **in, size_t *inlen); -#define asn1_bits_to_der(val,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_BIT_STRING,val,out,outlen) -#define asn1_bits_from_der(val,out,outlen) asn1_bits_from_der_ex(ASN1_TAG_BIT_STRING,val,out,outlen) -#define asn1_implicit_bits_to_der(idx,val,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_IMPLICIT(idx),val,out,outlen) -#define asn1_implicit_bits_from_der(idx,val,out,outlen) asn1_bits_from_der_ex(ASN1_TAG_IMPLICIT(idx),val,out,outlen) +#define asn1_bits_to_der(bits,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_BIT_STRING,bits,out,outlen) +#define asn1_bits_from_der(bits,in,inlen) asn1_bits_from_der_ex(ASN1_TAG_BIT_STRING,bits,in,inlen) +#define asn1_implicit_bits_to_der(i,bits,out,outlen) asn1_bits_to_der_ex(ASN1_TAG_IMPLICIT(i),bits,out,outlen) +#define asn1_implicit_bits_from_der(i,bits,in,inlen) asn1_bits_from_der_ex(ASN1_TAG_IMPLICIT(i),bits,in,inlen) +// names[i]对应第i个比特 int asn1_bits_print(FILE *fp, int fmt, int ind, const char *label, const char **names, size_t names_cnt, int bits); -#define asn1_octet_string_to_der_ex(tag,a,alen,d,dlen) asn1_type_to_der(tag,a,alen,d,dlen) -#define asn1_octet_string_from_der_ex(tag,a,alen,d,dlen) asn1_type_from_der(tag,a,alen,d,dlen) -#define asn1_octet_string_to_der(val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_OCTET_STRING,val,d,dlen,out,outlen) -#define asn1_octet_string_from_der(val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_OCTET_STRING,val,d,dlen,out,outlen) -#define asn1_implicit_octet_string_to_der(idx,val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_IMPLICIT(idx),val,d,dlen,out,outlen) -#define asn1_implicit_octet_string_from_der(idx,val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_IMPLICIT(idx),val,d,dlen,out,outlen) +#define asn1_octet_string_to_der_ex(tag,d,dlen,out,outlen) asn1_type_to_der(tag,d,dlen,out,outlen) +#define asn1_octet_string_from_der_ex(tag,d,dlen,in,inlen) asn1_type_from_der(tag,d,dlen,in,inlen) +#define asn1_octet_string_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_OCTET_STRING,d,dlen,out,outlen) +#define asn1_octet_string_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_OCTET_STRING,d,dlen,in,inlen) +#define asn1_implicit_octet_string_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_octet_string_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen) int asn1_null_to_der(uint8_t **out, size_t *outlen); int asn1_null_from_der(const uint8_t **in, size_t *inlen); #define ASN1_OID_MAX_NODES 32 -int asn1_object_identifier_to_octets(const uint32_t *nodes, size_t nodes_count, uint8_t *out, size_t *outlen); -int asn1_object_identifier_from_octets(uint32_t *nodes, size_t *nodes_count, const uint8_t *in, size_t inlen); +int asn1_object_identifier_to_octets(const uint32_t *nodes, size_t nodes_cnt, uint8_t *out, size_t *outlen); +int asn1_object_identifier_from_octets(uint32_t *nodes, size_t *nodes_cnt, const uint8_t *in, size_t inlen); -int asn1_object_identifier_equ(const uint32_t *a, size_t a_count, const uint32_t *b, size_t b_count); -int asn1_object_identifier_to_der_ex(int tag, const uint32_t *nodes, size_t nodes_count, uint8_t **out, size_t *outlen); -int asn1_object_identifier_from_der_ex(int tag, uint32_t *nodes, size_t *nodes_count, const uint8_t **in, size_t *inlen); -#define asn1_object_identifier_to_der(val,d,dlen,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,val,d,dlen,out,outlen) -#define asn1_object_identifier_from_der(val,d,dlen,out,outlen) asn1_object_identifier_from_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,val,d,dlen,out,outlen) -#define asn1_implicit_object_identifier_to_der(idx,val,d,dlen,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_IMPLICIT(idx),val,d,dlen,out,outlen) -#define asn1_implicit_object_identifier_from_der(idx,val,d,dlen,out,outlen) asn1_object_identifier_from_der_ex(ASN1_TAG_IMPLICIT(idx),val,d,dlen,out,outlen) +int asn1_object_identifier_equ(const uint32_t *a, size_t a_cnt, const uint32_t *b, size_t b_cnt); +int asn1_object_identifier_to_der_ex(int tag, const uint32_t *nodes, size_t nodes_cnt, uint8_t **out, size_t *outlen); +int asn1_object_identifier_from_der_ex(int tag, uint32_t *nodes, size_t *nodes_cnt, const uint8_t **in, size_t *inlen); +#define asn1_object_identifier_to_der(nodes,nodes_cnt,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,nodes,nodes_cnt,out,outlen) +#define asn1_object_identifier_from_der(nodes,nodes_cnt,in,inlen) asn1_object_identifier_from_der_ex(ASN1_TAG_OBJECT_IDENTIFIER,nodes,nodes_cnt,in,inlen) +#define asn1_implicit_object_identifier_to_der(i,nodes,nodes_cnt,out,outlen) asn1_object_identifier_to_der_ex(ASN1_TAG_IMPLICIT(i),nodes,nodes_cnt,out,outlen) +#define asn1_implicit_object_identifier_from_der(i,nodes,nodes_cnt,in,inlen) asn1_object_identifier_from_der_ex(ASN1_TAG_IMPLICIT(i),nodes,nodes_cnt,in,inlen) int asn1_object_identifier_print(FILE *fp, int fmt, int ind, const char *label, const char *name, - const uint32_t *nodes, size_t nodes_count); + const uint32_t *nodes, size_t nodes_cnt); -#define asn1_enumerated_to_der_ex(tag,val,out,outlen) asn1_int_to_der_ex(tag,val,out,outlen) -#define asn1_enumerated_from_der_ex(tag,val,out,outlen) asn1_int_from_der_ex(tag,val,out,outlen) -#define asn1_enumerated_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_ENUMERATED,val,out,outlen) -#define asn1_enumerated_from_der(val,out,outlen) asn1_int_from_der_ex(ASN1_TAG_ENUMERATED,val,out,outlen) -#define asn1_implicit_enumerated_to_der(idx,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(idx),val,out,outlen) -#define asn1_implicit_enumerated_from_der(idx,val,out,outlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(idx),val,out,outlen) +#define asn1_enumerated_to_der_ex(tag,val,out,outlen) asn1_int_to_der_ex(tag,val,out,outlen) +#define asn1_enumerated_from_der_ex(tag,val,in,inlen) asn1_int_from_der_ex(tag,val,in,inlen) +#define asn1_enumerated_to_der(val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_ENUMERATED,val,out,outlen) +#define asn1_enumerated_from_der(val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_ENUMERATED,val,in,inlen) +#define asn1_implicit_enumerated_to_der(i,val,out,outlen) asn1_int_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +#define asn1_implicit_enumerated_from_der(i,val,in,inlen) asn1_int_from_der_ex(ASN1_TAG_IMPLICIT(i),val,in,inlen) int asn1_utf8_string_check(const char *d, size_t dlen); -int asn1_utf8_string_to_der_ex(int tag, const char *a, uint8_t **out, size_t *outlen); -int asn1_utf8_string_from_der_ex(int tag, const char **a, size_t *alen, const uint8_t **in, size_t *inlen); -#define asn1_utf8_string_to_der(val,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_UTF8String,val,out,outlen) -#define asn1_utf8_string_from_der(val,d,dlen,out,outlen) asn1_utf8_string_from_der_ex(ASN1_TAG_UTF8String,val,d,dlen,out,outlen) -#define asn1_implicit_utf8_string_to_der(i,val,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) -#define asn1_implicit_utf8_string_from_der(i,val,out,outlen) asn1_utf8_string_from_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +int asn1_utf8_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen); +int asn1_utf8_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen); +#define asn1_utf8_string_to_der(d,dlen,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_UTF8String,d,dlen,out,outlen) +#define asn1_utf8_string_from_der(d,dlen,in,inlen) asn1_utf8_string_from_der_ex(ASN1_TAG_UTF8String,d,dlen,in,inlen) +#define asn1_implicit_utf8_string_to_der(i,d,dlen,out,outlen) asn1_utf8_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_utf8_string_from_der(i,d,dlen,in,inlen) asn1_utf8_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen) int asn1_printable_string_check(const char *d, size_t dlen); -int asn1_printable_string_to_der_ex(int tag, const char *a, uint8_t **out, size_t *outlen); -int asn1_printable_string_from_der_ex(int tag, const char **a, size_t *alen, const uint8_t **in, size_t *inlen); -#define asn1_printable_string_to_der(val,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_PrintableString,val,out,outlen) -#define asn1_printable_string_from_der(val,d,dlen,out,outlen) asn1_printable_string_from_der_ex(ASN1_TAG_PrintableString,val,d,dlen,out,outlen) -#define asn1_implicit_printable_string_to_der(i,val,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) -#define asn1_implicit_printable_string_from_der(i,val,out,outlen) asn1_printable_string_from_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +int asn1_printable_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen); +int asn1_printable_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen); +#define asn1_printable_string_to_der(d,dlen,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_PrintableString,d,dlen,out,outlen) +#define asn1_printable_string_from_der(d,dlen,in,inlen) asn1_printable_string_from_der_ex(ASN1_TAG_PrintableString,d,dlen,in,inlen) +#define asn1_implicit_printable_string_to_der(i,d,dlen,out,outlen) asn1_printable_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_printable_string_from_der(i,d,dlen,in,inlen) asn1_printable_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen) int asn1_ia5_string_check(const char *d, size_t dlen); -int asn1_ia5_string_to_der_ex(int tag, const char *a, uint8_t **out, size_t *outlen); -int asn1_ia5_string_from_der_ex(int tag, const char **a, size_t *alen, const uint8_t **in, size_t *inlen); -#define asn1_ia5_string_to_der(val,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IA5String,val,out,outlen) -#define asn1_ia5_string_from_der(val,d,dlen,out,outlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IA5String,val,d,dlen,out,outlen) -#define asn1_implicit_ia5_string_to_der(i,val,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) -#define asn1_implicit_ia5_string_from_der(i,val,out,outlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +int asn1_ia5_string_to_der_ex(int tag, const char *d, size_t dlen, uint8_t **out, size_t *outlen); +int asn1_ia5_string_from_der_ex(int tag, const char **d, size_t *dlen, const uint8_t **in, size_t *inlen); +#define asn1_ia5_string_to_der(d,dlen,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IA5String,d,dlen,out,outlen) +#define asn1_ia5_string_from_der(d,dlen,in,inlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IA5String,d,dlen,in,inlen) +#define asn1_implicit_ia5_string_to_der(i,d,dlen,out,outlen) asn1_ia5_string_to_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_ia5_string_from_der(i,d,dlen,in,inlen) asn1_ia5_string_from_der_ex(ASN1_TAG_IMPLICIT(i),d,dlen,in,inlen) int asn1_string_print(FILE *fp, int fmt, int ind, const char *label, int tag, const uint8_t *d, size_t dlen); +int asn1_utc_time_to_der_ex(int tag, time_t tv, uint8_t **out, size_t *outlen); +int asn1_utc_time_from_der_ex(int tag, time_t *tv, const uint8_t **in, size_t *inlen); +#define asn1_utc_time_to_der(tv,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_UTCTime,tv,out,outlen) +#define asn1_utc_time_from_der(tv,in,inlen) asn1_utc_time_from_der_ex(ASN1_TAG_UTCTime,tv,in,inlen) +#define asn1_implicit_utc_time_to_der(i,tv,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_IMPLICIT(i),tv,out,outlen) +#define asn1_implicit_utc_time_from_der(i,tv,in,inlen) asn1_utc_time_from_der_ex(ASN1_TAG_IMPLICIT(i),tv,in,inlen) -int asn1_utc_time_to_der_ex(int tag, time_t a, uint8_t **out, size_t *outlen); -int asn1_utc_time_from_der_ex(int tag, time_t *t, const uint8_t **in, size_t *inlen); -#define asn1_utc_time_to_der(val,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_UTCTime,val,out,outlen) -#define asn1_utc_time_from_der(val,out,outlen) asn1_utc_time_from_der_ex(ASN1_TAG_UTCTime,val,out,outlen) -#define asn1_implicit_utc_time_to_der(i,val,out,outlen) asn1_utc_time_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) -#define asn1_implicit_utc_time_from_der(i,val,out,outlen) asn1_utc_time_from_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +int asn1_generalized_time_to_der_ex(int tag, time_t tv, uint8_t **out, size_t *outlen); +int asn1_generalized_time_from_der_ex(int tag, time_t *tv, const uint8_t **in, size_t *inlen); +#define asn1_generalized_time_to_der(tv,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_GeneralizedTime,tv,out,outlen) +#define asn1_generalized_time_from_der(tv,in,inlen) asn1_generalized_time_from_der_ex(ASN1_TAG_GeneralizedTime,tv,in,inlen) +#define asn1_implicit_generalized_time_to_der(i,tv,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_IMPLICIT(i),tv,out,outlen) +#define asn1_implicit_generalized_time_from_der(i,tv,in,inlen) asn1_generalized_time_from_der_ex(ASN1_TAG_IMPLICIT(i),tv,in,inlen) -int asn1_generalized_time_to_der_ex(int tag, time_t a, uint8_t **out, size_t *outlen); -int asn1_generalized_time_from_der_ex(int tag, time_t *t, const uint8_t **in, size_t *inlen); -#define asn1_generalized_time_to_der(val,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_GeneralizedTime,val,out,outlen) -#define asn1_generalized_time_from_der(val,out,outlen) asn1_generalized_time_from_der_ex(ASN1_TAG_GeneralizedTime,val,out,outlen) -#define asn1_implicit_generalized_time_to_der(i,val,out,outlen) asn1_generalized_time_to_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) -#define asn1_implicit_generalized_time_from_der(i,val,out,outlen) asn1_generalized_time_from_der_ex(ASN1_TAG_IMPLICIT(i),val,out,outlen) +#define asn1_sequence_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SEQUENCE,d,dlen,out,outlen) +#define asn1_sequence_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_SEQUENCE,d,dlen,in,inlen) +#define asn1_implicit_sequence_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_sequence_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen) +#define asn1_set_to_der(d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SET,d,dlen,out,outlen) +#define asn1_set_from_der(d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_SET,d,dlen,in,inlen) +#define asn1_implicit_set_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_set_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen) -#define asn1_sequence_to_der(val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SEQUENCE,val,d,dlen,out,outlen) -#define asn1_sequence_from_der(val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_SEQUENCE,val,d,dlen,out,outlen) -#define asn1_implicit_sequence_to_der(i,val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) -#define asn1_implicit_sequence_from_der(i,val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) +#define asn1_implicit_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) +#define asn1_implicit_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen) +int asn1_header_to_der(int tag, size_t dlen, uint8_t **out, size_t *outlen); +#define asn1_sequence_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_SEQUENCE,dlen,out,outlen) +#define asn1_implicit_sequence_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen) -#define asn1_set_to_der(val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_SET,val,d,dlen,out,outlen) -#define asn1_set_from_der(val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_SET,val,d,dlen,out,outlen) -#define asn1_implicit_set_to_der(i,val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) -#define asn1_implicit_set_from_der(i,val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) +#define asn1_set_header_to_der(dlen,out,outlen) asn1_header_to_der(ASN1_TAG_SET,dlen,out,outlen) +#define asn1_implicit_set_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen) -#define asn1_implicit_to_der(i,val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) -#define asn1_implicit_from_der(i,val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) +#define asn1_explicit_header_to_der(i,dlen,out,outlen) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),dlen,out,outlen) +#define asn1_explicit_to_der(i,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),d,dlen,out,outlen) +#define asn1_explicit_from_der(i,d,dlen,in,inlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),d,dlen,in,inlen) -int asn1_header_to_der(int tag, size_t len, uint8_t **out, size_t *outlen); -#define asn1_sequence_header_to_der(al,d,dl) asn1_header_to_der(ASN1_TAG_SEQUENCE,al,d,dl) -#define asn1_implicit_sequence_header_to_der(i,al,d,dl) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),al,d,dl) +// d,dlen 是 SEQUENCE OF, SET OF 中的值 +int asn1_types_get_count(const uint8_t *d, size_t dlen, int tag, size_t *cnt); +int asn1_types_get_item_by_index(const uint8_t *d, size_t *dlen, int tag, + int index, const uint8_t **item_d, size_t *item_dlen); -#define asn1_set_header_to_der(al,d,dl) asn1_header_to_der(ASN1_TAG_SET,al,d,dl) -#define asn1_implicit_set_header_to_der(i,al,d,dl) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),al,d,dl) - -#define asn1_explicit_header_to_der(i,al,d,dl) asn1_header_to_der(ASN1_TAG_EXPLICIT(i),al,d,dl) - -#define asn1_explicit_to_der(i,val,d,dlen,out,outlen) asn1_type_to_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) -#define asn1_explicit_from_der(i,val,d,dlen,out,outlen) asn1_type_from_der(ASN1_TAG_EXPLICIT(i),val,d,dlen,out,outlen) - - -int asn1_types_get_count(const uint8_t *d, size_t dlen, int tag, int *count); -int asn1_types_get_type_by_index(const uint8_t *d, size_t *dlen, int tag, const uint8_t **val, size_t *vlen); - -int asn1_sequence_of_integer_to_der(const int *nums, size_t nums_cnt, uint8_t **out, size_t *outlen); -int asn1_sequence_of_integer_from_der(int *nums, size_t *nums_cnt, const uint8_t **in, size_t *inlen); -int asn1_sequence_of_integer_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); +int asn1_sequence_of_int_to_der(const int *nums, size_t nums_cnt, uint8_t **out, size_t *outlen); +int asn1_sequence_of_int_from_der(int *nums, size_t *nums_cnt, const uint8_t **in, size_t *inlen); +int asn1_sequence_of_int_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); typedef struct { int oid; char *name; uint32_t *nodes; - size_t nodes_count; + size_t nodes_cnt; int flags; char *description; } ASN1_OID_INFO; const ASN1_OID_INFO *asn1_oid_info_from_name(const ASN1_OID_INFO *infos, size_t count, const char *name); const ASN1_OID_INFO *asn1_oid_info_from_oid(const ASN1_OID_INFO *infos, size_t count, int oid); -int asn1_oid_info_from_der_ex(const ASN1_OID_INFO **info, uint32_t *nodes, size_t *nodes_count, +int asn1_oid_info_from_der_ex(const ASN1_OID_INFO **info, uint32_t *nodes, size_t *nodes_cnt, const ASN1_OID_INFO *infos, size_t count, const uint8_t **in, size_t *inlen); int asn1_oid_info_from_der(const ASN1_OID_INFO **info, const ASN1_OID_INFO *infos, size_t count, const uint8_t **in, size_t *inlen); diff --git a/include/gmssl/cms.h b/include/gmssl/cms.h index b8def7cf..e1a2ad2e 100644 --- a/include/gmssl/cms.h +++ b/include/gmssl/cms.h @@ -316,7 +316,7 @@ int cms_signed_data_from_der( int *content_type, const uint8_t **content, size_t *content_len, const uint8_t **certs, size_t *certs_len, const uint8_t **crls, size_t *crls_len, -cms_set_key_agreement_info const uint8_t **signer_infos, size_t *signer_infos_len, + const uint8_t **signer_infos, size_t *signer_infos_len, const uint8_t **in, size_t *inlen); int cms_signed_data_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); diff --git a/include/gmssl/oid.h b/include/gmssl/oid.h index e224288e..476b8948 100644 --- a/include/gmssl/oid.h +++ b/include/gmssl/oid.h @@ -168,6 +168,8 @@ enum { OID_aes192_cbc, OID_aes256_cbc, + OID_aes128, // 没有OID + OID_ecdsa_with_sha1, OID_ecdsa_with_sha224, OID_ecdsa_with_sha256, diff --git a/include/gmssl/sm2.h b/include/gmssl/sm2.h index e00b3447..f5547b80 100644 --- a/include/gmssl/sm2.h +++ b/include/gmssl/sm2.h @@ -154,7 +154,7 @@ typedef struct { int sm2_signature_to_der(const SM2_SIGNATURE *sig, uint8_t **out, size_t *outlen); int sm2_signature_from_der(SM2_SIGNATURE *sig, const uint8_t **in, size_t *inlen); -int sm2_signature_print(FILE *fp, int fmt, int ind, const SM2_SIGNATURE *sig); +int sm2_signature_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *sig, size_t siglen); int sm2_do_sign(const SM2_KEY *key, const uint8_t dgst[32], SM2_SIGNATURE *sig); int sm2_do_verify(const SM2_KEY *key, const uint8_t dgst[32], const SM2_SIGNATURE *sig); @@ -207,19 +207,22 @@ typedef struct { #define SM2_MAX_PLAINTEXT_SIZE 256 #define SM2_MAX_CIPHERTEXT_SIZE 512 +#define SM2_CIPHERTEXT_SIZE(inlen) (sizeof(SM2_CIPHERTEXT)-1+(inlen)) int sm2_ciphertext_size(size_t inlen, size_t *outlen); int sm2_ciphertext_to_der(const SM2_CIPHERTEXT *c, uint8_t **out, size_t *outlen); int sm2_ciphertext_from_der(SM2_CIPHERTEXT *c, const uint8_t **in, size_t *inlen); -int sm2_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const SM2_CIPHERTEXT *c); +int sm2_ciphertext_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen); int sm2_do_encrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, SM2_CIPHERTEXT *out); int sm2_do_decrypt(const SM2_KEY *key, const SM2_CIPHERTEXT *in, uint8_t *out, size_t *outlen); int sm2_encrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); int sm2_decrypt(const SM2_KEY *key, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen); -int sm2_print_ciphertext(FILE *fp, const uint8_t *c, size_t clen, int format, int indent); + + int sm2_ecdh(const SM2_KEY *key, const SM2_POINT *peer_public, SM2_POINT *out); +int sm2_selftest(void); #ifdef __cplusplus extern "C" { diff --git a/include/gmssl/x509.h b/include/gmssl/x509.h index ecaa1e98..7484b474 100644 --- a/include/gmssl/x509.h +++ b/include/gmssl/x509.h @@ -70,8 +70,8 @@ enum X509_Version { }; const char *x509_version_name(int version); -int x509_explicit_version_to_der(int index, int version); -int x509_explicit_version_from_der(int index, int *version); +int x509_explicit_version_to_der(int index, int version, uint8_t **out, size_t *outlen); +int x509_explicit_version_from_der(int index, int *version, const uint8_t **in, size_t *inlen); /* Time ::= CHOICE { @@ -86,6 +86,8 @@ Validity ::= SEQUENCE { notBefore Time, notAfter Time } */ +#define X509_VALIDITY_MIN_DAYS 1 +#define X509_VALIDITY_MAX_DAYS (365 * 3) int x509_validity_add_days(time_t *not_after, time_t not_before, int days); int x509_validity_to_der(time_t not_before, time_t not_after, uint8_t **out, size_t *outlen); int x509_validity_from_der(time_t *not_before, time_t *not_after, const uint8_t **in, size_t *inlen); @@ -142,8 +144,8 @@ Name ::= SEQUENCE OF RelativeDistinguishedName int x509_name_add_rdn(uint8_t *d, size_t *dlen, size_t maxlen, int oid, int tag, const uint8_t *val, size_t vlen, const uint8_t *more, size_t mlen); int x509_name_add_country_name(uint8_t *d, size_t *dlen, int maxlen, const char val[2] ); // val: PrintableString SIZE(2) int x509_name_add_state_or_province_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); -int x509_name_add_locality_name(uint8_t *d, size_t *dlen, int maxlen, cint tag, onst uint8_t *val, size_t vlen); -int x509_name_add_organization_name(uint8_t *d, size_t *dlen, int maxlen, cint tag, onst uint8_t *val, size_t vlen); +int x509_name_add_locality_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); +int x509_name_add_organization_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_organizational_unit_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_common_name(uint8_t *d, size_t *dlen, int maxlen, int tag, const uint8_t *val, size_t vlen); int x509_name_add_domain_component(uint8_t *d, size_t *dlen, int maxlen, const char *val, size_t vlen); // val: IA5String @@ -184,7 +186,7 @@ int x509_explicit_exts_from_der(int index, const uint8_t **d, size_t *dlen, cons #define x509_exts_to_der(d,dlen,out,outlen) x509_explicit_exts_to_der(3,d,dlen,out,outlen) #define x509_exts_from_der(d,dlen,in,inlen) x509_explicit_exts_from_der(3,d,dlen,in,inlen) -int x509_exts_get_count(const uint8_t *d, size_t dlen, int *count); +int x509_exts_get_count(const uint8_t *d, size_t dlen, size_t *cnt); int x509_exts_get_ext_by_index(const uint8_t *d, size_t dlen, int index, int *oid, uint32_t *nodes, size_t *nodes_cnt, int *critical, const uint8_t **val, size_t *vlen); @@ -267,15 +269,15 @@ int x509_cert_sign( const uint8_t *issuer_unique_id, size_t issuer_unique_id_len, const uint8_t *subject_unique_id, size_t subject_unique_id_len, const uint8_t *exts, size_t exts_len, - const SM2_KEY *sign_key, const char *signer_id); -int x509_cert_verify(const uint8_t *a, size_t alen, const SM2_KEY *pub_key, const char *signer_id); + const SM2_KEY *sign_key, const char *signer_id, size_t signer_id_len); +int x509_cert_verify(const uint8_t *a, size_t alen, const SM2_KEY *pub_key, const char *signer_id, size_t signer_id_len); int x509_cert_verify_by_ca_cert(const uint8_t *a, size_t alen, const uint8_t *cacert, size_t cacertlen); int x509_cert_to_pem(const uint8_t *a, size_t alen, FILE *fp); int x509_cert_from_pem(uint8_t *a, size_t *alen, size_t maxlen, FILE *fp); -int x509_cert_from_pem_by_index(uint8_t *a, size_t *alen, size_t maxlen, FILE *fp, int index); -int x509_cert_from_pem_by_subject(uint8_t *a, size_t *alen, size_t maxlen, FILE *fp, const uint8_t *name, size_t namelen); -int x509_cert_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *a, size_t alen); +int x509_cert_from_pem_by_index(uint8_t *a, size_t *alen, size_t maxlen, int index, FILE *fp); +int x509_cert_from_pem_by_subject(uint8_t *a, size_t *alen, size_t maxlen, const uint8_t *name, size_t namelen, FILE *fp); +int x509_cert_print(FILE *fp, int fmt, int ind, const uint8_t *a, size_t alen); int x509_cert_get_details(const uint8_t *a, size_t alen, int *version, @@ -283,7 +285,7 @@ int x509_cert_get_details(const uint8_t *a, size_t alen, int *inner_signature_algor, const uint8_t **issuer, size_t *issuer_len, time_t *not_before, time_t *not_after, - const uint8_t *subject, size_t *subject_len, + const uint8_t **subject, size_t *subject_len, SM2_KEY *subject_public_key, const uint8_t **issuer_unique_id, size_t *issuer_unique_id_len, const uint8_t **subject_unique_id, size_t *subject_unique_id_len, @@ -296,13 +298,15 @@ IssuerAndSerialNumber ::= SEQUENCE { isser Name, serialNumber INTEGER } */ -int x509_cert_get_issuer_and_serial_number(const uint8_t *cert, size_t certlen, +int x509_cert_get_issuer_and_serial_number(const uint8_t *a, size_t alen, const uint8_t **issuer, size_t *issuer_len, const uint8_t **serial_number, size_t *serial_number_len); +int x509_cert_get_subject(const uint8_t *a, size_t alen, const uint8_t **subj, size_t *subj_len); +int x509_cert_get_subject_public_key(const uint8_t *a, size_t alen, SM2_KEY *public_key); int x509_certs_to_pem(const uint8_t *d, size_t dlen, FILE *fp); int x509_certs_from_pem(const uint8_t *d, size_t *dlen, size_t maxlen, FILE *fp); -int x509_certs_get_count(const uint8_t *d, size_t dlen, int count); +int x509_certs_get_count(const uint8_t *d, size_t dlen, size_t *cnt); int x509_certs_get_cert_by_index(const uint8_t *d, size_t dlen, int index, const uint8_t **cert, size_t *certlen); int x509_certs_get_cert_by_subject(const uint8_t *d, size_t dlen, const uint8_t *subject, size_t subject_len, const uint8_t **cert, size_t *certlen); diff --git a/include/gmssl/x509_crl.h b/include/gmssl/x509_crl.h index 862b8165..496986ea 100644 --- a/include/gmssl/x509_crl.h +++ b/include/gmssl/x509_crl.h @@ -1,4 +1,4 @@ -/* +/* * Copyright (c) 2020 - 2021 The GmSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -101,6 +101,10 @@ int x509_crl_entry_exts_add_certificate_issuer( int critical, const uint8_t *d, size_t dlen); +#define x509_crl_entry_exts_to_der(d,dlen,out,outlen) asn1_sequence_to_der(d,dlen,out,outlen) +#define x509_crl_entry_exts_from_der(d,dlen,in,inlen) asn1_sequence_from_der(d,dlen,in,inlen) +int x509_crl_entry_exts_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); + /* RevokedCertificate ::= SEQUENCE { userCertificate CertificateSerialNumber, @@ -238,8 +242,9 @@ int x509_crl_sign(uint8_t *crl, size_t *crl_len, time_t next_update, const uint8_t *revoked_certs, size_t revoked_certs_len, const uint8_t *exts, size_t exts_len, - const SM2_KEY *sign_key, const char *signer_id); -int x509_crl_verify(const uint8_t *a, size_t alen, const SM2_KEY *pub_key, const char *key_id); + const SM2_KEY *sign_key, const char *signer_id, size_t signer_id_len); +int x509_crl_verify(const uint8_t *a, size_t alen, + const SM2_KEY *sign_pub_key, const char *signer_id, size_t signer_id_len); int x509_crl_get_details(const uint8_t *crl, size_t crl_len, int *version, diff --git a/include/gmssl/x509_ext.h b/include/gmssl/x509_ext.h index 3a11c44f..3078e88d 100644 --- a/include/gmssl/x509_ext.h +++ b/include/gmssl/x509_ext.h @@ -104,6 +104,8 @@ int x509_exts_add_crl_distribution_points(uint8_t *exts, size_t *extslen, size_t int x509_exts_add_inhibit_any_policy(uint8_t *exts, size_t *extslen, size_t maxlen, int critical, int skip_certs); int x509_exts_add_freshest_crl(uint8_t *exts, size_t *extslen, size_t maxlen, int critical, const uint8_t *d, size_t dlen); +int x509_exts_add_sequence(uint8_t *exts, size_t *extslen, size_t maxlen, + int oid, int critical, const uint8_t *d, size_t dlen); /* OtherName ::= SEQUENCE { @@ -190,6 +192,12 @@ int x509_authority_key_identifier_from_der( const uint8_t **in, size_t *inlen); int x509_authority_key_identifier_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); +/* +SubjectKeyIdentifier ::= OCTET STRING +*/ +#define X509_SUBJECT_KEY_IDENTIFIER_MIN_LEN 16 +#define X509_SUBJECT_KEY_IDENTIFIER_MAX_LEN 64 + /* KeyUsage ::= BIT STRING { digitalSignature (0), @@ -265,6 +273,9 @@ int x509_policy_qualifier_info_from_der(int *oid, const uint8_t **qualifier, size_t *qualifier_len, const uint8_t **in, size_t *inlen); int x509_policy_qualifier_info_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); + +#define x509_policy_qualifier_infos_to_der(d,dlen,out,outlen) asn1_sequence_to_der(d,dlen,out,outlen) +#define x509_policy_qualifier_infos_from_der(d,dlen,in,ineln) asn1_sequence_from_der(d,dlen,in,inlen) int x509_policy_qualifier_infos_print(FILE *fp, int fmt, int ind, const char *label, const uint8_t *d, size_t dlen); /* @@ -489,8 +500,26 @@ int x509_distribution_points_print(FILE *fp, int fmt, int ind, const char *label /* CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint -FreshestCRL ::= CRLDistributionPoints */ +#define x509_crl_distribution_points_to_der(d,dlen,out,outlen) x509_distribution_points_to_der(d,dlen,out,outlen) +#define x509_crl_distribution_points_from_der(d,dlen,in,inlen) x509_distribution_points_from_der(d,dlen,in,inlen) +#define x509_crl_distribution_points_print(fp,fmt,ind,label,d,dlen) x509_distribution_points_print(fp,fmt,ind,label,d,dlen) + + +/* +InhibitAnyPolicy ::= SkipCerts +SkipCerts ::= INTEGER (0..MAX) +*/ +#define x509_inhibit_any_policy_to_der(val,out,outlen) asn1_int_to_der(val,out,outlen) +#define x509_inhibit_any_policy_from_der(val,in,inlen) asn1_int_from_der(val,in,inlen) + +/* +FreshestCRL ::= CRLDistributionPoints + */ +#define x509_freshest_crl_to_der(d,dlen,out,outlen) x509_crl_distribution_points_to_der(d,dlen,out,outlen) +#define x509_freshest_crl_from_der(d,dlen,in,inlen) x509_crl_distribution_points_from_der(d,dlen,in,inlen) +#define x509_freshest_crl_print(fp,fmt,ind,label,d,dlen) x509_crl_distribution_points_print(fp,fmt,ind,label,d,dlen) + #ifdef __cplusplus } diff --git a/include/gmssl/x509_oid.h b/include/gmssl/x509_oid.h index 85d3f24c..89b94a1c 100644 --- a/include/gmssl/x509_oid.h +++ b/include/gmssl/x509_oid.h @@ -104,10 +104,10 @@ id-ce: OID_ce_inhibit_any_policy OID_ce_freshest_crl */ -const char *x509_ext_type_name(int oid); -int x509_ext_type_from_name(const char *name); -int x509_ext_type_from_der(int *oid, uint32_t *nodes, size_t *nodes_count, const uint8_t **in, size_t *inlen); -int x509_ext_type_to_der(int oid, uint8_t **out, size_t *outlen); +const char *x509_ext_id_name(int oid); +int x509_ext_id_from_name(const char *name); +int x509_ext_id_from_der(int *oid, uint32_t *nodes, size_t *nodes_count, const uint8_t **in, size_t *inlen); +int x509_ext_id_to_der(int oid, uint8_t **out, size_t *outlen); /* id-qt diff --git a/include/gmssl/x509_req.h b/include/gmssl/x509_req.h index 2864b658..cb0ac24c 100644 --- a/include/gmssl/x509_req.h +++ b/include/gmssl/x509_req.h @@ -111,9 +111,9 @@ int x509_req_sign(uint8_t *req, size_t *reqlen, size_t maxlen, const SM2_KEY *subject_public_key, const uint8_t *attrs, size_t attrs_len, int signature_algor, - const SM2_KEY *sign_key, const char *signer_id); + const SM2_KEY *sign_key, const char *signer_id, size_t signer_id_len); int x509_req_verify(const uint8_t *req, size_t reqlen, - const SM2_KEY *sign_pubkey, const char *signer_id) + const SM2_KEY *sign_pubkey, const char *signer_id, size_t signer_id_len); int x509_req_get_details(const uint8_t *req, size_t reqlen, int *verison, const uint8_t **subject, size_t *subject_len, @@ -121,7 +121,7 @@ int x509_req_get_details(const uint8_t *req, size_t reqlen, const uint8_t **attributes, size_t *attributes_len, int *signature_algor, const uint8_t **signature, size_t *signature_len); -int x509_req_print(FILE *fp, int fmt, int ind, const uint8_t *req, size_t reqlen) +int x509_req_print(FILE *fp, int fmt, int ind, const uint8_t *req, size_t reqlen); int x509_req_to_pem(const uint8_t *req, size_t reqlen, FILE *fp); int x509_req_from_pem(uint8_t *req, size_t *reqlen, size_t maxlen, FILE *fp); diff --git a/include/gmssl/zuc.h b/include/gmssl/zuc.h index 630b5351..b1d429ce 100644 --- a/include/gmssl/zuc.h +++ b/include/gmssl/zuc.h @@ -113,7 +113,7 @@ ZUC_UINT32 zuc_eia_generate_mac(const ZUC_UINT32 *data, size_t nbits, typedef ZUC_STATE ZUC256_STATE; -void zuc256_set_state(ZUC256_STATE *state, const uint8_t key[ZUC256_KEY_SIZE], const uint8_t iv[ZUC256_IV_SIZE]); +void zuc256_init(ZUC256_STATE *state, const uint8_t key[ZUC256_KEY_SIZE], const uint8_t iv[ZUC256_IV_SIZE]); #define zuc256_generate_keystream(state,nwords,words) zuc_generate_keystream(state,nwords,words) #define zuc256_generate_keyword(state) zuc_generate_keyword(state)