* Added SHA384 and SHA512 digests.

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@245 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
2025-07-30 16:24:09 +03:00 · 2015-03-10 03:08:16 +00:00
parent 0d334d81c2
commit b0bd12beda
14 changed files with 619 additions and 45 deletions
--- a/ssl/Makefile
+++ b/ssl/Makefile
@ -73,7 +73,9 @@ CRYPTO_OBJ=\
 	$(CRYPTO_PATH)rc4.o \
 	$(CRYPTO_PATH)rsa.o \
 	$(CRYPTO_PATH)sha1.o \
-	$(CRYPTO_PATH)sha256.o
+	$(CRYPTO_PATH)sha256.o \
+	$(CRYPTO_PATH)sha384.o \
+	$(CRYPTO_PATH)sha512.o

 OBJ=\
 	asn1.o \
--- a/ssl/asn1.c
+++ b/ssl/asn1.c
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007-2014, Cameron Rich
+ * Copyright (c) 2007-2015, Cameron Rich
 * 
 * All rights reserved.
 * 
@ -40,22 +40,41 @@
 #include "crypto.h"
 #include "crypto_misc.h"

-/* Must be an RSA algorithm with either SHA1/SHA256/MD5 for verifying to work */
+/* 1.2.840.113549.1.1 OID prefix - handle the following */
+/* md5WithRSAEncryption(4) */
+/* sha1WithRSAEncryption(5) */
+/* sha256WithRSAEncryption (11) */
+/* sha384WithRSAEncryption (12) */
+/* sha512WithRSAEncryption (13) */
 static const uint8_t sig_oid_prefix[] = 
 {
    0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01
 };

+/* 1.3.14.3.2.29 SHA1 with RSA signature */
 static const uint8_t sig_sha1WithRSAEncrypt[] =
 {
    0x2b, 0x0e, 0x03, 0x02, 0x1d
 };

-static const uint8_t sig_sha256WithRSAEncrypt[] =
+/* 2.16.840.1.101.3.4.2.1 SHA-256 */
+static const uint8_t sig_sha256[] =
 {
    0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01
 };

+/* 2.16.840.1.101.3.4.2.2 SHA-384 */
+static const uint8_t sig_sha384[] =
+{
+    0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02
+};
+
+/* 2.16.840.1.101.3.4.2.3 SHA-512 */
+static const uint8_t sig_sha512[] =
+{
+    0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03
+};
+
 static const uint8_t sig_subject_alt_name[] =
 {
    0x55, 0x1d, 0x11
@ -588,12 +607,24 @@ int asn1_signature_type(const uint8_t *cert,
    {
        x509_ctx->sig_type = SIG_TYPE_SHA1;
    }
-    else if (len == sizeof(sig_sha256WithRSAEncrypt) && 
-            memcmp(sig_sha256WithRSAEncrypt, &cert[*offset], 
-                                    sizeof(sig_sha256WithRSAEncrypt)) == 0)
+    else if (len == sizeof(sig_sha256) && 
+            memcmp(sig_sha256, &cert[*offset], 
+                                    sizeof(sig_sha256)) == 0)
    {
        x509_ctx->sig_type = SIG_TYPE_SHA256;
    }
+    else if (len == sizeof(sig_sha384) && 
+            memcmp(sig_sha384, &cert[*offset], 
+                                    sizeof(sig_sha384)) == 0)
+    {
+        x509_ctx->sig_type = SIG_TYPE_SHA384;
+    }
+    else if (len == sizeof(sig_sha512) && 
+            memcmp(sig_sha512, &cert[*offset], 
+                                    sizeof(sig_sha512)) == 0)
+    {
+        x509_ctx->sig_type = SIG_TYPE_SHA512;
+    }
    else
    {
        if (memcmp(sig_oid_prefix, &cert[*offset], sizeof(sig_oid_prefix)))
--- a/ssl/crypto_misc.h
+++ b/ssl/crypto_misc.h
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007, Cameron Rich
+ * Copyright (c) 2007-2015, Cameron Rich
 * 
 * All rights reserved.
 * 
@ -55,6 +55,7 @@ extern "C" {
 #define X509_VFY_ERROR_INVALID_CHAIN        -7
 #define X509_VFY_ERROR_UNSUPPORTED_DIGEST   -8
 #define X509_INVALID_PRIV_KEY               -9
+#define X509_MAX_CERTS                      -10

 /*
 * The Distinguished Name
@ -127,6 +128,8 @@ const char * x509_display_error(int error);
 #define SIG_TYPE_MD5            0x04
 #define SIG_TYPE_SHA1           0x05
 #define SIG_TYPE_SHA256         0x0b
+#define SIG_TYPE_SHA384         0x0c
+#define SIG_TYPE_SHA512         0x0d

 uint32_t get_asn1_length(const uint8_t *buf, int *offset);
 int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx);
--- a/ssl/test/Makefile
+++ b/ssl/test/Makefile
@ -71,7 +71,10 @@ CRYPTO_OBJ=\
 	$(CRYPTO_PATH)md5.obj \
 	$(CRYPTO_PATH)rc4.obj \
 	$(CRYPTO_PATH)rsa.obj \
-	$(CRYPTO_PATH)sha1.obj
+	$(CRYPTO_PATH)sha1.obj \
+	$(CRYPTO_PATH)sha256.obj \
+	$(CRYPTO_PATH)sha384.obj \
+	$(CRYPTO_PATH)sha512.obj

 OBJ=\
 	$(AXTLS_SSL_PATH)asn1.obj \
--- a/ssl/test/comodo.sha384.cer
+++ b/ssl/test/comodo.sha384.cer
@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv
+MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
+ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
+eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
+gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
+VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw
+AHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6
+2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr
+ayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt
+4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq
+m1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/
+vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT
+8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE
+IlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO
+KJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO
+GHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/
+s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g
+JMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD
+AgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9
+MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy
+bmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ
+zbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj
+Jw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY
+Uspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5
+B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx
+PUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR
+pu/xO28QOG8=
+-----END CERTIFICATE-----
--- a/ssl/test/ssltest.c
+++ b/ssl/test/ssltest.c
@ -326,7 +326,7 @@ static int SHA256_test(BI_CTX *bi_ctx)

        if (memcmp(digest, ct, sizeof(ct)))
        {
-            printf("Error: SHA256 # failed\n");
+            printf("Error: SHA256 #1 failed\n");
            goto end;
        }
    }
@ -356,6 +356,112 @@ end:
    return res;
 }

+/**************************************************************************
+ * SHA384 tests 
+ *
+ * Run through a couple of the SHA-2 tests to verify that SHA384 is correct.
+ **************************************************************************/
+static int SHA384_test(BI_CTX *bi_ctx)
+{
+    SHA384_CTX ctx;
+    uint8_t ct[SHA384_SIZE];
+    uint8_t digest[SHA384_SIZE];
+    int res = 1;
+
+    {
+        const char *in_str = "abc";
+        bigint *ct_bi = bi_str_import(bi_ctx,
+            "CB00753F45A35E8BB5A03D699AC65007272C32AB0EDED1631A8B605A43FF5BED8086072BA1E7CC2358BAECA134C825A7");
+        bi_export(bi_ctx, ct_bi, ct, SHA384_SIZE);
+
+        SHA384_Init(&ctx);
+        SHA384_Update(&ctx, (const uint8_t *)in_str, strlen(in_str));
+        SHA384_Final(digest, &ctx);
+
+        if (memcmp(digest, ct, sizeof(ct)))
+        {
+            printf("Error: SHA384 #1 failed\n");
+            goto end;
+        }
+    }
+
+    {
+        const char *in_str =
+            "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+        bigint *ct_bi = bi_str_import(bi_ctx,
+            "3391FDDDFC8DC7393707A65B1B4709397CF8B1D162AF05ABFE8F450DE5F36BC6B0455A8520BC4E6F5FE95B1FE3C8452B");
+        bi_export(bi_ctx, ct_bi, ct, SHA384_SIZE);
+
+        SHA384_Init(&ctx);
+        SHA384_Update(&ctx, (const uint8_t *)in_str, strlen(in_str));
+        SHA384_Final(digest, &ctx);
+
+        if (memcmp(digest, ct, sizeof(ct)))
+        {
+            printf("Error: SHA384 #2 failed\n");
+            goto end;
+        }
+    }
+
+    res = 0;
+    printf("All SHA384 tests passed\n");
+
+end:
+    return res;
+}
+/**************************************************************************
+ * SHA512 tests 
+ *
+ * Run through a couple of the SHA-2 tests to verify that SHA512 is correct.
+ **************************************************************************/
+static int SHA512_test(BI_CTX *bi_ctx)
+{
+    SHA512_CTX ctx;
+    uint8_t ct[SHA512_SIZE];
+    uint8_t digest[SHA512_SIZE];
+    int res = 1;
+
+    {
+        const char *in_str = "abc";
+        bigint *ct_bi = bi_str_import(bi_ctx,
+            "DDAF35A193617ABACC417349AE20413112E6FA4E89A97EA20A9EEEE64B55D39A2192992A274FC1A836BA3C23A3FEEBBD454D4423643CE80E2A9AC94FA54CA49F");
+        bi_export(bi_ctx, ct_bi, ct, SHA512_SIZE);
+
+        SHA512_Init(&ctx);
+        SHA512_Update(&ctx, (const uint8_t *)in_str, strlen(in_str));
+        SHA512_Final(digest, &ctx);
+
+        if (memcmp(digest, ct, sizeof(ct)))
+        {
+            printf("Error: SHA512 #1 failed\n");
+            goto end;
+        }
+    }
+
+    {
+        const char *in_str =
+            "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+        bigint *ct_bi = bi_str_import(bi_ctx,
+            "204A8FC6DDA82F0A0CED7BEB8E08A41657C16EF468B228A8279BE331A703C33596FD15C13B1B07F9AA1D3BEA57789CA031AD85C7A71DD70354EC631238CA3445");
+        bi_export(bi_ctx, ct_bi, ct, SHA512_SIZE);
+
+        SHA512_Init(&ctx);
+        SHA512_Update(&ctx, (const uint8_t *)in_str, strlen(in_str));
+        SHA512_Final(digest, &ctx);
+
+        if (memcmp(digest, ct, sizeof(ct)))
+        {
+            printf("Error: SHA512 #2 failed\n");
+            goto end;
+        }
+    }
+
+    res = 0;
+    printf("All SHA512 tests passed\n");
+
+end:
+    return res;
+}
 /**************************************************************************
 * MD5 tests 
 *
@ -720,6 +826,17 @@ static int cert_tests(void)

    ssl_ctx_free(ssl_ctx);

+    ssl_ctx = ssl_ctx_new(0, 0);
+    if ((res = ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT, 
+                "../ssl/test/comodo.sha384.cer", NULL)) != SSL_OK)
+    {
+        printf("Cert #8\n");
+        ssl_display_error(res);
+        goto bad_cert;
+    }
+
+    ssl_ctx_free(ssl_ctx);
+
    ssl_ctx = ssl_ctx_new(0, 0);
    if ((res = ssl_obj_load(ssl_ctx, 
              SSL_OBJ_X509_CERT, "../ssl/test/ms_iis.cer", NULL)) != SSL_OK)
@ -748,11 +865,11 @@ static int cert_tests(void)
    x509_free(x509_ctx);
    free(buf);

+    // this bundle has two DSA (1.2.840.10040.4.3 invalid) certificates
    ssl_ctx = ssl_ctx_new(0, 0);
    if (ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CACERT, 
            "../ssl/test/ca-bundle.crt", NULL))
    {
-        printf("Cert #12\n");
        goto bad_cert;
    }

@ -2236,6 +2353,20 @@ int main(int argc, char *argv[])
    }
    TTY_FLUSH();

+    if (SHA384_test(bi_ctx))
+    {
+        printf("SHA384 tests failed\n");
+        goto cleanup;
+    }
+    TTY_FLUSH();
+
+    if (SHA512_test(bi_ctx))
+    {
+        printf("SHA512 tests failed\n");
+        goto cleanup;
+    }
+    TTY_FLUSH();
+
    if (HMAC_test(bi_ctx))
    {
        printf("HMAC tests failed\n");
--- a/ssl/tls1.c
+++ b/ssl/tls1.c
@ -388,7 +388,7 @@ error:
 */
 int add_cert_auth(SSL_CTX *ssl_ctx, const uint8_t *buf, int len)
 {
-    int ret = SSL_OK; /* ignore errors for now */
+    int ret = X509_OK; /* ignore errors for now */
    int i = 0;
    CA_CERT_CTX *ca_cert_ctx;

@ -410,10 +410,10 @@ int add_cert_auth(SSL_CTX *ssl_ctx, const uint8_t *buf, int len)
                    "compile-time configuration required\n", 
                    CONFIG_X509_MAX_CA_CERTS);
 #endif
+            ret = X509_MAX_CERTS;
            break;
        }

-
        /* ignore the return code */
        if (x509_new(buf, &offset, &ca_cert_ctx->cert[i]) == X509_OK)
        {
--- a/ssl/x509.c
+++ b/ssl/x509.c
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007-2014, Cameron Rich
+ * Copyright (c) 2007-2015, Cameron Rich
 * 
 * All rights reserved.
 * 
@ -120,33 +120,63 @@ int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx)
    bi_ctx = x509_ctx->rsa_ctx->bi_ctx;

 #ifdef CONFIG_SSL_CERT_VERIFICATION /* only care if doing verification */
-    /* use the appropriate signature algorithm (SHA1/MD5/SHA256) */
-    if (x509_ctx->sig_type == SIG_TYPE_MD5)
+    /* use the appropriate signature algorithm */
+    switch (x509_ctx->sig_type)
    {
-        MD5_CTX md5_ctx;
-        uint8_t md5_dgst[MD5_SIZE];
-        MD5_Init(&md5_ctx);
-        MD5_Update(&md5_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
-        MD5_Final(md5_dgst, &md5_ctx);
-        x509_ctx->digest = bi_import(bi_ctx, md5_dgst, MD5_SIZE);
-    }
-    else if (x509_ctx->sig_type == SIG_TYPE_SHA1)
-    {
-        SHA1_CTX sha_ctx;
-        uint8_t sha_dgst[SHA1_SIZE];
-        SHA1_Init(&sha_ctx);
-        SHA1_Update(&sha_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
-        SHA1_Final(sha_dgst, &sha_ctx);
-        x509_ctx->digest = bi_import(bi_ctx, sha_dgst, SHA1_SIZE);
-    }
-    else if (x509_ctx->sig_type == SIG_TYPE_SHA256)
-    {
-        SHA256_CTX sha256_ctx;
-        uint8_t sha256_dgst[SHA256_SIZE];
-        SHA256_Init(&sha256_ctx);
-        SHA256_Update(&sha256_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
-        SHA256_Final(sha256_dgst, &sha256_ctx);
-        x509_ctx->digest = bi_import(bi_ctx, sha256_dgst, SHA256_SIZE);
+        case SIG_TYPE_MD5:
+        {
+            MD5_CTX md5_ctx;
+            uint8_t md5_dgst[MD5_SIZE];
+            MD5_Init(&md5_ctx);
+            MD5_Update(&md5_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
+            MD5_Final(md5_dgst, &md5_ctx);
+            x509_ctx->digest = bi_import(bi_ctx, md5_dgst, MD5_SIZE);
+        }
+            break;
+
+        case SIG_TYPE_SHA1:
+        {
+            SHA1_CTX sha_ctx;
+            uint8_t sha_dgst[SHA1_SIZE];
+            SHA1_Init(&sha_ctx);
+            SHA1_Update(&sha_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
+            SHA1_Final(sha_dgst, &sha_ctx);
+            x509_ctx->digest = bi_import(bi_ctx, sha_dgst, SHA1_SIZE);
+        }
+            break;
+
+        case SIG_TYPE_SHA256:
+        {
+            SHA256_CTX sha256_ctx;
+            uint8_t sha256_dgst[SHA256_SIZE];
+            SHA256_Init(&sha256_ctx);
+            SHA256_Update(&sha256_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
+            SHA256_Final(sha256_dgst, &sha256_ctx);
+            x509_ctx->digest = bi_import(bi_ctx, sha256_dgst, SHA256_SIZE);
+        }
+            break;
+
+        case SIG_TYPE_SHA384:
+        {
+            SHA384_CTX sha384_ctx;
+            uint8_t sha384_dgst[SHA384_SIZE];
+            SHA384_Init(&sha384_ctx);
+            SHA384_Update(&sha384_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
+            SHA384_Final(sha384_dgst, &sha384_ctx);
+            x509_ctx->digest = bi_import(bi_ctx, sha384_dgst, SHA384_SIZE);
+        }
+            break;
+
+        case SIG_TYPE_SHA512:
+        {
+            SHA512_CTX sha512_ctx;
+            uint8_t sha512_dgst[SHA512_SIZE];
+            SHA512_Init(&sha512_ctx);
+            SHA512_Update(&sha512_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
+            SHA512_Final(sha512_dgst, &sha512_ctx);
+            x509_ctx->digest = bi_import(bi_ctx, sha512_dgst, SHA512_SIZE);
+        }
+            break;
    }

    if (cert[offset] == ASN1_V3_DATA)
@ -495,6 +525,12 @@ void x509_print(const X509_CTX *cert, CA_CERT_CTX *ca_cert_ctx)
        case SIG_TYPE_SHA256:
            printf("SHA256\n");
            break;
+        case SIG_TYPE_SHA384:
+            printf("SHA384\n");
+            break;
+        case SIG_TYPE_SHA512:
+            printf("SHA512\n");
+            break;
        default:
            printf("Unrecognized: %d\n", cert->sig_type);
            break;