der.h

Go to the documentation of this file.

/*
BSD 3-Clause License
 
Copyright (c) 2022, Stable Cloud Computing, Inc.
 
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
 
1. Redistributions of source code must retain the above copyright notice, this
   list of conditions and the following disclaimer.
 
2. Redistributions in binary form must reproduce the above copyright notice,
   this list of conditions and the following disclaimer in the documentation
   and/or other materials provided with the distribution.
 
3. Neither the name of the copyright holder nor the names of its
   contributors may be used to endorse or promote products derived from
   this software without specific prior written permission.
 
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _SCC_CRYPTO_DER_H
#define _SCC_CRYPTO_DER_H
 
#include <string>
#include <iostream>
#include <vector>
#include <chrono>
#include <ctime>
#include <cstring>
#include <memory>
#include <crypto/bignum.h>
#include <crypto/secvec.h>
 
namespace scc::crypto {
 
class BitString
{
    friend class DerBitString;
    std::vector<uint8_t> m_data;            // bit string bits 0-width at the beginning. The rest will be padded with zeroes.
    uint32_t m_width;                       // bit width will always be <= m_data width
public:
    BitString() : m_width(0) {}
    virtual ~BitString() {}
    
    uint32_t width() const { return m_width; }
    
    uint32_t pad_bits() const
    {
        return m_width%8 == 0 ? 0 : 8 - m_width%8;
    }
    
    void width(uint32_t v)
    {
        m_width = v;
        m_data.resize(((v+7)&~7)/8, '\x00');
        for (uint32_t i = 0; i < pad_bits(); i++)
        {
            m_data.at(m_data.size()-1) &= ~(1 << i);            // set the bits in the last byte to 0
        }
    }
    
    void set(const std::vector<uint8_t>& v, size_t w)
    {
        m_data = v;
        width(w);
    }
    void set(const std::vector<char>& v, size_t w)
    {
        m_data.clear();
        m_data.insert(m_data.begin(), v.begin(), v.end());
        width(w);
    }
 
    bool is_bit_set(uint32_t bit) const
    {
        if (bit >= m_width)                 return false;
 
        uint8_t mask = 1 << (7-bit%8);      // msb is bit 0
        
        return (m_data.at(bit/8) & mask) == mask ? true : false;
    }
    
    void set_bit(uint32_t bit, bool set=true)
    {
        if (bit >= m_width)     return;
 
        uint8_t mask = 1 << (7-bit%8);
        
        if (set)    m_data.at(bit/8) |= mask;
        else        m_data.at(bit/8) &= ~mask;
    }
    
    void clear_bit(uint32_t bit)
    {
        set_bit(bit, false);
    }
    
    void get(std::vector<uint8_t>& v) const
    {
        v = m_data;     // the last bits are always set to 0
    }
    void get(std::vector<char>& v) const
    {
        v.clear();
        v.insert(v.begin(), m_data.begin(), m_data.end());
    }
};
 
class DerBase;
using BasePtr = std::shared_ptr<DerBase>;
 
using oid_value = std::vector<uint32_t>;
 
class DerBase
{
    friend class DerDocument;
    friend class X509Cert;
 
    std::vector<uint8_t> m_dat;
    size_t m_eloff;
    size_t m_elsz;
    size_t m_hdrsz;
protected:
    uint8_t m_tag;
    uint32_t m_id;
public:
    enum Tag
    {
        id_mask =                   0x1f,   // bits 1-5 are the tag id, if they are all 1s, this is a multi-byte id
        construct_mask =            0x20,   // bit 6 is the constructed mask (otherwise primitive)
        class_mask =                0xc0,   // bits 7-8 are the class, 00 means universal
        class_application =         0x40,   // 01
        class_context =             0x80,   // 10
        class_private =             0xc0,   // 11
        length_multi_mask =         0x80,   // bit 8 is on if this is a multi-byte length
        length_bytes_mask =         0x7f,   // bits 1-7 give length for multi-byte length
        type_boolean    =           1,
        type_integer =              2,
        type_bit_string =           3,
        type_octet_string =         4,
        type_null =                 5,
        type_object_identifier =    6,
        type_utf8_string =          12, // 0x0c
        type_sequence =             16, // 0x10
        type_set =                  17, // 0x11
        type_printable_string =     19, // 0x13
        type_teletex_string =       20, // 0x14
        type_ia5_string =           22, // 0x16
        type_utc_time =             23, // 0x17
        type_generalized_time =     24, // 0x18
        type_visible_string =       26, // 0x1a
        type_universal_string =     28, // 0x1c
        type_bmp_string =           30, // 0x1e
    };
 
    DerBase(uint8_t tag = 0) : m_eloff(0), m_elsz(0), m_hdrsz(0), m_tag(tag), m_id(0) {}
    virtual ~DerBase()
    {
        explicit_bzero(m_dat.data(), m_dat.size());
    }
 
    static BasePtr create(int);
    static BasePtr create(const std::vector<uint8_t>&, size_t);
    
    static BasePtr context_to_explicit(const BasePtr&);
    
    static BasePtr explicit_to_context(const BasePtr& BasePtr, uint32_t);
 
    static BasePtr context_to_implicit(const BasePtr&, uint32_t);
    
    static BasePtr implicit_to_context(const BasePtr& BasePtr, uint32_t);
 
    size_t eloff() const { return m_eloff; }
    void eloff(size_t v) { m_eloff = v; }
    size_t elsz() const { return m_elsz; }
    void elsz(size_t v) { m_elsz = v; }
    size_t hdrsz() const { return m_hdrsz; }
    void hdrsz(size_t v) { m_hdrsz = v; }
 
    size_t pre_len() const;
    virtual size_t len() const { return m_dat.size(); }
    
    virtual void parse(const std::vector<uint8_t>& v) { m_dat = v; }
 
    virtual void dump_pre(std::vector<char>&) const;
    virtual void dump_data(std::vector<char>&) const;
 
    virtual std::string str(uint32_t=100) const;
    virtual std::string data_str() const;
 
    virtual std::string name() const { return "DerBase"; }
 
    std::vector<uint8_t>& data() { return m_dat; }
 
    void get_base(std::vector<uint8_t>& v) const
    {
        v = m_dat;
    }
    void set_base(const std::vector<uint8_t>& v)
    {
        m_dat = v;
    }
    void set_base(const std::vector<char>& v)
    {
        m_dat.assign(v.begin(), v.end());
    }
 
    uint32_t id() const
    {
        return (m_tag & id_mask) == id_mask ? m_id : m_tag & id_mask;
    }
    void id(uint32_t v)
    {
        if (v < id_mask)
        {
            m_tag = (m_tag & ~id_mask) | v;     // set the low bits to v
            m_id = 0;
        }
        else
        {
            m_tag |= id_mask;       // set the low bits to 1
            m_id = v;
        }
    }
    
    std::string id_str() const;
 
    uint8_t type_class() const { return m_tag & class_mask; }
    void type_class(uint8_t f) { m_tag = (m_tag & ~class_mask) | (f & class_mask); }
 
    bool uni_class() const { return (m_tag & class_mask) == 0; }
    bool app_class() const { return (m_tag & class_mask) == class_application; }
    bool context_class() const { return (m_tag & class_mask) == class_context; }
    bool priv_class() const { return (m_tag & class_mask) == class_private; }
 
    std::string class_str() const;
 
    bool constructed() const { return m_tag & construct_mask ? true : false; }
    void constructed(bool cons) { m_tag = cons ? m_tag | construct_mask : m_tag & ~construct_mask; }
 
    std::string construct_str() const;
 
    bool is_seq() const;
    bool is_set() const;
    bool is_contain() const
    {
        return is_seq() || is_set();
    }
 
    std::vector<BasePtr>& contain();
 
    bool is_integer() const;
    scc::crypto::Bignum& integer();
 
    bool is_bit_string() const;
    BitString& bit_string();
 
    bool is_octet_string() const;
    bool is_printable_string() const;
    bool is_utf8_string() const;
    bool is_ia5_string() const;
    bool is_bmp_string() const;
    bool is_universal_string() const;
    bool is_teletex_string() const;
    bool is_visible_string() const;
    bool is_string() const
    {
        return is_octet_string() || is_printable_string() || is_utf8_string() || is_ia5_string()
            || is_bmp_string() || is_universal_string() || is_teletex_string() || is_visible_string();
    }
 
    std::string string();
    void string(const std::string&);
 
    void string_get(std::vector<char>&);
    void string_get(std::vector<uint8_t>&);
 
    void string_set(const std::vector<char>&);
    void string_set(const std::vector<uint8_t>&);
 
    bool is_null() const;
 
    bool is_boolean() const;
    bool boolean();
    void boolean(bool);
 
    bool is_utc_time() const;
    bool is_generalized_time() const;
    bool is_time() const
    {
        return is_utc_time() || is_generalized_time();
    }
    time_t time_epoch();
    std::chrono::system_clock::time_point time_point()
    {
        return std::chrono::system_clock::from_time_t(time_epoch());
    }
 
    bool is_object_id() const;
    oid_value object_id();
    void object_id(const oid_value&);
};
 
class DerContainerBase : public DerBase, public std::vector<BasePtr>
{
public:
    DerContainerBase(uint8_t tag) : DerBase(tag) {}
    virtual ~DerContainerBase();
    virtual std::string data_str() const;
    virtual void parse(const std::vector<uint8_t>& v) { }                   // containers do not parse their data
    virtual void dump_data(std::vector<char>& v) const { }                  // containers do not dump their data
    virtual size_t len() const;
    virtual std::string name() const = 0;
};
 
class DerSequence : public DerContainerBase
{
public:
    DerSequence(uint8_t tag = DerBase::construct_mask | DerBase::type_sequence) : DerContainerBase(tag) {}
    virtual ~DerSequence() {}
    virtual std::string name() const { return "DerSequence"; }
};
 
class DerSet : public DerContainerBase
{
public:
    DerSet(uint8_t tag = DerBase::construct_mask | DerBase::type_set) : DerContainerBase(tag) {}
    virtual ~DerSet() {}
    virtual std::string name() const { return "DerSet"; }
};
 
class DerNull : public DerBase
{
public:
    DerNull(uint8_t tag = DerBase::type_null) : DerBase(tag) {}
    virtual ~DerNull() {}
 
    virtual void parse(const std::vector<uint8_t>&) {}
 
    virtual std::string data_str() const { return ""; }
    virtual void dump_data(std::vector<char>& v) const { v.resize(0); }
    virtual size_t len() const { return 0; }
    virtual std::string name() const { return "DerNull"; }
};
 
class DerBoolean : public DerBase
{
    bool m_bool;
public:
    DerBoolean(uint8_t tag  = DerBase::type_boolean) : DerBase(tag) {}
    virtual ~DerBoolean()
    {
        explicit_bzero(&m_bool, sizeof(bool));
    }
 
    virtual void parse(const std::vector<uint8_t>&);
 
    virtual std::string data_str() const { return m_bool ? " true" : " false"; }
    virtual void dump_data(std::vector<char>& v) const;
    virtual size_t len() const { return 1; }
    virtual std::string name() const { return "DerBoolean"; }
 
    bool get() const { return m_bool; }
    void set(bool b) { m_bool = b; }
};
 
class DerObjectIdentifier : public DerBase
{
    oid_value m_v = {0,0};
 
public:
    DerObjectIdentifier(uint8_t tag = DerBase::type_object_identifier) : DerBase(tag) {}
    virtual ~DerObjectIdentifier()
    {
        explicit_bzero(m_v.data(), m_v.size());
    }
 
    virtual void parse(const std::vector<uint8_t>&);
 
    virtual std::string data_str() const;
    virtual size_t len() const;
    virtual void dump_data(std::vector<char>& v) const;
    virtual std::string name() const { return "DerObjectIdentifier"; }
 
    oid_value& data()
    {
        return m_v;
    }
 
    void set(const oid_value& v);
    
    void get(oid_value& v) const
    {
        v = m_v;
    }
 
    std::string oid_str() const;
};
 
class DerTimeBase : public DerBase
{
protected:
    time_t m_t;
public:
    DerTimeBase(uint8_t tag) : DerBase(tag), m_t(0) {}
    virtual ~DerTimeBase()
    {
        explicit_bzero(&m_t, sizeof(time_t));
    }
 
    time_t epoch() const { return m_t; }
    void epoch(time_t v) { m_t = v; }
 
    void set_time(int year, int month, int day, int hour, int minute, int second);
    void set_time(int year, int month, int day, int hour, int minute, int second, int tzmins);
 
    virtual std::string name() const = 0;
    virtual std::string data_str() const;
};
 
class DerUtcTime : public DerTimeBase
{
public:
    DerUtcTime(uint8_t tag = DerBase::type_utc_time) : DerTimeBase(tag) {}
    virtual ~DerUtcTime() {}
 
    virtual void parse(const std::vector<uint8_t>&);
 
    virtual void dump_data(std::vector<char>& v) const;
    virtual size_t len() const;
    virtual std::string name() const { return "DerUtcTime"; }
};
 
class DerGeneralizedTime : public DerTimeBase
{
public:
    DerGeneralizedTime(uint8_t tag = DerBase::type_generalized_time) : DerTimeBase(tag) {}
    virtual ~DerGeneralizedTime() {}
 
    virtual void parse(const std::vector<uint8_t>&);
 
    virtual void dump_data(std::vector<char>& v) const;
    virtual size_t len() const;
    virtual std::string name() const { return "DerGeneralizedTime"; }
};
 
class DerStringBase : public DerBase
{
    std::vector<uint8_t> m_val;
 
public:
    DerStringBase(uint8_t tag) : DerBase(tag) {}
    virtual ~DerStringBase()
    {
        explicit_bzero(m_val.data(), m_val.size());
    }
    
    virtual void parse(const std::vector<uint8_t>&);
    
    virtual std::string data_str() const;
    virtual void dump_data(std::vector<char>& v) const;
    virtual size_t len() const { return m_val.size(); }
    virtual std::string name() const = 0;
 
    std::string string()
    {
        return std::string(m_val.begin(), m_val.end());
    }
 
    void get(std::vector<uint8_t>& v)
    {
        v = m_val;
    }
 
    void get(std::vector<char>& v)
    {
        v.clear();
        v.insert(v.begin(), m_val.begin(), m_val.end());
    }
    
    void get(std::string& v)
    {
        v.clear();
        v.insert(v.begin(), m_val.begin(), m_val.end());
    }
 
    void set(const std::vector<uint8_t>& v)
    {
        m_val = v;
    }
 
    void set(const std::vector<char>& v)
    {
        m_val.clear();
        m_val.insert(m_val.begin(), v.begin(), v.end());
    }
    
    void set(const std::string& v)
    {
        m_val.clear();
        m_val.insert(m_val.begin(), v.begin(), v.end());
    }
};
 
class DerTeletexString : public DerStringBase
{
public:
    DerTeletexString(uint8_t tag = DerBase::type_teletex_string) : DerStringBase(tag) {}
    virtual ~DerTeletexString() {}
    virtual std::string name() const { return "DerTeletexString"; }
};
 
class DerVisibleString : public DerStringBase
{
public:
    DerVisibleString(uint8_t tag = DerBase::type_visible_string) : DerStringBase(tag) {}
    virtual ~DerVisibleString() {}
    virtual std::string name() const { return "DerVisibleString"; }
};
 
class DerUniversalString : public DerStringBase
{
public:
    DerUniversalString(uint8_t tag = DerBase::type_universal_string) : DerStringBase(tag) {}
    virtual ~DerUniversalString() {}
    virtual std::string name() const { return "DerUniversalString"; }
};
 
class DerOctetString : public DerStringBase
{
public:
    DerOctetString(uint8_t tag = DerBase::type_octet_string) : DerStringBase(tag) {}
    virtual ~DerOctetString() {}
    virtual std::string name() const { return "DerOctetString"; }
};
 
class DerUtf8String : public DerStringBase
{
public:
    DerUtf8String(uint8_t tag = DerBase::type_utf8_string) : DerStringBase(tag) {}
    virtual ~DerUtf8String() {}
    virtual std::string name() const { return "DerUtf8String"; }
};
 
class DerPrintableString : public DerStringBase
{
public:
    DerPrintableString(uint8_t tag = DerBase::type_printable_string) : DerStringBase(tag) {}
    virtual ~DerPrintableString() {}
    virtual std::string name() const { return "DerPrintableString"; }
};
 
class DerIa5String : public DerStringBase
{
public:
    DerIa5String(uint8_t tag = DerBase::type_ia5_string) : DerStringBase(tag) {}
    virtual ~DerIa5String() {}
    virtual std::string name() const { return "DerIa5String"; }
};
 
class DerBmpString : public DerStringBase
{
public:
    DerBmpString(uint8_t tag = DerBase::type_bmp_string) : DerStringBase(tag) {}
    virtual ~DerBmpString() {}
    virtual std::string name() const { return "DerBmpString"; }
};
 
class DerInteger : public DerBase
{
    scc::crypto::Bignum m_bn;
public:
    DerInteger(uint8_t tag = DerBase::type_integer) : DerBase(tag) {}
    virtual ~DerInteger() {}        // Bignum memory is cleared on delete
 
    virtual void parse(const std::vector<uint8_t>&);
 
    virtual std::string data_str() const;
    virtual size_t len() const;
    virtual void dump_data(std::vector<char>&) const;
    virtual std::string name() const { return "DerInteger"; }
 
    scc::crypto::Bignum& data() { return m_bn; }
 
    void set(const scc::crypto::Bignum& bn) { m_bn = bn; }
};
 
class DerBitString : public DerBase, public BitString
{
public:
    DerBitString(uint8_t tag = DerBase::type_bit_string) : DerBase(tag) {}
    virtual ~DerBitString() {}
 
    virtual void parse(const std::vector<uint8_t>&);
 
    virtual std::string data_str() const;
    virtual size_t len() const;
    virtual void dump_data(std::vector<char>& v) const;
    virtual std::string name() const { return "DerBitString"; }
};
 
class DerDocument
{
    friend class X509Cert;
    BasePtr m_root;
protected:
    friend class X509Cert;
    SecVecUchar m_bin;
    void parse_bin();
    void dump_bin();
public:
    DerDocument() {}
    virtual ~DerDocument() {}
 
    DerDocument(const DerDocument&) = delete;               // copy not allowed
    DerDocument& operator=(const DerDocument&) = delete;    // copy not allowed
    DerDocument(DerDocument&& b)
    {
        m_root.reset(b.m_root.get());
        b.m_root.reset();
    }
    DerDocument& operator=(DerDocument&& b)
    {
        m_root.reset(b.m_root.get());
        b.m_root.reset();
        return *this;
    }
    
    bool equal(const DerDocument&) const;
 
    void dump_bin(std::vector<char>& v) const
    {
        v.clear();
        v.insert(v.end(), m_bin.begin(), m_bin.end());
    }
 
    static BasePtr parse_element(const std::vector<uint8_t>&, size_t = 0);
    
    static BasePtr parse_element(const std::vector<char>& v, size_t idx = 0)
    {
        std::vector<uint8_t> b(v.begin(), v.end());
        return parse_element(b, idx);
    }
 
    static void dump_element(const BasePtr&, std::vector<uint8_t>&);
    static void dump_element(const BasePtr& b, std::vector<char>& v)
    {
        SecVecUchar d;
        dump_element(b, d);
        v.insert(v.end(), d.begin(), d.end());
    }
 
    static std::string print_element(const BasePtr&, bool = false, const std::string& = " |");
 
    virtual void parse(const std::vector<char>&);
    
    virtual void parse(std::istream&);
 
    virtual void dump(std::vector<char>&);
    
    virtual void dump(std::ostream&);
 
    std::string str(bool = false) const;
 
    DerBase& root();
    
    BasePtr root_ptr() const { return m_root; }
    
    void clear()
    {
        m_root.reset();
    }
};
 
class PemDocument : public DerDocument
{
    unsigned m_chars_per_line;
    std::string m_label;
public:
    PemDocument(unsigned chars_per_line = 64) : DerDocument(), m_chars_per_line(chars_per_line) {}
    PemDocument(const std::string& label, unsigned chars_per_line = 64) : DerDocument(), m_chars_per_line(chars_per_line), m_label(label) {}
    virtual ~PemDocument() {}
 
    unsigned chars_per_line() const { return m_chars_per_line; }
    void chars_per_line(unsigned v) { m_chars_per_line = v; }
    std::string label() const { return m_label; }
    void label(std::string v) { m_label = v; }
 
    virtual void parse(std::istream&);
 
    virtual void parse(const std::vector<char>&);
 
    virtual void dump(std::vector<char>&);
    
    virtual void dump(std::ostream&);
};
 
}   // namespace
 
std::ostream& operator<<(std::ostream&, const scc::crypto::DerBase&);
std::ostream& operator<<(std::ostream&, const scc::crypto::DerDocument&);
std::ostream& operator<<(std::ostream&, const std::vector<uint32_t>&);
 
#endif