CryptX
view release on metacpan or search on metacpan
inc/CryptX_PK_DSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { dsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_DSA) croak("FATAL: pem_decode_pkcs decoded non-DSA key");
self->key = key_from_pem.u.dsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::DSA self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
unsigned char *data = NULL;
inc/CryptX_PK_DSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { dsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_DSA) croak("FATAL: pem_decode_openssh decoded non-DSA key");
self->key = key_from_pem.u.dsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_hex(Crypt::PK::DSA self, char *p, char *q, char *g, char *x, char *y)
PPCODE:
{
int rv;
unsigned char pbin[512], qbin[512], gbin[512], xbin[512], ybin[512];
inc/CryptX_PK_ECC.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_EC) croak("FATAL: pem_decode_pkcs decoded non-ECC key");
self->key = key_from_pem.u.ecc;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::ECC self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
unsigned char *data = NULL;
inc/CryptX_PK_ECC.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { ecc_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_EC) croak("FATAL: pem_decode_openssh decoded non-ECC key");
self->key = key_from_pem.u.ecc;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::ECC self, SV * key_data)
PPCODE:
{
int rv;
unsigned char *data=NULL;
inc/CryptX_PK_Ed25519.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_ED25519) croak("FATAL: pem_decode_pkcs decoded non-Ed25519 key");
self->key = key_from_pem.u.ed25519;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::Ed25519 self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
inc/CryptX_PK_Ed25519.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_ED25519) croak("FATAL: pem_decode_openssh decoded non-Ed25519 key");
self->key = key_from_pem.u.ed25519;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::Ed25519 self, SV * key_data)
PPCODE:
{
int rv;
inc/CryptX_PK_Ed448.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_ED448) croak("FATAL: pem_decode_pkcs decoded non-Ed448 key");
self->key = key_from_pem.u.ed448;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::Ed448 self, SV * key_data)
PPCODE:
{
int rv;
inc/CryptX_PK_RSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_RSA && key_from_pem.id != LTC_PKA_RSA_PSS) croak("FATAL: pem_decode_pkcs decoded non-RSA key");
self->key = key_from_pem.u.rsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_openssh(Crypt::PK::RSA self, SV * key_data, SV * passwd)
PPCODE:
{
int rv;
inc/CryptX_PK_RSA.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
if (self->key.type != -1) { rsa_free(&self->key); self->key.type = -1; }
if (SvOK(passwd)) {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_openssh(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_openssh failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_RSA && key_from_pem.id != LTC_PKA_RSA_PSS) croak("FATAL: pem_decode_openssh decoded non-RSA key");
self->key = key_from_pem.u.rsa;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::RSA self, SV * key_data)
PPCODE:
{
int rv;
unsigned char *data=NULL;
inc/CryptX_PK_X25519.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_X25519) croak("FATAL: pem_decode_pkcs decoded non-X25519 key");
self->key = key_from_pem.u.x25519;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::X25519 self, SV * key_data)
PPCODE:
{
int rv;
inc/CryptX_PK_X448.xs.inc view on Meta::CPAN
data = (unsigned char *)SvPVbyte(key_data, data_len);
self->initialized = 0;
if (SvOK(passwd)) {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, &pw_ctx);
}
else {
rv = pem_decode_pkcs(data, (unsigned long)data_len, &key_from_pem, NULL);
}
if (rv != CRYPT_OK) croak("FATAL: pem_decode_pkcs failed: %s", error_to_string(rv));
if (key_from_pem.id != LTC_PKA_X448) croak("FATAL: pem_decode_pkcs decoded non-X448 key");
self->key = key_from_pem.u.x448;
self->initialized = 1;
XPUSHs(ST(0)); /* return self */
}
void
_import_x509(Crypt::PK::X448 self, SV * key_data)
PPCODE:
{
int rv;
lib/Crypt/ASN1.pm view on Meta::CPAN
use Crypt::ASN1 qw(asn1_decode_der asn1_encode_der asn1_to_string);
# --- decode ---
my $tree = asn1_decode_der($der_bytes);
my $tree = asn1_decode_der($der_bytes, { int => 'hex', bin => 'hex' });
# --- inspect ---
print asn1_to_string($tree);
# --- encode a decoded tree ---
my $der2 = asn1_encode_der($tree);
# --- build from scratch ---
my $der = asn1_encode_der([{
type => 'SEQUENCE',
value => [
{ type => 'INTEGER', value => '42' },
{ type => 'BOOLEAN', value => 1 },
{ type => 'OID', value => '1.2.840.113549.1.1.11' },
{ type => 'UTF8_STRING', value => 'hello' },
lib/Crypt/ASN1.pm view on Meta::CPAN
=item C<type> (string, required)
The ASN.1 type name. Built-in values include:
BOOLEAN INTEGER NULL OID
OCTET_STRING BIT_STRING UTF8_STRING
PRINTABLE_STRING IA5_STRING TELETEX_STRING
UTCTIME GENERALIZEDTIME
SEQUENCE SET CUSTOM
The list above is not exhaustive for decoded input. If the decoder encounters
an ASN.1 tag that does not map to one of the built-in type names above, it is
returned as C<CUSTOM> with the appropriate C<class>, C<constructed>, and
C<tag> fields. This includes unsupported universal tags such as
C<ENUMERATED>, which decode as C<CUSTOM> with C<< class => "UNIVERSAL" >>.
=item C<value> (varies, required for most types)
The decoded value. Its Perl type depends on C<type> and sometimes on the
C<format> key -- see L</Per-type details> below.
=item C<format> (string, decoder sets it, encoder reads it)
Tells the encoder how the C<value> is represented so it can convert it back
to DER. Set automatically by the decoder; when building nodes from scratch
you may omit it -- the encoder then assumes the default representation for
each type.
=back
lib/Crypt/ASN1.pm view on Meta::CPAN
=item C<dt =E<gt> 'epoch'>
How to represent C<UTCTIME> and C<GENERALIZEDTIME> values. Default is an
RFC 3339 string (C<< format=>"rfc3339" >>).
C<'epoch'> gives a Unix timestamp integer (C<< format=>"epoch" >>).
This works reliably only on Perls with 64-bit integers; on 32-bit integer
Perls, large timestamps may overflow or lose precision.
=item C<oidmap =E<gt> \%map>
A hashref mapping dotted OID strings to friendly names. When a decoded
C<OID> node's value exists as a key in C<%map>, the node gets an additional
C<name> key with the mapped value. Does not affect encoding.
=back
=head2 asn1_decode_pem
my $tree = asn1_decode_pem($pem_string);
my $tree = asn1_decode_pem($pem_string, \%opts);
lib/Crypt/ASN1.pm view on Meta::CPAN
NULL:
...
BIT STRING:3082010a0282010100c242299a49420c21dcf9b957afcdc49... (2160 bit)
Binary values (C<OCTET_STRING>, C<BIT_STRING>, primitive C<CUSTOM>) are
shown as lowercase hex, truncated to 64 characters with C<...> for longer
values. C<BIT_STRING> additionally shows the bit count in parentheses.
C<OID> nodes that have a C<name> key (via C<oidmap>) show the name in
parentheses after the dotted value.
The function handles trees decoded with any combination of decode options
(C<int>, C<bin>, C<dt>).
=head1 SEE ALSO
L<CryptX>, L<Crypt::Misc>
=cut
src/ltc/hashes/sha3_test.c view on Meta::CPAN
{
int err;
hash_state md;
unsigned long offset;
unsigned long rem;
unsigned long count;
unsigned char input[1024] = {0};
unsigned char digest[64];
const char *expected_hex;
unsigned char expected_digest_bin[sizeof(digest)];
unsigned long decoded;
LTC_ARGCHK(testcase != NULL);
LTC_ARGCHK(testcase->bits_count == 128 || testcase->bits_count == 256);
LTC_ARGCHK(testcase->digest_bytes_count >= 1);
LTC_ARGCHK(testcase->expected_digest_hex && testcase->expected_digest_hex[0] != '\0');
LTC_ARGCHK(counter >= 0);
if ((err = turbo_shake_init(&md, testcase->bits_count)) != CRYPT_OK) return err;
offset = 0;
rem = testcase->input_bytes_count;
src/ltc/hashes/sha3_test.c view on Meta::CPAN
{
count = rem < sizeof(digest) ? rem : sizeof(digest);
if ((err = turbo_shake_done(&md, digest, count)) != CRYPT_OK) return err;
rem -= count;
}while(rem != 0);
rem = testcase->digest_bytes_count;
expected_hex = testcase->expected_digest_hex;
do
{
count = rem < sizeof(digest) ? rem : sizeof(digest);
decoded = count;
if ((err = base16_decode(expected_hex, count * 2, expected_digest_bin, &decoded)) != CRYPT_OK) return err;
if (decoded != (unsigned long)count) return CRYPT_ERROR;
if ((err = turbo_shake_done(&md, digest, count)) != CRYPT_OK) return err;
LTC_COMPARE_TESTVECTOR(digest, count, expected_digest_bin, count, "TurboSHAKE", counter);
rem -= count;
expected_hex += count * 2;
}while(rem != 0);
return CRYPT_OK;
}
#endif
#ifdef LTC_TURBO_SHAKE
src/ltc/hashes/sha3_test.c view on Meta::CPAN
{
int err;
hash_state md;
unsigned long offset;
unsigned long rem;
unsigned long count;
unsigned char input[1024] = {0};
unsigned char digest[64];
const char *expected_hex;
unsigned char expected_digest_bin[sizeof(digest)];
unsigned long decoded;
LTC_ARGCHK(testcase != NULL);
LTC_ARGCHK(testcase->bits_count == 128 || testcase->bits_count == 256);
LTC_ARGCHK(testcase->is_ptn == 0 || testcase->is_ptn == 1);
LTC_ARGCHK(testcase->digest_bytes_count >= 1);
LTC_ARGCHK(testcase->expected_digest_hex && testcase->expected_digest_hex[0] != '\0');
LTC_ARGCHK(counter >= 0);
if ((err = kangaroo_twelve_init(&md, testcase->bits_count)) != CRYPT_OK) return err;
offset = 0;
src/ltc/hashes/sha3_test.c view on Meta::CPAN
{
count = rem < sizeof(digest) ? rem : sizeof(digest);
if ((err = kangaroo_twelve_done(&md, digest, count)) != CRYPT_OK) return err;
rem -= count;
}while(rem != 0);
rem = testcase->digest_bytes_count;
expected_hex = testcase->expected_digest_hex;
do
{
count = rem < sizeof(digest) ? rem : sizeof(digest);
decoded = count;
if ((err = base16_decode(expected_hex, count * 2, expected_digest_bin, &decoded)) != CRYPT_OK) return err;
if (decoded != (unsigned long)count) return CRYPT_ERROR;
if ((err = kangaroo_twelve_done(&md, digest, count)) != CRYPT_OK) return err;
LTC_COMPARE_TESTVECTOR(digest, count, expected_digest_bin, count, "KangarooTwelve", counter);
rem -= count;
expected_hex += count * 2;
}while(rem != 0);
return CRYPT_OK;
}
#endif
#ifdef LTC_KANGAROO_TWELVE
src/ltc/headers/tomcrypt_custom.h view on Meta::CPAN
#endif
#endif
#if defined(LTC_PEM)
/* Size of the line-buffer */
#ifndef LTC_PEM_DECODE_BUFSZ
#define LTC_PEM_DECODE_BUFSZ 80
#elif LTC_PEM_DECODE_BUFSZ < 72
#error "LTC_PEM_DECODE_BUFSZ shall not be < 72 bytes"
#endif
/* Size of the decoded data buffer */
#ifndef LTC_PEM_READ_BUFSIZE
#ifdef LTC_FILE_READ_BUFSIZE
#define LTC_PEM_READ_BUFSIZE LTC_FILE_READ_BUFSIZE
#else
#define LTC_PEM_READ_BUFSIZE 4096
#endif
#endif
#if defined(LTC_SSH)
#define LTC_PEM_SSH
#endif
src/ltc/headers/tomcrypt_private.h view on Meta::CPAN
* EncryptedPrivateKeyInfo ::= SEQUENCE {
* encryptionAlgorithm EncryptionAlgorithmIdentifier,
* encryptedData EncryptedData }
* where:
* - EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
* - EncryptedData ::= OCTET STRING
*/
int pkcs8_decode_flexi(const unsigned char *in, unsigned long inlen,
const password_ctx *pw_ctx,
ltc_asn1_list **decoded_list);
int pkcs8_get_children(const ltc_asn1_list *decoded_list, enum ltc_oid_id *pka,
ltc_asn1_list **alg_id, ltc_asn1_list **priv_key);
#endif /* LTC_PKCS_8 */
#ifdef LTC_PKCS_12
int pkcs12_utf8_to_utf16(const unsigned char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen);
src/ltc/math/fp/ltc_ecc_fp_mulmod.c view on Meta::CPAN
}
/** Import a binary packet into the current cache
@param in [in] pointer to packet
@param inlen [in] size of packet (bytes)
@return CRYPT_OK if successful
*/
int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen)
{
int err;
ltc_asn1_list *decoded_list, *cur;
unsigned long num_entries, fp_entries, fp_lut;
unsigned long i, decoded_len;
unsigned int x;
LTC_ARGCHK(in != NULL);
if (inlen == 0) {
return CRYPT_INVALID_ARG;
}
decoded_list = NULL;
cur = NULL;
decoded_len = inlen;
LTC_MUTEX_LOCK(<c_ecc_fp_lock);
/*
* start with an empty cache
*/
s_ltc_ecc_fp_free_cache();
if ((err = der_decode_sequence_flexi(in, &decoded_len, &decoded_list)) != CRYPT_OK) {
goto ERR_OUT;
}
if (decoded_len != inlen) {
err = CRYPT_INVALID_PACKET;
goto ERR_OUT;
}
cur = decoded_list;
if (cur == NULL || cur->type != LTC_ASN1_SEQUENCE || cur->child == NULL || cur->next != NULL) {
err = CRYPT_INVALID_PACKET;
goto ERR_OUT;
}
cur = cur->child;
if (cur->type != LTC_ASN1_INTEGER) {
err = CRYPT_INVALID_PACKET;
goto ERR_OUT;
}
src/ltc/math/fp/ltc_ecc_fp_mulmod.c view on Meta::CPAN
}
cur = cur->next;
fp_cache[i].lru_count = 3;
fp_cache[i].lock = 1;
}
if (cur != NULL) {
err = CRYPT_INVALID_PACKET;
goto ERR_OUT;
}
der_sequence_free(decoded_list);
LTC_MUTEX_UNLOCK(<c_ecc_fp_lock);
return CRYPT_OK;
ERR_OUT:
if (decoded_list != NULL) {
der_sequence_free(decoded_list);
}
s_ltc_ecc_fp_free_cache();
LTC_MUTEX_UNLOCK(<c_ecc_fp_lock);
return err;
}
#endif
src/ltc/misc/base16/base16_decode.c view on Meta::CPAN
Based on https://stackoverflow.com/a/23898449
Adapted for libtomcrypt by Steffen Jaeckel
*/
#ifdef LTC_BASE16
/**
Base16 decode a string
@param in The Base16 string to decode
@param inlen The length of the Base16 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base16_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
unsigned long pos, out_len;
unsigned char idx0, idx1;
char in0, in1;
const unsigned char hashmap[] = {
src/ltc/misc/base32/base32_decode.c view on Meta::CPAN
/* SPDX-License-Identifier: Unlicense */
#include "tomcrypt_private.h"
#ifdef LTC_BASE32
/**
Base32 decode a buffer
@param in The Base32 data to decode
@param inlen The length of the Base32 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@param id Alphabet to use BASE32_RFC4648, BASE32_BASE32HEX, BASE32_ZBASE32 or BASE32_CROCKFORD
@return CRYPT_OK if successful
*/
int base32_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen,
base32_alphabet id)
{
unsigned long x;
int y = 0;
ulong64 t = 0;
src/ltc/misc/base64/base64_decode.c view on Meta::CPAN
}
*outlen = z;
return CRYPT_OK;
}
#if defined(LTC_BASE64)
/**
Dangerously relaxed base64 decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64, insane);
}
/**
Strict base64 decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64_strict_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64, strict);
}
/**
Sane base64 decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64_sane_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64, relaxed);
}
#endif /* LTC_BASE64 */
#if defined(LTC_BASE64_URL)
/**
Dangerously relaxed base64 (URL Safe, RFC 4648 section 5) decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64url_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, insane);
}
/**
Strict base64 (URL Safe, RFC 4648 section 5) decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64url_strict_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, strict);
}
/**
Sane base64 (URL Safe, RFC 4648 section 5) decode a block of memory
@param in The base64 data to decode
@param inlen The length of the base64 data
@param out [out] The destination of the binary decoded data
@param outlen [in/out] The max size and resulting size of the decoded data
@return CRYPT_OK if successful
*/
int base64url_sane_decode(const char *in, unsigned long inlen,
unsigned char *out, unsigned long *outlen)
{
return s_base64_decode_internal(in, inlen, out, outlen, map_base64url, relaxed);
}
#endif /* LTC_BASE64_URL */
#endif
src/ltc/misc/ssh/ssh_decode_sequence_multi.c view on Meta::CPAN
/**
@file ssh_decode_sequence_multi.c
SSH data type representation as per RFC4251, Russ Williams
*/
#ifdef LTC_SSH
/**
Decode a SSH sequence using a VA list
@param in The input buffer
@param inlen [in/out] The length of the input buffer and on output the amount of decoded data
@remark <...> is of the form <type, data*> (int, <unsigned char*,ulong32*,ulong64*>) except for string&name-list <type, data, size*> (int, void*, unsigned long*)
@return CRYPT_OK on success
*/
int ssh_decode_sequence_multi(const unsigned char *in, unsigned long *inlen, ...)
{
int err;
va_list args;
ssh_data_type type;
void *vdata;
unsigned char *cdata;
src/ltc/pk/asn1/der/custom_type/der_decode_custom_type.c view on Meta::CPAN
}
for (i = 0; i < (int)outlen; i++) {
if (list[i].used == 0 && list[i].optional == 0) {
err = CRYPT_INVALID_PACKET;
goto LBL_ERR;
}
}
if (blksize == x && seq_err == CRYPT_OK && inlen == 0) {
/* everything decoded and no errors in nested sequences */
err = CRYPT_OK;
} else if (blksize == x && seq_err == CRYPT_INPUT_TOO_LONG && inlen == 0) {
/* a sequence reported too-long input, but now we've decoded everything */
err = CRYPT_OK;
} else if (blksize != x && ((flags & LTC_DER_SEQ_STRICT) == LTC_DER_SEQ_STRICT)) {
err = CRYPT_INVALID_PACKET;
} else {
err = CRYPT_INPUT_TOO_LONG;
}
LBL_ERR:
if (in_new != NULL) {
XFREE(in_new);
src/ltc/pk/asn1/der/general/der_decode_asn1_identifier.c view on Meta::CPAN
/* 25 */
LTC_ASN1_PC_PRIMITIVE,
LTC_ASN1_PC_PRIMITIVE,
LTC_ASN1_PC_PRIMITIVE,
LTC_ASN1_PC_PRIMITIVE,
};
static const unsigned long tag_constructed_map_sz = LTC_ARRAY_SIZE(tag_constructed_map);
/**
Decode the ASN.1 Identifier
@param id Where to store the decoded Identifier
@param in Where to read the Identifier from
@param inlen [in/out] The size of in available/read
@return CRYPT_OK if successful
*/
int der_decode_asn1_identifier(const unsigned char *in, unsigned long *inlen, ltc_asn1_list *id)
{
ulong64 tmp;
unsigned long tag_len;
int err;
src/ltc/pk/asn1/der/general/der_decode_asn1_length.c view on Meta::CPAN
/**
@file der_decode_asn1_length.c
ASN.1 DER, decode the ASN.1 Length field, Steffen Jaeckel
*/
#ifdef LTC_DER
/**
Decode the ASN.1 Length field
@param in Where to read the length field from
@param inlen [in/out] The size of in available/read
@param outlen [out] The decoded ASN.1 length
@return CRYPT_OK if successful
*/
int der_decode_asn1_length_ex(const unsigned char *in, unsigned long *inlen, unsigned long *outlen, unsigned int flags)
{
unsigned long real_len, decoded_len, offset, i;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != NULL);
if (*inlen < 1) {
return CRYPT_BUFFER_OVERFLOW;
}
real_len = in[0];
if (real_len < 128) {
decoded_len = real_len;
offset = 1;
} else {
real_len &= 0x7F;
if (real_len == 0) {
return CRYPT_PK_ASN1_ERROR;
}
if (real_len > sizeof(decoded_len)) {
return CRYPT_OVERFLOW;
}
if (real_len > (*inlen - 1)) {
return CRYPT_BUFFER_OVERFLOW;
}
flags &= LTC_DER_SEQ_LEN_STRICT;
decoded_len = 0;
offset = 1 + real_len;
for (i = 0; i < real_len; i++) {
decoded_len = (decoded_len << 8) | in[1 + i];
if ((flags == LTC_DER_SEQ_LEN_STRICT) && (decoded_len == 0)) {
return CRYPT_PK_ASN1_ERROR;
}
}
if ((flags == LTC_DER_SEQ_LEN_STRICT) && (real_len == 1) && (decoded_len < 128)) {
return CRYPT_PK_ASN1_ERROR;
}
}
if (outlen != NULL) *outlen = decoded_len;
if (decoded_len > (*inlen - offset)) return CRYPT_OVERFLOW;
*inlen = offset;
return CRYPT_OK;
}
#endif
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
fprintf(stderr, "%s %02lx: hl=%4lu l=%4lu - %s[%s %llu] (%s)\n", errstr, identifier, data_offset, len, der_asn1_class_to_string_map[l->klass], der_asn1_pc_to_string_map[l->pc], l->tag, error_to_string(err));
} else {
fprintf(stderr, "%s %02lx: hl=%4lu l=%4lu - %s (%s)\n", errstr, identifier, data_offset, len, der_asn1_tag_to_string_map[l->tag], error_to_string(err));
}
}
#else
#define s_print_err(errstr, l, err, identifier, data_offset, len) LTC_UNUSED_PARAM(data_offset)
#endif
/**
ASN.1 DER Flexi(ble) decoder will decode arbitrary DER packets and create a linked list of the decoded elements.
@param in The input buffer
@param inlen [in/out] The length of the input buffer and on output the amount of decoded data
@param out [out] A pointer to the linked list
@param depth The depth/level of decoding recursion we've already reached
@return CRYPT_OK on success.
*/
static int s_der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out, unsigned long depth)
{
ltc_asn1_list *l;
int err;
unsigned long identifier, len, totlen, data_offset, id_len, len_len;
void *realloc_tmp;
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
}
break;
case 0x03: /* BIT */
if (l->type != LTC_ASN1_BIT_STRING) {
err = CRYPT_PK_ASN1_ERROR;
goto error;
}
/* init field */
l->size = len * 8; /* *8 because we store decoded bits one per char and they are encoded 8 per char. */
if ((l->data = XCALLOC(1, l->size)) == NULL) {
err = CRYPT_MEM;
goto error;
}
if ((err = der_decode_bit_string(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
goto error;
}
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
XMEMCPY(l->data, in, len);
l->size = len;
/* jump to the start of the data */
in += data_offset;
*inlen -= data_offset;
len -= data_offset;
/* save the decoded ASN.1 len */
len_len = len;
/* Sequence elements go as child */
if ((err = s_der_decode_sequence_flexi(in, &len, &(l->child), depth+1)) != CRYPT_OK) {
goto error;
}
if (len_len != len) {
err = CRYPT_PK_ASN1_ERROR;
goto error;
}
src/ltc/pk/asn1/der/sequence/der_decode_sequence_flexi.c view on Meta::CPAN
return CRYPT_OK;
error:
/* free list */
der_sequence_free(l);
return err;
}
/**
ASN.1 DER Flexi(ble) decoder will decode arbitrary DER packets and create a linked list of the decoded elements.
@param in The input buffer
@param inlen [in/out] The length of the input buffer and on output the amount of decoded data
@param out [out] A pointer to the linked list
@return CRYPT_OK on success.
*/
int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out)
{
return s_der_decode_sequence_flexi(in, inlen, out, 0);
}
#endif
src/ltc/pk/asn1/oid/pk_oid_cmp.c view on Meta::CPAN
if (XSTRCMP(o1, tmp) != 0) {
return CRYPT_PK_INVALID_TYPE;
}
return CRYPT_OK;
}
#ifdef LTC_DER
/*
Compare an OID string to an OID element decoded from ASN.1.
@return CRYPT_OK if equal
*/
int pk_oid_cmp_with_asn1(const char *o1, const ltc_asn1_list *o2)
{
if (o1 == NULL || o2 == NULL) return CRYPT_ERROR;
if (o2->type != LTC_ASN1_OBJECT_IDENTIFIER) return CRYPT_INVALID_ARG;
return pk_oid_cmp_with_ulong(o1, o2->data, o2->size);
}
src/ltc/pk/asn1/pkcs8/pkcs8_decode_flexi.c view on Meta::CPAN
#ifdef LTC_PKCS_8
/**
PKCS#8 decrypt if necessary & flexi-decode
@param in Pointer to the ASN.1 encoded input data
@param inlen Length of the input data
@param pwd Pointer to the password that was used when encrypting
@param pwdlen Length of the password
@param decoded_list Pointer to a pointer for the flexi-decoded list
@return CRYPT_OK on success
*/
int pkcs8_decode_flexi(const unsigned char *in, unsigned long inlen,
const password_ctx *pw_ctx,
ltc_asn1_list **decoded_list)
{
unsigned long len = inlen;
unsigned long dec_size;
unsigned char *dec_data = NULL;
ltc_asn1_list *l = NULL;
int err;
pbes_arg pbes;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(decoded_list != NULL);
XMEMSET(&pbes, 0, sizeof(pbes));
*decoded_list = NULL;
if ((err = der_decode_sequence_flexi(in, &len, &l)) == CRYPT_OK) {
/* the following "if" detects whether it is encrypted or not */
/* PKCS8 Setup
* 0:d=0 hl=4 l= 380 cons: SEQUENCE
* 4:d=1 hl=2 l= 78 cons: SEQUENCE
* 6:d=2 hl=2 l= 9 prim: OBJECT :OID indicating PBES1 or PBES2 (== *lalgoid)
* 17:d=2 hl=2 l= 65 cons: SEQUENCE
* Stuff in between is dependent on whether it's PBES1 or PBES2
* 84:d=1 hl=4 l= 296 prim: OCTET STRING :bytes (== encrypted data)
*/
src/ltc/pk/asn1/pkcs8/pkcs8_decode_flexi.c view on Meta::CPAN
err = CRYPT_MEM;
goto LBL_DONE;
}
if ((err = pbes_decrypt(&pbes, dec_data, &dec_size)) != CRYPT_OK) goto LBL_DONE;
der_free_sequence_flexi(l);
l = NULL;
err = der_decode_sequence_flexi(dec_data, &dec_size, &l);
if (err != CRYPT_OK) goto LBL_DONE;
*decoded_list = l;
}
else {
/* not encrypted */
err = CRYPT_OK;
*decoded_list = l;
}
/* Set l to NULL so it won't be free'd */
l = NULL;
}
LBL_DONE:
if (dec_data) {
zeromem(dec_data, dec_size);
XFREE(dec_data);
}
src/ltc/pk/asn1/pkcs8/pkcs8_get.c view on Meta::CPAN
/* SPDX-License-Identifier: Unlicense */
#include "tomcrypt_private.h"
/**
@file pkcs8_get.c
PKCS#8 utility functions
*/
#ifdef LTC_PKCS_8
int pkcs8_get_children(const ltc_asn1_list *decoded_list, enum ltc_oid_id *pka, ltc_asn1_list **alg_id, ltc_asn1_list **priv_key)
{
int err;
unsigned long n;
der_flexi_check flexi_should[4];
ltc_asn1_list *seq_l, *version;
LTC_ARGCHK(ltc_mp.name != NULL);
if (alg_id == NULL) alg_id = &seq_l;
/* Setup for basic structure */
n=0;
LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_INTEGER, &version);
LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_SEQUENCE, alg_id);
LTC_SET_DER_FLEXI_CHECK(flexi_should, n++, LTC_ASN1_OCTET_STRING, priv_key);
LTC_SET_DER_FLEXI_CHECK(flexi_should, n, LTC_ASN1_EOL, NULL);
err = der_flexi_sequence_cmp(decoded_list, flexi_should);
switch (err) {
case CRYPT_OK:
case CRYPT_INPUT_TOO_LONG:
/* If there are attributes added after the private_key it is tagged with version 1 and
* we get an 'input too long' error but the rest is already decoded and can be
* handled the same as for version 0
*/
if (ltc_mp_cmp_d(version->data, 0) != LTC_MP_EQ && ltc_mp_cmp_d(version->data, 1) != LTC_MP_EQ) {
return CRYPT_INVALID_PACKET;
}
break;
default:
return err;
}
return pk_get_oid_from_asn1((*alg_id)->child, pka);
src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c view on Meta::CPAN
@return CRYPT_OK on success,
CRYPT_NOP if no SubjectPublicKeyInfo was found,
another error if decoding or memory allocation failed
*/
int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned long inlen,
enum ltc_oid_id algorithm, ltc_asn1_type param_type,
ltc_asn1_list* parameters, unsigned long *parameters_len,
public_key_decode_cb callback, void *key)
{
int err;
ltc_asn1_list *decoded_list;
const ltc_asn1_list *spki;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != 0);
LTC_ARGCHK(callback != NULL);
if ((err = x509_decode_spki(in, inlen, &decoded_list, &spki)) != CRYPT_OK) {
return err;
}
err = x509_process_public_key_from_spki(spki->data, spki->size,
algorithm, param_type,
parameters, parameters_len,
callback, key);
if (decoded_list) der_free_sequence_flexi(decoded_list);
return err;
}
#endif
src/ltc/pk/asn1/x509/x509_decode_spki.c view on Meta::CPAN
&& ((l)->type == LTC_ASN1_SEQUENCE) \
&& ((l)->child != NULL) \
&& ((l)->child->type == LTC_ASN1_OBJECT_IDENTIFIER) \
&& ((l)->next != NULL) \
&& ((l)->next->type == LTC_ASN1_BIT_STRING)
/**
DER decode a X.509 certificate and return the SubjectPublicKeyInfo
@param in The input buffer
@param inlen The length of the input buffer
@param out [out] A pointer to the decoded linked list (you take ownership of this one and
`der_free_sequence_flexi()` it when you're done)
@param spki [out] A pointer to the SubjectPublicKeyInfo
@return CRYPT_OK on success, CRYPT_NOP if no SubjectPublicKeyInfo was found, another error if decoding failed
*/
int x509_decode_spki(const unsigned char *in, unsigned long inlen, ltc_asn1_list **out, const ltc_asn1_list **spki)
{
int err;
unsigned long tmp_inlen, n, element_is_spki;
ltc_asn1_list *decoded_list = NULL, *l;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != 0);
tmp_inlen = inlen;
if ((err = der_decode_sequence_flexi(in, &tmp_inlen, &decoded_list)) == CRYPT_OK) {
l = decoded_list;
err = CRYPT_NOP;
/* Move 2 levels up in the tree
SEQUENCE
SEQUENCE
...
*/
if ((l->type == LTC_ASN1_SEQUENCE) && (l->child != NULL)) {
l = l->child;
src/ltc/pk/asn1/x509/x509_decode_spki.c view on Meta::CPAN
for (n = 0; n < element_is_spki && l; ++n) {
l = l->next;
}
/* The additional check for l->data is there to make sure
* we won't try to decode a list that has been 'shrunk'
*/
if ((l != NULL)
&& (l->type == LTC_ASN1_SEQUENCE)
&& (l->data != NULL)
&& LOOKS_LIKE_SPKI(l->child)) {
*out = decoded_list;
*spki = l;
return CRYPT_OK;
}
}
}
}
if (decoded_list) der_free_sequence_flexi(decoded_list);
return err;
}
#endif
src/ltc/pk/rsa/rsa_import_x509.c view on Meta::CPAN
/**
Import an RSA key from a X.509 certificate
@param in The packet to import from
@param inlen It's length (octets)
@param key [out] Destination for newly imported key
@return CRYPT_OK if successful, upon error allocated memory is freed
*/
int rsa_import_x509(const unsigned char *in, unsigned long inlen, rsa_key *key)
{
ltc_asn1_list *decoded_list;
const ltc_asn1_list *spki;
int err;
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(key != NULL);
LTC_ARGCHK(ltc_mp.name != NULL);
/* init key */
if ((err = rsa_init(key)) != CRYPT_OK) {
return err;
}
/* First try to decode as SubjectPublicKeyInfo */
if (s_rsa_import_spki(in, inlen, key) == CRYPT_OK) {
key->type = PK_PUBLIC;
return CRYPT_OK;
}
/* Now try to extract the SubjectPublicKeyInfo from the Certificate */
if ((err = x509_decode_spki(in, inlen, &decoded_list, &spki)) != CRYPT_OK) {
rsa_free(key);
return err;
}
err = s_rsa_import_spki(spki->data, spki->size, key);
der_free_sequence_flexi(decoded_list);
if (err != CRYPT_OK) {
rsa_free(key);
return err;
}
key->type = PK_PUBLIC;
return CRYPT_OK;
}
#endif /* LTC_MRSA */
src/ltc/pk/rsa/rsa_verify_hash.c view on Meta::CPAN
/* get modulus len in bits */
modulus_bitlen = ltc_mp_count_bits( (key->N));
/* outlen must be at least the size of the modulus */
modulus_bytelen = ltc_mp_unsigned_bin_size( (key->N));
if (modulus_bytelen != siglen) {
return CRYPT_INVALID_PACKET;
}
/* allocate temp buffer for decoded sig */
tmpbuf = XMALLOC(siglen);
if (tmpbuf == NULL) {
return CRYPT_MEM;
}
/* RSA decode it */
x = siglen;
if ((err = ltc_mp.rsa_me(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) {
XFREE(tmpbuf);
return err;
src/ltc/pk/rsa/rsa_verify_hash.c view on Meta::CPAN
err = ltc_pkcs_1_pss_decode_mgf1(hash, hashlen, tmpbuf+1, x-1, params, modulus_bitlen, stat);
}
else{
err = ltc_pkcs_1_pss_decode_mgf1(hash, hashlen, tmpbuf, x, params, modulus_bitlen, stat);
}
} else {
/* PKCS #1 v1.5 decode it */
unsigned char *out;
unsigned long outlen;
int decoded;
/* allocate temp buffer for decoded hash */
outlen = ((modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0)) - 3;
out = XMALLOC(outlen);
if (out == NULL) {
err = CRYPT_MEM;
goto bail_2;
}
if ((err = ltc_pkcs_1_v1_5_decode(tmpbuf, x, LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) {
XFREE(out);
goto bail_2;
}
if (params->padding == LTC_PKCS_1_V1_5) {
unsigned long loid[16], reallen;
ltc_asn1_list digestinfo[2], siginfo[2];
/* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */
/* construct the SEQUENCE
( run in 2.640 seconds using v1.01-cache-2.11-cpan-f56aa216473 )