WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Add WOLFTPM2_NO_ASN and move doc to a header file

pull/404/head
Tesfa Mael 2025-03-04 14:09:46 -08:00
parent 63385223ca
commit bb5eeb8976
2 changed files with 69 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
src/tpm2_asn.c
View File

@ -19,6 +19,7 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/ */
#ifndef WOLFTPM2_NO_ASN
#ifdef HAVE_CONFIG_H #ifdef HAVE_CONFIG_H
#include <config.h> #include <config.h>
#endif #endif
@ -28,17 +29,7 @@
#ifndef WOLFTPM2_NO_WRAPPER #ifndef WOLFTPM2_NO_WRAPPER
/*! int TPM2_ASN_GetLength_ex(const uint8_t* input, word32* inOutIdx, int* len,
\ingroup ASN
\brief Decodes ASN.1 length with optional length checking
\param input Buffer containing ASN.1 data
\param inOutIdx Current position in buffer, updated to new position
\param len Decoded length value
\param maxIdx Maximum allowed index in buffer
\param check Flag to enable length validation
\return Length on success, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_GetLength_ex(const uint8_t* input, word32* inOutIdx, int* len,
word32 maxIdx, int check) word32 maxIdx, int check)
{ {
int length = 0; int length = 0;
@ -76,16 +67,7 @@ WOLFTPM_API int TPM2_ASN_GetLength_ex(const uint8_t* input, word32* inOutIdx, in
return length; return length;
} }
/*! int TPM2_ASN_GetLength(const uint8_t* input, word32* inOutIdx, int* len,
\ingroup ASN
\brief Decodes ASN.1 length with length checking enabled
\param input Buffer containing ASN.1 data
\param inOutIdx Current position in buffer, updated to new position
\param len Decoded length value
\param maxIdx Maximum allowed index in buffer
\return Length on success, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_GetLength(const uint8_t* input, word32* inOutIdx, int* len,
word32 maxIdx) word32 maxIdx)
{ {
return TPM2_ASN_GetLength_ex(input, inOutIdx, len, maxIdx, 1); return TPM2_ASN_GetLength_ex(input, inOutIdx, len, maxIdx, 1);
@ -123,17 +105,7 @@ static int TPM2_ASN_GetHeader(const uint8_t* input, byte tag, word32* inOutIdx,
return length; return length;
} }
/*! int TPM2_ASN_DecodeTag(const uint8_t* input, int inputSz,
\ingroup ASN
\brief Decodes ASN.1 tag and validates length
\param input Buffer containing ASN.1 data
\param inputSz Size of input buffer
\param inOutIdx Current position in buffer, updated to new position
\param tag_len Decoded length value
\param tag Expected ASN.1 tag value
\return 0 on success, TPM_RC_INSUFFICIENT on buffer error, TPM_RC_VALUE on tag mismatch
*/
WOLFTPM_API int TPM2_ASN_DecodeTag(const uint8_t* input, int inputSz,
int* inOutIdx, int* tag_len, uint8_t tag) int* inOutIdx, int* tag_len, uint8_t tag)
{ {
word32 idx = *inOutIdx; word32 idx = *inOutIdx;
@ -145,14 +117,7 @@ WOLFTPM_API int TPM2_ASN_DecodeTag(const uint8_t* input, int inputSz,
return rc; return rc;
} }
/*! int TPM2_ASN_RsaDecodeSignature(uint8_t** pInput, int inputSz)
\ingroup ASN
\brief Decodes RSA signature from ASN.1 format
\param pInput Pointer to buffer containing ASN.1 encoded RSA signature
\param inputSz Size of input buffer
\return Size of decoded signature on success, TPM_RC_VALUE on invalid input, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_RsaDecodeSignature(uint8_t** pInput, int inputSz)
{ {
int rc; int rc;
uint8_t* input = *pInput; uint8_t* input = *pInput;
@ -176,14 +141,7 @@ WOLFTPM_API int TPM2_ASN_RsaDecodeSignature(uint8_t** pInput, int inputSz)
return rc; return rc;
} }
/*! int TPM2_ASN_DecodeX509Cert(uint8_t* input, int inputSz,
\brief Decodes an X.509 certificate
\param input Buffer containing ASN.1 encoded X.509 certificate
\param inputSz Size of input buffer
\param x509 Structure to store decoded certificate data
\return 0 on success, TPM_RC_VALUE on invalid input, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_DecodeX509Cert(uint8_t* input, int inputSz,
DecodedX509* x509) DecodedX509* x509)
{ {
int rc; int rc;
@ -307,15 +265,7 @@ WOLFTPM_API int TPM2_ASN_DecodeX509Cert(uint8_t* input, int inputSz,
return TPM_RC_SUCCESS; return TPM_RC_SUCCESS;
} }
/*! int TPM2_ASN_DecodeRsaPubKey(uint8_t* input, int inputSz,
\ingroup ASN
\brief Decodes RSA public key from ASN.1 format into TPM2B_PUBLIC structure
\param input Buffer containing ASN.1 encoded RSA public key
\param inputSz Size of input buffer
\param pub TPM2B_PUBLIC structure to store decoded key
\return 0 on success, TPM_RC_VALUE on invalid input, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_DecodeRsaPubKey(uint8_t* input, int inputSz,
TPM2B_PUBLIC* pub) TPM2B_PUBLIC* pub)
{ {
int rc; int rc;
@ -359,14 +309,7 @@ WOLFTPM_API int TPM2_ASN_DecodeRsaPubKey(uint8_t* input, int inputSz,
return rc; return rc;
} }
/*! int TPM2_ASN_RsaUnpadPkcsv15(uint8_t** pSig, int* sigSz)
\ingroup ASN
\brief Removes PKCS#1 v1.5 padding from RSA signature
\param pSig Pointer to buffer containing padded signature, updated to point to unpadded data
\param sigSz Size of signature buffer, updated with unpadded size
\return 0 on success, TPM_RC_VALUE on invalid padding
*/
WOLFTPM_API int TPM2_ASN_RsaUnpadPkcsv15(uint8_t** pSig, int* sigSz)
{ {
int rc = -1; int rc = -1;
uint8_t* sig = *pSig; uint8_t* sig = *pSig;
@ -388,3 +331,4 @@ WOLFTPM_API int TPM2_ASN_RsaUnpadPkcsv15(uint8_t** pSig, int* sigSz)
} }
#endif /* !WOLFTPM2_NO_WRAPPER */ #endif /* !WOLFTPM2_NO_WRAPPER */
#endif /* !WOLFTPM2_NO_ASN */

61
wolftpm/tpm2_asn.h
View File

@ -29,6 +29,7 @@
#include <wolftpm/tpm2.h> #include <wolftpm/tpm2.h>
#include <wolftpm/tpm2_types.h> #include <wolftpm/tpm2_types.h>
#ifndef WOLFTPM2_NO_ASN
#ifndef WOLFTPM2_NO_WRAPPER #ifndef WOLFTPM2_NO_WRAPPER
#ifdef __cplusplus #ifdef __cplusplus
@ -75,14 +76,72 @@ typedef struct DecodedX509 {
} DecodedX509; } DecodedX509;
/* ASN.1 Decoder Functions */ /* ASN.1 Decoder Functions */
/*!
\ingroup ASN
\brief Decodes ASN.1 length with length checking enabled
\param input Buffer containing ASN.1 data
\param inOutIdx Current position in buffer, updated to new position
\param len Decoded length value
\param maxIdx Maximum allowed index in buffer
\return Length on success, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_GetLength(const uint8_t* input, word32* inOutIdx, int* len, WOLFTPM_API int TPM2_ASN_GetLength(const uint8_t* input, word32* inOutIdx, int* len,
word32 maxIdx); word32 maxIdx);
/*!
\ingroup ASN
\brief Decodes ASN.1 length with optional length checking
\param input Buffer containing ASN.1 data
\param inOutIdx Current position in buffer, updated to new position
\param len Decoded length value
\param maxIdx Maximum allowed index in buffer
\param check Flag to enable length validation
\return Length on success, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_GetLength_ex(const uint8_t* input, word32* inOutIdx, int* len, WOLFTPM_API int TPM2_ASN_GetLength_ex(const uint8_t* input, word32* inOutIdx, int* len,
word32 maxIdx, int check); word32 maxIdx, int check);
/*!
\ingroup ASN
\brief Decodes ASN.1 tag and validates length
\param input Buffer containing ASN.1 data
\param inputSz Size of input buffer
\param inOutIdx Current position in buffer, updated to new position
\param tag_len Decoded length value
\param tag Expected ASN.1 tag value
\return 0 on success, TPM_RC_INSUFFICIENT on buffer error, TPM_RC_VALUE on tag mismatch
*/
WOLFTPM_API int TPM2_ASN_DecodeTag(const uint8_t* input, int inputSz, int* inOutIdx, int* tag_len, uint8_t tag); WOLFTPM_API int TPM2_ASN_DecodeTag(const uint8_t* input, int inputSz, int* inOutIdx, int* tag_len, uint8_t tag);
/*!
\ingroup ASN
\brief Decodes RSA signature from ASN.1 format
\param pInput Pointer to buffer containing ASN.1 encoded RSA signature
\param inputSz Size of input buffer
\return Size of decoded signature on success, TPM_RC_VALUE on invalid input, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_RsaDecodeSignature(uint8_t** pInput, int inputSz); WOLFTPM_API int TPM2_ASN_RsaDecodeSignature(uint8_t** pInput, int inputSz);
/*!
\brief Decodes an X.509 certificate
\param input Buffer containing ASN.1 encoded X.509 certificate
\param inputSz Size of input buffer
\param x509 Structure to store decoded certificate data
\return 0 on success, TPM_RC_VALUE on invalid input, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_DecodeX509Cert(uint8_t* input, int inputSz, DecodedX509* x509); WOLFTPM_API int TPM2_ASN_DecodeX509Cert(uint8_t* input, int inputSz, DecodedX509* x509);
/*!
\ingroup ASN
\brief Decodes RSA public key from ASN.1 format into TPM2B_PUBLIC structure
\param input Buffer containing ASN.1 encoded RSA public key
\param inputSz Size of input buffer
\param pub TPM2B_PUBLIC structure to store decoded key
\return 0 on success, TPM_RC_VALUE on invalid input, TPM_RC_INSUFFICIENT on buffer error
*/
WOLFTPM_API int TPM2_ASN_DecodeRsaPubKey(uint8_t* input, int inputSz, TPM2B_PUBLIC* pub); WOLFTPM_API int TPM2_ASN_DecodeRsaPubKey(uint8_t* input, int inputSz, TPM2B_PUBLIC* pub);
/*!
\ingroup ASN
\brief Removes PKCS#1 v1.5 padding from RSA signature
\param pSig Pointer to buffer containing padded signature, updated to point to unpadded data
\param sigSz Size of signature buffer, updated with unpadded size
\return 0 on success, TPM_RC_VALUE on invalid padding
*/
WOLFTPM_API int TPM2_ASN_RsaUnpadPkcsv15(uint8_t** pSig, int* sigSz); WOLFTPM_API int TPM2_ASN_RsaUnpadPkcsv15(uint8_t** pSig, int* sigSz);
#ifdef __cplusplus #ifdef __cplusplus
@ -90,5 +149,5 @@ WOLFTPM_API int TPM2_ASN_RsaUnpadPkcsv15(uint8_t** pSig, int* sigSz);
#endif #endif
#endif /* !WOLFTPM2_NO_WRAPPER */ #endif /* !WOLFTPM2_NO_WRAPPER */
#endif /* !WOLFTPM2_NO_ASN */
#endif /* WOLFTPM_TPM2_ASN_H */ #endif /* WOLFTPM_TPM2_ASN_H */