ECC-step1: ASN.1 changes required for future ECC enhancements

[karel-m]

[edited by @sjaeckel]

• documentation added/updated
• tests added/updated
• add tests for choice with custom-type
• add tests for custom-types with other types
• new/changed file headers fixed/updated
• re-work OID handling will be done later(c.f. ECC-step1: ASN.1 changes required for future ECC enhancements #309 (comment))

This breaks backwards compatibility as it removes LTC_ASN1_CONSTRUCTED and LTC_ASN1_CONTEXT_SPECIFIC which were somehow nonsense anyways...

Please review as there's some new code, biggest parts of the der_*_custom_type.c files are c&p from sequence.

If you don't like some of the naming feel free to propose something better!

All comments very welcome!

[sjaeckel]

I'd say unsigned char is inappropriate here as

1. 0 is a valid context-specific tag
2. tags can be longer than 1 byte (yes this is currently nowhere taken into account so I think it's the time now to do it better)

I think we have two possibilities now:

1. introduce a flags field that would then for now include Class and P/C of the ASN.1 identifier and optional of our implementation. Then have an unsigned long tag; which is taken into account when Class indicates a context-specific tag.
2. we can use one of the signed types where -1 indicates invalid/unused

[sjaeckel]

if we go for possibility 2 regarding the tag: How about starting to use <stdbool.h>? as this is clearly a boolean :-)

[sjaeckel]

most likely a dumb comment, but ... we're taking the optional flag here into account and this function is called as well from der_encode_sequence_ex() where it is used to determine if we would BOF but der_encode_sequence_ex() itself ignores the optional flag...

[sjaeckel]

this is a "private" function, just change the default signature and adapt all its invocations

[karel-m]

I would like to have also the following commit as a part of this PR 6bb9661

I am not sure if it is worth to rename couple of things here to be more correct e.g.

• enum public_key_algorithms > enum built_in_oids
• constants PKA_DSA > LTC_OID_DSA
• maybe pk_get_oid >der_get_oid
• but I am not sure

[sjaeckel]

I would like to have also the following commit as a part of this PR 6bb9661

I first thought why not, now I think this change belongs to #187 as this would add code here which isn't used anywhere yet.

I am not sure if it is worth to rename couple of things here to be more correct e.g.

enum public_key_algorithms > enum built_in_oids

I think we should keep it like that as long there's not really a need and it still kinda completely represents the functionality :)

constants PKA_DSA > LTC_OID_DSA

Do you see the need to make this public?

maybe pk_get_oid >der_get_oid

OID doesn't belong to DER, it's a general ASN.1 feature and it's spec'ed in X.660. As nobody knows X.660 (compared to X.509) I would propose to move src/misc/pk_get_oid.c to src/pk/asn1/oid/oid_XXX.c (oid_by_pka() for now?... and still keep it private...)

but I am not sure

me neither

[karel-m]

OK, let's solve OID stuff later. To move forward we should polish/finetune and merge this PR to develop.

[sjaeckel]

OK, let's solve OID stuff later. To move forward we should polish/finetune and merge this PR to develop.

yep, so let's get #335 ready and merged so we can finish this one

[karel-m]

@sjaeckel could you please rebase pr/ecc-asn1-part-minimal on the latest develop?

[sjaeckel]

@sjaeckel could you please rebase pr/ecc-asn1-part-minimal on the latest develop?

done, doc&some tests still missing but hopefully I'll finish that in the next days

[karel-m]

Thank you, I have also rebased other ECC branches so that now we have the following chain:

develop > pr/ecc-asn1-part-minimal (AKA ECC-step1 #309) > pr/ecc-non-asn1-part (AKA ECC-step2 #236) > pr/ecc-asn1-part (AKA ECC-step-3 #187)

I still need to adjust the new import/export functions in "ECC-step-3 #187" to your new API (I mean ecc_import_openssl, ecc_export_openssl and ecc_import_pkcs8).

[sjaeckel]

That should be it, please feel free to review.

[karel-m]

@sjaeckel the following simple ASN1 sequence somehow confuses der_decode_sequence (crash).

void *x, *y;
ltc_asn1_list seq[2];
unsigned char der[] = {
  0x30,0x41,0x02,0x84,0x7f,0xff,0xff,0xff,0x1e,0x41,0xb4,0x79,0xad,0x57,0x69,
  0x05,0xb9,0x60,0xfe,0x14,0xea,0xdb,0x91,0xb0,0xcc,0xf3,0x48,0x43,0xda,0xb9,
  0x16,0x17,0x3b,0xb8,0xc9,0xcd,0x02,0x1d,0x00,0xad,0xe6,0x59,0x88,0xd2,0x37,
  0xd3,0x0f,0x9e,0xf4,0x1d,0xd4,0x24,0xa4,0xe1,0xc8,0xf1,0x69,0x67,0xcf,0x33,
  0x65,0x81,0x3f,0xe8,0x78,0x62,0x36
};
mp_init_multi(&x, &y, NULL);
LTC_SET_ASN1(seq, 0, LTC_ASN1_INTEGER, x, 1UL);
LTC_SET_ASN1(seq, 1, LTC_ASN1_INTEGER, y, 1UL);
der_decode_sequence(der, sizeof(der), seq, 2);

[karel-m]

What about to simplify this:

LTC_SET_ASN1(&ecparam, 0, LTC_ASN1_OBJECT_IDENTIFIER, dp.oid, dp.oidlen);
LTC_SET_ASN1(&pub_xy,  0, LTC_ASN1_RAW_BIT_STRING, bin_xy,    len_xy);
LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER,  &one,      1);
LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING,   bin_k,     len_k);
LTC_SET_ASN1(seq_priv, 2, LTC_ASN1_CUSTOM_TYPE,    &ecparams, 1);
LTC_SET_ASN1(seq_priv, 3, LTC_ASN1_CUSTOM_TYPE,    &pub_xy,   1);
LTC_SET_ASN1_IDENTIFIER(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, LTC_ASN1_PC_CONSTRUCTED, 0);
LTC_SET_ASN1_IDENTIFIER(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, LTC_ASN1_PC_CONSTRUCTED, 1);

to something like:

LTC_SET_ASN1       (seq_priv, 0, LTC_ASN1_SHORT_INTEGER,  &one,      1);
LTC_SET_ASN1       (seq_priv, 1, LTC_ASN1_OCTET_STRING,   bin_k,     len_k);
LTC_SET_ASN1_CUSTOM(seq_priv, 2, LTC_ASN1_OBJECT_IDENTIFIER, dp.oid, dp.oidlen, &ecparam, LTC_ASN1_CL_CONTEXT_SPECIFIC, LTC_ASN1_PC_CONSTRUCTED, 0);
LTC_SET_ASN1_CUSTOM(seq_priv, 3, LTC_ASN1_RAW_BIT_STRING, bin_xy, len_xy, &pub_xy, LTC_ASN1_CL_CONTEXT_SPECIFIC, LTC_ASN1_PC_CONSTRUCTED, 1);

I would also prefer shorter names for macros/constants (e.g. LTC_ASN1_CL_CONTEXT_SPECIFIC, LTC_ASN1_PC_CONSTRUCTED)

[sjaeckel]

@sjaeckel the following simple ASN1 sequence somehow confuses der_decode_sequence (crash).

I'll have a look into the crash, that shouldn't happen, but even dumpasn1 hangs in an endless loop when trying to decode this and openssl asn1parse errors-out...

I would also prefer shorter names for macros/constants (e.g. LTC_ASN1_CL_CONTEXT_SPECIFIC, LTC_ASN1_PC_CONSTRUCTED)

proposals? TBH I prefer speaking macros/enum names instead of cryptic abbreviations, but probably someone else can come up with something better... and regarding the length... well auto-completion does the typing for me in these cases...

regarding LTC_SET_ASN1_CUSTOM - I'll add that