Adding TLS 1.2 Support to Your TLS Library - Implementing SSL/TLS Using Cryptography and PKI

Cryptography Reference

In-Depth Information

Listing 9-32: “x509.h” ecdsa algorithm identifi er

typedef enum

{

md5WithRSAEncryption,

shaWithRSAEncryption,

shaWithDSA,

sha256WithECDSA

}

signatureAlgorithmIdentifier;

Listing 9-33: “x509.c” parse_algorithm_identifi er with ECDSA support

static const unsigned char OID_md5WithRSA[] =

{ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04 };

static const unsigned char OID_sha1WithRSA[] =

{ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05 };

static const unsigned char OID_sha1WithDSA[] =

{ 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x03 };

static const unsigned char OID_sha256WithECDSA[] =

{ 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02 };

static int parse_algorithm_identifier( signatureAlgorithmIdentifier *target,

struct asn1struct *source )

{

struct asn1struct *oid = ( struct asn1struct * ) source->children;

...

else if ( !memcmp( oid->data, OID_sha256WithECDSA, oid->length ) )

{

*target = sha256WithECDSA;

}

As you can see, there's nothing particularly complex or surprising here; you

just recognize a new OID.

Although parsing the public key is not necessarily complex, it's odd in the

context of ASN.1. An RSA public key is a bit-string representation of two numbers

n and e , both given in an ASN.1 structure, and both properly ASN.1 encoded

with a tag and a length. A DSA public key is similarly encoded as a bit string

representation of ASN.1 encoded data. An ECDSA key, however, is not. Although

the public key is an ASN.1 bit string, it's not an ASN.1 encoded structure, but a

different, incompatible ASNI X9.62 encoded structure. This was probably done

for compatibility with existing software, or perhaps it was done in the IETF's

ongoing quest to ensure that every specifi cation ever written for any purpose

is somehow relevant to TLS.

Fortunately, the X9.62 structure — at least in the context of an ECDSA public

key — isn't too hard to parse. The fi rst byte is an identifi er whose value is either

3, meaning compressed , or 4, meaning uncompressed . An uncompressed ECC point

lists the x and y values back-to-back with no delimiter or length declaration.

Implementing SSL/TLS Using Cryptography and PKI

Search WWH ::

Custom Search

Home