acme_client_jose.c
Go to the documentation of this file.
1 /**
2  * @file acme_client_jose.c
3  * @brief JOSE (JSON Object Signing and Encryption)
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2019-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneACME Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.5.0
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL ACME_TRACE_LEVEL
33 
34 //Dependencies
35 #include "acme/acme_client.h"
36 #include "acme/acme_client_jose.h"
37 #include "encoding/base64url.h"
38 #include "jansson.h"
39 #include "jansson_private.h"
40 #include "debug.h"
41 
42 //Check TCP/IP stack configuration
43 #if (ACME_CLIENT_SUPPORT == ENABLED)
44 
45 
46 /**
47  * @brief Export an RSA public key to JWK format
48  * @param[in] publicKey RSA public key
49  * @param[out] buffer Output buffer where to store the JSON representation
50  * @param[out] written Length of the resulting JSON representation
51  * @param[in] sort Sort members of the JWK representation in lexicographic order
52  * @return Error code
53  **/
54 
55 error_t jwkExportRsaPublicKey(const RsaPublicKey *publicKey, char_t *buffer,
56  size_t *written, bool_t sort)
57 {
58 #if (ACME_CLIENT_RSA_SUPPORT == ENABLED)
59  error_t error;
60  int_t ret;
61  size_t n;
62  uint_t flags;
63  char_t *s;
64  json_t *rootObj;
65 
66  //Initialize status code
67  error = NO_ERROR;
68 
69  //Initialize variables
70  ret = 0;
71  s = NULL;
72 
73  //Initialize JSON object
74  rootObj = json_object();
75 
76  //Start of exception handling block
77  do
78  {
79  //The "kty" (key type) parameter identifies the cryptographic algorithm
80  //family used with the key (refer to RFC 7517, section 4.1)
81  ret = json_object_set_new(rootObj, "kty", json_string("RSA"));
82  //Any error to report?
83  if(ret != 0)
84  break;
85 
86  //The octet sequence must utilize the minimum number of octets to
87  //represent the RSA modulus (refer to RFC 7518, section 6.3.1.1)
88  n = mpiGetByteLength(&publicKey->n);
89 
90  //Convert the RSA modulus to an octet string
91  error = mpiExport(&publicKey->n, (uint8_t *) buffer, n,
92  MPI_FORMAT_BIG_ENDIAN);
93  //Any error to report?
94  if(error)
95  break;
96 
97  //Integers are represented using the base64url encoding of their
98  //big-endian representations
99  base64urlEncode(buffer, n, buffer, &n);
100 
101  //Format "n" parameter
102  ret = json_object_set_new(rootObj, "n", json_string(buffer));
103  //Any error to report?
104  if(ret != 0)
105  break;
106 
107  //Retrieve the length of the RSA public exponent
108  n = mpiGetByteLength(&publicKey->e);
109 
110  //Convert the RSA public exponent to an octet string
111  error = mpiExport(&publicKey->e, (uint8_t *) buffer, n,
112  MPI_FORMAT_BIG_ENDIAN);
113  //Any error to report?
114  if(error)
115  break;
116 
117  //Integers are represented using the base64url encoding of their
118  //big-endian representations
119  base64urlEncode(buffer, n, buffer, &n);
120 
121  //Format "e" parameter
122  ret = json_object_set_new(rootObj, "e", json_string(buffer));
123  //Any error to report?
124  if(ret != 0)
125  break;
126 
127  //If this sort parameter is set, all the keys of the JWK representation
128  //are sorted in lexicographic order
129  flags = sort ? (JSON_COMPACT | JSON_SORT_KEYS) : JSON_COMPACT;
130 
131  //Generate the JSON representation of the JWK object
132  s = json_dumps(rootObj, flags);
133 
134  //End of exception handling block
135  } while(0);
136 
137  //Valid JSON representation?
138  if(s != NULL)
139  {
140  //Copy JSON string
141  osStrcpy(buffer, s);
142  //Total number of bytes that have been written
143  *written = osStrlen(s);
144 
145  //Release JSON string
146  jsonp_free(s);
147  }
148  else
149  {
150  //Report an error
151  error = ERROR_FAILURE;
152  }
153 
154  //Release JSON object
155  json_decref(rootObj);
156 
157  //Return status code
158  return error;
159 #else
160  //Not implemented
161  return ERROR_NOT_IMPLEMENTED;
162 #endif
163 }
164 
165 
166 /**
167  * @brief Export an EC public key to JWK format
168  * @param[in] publicKey EC public key
169  * @param[out] buffer Output buffer where to store the JSON representation
170  * @param[out] written Length of the resulting JSON representation
171  * @param[in] sort Sort members of the JWK representation in lexicographic order
172  * @return Error code
173  **/
174 
175 error_t jwkExportEcPublicKey(const EcPublicKey *publicKey, char_t *buffer,
176  size_t *written, bool_t sort)
177 {
178 #if (ACME_CLIENT_ECDSA_SUPPORT == ENABLED)
179  error_t error;
180  int_t ret;
181  size_t n;
182  uint_t flags;
183  char_t *s;
184  const char_t *crv;
185  json_t *rootObj;
186 
187  //Initialize status code
188  error = NO_ERROR;
189 
190  //Initialize variables
191  ret = 0;
192  s = NULL;
193 
194  //Initialize JSON object
195  rootObj = json_object();
196 
197  //Start of exception handling block
198  do
199  {
200  //Invalid elliptic curve?
201  if(publicKey->curve == NULL)
202  break;
203 
204  //The "kty" (key type) parameter identifies the cryptographic algorithm
205  //family used with the key (refer to RFC 7517, section 4.1)
206  ret = json_object_set_new(rootObj, "kty", json_string("EC"));
207  //Any error to report?
208  if(ret != 0)
209  break;
210 
211  //The "crv" (curve) parameter identifies the cryptographic curve used
212  //with the key (refer to RFC 7518, section 6.2.1.1)
213  if(osStrcmp(publicKey->curve->name, "secp256r1") == 0)
214  {
215  //Select NIST P-256 elliptic curve
216  crv = "P-256";
217  }
218  else if(osStrcmp(publicKey->curve->name, "secp384r1") == 0)
219  {
220  //Select NIST P-384 elliptic curve
221  crv = "P-384";
222  }
223  else if(osStrcmp(publicKey->curve->name, "secp521r1") == 0)
224  {
225  //Select NIST P-521 elliptic curve
226  crv = "P-521";
227  }
228  else
229  {
230  //Report an error
231  break;
232  }
233 
234  //Format "crv" parameter
235  ret |= json_object_set_new(rootObj, "crv", json_string(crv));
236  //Any error to report?
237  if(ret != 0)
238  break;
239 
240  //The length of the "x" octet string must be the full size of the
241  //x-coordinate for the curve specified in the "crv" parameter (refer
242  //to RFC 7518, section 6.2.1.2)
243  error = ecExportPublicKey(publicKey, (uint8_t *) buffer, &n,
244  EC_PUBLIC_KEY_FORMAT_RAW_X);
245  //Any error to report?
246  if(error)
247  break;
248 
249  //Integers are represented using the base64url encoding of their
250  //big-endian representations
251  base64urlEncode(buffer, n, buffer, &n);
252 
253  //Format "x" parameter
254  ret = json_object_set_new(rootObj, "x", json_string(buffer));
255  //Any error to report?
256  if(ret != 0)
257  break;
258 
259  //The length of the "y" octet string must be the full size of the
260  //y-coordinate for the curve specified in the "crv" parameter (refer
261  //to RFC 7518, section 6.2.1.3)
262  error = ecExportPublicKey(publicKey, (uint8_t *) buffer, &n,
263  EC_PUBLIC_KEY_FORMAT_RAW_Y);
264  //Any error to report?
265  if(error)
266  break;
267 
268  //Integers are represented using the base64url encoding of their
269  //big-endian representations
270  base64urlEncode(buffer, n, buffer, &n);
271 
272  //Format "y" parameter
273  ret = json_object_set_new(rootObj, "y", json_string(buffer));
274  //Any error to report?
275  if(ret != 0)
276  break;
277 
278  //If this sort parameter is set, all the keys of the JWK representation
279  //are sorted in lexicographic order
280  flags = sort ? (JSON_COMPACT | JSON_SORT_KEYS) : JSON_COMPACT;
281 
282  //Generate the JSON representation of the JWK object
283  s = json_dumps(rootObj, flags);
284 
285  //End of exception handling block
286  } while(0);
287 
288  //Valid JSON representation?
289  if(s != NULL)
290  {
291  //Copy JSON string
292  osStrcpy(buffer, s);
293  //Total number of bytes that have been written
294  *written = osStrlen(s);
295 
296  //Release JSON string
297  jsonp_free(s);
298  }
299  else
300  {
301  //Report an error
302  error = ERROR_FAILURE;
303  }
304 
305  //Release JSON object
306  json_decref(rootObj);
307 
308  //Return status code
309  return error;
310 #else
311  //Not implemented
312  return ERROR_NOT_IMPLEMENTED;
313 #endif
314 }
315 
316 
317 /**
318  * @brief Export an EdDSA public key to JWK format
319  * @param[in] publicKey EdDSA public key
320  * @param[out] buffer Output buffer where to store the JSON representation
321  * @param[out] written Length of the resulting JSON representation
322  * @param[in] sort Sort members of the JWK representation in lexicographic order
323  * @return Error code
324  **/
325 
326 error_t jwkExportEddsaPublicKey(const EddsaPublicKey *publicKey, char_t *buffer,
327  size_t *written, bool_t sort)
328 {
329 #if (ACME_CLIENT_ED25519_SUPPORT == ENABLED || \
330  ACME_CLIENT_ED448_SUPPORT == ENABLED)
331  error_t error;
332  int_t ret;
333  size_t n;
334  uint_t flags;
335  char_t *s;
336  const char_t *crv;
337  json_t *rootObj;
338 
339  //Initialize status code
340  error = NO_ERROR;
341 
342  //Initialize variables
343  ret = 0;
344  s = NULL;
345 
346  //Initialize JSON object
347  rootObj = json_object();
348 
349  //Start of exception handling block
350  do
351  {
352  //Invalid elliptic curve?
353  if(publicKey->curve == NULL)
354  break;
355 
356  //The parameter "kty" must be "OKP" (refer to RFC 8037, section 2)
357  ret = json_object_set_new(rootObj, "kty", json_string("OKP"));
358  //Any error to report?
359  if(ret != 0)
360  break;
361 
362  //The parameter "crv" must be present and contain the subtype of the key
363  if(osStrcmp(publicKey->curve->name, "Ed25519") == 0)
364  {
365  //Select Ed25519 elliptic curve
366  crv = "Ed25519";
367  }
368  else if(osStrcmp(publicKey->curve->name, "Ed448") == 0)
369  {
370  //Select Ed448 elliptic curve
371  crv = "Ed448";
372  }
373  else
374  {
375  //Report an error
376  break;
377  }
378 
379  //Format "crv" parameter
380  ret |= json_object_set_new(rootObj, "crv", json_string(crv));
381  //Any error to report?
382  if(ret != 0)
383  break;
384 
385  //Convert the public key to an octet string
386  error = eddsaExportPublicKey(publicKey, (uint8_t *) buffer, &n);
387  //Any error to report?
388  if(error)
389  break;
390 
391  //Integers are represented using the base64url encoding of their
392  //big-endian representations
393  base64urlEncode(buffer, n, buffer, &n);
394 
395  //Format "x" parameter
396  ret = json_object_set_new(rootObj, "x", json_string(buffer));
397  //Any error to report?
398  if(ret != 0)
399  break;
400 
401  //If this sort parameter is set, all the keys of the JWK representation
402  //are sorted in lexicographic order
403  flags = sort ? (JSON_COMPACT | JSON_SORT_KEYS) : JSON_COMPACT;
404 
405  //Generate the JSON representation of the JWK object
406  s = json_dumps(rootObj, flags);
407 
408  //End of exception handling block
409  } while(0);
410 
411  //Valid JSON representation?
412  if(s != NULL)
413  {
414  //Copy JSON string
415  osStrcpy(buffer, s);
416  //Total number of bytes that have been written
417  *written = osStrlen(s);
418 
419  //Release JSON string
420  jsonp_free(s);
421  }
422  else
423  {
424  //Report an error
425  error = ERROR_FAILURE;
426  }
427 
428  //Release JSON object
429  json_decref(rootObj);
430 
431  //Return status code
432  return error;
433 #else
434  //Not implemented
435  return ERROR_NOT_IMPLEMENTED;
436 #endif
437 }
438 
439 
440 /**
441  * @brief Create a JSON Web Signature
442  * @param[in] prngAlgo PRNG algorithm
443  * @param[in] prngContext Pointer to the PRNG context
444  * @param[in] protected Pointer to the JWS protected header
445  * @param[in] payload Pointer to the JWS payload
446  * @param[in] alg Cryptographic algorithm used to secure the JWS
447  * @param[in] privateKey Pointer to the signer's private key
448  * @param[out] buffer JSON structure representing the digitally signed
449  * or MACed message
450  * @param[out] written Length of the resulting JSON structure
451  * @return Error code
452  **/
453 
454 error_t jwsCreate(const PrngAlgo *prngAlgo, void *prngContext,
455  const char_t *protected, const char_t *payload, const char_t *alg,
456  const void *privateKey, char_t *buffer, size_t *written)
457 {
458  error_t error;
459  int_t ret;
460  size_t n;
461  char_t *p;
462  char_t *s;
463  json_t *rootObj;
464 
465  //Debug message
466  TRACE_DEBUG("JWS protected header (%" PRIuSIZE " bytes):\r\n", osStrlen(protected));
467  TRACE_DEBUG("%s\r\n\r\n", protected);
468  TRACE_DEBUG("JWS payload (%" PRIuSIZE " bytes):\r\n", osStrlen(payload));
469  TRACE_DEBUG("%s\r\n\r\n", payload);
470 
471  //Initialize status code
472  error = NO_ERROR;
473 
474  //Initialize variables
475  ret = 0;
476  s = NULL;
477 
478  //Initialize JSON object
479  rootObj = json_object();
480 
481  //Start of exception handling block
482  do
483  {
484  //Point to the beginning of the buffer
485  p = buffer;
486 
487  //Encode the JWS protected header using Base64url
488  base64urlEncode(protected, osStrlen(protected), p, &n);
489 
490  //The "protected" member must be present and contain the value of the
491  //Base64url-encoded JWS protected header (refer to RFC 7515, section 7.2.1)
492  ret = json_object_set_new(rootObj, "protected", json_string(p));
493  //Any error to report?
494  if(ret != 0)
495  break;
496 
497  //Advance write pointer
498  p += n;
499 
500  //Insert a '.' character between the Base64url-encoded JWS protected
501  //header and JWS payload
502  *(p++) = '.';
503 
504  //Encode the JWS payload value using Base64url
505  base64urlEncode(payload, osStrlen(payload), p, &n);
506 
507  //The "payload" member must be present and contain the value of the
508  //Base64url-encoded JWS payload (refer to RFC 7515, section 7.2.1)
509  ret = json_object_set_new(rootObj, "payload", json_string(p));
510  //Any error to report?
511  if(ret != 0)
512  break;
513 
514  //Advance write pointer
515  p += n;
516  //Compute the length of the JWS signing input
517  n = p - buffer;
518 
519  //Compute the JWS Signature in the manner defined for the particular
520  //algorithm being used over the JWS signing input (refer to RFC 7515,
521  //section 5.1)
522  error = jwsGenerateSignature(prngAlgo, prngContext, alg, privateKey,
523  buffer, n, (uint8_t *) buffer, &n);
524  //Any error to report?
525  if(error)
526  break;
527 
528  //Encode the JWS signature using Base64url
529  base64urlEncode(buffer, n, buffer, &n);
530 
531  //The "signature" member must be present and contain the value of the
532  //Base64url-encoded JWS Signature (refer to RFC 7515, section 7.2.1)
533  ret = json_object_set_new(rootObj, "signature", json_string(buffer));
534  //Any error to report?
535  if(ret != 0)
536  break;
537 
538  //Generate the JSON representation of the JWS object
539  s = json_dumps(rootObj, JSON_COMPACT);
540 
541  //End of exception handling block
542  } while(0);
543 
544  //Valid JSON representation?
545  if(s != NULL)
546  {
547  //Debug message
548  TRACE_DEBUG("JWS (%" PRIuSIZE " bytes):\r\n", osStrlen(s));
549  TRACE_DEBUG("%s\r\n\r\n", s);
550 
551  //Copy JSON string
552  osStrcpy(buffer, s);
553  //Total number of bytes that have been written
554  *written = osStrlen(s);
555 
556  //Release JSON string
557  jsonp_free(s);
558  }
559  else
560  {
561  //Report an error
562  error = ERROR_FAILURE;
563  }
564 
565  //Release JSON object
566  json_decref(rootObj);
567 
568  //Return status code
569  return error;
570 }
571 
572 
573 /**
574  * @brief Compute JWS signature using the specified algorithm
575  * @param[in] prngAlgo PRNG algorithm
576  * @param[in] prngContext Pointer to the PRNG context
577  * @param[in] alg Cryptographic algorithm used to secure the JWS
578  * @param[in] privateKey Pointer to the signer's private key
579  * @param[in] input Pointer to the JWS signing input
580  * @param[in] inputLen Length of the JWS signing input
581  * @param[out] output Buffer where to store the JWS signature
582  * @param[out] outputLen Length of the JWS signature
583  * @return Error code
584  **/
585 
586 error_t jwsGenerateSignature(const PrngAlgo *prngAlgo, void *prngContext,
587  const char_t *alg, const void *privateKey, const char_t *input,
588  size_t inputLen, uint8_t *output, size_t *outputLen)
589 {
590  error_t error;
591 
592 #if (ACME_CLIENT_RSA_SUPPORT == ENABLED)
593  //RSASSA-PKCS1-v1_5 algorithm?
594  if(osStrcmp(alg, "RS256") == 0 || osStrcmp(alg, "RS384") == 0 ||
595  osStrcmp(alg, "RS512") == 0)
596  {
597  const HashAlgo *hashAlgo;
598  uint8_t digest[SHA512_DIGEST_SIZE];
599 
600  //Select the relevant signature algorithm
601  if(osStrcmp(alg, "RS256") == 0)
602  {
603  //RSASSA-PKCS1-v1_5 algorithm with SHA-256
604  hashAlgo = SHA256_HASH_ALGO;
605  }
606  else if(osStrcmp(alg, "RS384") == 0)
607  {
608  //RSASSA-PKCS1-v1_5 algorithm with SHA-384
609  hashAlgo = SHA384_HASH_ALGO;
610  }
611  else if(osStrcmp(alg, "RS512") == 0)
612  {
613  //RSASSA-PKCS1-v1_5 algorithm with SHA-512
614  hashAlgo = SHA512_HASH_ALGO;
615  }
616  else
617  {
618  //Just for sanity
619  hashAlgo = NULL;
620  }
621 
622  //Valid hash algorithm?
623  if(hashAlgo != NULL)
624  {
625  //Digest the JWS signing input
626  error = hashAlgo->compute(input, inputLen, digest);
627  }
628  else
629  {
630  //Report an error
631  error = ERROR_INVALID_SIGNATURE_ALGO;
632  }
633 
634  //Check status code
635  if(!error)
636  {
637  //Generate RSA signature
638  error = rsassaPkcs1v15Sign(privateKey, hashAlgo, digest, output,
639  outputLen);
640  }
641  }
642  else
643 #endif
644 #if (ACME_CLIENT_ECDSA_SUPPORT == ENABLED)
645  //ECDSA algorithm?
646  if(osStrcmp(alg, "ES256") == 0 || osStrcmp(alg, "ES384") == 0 ||
647  osStrcmp(alg, "ES512") == 0)
648  {
649  const HashAlgo *hashAlgo;
650  EcdsaSignature signature;
651  uint8_t digest[SHA512_DIGEST_SIZE];
652 
653  //Initialize ECDSA signature
654  ecdsaInitSignature(&signature);
655 
656  //Select the relevant signature algorithm
657  if(osStrcmp(alg, "ES256") == 0)
658  {
659  //ECDSA algorithm using P-256 and SHA-256
660  hashAlgo = SHA256_HASH_ALGO;
661  }
662  else if(osStrcmp(alg, "ES384") == 0)
663  {
664  //ECDSA algorithm using P-384 and SHA-384
665  hashAlgo = SHA384_HASH_ALGO;
666  }
667  else if(osStrcmp(alg, "ES512") == 0)
668  {
669  //ECDSA algorithm using P-521 and SHA-512
670  hashAlgo = SHA512_HASH_ALGO;
671  }
672  else
673  {
674  //Just for sanity
675  hashAlgo = NULL;
676  }
677 
678  //Valid hash algorithm?
679  if(hashAlgo != NULL)
680  {
681  //Digest the JWS signing input
682  error = hashAlgo->compute(input, inputLen, digest);
683  }
684  else
685  {
686  //Report an error
687  error = ERROR_INVALID_SIGNATURE_ALGO;
688  }
689 
690  //Check status code
691  if(!error)
692  {
693  //Generate ECDSA signature (R, S)
694  error = ecdsaGenerateSignature(prngAlgo, prngContext, privateKey,
695  digest, hashAlgo->digestSize, &signature);
696  }
697 
698  //Check status code
699  if(!error)
700  {
701  //Turn R and S into octet sequences in big-endian order, with each
702  //array being be 32 octets long. The octet sequence representations
703  //must not be shortened to omit any leading zero octets contained in
704  //the values. Concatenate the two octet sequences in the order R and
705  //then S. The resulting 64-octet sequence is the JWS signature value
706  //(refer to RFC 7518, section 3.4)
707  error = ecdsaExportSignature(&signature, (uint8_t *) output,
708  outputLen, ECDSA_SIGNATURE_FORMAT_RAW);
709  }
710 
711  //Release previously allocated resources
712  ecdsaFreeSignature(&signature);
713  }
714  else
715 #endif
716 #if (ACME_CLIENT_ED25519_SUPPORT == ENABLED || \
717  ACME_CLIENT_ED448_SUPPORT == ENABLED)
718  //EdDSA algorithm?
719  if(osStrcmp(alg, "EdDSA") == 0)
720  {
721  const uint8_t *q;
722  const EddsaPrivateKey *eddsaPrivateKey;
723 
724  //Point to the EdDSA private key
725  eddsaPrivateKey = (const EddsaPrivateKey *) privateKey;
726 
727  //The public key is optional
728  q = (eddsaPrivateKey->q.curve != NULL) ? eddsaPrivateKey->q.q : NULL;
729 
730 #if (ACME_CLIENT_ED25519_SUPPORT == ENABLED)
731  //Ed25519 curve?
732  if(eddsaPrivateKey->curve == ED25519_CURVE)
733  {
734  //Generate Ed25519 signature (PureEdDSA mode)
735  error = ed25519GenerateSignature(eddsaPrivateKey->d, q, input, inputLen,
736  NULL, 0, 0, output);
737 
738  //Check status code
739  if(!error)
740  {
741  //The Ed25519 signature consists of 32 octets
742  *outputLen = ED25519_SIGNATURE_LEN;
743  }
744  }
745  else
746 #endif
747 #if (ACME_CLIENT_ED448_SUPPORT == ENABLED)
748  //Ed448 curve?
749  if(eddsaPrivateKey->curve == ED448_CURVE)
750  {
751  //Generate Ed448 signature (PureEdDSA mode)
752  error = ed448GenerateSignature(eddsaPrivateKey->d, q, input, inputLen,
753  NULL, 0, 0, output);
754 
755  //Check status code
756  if(!error)
757  {
758  //The Ed448 signature consists of 57 octets
759  *outputLen = ED448_SIGNATURE_LEN;
760  }
761  }
762  else
763 #endif
764  //Unknown curve?
765  {
766  //Report an error
767  error = ERROR_INVALID_SIGNATURE_ALGO;
768  }
769  }
770  else
771 #endif
772  //Unknown algorithm?
773  {
774  //Report an error
775  error = ERROR_INVALID_SIGNATURE_ALGO;
776  }
777 
778  //Return status code
779  return error;
780 }
781 
782 #endif
ecdsaGenerateSignature
__weak_func error_t ecdsaGenerateSignature(const PrngAlgo *prngAlgo, void *prngContext, const EcPrivateKey *privateKey, const uint8_t *digest, size_t digestLen, EcdsaSignature *signature)
ECDSA signature generation.
Definition: ecdsa.c:509
EcdsaSignature
ECDSA signature.
Definition: ecdsa.h:63
SHA256_HASH_ALGO
#define SHA256_HASH_ALGO
Definition: sha256.h:49
bool_t
int bool_t
Definition: compiler_port.h:61
EC_PUBLIC_KEY_FORMAT_RAW_Y
@ EC_PUBLIC_KEY_FORMAT_RAW_Y
Definition: ec.h:389
EddsaPrivateKey::d
uint8_t d[EDDSA_MAX_PRIVATE_KEY_LEN]
Private key.
Definition: eddsa.h:77
SHA512_HASH_ALGO
#define SHA512_HASH_ALGO
Definition: sha512.h:49
int_t
signed int int_t
Definition: compiler_port.h:56
PrngAlgo
#define PrngAlgo
Definition: crypto.h:973
ERROR_NOT_IMPLEMENTED
@ ERROR_NOT_IMPLEMENTED
Definition: error.h:66
EddsaPrivateKey::curve
const EcCurve * curve
Elliptic curve parameters.
Definition: eddsa.h:76
eddsaExportPublicKey
error_t eddsaExportPublicKey(const EddsaPublicKey *key, uint8_t *data, size_t *length)
Export an EdDSA public key.
Definition: eddsa.c:327
jwkExportRsaPublicKey
error_t jwkExportRsaPublicKey(const RsaPublicKey *publicKey, char_t *buffer, size_t *written, bool_t sort)
Export an RSA public key to JWK format.
Definition: acme_client_jose.c:55
p
uint8_t p
Definition: ndp.h:300
HashAlgo::digestSize
size_t digestSize
Definition: crypto.h:1088
ED25519_CURVE
#define ED25519_CURVE
Definition: ec_curves.h:72
ED448_SIGNATURE_LEN
#define ED448_SIGNATURE_LEN
Definition: ed448.h:44
ED448_CURVE
#define ED448_CURVE
Definition: ec_curves.h:73
jwkExportEcPublicKey
error_t jwkExportEcPublicKey(const EcPublicKey *publicKey, char_t *buffer, size_t *written, bool_t sort)
Export an EC public key to JWK format.
Definition: acme_client_jose.c:175
osStrcmp
#define osStrcmp(s1, s2)
Definition: os_port.h:174
ED25519_SIGNATURE_LEN
#define ED25519_SIGNATURE_LEN
Definition: ed25519.h:44
RsaPublicKey::e
Mpi e
Public exponent.
Definition: rsa.h:59
osStrlen
#define osStrlen(s)
Definition: os_port.h:168
ACME_CLIENT_ED25519_SUPPORT
#define ACME_CLIENT_ED25519_SUPPORT
Definition: acme_client.h:131
acme_client_jose.h
JOSE (JSON Object Signing and Encryption)
RsaPublicKey::n
Mpi n
Modulus.
Definition: rsa.h:58
ecdsaExportSignature
error_t ecdsaExportSignature(const EcdsaSignature *signature, uint8_t *data, size_t *length, EcdsaSignatureFormat format)
Export an ECDSA signature.
Definition: ecdsa.c:272
ecdsaFreeSignature
void ecdsaFreeSignature(EcdsaSignature *signature)
Release an ECDSA signature.
Definition: ecdsa.c:86
ed25519GenerateSignature
error_t ed25519GenerateSignature(const uint8_t *privateKey, const uint8_t *publicKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, uint8_t flag, uint8_t *signature)
EdDSA signature generation.
Definition: ed25519.c:234
EddsaPublicKey::q
uint8_t q[EDDSA_MAX_PUBLIC_KEY_LEN]
Public key.
Definition: eddsa.h:66
EddsaPublicKey::curve
const EcCurve * curve
Elliptic curve parameters.
Definition: eddsa.h:65
error_t
error_t
Error codes.
Definition: error.h:43
HashAlgo::compute
HashAlgoCompute compute
Definition: crypto.h:1091
base64urlEncode
void base64urlEncode(const void *input, size_t inputLen, char_t *output, size_t *outputLen)
Base64url encoding algorithm.
Definition: base64url.c:72
jwsGenerateSignature
error_t jwsGenerateSignature(const PrngAlgo *prngAlgo, void *prngContext, const char_t *alg, const void *privateKey, const char_t *input, size_t inputLen, uint8_t *output, size_t *outputLen)
Compute JWS signature using the specified algorithm.
Definition: acme_client_jose.c:586
EddsaPublicKey
EdDSA public key.
Definition: eddsa.h:64
ERROR_FAILURE
@ ERROR_FAILURE
Generic error code.
Definition: error.h:45
RsaPublicKey
RSA public key.
Definition: rsa.h:57
ecdsaInitSignature
void ecdsaInitSignature(EcdsaSignature *signature)
Initialize an ECDSA signature.
Definition: ecdsa.c:73
ECDSA_SIGNATURE_FORMAT_RAW
@ ECDSA_SIGNATURE_FORMAT_RAW
Definition: ecdsa.h:52
base64url.h
Base64url encoding scheme.
mpiExport
error_t mpiExport(const Mpi *a, uint8_t *output, size_t length, MpiFormat format)
Integer to octet string conversion.
Definition: mpi.c:809
jwkExportEddsaPublicKey
error_t jwkExportEddsaPublicKey(const EddsaPublicKey *publicKey, char_t *buffer, size_t *written, bool_t sort)
Export an EdDSA public key to JWK format.
Definition: acme_client_jose.c:326
ENABLED
#define ENABLED
Definition: os_port.h:37
ecExportPublicKey
error_t ecExportPublicKey(const EcPublicKey *key, uint8_t *data, size_t *length, EcPublicKeyFormat format)
Export an EC public key.
Definition: ec.c:378
EddsaPrivateKey
EdDSA private key.
Definition: eddsa.h:75
EcPublicKey
EC public key.
Definition: ec.h:421
SHA384_HASH_ALGO
#define SHA384_HASH_ALGO
Definition: sha384.h:45
flags
uint8_t flags
Definition: tcp.h:358
TRACE_DEBUG
#define TRACE_DEBUG(...)
Definition: debug.h:119
char_t
char char_t
Definition: compiler_port.h:55
ERROR_INVALID_SIGNATURE_ALGO
@ ERROR_INVALID_SIGNATURE_ALGO
Definition: error.h:135
n
uint8_t n
Definition: dhcpv6_common.h:416
payload
uint8_t payload[]
Definition: ipv6.h:286
EC_PUBLIC_KEY_FORMAT_RAW_X
@ EC_PUBLIC_KEY_FORMAT_RAW_X
Definition: ec.h:388
MPI_FORMAT_BIG_ENDIAN
@ MPI_FORMAT_BIG_ENDIAN
Definition: mpi.h:93
s
uint8_t s
Definition: igmp_common.h:234
EddsaPrivateKey::q
EddsaPublicKey q
Public key.
Definition: eddsa.h:79
HashAlgo
Common interface for hash algorithms.
Definition: crypto.h:1082
rsassaPkcs1v15Sign
error_t rsassaPkcs1v15Sign(const RsaPrivateKey *key, const HashAlgo *hash, const uint8_t *digest, uint8_t *signature, size_t *signatureLen)
RSASSA-PKCS1-v1_5 signature generation operation.
Definition: rsa.c:935
jwsCreate
error_t jwsCreate(const PrngAlgo *prngAlgo, void *prngContext, const char_t *protected, const char_t *payload, const char_t *alg, const void *privateKey, char_t *buffer, size_t *written)
Create a JSON Web Signature.
Definition: acme_client_jose.c:454
PRIuSIZE
#define PRIuSIZE
Definition: compiler_port.h:160
uint_t
unsigned int uint_t
Definition: compiler_port.h:57
osStrcpy
#define osStrcpy(s1, s2)
Definition: os_port.h:210
EcPublicKey::curve
const EcCurve * curve
Elliptic curve parameters.
Definition: ec.h:422
acme_client.h
ACME client (Automatic Certificate Management Environment)
ed448GenerateSignature
error_t ed448GenerateSignature(const uint8_t *privateKey, const uint8_t *publicKey, const void *message, size_t messageLen, const void *context, uint8_t contextLen, uint8_t flag, uint8_t *signature)
EdDSA signature generation.
Definition: ed448.c:223
SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition: sha512.h:45
NO_ERROR
@ NO_ERROR
Success.
Definition: error.h:44
debug.h
Debugging facilities.
mpiGetByteLength
uint_t mpiGetByteLength(const Mpi *a)
Get the actual length in bytes.
Definition: mpi.c:215