tiny-asn1: Created new package `tiny-asn1`

pkg/tiny-asn1/Makefile

@@ -0,0 +1,12 @@
+PKG_NAME = tiny-asn1
+PKG_URL = https://gitlab.com/matthegap/tiny-asn1.git
+PKG_VERSION = b09f058966c6296904487c3f8fc04c68fe83b2cc
+
+export TINYASN1_ROOT=$(CURDIR)
+INCLUDES+=-I$(TINYASN1_ROOT)/src
+
+.PHONY: all
+
+all: git-download
+	$(MAKE) -C $(PKG_BUILDDIR)/src
+include $(RIOTBASE)/pkg/pkg.mk

pkg/tiny-asn1/Makefile.include

@@ -0,0 +1 @@
+INCLUDES += -I$(BINDIRBASE)/pkg/$(BOARD)/tiny-asn1/src

pkg/tiny-asn1/doc.txt

@@ -0,0 +1,6 @@
+/**
+ * @defgroup tiny-asn1 tiny-asn1
+ * @ingroup pkg
+ * @brief   Lightweight ASN.1 decoding/encoding library
+ * @see     https://gitlab.com/matthegap/tiny-asn1
+ */

pkg/tiny-asn1/patches/0001-Added-RIOT-Makefile.patch

@@ -0,0 +1,22 @@
+From 0a0a9b1e8655d34131aee5afb4ac45e228171edb Mon Sep 17 00:00:00 2001
+From: Mathias Tausig <mathias.tausig@fh-campuswien.ac.at>
+Date: Thu, 23 Jun 2016 14:27:10 +0200
+Subject: [PATCH 1/1] Added RIOT Makefile
+
+---
+ src/Makefile | 3 +++
+ 1 file changed, 3 insertions(+)
+ create mode 100644 src/Makefile
+
+diff --git a/src/Makefile b/src/Makefile
+new file mode 100644
+index 0000000..67d7cf9
+--- /dev/null
++++ b/src/Makefile
+@@ -0,0 +1,3 @@
++MODULE:=tiny-asn1
++
++include $(RIOTBASE)/Makefile.base
+-- 
+2.7.4
+

tests/pkg_tiny-asn1/Makefile

@@ -0,0 +1,8 @@
+APPLICATION = tiny-asn1
+include ../Makefile.tests_common
+USEPKG += tiny-asn1
+
+include $(RIOTBASE)/Makefile.include
+
+test:
+	./tests/01-run.py

tests/pkg_tiny-asn1/README.md

@@ -0,0 +1,6 @@
+# `pkg_tiny-asn1` test
+
+This test tries to execute all basic dunctions of the tiny-asn1 library by decoding and encoding some data.
+
+If everything works, the programs exits with a return code of 1 and prints "Decoding finished succesfully" at the end.
+In case of an error, the program returns with an exit code of 1.

tests/pkg_tiny-asn1/main.c

@@ -0,0 +1,208 @@
+/*
+ * Copyright (C) 2016 Mathias Tausig, FH Campus Wien
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+#include <stdint.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "tiny-asn1.h"
+
+void print_hex(uint8_t *data, unsigned int len)
+{
+    unsigned int count = 0;
+    unsigned int blockCount = 0;
+
+    while (count < len) {
+        printf("%02x ", data[count]);
+        ++count;
+        ++blockCount;
+        if (blockCount == 4) {
+            printf("  ");
+        }
+        if (blockCount == 8) {
+            printf("\n");
+            blockCount = 0;
+        }
+    }
+    printf("\n");
+}
+
+
+void print_asn1(asn1_tree *list, int depth)
+{
+    printf("d=%d, Tag: %02x, len=%" PRIu32 "\n", depth, list->type, list->length);
+    if (list->child == NULL) {
+        printf("Value:\n");
+        print_hex(list->data, list->length);
+    }
+    else {
+        print_asn1(list->child, depth + 1);
+    }
+
+    if (list->next != NULL) {
+        print_asn1(list->next, depth);
+    }
+}
+
+
+
+int main(void)
+{
+    /* Created with echo "12345678901234567890"|openssl cms -EncryptedData_encrypt -aes128 -secretkey 39904F36D98779D00F9A2B8139D2957F -outform der|xxd --i */
+    uint8_t cms_data[] = {
+        0x30, 0x60, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07,
+        0x06, 0xa0, 0x53, 0x30, 0x51, 0x02, 0x01, 0x00, 0x30, 0x4c, 0x06, 0x09,
+        0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01, 0x30, 0x1d, 0x06,
+        0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x02, 0x04, 0x10,
+        0x4d, 0xaa, 0x7b, 0x74, 0xfb, 0xf7, 0x7a, 0xfa, 0xb0, 0x23, 0xa2, 0x9c,
+        0x1a, 0xb6, 0x51, 0xe4, 0x80, 0x20, 0x6b, 0x8f, 0x64, 0xd7, 0x3a, 0x81,
+        0x01, 0x0c, 0x7b, 0xab, 0xfd, 0x26, 0x6d, 0x46, 0x2e, 0x3e, 0xc4, 0xf6,
+        0x01, 0x78, 0x8a, 0xc0, 0xc0, 0x52, 0x0a, 0x66, 0x17, 0x71, 0x4f, 0xf6,
+        0xd9, 0x95
+    };
+
+    int32_t asn1_object_count = der_object_count(cms_data, sizeof(cms_data));
+
+    if (asn1_object_count < 0) {
+        printf("ERROR: Could not calculate the number of Elements within the data.\n");
+        return 1;
+    }
+
+    asn1_tree *asn1_objects = (asn1_tree *)(malloc(sizeof(asn1_tree) * asn1_object_count));
+    if (asn1_objects == NULL) {
+        printf("ERROR: Could not allocate the memory for the ASN.1 objects.\n");
+        return 1;
+    }
+
+    asn1_tree cms;
+
+    if (der_decode(cms_data, sizeof(cms_data), &cms, asn1_objects, asn1_object_count) < 0) {
+        printf("ERROR: Could not parse the data.\n");
+        return 1;
+    }
+
+    /* Dump the data */
+    print_asn1(&cms, 0);
+
+    /* Since we know this is CMS data, we can try to interpret it. */
+    if (cms.type != 0x30) {
+        printf("ERROR: The outer type is not a SEQUENCE.\n");
+        return 1;
+    }
+
+    asn1_tree *content_type = cms.child;
+    if ((content_type == NULL) || (content_type->type != 0x06)) {
+        printf("ERROR: No ContentType information available.\n");
+        return 1;
+    }
+    printf("ContentType: ");
+    if (memcmp(content_type->data, (uint8_t[]){ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x06 }, content_type->length) != 0) {
+        printf("ERROR: ContentType is not of type encryptedData.\n");
+        return 1;
+    }
+    printf("encryptedData\n");
+
+    asn1_tree *encrypted_data = content_type->next->child;
+    if ((encrypted_data == NULL) || (encrypted_data->type != 0x30)) {
+        printf("ERROR: EncryptedData not availavble.\n");
+        return 1;
+    }
+
+    asn1_tree *cms_version = encrypted_data->child;
+    if ((cms_version == NULL) || (cms_version->type != 0x02) || (cms_version->length != 1)) {
+        printf("ERROR: CMSVersion not availavble.\n");
+        return 1;
+    }
+    uint8_t version = cms_version->data[0];
+    printf("CMSVersion: %d\n", version);
+
+    asn1_tree *encrypted_content_info = cms_version->next;
+    if ((encrypted_content_info == NULL) || (encrypted_content_info->type != 0x30)) {
+        printf("ERROR: EncryptedContentInfo not availavble.\n");
+        return 1;
+    }
+
+    asn1_tree *encrypted_content_info_content_type = encrypted_content_info->child;
+    if ((encrypted_content_info_content_type == NULL) || (encrypted_content_info_content_type->type != 0x06)) {
+        printf("ERROR: ContentType of EncryptedContentInfo not availavble.\n");
+        return 1;
+    }
+    if (memcmp(encrypted_content_info_content_type->data,
+               (uint8_t[]){ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01 }, encrypted_content_info_content_type->length) != 0) {
+        printf("ERROR: ContentType of EncrytptedContentInfo is not of type pkcs#7.\n");
+        return 1;
+    }
+    printf("ContentType of EncryptedContentInfo: pkcs#7\n");
+
+    asn1_tree *content_encryption_algorithm = encrypted_content_info_content_type->next;
+    if (content_encryption_algorithm == NULL) {
+        printf("ERROR: ContentEncryptionAlgorithm not available.\n");
+        return 1;
+    }
+
+    if (content_encryption_algorithm->type == 0x30) {
+        /* extended definition of ContentEncryptionAlgorithmIdentifier by RFC5911 */
+        asn1_tree *encryption_algorithm_identifier = content_encryption_algorithm->child;
+        if ((encryption_algorithm_identifier == NULL) || (encryption_algorithm_identifier->type != 0x06)) {
+            printf("ERROR: No encryption algorithm identifier available.\n");
+            return 1;
+        }
+        if (memcmp(encryption_algorithm_identifier->data,
+                   (uint8_t[]){ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x02 }, encryption_algorithm_identifier->length) == 0) {
+            printf("Content encryption algorithm: AES-128-CBC.\n");
+            asn1_tree *aes_iv = encryption_algorithm_identifier->next;
+            if ((aes_iv == NULL) || (aes_iv->type != 0x04)) {
+                printf("ERROR: IV not available.\n");
+                return 1;
+            }
+            printf("IV:\n");
+            print_hex(aes_iv->data, aes_iv->length);
+        }
+        else {
+            printf("Unknown encryption algorithm.\n");
+        }
+        asn1_tree *encrypted_content = content_encryption_algorithm->next;
+        if ((encrypted_content == NULL) || (encrypted_content->type != 0x80)) {
+            printf("ERROR: encrypted content not available.\n");
+            return 1;
+        }
+        printf("Encrypted content:\n");
+        print_hex(encrypted_content->data, encrypted_content->length);
+
+
+    }
+
+    asn1_tree *unprotected_attrs = encrypted_content_info->next;
+    if (unprotected_attrs != NULL) {
+        printf("Unprotected attributes are available.\n");
+    }
+    else {
+        printf("Unprotected attributes are not available.\n");
+    }
+
+    /* try to encode the asn1_tree and check if it has not been altered */
+    uint8_t encoded[98];
+    if (der_encode(&cms, encoded, sizeof(encoded)) < 0) {
+        printf("ERROR: Could not reencode the decoded data.\n");
+        return 1;
+    }
+    if (memcmp(cms_data, encoded, sizeof(cms_data)) != 0) {
+        printf("ERROR: Data has changes while reencoding it.\n");
+        return 1;
+    }
+    printf("DER encoded data:\n");
+    print_hex(encoded, sizeof(encoded));
+
+    free(asn1_objects);
+
+    /* Everything worked fine */
+    printf("Decoding finished succesfully\n");
+    return 0;
+}

tests/pkg_tiny-asn1/tests/01-run.py

@@ -0,0 +1,20 @@
+#!/usr/bin/env python3
+
+# Copyright (C) 2016 Kaspar Schleiser <kaspar@schleiser.de>
+# Copyright (C) 2016 Mathias Tausig <mathias.tausig@fh-campuswien.ac.at>
+#
+# This file is subject to the terms and conditions of the GNU Lesser
+# General Public License v2.1. See the file LICENSE in the top level
+# directory for more details.
+
+import os
+import sys
+
+sys.path.append(os.path.join(os.environ['RIOTBASE'], 'dist/tools/testrunner'))
+import testrunner
+
+def testfunc(child):
+    child.expect('Decoding finished succesfully')
+
+if __name__ == "__main__":
+    sys.exit(testrunner.run(testfunc))