1 /** 2 * --------- 3 * |.##> <##.| Open Smart Card Development Platform (www.openscdp.org) 4 * |# #| 5 * |# #| Copyright (c) 1999-2009 CardContact Software & System Consulting 6 * |'##> <##'| Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de) 7 * --------- 8 * 9 * This file is part of OpenSCDP. 10 * 11 * OpenSCDP is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License version 2 as 13 * published by the Free Software Foundation. 14 * 15 * OpenSCDP is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with OpenSCDP; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 23 * 24 * @fileoverview Implementation of the ASN.1 structures for restricted identification 25 */ 26 27 28 29 /** 30 * Create a RestrictedIdentificationInfo object 31 * 32 * @class <p>This class encodes and decodes RestrictedIdentificationInfo objects.</p> 33 * <p>The class implements the following ASN.1 syntax:</p> 34 * <pre> 35 * RestrictedIdentificationInfo ::= SEQUENCE { 36 * protocol OBJECT IDENTIFIER( 37 * id-RI-DH-SHA-1 | 38 * id-RI-DH-SHA-224 | 39 * id-RI-DH-SHA-256 | 40 * id-RI-DH-SHA-384 | 41 * id-RI-DH-SHA-512 | 42 * id-RI-ECDH-SHA-1 | 43 * id-RI-ECDH-SHA-224 | 44 * id-RI-ECDH-SHA-256 | 45 * id-RI-ECDH-SHA-384 | 46 * id-RI-ECDH-SHA-512), 47 * params ProtocolParams, 48 * maxKeyLen INTEGER OPTIONAL 49 * } 50 * ProtocolParams ::= SEQUENCE { 51 * version INTEGER, -- MUST be 1 52 * keyId INTEGER, 53 * authorizedOnly BOOLEAN 54 * } 55 * </pre> 56 * @constructor 57 * @param {ASN1} the optional tlv structure to initialize the object 58 */ 59 function RestrictedIdentificationInfo(tlv) { 60 if (tlv && (tlv instanceof ASN1)) { 61 assert(tlv.isconstructed); 62 assert(tlv.elements >= 2); 63 64 var i = 0; 65 var t = tlv.get(i++); 66 assert(t.tag == ASN1.OBJECT_IDENTIFIER); 67 this.protocol = t.value; 68 69 var params = tlv.get(i++); 70 assert(params.tag == ASN1.SEQUENCE); 71 assert(params.elements == 3); 72 73 assert(params.get(0).tag == ASN1.INTEGER); 74 this.version = params.get(0).value.toSigned(); 75 76 assert(params.get(1).tag == ASN1.INTEGER); 77 this.keyId = params.get(1).value.toSigned(); 78 79 assert(params.get(2).tag == ASN1.BOOLEAN); 80 this.authorizedOnly = params.get(2).value.toSigned(); 81 82 if (i < tlv.elements) { 83 var t = tlv.get(i++); 84 assert(t.tag == ASN1.INTEGER); 85 this.maxKeyLen = t.value.toSigned(); 86 } 87 } 88 } 89 90 91 92 /** 93 * Convert object to TLV structure 94 * 95 * @return the TLV structure 96 * @type ASN1 97 */ 98 RestrictedIdentificationInfo.prototype.toTLV = function() { 99 var t = new ASN1(ASN1.SEQUENCE, 100 new ASN1(ASN1.OBJECT_IDENTIFIER, this.protocol), 101 new ASN1(ASN1.SEQUENCE, 102 new ASN1(ASN1.INTEGER, ByteString.valueOf(this.version)), 103 new ASN1(ASN1.INTEGER, ByteString.valueOf(this.keyId)), 104 new ASN1(ASN1.BOOLEAN, ByteString.valueOf(this.authorizedOnly ? 0xFF : 0x00)) 105 ) 106 ); 107 108 if (typeof(this.maxKeyLen) != "undefined") { 109 t.add(new ASN1(ASN1.INTEGER, ByteString.valueOf(this.maxKeyLen))); 110 } 111 return t; 112 } 113 114 115 116 RestrictedIdentificationInfo.prototype.toString = function() { 117 return "RestrictedIdentificationInfo(protocol=" + this.protocol + ", version=" + this.version + ", keyId=" + this.keyId + ",authOnly=" + this.authorizedOnly + ",maxKeyLen=" + this.maxKeyLen + ")"; 118 } 119 120 121 122 /** 123 * Create a RestrictedIdentificationDomainParameterInfo object 124 * 125 * @class <p>This class encodes and decodes RestrictedIdentificationDomainParameterInfo objects.</p> 126 * <p>The class implements the following ASN.1 syntax:</p> 127 * <pre> 128 * RestrictedIdentificationDomainParameterInfo ::= SEQUENCE { 129 * protocol OBJECT IDENTIFIER(id-CA-DH | id-CA-ECDH), 130 * domainParameter AlgorithmIdentifier, 131 * } 132 * </pre> 133 * @constructor 134 * @param {ASN1} the optional tlv structure to initialize the object 135 */ 136 function RestrictedIdentificationDomainParameterInfo(tlv) { 137 if (tlv && (tlv instanceof ASN1)) { 138 assert(tlv.isconstructed); 139 assert(tlv.elements >= 2); 140 141 var i = 0; 142 var t = tlv.get(i++); 143 assert(t.tag == ASN1.OBJECT_IDENTIFIER); 144 this.protocol = t.value; 145 146 var t = tlv.get(i++); 147 assert(t.tag == ASN1.SEQUENCE); 148 149 if (t.elements > 0) { 150 var oid = t.get(0); 151 assert(oid.tag == ASN1.OBJECT_IDENTIFIER); 152 if (oid.value.equals(new ByteString("standardizedDomainParameter", OID))) { 153 this.standardizedDomainParameter = t.get(1).value.toUnsigned(); 154 var curveoid = RestrictedIdentification.standardizedDomainParameter[this.standardizedDomainParameter]; 155 if (!curveoid) { 156 throw new GPError("RestrictedIdentificationPublicKeyInfo", GPError.INVALID_DATA, 0, "Standardized domain parameter " + this.standardizedDomainParameter + " is unknown"); 157 } 158 this.domainParameter = new Key(); 159 this.domainParameter.setComponent(Key.ECC_CURVE_OID, new ByteString(curveoid, OID)); 160 } else { 161 this.domainParameter = ECCUtils.decodeECParameters(t.get(1)); 162 } 163 } else { 164 this.domainParameter = new Key(); 165 this.domainParameter.setComponent(Key.ECC_CURVE_OID, new ByteString("brainpoolP256r1", OID)); 166 } 167 } 168 } 169 170 171 172 /** 173 * Convert object to TLV structure 174 * 175 * @return the TLV structure 176 * @type ASN1 177 */ 178 RestrictedIdentificationDomainParameterInfo.prototype.toTLV = function() { 179 var t = new ASN1(ASN1.SEQUENCE); 180 181 t.add(new ASN1(ASN1.OBJECT_IDENTIFIER, this.protocol)); 182 183 var c = new ASN1(ASN1.SEQUENCE); 184 if (this.standardizedDomainParameter) { 185 c.add(new ASN1(ASN1.OBJECT_IDENTIFIER, new ByteString("standardizedDomainParameter", OID))); 186 c.add(new ASN1(ASN1.INTEGER, ByteString.valueOf(this.standardizedDomainParameter))); 187 } else { 188 189 } 190 t.add(c); 191 192 return t; 193 } 194 195 196 197 RestrictedIdentificationDomainParameterInfo.prototype.toString = function() { 198 return "RestrictedIdentificationDomainParameterInfo(protocol=" + this.protocol + ", keyId=" + this.keyId + ")"; 199 } 200 201 202 RestrictedIdentification = { 203 id_RI: new ByteString("id-RI", OID), 204 id_RI_DH: new ByteString("id-RI-DH", OID), 205 id_RI_ECDH: new ByteString("id-RI-ECDH", OID) 206 }; 207 208 RestrictedIdentification.standardizedDomainParameter = []; 209 RestrictedIdentification.standardizedDomainParameter[8] = "secp192r1"; 210 RestrictedIdentification.standardizedDomainParameter[9] = "brainpoolP192r1"; 211 RestrictedIdentification.standardizedDomainParameter[10] = "secp224r1"; 212 RestrictedIdentification.standardizedDomainParameter[11] = "brainpoolP224r1"; 213 RestrictedIdentification.standardizedDomainParameter[12] = "secp256r1"; 214 RestrictedIdentification.standardizedDomainParameter[13] = "brainpoolP256r1"; 215 RestrictedIdentification.standardizedDomainParameter[14] = "brainpoolP320r1"; 216 RestrictedIdentification.standardizedDomainParameter[15] = "secp384r1"; 217 RestrictedIdentification.standardizedDomainParameter[16] = "brainpoolP384r1"; 218 RestrictedIdentification.standardizedDomainParameter[17] = "brainpoolP512r1"; 219 RestrictedIdentification.standardizedDomainParameter[18] = "secp521r1"; 220