1 /** 2 * --------- 3 * |.##> <##.| Open Smart Card Development Platform (www.openscdp.org) 4 * |# #| 5 * |# #| Copyright (c) 1999-2009 CardContact Software & System Consulting 6 * |'##> <##'| Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de) 7 * --------- 8 * 9 * This file is part of OpenSCDP. 10 * 11 * OpenSCDP is free software; you can redistribute it and/or modify 12 * it under the terms of the GNU General Public License version 2 as 13 * published by the Free Software Foundation. 14 * 15 * OpenSCDP is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License 21 * along with OpenSCDP; if not, write to the Free Software 22 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 23 * 24 * @fileoverview Implementation of the ASN.1 structures for restricted identification 25 */ 26 27 28 29 /** 30 * Create a RestrictedIdentificationInfo object 31 * 32 * @class <p>This class encodes and decodes RestrictedIdentificationInfo objects.</p> 33 * <p>The class implements the following ASN.1 syntax:</p> 34 * <pre> 35 * RestrictedIdentificationInfo ::= SEQUENCE { 36 * protocol OBJECT IDENTIFIER( 37 * id-RI-DH-SHA-1 | 38 * id-RI-DH-SHA-224 | 39 * id-RI-DH-SHA-256 | 40 * id-RI-DH-SHA-384 | 41 * id-RI-DH-SHA-512 | 42 * id-RI-ECDH-SHA-1 | 43 * id-RI-ECDH-SHA-224 | 44 * id-RI-ECDH-SHA-256 | 45 * id-RI-ECDH-SHA-384 | 46 * id-RI-ECDH-SHA-512), 47 * params ProtocolParams, 48 * maxKeyLen INTEGER OPTIONAL 49 * } 50 * ProtocolParams ::= SEQUENCE { 51 * version INTEGER, -- MUST be 1 52 * keyId INTEGER, 53 * authorizedOnly BOOLEAN 54 * } 55 * </pre> 56 * @constructor 57 * @param {ASN1} the optional tlv structure to initialize the object 58 */ 59 function RestrictedIdentificationInfo(tlv) { 60 if (tlv && (tlv instanceof ASN1)) { 61 assert(tlv.isconstructed); 62 assert(tlv.elements >= 2); 63 64 var i = 0; 65 var t = tlv.get(i++); 66 assert(t.tag == ASN1.OBJECT_IDENTIFIER); 67 this.protocol = t.value; 68 69 var params = tlv.get(i++); 70 assert(params.tag == ASN1.SEQUENCE); 71 assert(params.elements == 3); 72 73 assert(params.get(0).tag == ASN1.INTEGER); 74 this.version = params.get(0).value.toSigned(); 75 76 assert(params.get(1).tag == ASN1.INTEGER); 77 this.keyId = params.get(1).value.toSigned(); 78 79 assert(params.get(2).tag == ASN1.BOOLEAN); 80 this.authorizedOnly = params.get(2).value.toSigned(); 81 82 if (i < tlv.elements) { 83 var t = tlv.get(i++); 84 assert(t.tag == ASN1.INTEGER); 85 this.maxKeyLen = t.value.toSigned(); 86 } 87 } 88 } 89 90 exports.RestrictedIdentificationInfo = RestrictedIdentificationInfo; 91 92 93 94 /** 95 * Convert object to TLV structure 96 * 97 * @return the TLV structure 98 * @type ASN1 99 */ 100 RestrictedIdentificationInfo.prototype.toTLV = function() { 101 var t = new ASN1(ASN1.SEQUENCE, 102 new ASN1(ASN1.OBJECT_IDENTIFIER, this.protocol), 103 new ASN1(ASN1.SEQUENCE, 104 new ASN1(ASN1.INTEGER, ByteString.valueOf(this.version)), 105 new ASN1(ASN1.INTEGER, ByteString.valueOf(this.keyId)), 106 new ASN1(ASN1.BOOLEAN, ByteString.valueOf(this.authorizedOnly ? 0xFF : 0x00)) 107 ) 108 ); 109 110 if (typeof(this.maxKeyLen) != "undefined") { 111 t.add(new ASN1(ASN1.INTEGER, ByteString.valueOf(this.maxKeyLen))); 112 } 113 return t; 114 } 115 116 117 118 RestrictedIdentificationInfo.prototype.toString = function() { 119 return "RestrictedIdentificationInfo(protocol=" + this.protocol + ", version=" + this.version + ", keyId=" + this.keyId + ",authOnly=" + this.authorizedOnly + ",maxKeyLen=" + this.maxKeyLen + ")"; 120 } 121 122 123 124 /** 125 * Create a RestrictedIdentificationDomainParameterInfo object 126 * 127 * @class <p>This class encodes and decodes RestrictedIdentificationDomainParameterInfo objects.</p> 128 * <p>The class implements the following ASN.1 syntax:</p> 129 * <pre> 130 * RestrictedIdentificationDomainParameterInfo ::= SEQUENCE { 131 * protocol OBJECT IDENTIFIER(id-CA-DH | id-CA-ECDH), 132 * domainParameter AlgorithmIdentifier, 133 * } 134 * </pre> 135 * @constructor 136 * @param {ASN1} the optional tlv structure to initialize the object 137 */ 138 function RestrictedIdentificationDomainParameterInfo(tlv) { 139 if (tlv && (tlv instanceof ASN1)) { 140 assert(tlv.isconstructed); 141 assert(tlv.elements >= 2); 142 143 var i = 0; 144 var t = tlv.get(i++); 145 assert(t.tag == ASN1.OBJECT_IDENTIFIER); 146 this.protocol = t.value; 147 148 var t = tlv.get(i++); 149 assert(t.tag == ASN1.SEQUENCE); 150 151 if (t.elements > 0) { 152 var oid = t.get(0); 153 assert(oid.tag == ASN1.OBJECT_IDENTIFIER); 154 if (oid.value.equals(new ByteString("standardizedDomainParameter", OID))) { 155 this.standardizedDomainParameter = t.get(1).value.toUnsigned(); 156 var curveoid = RestrictedIdentification.standardizedDomainParameter[this.standardizedDomainParameter]; 157 if (!curveoid) { 158 throw new GPError("RestrictedIdentificationPublicKeyInfo", GPError.INVALID_DATA, 0, "Standardized domain parameter " + this.standardizedDomainParameter + " is unknown"); 159 } 160 this.domainParameter = new Key(); 161 this.domainParameter.setComponent(Key.ECC_CURVE_OID, new ByteString(curveoid, OID)); 162 } else { 163 this.domainParameter = ECCUtils.decodeECParameters(t.get(1)); 164 } 165 } else { 166 this.domainParameter = new Key(); 167 this.domainParameter.setComponent(Key.ECC_CURVE_OID, new ByteString("brainpoolP256r1", OID)); 168 } 169 } 170 } 171 172 exports.RestrictedIdentificationDomainParameterInfo = RestrictedIdentificationDomainParameterInfo; 173 174 175 176 /** 177 * Convert object to TLV structure 178 * 179 * @return the TLV structure 180 * @type ASN1 181 */ 182 RestrictedIdentificationDomainParameterInfo.prototype.toTLV = function() { 183 var t = new ASN1(ASN1.SEQUENCE); 184 185 t.add(new ASN1(ASN1.OBJECT_IDENTIFIER, this.protocol)); 186 187 var c = new ASN1(ASN1.SEQUENCE); 188 if (this.standardizedDomainParameter) { 189 c.add(new ASN1(ASN1.OBJECT_IDENTIFIER, new ByteString("standardizedDomainParameter", OID))); 190 c.add(new ASN1(ASN1.INTEGER, ByteString.valueOf(this.standardizedDomainParameter))); 191 } else { 192 193 } 194 t.add(c); 195 196 return t; 197 } 198 199 200 201 RestrictedIdentificationDomainParameterInfo.prototype.toString = function() { 202 return "RestrictedIdentificationDomainParameterInfo(protocol=" + this.protocol + ", keyId=" + this.keyId + ")"; 203 } 204 205 206 RestrictedIdentification = { 207 id_RI: new ByteString("id-RI", OID), 208 id_RI_DH: new ByteString("id-RI-DH", OID), 209 id_RI_ECDH: new ByteString("id-RI-ECDH", OID) 210 }; 211 212 exports.RestrictedIdentification = RestrictedIdentification; 213 214 RestrictedIdentification.standardizedDomainParameter = []; 215 RestrictedIdentification.standardizedDomainParameter[8] = "secp192r1"; 216 RestrictedIdentification.standardizedDomainParameter[9] = "brainpoolP192r1"; 217 RestrictedIdentification.standardizedDomainParameter[10] = "secp224r1"; 218 RestrictedIdentification.standardizedDomainParameter[11] = "brainpoolP224r1"; 219 RestrictedIdentification.standardizedDomainParameter[12] = "secp256r1"; 220 RestrictedIdentification.standardizedDomainParameter[13] = "brainpoolP256r1"; 221 RestrictedIdentification.standardizedDomainParameter[14] = "brainpoolP320r1"; 222 RestrictedIdentification.standardizedDomainParameter[15] = "secp384r1"; 223 RestrictedIdentification.standardizedDomainParameter[16] = "brainpoolP384r1"; 224 RestrictedIdentification.standardizedDomainParameter[17] = "brainpoolP512r1"; 225 RestrictedIdentification.standardizedDomainParameter[18] = "secp521r1"; 226