1 /**
  2  *  ---------
  3  * |.##> <##.|  Open Smart Card Development Platform (www.openscdp.org)
  4  * |#       #|  
  5  * |#       #|  Copyright (c) 1999-2009 CardContact Software & System Consulting
  6  * |'##> <##'|  Andreas Schwier, 32429 Minden, Germany (www.cardcontact.de)
  7  *  --------- 
  8  *
  9  *  This file is part of OpenSCDP.
 10  *
 11  *  OpenSCDP is free software; you can redistribute it and/or modify
 12  *  it under the terms of the GNU General Public License version 2 as
 13  *  published by the Free Software Foundation.
 14  *
 15  *  OpenSCDP is distributed in the hope that it will be useful,
 16  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 17  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 18  *  GNU General Public License for more details.
 19  *
 20  *  You should have received a copy of the GNU General Public License
 21  *  along with OpenSCDP; if not, write to the Free Software
 22  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 23  *
 24  * @fileoverview Implementation of the ASN.1 structures for restricted identification
 25  */
 26 
 27 
 28 
 29 /**
 30  * Create a RestrictedIdentificationInfo object
 31  *
 32  * @class <p>This class encodes and decodes RestrictedIdentificationInfo objects.</p>
 33  * <p>The class implements the following ASN.1 syntax:</p>
 34  * <pre>
 35  * RestrictedIdentificationInfo ::= SEQUENCE {
 36  *   protocol  OBJECT IDENTIFIER(
 37  *             id-RI-DH-SHA-1  |
 38  *             id-RI-DH-SHA-224  |
 39  *             id-RI-DH-SHA-256  |
 40  *             id-RI-DH-SHA-384 |
 41  *             id-RI-DH-SHA-512 |
 42  *             id-RI-ECDH-SHA-1  |
 43  *             id-RI-ECDH-SHA-224  |
 44  *             id-RI-ECDH-SHA-256 |
 45  *             id-RI-ECDH-SHA-384 |
 46  *             id-RI-ECDH-SHA-512),
 47  *   params    ProtocolParams,
 48  *   maxKeyLen INTEGER OPTIONAL
 49  * }
 50  * ProtocolParams ::= SEQUENCE {
 51  *   version         INTEGER, -- MUST be 1
 52  *   keyId           INTEGER,
 53  *   authorizedOnly  BOOLEAN
 54  * }
 55  * </pre>
 56  * @constructor
 57  * @param {ASN1} the optional tlv structure to initialize the object
 58  */
 59 function RestrictedIdentificationInfo(tlv) {
 60 	if (tlv && (tlv instanceof ASN1)) {
 61 		assert(tlv.isconstructed);
 62 		assert(tlv.elements >= 2);
 63 
 64 		var i = 0;
 65 		var t = tlv.get(i++);
 66 		assert(t.tag == ASN1.OBJECT_IDENTIFIER);
 67 		this.protocol = t.value;
 68 
 69 		var params = tlv.get(i++);
 70 		assert(params.tag == ASN1.SEQUENCE);
 71 		assert(params.elements == 3);
 72 
 73 		assert(params.get(0).tag == ASN1.INTEGER);
 74 		this.version = params.get(0).value.toSigned();
 75 
 76 		assert(params.get(1).tag == ASN1.INTEGER);
 77 		this.keyId = params.get(1).value.toSigned();
 78 
 79 		assert(params.get(2).tag == ASN1.BOOLEAN);
 80 		this.authorizedOnly = params.get(2).value.toSigned();
 81 
 82 		if (i < tlv.elements) {
 83 			var t = tlv.get(i++);
 84 			assert(t.tag == ASN1.INTEGER);
 85 			this.maxKeyLen = t.value.toSigned();
 86 		}
 87 	}
 88 }
 89 
 90 exports.RestrictedIdentificationInfo = RestrictedIdentificationInfo;
 91 
 92 
 93 
 94 /**
 95  * Convert object to TLV structure
 96  *
 97  * @return the TLV structure
 98  * @type ASN1
 99  */
100 RestrictedIdentificationInfo.prototype.toTLV = function() {
101 	var t = new ASN1(ASN1.SEQUENCE,
102 				new ASN1(ASN1.OBJECT_IDENTIFIER, this.protocol),
103 				new ASN1(ASN1.SEQUENCE,
104 					new ASN1(ASN1.INTEGER, ByteString.valueOf(this.version)),
105 					new ASN1(ASN1.INTEGER, ByteString.valueOf(this.keyId)),
106 					new ASN1(ASN1.BOOLEAN, ByteString.valueOf(this.authorizedOnly ? 0xFF : 0x00))
107 				)
108 	);
109 
110 	if (typeof(this.maxKeyLen) != "undefined") {
111 		t.add(new ASN1(ASN1.INTEGER, ByteString.valueOf(this.maxKeyLen)));
112 	}
113 	return t;
114 }
115 
116 
117 
118 RestrictedIdentificationInfo.prototype.toString = function() {
119 	return "RestrictedIdentificationInfo(protocol=" + this.protocol + ", version=" + this.version + ", keyId=" + this.keyId + ",authOnly=" + this.authorizedOnly + ",maxKeyLen=" + this.maxKeyLen + ")";
120 }
121 
122 
123 
124 /**
125  * Create a RestrictedIdentificationDomainParameterInfo object
126  *
127  * @class <p>This class encodes and decodes RestrictedIdentificationDomainParameterInfo objects.</p>
128  * <p>The class implements the following ASN.1 syntax:</p>
129  * <pre>
130  *	RestrictedIdentificationDomainParameterInfo ::= SEQUENCE {
131  *		protocol OBJECT IDENTIFIER(id-CA-DH | id-CA-ECDH),
132  *		domainParameter AlgorithmIdentifier,
133  * }
134  * </pre>
135  * @constructor
136  * @param {ASN1} the optional tlv structure to initialize the object
137  */
138 function RestrictedIdentificationDomainParameterInfo(tlv) {
139 	if (tlv && (tlv instanceof ASN1)) {
140 		assert(tlv.isconstructed);
141 		assert(tlv.elements >= 2);
142 		
143 		var i = 0;
144 		var t = tlv.get(i++);
145 		assert(t.tag == ASN1.OBJECT_IDENTIFIER);
146 		this.protocol = t.value;
147 		
148 		var t = tlv.get(i++);
149 		assert(t.tag == ASN1.SEQUENCE);
150 
151 		if (t.elements > 0) {
152 			var oid = t.get(0);
153 			assert(oid.tag == ASN1.OBJECT_IDENTIFIER);
154 			if (oid.value.equals(new ByteString("standardizedDomainParameter", OID))) {
155 				this.standardizedDomainParameter = t.get(1).value.toUnsigned();
156 				var curveoid = RestrictedIdentification.standardizedDomainParameter[this.standardizedDomainParameter];
157 				if (!curveoid) {
158 					throw new GPError("RestrictedIdentificationPublicKeyInfo", GPError.INVALID_DATA, 0, "Standardized domain parameter " + this.standardizedDomainParameter + " is unknown");
159 				}
160 				this.domainParameter = new Key();
161 				this.domainParameter.setComponent(Key.ECC_CURVE_OID, new ByteString(curveoid, OID));
162 			} else {
163 				this.domainParameter = ECCUtils.decodeECParameters(t.get(1));
164 			}
165 		} else {
166 			this.domainParameter = new Key();
167 			this.domainParameter.setComponent(Key.ECC_CURVE_OID, new ByteString("brainpoolP256r1", OID));
168 		}
169 	}
170 }
171 
172 exports.RestrictedIdentificationDomainParameterInfo = RestrictedIdentificationDomainParameterInfo;
173 
174 
175 
176 /**
177  * Convert object to TLV structure
178  *
179  * @return the TLV structure
180  * @type ASN1
181  */
182 RestrictedIdentificationDomainParameterInfo.prototype.toTLV = function() {
183 	var t = new ASN1(ASN1.SEQUENCE);
184 
185 	t.add(new ASN1(ASN1.OBJECT_IDENTIFIER, this.protocol));
186 
187 	var c = new ASN1(ASN1.SEQUENCE);
188 	if (this.standardizedDomainParameter) {
189 		c.add(new ASN1(ASN1.OBJECT_IDENTIFIER, new ByteString("standardizedDomainParameter", OID)));
190 		c.add(new ASN1(ASN1.INTEGER, ByteString.valueOf(this.standardizedDomainParameter)));
191 	} else {
192 
193 	}
194 	t.add(c);
195 
196 	return t;
197 }
198 
199 
200 
201 RestrictedIdentificationDomainParameterInfo.prototype.toString = function() {
202 	return "RestrictedIdentificationDomainParameterInfo(protocol=" + this.protocol + ", keyId=" + this.keyId + ")";
203 }
204 
205 
206 RestrictedIdentification = {
207 	id_RI: new ByteString("id-RI", OID),
208 	id_RI_DH: new ByteString("id-RI-DH", OID),
209 	id_RI_ECDH: new ByteString("id-RI-ECDH", OID)
210 };
211 
212 exports.RestrictedIdentification = RestrictedIdentification;
213 
214 RestrictedIdentification.standardizedDomainParameter = [];
215 RestrictedIdentification.standardizedDomainParameter[8] = "secp192r1";
216 RestrictedIdentification.standardizedDomainParameter[9] = "brainpoolP192r1";
217 RestrictedIdentification.standardizedDomainParameter[10] = "secp224r1";
218 RestrictedIdentification.standardizedDomainParameter[11] = "brainpoolP224r1";
219 RestrictedIdentification.standardizedDomainParameter[12] = "secp256r1";
220 RestrictedIdentification.standardizedDomainParameter[13] = "brainpoolP256r1";
221 RestrictedIdentification.standardizedDomainParameter[14] = "brainpoolP320r1";
222 RestrictedIdentification.standardizedDomainParameter[15] = "secp384r1";
223 RestrictedIdentification.standardizedDomainParameter[16] = "brainpoolP384r1";
224 RestrictedIdentification.standardizedDomainParameter[17] = "brainpoolP512r1";
225 RestrictedIdentification.standardizedDomainParameter[18] = "secp521r1";
226