src/lib/asn1/gen_asn1oid.py

   1 #!/usr/bin/env python
   2
   3 #
   4 #    Copyright (c) 2020 Project CHIP Authors
   5 #    Copyright (c) 2019 Google LLC.
   6 #    Copyright (c) 2013-2017 Nest Labs, Inc.
   7 #    All rights reserved.
   8 #
   9 #    Licensed under the Apache License, Version 2.0 (the "License");
  10 #    you may not use this file except in compliance with the License.
  11 #    You may obtain a copy of the License at
  12 #
  13 #        http://www.apache.org/licenses/LICENSE-2.0
  14 #
  15 #    Unless required by applicable law or agreed to in writing, software
  16 #    distributed under the License is distributed on an "AS IS" BASIS,
  17 #    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18 #    See the License for the specific language governing permissions and
  19 #    limitations under the License.
  20 #
  21
  22 #
  23 #    @file
  24 #      This file implements a Python script to generate a C/C++ header
  25 #      for individual ASN1 Object IDs (OIDs) that are used in CHIP
  26 #      TLV encodings (notably the CHIP Certificate object).
  27 #
  28
  29 from __future__ import absolute_import
  30 from __future__ import print_function
  31 import optparse
  32 import sys
  33
  34 def identity(n):
  35     return n
  36
  37
  38 # OID labels
  39 ansi_X9_62              = identity
  40 certicom                = identity
  41 characteristicTwo       = identity
  42 chip                    = identity
  43 curve                   = identity
  44 curves                  = identity
  45 digest_algorithm        = identity
  46 dod                     = identity
  47 ds                      = identity
  48 enterprise              = identity
  49 organization            = identity
  50 internet                = identity
  51 iso                     = identity
  52 itu_t                   = identity
  53 joint_iso_ccitt         = identity
  54 keyType                 = identity
  55 mechanisms              = identity
  56 member_body             = identity
  57 pkcs1                   = identity
  58 pkcs                    = identity
  59 pkix                    = identity
  60 prime                   = identity
  61 private                 = identity
  62 rsadsi                  = identity
  63 schemes                 = identity
  64 security                = identity
  65 signatures              = identity
  66 us                      = identity
  67 zigbee                  = identity
  68
  69 # OID Categories
  70 oidCategories = [
  71     ( "PubKeyAlgo",         0x0100 ),
  72     ( "SigAlgo",            0x0200 ),
  73     ( "AttributeType",      0x0300 ),
  74     ( "EllipticCurve",      0x0400 ),
  75     ( "Extension",          0x0500 ),
  76     ( "KeyPurpose",         0x0600 )
  77 ]
  78
  79 # Table of well-known ASN.1 object IDs
  80 #
  81 oids = [
  82
  83     # !!! WARNING !!!
  84     #
  85     # The enumerated values associated with individual object IDs are used in CHIP TLV encodings (notably the CHIP Certificate object).
  86     # Because of this, the Enum Values assigned to object IDs in this table MUST NOT BE CHANGED once in use.
  87
  88
  89     #                                              Enum
  90     # Category          Name                       Value    Object ID
  91     # ----------------- -------------------------- -------- ------------------------------------------------------------------------------------------------
  92
  93     # Public Key Algorithms
  94     ( "PubKeyAlgo",     "ECPublicKey",             1,       [ iso(1), member_body(2), us(840), ansi_X9_62(10045), keyType(2), 1 ]                           ),
  95
  96     # Signature Algorithms
  97     # RFC 3279
  98     ( "SigAlgo",        "ECDSAWithSHA256",         1,       [ iso(1), member_body(2), us(840), ansi_X9_62(10045), signatures(4), 3, 2 ]                     ),
  99
 100     # X.509 Distinguished Name Attribute Types
 101     #   WARNING -- Assign no values higher than 127.
 102     ( "AttributeType",  "CommonName",              1,       [ joint_iso_ccitt(2), ds(5), 4, 3 ]                                                             ),
 103     ( "AttributeType",  "Surname",                 2,       [ joint_iso_ccitt(2), ds(5), 4, 4 ]                                                             ),
 104     ( "AttributeType",  "SerialNumber",            3,       [ joint_iso_ccitt(2), ds(5), 4, 5 ]                                                             ),
 105     ( "AttributeType",  "CountryName",             4,       [ joint_iso_ccitt(2), ds(5), 4, 6 ]                                                             ),
 106     ( "AttributeType",  "LocalityName",            5,       [ joint_iso_ccitt(2), ds(5), 4, 7 ]                                                             ),
 107     ( "AttributeType",  "StateOrProvinceName",     6,       [ joint_iso_ccitt(2), ds(5), 4, 8 ]                                                             ),
 108     ( "AttributeType",  "OrganizationName",        7,       [ joint_iso_ccitt(2), ds(5), 4, 10 ]                                                            ),
 109     ( "AttributeType",  "OrganizationalUnitName",  8,       [ joint_iso_ccitt(2), ds(5), 4, 11 ]                                                            ),
 110     ( "AttributeType",  "Title",                   9,       [ joint_iso_ccitt(2), ds(5), 4, 12 ]                                                            ),
 111     ( "AttributeType",  "Name",                    10,      [ joint_iso_ccitt(2), ds(5), 4, 41 ]                                                            ),
 112     ( "AttributeType",  "GivenName",               11,      [ joint_iso_ccitt(2), ds(5), 4, 42 ]                                                            ),
 113     ( "AttributeType",  "Initials",                12,      [ joint_iso_ccitt(2), ds(5), 4, 43 ]                                                            ),
 114     ( "AttributeType",  "GenerationQualifier",     13,      [ joint_iso_ccitt(2), ds(5), 4, 44 ]                                                            ),
 115     ( "AttributeType",  "DNQualifier",             14,      [ joint_iso_ccitt(2), ds(5), 4, 46 ]                                                            ),
 116     ( "AttributeType",  "Pseudonym",               15,      [ joint_iso_ccitt(2), ds(5), 4, 65 ]                                                            ),
 117     ( "AttributeType",  "DomainComponent",         16,      [ itu_t(0), 9, 2342, 19200300, 100, 1, 25 ]                                                     ),
 118     ( "AttributeType",  "ChipNodeId",              17,      [ iso(1), organization(3), dod(6), internet(1), private(4), enterprise(1), zigbee(37244), chip(1), 1 ] ),
 119     ( "AttributeType",  "ChipCAId",                18,      [ iso(1), organization(3), dod(6), internet(1), private(4), enterprise(1), zigbee(37244), chip(1), 2 ] ),
 120     ( "AttributeType",  "ChipSoftwarePublisherId", 19,      [ iso(1), organization(3), dod(6), internet(1), private(4), enterprise(1), zigbee(37244), chip(1), 3 ] ),
 121     ( "AttributeType",  "ChipFabricId",            20,      [ iso(1), organization(3), dod(6), internet(1), private(4), enterprise(1), zigbee(37244), chip(1), 4 ] ),
 122
 123     # Elliptic Curves
 124     ( "EllipticCurve",  "prime256v1",              1,       [ iso(1), member_body(2), us(840), ansi_X9_62(10045), curves(3), prime(1), 7 ]                  ),
 125
 126     # Certificate Extensions
 127     ( "Extension",      "AuthorityKeyIdentifier",  1,       [ joint_iso_ccitt(2), ds(5), 29, 35 ]                                                           ),
 128     ( "Extension",      "SubjectKeyIdentifier",    2,       [ joint_iso_ccitt(2), ds(5), 29, 14 ]                                                           ),
 129     ( "Extension",      "KeyUsage",                3,       [ joint_iso_ccitt(2), ds(5), 29, 15 ]                                                           ),
 130     ( "Extension",      "BasicConstraints",        4,       [ joint_iso_ccitt(2), ds(5), 29, 19 ]                                                           ),
 131     ( "Extension",      "ExtendedKeyUsage",        5,       [ joint_iso_ccitt(2), ds(5), 29, 37 ]                                                           ),
 132
 133     # Key Purposes
 134     ( "KeyPurpose",     "ServerAuth",              1,       [ iso(1), organization(3), dod(6), internet(1), security(5), mechanisms(5), pkix(7), 3, 1 ]     ),
 135     ( "KeyPurpose",     "ClientAuth",              2,       [ iso(1), organization(3), dod(6), internet(1), security(5), mechanisms(5), pkix(7), 3, 2 ]     ),
 136     ( "KeyPurpose",     "CodeSigning",             3,       [ iso(1), organization(3), dod(6), internet(1), security(5), mechanisms(5), pkix(7), 3, 3 ]     ),
 137     ( "KeyPurpose",     "EmailProtection",         4,       [ iso(1), organization(3), dod(6), internet(1), security(5), mechanisms(5), pkix(7), 3, 4 ]     ),
 138     ( "KeyPurpose",     "TimeStamping",            5,       [ iso(1), organization(3), dod(6), internet(1), security(5), mechanisms(5), pkix(7), 3, 8 ]     ),
 139     ( "KeyPurpose",     "OCSPSigning",             6,       [ iso(1), organization(3), dod(6), internet(1), security(5), mechanisms(5), pkix(7), 3, 9 ]     ),
 140 ]
 141
 142
 143 def encodeOID(oid):
 144
 145     assert len(oid) >= 2
 146
 147     oid = [ (oid[0]*40 + oid[1]) ] + oid[2:]
 148
 149     encodedOID = []
 150     for val in oid:
 151         val, byte = divmod(val, 128)
 152         seg = [ byte ]
 153         while val > 0:
 154             val, byte = divmod(val, 128)
 155             seg.insert(0, byte + 0x80)
 156         encodedOID += (seg)
 157
 158     return encodedOID
 159
 160
 161 TEMPLATE = '''/*
 162  *
 163  *    Copyright (c) 2020 Project CHIP Authors
 164  *    Copyright (c) 2019 Google LLC.
 165  *    Copyright (c) 2013-2017 Nest Labs, Inc.
 166  *    All rights reserved.
 167  *
 168  *    Licensed under the Apache License, Version 2.0 (the \"License\");
 169  *    you may not use this file except in compliance with the License.
 170  *    You may obtain a copy of the License at
 171  *
 172  *        http://www.apache.org/licenses/LICENSE-2.0
 173  *
 174  *    Unless required by applicable law or agreed to in writing, software
 175  *    distributed under the License is distributed on an \"AS IS\" BASIS,
 176  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 177  *    See the License for the specific language governing permissions and
 178  *    limitations under the License.
 179  *
 180  */
 181
 182 /**
 183  *    @file
 184  *      ASN.1 Object ID Definitions
 185  *
 186  *      !!! WARNING !!! WARNING !!! WARNING !!!
 187  *
 188  *      DO NOT EDIT THIS FILE! This file is generated by the
 189  *      gen-oid-table.py script.
 190  *
 191  *      To make changes, edit the script and re-run it to generate
 192  *      this file.
 193  *
 194  */
 195
 196 #pragma once
 197
 198 enum OIDCategory
 199 %(oid_category_enums)s
 200
 201 typedef uint16_t OID;
 202
 203 enum
 204 %(oid_enums)s
 205
 206 struct OIDTableEntry
 207 {
 208     OID EnumVal;
 209     const uint8_t *EncodedOID;
 210     uint16_t EncodedOIDLen;
 211 };
 212
 213 struct OIDNameTableEntry
 214 {
 215     OID EnumVal;
 216     const char *Name;
 217 };
 218
 219 extern const OIDTableEntry sOIDTable[];
 220 extern const OIDNameTableEntry sOIDNameTable[];
 221 extern const size_t sOIDTableSize;
 222
 223 #ifdef ASN1_DEFINE_OID_TABLE
 224 %(oid_utf8_strings)s
 225
 226 const OIDTableEntry sOIDTable[] =
 227 %(oid_table)s
 228
 229 const size_t sOIDTableSize = sizeof(sOIDTable) / sizeof(OIDTableEntry);
 230
 231 #endif // ASN1_DEFINE_OID_TABLE
 232
 233 #ifdef ASN1_DEFINE_OID_NAME_TABLE
 234
 235 const OIDNameTableEntry sOIDNameTable[] =
 236 %(oid_name_table)s
 237
 238 #endif // ASN1_DEFINE_OID_NAME_TABLE
 239 '''
 240
 241 oid_category_enums ="{\n"
 242 for (catName, catEnum) in oidCategories:
 243     oid_category_enums +="    kOIDCategory_%s = 0x%04X,\n" % (catName, catEnum)
 244 oid_category_enums +='''
 245     kOIDCategory_NotSpecified = 0,
 246     kOIDCategory_Unknown = 0x0F00,
 247     kOIDCategory_Mask = 0x0F00
 248 };'''
 249
 250 oid_enums ="{\n"
 251 for (catName, catEnum) in oidCategories:
 252     for (oidCatName, oidName, oidEnum, oid) in oids:
 253         if (oidCatName == catName):
 254             oid_enums +="    kOID_%s_%s = 0x%04X,\n" % (catName, oidName, catEnum + oidEnum)
 255     oid_enums +="\n"
 256 oid_enums +='''    kOID_NotSpecified = 0,
 257     kOID_Unknown = 0xFFFF,
 258     kOID_EnumMask = 0x00FF
 259 };'''
 260
 261 oid_utf8_strings ="\n"
 262 for (catName, oidName, oidEnum, oid) in oids:
 263     oid_utf8_strings +="static const uint8_t sOID_%s_%s[] = { %s };\n" % (catName, oidName, ", ".join([ "0x%02X" % (x) for x in encodeOID(oid) ]))
 264
 265 oid_table ="{\n"
 266 for (catName, oidName, oidEnum, oid) in oids:
 267     oid_table +="    { kOID_%s_%s, sOID_%s_%s, sizeof(sOID_%s_%s) },\n" % (catName, oidName, catName, oidName, catName, oidName)
 268 oid_table +="    { kOID_NotSpecified, NULL, 0 }\n};"
 269
 270 oid_name_table ="{\n"
 271 for (catName, oidName, oidEnum, oid) in oids:
 272     oid_name_table +="    { kOID_%s_%s, \"%s\" },\n" % (catName, oidName, oidName)
 273 oid_name_table +="    { kOID_NotSpecified, NULL }\n};"
 274
 275
 276 def main(argv):
 277   parser = optparse.OptionParser()
 278
 279   parser.add_option('--output_file')
 280
 281   options, _ = parser.parse_args(argv)
 282
 283   template_args = {
 284           'oid_category_enums': oid_category_enums,
 285           'oid_enums': oid_enums,
 286           'oid_utf8_strings': oid_utf8_strings,
 287           'oid_table': oid_table,
 288           'oid_name_table': oid_name_table,
 289   }
 290
 291   with open(options.output_file, 'w') as asn1oid_file:
 292       asn1oid_file.write(TEMPLATE % template_args)
 293
 294   return 0
 295
 296 if __name__ == '__main__':
 297     sys.exit(main(sys.argv[1:]))