AES WRAP ASN.1

synrc · Jul 4, 2023 · 29d324f · 29d324f
1 parent a52aab6
commit 29d324f
Show file tree

Hide file tree

Showing 6 changed files with 286 additions and 164 deletions.
diff --git a/lib/sec.ex b/lib/sec.ex
@@ -1,9 +1,17 @@
 defmodule CA.CRYPTO do
     @aad "AES256CBC"
 
+    def unwrap() do
+        y = "0004290728E36FA052424AB5649D08B62893E1037A96F3A55542A602A3ADC498B6C79962237F3A06B0165B"
+            "474E8700F08E5050298E49CE3B2CC55E2FA3752FFCDFEE8A59E76FA2CEFC841A50086D8F47018E5E26BE4D"
+            "68B2CD926583A9A41257113C"
+        z = "884B58ACC3A022028967505E052BEF8E"
+        w = "D434906245409BD25A7EBA7827F42F64"
+        x = :oid.unhex "4C5A459B4A305BC8B356571308AEAF7B269BBBE7CB17D09AAC9DCF6868685214D20F40478B0B186B"
+    end
+
     def testCMSX509() do
-        {_,base} = :file.read_file "priv/encrypted.txt"
-        bin = :base64.decode base
+        {_,bin} = :file.read_file "priv/encrypted.bin"
         :'CryptographicMessageSyntax-2009'.decode(:ContentInfo, bin)
     end
 
@@ -25,7 +33,7 @@ defmodule CA.CRYPTO do
     def test() do
         key = privat "client"
         public = public "client"
-         {_,{:ContentInfo,_,{:EnvelopedData,_,_,x,{:EncryptedContentInfo,_,_,cipher},_}}} = CA.CRYPTO.testCMSX509
+        {_,{:ContentInfo,_,{:EnvelopedData,_,_,x,{:EncryptedContentInfo,_,_,cipher},_}}} = CA.CRYPTO.testCMSX509
         [kari: {_,:v3,{_,{_,_,pub}},_,_,[{_,_,data}]}] = x
         {pub,public,data,key,cipher}
 

diff --git a/priv/cms/AESKeyWrapWithPad-02.asn1 b/priv/cms/AESKeyWrapWithPad-02.asn1
@@ -0,0 +1,84 @@
+AESKeyWrapWithPad-02 { iso(1) member-body(2) us(840) rsadsi(113549)
+     pkcs(1) pkcs-9(9) smime(16) modules(0) 48 }
+
+   DEFINITIONS IMPLICIT TAGS ::=
+
+   BEGIN
+
+   -- EXPORTS ALL --
+
+   IMPORTS
+     AlgorithmIdentifier{}, CONTENT-ENCRYPTION, KEY-WRAP, SMIME-CAPS
+     FROM AlgorithmInformation-2009  -- [CMS-ASN]
+       { iso(1) identified-organization(3) dod(6) internet(1)
+         security(5) mechanisms(5) pkix(7) id-mod(0)
+         id-mod-algorithmInformation-02(58) };
+
+   AES-ContentEncryption CONTENT-ENCRYPTION ::= {
+     cea-aes128-wrap-pad |
+     cea-aes192-wrap-pad |
+     cea-aes256-wrap-pad,
+     ... }
+
+   AES-KeyWrap KEY-WRAP ::= {
+     kwa-aes128-wrap-pad |
+     kwa-aes192-wrap-pad |
+     kwa-aes256-wrap-pad,
+     ... }
+
+   SMimeCaps SMIME-CAPS ::= {
+     cea-aes128-wrap-pad.&smimeCaps |
+     cea-aes192-wrap-pad.&smimeCaps |
+     cea-aes256-wrap-pad.&smimeCaps |
+     kwa-aes128-wrap-pad.&smimeCaps |
+     kwa-aes192-wrap-pad.&smimeCaps |
+     kwa-aes256-wrap-pad.&smimeCaps,
+     ... }
+
+   -- AES object identifier
+
+   aes OBJECT IDENTIFIER ::= {
+     joint-iso-itu-t(2) country(16) us(840) organization(1)
+     gov(101) csor(3) nistAlgorithms(4) 1 }
+
+   -- Content Encryption Algorithms
+
+   cea-aes128-wrap-pad CONTENT-ENCRYPTION ::= {
+     IDENTIFIER id-aes128-wrap-pad
+     PARAMS ARE absent
+     SMIME-CAPS { IDENTIFIED BY id-aes128-wrap-pad } }
+
+   cea-aes192-wrap-pad CONTENT-ENCRYPTION ::= {
+     IDENTIFIER id-aes192-wrap-pad
+     PARAMS ARE absent
+     SMIME-CAPS { IDENTIFIED BY id-aes192-wrap-pad } }
+
+   cea-aes256-wrap-pad CONTENT-ENCRYPTION ::= {
+     IDENTIFIER id-aes256-wrap-pad
+     PARAMS ARE absent
+     SMIME-CAPS { IDENTIFIED BY id-aes256-wrap-pad } }
+
+   -- Key Wrap Algorithms
+
+   kwa-aes128-wrap-pad KEY-WRAP ::= {
+     IDENTIFIER id-aes128-wrap-pad
+     PARAMS ARE absent
+     SMIME-CAPS { IDENTIFIED BY id-aes128-wrap-pad } }
+
+   id-aes128-wrap-pad OBJECT IDENTIFIER ::= { aes 8 }
+
+   kwa-aes192-wrap-pad KEY-WRAP ::= {
+     IDENTIFIER id-aes192-wrap-pad
+     PARAMS ARE absent
+     SMIME-CAPS { IDENTIFIED BY id-aes192-wrap-pad } }
+
+   id-aes192-wrap-pad OBJECT IDENTIFIER ::= { aes 28 }
+
+   kwa-aes256-wrap-pad KEY-WRAP ::= {
+     IDENTIFIER id-aes256-wrap-pad
+     PARAMS ARE absent
+     SMIME-CAPS { IDENTIFIED BY id-aes256-wrap-pad } }
+
+   id-aes256-wrap-pad OBJECT IDENTIFIER ::= { aes 48 }
+
+   END
diff --git a/priv/cms/AESKeyWrapWithPad-88.asn1 b/priv/cms/AESKeyWrapWithPad-88.asn1
@@ -0,0 +1,25 @@
+ AESKeyWrapWithPad-88 { iso(1) member-body(2) us(840) rsadsi(113549)
+     pkcs(1) pkcs-9(9) smime(16) modules(0) 47 }
+
+   DEFINITIONS IMPLICIT TAGS ::=
+
+   BEGIN
+
+   -- EXPORTS ALL --
+
+   -- IMPORTS NONE --
+
+   -- AES information object identifiers --
+
+   aes OBJECT IDENTIFIER ::= {
+     joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)
+     csor(3) nistAlgorithms(4) 1 }
+
+   -- AES Key Wrap With Padding Algorithm Identifiers are to be used
+   -- with the Parameter field absent
+
+   id-aes128-wrap-pad OBJECT IDENTIFIER ::= { aes 8 }
+   id-aes192-wrap-pad OBJECT IDENTIFIER ::= { aes 28 }
+   id-aes256-wrap-pad OBJECT IDENTIFIER ::= { aes 48 }
+
+   END