FEAT: load-PKIX function (as a part of the new mezz-crypt module)

Author: Oldes

src/mezz/boot-files.r

@@ -46,6 +46,7 @@ REBOL [
 	%mezz-help.r ; move dump-obj!
 	%mezz-banner.r
 	%mezz-colors.r
+	%mezz-crypt.r
 	%mezz-tail.r
 ]
 

src/mezz/mezz-crypt.r

@@ -0,0 +1,82 @@
+REBOL [
+	System:  "REBOL [R3] Language Interpreter and Run-time Environment"
+	Title:   "REBOL 3 Mezzanine: Crypt"
+	Author:  "Oldes"
+	Rights:  "Copyright (C) 2018 Oldes. All rights reserved."
+	License: "BSD-3"
+	Test:    %tests/units/mezz-crypt-test.r3
+]
+
+import module [
+	Title: "Cryptography related mezzanine functions"
+	Name:  Crypt-utils
+	Version: 0.0.1
+	Exports: [load-PKIX]
+][
+
+;local helpers
+
+	ch_space:   charset " ^-^/^M"
+	ch_tag:     exclude charset [#" " - #"~"] charset #":"
+	ch_val:     complement charset "\^/"
+	ch_pretext: complement charset #"-"
+	ch_base64:  charset [#"a" - #"z" #"A" - #"Z" #"0" - #"9" #"/" #"+" #"="]
+	ch_label:   charset [#"^(21)" - #"^(2C)" #"^(2E)" - #"^(7E)" #" "]
+
+	load-PKIX: function[
+		"Loads PKIX Textual Encoded data (RFC 7468). Returns block! or binary!"
+		input [string! binary!] "Data to load"
+		/binary "Returns only debased binary"
+		/local tag val base64-data label pre-text post-text
+	][
+		if binary? input [input: to-string input]
+
+		header: copy []
+
+		rl_label: [
+			e: [
+				"---- BEGIN " copy label any ch_label "----" |
+				"-----BEGIN " copy label any ch_label "-----"
+			] opt cr lf (trim/tail copy label)
+			|
+			some ch_pretext rl_label
+		]
+
+		unless parse/all input [
+			s: rl_label ( pre-text: copy/part s e )
+			any [
+				copy tag some ch_tag #":"
+				s: [
+					some ch_val "^/"
+					|
+					any [some ch_val "\^/"] some ch_val "^/"
+				] e: (
+					val: trim/head/tail copy/part s e
+					replace/all val "\^/" ""
+					if all [#"^"" = val/1 #"^"" = last val][
+						remove back tail remove val
+					] 
+					repend header reduce [tag val]
+				)
+			]
+			copy base64-data some [ch_base64 | ch_space] 
+			[
+				"---- END " label "----" |
+				"-----END " label "-----"
+			] any [cr | lf]
+			copy post-text to end
+		][	return none ]
+		
+		either binary [
+			try [debase base64-data]
+		][
+			compose/only [
+				label:     (trim/tail label)
+				binary:    (try [debase base64-data])
+				header:    (new-line/skip header true 2)
+				pre-text:  (trim/head/tail pre-text)
+				post-text: (trim/head/tail post-text)
+			]
+		]
+	]
+] ;- end of module

src/tests/units/mezz-crypt-test.r3

@@ -0,0 +1,197 @@
+Rebol [
+	Title:   "Rebol lexer test script"
+	Author:  "Olds"
+	File: 	 %lexer-test.red
+	Tabs:	 4
+]
+
+do %../quick-test.r3
+
+~~~start-file~~~ "Crypt mezzanine"
+
+===start-group=== "Load-PKIX"
+
+--test-- "Textual Encoding of Certificates"
+	;@@ https://tools.ietf.org/html/rfc7468#section-5
+	;this one also with possible explanatory text
+	;@@ https://tools.ietf.org/html/rfc7468#section-5.2
+	pkxi:
+{Subject: CN=Atlantis
+Issuer: CN=Atlantis
+Validity: from 7/9/2012 3:10:38 AM UTC to 7/9/2013 3:10:37 AM UTC
+-----BEGIN CERTIFICATE-----
+MIIBmTCCAUegAwIBAgIBKjAJBgUrDgMCHQUAMBMxETAPBgNVBAMTCEF0bGFudGlz
+MB4XDTEyMDcwOTAzMTAzOFoXDTEzMDcwOTAzMTAzN1owEzERMA8GA1UEAxMIQXRs
+YW50aXMwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAu+BXo+miabDIHHx+yquqzqNh
+Ryn/XtkJIIHVcYtHvIX+S1x5ErgMoHehycpoxbErZmVR4GCq1S2diNmRFZCRtQID
+AQABo4GJMIGGMAwGA1UdEwEB/wQCMAAwIAYDVR0EAQH/BBYwFDAOMAwGCisGAQQB
+gjcCARUDAgeAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDAzA1BgNVHQEE
+LjAsgBA0jOnSSuIHYmnVryHAdywMoRUwEzERMA8GA1UEAxMIQXRsYW50aXOCASow
+CQYFKw4DAh0FAANBAKi6HRBaNEL5R0n56nvfclQNaXiDT174uf+lojzA4lhVInc0
+ILwpnZ1izL4MlI9eCSHhVQBHEp2uQdXJB+d5Byg=
+-----END CERTIFICATE-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+--test-- "Textual Encoding of Certificate Revocation Lists"
+	;@@ https://tools.ietf.org/html/rfc7468#section-6
+	pkxi:
+{-----BEGIN X509 CRL-----
+MIIB9DCCAV8CAQEwCwYJKoZIhvcNAQEFMIIBCDEXMBUGA1UEChMOVmVyaVNpZ24s
+IEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxRjBEBgNVBAsT
+PXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5jb3JwLiBieSBSZWYu
+LExJQUIuTFREKGMpOTgxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlkYXRlZDEm
+MCQGA1UECxMdRGlnaXRhbCBJRCBDbGFzcyAxIC0gTmV0c2NhcGUxGDAWBgNVBAMU
+D1NpbW9uIEpvc2Vmc3NvbjEiMCAGCSqGSIb3DQEJARYTc2ltb25Aam9zZWZzc29u
+Lm9yZxcNMDYxMjI3MDgwMjM0WhcNMDcwMjA3MDgwMjM1WjAjMCECEC4QNwPfRoWd
+elUNpllhhTgXDTA2MTIyNzA4MDIzNFowCwYJKoZIhvcNAQEFA4GBAD0zX+J2hkcc
+Nbrq1Dn5IKL8nXLgPGcHv1I/le1MNo9t1ohGQxB5HnFUkRPAY82fR6Epor4aHgVy
+b+5y+neKN9Kn2mPF4iiun+a4o26CjJ0pArojCL1p8T0yyi9Xxvyc/ezaZ98HiIyP
+c3DGMNR+oUmSjKZ0jIhAYmeLxaPHfQwR
+-----END X509 CRL-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+--test-- "Textual Encoding of PKCS #10 Certification Request Syntax"
+	;@@ https://tools.ietf.org/html/rfc7468#section-7
+	pkxi:
+{-----BEGIN CERTIFICATE REQUEST-----
+MIIBWDCCAQcCAQAwTjELMAkGA1UEBhMCU0UxJzAlBgNVBAoTHlNpbW9uIEpvc2Vm
+c3NvbiBEYXRha29uc3VsdCBBQjEWMBQGA1UEAxMNam9zZWZzc29uLm9yZzBOMBAG
+ByqGSM49AgEGBSuBBAAhAzoABLLPSkuXY0l66MbxVJ3Mot5FCFuqQfn6dTs+9/CM
+EOlSwVej77tj56kj9R/j9Q+LfysX8FO9I5p3oGIwYAYJKoZIhvcNAQkOMVMwUTAY
+BgNVHREEETAPgg1qb3NlZnNzb24ub3JnMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/
+BAUDAwegADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgM/ADA8
+AhxBvfhxPFfbBbsE1NoFmCUczOFApEuQVUw3ZP69AhwWXk3dgSUsKnuwL5g/ftAY
+dEQc8B8jAcnuOrfU
+-----END CERTIFICATE REQUEST-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+--test-- "Textual Encoding of PKCS #7 Cryptographic Message Syntax"
+	;@@ https://tools.ietf.org/html/rfc7468#section-8
+	pkxi:
+{-----BEGIN PKCS7-----
+MIHjBgsqhkiG9w0BCRABF6CB0zCB0AIBADFho18CAQCgGwYJKoZIhvcNAQUMMA4E
+CLfrI6dr0gUWAgITiDAjBgsqhkiG9w0BCRADCTAUBggqhkiG9w0DBwQIZpECRWtz
+u5kEGDCjerXY8odQ7EEEromZJvAurk/j81IrozBSBgkqhkiG9w0BBwEwMwYLKoZI
+hvcNAQkQAw8wJDAUBggqhkiG9w0DBwQI0tCBcU09nxEwDAYIKwYBBQUIAQIFAIAQ
+OsYGYUFdAH0RNc1p4VbKEAQUM2Xo8PMHBoYdqEcsbTodlCFAZH4=
+-----END PKCS7-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+--test-- "Textual Encoding of Cryptographic Message Syntax"
+	;@@ https://tools.ietf.org/html/rfc7468#section-9
+	pkxi:
+{-----BEGIN CMS-----
+MIGDBgsqhkiG9w0BCRABCaB0MHICAQAwDQYLKoZIhvcNAQkQAwgwXgYJKoZIhvcN
+AQcBoFEET3icc87PK0nNK9ENqSxItVIoSa0o0S/ISczMs1ZIzkgsKk4tsQ0N1nUM
+dvb05OXi5XLPLEtViMwvLVLwSE0sKlFIVHAqSk3MBkkBAJv0Fx0=
+-----END CMS-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+--test-- "One Asymmetric Key and the Textual Encoding of PKCS #8 Private Key Info"
+	;@@ https://tools.ietf.org/html/rfc7468#section-10
+	pkxi:
+{-----BEGIN PRIVATE KEY-----
+MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgVcB/UNPxalR9zDYAjQIf
+jojUDiQuGnSJrFEEzZPT/92hRANCAASc7UJtgnF/abqWM60T3XNJEzBv5ez9TdwK
+H0M6xpM2q+53wmsN/eYLdgtjgBd3DBmHtPilCkiFICXyaA8z9LkJ
+-----END PRIVATE KEY-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+
+--test-- "Textual Encoding of PKCS #8 Encrypted Private Key Info"
+	;@@ https://tools.ietf.org/html/rfc7468#section-11
+	pkxi:
+{-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIHNMEAGCSqGSIb3DQEFDTAzMBsGCSqGSIb3DQEFDDAOBAghhICA6T/51QICCAAw
+FAYIKoZIhvcNAwcECBCxDgvI59i9BIGIY3CAqlMNBgaSI5QiiWVNJ3IpfLnEiEsW
+Z0JIoHyRmKK/+cr9QPLnzxImm0TR9s4JrG3CilzTWvb0jIvbG3hu0zyFPraoMkap
+8eRzWsIvC5SVel+CSjoS2mVS87cyjlD+txrmrXOVYDE+eTgMLbrLmsWh3QkCTRtF
+QC7k0NNzUHTV9yGDwfqMbw==
+-----END ENCRYPTED PRIVATE KEY-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+
+--test-- "Textual Encoding of Attribute Certificates"
+	;@@ https://tools.ietf.org/html/rfc7468#section-12
+	pkxi:
+{-----BEGIN ATTRIBUTE CERTIFICATE-----
+MIICKzCCAZQCAQEwgZeggZQwgYmkgYYwgYMxCzAJBgNVBAYTAlVTMREwDwYDVQQI
+DAhOZXcgWW9yazEUMBIGA1UEBwwLU3RvbnkgQnJvb2sxDzANBgNVBAoMBkNTRTU5
+MjE6MDgGA1UEAwwxU2NvdHQgU3RhbGxlci9lbWFpbEFkZHJlc3M9c3N0YWxsZXJA
+aWMuc3VueXNiLmVkdQIGARWrgUUSoIGMMIGJpIGGMIGDMQswCQYDVQQGEwJVUzER
+MA8GA1UECAwITmV3IFlvcmsxFDASBgNVBAcMC1N0b255IEJyb29rMQ8wDQYDVQQK
+DAZDU0U1OTIxOjA4BgNVBAMMMVNjb3R0IFN0YWxsZXIvZW1haWxBZGRyZXNzPXNz
+dGFsbGVyQGljLnN1bnlzYi5lZHUwDQYJKoZIhvcNAQEFBQACBgEVq4FFSjAiGA8z
+OTA3MDIwMTA1MDAwMFoYDzM5MTEwMTMxMDUwMDAwWjArMCkGA1UYSDEiMCCGHmh0
+dHA6Ly9pZGVyYXNobi5vcmcvaW5kZXguaHRtbDANBgkqhkiG9w0BAQUFAAOBgQAV
+M9axFPXXozEFcer06bj9MCBBCQLtAM7ZXcZjcxyva7xCBDmtZXPYUluHf5OcWPJz
+5XPus/xS9wBgtlM3fldIKNyNO8RsMp6Ocx+PGlICc7zpZiGmCYLl64lAEGPO/bsw
+Smluak1aZIttePeTAHeJJs8izNJ5aR3Wcd3A5gLztQ==
+-----END ATTRIBUTE CERTIFICATE-----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+	
+
+;-- SSH public keys (not real PKIX, but can be handled)
+;@@ https://tools.ietf.org/html/rfc4716#section-3.6
+
+--test-- "SSH-public-key-1"	
+	pkxi:
+{---- BEGIN SSH2 PUBLIC KEY ----
+Comment: "1024-bit RSA, converted from OpenSSH by me@example.com"
+x-command: /home/me/bin/lock-in-guest.sh
+AAAAB3NzaC1yc2EAAAABIwAAAIEA1on8gxCGJJWSRT4uOrR13mUaUk0hRf4RzxSZ1zRb
+YYFw8pfGesIFoEuVth4HKyF8k1y4mRUnYHP1XNMNMJl1JcEArC2asV8sHf6zSPVffozZ
+5TT4SfsUu/iKy9lUcCfXzwre4WWZSXXcPff+EHtWshahu3WzBdnGxm5Xoi89zcE=
+---- END SSH2 PUBLIC KEY ----}
+
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+--test-- "SSH-public-key-2"	
+	pkxi:
+{---- BEGIN SSH2 PUBLIC KEY ----
+Comment: This is my public key for use on \
+servers which I don't like.
+AAAAB3NzaC1kc3MAAACBAPY8ZOHY2yFSJA6XYC9HRwNHxaehvx5wOJ0rzZdzoSOXxbET
+W6ToHv8D1UJ/z+zHo9Fiko5XybZnDIaBDHtblQ+Yp7StxyltHnXF1YLfKD1G4T6JYrdH
+YI14Om1eg9e4NnCRleaqoZPF3UGfZia6bXrGTQf3gJq2e7Yisk/gF+1VAAAAFQDb8D5c
+vwHWTZDPfX0D2s9Rd7NBvQAAAIEAlN92+Bb7D4KLYk3IwRbXblwXdkPggA4pfdtW9vGf
+J0/RHd+NjB4eo1D+0dix6tXwYGN7PKS5R/FXPNwxHPapcj9uL1Jn2AWQ2dsknf+i/FAA
+vioUPkmdMc0zuWoSOEsSNhVDtX3WdvVcGcBq9cetzrtOKWOocJmJ80qadxTRHtUAAACB
+AN7CY+KKv1gHpRzFwdQm7HK9bb1LAo2KwaoXnadFgeptNBQeSXG1vO+JsvphVMBJc9HS
+n24VYtYtsMu74qXviYjziVucWKjjKEb11juqnF0GDlB3VVmxHLmxnAz643WK42Z7dLM5
+sY29ouezv4Xz2PuMch5VGPP+CDqzCM4loWgV
+---- END SSH2 PUBLIC KEY ----}
+
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+--test-- "SSH-public-key-3"	
+	pkxi:
+{---- BEGIN SSH2 PUBLIC KEY ----
+Comment: DSA Public Key for use with MyIsp
+AAAAB3NzaC1kc3MAAACBAPY8ZOHY2yFSJA6XYC9HRwNHxaehvx5wOJ0rzZdzoSOXxbET
+W6ToHv8D1UJ/z+zHo9Fiko5XybZnDIaBDHtblQ+Yp7StxyltHnXF1YLfKD1G4T6JYrdH
+YI14Om1eg9e4NnCRleaqoZPF3UGfZia6bXrGTQf3gJq2e7Yisk/gF+1VAAAAFQDb8D5c
+vwHWTZDPfX0D2s9Rd7NBvQAAAIEAlN92+Bb7D4KLYk3IwRbXblwXdkPggA4pfdtW9vGf
+J0/RHd+NjB4eo1D+0dix6tXwYGN7PKS5R/FXPNwxHPapcj9uL1Jn2AWQ2dsknf+i/FAA
+vioUPkmdMc0zuWoSOEsSNhVDtX3WdvVcGcBq9cetzrtOKWOocJmJ80qadxTRHtUAAACB
+AN7CY+KKv1gHpRzFwdQm7HK9bb1LAo2KwaoXnadFgeptNBQeSXG1vO+JsvphVMBJc9HS
+n24VYtYtsMu74qXviYjziVucWKjjKEb11juqnF0GDlB3VVmxHLmxnAz643WK42Z7dLM5
+sY29ouezv4Xz2PuMch5VGPP+CDqzCM4loWgV
+---- END SSH2 PUBLIC KEY ----}
+	--assert block? Load-PKIX pkxi
+	--assert binary? Load-PKIX/binary pkxi
+
+
+===end-group===
+
+~~~end-file~~~