]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/crmf/crmf_lib.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate
[thirdparty/openssl.git] / crypto / crmf / crmf_lib.c
CommitLineData
a61b7f2f 1/*-
33388b44 2 * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
a61b7f2f 3 * Copyright Nokia 2007-2018
8869ad4a 4 * Copyright Siemens AG 2015-2019
a61b7f2f 5 *
ce9b9964 6 * Licensed under the Apache License 2.0 (the "License"). You may not use
a61b7f2f
DO		 7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 *
11 * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
12 */
13
14/*
15 * This file contains the functions that handle the individual items inside
16 * the CRMF structures
17 */
18
19/*
20 * NAMING
21 *
22 * The 0 functions use the supplied structure pointer directly in the parent and
23 * it will be freed up when the parent is freed.
24 *
25 * The 1 functions use a copy of the supplied structure pointer (or in some
26 * cases increases its link count) in the parent and so both should be freed up.
27 */
28
29#include <openssl/asn1t.h>
30
706457b7
DMSP		 31#include "crmf_local.h"
32#include "internal/constant_time.h"
a61b7f2f
DO		 33
34/* explicit #includes not strictly needed since implied by the above: */
35#include <openssl/crmf.h>
36#include <openssl/err.h>
37#include <openssl/evp.h>
38
852c2ed2
RS		 39DEFINE_STACK_OF(X509_EXTENSION)
40DEFINE_STACK_OF(OSSL_CRMF_MSG)
41
a61b7f2f
DO		 42/*-
43 * atyp = Attribute Type
44 * valt = Value Type
45 * ctrlinf = "regCtrl" or "regInfo"
46 */
47#define IMPLEMENT_CRMF_CTRL_FUNC(atyp, valt, ctrlinf) \
48int OSSL_CRMF_MSG_set1_##ctrlinf##_##atyp(OSSL_CRMF_MSG *msg, \
49 const valt *in) \
50{ \
51 OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL; \
52 \
235595c4 53 if (msg == NULL || in == NULL) \
a61b7f2f
DO		 54 goto err; \
55 if ((atav = OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new()) == NULL) \
56 goto err; \
57 if ((atav->type = OBJ_nid2obj(NID_id_##ctrlinf##_##atyp)) == NULL) \
58 goto err; \
59 if ((atav->value.atyp = valt##_dup(in)) == NULL) \
60 goto err; \
61 if (!OSSL_CRMF_MSG_push0_##ctrlinf(msg, atav)) \
62 goto err; \
63 return 1; \
64 err: \
65 OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(atav); \
66 return 0; \
67}
68
69
70/*-
71 * Pushes the given control attribute into the controls stack of a CertRequest
72 * (section 6)
73 * returns 1 on success, 0 on error
74 */
75static int OSSL_CRMF_MSG_push0_regCtrl(OSSL_CRMF_MSG *crm,
76 OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ctrl)
77{
78 int new = 0;
79
80 if (crm == NULL || crm->certReq == NULL || ctrl == NULL) {
81 CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL, CRMF_R_NULL_ARGUMENT);
82 return 0;
83 }
84
85 if (crm->certReq->controls == NULL) {
86 crm->certReq->controls = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null();
87 if (crm->certReq->controls == NULL)
7960dbec 88 goto err;
a61b7f2f
DO		 89 new = 1;
90 }
91 if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->certReq->controls, ctrl))
7960dbec 92 goto err;
a61b7f2f
DO		 93
94 return 1;
7960dbec 95 err:
a61b7f2f
DO		 96 if (new != 0) {
97 sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(crm->certReq->controls);
98 crm->certReq->controls = NULL;
99 }
100 return 0;
101}
102
3dbc5156 103/* id-regCtrl-regToken Control (section 6.1) */
a61b7f2f
DO		 104IMPLEMENT_CRMF_CTRL_FUNC(regToken, ASN1_STRING, regCtrl)
105
3dbc5156 106/* id-regCtrl-authenticator Control (section 6.2) */
a61b7f2f
DO		 107#define ASN1_UTF8STRING_dup ASN1_STRING_dup
108IMPLEMENT_CRMF_CTRL_FUNC(authenticator, ASN1_UTF8STRING, regCtrl)
109
110int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
111 int method, GENERAL_NAME *nm)
112{
113 if (spi == NULL
114 || method < OSSL_CRMF_PUB_METHOD_DONTCARE
115 || method > OSSL_CRMF_PUB_METHOD_LDAP) {
116 CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO,
117 ERR_R_PASSED_INVALID_ARGUMENT);
118 return 0;
119 }
120
121 if (!ASN1_INTEGER_set(spi->pubMethod, method))
122 return 0;
123 GENERAL_NAME_free(spi->pubLocation);
124 spi->pubLocation = nm;
125 return 1;
126}
127
235595c4
DDO		 128int
129OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
130 OSSL_CRMF_SINGLEPUBINFO *spi)
a61b7f2f
DO		 131{
132 if (pi == NULL || spi == NULL) {
133 CRMFerr(CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO,
134 CRMF_R_NULL_ARGUMENT);
135 return 0;
136 }
137 if (pi->pubInfos == NULL)
138 pi->pubInfos = sk_OSSL_CRMF_SINGLEPUBINFO_new_null();
139 if (pi->pubInfos == NULL)
7960dbec 140 return 0;
a61b7f2f 141
7960dbec 142 return sk_OSSL_CRMF_SINGLEPUBINFO_push(pi->pubInfos, spi);
a61b7f2f
DO		 143}
144
235595c4
DDO		 145int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
146 int action)
a61b7f2f
DO		 147{
148 if (pi == NULL
149 || action < OSSL_CRMF_PUB_ACTION_DONTPUBLISH
150 || action > OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH) {
151 CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION,
152 ERR_R_PASSED_INVALID_ARGUMENT);
153 return 0;
154 }
155
156 return ASN1_INTEGER_set(pi->action, action);
157}
158
3dbc5156 159/* id-regCtrl-pkiPublicationInfo Control (section 6.3) */
a61b7f2f
DO		 160IMPLEMENT_CRMF_CTRL_FUNC(pkiPublicationInfo, OSSL_CRMF_PKIPUBLICATIONINFO,
161 regCtrl)
162
3dbc5156 163/* id-regCtrl-oldCertID Control (section 6.5) from the given */
a61b7f2f
DO		 164IMPLEMENT_CRMF_CTRL_FUNC(oldCertID, OSSL_CRMF_CERTID, regCtrl)
165
166OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
167 const ASN1_INTEGER *serial)
168{
169 OSSL_CRMF_CERTID *cid = NULL;
170
171 if (issuer == NULL || serial == NULL) {
172 CRMFerr(CRMF_F_OSSL_CRMF_CERTID_GEN, CRMF_R_NULL_ARGUMENT);
173 return NULL;
174 }
175
176 if ((cid = OSSL_CRMF_CERTID_new()) == NULL)
7960dbec 177 goto err;
a61b7f2f
DO		 178
179 if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer))
7960dbec 180 goto err;
a61b7f2f
DO		 181 cid->issuer->type = GEN_DIRNAME;
182
183 ASN1_INTEGER_free(cid->serialNumber);
184 if ((cid->serialNumber = ASN1_INTEGER_dup(serial)) == NULL)
7960dbec 185 goto err;
a61b7f2f
DO		 186
187 return cid;
188
7960dbec 189 err:
a61b7f2f
DO		 190 OSSL_CRMF_CERTID_free(cid);
191 return NULL;
192}
193
3dbc5156
DDO		 194/*
195 * id-regCtrl-protocolEncrKey Control (section 6.6)
196 */
a61b7f2f
DO		 197IMPLEMENT_CRMF_CTRL_FUNC(protocolEncrKey, X509_PUBKEY, regCtrl)
198
199/*-
200 * Pushes the attribute given in regInfo in to the CertReqMsg->regInfo stack.
201 * (section 7)
202 * returns 1 on success, 0 on error
203 */
204static int OSSL_CRMF_MSG_push0_regInfo(OSSL_CRMF_MSG *crm,
205 OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ri)
206{
207 STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *info = NULL;
208
209 if (crm == NULL || ri == NULL) {
210 CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO, CRMF_R_NULL_ARGUMENT);
211 return 0;
212 }
213
214 if (crm->regInfo == NULL)
215 crm->regInfo = info = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null();
216 if (crm->regInfo == NULL)
7960dbec 217 goto err;
a61b7f2f 218 if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->regInfo, ri))
7960dbec 219 goto err;
a61b7f2f
DO		 220 return 1;
221
7960dbec 222 err:
a61b7f2f
DO		 223 if (info != NULL)
224 crm->regInfo = NULL;
225 sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(info);
226 return 0;
227}
228
229/* id-regInfo-utf8Pairs to regInfo (section 7.1) */
230IMPLEMENT_CRMF_CTRL_FUNC(utf8Pairs, ASN1_UTF8STRING, regInfo)
231
232/* id-regInfo-certReq to regInfo (section 7.2) */
233IMPLEMENT_CRMF_CTRL_FUNC(certReq, OSSL_CRMF_CERTREQUEST, regInfo)
234
235
236/* retrieves the certificate template of crm */
237OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm)
238{
239 if (crm == NULL || crm->certReq == NULL) {
240 CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET0_TMPL, CRMF_R_NULL_ARGUMENT);
241 return NULL;
242 }
243 return crm->certReq->certTemplate;
244}
245
246
11baa470
DDO		 247int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm,
248 ASN1_TIME *notBefore, ASN1_TIME *notAfter)
a61b7f2f 249{
11baa470 250 OSSL_CRMF_OPTIONALVALIDITY *vld;
a61b7f2f
DO		 251 OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
252
253 if (tmpl == NULL) { /* also crm == NULL implies this */
11baa470 254 CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_VALIDITY, CRMF_R_NULL_ARGUMENT);
a61b7f2f
DO		 255 return 0;
256 }
257
a61b7f2f 258 if ((vld = OSSL_CRMF_OPTIONALVALIDITY_new()) == NULL)
11baa470
DDO		 259 return 0;
260 vld->notBefore = notBefore;
261 vld->notAfter = notAfter;
a61b7f2f 262 tmpl->validity = vld;
a61b7f2f 263 return 1;
a61b7f2f
DO		 264}
265
266
267int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid)
268{
269 if (crm == NULL || crm->certReq == NULL || crm->certReq->certReqId == NULL) {
270 CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID, CRMF_R_NULL_ARGUMENT);
271 return 0;
272 }
273
274 return ASN1_INTEGER_set(crm->certReq->certReqId, rid);
275}
276
277/* get ASN.1 encoded integer, return -1 on error */
aac96e27 278static int crmf_asn1_get_int(const ASN1_INTEGER *a)
a61b7f2f
DO		 279{
280 int64_t res;
281
282 if (!ASN1_INTEGER_get_int64(&res, a)) {
aac96e27 283 CRMFerr(0, ASN1_R_INVALID_NUMBER);
a61b7f2f
DO		 284 return -1;
285 }
286 if (res < INT_MIN) {
aac96e27 287 CRMFerr(0, ASN1_R_TOO_SMALL);
a61b7f2f
DO		 288 return -1;
289 }
290 if (res > INT_MAX) {
aac96e27 291 CRMFerr(0, ASN1_R_TOO_LARGE);
a61b7f2f
DO		 292 return -1;
293 }
294 return (int)res;
295}
296
62dcd2aa 297int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm)
a61b7f2f
DO		 298{
299 if (crm == NULL || /* not really needed: */ crm->certReq == NULL) {
300 CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID, CRMF_R_NULL_ARGUMENT);
301 return -1;
302 }
aac96e27 303 return crmf_asn1_get_int(crm->certReq->certReqId);
a61b7f2f
DO		 304}
305
306
307int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm,
308 X509_EXTENSIONS *exts)
309{
310 OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
311
312 if (tmpl == NULL) { /* also crm == NULL implies this */
313 CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS, CRMF_R_NULL_ARGUMENT);
314 return 0;
315 }
316
317 if (sk_X509_EXTENSION_num(exts) == 0) {
318 sk_X509_EXTENSION_free(exts);
319 exts = NULL; /* do not include empty extensions list */
320 }
321
322 sk_X509_EXTENSION_pop_free(tmpl->extensions, X509_EXTENSION_free);
323 tmpl->extensions = exts;
324 return 1;
325}
326
327
328int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm,
7960dbec 329 X509_EXTENSION *ext)
a61b7f2f
DO		 330{
331 int new = 0;
332 OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
333
334 if (tmpl == NULL || ext == NULL) { /* also crm == NULL implies this */
335 CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION, CRMF_R_NULL_ARGUMENT);
336 return 0;
337 }
338
339 if (tmpl->extensions == NULL) {
340 if ((tmpl->extensions = sk_X509_EXTENSION_new_null()) == NULL)
7960dbec 341 goto err;
a61b7f2f
DO		 342 new = 1;
343 }
344
7960dbec
DDO		 345 if (!sk_X509_EXTENSION_push(tmpl->extensions, ext))
346 goto err;
a61b7f2f 347 return 1;
7960dbec 348 err:
a61b7f2f
DO		 349 if (new != 0) {
350 sk_X509_EXTENSION_free(tmpl->extensions);
351 tmpl->extensions = NULL;
352 }
353 return 0;
354}
355
356/* TODO: support cases 1+2 (besides case 3) defined in RFC 4211, section 4.1. */
357static int CRMF_poposigningkey_init(OSSL_CRMF_POPOSIGNINGKEY *ps,
358 OSSL_CRMF_CERTREQUEST *cr,
359 EVP_PKEY *pkey, int dgst)
360{
a61b7f2f 361 int ret = 0;
db4b3d83
RL		 362 EVP_MD *fetched_md = NULL;
363 const EVP_MD *md = EVP_get_digestbynid(dgst);
a61b7f2f
DO		 364
365 if (ps == NULL || cr == NULL || pkey == NULL) {
366 CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, CRMF_R_NULL_ARGUMENT);
367 return 0;
368 }
369
db4b3d83
RL		 370 /* If we didn't find legacy MD, we try an implicit fetch */
371 if (md == NULL)
372 md = fetched_md = EVP_MD_fetch(NULL, OBJ_nid2sn(dgst), NULL);
a61b7f2f 373
db4b3d83 374 if (md == NULL) {
a61b7f2f
DO		 375 CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT,
376 CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY);
db4b3d83 377 return 0;
a61b7f2f 378 }
a61b7f2f 379
db4b3d83
RL		 380 ret = ASN1_item_sign(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
381 ps->algorithmIdentifier, NULL, ps->signature,
382 cr, pkey, md);
383
384 EVP_MD_free(fetched_md);
a61b7f2f
DO		 385 return ret;
386}
387
388
389int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
390 int dgst, int ppmtd)
391{
392 OSSL_CRMF_POPO *pp = NULL;
393 ASN1_INTEGER *tag = NULL;
394
395 if (crm == NULL || (ppmtd == OSSL_CRMF_POPO_SIGNATURE && pkey == NULL)) {
396 CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, CRMF_R_NULL_ARGUMENT);
397 return 0;
398 }
399
400 if (ppmtd == OSSL_CRMF_POPO_NONE)
401 goto end;
402 if ((pp = OSSL_CRMF_POPO_new()) == NULL)
7960dbec 403 goto err;
a61b7f2f
DO		 404 pp->type = ppmtd;
405
406 switch (ppmtd) {
407 case OSSL_CRMF_POPO_RAVERIFIED:
408 if ((pp->value.raVerified = ASN1_NULL_new()) == NULL)
7960dbec 409 goto err;
a61b7f2f
DO		 410 break;
411
412 case OSSL_CRMF_POPO_SIGNATURE:
413 {
414 OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new();
415 if (ps == NULL
235595c4 416 || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)) {
a61b7f2f
DO		 417 OSSL_CRMF_POPOSIGNINGKEY_free(ps);
418 goto err;
419 }
420 pp->value.signature = ps;
421 }
422 break;
423
424 case OSSL_CRMF_POPO_KEYENC:
425 if ((pp->value.keyEncipherment = OSSL_CRMF_POPOPRIVKEY_new()) == NULL)
7960dbec 426 goto err;
a61b7f2f
DO		 427 tag = ASN1_INTEGER_new();
428 pp->value.keyEncipherment->type =
429 OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE;
430 pp->value.keyEncipherment->value.subsequentMessage = tag;
431 if (tag == NULL
432 || !ASN1_INTEGER_set(tag, OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT))
7960dbec 433 goto err;
a61b7f2f
DO		 434 break;
435
436 default:
437 CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO,
438 CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO);
439 goto err;
440 }
441
442 end:
443 OSSL_CRMF_POPO_free(crm->popo);
444 crm->popo = pp;
445
446 return 1;
a61b7f2f
DO		 447 err:
448 OSSL_CRMF_POPO_free(pp);
449 return 0;
450}
451
a61b7f2f
DO		 452/* verifies the Proof-of-Possession of the request with the given rid in reqs */
453int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
454 int rid, int acceptRAVerified)
455{
456 OSSL_CRMF_MSG *req = NULL;
457 X509_PUBKEY *pubkey = NULL;
458 OSSL_CRMF_POPOSIGNINGKEY *sig = NULL;
459
7269071e
DDO		 460 if (reqs == NULL || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL) {
461 CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, CRMF_R_NULL_ARGUMENT);
462 return 0;
463 }
464
465 if (req->popo == NULL) {
466 CRMFerr(0, CRMF_R_POPO_MISSING);
a61b7f2f
DO		 467 return 0;
468 }
469
470 switch (req->popo->type) {
471 case OSSL_CRMF_POPO_RAVERIFIED:
62dcd2aa
DDO		 472 if (!acceptRAVerified) {
473 CRMFerr(0, CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED);
474 return 0;
475 }
a61b7f2f
DO		 476 break;
477 case OSSL_CRMF_POPO_SIGNATURE:
478 pubkey = req->certReq->certTemplate->publicKey;
62dcd2aa
DDO		 479 if (pubkey == NULL) {
480 CRMFerr(0, CRMF_R_POPO_MISSING_PUBLIC_KEY);
481 return 0;
482 }
a61b7f2f
DO		 483 sig = req->popo->value.signature;
484 if (sig->poposkInput != NULL) {
485 /*
486 * According to RFC 4211: publicKey contains a copy of
487 * the public key from the certificate template. This MUST be
488 * exactly the same value as contained in the certificate template.
489 */
62dcd2aa
DDO		 490 if (sig->poposkInput->publicKey == NULL) {
491 CRMFerr(0, CRMF_R_POPO_MISSING_PUBLIC_KEY);
492 return 0;
493 }
93f99b68 494 if (X509_PUBKEY_eq(pubkey, sig->poposkInput->publicKey) != 1) {
62dcd2aa
DDO		 495 CRMFerr(0, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY);
496 return 0;
497 }
498 /*
499 * TODO check the contents of the authInfo sub-field,
500 * see RFC 4211 https://tools.ietf.org/html/rfc4211#section-4.1
501 */
502 if (ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT),
503 sig->algorithmIdentifier, sig->signature,
504 sig->poposkInput,
505 X509_PUBKEY_get0(pubkey)) < 1)
506 return 0;
a61b7f2f 507 } else {
62dcd2aa
DDO		 508 if (req->certReq->certTemplate->subject == NULL) {
509 CRMFerr(0, CRMF_R_POPO_MISSING_SUBJECT);
510 return 0;
511 }
512 if (ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
513 sig->algorithmIdentifier, sig->signature,
514 req->certReq, X509_PUBKEY_get0(pubkey)) < 1)
515 return 0;
a61b7f2f 516 }
62dcd2aa 517 break;
a61b7f2f
DO		 518 case OSSL_CRMF_POPO_KEYENC:
519 /*
520 * TODO: when OSSL_CMP_certrep_new() supports encrypted certs,
521 * return 1 if the type of req->popo->value.keyEncipherment
522 * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and
523 * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT
3dbc5156 524 */
a61b7f2f
DO		 525 case OSSL_CRMF_POPO_KEYAGREE:
526 default:
527 CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO,
528 CRMF_R_UNSUPPORTED_POPO_METHOD);
529 return 0;
530 }
62dcd2aa 531 return 1;
a61b7f2f
DO		 532}
533
534/* retrieves the serialNumber of the given cert template or NULL on error */
62dcd2aa
DDO		 535ASN1_INTEGER
536*OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl)
a61b7f2f
DO		 537{
538 return tmpl != NULL ? tmpl->serialNumber : NULL;
539}
540
541/* retrieves the issuer name of the given cert template or NULL on error */
8cc86b81
DDO		 542const X509_NAME
543 *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl)
a61b7f2f
DO		 544{
545 return tmpl != NULL ? tmpl->issuer : NULL;
546}
547
7960dbec 548/* retrieves the issuer name of the given CertId or NULL on error */
8cc86b81 549const X509_NAME *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid)
7960dbec
DDO		 550{
551 return cid != NULL && cid->issuer->type == GEN_DIRNAME ?
552 cid->issuer->d.directoryName : NULL;
553}
554
555/* retrieves the serialNumber of the given CertId or NULL on error */
556ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid)
557{
558 return cid != NULL ? cid->serialNumber : NULL;
559}
560
561/*-
a61b7f2f
DO		 562 * fill in certificate template.
563 * Any value argument that is NULL will leave the respective field unchanged.
564 */
565int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
566 EVP_PKEY *pubkey,
567 const X509_NAME *subject,
568 const X509_NAME *issuer,
569 const ASN1_INTEGER *serial)
570{
571 if (tmpl == NULL) {
572 CRMFerr(CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL, CRMF_R_NULL_ARGUMENT);
573 return 0;
574 }
8cc86b81 575 if (subject != NULL && !X509_NAME_set((X509_NAME **)&tmpl->subject, subject))
7960dbec 576 return 0;
8cc86b81 577 if (issuer != NULL && !X509_NAME_set((X509_NAME **)&tmpl->issuer, issuer))
7960dbec 578 return 0;
a61b7f2f
DO		 579 if (serial != NULL) {
580 ASN1_INTEGER_free(tmpl->serialNumber);
581 if ((tmpl->serialNumber = ASN1_INTEGER_dup(serial)) == NULL)
7960dbec 582 return 0;
a61b7f2f
DO		 583 }
584 if (pubkey != NULL && !X509_PUBKEY_set(&tmpl->publicKey, pubkey))
7960dbec 585 return 0;
a61b7f2f 586 return 1;
a61b7f2f
DO		 587}
588
589
590/*-
7960dbec
DDO		 591 * Decrypts the certificate in the given encryptedValue using private key pkey.
592 * This is needed for the indirect PoP method as in RFC 4210 section 5.2.8.2.
a61b7f2f
DO		 593 *
594 * returns a pointer to the decrypted certificate
595 * returns NULL on error or if no certificate available
596 */
62dcd2aa 597X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
a61b7f2f
DO		 598 EVP_PKEY *pkey)
599{
600 X509 *cert = NULL; /* decrypted certificate */
601 EVP_CIPHER_CTX *evp_ctx = NULL; /* context for symmetric encryption */
602 unsigned char *ek = NULL; /* decrypted symmetric encryption key */
f3f3318a 603 size_t eksize = 0; /* size of decrypted symmetric encryption key */
a61b7f2f 604 const EVP_CIPHER *cipher = NULL; /* used cipher */
f3f3318a 605 int cikeysize = 0; /* key size from cipher */
a61b7f2f
DO		 606 unsigned char *iv = NULL; /* initial vector for symmetric encryption */
607 unsigned char *outbuf = NULL; /* decryption output buffer */
608 const unsigned char *p = NULL; /* needed for decoding ASN1 */
609 int symmAlg = 0; /* NIDs for symmetric algorithm */
610 int n, outlen = 0;
611 EVP_PKEY_CTX *pkctx = NULL; /* private key context */
612
613 if (ecert == NULL || ecert->symmAlg == NULL || ecert->encSymmKey == NULL
614 || ecert->encValue == NULL || pkey == NULL) {
615 CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
616 CRMF_R_NULL_ARGUMENT);
617 return NULL;
618 }
619 if ((symmAlg = OBJ_obj2nid(ecert->symmAlg->algorithm)) == 0) {
620 CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
621 CRMF_R_UNSUPPORTED_CIPHER);
622 return NULL;
623 }
f3f3318a
AK		 624 /* select symmetric cipher based on algorithm given in message */
625 if ((cipher = EVP_get_cipherbynid(symmAlg)) == NULL) {
626 CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
627 CRMF_R_UNSUPPORTED_CIPHER);
628 goto end;
629 }
630 cikeysize = EVP_CIPHER_key_length(cipher);
a61b7f2f
DO		 631 /* first the symmetric key needs to be decrypted */
632 pkctx = EVP_PKEY_CTX_new(pkey, NULL);
633 if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx)) {
634 ASN1_BIT_STRING *encKey = ecert->encSymmKey;
f3f3318a
AK		 635 size_t failure;
636 int retval;
a61b7f2f 637
f3f3318a
AK		 638 if (EVP_PKEY_decrypt(pkctx, NULL, &eksize,
639 encKey->data, encKey->length) <= 0
640 || (ek = OPENSSL_malloc(eksize)) == NULL)
7960dbec 641 goto end;
f3f3318a
AK		 642 retval = EVP_PKEY_decrypt(pkctx, ek, &eksize,
643 encKey->data, encKey->length);
644 ERR_clear_error(); /* error state may have sensitive information */
645 failure = ~constant_time_is_zero_s(constant_time_msb(retval)
646 | constant_time_is_zero(retval));
647 failure |= ~constant_time_eq_s(eksize, (size_t)cikeysize);
648 if (failure) {
a61b7f2f
DO		 649 CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
650 CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY);
651 goto end;
652 }
653 } else {
7960dbec 654 goto end;
a61b7f2f 655 }
a61b7f2f 656 if ((iv = OPENSSL_malloc(EVP_CIPHER_iv_length(cipher))) == NULL)
7960dbec 657 goto end;
a61b7f2f 658 if (ASN1_TYPE_get_octetstring(ecert->symmAlg->parameter, iv,
3dbc5156 659 EVP_CIPHER_iv_length(cipher))
a61b7f2f
DO		 660 != EVP_CIPHER_iv_length(cipher)) {
661 CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
662 CRMF_R_MALFORMED_IV);
663 goto end;
664 }
665
666 /*
667 * d2i_X509 changes the given pointer, so use p for decoding the message and
668 * keep the original pointer in outbuf so the memory can be freed later
669 */
670 if ((p = outbuf = OPENSSL_malloc(ecert->encValue->length +
671 EVP_CIPHER_block_size(cipher))) == NULL
672 || (evp_ctx = EVP_CIPHER_CTX_new()) == NULL)
7960dbec 673 goto end;
a61b7f2f
DO		 674 EVP_CIPHER_CTX_set_padding(evp_ctx, 0);
675
676 if (!EVP_DecryptInit(evp_ctx, cipher, ek, iv)
677 || !EVP_DecryptUpdate(evp_ctx, outbuf, &outlen,
678 ecert->encValue->data,
679 ecert->encValue->length)
680 || !EVP_DecryptFinal(evp_ctx, outbuf + outlen, &n)) {
681 CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
682 CRMF_R_ERROR_DECRYPTING_CERTIFICATE);
683 goto end;
684 }
685 outlen += n;
686
687 /* convert decrypted certificate from DER to internal ASN.1 structure */
688 if ((cert = d2i_X509(NULL, &p, outlen)) == NULL) {
689 CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
690 CRMF_R_ERROR_DECODING_CERTIFICATE);
691 }
a61b7f2f
DO		 692 end:
693 EVP_PKEY_CTX_free(pkctx);
694 OPENSSL_free(outbuf);
695 EVP_CIPHER_CTX_free(evp_ctx);
f3f3318a 696 OPENSSL_clear_free(ek, eksize);
a61b7f2f
DO		 697 OPENSSL_free(iv);
698 return cert;
699}
A mirror of the official openssl repository