]> git.ipfire.org Git - thirdparty/openssl.git/blame - crypto/ts/ts_rsp_verify.c
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Remove /* foo.c */ comments
[thirdparty/openssl.git] / crypto / ts / ts_rsp_verify.c
CommitLineData
0f113f3e
MC		 1/*
2 * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
3 * 2002.
c7235be6
UM		 4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
0f113f3e 13 * notice, this list of conditions and the following disclaimer.
c7235be6
UM		 14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
b39fc560 60#include "internal/cryptlib.h"
c7235be6
UM		 61#include <openssl/objects.h>
62#include <openssl/ts.h>
63#include <openssl/pkcs7.h>
ca4a494c 64#include "ts_lcl.h"
c7235be6 65
9c422b5b 66static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
0f113f3e 67 X509 *signer, STACK_OF(X509) **chain);
9c422b5b 68static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
0f113f3e 69 STACK_OF(X509) *chain);
9c422b5b
RS		 70static ESS_SIGNING_CERT *ess_get_signing_cert(PKCS7_SIGNER_INFO *si);
71static int ts_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert);
a8d8e06b 72static int ts_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509 *cert);
9c422b5b 73static int int_ts_RESP_verify_token(TS_VERIFY_CTX *ctx,
0f113f3e 74 PKCS7 *token, TS_TST_INFO *tst_info);
9c422b5b
RS		 75static int ts_check_status_info(TS_RESP *response);
76static char *ts_get_status_text(STACK_OF(ASN1_UTF8STRING) *text);
77static int ts_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info);
78static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
0f113f3e
MC		 79 X509_ALGOR **md_alg,
80 unsigned char **imprint, unsigned *imprint_len);
9c422b5b 81static int ts_check_imprints(X509_ALGOR *algor_a,
0f113f3e
MC		 82 unsigned char *imprint_a, unsigned len_a,
83 TS_TST_INFO *tst_info);
9c422b5b
RS		 84static int ts_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info);
85static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer);
86static int ts_find_name(STACK_OF(GENERAL_NAME) *gen_names,
0f113f3e 87 GENERAL_NAME *name);
c7235be6 88
0704343f
GP		 89/*
90 * This must be large enough to hold all values in ts_status_text (with
91 * comma separator) or all text fields in ts_failure_info (also with comma).
92 */
93#define TS_STATUS_BUF_SIZE 256
94
c7235be6
UM		 95/*
96 * Local mapping between response codes and descriptions.
c7235be6 97 */
0704343f
GP		 98static const char *ts_status_text[] = {
99 "granted",
0f113f3e
MC		 100 "grantedWithMods",
101 "rejection",
102 "waiting",
103 "revocationWarning",
104 "revocationNotification"
105};
c7235be6 106
9c422b5b 107#define TS_STATUS_TEXT_SIZE OSSL_NELEM(ts_status_text)
c7235be6 108
0f113f3e
MC		 109static struct {
110 int code;
111 const char *text;
9c422b5b
RS		 112} ts_failure_info[] = {
113 {TS_INFO_BAD_ALG, "badAlg"},
114 {TS_INFO_BAD_REQUEST, "badRequest"},
115 {TS_INFO_BAD_DATA_FORMAT, "badDataFormat"},
116 {TS_INFO_TIME_NOT_AVAILABLE, "timeNotAvailable"},
117 {TS_INFO_UNACCEPTED_POLICY, "unacceptedPolicy"},
118 {TS_INFO_UNACCEPTED_EXTENSION, "unacceptedExtension"},
119 {TS_INFO_ADD_INFO_NOT_AVAILABLE, "addInfoNotAvailable"},
120 {TS_INFO_SYSTEM_FAILURE, "systemFailure"}
0f113f3e
MC		 121};
122
c7235be6 123
c80fd6b2 124/*-
c7235be6 125 * This function carries out the following tasks:
0f113f3e
MC		 126 * - Checks if there is one and only one signer.
127 * - Search for the signing certificate in 'certs' and in the response.
128 * - Check the extended key usage and key usage fields of the signer
129 * certificate (done by the path validation).
130 * - Build and validate the certificate path.
131 * - Check if the certificate path meets the requirements of the
132 * SigningCertificate ESS signed attribute.
133 * - Verify the signature value.
134 * - Returns the signer certificate in 'signer', if 'signer' is not NULL.
c7235be6
UM		 135 */
136int TS_RESP_verify_signature(PKCS7 *token, STACK_OF(X509) *certs,
0f113f3e
MC		 137 X509_STORE *store, X509 **signer_out)
138{
139 STACK_OF(PKCS7_SIGNER_INFO) *sinfos = NULL;
140 PKCS7_SIGNER_INFO *si;
141 STACK_OF(X509) *signers = NULL;
142 X509 *signer;
143 STACK_OF(X509) *chain = NULL;
144 char buf[4096];
145 int i, j = 0, ret = 0;
146 BIO *p7bio = NULL;
147
148 /* Some sanity checks first. */
149 if (!token) {
150 TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_INVALID_NULL_POINTER);
151 goto err;
152 }
0f113f3e
MC		 153 if (!PKCS7_type_is_signed(token)) {
154 TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_WRONG_CONTENT_TYPE);
155 goto err;
156 }
0f113f3e
MC		 157 sinfos = PKCS7_get_signer_info(token);
158 if (!sinfos || sk_PKCS7_SIGNER_INFO_num(sinfos) != 1) {
159 TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_THERE_MUST_BE_ONE_SIGNER);
160 goto err;
161 }
162 si = sk_PKCS7_SIGNER_INFO_value(sinfos, 0);
0f113f3e
MC		 163 if (PKCS7_get_detached(token)) {
164 TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_NO_CONTENT);
165 goto err;
166 }
167
168 /*
169 * Get hold of the signer certificate, search only internal certificates
170 * if it was requested.
171 */
172 signers = PKCS7_get0_signers(token, certs, 0);
173 if (!signers || sk_X509_num(signers) != 1)
174 goto err;
175 signer = sk_X509_value(signers, 0);
176
9c422b5b 177 if (!ts_verify_cert(store, certs, signer, &chain))
0f113f3e 178 goto err;
9c422b5b 179 if (!ts_check_signing_certs(si, chain))
0f113f3e 180 goto err;
0f113f3e
MC		 181 p7bio = PKCS7_dataInit(token, NULL);
182
183 /* We now have to 'read' from p7bio to calculate digests etc. */
18cd23df
RS		 184 while ((i = BIO_read(p7bio, buf, sizeof(buf))) > 0)
185 continue;
0f113f3e 186
0f113f3e
MC		 187 j = PKCS7_signatureVerify(p7bio, token, si, signer);
188 if (j <= 0) {
189 TSerr(TS_F_TS_RESP_VERIFY_SIGNATURE, TS_R_SIGNATURE_FAILURE);
190 goto err;
191 }
192
0f113f3e
MC		 193 if (signer_out) {
194 *signer_out = signer;
05f0fb9f 195 X509_up_ref(signer);
0f113f3e 196 }
0f113f3e 197 ret = 1;
c7235be6
UM		 198
199 err:
0f113f3e
MC		 200 BIO_free_all(p7bio);
201 sk_X509_pop_free(chain, X509_free);
202 sk_X509_free(signers);
c7235be6 203
0f113f3e
MC		 204 return ret;
205}
c7235be6
UM		 206
207/*
208 * The certificate chain is returned in chain. Caller is responsible for
209 * freeing the vector.
210 */
9c422b5b 211static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
0f113f3e
MC		 212 X509 *signer, STACK_OF(X509) **chain)
213{
214 X509_STORE_CTX cert_ctx;
215 int i;
216 int ret = 1;
217
0f113f3e 218 *chain = NULL;
e29c73c9
VD		 219 if (!X509_STORE_CTX_init(&cert_ctx, store, signer, untrusted))
220 return 0;
0f113f3e
MC		 221 X509_STORE_CTX_set_purpose(&cert_ctx, X509_PURPOSE_TIMESTAMP_SIGN);
222 i = X509_verify_cert(&cert_ctx);
223 if (i <= 0) {
224 int j = X509_STORE_CTX_get_error(&cert_ctx);
225 TSerr(TS_F_TS_VERIFY_CERT, TS_R_CERTIFICATE_VERIFY_ERROR);
226 ERR_add_error_data(2, "Verify error:",
227 X509_verify_cert_error_string(j));
228 ret = 0;
229 } else {
0f113f3e
MC		 230 *chain = X509_STORE_CTX_get1_chain(&cert_ctx);
231 }
232
233 X509_STORE_CTX_cleanup(&cert_ctx);
234
235 return ret;
236}
237
9c422b5b 238static int ts_check_signing_certs(PKCS7_SIGNER_INFO *si,
0f113f3e
MC		 239 STACK_OF(X509) *chain)
240{
9c422b5b 241 ESS_SIGNING_CERT *ss = ess_get_signing_cert(si);
0f113f3e
MC		 242 STACK_OF(ESS_CERT_ID) *cert_ids = NULL;
243 X509 *cert;
244 int i = 0;
245 int ret = 0;
246
247 if (!ss)
248 goto err;
249 cert_ids = ss->cert_ids;
0f113f3e 250 cert = sk_X509_value(chain, 0);
9c422b5b 251 if (ts_find_cert(cert_ids, cert) != 0)
0f113f3e
MC		 252 goto err;
253
254 /*
255 * Check the other certificates of the chain if there are more than one
256 * certificate ids in cert_ids.
257 */
258 if (sk_ESS_CERT_ID_num(cert_ids) > 1) {
0f113f3e
MC		 259 for (i = 1; i < sk_X509_num(chain); ++i) {
260 cert = sk_X509_value(chain, i);
9c422b5b 261 if (ts_find_cert(cert_ids, cert) < 0)
0f113f3e
MC		 262 goto err;
263 }
264 }
265 ret = 1;
c7235be6 266 err:
0f113f3e
MC		 267 if (!ret)
268 TSerr(TS_F_TS_CHECK_SIGNING_CERTS,
269 TS_R_ESS_SIGNING_CERTIFICATE_ERROR);
270 ESS_SIGNING_CERT_free(ss);
271 return ret;
272}
c7235be6 273
9c422b5b 274static ESS_SIGNING_CERT *ess_get_signing_cert(PKCS7_SIGNER_INFO *si)
0f113f3e
MC		 275{
276 ASN1_TYPE *attr;
277 const unsigned char *p;
278 attr = PKCS7_get_signed_attribute(si, NID_id_smime_aa_signingCertificate);
279 if (!attr)
280 return NULL;
281 p = attr->value.sequence->data;
282 return d2i_ESS_SIGNING_CERT(NULL, &p, attr->value.sequence->length);
283}
c7235be6
UM		 284
285/* Returns < 0 if certificate is not found, certificate index otherwise. */
9c422b5b 286static int ts_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert)
0f113f3e
MC		 287{
288 int i;
7e418832 289 unsigned char cert_sha1[SHA_DIGEST_LENGTH];
0f113f3e
MC		 290
291 if (!cert_ids || !cert)
292 return -1;
293
7e418832
DSH		 294 X509_digest(cert, EVP_sha1(), cert_sha1, NULL);
295
0f113f3e
MC		 296 /* Recompute SHA1 hash of certificate if necessary (side effect). */
297 X509_check_purpose(cert, -1, 0);
298
299 /* Look for cert in the cert_ids vector. */
300 for (i = 0; i < sk_ESS_CERT_ID_num(cert_ids); ++i) {
301 ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i);
302
7e418832
DSH		 303 if (cid->hash->length == SHA_DIGEST_LENGTH
304 && memcmp(cid->hash->data, cert_sha1, SHA_DIGEST_LENGTH) == 0) {
0f113f3e 305 ESS_ISSUER_SERIAL *is = cid->issuer_serial;
a8d8e06b 306 if (!is || !ts_issuer_serial_cmp(is, cert))
0f113f3e
MC		 307 return i;
308 }
309 }
310
311 return -1;
312}
c7235be6 313
a8d8e06b 314static int ts_issuer_serial_cmp(ESS_ISSUER_SERIAL *is, X509 *cert)
0f113f3e
MC		 315{
316 GENERAL_NAME *issuer;
c7235be6 317
a8d8e06b 318 if (!is || !cert || sk_GENERAL_NAME_num(is->issuer) != 1)
0f113f3e 319 return -1;
c7235be6 320
0f113f3e
MC		 321 issuer = sk_GENERAL_NAME_value(is->issuer, 0);
322 if (issuer->type != GEN_DIRNAME
a8d8e06b 323 || X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert)))
0f113f3e 324 return -1;
c7235be6 325
a8d8e06b 326 if (ASN1_INTEGER_cmp(is->serial, X509_get_serialNumber(cert)))
0f113f3e 327 return -1;
c7235be6 328
0f113f3e
MC		 329 return 0;
330}
c7235be6 331
c80fd6b2 332/*-
0f113f3e 333 * Verifies whether 'response' contains a valid response with regards
c7235be6 334 * to the settings of the context:
0f113f3e
MC		 335 * - Gives an error message if the TS_TST_INFO is not present.
336 * - Calls _TS_RESP_verify_token to verify the token content.
c7235be6
UM		 337 */
338int TS_RESP_verify_response(TS_VERIFY_CTX *ctx, TS_RESP *response)
0f113f3e 339{
ca4a494c
RS		 340 PKCS7 *token = response->token;
341 TS_TST_INFO *tst_info = response->tst_info;
0f113f3e 342 int ret = 0;
c7235be6 343
9c422b5b 344 if (!ts_check_status_info(response))
0f113f3e 345 goto err;
9c422b5b 346 if (!int_ts_RESP_verify_token(ctx, token, tst_info))
0f113f3e 347 goto err;
0f113f3e 348 ret = 1;
18cd23df 349
c7235be6 350 err:
0f113f3e
MC		 351 return ret;
352}
c7235be6
UM		 353
354/*
355 * Tries to extract a TS_TST_INFO structure from the PKCS7 token and
a291745e 356 * calls the internal int_TS_RESP_verify_token function for verifying it.
c7235be6
UM		 357 */
358int TS_RESP_verify_token(TS_VERIFY_CTX *ctx, PKCS7 *token)
0f113f3e
MC		 359{
360 TS_TST_INFO *tst_info = PKCS7_to_TS_TST_INFO(token);
361 int ret = 0;
362 if (tst_info) {
9c422b5b 363 ret = int_ts_RESP_verify_token(ctx, token, tst_info);
0f113f3e
MC		 364 TS_TST_INFO_free(tst_info);
365 }
366 return ret;
367}
c7235be6 368
1d97c843 369/*-
0f113f3e 370 * Verifies whether the 'token' contains a valid time stamp token
c7235be6
UM		 371 * with regards to the settings of the context. Only those checks are
372 * carried out that are specified in the context:
0f113f3e
MC		 373 * - Verifies the signature of the TS_TST_INFO.
374 * - Checks the version number of the response.
375 * - Check if the requested and returned policies math.
376 * - Check if the message imprints are the same.
377 * - Check if the nonces are the same.
378 * - Check if the TSA name matches the signer.
379 * - Check if the TSA name is the expected TSA.
c7235be6 380 */
9c422b5b 381static int int_ts_RESP_verify_token(TS_VERIFY_CTX *ctx,
0f113f3e
MC		 382 PKCS7 *token, TS_TST_INFO *tst_info)
383{
384 X509 *signer = NULL;
ca4a494c 385 GENERAL_NAME *tsa_name = tst_info->tsa;
0f113f3e
MC		 386 X509_ALGOR *md_alg = NULL;
387 unsigned char *imprint = NULL;
388 unsigned imprint_len = 0;
389 int ret = 0;
390
0f113f3e
MC		 391 if ((ctx->flags & TS_VFY_SIGNATURE)
392 && !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer))
393 goto err;
0f113f3e
MC		 394 if ((ctx->flags & TS_VFY_VERSION)
395 && TS_TST_INFO_get_version(tst_info) != 1) {
396 TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION);
397 goto err;
398 }
0f113f3e 399 if ((ctx->flags & TS_VFY_POLICY)
9c422b5b 400 && !ts_check_policy(ctx->policy, tst_info))
0f113f3e 401 goto err;
0f113f3e 402 if ((ctx->flags & TS_VFY_IMPRINT)
9c422b5b 403 && !ts_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len,
0f113f3e
MC		 404 tst_info))
405 goto err;
0f113f3e 406 if ((ctx->flags & TS_VFY_DATA)
9c422b5b 407 && (!ts_compute_imprint(ctx->data, tst_info,
0f113f3e 408 &md_alg, &imprint, &imprint_len)
9c422b5b 409 || !ts_check_imprints(md_alg, imprint, imprint_len, tst_info)))
0f113f3e 410 goto err;
0f113f3e 411 if ((ctx->flags & TS_VFY_NONCE)
9c422b5b 412 && !ts_check_nonces(ctx->nonce, tst_info))
0f113f3e 413 goto err;
0f113f3e 414 if ((ctx->flags & TS_VFY_SIGNER)
9c422b5b 415 && tsa_name && !ts_check_signer_name(tsa_name, signer)) {
0f113f3e
MC		 416 TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH);
417 goto err;
418 }
0f113f3e 419 if ((ctx->flags & TS_VFY_TSA_NAME)
9c422b5b 420 && !ts_check_signer_name(ctx->tsa_name, signer)) {
0f113f3e
MC		 421 TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED);
422 goto err;
423 }
0f113f3e 424 ret = 1;
18cd23df 425
c7235be6 426 err:
0f113f3e
MC		 427 X509_free(signer);
428 X509_ALGOR_free(md_alg);
429 OPENSSL_free(imprint);
430 return ret;
431}
c7235be6 432
9c422b5b 433static int ts_check_status_info(TS_RESP *response)
0f113f3e 434{
ca4a494c 435 TS_STATUS_INFO *info = response->status_info;
0f113f3e
MC		 436 long status = ASN1_INTEGER_get(info->status);
437 const char *status_text = NULL;
438 char *embedded_status_text = NULL;
439 char failure_text[TS_STATUS_BUF_SIZE] = "";
440
0f113f3e
MC		 441 if (status == 0 || status == 1)
442 return 1;
443
444 /* There was an error, get the description in status_text. */
0704343f 445 if (0 <= status && status < (long) OSSL_NELEM(ts_status_text))
9c422b5b 446 status_text = ts_status_text[status];
0f113f3e
MC		 447 else
448 status_text = "unknown code";
449
0f113f3e 450 if (sk_ASN1_UTF8STRING_num(info->text) > 0
9c422b5b 451 && (embedded_status_text = ts_get_status_text(info->text)) == NULL)
0f113f3e
MC		 452 return 0;
453
18cd23df 454 /* Fill in failure_text with the failure information. */
0f113f3e
MC		 455 if (info->failure_info) {
456 int i;
457 int first = 1;
18cd23df 458 for (i = 0; i < (int)OSSL_NELEM(ts_failure_info); ++i) {
0f113f3e 459 if (ASN1_BIT_STRING_get_bit(info->failure_info,
9c422b5b 460 ts_failure_info[i].code)) {
0f113f3e 461 if (!first)
0704343f 462 strcat(failure_text, ",");
0f113f3e
MC		 463 else
464 first = 0;
9c422b5b 465 strcat(failure_text, ts_failure_info[i].text);
0f113f3e
MC		 466 }
467 }
468 }
469 if (failure_text[0] == '\0')
470 strcpy(failure_text, "unspecified");
471
0f113f3e
MC		 472 TSerr(TS_F_TS_CHECK_STATUS_INFO, TS_R_NO_TIME_STAMP_TOKEN);
473 ERR_add_error_data(6,
474 "status code: ", status_text,
475 ", status text: ", embedded_status_text ?
476 embedded_status_text : "unspecified",
477 ", failure codes: ", failure_text);
478 OPENSSL_free(embedded_status_text);
479
480 return 0;
481}
c7235be6 482
9c422b5b 483static char *ts_get_status_text(STACK_OF(ASN1_UTF8STRING) *text)
0f113f3e
MC		 484{
485 int i;
486 unsigned int length = 0;
487 char *result = NULL;
488 char *p;
489
0f113f3e
MC		 490 for (i = 0; i < sk_ASN1_UTF8STRING_num(text); ++i) {
491 ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
492 length += ASN1_STRING_length(current);
493 length += 1; /* separator character */
494 }
75ebbd9a 495 if ((result = OPENSSL_malloc(length)) == NULL) {
0f113f3e
MC		 496 TSerr(TS_F_TS_GET_STATUS_TEXT, ERR_R_MALLOC_FAILURE);
497 return NULL;
498 }
18cd23df 499
0f113f3e
MC		 500 for (i = 0, p = result; i < sk_ASN1_UTF8STRING_num(text); ++i) {
501 ASN1_UTF8STRING *current = sk_ASN1_UTF8STRING_value(text, i);
502 length = ASN1_STRING_length(current);
503 if (i > 0)
504 *p++ = '/';
505 strncpy(p, (const char *)ASN1_STRING_data(current), length);
506 p += length;
507 }
0f113f3e
MC		 508 *p = '\0';
509
510 return result;
511}
c7235be6 512
9c422b5b 513static int ts_check_policy(ASN1_OBJECT *req_oid, TS_TST_INFO *tst_info)
0f113f3e 514{
ca4a494c 515 ASN1_OBJECT *resp_oid = tst_info->policy_id;
c7235be6 516
0f113f3e
MC		 517 if (OBJ_cmp(req_oid, resp_oid) != 0) {
518 TSerr(TS_F_TS_CHECK_POLICY, TS_R_POLICY_MISMATCH);
519 return 0;
520 }
c7235be6 521
0f113f3e
MC		 522 return 1;
523}
c7235be6 524
9c422b5b 525static int ts_compute_imprint(BIO *data, TS_TST_INFO *tst_info,
0f113f3e
MC		 526 X509_ALGOR **md_alg,
527 unsigned char **imprint, unsigned *imprint_len)
528{
ca4a494c
RS		 529 TS_MSG_IMPRINT *msg_imprint = tst_info->msg_imprint;
530 X509_ALGOR *md_alg_resp = msg_imprint->hash_algo;
0f113f3e 531 const EVP_MD *md;
6e59a892 532 EVP_MD_CTX *md_ctx = NULL;
0f113f3e
MC		 533 unsigned char buffer[4096];
534 int length;
535
536 *md_alg = NULL;
537 *imprint = NULL;
538
75ebbd9a 539 if ((*md_alg = X509_ALGOR_dup(md_alg_resp)) == NULL)
0f113f3e 540 goto err;
75ebbd9a 541 if ((md = EVP_get_digestbyobj((*md_alg)->algorithm)) == NULL) {
0f113f3e
MC		 542 TSerr(TS_F_TS_COMPUTE_IMPRINT, TS_R_UNSUPPORTED_MD_ALGORITHM);
543 goto err;
544 }
0f113f3e
MC		 545 length = EVP_MD_size(md);
546 if (length < 0)
547 goto err;
548 *imprint_len = length;
75ebbd9a 549 if ((*imprint = OPENSSL_malloc(*imprint_len)) == NULL) {
0f113f3e
MC		 550 TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
551 goto err;
552 }
553
bfb0641f 554 md_ctx = EVP_MD_CTX_new();
6e59a892
RL		 555 if (md_ctx == NULL) {
556 TSerr(TS_F_TS_COMPUTE_IMPRINT, ERR_R_MALLOC_FAILURE);
557 goto err;
558 }
559 if (!EVP_DigestInit(md_ctx, md))
0f113f3e
MC		 560 goto err;
561 while ((length = BIO_read(data, buffer, sizeof(buffer))) > 0) {
6e59a892 562 if (!EVP_DigestUpdate(md_ctx, buffer, length))
0f113f3e
MC		 563 goto err;
564 }
6e59a892 565 if (!EVP_DigestFinal(md_ctx, *imprint, NULL))
0f113f3e 566 goto err;
bfb0641f 567 EVP_MD_CTX_free(md_ctx);
0f113f3e
MC		 568
569 return 1;
c7235be6 570 err:
bfb0641f 571 EVP_MD_CTX_free(md_ctx);
0f113f3e
MC		 572 X509_ALGOR_free(*md_alg);
573 OPENSSL_free(*imprint);
574 *imprint_len = 0;
575 *imprint = 0;
576 return 0;
577}
578
9c422b5b 579static int ts_check_imprints(X509_ALGOR *algor_a,
0f113f3e
MC		 580 unsigned char *imprint_a, unsigned len_a,
581 TS_TST_INFO *tst_info)
582{
ca4a494c
RS		 583 TS_MSG_IMPRINT *b = tst_info->msg_imprint;
584 X509_ALGOR *algor_b = b->hash_algo;
0f113f3e
MC		 585 int ret = 0;
586
0f113f3e 587 if (algor_a) {
0f113f3e
MC		 588 if (OBJ_cmp(algor_a->algorithm, algor_b->algorithm))
589 goto err;
590
591 /* The parameter must be NULL in both. */
592 if ((algor_a->parameter
593 && ASN1_TYPE_get(algor_a->parameter) != V_ASN1_NULL)
594 || (algor_b->parameter
595 && ASN1_TYPE_get(algor_b->parameter) != V_ASN1_NULL))
596 goto err;
597 }
598
0f113f3e
MC		 599 ret = len_a == (unsigned)ASN1_STRING_length(b->hashed_msg) &&
600 memcmp(imprint_a, ASN1_STRING_data(b->hashed_msg), len_a) == 0;
c7235be6 601 err:
0f113f3e
MC		 602 if (!ret)
603 TSerr(TS_F_TS_CHECK_IMPRINTS, TS_R_MESSAGE_IMPRINT_MISMATCH);
604 return ret;
605}
c7235be6 606
9c422b5b 607static int ts_check_nonces(const ASN1_INTEGER *a, TS_TST_INFO *tst_info)
0f113f3e 608{
ca4a494c 609 const ASN1_INTEGER *b = tst_info->nonce;
0f113f3e 610
0f113f3e
MC		 611 if (!b) {
612 TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_NOT_RETURNED);
613 return 0;
614 }
615
616 /* No error if a nonce is returned without being requested. */
617 if (ASN1_INTEGER_cmp(a, b) != 0) {
618 TSerr(TS_F_TS_CHECK_NONCES, TS_R_NONCE_MISMATCH);
619 return 0;
620 }
621
622 return 1;
623}
624
625/*
626 * Check if the specified TSA name matches either the subject or one of the
627 * subject alternative names of the TSA certificate.
628 */
9c422b5b 629static int ts_check_signer_name(GENERAL_NAME *tsa_name, X509 *signer)
0f113f3e
MC		 630{
631 STACK_OF(GENERAL_NAME) *gen_names = NULL;
632 int idx = -1;
633 int found = 0;
634
0f113f3e 635 if (tsa_name->type == GEN_DIRNAME
a8d8e06b 636 && X509_name_cmp(tsa_name->d.dirn, X509_get_subject_name(signer)) == 0)
0f113f3e 637 return 1;
0f113f3e 638 gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
75ebbd9a 639 while (gen_names != NULL) {
9c422b5b 640 found = ts_find_name(gen_names, tsa_name) >= 0;
75ebbd9a
RS		 641 if (found)
642 break;
0f113f3e
MC		 643 /*
644 * Get the next subject alternative name, although there should be no
645 * more than one.
646 */
647 GENERAL_NAMES_free(gen_names);
75ebbd9a 648 gen_names = X509_get_ext_d2i(signer, NID_subject_alt_name, NULL, &idx);
0f113f3e 649 }
25aaa98a 650 GENERAL_NAMES_free(gen_names);
0f113f3e
MC		 651
652 return found;
653}
c7235be6
UM		 654
655/* Returns 1 if name is in gen_names, 0 otherwise. */
9c422b5b 656static int ts_find_name(STACK_OF(GENERAL_NAME) *gen_names, GENERAL_NAME *name)
0f113f3e
MC		 657{
658 int i, found;
659 for (i = 0, found = 0; !found && i < sk_GENERAL_NAME_num(gen_names); ++i) {
660 GENERAL_NAME *current = sk_GENERAL_NAME_value(gen_names, i);
661 found = GENERAL_NAME_cmp(current, name) == 0;
662 }
663 return found ? i - 1 : -1;
664}
A mirror of the official openssl repository