2 * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
12 /* CMP functions for PKIHeader handling */
14 #include "cmp_local.h"
16 #include <openssl/rand.h>
18 /* explicit #includes not strictly needed since implied by the above: */
19 #include <openssl/asn1t.h>
20 #include <openssl/cmp.h>
21 #include <openssl/err.h>
23 int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER
*hdr
, int pvno
)
25 if (!ossl_assert(hdr
!= NULL
))
27 return ASN1_INTEGER_set(hdr
->pvno
, pvno
);
30 int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER
*hdr
)
34 if (!ossl_assert(hdr
!= NULL
))
36 if (!ASN1_INTEGER_get_int64(&pvno
, hdr
->pvno
) || pvno
< 0 || pvno
> INT_MAX
)
41 ASN1_OCTET_STRING
*OSSL_CMP_HDR_get0_transactionID(const OSSL_CMP_PKIHEADER
*hdr
)
44 CMPerr(0, CMP_R_NULL_ARGUMENT
);
47 return hdr
->transactionID
;
50 ASN1_OCTET_STRING
*ossl_cmp_hdr_get0_senderNonce(const OSSL_CMP_PKIHEADER
*hdr
)
52 if (!ossl_assert(hdr
!= NULL
))
54 return hdr
->senderNonce
;
57 ASN1_OCTET_STRING
*OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER
*hdr
)
60 CMPerr(0, CMP_R_NULL_ARGUMENT
);
63 return hdr
->recipNonce
;
66 /* assign to *tgt a copy of src (which may be NULL to indicate an empty DN) */
67 static int set1_general_name(GENERAL_NAME
**tgt
, const X509_NAME
*src
)
71 if (!ossl_assert(tgt
!= NULL
))
73 if ((gen
= GENERAL_NAME_new()) == NULL
)
75 gen
->type
= GEN_DIRNAME
;
77 if (src
== NULL
) { /* NULL-DN */
78 if ((gen
->d
.directoryName
= X509_NAME_new()) == NULL
)
80 } else if (!X509_NAME_set(&gen
->d
.directoryName
, src
)) {
84 GENERAL_NAME_free(*tgt
);
90 GENERAL_NAME_free(gen
);
95 * Set the sender name in PKIHeader.
96 * when nm is NULL, sender is set to an empty string
97 * returns 1 on success, 0 on error
99 int ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER
*hdr
, const X509_NAME
*nm
)
101 if (!ossl_assert(hdr
!= NULL
))
103 return set1_general_name(&hdr
->sender
, nm
);
106 int ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER
*hdr
, const X509_NAME
*nm
)
108 if (!ossl_assert(hdr
!= NULL
))
110 return set1_general_name(&hdr
->recipient
, nm
);
113 int ossl_cmp_hdr_update_messageTime(OSSL_CMP_PKIHEADER
*hdr
)
115 if (!ossl_assert(hdr
!= NULL
))
117 if (hdr
->messageTime
== NULL
118 && (hdr
->messageTime
= ASN1_GENERALIZEDTIME_new()) == NULL
)
120 return ASN1_GENERALIZEDTIME_set(hdr
->messageTime
, time(NULL
)) != NULL
;
123 /* assign to *tgt a copy of src (or if NULL a random byte array of given len) */
124 static int set1_aostr_else_random(ASN1_OCTET_STRING
**tgt
,
125 const ASN1_OCTET_STRING
*src
, size_t len
)
127 unsigned char *bytes
= NULL
;
130 if (src
== NULL
) { /* generate a random value if src == NULL */
131 if ((bytes
= OPENSSL_malloc(len
)) == NULL
)
133 if (RAND_bytes(bytes
, len
) <= 0) {
134 CMPerr(0, CMP_R_FAILURE_OBTAINING_RANDOM
);
137 res
= ossl_cmp_asn1_octet_string_set1_bytes(tgt
, bytes
, len
);
139 res
= ossl_cmp_asn1_octet_string_set1(tgt
, src
);
147 int ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER
*hdr
,
148 const ASN1_OCTET_STRING
*senderKID
)
150 if (!ossl_assert(hdr
!= NULL
))
152 return ossl_cmp_asn1_octet_string_set1(&hdr
->senderKID
, senderKID
);
155 /* push the given text string to the given PKIFREETEXT ft */
156 int ossl_cmp_pkifreetext_push_str(OSSL_CMP_PKIFREETEXT
*ft
, const char *text
)
158 ASN1_UTF8STRING
*utf8string
;
160 if (!ossl_assert(ft
!= NULL
&& text
!= NULL
))
162 if ((utf8string
= ASN1_UTF8STRING_new()) == NULL
)
164 if (!ASN1_STRING_set(utf8string
, text
, -1))
166 if (!sk_ASN1_UTF8STRING_push(ft
, utf8string
))
171 ASN1_UTF8STRING_free(utf8string
);
175 int ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER
*hdr
, ASN1_UTF8STRING
*text
)
177 if (!ossl_assert(hdr
!= NULL
&& text
!= NULL
))
180 if (hdr
->freeText
== NULL
181 && (hdr
->freeText
= sk_ASN1_UTF8STRING_new_null()) == NULL
)
184 return sk_ASN1_UTF8STRING_push(hdr
->freeText
, text
);
187 int ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER
*hdr
, ASN1_UTF8STRING
*text
)
189 if (!ossl_assert(hdr
!= NULL
&& text
!= NULL
))
192 if (hdr
->freeText
== NULL
193 && (hdr
->freeText
= sk_ASN1_UTF8STRING_new_null()) == NULL
)
196 return ossl_cmp_pkifreetext_push_str(hdr
->freeText
, (char *)text
->data
);
199 int ossl_cmp_hdr_generalInfo_push0_item(OSSL_CMP_PKIHEADER
*hdr
,
202 if (!ossl_assert(hdr
!= NULL
&& itav
!= NULL
))
204 return OSSL_CMP_ITAV_push0_stack_item(&hdr
->generalInfo
, itav
);
207 int ossl_cmp_hdr_generalInfo_push1_items(OSSL_CMP_PKIHEADER
*hdr
,
208 STACK_OF(OSSL_CMP_ITAV
) *itavs
)
213 if (!ossl_assert(hdr
!= NULL
))
216 for (i
= 0; i
< sk_OSSL_CMP_ITAV_num(itavs
); i
++) {
217 itav
= OSSL_CMP_ITAV_dup(sk_OSSL_CMP_ITAV_value(itavs
, i
));
221 if (!ossl_cmp_hdr_generalInfo_push0_item(hdr
, itav
)) {
222 OSSL_CMP_ITAV_free(itav
);
229 int ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER
*hdr
)
234 if (!ossl_assert(hdr
!= NULL
))
236 asn1null
= (ASN1_TYPE
*)ASN1_NULL_new();
237 if (asn1null
== NULL
)
239 if ((itav
= OSSL_CMP_ITAV_create(OBJ_nid2obj(NID_id_it_implicitConfirm
),
242 if (!ossl_cmp_hdr_generalInfo_push0_item(hdr
, itav
))
247 ASN1_TYPE_free(asn1null
);
248 OSSL_CMP_ITAV_free(itav
);
252 /* return 1 if implicitConfirm in the generalInfo field of the header is set */
253 int ossl_cmp_hdr_check_implicitConfirm(const OSSL_CMP_PKIHEADER
*hdr
)
259 if (!ossl_assert(hdr
!= NULL
))
262 itavCount
= sk_OSSL_CMP_ITAV_num(hdr
->generalInfo
);
263 for (i
= 0; i
< itavCount
; i
++) {
264 itav
= sk_OSSL_CMP_ITAV_value(hdr
->generalInfo
, i
);
266 && OBJ_obj2nid(itav
->infoType
) == NID_id_it_implicitConfirm
)
273 /* fill in all fields of the hdr according to the info given in ctx */
274 int ossl_cmp_hdr_init(OSSL_CMP_CTX
*ctx
, OSSL_CMP_PKIHEADER
*hdr
)
277 X509_NAME
*rcp
= NULL
;
279 if (!ossl_assert(ctx
!= NULL
&& hdr
!= NULL
))
282 /* set the CMP version */
283 if (!ossl_cmp_hdr_set_pvno(hdr
, OSSL_CMP_PVNO
))
286 sender
= ctx
->clCert
!= NULL
?
287 X509_get_subject_name(ctx
->clCert
) : ctx
->subjectName
;
289 * The sender name is copied from the subject of the client cert, if any,
290 * or else from the the subject name provided for certification requests.
291 * As required by RFC 4210 section 5.1.1., if the sender name is not known
292 * to the client it set to NULL-DN. In this case for identification at least
293 * the senderKID must be set, which we take from any referenceValue given.
295 if (sender
== NULL
&& ctx
->referenceValue
== NULL
) {
296 CMPerr(0, CMP_R_MISSING_SENDER_IDENTIFICATION
);
299 if (!ossl_cmp_hdr_set1_sender(hdr
, sender
))
302 /* determine recipient entry in PKIHeader */
303 if (ctx
->srvCert
!= NULL
) {
304 rcp
= X509_get_subject_name(ctx
->srvCert
);
305 /* set also as expected_sender of responses unless set explicitly */
306 if (ctx
->expected_sender
== NULL
&& rcp
!= NULL
307 && !OSSL_CMP_CTX_set1_expected_sender(ctx
, rcp
))
309 } else if (ctx
->recipient
!= NULL
) {
310 rcp
= ctx
->recipient
;
311 } else if (ctx
->issuer
!= NULL
) {
313 } else if (ctx
->oldCert
!= NULL
) {
314 rcp
= X509_get_issuer_name(ctx
->oldCert
);
315 } else if (ctx
->clCert
!= NULL
) {
316 rcp
= X509_get_issuer_name(ctx
->clCert
);
318 if (!ossl_cmp_hdr_set1_recipient(hdr
, rcp
))
321 /* set current time as message time */
322 if (!ossl_cmp_hdr_update_messageTime(hdr
))
325 if (ctx
->recipNonce
!= NULL
326 && !ossl_cmp_asn1_octet_string_set1(&hdr
->recipNonce
,
331 * set ctx->transactionID in CMP header
332 * if ctx->transactionID is NULL, a random one is created with 128 bit
333 * according to section 5.1.1:
335 * It is RECOMMENDED that the clients fill the transactionID field with
336 * 128 bits of (pseudo-) random data for the start of a transaction to
337 * reduce the probability of having the transactionID in use at the server.
339 if (ctx
->transactionID
== NULL
340 && !set1_aostr_else_random(&ctx
->transactionID
, NULL
,
341 OSSL_CMP_TRANSACTIONID_LENGTH
))
343 if (!ossl_cmp_asn1_octet_string_set1(&hdr
->transactionID
,
348 * set random senderNonce
349 * according to section 5.1.1:
351 * senderNonce present
352 * -- 128 (pseudo-)random bits
353 * The senderNonce and recipNonce fields protect the PKIMessage against
354 * replay attacks. The senderNonce will typically be 128 bits of
355 * (pseudo-) random data generated by the sender, whereas the recipNonce
356 * is copied from the senderNonce of the previous message in the
359 if (!set1_aostr_else_random(&hdr
->senderNonce
, NULL
,
360 OSSL_CMP_SENDERNONCE_LENGTH
))
363 /* store senderNonce - for cmp with recipNonce in next outgoing msg */
364 if (!OSSL_CMP_CTX_set1_senderNonce(ctx
, hdr
->senderNonce
))
368 * freeText [7] PKIFreeText OPTIONAL,
369 * -- this may be used to indicate context-specific instructions
370 * -- (this field is intended for human consumption)
372 if (ctx
->freeText
!= NULL
373 && !ossl_cmp_hdr_push1_freeText(hdr
, ctx
->freeText
))