]>
Commit | Line | Data |
---|---|---|
a61b7f2f | 1 | /*- |
33388b44 | 2 | * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. |
a61b7f2f | 3 | * Copyright Nokia 2007-2018 |
8869ad4a | 4 | * Copyright Siemens AG 2015-2019 |
a61b7f2f | 5 | * |
ce9b9964 | 6 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
a61b7f2f DO |
7 | * this file except in compliance with the License. You can obtain a copy |
8 | * in the file LICENSE in the source distribution or at | |
9 | * https://www.openssl.org/source/license.html | |
10 | * | |
11 | * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb. | |
12 | */ | |
13 | ||
14 | /* | |
15 | * This file contains the functions that handle the individual items inside | |
16 | * the CRMF structures | |
17 | */ | |
18 | ||
19 | /* | |
20 | * NAMING | |
21 | * | |
22 | * The 0 functions use the supplied structure pointer directly in the parent and | |
23 | * it will be freed up when the parent is freed. | |
24 | * | |
25 | * The 1 functions use a copy of the supplied structure pointer (or in some | |
26 | * cases increases its link count) in the parent and so both should be freed up. | |
27 | */ | |
28 | ||
29 | #include <openssl/asn1t.h> | |
30 | ||
706457b7 DMSP |
31 | #include "crmf_local.h" |
32 | #include "internal/constant_time.h" | |
a61b7f2f DO |
33 | |
34 | /* explicit #includes not strictly needed since implied by the above: */ | |
35 | #include <openssl/crmf.h> | |
36 | #include <openssl/err.h> | |
37 | #include <openssl/evp.h> | |
38 | ||
852c2ed2 RS |
39 | DEFINE_STACK_OF(X509_EXTENSION) |
40 | DEFINE_STACK_OF(OSSL_CRMF_MSG) | |
41 | ||
a61b7f2f DO |
42 | /*- |
43 | * atyp = Attribute Type | |
44 | * valt = Value Type | |
45 | * ctrlinf = "regCtrl" or "regInfo" | |
46 | */ | |
47 | #define IMPLEMENT_CRMF_CTRL_FUNC(atyp, valt, ctrlinf) \ | |
48 | int OSSL_CRMF_MSG_set1_##ctrlinf##_##atyp(OSSL_CRMF_MSG *msg, \ | |
49 | const valt *in) \ | |
50 | { \ | |
51 | OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL; \ | |
52 | \ | |
235595c4 | 53 | if (msg == NULL || in == NULL) \ |
a61b7f2f DO |
54 | goto err; \ |
55 | if ((atav = OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new()) == NULL) \ | |
56 | goto err; \ | |
57 | if ((atav->type = OBJ_nid2obj(NID_id_##ctrlinf##_##atyp)) == NULL) \ | |
58 | goto err; \ | |
59 | if ((atav->value.atyp = valt##_dup(in)) == NULL) \ | |
60 | goto err; \ | |
61 | if (!OSSL_CRMF_MSG_push0_##ctrlinf(msg, atav)) \ | |
62 | goto err; \ | |
63 | return 1; \ | |
64 | err: \ | |
65 | OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(atav); \ | |
66 | return 0; \ | |
67 | } | |
68 | ||
69 | ||
70 | /*- | |
71 | * Pushes the given control attribute into the controls stack of a CertRequest | |
72 | * (section 6) | |
73 | * returns 1 on success, 0 on error | |
74 | */ | |
75 | static int OSSL_CRMF_MSG_push0_regCtrl(OSSL_CRMF_MSG *crm, | |
76 | OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ctrl) | |
77 | { | |
78 | int new = 0; | |
79 | ||
80 | if (crm == NULL || crm->certReq == NULL || ctrl == NULL) { | |
81 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL, CRMF_R_NULL_ARGUMENT); | |
82 | return 0; | |
83 | } | |
84 | ||
85 | if (crm->certReq->controls == NULL) { | |
86 | crm->certReq->controls = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null(); | |
87 | if (crm->certReq->controls == NULL) | |
7960dbec | 88 | goto err; |
a61b7f2f DO |
89 | new = 1; |
90 | } | |
91 | if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->certReq->controls, ctrl)) | |
7960dbec | 92 | goto err; |
a61b7f2f DO |
93 | |
94 | return 1; | |
7960dbec | 95 | err: |
a61b7f2f DO |
96 | if (new != 0) { |
97 | sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(crm->certReq->controls); | |
98 | crm->certReq->controls = NULL; | |
99 | } | |
100 | return 0; | |
101 | } | |
102 | ||
3dbc5156 | 103 | /* id-regCtrl-regToken Control (section 6.1) */ |
a61b7f2f DO |
104 | IMPLEMENT_CRMF_CTRL_FUNC(regToken, ASN1_STRING, regCtrl) |
105 | ||
3dbc5156 | 106 | /* id-regCtrl-authenticator Control (section 6.2) */ |
a61b7f2f DO |
107 | #define ASN1_UTF8STRING_dup ASN1_STRING_dup |
108 | IMPLEMENT_CRMF_CTRL_FUNC(authenticator, ASN1_UTF8STRING, regCtrl) | |
109 | ||
110 | int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi, | |
111 | int method, GENERAL_NAME *nm) | |
112 | { | |
113 | if (spi == NULL | |
114 | || method < OSSL_CRMF_PUB_METHOD_DONTCARE | |
115 | || method > OSSL_CRMF_PUB_METHOD_LDAP) { | |
116 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO, | |
117 | ERR_R_PASSED_INVALID_ARGUMENT); | |
118 | return 0; | |
119 | } | |
120 | ||
121 | if (!ASN1_INTEGER_set(spi->pubMethod, method)) | |
122 | return 0; | |
123 | GENERAL_NAME_free(spi->pubLocation); | |
124 | spi->pubLocation = nm; | |
125 | return 1; | |
126 | } | |
127 | ||
235595c4 DDO |
128 | int |
129 | OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi, | |
130 | OSSL_CRMF_SINGLEPUBINFO *spi) | |
a61b7f2f DO |
131 | { |
132 | if (pi == NULL || spi == NULL) { | |
133 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO, | |
134 | CRMF_R_NULL_ARGUMENT); | |
135 | return 0; | |
136 | } | |
137 | if (pi->pubInfos == NULL) | |
138 | pi->pubInfos = sk_OSSL_CRMF_SINGLEPUBINFO_new_null(); | |
139 | if (pi->pubInfos == NULL) | |
7960dbec | 140 | return 0; |
a61b7f2f | 141 | |
7960dbec | 142 | return sk_OSSL_CRMF_SINGLEPUBINFO_push(pi->pubInfos, spi); |
a61b7f2f DO |
143 | } |
144 | ||
235595c4 DDO |
145 | int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi, |
146 | int action) | |
a61b7f2f DO |
147 | { |
148 | if (pi == NULL | |
149 | || action < OSSL_CRMF_PUB_ACTION_DONTPUBLISH | |
150 | || action > OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH) { | |
151 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION, | |
152 | ERR_R_PASSED_INVALID_ARGUMENT); | |
153 | return 0; | |
154 | } | |
155 | ||
156 | return ASN1_INTEGER_set(pi->action, action); | |
157 | } | |
158 | ||
3dbc5156 | 159 | /* id-regCtrl-pkiPublicationInfo Control (section 6.3) */ |
a61b7f2f DO |
160 | IMPLEMENT_CRMF_CTRL_FUNC(pkiPublicationInfo, OSSL_CRMF_PKIPUBLICATIONINFO, |
161 | regCtrl) | |
162 | ||
3dbc5156 | 163 | /* id-regCtrl-oldCertID Control (section 6.5) from the given */ |
a61b7f2f DO |
164 | IMPLEMENT_CRMF_CTRL_FUNC(oldCertID, OSSL_CRMF_CERTID, regCtrl) |
165 | ||
166 | OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer, | |
167 | const ASN1_INTEGER *serial) | |
168 | { | |
169 | OSSL_CRMF_CERTID *cid = NULL; | |
170 | ||
171 | if (issuer == NULL || serial == NULL) { | |
172 | CRMFerr(CRMF_F_OSSL_CRMF_CERTID_GEN, CRMF_R_NULL_ARGUMENT); | |
173 | return NULL; | |
174 | } | |
175 | ||
176 | if ((cid = OSSL_CRMF_CERTID_new()) == NULL) | |
7960dbec | 177 | goto err; |
a61b7f2f DO |
178 | |
179 | if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer)) | |
7960dbec | 180 | goto err; |
a61b7f2f DO |
181 | cid->issuer->type = GEN_DIRNAME; |
182 | ||
183 | ASN1_INTEGER_free(cid->serialNumber); | |
184 | if ((cid->serialNumber = ASN1_INTEGER_dup(serial)) == NULL) | |
7960dbec | 185 | goto err; |
a61b7f2f DO |
186 | |
187 | return cid; | |
188 | ||
7960dbec | 189 | err: |
a61b7f2f DO |
190 | OSSL_CRMF_CERTID_free(cid); |
191 | return NULL; | |
192 | } | |
193 | ||
3dbc5156 DDO |
194 | /* |
195 | * id-regCtrl-protocolEncrKey Control (section 6.6) | |
196 | */ | |
a61b7f2f DO |
197 | IMPLEMENT_CRMF_CTRL_FUNC(protocolEncrKey, X509_PUBKEY, regCtrl) |
198 | ||
199 | /*- | |
200 | * Pushes the attribute given in regInfo in to the CertReqMsg->regInfo stack. | |
201 | * (section 7) | |
202 | * returns 1 on success, 0 on error | |
203 | */ | |
204 | static int OSSL_CRMF_MSG_push0_regInfo(OSSL_CRMF_MSG *crm, | |
205 | OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ri) | |
206 | { | |
207 | STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *info = NULL; | |
208 | ||
209 | if (crm == NULL || ri == NULL) { | |
210 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO, CRMF_R_NULL_ARGUMENT); | |
211 | return 0; | |
212 | } | |
213 | ||
214 | if (crm->regInfo == NULL) | |
215 | crm->regInfo = info = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null(); | |
216 | if (crm->regInfo == NULL) | |
7960dbec | 217 | goto err; |
a61b7f2f | 218 | if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->regInfo, ri)) |
7960dbec | 219 | goto err; |
a61b7f2f DO |
220 | return 1; |
221 | ||
7960dbec | 222 | err: |
a61b7f2f DO |
223 | if (info != NULL) |
224 | crm->regInfo = NULL; | |
225 | sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(info); | |
226 | return 0; | |
227 | } | |
228 | ||
229 | /* id-regInfo-utf8Pairs to regInfo (section 7.1) */ | |
230 | IMPLEMENT_CRMF_CTRL_FUNC(utf8Pairs, ASN1_UTF8STRING, regInfo) | |
231 | ||
232 | /* id-regInfo-certReq to regInfo (section 7.2) */ | |
233 | IMPLEMENT_CRMF_CTRL_FUNC(certReq, OSSL_CRMF_CERTREQUEST, regInfo) | |
234 | ||
235 | ||
236 | /* retrieves the certificate template of crm */ | |
237 | OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm) | |
238 | { | |
239 | if (crm == NULL || crm->certReq == NULL) { | |
240 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET0_TMPL, CRMF_R_NULL_ARGUMENT); | |
241 | return NULL; | |
242 | } | |
243 | return crm->certReq->certTemplate; | |
244 | } | |
245 | ||
246 | ||
11baa470 DDO |
247 | int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm, |
248 | ASN1_TIME *notBefore, ASN1_TIME *notAfter) | |
a61b7f2f | 249 | { |
11baa470 | 250 | OSSL_CRMF_OPTIONALVALIDITY *vld; |
a61b7f2f DO |
251 | OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm); |
252 | ||
253 | if (tmpl == NULL) { /* also crm == NULL implies this */ | |
11baa470 | 254 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_VALIDITY, CRMF_R_NULL_ARGUMENT); |
a61b7f2f DO |
255 | return 0; |
256 | } | |
257 | ||
a61b7f2f | 258 | if ((vld = OSSL_CRMF_OPTIONALVALIDITY_new()) == NULL) |
11baa470 DDO |
259 | return 0; |
260 | vld->notBefore = notBefore; | |
261 | vld->notAfter = notAfter; | |
a61b7f2f | 262 | tmpl->validity = vld; |
a61b7f2f | 263 | return 1; |
a61b7f2f DO |
264 | } |
265 | ||
266 | ||
267 | int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid) | |
268 | { | |
269 | if (crm == NULL || crm->certReq == NULL || crm->certReq->certReqId == NULL) { | |
270 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID, CRMF_R_NULL_ARGUMENT); | |
271 | return 0; | |
272 | } | |
273 | ||
274 | return ASN1_INTEGER_set(crm->certReq->certReqId, rid); | |
275 | } | |
276 | ||
277 | /* get ASN.1 encoded integer, return -1 on error */ | |
aac96e27 | 278 | static int crmf_asn1_get_int(const ASN1_INTEGER *a) |
a61b7f2f DO |
279 | { |
280 | int64_t res; | |
281 | ||
282 | if (!ASN1_INTEGER_get_int64(&res, a)) { | |
aac96e27 | 283 | CRMFerr(0, ASN1_R_INVALID_NUMBER); |
a61b7f2f DO |
284 | return -1; |
285 | } | |
286 | if (res < INT_MIN) { | |
aac96e27 | 287 | CRMFerr(0, ASN1_R_TOO_SMALL); |
a61b7f2f DO |
288 | return -1; |
289 | } | |
290 | if (res > INT_MAX) { | |
aac96e27 | 291 | CRMFerr(0, ASN1_R_TOO_LARGE); |
a61b7f2f DO |
292 | return -1; |
293 | } | |
294 | return (int)res; | |
295 | } | |
296 | ||
62dcd2aa | 297 | int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm) |
a61b7f2f DO |
298 | { |
299 | if (crm == NULL || /* not really needed: */ crm->certReq == NULL) { | |
300 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID, CRMF_R_NULL_ARGUMENT); | |
301 | return -1; | |
302 | } | |
aac96e27 | 303 | return crmf_asn1_get_int(crm->certReq->certReqId); |
a61b7f2f DO |
304 | } |
305 | ||
306 | ||
307 | int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm, | |
308 | X509_EXTENSIONS *exts) | |
309 | { | |
310 | OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm); | |
311 | ||
312 | if (tmpl == NULL) { /* also crm == NULL implies this */ | |
313 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS, CRMF_R_NULL_ARGUMENT); | |
314 | return 0; | |
315 | } | |
316 | ||
317 | if (sk_X509_EXTENSION_num(exts) == 0) { | |
318 | sk_X509_EXTENSION_free(exts); | |
319 | exts = NULL; /* do not include empty extensions list */ | |
320 | } | |
321 | ||
322 | sk_X509_EXTENSION_pop_free(tmpl->extensions, X509_EXTENSION_free); | |
323 | tmpl->extensions = exts; | |
324 | return 1; | |
325 | } | |
326 | ||
327 | ||
328 | int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, | |
7960dbec | 329 | X509_EXTENSION *ext) |
a61b7f2f DO |
330 | { |
331 | int new = 0; | |
332 | OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm); | |
333 | ||
334 | if (tmpl == NULL || ext == NULL) { /* also crm == NULL implies this */ | |
335 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION, CRMF_R_NULL_ARGUMENT); | |
336 | return 0; | |
337 | } | |
338 | ||
339 | if (tmpl->extensions == NULL) { | |
340 | if ((tmpl->extensions = sk_X509_EXTENSION_new_null()) == NULL) | |
7960dbec | 341 | goto err; |
a61b7f2f DO |
342 | new = 1; |
343 | } | |
344 | ||
7960dbec DDO |
345 | if (!sk_X509_EXTENSION_push(tmpl->extensions, ext)) |
346 | goto err; | |
a61b7f2f | 347 | return 1; |
7960dbec | 348 | err: |
a61b7f2f DO |
349 | if (new != 0) { |
350 | sk_X509_EXTENSION_free(tmpl->extensions); | |
351 | tmpl->extensions = NULL; | |
352 | } | |
353 | return 0; | |
354 | } | |
355 | ||
6d1f50b5 DDO |
356 | static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps, |
357 | const OSSL_CRMF_CERTREQUEST *cr, | |
358 | EVP_PKEY *pkey, const EVP_MD *digest, | |
359 | OPENSSL_CTX *libctx, const char *propq) | |
a61b7f2f | 360 | { |
a61b7f2f | 361 | if (ps == NULL || cr == NULL || pkey == NULL) { |
6d1f50b5 | 362 | CRMFerr(0, CRMF_R_NULL_ARGUMENT); |
a61b7f2f DO |
363 | return 0; |
364 | } | |
6d1f50b5 DDO |
365 | if (ps->poposkInput != NULL) { |
366 | /* TODO: support cases 1+2 defined in RFC 4211, section 4.1 */ | |
367 | CRMFerr(0, CRMF_R_POPOSKINPUT_NOT_SUPPORTED); | |
db4b3d83 | 368 | return 0; |
a61b7f2f | 369 | } |
a61b7f2f | 370 | |
6d1f50b5 DDO |
371 | return ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST), |
372 | ps->algorithmIdentifier, NULL, | |
373 | ps->signature, cr, NULL, pkey, digest, | |
374 | libctx, propq); | |
a61b7f2f DO |
375 | } |
376 | ||
377 | ||
6d1f50b5 DDO |
378 | int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, |
379 | EVP_PKEY *pkey, const EVP_MD *digest, | |
380 | OPENSSL_CTX *libctx, const char *propq) | |
a61b7f2f DO |
381 | { |
382 | OSSL_CRMF_POPO *pp = NULL; | |
383 | ASN1_INTEGER *tag = NULL; | |
384 | ||
6d1f50b5 | 385 | if (crm == NULL || (meth == OSSL_CRMF_POPO_SIGNATURE && pkey == NULL)) { |
a61b7f2f DO |
386 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, CRMF_R_NULL_ARGUMENT); |
387 | return 0; | |
388 | } | |
389 | ||
6d1f50b5 | 390 | if (meth == OSSL_CRMF_POPO_NONE) |
a61b7f2f DO |
391 | goto end; |
392 | if ((pp = OSSL_CRMF_POPO_new()) == NULL) | |
7960dbec | 393 | goto err; |
6d1f50b5 | 394 | pp->type = meth; |
a61b7f2f | 395 | |
6d1f50b5 | 396 | switch (meth) { |
a61b7f2f DO |
397 | case OSSL_CRMF_POPO_RAVERIFIED: |
398 | if ((pp->value.raVerified = ASN1_NULL_new()) == NULL) | |
7960dbec | 399 | goto err; |
a61b7f2f DO |
400 | break; |
401 | ||
402 | case OSSL_CRMF_POPO_SIGNATURE: | |
403 | { | |
404 | OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new(); | |
6d1f50b5 DDO |
405 | |
406 | if (ps == NULL) | |
407 | goto err; | |
408 | if (!create_popo_signature(ps, crm->certReq, pkey, digest, | |
409 | libctx, propq)) { | |
a61b7f2f DO |
410 | OSSL_CRMF_POPOSIGNINGKEY_free(ps); |
411 | goto err; | |
412 | } | |
413 | pp->value.signature = ps; | |
414 | } | |
415 | break; | |
416 | ||
417 | case OSSL_CRMF_POPO_KEYENC: | |
418 | if ((pp->value.keyEncipherment = OSSL_CRMF_POPOPRIVKEY_new()) == NULL) | |
7960dbec | 419 | goto err; |
a61b7f2f DO |
420 | tag = ASN1_INTEGER_new(); |
421 | pp->value.keyEncipherment->type = | |
422 | OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE; | |
423 | pp->value.keyEncipherment->value.subsequentMessage = tag; | |
424 | if (tag == NULL | |
425 | || !ASN1_INTEGER_set(tag, OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT)) | |
7960dbec | 426 | goto err; |
a61b7f2f DO |
427 | break; |
428 | ||
429 | default: | |
430 | CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, | |
431 | CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO); | |
432 | goto err; | |
433 | } | |
434 | ||
435 | end: | |
436 | OSSL_CRMF_POPO_free(crm->popo); | |
437 | crm->popo = pp; | |
438 | ||
439 | return 1; | |
a61b7f2f DO |
440 | err: |
441 | OSSL_CRMF_POPO_free(pp); | |
442 | return 0; | |
443 | } | |
444 | ||
a61b7f2f DO |
445 | /* verifies the Proof-of-Possession of the request with the given rid in reqs */ |
446 | int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, | |
6d1f50b5 DDO |
447 | int rid, int acceptRAVerified, |
448 | OPENSSL_CTX *libctx, const char *propq) | |
a61b7f2f DO |
449 | { |
450 | OSSL_CRMF_MSG *req = NULL; | |
451 | X509_PUBKEY *pubkey = NULL; | |
452 | OSSL_CRMF_POPOSIGNINGKEY *sig = NULL; | |
6d1f50b5 DDO |
453 | const ASN1_ITEM *it; |
454 | void *asn; | |
a61b7f2f | 455 | |
7269071e DDO |
456 | if (reqs == NULL || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL) { |
457 | CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, CRMF_R_NULL_ARGUMENT); | |
458 | return 0; | |
459 | } | |
460 | ||
461 | if (req->popo == NULL) { | |
462 | CRMFerr(0, CRMF_R_POPO_MISSING); | |
a61b7f2f DO |
463 | return 0; |
464 | } | |
465 | ||
466 | switch (req->popo->type) { | |
467 | case OSSL_CRMF_POPO_RAVERIFIED: | |
62dcd2aa DDO |
468 | if (!acceptRAVerified) { |
469 | CRMFerr(0, CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED); | |
470 | return 0; | |
471 | } | |
a61b7f2f DO |
472 | break; |
473 | case OSSL_CRMF_POPO_SIGNATURE: | |
474 | pubkey = req->certReq->certTemplate->publicKey; | |
62dcd2aa DDO |
475 | if (pubkey == NULL) { |
476 | CRMFerr(0, CRMF_R_POPO_MISSING_PUBLIC_KEY); | |
477 | return 0; | |
478 | } | |
a61b7f2f DO |
479 | sig = req->popo->value.signature; |
480 | if (sig->poposkInput != NULL) { | |
481 | /* | |
482 | * According to RFC 4211: publicKey contains a copy of | |
483 | * the public key from the certificate template. This MUST be | |
484 | * exactly the same value as contained in the certificate template. | |
485 | */ | |
62dcd2aa DDO |
486 | if (sig->poposkInput->publicKey == NULL) { |
487 | CRMFerr(0, CRMF_R_POPO_MISSING_PUBLIC_KEY); | |
488 | return 0; | |
489 | } | |
93f99b68 | 490 | if (X509_PUBKEY_eq(pubkey, sig->poposkInput->publicKey) != 1) { |
62dcd2aa DDO |
491 | CRMFerr(0, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY); |
492 | return 0; | |
493 | } | |
494 | /* | |
495 | * TODO check the contents of the authInfo sub-field, | |
496 | * see RFC 4211 https://tools.ietf.org/html/rfc4211#section-4.1 | |
497 | */ | |
6d1f50b5 DDO |
498 | it = ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT); |
499 | asn = sig->poposkInput; | |
a61b7f2f | 500 | } else { |
62dcd2aa DDO |
501 | if (req->certReq->certTemplate->subject == NULL) { |
502 | CRMFerr(0, CRMF_R_POPO_MISSING_SUBJECT); | |
503 | return 0; | |
504 | } | |
6d1f50b5 DDO |
505 | it = ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST); |
506 | asn = req->certReq; | |
a61b7f2f | 507 | } |
6d1f50b5 DDO |
508 | if (ASN1_item_verify_with_libctx(it, sig->algorithmIdentifier, |
509 | sig->signature, asn, NULL, | |
510 | X509_PUBKEY_get0(pubkey), | |
511 | libctx, propq) < 1) | |
512 | return 0; | |
62dcd2aa | 513 | break; |
a61b7f2f DO |
514 | case OSSL_CRMF_POPO_KEYENC: |
515 | /* | |
516 | * TODO: when OSSL_CMP_certrep_new() supports encrypted certs, | |
517 | * return 1 if the type of req->popo->value.keyEncipherment | |
518 | * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and | |
519 | * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT | |
3dbc5156 | 520 | */ |
a61b7f2f DO |
521 | case OSSL_CRMF_POPO_KEYAGREE: |
522 | default: | |
523 | CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, | |
524 | CRMF_R_UNSUPPORTED_POPO_METHOD); | |
525 | return 0; | |
526 | } | |
62dcd2aa | 527 | return 1; |
a61b7f2f DO |
528 | } |
529 | ||
530 | /* retrieves the serialNumber of the given cert template or NULL on error */ | |
62dcd2aa DDO |
531 | ASN1_INTEGER |
532 | *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl) | |
a61b7f2f DO |
533 | { |
534 | return tmpl != NULL ? tmpl->serialNumber : NULL; | |
535 | } | |
536 | ||
537 | /* retrieves the issuer name of the given cert template or NULL on error */ | |
8cc86b81 DDO |
538 | const X509_NAME |
539 | *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl) | |
a61b7f2f DO |
540 | { |
541 | return tmpl != NULL ? tmpl->issuer : NULL; | |
542 | } | |
543 | ||
7960dbec | 544 | /* retrieves the issuer name of the given CertId or NULL on error */ |
8cc86b81 | 545 | const X509_NAME *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid) |
7960dbec DDO |
546 | { |
547 | return cid != NULL && cid->issuer->type == GEN_DIRNAME ? | |
548 | cid->issuer->d.directoryName : NULL; | |
549 | } | |
550 | ||
551 | /* retrieves the serialNumber of the given CertId or NULL on error */ | |
552 | ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid) | |
553 | { | |
554 | return cid != NULL ? cid->serialNumber : NULL; | |
555 | } | |
556 | ||
557 | /*- | |
a61b7f2f DO |
558 | * fill in certificate template. |
559 | * Any value argument that is NULL will leave the respective field unchanged. | |
560 | */ | |
561 | int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, | |
562 | EVP_PKEY *pubkey, | |
563 | const X509_NAME *subject, | |
564 | const X509_NAME *issuer, | |
565 | const ASN1_INTEGER *serial) | |
566 | { | |
567 | if (tmpl == NULL) { | |
568 | CRMFerr(CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL, CRMF_R_NULL_ARGUMENT); | |
569 | return 0; | |
570 | } | |
8cc86b81 | 571 | if (subject != NULL && !X509_NAME_set((X509_NAME **)&tmpl->subject, subject)) |
7960dbec | 572 | return 0; |
8cc86b81 | 573 | if (issuer != NULL && !X509_NAME_set((X509_NAME **)&tmpl->issuer, issuer)) |
7960dbec | 574 | return 0; |
a61b7f2f DO |
575 | if (serial != NULL) { |
576 | ASN1_INTEGER_free(tmpl->serialNumber); | |
577 | if ((tmpl->serialNumber = ASN1_INTEGER_dup(serial)) == NULL) | |
7960dbec | 578 | return 0; |
a61b7f2f DO |
579 | } |
580 | if (pubkey != NULL && !X509_PUBKEY_set(&tmpl->publicKey, pubkey)) | |
7960dbec | 581 | return 0; |
a61b7f2f | 582 | return 1; |
a61b7f2f DO |
583 | } |
584 | ||
585 | ||
586 | /*- | |
7960dbec DDO |
587 | * Decrypts the certificate in the given encryptedValue using private key pkey. |
588 | * This is needed for the indirect PoP method as in RFC 4210 section 5.2.8.2. | |
a61b7f2f DO |
589 | * |
590 | * returns a pointer to the decrypted certificate | |
591 | * returns NULL on error or if no certificate available | |
592 | */ | |
6d1f50b5 DDO |
593 | X509 |
594 | *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, | |
595 | OPENSSL_CTX *libctx, const char *propq, | |
596 | EVP_PKEY *pkey) | |
a61b7f2f DO |
597 | { |
598 | X509 *cert = NULL; /* decrypted certificate */ | |
599 | EVP_CIPHER_CTX *evp_ctx = NULL; /* context for symmetric encryption */ | |
600 | unsigned char *ek = NULL; /* decrypted symmetric encryption key */ | |
f3f3318a | 601 | size_t eksize = 0; /* size of decrypted symmetric encryption key */ |
a61b7f2f | 602 | const EVP_CIPHER *cipher = NULL; /* used cipher */ |
f3f3318a | 603 | int cikeysize = 0; /* key size from cipher */ |
a61b7f2f DO |
604 | unsigned char *iv = NULL; /* initial vector for symmetric encryption */ |
605 | unsigned char *outbuf = NULL; /* decryption output buffer */ | |
606 | const unsigned char *p = NULL; /* needed for decoding ASN1 */ | |
607 | int symmAlg = 0; /* NIDs for symmetric algorithm */ | |
608 | int n, outlen = 0; | |
609 | EVP_PKEY_CTX *pkctx = NULL; /* private key context */ | |
610 | ||
611 | if (ecert == NULL || ecert->symmAlg == NULL || ecert->encSymmKey == NULL | |
612 | || ecert->encValue == NULL || pkey == NULL) { | |
613 | CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, | |
614 | CRMF_R_NULL_ARGUMENT); | |
615 | return NULL; | |
616 | } | |
617 | if ((symmAlg = OBJ_obj2nid(ecert->symmAlg->algorithm)) == 0) { | |
618 | CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, | |
619 | CRMF_R_UNSUPPORTED_CIPHER); | |
620 | return NULL; | |
621 | } | |
f3f3318a AK |
622 | /* select symmetric cipher based on algorithm given in message */ |
623 | if ((cipher = EVP_get_cipherbynid(symmAlg)) == NULL) { | |
624 | CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, | |
625 | CRMF_R_UNSUPPORTED_CIPHER); | |
626 | goto end; | |
627 | } | |
628 | cikeysize = EVP_CIPHER_key_length(cipher); | |
a61b7f2f | 629 | /* first the symmetric key needs to be decrypted */ |
6d1f50b5 | 630 | pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq); |
a61b7f2f DO |
631 | if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx)) { |
632 | ASN1_BIT_STRING *encKey = ecert->encSymmKey; | |
f3f3318a AK |
633 | size_t failure; |
634 | int retval; | |
a61b7f2f | 635 | |
f3f3318a AK |
636 | if (EVP_PKEY_decrypt(pkctx, NULL, &eksize, |
637 | encKey->data, encKey->length) <= 0 | |
638 | || (ek = OPENSSL_malloc(eksize)) == NULL) | |
7960dbec | 639 | goto end; |
f3f3318a AK |
640 | retval = EVP_PKEY_decrypt(pkctx, ek, &eksize, |
641 | encKey->data, encKey->length); | |
642 | ERR_clear_error(); /* error state may have sensitive information */ | |
643 | failure = ~constant_time_is_zero_s(constant_time_msb(retval) | |
644 | | constant_time_is_zero(retval)); | |
645 | failure |= ~constant_time_eq_s(eksize, (size_t)cikeysize); | |
646 | if (failure) { | |
a61b7f2f DO |
647 | CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, |
648 | CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY); | |
649 | goto end; | |
650 | } | |
651 | } else { | |
7960dbec | 652 | goto end; |
a61b7f2f | 653 | } |
a61b7f2f | 654 | if ((iv = OPENSSL_malloc(EVP_CIPHER_iv_length(cipher))) == NULL) |
7960dbec | 655 | goto end; |
a61b7f2f | 656 | if (ASN1_TYPE_get_octetstring(ecert->symmAlg->parameter, iv, |
3dbc5156 | 657 | EVP_CIPHER_iv_length(cipher)) |
a61b7f2f DO |
658 | != EVP_CIPHER_iv_length(cipher)) { |
659 | CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, | |
660 | CRMF_R_MALFORMED_IV); | |
661 | goto end; | |
662 | } | |
663 | ||
664 | /* | |
665 | * d2i_X509 changes the given pointer, so use p for decoding the message and | |
666 | * keep the original pointer in outbuf so the memory can be freed later | |
667 | */ | |
668 | if ((p = outbuf = OPENSSL_malloc(ecert->encValue->length + | |
669 | EVP_CIPHER_block_size(cipher))) == NULL | |
670 | || (evp_ctx = EVP_CIPHER_CTX_new()) == NULL) | |
7960dbec | 671 | goto end; |
a61b7f2f DO |
672 | EVP_CIPHER_CTX_set_padding(evp_ctx, 0); |
673 | ||
674 | if (!EVP_DecryptInit(evp_ctx, cipher, ek, iv) | |
675 | || !EVP_DecryptUpdate(evp_ctx, outbuf, &outlen, | |
676 | ecert->encValue->data, | |
677 | ecert->encValue->length) | |
678 | || !EVP_DecryptFinal(evp_ctx, outbuf + outlen, &n)) { | |
679 | CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, | |
680 | CRMF_R_ERROR_DECRYPTING_CERTIFICATE); | |
681 | goto end; | |
682 | } | |
683 | outlen += n; | |
684 | ||
685 | /* convert decrypted certificate from DER to internal ASN.1 structure */ | |
6d1f50b5 DDO |
686 | if ((cert = X509_new_with_libctx(libctx, propq)) == NULL) |
687 | goto end; | |
688 | if (d2i_X509(&cert, &p, outlen) == NULL) | |
a61b7f2f DO |
689 | CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, |
690 | CRMF_R_ERROR_DECODING_CERTIFICATE); | |
a61b7f2f DO |
691 | end: |
692 | EVP_PKEY_CTX_free(pkctx); | |
693 | OPENSSL_free(outbuf); | |
694 | EVP_CIPHER_CTX_free(evp_ctx); | |
f3f3318a | 695 | OPENSSL_clear_free(ek, eksize); |
a61b7f2f DO |
696 | OPENSSL_free(iv); |
697 | return cert; | |
698 | } |