1 /*-
2 * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2018
4 * Copyright Siemens AG 2015-2019
5 *
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 *
11 * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
12 */
13
14 /*
15 * This file contains the functions that handle the individual items inside
16 * the CRMF structures
17 */
18
19 /*
20 * NAMING
21 *
22 * The 0 functions use the supplied structure pointer directly in the parent and
23 * it will be freed up when the parent is freed.
24 *
25 * The 1 functions use a copy of the supplied structure pointer (or in some
26 * cases increases its link count) in the parent and so both should be freed up.
27 */
28
29 #include <openssl/asn1t.h>
30
31 #include "crmf_local.h"
32 #include "internal/sizes.h"
33 #include "crypto/evp.h"
34 #include "crypto/x509.h"
35
36 /* explicit #includes not strictly needed since implied by the above: */
37 #include <openssl/crmf.h>
38 #include <openssl/err.h>
39 #include <openssl/evp.h>
40
41 /*-
42 * atyp = Attribute Type
43 * valt = Value Type
44 * ctrlinf = "regCtrl" or "regInfo"
45 */
46 #define IMPLEMENT_CRMF_CTRL_FUNC(atyp, valt, ctrlinf) \
47 valt *OSSL_CRMF_MSG_get0_##ctrlinf##_##atyp(const OSSL_CRMF_MSG *msg) \
48 { \
49 int i; \
50 STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *controls; \
51 OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL; \
52 \
53 if (msg == NULL || msg->certReq == NULL) \
54 return NULL; \
55 controls = msg->certReq->controls; \
56 for (i = 0; i < sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_num(controls); i++) { \
57 atav = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_value(controls, i); \
58 if (OBJ_obj2nid(atav->type) == NID_id_##ctrlinf##_##atyp) \
59 return atav->value.atyp; \
60 } \
61 return NULL; \
62 } \
63 \
64 int OSSL_CRMF_MSG_set1_##ctrlinf##_##atyp(OSSL_CRMF_MSG *msg, const valt *in) \
65 { \
66 OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL; \
67 \
68 if (msg == NULL || in == NULL) \
69 goto err; \
70 if ((atav = OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new()) == NULL) \
71 goto err; \
72 if ((atav->type = OBJ_nid2obj(NID_id_##ctrlinf##_##atyp)) == NULL) \
73 goto err; \
74 if ((atav->value.atyp = valt##_dup(in)) == NULL) \
75 goto err; \
76 if (!OSSL_CRMF_MSG_push0_##ctrlinf(msg, atav)) \
77 goto err; \
78 return 1; \
79 err: \
80 OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(atav); \
81 return 0; \
82 }
83
84 /*-
85 * Pushes the given control attribute into the controls stack of a CertRequest
86 * (section 6)
87 * returns 1 on success, 0 on error
88 */
OSSL_CRMF_MSG_push0_regCtrl(OSSL_CRMF_MSG * crm,OSSL_CRMF_ATTRIBUTETYPEANDVALUE * ctrl)89 static int OSSL_CRMF_MSG_push0_regCtrl(OSSL_CRMF_MSG *crm,
90 OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ctrl)
91 {
92 int new = 0;
93
94 if (crm == NULL || crm->certReq == NULL || ctrl == NULL) {
95 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
96 return 0;
97 }
98
99 if (crm->certReq->controls == NULL) {
100 crm->certReq->controls = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null();
101 if (crm->certReq->controls == NULL)
102 goto err;
103 new = 1;
104 }
105 if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->certReq->controls, ctrl))
106 goto err;
107
108 return 1;
109 err:
110 if (new != 0) {
111 sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(crm->certReq->controls);
112 crm->certReq->controls = NULL;
113 }
114 return 0;
115 }
116
117 /* id-regCtrl-regToken Control (section 6.1) */
IMPLEMENT_CRMF_CTRL_FUNC(regToken,ASN1_STRING,regCtrl)118 IMPLEMENT_CRMF_CTRL_FUNC(regToken, ASN1_STRING, regCtrl)
119
120 /* id-regCtrl-authenticator Control (section 6.2) */
121 #define ASN1_UTF8STRING_dup ASN1_STRING_dup
122 IMPLEMENT_CRMF_CTRL_FUNC(authenticator, ASN1_UTF8STRING, regCtrl)
123
124 int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
125 int method, GENERAL_NAME *nm)
126 {
127 if (spi == NULL
128 || method < OSSL_CRMF_PUB_METHOD_DONTCARE
129 || method > OSSL_CRMF_PUB_METHOD_LDAP) {
130 ERR_raise(ERR_LIB_CRMF, ERR_R_PASSED_INVALID_ARGUMENT);
131 return 0;
132 }
133
134 if (!ASN1_INTEGER_set(spi->pubMethod, method))
135 return 0;
136 GENERAL_NAME_free(spi->pubLocation);
137 spi->pubLocation = nm;
138 return 1;
139 }
140
141 int
OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO * pi,OSSL_CRMF_SINGLEPUBINFO * spi)142 OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
143 OSSL_CRMF_SINGLEPUBINFO *spi)
144 {
145 if (pi == NULL || spi == NULL) {
146 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
147 return 0;
148 }
149 if (pi->pubInfos == NULL)
150 pi->pubInfos = sk_OSSL_CRMF_SINGLEPUBINFO_new_null();
151 if (pi->pubInfos == NULL)
152 return 0;
153
154 return sk_OSSL_CRMF_SINGLEPUBINFO_push(pi->pubInfos, spi);
155 }
156
OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO * pi,int action)157 int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
158 int action)
159 {
160 if (pi == NULL
161 || action < OSSL_CRMF_PUB_ACTION_DONTPUBLISH
162 || action > OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH) {
163 ERR_raise(ERR_LIB_CRMF, ERR_R_PASSED_INVALID_ARGUMENT);
164 return 0;
165 }
166
167 return ASN1_INTEGER_set(pi->action, action);
168 }
169
170 /* id-regCtrl-pkiPublicationInfo Control (section 6.3) */
IMPLEMENT_CRMF_CTRL_FUNC(pkiPublicationInfo,OSSL_CRMF_PKIPUBLICATIONINFO,regCtrl)171 IMPLEMENT_CRMF_CTRL_FUNC(pkiPublicationInfo, OSSL_CRMF_PKIPUBLICATIONINFO,
172 regCtrl)
173
174 /* id-regCtrl-oldCertID Control (section 6.5) from the given */
175 IMPLEMENT_CRMF_CTRL_FUNC(oldCertID, OSSL_CRMF_CERTID, regCtrl)
176
177 OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
178 const ASN1_INTEGER *serial)
179 {
180 OSSL_CRMF_CERTID *cid = NULL;
181
182 if (issuer == NULL || serial == NULL) {
183 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
184 return NULL;
185 }
186
187 if ((cid = OSSL_CRMF_CERTID_new()) == NULL)
188 goto err;
189
190 if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer))
191 goto err;
192 cid->issuer->type = GEN_DIRNAME;
193
194 ASN1_INTEGER_free(cid->serialNumber);
195 if ((cid->serialNumber = ASN1_INTEGER_dup(serial)) == NULL)
196 goto err;
197
198 return cid;
199
200 err:
201 OSSL_CRMF_CERTID_free(cid);
202 return NULL;
203 }
204
205 /*
206 * id-regCtrl-protocolEncrKey Control (section 6.6)
207 */
IMPLEMENT_CRMF_CTRL_FUNC(protocolEncrKey,X509_PUBKEY,regCtrl)208 IMPLEMENT_CRMF_CTRL_FUNC(protocolEncrKey, X509_PUBKEY, regCtrl)
209
210 /*-
211 * Pushes the attribute given in regInfo in to the CertReqMsg->regInfo stack.
212 * (section 7)
213 * returns 1 on success, 0 on error
214 */
215 static int OSSL_CRMF_MSG_push0_regInfo(OSSL_CRMF_MSG *crm,
216 OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ri)
217 {
218 STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *info = NULL;
219
220 if (crm == NULL || ri == NULL) {
221 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
222 return 0;
223 }
224
225 if (crm->regInfo == NULL)
226 crm->regInfo = info = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null();
227 if (crm->regInfo == NULL)
228 goto err;
229 if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->regInfo, ri))
230 goto err;
231 return 1;
232
233 err:
234 if (info != NULL)
235 crm->regInfo = NULL;
236 sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(info);
237 return 0;
238 }
239
240 /* id-regInfo-utf8Pairs to regInfo (section 7.1) */
IMPLEMENT_CRMF_CTRL_FUNC(utf8Pairs,ASN1_UTF8STRING,regInfo)241 IMPLEMENT_CRMF_CTRL_FUNC(utf8Pairs, ASN1_UTF8STRING, regInfo)
242
243 /* id-regInfo-certReq to regInfo (section 7.2) */
244 IMPLEMENT_CRMF_CTRL_FUNC(certReq, OSSL_CRMF_CERTREQUEST, regInfo)
245
246 /* retrieves the certificate template of crm */
247 OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm)
248 {
249 if (crm == NULL || crm->certReq == NULL) {
250 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
251 return NULL;
252 }
253 return crm->certReq->certTemplate;
254 }
255
OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG * crm,ASN1_TIME * notBefore,ASN1_TIME * notAfter)256 int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm,
257 ASN1_TIME *notBefore, ASN1_TIME *notAfter)
258 {
259 OSSL_CRMF_OPTIONALVALIDITY *vld;
260 OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
261
262 if (tmpl == NULL) { /* also crm == NULL implies this */
263 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
264 return 0;
265 }
266
267 if ((vld = OSSL_CRMF_OPTIONALVALIDITY_new()) == NULL)
268 return 0;
269 vld->notBefore = notBefore;
270 vld->notAfter = notAfter;
271 tmpl->validity = vld;
272 return 1;
273 }
274
OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG * crm,int rid)275 int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid)
276 {
277 if (crm == NULL || crm->certReq == NULL || crm->certReq->certReqId == NULL) {
278 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
279 return 0;
280 }
281
282 return ASN1_INTEGER_set(crm->certReq->certReqId, rid);
283 }
284
285 /* get ASN.1 encoded integer, return -1 on error */
crmf_asn1_get_int(const ASN1_INTEGER * a)286 static int crmf_asn1_get_int(const ASN1_INTEGER *a)
287 {
288 int64_t res;
289
290 if (!ASN1_INTEGER_get_int64(&res, a)) {
291 ERR_raise(ERR_LIB_CRMF, ASN1_R_INVALID_NUMBER);
292 return -1;
293 }
294 if (res < INT_MIN) {
295 ERR_raise(ERR_LIB_CRMF, ASN1_R_TOO_SMALL);
296 return -1;
297 }
298 if (res > INT_MAX) {
299 ERR_raise(ERR_LIB_CRMF, ASN1_R_TOO_LARGE);
300 return -1;
301 }
302 return (int)res;
303 }
304
OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG * crm)305 int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm)
306 {
307 if (crm == NULL || /* not really needed: */ crm->certReq == NULL) {
308 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
309 return -1;
310 }
311 return crmf_asn1_get_int(crm->certReq->certReqId);
312 }
313
OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG * crm,X509_EXTENSIONS * exts)314 int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm,
315 X509_EXTENSIONS *exts)
316 {
317 OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
318
319 if (tmpl == NULL) { /* also crm == NULL implies this */
320 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
321 return 0;
322 }
323
324 if (sk_X509_EXTENSION_num(exts) == 0) {
325 sk_X509_EXTENSION_free(exts);
326 exts = NULL; /* do not include empty extensions list */
327 }
328
329 sk_X509_EXTENSION_pop_free(tmpl->extensions, X509_EXTENSION_free);
330 tmpl->extensions = exts;
331 return 1;
332 }
333
OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG * crm,X509_EXTENSION * ext)334 int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm,
335 X509_EXTENSION *ext)
336 {
337 int new = 0;
338 OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
339
340 if (tmpl == NULL || ext == NULL) { /* also crm == NULL implies this */
341 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
342 return 0;
343 }
344
345 if (tmpl->extensions == NULL) {
346 if ((tmpl->extensions = sk_X509_EXTENSION_new_null()) == NULL)
347 goto err;
348 new = 1;
349 }
350
351 if (!sk_X509_EXTENSION_push(tmpl->extensions, ext))
352 goto err;
353 return 1;
354 err:
355 if (new != 0) {
356 sk_X509_EXTENSION_free(tmpl->extensions);
357 tmpl->extensions = NULL;
358 }
359 return 0;
360 }
361
create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY * ps,const OSSL_CRMF_CERTREQUEST * cr,EVP_PKEY * pkey,const EVP_MD * digest,OSSL_LIB_CTX * libctx,const char * propq)362 static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps,
363 const OSSL_CRMF_CERTREQUEST *cr,
364 EVP_PKEY *pkey, const EVP_MD *digest,
365 OSSL_LIB_CTX *libctx, const char *propq)
366 {
367 char name[80] = "";
368 EVP_PKEY *pub;
369
370 if (ps == NULL || cr == NULL || pkey == NULL) {
371 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
372 return 0;
373 }
374 pub = X509_PUBKEY_get0(cr->certTemplate->publicKey);
375 if (!ossl_x509_check_private_key(pub, pkey))
376 return 0;
377
378 if (ps->poposkInput != NULL) {
379 /* We do not support cases 1+2 defined in RFC 4211, section 4.1 */
380 ERR_raise(ERR_LIB_CRMF, CRMF_R_POPOSKINPUT_NOT_SUPPORTED);
381 return 0;
382 }
383
384 if (EVP_PKEY_get_default_digest_name(pkey, name, sizeof(name)) > 0
385 && strcmp(name, "UNDEF") == 0) /* at least for Ed25519, Ed448 */
386 digest = NULL;
387
388 return ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
389 ps->algorithmIdentifier, /* sets this X509_ALGOR */
390 NULL, ps->signature, /* sets the ASN1_BIT_STRING */
391 cr, NULL, pkey, digest, libctx, propq);
392 }
393
OSSL_CRMF_MSG_create_popo(int meth,OSSL_CRMF_MSG * crm,EVP_PKEY * pkey,const EVP_MD * digest,OSSL_LIB_CTX * libctx,const char * propq)394 int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm,
395 EVP_PKEY *pkey, const EVP_MD *digest,
396 OSSL_LIB_CTX *libctx, const char *propq)
397 {
398 OSSL_CRMF_POPO *pp = NULL;
399 ASN1_INTEGER *tag = NULL;
400
401 if (crm == NULL || (meth == OSSL_CRMF_POPO_SIGNATURE && pkey == NULL)) {
402 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
403 return 0;
404 }
405
406 if (meth == OSSL_CRMF_POPO_NONE)
407 goto end;
408 if ((pp = OSSL_CRMF_POPO_new()) == NULL)
409 goto err;
410 pp->type = meth;
411
412 switch (meth) {
413 case OSSL_CRMF_POPO_RAVERIFIED:
414 if ((pp->value.raVerified = ASN1_NULL_new()) == NULL)
415 goto err;
416 break;
417
418 case OSSL_CRMF_POPO_SIGNATURE:
419 {
420 OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new();
421
422 if (ps == NULL)
423 goto err;
424 if (!create_popo_signature(ps, crm->certReq, pkey, digest,
425 libctx, propq)) {
426 OSSL_CRMF_POPOSIGNINGKEY_free(ps);
427 goto err;
428 }
429 pp->value.signature = ps;
430 }
431 break;
432
433 case OSSL_CRMF_POPO_KEYENC:
434 if ((pp->value.keyEncipherment = OSSL_CRMF_POPOPRIVKEY_new()) == NULL)
435 goto err;
436 tag = ASN1_INTEGER_new();
437 pp->value.keyEncipherment->type =
438 OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE;
439 pp->value.keyEncipherment->value.subsequentMessage = tag;
440 if (tag == NULL
441 || !ASN1_INTEGER_set(tag, OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT))
442 goto err;
443 break;
444
445 default:
446 ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO);
447 goto err;
448 }
449
450 end:
451 OSSL_CRMF_POPO_free(crm->popo);
452 crm->popo = pp;
453
454 return 1;
455 err:
456 OSSL_CRMF_POPO_free(pp);
457 return 0;
458 }
459
460 /* verifies the Proof-of-Possession of the request with the given rid in reqs */
OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS * reqs,int rid,int acceptRAVerified,OSSL_LIB_CTX * libctx,const char * propq)461 int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
462 int rid, int acceptRAVerified,
463 OSSL_LIB_CTX *libctx, const char *propq)
464 {
465 OSSL_CRMF_MSG *req = NULL;
466 X509_PUBKEY *pubkey = NULL;
467 OSSL_CRMF_POPOSIGNINGKEY *sig = NULL;
468 const ASN1_ITEM *it;
469 void *asn;
470
471 if (reqs == NULL || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL) {
472 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
473 return 0;
474 }
475
476 if (req->popo == NULL) {
477 ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_MISSING);
478 return 0;
479 }
480
481 switch (req->popo->type) {
482 case OSSL_CRMF_POPO_RAVERIFIED:
483 if (!acceptRAVerified) {
484 ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED);
485 return 0;
486 }
487 break;
488 case OSSL_CRMF_POPO_SIGNATURE:
489 pubkey = req->certReq->certTemplate->publicKey;
490 if (pubkey == NULL) {
491 ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_MISSING_PUBLIC_KEY);
492 return 0;
493 }
494 sig = req->popo->value.signature;
495 if (sig->poposkInput != NULL) {
496 /*
497 * According to RFC 4211: publicKey contains a copy of
498 * the public key from the certificate template. This MUST be
499 * exactly the same value as contained in the certificate template.
500 */
501 if (sig->poposkInput->publicKey == NULL) {
502 ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_MISSING_PUBLIC_KEY);
503 return 0;
504 }
505 if (X509_PUBKEY_eq(pubkey, sig->poposkInput->publicKey) != 1) {
506 ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY);
507 return 0;
508 }
509
510 /*
511 * Should check at this point the contents of the authInfo sub-field
512 * as requested in FR #19807 according to RFC 4211 section 4.1.
513 */
514
515 it = ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT);
516 asn = sig->poposkInput;
517 } else {
518 if (req->certReq->certTemplate->subject == NULL) {
519 ERR_raise(ERR_LIB_CRMF, CRMF_R_POPO_MISSING_SUBJECT);
520 return 0;
521 }
522 it = ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST);
523 asn = req->certReq;
524 }
525 if (ASN1_item_verify_ex(it, sig->algorithmIdentifier, sig->signature,
526 asn, NULL, X509_PUBKEY_get0(pubkey), libctx,
527 propq) < 1)
528 return 0;
529 break;
530 case OSSL_CRMF_POPO_KEYENC:
531 /*
532 * When OSSL_CMP_certrep_new() supports encrypted certs,
533 * should return 1 if the type of req->popo->value.keyEncipherment
534 * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and
535 * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT
536 */
537 case OSSL_CRMF_POPO_KEYAGREE:
538 default:
539 ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_POPO_METHOD);
540 return 0;
541 }
542 return 1;
543 }
544
545 X509_PUBKEY
OSSL_CRMF_CERTTEMPLATE_get0_publicKey(const OSSL_CRMF_CERTTEMPLATE * tmpl)546 *OSSL_CRMF_CERTTEMPLATE_get0_publicKey(const OSSL_CRMF_CERTTEMPLATE *tmpl)
547 {
548 return tmpl != NULL ? tmpl->publicKey : NULL;
549 }
550
551 const ASN1_INTEGER
OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE * tmpl)552 *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl)
553 {
554 return tmpl != NULL ? tmpl->serialNumber : NULL;
555 }
556
557 const X509_NAME
OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE * tmpl)558 *OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl)
559 {
560 return tmpl != NULL ? tmpl->subject : NULL;
561 }
562
563 const X509_NAME
OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE * tmpl)564 *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl)
565 {
566 return tmpl != NULL ? tmpl->issuer : NULL;
567 }
568
569 X509_EXTENSIONS
OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE * tmpl)570 *OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl)
571 {
572 return tmpl != NULL ? tmpl->extensions : NULL;
573 }
574
OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID * cid)575 const X509_NAME *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid)
576 {
577 return cid != NULL && cid->issuer->type == GEN_DIRNAME ?
578 cid->issuer->d.directoryName : NULL;
579 }
580
OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID * cid)581 const ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID
582 *cid)
583 {
584 return cid != NULL ? cid->serialNumber : NULL;
585 }
586
587 /*-
588 * Fill in the certificate template |tmpl|.
589 * Any other NULL argument will leave the respective field unchanged.
590 */
OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE * tmpl,EVP_PKEY * pubkey,const X509_NAME * subject,const X509_NAME * issuer,const ASN1_INTEGER * serial)591 int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
592 EVP_PKEY *pubkey,
593 const X509_NAME *subject,
594 const X509_NAME *issuer,
595 const ASN1_INTEGER *serial)
596 {
597 if (tmpl == NULL) {
598 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
599 return 0;
600 }
601 if (subject != NULL && !X509_NAME_set((X509_NAME **)&tmpl->subject, subject))
602 return 0;
603 if (issuer != NULL && !X509_NAME_set((X509_NAME **)&tmpl->issuer, issuer))
604 return 0;
605 if (serial != NULL) {
606 ASN1_INTEGER_free(tmpl->serialNumber);
607 if ((tmpl->serialNumber = ASN1_INTEGER_dup(serial)) == NULL)
608 return 0;
609 }
610 if (pubkey != NULL && !X509_PUBKEY_set(&tmpl->publicKey, pubkey))
611 return 0;
612 return 1;
613 }
614
615 /*-
616 * Decrypts the certificate in the given encryptedValue using private key pkey.
617 * This is needed for the indirect PoP method as in RFC 4210 section 5.2.8.2.
618 *
619 * returns a pointer to the decrypted certificate
620 * returns NULL on error or if no certificate available
621 */
622 X509
OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE * ecert,OSSL_LIB_CTX * libctx,const char * propq,EVP_PKEY * pkey)623 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
624 OSSL_LIB_CTX *libctx, const char *propq,
625 EVP_PKEY *pkey)
626 {
627 X509 *cert = NULL; /* decrypted certificate */
628 EVP_CIPHER_CTX *evp_ctx = NULL; /* context for symmetric encryption */
629 unsigned char *ek = NULL; /* decrypted symmetric encryption key */
630 size_t eksize = 0; /* size of decrypted symmetric encryption key */
631 EVP_CIPHER *cipher = NULL; /* used cipher */
632 int cikeysize = 0; /* key size from cipher */
633 unsigned char *iv = NULL; /* initial vector for symmetric encryption */
634 unsigned char *outbuf = NULL; /* decryption output buffer */
635 const unsigned char *p = NULL; /* needed for decoding ASN1 */
636 int n, outlen = 0;
637 EVP_PKEY_CTX *pkctx = NULL; /* private key context */
638 char name[OSSL_MAX_NAME_SIZE];
639
640 if (ecert == NULL || ecert->symmAlg == NULL || ecert->encSymmKey == NULL
641 || ecert->encValue == NULL || pkey == NULL) {
642 ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
643 return NULL;
644 }
645
646 /* select symmetric cipher based on algorithm given in message */
647 OBJ_obj2txt(name, sizeof(name), ecert->symmAlg->algorithm, 0);
648
649 (void)ERR_set_mark();
650 cipher = EVP_CIPHER_fetch(NULL, name, NULL);
651
652 if (cipher == NULL)
653 cipher = (EVP_CIPHER *)EVP_get_cipherbyname(name);
654
655 if (cipher == NULL) {
656 (void)ERR_clear_last_mark();
657 ERR_raise(ERR_LIB_CRMF, CRMF_R_UNSUPPORTED_CIPHER);
658 goto end;
659 }
660 (void)ERR_pop_to_mark();
661
662 cikeysize = EVP_CIPHER_get_key_length(cipher);
663 /* first the symmetric key needs to be decrypted */
664 pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
665 if (pkctx == NULL || EVP_PKEY_decrypt_init(pkctx) <= 0
666 || evp_pkey_decrypt_alloc(pkctx, &ek, &eksize, (size_t)cikeysize,
667 ecert->encSymmKey->data,
668 ecert->encSymmKey->length) <= 0)
669 goto end;
670
671 if ((iv = OPENSSL_malloc(EVP_CIPHER_get_iv_length(cipher))) == NULL)
672 goto end;
673 if (ASN1_TYPE_get_octetstring(ecert->symmAlg->parameter, iv,
674 EVP_CIPHER_get_iv_length(cipher))
675 != EVP_CIPHER_get_iv_length(cipher)) {
676 ERR_raise(ERR_LIB_CRMF, CRMF_R_MALFORMED_IV);
677 goto end;
678 }
679
680 /*
681 * d2i_X509 changes the given pointer, so use p for decoding the message and
682 * keep the original pointer in outbuf so the memory can be freed later
683 */
684 if ((p = outbuf = OPENSSL_malloc(ecert->encValue->length +
685 EVP_CIPHER_get_block_size(cipher))) == NULL
686 || (evp_ctx = EVP_CIPHER_CTX_new()) == NULL)
687 goto end;
688 EVP_CIPHER_CTX_set_padding(evp_ctx, 0);
689
690 if (!EVP_DecryptInit(evp_ctx, cipher, ek, iv)
691 || !EVP_DecryptUpdate(evp_ctx, outbuf, &outlen,
692 ecert->encValue->data,
693 ecert->encValue->length)
694 || !EVP_DecryptFinal(evp_ctx, outbuf + outlen, &n)) {
695 ERR_raise(ERR_LIB_CRMF, CRMF_R_ERROR_DECRYPTING_CERTIFICATE);
696 goto end;
697 }
698 outlen += n;
699
700 /* convert decrypted certificate from DER to internal ASN.1 structure */
701 if ((cert = X509_new_ex(libctx, propq)) == NULL)
702 goto end;
703 if (d2i_X509(&cert, &p, outlen) == NULL)
704 ERR_raise(ERR_LIB_CRMF, CRMF_R_ERROR_DECODING_CERTIFICATE);
705 end:
706 EVP_PKEY_CTX_free(pkctx);
707 OPENSSL_free(outbuf);
708 EVP_CIPHER_CTX_free(evp_ctx);
709 EVP_CIPHER_free(cipher);
710 OPENSSL_clear_free(ek, eksize);
711 OPENSSL_free(iv);
712 return cert;
713 }
714
