1 /*- 2 * Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright Nokia 2007-2019 4 * Copyright Siemens AG 2015-2019 5 * 6 * Licensed under the Apache License 2.0 (the "License"). You may not use 7 * this file except in compliance with the License. You can obtain a copy 8 * in the file LICENSE in the source distribution or at 9 * https://www.openssl.org/source/license.html 10 * 11 * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb. 12 */ 13 14 #ifndef OSSL_CRYPTO_CRMF_LOCAL_H 15 # define OSSL_CRYPTO_CRMF_LOCAL_H 16 17 # include <openssl/crmf.h> 18 # include <openssl/err.h> 19 # include "internal/crmf.h" /* for ossl_crmf_attributetypeandvalue_st */ 20 21 /* explicit #includes not strictly needed since implied by the above: */ 22 # include <openssl/types.h> 23 # include <openssl/safestack.h> 24 # include <openssl/x509.h> 25 # include <openssl/x509v3.h> 26 27 /*- 28 * EncryptedValue ::= SEQUENCE { 29 * intendedAlg [0] AlgorithmIdentifier OPTIONAL, 30 * -- the intended algorithm for which the value will be used 31 * symmAlg [1] AlgorithmIdentifier OPTIONAL, 32 * -- the symmetric algorithm used to encrypt the value 33 * encSymmKey [2] BIT STRING OPTIONAL, 34 * -- the (encrypted) symmetric key used to encrypt the value 35 * keyAlg [3] AlgorithmIdentifier OPTIONAL, 36 * -- algorithm used to encrypt the symmetric key 37 * valueHint [4] OCTET STRING OPTIONAL, 38 * -- a brief description or identifier of the encValue content 39 * -- (may be meaningful only to the sending entity, and 40 * -- used only if EncryptedValue might be re-examined 41 * -- by the sending entity in the future) 42 * encValue BIT STRING 43 * -- the encrypted value itself 44 * } 45 */ 46 struct ossl_crmf_encryptedvalue_st { 47 X509_ALGOR *intendedAlg; /* 0 */ 48 X509_ALGOR *symmAlg; /* 1 */ 49 ASN1_BIT_STRING *encSymmKey; /* 2 */ 50 X509_ALGOR *keyAlg; /* 3 */ 51 ASN1_OCTET_STRING *valueHint; /* 4 */ 52 ASN1_BIT_STRING *encValue; 53 } /* OSSL_CRMF_ENCRYPTEDVALUE */; 54 55 /*- 56 * Attributes ::= SET OF Attribute 57 * => X509_ATTRIBUTE 58 * 59 * PrivateKeyInfo ::= SEQUENCE { 60 * version INTEGER, 61 * privateKeyAlgorithm AlgorithmIdentifier, 62 * privateKey OCTET STRING, 63 * attributes [0] IMPLICIT Attributes OPTIONAL 64 * } 65 */ 66 typedef struct ossl_crmf_privatekeyinfo_st { 67 ASN1_INTEGER *version; 68 X509_ALGOR *privateKeyAlgorithm; 69 ASN1_OCTET_STRING *privateKey; 70 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ 71 } OSSL_CRMF_PRIVATEKEYINFO; 72 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PRIVATEKEYINFO) 73 74 /*- 75 * section 4.2.1 Private Key Info Content Type 76 * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} 77 * 78 * EncKeyWithID ::= SEQUENCE { 79 * privateKey PrivateKeyInfo, 80 * identifier CHOICE { 81 * string UTF8String, 82 * generalName GeneralName 83 * } OPTIONAL 84 * } 85 */ 86 typedef struct ossl_crmf_enckeywithid_identifier_st { 87 int type; 88 union { 89 ASN1_UTF8STRING *string; 90 GENERAL_NAME *generalName; 91 } value; 92 } OSSL_CRMF_ENCKEYWITHID_IDENTIFIER; 93 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) 94 95 typedef struct ossl_crmf_enckeywithid_st { 96 OSSL_CRMF_PRIVATEKEYINFO *privateKey; 97 /* [0] */ 98 OSSL_CRMF_ENCKEYWITHID_IDENTIFIER *identifier; 99 } OSSL_CRMF_ENCKEYWITHID; 100 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID) 101 102 /*- 103 * CertId ::= SEQUENCE { 104 * issuer GeneralName, 105 * serialNumber INTEGER 106 * } 107 */ 108 struct ossl_crmf_certid_st { 109 GENERAL_NAME *issuer; 110 ASN1_INTEGER *serialNumber; 111 } /* OSSL_CRMF_CERTID */; 112 113 /*- 114 * SinglePubInfo ::= SEQUENCE { 115 * pubMethod INTEGER { 116 * dontCare (0), 117 * x500 (1), 118 * web (2), 119 * ldap (3) }, 120 * pubLocation GeneralName OPTIONAL 121 * } 122 */ 123 struct ossl_crmf_singlepubinfo_st { 124 ASN1_INTEGER *pubMethod; 125 GENERAL_NAME *pubLocation; 126 } /* OSSL_CRMF_SINGLEPUBINFO */; 127 DEFINE_STACK_OF(OSSL_CRMF_SINGLEPUBINFO) 128 typedef STACK_OF(OSSL_CRMF_SINGLEPUBINFO) OSSL_CRMF_PUBINFOS; 129 130 /*- 131 * PKIPublicationInfo ::= SEQUENCE { 132 * action INTEGER { 133 * dontPublish (0), 134 * pleasePublish (1) }, 135 * pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL 136 * -- pubInfos MUST NOT be present if action is "dontPublish" 137 * -- (if action is "pleasePublish" and pubInfos is omitted, 138 * -- "dontCare" is assumed) 139 * } 140 */ 141 struct ossl_crmf_pkipublicationinfo_st { 142 ASN1_INTEGER *action; 143 OSSL_CRMF_PUBINFOS *pubInfos; 144 } /* OSSL_CRMF_PKIPUBLICATIONINFO */; 145 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_PKIPUBLICATIONINFO) 146 147 /*- 148 * PKMACValue ::= SEQUENCE { 149 * algId AlgorithmIdentifier, 150 * -- algorithm value shall be PasswordBasedMac {1 2 840 113533 7 66 13} 151 * -- parameter value is PBMParameter 152 * value BIT STRING 153 * } 154 */ 155 typedef struct ossl_crmf_pkmacvalue_st { 156 X509_ALGOR *algId; 157 ASN1_BIT_STRING *value; 158 } OSSL_CRMF_PKMACVALUE; 159 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE) 160 161 /*- 162 * SubsequentMessage ::= INTEGER { 163 * encrCert (0), 164 * -- requests that resulting certificate be encrypted for the 165 * -- end entity (following which, POP will be proven in a 166 * -- confirmation message) 167 * challengeResp (1) 168 * -- requests that CA engage in challenge-response exchange with 169 * -- end entity in order to prove private key possession 170 * } 171 * 172 * POPOPrivKey ::= CHOICE { 173 * thisMessage [0] BIT STRING, -- Deprecated 174 * -- possession is proven in this message (which contains the private 175 * -- key itself (encrypted for the CA)) 176 * subsequentMessage [1] SubsequentMessage, 177 * -- possession will be proven in a subsequent message 178 * dhMAC [2] BIT STRING, -- Deprecated 179 * agreeMAC [3] PKMACValue, 180 * encryptedKey [4] EnvelopedData 181 * } 182 */ 183 184 typedef struct ossl_crmf_popoprivkey_st { 185 int type; 186 union { 187 ASN1_BIT_STRING *thisMessage; /* 0 */ /* Deprecated */ 188 ASN1_INTEGER *subsequentMessage; /* 1 */ 189 ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */ 190 OSSL_CRMF_PKMACVALUE *agreeMAC; /* 3 */ 191 ASN1_NULL *encryptedKey; /* 4 */ 192 /* When supported, ASN1_NULL needs to be replaced by CMS_ENVELOPEDDATA */ 193 } value; 194 } OSSL_CRMF_POPOPRIVKEY; 195 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOPRIVKEY) 196 197 /*- 198 * PBMParameter ::= SEQUENCE { 199 * salt OCTET STRING, 200 * owf AlgorithmIdentifier, 201 * -- AlgId for a One-Way Function (SHA-1 recommended) 202 * iterationCount INTEGER, 203 * -- number of times the OWF is applied 204 * mac AlgorithmIdentifier 205 * -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], 206 * -- or HMAC [HMAC, RFC2202]) 207 * } 208 */ 209 struct ossl_crmf_pbmparameter_st { 210 ASN1_OCTET_STRING *salt; 211 X509_ALGOR *owf; 212 ASN1_INTEGER *iterationCount; 213 X509_ALGOR *mac; 214 } /* OSSL_CRMF_PBMPARAMETER */; 215 # define OSSL_CRMF_PBM_MAX_ITERATION_COUNT 100000 /* if too large allows DoS */ 216 217 /*- 218 * POPOSigningKeyInput ::= SEQUENCE { 219 * authInfo CHOICE { 220 * sender [0] GeneralName, 221 * -- used only if an authenticated identity has been 222 * -- established for the sender (e.g., a DN from a 223 * -- previously-issued and currently-valid certificate) 224 * publicKeyMAC PKMACValue }, 225 * -- used if no authenticated GeneralName currently exists for 226 * -- the sender; publicKeyMAC contains a password-based MAC 227 * -- on the DER-encoded value of publicKey 228 * publicKey SubjectPublicKeyInfo -- from CertTemplate 229 * } 230 */ 231 typedef struct ossl_crmf_poposigningkeyinput_authinfo_st { 232 int type; 233 union { 234 /* 0 */ GENERAL_NAME *sender; 235 /* 1 */ OSSL_CRMF_PKMACVALUE *publicKeyMAC; 236 } value; 237 } OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO; 238 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO) 239 240 typedef struct ossl_crmf_poposigningkeyinput_st { 241 OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO *authInfo; 242 X509_PUBKEY *publicKey; 243 } OSSL_CRMF_POPOSIGNINGKEYINPUT; 244 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT) 245 246 /*- 247 * POPOSigningKey ::= SEQUENCE { 248 * poposkInput [0] POPOSigningKeyInput OPTIONAL, 249 * algorithmIdentifier AlgorithmIdentifier, 250 * signature BIT STRING 251 * } 252 */ 253 struct ossl_crmf_poposigningkey_st { 254 OSSL_CRMF_POPOSIGNINGKEYINPUT *poposkInput; 255 X509_ALGOR *algorithmIdentifier; 256 ASN1_BIT_STRING *signature; 257 } /* OSSL_CRMF_POPOSIGNINGKEY */; 258 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEY) 259 260 /*- 261 * ProofOfPossession ::= CHOICE { 262 * raVerified [0] NULL, 263 * -- used if the RA has already verified that the requester is in 264 * -- possession of the private key 265 * signature [1] POPOSigningKey, 266 * keyEncipherment [2] POPOPrivKey, 267 * keyAgreement [3] POPOPrivKey 268 * } 269 */ 270 typedef struct ossl_crmf_popo_st { 271 int type; 272 union { 273 ASN1_NULL *raVerified; /* 0 */ 274 OSSL_CRMF_POPOSIGNINGKEY *signature; /* 1 */ 275 OSSL_CRMF_POPOPRIVKEY *keyEncipherment; /* 2 */ 276 OSSL_CRMF_POPOPRIVKEY *keyAgreement; /* 3 */ 277 } value; 278 } OSSL_CRMF_POPO; 279 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPO) 280 281 /*- 282 * OptionalValidity ::= SEQUENCE { 283 * notBefore [0] Time OPTIONAL, 284 * notAfter [1] Time OPTIONAL -- at least one MUST be present 285 * } 286 */ 287 struct ossl_crmf_optionalvalidity_st { 288 /* 0 */ ASN1_TIME *notBefore; 289 /* 1 */ ASN1_TIME *notAfter; 290 } /* OSSL_CRMF_OPTIONALVALIDITY */; 291 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY) 292 293 /*- 294 * CertTemplate ::= SEQUENCE { 295 * version [0] Version OPTIONAL, 296 * serialNumber [1] INTEGER OPTIONAL, 297 * signingAlg [2] AlgorithmIdentifier OPTIONAL, 298 * issuer [3] Name OPTIONAL, 299 * validity [4] OptionalValidity OPTIONAL, 300 * subject [5] Name OPTIONAL, 301 * publicKey [6] SubjectPublicKeyInfo OPTIONAL, 302 * issuerUID [7] UniqueIdentifier OPTIONAL, 303 * subjectUID [8] UniqueIdentifier OPTIONAL, 304 * extensions [9] Extensions OPTIONAL 305 * } 306 */ 307 struct ossl_crmf_certtemplate_st { 308 ASN1_INTEGER *version; 309 ASN1_INTEGER *serialNumber; /* serialNumber MUST be omitted */ 310 /* This field is assigned by the CA during certificate creation */ 311 X509_ALGOR *signingAlg; /* signingAlg MUST be omitted */ 312 /* This field is assigned by the CA during certificate creation */ 313 const X509_NAME *issuer; 314 OSSL_CRMF_OPTIONALVALIDITY *validity; 315 const X509_NAME *subject; 316 X509_PUBKEY *publicKey; 317 ASN1_BIT_STRING *issuerUID; /* deprecated in version 2 */ 318 /* According to rfc 3280: UniqueIdentifier ::= BIT STRING */ 319 ASN1_BIT_STRING *subjectUID; /* deprecated in version 2 */ 320 /* Could be X509_EXTENSION*S*, but that's only cosmetic */ 321 STACK_OF(X509_EXTENSION) *extensions; 322 } /* OSSL_CRMF_CERTTEMPLATE */; 323 324 /*- 325 * CertRequest ::= SEQUENCE { 326 * certReqId INTEGER, -- ID for matching request and reply 327 * certTemplate CertTemplate, -- Selected fields of cert to be issued 328 * controls Controls OPTIONAL -- Attributes affecting issuance 329 * } 330 */ 331 struct ossl_crmf_certrequest_st { 332 ASN1_INTEGER *certReqId; 333 OSSL_CRMF_CERTTEMPLATE *certTemplate; 334 STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE /* Controls expanded */) *controls; 335 } /* OSSL_CRMF_CERTREQUEST */; 336 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTREQUEST) 337 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTREQUEST) 338 339 /*- 340 * CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg 341 * CertReqMsg ::= SEQUENCE { 342 * certReq CertRequest, 343 * popo ProofOfPossession OPTIONAL, 344 * -- content depends upon key type 345 * regInfo SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL 346 * } 347 */ 348 struct ossl_crmf_msg_st { 349 OSSL_CRMF_CERTREQUEST *certReq; 350 /* 0 */ 351 OSSL_CRMF_POPO *popo; 352 /* 1 */ 353 STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *regInfo; 354 } /* OSSL_CRMF_MSG */; 355 #endif 356