ts_rsp_sign.c 29 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020
  1. /* crypto/ts/ts_resp_sign.c */
  2. /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  3. * project 2002.
  4. */
  5. /* ====================================================================
  6. * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
  7. *
  8. * Redistribution and use in source and binary forms, with or without
  9. * modification, are permitted provided that the following conditions
  10. * are met:
  11. *
  12. * 1. Redistributions of source code must retain the above copyright
  13. * notice, this list of conditions and the following disclaimer.
  14. *
  15. * 2. Redistributions in binary form must reproduce the above copyright
  16. * notice, this list of conditions and the following disclaimer in
  17. * the documentation and/or other materials provided with the
  18. * distribution.
  19. *
  20. * 3. All advertising materials mentioning features or use of this
  21. * software must display the following acknowledgment:
  22. * "This product includes software developed by the OpenSSL Project
  23. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24. *
  25. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26. * endorse or promote products derived from this software without
  27. * prior written permission. For written permission, please contact
  28. * licensing@OpenSSL.org.
  29. *
  30. * 5. Products derived from this software may not be called "OpenSSL"
  31. * nor may "OpenSSL" appear in their names without prior written
  32. * permission of the OpenSSL Project.
  33. *
  34. * 6. Redistributions of any form whatsoever must retain the following
  35. * acknowledgment:
  36. * "This product includes software developed by the OpenSSL Project
  37. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38. *
  39. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50. * OF THE POSSIBILITY OF SUCH DAMAGE.
  51. * ====================================================================
  52. *
  53. * This product includes cryptographic software written by Eric Young
  54. * (eay@cryptsoft.com). This product includes software written by Tim
  55. * Hudson (tjh@cryptsoft.com).
  56. *
  57. */
  58. #include "cryptlib.h"
  59. #if defined(OPENSSL_SYS_UNIX)
  60. #include <sys/time.h>
  61. #endif
  62. #include <openssl/objects.h>
  63. #include <openssl/ts.h>
  64. #include <openssl/pkcs7.h>
  65. /* Private function declarations. */
  66. static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *);
  67. static int def_time_cb(struct TS_resp_ctx *, void *, long *sec, long *usec);
  68. static int def_extension_cb(struct TS_resp_ctx *, X509_EXTENSION *, void *);
  69. static void TS_RESP_CTX_init(TS_RESP_CTX *ctx);
  70. static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx);
  71. static int TS_RESP_check_request(TS_RESP_CTX *ctx);
  72. static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx);
  73. static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
  74. ASN1_OBJECT *policy);
  75. static int TS_RESP_process_extensions(TS_RESP_CTX *ctx);
  76. static int TS_RESP_sign(TS_RESP_CTX *ctx);
  77. static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
  78. STACK_OF(X509) *certs);
  79. static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed);
  80. static int TS_TST_INFO_content_new(PKCS7 *p7);
  81. static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc);
  82. static ASN1_GENERALIZEDTIME *TS_RESP_set_genTime_with_precision(
  83. ASN1_GENERALIZEDTIME *, long, long, unsigned);
  84. /* Default callbacks for response generation. */
  85. static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data)
  86. {
  87. ASN1_INTEGER *serial = ASN1_INTEGER_new();
  88. if (!serial) goto err;
  89. if (!ASN1_INTEGER_set(serial, 1)) goto err;
  90. return serial;
  91. err:
  92. TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE);
  93. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  94. "Error during serial number generation.");
  95. return NULL;
  96. }
  97. #if defined(OPENSSL_SYS_UNIX)
  98. /* Use the gettimeofday function call. */
  99. static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
  100. long *sec, long *usec)
  101. {
  102. struct timeval tv;
  103. if (gettimeofday(&tv, NULL) != 0)
  104. {
  105. TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
  106. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  107. "Time is not available.");
  108. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
  109. return 0;
  110. }
  111. /* Return time to caller. */
  112. *sec = tv.tv_sec;
  113. *usec = tv.tv_usec;
  114. return 1;
  115. }
  116. #else
  117. /* Use the time function call that provides only seconds precision. */
  118. static int def_time_cb(struct TS_resp_ctx *ctx, void *data,
  119. long *sec, long *usec)
  120. {
  121. time_t t;
  122. if (time(&t) == (time_t) -1)
  123. {
  124. TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR);
  125. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  126. "Time is not available.");
  127. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE);
  128. return 0;
  129. }
  130. /* Return time to caller, only second precision. */
  131. *sec = (long) t;
  132. *usec = 0;
  133. return 1;
  134. }
  135. #endif
  136. static int def_extension_cb(struct TS_resp_ctx *ctx, X509_EXTENSION *ext,
  137. void *data)
  138. {
  139. /* No extensions are processed here. */
  140. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  141. "Unsupported extension.");
  142. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_EXTENSION);
  143. return 0;
  144. }
  145. /* TS_RESP_CTX management functions. */
  146. TS_RESP_CTX *TS_RESP_CTX_new()
  147. {
  148. TS_RESP_CTX *ctx;
  149. if (!(ctx = (TS_RESP_CTX *) OPENSSL_malloc(sizeof(TS_RESP_CTX))))
  150. {
  151. TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE);
  152. return NULL;
  153. }
  154. memset(ctx, 0, sizeof(TS_RESP_CTX));
  155. /* Setting default callbacks. */
  156. ctx->serial_cb = def_serial_cb;
  157. ctx->time_cb = def_time_cb;
  158. ctx->extension_cb = def_extension_cb;
  159. return ctx;
  160. }
  161. void TS_RESP_CTX_free(TS_RESP_CTX *ctx)
  162. {
  163. if (!ctx) return;
  164. X509_free(ctx->signer_cert);
  165. EVP_PKEY_free(ctx->signer_key);
  166. sk_X509_pop_free(ctx->certs, X509_free);
  167. sk_ASN1_OBJECT_pop_free(ctx->policies, ASN1_OBJECT_free);
  168. ASN1_OBJECT_free(ctx->default_policy);
  169. sk_EVP_MD_free(ctx->mds); /* No EVP_MD_free method exists. */
  170. ASN1_INTEGER_free(ctx->seconds);
  171. ASN1_INTEGER_free(ctx->millis);
  172. ASN1_INTEGER_free(ctx->micros);
  173. OPENSSL_free(ctx);
  174. }
  175. int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer)
  176. {
  177. if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1)
  178. {
  179. TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT,
  180. TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
  181. return 0;
  182. }
  183. if (ctx->signer_cert) X509_free(ctx->signer_cert);
  184. ctx->signer_cert = signer;
  185. CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509);
  186. return 1;
  187. }
  188. int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
  189. {
  190. if (ctx->signer_key) EVP_PKEY_free(ctx->signer_key);
  191. ctx->signer_key = key;
  192. CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY);
  193. return 1;
  194. }
  195. int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
  196. {
  197. if (ctx->default_policy) ASN1_OBJECT_free(ctx->default_policy);
  198. if (!(ctx->default_policy = OBJ_dup(def_policy))) goto err;
  199. return 1;
  200. err:
  201. TSerr(TS_F_TS_RESP_CTX_SET_DEF_POLICY, ERR_R_MALLOC_FAILURE);
  202. return 0;
  203. }
  204. int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
  205. {
  206. int i;
  207. if (ctx->certs)
  208. {
  209. sk_X509_pop_free(ctx->certs, X509_free);
  210. ctx->certs = NULL;
  211. }
  212. if (!certs) return 1;
  213. if (!(ctx->certs = sk_X509_dup(certs)))
  214. {
  215. TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE);
  216. return 0;
  217. }
  218. for (i = 0; i < sk_X509_num(ctx->certs); ++i)
  219. {
  220. X509 *cert = sk_X509_value(ctx->certs, i);
  221. CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509);
  222. }
  223. return 1;
  224. }
  225. int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
  226. {
  227. ASN1_OBJECT *copy = NULL;
  228. /* Create new policy stack if necessary. */
  229. if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null()))
  230. goto err;
  231. if (!(copy = OBJ_dup(policy))) goto err;
  232. if (!sk_ASN1_OBJECT_push(ctx->policies, copy)) goto err;
  233. return 1;
  234. err:
  235. TSerr(TS_F_TS_RESP_CTX_ADD_POLICY, ERR_R_MALLOC_FAILURE);
  236. ASN1_OBJECT_free(copy);
  237. return 0;
  238. }
  239. int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
  240. {
  241. /* Create new md stack if necessary. */
  242. if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null()))
  243. goto err;
  244. /* Add the shared md, no copy needed. */
  245. if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md)) goto err;
  246. return 1;
  247. err:
  248. TSerr(TS_F_TS_RESP_CTX_ADD_MD, ERR_R_MALLOC_FAILURE);
  249. return 0;
  250. }
  251. #define TS_RESP_CTX_accuracy_free(ctx) \
  252. ASN1_INTEGER_free(ctx->seconds); \
  253. ctx->seconds = NULL; \
  254. ASN1_INTEGER_free(ctx->millis); \
  255. ctx->millis = NULL; \
  256. ASN1_INTEGER_free(ctx->micros); \
  257. ctx->micros = NULL;
  258. int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx,
  259. int secs, int millis, int micros)
  260. {
  261. TS_RESP_CTX_accuracy_free(ctx);
  262. if (secs && (!(ctx->seconds = ASN1_INTEGER_new())
  263. || !ASN1_INTEGER_set(ctx->seconds, secs)))
  264. goto err;
  265. if (millis && (!(ctx->millis = ASN1_INTEGER_new())
  266. || !ASN1_INTEGER_set(ctx->millis, millis)))
  267. goto err;
  268. if (micros && (!(ctx->micros = ASN1_INTEGER_new())
  269. || !ASN1_INTEGER_set(ctx->micros, micros)))
  270. goto err;
  271. return 1;
  272. err:
  273. TS_RESP_CTX_accuracy_free(ctx);
  274. TSerr(TS_F_TS_RESP_CTX_SET_ACCURACY, ERR_R_MALLOC_FAILURE);
  275. return 0;
  276. }
  277. void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags)
  278. {
  279. ctx->flags |= flags;
  280. }
  281. void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data)
  282. {
  283. ctx->serial_cb = cb;
  284. ctx->serial_cb_data = data;
  285. }
  286. void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data)
  287. {
  288. ctx->time_cb = cb;
  289. ctx->time_cb_data = data;
  290. }
  291. void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx,
  292. TS_extension_cb cb, void *data)
  293. {
  294. ctx->extension_cb = cb;
  295. ctx->extension_cb_data = data;
  296. }
  297. int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx,
  298. int status, const char *text)
  299. {
  300. TS_STATUS_INFO *si = NULL;
  301. ASN1_UTF8STRING *utf8_text = NULL;
  302. int ret = 0;
  303. if (!(si = TS_STATUS_INFO_new())) goto err;
  304. if (!ASN1_INTEGER_set(si->status, status)) goto err;
  305. if (text)
  306. {
  307. if (!(utf8_text = ASN1_UTF8STRING_new())
  308. || !ASN1_STRING_set(utf8_text, text, strlen(text)))
  309. goto err;
  310. if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null()))
  311. goto err;
  312. if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text)) goto err;
  313. utf8_text = NULL; /* Ownership is lost. */
  314. }
  315. if (!TS_RESP_set_status_info(ctx->response, si)) goto err;
  316. ret = 1;
  317. err:
  318. if (!ret)
  319. TSerr(TS_F_TS_RESP_CTX_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE);
  320. TS_STATUS_INFO_free(si);
  321. ASN1_UTF8STRING_free(utf8_text);
  322. return ret;
  323. }
  324. int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx,
  325. int status, const char *text)
  326. {
  327. int ret = 1;
  328. TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
  329. if (ASN1_INTEGER_get(si->status) == TS_STATUS_GRANTED)
  330. {
  331. /* Status has not been set, set it now. */
  332. ret = TS_RESP_CTX_set_status_info(ctx, status, text);
  333. }
  334. return ret;
  335. }
  336. int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure)
  337. {
  338. TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response);
  339. if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new()))
  340. goto err;
  341. if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1))
  342. goto err;
  343. return 1;
  344. err:
  345. TSerr(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, ERR_R_MALLOC_FAILURE);
  346. return 0;
  347. }
  348. TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx)
  349. {
  350. return ctx->request;
  351. }
  352. TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx)
  353. {
  354. return ctx->tst_info;
  355. }
  356. int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, unsigned precision)
  357. {
  358. if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
  359. return 0;
  360. ctx->clock_precision_digits = precision;
  361. return 1;
  362. }
  363. /* Main entry method of the response generation. */
  364. TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio)
  365. {
  366. ASN1_OBJECT *policy;
  367. TS_RESP *response;
  368. int result = 0;
  369. TS_RESP_CTX_init(ctx);
  370. /* Creating the response object. */
  371. if (!(ctx->response = TS_RESP_new()))
  372. {
  373. TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE);
  374. goto end;
  375. }
  376. /* Parsing DER request. */
  377. if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL)))
  378. {
  379. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  380. "Bad request format or "
  381. "system error.");
  382. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
  383. goto end;
  384. }
  385. /* Setting default status info. */
  386. if (!TS_RESP_CTX_set_status_info(ctx, TS_STATUS_GRANTED, NULL))
  387. goto end;
  388. /* Checking the request format. */
  389. if (!TS_RESP_check_request(ctx)) goto end;
  390. /* Checking acceptable policies. */
  391. if (!(policy = TS_RESP_get_policy(ctx))) goto end;
  392. /* Creating the TS_TST_INFO object. */
  393. if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy)))
  394. goto end;
  395. /* Processing extensions. */
  396. if (!TS_RESP_process_extensions(ctx)) goto end;
  397. /* Generating the signature. */
  398. if (!TS_RESP_sign(ctx)) goto end;
  399. /* Everything was successful. */
  400. result = 1;
  401. end:
  402. if (!result)
  403. {
  404. TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR);
  405. if (ctx->response != NULL)
  406. {
  407. if (TS_RESP_CTX_set_status_info_cond(ctx,
  408. TS_STATUS_REJECTION, "Error during response "
  409. "generation.") == 0)
  410. {
  411. TS_RESP_free(ctx->response);
  412. ctx->response = NULL;
  413. }
  414. }
  415. }
  416. response = ctx->response;
  417. ctx->response = NULL; /* Ownership will be returned to caller. */
  418. TS_RESP_CTX_cleanup(ctx);
  419. return response;
  420. }
  421. /* Initializes the variable part of the context. */
  422. static void TS_RESP_CTX_init(TS_RESP_CTX *ctx)
  423. {
  424. ctx->request = NULL;
  425. ctx->response = NULL;
  426. ctx->tst_info = NULL;
  427. }
  428. /* Cleans up the variable part of the context. */
  429. static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx)
  430. {
  431. TS_REQ_free(ctx->request);
  432. ctx->request = NULL;
  433. TS_RESP_free(ctx->response);
  434. ctx->response = NULL;
  435. TS_TST_INFO_free(ctx->tst_info);
  436. ctx->tst_info = NULL;
  437. }
  438. /* Checks the format and content of the request. */
  439. static int TS_RESP_check_request(TS_RESP_CTX *ctx)
  440. {
  441. TS_REQ *request = ctx->request;
  442. TS_MSG_IMPRINT *msg_imprint;
  443. X509_ALGOR *md_alg;
  444. int md_alg_id;
  445. const ASN1_OCTET_STRING *digest;
  446. EVP_MD *md = NULL;
  447. int i;
  448. /* Checking request version. */
  449. if (TS_REQ_get_version(request) != 1)
  450. {
  451. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  452. "Bad request version.");
  453. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_REQUEST);
  454. return 0;
  455. }
  456. /* Checking message digest algorithm. */
  457. msg_imprint = TS_REQ_get_msg_imprint(request);
  458. md_alg = TS_MSG_IMPRINT_get_algo(msg_imprint);
  459. md_alg_id = OBJ_obj2nid(md_alg->algorithm);
  460. for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i)
  461. {
  462. EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
  463. if (md_alg_id == EVP_MD_type(current_md))
  464. md = current_md;
  465. }
  466. if (!md)
  467. {
  468. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  469. "Message digest algorithm is "
  470. "not supported.");
  471. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
  472. return 0;
  473. }
  474. /* No message digest takes parameter. */
  475. if (md_alg->parameter
  476. && ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL)
  477. {
  478. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  479. "Superfluous message digest "
  480. "parameter.");
  481. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG);
  482. return 0;
  483. }
  484. /* Checking message digest size. */
  485. digest = TS_MSG_IMPRINT_get_msg(msg_imprint);
  486. if (digest->length != EVP_MD_size(md))
  487. {
  488. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  489. "Bad message digest.");
  490. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT);
  491. return 0;
  492. }
  493. return 1;
  494. }
  495. /* Returns the TSA policy based on the requested and acceptable policies. */
  496. static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx)
  497. {
  498. ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request);
  499. ASN1_OBJECT *policy = NULL;
  500. int i;
  501. if (ctx->default_policy == NULL)
  502. {
  503. TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER);
  504. return NULL;
  505. }
  506. /* Return the default policy if none is requested or the default is
  507. requested. */
  508. if (!requested || !OBJ_cmp(requested, ctx->default_policy))
  509. policy = ctx->default_policy;
  510. /* Check if the policy is acceptable. */
  511. for (i = 0; !policy && i < sk_ASN1_OBJECT_num(ctx->policies); ++i)
  512. {
  513. ASN1_OBJECT *current = sk_ASN1_OBJECT_value(ctx->policies, i);
  514. if (!OBJ_cmp(requested, current))
  515. policy = current;
  516. }
  517. if (!policy)
  518. {
  519. TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_UNACCEPTABLE_POLICY);
  520. TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
  521. "Requested policy is not "
  522. "supported.");
  523. TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY);
  524. }
  525. return policy;
  526. }
  527. /* Creates the TS_TST_INFO object based on the settings of the context. */
  528. static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx,
  529. ASN1_OBJECT *policy)
  530. {
  531. int result = 0;
  532. TS_TST_INFO *tst_info = NULL;
  533. ASN1_INTEGER *serial = NULL;
  534. ASN1_GENERALIZEDTIME *asn1_time = NULL;
  535. long sec, usec;
  536. TS_ACCURACY *accuracy = NULL;
  537. const ASN1_INTEGER *nonce;
  538. GENERAL_NAME *tsa_name = NULL;
  539. if (!(tst_info = TS_TST_INFO_new())) goto end;
  540. if (!TS_TST_INFO_set_version(tst_info, 1)) goto end;
  541. if (!TS_TST_INFO_set_policy_id(tst_info, policy)) goto end;
  542. if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint))
  543. goto end;
  544. if (!(serial = (*ctx->serial_cb)(ctx, ctx->serial_cb_data))
  545. || !TS_TST_INFO_set_serial(tst_info, serial))
  546. goto end;
  547. if (!(*ctx->time_cb)(ctx, ctx->time_cb_data, &sec, &usec)
  548. || !(asn1_time = TS_RESP_set_genTime_with_precision(NULL,
  549. sec, usec,
  550. ctx->clock_precision_digits))
  551. || !TS_TST_INFO_set_time(tst_info, asn1_time))
  552. goto end;
  553. /* Setting accuracy if needed. */
  554. if ((ctx->seconds || ctx->millis || ctx->micros)
  555. && !(accuracy = TS_ACCURACY_new()))
  556. goto end;
  557. if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds))
  558. goto end;
  559. if (ctx->millis && !TS_ACCURACY_set_millis(accuracy, ctx->millis))
  560. goto end;
  561. if (ctx->micros && !TS_ACCURACY_set_micros(accuracy, ctx->micros))
  562. goto end;
  563. if (accuracy && !TS_TST_INFO_set_accuracy(tst_info, accuracy))
  564. goto end;
  565. /* Setting ordering. */
  566. if ((ctx->flags & TS_ORDERING)
  567. && !TS_TST_INFO_set_ordering(tst_info, 1))
  568. goto end;
  569. /* Setting nonce if needed. */
  570. if ((nonce = TS_REQ_get_nonce(ctx->request)) != NULL
  571. && !TS_TST_INFO_set_nonce(tst_info, nonce))
  572. goto end;
  573. /* Setting TSA name to subject of signer certificate. */
  574. if (ctx->flags & TS_TSA_NAME)
  575. {
  576. if (!(tsa_name = GENERAL_NAME_new())) goto end;
  577. tsa_name->type = GEN_DIRNAME;
  578. tsa_name->d.dirn =
  579. X509_NAME_dup(ctx->signer_cert->cert_info->subject);
  580. if (!tsa_name->d.dirn) goto end;
  581. if (!TS_TST_INFO_set_tsa(tst_info, tsa_name)) goto end;
  582. }
  583. result = 1;
  584. end:
  585. if (!result)
  586. {
  587. TS_TST_INFO_free(tst_info);
  588. tst_info = NULL;
  589. TSerr(TS_F_TS_RESP_CREATE_TST_INFO, TS_R_TST_INFO_SETUP_ERROR);
  590. TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
  591. "Error during TSTInfo "
  592. "generation.");
  593. }
  594. GENERAL_NAME_free(tsa_name);
  595. TS_ACCURACY_free(accuracy);
  596. ASN1_GENERALIZEDTIME_free(asn1_time);
  597. ASN1_INTEGER_free(serial);
  598. return tst_info;
  599. }
  600. /* Processing the extensions of the request. */
  601. static int TS_RESP_process_extensions(TS_RESP_CTX *ctx)
  602. {
  603. STACK_OF(X509_EXTENSION) *exts = TS_REQ_get_exts(ctx->request);
  604. int i;
  605. int ok = 1;
  606. for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i)
  607. {
  608. X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
  609. /* XXXXX The last argument was previously
  610. (void *)ctx->extension_cb, but ISO C doesn't permit
  611. converting a function pointer to void *. For lack of
  612. better information, I'm placing a NULL there instead.
  613. The callback can pick its own address out from the ctx
  614. anyway...
  615. */
  616. ok = (*ctx->extension_cb)(ctx, ext, NULL);
  617. }
  618. return ok;
  619. }
  620. /* Functions for signing the TS_TST_INFO structure of the context. */
  621. static int TS_RESP_sign(TS_RESP_CTX *ctx)
  622. {
  623. int ret = 0;
  624. PKCS7 *p7 = NULL;
  625. PKCS7_SIGNER_INFO *si;
  626. STACK_OF(X509) *certs; /* Certificates to include in sc. */
  627. ESS_SIGNING_CERT *sc = NULL;
  628. ASN1_OBJECT *oid;
  629. BIO *p7bio = NULL;
  630. int i;
  631. /* Check if signcert and pkey match. */
  632. if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) {
  633. TSerr(TS_F_TS_RESP_SIGN,
  634. TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE);
  635. goto err;
  636. }
  637. /* Create a new PKCS7 signed object. */
  638. if (!(p7 = PKCS7_new())) {
  639. TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
  640. goto err;
  641. }
  642. if (!PKCS7_set_type(p7, NID_pkcs7_signed)) goto err;
  643. /* Force SignedData version to be 3 instead of the default 1. */
  644. if (!ASN1_INTEGER_set(p7->d.sign->version, 3)) goto err;
  645. /* Add signer certificate and optional certificate chain. */
  646. if (TS_REQ_get_cert_req(ctx->request))
  647. {
  648. PKCS7_add_certificate(p7, ctx->signer_cert);
  649. if (ctx->certs)
  650. {
  651. for(i = 0; i < sk_X509_num(ctx->certs); ++i)
  652. {
  653. X509 *cert = sk_X509_value(ctx->certs, i);
  654. PKCS7_add_certificate(p7, cert);
  655. }
  656. }
  657. }
  658. /* Add a new signer info. */
  659. if (!(si = PKCS7_add_signature(p7, ctx->signer_cert,
  660. ctx->signer_key, EVP_sha1())))
  661. {
  662. TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR);
  663. goto err;
  664. }
  665. /* Add content type signed attribute to the signer info. */
  666. oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
  667. if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType,
  668. V_ASN1_OBJECT, oid))
  669. {
  670. TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR);
  671. goto err;
  672. }
  673. /* Create the ESS SigningCertificate attribute which contains
  674. the signer certificate id and optionally the certificate chain. */
  675. certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL;
  676. if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs)))
  677. goto err;
  678. /* Add SigningCertificate signed attribute to the signer info. */
  679. if (!ESS_add_signing_cert(si, sc))
  680. {
  681. TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_ERROR);
  682. goto err;
  683. }
  684. /* Add a new empty NID_id_smime_ct_TSTInfo encapsulated content. */
  685. if (!TS_TST_INFO_content_new(p7)) goto err;
  686. /* Add the DER encoded tst_info to the PKCS7 structure. */
  687. if (!(p7bio = PKCS7_dataInit(p7, NULL))) {
  688. TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE);
  689. goto err;
  690. }
  691. /* Convert tst_info to DER. */
  692. if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info))
  693. {
  694. TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
  695. goto err;
  696. }
  697. /* Create the signature and add it to the signer info. */
  698. if (!PKCS7_dataFinal(p7, p7bio))
  699. {
  700. TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN);
  701. goto err;
  702. }
  703. /* Set new PKCS7 and TST_INFO objects. */
  704. TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info);
  705. p7 = NULL; /* Ownership is lost. */
  706. ctx->tst_info = NULL; /* Ownership is lost. */
  707. ret = 1;
  708. err:
  709. if (!ret)
  710. TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION,
  711. "Error during signature "
  712. "generation.");
  713. BIO_free_all(p7bio);
  714. ESS_SIGNING_CERT_free(sc);
  715. PKCS7_free(p7);
  716. return ret;
  717. }
  718. static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert,
  719. STACK_OF(X509) *certs)
  720. {
  721. ESS_CERT_ID *cid;
  722. ESS_SIGNING_CERT *sc = NULL;
  723. int i;
  724. /* Creating the ESS_CERT_ID stack. */
  725. if (!(sc = ESS_SIGNING_CERT_new())) goto err;
  726. if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null()))
  727. goto err;
  728. /* Adding the signing certificate id. */
  729. if (!(cid = ESS_CERT_ID_new_init(signcert, 0))
  730. || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
  731. goto err;
  732. /* Adding the certificate chain ids. */
  733. for (i = 0; i < sk_X509_num(certs); ++i)
  734. {
  735. X509 *cert = sk_X509_value(certs, i);
  736. if (!(cid = ESS_CERT_ID_new_init(cert, 1))
  737. || !sk_ESS_CERT_ID_push(sc->cert_ids, cid))
  738. goto err;
  739. }
  740. return sc;
  741. err:
  742. ESS_SIGNING_CERT_free(sc);
  743. TSerr(TS_F_ESS_SIGNING_CERT_NEW_INIT, ERR_R_MALLOC_FAILURE);
  744. return NULL;
  745. }
  746. static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed)
  747. {
  748. ESS_CERT_ID *cid = NULL;
  749. GENERAL_NAME *name = NULL;
  750. /* Recompute SHA1 hash of certificate if necessary (side effect). */
  751. X509_check_purpose(cert, -1, 0);
  752. if (!(cid = ESS_CERT_ID_new())) goto err;
  753. if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash,
  754. sizeof(cert->sha1_hash)))
  755. goto err;
  756. /* Setting the issuer/serial if requested. */
  757. if (issuer_needed)
  758. {
  759. /* Creating issuer/serial structure. */
  760. if (!cid->issuer_serial
  761. && !(cid->issuer_serial = ESS_ISSUER_SERIAL_new()))
  762. goto err;
  763. /* Creating general name from the certificate issuer. */
  764. if (!(name = GENERAL_NAME_new())) goto err;
  765. name->type = GEN_DIRNAME;
  766. if (!(name->d.dirn = X509_NAME_dup(cert->cert_info->issuer)))
  767. goto err;
  768. if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name))
  769. goto err;
  770. name = NULL; /* Ownership is lost. */
  771. /* Setting the serial number. */
  772. ASN1_INTEGER_free(cid->issuer_serial->serial);
  773. if (!(cid->issuer_serial->serial =
  774. ASN1_INTEGER_dup(cert->cert_info->serialNumber)))
  775. goto err;
  776. }
  777. return cid;
  778. err:
  779. GENERAL_NAME_free(name);
  780. ESS_CERT_ID_free(cid);
  781. TSerr(TS_F_ESS_CERT_ID_NEW_INIT, ERR_R_MALLOC_FAILURE);
  782. return NULL;
  783. }
  784. static int TS_TST_INFO_content_new(PKCS7 *p7)
  785. {
  786. PKCS7 *ret = NULL;
  787. ASN1_OCTET_STRING *octet_string = NULL;
  788. /* Create new encapsulated NID_id_smime_ct_TSTInfo content. */
  789. if (!(ret = PKCS7_new())) goto err;
  790. if (!(ret->d.other = ASN1_TYPE_new())) goto err;
  791. ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo);
  792. if (!(octet_string = ASN1_OCTET_STRING_new())) goto err;
  793. ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string);
  794. octet_string = NULL;
  795. /* Add encapsulated content to signed PKCS7 structure. */
  796. if (!PKCS7_set_content(p7, ret)) goto err;
  797. return 1;
  798. err:
  799. ASN1_OCTET_STRING_free(octet_string);
  800. PKCS7_free(ret);
  801. return 0;
  802. }
  803. static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc)
  804. {
  805. ASN1_STRING *seq = NULL;
  806. unsigned char *p, *pp = NULL;
  807. int len;
  808. len = i2d_ESS_SIGNING_CERT(sc, NULL);
  809. if (!(pp = (unsigned char *) OPENSSL_malloc(len)))
  810. {
  811. TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
  812. goto err;
  813. }
  814. p = pp;
  815. i2d_ESS_SIGNING_CERT(sc, &p);
  816. if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len))
  817. {
  818. TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE);
  819. goto err;
  820. }
  821. OPENSSL_free(pp); pp = NULL;
  822. return PKCS7_add_signed_attribute(si,
  823. NID_id_smime_aa_signingCertificate,
  824. V_ASN1_SEQUENCE, seq);
  825. err:
  826. ASN1_STRING_free(seq);
  827. OPENSSL_free(pp);
  828. return 0;
  829. }
  830. static ASN1_GENERALIZEDTIME *
  831. TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time,
  832. long sec, long usec, unsigned precision)
  833. {
  834. time_t time_sec = (time_t) sec;
  835. struct tm *tm = NULL;
  836. char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS];
  837. char *p = genTime_str;
  838. char *p_end = genTime_str + sizeof(genTime_str);
  839. if (precision > TS_MAX_CLOCK_PRECISION_DIGITS)
  840. goto err;
  841. if (!(tm = gmtime(&time_sec)))
  842. goto err;
  843. /*
  844. * Put "genTime_str" in GeneralizedTime format. We work around the
  845. * restrictions imposed by rfc3280 (i.e. "GeneralizedTime values MUST
  846. * NOT include fractional seconds") and OpenSSL related functions to
  847. * meet the rfc3161 requirement: "GeneralizedTime syntax can include
  848. * fraction-of-second details".
  849. */
  850. p += BIO_snprintf(p, p_end - p,
  851. "%04d%02d%02d%02d%02d%02d",
  852. tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday,
  853. tm->tm_hour, tm->tm_min, tm->tm_sec);
  854. if (precision > 0)
  855. {
  856. /* Add fraction of seconds (leave space for dot and null). */
  857. BIO_snprintf(p, 2 + precision, ".%ld", usec);
  858. /* We cannot use the snprintf return value,
  859. because it might have been truncated. */
  860. p += strlen(p);
  861. /* To make things a bit harder, X.690 | ISO/IEC 8825-1 provides
  862. the following restrictions for a DER-encoding, which OpenSSL
  863. (specifically ASN1_GENERALIZEDTIME_check() function) doesn't
  864. support:
  865. "The encoding MUST terminate with a "Z" (which means "Zulu"
  866. time). The decimal point element, if present, MUST be the
  867. point option ".". The fractional-seconds elements,
  868. if present, MUST omit all trailing 0's;
  869. if the elements correspond to 0, they MUST be wholly
  870. omitted, and the decimal point element also MUST be
  871. omitted." */
  872. /* Remove trailing zeros. The dot guarantees the exit
  873. condition of this loop even if all the digits are zero. */
  874. while (*--p == '0')
  875. /* empty */;
  876. /* p points to either the dot or the last non-zero digit. */
  877. if (*p != '.') ++p;
  878. }
  879. /* Add the trailing Z and the terminating null. */
  880. *p++ = 'Z';
  881. *p++ = '\0';
  882. /* Now call OpenSSL to check and set our genTime value */
  883. if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new()))
  884. goto err;
  885. if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str))
  886. {
  887. ASN1_GENERALIZEDTIME_free(asn1_time);
  888. goto err;
  889. }
  890. return asn1_time;
  891. err:
  892. TSerr(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, TS_R_COULD_NOT_SET_TIME);
  893. return NULL;
  894. }