ess_lib.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368
  1. /*
  2. * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <string.h>
  10. #include <openssl/x509v3.h>
  11. #include <openssl/err.h>
  12. #include <openssl/ess.h>
  13. #include "internal/sizes.h"
  14. #include "crypto/ess.h"
  15. #include "crypto/x509.h"
  16. static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert,
  17. int set_issuer_serial);
  18. static ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new_init(const EVP_MD *hash_alg,
  19. const X509 *cert,
  20. int set_issuer_serial);
  21. ESS_SIGNING_CERT *OSSL_ESS_signing_cert_new_init(const X509 *signcert,
  22. const STACK_OF(X509) *certs,
  23. int set_issuer_serial)
  24. {
  25. ESS_CERT_ID *cid = NULL;
  26. ESS_SIGNING_CERT *sc;
  27. int i;
  28. if ((sc = ESS_SIGNING_CERT_new()) == NULL) {
  29. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  30. goto err;
  31. }
  32. if (sc->cert_ids == NULL
  33. && (sc->cert_ids = sk_ESS_CERT_ID_new_null()) == NULL) {
  34. ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB);
  35. goto err;
  36. }
  37. if ((cid = ESS_CERT_ID_new_init(signcert, set_issuer_serial)) == NULL
  38. || !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) {
  39. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  40. goto err;
  41. }
  42. for (i = 0; i < sk_X509_num(certs); ++i) {
  43. X509 *cert = sk_X509_value(certs, i);
  44. if ((cid = ESS_CERT_ID_new_init(cert, 1)) == NULL) {
  45. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  46. goto err;
  47. }
  48. if (!sk_ESS_CERT_ID_push(sc->cert_ids, cid)) {
  49. ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB);
  50. goto err;
  51. }
  52. }
  53. return sc;
  54. err:
  55. ESS_SIGNING_CERT_free(sc);
  56. ESS_CERT_ID_free(cid);
  57. return NULL;
  58. }
  59. static ESS_CERT_ID *ESS_CERT_ID_new_init(const X509 *cert,
  60. int set_issuer_serial)
  61. {
  62. ESS_CERT_ID *cid = NULL;
  63. GENERAL_NAME *name = NULL;
  64. unsigned char cert_sha1[SHA_DIGEST_LENGTH];
  65. if ((cid = ESS_CERT_ID_new()) == NULL) {
  66. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  67. goto err;
  68. }
  69. if (!X509_digest(cert, EVP_sha1(), cert_sha1, NULL)) {
  70. ERR_raise(ERR_LIB_ESS, ERR_R_X509_LIB);
  71. goto err;
  72. }
  73. if (!ASN1_OCTET_STRING_set(cid->hash, cert_sha1, SHA_DIGEST_LENGTH)) {
  74. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  75. goto err;
  76. }
  77. /* Setting the issuer/serial if requested. */
  78. if (!set_issuer_serial)
  79. return cid;
  80. if (cid->issuer_serial == NULL
  81. && (cid->issuer_serial = ESS_ISSUER_SERIAL_new()) == NULL) {
  82. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  83. goto err;
  84. }
  85. if ((name = GENERAL_NAME_new()) == NULL) {
  86. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  87. goto err;
  88. }
  89. name->type = GEN_DIRNAME;
  90. if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) {
  91. ERR_raise(ERR_LIB_ESS, ERR_R_X509_LIB);
  92. goto err;
  93. }
  94. if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) {
  95. ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB);
  96. goto err;
  97. }
  98. name = NULL; /* Ownership is lost. */
  99. ASN1_INTEGER_free(cid->issuer_serial->serial);
  100. if ((cid->issuer_serial->serial
  101. = ASN1_INTEGER_dup(X509_get0_serialNumber(cert))) == NULL) {
  102. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  103. goto err;
  104. }
  105. return cid;
  106. err:
  107. GENERAL_NAME_free(name);
  108. ESS_CERT_ID_free(cid);
  109. return NULL;
  110. }
  111. ESS_SIGNING_CERT_V2 *OSSL_ESS_signing_cert_v2_new_init(const EVP_MD *hash_alg,
  112. const X509 *signcert,
  113. const
  114. STACK_OF(X509) *certs,
  115. int set_issuer_serial)
  116. {
  117. ESS_CERT_ID_V2 *cid = NULL;
  118. ESS_SIGNING_CERT_V2 *sc;
  119. int i;
  120. if ((sc = ESS_SIGNING_CERT_V2_new()) == NULL) {
  121. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  122. goto err;
  123. }
  124. cid = ESS_CERT_ID_V2_new_init(hash_alg, signcert, set_issuer_serial);
  125. if (cid == NULL) {
  126. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  127. goto err;
  128. }
  129. if (!sk_ESS_CERT_ID_V2_push(sc->cert_ids, cid)) {
  130. ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB);
  131. goto err;
  132. }
  133. cid = NULL;
  134. for (i = 0; i < sk_X509_num(certs); ++i) {
  135. X509 *cert = sk_X509_value(certs, i);
  136. if ((cid = ESS_CERT_ID_V2_new_init(hash_alg, cert, 1)) == NULL) {
  137. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  138. goto err;
  139. }
  140. if (!sk_ESS_CERT_ID_V2_push(sc->cert_ids, cid)) {
  141. ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB);
  142. goto err;
  143. }
  144. cid = NULL;
  145. }
  146. return sc;
  147. err:
  148. ESS_SIGNING_CERT_V2_free(sc);
  149. ESS_CERT_ID_V2_free(cid);
  150. return NULL;
  151. }
  152. static ESS_CERT_ID_V2 *ESS_CERT_ID_V2_new_init(const EVP_MD *hash_alg,
  153. const X509 *cert,
  154. int set_issuer_serial)
  155. {
  156. ESS_CERT_ID_V2 *cid;
  157. GENERAL_NAME *name = NULL;
  158. unsigned char hash[EVP_MAX_MD_SIZE];
  159. unsigned int hash_len = sizeof(hash);
  160. X509_ALGOR *alg = NULL;
  161. memset(hash, 0, sizeof(hash));
  162. if ((cid = ESS_CERT_ID_V2_new()) == NULL) {
  163. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  164. goto err;
  165. }
  166. if (!EVP_MD_is_a(hash_alg, SN_sha256)) {
  167. alg = X509_ALGOR_new();
  168. if (alg == NULL) {
  169. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  170. goto err;
  171. }
  172. X509_ALGOR_set_md(alg, hash_alg);
  173. if (alg->algorithm == NULL) {
  174. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  175. goto err;
  176. }
  177. cid->hash_alg = alg;
  178. alg = NULL;
  179. } else {
  180. cid->hash_alg = NULL;
  181. }
  182. if (!X509_digest(cert, hash_alg, hash, &hash_len)) {
  183. ERR_raise(ERR_LIB_ESS, ERR_R_X509_LIB);
  184. goto err;
  185. }
  186. if (!ASN1_OCTET_STRING_set(cid->hash, hash, hash_len)) {
  187. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  188. goto err;
  189. }
  190. if (!set_issuer_serial)
  191. return cid;
  192. if ((cid->issuer_serial = ESS_ISSUER_SERIAL_new()) == NULL) {
  193. ERR_raise(ERR_LIB_ESS, ERR_R_ESS_LIB);
  194. goto err;
  195. }
  196. if ((name = GENERAL_NAME_new()) == NULL) {
  197. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  198. goto err;
  199. }
  200. name->type = GEN_DIRNAME;
  201. if ((name->d.dirn = X509_NAME_dup(X509_get_issuer_name(cert))) == NULL) {
  202. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  203. goto err;
  204. }
  205. if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) {
  206. ERR_raise(ERR_LIB_ESS, ERR_R_CRYPTO_LIB);
  207. goto err;
  208. }
  209. name = NULL; /* Ownership is lost. */
  210. ASN1_INTEGER_free(cid->issuer_serial->serial);
  211. cid->issuer_serial->serial = ASN1_INTEGER_dup(X509_get0_serialNumber(cert));
  212. if (cid->issuer_serial->serial == NULL) {
  213. ERR_raise(ERR_LIB_ESS, ERR_R_ASN1_LIB);
  214. goto err;
  215. }
  216. return cid;
  217. err:
  218. X509_ALGOR_free(alg);
  219. GENERAL_NAME_free(name);
  220. ESS_CERT_ID_V2_free(cid);
  221. return NULL;
  222. }
  223. static int ess_issuer_serial_cmp(const ESS_ISSUER_SERIAL *is, const X509 *cert)
  224. {
  225. GENERAL_NAME *issuer;
  226. if (is == NULL || cert == NULL || sk_GENERAL_NAME_num(is->issuer) != 1)
  227. return -1;
  228. issuer = sk_GENERAL_NAME_value(is->issuer, 0);
  229. if (issuer->type != GEN_DIRNAME
  230. || X509_NAME_cmp(issuer->d.dirn, X509_get_issuer_name(cert)) != 0)
  231. return -1;
  232. return ASN1_INTEGER_cmp(is->serial, X509_get0_serialNumber(cert));
  233. }
  234. /*
  235. * Find the cert in |certs| referenced by |cid| if not NULL, else by |cid_v2|.
  236. * The cert must be the first one in |certs| if and only if |index| is 0.
  237. * Return 0 on not found, -1 on error, else 1 + the position in |certs|.
  238. */
  239. static int find(const ESS_CERT_ID *cid, const ESS_CERT_ID_V2 *cid_v2,
  240. int index, const STACK_OF(X509) *certs)
  241. {
  242. const X509 *cert;
  243. EVP_MD *md = NULL;
  244. char name[OSSL_MAX_NAME_SIZE];
  245. unsigned char cert_digest[EVP_MAX_MD_SIZE];
  246. unsigned int len, cid_hash_len;
  247. const ESS_ISSUER_SERIAL *is;
  248. int i;
  249. int ret = -1;
  250. if (cid == NULL && cid_v2 == NULL) {
  251. ERR_raise(ERR_LIB_ESS, ERR_R_PASSED_INVALID_ARGUMENT);
  252. return -1;
  253. }
  254. if (cid != NULL)
  255. strcpy(name, "SHA1");
  256. else if (cid_v2->hash_alg == NULL)
  257. strcpy(name, "SHA256");
  258. else
  259. OBJ_obj2txt(name, sizeof(name), cid_v2->hash_alg->algorithm, 0);
  260. (void)ERR_set_mark();
  261. md = EVP_MD_fetch(NULL, name, NULL);
  262. if (md == NULL)
  263. md = (EVP_MD *)EVP_get_digestbyname(name);
  264. if (md == NULL) {
  265. (void)ERR_clear_last_mark();
  266. ERR_raise(ERR_LIB_ESS, ESS_R_ESS_DIGEST_ALG_UNKNOWN);
  267. goto end;
  268. }
  269. (void)ERR_pop_to_mark();
  270. for (i = 0; i < sk_X509_num(certs); ++i) {
  271. cert = sk_X509_value(certs, i);
  272. cid_hash_len = cid != NULL ? cid->hash->length : cid_v2->hash->length;
  273. if (!X509_digest(cert, md, cert_digest, &len)
  274. || cid_hash_len != len) {
  275. ERR_raise(ERR_LIB_ESS, ESS_R_ESS_CERT_DIGEST_ERROR);
  276. goto end;
  277. }
  278. if (memcmp(cid != NULL ? cid->hash->data : cid_v2->hash->data,
  279. cert_digest, len) == 0) {
  280. is = cid != NULL ? cid->issuer_serial : cid_v2->issuer_serial;
  281. /* Well, it's not really required to match the serial numbers. */
  282. if (is == NULL || ess_issuer_serial_cmp(is, cert) == 0) {
  283. if ((i == 0) == (index == 0)) {
  284. ret = i + 1;
  285. goto end;
  286. }
  287. ERR_raise(ERR_LIB_ESS, ESS_R_ESS_CERT_ID_WRONG_ORDER);
  288. goto end;
  289. }
  290. }
  291. }
  292. ret = 0;
  293. ERR_raise(ERR_LIB_ESS, ESS_R_ESS_CERT_ID_NOT_FOUND);
  294. end:
  295. EVP_MD_free(md);
  296. return ret;
  297. }
  298. int OSSL_ESS_check_signing_certs(const ESS_SIGNING_CERT *ss,
  299. const ESS_SIGNING_CERT_V2 *ssv2,
  300. const STACK_OF(X509) *chain,
  301. int require_signing_cert)
  302. {
  303. int n_v1 = ss == NULL ? -1 : sk_ESS_CERT_ID_num(ss->cert_ids);
  304. int n_v2 = ssv2 == NULL ? -1 : sk_ESS_CERT_ID_V2_num(ssv2->cert_ids);
  305. int i, ret;
  306. if (require_signing_cert && ss == NULL && ssv2 == NULL) {
  307. ERR_raise(ERR_LIB_CMS, ESS_R_MISSING_SIGNING_CERTIFICATE_ATTRIBUTE);
  308. return -1;
  309. }
  310. if (n_v1 == 0 || n_v2 == 0) {
  311. ERR_raise(ERR_LIB_ESS, ESS_R_EMPTY_ESS_CERT_ID_LIST);
  312. return -1;
  313. }
  314. /* If both ss and ssv2 exist, as required evaluate them independently. */
  315. for (i = 0; i < n_v1; i++) {
  316. ret = find(sk_ESS_CERT_ID_value(ss->cert_ids, i), NULL, i, chain);
  317. if (ret <= 0)
  318. return ret;
  319. }
  320. for (i = 0; i < n_v2; i++) {
  321. ret = find(NULL, sk_ESS_CERT_ID_V2_value(ssv2->cert_ids, i), i, chain);
  322. if (ret <= 0)
  323. return ret;
  324. }
  325. return 1;
  326. }