123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699 |
- /*-
- * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
- * Copyright Nokia 2007-2018
- * Copyright Siemens AG 2015-2019
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
- * in the file LICENSE in the source distribution or at
- * https://www.openssl.org/source/license.html
- *
- * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
- */
- /*
- * This file contains the functions that handle the individual items inside
- * the CRMF structures
- */
- /*
- * NAMING
- *
- * The 0 functions use the supplied structure pointer directly in the parent and
- * it will be freed up when the parent is freed.
- *
- * The 1 functions use a copy of the supplied structure pointer (or in some
- * cases increases its link count) in the parent and so both should be freed up.
- */
- #include <openssl/asn1t.h>
- #include "crmf_local.h"
- #include "internal/constant_time.h"
- /* explicit #includes not strictly needed since implied by the above: */
- #include <openssl/crmf.h>
- #include <openssl/err.h>
- #include <openssl/evp.h>
- DEFINE_STACK_OF(X509_EXTENSION)
- DEFINE_STACK_OF(OSSL_CRMF_MSG)
- /*-
- * atyp = Attribute Type
- * valt = Value Type
- * ctrlinf = "regCtrl" or "regInfo"
- */
- #define IMPLEMENT_CRMF_CTRL_FUNC(atyp, valt, ctrlinf) \
- int OSSL_CRMF_MSG_set1_##ctrlinf##_##atyp(OSSL_CRMF_MSG *msg, \
- const valt *in) \
- { \
- OSSL_CRMF_ATTRIBUTETYPEANDVALUE *atav = NULL; \
- \
- if (msg == NULL || in == NULL) \
- goto err; \
- if ((atav = OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new()) == NULL) \
- goto err; \
- if ((atav->type = OBJ_nid2obj(NID_id_##ctrlinf##_##atyp)) == NULL) \
- goto err; \
- if ((atav->value.atyp = valt##_dup(in)) == NULL) \
- goto err; \
- if (!OSSL_CRMF_MSG_push0_##ctrlinf(msg, atav)) \
- goto err; \
- return 1; \
- err: \
- OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(atav); \
- return 0; \
- }
- /*-
- * Pushes the given control attribute into the controls stack of a CertRequest
- * (section 6)
- * returns 1 on success, 0 on error
- */
- static int OSSL_CRMF_MSG_push0_regCtrl(OSSL_CRMF_MSG *crm,
- OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ctrl)
- {
- int new = 0;
- if (crm == NULL || crm->certReq == NULL || ctrl == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGCTRL, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (crm->certReq->controls == NULL) {
- crm->certReq->controls = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null();
- if (crm->certReq->controls == NULL)
- goto err;
- new = 1;
- }
- if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->certReq->controls, ctrl))
- goto err;
- return 1;
- err:
- if (new != 0) {
- sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(crm->certReq->controls);
- crm->certReq->controls = NULL;
- }
- return 0;
- }
- /* id-regCtrl-regToken Control (section 6.1) */
- IMPLEMENT_CRMF_CTRL_FUNC(regToken, ASN1_STRING, regCtrl)
- /* id-regCtrl-authenticator Control (section 6.2) */
- #define ASN1_UTF8STRING_dup ASN1_STRING_dup
- IMPLEMENT_CRMF_CTRL_FUNC(authenticator, ASN1_UTF8STRING, regCtrl)
- int OSSL_CRMF_MSG_set0_SinglePubInfo(OSSL_CRMF_SINGLEPUBINFO *spi,
- int method, GENERAL_NAME *nm)
- {
- if (spi == NULL
- || method < OSSL_CRMF_PUB_METHOD_DONTCARE
- || method > OSSL_CRMF_PUB_METHOD_LDAP) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_SINGLEPUBINFO,
- ERR_R_PASSED_INVALID_ARGUMENT);
- return 0;
- }
- if (!ASN1_INTEGER_set(spi->pubMethod, method))
- return 0;
- GENERAL_NAME_free(spi->pubLocation);
- spi->pubLocation = nm;
- return 1;
- }
- int
- OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
- OSSL_CRMF_SINGLEPUBINFO *spi)
- {
- if (pi == NULL || spi == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_PKIPUBLICATIONINFO_PUSH0_SINGLEPUBINFO,
- CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (pi->pubInfos == NULL)
- pi->pubInfos = sk_OSSL_CRMF_SINGLEPUBINFO_new_null();
- if (pi->pubInfos == NULL)
- return 0;
- return sk_OSSL_CRMF_SINGLEPUBINFO_push(pi->pubInfos, spi);
- }
- int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(OSSL_CRMF_PKIPUBLICATIONINFO *pi,
- int action)
- {
- if (pi == NULL
- || action < OSSL_CRMF_PUB_ACTION_DONTPUBLISH
- || action > OSSL_CRMF_PUB_ACTION_PLEASEPUBLISH) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_PKIPUBLICATIONINFO_ACTION,
- ERR_R_PASSED_INVALID_ARGUMENT);
- return 0;
- }
- return ASN1_INTEGER_set(pi->action, action);
- }
- /* id-regCtrl-pkiPublicationInfo Control (section 6.3) */
- IMPLEMENT_CRMF_CTRL_FUNC(pkiPublicationInfo, OSSL_CRMF_PKIPUBLICATIONINFO,
- regCtrl)
- /* id-regCtrl-oldCertID Control (section 6.5) from the given */
- IMPLEMENT_CRMF_CTRL_FUNC(oldCertID, OSSL_CRMF_CERTID, regCtrl)
- OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
- const ASN1_INTEGER *serial)
- {
- OSSL_CRMF_CERTID *cid = NULL;
- if (issuer == NULL || serial == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_CERTID_GEN, CRMF_R_NULL_ARGUMENT);
- return NULL;
- }
- if ((cid = OSSL_CRMF_CERTID_new()) == NULL)
- goto err;
- if (!X509_NAME_set(&cid->issuer->d.directoryName, issuer))
- goto err;
- cid->issuer->type = GEN_DIRNAME;
- ASN1_INTEGER_free(cid->serialNumber);
- if ((cid->serialNumber = ASN1_INTEGER_dup(serial)) == NULL)
- goto err;
- return cid;
- err:
- OSSL_CRMF_CERTID_free(cid);
- return NULL;
- }
- /*
- * id-regCtrl-protocolEncrKey Control (section 6.6)
- */
- IMPLEMENT_CRMF_CTRL_FUNC(protocolEncrKey, X509_PUBKEY, regCtrl)
- /*-
- * Pushes the attribute given in regInfo in to the CertReqMsg->regInfo stack.
- * (section 7)
- * returns 1 on success, 0 on error
- */
- static int OSSL_CRMF_MSG_push0_regInfo(OSSL_CRMF_MSG *crm,
- OSSL_CRMF_ATTRIBUTETYPEANDVALUE *ri)
- {
- STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *info = NULL;
- if (crm == NULL || ri == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_REGINFO, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (crm->regInfo == NULL)
- crm->regInfo = info = sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_new_null();
- if (crm->regInfo == NULL)
- goto err;
- if (!sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_push(crm->regInfo, ri))
- goto err;
- return 1;
- err:
- if (info != NULL)
- crm->regInfo = NULL;
- sk_OSSL_CRMF_ATTRIBUTETYPEANDVALUE_free(info);
- return 0;
- }
- /* id-regInfo-utf8Pairs to regInfo (section 7.1) */
- IMPLEMENT_CRMF_CTRL_FUNC(utf8Pairs, ASN1_UTF8STRING, regInfo)
- /* id-regInfo-certReq to regInfo (section 7.2) */
- IMPLEMENT_CRMF_CTRL_FUNC(certReq, OSSL_CRMF_CERTREQUEST, regInfo)
- /* retrieves the certificate template of crm */
- OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm)
- {
- if (crm == NULL || crm->certReq == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET0_TMPL, CRMF_R_NULL_ARGUMENT);
- return NULL;
- }
- return crm->certReq->certTemplate;
- }
- int OSSL_CRMF_MSG_set0_validity(OSSL_CRMF_MSG *crm,
- ASN1_TIME *notBefore, ASN1_TIME *notAfter)
- {
- OSSL_CRMF_OPTIONALVALIDITY *vld;
- OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
- if (tmpl == NULL) { /* also crm == NULL implies this */
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_VALIDITY, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if ((vld = OSSL_CRMF_OPTIONALVALIDITY_new()) == NULL)
- return 0;
- vld->notBefore = notBefore;
- vld->notAfter = notAfter;
- tmpl->validity = vld;
- return 1;
- }
- int OSSL_CRMF_MSG_set_certReqId(OSSL_CRMF_MSG *crm, int rid)
- {
- if (crm == NULL || crm->certReq == NULL || crm->certReq->certReqId == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET_CERTREQID, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- return ASN1_INTEGER_set(crm->certReq->certReqId, rid);
- }
- /* get ASN.1 encoded integer, return -1 on error */
- static int crmf_asn1_get_int(const ASN1_INTEGER *a)
- {
- int64_t res;
- if (!ASN1_INTEGER_get_int64(&res, a)) {
- CRMFerr(0, ASN1_R_INVALID_NUMBER);
- return -1;
- }
- if (res < INT_MIN) {
- CRMFerr(0, ASN1_R_TOO_SMALL);
- return -1;
- }
- if (res > INT_MAX) {
- CRMFerr(0, ASN1_R_TOO_LARGE);
- return -1;
- }
- return (int)res;
- }
- int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm)
- {
- if (crm == NULL || /* not really needed: */ crm->certReq == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_GET_CERTREQID, CRMF_R_NULL_ARGUMENT);
- return -1;
- }
- return crmf_asn1_get_int(crm->certReq->certReqId);
- }
- int OSSL_CRMF_MSG_set0_extensions(OSSL_CRMF_MSG *crm,
- X509_EXTENSIONS *exts)
- {
- OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
- if (tmpl == NULL) { /* also crm == NULL implies this */
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_SET0_EXTENSIONS, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (sk_X509_EXTENSION_num(exts) == 0) {
- sk_X509_EXTENSION_free(exts);
- exts = NULL; /* do not include empty extensions list */
- }
- sk_X509_EXTENSION_pop_free(tmpl->extensions, X509_EXTENSION_free);
- tmpl->extensions = exts;
- return 1;
- }
- int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm,
- X509_EXTENSION *ext)
- {
- int new = 0;
- OSSL_CRMF_CERTTEMPLATE *tmpl = OSSL_CRMF_MSG_get0_tmpl(crm);
- if (tmpl == NULL || ext == NULL) { /* also crm == NULL implies this */
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_PUSH0_EXTENSION, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (tmpl->extensions == NULL) {
- if ((tmpl->extensions = sk_X509_EXTENSION_new_null()) == NULL)
- goto err;
- new = 1;
- }
- if (!sk_X509_EXTENSION_push(tmpl->extensions, ext))
- goto err;
- return 1;
- err:
- if (new != 0) {
- sk_X509_EXTENSION_free(tmpl->extensions);
- tmpl->extensions = NULL;
- }
- return 0;
- }
- /* TODO: support cases 1+2 (besides case 3) defined in RFC 4211, section 4.1. */
- static int CRMF_poposigningkey_init(OSSL_CRMF_POPOSIGNINGKEY *ps,
- OSSL_CRMF_CERTREQUEST *cr,
- EVP_PKEY *pkey, int dgst)
- {
- int ret = 0;
- EVP_MD *fetched_md = NULL;
- const EVP_MD *md = EVP_get_digestbynid(dgst);
- if (ps == NULL || cr == NULL || pkey == NULL) {
- CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- /* If we didn't find legacy MD, we try an implicit fetch */
- if (md == NULL)
- md = fetched_md = EVP_MD_fetch(NULL, OBJ_nid2sn(dgst), NULL);
- if (md == NULL) {
- CRMFerr(CRMF_F_CRMF_POPOSIGNINGKEY_INIT,
- CRMF_R_UNSUPPORTED_ALG_FOR_POPSIGNINGKEY);
- return 0;
- }
- ret = ASN1_item_sign(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
- ps->algorithmIdentifier, NULL, ps->signature,
- cr, pkey, md);
- EVP_MD_free(fetched_md);
- return ret;
- }
- int OSSL_CRMF_MSG_create_popo(OSSL_CRMF_MSG *crm, EVP_PKEY *pkey,
- int dgst, int ppmtd)
- {
- OSSL_CRMF_POPO *pp = NULL;
- ASN1_INTEGER *tag = NULL;
- if (crm == NULL || (ppmtd == OSSL_CRMF_POPO_SIGNATURE && pkey == NULL)) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (ppmtd == OSSL_CRMF_POPO_NONE)
- goto end;
- if ((pp = OSSL_CRMF_POPO_new()) == NULL)
- goto err;
- pp->type = ppmtd;
- switch (ppmtd) {
- case OSSL_CRMF_POPO_RAVERIFIED:
- if ((pp->value.raVerified = ASN1_NULL_new()) == NULL)
- goto err;
- break;
- case OSSL_CRMF_POPO_SIGNATURE:
- {
- OSSL_CRMF_POPOSIGNINGKEY *ps = OSSL_CRMF_POPOSIGNINGKEY_new();
- if (ps == NULL
- || !CRMF_poposigningkey_init(ps, crm->certReq, pkey, dgst)) {
- OSSL_CRMF_POPOSIGNINGKEY_free(ps);
- goto err;
- }
- pp->value.signature = ps;
- }
- break;
- case OSSL_CRMF_POPO_KEYENC:
- if ((pp->value.keyEncipherment = OSSL_CRMF_POPOPRIVKEY_new()) == NULL)
- goto err;
- tag = ASN1_INTEGER_new();
- pp->value.keyEncipherment->type =
- OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE;
- pp->value.keyEncipherment->value.subsequentMessage = tag;
- if (tag == NULL
- || !ASN1_INTEGER_set(tag, OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT))
- goto err;
- break;
- default:
- CRMFerr(CRMF_F_OSSL_CRMF_MSG_CREATE_POPO,
- CRMF_R_UNSUPPORTED_METHOD_FOR_CREATING_POPO);
- goto err;
- }
- end:
- OSSL_CRMF_POPO_free(crm->popo);
- crm->popo = pp;
- return 1;
- err:
- OSSL_CRMF_POPO_free(pp);
- return 0;
- }
- /* verifies the Proof-of-Possession of the request with the given rid in reqs */
- int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
- int rid, int acceptRAVerified)
- {
- OSSL_CRMF_MSG *req = NULL;
- X509_PUBKEY *pubkey = NULL;
- OSSL_CRMF_POPOSIGNINGKEY *sig = NULL;
- if (reqs == NULL || (req = sk_OSSL_CRMF_MSG_value(reqs, rid)) == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (req->popo == NULL) {
- CRMFerr(0, CRMF_R_POPO_MISSING);
- return 0;
- }
- switch (req->popo->type) {
- case OSSL_CRMF_POPO_RAVERIFIED:
- if (!acceptRAVerified) {
- CRMFerr(0, CRMF_R_POPO_RAVERIFIED_NOT_ACCEPTED);
- return 0;
- }
- break;
- case OSSL_CRMF_POPO_SIGNATURE:
- pubkey = req->certReq->certTemplate->publicKey;
- if (pubkey == NULL) {
- CRMFerr(0, CRMF_R_POPO_MISSING_PUBLIC_KEY);
- return 0;
- }
- sig = req->popo->value.signature;
- if (sig->poposkInput != NULL) {
- /*
- * According to RFC 4211: publicKey contains a copy of
- * the public key from the certificate template. This MUST be
- * exactly the same value as contained in the certificate template.
- */
- if (sig->poposkInput->publicKey == NULL) {
- CRMFerr(0, CRMF_R_POPO_MISSING_PUBLIC_KEY);
- return 0;
- }
- if (X509_PUBKEY_eq(pubkey, sig->poposkInput->publicKey) != 1) {
- CRMFerr(0, CRMF_R_POPO_INCONSISTENT_PUBLIC_KEY);
- return 0;
- }
- /*
- * TODO check the contents of the authInfo sub-field,
- * see RFC 4211 https://tools.ietf.org/html/rfc4211#section-4.1
- */
- if (ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_POPOSIGNINGKEYINPUT),
- sig->algorithmIdentifier, sig->signature,
- sig->poposkInput,
- X509_PUBKEY_get0(pubkey)) < 1)
- return 0;
- } else {
- if (req->certReq->certTemplate->subject == NULL) {
- CRMFerr(0, CRMF_R_POPO_MISSING_SUBJECT);
- return 0;
- }
- if (ASN1_item_verify(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
- sig->algorithmIdentifier, sig->signature,
- req->certReq, X509_PUBKEY_get0(pubkey)) < 1)
- return 0;
- }
- break;
- case OSSL_CRMF_POPO_KEYENC:
- /*
- * TODO: when OSSL_CMP_certrep_new() supports encrypted certs,
- * return 1 if the type of req->popo->value.keyEncipherment
- * is OSSL_CRMF_POPOPRIVKEY_SUBSEQUENTMESSAGE and
- * its value.subsequentMessage == OSSL_CRMF_SUBSEQUENTMESSAGE_ENCRCERT
- */
- case OSSL_CRMF_POPO_KEYAGREE:
- default:
- CRMFerr(CRMF_F_OSSL_CRMF_MSGS_VERIFY_POPO,
- CRMF_R_UNSUPPORTED_POPO_METHOD);
- return 0;
- }
- return 1;
- }
- /* retrieves the serialNumber of the given cert template or NULL on error */
- ASN1_INTEGER
- *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl)
- {
- return tmpl != NULL ? tmpl->serialNumber : NULL;
- }
- /* retrieves the issuer name of the given cert template or NULL on error */
- const X509_NAME
- *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl)
- {
- return tmpl != NULL ? tmpl->issuer : NULL;
- }
- /* retrieves the issuer name of the given CertId or NULL on error */
- const X509_NAME *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid)
- {
- return cid != NULL && cid->issuer->type == GEN_DIRNAME ?
- cid->issuer->d.directoryName : NULL;
- }
- /* retrieves the serialNumber of the given CertId or NULL on error */
- ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid)
- {
- return cid != NULL ? cid->serialNumber : NULL;
- }
- /*-
- * fill in certificate template.
- * Any value argument that is NULL will leave the respective field unchanged.
- */
- int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl,
- EVP_PKEY *pubkey,
- const X509_NAME *subject,
- const X509_NAME *issuer,
- const ASN1_INTEGER *serial)
- {
- if (tmpl == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_CERTTEMPLATE_FILL, CRMF_R_NULL_ARGUMENT);
- return 0;
- }
- if (subject != NULL && !X509_NAME_set((X509_NAME **)&tmpl->subject, subject))
- return 0;
- if (issuer != NULL && !X509_NAME_set((X509_NAME **)&tmpl->issuer, issuer))
- return 0;
- if (serial != NULL) {
- ASN1_INTEGER_free(tmpl->serialNumber);
- if ((tmpl->serialNumber = ASN1_INTEGER_dup(serial)) == NULL)
- return 0;
- }
- if (pubkey != NULL && !X509_PUBKEY_set(&tmpl->publicKey, pubkey))
- return 0;
- return 1;
- }
- /*-
- * Decrypts the certificate in the given encryptedValue using private key pkey.
- * This is needed for the indirect PoP method as in RFC 4210 section 5.2.8.2.
- *
- * returns a pointer to the decrypted certificate
- * returns NULL on error or if no certificate available
- */
- X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert,
- EVP_PKEY *pkey)
- {
- X509 *cert = NULL; /* decrypted certificate */
- EVP_CIPHER_CTX *evp_ctx = NULL; /* context for symmetric encryption */
- unsigned char *ek = NULL; /* decrypted symmetric encryption key */
- size_t eksize = 0; /* size of decrypted symmetric encryption key */
- const EVP_CIPHER *cipher = NULL; /* used cipher */
- int cikeysize = 0; /* key size from cipher */
- unsigned char *iv = NULL; /* initial vector for symmetric encryption */
- unsigned char *outbuf = NULL; /* decryption output buffer */
- const unsigned char *p = NULL; /* needed for decoding ASN1 */
- int symmAlg = 0; /* NIDs for symmetric algorithm */
- int n, outlen = 0;
- EVP_PKEY_CTX *pkctx = NULL; /* private key context */
- if (ecert == NULL || ecert->symmAlg == NULL || ecert->encSymmKey == NULL
- || ecert->encValue == NULL || pkey == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
- CRMF_R_NULL_ARGUMENT);
- return NULL;
- }
- if ((symmAlg = OBJ_obj2nid(ecert->symmAlg->algorithm)) == 0) {
- CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
- CRMF_R_UNSUPPORTED_CIPHER);
- return NULL;
- }
- /* select symmetric cipher based on algorithm given in message */
- if ((cipher = EVP_get_cipherbynid(symmAlg)) == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
- CRMF_R_UNSUPPORTED_CIPHER);
- goto end;
- }
- cikeysize = EVP_CIPHER_key_length(cipher);
- /* first the symmetric key needs to be decrypted */
- pkctx = EVP_PKEY_CTX_new(pkey, NULL);
- if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx)) {
- ASN1_BIT_STRING *encKey = ecert->encSymmKey;
- size_t failure;
- int retval;
- if (EVP_PKEY_decrypt(pkctx, NULL, &eksize,
- encKey->data, encKey->length) <= 0
- || (ek = OPENSSL_malloc(eksize)) == NULL)
- goto end;
- retval = EVP_PKEY_decrypt(pkctx, ek, &eksize,
- encKey->data, encKey->length);
- ERR_clear_error(); /* error state may have sensitive information */
- failure = ~constant_time_is_zero_s(constant_time_msb(retval)
- | constant_time_is_zero(retval));
- failure |= ~constant_time_eq_s(eksize, (size_t)cikeysize);
- if (failure) {
- CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
- CRMF_R_ERROR_DECRYPTING_SYMMETRIC_KEY);
- goto end;
- }
- } else {
- goto end;
- }
- if ((iv = OPENSSL_malloc(EVP_CIPHER_iv_length(cipher))) == NULL)
- goto end;
- if (ASN1_TYPE_get_octetstring(ecert->symmAlg->parameter, iv,
- EVP_CIPHER_iv_length(cipher))
- != EVP_CIPHER_iv_length(cipher)) {
- CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
- CRMF_R_MALFORMED_IV);
- goto end;
- }
- /*
- * d2i_X509 changes the given pointer, so use p for decoding the message and
- * keep the original pointer in outbuf so the memory can be freed later
- */
- if ((p = outbuf = OPENSSL_malloc(ecert->encValue->length +
- EVP_CIPHER_block_size(cipher))) == NULL
- || (evp_ctx = EVP_CIPHER_CTX_new()) == NULL)
- goto end;
- EVP_CIPHER_CTX_set_padding(evp_ctx, 0);
- if (!EVP_DecryptInit(evp_ctx, cipher, ek, iv)
- || !EVP_DecryptUpdate(evp_ctx, outbuf, &outlen,
- ecert->encValue->data,
- ecert->encValue->length)
- || !EVP_DecryptFinal(evp_ctx, outbuf + outlen, &n)) {
- CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
- CRMF_R_ERROR_DECRYPTING_CERTIFICATE);
- goto end;
- }
- outlen += n;
- /* convert decrypted certificate from DER to internal ASN.1 structure */
- if ((cert = d2i_X509(NULL, &p, outlen)) == NULL) {
- CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
- CRMF_R_ERROR_DECODING_CERTIFICATE);
- }
- end:
- EVP_PKEY_CTX_free(pkctx);
- OPENSSL_free(outbuf);
- EVP_CIPHER_CTX_free(evp_ctx);
- OPENSSL_clear_free(ek, eksize);
- OPENSSL_free(iv);
- return cert;
- }
|