VirtualBox

source: vbox/trunk/src/libs/openssl-3.3.2/crypto/cmp/cmp_hdr.c@ 108669

Last change on this file since 108669 was 108206, checked in by vboxsync, 3 months ago

openssl-3.3.2: Exported all files to OSE and removed .scm-settings ​bugref:10757
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 10.9 KB
Line 
1/*
2 * Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
5 *
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 */
11
12/* CMP functions for PKIHeader handling */
13
14#include "cmp_local.h"
15
16#include <openssl/rand.h>
17
18/* explicit #includes not strictly needed since implied by the above: */
19#include <openssl/asn1t.h>
20#include <openssl/cmp.h>
21#include <openssl/err.h>
22
23int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno)
24{
25 if (!ossl_assert(hdr != NULL))
26 return 0;
27 return ASN1_INTEGER_set(hdr->pvno, pvno);
28}
29
30int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr)
31{
32 int64_t pvno;
33
34 if (!ossl_assert(hdr != NULL))
35 return -1;
36 if (!ASN1_INTEGER_get_int64(&pvno, hdr->pvno) || pvno < 0 || pvno > INT_MAX)
37 return -1;
38 return (int)pvno;
39}
40
41int ossl_cmp_hdr_get_protection_nid(const OSSL_CMP_PKIHEADER *hdr)
42{
43 if (!ossl_assert(hdr != NULL)
44 || hdr->protectionAlg == NULL)
45 return NID_undef;
46 return OBJ_obj2nid(hdr->protectionAlg->algorithm);
47}
48
49ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const
50 OSSL_CMP_PKIHEADER *hdr)
51{
52 if (hdr == NULL) {
53 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
54 return NULL;
55 }
56 return hdr->transactionID;
57}
58
59ASN1_OCTET_STRING *ossl_cmp_hdr_get0_senderNonce(const OSSL_CMP_PKIHEADER *hdr)
60{
61 if (!ossl_assert(hdr != NULL))
62 return NULL;
63 return hdr->senderNonce;
64}
65
66ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr)
67{
68 if (hdr == NULL) {
69 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
70 return NULL;
71 }
72 return hdr->recipNonce;
73}
74
75STACK_OF(OSSL_CMP_ITAV)
76 *OSSL_CMP_HDR_get0_geninfo_ITAVs(const OSSL_CMP_PKIHEADER *hdr)
77{
78 if (hdr == NULL) {
79 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
80 return NULL;
81 }
82 return hdr->generalInfo;
83}
84
85/* a NULL-DN as an empty sequence of RDNs */
86int ossl_cmp_general_name_is_NULL_DN(GENERAL_NAME *name)
87{
88 return name == NULL
89 || (name->type == GEN_DIRNAME && IS_NULL_DN(name->d.directoryName));
90}
91
92/* assign to *tgt a copy of src (which may be NULL to indicate an empty DN) */
93static int set1_general_name(GENERAL_NAME **tgt, const X509_NAME *src)
94{
95 GENERAL_NAME *name;
96
97 if (!ossl_assert(tgt != NULL))
98 return 0;
99 if ((name = GENERAL_NAME_new()) == NULL)
100 goto err;
101 name->type = GEN_DIRNAME;
102
103 if (src == NULL) { /* NULL-DN */
104 if ((name->d.directoryName = X509_NAME_new()) == NULL)
105 goto err;
106 } else if (!X509_NAME_set(&name->d.directoryName, src)) {
107 goto err;
108 }
109
110 GENERAL_NAME_free(*tgt);
111 *tgt = name;
112
113 return 1;
114
115 err:
116 GENERAL_NAME_free(name);
117 return 0;
118}
119
120/*
121 * Set the sender name in PKIHeader.
122 * when nm is NULL, sender is set to an empty string
123 * returns 1 on success, 0 on error
124 */
125int ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm)
126{
127 if (!ossl_assert(hdr != NULL))
128 return 0;
129 return set1_general_name(&hdr->sender, nm);
130}
131
132int ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm)
133{
134 if (!ossl_assert(hdr != NULL))
135 return 0;
136 return set1_general_name(&hdr->recipient, nm);
137}
138
139int ossl_cmp_hdr_update_messageTime(OSSL_CMP_PKIHEADER *hdr)
140{
141 if (!ossl_assert(hdr != NULL))
142 return 0;
143 if (hdr->messageTime == NULL
144 && (hdr->messageTime = ASN1_GENERALIZEDTIME_new()) == NULL)
145 return 0;
146 return ASN1_GENERALIZEDTIME_set(hdr->messageTime, time(NULL)) != NULL;
147}
148
149/* assign to *tgt a random byte array of given length */
150static int set_random(ASN1_OCTET_STRING **tgt, OSSL_CMP_CTX *ctx, size_t len)
151{
152 unsigned char *bytes = OPENSSL_malloc(len);
153 int res = 0;
154
155 if (bytes == NULL || RAND_bytes_ex(ctx->libctx, bytes, len, 0) <= 0)
156 ERR_raise(ERR_LIB_CMP, CMP_R_FAILURE_OBTAINING_RANDOM);
157 else
158 res = ossl_cmp_asn1_octet_string_set1_bytes(tgt, bytes, len);
159 OPENSSL_free(bytes);
160 return res;
161}
162
163int ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER *hdr,
164 const ASN1_OCTET_STRING *senderKID)
165{
166 if (!ossl_assert(hdr != NULL))
167 return 0;
168 return ossl_cmp_asn1_octet_string_set1(&hdr->senderKID, senderKID);
169}
170
171/* push the given text string to the given PKIFREETEXT ft */
172int ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER *hdr, ASN1_UTF8STRING *text)
173{
174 if (!ossl_assert(hdr != NULL && text != NULL))
175 return 0;
176
177 if (hdr->freeText == NULL
178 && (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL)
179 return 0;
180
181 return sk_ASN1_UTF8STRING_push(hdr->freeText, text);
182}
183
184int ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER *hdr, ASN1_UTF8STRING *text)
185{
186 if (!ossl_assert(hdr != NULL && text != NULL))
187 return 0;
188
189 if (hdr->freeText == NULL
190 && (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL)
191 return 0;
192
193 return
194 ossl_cmp_sk_ASN1_UTF8STRING_push_str(hdr->freeText, (char *)text->data,
195 text->length);
196}
197
198int ossl_cmp_hdr_generalInfo_push0_item(OSSL_CMP_PKIHEADER *hdr,
199 OSSL_CMP_ITAV *itav)
200{
201 if (!ossl_assert(hdr != NULL && itav != NULL))
202 return 0;
203 return OSSL_CMP_ITAV_push0_stack_item(&hdr->generalInfo, itav);
204}
205
206int ossl_cmp_hdr_generalInfo_push1_items(OSSL_CMP_PKIHEADER *hdr,
207 const STACK_OF(OSSL_CMP_ITAV) *itavs)
208{
209 int i;
210 OSSL_CMP_ITAV *itav;
211
212 if (!ossl_assert(hdr != NULL))
213 return 0;
214
215 for (i = 0; i < sk_OSSL_CMP_ITAV_num(itavs); i++) {
216 itav = OSSL_CMP_ITAV_dup(sk_OSSL_CMP_ITAV_value(itavs, i));
217 if (itav == NULL)
218 return 0;
219
220 if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav)) {
221 OSSL_CMP_ITAV_free(itav);
222 return 0;
223 }
224 }
225 return 1;
226}
227
228int ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER *hdr)
229{
230 OSSL_CMP_ITAV *itav;
231 ASN1_TYPE *asn1null;
232
233 if (!ossl_assert(hdr != NULL))
234 return 0;
235 asn1null = (ASN1_TYPE *)ASN1_NULL_new();
236 if (asn1null == NULL)
237 return 0;
238 if ((itav = OSSL_CMP_ITAV_create(OBJ_nid2obj(NID_id_it_implicitConfirm),
239 asn1null)) == NULL)
240 goto err;
241 if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav))
242 goto err;
243 return 1;
244
245 err:
246 ASN1_TYPE_free(asn1null);
247 OSSL_CMP_ITAV_free(itav);
248 return 0;
249}
250
251/* return 1 if implicitConfirm in the generalInfo field of the header is set */
252int ossl_cmp_hdr_has_implicitConfirm(const OSSL_CMP_PKIHEADER *hdr)
253{
254 int itavCount;
255 int i;
256 OSSL_CMP_ITAV *itav;
257
258 if (!ossl_assert(hdr != NULL))
259 return 0;
260
261 itavCount = sk_OSSL_CMP_ITAV_num(hdr->generalInfo);
262 for (i = 0; i < itavCount; i++) {
263 itav = sk_OSSL_CMP_ITAV_value(hdr->generalInfo, i);
264 if (itav != NULL
265 && OBJ_obj2nid(itav->infoType) == NID_id_it_implicitConfirm)
266 return 1;
267 }
268
269 return 0;
270}
271
272/*
273 * set ctx->transactionID in CMP header
274 * if ctx->transactionID is NULL, a random one is created with 128 bit
275 * according to section 5.1.1:
276 *
277 * It is RECOMMENDED that the clients fill the transactionID field with
278 * 128 bits of (pseudo-) random data for the start of a transaction to
279 * reduce the probability of having the transactionID in use at the server.
280 */
281int ossl_cmp_hdr_set_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr)
282{
283 if (ctx->transactionID == NULL) {
284 char *tid;
285
286 if (!set_random(&ctx->transactionID, ctx,
287 OSSL_CMP_TRANSACTIONID_LENGTH))
288 return 0;
289 tid = i2s_ASN1_OCTET_STRING(NULL, ctx->transactionID);
290 if (tid != NULL)
291 ossl_cmp_log1(DEBUG, ctx,
292 "Starting new transaction with ID=%s", tid);
293 OPENSSL_free(tid);
294 }
295
296 return ossl_cmp_asn1_octet_string_set1(&hdr->transactionID,
297 ctx->transactionID);
298}
299
300/* fill in all fields of the hdr according to the info given in ctx */
301int ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr)
302{
303 const X509_NAME *sender;
304 const X509_NAME *rcp = NULL;
305
306 if (!ossl_assert(ctx != NULL && hdr != NULL))
307 return 0;
308
309 /* set the CMP version */
310 if (!ossl_cmp_hdr_set_pvno(hdr, OSSL_CMP_PVNO))
311 return 0;
312
313 /*
314 * If no protection cert nor oldCert nor CSR nor subject is given,
315 * sender name is not known to the client and thus set to NULL-DN
316 */
317 sender = ctx->cert != NULL ? X509_get_subject_name(ctx->cert) :
318 ctx->oldCert != NULL ? X509_get_subject_name(ctx->oldCert) :
319 ctx->p10CSR != NULL ? X509_REQ_get_subject_name(ctx->p10CSR) :
320 ctx->subjectName;
321 if (!ossl_cmp_hdr_set1_sender(hdr, sender))
322 return 0;
323
324 /* determine recipient entry in PKIHeader */
325 if (ctx->recipient != NULL)
326 rcp = ctx->recipient;
327 else if (ctx->srvCert != NULL)
328 rcp = X509_get_subject_name(ctx->srvCert);
329 else if (ctx->issuer != NULL)
330 rcp = ctx->issuer;
331 else if (ctx->oldCert != NULL)
332 rcp = X509_get_issuer_name(ctx->oldCert);
333 else if (ctx->cert != NULL)
334 rcp = X509_get_issuer_name(ctx->cert);
335 if (!ossl_cmp_hdr_set1_recipient(hdr, rcp))
336 return 0;
337
338 /* set current time as message time */
339 if (!ossl_cmp_hdr_update_messageTime(hdr))
340 return 0;
341
342 if (ctx->recipNonce != NULL
343 && !ossl_cmp_asn1_octet_string_set1(&hdr->recipNonce,
344 ctx->recipNonce))
345 return 0;
346
347 if (!ossl_cmp_hdr_set_transactionID(ctx, hdr))
348 return 0;
349
350 /*-
351 * set random senderNonce
352 * according to section 5.1.1:
353 *
354 * senderNonce present
355 * -- 128 (pseudo-)random bits
356 * The senderNonce and recipNonce fields protect the PKIMessage against
357 * replay attacks. The senderNonce will typically be 128 bits of
358 * (pseudo-) random data generated by the sender, whereas the recipNonce
359 * is copied from the senderNonce of the previous message in the
360 * transaction.
361 */
362 if (!set_random(&hdr->senderNonce, ctx, OSSL_CMP_SENDERNONCE_LENGTH))
363 return 0;
364
365 /* store senderNonce - for cmp with recipNonce in next outgoing msg */
366 if (!OSSL_CMP_CTX_set1_senderNonce(ctx, hdr->senderNonce))
367 return 0;
368
369 /*-
370 * freeText [7] PKIFreeText OPTIONAL,
371 * -- this may be used to indicate context-specific instructions
372 * -- (this field is intended for human consumption)
373 */
374 if (ctx->freeText != NULL
375 && !ossl_cmp_hdr_push1_freeText(hdr, ctx->freeText))
376 return 0;
377
378 return 1;
379}
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette