ts_rsp_sign.c revision 296341
1/* crypto/ts/ts_resp_sign.c */ 2/* 3 * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project 4 * 2002. 5 */ 6/* ==================================================================== 7 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59 60#include "cryptlib.h" 61 62#if defined(OPENSSL_SYS_UNIX) 63# include <sys/time.h> 64#endif 65 66#include <openssl/objects.h> 67#include <openssl/ts.h> 68#include <openssl/pkcs7.h> 69 70/* Private function declarations. */ 71 72static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *); 73static int def_time_cb(struct TS_resp_ctx *, void *, long *sec, long *usec); 74static int def_extension_cb(struct TS_resp_ctx *, X509_EXTENSION *, void *); 75 76static void TS_RESP_CTX_init(TS_RESP_CTX *ctx); 77static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx); 78static int TS_RESP_check_request(TS_RESP_CTX *ctx); 79static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx); 80static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx, 81 ASN1_OBJECT *policy); 82static int TS_RESP_process_extensions(TS_RESP_CTX *ctx); 83static int TS_RESP_sign(TS_RESP_CTX *ctx); 84 85static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert, 86 STACK_OF(X509) *certs); 87static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed); 88static int TS_TST_INFO_content_new(PKCS7 *p7); 89static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc); 90 91static ASN1_GENERALIZEDTIME 92*TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *, long, long, 93 unsigned); 94 95/* Default callbacks for response generation. */ 96 97static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *ctx, void *data) 98{ 99 ASN1_INTEGER *serial = ASN1_INTEGER_new(); 100 if (!serial) 101 goto err; 102 if (!ASN1_INTEGER_set(serial, 1)) 103 goto err; 104 return serial; 105 err: 106 TSerr(TS_F_DEF_SERIAL_CB, ERR_R_MALLOC_FAILURE); 107 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 108 "Error during serial number generation."); 109 return NULL; 110} 111 112#if defined(OPENSSL_SYS_UNIX) 113 114/* Use the gettimeofday function call. */ 115static int def_time_cb(struct TS_resp_ctx *ctx, void *data, 116 long *sec, long *usec) 117{ 118 struct timeval tv; 119 if (gettimeofday(&tv, NULL) != 0) { 120 TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR); 121 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 122 "Time is not available."); 123 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE); 124 return 0; 125 } 126 /* Return time to caller. */ 127 *sec = tv.tv_sec; 128 *usec = tv.tv_usec; 129 130 return 1; 131} 132 133#else 134 135/* Use the time function call that provides only seconds precision. */ 136static int def_time_cb(struct TS_resp_ctx *ctx, void *data, 137 long *sec, long *usec) 138{ 139 time_t t; 140 if (time(&t) == (time_t)-1) { 141 TSerr(TS_F_DEF_TIME_CB, TS_R_TIME_SYSCALL_ERROR); 142 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 143 "Time is not available."); 144 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_TIME_NOT_AVAILABLE); 145 return 0; 146 } 147 /* Return time to caller, only second precision. */ 148 *sec = (long)t; 149 *usec = 0; 150 151 return 1; 152} 153 154#endif 155 156static int def_extension_cb(struct TS_resp_ctx *ctx, X509_EXTENSION *ext, 157 void *data) 158{ 159 /* No extensions are processed here. */ 160 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 161 "Unsupported extension."); 162 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_EXTENSION); 163 return 0; 164} 165 166/* TS_RESP_CTX management functions. */ 167 168TS_RESP_CTX *TS_RESP_CTX_new() 169{ 170 TS_RESP_CTX *ctx; 171 172 if (!(ctx = (TS_RESP_CTX *)OPENSSL_malloc(sizeof(TS_RESP_CTX)))) { 173 TSerr(TS_F_TS_RESP_CTX_NEW, ERR_R_MALLOC_FAILURE); 174 return NULL; 175 } 176 memset(ctx, 0, sizeof(TS_RESP_CTX)); 177 178 /* Setting default callbacks. */ 179 ctx->serial_cb = def_serial_cb; 180 ctx->time_cb = def_time_cb; 181 ctx->extension_cb = def_extension_cb; 182 183 return ctx; 184} 185 186void TS_RESP_CTX_free(TS_RESP_CTX *ctx) 187{ 188 if (!ctx) 189 return; 190 191 X509_free(ctx->signer_cert); 192 EVP_PKEY_free(ctx->signer_key); 193 sk_X509_pop_free(ctx->certs, X509_free); 194 sk_ASN1_OBJECT_pop_free(ctx->policies, ASN1_OBJECT_free); 195 ASN1_OBJECT_free(ctx->default_policy); 196 sk_EVP_MD_free(ctx->mds); /* No EVP_MD_free method exists. */ 197 ASN1_INTEGER_free(ctx->seconds); 198 ASN1_INTEGER_free(ctx->millis); 199 ASN1_INTEGER_free(ctx->micros); 200 OPENSSL_free(ctx); 201} 202 203int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer) 204{ 205 if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1) { 206 TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT, 207 TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE); 208 return 0; 209 } 210 if (ctx->signer_cert) 211 X509_free(ctx->signer_cert); 212 ctx->signer_cert = signer; 213 CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509); 214 return 1; 215} 216 217int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key) 218{ 219 if (ctx->signer_key) 220 EVP_PKEY_free(ctx->signer_key); 221 ctx->signer_key = key; 222 CRYPTO_add(&ctx->signer_key->references, +1, CRYPTO_LOCK_EVP_PKEY); 223 224 return 1; 225} 226 227int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy) 228{ 229 if (ctx->default_policy) 230 ASN1_OBJECT_free(ctx->default_policy); 231 if (!(ctx->default_policy = OBJ_dup(def_policy))) 232 goto err; 233 return 1; 234 err: 235 TSerr(TS_F_TS_RESP_CTX_SET_DEF_POLICY, ERR_R_MALLOC_FAILURE); 236 return 0; 237} 238 239int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs) 240{ 241 int i; 242 243 if (ctx->certs) { 244 sk_X509_pop_free(ctx->certs, X509_free); 245 ctx->certs = NULL; 246 } 247 if (!certs) 248 return 1; 249 if (!(ctx->certs = sk_X509_dup(certs))) { 250 TSerr(TS_F_TS_RESP_CTX_SET_CERTS, ERR_R_MALLOC_FAILURE); 251 return 0; 252 } 253 for (i = 0; i < sk_X509_num(ctx->certs); ++i) { 254 X509 *cert = sk_X509_value(ctx->certs, i); 255 CRYPTO_add(&cert->references, +1, CRYPTO_LOCK_X509); 256 } 257 258 return 1; 259} 260 261int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy) 262{ 263 ASN1_OBJECT *copy = NULL; 264 265 /* Create new policy stack if necessary. */ 266 if (!ctx->policies && !(ctx->policies = sk_ASN1_OBJECT_new_null())) 267 goto err; 268 if (!(copy = OBJ_dup(policy))) 269 goto err; 270 if (!sk_ASN1_OBJECT_push(ctx->policies, copy)) 271 goto err; 272 273 return 1; 274 err: 275 TSerr(TS_F_TS_RESP_CTX_ADD_POLICY, ERR_R_MALLOC_FAILURE); 276 ASN1_OBJECT_free(copy); 277 return 0; 278} 279 280int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md) 281{ 282 /* Create new md stack if necessary. */ 283 if (!ctx->mds && !(ctx->mds = sk_EVP_MD_new_null())) 284 goto err; 285 /* Add the shared md, no copy needed. */ 286 if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md)) 287 goto err; 288 289 return 1; 290 err: 291 TSerr(TS_F_TS_RESP_CTX_ADD_MD, ERR_R_MALLOC_FAILURE); 292 return 0; 293} 294 295#define TS_RESP_CTX_accuracy_free(ctx) \ 296 ASN1_INTEGER_free(ctx->seconds); \ 297 ctx->seconds = NULL; \ 298 ASN1_INTEGER_free(ctx->millis); \ 299 ctx->millis = NULL; \ 300 ASN1_INTEGER_free(ctx->micros); \ 301 ctx->micros = NULL; 302 303int TS_RESP_CTX_set_accuracy(TS_RESP_CTX *ctx, 304 int secs, int millis, int micros) 305{ 306 307 TS_RESP_CTX_accuracy_free(ctx); 308 if (secs && (!(ctx->seconds = ASN1_INTEGER_new()) 309 || !ASN1_INTEGER_set(ctx->seconds, secs))) 310 goto err; 311 if (millis && (!(ctx->millis = ASN1_INTEGER_new()) 312 || !ASN1_INTEGER_set(ctx->millis, millis))) 313 goto err; 314 if (micros && (!(ctx->micros = ASN1_INTEGER_new()) 315 || !ASN1_INTEGER_set(ctx->micros, micros))) 316 goto err; 317 318 return 1; 319 err: 320 TS_RESP_CTX_accuracy_free(ctx); 321 TSerr(TS_F_TS_RESP_CTX_SET_ACCURACY, ERR_R_MALLOC_FAILURE); 322 return 0; 323} 324 325void TS_RESP_CTX_add_flags(TS_RESP_CTX *ctx, int flags) 326{ 327 ctx->flags |= flags; 328} 329 330void TS_RESP_CTX_set_serial_cb(TS_RESP_CTX *ctx, TS_serial_cb cb, void *data) 331{ 332 ctx->serial_cb = cb; 333 ctx->serial_cb_data = data; 334} 335 336void TS_RESP_CTX_set_time_cb(TS_RESP_CTX *ctx, TS_time_cb cb, void *data) 337{ 338 ctx->time_cb = cb; 339 ctx->time_cb_data = data; 340} 341 342void TS_RESP_CTX_set_extension_cb(TS_RESP_CTX *ctx, 343 TS_extension_cb cb, void *data) 344{ 345 ctx->extension_cb = cb; 346 ctx->extension_cb_data = data; 347} 348 349int TS_RESP_CTX_set_status_info(TS_RESP_CTX *ctx, 350 int status, const char *text) 351{ 352 TS_STATUS_INFO *si = NULL; 353 ASN1_UTF8STRING *utf8_text = NULL; 354 int ret = 0; 355 356 if (!(si = TS_STATUS_INFO_new())) 357 goto err; 358 if (!ASN1_INTEGER_set(si->status, status)) 359 goto err; 360 if (text) { 361 if (!(utf8_text = ASN1_UTF8STRING_new()) 362 || !ASN1_STRING_set(utf8_text, text, strlen(text))) 363 goto err; 364 if (!si->text && !(si->text = sk_ASN1_UTF8STRING_new_null())) 365 goto err; 366 if (!sk_ASN1_UTF8STRING_push(si->text, utf8_text)) 367 goto err; 368 utf8_text = NULL; /* Ownership is lost. */ 369 } 370 if (!TS_RESP_set_status_info(ctx->response, si)) 371 goto err; 372 ret = 1; 373 err: 374 if (!ret) 375 TSerr(TS_F_TS_RESP_CTX_SET_STATUS_INFO, ERR_R_MALLOC_FAILURE); 376 TS_STATUS_INFO_free(si); 377 ASN1_UTF8STRING_free(utf8_text); 378 return ret; 379} 380 381int TS_RESP_CTX_set_status_info_cond(TS_RESP_CTX *ctx, 382 int status, const char *text) 383{ 384 int ret = 1; 385 TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response); 386 387 if (ASN1_INTEGER_get(si->status) == TS_STATUS_GRANTED) { 388 /* Status has not been set, set it now. */ 389 ret = TS_RESP_CTX_set_status_info(ctx, status, text); 390 } 391 return ret; 392} 393 394int TS_RESP_CTX_add_failure_info(TS_RESP_CTX *ctx, int failure) 395{ 396 TS_STATUS_INFO *si = TS_RESP_get_status_info(ctx->response); 397 if (!si->failure_info && !(si->failure_info = ASN1_BIT_STRING_new())) 398 goto err; 399 if (!ASN1_BIT_STRING_set_bit(si->failure_info, failure, 1)) 400 goto err; 401 return 1; 402 err: 403 TSerr(TS_F_TS_RESP_CTX_ADD_FAILURE_INFO, ERR_R_MALLOC_FAILURE); 404 return 0; 405} 406 407TS_REQ *TS_RESP_CTX_get_request(TS_RESP_CTX *ctx) 408{ 409 return ctx->request; 410} 411 412TS_TST_INFO *TS_RESP_CTX_get_tst_info(TS_RESP_CTX *ctx) 413{ 414 return ctx->tst_info; 415} 416 417int TS_RESP_CTX_set_clock_precision_digits(TS_RESP_CTX *ctx, 418 unsigned precision) 419{ 420 if (precision > TS_MAX_CLOCK_PRECISION_DIGITS) 421 return 0; 422 ctx->clock_precision_digits = precision; 423 return 1; 424} 425 426/* Main entry method of the response generation. */ 427TS_RESP *TS_RESP_create_response(TS_RESP_CTX *ctx, BIO *req_bio) 428{ 429 ASN1_OBJECT *policy; 430 TS_RESP *response; 431 int result = 0; 432 433 TS_RESP_CTX_init(ctx); 434 435 /* Creating the response object. */ 436 if (!(ctx->response = TS_RESP_new())) { 437 TSerr(TS_F_TS_RESP_CREATE_RESPONSE, ERR_R_MALLOC_FAILURE); 438 goto end; 439 } 440 441 /* Parsing DER request. */ 442 if (!(ctx->request = d2i_TS_REQ_bio(req_bio, NULL))) { 443 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 444 "Bad request format or " "system error."); 445 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT); 446 goto end; 447 } 448 449 /* Setting default status info. */ 450 if (!TS_RESP_CTX_set_status_info(ctx, TS_STATUS_GRANTED, NULL)) 451 goto end; 452 453 /* Checking the request format. */ 454 if (!TS_RESP_check_request(ctx)) 455 goto end; 456 457 /* Checking acceptable policies. */ 458 if (!(policy = TS_RESP_get_policy(ctx))) 459 goto end; 460 461 /* Creating the TS_TST_INFO object. */ 462 if (!(ctx->tst_info = TS_RESP_create_tst_info(ctx, policy))) 463 goto end; 464 465 /* Processing extensions. */ 466 if (!TS_RESP_process_extensions(ctx)) 467 goto end; 468 469 /* Generating the signature. */ 470 if (!TS_RESP_sign(ctx)) 471 goto end; 472 473 /* Everything was successful. */ 474 result = 1; 475 end: 476 if (!result) { 477 TSerr(TS_F_TS_RESP_CREATE_RESPONSE, TS_R_RESPONSE_SETUP_ERROR); 478 if (ctx->response != NULL) { 479 if (TS_RESP_CTX_set_status_info_cond(ctx, 480 TS_STATUS_REJECTION, 481 "Error during response " 482 "generation.") == 0) { 483 TS_RESP_free(ctx->response); 484 ctx->response = NULL; 485 } 486 } 487 } 488 response = ctx->response; 489 ctx->response = NULL; /* Ownership will be returned to caller. */ 490 TS_RESP_CTX_cleanup(ctx); 491 return response; 492} 493 494/* Initializes the variable part of the context. */ 495static void TS_RESP_CTX_init(TS_RESP_CTX *ctx) 496{ 497 ctx->request = NULL; 498 ctx->response = NULL; 499 ctx->tst_info = NULL; 500} 501 502/* Cleans up the variable part of the context. */ 503static void TS_RESP_CTX_cleanup(TS_RESP_CTX *ctx) 504{ 505 TS_REQ_free(ctx->request); 506 ctx->request = NULL; 507 TS_RESP_free(ctx->response); 508 ctx->response = NULL; 509 TS_TST_INFO_free(ctx->tst_info); 510 ctx->tst_info = NULL; 511} 512 513/* Checks the format and content of the request. */ 514static int TS_RESP_check_request(TS_RESP_CTX *ctx) 515{ 516 TS_REQ *request = ctx->request; 517 TS_MSG_IMPRINT *msg_imprint; 518 X509_ALGOR *md_alg; 519 int md_alg_id; 520 const ASN1_OCTET_STRING *digest; 521 EVP_MD *md = NULL; 522 int i; 523 524 /* Checking request version. */ 525 if (TS_REQ_get_version(request) != 1) { 526 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 527 "Bad request version."); 528 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_REQUEST); 529 return 0; 530 } 531 532 /* Checking message digest algorithm. */ 533 msg_imprint = TS_REQ_get_msg_imprint(request); 534 md_alg = TS_MSG_IMPRINT_get_algo(msg_imprint); 535 md_alg_id = OBJ_obj2nid(md_alg->algorithm); 536 for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i) { 537 EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i); 538 if (md_alg_id == EVP_MD_type(current_md)) 539 md = current_md; 540 } 541 if (!md) { 542 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 543 "Message digest algorithm is " 544 "not supported."); 545 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG); 546 return 0; 547 } 548 549 /* No message digest takes parameter. */ 550 if (md_alg->parameter && ASN1_TYPE_get(md_alg->parameter) != V_ASN1_NULL) { 551 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 552 "Superfluous message digest " 553 "parameter."); 554 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_ALG); 555 return 0; 556 } 557 /* Checking message digest size. */ 558 digest = TS_MSG_IMPRINT_get_msg(msg_imprint); 559 if (digest->length != EVP_MD_size(md)) { 560 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 561 "Bad message digest."); 562 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_BAD_DATA_FORMAT); 563 return 0; 564 } 565 566 return 1; 567} 568 569/* Returns the TSA policy based on the requested and acceptable policies. */ 570static ASN1_OBJECT *TS_RESP_get_policy(TS_RESP_CTX *ctx) 571{ 572 ASN1_OBJECT *requested = TS_REQ_get_policy_id(ctx->request); 573 ASN1_OBJECT *policy = NULL; 574 int i; 575 576 if (ctx->default_policy == NULL) { 577 TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_INVALID_NULL_POINTER); 578 return NULL; 579 } 580 /* 581 * Return the default policy if none is requested or the default is 582 * requested. 583 */ 584 if (!requested || !OBJ_cmp(requested, ctx->default_policy)) 585 policy = ctx->default_policy; 586 587 /* Check if the policy is acceptable. */ 588 for (i = 0; !policy && i < sk_ASN1_OBJECT_num(ctx->policies); ++i) { 589 ASN1_OBJECT *current = sk_ASN1_OBJECT_value(ctx->policies, i); 590 if (!OBJ_cmp(requested, current)) 591 policy = current; 592 } 593 if (!policy) { 594 TSerr(TS_F_TS_RESP_GET_POLICY, TS_R_UNACCEPTABLE_POLICY); 595 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, 596 "Requested policy is not " "supported."); 597 TS_RESP_CTX_add_failure_info(ctx, TS_INFO_UNACCEPTED_POLICY); 598 } 599 return policy; 600} 601 602/* Creates the TS_TST_INFO object based on the settings of the context. */ 603static TS_TST_INFO *TS_RESP_create_tst_info(TS_RESP_CTX *ctx, 604 ASN1_OBJECT *policy) 605{ 606 int result = 0; 607 TS_TST_INFO *tst_info = NULL; 608 ASN1_INTEGER *serial = NULL; 609 ASN1_GENERALIZEDTIME *asn1_time = NULL; 610 long sec, usec; 611 TS_ACCURACY *accuracy = NULL; 612 const ASN1_INTEGER *nonce; 613 GENERAL_NAME *tsa_name = NULL; 614 615 if (!(tst_info = TS_TST_INFO_new())) 616 goto end; 617 if (!TS_TST_INFO_set_version(tst_info, 1)) 618 goto end; 619 if (!TS_TST_INFO_set_policy_id(tst_info, policy)) 620 goto end; 621 if (!TS_TST_INFO_set_msg_imprint(tst_info, ctx->request->msg_imprint)) 622 goto end; 623 if (!(serial = (*ctx->serial_cb) (ctx, ctx->serial_cb_data)) 624 || !TS_TST_INFO_set_serial(tst_info, serial)) 625 goto end; 626 if (!(*ctx->time_cb) (ctx, ctx->time_cb_data, &sec, &usec) 627 || !(asn1_time = TS_RESP_set_genTime_with_precision(NULL, 628 sec, usec, 629 ctx->clock_precision_digits)) 630 || !TS_TST_INFO_set_time(tst_info, asn1_time)) 631 goto end; 632 633 /* Setting accuracy if needed. */ 634 if ((ctx->seconds || ctx->millis || ctx->micros) 635 && !(accuracy = TS_ACCURACY_new())) 636 goto end; 637 638 if (ctx->seconds && !TS_ACCURACY_set_seconds(accuracy, ctx->seconds)) 639 goto end; 640 if (ctx->millis && !TS_ACCURACY_set_millis(accuracy, ctx->millis)) 641 goto end; 642 if (ctx->micros && !TS_ACCURACY_set_micros(accuracy, ctx->micros)) 643 goto end; 644 if (accuracy && !TS_TST_INFO_set_accuracy(tst_info, accuracy)) 645 goto end; 646 647 /* Setting ordering. */ 648 if ((ctx->flags & TS_ORDERING) 649 && !TS_TST_INFO_set_ordering(tst_info, 1)) 650 goto end; 651 652 /* Setting nonce if needed. */ 653 if ((nonce = TS_REQ_get_nonce(ctx->request)) != NULL 654 && !TS_TST_INFO_set_nonce(tst_info, nonce)) 655 goto end; 656 657 /* Setting TSA name to subject of signer certificate. */ 658 if (ctx->flags & TS_TSA_NAME) { 659 if (!(tsa_name = GENERAL_NAME_new())) 660 goto end; 661 tsa_name->type = GEN_DIRNAME; 662 tsa_name->d.dirn = 663 X509_NAME_dup(ctx->signer_cert->cert_info->subject); 664 if (!tsa_name->d.dirn) 665 goto end; 666 if (!TS_TST_INFO_set_tsa(tst_info, tsa_name)) 667 goto end; 668 } 669 670 result = 1; 671 end: 672 if (!result) { 673 TS_TST_INFO_free(tst_info); 674 tst_info = NULL; 675 TSerr(TS_F_TS_RESP_CREATE_TST_INFO, TS_R_TST_INFO_SETUP_ERROR); 676 TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION, 677 "Error during TSTInfo " 678 "generation."); 679 } 680 GENERAL_NAME_free(tsa_name); 681 TS_ACCURACY_free(accuracy); 682 ASN1_GENERALIZEDTIME_free(asn1_time); 683 ASN1_INTEGER_free(serial); 684 685 return tst_info; 686} 687 688/* Processing the extensions of the request. */ 689static int TS_RESP_process_extensions(TS_RESP_CTX *ctx) 690{ 691 STACK_OF(X509_EXTENSION) *exts = TS_REQ_get_exts(ctx->request); 692 int i; 693 int ok = 1; 694 695 for (i = 0; ok && i < sk_X509_EXTENSION_num(exts); ++i) { 696 X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i); 697 /* 698 * XXXXX The last argument was previously (void *)ctx->extension_cb, 699 * but ISO C doesn't permit converting a function pointer to void *. 700 * For lack of better information, I'm placing a NULL there instead. 701 * The callback can pick its own address out from the ctx anyway... 702 */ 703 ok = (*ctx->extension_cb) (ctx, ext, NULL); 704 } 705 706 return ok; 707} 708 709/* Functions for signing the TS_TST_INFO structure of the context. */ 710static int TS_RESP_sign(TS_RESP_CTX *ctx) 711{ 712 int ret = 0; 713 PKCS7 *p7 = NULL; 714 PKCS7_SIGNER_INFO *si; 715 STACK_OF(X509) *certs; /* Certificates to include in sc. */ 716 ESS_SIGNING_CERT *sc = NULL; 717 ASN1_OBJECT *oid; 718 BIO *p7bio = NULL; 719 int i; 720 721 /* Check if signcert and pkey match. */ 722 if (!X509_check_private_key(ctx->signer_cert, ctx->signer_key)) { 723 TSerr(TS_F_TS_RESP_SIGN, TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); 724 goto err; 725 } 726 727 /* Create a new PKCS7 signed object. */ 728 if (!(p7 = PKCS7_new())) { 729 TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE); 730 goto err; 731 } 732 if (!PKCS7_set_type(p7, NID_pkcs7_signed)) 733 goto err; 734 735 /* Force SignedData version to be 3 instead of the default 1. */ 736 if (!ASN1_INTEGER_set(p7->d.sign->version, 3)) 737 goto err; 738 739 /* Add signer certificate and optional certificate chain. */ 740 if (TS_REQ_get_cert_req(ctx->request)) { 741 PKCS7_add_certificate(p7, ctx->signer_cert); 742 if (ctx->certs) { 743 for (i = 0; i < sk_X509_num(ctx->certs); ++i) { 744 X509 *cert = sk_X509_value(ctx->certs, i); 745 PKCS7_add_certificate(p7, cert); 746 } 747 } 748 } 749 750 /* Add a new signer info. */ 751 if (!(si = PKCS7_add_signature(p7, ctx->signer_cert, 752 ctx->signer_key, EVP_sha1()))) { 753 TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNATURE_ERROR); 754 goto err; 755 } 756 757 /* Add content type signed attribute to the signer info. */ 758 oid = OBJ_nid2obj(NID_id_smime_ct_TSTInfo); 759 if (!PKCS7_add_signed_attribute(si, NID_pkcs9_contentType, 760 V_ASN1_OBJECT, oid)) { 761 TSerr(TS_F_TS_RESP_SIGN, TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR); 762 goto err; 763 } 764 765 /* 766 * Create the ESS SigningCertificate attribute which contains the signer 767 * certificate id and optionally the certificate chain. 768 */ 769 certs = ctx->flags & TS_ESS_CERT_ID_CHAIN ? ctx->certs : NULL; 770 if (!(sc = ESS_SIGNING_CERT_new_init(ctx->signer_cert, certs))) 771 goto err; 772 773 /* Add SigningCertificate signed attribute to the signer info. */ 774 if (!ESS_add_signing_cert(si, sc)) { 775 TSerr(TS_F_TS_RESP_SIGN, TS_R_ESS_ADD_SIGNING_CERT_ERROR); 776 goto err; 777 } 778 779 /* Add a new empty NID_id_smime_ct_TSTInfo encapsulated content. */ 780 if (!TS_TST_INFO_content_new(p7)) 781 goto err; 782 783 /* Add the DER encoded tst_info to the PKCS7 structure. */ 784 if (!(p7bio = PKCS7_dataInit(p7, NULL))) { 785 TSerr(TS_F_TS_RESP_SIGN, ERR_R_MALLOC_FAILURE); 786 goto err; 787 } 788 789 /* Convert tst_info to DER. */ 790 if (!i2d_TS_TST_INFO_bio(p7bio, ctx->tst_info)) { 791 TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN); 792 goto err; 793 } 794 795 /* Create the signature and add it to the signer info. */ 796 if (!PKCS7_dataFinal(p7, p7bio)) { 797 TSerr(TS_F_TS_RESP_SIGN, TS_R_TS_DATASIGN); 798 goto err; 799 } 800 801 /* Set new PKCS7 and TST_INFO objects. */ 802 TS_RESP_set_tst_info(ctx->response, p7, ctx->tst_info); 803 p7 = NULL; /* Ownership is lost. */ 804 ctx->tst_info = NULL; /* Ownership is lost. */ 805 806 ret = 1; 807 err: 808 if (!ret) 809 TS_RESP_CTX_set_status_info_cond(ctx, TS_STATUS_REJECTION, 810 "Error during signature " 811 "generation."); 812 BIO_free_all(p7bio); 813 ESS_SIGNING_CERT_free(sc); 814 PKCS7_free(p7); 815 return ret; 816} 817 818static ESS_SIGNING_CERT *ESS_SIGNING_CERT_new_init(X509 *signcert, 819 STACK_OF(X509) *certs) 820{ 821 ESS_CERT_ID *cid; 822 ESS_SIGNING_CERT *sc = NULL; 823 int i; 824 825 /* Creating the ESS_CERT_ID stack. */ 826 if (!(sc = ESS_SIGNING_CERT_new())) 827 goto err; 828 if (!sc->cert_ids && !(sc->cert_ids = sk_ESS_CERT_ID_new_null())) 829 goto err; 830 831 /* Adding the signing certificate id. */ 832 if (!(cid = ESS_CERT_ID_new_init(signcert, 0)) 833 || !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) 834 goto err; 835 /* Adding the certificate chain ids. */ 836 for (i = 0; i < sk_X509_num(certs); ++i) { 837 X509 *cert = sk_X509_value(certs, i); 838 if (!(cid = ESS_CERT_ID_new_init(cert, 1)) 839 || !sk_ESS_CERT_ID_push(sc->cert_ids, cid)) 840 goto err; 841 } 842 843 return sc; 844 err: 845 ESS_SIGNING_CERT_free(sc); 846 TSerr(TS_F_ESS_SIGNING_CERT_NEW_INIT, ERR_R_MALLOC_FAILURE); 847 return NULL; 848} 849 850static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed) 851{ 852 ESS_CERT_ID *cid = NULL; 853 GENERAL_NAME *name = NULL; 854 855 /* Recompute SHA1 hash of certificate if necessary (side effect). */ 856 X509_check_purpose(cert, -1, 0); 857 858 if (!(cid = ESS_CERT_ID_new())) 859 goto err; 860 if (!ASN1_OCTET_STRING_set(cid->hash, cert->sha1_hash, 861 sizeof(cert->sha1_hash))) 862 goto err; 863 864 /* Setting the issuer/serial if requested. */ 865 if (issuer_needed) { 866 /* Creating issuer/serial structure. */ 867 if (!cid->issuer_serial 868 && !(cid->issuer_serial = ESS_ISSUER_SERIAL_new())) 869 goto err; 870 /* Creating general name from the certificate issuer. */ 871 if (!(name = GENERAL_NAME_new())) 872 goto err; 873 name->type = GEN_DIRNAME; 874 if (!(name->d.dirn = X509_NAME_dup(cert->cert_info->issuer))) 875 goto err; 876 if (!sk_GENERAL_NAME_push(cid->issuer_serial->issuer, name)) 877 goto err; 878 name = NULL; /* Ownership is lost. */ 879 /* Setting the serial number. */ 880 ASN1_INTEGER_free(cid->issuer_serial->serial); 881 if (!(cid->issuer_serial->serial = 882 ASN1_INTEGER_dup(cert->cert_info->serialNumber))) 883 goto err; 884 } 885 886 return cid; 887 err: 888 GENERAL_NAME_free(name); 889 ESS_CERT_ID_free(cid); 890 TSerr(TS_F_ESS_CERT_ID_NEW_INIT, ERR_R_MALLOC_FAILURE); 891 return NULL; 892} 893 894static int TS_TST_INFO_content_new(PKCS7 *p7) 895{ 896 PKCS7 *ret = NULL; 897 ASN1_OCTET_STRING *octet_string = NULL; 898 899 /* Create new encapsulated NID_id_smime_ct_TSTInfo content. */ 900 if (!(ret = PKCS7_new())) 901 goto err; 902 if (!(ret->d.other = ASN1_TYPE_new())) 903 goto err; 904 ret->type = OBJ_nid2obj(NID_id_smime_ct_TSTInfo); 905 if (!(octet_string = ASN1_OCTET_STRING_new())) 906 goto err; 907 ASN1_TYPE_set(ret->d.other, V_ASN1_OCTET_STRING, octet_string); 908 octet_string = NULL; 909 910 /* Add encapsulated content to signed PKCS7 structure. */ 911 if (!PKCS7_set_content(p7, ret)) 912 goto err; 913 914 return 1; 915 err: 916 ASN1_OCTET_STRING_free(octet_string); 917 PKCS7_free(ret); 918 return 0; 919} 920 921static int ESS_add_signing_cert(PKCS7_SIGNER_INFO *si, ESS_SIGNING_CERT *sc) 922{ 923 ASN1_STRING *seq = NULL; 924 unsigned char *p, *pp = NULL; 925 int len; 926 927 len = i2d_ESS_SIGNING_CERT(sc, NULL); 928 if (!(pp = (unsigned char *)OPENSSL_malloc(len))) { 929 TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE); 930 goto err; 931 } 932 p = pp; 933 i2d_ESS_SIGNING_CERT(sc, &p); 934 if (!(seq = ASN1_STRING_new()) || !ASN1_STRING_set(seq, pp, len)) { 935 TSerr(TS_F_ESS_ADD_SIGNING_CERT, ERR_R_MALLOC_FAILURE); 936 goto err; 937 } 938 OPENSSL_free(pp); 939 pp = NULL; 940 return PKCS7_add_signed_attribute(si, 941 NID_id_smime_aa_signingCertificate, 942 V_ASN1_SEQUENCE, seq); 943 err: 944 ASN1_STRING_free(seq); 945 OPENSSL_free(pp); 946 947 return 0; 948} 949 950static ASN1_GENERALIZEDTIME 951*TS_RESP_set_genTime_with_precision(ASN1_GENERALIZEDTIME *asn1_time, 952 long sec, long usec, unsigned precision) 953{ 954 time_t time_sec = (time_t)sec; 955 struct tm *tm = NULL; 956 char genTime_str[17 + TS_MAX_CLOCK_PRECISION_DIGITS]; 957 char *p = genTime_str; 958 char *p_end = genTime_str + sizeof(genTime_str); 959 960 if (precision > TS_MAX_CLOCK_PRECISION_DIGITS) 961 goto err; 962 963 if (!(tm = gmtime(&time_sec))) 964 goto err; 965 966 /* 967 * Put "genTime_str" in GeneralizedTime format. We work around the 968 * restrictions imposed by rfc3280 (i.e. "GeneralizedTime values MUST 969 * NOT include fractional seconds") and OpenSSL related functions to 970 * meet the rfc3161 requirement: "GeneralizedTime syntax can include 971 * fraction-of-second details". 972 */ 973 p += BIO_snprintf(p, p_end - p, 974 "%04d%02d%02d%02d%02d%02d", 975 tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, 976 tm->tm_hour, tm->tm_min, tm->tm_sec); 977 if (precision > 0) { 978 /* Add fraction of seconds (leave space for dot and null). */ 979 BIO_snprintf(p, 2 + precision, ".%06ld", usec); 980 /* 981 * We cannot use the snprintf return value, because it might have 982 * been truncated. 983 */ 984 p += strlen(p); 985 986 /* 987 * To make things a bit harder, X.690 | ISO/IEC 8825-1 provides the 988 * following restrictions for a DER-encoding, which OpenSSL 989 * (specifically ASN1_GENERALIZEDTIME_check() function) doesn't 990 * support: "The encoding MUST terminate with a "Z" (which means 991 * "Zulu" time). The decimal point element, if present, MUST be the 992 * point option ".". The fractional-seconds elements, if present, 993 * MUST omit all trailing 0's; if the elements correspond to 0, they 994 * MUST be wholly omitted, and the decimal point element also MUST be 995 * omitted." 996 */ 997 /* 998 * Remove trailing zeros. The dot guarantees the exit condition of 999 * this loop even if all the digits are zero. 1000 */ 1001 while (*--p == '0') 1002 /* 1003 * empty 1004 */ ; 1005 /* p points to either the dot or the last non-zero digit. */ 1006 if (*p != '.') 1007 ++p; 1008 } 1009 /* Add the trailing Z and the terminating null. */ 1010 *p++ = 'Z'; 1011 *p++ = '\0'; 1012 1013 /* Now call OpenSSL to check and set our genTime value */ 1014 if (!asn1_time && !(asn1_time = M_ASN1_GENERALIZEDTIME_new())) 1015 goto err; 1016 if (!ASN1_GENERALIZEDTIME_set_string(asn1_time, genTime_str)) { 1017 ASN1_GENERALIZEDTIME_free(asn1_time); 1018 goto err; 1019 } 1020 1021 return asn1_time; 1022 err: 1023 TSerr(TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION, TS_R_COULD_NOT_SET_TIME); 1024 return NULL; 1025} 1026