static int
collect_cert(hx509_context context,
struct p11_module *p, struct p11_slot *slot,
CK_SESSION_HANDLE session,
CK_OBJECT_HANDLE object,
void *ptr, CK_ATTRIBUTE *query, int num_query)
{
struct hx509_collector *collector = ptr;
hx509_cert cert;
int ret;
if ((CK_LONG)query[0].ulValueLen == -1 ||
(CK_LONG)query[1].ulValueLen == -1)
{
return 0;
}
ret = hx509_cert_init_data(context, query[1].pValue,
query[1].ulValueLen, &cert);
if (ret)
return ret;
if (p->ref == 0)
_hx509_abort("pkcs11 ref == 0 on alloc");
p->ref++;
if (p->ref == UINT_MAX)
_hx509_abort("pkcs11 ref to high");
_hx509_cert_set_release(cert, p11_cert_release, p);
{
heim_octet_string data;
data.data = query[0].pValue;
data.length = query[0].ulValueLen;
_hx509_set_cert_attribute(context,
cert,
oid_id_pkcs_9_at_localKeyId(),
&data);
}
if ((CK_LONG)query[2].ulValueLen != -1) {
char *str;
asprintf(&str, "%.*s",
(int)query[2].ulValueLen, (char *)query[2].pValue);
if (str) {
hx509_cert_set_friendly_name(cert, str);
free(str);
}
}
ret = _hx509_collector_certs_add(context, collector, cert);
hx509_cert_free(cert);
return ret;
}
static int
set_private_key(hx509_context context,
SecKeychainItemRef itemRef,
hx509_cert cert)
{
struct kc_rsa *kc;
hx509_private_key key;
RSA *rsa;
int ret;
ret = _hx509_private_key_init(&key, NULL, NULL);
if (ret)
return ret;
kc = calloc(1, sizeof(*kc));
if (kc == NULL)
_hx509_abort("out of memory");
kc->item = itemRef;
rsa = RSA_new();
if (rsa == NULL)
_hx509_abort("out of memory");
/* Argh, fake modulus since OpenSSL API is on crack */
{
SecKeychainAttributeList *attrs = NULL;
uint32_t size;
void *data;
rsa->n = BN_new();
if (rsa->n == NULL) abort();
ret = getAttribute(itemRef, kSecKeyKeySizeInBits, &attrs);
if (ret) abort();
size = *(uint32_t *)attrs->attr[0].data;
SecKeychainItemFreeAttributesAndData(attrs, NULL);
kc->keysize = (size + 7) / 8;
data = malloc(kc->keysize);
memset(data, 0xe0, kc->keysize);
BN_bin2bn(data, kc->keysize, rsa->n);
free(data);
}
rsa->e = NULL;
RSA_set_method(rsa, &kc_rsa_pkcs1_method);
ret = RSA_set_app_data(rsa, kc);
if (ret != 1)
_hx509_abort("RSA_set_app_data");
_hx509_private_key_assign_rsa(key, rsa);
_hx509_cert_assign_key(cert, key);
return 0;
}
hx509_certs
hx509_certs_ref(hx509_certs certs)
{
if (certs == NULL)
return NULL;
if (certs->ref == 0)
_hx509_abort("certs refcount == 0 on ref");
if (certs->ref == UINT_MAX)
_hx509_abort("certs refcount == UINT_MAX on ref");
certs->ref++;
return certs;
}
hx509_revoke_ctx
_hx509_revoke_ref(hx509_revoke_ctx ctx)
{
if (ctx == NULL)
return NULL;
if (ctx->ref == 0)
_hx509_abort("revoke ctx refcount == 0 on ref");
ctx->ref++;
if (ctx->ref == UINT_MAX)
_hx509_abort("revoke ctx refcount == UINT_MAX on ref");
return ctx;
}
static void
p11_release_module(struct p11_module *p)
{
int i;
if (p->refcount == 0)
_hx509_abort("pkcs11 refcount to low");
if (--p->refcount > 0)
return;
for (i = 0; i < p->num_slots; i++) {
if (p->slot[i].flags & P11_SESSION_IN_USE)
_hx509_abort("pkcs11 module release while session in use");
if (p->slot[i].flags & P11_SESSION) {
int ret;
ret = P11FUNC(p, CloseSession, (p->slot[i].session));
if (ret != CKR_OK)
;
}
if (p->slot[i].name)
free(p->slot[i].name);
if (p->slot[i].pin) {
memset(p->slot[i].pin, 0, strlen(p->slot[i].pin));
free(p->slot[i].pin);
}
if (p->slot[i].mechs.num) {
free(p->slot[i].mechs.list);
if (p->slot[i].mechs.infos) {
int j;
for (j = 0 ; j < p->slot[i].mechs.num ; j++)
free(p->slot[i].mechs.infos[j]);
free(p->slot[i].mechs.infos);
}
}
}
free(p->slot);
if (p->funcs)
P11FUNC(p, Finalize, (NULL));
if (p->dl_handle)
dlclose(p->dl_handle);
memset(p, 0, sizeof(*p));
free(p);
}
static int
check_Null(hx509_validate_ctx ctx,
struct cert_status *status,
enum critical_flag cf, const Extension *e)
{
switch(cf) {
case D_C:
break;
case S_C:
if (!e->critical)
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"\tCritical not set on SHOULD\n");
break;
case S_N_C:
if (e->critical)
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"\tCritical set on SHOULD NOT\n");
break;
case M_C:
if (!e->critical)
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"\tCritical not set on MUST\n");
break;
case M_N_C:
if (e->critical)
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"\tCritical set on MUST NOT\n");
break;
default:
_hx509_abort("internal check_Null state error");
}
return 0;
}
static int
fill_CMSIdentifier(const hx509_cert cert,
int type,
CMSIdentifier *id)
{
int ret;
switch (type) {
case CMS_ID_SKI:
id->element = choice_CMSIdentifier_subjectKeyIdentifier;
ret = _hx509_find_extension_subject_key_id(_hx509_get_cert(cert),
&id->u.subjectKeyIdentifier);
if (ret == 0)
break;
/* FALL THOUGH */
case CMS_ID_NAME: {
hx509_name name;
id->element = choice_CMSIdentifier_issuerAndSerialNumber;
ret = hx509_cert_get_issuer(cert, &name);
if (ret)
return ret;
ret = hx509_name_to_Name(name, &id->u.issuerAndSerialNumber.issuer);
hx509_name_free(&name);
if (ret)
return ret;
ret = hx509_cert_get_serialnumber(cert, &id->u.issuerAndSerialNumber.serialNumber);
break;
}
default:
_hx509_abort("CMS fill identifier with unknown type");
}
return ret;
}
void
hx509_revoke_free(hx509_revoke_ctx *ctx)
{
size_t i ;
if (ctx == NULL || *ctx == NULL)
return;
if ((*ctx)->ref == 0)
_hx509_abort("revoke ctx refcount == 0 on free");
if (--(*ctx)->ref > 0)
return;
for (i = 0; i < (*ctx)->crls.len; i++) {
free((*ctx)->crls.val[i].path);
free_CRLCertificateList(&(*ctx)->crls.val[i].crl);
}
for (i = 0; i < (*ctx)->ocsps.len; i++)
free_ocsp(&(*ctx)->ocsps.val[i]);
free((*ctx)->ocsps.val);
free((*ctx)->crls.val);
memset(*ctx, 0, sizeof(**ctx));
free(*ctx);
*ctx = NULL;
}
static int
add_utf8_san(hx509_context context,
hx509_ca_tbs tbs,
const heim_oid *oid,
const char *string)
{
const PKIXXmppAddr ustring = (const PKIXXmppAddr)string;
heim_octet_string os;
size_t size;
int ret;
os.length = 0;
os.data = NULL;
ASN1_MALLOC_ENCODE(PKIXXmppAddr, os.data, os.length, &ustring, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != os.length)
_hx509_abort("internal ASN.1 encoder error");
ret = hx509_ca_tbs_add_san_otherName(context,
tbs,
oid,
&os);
free(os.data);
out:
return ret;
}
static int
p11_put_session(struct p11_module *p,
struct p11_slot *slot,
CK_SESSION_HANDLE session)
{
if ((slot->flags & P11_SESSION_IN_USE) == 0)
_hx509_abort("slot not in session");
slot->flags &= ~P11_SESSION_IN_USE;
return 0;
}
void
hx509_certs_free(hx509_certs *certs)
{
if (*certs) {
if ((*certs)->ref == 0)
_hx509_abort("cert refcount == 0 on free");
if (--(*certs)->ref > 0)
return;
(*(*certs)->ops->free)(*certs, (*certs)->ops_data);
free(*certs);
*certs = NULL;
}
}
int
hx509_name_binary(const hx509_name name, heim_octet_string *os)
{
size_t size;
int ret;
ASN1_MALLOC_ENCODE(Name, os->data, os->length, &name->der_name, &size, ret);
if (ret)
return ret;
if (os->length != size)
_hx509_abort("internal ASN.1 encoder error");
return 0;
}
static int
ecdsa_available(const hx509_private_key signer,
const AlgorithmIdentifier *sig_alg)
{
const struct signature_alg *sig;
const EC_GROUP *group;
BN_CTX *bnctx = NULL;
BIGNUM *order = NULL;
int ret = 0;
if (der_heim_oid_cmp(signer->ops->key_oid, &asn1_oid_id_ecPublicKey) != 0)
_hx509_abort("internal error passing private key to wrong ops");
sig = _hx509_find_sig_alg(&sig_alg->algorithm);
if (sig == NULL || sig->digest_size == 0)
return 0;
group = EC_KEY_get0_group(signer->private_key.ecdsa);
if (group == NULL)
return 0;
bnctx = BN_CTX_new();
order = BN_new();
if (order == NULL)
goto err;
if (EC_GROUP_get_order(group, order, bnctx) != 1)
goto err;
#if 0
/* If anything, require a digest at least as wide as the EC key size */
if (BN_num_bytes(order) > sig->digest_size)
#endif
ret = 1;
err:
if (bnctx)
BN_CTX_free(bnctx);
if (order)
BN_clear_free(order);
return ret;
}
int
hx509_cms_wrap_ContentInfo(const heim_oid *oid,
const heim_octet_string *buf,
heim_octet_string *res)
{
ContentInfo ci;
size_t size;
int ret;
memset(res, 0, sizeof(*res));
memset(&ci, 0, sizeof(ci));
ret = der_copy_oid(oid, &ci.contentType);
if (ret)
return ret;
if (buf) {
ALLOC(ci.content, 1);
if (ci.content == NULL) {
free_ContentInfo(&ci);
return ENOMEM;
}
ci.content->data = malloc(buf->length);
if (ci.content->data == NULL) {
free_ContentInfo(&ci);
return ENOMEM;
}
memcpy(ci.content->data, buf->data, buf->length);
ci.content->length = buf->length;
}
ASN1_MALLOC_ENCODE(ContentInfo, res->data, res->length, &ci, &size, ret);
free_ContentInfo(&ci);
if (ret)
return ret;
if (res->length != size)
_hx509_abort("internal ASN.1 encoder error");
return 0;
}
static int
append_string(char **str, size_t *total_len, const char *ss,
size_t len, int quote)
{
char *s, *qs;
if (quote)
qs = quote_string(ss, len, &len);
else
qs = rk_UNCONST(ss);
s = realloc(*str, len + *total_len + 1);
if (s == NULL)
_hx509_abort("allocation failure"); /* XXX */
memcpy(s + *total_len, qs, len);
if (qs != ss)
free(qs);
s[*total_len + len] = '\0';
*str = s;
*total_len += len;
return 0;
}
int
hx509_ca_tbs_add_san_pkinit(hx509_context context,
hx509_ca_tbs tbs,
const char *principal)
{
heim_octet_string os;
KRB5PrincipalName p;
size_t size;
int ret;
char *s = NULL;
memset(&p, 0, sizeof(p));
/* parse principal */
{
const char *str;
char *q;
int n;
/* count number of component */
n = 1;
for(str = principal; *str != '\0' && *str != '@'; str++){
if(*str=='\\'){
if(str[1] == '\0' || str[1] == '@') {
ret = HX509_PARSING_NAME_FAILED;
hx509_set_error_string(context, 0, ret,
"trailing \\ in principal name");
goto out;
}
str++;
} else if(*str == '/')
n++;
}
p.principalName.name_string.val =
calloc(n, sizeof(*p.principalName.name_string.val));
if (p.principalName.name_string.val == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "malloc: out of memory");
goto out;
}
p.principalName.name_string.len = n;
p.principalName.name_type = KRB5_NT_PRINCIPAL;
q = s = strdup(principal);
if (q == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "malloc: out of memory");
goto out;
}
p.realm = strrchr(q, '@');
if (p.realm == NULL) {
ret = HX509_PARSING_NAME_FAILED;
hx509_set_error_string(context, 0, ret, "Missing @ in principal");
goto out;
};
*p.realm++ = '\0';
n = 0;
while (q) {
p.principalName.name_string.val[n++] = q;
q = strchr(q, '/');
if (q)
*q++ = '\0';
}
}
ASN1_MALLOC_ENCODE(KRB5PrincipalName, os.data, os.length, &p, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != os.length)
_hx509_abort("internal ASN.1 encoder error");
ret = hx509_ca_tbs_add_san_otherName(context,
tbs,
&asn1_oid_id_pkinit_san,
&os);
free(os.data);
out:
if (p.principalName.name_string.val)
free (p.principalName.name_string.val);
if (s)
free(s);
return ret;
}
int
hx509_ca_tbs_add_crl_dp_uri(hx509_context context,
hx509_ca_tbs tbs,
const char *uri,
hx509_name issuername)
{
DistributionPoint dp;
int ret;
memset(&dp, 0, sizeof(dp));
dp.distributionPoint = ecalloc(1, sizeof(*dp.distributionPoint));
{
DistributionPointName name;
GeneralName gn;
size_t size;
name.element = choice_DistributionPointName_fullName;
name.u.fullName.len = 1;
name.u.fullName.val = &gn;
gn.element = choice_GeneralName_uniformResourceIdentifier;
gn.u.uniformResourceIdentifier.data = rk_UNCONST(uri);
gn.u.uniformResourceIdentifier.length = strlen(uri);
ASN1_MALLOC_ENCODE(DistributionPointName,
dp.distributionPoint->data,
dp.distributionPoint->length,
&name, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to encoded DistributionPointName");
goto out;
}
if (dp.distributionPoint->length != size)
_hx509_abort("internal ASN.1 encoder error");
}
if (issuername) {
#if 1
/**
* issuername not supported
*/
hx509_set_error_string(context, 0, EINVAL,
"CRLDistributionPoints.name.issuername not yet supported");
return EINVAL;
#else
GeneralNames *crlissuer;
GeneralName gn;
Name n;
crlissuer = calloc(1, sizeof(*crlissuer));
if (crlissuer == NULL) {
return ENOMEM;
}
memset(&gn, 0, sizeof(gn));
gn.element = choice_GeneralName_directoryName;
ret = hx509_name_to_Name(issuername, &n);
if (ret) {
hx509_set_error_string(context, 0, ret, "out of memory");
goto out;
}
gn.u.directoryName.element = n.element;
gn.u.directoryName.u.rdnSequence = n.u.rdnSequence;
ret = add_GeneralNames(&crlissuer, &gn);
free_Name(&n);
if (ret) {
hx509_set_error_string(context, 0, ret, "out of memory");
goto out;
}
dp.cRLIssuer = &crlissuer;
#endif
}
ret = add_CRLDistributionPoints(&tbs->crldp, &dp);
if (ret) {
hx509_set_error_string(context, 0, ret, "out of memory");
goto out;
}
out:
free_DistributionPoint(&dp);
return ret;
}
int
hx509_cms_verify_signed(hx509_context context,
hx509_verify_ctx ctx,
unsigned int flags,
const void *data,
size_t length,
const heim_octet_string *signedContent,
hx509_certs pool,
heim_oid *contentType,
heim_octet_string *content,
hx509_certs *signer_certs)
{
SignerInfo *signer_info;
hx509_cert cert = NULL;
hx509_certs certs = NULL;
SignedData sd;
size_t size;
int ret, found_valid_sig;
size_t i;
*signer_certs = NULL;
content->data = NULL;
content->length = 0;
contentType->length = 0;
contentType->components = NULL;
memset(&sd, 0, sizeof(sd));
ret = decode_SignedData(data, length, &sd, &size);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to decode SignedData");
goto out;
}
if (sd.encapContentInfo.eContent == NULL && signedContent == NULL) {
ret = HX509_CMS_NO_DATA_AVAILABLE;
hx509_set_error_string(context, 0, ret,
"No content data in SignedData");
goto out;
}
if (sd.encapContentInfo.eContent && signedContent) {
ret = HX509_CMS_NO_DATA_AVAILABLE;
hx509_set_error_string(context, 0, ret,
"Both external and internal SignedData");
goto out;
}
if (sd.encapContentInfo.eContent)
ret = der_copy_octet_string(sd.encapContentInfo.eContent, content);
else
ret = der_copy_octet_string(signedContent, content);
if (ret) {
hx509_set_error_string(context, 0, ret, "malloc: out of memory");
goto out;
}
ret = hx509_certs_init(context, "MEMORY:cms-cert-buffer",
0, NULL, &certs);
if (ret)
goto out;
ret = hx509_certs_init(context, "MEMORY:cms-signer-certs",
0, NULL, signer_certs);
if (ret)
goto out;
/* XXX Check CMS version */
ret = any_to_certs(context, &sd, certs);
if (ret)
goto out;
if (pool) {
ret = hx509_certs_merge(context, certs, pool);
if (ret)
goto out;
}
for (found_valid_sig = 0, i = 0; i < sd.signerInfos.len; i++) {
heim_octet_string signed_data;
const heim_oid *match_oid;
heim_oid decode_oid;
signer_info = &sd.signerInfos.val[i];
match_oid = NULL;
if (signer_info->signature.length == 0) {
ret = HX509_CMS_MISSING_SIGNER_DATA;
hx509_set_error_string(context, 0, ret,
"SignerInfo %d in SignedData "
"missing sigature", i);
continue;
}
ret = find_CMSIdentifier(context, &signer_info->sid, certs,
_hx509_verify_get_time(ctx), &cert,
HX509_QUERY_KU_DIGITALSIGNATURE);
if (ret) {
/**
* If HX509_CMS_VS_NO_KU_CHECK is set, allow more liberal
* search for matching certificates by not considering
* KeyUsage bits on the certificates.
*/
if ((flags & HX509_CMS_VS_NO_KU_CHECK) == 0)
continue;
ret = find_CMSIdentifier(context, &signer_info->sid, certs,
_hx509_verify_get_time(ctx), &cert,
0);
if (ret)
continue;
}
if (signer_info->signedAttrs) {
const Attribute *attr;
CMSAttributes sa;
heim_octet_string os;
sa.val = signer_info->signedAttrs->val;
sa.len = signer_info->signedAttrs->len;
/* verify that sigature exists */
attr = find_attribute(&sa, &asn1_oid_id_pkcs9_messageDigest);
if (attr == NULL) {
ret = HX509_CRYPTO_SIGNATURE_MISSING;
hx509_set_error_string(context, 0, ret,
"SignerInfo have signed attributes "
"but messageDigest (signature) "
"is missing");
goto next_sigature;
}
if (attr->value.len != 1) {
ret = HX509_CRYPTO_SIGNATURE_MISSING;
hx509_set_error_string(context, 0, ret,
"SignerInfo have more then one "
"messageDigest (signature)");
goto next_sigature;
}
ret = decode_MessageDigest(attr->value.val[0].data,
attr->value.val[0].length,
&os,
&size);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to decode "
"messageDigest (signature)");
goto next_sigature;
}
ret = _hx509_verify_signature(context,
NULL,
&signer_info->digestAlgorithm,
content,
&os);
der_free_octet_string(&os);
if (ret) {
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"Failed to verify messageDigest");
goto next_sigature;
}
/*
* Fetch content oid inside signedAttrs or set it to
* id-pkcs7-data.
*/
attr = find_attribute(&sa, &asn1_oid_id_pkcs9_contentType);
if (attr == NULL) {
match_oid = &asn1_oid_id_pkcs7_data;
} else {
if (attr->value.len != 1) {
ret = HX509_CMS_DATA_OID_MISMATCH;
hx509_set_error_string(context, 0, ret,
"More then one oid in signedAttrs");
goto next_sigature;
}
ret = decode_ContentType(attr->value.val[0].data,
attr->value.val[0].length,
&decode_oid,
&size);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to decode "
"oid in signedAttrs");
goto next_sigature;
}
match_oid = &decode_oid;
}
ASN1_MALLOC_ENCODE(CMSAttributes,
signed_data.data,
signed_data.length,
&sa,
&size, ret);
if (ret) {
if (match_oid == &decode_oid)
der_free_oid(&decode_oid);
hx509_clear_error_string(context);
goto next_sigature;
}
if (size != signed_data.length)
_hx509_abort("internal ASN.1 encoder error");
} else {
signed_data.data = content->data;
signed_data.length = content->length;
match_oid = &asn1_oid_id_pkcs7_data;
}
/**
* If HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH, allow
* encapContentInfo mismatch with the oid in signedAttributes
* (or if no signedAttributes where use, pkcs7-data oid).
* This is only needed to work with broken CMS implementations
* that doesn't follow CMS signedAttributes rules.
*/
if (der_heim_oid_cmp(match_oid, &sd.encapContentInfo.eContentType) &&
(flags & HX509_CMS_VS_ALLOW_DATA_OID_MISMATCH) == 0) {
ret = HX509_CMS_DATA_OID_MISMATCH;
hx509_set_error_string(context, 0, ret,
"Oid in message mismatch from the expected");
}
if (match_oid == &decode_oid)
der_free_oid(&decode_oid);
if (ret == 0) {
ret = hx509_verify_signature(context,
cert,
&signer_info->signatureAlgorithm,
&signed_data,
&signer_info->signature);
if (ret)
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"Failed to verify signature in "
"CMS SignedData");
}
if (signer_info->signedAttrs)
free(signed_data.data);
if (ret)
goto next_sigature;
/**
* If HX509_CMS_VS_NO_VALIDATE flags is set, do not verify the
* signing certificates and leave that up to the caller.
*/
if ((flags & HX509_CMS_VS_NO_VALIDATE) == 0) {
ret = hx509_verify_path(context, ctx, cert, certs);
if (ret)
goto next_sigature;
}
ret = hx509_certs_add(context, *signer_certs, cert);
if (ret)
goto next_sigature;
found_valid_sig++;
next_sigature:
if (cert)
hx509_cert_free(cert);
cert = NULL;
}
/**
* If HX509_CMS_VS_ALLOW_ZERO_SIGNER is set, allow empty
* SignerInfo (no signatures). If SignedData have no signatures,
* the function will return 0 with signer_certs set to NULL. Zero
* signers is allowed by the standard, but since its only useful
* in corner cases, it make into a flag that the caller have to
* turn on.
*/
if (sd.signerInfos.len == 0 && (flags & HX509_CMS_VS_ALLOW_ZERO_SIGNER)) {
if (*signer_certs)
hx509_certs_free(signer_certs);
} else if (found_valid_sig == 0) {
if (ret == 0) {
ret = HX509_CMS_SIGNER_NOT_FOUND;
hx509_set_error_string(context, 0, ret,
"No signers where found");
}
goto out;
}
ret = der_copy_oid(&sd.encapContentInfo.eContentType, contentType);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
out:
free_SignedData(&sd);
if (certs)
hx509_certs_free(&certs);
if (ret) {
if (content->data)
der_free_octet_string(content);
if (*signer_certs)
hx509_certs_free(signer_certs);
der_free_oid(contentType);
der_free_octet_string(content);
}
return ret;
}
int
hx509_cms_envelope_1(hx509_context context,
int flags,
hx509_cert cert,
const void *data,
size_t length,
const heim_oid *encryption_type,
const heim_oid *contentType,
heim_octet_string *content)
{
KeyTransRecipientInfo *ri;
heim_octet_string ivec;
heim_octet_string key;
hx509_crypto crypto = NULL;
int ret, cmsidflag;
EnvelopedData ed;
size_t size;
memset(&ivec, 0, sizeof(ivec));
memset(&key, 0, sizeof(key));
memset(&ed, 0, sizeof(ed));
memset(content, 0, sizeof(*content));
if (encryption_type == NULL)
encryption_type = &asn1_oid_id_aes_256_cbc;
if ((flags & HX509_CMS_EV_NO_KU_CHECK) == 0) {
ret = _hx509_check_key_usage(context, cert, 1 << 2, TRUE);
if (ret)
goto out;
}
ret = hx509_crypto_init(context, NULL, encryption_type, &crypto);
if (ret)
goto out;
if (flags & HX509_CMS_EV_ALLOW_WEAK)
hx509_crypto_allow_weak(crypto);
ret = hx509_crypto_set_random_key(crypto, &key);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Create random key for EnvelopedData content");
goto out;
}
ret = hx509_crypto_random_iv(crypto, &ivec);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to create a random iv");
goto out;
}
ret = hx509_crypto_encrypt(crypto,
data,
length,
&ivec,
&ed.encryptedContentInfo.encryptedContent);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to encrypt EnvelopedData content");
goto out;
}
{
AlgorithmIdentifier *enc_alg;
enc_alg = &ed.encryptedContentInfo.contentEncryptionAlgorithm;
ret = der_copy_oid(encryption_type, &enc_alg->algorithm);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to set crypto oid "
"for EnvelopedData");
goto out;
}
ALLOC(enc_alg->parameters, 1);
if (enc_alg->parameters == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret,
"Failed to allocate crypto paramaters "
"for EnvelopedData");
goto out;
}
ret = hx509_crypto_get_params(context,
crypto,
&ivec,
enc_alg->parameters);
if (ret) {
goto out;
}
}
ALLOC_SEQ(&ed.recipientInfos, 1);
if (ed.recipientInfos.val == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret,
"Failed to allocate recipients info "
"for EnvelopedData");
goto out;
}
ri = &ed.recipientInfos.val[0];
if (flags & HX509_CMS_EV_ID_NAME) {
ri->version = 0;
cmsidflag = CMS_ID_NAME;
} else {
ri->version = 2;
cmsidflag = CMS_ID_SKI;
}
ret = fill_CMSIdentifier(cert, cmsidflag, &ri->rid);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to set CMS identifier info "
"for EnvelopedData");
goto out;
}
ret = hx509_cert_public_encrypt(context,
&key, cert,
&ri->keyEncryptionAlgorithm.algorithm,
&ri->encryptedKey);
if (ret) {
hx509_set_error_string(context, HX509_ERROR_APPEND, ret,
"Failed to encrypt transport key for "
"EnvelopedData");
goto out;
}
/*
*
*/
ed.version = 0;
ed.originatorInfo = NULL;
ret = der_copy_oid(contentType, &ed.encryptedContentInfo.contentType);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to copy content oid for "
"EnvelopedData");
goto out;
}
ed.unprotectedAttrs = NULL;
ASN1_MALLOC_ENCODE(EnvelopedData, content->data, content->length,
&ed, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to encode EnvelopedData");
goto out;
}
if (size != content->length)
_hx509_abort("internal ASN.1 encoder error");
out:
if (crypto)
hx509_crypto_destroy(crypto);
if (ret)
der_free_octet_string(content);
der_free_octet_string(&key);
der_free_octet_string(&ivec);
free_EnvelopedData(&ed);
return ret;
}
int
hx509_crl_sign(hx509_context context,
hx509_cert signer,
hx509_crl crl,
heim_octet_string *os)
{
const AlgorithmIdentifier *sigalg = _hx509_crypto_default_sig_alg;
CRLCertificateList c;
size_t size;
int ret;
hx509_private_key signerkey;
memset(&c, 0, sizeof(c));
signerkey = _hx509_cert_private_key(signer);
if (signerkey == NULL) {
ret = HX509_PRIVATE_KEY_MISSING;
hx509_set_error_string(context, 0, ret,
"Private key missing for CRL signing");
return ret;
}
c.tbsCertList.version = malloc(sizeof(*c.tbsCertList.version));
if (c.tbsCertList.version == NULL) {
hx509_set_error_string(context, 0, ENOMEM, "out of memory");
return ENOMEM;
}
*c.tbsCertList.version = 1;
ret = copy_AlgorithmIdentifier(sigalg, &c.tbsCertList.signature);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
ret = copy_Name(&_hx509_get_cert(signer)->tbsCertificate.issuer,
&c.tbsCertList.issuer);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
c.tbsCertList.thisUpdate.element = choice_Time_generalTime;
c.tbsCertList.thisUpdate.u.generalTime = time(NULL) - 24 * 3600;
c.tbsCertList.nextUpdate = malloc(sizeof(*c.tbsCertList.nextUpdate));
if (c.tbsCertList.nextUpdate == NULL) {
hx509_set_error_string(context, 0, ENOMEM, "out of memory");
ret = ENOMEM;
goto out;
}
{
time_t next = crl->expire;
if (next == 0)
next = time(NULL) + 24 * 3600 * 365;
c.tbsCertList.nextUpdate->element = choice_Time_generalTime;
c.tbsCertList.nextUpdate->u.generalTime = next;
}
c.tbsCertList.revokedCertificates =
calloc(1, sizeof(*c.tbsCertList.revokedCertificates));
if (c.tbsCertList.revokedCertificates == NULL) {
hx509_set_error_string(context, 0, ENOMEM, "out of memory");
ret = ENOMEM;
goto out;
}
c.tbsCertList.crlExtensions = NULL;
ret = hx509_certs_iter_f(context, crl->revoked, add_revoked, &c.tbsCertList);
if (ret)
goto out;
/* if not revoked certs, remove OPTIONAL entry */
if (c.tbsCertList.revokedCertificates->len == 0) {
free(c.tbsCertList.revokedCertificates);
c.tbsCertList.revokedCertificates = NULL;
}
ASN1_MALLOC_ENCODE(TBSCRLCertList, os->data, os->length,
&c.tbsCertList, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "failed to encode tbsCRL");
goto out;
}
if (size != os->length)
_hx509_abort("internal ASN.1 encoder error");
ret = _hx509_create_signature_bitstring(context,
signerkey,
sigalg,
os,
&c.signatureAlgorithm,
&c.signatureValue);
free(os->data);
if (ret) {
hx509_set_error_string(context, 0, ret, "Failed to sign CRL");
goto out;
}
ASN1_MALLOC_ENCODE(CRLCertificateList, os->data, os->length,
&c, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "failed to encode CRL");
goto out;
}
if (size != os->length)
_hx509_abort("internal ASN.1 encoder error");
free_CRLCertificateList(&c);
return 0;
out:
free_CRLCertificateList(&c);
return ret;
}
int
hx509_cms_create_signed(hx509_context context,
int flags,
const heim_oid *eContentType,
const void *data, size_t length,
const AlgorithmIdentifier *digest_alg,
hx509_certs certs,
hx509_peer_info peer,
hx509_certs anchors,
hx509_certs pool,
heim_octet_string *signed_data)
{
unsigned int i, j;
hx509_name name;
int ret;
size_t size;
struct sigctx sigctx;
memset(&sigctx, 0, sizeof(sigctx));
memset(&name, 0, sizeof(name));
if (eContentType == NULL)
eContentType = &asn1_oid_id_pkcs7_data;
sigctx.digest_alg = digest_alg;
sigctx.content.data = rk_UNCONST(data);
sigctx.content.length = length;
sigctx.eContentType = eContentType;
sigctx.peer = peer;
/**
* Use HX509_CMS_SIGNATURE_ID_NAME to preferred use of issuer name
* and serial number if possible. Otherwise subject key identifier
* will preferred.
*/
if (flags & HX509_CMS_SIGNATURE_ID_NAME)
sigctx.cmsidflag = CMS_ID_NAME;
else
sigctx.cmsidflag = CMS_ID_SKI;
/**
* Use HX509_CMS_SIGNATURE_LEAF_ONLY to only request leaf
* certificates to be added to the SignedData.
*/
sigctx.leafonly = (flags & HX509_CMS_SIGNATURE_LEAF_ONLY) ? 1 : 0;
/**
* Use HX509_CMS_NO_CERTS to make the SignedData contain no
* certificates, overrides HX509_CMS_SIGNATURE_LEAF_ONLY.
*/
if ((flags & HX509_CMS_SIGNATURE_NO_CERTS) == 0) {
ret = hx509_certs_init(context, "MEMORY:certs", 0, NULL, &sigctx.certs);
if (ret)
return ret;
}
sigctx.anchors = anchors;
sigctx.pool = pool;
sigctx.sd.version = CMSVersion_v3;
der_copy_oid(eContentType, &sigctx.sd.encapContentInfo.eContentType);
/**
* Use HX509_CMS_SIGNATURE_DETACHED to create detached signatures.
*/
if ((flags & HX509_CMS_SIGNATURE_DETACHED) == 0) {
ALLOC(sigctx.sd.encapContentInfo.eContent, 1);
if (sigctx.sd.encapContentInfo.eContent == NULL) {
hx509_clear_error_string(context);
ret = ENOMEM;
goto out;
}
sigctx.sd.encapContentInfo.eContent->data = malloc(length);
if (sigctx.sd.encapContentInfo.eContent->data == NULL) {
hx509_clear_error_string(context);
ret = ENOMEM;
goto out;
}
memcpy(sigctx.sd.encapContentInfo.eContent->data, data, length);
sigctx.sd.encapContentInfo.eContent->length = length;
}
/**
* Use HX509_CMS_SIGNATURE_NO_SIGNER to create no sigInfo (no
* signatures).
*/
if ((flags & HX509_CMS_SIGNATURE_NO_SIGNER) == 0) {
ret = hx509_certs_iter_f(context, certs, sig_process, &sigctx);
if (ret)
goto out;
}
if (sigctx.sd.signerInfos.len) {
/*
* For each signerInfo, collect all different digest types.
*/
for (i = 0; i < sigctx.sd.signerInfos.len; i++) {
AlgorithmIdentifier *di =
&sigctx.sd.signerInfos.val[i].digestAlgorithm;
for (j = 0; j < sigctx.sd.digestAlgorithms.len; j++)
if (cmp_AlgorithmIdentifier(di, &sigctx.sd.digestAlgorithms.val[j]) == 0)
break;
if (j == sigctx.sd.digestAlgorithms.len) {
ret = add_DigestAlgorithmIdentifiers(&sigctx.sd.digestAlgorithms, di);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
}
}
}
/*
* Add certs we think are needed, build as part of sig_process
*/
if (sigctx.certs) {
ALLOC(sigctx.sd.certificates, 1);
if (sigctx.sd.certificates == NULL) {
hx509_clear_error_string(context);
ret = ENOMEM;
goto out;
}
ret = hx509_certs_iter_f(context, sigctx.certs, cert_process, &sigctx);
if (ret)
goto out;
}
ASN1_MALLOC_ENCODE(SignedData,
signed_data->data, signed_data->length,
&sigctx.sd, &size, ret);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
if (signed_data->length != size)
_hx509_abort("internal ASN.1 encoder error");
out:
hx509_certs_free(&sigctx.certs);
free_SignedData(&sigctx.sd);
return ret;
}
static int
sig_process(hx509_context context, void *ctx, hx509_cert cert)
{
struct sigctx *sigctx = ctx;
heim_octet_string buf, sigdata = { 0, NULL };
SignerInfo *signer_info = NULL;
AlgorithmIdentifier digest;
size_t size;
void *ptr;
int ret;
SignedData *sd = &sigctx->sd;
hx509_path path;
memset(&digest, 0, sizeof(digest));
memset(&path, 0, sizeof(path));
if (_hx509_cert_private_key(cert) == NULL) {
hx509_set_error_string(context, 0, HX509_PRIVATE_KEY_MISSING,
"Private key missing for signing");
return HX509_PRIVATE_KEY_MISSING;
}
if (sigctx->digest_alg) {
ret = copy_AlgorithmIdentifier(sigctx->digest_alg, &digest);
if (ret)
hx509_clear_error_string(context);
} else {
ret = hx509_crypto_select(context, HX509_SELECT_DIGEST,
_hx509_cert_private_key(cert),
sigctx->peer, &digest);
}
if (ret)
goto out;
/*
* Allocate on more signerInfo and do the signature processing
*/
ptr = realloc(sd->signerInfos.val,
(sd->signerInfos.len + 1) * sizeof(sd->signerInfos.val[0]));
if (ptr == NULL) {
ret = ENOMEM;
goto out;
}
sd->signerInfos.val = ptr;
signer_info = &sd->signerInfos.val[sd->signerInfos.len];
memset(signer_info, 0, sizeof(*signer_info));
signer_info->version = 1;
ret = fill_CMSIdentifier(cert, sigctx->cmsidflag, &signer_info->sid);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
signer_info->signedAttrs = NULL;
signer_info->unsignedAttrs = NULL;
ret = copy_AlgorithmIdentifier(&digest, &signer_info->digestAlgorithm);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
/*
* If it isn't pkcs7-data send signedAttributes
*/
if (der_heim_oid_cmp(sigctx->eContentType, &asn1_oid_id_pkcs7_data) != 0) {
CMSAttributes sa;
heim_octet_string sig;
ALLOC(signer_info->signedAttrs, 1);
if (signer_info->signedAttrs == NULL) {
ret = ENOMEM;
goto out;
}
ret = _hx509_create_signature(context,
NULL,
&digest,
&sigctx->content,
NULL,
&sig);
if (ret)
goto out;
ASN1_MALLOC_ENCODE(MessageDigest,
buf.data,
buf.length,
&sig,
&size,
ret);
der_free_octet_string(&sig);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
if (size != buf.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_one_attribute(&signer_info->signedAttrs->val,
&signer_info->signedAttrs->len,
&asn1_oid_id_pkcs9_messageDigest,
&buf);
if (ret) {
free(buf.data);
hx509_clear_error_string(context);
goto out;
}
ASN1_MALLOC_ENCODE(ContentType,
buf.data,
buf.length,
sigctx->eContentType,
&size,
ret);
if (ret)
goto out;
if (size != buf.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_one_attribute(&signer_info->signedAttrs->val,
&signer_info->signedAttrs->len,
&asn1_oid_id_pkcs9_contentType,
&buf);
if (ret) {
free(buf.data);
hx509_clear_error_string(context);
goto out;
}
sa.val = signer_info->signedAttrs->val;
sa.len = signer_info->signedAttrs->len;
ASN1_MALLOC_ENCODE(CMSAttributes,
sigdata.data,
sigdata.length,
&sa,
&size,
ret);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
if (size != sigdata.length)
_hx509_abort("internal ASN.1 encoder error");
} else {
sigdata.data = sigctx->content.data;
sigdata.length = sigctx->content.length;
}
{
AlgorithmIdentifier sigalg;
ret = hx509_crypto_select(context, HX509_SELECT_PUBLIC_SIG,
_hx509_cert_private_key(cert), sigctx->peer,
&sigalg);
if (ret)
goto out;
ret = _hx509_create_signature(context,
_hx509_cert_private_key(cert),
&sigalg,
&sigdata,
&signer_info->signatureAlgorithm,
&signer_info->signature);
free_AlgorithmIdentifier(&sigalg);
if (ret)
goto out;
}
sigctx->sd.signerInfos.len++;
signer_info = NULL;
/*
* Provide best effort path
*/
if (sigctx->certs) {
unsigned int i;
if (sigctx->pool && sigctx->leafonly == 0) {
_hx509_calculate_path(context,
HX509_CALCULATE_PATH_NO_ANCHOR,
time(NULL),
sigctx->anchors,
0,
cert,
sigctx->pool,
&path);
} else
_hx509_path_append(context, &path, cert);
for (i = 0; i < path.len; i++) {
/* XXX remove dups */
ret = hx509_certs_add(context, sigctx->certs, path.val[i]);
if (ret) {
hx509_clear_error_string(context);
goto out;
}
}
}
out:
if (signer_info)
free_SignerInfo(signer_info);
if (sigdata.data != sigctx->content.data)
der_free_octet_string(&sigdata);
_hx509_path_free(&path);
free_AlgorithmIdentifier(&digest);
return ret;
}
int
hx509_ocsp_request(hx509_context context,
hx509_certs reqcerts,
hx509_certs pool,
hx509_cert signer,
const AlgorithmIdentifier *digest,
heim_octet_string *request,
heim_octet_string *nonce)
{
OCSPRequest req;
size_t size;
int ret;
struct ocsp_add_ctx ctx;
Extensions *es;
memset(&req, 0, sizeof(req));
if (digest == NULL)
digest = _hx509_crypto_default_digest_alg;
ctx.req = &req.tbsRequest;
ctx.certs = pool;
ctx.digest = digest;
ctx.parent = NULL;
ret = hx509_certs_iter_f(context, reqcerts, add_to_req, &ctx);
hx509_cert_free(ctx.parent);
if (ret)
goto out;
if (nonce) {
req.tbsRequest.requestExtensions =
calloc(1, sizeof(*req.tbsRequest.requestExtensions));
if (req.tbsRequest.requestExtensions == NULL) {
ret = ENOMEM;
goto out;
}
es = req.tbsRequest.requestExtensions;
es->val = calloc(es->len, sizeof(es->val[0]));
if (es->val == NULL) {
ret = ENOMEM;
goto out;
}
es->len = 1;
ret = der_copy_oid(&asn1_oid_id_pkix_ocsp_nonce, &es->val[0].extnID);
if (ret) {
free_OCSPRequest(&req);
return ret;
}
es->val[0].extnValue.data = malloc(10);
if (es->val[0].extnValue.data == NULL) {
ret = ENOMEM;
goto out;
}
es->val[0].extnValue.length = 10;
ret = RAND_bytes(es->val[0].extnValue.data,
es->val[0].extnValue.length);
if (ret != 1) {
ret = HX509_CRYPTO_INTERNAL_ERROR;
goto out;
}
ret = der_copy_octet_string(nonce, &es->val[0].extnValue);
if (ret) {
ret = ENOMEM;
goto out;
}
}
ASN1_MALLOC_ENCODE(OCSPRequest, request->data, request->length,
&req, &size, ret);
free_OCSPRequest(&req);
if (ret)
goto out;
if (size != request->length)
_hx509_abort("internal ASN.1 encoder error");
return 0;
out:
free_OCSPRequest(&req);
return ret;
}
static int
set_private_key(hx509_context context, hx509_cert cert, SecKeyRef pkey)
{
const SubjectPublicKeyInfo *spi;
const Certificate *c;
struct kc_rsa *kc;
RSAPublicKey pk;
hx509_private_key key;
size_t size;
RSA *rsa;
int ret;
ret = hx509_private_key_init(&key, NULL, NULL);
if (ret)
return ret;
kc = calloc(1, sizeof(*kc));
if (kc == NULL)
_hx509_abort("out of memory");
CFRetain(pkey);
kc->pkey = pkey;
rsa = RSA_new();
if (rsa == NULL)
_hx509_abort("out of memory");
RSA_set_method(rsa, &kc_rsa_pkcs1_method);
ret = RSA_set_app_data(rsa, kc);
if (ret != 1)
_hx509_abort("RSA_set_app_data");
/*
* Set up n and e to please RSA_size()
*/
c = _hx509_get_cert(cert);
spi = &c->tbsCertificate.subjectPublicKeyInfo;
ret = decode_RSAPublicKey(spi->subjectPublicKey.data,
spi->subjectPublicKey.length / 8,
&pk, &size);
if (ret) {
RSA_free(rsa);
return 0;
}
rsa->n = _hx509_int2BN(&pk.modulus);
rsa->e = _hx509_int2BN(&pk.publicExponent);
free_RSAPublicKey(&pk);
kc->keysize = BN_num_bytes(rsa->n);
/*
*
*/
hx509_private_key_assign_rsa(key, rsa);
_hx509_cert_set_key(cert, key);
hx509_private_key_free(&key);
return 0;
}
static int
collect_private_key(hx509_context context,
struct p11_module *p, struct p11_slot *slot,
CK_SESSION_HANDLE session,
CK_OBJECT_HANDLE object,
void *ptr, CK_ATTRIBUTE *query, int num_query)
{
struct hx509_collector *collector = ptr;
hx509_private_key key;
heim_octet_string localKeyId;
int ret;
RSA *rsa;
struct p11_rsa *p11rsa;
localKeyId.data = query[0].pValue;
localKeyId.length = query[0].ulValueLen;
ret = _hx509_private_key_init(&key, NULL, NULL);
if (ret)
return ret;
rsa = RSA_new();
if (rsa == NULL)
_hx509_abort("out of memory");
/*
* The exponent and modulus should always be present according to
* the pkcs11 specification, but some smartcards leaves it out,
* let ignore any failure to fetch it.
*/
rsa->n = getattr_bn(p, slot, session, object, CKA_MODULUS);
rsa->e = getattr_bn(p, slot, session, object, CKA_PUBLIC_EXPONENT);
p11rsa = calloc(1, sizeof(*p11rsa));
if (p11rsa == NULL)
_hx509_abort("out of memory");
p11rsa->p = p;
p11rsa->slot = slot;
p11rsa->private_key = object;
p->refcount++;
if (p->refcount == 0)
_hx509_abort("pkcs11 refcount to high");
RSA_set_method(rsa, &p11_rsa_pkcs1_method);
ret = RSA_set_app_data(rsa, p11rsa);
if (ret != 1)
_hx509_abort("RSA_set_app_data");
_hx509_private_key_assign_rsa(key, rsa);
ret = _hx509_collector_private_key_add(context,
collector,
hx509_signature_rsa(),
key,
NULL,
&localKeyId);
if (ret) {
_hx509_private_key_free(&key);
return ret;
}
return 0;
}
int
_hx509_Name_to_string(const Name *n, char **str)
{
size_t total_len = 0;
size_t i, j, m;
int ret;
*str = strdup("");
if (*str == NULL)
return ENOMEM;
for (m = n->u.rdnSequence.len; m > 0; m--) {
size_t len;
i = m - 1;
for (j = 0; j < n->u.rdnSequence.val[i].len; j++) {
DirectoryString *ds = &n->u.rdnSequence.val[i].val[j].value;
char *oidname;
char *ss;
oidname = oidtostring(&n->u.rdnSequence.val[i].val[j].type);
switch(ds->element) {
case choice_DirectoryString_ia5String:
ss = ds->u.ia5String.data;
len = ds->u.ia5String.length;
break;
case choice_DirectoryString_printableString:
ss = ds->u.printableString.data;
len = ds->u.printableString.length;
break;
case choice_DirectoryString_utf8String:
ss = ds->u.utf8String;
len = strlen(ss);
break;
case choice_DirectoryString_bmpString: {
const uint16_t *bmp = ds->u.bmpString.data;
size_t bmplen = ds->u.bmpString.length;
size_t k;
ret = wind_ucs2utf8_length(bmp, bmplen, &k);
if (ret) {
free(oidname);
free(*str);
*str = NULL;
return ret;
}
ss = malloc(k + 1);
if (ss == NULL)
_hx509_abort("allocation failure"); /* XXX */
ret = wind_ucs2utf8(bmp, bmplen, ss, NULL);
if (ret) {
free(oidname);
free(ss);
free(*str);
*str = NULL;
return ret;
}
ss[k] = '\0';
len = k;
break;
}
case choice_DirectoryString_teletexString:
ss = ds->u.teletexString;
len = strlen(ss);
break;
case choice_DirectoryString_universalString: {
const uint32_t *uni = ds->u.universalString.data;
size_t unilen = ds->u.universalString.length;
size_t k;
ret = wind_ucs4utf8_length(uni, unilen, &k);
if (ret) {
free(oidname);
free(*str);
*str = NULL;
return ret;
}
ss = malloc(k + 1);
if (ss == NULL)
_hx509_abort("allocation failure"); /* XXX */
ret = wind_ucs4utf8(uni, unilen, ss, NULL);
if (ret) {
free(ss);
free(oidname);
free(*str);
*str = NULL;
return ret;
}
ss[k] = '\0';
len = k;
break;
}
default:
_hx509_abort("unknown directory type: %d", ds->element);
exit(1);
}
append_string(str, &total_len, oidname, strlen(oidname), 0);
free(oidname);
append_string(str, &total_len, "=", 1, 0);
append_string(str, &total_len, ss, len, 1);
if (ds->element == choice_DirectoryString_bmpString ||
ds->element == choice_DirectoryString_universalString)
{
free(ss);
}
if (j + 1 < n->u.rdnSequence.val[i].len)
append_string(str, &total_len, "+", 1, 0);
}
if (i > 0)
append_string(str, &total_len, ",", 1, 0);
}
return 0;
}
static int
dsstringprep(const DirectoryString *ds, uint32_t **rname, size_t *rlen)
{
wind_profile_flags flags;
size_t i, len;
int ret;
uint32_t *name;
*rname = NULL;
*rlen = 0;
switch(ds->element) {
case choice_DirectoryString_ia5String:
flags = WIND_PROFILE_LDAP;
COPYVOIDARRAY(ds, ia5String, len, name);
break;
case choice_DirectoryString_printableString:
flags = WIND_PROFILE_LDAP;
flags |= WIND_PROFILE_LDAP_CASE_EXACT_ATTRIBUTE;
COPYVOIDARRAY(ds, printableString, len, name);
break;
case choice_DirectoryString_teletexString:
flags = WIND_PROFILE_LDAP_CASE;
COPYCHARARRAY(ds, teletexString, len, name);
break;
case choice_DirectoryString_bmpString:
flags = WIND_PROFILE_LDAP;
COPYVALARRAY(ds, bmpString, len, name);
break;
case choice_DirectoryString_universalString:
flags = WIND_PROFILE_LDAP;
COPYVALARRAY(ds, universalString, len, name);
break;
case choice_DirectoryString_utf8String:
flags = WIND_PROFILE_LDAP;
ret = wind_utf8ucs4_length(ds->u.utf8String, &len);
if (ret)
return ret;
name = malloc(len * sizeof(name[0]));
if (name == NULL)
return ENOMEM;
ret = wind_utf8ucs4(ds->u.utf8String, name, &len);
if (ret) {
free(name);
return ret;
}
break;
default:
_hx509_abort("unknown directory type: %d", ds->element);
}
*rlen = len;
/* try a couple of times to get the length right, XXX gross */
for (i = 0; i < 4; i++) {
*rlen = *rlen * 2;
*rname = malloc(*rlen * sizeof((*rname)[0]));
ret = wind_stringprep(name, len, *rname, rlen, flags);
if (ret == WIND_ERR_OVERRUN) {
free(*rname);
*rname = NULL;
continue;
} else
break;
}
free(name);
if (ret) {
if (*rname)
free(*rname);
*rname = NULL;
*rlen = 0;
return ret;
}
return 0;
}
int
_hx509_Name_to_string(const Name *n, char **str)
{
size_t total_len = 0;
int i, j;
*str = strdup("");
if (*str == NULL)
return ENOMEM;
for (i = n->u.rdnSequence.len - 1 ; i >= 0 ; i--) {
int len;
for (j = 0; j < n->u.rdnSequence.val[i].len; j++) {
DirectoryString *ds = &n->u.rdnSequence.val[i].val[j].value;
char *oidname;
char *ss;
oidname = oidtostring(&n->u.rdnSequence.val[i].val[j].type);
switch(ds->element) {
case choice_DirectoryString_ia5String:
ss = ds->u.ia5String;
break;
case choice_DirectoryString_printableString:
ss = ds->u.printableString;
break;
case choice_DirectoryString_utf8String:
ss = ds->u.utf8String;
break;
case choice_DirectoryString_bmpString: {
uint16_t *bmp = ds->u.bmpString.data;
size_t bmplen = ds->u.bmpString.length;
size_t k;
ss = malloc(bmplen + 1);
if (ss == NULL)
_hx509_abort("allocation failure"); /* XXX */
for (k = 0; k < bmplen; k++)
ss[k] = bmp[k] & 0xff; /* XXX */
ss[k] = '\0';
break;
}
case choice_DirectoryString_teletexString:
ss = malloc(ds->u.teletexString.length + 1);
if (ss == NULL)
_hx509_abort("allocation failure"); /* XXX */
memcpy(ss, ds->u.teletexString.data, ds->u.teletexString.length);
ss[ds->u.teletexString.length] = '\0';
break;
case choice_DirectoryString_universalString: {
uint32_t *uni = ds->u.universalString.data;
size_t unilen = ds->u.universalString.length;
size_t k;
ss = malloc(unilen + 1);
if (ss == NULL)
_hx509_abort("allocation failure"); /* XXX */
for (k = 0; k < unilen; k++)
ss[k] = uni[k] & 0xff; /* XXX */
ss[k] = '\0';
break;
}
default:
_hx509_abort("unknown directory type: %d", ds->element);
exit(1);
}
append_string(str, &total_len, oidname, strlen(oidname), 0);
free(oidname);
append_string(str, &total_len, "=", 1, 0);
len = strlen(ss);
append_string(str, &total_len, ss, len, 1);
if (ds->element == choice_DirectoryString_universalString ||
ds->element == choice_DirectoryString_bmpString ||
ds->element == choice_DirectoryString_teletexString)
{
free(ss);
}
if (j + 1 < n->u.rdnSequence.val[i].len)
append_string(str, &total_len, "+", 1, 0);
}
if (i > 0)
append_string(str, &total_len, ",", 1, 0);
}
return 0;
}
static int
ca_sign(hx509_context context,
hx509_ca_tbs tbs,
hx509_private_key signer,
const AuthorityKeyIdentifier *ai,
const Name *issuername,
hx509_cert *certificate)
{
heim_octet_string data;
Certificate c;
TBSCertificate *tbsc;
size_t size;
int ret;
const AlgorithmIdentifier *sigalg;
time_t notBefore;
time_t notAfter;
unsigned key_usage;
sigalg = _hx509_crypto_default_sig_alg;
memset(&c, 0, sizeof(c));
/*
* Default values are: Valid since 24h ago, valid one year into
* the future, KeyUsage digitalSignature and keyEncipherment set,
* and keyCertSign for CA certificates.
*/
notBefore = tbs->notBefore;
if (notBefore == 0)
notBefore = time(NULL) - 3600 * 24;
notAfter = tbs->notAfter;
if (notAfter == 0)
notAfter = time(NULL) + 3600 * 24 * 365;
key_usage = tbs->key_usage;
if (key_usage == 0) {
KeyUsage ku;
memset(&ku, 0, sizeof(ku));
ku.digitalSignature = 1;
ku.keyEncipherment = 1;
key_usage = KeyUsage2int(ku);
}
if (tbs->flags.ca) {
KeyUsage ku;
memset(&ku, 0, sizeof(ku));
ku.keyCertSign = 1;
ku.cRLSign = 1;
key_usage |= KeyUsage2int(ku);
}
/*
*
*/
tbsc = &c.tbsCertificate;
if (tbs->flags.key == 0) {
ret = EINVAL;
hx509_set_error_string(context, 0, ret, "No public key set");
return ret;
}
/*
* Don't put restrictions on proxy certificate's subject name, it
* will be generated below.
*/
if (!tbs->flags.proxy) {
if (tbs->subject == NULL) {
hx509_set_error_string(context, 0, EINVAL, "No subject name set");
return EINVAL;
}
if (hx509_name_is_null_p(tbs->subject) && tbs->san.len == 0) {
hx509_set_error_string(context, 0, EINVAL,
"NULL subject and no SubjectAltNames");
return EINVAL;
}
}
if (tbs->flags.ca && tbs->flags.proxy) {
hx509_set_error_string(context, 0, EINVAL, "Can't be proxy and CA "
"at the same time");
return EINVAL;
}
if (tbs->flags.proxy) {
if (tbs->san.len > 0) {
hx509_set_error_string(context, 0, EINVAL,
"Proxy certificate is not allowed "
"to have SubjectAltNames");
return EINVAL;
}
}
/* version [0] Version OPTIONAL, -- EXPLICIT nnn DEFAULT 1, */
tbsc->version = calloc(1, sizeof(*tbsc->version));
if (tbsc->version == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
*tbsc->version = rfc3280_version_3;
/* serialNumber CertificateSerialNumber, */
if (tbs->flags.serial) {
ret = der_copy_heim_integer(&tbs->serial, &tbsc->serialNumber);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
} else {
tbsc->serialNumber.length = 20;
tbsc->serialNumber.data = malloc(tbsc->serialNumber.length);
if (tbsc->serialNumber.data == NULL){
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
/* XXX diffrent */
RAND_bytes(tbsc->serialNumber.data, tbsc->serialNumber.length);
((unsigned char *)tbsc->serialNumber.data)[0] &= 0x7f;
}
/* signature AlgorithmIdentifier, */
ret = copy_AlgorithmIdentifier(sigalg, &tbsc->signature);
if (ret) {
hx509_set_error_string(context, 0, ret, "Failed to copy sigature alg");
goto out;
}
/* issuer Name, */
if (issuername)
ret = copy_Name(issuername, &tbsc->issuer);
else
ret = hx509_name_to_Name(tbs->subject, &tbsc->issuer);
if (ret) {
hx509_set_error_string(context, 0, ret, "Failed to copy issuer name");
goto out;
}
/* validity Validity, */
tbsc->validity.notBefore.element = choice_Time_generalTime;
tbsc->validity.notBefore.u.generalTime = notBefore;
tbsc->validity.notAfter.element = choice_Time_generalTime;
tbsc->validity.notAfter.u.generalTime = notAfter;
/* subject Name, */
if (tbs->flags.proxy) {
ret = build_proxy_prefix(context, &tbsc->issuer, &tbsc->subject);
if (ret)
goto out;
} else {
ret = hx509_name_to_Name(tbs->subject, &tbsc->subject);
if (ret) {
hx509_set_error_string(context, 0, ret,
"Failed to copy subject name");
goto out;
}
}
/* subjectPublicKeyInfo SubjectPublicKeyInfo, */
ret = copy_SubjectPublicKeyInfo(&tbs->spki, &tbsc->subjectPublicKeyInfo);
if (ret) {
hx509_set_error_string(context, 0, ret, "Failed to copy spki");
goto out;
}
/* issuerUniqueID [1] IMPLICIT BIT STRING OPTIONAL */
if (tbs->issuerUniqueID.length) {
tbsc->issuerUniqueID = calloc(1, sizeof(*tbsc->issuerUniqueID));
if (tbsc->issuerUniqueID == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
ret = der_copy_bit_string(&tbs->issuerUniqueID, tbsc->issuerUniqueID);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
}
/* subjectUniqueID [2] IMPLICIT BIT STRING OPTIONAL */
if (tbs->subjectUniqueID.length) {
tbsc->subjectUniqueID = calloc(1, sizeof(*tbsc->subjectUniqueID));
if (tbsc->subjectUniqueID == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
ret = der_copy_bit_string(&tbs->subjectUniqueID, tbsc->subjectUniqueID);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
}
/* extensions [3] EXPLICIT Extensions OPTIONAL */
tbsc->extensions = calloc(1, sizeof(*tbsc->extensions));
if (tbsc->extensions == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
/* Add the text BMP string Domaincontroller to the cert */
if (tbs->flags.domaincontroller) {
data.data = rk_UNCONST("\x1e\x20\x00\x44\x00\x6f\x00\x6d"
"\x00\x61\x00\x69\x00\x6e\x00\x43"
"\x00\x6f\x00\x6e\x00\x74\x00\x72"
"\x00\x6f\x00\x6c\x00\x6c\x00\x65"
"\x00\x72");
data.length = 34;
ret = add_extension(context, tbsc, 0,
&asn1_oid_id_ms_cert_enroll_domaincontroller,
&data);
if (ret)
goto out;
}
/* add KeyUsage */
{
KeyUsage ku;
ku = int2KeyUsage(key_usage);
ASN1_MALLOC_ENCODE(KeyUsage, data.data, data.length, &ku, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, 1,
&asn1_oid_id_x509_ce_keyUsage, &data);
free(data.data);
if (ret)
goto out;
}
/* add ExtendedKeyUsage */
if (tbs->eku.len > 0) {
ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length,
&tbs->eku, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, 0,
&asn1_oid_id_x509_ce_extKeyUsage, &data);
free(data.data);
if (ret)
goto out;
}
/* add Subject Alternative Name */
if (tbs->san.len > 0) {
ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length,
&tbs->san, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, 0,
&asn1_oid_id_x509_ce_subjectAltName,
&data);
free(data.data);
if (ret)
goto out;
}
/* Add Authority Key Identifier */
if (ai) {
ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length,
ai, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, 0,
&asn1_oid_id_x509_ce_authorityKeyIdentifier,
&data);
free(data.data);
if (ret)
goto out;
}
/* Add Subject Key Identifier */
{
SubjectKeyIdentifier si;
unsigned char hash[SHA_DIGEST_LENGTH];
{
EVP_MD_CTX *ctx;
ctx = EVP_MD_CTX_create();
EVP_DigestInit_ex(ctx, EVP_sha1(), NULL);
EVP_DigestUpdate(ctx, tbs->spki.subjectPublicKey.data,
tbs->spki.subjectPublicKey.length / 8);
EVP_DigestFinal_ex(ctx, hash, NULL);
EVP_MD_CTX_destroy(ctx);
}
si.data = hash;
si.length = sizeof(hash);
ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length,
&si, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, 0,
&asn1_oid_id_x509_ce_subjectKeyIdentifier,
&data);
free(data.data);
if (ret)
goto out;
}
/* Add BasicConstraints */
{
BasicConstraints bc;
int aCA = 1;
unsigned int path;
memset(&bc, 0, sizeof(bc));
if (tbs->flags.ca) {
bc.cA = &aCA;
if (tbs->pathLenConstraint >= 0) {
path = tbs->pathLenConstraint;
bc.pathLenConstraint = &path;
}
}
ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length,
&bc, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
/* Critical if this is a CA */
ret = add_extension(context, tbsc, tbs->flags.ca,
&asn1_oid_id_x509_ce_basicConstraints,
&data);
free(data.data);
if (ret)
goto out;
}
/* add Proxy */
if (tbs->flags.proxy) {
ProxyCertInfo info;
memset(&info, 0, sizeof(info));
if (tbs->pathLenConstraint >= 0) {
info.pCPathLenConstraint =
malloc(sizeof(*info.pCPathLenConstraint));
if (info.pCPathLenConstraint == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
*info.pCPathLenConstraint = tbs->pathLenConstraint;
}
ret = der_copy_oid(&asn1_oid_id_pkix_ppl_inheritAll,
&info.proxyPolicy.policyLanguage);
if (ret) {
free_ProxyCertInfo(&info);
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length,
&info, &size, ret);
free_ProxyCertInfo(&info);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, 0,
&asn1_oid_id_pkix_pe_proxyCertInfo,
&data);
free(data.data);
if (ret)
goto out;
}
if (tbs->crldp.len) {
ASN1_MALLOC_ENCODE(CRLDistributionPoints, data.data, data.length,
&tbs->crldp, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
if (size != data.length)
_hx509_abort("internal ASN.1 encoder error");
ret = add_extension(context, tbsc, FALSE,
&asn1_oid_id_x509_ce_cRLDistributionPoints,
&data);
free(data.data);
if (ret)
goto out;
}
ASN1_MALLOC_ENCODE(TBSCertificate, data.data, data.length,tbsc, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "malloc out of memory");
goto out;
}
if (data.length != size)
_hx509_abort("internal ASN.1 encoder error");
ret = _hx509_create_signature_bitstring(context,
signer,
sigalg,
&data,
&c.signatureAlgorithm,
&c.signatureValue);
free(data.data);
if (ret)
goto out;
ret = hx509_cert_init(context, &c, certificate);
if (ret)
goto out;
free_Certificate(&c);
return 0;
out:
free_Certificate(&c);
return ret;
}
static int
p11_get_session(hx509_context context,
struct p11_module *p,
struct p11_slot *slot,
hx509_lock lock,
CK_SESSION_HANDLE *psession)
{
CK_RV ret;
if (slot->flags & P11_SESSION_IN_USE)
_hx509_abort("slot already in session");
if (slot->flags & P11_SESSION) {
slot->flags |= P11_SESSION_IN_USE;
*psession = slot->session;
return 0;
}
ret = P11FUNC(p, OpenSession, (slot->id,
CKF_SERIAL_SESSION,
NULL,
NULL,
&slot->session));
if (ret != CKR_OK) {
if (context)
hx509_set_error_string(context, 0, HX509_PKCS11_OPEN_SESSION,
"Failed to OpenSession for slot id %d "
"with error: 0x%08x",
(int)slot->id, ret);
return HX509_PKCS11_OPEN_SESSION;
}
slot->flags |= P11_SESSION;
/*
* If we have have to login, and haven't tried before and have a
* prompter or known to work pin code.
*
* This code is very conversative and only uses the prompter in
* the hx509_lock, the reason is that it's bad to try many
* passwords on a pkcs11 token, it might lock up and have to be
* unlocked by a administrator.
*
* XXX try harder to not use pin several times on the same card.
*/
if ( (slot->flags & P11_LOGIN_REQ)
&& (slot->flags & P11_LOGIN_DONE) == 0
&& (lock || slot->pin))
{
hx509_prompt prompt;
char pin[20];
char *str;
slot->flags |= P11_LOGIN_DONE;
if (slot->pin == NULL) {
memset(&prompt, 0, sizeof(prompt));
asprintf(&str, "PIN code for %s: ", slot->name);
prompt.prompt = str;
prompt.type = HX509_PROMPT_TYPE_PASSWORD;
prompt.reply.data = pin;
prompt.reply.length = sizeof(pin);
ret = hx509_lock_prompt(lock, &prompt);
if (ret) {
free(str);
if (context)
hx509_set_error_string(context, 0, ret,
"Failed to get pin code for slot "
"id %d with error: %d",
(int)slot->id, ret);
return ret;
}
free(str);
} else {
strlcpy(pin, slot->pin, sizeof(pin));
}
ret = P11FUNC(p, Login, (slot->session, CKU_USER,
(unsigned char*)pin, strlen(pin)));
if (ret != CKR_OK) {
if (context)
hx509_set_error_string(context, 0, HX509_PKCS11_LOGIN,
"Failed to login on slot id %d "
"with error: 0x%08x",
(int)slot->id, ret);
p11_put_session(p, slot, slot->session);
return HX509_PKCS11_LOGIN;
}
if (slot->pin == NULL) {
slot->pin = strdup(pin);
if (slot->pin == NULL) {
if (context)
hx509_set_error_string(context, 0, ENOMEM,
"out of memory");
p11_put_session(p, slot, slot->session);
return ENOMEM;
}
}
} else
slot->flags |= P11_LOGIN_DONE;
slot->flags |= P11_SESSION_IN_USE;
*psession = slot->session;
return 0;
}
