• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *  X.509 Certificate Signing Request writing
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0
6  *
7  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
8  *  not use this file except in compliance with the License.
9  *  You may obtain a copy of the License at
10  *
11  *  http://www.apache.org/licenses/LICENSE-2.0
12  *
13  *  Unless required by applicable law or agreed to in writing, software
14  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  *  See the License for the specific language governing permissions and
17  *  limitations under the License.
18  */
19 /*
20  * References:
21  * - CSRs: PKCS#10 v1.7 aka RFC 2986
22  * - attributes: PKCS#9 v2.0 aka RFC 2985
23  */
24 
25 #include "common.h"
26 
27 #if defined(MBEDTLS_X509_CSR_WRITE_C)
28 
29 #include "mbedtls/x509_csr.h"
30 #include "mbedtls/asn1write.h"
31 #include "mbedtls/error.h"
32 #include "mbedtls/oid.h"
33 #include "mbedtls/platform_util.h"
34 
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36 #include "psa/crypto.h"
37 #include "mbedtls/psa_util.h"
38 #endif
39 
40 #include <string.h>
41 #include <stdlib.h>
42 
43 #if defined(MBEDTLS_PEM_WRITE_C)
44 #include "mbedtls/pem.h"
45 #endif
46 
47 #if defined(MBEDTLS_PLATFORM_C)
48 #include "mbedtls/platform.h"
49 #else
50 #include <stdlib.h>
51 #define mbedtls_calloc    calloc
52 #define mbedtls_free      free
53 #endif
54 
mbedtls_x509write_csr_init(mbedtls_x509write_csr * ctx)55 void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
56 {
57     memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
58 }
59 
mbedtls_x509write_csr_free(mbedtls_x509write_csr * ctx)60 void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx )
61 {
62     mbedtls_asn1_free_named_data_list( &ctx->subject );
63     mbedtls_asn1_free_named_data_list( &ctx->extensions );
64 
65     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) );
66 }
67 
mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr * ctx,mbedtls_md_type_t md_alg)68 void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg )
69 {
70     ctx->md_alg = md_alg;
71 }
72 
mbedtls_x509write_csr_set_key(mbedtls_x509write_csr * ctx,mbedtls_pk_context * key)73 void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key )
74 {
75     ctx->key = key;
76 }
77 
mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr * ctx,const char * subject_name)78 int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
79                                     const char *subject_name )
80 {
81     return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
82 }
83 
mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr * ctx,const char * oid,size_t oid_len,int critical,const unsigned char * val,size_t val_len)84 int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
85                                  const char *oid, size_t oid_len,
86                                  int critical,
87                                  const unsigned char *val, size_t val_len )
88 {
89     return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
90                                critical, val, val_len );
91 }
92 
mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr * ctx,unsigned char key_usage)93 int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
94 {
95     unsigned char buf[4] = {0};
96     unsigned char *c;
97     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
98 
99     c = buf + 4;
100 
101     ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 );
102     if( ret < 3 || ret > 4 )
103         return( ret );
104 
105     ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
106                                        MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
107                                        0, c, (size_t)ret );
108     if( ret != 0 )
109         return( ret );
110 
111     return( 0 );
112 }
113 
mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr * ctx,unsigned char ns_cert_type)114 int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
115                                     unsigned char ns_cert_type )
116 {
117     unsigned char buf[4] = {0};
118     unsigned char *c;
119     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
120 
121     c = buf + 4;
122 
123     ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 );
124     if( ret < 3 || ret > 4 )
125         return( ret );
126 
127     ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
128                                        MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
129                                        0, c, (size_t)ret );
130     if( ret != 0 )
131         return( ret );
132 
133     return( 0 );
134 }
135 
x509write_csr_der_internal(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,unsigned char * sig,size_t sig_size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)136 static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
137                                  unsigned char *buf,
138                                  size_t size,
139                                  unsigned char *sig, size_t sig_size,
140                                  int (*f_rng)(void *, unsigned char *, size_t),
141                                  void *p_rng )
142 {
143     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
144     const char *sig_oid;
145     size_t sig_oid_len = 0;
146     unsigned char *c, *c2;
147     unsigned char hash[64];
148     size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
149     size_t len = 0;
150     mbedtls_pk_type_t pk_alg;
151 #if defined(MBEDTLS_USE_PSA_CRYPTO)
152     psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
153     size_t hash_len;
154     psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
155 #endif /* MBEDTLS_USE_PSA_CRYPTO */
156 
157     /* Write the CSR backwards starting from the end of buf */
158     c = buf + size;
159 
160     MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf,
161                                                            ctx->extensions ) );
162 
163     if( len )
164     {
165         MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
166         MBEDTLS_ASN1_CHK_ADD( len,
167             mbedtls_asn1_write_tag(
168                 &c, buf,
169                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
170 
171         MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
172         MBEDTLS_ASN1_CHK_ADD( len,
173             mbedtls_asn1_write_tag(
174                 &c, buf,
175                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) );
176 
177         MBEDTLS_ASN1_CHK_ADD( len,
178             mbedtls_asn1_write_oid(
179                 &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
180                 MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
181 
182         MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
183         MBEDTLS_ASN1_CHK_ADD( len,
184             mbedtls_asn1_write_tag(
185                 &c, buf,
186                 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
187     }
188 
189     MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
190     MBEDTLS_ASN1_CHK_ADD( len,
191         mbedtls_asn1_write_tag(
192             &c, buf,
193             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
194 
195     MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
196                                                               buf, c - buf ) );
197     c -= pub_len;
198     len += pub_len;
199 
200     /*
201      *  Subject  ::=  Name
202      */
203     MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf,
204                                                          ctx->subject ) );
205 
206     /*
207      *  Version  ::=  INTEGER  {  v1(0), v2(1), v3(2)  }
208      */
209     MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
210 
211     MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
212     MBEDTLS_ASN1_CHK_ADD( len,
213         mbedtls_asn1_write_tag(
214             &c, buf,
215             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
216 
217     /*
218      * Sign the written CSR data into the sig buffer
219      * Note: hash errors can happen only after an internal error
220      */
221 #if defined(MBEDTLS_USE_PSA_CRYPTO)
222     if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
223         return( MBEDTLS_ERR_X509_FATAL_ERROR );
224 
225     if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS )
226         return( MBEDTLS_ERR_X509_FATAL_ERROR );
227 
228     if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
229         != PSA_SUCCESS )
230     {
231         return( MBEDTLS_ERR_X509_FATAL_ERROR );
232     }
233 #else /* MBEDTLS_USE_PSA_CRYPTO */
234     ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
235     if( ret != 0 )
236         return( ret );
237 #endif
238     if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0,
239                                  sig, sig_size, &sig_len,
240                                  f_rng, p_rng ) ) != 0 )
241     {
242         return( ret );
243     }
244 
245     if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) )
246         pk_alg = MBEDTLS_PK_RSA;
247     else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) )
248         pk_alg = MBEDTLS_PK_ECDSA;
249     else
250         return( MBEDTLS_ERR_X509_INVALID_ALG );
251 
252     if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
253                                               &sig_oid, &sig_oid_len ) ) != 0 )
254     {
255         return( ret );
256     }
257 
258     /*
259      * Move the written CSR data to the start of buf to create space for
260      * writing the signature into buf.
261      */
262     memmove( buf, c, len );
263 
264     /*
265      * Write sig and its OID into buf backwards from the end of buf.
266      * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len
267      * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed.
268      */
269     c2 = buf + size;
270     MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len,
271         mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len,
272                                 sig, sig_len ) );
273 
274     /*
275      * Compact the space between the CSR data and signature by moving the
276      * CSR data to the start of the signature.
277      */
278     c2 -= len;
279     memmove( c2, buf, len );
280 
281     /* ASN encode the total size and tag the CSR data with it. */
282     len += sig_and_oid_len;
283     MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
284     MBEDTLS_ASN1_CHK_ADD( len,
285         mbedtls_asn1_write_tag(
286             &c2, buf,
287             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
288 
289     /* Zero the unused bytes at the start of buf */
290     memset( buf, 0, c2 - buf);
291 
292     return( (int) len );
293 }
294 
mbedtls_x509write_csr_der(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)295 int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf,
296                                size_t size,
297                                int (*f_rng)(void *, unsigned char *, size_t),
298                                void *p_rng )
299 {
300     int ret;
301     unsigned char *sig;
302 
303     if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL )
304     {
305         return( MBEDTLS_ERR_X509_ALLOC_FAILED );
306     }
307 
308     ret = x509write_csr_der_internal( ctx, buf, size,
309                                       sig, MBEDTLS_PK_SIGNATURE_MAX_SIZE,
310                                       f_rng, p_rng );
311 
312     mbedtls_free( sig );
313 
314     return( ret );
315 }
316 
317 #define PEM_BEGIN_CSR           "-----BEGIN CERTIFICATE REQUEST-----\n"
318 #define PEM_END_CSR             "-----END CERTIFICATE REQUEST-----\n"
319 
320 #if defined(MBEDTLS_PEM_WRITE_C)
mbedtls_x509write_csr_pem(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)321 int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
322                        int (*f_rng)(void *, unsigned char *, size_t),
323                        void *p_rng )
324 {
325     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
326     size_t olen = 0;
327 
328     if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size,
329                                    f_rng, p_rng ) ) < 0 )
330     {
331         return( ret );
332     }
333 
334     if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
335                                   buf + size - ret,
336                                   ret, buf, size, &olen ) ) != 0 )
337     {
338         return( ret );
339     }
340 
341     return( 0 );
342 }
343 #endif /* MBEDTLS_PEM_WRITE_C */
344 
345 #endif /* MBEDTLS_X509_CSR_WRITE_C */
346