1 /*
2 * X.509 Certificate Signing Request (CSR) parsing
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6 */
7 /*
8 * The ITU-T X.509 standard defines a certificate format for PKI.
9 *
10 * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
11 * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
12 * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
13 *
14 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
15 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
16 */
17
18 #include "common.h"
19
20 #if defined(MBEDTLS_X509_CSR_PARSE_C)
21
22 #include "mbedtls/x509_csr.h"
23 #include "mbedtls/error.h"
24 #include "mbedtls/oid.h"
25 #include "mbedtls/platform_util.h"
26
27 #include <string.h>
28
29 #if defined(MBEDTLS_PEM_PARSE_C)
30 #include "mbedtls/pem.h"
31 #endif
32
33 #include "mbedtls/platform.h"
34
35 #if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
36 #include <stdio.h>
37 #endif
38
39 /*
40 * Version ::= INTEGER { v1(0) }
41 */
x509_csr_get_version(unsigned char ** p,const unsigned char * end,int * ver)42 static int x509_csr_get_version(unsigned char **p,
43 const unsigned char *end,
44 int *ver)
45 {
46 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
47
48 if ((ret = mbedtls_asn1_get_int(p, end, ver)) != 0) {
49 if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
50 *ver = 0;
51 return 0;
52 }
53
54 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_VERSION, ret);
55 }
56
57 return 0;
58 }
59
60 /*
61 * Parse a CSR in DER format
62 */
mbedtls_x509_csr_parse_der(mbedtls_x509_csr * csr,const unsigned char * buf,size_t buflen)63 int mbedtls_x509_csr_parse_der(mbedtls_x509_csr *csr,
64 const unsigned char *buf, size_t buflen)
65 {
66 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
67 size_t len;
68 unsigned char *p, *end;
69 mbedtls_x509_buf sig_params;
70
71 memset(&sig_params, 0, sizeof(mbedtls_x509_buf));
72
73 /*
74 * Check for valid input
75 */
76 if (csr == NULL || buf == NULL || buflen == 0) {
77 return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
78 }
79
80 mbedtls_x509_csr_init(csr);
81
82 /*
83 * first copy the raw DER data
84 */
85 p = mbedtls_calloc(1, len = buflen);
86
87 if (p == NULL) {
88 return MBEDTLS_ERR_X509_ALLOC_FAILED;
89 }
90
91 memcpy(p, buf, buflen);
92
93 csr->raw.p = p;
94 csr->raw.len = len;
95 end = p + len;
96
97 /*
98 * CertificationRequest ::= SEQUENCE {
99 * certificationRequestInfo CertificationRequestInfo,
100 * signatureAlgorithm AlgorithmIdentifier,
101 * signature BIT STRING
102 * }
103 */
104 if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
105 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
106 mbedtls_x509_csr_free(csr);
107 return MBEDTLS_ERR_X509_INVALID_FORMAT;
108 }
109
110 if (len != (size_t) (end - p)) {
111 mbedtls_x509_csr_free(csr);
112 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
113 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
114 }
115
116 /*
117 * CertificationRequestInfo ::= SEQUENCE {
118 */
119 csr->cri.p = p;
120
121 if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
122 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
123 mbedtls_x509_csr_free(csr);
124 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
125 }
126
127 end = p + len;
128 csr->cri.len = end - csr->cri.p;
129
130 /*
131 * Version ::= INTEGER { v1(0) }
132 */
133 if ((ret = x509_csr_get_version(&p, end, &csr->version)) != 0) {
134 mbedtls_x509_csr_free(csr);
135 return ret;
136 }
137
138 if (csr->version != 0) {
139 mbedtls_x509_csr_free(csr);
140 return MBEDTLS_ERR_X509_UNKNOWN_VERSION;
141 }
142
143 csr->version++;
144
145 /*
146 * subject Name
147 */
148 csr->subject_raw.p = p;
149
150 if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
151 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
152 mbedtls_x509_csr_free(csr);
153 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
154 }
155
156 if ((ret = mbedtls_x509_get_name(&p, p + len, &csr->subject)) != 0) {
157 mbedtls_x509_csr_free(csr);
158 return ret;
159 }
160
161 csr->subject_raw.len = p - csr->subject_raw.p;
162
163 /*
164 * subjectPKInfo SubjectPublicKeyInfo
165 */
166 if ((ret = mbedtls_pk_parse_subpubkey(&p, end, &csr->pk)) != 0) {
167 mbedtls_x509_csr_free(csr);
168 return ret;
169 }
170
171 /*
172 * attributes [0] Attributes
173 *
174 * The list of possible attributes is open-ended, though RFC 2985
175 * (PKCS#9) defines a few in section 5.4. We currently don't support any,
176 * so we just ignore them. This is a safe thing to do as the worst thing
177 * that could happen is that we issue a certificate that does not match
178 * the requester's expectations - this cannot cause a violation of our
179 * signature policies.
180 */
181 if ((ret = mbedtls_asn1_get_tag(&p, end, &len,
182 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC)) !=
183 0) {
184 mbedtls_x509_csr_free(csr);
185 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT, ret);
186 }
187
188 p += len;
189
190 end = csr->raw.p + csr->raw.len;
191
192 /*
193 * signatureAlgorithm AlgorithmIdentifier,
194 * signature BIT STRING
195 */
196 if ((ret = mbedtls_x509_get_alg(&p, end, &csr->sig_oid, &sig_params)) != 0) {
197 mbedtls_x509_csr_free(csr);
198 return ret;
199 }
200
201 if ((ret = mbedtls_x509_get_sig_alg(&csr->sig_oid, &sig_params,
202 &csr->sig_md, &csr->sig_pk,
203 &csr->sig_opts)) != 0) {
204 mbedtls_x509_csr_free(csr);
205 return MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG;
206 }
207
208 if ((ret = mbedtls_x509_get_sig(&p, end, &csr->sig)) != 0) {
209 mbedtls_x509_csr_free(csr);
210 return ret;
211 }
212
213 if (p != end) {
214 mbedtls_x509_csr_free(csr);
215 return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_FORMAT,
216 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH);
217 }
218
219 return 0;
220 }
221
222 /*
223 * Parse a CSR, allowing for PEM or raw DER encoding
224 */
mbedtls_x509_csr_parse(mbedtls_x509_csr * csr,const unsigned char * buf,size_t buflen)225 int mbedtls_x509_csr_parse(mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen)
226 {
227 #if defined(MBEDTLS_PEM_PARSE_C)
228 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
229 size_t use_len;
230 mbedtls_pem_context pem;
231 #endif
232
233 /*
234 * Check for valid input
235 */
236 if (csr == NULL || buf == NULL || buflen == 0) {
237 return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
238 }
239
240 #if defined(MBEDTLS_PEM_PARSE_C)
241 /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
242 if (buf[buflen - 1] == '\0') {
243 mbedtls_pem_init(&pem);
244 ret = mbedtls_pem_read_buffer(&pem,
245 "-----BEGIN CERTIFICATE REQUEST-----",
246 "-----END CERTIFICATE REQUEST-----",
247 buf, NULL, 0, &use_len);
248 if (ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
249 ret = mbedtls_pem_read_buffer(&pem,
250 "-----BEGIN NEW CERTIFICATE REQUEST-----",
251 "-----END NEW CERTIFICATE REQUEST-----",
252 buf, NULL, 0, &use_len);
253 }
254
255 if (ret == 0) {
256 /*
257 * Was PEM encoded, parse the result
258 */
259 ret = mbedtls_x509_csr_parse_der(csr, pem.buf, pem.buflen);
260 }
261
262 mbedtls_pem_free(&pem);
263 if (ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT) {
264 return ret;
265 }
266 }
267 #endif /* MBEDTLS_PEM_PARSE_C */
268 return mbedtls_x509_csr_parse_der(csr, buf, buflen);
269 }
270
271 #if defined(MBEDTLS_FS_IO)
272 /*
273 * Load a CSR into the structure
274 */
mbedtls_x509_csr_parse_file(mbedtls_x509_csr * csr,const char * path)275 int mbedtls_x509_csr_parse_file(mbedtls_x509_csr *csr, const char *path)
276 {
277 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
278 size_t n;
279 unsigned char *buf;
280
281 if ((ret = mbedtls_pk_load_file(path, &buf, &n)) != 0) {
282 return ret;
283 }
284
285 ret = mbedtls_x509_csr_parse(csr, buf, n);
286
287 mbedtls_platform_zeroize(buf, n);
288 mbedtls_free(buf);
289
290 return ret;
291 }
292 #endif /* MBEDTLS_FS_IO */
293
294 #define BEFORE_COLON 14
295 #define BC "14"
296 /*
297 * Return an informational string about the CSR.
298 */
mbedtls_x509_csr_info(char * buf,size_t size,const char * prefix,const mbedtls_x509_csr * csr)299 int mbedtls_x509_csr_info(char *buf, size_t size, const char *prefix,
300 const mbedtls_x509_csr *csr)
301 {
302 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
303 size_t n;
304 char *p;
305 char key_size_str[BEFORE_COLON];
306
307 p = buf;
308 n = size;
309
310 ret = mbedtls_snprintf(p, n, "%sCSR version : %d",
311 prefix, csr->version);
312 MBEDTLS_X509_SAFE_SNPRINTF;
313
314 ret = mbedtls_snprintf(p, n, "\n%ssubject name : ", prefix);
315 MBEDTLS_X509_SAFE_SNPRINTF;
316 ret = mbedtls_x509_dn_gets(p, n, &csr->subject);
317 MBEDTLS_X509_SAFE_SNPRINTF;
318
319 ret = mbedtls_snprintf(p, n, "\n%ssigned using : ", prefix);
320 MBEDTLS_X509_SAFE_SNPRINTF;
321
322 ret = mbedtls_x509_sig_alg_gets(p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
323 csr->sig_opts);
324 MBEDTLS_X509_SAFE_SNPRINTF;
325
326 if ((ret = mbedtls_x509_key_size_helper(key_size_str, BEFORE_COLON,
327 mbedtls_pk_get_name(&csr->pk))) != 0) {
328 return ret;
329 }
330
331 ret = mbedtls_snprintf(p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
332 (int) mbedtls_pk_get_bitlen(&csr->pk));
333 MBEDTLS_X509_SAFE_SNPRINTF;
334
335 return (int) (size - n);
336 }
337
338 /*
339 * Initialize a CSR
340 */
mbedtls_x509_csr_init(mbedtls_x509_csr * csr)341 void mbedtls_x509_csr_init(mbedtls_x509_csr *csr)
342 {
343 memset(csr, 0, sizeof(mbedtls_x509_csr));
344 }
345
346 /*
347 * Unallocate all CSR data
348 */
mbedtls_x509_csr_free(mbedtls_x509_csr * csr)349 void mbedtls_x509_csr_free(mbedtls_x509_csr *csr)
350 {
351 mbedtls_x509_name *name_cur;
352 mbedtls_x509_name *name_prv;
353
354 if (csr == NULL) {
355 return;
356 }
357
358 mbedtls_pk_free(&csr->pk);
359
360 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
361 mbedtls_free(csr->sig_opts);
362 #endif
363
364 name_cur = csr->subject.next;
365 while (name_cur != NULL) {
366 name_prv = name_cur;
367 name_cur = name_cur->next;
368 mbedtls_platform_zeroize(name_prv, sizeof(mbedtls_x509_name));
369 mbedtls_free(name_prv);
370 }
371
372 if (csr->raw.p != NULL) {
373 mbedtls_platform_zeroize(csr->raw.p, csr->raw.len);
374 mbedtls_free(csr->raw.p);
375 }
376
377 mbedtls_platform_zeroize(csr, sizeof(mbedtls_x509_csr));
378 }
379
380 #endif /* MBEDTLS_X509_CSR_PARSE_C */
381