1 /*
2  *  X.509 Certificate Signing Request (CSR) parsing
3  *
4  *  Copyright The Mbed TLS Contributors
5  *  SPDX-License-Identifier: Apache-2.0
6  *
7  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
8  *  not use this file except in compliance with the License.
9  *  You may obtain a copy of the License at
10  *
11  *  http://www.apache.org/licenses/LICENSE-2.0
12  *
13  *  Unless required by applicable law or agreed to in writing, software
14  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  *  See the License for the specific language governing permissions and
17  *  limitations under the License.
18  */
19 /*
20  *  The ITU-T X.509 standard defines a certificate format for PKI.
21  *
22  *  http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
23  *  http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
24  *  http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
25  *
26  *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
27  *  http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
28  */
29 
30 #include "common.h"
31 
32 #if defined(MBEDTLS_X509_CSR_PARSE_C)
33 
34 #include "mbedtls/x509_csr.h"
35 #include "mbedtls/error.h"
36 #include "mbedtls/oid.h"
37 #include "mbedtls/platform_util.h"
38 
39 #include <string.h>
40 
41 #if defined(MBEDTLS_PEM_PARSE_C)
42 #include "mbedtls/pem.h"
43 #endif
44 
45 #if defined(MBEDTLS_PLATFORM_C)
46 #include "mbedtls/platform.h"
47 #else
48 #include <stdlib.h>
49 #include <stdio.h>
50 #define mbedtls_free       free
51 #define mbedtls_calloc    calloc
52 #define mbedtls_snprintf   snprintf
53 #endif
54 
55 #if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
56 #include <stdio.h>
57 #endif
58 
59 /*
60  *  Version  ::=  INTEGER  {  v1(0)  }
61  */
x509_csr_get_version(unsigned char ** p,const unsigned char * end,int * ver)62 static int x509_csr_get_version( unsigned char **p,
63                              const unsigned char *end,
64                              int *ver )
65 {
66     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
67 
68     if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
69     {
70         if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
71         {
72             *ver = 0;
73             return( 0 );
74         }
75 
76         return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_VERSION, ret ) );
77     }
78 
79     return( 0 );
80 }
81 
82 /*
83  * Parse a CSR in DER format
84  */
mbedtls_x509_csr_parse_der(mbedtls_x509_csr * csr,const unsigned char * buf,size_t buflen)85 int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
86                         const unsigned char *buf, size_t buflen )
87 {
88     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
89     size_t len;
90     unsigned char *p, *end;
91     mbedtls_x509_buf sig_params;
92 
93     memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) );
94 
95     /*
96      * Check for valid input
97      */
98     if( csr == NULL || buf == NULL || buflen == 0 )
99         return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
100 
101     mbedtls_x509_csr_init( csr );
102 
103     /*
104      * first copy the raw DER data
105      */
106     p = mbedtls_calloc( 1, len = buflen );
107 
108     if( p == NULL )
109         return( MBEDTLS_ERR_X509_ALLOC_FAILED );
110 
111     memcpy( p, buf, buflen );
112 
113     csr->raw.p = p;
114     csr->raw.len = len;
115     end = p + len;
116 
117     /*
118      *  CertificationRequest ::= SEQUENCE {
119      *       certificationRequestInfo CertificationRequestInfo,
120      *       signatureAlgorithm AlgorithmIdentifier,
121      *       signature          BIT STRING
122      *  }
123      */
124     if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
125             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
126     {
127         mbedtls_x509_csr_free( csr );
128         return( MBEDTLS_ERR_X509_INVALID_FORMAT );
129     }
130 
131     if( len != (size_t) ( end - p ) )
132     {
133         mbedtls_x509_csr_free( csr );
134         return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
135                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
136     }
137 
138     /*
139      *  CertificationRequestInfo ::= SEQUENCE {
140      */
141     csr->cri.p = p;
142 
143     if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
144             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
145     {
146         mbedtls_x509_csr_free( csr );
147         return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
148     }
149 
150     end = p + len;
151     csr->cri.len = end - csr->cri.p;
152 
153     /*
154      *  Version  ::=  INTEGER {  v1(0) }
155      */
156     if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 )
157     {
158         mbedtls_x509_csr_free( csr );
159         return( ret );
160     }
161 
162     if( csr->version != 0 )
163     {
164         mbedtls_x509_csr_free( csr );
165         return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
166     }
167 
168     csr->version++;
169 
170     /*
171      *  subject               Name
172      */
173     csr->subject_raw.p = p;
174 
175     if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
176             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
177     {
178         mbedtls_x509_csr_free( csr );
179         return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
180     }
181 
182     if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 )
183     {
184         mbedtls_x509_csr_free( csr );
185         return( ret );
186     }
187 
188     csr->subject_raw.len = p - csr->subject_raw.p;
189 
190     /*
191      *  subjectPKInfo SubjectPublicKeyInfo
192      */
193     if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 )
194     {
195         mbedtls_x509_csr_free( csr );
196         return( ret );
197     }
198 
199     /*
200      *  attributes    [0] Attributes
201      *
202      *  The list of possible attributes is open-ended, though RFC 2985
203      *  (PKCS#9) defines a few in section 5.4. We currently don't support any,
204      *  so we just ignore them. This is a safe thing to do as the worst thing
205      *  that could happen is that we issue a certificate that does not match
206      *  the requester's expectations - this cannot cause a violation of our
207      *  signature policies.
208      */
209     if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
210             MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 )
211     {
212         mbedtls_x509_csr_free( csr );
213         return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT, ret ) );
214     }
215 
216     p += len;
217 
218     end = csr->raw.p + csr->raw.len;
219 
220     /*
221      *  signatureAlgorithm   AlgorithmIdentifier,
222      *  signature            BIT STRING
223      */
224     if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 )
225     {
226         mbedtls_x509_csr_free( csr );
227         return( ret );
228     }
229 
230     if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params,
231                                   &csr->sig_md, &csr->sig_pk,
232                                   &csr->sig_opts ) ) != 0 )
233     {
234         mbedtls_x509_csr_free( csr );
235         return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG );
236     }
237 
238     if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 )
239     {
240         mbedtls_x509_csr_free( csr );
241         return( ret );
242     }
243 
244     if( p != end )
245     {
246         mbedtls_x509_csr_free( csr );
247         return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_FORMAT,
248                 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
249     }
250 
251     return( 0 );
252 }
253 
254 /*
255  * Parse a CSR, allowing for PEM or raw DER encoding
256  */
mbedtls_x509_csr_parse(mbedtls_x509_csr * csr,const unsigned char * buf,size_t buflen)257 int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen )
258 {
259 #if defined(MBEDTLS_PEM_PARSE_C)
260     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
261     size_t use_len;
262     mbedtls_pem_context pem;
263 #endif
264 
265     /*
266      * Check for valid input
267      */
268     if( csr == NULL || buf == NULL || buflen == 0 )
269         return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
270 
271 #if defined(MBEDTLS_PEM_PARSE_C)
272     /* Avoid calling mbedtls_pem_read_buffer() on non-null-terminated string */
273     if( buf[buflen - 1] == '\0' )
274     {
275         mbedtls_pem_init( &pem );
276         ret = mbedtls_pem_read_buffer( &pem,
277                                        "-----BEGIN CERTIFICATE REQUEST-----",
278                                        "-----END CERTIFICATE REQUEST-----",
279                                        buf, NULL, 0, &use_len );
280         if( ret == MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
281         {
282             ret = mbedtls_pem_read_buffer( &pem,
283                                            "-----BEGIN NEW CERTIFICATE REQUEST-----",
284                                            "-----END NEW CERTIFICATE REQUEST-----",
285                                            buf, NULL, 0, &use_len );
286         }
287 
288         if( ret == 0 )
289         {
290             /*
291              * Was PEM encoded, parse the result
292              */
293             ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen );
294         }
295 
296         mbedtls_pem_free( &pem );
297         if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
298             return( ret );
299     }
300 #endif /* MBEDTLS_PEM_PARSE_C */
301     return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) );
302 }
303 
304 #if defined(MBEDTLS_FS_IO)
305 /*
306  * Load a CSR into the structure
307  */
mbedtls_x509_csr_parse_file(mbedtls_x509_csr * csr,const char * path)308 int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path )
309 {
310     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
311     size_t n;
312     unsigned char *buf;
313 
314     if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
315         return( ret );
316 
317     ret = mbedtls_x509_csr_parse( csr, buf, n );
318 
319     mbedtls_platform_zeroize( buf, n );
320     mbedtls_free( buf );
321 
322     return( ret );
323 }
324 #endif /* MBEDTLS_FS_IO */
325 
326 #define BEFORE_COLON    14
327 #define BC              "14"
328 /*
329  * Return an informational string about the CSR.
330  */
mbedtls_x509_csr_info(char * buf,size_t size,const char * prefix,const mbedtls_x509_csr * csr)331 int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
332                    const mbedtls_x509_csr *csr )
333 {
334     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
335     size_t n;
336     char *p;
337     char key_size_str[BEFORE_COLON];
338 
339     p = buf;
340     n = size;
341 
342     ret = mbedtls_snprintf( p, n, "%sCSR version   : %d",
343                                prefix, csr->version );
344     MBEDTLS_X509_SAFE_SNPRINTF;
345 
346     ret = mbedtls_snprintf( p, n, "\n%ssubject name  : ", prefix );
347     MBEDTLS_X509_SAFE_SNPRINTF;
348     ret = mbedtls_x509_dn_gets( p, n, &csr->subject );
349     MBEDTLS_X509_SAFE_SNPRINTF;
350 
351     ret = mbedtls_snprintf( p, n, "\n%ssigned using  : ", prefix );
352     MBEDTLS_X509_SAFE_SNPRINTF;
353 
354     ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
355                              csr->sig_opts );
356     MBEDTLS_X509_SAFE_SNPRINTF;
357 
358     if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
359                                       mbedtls_pk_get_name( &csr->pk ) ) ) != 0 )
360     {
361         return( ret );
362     }
363 
364     ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
365                           (int) mbedtls_pk_get_bitlen( &csr->pk ) );
366     MBEDTLS_X509_SAFE_SNPRINTF;
367 
368     return( (int) ( size - n ) );
369 }
370 
371 /*
372  * Initialize a CSR
373  */
mbedtls_x509_csr_init(mbedtls_x509_csr * csr)374 void mbedtls_x509_csr_init( mbedtls_x509_csr *csr )
375 {
376     memset( csr, 0, sizeof(mbedtls_x509_csr) );
377 }
378 
379 /*
380  * Unallocate all CSR data
381  */
mbedtls_x509_csr_free(mbedtls_x509_csr * csr)382 void mbedtls_x509_csr_free( mbedtls_x509_csr *csr )
383 {
384     mbedtls_x509_name *name_cur;
385     mbedtls_x509_name *name_prv;
386 
387     if( csr == NULL )
388         return;
389 
390     mbedtls_pk_free( &csr->pk );
391 
392 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
393     mbedtls_free( csr->sig_opts );
394 #endif
395 
396     name_cur = csr->subject.next;
397     while( name_cur != NULL )
398     {
399         name_prv = name_cur;
400         name_cur = name_cur->next;
401         mbedtls_platform_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
402         mbedtls_free( name_prv );
403     }
404 
405     if( csr->raw.p != NULL )
406     {
407         mbedtls_platform_zeroize( csr->raw.p, csr->raw.len );
408         mbedtls_free( csr->raw.p );
409     }
410 
411     mbedtls_platform_zeroize( csr, sizeof( mbedtls_x509_csr ) );
412 }
413 
414 #endif /* MBEDTLS_X509_CSR_PARSE_C */
415