1 /*
2 * X.509 Certificate Signing Request writing
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19 /*
20 * References:
21 * - CSRs: PKCS#10 v1.7 aka RFC 2986
22 * - attributes: PKCS#9 v2.0 aka RFC 2985
23 */
24
25 #include "common.h"
26
27 #if defined(MBEDTLS_X509_CSR_WRITE_C)
28
29 #include "mbedtls/x509_csr.h"
30 #include "mbedtls/asn1write.h"
31 #include "mbedtls/error.h"
32 #include "mbedtls/oid.h"
33 #include "mbedtls/platform_util.h"
34
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36 #include "psa/crypto.h"
37 #include "mbedtls/psa_util.h"
38 #endif
39
40 #include <string.h>
41 #include <stdlib.h>
42
43 #if defined(MBEDTLS_PEM_WRITE_C)
44 #include "mbedtls/pem.h"
45 #endif
46
47 #if defined(MBEDTLS_PLATFORM_C)
48 #include "mbedtls/platform.h"
49 #else
50 #include <stdlib.h>
51 #define mbedtls_calloc calloc
52 #define mbedtls_free free
53 #endif
54
mbedtls_x509write_csr_init(mbedtls_x509write_csr * ctx)55 void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
56 {
57 memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
58 }
59
mbedtls_x509write_csr_free(mbedtls_x509write_csr * ctx)60 void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx )
61 {
62 mbedtls_asn1_free_named_data_list( &ctx->subject );
63 mbedtls_asn1_free_named_data_list( &ctx->extensions );
64
65 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) );
66 }
67
mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr * ctx,mbedtls_md_type_t md_alg)68 void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg )
69 {
70 ctx->md_alg = md_alg;
71 }
72
mbedtls_x509write_csr_set_key(mbedtls_x509write_csr * ctx,mbedtls_pk_context * key)73 void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key )
74 {
75 ctx->key = key;
76 }
77
mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr * ctx,const char * subject_name)78 int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
79 const char *subject_name )
80 {
81 return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
82 }
83
mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr * ctx,const char * oid,size_t oid_len,const unsigned char * val,size_t val_len)84 int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
85 const char *oid, size_t oid_len,
86 const unsigned char *val, size_t val_len )
87 {
88 return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
89 0, val, val_len );
90 }
91
mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr * ctx,unsigned char key_usage)92 int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
93 {
94 unsigned char buf[4] = {0};
95 unsigned char *c;
96 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
97
98 c = buf + 4;
99
100 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 );
101 if( ret < 3 || ret > 4 )
102 return( ret );
103
104 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
105 MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
106 c, (size_t)ret );
107 if( ret != 0 )
108 return( ret );
109
110 return( 0 );
111 }
112
mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr * ctx,unsigned char ns_cert_type)113 int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
114 unsigned char ns_cert_type )
115 {
116 unsigned char buf[4] = {0};
117 unsigned char *c;
118 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
119
120 c = buf + 4;
121
122 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 );
123 if( ret < 3 || ret > 4 )
124 return( ret );
125
126 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
127 MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
128 c, (size_t)ret );
129 if( ret != 0 )
130 return( ret );
131
132 return( 0 );
133 }
134
x509write_csr_der_internal(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,unsigned char * sig,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)135 static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
136 unsigned char *buf,
137 size_t size,
138 unsigned char *sig,
139 int (*f_rng)(void *, unsigned char *, size_t),
140 void *p_rng )
141 {
142 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
143 const char *sig_oid;
144 size_t sig_oid_len = 0;
145 unsigned char *c, *c2;
146 unsigned char hash[64];
147 size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
148 size_t len = 0;
149 mbedtls_pk_type_t pk_alg;
150 #if defined(MBEDTLS_USE_PSA_CRYPTO)
151 psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
152 size_t hash_len;
153 psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
154 #endif /* MBEDTLS_USE_PSA_CRYPTO */
155
156 /* Write the CSR backwards starting from the end of buf */
157 c = buf + size;
158
159 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf,
160 ctx->extensions ) );
161
162 if( len )
163 {
164 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
165 MBEDTLS_ASN1_CHK_ADD( len,
166 mbedtls_asn1_write_tag(
167 &c, buf,
168 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
169
170 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
171 MBEDTLS_ASN1_CHK_ADD( len,
172 mbedtls_asn1_write_tag(
173 &c, buf,
174 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) );
175
176 MBEDTLS_ASN1_CHK_ADD( len,
177 mbedtls_asn1_write_oid(
178 &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
179 MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
180
181 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
182 MBEDTLS_ASN1_CHK_ADD( len,
183 mbedtls_asn1_write_tag(
184 &c, buf,
185 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
186 }
187
188 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
189 MBEDTLS_ASN1_CHK_ADD( len,
190 mbedtls_asn1_write_tag(
191 &c, buf,
192 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
193
194 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
195 buf, c - buf ) );
196 c -= pub_len;
197 len += pub_len;
198
199 /*
200 * Subject ::= Name
201 */
202 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf,
203 ctx->subject ) );
204
205 /*
206 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
207 */
208 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
209
210 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
211 MBEDTLS_ASN1_CHK_ADD( len,
212 mbedtls_asn1_write_tag(
213 &c, buf,
214 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
215
216 /*
217 * Sign the written CSR data into the sig buffer
218 * Note: hash errors can happen only after an internal error
219 */
220 #if defined(MBEDTLS_USE_PSA_CRYPTO)
221 if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
222 return( MBEDTLS_ERR_X509_FATAL_ERROR );
223
224 if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS )
225 return( MBEDTLS_ERR_X509_FATAL_ERROR );
226
227 if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
228 != PSA_SUCCESS )
229 {
230 return( MBEDTLS_ERR_X509_FATAL_ERROR );
231 }
232 #else /* MBEDTLS_USE_PSA_CRYPTO */
233 ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
234 if( ret != 0 )
235 return( ret );
236 #endif
237 if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
238 f_rng, p_rng ) ) != 0 )
239 {
240 return( ret );
241 }
242
243 if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) )
244 pk_alg = MBEDTLS_PK_RSA;
245 else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) )
246 pk_alg = MBEDTLS_PK_ECDSA;
247 else
248 return( MBEDTLS_ERR_X509_INVALID_ALG );
249
250 if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
251 &sig_oid, &sig_oid_len ) ) != 0 )
252 {
253 return( ret );
254 }
255
256 /*
257 * Move the written CSR data to the start of buf to create space for
258 * writing the signature into buf.
259 */
260 memmove( buf, c, len );
261
262 /*
263 * Write sig and its OID into buf backwards from the end of buf.
264 * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len
265 * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed.
266 */
267 c2 = buf + size;
268 MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len,
269 mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len,
270 sig, sig_len ) );
271
272 /*
273 * Compact the space between the CSR data and signature by moving the
274 * CSR data to the start of the signature.
275 */
276 c2 -= len;
277 memmove( c2, buf, len );
278
279 /* ASN encode the total size and tag the CSR data with it. */
280 len += sig_and_oid_len;
281 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
282 MBEDTLS_ASN1_CHK_ADD( len,
283 mbedtls_asn1_write_tag(
284 &c2, buf,
285 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
286
287 /* Zero the unused bytes at the start of buf */
288 memset( buf, 0, c2 - buf);
289
290 return( (int) len );
291 }
292
mbedtls_x509write_csr_der(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)293 int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf,
294 size_t size,
295 int (*f_rng)(void *, unsigned char *, size_t),
296 void *p_rng )
297 {
298 int ret;
299 unsigned char *sig;
300
301 if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL )
302 {
303 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
304 }
305
306 ret = x509write_csr_der_internal( ctx, buf, size, sig, f_rng, p_rng );
307
308 mbedtls_free( sig );
309
310 return( ret );
311 }
312
313 #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
314 #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
315
316 #if defined(MBEDTLS_PEM_WRITE_C)
mbedtls_x509write_csr_pem(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)317 int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
318 int (*f_rng)(void *, unsigned char *, size_t),
319 void *p_rng )
320 {
321 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
322 size_t olen = 0;
323
324 if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size,
325 f_rng, p_rng ) ) < 0 )
326 {
327 return( ret );
328 }
329
330 if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
331 buf + size - ret,
332 ret, buf, size, &olen ) ) != 0 )
333 {
334 return( ret );
335 }
336
337 return( 0 );
338 }
339 #endif /* MBEDTLS_PEM_WRITE_C */
340
341 #endif /* MBEDTLS_X509_CSR_WRITE_C */
342