1 /* 2 * X.509 Certificate Signing Request writing 3 * 4 * Copyright The Mbed TLS Contributors 5 * SPDX-License-Identifier: Apache-2.0 6 * 7 * Licensed under the Apache License, Version 2.0 (the "License"); you may 8 * not use this file except in compliance with the License. 9 * You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, software 14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 * See the License for the specific language governing permissions and 17 * limitations under the License. 18 */ 19 /* 20 * References: 21 * - CSRs: PKCS#10 v1.7 aka RFC 2986 22 * - attributes: PKCS#9 v2.0 aka RFC 2985 23 */ 24 25 #include "common.h" 26 27 #if defined(MBEDTLS_X509_CSR_WRITE_C) 28 29 #include "mbedtls/x509_csr.h" 30 #include "mbedtls/asn1write.h" 31 #include "mbedtls/error.h" 32 #include "mbedtls/oid.h" 33 #include "mbedtls/platform_util.h" 34 35 #if defined(MBEDTLS_USE_PSA_CRYPTO) 36 #include "psa/crypto.h" 37 #include "mbedtls/psa_util.h" 38 #endif 39 40 #include <string.h> 41 #include <stdlib.h> 42 43 #if defined(MBEDTLS_PEM_WRITE_C) 44 #include "mbedtls/pem.h" 45 #endif 46 47 #if defined(MBEDTLS_PLATFORM_C) 48 #include "mbedtls/platform.h" 49 #else 50 #include <stdlib.h> 51 #define mbedtls_calloc calloc 52 #define mbedtls_free free 53 #endif 54 55 void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx ) 56 { 57 memset( ctx, 0, sizeof( mbedtls_x509write_csr ) ); 58 } 59 60 void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx ) 61 { 62 mbedtls_asn1_free_named_data_list( &ctx->subject ); 63 mbedtls_asn1_free_named_data_list( &ctx->extensions ); 64 65 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) ); 66 } 67 68 void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg ) 69 { 70 ctx->md_alg = md_alg; 71 } 72 73 void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key ) 74 { 75 ctx->key = key; 76 } 77 78 int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx, 79 const char *subject_name ) 80 { 81 return mbedtls_x509_string_to_names( &ctx->subject, subject_name ); 82 } 83 84 int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx, 85 const char *oid, size_t oid_len, 86 const unsigned char *val, size_t val_len ) 87 { 88 return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len, 89 0, val, val_len ); 90 } 91 92 int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage ) 93 { 94 unsigned char buf[4] = {0}; 95 unsigned char *c; 96 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; 97 98 c = buf + 4; 99 100 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 ); 101 if( ret < 3 || ret > 4 ) 102 return( ret ); 103 104 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE, 105 MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ), 106 c, (size_t)ret ); 107 if( ret != 0 ) 108 return( ret ); 109 110 return( 0 ); 111 } 112 113 int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx, 114 unsigned char ns_cert_type ) 115 { 116 unsigned char buf[4] = {0}; 117 unsigned char *c; 118 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; 119 120 c = buf + 4; 121 122 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 ); 123 if( ret < 3 || ret > 4 ) 124 return( ret ); 125 126 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE, 127 MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ), 128 c, (size_t)ret ); 129 if( ret != 0 ) 130 return( ret ); 131 132 return( 0 ); 133 } 134 135 static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx, 136 unsigned char *buf, 137 size_t size, 138 unsigned char *sig, 139 int (*f_rng)(void *, unsigned char *, size_t), 140 void *p_rng ) 141 { 142 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; 143 const char *sig_oid; 144 size_t sig_oid_len = 0; 145 unsigned char *c, *c2; 146 unsigned char hash[64]; 147 size_t pub_len = 0, sig_and_oid_len = 0, sig_len; 148 size_t len = 0; 149 mbedtls_pk_type_t pk_alg; 150 #if defined(MBEDTLS_USE_PSA_CRYPTO) 151 psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT; 152 size_t hash_len; 153 psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg ); 154 #endif /* MBEDTLS_USE_PSA_CRYPTO */ 155 156 /* Write the CSR backwards starting from the end of buf */ 157 c = buf + size; 158 159 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf, 160 ctx->extensions ) ); 161 162 if( len ) 163 { 164 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); 165 MBEDTLS_ASN1_CHK_ADD( len, 166 mbedtls_asn1_write_tag( 167 &c, buf, 168 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); 169 170 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); 171 MBEDTLS_ASN1_CHK_ADD( len, 172 mbedtls_asn1_write_tag( 173 &c, buf, 174 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ); 175 176 MBEDTLS_ASN1_CHK_ADD( len, 177 mbedtls_asn1_write_oid( 178 &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ, 179 MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) ); 180 181 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); 182 MBEDTLS_ASN1_CHK_ADD( len, 183 mbedtls_asn1_write_tag( 184 &c, buf, 185 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); 186 } 187 188 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); 189 MBEDTLS_ASN1_CHK_ADD( len, 190 mbedtls_asn1_write_tag( 191 &c, buf, 192 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ); 193 194 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key, 195 buf, c - buf ) ); 196 c -= pub_len; 197 len += pub_len; 198 199 /* 200 * Subject ::= Name 201 */ 202 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf, 203 ctx->subject ) ); 204 205 /* 206 * Version ::= INTEGER { v1(0), v2(1), v3(2) } 207 */ 208 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) ); 209 210 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) ); 211 MBEDTLS_ASN1_CHK_ADD( len, 212 mbedtls_asn1_write_tag( 213 &c, buf, 214 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); 215 216 /* 217 * Sign the written CSR data into the sig buffer 218 * Note: hash errors can happen only after an internal error 219 */ 220 #if defined(MBEDTLS_USE_PSA_CRYPTO) 221 if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS ) 222 return( MBEDTLS_ERR_X509_FATAL_ERROR ); 223 224 if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS ) 225 return( MBEDTLS_ERR_X509_FATAL_ERROR ); 226 227 if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len ) 228 != PSA_SUCCESS ) 229 { 230 return( MBEDTLS_ERR_X509_FATAL_ERROR ); 231 } 232 #else /* MBEDTLS_USE_PSA_CRYPTO */ 233 ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash ); 234 if( ret != 0 ) 235 return( ret ); 236 #endif 237 if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len, 238 f_rng, p_rng ) ) != 0 ) 239 { 240 return( ret ); 241 } 242 243 if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) ) 244 pk_alg = MBEDTLS_PK_RSA; 245 else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) ) 246 pk_alg = MBEDTLS_PK_ECDSA; 247 else 248 return( MBEDTLS_ERR_X509_INVALID_ALG ); 249 250 if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg, 251 &sig_oid, &sig_oid_len ) ) != 0 ) 252 { 253 return( ret ); 254 } 255 256 /* 257 * Move the written CSR data to the start of buf to create space for 258 * writing the signature into buf. 259 */ 260 memmove( buf, c, len ); 261 262 /* 263 * Write sig and its OID into buf backwards from the end of buf. 264 * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len 265 * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed. 266 */ 267 c2 = buf + size; 268 MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, 269 mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len, 270 sig, sig_len ) ); 271 272 /* 273 * Compact the space between the CSR data and signature by moving the 274 * CSR data to the start of the signature. 275 */ 276 c2 -= len; 277 memmove( c2, buf, len ); 278 279 /* ASN encode the total size and tag the CSR data with it. */ 280 len += sig_and_oid_len; 281 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) ); 282 MBEDTLS_ASN1_CHK_ADD( len, 283 mbedtls_asn1_write_tag( 284 &c2, buf, 285 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ); 286 287 /* Zero the unused bytes at the start of buf */ 288 memset( buf, 0, c2 - buf); 289 290 return( (int) len ); 291 } 292 293 int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, 294 size_t size, 295 int (*f_rng)(void *, unsigned char *, size_t), 296 void *p_rng ) 297 { 298 int ret; 299 unsigned char *sig; 300 301 if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL ) 302 { 303 return( MBEDTLS_ERR_X509_ALLOC_FAILED ); 304 } 305 306 ret = x509write_csr_der_internal( ctx, buf, size, sig, f_rng, p_rng ); 307 308 mbedtls_free( sig ); 309 310 return( ret ); 311 } 312 313 #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n" 314 #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n" 315 316 #if defined(MBEDTLS_PEM_WRITE_C) 317 int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size, 318 int (*f_rng)(void *, unsigned char *, size_t), 319 void *p_rng ) 320 { 321 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; 322 size_t olen = 0; 323 324 if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size, 325 f_rng, p_rng ) ) < 0 ) 326 { 327 return( ret ); 328 } 329 330 if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR, 331 buf + size - ret, 332 ret, buf, size, &olen ) ) != 0 ) 333 { 334 return( ret ); 335 } 336 337 return( 0 ); 338 } 339 #endif /* MBEDTLS_PEM_WRITE_C */ 340 341 #endif /* MBEDTLS_X509_CSR_WRITE_C */ 342