1 /*
2 * X.509 Certificate Signing Request writing
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19 /*
20 * References:
21 * - CSRs: PKCS#10 v1.7 aka RFC 2986
22 * - attributes: PKCS#9 v2.0 aka RFC 2985
23 */
24
25 #include "common.h"
26
27 #if defined(MBEDTLS_X509_CSR_WRITE_C)
28
29 #include "mbedtls/x509_csr.h"
30 #include "mbedtls/asn1write.h"
31 #include "mbedtls/error.h"
32 #include "mbedtls/oid.h"
33 #include "mbedtls/platform_util.h"
34
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36 #include "psa/crypto.h"
37 #include "mbedtls/psa_util.h"
38 #endif
39
40 #include <string.h>
41 #include <stdlib.h>
42
43 #if defined(MBEDTLS_PEM_WRITE_C)
44 #include "mbedtls/pem.h"
45 #endif
46
47 #if defined(MBEDTLS_PLATFORM_C)
48 #include "mbedtls/platform.h"
49 #else
50 #include <stdlib.h>
51 #define mbedtls_calloc calloc
52 #define mbedtls_free free
53 #endif
54
mbedtls_x509write_csr_init(mbedtls_x509write_csr * ctx)55 void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
56 {
57 memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
58 }
59
mbedtls_x509write_csr_free(mbedtls_x509write_csr * ctx)60 void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx )
61 {
62 mbedtls_asn1_free_named_data_list( &ctx->subject );
63 mbedtls_asn1_free_named_data_list( &ctx->extensions );
64
65 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) );
66 }
67
mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr * ctx,mbedtls_md_type_t md_alg)68 void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg )
69 {
70 ctx->md_alg = md_alg;
71 }
72
mbedtls_x509write_csr_set_key(mbedtls_x509write_csr * ctx,mbedtls_pk_context * key)73 void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key )
74 {
75 ctx->key = key;
76 }
77
mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr * ctx,const char * subject_name)78 int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
79 const char *subject_name )
80 {
81 return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
82 }
83
mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr * ctx,const char * oid,size_t oid_len,int critical,const unsigned char * val,size_t val_len)84 int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
85 const char *oid, size_t oid_len,
86 int critical,
87 const unsigned char *val, size_t val_len )
88 {
89 return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
90 critical, val, val_len );
91 }
92
mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr * ctx,unsigned char key_usage)93 int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
94 {
95 unsigned char buf[4] = {0};
96 unsigned char *c;
97 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
98
99 c = buf + 4;
100
101 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 );
102 if( ret < 3 || ret > 4 )
103 return( ret );
104
105 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
106 MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
107 0, c, (size_t)ret );
108 if( ret != 0 )
109 return( ret );
110
111 return( 0 );
112 }
113
mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr * ctx,unsigned char ns_cert_type)114 int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
115 unsigned char ns_cert_type )
116 {
117 unsigned char buf[4] = {0};
118 unsigned char *c;
119 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
120
121 c = buf + 4;
122
123 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 );
124 if( ret < 3 || ret > 4 )
125 return( ret );
126
127 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
128 MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
129 0, c, (size_t)ret );
130 if( ret != 0 )
131 return( ret );
132
133 return( 0 );
134 }
135
x509write_csr_der_internal(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,unsigned char * sig,size_t sig_size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)136 static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
137 unsigned char *buf,
138 size_t size,
139 unsigned char *sig, size_t sig_size,
140 int (*f_rng)(void *, unsigned char *, size_t),
141 void *p_rng )
142 {
143 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
144 const char *sig_oid;
145 size_t sig_oid_len = 0;
146 unsigned char *c, *c2;
147 unsigned char hash[64];
148 size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
149 size_t len = 0;
150 mbedtls_pk_type_t pk_alg;
151 #if defined(MBEDTLS_USE_PSA_CRYPTO)
152 psa_hash_operation_t hash_operation = PSA_HASH_OPERATION_INIT;
153 size_t hash_len;
154 psa_algorithm_t hash_alg = mbedtls_psa_translate_md( ctx->md_alg );
155 #endif /* MBEDTLS_USE_PSA_CRYPTO */
156
157 /* Write the CSR backwards starting from the end of buf */
158 c = buf + size;
159
160 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf,
161 ctx->extensions ) );
162
163 if( len )
164 {
165 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
166 MBEDTLS_ASN1_CHK_ADD( len,
167 mbedtls_asn1_write_tag(
168 &c, buf,
169 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
170
171 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
172 MBEDTLS_ASN1_CHK_ADD( len,
173 mbedtls_asn1_write_tag(
174 &c, buf,
175 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) );
176
177 MBEDTLS_ASN1_CHK_ADD( len,
178 mbedtls_asn1_write_oid(
179 &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
180 MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
181
182 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
183 MBEDTLS_ASN1_CHK_ADD( len,
184 mbedtls_asn1_write_tag(
185 &c, buf,
186 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
187 }
188
189 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
190 MBEDTLS_ASN1_CHK_ADD( len,
191 mbedtls_asn1_write_tag(
192 &c, buf,
193 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
194
195 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
196 buf, c - buf ) );
197 c -= pub_len;
198 len += pub_len;
199
200 /*
201 * Subject ::= Name
202 */
203 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf,
204 ctx->subject ) );
205
206 /*
207 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
208 */
209 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
210
211 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
212 MBEDTLS_ASN1_CHK_ADD( len,
213 mbedtls_asn1_write_tag(
214 &c, buf,
215 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
216
217 /*
218 * Sign the written CSR data into the sig buffer
219 * Note: hash errors can happen only after an internal error
220 */
221 #if defined(MBEDTLS_USE_PSA_CRYPTO)
222 if( psa_hash_setup( &hash_operation, hash_alg ) != PSA_SUCCESS )
223 return( MBEDTLS_ERR_X509_FATAL_ERROR );
224
225 if( psa_hash_update( &hash_operation, c, len ) != PSA_SUCCESS )
226 return( MBEDTLS_ERR_X509_FATAL_ERROR );
227
228 if( psa_hash_finish( &hash_operation, hash, sizeof( hash ), &hash_len )
229 != PSA_SUCCESS )
230 {
231 return( MBEDTLS_ERR_X509_FATAL_ERROR );
232 }
233 #else /* MBEDTLS_USE_PSA_CRYPTO */
234 ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
235 if( ret != 0 )
236 return( ret );
237 #endif
238 if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0,
239 sig, sig_size, &sig_len,
240 f_rng, p_rng ) ) != 0 )
241 {
242 return( ret );
243 }
244
245 if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) )
246 pk_alg = MBEDTLS_PK_RSA;
247 else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) )
248 pk_alg = MBEDTLS_PK_ECDSA;
249 else
250 return( MBEDTLS_ERR_X509_INVALID_ALG );
251
252 if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
253 &sig_oid, &sig_oid_len ) ) != 0 )
254 {
255 return( ret );
256 }
257
258 /*
259 * Move the written CSR data to the start of buf to create space for
260 * writing the signature into buf.
261 */
262 memmove( buf, c, len );
263
264 /*
265 * Write sig and its OID into buf backwards from the end of buf.
266 * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len
267 * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed.
268 */
269 c2 = buf + size;
270 MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len,
271 mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len,
272 sig, sig_len ) );
273
274 /*
275 * Compact the space between the CSR data and signature by moving the
276 * CSR data to the start of the signature.
277 */
278 c2 -= len;
279 memmove( c2, buf, len );
280
281 /* ASN encode the total size and tag the CSR data with it. */
282 len += sig_and_oid_len;
283 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
284 MBEDTLS_ASN1_CHK_ADD( len,
285 mbedtls_asn1_write_tag(
286 &c2, buf,
287 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
288
289 /* Zero the unused bytes at the start of buf */
290 memset( buf, 0, c2 - buf);
291
292 return( (int) len );
293 }
294
mbedtls_x509write_csr_der(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)295 int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf,
296 size_t size,
297 int (*f_rng)(void *, unsigned char *, size_t),
298 void *p_rng )
299 {
300 int ret;
301 unsigned char *sig;
302
303 if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL )
304 {
305 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
306 }
307
308 ret = x509write_csr_der_internal( ctx, buf, size,
309 sig, MBEDTLS_PK_SIGNATURE_MAX_SIZE,
310 f_rng, p_rng );
311
312 mbedtls_free( sig );
313
314 return( ret );
315 }
316
317 #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
318 #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
319
320 #if defined(MBEDTLS_PEM_WRITE_C)
mbedtls_x509write_csr_pem(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)321 int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
322 int (*f_rng)(void *, unsigned char *, size_t),
323 void *p_rng )
324 {
325 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
326 size_t olen = 0;
327
328 if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size,
329 f_rng, p_rng ) ) < 0 )
330 {
331 return( ret );
332 }
333
334 if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
335 buf + size - ret,
336 ret, buf, size, &olen ) ) != 0 )
337 {
338 return( ret );
339 }
340
341 return( 0 );
342 }
343 #endif /* MBEDTLS_PEM_WRITE_C */
344
345 #endif /* MBEDTLS_X509_CSR_WRITE_C */
346