1 /*
2 * X.509 Certificate Signing Request writing
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19 /*
20 * References:
21 * - CSRs: PKCS#10 v1.7 aka RFC 2986
22 * - attributes: PKCS#9 v2.0 aka RFC 2985
23 */
24
25 #include "common.h"
26
27 #if defined(MBEDTLS_X509_CSR_WRITE_C)
28
29 #include "mbedtls/x509_csr.h"
30 #include "mbedtls/asn1write.h"
31 #include "mbedtls/error.h"
32 #include "mbedtls/oid.h"
33 #include "mbedtls/platform_util.h"
34
35 #if defined(MBEDTLS_USE_PSA_CRYPTO)
36 #include "psa/crypto.h"
37 #include "mbedtls/psa_util.h"
38 #endif /* MBEDTLS_USE_PSA_CRYPTO */
39 #include "hash_info.h"
40
41 #include <string.h>
42 #include <stdlib.h>
43
44 #if defined(MBEDTLS_PEM_WRITE_C)
45 #include "mbedtls/pem.h"
46 #endif
47
48 #include "mbedtls/platform.h"
49
mbedtls_x509write_csr_init(mbedtls_x509write_csr * ctx)50 void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
51 {
52 memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
53 }
54
mbedtls_x509write_csr_free(mbedtls_x509write_csr * ctx)55 void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx )
56 {
57 mbedtls_asn1_free_named_data_list( &ctx->subject );
58 mbedtls_asn1_free_named_data_list( &ctx->extensions );
59
60 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_csr ) );
61 }
62
mbedtls_x509write_csr_set_md_alg(mbedtls_x509write_csr * ctx,mbedtls_md_type_t md_alg)63 void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg )
64 {
65 ctx->md_alg = md_alg;
66 }
67
mbedtls_x509write_csr_set_key(mbedtls_x509write_csr * ctx,mbedtls_pk_context * key)68 void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key )
69 {
70 ctx->key = key;
71 }
72
mbedtls_x509write_csr_set_subject_name(mbedtls_x509write_csr * ctx,const char * subject_name)73 int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
74 const char *subject_name )
75 {
76 return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
77 }
78
mbedtls_x509write_csr_set_extension(mbedtls_x509write_csr * ctx,const char * oid,size_t oid_len,int critical,const unsigned char * val,size_t val_len)79 int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
80 const char *oid, size_t oid_len,
81 int critical,
82 const unsigned char *val, size_t val_len )
83 {
84 return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
85 critical, val, val_len );
86 }
87
mbedtls_x509write_csr_set_key_usage(mbedtls_x509write_csr * ctx,unsigned char key_usage)88 int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
89 {
90 unsigned char buf[4] = {0};
91 unsigned char *c;
92 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
93
94 c = buf + 4;
95
96 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &key_usage, 8 );
97 if( ret < 3 || ret > 4 )
98 return( ret );
99
100 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
101 MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
102 0, c, (size_t)ret );
103 if( ret != 0 )
104 return( ret );
105
106 return( 0 );
107 }
108
mbedtls_x509write_csr_set_ns_cert_type(mbedtls_x509write_csr * ctx,unsigned char ns_cert_type)109 int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
110 unsigned char ns_cert_type )
111 {
112 unsigned char buf[4] = {0};
113 unsigned char *c;
114 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
115
116 c = buf + 4;
117
118 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 );
119 if( ret < 3 || ret > 4 )
120 return( ret );
121
122 ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
123 MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
124 0, c, (size_t)ret );
125 if( ret != 0 )
126 return( ret );
127
128 return( 0 );
129 }
130
x509write_csr_der_internal(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,unsigned char * sig,size_t sig_size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)131 static int x509write_csr_der_internal( mbedtls_x509write_csr *ctx,
132 unsigned char *buf,
133 size_t size,
134 unsigned char *sig, size_t sig_size,
135 int (*f_rng)(void *, unsigned char *, size_t),
136 void *p_rng )
137 {
138 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
139 const char *sig_oid;
140 size_t sig_oid_len = 0;
141 unsigned char *c, *c2;
142 unsigned char hash[MBEDTLS_HASH_MAX_SIZE];
143 size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
144 size_t len = 0;
145 mbedtls_pk_type_t pk_alg;
146 #if defined(MBEDTLS_USE_PSA_CRYPTO)
147 size_t hash_len;
148 psa_algorithm_t hash_alg = mbedtls_hash_info_psa_from_md( ctx->md_alg );
149 #endif /* MBEDTLS_USE_PSA_CRYPTO */
150
151 /* Write the CSR backwards starting from the end of buf */
152 c = buf + size;
153
154 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, buf,
155 ctx->extensions ) );
156
157 if( len )
158 {
159 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
160 MBEDTLS_ASN1_CHK_ADD( len,
161 mbedtls_asn1_write_tag(
162 &c, buf,
163 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
164
165 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
166 MBEDTLS_ASN1_CHK_ADD( len,
167 mbedtls_asn1_write_tag(
168 &c, buf,
169 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) );
170
171 MBEDTLS_ASN1_CHK_ADD( len,
172 mbedtls_asn1_write_oid(
173 &c, buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
174 MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
175
176 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
177 MBEDTLS_ASN1_CHK_ADD( len,
178 mbedtls_asn1_write_tag(
179 &c, buf,
180 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
181 }
182
183 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
184 MBEDTLS_ASN1_CHK_ADD( len,
185 mbedtls_asn1_write_tag(
186 &c, buf,
187 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
188
189 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
190 buf, c - buf ) );
191 c -= pub_len;
192 len += pub_len;
193
194 /*
195 * Subject ::= Name
196 */
197 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, buf,
198 ctx->subject ) );
199
200 /*
201 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
202 */
203 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
204
205 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
206 MBEDTLS_ASN1_CHK_ADD( len,
207 mbedtls_asn1_write_tag(
208 &c, buf,
209 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
210
211 /*
212 * Sign the written CSR data into the sig buffer
213 * Note: hash errors can happen only after an internal error
214 */
215 #if defined(MBEDTLS_USE_PSA_CRYPTO)
216 if( psa_hash_compute( hash_alg,
217 c,
218 len,
219 hash,
220 sizeof( hash ),
221 &hash_len ) != PSA_SUCCESS )
222 {
223 return( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED );
224 }
225 #else /* MBEDTLS_USE_PSA_CRYPTO */
226 ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
227 if( ret != 0 )
228 return( ret );
229 #endif
230 if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0,
231 sig, sig_size, &sig_len,
232 f_rng, p_rng ) ) != 0 )
233 {
234 return( ret );
235 }
236
237 if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_RSA ) )
238 pk_alg = MBEDTLS_PK_RSA;
239 else if( mbedtls_pk_can_do( ctx->key, MBEDTLS_PK_ECDSA ) )
240 pk_alg = MBEDTLS_PK_ECDSA;
241 else
242 return( MBEDTLS_ERR_X509_INVALID_ALG );
243
244 if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
245 &sig_oid, &sig_oid_len ) ) != 0 )
246 {
247 return( ret );
248 }
249
250 /*
251 * Move the written CSR data to the start of buf to create space for
252 * writing the signature into buf.
253 */
254 memmove( buf, c, len );
255
256 /*
257 * Write sig and its OID into buf backwards from the end of buf.
258 * Note: mbedtls_x509_write_sig will check for c2 - ( buf + len ) < sig_len
259 * and return MBEDTLS_ERR_ASN1_BUF_TOO_SMALL if needed.
260 */
261 c2 = buf + size;
262 MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len,
263 mbedtls_x509_write_sig( &c2, buf + len, sig_oid, sig_oid_len,
264 sig, sig_len ) );
265
266 /*
267 * Compact the space between the CSR data and signature by moving the
268 * CSR data to the start of the signature.
269 */
270 c2 -= len;
271 memmove( c2, buf, len );
272
273 /* ASN encode the total size and tag the CSR data with it. */
274 len += sig_and_oid_len;
275 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
276 MBEDTLS_ASN1_CHK_ADD( len,
277 mbedtls_asn1_write_tag(
278 &c2, buf,
279 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
280
281 /* Zero the unused bytes at the start of buf */
282 memset( buf, 0, c2 - buf);
283
284 return( (int) len );
285 }
286
mbedtls_x509write_csr_der(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)287 int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf,
288 size_t size,
289 int (*f_rng)(void *, unsigned char *, size_t),
290 void *p_rng )
291 {
292 int ret;
293 unsigned char *sig;
294
295 if( ( sig = mbedtls_calloc( 1, MBEDTLS_PK_SIGNATURE_MAX_SIZE ) ) == NULL )
296 {
297 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
298 }
299
300 ret = x509write_csr_der_internal( ctx, buf, size,
301 sig, MBEDTLS_PK_SIGNATURE_MAX_SIZE,
302 f_rng, p_rng );
303
304 mbedtls_free( sig );
305
306 return( ret );
307 }
308
309 #define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
310 #define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
311
312 #if defined(MBEDTLS_PEM_WRITE_C)
mbedtls_x509write_csr_pem(mbedtls_x509write_csr * ctx,unsigned char * buf,size_t size,int (* f_rng)(void *,unsigned char *,size_t),void * p_rng)313 int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
314 int (*f_rng)(void *, unsigned char *, size_t),
315 void *p_rng )
316 {
317 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
318 size_t olen = 0;
319
320 if( ( ret = mbedtls_x509write_csr_der( ctx, buf, size,
321 f_rng, p_rng ) ) < 0 )
322 {
323 return( ret );
324 }
325
326 if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
327 buf + size - ret,
328 ret, buf, size, &olen ) ) != 0 )
329 {
330 return( ret );
331 }
332
333 return( 0 );
334 }
335 #endif /* MBEDTLS_PEM_WRITE_C */
336
337 #endif /* MBEDTLS_X509_CSR_WRITE_C */
338
