1 /*- 2 * Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright Nokia 2007-2019 4 * Copyright Siemens AG 2015-2019 5 * 6 * Licensed under the Apache License 2.0 (the "License"). You may not use 7 * this file except in compliance with the License. You can obtain a copy 8 * in the file LICENSE in the source distribution or at 9 * https://www.openssl.org/source/license.html 10 * 11 * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb. 12 */ 13 14 #ifndef OSSL_CRYPTO_CRMF_LOCAL_H 15 # define OSSL_CRYPTO_CRMF_LOCAL_H 16 17 # include <openssl/crmf.h> 18 # include <openssl/cms.h> /* for CMS_EnvelopedData and CMS_SignedData */ 19 # include <openssl/err.h> 20 # include "internal/crmf.h" /* for ossl_crmf_attributetypeandvalue_st */ 21 22 /* explicit #includes not strictly needed since implied by the above: */ 23 # include <openssl/types.h> 24 # include <openssl/safestack.h> 25 # include <openssl/x509.h> 26 # include <openssl/x509v3.h> 27 28 /*- 29 * EncryptedValue ::= SEQUENCE { 30 * intendedAlg [0] AlgorithmIdentifier OPTIONAL, 31 * -- the intended algorithm for which the value will be used 32 * symmAlg [1] AlgorithmIdentifier OPTIONAL, 33 * -- the symmetric algorithm used to encrypt the value 34 * encSymmKey [2] BIT STRING OPTIONAL, 35 * -- the (encrypted) symmetric key used to encrypt the value 36 * keyAlg [3] AlgorithmIdentifier OPTIONAL, 37 * -- algorithm used to encrypt the symmetric key 38 * valueHint [4] OCTET STRING OPTIONAL, 39 * -- a brief description or identifier of the encValue content 40 * -- (may be meaningful only to the sending entity, and 41 * -- used only if EncryptedValue might be re-examined 42 * -- by the sending entity in the future) 43 * encValue BIT STRING 44 * -- the encrypted value itself 45 * } 46 */ 47 struct ossl_crmf_encryptedvalue_st { 48 X509_ALGOR *intendedAlg; /* 0 */ 49 X509_ALGOR *symmAlg; /* 1 */ 50 ASN1_BIT_STRING *encSymmKey; /* 2 */ 51 X509_ALGOR *keyAlg; /* 3 */ 52 ASN1_OCTET_STRING *valueHint; /* 4 */ 53 ASN1_BIT_STRING *encValue; 54 } /* OSSL_CRMF_ENCRYPTEDVALUE */; 55 56 /* 57 * EncryptedKey ::= CHOICE { 58 * encryptedValue EncryptedValue, -- Deprecated 59 * envelopedData [0] EnvelopedData } 60 * -- The encrypted private key MUST be placed in the envelopedData 61 * -- encryptedContentInfo encryptedContent OCTET STRING. 62 */ 63 # define OSSL_CRMF_ENCRYPTEDKEY_ENVELOPEDDATA 1 64 65 struct ossl_crmf_encryptedkey_st { 66 int type; 67 union { 68 OSSL_CRMF_ENCRYPTEDVALUE *encryptedValue; /* 0 */ /* Deprecated */ 69 # ifndef OPENSSL_NO_CMS 70 CMS_EnvelopedData *envelopedData; /* 1 */ 71 # endif 72 } value; 73 } /* OSSL_CRMF_ENCRYPTEDKEY */; 74 75 /*- 76 * Attributes ::= SET OF Attribute 77 * => X509_ATTRIBUTE 78 * 79 * PrivateKeyInfo ::= SEQUENCE { 80 * version INTEGER, 81 * privateKeyAlgorithm AlgorithmIdentifier, 82 * privateKey OCTET STRING, 83 * attributes [0] IMPLICIT Attributes OPTIONAL 84 * } 85 */ 86 typedef struct ossl_crmf_privatekeyinfo_st { 87 ASN1_INTEGER *version; 88 X509_ALGOR *privateKeyAlgorithm; 89 ASN1_OCTET_STRING *privateKey; 90 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ 91 } OSSL_CRMF_PRIVATEKEYINFO; 92 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PRIVATEKEYINFO) 93 94 /*- 95 * section 4.2.1 Private Key Info Content Type 96 * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21} 97 * 98 * EncKeyWithID ::= SEQUENCE { 99 * privateKey PrivateKeyInfo, 100 * identifier CHOICE { 101 * string UTF8String, 102 * generalName GeneralName 103 * } OPTIONAL 104 * } 105 */ 106 typedef struct ossl_crmf_enckeywithid_identifier_st { 107 int type; 108 union { 109 ASN1_UTF8STRING *string; 110 GENERAL_NAME *generalName; 111 } value; 112 } OSSL_CRMF_ENCKEYWITHID_IDENTIFIER; 113 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER) 114 115 typedef struct ossl_crmf_enckeywithid_st { 116 OSSL_CRMF_PRIVATEKEYINFO *privateKey; 117 /* [0] */ 118 OSSL_CRMF_ENCKEYWITHID_IDENTIFIER *identifier; 119 } OSSL_CRMF_ENCKEYWITHID; 120 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID) 121 122 /*- 123 * CertId ::= SEQUENCE { 124 * issuer GeneralName, 125 * serialNumber INTEGER 126 * } 127 */ 128 struct ossl_crmf_certid_st { 129 GENERAL_NAME *issuer; 130 ASN1_INTEGER *serialNumber; 131 } /* OSSL_CRMF_CERTID */; 132 133 /*- 134 * SinglePubInfo ::= SEQUENCE { 135 * pubMethod INTEGER { 136 * dontCare (0), 137 * x500 (1), 138 * web (2), 139 * ldap (3) }, 140 * pubLocation GeneralName OPTIONAL 141 * } 142 */ 143 struct ossl_crmf_singlepubinfo_st { 144 ASN1_INTEGER *pubMethod; 145 GENERAL_NAME *pubLocation; 146 } /* OSSL_CRMF_SINGLEPUBINFO */; 147 DEFINE_STACK_OF(OSSL_CRMF_SINGLEPUBINFO) 148 typedef STACK_OF(OSSL_CRMF_SINGLEPUBINFO) OSSL_CRMF_PUBINFOS; 149 150 /*- 151 * PKIPublicationInfo ::= SEQUENCE { 152 * action INTEGER { 153 * dontPublish (0), 154 * pleasePublish (1) }, 155 * pubInfos SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL 156 * -- pubInfos MUST NOT be present if action is "dontPublish" 157 * -- (if action is "pleasePublish" and pubInfos is omitted, 158 * -- "dontCare" is assumed) 159 * } 160 */ 161 struct ossl_crmf_pkipublicationinfo_st { 162 ASN1_INTEGER *action; 163 OSSL_CRMF_PUBINFOS *pubInfos; 164 } /* OSSL_CRMF_PKIPUBLICATIONINFO */; 165 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_PKIPUBLICATIONINFO) 166 167 /*- 168 * PKMACValue ::= SEQUENCE { 169 * algId AlgorithmIdentifier, 170 * -- algorithm value shall be PasswordBasedMac {1 2 840 113533 7 66 13} 171 * -- parameter value is PBMParameter 172 * value BIT STRING 173 * } 174 */ 175 typedef struct ossl_crmf_pkmacvalue_st { 176 X509_ALGOR *algId; 177 ASN1_BIT_STRING *value; 178 } OSSL_CRMF_PKMACVALUE; 179 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE) 180 181 /*- 182 * SubsequentMessage ::= INTEGER { 183 * encrCert (0), 184 * -- requests that resulting certificate be encrypted for the 185 * -- end entity (following which, POP will be proven in a 186 * -- confirmation message) 187 * challengeResp (1) 188 * -- requests that CA engage in challenge-response exchange with 189 * -- end entity in order to prove private key possession 190 * } 191 * 192 * POPOPrivKey ::= CHOICE { 193 * thisMessage [0] BIT STRING, -- Deprecated 194 * -- possession is proven in this message (which contains the private 195 * -- key itself (encrypted for the CA)) 196 * subsequentMessage [1] SubsequentMessage, 197 * -- possession will be proven in a subsequent message 198 * dhMAC [2] BIT STRING, -- Deprecated 199 * agreeMAC [3] PKMACValue, 200 * encryptedKey [4] EnvelopedData 201 * } 202 */ 203 204 typedef struct ossl_crmf_popoprivkey_st { 205 int type; 206 union { 207 ASN1_BIT_STRING *thisMessage; /* 0 */ /* Deprecated */ 208 ASN1_INTEGER *subsequentMessage; /* 1 */ 209 ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */ 210 OSSL_CRMF_PKMACVALUE *agreeMAC; /* 3 */ 211 ASN1_NULL *encryptedKey; /* 4 */ 212 /* When supported, ASN1_NULL needs to be replaced by CMS_ENVELOPEDDATA */ 213 } value; 214 } OSSL_CRMF_POPOPRIVKEY; 215 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOPRIVKEY) 216 217 /*- 218 * PBMParameter ::= SEQUENCE { 219 * salt OCTET STRING, 220 * owf AlgorithmIdentifier, 221 * -- AlgId for a One-Way Function (SHA-1 recommended) 222 * iterationCount INTEGER, 223 * -- number of times the OWF is applied 224 * mac AlgorithmIdentifier 225 * -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], 226 * -- or HMAC [HMAC, RFC2202]) 227 * } 228 */ 229 struct ossl_crmf_pbmparameter_st { 230 ASN1_OCTET_STRING *salt; 231 X509_ALGOR *owf; 232 ASN1_INTEGER *iterationCount; 233 X509_ALGOR *mac; 234 } /* OSSL_CRMF_PBMPARAMETER */; 235 # define OSSL_CRMF_PBM_MAX_ITERATION_COUNT 100000 /* if too large allows DoS */ 236 237 /*- 238 * POPOSigningKeyInput ::= SEQUENCE { 239 * authInfo CHOICE { 240 * sender [0] GeneralName, 241 * -- used only if an authenticated identity has been 242 * -- established for the sender (e.g., a DN from a 243 * -- previously-issued and currently-valid certificate) 244 * publicKeyMAC PKMACValue }, 245 * -- used if no authenticated GeneralName currently exists for 246 * -- the sender; publicKeyMAC contains a password-based MAC 247 * -- on the DER-encoded value of publicKey 248 * publicKey SubjectPublicKeyInfo -- from CertTemplate 249 * } 250 */ 251 typedef struct ossl_crmf_poposigningkeyinput_authinfo_st { 252 int type; 253 union { 254 /* 0 */ GENERAL_NAME *sender; 255 /* 1 */ OSSL_CRMF_PKMACVALUE *publicKeyMAC; 256 } value; 257 } OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO; 258 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO) 259 260 typedef struct ossl_crmf_poposigningkeyinput_st { 261 OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO *authInfo; 262 X509_PUBKEY *publicKey; 263 } OSSL_CRMF_POPOSIGNINGKEYINPUT; 264 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT) 265 266 /*- 267 * POPOSigningKey ::= SEQUENCE { 268 * poposkInput [0] POPOSigningKeyInput OPTIONAL, 269 * algorithmIdentifier AlgorithmIdentifier, 270 * signature BIT STRING 271 * } 272 */ 273 struct ossl_crmf_poposigningkey_st { 274 OSSL_CRMF_POPOSIGNINGKEYINPUT *poposkInput; 275 X509_ALGOR *algorithmIdentifier; 276 ASN1_BIT_STRING *signature; 277 } /* OSSL_CRMF_POPOSIGNINGKEY */; 278 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEY) 279 280 /*- 281 * ProofOfPossession ::= CHOICE { 282 * raVerified [0] NULL, 283 * -- used if the RA has already verified that the requester is in 284 * -- possession of the private key 285 * signature [1] POPOSigningKey, 286 * keyEncipherment [2] POPOPrivKey, 287 * keyAgreement [3] POPOPrivKey 288 * } 289 */ 290 typedef struct ossl_crmf_popo_st { 291 int type; 292 union { 293 ASN1_NULL *raVerified; /* 0 */ 294 OSSL_CRMF_POPOSIGNINGKEY *signature; /* 1 */ 295 OSSL_CRMF_POPOPRIVKEY *keyEncipherment; /* 2 */ 296 OSSL_CRMF_POPOPRIVKEY *keyAgreement; /* 3 */ 297 } value; 298 } OSSL_CRMF_POPO; 299 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPO) 300 301 /*- 302 * OptionalValidity ::= SEQUENCE { 303 * notBefore [0] Time OPTIONAL, 304 * notAfter [1] Time OPTIONAL -- at least one MUST be present 305 * } 306 */ 307 struct ossl_crmf_optionalvalidity_st { 308 /* 0 */ ASN1_TIME *notBefore; 309 /* 1 */ ASN1_TIME *notAfter; 310 } /* OSSL_CRMF_OPTIONALVALIDITY */; 311 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY) 312 313 /*- 314 * CertTemplate ::= SEQUENCE { 315 * version [0] Version OPTIONAL, 316 * serialNumber [1] INTEGER OPTIONAL, 317 * signingAlg [2] AlgorithmIdentifier OPTIONAL, 318 * issuer [3] Name OPTIONAL, 319 * validity [4] OptionalValidity OPTIONAL, 320 * subject [5] Name OPTIONAL, 321 * publicKey [6] SubjectPublicKeyInfo OPTIONAL, 322 * issuerUID [7] UniqueIdentifier OPTIONAL, 323 * subjectUID [8] UniqueIdentifier OPTIONAL, 324 * extensions [9] Extensions OPTIONAL 325 * } 326 */ 327 struct ossl_crmf_certtemplate_st { 328 ASN1_INTEGER *version; 329 ASN1_INTEGER *serialNumber; /* serialNumber MUST be omitted */ 330 /* This field is assigned by the CA during certificate creation */ 331 X509_ALGOR *signingAlg; /* signingAlg MUST be omitted */ 332 /* This field is assigned by the CA during certificate creation */ 333 const X509_NAME *issuer; 334 OSSL_CRMF_OPTIONALVALIDITY *validity; 335 const X509_NAME *subject; 336 X509_PUBKEY *publicKey; 337 ASN1_BIT_STRING *issuerUID; /* deprecated in version 2 */ 338 /* According to rfc 3280: UniqueIdentifier ::= BIT STRING */ 339 ASN1_BIT_STRING *subjectUID; /* deprecated in version 2 */ 340 /* Could be X509_EXTENSION*S*, but that's only cosmetic */ 341 STACK_OF(X509_EXTENSION) *extensions; 342 } /* OSSL_CRMF_CERTTEMPLATE */; 343 344 /*- 345 * CertRequest ::= SEQUENCE { 346 * certReqId INTEGER, -- ID for matching request and reply 347 * certTemplate CertTemplate, -- Selected fields of cert to be issued 348 * controls Controls OPTIONAL -- Attributes affecting issuance 349 * } 350 */ 351 struct ossl_crmf_certrequest_st { 352 ASN1_INTEGER *certReqId; 353 OSSL_CRMF_CERTTEMPLATE *certTemplate; 354 STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE /* Controls expanded */) *controls; 355 } /* OSSL_CRMF_CERTREQUEST */; 356 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTREQUEST) 357 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTREQUEST) 358 359 /*- 360 * CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg 361 * CertReqMsg ::= SEQUENCE { 362 * certReq CertRequest, 363 * popo ProofOfPossession OPTIONAL, 364 * -- content depends upon key type 365 * regInfo SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL 366 * } 367 */ 368 struct ossl_crmf_msg_st { 369 OSSL_CRMF_CERTREQUEST *certReq; 370 /* 0 */ 371 OSSL_CRMF_POPO *popo; 372 /* 1 */ 373 STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *regInfo; 374 } /* OSSL_CRMF_MSG */; 375 #endif 376