xref: /freebsd/crypto/openssl/crypto/crmf/crmf_local.h (revision aa1a8ff2d6dbc51ef058f46f3db5a8bb77967145)
1 /*-
2  * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright Nokia 2007-2019
4  * Copyright Siemens AG 2015-2019
5  *
6  * Licensed under the Apache License 2.0 (the "License").  You may not use
7  * this file except in compliance with the License.  You can obtain a copy
8  * in the file LICENSE in the source distribution or at
9  * https://www.openssl.org/source/license.html
10  *
11  * CRMF implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
12  */
13 
14 #ifndef OSSL_CRYPTO_CRMF_LOCAL_H
15 # define OSSL_CRYPTO_CRMF_LOCAL_H
16 
17 # include <openssl/crmf.h>
18 # include <openssl/err.h>
19 
20 /* explicit #includes not strictly needed since implied by the above: */
21 # include <openssl/types.h>
22 # include <openssl/safestack.h>
23 # include <openssl/x509.h>
24 # include <openssl/x509v3.h>
25 
26 /*-
27  * EncryptedValue ::= SEQUENCE {
28  * intendedAlg   [0] AlgorithmIdentifier  OPTIONAL,
29  *                  -- the intended algorithm for which the value will be used
30  * symmAlg       [1] AlgorithmIdentifier  OPTIONAL,
31  *                  -- the symmetric algorithm used to encrypt the value
32  * encSymmKey    [2] BIT STRING           OPTIONAL,
33  *                  -- the (encrypted) symmetric key used to encrypt the value
34  * keyAlg        [3] AlgorithmIdentifier  OPTIONAL,
35  *                  -- algorithm used to encrypt the symmetric key
36  * valueHint     [4] OCTET STRING         OPTIONAL,
37  *                  -- a brief description or identifier of the encValue content
38  *                  -- (may be meaningful only to the sending entity, and
39  *                  --  used only if EncryptedValue might be re-examined
40  *                  --  by the sending entity in the future)
41  * encValue      BIT STRING
42  *                  -- the encrypted value itself
43  * }
44  */
45 struct ossl_crmf_encryptedvalue_st {
46     X509_ALGOR *intendedAlg;      /* 0 */
47     X509_ALGOR *symmAlg;          /* 1 */
48     ASN1_BIT_STRING *encSymmKey;  /* 2 */
49     X509_ALGOR *keyAlg;           /* 3 */
50     ASN1_OCTET_STRING *valueHint; /* 4 */
51     ASN1_BIT_STRING *encValue;
52 } /* OSSL_CRMF_ENCRYPTEDVALUE */;
53 
54 /*-
55  *  Attributes ::= SET OF Attribute
56  *  => X509_ATTRIBUTE
57  *
58  *  PrivateKeyInfo ::= SEQUENCE {
59  *     version                       INTEGER,
60  *     privateKeyAlgorithm           AlgorithmIdentifier,
61  *     privateKey                    OCTET STRING,
62  *     attributes                    [0] IMPLICIT Attributes OPTIONAL
63  *  }
64  */
65 typedef struct ossl_crmf_privatekeyinfo_st {
66     ASN1_INTEGER *version;
67     X509_ALGOR *privateKeyAlgorithm;
68     ASN1_OCTET_STRING *privateKey;
69     STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
70 } OSSL_CRMF_PRIVATEKEYINFO;
71 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PRIVATEKEYINFO)
72 
73 /*-
74  * section 4.2.1 Private Key Info Content Type
75  * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21}
76  *
77  * EncKeyWithID ::= SEQUENCE {
78  * privateKey     PrivateKeyInfo,
79  * identifier     CHOICE {
80  *                      string         UTF8String,
81  *                      generalName    GeneralName
82  *                } OPTIONAL
83  * }
84  */
85 typedef struct ossl_crmf_enckeywithid_identifier_st {
86     int type;
87     union {
88         ASN1_UTF8STRING *string;
89         GENERAL_NAME *generalName;
90     } value;
91 } OSSL_CRMF_ENCKEYWITHID_IDENTIFIER;
92 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID_IDENTIFIER)
93 
94 typedef struct ossl_crmf_enckeywithid_st {
95     OSSL_CRMF_PRIVATEKEYINFO *privateKey;
96     /* [0] */
97     OSSL_CRMF_ENCKEYWITHID_IDENTIFIER *identifier;
98 } OSSL_CRMF_ENCKEYWITHID;
99 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ENCKEYWITHID)
100 
101 /*-
102  * CertId ::= SEQUENCE {
103  *      issuer           GeneralName,
104  *      serialNumber     INTEGER
105  * }
106  */
107 struct ossl_crmf_certid_st {
108     GENERAL_NAME *issuer;
109     ASN1_INTEGER *serialNumber;
110 } /* OSSL_CRMF_CERTID */;
111 
112 /*-
113  * SinglePubInfo ::= SEQUENCE {
114  *  pubMethod        INTEGER {
115  *      dontCare        (0),
116  *      x500            (1),
117  *      web             (2),
118  *      ldap            (3) },
119  *  pubLocation  GeneralName OPTIONAL
120  * }
121  */
122 struct ossl_crmf_singlepubinfo_st {
123     ASN1_INTEGER *pubMethod;
124     GENERAL_NAME *pubLocation;
125 } /* OSSL_CRMF_SINGLEPUBINFO */;
126 DEFINE_STACK_OF(OSSL_CRMF_SINGLEPUBINFO)
127 typedef STACK_OF(OSSL_CRMF_SINGLEPUBINFO) OSSL_CRMF_PUBINFOS;
128 
129 
130 /*-
131  * PKIPublicationInfo ::= SEQUENCE {
132  *      action     INTEGER {
133  *                   dontPublish (0),
134  *                   pleasePublish (1) },
135  *      pubInfos   SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL
136  *      -- pubInfos MUST NOT be present if action is "dontPublish"
137  *      -- (if action is "pleasePublish" and pubInfos is omitted,
138  *      -- "dontCare" is assumed)
139  * }
140  */
141 struct ossl_crmf_pkipublicationinfo_st {
142     ASN1_INTEGER *action;
143     OSSL_CRMF_PUBINFOS *pubInfos;
144 } /* OSSL_CRMF_PKIPUBLICATIONINFO */;
145 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_PKIPUBLICATIONINFO)
146 
147 /*-
148  * PKMACValue ::= SEQUENCE {
149  * algId  AlgorithmIdentifier,
150  * -- algorithm value shall be PasswordBasedMac {1 2 840 113533 7 66 13}
151  * -- parameter value is PBMParameter
152  * value  BIT STRING
153  * }
154  */
155 typedef struct ossl_crmf_pkmacvalue_st {
156     X509_ALGOR *algId;
157     ASN1_BIT_STRING *value;
158 } OSSL_CRMF_PKMACVALUE;
159 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_PKMACVALUE)
160 
161 /*-
162  * SubsequentMessage ::= INTEGER {
163  * encrCert (0),
164  * -- requests that resulting certificate be encrypted for the
165  * -- end entity (following which, POP will be proven in a
166  * -- confirmation message)
167  * challengeResp (1)
168  * -- requests that CA engage in challenge-response exchange with
169  * -- end entity in order to prove private key possession
170  * }
171  *
172  * POPOPrivKey ::= CHOICE {
173  * thisMessage       [0] BIT STRING,                 -- Deprecated
174  * -- possession is proven in this message (which contains the private
175  * -- key itself (encrypted for the CA))
176  * subsequentMessage [1] SubsequentMessage,
177  * -- possession will be proven in a subsequent message
178  * dhMAC             [2] BIT STRING,                 -- Deprecated
179  * agreeMAC          [3] PKMACValue,
180  * encryptedKey      [4] EnvelopedData
181  * }
182  */
183 
184 typedef struct ossl_crmf_popoprivkey_st {
185     int type;
186     union {
187         ASN1_BIT_STRING *thisMessage; /* 0 */ /* Deprecated */
188         ASN1_INTEGER *subsequentMessage; /* 1 */
189         ASN1_BIT_STRING *dhMAC; /* 2 */ /* Deprecated */
190         OSSL_CRMF_PKMACVALUE *agreeMAC; /* 3 */
191         ASN1_NULL *encryptedKey; /* 4 */
192     } value;
193 } OSSL_CRMF_POPOPRIVKEY;
194 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOPRIVKEY)
195 
196 /*-
197  * PBMParameter ::= SEQUENCE {
198  *    salt                    OCTET STRING,
199  *    owf                     AlgorithmIdentifier,
200  *    -- AlgId for a One-Way Function (SHA-1 recommended)
201  *    iterationCount          INTEGER,
202  *    -- number of times the OWF is applied
203  *    mac                     AlgorithmIdentifier
204  *    -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
205  *    -- or HMAC [HMAC, RFC2202])
206  * }
207  */
208 struct ossl_crmf_pbmparameter_st {
209     ASN1_OCTET_STRING *salt;
210     X509_ALGOR *owf;
211     ASN1_INTEGER *iterationCount;
212     X509_ALGOR *mac;
213 } /* OSSL_CRMF_PBMPARAMETER */;
214 # define OSSL_CRMF_PBM_MAX_ITERATION_COUNT 100000 /* if too large allows DoS */
215 
216 /*-
217  * POPOSigningKeyInput ::= SEQUENCE {
218  * authInfo       CHOICE {
219  *     sender                 [0] GeneralName,
220  *   -- used only if an authenticated identity has been
221  *   -- established for the sender (e.g., a DN from a
222  *   -- previously-issued and currently-valid certificate)
223  *     publicKeyMAC           PKMACValue },
224  *   -- used if no authenticated GeneralName currently exists for
225  *   -- the sender; publicKeyMAC contains a password-based MAC
226  *   -- on the DER-encoded value of publicKey
227  * publicKey      SubjectPublicKeyInfo  -- from CertTemplate
228  * }
229  */
230 typedef struct ossl_crmf_poposigningkeyinput_authinfo_st {
231     int type;
232     union {
233         /* 0 */ GENERAL_NAME *sender;
234         /* 1 */ OSSL_CRMF_PKMACVALUE *publicKeyMAC;
235     } value;
236 } OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO;
237 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO)
238 
239 typedef struct ossl_crmf_poposigningkeyinput_st {
240     OSSL_CRMF_POPOSIGNINGKEYINPUT_AUTHINFO *authInfo;
241     X509_PUBKEY *publicKey;
242 } OSSL_CRMF_POPOSIGNINGKEYINPUT;
243 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEYINPUT)
244 
245 /*-
246  * POPOSigningKey ::= SEQUENCE {
247  *  poposkInput           [0] POPOSigningKeyInput OPTIONAL,
248  *  algorithmIdentifier   AlgorithmIdentifier,
249  *  signature             BIT STRING
250  * }
251  */
252 struct ossl_crmf_poposigningkey_st {
253     OSSL_CRMF_POPOSIGNINGKEYINPUT *poposkInput;
254     X509_ALGOR *algorithmIdentifier;
255     ASN1_BIT_STRING *signature;
256 } /* OSSL_CRMF_POPOSIGNINGKEY */;
257 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPOSIGNINGKEY)
258 
259 /*-
260  * ProofOfPossession ::= CHOICE {
261  *  raVerified        [0] NULL,
262  *  -- used if the RA has already verified that the requester is in
263  *  -- possession of the private key
264  *  signature         [1] POPOSigningKey,
265  *  keyEncipherment   [2] POPOPrivKey,
266  *  keyAgreement      [3] POPOPrivKey
267  * }
268  */
269 typedef struct ossl_crmf_popo_st {
270     int type;
271     union {
272         ASN1_NULL *raVerified; /* 0 */
273         OSSL_CRMF_POPOSIGNINGKEY *signature; /* 1 */
274         OSSL_CRMF_POPOPRIVKEY *keyEncipherment; /* 2 */
275         OSSL_CRMF_POPOPRIVKEY *keyAgreement; /* 3 */
276     } value;
277 } OSSL_CRMF_POPO;
278 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_POPO)
279 
280 /*-
281  * OptionalValidity ::= SEQUENCE {
282  *  notBefore      [0] Time OPTIONAL,
283  *  notAfter       [1] Time OPTIONAL  -- at least one MUST be present
284  * }
285  */
286 struct ossl_crmf_optionalvalidity_st {
287     /* 0 */ ASN1_TIME *notBefore;
288     /* 1 */ ASN1_TIME *notAfter;
289 } /* OSSL_CRMF_OPTIONALVALIDITY */;
290 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_OPTIONALVALIDITY)
291 
292 /*-
293  * CertTemplate ::= SEQUENCE {
294  * version          [0] Version                   OPTIONAL,
295  * serialNumber     [1] INTEGER                   OPTIONAL,
296  * signingAlg       [2] AlgorithmIdentifier       OPTIONAL,
297  * issuer           [3] Name                      OPTIONAL,
298  * validity         [4] OptionalValidity          OPTIONAL,
299  * subject          [5] Name                      OPTIONAL,
300  * publicKey        [6] SubjectPublicKeyInfo      OPTIONAL,
301  * issuerUID        [7] UniqueIdentifier          OPTIONAL,
302  * subjectUID       [8] UniqueIdentifier          OPTIONAL,
303  * extensions       [9] Extensions                OPTIONAL
304  * }
305  */
306 struct ossl_crmf_certtemplate_st {
307     ASN1_INTEGER *version;
308     ASN1_INTEGER *serialNumber; /* serialNumber MUST be omitted */
309     /* This field is assigned by the CA during certificate creation */
310     X509_ALGOR *signingAlg; /* signingAlg MUST be omitted */
311     /* This field is assigned by the CA during certificate creation */
312     const X509_NAME *issuer;
313     OSSL_CRMF_OPTIONALVALIDITY *validity;
314     const X509_NAME *subject;
315     X509_PUBKEY *publicKey;
316     ASN1_BIT_STRING *issuerUID; /* deprecated in version 2 */
317     /* According to rfc 3280: UniqueIdentifier ::= BIT STRING */
318     ASN1_BIT_STRING *subjectUID; /* deprecated in version 2 */
319     /* Could be X509_EXTENSION*S*, but that's only cosmetic */
320     STACK_OF(X509_EXTENSION) *extensions;
321 } /* OSSL_CRMF_CERTTEMPLATE */;
322 
323 /*-
324  * CertRequest ::= SEQUENCE {
325  *  certReqId        INTEGER,          -- ID for matching request and reply
326  *  certTemplate     CertTemplate,     -- Selected fields of cert to be issued
327  *  controls         Controls OPTIONAL -- Attributes affecting issuance
328  * }
329  */
330 struct ossl_crmf_certrequest_st {
331     ASN1_INTEGER *certReqId;
332     OSSL_CRMF_CERTTEMPLATE *certTemplate;
333     STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *controls;
334 } /* OSSL_CRMF_CERTREQUEST */;
335 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_CERTREQUEST)
336 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_CERTREQUEST)
337 
338 struct ossl_crmf_attributetypeandvalue_st {
339     ASN1_OBJECT *type;
340     union {
341         /* NID_id_regCtrl_regToken */
342         ASN1_UTF8STRING *regToken;
343 
344         /* NID_id_regCtrl_authenticator */
345         ASN1_UTF8STRING *authenticator;
346 
347         /* NID_id_regCtrl_pkiPublicationInfo */
348         OSSL_CRMF_PKIPUBLICATIONINFO *pkiPublicationInfo;
349 
350         /* NID_id_regCtrl_oldCertID */
351         OSSL_CRMF_CERTID *oldCertID;
352 
353         /* NID_id_regCtrl_protocolEncrKey */
354         X509_PUBKEY *protocolEncrKey;
355 
356         /* NID_id_regInfo_utf8Pairs */
357         ASN1_UTF8STRING *utf8Pairs;
358 
359         /* NID_id_regInfo_certReq */
360         OSSL_CRMF_CERTREQUEST *certReq;
361 
362         ASN1_TYPE *other;
363     } value;
364 } /* OSSL_CRMF_ATTRIBUTETYPEANDVALUE */;
365 DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)
366 DEFINE_STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)
367 DECLARE_ASN1_DUP_FUNCTION(OSSL_CRMF_ATTRIBUTETYPEANDVALUE)
368 
369 /*-
370  * CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg
371  * CertReqMsg ::= SEQUENCE {
372  *  certReq        CertRequest,
373  *  popo           ProofOfPossession  OPTIONAL,
374  * -- content depends upon key type
375  *  regInfo   SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL
376  * }
377  */
378 struct ossl_crmf_msg_st {
379     OSSL_CRMF_CERTREQUEST *certReq;
380     /* 0 */
381     OSSL_CRMF_POPO *popo;
382     /* 1 */
383     STACK_OF(OSSL_CRMF_ATTRIBUTETYPEANDVALUE) *regInfo;
384 } /* OSSL_CRMF_MSG */;
385 #endif
386