From b4dd21a7b8b850a39b0f610fceca21557853c943 Mon Sep 17 00:00:00 2001 From: David Cooper Date: Fri, 18 Aug 2017 09:27:19 -0400 Subject: [PATCH 1/1] Add -rsigopt option to ocsp command Add a -rsigopt option to the ocsp command that allows signature parameters to be provided for the signing of OCSP responses. The parameters that may be provided to -rsigopt are the same as may be provided to -sigopt in the ca, req, and x509 commands. This PR also defines a OCSP_basic_sign_ctx() function, which functions in the same way as OCSP_basic_sign(), except that it accepts a EVP_MD_CTX rather than a key and digest. The OCSP_basic_sign_ctx() function is used to implement the -rsigopt option in the ocsp command. Reviewed-by: Rich Salz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/4190) --- apps/ocsp.c | 43 +++++++++++++++++++++++++++++++++------ crypto/ocsp/ocsp_err.c | 1 + crypto/ocsp/ocsp_lcl.h | 4 ++++ crypto/ocsp/ocsp_srv.c | 28 ++++++++++++++++++++----- include/openssl/ocsp.h | 3 +++ include/openssl/ocsperr.h | 1 + util/libcrypto.num | 1 + 7 files changed, 70 insertions(+), 11 deletions(-) diff --git a/apps/ocsp.c b/apps/ocsp.c index 34aacd6c78..379e111ac4 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -46,9 +46,10 @@ static void print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req, STACK_OF(OPENSSL_STRING) *names, STACK_OF(OCSP_CERTID) *ids, long nsec, long maxage); -static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, +static void make_ocsp_response(BIO *err, OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db, STACK_OF(X509) *ca, X509 *rcert, EVP_PKEY *rkey, const EVP_MD *md, + STACK_OF(OPENSSL_STRING) *sigopts, STACK_OF(X509) *rother, unsigned long flags, int nmin, int ndays, int badsig); @@ -77,7 +78,7 @@ typedef enum OPTION_choice { OPT_VALIDITY_PERIOD, OPT_STATUS_AGE, OPT_SIGNKEY, OPT_REQOUT, OPT_RESPOUT, OPT_PATH, OPT_ISSUER, OPT_CERT, OPT_SERIAL, OPT_INDEX, OPT_CA, OPT_NMIN, OPT_REQUEST, OPT_NDAYS, OPT_RSIGNER, - OPT_RKEY, OPT_ROTHER, OPT_RMD, OPT_HEADER, + OPT_RKEY, OPT_ROTHER, OPT_RMD, OPT_SIGOPT, OPT_HEADER, OPT_V_ENUM, OPT_MD } OPTION_CHOICE; @@ -154,6 +155,7 @@ const OPTIONS ocsp_options[] = { {"rkey", OPT_RKEY, '<', "Responder key to sign responses with"}, {"rother", OPT_ROTHER, '<', "Other certificates to include in response"}, {"rmd", OPT_RMD, 's', "Digest Algorithm to use in signature of OCSP response"}, + {"rsigopt", OPT_SIGOPT, 's', "OCSP response signature parameter in n:v form"}, {"header", OPT_HEADER, 's', "key=value header to add"}, {"", OPT_MD, '-', "Any supported digest algorithm (sha1,sha256, ... )"}, OPT_V_OPTIONS, @@ -164,6 +166,7 @@ int ocsp_main(int argc, char **argv) { BIO *acbio = NULL, *cbio = NULL, *derbio = NULL, *out = NULL; const EVP_MD *cert_id_md = NULL, *rsign_md = NULL; + STACK_OF(OPENSSL_STRING) *rsign_sigopts = NULL; int trailing_md = 0; CA_DB *rdb = NULL; EVP_PKEY *key = NULL, *rkey = NULL; @@ -419,6 +422,12 @@ int ocsp_main(int argc, char **argv) if (!opt_md(opt_arg(), &rsign_md)) goto end; break; + case OPT_SIGOPT: + if (rsign_sigopts == NULL) + rsign_sigopts = sk_OPENSSL_STRING_new_null(); + if (rsign_sigopts == NULL || !sk_OPENSSL_STRING_push(rsign_sigopts, opt_arg())) + goto end; + break; case OPT_HEADER: header = opt_arg(); value = strchr(header, '='); @@ -583,8 +592,8 @@ redo_accept: } if (rdb != NULL) { - make_ocsp_response(&resp, req, rdb, rca_cert, rsigner, rkey, - rsign_md, rother, rflags, nmin, ndays, badsig); + make_ocsp_response(bio_err, &resp, req, rdb, rca_cert, rsigner, rkey, + rsign_md, rsign_sigopts, rother, rflags, nmin, ndays, badsig); if (cbio != NULL) send_ocsp_response(cbio, resp); } else if (host != NULL) { @@ -710,6 +719,8 @@ redo_accept: X509_free(signer); X509_STORE_free(store); X509_VERIFY_PARAM_free(vpm); + if (rsign_sigopts != NULL) + sk_OPENSSL_STRING_free(rsign_sigopts); EVP_PKEY_free(key); EVP_PKEY_free(rkey); X509_free(cert); @@ -855,9 +866,10 @@ static void print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req, } } -static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, +static void make_ocsp_response(BIO *err, OCSP_RESPONSE **resp, OCSP_REQUEST *req, CA_DB *db, STACK_OF(X509) *ca, X509 *rcert, EVP_PKEY *rkey, const EVP_MD *rmd, + STACK_OF(OPENSSL_STRING) *sigopts, STACK_OF(X509) *rother, unsigned long flags, int nmin, int ndays, int badsig) { @@ -865,6 +877,8 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, OCSP_CERTID *cid; OCSP_BASICRESP *bs = NULL; int i, id_count; + EVP_MD_CTX *mctx = NULL; + EVP_PKEY_CTX *pkctx = NULL; id_count = OCSP_request_onereq_count(req); @@ -950,7 +964,22 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, OCSP_copy_nonce(bs, req); - OCSP_basic_sign(bs, rcert, rkey, rmd, rother, flags); + mctx = EVP_MD_CTX_new(); + if ( mctx == NULL || !EVP_DigestSignInit(mctx, &pkctx, rmd, NULL, rkey)) { + *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR, NULL); + goto end; + } + for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) { + char *sigopt = sk_OPENSSL_STRING_value(sigopts, i); + if (pkey_ctrl_string(pkctx, sigopt) <= 0) { + BIO_printf(err, "parameter error \"%s\"\n", sigopt); + ERR_print_errors(bio_err); + *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR, + NULL); + goto end; + } + } + OCSP_basic_sign_ctx(bs, rcert, mctx, rother, flags); if (badsig) { const ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs); @@ -960,6 +989,8 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_SUCCESSFUL, bs); end: + if (mctx != NULL) + EVP_MD_CTX_free(mctx); ASN1_TIME_free(thisupd); ASN1_TIME_free(nextupd); OCSP_BASICRESP_free(bs); diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c index 5faeff23c9..a97177e958 100644 --- a/crypto/ocsp/ocsp_err.c +++ b/crypto/ocsp/ocsp_err.c @@ -18,6 +18,7 @@ static const ERR_STRING_DATA OCSP_str_functs[] = { {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_ADD1_STATUS, 0), "OCSP_basic_add1_status"}, {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_SIGN, 0), "OCSP_basic_sign"}, + {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_SIGN_CTX, 0), "OCSP_basic_sign_ctx"}, {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_VERIFY, 0), "OCSP_basic_verify"}, {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CERT_ID_NEW, 0), "OCSP_cert_id_new"}, {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CHECK_DELEGATED, 0), diff --git a/crypto/ocsp/ocsp_lcl.h b/crypto/ocsp/ocsp_lcl.h index d1cf1583f4..2215a0091d 100644 --- a/crypto/ocsp/ocsp_lcl.h +++ b/crypto/ocsp/ocsp_lcl.h @@ -224,6 +224,10 @@ struct ocsp_service_locator_st { ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\ NULL,(o)->signature,&(o)->tbsResponseData,pkey,md) +# define OCSP_BASICRESP_sign_ctx(o,ctx,d) \ + ASN1_item_sign_ctx(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\ + NULL,(o)->signature,&(o)->tbsResponseData,ctx) + # define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\ &(a)->optionalSignature->signatureAlgorithm,\ (a)->optionalSignature->signature,&(a)->tbsRequest,r) diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c index 51b27bddff..d31a3c0c25 100644 --- a/crypto/ocsp/ocsp_srv.c +++ b/crypto/ocsp/ocsp_srv.c @@ -168,15 +168,16 @@ int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert) return 1; } -int OCSP_basic_sign(OCSP_BASICRESP *brsp, - X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, +int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, + X509 *signer, EVP_MD_CTX *ctx, STACK_OF(X509) *certs, unsigned long flags) { int i; OCSP_RESPID *rid; - if (!X509_check_private_key(signer, key)) { - OCSPerr(OCSP_F_OCSP_BASIC_SIGN, + if (!ctx || !EVP_MD_CTX_pkey_ctx(ctx) || !EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)) || + !X509_check_private_key(signer, EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)))) { + OCSPerr(OCSP_F_OCSP_BASIC_SIGN_CTX, OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE); goto err; } @@ -208,7 +209,7 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp, * -- Richard Levitte */ - if (!OCSP_BASICRESP_sign(brsp, key, dgst, 0)) + if (!OCSP_BASICRESP_sign_ctx(brsp, ctx, 0)) goto err; return 1; @@ -216,6 +217,23 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp, return 0; } +int OCSP_basic_sign(OCSP_BASICRESP *brsp, + X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, + STACK_OF(X509) *certs, unsigned long flags) +{ + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); + EVP_PKEY_CTX *pkctx = NULL; + int i; + + if (!EVP_DigestSignInit(ctx, &pkctx, dgst, NULL, key)) { + EVP_MD_CTX_free(ctx); + return 1; + } + i = OCSP_basic_sign_ctx(brsp, signer, ctx, certs, flags); + EVP_MD_CTX_free(ctx); + return i; +} + int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert) { if (!X509_NAME_set(&respid->value.byName, X509_get_subject_name(cert))) diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h index 3ca2a92630..0b89a64eec 100644 --- a/include/openssl/ocsp.h +++ b/include/openssl/ocsp.h @@ -251,6 +251,9 @@ int OCSP_basic_add1_cert(OCSP_BASICRESP *resp, X509 *cert); int OCSP_basic_sign(OCSP_BASICRESP *brsp, X509 *signer, EVP_PKEY *key, const EVP_MD *dgst, STACK_OF(X509) *certs, unsigned long flags); +int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, + X509 *signer, EVP_MD_CTX *ctx, + STACK_OF(X509) *certs, unsigned long flags); int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert); int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert); int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert); diff --git a/include/openssl/ocsperr.h b/include/openssl/ocsperr.h index 0fdb47c61e..4edb2b725f 100644 --- a/include/openssl/ocsperr.h +++ b/include/openssl/ocsperr.h @@ -25,6 +25,7 @@ int ERR_load_OCSP_strings(void); # define OCSP_F_D2I_OCSP_NONCE 102 # define OCSP_F_OCSP_BASIC_ADD1_STATUS 103 # define OCSP_F_OCSP_BASIC_SIGN 104 +# define OCSP_F_OCSP_BASIC_SIGN_CTX 131 # define OCSP_F_OCSP_BASIC_VERIFY 105 # define OCSP_F_OCSP_CERT_ID_NEW 101 # define OCSP_F_OCSP_CHECK_DELEGATED 106 diff --git a/util/libcrypto.num b/util/libcrypto.num index d6fbd14043..3e7d28e167 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4500,3 +4500,4 @@ ADMISSIONS_get0_professionInfos 4440 1_1_1 EXIST::FUNCTION: ADMISSION_SYNTAX_new 4441 1_1_1 EXIST::FUNCTION: EVP_sha512_256 4442 1_1_1 EXIST::FUNCTION: EVP_sha512_224 4443 1_1_1 EXIST::FUNCTION: +OCSP_basic_sign_ctx 4444 1_1_1 EXIST::FUNCTION:OCSP -- 2.34.1