1 /* $OpenBSD: ts.c,v 1.29 2024/08/26 18:40:50 tb Exp $ */
2 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
3 * project 2002.
4 */
5 /* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include <string.h>
62
63 #include "apps.h"
64
65 #include <openssl/bio.h>
66 #include <openssl/bn.h>
67 #include <openssl/err.h>
68 #include <openssl/pem.h>
69 #include <openssl/ts.h>
70
71 /* Length of the nonce of the request in bits (must be a multiple of 8). */
72 #define NONCE_LENGTH 64
73
74 /* Macro definitions for the configuration file. */
75 #define ENV_OID_FILE "oid_file"
76
77 /* Local function declarations. */
78
79 static ASN1_OBJECT *txt2obj(const char *oid);
80 static CONF *load_config_file(const char *configfile);
81
82 /* Query related functions. */
83 static int query_command(const char *data, char *digest, const EVP_MD *md,
84 const char *policy, int no_nonce, int cert, const char *in, const char *out,
85 int text);
86 static BIO *BIO_open_with_default(const char *file, const char *mode,
87 FILE *default_fp);
88 static TS_REQ *create_query(BIO *data_bio, char *digest, const EVP_MD *md,
89 const char *policy, int no_nonce, int cert);
90 static int create_digest(BIO *input, char *digest, const EVP_MD *md,
91 unsigned char **md_value);
92 static ASN1_INTEGER *create_nonce(int bits);
93
94 /* Reply related functions. */
95 static int reply_command(CONF *conf, char *section, char *queryfile,
96 char *passin, char *inkey, char *signer, char *chain, const char *policy,
97 char *in, int token_in, char *out, int token_out, int text);
98 static TS_RESP *read_PKCS7(BIO *in_bio);
99 static TS_RESP *create_response(CONF *conf, const char *section,
100 char *queryfile, char *passin, char *inkey, char *signer, char *chain,
101 const char *policy);
102 static ASN1_INTEGER *serial_cb(TS_RESP_CTX *ctx, void *data);
103 static ASN1_INTEGER *next_serial(const char *serialfile);
104 static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
105
106 /* Verify related functions. */
107 static int verify_command(char *data, char *digest, char *queryfile, char *in,
108 int token_in, char *ca_path, char *ca_file, char *untrusted);
109 static TS_VERIFY_CTX *create_verify_ctx(char *data, char *digest,
110 char *queryfile, char *ca_path, char *ca_file, char *untrusted);
111 static X509_STORE *create_cert_store(char *ca_path, char *ca_file);
112 static int verify_cb(int ok, X509_STORE_CTX *ctx);
113
114 enum mode {
115 CMD_NONE, CMD_QUERY, CMD_REPLY, CMD_VERIFY
116 };
117
118 static struct {
119 char *ca_file;
120 char *ca_path;
121 int cert;
122 char *chain;
123 char *configfile;
124 char *data;
125 char *digest;
126 char *in;
127 char *inkey;
128 const EVP_MD *md;
129 int mode;
130 int no_nonce;
131 char *out;
132 char *passin;
133 char *policy;
134 char *queryfile;
135 char *section;
136 char *signer;
137 int text;
138 int token_in;
139 int token_out;
140 char *untrusted;
141 } cfg;
142
143 static int
ts_opt_md(int argc,char ** argv,int * argsused)144 ts_opt_md(int argc, char **argv, int *argsused)
145 {
146 char *name = argv[0];
147
148 if (*name++ != '-')
149 return (1);
150
151 if ((cfg.md = EVP_get_digestbyname(name)) == NULL)
152 return (1);
153
154 *argsused = 1;
155 return (0);
156 }
157
158 static int
ts_opt_query(void)159 ts_opt_query(void)
160 {
161 if (cfg.mode != CMD_NONE)
162 return (1);
163 cfg.mode = CMD_QUERY;
164 return (0);
165 }
166
167 static int
ts_opt_reply(void)168 ts_opt_reply(void)
169 {
170 if (cfg.mode != CMD_NONE)
171 return (1);
172 cfg.mode = CMD_REPLY;
173 return (0);
174 }
175
176 static int
ts_opt_verify(void)177 ts_opt_verify(void)
178 {
179 if (cfg.mode != CMD_NONE)
180 return (1);
181 cfg.mode = CMD_VERIFY;
182 return (0);
183 }
184
185 static const struct option ts_options[] = {
186 {
187 .name = "CAfile",
188 .argname = "file",
189 .desc = "Certificate Authority file",
190 .type = OPTION_ARG,
191 .opt.arg = &cfg.ca_file,
192 },
193 {
194 .name = "CApath",
195 .argname = "path",
196 .desc = "Certificate Authority path",
197 .type = OPTION_ARG,
198 .opt.arg = &cfg.ca_path,
199 },
200 {
201 .name = "cert",
202 .desc = "Include signing certificate in the response",
203 .type = OPTION_FLAG,
204 .opt.flag = &cfg.cert,
205 },
206 {
207 .name = "chain",
208 .argname = "file",
209 .desc = "PEM certificates that will be included in the response",
210 .type = OPTION_ARG,
211 .opt.arg = &cfg.chain,
212 },
213 {
214 .name = "config",
215 .argname = "file",
216 .desc = "Specify an alternative configuration file",
217 .type = OPTION_ARG,
218 .opt.arg = &cfg.configfile,
219 },
220 {
221 .name = "data",
222 .argname = "file",
223 .desc = "Data file for which the time stamp request needs to be created",
224 .type = OPTION_ARG,
225 .opt.arg = &cfg.data,
226 },
227 {
228 .name = "digest",
229 .argname = "arg",
230 .desc = "Specify the message imprint explicitly without the data file",
231 .type = OPTION_ARG,
232 .opt.arg = &cfg.digest,
233 },
234 {
235 .name = "in",
236 .argname = "file",
237 .desc = "Input file",
238 .type = OPTION_ARG,
239 .opt.arg = &cfg.in,
240 },
241 {
242 .name = "inkey",
243 .argname = "file",
244 .desc = "Input key file",
245 .type = OPTION_ARG,
246 .opt.arg = &cfg.inkey,
247 },
248 {
249 .name = "no_nonce",
250 .desc = "Specify no nonce in the request",
251 .type = OPTION_FLAG,
252 .opt.flag = &cfg.no_nonce,
253 },
254 {
255 .name = "out",
256 .argname = "file",
257 .desc = "Output file",
258 .type = OPTION_ARG,
259 .opt.arg = &cfg.out,
260 },
261 {
262 .name = "passin",
263 .argname = "src",
264 .desc = "Private key password source",
265 .type = OPTION_ARG,
266 .opt.arg = &cfg.passin,
267 },
268 {
269 .name = "policy",
270 .argname = "object_id",
271 .desc = "Policy for the TSA to use when creating the time stamp token",
272 .type = OPTION_ARG,
273 .opt.arg = &cfg.policy,
274 },
275 {
276 .name = "query",
277 .desc = "Create and print a time stamp request",
278 .type = OPTION_FUNC,
279 .opt.func = ts_opt_query,
280 },
281 {
282 .name = "queryfile",
283 .argname = "file",
284 .desc = "File containing a DER-encoded time stamp request",
285 .type = OPTION_ARG,
286 .opt.arg = &cfg.queryfile,
287 },
288 {
289 .name = "reply",
290 .desc = "Create a time stamp response",
291 .type = OPTION_FUNC,
292 .opt.func = ts_opt_reply,
293 },
294 {
295 .name = "section",
296 .argname = "arg",
297 .desc = "TSA section containing the settings for response generation",
298 .type = OPTION_ARG,
299 .opt.arg = &cfg.section,
300 },
301 {
302 .name = "signer",
303 .argname = "file",
304 .desc = "Signer certificate file",
305 .type = OPTION_ARG,
306 .opt.arg = &cfg.signer,
307 },
308 {
309 .name = "text",
310 .desc = "Output in human-readable text format",
311 .type = OPTION_FLAG,
312 .opt.flag = &cfg.text,
313 },
314 {
315 .name = "token_in",
316 .desc = "Input is a DER-encoded time stamp token",
317 .type = OPTION_FLAG,
318 .opt.flag = &cfg.token_in,
319 },
320 {
321 .name = "token_out",
322 .desc = "Output is a DER-encoded time stamp token",
323 .type = OPTION_FLAG,
324 .opt.flag = &cfg.token_out,
325 },
326 {
327 .name = "untrusted",
328 .argname = "file",
329 .desc = "File containing untrusted certificates",
330 .type = OPTION_ARG,
331 .opt.arg = &cfg.untrusted,
332 },
333 {
334 .name = "verify",
335 .desc = "Verify a time stamp response",
336 .type = OPTION_FUNC,
337 .opt.func = ts_opt_verify,
338 },
339 {
340 .name = NULL,
341 .desc = "",
342 .type = OPTION_ARGV_FUNC,
343 .opt.argvfunc = ts_opt_md,
344 },
345 { NULL },
346 };
347
348 static void
ts_usage(void)349 ts_usage(void)
350 {
351 fprintf(stderr, "usage:\n"
352 "ts -query [-md4 | -md5 | -ripemd160 | -sha1] [-cert]\n"
353 " [-config configfile] [-data file_to_hash]\n"
354 " [-digest digest_bytes] [-in request.tsq] [-no_nonce]\n"
355 " [-out request.tsq] [-policy object_id] [-text]\n");
356 fprintf(stderr, "\n"
357 "ts -reply [-chain certs_file.pem] [-config configfile]\n"
358 " [-in response.tsr] [-inkey private.pem] [-out response.tsr]\n"
359 " [-passin arg] [-policy object_id] [-queryfile request.tsq]\n"
360 " [-section tsa_section] [-signer tsa_cert.pem] [-text]\n"
361 " [-token_in] [-token_out]\n");
362 fprintf(stderr, "\n"
363 "ts -verify [-CAfile trusted_certs.pem]\n"
364 " [-CApath trusted_cert_path] [-data file_to_hash]\n"
365 " [-digest digest_bytes] [-in response.tsr]\n"
366 " [-queryfile request.tsq] [-token_in]\n"
367 " [-untrusted cert_file.pem]\n");
368 fprintf(stderr, "\n");
369 options_usage(ts_options);
370 fprintf(stderr, "\n");
371 }
372
373 int
ts_main(int argc,char ** argv)374 ts_main(int argc, char **argv)
375 {
376 int ret = 1;
377 CONF *conf = NULL;
378 char *password = NULL; /* Password itself. */
379
380 if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
381 perror("pledge");
382 exit(1);
383 }
384
385 memset(&cfg, 0, sizeof(cfg));
386 cfg.mode = CMD_NONE;
387
388 if (options_parse(argc, argv, ts_options, NULL, NULL) != 0)
389 goto usage;
390
391 /* Get the password if required. */
392 if (cfg.mode == CMD_REPLY && cfg.passin != NULL &&
393 !app_passwd(bio_err, cfg.passin, NULL, &password, NULL)) {
394 BIO_printf(bio_err, "Error getting password.\n");
395 goto cleanup;
396 }
397 /*
398 * Check consistency of parameters and execute the appropriate
399 * function.
400 */
401 switch (cfg.mode) {
402 case CMD_NONE:
403 goto usage;
404 case CMD_QUERY:
405 /*
406 * Data file and message imprint cannot be specified at the
407 * same time.
408 */
409 ret = cfg.data != NULL && cfg.digest != NULL;
410 if (ret)
411 goto usage;
412 /* Load the config file for possible policy OIDs. */
413 conf = load_config_file(cfg.configfile);
414 ret = !query_command(cfg.data, cfg.digest,
415 cfg.md, cfg.policy, cfg.no_nonce,
416 cfg.cert, cfg.in, cfg.out,
417 cfg.text);
418 break;
419 case CMD_REPLY:
420 conf = load_config_file(cfg.configfile);
421 if (cfg.in == NULL) {
422 ret = !(cfg.queryfile != NULL && conf != NULL &&
423 !cfg.token_in);
424 if (ret)
425 goto usage;
426 } else {
427 /* 'in' and 'queryfile' are exclusive. */
428 ret = !(cfg.queryfile == NULL);
429 if (ret)
430 goto usage;
431 }
432
433 ret = !reply_command(conf, cfg.section,
434 cfg.queryfile, password, cfg.inkey,
435 cfg.signer, cfg.chain, cfg.policy,
436 cfg.in, cfg.token_in, cfg.out,
437 cfg.token_out, cfg.text);
438 break;
439 case CMD_VERIFY:
440 ret = !(((cfg.queryfile != NULL && cfg.data == NULL &&
441 cfg.digest == NULL) ||
442 (cfg.queryfile == NULL && cfg.data != NULL &&
443 cfg.digest == NULL) ||
444 (cfg.queryfile == NULL && cfg.data == NULL &&
445 cfg.digest != NULL)) &&
446 cfg.in != NULL);
447 if (ret)
448 goto usage;
449
450 ret = !verify_command(cfg.data, cfg.digest,
451 cfg.queryfile, cfg.in, cfg.token_in,
452 cfg.ca_path, cfg.ca_file, cfg.untrusted);
453 }
454
455 goto cleanup;
456
457 usage:
458 ts_usage();
459
460 cleanup:
461 /* Clean up. */
462 NCONF_free(conf);
463 free(password);
464 OBJ_cleanup();
465
466 return (ret);
467 }
468
469 /*
470 * Configuration file-related function definitions.
471 */
472
473 static ASN1_OBJECT *
txt2obj(const char * oid)474 txt2obj(const char *oid)
475 {
476 ASN1_OBJECT *oid_obj = NULL;
477
478 if ((oid_obj = OBJ_txt2obj(oid, 0)) == NULL)
479 BIO_printf(bio_err, "cannot convert %s to OID\n", oid);
480
481 return oid_obj;
482 }
483
484 static CONF *
load_config_file(const char * configfile)485 load_config_file(const char *configfile)
486 {
487 CONF *conf = NULL;
488 long errorline = -1;
489
490 if (configfile == NULL)
491 configfile = getenv("OPENSSL_CONF");
492
493 if (configfile != NULL &&
494 ((conf = NCONF_new(NULL)) == NULL ||
495 NCONF_load(conf, configfile, &errorline) <= 0)) {
496 if (errorline <= 0)
497 BIO_printf(bio_err, "error loading the config file "
498 "'%s'\n", configfile);
499 else
500 BIO_printf(bio_err, "error on line %ld of config file "
501 "'%s'\n", errorline, configfile);
502 }
503 if (conf != NULL) {
504 const char *p;
505
506 BIO_printf(bio_err, "Using configuration from %s\n",
507 configfile);
508 p = NCONF_get_string(conf, NULL, ENV_OID_FILE);
509 if (p != NULL) {
510 BIO *oid_bio = BIO_new_file(p, "r");
511 if (oid_bio == NULL)
512 ERR_print_errors(bio_err);
513 else {
514 OBJ_create_objects(oid_bio);
515 BIO_free_all(oid_bio);
516 }
517 } else
518 ERR_clear_error();
519 if (!add_oid_section(bio_err, conf))
520 ERR_print_errors(bio_err);
521 }
522 return conf;
523 }
524
525 /*
526 * Query-related method definitions.
527 */
528
529 static int
query_command(const char * data,char * digest,const EVP_MD * md,const char * policy,int no_nonce,int cert,const char * in,const char * out,int text)530 query_command(const char *data, char *digest, const EVP_MD *md,
531 const char *policy, int no_nonce, int cert, const char *in, const char *out,
532 int text)
533 {
534 int ret = 0;
535 TS_REQ *query = NULL;
536 BIO *in_bio = NULL;
537 BIO *data_bio = NULL;
538 BIO *out_bio = NULL;
539
540 /* Build query object either from file or from scratch. */
541 if (in != NULL) {
542 if ((in_bio = BIO_new_file(in, "rb")) == NULL)
543 goto end;
544 query = d2i_TS_REQ_bio(in_bio, NULL);
545 } else {
546 /* Open the file if no explicit digest bytes were specified. */
547 if (digest == NULL &&
548 (data_bio = BIO_open_with_default(data, "rb", stdin)) == NULL)
549 goto end;
550 /* Creating the query object. */
551 query = create_query(data_bio, digest, md,
552 policy, no_nonce, cert);
553 /* Saving the random number generator state. */
554 }
555 if (query == NULL)
556 goto end;
557
558 /* Write query either in ASN.1 or in text format. */
559 if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
560 goto end;
561 if (text) {
562 /* Text output. */
563 if (!TS_REQ_print_bio(out_bio, query))
564 goto end;
565 } else {
566 /* ASN.1 output. */
567 if (!i2d_TS_REQ_bio(out_bio, query))
568 goto end;
569 }
570
571 ret = 1;
572
573 end:
574 ERR_print_errors(bio_err);
575
576 /* Clean up. */
577 BIO_free_all(in_bio);
578 BIO_free_all(data_bio);
579 BIO_free_all(out_bio);
580 TS_REQ_free(query);
581
582 return ret;
583 }
584
585 static BIO *
BIO_open_with_default(const char * file,const char * mode,FILE * default_fp)586 BIO_open_with_default(const char *file, const char *mode, FILE *default_fp)
587 {
588 return file == NULL ? BIO_new_fp(default_fp, BIO_NOCLOSE) :
589 BIO_new_file(file, mode);
590 }
591
592 static TS_REQ *
create_query(BIO * data_bio,char * digest,const EVP_MD * md,const char * policy,int no_nonce,int cert)593 create_query(BIO *data_bio, char *digest, const EVP_MD *md, const char *policy,
594 int no_nonce, int cert)
595 {
596 int ret = 0;
597 TS_REQ *ts_req = NULL;
598 int len;
599 TS_MSG_IMPRINT *msg_imprint = NULL;
600 X509_ALGOR *algo = NULL;
601 unsigned char *data = NULL;
602 ASN1_OBJECT *md_obj = NULL, *policy_obj = NULL;
603 ASN1_INTEGER *nonce_asn1 = NULL;
604
605 /* Setting default message digest. */
606 if (md == NULL && (md = EVP_get_digestbyname("sha1")) == NULL)
607 goto err;
608
609 /* Creating request object. */
610 if ((ts_req = TS_REQ_new()) == NULL)
611 goto err;
612
613 /* Setting version. */
614 if (!TS_REQ_set_version(ts_req, 1))
615 goto err;
616
617 /* Creating and adding MSG_IMPRINT object. */
618 if ((msg_imprint = TS_MSG_IMPRINT_new()) == NULL)
619 goto err;
620
621 /* Adding algorithm. */
622 if ((algo = X509_ALGOR_new()) == NULL)
623 goto err;
624 if ((md_obj = OBJ_nid2obj(EVP_MD_type(md))) == NULL)
625 goto err;
626 /*
627 * This does not use X509_ALGOR_set_md() for historical reasons.
628 * See the comment in PKCS7_SIGNER_INFO_set() for details.
629 */
630 if (!X509_ALGOR_set0(algo, md_obj, V_ASN1_NULL, NULL))
631 goto err;
632 if (!TS_MSG_IMPRINT_set_algo(msg_imprint, algo))
633 goto err;
634
635 /* Adding message digest. */
636 if ((len = create_digest(data_bio, digest, md, &data)) == 0)
637 goto err;
638 if (!TS_MSG_IMPRINT_set_msg(msg_imprint, data, len))
639 goto err;
640
641 if (!TS_REQ_set_msg_imprint(ts_req, msg_imprint))
642 goto err;
643
644 /* Setting policy if requested. */
645 if (policy != NULL && (policy_obj = txt2obj(policy)) == NULL)
646 goto err;
647 if (policy_obj != NULL && !TS_REQ_set_policy_id(ts_req, policy_obj))
648 goto err;
649
650 /* Setting nonce if requested. */
651 if (!no_nonce && (nonce_asn1 = create_nonce(NONCE_LENGTH)) == NULL)
652 goto err;
653 if (nonce_asn1 != NULL && !TS_REQ_set_nonce(ts_req, nonce_asn1))
654 goto err;
655
656 /* Setting certificate request flag if requested. */
657 if (!TS_REQ_set_cert_req(ts_req, cert))
658 goto err;
659
660 ret = 1;
661
662 err:
663 if (!ret) {
664 TS_REQ_free(ts_req);
665 ts_req = NULL;
666 BIO_printf(bio_err, "could not create query\n");
667 }
668 TS_MSG_IMPRINT_free(msg_imprint);
669 X509_ALGOR_free(algo);
670 free(data);
671 ASN1_OBJECT_free(policy_obj);
672 ASN1_INTEGER_free(nonce_asn1);
673
674 return ts_req;
675 }
676
677 static int
create_digest(BIO * input,char * digest,const EVP_MD * md,unsigned char ** out_md_value)678 create_digest(BIO *input, char *digest, const EVP_MD *md,
679 unsigned char **out_md_value)
680 {
681 EVP_MD_CTX *md_ctx = NULL;
682 unsigned char *md_value = NULL;
683 int md_value_len;
684 int ret = 0;
685
686 md_value_len = EVP_MD_size(md);
687 if (md_value_len < 0)
688 goto err;
689
690 if (input != NULL) {
691 /* Digest must be computed from an input file. */
692 unsigned char buffer[4096];
693 int length;
694
695 md_value = malloc(md_value_len);
696 if (md_value == NULL)
697 goto err;
698
699 if ((md_ctx = EVP_MD_CTX_new()) == NULL)
700 goto err;
701
702 if (!EVP_DigestInit(md_ctx, md))
703 goto err;
704
705 while ((length = BIO_read(input, buffer, sizeof(buffer))) > 0) {
706 if (!EVP_DigestUpdate(md_ctx, buffer, length))
707 goto err;
708 }
709
710 if (!EVP_DigestFinal(md_ctx, md_value, NULL))
711 goto err;
712 } else {
713 /* Digest bytes are specified with digest. */
714 long digest_len;
715
716 md_value = string_to_hex(digest, &digest_len);
717 if (md_value == NULL || md_value_len != digest_len) {
718 BIO_printf(bio_err, "bad digest, %d bytes "
719 "must be specified\n", md_value_len);
720 goto err;
721 }
722 }
723
724 *out_md_value = md_value;
725 md_value = NULL;
726
727 ret = md_value_len;
728
729 err:
730 free(md_value);
731 EVP_MD_CTX_free(md_ctx);
732
733 return ret;
734 }
735
736 static ASN1_INTEGER *
create_nonce(int bits)737 create_nonce(int bits)
738 {
739 unsigned char buf[20];
740 ASN1_INTEGER *nonce = NULL;
741 int len = (bits - 1) / 8 + 1;
742 int i;
743
744 /* Generating random byte sequence. */
745 if (len > (int) sizeof(buf))
746 goto err;
747 arc4random_buf(buf, len);
748
749 /* Find the first non-zero byte and creating ASN1_INTEGER object. */
750 for (i = 0; i < len && !buf[i]; ++i)
751 ;
752 if ((nonce = ASN1_INTEGER_new()) == NULL)
753 goto err;
754 free(nonce->data);
755 /* Allocate at least one byte. */
756 nonce->length = len - i;
757 if ((nonce->data = malloc(nonce->length + 1)) == NULL)
758 goto err;
759 memcpy(nonce->data, buf + i, nonce->length);
760
761 return nonce;
762
763 err:
764 BIO_printf(bio_err, "could not create nonce\n");
765 ASN1_INTEGER_free(nonce);
766 return NULL;
767 }
768
769 /*
770 * Reply-related method definitions.
771 */
772
773 static int
reply_command(CONF * conf,char * section,char * queryfile,char * passin,char * inkey,char * signer,char * chain,const char * policy,char * in,int token_in,char * out,int token_out,int text)774 reply_command(CONF *conf, char *section, char *queryfile, char *passin,
775 char *inkey, char *signer, char *chain, const char *policy, char *in,
776 int token_in, char *out, int token_out, int text)
777 {
778 int ret = 0;
779 TS_RESP *response = NULL;
780 BIO *in_bio = NULL;
781 BIO *query_bio = NULL;
782 BIO *inkey_bio = NULL;
783 BIO *signer_bio = NULL;
784 BIO *out_bio = NULL;
785
786 /* Build response object either from response or query. */
787 if (in != NULL) {
788 if ((in_bio = BIO_new_file(in, "rb")) == NULL)
789 goto end;
790 if (token_in) {
791 /*
792 * We have a ContentInfo (PKCS7) object, add
793 * 'granted' status info around it.
794 */
795 response = read_PKCS7(in_bio);
796 } else {
797 /* We have a ready-made TS_RESP object. */
798 response = d2i_TS_RESP_bio(in_bio, NULL);
799 }
800 } else {
801 response = create_response(conf, section, queryfile, passin,
802 inkey, signer, chain, policy);
803 if (response != NULL)
804 BIO_printf(bio_err, "Response has been generated.\n");
805 else
806 BIO_printf(bio_err, "Response is not generated.\n");
807 }
808 if (response == NULL)
809 goto end;
810
811 /* Write response either in ASN.1 or text format. */
812 if ((out_bio = BIO_open_with_default(out, "wb", stdout)) == NULL)
813 goto end;
814 if (text) {
815 /* Text output. */
816 if (token_out) {
817 TS_TST_INFO *tst_info = TS_RESP_get_tst_info(response);
818 if (!TS_TST_INFO_print_bio(out_bio, tst_info))
819 goto end;
820 } else {
821 if (!TS_RESP_print_bio(out_bio, response))
822 goto end;
823 }
824 } else {
825 /* ASN.1 DER output. */
826 if (token_out) {
827 PKCS7 *token = TS_RESP_get_token(response);
828 if (!i2d_PKCS7_bio(out_bio, token))
829 goto end;
830 } else {
831 if (!i2d_TS_RESP_bio(out_bio, response))
832 goto end;
833 }
834 }
835
836 ret = 1;
837
838 end:
839 ERR_print_errors(bio_err);
840
841 /* Clean up. */
842 BIO_free_all(in_bio);
843 BIO_free_all(query_bio);
844 BIO_free_all(inkey_bio);
845 BIO_free_all(signer_bio);
846 BIO_free_all(out_bio);
847 TS_RESP_free(response);
848
849 return ret;
850 }
851
852 /* Reads a PKCS7 token and adds default 'granted' status info to it. */
853 static TS_RESP *
read_PKCS7(BIO * in_bio)854 read_PKCS7(BIO *in_bio)
855 {
856 int ret = 0;
857 PKCS7 *token = NULL;
858 TS_TST_INFO *tst_info = NULL;
859 TS_RESP *resp = NULL;
860 TS_STATUS_INFO *si = NULL;
861
862 /* Read PKCS7 object and extract the signed time stamp info. */
863 if ((token = d2i_PKCS7_bio(in_bio, NULL)) == NULL)
864 goto end;
865 if ((tst_info = PKCS7_to_TS_TST_INFO(token)) == NULL)
866 goto end;
867
868 /* Creating response object. */
869 if ((resp = TS_RESP_new()) == NULL)
870 goto end;
871
872 /* Create granted status info. */
873 if ((si = TS_STATUS_INFO_new()) == NULL)
874 goto end;
875 if (!TS_STATUS_INFO_set_status(si, TS_STATUS_GRANTED))
876 goto end;
877 if (!TS_RESP_set_status_info(resp, si))
878 goto end;
879
880 /* Setting encapsulated token. */
881 TS_RESP_set_tst_info(resp, token, tst_info);
882 token = NULL; /* Ownership is lost. */
883 tst_info = NULL; /* Ownership is lost. */
884
885 ret = 1;
886 end:
887 PKCS7_free(token);
888 TS_TST_INFO_free(tst_info);
889 if (!ret) {
890 TS_RESP_free(resp);
891 resp = NULL;
892 }
893 TS_STATUS_INFO_free(si);
894 return resp;
895 }
896
897 static TS_RESP *
create_response(CONF * conf,const char * section,char * queryfile,char * passin,char * inkey,char * signer,char * chain,const char * policy)898 create_response(CONF *conf, const char *section, char *queryfile, char *passin,
899 char *inkey, char *signer, char *chain, const char *policy)
900 {
901 int ret = 0;
902 TS_RESP *response = NULL;
903 BIO *query_bio = NULL;
904 TS_RESP_CTX *resp_ctx = NULL;
905
906 if ((query_bio = BIO_new_file(queryfile, "rb")) == NULL)
907 goto end;
908
909 /* Getting TSA configuration section. */
910 if ((section = TS_CONF_get_tsa_section(conf, section)) == NULL)
911 goto end;
912
913 /* Setting up response generation context. */
914 if ((resp_ctx = TS_RESP_CTX_new()) == NULL)
915 goto end;
916
917 /* Setting serial number provider callback. */
918 if (!TS_CONF_set_serial(conf, section, serial_cb, resp_ctx))
919 goto end;
920
921 /* Setting TSA signer certificate. */
922 if (!TS_CONF_set_signer_cert(conf, section, signer, resp_ctx))
923 goto end;
924
925 /* Setting TSA signer certificate chain. */
926 if (!TS_CONF_set_certs(conf, section, chain, resp_ctx))
927 goto end;
928
929 /* Setting TSA signer private key. */
930 if (!TS_CONF_set_signer_key(conf, section, inkey, passin, resp_ctx))
931 goto end;
932
933 /* Setting default policy OID. */
934 if (!TS_CONF_set_def_policy(conf, section, policy, resp_ctx))
935 goto end;
936
937 /* Setting acceptable policy OIDs. */
938 if (!TS_CONF_set_policies(conf, section, resp_ctx))
939 goto end;
940
941 /* Setting the acceptable one-way hash algorithms. */
942 if (!TS_CONF_set_digests(conf, section, resp_ctx))
943 goto end;
944
945 /* Setting guaranteed time stamp accuracy. */
946 if (!TS_CONF_set_accuracy(conf, section, resp_ctx))
947 goto end;
948
949 /* Setting the precision of the time. */
950 if (!TS_CONF_set_clock_precision_digits(conf, section, resp_ctx))
951 goto end;
952
953 /* Setting the ordering flag if requested. */
954 if (!TS_CONF_set_ordering(conf, section, resp_ctx))
955 goto end;
956
957 /* Setting the TSA name required flag if requested. */
958 if (!TS_CONF_set_tsa_name(conf, section, resp_ctx))
959 goto end;
960
961 /* Setting the ESS cert id chain flag if requested. */
962 if (!TS_CONF_set_ess_cert_id_chain(conf, section, resp_ctx))
963 goto end;
964
965 /* Creating the response. */
966 if ((response = TS_RESP_create_response(resp_ctx, query_bio)) == NULL)
967 goto end;
968
969 ret = 1;
970 end:
971 if (!ret) {
972 TS_RESP_free(response);
973 response = NULL;
974 }
975 TS_RESP_CTX_free(resp_ctx);
976 BIO_free_all(query_bio);
977
978 return response;
979 }
980
981 static ASN1_INTEGER *
serial_cb(TS_RESP_CTX * ctx,void * data)982 serial_cb(TS_RESP_CTX *ctx, void *data)
983 {
984 const char *serial_file = (const char *) data;
985 ASN1_INTEGER *serial = next_serial(serial_file);
986
987 if (serial == NULL) {
988 TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION,
989 "Error during serial number "
990 "generation.");
991 TS_RESP_CTX_add_failure_info(ctx,
992 TS_INFO_ADD_INFO_NOT_AVAILABLE);
993 } else
994 save_ts_serial(serial_file, serial);
995
996 return serial;
997 }
998
999 static ASN1_INTEGER *
next_serial(const char * serialfile)1000 next_serial(const char *serialfile)
1001 {
1002 int ret = 0;
1003 BIO *in = NULL;
1004 ASN1_INTEGER *serial = NULL;
1005 BIGNUM *bn = NULL;
1006
1007 if ((serial = ASN1_INTEGER_new()) == NULL)
1008 goto err;
1009
1010 if ((in = BIO_new_file(serialfile, "r")) == NULL) {
1011 ERR_clear_error();
1012 BIO_printf(bio_err, "Warning: could not open file %s for "
1013 "reading, using serial number: 1\n", serialfile);
1014 if (!ASN1_INTEGER_set(serial, 1))
1015 goto err;
1016 } else {
1017 char buf[1024];
1018 if (!a2i_ASN1_INTEGER(in, serial, buf, sizeof(buf))) {
1019 BIO_printf(bio_err, "unable to load number from %s\n",
1020 serialfile);
1021 goto err;
1022 }
1023 if ((bn = ASN1_INTEGER_to_BN(serial, NULL)) == NULL)
1024 goto err;
1025 ASN1_INTEGER_free(serial);
1026 serial = NULL;
1027 if (!BN_add_word(bn, 1))
1028 goto err;
1029 if ((serial = BN_to_ASN1_INTEGER(bn, NULL)) == NULL)
1030 goto err;
1031 }
1032 ret = 1;
1033 err:
1034 if (!ret) {
1035 ASN1_INTEGER_free(serial);
1036 serial = NULL;
1037 }
1038 BIO_free_all(in);
1039 BN_free(bn);
1040 return serial;
1041 }
1042
1043 static int
save_ts_serial(const char * serialfile,ASN1_INTEGER * serial)1044 save_ts_serial(const char *serialfile, ASN1_INTEGER *serial)
1045 {
1046 int ret = 0;
1047 BIO *out = NULL;
1048
1049 if ((out = BIO_new_file(serialfile, "w")) == NULL)
1050 goto err;
1051 if (i2a_ASN1_INTEGER(out, serial) <= 0)
1052 goto err;
1053 if (BIO_puts(out, "\n") <= 0)
1054 goto err;
1055 ret = 1;
1056 err:
1057 if (!ret)
1058 BIO_printf(bio_err, "could not save serial number to %s\n",
1059 serialfile);
1060 BIO_free_all(out);
1061 return ret;
1062 }
1063
1064 /*
1065 * Verify-related method definitions.
1066 */
1067
1068 static int
verify_command(char * data,char * digest,char * queryfile,char * in,int token_in,char * ca_path,char * ca_file,char * untrusted)1069 verify_command(char *data, char *digest, char *queryfile, char *in,
1070 int token_in, char *ca_path, char *ca_file, char *untrusted)
1071 {
1072 BIO *in_bio = NULL;
1073 PKCS7 *token = NULL;
1074 TS_RESP *response = NULL;
1075 TS_VERIFY_CTX *verify_ctx = NULL;
1076 int ret = 0;
1077
1078 /* Decode the token (PKCS7) or response (TS_RESP) files. */
1079 if ((in_bio = BIO_new_file(in, "rb")) == NULL)
1080 goto end;
1081 if (token_in) {
1082 if ((token = d2i_PKCS7_bio(in_bio, NULL)) == NULL)
1083 goto end;
1084 } else {
1085 if ((response = d2i_TS_RESP_bio(in_bio, NULL)) == NULL)
1086 goto end;
1087 }
1088
1089 if ((verify_ctx = create_verify_ctx(data, digest, queryfile,
1090 ca_path, ca_file, untrusted)) == NULL)
1091 goto end;
1092
1093 /* Checking the token or response against the request. */
1094 ret = token_in ?
1095 TS_RESP_verify_token(verify_ctx, token) :
1096 TS_RESP_verify_response(verify_ctx, response);
1097
1098 end:
1099 printf("Verification: ");
1100 if (ret)
1101 printf("OK\n");
1102 else {
1103 printf("FAILED\n");
1104 /* Print errors, if there are any. */
1105 ERR_print_errors(bio_err);
1106 }
1107
1108 /* Clean up. */
1109 BIO_free_all(in_bio);
1110 PKCS7_free(token);
1111 TS_RESP_free(response);
1112 TS_VERIFY_CTX_free(verify_ctx);
1113 return ret;
1114 }
1115
1116 static TS_VERIFY_CTX *
create_verify_ctx(char * data,char * digest,char * queryfile,char * ca_path,char * ca_file,char * untrusted)1117 create_verify_ctx(char *data, char *digest, char *queryfile, char *ca_path,
1118 char *ca_file, char *untrusted)
1119 {
1120 TS_VERIFY_CTX *ctx = NULL;
1121 BIO *input = NULL;
1122 TS_REQ *request = NULL;
1123 X509_STORE *store;
1124 STACK_OF(X509) *certs;
1125 int ret = 0;
1126
1127 if (data != NULL || digest != NULL) {
1128 if ((ctx = TS_VERIFY_CTX_new()) == NULL)
1129 goto err;
1130 TS_VERIFY_CTX_set_flags(ctx, TS_VFY_VERSION | TS_VFY_SIGNER);
1131 if (data != NULL) {
1132 BIO *data_bio;
1133
1134 TS_VERIFY_CTX_add_flags(ctx, TS_VFY_DATA);
1135 if ((data_bio = BIO_new_file(data, "rb")) == NULL)
1136 goto err;
1137 TS_VERIFY_CTX_set_data(ctx, data_bio);
1138 } else if (digest != NULL) {
1139 unsigned char *imprint;
1140 long imprint_len;
1141
1142 TS_VERIFY_CTX_add_flags(ctx, TS_VFY_IMPRINT);
1143 if ((imprint = string_to_hex(digest,
1144 &imprint_len)) == NULL) {
1145 BIO_printf(bio_err, "invalid digest string\n");
1146 goto err;
1147 }
1148 TS_VERIFY_CTX_set_imprint(ctx, imprint, imprint_len);
1149 }
1150 } else if (queryfile != NULL) {
1151 /*
1152 * The request has just to be read, decoded and converted to
1153 * a verify context object.
1154 */
1155 if ((input = BIO_new_file(queryfile, "rb")) == NULL)
1156 goto err;
1157 if ((request = d2i_TS_REQ_bio(input, NULL)) == NULL)
1158 goto err;
1159 if ((ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL)) == NULL)
1160 goto err;
1161 } else
1162 return NULL;
1163
1164 /* Add the signature verification flag and arguments. */
1165 TS_VERIFY_CTX_add_flags(ctx, TS_VFY_SIGNATURE);
1166
1167 /* Initialising the X509_STORE object. */
1168 if ((store = create_cert_store(ca_path, ca_file)) == NULL)
1169 goto err;
1170 TS_VERIFY_CTX_set_store(ctx, store);
1171
1172 /* Loading untrusted certificates. */
1173 if (untrusted != NULL) {
1174 if ((certs = TS_CONF_load_certs(untrusted)) == NULL)
1175 goto err;
1176 TS_VERIFY_CTX_set_certs(ctx, certs);
1177 }
1178
1179 ret = 1;
1180 err:
1181 if (!ret) {
1182 TS_VERIFY_CTX_free(ctx);
1183 ctx = NULL;
1184 }
1185 BIO_free_all(input);
1186 TS_REQ_free(request);
1187 return ctx;
1188 }
1189
1190 static X509_STORE *
create_cert_store(char * ca_path,char * ca_file)1191 create_cert_store(char *ca_path, char *ca_file)
1192 {
1193 X509_STORE *cert_ctx = NULL;
1194 X509_LOOKUP *lookup = NULL;
1195 int i;
1196
1197 /* Creating the X509_STORE object. */
1198 if ((cert_ctx = X509_STORE_new()) == NULL)
1199 goto err;
1200
1201 /* Setting the callback for certificate chain verification. */
1202 X509_STORE_set_verify_cb(cert_ctx, verify_cb);
1203
1204 /* Adding a trusted certificate directory source. */
1205 if (ca_path != NULL) {
1206 lookup = X509_STORE_add_lookup(cert_ctx,
1207 X509_LOOKUP_hash_dir());
1208 if (lookup == NULL) {
1209 BIO_printf(bio_err, "memory allocation failure\n");
1210 goto err;
1211 }
1212 i = X509_LOOKUP_add_dir(lookup, ca_path, X509_FILETYPE_PEM);
1213 if (!i) {
1214 BIO_printf(bio_err, "Error loading directory %s\n",
1215 ca_path);
1216 goto err;
1217 }
1218 }
1219 /* Adding a trusted certificate file source. */
1220 if (ca_file != NULL) {
1221 lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
1222 if (lookup == NULL) {
1223 BIO_printf(bio_err, "memory allocation failure\n");
1224 goto err;
1225 }
1226 i = X509_LOOKUP_load_file(lookup, ca_file, X509_FILETYPE_PEM);
1227 if (!i) {
1228 BIO_printf(bio_err, "Error loading file %s\n", ca_file);
1229 goto err;
1230 }
1231 }
1232 return cert_ctx;
1233 err:
1234 X509_STORE_free(cert_ctx);
1235 return NULL;
1236 }
1237
1238 static int
verify_cb(int ok,X509_STORE_CTX * ctx)1239 verify_cb(int ok, X509_STORE_CTX *ctx)
1240 {
1241 /*
1242 char buf[256];
1243
1244 if (!ok)
1245 {
1246 X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),
1247 buf, sizeof(buf));
1248 printf("%s\n", buf);
1249 printf("error %d at %d depth lookup: %s\n",
1250 ctx->error, ctx->error_depth,
1251 X509_verify_cert_error_string(ctx->error));
1252 }
1253 */
1254
1255 return ok;
1256 }
1257