wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Public API for Certificate Transparency

Browse source 
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Rob Percival 2016-02-25 18:11:16 +00:00 committed by Rich Salz
parent 186d04a543
commit 0cea8832df
20 changed files with 785 additions and 505 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
Configurations/descrip.mms.tmpl
View file

@ -50,15 +50,13 @@
}
my $sd1 = sourcedir("ssl","record");
my $sd2 = sourcedir("ssl","statem");
$unified_info{before}->{"[.crypto.ct]ct_lib.OBJ"}
= $unified_info{before}->{"[.test]heartbeat_test.OBJ"}
$unified_info{before}->{"[.test]heartbeat_test.OBJ"}
= $unified_info{before}->{"[.test]ssltest.OBJ"}
= qq(record = F\$PARSE("$sd1","A.;",,,"SYNTAX_ONLY") - "A.;"
define record 'record'
statem = F\$PARSE("$sd2","A.;",,,"SYNTAX_ONLY") - "A.;"
define statem 'statem');
$unified_info{after}->{"[.crypto.ct]ct_lib.OBJ"}
= $unified_info{after}->{"[.test]heartbeat_test.OBJ"}
$unified_info{after}->{"[.test]heartbeat_test.OBJ"}
= $unified_info{after}->{"[.test]ssltest.OBJ"}
= qq(deassign statem
deassign record);

2
Configurations/unix-Makefile.tmpl
View file

@ -650,8 +650,6 @@ errors:
$(PERL) ../util/mkerr.pl -conf $$e \
-nostatic -staticloader -write *.c; \
done )
( cd $(SRCDIR)/crypto/ct; \
$(PERL) ../../util/mkerr.pl -conf ct.ec -hprefix internal/ -write *.c )
ordinals:
( b=`pwd`; cd $(SRCDIR); $(PERL) -I$$b util/mkdef.pl crypto update )

1
Makefile.in
View file

@ -521,7 +521,6 @@ errors:
$(PERL) util/ck_errf.pl -strict */*.c */*/*.c
$(PERL) util/mkerr.pl -recurse -write
(cd engines; $(MAKE) PERL=$(PERL) errors)
(cd crypto/ct; $(MAKE) PERL=$(PERL) errors)
ordinals: util/libeay.num util/ssleay.num test_ordinals TABLE
util/libeay.num::

9
crypto/ct/Makefile.in
View file

@ -15,8 +15,8 @@ CFLAGS= $(INCLUDES) $(CFLAG) $(SHARED_CFLAG)
GENERAL=Makefile
LIB=$(TOP)/libcrypto.a
LIBSRC= ct_lib.c ct_err.c ct_oct.c ct_prn.c
LIBOBJ= ct_lib.o ct_err.o ct_oct.o ct_prn.o
LIBSRC= ct_err.c ct_oct.c ct_prn.c ct_sct.c ct_x509v3.c
LIBOBJ= ct_err.o ct_oct.o ct_prn.o ct_sct.o ct_x509v3.o
SRC= $(LIBSRC)
@ -27,8 +27,6 @@ ALL= $(GENERAL) $(SRC) $(HEADER)
top:
(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
test:
all: lib
lib: $(LIBOBJ)
@ -39,9 +37,6 @@ lib: $(LIBOBJ)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
errors:
$(PERL) $(TOP)/util/mkerr.pl -conf ct.ec -hprefix internal/ -write *.c
depend:
$(TOP)/util/domd $(CFLAG) $(INCLUDES) -- $(PROGS) $(LIBSRC)

2
crypto/ct/build.info
View file

@ -1,2 +1,2 @@
LIBS=../../libcrypto
SOURCE[../../libcrypto]= ct_lib.c ct_err.c ct_oct.c ct_prn.c
SOURCE[../../libcrypto]= ct_err.c ct_oct.c ct_prn.c ct_sct.c ct_x509v3.c

6
crypto/ct/ct.ec
View file

@ -1,6 +0,0 @@
# crypto/ct/ct.ec
# configuration file for util/mkerr.pl
# files that may have to be rewritten by util/mkerr.pl
L CT ../../crypto/include/internal/ct_int.h ct_err.c

3
crypto/ct/ct_err.c
View file

@ -1,4 +1,3 @@
/* ct_err.c */
/* ====================================================================
* Copyright (c) 1999-2016 The OpenSSL Project. All rights reserved.
*
@ -61,7 +60,7 @@
#include <stdio.h>
#include <openssl/err.h>
#include <internal/ct_int.h>
#include <openssl/ct.h>
/* BEGIN ERROR CODES */
#ifndef OPENSSL_NO_ERR

110
crypto/ct/ct_locl.h Normal file
View file

@ -0,0 +1,110 @@
/*
* Written by Rob Percival (robpercival@google.com) for the OpenSSL project.
*/
/* ====================================================================
* Copyright (c) 2016 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifdef OPENSSL_NO_CT
# error CT is disabled.
#endif
#include <stddef.h>
#include <openssl/ct.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/safestack.h>
/*
* From RFC6962: opaque SerializedSCT<1..2^16-1>; struct { SerializedSCT
* sct_list <1..2^16-1>; } SignedCertificateTimestampList;
*/
# define MAX_SCT_SIZE 65535
# define MAX_SCT_LIST_SIZE MAX_SCT_SIZE
/* Signed Certificate Timestamp */
struct sct_st {
sct_version_t version;
/* If version is not SCT_VERSION_V1, this contains the encoded SCT */
unsigned char *sct;
size_t sct_len;
/* If version is SCT_VERSION_V1, fields below contain components of the SCT */
unsigned char *log_id;
size_t log_id_len;
/*
* Note, we cannot distinguish between an unset timestamp, and one
* that is set to 0. However since CT didn't exist in 1970, no real
* SCT should ever be set as such.
*/
uint64_t timestamp;
unsigned char *ext;
size_t ext_len;
unsigned char hash_alg;
unsigned char sig_alg;
unsigned char *sig;
size_t sig_len;
/* Log entry type */
ct_log_entry_type_t entry_type;
};
/*
* Does this SCT have the minimum fields populated to be usuable?
* Returns 1 if so, 0 otherwise.
*/
int SCT_is_complete(const SCT *sct);
/*
* Does this SCT have the signature-related fields populated?
* Returns 1 if so, 0 otherwise.
* This checks that the signature and hash algorithms are set to supported
* values and that the signature field is set.
*/
int SCT_signature_is_complete(const SCT *sct);

147
crypto/ct/ct_oct.c
View file

@ -55,82 +55,44 @@
* Hudson (tjh@cryptsoft.com).
*
*/
#ifndef OPENSSL_NO_CT
# include <limits.h>
# include "internal/cryptlib.h"
# include <openssl/asn1.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/x509v3.h>
# include "crypto/include/internal/ct_int.h"
#ifdef OPENSSL_NO_CT
# error "CT is disabled"
#endif
# define n2s(c,s) ((s=(((unsigned int)((c)[0]))<< 8)| \
(((unsigned int)((c)[1])) )),c+=2)
#include <limits.h>
#include <string.h>
# define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
c[1]=(unsigned char)(((s) )&0xff)),c+=2)
#include <openssl/asn1.h>
#include <openssl/buffer.h>
#include <openssl/ct.h>
#include <openssl/err.h>
# define n2l8(c,l) (l =((uint64_t)(*((c)++)))<<56, \
l|=((uint64_t)(*((c)++)))<<48, \
l|=((uint64_t)(*((c)++)))<<40, \
l|=((uint64_t)(*((c)++)))<<32, \
l|=((uint64_t)(*((c)++)))<<24, \
l|=((uint64_t)(*((c)++)))<<16, \
l|=((uint64_t)(*((c)++)))<< 8, \
l|=((uint64_t)(*((c)++))))
#include "ct_locl.h"
# define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
*((c)++)=(unsigned char)(((l)>>48)&0xff), \
*((c)++)=(unsigned char)(((l)>>40)&0xff), \
*((c)++)=(unsigned char)(((l)>>32)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
#define n2s(c,s) ((s=(((unsigned int)((c)[0]))<< 8)| \
(((unsigned int)((c)[1])) )),c+=2)
static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
const unsigned char **pp, int len);
static int i2d_SCT_LIST(STACK_OF(SCT) *a, unsigned char **pp);
static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
BIO *out, int indent);
#define s2n(s,c) ((c[0]=(unsigned char)(((s)>> 8)&0xff), \
c[1]=(unsigned char)(((s) )&0xff)),c+=2)
static char *i2s_poison(const X509V3_EXT_METHOD *method, void *val)
{
return OPENSSL_strdup("NULL");
}
const X509V3_EXT_METHOD v3_ct_scts[] = {
{ NID_ct_precert_scts, 0, NULL,
0, (X509V3_EXT_FREE)SCT_LIST_free,
(X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
0, 0, 0, 0,
(X509V3_EXT_I2R)i2r_SCT_LIST, 0,
NULL },
{ NID_ct_precert_poison, 0, ASN1_ITEM_ref(ASN1_NULL),
0, 0, 0, 0, i2s_poison, 0,
0, 0, 0, 0, NULL },
{ NID_ct_cert_scts, 0, NULL,
0, (X509V3_EXT_FREE)SCT_LIST_free,
(X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
0, 0, 0, 0,
(X509V3_EXT_I2R)i2r_SCT_LIST, 0,
NULL },
};
int SCT_signature_is_valid(const SCT *sct)
{
if (SCT_get_signature_nid(sct) == NID_undef ||
sct->sig_len == 0 || sct->sig == NULL) {
return 0;
}
return 1;
}
#define n2l8(c,l) (l =((uint64_t)(*((c)++)))<<56, \
l|=((uint64_t)(*((c)++)))<<48, \
l|=((uint64_t)(*((c)++)))<<40, \
l|=((uint64_t)(*((c)++)))<<32, \
l|=((uint64_t)(*((c)++)))<<24, \
l|=((uint64_t)(*((c)++)))<<16, \
l|=((uint64_t)(*((c)++)))<< 8, \
l|=((uint64_t)(*((c)++))))
#define l2n8(l,c) (*((c)++)=(unsigned char)(((l)>>56)&0xff), \
*((c)++)=(unsigned char)(((l)>>48)&0xff), \
*((c)++)=(unsigned char)(((l)>>40)&0xff), \
*((c)++)=(unsigned char)(((l)>>32)&0xff), \
*((c)++)=(unsigned char)(((l)>>24)&0xff), \
*((c)++)=(unsigned char)(((l)>>16)&0xff), \
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
{
@ -138,7 +100,7 @@ int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
size_t len_remaining = len;
const unsigned char *p = *in;
if (sct->version != SCT_V1) {
if (sct->version != SCT_VERSION_V1) {
CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION);
return -1;
}
@ -193,7 +155,7 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len)
p = *in;
sct->version = *p;
if (sct->version == SCT_V1) {
if (sct->version == SCT_VERSION_V1) {
int sig_len;
size_t len2;
/*
@ -207,11 +169,11 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len)
}
len -= 43;
p++;
sct->log_id = BUF_memdup(p, SCT_V1_HASHLEN);
sct->log_id = BUF_memdup(p, CT_V1_HASHLEN);
if (sct->log_id == NULL)
goto err;
sct->log_id_len = SCT_V1_HASHLEN;
p += SCT_V1_HASHLEN;
sct->log_id_len = CT_V1_HASHLEN;
p += CT_V1_HASHLEN;
n2l8(p, sct->timestamp);
@ -261,12 +223,12 @@ int i2o_SCT_signature(const SCT *sct, unsigned char **out)
size_t len;
unsigned char *p = NULL;
if (!SCT_signature_is_valid(sct)) {
if (!SCT_signature_is_complete(sct)) {
CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
goto err;
}
if (sct->version != SCT_V1) {
if (sct->version != SCT_VERSION_V1) {
CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION);
goto err;
}
@ -308,7 +270,7 @@ int i2o_SCT(const SCT *sct, unsigned char **out)
size_t len;
unsigned char *p = NULL;
if (!SCT_is_valid(sct)) {
if (!SCT_is_complete(sct)) {
CTerr(CT_F_I2O_SCT, CT_R_SCT_NOT_SET);
goto err;
}
@ -318,7 +280,7 @@ int i2o_SCT(const SCT *sct, unsigned char **out)
* extensions; (1 byte) Hash algorithm (1 byte) Signature algorithm (2
* bytes + ?) Signature
*/
if (sct->version == SCT_V1)
if (sct->version == SCT_VERSION_V1)
len = 43 + sct->ext_len + 4 + sct->sig_len;
else
len = sct->sct_len;
@ -338,10 +300,10 @@ int i2o_SCT(const SCT *sct, unsigned char **out)
*out = p;
}
if (sct->version == SCT_V1) {
if (sct->version == SCT_VERSION_V1) {
*p++ = sct->version;
memcpy(p, sct->log_id, SCT_V1_HASHLEN);
p += SCT_V1_HASHLEN;
memcpy(p, sct->log_id, CT_V1_HASHLEN);
p += CT_V1_HASHLEN;
l2n8(sct->timestamp, p);
s2n(sct->ext_len, p);
if (sct->ext_len > 0) {
@ -429,7 +391,7 @@ STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
return NULL;
}
int i2o_SCT_LIST(STACK_OF(SCT) *a, unsigned char **pp)
int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp)
{
int len, sct_len, i, is_pp_new = 0;
size_t len2;
@ -484,8 +446,8 @@ int i2o_SCT_LIST(STACK_OF(SCT) *a, unsigned char **pp)
return -1;
}
static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
const unsigned char **pp, int len)
STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
long len)
{
ASN1_OCTET_STRING *oct = NULL;
STACK_OF(SCT) *sk = NULL;
@ -503,7 +465,7 @@ static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
return sk;
}
static int i2d_SCT_LIST(STACK_OF(SCT) *a, unsigned char **out)
int i2d_SCT_LIST(STACK_OF(SCT) *a, unsigned char **out)
{
ASN1_OCTET_STRING oct;
int len;
@ -516,20 +478,3 @@ static int i2d_SCT_LIST(STACK_OF(SCT) *a, unsigned char **out)
OPENSSL_free(oct.data);
return len;
}
static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
BIO *out, int indent)
{
int i;
for (i = 0; i < sk_SCT_num(sct_list); ++i) {
SCT *sct = sk_SCT_value(sct_list, i);
SCT_print(sct, out, indent);
if (i < sk_SCT_num(sct_list) - 1)
BIO_printf(out, "\n");
}
return 1;
}
#endif

40
crypto/ct/ct_prn.c
View file

@ -56,17 +56,16 @@
*
*/
#ifndef OPENSSL_NO_CT
#ifdef OPENSSL_NO_CT
# error "CT is disabled"
#endif
# include <limits.h>
# include "internal/cryptlib.h"
# include <openssl/asn1.h>
# include <openssl/evp.h>
# include <openssl/x509.h>
# include <openssl/x509v3.h>
# include "crypto/include/internal/ct_int.h"
#include <openssl/asn1.h>
#include <openssl/bio.h>
static void sct_sigalg_print(BIO *out, const SCT *sct)
#include "ct_locl.h"
static void SCT_signature_algorithms_print(const SCT *sct, BIO *out)
{
int nid = SCT_get_signature_nid(sct);
@ -76,7 +75,7 @@ static void sct_sigalg_print(BIO *out, const SCT *sct)
BIO_printf(out, "%s", OBJ_nid2ln(nid));
}
static void timestamp_print(BIO *out, uint64_t timestamp)
static void timestamp_print(uint64_t timestamp, BIO *out)
{
ASN1_GENERALIZEDTIME *gen = ASN1_GENERALIZEDTIME_new();
char genstr[20];
@ -95,12 +94,12 @@ static void timestamp_print(BIO *out, uint64_t timestamp)
ASN1_GENERALIZEDTIME_free(gen);
}
void SCT_print(SCT *sct, BIO *out, int indent)
void SCT_print(const SCT *sct, BIO *out, int indent)
{
BIO_printf(out, "%*sSigned Certificate Timestamp:", indent, "");
BIO_printf(out, "\n%*sVersion : ", indent + 4, "");
if (sct->version != SCT_V1) {
if (sct->version != SCT_VERSION_V1) {
BIO_printf(out, "unknown\n%*s", indent + 16, "");
BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sct_len);
return;
@ -112,7 +111,7 @@ void SCT_print(SCT *sct, BIO *out, int indent)
BIO_hex_string(out, indent + 16, 16, sct->log_id, sct->log_id_len);
BIO_printf(out, "\n%*sTimestamp : ", indent + 4, "");
timestamp_print(out, sct->timestamp);
timestamp_print(sct->timestamp, out);
BIO_printf(out, "\n%*sExtensions: ", indent + 4, "");
if (sct->ext_len == 0)
@ -121,9 +120,20 @@ void SCT_print(SCT *sct, BIO *out, int indent)
BIO_hex_string(out, indent + 16, 16, sct->ext, sct->ext_len);
BIO_printf(out, "\n%*sSignature : ", indent + 4, "");
sct_sigalg_print(out, sct);
SCT_signature_algorithms_print(sct, out);
BIO_printf(out, "\n%*s ", indent + 4, "");
BIO_hex_string(out, indent + 16, 16, sct->sig, sct->sig_len);
}
#endif
void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
const char *separator)
{
int i;
for (i = 0; i < sk_SCT_num(sct_list); ++i) {
SCT *sct = sk_SCT_value(sct_list, i);
SCT_print(sct, out, indent);
if (i < sk_SCT_num(sct_list) - 1)
BIO_printf(out, "%s", separator);
}
}

99
crypto/ct/ct_lib.c → crypto/ct/ct_sct.c
View file

@ -1,6 +1,6 @@
/*
* Written by Rob Stradling (rob@comodo.com) and Stephen Henson
* (steve@openssl.org) for the OpenSSL project 2014.
* Written by Rob Stradling (rob@comodo.com), Stephen Henson (steve@openssl.org)
* and Adam Eijdenberg (adam.eijdenberg@gmail.com) for the OpenSSL project 2016.
*/
/* ====================================================================
* Copyright (c) 2014 The OpenSSL Project. All rights reserved.
@ -56,39 +56,47 @@
*
*/
#ifndef OPENSSL_NO_CT
#ifdef OPENSSL_NO_CT
# error "CT disabled"
#endif
# include <limits.h>
# include "internal/cryptlib.h"
# include "../../ssl/ssl_locl.h"
# include "internal/ct_int.h"
#include <openssl/ct.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/tls1.h>
#include <openssl/x509.h>
#include "ct_locl.h"
SCT *SCT_new(void)
{
SCT *sct = OPENSSL_zalloc(sizeof(SCT));
if (sct == NULL) {
CTerr(CT_F_SCT_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
sct->entry_type = UNSET_ENTRY;
sct->version = UNSET_VERSION;
sct->entry_type = CT_LOG_ENTRY_TYPE_NOT_SET;
sct->version = SCT_VERSION_NOT_SET;
return sct;
}
void SCT_free(SCT *sct)
{
if (sct != NULL) {
OPENSSL_free(sct->log_id);
OPENSSL_free(sct->ext);
OPENSSL_free(sct->sig);
OPENSSL_free(sct->sct);
OPENSSL_free(sct);
}
if (sct == NULL)
return;
OPENSSL_free(sct->log_id);
OPENSSL_free(sct->ext);
OPENSSL_free(sct->sig);
OPENSSL_free(sct->sct);
OPENSSL_free(sct);
}
int SCT_set_version(SCT *sct, sct_version_t version)
{
if (version != SCT_V1) {
if (version != SCT_VERSION_V1) {
CTerr(CT_F_SCT_SET_VERSION, CT_R_UNSUPPORTED_VERSION);
return 0;
}
@ -96,23 +104,26 @@ int SCT_set_version(SCT *sct, sct_version_t version)
return 1;
}
int SCT_set_log_entry_type(SCT *sct, log_entry_type_t entry_type)
int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type)
{
if (entry_type != X509_ENTRY && entry_type != PRECERT_ENTRY) {
switch (entry_type) {
case CT_LOG_ENTRY_TYPE_X509:
case CT_LOG_ENTRY_TYPE_PRECERT:
sct->entry_type = entry_type;
return 1;
default:
CTerr(CT_F_SCT_SET_LOG_ENTRY_TYPE, CT_R_UNSUPPORTED_ENTRY_TYPE);
return 0;
}
sct->entry_type = entry_type;
return 1;
}
int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len)
{
/* Currently only SHA-256 allowed so length must be SCT_V1_HASHLEN */
if (log_id_len != SCT_V1_HASHLEN) {
if (sct->version == SCT_VERSION_V1 && log_id_len != CT_V1_HASHLEN) {
CTerr(CT_F_SCT_SET0_LOG_ID, CT_R_INVALID_LOG_ID_LENGTH);
return 0;
}
OPENSSL_free(sct->log_id);
sct->log_id = log_id;
sct->log_id_len = log_id_len;
@ -121,25 +132,23 @@ int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len)
int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len)
{
/* Currently only SHA-256 allowed so length must be SCT_V1_HASHLEN */
if (log_id_len != SCT_V1_HASHLEN) {
if (sct->version == SCT_VERSION_V1 && log_id_len != CT_V1_HASHLEN) {
CTerr(CT_F_SCT_SET1_LOG_ID, CT_R_INVALID_LOG_ID_LENGTH);
return 0;
}
OPENSSL_free(sct->log_id);
if (log_id == NULL || log_id_len == 0) {
sct->log_id = NULL;
} else {
sct->log_id = OPENSSL_memdup(log_id, log_id_len);
sct->log_id = NULL;
sct->log_id_len = 0;
if (log_id != NULL && log_id_len > 0) {
sct->log_id = OPENSSL_memdup(log_id, log_id_len);
if (sct->log_id == NULL) {
CTerr(CT_F_SCT_SET1_LOG_ID, ERR_R_MALLOC_FAILURE);
return 0;
}
sct->log_id_len = log_id_len;
}
sct->log_id_len = log_id_len;
return 1;
}
@ -200,16 +209,17 @@ void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len)
int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len)
{
OPENSSL_free(sct->sig);
if (sig == NULL || sig_len == 0) {
sct->sig = NULL;
} else {
sct->sig = NULL;
sct->sig_len = 0;
if (sig != NULL && sig_len > 0) {
sct->sig = OPENSSL_memdup(sig, sig_len);
if (sct->sig == NULL) {
CTerr(CT_F_SCT_SET1_SIGNATURE, ERR_R_MALLOC_FAILURE);
return 0;
}
sct->sig_len = sig_len;
}
sct->sig_len = sig_len;
return 1;
}
@ -218,7 +228,7 @@ sct_version_t SCT_get_version(const SCT *sct)
return sct->version;
}
log_entry_type_t SCT_get_log_entry_type(const SCT *sct)
ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct)
{
return sct->entry_type;
}
@ -236,7 +246,7 @@ uint64_t SCT_get_timestamp(const SCT *sct)
int SCT_get_signature_nid(const SCT *sct)
{
if (sct->version == SCT_V1) {
if (sct->version == SCT_VERSION_V1) {
if (sct->hash_alg == TLSEXT_hash_sha256) {
switch (sct->sig_alg) {
case TLSEXT_signature_ecdsa:
@ -263,16 +273,21 @@ size_t SCT_get0_signature(const SCT *sct, unsigned char **sig)
return sct->sig_len;
}
int SCT_is_valid(const SCT *sct)
int SCT_is_complete(const SCT *sct)
{
switch (sct->version) {
case UNSET_VERSION:
case SCT_VERSION_NOT_SET:
return 0;
case SCT_V1:
return sct->log_id != NULL && SCT_signature_is_valid(sct);
case SCT_VERSION_V1:
return sct->log_id != NULL && SCT_signature_is_complete(sct);
default:
return sct->sct != NULL; /* Just need cached encoding */
}
}
#endif
int SCT_signature_is_complete(const SCT *sct)
{
return SCT_get_signature_nid(sct) != NID_undef &&
sct->sig != NULL && sct->sig_len > 0;
}

109
crypto/ct/ct_x509v3.c Normal file
View file

@ -0,0 +1,109 @@
/*
* Written by Rob Stradling (rob@comodo.com) and Stephen Henson
* (steve@openssl.org) for the OpenSSL project 2014.
*/
/* ====================================================================
* Copyright (c) 2014 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#ifdef OPENSSL_NO_CT
# error "CT is disabled"
#endif
#include <openssl/bio.h>
#include <openssl/ct.h>
#include <openssl/obj_mac.h>
#include <openssl/x509v3.h>
#include "internal/ct_int.h"
static char *i2s_poison(const X509V3_EXT_METHOD *method, void *val)
{
return OPENSSL_strdup("NULL");
}
static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
BIO *out, int indent)
{
SCT_LIST_print(sct_list, out, indent, "\n");
return 1;
}
/* Handlers for X509v3/OCSP Certificate Transparency extensions */
const X509V3_EXT_METHOD v3_ct_scts[] = {
/* X509v3 extension in certificates that contains SCTs */
{ NID_ct_precert_scts, 0, NULL,
NULL, (X509V3_EXT_FREE)SCT_LIST_free,
(X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
NULL, NULL,
NULL, NULL,
(X509V3_EXT_I2R)i2r_SCT_LIST, NULL,
NULL },
/* X509v3 extension to mark a certificate as a pre-certificate */
{ NID_ct_precert_poison, 0, ASN1_ITEM_ref(ASN1_NULL),
NULL, NULL, NULL, NULL,
i2s_poison, NULL,
NULL, NULL,
NULL, NULL,
NULL },
/* OCSP extension that contains SCTs */
{ NID_ct_cert_scts, 0, NULL,
0, (X509V3_EXT_FREE)SCT_LIST_free,
(X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
NULL, NULL,
NULL, NULL,
(X509V3_EXT_I2R)i2r_SCT_LIST, NULL,
NULL },
};

1
crypto/err/err.c
View file

@ -155,6 +155,7 @@ static ERR_STRING_DATA ERR_str_libraries[] = {
{ERR_PACK(ERR_LIB_FIPS, 0, 0), "FIPS routines"},
{ERR_PACK(ERR_LIB_CMS, 0, 0), "CMS routines"},
{ERR_PACK(ERR_LIB_HMAC, 0, 0), "HMAC routines"},
{ERR_PACK(ERR_LIB_CT, 0, 0), "CT routines"},
{ERR_PACK(ERR_LIB_ASYNC, 0, 0), "ASYNC routines"},
{0, NULL},
};

4
crypto/err/err_all.c
View file

@ -98,7 +98,9 @@
#ifndef OPENSSL_NO_CMS
# include <openssl/cms.h>
#endif
#include <internal/ct_int.h>
#ifndef OPENSSL_NO_CT
# include <openssl/ct.h>
#endif
#include <openssl/async.h>
void err_load_crypto_strings_intern(void)

3
crypto/err/openssl.ec
View file

@ -33,6 +33,7 @@ L TS include/openssl/ts.h crypto/ts/ts_err.c
L HMAC include/openssl/hmac.h crypto/hmac/hmac_err.c
L CMS include/openssl/cms.h crypto/cms/cms_err.c
L FIPS include/openssl/fips.h crypto/fips_err.h
L CT include/openssl/ct.h crypto/ct/ct_err.c
L ASYNC include/openssl/async.h crypto/async/async_err.c
# additional header files to be scanned for function names
@ -40,10 +41,10 @@ L NONE crypto/x509/x509_vfy.h NONE
L NONE crypto/ec/ec_lcl.h NONE
L NONE crypto/asn1/asn_lcl.h NONE
L NONE crypto/cms/cms_lcl.h NONE
L NONE crypto/ct/ct_locl.h NONE
L NONE fips/rand/fips_rand.h NONE
L NONE ssl/ssl_locl.h NONE
F RSAREF_F_RSA_BN2BIN
F RSAREF_F_RSA_PRIVATE_DECRYPT
F RSAREF_F_RSA_PRIVATE_ENCRYPT

332
crypto/include/internal/ct_int.h
View file

@ -1,6 +1,6 @@
/*
* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
* 2015.
* Written by Dr Stephen N Henson (steve@openssl.org)
* and Adam Eijdenberg (eijdenberg@google.com) for the OpenSSL project 2015.
*/
/* ====================================================================
* Copyright (c) 2015 The OpenSSL Project. All rights reserved.
@ -51,329 +51,25 @@
* ====================================================================
*
*/
#ifndef HEADER_CT_LOCL_H
# define HEADER_CT_LOCL_H
#ifndef HEADER_CT_INT_H
# define HEADER_CT_INT_H
# ifdef __cplusplus
extern "C" {
# endif
# ifndef OPENSSL_NO_CT
# include <openssl/x509v3.h>
/* All hashes are currently SHA256 */
# define SCT_V1_HASHLEN 32
/* Minimum RSA key size, from RFC6962 */
# define SCT_MIN_RSA_BITS 2048
/*
* From RFC6962: opaque SerializedSCT<1..2^16-1>; struct { SerializedSCT
* sct_list <1..2^16-1>; } SignedCertificateTimestampList;
*/
# define MAX_SCT_SIZE 65535
# define MAX_SCT_LIST_SIZE MAX_SCT_SIZE
typedef enum {
UNSET_ENTRY = -1,
X509_ENTRY = 0,
PRECERT_ENTRY = 1
} log_entry_type_t;
typedef enum {
UNSET_VERSION = -1,
SCT_V1 = 0
} sct_version_t;
typedef struct {
sct_version_t version;
/* If version is not SCT_V1 this contains the encoded SCT */
unsigned char *sct;
size_t sct_len;
/*
* If version is SCT_V1, fields below contain components of the SCT.
* "log_id", "ext" and "sig" point to buffers allocated with
* OPENSSL_malloc().
*/
unsigned char *log_id;
size_t log_id_len;
/*
* Note, we cannot distinguish between an unset timestamp, and one
* that is set to 0. However since CT didn't exist in 1970, no real
* SCT should ever be set as such.
*/
uint64_t timestamp;
unsigned char *ext;
size_t ext_len;
/* TODO(robpercival): Extract the following 4 fields into a struct */
unsigned char hash_alg;
unsigned char sig_alg;
unsigned char *sig;
size_t sig_len;
/* Log entry type */
log_entry_type_t entry_type;
} SCT;
DEFINE_STACK_OF(SCT)
extern const X509V3_EXT_METHOD v3_ct_scts[];
/*
* Allocate new SCT.
* Caller is responsible for calling SCT_free when done.
*/
SCT *SCT_new(void);
/*
* Free SCT and underlying datastructures.
*/
void SCT_free(SCT *sct);
/*
* Set the version of an SCT.
* Returns 1 on success, 0 if the version is unrecognized.
*/
int SCT_set_version(SCT *sct, sct_version_t version);
/*
* Set the log entry type of an SCT.
* Returns 1 on success.
*/
int SCT_set_log_entry_type(SCT *sct, log_entry_type_t entry_type);
/*
* Set the log ID of an SCT to point directly to the *log_id specified.
* The SCT takes ownership of the specified pointer.
* Returns 1 on success.
*/
int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
/*
* Set the log ID of an SCT.
* This makes a copy of the log_id.
* Returns 1 on success.
*/
int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
/*
* Set the timestamp of an SCT.
*/
void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
/*
* Set the signature type of an SCT
* Currently NID_sha256WithRSAEncryption or NID_ecdsa_with_SHA256.
* Returns 1 on success.
*/
int SCT_set_signature_nid(SCT *sct, int nid);
/*
* Set the extensions of an SCT to point directly to the *ext specified.
* The SCT takes ownership of the specified pointer.
*/
void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
/*
* Set the extensions of an SCT.
* This takes a copy of the ext.
* Returns 1 on success.
*/
int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
/*
* Set the signature of an SCT to point directly to the *sig specified.
* The SCT takes ownership of the specified pointer.
*/
void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
/*
* Set the signature of an SCT to be a copy of the *sig specified.
* Returns 1 on success.
*/
int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
/*
* Returns the version of the SCT.
*/
sct_version_t SCT_get_version(const SCT *sct);
/*
* Returns the log entry type of the SCT.
*/
log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
/*
* Set *log_id to point to the log id for the SCT. log_id must not be NULL.
* The SCT retains ownership of this pointer.
* Returns length of the data pointed to.
*/
size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
/*
* Returns the timestamp for the SCT.
*/
uint64_t SCT_get_timestamp(const SCT *sct);
/*
* Return the nid for the signature used by the SCT.
* Currently NID_sha256WithRSAEncryption or NID_ecdsa_with_SHA256
* (or NID_undef).
*/
int SCT_get_signature_nid(const SCT *sct);
/*
* Set *ext to point to the extension data for the SCT. ext must not be NULL.
* The SCT retains ownership of this pointer.
* Returns length of the data pointed to.
*/
size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
/*
* Set *sig to point to the signature for the SCT. sig must not be NULL.
* The SCT retains ownership of this pointer.
* Returns length of the data pointed to.
*/
size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
/*
* Pretty-print debug information about a SCT, indented as specified.
*/
void SCT_print(SCT *sct, BIO *out, int indent);
/*
* Does this SCT have the minimum fields populated to be valid?
* Returns 1 if so, 0 otherwise.
* This does not verify the SCT signature.
*/
int SCT_is_valid(const SCT *sct);
/*
* Is the signature of this SCT valid?
* Returns 1 if so, 0 otherwise.
* This checks that the signature and hash algorithms are supported and that the
* signature field is set.
*/
int SCT_signature_is_valid(const SCT *sct);
/*
* Free a stack of SCTs, and the underlying SCTs themselves.
* Intended to be compatible with X509V3_EXT_FREE.
*/
void SCT_LIST_free(STACK_OF(SCT) *a);
/*
* Serialize (to TLS format) a stack of SCTs and return the length.
* "a" must not be NULL.
* If "pp" is NULL, just return the length of what would have been serialized.
* If "pp" is not NULL and "*pp" is null, function will allocate a new pointer
* for data that caller is responsible for freeing (only if function returns
* successfully).
* If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring
* that "*pp" is large enough to accept all of the serializied data.
* Returns < 0 on error, >= 0 indicating bytes written (or would have been)
* on success.
*/
int i2o_SCT_LIST(STACK_OF(SCT) *a, unsigned char **pp);
/*
* Parses an SCT signature in TLS format and populates the |sct| with it.
* |in| should be a pointer to a string contianing the TLS-format signature.
* |in| will be advanced to the end of the signature if parsing succeeds.
* |len| should be the length of the signature in |in|.
* Returns the number of bytes parsed, or a negative integer if an error occurs.
*/
int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len);
/*
* Parses an SCT in TLS format and returns it.
* If |psct| is not null, it will end up pointing to the parsed SCT. If it
* already points to a non-null pointer, the pointer will be free'd.
* |in| should be a pointer to a string contianing the TLS-format SCT.
* |in| will be advanced to the end of the SCT if parsing succeeds.
* |len| should be the length of the SCT in |in|.
* Returns NULL if an error occurs.
* If the SCT is an unsupported version, only the SCT's 'sct' and 'sct_len'
* fields will be populated (with |in| and |len| respectively).
*/
SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
/*
* Converts an |sct| signature into TLS format and writes it to |out|.
* If |out| is null, no signature will be output but the length will be returned.
* If |out| points to a null pointer, a string will be allocated to hold the
* TLS-format signature. It is the responsibility of the caller to free it.
* If |out| points to an allocated string, the signature will be written to it.
* The length of the signature in TLS format will be returned.
*/
int i2o_SCT_signature(const SCT *sct, unsigned char **out);
/*
* Converts an |sct| into TLS format and writes it to |out|.
* If |out| is null, no SCT will be output but the length will still be returned.
* If |out| points to a null pointer, a string will be allocated to hold the
* TLS-format SCT. It is the responsibility of the caller to free it.
* If |out| points to an allocated string, the TLS-format SCT will be written
* to it.
* The length of the SCT in TLS format will be returned.
*/
int i2o_SCT(const SCT *sct, unsigned char **out);
/*
* Convert TLS format SCT list to a stack of SCTs.
* If "a" or "*a" is NULL, a new stack will be created that the caller is
* responsible for freeing (by calling SCT_LIST_free).
* "**pp" and "*pp" must not be NULL.
* Upon success, "*pp" will point to after the last bytes read, and a stack
* will be returned.
* Upon failure, a NULL pointer will be returned, and the position of "*p" is
* not defined.
*/
STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
size_t len);
# ifdef OPENSSL_NO_CT
# error CT is disabled.
# endif
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CT_strings(void);
# include <openssl/ct.h>
# include <openssl/x509v3.h>
/* Error codes for the CT functions. */
/* Handlers for Certificate Transparency X509v3/OCSP extensions */
extern const X509V3_EXT_METHOD v3_ct_scts[];
/* Function codes. */
# define CT_F_D2I_SCT_LIST 105
# define CT_F_I2D_SCT_LIST 106
# define CT_F_I2O_SCT 107
# define CT_F_I2O_SCT_LIST 108
# define CT_F_I2O_SCT_SIGNATURE 109
# define CT_F_O2I_SCT 110
# define CT_F_O2I_SCT_LIST 111
# define CT_F_O2I_SCT_SIGNATURE 112
# define CT_F_SCT_NEW 100
# define CT_F_SCT_SET0_LOG_ID 101
# define CT_F_SCT_SET1_EXTENSIONS 114
# define CT_F_SCT_SET1_LOG_ID 115
# define CT_F_SCT_SET1_SIGNATURE 116
# define CT_F_SCT_SET_LOG_ENTRY_TYPE 102
# define CT_F_SCT_SET_SIGNATURE_NID 103
# define CT_F_SCT_SET_VERSION 104
# define CT_F_SCT_SIGNATURE_IS_VALID 113
/* Reason codes. */
# define CT_R_INVALID_LOG_ID_LENGTH 100
# define CT_R_SCT_INVALID 104
# define CT_R_SCT_INVALID_SIGNATURE 107
# define CT_R_SCT_LIST_INVALID 105
# define CT_R_SCT_NOT_SET 106
# define CT_R_UNRECOGNIZED_SIGNATURE_NID 101
# define CT_R_UNSUPPORTED_ENTRY_TYPE 102
# define CT_R_UNSUPPORTED_VERSION 103
#ifdef __cplusplus
# ifdef __cplusplus
}
#endif
#endif
# endif
#endif /* HEADER_CT_INT_H */

377
include/openssl/ct.h Normal file
View file

@ -0,0 +1,377 @@
/*
* Public API for Certificate Transparency (CT).
* Written by Rob Percival (robpercival@google.com) for the OpenSSL project.
*/
/* ====================================================================
* Copyright (c) 2016 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*/
#ifdef OPENSSL_NO_CT
# error "CT is disabled"
#endif
#ifndef HEADER_CT_H
# define HEADER_CT_H
# include <openssl/safestack.h>
# include <openssl/x509.h>
# ifdef __cplusplus
extern "C" {
# endif
/* Minimum RSA key size, from RFC6962 */
# define SCT_MIN_RSA_BITS 2048
/* All hashes are SHA256 in v1 of Certificate Transparency */
# define CT_V1_HASHLEN SHA256_DIGEST_LENGTH
typedef enum {
CT_LOG_ENTRY_TYPE_NOT_SET = -1,
CT_LOG_ENTRY_TYPE_X509 = 0,
CT_LOG_ENTRY_TYPE_PRECERT = 1
} ct_log_entry_type_t;
typedef enum {
SCT_VERSION_NOT_SET = -1,
SCT_VERSION_V1 = 0
} sct_version_t;
/*******************
* Data structures *
*******************/
/* Signed Certificate Timestamp (SCT) */
typedef struct sct_st SCT;
DEFINE_STACK_OF(SCT)
/*****************
* SCT functions *
*****************/
/*
* Creates a new, blank SCT.
* The caller is responsible for calling SCT_free when finished with the SCT.
*/
SCT *SCT_new(void);
/*
* Frees the SCT and the underlying data structures.
*/
void SCT_free(SCT *sct);
/*
* Free a stack of SCTs, and the underlying SCTs themselves.
* Intended to be compatible with X509V3_EXT_FREE.
*/
void SCT_LIST_free(STACK_OF(SCT) *a);
/*
* Returns the version of the SCT.
*/
sct_version_t SCT_get_version(const SCT *sct);
/*
* Set the version of an SCT.
* Returns 1 on success, 0 if the version is unrecognized.
*/
int SCT_set_version(SCT *sct, sct_version_t version);
/*
* Returns the log entry type of the SCT.
*/
ct_log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
/*
* Set the log entry type of an SCT.
* Returns 1 on success.
*/
int SCT_set_log_entry_type(SCT *sct, ct_log_entry_type_t entry_type);
/*
* Gets the ID of the log that an SCT came from.
* Ownership of the log ID remains with the SCT.
* Returns the length of the log ID.
*/
size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
/*
* Set the log ID of an SCT to point directly to the *log_id specified.
* The SCT takes ownership of the specified pointer.
* Returns 1 on success.
*/
int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
/*
* Set the log ID of an SCT.
* This makes a copy of the log_id.
* Returns 1 on success.
*/
int SCT_set1_log_id(SCT *sct, const unsigned char *log_id, size_t log_id_len);
/*
* Returns the timestamp for the SCT (epoch time in milliseconds).
*/
uint64_t SCT_get_timestamp(const SCT *sct);
/*
* Set the timestamp of an SCT (epoch time in milliseconds).
*/
void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
/*
* Return the NID for the signature used by the SCT.
* For CT v1, this will be either NID_sha256WithRSAEncryption or
* NID_ecdsa_with_SHA256 (or NID_undef if incorrect/unset).
*/
int SCT_get_signature_nid(const SCT *sct);
/*
* Set the signature type of an SCT
* For CT v1, this should be either NID_sha256WithRSAEncryption or
* NID_ecdsa_with_SHA256.
* Returns 1 on success.
*/
int SCT_set_signature_nid(SCT *sct, int nid);
/*
* Set *ext to point to the extension data for the SCT. ext must not be NULL.
* The SCT retains ownership of this pointer.
* Returns length of the data pointed to.
*/
size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
/*
* Set the extensions of an SCT to point directly to the *ext specified.
* The SCT takes ownership of the specified pointer.
*/
void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
/*
* Set the extensions of an SCT.
* This takes a copy of the ext.
* Returns 1 on success.
*/
int SCT_set1_extensions(SCT *sct, const unsigned char *ext, size_t ext_len);
/*
* Set *sig to point to the signature for the SCT. sig must not be NULL.
* The SCT retains ownership of this pointer.
* Returns length of the data pointed to.
*/
size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
/*
* Set the signature of an SCT to point directly to the *sig specified.
* The SCT takes ownership of the specified pointer.
*/
void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
/*
* Set the signature of an SCT to be a copy of the *sig specified.
* Returns 1 on success.
*/
int SCT_set1_signature(SCT *sct, const unsigned char *sig, size_t sig_len);
/*
* Pretty-prints an |sct| to |out|.
* It will be indented by the number of spaces specified by |indent|.
*/
void SCT_print(const SCT *sct, BIO *out, int indent);
/*
* Pretty-prints an |sct_list| to |out|.
* It will be indented by the number of spaces specified by |indent|.
* SCTs will be delimited by |separator|.
*/
void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
const char *separator);
/*********************************
* SCT parsing and serialisation *
*********************************/
/*
* Serialize (to TLS format) a stack of SCTs and return the length.
* "a" must not be NULL.
* If "pp" is NULL, just return the length of what would have been serialized.
* If "pp" is not NULL and "*pp" is null, function will allocate a new pointer
* for data that caller is responsible for freeing (only if function returns
* successfully).
* If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring
* that "*pp" is large enough to accept all of the serializied data.
* Returns < 0 on error, >= 0 indicating bytes written (or would have been)
* on success.
*/
int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp);
/*
* Convert TLS format SCT list to a stack of SCTs.
* If "a" or "*a" is NULL, a new stack will be created that the caller is
* responsible for freeing (by calling SCT_LIST_free).
* "**pp" and "*pp" must not be NULL.
* Upon success, "*pp" will point to after the last bytes read, and a stack
* will be returned.
* Upon failure, a NULL pointer will be returned, and the position of "*pp" is
* not defined.
*/
STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
size_t len);
/*
* Serialize (to DER format) a stack of SCTs and return the length.
* "a" must not be NULL.
* If "pp" is NULL, just returns the length of what would have been serialized.
* If "pp" is not NULL and "*pp" is null, function will allocate a new pointer
* for data that caller is responsible for freeing (only if function returns
* successfully).
* If "pp" is NULL and "*pp" is not NULL, caller is responsible for ensuring
* that "*pp" is large enough to accept all of the serializied data.
* Returns < 0 on error, >= 0 indicating bytes written (or would have been)
* on success.
*/
int i2d_SCT_LIST(STACK_OF(SCT) *a, unsigned char **pp);
/*
* Parses an SCT list in DER format and returns it.
* If "a" or "*a" is NULL, a new stack will be created that the caller is
* responsible for freeing (by calling SCT_LIST_free).
* "**pp" and "*pp" must not be NULL.
* Upon success, "*pp" will point to after the last bytes read, and a stack
* will be returned.
* Upon failure, a NULL pointer will be returned, and the position of "*pp" is
* not defined.
*/
STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
long len);
/*
* Serialize (to TLS format) an |sct| and write it to |out|.
* If |out| is null, no SCT will be output but the length will still be returned.
* If |out| points to a null pointer, a string will be allocated to hold the
* TLS-format SCT. It is the responsibility of the caller to free it.
* If |out| points to an allocated string, the TLS-format SCT will be written
* to it.
* The length of the SCT in TLS format will be returned.
*/
int i2o_SCT(const SCT *sct, unsigned char **out);
/*
* Parses an SCT in TLS format and returns it.
* If |psct| is not null, it will end up pointing to the parsed SCT. If it
* already points to a non-null pointer, the pointer will be free'd.
* |in| should be a pointer to a string contianing the TLS-format SCT.
* |in| will be advanced to the end of the SCT if parsing succeeds.
* |len| should be the length of the SCT in |in|.
* Returns NULL if an error occurs.
* If the SCT is an unsupported version, only the SCT's 'sct' and 'sct_len'
* fields will be populated (with |in| and |len| respectively).
*/
SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len);
/*
* Serialize (to TLS format) an |sct| signature and write it to |out|.
* If |out| is null, no signature will be output but the length will be returned.
* If |out| points to a null pointer, a string will be allocated to hold the
* TLS-format signature. It is the responsibility of the caller to free it.
* If |out| points to an allocated string, the signature will be written to it.
* The length of the signature in TLS format will be returned.
*/
int i2o_SCT_signature(const SCT *sct, unsigned char **out);
/*
* Parses an SCT signature in TLS format and populates the |sct| with it.
* |in| should be a pointer to a string contianing the TLS-format signature.
* |in| will be advanced to the end of the signature if parsing succeeds.
* |len| should be the length of the signature in |in|.
* Returns the number of bytes parsed, or a negative integer if an error occurs.
*/
int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len);
/* BEGIN ERROR CODES */
/*
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
void ERR_load_CT_strings(void);
/* Error codes for the CT functions. */
/* Function codes. */
# define CT_F_D2I_SCT_LIST 105
# define CT_F_I2D_SCT_LIST 106
# define CT_F_I2O_SCT 107
# define CT_F_I2O_SCT_LIST 108
# define CT_F_I2O_SCT_SIGNATURE 109
# define CT_F_O2I_SCT 110
# define CT_F_O2I_SCT_LIST 111
# define CT_F_O2I_SCT_SIGNATURE 112
# define CT_F_SCT_NEW 100
# define CT_F_SCT_SET0_LOG_ID 101
# define CT_F_SCT_SET1_EXTENSIONS 114
# define CT_F_SCT_SET1_LOG_ID 115
# define CT_F_SCT_SET1_SIGNATURE 116
# define CT_F_SCT_SET_LOG_ENTRY_TYPE 102
# define CT_F_SCT_SET_SIGNATURE_NID 103
# define CT_F_SCT_SET_VERSION 104
# define CT_F_SCT_SIGNATURE_IS_VALID 113
/* Reason codes. */
# define CT_R_INVALID_LOG_ID_LENGTH 100
# define CT_R_SCT_INVALID 104
# define CT_R_SCT_INVALID_SIGNATURE 107
# define CT_R_SCT_LIST_INVALID 105
# define CT_R_SCT_NOT_SET 106
# define CT_R_UNRECOGNIZED_SIGNATURE_NID 101
# define CT_R_UNSUPPORTED_ENTRY_TYPE 102
# define CT_R_UNSUPPORTED_VERSION 103
#ifdef __cplusplus
}
#endif
#endif

3
test/ct_test.c
View file

@ -58,9 +58,8 @@
#include <stdlib.h>
#include <string.h>
#include "internal/ct_int.h"
#include <openssl/ct.h>
#include <openssl/err.h>
#include <openssl/safestack.h>
#include <openssl/ssl.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>

31
util/libeay.num
View file

@ -4726,3 +4726,34 @@ CRYPTO_THREAD_get_local 5229 1_1_0 EXIST::FUNCTION:
CRYPTO_THREAD_get_current_id 5230 1_1_0 EXIST::FUNCTION:
CRYPTO_THREAD_compare_id 5231 1_1_0 EXIST::FUNCTION:
CRYPTO_THREAD_run_once 5232 1_1_0 EXIST::FUNCTION:
SCT_get0_extensions 5233 1_1_0 EXIST::FUNCTION:
SCT_get0_log_id 5234 1_1_0 EXIST::FUNCTION:
o2i_SCT_signature 5235 1_1_0 EXIST::FUNCTION:
i2o_SCT_signature 5236 1_1_0 EXIST::FUNCTION:
SCT_set_timestamp 5237 1_1_0 EXIST::FUNCTION:
i2o_SCT_LIST 5238 1_1_0 EXIST::FUNCTION:
SCT_get_version 5239 1_1_0 EXIST::FUNCTION:
i2d_SCT_LIST 5240 1_1_0 EXIST::FUNCTION:
SCT_set1_log_id 5241 1_1_0 EXIST::FUNCTION:
SCT_new 5242 1_1_0 EXIST::FUNCTION:
SCT_get_signature_nid 5243 1_1_0 EXIST::FUNCTION:
SCT_set0_extensions 5244 1_1_0 EXIST::FUNCTION:
SCT_print 5245 1_1_0 EXIST::FUNCTION:
SCT_get_timestamp 5246 1_1_0 EXIST::FUNCTION:
SCT_set0_signature 5247 1_1_0 EXIST::FUNCTION:
o2i_SCT 5248 1_1_0 EXIST::FUNCTION:
SCT_set1_signature 5249 1_1_0 EXIST::FUNCTION:
ERR_load_CT_strings 5250 1_1_0 EXIST::FUNCTION:
SCT_set_signature_nid 5251 1_1_0 EXIST::FUNCTION:
SCT_free 5252 1_1_0 EXIST::FUNCTION:
SCT_set1_extensions 5253 1_1_0 EXIST::FUNCTION:
SCT_set0_log_id 5254 1_1_0 EXIST::FUNCTION:
d2i_SCT_LIST 5255 1_1_0 EXIST::FUNCTION:
SCT_set_log_entry_type 5256 1_1_0 EXIST::FUNCTION:
SCT_LIST_print 5257 1_1_0 EXIST::FUNCTION:
SCT_get0_signature 5258 1_1_0 EXIST::FUNCTION:
i2o_SCT 5259 1_1_0 EXIST::FUNCTION:
o2i_SCT_LIST 5260 1_1_0 EXIST::FUNCTION:
SCT_set_version 5261 1_1_0 EXIST::FUNCTION:
SCT_LIST_free 5262 1_1_0 EXIST::FUNCTION:
SCT_get_log_entry_type 5263 1_1_0 EXIST::FUNCTION:

5
util/mkdef.pl
View file

@ -90,8 +90,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"STATIC_ENGINE", "ENGINE", "HW", "GMP",
# Entropy Gathering
"EGD",
# X.509v3 Signed Certificate Timestamps
"SCT",
# Certificate Transparency
"CT",
# RFC3779
"RFC3779",
# TLS
@ -294,6 +294,7 @@ $crypto.=" include/openssl/cms.h";
$crypto.=" include/openssl/srp.h";
$crypto.=" include/openssl/modes.h";
$crypto.=" include/openssl/async.h";
$crypto.=" include/openssl/ct.h";
my $symhacks="include/openssl/symhacks.h";