2 * X.509 certificate writing
\r
4 * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
\r
5 * SPDX-License-Identifier: Apache-2.0
\r
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
\r
8 * not use this file except in compliance with the License.
\r
9 * You may obtain a copy of the License at
\r
11 * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * Unless required by applicable law or agreed to in writing, software
\r
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
\r
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * See the License for the specific language governing permissions and
\r
17 * limitations under the License.
\r
19 * This file is part of mbed TLS (https://tls.mbed.org)
\r
23 * - certificates: RFC 5280, updated by RFC 6818
\r
24 * - CSRs: PKCS#10 v1.7 aka RFC 2986
\r
25 * - attributes: PKCS#9 v2.0 aka RFC 2985
\r
28 #if !defined(MBEDTLS_CONFIG_FILE)
\r
29 #include "mbedtls/config.h"
\r
31 #include MBEDTLS_CONFIG_FILE
\r
34 #if defined(MBEDTLS_X509_CRT_WRITE_C)
\r
36 #include "mbedtls/x509_crt.h"
\r
37 #include "mbedtls/oid.h"
\r
38 #include "mbedtls/asn1write.h"
\r
39 #include "mbedtls/sha1.h"
\r
40 #include "mbedtls/platform_util.h"
\r
44 #if defined(MBEDTLS_PEM_WRITE_C)
\r
45 #include "mbedtls/pem.h"
\r
46 #endif /* MBEDTLS_PEM_WRITE_C */
\r
48 void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
\r
50 memset( ctx, 0, sizeof( mbedtls_x509write_cert ) );
\r
52 mbedtls_mpi_init( &ctx->serial );
\r
53 ctx->version = MBEDTLS_X509_CRT_VERSION_3;
\r
56 void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx )
\r
58 mbedtls_mpi_free( &ctx->serial );
\r
60 mbedtls_asn1_free_named_data_list( &ctx->subject );
\r
61 mbedtls_asn1_free_named_data_list( &ctx->issuer );
\r
62 mbedtls_asn1_free_named_data_list( &ctx->extensions );
\r
64 mbedtls_platform_zeroize( ctx, sizeof( mbedtls_x509write_cert ) );
\r
67 void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version )
\r
69 ctx->version = version;
\r
72 void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg )
\r
74 ctx->md_alg = md_alg;
\r
77 void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key )
\r
79 ctx->subject_key = key;
\r
82 void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key )
\r
84 ctx->issuer_key = key;
\r
87 int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
\r
88 const char *subject_name )
\r
90 return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
\r
93 int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
\r
94 const char *issuer_name )
\r
96 return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name );
\r
99 int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial )
\r
103 if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 )
\r
109 int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
\r
110 const char *not_after )
\r
112 if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ||
\r
113 strlen( not_after ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 )
\r
115 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
\r
117 strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
\r
118 strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
\r
119 ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
\r
120 ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
\r
125 int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
\r
126 const char *oid, size_t oid_len,
\r
128 const unsigned char *val, size_t val_len )
\r
130 return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
\r
131 critical, val, val_len );
\r
134 int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
\r
135 int is_ca, int max_pathlen )
\r
138 unsigned char buf[9];
\r
139 unsigned char *c = buf + sizeof(buf);
\r
142 memset( buf, 0, sizeof(buf) );
\r
144 if( is_ca && max_pathlen > 127 )
\r
145 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
\r
149 if( max_pathlen >= 0 )
\r
151 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, max_pathlen ) );
\r
153 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) );
\r
156 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
\r
157 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
\r
158 MBEDTLS_ASN1_SEQUENCE ) );
\r
160 return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
\r
161 MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ),
\r
162 0, buf + sizeof(buf) - len, len );
\r
165 #if defined(MBEDTLS_SHA1_C)
\r
166 int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx )
\r
169 unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
\r
170 unsigned char *c = buf + sizeof(buf);
\r
173 memset( buf, 0, sizeof(buf) );
\r
174 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) );
\r
176 ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
\r
177 buf + sizeof( buf ) - 20 );
\r
180 c = buf + sizeof( buf ) - 20;
\r
183 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
\r
184 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) );
\r
186 return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
\r
187 MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ),
\r
188 0, buf + sizeof(buf) - len, len );
\r
191 int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx )
\r
194 unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
\r
195 unsigned char *c = buf + sizeof( buf );
\r
198 memset( buf, 0, sizeof(buf) );
\r
199 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) );
\r
201 ret = mbedtls_sha1_ret( buf + sizeof( buf ) - len, len,
\r
202 buf + sizeof( buf ) - 20 );
\r
205 c = buf + sizeof( buf ) - 20;
\r
208 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
\r
209 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) );
\r
211 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
\r
212 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
\r
213 MBEDTLS_ASN1_SEQUENCE ) );
\r
215 return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
\r
216 MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ),
\r
217 0, buf + sizeof( buf ) - len, len );
\r
219 #endif /* MBEDTLS_SHA1_C */
\r
221 int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx,
\r
222 unsigned int key_usage )
\r
224 unsigned char buf[5], ku[2];
\r
227 const unsigned int allowed_bits = MBEDTLS_X509_KU_DIGITAL_SIGNATURE |
\r
228 MBEDTLS_X509_KU_NON_REPUDIATION |
\r
229 MBEDTLS_X509_KU_KEY_ENCIPHERMENT |
\r
230 MBEDTLS_X509_KU_DATA_ENCIPHERMENT |
\r
231 MBEDTLS_X509_KU_KEY_AGREEMENT |
\r
232 MBEDTLS_X509_KU_KEY_CERT_SIGN |
\r
233 MBEDTLS_X509_KU_CRL_SIGN |
\r
234 MBEDTLS_X509_KU_ENCIPHER_ONLY |
\r
235 MBEDTLS_X509_KU_DECIPHER_ONLY;
\r
237 /* Check that nothing other than the allowed flags is set */
\r
238 if( ( key_usage & ~allowed_bits ) != 0 )
\r
239 return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE );
\r
242 ku[0] = (unsigned char)( key_usage );
\r
243 ku[1] = (unsigned char)( key_usage >> 8 );
\r
244 ret = mbedtls_asn1_write_named_bitstring( &c, buf, ku, 9 );
\r
248 else if( ret < 3 || ret > 5 )
\r
249 return( MBEDTLS_ERR_X509_INVALID_FORMAT );
\r
251 ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
\r
252 MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
\r
253 1, c, (size_t)ret );
\r
260 int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
\r
261 unsigned char ns_cert_type )
\r
263 unsigned char buf[4];
\r
269 ret = mbedtls_asn1_write_named_bitstring( &c, buf, &ns_cert_type, 8 );
\r
270 if( ret < 3 || ret > 4 )
\r
273 ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
\r
274 MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
\r
275 0, c, (size_t)ret );
\r
282 static int x509_write_time( unsigned char **p, unsigned char *start,
\r
283 const char *t, size_t size )
\r
289 * write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter)
\r
291 if( t[0] == '2' && t[1] == '0' && t[2] < '5' )
\r
293 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
\r
294 (const unsigned char *) t + 2,
\r
296 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
\r
297 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_UTC_TIME ) );
\r
301 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
\r
302 (const unsigned char *) t,
\r
304 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
\r
305 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_GENERALIZED_TIME ) );
\r
308 return( (int) len );
\r
311 int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
\r
312 int (*f_rng)(void *, unsigned char *, size_t),
\r
316 const char *sig_oid;
\r
317 size_t sig_oid_len = 0;
\r
318 unsigned char *c, *c2;
\r
319 unsigned char hash[64];
\r
320 unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
\r
321 unsigned char tmp_buf[2048];
\r
322 size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
\r
324 mbedtls_pk_type_t pk_alg;
\r
327 * Prepare data to be signed in tmp_buf
\r
329 c = tmp_buf + sizeof( tmp_buf );
\r
331 /* Signature algorithm needed in TBS, and later for actual signature */
\r
333 /* There's no direct way of extracting a signature algorithm
\r
334 * (represented as an element of mbedtls_pk_type_t) from a PK instance. */
\r
335 if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_RSA ) )
\r
336 pk_alg = MBEDTLS_PK_RSA;
\r
337 else if( mbedtls_pk_can_do( ctx->issuer_key, MBEDTLS_PK_ECDSA ) )
\r
338 pk_alg = MBEDTLS_PK_ECDSA;
\r
340 return( MBEDTLS_ERR_X509_INVALID_ALG );
\r
342 if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
\r
343 &sig_oid, &sig_oid_len ) ) != 0 )
\r
349 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
\r
353 if( ctx->version == MBEDTLS_X509_CRT_VERSION_3 )
\r
355 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
\r
356 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
\r
357 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
\r
358 MBEDTLS_ASN1_SEQUENCE ) );
\r
359 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
\r
360 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC |
\r
361 MBEDTLS_ASN1_CONSTRUCTED | 3 ) );
\r
365 * SubjectPublicKeyInfo
\r
367 MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->subject_key,
\r
368 tmp_buf, c - tmp_buf ) );
\r
375 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) );
\r
378 * Validity ::= SEQUENCE {
\r
384 MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after,
\r
385 MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
\r
387 MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before,
\r
388 MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
\r
391 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) );
\r
392 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
\r
393 MBEDTLS_ASN1_SEQUENCE ) );
\r
398 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->issuer ) );
\r
401 * Signature ::= AlgorithmIdentifier
\r
403 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, tmp_buf,
\r
404 sig_oid, strlen( sig_oid ), 0 ) );
\r
407 * Serial ::= INTEGER
\r
409 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, tmp_buf, &ctx->serial ) );
\r
412 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
\r
415 /* Can be omitted for v1 */
\r
416 if( ctx->version != MBEDTLS_X509_CRT_VERSION_1 )
\r
419 MBEDTLS_ASN1_CHK_ADD( sub_len, mbedtls_asn1_write_int( &c, tmp_buf, ctx->version ) );
\r
421 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) );
\r
422 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC |
\r
423 MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
\r
426 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
\r
427 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
\r
428 MBEDTLS_ASN1_SEQUENCE ) );
\r
433 if( ( ret = mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c,
\r
434 len, hash ) ) != 0 )
\r
439 if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len,
\r
440 f_rng, p_rng ) ) != 0 )
\r
446 * Write data to output buffer
\r
449 MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
\r
450 sig_oid, sig_oid_len, sig, sig_len ) );
\r
452 if( len > (size_t)( c2 - buf ) )
\r
453 return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
\r
456 memcpy( c2, c, len );
\r
458 len += sig_and_oid_len;
\r
459 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
\r
460 MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED |
\r
461 MBEDTLS_ASN1_SEQUENCE ) );
\r
463 return( (int) len );
\r
466 #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n"
\r
467 #define PEM_END_CRT "-----END CERTIFICATE-----\n"
\r
469 #if defined(MBEDTLS_PEM_WRITE_C)
\r
470 int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, unsigned char *buf, size_t size,
\r
471 int (*f_rng)(void *, unsigned char *, size_t),
\r
475 unsigned char output_buf[4096];
\r
478 if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf),
\r
479 f_rng, p_rng ) ) < 0 )
\r
484 if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
\r
485 output_buf + sizeof(output_buf) - ret,
\r
486 ret, buf, size, &olen ) ) != 0 )
\r
493 #endif /* MBEDTLS_PEM_WRITE_C */
\r
495 #endif /* MBEDTLS_X509_CRT_WRITE_C */
\r