3 * Written by Rob Stradling (rob@comodo.com) for the OpenSSL project 2014.
5 /* ====================================================================
6 * Copyright (c) 2014 The OpenSSL Project. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
34 * 6. Redistributions of any form whatsoever must retain the following
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
61 #include <openssl/asn1.h>
62 #include <openssl/x509v3.h>
63 #include "../ssl/ssl_locl.h"
65 #if (defined(_WIN32) || defined(_WIN64)) && !defined(__MINGW32__)
66 # define SCT_TIMESTAMP unsigned __int64
67 #elif defined(__arch64__)
68 # define SCT_TIMESTAMP unsigned long
70 # define SCT_TIMESTAMP unsigned long long
73 #define n2l8(c,l) (l =((SCT_TIMESTAMP)(*((c)++)))<<56, \
74 l|=((SCT_TIMESTAMP)(*((c)++)))<<48, \
75 l|=((SCT_TIMESTAMP)(*((c)++)))<<40, \
76 l|=((SCT_TIMESTAMP)(*((c)++)))<<32, \
77 l|=((SCT_TIMESTAMP)(*((c)++)))<<24, \
78 l|=((SCT_TIMESTAMP)(*((c)++)))<<16, \
79 l|=((SCT_TIMESTAMP)(*((c)++)))<< 8, \
80 l|=((SCT_TIMESTAMP)(*((c)++))))
82 typedef struct SCT_st
{
85 unsigned short sctlen
;
87 * Components of the SCT. "logid", "ext" and "sig" point to addresses
90 unsigned char version
;
92 unsigned short logidlen
;
93 SCT_TIMESTAMP timestamp
;
95 unsigned short extlen
;
96 unsigned char hash_alg
;
97 unsigned char sig_alg
;
99 unsigned short siglen
;
102 DECLARE_STACK_OF(SCT
)
104 static void SCT_LIST_free(STACK_OF(SCT
) *a
);
105 static STACK_OF(SCT
) *d2i_SCT_LIST(STACK_OF(SCT
) **a
,
106 const unsigned char **pp
, long length
);
107 static int i2r_SCT_LIST(X509V3_EXT_METHOD
*method
, STACK_OF(SCT
) *sct_list
,
108 BIO
*out
, int indent
);
110 const X509V3_EXT_METHOD v3_ct_scts
[] = {
111 {NID_ct_precert_scts
, 0, NULL
,
112 0, (X509V3_EXT_FREE
)SCT_LIST_free
,
113 (X509V3_EXT_D2I
)d2i_SCT_LIST
, 0,
115 (X509V3_EXT_I2R
)i2r_SCT_LIST
, 0,
118 {NID_ct_cert_scts
, 0, NULL
,
119 0, (X509V3_EXT_FREE
)SCT_LIST_free
,
120 (X509V3_EXT_D2I
)d2i_SCT_LIST
, 0,
122 (X509V3_EXT_I2R
)i2r_SCT_LIST
, 0,
126 static void tls12_signature_print(BIO
*out
, const unsigned char hash_alg
,
127 const unsigned char sig_alg
)
130 /* RFC6962 only permits two signature algorithms */
131 if (hash_alg
== TLSEXT_hash_sha256
) {
132 if (sig_alg
== TLSEXT_signature_rsa
)
133 nid
= NID_sha256WithRSAEncryption
;
134 else if (sig_alg
== TLSEXT_signature_ecdsa
)
135 nid
= NID_ecdsa_with_SHA256
;
137 if (nid
== NID_undef
)
138 BIO_printf(out
, "%02X%02X", hash_alg
, sig_alg
);
140 BIO_printf(out
, "%s", OBJ_nid2ln(nid
));
143 static void timestamp_print(BIO
*out
, SCT_TIMESTAMP timestamp
)
145 ASN1_GENERALIZEDTIME
*gen
;
147 gen
= ASN1_GENERALIZEDTIME_new();
148 ASN1_GENERALIZEDTIME_adj(gen
, (time_t)0,
149 (int)(timestamp
/ 86400000),
150 (timestamp
% 86400000) / 1000);
152 * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
153 * characters long with a final Z. Update it with fractional seconds.
155 BIO_snprintf(genstr
, sizeof(genstr
), "%.14s.%03dZ",
156 ASN1_STRING_data(gen
), (unsigned int)(timestamp
% 1000));
157 ASN1_GENERALIZEDTIME_set_string(gen
, genstr
);
158 ASN1_GENERALIZEDTIME_print(out
, gen
);
159 ASN1_GENERALIZEDTIME_free(gen
);
162 static void SCT_free(SCT
*sct
)
166 OPENSSL_free(sct
->sct
);
171 static void SCT_LIST_free(STACK_OF(SCT
) *a
)
173 sk_SCT_pop_free(a
, SCT_free
);
176 static STACK_OF(SCT
) *d2i_SCT_LIST(STACK_OF(SCT
) **a
,
177 const unsigned char **pp
, long length
)
179 ASN1_OCTET_STRING
*oct
= NULL
;
180 STACK_OF(SCT
) *sk
= NULL
;
182 unsigned char *p
, *p2
;
183 unsigned short listlen
, sctlen
= 0, fieldlen
;
185 if (d2i_ASN1_OCTET_STRING(&oct
, pp
, length
) == NULL
)
191 if (listlen
!= oct
->length
- 2)
194 if ((sk
= sk_SCT_new_null()) == NULL
)
197 while (listlen
> 0) {
203 if ((sctlen
< 1) || (sctlen
> listlen
))
207 sct
= OPENSSL_malloc(sizeof(SCT
));
210 if (!sk_SCT_push(sk
, sct
)) {
215 sct
->sct
= OPENSSL_malloc(sctlen
);
218 memcpy(sct
->sct
, p
, sctlen
);
219 sct
->sctlen
= sctlen
;
223 sct
->version
= *p2
++;
224 if (sct
->version
== 0) { /* SCT v1 */
226 * Fixed-length header:
228 * (1 byte) Version sct_version;
229 * (32 bytes) LogID id;
230 * (8 bytes) uint64 timestamp;
231 * (2 bytes + ?) CtExtensions extensions;
241 n2l8(p2
, sct
->timestamp
);
244 if (sctlen
< fieldlen
)
247 sct
->extlen
= fieldlen
;
252 * digitally-signed struct header:
253 * (1 byte) Hash algorithm
254 * (1 byte) Signature algorithm
255 * (2 bytes + ?) Signature
261 sct
->hash_alg
= *p2
++;
262 sct
->sig_alg
= *p2
++;
264 if (sctlen
!= fieldlen
)
267 sct
->siglen
= fieldlen
;
272 ASN1_OCTET_STRING_free(oct
);
281 static int i2r_SCT_LIST(X509V3_EXT_METHOD
*method
, STACK_OF(SCT
) *sct_list
,
282 BIO
*out
, int indent
)
287 for (i
= 0; i
< sk_SCT_num(sct_list
);) {
288 sct
= sk_SCT_value(sct_list
, i
);
290 BIO_printf(out
, "%*sSigned Certificate Timestamp:", indent
, "");
291 BIO_printf(out
, "\n%*sVersion : ", indent
+ 4, "");
293 if (sct
->version
== 0) { /* SCT v1 */
294 BIO_printf(out
, "v1(0)");
296 BIO_printf(out
, "\n%*sLog ID : ", indent
+ 4, "");
297 BIO_hex_string(out
, indent
+ 16, 16, sct
->logid
, sct
->logidlen
);
299 BIO_printf(out
, "\n%*sTimestamp : ", indent
+ 4, "");
300 timestamp_print(out
, sct
->timestamp
);
302 BIO_printf(out
, "\n%*sExtensions: ", indent
+ 4, "");
303 if (sct
->extlen
== 0)
304 BIO_printf(out
, "none");
306 BIO_hex_string(out
, indent
+ 16, 16, sct
->ext
, sct
->extlen
);
308 BIO_printf(out
, "\n%*sSignature : ", indent
+ 4, "");
309 tls12_signature_print(out
, sct
->hash_alg
, sct
->sig_alg
);
310 BIO_printf(out
, "\n%*s ", indent
+ 4, "");
311 BIO_hex_string(out
, indent
+ 16, 16, sct
->sig
, sct
->siglen
);
312 } else { /* Unknown version */
314 BIO_printf(out
, "unknown\n%*s", indent
+ 16, "");
315 BIO_hex_string(out
, indent
+ 16, 16, sct
->sct
, sct
->sctlen
);
318 if (++i
< sk_SCT_num(sct_list
))
319 BIO_printf(out
, "\n");