1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
/* $OpenBSD: x509_siginfo.c,v 1.1 2024/08/28 07:15:04 tb Exp $ */
/*
* Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <openssl/evp.h>
#include <openssl/objects.h>
#include <openssl/x509.h>
#include "evp_local.h"
#include "x509_internal.h"
static int
x509_find_sigid_algs(const X509 *x509, int *out_md_nid, int *out_pkey_nid)
{
const ASN1_OBJECT *aobj;
int nid;
*out_md_nid = NID_undef;
*out_pkey_nid = NID_undef;
X509_ALGOR_get0(&aobj, NULL, NULL, x509->sig_alg);
if ((nid = OBJ_obj2nid(aobj)) == NID_undef)
return 0;
return OBJ_find_sigid_algs(nid, out_md_nid, out_pkey_nid);
}
int
X509_get_signature_info(X509 *x509, int *out_md_nid, int *out_pkey_nid,
int *out_security_bits, uint32_t *out_flags)
{
const EVP_MD *md;
int md_nid = NID_undef, pkey_nid = NID_undef, security_bits = -1;
uint32_t flags = 0;
if (out_md_nid != NULL)
*out_md_nid = md_nid;
if (out_pkey_nid != NULL)
*out_pkey_nid = pkey_nid;
if (out_security_bits != NULL)
*out_security_bits = security_bits;
if (out_flags != NULL)
*out_flags = flags;
if (!x509v3_cache_extensions(x509))
goto err;
if (!x509_find_sigid_algs(x509, &md_nid, &pkey_nid))
goto err;
/*
* If md_nid == NID_undef, this means we need to consult the ameth.
* Handlers are available for EdDSA and RSA-PSS. No other signature
* algorithm with NID_undef should appear in a certificate.
*/
if (md_nid == NID_undef) {
const EVP_PKEY_ASN1_METHOD *ameth;
if ((ameth = EVP_PKEY_asn1_find(NULL, pkey_nid)) == NULL ||
ameth->signature_info == NULL)
goto err;
if (!ameth->signature_info(x509->sig_alg, &md_nid, &pkey_nid,
&security_bits, &flags))
goto err;
goto done;
}
/* XXX - OpenSSL 3 special cases SHA-1 (63 bits) and MD5 (39 bits). */
if ((md = EVP_get_digestbynid(md_nid)) == NULL)
goto err;
/* Assume 4 bits of collision resistance per octet. */
if ((security_bits = EVP_MD_size(md)) <= 0)
goto err;
security_bits *= 4;
if (md_nid == NID_sha1 || md_nid == NID_sha256 ||
md_nid == NID_sha384 || md_nid == NID_sha512)
flags |= X509_SIG_INFO_TLS;
flags |= X509_SIG_INFO_VALID;
done:
if (out_md_nid != NULL)
*out_md_nid = md_nid;
if (out_pkey_nid != NULL)
*out_pkey_nid = pkey_nid;
if (out_security_bits != NULL)
*out_security_bits = security_bits;
if (out_flags != NULL)
*out_flags = flags;
err:
return (flags & X509_SIG_INFO_VALID) != 0;
}
LCRYPTO_ALIAS(X509_get_signature_info);
|
