summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorDr. David von Oheimb <David.von.Oheimb@siemens.com>2020-09-04 15:24:14 +0200
committerDr. David von Oheimb <David.von.Oheimb@siemens.com>2020-09-05 18:11:12 +0200
commit15076c26d794dbbdc5413a72e7feded0c9a2ba07 (patch)
tree19ed48870fcc21002b9053e3e9d3f8ca5d584be7 /doc
parentAdd OSSL_CMP_CTX_get1_newChain() and related CLI option -chainout (diff)
downloadopenssl-15076c26d794dbbdc5413a72e7feded0c9a2ba07.tar.xz
openssl-15076c26d794dbbdc5413a72e7feded0c9a2ba07.zip
Strengthen chain building for CMP
* Add -own_trusted option to CMP app * Add OSSL_CMP_CTX_build_cert_chain() * Add optional trust store arg to ossl_cmp_build_cert_chain() * Extend the tests in cmp_protect_test.c and the documentation accordingly Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12791)
Diffstat (limited to 'doc')
-rw-r--r--doc/internal/man3/ossl_cmp_msg_protect.pod30
-rw-r--r--doc/man1/openssl-cmp.pod.in14
-rw-r--r--doc/man3/OSSL_CMP_CTX_new.pod17
3 files changed, 43 insertions, 18 deletions
diff --git a/doc/internal/man3/ossl_cmp_msg_protect.pod b/doc/internal/man3/ossl_cmp_msg_protect.pod
index 6c33db6954..39f5146530 100644
--- a/doc/internal/man3/ossl_cmp_msg_protect.pod
+++ b/doc/internal/man3/ossl_cmp_msg_protect.pod
@@ -14,6 +14,7 @@ ossl_cmp_msg_add_extraCerts
STACK_OF(X509)
*ossl_cmp_build_cert_chain(OPENSSL_CTX *libctx, const char *propq,
+ X509_STORE *store,
STACK_OF(X509) *certs, X509 *cert);
ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx,
const OSSL_CMP_MSG *msg);
@@ -22,19 +23,15 @@ ossl_cmp_msg_add_extraCerts
=head1 DESCRIPTION
-ossl_cmp_build_cert_chain() builds up the chain of intermediate CA certificates
-starting from the given certificate I<cert> as high up as possible using
-the given list of candidate certificates, similarly to ssl_add_cert_chain().
+ossl_cmp_build_cert_chain() builds a certificate chain starting from I<cert>
+using the optional list of intermediate CA certificates I<certs>.
+If I<store> is NULL builds the chain as far down as possible, ignoring errors.
+Else the chain must reach a trust anchor contained in I<store>.
It internally uses a B<X509_STORE_CTX> structure associated with the library
context I<libctx> and property query string I<propq>, both of which may be NULL.
-Intended use of this function is to find all the certificates above the trust
-anchor needed to verify an EE's own certificate.
-Those are supposed to be included in the ExtraCerts field of every first
-CMP message of a transaction when MSG_SIG_ALG is utilized.
-This allocates a stack and increments the reference count of each cert,
-so when not needed any more the stack and all its elements should be freed.
+If a non-NULL stack is returned the caller is responsible for freeing it.
In case there is more than one possibility for the chain,
-OpenSSL seems to take the first one; check X509_verify_cert() for details.
+OpenSSL seems to take the first one; check L<X509_verify_cert(3)> for details.
ossl_cmp_calc_protection() calculates the protection for the given I<msg>
according to the algorithm and parameters in the message header's protectionAlg
@@ -46,10 +43,10 @@ If there is a secretValue it selects PBMAC, else if there is a protection cert
it selects Signature and uses L<ossl_cmp_msg_add_extraCerts(3)>.
It also sets the protectionAlg field in the message header accordingly.
-ossl_cmp_msg_add_extraCerts() adds elements to the extraCerts field in the given
-message I<msg>. It tries to build the certificate chain of the client cert in
-the I<ctx> if present by using certificates in ctx->untrusted_certs;
-if no untrusted certs are set, it will at least add the client certificate.
+ossl_cmp_msg_add_extraCerts() adds elements to the extraCerts field in I<msg>.
+If signature-based message protection is used it adds first the CMP signer cert
+ctx->cert and then its chain ctx->chain. If this chain is not present in I<ctx>
+tries to build it using ctx->untrusted_certs and caches the result in ctx->chain.
In any case all the certificates explicitly specified to be sent out (i.e.,
I<ctx->extraCertsOut>) are added. Note that it will NOT add the root certificate
of the chain, i.e, the trust anchor (unless it is part of extraCertsOut).
@@ -62,9 +59,8 @@ CMP is defined in RFC 4210 (and CRMF in RFC 4211).
ossl_cmp_build_cert_chain() returns NULL on error,
else a pointer to a stack of (up_ref'ed) certificates
-containing the EE certificate given in the function arguments (cert)
-and all intermediate certificates up the chain toward the trust anchor.
-The (self-signed) trust anchor is not included.
+starting with given EE certificate and followed by all available intermediate
+certificates down towards (but excluding) any trusted root certificate.
ossl_cmp_calc_protection() returns the protection on success, else NULL.
diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in
index d91bd31684..3dc193cd4d 100644
--- a/doc/man1/openssl-cmp.pod.in
+++ b/doc/man1/openssl-cmp.pod.in
@@ -32,6 +32,7 @@ B<openssl> B<cmp>
[B<-ref> I<value>]
[B<-secret> I<arg>]
[B<-cert> I<filename>]
+[B<-own_trusted> I<filenames>]
[B<-key> I<filename>]
[B<-keypass> I<arg>]
[B<-digest> I<name>]
@@ -617,7 +618,7 @@ B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
=item B<-cert> I<filename>
-The client's current certificate.
+The client's current CMP signer certificate.
Requires the corresponding key to be given with B<-key>.
The subject of this certificate will be used as sender of outgoing CMP messages,
while the subject of B<-oldcert> or B<-subjectName> may provide fallback values.
@@ -629,6 +630,16 @@ For Key Update Request (KUR) messages this is also used as
the certificate to be updated if the B<-oldcert> option is not given.
If the file includes further certs, they are appended to the untrusted certs.
+=item B<-own_trusted> I<filenames>
+
+If this list of certificates is provided then the chain built for
+the CMP signer certificate given with the B<-cert> option is verified
+using the given certificates as trust anchors.
+
+Multiple filenames may be given, separated by commas and/or whitespace
+(where in the latter case the whole argument must be enclosed in "...").
+Each source may contain multiple certificates.
+
=item B<-key> I<filename>
The corresponding private key file for the client's current certificate given in
@@ -694,6 +705,7 @@ The only value with effect is B<ENGINE>.
=item B<-otherpass> I<arg>
Pass phrase source for certificate given with the B<-trusted>, B<-untrusted>,
+B<-own_trusted>,
B<-out_trusted>, B<-extracerts>, B<-tls_extra>, or B<-tls_trusted> options.
If not given here, the password will be prompted for if needed.
diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod
index fda5150434..f4425d511a 100644
--- a/doc/man3/OSSL_CMP_CTX_new.pod
+++ b/doc/man3/OSSL_CMP_CTX_new.pod
@@ -29,6 +29,7 @@ OSSL_CMP_CTX_get0_trustedStore,
OSSL_CMP_CTX_set1_untrusted_certs,
OSSL_CMP_CTX_get0_untrusted_certs,
OSSL_CMP_CTX_set1_cert,
+OSSL_CMP_CTX_build_cert_chain,
OSSL_CMP_CTX_set1_pkey,
OSSL_CMP_CTX_set1_referenceValue,
OSSL_CMP_CTX_set1_secretValue,
@@ -104,6 +105,8 @@ OSSL_CMP_CTX_set1_senderNonce
/* client authentication: */
int OSSL_CMP_CTX_set1_cert(OSSL_CMP_CTX *ctx, X509 *cert);
+ int OSSL_CMP_CTX_build_cert_chain(OSSL_CMP_CTX *ctx, X509_STORE *own_trusted,
+ STACK_OF(X509) *candidates);
int OSSL_CMP_CTX_set1_pkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey);
int OSSL_CMP_CTX_set1_referenceValue(OSSL_CMP_CTX *ctx,
const unsigned char *ref, int len);
@@ -436,6 +439,20 @@ messages, while the subject of any cert set via B<OSSL_CMP_CTX_set1_oldCert()>
and any value set via B<OSSL_CMP_CTX_set1_subjectName()> are used as fallback.
The B<cert> argument may be NULL to clear the entry.
+OSSL_CMP_CTX_build_cert_chain() builds a certificate chain for the CMP signer
+certificate previously set in the B<ctx>. It adds the optional B<candidates>,
+a list of intermediate CA certs that may already constitute the targeted chain,
+to the untrusted certs that may already exist in the B<ctx>.
+Then the function uses this augumented set of certs for chain construction.
+If I<own_trusted> is NULL it builds the chain as far down as possible and
+ignores any verification errors. Else the CMP signer certificate must be
+verifiable where the chain reaches a trust anchor contained in I<own_trusted>.
+On success the function stores the resulting chain in B<ctx>
+for inclusion in the extraCerts field of signature-protected messages.
+Calling this function is optional; by default a chain construction
+is performed on demand that is equivalent to calling this function
+with the B<candidates> and I<own_trusted> arguments being NULL.
+
OSSL_CMP_CTX_set1_pkey() sets the private key corresponding to the
protection certificate B<cert> set via B<OSSL_CMP_CTX_set1_cert()>.
This key is used create signature-based protection (protectionAlg = MSG_SIG_ALG)