CMP: add testcase for central keygen

apps/cmp.c

@@ -201,6 +201,8 @@ static char *opt_srv_trusted = NULL;
 static char *opt_srv_untrusted = NULL;
 static char *opt_ref_cert = NULL;
 static char *opt_rsp_cert = NULL;
+static char *opt_rsp_cert_key = NULL;
+static char *opt_rsp_keypass = NULL;
 static char *opt_rsp_crl = NULL;
 static char *opt_rsp_extracerts = NULL;
 static char *opt_rsp_capubs = NULL;
@@ -285,7 +287,8 @@ typedef enum OPTION_choice {
     OPT_SRV_REF, OPT_SRV_SECRET,
     OPT_SRV_CERT, OPT_SRV_KEY, OPT_SRV_KEYPASS,
     OPT_SRV_TRUSTED, OPT_SRV_UNTRUSTED,
-    OPT_REF_CERT, OPT_RSP_CERT, OPT_RSP_CRL, OPT_RSP_EXTRACERTS, OPT_RSP_CAPUBS,
+    OPT_REF_CERT, OPT_RSP_CERT, OPT_RSP_CERT_KEY, OPT_RSP_KEYPASS,
+    OPT_RSP_CRL, OPT_RSP_EXTRACERTS, OPT_RSP_CAPUBS,
     OPT_RSP_NEWWITHNEW, OPT_RSP_NEWWITHOLD, OPT_RSP_OLDWITHNEW,
     OPT_POLL_COUNT, OPT_CHECK_AFTER,
     OPT_GRANT_IMPLICITCONF,
@@ -580,6 +583,12 @@ const OPTIONS cmp_options[] = {
      "Certificate to be expected for rr and any oldCertID in kur messages"},
     {"rsp_cert", OPT_RSP_CERT, 's',
      "Certificate to be returned as mock enrollment result"},
+    {"rsp_cert_key", OPT_RSP_CERT_KEY, 's',
+     "Private key for the certificate to be returned as mock enrollment result"},
+    {OPT_MORE_STR, 0, 0,
+     "Key to be returned for central key pair generation"},
+    {"rsp_keypass", OPT_RSP_KEYPASS, 's',
+     "Response private key (and cert) pass phrase source"},
     {"rsp_crl", OPT_RSP_CRL, 's',
      "CRL to be returned in genp of type crls"},
     {"rsp_extracerts", OPT_RSP_EXTRACERTS, 's',
@@ -692,8 +701,8 @@ static varref cmp_vars[] = { /* must be in same order as enumerated above! */
     {&opt_srv_ref}, {&opt_srv_secret},
     {&opt_srv_cert}, {&opt_srv_key}, {&opt_srv_keypass},
     {&opt_srv_trusted}, {&opt_srv_untrusted},
-    {&opt_ref_cert}, {&opt_rsp_cert}, {&opt_rsp_crl},
-    {&opt_rsp_extracerts}, {&opt_rsp_capubs},
+    {&opt_ref_cert}, {&opt_rsp_cert}, {&opt_rsp_cert_key}, {&opt_rsp_keypass},
+    {&opt_rsp_crl}, {&opt_rsp_extracerts}, {&opt_rsp_capubs},
     {&opt_rsp_newwithnew}, {&opt_rsp_newwithold}, {&opt_rsp_oldwithnew},
 
     {(char **)&opt_poll_count}, {(char **)&opt_check_after},
@@ -1206,11 +1215,26 @@ static OSSL_CMP_SRV_CTX *setup_srv_ctx(ENGINE *engine)
     if (opt_rsp_cert == NULL) {
         CMP_warn("no -rsp_cert given for mock server");
     } else {
-        if (!setup_cert(srv_ctx, opt_rsp_cert, opt_keypass,
+        if (!setup_cert(srv_ctx, opt_rsp_cert, opt_rsp_keypass,
                         "cert the mock server returns on certificate requests",
                         (add_X509_fn_t)ossl_cmp_mock_srv_set1_certOut))
             goto err;
     }
+    if (opt_rsp_cert_key != NULL) {
+        EVP_PKEY *pkey = load_key_pwd(opt_rsp_cert_key, opt_keyform,
+                                      opt_rsp_keypass,
+                                      engine,
+                                      "private key for enrollment cert");
+
+        if (pkey == NULL
+            || !ossl_cmp_mock_srv_set1_certOutKey(srv_ctx, pkey)) {
+            EVP_PKEY_free(pkey);
+            goto err;
+        }
+        EVP_PKEY_free(pkey);
+    }
+    cleanse(opt_rsp_keypass);
+
     if (!setup_mock_crlout(srv_ctx, opt_rsp_crl,
                            "CRL to be returned by the mock server"))
         goto err;
@@ -3126,6 +3150,12 @@ static int get_opts(int argc, char **argv)
         case OPT_RSP_CERT:
             opt_rsp_cert = opt_str();
             break;
+        case OPT_RSP_CERT_KEY:
+            opt_rsp_cert_key = opt_str();
+            break;
+        case OPT_RSP_KEYPASS:
+            opt_rsp_keypass = opt_str();
+            break;
         case OPT_RSP_CRL:
             opt_rsp_crl = opt_str();
             break;

apps/include/cmp_mock_srv.h

@@ -22,6 +22,8 @@ void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
 
 int ossl_cmp_mock_srv_set1_refCert(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
 int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
+int ossl_cmp_mock_srv_set1_certOutKey(OSSL_CMP_SRV_CTX *srv_ctx,
+                                      EVP_PKEY *pkey);
 int ossl_cmp_mock_srv_set1_crlOut(OSSL_CMP_SRV_CTX *srv_ctx, X509_CRL *crl);
 int ossl_cmp_mock_srv_set1_chainOut(OSSL_CMP_SRV_CTX *srv_ctx,
                                     STACK_OF(X509) *chain);

apps/lib/cmp_mock_srv.c

@@ -19,6 +19,7 @@
 typedef struct {
     X509 *refCert;             /* cert to expect for oldCertID in kur/rr msg */
     X509 *certOut;             /* certificate to be returned in cp/ip/kup msg */
+    EVP_PKEY *certOutKey;     /* Private key to be returned for central keygen */
     X509_CRL *crlOut;          /* CRL to be returned in genp for crls */
     STACK_OF(X509) *chainOut;  /* chain of certOut to add to extraCerts field */
     STACK_OF(X509) *caPubsOut; /* used in caPubs of ip and in caCerts of genp */
@@ -87,6 +88,22 @@ static mock_srv_ctx *mock_srv_ctx_new(void)
 DEFINE_OSSL_SET1_CERT(refCert)
 DEFINE_OSSL_SET1_CERT(certOut)
 
+int ossl_cmp_mock_srv_set1_certOutKey(OSSL_CMP_SRV_CTX *srv_ctx,
+                                      EVP_PKEY *pkey)
+{
+    mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
+
+    if (ctx == NULL) {
+        ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
+        return 0;
+    }
+    if (pkey != NULL && !EVP_PKEY_up_ref(pkey))
+        return 0;
+    EVP_PKEY_free(ctx->certOutKey);
+    ctx->certOutKey = pkey;
+    return 1;
+}
+
 int ossl_cmp_mock_srv_set1_crlOut(OSSL_CMP_SRV_CTX *srv_ctx,
                                   X509_CRL *crl)
 {
@@ -263,6 +280,27 @@ static int clean_transaction(OSSL_CMP_SRV_CTX *srv_ctx,
     return 1;
 }
 
+static int centralKeygen_req(const OSSL_CRMF_MSG *crm,
+                             X509_REQ *p10cr)
+{
+    X509_PUBKEY *pubkey = NULL;
+    const unsigned char *pk = NULL;
+    int pklen, ret = 0;
+
+    if (crm != NULL ) {
+        pubkey = OSSL_CRMF_CERTTEMPLATE_get0_publicKey(OSSL_CRMF_MSG_get0_tmpl(crm));
+    } else if (p10cr != NULL) {
+        pubkey = X509_REQ_get_X509_PUBKEY(p10cr);
+    }
+    if (pubkey == NULL
+        || (X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey)
+            && pklen == 0))
+        ret = 1;
+
+    pk = NULL;
+    return ret;
+}
+
 static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
                                             const OSSL_CMP_MSG *cert_req,
                                             ossl_unused int certReqId,
@@ -275,6 +313,7 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
     mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
     int bodytype;
     OSSL_CMP_PKISI *si = NULL;
+    EVP_PKEY *certOutKey = NULL;
 
     if (ctx == NULL || cert_req == NULL
             || certOut == NULL || chainOut == NULL || caPubs == NULL) {
@@ -358,6 +397,13 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
             && (*certOut = X509_dup(ctx->certOut)) == NULL)
         /* Should return a cert produced from request template, see FR #16054 */
         goto err;
+    if (ctx->certOutKey != NULL
+        && centralKeygen_req(crm, (X509_REQ *) p10cr)
+        /* using newPkey to return the private key without modifying API */
+        && (((certOutKey = EVP_PKEY_dup(ctx->certOutKey)) == NULL)
+            || !OSSL_CMP_CTX_set0_newPkey(OSSL_CMP_SRV_CTX_get0_cmp_ctx(srv_ctx),
+                                          1/*priv*/, certOutKey)))
+        goto err;
     if (ctx->chainOut != NULL
             && (*chainOut = X509_chain_up_ref(ctx->chainOut)) == NULL)
         goto err;

crypto/cmp/cmp_local.h

@@ -952,7 +952,8 @@ OSSL_CMP_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    const OSSL_CRMF_MSG *crm);
 OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    int certReqId, const OSSL_CMP_PKISI *si,
-                                   X509 *cert, const X509 *encryption_recip,
+                                   X509 *cert, EVP_PKEY *certkey,
+                                   const X509 *encryption_recip,
                                    STACK_OF(X509) *chain, STACK_OF(X509) *caPubs,
                                    int unprotectedErrors);
 OSSL_CMP_MSG *ossl_cmp_rr_new(OSSL_CMP_CTX *ctx);

crypto/cmp/cmp_msg.c

@@ -19,6 +19,9 @@
 #include <openssl/crmf.h>
 #include <openssl/err.h>
 #include <openssl/x509.h>
+#include <openssl/cms.h>
+#include <openssl/pem.h>
+#include <openssl/bio.h>
 
 OSSL_CMP_MSG *OSSL_CMP_MSG_new(OSSL_LIB_CTX *libctx, const char *propq)
 {
@@ -449,9 +452,40 @@ OSSL_CMP_MSG *ossl_cmp_certreq_new(OSSL_CMP_CTX *ctx, int type,
     return NULL;
 }
 
+
+static OSSL_CRMF_ENCRYPTEDKEY *enveloped_signedprivatekey(OSSL_CMP_CTX *ctx, EVP_PKEY *privKey)
+{
+    OSSL_CRMF_ENCRYPTEDKEY *ek = NULL;
+    CMS_EnvelopedData *envData = NULL;
+    STACK_OF(X509) *encryption_recips = NULL;
+    int res = 0;
+    X509 *recip = ctx->validatedSrvCert;
+
+    encryption_recips = sk_X509_new_null();
+    if (encryption_recips == NULL || recip == NULL
+        || !sk_X509_push(encryption_recips, recip))
+        goto err;
+
+    envData = OSSL_CMS_env_sign_key(privKey, ctx->cert, ctx->pkey,
+                                    encryption_recips, ctx->libctx, ctx->propq);
+    if (envData == NULL)
+        goto err;
+    if ((ek = OSSL_CRMF_ENCRYPTEDKEY_init_envdata(envData)) == NULL)
+        goto err;
+    res = 1;
+
+ err:
+    sk_X509_pop_free(encryption_recips, X509_free);
+    if (!res)
+        M_ASN1_free_of(envData, CMS_EnvelopedData);
+
+    return ek;
+}
+
 OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
                                    int certReqId, const OSSL_CMP_PKISI *si,
-                                   X509 *cert, const X509 *encryption_recip,
+                                   X509 *cert, EVP_PKEY *certkey,
+                                   const X509 *encryption_recip,
                                    STACK_OF(X509) *chain, STACK_OF(X509) *caPubs,
                                    int unprotectedErrors)
 {
@@ -495,6 +529,12 @@ OSSL_CMP_MSG *ossl_cmp_certrep_new(OSSL_CMP_CTX *ctx, int bodytype,
         if (!X509_up_ref(cert))
             goto err;
         resp->certifiedKeyPair->certOrEncCert->value.certificate = cert;
+
+        if (certkey != NULL) {
+            /* if (!EVP_PKEY_up_ref(certkey))
+                goto err; */
+            resp->certifiedKeyPair->privateKey = enveloped_signedprivatekey(ctx, certkey);
+        }
     }
 
     if (!sk_OSSL_CMP_CERTRESPONSE_push(repMsg->response, resp))

crypto/cmp/cmp_server.c

@@ -216,6 +216,7 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
     OSSL_CMP_MSG *msg = NULL;
     OSSL_CMP_PKISI *si = NULL;
     X509 *certOut = NULL;
+    EVP_PKEY *certOutKey = NULL;
     STACK_OF(X509) *chainOut = NULL, *caPubs = NULL;
     const OSSL_CRMF_MSG *crm = NULL;
     const X509_REQ *p10cr = NULL;
@@ -287,10 +288,12 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
                                          /* do not set if polling starts: */
                                          && certOut != NULL))
             goto err;
+        if (srv_ctx->ctx->newPkey != NULL && srv_ctx->ctx->newPkey_priv)
+            certOutKey = srv_ctx->ctx->newPkey;
     }
 
     msg = ossl_cmp_certrep_new(srv_ctx->ctx, bodytype, certReqId, si,
-                               certOut, NULL /* enc */, chainOut, caPubs,
+                               certOut, certOutKey, NULL /* enc */, chainOut, caPubs,
                                srv_ctx->sendUnprotectedErrors);
     /* When supporting OSSL_CRMF_POPO_KEYENC, "enc" will need to be set */
     if (msg == NULL)
@@ -299,6 +302,7 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
  err:
     OSSL_CMP_PKISI_free(si);
     X509_free(certOut);
+    OSSL_CMP_CTX_set0_newPkey(srv_ctx->ctx, 0, NULL);
     OSSL_STACK_OF_X509_free(chainOut);
     OSSL_STACK_OF_X509_free(caPubs);
     return msg;

crypto/cms/cms_asn1.c

@@ -243,6 +243,7 @@ ASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = {
         ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo),
         ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1)
 } ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData)
+IMPLEMENT_ASN1_DUP_FUNCTION(CMS_EnvelopedData)
 
 ASN1_NDEF_SEQUENCE(CMS_DigestedData) = {
         ASN1_EMBED(CMS_DigestedData, version, INT32),

crypto/cms/cms_lib.c

@@ -739,3 +739,43 @@ int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert)
     *pkeyid = keyid;
     return 1;
 }
+
+CMS_EnvelopedData *OSSL_CMS_env_sign_key(EVP_PKEY *privKey,  /* TODO - take bio as input*/
+                                            X509 *signcert, EVP_PKEY *signkey,
+                                            STACK_OF(X509) *encryption_recip,
+                                            OSSL_LIB_CTX *libctx, const char *propq)
+{
+    CMS_EnvelopedData *evd = NULL;
+    BIO *privbio = NULL, *signbio = NULL, *envelopbio = NULL;
+    CMS_ContentInfo *signcms = NULL, *evpcms = NULL;
+
+    privbio = BIO_new(BIO_s_mem());
+    if (privbio == NULL || i2d_PrivateKey_bio(privbio, privKey) <= 0)
+        goto err;
+
+    signcms = CMS_sign_ex(signcert, signkey, NULL, privbio, CMS_BINARY,
+                      libctx, propq);
+    if (signcms == NULL) 
+        goto err;
+
+    signbio = BIO_new(BIO_s_mem());
+    if (signbio == NULL
+        || ASN1_item_i2d_bio(ASN1_ITEM_rptr(CMS_SignedData), signbio, signcms->d.signedData) <= 0)
+        goto err;
+
+
+    evpcms = CMS_encrypt_ex(encryption_recip, signbio, EVP_aes_256_cbc(), CMS_BINARY, libctx, propq);
+    if (evpcms == NULL)
+        goto err;
+
+    evd = CMS_EnvelopedData_dup(evpcms->d.envelopedData);
+
+ err:
+    BIO_free(privbio);
+    BIO_free(signbio);
+    BIO_free(envelopbio);
+    CMS_ContentInfo_free(signcms);
+    CMS_ContentInfo_free(evpcms);
+
+    return evd;
+}

crypto/crmf/crmf_lib.c

@@ -38,6 +38,7 @@
 #include <openssl/crmf.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
+#include <openssl/cms.h>
 
 /*-
  * atyp = Attribute Type
@@ -627,18 +628,8 @@ static int check_cmKGA(ossl_unused const X509_PURPOSE *purpose,
         return ret;
     ekus =  X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL);
     for (i = 0; i < sk_ASN1_OBJECT_num(ekus); i++) {
-# if OPENSSL_VERSION_NUMBER >= 0x30000000L
         if (OBJ_obj2nid(sk_ASN1_OBJECT_value(ekus, i)) == NID_cmKGA)
             goto end;
-# else
-        {
-            char txt[100];
-
-            if (OBJ_obj2txt(txt, sizeof(txt), sk_ASN1_OBJECT_value(ekus, i), 1)
-                    && strcmp(txt, "1.3.6.1.5.5.7.3.32") == 0) /* OID cmKGA */
-                goto end;
-        }
-# endif
     }
     ret = 0;
 
@@ -913,3 +904,16 @@ X509
     return NULL;
 #endif /* OPENSSL_NO_CMS */
 }
+
+OSSL_CRMF_ENCRYPTEDKEY 
+*OSSL_CRMF_ENCRYPTEDKEY_init_envdata(CMS_EnvelopedData *envdata)
+{
+    OSSL_CRMF_ENCRYPTEDKEY *ek = OSSL_CRMF_ENCRYPTEDKEY_new();
+    if (ek == NULL)
+        return NULL;
+
+    ek->type = OSSL_CRMF_ENCRYPTEDKEY_ENVELOPEDDATA;
+    ek->value.envelopedData = envdata;
+
+    return ek;
+}

include/openssl/cms.h.in

@@ -57,6 +57,8 @@ DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
 DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
 
+DECLARE_ASN1_DUP_FUNCTION(CMS_EnvelopedData)
+
 CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq);
 
 # define CMS_SIGNERINFO_ISSUER_SERIAL    0
@@ -397,6 +399,10 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms,
 
 int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
                           ASN1_OCTET_STRING *ukm, int keylen);
+CMS_EnvelopedData *OSSL_CMS_env_sign_key(EVP_PKEY *privKey,  /* TODO - take bio as input*/
+                                            X509 *signcert, EVP_PKEY *signkey,
+                                            STACK_OF(X509) *encryption_recip,
+                                            OSSL_LIB_CTX *libctx, const char *propq);
 
 /* Backward compatibility for spelling errors. */
 # define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM