Line data Source code
1 : /*
2 : *
3 : * Copyright (c) 2021-2022 Project CHIP Authors
4 : * All rights reserved.
5 : *
6 : * Licensed under the Apache License, Version 2.0 (the "License");
7 : * you may not use this file except in compliance with the License.
8 : * You may obtain a copy of the License at
9 : *
10 : * http://www.apache.org/licenses/LICENSE-2.0
11 : *
12 : * Unless required by applicable law or agreed to in writing, software
13 : * distributed under the License is distributed on an "AS IS" BASIS,
14 : * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 : * See the License for the specific language governing permissions and
16 : * limitations under the License.
17 : */
18 :
19 : /**
20 : * @file
21 : * This file implements methods for generating CHIP X.509 certificate.
22 : *
23 : */
24 :
25 : #include <algorithm>
26 : #include <initializer_list>
27 : #include <inttypes.h>
28 : #include <stddef.h>
29 :
30 : #include <credentials/CHIPCert_Internal.h>
31 : #include <lib/asn1/ASN1.h>
32 : #include <lib/asn1/ASN1Macros.h>
33 : #include <lib/core/CHIPCore.h>
34 : #include <lib/core/CHIPSafeCasts.h>
35 : #include <lib/support/CodeUtils.h>
36 : #include <lib/support/DLLUtil.h>
37 : #include <protocols/Protocols.h>
38 :
39 : namespace chip {
40 : namespace Credentials {
41 :
42 : using namespace chip::ASN1;
43 : using namespace chip::Crypto;
44 : using namespace chip::Protocols;
45 :
46 : namespace {
47 :
48 : enum IsCACert
49 : {
50 : kCACert,
51 : kNotCACert,
52 : };
53 :
54 153 : CHIP_ERROR EncodeSubjectPublicKeyInfo(const Crypto::P256PublicKey & pubkey, ASN1Writer & writer)
55 : {
56 153 : CHIP_ERROR err = CHIP_NO_ERROR;
57 :
58 153 : ASN1_START_SEQUENCE
59 : {
60 153 : ASN1_START_SEQUENCE
61 : {
62 153 : ASN1_ENCODE_OBJECT_ID(kOID_PubKeyAlgo_ECPublicKey);
63 153 : ASN1_ENCODE_OBJECT_ID(kOID_EllipticCurve_prime256v1);
64 : }
65 153 : ASN1_END_SEQUENCE;
66 :
67 153 : ReturnErrorOnFailure(writer.PutBitString(0, pubkey, static_cast<uint8_t>(pubkey.Length())));
68 : }
69 153 : ASN1_END_SEQUENCE;
70 :
71 153 : exit:
72 153 : return err;
73 : }
74 :
75 148 : CHIP_ERROR EncodeAuthorityKeyIdentifierExtension(const Crypto::P256PublicKey & pubkey, ASN1Writer & writer)
76 : {
77 148 : CHIP_ERROR err = CHIP_NO_ERROR;
78 :
79 148 : ASN1_START_SEQUENCE
80 : {
81 148 : ASN1_ENCODE_OBJECT_ID(kOID_Extension_AuthorityKeyIdentifier);
82 :
83 148 : ASN1_START_OCTET_STRING_ENCAPSULATED
84 : {
85 148 : ASN1_START_SEQUENCE
86 : {
87 : uint8_t keyid[kSHA1_Hash_Length];
88 148 : ReturnErrorOnFailure(Crypto::Hash_SHA1(pubkey, pubkey.Length(), keyid));
89 :
90 148 : ReturnErrorOnFailure(
91 : writer.PutOctetString(kASN1TagClass_ContextSpecific, 0, keyid, static_cast<uint8_t>(sizeof(keyid))));
92 : }
93 148 : ASN1_END_SEQUENCE;
94 : }
95 148 : ASN1_END_ENCAPSULATED;
96 : }
97 148 : ASN1_END_SEQUENCE;
98 :
99 148 : exit:
100 148 : return err;
101 : }
102 :
103 148 : CHIP_ERROR EncodeSubjectKeyIdentifierExtension(const Crypto::P256PublicKey & pubkey, ASN1Writer & writer)
104 : {
105 148 : CHIP_ERROR err = CHIP_NO_ERROR;
106 :
107 148 : ASN1_START_SEQUENCE
108 : {
109 148 : ASN1_ENCODE_OBJECT_ID(kOID_Extension_SubjectKeyIdentifier);
110 :
111 148 : ASN1_START_OCTET_STRING_ENCAPSULATED
112 : {
113 : uint8_t keyid[kSHA1_Hash_Length];
114 148 : ReturnErrorOnFailure(Crypto::Hash_SHA1(pubkey, pubkey.Length(), keyid));
115 :
116 148 : ReturnErrorOnFailure(writer.PutOctetString(keyid, static_cast<uint8_t>(sizeof(keyid))));
117 : }
118 148 : ASN1_END_ENCAPSULATED;
119 : }
120 148 : ASN1_END_SEQUENCE;
121 :
122 148 : exit:
123 148 : return err;
124 : }
125 :
126 67 : CHIP_ERROR EncodeExtKeyUsageExtension(std::initializer_list<OID> keyPurposeOIDs, ASN1Writer & writer)
127 : {
128 67 : CHIP_ERROR err = CHIP_NO_ERROR;
129 67 : ASN1_START_SEQUENCE
130 : {
131 67 : ASN1_ENCODE_OBJECT_ID(kOID_Extension_ExtendedKeyUsage);
132 :
133 : // ExtKeyUsage extension MUST be marked as critical.
134 67 : ASN1_ENCODE_BOOLEAN(true);
135 67 : ASN1_START_OCTET_STRING_ENCAPSULATED
136 : {
137 67 : ASN1_START_SEQUENCE
138 : {
139 201 : for (auto && oid : keyPurposeOIDs)
140 : {
141 134 : ASN1_ENCODE_OBJECT_ID(oid);
142 : }
143 : }
144 67 : ASN1_END_SEQUENCE;
145 : }
146 67 : ASN1_END_ENCAPSULATED;
147 : }
148 67 : ASN1_END_SEQUENCE;
149 :
150 67 : exit:
151 67 : return err;
152 : }
153 :
154 153 : CHIP_ERROR EncodeKeyUsageExtension(BitFlags<KeyUsageFlags> keyUsageFlags, ASN1Writer & writer)
155 : {
156 153 : CHIP_ERROR err = CHIP_NO_ERROR;
157 153 : ASN1_START_SEQUENCE
158 : {
159 153 : ASN1_ENCODE_OBJECT_ID(kOID_Extension_KeyUsage);
160 :
161 : // KeyUsage extension MUST be marked as critical.
162 153 : ASN1_ENCODE_BOOLEAN(true);
163 153 : ASN1_START_OCTET_STRING_ENCAPSULATED
164 : {
165 153 : ASN1_ENCODE_BIT_STRING(keyUsageFlags.Raw());
166 : }
167 153 : ASN1_END_ENCAPSULATED;
168 : }
169 153 : ASN1_END_SEQUENCE;
170 :
171 153 : exit:
172 153 : return err;
173 : }
174 :
175 153 : CHIP_ERROR EncodeIsCAExtension(IsCACert isCA, ASN1Writer & writer)
176 : {
177 153 : CHIP_ERROR err = CHIP_NO_ERROR;
178 153 : ASN1_START_SEQUENCE
179 : {
180 153 : ASN1_ENCODE_OBJECT_ID(kOID_Extension_BasicConstraints);
181 :
182 : // BasicConstraints extension MUST be marked as critical.
183 153 : ASN1_ENCODE_BOOLEAN(true);
184 :
185 153 : ASN1_START_OCTET_STRING_ENCAPSULATED
186 : {
187 153 : ASN1_START_SEQUENCE
188 : {
189 : // cA BOOLEAN
190 153 : if (isCA == kCACert)
191 : {
192 : // Encode the boolean only if isCA is true
193 86 : ASN1_ENCODE_BOOLEAN(true);
194 : }
195 : }
196 153 : ASN1_END_SEQUENCE;
197 : }
198 153 : ASN1_END_ENCAPSULATED;
199 : }
200 153 : ASN1_END_SEQUENCE;
201 :
202 153 : exit:
203 153 : return err;
204 : }
205 :
206 86 : CHIP_ERROR EncodeCASpecificExtensions(ASN1Writer & writer)
207 : {
208 86 : ReturnErrorOnFailure(EncodeIsCAExtension(kCACert, writer));
209 86 : ReturnErrorOnFailure(
210 : EncodeKeyUsageExtension(BitFlags<KeyUsageFlags>(KeyUsageFlags::kKeyCertSign, KeyUsageFlags::kCRLSign), writer));
211 86 : return CHIP_NO_ERROR;
212 : }
213 :
214 62 : CHIP_ERROR EncodeNOCSpecificExtensions(ASN1Writer & writer)
215 : {
216 62 : ReturnErrorOnFailure(EncodeIsCAExtension(kNotCACert, writer));
217 62 : ReturnErrorOnFailure(EncodeKeyUsageExtension(KeyUsageFlags::kDigitalSignature, writer));
218 62 : ReturnErrorOnFailure(EncodeExtKeyUsageExtension({ kOID_KeyPurpose_ClientAuth, kOID_KeyPurpose_ServerAuth }, writer));
219 62 : return CHIP_NO_ERROR;
220 : }
221 :
222 148 : CHIP_ERROR EncodeFutureExtension(const Optional<FutureExtension> & futureExt, ASN1Writer & writer)
223 : {
224 148 : CHIP_ERROR err = CHIP_NO_ERROR;
225 :
226 148 : VerifyOrReturnError(futureExt.HasValue(), CHIP_NO_ERROR);
227 :
228 6 : ASN1_START_SEQUENCE
229 : {
230 6 : ReturnErrorOnFailure(writer.PutObjectId(futureExt.Value().OID.data(), static_cast<uint16_t>(futureExt.Value().OID.size())));
231 :
232 6 : ASN1_START_OCTET_STRING_ENCAPSULATED
233 : {
234 6 : ReturnErrorOnFailure(writer.PutOctetString(futureExt.Value().Extension.data(),
235 : static_cast<uint16_t>(futureExt.Value().Extension.size())));
236 : }
237 6 : ASN1_END_ENCAPSULATED;
238 : }
239 6 : ASN1_END_SEQUENCE;
240 :
241 6 : exit:
242 6 : return err;
243 : }
244 :
245 148 : CHIP_ERROR EncodeExtensions(bool isCA, const Crypto::P256PublicKey & SKI, const Crypto::P256PublicKey & AKI,
246 : const Optional<FutureExtension> & futureExt, ASN1Writer & writer)
247 : {
248 148 : CHIP_ERROR err = CHIP_NO_ERROR;
249 :
250 148 : ASN1_START_CONSTRUCTED(kASN1TagClass_ContextSpecific, 3)
251 : {
252 148 : ASN1_START_SEQUENCE
253 : {
254 148 : if (isCA)
255 : {
256 86 : ReturnErrorOnFailure(EncodeCASpecificExtensions(writer));
257 : }
258 : else
259 : {
260 62 : ReturnErrorOnFailure(EncodeNOCSpecificExtensions(writer));
261 : }
262 :
263 148 : ReturnErrorOnFailure(EncodeSubjectKeyIdentifierExtension(SKI, writer));
264 :
265 148 : ReturnErrorOnFailure(EncodeAuthorityKeyIdentifierExtension(AKI, writer));
266 :
267 148 : ReturnErrorOnFailure(EncodeFutureExtension(futureExt, writer));
268 : }
269 148 : ASN1_END_SEQUENCE;
270 : }
271 148 : ASN1_END_CONSTRUCTED;
272 :
273 148 : exit:
274 148 : return err;
275 : }
276 :
277 153 : CHIP_ERROR EncodeValidity(uint32_t validityStart, uint32_t validityEnd, ASN1Writer & writer)
278 : {
279 153 : CHIP_ERROR err = CHIP_NO_ERROR;
280 : ASN1UniversalTime asn1Time;
281 :
282 153 : ASN1_START_SEQUENCE
283 : {
284 153 : ReturnErrorOnFailure(ChipEpochToASN1Time(validityStart, asn1Time));
285 153 : ASN1_ENCODE_TIME(asn1Time);
286 :
287 153 : ReturnErrorOnFailure(ChipEpochToASN1Time(validityEnd, asn1Time));
288 153 : ASN1_ENCODE_TIME(asn1Time);
289 : }
290 153 : ASN1_END_SEQUENCE;
291 :
292 153 : exit:
293 153 : return err;
294 : }
295 :
296 74 : CHIP_ERROR EncodeChipECDSASignature(Crypto::P256ECDSASignature & signature, ASN1Writer & writer)
297 : {
298 74 : CHIP_ERROR err = CHIP_NO_ERROR;
299 :
300 74 : ASN1_START_BIT_STRING_ENCAPSULATED
301 : {
302 : // Convert RAW signature to DER when generating X509 certs.
303 74 : P256ECDSASignatureSpan raw_sig(signature.Bytes());
304 74 : ReturnErrorOnFailure(ConvertECDSASignatureRawToDER(raw_sig, writer));
305 : }
306 74 : ASN1_END_ENCAPSULATED;
307 :
308 74 : exit:
309 74 : return err;
310 : }
311 :
312 150 : CHIP_ERROR EncodeTBSCert(const X509CertRequestParams & requestParams, const Crypto::P256PublicKey & subjectPubkey,
313 : const Crypto::P256PublicKey & issuerPubkey, ASN1Writer & writer)
314 : {
315 150 : CHIP_ERROR err = CHIP_NO_ERROR;
316 : CertType certType;
317 : bool isCA;
318 :
319 150 : VerifyOrReturnError(requestParams.SerialNumber >= 0, CHIP_ERROR_INVALID_ARGUMENT);
320 148 : VerifyOrReturnError(requestParams.ValidityEnd == kNullCertTime || requestParams.ValidityEnd >= requestParams.ValidityStart,
321 : CHIP_ERROR_INVALID_ARGUMENT);
322 :
323 148 : ReturnErrorOnFailure(requestParams.SubjectDN.GetCertType(certType));
324 148 : isCA = (certType == CertType::kICA || certType == CertType::kRoot);
325 :
326 148 : ASN1_START_SEQUENCE
327 : {
328 : // version [0] EXPLICIT Version DEFAULT v1
329 148 : ASN1_START_CONSTRUCTED(kASN1TagClass_ContextSpecific, 0)
330 : {
331 : // Version ::= INTEGER { v1(0), v2(1), v3(2) }
332 148 : ASN1_ENCODE_INTEGER(2);
333 : }
334 148 : ASN1_END_CONSTRUCTED;
335 :
336 148 : ReturnErrorOnFailure(writer.PutInteger(requestParams.SerialNumber));
337 :
338 148 : ASN1_START_SEQUENCE
339 : {
340 148 : ASN1_ENCODE_OBJECT_ID(kOID_SigAlgo_ECDSAWithSHA256);
341 : }
342 148 : ASN1_END_SEQUENCE;
343 :
344 : // issuer Name
345 148 : ReturnErrorOnFailure(requestParams.IssuerDN.EncodeToASN1(writer));
346 :
347 : // validity Validity,
348 148 : ReturnErrorOnFailure(EncodeValidity(requestParams.ValidityStart, requestParams.ValidityEnd, writer));
349 :
350 : // subject Name
351 148 : ReturnErrorOnFailure(requestParams.SubjectDN.EncodeToASN1(writer));
352 :
353 148 : ReturnErrorOnFailure(EncodeSubjectPublicKeyInfo(subjectPubkey, writer));
354 :
355 : // certificate extensions
356 148 : ReturnErrorOnFailure(EncodeExtensions(isCA, subjectPubkey, issuerPubkey, requestParams.FutureExt, writer));
357 : }
358 148 : ASN1_END_SEQUENCE;
359 :
360 148 : exit:
361 148 : return err;
362 : }
363 :
364 : } // namespace
365 :
366 5 : CHIP_ERROR EncodeNetworkIdentityTBSCert(const P256PublicKey & pubkey, ASN1Writer & writer)
367 : {
368 5 : CHIP_ERROR err = CHIP_NO_ERROR;
369 5 : ChipDN issuerAndSubject;
370 5 : InitNetworkIdentitySubject(issuerAndSubject);
371 :
372 5 : ASN1_START_SEQUENCE
373 : {
374 : // version [0] EXPLICIT Version DEFAULT v1
375 5 : ASN1_START_CONSTRUCTED(kASN1TagClass_ContextSpecific, 0)
376 : {
377 5 : ASN1_ENCODE_INTEGER(2); // Version ::= INTEGER { v1(0), v2(1), v3(2) }
378 : }
379 5 : ASN1_END_CONSTRUCTED;
380 :
381 5 : ReturnErrorOnFailure(writer.PutInteger(kNetworkIdentitySerialNumber));
382 :
383 5 : ASN1_START_SEQUENCE
384 : {
385 5 : ASN1_ENCODE_OBJECT_ID(kOID_SigAlgo_ECDSAWithSHA256);
386 : }
387 5 : ASN1_END_SEQUENCE;
388 :
389 : // issuer Name
390 5 : ReturnErrorOnFailure(issuerAndSubject.EncodeToASN1(writer));
391 :
392 : // validity Validity,
393 5 : ReturnErrorOnFailure(EncodeValidity(kNetworkIdentityNotBeforeTime, kNetworkIdentityNotAfterTime, writer));
394 :
395 : // subject Name
396 5 : ReturnErrorOnFailure(issuerAndSubject.EncodeToASN1(writer));
397 :
398 5 : ReturnErrorOnFailure(EncodeSubjectPublicKeyInfo(pubkey, writer));
399 :
400 : // certificate extensions
401 5 : ASN1_START_CONSTRUCTED(kASN1TagClass_ContextSpecific, 3)
402 : {
403 5 : ASN1_START_SEQUENCE
404 : {
405 5 : EncodeIsCAExtension(kNotCACert, writer);
406 5 : EncodeKeyUsageExtension(KeyUsageFlags::kDigitalSignature, writer);
407 5 : EncodeExtKeyUsageExtension({ kOID_KeyPurpose_ClientAuth, kOID_KeyPurpose_ServerAuth }, writer);
408 : }
409 5 : ASN1_END_SEQUENCE;
410 : }
411 5 : ASN1_END_CONSTRUCTED;
412 : }
413 5 : ASN1_END_SEQUENCE;
414 :
415 5 : exit:
416 5 : return err;
417 5 : }
418 :
419 76 : CHIP_ERROR NewChipX509Cert(const X509CertRequestParams & requestParams, const Crypto::P256PublicKey & subjectPubkey,
420 : const Crypto::P256Keypair & issuerKeypair, MutableByteSpan & x509Cert)
421 : {
422 76 : CHIP_ERROR err = CHIP_NO_ERROR;
423 : ASN1Writer writer;
424 76 : writer.Init(x509Cert);
425 :
426 76 : ReturnErrorOnFailure(EncodeTBSCert(requestParams, subjectPubkey, issuerKeypair.Pubkey(), writer));
427 :
428 74 : Crypto::P256ECDSASignature signature;
429 74 : ReturnErrorOnFailure(issuerKeypair.ECDSA_sign_msg(x509Cert.data(), writer.GetLengthWritten(), signature));
430 :
431 74 : writer.Init(x509Cert);
432 :
433 74 : ASN1_START_SEQUENCE
434 : {
435 74 : ReturnErrorOnFailure(EncodeTBSCert(requestParams, subjectPubkey, issuerKeypair.Pubkey(), writer));
436 :
437 74 : ASN1_START_SEQUENCE
438 : {
439 74 : ASN1_ENCODE_OBJECT_ID(kOID_SigAlgo_ECDSAWithSHA256);
440 : }
441 74 : ASN1_END_SEQUENCE;
442 :
443 74 : ReturnErrorOnFailure(EncodeChipECDSASignature(signature, writer));
444 : }
445 74 : ASN1_END_SEQUENCE;
446 :
447 74 : x509Cert.reduce_size(writer.GetLengthWritten());
448 :
449 74 : exit:
450 74 : return err;
451 74 : }
452 :
453 26 : DLL_EXPORT CHIP_ERROR NewRootX509Cert(const X509CertRequestParams & requestParams, const Crypto::P256Keypair & issuerKeypair,
454 : MutableByteSpan & x509Cert)
455 : {
456 : CertType certType;
457 :
458 26 : ReturnErrorOnFailure(requestParams.SubjectDN.GetCertType(certType));
459 26 : VerifyOrReturnError(certType == CertType::kRoot, CHIP_ERROR_INVALID_ARGUMENT);
460 25 : VerifyOrReturnError(requestParams.SubjectDN.IsEqual(requestParams.IssuerDN), CHIP_ERROR_INVALID_ARGUMENT);
461 :
462 24 : return NewChipX509Cert(requestParams, issuerKeypair.Pubkey(), issuerKeypair, x509Cert);
463 : }
464 :
465 22 : DLL_EXPORT CHIP_ERROR NewICAX509Cert(const X509CertRequestParams & requestParams, const Crypto::P256PublicKey & subjectPubkey,
466 : const Crypto::P256Keypair & issuerKeypair, MutableByteSpan & x509Cert)
467 : {
468 : CertType certType;
469 :
470 22 : ReturnErrorOnFailure(requestParams.SubjectDN.GetCertType(certType));
471 22 : VerifyOrReturnError(certType == CertType::kICA, CHIP_ERROR_INVALID_ARGUMENT);
472 :
473 21 : ReturnErrorOnFailure(requestParams.IssuerDN.GetCertType(certType));
474 21 : VerifyOrReturnError(certType == CertType::kRoot, CHIP_ERROR_INVALID_ARGUMENT);
475 :
476 21 : return NewChipX509Cert(requestParams, subjectPubkey, issuerKeypair, x509Cert);
477 : }
478 :
479 34 : DLL_EXPORT CHIP_ERROR NewNodeOperationalX509Cert(const X509CertRequestParams & requestParams,
480 : const Crypto::P256PublicKey & subjectPubkey,
481 : const Crypto::P256Keypair & issuerKeypair, MutableByteSpan & x509Cert)
482 : {
483 : CertType certType;
484 :
485 34 : ReturnErrorOnFailure(requestParams.SubjectDN.GetCertType(certType));
486 33 : VerifyOrReturnError(certType == CertType::kNode, CHIP_ERROR_INVALID_ARGUMENT);
487 :
488 32 : ReturnErrorOnFailure(requestParams.IssuerDN.GetCertType(certType));
489 32 : VerifyOrReturnError(certType == CertType::kICA || certType == CertType::kRoot, CHIP_ERROR_INVALID_ARGUMENT);
490 :
491 31 : return NewChipX509Cert(requestParams, subjectPubkey, issuerKeypair, x509Cert);
492 : }
493 :
494 : } // namespace Credentials
495 : } // namespace chip
|
