interface_ocsp.cpp 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424
  1. /*
  2. * Copyright (C) 2011-2018 Intel Corporation. All rights reserved.
  3. *
  4. * Redistribution and use in source and binary forms, with or without
  5. * modification, are permitted provided that the following conditions
  6. * are met:
  7. *
  8. * * Redistributions of source code must retain the above copyright
  9. * notice, this list of conditions and the following disclaimer.
  10. * * Redistributions in binary form must reproduce the above copyright
  11. * notice, this list of conditions and the following disclaimer in
  12. * the documentation and/or other materials provided with the
  13. * distribution.
  14. * * Neither the name of Intel Corporation nor the names of its
  15. * contributors may be used to endorse or promote products derived
  16. * from this software without specific prior written permission.
  17. *
  18. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21. * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
  22. * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  23. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
  24. * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  25. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  26. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  27. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  28. * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29. *
  30. */
  31. #include "aeerror.h"
  32. #include <cstddef>
  33. #pragma GCC diagnostic push
  34. #pragma GCC diagnostic ignored "-Wredundant-decls"
  35. #include "openssl/ocsp.h"
  36. #pragma GCC diagnostic pop
  37. #include "oal/oal.h"
  38. #include "pse_pr_sigma_common_defs.h"
  39. #include "Buffer.h"
  40. #include "network_encoding_wrapper.h"
  41. #include "helper.h"
  42. #undef OCSP_CLEAN
  43. #undef _OPENSSL_FULL_INIT
  44. #undef USE_CERTID_STACK
  45. extern "C" int get_ocsp_req_size(BIO* reqbio, OCSP_REQUEST *pOcspReq)
  46. {
  47. #if defined(OCSP_CLEAN)
  48. return i2d_OCSP_REQUEST_bio(reqbio, pOcspReq);
  49. #else
  50. return ASN1_i2d_bio(CHECKED_I2D_OF(OCSP_REQUEST, i2d_OCSP_REQUEST), reqbio, (unsigned char*)pOcspReq);
  51. #endif
  52. }
  53. //
  54. // we should 1) make sure this function is right, for the AESM and all its uses of OpenSSL and
  55. // 2) move it to a more central/global location. 1 may require adding the so-called OpenSSL
  56. // thread callbacks. Also, what about all the config settings? Are the defaults okay for us?
  57. //
  58. void OpenSSL_init()
  59. {
  60. #ifdef CRYPTO_malloc_init
  61. CRYPTO_malloc_init(); // OpenSSL 1.0 - Initialize malloc, free, etc for OpenSSL's use
  62. #else
  63. OPENSSL_malloc_init(); // OpenSSL 1.1 - Initialize malloc, free, etc for OpenSSL's use
  64. #endif
  65. #if defined(_OPENSSL_FULL_INIT)
  66. SSL_library_init(); // Initialize OpenSSL's SSL libraries
  67. SSL_load_error_strings(); // Load SSL error strings
  68. ERR_load_BIO_strings(); // Load BIO error strings
  69. OpenSSL_add_all_algorithms(); // Load all available encryption algorithms
  70. #else
  71. //
  72. // This needed by openssl, else OCSP_basic_verify fails
  73. //
  74. EVP_add_digest(EVP_sha1());
  75. #endif
  76. }
  77. ae_error_t Get_OCSPResponse
  78. (
  79. /*in */ const char* urlOcspResponder,
  80. /*in */ const SIGMA_NONCE* ocspNonce,
  81. /*in */ const upse::Buffer& verifierCertificateDER,
  82. /*in */ const upse::Buffer& issuerCertificateDER,
  83. /*out*/ upse::Buffer& OcspResponseDER
  84. )
  85. {
  86. X509* verifierX509Cert = NULL;
  87. X509* issuerX509Cert = NULL;
  88. OCSP_REQUEST* pOcspReq = NULL;
  89. OCSP_CERTID* pCertID = NULL;
  90. OCSP_ONEREQ *pOneReq = NULL;
  91. #if defined(USE_CERTID_STACK)
  92. STACK_OF(OCSP_CERTID) *ids = NULL;
  93. #endif
  94. BIO *reqbio = NULL;
  95. const EVP_MD *cert_id_md = NULL;
  96. void* ocsp_response = NULL;
  97. uint32_t ocsp_response_size = 0;
  98. //OCSP_RESPONSE *pOcspResponse = NULL;
  99. char* ocsp_request = NULL;
  100. ae_error_t status = AE_FAILURE;
  101. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("Get_OCSPResponse: (int) nonce = ", *((int*)*ocspNonce));
  102. OpenSSL_init();
  103. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("init'd", 0);
  104. do
  105. {
  106. const unsigned char* x509CertNextDER = NULL;
  107. // Convert verifier to internal X509 data
  108. x509CertNextDER = verifierCertificateDER.getData();
  109. if (NULL == d2i_X509(&verifierX509Cert, &x509CertNextDER, verifierCertificateDER.getSize()))
  110. {
  111. Helper::RemoveCertificateChain();
  112. break;
  113. }
  114. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("converted verifier", 0);
  115. // Convert issuer to internal X509 data
  116. x509CertNextDER = issuerCertificateDER.getData();
  117. if (NULL == d2i_X509(&issuerX509Cert, &x509CertNextDER, issuerCertificateDER.getSize()))
  118. {
  119. Helper::RemoveCertificateChain();
  120. break;
  121. }
  122. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("converted issuer", 0);
  123. // Populate OCSP Request
  124. pOcspReq = OCSP_REQUEST_new();
  125. if (NULL == pOcspReq) break;
  126. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("created new request", 0);
  127. #if defined(USE_CERTID_STACK)
  128. ids = sk_OCSP_CERTID_new_null();
  129. if (NULL == ids) break;
  130. #endif
  131. cert_id_md = EVP_sha1();
  132. // Add Verifier cert and issuer to OCSP Request
  133. pCertID = OCSP_cert_to_id(cert_id_md, verifierX509Cert, issuerX509Cert);
  134. if (NULL == pCertID)
  135. {
  136. Helper::RemoveCertificateChain();
  137. break;
  138. }
  139. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("added cert and issuer to ocsp request", 0);
  140. #if defined(USE_CERTID_STACK)
  141. if (NULL == sk_OCSP_CERTID_push(ids, pCertID)) break;
  142. #endif
  143. pOneReq = OCSP_request_add0_id(pOcspReq, pCertID);
  144. if (NULL == pOneReq)
  145. {
  146. Helper::RemoveCertificateChain();
  147. break;
  148. }
  149. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("added id", 0);
  150. // Add nonce
  151. int retVal = OCSP_request_add1_nonce(pOcspReq, (uint8_t*)const_cast<SIGMA_NONCE*>(ocspNonce), NONCE_LENGTH);
  152. if (retVal <= 0)
  153. {
  154. Helper::RemoveCertificateChain();
  155. break;
  156. }
  157. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("added nonce", 0);
  158. reqbio = BIO_new(BIO_s_mem());
  159. if (NULL == reqbio) break;
  160. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("created new mem bio for request", 0);
  161. //
  162. // go from internal OpenSSL representation of request
  163. // to mem bio to binary
  164. //
  165. retVal = get_ocsp_req_size(reqbio, pOcspReq);
  166. if (retVal <= 0)
  167. {
  168. Helper::RemoveCertificateChain();
  169. break;
  170. }
  171. size_t reqbio_num_write = BIO_number_written(reqbio);
  172. ocsp_request = (char*) malloc(reqbio_num_write);
  173. if (NULL == ocsp_request) break;
  174. memset(ocsp_request, 0x0, reqbio_num_write);
  175. retVal = BIO_read(reqbio, ocsp_request, static_cast<int>(reqbio_num_write));
  176. if (retVal <= 0)
  177. {
  178. Helper::RemoveCertificateChain();
  179. break;
  180. }
  181. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("convertd to binary", 0);
  182. ae_error_t netStatus = aesm_network_send_receive( urlOcspResponder,
  183. (const uint8_t *) ocsp_request,
  184. static_cast<uint32_t>(reqbio_num_write),
  185. (uint8_t **) &ocsp_response,
  186. &ocsp_response_size,
  187. POST,
  188. true);
  189. if (AE_SUCCESS != netStatus) {
  190. status = netStatus;
  191. break;
  192. }
  193. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("called network stack, ocsp_response_size = ", ocsp_response_size);
  194. BIO* respbio = BIO_new(BIO_s_mem());
  195. if (NULL == respbio) break;
  196. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("created new mem bio for response", 0);
  197. //
  198. // reverse what we did for req above,
  199. // go from binary to mem bio to internal OpenSSL representation of response
  200. //
  201. retVal = BIO_write(respbio, (const char*) ocsp_response, ocsp_response_size);
  202. if (retVal <= 0) break;
  203. ae_error_t ocspRespError = AE_SUCCESS;
  204. OCSP_RESPONSE* pOcspResponse = d2i_OCSP_RESPONSE_bio(respbio, NULL);
  205. BIO_free(respbio);
  206. if(NULL == pOcspResponse)
  207. {
  208. status = AESM_PSE_PR_OCSP_RESPONSE_INTERNAL_ERROR;
  209. break;
  210. }
  211. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("converted ocsp response to internal format", 0);
  212. //
  213. // even though cse verifies/checks the ocsp response,
  214. // we can save time by doing the easy checks here
  215. // we'll check:
  216. // status
  217. // nonce
  218. // relationships among fields
  219. //
  220. retVal = OCSP_response_status(pOcspResponse);
  221. while (retVal != OCSP_RESPONSE_STATUS_SUCCESSFUL)
  222. {
  223. switch(retVal)
  224. {
  225. case OCSP_RESPONSE_STATUS_MALFORMEDREQUEST:
  226. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_STATUS_MALFORMEDREQUEST; break;
  227. case OCSP_RESPONSE_STATUS_INTERNALERROR:
  228. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_STATUS_INTERNALERROR; break;
  229. case OCSP_RESPONSE_STATUS_TRYLATER:
  230. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_STATUS_TRYLATER; break;
  231. case OCSP_RESPONSE_STATUS_SIGREQUIRED:
  232. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_STATUS_SIGREQUIRED; break;
  233. case OCSP_RESPONSE_STATUS_UNAUTHORIZED:
  234. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_STATUS_UNAUTHORIZED; break;
  235. default:
  236. ocspRespError = AESM_PSE_PR_NO_OCSP_RESPONSE_ERROR; break;
  237. }
  238. break;
  239. }
  240. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("checked ocsp response status: ", ocspRespError);
  241. if ((AE_SUCCESS != ocspRespError) && (AESM_PSE_PR_OCSP_RESPONSE_STATUS_TRYLATER != ocspRespError)) {
  242. if (AESM_PSE_PR_OCSP_RESPONSE_STATUS_INTERNALERROR != ocspRespError) {
  243. // According to RFC6960, the response "internalError" indicates that the OCSP responder
  244. // reached an inconsistent internal state.The query should be retried,
  245. // potentially with another responder. So we don't delete cert chain here
  246. Helper::RemoveCertificateChain();
  247. }
  248. AESM_LOG_ERROR("%s", g_event_string_table[SGX_EVENT_OCSP_RESPONSE_ERROR]);
  249. }
  250. while (AE_SUCCESS == ocspRespError)
  251. {
  252. OCSP_BASICRESP* bs = OCSP_response_get1_basic(pOcspResponse);
  253. if (!bs)
  254. {
  255. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_INTERNAL_ERROR;
  256. break;
  257. }
  258. {
  259. //
  260. // above status check is "external", doesn't include revoked or not
  261. //
  262. int respStatus, reason;
  263. ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
  264. if(!OCSP_resp_find_status(bs, pCertID, &respStatus, &reason, &rev, &thisupd, &nextupd))
  265. {
  266. SGX_DBGPRINT_PRINT_STRING("OCSP: No status found.");
  267. }
  268. else if (V_OCSP_CERTSTATUS_REVOKED == respStatus) {
  269. ocspRespError = AESM_LTP_PSE_CERT_REVOKED;
  270. AESM_LOG_ERROR("%s", g_event_string_table[SGX_EVENT_PSE_CERT_REVOCATION]);
  271. break;
  272. }
  273. }
  274. int i;
  275. if ((i = OCSP_check_nonce(pOcspReq, bs)) <= 0)
  276. {
  277. if (i == -1)
  278. {
  279. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_NO_NONCE_ERROR;
  280. }
  281. else
  282. {
  283. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_NONCE_VERIFY_ERROR;
  284. }
  285. break;
  286. }
  287. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("checked nonce: ", ocspRespError);
  288. //
  289. // following checks relationships between fields in response, but does not verify signature
  290. // cse will do that (along with other checks we do above)
  291. //
  292. i = OCSP_basic_verify(bs, NULL, NULL, OCSP_NOCHECKS|OCSP_NOEXPLICIT|OCSP_NOVERIFY|OCSP_NOCHAIN|OCSP_NOSIGS);
  293. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("verified ocsp response: ", i);
  294. if(i <= 0)
  295. {
  296. ocspRespError = AESM_PSE_PR_OCSP_RESPONSE_VERIFY_ERROR;
  297. break;
  298. }
  299. break;
  300. }
  301. if (AE_SUCCESS != ocspRespError)
  302. {
  303. status = ocspRespError;
  304. break;
  305. }
  306. if (AE_FAILED(OcspResponseDER.Alloc((uint8_t*)ocsp_response, ocsp_response_size))) break;
  307. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("created ocsp response in der format", 0);
  308. status = AE_SUCCESS;
  309. } while (0);
  310. if (ocsp_response)
  311. {
  312. aesm_free_network_response_buffer((uint8_t*)ocsp_response);
  313. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("freed network response buffer", 0);
  314. }
  315. if (verifierX509Cert)
  316. {
  317. X509_free(verifierX509Cert);
  318. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("freed verifier cert", 0);
  319. }
  320. if (issuerX509Cert)
  321. {
  322. X509_free(issuerX509Cert);
  323. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("freed issuer cert", 0);
  324. }
  325. if (pOcspReq)
  326. {
  327. OCSP_REQUEST_free(pOcspReq);
  328. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("freed ocsp request", 0);
  329. }
  330. if (NULL != reqbio)
  331. {
  332. BIO_free(reqbio);
  333. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("freed request bio", 0);
  334. }
  335. if (NULL != ocsp_request)
  336. {
  337. free(ocsp_request);
  338. SGX_DBGPRINT_ONE_STRING_ONE_INT_OCSP("freed binary ocsp request", 0);
  339. }
  340. #if defined(USE_CERTID_STACK)
  341. if (ids) sk_OCSP_CERTID_free(ids);
  342. #endif
  343. return status;
  344. }