11cb0ef41Sopenharmony_ci/* 21cb0ef41Sopenharmony_ci * Copyright 2007-2022 The OpenSSL Project Authors. All Rights Reserved. 31cb0ef41Sopenharmony_ci * Copyright Nokia 2007-2019 41cb0ef41Sopenharmony_ci * Copyright Siemens AG 2015-2019 51cb0ef41Sopenharmony_ci * 61cb0ef41Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 71cb0ef41Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 81cb0ef41Sopenharmony_ci * in the file LICENSE in the source distribution or at 91cb0ef41Sopenharmony_ci * https://www.openssl.org/source/license.html 101cb0ef41Sopenharmony_ci */ 111cb0ef41Sopenharmony_ci 121cb0ef41Sopenharmony_ci#include <string.h> 131cb0ef41Sopenharmony_ci#include <stdio.h> 141cb0ef41Sopenharmony_ci 151cb0ef41Sopenharmony_ci#include <openssl/asn1t.h> 161cb0ef41Sopenharmony_ci#include <openssl/http.h> 171cb0ef41Sopenharmony_ci#include "internal/sockets.h" 181cb0ef41Sopenharmony_ci 191cb0ef41Sopenharmony_ci#include <openssl/cmp.h> 201cb0ef41Sopenharmony_ci#include "cmp_local.h" 211cb0ef41Sopenharmony_ci 221cb0ef41Sopenharmony_ci/* explicit #includes not strictly needed since implied by the above: */ 231cb0ef41Sopenharmony_ci#include <ctype.h> 241cb0ef41Sopenharmony_ci#include <fcntl.h> 251cb0ef41Sopenharmony_ci#include <stdlib.h> 261cb0ef41Sopenharmony_ci#include <openssl/bio.h> 271cb0ef41Sopenharmony_ci#include <openssl/buffer.h> 281cb0ef41Sopenharmony_ci#include <openssl/cmp.h> 291cb0ef41Sopenharmony_ci#include <openssl/err.h> 301cb0ef41Sopenharmony_ci 311cb0ef41Sopenharmony_cistatic int keep_alive(int keep_alive, int body_type) 321cb0ef41Sopenharmony_ci{ 331cb0ef41Sopenharmony_ci if (keep_alive != 0 341cb0ef41Sopenharmony_ci /* 351cb0ef41Sopenharmony_ci * Ask for persistent connection only if may need more round trips. 361cb0ef41Sopenharmony_ci * Do so even with disableConfirm because polling might be needed. 371cb0ef41Sopenharmony_ci */ 381cb0ef41Sopenharmony_ci && body_type != OSSL_CMP_PKIBODY_IR 391cb0ef41Sopenharmony_ci && body_type != OSSL_CMP_PKIBODY_CR 401cb0ef41Sopenharmony_ci && body_type != OSSL_CMP_PKIBODY_P10CR 411cb0ef41Sopenharmony_ci && body_type != OSSL_CMP_PKIBODY_KUR 421cb0ef41Sopenharmony_ci && body_type != OSSL_CMP_PKIBODY_POLLREQ) 431cb0ef41Sopenharmony_ci keep_alive = 0; 441cb0ef41Sopenharmony_ci return keep_alive; 451cb0ef41Sopenharmony_ci} 461cb0ef41Sopenharmony_ci 471cb0ef41Sopenharmony_ci/* 481cb0ef41Sopenharmony_ci * Send the PKIMessage req and on success return the response, else NULL. 491cb0ef41Sopenharmony_ci * Any previous error queue entries will likely be removed by ERR_clear_error(). 501cb0ef41Sopenharmony_ci */ 511cb0ef41Sopenharmony_ciOSSL_CMP_MSG *OSSL_CMP_MSG_http_perform(OSSL_CMP_CTX *ctx, 521cb0ef41Sopenharmony_ci const OSSL_CMP_MSG *req) 531cb0ef41Sopenharmony_ci{ 541cb0ef41Sopenharmony_ci char server_port[32] = { '\0' }; 551cb0ef41Sopenharmony_ci STACK_OF(CONF_VALUE) *headers = NULL; 561cb0ef41Sopenharmony_ci const char content_type_pkix[] = "application/pkixcmp"; 571cb0ef41Sopenharmony_ci int tls_used; 581cb0ef41Sopenharmony_ci const ASN1_ITEM *it = ASN1_ITEM_rptr(OSSL_CMP_MSG); 591cb0ef41Sopenharmony_ci BIO *req_mem, *rsp; 601cb0ef41Sopenharmony_ci OSSL_CMP_MSG *res = NULL; 611cb0ef41Sopenharmony_ci 621cb0ef41Sopenharmony_ci if (ctx == NULL || req == NULL) { 631cb0ef41Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); 641cb0ef41Sopenharmony_ci return NULL; 651cb0ef41Sopenharmony_ci } 661cb0ef41Sopenharmony_ci 671cb0ef41Sopenharmony_ci if (!X509V3_add_value("Pragma", "no-cache", &headers)) 681cb0ef41Sopenharmony_ci return NULL; 691cb0ef41Sopenharmony_ci if ((req_mem = ASN1_item_i2d_mem_bio(it, (const ASN1_VALUE *)req)) == NULL) 701cb0ef41Sopenharmony_ci goto err; 711cb0ef41Sopenharmony_ci 721cb0ef41Sopenharmony_ci if (ctx->serverPort != 0) 731cb0ef41Sopenharmony_ci BIO_snprintf(server_port, sizeof(server_port), "%d", ctx->serverPort); 741cb0ef41Sopenharmony_ci tls_used = OSSL_CMP_CTX_get_http_cb_arg(ctx) != NULL; 751cb0ef41Sopenharmony_ci if (ctx->http_ctx == NULL) 761cb0ef41Sopenharmony_ci ossl_cmp_log3(DEBUG, ctx, "connecting to CMP server %s:%s%s", 771cb0ef41Sopenharmony_ci ctx->server, server_port, tls_used ? " using TLS" : ""); 781cb0ef41Sopenharmony_ci 791cb0ef41Sopenharmony_ci rsp = OSSL_HTTP_transfer(&ctx->http_ctx, ctx->server, server_port, 801cb0ef41Sopenharmony_ci ctx->serverPath, tls_used, 811cb0ef41Sopenharmony_ci ctx->proxy, ctx->no_proxy, 821cb0ef41Sopenharmony_ci NULL /* bio */, NULL /* rbio */, 831cb0ef41Sopenharmony_ci ctx->http_cb, OSSL_CMP_CTX_get_http_cb_arg(ctx), 841cb0ef41Sopenharmony_ci 0 /* buf_size */, headers, 851cb0ef41Sopenharmony_ci content_type_pkix, req_mem, 861cb0ef41Sopenharmony_ci content_type_pkix, 1 /* expect_asn1 */, 871cb0ef41Sopenharmony_ci OSSL_HTTP_DEFAULT_MAX_RESP_LEN, 881cb0ef41Sopenharmony_ci ctx->msg_timeout, 891cb0ef41Sopenharmony_ci keep_alive(ctx->keep_alive, req->body->type)); 901cb0ef41Sopenharmony_ci BIO_free(req_mem); 911cb0ef41Sopenharmony_ci res = (OSSL_CMP_MSG *)ASN1_item_d2i_bio(it, rsp, NULL); 921cb0ef41Sopenharmony_ci BIO_free(rsp); 931cb0ef41Sopenharmony_ci 941cb0ef41Sopenharmony_ci if (ctx->http_ctx == NULL) 951cb0ef41Sopenharmony_ci ossl_cmp_debug(ctx, "disconnected from CMP server"); 961cb0ef41Sopenharmony_ci /* 971cb0ef41Sopenharmony_ci * Note that on normal successful end of the transaction the connection 981cb0ef41Sopenharmony_ci * is not closed at this level, but this will be done by the CMP client 991cb0ef41Sopenharmony_ci * application via OSSL_CMP_CTX_free() or OSSL_CMP_CTX_reinit(). 1001cb0ef41Sopenharmony_ci */ 1011cb0ef41Sopenharmony_ci if (res != NULL) 1021cb0ef41Sopenharmony_ci ossl_cmp_debug(ctx, "finished reading response from CMP server"); 1031cb0ef41Sopenharmony_ci err: 1041cb0ef41Sopenharmony_ci sk_CONF_VALUE_pop_free(headers, X509V3_conf_free); 1051cb0ef41Sopenharmony_ci return res; 1061cb0ef41Sopenharmony_ci} 107