1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * Copyright Nokia 2007-2019 4e1051a39Sopenharmony_ci * Copyright Siemens AG 2015-2019 5e1051a39Sopenharmony_ci * 6e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 7e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 8e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 9e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 10e1051a39Sopenharmony_ci */ 11e1051a39Sopenharmony_ci 12e1051a39Sopenharmony_ci/* CMP functions for PKIHeader handling */ 13e1051a39Sopenharmony_ci 14e1051a39Sopenharmony_ci#include "cmp_local.h" 15e1051a39Sopenharmony_ci 16e1051a39Sopenharmony_ci#include <openssl/rand.h> 17e1051a39Sopenharmony_ci 18e1051a39Sopenharmony_ci/* explicit #includes not strictly needed since implied by the above: */ 19e1051a39Sopenharmony_ci#include <openssl/asn1t.h> 20e1051a39Sopenharmony_ci#include <openssl/cmp.h> 21e1051a39Sopenharmony_ci#include <openssl/err.h> 22e1051a39Sopenharmony_ci 23e1051a39Sopenharmony_ciint ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno) 24e1051a39Sopenharmony_ci{ 25e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 26e1051a39Sopenharmony_ci return 0; 27e1051a39Sopenharmony_ci return ASN1_INTEGER_set(hdr->pvno, pvno); 28e1051a39Sopenharmony_ci} 29e1051a39Sopenharmony_ci 30e1051a39Sopenharmony_ciint ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr) 31e1051a39Sopenharmony_ci{ 32e1051a39Sopenharmony_ci int64_t pvno; 33e1051a39Sopenharmony_ci 34e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 35e1051a39Sopenharmony_ci return -1; 36e1051a39Sopenharmony_ci if (!ASN1_INTEGER_get_int64(&pvno, hdr->pvno) || pvno < 0 || pvno > INT_MAX) 37e1051a39Sopenharmony_ci return -1; 38e1051a39Sopenharmony_ci return (int)pvno; 39e1051a39Sopenharmony_ci} 40e1051a39Sopenharmony_ci 41e1051a39Sopenharmony_ciint ossl_cmp_hdr_get_protection_nid(const OSSL_CMP_PKIHEADER *hdr) 42e1051a39Sopenharmony_ci{ 43e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL) 44e1051a39Sopenharmony_ci || hdr->protectionAlg == NULL) 45e1051a39Sopenharmony_ci return NID_undef; 46e1051a39Sopenharmony_ci return OBJ_obj2nid(hdr->protectionAlg->algorithm); 47e1051a39Sopenharmony_ci} 48e1051a39Sopenharmony_ci 49e1051a39Sopenharmony_ciASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const 50e1051a39Sopenharmony_ci OSSL_CMP_PKIHEADER *hdr) 51e1051a39Sopenharmony_ci{ 52e1051a39Sopenharmony_ci if (hdr == NULL) { 53e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); 54e1051a39Sopenharmony_ci return NULL; 55e1051a39Sopenharmony_ci } 56e1051a39Sopenharmony_ci return hdr->transactionID; 57e1051a39Sopenharmony_ci} 58e1051a39Sopenharmony_ci 59e1051a39Sopenharmony_ciASN1_OCTET_STRING *ossl_cmp_hdr_get0_senderNonce(const OSSL_CMP_PKIHEADER *hdr) 60e1051a39Sopenharmony_ci{ 61e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 62e1051a39Sopenharmony_ci return NULL; 63e1051a39Sopenharmony_ci return hdr->senderNonce; 64e1051a39Sopenharmony_ci} 65e1051a39Sopenharmony_ci 66e1051a39Sopenharmony_ciASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr) 67e1051a39Sopenharmony_ci{ 68e1051a39Sopenharmony_ci if (hdr == NULL) { 69e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); 70e1051a39Sopenharmony_ci return NULL; 71e1051a39Sopenharmony_ci } 72e1051a39Sopenharmony_ci return hdr->recipNonce; 73e1051a39Sopenharmony_ci} 74e1051a39Sopenharmony_ci 75e1051a39Sopenharmony_ci/* a NULL-DN as an empty sequence of RDNs */ 76e1051a39Sopenharmony_ciint ossl_cmp_general_name_is_NULL_DN(GENERAL_NAME *name) 77e1051a39Sopenharmony_ci{ 78e1051a39Sopenharmony_ci return name == NULL 79e1051a39Sopenharmony_ci || (name->type == GEN_DIRNAME && IS_NULL_DN(name->d.directoryName)); 80e1051a39Sopenharmony_ci} 81e1051a39Sopenharmony_ci 82e1051a39Sopenharmony_ci/* assign to *tgt a copy of src (which may be NULL to indicate an empty DN) */ 83e1051a39Sopenharmony_cistatic int set1_general_name(GENERAL_NAME **tgt, const X509_NAME *src) 84e1051a39Sopenharmony_ci{ 85e1051a39Sopenharmony_ci GENERAL_NAME *name; 86e1051a39Sopenharmony_ci 87e1051a39Sopenharmony_ci if (!ossl_assert(tgt != NULL)) 88e1051a39Sopenharmony_ci return 0; 89e1051a39Sopenharmony_ci if ((name = GENERAL_NAME_new()) == NULL) 90e1051a39Sopenharmony_ci goto err; 91e1051a39Sopenharmony_ci name->type = GEN_DIRNAME; 92e1051a39Sopenharmony_ci 93e1051a39Sopenharmony_ci if (src == NULL) { /* NULL-DN */ 94e1051a39Sopenharmony_ci if ((name->d.directoryName = X509_NAME_new()) == NULL) 95e1051a39Sopenharmony_ci goto err; 96e1051a39Sopenharmony_ci } else if (!X509_NAME_set(&name->d.directoryName, src)) { 97e1051a39Sopenharmony_ci goto err; 98e1051a39Sopenharmony_ci } 99e1051a39Sopenharmony_ci 100e1051a39Sopenharmony_ci GENERAL_NAME_free(*tgt); 101e1051a39Sopenharmony_ci *tgt = name; 102e1051a39Sopenharmony_ci 103e1051a39Sopenharmony_ci return 1; 104e1051a39Sopenharmony_ci 105e1051a39Sopenharmony_ci err: 106e1051a39Sopenharmony_ci GENERAL_NAME_free(name); 107e1051a39Sopenharmony_ci return 0; 108e1051a39Sopenharmony_ci} 109e1051a39Sopenharmony_ci 110e1051a39Sopenharmony_ci/* 111e1051a39Sopenharmony_ci * Set the sender name in PKIHeader. 112e1051a39Sopenharmony_ci * when nm is NULL, sender is set to an empty string 113e1051a39Sopenharmony_ci * returns 1 on success, 0 on error 114e1051a39Sopenharmony_ci */ 115e1051a39Sopenharmony_ciint ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm) 116e1051a39Sopenharmony_ci{ 117e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 118e1051a39Sopenharmony_ci return 0; 119e1051a39Sopenharmony_ci return set1_general_name(&hdr->sender, nm); 120e1051a39Sopenharmony_ci} 121e1051a39Sopenharmony_ci 122e1051a39Sopenharmony_ciint ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm) 123e1051a39Sopenharmony_ci{ 124e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 125e1051a39Sopenharmony_ci return 0; 126e1051a39Sopenharmony_ci return set1_general_name(&hdr->recipient, nm); 127e1051a39Sopenharmony_ci} 128e1051a39Sopenharmony_ci 129e1051a39Sopenharmony_ciint ossl_cmp_hdr_update_messageTime(OSSL_CMP_PKIHEADER *hdr) 130e1051a39Sopenharmony_ci{ 131e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 132e1051a39Sopenharmony_ci return 0; 133e1051a39Sopenharmony_ci if (hdr->messageTime == NULL 134e1051a39Sopenharmony_ci && (hdr->messageTime = ASN1_GENERALIZEDTIME_new()) == NULL) 135e1051a39Sopenharmony_ci return 0; 136e1051a39Sopenharmony_ci return ASN1_GENERALIZEDTIME_set(hdr->messageTime, time(NULL)) != NULL; 137e1051a39Sopenharmony_ci} 138e1051a39Sopenharmony_ci 139e1051a39Sopenharmony_ci/* assign to *tgt a random byte array of given length */ 140e1051a39Sopenharmony_cistatic int set_random(ASN1_OCTET_STRING **tgt, OSSL_CMP_CTX *ctx, size_t len) 141e1051a39Sopenharmony_ci{ 142e1051a39Sopenharmony_ci unsigned char *bytes = OPENSSL_malloc(len); 143e1051a39Sopenharmony_ci int res = 0; 144e1051a39Sopenharmony_ci 145e1051a39Sopenharmony_ci if (bytes == NULL || RAND_bytes_ex(ctx->libctx, bytes, len, 0) <= 0) 146e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_FAILURE_OBTAINING_RANDOM); 147e1051a39Sopenharmony_ci else 148e1051a39Sopenharmony_ci res = ossl_cmp_asn1_octet_string_set1_bytes(tgt, bytes, len); 149e1051a39Sopenharmony_ci OPENSSL_free(bytes); 150e1051a39Sopenharmony_ci return res; 151e1051a39Sopenharmony_ci} 152e1051a39Sopenharmony_ci 153e1051a39Sopenharmony_ciint ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER *hdr, 154e1051a39Sopenharmony_ci const ASN1_OCTET_STRING *senderKID) 155e1051a39Sopenharmony_ci{ 156e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 157e1051a39Sopenharmony_ci return 0; 158e1051a39Sopenharmony_ci return ossl_cmp_asn1_octet_string_set1(&hdr->senderKID, senderKID); 159e1051a39Sopenharmony_ci} 160e1051a39Sopenharmony_ci 161e1051a39Sopenharmony_ci/* push the given text string to the given PKIFREETEXT ft */ 162e1051a39Sopenharmony_ciint ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER *hdr, ASN1_UTF8STRING *text) 163e1051a39Sopenharmony_ci{ 164e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL && text != NULL)) 165e1051a39Sopenharmony_ci return 0; 166e1051a39Sopenharmony_ci 167e1051a39Sopenharmony_ci if (hdr->freeText == NULL 168e1051a39Sopenharmony_ci && (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL) 169e1051a39Sopenharmony_ci return 0; 170e1051a39Sopenharmony_ci 171e1051a39Sopenharmony_ci return sk_ASN1_UTF8STRING_push(hdr->freeText, text); 172e1051a39Sopenharmony_ci} 173e1051a39Sopenharmony_ci 174e1051a39Sopenharmony_ciint ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER *hdr, ASN1_UTF8STRING *text) 175e1051a39Sopenharmony_ci{ 176e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL && text != NULL)) 177e1051a39Sopenharmony_ci return 0; 178e1051a39Sopenharmony_ci 179e1051a39Sopenharmony_ci if (hdr->freeText == NULL 180e1051a39Sopenharmony_ci && (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL) 181e1051a39Sopenharmony_ci return 0; 182e1051a39Sopenharmony_ci 183e1051a39Sopenharmony_ci return 184e1051a39Sopenharmony_ci ossl_cmp_sk_ASN1_UTF8STRING_push_str(hdr->freeText, (char *)text->data, 185e1051a39Sopenharmony_ci text->length); 186e1051a39Sopenharmony_ci} 187e1051a39Sopenharmony_ci 188e1051a39Sopenharmony_ciint ossl_cmp_hdr_generalInfo_push0_item(OSSL_CMP_PKIHEADER *hdr, 189e1051a39Sopenharmony_ci OSSL_CMP_ITAV *itav) 190e1051a39Sopenharmony_ci{ 191e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL && itav != NULL)) 192e1051a39Sopenharmony_ci return 0; 193e1051a39Sopenharmony_ci return OSSL_CMP_ITAV_push0_stack_item(&hdr->generalInfo, itav); 194e1051a39Sopenharmony_ci} 195e1051a39Sopenharmony_ci 196e1051a39Sopenharmony_ciint ossl_cmp_hdr_generalInfo_push1_items(OSSL_CMP_PKIHEADER *hdr, 197e1051a39Sopenharmony_ci const STACK_OF(OSSL_CMP_ITAV) *itavs) 198e1051a39Sopenharmony_ci{ 199e1051a39Sopenharmony_ci int i; 200e1051a39Sopenharmony_ci OSSL_CMP_ITAV *itav; 201e1051a39Sopenharmony_ci 202e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 203e1051a39Sopenharmony_ci return 0; 204e1051a39Sopenharmony_ci 205e1051a39Sopenharmony_ci for (i = 0; i < sk_OSSL_CMP_ITAV_num(itavs); i++) { 206e1051a39Sopenharmony_ci itav = OSSL_CMP_ITAV_dup(sk_OSSL_CMP_ITAV_value(itavs, i)); 207e1051a39Sopenharmony_ci if (itav == NULL) 208e1051a39Sopenharmony_ci return 0; 209e1051a39Sopenharmony_ci 210e1051a39Sopenharmony_ci if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav)) { 211e1051a39Sopenharmony_ci OSSL_CMP_ITAV_free(itav); 212e1051a39Sopenharmony_ci return 0; 213e1051a39Sopenharmony_ci } 214e1051a39Sopenharmony_ci } 215e1051a39Sopenharmony_ci return 1; 216e1051a39Sopenharmony_ci} 217e1051a39Sopenharmony_ci 218e1051a39Sopenharmony_ciint ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER *hdr) 219e1051a39Sopenharmony_ci{ 220e1051a39Sopenharmony_ci OSSL_CMP_ITAV *itav; 221e1051a39Sopenharmony_ci ASN1_TYPE *asn1null; 222e1051a39Sopenharmony_ci 223e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 224e1051a39Sopenharmony_ci return 0; 225e1051a39Sopenharmony_ci asn1null = (ASN1_TYPE *)ASN1_NULL_new(); 226e1051a39Sopenharmony_ci if (asn1null == NULL) 227e1051a39Sopenharmony_ci return 0; 228e1051a39Sopenharmony_ci if ((itav = OSSL_CMP_ITAV_create(OBJ_nid2obj(NID_id_it_implicitConfirm), 229e1051a39Sopenharmony_ci asn1null)) == NULL) 230e1051a39Sopenharmony_ci goto err; 231e1051a39Sopenharmony_ci if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav)) 232e1051a39Sopenharmony_ci goto err; 233e1051a39Sopenharmony_ci return 1; 234e1051a39Sopenharmony_ci 235e1051a39Sopenharmony_ci err: 236e1051a39Sopenharmony_ci ASN1_TYPE_free(asn1null); 237e1051a39Sopenharmony_ci OSSL_CMP_ITAV_free(itav); 238e1051a39Sopenharmony_ci return 0; 239e1051a39Sopenharmony_ci} 240e1051a39Sopenharmony_ci 241e1051a39Sopenharmony_ci/* return 1 if implicitConfirm in the generalInfo field of the header is set */ 242e1051a39Sopenharmony_ciint ossl_cmp_hdr_has_implicitConfirm(const OSSL_CMP_PKIHEADER *hdr) 243e1051a39Sopenharmony_ci{ 244e1051a39Sopenharmony_ci int itavCount; 245e1051a39Sopenharmony_ci int i; 246e1051a39Sopenharmony_ci OSSL_CMP_ITAV *itav; 247e1051a39Sopenharmony_ci 248e1051a39Sopenharmony_ci if (!ossl_assert(hdr != NULL)) 249e1051a39Sopenharmony_ci return 0; 250e1051a39Sopenharmony_ci 251e1051a39Sopenharmony_ci itavCount = sk_OSSL_CMP_ITAV_num(hdr->generalInfo); 252e1051a39Sopenharmony_ci for (i = 0; i < itavCount; i++) { 253e1051a39Sopenharmony_ci itav = sk_OSSL_CMP_ITAV_value(hdr->generalInfo, i); 254e1051a39Sopenharmony_ci if (itav != NULL 255e1051a39Sopenharmony_ci && OBJ_obj2nid(itav->infoType) == NID_id_it_implicitConfirm) 256e1051a39Sopenharmony_ci return 1; 257e1051a39Sopenharmony_ci } 258e1051a39Sopenharmony_ci 259e1051a39Sopenharmony_ci return 0; 260e1051a39Sopenharmony_ci} 261e1051a39Sopenharmony_ci 262e1051a39Sopenharmony_ci/* 263e1051a39Sopenharmony_ci * set ctx->transactionID in CMP header 264e1051a39Sopenharmony_ci * if ctx->transactionID is NULL, a random one is created with 128 bit 265e1051a39Sopenharmony_ci * according to section 5.1.1: 266e1051a39Sopenharmony_ci * 267e1051a39Sopenharmony_ci * It is RECOMMENDED that the clients fill the transactionID field with 268e1051a39Sopenharmony_ci * 128 bits of (pseudo-) random data for the start of a transaction to 269e1051a39Sopenharmony_ci * reduce the probability of having the transactionID in use at the server. 270e1051a39Sopenharmony_ci */ 271e1051a39Sopenharmony_ciint ossl_cmp_hdr_set_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr) 272e1051a39Sopenharmony_ci{ 273e1051a39Sopenharmony_ci if (ctx->transactionID == NULL) { 274e1051a39Sopenharmony_ci char *tid; 275e1051a39Sopenharmony_ci 276e1051a39Sopenharmony_ci if (!set_random(&ctx->transactionID, ctx, 277e1051a39Sopenharmony_ci OSSL_CMP_TRANSACTIONID_LENGTH)) 278e1051a39Sopenharmony_ci return 0; 279e1051a39Sopenharmony_ci tid = OPENSSL_buf2hexstr(ctx->transactionID->data, 280e1051a39Sopenharmony_ci ctx->transactionID->length); 281e1051a39Sopenharmony_ci if (tid != NULL) 282e1051a39Sopenharmony_ci ossl_cmp_log1(DEBUG, ctx, 283e1051a39Sopenharmony_ci "Starting new transaction with ID=%s", tid); 284e1051a39Sopenharmony_ci OPENSSL_free(tid); 285e1051a39Sopenharmony_ci } 286e1051a39Sopenharmony_ci 287e1051a39Sopenharmony_ci return ossl_cmp_asn1_octet_string_set1(&hdr->transactionID, 288e1051a39Sopenharmony_ci ctx->transactionID); 289e1051a39Sopenharmony_ci} 290e1051a39Sopenharmony_ci 291e1051a39Sopenharmony_ci/* fill in all fields of the hdr according to the info given in ctx */ 292e1051a39Sopenharmony_ciint ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr) 293e1051a39Sopenharmony_ci{ 294e1051a39Sopenharmony_ci const X509_NAME *sender; 295e1051a39Sopenharmony_ci const X509_NAME *rcp = NULL; 296e1051a39Sopenharmony_ci 297e1051a39Sopenharmony_ci if (!ossl_assert(ctx != NULL && hdr != NULL)) 298e1051a39Sopenharmony_ci return 0; 299e1051a39Sopenharmony_ci 300e1051a39Sopenharmony_ci /* set the CMP version */ 301e1051a39Sopenharmony_ci if (!ossl_cmp_hdr_set_pvno(hdr, OSSL_CMP_PVNO)) 302e1051a39Sopenharmony_ci return 0; 303e1051a39Sopenharmony_ci 304e1051a39Sopenharmony_ci /* 305e1051a39Sopenharmony_ci * If neither protection cert nor oldCert nor subject are given, 306e1051a39Sopenharmony_ci * sender name is not known to the client and thus set to NULL-DN 307e1051a39Sopenharmony_ci */ 308e1051a39Sopenharmony_ci sender = ctx->cert != NULL ? X509_get_subject_name(ctx->cert) : 309e1051a39Sopenharmony_ci ctx->oldCert != NULL ? X509_get_subject_name(ctx->oldCert) : 310e1051a39Sopenharmony_ci ctx->subjectName; 311e1051a39Sopenharmony_ci if (!ossl_cmp_hdr_set1_sender(hdr, sender)) 312e1051a39Sopenharmony_ci return 0; 313e1051a39Sopenharmony_ci 314e1051a39Sopenharmony_ci /* determine recipient entry in PKIHeader */ 315e1051a39Sopenharmony_ci if (ctx->recipient != NULL) 316e1051a39Sopenharmony_ci rcp = ctx->recipient; 317e1051a39Sopenharmony_ci else if (ctx->srvCert != NULL) 318e1051a39Sopenharmony_ci rcp = X509_get_subject_name(ctx->srvCert); 319e1051a39Sopenharmony_ci else if (ctx->issuer != NULL) 320e1051a39Sopenharmony_ci rcp = ctx->issuer; 321e1051a39Sopenharmony_ci else if (ctx->oldCert != NULL) 322e1051a39Sopenharmony_ci rcp = X509_get_issuer_name(ctx->oldCert); 323e1051a39Sopenharmony_ci else if (ctx->cert != NULL) 324e1051a39Sopenharmony_ci rcp = X509_get_issuer_name(ctx->cert); 325e1051a39Sopenharmony_ci if (!ossl_cmp_hdr_set1_recipient(hdr, rcp)) 326e1051a39Sopenharmony_ci return 0; 327e1051a39Sopenharmony_ci 328e1051a39Sopenharmony_ci /* set current time as message time */ 329e1051a39Sopenharmony_ci if (!ossl_cmp_hdr_update_messageTime(hdr)) 330e1051a39Sopenharmony_ci return 0; 331e1051a39Sopenharmony_ci 332e1051a39Sopenharmony_ci if (ctx->recipNonce != NULL 333e1051a39Sopenharmony_ci && !ossl_cmp_asn1_octet_string_set1(&hdr->recipNonce, 334e1051a39Sopenharmony_ci ctx->recipNonce)) 335e1051a39Sopenharmony_ci return 0; 336e1051a39Sopenharmony_ci 337e1051a39Sopenharmony_ci if (!ossl_cmp_hdr_set_transactionID(ctx, hdr)) 338e1051a39Sopenharmony_ci return 0; 339e1051a39Sopenharmony_ci 340e1051a39Sopenharmony_ci /*- 341e1051a39Sopenharmony_ci * set random senderNonce 342e1051a39Sopenharmony_ci * according to section 5.1.1: 343e1051a39Sopenharmony_ci * 344e1051a39Sopenharmony_ci * senderNonce present 345e1051a39Sopenharmony_ci * -- 128 (pseudo-)random bits 346e1051a39Sopenharmony_ci * The senderNonce and recipNonce fields protect the PKIMessage against 347e1051a39Sopenharmony_ci * replay attacks. The senderNonce will typically be 128 bits of 348e1051a39Sopenharmony_ci * (pseudo-) random data generated by the sender, whereas the recipNonce 349e1051a39Sopenharmony_ci * is copied from the senderNonce of the previous message in the 350e1051a39Sopenharmony_ci * transaction. 351e1051a39Sopenharmony_ci */ 352e1051a39Sopenharmony_ci if (!set_random(&hdr->senderNonce, ctx, OSSL_CMP_SENDERNONCE_LENGTH)) 353e1051a39Sopenharmony_ci return 0; 354e1051a39Sopenharmony_ci 355e1051a39Sopenharmony_ci /* store senderNonce - for cmp with recipNonce in next outgoing msg */ 356e1051a39Sopenharmony_ci if (!OSSL_CMP_CTX_set1_senderNonce(ctx, hdr->senderNonce)) 357e1051a39Sopenharmony_ci return 0; 358e1051a39Sopenharmony_ci 359e1051a39Sopenharmony_ci /*- 360e1051a39Sopenharmony_ci * freeText [7] PKIFreeText OPTIONAL, 361e1051a39Sopenharmony_ci * -- this may be used to indicate context-specific instructions 362e1051a39Sopenharmony_ci * -- (this field is intended for human consumption) 363e1051a39Sopenharmony_ci */ 364e1051a39Sopenharmony_ci if (ctx->freeText != NULL 365e1051a39Sopenharmony_ci && !ossl_cmp_hdr_push1_freeText(hdr, ctx->freeText)) 366e1051a39Sopenharmony_ci return 0; 367e1051a39Sopenharmony_ci 368e1051a39Sopenharmony_ci return 1; 369e1051a39Sopenharmony_ci} 370