1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * Copyright Nokia 2007-2019 4e1051a39Sopenharmony_ci * Copyright Siemens AG 2015-2019 5e1051a39Sopenharmony_ci * 6e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 7e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 8e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 9e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 10e1051a39Sopenharmony_ci */ 11e1051a39Sopenharmony_ci 12e1051a39Sopenharmony_ci#include "cmp_local.h" 13e1051a39Sopenharmony_ci 14e1051a39Sopenharmony_ci/* explicit #includes not strictly needed since implied by the above: */ 15e1051a39Sopenharmony_ci#include <openssl/asn1t.h> 16e1051a39Sopenharmony_ci#include <openssl/cmp.h> 17e1051a39Sopenharmony_ci#include <openssl/crmf.h> 18e1051a39Sopenharmony_ci#include <openssl/err.h> 19e1051a39Sopenharmony_ci#include <openssl/x509.h> 20e1051a39Sopenharmony_ci 21e1051a39Sopenharmony_ci/* 22e1051a39Sopenharmony_ci * This function is also used by the internal verify_PBMAC() in cmp_vfy.c. 23e1051a39Sopenharmony_ci * 24e1051a39Sopenharmony_ci * Calculate protection for given PKImessage according to 25e1051a39Sopenharmony_ci * the algorithm and parameters in the message header's protectionAlg 26e1051a39Sopenharmony_ci * using the credentials, library context, and property criteria in the ctx. 27e1051a39Sopenharmony_ci * 28e1051a39Sopenharmony_ci * returns ASN1_BIT_STRING representing the protection on success, else NULL 29e1051a39Sopenharmony_ci */ 30e1051a39Sopenharmony_ciASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx, 31e1051a39Sopenharmony_ci const OSSL_CMP_MSG *msg) 32e1051a39Sopenharmony_ci{ 33e1051a39Sopenharmony_ci ASN1_BIT_STRING *prot = NULL; 34e1051a39Sopenharmony_ci OSSL_CMP_PROTECTEDPART prot_part; 35e1051a39Sopenharmony_ci const ASN1_OBJECT *algorOID = NULL; 36e1051a39Sopenharmony_ci const void *ppval = NULL; 37e1051a39Sopenharmony_ci int pptype = 0; 38e1051a39Sopenharmony_ci 39e1051a39Sopenharmony_ci if (!ossl_assert(ctx != NULL && msg != NULL)) 40e1051a39Sopenharmony_ci return NULL; 41e1051a39Sopenharmony_ci 42e1051a39Sopenharmony_ci /* construct data to be signed */ 43e1051a39Sopenharmony_ci prot_part.header = msg->header; 44e1051a39Sopenharmony_ci prot_part.body = msg->body; 45e1051a39Sopenharmony_ci 46e1051a39Sopenharmony_ci if (msg->header->protectionAlg == NULL) { 47e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_UNKNOWN_ALGORITHM_ID); 48e1051a39Sopenharmony_ci return NULL; 49e1051a39Sopenharmony_ci } 50e1051a39Sopenharmony_ci X509_ALGOR_get0(&algorOID, &pptype, &ppval, msg->header->protectionAlg); 51e1051a39Sopenharmony_ci 52e1051a39Sopenharmony_ci if (OBJ_obj2nid(algorOID) == NID_id_PasswordBasedMAC) { 53e1051a39Sopenharmony_ci int len; 54e1051a39Sopenharmony_ci size_t prot_part_der_len; 55e1051a39Sopenharmony_ci unsigned char *prot_part_der = NULL; 56e1051a39Sopenharmony_ci size_t sig_len; 57e1051a39Sopenharmony_ci unsigned char *protection = NULL; 58e1051a39Sopenharmony_ci OSSL_CRMF_PBMPARAMETER *pbm = NULL; 59e1051a39Sopenharmony_ci ASN1_STRING *pbm_str = NULL; 60e1051a39Sopenharmony_ci const unsigned char *pbm_str_uc = NULL; 61e1051a39Sopenharmony_ci 62e1051a39Sopenharmony_ci if (ctx->secretValue == NULL) { 63e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_PBM_SECRET); 64e1051a39Sopenharmony_ci return NULL; 65e1051a39Sopenharmony_ci } 66e1051a39Sopenharmony_ci if (ppval == NULL) { 67e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_CALCULATING_PROTECTION); 68e1051a39Sopenharmony_ci return NULL; 69e1051a39Sopenharmony_ci } 70e1051a39Sopenharmony_ci 71e1051a39Sopenharmony_ci len = i2d_OSSL_CMP_PROTECTEDPART(&prot_part, &prot_part_der); 72e1051a39Sopenharmony_ci if (len < 0 || prot_part_der == NULL) { 73e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_CALCULATING_PROTECTION); 74e1051a39Sopenharmony_ci goto end; 75e1051a39Sopenharmony_ci } 76e1051a39Sopenharmony_ci prot_part_der_len = (size_t)len; 77e1051a39Sopenharmony_ci 78e1051a39Sopenharmony_ci pbm_str = (ASN1_STRING *)ppval; 79e1051a39Sopenharmony_ci pbm_str_uc = pbm_str->data; 80e1051a39Sopenharmony_ci pbm = d2i_OSSL_CRMF_PBMPARAMETER(NULL, &pbm_str_uc, pbm_str->length); 81e1051a39Sopenharmony_ci if (pbm == NULL) { 82e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_ALGORITHM_OID); 83e1051a39Sopenharmony_ci goto end; 84e1051a39Sopenharmony_ci } 85e1051a39Sopenharmony_ci 86e1051a39Sopenharmony_ci if (!OSSL_CRMF_pbm_new(ctx->libctx, ctx->propq, 87e1051a39Sopenharmony_ci pbm, prot_part_der, prot_part_der_len, 88e1051a39Sopenharmony_ci ctx->secretValue->data, ctx->secretValue->length, 89e1051a39Sopenharmony_ci &protection, &sig_len)) 90e1051a39Sopenharmony_ci goto end; 91e1051a39Sopenharmony_ci 92e1051a39Sopenharmony_ci if ((prot = ASN1_BIT_STRING_new()) == NULL) 93e1051a39Sopenharmony_ci goto end; 94e1051a39Sopenharmony_ci /* OpenSSL defaults all bit strings to be encoded as ASN.1 NamedBitList */ 95e1051a39Sopenharmony_ci prot->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); 96e1051a39Sopenharmony_ci prot->flags |= ASN1_STRING_FLAG_BITS_LEFT; 97e1051a39Sopenharmony_ci if (!ASN1_BIT_STRING_set(prot, protection, sig_len)) { 98e1051a39Sopenharmony_ci ASN1_BIT_STRING_free(prot); 99e1051a39Sopenharmony_ci prot = NULL; 100e1051a39Sopenharmony_ci } 101e1051a39Sopenharmony_ci end: 102e1051a39Sopenharmony_ci OSSL_CRMF_PBMPARAMETER_free(pbm); 103e1051a39Sopenharmony_ci OPENSSL_free(protection); 104e1051a39Sopenharmony_ci OPENSSL_free(prot_part_der); 105e1051a39Sopenharmony_ci return prot; 106e1051a39Sopenharmony_ci } else { 107e1051a39Sopenharmony_ci int md_nid; 108e1051a39Sopenharmony_ci const EVP_MD *md = NULL; 109e1051a39Sopenharmony_ci 110e1051a39Sopenharmony_ci if (ctx->pkey == NULL) { 111e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, 112e1051a39Sopenharmony_ci CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION); 113e1051a39Sopenharmony_ci return NULL; 114e1051a39Sopenharmony_ci } 115e1051a39Sopenharmony_ci if (!OBJ_find_sigid_algs(OBJ_obj2nid(algorOID), &md_nid, NULL) 116e1051a39Sopenharmony_ci || (md = EVP_get_digestbynid(md_nid)) == NULL) { 117e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_UNKNOWN_ALGORITHM_ID); 118e1051a39Sopenharmony_ci return NULL; 119e1051a39Sopenharmony_ci } 120e1051a39Sopenharmony_ci 121e1051a39Sopenharmony_ci if ((prot = ASN1_BIT_STRING_new()) == NULL) 122e1051a39Sopenharmony_ci return NULL; 123e1051a39Sopenharmony_ci if (ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART), NULL, 124e1051a39Sopenharmony_ci NULL, prot, &prot_part, NULL, ctx->pkey, md, 125e1051a39Sopenharmony_ci ctx->libctx, ctx->propq)) 126e1051a39Sopenharmony_ci return prot; 127e1051a39Sopenharmony_ci ASN1_BIT_STRING_free(prot); 128e1051a39Sopenharmony_ci return NULL; 129e1051a39Sopenharmony_ci } 130e1051a39Sopenharmony_ci} 131e1051a39Sopenharmony_ci 132e1051a39Sopenharmony_ci/* ctx is not const just because ctx->chain may get adapted */ 133e1051a39Sopenharmony_ciint ossl_cmp_msg_add_extraCerts(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg) 134e1051a39Sopenharmony_ci{ 135e1051a39Sopenharmony_ci if (!ossl_assert(ctx != NULL && msg != NULL)) 136e1051a39Sopenharmony_ci return 0; 137e1051a39Sopenharmony_ci 138e1051a39Sopenharmony_ci /* Add first ctx->cert and its chain if using signature-based protection */ 139e1051a39Sopenharmony_ci if (!ctx->unprotectedSend && ctx->secretValue == NULL 140e1051a39Sopenharmony_ci && ctx->cert != NULL && ctx->pkey != NULL) { 141e1051a39Sopenharmony_ci int prepend = X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP 142e1051a39Sopenharmony_ci | X509_ADD_FLAG_PREPEND | X509_ADD_FLAG_NO_SS; 143e1051a39Sopenharmony_ci 144e1051a39Sopenharmony_ci /* if not yet done try to build chain using available untrusted certs */ 145e1051a39Sopenharmony_ci if (ctx->chain == NULL) { 146e1051a39Sopenharmony_ci ossl_cmp_debug(ctx, 147e1051a39Sopenharmony_ci "trying to build chain for own CMP signer cert"); 148e1051a39Sopenharmony_ci ctx->chain = X509_build_chain(ctx->cert, ctx->untrusted, NULL, 0, 149e1051a39Sopenharmony_ci ctx->libctx, ctx->propq); 150e1051a39Sopenharmony_ci if (ctx->chain != NULL) { 151e1051a39Sopenharmony_ci ossl_cmp_debug(ctx, 152e1051a39Sopenharmony_ci "success building chain for own CMP signer cert"); 153e1051a39Sopenharmony_ci } else { 154e1051a39Sopenharmony_ci /* dump errors to avoid confusion when printing further ones */ 155e1051a39Sopenharmony_ci OSSL_CMP_CTX_print_errors(ctx); 156e1051a39Sopenharmony_ci ossl_cmp_warn(ctx, 157e1051a39Sopenharmony_ci "could not build chain for own CMP signer cert"); 158e1051a39Sopenharmony_ci } 159e1051a39Sopenharmony_ci } 160e1051a39Sopenharmony_ci if (ctx->chain != NULL) { 161e1051a39Sopenharmony_ci if (!ossl_x509_add_certs_new(&msg->extraCerts, ctx->chain, prepend)) 162e1051a39Sopenharmony_ci return 0; 163e1051a39Sopenharmony_ci } else { 164e1051a39Sopenharmony_ci /* make sure that at least our own signer cert is included first */ 165e1051a39Sopenharmony_ci if (!ossl_x509_add_cert_new(&msg->extraCerts, ctx->cert, prepend)) 166e1051a39Sopenharmony_ci return 0; 167e1051a39Sopenharmony_ci ossl_cmp_debug(ctx, "fallback: adding just own CMP signer cert"); 168e1051a39Sopenharmony_ci } 169e1051a39Sopenharmony_ci } 170e1051a39Sopenharmony_ci 171e1051a39Sopenharmony_ci /* add any additional certificates from ctx->extraCertsOut */ 172e1051a39Sopenharmony_ci if (!ossl_x509_add_certs_new(&msg->extraCerts, ctx->extraCertsOut, 173e1051a39Sopenharmony_ci X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP)) 174e1051a39Sopenharmony_ci return 0; 175e1051a39Sopenharmony_ci 176e1051a39Sopenharmony_ci /* in case extraCerts are empty list avoid empty ASN.1 sequence */ 177e1051a39Sopenharmony_ci if (sk_X509_num(msg->extraCerts) == 0) { 178e1051a39Sopenharmony_ci sk_X509_free(msg->extraCerts); 179e1051a39Sopenharmony_ci msg->extraCerts = NULL; 180e1051a39Sopenharmony_ci } 181e1051a39Sopenharmony_ci return 1; 182e1051a39Sopenharmony_ci} 183e1051a39Sopenharmony_ci 184e1051a39Sopenharmony_ci/* 185e1051a39Sopenharmony_ci * Create an X509_ALGOR structure for PasswordBasedMAC protection based on 186e1051a39Sopenharmony_ci * the pbm settings in the context 187e1051a39Sopenharmony_ci */ 188e1051a39Sopenharmony_cistatic int set_pbmac_algor(const OSSL_CMP_CTX *ctx, X509_ALGOR **alg) 189e1051a39Sopenharmony_ci{ 190e1051a39Sopenharmony_ci OSSL_CRMF_PBMPARAMETER *pbm = NULL; 191e1051a39Sopenharmony_ci unsigned char *pbm_der = NULL; 192e1051a39Sopenharmony_ci int pbm_der_len; 193e1051a39Sopenharmony_ci ASN1_STRING *pbm_str = NULL; 194e1051a39Sopenharmony_ci 195e1051a39Sopenharmony_ci if (!ossl_assert(ctx != NULL)) 196e1051a39Sopenharmony_ci return 0; 197e1051a39Sopenharmony_ci 198e1051a39Sopenharmony_ci pbm = OSSL_CRMF_pbmp_new(ctx->libctx, ctx->pbm_slen, 199e1051a39Sopenharmony_ci EVP_MD_get_type(ctx->pbm_owf), ctx->pbm_itercnt, 200e1051a39Sopenharmony_ci ctx->pbm_mac); 201e1051a39Sopenharmony_ci pbm_str = ASN1_STRING_new(); 202e1051a39Sopenharmony_ci if (pbm == NULL || pbm_str == NULL) 203e1051a39Sopenharmony_ci goto err; 204e1051a39Sopenharmony_ci 205e1051a39Sopenharmony_ci if ((pbm_der_len = i2d_OSSL_CRMF_PBMPARAMETER(pbm, &pbm_der)) < 0) 206e1051a39Sopenharmony_ci goto err; 207e1051a39Sopenharmony_ci 208e1051a39Sopenharmony_ci if (!ASN1_STRING_set(pbm_str, pbm_der, pbm_der_len)) 209e1051a39Sopenharmony_ci goto err; 210e1051a39Sopenharmony_ci if (*alg == NULL && (*alg = X509_ALGOR_new()) == NULL) 211e1051a39Sopenharmony_ci goto err; 212e1051a39Sopenharmony_ci OPENSSL_free(pbm_der); 213e1051a39Sopenharmony_ci 214e1051a39Sopenharmony_ci X509_ALGOR_set0(*alg, OBJ_nid2obj(NID_id_PasswordBasedMAC), 215e1051a39Sopenharmony_ci V_ASN1_SEQUENCE, pbm_str); 216e1051a39Sopenharmony_ci OSSL_CRMF_PBMPARAMETER_free(pbm); 217e1051a39Sopenharmony_ci return 1; 218e1051a39Sopenharmony_ci 219e1051a39Sopenharmony_ci err: 220e1051a39Sopenharmony_ci ASN1_STRING_free(pbm_str); 221e1051a39Sopenharmony_ci OPENSSL_free(pbm_der); 222e1051a39Sopenharmony_ci OSSL_CRMF_PBMPARAMETER_free(pbm); 223e1051a39Sopenharmony_ci return 0; 224e1051a39Sopenharmony_ci} 225e1051a39Sopenharmony_ci 226e1051a39Sopenharmony_cistatic int set_sig_algor(const OSSL_CMP_CTX *ctx, X509_ALGOR **alg) 227e1051a39Sopenharmony_ci{ 228e1051a39Sopenharmony_ci int nid = 0; 229e1051a39Sopenharmony_ci ASN1_OBJECT *algo = NULL; 230e1051a39Sopenharmony_ci 231e1051a39Sopenharmony_ci if (!OBJ_find_sigid_by_algs(&nid, EVP_MD_get_type(ctx->digest), 232e1051a39Sopenharmony_ci EVP_PKEY_get_id(ctx->pkey))) { 233e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_UNSUPPORTED_KEY_TYPE); 234e1051a39Sopenharmony_ci return 0; 235e1051a39Sopenharmony_ci } 236e1051a39Sopenharmony_ci if ((algo = OBJ_nid2obj(nid)) == NULL) 237e1051a39Sopenharmony_ci return 0; 238e1051a39Sopenharmony_ci if (*alg == NULL && (*alg = X509_ALGOR_new()) == NULL) 239e1051a39Sopenharmony_ci return 0; 240e1051a39Sopenharmony_ci 241e1051a39Sopenharmony_ci if (X509_ALGOR_set0(*alg, algo, V_ASN1_UNDEF, NULL)) 242e1051a39Sopenharmony_ci return 1; 243e1051a39Sopenharmony_ci ASN1_OBJECT_free(algo); 244e1051a39Sopenharmony_ci return 0; 245e1051a39Sopenharmony_ci} 246e1051a39Sopenharmony_ci 247e1051a39Sopenharmony_cistatic int set_senderKID(const OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg, 248e1051a39Sopenharmony_ci const ASN1_OCTET_STRING *id) 249e1051a39Sopenharmony_ci{ 250e1051a39Sopenharmony_ci if (id == NULL) 251e1051a39Sopenharmony_ci id = ctx->referenceValue; /* standard for PBM, fallback for sig-based */ 252e1051a39Sopenharmony_ci return id == NULL || ossl_cmp_hdr_set1_senderKID(msg->header, id); 253e1051a39Sopenharmony_ci} 254e1051a39Sopenharmony_ci 255e1051a39Sopenharmony_ci/* ctx is not const just because ctx->chain may get adapted */ 256e1051a39Sopenharmony_ciint ossl_cmp_msg_protect(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg) 257e1051a39Sopenharmony_ci{ 258e1051a39Sopenharmony_ci if (!ossl_assert(ctx != NULL && msg != NULL)) 259e1051a39Sopenharmony_ci return 0; 260e1051a39Sopenharmony_ci 261e1051a39Sopenharmony_ci /* 262e1051a39Sopenharmony_ci * For the case of re-protection remove pre-existing protection. 263e1051a39Sopenharmony_ci */ 264e1051a39Sopenharmony_ci X509_ALGOR_free(msg->header->protectionAlg); 265e1051a39Sopenharmony_ci msg->header->protectionAlg = NULL; 266e1051a39Sopenharmony_ci ASN1_BIT_STRING_free(msg->protection); 267e1051a39Sopenharmony_ci msg->protection = NULL; 268e1051a39Sopenharmony_ci 269e1051a39Sopenharmony_ci if (ctx->unprotectedSend) { 270e1051a39Sopenharmony_ci if (!set_senderKID(ctx, msg, NULL)) 271e1051a39Sopenharmony_ci goto err; 272e1051a39Sopenharmony_ci } else if (ctx->secretValue != NULL) { 273e1051a39Sopenharmony_ci /* use PasswordBasedMac according to 5.1.3.1 if secretValue is given */ 274e1051a39Sopenharmony_ci if (!set_pbmac_algor(ctx, &msg->header->protectionAlg)) 275e1051a39Sopenharmony_ci goto err; 276e1051a39Sopenharmony_ci if (!set_senderKID(ctx, msg, NULL)) 277e1051a39Sopenharmony_ci goto err; 278e1051a39Sopenharmony_ci 279e1051a39Sopenharmony_ci /* 280e1051a39Sopenharmony_ci * will add any additional certificates from ctx->extraCertsOut 281e1051a39Sopenharmony_ci * while not needed to validate the protection certificate, 282e1051a39Sopenharmony_ci * the option to do this might be handy for certain use cases 283e1051a39Sopenharmony_ci */ 284e1051a39Sopenharmony_ci } else if (ctx->cert != NULL && ctx->pkey != NULL) { 285e1051a39Sopenharmony_ci /* use MSG_SIG_ALG according to 5.1.3.3 if client cert and key given */ 286e1051a39Sopenharmony_ci 287e1051a39Sopenharmony_ci /* make sure that key and certificate match */ 288e1051a39Sopenharmony_ci if (!X509_check_private_key(ctx->cert, ctx->pkey)) { 289e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_CERT_AND_KEY_DO_NOT_MATCH); 290e1051a39Sopenharmony_ci goto err; 291e1051a39Sopenharmony_ci } 292e1051a39Sopenharmony_ci 293e1051a39Sopenharmony_ci if (!set_sig_algor(ctx, &msg->header->protectionAlg)) 294e1051a39Sopenharmony_ci goto err; 295e1051a39Sopenharmony_ci /* set senderKID to keyIdentifier of the cert according to 5.1.1 */ 296e1051a39Sopenharmony_ci if (!set_senderKID(ctx, msg, X509_get0_subject_key_id(ctx->cert))) 297e1051a39Sopenharmony_ci goto err; 298e1051a39Sopenharmony_ci 299e1051a39Sopenharmony_ci /* 300e1051a39Sopenharmony_ci * will add ctx->cert followed, if possible, by its chain built 301e1051a39Sopenharmony_ci * from ctx->untrusted, and then ctx->extraCertsOut 302e1051a39Sopenharmony_ci */ 303e1051a39Sopenharmony_ci } else { 304e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, 305e1051a39Sopenharmony_ci CMP_R_MISSING_KEY_INPUT_FOR_CREATING_PROTECTION); 306e1051a39Sopenharmony_ci goto err; 307e1051a39Sopenharmony_ci } 308e1051a39Sopenharmony_ci if (!ctx->unprotectedSend 309e1051a39Sopenharmony_ci && ((msg->protection = ossl_cmp_calc_protection(ctx, msg)) == NULL)) 310e1051a39Sopenharmony_ci goto err; 311e1051a39Sopenharmony_ci 312e1051a39Sopenharmony_ci /* 313e1051a39Sopenharmony_ci * For signature-based protection add ctx->cert followed by its chain. 314e1051a39Sopenharmony_ci * Finally add any additional certificates from ctx->extraCertsOut; 315e1051a39Sopenharmony_ci * even if not needed to validate the protection 316e1051a39Sopenharmony_ci * the option to do this might be handy for certain use cases. 317e1051a39Sopenharmony_ci */ 318e1051a39Sopenharmony_ci if (!ossl_cmp_msg_add_extraCerts(ctx, msg)) 319e1051a39Sopenharmony_ci goto err; 320e1051a39Sopenharmony_ci 321e1051a39Sopenharmony_ci /* 322e1051a39Sopenharmony_ci * As required by RFC 4210 section 5.1.1., if the sender name is not known 323e1051a39Sopenharmony_ci * to the client it set to NULL-DN. In this case for identification at least 324e1051a39Sopenharmony_ci * the senderKID must be set, where we took the referenceValue as fallback. 325e1051a39Sopenharmony_ci */ 326e1051a39Sopenharmony_ci if (!(ossl_cmp_general_name_is_NULL_DN(msg->header->sender) 327e1051a39Sopenharmony_ci && msg->header->senderKID == NULL)) 328e1051a39Sopenharmony_ci return 1; 329e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_SENDER_IDENTIFICATION); 330e1051a39Sopenharmony_ci 331e1051a39Sopenharmony_ci err: 332e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROTECTING_MESSAGE); 333e1051a39Sopenharmony_ci return 0; 334e1051a39Sopenharmony_ci} 335