doc/acme__client__challenge_8c_source.html

/**

 * @file acme_client_challenge.c

 * @brief Challenge object management

 *

 * @section License

 *

 * SPDX-License-Identifier: GPL-2.0-or-later

 *

 * Copyright (C) 2019-2024 Oryx Embedded SARL. All rights reserved.

 *

 * This file is part of CycloneACME Open.

 *

 * This program is free software; you can redistribute it and/or

 * modify it under the terms of the GNU General Public License

 * as published by the Free Software Foundation; either version 2

 * of the License, or (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program; if not, write to the Free Software Foundation,

 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

 *

 * @author Oryx Embedded SARL (www.oryx-embedded.com)

 * @version 2.4.4

 **/


//Switch to the appropriate trace level

#define TRACE_LEVEL ACME_TRACE_LEVEL


//Dependencies

#include "acme/acme_client.h"

#include "acme/acme_client_challenge.h"

#include "acme/acme_client_jose.h"

#include "acme/acme_client_misc.h"

#include "pkix/pem_export.h"

#include "pkix/x509_cert_create.h"

#include "encoding/base64url.h"

#include "encoding/asn1.h"

#include "jansson.h"

#include "debug.h"


//Check TCP/IP stack configuration

#if (ACME_CLIENT_SUPPORT == ENABLED)


//id-pe-acmeIdentifier OID (1.3.6.1.5.5.7.1.31)

const uint8_t ACME_IDENTIFIER_OID[8] = {0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x1F};


/**

 * @brief Send HTTP request (challenge URL)

 * @param[in] context Pointer to the ACME client context

 * @param[in] challenge Pointer to the challenge object

 * @return Error code

 **/


error_t acmeClientSendChallengeReadyRequest(AcmeClientContext *context,

   AcmeChallenge *challenge)

{

   error_t error;


   //Initialize variables

   error = NO_ERROR;


   //Perform HTTP request

   while(!error)

   {

      //Check HTTP request state

      if(context->requestState == ACME_REQ_STATE_INIT)

      {

         //Debug message

         TRACE_DEBUG("\r\n");

         TRACE_DEBUG("###############################################################################\r\n");

         TRACE_DEBUG("## CHALLENGE READY ############################################################\r\n");

         TRACE_DEBUG("###############################################################################\r\n");

         TRACE_DEBUG("\r\n");


         //Update HTTP request state

         context->requestState = ACME_REQ_STATE_FORMAT_BODY;

      }

      else if(context->requestState == ACME_REQ_STATE_FORMAT_BODY)

      {

         //Format the body of the HTTP request

         error = acmeClientFormatChallengeReadyRequest(context, challenge);


         //Check status code

         if(!error)

         {

            //Update HTTP request state

            context->requestState = ACME_REQ_STATE_FORMAT_HEADER;

         }

      }

      else if(context->requestState == ACME_REQ_STATE_FORMAT_HEADER)

      {

         //The client indicates to the server that it is ready for the challenge

         //validation by sending an empty JSON body carried in a POST request to

         //the challenge URL (refer to RFC 8555, section 7.5.1)

         error = acmeClientFormatRequestHeader(context, "POST", challenge->url);


         //Check status code

         if(!error)

         {

            //Update HTTP request state

            context->requestState = ACME_REQ_STATE_SEND_HEADER;

         }

      }

      else if(context->requestState == ACME_REQ_STATE_SEND_HEADER ||

         context->requestState == ACME_REQ_STATE_SEND_BODY ||

         context->requestState == ACME_REQ_STATE_RECEIVE_HEADER ||

         context->requestState == ACME_REQ_STATE_PARSE_HEADER ||

         context->requestState == ACME_REQ_STATE_RECEIVE_BODY ||

         context->requestState == ACME_REQ_STATE_CLOSE_BODY)

      {

         //Perform HTTP request/response transaction

         error = acmeClientSendRequest(context);

      }

      else if(context->requestState == ACME_REQ_STATE_PARSE_BODY)

      {

         //Parse the body of the HTTP response

         error = acmeClientParseChallengeReadyResponse(context);


         //The HTTP transaction is complete

         context->requestState = ACME_REQ_STATE_INIT;

         break;

      }

      else

      {

         //Invalid state

         error = ERROR_WRONG_STATE;

      }

   }


   //Return status code

   return error;

}


/**

 * @brief Format HTTP request body (challenge URL)

 * @param[in] context Pointer to the ACME client context

 * @param[in] challenge Pointer to the challenge object

 * @return Error code

 **/


error_t acmeClientFormatChallengeReadyRequest(AcmeClientContext *context,

   AcmeChallenge *challenge)

{

   error_t error;

   size_t n;

   char_t *protected;

   const char_t *payload;


   //The client must send an empty JSON body (refer to RFC 8555, section 7.5.1)

   payload = "{}";


   //Point to the buffer where to format the JWS protected header

   protected = context->buffer;


   //Format JWS protected header

   error = acmeClientFormatJwsProtectedHeader(&context->accountKey,

      context->account.url, context->nonce, challenge->url,

      protected, &n);


   //Check status code

   if(!error)

   {

      //Generate the JSON Web Signature

      error = jwsCreate(context->prngAlgo, context->prngContext, protected,

         payload, context->accountKey.alg, context->accountKey.crv,

         context->accountKey.privateKey, context->buffer, &context->bufferLen);

   }


   //Return status code

   return error;

}


/**

 * @brief Parse HTTP response (challenge URL)

 * @param[in] context Pointer to the ACME client context

 * @return Error code

 **/


error_t acmeClientParseChallengeReadyResponse(AcmeClientContext *context)

{

   //Check HTTP status code

   if(!HTTP_STATUS_CODE_2YZ(context->statusCode))

      return ERROR_UNEXPECTED_STATUS;


   //The server must include a Replay-Nonce header field in every successful

   //response to a POST request (refer to RFC 8555, section 6.5)

   if(context->nonce[0] == '\0')

      return ERROR_INVALID_RESPONSE;


   //The response to a HEAD request does not contain a body

   return NO_ERROR;

}


/**

 * @brief Parse challenge status field

 * @param[in] label Textual representation of the status

 * @return Authorization status code

 **/


AcmeChallengeStatus acmeClientParseChallengeStatus(const char_t *label)

{

   AcmeChallengeStatus status;


   //Check the status of the challenge (refer to RFC 8555, section 7.1.6)

   if(osStrcmp(label, "pending") == 0)

   {

      //Challenge objects are created in the "pending" state

      status = ACME_CHALLENGE_STATUS_PENDING;

   }

   else if(osStrcmp(label, "processing") == 0)

   {

      //They transition to the "processing" state when the client responds to

      //the challenge

      status = ACME_CHALLENGE_STATUS_PROCESSING;

   }

   else if(osStrcmp(label, "valid") == 0)

   {

      //If validation is successful, the challenge moves to the "valid" state

      status = ACME_CHALLENGE_STATUS_VALID;

   }

   else if(osStrcmp(label, "invalid") == 0)

   {

      //If there is an error, the challenge moves to the "invalid" state

      status = ACME_CHALLENGE_STATUS_INVALID;

   }

   else

   {

      //Unknown status

      status = ACME_CHALLENGE_STATUS_INVALID;

   }


   //Return current status

   return status;

}


/**

 * @brief Parse challenge type field

 * @param[in] label Textual representation of the challenge type

 * @return Challenge type

 **/


AcmeChallengeType acmeClientParseChallengeType(const char_t *label)

{

   AcmeChallengeType type;


   //Check challenge type

   if(osStrcmp(label, "http-01") == 0)

   {

      //HTTP challenge

      type = ACME_CHALLENGE_TYPE_HTTP_01;

   }

   else if(osStrcmp(label, "dns-01") == 0)

   {

      //DNS challenge

      type = ACME_CHALLENGE_TYPE_DNS_01;

   }

   else if(osStrcmp(label, "tls-alpn-01") == 0)

   {

      //TLS ALPN challenge

      type = ACME_CHALLENGE_TYPE_TLS_ALPN_01;

   }

   else

   {

      //Unknown challenge

      type = ACME_CHALLENGE_TYPE_NONE;

   }


   //Return challenge type

   return type;

}


/**

 * @brief Retrieve the challenge type used for a given domain name

 * @param[in] context Pointer to the ACME client context

 * @param[in] identifier NULL-terminated string that contains a domain name

 * @param[in] wildcard Wildcard domain name

 * @return Challenge type

 **/


AcmeChallengeType acmeClientGetChallengeType(AcmeClientContext *context,

   const char_t *identifier, bool_t wildcard)

{

   uint_t i;

   AcmeChallengeType type;


   //Initialize challenge type

   type = ACME_CHALLENGE_TYPE_NONE;


   //Loop through the list of identifiers

   for(i = 0; i < context->numIdentifiers; i++)

   {

      //Any identifier of type "dns" may have a wildcard domain name

      //as its value

      if(wildcard)

      {

         //A wildcard domain name consists of a single asterisk character

         //followed by a single full stop character ("*.") followed by a

         //domain name

         if(osStrncmp(context->identifiers[i].value, "*.", 2) == 0 &&

            osStrcmp(context->identifiers[i].value + 2, identifier) == 0)

         {

            type = context->identifiers[i].challengeType;

            break;

         }

      }

      else

      {

         //Compare identifier values

         if(osStrcmp(context->identifiers[i].value, identifier) == 0)

         {

            type = context->identifiers[i].challengeType;

            break;

         }

      }

   }


   //Return challenge type

   return type;

}


/**

 * @brief Generate key authorization

 * @param[in] context Pointer to the ACME client context

 * @param[in] challenge Pointer to the challenge object

 * @return Error code

 **/


error_t acmeClientGenerateKeyAuthorization(AcmeClientContext *context,

   AcmeChallenge *challenge)

{

   error_t error;

   size_t n;

   char_t *p;

   uint8_t digest[SHA256_DIGEST_SIZE];


   //Point to the buffer where to format the key authorization

   p = challenge->keyAuth;


   //A key authorization is a string that concatenates the token for the

   //challenge with a key fingerprint, separated by a "." character

   osStrcpy(p, challenge->token);

   osStrcat(p, ".");


   //Point to the buffer where to format the JWK thumbprint

   p += osStrlen(challenge->token) + 1;


   //Construct a JSON object containing only the required members of a JWK

   //representing the key and with no whitespace or line breaks before or

   //after any syntactic elements and with the required members ordered

   //lexicographically (refer to RFC 7638, section 3)

   error = acmeClientFormatJwk(&context->accountKey, context->buffer, &n, TRUE);


   //Check status code

   if(!error)

   {

      //Hash the octets of the UTF-8 representation of this JSON object using

      //SHA-256 (refer to RFC 8555, section 8.1)

      error = sha256Compute(context->buffer, n, digest);

   }


   //Check status code

   if(!error)

   {

      //Encode the resulting JWK thumbprint using Base64url

      base64urlEncode(digest, sizeof(digest), p, &n);

   }


   //Return status code

   return error;

}


/**

 * @brief Digest the key authorization (for DNS challenge only)

 * @param[in] context Pointer to the ACME client context

 * @param[in] challenge Pointer to the challenge object

 * @return Error code

 **/


error_t acmeClientDigestKeyAuthorization(AcmeClientContext *context,

   AcmeChallenge *challenge)

{

#if (ACME_CLIENT_DNS_CHALLENGE_SUPPORT == ENABLED)

   error_t error;


   //The client computes the SHA-256 digest of the key authorization

   error = sha256Compute(challenge->keyAuth, osStrlen(challenge->keyAuth),

      (uint8_t *) context->buffer);


   //Check status code

   if(!error)

   {

      //Encode the digest using Base64url

      base64urlEncode(context->buffer, SHA256_DIGEST_SIZE, challenge->keyAuth,

         NULL);

   }


   //Return status code

   return error;

#else

   //DNS challenge is not implemented

   return ERROR_NOT_IMPLEMENTED;

#endif

}


/**

 * @brief Generate a self-signed certificate (TLS-ALPN challenge only)

 * @param[in] context Pointer to the ACME client context

 * @param[in] challenge Pointer to the challenge object

 * @return Error code

 **/


error_t acmeClientGenerateTlsAlpnCert(AcmeClientContext *context,

   AcmeChallenge *challenge)

{

#if (ACME_CLIENT_TLS_ALPN_CHALLENGE_SUPPORT == ENABLED)

   error_t error;

   size_t n;

   X509CertRequestInfo *certReqInfo;

   X509Extensions *extensions;

   X509Validity validity;

   X509SignAlgoId signatureAlgo;

   uint8_t digest[SHA256_DIGEST_SIZE + 2];


   //Allocate a memory buffer to hold the certificate request information

   certReqInfo = cryptoAllocMem(sizeof(X509CertRequestInfo));


   //Successful memory allocation?

   if(certReqInfo != NULL)

   {

      //Clear certificate request information

      osMemset(certReqInfo, 0, sizeof(X509CertRequestInfo));


      //The client prepares for validation by constructing a self-signed

      //certificate that must contain an acmeIdentifier extension and a

      //subjectAlternativeName extension

      certReqInfo->subject.commonName.value = challenge->identifier;

      certReqInfo->subject.commonName.length = osStrlen(challenge->identifier);


      //Point to the certificate extensions

      extensions = &certReqInfo->attributes.extensionReq;


      //Set the basicConstraints extension

      extensions->basicConstraints.critical = TRUE;

      extensions->basicConstraints.cA = TRUE;

      extensions->basicConstraints.pathLenConstraint = -1;


      //The subjectAlternativeName extension must contain a single DNS name entry

      //where the value is the domain name being validated

      extensions->subjectAltName.numGeneralNames = 1;

      extensions->subjectAltName.generalNames[0].type = X509_GENERAL_NAME_TYPE_DNS;

      extensions->subjectAltName.generalNames[0].value = challenge->identifier;

      extensions->subjectAltName.generalNames[0].length = osStrlen(challenge->identifier);


      //The acmeIdentifier extension must contain the SHA-256 digest of the key

      //authorization for the challenge

      digest[0] = ASN1_TYPE_OCTET_STRING;

      digest[1] = SHA256_DIGEST_SIZE;


      //Compute the SHA-256 digest of the key authorization

      error = sha256Compute(challenge->keyAuth, osStrlen(challenge->keyAuth),

         digest + 2);


      //Check status code

      if(!error)

      {

         //The acmeIdentifier extension must be critical so that the certificate

         //cannot be inadvertently used by non-ACME software

         extensions->numCustomExtensions = 1;

         extensions->customExtensions[0].oid.value = ACME_IDENTIFIER_OID;

         extensions->customExtensions[0].oid.length = sizeof(ACME_IDENTIFIER_OID);

         extensions->customExtensions[0].critical = TRUE;

         extensions->customExtensions[0].data.value = digest;

         extensions->customExtensions[0].data.length = sizeof(digest);


#if (ACME_CLIENT_RSA_SUPPORT == ENABLED)

         //RSA key pair?

         if(context->certKey.type == X509_KEY_TYPE_RSA)

         {

            //Set public key identifier

            certReqInfo->subjectPublicKeyInfo.oid.value = RSA_ENCRYPTION_OID;

            certReqInfo->subjectPublicKeyInfo.oid.length = sizeof(RSA_ENCRYPTION_OID);


            //Select the signature algorithm

            signatureAlgo.oid.value = SHA256_WITH_RSA_ENCRYPTION_OID;

            signatureAlgo.oid.length = sizeof(SHA256_WITH_RSA_ENCRYPTION_OID);

         }

         else

#endif

#if (ACME_CLIENT_ECDSA_SUPPORT == ENABLED)

         //EC key pair?

         if(context->certKey.type == X509_KEY_TYPE_EC)

         {

            X509EcParameters *ecParams;


            //Set public key identifier

            certReqInfo->subjectPublicKeyInfo.oid.value = EC_PUBLIC_KEY_OID;

            certReqInfo->subjectPublicKeyInfo.oid.length = sizeof(EC_PUBLIC_KEY_OID);


            //Point to the EC domain parameters

            ecParams = &certReqInfo->subjectPublicKeyInfo.ecParams;


            //Select the relevant elliptic curve

            if(osStrcmp(context->certKey.ecParams.name, "secp256r1") == 0)

            {

               ecParams->namedCurve.value = SECP256R1_OID;

               ecParams->namedCurve.length = sizeof(SECP256R1_OID);

            }

            else if(osStrcmp(context->certKey.ecParams.name, "secp384r1") == 0)

            {

               ecParams->namedCurve.value = SECP384R1_OID;

               ecParams->namedCurve.length = sizeof(SECP384R1_OID);

            }

            else if(osStrcmp(context->certKey.ecParams.name, "secp521r1") == 0)

            {

               ecParams->namedCurve.value = SECP521R1_OID;

               ecParams->namedCurve.length = sizeof(SECP521R1_OID);

            }

            else

            {

               //Report an error

               error = ERROR_INVALID_KEY;

            }


            //Select the signature algorithm

            signatureAlgo.oid.value = ECDSA_WITH_SHA256_OID;

            signatureAlgo.oid.length = sizeof(ECDSA_WITH_SHA256_OID);

         }

         else

#endif

#if (ACME_CLIENT_ED25519_SUPPORT == ENABLED)

         //Ed25519 key pair?

         if(context->certKey.type == X509_KEY_TYPE_ED25519)

         {

            //Set public key identifier

            certReqInfo->subjectPublicKeyInfo.oid.value = ED25519_OID;

            certReqInfo->subjectPublicKeyInfo.oid.length = sizeof(ED25519_OID);


            //Select the signature algorithm

            signatureAlgo.oid.value = ED25519_OID;

            signatureAlgo.oid.length = sizeof(ED25519_OID);

         }

         else

#endif

#if (ACME_CLIENT_ED448_SUPPORT == ENABLED)

         //Ed448 key pair?

         if(context->certKey.type == X509_KEY_TYPE_ED448)

         {

            //Set public key identifier

            certReqInfo->subjectPublicKeyInfo.oid.value = ED448_OID;

            certReqInfo->subjectPublicKeyInfo.oid.length = sizeof(ED448_OID);


            //Select the signature algorithm

            signatureAlgo.oid.value = ED448_OID;

            signatureAlgo.oid.length = sizeof(ED448_OID);

         }

         else

#endif

         //Invalid key pair?

         {

            //Report an error

            error = ERROR_INVALID_KEY;

         }

      }


      //Check status code

      if(!error)

      {

         //Validity period

         validity.notBefore.year = 2018;

         validity.notBefore.month = 1;

         validity.notBefore.day = 1;

         validity.notBefore.hours = 12;

         validity.notBefore.minutes = 0;

         validity.notBefore.seconds = 0;

         validity.notAfter.year = 2019;

         validity.notAfter.month = 1;

         validity.notAfter.day = 1;

         validity.notAfter.hours = 12;

         validity.notAfter.minutes = 0;

         validity.notAfter.seconds = 0;


         //Create a self-signed certificate

         error = x509CreateCertificate(context->prngAlgo, context->prngContext,

            certReqInfo, context->certKey.publicKey, NULL, NULL,

            &validity, &signatureAlgo, context->certKey.privateKey,

            (uint8_t *) context->buffer, &n);

      }


      //Check status code

      if(!error)

      {

         //Export the certificate to PEM format

         error = pemExportCertificate((uint8_t *) context->buffer, n,

            challenge->cert, &n);

      }


      //Release previously allocated memory

      cryptoFreeMem(certReqInfo);

   }

   else

   {

      //Failed to allocate memory

      error = ERROR_OUT_OF_MEMORY;

   }


   //Return status code

   return error;

#else

   //TLS-ALPN challenge is not implemented

   return ERROR_NOT_IMPLEMENTED;

#endif

}


#endif