/src/openssl34/crypto/cmp/cmp_hdr.c

Source
/*
 * Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved.
 * Copyright Nokia 2007-2019
 * Copyright Siemens AG 2015-2019
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

/* CMP functions for PKIHeader handling */

#include "cmp_local.h"

#include <openssl/rand.h>

/* explicit #includes not strictly needed since implied by the above: */
#include <openssl/asn1t.h>
#include <openssl/cmp.h>
#include <openssl/err.h>

int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno)
{
    if (!ossl_assert(hdr != NULL))
        return 0;
    return ASN1_INTEGER_set(hdr->pvno, pvno);
}

int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr)
{
    int64_t pvno;

    if (!ossl_assert(hdr != NULL))
        return -1;
    if (!ASN1_INTEGER_get_int64(&pvno, hdr->pvno) || pvno < 0 || pvno > INT_MAX)
        return -1;
    return (int)pvno;
}

int ossl_cmp_hdr_get_protection_nid(const OSSL_CMP_PKIHEADER *hdr)
{
    if (!ossl_assert(hdr != NULL)
        || hdr->protectionAlg == NULL)
        return NID_undef;
    return OBJ_obj2nid(hdr->protectionAlg->algorithm);
}

ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_transactionID(const OSSL_CMP_PKIHEADER *hdr)
{
    if (hdr == NULL) {
        ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
        return NULL;
    }
    return hdr->transactionID;
}

ASN1_OCTET_STRING *ossl_cmp_hdr_get0_senderNonce(const OSSL_CMP_PKIHEADER *hdr)
{
    if (!ossl_assert(hdr != NULL))
        return NULL;
    return hdr->senderNonce;
}

ASN1_OCTET_STRING *OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER *hdr)
{
    if (hdr == NULL) {
        ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
        return NULL;
    }
    return hdr->recipNonce;
}

STACK_OF(OSSL_CMP_ITAV)
*OSSL_CMP_HDR_get0_geninfo_ITAVs(const OSSL_CMP_PKIHEADER *hdr)
{
    if (hdr == NULL) {
        ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
        return NULL;
    }
    return hdr->generalInfo;
}

/* a NULL-DN as an empty sequence of RDNs */
int ossl_cmp_general_name_is_NULL_DN(GENERAL_NAME *name)
{
    return name == NULL
        || (name->type == GEN_DIRNAME && IS_NULL_DN(name->d.directoryName));
}

/*
 * Set the sender name in PKIHeader.
 * when nm is NULL, sender is set to an empty string
 * returns 1 on success, 0 on error
 */
int ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm)
{
    if (!ossl_assert(hdr != NULL))
        return 0;
    return GENERAL_NAME_set1_X509_NAME(&hdr->sender, nm);
}

int ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER *hdr, const X509_NAME *nm)
{
    if (!ossl_assert(hdr != NULL))
        return 0;
    return GENERAL_NAME_set1_X509_NAME(&hdr->recipient, nm);
}

int ossl_cmp_hdr_update_messageTime(OSSL_CMP_PKIHEADER *hdr)
{
    if (!ossl_assert(hdr != NULL))
        return 0;
    if (hdr->messageTime == NULL
        && (hdr->messageTime = ASN1_GENERALIZEDTIME_new()) == NULL)
        return 0;
    return ASN1_GENERALIZEDTIME_set(hdr->messageTime, time(NULL)) != NULL;
}

/* assign to *tgt a random byte array of given length */
static int set_random(ASN1_OCTET_STRING **tgt, OSSL_CMP_CTX *ctx, size_t len)
{
    unsigned char *bytes = OPENSSL_malloc(len);
    int res = 0;

    if (bytes == NULL || RAND_bytes_ex(ctx->libctx, bytes, len, 0) <= 0)
        ERR_raise(ERR_LIB_CMP, CMP_R_FAILURE_OBTAINING_RANDOM);
    else
        res = ossl_cmp_asn1_octet_string_set1_bytes(tgt, bytes, len);
    OPENSSL_free(bytes);
    return res;
}

int ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER *hdr,
    const ASN1_OCTET_STRING *senderKID)
{
    if (!ossl_assert(hdr != NULL))
        return 0;
    return ossl_cmp_asn1_octet_string_set1(&hdr->senderKID, senderKID);
}

/* push the given text string to the given PKIFREETEXT ft */
int ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER *hdr, ASN1_UTF8STRING *text)
{
    if (!ossl_assert(hdr != NULL && text != NULL))
        return 0;

    if (hdr->freeText == NULL
        && (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL)
        return 0;

    return sk_ASN1_UTF8STRING_push(hdr->freeText, text);
}

int ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER *hdr, ASN1_UTF8STRING *text)
{
    if (!ossl_assert(hdr != NULL && text != NULL))
        return 0;

    if (hdr->freeText == NULL
        && (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL)
        return 0;

    return ossl_cmp_sk_ASN1_UTF8STRING_push_str(hdr->freeText, (char *)text->data,
        text->length);
}

int ossl_cmp_hdr_generalInfo_push0_item(OSSL_CMP_PKIHEADER *hdr,
    OSSL_CMP_ITAV *itav)
{
    if (!ossl_assert(hdr != NULL && itav != NULL))
        return 0;
    return OSSL_CMP_ITAV_push0_stack_item(&hdr->generalInfo, itav);
}

int ossl_cmp_hdr_generalInfo_push1_items(OSSL_CMP_PKIHEADER *hdr,
    const STACK_OF(OSSL_CMP_ITAV) *itavs)
{
    int i;
    OSSL_CMP_ITAV *itav;

    if (!ossl_assert(hdr != NULL))
        return 0;

    for (i = 0; i < sk_OSSL_CMP_ITAV_num(itavs); i++) {
        itav = OSSL_CMP_ITAV_dup(sk_OSSL_CMP_ITAV_value(itavs, i));
        if (itav == NULL)
            return 0;

        if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav)) {
            OSSL_CMP_ITAV_free(itav);
            return 0;
        }
    }
    return 1;
}

int ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER *hdr)
{
    OSSL_CMP_ITAV *itav;
    ASN1_TYPE *asn1null;

    if (!ossl_assert(hdr != NULL))
        return 0;
    asn1null = (ASN1_TYPE *)ASN1_NULL_new();
    if (asn1null == NULL)
        return 0;
    if ((itav = OSSL_CMP_ITAV_create(OBJ_nid2obj(NID_id_it_implicitConfirm),
             asn1null))
        == NULL)
        goto err;
    if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav))
        goto err;
    return 1;

err:
    ASN1_TYPE_free(asn1null);
    OSSL_CMP_ITAV_free(itav);
    return 0;
}

/* return 1 if implicitConfirm in the generalInfo field of the header is set */
int ossl_cmp_hdr_has_implicitConfirm(const OSSL_CMP_PKIHEADER *hdr)
{
    int itavCount;
    int i;
    OSSL_CMP_ITAV *itav;

    if (!ossl_assert(hdr != NULL))
        return 0;

    itavCount = sk_OSSL_CMP_ITAV_num(hdr->generalInfo);
    for (i = 0; i < itavCount; i++) {
        itav = sk_OSSL_CMP_ITAV_value(hdr->generalInfo, i);
        if (itav != NULL
            && OBJ_obj2nid(itav->infoType) == NID_id_it_implicitConfirm)
            return 1;
    }

    return 0;
}

/*
 * set ctx->transactionID in CMP header
 * if ctx->transactionID is NULL, a random one is created with 128 bit
 * according to section 5.1.1:
 *
 * It is RECOMMENDED that the clients fill the transactionID field with
 * 128 bits of (pseudo-) random data for the start of a transaction to
 * reduce the probability of having the transactionID in use at the server.
 */
int ossl_cmp_hdr_set_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr)
{
    if (ctx->transactionID == NULL) {
        char *tid;

        if (!set_random(&ctx->transactionID, ctx,
                OSSL_CMP_TRANSACTIONID_LENGTH))
            return 0;
        tid = i2s_ASN1_OCTET_STRING(NULL, ctx->transactionID);
        if (tid != NULL)
            ossl_cmp_log1(DEBUG, ctx,
                "Starting new transaction with ID=%s", tid);
        OPENSSL_free(tid);
    }

    return ossl_cmp_asn1_octet_string_set1(&hdr->transactionID,
        ctx->transactionID);
}

/* fill in all fields of the hdr according to the info given in ctx */
int ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr)
{
    const X509_NAME *sender;
    const X509_NAME *rcp = NULL;

    if (!ossl_assert(ctx != NULL && hdr != NULL))
        return 0;

    /* set the CMP version */
    if (!ossl_cmp_hdr_set_pvno(hdr, OSSL_CMP_PVNO))
        return 0;

    /*
     * If no protection cert nor oldCert nor CSR nor subject is given,
     * sender name is not known to the client and thus set to NULL-DN
     */
    sender = ctx->cert != NULL ? X509_get_subject_name(ctx->cert) : ctx->oldCert != NULL ? X509_get_subject_name(ctx->oldCert)
        : ctx->p10CSR != NULL                                                            ? X509_REQ_get_subject_name(ctx->p10CSR)
                                                                                         : ctx->subjectName;
    if (!ossl_cmp_hdr_set1_sender(hdr, sender))
        return 0;

    /* determine recipient entry in PKIHeader */
    if (ctx->recipient != NULL)
        rcp = ctx->recipient;
    else if (ctx->srvCert != NULL)
        rcp = X509_get_subject_name(ctx->srvCert);
    else if (ctx->issuer != NULL)
        rcp = ctx->issuer;
    else if (ctx->oldCert != NULL)
        rcp = X509_get_issuer_name(ctx->oldCert);
    else if (ctx->cert != NULL)
        rcp = X509_get_issuer_name(ctx->cert);
    if (!ossl_cmp_hdr_set1_recipient(hdr, rcp))
        return 0;

    /* set current time as message time */
    if (!ossl_cmp_hdr_update_messageTime(hdr))
        return 0;

    if (ctx->recipNonce != NULL
        && !ossl_cmp_asn1_octet_string_set1(&hdr->recipNonce,
            ctx->recipNonce))
        return 0;

    if (!ossl_cmp_hdr_set_transactionID(ctx, hdr))
        return 0;

    /*-
     * set random senderNonce
     * according to section 5.1.1:
     *
     * senderNonce                  present
     *         -- 128 (pseudo-)random bits
     * The senderNonce and recipNonce fields protect the PKIMessage against
     * replay attacks. The senderNonce will typically be 128 bits of
     * (pseudo-) random data generated by the sender, whereas the recipNonce
     * is copied from the senderNonce of the previous message in the
     * transaction.
     */
    if (!set_random(&hdr->senderNonce, ctx, OSSL_CMP_SENDERNONCE_LENGTH))
        return 0;

    /* store senderNonce - for cmp with recipNonce in next outgoing msg */
    if (!OSSL_CMP_CTX_set1_senderNonce(ctx, hdr->senderNonce))
        return 0;

    /*-
     * freeText                [7] PKIFreeText OPTIONAL,
     * -- this may be used to indicate context-specific instructions
     * -- (this field is intended for human consumption)
     */
    if (ctx->freeText != NULL
        && !ossl_cmp_hdr_push1_freeText(hdr, ctx->freeText))
        return 0;

    return 1;
}

Coverage Report

Created: 2025-12-31 06:58

Line	Count	Source
1		/*
2		* Copyright 2007-2024 The OpenSSL Project Authors. All Rights Reserved.
3		* Copyright Nokia 2007-2019
4		* Copyright Siemens AG 2015-2019
5		*
6		* Licensed under the Apache License 2.0 (the "License"). You may not use
7		* this file except in compliance with the License. You can obtain a copy
8		* in the file LICENSE in the source distribution or at
9		* https://www.openssl.org/source/license.html
10		*/
11
12		/* CMP functions for PKIHeader handling */
13
14		#include "cmp_local.h"
15
16		#include <openssl/rand.h>
17
18		/* explicit #includes not strictly needed since implied by the above: */
19		#include <openssl/asn1t.h>
20		#include <openssl/cmp.h>
21		#include <openssl/err.h>
22
23		int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno)
24	43.0k	{
25	43.0k	if (!ossl_assert(hdr != NULL))
26	0	return 0;
27	43.0k	return ASN1_INTEGER_set(hdr->pvno, pvno);
28	43.0k	}
29
30		int ossl_cmp_hdr_get_pvno(const OSSL_CMP_PKIHEADER *hdr)
31	73.3k	{
32	73.3k	int64_t pvno;
33
34	73.3k	if (!ossl_assert(hdr != NULL))
35	0	return -1;
36	73.3k	if (!ASN1_INTEGER_get_int64(&pvno, hdr->pvno) \|\| pvno < 0 \|\| pvno > INT_MAX)
37	24.5k	return -1;
38	48.7k	return (int)pvno;
39	73.3k	}
40
41		int ossl_cmp_hdr_get_protection_nid(const OSSL_CMP_PKIHEADER *hdr)
42	58.3k	{
43	58.3k	if (!ossl_assert(hdr != NULL)
44	58.3k	\|\| hdr->protectionAlg == NULL)
45	29.6k	return NID_undef;
46	28.7k	return OBJ_obj2nid(hdr->protectionAlg->algorithm);
47	58.3k	}
48
49		ASN1_OCTET_STRING OSSL_CMP_HDR_get0_transactionID(const OSSL_CMP_PKIHEADER hdr)
50	0	{
51	0	if (hdr == NULL) {
52	0	ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
53	0	return NULL;
54	0	}
55	0	return hdr->transactionID;
56	0	}
57
58		ASN1_OCTET_STRING ossl_cmp_hdr_get0_senderNonce(const OSSL_CMP_PKIHEADER hdr)
59	0	{
60	0	if (!ossl_assert(hdr != NULL))
61	0	return NULL;
62	0	return hdr->senderNonce;
63	0	}
64
65		ASN1_OCTET_STRING OSSL_CMP_HDR_get0_recipNonce(const OSSL_CMP_PKIHEADER hdr)
66	0	{
67	0	if (hdr == NULL) {
68	0	ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
69	0	return NULL;
70	0	}
71	0	return hdr->recipNonce;
72	0	}
73
74		STACK_OF(OSSL_CMP_ITAV)
75		OSSL_CMP_HDR_get0_geninfo_ITAVs(const OSSL_CMP_PKIHEADER hdr)
76	0	{
77	0	if (hdr == NULL) {
78	0	ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
79	0	return NULL;
80	0	}
81	0	return hdr->generalInfo;
82	0	}
83
84		/* a NULL-DN as an empty sequence of RDNs */
85		int ossl_cmp_general_name_is_NULL_DN(GENERAL_NAME *name)
86	2.78k	{
87	2.78k	return name == NULL
88	2.78k	\|\| (name->type == GEN_DIRNAME && IS_NULL_DN(name->d.directoryName));
89	2.78k	}
90
91		/*
92		* Set the sender name in PKIHeader.
93		* when nm is NULL, sender is set to an empty string
94		* returns 1 on success, 0 on error
95		*/
96		int ossl_cmp_hdr_set1_sender(OSSL_CMP_PKIHEADER hdr, const X509_NAME nm)
97	43.0k	{
98	43.0k	if (!ossl_assert(hdr != NULL))
99	0	return 0;
100	43.0k	return GENERAL_NAME_set1_X509_NAME(&hdr->sender, nm);
101	43.0k	}
102
103		int ossl_cmp_hdr_set1_recipient(OSSL_CMP_PKIHEADER hdr, const X509_NAME nm)
104	43.0k	{
105	43.0k	if (!ossl_assert(hdr != NULL))
106	0	return 0;
107	43.0k	return GENERAL_NAME_set1_X509_NAME(&hdr->recipient, nm);
108	43.0k	}
109
110		int ossl_cmp_hdr_update_messageTime(OSSL_CMP_PKIHEADER *hdr)
111	43.0k	{
112	43.0k	if (!ossl_assert(hdr != NULL))
113	0	return 0;
114	43.0k	if (hdr->messageTime == NULL
115	43.0k	&& (hdr->messageTime = ASN1_GENERALIZEDTIME_new()) == NULL)
116	0	return 0;
117	43.0k	return ASN1_GENERALIZEDTIME_set(hdr->messageTime, time(NULL)) != NULL;
118	43.0k	}
119
120		/* assign to tgt a random byte array of given length /
121		static int set_random(ASN1_OCTET_STRING *tgt, OSSL_CMP_CTX ctx, size_t len)
122	75.9k	{
123	75.9k	unsigned char *bytes = OPENSSL_malloc(len);
124	75.9k	int res = 0;
125
126	75.9k	if (bytes == NULL \|\| RAND_bytes_ex(ctx->libctx, bytes, len, 0) <= 0)
127	75.9k	ERR_raise(ERR_LIB_CMP, CMP_R_FAILURE_OBTAINING_RANDOM);
128	75.9k	else
129	75.9k	res = ossl_cmp_asn1_octet_string_set1_bytes(tgt, bytes, len);
130	75.9k	OPENSSL_free(bytes);
131	75.9k	return res;
132	75.9k	}
133
134		int ossl_cmp_hdr_set1_senderKID(OSSL_CMP_PKIHEADER *hdr,
135		const ASN1_OCTET_STRING *senderKID)
136	0	{
137	0	if (!ossl_assert(hdr != NULL))
138	0	return 0;
139	0	return ossl_cmp_asn1_octet_string_set1(&hdr->senderKID, senderKID);
140	0	}
141
142		/* push the given text string to the given PKIFREETEXT ft */
143		int ossl_cmp_hdr_push0_freeText(OSSL_CMP_PKIHEADER hdr, ASN1_UTF8STRING text)
144	0	{
145	0	if (!ossl_assert(hdr != NULL && text != NULL))
146	0	return 0;
147
148	0	if (hdr->freeText == NULL
149	0	&& (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL)
150	0	return 0;
151
152	0	return sk_ASN1_UTF8STRING_push(hdr->freeText, text);
153	0	}
154
155		int ossl_cmp_hdr_push1_freeText(OSSL_CMP_PKIHEADER hdr, ASN1_UTF8STRING text)
156	0	{
157	0	if (!ossl_assert(hdr != NULL && text != NULL))
158	0	return 0;
159
160	0	if (hdr->freeText == NULL
161	0	&& (hdr->freeText = sk_ASN1_UTF8STRING_new_null()) == NULL)
162	0	return 0;
163
164	0	return ossl_cmp_sk_ASN1_UTF8STRING_push_str(hdr->freeText, (char *)text->data,
165	0	text->length);
166	0	}
167
168		int ossl_cmp_hdr_generalInfo_push0_item(OSSL_CMP_PKIHEADER *hdr,
169		OSSL_CMP_ITAV *itav)
170	0	{
171	0	if (!ossl_assert(hdr != NULL && itav != NULL))
172	0	return 0;
173	0	return OSSL_CMP_ITAV_push0_stack_item(&hdr->generalInfo, itav);
174	0	}
175
176		int ossl_cmp_hdr_generalInfo_push1_items(OSSL_CMP_PKIHEADER *hdr,
177		const STACK_OF(OSSL_CMP_ITAV) *itavs)
178	0	{
179	0	int i;
180	0	OSSL_CMP_ITAV *itav;
181
182	0	if (!ossl_assert(hdr != NULL))
183	0	return 0;
184
185	0	for (i = 0; i < sk_OSSL_CMP_ITAV_num(itavs); i++) {
186	0	itav = OSSL_CMP_ITAV_dup(sk_OSSL_CMP_ITAV_value(itavs, i));
187	0	if (itav == NULL)
188	0	return 0;
189
190	0	if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav)) {
191	0	OSSL_CMP_ITAV_free(itav);
192	0	return 0;
193	0	}
194	0	}
195	0	return 1;
196	0	}
197
198		int ossl_cmp_hdr_set_implicitConfirm(OSSL_CMP_PKIHEADER *hdr)
199	0	{
200	0	OSSL_CMP_ITAV *itav;
201	0	ASN1_TYPE *asn1null;
202
203	0	if (!ossl_assert(hdr != NULL))
204	0	return 0;
205	0	asn1null = (ASN1_TYPE *)ASN1_NULL_new();
206	0	if (asn1null == NULL)
207	0	return 0;
208	0	if ((itav = OSSL_CMP_ITAV_create(OBJ_nid2obj(NID_id_it_implicitConfirm),
209	0	asn1null))
210	0	== NULL)
211	0	goto err;
212	0	if (!ossl_cmp_hdr_generalInfo_push0_item(hdr, itav))
213	0	goto err;
214	0	return 1;
215
216	0	err:
217	0	ASN1_TYPE_free(asn1null);
218	0	OSSL_CMP_ITAV_free(itav);
219	0	return 0;
220	0	}
221
222		/* return 1 if implicitConfirm in the generalInfo field of the header is set */
223		int ossl_cmp_hdr_has_implicitConfirm(const OSSL_CMP_PKIHEADER *hdr)
224	0	{
225	0	int itavCount;
226	0	int i;
227	0	OSSL_CMP_ITAV *itav;
228
229	0	if (!ossl_assert(hdr != NULL))
230	0	return 0;
231
232	0	itavCount = sk_OSSL_CMP_ITAV_num(hdr->generalInfo);
233	0	for (i = 0; i < itavCount; i++) {
234	0	itav = sk_OSSL_CMP_ITAV_value(hdr->generalInfo, i);
235	0	if (itav != NULL
236	0	&& OBJ_obj2nid(itav->infoType) == NID_id_it_implicitConfirm)
237	0	return 1;
238	0	}
239
240	0	return 0;
241	0	}
242
243		/*
244		* set ctx->transactionID in CMP header
245		* if ctx->transactionID is NULL, a random one is created with 128 bit
246		* according to section 5.1.1:
247		*
248		* It is RECOMMENDED that the clients fill the transactionID field with
249		* 128 bits of (pseudo-) random data for the start of a transaction to
250		* reduce the probability of having the transactionID in use at the server.
251		*/
252		int ossl_cmp_hdr_set_transactionID(OSSL_CMP_CTX ctx, OSSL_CMP_PKIHEADER hdr)
253	43.0k	{
254	43.0k	if (ctx->transactionID == NULL) {
255	32.9k	char *tid;
256
257	32.9k	if (!set_random(&ctx->transactionID, ctx,
258	32.9k	OSSL_CMP_TRANSACTIONID_LENGTH))
259	0	return 0;
260	32.9k	tid = i2s_ASN1_OCTET_STRING(NULL, ctx->transactionID);
261	32.9k	if (tid != NULL)
262	32.9k	ossl_cmp_log1(DEBUG, ctx,
263	32.9k	"Starting new transaction with ID=%s", tid);
264	32.9k	OPENSSL_free(tid);
265	32.9k	}
266
267	43.0k	return ossl_cmp_asn1_octet_string_set1(&hdr->transactionID,
268	43.0k	ctx->transactionID);
269	43.0k	}
270
271		/* fill in all fields of the hdr according to the info given in ctx */
272		int ossl_cmp_hdr_init(OSSL_CMP_CTX ctx, OSSL_CMP_PKIHEADER hdr)
273	35.2k	{
274	35.2k	const X509_NAME *sender;
275	35.2k	const X509_NAME *rcp = NULL;
276
277	35.2k	if (!ossl_assert(ctx != NULL && hdr != NULL))
278	0	return 0;
279
280		/* set the CMP version */
281	35.2k	if (!ossl_cmp_hdr_set_pvno(hdr, OSSL_CMP_PVNO))
282	0	return 0;
283
284		/*
285		* If no protection cert nor oldCert nor CSR nor subject is given,
286		* sender name is not known to the client and thus set to NULL-DN
287		*/
288	35.2k	sender = ctx->cert != NULL ? X509_get_subject_name(ctx->cert) : ctx->oldCert != NULL ? X509_get_subject_name(ctx->oldCert)
289	35.2k	: ctx->p10CSR != NULL ? X509_REQ_get_subject_name(ctx->p10CSR)
290	33.0k	: ctx->subjectName;
291	35.2k	if (!ossl_cmp_hdr_set1_sender(hdr, sender))
292	0	return 0;
293
294		/* determine recipient entry in PKIHeader */
295	35.2k	if (ctx->recipient != NULL)
296	11.5k	rcp = ctx->recipient;
297	23.6k	else if (ctx->srvCert != NULL)
298	0	rcp = X509_get_subject_name(ctx->srvCert);
299	23.6k	else if (ctx->issuer != NULL)
300	0	rcp = ctx->issuer;
301	23.6k	else if (ctx->oldCert != NULL)
302	2.25k	rcp = X509_get_issuer_name(ctx->oldCert);
303	21.4k	else if (ctx->cert != NULL)
304	0	rcp = X509_get_issuer_name(ctx->cert);
305	35.2k	if (!ossl_cmp_hdr_set1_recipient(hdr, rcp))
306	0	return 0;
307
308		/* set current time as message time */
309	35.2k	if (!ossl_cmp_hdr_update_messageTime(hdr))
310	0	return 0;
311
312	35.2k	if (ctx->recipNonce != NULL
313	9.11k	&& !ossl_cmp_asn1_octet_string_set1(&hdr->recipNonce,
314	9.11k	ctx->recipNonce))
315	0	return 0;
316
317	35.2k	if (!ossl_cmp_hdr_set_transactionID(ctx, hdr))
318	0	return 0;
319
320		/*-
321		* set random senderNonce
322		* according to section 5.1.1:
323		*
324		* senderNonce present
325		* -- 128 (pseudo-)random bits
326		* The senderNonce and recipNonce fields protect the PKIMessage against
327		* replay attacks. The senderNonce will typically be 128 bits of
328		* (pseudo-) random data generated by the sender, whereas the recipNonce
329		* is copied from the senderNonce of the previous message in the
330		* transaction.
331		*/
332	35.2k	if (!set_random(&hdr->senderNonce, ctx, OSSL_CMP_SENDERNONCE_LENGTH))
333	0	return 0;
334
335		/* store senderNonce - for cmp with recipNonce in next outgoing msg */
336	35.2k	if (!OSSL_CMP_CTX_set1_senderNonce(ctx, hdr->senderNonce))
337	0	return 0;
338
339		/*-
340		* freeText [7] PKIFreeText OPTIONAL,
341		* -- this may be used to indicate context-specific instructions
342		* -- (this field is intended for human consumption)
343		*/
344	35.2k	if (ctx->freeText != NULL
345	0	&& !ossl_cmp_hdr_push1_freeText(hdr, ctx->freeText))
346	0	return 0;
347
348	35.2k	return 1;
349	35.2k	}