Send 32 byte nonce with TS profile

IB-7668

Signed-off-by: Raul Metsma <raul@metsma.ee>

src/SignatureXAdES_LT.cpp

@@ -44,24 +44,23 @@ using namespace xml_schema;
 
 SignatureXAdES_LT::SignatureXAdES_LT(unsigned int id, ASiContainer *bdoc, Signer *signer)
 : SignatureXAdES_T(id, bdoc, signer)
-{
-}
+{}
 
 SignatureXAdES_LT::SignatureXAdES_LT(istream &sigdata, ASiContainer *bdoc, bool relaxSchemaValidation)
 : SignatureXAdES_T(sigdata, bdoc, relaxSchemaValidation)
 {
     try {
         // ADOC files are default T level, take OCSP response to create temporary LT level
-        if(bdoc->mediaType() == ASiContainer::MIMETYPE_ADOC && unsignedSignatureProperties().revocationValues().empty())
+        if(bdoc->mediaType() == ASiContainer::MIMETYPE_ADOC &&
+            unsignedSignatureProperties().revocationValues().empty())
         {
             X509Cert cert = signingCertificate();
             X509Cert issuer = X509CertStore::instance()->findIssuer(cert, X509CertStore::OCSP);
             if(!issuer)
                 THROW("Could not find certificate issuer '%s' in certificate store.",
                     cert.issuerName().c_str());
 
-            OCSP ocsp(cert, issuer, {}, " format: " + bdoc->mediaType());
-            addOCSPValue(id().replace(0, 1, "N"), ocsp);
+            addOCSPValue(id().replace(0, 1, "N"), OCSP(cert, issuer, {}, {}));
         }
     } catch(const Exception &) {
     }
@@ -134,7 +133,7 @@ void SignatureXAdES_LT::validate(const std::string &policy) const
         vector<Exception> ocspExceptions;
         for(const OCSPValuesType::EncapsulatedOCSPValueType &resp: revSeq.front().oCSPValues()->encapsulatedOCSPValue())
         {
-            OCSP ocsp((const unsigned char*)resp.data(), resp.size());
+            OCSP ocsp(resp);
             try {
                 ocsp.verifyResponse(signingCertificate());
                 foundSignerOCSP = true;
@@ -216,10 +215,14 @@ void SignatureXAdES_LT::extendSignatureProfile(const std::string &profile)
     if(profile == ASiC_E::BES_PROFILE || profile == ASiC_E::EPES_PROFILE)
         return;
 
-    // Calculate NONCE value.
-    Digest calc;
-    vector<unsigned char> nonce = Digest::addDigestInfo(calc.result(getSignatureValue()), calc.uri());
-    DEBUGMEM("OID + Calculated signature HASH (nonce):", nonce.data(), nonce.size());
+    vector<unsigned char> nonce;
+    if(profile.find(ASiC_E::ASIC_TM_PROFILE) != string::npos)
+    {
+        // Calculate NONCE value.
+        Digest calc;
+        nonce = Digest::addDigestInfo(calc.result(getSignatureValue()), calc.uri());
+        DEBUGMEM("OID + Calculated signature HASH (nonce):", nonce.data(), nonce.size());
+    }
 
     // Get issuer certificate from certificate store.
     X509Cert cert = signingCertificate();
@@ -263,7 +266,7 @@ void SignatureXAdES_LT::addCertificateValue(const string& certId, const X509Cert
     }
 
     vector<unsigned char> der = x509;
-    CertificateValuesType::EncapsulatedX509CertificateType certData(Base64Binary(der.data(), der.size(), der.size(), false));
+    CertificateValuesType::EncapsulatedX509CertificateType certData({der.data(), der.size(), der.size(), false});
     certData.id(certId);
     values[0].encapsulatedX509Certificate().push_back(certData);
 }
@@ -275,7 +278,7 @@ void SignatureXAdES_LT::addOCSPValue(const string &id, const OCSP &ocsp)
     createUnsignedSignatureProperties();
 
     vector<unsigned char> der = ocsp;
-    OCSPValuesType::EncapsulatedOCSPValueType ocspValueData(Base64Binary(der.data(), der.size(), der.size(), false));
+    OCSPValuesType::EncapsulatedOCSPValueType ocspValueData({der.data(), der.size(), der.size(), false});
     ocspValueData.id(id);
 
     OCSPValuesType ocspValue;
@@ -309,15 +312,14 @@ OCSP SignatureXAdES_LT::getOCSPResponseValue() const
         for(const OCSPValuesType::EncapsulatedOCSPValueType &resp: t.oCSPValues()->encapsulatedOCSPValue())
         {
             try {
-                OCSP ocsp((const unsigned char*)resp.data(), resp.size());
+                OCSP ocsp(resp);
                 ocsp.verifyResponse(signingCertificate());
                 return ocsp;
             } catch(const Exception &) {
             }
         }
         // Return first OCSP response when chains are not complete and validation fails
-        const OCSPValuesType::EncapsulatedOCSPValueType &resp = t.oCSPValues()->encapsulatedOCSPValue().at(0);
-        return {(const unsigned char*)resp.data(), resp.size()};
+        return {t.oCSPValues()->encapsulatedOCSPValue().front()};
     }
     catch(const Exception &)
     {}

src/crypto/OCSP.cpp

@@ -28,6 +28,7 @@
 #include "util/log.h"
 
 #include <algorithm>
+#include <array>
 
 #ifdef WIN32 //hack for win32 build
 #undef OCSP_REQUEST
@@ -138,10 +139,10 @@ bool OCSP::compareResponderCert(const X509Cert &cert) const
         return X509_NAME_cmp(X509_get_subject_name(cert.handle()), name) == 0;
     if(hash)
     {
-        unsigned char sha1[SHA_DIGEST_LENGTH];
+        std::array<unsigned char,SHA_DIGEST_LENGTH> sha1{};
         ASN1_BIT_STRING *key = X509_get0_pubkey_bitstr(cert.handle());
-        SHA1(key->data, size_t(key->length), sha1);
-        return memcmp(hash->data, &sha1, size_t(hash->length)) == 0;
+        SHA1(key->data, size_t(key->length), sha1.data());
+        return sha1.size() == hash->length && memcmp(hash->data, sha1.data(), sha1.size()) == 0;
     }
     return false;
 }
@@ -162,18 +163,19 @@ OCSP_REQUEST* OCSP::createRequest(OCSP_CERTID *certId, const vector<unsigned cha
     if(!OCSP_request_add0_id(req.get(), certId))
         THROW_OPENSSLEXCEPTION("Failed to add certificate ID to OCSP request.");
 
-    SCOPE(ASN1_OCTET_STRING, st, ASN1_OCTET_STRING_new());
     if(nonce.empty())
     {
-        ASN1_OCTET_STRING_set(st.get(), nullptr, 20);
-        RAND_bytes(st->data, st->length);
+        if(!OCSP_request_add1_nonce(req.get(), nullptr, 32)) // rfc8954: SIZE(1..32)
+            THROW_OPENSSLEXCEPTION("Failed to add NONCE to OCSP request.");
     }
     else
+    {
+        SCOPE(ASN1_OCTET_STRING, st, ASN1_OCTET_STRING_new());
         ASN1_OCTET_STRING_set(st.get(), nonce.data(), int(nonce.size()));
-
-    SCOPE(X509_EXTENSION, ex, X509_EXTENSION_create_by_NID(nullptr, NID_id_pkix_OCSP_Nonce, 0, st.get()));
-    if(!OCSP_REQUEST_add_ext(req.get(), ex.get(), 0))
-        THROW_OPENSSLEXCEPTION("Failed to add NONCE to OCSP request.");
+        SCOPE(X509_EXTENSION, ex, X509_EXTENSION_create_by_NID(nullptr, NID_id_pkix_OCSP_Nonce, 0, st.get()));
+        if(!OCSP_REQUEST_add_ext(req.get(), ex.get(), 0))
+            THROW_OPENSSLEXCEPTION("Failed to add NONCE to OCSP request.");
+    }
 
     if(signRequest)
     {

src/crypto/OCSP.h

@@ -41,6 +41,8 @@ namespace digidoc
       public:
           OCSP(const X509Cert &cert, const X509Cert &issuer,
                const std::vector<unsigned char> &nonce, const std::string &userAgent);
+          template <class Container>
+          inline OCSP(const Container &data): OCSP((const unsigned char*)data.data(), data.size()) {}
           OCSP(const unsigned char *data = nullptr, size_t size = 0);
 
           std::vector<unsigned char> nonce() const;
@@ -52,7 +54,7 @@ namespace digidoc
 
       private:
           bool compareResponderCert(const X509Cert &cert) const;
-          OCSP_REQUEST* createRequest(OCSP_CERTID *certId, const std::vector<unsigned char> &nonce, bool signRequest);
+          static OCSP_REQUEST* createRequest(OCSP_CERTID *certId, const std::vector<unsigned char> &nonce, bool signRequest);
 
           std::shared_ptr<OCSP_RESPONSE> resp;
           std::shared_ptr<OCSP_BASICRESP> basic;