x509_acert: Add API to sign and verify attribute certificates

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15857)

crypto/x509/x_all.c

@@ -19,6 +19,7 @@
 #include <openssl/asn1.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
+#include <openssl/x509_acert.h>
 #include <openssl/http.h>
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -52,6 +53,16 @@ int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
     return X509_REQ_verify_ex(a, r, NULL, NULL);
 }
 
+int X509_ACERT_verify(X509_ACERT *a, EVP_PKEY *r)
+{
+    if (X509_ALGOR_cmp(&a->sig_alg, &a->acinfo->signature) != 0)
+        return 0;
+
+    return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_ACERT_INFO), &a->sig_alg,
+                               &a->signature, a->acinfo,
+                               NULL, r, NULL, NULL);
+}
+
 int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
 {
     return ASN1_item_verify(ASN1_ITEM_rptr(NETSCAPE_SPKAC),
@@ -174,6 +185,21 @@ X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout)
                                        ASN1_ITEM_rptr(X509_CRL));
 }
 
+int X509_ACERT_sign(X509_ACERT *x, EVP_PKEY *pkey, const EVP_MD *md)
+{
+    return ASN1_item_sign_ex(ASN1_ITEM_rptr(X509_ACERT_INFO), &x->sig_alg,
+                             &x->acinfo->signature,
+                             &x->signature, x->acinfo, NULL,
+                             pkey, md, NULL, NULL);
+}
+
+int X509_ACERT_sign_ctx(X509_ACERT *x, EVP_MD_CTX *ctx)
+{
+    return ASN1_item_sign_ctx(ASN1_ITEM_rptr(X509_ACERT_INFO),
+                              &x->sig_alg, &x->acinfo->signature, &x->signature,
+                              &x->acinfo, ctx);
+}
+
 int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
 {
     return

doc/man3/X509_sign.pod

@@ -4,6 +4,7 @@
 
 X509_sign, X509_sign_ctx,
 X509_REQ_sign, X509_REQ_sign_ctx,
+X509_ACERT_sign, X509_ACERT_sign_ctx,
 X509_CRL_sign, X509_CRL_sign_ctx -
 sign certificate, certificate request, or CRL signature
 
@@ -20,6 +21,11 @@ sign certificate, certificate request, or CRL signature
  int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
  int X509_CRL_sign_ctx(X509_CRL *x, EVP_MD_CTX *ctx);
 
+ #include <openssl/x509_acert.h>
+
+ int X509_ACERT_sign(X509_ACERT *x, EVP_PKEY *pkey, const EVP_MD *md);
+ int X509_ACERT_sign_ctx(X509_ACERT *x, EVP_MD_CTX *ctx);
+
 =head1 DESCRIPTION
 
 X509_sign() signs certificate I<x> using private key I<pkey> and message
@@ -29,6 +35,7 @@ If the certificate information includes X.509 extensions,
 these two functions make sure that the certificate bears X.509 version 3.
 
 X509_REQ_sign(), X509_REQ_sign_ctx(),
+X509_ACERT_sign(), X509_ACERT_sign_ctx(),
 X509_CRL_sign(), and X509_CRL_sign_ctx()
 sign certificate requests and CRLs, respectively.
 
@@ -68,6 +75,9 @@ available in all versions of OpenSSL.
 The X509_sign_ctx(), X509_REQ_sign_ctx()
 and X509_CRL_sign_ctx() functions were added in OpenSSL 1.0.1.
 
+The X509_ACERT_sign() and X509_ACERT_sign_ctx() functions were added
+in OpenSSL 3.4.
+
 =head1 COPYRIGHT
 
 Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.

doc/man3/X509_verify.pod

@@ -4,7 +4,7 @@
 
 X509_verify, X509_self_signed,
 X509_REQ_verify_ex, X509_REQ_verify,
-X509_CRL_verify -
+X509_CRL_verify, X509_ACERT_verify -
 verify certificate, certificate request, or CRL signature
 
 =head1 SYNOPSIS
@@ -19,6 +19,9 @@ verify certificate, certificate request, or CRL signature
  int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
  int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
 
+ #include <openssl/x509_acert.h>
+ int X509_ACERT_verify(X509_CRL *a, EVP_PKEY *r);
+
 =head1 DESCRIPTION
 
 X509_verify() verifies the signature of certificate I<x> using public key
@@ -31,8 +34,9 @@ authority key identifier (if present) must match the subject key identifier etc.
 The signature itself is actually verified only if B<verify_signature> is 1, as
 for explicitly trusted certificates this verification is not worth the effort.
 
-X509_REQ_verify_ex(), X509_REQ_verify() and X509_CRL_verify()
-verify the signatures of certificate requests and CRLs, respectively.
+X509_REQ_verify_ex(), X509_REQ_verify(), X509_CRL_verify() and X509_ACERT_verify()
+verify the signatures of certificate requests, CRLs and attribute certificates
+respectively.
 
 =head1 RETURN VALUES
 
@@ -71,6 +75,8 @@ functions are available in all versions of OpenSSL.
 
 X509_REQ_verify_ex(), and X509_self_signed() were added in OpenSSL 3.0.
 
+X509_ACERT_verify() was added in OpenSSL 3.4.
+
 =head1 COPYRIGHT
 
 Copyright 2015-2023 The OpenSSL Project Authors. All Rights Reserved.

include/openssl/x509_acert.h.in

@@ -45,6 +45,10 @@ DECLARE_PEM_rw(X509_ACERT, X509_ACERT)
 X509_ACERT *d2i_X509_ACERT_bio(BIO *bp, X509_ACERT **acert);
 int i2d_X509_ACERT_bio(BIO *bp, const X509_ACERT *acert);
 
+int X509_ACERT_sign(X509_ACERT *x, EVP_PKEY *pkey, const EVP_MD *md);
+int X509_ACERT_sign_ctx(X509_ACERT *x, EVP_MD_CTX *ctx);
+int X509_ACERT_verify(X509_ACERT *a, EVP_PKEY *r);
+
 # define X509_ACERT_VERSION_2 1
 
 const GENERAL_NAMES *X509_ACERT_get0_holder_entityName(const X509_ACERT *x);

util/libcrypto.num

@@ -5612,3 +5612,6 @@ X509_ACERT_add1_attr                    ?	3_4_0	EXIST::FUNCTION:
 X509_ACERT_add1_attr_by_OBJ             ?	3_4_0	EXIST::FUNCTION:
 X509_ACERT_add1_attr_by_NID             ?	3_4_0	EXIST::FUNCTION:
 X509_ACERT_add1_attr_by_txt             ?	3_4_0	EXIST::FUNCTION:
+X509_ACERT_sign                         ?	3_4_0	EXIST::FUNCTION:
+X509_ACERT_sign_ctx                     ?	3_4_0	EXIST::FUNCTION:
+X509_ACERT_verify                       ?	3_4_0	EXIST::FUNCTION: