X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/sec/Security/SecSCEP.c

diff --git a/sec/Security/SecSCEP.c b/sec/Security/SecSCEP.c
deleted file mode 100644
index 6b25f1ac..00000000
--- a/sec/Security/SecSCEP.c
+++ /dev/null
@@ -1,884 +0,0 @@
-/*
- * Copyright (c) 2008-2010 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-#include "SecSCEP.h"
-
-#include <Security/SecCMS.h>
-#include <Security/SecRandom.h>
-#include <Security/SecIdentityPriv.h>
-#include <string.h>
-#include <AssertMacros.h>
-#include <CommonCrypto/CommonDigest.h>
-#include <CommonCrypto/CommonDigestSPI.h>
-#include <Security/SecItem.h>
-#include <Security/SecInternal.h>
-#include <Security/SecCertificateInternal.h>
-#include <Security/SecKeyPriv.h>
-#include <Security/SecInternal.h>
-#include <libDER/DER_Encode.h>
-#include <uuid/uuid.h>
-#include <utilities/array_size.h>
-#include <utilities/debugging.h>
-#include <utilities/SecIOFormat.h>
-
-typedef enum {
-        messageType = 2,
-        pkiStatus = 3,
-        failInfo = 4,
-        senderNonce = 5,
-        recipientNonce = 6,
-        transId = 7
-} scep_attr_t;
-
-static CFDataRef scep_oid(scep_attr_t type)
-{
-/* +-------------------+-----------------------------------------------+
-   | Name              | ASN.1 Definition                              |
-   +-------------------+-----------------------------------------------+
-   | id-VeriSign       | OBJECT_IDENTIFIER ::= {2 16 US(840) 1         |
-   |                   | VeriSign(113733)}                             |
-   | id-pki            | OBJECT_IDENTIFIER ::= {id-VeriSign pki(1)}    |
-   | id-attributes     | OBJECT_IDENTIFIER ::= {id-pki attributes(9)}  |
-   | id-messageType    | OBJECT_IDENTIFIER ::= {id-attributes          |
-   |                   | messageType(2)}                               |
-   | id-pkiStatus      | OBJECT_IDENTIFIER ::= {id-attributes          |
-   |                   | pkiStatus(3)}                                 |
-   | id-failInfo       | OBJECT_IDENTIFIER ::= {id-attributes          |
-   |                   | failInfo(4)}                                  |
-   | id-senderNonce    | OBJECT_IDENTIFIER ::= {id-attributes          |
-   |                   | senderNonce(5)}                               |
-   | id-recipientNonce | OBJECT_IDENTIFIER ::= {id-attributes          |
-   |                   | recipientNonce(6)}                            |
-   | id-transId        | OBJECT_IDENTIFIER ::= {id-attributes          |
-   |                   | transId(7)}                                   |
-   | id-extensionReq   | OBJECT_IDENTIFIER ::= {id-attributes          |
-   |                   | extensionReq(8)}                              |
-   +-------------------+-----------------------------------------------+ */
-    uint8_t oid_scep_attrs[] = 
-        { 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, 0x09, 0 };
-    /* messageType:2 pkiStatus:3 failInfo:4 senderNonce:5 recipientNonce:6 transId:7 */
-    if ((type < messageType) || (type > transId))
-        return NULL;
-        
-    oid_scep_attrs[sizeof(oid_scep_attrs) - 1] = type;
-    return CFDataCreate(kCFAllocatorDefault, oid_scep_attrs, sizeof(oid_scep_attrs));
-}
-
-static const char CertRep[] = "3";
-static const char PKCSReq[] = "19";
-static const char GetCertInitial[] = "20";
-static const char GetCert[] = "21";
-static const char GetCRL[] = "22";
-static const char PKIStatusSUCCESS[] = "0";
-static const char PKIStatusFAILURE[] = "2";
-static const char PKIStatusPENDING[] = "3";
-
-static CFDataRef
-printable_string_data(size_t length, const char *bytes)
-{
-    DERSize der_length_len = DERLengthOfLength(length);
-    size_t value_length = sizeof(SecASN1PrintableString) + der_length_len + length;
-    CFMutableDataRef data = CFDataCreateMutable(kCFAllocatorDefault, value_length);
-    CFDataSetLength(data, value_length);
-    uint8_t *ptr = (uint8_t *)CFDataGetBytePtr(data);
-    *ptr++ = SecASN1PrintableString;
-    DEREncodeLength(length, ptr, &der_length_len);
-    ptr += der_length_len;
-    memcpy(ptr, bytes, length);
-    return (CFDataRef)data;
-}
-
-#define scep_result(value) printable_string_data(sizeof(value)-1, value)
-
-static CFTypeRef
-dictionary_array_value_1(CFDictionaryRef attrs, CFTypeRef attr)
-{
-    CFTypeRef value = NULL;
-    CFArrayRef attr_values = NULL;
-    
-    require(attr_values = (CFArrayRef)CFDictionaryGetValue(attrs, attr), out);
-    require(CFArrayGetCount(attr_values) == 1, out);
-    value = CFArrayGetValueAtIndex(attr_values, 0);
-out:
-    return value;
-}
-
-/* @@@ consider splitting into function returning single value 
-       and function creating printable string from c str */
-static bool scep_attr_has_val(CFDictionaryRef attrs, scep_attr_t attr, const char *val)
-{
-    bool result = false;
-    CFDataRef msgtype_value_data = printable_string_data(strlen(val), val);
-    CFArrayRef msgtype_value_datas = CFArrayCreate(kCFAllocatorDefault, 
-        (const void **)&msgtype_value_data, 1, &kCFTypeArrayCallBacks);
-    CFRelease(msgtype_value_data);
-    CFDataRef msgtype_oid_data = scep_oid(attr);
-    CFArrayRef msgtype_values = (CFArrayRef)CFDictionaryGetValue(attrs, msgtype_oid_data);
-    CFRelease(msgtype_oid_data);
-    if (msgtype_values && CFEqual(msgtype_value_datas, msgtype_values))
-        result = true;
-    CFRelease(msgtype_value_datas);
-
-    return result;
-}
-
-static CFDataRef hexencode(CFDataRef data)
-{
-    CFIndex ix, length = CFDataGetLength(data);
-    const uint8_t *bin_data = CFDataGetBytePtr(data);
-    uint8_t *hex_data = calloc(1, 2*length + 1);
-    require(length && bin_data && hex_data, out);
-
-    for (ix = 0; ix < length; ix++)
-        snprintf((char *)&hex_data[2*ix], 3, "%02X", bin_data[ix]);
-
-    return CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, hex_data, 
-        2*length, kCFAllocatorMalloc);
-out:
-    if (hex_data)
-        free(hex_data);
-    return NULL;
-}
-
-static CFDataRef pubkeyhash(SecKeyRef key)
-{
-    CFTypeRef key_type = NULL;
-    CFDictionaryRef pubkey_attrs = NULL;
-    CFDataRef hash_pubkey_data = NULL, pubkey_data = NULL;
-    uint8_t pubkey_hash[CC_SHA1_DIGEST_LENGTH];
-    
-    require(pubkey_attrs = SecKeyCopyAttributeDictionary(key), out);
-    require( (key_type = CFDictionaryGetValue(pubkey_attrs, kSecAttrKeyClass)) &&
-                CFEqual(key_type, kSecAttrKeyClassPublic), out);
-    require(pubkey_data = CFDictionaryGetValue(pubkey_attrs, kSecValueData), out);
-    require((unsigned long)CFDataGetLength(pubkey_data)<=UINT32_MAX, out); /* Correct as long as CFIndex is long */
-    CCDigest(kCCDigestSHA1, CFDataGetBytePtr(pubkey_data), (CC_LONG)CFDataGetLength(pubkey_data), pubkey_hash);
-    hash_pubkey_data = CFDataCreate(kCFAllocatorDefault, pubkey_hash, sizeof(pubkey_hash));
-out:
-    CFReleaseSafe(pubkey_attrs);
-    return hash_pubkey_data;
-}
-
-static void generate_sender_nonce(CFMutableDictionaryRef dict)
-{
-    /* random sender nonce, to be verified against recipient nonce in reply */
-    CFDataRef senderNonce_oid_data = scep_oid(senderNonce);
-    uint8_t senderNonce_value[18] = { 4, 16, };
-    SecRandomCopyBytes(kSecRandomDefault, sizeof(senderNonce_value) - 2, senderNonce_value + 2);
-    CFDataRef senderNonce_value_data = CFDataCreate(kCFAllocatorDefault,
-		senderNonce_value, sizeof(senderNonce_value));
-	if (senderNonce_oid_data && senderNonce_value_data)
-		CFDictionarySetValue(dict, senderNonce_oid_data, senderNonce_value_data);
-    CFReleaseNull(senderNonce_oid_data);
-    CFReleaseNull(senderNonce_value_data);
-}
-
-SecIdentityRef SecSCEPCreateTemporaryIdentity(SecKeyRef publicKey, SecKeyRef privateKey)
-{
-	int key_usage = kSecKeyUsageDigitalSignature | kSecKeyUsageKeyEncipherment;
-	CFDictionaryRef self_signed_parameters = NULL;
-	CFNumberRef key_usage_num = NULL;
-	SecCertificateRef self_signed_certificate = NULL;
-	SecIdentityRef self_signed_identity = NULL;
-	CFStringRef cn_uuid = NULL;
-	CFArrayRef cn_dn = NULL, cn_dns = NULL, unique_rdns = NULL;
-
-	key_usage_num = CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &key_usage);
-	require(key_usage_num, out);
-
-	const void *key[] = { kSecCertificateKeyUsage };
-	const void *val[] = { key_usage_num };
-	self_signed_parameters = CFDictionaryCreate(kCFAllocatorDefault,
-	    key, val, array_size(key),
-		&kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
-	require(self_signed_parameters, out);
-
-	char uuid_string[37] = {};
-	uuid_t uuid;
-	uuid_generate_random(uuid);
-	uuid_unparse(uuid, uuid_string);
-	cn_uuid = CFStringCreateWithCString(kCFAllocatorDefault, uuid_string, kCFStringEncodingASCII);
-	require(cn_uuid, out);
-	const void * cn[] = { kSecOidCommonName, cn_uuid };
-	cn_dn = CFArrayCreate(kCFAllocatorDefault, cn, 2, NULL);
-	require(cn_dn, out);
-	cn_dns = CFArrayCreate(kCFAllocatorDefault, (const void **)&cn_dn, 1, NULL);
-	require(cn_dns, out);
-	unique_rdns = CFArrayCreate(kCFAllocatorDefault, (const void **)&cn_dns, 1, NULL);
-	require(unique_rdns, out);
-
-	self_signed_certificate = SecGenerateSelfSignedCertificate(unique_rdns, self_signed_parameters, publicKey, privateKey);
-	require(self_signed_certificate, out);
-	self_signed_identity = SecIdentityCreate(kCFAllocatorDefault, self_signed_certificate, privateKey);
-
-out:
-	CFReleaseSafe(key_usage_num);
-	CFReleaseSafe(self_signed_parameters);
-	CFReleaseSafe(self_signed_certificate);
-	CFReleaseSafe(unique_rdns);
-	CFReleaseSafe(cn_dns);
-	CFReleaseSafe(cn_dn);
-	CFReleaseSafe(cn_uuid);
-
-	return self_signed_identity;
-}
-
-CFDataRef
-SecSCEPGenerateCertificateRequest(CFArrayRef subject, CFDictionaryRef parameters,
-    SecKeyRef publicKey, SecKeyRef privateKey,
-    SecIdentityRef signer, CFTypeRef recipients)
-{
-    CFDataRef csr = NULL;
-    CFMutableDataRef enveloped_data = NULL;
-    CFMutableDictionaryRef simple_attr = NULL;
-    SecIdentityRef self_signed_identity = NULL;
-    CFMutableDataRef signed_request = NULL;
-    SecCertificateRef recipient = NULL;
-    
-    if (CFGetTypeID(recipients) == SecCertificateGetTypeID()) {
-        recipient = (SecCertificateRef)recipients;
-    } else if (CFGetTypeID(recipients) == CFArrayGetTypeID()) {
-        CFIndex recipient_count = CFArrayGetCount(recipients);
-        if (recipient_count > 1) {
-            /* get the encryption cert */
-            recipient = (SecCertificateRef)CFArrayGetValueAtIndex(recipients, 0);
-        } else if (recipient_count == 1) {
-            /* if there is at least one we'll assume it's sign+encrypt */
-            recipient = (SecCertificateRef)CFArrayGetValueAtIndex(recipients, 0);
-        }
-    }
-    require(recipient, out);
-
-    require(csr = SecGenerateCertificateRequest(subject, parameters, publicKey, privateKey), out);
-    require(enveloped_data = CFDataCreateMutable(kCFAllocatorDefault, 0), out);
-    require_noerr(SecCMSCreateEnvelopedData(recipient, parameters, csr, enveloped_data), out);
-    CFReleaseNull(csr);
-
-    simple_attr = CFDictionaryCreateMutable(kCFAllocatorDefault, 3, 
-        &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
-
-    /* generate a transaction id: hex encoded pubkey hash */
-    CFDataRef public_key_hash = pubkeyhash(publicKey);
-    CFDataRef public_key_hash_hex = hexencode(public_key_hash);
-    CFReleaseSafe(public_key_hash);
-    CFDataRef transid_oid_data = scep_oid(transId);
-    CFDataRef transid_data = printable_string_data(CFDataGetLength(public_key_hash_hex), 
-        (const char *)CFDataGetBytePtr(public_key_hash_hex));
-    CFReleaseSafe(public_key_hash_hex);
-    
-    CFDictionarySetValue(simple_attr, transid_oid_data, transid_data);
-    CFReleaseNull(transid_oid_data);
-    CFReleaseNull(transid_data);
-    
-    /* message type: PKCSReq (19) */
-    CFDataRef msgtype_value_data = NULL;
-    CFDataRef msgtype_oid_data = NULL;
-    require(msgtype_oid_data = scep_oid(messageType), out);
-    require(msgtype_value_data = printable_string_data(strlen(PKCSReq), PKCSReq), out);
-
-    CFDictionarySetValue(simple_attr, msgtype_oid_data, msgtype_value_data);
-    CFReleaseNull(msgtype_oid_data);
-    CFReleaseNull(msgtype_value_data);
-
-    /* random sender nonce, to be verified against recipient nonce in reply */
-	generate_sender_nonce(simple_attr);
-
-	/* XXX/cs remove auto-generation once managedconfig is no longer using this */
-    if (signer) {
-        self_signed_identity = signer;
-        CFRetain(self_signed_identity);
-    } else {
-		self_signed_identity = SecSCEPCreateTemporaryIdentity(publicKey, privateKey);
-
-        /* Add our temporary cert to the keychain for CMS decryption of
-           the reply.  If we happened to have picked an existing UUID
-           we fail.  We should pick a different UUID and try again. */
-        require(self_signed_identity, out);
-        CFDictionaryRef identity_add = CFDictionaryCreate(NULL, 
-            &kSecValueRef, (const void **)&self_signed_identity, 1, NULL, NULL);
-        require_noerr_action(SecItemAdd(identity_add, NULL), out,
-            CFReleaseSafe(identity_add));
-        CFReleaseSafe(identity_add);
-    }
-    require(self_signed_identity, out);
-
-    signed_request = CFDataCreateMutable(kCFAllocatorDefault, 0);
-    require_noerr_action(SecCMSCreateSignedData(self_signed_identity, enveloped_data,
-    parameters, simple_attr, signed_request), out, CFReleaseNull(signed_request));
-
-
-out:
-
-    CFReleaseSafe(simple_attr);
-    CFReleaseSafe(self_signed_identity);
-    CFReleaseSafe(enveloped_data);
-    CFReleaseSafe(csr);
-    return signed_request;
-}
-
-
-CFDataRef
-SecSCEPCertifyRequest(CFDataRef request, SecIdentityRef ca_identity, CFDataRef serialno, bool pend_request)
-{
-    CFDictionaryRef simple_attr = NULL;
-    SecCertificateRef ca_certificate = NULL;
-    SecKeyRef ca_public_key = NULL;
-    SecCertificateRef cert = NULL;
-    SecPolicyRef policy = NULL;
-    CFDataRef cert_pkcs7 = NULL;
-    CFMutableDataRef cert_msg = NULL;
-    CFMutableDataRef signed_reply = NULL;
-    SecTrustRef trust = NULL;
-    CFDataRef signed_content = NULL;
-    CFDictionaryRef signed_attributes = NULL;
-    SecCertificateRef signer_cert = NULL;
-    CFDataRef transid_oid_data = NULL, senderNonce_oid_data = NULL, transid_value = NULL;
-    CFDataRef subject = NULL, extensions = NULL, senderNonce_value = NULL;
-    CFStringRef challenge = NULL;
-    SecKeyRef tbsPublicKey = NULL;
-    CFMutableDataRef encrypted_content = NULL;
-    SecCertificateRef recipient = NULL;
-    CFDictionaryRef parameters = NULL;
-    
-    require_noerr(SecIdentityCopyCertificate(ca_identity, &ca_certificate), out);
-    ca_public_key = SecCertificateCopyPublicKey(ca_certificate); /*@@@*/
-
-    /* unwrap outer layer: */
-    policy = SecPolicyCreateBasicX509();
-
-    require_noerr(SecCMSVerifyCopyDataAndAttributes(request, NULL, 
-        policy, &trust, &signed_content, &signed_attributes), out);
-    /* remember signer: is signer certified by us, then re-certify, no challenge needed */
-    SecTrustResultType result;
-    require_noerr(SecTrustEvaluate(trust, &result), out);
-    require (signer_cert = SecTrustGetCertificateAtIndex(trust, 0), out);
-    bool recertify = !SecCertificateIsSignedBy(signer_cert, ca_public_key);
-        
-    /* msgType should be certreq msg */
-    require(scep_attr_has_val(signed_attributes, messageType, PKCSReq), out);
-
-    /* remember transaction id just for reuse */
-    require(transid_oid_data = scep_oid(transId), out);
-    require(transid_value = 
-        dictionary_array_value_1(signed_attributes, transid_oid_data), out);
-    
-    /* senderNonce becomes recipientNonce */
-    require(senderNonce_oid_data = scep_oid(senderNonce), out);
-    require(senderNonce_value =
-        dictionary_array_value_1(signed_attributes, senderNonce_oid_data), out);
-
-    /* decrypt the request */
-    encrypted_content = CFDataCreateMutable(kCFAllocatorDefault, 0);
-    require_noerr(SecCMSDecryptEnvelopedData(signed_content, encrypted_content, &recipient), out);
-    require(recipient && CFEqual(ca_certificate, recipient), out);
-    
-    /* verify CSR */
-    require(SecVerifyCertificateRequest(encrypted_content, &tbsPublicKey, &challenge, &subject, &extensions), out);
-    CFReleaseNull(encrypted_content);
-
-    /* @@@
-    // alternatively send a pending message
-    // pkistatus {{id-attributes pkiStatus(3)} "FAILURE"} 
-    // failInfo {{id-attributes failInfo(4)} "the reason to reject"} 
-    */
-
-    /* verify challenge - this would need to be a callout that can determine
-       the challenge appropriate for the subject */
-    if (!recertify)
-        require( challenge && (CFStringGetTypeID() == CFGetTypeID(challenge)) &&
-            CFEqual(CFSTR("magic"), challenge), out);
-
-	require(cert_msg = CFDataCreateMutable(kCFAllocatorDefault, 0), out);
-
-	if (!pend_request) {
-		/* sign cert */
-		cert = SecIdentitySignCertificate(ca_identity, serialno,
-			tbsPublicKey, subject, extensions);
-
-		/* degenerate cms with cert */
-		require (cert_pkcs7 = SecCMSCreateCertificatesOnlyMessage(cert), out);
-		CFReleaseNull(cert);
-
-		/* envelope for client */
-		require_noerr(SecCMSCreateEnvelopedData(signer_cert, NULL, cert_pkcs7, cert_msg), out);
-		CFReleaseNull(cert_pkcs7);
-	}
-
-	CFDataRef pki_status_oid = scep_oid(pkiStatus);
-	CFDataRef pki_status_value = pend_request ? scep_result(PKIStatusPENDING) : scep_result(PKIStatusSUCCESS);
-	CFDataRef message_type_oid = scep_oid(messageType), message_type_value = scep_result(CertRep);
-	const void *oid[] = { transid_oid_data, pki_status_oid, message_type_oid };
-	const void *value[] = { transid_value, pki_status_value, message_type_value };
-	simple_attr = CFDictionaryCreate(kCFAllocatorDefault, oid, value, array_size(oid),
-		&kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
-	CFReleaseSafe(pki_status_oid); CFReleaseSafe(pki_status_value);
-	CFReleaseSafe(message_type_oid); CFReleaseSafe(message_type_value);
-
-	/* sign with ra/ca cert and add attributes */
-	signed_reply = CFDataCreateMutable(kCFAllocatorDefault, 0);
-    const void *signing_params[] = { kSecCMSCertChainMode };
-    const void *signing_params_vals[] = { kSecCMSCertChainModeNone };
-    parameters = CFDictionaryCreate(kCFAllocatorDefault, signing_params, signing_params_vals, array_size(signing_params), &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
-    require_noerr_action(SecCMSCreateSignedData(ca_identity, cert_msg, parameters, simple_attr, signed_reply), out, CFReleaseNull(signed_reply));
-
-out:
-    CFReleaseSafe(ca_certificate);
-    CFReleaseSafe(ca_public_key);
-    CFReleaseSafe(cert);
-    CFReleaseSafe(cert_pkcs7);
-    CFReleaseSafe(cert_msg);
-    CFReleaseSafe(trust);
-    CFReleaseSafe(policy);
-    CFReleaseSafe(signed_content);
-    CFReleaseSafe(signed_attributes);
-    CFReleaseSafe(transid_oid_data);
-    CFReleaseSafe(senderNonce_oid_data);
-    CFReleaseSafe(subject);
-    CFReleaseSafe(extensions);
-    CFReleaseSafe(challenge);
-    CFReleaseSafe(tbsPublicKey);
-    CFReleaseSafe(encrypted_content);
-    CFReleaseSafe(simple_attr);
-    CFReleaseSafe(recipient);
-    CFReleaseSafe(parameters);
-    
-    return signed_reply;
-}
-
-static CFStringRef
-copy_signed_attr_printable_string_value(CFDictionaryRef signed_attributes, scep_attr_t attr)
-{
-	CFStringRef printable_string = NULL;
-	CFDataRef key_oid = NULL;
-
-	key_oid = scep_oid(attr);
-	require(key_oid, out);
-
-	CFArrayRef values = (CFArrayRef)CFDictionaryGetValue(signed_attributes, key_oid);
-	require_quiet(values && (CFGetTypeID(values) == CFArrayGetTypeID())
-			&& (CFArrayGetCount(values) == 1), out);
-	CFDataRef value = CFArrayGetValueAtIndex(values, 0);
-	const uint8_t *bytes = CFDataGetBytePtr(value);
-	size_t length = CFDataGetLength(value);
-	require(length >= 2, out);
-	require(bytes[0] == 0x13, out);
-	/* no scep responses defined that are longer */
-	require(!(bytes[1] & 0x80) && (bytes[1] == length-2), out);
-	printable_string = CFStringCreateWithBytes(kCFAllocatorDefault,
-		bytes + 2, length - 2, kCFStringEncodingASCII, false);
-out:
-	CFReleaseSafe(key_oid);
-
-	return printable_string;
-}
-
-CFArrayRef
-SecSCEPVerifyReply(CFDataRef request, CFDataRef reply, CFTypeRef ca_certificates,
-    CFErrorRef *server_error)
-{
-    SecKeyRef ca_public_key = NULL;
-    SecCertificateRef cert = NULL;
-    SecPolicyRef policy = NULL;
-    CFDataRef cert_msg = NULL;    
-    CFMutableDataRef enc_cert_msg = NULL;
-    SecTrustRef trust = NULL;
-    CFDataRef signed_content = NULL;
-    CFDictionaryRef signed_attributes = NULL;
-    CFDictionaryRef attributes = NULL;
-    SecCertificateRef signer_cert = NULL;
-
-    CFMutableDataRef encrypted_content = NULL;
-    SecCertificateRef recipient = NULL;
-    CFArrayRef certificates = NULL;
-
-    SecCertificateRef reply_signer = NULL;
-    
-    CFStringRef msg_type = NULL;
-    CFStringRef pki_status = NULL;
-
-    if (CFGetTypeID(ca_certificates) == SecCertificateGetTypeID()) {
-        reply_signer = (SecCertificateRef)ca_certificates;
-    } else if (CFGetTypeID(ca_certificates) == CFArrayGetTypeID()) {
-        CFIndex reply_signer_count = CFArrayGetCount(ca_certificates);
-        if (reply_signer_count > 1) {
-            /* get the signer cert */
-            reply_signer = (SecCertificateRef)CFArrayGetValueAtIndex(ca_certificates, 1);
-        } else if (reply_signer_count == 1) {
-            /* if there is at least one we'll assume it's sign+encrypt */
-            reply_signer = (SecCertificateRef)CFArrayGetValueAtIndex(ca_certificates, 0);
-        }
-    }
-    require(reply_signer, out);
-
-    /* unwrap outer layer */
-    policy = SecPolicyCreateBasicX509();
-    CFArrayRef additional_certificates = CFArrayCreate(kCFAllocatorDefault, (const void **)&reply_signer, 1, &kCFTypeArrayCallBacks);
-    require_noerr(SecCMSVerifySignedData(reply, NULL,
-        policy, &trust, additional_certificates, &signed_content, &attributes), out);
-    CFReleaseSafe(additional_certificates);
-    if (attributes)
-        signed_attributes = CFDictionaryGetValue(attributes, kSecCMSSignedAttributes);
-
-    /* response should be signed by ra */
-    SecTrustResultType result;
-    require_noerr(SecTrustEvaluate(trust, &result), out);
-    require(signer_cert = SecTrustGetCertificateAtIndex(trust, 0), out);
-    require(CFEqual(reply_signer, signer_cert), out);
-
-    /* msgType should be certreq msg */
-    require(signed_attributes, out);
-    msg_type = copy_signed_attr_printable_string_value(signed_attributes, messageType);
-    pki_status = copy_signed_attr_printable_string_value(signed_attributes, pkiStatus);
-
-    if (msg_type || pki_status) {
-        require(msg_type && CFEqual(msg_type, CFSTR("3")), out);
-
-        require(pki_status, out);
-        if (CFEqual(pki_status, CFSTR("2"))) {
-            goto out; // FAILURE, the end (return NULL)
-        } else if (CFEqual(pki_status, CFSTR("3"))) {
-            CFDataRef transid_oid_data = NULL, transid_value = NULL;
-            require(transid_oid_data = scep_oid(transId), out);
-            require(transid_value = dictionary_array_value_1(signed_attributes, transid_oid_data), out);
-            CFDictionaryRef err_dict = CFDictionaryCreate(kCFAllocatorDefault, (const void **)&transid_oid_data, (const void **)&transid_value, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
-            *server_error = CFErrorCreate(kCFAllocatorDefault,
-                CFSTR("PENDING"), 3, err_dict);
-            CFReleaseSafe(err_dict);
-            CFReleaseSafe(transid_oid_data);
-            goto out;
-        }
-        require(CFEqual(pki_status, CFSTR("0")), out);
-    }
-
-    // can we decode the request?
-    encrypted_content = CFDataCreateMutable(kCFAllocatorDefault, 0);
-    require_noerr(SecCMSDecryptEnvelopedData(signed_content, encrypted_content, &recipient), out);
-    require(recipient, out);
-    // verify recipient belongs with our private key
-
-    // verify CSR:
-    require(certificates = SecCMSCertificatesOnlyMessageCopyCertificates(encrypted_content), out);
-
-    // recipient is either our temporary self-signed cert or the old cert we just used
-    // to recertify.  if we have new certificates and have stored them successfully we
-    // can now get rid of the cert.
-    /* XXX/cs
-       This should move outside of thise function when we force a signer
-       to be passed in */
-    CFDictionaryRef cert_delete = CFDictionaryCreate(NULL,
-        &kSecValueRef, (const void **)&recipient, 1, NULL, NULL);
-    require_noerr_action(SecItemDelete(cert_delete), out,
-        CFReleaseSafe(cert_delete));
-    CFReleaseSafe(cert_delete);
-
-out:
-    CFReleaseSafe(ca_public_key);
-    CFReleaseSafe(cert);
-    CFReleaseSafe(cert_msg);    
-    CFReleaseSafe(enc_cert_msg);
-    CFReleaseSafe(trust);
-    CFReleaseSafe(policy);
-    CFReleaseSafe(signed_content);
-    CFReleaseSafe(encrypted_content);
-    CFReleaseSafe(recipient);
-    CFReleaseSafe(msg_type);
-    CFReleaseSafe(pki_status);
-    CFReleaseSafe(attributes);
-    
-    return certificates;
-}
-
-OSStatus SecSCEPValidateCACertMessage(CFArrayRef certs,
-    CFDataRef ca_fingerprint,
-    SecCertificateRef *ca_certificate, 
-    SecCertificateRef *ra_signing_certificate,
-    SecCertificateRef *ra_encryption_certificate)
-{
-    OSStatus status = errSecParam;
-    SecCertificateRef _ca_certificate = NULL, _ra_signing_certificate = NULL,
-        _ra_encryption_certificate = NULL, _ra_certificate = NULL;
-        
-    CFIndex j, count = CFArrayGetCount(certs);
-    CFMutableArrayRef chain = CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks);
-    SecPolicyRef policy = SecPolicyCreateBasicX509();
-    SecTrustRef trust = NULL;
-    require(chain, out);
-    for (j=0; j<count; j++) {
-        const void *candidate_leaf = CFArrayGetValueAtIndex(certs, j);
-        CFArrayRemoveAllValues(chain);
-        CFArraySetValueAtIndex(chain, 0, candidate_leaf);
-        CFArrayAppendArray(chain, certs, CFRangeMake(0, count));
-        CFArrayRemoveValueAtIndex(chain, 1 + j);
-        require_noerr(SecTrustCreateWithCertificates(chain,
-            policy, &trust), out);
-        SecTrustResultType trust_result;
-        SecTrustEvaluate(trust, &trust_result);
-        CFIndex chain_count = SecTrustGetCertificateCount(trust);
-        secdebug("scep", "candidate leaf: %@ forms chain of length %" PRIdCFIndex, candidate_leaf, chain_count);
-        if (chain_count > 1) {
-            SecCertificateRef leaf = SecTrustGetCertificateAtIndex(trust, 0);
-            SecCertificateRef ca_leaf = SecTrustGetCertificateAtIndex(trust, chain_count - 1);
-            if (!_ca_certificate) {
-                if (ca_fingerprint) {
-                    secdebug("scep", "checking ca %@ against fingerprint %@", ca_leaf, ca_fingerprint);
-                    uint8_t ca_hash[CC_SHA1_DIGEST_LENGTH]; /*max(md5,sha-1)*/
-                    CFDataRef ca_cert_data = SecCertificateCopyData(ca_leaf);
-                    require(ca_cert_data, out);
-                    size_t ca_data_len = CFDataGetLength(ca_cert_data);
-                    size_t ca_fingerprint_len = CFDataGetLength(ca_fingerprint);
-                    const uint8_t *ca_data = CFDataGetBytePtr(ca_cert_data);
-                    require(ca_data_len && ca_data, out);
-                    require(ca_data_len<UINT32_MAX, out);
-                    switch (ca_fingerprint_len) {
-                        case CC_MD5_DIGEST_LENGTH:
-                            CC_MD5(ca_data, (CC_LONG)ca_data_len, ca_hash);
-                            break;
-
-                        case CC_SHA1_DIGEST_LENGTH:
-                            CCDigest(kCCDigestSHA1, ca_data, (CC_LONG)ca_data_len, ca_hash);
-                            break;
-
-                        default:
-                            goto out;
-                    }
-                    CFRelease(ca_cert_data);
-                    CFDataRef ca_hash_cfdata = CFDataCreate(kCFAllocatorDefault,
-                        ca_hash, ca_fingerprint_len);
-                    require(ca_hash_cfdata, out);
-                    require_action(CFEqual(ca_fingerprint, ca_hash_cfdata),
-                        out, CFRelease(ca_hash_cfdata));
-                    CFRelease(ca_hash_cfdata);
-                }
-                _ca_certificate = ca_leaf;
-                CFRetain(ca_leaf);
-            } else {
-                // if ca_certificate is already set, this should be the same
-                require(CFEqual(_ca_certificate, ca_leaf), out);
-            }
-
-            // is leaf allowed to sign and/or encrypt?
-            SecKeyUsage key_usage = SecCertificateGetKeyUsage(leaf);
-            bool can_sign = (key_usage & kSecKeyUsageDigitalSignature);
-            bool can_enc = (key_usage & kSecKeyUsageKeyEncipherment);
-            if (!_ra_certificate && can_sign && can_enc) {
-                _ra_certificate = leaf;
-                CFRetain(leaf);
-            }
-            else if (!_ra_encryption_certificate && !can_sign && can_enc) {
-                _ra_encryption_certificate = leaf;
-                CFRetain(leaf);
-            }
-            else if (!_ra_signing_certificate && !can_enc && can_sign) {
-                _ra_signing_certificate = leaf;
-                CFRetain(leaf);
-            }
-        }
-        if (trust) { CFRelease(trust); trust = NULL; }
-    }
-
-    // we should have both a ca certificate and at least one ra certificate now
-    require(_ca_certificate, out);
-    require(_ra_certificate ||
-        (_ra_signing_certificate && _ra_encryption_certificate), out);
-    
-    if (ca_certificate) {
-        *ca_certificate = _ca_certificate;
-        _ca_certificate = NULL;
-    }
-    if (_ra_signing_certificate && _ra_encryption_certificate) {
-        if (ra_signing_certificate) {
-            *ra_signing_certificate = _ra_signing_certificate;
-            _ra_signing_certificate = NULL;
-        }
-        if (ra_encryption_certificate) {
-            *ra_encryption_certificate = _ra_encryption_certificate;
-            _ra_encryption_certificate = NULL;
-        }
-    } else if (_ra_certificate) {
-        if (ra_signing_certificate) {
-            *ra_signing_certificate = _ra_certificate;
-            _ra_certificate = NULL;
-        }
-    }
-
-    status = errSecSuccess;
-
-out:
-    if (_ra_encryption_certificate) CFRelease(_ra_encryption_certificate);
-    if (_ra_signing_certificate) CFRelease(_ra_signing_certificate);
-    if (_ca_certificate) CFRelease(_ca_certificate);
-    if (policy) CFRelease(policy);
-    if (trust) CFRelease(trust);
-    if (chain) CFRelease(chain);
-    return status;
-
-}
-
-
-/*!
- @function SecSCEPGetCertInitial
- @abstract generate a scep cert initial request, to be presented to
- a scep server, in case the first request timed out
- */
-
-// XXX/cs pass CA/RA certificates as a CFTypeRef: one or more certificates for ca_certificate and recipient
-
-CFDataRef
-SecSCEPGetCertInitial(SecCertificateRef ca_certificate, CFArrayRef subject, CFDictionaryRef parameters,
-					  CFDictionaryRef signed_attrs, SecIdentityRef signer, CFTypeRef recipient)
-{
-    CFMutableDataRef signed_request = NULL;
-    CFMutableDictionaryRef simple_attr = NULL;
-    CFDataRef pki_message_contents = NULL;
-    CFMutableDataRef enveloped_data = NULL;
-
-    require(signed_attrs, out);
-    require(pki_message_contents = SecGenerateCertificateRequestSubject(ca_certificate, subject), out);
-    require(enveloped_data = CFDataCreateMutable(kCFAllocatorDefault, 0), out);
-    require_noerr(SecCMSCreateEnvelopedData(recipient, parameters, pki_message_contents, enveloped_data), out);
-
-    /* remember transaction id just for reuse */
-    simple_attr =  CFDictionaryCreateMutableCopy(kCFAllocatorDefault, 3, signed_attrs);
-
-    /* message type: GetCertInitial (20) */
-    CFDataRef msgtype_value_data = NULL;
-    CFDataRef msgtype_oid_data = NULL;
-    require(msgtype_oid_data = scep_oid(messageType), out);
-    require(msgtype_value_data = printable_string_data(sizeof(GetCertInitial) - 1, GetCertInitial), out);
-    CFDictionarySetValue(simple_attr, msgtype_oid_data, msgtype_value_data);
-    CFReleaseNull(msgtype_oid_data);
-    CFReleaseNull(msgtype_value_data);
-
-    /* random sender nonce, to be verified against recipient nonce in reply */
-	generate_sender_nonce(simple_attr);
-    signed_request = CFDataCreateMutable(kCFAllocatorDefault, 0);
-    require_noerr_action(SecCMSCreateSignedData(signer, enveloped_data,
-	parameters, simple_attr, signed_request), out, CFReleaseNull(signed_request));
-
-out:
-	CFReleaseSafe(simple_attr);
-	CFReleaseSafe(pki_message_contents);
-	CFReleaseSafe(enveloped_data);
-	return signed_request;
-}
-
-
-/*
-     +----------------+-----------------+---------------------------+
-     | Attribute      | Encoding        | Comment                   |
-     +----------------+-----------------+---------------------------+
-     | transactionID  | PrintableString | Decimal value as a string |
-     | messageType    | PrintableString | Decimal value as a string |
-     | pkiStatus      | PrintableString | Decimal value as a string |
-     | failInfo       | PrintableString | Decimal value as a string |
-     | senderNonce    | OctetString     |                           |
-     | recipientNonce | OctetString     |                           |
-     +----------------+-----------------+---------------------------+
-
-4.2.1.  transactionID
-
-   The transactionID is an attribute which uniquely identifies a
-   transaction.  This attribute is required in all PKI messages.
-
-   Because the enrollment transaction could be interrupted by various
-   errors, including network connection errors or client reboot, the
-   SCEP client generates a transaction identifier by calculating a hash
-   on the public key value for which the enrollment is requested.  This
-   retains the same transaction identifier throughout the enrollment
-   transaction, even if the client has rebooted or timed out, and issues
-   a new enrollment request for the same key pair.
-
-   It also provides the way for the CA to uniquely identify a
-   transaction in its database.  At the requester side, it generates a
-   transaction identifier which is included in PKCSReq.  If the CA
-   returns a response of PENDING, the requester will poll by
-   periodically sending out GetCertInitial with the same transaction
-   identifier until either a response other than PENDING is obtained, or
-   the configured maximum time has elapsed.
-
-   For non-enrollment message (for example GetCert and GetCRL), the
-   transactionID should be a number unique to the client.
-
-
-4.2.2.  messageType
-
-   The messageType attribute specify the type of operation performed by
-   the transaction.  This attribute is required in all PKI messages.
-   Currently, the following message types are defined:
-
-   o  PKCSReq (19) -- PKCS#10 [RFC2986] certificate request
-
-   o  CertRep (3) -- Response to certificate or CRL request
-
-   o  GetCertInitial (20) -- Certificate polling in manual enrollment
-
-   o  GetCert (21) -- Retrieve a certificate
-
-   o  GetCRL (22) -- Retrieve a CRL
-
-4.2.3.  pkiStatus
-
-   All response message will include transaction status information
-   which is defined as pkiStatus attribute:
-
-   o  SUCCESS (0) -- request granted
-
-   o  FAILURE (2) -- request rejected.  This also requires a failInfo
-      attribute to be present, as defined in section 4.2.4.
-
-   o  PENDING (3) -- request pending for manual approval
-
-
-4.2.4.  failInfo
-
-   The failInfo attribute will contain one of the following failure
-   reasons:
-
-   o  badAlg (0) -- Unrecognized or unsupported algorithm ident
-
-   o  badMessageCheck (1) -- integrity check failed
-
-   o  badRequest (2) -- transaction not permitted or supported
-
-   o  badTime (3) -- Message time field was not sufficiently close to
-      the system time
-
-   o  badCertId (4) -- No certificate could be identified matching the
-      provided criteria
-
-4.2.5.  senderNonce and responderNonce
-
-   The attributes of senderNonce and recipientNonce are the 16 byte
-   random numbers generated for each transaction to prevent the replay
-   attack.
-
-   When a requester sends a PKI message to the server, a senderNonce is
-   included in the message.  After the server processes the request, it
-   will send back the requester senderNonce as the recipientNonce and
-   generates another nonce as the senderNonce in the response message.
-   Because the proposed PKI protocol is a two-way communication
-   protocol, it is clear that the nonce can only be used by the
-   requester to prevent the replay.  The server has to employ extra
-   state related information to prevent a replay attack.
-
-*/