Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL

Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712)

CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI.
    Adds extensive man pages and tests.  Integration into build scripts.

Incremental pull request based on OpenSSL commit 1362190b1b78 of 2018-09-26

3rd chunk: CMP ASN.1 structures (in crypto/cmp/cmp_asn.c) and related files

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8669)

26 files changed, 1632 insertions, 166 deletions

diff --git a/INSTALL b/INSTALL
index 605f1d4cdb..e980f50e1d 100644
--- a/INSTALL
+++ b/INSTALL
@@ -314,6 +314,9 @@
                    Don't build the CAPI engine. This option will be forced if
                    on a platform that does not support CAPI.
 
+  no-cmp
+                   Don't build support for CMP features
+
   no-cms
                    Don't build support for CMS features
 
diff --git a/crypto/build.info b/crypto/build.info
index 629e819b8a..7798bcbe18 100644
--- a/crypto/build.info
+++ b/crypto/build.info
@@ -5,7 +5,7 @@ SUBDIRS=objects buffer bio stack lhash rand evp asn1 pem x509 conf \
         md2 md4 md5 sha mdc2 gmac hmac ripemd whrlpool poly1305 blake2 \
         siphash sm3 des aes rc2 rc4 rc5 idea aria bf cast camellia \
         seed sm4 chacha modes bn ec rsa dsa dh sm2 dso engine \
-        err comp ocsp cms ts srp cmac ct async kmac ess crmf
+        err comp ocsp cms ts srp cmac ct async kmac ess crmf cmp
 
 LIBS=../libcrypto
 # The Core
diff --git a/crypto/cmp/build.info b/crypto/cmp/build.info
new file mode 100644
index 0000000000..6b6ccaaf49
--- /dev/null
+++ b/crypto/cmp/build.info
@@ -0,0 +1,2 @@
+LIBS=../../libcrypto
+SOURCE[../../libcrypto]= cmp_asn.c cmp_err.c
diff --git a/crypto/cmp/cmp_asn.c b/crypto/cmp/cmp_asn.c
new file mode 100644
index 0000000000..8555586dfd
--- /dev/null
+++ b/crypto/cmp/cmp_asn.c
@@ -0,0 +1,398 @@
+/*
+ * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright Nokia 2007-2019
+ * Copyright Siemens AG 2015-2019
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ *
+ * CMP implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
+ */
+
+#include <openssl/asn1t.h>
+
+#include "cmp_int.h"
+
+/* explicit #includes not strictly needed since implied by the above: */
+#include <openssl/cmp.h>
+#include <openssl/crmf.h>
+
+/* ASN.1 declarations from RFC4210 */
+ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT) = {
+    /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */
+    ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, status, ASN1_INTEGER),
+    ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, certId, OSSL_CRMF_CERTID),
+    ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, willBeRevokedAt, ASN1_GENERALIZEDTIME),
+    ASN1_SIMPLE(OSSL_CMP_REVANNCONTENT, badSinceDate, ASN1_GENERALIZEDTIME),
+    ASN1_OPT(OSSL_CMP_REVANNCONTENT, crlDetails, X509_EXTENSIONS)
+} ASN1_SEQUENCE_END(OSSL_CMP_REVANNCONTENT)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT)
+
+
+ASN1_SEQUENCE(OSSL_CMP_CHALLENGE) = {
+    ASN1_OPT(OSSL_CMP_CHALLENGE, owf, X509_ALGOR),
+    ASN1_SIMPLE(OSSL_CMP_CHALLENGE, witness, ASN1_OCTET_STRING),
+    ASN1_SIMPLE(OSSL_CMP_CHALLENGE, challenge, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(OSSL_CMP_CHALLENGE)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE)
+
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYCHALLCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+                          OSSL_CMP_POPODECKEYCHALLCONTENT, OSSL_CMP_CHALLENGE)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYCHALLCONTENT)
+
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_POPODECKEYRESPCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+                          OSSL_CMP_POPODECKEYRESPCONTENT, ASN1_INTEGER)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POPODECKEYRESPCONTENT)
+
+
+ASN1_SEQUENCE(OSSL_CMP_CAKEYUPDANNCONTENT) = {
+    /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
+    ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, oldWithNew, X509),
+    /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
+    ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, newWithOld, X509),
+    /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
+    ASN1_SIMPLE(OSSL_CMP_CAKEYUPDANNCONTENT, newWithNew, X509)
+} ASN1_SEQUENCE_END(OSSL_CMP_CAKEYUPDANNCONTENT)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT)
+
+
+ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT) = {
+    ASN1_SIMPLE(OSSL_CMP_ERRORMSGCONTENT, pKIStatusInfo, OSSL_CMP_PKISI),
+    ASN1_OPT(OSSL_CMP_ERRORMSGCONTENT, errorCode, ASN1_INTEGER),
+    /*
+     * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
+     * so it is used directly
+     *
+     */
+    ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT, errorDetails, ASN1_UTF8STRING)
+} ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT)
+
+ASN1_ADB_TEMPLATE(infotypeandvalue_default) = ASN1_OPT(OSSL_CMP_ITAV,
+        infoValue.other, ASN1_ANY);
+/* ITAV means InfoTypeAndValue */
+ASN1_ADB(OSSL_CMP_ITAV) = {
+    /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
+    ADB_ENTRY(NID_id_it_caProtEncCert, ASN1_OPT(OSSL_CMP_ITAV,
+                                                infoValue.caProtEncCert, X509)),
+    ADB_ENTRY(NID_id_it_signKeyPairTypes,
+              ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV,
+                                   infoValue.signKeyPairTypes, X509_ALGOR)),
+    ADB_ENTRY(NID_id_it_encKeyPairTypes,
+              ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV,
+                                   infoValue.encKeyPairTypes, X509_ALGOR)),
+    ADB_ENTRY(NID_id_it_preferredSymmAlg,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.preferredSymmAlg,
+                       X509_ALGOR)),
+    ADB_ENTRY(NID_id_it_caKeyUpdateInfo,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.caKeyUpdateInfo,
+                       OSSL_CMP_CAKEYUPDANNCONTENT)),
+    ADB_ENTRY(NID_id_it_currentCRL,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.currentCRL, X509_CRL)),
+    ADB_ENTRY(NID_id_it_unsupportedOIDs,
+              ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV,
+                                   infoValue.unsupportedOIDs, ASN1_OBJECT)),
+    ADB_ENTRY(NID_id_it_keyPairParamReq,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.keyPairParamReq,
+                       ASN1_OBJECT)),
+    ADB_ENTRY(NID_id_it_keyPairParamRep,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.keyPairParamRep,
+                       X509_ALGOR)),
+    ADB_ENTRY(NID_id_it_revPassphrase,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.revPassphrase,
+                       OSSL_CRMF_ENCRYPTEDVALUE)),
+    ADB_ENTRY(NID_id_it_implicitConfirm,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.implicitConfirm,
+                       ASN1_NULL)),
+    ADB_ENTRY(NID_id_it_confirmWaitTime,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.confirmWaitTime,
+                       ASN1_GENERALIZEDTIME)),
+    ADB_ENTRY(NID_id_it_origPKIMessage,
+              ASN1_OPT(OSSL_CMP_ITAV, infoValue.origPKIMessage,
+                       OSSL_CMP_MSGS)),
+    ADB_ENTRY(NID_id_it_suppLangTags,
+              ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ITAV, infoValue.suppLangTagsValue,
+                                   ASN1_UTF8STRING)),
+} ASN1_ADB_END(OSSL_CMP_ITAV, 0, infoType, 0,
+               &infotypeandvalue_default_tt, NULL);
+
+
+ASN1_SEQUENCE(OSSL_CMP_ITAV) = {
+    ASN1_SIMPLE(OSSL_CMP_ITAV, infoType, ASN1_OBJECT),
+    ASN1_ADB_OBJECT(OSSL_CMP_ITAV)
+} ASN1_SEQUENCE_END(OSSL_CMP_ITAV)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ITAV)
+IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV)
+
+OSSL_CMP_ITAV *OSSL_CMP_ITAV_create(ASN1_OBJECT *type, ASN1_TYPE *value)
+{
+    OSSL_CMP_ITAV *itav;
+
+    if (type == NULL || (itav = OSSL_CMP_ITAV_new()) == NULL)
+        return NULL;
+    OSSL_CMP_ITAV_set0(itav, type, value);
+    return itav;
+}
+
+void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type,
+                        ASN1_TYPE *value)
+{
+    itav->infoType = type;
+    itav->infoValue.other = value;
+}
+
+ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav)
+{
+    if (itav == NULL)
+        return NULL;
+    return itav->infoType;
+}
+
+ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav)
+{
+    if (itav == NULL)
+        return NULL;
+    return itav->infoValue.other;
+}
+
+int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
+                                   OSSL_CMP_ITAV *itav)
+{
+    int created = 0;
+
+    if (itav_sk_p == NULL)
+        goto err;
+
+    if (*itav_sk_p == NULL) {
+        if ((*itav_sk_p = sk_OSSL_CMP_ITAV_new_null()) == NULL)
+            goto err;
+        created = 1;
+    }
+    if (itav != NULL) {
+        if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p, itav))
+            goto err;
+    }
+    return 1;
+ err:
+    if (created != 0) {
+        sk_OSSL_CMP_ITAV_free(*itav_sk_p);
+        *itav_sk_p = NULL;
+    }
+    return 0;
+}
+
+ASN1_CHOICE(OSSL_CMP_CERTORENCCERT) = {
+    /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
+    ASN1_EXP(OSSL_CMP_CERTORENCCERT, value.certificate, X509, 0),
+    ASN1_EXP(OSSL_CMP_CERTORENCCERT, value.encryptedCert,
+             OSSL_CRMF_ENCRYPTEDVALUE, 1),
+} ASN1_CHOICE_END(OSSL_CMP_CERTORENCCERT)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT)
+
+
+ASN1_SEQUENCE(OSSL_CMP_CERTIFIEDKEYPAIR) = {
+    ASN1_SIMPLE(OSSL_CMP_CERTIFIEDKEYPAIR, certOrEncCert,
+                OSSL_CMP_CERTORENCCERT),
+    ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR, privateKey,
+                 OSSL_CRMF_ENCRYPTEDVALUE, 0),
+    ASN1_EXP_OPT(OSSL_CMP_CERTIFIEDKEYPAIR, publicationInfo,
+                 OSSL_CRMF_PKIPUBLICATIONINFO, 1)
+} ASN1_SEQUENCE_END(OSSL_CMP_CERTIFIEDKEYPAIR)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR)
+
+
+ASN1_SEQUENCE(OSSL_CMP_REVDETAILS) = {
+    ASN1_SIMPLE(OSSL_CMP_REVDETAILS, certDetails, OSSL_CRMF_CERTTEMPLATE),
+    ASN1_OPT(OSSL_CMP_REVDETAILS, crlEntryDetails, X509_EXTENSIONS)
+} ASN1_SEQUENCE_END(OSSL_CMP_REVDETAILS)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS)
+
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_REVREQCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_REVREQCONTENT,
+                          OSSL_CMP_REVDETAILS)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_REVREQCONTENT)
+
+
+ASN1_SEQUENCE(OSSL_CMP_REVREPCONTENT) = {
+    ASN1_SEQUENCE_OF(OSSL_CMP_REVREPCONTENT, status, OSSL_CMP_PKISI),
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT, revCerts, OSSL_CRMF_CERTID,
+                             0),
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_REVREPCONTENT, crls, X509_CRL, 1)
+} ASN1_SEQUENCE_END(OSSL_CMP_REVREPCONTENT)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT)
+
+
+ASN1_SEQUENCE(OSSL_CMP_KEYRECREPCONTENT) = {
+    ASN1_SIMPLE(OSSL_CMP_KEYRECREPCONTENT, status, OSSL_CMP_PKISI),
+    ASN1_EXP_OPT(OSSL_CMP_KEYRECREPCONTENT, newSigCert, X509, 0),
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT, caCerts, X509, 1),
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_KEYRECREPCONTENT, keyPairHist,
+                             OSSL_CMP_CERTIFIEDKEYPAIR, 2)
+} ASN1_SEQUENCE_END(OSSL_CMP_KEYRECREPCONTENT)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT)
+
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_PKISTATUS) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_UNIVERSAL, 0, status, ASN1_INTEGER)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_PKISTATUS)
+
+ASN1_SEQUENCE(OSSL_CMP_PKISI) = {
+    ASN1_SIMPLE(OSSL_CMP_PKISI, status, OSSL_CMP_PKISTATUS),
+    /*
+     * CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
+     * so it is used directly
+     */
+    ASN1_SEQUENCE_OF_OPT(OSSL_CMP_PKISI, statusString, ASN1_UTF8STRING),
+    /*
+     * OSSL_CMP_PKIFAILUREINFO is effectively ASN1_BIT_STRING so used directly
+     */
+    ASN1_OPT(OSSL_CMP_PKISI, failInfo, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(OSSL_CMP_PKISI)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
+IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI)
+
+ASN1_SEQUENCE(OSSL_CMP_CERTSTATUS) = {
+    ASN1_SIMPLE(OSSL_CMP_CERTSTATUS, certHash, ASN1_OCTET_STRING),
+    ASN1_SIMPLE(OSSL_CMP_CERTSTATUS, certReqId, ASN1_INTEGER),
+    ASN1_OPT(OSSL_CMP_CERTSTATUS, statusInfo, OSSL_CMP_PKISI)
+} ASN1_SEQUENCE_END(OSSL_CMP_CERTSTATUS)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS)
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_CERTCONFIRMCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_CERTCONFIRMCONTENT,
+                          OSSL_CMP_CERTSTATUS)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CERTCONFIRMCONTENT)
+
+ASN1_SEQUENCE(OSSL_CMP_CERTRESPONSE) = {
+    ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE, certReqId, ASN1_INTEGER),
+    ASN1_SIMPLE(OSSL_CMP_CERTRESPONSE, status, OSSL_CMP_PKISI),
+    ASN1_OPT(OSSL_CMP_CERTRESPONSE, certifiedKeyPair,
+             OSSL_CMP_CERTIFIEDKEYPAIR),
+    ASN1_OPT(OSSL_CMP_CERTRESPONSE, rspInfo, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(OSSL_CMP_CERTRESPONSE)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTRESPONSE)
+
+ASN1_SEQUENCE(OSSL_CMP_POLLREQ) = {
+    ASN1_SIMPLE(OSSL_CMP_POLLREQ, certReqId, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(OSSL_CMP_POLLREQ)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREQ)
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREQCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_POLLREQCONTENT,
+                          OSSL_CMP_POLLREQ)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREQCONTENT)
+
+ASN1_SEQUENCE(OSSL_CMP_POLLREP) = {
+    ASN1_SIMPLE(OSSL_CMP_POLLREP, certReqId, ASN1_INTEGER),
+    ASN1_SIMPLE(OSSL_CMP_POLLREP, checkAfter, ASN1_INTEGER),
+    ASN1_SEQUENCE_OF_OPT(OSSL_CMP_POLLREP, reason, ASN1_UTF8STRING),
+} ASN1_SEQUENCE_END(OSSL_CMP_POLLREP)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_POLLREP)
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_POLLREPCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+                          OSSL_CMP_POLLREPCONTENT,
+                          OSSL_CMP_POLLREP)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_POLLREPCONTENT)
+
+ASN1_SEQUENCE(OSSL_CMP_CERTREPMESSAGE) = {
+    /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_CERTREPMESSAGE, caPubs, X509, 1),
+    ASN1_SEQUENCE_OF(OSSL_CMP_CERTREPMESSAGE, response, OSSL_CMP_CERTRESPONSE)
+} ASN1_SEQUENCE_END(OSSL_CMP_CERTREPMESSAGE)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_CERTREPMESSAGE)
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_GENMSGCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_GENMSGCONTENT,
+                          OSSL_CMP_ITAV)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENMSGCONTENT)
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_GENREPCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_GENREPCONTENT,
+                          OSSL_CMP_ITAV)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_GENREPCONTENT)
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_CRLANNCONTENT) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0,
+                          OSSL_CMP_CRLANNCONTENT, X509_CRL)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_CRLANNCONTENT)
+
+ASN1_CHOICE(OSSL_CMP_PKIBODY) = {
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.ir, OSSL_CRMF_MSGS, 0),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.ip, OSSL_CMP_CERTREPMESSAGE, 1),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.cr, OSSL_CRMF_MSGS, 2),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.cp, OSSL_CMP_CERTREPMESSAGE, 3),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.p10cr, X509_REQ, 4),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecc, OSSL_CMP_POPODECKEYCHALLCONTENT, 5),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecr, OSSL_CMP_POPODECKEYRESPCONTENT, 6),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.kur, OSSL_CRMF_MSGS, 7),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.kup, OSSL_CMP_CERTREPMESSAGE, 8),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.krr, OSSL_CRMF_MSGS, 9),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.krp, OSSL_CMP_KEYRECREPCONTENT, 10),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.rr, OSSL_CMP_REVREQCONTENT, 11),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.rp, OSSL_CMP_REVREPCONTENT, 12),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.ccr, OSSL_CRMF_MSGS, 13),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.ccp, OSSL_CMP_CERTREPMESSAGE, 14),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.ckuann, OSSL_CMP_CAKEYUPDANNCONTENT, 15),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.cann, X509, 16),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.rann, OSSL_CMP_REVANNCONTENT, 17),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.crlann, OSSL_CMP_CRLANNCONTENT, 18),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.pkiconf, ASN1_ANY, 19),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.nested, OSSL_CMP_MSGS, 20),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.genm, OSSL_CMP_GENMSGCONTENT, 21),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.genp, OSSL_CMP_GENREPCONTENT, 22),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.error, OSSL_CMP_ERRORMSGCONTENT, 23),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.certConf, OSSL_CMP_CERTCONFIRMCONTENT, 24),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.pollReq, OSSL_CMP_POLLREQCONTENT, 25),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.pollRep, OSSL_CMP_POLLREPCONTENT, 26),
+} ASN1_CHOICE_END(OSSL_CMP_PKIBODY)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIBODY)
+
+ASN1_SEQUENCE(OSSL_CMP_PKIHEADER) = {
+    ASN1_SIMPLE(OSSL_CMP_PKIHEADER, pvno, ASN1_INTEGER),
+    ASN1_SIMPLE(OSSL_CMP_PKIHEADER, sender, GENERAL_NAME),
+    ASN1_SIMPLE(OSSL_CMP_PKIHEADER, recipient, GENERAL_NAME),
+    ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, messageTime, ASN1_GENERALIZEDTIME, 0),
+    ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, protectionAlg, X509_ALGOR, 1),
+    ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, senderKID, ASN1_OCTET_STRING, 2),
+    ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, recipKID, ASN1_OCTET_STRING, 3),
+    ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, transactionID, ASN1_OCTET_STRING, 4),
+    ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, senderNonce, ASN1_OCTET_STRING, 5),
+    ASN1_EXP_OPT(OSSL_CMP_PKIHEADER, recipNonce, ASN1_OCTET_STRING, 6),
+    /*
+     * OSSL_CMP_PKIFREETEXT is effectively a sequence of ASN1_UTF8STRING
+     * so it is used directly
+     */
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER, freeText, ASN1_UTF8STRING, 7),
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_PKIHEADER, generalInfo,
+                             OSSL_CMP_ITAV, 8)
+} ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER)
+
+ASN1_SEQUENCE(CMP_PROTECTEDPART) = {
+    ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER),
+    ASN1_SIMPLE(OSSL_CMP_MSG, body, OSSL_CMP_PKIBODY)
+} ASN1_SEQUENCE_END(CMP_PROTECTEDPART)
+IMPLEMENT_ASN1_FUNCTIONS(CMP_PROTECTEDPART)
+
+ASN1_SEQUENCE(OSSL_CMP_MSG) = {
+    ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER),
+    ASN1_SIMPLE(OSSL_CMP_MSG, body, OSSL_CMP_PKIBODY),
+    ASN1_EXP_OPT(OSSL_CMP_MSG, protection, ASN1_BIT_STRING, 0),
+    /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
+    ASN1_EXP_SEQUENCE_OF_OPT(OSSL_CMP_MSG, extraCerts, X509, 1)
+} ASN1_SEQUENCE_END(OSSL_CMP_MSG)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_MSG)
+IMPLEMENT_ASN1_DUP_FUNCTION(OSSL_CMP_MSG)
+
+ASN1_ITEM_TEMPLATE(OSSL_CMP_MSGS) =
+    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, OSSL_CMP_MSGS,
+                          OSSL_CMP_MSG)
+ASN1_ITEM_TEMPLATE_END(OSSL_CMP_MSGS)
diff --git a/crypto/cmp/cmp_err.c b/crypto/cmp/cmp_err.c
new file mode 100644
index 0000000000..b85b8bac82
--- /dev/null
+++ b/crypto/cmp/cmp_err.c
@@ -0,0 +1,35 @@
+/*
+ * Generated by util/mkerr.pl DO NOT EDIT
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/err.h>
+#include <openssl/cmperr.h>
+
+#ifndef OPENSSL_NO_ERR
+
+static const ERR_STRING_DATA CMP_str_functs[] = {
+    {0, NULL}
+};
+
+static const ERR_STRING_DATA CMP_str_reasons[] = {
+    {0, NULL}
+};
+
+#endif
+
+int ERR_load_CMP_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+    if (ERR_func_error_string(CMP_str_functs[0].error) == NULL) {
+        ERR_load_strings_const(CMP_str_functs);
+        ERR_load_strings_const(CMP_str_reasons);
+    }
+#endif
+    return 1;
+}
diff --git a/crypto/cmp/cmp_int.h b/crypto/cmp/cmp_int.h
new file mode 100644
index 0000000000..e78968aaa1
--- /dev/null
+++ b/crypto/cmp/cmp_int.h
@@ -0,0 +1,589 @@
+/*
+ * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright Nokia 2007-2019
+ * Copyright Siemens AG 2015-2019
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ *
+ * CMP implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
+ */
+
+#ifndef OSSL_HEADER_CMP_INT_H
+# define OSSL_HEADER_CMP_INT_H
+
+# include "internal/cryptlib.h"
+
+# include <openssl/cmp.h>
+# include <openssl/err.h>
+
+/* explicit #includes not strictly needed since implied by the above: */
+# include <openssl/crmf.h>
+# include <openssl/ossl_typ.h>
+# include <openssl/safestack.h>
+# include <openssl/x509.h>
+# include <openssl/x509v3.h>
+
+/*
+ * ##########################################################################
+ * ASN.1 DECLARATIONS
+ * ##########################################################################
+ */
+
+/*-
+ *   RevAnnContent ::= SEQUENCE {
+ *       status              PKIStatus,
+ *       certId              CertId,
+ *       willBeRevokedAt     GeneralizedTime,
+ *       badSinceDate        GeneralizedTime,
+ *       crlDetails          Extensions  OPTIONAL
+ *       -- extra CRL details (e.g., crl number, reason, location, etc.)
+ *   }
+ */
+typedef struct OSSL_cmp_revanncontent_st {
+    ASN1_INTEGER *status;
+    OSSL_CRMF_CERTID *certId;
+    ASN1_GENERALIZEDTIME *willBeRevokedAt;
+    ASN1_GENERALIZEDTIME *badSinceDate;
+    X509_EXTENSIONS *crlDetails;
+} OSSL_CMP_REVANNCONTENT;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_REVANNCONTENT)
+
+/*-
+ *   Challenge ::= SEQUENCE {
+ *       owf                 AlgorithmIdentifier  OPTIONAL,
+ *
+ *       -- MUST be present in the first Challenge; MAY be omitted in
+ *       -- any subsequent Challenge in POPODecKeyChallContent (if
+ *       -- omitted, then the owf used in the immediately preceding
+ *       -- Challenge is to be used).
+ *
+ *       witness             OCTET STRING,
+ *       -- the result of applying the one-way function (owf) to a
+ *       -- randomly-generated INTEGER, A.  [Note that a different
+ *       -- INTEGER MUST be used for each Challenge.]
+ *       challenge           OCTET STRING
+ *       -- the encryption (under the public key for which the cert.
+ *       -- request is being made) of Rand, where Rand is specified as
+ *       --   Rand ::= SEQUENCE {
+ *       --      int      INTEGER,
+ *       --       - the randomly-generated INTEGER A (above)
+ *       --      sender   GeneralName
+ *       --       - the sender's name (as included in PKIHeader)
+ *       --   }
+ *   }
+ */
+typedef struct OSSL_cmp_challenge_st {
+    X509_ALGOR *owf;
+    ASN1_OCTET_STRING *witness;
+    ASN1_OCTET_STRING *challenge;
+} OSSL_CMP_CHALLENGE;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_CHALLENGE)
+
+/*-
+ *  CAKeyUpdAnnContent ::= SEQUENCE {
+ *     oldWithNew         Certificate,
+ *     newWithOld         Certificate,
+ *     newWithNew         Certificate
+ *  }
+ */
+typedef struct OSSL_cmp_cakeyupdanncontent_st {
+    X509 *oldWithNew;
+    X509 *newWithOld;
+    X509 *newWithNew;
+} OSSL_CMP_CAKEYUPDANNCONTENT;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_CAKEYUPDANNCONTENT)
+
+/*-
+ * declared already here as it will be used in OSSL_CMP_MSG (nested) and
+ * infoType and infoValue
+ */
+typedef STACK_OF(OSSL_CMP_MSG) OSSL_CMP_MSGS;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_MSGS)
+
+/*-
+ *   InfoTypeAndValue ::= SEQUENCE {
+ *       infoType               OBJECT IDENTIFIER,
+ *       infoValue              ANY DEFINED BY infoType  OPTIONAL
+ *   }
+ */
+struct OSSL_cmp_itav_st {
+    ASN1_OBJECT *infoType;
+    union {
+        char *ptr;
+        /* NID_id_it_caProtEncCert - CA Protocol Encryption Certificate */
+        X509 *caProtEncCert;
+        /* NID_id_it_signKeyPairTypes - Signing Key Pair Types */
+        STACK_OF(X509_ALGOR) *signKeyPairTypes;
+        /* NID_id_it_encKeyPairTypes - Encryption/Key Agreement Key Pair Types */
+        STACK_OF(X509_ALGOR) *encKeyPairTypes;
+        /* NID_id_it_preferredSymmAlg - Preferred Symmetric Algorithm */
+        X509_ALGOR *preferredSymmAlg;
+        /* NID_id_it_caKeyUpdateInfo - Updated CA Key Pair */
+        OSSL_CMP_CAKEYUPDANNCONTENT *caKeyUpdateInfo;
+        /* NID_id_it_currentCRL - CRL */
+        X509_CRL *currentCRL;
+        /* NID_id_it_unsupportedOIDs - Unsupported Object Identifiers */
+        STACK_OF(ASN1_OBJECT) *unsupportedOIDs;
+        /* NID_id_it_keyPairParamReq - Key Pair Parameters Request */
+        ASN1_OBJECT *keyPairParamReq;
+        /* NID_id_it_keyPairParamRep - Key Pair Parameters Response */
+        X509_ALGOR *keyPairParamRep;
+        /* NID_id_it_revPassphrase - Revocation Passphrase */
+        OSSL_CRMF_ENCRYPTEDVALUE *revPassphrase;
+        /* NID_id_it_implicitConfirm - ImplicitConfirm */
+        ASN1_NULL *implicitConfirm;
+        /* NID_id_it_confirmWaitTime - ConfirmWaitTime */
+        ASN1_GENERALIZEDTIME *confirmWaitTime;
+        /* NID_id_it_origPKIMessage - origPKIMessage */
+        OSSL_CMP_MSGS *origPKIMessage;
+        /* NID_id_it_suppLangTags - Supported Language Tags */
+        STACK_OF(ASN1_UTF8STRING) *suppLangTagsValue;
+        /* this is to be used for so far undeclared objects */
+        ASN1_TYPE *other;
+    } infoValue;
+} /* OSSL_CMP_ITAV */;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_ITAV)
+DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV)
+
+
+typedef struct OSSL_cmp_certorenccert_st {
+    int type;
+    union {
+        X509 *certificate;
+        OSSL_CRMF_ENCRYPTEDVALUE *encryptedCert;
+    } value;
+} OSSL_CMP_CERTORENCCERT;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_CERTORENCCERT)
+
+/*-
+ *   CertifiedKeyPair ::= SEQUENCE {
+ *       certOrEncCert       CertOrEncCert,
+ *       privateKey      [0] EncryptedValue      OPTIONAL,
+ *       -- see [CRMF] for comment on encoding
+ *       publicationInfo [1] PKIPublicationInfo  OPTIONAL
+ *   }
+ */
+typedef struct OSSL_cmp_certifiedkeypair_st {
+    OSSL_CMP_CERTORENCCERT *certOrEncCert;
+    OSSL_CRMF_ENCRYPTEDVALUE *privateKey;
+    OSSL_CRMF_PKIPUBLICATIONINFO *publicationInfo;
+} OSSL_CMP_CERTIFIEDKEYPAIR;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_CERTIFIEDKEYPAIR)
+
+/*-
+ *   PKIStatusInfo ::= SEQUENCE {
+ *       status        PKIStatus,
+ *       statusString  PKIFreeText     OPTIONAL,
+ *       failInfo      PKIFailureInfo  OPTIONAL
+ *   }
+ */
+struct OSSL_cmp_pkisi_st {
+    OSSL_CMP_PKISTATUS *status;
+    OSSL_CMP_PKIFREETEXT *statusString;
+    OSSL_CMP_PKIFAILUREINFO *failInfo;
+} /* OSSL_CMP_PKISI */;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
+DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_PKISI)
+
+/*-
+ *  RevReqContent ::= SEQUENCE OF RevDetails
+ *
+ *  RevDetails ::= SEQUENCE {
+ *      certDetails         CertTemplate,
+ *      crlEntryDetails     Extensions       OPTIONAL
+ *  }
+ */
+typedef struct OSSL_cmp_revdetails_st {
+    OSSL_CRMF_CERTTEMPLATE *certDetails;
+    X509_EXTENSIONS *crlEntryDetails;
+} OSSL_CMP_REVDETAILS;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_REVDETAILS)
+DEFINE_STACK_OF(OSSL_CMP_REVDETAILS)
+
+/*-
+ *   RevRepContent ::= SEQUENCE {
+ *       status       SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
+ *       -- in same order as was sent in RevReqContent
+ *       revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId
+ *                                           OPTIONAL,
+ *       -- IDs for which revocation was requested
+ *       -- (same order as status)
+ *       crls     [1] SEQUENCE SIZE (1..MAX) OF CertificateList
+ *                                           OPTIONAL
+ *       -- the resulting CRLs (there may be more than one)
+ *   }
+ */
+struct OSSL_cmp_revrepcontent_st {
+    STACK_OF(OSSL_CMP_PKISI) *status;
+    STACK_OF(OSSL_CRMF_CERTID) *revCerts;
+    STACK_OF(X509_CRL) *crls;
+} /* OSSL_CMP_REVREPCONTENT */;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_REVREPCONTENT)
+
+/*-
+ *  KeyRecRepContent ::= SEQUENCE {
+ *      status          PKIStatusInfo,
+ *      newSigCert  [0] Certificate                   OPTIONAL,
+ *      caCerts     [1] SEQUENCE SIZE (1..MAX) OF
+ *                                   Certificate      OPTIONAL,
+ *      keyPairHist [2] SEQUENCE SIZE (1..MAX) OF
+ *                                   CertifiedKeyPair OPTIONAL
+ *   }
+ */
+typedef struct OSSL_cmp_keyrecrepcontent_st {
+    OSSL_CMP_PKISI *status;
+    X509 *newSigCert;
+    STACK_OF(X509) *caCerts;
+    STACK_OF(OSSL_CMP_CERTIFIEDKEYPAIR) *keyPairHist;
+} OSSL_CMP_KEYRECREPCONTENT;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_KEYRECREPCONTENT)
+
+/*-
+ *   ErrorMsgContent ::= SEQUENCE {
+ *       pKIStatusInfo          PKIStatusInfo,
+ *       errorCode              INTEGER           OPTIONAL,
+ *       -- implementation-specific error codes
+ *       errorDetails           PKIFreeText       OPTIONAL
+ *       -- implementation-specific error details
+ *   }
+ */
+typedef struct OSSL_cmp_errormsgcontent_st {
+    OSSL_CMP_PKISI *pKIStatusInfo;
+    ASN1_INTEGER *errorCode;
+    OSSL_CMP_PKIFREETEXT *errorDetails;
+} OSSL_CMP_ERRORMSGCONTENT;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT)
+
+/*-
+ *   CertConfirmContent ::= SEQUENCE OF CertStatus
+ *
+ *   CertStatus ::= SEQUENCE {
+ *      certHash    OCTET STRING,
+ *      -- the hash of the certificate, using the same hash algorithm
+ *      -- as is used to create and verify the certificate signature
+ *      certReqId   INTEGER,
+ *      -- to match this confirmation with the corresponding req/rep
+ *      statusInfo  PKIStatusInfo OPTIONAL
+ *   }
+ */
+struct OSSL_cmp_certstatus_st {
+    ASN1_OCTET_STRING *certHash;
+    ASN1_INTEGER *certReqId;
+    OSSL_CMP_PKISI *statusInfo;
+} /* OSSL_CMP_CERTSTATUS */;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_CERTSTATUS)
+
+typedef STACK_OF(OSSL_CMP_CERTSTATUS) OSSL_CMP_CERTCONFIRMCONTENT;
+DECLARE_ASN1_FUNCTIONS(OSSL_CMP_CERTCONFIRMCONTENT)
+
+/*-
+ *   CertResponse ::= SEQUENCE {
+ *       certReqId           INTEGER,
+ *       -- to match this response with corresponding request (a value
+ *       -- of -1 is to be used if certReqId is not specified in the
+ *       -- corresponding request)
+ *       status              PKIStatusInfo,
+ *       certifiedKeyPair    CertifiedKeyPair    OPTIONAL,
+ *       rspInfo             OCTET STRING        OPTIONAL
+ *       -- analogous to the id-regInfo-utf8Pairs string defined
+ *       -- for regInfo in CertReqMsg [CRMF]
+ *   }
+ */
+struct OSSL_cmp_certresponse_st {
+    ASN1_INTEGER *certReqId;
+    OSSL_CMP_PKISI *status;
+    OSSL_CMP_CERTIFIEDKEYPAIR *certifiedKeyPair;
+    ASN1_OCTET_STRING *rspInfo;
+} /* OSSL_CMP_CERTRESPONSE */;