changed ASN.1 CONTROL log output to LEVEL2
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <gmp.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <string.h>
27
28 #include "x509.h"
29
30 #include <types.h>
31 #include <definitions.h>
32 #include <asn1/oid.h>
33 #include <asn1/asn1.h>
34 #include <asn1/pem.h>
35 #include <utils/logger_manager.h>
36 #include <utils/linked_list.h>
37 #include <utils/identification.h>
38
39 #define BITS_PER_BYTE 8
40 #define RSA_MIN_OCTETS (1024 / BITS_PER_BYTE)
41 #define RSA_MIN_OCTETS_UGH "RSA modulus too small for security: less than 1024 bits"
42 #define RSA_MAX_OCTETS (8192 / BITS_PER_BYTE)
43 #define RSA_MAX_OCTETS_UGH "RSA modulus too large: more than 8192 bits"
44
45 #define CERT_WARNING_INTERVAL 30 /* days */
46
47 logger_t *logger;
48
49 /**
50 * Different kinds of generalNames
51 */
52 typedef enum generalNames_t generalNames_t;
53
54 enum generalNames_t {
55 GN_OTHER_NAME = 0,
56 GN_RFC822_NAME = 1,
57 GN_DNS_NAME = 2,
58 GN_X400_ADDRESS = 3,
59 GN_DIRECTORY_NAME = 4,
60 GN_EDI_PARTY_NAME = 5,
61 GN_URI = 6,
62 GN_IP_ADDRESS = 7,
63 GN_REGISTERED_ID = 8,
64 };
65
66 typedef struct private_x509_t private_x509_t;
67
68 /**
69 * Private data of a x509_t object.
70 */
71 struct private_x509_t {
72 /**
73 * Public interface for this certificate.
74 */
75 x509_t public;
76
77 /**
78 * Time when certificate was installed
79 */
80 time_t installed;
81
82 /**
83 * X.509 Certificate in DER format
84 */
85 chunk_t certificate;
86
87 /**
88 * Version of the X.509 certificate
89 */
90 u_int version;
91
92 /**
93 * Serial number of the X.509 certificate
94 */
95 chunk_t serialNumber;
96
97 /**
98 * ID representing the certificate issuer
99 */
100 identification_t *issuer;
101
102 /**
103 * Start time of certificate validity
104 */
105 time_t notBefore;
106
107 /**
108 * End time of certificate validity
109 */
110 time_t notAfter;
111
112 /**
113 * ID representing the certificate subject
114 */
115 identification_t *subject;
116
117 /**
118 * List of identification_t's representing subjectAltNames
119 */
120 linked_list_t *subjectAltNames;
121
122 /**
123 * List of identification_t's representing crlDistributionPoints
124 */
125 linked_list_t *crlDistributionPoints;
126
127 /**
128 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
129 */
130 rsa_public_key_t *public_key;
131
132 /**
133 * Subject Key Identifier
134 */
135 chunk_t subjectKeyID;
136
137 /**
138 * Authority Key Identifier
139 */
140 chunk_t authKeyID;
141
142 /**
143 * Authority Key Serial Number
144 */
145 chunk_t authKeySerialNumber;
146
147 u_char authority_flags;
148 chunk_t tbsCertificate;
149 /* signature */
150 int sigAlg;
151 chunk_t subjectPublicKey;
152 bool isCA;
153 bool isOcspSigner; /* ocsp */
154 chunk_t accessLocation; /* ocsp */
155 /* signatureAlgorithm */
156 int algorithm;
157 chunk_t signature;
158 };
159
160 /**
161 * ASN.1 definition of generalName
162 */
163 static const asn1Object_t generalNameObjects[] = {
164 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
165 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
166 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
167 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
168 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
169 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
170 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
171 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
172 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
173 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
174 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
175 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
176 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
177 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
178 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
179 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
180 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
181 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
182 };
183 #define GN_OBJ_OTHER_NAME 0
184 #define GN_OBJ_RFC822_NAME 2
185 #define GN_OBJ_DNS_NAME 4
186 #define GN_OBJ_X400_ADDRESS 6
187 #define GN_OBJ_DIRECTORY_NAME 8
188 #define GN_OBJ_EDI_PARTY_NAME 10
189 #define GN_OBJ_URI 12
190 #define GN_OBJ_IP_ADDRESS 14
191 #define GN_OBJ_REGISTERED_ID 16
192 #define GN_OBJ_ROOF 18
193
194 /**
195 * ASN.1 definition of otherName
196 */
197 static const asn1Object_t otherNameObjects[] = {
198 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
199 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
200 };
201 #define ON_OBJ_ID_TYPE 0
202 #define ON_OBJ_VALUE 1
203 #define ON_OBJ_ROOF 2
204 /**
205 * ASN.1 definition of a basicConstraints extension
206 */
207 static const asn1Object_t basicConstraintsObjects[] = {
208 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
209 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
210 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
211 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
212 };
213 #define BASIC_CONSTRAINTS_CA 1
214 #define BASIC_CONSTRAINTS_ROOF 4
215
216 /**
217 * ASN.1 definition of time
218 */
219 static const asn1Object_t timeObjects[] = {
220 { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
221 { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
222 { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
223 { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
224 };
225 #define TIME_UTC 0
226 #define TIME_GENERALIZED 2
227 #define TIME_ROOF 4
228
229 /**
230 * ASN.1 definition of a keyIdentifier
231 */
232 static const asn1Object_t keyIdentifierObjects[] = {
233 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
234 };
235
236 /**
237 * ASN.1 definition of a authorityKeyIdentifier extension
238 */
239 static const asn1Object_t authorityKeyIdentifierObjects[] = {
240 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
241 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
242 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
243 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
244 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
245 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
246 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
247 };
248 #define AUTH_KEY_ID_KEY_ID 1
249 #define AUTH_KEY_ID_CERT_ISSUER 3
250 #define AUTH_KEY_ID_CERT_SERIAL 5
251 #define AUTH_KEY_ID_ROOF 7
252
253 /**
254 * ASN.1 definition of a authorityInfoAccess extension
255 */
256 static const asn1Object_t authorityInfoAccessObjects[] = {
257 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
258 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
259 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
260 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
261 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
262 };
263 #define AUTH_INFO_ACCESS_METHOD 2
264 #define AUTH_INFO_ACCESS_LOCATION 3
265 #define AUTH_INFO_ACCESS_ROOF 5
266
267 /**
268 * ASN.1 definition of a extendedKeyUsage extension
269 */
270 static const asn1Object_t extendedKeyUsageObjects[] = {
271 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
272 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
273 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
274 };
275
276 #define EXT_KEY_USAGE_PURPOSE_ID 1
277 #define EXT_KEY_USAGE_ROOF 3
278
279 /**
280 * ASN.1 definition of generalNames
281 */
282 static const asn1Object_t generalNamesObjects[] = {
283 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
284 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
285 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
286 };
287 #define GENERAL_NAMES_GN 1
288 #define GENERAL_NAMES_ROOF 3
289
290
291 /**
292 * ASN.1 definition of crlDistributionPoints
293 */
294 static const asn1Object_t crlDistributionPointsObjects[] = {
295 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
296 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
297 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
298 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
299 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
300 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
301 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
302 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
303 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
304 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
305 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
306 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
307 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
308 };
309 #define CRL_DIST_POINTS_FULLNAME 3
310 #define CRL_DIST_POINTS_ROOF 13
311
312 /**
313 * ASN.1 definition of an X.509v3 x509
314 */
315 static const asn1Object_t certObjects[] = {
316 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
317 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
318 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
319 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
320 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
321 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
322 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
323 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
324 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
325 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
326 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
327 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
328 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
329 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
330 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
331 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
332 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
333 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
334 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
335 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
336 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
337 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
338 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
339 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
340 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
341 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
342 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
343 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
344 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
345 };
346 #define X509_OBJ_CERTIFICATE 0
347 #define X509_OBJ_TBS_CERTIFICATE 1
348 #define X509_OBJ_VERSION 3
349 #define X509_OBJ_SERIAL_NUMBER 4
350 #define X509_OBJ_SIG_ALG 5
351 #define X509_OBJ_ISSUER 6
352 #define X509_OBJ_NOT_BEFORE 8
353 #define X509_OBJ_NOT_AFTER 9
354 #define X509_OBJ_SUBJECT 10
355 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
356 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
357 #define X509_OBJ_RSA_PUBLIC_KEY 14
358 #define X509_OBJ_EXTN_ID 22
359 #define X509_OBJ_CRITICAL 23
360 #define X509_OBJ_EXTN_VALUE 24
361 #define X509_OBJ_ALGORITHM 27
362 #define X509_OBJ_SIGNATURE 28
363 #define X509_OBJ_ROOF 29
364
365
366 static u_char ASN1_subjectAltName_oid_str[] = {
367 0x06, 0x03, 0x55, 0x1D, 0x11
368 };
369
370 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
371
372
373 /**
374 * compare two X.509 x509s by comparing their signatures
375 */
376 static bool equals(private_x509_t *this, private_x509_t *other)
377 {
378 return chunk_equals(this->signature, other->signature);
379 }
380
381 /**
382 * extracts the basicConstraints extension
383 */
384 static bool parse_basicConstraints(chunk_t blob, int level0)
385 {
386 asn1_ctx_t ctx;
387 chunk_t object;
388 u_int level;
389 int objectID = 0;
390 bool isCA = FALSE;
391
392 asn1_init(&ctx, blob, level0, FALSE);
393
394 while (objectID < BASIC_CONSTRAINTS_ROOF) {
395
396 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
397 {
398 break;
399 }
400 if (objectID == BASIC_CONSTRAINTS_CA)
401 {
402 isCA = object.len && *object.ptr;
403 logger->log(logger, CONTROL|LEVEL1, " %s", isCA ? "TRUE" : "FALSE");
404 }
405 objectID++;
406 }
407 return isCA;
408 }
409
410 /*
411 * extracts an otherName
412 */
413 static bool
414 parse_otherName(chunk_t blob, int level0)
415 {
416 asn1_ctx_t ctx;
417 chunk_t object;
418 int objectID = 0;
419 u_int level;
420 int oid = OID_UNKNOWN;
421
422 asn1_init(&ctx, blob, level0, FALSE);
423
424 while (objectID < ON_OBJ_ROOF)
425 {
426 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
427 return FALSE;
428
429 switch (objectID)
430 {
431 case ON_OBJ_ID_TYPE:
432 oid = known_oid(object);
433 break;
434 case ON_OBJ_VALUE:
435 if (oid == OID_XMPP_ADDR)
436 {
437 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
438 return FALSE;
439 }
440 break;
441 default:
442 break;
443 }
444 objectID++;
445 }
446 return TRUE;
447 }
448
449 /*
450 * extracts a generalName
451 */
452 static identification_t *parse_generalName(chunk_t blob, int level0)
453 {
454 u_char buf[BUF_LEN];
455 asn1_ctx_t ctx;
456 chunk_t object;
457 int objectID = 0;
458 u_int level;
459
460 asn1_init(&ctx, blob, level0, FALSE);
461
462 while (objectID < GN_OBJ_ROOF)
463 {
464 id_type_t id_type = ID_ANY;
465
466 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
467 return NULL;
468
469 switch (objectID)
470 {
471 case GN_OBJ_RFC822_NAME:
472 id_type = ID_RFC822_ADDR;
473 break;
474 case GN_OBJ_DNS_NAME:
475 id_type = ID_FQDN;
476 break;
477 case GN_OBJ_URI:
478 id_type = ID_DER_ASN1_GN_URI;
479 break;
480 case GN_OBJ_DIRECTORY_NAME:
481 id_type = ID_DER_ASN1_DN;
482 break;
483 case GN_OBJ_IP_ADDRESS:
484 id_type = ID_IPV4_ADDR;
485 break;
486 case GN_OBJ_OTHER_NAME:
487 if (!parse_otherName(object, level + 1))
488 return NULL;
489 break;
490 case GN_OBJ_X400_ADDRESS:
491 case GN_OBJ_EDI_PARTY_NAME:
492 case GN_OBJ_REGISTERED_ID:
493 break;
494 default:
495 break;
496 }
497
498 if (id_type != ID_ANY)
499 {
500 identification_t *gn = identification_create_from_encoding(id_type, object);
501 logger->log(logger, CONTROL|LEVEL1, " '%s'", gn->get_string(gn));
502 return gn;
503 }
504 objectID++;
505 }
506 return NULL;
507 }
508
509
510 /**
511 * extracts one or several GNs and puts them into a chained list
512 */
513 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
514 {
515 asn1_ctx_t ctx;
516 chunk_t object;
517 u_int level;
518 int objectID = 0;
519
520 asn1_init(&ctx, blob, level0, implicit);
521
522 while (objectID < GENERAL_NAMES_ROOF)
523 {
524 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
525 return;
526
527 if (objectID == GENERAL_NAMES_GN)
528 {
529 identification_t *gn = parse_generalName(object, level+1);
530
531 if (gn != NULL)
532 list->insert_last(list, gn);
533 }
534 objectID++;
535 }
536 return;
537 }
538
539 /**
540 * extracts and converts a UTCTIME or GENERALIZEDTIME object
541 */
542 time_t parse_time(chunk_t blob, int level0)
543 {
544 asn1_ctx_t ctx;
545 chunk_t object;
546 u_int level;
547 int objectID = 0;
548
549 asn1_init(&ctx, blob, level0, FALSE);
550
551 while (objectID < TIME_ROOF)
552 {
553 if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
554 return 0;
555
556 if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
557 {
558 return asn1totime(&object, (objectID == TIME_UTC)
559 ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
560 }
561 objectID++;
562 }
563 return 0;
564 }
565
566 /**
567 * extracts a keyIdentifier
568 */
569 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
570 {
571 asn1_ctx_t ctx;
572 chunk_t object;
573 u_int level;
574 int objectID = 0;
575
576 asn1_init(&ctx, blob, level0, implicit);
577
578 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
579 return object;
580 }
581
582 /**
583 * extracts an authoritykeyIdentifier
584 */
585 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
586 {
587 asn1_ctx_t ctx;
588 chunk_t object;
589 u_int level;
590 int objectID = 0;
591
592 asn1_init(&ctx, blob, level0, FALSE);
593 while (objectID < AUTH_KEY_ID_ROOF)
594 {
595 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
596 {
597 return;
598 }
599 switch (objectID)
600 {
601 case AUTH_KEY_ID_KEY_ID:
602 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
603 break;
604 case AUTH_KEY_ID_CERT_ISSUER:
605 {
606 /* TODO: parse_generalNames(object, level+1, TRUE); */
607 break;
608 }
609 case AUTH_KEY_ID_CERT_SERIAL:
610 *authKeySerialNumber = object;
611 break;
612 default:
613 break;
614 }
615 objectID++;
616 }
617 }
618
619 /**
620 * extracts an authorityInfoAcess location
621 */
622 static void parse_authorityInfoAccess(chunk_t blob, int level0, chunk_t *accessLocation)
623 {
624 asn1_ctx_t ctx;
625 chunk_t object;
626 u_int level;
627 int objectID = 0;
628
629 u_int accessMethod = OID_UNKNOWN;
630
631 asn1_init(&ctx, blob, level0, FALSE);
632 while (objectID < AUTH_INFO_ACCESS_ROOF)
633 {
634 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
635 {
636 return;
637 }
638 switch (objectID)
639 {
640 case AUTH_INFO_ACCESS_METHOD:
641 accessMethod = known_oid(object);
642 break;
643 case AUTH_INFO_ACCESS_LOCATION:
644 {
645 switch (accessMethod)
646 {
647 case OID_OCSP:
648 if (*object.ptr == ASN1_CONTEXT_S_6)
649 {
650 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
651 return;
652 logger->log(logger, CONTROL|LEVEL1, " '%.*s'",(int)object.len, object.ptr);
653 /* only HTTP(S) URIs accepted */
654 if (strncasecmp(object.ptr, "http", 4) == 0)
655 {
656 *accessLocation = object;
657 return;
658 }
659 }
660 logger->log(logger, ERROR|LEVEL2, "ignoring OCSP InfoAccessLocation with unkown protocol");
661 break;
662 default:
663 /* unkown accessMethod, ignoring */
664 break;
665 }
666 break;
667 }
668 default:
669 break;
670 }
671 objectID++;
672 }
673 }
674
675 /**
676 * extracts extendedKeyUsage OIDs
677 */
678 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
679 {
680 asn1_ctx_t ctx;
681 chunk_t object;
682 u_int level;
683 int objectID = 0;
684
685 asn1_init(&ctx, blob, level0, FALSE);
686 while (objectID < EXT_KEY_USAGE_ROOF)
687 {
688 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
689 {
690 return FALSE;
691 }
692 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
693 known_oid(object) == OID_OCSP_SIGNING)
694 {
695 return TRUE;
696 }
697 objectID++;
698 }
699 return FALSE;
700 }
701
702 /**
703 * extracts one or several crlDistributionPoints and puts them into
704 * a chained list
705 */
706 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
707 {
708 asn1_ctx_t ctx;
709 chunk_t object;
710 u_int level;
711 int objectID = 0;
712
713 asn1_init(&ctx, blob, level0, FALSE);
714 while (objectID < CRL_DIST_POINTS_ROOF)
715 {
716 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
717 {
718 return;
719 }
720 if (objectID == CRL_DIST_POINTS_FULLNAME)
721 {
722 /* append extracted generalNames to existing chained list */
723 parse_generalNames(object, level+1, TRUE, list);
724
725 }
726 objectID++;
727 }
728 }
729
730
731 /**
732 * Parses an X.509v3 x509
733 */
734 bool parse_x509cert(chunk_t blob, u_int level0, private_x509_t *cert)
735 {
736 asn1_ctx_t ctx;
737 bool critical;
738 chunk_t object;
739 u_int level;
740 u_int extn_oid = OID_UNKNOWN;
741 int objectID = 0;
742
743 asn1_init(&ctx, blob, level0, FALSE);
744 while (objectID < X509_OBJ_ROOF)
745 {
746 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
747 {
748 return FALSE;
749 }
750 /* those objects which will parsed further need the next higher level */
751 level++;
752 switch (objectID) {
753 case X509_OBJ_CERTIFICATE:
754 cert->certificate = object;
755 break;
756 case X509_OBJ_TBS_CERTIFICATE:
757 cert->tbsCertificate = object;
758 break;
759 case X509_OBJ_VERSION:
760 cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
761 logger->log(logger, CONTROL|LEVEL1, " v%d", cert->version);
762 break;
763 case X509_OBJ_SERIAL_NUMBER:
764 cert->serialNumber = object;
765 break;
766 case X509_OBJ_SIG_ALG:
767 cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
768 break;
769 case X509_OBJ_ISSUER:
770 cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
771 logger->log(logger, CONTROL|LEVEL1, " '%s'", cert->issuer->get_string(cert->issuer));
772 break;
773 case X509_OBJ_NOT_BEFORE:
774 cert->notBefore = parse_time(object, level);
775 break;
776 case X509_OBJ_NOT_AFTER:
777 cert->notAfter = parse_time(object, level);
778 break;
779 case X509_OBJ_SUBJECT:
780 cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
781 logger->log(logger, CONTROL|LEVEL1, " '%s'", cert->subject->get_string(cert->subject));
782 break;
783 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
784 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
785 {
786 logger->log(logger, ERROR|LEVEL1, " unsupported public key algorithm");
787 return FALSE;
788 }
789 break;
790 case X509_OBJ_SUBJECT_PUBLIC_KEY:
791 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
792 {
793 /* skip initial bit string octet defining 0 unused bits */
794 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
795 }
796 else
797 {
798 logger->log(logger, ERROR|LEVEL1, " invalid RSA public key format");
799 return FALSE;
800 }
801 break;
802 case X509_OBJ_RSA_PUBLIC_KEY:
803 cert->subjectPublicKey = object;
804 break;
805 case X509_OBJ_EXTN_ID:
806 extn_oid = known_oid(object);
807 break;
808 case X509_OBJ_CRITICAL:
809 critical = object.len && *object.ptr;
810 logger->log(logger, ERROR|LEVEL1, " %s", critical ? "TRUE" : "FALSE");
811 break;
812 case X509_OBJ_EXTN_VALUE:
813 {
814 switch (extn_oid) {
815 case OID_SUBJECT_KEY_ID:
816 cert->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
817 break;
818 case OID_SUBJECT_ALT_NAME:
819 parse_generalNames(object, level, FALSE, cert->subjectAltNames);
820 break;
821 case OID_BASIC_CONSTRAINTS:
822 cert->isCA = parse_basicConstraints(object, level);
823 break;
824 case OID_CRL_DISTRIBUTION_POINTS:
825 parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
826 break;
827 case OID_AUTHORITY_KEY_ID:
828 parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
829 break;
830 case OID_AUTHORITY_INFO_ACCESS:
831 parse_authorityInfoAccess(object, level, &cert->accessLocation);
832 break;
833 case OID_EXTENDED_KEY_USAGE:
834 cert->isOcspSigner = parse_extendedKeyUsage(object, level);
835 break;
836 case OID_NS_REVOCATION_URL:
837 case OID_NS_CA_REVOCATION_URL:
838 case OID_NS_CA_POLICY_URL:
839 case OID_NS_COMMENT:
840 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
841 return FALSE;
842 break;
843 default:
844 break;
845 }
846 break;
847 }
848 case X509_OBJ_ALGORITHM:
849 cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
850 break;
851 case X509_OBJ_SIGNATURE:
852 cert->signature = object;
853 break;
854 default:
855 break;
856 }
857 objectID++;
858 }
859 time(&cert->installed);
860 return TRUE;
861 }
862
863 /**
864 * verify the validity of a x509 by
865 * checking the notBefore and notAfter dates
866 */
867 err_t check_validity(const private_x509_t *cert, time_t *until)
868 {
869 time_t current_time;
870
871 time(&current_time);
872
873 if (cert->notAfter < *until)
874 {
875 *until = cert->notAfter;
876 }
877 if (current_time < cert->notBefore)
878 {
879 return "x509 is not valid yet";
880 }
881 if (current_time > cert->notAfter)
882 {
883 return "x509 has expired";
884 }
885 else
886 {
887 return NULL;
888 }
889 }
890
891 /**
892 * Implements x509_t.equals_subjectAltName
893 */
894 static bool equals_subjectAltName(private_x509_t *this, identification_t *id)
895 {
896 bool found = FALSE;
897 iterator_t *iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
898
899 while (iterator->has_next(iterator))
900 {
901 identification_t *subjectAltName;
902
903 iterator->current(iterator, (void**)&subjectAltName);
904 if (id->equals(id, subjectAltName))
905 {
906 found = TRUE;
907 break;
908 }
909 }
910 iterator->destroy(iterator);
911 return found;
912 }
913
914 /**
915 * Implements x509_t.get_public_key
916 */
917 static rsa_public_key_t *get_public_key(private_x509_t *this)
918 {
919 return this->public_key->clone(this->public_key);
920 }
921
922 /**
923 * Implements x509_t.get_subject
924 */
925 static identification_t *get_subject(private_x509_t *this)
926 {
927 return this->subject;
928 }
929
930 /**
931 * Implements x509_t.get_issuer
932 */
933 static identification_t *get_issuer(private_x509_t *this)
934 {
935 return this->issuer;
936 }
937
938 /**
939 * destroy
940 */
941 static void destroy(private_x509_t *this)
942 {
943 identification_t *id;
944 while (this->subjectAltNames->remove_last(this->subjectAltNames, (void**)&id) == SUCCESS)
945 {
946 id->destroy(id);
947 }
948 this->subjectAltNames->destroy(this->subjectAltNames);
949
950 while (this->crlDistributionPoints->remove_last(this->crlDistributionPoints, (void**)&id) == SUCCESS)
951 {
952 id->destroy(id);
953 }
954 this->crlDistributionPoints->destroy(this->crlDistributionPoints);
955
956 if (this->issuer)
957 this->issuer->destroy(this->issuer);
958
959 if (this->subject)
960 this->subject->destroy(this->subject);
961
962 if (this->public_key)
963 this->public_key->destroy(this->public_key);
964
965 free(this->certificate.ptr);
966 free(this);
967 }
968
969 /** checks if the expiration date has been reached and
970 * warns during the warning_interval of the imminent
971 * expiry. strict=TRUE declares a fatal error,
972 * strict=FALSE issues a warning upon expiry.
973 */
974 char* check_expiry(time_t expiration_date, int warning_interval, bool strict)
975 {
976 time_t now;
977 int time_left;
978
979 if (expiration_date == UNDEFINED_TIME)
980 return "ok (expires never)";
981
982 time_left = (expiration_date - time(NULL));
983 if (time_left < 0)
984 return strict? "fatal (expired)" : "warning (expired)";
985
986 {
987 static char buf[35]; /* temporary storage */
988 const char* unit = "second";
989
990 if (time_left > 86400*warning_interval)
991 return "ok";
992
993 if (time_left > 172800)
994 {
995 time_left /= 86400;
996 unit = "day";
997 }
998 else if (time_left > 7200)
999 {
1000 time_left /= 3600;
1001 unit = "hour";
1002 }
1003 else if (time_left > 120)
1004 {
1005 time_left /= 60;
1006 unit = "minute";
1007 }
1008 snprintf(buf, sizeof(buf), "warning (expires in %d %s%s)", time_left, unit, (time_left == 1)?"":"s");
1009 }
1010 }
1011
1012 /**
1013 * log certificate
1014 */
1015 static void log_certificate(private_x509_t *this, logger_t *logger, bool utc, bool has_key)
1016 {
1017 identification_t *subject = this->subject;
1018 identification_t *issuer = this->issuer;
1019 rsa_public_key_t *pubkey = this->public_key;
1020
1021 char buf[BUF_LEN];
1022 time_t now;
1023
1024 /* determine the current time */
1025 time(&now);
1026
1027 timetoa(buf, BUF_LEN, &this->installed, utc);
1028 logger->log(logger, CONTROL, "%s", buf);
1029 logger->log(logger, CONTROL, " subject: '%s'", subject->get_string(subject));
1030 logger->log(logger, CONTROL, " issuer: '%s'", issuer->get_string(issuer));
1031 chunk_to_hex(buf, BUF_LEN, this->serialNumber);
1032 logger->log(logger, CONTROL, " serial: %s", buf);
1033 timetoa(buf, BUF_LEN, &this->notBefore, utc);
1034 logger->log(logger, CONTROL, " validity: not before %s %s", buf,
1035 (this->notBefore < now)? "ok":"fatal (not valid yet)");
1036 timetoa(buf, BUF_LEN, &this->notAfter, utc);
1037 logger->log(logger, CONTROL, " not after %s %s", buf,
1038 check_expiry(this->notAfter, CERT_WARNING_INTERVAL, TRUE));
1039
1040 logger->log(logger, CONTROL, " pubkey: RSA %d bits%s",
1041 BITS_PER_BYTE * pubkey->get_keysize(pubkey), has_key? ", has private key":"");
1042 chunk_to_hex(buf, BUF_LEN, pubkey->get_keyid(pubkey));
1043 logger->log(logger, CONTROL, " keyid: %s", buf);
1044
1045 if (this->subjectKeyID.ptr != NULL)
1046 {
1047 chunk_to_hex(buf, BUF_LEN, this->subjectKeyID);
1048 logger->log(logger, CONTROL, " subjkey: %s", buf);
1049 }
1050 if (this->authKeyID.ptr != NULL)
1051 {
1052 chunk_to_hex(buf, BUF_LEN, this->authKeyID);
1053 logger->log(logger, CONTROL, " authkey: %s", buf);
1054 }
1055 if (this->authKeySerialNumber.ptr != NULL)
1056 {
1057 chunk_to_hex(buf, BUF_LEN, this->authKeySerialNumber);
1058 logger->log(logger, CONTROL, " aserial: %s", buf);
1059 }
1060 }
1061
1062 /*
1063 * Described in header.
1064 */
1065 x509_t *x509_create_from_chunk(chunk_t chunk)
1066 {
1067 private_x509_t *this = malloc_thing(private_x509_t);
1068
1069 /* public functions */
1070 this->public.equals = (bool (*) (x509_t*,x509_t*))equals;
1071 this->public.equals_subjectAltName = (bool (*) (x509_t*,identification_t*))equals_subjectAltName;
1072 this->public.destroy = (void (*) (x509_t*))destroy;
1073 this->public.get_public_key = (rsa_public_key_t* (*) (x509_t*))get_public_key;
1074 this->public.get_subject = (identification_t* (*) (x509_t*))get_subject;
1075 this->public.get_issuer = (identification_t* (*) (x509_t*))get_issuer;
1076 this->public.log_certificate = (void (*) (x509_t*,logger_t*,bool,bool))log_certificate;
1077
1078 /* initialize */
1079 this->subjectPublicKey = CHUNK_INITIALIZER;
1080 this->public_key = NULL;
1081 this->subject = NULL;
1082 this->issuer = NULL;
1083 this->subjectAltNames = linked_list_create();
1084 this->crlDistributionPoints = linked_list_create();
1085 this->subjectKeyID = CHUNK_INITIALIZER;
1086 this->authKeyID = CHUNK_INITIALIZER;
1087 this->authKeySerialNumber = CHUNK_INITIALIZER;
1088
1089 /* we do not use a per-instance logger right now, since its not always accessible */
1090 logger = logger_manager->get_logger(logger_manager, ASN1);
1091
1092 if (!is_asn1(chunk) || !parse_x509cert(chunk, 0, this))
1093 {
1094 destroy(this);
1095 return NULL;
1096 }
1097
1098 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1099 if (this->public_key == NULL)
1100 {
1101 destroy(this);
1102 return NULL;
1103 }
1104
1105 return &this->public;
1106 }
1107
1108 /*
1109 * Described in header.
1110 */
1111 x509_t *x509_create_from_file(const char *filename, const char *label)
1112 {
1113 bool pgp = FALSE;
1114 chunk_t chunk = CHUNK_INITIALIZER;
1115 x509_t *cert = NULL;
1116
1117 if (!pem_asn1_load_file(filename, "", label, &chunk, &pgp))
1118 return NULL;
1119
1120 cert = x509_create_from_chunk(chunk);
1121
1122 if (cert == NULL)
1123 free(chunk.ptr);
1124 return cert;
1125 }