added support of OCSP accessLocations
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <gmp.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <string.h>
27 #include <stdio.h>
28
29 #include "x509.h"
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/pem.h>
36 #include <utils/linked_list.h>
37 #include <utils/identification.h>
38
39 #define CERT_WARNING_INTERVAL 30 /* days */
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum generalNames_t generalNames_t;
45
46 enum generalNames_t {
47 GN_OTHER_NAME = 0,
48 GN_RFC822_NAME = 1,
49 GN_DNS_NAME = 2,
50 GN_X400_ADDRESS = 3,
51 GN_DIRECTORY_NAME = 4,
52 GN_EDI_PARTY_NAME = 5,
53 GN_URI = 6,
54 GN_IP_ADDRESS = 7,
55 GN_REGISTERED_ID = 8,
56 };
57
58 typedef struct private_x509_t private_x509_t;
59
60 /**
61 * Private data of a x509_t object.
62 */
63 struct private_x509_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_t public;
68
69 /**
70 * Time when certificate was installed
71 */
72 time_t installed;
73
74 /**
75 * Time until certificate can be trusted
76 */
77 time_t until;
78
79 /**
80 * Certificate status
81 */
82 cert_status_t status;
83
84 /**
85 * X.509 Certificate in DER format
86 */
87 chunk_t certificate;
88
89 /**
90 * X.509 certificate body over which signature is computed
91 */
92 chunk_t tbsCertificate;
93
94 /**
95 * Version of the X.509 certificate
96 */
97 u_int version;
98
99 /**
100 * Serial number of the X.509 certificate
101 */
102 chunk_t serialNumber;
103
104 /**
105 * Signature algorithm
106 */
107 int sigAlg;
108
109 /**
110 * ID representing the certificate issuer
111 */
112 identification_t *issuer;
113
114 /**
115 * Start time of certificate validity
116 */
117 time_t notBefore;
118
119 /**
120 * End time of certificate validity
121 */
122 time_t notAfter;
123
124 /**
125 * ID representing the certificate subject
126 */
127 identification_t *subject;
128
129 /**
130 * List of identification_t's representing subjectAltNames
131 */
132 linked_list_t *subjectAltNames;
133
134 /**
135 * List of identification_t's representing crlDistributionPoints
136 */
137 linked_list_t *crlDistributionPoints;
138
139 /**
140 * List of identification_t's representing ocspAccessLocations
141 */
142 linked_list_t *ocspAccessLocations;
143
144 /**
145 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
146 */
147 rsa_public_key_t *public_key;
148
149 /**
150 * Subject Key Identifier
151 */
152 chunk_t subjectKeyID;
153
154 /**
155 * Authority Key Identifier
156 */
157 chunk_t authKeyID;
158
159 /**
160 * Authority Key Serial Number
161 */
162 chunk_t authKeySerialNumber;
163
164 /**
165 * CA basic constraints flag
166 */
167 bool isCA;
168
169 /**
170 * Signature algorithm (must be identical to sigAlg)
171 */
172 int algorithm;
173
174 /**
175 * Signature
176 */
177 chunk_t signature;
178
179 u_char authority_flags;
180 chunk_t subjectPublicKey;
181 bool isOcspSigner; /* ocsp */
182 };
183
184 /**
185 * ASN.1 definition of generalName
186 */
187 static const asn1Object_t generalNameObjects[] = {
188 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
189 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
190 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
191 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
192 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
193 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
194 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
195 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
196 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
197 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
198 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
199 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
200 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
201 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
202 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
203 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
204 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
205 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
206 };
207 #define GN_OBJ_OTHER_NAME 0
208 #define GN_OBJ_RFC822_NAME 2
209 #define GN_OBJ_DNS_NAME 4
210 #define GN_OBJ_X400_ADDRESS 6
211 #define GN_OBJ_DIRECTORY_NAME 8
212 #define GN_OBJ_EDI_PARTY_NAME 10
213 #define GN_OBJ_URI 12
214 #define GN_OBJ_IP_ADDRESS 14
215 #define GN_OBJ_REGISTERED_ID 16
216 #define GN_OBJ_ROOF 18
217
218 /**
219 * ASN.1 definition of otherName
220 */
221 static const asn1Object_t otherNameObjects[] = {
222 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
223 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
224 };
225 #define ON_OBJ_ID_TYPE 0
226 #define ON_OBJ_VALUE 1
227 #define ON_OBJ_ROOF 2
228 /**
229 * ASN.1 definition of a basicConstraints extension
230 */
231 static const asn1Object_t basicConstraintsObjects[] = {
232 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
233 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
234 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
235 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
236 };
237 #define BASIC_CONSTRAINTS_CA 1
238 #define BASIC_CONSTRAINTS_ROOF 4
239
240 /**
241 * ASN.1 definition of time
242 */
243 static const asn1Object_t timeObjects[] = {
244 { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
245 { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
246 { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
247 { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
248 };
249 #define TIME_UTC 0
250 #define TIME_GENERALIZED 2
251 #define TIME_ROOF 4
252
253 /**
254 * ASN.1 definition of a keyIdentifier
255 */
256 static const asn1Object_t keyIdentifierObjects[] = {
257 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
258 };
259
260 /**
261 * ASN.1 definition of a authorityKeyIdentifier extension
262 */
263 static const asn1Object_t authorityKeyIdentifierObjects[] = {
264 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
265 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
266 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
267 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
268 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
269 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
270 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
271 };
272 #define AUTH_KEY_ID_KEY_ID 1
273 #define AUTH_KEY_ID_CERT_ISSUER 3
274 #define AUTH_KEY_ID_CERT_SERIAL 5
275 #define AUTH_KEY_ID_ROOF 7
276
277 /**
278 * ASN.1 definition of a authorityInfoAccess extension
279 */
280 static const asn1Object_t authorityInfoAccessObjects[] = {
281 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
282 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
283 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
284 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
285 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
286 };
287 #define AUTH_INFO_ACCESS_METHOD 2
288 #define AUTH_INFO_ACCESS_LOCATION 3
289 #define AUTH_INFO_ACCESS_ROOF 5
290
291 /**
292 * ASN.1 definition of a extendedKeyUsage extension
293 */
294 static const asn1Object_t extendedKeyUsageObjects[] = {
295 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
296 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
297 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
298 };
299
300 #define EXT_KEY_USAGE_PURPOSE_ID 1
301 #define EXT_KEY_USAGE_ROOF 3
302
303 /**
304 * ASN.1 definition of generalNames
305 */
306 static const asn1Object_t generalNamesObjects[] = {
307 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
308 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
309 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
310 };
311 #define GENERAL_NAMES_GN 1
312 #define GENERAL_NAMES_ROOF 3
313
314
315 /**
316 * ASN.1 definition of crlDistributionPoints
317 */
318 static const asn1Object_t crlDistributionPointsObjects[] = {
319 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
320 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
321 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
322 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
323 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
324 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
325 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
326 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
327 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
328 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
329 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
330 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
331 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
332 };
333 #define CRL_DIST_POINTS_FULLNAME 3
334 #define CRL_DIST_POINTS_ROOF 13
335
336 /**
337 * ASN.1 definition of an X.509v3 x509
338 */
339 static const asn1Object_t certObjects[] = {
340 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
341 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
342 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
343 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
344 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
345 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
346 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
347 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
348 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
349 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
350 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
351 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
352 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
353 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
354 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
355 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
356 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
357 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
358 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
359 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
360 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
361 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
362 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
363 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
364 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
365 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
366 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
367 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
368 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
369 };
370 #define X509_OBJ_CERTIFICATE 0
371 #define X509_OBJ_TBS_CERTIFICATE 1
372 #define X509_OBJ_VERSION 3
373 #define X509_OBJ_SERIAL_NUMBER 4
374 #define X509_OBJ_SIG_ALG 5
375 #define X509_OBJ_ISSUER 6
376 #define X509_OBJ_NOT_BEFORE 8
377 #define X509_OBJ_NOT_AFTER 9
378 #define X509_OBJ_SUBJECT 10
379 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
380 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
381 #define X509_OBJ_RSA_PUBLIC_KEY 14
382 #define X509_OBJ_EXTN_ID 22
383 #define X509_OBJ_CRITICAL 23
384 #define X509_OBJ_EXTN_VALUE 24
385 #define X509_OBJ_ALGORITHM 27
386 #define X509_OBJ_SIGNATURE 28
387 #define X509_OBJ_ROOF 29
388
389
390 static u_char ASN1_subjectAltName_oid_str[] = {
391 0x06, 0x03, 0x55, 0x1D, 0x11
392 };
393
394 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
395
396
397 /**
398 * compare two X.509 x509s by comparing their signatures
399 */
400 static bool equals(const private_x509_t *this, const private_x509_t *other)
401 {
402 return chunk_equals(this->signature, other->signature);
403 }
404
405 /**
406 * extracts the basicConstraints extension
407 */
408 static bool parse_basicConstraints(chunk_t blob, int level0)
409 {
410 asn1_ctx_t ctx;
411 chunk_t object;
412 u_int level;
413 int objectID = 0;
414 bool isCA = FALSE;
415
416 asn1_init(&ctx, blob, level0, FALSE, FALSE);
417
418 while (objectID < BASIC_CONSTRAINTS_ROOF) {
419
420 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
421 {
422 break;
423 }
424 if (objectID == BASIC_CONSTRAINTS_CA)
425 {
426 isCA = object.len && *object.ptr;
427 DBG2(" %s", isCA ? "TRUE" : "FALSE");
428 }
429 objectID++;
430 }
431 return isCA;
432 }
433
434 /*
435 * extracts an otherName
436 */
437 static bool
438 parse_otherName(chunk_t blob, int level0)
439 {
440 asn1_ctx_t ctx;
441 chunk_t object;
442 int objectID = 0;
443 u_int level;
444 int oid = OID_UNKNOWN;
445
446 asn1_init(&ctx, blob, level0, FALSE, FALSE);
447
448 while (objectID < ON_OBJ_ROOF)
449 {
450 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
451 return FALSE;
452
453 switch (objectID)
454 {
455 case ON_OBJ_ID_TYPE:
456 oid = known_oid(object);
457 break;
458 case ON_OBJ_VALUE:
459 if (oid == OID_XMPP_ADDR)
460 {
461 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
462 return FALSE;
463 }
464 break;
465 default:
466 break;
467 }
468 objectID++;
469 }
470 return TRUE;
471 }
472
473 /*
474 * extracts a generalName
475 */
476 static identification_t *parse_generalName(chunk_t blob, int level0)
477 {
478 asn1_ctx_t ctx;
479 chunk_t object;
480 int objectID = 0;
481 u_int level;
482
483 asn1_init(&ctx, blob, level0, FALSE, FALSE);
484
485 while (objectID < GN_OBJ_ROOF)
486 {
487 id_type_t id_type = ID_ANY;
488
489 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
490 return NULL;
491
492 switch (objectID)
493 {
494 case GN_OBJ_RFC822_NAME:
495 id_type = ID_RFC822_ADDR;
496 break;
497 case GN_OBJ_DNS_NAME:
498 id_type = ID_FQDN;
499 break;
500 case GN_OBJ_URI:
501 id_type = ID_DER_ASN1_GN_URI;
502 break;
503 case GN_OBJ_DIRECTORY_NAME:
504 id_type = ID_DER_ASN1_DN;
505 break;
506 case GN_OBJ_IP_ADDRESS:
507 id_type = ID_IPV4_ADDR;
508 break;
509 case GN_OBJ_OTHER_NAME:
510 if (!parse_otherName(object, level + 1))
511 return NULL;
512 break;
513 case GN_OBJ_X400_ADDRESS:
514 case GN_OBJ_EDI_PARTY_NAME:
515 case GN_OBJ_REGISTERED_ID:
516 break;
517 default:
518 break;
519 }
520
521 if (id_type != ID_ANY)
522 {
523 identification_t *gn = identification_create_from_encoding(id_type, object);
524 DBG2(" '%D'", gn);
525 return gn;
526 }
527 objectID++;
528 }
529 return NULL;
530 }
531
532
533 /**
534 * extracts one or several GNs and puts them into a chained list
535 */
536 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
537 {
538 asn1_ctx_t ctx;
539 chunk_t object;
540 u_int level;
541 int objectID = 0;
542
543 asn1_init(&ctx, blob, level0, implicit, FALSE);
544
545 while (objectID < GENERAL_NAMES_ROOF)
546 {
547 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
548 return;
549
550 if (objectID == GENERAL_NAMES_GN)
551 {
552 identification_t *gn = parse_generalName(object, level+1);
553
554 if (gn != NULL)
555 list->insert_last(list, (void *)gn);
556 }
557 objectID++;
558 }
559 return;
560 }
561
562 /**
563 * extracts and converts a UTCTIME or GENERALIZEDTIME object
564 */
565 time_t parse_time(chunk_t blob, int level0)
566 {
567 asn1_ctx_t ctx;
568 chunk_t object;
569 u_int level;
570 int objectID = 0;
571
572 asn1_init(&ctx, blob, level0, FALSE, FALSE);
573
574 while (objectID < TIME_ROOF)
575 {
576 if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
577 return 0;
578
579 if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
580 {
581 return asn1totime(&object, (objectID == TIME_UTC)
582 ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
583 }
584 objectID++;
585 }
586 return 0;
587 }
588
589 /**
590 * extracts a keyIdentifier
591 */
592 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
593 {
594 asn1_ctx_t ctx;
595 chunk_t object;
596 u_int level;
597 int objectID = 0;
598
599 asn1_init(&ctx, blob, level0, implicit, FALSE);
600
601 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
602 return object;
603 }
604
605 /**
606 * extracts an authoritykeyIdentifier
607 */
608 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
609 {
610 asn1_ctx_t ctx;
611 chunk_t object;
612 u_int level;
613 int objectID = 0;
614
615 asn1_init(&ctx, blob, level0, FALSE, FALSE);
616 while (objectID < AUTH_KEY_ID_ROOF)
617 {
618 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
619 {
620 return;
621 }
622 switch (objectID)
623 {
624 case AUTH_KEY_ID_KEY_ID:
625 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
626 break;
627 case AUTH_KEY_ID_CERT_ISSUER:
628 {
629 /* TODO: parse_generalNames(object, level+1, TRUE); */
630 break;
631 }
632 case AUTH_KEY_ID_CERT_SERIAL:
633 *authKeySerialNumber = object;
634 break;
635 default:
636 break;
637 }
638 objectID++;
639 }
640 }
641
642 /**
643 * extracts an authorityInfoAcess location
644 */
645 static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *list)
646 {
647 asn1_ctx_t ctx;
648 chunk_t object;
649 u_int level;
650 int objectID = 0;
651
652 u_int accessMethod = OID_UNKNOWN;
653
654 asn1_init(&ctx, blob, level0, FALSE, FALSE);
655 while (objectID < AUTH_INFO_ACCESS_ROOF)
656 {
657 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
658 {
659 return;
660 }
661 switch (objectID)
662 {
663 case AUTH_INFO_ACCESS_METHOD:
664 accessMethod = known_oid(object);
665 break;
666 case AUTH_INFO_ACCESS_LOCATION:
667 {
668 switch (accessMethod)
669 {
670 case OID_OCSP:
671 if (*object.ptr == ASN1_CONTEXT_S_6)
672 {
673 identification_t *accessLocation;
674
675 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
676 return;
677 DBG2(" '%.*s'",(int)object.len, object.ptr);
678 accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object);
679 list->insert_last(list, (void *)accessLocation);
680 }
681 break;
682 default:
683 /* unkown accessMethod, ignoring */
684 break;
685 }
686 break;
687 }
688 default:
689 break;
690 }
691 objectID++;
692 }
693 }
694
695 /**
696 * extracts extendedKeyUsage OIDs
697 */
698 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
699 {
700 asn1_ctx_t ctx;
701 chunk_t object;
702 u_int level;
703 int objectID = 0;
704
705 asn1_init(&ctx, blob, level0, FALSE, FALSE);
706 while (objectID < EXT_KEY_USAGE_ROOF)
707 {
708 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
709 {
710 return FALSE;
711 }
712 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
713 known_oid(object) == OID_OCSP_SIGNING)
714 {
715 return TRUE;
716 }
717 objectID++;
718 }
719 return FALSE;
720 }
721
722 /**
723 * extracts one or several crlDistributionPoints and puts them into
724 * a chained list
725 */
726 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
727 {
728 asn1_ctx_t ctx;
729 chunk_t object;
730 u_int level;
731 int objectID = 0;
732
733 asn1_init(&ctx, blob, level0, FALSE, FALSE);
734 while (objectID < CRL_DIST_POINTS_ROOF)
735 {
736 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
737 {
738 return;
739 }
740 if (objectID == CRL_DIST_POINTS_FULLNAME)
741 {
742 /* append extracted generalNames to existing chained list */
743 parse_generalNames(object, level+1, TRUE, list);
744
745 }
746 objectID++;
747 }
748 }
749
750
751 /**
752 * Parses an X.509v3 certificate
753 */
754 bool parse_x509cert(chunk_t blob, u_int level0, private_x509_t *cert)
755 {
756 asn1_ctx_t ctx;
757 bool critical;
758 chunk_t object;
759 u_int level;
760 u_int extn_oid = OID_UNKNOWN;
761 int objectID = 0;
762
763 asn1_init(&ctx, blob, level0, FALSE, FALSE);
764 while (objectID < X509_OBJ_ROOF)
765 {
766 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
767 {
768 return FALSE;
769 }
770 /* those objects which will parsed further need the next higher level */
771 level++;
772 switch (objectID) {
773 case X509_OBJ_CERTIFICATE:
774 cert->certificate = object;
775 break;
776 case X509_OBJ_TBS_CERTIFICATE:
777 cert->tbsCertificate = object;
778 break;
779 case X509_OBJ_VERSION:
780 cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
781 DBG2(" v%d", cert->version);
782 break;
783 case X509_OBJ_SERIAL_NUMBER:
784 cert->serialNumber = object;
785 break;
786 case X509_OBJ_SIG_ALG:
787 cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
788 break;
789 case X509_OBJ_ISSUER:
790 cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
791 DBG2(" '%D'", cert->issuer);
792 break;
793 case X509_OBJ_NOT_BEFORE:
794 cert->notBefore = parse_time(object, level);
795 break;
796 case X509_OBJ_NOT_AFTER:
797 cert->notAfter = parse_time(object, level);
798 break;
799 case X509_OBJ_SUBJECT:
800 cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
801 DBG2(" '%D'", cert->subject);
802 break;
803 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
804 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
805 {
806 DBG2(" unsupported public key algorithm");
807 return FALSE;
808 }
809 break;
810 case X509_OBJ_SUBJECT_PUBLIC_KEY:
811 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
812 {
813 /* skip initial bit string octet defining 0 unused bits */
814 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
815 }
816 else
817 {
818 DBG2(" invalid RSA public key format");
819 return FALSE;
820 }
821 break;
822 case X509_OBJ_RSA_PUBLIC_KEY:
823 cert->subjectPublicKey = object;
824 break;
825 case X509_OBJ_EXTN_ID:
826 extn_oid = known_oid(object);
827 break;
828 case X509_OBJ_CRITICAL:
829 critical = object.len && *object.ptr;
830 DBG2(" %s", critical ? "TRUE" : "FALSE");
831 break;
832 case X509_OBJ_EXTN_VALUE:
833 {
834 switch (extn_oid) {
835 case OID_SUBJECT_KEY_ID:
836 cert->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
837 break;
838 case OID_SUBJECT_ALT_NAME:
839 parse_generalNames(object, level, FALSE, cert->subjectAltNames);
840 break;
841 case OID_BASIC_CONSTRAINTS:
842 cert->isCA = parse_basicConstraints(object, level);
843 break;
844 case OID_CRL_DISTRIBUTION_POINTS:
845 parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
846 break;
847 case OID_AUTHORITY_KEY_ID:
848 parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
849 break;
850 case OID_AUTHORITY_INFO_ACCESS:
851 parse_authorityInfoAccess(object, level, cert->ocspAccessLocations);
852 break;
853 case OID_EXTENDED_KEY_USAGE:
854 cert->isOcspSigner = parse_extendedKeyUsage(object, level);
855 break;
856 case OID_NS_REVOCATION_URL:
857 case OID_NS_CA_REVOCATION_URL:
858 case OID_NS_CA_POLICY_URL:
859 case OID_NS_COMMENT:
860 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
861 return FALSE;
862 break;
863 default:
864 break;
865 }
866 break;
867 }
868 case X509_OBJ_ALGORITHM:
869 cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
870 break;
871 case X509_OBJ_SIGNATURE:
872 cert->signature = object;
873 break;
874 default:
875 break;
876 }
877 objectID++;
878 }
879 time(&cert->installed);
880 return TRUE;
881 }
882
883 /**
884 * Implements x509_t.is_valid
885 */
886 static err_t is_valid(const private_x509_t *this, time_t *until)
887 {
888 time_t current_time = time(NULL);
889
890 DBG2(" not before : %T", &this->notBefore);
891 DBG2(" current time: %T", &current_time);
892 DBG2(" not after : %T", &this->notAfter);
893
894 if (until != NULL &&
895 (*until == UNDEFINED_TIME || this->notAfter < *until))
896 {
897 *until = this->notAfter;
898 }
899 if (current_time < this->notBefore)
900 {
901 return "is not valid yet";
902 }
903 if (current_time > this->notAfter)
904 {
905 return "has expired";
906 }
907 DBG2(" certificate is valid");
908 return NULL;
909 }
910
911 /**
912 * Implements x509_t.is_ca
913 */
914 static bool is_ca(const private_x509_t *this)
915 {
916 return this->isCA;
917 }
918
919 /**
920 * Implements x509_t.is_self_signed
921 */
922 static bool is_self_signed(const private_x509_t *this)
923 {
924 return this->subject->equals(this->subject, this->issuer);
925 }
926
927 /**
928 * Implements x509_t.equals_subjectAltName
929 */
930 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
931 {
932 bool found = FALSE;
933 identification_t *subjectAltName;
934 iterator_t *iterator;
935
936 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
937 while (iterator->iterate(iterator, (void**)&subjectAltName))
938 {
939 if (id->equals(id, subjectAltName))
940 {
941 found = TRUE;
942 break;
943 }
944 }
945 iterator->destroy(iterator);
946 return found;
947 }
948
949 /**
950 * Implements x509_t.is_issuer
951 */
952 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
953 {
954 return (this->authKeyID.ptr)
955 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
956 : (this->issuer->equals(this->issuer, issuer->subject)
957 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
958 }
959
960 /**
961 * Implements x509_t.get_certificate
962 */
963 static chunk_t get_certificate(const private_x509_t *this)
964 {
965 return this->certificate;
966 }
967
968 /**
969 * Implements x509_t.get_public_key
970 */
971 static rsa_public_key_t *get_public_key(const private_x509_t *this)
972 {
973 return this->public_key;
974 }
975
976 /**
977 * Implements x509_t.get_serialNumber
978 */
979 static chunk_t get_serialNumber(const private_x509_t *this)
980 {
981 return this->serialNumber;
982 }
983
984 /**
985 * Implements x509_t.get_subjectKeyID
986 */
987 static chunk_t get_subjectKeyID(const private_x509_t *this)
988 {
989 return this->subjectKeyID;
990 }
991
992 /**
993 * Implements x509_t.get_keyid
994 */
995 static chunk_t get_keyid(const private_x509_t *this)
996 {
997 return this->public_key->get_keyid(this->public_key);
998 }
999
1000 /**
1001 * Implements x509_t.get_issuer
1002 */
1003 static identification_t *get_issuer(const private_x509_t *this)
1004 {
1005 return this->issuer;
1006 }
1007
1008 /**
1009 * Implements x509_t.get_subject
1010 */
1011 static identification_t *get_subject(const private_x509_t *this)
1012 {
1013 return this->subject;
1014 }
1015
1016 /**
1017 * Implements x509_t.set_until
1018 */
1019 static void set_until(private_x509_t *this, time_t until)
1020 {
1021 this->until = until;
1022 }
1023
1024 /**
1025 * Implements x509_t.get_until
1026 */
1027 static time_t get_until(const private_x509_t *this)
1028 {
1029 return this->until;
1030 }
1031
1032 /**
1033 * Implements x509_t.set_status
1034 */
1035 static void set_status(private_x509_t *this, cert_status_t status)
1036 {
1037 this->status = status;
1038 }
1039
1040 /**
1041 * Implements x509_t.get_status
1042 */
1043 static cert_status_t get_status(const private_x509_t *this)
1044 {
1045 return this->status;
1046 }
1047
1048 /**
1049 * Implements x509_t.create_crluri_iterator
1050 */
1051 static iterator_t *create_crluri_iterator(const private_x509_t *this)
1052 {
1053 return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
1054 }
1055
1056 /**
1057 * Implements x509_t.create_crluri_iterator
1058 */
1059 static iterator_t *create_ocspuri_iterator(const private_x509_t *this)
1060 {
1061 return this->ocspAccessLocations->create_iterator(this->ocspAccessLocations, TRUE);
1062 }
1063
1064 /**
1065 * Implements x509_t.verify
1066 */
1067 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1068 {
1069 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
1070 }
1071
1072 /**
1073 * output handler in printf()
1074 */
1075 static int print(FILE *stream, const struct printf_info *info,
1076 const void *const *args)
1077 {
1078 private_x509_t *this = *((private_x509_t**)(args[0]));
1079 iterator_t *iterator;
1080 bool utc = TRUE;
1081 int written = 0;
1082
1083 if (info->alt)
1084 {
1085 utc = *((bool*)(args[1]));
1086 }
1087
1088 if (this == NULL)
1089 {
1090 return fprintf(stream, "(null)");
1091 }
1092
1093 /* determine the current time */
1094 time_t now = time(NULL);
1095
1096 written += fprintf(stream, "%#T\n", &this->installed, utc);
1097
1098 if (this->subjectAltNames->get_count(this->subjectAltNames))
1099 {
1100 identification_t *subjectAltName;
1101 bool first = TRUE;
1102
1103 written += fprintf(stream, " altNames: ");
1104 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
1105 while (iterator->iterate(iterator, (void**)&subjectAltName))
1106 {
1107 if (first)
1108 {
1109 first = FALSE;
1110 }
1111 else
1112 {
1113 written += fprintf(stream, ", ");
1114 }
1115 written += fprintf(stream, "'%D'", subjectAltName);
1116 }
1117 iterator->destroy(iterator);
1118 written += fprintf(stream, "\n");
1119 }
1120 written += fprintf(stream, " subject: '%D'\n", this->subject);
1121 written += fprintf(stream, " issuer: '%D'\n", this->issuer);
1122 written += fprintf(stream, " serial: %#B\n", &this->serialNumber);
1123 written += fprintf(stream, " validity: not before %#T, ", &this->notBefore, utc);
1124 if (now < this->notBefore)
1125 {
1126 written += fprintf(stream, "not valid yet (valid in %V)\n", &now, &this->notBefore);
1127 }
1128 else
1129 {
1130 written += fprintf(stream, "ok\n");
1131 }
1132
1133 written += fprintf(stream, " not after %#T, ", &this->notAfter, utc);
1134 if (now > this->notAfter)
1135 {
1136 written += fprintf(stream, "expired (since %V)\n", &now, &this->notAfter);
1137 }
1138 else
1139 {
1140 written += fprintf(stream, "ok");
1141 if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
1142 {
1143 written += fprintf(stream, " (expires in %V)", &now, &this->notAfter);
1144 }
1145 written += fprintf(stream, " \n");
1146 }
1147
1148 {
1149 chunk_t keyid = this->public_key->get_keyid(this->public_key);
1150 written += fprintf(stream, " keyid: %#B\n", &keyid);
1151 }
1152
1153 if (this->subjectKeyID.ptr)
1154 {
1155 written += fprintf(stream, " subjkey: %#B\n", &this->subjectKeyID);
1156 }
1157 if (this->authKeyID.ptr)
1158 {
1159 written += fprintf(stream, " authkey: %#B\n", &this->authKeyID);
1160 }
1161 if (this->authKeySerialNumber.ptr)
1162 {
1163 written += fprintf(stream, " aserial: %#B\n", &this->authKeySerialNumber);
1164 }
1165
1166 written += fprintf(stream, " pubkey: RSA %d bits", BITS_PER_BYTE *
1167 this->public_key->get_keysize(this->public_key));
1168 written += fprintf(stream, ", status %N",
1169 cert_status_names, this->status);
1170
1171 switch (this->status)
1172 {
1173 case CERT_GOOD:
1174 written += fprintf(stream, " until %#T", &this->until, utc);
1175 break;
1176 case CERT_REVOKED:
1177 written += fprintf(stream, " on %#T", &this->until, utc);
1178 break;
1179 case CERT_UNKNOWN:
1180 case CERT_UNDEFINED:
1181 case CERT_UNTRUSTED:
1182 default:
1183 break;
1184 }
1185 return written;
1186 }
1187
1188 /**
1189 * register printf() handlers
1190 */
1191 static void __attribute__ ((constructor))print_register()
1192 {
1193 register_printf_function(PRINTF_X509, print, arginfo_ptr_alt_ptr_int);
1194 }
1195
1196 /**
1197 * Implements x509_t.destroy
1198 */
1199 static void destroy(private_x509_t *this)
1200 {
1201 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1202 offsetof(identification_t, destroy));
1203 this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
1204 offsetof(identification_t, destroy));
1205 this->ocspAccessLocations->destroy_offset(this->ocspAccessLocations,
1206 offsetof(identification_t, destroy));
1207 DESTROY_IF(this->issuer);
1208 DESTROY_IF(this->subject);
1209 DESTROY_IF(this->public_key);
1210 free(this->certificate.ptr);
1211 free(this);
1212 }
1213
1214 /*
1215 * Described in header.
1216 */
1217 x509_t *x509_create_from_chunk(chunk_t chunk)
1218 {
1219 private_x509_t *this = malloc_thing(private_x509_t);
1220
1221 /* initialize */
1222 this->subjectPublicKey = chunk_empty;
1223 this->public_key = NULL;
1224 this->subject = NULL;
1225 this->issuer = NULL;
1226 this->subjectAltNames = linked_list_create();
1227 this->crlDistributionPoints = linked_list_create();
1228 this->ocspAccessLocations = linked_list_create();
1229 this->subjectKeyID = chunk_empty;
1230 this->authKeyID = chunk_empty;
1231 this->authKeySerialNumber = chunk_empty;
1232
1233 /* public functions */
1234 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1235 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1236 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1237 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1238 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1239 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1240 this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
1241 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1242 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1243 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1244 this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
1245 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1246 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1247 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1248 this->public.get_until = (time_t (*) (const x509_t*))get_until;
1249 this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
1250 this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
1251 this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
1252 this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator;
1253 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1254 this->public.destroy = (void (*) (x509_t*))destroy;
1255
1256 if (!parse_x509cert(chunk, 0, this))
1257 {
1258 destroy(this);
1259 return NULL;
1260 }
1261
1262 /* extract public key from certificate */
1263 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1264 if (this->public_key == NULL)
1265 {
1266 destroy(this);
1267 return NULL;
1268 }
1269 /* set trusted lifetime of public key to notAfter */
1270 this->status = is_self_signed(this)? CERT_GOOD:CERT_UNDEFINED;
1271 this->until = this->notAfter;
1272 return &this->public;
1273 }
1274
1275 /*
1276 * Described in header.
1277 */
1278 x509_t *x509_create_from_file(const char *filename, const char *label)
1279 {
1280 bool pgp = FALSE;
1281 chunk_t chunk = chunk_empty;
1282 x509_t *cert = NULL;
1283
1284 if (!pem_asn1_load_file(filename, NULL, label, &chunk, &pgp))
1285 return NULL;
1286
1287 cert = x509_create_from_chunk(chunk);
1288
1289 if (cert == NULL)
1290 free(chunk.ptr);
1291 return cert;
1292 }