58fcff16decb9cdef5ca5412dc6607e52127da61
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <gmp.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <string.h>
27 #include <stdio.h>
28
29 #include "x509.h"
30 #include "hashers/hasher.h"
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/pem.h>
36 #include <utils/linked_list.h>
37 #include <utils/identification.h>
38
39 #define CERT_WARNING_INTERVAL 30 /* days */
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum generalNames_t generalNames_t;
45
46 enum generalNames_t {
47 GN_OTHER_NAME = 0,
48 GN_RFC822_NAME = 1,
49 GN_DNS_NAME = 2,
50 GN_X400_ADDRESS = 3,
51 GN_DIRECTORY_NAME = 4,
52 GN_EDI_PARTY_NAME = 5,
53 GN_URI = 6,
54 GN_IP_ADDRESS = 7,
55 GN_REGISTERED_ID = 8,
56 };
57
58 typedef struct private_x509_t private_x509_t;
59
60 /**
61 * Private data of a x509_t object.
62 */
63 struct private_x509_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_t public;
68
69 /**
70 * Time when certificate was installed
71 */
72 time_t installed;
73
74 /**
75 * Time until certificate can be trusted
76 */
77 time_t until;
78
79 /**
80 * Certificate status
81 */
82 cert_status_t status;
83
84 /**
85 * Authority flags
86 */
87 u_int authority_flags;
88
89 /**
90 * X.509 Certificate in DER format
91 */
92 chunk_t certificate;
93
94 /**
95 * X.509 certificate body over which signature is computed
96 */
97 chunk_t tbsCertificate;
98
99 /**
100 * Version of the X.509 certificate
101 */
102 u_int version;
103
104 /**
105 * Serial number of the X.509 certificate
106 */
107 chunk_t serialNumber;
108
109 /**
110 * Signature algorithm
111 */
112 int sigAlg;
113
114 /**
115 * ID representing the certificate issuer
116 */
117 identification_t *issuer;
118
119 /**
120 * Start time of certificate validity
121 */
122 time_t notBefore;
123
124 /**
125 * End time of certificate validity
126 */
127 time_t notAfter;
128
129 /**
130 * ID representing the certificate subject
131 */
132 identification_t *subject;
133
134 /**
135 * List of identification_t's representing subjectAltNames
136 */
137 linked_list_t *subjectAltNames;
138
139 /**
140 * List of identification_t's representing crlDistributionPoints
141 */
142 linked_list_t *crlDistributionPoints;
143
144 /**
145 * List of identification_t's representing ocspAccessLocations
146 */
147 linked_list_t *ocspAccessLocations;
148
149 /**
150 * Subject public key
151 */
152 chunk_t subjectPublicKey;
153
154 /**
155 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
156 */
157 rsa_public_key_t *public_key;
158
159 /**
160 * Subject Key Identifier
161 */
162 chunk_t subjectKeyID;
163
164 /**
165 * Authority Key Identifier
166 */
167 chunk_t authKeyID;
168
169 /**
170 * Authority Key Serial Number
171 */
172 chunk_t authKeySerialNumber;
173
174 /**
175 * CA basic constraints flag
176 */
177 bool isCA;
178
179 /**
180 * OCSPSigner extended key usage flag
181 */
182 bool isOcspSigner;
183
184 /**
185 * Signature algorithm (must be identical to sigAlg)
186 */
187 int algorithm;
188
189 /**
190 * Signature
191 */
192 chunk_t signature;
193
194 };
195
196 /**
197 * ASN.1 definition of generalName
198 */
199 static const asn1Object_t generalNameObjects[] = {
200 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
201 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
202 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
203 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
204 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
205 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
206 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
207 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
208 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
209 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
210 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
211 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
212 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
213 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
214 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
215 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
216 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
217 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
218 };
219 #define GN_OBJ_OTHER_NAME 0
220 #define GN_OBJ_RFC822_NAME 2
221 #define GN_OBJ_DNS_NAME 4
222 #define GN_OBJ_X400_ADDRESS 6
223 #define GN_OBJ_DIRECTORY_NAME 8
224 #define GN_OBJ_EDI_PARTY_NAME 10
225 #define GN_OBJ_URI 12
226 #define GN_OBJ_IP_ADDRESS 14
227 #define GN_OBJ_REGISTERED_ID 16
228 #define GN_OBJ_ROOF 18
229
230 /**
231 * ASN.1 definition of otherName
232 */
233 static const asn1Object_t otherNameObjects[] = {
234 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
235 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
236 };
237 #define ON_OBJ_ID_TYPE 0
238 #define ON_OBJ_VALUE 1
239 #define ON_OBJ_ROOF 2
240 /**
241 * ASN.1 definition of a basicConstraints extension
242 */
243 static const asn1Object_t basicConstraintsObjects[] = {
244 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
245 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
246 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
247 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
248 };
249 #define BASIC_CONSTRAINTS_CA 1
250 #define BASIC_CONSTRAINTS_ROOF 4
251
252 /**
253 * ASN.1 definition of time
254 */
255 static const asn1Object_t timeObjects[] = {
256 { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
257 { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
258 { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
259 { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
260 };
261 #define TIME_UTC 0
262 #define TIME_GENERALIZED 2
263 #define TIME_ROOF 4
264
265 /**
266 * ASN.1 definition of a keyIdentifier
267 */
268 static const asn1Object_t keyIdentifierObjects[] = {
269 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
270 };
271
272 /**
273 * ASN.1 definition of a authorityKeyIdentifier extension
274 */
275 static const asn1Object_t authorityKeyIdentifierObjects[] = {
276 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
277 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
278 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
279 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
280 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
281 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
282 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
283 };
284 #define AUTH_KEY_ID_KEY_ID 1
285 #define AUTH_KEY_ID_CERT_ISSUER 3
286 #define AUTH_KEY_ID_CERT_SERIAL 5
287 #define AUTH_KEY_ID_ROOF 7
288
289 /**
290 * ASN.1 definition of a authorityInfoAccess extension
291 */
292 static const asn1Object_t authorityInfoAccessObjects[] = {
293 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
294 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
295 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
296 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
297 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
298 };
299 #define AUTH_INFO_ACCESS_METHOD 2
300 #define AUTH_INFO_ACCESS_LOCATION 3
301 #define AUTH_INFO_ACCESS_ROOF 5
302
303 /**
304 * ASN.1 definition of a extendedKeyUsage extension
305 */
306 static const asn1Object_t extendedKeyUsageObjects[] = {
307 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
308 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
309 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
310 };
311
312 #define EXT_KEY_USAGE_PURPOSE_ID 1
313 #define EXT_KEY_USAGE_ROOF 3
314
315 /**
316 * ASN.1 definition of generalNames
317 */
318 static const asn1Object_t generalNamesObjects[] = {
319 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
320 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
321 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
322 };
323 #define GENERAL_NAMES_GN 1
324 #define GENERAL_NAMES_ROOF 3
325
326
327 /**
328 * ASN.1 definition of crlDistributionPoints
329 */
330 static const asn1Object_t crlDistributionPointsObjects[] = {
331 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
332 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
333 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
334 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
335 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
336 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
337 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
338 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
339 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
340 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
341 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
342 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
343 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
344 };
345 #define CRL_DIST_POINTS_FULLNAME 3
346 #define CRL_DIST_POINTS_ROOF 13
347
348 /**
349 * ASN.1 definition of an X.509v3 x509
350 */
351 static const asn1Object_t certObjects[] = {
352 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
353 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
354 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
355 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
356 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
357 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
358 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
359 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
360 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
361 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
362 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
363 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
364 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
365 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
366 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
367 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
368 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
369 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
370 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
371 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
372 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
373 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
374 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
375 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
376 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
377 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
378 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
379 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
380 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
381 };
382 #define X509_OBJ_CERTIFICATE 0
383 #define X509_OBJ_TBS_CERTIFICATE 1
384 #define X509_OBJ_VERSION 3
385 #define X509_OBJ_SERIAL_NUMBER 4
386 #define X509_OBJ_SIG_ALG 5
387 #define X509_OBJ_ISSUER 6
388 #define X509_OBJ_NOT_BEFORE 8
389 #define X509_OBJ_NOT_AFTER 9
390 #define X509_OBJ_SUBJECT 10
391 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
392 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
393 #define X509_OBJ_RSA_PUBLIC_KEY 14
394 #define X509_OBJ_EXTN_ID 22
395 #define X509_OBJ_CRITICAL 23
396 #define X509_OBJ_EXTN_VALUE 24
397 #define X509_OBJ_ALGORITHM 27
398 #define X509_OBJ_SIGNATURE 28
399 #define X509_OBJ_ROOF 29
400
401
402 static u_char ASN1_subjectAltName_oid_str[] = {
403 0x06, 0x03, 0x55, 0x1D, 0x11
404 };
405
406 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
407
408
409 /**
410 * compare two X.509 x509s by comparing their signatures
411 */
412 static bool equals(const private_x509_t *this, const private_x509_t *other)
413 {
414 return chunk_equals(this->signature, other->signature);
415 }
416
417 /**
418 * extracts the basicConstraints extension
419 */
420 static bool parse_basicConstraints(chunk_t blob, int level0)
421 {
422 asn1_ctx_t ctx;
423 chunk_t object;
424 u_int level;
425 int objectID = 0;
426 bool isCA = FALSE;
427
428 asn1_init(&ctx, blob, level0, FALSE, FALSE);
429
430 while (objectID < BASIC_CONSTRAINTS_ROOF) {
431
432 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
433 {
434 break;
435 }
436 if (objectID == BASIC_CONSTRAINTS_CA)
437 {
438 isCA = object.len && *object.ptr;
439 DBG2(" %s", isCA ? "TRUE" : "FALSE");
440 }
441 objectID++;
442 }
443 return isCA;
444 }
445
446 /*
447 * extracts an otherName
448 */
449 static bool
450 parse_otherName(chunk_t blob, int level0)
451 {
452 asn1_ctx_t ctx;
453 chunk_t object;
454 int objectID = 0;
455 u_int level;
456 int oid = OID_UNKNOWN;
457
458 asn1_init(&ctx, blob, level0, FALSE, FALSE);
459
460 while (objectID < ON_OBJ_ROOF)
461 {
462 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
463 return FALSE;
464
465 switch (objectID)
466 {
467 case ON_OBJ_ID_TYPE:
468 oid = known_oid(object);
469 break;
470 case ON_OBJ_VALUE:
471 if (oid == OID_XMPP_ADDR)
472 {
473 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
474 return FALSE;
475 }
476 break;
477 default:
478 break;
479 }
480 objectID++;
481 }
482 return TRUE;
483 }
484
485 /*
486 * extracts a generalName
487 */
488 static identification_t *parse_generalName(chunk_t blob, int level0)
489 {
490 asn1_ctx_t ctx;
491 chunk_t object;
492 int objectID = 0;
493 u_int level;
494
495 asn1_init(&ctx, blob, level0, FALSE, FALSE);
496
497 while (objectID < GN_OBJ_ROOF)
498 {
499 id_type_t id_type = ID_ANY;
500
501 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
502 return NULL;
503
504 switch (objectID)
505 {
506 case GN_OBJ_RFC822_NAME:
507 id_type = ID_RFC822_ADDR;
508 break;
509 case GN_OBJ_DNS_NAME:
510 id_type = ID_FQDN;
511 break;
512 case GN_OBJ_URI:
513 id_type = ID_DER_ASN1_GN_URI;
514 break;
515 case GN_OBJ_DIRECTORY_NAME:
516 id_type = ID_DER_ASN1_DN;
517 break;
518 case GN_OBJ_IP_ADDRESS:
519 id_type = ID_IPV4_ADDR;
520 break;
521 case GN_OBJ_OTHER_NAME:
522 if (!parse_otherName(object, level + 1))
523 return NULL;
524 break;
525 case GN_OBJ_X400_ADDRESS:
526 case GN_OBJ_EDI_PARTY_NAME:
527 case GN_OBJ_REGISTERED_ID:
528 break;
529 default:
530 break;
531 }
532
533 if (id_type != ID_ANY)
534 {
535 identification_t *gn = identification_create_from_encoding(id_type, object);
536 DBG2(" '%D'", gn);
537 return gn;
538 }
539 objectID++;
540 }
541 return NULL;
542 }
543
544
545 /**
546 * extracts one or several GNs and puts them into a chained list
547 */
548 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
549 {
550 asn1_ctx_t ctx;
551 chunk_t object;
552 u_int level;
553 int objectID = 0;
554
555 asn1_init(&ctx, blob, level0, implicit, FALSE);
556
557 while (objectID < GENERAL_NAMES_ROOF)
558 {
559 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
560 return;
561
562 if (objectID == GENERAL_NAMES_GN)
563 {
564 identification_t *gn = parse_generalName(object, level+1);
565
566 if (gn != NULL)
567 list->insert_last(list, (void *)gn);
568 }
569 objectID++;
570 }
571 return;
572 }
573
574 /**
575 * extracts and converts a UTCTIME or GENERALIZEDTIME object
576 */
577 time_t parse_time(chunk_t blob, int level0)
578 {
579 asn1_ctx_t ctx;
580 chunk_t object;
581 u_int level;
582 int objectID = 0;
583
584 asn1_init(&ctx, blob, level0, FALSE, FALSE);
585
586 while (objectID < TIME_ROOF)
587 {
588 if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
589 return 0;
590
591 if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
592 {
593 return asn1totime(&object, (objectID == TIME_UTC)
594 ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
595 }
596 objectID++;
597 }
598 return 0;
599 }
600
601 /**
602 * extracts a keyIdentifier
603 */
604 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
605 {
606 asn1_ctx_t ctx;
607 chunk_t object;
608 u_int level;
609 int objectID = 0;
610
611 asn1_init(&ctx, blob, level0, implicit, FALSE);
612
613 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
614 return object;
615 }
616
617 /**
618 * extracts an authoritykeyIdentifier
619 */
620 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
621 {
622 asn1_ctx_t ctx;
623 chunk_t object;
624 u_int level;
625 int objectID = 0;
626
627 asn1_init(&ctx, blob, level0, FALSE, FALSE);
628 while (objectID < AUTH_KEY_ID_ROOF)
629 {
630 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
631 {
632 return;
633 }
634 switch (objectID)
635 {
636 case AUTH_KEY_ID_KEY_ID:
637 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
638 break;
639 case AUTH_KEY_ID_CERT_ISSUER:
640 {
641 /* TODO: parse_generalNames(object, level+1, TRUE); */
642 break;
643 }
644 case AUTH_KEY_ID_CERT_SERIAL:
645 *authKeySerialNumber = object;
646 break;
647 default:
648 break;
649 }
650 objectID++;
651 }
652 }
653
654 /**
655 * extracts an authorityInfoAcess location
656 */
657 static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *list)
658 {
659 asn1_ctx_t ctx;
660 chunk_t object;
661 u_int level;
662 int objectID = 0;
663
664 u_int accessMethod = OID_UNKNOWN;
665
666 asn1_init(&ctx, blob, level0, FALSE, FALSE);
667 while (objectID < AUTH_INFO_ACCESS_ROOF)
668 {
669 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
670 {
671 return;
672 }
673 switch (objectID)
674 {
675 case AUTH_INFO_ACCESS_METHOD:
676 accessMethod = known_oid(object);
677 break;
678 case AUTH_INFO_ACCESS_LOCATION:
679 {
680 switch (accessMethod)
681 {
682 case OID_OCSP:
683 if (*object.ptr == ASN1_CONTEXT_S_6)
684 {
685 identification_t *accessLocation;
686
687 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
688 return;
689 DBG2(" '%.*s'",(int)object.len, object.ptr);
690 accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object);
691 list->insert_last(list, (void *)accessLocation);
692 }
693 break;
694 default:
695 /* unkown accessMethod, ignoring */
696 break;
697 }
698 break;
699 }
700 default:
701 break;
702 }
703 objectID++;
704 }
705 }
706
707 /**
708 * extracts extendedKeyUsage OIDs
709 */
710 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
711 {
712 asn1_ctx_t ctx;
713 chunk_t object;
714 u_int level;
715 int objectID = 0;
716
717 asn1_init(&ctx, blob, level0, FALSE, FALSE);
718 while (objectID < EXT_KEY_USAGE_ROOF)
719 {
720 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
721 {
722 return FALSE;
723 }
724 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
725 known_oid(object) == OID_OCSP_SIGNING)
726 {
727 return TRUE;
728 }
729 objectID++;
730 }
731 return FALSE;
732 }
733
734 /**
735 * extracts one or several crlDistributionPoints and puts them into
736 * a chained list
737 */
738 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
739 {
740 asn1_ctx_t ctx;
741 chunk_t object;
742 u_int level;
743 int objectID = 0;
744
745 asn1_init(&ctx, blob, level0, FALSE, FALSE);
746 while (objectID < CRL_DIST_POINTS_ROOF)
747 {
748 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
749 {
750 return;
751 }
752 if (objectID == CRL_DIST_POINTS_FULLNAME)
753 {
754 /* append extracted generalNames to existing chained list */
755 parse_generalNames(object, level+1, TRUE, list);
756
757 }
758 objectID++;
759 }
760 }
761
762
763 /**
764 * Parses an X.509v3 certificate
765 */
766 static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *cert)
767 {
768 asn1_ctx_t ctx;
769 bool critical;
770 chunk_t object;
771 u_int level;
772 u_int extn_oid = OID_UNKNOWN;
773 int objectID = 0;
774
775 asn1_init(&ctx, blob, level0, FALSE, FALSE);
776 while (objectID < X509_OBJ_ROOF)
777 {
778 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
779 {
780 return FALSE;
781 }
782 /* those objects which will parsed further need the next higher level */
783 level++;
784 switch (objectID) {
785 case X509_OBJ_CERTIFICATE:
786 cert->certificate = object;
787 break;
788 case X509_OBJ_TBS_CERTIFICATE:
789 cert->tbsCertificate = object;
790 break;
791 case X509_OBJ_VERSION:
792 cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
793 DBG2(" v%d", cert->version);
794 break;
795 case X509_OBJ_SERIAL_NUMBER:
796 cert->serialNumber = object;
797 break;
798 case X509_OBJ_SIG_ALG:
799 cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
800 break;
801 case X509_OBJ_ISSUER:
802 cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
803 DBG2(" '%D'", cert->issuer);
804 break;
805 case X509_OBJ_NOT_BEFORE:
806 cert->notBefore = parse_time(object, level);
807 break;
808 case X509_OBJ_NOT_AFTER:
809 cert->notAfter = parse_time(object, level);
810 break;
811 case X509_OBJ_SUBJECT:
812 cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
813 DBG2(" '%D'", cert->subject);
814 break;
815 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
816 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
817 {
818 DBG2(" unsupported public key algorithm");
819 return FALSE;
820 }
821 break;
822 case X509_OBJ_SUBJECT_PUBLIC_KEY:
823 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
824 {
825 /* skip initial bit string octet defining 0 unused bits */
826 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
827 }
828 else
829 {
830 DBG2(" invalid RSA public key format");
831 return FALSE;
832 }
833 break;
834 case X509_OBJ_RSA_PUBLIC_KEY:
835 cert->subjectPublicKey = object;
836 break;
837 case X509_OBJ_EXTN_ID:
838 extn_oid = known_oid(object);
839 break;
840 case X509_OBJ_CRITICAL:
841 critical = object.len && *object.ptr;
842 DBG2(" %s", critical ? "TRUE" : "FALSE");
843 break;
844 case X509_OBJ_EXTN_VALUE:
845 {
846 switch (extn_oid) {
847 case OID_SUBJECT_KEY_ID:
848 cert->subjectKeyID = chunk_clone(parse_keyIdentifier(object, level, FALSE));
849 break;
850 case OID_SUBJECT_ALT_NAME:
851 parse_generalNames(object, level, FALSE, cert->subjectAltNames);
852 break;
853 case OID_BASIC_CONSTRAINTS:
854 cert->isCA = parse_basicConstraints(object, level);
855 break;
856 case OID_CRL_DISTRIBUTION_POINTS:
857 parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
858 break;
859 case OID_AUTHORITY_KEY_ID:
860 parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
861 break;
862 case OID_AUTHORITY_INFO_ACCESS:
863 parse_authorityInfoAccess(object, level, cert->ocspAccessLocations);
864 break;
865 case OID_EXTENDED_KEY_USAGE:
866 cert->isOcspSigner = parse_extendedKeyUsage(object, level);
867 break;
868 case OID_NS_REVOCATION_URL:
869 case OID_NS_CA_REVOCATION_URL:
870 case OID_NS_CA_POLICY_URL:
871 case OID_NS_COMMENT:
872 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
873 return FALSE;
874 break;
875 default:
876 break;
877 }
878 break;
879 }
880 case X509_OBJ_ALGORITHM:
881 cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
882 break;
883 case X509_OBJ_SIGNATURE:
884 cert->signature = object;
885 break;
886 default:
887 break;
888 }
889 objectID++;
890 }
891
892 if (cert->subjectKeyID.ptr == NULL)
893 {
894 hasher_t *hasher = hasher_create(HASH_SHA1);
895
896 hasher->allocate_hash(hasher, cert->subjectPublicKey, &cert->subjectKeyID);
897 hasher->destroy(hasher);
898 }
899
900 time(&cert->installed);
901 return TRUE;
902 }
903
904 /**
905 * Implements x509_t.is_valid
906 */
907 static err_t is_valid(const private_x509_t *this, time_t *until)
908 {
909 time_t current_time = time(NULL);
910
911 DBG2(" not before : %T", &this->notBefore);
912 DBG2(" current time: %T", &current_time);
913 DBG2(" not after : %T", &this->notAfter);
914
915 if (until != NULL &&
916 (*until == UNDEFINED_TIME || this->notAfter < *until))
917 {
918 *until = this->notAfter;
919 }
920 if (current_time < this->notBefore)
921 {
922 return "is not valid yet";
923 }
924 if (current_time > this->notAfter)
925 {
926 return "has expired";
927 }
928 DBG2(" certificate is valid");
929 return NULL;
930 }
931
932 /**
933 * Implements x509_t.is_ca
934 */
935 static bool is_ca(const private_x509_t *this)
936 {
937 return this->isCA;
938 }
939
940 /**
941 * Implements x509_t.is_ocsp_signer
942 */
943 static bool is_ocsp_signer(const private_x509_t *this)
944 {
945 return this->isOcspSigner;
946 }
947
948 /**
949 * Implements x509_t.is_self_signed
950 */
951 static bool is_self_signed(const private_x509_t *this)
952 {
953 return this->subject->equals(this->subject, this->issuer);
954 }
955
956 /**
957 * Implements x509_t.equals_subjectAltName
958 */
959 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
960 {
961 bool found = FALSE;
962 identification_t *subjectAltName;
963 iterator_t *iterator;
964
965 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
966 while (iterator->iterate(iterator, (void**)&subjectAltName))
967 {
968 if (id->equals(id, subjectAltName))
969 {
970 found = TRUE;
971 break;
972 }
973 }
974 iterator->destroy(iterator);
975 return found;
976 }
977
978 /**
979 * Implements x509_t.is_issuer
980 */
981 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
982 {
983 return (this->authKeyID.ptr)
984 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
985 : (this->issuer->equals(this->issuer, issuer->subject)
986 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
987 }
988
989 /**
990 * Implements x509_t.get_certificate
991 */
992 static chunk_t get_certificate(const private_x509_t *this)
993 {
994 return this->certificate;
995 }
996
997 /**
998 * Implements x509_t.get_public_key
999 */
1000 static rsa_public_key_t *get_public_key(const private_x509_t *this)
1001 {
1002 return this->public_key;
1003 }
1004
1005 /**
1006 * Implements x509_t.get_serialNumber
1007 */
1008 static chunk_t get_serialNumber(const private_x509_t *this)
1009 {
1010 return this->serialNumber;
1011 }
1012
1013 /**
1014 * Implements x509_t.get_subjectKeyID
1015 */
1016 static chunk_t get_subjectKeyID(const private_x509_t *this)
1017 {
1018 return this->subjectKeyID;
1019 }
1020
1021 /**
1022 * Implements x509_t.get_keyid
1023 */
1024 static chunk_t get_keyid(const private_x509_t *this)
1025 {
1026 return this->public_key->get_keyid(this->public_key);
1027 }
1028
1029 /**
1030 * Implements x509_t.get_issuer
1031 */
1032 static identification_t *get_issuer(const private_x509_t *this)
1033 {
1034 return this->issuer;
1035 }
1036
1037 /**
1038 * Implements x509_t.get_subject
1039 */
1040 static identification_t *get_subject(const private_x509_t *this)
1041 {
1042 return this->subject;
1043 }
1044
1045 /**
1046 * Implements x509_t.set_until
1047 */
1048 static void set_until(private_x509_t *this, time_t until)
1049 {
1050 this->until = until;
1051 }
1052
1053 /**
1054 * Implements x509_t.get_until
1055 */
1056 static time_t get_until(const private_x509_t *this)
1057 {
1058 return this->until;
1059 }
1060
1061 /**
1062 * Implements x509_t.set_status
1063 */
1064 static void set_status(private_x509_t *this, cert_status_t status)
1065 {
1066 this->status = status;
1067 }
1068
1069 /**
1070 * Implements x509_t.get_status
1071 */
1072 static cert_status_t get_status(const private_x509_t *this)
1073 {
1074 return this->status;
1075 }
1076
1077 /**
1078 * Implements x509_t.add_authority_flags
1079 */
1080 static void add_authority_flags(private_x509_t *this, u_int flags)
1081 {
1082 this->authority_flags |= flags;
1083 }
1084
1085 /**
1086 * Implements x509_t.add_authority_flags
1087 */
1088 static u_int get_authority_flags(private_x509_t *this)
1089 {
1090 return this->authority_flags;
1091 }
1092
1093 /**
1094 * Implements x509_t.has_authority_flag
1095 */
1096 static bool has_authority_flag(private_x509_t *this, u_int flags)
1097 {
1098 return (this->authority_flags & flags) != AUTH_NONE;
1099 }
1100
1101 /**
1102 * Implements x509_t.create_crluri_iterator
1103 */
1104 static iterator_t *create_crluri_iterator(const private_x509_t *this)
1105 {
1106 return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
1107 }
1108
1109 /**
1110 * Implements x509_t.create_crluri_iterator
1111 */
1112 static iterator_t *create_ocspuri_iterator(const private_x509_t *this)
1113 {
1114 return this->ocspAccessLocations->create_iterator(this->ocspAccessLocations, TRUE);
1115 }
1116
1117 /**
1118 * Implements x509_t.verify
1119 */
1120 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1121 {
1122 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
1123 }
1124
1125 /**
1126 * output handler in printf()
1127 */
1128 static int print(FILE *stream, const struct printf_info *info,
1129 const void *const *args)
1130 {
1131 private_x509_t *this = *((private_x509_t**)(args[0]));
1132 iterator_t *iterator;
1133 bool utc = TRUE;
1134 int written = 0;
1135
1136 if (info->alt)
1137 {
1138 utc = *((bool*)(args[1]));
1139 }
1140
1141 if (this == NULL)
1142 {
1143 return fprintf(stream, "(null)");
1144 }
1145
1146 /* determine the current time */
1147 time_t now = time(NULL);
1148
1149 written += fprintf(stream, "%#T\n", &this->installed, utc);
1150
1151 if (this->subjectAltNames->get_count(this->subjectAltNames))
1152 {
1153 identification_t *subjectAltName;
1154 bool first = TRUE;
1155
1156 written += fprintf(stream, " altNames: ");
1157 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
1158 while (iterator->iterate(iterator, (void**)&subjectAltName))
1159 {
1160 if (first)
1161 {
1162 first = FALSE;
1163 }
1164 else
1165 {
1166 written += fprintf(stream, ", ");
1167 }
1168 written += fprintf(stream, "'%D'", subjectAltName);
1169 }
1170 iterator->destroy(iterator);
1171 written += fprintf(stream, "\n");
1172 }
1173 written += fprintf(stream, " subject: '%D'\n", this->subject);
1174 written += fprintf(stream, " issuer: '%D'\n", this->issuer);
1175 written += fprintf(stream, " serial: %#B\n", &this->serialNumber);
1176 written += fprintf(stream, " validity: not before %#T, ", &this->notBefore, utc);
1177 if (now < this->notBefore)
1178 {
1179 written += fprintf(stream, "not valid yet (valid in %V)\n", &now, &this->notBefore);
1180 }
1181 else
1182 {
1183 written += fprintf(stream, "ok\n");
1184 }
1185
1186 written += fprintf(stream, " not after %#T, ", &this->notAfter, utc);
1187 if (now > this->notAfter)
1188 {
1189 written += fprintf(stream, "expired (%V ago)\n", &now, &this->notAfter);
1190 }
1191 else
1192 {
1193 written += fprintf(stream, "ok");
1194 if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
1195 {
1196 written += fprintf(stream, " (expires in %V)", &now, &this->notAfter);
1197 }
1198 written += fprintf(stream, " \n");
1199 }
1200
1201 {
1202 chunk_t keyid = this->public_key->get_keyid(this->public_key);
1203 written += fprintf(stream, " keyid: %#B\n", &keyid);
1204 }
1205
1206 if (this->subjectKeyID.ptr)
1207 {
1208 written += fprintf(stream, " subjkey: %#B\n", &this->subjectKeyID);
1209 }
1210 if (this->authKeyID.ptr)
1211 {
1212 written += fprintf(stream, " authkey: %#B\n", &this->authKeyID);
1213 }
1214 if (this->authKeySerialNumber.ptr)
1215 {
1216 written += fprintf(stream, " aserial: %#B\n", &this->authKeySerialNumber);
1217 }
1218
1219 written += fprintf(stream, " pubkey: RSA %d bits", BITS_PER_BYTE *
1220 this->public_key->get_keysize(this->public_key));
1221 written += fprintf(stream, ", status %N",
1222 cert_status_names, this->status);
1223
1224 switch (this->status)
1225 {
1226 case CERT_GOOD:
1227 written += fprintf(stream, " until %#T", &this->until, utc);
1228 break;
1229 case CERT_REVOKED:
1230 written += fprintf(stream, " on %#T", &this->until, utc);
1231 break;
1232 case CERT_UNKNOWN:
1233 case CERT_UNDEFINED:
1234 case CERT_UNTRUSTED:
1235 default:
1236 break;
1237 }
1238 return written;
1239 }
1240
1241 /**
1242 * register printf() handlers
1243 */
1244 static void __attribute__ ((constructor))print_register()
1245 {
1246 register_printf_function(PRINTF_X509, print, arginfo_ptr_alt_ptr_int);
1247 }
1248
1249 /**
1250 * Implements x509_t.destroy
1251 */
1252 static void destroy(private_x509_t *this)
1253 {
1254 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1255 offsetof(identification_t, destroy));
1256 this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
1257 offsetof(identification_t, destroy));
1258 this->ocspAccessLocations->destroy_offset(this->ocspAccessLocations,
1259 offsetof(identification_t, destroy));
1260 DESTROY_IF(this->issuer);
1261 DESTROY_IF(this->subject);
1262 DESTROY_IF(this->public_key);
1263 free(this->subjectKeyID.ptr);
1264 free(this->certificate.ptr);
1265 free(this);
1266 }
1267
1268 /*
1269 * Described in header.
1270 */
1271 x509_t *x509_create_from_chunk(chunk_t chunk, u_int level)
1272 {
1273 private_x509_t *this = malloc_thing(private_x509_t);
1274
1275 /* initialize */
1276 this->subjectPublicKey = chunk_empty;
1277 this->public_key = NULL;
1278 this->subject = NULL;
1279 this->issuer = NULL;
1280 this->subjectAltNames = linked_list_create();
1281 this->crlDistributionPoints = linked_list_create();
1282 this->ocspAccessLocations = linked_list_create();
1283 this->subjectKeyID = chunk_empty;
1284 this->authKeyID = chunk_empty;
1285 this->authKeySerialNumber = chunk_empty;
1286 this->authority_flags = AUTH_NONE;
1287
1288 /* public functions */
1289 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1290 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1291 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1292 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1293 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1294 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1295 this->public.is_ocsp_signer = (bool (*) (const x509_t*))is_ocsp_signer;
1296 this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
1297 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1298 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1299 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1300 this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
1301 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1302 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1303 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1304 this->public.get_until = (time_t (*) (const x509_t*))get_until;
1305 this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
1306 this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
1307 this->public.add_authority_flags = (void (*) (x509_t*,u_int))add_authority_flags;
1308 this->public.get_authority_flags = (u_int (*) (x509_t*))get_authority_flags;
1309 this->public.has_authority_flag = (bool (*) (x509_t*,u_int))has_authority_flag;
1310 this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
1311 this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator;
1312 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1313 this->public.destroy = (void (*) (x509_t*))destroy;
1314
1315 if (!parse_certificate(chunk, level, this))
1316 {
1317 destroy(this);
1318 return NULL;
1319 }
1320
1321 /* extract public key from certificate */
1322 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1323 if (this->public_key == NULL)
1324 {
1325 destroy(this);
1326 return NULL;
1327 }
1328 /* set trusted lifetime of public key to notAfter */
1329 this->status = is_self_signed(this)? CERT_GOOD:CERT_UNDEFINED;
1330 this->until = this->notAfter;
1331 return &this->public;
1332 }
1333
1334 /*
1335 * Described in header.
1336 */
1337 x509_t *x509_create_from_file(const char *filename, const char *label)
1338 {
1339 bool pgp = FALSE;
1340 chunk_t chunk = chunk_empty;
1341 x509_t *cert = NULL;
1342 char cert_label[BUF_LEN];
1343
1344 snprintf(cert_label, BUF_LEN, "%s certificate", label);
1345
1346 if (!pem_asn1_load_file(filename, NULL, cert_label, &chunk, &pgp))
1347 return NULL;
1348
1349 cert = x509_create_from_chunk(chunk, 0);
1350
1351 if (cert == NULL)
1352 free(chunk.ptr);
1353 return cert;
1354 }