added set_ca_info() and get_ca_info() methods
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
10 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
11 * Copyright (C) 2002 Mario Strasser
12 * Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur
13 * Copyright (C) 2006 Martin Willi, Andreas Steffen
14 *
15 * Hochschule fuer Technik Rapperswil
16 *
17 * This program is free software; you can redistribute it and/or modify it
18 * under the terms of the GNU General Public License as published by the
19 * Free Software Foundation; either version 2 of the License, or (at your
20 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
21 *
22 * This program is distributed in the hope that it will be useful, but
23 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
24 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
25 * for more details.
26 */
27
28 #include <gmp.h>
29 #include <sys/stat.h>
30 #include <unistd.h>
31 #include <string.h>
32 #include <stdio.h>
33
34 #include "x509.h"
35 #include "hashers/hasher.h"
36 #include <library.h>
37 #include <debug.h>
38 #include <asn1/oid.h>
39 #include <asn1/asn1.h>
40 #include <asn1/pem.h>
41 #include <utils/linked_list.h>
42 #include <utils/identification.h>
43
44 #define CERT_WARNING_INTERVAL 30 /* days */
45
46 /**
47 * Different kinds of generalNames
48 */
49 typedef enum generalNames_t generalNames_t;
50
51 enum generalNames_t {
52 GN_OTHER_NAME = 0,
53 GN_RFC822_NAME = 1,
54 GN_DNS_NAME = 2,
55 GN_X400_ADDRESS = 3,
56 GN_DIRECTORY_NAME = 4,
57 GN_EDI_PARTY_NAME = 5,
58 GN_URI = 6,
59 GN_IP_ADDRESS = 7,
60 GN_REGISTERED_ID = 8,
61 };
62
63 typedef struct private_x509_t private_x509_t;
64
65 /**
66 * Private data of a x509_t object.
67 */
68 struct private_x509_t {
69 /**
70 * Public interface for this certificate.
71 */
72 x509_t public;
73
74 /**
75 * Time when certificate was installed
76 */
77 time_t installed;
78
79 /**
80 * Time until certificate can be trusted
81 */
82 time_t until;
83
84 /**
85 * Certificate status
86 */
87 cert_status_t status;
88
89 /**
90 * Authority flags
91 */
92 u_int authority_flags;
93
94 /**
95 * X.509 Certificate in DER format
96 */
97 chunk_t certificate;
98
99 /**
100 * X.509 certificate body over which signature is computed
101 */
102 chunk_t tbsCertificate;
103
104 /**
105 * Version of the X.509 certificate
106 */
107 u_int version;
108
109 /**
110 * Serial number of the X.509 certificate
111 */
112 chunk_t serialNumber;
113
114 /**
115 * Signature algorithm
116 */
117 int sigAlg;
118
119 /**
120 * ID representing the certificate issuer
121 */
122 identification_t *issuer;
123
124 /**
125 * link to the info recored of the certificate issuer
126 */
127 ca_info_t *ca_info;
128
129 /**
130 * Start time of certificate validity
131 */
132 time_t notBefore;
133
134 /**
135 * End time of certificate validity
136 */
137 time_t notAfter;
138
139 /**
140 * ID representing the certificate subject
141 */
142 identification_t *subject;
143
144 /**
145 * List of identification_t's representing subjectAltNames
146 */
147 linked_list_t *subjectAltNames;
148
149 /**
150 * List of identification_t's representing crlDistributionPoints
151 */
152 linked_list_t *crlDistributionPoints;
153
154 /**
155 * List of identification_t's representing ocspAccessLocations
156 */
157 linked_list_t *ocspAccessLocations;
158
159 /**
160 * Subject public key
161 */
162 chunk_t subjectPublicKey;
163
164 /**
165 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
166 */
167 rsa_public_key_t *public_key;
168
169 /**
170 * Subject Key Identifier
171 */
172 chunk_t subjectKeyID;
173
174 /**
175 * Authority Key Identifier
176 */
177 chunk_t authKeyID;
178
179 /**
180 * Authority Key Serial Number
181 */
182 chunk_t authKeySerialNumber;
183
184 /**
185 * Indicates if the certificate is self-signed
186 */
187 bool isSelfSigned;
188
189 /**
190 * CA basic constraints flag
191 */
192 bool isCA;
193
194 /**
195 * OCSPSigner extended key usage flag
196 */
197 bool isOcspSigner;
198
199 /**
200 * Signature algorithm (must be identical to sigAlg)
201 */
202 int algorithm;
203
204 /**
205 * Signature
206 */
207 chunk_t signature;
208
209 };
210
211 /**
212 * ASN.1 definition of generalName
213 */
214 static const asn1Object_t generalNameObjects[] = {
215 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
216 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
217 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
218 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
219 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
220 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
221 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
222 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
223 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
224 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
225 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
226 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
227 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
228 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
229 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
230 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
231 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
232 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
233 };
234 #define GN_OBJ_OTHER_NAME 0
235 #define GN_OBJ_RFC822_NAME 2
236 #define GN_OBJ_DNS_NAME 4
237 #define GN_OBJ_X400_ADDRESS 6
238 #define GN_OBJ_DIRECTORY_NAME 8
239 #define GN_OBJ_EDI_PARTY_NAME 10
240 #define GN_OBJ_URI 12
241 #define GN_OBJ_IP_ADDRESS 14
242 #define GN_OBJ_REGISTERED_ID 16
243 #define GN_OBJ_ROOF 18
244
245 /**
246 * ASN.1 definition of otherName
247 */
248 static const asn1Object_t otherNameObjects[] = {
249 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
250 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
251 };
252 #define ON_OBJ_ID_TYPE 0
253 #define ON_OBJ_VALUE 1
254 #define ON_OBJ_ROOF 2
255 /**
256 * ASN.1 definition of a basicConstraints extension
257 */
258 static const asn1Object_t basicConstraintsObjects[] = {
259 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
260 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
261 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
262 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
263 };
264 #define BASIC_CONSTRAINTS_CA 1
265 #define BASIC_CONSTRAINTS_ROOF 4
266
267 /**
268 * ASN.1 definition of a keyIdentifier
269 */
270 static const asn1Object_t keyIdentifierObjects[] = {
271 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
272 };
273
274 /**
275 * ASN.1 definition of a authorityKeyIdentifier extension
276 */
277 static const asn1Object_t authorityKeyIdentifierObjects[] = {
278 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
279 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
280 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
281 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
282 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
283 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
284 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
285 };
286 #define AUTH_KEY_ID_KEY_ID 1
287 #define AUTH_KEY_ID_CERT_ISSUER 3
288 #define AUTH_KEY_ID_CERT_SERIAL 5
289 #define AUTH_KEY_ID_ROOF 7
290
291 /**
292 * ASN.1 definition of a authorityInfoAccess extension
293 */
294 static const asn1Object_t authorityInfoAccessObjects[] = {
295 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
296 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
297 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
298 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
299 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
300 };
301 #define AUTH_INFO_ACCESS_METHOD 2
302 #define AUTH_INFO_ACCESS_LOCATION 3
303 #define AUTH_INFO_ACCESS_ROOF 5
304
305 /**
306 * ASN.1 definition of a extendedKeyUsage extension
307 */
308 static const asn1Object_t extendedKeyUsageObjects[] = {
309 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
310 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
311 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
312 };
313
314 #define EXT_KEY_USAGE_PURPOSE_ID 1
315 #define EXT_KEY_USAGE_ROOF 3
316
317 /**
318 * ASN.1 definition of generalNames
319 */
320 static const asn1Object_t generalNamesObjects[] = {
321 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
322 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
323 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
324 };
325 #define GENERAL_NAMES_GN 1
326 #define GENERAL_NAMES_ROOF 3
327
328
329 /**
330 * ASN.1 definition of crlDistributionPoints
331 */
332 static const asn1Object_t crlDistributionPointsObjects[] = {
333 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
334 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
335 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
336 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
337 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
338 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
339 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
340 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
341 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
342 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
343 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
344 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
345 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
346 };
347 #define CRL_DIST_POINTS_FULLNAME 3
348 #define CRL_DIST_POINTS_ROOF 13
349
350 /**
351 * ASN.1 definition of an X.509v3 x509
352 */
353 static const asn1Object_t certObjects[] = {
354 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
355 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
356 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
357 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
358 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
359 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
360 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
361 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
362 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
363 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
364 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
365 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
366 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
367 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
368 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
369 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
370 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
371 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
372 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
373 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
374 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
375 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
376 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
377 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
378 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
379 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
380 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
381 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
382 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
383 };
384 #define X509_OBJ_CERTIFICATE 0
385 #define X509_OBJ_TBS_CERTIFICATE 1
386 #define X509_OBJ_VERSION 3
387 #define X509_OBJ_SERIAL_NUMBER 4
388 #define X509_OBJ_SIG_ALG 5
389 #define X509_OBJ_ISSUER 6
390 #define X509_OBJ_NOT_BEFORE 8
391 #define X509_OBJ_NOT_AFTER 9
392 #define X509_OBJ_SUBJECT 10
393 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
394 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
395 #define X509_OBJ_RSA_PUBLIC_KEY 14
396 #define X509_OBJ_EXTN_ID 22
397 #define X509_OBJ_CRITICAL 23
398 #define X509_OBJ_EXTN_VALUE 24
399 #define X509_OBJ_ALGORITHM 27
400 #define X509_OBJ_SIGNATURE 28
401 #define X509_OBJ_ROOF 29
402
403
404 static u_char ASN1_subjectAltName_oid_str[] = {
405 0x06, 0x03, 0x55, 0x1D, 0x11
406 };
407
408 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
409
410
411 /**
412 * compare two X.509 x509s by comparing their signatures
413 */
414 static bool equals(const private_x509_t *this, const private_x509_t *other)
415 {
416 return chunk_equals(this->signature, other->signature);
417 }
418
419 /**
420 * extracts the basicConstraints extension
421 */
422 static bool parse_basicConstraints(chunk_t blob, int level0)
423 {
424 asn1_ctx_t ctx;
425 chunk_t object;
426 u_int level;
427 int objectID = 0;
428 bool isCA = FALSE;
429
430 asn1_init(&ctx, blob, level0, FALSE, FALSE);
431
432 while (objectID < BASIC_CONSTRAINTS_ROOF) {
433
434 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
435 {
436 break;
437 }
438 if (objectID == BASIC_CONSTRAINTS_CA)
439 {
440 isCA = object.len && *object.ptr;
441 DBG2(" %s", isCA ? "TRUE" : "FALSE");
442 }
443 objectID++;
444 }
445 return isCA;
446 }
447
448 /*
449 * extracts an otherName
450 */
451 static bool
452 parse_otherName(chunk_t blob, int level0)
453 {
454 asn1_ctx_t ctx;
455 chunk_t object;
456 int objectID = 0;
457 u_int level;
458 int oid = OID_UNKNOWN;
459
460 asn1_init(&ctx, blob, level0, FALSE, FALSE);
461
462 while (objectID < ON_OBJ_ROOF)
463 {
464 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
465 return FALSE;
466
467 switch (objectID)
468 {
469 case ON_OBJ_ID_TYPE:
470 oid = known_oid(object);
471 break;
472 case ON_OBJ_VALUE:
473 if (oid == OID_XMPP_ADDR)
474 {
475 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
476 return FALSE;
477 }
478 break;
479 default:
480 break;
481 }
482 objectID++;
483 }
484 return TRUE;
485 }
486
487 /*
488 * extracts a generalName
489 */
490 static identification_t *parse_generalName(chunk_t blob, int level0)
491 {
492 asn1_ctx_t ctx;
493 chunk_t object;
494 int objectID = 0;
495 u_int level;
496
497 asn1_init(&ctx, blob, level0, FALSE, FALSE);
498
499 while (objectID < GN_OBJ_ROOF)
500 {
501 id_type_t id_type = ID_ANY;
502
503 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
504 return NULL;
505
506 switch (objectID)
507 {
508 case GN_OBJ_RFC822_NAME:
509 id_type = ID_RFC822_ADDR;
510 break;
511 case GN_OBJ_DNS_NAME:
512 id_type = ID_FQDN;
513 break;
514 case GN_OBJ_URI:
515 id_type = ID_DER_ASN1_GN_URI;
516 break;
517 case GN_OBJ_DIRECTORY_NAME:
518 id_type = ID_DER_ASN1_DN;
519 break;
520 case GN_OBJ_IP_ADDRESS:
521 id_type = ID_IPV4_ADDR;
522 break;
523 case GN_OBJ_OTHER_NAME:
524 if (!parse_otherName(object, level + 1))
525 return NULL;
526 break;
527 case GN_OBJ_X400_ADDRESS:
528 case GN_OBJ_EDI_PARTY_NAME:
529 case GN_OBJ_REGISTERED_ID:
530 break;
531 default:
532 break;
533 }
534
535 if (id_type != ID_ANY)
536 {
537 identification_t *gn = identification_create_from_encoding(id_type, object);
538 DBG2(" '%D'", gn);
539 return gn;
540 }
541 objectID++;
542 }
543 return NULL;
544 }
545
546
547 /**
548 * extracts one or several GNs and puts them into a chained list
549 */
550 void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
551 {
552 asn1_ctx_t ctx;
553 chunk_t object;
554 u_int level;
555 int objectID = 0;
556
557 asn1_init(&ctx, blob, level0, implicit, FALSE);
558
559 while (objectID < GENERAL_NAMES_ROOF)
560 {
561 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
562 return;
563
564 if (objectID == GENERAL_NAMES_GN)
565 {
566 identification_t *gn = parse_generalName(object, level+1);
567
568 if (gn != NULL)
569 list->insert_last(list, (void *)gn);
570 }
571 objectID++;
572 }
573 return;
574 }
575
576 /**
577 * extracts a keyIdentifier
578 */
579 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
580 {
581 asn1_ctx_t ctx;
582 chunk_t object;
583 u_int level;
584 int objectID = 0;
585
586 asn1_init(&ctx, blob, level0, implicit, FALSE);
587
588 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
589 return object;
590 }
591
592 /**
593 * extracts an authoritykeyIdentifier
594 */
595 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
596 {
597 asn1_ctx_t ctx;
598 chunk_t object;
599 u_int level;
600 int objectID = 0;
601
602 *authKeyID = chunk_empty;
603 *authKeySerialNumber = chunk_empty;
604
605 asn1_init(&ctx, blob, level0, FALSE, FALSE);
606
607 while (objectID < AUTH_KEY_ID_ROOF)
608 {
609 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
610 {
611 return;
612 }
613 switch (objectID)
614 {
615 case AUTH_KEY_ID_KEY_ID:
616 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
617 break;
618 case AUTH_KEY_ID_CERT_ISSUER:
619 {
620 /* TODO: parse_generalNames(object, level+1, TRUE); */
621 break;
622 }
623 case AUTH_KEY_ID_CERT_SERIAL:
624 *authKeySerialNumber = object;
625 break;
626 default:
627 break;
628 }
629 objectID++;
630 }
631 }
632
633 /**
634 * extracts an authorityInfoAcess location
635 */
636 static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *list)
637 {
638 asn1_ctx_t ctx;
639 chunk_t object;
640 u_int level;
641 int objectID = 0;
642
643 u_int accessMethod = OID_UNKNOWN;
644
645 asn1_init(&ctx, blob, level0, FALSE, FALSE);
646 while (objectID < AUTH_INFO_ACCESS_ROOF)
647 {
648 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
649 {
650 return;
651 }
652 switch (objectID)
653 {
654 case AUTH_INFO_ACCESS_METHOD:
655 accessMethod = known_oid(object);
656 break;
657 case AUTH_INFO_ACCESS_LOCATION:
658 {
659 switch (accessMethod)
660 {
661 case OID_OCSP:
662 if (*object.ptr == ASN1_CONTEXT_S_6)
663 {
664 identification_t *accessLocation;
665
666 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
667 return;
668 DBG2(" '%.*s'",(int)object.len, object.ptr);
669 accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object);
670 list->insert_last(list, (void *)accessLocation);
671 }
672 break;
673 default:
674 /* unkown accessMethod, ignoring */
675 break;
676 }
677 break;
678 }
679 default:
680 break;
681 }
682 objectID++;
683 }
684 }
685
686 /**
687 * extracts extendedKeyUsage OIDs
688 */
689 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
690 {
691 asn1_ctx_t ctx;
692 chunk_t object;
693 u_int level;
694 int objectID = 0;
695
696 asn1_init(&ctx, blob, level0, FALSE, FALSE);
697 while (objectID < EXT_KEY_USAGE_ROOF)
698 {
699 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
700 {
701 return FALSE;
702 }
703 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
704 known_oid(object) == OID_OCSP_SIGNING)
705 {
706 return TRUE;
707 }
708 objectID++;
709 }
710 return FALSE;
711 }
712
713 /**
714 * extracts one or several crlDistributionPoints and puts them into
715 * a chained list
716 */
717 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
718 {
719 asn1_ctx_t ctx;
720 chunk_t object;
721 u_int level;
722 int objectID = 0;
723
724 asn1_init(&ctx, blob, level0, FALSE, FALSE);
725 while (objectID < CRL_DIST_POINTS_ROOF)
726 {
727 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
728 {
729 return;
730 }
731 if (objectID == CRL_DIST_POINTS_FULLNAME)
732 {
733 /* append extracted generalNames to existing chained list */
734 parse_generalNames(object, level+1, TRUE, list);
735
736 }
737 objectID++;
738 }
739 }
740
741
742 /**
743 * Parses an X.509v3 certificate
744 */
745 static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this)
746 {
747 asn1_ctx_t ctx;
748 bool critical;
749 chunk_t object;
750 u_int level;
751 u_int extn_oid = OID_UNKNOWN;
752 int objectID = 0;
753
754 asn1_init(&ctx, blob, level0, FALSE, FALSE);
755 while (objectID < X509_OBJ_ROOF)
756 {
757 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
758 {
759 return FALSE;
760 }
761
762 /* those objects which will parsed further need the next higher level */
763 level++;
764
765 switch (objectID)
766 {
767 case X509_OBJ_CERTIFICATE:
768 this->certificate = object;
769 break;
770 case X509_OBJ_TBS_CERTIFICATE:
771 this->tbsCertificate = object;
772 break;
773 case X509_OBJ_VERSION:
774 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
775 DBG2(" v%d", this->version);
776 break;
777 case X509_OBJ_SERIAL_NUMBER:
778 this->serialNumber = object;
779 break;
780 case X509_OBJ_SIG_ALG:
781 this->sigAlg = parse_algorithmIdentifier(object, level, NULL);
782 break;
783 case X509_OBJ_ISSUER:
784 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
785 DBG2(" '%D'", this->issuer);
786 break;
787 case X509_OBJ_NOT_BEFORE:
788 this->notBefore = parse_time(object, level);
789 break;
790 case X509_OBJ_NOT_AFTER:
791 this->notAfter = parse_time(object, level);
792 break;
793 case X509_OBJ_SUBJECT:
794 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
795 DBG2(" '%D'", this->subject);
796 break;
797 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
798 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
799 {
800 DBG2(" unsupported public key algorithm");
801 return FALSE;
802 }
803 break;
804 case X509_OBJ_SUBJECT_PUBLIC_KEY:
805 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
806 {
807 /* skip initial bit string octet defining 0 unused bits */
808 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
809 }
810 else
811 {
812 DBG2(" invalid RSA public key format");
813 return FALSE;
814 }
815 break;
816 case X509_OBJ_RSA_PUBLIC_KEY:
817 this->subjectPublicKey = object;
818 break;
819 case X509_OBJ_EXTN_ID:
820 extn_oid = known_oid(object);
821 break;
822 case X509_OBJ_CRITICAL:
823 critical = object.len && *object.ptr;
824 DBG2(" %s", critical ? "TRUE" : "FALSE");
825 break;
826 case X509_OBJ_EXTN_VALUE:
827 {
828 switch (extn_oid)
829 {
830 case OID_SUBJECT_KEY_ID:
831 this->subjectKeyID = chunk_clone(parse_keyIdentifier(object, level, FALSE));
832 break;
833 case OID_SUBJECT_ALT_NAME:
834 parse_generalNames(object, level, FALSE, this->subjectAltNames);
835 break;
836 case OID_BASIC_CONSTRAINTS:
837 this->isCA = parse_basicConstraints(object, level);
838 break;
839 case OID_CRL_DISTRIBUTION_POINTS:
840 parse_crlDistributionPoints(object, level, this->crlDistributionPoints);
841 break;
842 case OID_AUTHORITY_KEY_ID:
843 parse_authorityKeyIdentifier(object, level , &this->authKeyID, &this->authKeySerialNumber);
844 break;
845 case OID_AUTHORITY_INFO_ACCESS:
846 parse_authorityInfoAccess(object, level, this->ocspAccessLocations);
847 break;
848 case OID_EXTENDED_KEY_USAGE:
849 this->isOcspSigner = parse_extendedKeyUsage(object, level);
850 break;
851 case OID_NS_REVOCATION_URL:
852 case OID_NS_CA_REVOCATION_URL:
853 case OID_NS_CA_POLICY_URL:
854 case OID_NS_COMMENT:
855 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
856 return FALSE;
857 break;
858 default:
859 break;
860 }
861 break;
862 }
863 case X509_OBJ_ALGORITHM:
864 this->algorithm = parse_algorithmIdentifier(object, level, NULL);
865 break;
866 case X509_OBJ_SIGNATURE:
867 this->signature = object;
868 break;
869 default:
870 break;
871 }
872 objectID++;
873 }
874
875 /* generate the subjectKeyID if it is missing in the certificate */
876 if (this->subjectKeyID.ptr == NULL)
877 {
878 hasher_t *hasher = hasher_create(HASH_SHA1);
879
880 hasher->allocate_hash(hasher, this->subjectPublicKey, &this->subjectKeyID);
881 hasher->destroy(hasher);
882 }
883
884 this->installed = time(NULL);
885 return TRUE;
886 }
887
888 /**
889 * Implements x509_t.is_valid
890 */
891 static err_t is_valid(const private_x509_t *this, time_t *until)
892 {
893 time_t current_time = time(NULL);
894
895 DBG2(" not before : %T", &this->notBefore);
896 DBG2(" current time: %T", &current_time);
897 DBG2(" not after : %T", &this->notAfter);
898
899 if (until != NULL &&
900 (*until == UNDEFINED_TIME || this->notAfter < *until))
901 {
902 *until = this->notAfter;
903 }
904 if (current_time < this->notBefore)
905 {
906 return "is not valid yet";
907 }
908 if (current_time > this->notAfter)
909 {
910 return "has expired";
911 }
912 DBG2(" certificate is valid");
913 return NULL;
914 }
915
916 /**
917 * Implements x509_t.is_ca
918 */
919 static bool is_ca(const private_x509_t *this)
920 {
921 return this->isCA;
922 }
923
924 /**
925 * Implements x509_t.is_ocsp_signer
926 */
927 static bool is_ocsp_signer(const private_x509_t *this)
928 {
929 return this->isOcspSigner;
930 }
931
932 /**
933 * Implements x509_t.is_self_signed
934 */
935 static bool is_self_signed(const private_x509_t *this)
936 {
937 return this->isSelfSigned;
938 }
939
940 /**
941 * Implements x509_t.equals_subjectAltName
942 */
943 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
944 {
945 bool found = FALSE;
946 identification_t *subjectAltName;
947 iterator_t *iterator;
948
949 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
950 while (iterator->iterate(iterator, (void**)&subjectAltName))
951 {
952 if (id->equals(id, subjectAltName))
953 {
954 found = TRUE;
955 break;
956 }
957 }
958 iterator->destroy(iterator);
959 return found;
960 }
961
962 /**
963 * Implements x509_t.is_issuer
964 */
965 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
966 {
967 return (this->authKeyID.ptr)
968 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
969 : (this->issuer->equals(this->issuer, issuer->subject)
970 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
971 }
972
973 /**
974 * Implements x509_t.get_certificate
975 */
976 static chunk_t get_certificate(const private_x509_t *this)
977 {
978 return this->certificate;
979 }
980
981 /**
982 * Implements x509_t.get_public_key
983 */
984 static rsa_public_key_t *get_public_key(const private_x509_t *this)
985 {
986 return this->public_key;
987 }
988
989 /**
990 * Implements x509_t.get_serialNumber
991 */
992 static chunk_t get_serialNumber(const private_x509_t *this)
993 {
994 return this->serialNumber;
995 }
996
997 /**
998 * Implements x509_t.get_subjectKeyID
999 */
1000 static chunk_t get_subjectKeyID(const private_x509_t *this)
1001 {
1002 return this->subjectKeyID;
1003 }
1004
1005 /**
1006 * Implements x509_t.get_keyid
1007 */
1008 static chunk_t get_keyid(const private_x509_t *this)
1009 {
1010 return this->public_key->get_keyid(this->public_key);
1011 }
1012
1013 /**
1014 * Implements x509_t.get_issuer
1015 */
1016 static identification_t *get_issuer(const private_x509_t *this)
1017 {
1018 return this->issuer;
1019 }
1020
1021 /**
1022 * Implements x509_t.get_subject
1023 */
1024 static identification_t *get_subject(const private_x509_t *this)
1025 {
1026 return this->subject;
1027 }
1028
1029 /**
1030 * Implements x509_t.set_ca_info
1031 */
1032 static void set_ca_info(private_x509_t *this, ca_info_t *ca_info)
1033 {
1034 this->ca_info = ca_info;
1035 }
1036
1037 /**
1038 * Implements x509_t.get_ca_info
1039 */
1040 static ca_info_t *get_ca_info(const private_x509_t *this)
1041 {
1042 return this->ca_info;
1043 }
1044
1045 /**
1046 * Implements x509_t.set_until
1047 */
1048 static void set_until(private_x509_t *this, time_t until)
1049 {
1050 this->until = until;
1051 }
1052
1053 /**
1054 * Implements x509_t.get_until
1055 */
1056 static time_t get_until(const private_x509_t *this)
1057 {
1058 return this->until;
1059 }
1060
1061 /**
1062 * Implements x509_t.set_status
1063 */
1064 static void set_status(private_x509_t *this, cert_status_t status)
1065 {
1066 this->status = status;
1067 }
1068
1069 /**
1070 * Implements x509_t.get_status
1071 */
1072 static cert_status_t get_status(const private_x509_t *this)
1073 {
1074 return this->status;
1075 }
1076
1077 /**
1078 * Implements x509_t.add_authority_flags
1079 */
1080 static void add_authority_flags(private_x509_t *this, u_int flags)
1081 {
1082 this->authority_flags |= flags;
1083 }
1084
1085 /**
1086 * Implements x509_t.add_authority_flags
1087 */
1088 static u_int get_authority_flags(private_x509_t *this)
1089 {
1090 return this->authority_flags;
1091 }
1092
1093 /**
1094 * Implements x509_t.has_authority_flag
1095 */
1096 static bool has_authority_flag(private_x509_t *this, u_int flags)
1097 {
1098 return (this->authority_flags & flags) != AUTH_NONE;
1099 }
1100
1101 /**
1102 * Implements x509_t.create_crluri_iterator
1103 */
1104 static iterator_t *create_crluri_iterator(const private_x509_t *this)
1105 {
1106 return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
1107 }
1108
1109 /**
1110 * Implements x509_t.create_crluri_iterator
1111 */
1112 static iterator_t *create_ocspuri_iterator(const private_x509_t *this)
1113 {
1114 return this->ocspAccessLocations->create_iterator(this->ocspAccessLocations, TRUE);
1115 }
1116
1117 /**
1118 * Implements x509_t.verify
1119 */
1120 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1121 {
1122 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
1123 }
1124
1125 /**
1126 * Implementation of x509_t.list.
1127 */
1128 static void list(private_x509_t *this, FILE *out, bool utc)
1129 {
1130 iterator_t *iterator;
1131 time_t now = time(NULL);
1132
1133 fprintf(out, "%#T\n", &this->installed, utc);
1134
1135 if (this->subjectAltNames->get_count(this->subjectAltNames))
1136 {
1137 identification_t *subjectAltName;
1138 bool first = TRUE;
1139
1140 fprintf(out, " altNames: ");
1141 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
1142 while (iterator->iterate(iterator, (void**)&subjectAltName))
1143 {
1144 if (first)
1145 {
1146 first = FALSE;
1147 }
1148 else
1149 {
1150 fprintf(out, ", ");
1151 }
1152 fprintf(out, "'%D'", subjectAltName);
1153 }
1154 iterator->destroy(iterator);
1155 fprintf(out, "\n");
1156 }
1157 fprintf(out, " subject: '%D'\n", this->subject);
1158 fprintf(out, " issuer: '%D'\n", this->issuer);
1159 fprintf(out, " serial: %#B\n", &this->serialNumber);
1160 fprintf(out, " validity: not before %#T, ", &this->notBefore, utc);
1161 if (now < this->notBefore)
1162 {
1163 fprintf(out, "not valid yet (valid in %V)\n", &now, &this->notBefore);
1164 }
1165 else
1166 {
1167 fprintf(out, "ok\n");
1168 }
1169
1170 fprintf(out, " not after %#T, ", &this->notAfter, utc);
1171 if (now > this->notAfter)
1172 {
1173 fprintf(out, "expired (%V ago)\n", &now, &this->notAfter);
1174 }
1175 else
1176 {
1177 fprintf(out, "ok");
1178 if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
1179 {
1180 fprintf(out, " (expires in %V)", &now, &this->notAfter);
1181 }
1182 fprintf(out, " \n");
1183 }
1184
1185 {
1186 chunk_t keyid = this->public_key->get_keyid(this->public_key);
1187 fprintf(out, " keyid: %#B\n", &keyid);
1188 }
1189
1190 if (this->subjectKeyID.ptr)
1191 {
1192 fprintf(out, " subjkey: %#B\n", &this->subjectKeyID);
1193 }
1194 if (this->authKeyID.ptr)
1195 {
1196 fprintf(out, " authkey: %#B\n", &this->authKeyID);
1197 }
1198 if (this->authKeySerialNumber.ptr)
1199 {
1200 fprintf(out, " aserial: %#B\n", &this->authKeySerialNumber);
1201 }
1202
1203 fprintf(out, " pubkey: RSA %d bits", BITS_PER_BYTE *
1204 this->public_key->get_keysize(this->public_key));
1205 fprintf(out, ", status %N",
1206 cert_status_names, this->status);
1207
1208 switch (this->status)
1209 {
1210 case CERT_GOOD:
1211 fprintf(out, " until %#T", &this->until, utc);
1212 break;
1213 case CERT_REVOKED:
1214 fprintf(out, " on %#T", &this->until, utc);
1215 break;
1216 case CERT_UNKNOWN:
1217 case CERT_UNDEFINED:
1218 case CERT_UNTRUSTED:
1219 default:
1220 break;
1221 }
1222 }
1223
1224 /**
1225 * Implements x509_t.destroy
1226 */
1227 static void destroy(private_x509_t *this)
1228 {
1229 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1230 offsetof(identification_t, destroy));
1231 this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
1232 offsetof(identification_t, destroy));
1233 this->ocspAccessLocations->destroy_offset(this->ocspAccessLocations,
1234 offsetof(identification_t, destroy));
1235 DESTROY_IF(this->issuer);
1236 DESTROY_IF(this->subject);
1237 DESTROY_IF(this->public_key);
1238 free(this->subjectKeyID.ptr);
1239 free(this->certificate.ptr);
1240 free(this);
1241 }
1242
1243 /*
1244 * Described in header.
1245 */
1246 x509_t *x509_create_from_chunk(chunk_t chunk, u_int level)
1247 {
1248 private_x509_t *this = malloc_thing(private_x509_t);
1249
1250 /* initialize */
1251 this->subjectPublicKey = chunk_empty;
1252 this->public_key = NULL;
1253 this->subject = NULL;
1254 this->issuer = NULL;
1255 this->ca_info = NULL;
1256 this->subjectAltNames = linked_list_create();
1257 this->crlDistributionPoints = linked_list_create();
1258 this->ocspAccessLocations = linked_list_create();
1259 this->subjectKeyID = chunk_empty;
1260 this->authKeyID = chunk_empty;
1261 this->authKeySerialNumber = chunk_empty;
1262 this->authority_flags = AUTH_NONE;
1263 this->isCA = FALSE;
1264 this->isOcspSigner = FALSE;
1265
1266 /* public functions */
1267 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1268 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1269 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1270 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1271 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1272 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1273 this->public.is_ocsp_signer = (bool (*) (const x509_t*))is_ocsp_signer;
1274 this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
1275 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1276 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1277 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1278 this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
1279 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1280 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1281 this->public.set_ca_info = (void (*) (x509_t*,ca_info_t*))set_ca_info;
1282 this->public.get_ca_info = (ca_info_t* (*) (const x509_t*))get_ca_info;
1283 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1284 this->public.get_until = (time_t (*) (const x509_t*))get_until;
1285 this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
1286 this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
1287 this->public.add_authority_flags = (void (*) (x509_t*,u_int))add_authority_flags;
1288 this->public.get_authority_flags = (u_int (*) (x509_t*))get_authority_flags;
1289 this->public.has_authority_flag = (bool (*) (x509_t*,u_int))has_authority_flag;
1290 this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
1291 this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator;
1292 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1293 this->public.list = (void(*)(x509_t*, FILE *out, bool utc))list;
1294 this->public.destroy = (void (*) (x509_t*))destroy;
1295
1296 if (!parse_certificate(chunk, level, this))
1297 {
1298 destroy(this);
1299 return NULL;
1300 }
1301
1302 /* extract public key from certificate */
1303 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1304 if (this->public_key == NULL)
1305 {
1306 destroy(this);
1307 return NULL;
1308 }
1309
1310 /* set trusted lifetime of public key to notAfter */
1311 this->until = this->notAfter;
1312
1313 /* check if the certificate is self-signed */
1314 this->isSelfSigned = FALSE;
1315 if (this->subject->equals(this->subject, this->issuer))
1316 {
1317 this->isSelfSigned = this->public_key->verify_emsa_pkcs1_signature(this->public_key,
1318 this->tbsCertificate, this->signature) == SUCCESS;
1319 }
1320 if (this->isSelfSigned)
1321 {
1322 DBG2(" certificate is self-signed");
1323 this->status = CERT_GOOD;
1324 }
1325 else
1326 {
1327 this->status = CERT_UNDEFINED;
1328 }
1329
1330 return &this->public;
1331 }
1332
1333 /*
1334 * Described in header.
1335 */
1336 x509_t *x509_create_from_file(const char *filename, const char *label)
1337 {
1338 bool pgp = FALSE;
1339 chunk_t chunk = chunk_empty;
1340 char cert_label[BUF_LEN];
1341
1342 snprintf(cert_label, BUF_LEN, "%s certificate", label);
1343
1344 if (!pem_asn1_load_file(filename, NULL, cert_label, &chunk, &pgp))
1345 {
1346 return NULL;
1347 }
1348 return x509_create_from_chunk(chunk, 0);
1349 }