replace cert by this in parse_certificate()
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
10 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
11 * Copyright (C) 2002 Mario Strasser
12 * Copyright (C) 2000-2004 Andreas Steffen, Zuercher Hochschule Winterthur
13 * Copyright (C) 2006 Martin Willi, Andreas Steffen
14 *
15 * Hochschule fuer Technik Rapperswil
16 *
17 * This program is free software; you can redistribute it and/or modify it
18 * under the terms of the GNU General Public License as published by the
19 * Free Software Foundation; either version 2 of the License, or (at your
20 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
21 *
22 * This program is distributed in the hope that it will be useful, but
23 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
24 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
25 * for more details.
26 */
27
28 #include <gmp.h>
29 #include <sys/stat.h>
30 #include <unistd.h>
31 #include <string.h>
32 #include <stdio.h>
33
34 #include "x509.h"
35 #include "hashers/hasher.h"
36 #include <library.h>
37 #include <debug.h>
38 #include <asn1/oid.h>
39 #include <asn1/asn1.h>
40 #include <asn1/pem.h>
41 #include <utils/linked_list.h>
42 #include <utils/identification.h>
43
44 #define CERT_WARNING_INTERVAL 30 /* days */
45
46 /**
47 * Different kinds of generalNames
48 */
49 typedef enum generalNames_t generalNames_t;
50
51 enum generalNames_t {
52 GN_OTHER_NAME = 0,
53 GN_RFC822_NAME = 1,
54 GN_DNS_NAME = 2,
55 GN_X400_ADDRESS = 3,
56 GN_DIRECTORY_NAME = 4,
57 GN_EDI_PARTY_NAME = 5,
58 GN_URI = 6,
59 GN_IP_ADDRESS = 7,
60 GN_REGISTERED_ID = 8,
61 };
62
63 typedef struct private_x509_t private_x509_t;
64
65 /**
66 * Private data of a x509_t object.
67 */
68 struct private_x509_t {
69 /**
70 * Public interface for this certificate.
71 */
72 x509_t public;
73
74 /**
75 * Time when certificate was installed
76 */
77 time_t installed;
78
79 /**
80 * Time until certificate can be trusted
81 */
82 time_t until;
83
84 /**
85 * Certificate status
86 */
87 cert_status_t status;
88
89 /**
90 * Authority flags
91 */
92 u_int authority_flags;
93
94 /**
95 * X.509 Certificate in DER format
96 */
97 chunk_t certificate;
98
99 /**
100 * X.509 certificate body over which signature is computed
101 */
102 chunk_t tbsCertificate;
103
104 /**
105 * Version of the X.509 certificate
106 */
107 u_int version;
108
109 /**
110 * Serial number of the X.509 certificate
111 */
112 chunk_t serialNumber;
113
114 /**
115 * Signature algorithm
116 */
117 int sigAlg;
118
119 /**
120 * ID representing the certificate issuer
121 */
122 identification_t *issuer;
123
124 /**
125 * Start time of certificate validity
126 */
127 time_t notBefore;
128
129 /**
130 * End time of certificate validity
131 */
132 time_t notAfter;
133
134 /**
135 * ID representing the certificate subject
136 */
137 identification_t *subject;
138
139 /**
140 * List of identification_t's representing subjectAltNames
141 */
142 linked_list_t *subjectAltNames;
143
144 /**
145 * List of identification_t's representing crlDistributionPoints
146 */
147 linked_list_t *crlDistributionPoints;
148
149 /**
150 * List of identification_t's representing ocspAccessLocations
151 */
152 linked_list_t *ocspAccessLocations;
153
154 /**
155 * Subject public key
156 */
157 chunk_t subjectPublicKey;
158
159 /**
160 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
161 */
162 rsa_public_key_t *public_key;
163
164 /**
165 * Subject Key Identifier
166 */
167 chunk_t subjectKeyID;
168
169 /**
170 * Authority Key Identifier
171 */
172 chunk_t authKeyID;
173
174 /**
175 * Authority Key Serial Number
176 */
177 chunk_t authKeySerialNumber;
178
179 /**
180 * CA basic constraints flag
181 */
182 bool isCA;
183
184 /**
185 * OCSPSigner extended key usage flag
186 */
187 bool isOcspSigner;
188
189 /**
190 * Signature algorithm (must be identical to sigAlg)
191 */
192 int algorithm;
193
194 /**
195 * Signature
196 */
197 chunk_t signature;
198
199 };
200
201 /**
202 * ASN.1 definition of generalName
203 */
204 static const asn1Object_t generalNameObjects[] = {
205 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
206 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
207 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
208 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
209 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
210 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
211 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
212 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
213 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
214 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
215 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
216 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
217 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
218 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
219 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
220 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
221 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
222 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
223 };
224 #define GN_OBJ_OTHER_NAME 0
225 #define GN_OBJ_RFC822_NAME 2
226 #define GN_OBJ_DNS_NAME 4
227 #define GN_OBJ_X400_ADDRESS 6
228 #define GN_OBJ_DIRECTORY_NAME 8
229 #define GN_OBJ_EDI_PARTY_NAME 10
230 #define GN_OBJ_URI 12
231 #define GN_OBJ_IP_ADDRESS 14
232 #define GN_OBJ_REGISTERED_ID 16
233 #define GN_OBJ_ROOF 18
234
235 /**
236 * ASN.1 definition of otherName
237 */
238 static const asn1Object_t otherNameObjects[] = {
239 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
240 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
241 };
242 #define ON_OBJ_ID_TYPE 0
243 #define ON_OBJ_VALUE 1
244 #define ON_OBJ_ROOF 2
245 /**
246 * ASN.1 definition of a basicConstraints extension
247 */
248 static const asn1Object_t basicConstraintsObjects[] = {
249 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
250 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
251 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
252 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
253 };
254 #define BASIC_CONSTRAINTS_CA 1
255 #define BASIC_CONSTRAINTS_ROOF 4
256
257 /**
258 * ASN.1 definition of a keyIdentifier
259 */
260 static const asn1Object_t keyIdentifierObjects[] = {
261 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
262 };
263
264 /**
265 * ASN.1 definition of a authorityKeyIdentifier extension
266 */
267 static const asn1Object_t authorityKeyIdentifierObjects[] = {
268 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
269 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
270 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
271 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
272 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
273 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
274 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
275 };
276 #define AUTH_KEY_ID_KEY_ID 1
277 #define AUTH_KEY_ID_CERT_ISSUER 3
278 #define AUTH_KEY_ID_CERT_SERIAL 5
279 #define AUTH_KEY_ID_ROOF 7
280
281 /**
282 * ASN.1 definition of a authorityInfoAccess extension
283 */
284 static const asn1Object_t authorityInfoAccessObjects[] = {
285 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
286 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
287 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
288 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
289 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
290 };
291 #define AUTH_INFO_ACCESS_METHOD 2
292 #define AUTH_INFO_ACCESS_LOCATION 3
293 #define AUTH_INFO_ACCESS_ROOF 5
294
295 /**
296 * ASN.1 definition of a extendedKeyUsage extension
297 */
298 static const asn1Object_t extendedKeyUsageObjects[] = {
299 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
300 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
301 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
302 };
303
304 #define EXT_KEY_USAGE_PURPOSE_ID 1
305 #define EXT_KEY_USAGE_ROOF 3
306
307 /**
308 * ASN.1 definition of generalNames
309 */
310 static const asn1Object_t generalNamesObjects[] = {
311 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
312 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
313 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
314 };
315 #define GENERAL_NAMES_GN 1
316 #define GENERAL_NAMES_ROOF 3
317
318
319 /**
320 * ASN.1 definition of crlDistributionPoints
321 */
322 static const asn1Object_t crlDistributionPointsObjects[] = {
323 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
324 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
325 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
326 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
327 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
328 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
329 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
330 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
331 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
332 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
333 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
334 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
335 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
336 };
337 #define CRL_DIST_POINTS_FULLNAME 3
338 #define CRL_DIST_POINTS_ROOF 13
339
340 /**
341 * ASN.1 definition of an X.509v3 x509
342 */
343 static const asn1Object_t certObjects[] = {
344 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
345 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
346 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
347 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
348 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
349 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
350 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
351 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
352 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
353 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
354 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
355 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
356 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
357 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
358 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
359 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
360 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
361 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
362 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
363 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
364 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
365 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
366 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
367 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
368 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
369 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
370 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
371 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
372 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
373 };
374 #define X509_OBJ_CERTIFICATE 0
375 #define X509_OBJ_TBS_CERTIFICATE 1
376 #define X509_OBJ_VERSION 3
377 #define X509_OBJ_SERIAL_NUMBER 4
378 #define X509_OBJ_SIG_ALG 5
379 #define X509_OBJ_ISSUER 6
380 #define X509_OBJ_NOT_BEFORE 8
381 #define X509_OBJ_NOT_AFTER 9
382 #define X509_OBJ_SUBJECT 10
383 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
384 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
385 #define X509_OBJ_RSA_PUBLIC_KEY 14
386 #define X509_OBJ_EXTN_ID 22
387 #define X509_OBJ_CRITICAL 23
388 #define X509_OBJ_EXTN_VALUE 24
389 #define X509_OBJ_ALGORITHM 27
390 #define X509_OBJ_SIGNATURE 28
391 #define X509_OBJ_ROOF 29
392
393
394 static u_char ASN1_subjectAltName_oid_str[] = {
395 0x06, 0x03, 0x55, 0x1D, 0x11
396 };
397
398 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
399
400
401 /**
402 * compare two X.509 x509s by comparing their signatures
403 */
404 static bool equals(const private_x509_t *this, const private_x509_t *other)
405 {
406 return chunk_equals(this->signature, other->signature);
407 }
408
409 /**
410 * extracts the basicConstraints extension
411 */
412 static bool parse_basicConstraints(chunk_t blob, int level0)
413 {
414 asn1_ctx_t ctx;
415 chunk_t object;
416 u_int level;
417 int objectID = 0;
418 bool isCA = FALSE;
419
420 asn1_init(&ctx, blob, level0, FALSE, FALSE);
421
422 while (objectID < BASIC_CONSTRAINTS_ROOF) {
423
424 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
425 {
426 break;
427 }
428 if (objectID == BASIC_CONSTRAINTS_CA)
429 {
430 isCA = object.len && *object.ptr;
431 DBG2(" %s", isCA ? "TRUE" : "FALSE");
432 }
433 objectID++;
434 }
435 return isCA;
436 }
437
438 /*
439 * extracts an otherName
440 */
441 static bool
442 parse_otherName(chunk_t blob, int level0)
443 {
444 asn1_ctx_t ctx;
445 chunk_t object;
446 int objectID = 0;
447 u_int level;
448 int oid = OID_UNKNOWN;
449
450 asn1_init(&ctx, blob, level0, FALSE, FALSE);
451
452 while (objectID < ON_OBJ_ROOF)
453 {
454 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
455 return FALSE;
456
457 switch (objectID)
458 {
459 case ON_OBJ_ID_TYPE:
460 oid = known_oid(object);
461 break;
462 case ON_OBJ_VALUE:
463 if (oid == OID_XMPP_ADDR)
464 {
465 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
466 return FALSE;
467 }
468 break;
469 default:
470 break;
471 }
472 objectID++;
473 }
474 return TRUE;
475 }
476
477 /*
478 * extracts a generalName
479 */
480 static identification_t *parse_generalName(chunk_t blob, int level0)
481 {
482 asn1_ctx_t ctx;
483 chunk_t object;
484 int objectID = 0;
485 u_int level;
486
487 asn1_init(&ctx, blob, level0, FALSE, FALSE);
488
489 while (objectID < GN_OBJ_ROOF)
490 {
491 id_type_t id_type = ID_ANY;
492
493 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
494 return NULL;
495
496 switch (objectID)
497 {
498 case GN_OBJ_RFC822_NAME:
499 id_type = ID_RFC822_ADDR;
500 break;
501 case GN_OBJ_DNS_NAME:
502 id_type = ID_FQDN;
503 break;
504 case GN_OBJ_URI:
505 id_type = ID_DER_ASN1_GN_URI;
506 break;
507 case GN_OBJ_DIRECTORY_NAME:
508 id_type = ID_DER_ASN1_DN;
509 break;
510 case GN_OBJ_IP_ADDRESS:
511 id_type = ID_IPV4_ADDR;
512 break;
513 case GN_OBJ_OTHER_NAME:
514 if (!parse_otherName(object, level + 1))
515 return NULL;
516 break;
517 case GN_OBJ_X400_ADDRESS:
518 case GN_OBJ_EDI_PARTY_NAME:
519 case GN_OBJ_REGISTERED_ID:
520 break;
521 default:
522 break;
523 }
524
525 if (id_type != ID_ANY)
526 {
527 identification_t *gn = identification_create_from_encoding(id_type, object);
528 DBG2(" '%D'", gn);
529 return gn;
530 }
531 objectID++;
532 }
533 return NULL;
534 }
535
536
537 /**
538 * extracts one or several GNs and puts them into a chained list
539 */
540 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
541 {
542 asn1_ctx_t ctx;
543 chunk_t object;
544 u_int level;
545 int objectID = 0;
546
547 asn1_init(&ctx, blob, level0, implicit, FALSE);
548
549 while (objectID < GENERAL_NAMES_ROOF)
550 {
551 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
552 return;
553
554 if (objectID == GENERAL_NAMES_GN)
555 {
556 identification_t *gn = parse_generalName(object, level+1);
557
558 if (gn != NULL)
559 list->insert_last(list, (void *)gn);
560 }
561 objectID++;
562 }
563 return;
564 }
565
566 /**
567 * extracts a keyIdentifier
568 */
569 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
570 {
571 asn1_ctx_t ctx;
572 chunk_t object;
573 u_int level;
574 int objectID = 0;
575
576 asn1_init(&ctx, blob, level0, implicit, FALSE);
577
578 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
579 return object;
580 }
581
582 /**
583 * extracts an authoritykeyIdentifier
584 */
585 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
586 {
587 asn1_ctx_t ctx;
588 chunk_t object;
589 u_int level;
590 int objectID = 0;
591
592 *authKeyID = chunk_empty;
593 *authKeySerialNumber = chunk_empty;
594
595 asn1_init(&ctx, blob, level0, FALSE, FALSE);
596
597 while (objectID < AUTH_KEY_ID_ROOF)
598 {
599 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
600 {
601 return;
602 }
603 switch (objectID)
604 {
605 case AUTH_KEY_ID_KEY_ID:
606 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
607 break;
608 case AUTH_KEY_ID_CERT_ISSUER:
609 {
610 /* TODO: parse_generalNames(object, level+1, TRUE); */
611 break;
612 }
613 case AUTH_KEY_ID_CERT_SERIAL:
614 *authKeySerialNumber = object;
615 break;
616 default:
617 break;
618 }
619 objectID++;
620 }
621 }
622
623 /**
624 * extracts an authorityInfoAcess location
625 */
626 static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *list)
627 {
628 asn1_ctx_t ctx;
629 chunk_t object;
630 u_int level;
631 int objectID = 0;
632
633 u_int accessMethod = OID_UNKNOWN;
634
635 asn1_init(&ctx, blob, level0, FALSE, FALSE);
636 while (objectID < AUTH_INFO_ACCESS_ROOF)
637 {
638 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
639 {
640 return;
641 }
642 switch (objectID)
643 {
644 case AUTH_INFO_ACCESS_METHOD:
645 accessMethod = known_oid(object);
646 break;
647 case AUTH_INFO_ACCESS_LOCATION:
648 {
649 switch (accessMethod)
650 {
651 case OID_OCSP:
652 if (*object.ptr == ASN1_CONTEXT_S_6)
653 {
654 identification_t *accessLocation;
655
656 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
657 return;
658 DBG2(" '%.*s'",(int)object.len, object.ptr);
659 accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object);
660 list->insert_last(list, (void *)accessLocation);
661 }
662 break;
663 default:
664 /* unkown accessMethod, ignoring */
665 break;
666 }
667 break;
668 }
669 default:
670 break;
671 }
672 objectID++;
673 }
674 }
675
676 /**
677 * extracts extendedKeyUsage OIDs
678 */
679 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
680 {
681 asn1_ctx_t ctx;
682 chunk_t object;
683 u_int level;
684 int objectID = 0;
685
686 asn1_init(&ctx, blob, level0, FALSE, FALSE);
687 while (objectID < EXT_KEY_USAGE_ROOF)
688 {
689 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
690 {
691 return FALSE;
692 }
693 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
694 known_oid(object) == OID_OCSP_SIGNING)
695 {
696 return TRUE;
697 }
698 objectID++;
699 }
700 return FALSE;
701 }
702
703 /**
704 * extracts one or several crlDistributionPoints and puts them into
705 * a chained list
706 */
707 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
708 {
709 asn1_ctx_t ctx;
710 chunk_t object;
711 u_int level;
712 int objectID = 0;
713
714 asn1_init(&ctx, blob, level0, FALSE, FALSE);
715 while (objectID < CRL_DIST_POINTS_ROOF)
716 {
717 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
718 {
719 return;
720 }
721 if (objectID == CRL_DIST_POINTS_FULLNAME)
722 {
723 /* append extracted generalNames to existing chained list */
724 parse_generalNames(object, level+1, TRUE, list);
725
726 }
727 objectID++;
728 }
729 }
730
731
732 /**
733 * Parses an X.509v3 certificate
734 */
735 static bool parse_certificate(chunk_t blob, u_int level0, private_x509_t *this)
736 {
737 asn1_ctx_t ctx;
738 bool critical;
739 chunk_t object;
740 u_int level;
741 u_int extn_oid = OID_UNKNOWN;
742 int objectID = 0;
743
744 asn1_init(&ctx, blob, level0, FALSE, FALSE);
745
746 while (objectID < X509_OBJ_ROOF)
747 {
748 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
749 {
750 return FALSE;
751 }
752
753 /* those objects which will parsed further need the next higher level */
754 level++;
755
756 switch (objectID)
757 {
758 case X509_OBJ_CERTIFICATE:
759 this->certificate = object;
760 break;
761 case X509_OBJ_TBS_CERTIFICATE:
762 this->tbsCertificate = object;
763 break;
764 case X509_OBJ_VERSION:
765 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
766 DBG2(" v%d", this->version);
767 break;
768 case X509_OBJ_SERIAL_NUMBER:
769 this->serialNumber = object;
770 break;
771 case X509_OBJ_SIG_ALG:
772 this->sigAlg = parse_algorithmIdentifier(object, level, NULL);
773 break;
774 case X509_OBJ_ISSUER:
775 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
776 DBG2(" '%D'", this->issuer);
777 break;
778 case X509_OBJ_NOT_BEFORE:
779 this->notBefore = parse_time(object, level);
780 break;
781 case X509_OBJ_NOT_AFTER:
782 this->notAfter = parse_time(object, level);
783 break;
784 case X509_OBJ_SUBJECT:
785 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
786 DBG2(" '%D'", this->subject);
787 break;
788 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
789 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
790 {
791 DBG2(" unsupported public key algorithm");
792 return FALSE;
793 }
794 break;
795 case X509_OBJ_SUBJECT_PUBLIC_KEY:
796 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
797 {
798 /* skip initial bit string octet defining 0 unused bits */
799 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
800 }
801 else
802 {
803 DBG2(" invalid RSA public key format");
804 return FALSE;
805 }
806 break;
807 case X509_OBJ_RSA_PUBLIC_KEY:
808 this->subjectPublicKey = object;
809 break;
810 case X509_OBJ_EXTN_ID:
811 extn_oid = known_oid(object);
812 break;
813 case X509_OBJ_CRITICAL:
814 critical = object.len && *object.ptr;
815 DBG2(" %s", critical ? "TRUE" : "FALSE");
816 break;
817 case X509_OBJ_EXTN_VALUE:
818 {
819 switch (extn_oid)
820 {
821 case OID_SUBJECT_KEY_ID:
822 this->subjectKeyID = chunk_clone(parse_keyIdentifier(object, level, FALSE));
823 break;
824 case OID_SUBJECT_ALT_NAME:
825 parse_generalNames(object, level, FALSE, this->subjectAltNames);
826 break;
827 case OID_BASIC_CONSTRAINTS:
828 this->isCA = parse_basicConstraints(object, level);
829 break;
830 case OID_CRL_DISTRIBUTION_POINTS:
831 parse_crlDistributionPoints(object, level, this->crlDistributionPoints);
832 break;
833 case OID_AUTHORITY_KEY_ID:
834 parse_authorityKeyIdentifier(object, level , &this->authKeyID, &this->authKeySerialNumber);
835 break;
836 case OID_AUTHORITY_INFO_ACCESS:
837 parse_authorityInfoAccess(object, level, this->ocspAccessLocations);
838 break;
839 case OID_EXTENDED_KEY_USAGE:
840 this->isOcspSigner = parse_extendedKeyUsage(object, level);
841 break;
842 case OID_NS_REVOCATION_URL:
843 case OID_NS_CA_REVOCATION_URL:
844 case OID_NS_CA_POLICY_URL:
845 case OID_NS_COMMENT:
846 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
847 return FALSE;
848 break;
849 default:
850 break;
851 }
852 break;
853 }
854 case X509_OBJ_ALGORITHM:
855 this->algorithm = parse_algorithmIdentifier(object, level, NULL);
856 break;
857 case X509_OBJ_SIGNATURE:
858 this->signature = object;
859 break;
860 default:
861 break;
862 }
863 objectID++;
864 }
865
866 if (this->subjectKeyID.ptr == NULL)
867 {
868 hasher_t *hasher = hasher_create(HASH_SHA1);
869
870 hasher->allocate_hash(hasher, this->subjectPublicKey, &this->subjectKeyID);
871 hasher->destroy(hasher);
872 }
873
874 this->installed = time(NULL);
875 return TRUE;
876 }
877
878 /**
879 * Implements x509_t.is_valid
880 */
881 static err_t is_valid(const private_x509_t *this, time_t *until)
882 {
883 time_t current_time = time(NULL);
884
885 DBG2(" not before : %T", &this->notBefore);
886 DBG2(" current time: %T", &current_time);
887 DBG2(" not after : %T", &this->notAfter);
888
889 if (until != NULL &&
890 (*until == UNDEFINED_TIME || this->notAfter < *until))
891 {
892 *until = this->notAfter;
893 }
894 if (current_time < this->notBefore)
895 {
896 return "is not valid yet";
897 }
898 if (current_time > this->notAfter)
899 {
900 return "has expired";
901 }
902 DBG2(" certificate is valid");
903 return NULL;
904 }
905
906 /**
907 * Implements x509_t.is_ca
908 */
909 static bool is_ca(const private_x509_t *this)
910 {
911 return this->isCA;
912 }
913
914 /**
915 * Implements x509_t.is_ocsp_signer
916 */
917 static bool is_ocsp_signer(const private_x509_t *this)
918 {
919 return this->isOcspSigner;
920 }
921
922 /**
923 * Implements x509_t.is_self_signed
924 */
925 static bool is_self_signed(const private_x509_t *this)
926 {
927 return this->subject->equals(this->subject, this->issuer);
928 }
929
930 /**
931 * Implements x509_t.equals_subjectAltName
932 */
933 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
934 {
935 bool found = FALSE;
936 identification_t *subjectAltName;
937 iterator_t *iterator;
938
939 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
940 while (iterator->iterate(iterator, (void**)&subjectAltName))
941 {
942 if (id->equals(id, subjectAltName))
943 {
944 found = TRUE;
945 break;
946 }
947 }
948 iterator->destroy(iterator);
949 return found;
950 }
951
952 /**
953 * Implements x509_t.is_issuer
954 */
955 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
956 {
957 return (this->authKeyID.ptr)
958 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
959 : (this->issuer->equals(this->issuer, issuer->subject)
960 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
961 }
962
963 /**
964 * Implements x509_t.get_certificate
965 */
966 static chunk_t get_certificate(const private_x509_t *this)
967 {
968 return this->certificate;
969 }
970
971 /**
972 * Implements x509_t.get_public_key
973 */
974 static rsa_public_key_t *get_public_key(const private_x509_t *this)
975 {
976 return this->public_key;
977 }
978
979 /**
980 * Implements x509_t.get_serialNumber
981 */
982 static chunk_t get_serialNumber(const private_x509_t *this)
983 {
984 return this->serialNumber;
985 }
986
987 /**
988 * Implements x509_t.get_subjectKeyID
989 */
990 static chunk_t get_subjectKeyID(const private_x509_t *this)
991 {
992 return this->subjectKeyID;
993 }
994
995 /**
996 * Implements x509_t.get_keyid
997 */
998 static chunk_t get_keyid(const private_x509_t *this)
999 {
1000 return this->public_key->get_keyid(this->public_key);
1001 }
1002
1003 /**
1004 * Implements x509_t.get_issuer
1005 */
1006 static identification_t *get_issuer(const private_x509_t *this)
1007 {
1008 return this->issuer;
1009 }
1010
1011 /**
1012 * Implements x509_t.get_subject
1013 */
1014 static identification_t *get_subject(const private_x509_t *this)
1015 {
1016 return this->subject;
1017 }
1018
1019 /**
1020 * Implements x509_t.set_until
1021 */
1022 static void set_until(private_x509_t *this, time_t until)
1023 {
1024 this->until = until;
1025 }
1026
1027 /**
1028 * Implements x509_t.get_until
1029 */
1030 static time_t get_until(const private_x509_t *this)
1031 {
1032 return this->until;
1033 }
1034
1035 /**
1036 * Implements x509_t.set_status
1037 */
1038 static void set_status(private_x509_t *this, cert_status_t status)
1039 {
1040 this->status = status;
1041 }
1042
1043 /**
1044 * Implements x509_t.get_status
1045 */
1046 static cert_status_t get_status(const private_x509_t *this)
1047 {
1048 return this->status;
1049 }
1050
1051 /**
1052 * Implements x509_t.add_authority_flags
1053 */
1054 static void add_authority_flags(private_x509_t *this, u_int flags)
1055 {
1056 this->authority_flags |= flags;
1057 }
1058
1059 /**
1060 * Implements x509_t.add_authority_flags
1061 */
1062 static u_int get_authority_flags(private_x509_t *this)
1063 {
1064 return this->authority_flags;
1065 }
1066
1067 /**
1068 * Implements x509_t.has_authority_flag
1069 */
1070 static bool has_authority_flag(private_x509_t *this, u_int flags)
1071 {
1072 return (this->authority_flags & flags) != AUTH_NONE;
1073 }
1074
1075 /**
1076 * Implements x509_t.create_crluri_iterator
1077 */
1078 static iterator_t *create_crluri_iterator(const private_x509_t *this)
1079 {
1080 return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
1081 }
1082
1083 /**
1084 * Implements x509_t.create_crluri_iterator
1085 */
1086 static iterator_t *create_ocspuri_iterator(const private_x509_t *this)
1087 {
1088 return this->ocspAccessLocations->create_iterator(this->ocspAccessLocations, TRUE);
1089 }
1090
1091 /**
1092 * Implements x509_t.verify
1093 */
1094 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1095 {
1096 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
1097 }
1098
1099 /**
1100 * Implementation of x509_t.list.
1101 */
1102 static void list(private_x509_t *this, FILE *out, bool utc)
1103 {
1104 iterator_t *iterator;
1105 time_t now = time(NULL);
1106
1107 fprintf(out, "%#T\n", &this->installed, utc);
1108
1109 if (this->subjectAltNames->get_count(this->subjectAltNames))
1110 {
1111 identification_t *subjectAltName;
1112 bool first = TRUE;
1113
1114 fprintf(out, " altNames: ");
1115 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
1116 while (iterator->iterate(iterator, (void**)&subjectAltName))
1117 {
1118 if (first)
1119 {
1120 first = FALSE;
1121 }
1122 else
1123 {
1124 fprintf(out, ", ");
1125 }
1126 fprintf(out, "'%D'", subjectAltName);
1127 }
1128 iterator->destroy(iterator);
1129 fprintf(out, "\n");
1130 }
1131 fprintf(out, " subject: '%D'\n", this->subject);
1132 fprintf(out, " issuer: '%D'\n", this->issuer);
1133 fprintf(out, " serial: %#B\n", &this->serialNumber);
1134 fprintf(out, " validity: not before %#T, ", &this->notBefore, utc);
1135 if (now < this->notBefore)
1136 {
1137 fprintf(out, "not valid yet (valid in %V)\n", &now, &this->notBefore);
1138 }
1139 else
1140 {
1141 fprintf(out, "ok\n");
1142 }
1143
1144 fprintf(out, " not after %#T, ", &this->notAfter, utc);
1145 if (now > this->notAfter)
1146 {
1147 fprintf(out, "expired (%V ago)\n", &now, &this->notAfter);
1148 }
1149 else
1150 {
1151 fprintf(out, "ok");
1152 if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
1153 {
1154 fprintf(out, " (expires in %V)", &now, &this->notAfter);
1155 }
1156 fprintf(out, " \n");
1157 }
1158
1159 {
1160 chunk_t keyid = this->public_key->get_keyid(this->public_key);
1161 fprintf(out, " keyid: %#B\n", &keyid);
1162 }
1163
1164 if (this->subjectKeyID.ptr)
1165 {
1166 fprintf(out, " subjkey: %#B\n", &this->subjectKeyID);
1167 }
1168 if (this->authKeyID.ptr)
1169 {
1170 fprintf(out, " authkey: %#B\n", &this->authKeyID);
1171 }
1172 if (this->authKeySerialNumber.ptr)
1173 {
1174 fprintf(out, " aserial: %#B\n", &this->authKeySerialNumber);
1175 }
1176
1177 fprintf(out, " pubkey: RSA %d bits", BITS_PER_BYTE *
1178 this->public_key->get_keysize(this->public_key));
1179 fprintf(out, ", status %N",
1180 cert_status_names, this->status);
1181
1182 switch (this->status)
1183 {
1184 case CERT_GOOD:
1185 fprintf(out, " until %#T", &this->until, utc);
1186 break;
1187 case CERT_REVOKED:
1188 fprintf(out, " on %#T", &this->until, utc);
1189 break;
1190 case CERT_UNKNOWN:
1191 case CERT_UNDEFINED:
1192 case CERT_UNTRUSTED:
1193 default:
1194 break;
1195 }
1196 }
1197
1198 /**
1199 * Implements x509_t.destroy
1200 */
1201 static void destroy(private_x509_t *this)
1202 {
1203 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1204 offsetof(identification_t, destroy));
1205 this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
1206 offsetof(identification_t, destroy));
1207 this->ocspAccessLocations->destroy_offset(this->ocspAccessLocations,
1208 offsetof(identification_t, destroy));
1209 DESTROY_IF(this->issuer);
1210 DESTROY_IF(this->subject);
1211 DESTROY_IF(this->public_key);
1212 free(this->subjectKeyID.ptr);
1213 free(this->certificate.ptr);
1214 free(this);
1215 }
1216
1217 /*
1218 * Described in header.
1219 */
1220 x509_t *x509_create_from_chunk(chunk_t chunk, u_int level)
1221 {
1222 private_x509_t *this = malloc_thing(private_x509_t);
1223
1224 /* initialize */
1225 this->subjectPublicKey = chunk_empty;
1226 this->public_key = NULL;
1227 this->subject = NULL;
1228 this->issuer = NULL;
1229 this->subjectAltNames = linked_list_create();
1230 this->crlDistributionPoints = linked_list_create();
1231 this->ocspAccessLocations = linked_list_create();
1232 this->subjectKeyID = chunk_empty;
1233 this->authKeyID = chunk_empty;
1234 this->authKeySerialNumber = chunk_empty;
1235 this->authority_flags = AUTH_NONE;
1236
1237 /* public functions */
1238 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1239 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1240 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1241 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1242 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1243 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1244 this->public.is_ocsp_signer = (bool (*) (const x509_t*))is_ocsp_signer;
1245 this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
1246 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1247 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1248 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1249 this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
1250 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1251 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1252 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1253 this->public.get_until = (time_t (*) (const x509_t*))get_until;
1254 this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
1255 this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
1256 this->public.add_authority_flags = (void (*) (x509_t*,u_int))add_authority_flags;
1257 this->public.get_authority_flags = (u_int (*) (x509_t*))get_authority_flags;
1258 this->public.has_authority_flag = (bool (*) (x509_t*,u_int))has_authority_flag;
1259 this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
1260 this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator;
1261 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1262 this->public.list = (void(*)(x509_t*, FILE *out, bool utc))list;
1263 this->public.destroy = (void (*) (x509_t*))destroy;
1264
1265 if (!parse_certificate(chunk, level, this))
1266 {
1267 destroy(this);
1268 return NULL;
1269 }
1270
1271 /* extract public key from certificate */
1272 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1273 if (this->public_key == NULL)
1274 {
1275 destroy(this);
1276 return NULL;
1277 }
1278 /* set trusted lifetime of public key to notAfter */
1279 this->status = is_self_signed(this)? CERT_GOOD:CERT_UNDEFINED;
1280 this->until = this->notAfter;
1281 return &this->public;
1282 }
1283
1284 /*
1285 * Described in header.
1286 */
1287 x509_t *x509_create_from_file(const char *filename, const char *label)
1288 {
1289 bool pgp = FALSE;
1290 chunk_t chunk = chunk_empty;
1291 x509_t *cert = NULL;
1292 char cert_label[BUF_LEN];
1293
1294 snprintf(cert_label, BUF_LEN, "%s certificate", label);
1295
1296 if (!pem_asn1_load_file(filename, NULL, cert_label, &chunk, &pgp))
1297 return NULL;
1298
1299 cert = x509_create_from_chunk(chunk, 0);
1300
1301 if (cert == NULL)
1302 free(chunk.ptr);
1303 return cert;
1304 }