c65071c7297fe0d948728e7fd1d9f79db6142158
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <gmp.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <string.h>
27
28 #include "x509.h"
29
30 #include <types.h>
31 #include <definitions.h>
32 #include <asn1/oid.h>
33 #include <asn1/asn1.h>
34 #include <asn1/pem.h>
35 #include <utils/logger_manager.h>
36 #include <utils/linked_list.h>
37 #include <utils/identification.h>
38
39 #define CERT_WARNING_INTERVAL 30 /* days */
40
41 static logger_t *logger;
42
43 /**
44 * Different kinds of generalNames
45 */
46 typedef enum generalNames_t generalNames_t;
47
48 enum generalNames_t {
49 GN_OTHER_NAME = 0,
50 GN_RFC822_NAME = 1,
51 GN_DNS_NAME = 2,
52 GN_X400_ADDRESS = 3,
53 GN_DIRECTORY_NAME = 4,
54 GN_EDI_PARTY_NAME = 5,
55 GN_URI = 6,
56 GN_IP_ADDRESS = 7,
57 GN_REGISTERED_ID = 8,
58 };
59
60 typedef struct private_x509_t private_x509_t;
61
62 /**
63 * Private data of a x509_t object.
64 */
65 struct private_x509_t {
66 /**
67 * Public interface for this certificate.
68 */
69 x509_t public;
70
71 /**
72 * Time when certificate was installed
73 */
74 time_t installed;
75
76 /**
77 * Time until certificate can be trusted
78 */
79 time_t until;
80
81 /**
82 * X.509 Certificate in DER format
83 */
84 chunk_t certificate;
85
86 /**
87 * X.509 certificate body over which signature is computed
88 */
89 chunk_t tbsCertificate;
90
91 /**
92 * Version of the X.509 certificate
93 */
94 u_int version;
95
96 /**
97 * Serial number of the X.509 certificate
98 */
99 chunk_t serialNumber;
100
101 /**
102 * Signature algorithm
103 */
104 int sigAlg;
105
106 /**
107 * ID representing the certificate issuer
108 */
109 identification_t *issuer;
110
111 /**
112 * Start time of certificate validity
113 */
114 time_t notBefore;
115
116 /**
117 * End time of certificate validity
118 */
119 time_t notAfter;
120
121 /**
122 * ID representing the certificate subject
123 */
124 identification_t *subject;
125
126 /**
127 * List of identification_t's representing subjectAltNames
128 */
129 linked_list_t *subjectAltNames;
130
131 /**
132 * List of identification_t's representing crlDistributionPoints
133 */
134 linked_list_t *crlDistributionPoints;
135
136 /**
137 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
138 */
139 rsa_public_key_t *public_key;
140
141 /**
142 * Subject Key Identifier
143 */
144 chunk_t subjectKeyID;
145
146 /**
147 * Authority Key Identifier
148 */
149 chunk_t authKeyID;
150
151 /**
152 * Authority Key Serial Number
153 */
154 chunk_t authKeySerialNumber;
155
156 /**
157 * CA basic constraints flag
158 */
159 bool isCA;
160
161 /**
162 * Signature algorithm (must be identical to sigAlg)
163 */
164 int algorithm;
165
166 /**
167 * Signature
168 */
169 chunk_t signature;
170
171 u_char authority_flags;
172 chunk_t subjectPublicKey;
173 bool isOcspSigner; /* ocsp */
174 chunk_t accessLocation; /* ocsp */
175 };
176
177 /**
178 * ASN.1 definition of generalName
179 */
180 static const asn1Object_t generalNameObjects[] = {
181 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
182 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
183 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
184 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
185 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
186 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
187 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
188 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
189 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
190 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
191 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
192 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
193 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
194 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
195 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
196 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
197 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
198 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
199 };
200 #define GN_OBJ_OTHER_NAME 0
201 #define GN_OBJ_RFC822_NAME 2
202 #define GN_OBJ_DNS_NAME 4
203 #define GN_OBJ_X400_ADDRESS 6
204 #define GN_OBJ_DIRECTORY_NAME 8
205 #define GN_OBJ_EDI_PARTY_NAME 10
206 #define GN_OBJ_URI 12
207 #define GN_OBJ_IP_ADDRESS 14
208 #define GN_OBJ_REGISTERED_ID 16
209 #define GN_OBJ_ROOF 18
210
211 /**
212 * ASN.1 definition of otherName
213 */
214 static const asn1Object_t otherNameObjects[] = {
215 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
216 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
217 };
218 #define ON_OBJ_ID_TYPE 0
219 #define ON_OBJ_VALUE 1
220 #define ON_OBJ_ROOF 2
221 /**
222 * ASN.1 definition of a basicConstraints extension
223 */
224 static const asn1Object_t basicConstraintsObjects[] = {
225 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
226 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
227 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
228 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
229 };
230 #define BASIC_CONSTRAINTS_CA 1
231 #define BASIC_CONSTRAINTS_ROOF 4
232
233 /**
234 * ASN.1 definition of time
235 */
236 static const asn1Object_t timeObjects[] = {
237 { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
238 { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
239 { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
240 { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
241 };
242 #define TIME_UTC 0
243 #define TIME_GENERALIZED 2
244 #define TIME_ROOF 4
245
246 /**
247 * ASN.1 definition of a keyIdentifier
248 */
249 static const asn1Object_t keyIdentifierObjects[] = {
250 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
251 };
252
253 /**
254 * ASN.1 definition of a authorityKeyIdentifier extension
255 */
256 static const asn1Object_t authorityKeyIdentifierObjects[] = {
257 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
258 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
259 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
260 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
261 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
262 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
263 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
264 };
265 #define AUTH_KEY_ID_KEY_ID 1
266 #define AUTH_KEY_ID_CERT_ISSUER 3
267 #define AUTH_KEY_ID_CERT_SERIAL 5
268 #define AUTH_KEY_ID_ROOF 7
269
270 /**
271 * ASN.1 definition of a authorityInfoAccess extension
272 */
273 static const asn1Object_t authorityInfoAccessObjects[] = {
274 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
275 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
276 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
277 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
278 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
279 };
280 #define AUTH_INFO_ACCESS_METHOD 2
281 #define AUTH_INFO_ACCESS_LOCATION 3
282 #define AUTH_INFO_ACCESS_ROOF 5
283
284 /**
285 * ASN.1 definition of a extendedKeyUsage extension
286 */
287 static const asn1Object_t extendedKeyUsageObjects[] = {
288 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
289 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
290 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
291 };
292
293 #define EXT_KEY_USAGE_PURPOSE_ID 1
294 #define EXT_KEY_USAGE_ROOF 3
295
296 /**
297 * ASN.1 definition of generalNames
298 */
299 static const asn1Object_t generalNamesObjects[] = {
300 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
301 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
302 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
303 };
304 #define GENERAL_NAMES_GN 1
305 #define GENERAL_NAMES_ROOF 3
306
307
308 /**
309 * ASN.1 definition of crlDistributionPoints
310 */
311 static const asn1Object_t crlDistributionPointsObjects[] = {
312 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
313 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
314 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
315 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
316 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
317 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
318 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
319 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
320 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
321 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
322 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
323 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
324 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
325 };
326 #define CRL_DIST_POINTS_FULLNAME 3
327 #define CRL_DIST_POINTS_ROOF 13
328
329 /**
330 * ASN.1 definition of an X.509v3 x509
331 */
332 static const asn1Object_t certObjects[] = {
333 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
334 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
335 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
336 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
337 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
338 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
339 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
340 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
341 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
342 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
343 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
344 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
345 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
346 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
347 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
348 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
349 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
350 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
351 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
352 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
353 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
354 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
355 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
356 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
357 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
358 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
359 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
360 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
361 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
362 };
363 #define X509_OBJ_CERTIFICATE 0
364 #define X509_OBJ_TBS_CERTIFICATE 1
365 #define X509_OBJ_VERSION 3
366 #define X509_OBJ_SERIAL_NUMBER 4
367 #define X509_OBJ_SIG_ALG 5
368 #define X509_OBJ_ISSUER 6
369 #define X509_OBJ_NOT_BEFORE 8
370 #define X509_OBJ_NOT_AFTER 9
371 #define X509_OBJ_SUBJECT 10
372 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
373 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
374 #define X509_OBJ_RSA_PUBLIC_KEY 14
375 #define X509_OBJ_EXTN_ID 22
376 #define X509_OBJ_CRITICAL 23
377 #define X509_OBJ_EXTN_VALUE 24
378 #define X509_OBJ_ALGORITHM 27
379 #define X509_OBJ_SIGNATURE 28
380 #define X509_OBJ_ROOF 29
381
382
383 static u_char ASN1_subjectAltName_oid_str[] = {
384 0x06, 0x03, 0x55, 0x1D, 0x11
385 };
386
387 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
388
389
390 /**
391 * compare two X.509 x509s by comparing their signatures
392 */
393 static bool equals(const private_x509_t *this, const private_x509_t *other)
394 {
395 return chunk_equals(this->signature, other->signature);
396 }
397
398 /**
399 * extracts the basicConstraints extension
400 */
401 static bool parse_basicConstraints(chunk_t blob, int level0)
402 {
403 asn1_ctx_t ctx;
404 chunk_t object;
405 u_int level;
406 int objectID = 0;
407 bool isCA = FALSE;
408
409 asn1_init(&ctx, blob, level0, FALSE);
410
411 while (objectID < BASIC_CONSTRAINTS_ROOF) {
412
413 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
414 {
415 break;
416 }
417 if (objectID == BASIC_CONSTRAINTS_CA)
418 {
419 isCA = object.len && *object.ptr;
420 logger->log(logger, CONTROL|LEVEL2, " %s", isCA ? "TRUE" : "FALSE");
421 }
422 objectID++;
423 }
424 return isCA;
425 }
426
427 /*
428 * extracts an otherName
429 */
430 static bool
431 parse_otherName(chunk_t blob, int level0)
432 {
433 asn1_ctx_t ctx;
434 chunk_t object;
435 int objectID = 0;
436 u_int level;
437 int oid = OID_UNKNOWN;
438
439 asn1_init(&ctx, blob, level0, FALSE);
440
441 while (objectID < ON_OBJ_ROOF)
442 {
443 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
444 return FALSE;
445
446 switch (objectID)
447 {
448 case ON_OBJ_ID_TYPE:
449 oid = known_oid(object);
450 break;
451 case ON_OBJ_VALUE:
452 if (oid == OID_XMPP_ADDR)
453 {
454 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
455 return FALSE;
456 }
457 break;
458 default:
459 break;
460 }
461 objectID++;
462 }
463 return TRUE;
464 }
465
466 /*
467 * extracts a generalName
468 */
469 static identification_t *parse_generalName(chunk_t blob, int level0)
470 {
471 u_char buf[BUF_LEN];
472 asn1_ctx_t ctx;
473 chunk_t object;
474 int objectID = 0;
475 u_int level;
476
477 asn1_init(&ctx, blob, level0, FALSE);
478
479 while (objectID < GN_OBJ_ROOF)
480 {
481 id_type_t id_type = ID_ANY;
482
483 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
484 return NULL;
485
486 switch (objectID)
487 {
488 case GN_OBJ_RFC822_NAME:
489 id_type = ID_RFC822_ADDR;
490 break;
491 case GN_OBJ_DNS_NAME:
492 id_type = ID_FQDN;
493 break;
494 case GN_OBJ_URI:
495 id_type = ID_DER_ASN1_GN_URI;
496 break;
497 case GN_OBJ_DIRECTORY_NAME:
498 id_type = ID_DER_ASN1_DN;
499 break;
500 case GN_OBJ_IP_ADDRESS:
501 id_type = ID_IPV4_ADDR;
502 break;
503 case GN_OBJ_OTHER_NAME:
504 if (!parse_otherName(object, level + 1))
505 return NULL;
506 break;
507 case GN_OBJ_X400_ADDRESS:
508 case GN_OBJ_EDI_PARTY_NAME:
509 case GN_OBJ_REGISTERED_ID:
510 break;
511 default:
512 break;
513 }
514
515 if (id_type != ID_ANY)
516 {
517 identification_t *gn = identification_create_from_encoding(id_type, object);
518 logger->log(logger, CONTROL|LEVEL2, " '%s'", gn->get_string(gn));
519 return gn;
520 }
521 objectID++;
522 }
523 return NULL;
524 }
525
526
527 /**
528 * extracts one or several GNs and puts them into a chained list
529 */
530 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
531 {
532 asn1_ctx_t ctx;
533 chunk_t object;
534 u_int level;
535 int objectID = 0;
536
537 asn1_init(&ctx, blob, level0, implicit);
538
539 while (objectID < GENERAL_NAMES_ROOF)
540 {
541 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
542 return;
543
544 if (objectID == GENERAL_NAMES_GN)
545 {
546 identification_t *gn = parse_generalName(object, level+1);
547
548 if (gn != NULL)
549 list->insert_last(list, (void *)gn);
550 }
551 objectID++;
552 }
553 return;
554 }
555
556 /**
557 * extracts and converts a UTCTIME or GENERALIZEDTIME object
558 */
559 time_t parse_time(chunk_t blob, int level0)
560 {
561 asn1_ctx_t ctx;
562 chunk_t object;
563 u_int level;
564 int objectID = 0;
565
566 asn1_init(&ctx, blob, level0, FALSE);
567
568 while (objectID < TIME_ROOF)
569 {
570 if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
571 return 0;
572
573 if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
574 {
575 return asn1totime(&object, (objectID == TIME_UTC)
576 ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
577 }
578 objectID++;
579 }
580 return 0;
581 }
582
583 /**
584 * extracts a keyIdentifier
585 */
586 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
587 {
588 asn1_ctx_t ctx;
589 chunk_t object;
590 u_int level;
591 int objectID = 0;
592
593 asn1_init(&ctx, blob, level0, implicit);
594
595 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
596 return object;
597 }
598
599 /**
600 * extracts an authoritykeyIdentifier
601 */
602 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
603 {
604 asn1_ctx_t ctx;
605 chunk_t object;
606 u_int level;
607 int objectID = 0;
608
609 asn1_init(&ctx, blob, level0, FALSE);
610 while (objectID < AUTH_KEY_ID_ROOF)
611 {
612 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
613 {
614 return;
615 }
616 switch (objectID)
617 {
618 case AUTH_KEY_ID_KEY_ID:
619 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
620 break;
621 case AUTH_KEY_ID_CERT_ISSUER:
622 {
623 /* TODO: parse_generalNames(object, level+1, TRUE); */
624 break;
625 }
626 case AUTH_KEY_ID_CERT_SERIAL:
627 *authKeySerialNumber = object;
628 break;
629 default:
630 break;
631 }
632 objectID++;
633 }
634 }
635
636 /**
637 * extracts an authorityInfoAcess location
638 */
639 static void parse_authorityInfoAccess(chunk_t blob, int level0, chunk_t *accessLocation)
640 {
641 asn1_ctx_t ctx;
642 chunk_t object;
643 u_int level;
644 int objectID = 0;
645
646 u_int accessMethod = OID_UNKNOWN;
647
648 asn1_init(&ctx, blob, level0, FALSE);
649 while (objectID < AUTH_INFO_ACCESS_ROOF)
650 {
651 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
652 {
653 return;
654 }
655 switch (objectID)
656 {
657 case AUTH_INFO_ACCESS_METHOD:
658 accessMethod = known_oid(object);
659 break;
660 case AUTH_INFO_ACCESS_LOCATION:
661 {
662 switch (accessMethod)
663 {
664 case OID_OCSP:
665 if (*object.ptr == ASN1_CONTEXT_S_6)
666 {
667 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
668 return;
669 logger->log(logger, CONTROL|LEVEL2, " '%.*s'",(int)object.len, object.ptr);
670 /* only HTTP(S) URIs accepted */
671 if (strncasecmp(object.ptr, "http", 4) == 0)
672 {
673 *accessLocation = object;
674 return;
675 }
676 }
677 logger->log(logger, ERROR|LEVEL2, "ignoring OCSP InfoAccessLocation with unkown protocol");
678 break;
679 default:
680 /* unkown accessMethod, ignoring */
681 break;
682 }
683 break;
684 }
685 default:
686 break;
687 }
688 objectID++;
689 }
690 }
691
692 /**
693 * extracts extendedKeyUsage OIDs
694 */
695 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
696 {
697 asn1_ctx_t ctx;
698 chunk_t object;
699 u_int level;
700 int objectID = 0;
701
702 asn1_init(&ctx, blob, level0, FALSE);
703 while (objectID < EXT_KEY_USAGE_ROOF)
704 {
705 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
706 {
707 return FALSE;
708 }
709 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
710 known_oid(object) == OID_OCSP_SIGNING)
711 {
712 return TRUE;
713 }
714 objectID++;
715 }
716 return FALSE;
717 }
718
719 /**
720 * extracts one or several crlDistributionPoints and puts them into
721 * a chained list
722 */
723 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
724 {
725 asn1_ctx_t ctx;
726 chunk_t object;
727 u_int level;
728 int objectID = 0;
729
730 asn1_init(&ctx, blob, level0, FALSE);
731 while (objectID < CRL_DIST_POINTS_ROOF)
732 {
733 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
734 {
735 return;
736 }
737 if (objectID == CRL_DIST_POINTS_FULLNAME)
738 {
739 /* append extracted generalNames to existing chained list */
740 parse_generalNames(object, level+1, TRUE, list);
741
742 }
743 objectID++;
744 }
745 }
746
747
748 /**
749 * Parses an X.509v3 certificate
750 */
751 bool parse_x509cert(chunk_t blob, u_int level0, private_x509_t *cert)
752 {
753 asn1_ctx_t ctx;
754 bool critical;
755 chunk_t object;
756 u_int level;
757 u_int extn_oid = OID_UNKNOWN;
758 int objectID = 0;
759
760 asn1_init(&ctx, blob, level0, FALSE);
761 while (objectID < X509_OBJ_ROOF)
762 {
763 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
764 {
765 return FALSE;
766 }
767 /* those objects which will parsed further need the next higher level */
768 level++;
769 switch (objectID) {
770 case X509_OBJ_CERTIFICATE:
771 cert->certificate = object;
772 break;
773 case X509_OBJ_TBS_CERTIFICATE:
774 cert->tbsCertificate = object;
775 break;
776 case X509_OBJ_VERSION:
777 cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
778 logger->log(logger, CONTROL|LEVEL2, " v%d", cert->version);
779 break;
780 case X509_OBJ_SERIAL_NUMBER:
781 cert->serialNumber = object;
782 break;
783 case X509_OBJ_SIG_ALG:
784 cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
785 break;
786 case X509_OBJ_ISSUER:
787 cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
788 logger->log(logger, CONTROL|LEVEL1, " '%s'", cert->issuer->get_string(cert->issuer));
789 break;
790 case X509_OBJ_NOT_BEFORE:
791 cert->notBefore = parse_time(object, level);
792 break;
793 case X509_OBJ_NOT_AFTER:
794 cert->notAfter = parse_time(object, level);
795 break;
796 case X509_OBJ_SUBJECT:
797 cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
798 logger->log(logger, CONTROL|LEVEL1, " '%s'", cert->subject->get_string(cert->subject));
799 break;
800 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
801 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
802 {
803 logger->log(logger, ERROR|LEVEL1, " unsupported public key algorithm");
804 return FALSE;
805 }
806 break;
807 case X509_OBJ_SUBJECT_PUBLIC_KEY:
808 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
809 {
810 /* skip initial bit string octet defining 0 unused bits */
811 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
812 }
813 else
814 {
815 logger->log(logger, ERROR|LEVEL1, " invalid RSA public key format");
816 return FALSE;
817 }
818 break;
819 case X509_OBJ_RSA_PUBLIC_KEY:
820 cert->subjectPublicKey = object;
821 break;
822 case X509_OBJ_EXTN_ID:
823 extn_oid = known_oid(object);
824 break;
825 case X509_OBJ_CRITICAL:
826 critical = object.len && *object.ptr;
827 logger->log(logger, ERROR|LEVEL2, " %s", critical ? "TRUE" : "FALSE");
828 break;
829 case X509_OBJ_EXTN_VALUE:
830 {
831 switch (extn_oid) {
832 case OID_SUBJECT_KEY_ID:
833 cert->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
834 break;
835 case OID_SUBJECT_ALT_NAME:
836 parse_generalNames(object, level, FALSE, cert->subjectAltNames);
837 break;
838 case OID_BASIC_CONSTRAINTS:
839 cert->isCA = parse_basicConstraints(object, level);
840 break;
841 case OID_CRL_DISTRIBUTION_POINTS:
842 parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
843 break;
844 case OID_AUTHORITY_KEY_ID:
845 parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
846 break;
847 case OID_AUTHORITY_INFO_ACCESS:
848 parse_authorityInfoAccess(object, level, &cert->accessLocation);
849 break;
850 case OID_EXTENDED_KEY_USAGE:
851 cert->isOcspSigner = parse_extendedKeyUsage(object, level);
852 break;
853 case OID_NS_REVOCATION_URL:
854 case OID_NS_CA_REVOCATION_URL:
855 case OID_NS_CA_POLICY_URL:
856 case OID_NS_COMMENT:
857 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
858 return FALSE;
859 break;
860 default:
861 break;
862 }
863 break;
864 }
865 case X509_OBJ_ALGORITHM:
866 cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
867 break;
868 case X509_OBJ_SIGNATURE:
869 cert->signature = object;
870 break;
871 default:
872 break;
873 }
874 objectID++;
875 }
876 time(&cert->installed);
877 return TRUE;
878 }
879
880 /**
881 * Implements x509_t.is_valid
882 */
883 static err_t is_valid(const private_x509_t *this, time_t *until)
884 {
885 char buf[TIMETOA_BUF];
886
887 time_t current_time = time(NULL);
888
889 timetoa(buf, BUF_LEN, &this->notBefore, TRUE);
890 logger->log(logger, CONTROL|LEVEL1, " not before : %s", buf);
891 timetoa(buf, BUF_LEN, &current_time, TRUE);
892 logger->log(logger, CONTROL|LEVEL1, " current time: %s", buf);
893 timetoa(buf, BUF_LEN, &this->notAfter, TRUE);
894 logger->log(logger, CONTROL|LEVEL1, " not after : %s", buf);
895
896 if (until != NULL
897 && (*until == UNDEFINED_TIME || this->notAfter < *until))
898 {
899 *until = this->notAfter;
900 }
901 if (current_time < this->notBefore)
902 return "is not valid yet";
903 if (current_time > this->notAfter)
904 return "has expired";
905 logger->log(logger, CONTROL|LEVEL1, " certificate is valid", buf);
906 return NULL;
907 }
908
909 /**
910 * Implements x509_t.is_ca
911 */
912 static bool is_ca(const private_x509_t *this)
913 {
914 return this->isCA;
915 }
916
917 /**
918 * Implements x509_t.is_self_signed
919 */
920 static bool is_self_signed(const private_x509_t *this)
921 {
922 return this->subject->equals(this->subject, this->issuer);
923 }
924
925 /**
926 * Implements x509_t.equals_subjectAltName
927 */
928 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
929 {
930 bool found = FALSE;
931 iterator_t *iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
932
933 while (iterator->has_next(iterator))
934 {
935 identification_t *subjectAltName;
936
937 iterator->current(iterator, (void**)&subjectAltName);
938 if (id->equals(id, subjectAltName))
939 {
940 found = TRUE;
941 break;
942 }
943 }
944 iterator->destroy(iterator);
945 return found;
946 }
947
948 /**
949 * Implements x509_t.is_issuer
950 */
951 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
952 {
953 return (this->authKeyID.ptr)
954 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
955 : (this->issuer->equals(this->issuer, issuer->subject)
956 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
957 }
958
959 /**
960 * Implements x509_t.get_public_key
961 */
962 static rsa_public_key_t *get_public_key(const private_x509_t *this)
963 {
964 return this->public_key->clone(this->public_key);
965 }
966
967 /**
968 * Implements x509_t.get_serialNumber
969 */
970 static chunk_t get_serialNumber(const private_x509_t *this)
971 {
972 return this->serialNumber;
973 }
974
975 /**
976 * Implements x509_t.get_subjectKeyID
977 */
978 static chunk_t get_subjectKeyID(const private_x509_t *this)
979 {
980 return this->subjectKeyID;
981 }
982
983 /**
984 * Implements x509_t.get_issuer
985 */
986 static identification_t *get_issuer(const private_x509_t *this)
987 {
988 return this->issuer;
989 }
990
991 /**
992 * Implements x509_t.get_subject
993 */
994 static identification_t *get_subject(const private_x509_t *this)
995 {
996 return this->subject;
997 }
998
999 /**
1000 * Implements x509_t.set_until
1001 */
1002 static void set_until(private_x509_t *this, time_t until)
1003 {
1004 this->until = until;
1005 }
1006
1007 /**
1008 * Implements x509_t.verify
1009 */
1010 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1011 {
1012 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature);
1013 }
1014
1015 /**
1016 * destroy
1017 */
1018 static void destroy(private_x509_t *this)
1019 {
1020 identification_t *id;
1021 while (this->subjectAltNames->remove_last(this->subjectAltNames, (void**)&id) == SUCCESS)
1022 {
1023 id->destroy(id);
1024 }
1025 this->subjectAltNames->destroy(this->subjectAltNames);
1026
1027 while (this->crlDistributionPoints->remove_last(this->crlDistributionPoints, (void**)&id) == SUCCESS)
1028 {
1029 id->destroy(id);
1030 }
1031 this->crlDistributionPoints->destroy(this->crlDistributionPoints);
1032
1033 if (this->issuer)
1034 this->issuer->destroy(this->issuer);
1035
1036 if (this->subject)
1037 this->subject->destroy(this->subject);
1038
1039 if (this->public_key)
1040 this->public_key->destroy(this->public_key);
1041
1042 free(this->certificate.ptr);
1043 free(this);
1044 }
1045
1046 /**
1047 * checks if the expiration date has been reached and warns during the
1048 * warning_interval of the imminent expiration.
1049 * strict=TRUE declares a fatal error, strict=FALSE issues a warning upon expiry.
1050 */
1051 char* check_expiry(time_t expiration_date, int warning_interval, bool strict)
1052 {
1053 time_t now;
1054 int time_left;
1055
1056 if (expiration_date == UNDEFINED_TIME)
1057 return "ok (expires never)";
1058
1059 time_left = (expiration_date - time(NULL));
1060 if (time_left < 0)
1061 return strict? "fatal (expired)" : "warning (expired)";
1062
1063 {
1064 static char buf[35]; /* temporary storage */
1065 const char* unit = "second";
1066
1067 if (time_left > 86400*warning_interval)
1068 return "ok";
1069
1070 if (time_left > 172800)
1071 {
1072 time_left /= 86400;
1073 unit = "day";
1074 }
1075 else if (time_left > 7200)
1076 {
1077 time_left /= 3600;
1078 unit = "hour";
1079 }
1080 else if (time_left > 120)
1081 {
1082 time_left /= 60;
1083 unit = "minute";
1084 }
1085 snprintf(buf, sizeof(buf), "warning (expires in %d %s%s)", time_left, unit, (time_left == 1)?"":"s");
1086 }
1087 }
1088
1089 /**
1090 * log certificate
1091 */
1092 static void log_certificate(const private_x509_t *this, logger_t *logger, bool utc, bool has_key)
1093 {
1094 identification_t *subject = this->subject;
1095 identification_t *issuer = this->issuer;
1096 rsa_public_key_t *pubkey = this->public_key;
1097
1098 char buf[BUF_LEN];
1099
1100 /* determine the current time */
1101 time_t now = time(NULL);
1102
1103 timetoa(buf, BUF_LEN, &this->installed, utc);
1104 logger->log(logger, CONTROL, "%s", buf);
1105 logger->log(logger, CONTROL, " subject: '%s'", subject->get_string(subject));
1106 logger->log(logger, CONTROL, " issuer: '%s'", issuer->get_string(issuer));
1107
1108 chunk_to_hex(buf, BUF_LEN, this->serialNumber);
1109 logger->log(logger, CONTROL, " serial: %s", buf);
1110
1111 timetoa(buf, BUF_LEN, &this->notBefore, utc);
1112 logger->log(logger, CONTROL, " validity: not before %s %s", buf,
1113 (this->notBefore < now)? "ok":"fatal (not valid yet)");
1114
1115 timetoa(buf, BUF_LEN, &this->notAfter, utc);
1116 logger->log(logger, CONTROL, " not after %s %s", buf,
1117 check_expiry(this->notAfter, CERT_WARNING_INTERVAL, TRUE));
1118
1119 timetoa(buf, BUF_LEN, &this->until, utc);
1120 logger->log(logger, CONTROL, " pubkey: RSA %d bits%s, until %s",
1121 BITS_PER_BYTE * pubkey->get_keysize(pubkey),
1122 has_key? ", has private key":"", buf);
1123
1124 chunk_to_hex(buf, BUF_LEN, pubkey->get_keyid(pubkey));
1125 logger->log(logger, CONTROL, " keyid: %s", buf);
1126
1127 if (this->subjectKeyID.ptr != NULL)
1128 {
1129 chunk_to_hex(buf, BUF_LEN, this->subjectKeyID);
1130 logger->log(logger, CONTROL, " subjkey: %s", buf);
1131 }
1132 if (this->authKeyID.ptr != NULL)
1133 {
1134 chunk_to_hex(buf, BUF_LEN, this->authKeyID);
1135 logger->log(logger, CONTROL, " authkey: %s", buf);
1136 }
1137 if (this->authKeySerialNumber.ptr != NULL)
1138 {
1139 chunk_to_hex(buf, BUF_LEN, this->authKeySerialNumber);
1140 logger->log(logger, CONTROL, " aserial: %s", buf);
1141 }
1142 }
1143
1144 /*
1145 * Described in header.
1146 */
1147 x509_t *x509_create_from_chunk(chunk_t chunk)
1148 {
1149 private_x509_t *this = malloc_thing(private_x509_t);
1150
1151 /* initialize */
1152 this->subjectPublicKey = CHUNK_INITIALIZER;
1153 this->public_key = NULL;
1154 this->subject = NULL;
1155 this->issuer = NULL;
1156 this->subjectAltNames = linked_list_create();
1157 this->crlDistributionPoints = linked_list_create();
1158 this->subjectKeyID = CHUNK_INITIALIZER;
1159 this->authKeyID = CHUNK_INITIALIZER;
1160 this->authKeySerialNumber = CHUNK_INITIALIZER;
1161
1162 /* public functions */
1163 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1164 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1165 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1166 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1167 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1168 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1169 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1170 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1171 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1172 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1173 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1174 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1175 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1176 this->public.destroy = (void (*) (x509_t*))destroy;
1177 this->public.log_certificate = (void (*) (const x509_t*,logger_t*,bool,bool))log_certificate;
1178
1179 /* we do not use a per-instance logger right now, since its not always accessible */
1180 logger = logger_manager->get_logger(logger_manager, ASN1);
1181
1182 if (!parse_x509cert(chunk, 0, this))
1183 {
1184 destroy(this);
1185 return NULL;
1186 }
1187
1188 /* extract public key from certificate */
1189 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1190 if (this->public_key == NULL)
1191 {
1192 destroy(this);
1193 return NULL;
1194 }
1195 /* set trusted lifetime of public key to notAfter */
1196 this->until = this->notAfter;
1197 return &this->public;
1198 }
1199
1200 /*
1201 * Described in header.
1202 */
1203 x509_t *x509_create_from_file(const char *filename, const char *label)
1204 {
1205 bool pgp = FALSE;
1206 chunk_t chunk = CHUNK_INITIALIZER;
1207 x509_t *cert = NULL;
1208
1209 if (!pem_asn1_load_file(filename, "", label, &chunk, &pgp))
1210 return NULL;
1211
1212 cert = x509_create_from_chunk(chunk);
1213
1214 if (cert == NULL)
1215 free(chunk.ptr);
1216 return cert;
1217 }