generalized get_ca_certificate() to get_auth_certificate(auth_flags)
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <gmp.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <string.h>
27 #include <stdio.h>
28
29 #include "x509.h"
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/pem.h>
36 #include <utils/linked_list.h>
37 #include <utils/identification.h>
38
39 #define CERT_WARNING_INTERVAL 30 /* days */
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum generalNames_t generalNames_t;
45
46 enum generalNames_t {
47 GN_OTHER_NAME = 0,
48 GN_RFC822_NAME = 1,
49 GN_DNS_NAME = 2,
50 GN_X400_ADDRESS = 3,
51 GN_DIRECTORY_NAME = 4,
52 GN_EDI_PARTY_NAME = 5,
53 GN_URI = 6,
54 GN_IP_ADDRESS = 7,
55 GN_REGISTERED_ID = 8,
56 };
57
58 typedef struct private_x509_t private_x509_t;
59
60 /**
61 * Private data of a x509_t object.
62 */
63 struct private_x509_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_t public;
68
69 /**
70 * Time when certificate was installed
71 */
72 time_t installed;
73
74 /**
75 * Time until certificate can be trusted
76 */
77 time_t until;
78
79 /**
80 * Certificate status
81 */
82 cert_status_t status;
83
84 /**
85 * Authority flags
86 */
87 u_int authority_flags;
88
89 /**
90 * X.509 Certificate in DER format
91 */
92 chunk_t certificate;
93
94 /**
95 * X.509 certificate body over which signature is computed
96 */
97 chunk_t tbsCertificate;
98
99 /**
100 * Version of the X.509 certificate
101 */
102 u_int version;
103
104 /**
105 * Serial number of the X.509 certificate
106 */
107 chunk_t serialNumber;
108
109 /**
110 * Signature algorithm
111 */
112 int sigAlg;
113
114 /**
115 * ID representing the certificate issuer
116 */
117 identification_t *issuer;
118
119 /**
120 * Start time of certificate validity
121 */
122 time_t notBefore;
123
124 /**
125 * End time of certificate validity
126 */
127 time_t notAfter;
128
129 /**
130 * ID representing the certificate subject
131 */
132 identification_t *subject;
133
134 /**
135 * List of identification_t's representing subjectAltNames
136 */
137 linked_list_t *subjectAltNames;
138
139 /**
140 * List of identification_t's representing crlDistributionPoints
141 */
142 linked_list_t *crlDistributionPoints;
143
144 /**
145 * List of identification_t's representing ocspAccessLocations
146 */
147 linked_list_t *ocspAccessLocations;
148
149 /**
150 * Subject public key
151 */
152 chunk_t subjectPublicKey;
153
154 /**
155 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
156 */
157 rsa_public_key_t *public_key;
158
159 /**
160 * Subject Key Identifier
161 */
162 chunk_t subjectKeyID;
163
164 /**
165 * Authority Key Identifier
166 */
167 chunk_t authKeyID;
168
169 /**
170 * Authority Key Serial Number
171 */
172 chunk_t authKeySerialNumber;
173
174 /**
175 * CA basic constraints flag
176 */
177 bool isCA;
178
179 /**
180 * OCSPSigner extended key usage flag
181 */
182 bool isOcspSigner;
183
184 /**
185 * Signature algorithm (must be identical to sigAlg)
186 */
187 int algorithm;
188
189 /**
190 * Signature
191 */
192 chunk_t signature;
193
194 };
195
196 /**
197 * ASN.1 definition of generalName
198 */
199 static const asn1Object_t generalNameObjects[] = {
200 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
201 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
202 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
203 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
204 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
205 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
206 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
207 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
208 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
209 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
210 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
211 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
212 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
213 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
214 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
215 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
216 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
217 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
218 };
219 #define GN_OBJ_OTHER_NAME 0
220 #define GN_OBJ_RFC822_NAME 2
221 #define GN_OBJ_DNS_NAME 4
222 #define GN_OBJ_X400_ADDRESS 6
223 #define GN_OBJ_DIRECTORY_NAME 8
224 #define GN_OBJ_EDI_PARTY_NAME 10
225 #define GN_OBJ_URI 12
226 #define GN_OBJ_IP_ADDRESS 14
227 #define GN_OBJ_REGISTERED_ID 16
228 #define GN_OBJ_ROOF 18
229
230 /**
231 * ASN.1 definition of otherName
232 */
233 static const asn1Object_t otherNameObjects[] = {
234 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
235 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
236 };
237 #define ON_OBJ_ID_TYPE 0
238 #define ON_OBJ_VALUE 1
239 #define ON_OBJ_ROOF 2
240 /**
241 * ASN.1 definition of a basicConstraints extension
242 */
243 static const asn1Object_t basicConstraintsObjects[] = {
244 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
245 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
246 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
247 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
248 };
249 #define BASIC_CONSTRAINTS_CA 1
250 #define BASIC_CONSTRAINTS_ROOF 4
251
252 /**
253 * ASN.1 definition of time
254 */
255 static const asn1Object_t timeObjects[] = {
256 { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
257 { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
258 { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
259 { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
260 };
261 #define TIME_UTC 0
262 #define TIME_GENERALIZED 2
263 #define TIME_ROOF 4
264
265 /**
266 * ASN.1 definition of a keyIdentifier
267 */
268 static const asn1Object_t keyIdentifierObjects[] = {
269 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
270 };
271
272 /**
273 * ASN.1 definition of a authorityKeyIdentifier extension
274 */
275 static const asn1Object_t authorityKeyIdentifierObjects[] = {
276 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
277 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
278 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
279 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
280 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
281 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
282 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
283 };
284 #define AUTH_KEY_ID_KEY_ID 1
285 #define AUTH_KEY_ID_CERT_ISSUER 3
286 #define AUTH_KEY_ID_CERT_SERIAL 5
287 #define AUTH_KEY_ID_ROOF 7
288
289 /**
290 * ASN.1 definition of a authorityInfoAccess extension
291 */
292 static const asn1Object_t authorityInfoAccessObjects[] = {
293 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
294 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
295 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
296 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
297 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
298 };
299 #define AUTH_INFO_ACCESS_METHOD 2
300 #define AUTH_INFO_ACCESS_LOCATION 3
301 #define AUTH_INFO_ACCESS_ROOF 5
302
303 /**
304 * ASN.1 definition of a extendedKeyUsage extension
305 */
306 static const asn1Object_t extendedKeyUsageObjects[] = {
307 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
308 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
309 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
310 };
311
312 #define EXT_KEY_USAGE_PURPOSE_ID 1
313 #define EXT_KEY_USAGE_ROOF 3
314
315 /**
316 * ASN.1 definition of generalNames
317 */
318 static const asn1Object_t generalNamesObjects[] = {
319 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
320 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
321 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
322 };
323 #define GENERAL_NAMES_GN 1
324 #define GENERAL_NAMES_ROOF 3
325
326
327 /**
328 * ASN.1 definition of crlDistributionPoints
329 */
330 static const asn1Object_t crlDistributionPointsObjects[] = {
331 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
332 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
333 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
334 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
335 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
336 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
337 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
338 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
339 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
340 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
341 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
342 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
343 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
344 };
345 #define CRL_DIST_POINTS_FULLNAME 3
346 #define CRL_DIST_POINTS_ROOF 13
347
348 /**
349 * ASN.1 definition of an X.509v3 x509
350 */
351 static const asn1Object_t certObjects[] = {
352 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
353 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
354 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
355 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
356 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
357 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
358 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
359 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
360 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
361 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
362 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
363 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
364 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
365 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
366 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
367 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
368 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
369 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
370 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
371 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
372 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
373 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
374 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
375 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
376 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
377 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
378 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
379 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
380 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
381 };
382 #define X509_OBJ_CERTIFICATE 0
383 #define X509_OBJ_TBS_CERTIFICATE 1
384 #define X509_OBJ_VERSION 3
385 #define X509_OBJ_SERIAL_NUMBER 4
386 #define X509_OBJ_SIG_ALG 5
387 #define X509_OBJ_ISSUER 6
388 #define X509_OBJ_NOT_BEFORE 8
389 #define X509_OBJ_NOT_AFTER 9
390 #define X509_OBJ_SUBJECT 10
391 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
392 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
393 #define X509_OBJ_RSA_PUBLIC_KEY 14
394 #define X509_OBJ_EXTN_ID 22
395 #define X509_OBJ_CRITICAL 23
396 #define X509_OBJ_EXTN_VALUE 24
397 #define X509_OBJ_ALGORITHM 27
398 #define X509_OBJ_SIGNATURE 28
399 #define X509_OBJ_ROOF 29
400
401
402 static u_char ASN1_subjectAltName_oid_str[] = {
403 0x06, 0x03, 0x55, 0x1D, 0x11
404 };
405
406 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
407
408
409 /**
410 * compare two X.509 x509s by comparing their signatures
411 */
412 static bool equals(const private_x509_t *this, const private_x509_t *other)
413 {
414 return chunk_equals(this->signature, other->signature);
415 }
416
417 /**
418 * extracts the basicConstraints extension
419 */
420 static bool parse_basicConstraints(chunk_t blob, int level0)
421 {
422 asn1_ctx_t ctx;
423 chunk_t object;
424 u_int level;
425 int objectID = 0;
426 bool isCA = FALSE;
427
428 asn1_init(&ctx, blob, level0, FALSE, FALSE);
429
430 while (objectID < BASIC_CONSTRAINTS_ROOF) {
431
432 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
433 {
434 break;
435 }
436 if (objectID == BASIC_CONSTRAINTS_CA)
437 {
438 isCA = object.len && *object.ptr;
439 DBG2(" %s", isCA ? "TRUE" : "FALSE");
440 }
441 objectID++;
442 }
443 return isCA;
444 }
445
446 /*
447 * extracts an otherName
448 */
449 static bool
450 parse_otherName(chunk_t blob, int level0)
451 {
452 asn1_ctx_t ctx;
453 chunk_t object;
454 int objectID = 0;
455 u_int level;
456 int oid = OID_UNKNOWN;
457
458 asn1_init(&ctx, blob, level0, FALSE, FALSE);
459
460 while (objectID < ON_OBJ_ROOF)
461 {
462 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
463 return FALSE;
464
465 switch (objectID)
466 {
467 case ON_OBJ_ID_TYPE:
468 oid = known_oid(object);
469 break;
470 case ON_OBJ_VALUE:
471 if (oid == OID_XMPP_ADDR)
472 {
473 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
474 return FALSE;
475 }
476 break;
477 default:
478 break;
479 }
480 objectID++;
481 }
482 return TRUE;
483 }
484
485 /*
486 * extracts a generalName
487 */
488 static identification_t *parse_generalName(chunk_t blob, int level0)
489 {
490 asn1_ctx_t ctx;
491 chunk_t object;
492 int objectID = 0;
493 u_int level;
494
495 asn1_init(&ctx, blob, level0, FALSE, FALSE);
496
497 while (objectID < GN_OBJ_ROOF)
498 {
499 id_type_t id_type = ID_ANY;
500
501 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
502 return NULL;
503
504 switch (objectID)
505 {
506 case GN_OBJ_RFC822_NAME:
507 id_type = ID_RFC822_ADDR;
508 break;
509 case GN_OBJ_DNS_NAME:
510 id_type = ID_FQDN;
511 break;
512 case GN_OBJ_URI:
513 id_type = ID_DER_ASN1_GN_URI;
514 break;
515 case GN_OBJ_DIRECTORY_NAME:
516 id_type = ID_DER_ASN1_DN;
517 break;
518 case GN_OBJ_IP_ADDRESS:
519 id_type = ID_IPV4_ADDR;
520 break;
521 case GN_OBJ_OTHER_NAME:
522 if (!parse_otherName(object, level + 1))
523 return NULL;
524 break;
525 case GN_OBJ_X400_ADDRESS:
526 case GN_OBJ_EDI_PARTY_NAME:
527 case GN_OBJ_REGISTERED_ID:
528 break;
529 default:
530 break;
531 }
532
533 if (id_type != ID_ANY)
534 {
535 identification_t *gn = identification_create_from_encoding(id_type, object);
536 DBG2(" '%D'", gn);
537 return gn;
538 }
539 objectID++;
540 }
541 return NULL;
542 }
543
544
545 /**
546 * extracts one or several GNs and puts them into a chained list
547 */
548 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
549 {
550 asn1_ctx_t ctx;
551 chunk_t object;
552 u_int level;
553 int objectID = 0;
554
555 asn1_init(&ctx, blob, level0, implicit, FALSE);
556
557 while (objectID < GENERAL_NAMES_ROOF)
558 {
559 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
560 return;
561
562 if (objectID == GENERAL_NAMES_GN)
563 {
564 identification_t *gn = parse_generalName(object, level+1);
565
566 if (gn != NULL)
567 list->insert_last(list, (void *)gn);
568 }
569 objectID++;
570 }
571 return;
572 }
573
574 /**
575 * extracts and converts a UTCTIME or GENERALIZEDTIME object
576 */
577 time_t parse_time(chunk_t blob, int level0)
578 {
579 asn1_ctx_t ctx;
580 chunk_t object;
581 u_int level;
582 int objectID = 0;
583
584 asn1_init(&ctx, blob, level0, FALSE, FALSE);
585
586 while (objectID < TIME_ROOF)
587 {
588 if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
589 return 0;
590
591 if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
592 {
593 return asn1totime(&object, (objectID == TIME_UTC)
594 ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
595 }
596 objectID++;
597 }
598 return 0;
599 }
600
601 /**
602 * extracts a keyIdentifier
603 */
604 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
605 {
606 asn1_ctx_t ctx;
607 chunk_t object;
608 u_int level;
609 int objectID = 0;
610
611 asn1_init(&ctx, blob, level0, implicit, FALSE);
612
613 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
614 return object;
615 }
616
617 /**
618 * extracts an authoritykeyIdentifier
619 */
620 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
621 {
622 asn1_ctx_t ctx;
623 chunk_t object;
624 u_int level;
625 int objectID = 0;
626
627 asn1_init(&ctx, blob, level0, FALSE, FALSE);
628 while (objectID < AUTH_KEY_ID_ROOF)
629 {
630 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
631 {
632 return;
633 }
634 switch (objectID)
635 {
636 case AUTH_KEY_ID_KEY_ID:
637 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
638 break;
639 case AUTH_KEY_ID_CERT_ISSUER:
640 {
641 /* TODO: parse_generalNames(object, level+1, TRUE); */
642 break;
643 }
644 case AUTH_KEY_ID_CERT_SERIAL:
645 *authKeySerialNumber = object;
646 break;
647 default:
648 break;
649 }
650 objectID++;
651 }
652 }
653
654 /**
655 * extracts an authorityInfoAcess location
656 */
657 static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *list)
658 {
659 asn1_ctx_t ctx;
660 chunk_t object;
661 u_int level;
662 int objectID = 0;
663
664 u_int accessMethod = OID_UNKNOWN;
665
666 asn1_init(&ctx, blob, level0, FALSE, FALSE);
667 while (objectID < AUTH_INFO_ACCESS_ROOF)
668 {
669 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
670 {
671 return;
672 }
673 switch (objectID)
674 {
675 case AUTH_INFO_ACCESS_METHOD:
676 accessMethod = known_oid(object);
677 break;
678 case AUTH_INFO_ACCESS_LOCATION:
679 {
680 switch (accessMethod)
681 {
682 case OID_OCSP:
683 if (*object.ptr == ASN1_CONTEXT_S_6)
684 {
685 identification_t *accessLocation;
686
687 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
688 return;
689 DBG2(" '%.*s'",(int)object.len, object.ptr);
690 accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object);
691 list->insert_last(list, (void *)accessLocation);
692 }
693 break;
694 default:
695 /* unkown accessMethod, ignoring */
696 break;
697 }
698 break;
699 }
700 default:
701 break;
702 }
703 objectID++;
704 }
705 }
706
707 /**
708 * extracts extendedKeyUsage OIDs
709 */
710 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
711 {
712 asn1_ctx_t ctx;
713 chunk_t object;
714 u_int level;
715 int objectID = 0;
716
717 asn1_init(&ctx, blob, level0, FALSE, FALSE);
718 while (objectID < EXT_KEY_USAGE_ROOF)
719 {
720 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
721 {
722 return FALSE;
723 }
724 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
725 known_oid(object) == OID_OCSP_SIGNING)
726 {
727 return TRUE;
728 }
729 objectID++;
730 }
731 return FALSE;
732 }
733
734 /**
735 * extracts one or several crlDistributionPoints and puts them into
736 * a chained list
737 */
738 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
739 {
740 asn1_ctx_t ctx;
741 chunk_t object;
742 u_int level;
743 int objectID = 0;
744
745 asn1_init(&ctx, blob, level0, FALSE, FALSE);
746 while (objectID < CRL_DIST_POINTS_ROOF)
747 {
748 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
749 {
750 return;
751 }
752 if (objectID == CRL_DIST_POINTS_FULLNAME)
753 {
754 /* append extracted generalNames to existing chained list */
755 parse_generalNames(object, level+1, TRUE, list);
756
757 }
758 objectID++;
759 }
760 }
761
762
763 /**
764 * Parses an X.509v3 certificate
765 */
766 bool parse_x509cert(chunk_t blob, u_int level0, private_x509_t *cert)
767 {
768 asn1_ctx_t ctx;
769 bool critical;
770 chunk_t object;
771 u_int level;
772 u_int extn_oid = OID_UNKNOWN;
773 int objectID = 0;
774
775 asn1_init(&ctx, blob, level0, FALSE, FALSE);
776 while (objectID < X509_OBJ_ROOF)
777 {
778 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
779 {
780 return FALSE;
781 }
782 /* those objects which will parsed further need the next higher level */
783 level++;
784 switch (objectID) {
785 case X509_OBJ_CERTIFICATE:
786 cert->certificate = object;
787 break;
788 case X509_OBJ_TBS_CERTIFICATE:
789 cert->tbsCertificate = object;
790 break;
791 case X509_OBJ_VERSION:
792 cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
793 DBG2(" v%d", cert->version);
794 break;
795 case X509_OBJ_SERIAL_NUMBER:
796 cert->serialNumber = object;
797 break;
798 case X509_OBJ_SIG_ALG:
799 cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
800 break;
801 case X509_OBJ_ISSUER:
802 cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
803 DBG2(" '%D'", cert->issuer);
804 break;
805 case X509_OBJ_NOT_BEFORE:
806 cert->notBefore = parse_time(object, level);
807 break;
808 case X509_OBJ_NOT_AFTER:
809 cert->notAfter = parse_time(object, level);
810 break;
811 case X509_OBJ_SUBJECT:
812 cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
813 DBG2(" '%D'", cert->subject);
814 break;
815 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
816 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
817 {
818 DBG2(" unsupported public key algorithm");
819 return FALSE;
820 }
821 break;
822 case X509_OBJ_SUBJECT_PUBLIC_KEY:
823 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
824 {
825 /* skip initial bit string octet defining 0 unused bits */
826 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
827 }
828 else
829 {
830 DBG2(" invalid RSA public key format");
831 return FALSE;
832 }
833 break;
834 case X509_OBJ_RSA_PUBLIC_KEY:
835 cert->subjectPublicKey = object;
836 break;
837 case X509_OBJ_EXTN_ID:
838 extn_oid = known_oid(object);
839 break;
840 case X509_OBJ_CRITICAL:
841 critical = object.len && *object.ptr;
842 DBG2(" %s", critical ? "TRUE" : "FALSE");
843 break;
844 case X509_OBJ_EXTN_VALUE:
845 {
846 switch (extn_oid) {
847 case OID_SUBJECT_KEY_ID:
848 cert->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
849 break;
850 case OID_SUBJECT_ALT_NAME:
851 parse_generalNames(object, level, FALSE, cert->subjectAltNames);
852 break;
853 case OID_BASIC_CONSTRAINTS:
854 cert->isCA = parse_basicConstraints(object, level);
855 break;
856 case OID_CRL_DISTRIBUTION_POINTS:
857 parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
858 break;
859 case OID_AUTHORITY_KEY_ID:
860 parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
861 break;
862 case OID_AUTHORITY_INFO_ACCESS:
863 parse_authorityInfoAccess(object, level, cert->ocspAccessLocations);
864 break;
865 case OID_EXTENDED_KEY_USAGE:
866 cert->isOcspSigner = parse_extendedKeyUsage(object, level);
867 break;
868 case OID_NS_REVOCATION_URL:
869 case OID_NS_CA_REVOCATION_URL:
870 case OID_NS_CA_POLICY_URL:
871 case OID_NS_COMMENT:
872 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
873 return FALSE;
874 break;
875 default:
876 break;
877 }
878 break;
879 }
880 case X509_OBJ_ALGORITHM:
881 cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
882 break;
883 case X509_OBJ_SIGNATURE:
884 cert->signature = object;
885 break;
886 default:
887 break;
888 }
889 objectID++;
890 }
891 time(&cert->installed);
892 return TRUE;
893 }
894
895 /**
896 * Implements x509_t.is_valid
897 */
898 static err_t is_valid(const private_x509_t *this, time_t *until)
899 {
900 time_t current_time = time(NULL);
901
902 DBG2(" not before : %T", &this->notBefore);
903 DBG2(" current time: %T", &current_time);
904 DBG2(" not after : %T", &this->notAfter);
905
906 if (until != NULL &&
907 (*until == UNDEFINED_TIME || this->notAfter < *until))
908 {
909 *until = this->notAfter;
910 }
911 if (current_time < this->notBefore)
912 {
913 return "is not valid yet";
914 }
915 if (current_time > this->notAfter)
916 {
917 return "has expired";
918 }
919 DBG2(" certificate is valid");
920 return NULL;
921 }
922
923 /**
924 * Implements x509_t.is_ca
925 */
926 static bool is_ca(const private_x509_t *this)
927 {
928 return this->isCA;
929 }
930
931 /**
932 * Implements x509_t.is_ocsp_signer
933 */
934 static bool is_ocsp_signer(const private_x509_t *this)
935 {
936 return this->isOcspSigner;
937 }
938
939 /**
940 * Implements x509_t.is_self_signed
941 */
942 static bool is_self_signed(const private_x509_t *this)
943 {
944 return this->subject->equals(this->subject, this->issuer);
945 }
946
947 /**
948 * Implements x509_t.equals_subjectAltName
949 */
950 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
951 {
952 bool found = FALSE;
953 identification_t *subjectAltName;
954 iterator_t *iterator;
955
956 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
957 while (iterator->iterate(iterator, (void**)&subjectAltName))
958 {
959 if (id->equals(id, subjectAltName))
960 {
961 found = TRUE;
962 break;
963 }
964 }
965 iterator->destroy(iterator);
966 return found;
967 }
968
969 /**
970 * Implements x509_t.is_issuer
971 */
972 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
973 {
974 return (this->authKeyID.ptr)
975 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
976 : (this->issuer->equals(this->issuer, issuer->subject)
977 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
978 }
979
980 /**
981 * Implements x509_t.get_certificate
982 */
983 static chunk_t get_certificate(const private_x509_t *this)
984 {
985 return this->certificate;
986 }
987
988 /**
989 * Implements x509_t.get_public_key
990 */
991 static rsa_public_key_t *get_public_key(const private_x509_t *this)
992 {
993 return this->public_key;
994 }
995
996 /**
997 * Implements x509_t.get_serialNumber
998 */
999 static chunk_t get_serialNumber(const private_x509_t *this)
1000 {
1001 return this->serialNumber;
1002 }
1003
1004 /**
1005 * Implements x509_t.get_subjectKeyID
1006 */
1007 static chunk_t get_subjectKeyID(const private_x509_t *this)
1008 {
1009 return this->subjectKeyID;
1010 }
1011
1012 /**
1013 * Implements x509_t.get_keyid
1014 */
1015 static chunk_t get_keyid(const private_x509_t *this)
1016 {
1017 return this->public_key->get_keyid(this->public_key);
1018 }
1019
1020 /**
1021 * Implements x509_t.get_issuer
1022 */
1023 static identification_t *get_issuer(const private_x509_t *this)
1024 {
1025 return this->issuer;
1026 }
1027
1028 /**
1029 * Implements x509_t.get_subject
1030 */
1031 static identification_t *get_subject(const private_x509_t *this)
1032 {
1033 return this->subject;
1034 }
1035
1036 /**
1037 * Implements x509_t.set_until
1038 */
1039 static void set_until(private_x509_t *this, time_t until)
1040 {
1041 this->until = until;
1042 }
1043
1044 /**
1045 * Implements x509_t.get_until
1046 */
1047 static time_t get_until(const private_x509_t *this)
1048 {
1049 return this->until;
1050 }
1051
1052 /**
1053 * Implements x509_t.set_status
1054 */
1055 static void set_status(private_x509_t *this, cert_status_t status)
1056 {
1057 this->status = status;
1058 }
1059
1060 /**
1061 * Implements x509_t.get_status
1062 */
1063 static cert_status_t get_status(const private_x509_t *this)
1064 {
1065 return this->status;
1066 }
1067
1068 /**
1069 * Implements x509_t.add_authority_flags
1070 */
1071 static void add_authority_flags(private_x509_t *this, u_int flags)
1072 {
1073 this->authority_flags |= flags;
1074 }
1075
1076 /**
1077 * Implements x509_t.add_authority_flags
1078 */
1079 static u_int get_authority_flags(private_x509_t *this)
1080 {
1081 return this->authority_flags;
1082 }
1083
1084 /**
1085 * Implements x509_t.has_authority_flag
1086 */
1087 static bool has_authority_flag(private_x509_t *this, u_int flags)
1088 {
1089 return (this->authority_flags & flags) != AUTH_NONE;
1090 }
1091
1092 /**
1093 * Implements x509_t.create_crluri_iterator
1094 */
1095 static iterator_t *create_crluri_iterator(const private_x509_t *this)
1096 {
1097 return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
1098 }
1099
1100 /**
1101 * Implements x509_t.create_crluri_iterator
1102 */
1103 static iterator_t *create_ocspuri_iterator(const private_x509_t *this)
1104 {
1105 return this->ocspAccessLocations->create_iterator(this->ocspAccessLocations, TRUE);
1106 }
1107
1108 /**
1109 * Implements x509_t.verify
1110 */
1111 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1112 {
1113 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
1114 }
1115
1116 /**
1117 * output handler in printf()
1118 */
1119 static int print(FILE *stream, const struct printf_info *info,
1120 const void *const *args)
1121 {
1122 private_x509_t *this = *((private_x509_t**)(args[0]));
1123 iterator_t *iterator;
1124 bool utc = TRUE;
1125 int written = 0;
1126
1127 if (info->alt)
1128 {
1129 utc = *((bool*)(args[1]));
1130 }
1131
1132 if (this == NULL)
1133 {
1134 return fprintf(stream, "(null)");
1135 }
1136
1137 /* determine the current time */
1138 time_t now = time(NULL);
1139
1140 written += fprintf(stream, "%#T\n", &this->installed, utc);
1141
1142 if (this->subjectAltNames->get_count(this->subjectAltNames))
1143 {
1144 identification_t *subjectAltName;
1145 bool first = TRUE;
1146
1147 written += fprintf(stream, " altNames: ");
1148 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
1149 while (iterator->iterate(iterator, (void**)&subjectAltName))
1150 {
1151 if (first)
1152 {
1153 first = FALSE;
1154 }
1155 else
1156 {
1157 written += fprintf(stream, ", ");
1158 }
1159 written += fprintf(stream, "'%D'", subjectAltName);
1160 }
1161 iterator->destroy(iterator);
1162 written += fprintf(stream, "\n");
1163 }
1164 written += fprintf(stream, " subject: '%D'\n", this->subject);
1165 written += fprintf(stream, " issuer: '%D'\n", this->issuer);
1166 written += fprintf(stream, " serial: %#B\n", &this->serialNumber);
1167 written += fprintf(stream, " validity: not before %#T, ", &this->notBefore, utc);
1168 if (now < this->notBefore)
1169 {
1170 written += fprintf(stream, "not valid yet (valid in %V)\n", &now, &this->notBefore);
1171 }
1172 else
1173 {
1174 written += fprintf(stream, "ok\n");
1175 }
1176
1177 written += fprintf(stream, " not after %#T, ", &this->notAfter, utc);
1178 if (now > this->notAfter)
1179 {
1180 written += fprintf(stream, "expired (since %V)\n", &now, &this->notAfter);
1181 }
1182 else
1183 {
1184 written += fprintf(stream, "ok");
1185 if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
1186 {
1187 written += fprintf(stream, " (expires in %V)", &now, &this->notAfter);
1188 }
1189 written += fprintf(stream, " \n");
1190 }
1191
1192 {
1193 chunk_t keyid = this->public_key->get_keyid(this->public_key);
1194 written += fprintf(stream, " keyid: %#B\n", &keyid);
1195 }
1196
1197 if (this->subjectKeyID.ptr)
1198 {
1199 written += fprintf(stream, " subjkey: %#B\n", &this->subjectKeyID);
1200 }
1201 if (this->authKeyID.ptr)
1202 {
1203 written += fprintf(stream, " authkey: %#B\n", &this->authKeyID);
1204 }
1205 if (this->authKeySerialNumber.ptr)
1206 {
1207 written += fprintf(stream, " aserial: %#B\n", &this->authKeySerialNumber);
1208 }
1209
1210 written += fprintf(stream, " pubkey: RSA %d bits", BITS_PER_BYTE *
1211 this->public_key->get_keysize(this->public_key));
1212 written += fprintf(stream, ", status %N",
1213 cert_status_names, this->status);
1214
1215 switch (this->status)
1216 {
1217 case CERT_GOOD:
1218 written += fprintf(stream, " until %#T", &this->until, utc);
1219 break;
1220 case CERT_REVOKED:
1221 written += fprintf(stream, " on %#T", &this->until, utc);
1222 break;
1223 case CERT_UNKNOWN:
1224 case CERT_UNDEFINED:
1225 case CERT_UNTRUSTED:
1226 default:
1227 break;
1228 }
1229 return written;
1230 }
1231
1232 /**
1233 * register printf() handlers
1234 */
1235 static void __attribute__ ((constructor))print_register()
1236 {
1237 register_printf_function(PRINTF_X509, print, arginfo_ptr_alt_ptr_int);
1238 }
1239
1240 /**
1241 * Implements x509_t.destroy
1242 */
1243 static void destroy(private_x509_t *this)
1244 {
1245 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1246 offsetof(identification_t, destroy));
1247 this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
1248 offsetof(identification_t, destroy));
1249 this->ocspAccessLocations->destroy_offset(this->ocspAccessLocations,
1250 offsetof(identification_t, destroy));
1251 DESTROY_IF(this->issuer);
1252 DESTROY_IF(this->subject);
1253 DESTROY_IF(this->public_key);
1254 free(this->certificate.ptr);
1255 free(this);
1256 }
1257
1258 /*
1259 * Described in header.
1260 */
1261 x509_t *x509_create_from_chunk(chunk_t chunk, u_int level)
1262 {
1263 private_x509_t *this = malloc_thing(private_x509_t);
1264
1265 /* initialize */
1266 this->subjectPublicKey = chunk_empty;
1267 this->public_key = NULL;
1268 this->subject = NULL;
1269 this->issuer = NULL;
1270 this->subjectAltNames = linked_list_create();
1271 this->crlDistributionPoints = linked_list_create();
1272 this->ocspAccessLocations = linked_list_create();
1273 this->subjectKeyID = chunk_empty;
1274 this->authKeyID = chunk_empty;
1275 this->authKeySerialNumber = chunk_empty;
1276 this->authority_flags = AUTH_NONE;
1277
1278 /* public functions */
1279 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1280 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1281 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1282 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1283 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1284 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1285 this->public.is_ocsp_signer = (bool (*) (const x509_t*))is_ocsp_signer;
1286 this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
1287 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1288 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1289 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1290 this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
1291 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1292 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1293 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1294 this->public.get_until = (time_t (*) (const x509_t*))get_until;
1295 this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
1296 this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
1297 this->public.add_authority_flags = (void (*) (x509_t*,u_int))add_authority_flags;
1298 this->public.get_authority_flags = (u_int (*) (x509_t*))get_authority_flags;
1299 this->public.has_authority_flag = (bool (*) (x509_t*,u_int))has_authority_flag;
1300 this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
1301 this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator;
1302 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1303 this->public.destroy = (void (*) (x509_t*))destroy;
1304
1305 if (!parse_x509cert(chunk, level, this))
1306 {
1307 destroy(this);
1308 return NULL;
1309 }
1310
1311 /* extract public key from certificate */
1312 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1313 if (this->public_key == NULL)
1314 {
1315 destroy(this);
1316 return NULL;
1317 }
1318 /* set trusted lifetime of public key to notAfter */
1319 this->status = is_self_signed(this)? CERT_GOOD:CERT_UNDEFINED;
1320 this->until = this->notAfter;
1321 return &this->public;
1322 }
1323
1324 /*
1325 * Described in header.
1326 */
1327 x509_t *x509_create_from_file(const char *filename, const char *label)
1328 {
1329 bool pgp = FALSE;
1330 chunk_t chunk = chunk_empty;
1331 x509_t *cert = NULL;
1332 char cert_label[BUF_LEN];
1333
1334 snprintf(cert_label, BUF_LEN, "%s certificate", label);
1335
1336 if (!pem_asn1_load_file(filename, NULL, cert_label, &chunk, &pgp))
1337 return NULL;
1338
1339 cert = x509_create_from_chunk(chunk, 0);
1340
1341 if (cert == NULL)
1342 free(chunk.ptr);
1343 return cert;
1344 }