f2e87d2853fc519f4ccd9b23803dccbf176ddad9
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <gmp.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <string.h>
27 #include <stdio.h>
28
29 #include "x509.h"
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/pem.h>
36 #include <utils/linked_list.h>
37 #include <utils/identification.h>
38
39 #define CERT_WARNING_INTERVAL 30 /* days */
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum generalNames_t generalNames_t;
45
46 enum generalNames_t {
47 GN_OTHER_NAME = 0,
48 GN_RFC822_NAME = 1,
49 GN_DNS_NAME = 2,
50 GN_X400_ADDRESS = 3,
51 GN_DIRECTORY_NAME = 4,
52 GN_EDI_PARTY_NAME = 5,
53 GN_URI = 6,
54 GN_IP_ADDRESS = 7,
55 GN_REGISTERED_ID = 8,
56 };
57
58 typedef struct private_x509_t private_x509_t;
59
60 /**
61 * Private data of a x509_t object.
62 */
63 struct private_x509_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_t public;
68
69 /**
70 * Time when certificate was installed
71 */
72 time_t installed;
73
74 /**
75 * Time until certificate can be trusted
76 */
77 time_t until;
78
79 /**
80 * Certificate status
81 */
82 cert_status_t status;
83
84 /**
85 * X.509 Certificate in DER format
86 */
87 chunk_t certificate;
88
89 /**
90 * X.509 certificate body over which signature is computed
91 */
92 chunk_t tbsCertificate;
93
94 /**
95 * Version of the X.509 certificate
96 */
97 u_int version;
98
99 /**
100 * Serial number of the X.509 certificate
101 */
102 chunk_t serialNumber;
103
104 /**
105 * Signature algorithm
106 */
107 int sigAlg;
108
109 /**
110 * ID representing the certificate issuer
111 */
112 identification_t *issuer;
113
114 /**
115 * Start time of certificate validity
116 */
117 time_t notBefore;
118
119 /**
120 * End time of certificate validity
121 */
122 time_t notAfter;
123
124 /**
125 * ID representing the certificate subject
126 */
127 identification_t *subject;
128
129 /**
130 * List of identification_t's representing subjectAltNames
131 */
132 linked_list_t *subjectAltNames;
133
134 /**
135 * List of identification_t's representing crlDistributionPoints
136 */
137 linked_list_t *crlDistributionPoints;
138
139 /**
140 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
141 */
142 rsa_public_key_t *public_key;
143
144 /**
145 * Subject Key Identifier
146 */
147 chunk_t subjectKeyID;
148
149 /**
150 * Authority Key Identifier
151 */
152 chunk_t authKeyID;
153
154 /**
155 * Authority Key Serial Number
156 */
157 chunk_t authKeySerialNumber;
158
159 /**
160 * CA basic constraints flag
161 */
162 bool isCA;
163
164 /**
165 * Signature algorithm (must be identical to sigAlg)
166 */
167 int algorithm;
168
169 /**
170 * Signature
171 */
172 chunk_t signature;
173
174 u_char authority_flags;
175 chunk_t subjectPublicKey;
176 bool isOcspSigner; /* ocsp */
177 chunk_t accessLocation; /* ocsp */
178 };
179
180 /**
181 * ASN.1 definition of generalName
182 */
183 static const asn1Object_t generalNameObjects[] = {
184 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
185 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
186 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
187 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
188 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
189 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
190 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
191 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
192 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
193 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
194 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
195 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
196 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
197 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
198 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
199 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
200 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
201 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
202 };
203 #define GN_OBJ_OTHER_NAME 0
204 #define GN_OBJ_RFC822_NAME 2
205 #define GN_OBJ_DNS_NAME 4
206 #define GN_OBJ_X400_ADDRESS 6
207 #define GN_OBJ_DIRECTORY_NAME 8
208 #define GN_OBJ_EDI_PARTY_NAME 10
209 #define GN_OBJ_URI 12
210 #define GN_OBJ_IP_ADDRESS 14
211 #define GN_OBJ_REGISTERED_ID 16
212 #define GN_OBJ_ROOF 18
213
214 /**
215 * ASN.1 definition of otherName
216 */
217 static const asn1Object_t otherNameObjects[] = {
218 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
219 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
220 };
221 #define ON_OBJ_ID_TYPE 0
222 #define ON_OBJ_VALUE 1
223 #define ON_OBJ_ROOF 2
224 /**
225 * ASN.1 definition of a basicConstraints extension
226 */
227 static const asn1Object_t basicConstraintsObjects[] = {
228 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
229 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
230 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
231 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
232 };
233 #define BASIC_CONSTRAINTS_CA 1
234 #define BASIC_CONSTRAINTS_ROOF 4
235
236 /**
237 * ASN.1 definition of time
238 */
239 static const asn1Object_t timeObjects[] = {
240 { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
241 { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
242 { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
243 { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
244 };
245 #define TIME_UTC 0
246 #define TIME_GENERALIZED 2
247 #define TIME_ROOF 4
248
249 /**
250 * ASN.1 definition of a keyIdentifier
251 */
252 static const asn1Object_t keyIdentifierObjects[] = {
253 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
254 };
255
256 /**
257 * ASN.1 definition of a authorityKeyIdentifier extension
258 */
259 static const asn1Object_t authorityKeyIdentifierObjects[] = {
260 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
261 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
262 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
263 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
264 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
265 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
266 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
267 };
268 #define AUTH_KEY_ID_KEY_ID 1
269 #define AUTH_KEY_ID_CERT_ISSUER 3
270 #define AUTH_KEY_ID_CERT_SERIAL 5
271 #define AUTH_KEY_ID_ROOF 7
272
273 /**
274 * ASN.1 definition of a authorityInfoAccess extension
275 */
276 static const asn1Object_t authorityInfoAccessObjects[] = {
277 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
278 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
279 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
280 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
281 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
282 };
283 #define AUTH_INFO_ACCESS_METHOD 2
284 #define AUTH_INFO_ACCESS_LOCATION 3
285 #define AUTH_INFO_ACCESS_ROOF 5
286
287 /**
288 * ASN.1 definition of a extendedKeyUsage extension
289 */
290 static const asn1Object_t extendedKeyUsageObjects[] = {
291 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
292 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
293 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
294 };
295
296 #define EXT_KEY_USAGE_PURPOSE_ID 1
297 #define EXT_KEY_USAGE_ROOF 3
298
299 /**
300 * ASN.1 definition of generalNames
301 */
302 static const asn1Object_t generalNamesObjects[] = {
303 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
304 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
305 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
306 };
307 #define GENERAL_NAMES_GN 1
308 #define GENERAL_NAMES_ROOF 3
309
310
311 /**
312 * ASN.1 definition of crlDistributionPoints
313 */
314 static const asn1Object_t crlDistributionPointsObjects[] = {
315 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
316 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
317 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
318 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
319 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
320 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
321 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
322 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
323 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
324 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
325 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
326 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
327 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
328 };
329 #define CRL_DIST_POINTS_FULLNAME 3
330 #define CRL_DIST_POINTS_ROOF 13
331
332 /**
333 * ASN.1 definition of an X.509v3 x509
334 */
335 static const asn1Object_t certObjects[] = {
336 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
337 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
338 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
339 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
340 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
341 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
342 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
343 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
344 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
345 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
346 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
347 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
348 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
349 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
350 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
351 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
352 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
353 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
354 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
355 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
356 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
357 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
358 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
359 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
360 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
361 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
362 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
363 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
364 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
365 };
366 #define X509_OBJ_CERTIFICATE 0
367 #define X509_OBJ_TBS_CERTIFICATE 1
368 #define X509_OBJ_VERSION 3
369 #define X509_OBJ_SERIAL_NUMBER 4
370 #define X509_OBJ_SIG_ALG 5
371 #define X509_OBJ_ISSUER 6
372 #define X509_OBJ_NOT_BEFORE 8
373 #define X509_OBJ_NOT_AFTER 9
374 #define X509_OBJ_SUBJECT 10
375 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
376 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
377 #define X509_OBJ_RSA_PUBLIC_KEY 14
378 #define X509_OBJ_EXTN_ID 22
379 #define X509_OBJ_CRITICAL 23
380 #define X509_OBJ_EXTN_VALUE 24
381 #define X509_OBJ_ALGORITHM 27
382 #define X509_OBJ_SIGNATURE 28
383 #define X509_OBJ_ROOF 29
384
385
386 static u_char ASN1_subjectAltName_oid_str[] = {
387 0x06, 0x03, 0x55, 0x1D, 0x11
388 };
389
390 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
391
392
393 /**
394 * compare two X.509 x509s by comparing their signatures
395 */
396 static bool equals(const private_x509_t *this, const private_x509_t *other)
397 {
398 return chunk_equals(this->signature, other->signature);
399 }
400
401 /**
402 * extracts the basicConstraints extension
403 */
404 static bool parse_basicConstraints(chunk_t blob, int level0)
405 {
406 asn1_ctx_t ctx;
407 chunk_t object;
408 u_int level;
409 int objectID = 0;
410 bool isCA = FALSE;
411
412 asn1_init(&ctx, blob, level0, FALSE, FALSE);
413
414 while (objectID < BASIC_CONSTRAINTS_ROOF) {
415
416 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
417 {
418 break;
419 }
420 if (objectID == BASIC_CONSTRAINTS_CA)
421 {
422 isCA = object.len && *object.ptr;
423 DBG2(" %s", isCA ? "TRUE" : "FALSE");
424 }
425 objectID++;
426 }
427 return isCA;
428 }
429
430 /*
431 * extracts an otherName
432 */
433 static bool
434 parse_otherName(chunk_t blob, int level0)
435 {
436 asn1_ctx_t ctx;
437 chunk_t object;
438 int objectID = 0;
439 u_int level;
440 int oid = OID_UNKNOWN;
441
442 asn1_init(&ctx, blob, level0, FALSE, FALSE);
443
444 while (objectID < ON_OBJ_ROOF)
445 {
446 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
447 return FALSE;
448
449 switch (objectID)
450 {
451 case ON_OBJ_ID_TYPE:
452 oid = known_oid(object);
453 break;
454 case ON_OBJ_VALUE:
455 if (oid == OID_XMPP_ADDR)
456 {
457 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
458 return FALSE;
459 }
460 break;
461 default:
462 break;
463 }
464 objectID++;
465 }
466 return TRUE;
467 }
468
469 /*
470 * extracts a generalName
471 */
472 static identification_t *parse_generalName(chunk_t blob, int level0)
473 {
474 asn1_ctx_t ctx;
475 chunk_t object;
476 int objectID = 0;
477 u_int level;
478
479 asn1_init(&ctx, blob, level0, FALSE, FALSE);
480
481 while (objectID < GN_OBJ_ROOF)
482 {
483 id_type_t id_type = ID_ANY;
484
485 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
486 return NULL;
487
488 switch (objectID)
489 {
490 case GN_OBJ_RFC822_NAME:
491 id_type = ID_RFC822_ADDR;
492 break;
493 case GN_OBJ_DNS_NAME:
494 id_type = ID_FQDN;
495 break;
496 case GN_OBJ_URI:
497 id_type = ID_DER_ASN1_GN_URI;
498 break;
499 case GN_OBJ_DIRECTORY_NAME:
500 id_type = ID_DER_ASN1_DN;
501 break;
502 case GN_OBJ_IP_ADDRESS:
503 id_type = ID_IPV4_ADDR;
504 break;
505 case GN_OBJ_OTHER_NAME:
506 if (!parse_otherName(object, level + 1))
507 return NULL;
508 break;
509 case GN_OBJ_X400_ADDRESS:
510 case GN_OBJ_EDI_PARTY_NAME:
511 case GN_OBJ_REGISTERED_ID:
512 break;
513 default:
514 break;
515 }
516
517 if (id_type != ID_ANY)
518 {
519 identification_t *gn = identification_create_from_encoding(id_type, object);
520 DBG2(" '%D'", gn);
521 return gn;
522 }
523 objectID++;
524 }
525 return NULL;
526 }
527
528
529 /**
530 * extracts one or several GNs and puts them into a chained list
531 */
532 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
533 {
534 asn1_ctx_t ctx;
535 chunk_t object;
536 u_int level;
537 int objectID = 0;
538
539 asn1_init(&ctx, blob, level0, implicit, FALSE);
540
541 while (objectID < GENERAL_NAMES_ROOF)
542 {
543 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
544 return;
545
546 if (objectID == GENERAL_NAMES_GN)
547 {
548 identification_t *gn = parse_generalName(object, level+1);
549
550 if (gn != NULL)
551 list->insert_last(list, (void *)gn);
552 }
553 objectID++;
554 }
555 return;
556 }
557
558 /**
559 * extracts and converts a UTCTIME or GENERALIZEDTIME object
560 */
561 time_t parse_time(chunk_t blob, int level0)
562 {
563 asn1_ctx_t ctx;
564 chunk_t object;
565 u_int level;
566 int objectID = 0;
567
568 asn1_init(&ctx, blob, level0, FALSE, FALSE);
569
570 while (objectID < TIME_ROOF)
571 {
572 if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
573 return 0;
574
575 if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
576 {
577 return asn1totime(&object, (objectID == TIME_UTC)
578 ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
579 }
580 objectID++;
581 }
582 return 0;
583 }
584
585 /**
586 * extracts a keyIdentifier
587 */
588 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
589 {
590 asn1_ctx_t ctx;
591 chunk_t object;
592 u_int level;
593 int objectID = 0;
594
595 asn1_init(&ctx, blob, level0, implicit, FALSE);
596
597 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
598 return object;
599 }
600
601 /**
602 * extracts an authoritykeyIdentifier
603 */
604 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
605 {
606 asn1_ctx_t ctx;
607 chunk_t object;
608 u_int level;
609 int objectID = 0;
610
611 asn1_init(&ctx, blob, level0, FALSE, FALSE);
612 while (objectID < AUTH_KEY_ID_ROOF)
613 {
614 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
615 {
616 return;
617 }
618 switch (objectID)
619 {
620 case AUTH_KEY_ID_KEY_ID:
621 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
622 break;
623 case AUTH_KEY_ID_CERT_ISSUER:
624 {
625 /* TODO: parse_generalNames(object, level+1, TRUE); */
626 break;
627 }
628 case AUTH_KEY_ID_CERT_SERIAL:
629 *authKeySerialNumber = object;
630 break;
631 default:
632 break;
633 }
634 objectID++;
635 }
636 }
637
638 /**
639 * extracts an authorityInfoAcess location
640 */
641 static void parse_authorityInfoAccess(chunk_t blob, int level0, chunk_t *accessLocation)
642 {
643 asn1_ctx_t ctx;
644 chunk_t object;
645 u_int level;
646 int objectID = 0;
647
648 u_int accessMethod = OID_UNKNOWN;
649
650 asn1_init(&ctx, blob, level0, FALSE, FALSE);
651 while (objectID < AUTH_INFO_ACCESS_ROOF)
652 {
653 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
654 {
655 return;
656 }
657 switch (objectID)
658 {
659 case AUTH_INFO_ACCESS_METHOD:
660 accessMethod = known_oid(object);
661 break;
662 case AUTH_INFO_ACCESS_LOCATION:
663 {
664 switch (accessMethod)
665 {
666 case OID_OCSP:
667 if (*object.ptr == ASN1_CONTEXT_S_6)
668 {
669 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
670 return;
671 DBG2(" '%.*s'",(int)object.len, object.ptr);
672 /* only HTTP(S) URIs accepted */
673 if (strncasecmp(object.ptr, "http", 4) == 0)
674 {
675 *accessLocation = object;
676 return;
677 }
678 }
679 DBG2("ignoring OCSP InfoAccessLocation with unkown protocol");
680 break;
681 default:
682 /* unkown accessMethod, ignoring */
683 break;
684 }
685 break;
686 }
687 default:
688 break;
689 }
690 objectID++;
691 }
692 }
693
694 /**
695 * extracts extendedKeyUsage OIDs
696 */
697 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
698 {
699 asn1_ctx_t ctx;
700 chunk_t object;
701 u_int level;
702 int objectID = 0;
703
704 asn1_init(&ctx, blob, level0, FALSE, FALSE);
705 while (objectID < EXT_KEY_USAGE_ROOF)
706 {
707 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
708 {
709 return FALSE;
710 }
711 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
712 known_oid(object) == OID_OCSP_SIGNING)
713 {
714 return TRUE;
715 }
716 objectID++;
717 }
718 return FALSE;
719 }
720
721 /**
722 * extracts one or several crlDistributionPoints and puts them into
723 * a chained list
724 */
725 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
726 {
727 asn1_ctx_t ctx;
728 chunk_t object;
729 u_int level;
730 int objectID = 0;
731
732 asn1_init(&ctx, blob, level0, FALSE, FALSE);
733 while (objectID < CRL_DIST_POINTS_ROOF)
734 {
735 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
736 {
737 return;
738 }
739 if (objectID == CRL_DIST_POINTS_FULLNAME)
740 {
741 /* append extracted generalNames to existing chained list */
742 parse_generalNames(object, level+1, TRUE, list);
743
744 }
745 objectID++;
746 }
747 }
748
749
750 /**
751 * Parses an X.509v3 certificate
752 */
753 bool parse_x509cert(chunk_t blob, u_int level0, private_x509_t *cert)
754 {
755 asn1_ctx_t ctx;
756 bool critical;
757 chunk_t object;
758 u_int level;
759 u_int extn_oid = OID_UNKNOWN;
760 int objectID = 0;
761
762 asn1_init(&ctx, blob, level0, FALSE, FALSE);
763 while (objectID < X509_OBJ_ROOF)
764 {
765 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
766 {
767 return FALSE;
768 }
769 /* those objects which will parsed further need the next higher level */
770 level++;
771 switch (objectID) {
772 case X509_OBJ_CERTIFICATE:
773 cert->certificate = object;
774 break;
775 case X509_OBJ_TBS_CERTIFICATE:
776 cert->tbsCertificate = object;
777 break;
778 case X509_OBJ_VERSION:
779 cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
780 DBG2(" v%d", cert->version);
781 break;
782 case X509_OBJ_SERIAL_NUMBER:
783 cert->serialNumber = object;
784 break;
785 case X509_OBJ_SIG_ALG:
786 cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
787 break;
788 case X509_OBJ_ISSUER:
789 cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
790 DBG2(" '%D'", cert->issuer);
791 break;
792 case X509_OBJ_NOT_BEFORE:
793 cert->notBefore = parse_time(object, level);
794 break;
795 case X509_OBJ_NOT_AFTER:
796 cert->notAfter = parse_time(object, level);
797 break;
798 case X509_OBJ_SUBJECT:
799 cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
800 DBG2(" '%D'", cert->subject);
801 break;
802 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
803 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
804 {
805 DBG2(" unsupported public key algorithm");
806 return FALSE;
807 }
808 break;
809 case X509_OBJ_SUBJECT_PUBLIC_KEY:
810 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
811 {
812 /* skip initial bit string octet defining 0 unused bits */
813 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
814 }
815 else
816 {
817 DBG2(" invalid RSA public key format");
818 return FALSE;
819 }
820 break;
821 case X509_OBJ_RSA_PUBLIC_KEY:
822 cert->subjectPublicKey = object;
823 break;
824 case X509_OBJ_EXTN_ID:
825 extn_oid = known_oid(object);
826 break;
827 case X509_OBJ_CRITICAL:
828 critical = object.len && *object.ptr;
829 DBG2(" %s", critical ? "TRUE" : "FALSE");
830 break;
831 case X509_OBJ_EXTN_VALUE:
832 {
833 switch (extn_oid) {
834 case OID_SUBJECT_KEY_ID:
835 cert->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
836 break;
837 case OID_SUBJECT_ALT_NAME:
838 parse_generalNames(object, level, FALSE, cert->subjectAltNames);
839 break;
840 case OID_BASIC_CONSTRAINTS:
841 cert->isCA = parse_basicConstraints(object, level);
842 break;
843 case OID_CRL_DISTRIBUTION_POINTS:
844 parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
845 break;
846 case OID_AUTHORITY_KEY_ID:
847 parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
848 break;
849 case OID_AUTHORITY_INFO_ACCESS:
850 parse_authorityInfoAccess(object, level, &cert->accessLocation);
851 break;
852 case OID_EXTENDED_KEY_USAGE:
853 cert->isOcspSigner = parse_extendedKeyUsage(object, level);
854 break;
855 case OID_NS_REVOCATION_URL:
856 case OID_NS_CA_REVOCATION_URL:
857 case OID_NS_CA_POLICY_URL:
858 case OID_NS_COMMENT:
859 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
860 return FALSE;
861 break;
862 default:
863 break;
864 }
865 break;
866 }
867 case X509_OBJ_ALGORITHM:
868 cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
869 break;
870 case X509_OBJ_SIGNATURE:
871 cert->signature = object;
872 break;
873 default:
874 break;
875 }
876 objectID++;
877 }
878 time(&cert->installed);
879 return TRUE;
880 }
881
882 /**
883 * Implements x509_t.is_valid
884 */
885 static err_t is_valid(const private_x509_t *this, time_t *until)
886 {
887 time_t current_time = time(NULL);
888
889 DBG2(" not before : %T", &this->notBefore);
890 DBG2(" current time: %T", &current_time);
891 DBG2(" not after : %T", &this->notAfter);
892
893 if (until != NULL &&
894 (*until == UNDEFINED_TIME || this->notAfter < *until))
895 {
896 *until = this->notAfter;
897 }
898 if (current_time < this->notBefore)
899 {
900 return "is not valid yet";
901 }
902 if (current_time > this->notAfter)
903 {
904 return "has expired";
905 }
906 DBG2(" certificate is valid");
907 return NULL;
908 }
909
910 /**
911 * Implements x509_t.is_ca
912 */
913 static bool is_ca(const private_x509_t *this)
914 {
915 return this->isCA;
916 }
917
918 /**
919 * Implements x509_t.is_self_signed
920 */
921 static bool is_self_signed(const private_x509_t *this)
922 {
923 return this->subject->equals(this->subject, this->issuer);
924 }
925
926 /**
927 * Implements x509_t.equals_subjectAltName
928 */
929 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
930 {
931 bool found = FALSE;
932 identification_t *subjectAltName;
933 iterator_t *iterator;
934
935 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
936 while (iterator->iterate(iterator, (void**)&subjectAltName))
937 {
938 if (id->equals(id, subjectAltName))
939 {
940 found = TRUE;
941 break;
942 }
943 }
944 iterator->destroy(iterator);
945 return found;
946 }
947
948 /**
949 * Implements x509_t.is_issuer
950 */
951 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
952 {
953 return (this->authKeyID.ptr)
954 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
955 : (this->issuer->equals(this->issuer, issuer->subject)
956 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
957 }
958
959 /**
960 * Implements x509_t.get_certificate
961 */
962 static chunk_t get_certificate(const private_x509_t *this)
963 {
964 return this->certificate;
965 }
966
967 /**
968 * Implements x509_t.get_public_key
969 */
970 static rsa_public_key_t *get_public_key(const private_x509_t *this)
971 {
972 return this->public_key;
973 }
974
975 /**
976 * Implements x509_t.get_serialNumber
977 */
978 static chunk_t get_serialNumber(const private_x509_t *this)
979 {
980 return this->serialNumber;
981 }
982
983 /**
984 * Implements x509_t.get_subjectKeyID
985 */
986 static chunk_t get_subjectKeyID(const private_x509_t *this)
987 {
988 return this->subjectKeyID;
989 }
990
991 /**
992 * Implements x509_t.get_keyid
993 */
994 static chunk_t get_keyid(const private_x509_t *this)
995 {
996 return this->public_key->get_keyid(this->public_key);
997 }
998
999 /**
1000 * Implements x509_t.get_issuer
1001 */
1002 static identification_t *get_issuer(const private_x509_t *this)
1003 {
1004 return this->issuer;
1005 }
1006
1007 /**
1008 * Implements x509_t.get_subject
1009 */
1010 static identification_t *get_subject(const private_x509_t *this)
1011 {
1012 return this->subject;
1013 }
1014
1015 /**
1016 * Implements x509_t.set_until
1017 */
1018 static void set_until(private_x509_t *this, time_t until)
1019 {
1020 this->until = until;
1021 }
1022
1023 /**
1024 * Implements x509_t.get_until
1025 */
1026 static time_t get_until(const private_x509_t *this)
1027 {
1028 return this->until;
1029 }
1030
1031 /**
1032 * Implements x509_t.set_status
1033 */
1034 static void set_status(private_x509_t *this, cert_status_t status)
1035 {
1036 this->status = status;
1037 }
1038
1039 /**
1040 * Implements x509_t.get_status
1041 */
1042 static cert_status_t get_status(const private_x509_t *this)
1043 {
1044 return this->status;
1045 }
1046
1047 /**
1048 * Implements x509_t.create_crluri_iterator
1049 */
1050 static iterator_t *create_crluri_iterator(const private_x509_t *this)
1051 {
1052 return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
1053 }
1054
1055 /**
1056 * Implements x509_t.verify
1057 */
1058 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1059 {
1060 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
1061 }
1062
1063 /**
1064 * output handler in printf()
1065 */
1066 static int print(FILE *stream, const struct printf_info *info,
1067 const void *const *args)
1068 {
1069 private_x509_t *this = *((private_x509_t**)(args[0]));
1070 iterator_t *iterator;
1071 bool utc = TRUE;
1072 int written = 0;
1073
1074 if (info->alt)
1075 {
1076 utc = *((bool*)(args[1]));
1077 }
1078
1079 if (this == NULL)
1080 {
1081 return fprintf(stream, "(null)");
1082 }
1083
1084 /* determine the current time */
1085 time_t now = time(NULL);
1086
1087 written += fprintf(stream, "%#T\n", &this->installed, utc);
1088
1089 if (this->subjectAltNames->get_count(this->subjectAltNames))
1090 {
1091 identification_t *subjectAltName;
1092 bool first = TRUE;
1093
1094 written += fprintf(stream, " altNames: ");
1095 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
1096 while (iterator->iterate(iterator, (void**)&subjectAltName))
1097 {
1098 if (first)
1099 {
1100 first = FALSE;
1101 }
1102 else
1103 {
1104 written += fprintf(stream, ", ");
1105 }
1106 written += fprintf(stream, "'%D'", subjectAltName);
1107 }
1108 iterator->destroy(iterator);
1109 written += fprintf(stream, "\n");
1110 }
1111 written += fprintf(stream, " subject: '%D'\n", this->subject);
1112 written += fprintf(stream, " issuer: '%D'\n", this->issuer);
1113 written += fprintf(stream, " serial: %#B\n", &this->serialNumber);
1114 written += fprintf(stream, " validity: not before %#T, ", &this->notBefore, utc);
1115 if (now < this->notBefore)
1116 {
1117 written += fprintf(stream, "not valid yet (valid in %V)\n", &now, &this->notBefore);
1118 }
1119 else
1120 {
1121 written += fprintf(stream, "ok\n");
1122 }
1123
1124 written += fprintf(stream, " not after %#T, ", &this->notAfter, utc);
1125 if (now > this->notAfter)
1126 {
1127 written += fprintf(stream, "expired (since %V)\n", &now, &this->notAfter);
1128 }
1129 else
1130 {
1131 written += fprintf(stream, "ok");
1132 if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
1133 {
1134 written += fprintf(stream, " (expires in %V)", &now, &this->notAfter);
1135 }
1136 written += fprintf(stream, " \n");
1137 }
1138
1139 {
1140 chunk_t keyid = this->public_key->get_keyid(this->public_key);
1141 written += fprintf(stream, " keyid: %#B\n", &keyid);
1142 }
1143
1144 if (this->subjectKeyID.ptr)
1145 {
1146 written += fprintf(stream, " subjkey: %#B\n", &this->subjectKeyID);
1147 }
1148 if (this->authKeyID.ptr)
1149 {
1150 written += fprintf(stream, " authkey: %#B\n", &this->authKeyID);
1151 }
1152 if (this->authKeySerialNumber.ptr)
1153 {
1154 written += fprintf(stream, " aserial: %#B\n", &this->authKeySerialNumber);
1155 }
1156
1157 written += fprintf(stream, " pubkey: RSA %d bits", BITS_PER_BYTE *
1158 this->public_key->get_keysize(this->public_key));
1159 written += fprintf(stream, ", status %N",
1160 cert_status_names, this->status);
1161
1162 switch (this->status)
1163 {
1164 case CERT_GOOD:
1165 written += fprintf(stream, " until %#T", &this->until, utc);
1166 break;
1167 case CERT_REVOKED:
1168 written += fprintf(stream, " on %#T", &this->until, utc);
1169 break;
1170 case CERT_UNKNOWN:
1171 case CERT_UNDEFINED:
1172 case CERT_UNTRUSTED:
1173 default:
1174 break;
1175 }
1176 return written;
1177 }
1178
1179 /**
1180 * register printf() handlers
1181 */
1182 static void __attribute__ ((constructor))print_register()
1183 {
1184 register_printf_function(PRINTF_X509, print, arginfo_ptr_alt_ptr_int);
1185 }
1186
1187 /**
1188 * Implements x509_t.destroy
1189 */
1190 static void destroy(private_x509_t *this)
1191 {
1192 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1193 offsetof(identification_t, destroy));
1194 this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
1195 offsetof(identification_t, destroy));
1196 DESTROY_IF(this->issuer);
1197 DESTROY_IF(this->subject);
1198 DESTROY_IF(this->public_key);
1199 free(this->certificate.ptr);
1200 free(this);
1201 }
1202
1203 /*
1204 * Described in header.
1205 */
1206 x509_t *x509_create_from_chunk(chunk_t chunk)
1207 {
1208 private_x509_t *this = malloc_thing(private_x509_t);
1209
1210 /* initialize */
1211 this->subjectPublicKey = chunk_empty;
1212 this->public_key = NULL;
1213 this->subject = NULL;
1214 this->issuer = NULL;
1215 this->subjectAltNames = linked_list_create();
1216 this->crlDistributionPoints = linked_list_create();
1217 this->subjectKeyID = chunk_empty;
1218 this->authKeyID = chunk_empty;
1219 this->authKeySerialNumber = chunk_empty;
1220
1221 /* public functions */
1222 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1223 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1224 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1225 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1226 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1227 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1228 this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
1229 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1230 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1231 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1232 this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
1233 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1234 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1235 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1236 this->public.get_until = (time_t (*) (const x509_t*))get_until;
1237 this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
1238 this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
1239 this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
1240 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1241 this->public.destroy = (void (*) (x509_t*))destroy;
1242
1243 if (!parse_x509cert(chunk, 0, this))
1244 {
1245 destroy(this);
1246 return NULL;
1247 }
1248
1249 /* extract public key from certificate */
1250 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1251 if (this->public_key == NULL)
1252 {
1253 destroy(this);
1254 return NULL;
1255 }
1256 /* set trusted lifetime of public key to notAfter */
1257 this->status = is_self_signed(this)? CERT_GOOD:CERT_UNDEFINED;
1258 this->until = this->notAfter;
1259 return &this->public;
1260 }
1261
1262 /*
1263 * Described in header.
1264 */
1265 x509_t *x509_create_from_file(const char *filename, const char *label)
1266 {
1267 bool pgp = FALSE;
1268 chunk_t chunk = chunk_empty;
1269 x509_t *cert = NULL;
1270
1271 if (!pem_asn1_load_file(filename, NULL, label, &chunk, &pgp))
1272 return NULL;
1273
1274 cert = x509_create_from_chunk(chunk);
1275
1276 if (cert == NULL)
1277 free(chunk.ptr);
1278 return cert;
1279 }