fe95f04966ac93d749a10a6fa46745d6add841cd
[strongswan.git] / src / libstrongswan / crypto / x509.c
1 /**
2 * @file x509.c
3 *
4 * @brief Implementation of x509_t.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <gmp.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <string.h>
27 #include <stdio.h>
28
29 #include "x509.h"
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/pem.h>
36 #include <utils/linked_list.h>
37 #include <utils/identification.h>
38
39 #define CERT_WARNING_INTERVAL 30 /* days */
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum generalNames_t generalNames_t;
45
46 enum generalNames_t {
47 GN_OTHER_NAME = 0,
48 GN_RFC822_NAME = 1,
49 GN_DNS_NAME = 2,
50 GN_X400_ADDRESS = 3,
51 GN_DIRECTORY_NAME = 4,
52 GN_EDI_PARTY_NAME = 5,
53 GN_URI = 6,
54 GN_IP_ADDRESS = 7,
55 GN_REGISTERED_ID = 8,
56 };
57
58 typedef struct private_x509_t private_x509_t;
59
60 /**
61 * Private data of a x509_t object.
62 */
63 struct private_x509_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_t public;
68
69 /**
70 * Time when certificate was installed
71 */
72 time_t installed;
73
74 /**
75 * Time until certificate can be trusted
76 */
77 time_t until;
78
79 /**
80 * Certificate status
81 */
82 cert_status_t status;
83
84 /**
85 * Authority flags
86 */
87 u_char authority_flags;
88
89 /**
90 * X.509 Certificate in DER format
91 */
92 chunk_t certificate;
93
94 /**
95 * X.509 certificate body over which signature is computed
96 */
97 chunk_t tbsCertificate;
98
99 /**
100 * Version of the X.509 certificate
101 */
102 u_int version;
103
104 /**
105 * Serial number of the X.509 certificate
106 */
107 chunk_t serialNumber;
108
109 /**
110 * Signature algorithm
111 */
112 int sigAlg;
113
114 /**
115 * ID representing the certificate issuer
116 */
117 identification_t *issuer;
118
119 /**
120 * Start time of certificate validity
121 */
122 time_t notBefore;
123
124 /**
125 * End time of certificate validity
126 */
127 time_t notAfter;
128
129 /**
130 * ID representing the certificate subject
131 */
132 identification_t *subject;
133
134 /**
135 * List of identification_t's representing subjectAltNames
136 */
137 linked_list_t *subjectAltNames;
138
139 /**
140 * List of identification_t's representing crlDistributionPoints
141 */
142 linked_list_t *crlDistributionPoints;
143
144 /**
145 * List of identification_t's representing ocspAccessLocations
146 */
147 linked_list_t *ocspAccessLocations;
148
149 /**
150 * Subject public key
151 */
152 chunk_t subjectPublicKey;
153
154 /**
155 * Subject RSA public key, if subjectPublicKeyAlgorithm == RSA
156 */
157 rsa_public_key_t *public_key;
158
159 /**
160 * Subject Key Identifier
161 */
162 chunk_t subjectKeyID;
163
164 /**
165 * Authority Key Identifier
166 */
167 chunk_t authKeyID;
168
169 /**
170 * Authority Key Serial Number
171 */
172 chunk_t authKeySerialNumber;
173
174 /**
175 * CA basic constraints flag
176 */
177 bool isCA;
178
179 /**
180 * OCSPSigner extended key usage flag
181 */
182 bool isOcspSigner;
183
184 /**
185 * Signature algorithm (must be identical to sigAlg)
186 */
187 int algorithm;
188
189 /**
190 * Signature
191 */
192 chunk_t signature;
193
194 };
195
196 /**
197 * ASN.1 definition of generalName
198 */
199 static const asn1Object_t generalNameObjects[] = {
200 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
201 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
202 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
203 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
204 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
205 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
206 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
207 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
208 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
209 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
210 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
211 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
212 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
213 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
214 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
215 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
216 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
217 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
218 };
219 #define GN_OBJ_OTHER_NAME 0
220 #define GN_OBJ_RFC822_NAME 2
221 #define GN_OBJ_DNS_NAME 4
222 #define GN_OBJ_X400_ADDRESS 6
223 #define GN_OBJ_DIRECTORY_NAME 8
224 #define GN_OBJ_EDI_PARTY_NAME 10
225 #define GN_OBJ_URI 12
226 #define GN_OBJ_IP_ADDRESS 14
227 #define GN_OBJ_REGISTERED_ID 16
228 #define GN_OBJ_ROOF 18
229
230 /**
231 * ASN.1 definition of otherName
232 */
233 static const asn1Object_t otherNameObjects[] = {
234 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
235 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
236 };
237 #define ON_OBJ_ID_TYPE 0
238 #define ON_OBJ_VALUE 1
239 #define ON_OBJ_ROOF 2
240 /**
241 * ASN.1 definition of a basicConstraints extension
242 */
243 static const asn1Object_t basicConstraintsObjects[] = {
244 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
245 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
246 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
247 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
248 };
249 #define BASIC_CONSTRAINTS_CA 1
250 #define BASIC_CONSTRAINTS_ROOF 4
251
252 /**
253 * ASN.1 definition of time
254 */
255 static const asn1Object_t timeObjects[] = {
256 { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
257 { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
258 { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
259 { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
260 };
261 #define TIME_UTC 0
262 #define TIME_GENERALIZED 2
263 #define TIME_ROOF 4
264
265 /**
266 * ASN.1 definition of a keyIdentifier
267 */
268 static const asn1Object_t keyIdentifierObjects[] = {
269 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
270 };
271
272 /**
273 * ASN.1 definition of a authorityKeyIdentifier extension
274 */
275 static const asn1Object_t authorityKeyIdentifierObjects[] = {
276 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
277 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
278 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
279 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
280 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
281 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
282 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
283 };
284 #define AUTH_KEY_ID_KEY_ID 1
285 #define AUTH_KEY_ID_CERT_ISSUER 3
286 #define AUTH_KEY_ID_CERT_SERIAL 5
287 #define AUTH_KEY_ID_ROOF 7
288
289 /**
290 * ASN.1 definition of a authorityInfoAccess extension
291 */
292 static const asn1Object_t authorityInfoAccessObjects[] = {
293 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
294 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
295 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
296 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
297 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
298 };
299 #define AUTH_INFO_ACCESS_METHOD 2
300 #define AUTH_INFO_ACCESS_LOCATION 3
301 #define AUTH_INFO_ACCESS_ROOF 5
302
303 /**
304 * ASN.1 definition of a extendedKeyUsage extension
305 */
306 static const asn1Object_t extendedKeyUsageObjects[] = {
307 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
308 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
309 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
310 };
311
312 #define EXT_KEY_USAGE_PURPOSE_ID 1
313 #define EXT_KEY_USAGE_ROOF 3
314
315 /**
316 * ASN.1 definition of generalNames
317 */
318 static const asn1Object_t generalNamesObjects[] = {
319 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
320 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
321 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
322 };
323 #define GENERAL_NAMES_GN 1
324 #define GENERAL_NAMES_ROOF 3
325
326
327 /**
328 * ASN.1 definition of crlDistributionPoints
329 */
330 static const asn1Object_t crlDistributionPointsObjects[] = {
331 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
332 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
333 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
334 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
335 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
336 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
337 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
338 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
339 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
340 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
341 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
342 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
343 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
344 };
345 #define CRL_DIST_POINTS_FULLNAME 3
346 #define CRL_DIST_POINTS_ROOF 13
347
348 /**
349 * ASN.1 definition of an X.509v3 x509
350 */
351 static const asn1Object_t certObjects[] = {
352 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
353 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
354 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
355 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
356 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
357 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
358 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
359 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
360 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
361 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
362 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
363 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
364 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
365 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
366 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
367 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
368 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
369 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
370 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
371 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
372 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
373 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
374 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
375 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
376 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
377 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
378 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
379 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
380 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
381 };
382 #define X509_OBJ_CERTIFICATE 0
383 #define X509_OBJ_TBS_CERTIFICATE 1
384 #define X509_OBJ_VERSION 3
385 #define X509_OBJ_SERIAL_NUMBER 4
386 #define X509_OBJ_SIG_ALG 5
387 #define X509_OBJ_ISSUER 6
388 #define X509_OBJ_NOT_BEFORE 8
389 #define X509_OBJ_NOT_AFTER 9
390 #define X509_OBJ_SUBJECT 10
391 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
392 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
393 #define X509_OBJ_RSA_PUBLIC_KEY 14
394 #define X509_OBJ_EXTN_ID 22
395 #define X509_OBJ_CRITICAL 23
396 #define X509_OBJ_EXTN_VALUE 24
397 #define X509_OBJ_ALGORITHM 27
398 #define X509_OBJ_SIGNATURE 28
399 #define X509_OBJ_ROOF 29
400
401
402 static u_char ASN1_subjectAltName_oid_str[] = {
403 0x06, 0x03, 0x55, 0x1D, 0x11
404 };
405
406 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
407
408
409 /**
410 * compare two X.509 x509s by comparing their signatures
411 */
412 static bool equals(const private_x509_t *this, const private_x509_t *other)
413 {
414 return chunk_equals(this->signature, other->signature);
415 }
416
417 /**
418 * extracts the basicConstraints extension
419 */
420 static bool parse_basicConstraints(chunk_t blob, int level0)
421 {
422 asn1_ctx_t ctx;
423 chunk_t object;
424 u_int level;
425 int objectID = 0;
426 bool isCA = FALSE;
427
428 asn1_init(&ctx, blob, level0, FALSE, FALSE);
429
430 while (objectID < BASIC_CONSTRAINTS_ROOF) {
431
432 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
433 {
434 break;
435 }
436 if (objectID == BASIC_CONSTRAINTS_CA)
437 {
438 isCA = object.len && *object.ptr;
439 DBG2(" %s", isCA ? "TRUE" : "FALSE");
440 }
441 objectID++;
442 }
443 return isCA;
444 }
445
446 /*
447 * extracts an otherName
448 */
449 static bool
450 parse_otherName(chunk_t blob, int level0)
451 {
452 asn1_ctx_t ctx;
453 chunk_t object;
454 int objectID = 0;
455 u_int level;
456 int oid = OID_UNKNOWN;
457
458 asn1_init(&ctx, blob, level0, FALSE, FALSE);
459
460 while (objectID < ON_OBJ_ROOF)
461 {
462 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
463 return FALSE;
464
465 switch (objectID)
466 {
467 case ON_OBJ_ID_TYPE:
468 oid = known_oid(object);
469 break;
470 case ON_OBJ_VALUE:
471 if (oid == OID_XMPP_ADDR)
472 {
473 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING, level + 1, "xmppAddr"))
474 return FALSE;
475 }
476 break;
477 default:
478 break;
479 }
480 objectID++;
481 }
482 return TRUE;
483 }
484
485 /*
486 * extracts a generalName
487 */
488 static identification_t *parse_generalName(chunk_t blob, int level0)
489 {
490 asn1_ctx_t ctx;
491 chunk_t object;
492 int objectID = 0;
493 u_int level;
494
495 asn1_init(&ctx, blob, level0, FALSE, FALSE);
496
497 while (objectID < GN_OBJ_ROOF)
498 {
499 id_type_t id_type = ID_ANY;
500
501 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
502 return NULL;
503
504 switch (objectID)
505 {
506 case GN_OBJ_RFC822_NAME:
507 id_type = ID_RFC822_ADDR;
508 break;
509 case GN_OBJ_DNS_NAME:
510 id_type = ID_FQDN;
511 break;
512 case GN_OBJ_URI:
513 id_type = ID_DER_ASN1_GN_URI;
514 break;
515 case GN_OBJ_DIRECTORY_NAME:
516 id_type = ID_DER_ASN1_DN;
517 break;
518 case GN_OBJ_IP_ADDRESS:
519 id_type = ID_IPV4_ADDR;
520 break;
521 case GN_OBJ_OTHER_NAME:
522 if (!parse_otherName(object, level + 1))
523 return NULL;
524 break;
525 case GN_OBJ_X400_ADDRESS:
526 case GN_OBJ_EDI_PARTY_NAME:
527 case GN_OBJ_REGISTERED_ID:
528 break;
529 default:
530 break;
531 }
532
533 if (id_type != ID_ANY)
534 {
535 identification_t *gn = identification_create_from_encoding(id_type, object);
536 DBG2(" '%D'", gn);
537 return gn;
538 }
539 objectID++;
540 }
541 return NULL;
542 }
543
544
545 /**
546 * extracts one or several GNs and puts them into a chained list
547 */
548 static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
549 {
550 asn1_ctx_t ctx;
551 chunk_t object;
552 u_int level;
553 int objectID = 0;
554
555 asn1_init(&ctx, blob, level0, implicit, FALSE);
556
557 while (objectID < GENERAL_NAMES_ROOF)
558 {
559 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
560 return;
561
562 if (objectID == GENERAL_NAMES_GN)
563 {
564 identification_t *gn = parse_generalName(object, level+1);
565
566 if (gn != NULL)
567 list->insert_last(list, (void *)gn);
568 }
569 objectID++;
570 }
571 return;
572 }
573
574 /**
575 * extracts and converts a UTCTIME or GENERALIZEDTIME object
576 */
577 time_t parse_time(chunk_t blob, int level0)
578 {
579 asn1_ctx_t ctx;
580 chunk_t object;
581 u_int level;
582 int objectID = 0;
583
584 asn1_init(&ctx, blob, level0, FALSE, FALSE);
585
586 while (objectID < TIME_ROOF)
587 {
588 if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
589 return 0;
590
591 if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
592 {
593 return asn1totime(&object, (objectID == TIME_UTC)
594 ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
595 }
596 objectID++;
597 }
598 return 0;
599 }
600
601 /**
602 * extracts a keyIdentifier
603 */
604 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
605 {
606 asn1_ctx_t ctx;
607 chunk_t object;
608 u_int level;
609 int objectID = 0;
610
611 asn1_init(&ctx, blob, level0, implicit, FALSE);
612
613 extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
614 return object;
615 }
616
617 /**
618 * extracts an authoritykeyIdentifier
619 */
620 void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
621 {
622 asn1_ctx_t ctx;
623 chunk_t object;
624 u_int level;
625 int objectID = 0;
626
627 asn1_init(&ctx, blob, level0, FALSE, FALSE);
628 while (objectID < AUTH_KEY_ID_ROOF)
629 {
630 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
631 {
632 return;
633 }
634 switch (objectID)
635 {
636 case AUTH_KEY_ID_KEY_ID:
637 *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
638 break;
639 case AUTH_KEY_ID_CERT_ISSUER:
640 {
641 /* TODO: parse_generalNames(object, level+1, TRUE); */
642 break;
643 }
644 case AUTH_KEY_ID_CERT_SERIAL:
645 *authKeySerialNumber = object;
646 break;
647 default:
648 break;
649 }
650 objectID++;
651 }
652 }
653
654 /**
655 * extracts an authorityInfoAcess location
656 */
657 static void parse_authorityInfoAccess(chunk_t blob, int level0, linked_list_t *list)
658 {
659 asn1_ctx_t ctx;
660 chunk_t object;
661 u_int level;
662 int objectID = 0;
663
664 u_int accessMethod = OID_UNKNOWN;
665
666 asn1_init(&ctx, blob, level0, FALSE, FALSE);
667 while (objectID < AUTH_INFO_ACCESS_ROOF)
668 {
669 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
670 {
671 return;
672 }
673 switch (objectID)
674 {
675 case AUTH_INFO_ACCESS_METHOD:
676 accessMethod = known_oid(object);
677 break;
678 case AUTH_INFO_ACCESS_LOCATION:
679 {
680 switch (accessMethod)
681 {
682 case OID_OCSP:
683 if (*object.ptr == ASN1_CONTEXT_S_6)
684 {
685 identification_t *accessLocation;
686
687 if (asn1_length(&object) == ASN1_INVALID_LENGTH)
688 return;
689 DBG2(" '%.*s'",(int)object.len, object.ptr);
690 accessLocation = identification_create_from_encoding(ID_DER_ASN1_GN_URI, object);
691 list->insert_last(list, (void *)accessLocation);
692 }
693 break;
694 default:
695 /* unkown accessMethod, ignoring */
696 break;
697 }
698 break;
699 }
700 default:
701 break;
702 }
703 objectID++;
704 }
705 }
706
707 /**
708 * extracts extendedKeyUsage OIDs
709 */
710 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
711 {
712 asn1_ctx_t ctx;
713 chunk_t object;
714 u_int level;
715 int objectID = 0;
716
717 asn1_init(&ctx, blob, level0, FALSE, FALSE);
718 while (objectID < EXT_KEY_USAGE_ROOF)
719 {
720 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
721 {
722 return FALSE;
723 }
724 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
725 known_oid(object) == OID_OCSP_SIGNING)
726 {
727 return TRUE;
728 }
729 objectID++;
730 }
731 return FALSE;
732 }
733
734 /**
735 * extracts one or several crlDistributionPoints and puts them into
736 * a chained list
737 */
738 static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
739 {
740 asn1_ctx_t ctx;
741 chunk_t object;
742 u_int level;
743 int objectID = 0;
744
745 asn1_init(&ctx, blob, level0, FALSE, FALSE);
746 while (objectID < CRL_DIST_POINTS_ROOF)
747 {
748 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
749 {
750 return;
751 }
752 if (objectID == CRL_DIST_POINTS_FULLNAME)
753 {
754 /* append extracted generalNames to existing chained list */
755 parse_generalNames(object, level+1, TRUE, list);
756
757 }
758 objectID++;
759 }
760 }
761
762
763 /**
764 * Parses an X.509v3 certificate
765 */
766 bool parse_x509cert(chunk_t blob, u_int level0, private_x509_t *cert)
767 {
768 asn1_ctx_t ctx;
769 bool critical;
770 chunk_t object;
771 u_int level;
772 u_int extn_oid = OID_UNKNOWN;
773 int objectID = 0;
774
775 asn1_init(&ctx, blob, level0, FALSE, FALSE);
776 while (objectID < X509_OBJ_ROOF)
777 {
778 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
779 {
780 return FALSE;
781 }
782 /* those objects which will parsed further need the next higher level */
783 level++;
784 switch (objectID) {
785 case X509_OBJ_CERTIFICATE:
786 cert->certificate = object;
787 break;
788 case X509_OBJ_TBS_CERTIFICATE:
789 cert->tbsCertificate = object;
790 break;
791 case X509_OBJ_VERSION:
792 cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
793 DBG2(" v%d", cert->version);
794 break;
795 case X509_OBJ_SERIAL_NUMBER:
796 cert->serialNumber = object;
797 break;
798 case X509_OBJ_SIG_ALG:
799 cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
800 break;
801 case X509_OBJ_ISSUER:
802 cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
803 DBG2(" '%D'", cert->issuer);
804 break;
805 case X509_OBJ_NOT_BEFORE:
806 cert->notBefore = parse_time(object, level);
807 break;
808 case X509_OBJ_NOT_AFTER:
809 cert->notAfter = parse_time(object, level);
810 break;
811 case X509_OBJ_SUBJECT:
812 cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
813 DBG2(" '%D'", cert->subject);
814 break;
815 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
816 if (parse_algorithmIdentifier(object, level, NULL) != OID_RSA_ENCRYPTION)
817 {
818 DBG2(" unsupported public key algorithm");
819 return FALSE;
820 }
821 break;
822 case X509_OBJ_SUBJECT_PUBLIC_KEY:
823 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
824 {
825 /* skip initial bit string octet defining 0 unused bits */
826 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
827 }
828 else
829 {
830 DBG2(" invalid RSA public key format");
831 return FALSE;
832 }
833 break;
834 case X509_OBJ_RSA_PUBLIC_KEY:
835 cert->subjectPublicKey = object;
836 break;
837 case X509_OBJ_EXTN_ID:
838 extn_oid = known_oid(object);
839 break;
840 case X509_OBJ_CRITICAL:
841 critical = object.len && *object.ptr;
842 DBG2(" %s", critical ? "TRUE" : "FALSE");
843 break;
844 case X509_OBJ_EXTN_VALUE:
845 {
846 switch (extn_oid) {
847 case OID_SUBJECT_KEY_ID:
848 cert->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
849 break;
850 case OID_SUBJECT_ALT_NAME:
851 parse_generalNames(object, level, FALSE, cert->subjectAltNames);
852 break;
853 case OID_BASIC_CONSTRAINTS:
854 cert->isCA = parse_basicConstraints(object, level);
855 break;
856 case OID_CRL_DISTRIBUTION_POINTS:
857 parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
858 break;
859 case OID_AUTHORITY_KEY_ID:
860 parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
861 break;
862 case OID_AUTHORITY_INFO_ACCESS:
863 parse_authorityInfoAccess(object, level, cert->ocspAccessLocations);
864 break;
865 case OID_EXTENDED_KEY_USAGE:
866 cert->isOcspSigner = parse_extendedKeyUsage(object, level);
867 break;
868 case OID_NS_REVOCATION_URL:
869 case OID_NS_CA_REVOCATION_URL:
870 case OID_NS_CA_POLICY_URL:
871 case OID_NS_COMMENT:
872 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
873 return FALSE;
874 break;
875 default:
876 break;
877 }
878 break;
879 }
880 case X509_OBJ_ALGORITHM:
881 cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
882 break;
883 case X509_OBJ_SIGNATURE:
884 cert->signature = object;
885 break;
886 default:
887 break;
888 }
889 objectID++;
890 }
891 time(&cert->installed);
892 return TRUE;
893 }
894
895 /**
896 * Implements x509_t.is_valid
897 */
898 static err_t is_valid(const private_x509_t *this, time_t *until)
899 {
900 time_t current_time = time(NULL);
901
902 DBG2(" not before : %T", &this->notBefore);
903 DBG2(" current time: %T", &current_time);
904 DBG2(" not after : %T", &this->notAfter);
905
906 if (until != NULL &&
907 (*until == UNDEFINED_TIME || this->notAfter < *until))
908 {
909 *until = this->notAfter;
910 }
911 if (current_time < this->notBefore)
912 {
913 return "is not valid yet";
914 }
915 if (current_time > this->notAfter)
916 {
917 return "has expired";
918 }
919 DBG2(" certificate is valid");
920 return NULL;
921 }
922
923 /**
924 * Implements x509_t.is_ca
925 */
926 static bool is_ca(const private_x509_t *this)
927 {
928 return this->isCA;
929 }
930
931 /**
932 * Implements x509_t.is_ocsp_signer
933 */
934 static bool is_ocsp_signer(const private_x509_t *this)
935 {
936 return this->isOcspSigner;
937 }
938
939 /**
940 * Implements x509_t.is_self_signed
941 */
942 static bool is_self_signed(const private_x509_t *this)
943 {
944 return this->subject->equals(this->subject, this->issuer);
945 }
946
947 /**
948 * Implements x509_t.equals_subjectAltName
949 */
950 static bool equals_subjectAltName(const private_x509_t *this, identification_t *id)
951 {
952 bool found = FALSE;
953 identification_t *subjectAltName;
954 iterator_t *iterator;
955
956 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
957 while (iterator->iterate(iterator, (void**)&subjectAltName))
958 {
959 if (id->equals(id, subjectAltName))
960 {
961 found = TRUE;
962 break;
963 }
964 }
965 iterator->destroy(iterator);
966 return found;
967 }
968
969 /**
970 * Implements x509_t.is_issuer
971 */
972 static bool is_issuer(const private_x509_t *this, const private_x509_t *issuer)
973 {
974 return (this->authKeyID.ptr)
975 ? chunk_equals(this->authKeyID, issuer->subjectKeyID)
976 : (this->issuer->equals(this->issuer, issuer->subject)
977 && chunk_equals_or_null(this->authKeySerialNumber, issuer->serialNumber));
978 }
979
980 /**
981 * Implements x509_t.get_certificate
982 */
983 static chunk_t get_certificate(const private_x509_t *this)
984 {
985 return this->certificate;
986 }
987
988 /**
989 * Implements x509_t.get_public_key
990 */
991 static rsa_public_key_t *get_public_key(const private_x509_t *this)
992 {
993 return this->public_key;
994 }
995
996 /**
997 * Implements x509_t.get_serialNumber
998 */
999 static chunk_t get_serialNumber(const private_x509_t *this)
1000 {
1001 return this->serialNumber;
1002 }
1003
1004 /**
1005 * Implements x509_t.get_subjectKeyID
1006 */
1007 static chunk_t get_subjectKeyID(const private_x509_t *this)
1008 {
1009 return this->subjectKeyID;
1010 }
1011
1012 /**
1013 * Implements x509_t.get_keyid
1014 */
1015 static chunk_t get_keyid(const private_x509_t *this)
1016 {
1017 return this->public_key->get_keyid(this->public_key);
1018 }
1019
1020 /**
1021 * Implements x509_t.get_issuer
1022 */
1023 static identification_t *get_issuer(const private_x509_t *this)
1024 {
1025 return this->issuer;
1026 }
1027
1028 /**
1029 * Implements x509_t.get_subject
1030 */
1031 static identification_t *get_subject(const private_x509_t *this)
1032 {
1033 return this->subject;
1034 }
1035
1036 /**
1037 * Implements x509_t.set_until
1038 */
1039 static void set_until(private_x509_t *this, time_t until)
1040 {
1041 this->until = until;
1042 }
1043
1044 /**
1045 * Implements x509_t.get_until
1046 */
1047 static time_t get_until(const private_x509_t *this)
1048 {
1049 return this->until;
1050 }
1051
1052 /**
1053 * Implements x509_t.set_status
1054 */
1055 static void set_status(private_x509_t *this, cert_status_t status)
1056 {
1057 this->status = status;
1058 }
1059
1060 /**
1061 * Implements x509_t.get_status
1062 */
1063 static cert_status_t get_status(const private_x509_t *this)
1064 {
1065 return this->status;
1066 }
1067
1068 /**
1069 * Implements x509_t.create_crluri_iterator
1070 */
1071 static iterator_t *create_crluri_iterator(const private_x509_t *this)
1072 {
1073 return this->crlDistributionPoints->create_iterator(this->crlDistributionPoints, TRUE);
1074 }
1075
1076 /**
1077 * Implements x509_t.create_crluri_iterator
1078 */
1079 static iterator_t *create_ocspuri_iterator(const private_x509_t *this)
1080 {
1081 return this->ocspAccessLocations->create_iterator(this->ocspAccessLocations, TRUE);
1082 }
1083
1084 /**
1085 * Implements x509_t.verify
1086 */
1087 static bool verify(const private_x509_t *this, const rsa_public_key_t *signer)
1088 {
1089 return signer->verify_emsa_pkcs1_signature(signer, this->tbsCertificate, this->signature) == SUCCESS;
1090 }
1091
1092 /**
1093 * output handler in printf()
1094 */
1095 static int print(FILE *stream, const struct printf_info *info,
1096 const void *const *args)
1097 {
1098 private_x509_t *this = *((private_x509_t**)(args[0]));
1099 iterator_t *iterator;
1100 bool utc = TRUE;
1101 int written = 0;
1102
1103 if (info->alt)
1104 {
1105 utc = *((bool*)(args[1]));
1106 }
1107
1108 if (this == NULL)
1109 {
1110 return fprintf(stream, "(null)");
1111 }
1112
1113 /* determine the current time */
1114 time_t now = time(NULL);
1115
1116 written += fprintf(stream, "%#T\n", &this->installed, utc);
1117
1118 if (this->subjectAltNames->get_count(this->subjectAltNames))
1119 {
1120 identification_t *subjectAltName;
1121 bool first = TRUE;
1122
1123 written += fprintf(stream, " altNames: ");
1124 iterator = this->subjectAltNames->create_iterator(this->subjectAltNames, TRUE);
1125 while (iterator->iterate(iterator, (void**)&subjectAltName))
1126 {
1127 if (first)
1128 {
1129 first = FALSE;
1130 }
1131 else
1132 {
1133 written += fprintf(stream, ", ");
1134 }
1135 written += fprintf(stream, "'%D'", subjectAltName);
1136 }
1137 iterator->destroy(iterator);
1138 written += fprintf(stream, "\n");
1139 }
1140 written += fprintf(stream, " subject: '%D'\n", this->subject);
1141 written += fprintf(stream, " issuer: '%D'\n", this->issuer);
1142 written += fprintf(stream, " serial: %#B\n", &this->serialNumber);
1143 written += fprintf(stream, " validity: not before %#T, ", &this->notBefore, utc);
1144 if (now < this->notBefore)
1145 {
1146 written += fprintf(stream, "not valid yet (valid in %V)\n", &now, &this->notBefore);
1147 }
1148 else
1149 {
1150 written += fprintf(stream, "ok\n");
1151 }
1152
1153 written += fprintf(stream, " not after %#T, ", &this->notAfter, utc);
1154 if (now > this->notAfter)
1155 {
1156 written += fprintf(stream, "expired (since %V)\n", &now, &this->notAfter);
1157 }
1158 else
1159 {
1160 written += fprintf(stream, "ok");
1161 if (now > this->notAfter - CERT_WARNING_INTERVAL * 60 * 60 * 24)
1162 {
1163 written += fprintf(stream, " (expires in %V)", &now, &this->notAfter);
1164 }
1165 written += fprintf(stream, " \n");
1166 }
1167
1168 {
1169 chunk_t keyid = this->public_key->get_keyid(this->public_key);
1170 written += fprintf(stream, " keyid: %#B\n", &keyid);
1171 }
1172
1173 if (this->subjectKeyID.ptr)
1174 {
1175 written += fprintf(stream, " subjkey: %#B\n", &this->subjectKeyID);
1176 }
1177 if (this->authKeyID.ptr)
1178 {
1179 written += fprintf(stream, " authkey: %#B\n", &this->authKeyID);
1180 }
1181 if (this->authKeySerialNumber.ptr)
1182 {
1183 written += fprintf(stream, " aserial: %#B\n", &this->authKeySerialNumber);
1184 }
1185
1186 written += fprintf(stream, " pubkey: RSA %d bits", BITS_PER_BYTE *
1187 this->public_key->get_keysize(this->public_key));
1188 written += fprintf(stream, ", status %N",
1189 cert_status_names, this->status);
1190
1191 switch (this->status)
1192 {
1193 case CERT_GOOD:
1194 written += fprintf(stream, " until %#T", &this->until, utc);
1195 break;
1196 case CERT_REVOKED:
1197 written += fprintf(stream, " on %#T", &this->until, utc);
1198 break;
1199 case CERT_UNKNOWN:
1200 case CERT_UNDEFINED:
1201 case CERT_UNTRUSTED:
1202 default:
1203 break;
1204 }
1205 return written;
1206 }
1207
1208 /**
1209 * register printf() handlers
1210 */
1211 static void __attribute__ ((constructor))print_register()
1212 {
1213 register_printf_function(PRINTF_X509, print, arginfo_ptr_alt_ptr_int);
1214 }
1215
1216 /**
1217 * Implements x509_t.destroy
1218 */
1219 static void destroy(private_x509_t *this)
1220 {
1221 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1222 offsetof(identification_t, destroy));
1223 this->crlDistributionPoints->destroy_offset(this->crlDistributionPoints,
1224 offsetof(identification_t, destroy));
1225 this->ocspAccessLocations->destroy_offset(this->ocspAccessLocations,
1226 offsetof(identification_t, destroy));
1227 DESTROY_IF(this->issuer);
1228 DESTROY_IF(this->subject);
1229 DESTROY_IF(this->public_key);
1230 free(this->certificate.ptr);
1231 free(this);
1232 }
1233
1234 /*
1235 * Described in header.
1236 */
1237 x509_t *x509_create_from_chunk(chunk_t chunk, u_int level)
1238 {
1239 private_x509_t *this = malloc_thing(private_x509_t);
1240
1241 /* initialize */
1242 this->subjectPublicKey = chunk_empty;
1243 this->public_key = NULL;
1244 this->subject = NULL;
1245 this->issuer = NULL;
1246 this->subjectAltNames = linked_list_create();
1247 this->crlDistributionPoints = linked_list_create();
1248 this->ocspAccessLocations = linked_list_create();
1249 this->subjectKeyID = chunk_empty;
1250 this->authKeyID = chunk_empty;
1251 this->authKeySerialNumber = chunk_empty;
1252
1253 /* public functions */
1254 this->public.equals = (bool (*) (const x509_t*,const x509_t*))equals;
1255 this->public.equals_subjectAltName = (bool (*) (const x509_t*,identification_t*))equals_subjectAltName;
1256 this->public.is_issuer = (bool (*) (const x509_t*,const x509_t*))is_issuer;
1257 this->public.is_valid = (err_t (*) (const x509_t*,time_t*))is_valid;
1258 this->public.is_ca = (bool (*) (const x509_t*))is_ca;
1259 this->public.is_self_signed = (bool (*) (const x509_t*))is_self_signed;
1260 this->public.is_ocsp_signer = (bool (*) (const x509_t*))is_ocsp_signer;
1261 this->public.get_certificate = (chunk_t (*) (const x509_t*))get_certificate;
1262 this->public.get_public_key = (rsa_public_key_t* (*) (const x509_t*))get_public_key;
1263 this->public.get_serialNumber = (chunk_t (*) (const x509_t*))get_serialNumber;
1264 this->public.get_subjectKeyID = (chunk_t (*) (const x509_t*))get_subjectKeyID;
1265 this->public.get_keyid = (chunk_t (*) (const x509_t*))get_keyid;
1266 this->public.get_issuer = (identification_t* (*) (const x509_t*))get_issuer;
1267 this->public.get_subject = (identification_t* (*) (const x509_t*))get_subject;
1268 this->public.set_until = (void (*) (x509_t*,time_t))set_until;
1269 this->public.get_until = (time_t (*) (const x509_t*))get_until;
1270 this->public.set_status = (void (*) (x509_t*,cert_status_t))set_status;
1271 this->public.get_status = (cert_status_t (*) (const x509_t*))get_status;
1272 this->public.create_crluri_iterator = (iterator_t* (*) (const x509_t*))create_crluri_iterator;
1273 this->public.create_ocspuri_iterator = (iterator_t* (*) (const x509_t*))create_ocspuri_iterator;
1274 this->public.verify = (bool (*) (const x509_t*,const rsa_public_key_t*))verify;
1275 this->public.destroy = (void (*) (x509_t*))destroy;
1276
1277 if (!parse_x509cert(chunk, level, this))
1278 {
1279 destroy(this);
1280 return NULL;
1281 }
1282
1283 /* extract public key from certificate */
1284 this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
1285 if (this->public_key == NULL)
1286 {
1287 destroy(this);
1288 return NULL;
1289 }
1290 /* set trusted lifetime of public key to notAfter */
1291 this->status = is_self_signed(this)? CERT_GOOD:CERT_UNDEFINED;
1292 this->until = this->notAfter;
1293 return &this->public;
1294 }
1295
1296 /*
1297 * Described in header.
1298 */
1299 x509_t *x509_create_from_file(const char *filename, const char *label)
1300 {
1301 bool pgp = FALSE;
1302 chunk_t chunk = chunk_empty;
1303 x509_t *cert = NULL;
1304
1305 if (!pem_asn1_load_file(filename, NULL, label, &chunk, &pgp))
1306 return NULL;
1307
1308 cert = x509_create_from_chunk(chunk, 0);
1309
1310 if (cert == NULL)
1311 free(chunk.ptr);
1312 return cert;
1313 }