has_subject() now resolves ID_KEY_IDs
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2009 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 */
20
21 #define _GNU_SOURCE
22
23 #include "x509_cert.h"
24
25 #include <sys/stat.h>
26 #include <time.h>
27 #include <unistd.h>
28 #include <string.h>
29 #include <stdio.h>
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/asn1_parser.h>
36 #include <crypto/hashers/hasher.h>
37 #include <credentials/keys/private_key.h>
38 #include <utils/linked_list.h>
39 #include <utils/identification.h>
40 #include <selectors/traffic_selector.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List of ocspAccessLocations as allocated char*
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * List of ipAddrBlocks as traffic_selector_t
131 */
132 linked_list_t *ipAddrBlocks;
133
134 /**
135 * certificate's embedded public key
136 */
137 public_key_t *public_key;
138
139 /**
140 * Subject Key Identifier
141 */
142 chunk_t subjectKeyIdentifier;
143
144 /**
145 * Authority Key Identifier
146 */
147 chunk_t authKeyIdentifier;
148
149 /**
150 * Authority Key Serial Number
151 */
152 chunk_t authKeySerialNumber;
153
154 /**
155 * Path Length Constraint
156 */
157 int pathLenConstraint;
158
159 /**
160 * x509 constraints and other flags
161 */
162 x509_flag_t flags;
163
164 /**
165 * Signature algorithm
166 */
167 int algorithm;
168
169 /**
170 * Signature
171 */
172 chunk_t signature;
173
174 /**
175 * Certificate parsed from blob/file?
176 */
177 bool parsed;
178
179 /**
180 * reference count
181 */
182 refcount_t ref;
183 };
184
185 static const chunk_t ASN1_subjectAltName_oid = chunk_from_chars(
186 0x06, 0x03, 0x55, 0x1D, 0x11
187 );
188
189 /**
190 * ASN.1 definition of a basicConstraints extension
191 */
192 static const asn1Object_t basicConstraintsObjects[] = {
193 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
194 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
195 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
196 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
197 { 0, "exit", ASN1_EOC, ASN1_EXIT }
198 };
199 #define BASIC_CONSTRAINTS_CA 1
200 #define BASIC_CONSTRAINTS_PATH_LEN 2
201
202 /**
203 * Extracts the basicConstraints extension
204 */
205 static void parse_basicConstraints(chunk_t blob, int level0,
206 private_x509_cert_t *this)
207 {
208 asn1_parser_t *parser;
209 chunk_t object;
210 int objectID;
211 bool isCA = FALSE;
212
213 parser = asn1_parser_create(basicConstraintsObjects, blob);
214 parser->set_top_level(parser, level0);
215
216 while (parser->iterate(parser, &objectID, &object))
217 {
218 switch (objectID)
219 {
220 case BASIC_CONSTRAINTS_CA:
221 isCA = object.len && *object.ptr;
222 DBG2(DBG_LIB, " %s", isCA ? "TRUE" : "FALSE");
223 if (isCA)
224 {
225 this->flags |= X509_CA;
226 }
227 break;
228 case BASIC_CONSTRAINTS_PATH_LEN:
229 if (isCA)
230 {
231 if (object.len == 0)
232 {
233 this->pathLenConstraint = 0;
234 }
235 else if (object.len == 1)
236 {
237 this->pathLenConstraint = *object.ptr;
238 }
239 /* we ignore path length constraints > 127 */
240 }
241 break;
242 default:
243 break;
244 }
245 }
246 parser->destroy(parser);
247 }
248
249 /**
250 * ASN.1 definition of otherName
251 */
252 static const asn1Object_t otherNameObjects[] = {
253 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
254 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY }, /* 1 */
255 {0, "exit", ASN1_EOC, ASN1_EXIT }
256 };
257 #define ON_OBJ_ID_TYPE 0
258 #define ON_OBJ_VALUE 1
259
260 /**
261 * Extracts an otherName
262 */
263 static bool parse_otherName(chunk_t *blob, int level0, id_type_t *type)
264 {
265 asn1_parser_t *parser;
266 chunk_t object;
267 int objectID;
268 int oid = OID_UNKNOWN;
269 bool success = FALSE;
270
271 parser = asn1_parser_create(otherNameObjects, *blob);
272 parser->set_top_level(parser, level0);
273
274 while (parser->iterate(parser, &objectID, &object))
275 {
276 switch (objectID)
277 {
278 case ON_OBJ_ID_TYPE:
279 oid = asn1_known_oid(object);
280 break;
281 case ON_OBJ_VALUE:
282 switch (oid)
283 {
284 case OID_XMPP_ADDR:
285 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
286 parser->get_level(parser)+1, "xmppAddr"))
287 {
288 goto end;
289 }
290 break;
291 case OID_USER_PRINCIPAL_NAME:
292 if (asn1_parse_simple_object(&object, ASN1_UTF8STRING,
293 parser->get_level(parser)+1, "msUPN"))
294 { /* we handle UPNs as RFC822 addr */
295 *blob = object;
296 *type = ID_RFC822_ADDR;
297 }
298 else
299 {
300 goto end;
301 }
302 break;
303 }
304 break;
305 default:
306 break;
307 }
308 }
309 success = parser->success(parser);
310
311 end:
312 parser->destroy(parser);
313 return success;
314 }
315
316 /**
317 * ASN.1 definition of generalName
318 */
319 static const asn1Object_t generalNameObjects[] = {
320 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
321 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
322 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
323 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
324 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
325 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
326 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
327 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
328 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
329 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
330 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
331 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
332 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
333 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
334 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
335 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
336 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
337 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 17 */
338 { 0, "exit", ASN1_EOC, ASN1_EXIT }
339 };
340 #define GN_OBJ_OTHER_NAME 0
341 #define GN_OBJ_RFC822_NAME 2
342 #define GN_OBJ_DNS_NAME 4
343 #define GN_OBJ_X400_ADDRESS 6
344 #define GN_OBJ_DIRECTORY_NAME 8
345 #define GN_OBJ_EDI_PARTY_NAME 10
346 #define GN_OBJ_URI 12
347 #define GN_OBJ_IP_ADDRESS 14
348 #define GN_OBJ_REGISTERED_ID 16
349
350 /**
351 * Extracts a generalName
352 */
353 static identification_t *parse_generalName(chunk_t blob, int level0)
354 {
355 asn1_parser_t *parser;
356 chunk_t object;
357 int objectID ;
358
359 identification_t *gn = NULL;
360
361 parser = asn1_parser_create(generalNameObjects, blob);
362 parser->set_top_level(parser, level0);
363
364 while (parser->iterate(parser, &objectID, &object))
365 {
366 id_type_t id_type = ID_ANY;
367
368 switch (objectID)
369 {
370 case GN_OBJ_RFC822_NAME:
371 id_type = ID_RFC822_ADDR;
372 break;
373 case GN_OBJ_DNS_NAME:
374 id_type = ID_FQDN;
375 break;
376 case GN_OBJ_URI:
377 id_type = ID_DER_ASN1_GN_URI;
378 break;
379 case GN_OBJ_DIRECTORY_NAME:
380 id_type = ID_DER_ASN1_DN;
381 break;
382 case GN_OBJ_IP_ADDRESS:
383 switch (object.len)
384 {
385 case 4:
386 id_type = ID_IPV4_ADDR;
387 break;
388 case 16:
389 id_type = ID_IPV6_ADDR;
390 break;
391 default:
392 break;
393 }
394 break;
395 case GN_OBJ_OTHER_NAME:
396 if (!parse_otherName(&object, parser->get_level(parser)+1,
397 &id_type))
398 {
399 goto end;
400 }
401 break;
402 case GN_OBJ_X400_ADDRESS:
403 case GN_OBJ_EDI_PARTY_NAME:
404 case GN_OBJ_REGISTERED_ID:
405 default:
406 break;
407 }
408 if (id_type != ID_ANY)
409 {
410 gn = identification_create_from_encoding(id_type, object);
411 DBG2(DBG_LIB, " '%Y'", gn);
412 goto end;
413 }
414 }
415
416 end:
417 parser->destroy(parser);
418 return gn;
419 }
420
421 /**
422 * ASN.1 definition of generalNames
423 */
424 static const asn1Object_t generalNamesObjects[] = {
425 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
426 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
427 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
428 { 0, "exit", ASN1_EOC, ASN1_EXIT }
429 };
430 #define GENERAL_NAMES_GN 1
431
432 /**
433 * Extracts one or several GNs and puts them into a chained list
434 */
435 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
436 {
437 asn1_parser_t *parser;
438 chunk_t object;
439 int objectID;
440
441 parser = asn1_parser_create(generalNamesObjects, blob);
442 parser->set_top_level(parser, level0);
443 parser->set_flags(parser, implicit, FALSE);
444
445 while (parser->iterate(parser, &objectID, &object))
446 {
447 if (objectID == GENERAL_NAMES_GN)
448 {
449 identification_t *gn = parse_generalName(object,
450 parser->get_level(parser)+1);
451
452 if (gn)
453 {
454 list->insert_last(list, (void *)gn);
455 }
456 }
457 }
458 parser->destroy(parser);
459 }
460
461 /**
462 * ASN.1 definition of a authorityKeyIdentifier extension
463 */
464 static const asn1Object_t authKeyIdentifierObjects[] = {
465 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
466 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_BODY }, /* 1 */
467 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
468 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
469 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
470 { 1, "authorityCertSerialNumber", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
471 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
472 { 0, "exit", ASN1_EOC, ASN1_EXIT }
473 };
474 #define AUTH_KEY_ID_KEY_ID 1
475 #define AUTH_KEY_ID_CERT_ISSUER 3
476 #define AUTH_KEY_ID_CERT_SERIAL 5
477
478 /**
479 * Extracts an authoritykeyIdentifier
480 */
481 chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
482 chunk_t *authKeySerialNumber)
483 {
484 asn1_parser_t *parser;
485 chunk_t object;
486 int objectID;
487 chunk_t authKeyIdentifier = chunk_empty;
488
489 *authKeySerialNumber = chunk_empty;
490
491 parser = asn1_parser_create(authKeyIdentifierObjects, blob);
492 parser->set_top_level(parser, level0);
493
494 while (parser->iterate(parser, &objectID, &object))
495 {
496 switch (objectID)
497 {
498 case AUTH_KEY_ID_KEY_ID:
499 authKeyIdentifier = chunk_clone(object);
500 break;
501 case AUTH_KEY_ID_CERT_ISSUER:
502 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
503 break;
504 case AUTH_KEY_ID_CERT_SERIAL:
505 *authKeySerialNumber = object;
506 break;
507 default:
508 break;
509 }
510 }
511 parser->destroy(parser);
512 return authKeyIdentifier;
513 }
514
515 /**
516 * ASN.1 definition of a authorityInfoAccess extension
517 */
518 static const asn1Object_t authInfoAccessObjects[] = {
519 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
520 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
521 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
522 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
523 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
524 { 0, "exit", ASN1_EOC, ASN1_EXIT }
525 };
526 #define AUTH_INFO_ACCESS_METHOD 2
527 #define AUTH_INFO_ACCESS_LOCATION 3
528
529 /**
530 * Extracts an authorityInfoAcess location
531 */
532 static void parse_authorityInfoAccess(chunk_t blob, int level0,
533 private_x509_cert_t *this)
534 {
535 asn1_parser_t *parser;
536 chunk_t object;
537 int objectID;
538 int accessMethod = OID_UNKNOWN;
539
540 parser = asn1_parser_create(authInfoAccessObjects, blob);
541 parser->set_top_level(parser, level0);
542
543 while (parser->iterate(parser, &objectID, &object))
544 {
545 switch (objectID)
546 {
547 case AUTH_INFO_ACCESS_METHOD:
548 accessMethod = asn1_known_oid(object);
549 break;
550 case AUTH_INFO_ACCESS_LOCATION:
551 {
552 switch (accessMethod)
553 {
554 case OID_OCSP:
555 case OID_CA_ISSUERS:
556 {
557 identification_t *id;
558 char *uri;
559
560 id = parse_generalName(object,
561 parser->get_level(parser)+1);
562 if (id == NULL)
563 {
564 /* parsing went wrong - abort */
565 goto end;
566 }
567 DBG2(DBG_LIB, " '%Y'", id);
568 if (accessMethod == OID_OCSP &&
569 asprintf(&uri, "%Y", id) > 0)
570 {
571 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
572 }
573 id->destroy(id);
574 }
575 break;
576 default:
577 /* unkown accessMethod, ignoring */
578 break;
579 }
580 break;
581 }
582 default:
583 break;
584 }
585 }
586
587 end:
588 parser->destroy(parser);
589 }
590
591 /**
592 * ASN.1 definition of a extendedKeyUsage extension
593 */
594 static const asn1Object_t extendedKeyUsageObjects[] = {
595 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
596 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
597 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
598 { 0, "exit", ASN1_EOC, ASN1_EXIT }
599 };
600 #define EXT_KEY_USAGE_PURPOSE_ID 1
601
602 /**
603 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
604 */
605 static void parse_extendedKeyUsage(chunk_t blob, int level0,
606 private_x509_cert_t *this)
607 {
608 asn1_parser_t *parser;
609 chunk_t object;
610 int objectID;
611
612 parser = asn1_parser_create(extendedKeyUsageObjects, blob);
613 parser->set_top_level(parser, level0);
614
615 while (parser->iterate(parser, &objectID, &object))
616 {
617 if (objectID == EXT_KEY_USAGE_PURPOSE_ID)
618 {
619 switch (asn1_known_oid(object))
620 {
621 case OID_SERVER_AUTH:
622 this->flags |= X509_SERVER_AUTH;
623 break;
624 case OID_CLIENT_AUTH:
625 this->flags |= X509_CLIENT_AUTH;
626 break;
627 case OID_OCSP_SIGNING:
628 this->flags |= X509_OCSP_SIGNER;
629 break;
630 default:
631 break;
632 }
633 }
634 }
635 parser->destroy(parser);
636 }
637
638 /**
639 * ASN.1 definition of crlDistributionPoints
640 */
641 static const asn1Object_t crlDistributionPointsObjects[] = {
642 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
643 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
644 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
645 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
646 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
647 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
648 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
649 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
650 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
651 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
652 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
653 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
654 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
655 { 0, "exit", ASN1_EOC, ASN1_EXIT }
656 };
657 #define CRL_DIST_POINTS_FULLNAME 3
658
659 /**
660 * Extracts one or several crlDistributionPoints into a list
661 */
662 static void parse_crlDistributionPoints(chunk_t blob, int level0,
663 private_x509_cert_t *this)
664 {
665 asn1_parser_t *parser;
666 chunk_t object;
667 int objectID;
668 linked_list_t *list = linked_list_create();
669
670 parser = asn1_parser_create(crlDistributionPointsObjects, blob);
671 parser->set_top_level(parser, level0);
672
673 while (parser->iterate(parser, &objectID, &object))
674 {
675 if (objectID == CRL_DIST_POINTS_FULLNAME)
676 {
677 identification_t *id;
678
679 /* append extracted generalNames to existing chained list */
680 x509_parse_generalNames(object, parser->get_level(parser)+1,
681 TRUE, list);
682
683 while (list->remove_last(list, (void**)&id) == SUCCESS)
684 {
685 char *uri;
686
687 if (asprintf(&uri, "%Y", id) > 0)
688 {
689 this->crl_uris->insert_last(this->crl_uris, uri);
690 }
691 id->destroy(id);
692 }
693 }
694 }
695 parser->destroy(parser);
696 list->destroy(list);
697 }
698
699 /**
700 * ASN.1 definition of ipAddrBlocks according to RFC 3779
701 */
702 static const asn1Object_t ipAddrBlocksObjects[] = {
703 { 0, "ipAddrBlocks", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
704 { 1, "ipAddressFamily", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
705 { 2, "addressFamily", ASN1_OCTET_STRING, ASN1_BODY }, /* 2 */
706 { 2, "inherit", ASN1_NULL, ASN1_OPT|ASN1_NONE }, /* 3 */
707 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
708 { 2, "addressesOrRanges", ASN1_SEQUENCE, ASN1_OPT|ASN1_LOOP }, /* 5 */
709 { 3, "addressPrefix", ASN1_BIT_STRING, ASN1_OPT|ASN1_BODY }, /* 6 */
710 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
711 { 3, "addressRange", ASN1_SEQUENCE, ASN1_OPT|ASN1_NONE }, /* 8 */
712 { 4, "min", ASN1_BIT_STRING, ASN1_BODY }, /* 9 */
713 { 4, "max", ASN1_BIT_STRING, ASN1_BODY }, /* 10 */
714 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
715 { 2, "end choice/loop", ASN1_EOC, ASN1_END }, /* 12 */
716 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */
717 { 0, "exit", ASN1_EOC, ASN1_EXIT }
718 };
719 #define IP_ADDR_BLOCKS_FAMILY 2
720 #define IP_ADDR_BLOCKS_INHERIT 3
721 #define IP_ADDR_BLOCKS_PREFIX 6
722 #define IP_ADDR_BLOCKS_MIN 9
723 #define IP_ADDR_BLOCKS_MAX 10
724
725 static bool check_address_object(ts_type_t ts_type, chunk_t object)
726 {
727 switch (ts_type)
728 {
729 case TS_IPV4_ADDR_RANGE:
730 if (object.len > 5)
731 {
732 DBG1(DBG_LIB, "IPv4 address object is larger than 5 octets");
733 return FALSE;
734 }
735 break;
736 case TS_IPV6_ADDR_RANGE:
737 if (object.len > 17)
738 {
739 DBG1(DBG_LIB, "IPv6 address object is larger than 17 octets");
740 return FALSE;
741 }
742 break;
743 default:
744 DBG1(DBG_LIB, "unknown address family");
745 return FALSE;
746 }
747 if (object.len == 0)
748 {
749 DBG1(DBG_LIB, "An ASN.1 bit string must contain at least the "
750 "initial octet");
751 return FALSE;
752 }
753 if (object.len == 1 && object.ptr[0] != 0)
754 {
755 DBG1(DBG_LIB, "An empty ASN.1 bit string must contain a zero "
756 "initial octet");
757 return FALSE;
758 }
759 if (object.ptr[0] > 7)
760 {
761 DBG1(DBG_LIB, "number of unused bits is too large");
762 return FALSE;
763 }
764 return TRUE;
765 }
766
767 static void parse_ipAddrBlocks(chunk_t blob, int level0,
768 private_x509_cert_t *this)
769 {
770 asn1_parser_t *parser;
771 chunk_t object, min_object;
772 ts_type_t ts_type = 0;
773 traffic_selector_t *ts;
774 int objectID;
775
776 parser = asn1_parser_create(ipAddrBlocksObjects, blob);
777 parser->set_top_level(parser, level0);
778
779 while (parser->iterate(parser, &objectID, &object))
780 {
781 switch (objectID)
782 {
783 case IP_ADDR_BLOCKS_FAMILY:
784 ts_type = 0;
785 if (object.len == 2 && object.ptr[0] == 0)
786 {
787 if (object.ptr[1] == 1)
788 {
789 ts_type = TS_IPV4_ADDR_RANGE;
790 }
791 else if (object.ptr[1] == 2)
792 {
793 ts_type = TS_IPV6_ADDR_RANGE;
794 }
795 else
796 {
797 break;
798 }
799 DBG2(DBG_LIB, " %N", ts_type_name, ts_type);
800 }
801 break;
802 case IP_ADDR_BLOCKS_INHERIT:
803 DBG1(DBG_LIB, "inherit choice is not supported");
804 break;
805 case IP_ADDR_BLOCKS_PREFIX:
806 if (!check_address_object(ts_type, object))
807 {
808 goto end;
809 }
810 ts = traffic_selector_create_from_rfc3779_format(ts_type,
811 object, object);
812 DBG2(DBG_LIB, " %R", ts);
813 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
814 break;
815 case IP_ADDR_BLOCKS_MIN:
816 if (!check_address_object(ts_type, object))
817 {
818 goto end;
819 }
820 min_object = object;
821 break;
822 case IP_ADDR_BLOCKS_MAX:
823 if (!check_address_object(ts_type, object))
824 {
825 goto end;
826 }
827 ts = traffic_selector_create_from_rfc3779_format(ts_type,
828 min_object, object);
829 DBG2(DBG_LIB, " %R", ts);
830 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
831 break;
832 default:
833 break;
834 }
835 }
836 this->flags |= X509_IP_ADDR_BLOCKS;
837
838 end:
839 parser->destroy(parser);
840 }
841
842 /**
843 * ASN.1 definition of an X.509v3 x509_cert
844 */
845 static const asn1Object_t certObjects[] = {
846 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
847 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
848 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
849 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
850 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
851 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
852 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
853 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
854 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
855 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
856 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
857 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_RAW }, /* 11 */
858 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
859 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
860 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 14 */
861 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
862 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 16 */
863 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 17 */
864 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 18 */
865 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 19 */
866 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 20 */
867 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 21 */
868 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 22 */
869 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 23 */
870 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 24 */
871 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY }, /* 25 */
872 { 0, "exit", ASN1_EOC, ASN1_EXIT }
873 };
874 #define X509_OBJ_TBS_CERTIFICATE 1
875 #define X509_OBJ_VERSION 3
876 #define X509_OBJ_SERIAL_NUMBER 4
877 #define X509_OBJ_SIG_ALG 5
878 #define X509_OBJ_ISSUER 6
879 #define X509_OBJ_NOT_BEFORE 8
880 #define X509_OBJ_NOT_AFTER 9
881 #define X509_OBJ_SUBJECT 10
882 #define X509_OBJ_SUBJECT_PUBLIC_KEY_INFO 11
883 #define X509_OBJ_OPTIONAL_EXTENSIONS 16
884 #define X509_OBJ_EXTN_ID 19
885 #define X509_OBJ_CRITICAL 20
886 #define X509_OBJ_EXTN_VALUE 21
887 #define X509_OBJ_ALGORITHM 24
888 #define X509_OBJ_SIGNATURE 25
889
890 /**
891 * forward declaration
892 */
893 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer);
894
895 /**
896 * Parses an X.509v3 certificate
897 */
898 static bool parse_certificate(private_x509_cert_t *this)
899 {
900 asn1_parser_t *parser;
901 chunk_t object;
902 int objectID;
903 int extn_oid = OID_UNKNOWN;
904 int sig_alg = OID_UNKNOWN;
905 bool success = FALSE;
906 bool critical = FALSE;
907
908 parser = asn1_parser_create(certObjects, this->encoding);
909
910 while (parser->iterate(parser, &objectID, &object))
911 {
912 u_int level = parser->get_level(parser)+1;
913
914 switch (objectID)
915 {
916 case X509_OBJ_TBS_CERTIFICATE:
917 this->tbsCertificate = object;
918 break;
919 case X509_OBJ_VERSION:
920 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
921 if (this->version < 1 || this->version > 3)
922 {
923 DBG1(DBG_LIB, "X.509v%d not supported", this->version);
924 goto end;
925 }
926 else
927 {
928 DBG2(DBG_LIB, " X.509v%d", this->version);
929 }
930 break;
931 case X509_OBJ_SERIAL_NUMBER:
932 this->serialNumber = object;
933 break;
934 case X509_OBJ_SIG_ALG:
935 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
936 break;
937 case X509_OBJ_ISSUER:
938 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
939 DBG2(DBG_LIB, " '%Y'", this->issuer);
940 break;
941 case X509_OBJ_NOT_BEFORE:
942 this->notBefore = asn1_parse_time(object, level);
943 break;
944 case X509_OBJ_NOT_AFTER:
945 this->notAfter = asn1_parse_time(object, level);
946 break;
947 case X509_OBJ_SUBJECT:
948 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
949 DBG2(DBG_LIB, " '%Y'", this->subject);
950 break;
951 case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO:
952 DBG2(DBG_LIB, "-- > --");
953 this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
954 KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END);
955 DBG2(DBG_LIB, "-- < --");
956 if (this->public_key == NULL)
957 {
958 goto end;
959 }
960 break;
961 case X509_OBJ_OPTIONAL_EXTENSIONS:
962 if (this->version != 3)
963 {
964 DBG1(DBG_LIB, "Only X.509v3 certificates have extensions");
965 goto end;
966 }
967 break;
968 case X509_OBJ_EXTN_ID:
969 extn_oid = asn1_known_oid(object);
970 break;
971 case X509_OBJ_CRITICAL:
972 critical = object.len && *object.ptr;
973 DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
974 break;
975 case X509_OBJ_EXTN_VALUE:
976 {
977 switch (extn_oid)
978 {
979 case OID_SUBJECT_KEY_ID:
980 if (!asn1_parse_simple_object(&object, ASN1_OCTET_STRING,
981 level, "keyIdentifier"))
982 {
983 goto end;
984 }
985 this->subjectKeyIdentifier = object;
986 break;
987 case OID_SUBJECT_ALT_NAME:
988 x509_parse_generalNames(object, level, FALSE,
989 this->subjectAltNames);
990 break;
991 case OID_BASIC_CONSTRAINTS:
992 parse_basicConstraints(object, level, this);
993 break;
994 case OID_CRL_DISTRIBUTION_POINTS:
995 parse_crlDistributionPoints(object, level, this);
996 break;
997 case OID_AUTHORITY_KEY_ID:
998 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
999 level, &this->authKeySerialNumber);
1000 break;
1001 case OID_AUTHORITY_INFO_ACCESS:
1002 parse_authorityInfoAccess(object, level, this);
1003 break;
1004 case OID_KEY_USAGE:
1005 /* TODO parse the flags */
1006 break;
1007 case OID_EXTENDED_KEY_USAGE:
1008 parse_extendedKeyUsage(object, level, this);
1009 break;
1010 case OID_IP_ADDR_BLOCKS:
1011 parse_ipAddrBlocks(object, level, this);
1012 break;
1013 case OID_NS_REVOCATION_URL:
1014 case OID_NS_CA_REVOCATION_URL:
1015 case OID_NS_CA_POLICY_URL:
1016 case OID_NS_COMMENT:
1017 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
1018 level, oid_names[extn_oid].name))
1019 {
1020 goto end;
1021 }
1022 break;
1023 default:
1024 if (critical && lib->settings->get_bool(lib->settings,
1025 "libstrongswan.plugins.x509.enforce_critical", FALSE))
1026 {
1027 DBG1(DBG_LIB, "critical %s extension not supported",
1028 (extn_oid == OID_UNKNOWN) ? "unknown" :
1029 (char*)oid_names[extn_oid].name);
1030 goto end;
1031 }
1032 break;
1033 }
1034 break;
1035 }
1036 case X509_OBJ_ALGORITHM:
1037 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
1038 if (this->algorithm != sig_alg)
1039 {
1040 DBG1(DBG_LIB, " signature algorithms do not agree");
1041 goto end;
1042 }
1043 break;
1044 case X509_OBJ_SIGNATURE:
1045 this->signature = object;
1046 break;
1047 default:
1048 break;
1049 }
1050 }
1051 success = parser->success(parser);
1052
1053 end:
1054 parser->destroy(parser);
1055 if (success)
1056 {
1057 hasher_t *hasher;
1058
1059 /* check if the certificate is self-signed */
1060 if (issued_by(this, &this->public.interface.interface))
1061 {
1062 this->flags |= X509_SELF_SIGNED;
1063 }
1064 /* create certificate hash */
1065 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1066 if (hasher == NULL)
1067 {
1068 DBG1(DBG_LIB, " unable to create hash of certificate, SHA1 not supported");
1069 return NULL;
1070 }
1071 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1072 hasher->destroy(hasher);
1073 }
1074 return success;
1075 }
1076
1077 /**
1078 * Implementation of certificate_t.get_type
1079 */
1080 static certificate_type_t get_type(private_x509_cert_t *this)
1081 {
1082 return CERT_X509;
1083 }
1084
1085 /**
1086 * Implementation of certificate_t.get_subject
1087 */
1088 static identification_t* get_subject(private_x509_cert_t *this)
1089 {
1090 return this->subject;
1091 }
1092
1093 /**
1094 * Implementation of certificate_t.get_issuer
1095 */
1096 static identification_t* get_issuer(private_x509_cert_t *this)
1097 {
1098 return this->issuer;
1099 }
1100
1101 /**
1102 * Forward declaration
1103 */
1104 static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this);
1105
1106 /**
1107 * Implementation of certificate_t.has_subject.
1108 */
1109 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
1110 {
1111 identification_t *current;
1112 enumerator_t *enumerator;
1113 id_match_t match, best;
1114
1115 if (subject->get_type(subject) == ID_KEY_ID)
1116 {
1117 chunk_t keyid = subject->get_encoding(subject);
1118
1119 if (this->encoding_hash.ptr && chunk_equals(this->encoding_hash, keyid))
1120 {
1121 return ID_MATCH_PERFECT;
1122 }
1123 if (chunk_equals(get_subjectKeyIdentifier(this), keyid))
1124 {
1125 return ID_MATCH_PERFECT;
1126 }
1127 }
1128 best = this->subject->matches(this->subject, subject);
1129 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
1130 while (enumerator->enumerate(enumerator, &current))
1131 {
1132 match = current->matches(current, subject);
1133 if (match > best)
1134 {
1135 best = match;
1136 }
1137 }
1138 enumerator->destroy(enumerator);
1139 return best;
1140 }
1141
1142 /**
1143 * Implementation of certificate_t.has_issuer.
1144 */
1145 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
1146 {
1147 /* issuerAltNames currently not supported */
1148 return this->issuer->matches(this->issuer, issuer);
1149 }
1150
1151 /**
1152 * Implementation of certificate_t.issued_by.
1153 */
1154 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
1155 {
1156 public_key_t *key;
1157 signature_scheme_t scheme;
1158 bool valid;
1159 x509_t *x509 = (x509_t*)issuer;
1160
1161 if (&this->public.interface.interface == issuer)
1162 {
1163 if (this->flags & X509_SELF_SIGNED)
1164 {
1165 return TRUE;
1166 }
1167 }
1168 else
1169 {
1170 if (issuer->get_type(issuer) != CERT_X509)
1171 {
1172 return FALSE;
1173 }
1174 if (!(x509->get_flags(x509) & X509_CA))
1175 {
1176 return FALSE;
1177 }
1178 }
1179 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
1180 {
1181 return FALSE;
1182 }
1183
1184 /* determine signature scheme */
1185 scheme = signature_scheme_from_oid(this->algorithm);
1186 if (scheme == SIGN_UNKNOWN)
1187 {
1188 return FALSE;
1189 }
1190 /* get the public key of the issuer */
1191 key = issuer->get_public_key(issuer);
1192 if (!key)
1193 {
1194 return FALSE;
1195 }
1196 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
1197 key->destroy(key);
1198 return valid;
1199 }
1200
1201 /**
1202 * Implementation of certificate_t.get_public_key
1203 */
1204 static public_key_t* get_public_key(private_x509_cert_t *this)
1205 {
1206 this->public_key->get_ref(this->public_key);
1207 return this->public_key;
1208 }
1209
1210 /**
1211 * Implementation of certificate_t.get_ref
1212 */
1213 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1214 {
1215 ref_get(&this->ref);
1216 return this;
1217 }
1218
1219 /**
1220 * Implementation of x509_cert_t.get_flags.
1221 */
1222 static x509_flag_t get_flags(private_x509_cert_t *this)
1223 {
1224 return this->flags;
1225 }
1226
1227 /**
1228 * Implementation of x509_cert_t.get_validity.
1229 */
1230 static bool get_validity(private_x509_cert_t *this, time_t *when,
1231 time_t *not_before, time_t *not_after)
1232 {
1233 time_t t = when ? *when : time(NULL);
1234
1235 if (not_before)
1236 {
1237 *not_before = this->notBefore;
1238 }
1239 if (not_after)
1240 {
1241 *not_after = this->notAfter;
1242 }
1243 return (t >= this->notBefore && t <= this->notAfter);
1244 }
1245
1246 /**
1247 * Implementation of certificate_t.get_encoding.
1248 */
1249 static bool get_encoding(private_x509_cert_t *this, cred_encoding_type_t type,
1250 chunk_t *encoding)
1251 {
1252 if (type == CERT_ASN1_DER)
1253 {
1254 *encoding = chunk_clone(this->encoding);
1255 return TRUE;
1256 }
1257 return lib->encoding->encode(lib->encoding, type, NULL, encoding,
1258 CRED_PART_X509_ASN1_DER, this->encoding, CRED_PART_END);
1259 }
1260
1261 /**
1262 * Implementation of certificate_t.equals.
1263 */
1264 static bool equals(private_x509_cert_t *this, certificate_t *other)
1265 {
1266 chunk_t encoding;
1267 bool equal;
1268
1269 if (this == (private_x509_cert_t*)other)
1270 {
1271 return TRUE;
1272 }
1273 if (other->get_type(other) != CERT_X509)
1274 {
1275 return FALSE;
1276 }
1277 if (other->equals == (void*)equals)
1278 { /* skip allocation if we have the same implementation */
1279 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1280 }
1281 if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
1282 {
1283 return FALSE;
1284 }
1285 equal = chunk_equals(this->encoding, encoding);
1286 free(encoding.ptr);
1287 return equal;
1288 }
1289
1290 /**
1291 * Implementation of x509_t.get_serial.
1292 */
1293 static chunk_t get_serial(private_x509_cert_t *this)
1294 {
1295 return this->serialNumber;
1296 }
1297
1298 /**
1299 * Implementation of x509_t.get_subjectKeyIdentifier.
1300 */
1301 static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this)
1302 {
1303 if (this->subjectKeyIdentifier.ptr)
1304 {
1305 return this->subjectKeyIdentifier;
1306 }
1307 else
1308 {
1309 chunk_t fingerprint;
1310
1311 if (this->public_key->get_fingerprint(this->public_key,
1312 KEYID_PUBKEY_SHA1, &fingerprint))
1313 {
1314 return fingerprint;
1315 }
1316 else
1317 {
1318 return chunk_empty;
1319 }
1320 }
1321 }
1322
1323 /**
1324 * Implementation of x509_t.get_authKeyIdentifier.
1325 */
1326 static chunk_t get_authKeyIdentifier(private_x509_cert_t *this)
1327 {
1328 return this->authKeyIdentifier;
1329 }
1330
1331 /**
1332 * Implementation of x509_t.get_pathLenConstraint.
1333 */
1334 static int get_pathLenConstraint(private_x509_cert_t *this)
1335 {
1336 return this->pathLenConstraint;
1337 }
1338
1339 /**
1340 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1341 */
1342 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1343 {
1344 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1345 }
1346
1347 /**
1348 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1349 */
1350 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1351 {
1352 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1353 }
1354
1355 /**
1356 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1357 */
1358 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1359 {
1360 return this->crl_uris->create_enumerator(this->crl_uris);
1361 }
1362
1363 /**
1364 * Implementation of x509_cert_t.create_ipAddrBlock_enumerator.
1365 */
1366 static enumerator_t* create_ipAddrBlock_enumerator(private_x509_cert_t *this)
1367 {
1368 return this->ipAddrBlocks->create_enumerator(this->ipAddrBlocks);
1369 }
1370
1371 /**
1372 * Implementation of certificate_t.destroy.
1373 */
1374 static void destroy(private_x509_cert_t *this)
1375 {
1376 if (ref_put(&this->ref))
1377 {
1378 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1379 offsetof(identification_t, destroy));
1380 this->crl_uris->destroy_function(this->crl_uris, free);
1381 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1382 this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks, offsetof(traffic_selector_t, destroy));
1383 DESTROY_IF(this->issuer);
1384 DESTROY_IF(this->subject);
1385 DESTROY_IF(this->public_key);
1386 chunk_free(&this->authKeyIdentifier);
1387 chunk_free(&this->encoding);
1388 chunk_free(&this->encoding_hash);
1389 if (!this->parsed)
1390 { /* only parsed certificates point these fields to "encoded" */
1391 chunk_free(&this->signature);
1392 chunk_free(&this->serialNumber);
1393 chunk_free(&this->tbsCertificate);
1394 }
1395 free(this);
1396 }
1397 }
1398
1399 /**
1400 * create an empty but initialized X.509 certificate
1401 */
1402 static private_x509_cert_t* create_empty(void)
1403 {
1404 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1405
1406 this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type;
1407 this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject;
1408 this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer;
1409 this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
1410 this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer;
1411 this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
1412 this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
1413 this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
1414 this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
1415 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
1416 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
1417 this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
1418 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1419 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1420 this->public.interface.get_subjectKeyIdentifier = (chunk_t (*)(x509_t*))get_subjectKeyIdentifier;
1421 this->public.interface.get_authKeyIdentifier = (chunk_t (*)(x509_t*))get_authKeyIdentifier;
1422 this->public.interface.get_pathLenConstraint = (int (*)(x509_t*))get_pathLenConstraint;
1423 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1424 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1425 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1426 this->public.interface.create_ipAddrBlock_enumerator = (enumerator_t* (*)(x509_t*))create_ipAddrBlock_enumerator;
1427
1428 this->encoding = chunk_empty;
1429 this->encoding_hash = chunk_empty;
1430 this->tbsCertificate = chunk_empty;
1431 this->version = 1;
1432 this->serialNumber = chunk_empty;
1433 this->notBefore = 0;
1434 this->notAfter = 0;
1435 this->public_key = NULL;
1436 this->subject = NULL;
1437 this->issuer = NULL;
1438 this->subjectAltNames = linked_list_create();
1439 this->crl_uris = linked_list_create();
1440 this->ocsp_uris = linked_list_create();
1441 this->ipAddrBlocks = linked_list_create();
1442 this->subjectKeyIdentifier = chunk_empty;
1443 this->authKeyIdentifier = chunk_empty;
1444 this->authKeySerialNumber = chunk_empty;
1445 this->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1446 this->algorithm = 0;
1447 this->signature = chunk_empty;
1448 this->flags = 0;
1449 this->ref = 1;
1450 this->parsed = FALSE;
1451
1452 return this;
1453 }
1454
1455 /**
1456 * Encode a linked list of subjectAltNames
1457 */
1458 chunk_t x509_build_subjectAltNames(linked_list_t *list)
1459 {
1460 chunk_t subjectAltNames = chunk_empty;
1461 enumerator_t *enumerator;
1462 identification_t *id;
1463
1464 if (list->get_count(list) == 0)
1465 {
1466 return chunk_empty;
1467 }
1468
1469 enumerator = list->create_enumerator(list);
1470 while (enumerator->enumerate(enumerator, &id))
1471 {
1472 int context;
1473 chunk_t name;
1474
1475 switch (id->get_type(id))
1476 {
1477 case ID_RFC822_ADDR:
1478 context = ASN1_CONTEXT_S_1;
1479 break;
1480 case ID_FQDN:
1481 context = ASN1_CONTEXT_S_2;
1482 break;
1483 case ID_IPV4_ADDR:
1484 case ID_IPV6_ADDR:
1485 context = ASN1_CONTEXT_S_7;
1486 break;
1487 default:
1488 DBG1(DBG_LIB, "encoding %N as subjectAltName not supported",
1489 id_type_names, id->get_type(id));
1490 enumerator->destroy(enumerator);
1491 free(subjectAltNames.ptr);
1492 return chunk_empty;
1493 }
1494 name = asn1_wrap(context, "c", id->get_encoding(id));
1495 subjectAltNames = chunk_cat("mm", subjectAltNames, name);
1496 }
1497 enumerator->destroy(enumerator);
1498
1499 return asn1_wrap(ASN1_SEQUENCE, "mm",
1500 asn1_build_known_oid(OID_SUBJECT_ALT_NAME),
1501 asn1_wrap(ASN1_OCTET_STRING, "m",
1502 asn1_wrap(ASN1_SEQUENCE, "m", subjectAltNames)
1503 )
1504 );
1505 }
1506
1507 /**
1508 * Generate and sign a new certificate
1509 */
1510 static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
1511 private_key_t *sign_key, int digest_alg)
1512 {
1513 chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty;
1514 chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty;
1515 chunk_t ocspSigning = chunk_empty;
1516 chunk_t basicConstraints = chunk_empty;
1517 chunk_t keyUsage = chunk_empty;
1518 chunk_t subjectAltNames = chunk_empty;
1519 chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
1520 chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
1521 identification_t *issuer, *subject;
1522 chunk_t key_info;
1523 signature_scheme_t scheme;
1524 hasher_t *hasher;
1525 enumerator_t *enumerator;
1526 char *uri;
1527
1528 subject = cert->subject;
1529 if (sign_cert)
1530 {
1531 issuer = sign_cert->get_subject(sign_cert);
1532 if (!cert->public_key)
1533 {
1534 return FALSE;
1535 }
1536 }
1537 else
1538 { /* self signed */
1539 issuer = subject;
1540 if (!cert->public_key)
1541 {
1542 cert->public_key = sign_key->get_public_key(sign_key);
1543 }
1544 cert->flags |= X509_SELF_SIGNED;
1545 }
1546 cert->issuer = issuer->clone(issuer);
1547 if (!cert->notBefore)
1548 {
1549 cert->notBefore = time(NULL);
1550 }
1551 if (!cert->notAfter)
1552 { /* defaults to 1 year from now */
1553 cert->notAfter = cert->notBefore + 60 * 60 * 24 * 365;
1554 }
1555
1556 /* select signature scheme */
1557 cert->algorithm = hasher_signature_algorithm_to_oid(digest_alg,
1558 sign_key->get_type(sign_key));
1559 if (cert->algorithm == OID_UNKNOWN)
1560 {
1561 return FALSE;
1562 }
1563 scheme = signature_scheme_from_oid(cert->algorithm);
1564
1565 if (!cert->public_key->get_encoding(cert->public_key,
1566 PUBKEY_SPKI_ASN1_DER, &key_info))
1567 {
1568 return FALSE;
1569 }
1570
1571 /* encode subjectAltNames */
1572 subjectAltNames = x509_build_subjectAltNames(cert->subjectAltNames);
1573
1574 /* encode CRL distribution points extension */
1575 enumerator = cert->crl_uris->create_enumerator(cert->crl_uris);
1576 while (enumerator->enumerate(enumerator, &uri))
1577 {
1578 chunk_t distributionPoint;
1579
1580 distributionPoint = asn1_wrap(ASN1_SEQUENCE, "m",
1581 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1582 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1583 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1584 chunk_create(uri, strlen(uri))))));
1585
1586 crlDistributionPoints = chunk_cat("mm", crlDistributionPoints,
1587 distributionPoint);
1588 }
1589 enumerator->destroy(enumerator);
1590 if (crlDistributionPoints.ptr)
1591 {
1592 crlDistributionPoints = asn1_wrap(ASN1_SEQUENCE, "mm",
1593 asn1_build_known_oid(OID_CRL_DISTRIBUTION_POINTS),
1594 asn1_wrap(ASN1_OCTET_STRING, "m",
1595 asn1_wrap(ASN1_SEQUENCE, "m", crlDistributionPoints)));
1596 }
1597
1598 /* encode OCSP URIs in authorityInfoAccess extension */
1599 enumerator = cert->ocsp_uris->create_enumerator(cert->ocsp_uris);
1600 while (enumerator->enumerate(enumerator, &uri))
1601 {
1602 chunk_t accessDescription;
1603
1604 accessDescription = asn1_wrap(ASN1_SEQUENCE, "mm",
1605 asn1_build_known_oid(OID_OCSP),
1606 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1607 chunk_create(uri, strlen(uri))));
1608 authorityInfoAccess = chunk_cat("mm", authorityInfoAccess,
1609 accessDescription);
1610 }
1611 enumerator->destroy(enumerator);
1612 if (authorityInfoAccess.ptr)
1613 {
1614 authorityInfoAccess = asn1_wrap(ASN1_SEQUENCE, "mm",
1615 asn1_build_known_oid(OID_AUTHORITY_INFO_ACCESS),
1616 asn1_wrap(ASN1_OCTET_STRING, "m",
1617 asn1_wrap(ASN1_SEQUENCE, "m", authorityInfoAccess)));
1618 }
1619
1620 /* build CA basicConstraint and keyUsage flags for CA certificates */
1621 if (cert->flags & X509_CA)
1622 {
1623 chunk_t pathLenConstraint = chunk_empty;
1624
1625 if (cert->pathLenConstraint != X509_NO_PATH_LEN_CONSTRAINT)
1626 {
1627 char pathlen = (char)cert->pathLenConstraint;
1628
1629 pathLenConstraint = asn1_integer("c", chunk_from_thing(pathlen));
1630 }
1631 basicConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm",
1632 asn1_build_known_oid(OID_BASIC_CONSTRAINTS),
1633 asn1_wrap(ASN1_BOOLEAN, "c",
1634 chunk_from_chars(0xFF)),
1635 asn1_wrap(ASN1_OCTET_STRING, "m",
1636 asn1_wrap(ASN1_SEQUENCE, "mm",
1637 asn1_wrap(ASN1_BOOLEAN, "c",
1638 chunk_from_chars(0xFF)),
1639 pathLenConstraint)));
1640 keyUsage = asn1_wrap(ASN1_SEQUENCE, "mmm",
1641 asn1_build_known_oid(OID_KEY_USAGE),
1642 asn1_wrap(ASN1_BOOLEAN, "c",
1643 chunk_from_chars(0xFF)),
1644 asn1_wrap(ASN1_OCTET_STRING, "m",
1645 asn1_wrap(ASN1_BIT_STRING, "c",
1646 chunk_from_chars(0x01, 0x06))));
1647 }
1648
1649 /* add serverAuth extendedKeyUsage flag */
1650 if (cert->flags & X509_SERVER_AUTH)
1651 {
1652 serverAuth = asn1_build_known_oid(OID_SERVER_AUTH);
1653 }
1654 if (cert->flags & X509_CLIENT_AUTH)
1655 {
1656 clientAuth = asn1_build_known_oid(OID_CLIENT_AUTH);
1657 }
1658
1659 /* add ocspSigning extendedKeyUsage flag */
1660 if (cert->flags & X509_OCSP_SIGNER)
1661 {
1662 ocspSigning = asn1_build_known_oid(OID_OCSP_SIGNING);
1663 }
1664
1665 if (serverAuth.ptr || clientAuth.ptr || ocspSigning.ptr)
1666 {
1667 extendedKeyUsage = asn1_wrap(ASN1_SEQUENCE, "mm",
1668 asn1_build_known_oid(OID_EXTENDED_KEY_USAGE),
1669 asn1_wrap(ASN1_OCTET_STRING, "m",
1670 asn1_wrap(ASN1_SEQUENCE, "mmm",
1671 serverAuth, clientAuth, ocspSigning)));
1672 }
1673
1674 /* add subjectKeyIdentifier to CA and OCSP signer certificates */
1675 if (cert->flags & (X509_CA | X509_OCSP_SIGNER))
1676 {
1677 chunk_t keyid;
1678
1679 if (cert->public_key->get_fingerprint(cert->public_key,
1680 KEYID_PUBKEY_SHA1, &keyid))
1681 {
1682 subjectKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1683 asn1_build_known_oid(OID_SUBJECT_KEY_ID),
1684 asn1_wrap(ASN1_OCTET_STRING, "m",
1685 asn1_wrap(ASN1_OCTET_STRING, "c", keyid)));
1686 }
1687 }
1688
1689 /* add the keyid authKeyIdentifier for non self-signed certificates */
1690 if (sign_key)
1691 {
1692 chunk_t keyid;
1693
1694 if (sign_key->get_fingerprint(sign_key, KEYID_PUBKEY_SHA1, &keyid))
1695 {
1696 authKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1697 asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
1698 asn1_wrap(ASN1_OCTET_STRING, "m",
1699 asn1_wrap(ASN1_SEQUENCE, "m",
1700 asn1_wrap(ASN1_CONTEXT_S_0, "c", keyid))));
1701 }
1702 }
1703 if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr ||
1704 crlDistributionPoints.ptr)
1705 {
1706 extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m",
1707 asn1_wrap(ASN1_SEQUENCE, "mmmmmmmm",
1708 basicConstraints, keyUsage, subjectKeyIdentifier,
1709 authKeyIdentifier, subjectAltNames,
1710 extendedKeyUsage, crlDistributionPoints,
1711 authorityInfoAccess));
1712 }
1713
1714 cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmmcmcmm",
1715 asn1_simple_object(ASN1_CONTEXT_C_0, ASN1_INTEGER_2),
1716 asn1_integer("c", cert->serialNumber),
1717 asn1_algorithmIdentifier(cert->algorithm),
1718 issuer->get_encoding(issuer),
1719 asn1_wrap(ASN1_SEQUENCE, "mm",
1720 asn1_from_time(&cert->notBefore, ASN1_UTCTIME),
1721 asn1_from_time(&cert->notAfter, ASN1_UTCTIME)),
1722 subject->get_encoding(subject),
1723 key_info, extensions);
1724
1725 if (!sign_key->sign(sign_key, scheme, cert->tbsCertificate, &cert->signature))
1726 {
1727 return FALSE;
1728 }
1729 cert->encoding = asn1_wrap(ASN1_SEQUENCE, "cmm", cert->tbsCertificate,
1730 asn1_algorithmIdentifier(cert->algorithm),
1731 asn1_bitstring("c", cert->signature));
1732
1733 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1734 if (!hasher)
1735 {
1736 return FALSE;
1737 }
1738 hasher->allocate_hash(hasher, cert->encoding, &cert->encoding_hash);
1739 hasher->destroy(hasher);
1740 return TRUE;
1741 }
1742
1743 /**
1744 * See header.
1745 */
1746 x509_cert_t *x509_cert_load(certificate_type_t type, va_list args)
1747 {
1748 x509_flag_t flags = 0;
1749 chunk_t blob = chunk_empty;
1750
1751 while (TRUE)
1752 {
1753 switch (va_arg(args, builder_part_t))
1754 {
1755 case BUILD_BLOB_ASN1_DER:
1756 blob = va_arg(args, chunk_t);
1757 continue;
1758 case BUILD_X509_FLAG:
1759 flags |= va_arg(args, x509_flag_t);
1760 continue;
1761 case BUILD_END:
1762 break;
1763 default:
1764 return NULL;
1765 }
1766 break;
1767 }
1768
1769 if (blob.ptr)
1770 {
1771 private_x509_cert_t *cert = create_empty();
1772
1773 cert->encoding = chunk_clone(blob);
1774 cert->parsed = TRUE;
1775 if (parse_certificate(cert))
1776 {
1777 cert->flags |= flags;
1778 return &cert->public;
1779 }
1780 destroy(cert);
1781 }
1782 return NULL;
1783 }
1784
1785 /**
1786 * See header.
1787 */
1788 x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
1789 {
1790 private_x509_cert_t *cert;
1791 certificate_t *sign_cert = NULL;
1792 private_key_t *sign_key = NULL;
1793 hash_algorithm_t digest_alg = HASH_SHA1;
1794
1795 cert = create_empty();
1796 while (TRUE)
1797 {
1798 switch (va_arg(args, builder_part_t))
1799 {
1800 case BUILD_X509_FLAG:
1801 cert->flags |= va_arg(args, x509_flag_t);
1802 continue;
1803 case BUILD_SIGNING_KEY:
1804 sign_key = va_arg(args, private_key_t*);
1805 continue;
1806 case BUILD_SIGNING_CERT:
1807 sign_cert = va_arg(args, certificate_t*);
1808 continue;
1809 case BUILD_PUBLIC_KEY:
1810 cert->public_key = va_arg(args, public_key_t*);
1811 cert->public_key->get_ref(cert->public_key);
1812 continue;
1813 case BUILD_SUBJECT:
1814 cert->subject = va_arg(args, identification_t*);
1815 cert->subject = cert->subject->clone(cert->subject);
1816 continue;
1817 case BUILD_SUBJECT_ALTNAMES:
1818 {
1819 enumerator_t *enumerator;
1820 identification_t *id;
1821 linked_list_t *list;
1822
1823 list = va_arg(args, linked_list_t*);
1824 enumerator = list->create_enumerator(list);
1825 while (enumerator->enumerate(enumerator, &id))
1826 {
1827 cert->subjectAltNames->insert_last(cert->subjectAltNames,
1828 id->clone(id));
1829 }
1830 enumerator->destroy(enumerator);
1831 continue;
1832 }
1833 case BUILD_CRL_DISTRIBUTION_POINTS:
1834 {
1835 enumerator_t *enumerator;
1836 linked_list_t *list;
1837 char *uri;
1838
1839 list = va_arg(args, linked_list_t*);
1840 enumerator = list->create_enumerator(list);
1841 while (enumerator->enumerate(enumerator, &uri))
1842 {
1843 cert->crl_uris->insert_last(cert->crl_uris, strdup(uri));
1844 }
1845 enumerator->destroy(enumerator);
1846 continue;
1847 }
1848 case BUILD_OCSP_ACCESS_LOCATIONS:
1849 {
1850 enumerator_t *enumerator;
1851 linked_list_t *list;
1852 char *uri;
1853
1854 list = va_arg(args, linked_list_t*);
1855 enumerator = list->create_enumerator(list);
1856 while (enumerator->enumerate(enumerator, &uri))
1857 {
1858 cert->ocsp_uris->insert_last(cert->ocsp_uris, strdup(uri));
1859 }
1860 enumerator->destroy(enumerator);
1861 continue;
1862 }
1863 case BUILD_PATHLEN:
1864 cert->pathLenConstraint = va_arg(args, int);
1865 if (cert->pathLenConstraint < 0 || cert->pathLenConstraint > 127)
1866 {
1867 cert->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1868 }
1869 continue;
1870 case BUILD_NOT_BEFORE_TIME:
1871 cert->notBefore = va_arg(args, time_t);
1872 continue;
1873 case BUILD_NOT_AFTER_TIME:
1874 cert->notAfter = va_arg(args, time_t);
1875 continue;
1876 case BUILD_SERIAL:
1877 cert->serialNumber = chunk_clone(va_arg(args, chunk_t));
1878 continue;
1879 case BUILD_DIGEST_ALG:
1880 digest_alg = va_arg(args, int);
1881 continue;
1882 case BUILD_END:
1883 break;
1884 default:
1885 destroy(cert);
1886 return NULL;
1887 }
1888 break;
1889 }
1890
1891 if (sign_key && generate(cert, sign_cert, sign_key, digest_alg))
1892 {
1893 return &cert->public;
1894 }
1895 destroy(cert);
1896 return NULL;
1897 }
1898