critical keyUsage extension must be parsed
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2009 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 */
20
21 #define _GNU_SOURCE
22
23 #include "x509_cert.h"
24
25 #include <sys/stat.h>
26 #include <time.h>
27 #include <unistd.h>
28 #include <string.h>
29 #include <stdio.h>
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/asn1_parser.h>
36 #include <crypto/hashers/hasher.h>
37 #include <credentials/keys/private_key.h>
38 #include <utils/linked_list.h>
39 #include <utils/identification.h>
40 #include <selectors/traffic_selector.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List of ocspAccessLocations as allocated char*
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * List of ipAddrBlocks as traffic_selector_t
131 */
132 linked_list_t *ipAddrBlocks;
133
134 /**
135 * certificate's embedded public key
136 */
137 public_key_t *public_key;
138
139 /**
140 * Subject Key Identifier
141 */
142 chunk_t subjectKeyIdentifier;
143
144 /**
145 * Authority Key Identifier
146 */
147 chunk_t authKeyIdentifier;
148
149 /**
150 * Authority Key Serial Number
151 */
152 chunk_t authKeySerialNumber;
153
154 /**
155 * Path Length Constraint
156 */
157 int pathLenConstraint;
158
159 /**
160 * x509 constraints and other flags
161 */
162 x509_flag_t flags;
163
164 /**
165 * Signature algorithm
166 */
167 int algorithm;
168
169 /**
170 * Signature
171 */
172 chunk_t signature;
173
174 /**
175 * Certificate parsed from blob/file?
176 */
177 bool parsed;
178
179 /**
180 * reference count
181 */
182 refcount_t ref;
183 };
184
185 static const chunk_t ASN1_subjectAltName_oid = chunk_from_chars(
186 0x06, 0x03, 0x55, 0x1D, 0x11
187 );
188
189 /**
190 * ASN.1 definition of a basicConstraints extension
191 */
192 static const asn1Object_t basicConstraintsObjects[] = {
193 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
194 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
195 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
196 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
197 { 0, "exit", ASN1_EOC, ASN1_EXIT }
198 };
199 #define BASIC_CONSTRAINTS_CA 1
200 #define BASIC_CONSTRAINTS_PATH_LEN 2
201
202 /**
203 * Extracts the basicConstraints extension
204 */
205 static void parse_basicConstraints(chunk_t blob, int level0,
206 private_x509_cert_t *this)
207 {
208 asn1_parser_t *parser;
209 chunk_t object;
210 int objectID;
211 bool isCA = FALSE;
212
213 parser = asn1_parser_create(basicConstraintsObjects, blob);
214 parser->set_top_level(parser, level0);
215
216 while (parser->iterate(parser, &objectID, &object))
217 {
218 switch (objectID)
219 {
220 case BASIC_CONSTRAINTS_CA:
221 isCA = object.len && *object.ptr;
222 DBG2(" %s", isCA ? "TRUE" : "FALSE");
223 if (isCA)
224 {
225 this->flags |= X509_CA;
226 }
227 break;
228 case BASIC_CONSTRAINTS_PATH_LEN:
229 if (isCA)
230 {
231 if (object.len == 0)
232 {
233 this->pathLenConstraint = 0;
234 }
235 else if (object.len == 1)
236 {
237 this->pathLenConstraint = *object.ptr;
238 }
239 /* we ignore path length constraints > 127 */
240 }
241 break;
242 default:
243 break;
244 }
245 }
246 parser->destroy(parser);
247 }
248
249 /**
250 * ASN.1 definition of otherName
251 */
252 static const asn1Object_t otherNameObjects[] = {
253 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
254 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY }, /* 1 */
255 {0, "exit", ASN1_EOC, ASN1_EXIT }
256 };
257 #define ON_OBJ_ID_TYPE 0
258 #define ON_OBJ_VALUE 1
259
260 /**
261 * Extracts an otherName
262 */
263 static bool parse_otherName(chunk_t blob, int level0)
264 {
265 asn1_parser_t *parser;
266 chunk_t object;
267 int objectID;
268 int oid = OID_UNKNOWN;
269 bool success = FALSE;
270
271 parser = asn1_parser_create(otherNameObjects, blob);
272 parser->set_top_level(parser, level0);
273
274 while (parser->iterate(parser, &objectID, &object))
275 {
276 switch (objectID)
277 {
278 case ON_OBJ_ID_TYPE:
279 oid = asn1_known_oid(object);
280 break;
281 case ON_OBJ_VALUE:
282 if (oid == OID_XMPP_ADDR)
283 {
284 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
285 parser->get_level(parser)+1, "xmppAddr"))
286 {
287 goto end;
288 }
289 }
290 break;
291 default:
292 break;
293 }
294 }
295 success = parser->success(parser);
296
297 end:
298 parser->destroy(parser);
299 return success;
300 }
301
302 /**
303 * ASN.1 definition of generalName
304 */
305 static const asn1Object_t generalNameObjects[] = {
306 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
307 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
308 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
309 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
310 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
311 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
312 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
313 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
314 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
315 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
316 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
317 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
318 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
319 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
320 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
321 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
322 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
323 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 17 */
324 { 0, "exit", ASN1_EOC, ASN1_EXIT }
325 };
326 #define GN_OBJ_OTHER_NAME 0
327 #define GN_OBJ_RFC822_NAME 2
328 #define GN_OBJ_DNS_NAME 4
329 #define GN_OBJ_X400_ADDRESS 6
330 #define GN_OBJ_DIRECTORY_NAME 8
331 #define GN_OBJ_EDI_PARTY_NAME 10
332 #define GN_OBJ_URI 12
333 #define GN_OBJ_IP_ADDRESS 14
334 #define GN_OBJ_REGISTERED_ID 16
335
336 /**
337 * Extracts a generalName
338 */
339 static identification_t *parse_generalName(chunk_t blob, int level0)
340 {
341 asn1_parser_t *parser;
342 chunk_t object;
343 int objectID ;
344
345 identification_t *gn = NULL;
346
347 parser = asn1_parser_create(generalNameObjects, blob);
348 parser->set_top_level(parser, level0);
349
350 while (parser->iterate(parser, &objectID, &object))
351 {
352 id_type_t id_type = ID_ANY;
353
354 switch (objectID)
355 {
356 case GN_OBJ_RFC822_NAME:
357 id_type = ID_RFC822_ADDR;
358 break;
359 case GN_OBJ_DNS_NAME:
360 id_type = ID_FQDN;
361 break;
362 case GN_OBJ_URI:
363 id_type = ID_DER_ASN1_GN_URI;
364 break;
365 case GN_OBJ_DIRECTORY_NAME:
366 id_type = ID_DER_ASN1_DN;
367 break;
368 case GN_OBJ_IP_ADDRESS:
369 id_type = ID_IPV4_ADDR;
370 break;
371 case GN_OBJ_OTHER_NAME:
372 if (!parse_otherName(object, parser->get_level(parser)+1))
373 {
374 goto end;
375 }
376 break;
377 case GN_OBJ_X400_ADDRESS:
378 case GN_OBJ_EDI_PARTY_NAME:
379 case GN_OBJ_REGISTERED_ID:
380 default:
381 break;
382 }
383 if (id_type != ID_ANY)
384 {
385 gn = identification_create_from_encoding(id_type, object);
386 DBG2(" '%Y'", gn);
387 goto end;
388 }
389 }
390
391 end:
392 parser->destroy(parser);
393 return gn;
394 }
395
396 /**
397 * ASN.1 definition of generalNames
398 */
399 static const asn1Object_t generalNamesObjects[] = {
400 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
401 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
402 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
403 { 0, "exit", ASN1_EOC, ASN1_EXIT }
404 };
405 #define GENERAL_NAMES_GN 1
406
407 /**
408 * Extracts one or several GNs and puts them into a chained list
409 */
410 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
411 {
412 asn1_parser_t *parser;
413 chunk_t object;
414 int objectID;
415
416 parser = asn1_parser_create(generalNamesObjects, blob);
417 parser->set_top_level(parser, level0);
418 parser->set_flags(parser, implicit, FALSE);
419
420 while (parser->iterate(parser, &objectID, &object))
421 {
422 if (objectID == GENERAL_NAMES_GN)
423 {
424 identification_t *gn = parse_generalName(object,
425 parser->get_level(parser)+1);
426
427 if (gn)
428 {
429 list->insert_last(list, (void *)gn);
430 }
431 }
432 }
433 parser->destroy(parser);
434 }
435
436 /**
437 * ASN.1 definition of a authorityKeyIdentifier extension
438 */
439 static const asn1Object_t authKeyIdentifierObjects[] = {
440 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
441 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_BODY }, /* 1 */
442 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
443 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
444 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
445 { 1, "authorityCertSerialNumber", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
446 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
447 { 0, "exit", ASN1_EOC, ASN1_EXIT }
448 };
449 #define AUTH_KEY_ID_KEY_ID 1
450 #define AUTH_KEY_ID_CERT_ISSUER 3
451 #define AUTH_KEY_ID_CERT_SERIAL 5
452
453 /**
454 * Extracts an authoritykeyIdentifier
455 */
456 chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
457 chunk_t *authKeySerialNumber)
458 {
459 asn1_parser_t *parser;
460 chunk_t object;
461 int objectID;
462 chunk_t authKeyIdentifier = chunk_empty;
463
464 *authKeySerialNumber = chunk_empty;
465
466 parser = asn1_parser_create(authKeyIdentifierObjects, blob);
467 parser->set_top_level(parser, level0);
468
469 while (parser->iterate(parser, &objectID, &object))
470 {
471 switch (objectID)
472 {
473 case AUTH_KEY_ID_KEY_ID:
474 authKeyIdentifier = chunk_clone(object);
475 break;
476 case AUTH_KEY_ID_CERT_ISSUER:
477 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
478 break;
479 case AUTH_KEY_ID_CERT_SERIAL:
480 *authKeySerialNumber = object;
481 break;
482 default:
483 break;
484 }
485 }
486 parser->destroy(parser);
487 return authKeyIdentifier;
488 }
489
490 /**
491 * ASN.1 definition of a authorityInfoAccess extension
492 */
493 static const asn1Object_t authInfoAccessObjects[] = {
494 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
495 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
496 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
497 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
498 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
499 { 0, "exit", ASN1_EOC, ASN1_EXIT }
500 };
501 #define AUTH_INFO_ACCESS_METHOD 2
502 #define AUTH_INFO_ACCESS_LOCATION 3
503
504 /**
505 * Extracts an authorityInfoAcess location
506 */
507 static void parse_authorityInfoAccess(chunk_t blob, int level0,
508 private_x509_cert_t *this)
509 {
510 asn1_parser_t *parser;
511 chunk_t object;
512 int objectID;
513 int accessMethod = OID_UNKNOWN;
514
515 parser = asn1_parser_create(authInfoAccessObjects, blob);
516 parser->set_top_level(parser, level0);
517
518 while (parser->iterate(parser, &objectID, &object))
519 {
520 switch (objectID)
521 {
522 case AUTH_INFO_ACCESS_METHOD:
523 accessMethod = asn1_known_oid(object);
524 break;
525 case AUTH_INFO_ACCESS_LOCATION:
526 {
527 switch (accessMethod)
528 {
529 case OID_OCSP:
530 case OID_CA_ISSUERS:
531 {
532 identification_t *id;
533 char *uri;
534
535 id = parse_generalName(object,
536 parser->get_level(parser)+1);
537 if (id == NULL)
538 {
539 /* parsing went wrong - abort */
540 goto end;
541 }
542 DBG2(" '%Y'", id);
543 if (accessMethod == OID_OCSP &&
544 asprintf(&uri, "%Y", id) > 0)
545 {
546 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
547 }
548 id->destroy(id);
549 }
550 break;
551 default:
552 /* unkown accessMethod, ignoring */
553 break;
554 }
555 break;
556 }
557 default:
558 break;
559 }
560 }
561
562 end:
563 parser->destroy(parser);
564 }
565
566 /**
567 * ASN.1 definition of a extendedKeyUsage extension
568 */
569 static const asn1Object_t extendedKeyUsageObjects[] = {
570 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
571 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
572 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
573 { 0, "exit", ASN1_EOC, ASN1_EXIT }
574 };
575 #define EXT_KEY_USAGE_PURPOSE_ID 1
576
577 /**
578 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
579 */
580 static void parse_extendedKeyUsage(chunk_t blob, int level0,
581 private_x509_cert_t *this)
582 {
583 asn1_parser_t *parser;
584 chunk_t object;
585 int objectID;
586
587 parser = asn1_parser_create(extendedKeyUsageObjects, blob);
588 parser->set_top_level(parser, level0);
589
590 while (parser->iterate(parser, &objectID, &object))
591 {
592 if (objectID == EXT_KEY_USAGE_PURPOSE_ID)
593 {
594 switch (asn1_known_oid(object))
595 {
596 case OID_SERVER_AUTH:
597 this->flags |= X509_SERVER_AUTH;
598 break;
599 case OID_CLIENT_AUTH:
600 this->flags |= X509_CLIENT_AUTH;
601 break;
602 case OID_OCSP_SIGNING:
603 this->flags |= X509_OCSP_SIGNER;
604 break;
605 default:
606 break;
607 }
608 }
609 }
610 parser->destroy(parser);
611 }
612
613 /**
614 * ASN.1 definition of crlDistributionPoints
615 */
616 static const asn1Object_t crlDistributionPointsObjects[] = {
617 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
618 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
619 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
620 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
621 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
622 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
623 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
624 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
625 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
626 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
627 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
628 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
629 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
630 { 0, "exit", ASN1_EOC, ASN1_EXIT }
631 };
632 #define CRL_DIST_POINTS_FULLNAME 3
633
634 /**
635 * Extracts one or several crlDistributionPoints into a list
636 */
637 static void parse_crlDistributionPoints(chunk_t blob, int level0,
638 private_x509_cert_t *this)
639 {
640 asn1_parser_t *parser;
641 chunk_t object;
642 int objectID;
643 linked_list_t *list = linked_list_create();
644
645 parser = asn1_parser_create(crlDistributionPointsObjects, blob);
646 parser->set_top_level(parser, level0);
647
648 while (parser->iterate(parser, &objectID, &object))
649 {
650 if (objectID == CRL_DIST_POINTS_FULLNAME)
651 {
652 identification_t *id;
653
654 /* append extracted generalNames to existing chained list */
655 x509_parse_generalNames(object, parser->get_level(parser)+1,
656 TRUE, list);
657
658 while (list->remove_last(list, (void**)&id) == SUCCESS)
659 {
660 char *uri;
661
662 if (asprintf(&uri, "%Y", id) > 0)
663 {
664 this->crl_uris->insert_last(this->crl_uris, uri);
665 }
666 id->destroy(id);
667 }
668 }
669 }
670 parser->destroy(parser);
671 list->destroy(list);
672 }
673
674 /**
675 * ASN.1 definition of ipAddrBlocks according to RFC 3779
676 */
677 static const asn1Object_t ipAddrBlocksObjects[] = {
678 { 0, "ipAddrBlocks", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
679 { 1, "ipAddressFamily", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
680 { 2, "addressFamily", ASN1_OCTET_STRING, ASN1_BODY }, /* 2 */
681 { 2, "inherit", ASN1_NULL, ASN1_OPT|ASN1_NONE }, /* 3 */
682 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
683 { 2, "addressesOrRanges", ASN1_SEQUENCE, ASN1_OPT|ASN1_LOOP }, /* 5 */
684 { 3, "addressPrefix", ASN1_BIT_STRING, ASN1_OPT|ASN1_BODY }, /* 6 */
685 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
686 { 3, "addressRange", ASN1_SEQUENCE, ASN1_OPT|ASN1_NONE }, /* 8 */
687 { 4, "min", ASN1_BIT_STRING, ASN1_BODY }, /* 9 */
688 { 4, "max", ASN1_BIT_STRING, ASN1_BODY }, /* 10 */
689 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
690 { 2, "end choice/loop", ASN1_EOC, ASN1_END }, /* 12 */
691 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */
692 { 0, "exit", ASN1_EOC, ASN1_EXIT }
693 };
694 #define IP_ADDR_BLOCKS_FAMILY 2
695 #define IP_ADDR_BLOCKS_INHERIT 3
696 #define IP_ADDR_BLOCKS_PREFIX 6
697 #define IP_ADDR_BLOCKS_MIN 9
698 #define IP_ADDR_BLOCKS_MAX 10
699
700 static bool check_address_object(ts_type_t ts_type, chunk_t object)
701 {
702 switch (ts_type)
703 {
704 case TS_IPV4_ADDR_RANGE:
705 if (object.len > 5)
706 {
707 DBG1("IPv4 address object is larger than 5 octets");
708 return FALSE;
709 }
710 break;
711 case TS_IPV6_ADDR_RANGE:
712 if (object.len > 17)
713 {
714 DBG1("IPv6 address object is larger than 17 octets");
715 return FALSE;
716 }
717 break;
718 default:
719 DBG1("unknown address family");
720 return FALSE;
721 }
722 if (object.len == 0)
723 {
724 DBG1("An ASN.1 bit string must contain at least the initial octet");
725 return FALSE;
726 }
727 if (object.len == 1 && object.ptr[0] != 0)
728 {
729 DBG1("An empty ASN.1 bit string must contain a zero initial octet");
730 return FALSE;
731 }
732 if (object.ptr[0] > 7)
733 {
734 DBG1("number of unused bits is too large");
735 return FALSE;
736 }
737 return TRUE;
738 }
739
740 static void parse_ipAddrBlocks(chunk_t blob, int level0,
741 private_x509_cert_t *this)
742 {
743 asn1_parser_t *parser;
744 chunk_t object, min_object;
745 ts_type_t ts_type = 0;
746 traffic_selector_t *ts;
747 int objectID;
748
749 parser = asn1_parser_create(ipAddrBlocksObjects, blob);
750 parser->set_top_level(parser, level0);
751
752 while (parser->iterate(parser, &objectID, &object))
753 {
754 switch (objectID)
755 {
756 case IP_ADDR_BLOCKS_FAMILY:
757 ts_type = 0;
758 if (object.len == 2 && object.ptr[0] == 0)
759 {
760 if (object.ptr[1] == 1)
761 {
762 ts_type = TS_IPV4_ADDR_RANGE;
763 }
764 else if (object.ptr[1] == 2)
765 {
766 ts_type = TS_IPV6_ADDR_RANGE;
767 }
768 else
769 {
770 break;
771 }
772 DBG2(" %N", ts_type_name, ts_type);
773 }
774 break;
775 case IP_ADDR_BLOCKS_INHERIT:
776 DBG1("inherit choice is not supported");
777 break;
778 case IP_ADDR_BLOCKS_PREFIX:
779 if (!check_address_object(ts_type, object))
780 {
781 goto end;
782 }
783 ts = traffic_selector_create_from_rfc3779_format(ts_type,
784 object, object);
785 DBG2(" %R", ts);
786 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
787 break;
788 case IP_ADDR_BLOCKS_MIN:
789 if (!check_address_object(ts_type, object))
790 {
791 goto end;
792 }
793 min_object = object;
794 break;
795 case IP_ADDR_BLOCKS_MAX:
796 if (!check_address_object(ts_type, object))
797 {
798 goto end;
799 }
800 ts = traffic_selector_create_from_rfc3779_format(ts_type,
801 min_object, object);
802 DBG2(" %R", ts);
803 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
804 break;
805 default:
806 break;
807 }
808 }
809 this->flags |= X509_IP_ADDR_BLOCKS;
810
811 end:
812 parser->destroy(parser);
813 }
814
815 /**
816 * ASN.1 definition of an X.509v3 x509_cert
817 */
818 static const asn1Object_t certObjects[] = {
819 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
820 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
821 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
822 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
823 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
824 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
825 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
826 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
827 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
828 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
829 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
830 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_RAW }, /* 11 */
831 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
832 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
833 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 14 */
834 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
835 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 16 */
836 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 17 */
837 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 18 */
838 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 19 */
839 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 20 */
840 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 21 */
841 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 22 */
842 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 23 */
843 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 24 */
844 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY }, /* 25 */
845 { 0, "exit", ASN1_EOC, ASN1_EXIT }
846 };
847 #define X509_OBJ_TBS_CERTIFICATE 1
848 #define X509_OBJ_VERSION 3
849 #define X509_OBJ_SERIAL_NUMBER 4
850 #define X509_OBJ_SIG_ALG 5
851 #define X509_OBJ_ISSUER 6
852 #define X509_OBJ_NOT_BEFORE 8
853 #define X509_OBJ_NOT_AFTER 9
854 #define X509_OBJ_SUBJECT 10
855 #define X509_OBJ_SUBJECT_PUBLIC_KEY_INFO 11
856 #define X509_OBJ_OPTIONAL_EXTENSIONS 16
857 #define X509_OBJ_EXTN_ID 19
858 #define X509_OBJ_CRITICAL 20
859 #define X509_OBJ_EXTN_VALUE 21
860 #define X509_OBJ_ALGORITHM 24
861 #define X509_OBJ_SIGNATURE 25
862
863 /**
864 * forward declaration
865 */
866 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer);
867
868 /**
869 * Parses an X.509v3 certificate
870 */
871 static bool parse_certificate(private_x509_cert_t *this)
872 {
873 asn1_parser_t *parser;
874 chunk_t object;
875 int objectID;
876 int extn_oid = OID_UNKNOWN;
877 int sig_alg = OID_UNKNOWN;
878 bool success = FALSE;
879 bool critical = FALSE;
880
881 parser = asn1_parser_create(certObjects, this->encoding);
882
883 while (parser->iterate(parser, &objectID, &object))
884 {
885 u_int level = parser->get_level(parser)+1;
886
887 switch (objectID)
888 {
889 case X509_OBJ_TBS_CERTIFICATE:
890 this->tbsCertificate = object;
891 break;
892 case X509_OBJ_VERSION:
893 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
894 if (this->version < 1 || this->version > 3)
895 {
896 DBG1("X.509v%d not supported", this->version);
897 goto end;
898 }
899 else
900 {
901 DBG2(" X.509v%d", this->version);
902 }
903 break;
904 case X509_OBJ_SERIAL_NUMBER:
905 this->serialNumber = object;
906 break;
907 case X509_OBJ_SIG_ALG:
908 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
909 break;
910 case X509_OBJ_ISSUER:
911 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
912 DBG2(" '%Y'", this->issuer);
913 break;
914 case X509_OBJ_NOT_BEFORE:
915 this->notBefore = asn1_parse_time(object, level);
916 break;
917 case X509_OBJ_NOT_AFTER:
918 this->notAfter = asn1_parse_time(object, level);
919 break;
920 case X509_OBJ_SUBJECT:
921 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
922 DBG2(" '%Y'", this->subject);
923 break;
924 case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO:
925 DBG2("-- > --");
926 this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
927 KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END);
928 DBG2("-- < --");
929 if (this->public_key == NULL)
930 {
931 goto end;
932 }
933 break;
934 case X509_OBJ_OPTIONAL_EXTENSIONS:
935 if (this->version != 3)
936 {
937 DBG1("Only X.509v3 certificates have extensions");
938 goto end;
939 }
940 break;
941 case X509_OBJ_EXTN_ID:
942 extn_oid = asn1_known_oid(object);
943 break;
944 case X509_OBJ_CRITICAL:
945 critical = object.len && *object.ptr;
946 DBG2(" %s", critical ? "TRUE" : "FALSE");
947 break;
948 case X509_OBJ_EXTN_VALUE:
949 {
950 switch (extn_oid)
951 {
952 case OID_SUBJECT_KEY_ID:
953 if (!asn1_parse_simple_object(&object, ASN1_OCTET_STRING,
954 level, "keyIdentifier"))
955 {
956 goto end;
957 }
958 this->subjectKeyIdentifier = object;
959 break;
960 case OID_SUBJECT_ALT_NAME:
961 x509_parse_generalNames(object, level, FALSE,
962 this->subjectAltNames);
963 break;
964 case OID_BASIC_CONSTRAINTS:
965 parse_basicConstraints(object, level, this);
966 break;
967 case OID_CRL_DISTRIBUTION_POINTS:
968 parse_crlDistributionPoints(object, level, this);
969 break;
970 case OID_AUTHORITY_KEY_ID:
971 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
972 level, &this->authKeySerialNumber);
973 break;
974 case OID_AUTHORITY_INFO_ACCESS:
975 parse_authorityInfoAccess(object, level, this);
976 break;
977 case OID_KEY_USAGE:
978 /* TODO parse the flags */
979 break;
980 case OID_EXTENDED_KEY_USAGE:
981 parse_extendedKeyUsage(object, level, this);
982 break;
983 case OID_IP_ADDR_BLOCKS:
984 parse_ipAddrBlocks(object, level, this);
985 break;
986 case OID_NS_REVOCATION_URL:
987 case OID_NS_CA_REVOCATION_URL:
988 case OID_NS_CA_POLICY_URL:
989 case OID_NS_COMMENT:
990 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
991 level, oid_names[extn_oid].name))
992 {
993 goto end;
994 }
995 break;
996 default:
997 if (critical && lib->settings->get_bool(lib->settings,
998 "libstrongswan.plugins.x509.enforce_critical", FALSE))
999 {
1000 DBG1("critical %s extension not supported",
1001 (extn_oid == OID_UNKNOWN) ? "unknown" :
1002 (char*)oid_names[extn_oid].name);
1003 goto end;
1004 }
1005 break;
1006 }
1007 break;
1008 }
1009 case X509_OBJ_ALGORITHM:
1010 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
1011 if (this->algorithm != sig_alg)
1012 {
1013 DBG1(" signature algorithms do not agree");
1014 goto end;
1015 }
1016 break;
1017 case X509_OBJ_SIGNATURE:
1018 this->signature = object;
1019 break;
1020 default:
1021 break;
1022 }
1023 }
1024 success = parser->success(parser);
1025
1026 end:
1027 parser->destroy(parser);
1028 if (success)
1029 {
1030 hasher_t *hasher;
1031
1032 /* check if the certificate is self-signed */
1033 if (issued_by(this, &this->public.interface.interface))
1034 {
1035 this->flags |= X509_SELF_SIGNED;
1036 }
1037 /* create certificate hash */
1038 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1039 if (hasher == NULL)
1040 {
1041 DBG1(" unable to create hash of certificate, SHA1 not supported");
1042 return NULL;
1043 }
1044 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1045 hasher->destroy(hasher);
1046 }
1047 return success;
1048 }
1049
1050 /**
1051 * Implementation of certificate_t.get_type
1052 */
1053 static certificate_type_t get_type(private_x509_cert_t *this)
1054 {
1055 return CERT_X509;
1056 }
1057
1058 /**
1059 * Implementation of certificate_t.get_subject
1060 */
1061 static identification_t* get_subject(private_x509_cert_t *this)
1062 {
1063 return this->subject;
1064 }
1065
1066 /**
1067 * Implementation of certificate_t.get_issuer
1068 */
1069 static identification_t* get_issuer(private_x509_cert_t *this)
1070 {
1071 return this->issuer;
1072 }
1073
1074 /**
1075 * Implementation of certificate_t.has_subject.
1076 */
1077 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
1078 {
1079 identification_t *current;
1080 enumerator_t *enumerator;
1081 id_match_t match, best;
1082
1083 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_KEY_ID)
1084 {
1085 if (chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
1086 {
1087 return ID_MATCH_PERFECT;
1088 }
1089 }
1090
1091 best = this->subject->matches(this->subject, subject);
1092 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
1093 while (enumerator->enumerate(enumerator, &current))
1094 {
1095 match = current->matches(current, subject);
1096 if (match > best)
1097 {
1098 best = match;
1099 }
1100 }
1101 enumerator->destroy(enumerator);
1102 return best;
1103 }
1104
1105 /**
1106 * Implementation of certificate_t.has_issuer.
1107 */
1108 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
1109 {
1110 /* issuerAltNames currently not supported */
1111 return this->issuer->matches(this->issuer, issuer);
1112 }
1113
1114 /**
1115 * Implementation of certificate_t.issued_by.
1116 */
1117 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
1118 {
1119 public_key_t *key;
1120 signature_scheme_t scheme;
1121 bool valid;
1122 x509_t *x509 = (x509_t*)issuer;
1123
1124 if (&this->public.interface.interface == issuer)
1125 {
1126 if (this->flags & X509_SELF_SIGNED)
1127 {
1128 return TRUE;
1129 }
1130 }
1131 else
1132 {
1133 if (issuer->get_type(issuer) != CERT_X509)
1134 {
1135 return FALSE;
1136 }
1137 if (!(x509->get_flags(x509) & X509_CA))
1138 {
1139 return FALSE;
1140 }
1141 }
1142 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
1143 {
1144 return FALSE;
1145 }
1146
1147 /* determine signature scheme */
1148 scheme = signature_scheme_from_oid(this->algorithm);
1149 if (scheme == SIGN_UNKNOWN)
1150 {
1151 return FALSE;
1152 }
1153 /* get the public key of the issuer */
1154 key = issuer->get_public_key(issuer);
1155 if (!key)
1156 {
1157 return FALSE;
1158 }
1159 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
1160 key->destroy(key);
1161 return valid;
1162 }
1163
1164 /**
1165 * Implementation of certificate_t.get_public_key
1166 */
1167 static public_key_t* get_public_key(private_x509_cert_t *this)
1168 {
1169 this->public_key->get_ref(this->public_key);
1170 return this->public_key;
1171 }
1172
1173 /**
1174 * Implementation of certificate_t.get_ref
1175 */
1176 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1177 {
1178 ref_get(&this->ref);
1179 return this;
1180 }
1181
1182 /**
1183 * Implementation of x509_cert_t.get_flags.
1184 */
1185 static x509_flag_t get_flags(private_x509_cert_t *this)
1186 {
1187 return this->flags;
1188 }
1189
1190 /**
1191 * Implementation of x509_cert_t.get_validity.
1192 */
1193 static bool get_validity(private_x509_cert_t *this, time_t *when,
1194 time_t *not_before, time_t *not_after)
1195 {
1196 time_t t = when ? *when : time(NULL);
1197
1198 if (not_before)
1199 {
1200 *not_before = this->notBefore;
1201 }
1202 if (not_after)
1203 {
1204 *not_after = this->notAfter;
1205 }
1206 return (t >= this->notBefore && t <= this->notAfter);
1207 }
1208
1209 /**
1210 * Implementation of certificate_t.is_newer.
1211 */
1212 static bool is_newer(certificate_t *this, certificate_t *that)
1213 {
1214 time_t this_update, that_update, now = time(NULL);
1215 bool new;
1216
1217 this->get_validity(this, &now, &this_update, NULL);
1218 that->get_validity(that, &now, &that_update, NULL);
1219 new = this_update > that_update;
1220 DBG1(" certificate from %T is %s - existing certificate from %T %s",
1221 &this_update, FALSE, new ? "newer":"not newer",
1222 &that_update, FALSE, new ? "replaced":"retained");
1223 return new;
1224 }
1225
1226 /**
1227 * Implementation of certificate_t.get_encoding.
1228 */
1229 static chunk_t get_encoding(private_x509_cert_t *this)
1230 {
1231 return chunk_clone(this->encoding);
1232 }
1233
1234 /**
1235 * Implementation of certificate_t.equals.
1236 */
1237 static bool equals(private_x509_cert_t *this, certificate_t *other)
1238 {
1239 chunk_t encoding;
1240 bool equal;
1241
1242 if (this == (private_x509_cert_t*)other)
1243 {
1244 return TRUE;
1245 }
1246 if (other->get_type(other) != CERT_X509)
1247 {
1248 return FALSE;
1249 }
1250 if (other->equals == (void*)equals)
1251 { /* skip allocation if we have the same implementation */
1252 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1253 }
1254 encoding = other->get_encoding(other);
1255 equal = chunk_equals(this->encoding, encoding);
1256 free(encoding.ptr);
1257 return equal;
1258 }
1259
1260 /**
1261 * Implementation of x509_t.get_serial.
1262 */
1263 static chunk_t get_serial(private_x509_cert_t *this)
1264 {
1265 return this->serialNumber;
1266 }
1267
1268 /**
1269 * Implementation of x509_t.get_subjectKeyIdentifier.
1270 */
1271 static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this)
1272 {
1273 if (this->subjectKeyIdentifier.ptr)
1274 {
1275 return this->subjectKeyIdentifier;
1276 }
1277 else
1278 {
1279 chunk_t fingerprint;
1280
1281 if (this->public_key->get_fingerprint(this->public_key,
1282 KEY_ID_PUBKEY_SHA1, &fingerprint))
1283 {
1284 return fingerprint;
1285 }
1286 else
1287 {
1288 return chunk_empty;
1289 }
1290 }
1291 }
1292
1293 /**
1294 * Implementation of x509_t.get_authKeyIdentifier.
1295 */
1296 static chunk_t get_authKeyIdentifier(private_x509_cert_t *this)
1297 {
1298 return this->authKeyIdentifier;
1299 }
1300
1301 /**
1302 * Implementation of x509_t.get_pathLenConstraint.
1303 */
1304 static int get_pathLenConstraint(private_x509_cert_t *this)
1305 {
1306 return this->pathLenConstraint;
1307 }
1308
1309 /**
1310 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1311 */
1312 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1313 {
1314 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1315 }
1316
1317 /**
1318 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1319 */
1320 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1321 {
1322 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1323 }
1324
1325 /**
1326 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1327 */
1328 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1329 {
1330 return this->crl_uris->create_enumerator(this->crl_uris);
1331 }
1332
1333 /**
1334 * Implementation of x509_cert_t.create_ipAddrBlock_enumerator.
1335 */
1336 static enumerator_t* create_ipAddrBlock_enumerator(private_x509_cert_t *this)
1337 {
1338 return this->ipAddrBlocks->create_enumerator(this->ipAddrBlocks);
1339 }
1340
1341 /**
1342 * Implementation of certificate_t.destroy.
1343 */
1344 static void destroy(private_x509_cert_t *this)
1345 {
1346 if (ref_put(&this->ref))
1347 {
1348 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1349 offsetof(identification_t, destroy));
1350 this->crl_uris->destroy_function(this->crl_uris, free);
1351 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1352 this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks, offsetof(traffic_selector_t, destroy));
1353 DESTROY_IF(this->issuer);
1354 DESTROY_IF(this->subject);
1355 DESTROY_IF(this->public_key);
1356 chunk_free(&this->authKeyIdentifier);
1357 chunk_free(&this->encoding);
1358 chunk_free(&this->encoding_hash);
1359 if (!this->parsed)
1360 { /* only parsed certificates point these fields to "encoded" */
1361 chunk_free(&this->signature);
1362 chunk_free(&this->serialNumber);
1363 chunk_free(&this->tbsCertificate);
1364 }
1365 free(this);
1366 }
1367 }
1368
1369 /**
1370 * create an empty but initialized X.509 certificate
1371 */
1372 static private_x509_cert_t* create_empty(void)
1373 {
1374 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1375
1376 this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type;
1377 this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject;
1378 this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer;
1379 this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
1380 this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer;
1381 this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
1382 this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
1383 this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
1384 this->public.interface.interface.is_newer = (bool (*) (certificate_t*,certificate_t*))is_newer;
1385 this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding;
1386 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
1387 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
1388 this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
1389 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1390 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1391 this->public.interface.get_subjectKeyIdentifier = (chunk_t (*)(x509_t*))get_subjectKeyIdentifier;
1392 this->public.interface.get_authKeyIdentifier = (chunk_t (*)(x509_t*))get_authKeyIdentifier;
1393 this->public.interface.get_pathLenConstraint = (int (*)(x509_t*))get_pathLenConstraint;
1394 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1395 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1396 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1397 this->public.interface.create_ipAddrBlock_enumerator = (enumerator_t* (*)(x509_t*))create_ipAddrBlock_enumerator;
1398
1399 this->encoding = chunk_empty;
1400 this->encoding_hash = chunk_empty;
1401 this->tbsCertificate = chunk_empty;
1402 this->version = 1;
1403 this->serialNumber = chunk_empty;
1404 this->notBefore = 0;
1405 this->notAfter = 0;
1406 this->public_key = NULL;
1407 this->subject = NULL;
1408 this->issuer = NULL;
1409 this->subjectAltNames = linked_list_create();
1410 this->crl_uris = linked_list_create();
1411 this->ocsp_uris = linked_list_create();
1412 this->ipAddrBlocks = linked_list_create();
1413 this->subjectKeyIdentifier = chunk_empty;
1414 this->authKeyIdentifier = chunk_empty;
1415 this->authKeySerialNumber = chunk_empty;
1416 this->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1417 this->algorithm = 0;
1418 this->signature = chunk_empty;
1419 this->flags = 0;
1420 this->ref = 1;
1421 this->parsed = FALSE;
1422
1423 return this;
1424 }
1425
1426 /**
1427 * Encode a linked list of subjectAltNames
1428 */
1429 chunk_t x509_build_subjectAltNames(linked_list_t *list)
1430 {
1431 chunk_t subjectAltNames = chunk_empty;
1432 enumerator_t *enumerator;
1433 identification_t *id;
1434
1435 if (list->get_count(list) == 0)
1436 {
1437 return chunk_empty;
1438 }
1439
1440 enumerator = list->create_enumerator(list);
1441 while (enumerator->enumerate(enumerator, &id))
1442 {
1443 int context;
1444 chunk_t name;
1445
1446 switch (id->get_type(id))
1447 {
1448 case ID_RFC822_ADDR:
1449 context = ASN1_CONTEXT_S_1;
1450 break;
1451 case ID_FQDN:
1452 context = ASN1_CONTEXT_S_2;
1453 break;
1454 case ID_IPV4_ADDR:
1455 case ID_IPV6_ADDR:
1456 context = ASN1_CONTEXT_S_7;
1457 break;
1458 default:
1459 DBG1("encoding %N as subjectAltName not supported",
1460 id_type_names, id->get_type(id));
1461 enumerator->destroy(enumerator);
1462 free(subjectAltNames.ptr);
1463 return chunk_empty;
1464 }
1465 name = asn1_wrap(context, "c", id->get_encoding(id));
1466 subjectAltNames = chunk_cat("mm", subjectAltNames, name);
1467 }
1468 enumerator->destroy(enumerator);
1469
1470 return asn1_wrap(ASN1_SEQUENCE, "mm",
1471 asn1_build_known_oid(OID_SUBJECT_ALT_NAME),
1472 asn1_wrap(ASN1_OCTET_STRING, "m",
1473 asn1_wrap(ASN1_SEQUENCE, "m", subjectAltNames)
1474 )
1475 );
1476 }
1477
1478 /**
1479 * Generate and sign a new certificate
1480 */
1481 static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
1482 private_key_t *sign_key, int digest_alg)
1483 {
1484 chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty;
1485 chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty;
1486 chunk_t ocspSigning = chunk_empty;
1487 chunk_t basicConstraints = chunk_empty;
1488 chunk_t keyUsage = chunk_empty;
1489 chunk_t subjectAltNames = chunk_empty;
1490 chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
1491 chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
1492 identification_t *issuer, *subject;
1493 chunk_t key_info;
1494 signature_scheme_t scheme;
1495 hasher_t *hasher;
1496 enumerator_t *enumerator;
1497 char *uri;
1498
1499 subject = cert->subject;
1500 if (sign_cert)
1501 {
1502 issuer = sign_cert->get_subject(sign_cert);
1503 if (!cert->public_key)
1504 {
1505 return FALSE;
1506 }
1507 }
1508 else
1509 { /* self signed */
1510 issuer = subject;
1511 if (!cert->public_key)
1512 {
1513 cert->public_key = sign_key->get_public_key(sign_key);
1514 }
1515 cert->flags |= X509_SELF_SIGNED;
1516 }
1517 cert->issuer = issuer->clone(issuer);
1518 if (!cert->notBefore)
1519 {
1520 cert->notBefore = time(NULL);
1521 }
1522 if (!cert->notAfter)
1523 { /* defaults to 1 year from now */
1524 cert->notAfter = cert->notBefore + 60 * 60 * 24 * 365;
1525 }
1526
1527 /* select signature scheme */
1528 cert->algorithm = hasher_signature_algorithm_to_oid(digest_alg,
1529 sign_key->get_type(sign_key));
1530 if (cert->algorithm == OID_UNKNOWN)
1531 {
1532 return FALSE;
1533 }
1534 scheme = signature_scheme_from_oid(cert->algorithm);
1535
1536 if (!cert->public_key->get_encoding(cert->public_key,
1537 KEY_PUB_SPKI_ASN1_DER, &key_info))
1538 {
1539 return FALSE;
1540 }
1541
1542 /* encode subjectAltNames */
1543 subjectAltNames = x509_build_subjectAltNames(cert->subjectAltNames);
1544
1545 /* encode CRL distribution points extension */
1546 enumerator = cert->crl_uris->create_enumerator(cert->crl_uris);
1547 while (enumerator->enumerate(enumerator, &uri))
1548 {
1549 chunk_t distributionPoint;
1550
1551 distributionPoint = asn1_wrap(ASN1_SEQUENCE, "m",
1552 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1553 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1554 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1555 chunk_create(uri, strlen(uri))))));
1556
1557 crlDistributionPoints = chunk_cat("mm", crlDistributionPoints,
1558 distributionPoint);
1559 }
1560 enumerator->destroy(enumerator);
1561 if (crlDistributionPoints.ptr)
1562 {
1563 crlDistributionPoints = asn1_wrap(ASN1_SEQUENCE, "mm",
1564 asn1_build_known_oid(OID_CRL_DISTRIBUTION_POINTS),
1565 asn1_wrap(ASN1_OCTET_STRING, "m",
1566 asn1_wrap(ASN1_SEQUENCE, "m", crlDistributionPoints)));
1567 }
1568
1569 /* encode OCSP URIs in authorityInfoAccess extension */
1570 enumerator = cert->ocsp_uris->create_enumerator(cert->ocsp_uris);
1571 while (enumerator->enumerate(enumerator, &uri))
1572 {
1573 chunk_t accessDescription;
1574
1575 accessDescription = asn1_wrap(ASN1_SEQUENCE, "mm",
1576 asn1_build_known_oid(OID_OCSP),
1577 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1578 chunk_create(uri, strlen(uri))));
1579 authorityInfoAccess = chunk_cat("mm", authorityInfoAccess,
1580 accessDescription);
1581 }
1582 enumerator->destroy(enumerator);
1583 if (authorityInfoAccess.ptr)
1584 {
1585 authorityInfoAccess = asn1_wrap(ASN1_SEQUENCE, "mm",
1586 asn1_build_known_oid(OID_AUTHORITY_INFO_ACCESS),
1587 asn1_wrap(ASN1_OCTET_STRING, "m",
1588 asn1_wrap(ASN1_SEQUENCE, "m", authorityInfoAccess)));
1589 }
1590
1591 /* build CA basicConstraint and keyUsage flags for CA certificates */
1592 if (cert->flags & X509_CA)
1593 {
1594 chunk_t pathLenConstraint = chunk_empty;
1595
1596 if (cert->pathLenConstraint != X509_NO_PATH_LEN_CONSTRAINT)
1597 {
1598 char pathlen = (char)cert->pathLenConstraint;
1599
1600 pathLenConstraint = asn1_integer("c", chunk_from_thing(pathlen));
1601 }
1602 basicConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm",
1603 asn1_build_known_oid(OID_BASIC_CONSTRAINTS),
1604 asn1_wrap(ASN1_BOOLEAN, "c",
1605 chunk_from_chars(0xFF)),
1606 asn1_wrap(ASN1_OCTET_STRING, "m",
1607 asn1_wrap(ASN1_SEQUENCE, "mm",
1608 asn1_wrap(ASN1_BOOLEAN, "c",
1609 chunk_from_chars(0xFF)),
1610 pathLenConstraint)));
1611 keyUsage = asn1_wrap(ASN1_SEQUENCE, "mmm",
1612 asn1_build_known_oid(OID_KEY_USAGE),
1613 asn1_wrap(ASN1_BOOLEAN, "c",
1614 chunk_from_chars(0xFF)),
1615 asn1_wrap(ASN1_OCTET_STRING, "m",
1616 asn1_wrap(ASN1_BIT_STRING, "c",
1617 chunk_from_chars(0x01, 0x06))));
1618 }
1619
1620 /* add serverAuth extendedKeyUsage flag */
1621 if (cert->flags & X509_SERVER_AUTH)
1622 {
1623 serverAuth = asn1_build_known_oid(OID_SERVER_AUTH);
1624 }
1625 if (cert->flags & X509_CLIENT_AUTH)
1626 {
1627 clientAuth = asn1_build_known_oid(OID_CLIENT_AUTH);
1628 }
1629
1630 /* add ocspSigning extendedKeyUsage flag */
1631 if (cert->flags & X509_OCSP_SIGNER)
1632 {
1633 ocspSigning = asn1_build_known_oid(OID_OCSP_SIGNING);
1634 }
1635
1636 if (serverAuth.ptr || clientAuth.ptr || ocspSigning.ptr)
1637 {
1638 extendedKeyUsage = asn1_wrap(ASN1_SEQUENCE, "mm",
1639 asn1_build_known_oid(OID_EXTENDED_KEY_USAGE),
1640 asn1_wrap(ASN1_OCTET_STRING, "m",
1641 asn1_wrap(ASN1_SEQUENCE, "mmm",
1642 serverAuth, clientAuth, ocspSigning)));
1643 }
1644
1645 /* add subjectKeyIdentifier to CA and OCSP signer certificates */
1646 if (cert->flags & (X509_CA | X509_OCSP_SIGNER))
1647 {
1648 chunk_t keyid;
1649
1650 if (cert->public_key->get_fingerprint(cert->public_key,
1651 KEY_ID_PUBKEY_SHA1, &keyid))
1652 {
1653 subjectKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1654 asn1_build_known_oid(OID_SUBJECT_KEY_ID),
1655 asn1_wrap(ASN1_OCTET_STRING, "m",
1656 asn1_wrap(ASN1_OCTET_STRING, "c", keyid)));
1657 }
1658 }
1659
1660 /* add the keyid authKeyIdentifier for non self-signed certificates */
1661 if (sign_key)
1662 {
1663 chunk_t keyid;
1664
1665 if (sign_key->get_fingerprint(sign_key, KEY_ID_PUBKEY_SHA1, &keyid))
1666 {
1667 authKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1668 asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
1669 asn1_wrap(ASN1_OCTET_STRING, "m",
1670 asn1_wrap(ASN1_SEQUENCE, "m",
1671 asn1_wrap(ASN1_CONTEXT_S_0, "c", keyid))));
1672 }
1673 }
1674 if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr ||
1675 crlDistributionPoints.ptr)
1676 {
1677 extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m",
1678 asn1_wrap(ASN1_SEQUENCE, "mmmmmmmm",
1679 basicConstraints, keyUsage, subjectKeyIdentifier,
1680 authKeyIdentifier, subjectAltNames,
1681 extendedKeyUsage, crlDistributionPoints,
1682 authorityInfoAccess));
1683 }
1684
1685 cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmmcmcmm",
1686 asn1_simple_object(ASN1_CONTEXT_C_0, ASN1_INTEGER_2),
1687 asn1_integer("c", cert->serialNumber),
1688 asn1_algorithmIdentifier(cert->algorithm),
1689 issuer->get_encoding(issuer),
1690 asn1_wrap(ASN1_SEQUENCE, "mm",
1691 asn1_from_time(&cert->notBefore, ASN1_UTCTIME),
1692 asn1_from_time(&cert->notAfter, ASN1_UTCTIME)),
1693 subject->get_encoding(subject),
1694 key_info, extensions);
1695
1696 if (!sign_key->sign(sign_key, scheme, cert->tbsCertificate, &cert->signature))
1697 {
1698 return FALSE;
1699 }
1700 cert->encoding = asn1_wrap(ASN1_SEQUENCE, "cmm", cert->tbsCertificate,
1701 asn1_algorithmIdentifier(cert->algorithm),
1702 asn1_bitstring("c", cert->signature));
1703
1704 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1705 if (!hasher)
1706 {
1707 return FALSE;
1708 }
1709 hasher->allocate_hash(hasher, cert->encoding, &cert->encoding_hash);
1710 hasher->destroy(hasher);
1711 return TRUE;
1712 }
1713
1714 /**
1715 * See header.
1716 */
1717 x509_cert_t *x509_cert_load(certificate_type_t type, va_list args)
1718 {
1719 x509_flag_t flags = 0;
1720 chunk_t blob = chunk_empty;
1721
1722 while (TRUE)
1723 {
1724 switch (va_arg(args, builder_part_t))
1725 {
1726 case BUILD_BLOB_ASN1_DER:
1727 blob = va_arg(args, chunk_t);
1728 continue;
1729 case BUILD_X509_FLAG:
1730 flags |= va_arg(args, x509_flag_t);
1731 continue;
1732 case BUILD_END:
1733 break;
1734 default:
1735 return NULL;
1736 }
1737 break;
1738 }
1739
1740 if (blob.ptr)
1741 {
1742 private_x509_cert_t *cert = create_empty();
1743
1744 cert->encoding = chunk_clone(blob);
1745 cert->parsed = TRUE;
1746 if (parse_certificate(cert))
1747 {
1748 cert->flags |= flags;
1749 return &cert->public;
1750 }
1751 destroy(cert);
1752 }
1753 return NULL;
1754 }
1755
1756 /**
1757 * See header.
1758 */
1759 x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
1760 {
1761 private_x509_cert_t *cert;
1762 certificate_t *sign_cert = NULL;
1763 private_key_t *sign_key = NULL;
1764 hash_algorithm_t digest_alg = HASH_SHA1;
1765
1766 cert = create_empty();
1767 while (TRUE)
1768 {
1769 switch (va_arg(args, builder_part_t))
1770 {
1771 case BUILD_X509_FLAG:
1772 cert->flags |= va_arg(args, x509_flag_t);
1773 continue;
1774 case BUILD_SIGNING_KEY:
1775 sign_key = va_arg(args, private_key_t*);
1776 continue;
1777 case BUILD_SIGNING_CERT:
1778 sign_cert = va_arg(args, certificate_t*);
1779 continue;
1780 case BUILD_PUBLIC_KEY:
1781 cert->public_key = va_arg(args, public_key_t*);
1782 cert->public_key->get_ref(cert->public_key);
1783 continue;
1784 case BUILD_SUBJECT:
1785 cert->subject = va_arg(args, identification_t*);
1786 cert->subject = cert->subject->clone(cert->subject);
1787 continue;
1788 case BUILD_SUBJECT_ALTNAMES:
1789 {
1790 enumerator_t *enumerator;
1791 identification_t *id;
1792 linked_list_t *list;
1793
1794 list = va_arg(args, linked_list_t*);
1795 enumerator = list->create_enumerator(list);
1796 while (enumerator->enumerate(enumerator, &id))
1797 {
1798 cert->subjectAltNames->insert_last(cert->subjectAltNames,
1799 id->clone(id));
1800 }
1801 enumerator->destroy(enumerator);
1802 continue;
1803 }
1804 case BUILD_CRL_DISTRIBUTION_POINTS:
1805 {
1806 enumerator_t *enumerator;
1807 linked_list_t *list;
1808 char *uri;
1809
1810 list = va_arg(args, linked_list_t*);
1811 enumerator = list->create_enumerator(list);
1812 while (enumerator->enumerate(enumerator, &uri))
1813 {
1814 cert->crl_uris->insert_last(cert->crl_uris, strdup(uri));
1815 }
1816 enumerator->destroy(enumerator);
1817 continue;
1818 }
1819 case BUILD_OCSP_ACCESS_LOCATIONS:
1820 {
1821 enumerator_t *enumerator;
1822 linked_list_t *list;
1823 char *uri;
1824
1825 list = va_arg(args, linked_list_t*);
1826 enumerator = list->create_enumerator(list);
1827 while (enumerator->enumerate(enumerator, &uri))
1828 {
1829 cert->ocsp_uris->insert_last(cert->ocsp_uris, strdup(uri));
1830 }
1831 enumerator->destroy(enumerator);
1832 continue;
1833 }
1834 case BUILD_PATHLEN:
1835 cert->pathLenConstraint = va_arg(args, int);
1836 if (cert->pathLenConstraint < 0 || cert->pathLenConstraint > 127)
1837 {
1838 cert->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1839 }
1840 continue;
1841 case BUILD_NOT_BEFORE_TIME:
1842 cert->notBefore = va_arg(args, time_t);
1843 continue;
1844 case BUILD_NOT_AFTER_TIME:
1845 cert->notAfter = va_arg(args, time_t);
1846 continue;
1847 case BUILD_SERIAL:
1848 cert->serialNumber = chunk_clone(va_arg(args, chunk_t));
1849 continue;
1850 case BUILD_DIGEST_ALG:
1851 digest_alg = va_arg(args, int);
1852 continue;
1853 case BUILD_END:
1854 break;
1855 default:
1856 destroy(cert);
1857 return NULL;
1858 }
1859 break;
1860 }
1861
1862 if (sign_key && generate(cert, sign_cert, sign_key, digest_alg))
1863 {
1864 return &cert->public;
1865 }
1866 destroy(cert);
1867 return NULL;
1868 }
1869