b60a005ba51cd00822aeac9bc7e52da5f8882fcd
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2009 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 */
20
21 #define _GNU_SOURCE
22
23 #include "x509_cert.h"
24
25 #include <sys/stat.h>
26 #include <time.h>
27 #include <unistd.h>
28 #include <string.h>
29 #include <stdio.h>
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/asn1_parser.h>
36 #include <crypto/hashers/hasher.h>
37 #include <credentials/keys/private_key.h>
38 #include <utils/linked_list.h>
39 #include <utils/identification.h>
40 #include <selectors/traffic_selector.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List of ocspAccessLocations as allocated char*
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * List of ipAddrBlocks as traffic_selector_t
131 */
132 linked_list_t *ipAddrBlocks;
133
134 /**
135 * certificate's embedded public key
136 */
137 public_key_t *public_key;
138
139 /**
140 * Subject Key Identifier
141 */
142 chunk_t subjectKeyIdentifier;
143
144 /**
145 * Authority Key Identifier
146 */
147 chunk_t authKeyIdentifier;
148
149 /**
150 * Authority Key Serial Number
151 */
152 chunk_t authKeySerialNumber;
153
154 /**
155 * Path Length Constraint
156 */
157 int pathLenConstraint;
158
159 /**
160 * x509 constraints and other flags
161 */
162 x509_flag_t flags;
163
164 /**
165 * Signature algorithm
166 */
167 int algorithm;
168
169 /**
170 * Signature
171 */
172 chunk_t signature;
173
174 /**
175 * Certificate parsed from blob/file?
176 */
177 bool parsed;
178
179 /**
180 * reference count
181 */
182 refcount_t ref;
183 };
184
185 static const chunk_t ASN1_subjectAltName_oid = chunk_from_chars(
186 0x06, 0x03, 0x55, 0x1D, 0x11
187 );
188
189 /**
190 * ASN.1 definition of a basicConstraints extension
191 */
192 static const asn1Object_t basicConstraintsObjects[] = {
193 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
194 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
195 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
196 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
197 { 0, "exit", ASN1_EOC, ASN1_EXIT }
198 };
199 #define BASIC_CONSTRAINTS_CA 1
200 #define BASIC_CONSTRAINTS_PATH_LEN 2
201
202 /**
203 * Extracts the basicConstraints extension
204 */
205 static void parse_basicConstraints(chunk_t blob, int level0,
206 private_x509_cert_t *this)
207 {
208 asn1_parser_t *parser;
209 chunk_t object;
210 int objectID;
211 bool isCA = FALSE;
212
213 parser = asn1_parser_create(basicConstraintsObjects, blob);
214 parser->set_top_level(parser, level0);
215
216 while (parser->iterate(parser, &objectID, &object))
217 {
218 switch (objectID)
219 {
220 case BASIC_CONSTRAINTS_CA:
221 isCA = object.len && *object.ptr;
222 DBG2(DBG_LIB, " %s", isCA ? "TRUE" : "FALSE");
223 if (isCA)
224 {
225 this->flags |= X509_CA;
226 }
227 break;
228 case BASIC_CONSTRAINTS_PATH_LEN:
229 if (isCA)
230 {
231 if (object.len == 0)
232 {
233 this->pathLenConstraint = 0;
234 }
235 else if (object.len == 1)
236 {
237 this->pathLenConstraint = *object.ptr;
238 }
239 /* we ignore path length constraints > 127 */
240 }
241 break;
242 default:
243 break;
244 }
245 }
246 parser->destroy(parser);
247 }
248
249 /**
250 * ASN.1 definition of otherName
251 */
252 static const asn1Object_t otherNameObjects[] = {
253 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
254 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY }, /* 1 */
255 {0, "exit", ASN1_EOC, ASN1_EXIT }
256 };
257 #define ON_OBJ_ID_TYPE 0
258 #define ON_OBJ_VALUE 1
259
260 /**
261 * Extracts an otherName
262 */
263 static bool parse_otherName(chunk_t *blob, int level0, id_type_t *type)
264 {
265 asn1_parser_t *parser;
266 chunk_t object;
267 int objectID;
268 int oid = OID_UNKNOWN;
269 bool success = FALSE;
270
271 parser = asn1_parser_create(otherNameObjects, *blob);
272 parser->set_top_level(parser, level0);
273
274 while (parser->iterate(parser, &objectID, &object))
275 {
276 switch (objectID)
277 {
278 case ON_OBJ_ID_TYPE:
279 oid = asn1_known_oid(object);
280 break;
281 case ON_OBJ_VALUE:
282 switch (oid)
283 {
284 case OID_XMPP_ADDR:
285 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
286 parser->get_level(parser)+1, "xmppAddr"))
287 {
288 goto end;
289 }
290 break;
291 case OID_USER_PRINCIPAL_NAME:
292 if (asn1_parse_simple_object(&object, ASN1_UTF8STRING,
293 parser->get_level(parser)+1, "msUPN"))
294 { /* we handle UPNs as RFC822 addr */
295 *blob = object;
296 *type = ID_RFC822_ADDR;
297 }
298 else
299 {
300 goto end;
301 }
302 break;
303 }
304 break;
305 default:
306 break;
307 }
308 }
309 success = parser->success(parser);
310
311 end:
312 parser->destroy(parser);
313 return success;
314 }
315
316 /**
317 * ASN.1 definition of generalName
318 */
319 static const asn1Object_t generalNameObjects[] = {
320 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
321 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
322 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
323 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
324 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
325 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
326 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
327 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
328 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
329 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
330 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
331 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
332 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
333 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
334 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
335 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
336 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
337 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 17 */
338 { 0, "exit", ASN1_EOC, ASN1_EXIT }
339 };
340 #define GN_OBJ_OTHER_NAME 0
341 #define GN_OBJ_RFC822_NAME 2
342 #define GN_OBJ_DNS_NAME 4
343 #define GN_OBJ_X400_ADDRESS 6
344 #define GN_OBJ_DIRECTORY_NAME 8
345 #define GN_OBJ_EDI_PARTY_NAME 10
346 #define GN_OBJ_URI 12
347 #define GN_OBJ_IP_ADDRESS 14
348 #define GN_OBJ_REGISTERED_ID 16
349
350 /**
351 * Extracts a generalName
352 */
353 static identification_t *parse_generalName(chunk_t blob, int level0)
354 {
355 asn1_parser_t *parser;
356 chunk_t object;
357 int objectID ;
358
359 identification_t *gn = NULL;
360
361 parser = asn1_parser_create(generalNameObjects, blob);
362 parser->set_top_level(parser, level0);
363
364 while (parser->iterate(parser, &objectID, &object))
365 {
366 id_type_t id_type = ID_ANY;
367
368 switch (objectID)
369 {
370 case GN_OBJ_RFC822_NAME:
371 id_type = ID_RFC822_ADDR;
372 break;
373 case GN_OBJ_DNS_NAME:
374 id_type = ID_FQDN;
375 break;
376 case GN_OBJ_URI:
377 id_type = ID_DER_ASN1_GN_URI;
378 break;
379 case GN_OBJ_DIRECTORY_NAME:
380 id_type = ID_DER_ASN1_DN;
381 break;
382 case GN_OBJ_IP_ADDRESS:
383 switch (object.len)
384 {
385 case 4:
386 id_type = ID_IPV4_ADDR;
387 break;
388 case 16:
389 id_type = ID_IPV6_ADDR;
390 break;
391 default:
392 break;
393 }
394 break;
395 case GN_OBJ_OTHER_NAME:
396 if (!parse_otherName(&object, parser->get_level(parser)+1,
397 &id_type))
398 {
399 goto end;
400 }
401 break;
402 case GN_OBJ_X400_ADDRESS:
403 case GN_OBJ_EDI_PARTY_NAME:
404 case GN_OBJ_REGISTERED_ID:
405 default:
406 break;
407 }
408 if (id_type != ID_ANY)
409 {
410 gn = identification_create_from_encoding(id_type, object);
411 DBG2(DBG_LIB, " '%Y'", gn);
412 goto end;
413 }
414 }
415
416 end:
417 parser->destroy(parser);
418 return gn;
419 }
420
421 /**
422 * ASN.1 definition of generalNames
423 */
424 static const asn1Object_t generalNamesObjects[] = {
425 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
426 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
427 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
428 { 0, "exit", ASN1_EOC, ASN1_EXIT }
429 };
430 #define GENERAL_NAMES_GN 1
431
432 /**
433 * Extracts one or several GNs and puts them into a chained list
434 */
435 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
436 {
437 asn1_parser_t *parser;
438 chunk_t object;
439 int objectID;
440
441 parser = asn1_parser_create(generalNamesObjects, blob);
442 parser->set_top_level(parser, level0);
443 parser->set_flags(parser, implicit, FALSE);
444
445 while (parser->iterate(parser, &objectID, &object))
446 {
447 if (objectID == GENERAL_NAMES_GN)
448 {
449 identification_t *gn = parse_generalName(object,
450 parser->get_level(parser)+1);
451
452 if (gn)
453 {
454 list->insert_last(list, (void *)gn);
455 }
456 }
457 }
458 parser->destroy(parser);
459 }
460
461 /**
462 * ASN.1 definition of a authorityKeyIdentifier extension
463 */
464 static const asn1Object_t authKeyIdentifierObjects[] = {
465 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
466 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_BODY }, /* 1 */
467 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
468 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
469 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
470 { 1, "authorityCertSerialNumber", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
471 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
472 { 0, "exit", ASN1_EOC, ASN1_EXIT }
473 };
474 #define AUTH_KEY_ID_KEY_ID 1
475 #define AUTH_KEY_ID_CERT_ISSUER 3
476 #define AUTH_KEY_ID_CERT_SERIAL 5
477
478 /**
479 * Extracts an authoritykeyIdentifier
480 */
481 chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
482 chunk_t *authKeySerialNumber)
483 {
484 asn1_parser_t *parser;
485 chunk_t object;
486 int objectID;
487 chunk_t authKeyIdentifier = chunk_empty;
488
489 *authKeySerialNumber = chunk_empty;
490
491 parser = asn1_parser_create(authKeyIdentifierObjects, blob);
492 parser->set_top_level(parser, level0);
493
494 while (parser->iterate(parser, &objectID, &object))
495 {
496 switch (objectID)
497 {
498 case AUTH_KEY_ID_KEY_ID:
499 authKeyIdentifier = chunk_clone(object);
500 break;
501 case AUTH_KEY_ID_CERT_ISSUER:
502 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
503 break;
504 case AUTH_KEY_ID_CERT_SERIAL:
505 *authKeySerialNumber = object;
506 break;
507 default:
508 break;
509 }
510 }
511 parser->destroy(parser);
512 return authKeyIdentifier;
513 }
514
515 /**
516 * ASN.1 definition of a authorityInfoAccess extension
517 */
518 static const asn1Object_t authInfoAccessObjects[] = {
519 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
520 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
521 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
522 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
523 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
524 { 0, "exit", ASN1_EOC, ASN1_EXIT }
525 };
526 #define AUTH_INFO_ACCESS_METHOD 2
527 #define AUTH_INFO_ACCESS_LOCATION 3
528
529 /**
530 * Extracts an authorityInfoAcess location
531 */
532 static void parse_authorityInfoAccess(chunk_t blob, int level0,
533 private_x509_cert_t *this)
534 {
535 asn1_parser_t *parser;
536 chunk_t object;
537 int objectID;
538 int accessMethod = OID_UNKNOWN;
539
540 parser = asn1_parser_create(authInfoAccessObjects, blob);
541 parser->set_top_level(parser, level0);
542
543 while (parser->iterate(parser, &objectID, &object))
544 {
545 switch (objectID)
546 {
547 case AUTH_INFO_ACCESS_METHOD:
548 accessMethod = asn1_known_oid(object);
549 break;
550 case AUTH_INFO_ACCESS_LOCATION:
551 {
552 switch (accessMethod)
553 {
554 case OID_OCSP:
555 case OID_CA_ISSUERS:
556 {
557 identification_t *id;
558 char *uri;
559
560 id = parse_generalName(object,
561 parser->get_level(parser)+1);
562 if (id == NULL)
563 {
564 /* parsing went wrong - abort */
565 goto end;
566 }
567 DBG2(DBG_LIB, " '%Y'", id);
568 if (accessMethod == OID_OCSP &&
569 asprintf(&uri, "%Y", id) > 0)
570 {
571 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
572 }
573 id->destroy(id);
574 }
575 break;
576 default:
577 /* unkown accessMethod, ignoring */
578 break;
579 }
580 break;
581 }
582 default:
583 break;
584 }
585 }
586
587 end:
588 parser->destroy(parser);
589 }
590
591 /**
592 * ASN.1 definition of a extendedKeyUsage extension
593 */
594 static const asn1Object_t extendedKeyUsageObjects[] = {
595 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
596 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
597 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
598 { 0, "exit", ASN1_EOC, ASN1_EXIT }
599 };
600 #define EXT_KEY_USAGE_PURPOSE_ID 1
601
602 /**
603 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
604 */
605 static void parse_extendedKeyUsage(chunk_t blob, int level0,
606 private_x509_cert_t *this)
607 {
608 asn1_parser_t *parser;
609 chunk_t object;
610 int objectID;
611
612 parser = asn1_parser_create(extendedKeyUsageObjects, blob);
613 parser->set_top_level(parser, level0);
614
615 while (parser->iterate(parser, &objectID, &object))
616 {
617 if (objectID == EXT_KEY_USAGE_PURPOSE_ID)
618 {
619 switch (asn1_known_oid(object))
620 {
621 case OID_SERVER_AUTH:
622 this->flags |= X509_SERVER_AUTH;
623 break;
624 case OID_CLIENT_AUTH:
625 this->flags |= X509_CLIENT_AUTH;
626 break;
627 case OID_OCSP_SIGNING:
628 this->flags |= X509_OCSP_SIGNER;
629 break;
630 default:
631 break;
632 }
633 }
634 }
635 parser->destroy(parser);
636 }
637
638 /**
639 * ASN.1 definition of crlDistributionPoints
640 */
641 static const asn1Object_t crlDistributionPointsObjects[] = {
642 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
643 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
644 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
645 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
646 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
647 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
648 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
649 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
650 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
651 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
652 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
653 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
654 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
655 { 0, "exit", ASN1_EOC, ASN1_EXIT }
656 };
657 #define CRL_DIST_POINTS_FULLNAME 3
658
659 /**
660 * Extracts one or several crlDistributionPoints into a list
661 */
662 static void parse_crlDistributionPoints(chunk_t blob, int level0,
663 private_x509_cert_t *this)
664 {
665 asn1_parser_t *parser;
666 chunk_t object;
667 int objectID;
668 linked_list_t *list = linked_list_create();
669
670 parser = asn1_parser_create(crlDistributionPointsObjects, blob);
671 parser->set_top_level(parser, level0);
672
673 while (parser->iterate(parser, &objectID, &object))
674 {
675 if (objectID == CRL_DIST_POINTS_FULLNAME)
676 {
677 identification_t *id;
678
679 /* append extracted generalNames to existing chained list */
680 x509_parse_generalNames(object, parser->get_level(parser)+1,
681 TRUE, list);
682
683 while (list->remove_last(list, (void**)&id) == SUCCESS)
684 {
685 char *uri;
686
687 if (asprintf(&uri, "%Y", id) > 0)
688 {
689 this->crl_uris->insert_last(this->crl_uris, uri);
690 }
691 id->destroy(id);
692 }
693 }
694 }
695 parser->destroy(parser);
696 list->destroy(list);
697 }
698
699 /**
700 * ASN.1 definition of ipAddrBlocks according to RFC 3779
701 */
702 static const asn1Object_t ipAddrBlocksObjects[] = {
703 { 0, "ipAddrBlocks", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
704 { 1, "ipAddressFamily", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
705 { 2, "addressFamily", ASN1_OCTET_STRING, ASN1_BODY }, /* 2 */
706 { 2, "inherit", ASN1_NULL, ASN1_OPT|ASN1_NONE }, /* 3 */
707 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
708 { 2, "addressesOrRanges", ASN1_SEQUENCE, ASN1_OPT|ASN1_LOOP }, /* 5 */
709 { 3, "addressPrefix", ASN1_BIT_STRING, ASN1_OPT|ASN1_BODY }, /* 6 */
710 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
711 { 3, "addressRange", ASN1_SEQUENCE, ASN1_OPT|ASN1_NONE }, /* 8 */
712 { 4, "min", ASN1_BIT_STRING, ASN1_BODY }, /* 9 */
713 { 4, "max", ASN1_BIT_STRING, ASN1_BODY }, /* 10 */
714 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
715 { 2, "end choice/loop", ASN1_EOC, ASN1_END }, /* 12 */
716 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */
717 { 0, "exit", ASN1_EOC, ASN1_EXIT }
718 };
719 #define IP_ADDR_BLOCKS_FAMILY 2
720 #define IP_ADDR_BLOCKS_INHERIT 3
721 #define IP_ADDR_BLOCKS_PREFIX 6
722 #define IP_ADDR_BLOCKS_MIN 9
723 #define IP_ADDR_BLOCKS_MAX 10
724
725 static bool check_address_object(ts_type_t ts_type, chunk_t object)
726 {
727 switch (ts_type)
728 {
729 case TS_IPV4_ADDR_RANGE:
730 if (object.len > 5)
731 {
732 DBG1(DBG_LIB, "IPv4 address object is larger than 5 octets");
733 return FALSE;
734 }
735 break;
736 case TS_IPV6_ADDR_RANGE:
737 if (object.len > 17)
738 {
739 DBG1(DBG_LIB, "IPv6 address object is larger than 17 octets");
740 return FALSE;
741 }
742 break;
743 default:
744 DBG1(DBG_LIB, "unknown address family");
745 return FALSE;
746 }
747 if (object.len == 0)
748 {
749 DBG1(DBG_LIB, "An ASN.1 bit string must contain at least the "
750 "initial octet");
751 return FALSE;
752 }
753 if (object.len == 1 && object.ptr[0] != 0)
754 {
755 DBG1(DBG_LIB, "An empty ASN.1 bit string must contain a zero "
756 "initial octet");
757 return FALSE;
758 }
759 if (object.ptr[0] > 7)
760 {
761 DBG1(DBG_LIB, "number of unused bits is too large");
762 return FALSE;
763 }
764 return TRUE;
765 }
766
767 static void parse_ipAddrBlocks(chunk_t blob, int level0,
768 private_x509_cert_t *this)
769 {
770 asn1_parser_t *parser;
771 chunk_t object, min_object;
772 ts_type_t ts_type = 0;
773 traffic_selector_t *ts;
774 int objectID;
775
776 parser = asn1_parser_create(ipAddrBlocksObjects, blob);
777 parser->set_top_level(parser, level0);
778
779 while (parser->iterate(parser, &objectID, &object))
780 {
781 switch (objectID)
782 {
783 case IP_ADDR_BLOCKS_FAMILY:
784 ts_type = 0;
785 if (object.len == 2 && object.ptr[0] == 0)
786 {
787 if (object.ptr[1] == 1)
788 {
789 ts_type = TS_IPV4_ADDR_RANGE;
790 }
791 else if (object.ptr[1] == 2)
792 {
793 ts_type = TS_IPV6_ADDR_RANGE;
794 }
795 else
796 {
797 break;
798 }
799 DBG2(DBG_LIB, " %N", ts_type_name, ts_type);
800 }
801 break;
802 case IP_ADDR_BLOCKS_INHERIT:
803 DBG1(DBG_LIB, "inherit choice is not supported");
804 break;
805 case IP_ADDR_BLOCKS_PREFIX:
806 if (!check_address_object(ts_type, object))
807 {
808 goto end;
809 }
810 ts = traffic_selector_create_from_rfc3779_format(ts_type,
811 object, object);
812 DBG2(DBG_LIB, " %R", ts);
813 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
814 break;
815 case IP_ADDR_BLOCKS_MIN:
816 if (!check_address_object(ts_type, object))
817 {
818 goto end;
819 }
820 min_object = object;
821 break;
822 case IP_ADDR_BLOCKS_MAX:
823 if (!check_address_object(ts_type, object))
824 {
825 goto end;
826 }
827 ts = traffic_selector_create_from_rfc3779_format(ts_type,
828 min_object, object);
829 DBG2(DBG_LIB, " %R", ts);
830 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
831 break;
832 default:
833 break;
834 }
835 }
836 this->flags |= X509_IP_ADDR_BLOCKS;
837
838 end:
839 parser->destroy(parser);
840 }
841
842 /**
843 * ASN.1 definition of an X.509v3 x509_cert
844 */
845 static const asn1Object_t certObjects[] = {
846 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
847 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
848 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
849 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
850 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
851 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
852 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
853 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
854 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
855 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
856 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
857 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_RAW }, /* 11 */
858 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
859 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
860 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 14 */
861 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
862 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 16 */
863 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 17 */
864 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 18 */
865 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 19 */
866 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 20 */
867 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 21 */
868 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 22 */
869 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 23 */
870 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 24 */
871 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY }, /* 25 */
872 { 0, "exit", ASN1_EOC, ASN1_EXIT }
873 };
874 #define X509_OBJ_TBS_CERTIFICATE 1
875 #define X509_OBJ_VERSION 3
876 #define X509_OBJ_SERIAL_NUMBER 4
877 #define X509_OBJ_SIG_ALG 5
878 #define X509_OBJ_ISSUER 6
879 #define X509_OBJ_NOT_BEFORE 8
880 #define X509_OBJ_NOT_AFTER 9
881 #define X509_OBJ_SUBJECT 10
882 #define X509_OBJ_SUBJECT_PUBLIC_KEY_INFO 11
883 #define X509_OBJ_OPTIONAL_EXTENSIONS 16
884 #define X509_OBJ_EXTN_ID 19
885 #define X509_OBJ_CRITICAL 20
886 #define X509_OBJ_EXTN_VALUE 21
887 #define X509_OBJ_ALGORITHM 24
888 #define X509_OBJ_SIGNATURE 25
889
890 /**
891 * forward declaration
892 */
893 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer);
894
895 /**
896 * Parses an X.509v3 certificate
897 */
898 static bool parse_certificate(private_x509_cert_t *this)
899 {
900 asn1_parser_t *parser;
901 chunk_t object;
902 int objectID;
903 int extn_oid = OID_UNKNOWN;
904 int sig_alg = OID_UNKNOWN;
905 bool success = FALSE;
906 bool critical = FALSE;
907
908 parser = asn1_parser_create(certObjects, this->encoding);
909
910 while (parser->iterate(parser, &objectID, &object))
911 {
912 u_int level = parser->get_level(parser)+1;
913
914 switch (objectID)
915 {
916 case X509_OBJ_TBS_CERTIFICATE:
917 this->tbsCertificate = object;
918 break;
919 case X509_OBJ_VERSION:
920 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
921 if (this->version < 1 || this->version > 3)
922 {
923 DBG1(DBG_LIB, "X.509v%d not supported", this->version);
924 goto end;
925 }
926 else
927 {
928 DBG2(DBG_LIB, " X.509v%d", this->version);
929 }
930 break;
931 case X509_OBJ_SERIAL_NUMBER:
932 this->serialNumber = object;
933 break;
934 case X509_OBJ_SIG_ALG:
935 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
936 break;
937 case X509_OBJ_ISSUER:
938 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
939 DBG2(DBG_LIB, " '%Y'", this->issuer);
940 break;
941 case X509_OBJ_NOT_BEFORE:
942 this->notBefore = asn1_parse_time(object, level);
943 break;
944 case X509_OBJ_NOT_AFTER:
945 this->notAfter = asn1_parse_time(object, level);
946 break;
947 case X509_OBJ_SUBJECT:
948 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
949 DBG2(DBG_LIB, " '%Y'", this->subject);
950 break;
951 case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO:
952 DBG2(DBG_LIB, "-- > --");
953 this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
954 KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END);
955 DBG2(DBG_LIB, "-- < --");
956 if (this->public_key == NULL)
957 {
958 goto end;
959 }
960 break;
961 case X509_OBJ_OPTIONAL_EXTENSIONS:
962 if (this->version != 3)
963 {
964 DBG1(DBG_LIB, "Only X.509v3 certificates have extensions");
965 goto end;
966 }
967 break;
968 case X509_OBJ_EXTN_ID:
969 extn_oid = asn1_known_oid(object);
970 break;
971 case X509_OBJ_CRITICAL:
972 critical = object.len && *object.ptr;
973 DBG2(DBG_LIB, " %s", critical ? "TRUE" : "FALSE");
974 break;
975 case X509_OBJ_EXTN_VALUE:
976 {
977 switch (extn_oid)
978 {
979 case OID_SUBJECT_KEY_ID:
980 if (!asn1_parse_simple_object(&object, ASN1_OCTET_STRING,
981 level, "keyIdentifier"))
982 {
983 goto end;
984 }
985 this->subjectKeyIdentifier = object;
986 break;
987 case OID_SUBJECT_ALT_NAME:
988 x509_parse_generalNames(object, level, FALSE,
989 this->subjectAltNames);
990 break;
991 case OID_BASIC_CONSTRAINTS:
992 parse_basicConstraints(object, level, this);
993 break;
994 case OID_CRL_DISTRIBUTION_POINTS:
995 parse_crlDistributionPoints(object, level, this);
996 break;
997 case OID_AUTHORITY_KEY_ID:
998 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
999 level, &this->authKeySerialNumber);
1000 break;
1001 case OID_AUTHORITY_INFO_ACCESS:
1002 parse_authorityInfoAccess(object, level, this);
1003 break;
1004 case OID_KEY_USAGE:
1005 /* TODO parse the flags */
1006 break;
1007 case OID_EXTENDED_KEY_USAGE:
1008 parse_extendedKeyUsage(object, level, this);
1009 break;
1010 case OID_IP_ADDR_BLOCKS:
1011 parse_ipAddrBlocks(object, level, this);
1012 break;
1013 case OID_NS_REVOCATION_URL:
1014 case OID_NS_CA_REVOCATION_URL:
1015 case OID_NS_CA_POLICY_URL:
1016 case OID_NS_COMMENT:
1017 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
1018 level, oid_names[extn_oid].name))
1019 {
1020 goto end;
1021 }
1022 break;
1023 default:
1024 if (critical && lib->settings->get_bool(lib->settings,
1025 "libstrongswan.plugins.x509.enforce_critical", FALSE))
1026 {
1027 DBG1(DBG_LIB, "critical %s extension not supported",
1028 (extn_oid == OID_UNKNOWN) ? "unknown" :
1029 (char*)oid_names[extn_oid].name);
1030 goto end;
1031 }
1032 break;
1033 }
1034 break;
1035 }
1036 case X509_OBJ_ALGORITHM:
1037 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
1038 if (this->algorithm != sig_alg)
1039 {
1040 DBG1(DBG_LIB, " signature algorithms do not agree");
1041 goto end;
1042 }
1043 break;
1044 case X509_OBJ_SIGNATURE:
1045 this->signature = object;
1046 break;
1047 default:
1048 break;
1049 }
1050 }
1051 success = parser->success(parser);
1052
1053 end:
1054 parser->destroy(parser);
1055 if (success)
1056 {
1057 hasher_t *hasher;
1058
1059 /* check if the certificate is self-signed */
1060 if (issued_by(this, &this->public.interface.interface))
1061 {
1062 this->flags |= X509_SELF_SIGNED;
1063 }
1064 /* create certificate hash */
1065 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1066 if (hasher == NULL)
1067 {
1068 DBG1(DBG_LIB, " unable to create hash of certificate, SHA1 not supported");
1069 return NULL;
1070 }
1071 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1072 hasher->destroy(hasher);
1073 }
1074 return success;
1075 }
1076
1077 /**
1078 * Implementation of certificate_t.get_type
1079 */
1080 static certificate_type_t get_type(private_x509_cert_t *this)
1081 {
1082 return CERT_X509;
1083 }
1084
1085 /**
1086 * Implementation of certificate_t.get_subject
1087 */
1088 static identification_t* get_subject(private_x509_cert_t *this)
1089 {
1090 return this->subject;
1091 }
1092
1093 /**
1094 * Implementation of certificate_t.get_issuer
1095 */
1096 static identification_t* get_issuer(private_x509_cert_t *this)
1097 {
1098 return this->issuer;
1099 }
1100
1101 /**
1102 * Implementation of certificate_t.has_subject.
1103 */
1104 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
1105 {
1106 identification_t *current;
1107 enumerator_t *enumerator;
1108 id_match_t match, best;
1109
1110 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_KEY_ID)
1111 {
1112 if (chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
1113 {
1114 return ID_MATCH_PERFECT;
1115 }
1116 }
1117
1118 best = this->subject->matches(this->subject, subject);
1119 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
1120 while (enumerator->enumerate(enumerator, &current))
1121 {
1122 match = current->matches(current, subject);
1123 if (match > best)
1124 {
1125 best = match;
1126 }
1127 }
1128 enumerator->destroy(enumerator);
1129 return best;
1130 }
1131
1132 /**
1133 * Implementation of certificate_t.has_issuer.
1134 */
1135 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
1136 {
1137 /* issuerAltNames currently not supported */
1138 return this->issuer->matches(this->issuer, issuer);
1139 }
1140
1141 /**
1142 * Implementation of certificate_t.issued_by.
1143 */
1144 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
1145 {
1146 public_key_t *key;
1147 signature_scheme_t scheme;
1148 bool valid;
1149 x509_t *x509 = (x509_t*)issuer;
1150
1151 if (&this->public.interface.interface == issuer)
1152 {
1153 if (this->flags & X509_SELF_SIGNED)
1154 {
1155 return TRUE;
1156 }
1157 }
1158 else
1159 {
1160 if (issuer->get_type(issuer) != CERT_X509)
1161 {
1162 return FALSE;
1163 }
1164 if (!(x509->get_flags(x509) & X509_CA))
1165 {
1166 return FALSE;
1167 }
1168 }
1169 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
1170 {
1171 return FALSE;
1172 }
1173
1174 /* determine signature scheme */
1175 scheme = signature_scheme_from_oid(this->algorithm);
1176 if (scheme == SIGN_UNKNOWN)
1177 {
1178 return FALSE;
1179 }
1180 /* get the public key of the issuer */
1181 key = issuer->get_public_key(issuer);
1182 if (!key)
1183 {
1184 return FALSE;
1185 }
1186 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
1187 key->destroy(key);
1188 return valid;
1189 }
1190
1191 /**
1192 * Implementation of certificate_t.get_public_key
1193 */
1194 static public_key_t* get_public_key(private_x509_cert_t *this)
1195 {
1196 this->public_key->get_ref(this->public_key);
1197 return this->public_key;
1198 }
1199
1200 /**
1201 * Implementation of certificate_t.get_ref
1202 */
1203 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1204 {
1205 ref_get(&this->ref);
1206 return this;
1207 }
1208
1209 /**
1210 * Implementation of x509_cert_t.get_flags.
1211 */
1212 static x509_flag_t get_flags(private_x509_cert_t *this)
1213 {
1214 return this->flags;
1215 }
1216
1217 /**
1218 * Implementation of x509_cert_t.get_validity.
1219 */
1220 static bool get_validity(private_x509_cert_t *this, time_t *when,
1221 time_t *not_before, time_t *not_after)
1222 {
1223 time_t t = when ? *when : time(NULL);
1224
1225 if (not_before)
1226 {
1227 *not_before = this->notBefore;
1228 }
1229 if (not_after)
1230 {
1231 *not_after = this->notAfter;
1232 }
1233 return (t >= this->notBefore && t <= this->notAfter);
1234 }
1235
1236 /**
1237 * Implementation of certificate_t.get_encoding.
1238 */
1239 static bool get_encoding(private_x509_cert_t *this, cred_encoding_type_t type,
1240 chunk_t *encoding)
1241 {
1242 if (type == CERT_ASN1_DER)
1243 {
1244 *encoding = chunk_clone(this->encoding);
1245 return TRUE;
1246 }
1247 return lib->encoding->encode(lib->encoding, type, NULL, encoding,
1248 CRED_PART_X509_ASN1_DER, this->encoding, CRED_PART_END);
1249 }
1250
1251 /**
1252 * Implementation of certificate_t.equals.
1253 */
1254 static bool equals(private_x509_cert_t *this, certificate_t *other)
1255 {
1256 chunk_t encoding;
1257 bool equal;
1258
1259 if (this == (private_x509_cert_t*)other)
1260 {
1261 return TRUE;
1262 }
1263 if (other->get_type(other) != CERT_X509)
1264 {
1265 return FALSE;
1266 }
1267 if (other->equals == (void*)equals)
1268 { /* skip allocation if we have the same implementation */
1269 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1270 }
1271 if (!other->get_encoding(other, CERT_ASN1_DER, &encoding))
1272 {
1273 return FALSE;
1274 }
1275 equal = chunk_equals(this->encoding, encoding);
1276 free(encoding.ptr);
1277 return equal;
1278 }
1279
1280 /**
1281 * Implementation of x509_t.get_serial.
1282 */
1283 static chunk_t get_serial(private_x509_cert_t *this)
1284 {
1285 return this->serialNumber;
1286 }
1287
1288 /**
1289 * Implementation of x509_t.get_subjectKeyIdentifier.
1290 */
1291 static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this)
1292 {
1293 if (this->subjectKeyIdentifier.ptr)
1294 {
1295 return this->subjectKeyIdentifier;
1296 }
1297 else
1298 {
1299 chunk_t fingerprint;
1300
1301 if (this->public_key->get_fingerprint(this->public_key,
1302 KEYID_PUBKEY_SHA1, &fingerprint))
1303 {
1304 return fingerprint;
1305 }
1306 else
1307 {
1308 return chunk_empty;
1309 }
1310 }
1311 }
1312
1313 /**
1314 * Implementation of x509_t.get_authKeyIdentifier.
1315 */
1316 static chunk_t get_authKeyIdentifier(private_x509_cert_t *this)
1317 {
1318 return this->authKeyIdentifier;
1319 }
1320
1321 /**
1322 * Implementation of x509_t.get_pathLenConstraint.
1323 */
1324 static int get_pathLenConstraint(private_x509_cert_t *this)
1325 {
1326 return this->pathLenConstraint;
1327 }
1328
1329 /**
1330 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1331 */
1332 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1333 {
1334 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1335 }
1336
1337 /**
1338 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1339 */
1340 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1341 {
1342 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1343 }
1344
1345 /**
1346 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1347 */
1348 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1349 {
1350 return this->crl_uris->create_enumerator(this->crl_uris);
1351 }
1352
1353 /**
1354 * Implementation of x509_cert_t.create_ipAddrBlock_enumerator.
1355 */
1356 static enumerator_t* create_ipAddrBlock_enumerator(private_x509_cert_t *this)
1357 {
1358 return this->ipAddrBlocks->create_enumerator(this->ipAddrBlocks);
1359 }
1360
1361 /**
1362 * Implementation of certificate_t.destroy.
1363 */
1364 static void destroy(private_x509_cert_t *this)
1365 {
1366 if (ref_put(&this->ref))
1367 {
1368 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1369 offsetof(identification_t, destroy));
1370 this->crl_uris->destroy_function(this->crl_uris, free);
1371 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1372 this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks, offsetof(traffic_selector_t, destroy));
1373 DESTROY_IF(this->issuer);
1374 DESTROY_IF(this->subject);
1375 DESTROY_IF(this->public_key);
1376 chunk_free(&this->authKeyIdentifier);
1377 chunk_free(&this->encoding);
1378 chunk_free(&this->encoding_hash);
1379 if (!this->parsed)
1380 { /* only parsed certificates point these fields to "encoded" */
1381 chunk_free(&this->signature);
1382 chunk_free(&this->serialNumber);
1383 chunk_free(&this->tbsCertificate);
1384 }
1385 free(this);
1386 }
1387 }
1388
1389 /**
1390 * create an empty but initialized X.509 certificate
1391 */
1392 static private_x509_cert_t* create_empty(void)
1393 {
1394 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1395
1396 this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type;
1397 this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject;
1398 this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer;
1399 this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
1400 this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer;
1401 this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
1402 this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
1403 this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
1404 this->public.interface.interface.get_encoding = (bool (*) (certificate_t*,cred_encoding_type_t,chunk_t*))get_encoding;
1405 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
1406 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
1407 this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
1408 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1409 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1410 this->public.interface.get_subjectKeyIdentifier = (chunk_t (*)(x509_t*))get_subjectKeyIdentifier;
1411 this->public.interface.get_authKeyIdentifier = (chunk_t (*)(x509_t*))get_authKeyIdentifier;
1412 this->public.interface.get_pathLenConstraint = (int (*)(x509_t*))get_pathLenConstraint;
1413 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1414 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1415 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1416 this->public.interface.create_ipAddrBlock_enumerator = (enumerator_t* (*)(x509_t*))create_ipAddrBlock_enumerator;
1417
1418 this->encoding = chunk_empty;
1419 this->encoding_hash = chunk_empty;
1420 this->tbsCertificate = chunk_empty;
1421 this->version = 1;
1422 this->serialNumber = chunk_empty;
1423 this->notBefore = 0;
1424 this->notAfter = 0;
1425 this->public_key = NULL;
1426 this->subject = NULL;
1427 this->issuer = NULL;
1428 this->subjectAltNames = linked_list_create();
1429 this->crl_uris = linked_list_create();
1430 this->ocsp_uris = linked_list_create();
1431 this->ipAddrBlocks = linked_list_create();
1432 this->subjectKeyIdentifier = chunk_empty;
1433 this->authKeyIdentifier = chunk_empty;
1434 this->authKeySerialNumber = chunk_empty;
1435 this->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1436 this->algorithm = 0;
1437 this->signature = chunk_empty;
1438 this->flags = 0;
1439 this->ref = 1;
1440 this->parsed = FALSE;
1441
1442 return this;
1443 }
1444
1445 /**
1446 * Encode a linked list of subjectAltNames
1447 */
1448 chunk_t x509_build_subjectAltNames(linked_list_t *list)
1449 {
1450 chunk_t subjectAltNames = chunk_empty;
1451 enumerator_t *enumerator;
1452 identification_t *id;
1453
1454 if (list->get_count(list) == 0)
1455 {
1456 return chunk_empty;
1457 }
1458
1459 enumerator = list->create_enumerator(list);
1460 while (enumerator->enumerate(enumerator, &id))
1461 {
1462 int context;
1463 chunk_t name;
1464
1465 switch (id->get_type(id))
1466 {
1467 case ID_RFC822_ADDR:
1468 context = ASN1_CONTEXT_S_1;
1469 break;
1470 case ID_FQDN:
1471 context = ASN1_CONTEXT_S_2;
1472 break;
1473 case ID_IPV4_ADDR:
1474 case ID_IPV6_ADDR:
1475 context = ASN1_CONTEXT_S_7;
1476 break;
1477 default:
1478 DBG1(DBG_LIB, "encoding %N as subjectAltName not supported",
1479 id_type_names, id->get_type(id));
1480 enumerator->destroy(enumerator);
1481 free(subjectAltNames.ptr);
1482 return chunk_empty;
1483 }
1484 name = asn1_wrap(context, "c", id->get_encoding(id));
1485 subjectAltNames = chunk_cat("mm", subjectAltNames, name);
1486 }
1487 enumerator->destroy(enumerator);
1488
1489 return asn1_wrap(ASN1_SEQUENCE, "mm",
1490 asn1_build_known_oid(OID_SUBJECT_ALT_NAME),
1491 asn1_wrap(ASN1_OCTET_STRING, "m",
1492 asn1_wrap(ASN1_SEQUENCE, "m", subjectAltNames)
1493 )
1494 );
1495 }
1496
1497 /**
1498 * Generate and sign a new certificate
1499 */
1500 static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
1501 private_key_t *sign_key, int digest_alg)
1502 {
1503 chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty;
1504 chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty;
1505 chunk_t ocspSigning = chunk_empty;
1506 chunk_t basicConstraints = chunk_empty;
1507 chunk_t keyUsage = chunk_empty;
1508 chunk_t subjectAltNames = chunk_empty;
1509 chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
1510 chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
1511 identification_t *issuer, *subject;
1512 chunk_t key_info;
1513 signature_scheme_t scheme;
1514 hasher_t *hasher;
1515 enumerator_t *enumerator;
1516 char *uri;
1517
1518 subject = cert->subject;
1519 if (sign_cert)
1520 {
1521 issuer = sign_cert->get_subject(sign_cert);
1522 if (!cert->public_key)
1523 {
1524 return FALSE;
1525 }
1526 }
1527 else
1528 { /* self signed */
1529 issuer = subject;
1530 if (!cert->public_key)
1531 {
1532 cert->public_key = sign_key->get_public_key(sign_key);
1533 }
1534 cert->flags |= X509_SELF_SIGNED;
1535 }
1536 cert->issuer = issuer->clone(issuer);
1537 if (!cert->notBefore)
1538 {
1539 cert->notBefore = time(NULL);
1540 }
1541 if (!cert->notAfter)
1542 { /* defaults to 1 year from now */
1543 cert->notAfter = cert->notBefore + 60 * 60 * 24 * 365;
1544 }
1545
1546 /* select signature scheme */
1547 cert->algorithm = hasher_signature_algorithm_to_oid(digest_alg,
1548 sign_key->get_type(sign_key));
1549 if (cert->algorithm == OID_UNKNOWN)
1550 {
1551 return FALSE;
1552 }
1553 scheme = signature_scheme_from_oid(cert->algorithm);
1554
1555 if (!cert->public_key->get_encoding(cert->public_key,
1556 PUBKEY_SPKI_ASN1_DER, &key_info))
1557 {
1558 return FALSE;
1559 }
1560
1561 /* encode subjectAltNames */
1562 subjectAltNames = x509_build_subjectAltNames(cert->subjectAltNames);
1563
1564 /* encode CRL distribution points extension */
1565 enumerator = cert->crl_uris->create_enumerator(cert->crl_uris);
1566 while (enumerator->enumerate(enumerator, &uri))
1567 {
1568 chunk_t distributionPoint;
1569
1570 distributionPoint = asn1_wrap(ASN1_SEQUENCE, "m",
1571 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1572 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1573 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1574 chunk_create(uri, strlen(uri))))));
1575
1576 crlDistributionPoints = chunk_cat("mm", crlDistributionPoints,
1577 distributionPoint);
1578 }
1579 enumerator->destroy(enumerator);
1580 if (crlDistributionPoints.ptr)
1581 {
1582 crlDistributionPoints = asn1_wrap(ASN1_SEQUENCE, "mm",
1583 asn1_build_known_oid(OID_CRL_DISTRIBUTION_POINTS),
1584 asn1_wrap(ASN1_OCTET_STRING, "m",
1585 asn1_wrap(ASN1_SEQUENCE, "m", crlDistributionPoints)));
1586 }
1587
1588 /* encode OCSP URIs in authorityInfoAccess extension */
1589 enumerator = cert->ocsp_uris->create_enumerator(cert->ocsp_uris);
1590 while (enumerator->enumerate(enumerator, &uri))
1591 {
1592 chunk_t accessDescription;
1593
1594 accessDescription = asn1_wrap(ASN1_SEQUENCE, "mm",
1595 asn1_build_known_oid(OID_OCSP),
1596 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1597 chunk_create(uri, strlen(uri))));
1598 authorityInfoAccess = chunk_cat("mm", authorityInfoAccess,
1599 accessDescription);
1600 }
1601 enumerator->destroy(enumerator);
1602 if (authorityInfoAccess.ptr)
1603 {
1604 authorityInfoAccess = asn1_wrap(ASN1_SEQUENCE, "mm",
1605 asn1_build_known_oid(OID_AUTHORITY_INFO_ACCESS),
1606 asn1_wrap(ASN1_OCTET_STRING, "m",
1607 asn1_wrap(ASN1_SEQUENCE, "m", authorityInfoAccess)));
1608 }
1609
1610 /* build CA basicConstraint and keyUsage flags for CA certificates */
1611 if (cert->flags & X509_CA)
1612 {
1613 chunk_t pathLenConstraint = chunk_empty;
1614
1615 if (cert->pathLenConstraint != X509_NO_PATH_LEN_CONSTRAINT)
1616 {
1617 char pathlen = (char)cert->pathLenConstraint;
1618
1619 pathLenConstraint = asn1_integer("c", chunk_from_thing(pathlen));
1620 }
1621 basicConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm",
1622 asn1_build_known_oid(OID_BASIC_CONSTRAINTS),
1623 asn1_wrap(ASN1_BOOLEAN, "c",
1624 chunk_from_chars(0xFF)),
1625 asn1_wrap(ASN1_OCTET_STRING, "m",
1626 asn1_wrap(ASN1_SEQUENCE, "mm",
1627 asn1_wrap(ASN1_BOOLEAN, "c",
1628 chunk_from_chars(0xFF)),
1629 pathLenConstraint)));
1630 keyUsage = asn1_wrap(ASN1_SEQUENCE, "mmm",
1631 asn1_build_known_oid(OID_KEY_USAGE),
1632 asn1_wrap(ASN1_BOOLEAN, "c",
1633 chunk_from_chars(0xFF)),
1634 asn1_wrap(ASN1_OCTET_STRING, "m",
1635 asn1_wrap(ASN1_BIT_STRING, "c",
1636 chunk_from_chars(0x01, 0x06))));
1637 }
1638
1639 /* add serverAuth extendedKeyUsage flag */
1640 if (cert->flags & X509_SERVER_AUTH)
1641 {
1642 serverAuth = asn1_build_known_oid(OID_SERVER_AUTH);
1643 }
1644 if (cert->flags & X509_CLIENT_AUTH)
1645 {
1646 clientAuth = asn1_build_known_oid(OID_CLIENT_AUTH);
1647 }
1648
1649 /* add ocspSigning extendedKeyUsage flag */
1650 if (cert->flags & X509_OCSP_SIGNER)
1651 {
1652 ocspSigning = asn1_build_known_oid(OID_OCSP_SIGNING);
1653 }
1654
1655 if (serverAuth.ptr || clientAuth.ptr || ocspSigning.ptr)
1656 {
1657 extendedKeyUsage = asn1_wrap(ASN1_SEQUENCE, "mm",
1658 asn1_build_known_oid(OID_EXTENDED_KEY_USAGE),
1659 asn1_wrap(ASN1_OCTET_STRING, "m",
1660 asn1_wrap(ASN1_SEQUENCE, "mmm",
1661 serverAuth, clientAuth, ocspSigning)));
1662 }
1663
1664 /* add subjectKeyIdentifier to CA and OCSP signer certificates */
1665 if (cert->flags & (X509_CA | X509_OCSP_SIGNER))
1666 {
1667 chunk_t keyid;
1668
1669 if (cert->public_key->get_fingerprint(cert->public_key,
1670 KEYID_PUBKEY_SHA1, &keyid))
1671 {
1672 subjectKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1673 asn1_build_known_oid(OID_SUBJECT_KEY_ID),
1674 asn1_wrap(ASN1_OCTET_STRING, "m",
1675 asn1_wrap(ASN1_OCTET_STRING, "c", keyid)));
1676 }
1677 }
1678
1679 /* add the keyid authKeyIdentifier for non self-signed certificates */
1680 if (sign_key)
1681 {
1682 chunk_t keyid;
1683
1684 if (sign_key->get_fingerprint(sign_key, KEYID_PUBKEY_SHA1, &keyid))
1685 {
1686 authKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1687 asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
1688 asn1_wrap(ASN1_OCTET_STRING, "m",
1689 asn1_wrap(ASN1_SEQUENCE, "m",
1690 asn1_wrap(ASN1_CONTEXT_S_0, "c", keyid))));
1691 }
1692 }
1693 if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr ||
1694 crlDistributionPoints.ptr)
1695 {
1696 extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m",
1697 asn1_wrap(ASN1_SEQUENCE, "mmmmmmmm",
1698 basicConstraints, keyUsage, subjectKeyIdentifier,
1699 authKeyIdentifier, subjectAltNames,
1700 extendedKeyUsage, crlDistributionPoints,
1701 authorityInfoAccess));
1702 }
1703
1704 cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmmcmcmm",
1705 asn1_simple_object(ASN1_CONTEXT_C_0, ASN1_INTEGER_2),
1706 asn1_integer("c", cert->serialNumber),
1707 asn1_algorithmIdentifier(cert->algorithm),
1708 issuer->get_encoding(issuer),
1709 asn1_wrap(ASN1_SEQUENCE, "mm",
1710 asn1_from_time(&cert->notBefore, ASN1_UTCTIME),
1711 asn1_from_time(&cert->notAfter, ASN1_UTCTIME)),
1712 subject->get_encoding(subject),
1713 key_info, extensions);
1714
1715 if (!sign_key->sign(sign_key, scheme, cert->tbsCertificate, &cert->signature))
1716 {
1717 return FALSE;
1718 }
1719 cert->encoding = asn1_wrap(ASN1_SEQUENCE, "cmm", cert->tbsCertificate,
1720 asn1_algorithmIdentifier(cert->algorithm),
1721 asn1_bitstring("c", cert->signature));
1722
1723 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1724 if (!hasher)
1725 {
1726 return FALSE;
1727 }
1728 hasher->allocate_hash(hasher, cert->encoding, &cert->encoding_hash);
1729 hasher->destroy(hasher);
1730 return TRUE;
1731 }
1732
1733 /**
1734 * See header.
1735 */
1736 x509_cert_t *x509_cert_load(certificate_type_t type, va_list args)
1737 {
1738 x509_flag_t flags = 0;
1739 chunk_t blob = chunk_empty;
1740
1741 while (TRUE)
1742 {
1743 switch (va_arg(args, builder_part_t))
1744 {
1745 case BUILD_BLOB_ASN1_DER:
1746 blob = va_arg(args, chunk_t);
1747 continue;
1748 case BUILD_X509_FLAG:
1749 flags |= va_arg(args, x509_flag_t);
1750 continue;
1751 case BUILD_END:
1752 break;
1753 default:
1754 return NULL;
1755 }
1756 break;
1757 }
1758
1759 if (blob.ptr)
1760 {
1761 private_x509_cert_t *cert = create_empty();
1762
1763 cert->encoding = chunk_clone(blob);
1764 cert->parsed = TRUE;
1765 if (parse_certificate(cert))
1766 {
1767 cert->flags |= flags;
1768 return &cert->public;
1769 }
1770 destroy(cert);
1771 }
1772 return NULL;
1773 }
1774
1775 /**
1776 * See header.
1777 */
1778 x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
1779 {
1780 private_x509_cert_t *cert;
1781 certificate_t *sign_cert = NULL;
1782 private_key_t *sign_key = NULL;
1783 hash_algorithm_t digest_alg = HASH_SHA1;
1784
1785 cert = create_empty();
1786 while (TRUE)
1787 {
1788 switch (va_arg(args, builder_part_t))
1789 {
1790 case BUILD_X509_FLAG:
1791 cert->flags |= va_arg(args, x509_flag_t);
1792 continue;
1793 case BUILD_SIGNING_KEY:
1794 sign_key = va_arg(args, private_key_t*);
1795 continue;
1796 case BUILD_SIGNING_CERT:
1797 sign_cert = va_arg(args, certificate_t*);
1798 continue;
1799 case BUILD_PUBLIC_KEY:
1800 cert->public_key = va_arg(args, public_key_t*);
1801 cert->public_key->get_ref(cert->public_key);
1802 continue;
1803 case BUILD_SUBJECT:
1804 cert->subject = va_arg(args, identification_t*);
1805 cert->subject = cert->subject->clone(cert->subject);
1806 continue;
1807 case BUILD_SUBJECT_ALTNAMES:
1808 {
1809 enumerator_t *enumerator;
1810 identification_t *id;
1811 linked_list_t *list;
1812
1813 list = va_arg(args, linked_list_t*);
1814 enumerator = list->create_enumerator(list);
1815 while (enumerator->enumerate(enumerator, &id))
1816 {
1817 cert->subjectAltNames->insert_last(cert->subjectAltNames,
1818 id->clone(id));
1819 }
1820 enumerator->destroy(enumerator);
1821 continue;
1822 }
1823 case BUILD_CRL_DISTRIBUTION_POINTS:
1824 {
1825 enumerator_t *enumerator;
1826 linked_list_t *list;
1827 char *uri;
1828
1829 list = va_arg(args, linked_list_t*);
1830 enumerator = list->create_enumerator(list);
1831 while (enumerator->enumerate(enumerator, &uri))
1832 {
1833 cert->crl_uris->insert_last(cert->crl_uris, strdup(uri));
1834 }
1835 enumerator->destroy(enumerator);
1836 continue;
1837 }
1838 case BUILD_OCSP_ACCESS_LOCATIONS:
1839 {
1840 enumerator_t *enumerator;
1841 linked_list_t *list;
1842 char *uri;
1843
1844 list = va_arg(args, linked_list_t*);
1845 enumerator = list->create_enumerator(list);
1846 while (enumerator->enumerate(enumerator, &uri))
1847 {
1848 cert->ocsp_uris->insert_last(cert->ocsp_uris, strdup(uri));
1849 }
1850 enumerator->destroy(enumerator);
1851 continue;
1852 }
1853 case BUILD_PATHLEN:
1854 cert->pathLenConstraint = va_arg(args, int);
1855 if (cert->pathLenConstraint < 0 || cert->pathLenConstraint > 127)
1856 {
1857 cert->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1858 }
1859 continue;
1860 case BUILD_NOT_BEFORE_TIME:
1861 cert->notBefore = va_arg(args, time_t);
1862 continue;
1863 case BUILD_NOT_AFTER_TIME:
1864 cert->notAfter = va_arg(args, time_t);
1865 continue;
1866 case BUILD_SERIAL:
1867 cert->serialNumber = chunk_clone(va_arg(args, chunk_t));
1868 continue;
1869 case BUILD_DIGEST_ALG:
1870 digest_alg = va_arg(args, int);
1871 continue;
1872 case BUILD_END:
1873 break;
1874 default:
1875 destroy(cert);
1876 return NULL;
1877 }
1878 break;
1879 }
1880
1881 if (sign_key && generate(cert, sign_cert, sign_key, digest_alg))
1882 {
1883 return &cert->public;
1884 }
1885 destroy(cert);
1886 return NULL;
1887 }
1888