Support TLS client authentication Extended Key Usage in x509 generation
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2009 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 */
20
21 #define _GNU_SOURCE
22
23 #include "x509_cert.h"
24
25 #include <sys/stat.h>
26 #include <time.h>
27 #include <unistd.h>
28 #include <string.h>
29 #include <stdio.h>
30
31 #include <library.h>
32 #include <debug.h>
33 #include <asn1/oid.h>
34 #include <asn1/asn1.h>
35 #include <asn1/asn1_parser.h>
36 #include <crypto/hashers/hasher.h>
37 #include <credentials/keys/private_key.h>
38 #include <utils/linked_list.h>
39 #include <utils/identification.h>
40 #include <selectors/traffic_selector.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List of ocspAccessLocations as allocated char*
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * List of ipAddrBlocks as traffic_selector_t
131 */
132 linked_list_t *ipAddrBlocks;
133
134 /**
135 * certificate's embedded public key
136 */
137 public_key_t *public_key;
138
139 /**
140 * Subject Key Identifier
141 */
142 chunk_t subjectKeyIdentifier;
143
144 /**
145 * Authority Key Identifier
146 */
147 chunk_t authKeyIdentifier;
148
149 /**
150 * Authority Key Serial Number
151 */
152 chunk_t authKeySerialNumber;
153
154 /**
155 * Path Length Constraint
156 */
157 int pathLenConstraint;
158
159 /**
160 * x509 constraints and other flags
161 */
162 x509_flag_t flags;
163
164 /**
165 * Signature algorithm
166 */
167 int algorithm;
168
169 /**
170 * Signature
171 */
172 chunk_t signature;
173
174 /**
175 * Certificate parsed from blob/file?
176 */
177 bool parsed;
178
179 /**
180 * reference count
181 */
182 refcount_t ref;
183 };
184
185 static const chunk_t ASN1_subjectAltName_oid = chunk_from_chars(
186 0x06, 0x03, 0x55, 0x1D, 0x11
187 );
188
189 /**
190 * ASN.1 definition of a basicConstraints extension
191 */
192 static const asn1Object_t basicConstraintsObjects[] = {
193 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
194 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
195 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
196 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
197 { 0, "exit", ASN1_EOC, ASN1_EXIT }
198 };
199 #define BASIC_CONSTRAINTS_CA 1
200 #define BASIC_CONSTRAINTS_PATH_LEN 2
201
202 /**
203 * Extracts the basicConstraints extension
204 */
205 static void parse_basicConstraints(chunk_t blob, int level0,
206 private_x509_cert_t *this)
207 {
208 asn1_parser_t *parser;
209 chunk_t object;
210 int objectID;
211 bool isCA = FALSE;
212
213 parser = asn1_parser_create(basicConstraintsObjects, blob);
214 parser->set_top_level(parser, level0);
215
216 while (parser->iterate(parser, &objectID, &object))
217 {
218 switch (objectID)
219 {
220 case BASIC_CONSTRAINTS_CA:
221 isCA = object.len && *object.ptr;
222 DBG2(" %s", isCA ? "TRUE" : "FALSE");
223 if (isCA)
224 {
225 this->flags |= X509_CA;
226 }
227 break;
228 case BASIC_CONSTRAINTS_PATH_LEN:
229 if (isCA)
230 {
231 if (object.len == 0)
232 {
233 this->pathLenConstraint = 0;
234 }
235 else if (object.len == 1)
236 {
237 this->pathLenConstraint = *object.ptr;
238 }
239 /* we ignore path length constraints > 127 */
240 }
241 break;
242 default:
243 break;
244 }
245 }
246 parser->destroy(parser);
247 }
248
249 /**
250 * ASN.1 definition of otherName
251 */
252 static const asn1Object_t otherNameObjects[] = {
253 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
254 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY }, /* 1 */
255 {0, "exit", ASN1_EOC, ASN1_EXIT }
256 };
257 #define ON_OBJ_ID_TYPE 0
258 #define ON_OBJ_VALUE 1
259
260 /**
261 * Extracts an otherName
262 */
263 static bool parse_otherName(chunk_t blob, int level0)
264 {
265 asn1_parser_t *parser;
266 chunk_t object;
267 int objectID;
268 int oid = OID_UNKNOWN;
269 bool success = FALSE;
270
271 parser = asn1_parser_create(otherNameObjects, blob);
272 parser->set_top_level(parser, level0);
273
274 while (parser->iterate(parser, &objectID, &object))
275 {
276 switch (objectID)
277 {
278 case ON_OBJ_ID_TYPE:
279 oid = asn1_known_oid(object);
280 break;
281 case ON_OBJ_VALUE:
282 if (oid == OID_XMPP_ADDR)
283 {
284 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
285 parser->get_level(parser)+1, "xmppAddr"))
286 {
287 goto end;
288 }
289 }
290 break;
291 default:
292 break;
293 }
294 }
295 success = parser->success(parser);
296
297 end:
298 parser->destroy(parser);
299 return success;
300 }
301
302 /**
303 * ASN.1 definition of generalName
304 */
305 static const asn1Object_t generalNameObjects[] = {
306 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
307 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
308 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
309 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
310 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
311 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
312 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
313 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
314 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
315 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
316 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
317 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
318 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
319 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
320 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
321 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
322 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
323 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 17 */
324 { 0, "exit", ASN1_EOC, ASN1_EXIT }
325 };
326 #define GN_OBJ_OTHER_NAME 0
327 #define GN_OBJ_RFC822_NAME 2
328 #define GN_OBJ_DNS_NAME 4
329 #define GN_OBJ_X400_ADDRESS 6
330 #define GN_OBJ_DIRECTORY_NAME 8
331 #define GN_OBJ_EDI_PARTY_NAME 10
332 #define GN_OBJ_URI 12
333 #define GN_OBJ_IP_ADDRESS 14
334 #define GN_OBJ_REGISTERED_ID 16
335
336 /**
337 * Extracts a generalName
338 */
339 static identification_t *parse_generalName(chunk_t blob, int level0)
340 {
341 asn1_parser_t *parser;
342 chunk_t object;
343 int objectID ;
344
345 identification_t *gn = NULL;
346
347 parser = asn1_parser_create(generalNameObjects, blob);
348 parser->set_top_level(parser, level0);
349
350 while (parser->iterate(parser, &objectID, &object))
351 {
352 id_type_t id_type = ID_ANY;
353
354 switch (objectID)
355 {
356 case GN_OBJ_RFC822_NAME:
357 id_type = ID_RFC822_ADDR;
358 break;
359 case GN_OBJ_DNS_NAME:
360 id_type = ID_FQDN;
361 break;
362 case GN_OBJ_URI:
363 id_type = ID_DER_ASN1_GN_URI;
364 break;
365 case GN_OBJ_DIRECTORY_NAME:
366 id_type = ID_DER_ASN1_DN;
367 break;
368 case GN_OBJ_IP_ADDRESS:
369 id_type = ID_IPV4_ADDR;
370 break;
371 case GN_OBJ_OTHER_NAME:
372 if (!parse_otherName(object, parser->get_level(parser)+1))
373 {
374 goto end;
375 }
376 break;
377 case GN_OBJ_X400_ADDRESS:
378 case GN_OBJ_EDI_PARTY_NAME:
379 case GN_OBJ_REGISTERED_ID:
380 default:
381 break;
382 }
383 if (id_type != ID_ANY)
384 {
385 gn = identification_create_from_encoding(id_type, object);
386 DBG2(" '%Y'", gn);
387 goto end;
388 }
389 }
390
391 end:
392 parser->destroy(parser);
393 return gn;
394 }
395
396 /**
397 * ASN.1 definition of generalNames
398 */
399 static const asn1Object_t generalNamesObjects[] = {
400 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
401 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
402 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
403 { 0, "exit", ASN1_EOC, ASN1_EXIT }
404 };
405 #define GENERAL_NAMES_GN 1
406
407 /**
408 * Extracts one or several GNs and puts them into a chained list
409 */
410 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
411 {
412 asn1_parser_t *parser;
413 chunk_t object;
414 int objectID;
415
416 parser = asn1_parser_create(generalNamesObjects, blob);
417 parser->set_top_level(parser, level0);
418 parser->set_flags(parser, implicit, FALSE);
419
420 while (parser->iterate(parser, &objectID, &object))
421 {
422 if (objectID == GENERAL_NAMES_GN)
423 {
424 identification_t *gn = parse_generalName(object,
425 parser->get_level(parser)+1);
426
427 if (gn)
428 {
429 list->insert_last(list, (void *)gn);
430 }
431 }
432 }
433 parser->destroy(parser);
434 }
435
436 /**
437 * ASN.1 definition of a authorityKeyIdentifier extension
438 */
439 static const asn1Object_t authKeyIdentifierObjects[] = {
440 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
441 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_BODY }, /* 1 */
442 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
443 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
444 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
445 { 1, "authorityCertSerialNumber", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
446 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
447 { 0, "exit", ASN1_EOC, ASN1_EXIT }
448 };
449 #define AUTH_KEY_ID_KEY_ID 1
450 #define AUTH_KEY_ID_CERT_ISSUER 3
451 #define AUTH_KEY_ID_CERT_SERIAL 5
452
453 /**
454 * Extracts an authoritykeyIdentifier
455 */
456 chunk_t x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
457 chunk_t *authKeySerialNumber)
458 {
459 asn1_parser_t *parser;
460 chunk_t object;
461 int objectID;
462 chunk_t authKeyIdentifier = chunk_empty;
463
464 *authKeySerialNumber = chunk_empty;
465
466 parser = asn1_parser_create(authKeyIdentifierObjects, blob);
467 parser->set_top_level(parser, level0);
468
469 while (parser->iterate(parser, &objectID, &object))
470 {
471 switch (objectID)
472 {
473 case AUTH_KEY_ID_KEY_ID:
474 authKeyIdentifier = chunk_clone(object);
475 break;
476 case AUTH_KEY_ID_CERT_ISSUER:
477 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
478 break;
479 case AUTH_KEY_ID_CERT_SERIAL:
480 *authKeySerialNumber = object;
481 break;
482 default:
483 break;
484 }
485 }
486 parser->destroy(parser);
487 return authKeyIdentifier;
488 }
489
490 /**
491 * ASN.1 definition of a authorityInfoAccess extension
492 */
493 static const asn1Object_t authInfoAccessObjects[] = {
494 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
495 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
496 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
497 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
498 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
499 { 0, "exit", ASN1_EOC, ASN1_EXIT }
500 };
501 #define AUTH_INFO_ACCESS_METHOD 2
502 #define AUTH_INFO_ACCESS_LOCATION 3
503
504 /**
505 * Extracts an authorityInfoAcess location
506 */
507 static void parse_authorityInfoAccess(chunk_t blob, int level0,
508 private_x509_cert_t *this)
509 {
510 asn1_parser_t *parser;
511 chunk_t object;
512 int objectID;
513 int accessMethod = OID_UNKNOWN;
514
515 parser = asn1_parser_create(authInfoAccessObjects, blob);
516 parser->set_top_level(parser, level0);
517
518 while (parser->iterate(parser, &objectID, &object))
519 {
520 switch (objectID)
521 {
522 case AUTH_INFO_ACCESS_METHOD:
523 accessMethod = asn1_known_oid(object);
524 break;
525 case AUTH_INFO_ACCESS_LOCATION:
526 {
527 switch (accessMethod)
528 {
529 case OID_OCSP:
530 case OID_CA_ISSUERS:
531 {
532 identification_t *id;
533 char *uri;
534
535 id = parse_generalName(object,
536 parser->get_level(parser)+1);
537 if (id == NULL)
538 {
539 /* parsing went wrong - abort */
540 goto end;
541 }
542 DBG2(" '%Y'", id);
543 if (accessMethod == OID_OCSP &&
544 asprintf(&uri, "%Y", id) > 0)
545 {
546 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
547 }
548 id->destroy(id);
549 }
550 break;
551 default:
552 /* unkown accessMethod, ignoring */
553 break;
554 }
555 break;
556 }
557 default:
558 break;
559 }
560 }
561
562 end:
563 parser->destroy(parser);
564 }
565
566 /**
567 * ASN.1 definition of a extendedKeyUsage extension
568 */
569 static const asn1Object_t extendedKeyUsageObjects[] = {
570 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
571 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
572 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
573 { 0, "exit", ASN1_EOC, ASN1_EXIT }
574 };
575 #define EXT_KEY_USAGE_PURPOSE_ID 1
576
577 /**
578 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
579 */
580 static void parse_extendedKeyUsage(chunk_t blob, int level0,
581 private_x509_cert_t *this)
582 {
583 asn1_parser_t *parser;
584 chunk_t object;
585 int objectID;
586
587 parser = asn1_parser_create(extendedKeyUsageObjects, blob);
588 parser->set_top_level(parser, level0);
589
590 while (parser->iterate(parser, &objectID, &object))
591 {
592 if (objectID == EXT_KEY_USAGE_PURPOSE_ID)
593 {
594 switch (asn1_known_oid(object))
595 {
596 case OID_SERVER_AUTH:
597 this->flags |= X509_SERVER_AUTH;
598 break;
599 case OID_CLIENT_AUTH:
600 this->flags |= X509_CLIENT_AUTH;
601 break;
602 case OID_OCSP_SIGNING:
603 this->flags |= X509_OCSP_SIGNER;
604 break;
605 default:
606 break;
607 }
608 }
609 }
610 parser->destroy(parser);
611 }
612
613 /**
614 * ASN.1 definition of crlDistributionPoints
615 */
616 static const asn1Object_t crlDistributionPointsObjects[] = {
617 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
618 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
619 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
620 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
621 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
622 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
623 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
624 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
625 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
626 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
627 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
628 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
629 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
630 { 0, "exit", ASN1_EOC, ASN1_EXIT }
631 };
632 #define CRL_DIST_POINTS_FULLNAME 3
633
634 /**
635 * Extracts one or several crlDistributionPoints into a list
636 */
637 static void parse_crlDistributionPoints(chunk_t blob, int level0,
638 private_x509_cert_t *this)
639 {
640 asn1_parser_t *parser;
641 chunk_t object;
642 int objectID;
643 linked_list_t *list = linked_list_create();
644
645 parser = asn1_parser_create(crlDistributionPointsObjects, blob);
646 parser->set_top_level(parser, level0);
647
648 while (parser->iterate(parser, &objectID, &object))
649 {
650 if (objectID == CRL_DIST_POINTS_FULLNAME)
651 {
652 identification_t *id;
653
654 /* append extracted generalNames to existing chained list */
655 x509_parse_generalNames(object, parser->get_level(parser)+1,
656 TRUE, list);
657
658 while (list->remove_last(list, (void**)&id) == SUCCESS)
659 {
660 char *uri;
661
662 if (asprintf(&uri, "%Y", id) > 0)
663 {
664 this->crl_uris->insert_last(this->crl_uris, uri);
665 }
666 id->destroy(id);
667 }
668 }
669 }
670 parser->destroy(parser);
671 list->destroy(list);
672 }
673
674 /**
675 * ASN.1 definition of ipAddrBlocks according to RFC 3779
676 */
677 static const asn1Object_t ipAddrBlocksObjects[] = {
678 { 0, "ipAddrBlocks", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
679 { 1, "ipAddressFamily", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
680 { 2, "addressFamily", ASN1_OCTET_STRING, ASN1_BODY }, /* 2 */
681 { 2, "inherit", ASN1_NULL, ASN1_OPT|ASN1_NONE }, /* 3 */
682 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
683 { 2, "addressesOrRanges", ASN1_SEQUENCE, ASN1_OPT|ASN1_LOOP }, /* 5 */
684 { 3, "addressPrefix", ASN1_BIT_STRING, ASN1_OPT|ASN1_BODY }, /* 6 */
685 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
686 { 3, "addressRange", ASN1_SEQUENCE, ASN1_OPT|ASN1_NONE }, /* 8 */
687 { 4, "min", ASN1_BIT_STRING, ASN1_BODY }, /* 9 */
688 { 4, "max", ASN1_BIT_STRING, ASN1_BODY }, /* 10 */
689 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
690 { 2, "end choice/loop", ASN1_EOC, ASN1_END }, /* 12 */
691 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 13 */
692 { 0, "exit", ASN1_EOC, ASN1_EXIT }
693 };
694 #define IP_ADDR_BLOCKS_FAMILY 2
695 #define IP_ADDR_BLOCKS_INHERIT 3
696 #define IP_ADDR_BLOCKS_PREFIX 6
697 #define IP_ADDR_BLOCKS_MIN 9
698 #define IP_ADDR_BLOCKS_MAX 10
699
700 static bool check_address_object(ts_type_t ts_type, chunk_t object)
701 {
702 switch (ts_type)
703 {
704 case TS_IPV4_ADDR_RANGE:
705 if (object.len > 5)
706 {
707 DBG1("IPv4 address object is larger than 5 octets");
708 return FALSE;
709 }
710 break;
711 case TS_IPV6_ADDR_RANGE:
712 if (object.len > 17)
713 {
714 DBG1("IPv6 address object is larger than 17 octets");
715 return FALSE;
716 }
717 break;
718 default:
719 DBG1("unknown address family");
720 return FALSE;
721 }
722 if (object.len == 0)
723 {
724 DBG1("An ASN.1 bit string must contain at least the initial octet");
725 return FALSE;
726 }
727 if (object.len == 1 && object.ptr[0] != 0)
728 {
729 DBG1("An empty ASN.1 bit string must contain a zero initial octet");
730 return FALSE;
731 }
732 if (object.ptr[0] > 7)
733 {
734 DBG1("number of unused bits is too large");
735 return FALSE;
736 }
737 return TRUE;
738 }
739
740 static void parse_ipAddrBlocks(chunk_t blob, int level0,
741 private_x509_cert_t *this)
742 {
743 asn1_parser_t *parser;
744 chunk_t object, min_object;
745 ts_type_t ts_type;
746 traffic_selector_t *ts;
747 int objectID;
748
749 parser = asn1_parser_create(ipAddrBlocksObjects, blob);
750 parser->set_top_level(parser, level0);
751
752 while (parser->iterate(parser, &objectID, &object))
753 {
754 switch (objectID)
755 {
756 case IP_ADDR_BLOCKS_FAMILY:
757 ts_type = 0;
758 if (object.len == 2 && object.ptr[0] == 0)
759 {
760 if (object.ptr[1] == 1)
761 {
762 ts_type = TS_IPV4_ADDR_RANGE;
763 }
764 else if (object.ptr[1] == 2)
765 {
766 ts_type = TS_IPV6_ADDR_RANGE;
767 }
768 else
769 {
770 break;
771 }
772 DBG2(" %N", ts_type_name, ts_type);
773 }
774 break;
775 case IP_ADDR_BLOCKS_INHERIT:
776 DBG1("inherit choice is not supported");
777 break;
778 case IP_ADDR_BLOCKS_PREFIX:
779 if (!check_address_object(ts_type, object))
780 {
781 goto end;
782 }
783 ts = traffic_selector_create_from_rfc3779_format(ts_type,
784 object, object);
785 DBG2(" %R", ts);
786 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
787 break;
788 case IP_ADDR_BLOCKS_MIN:
789 if (!check_address_object(ts_type, object))
790 {
791 goto end;
792 }
793 min_object = object;
794 break;
795 case IP_ADDR_BLOCKS_MAX:
796 if (!check_address_object(ts_type, object))
797 {
798 goto end;
799 }
800 ts = traffic_selector_create_from_rfc3779_format(ts_type,
801 min_object, object);
802 DBG2(" %R", ts);
803 this->ipAddrBlocks->insert_last(this->ipAddrBlocks, ts);
804 break;
805 default:
806 break;
807 }
808 }
809 this->flags |= X509_IP_ADDR_BLOCKS;
810
811 end:
812 parser->destroy(parser);
813 }
814
815 /**
816 * ASN.1 definition of an X.509v3 x509_cert
817 */
818 static const asn1Object_t certObjects[] = {
819 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
820 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
821 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
822 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
823 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
824 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
825 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
826 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
827 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
828 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
829 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
830 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_RAW }, /* 11 */
831 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
832 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
833 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 14 */
834 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
835 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 16 */
836 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 17 */
837 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 18 */
838 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 19 */
839 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 20 */
840 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 21 */
841 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 22 */
842 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 23 */
843 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 24 */
844 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY }, /* 25 */
845 { 0, "exit", ASN1_EOC, ASN1_EXIT }
846 };
847 #define X509_OBJ_TBS_CERTIFICATE 1
848 #define X509_OBJ_VERSION 3
849 #define X509_OBJ_SERIAL_NUMBER 4
850 #define X509_OBJ_SIG_ALG 5
851 #define X509_OBJ_ISSUER 6
852 #define X509_OBJ_NOT_BEFORE 8
853 #define X509_OBJ_NOT_AFTER 9
854 #define X509_OBJ_SUBJECT 10
855 #define X509_OBJ_SUBJECT_PUBLIC_KEY_INFO 11
856 #define X509_OBJ_OPTIONAL_EXTENSIONS 16
857 #define X509_OBJ_EXTN_ID 19
858 #define X509_OBJ_CRITICAL 20
859 #define X509_OBJ_EXTN_VALUE 21
860 #define X509_OBJ_ALGORITHM 24
861 #define X509_OBJ_SIGNATURE 25
862
863 /**
864 * forward declaration
865 */
866 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer);
867
868 /**
869 * Parses an X.509v3 certificate
870 */
871 static bool parse_certificate(private_x509_cert_t *this)
872 {
873 asn1_parser_t *parser;
874 chunk_t object;
875 int objectID;
876 int extn_oid = OID_UNKNOWN;
877 int sig_alg = OID_UNKNOWN;
878 bool success = FALSE;
879 bool critical;
880
881 parser = asn1_parser_create(certObjects, this->encoding);
882
883 while (parser->iterate(parser, &objectID, &object))
884 {
885 u_int level = parser->get_level(parser)+1;
886
887 switch (objectID)
888 {
889 case X509_OBJ_TBS_CERTIFICATE:
890 this->tbsCertificate = object;
891 break;
892 case X509_OBJ_VERSION:
893 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
894 if (this->version < 1 || this->version > 3)
895 {
896 DBG1("X.509v%d not supported", this->version);
897 goto end;
898 }
899 else
900 {
901 DBG2(" X.509v%d", this->version);
902 }
903 break;
904 case X509_OBJ_SERIAL_NUMBER:
905 this->serialNumber = object;
906 break;
907 case X509_OBJ_SIG_ALG:
908 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
909 break;
910 case X509_OBJ_ISSUER:
911 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
912 DBG2(" '%Y'", this->issuer);
913 break;
914 case X509_OBJ_NOT_BEFORE:
915 this->notBefore = asn1_parse_time(object, level);
916 break;
917 case X509_OBJ_NOT_AFTER:
918 this->notAfter = asn1_parse_time(object, level);
919 break;
920 case X509_OBJ_SUBJECT:
921 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
922 DBG2(" '%Y'", this->subject);
923 break;
924 case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO:
925 DBG2("-- > --");
926 this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY,
927 KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END);
928 DBG2("-- < --");
929 if (this->public_key == NULL)
930 {
931 goto end;
932 }
933 break;
934 case X509_OBJ_OPTIONAL_EXTENSIONS:
935 if (this->version != 3)
936 {
937 DBG1("Only X.509v3 certificates have extensions");
938 goto end;
939 }
940 break;
941 case X509_OBJ_EXTN_ID:
942 extn_oid = asn1_known_oid(object);
943 break;
944 case X509_OBJ_CRITICAL:
945 critical = object.len && *object.ptr;
946 DBG2(" %s", critical ? "TRUE" : "FALSE");
947 break;
948 case X509_OBJ_EXTN_VALUE:
949 {
950 switch (extn_oid)
951 {
952 case OID_SUBJECT_KEY_ID:
953 if (!asn1_parse_simple_object(&object, ASN1_OCTET_STRING,
954 level, "keyIdentifier"))
955 {
956 goto end;
957 }
958 this->subjectKeyIdentifier = object;
959 break;
960 case OID_SUBJECT_ALT_NAME:
961 x509_parse_generalNames(object, level, FALSE,
962 this->subjectAltNames);
963 break;
964 case OID_BASIC_CONSTRAINTS:
965 parse_basicConstraints(object, level, this);
966 break;
967 case OID_CRL_DISTRIBUTION_POINTS:
968 parse_crlDistributionPoints(object, level, this);
969 break;
970 case OID_AUTHORITY_KEY_ID:
971 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
972 level, &this->authKeySerialNumber);
973 break;
974 case OID_AUTHORITY_INFO_ACCESS:
975 parse_authorityInfoAccess(object, level, this);
976 break;
977 case OID_EXTENDED_KEY_USAGE:
978 parse_extendedKeyUsage(object, level, this);
979 break;
980 case OID_IP_ADDR_BLOCKS:
981 parse_ipAddrBlocks(object, level, this);
982 break;
983 case OID_NS_REVOCATION_URL:
984 case OID_NS_CA_REVOCATION_URL:
985 case OID_NS_CA_POLICY_URL:
986 case OID_NS_COMMENT:
987 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
988 level, oid_names[extn_oid].name))
989 {
990 goto end;
991 }
992 break;
993 default:
994 if (critical && lib->settings->get_bool(lib->settings,
995 "libstrongswan.plugins.x509.enforce_critical", FALSE))
996 {
997 DBG1("critical %s extension not supported",
998 (extn_oid == OID_UNKNOWN) ? "unknown" :
999 (char*)oid_names[extn_oid].name);
1000 goto end;
1001 }
1002 break;
1003 }
1004 break;
1005 }
1006 case X509_OBJ_ALGORITHM:
1007 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
1008 if (this->algorithm != sig_alg)
1009 {
1010 DBG1(" signature algorithms do not agree");
1011 goto end;
1012 }
1013 break;
1014 case X509_OBJ_SIGNATURE:
1015 this->signature = object;
1016 break;
1017 default:
1018 break;
1019 }
1020 }
1021 success = parser->success(parser);
1022
1023 end:
1024 parser->destroy(parser);
1025 if (success)
1026 {
1027 hasher_t *hasher;
1028
1029 /* check if the certificate is self-signed */
1030 if (issued_by(this, &this->public.interface.interface))
1031 {
1032 this->flags |= X509_SELF_SIGNED;
1033 }
1034 /* create certificate hash */
1035 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1036 if (hasher == NULL)
1037 {
1038 DBG1(" unable to create hash of certificate, SHA1 not supported");
1039 return NULL;
1040 }
1041 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1042 hasher->destroy(hasher);
1043 }
1044 return success;
1045 }
1046
1047 /**
1048 * Implementation of certificate_t.get_type
1049 */
1050 static certificate_type_t get_type(private_x509_cert_t *this)
1051 {
1052 return CERT_X509;
1053 }
1054
1055 /**
1056 * Implementation of certificate_t.get_subject
1057 */
1058 static identification_t* get_subject(private_x509_cert_t *this)
1059 {
1060 return this->subject;
1061 }
1062
1063 /**
1064 * Implementation of certificate_t.get_issuer
1065 */
1066 static identification_t* get_issuer(private_x509_cert_t *this)
1067 {
1068 return this->issuer;
1069 }
1070
1071 /**
1072 * Implementation of certificate_t.has_subject.
1073 */
1074 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
1075 {
1076 identification_t *current;
1077 enumerator_t *enumerator;
1078 id_match_t match, best;
1079
1080 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_KEY_ID)
1081 {
1082 if (chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
1083 {
1084 return ID_MATCH_PERFECT;
1085 }
1086 }
1087
1088 best = this->subject->matches(this->subject, subject);
1089 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
1090 while (enumerator->enumerate(enumerator, &current))
1091 {
1092 match = current->matches(current, subject);
1093 if (match > best)
1094 {
1095 best = match;
1096 }
1097 }
1098 enumerator->destroy(enumerator);
1099 return best;
1100 }
1101
1102 /**
1103 * Implementation of certificate_t.has_issuer.
1104 */
1105 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
1106 {
1107 /* issuerAltNames currently not supported */
1108 return this->issuer->matches(this->issuer, issuer);
1109 }
1110
1111 /**
1112 * Implementation of certificate_t.issued_by.
1113 */
1114 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
1115 {
1116 public_key_t *key;
1117 signature_scheme_t scheme;
1118 bool valid;
1119 x509_t *x509 = (x509_t*)issuer;
1120
1121 if (&this->public.interface.interface == issuer)
1122 {
1123 if (this->flags & X509_SELF_SIGNED)
1124 {
1125 return TRUE;
1126 }
1127 }
1128 else
1129 {
1130 if (issuer->get_type(issuer) != CERT_X509)
1131 {
1132 return FALSE;
1133 }
1134 if (!(x509->get_flags(x509) & X509_CA))
1135 {
1136 return FALSE;
1137 }
1138 }
1139 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
1140 {
1141 return FALSE;
1142 }
1143
1144 /* determine signature scheme */
1145 scheme = signature_scheme_from_oid(this->algorithm);
1146 if (scheme == SIGN_UNKNOWN)
1147 {
1148 return FALSE;
1149 }
1150 /* get the public key of the issuer */
1151 key = issuer->get_public_key(issuer);
1152 if (!key)
1153 {
1154 return FALSE;
1155 }
1156 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
1157 key->destroy(key);
1158 return valid;
1159 }
1160
1161 /**
1162 * Implementation of certificate_t.get_public_key
1163 */
1164 static public_key_t* get_public_key(private_x509_cert_t *this)
1165 {
1166 this->public_key->get_ref(this->public_key);
1167 return this->public_key;
1168 }
1169
1170 /**
1171 * Implementation of certificate_t.get_ref
1172 */
1173 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1174 {
1175 ref_get(&this->ref);
1176 return this;
1177 }
1178
1179 /**
1180 * Implementation of x509_cert_t.get_flags.
1181 */
1182 static x509_flag_t get_flags(private_x509_cert_t *this)
1183 {
1184 return this->flags;
1185 }
1186
1187 /**
1188 * Implementation of x509_cert_t.get_validity.
1189 */
1190 static bool get_validity(private_x509_cert_t *this, time_t *when,
1191 time_t *not_before, time_t *not_after)
1192 {
1193 time_t t = when ? *when : time(NULL);
1194
1195 if (not_before)
1196 {
1197 *not_before = this->notBefore;
1198 }
1199 if (not_after)
1200 {
1201 *not_after = this->notAfter;
1202 }
1203 return (t >= this->notBefore && t <= this->notAfter);
1204 }
1205
1206 /**
1207 * Implementation of certificate_t.is_newer.
1208 */
1209 static bool is_newer(certificate_t *this, certificate_t *that)
1210 {
1211 time_t this_update, that_update, now = time(NULL);
1212 bool new;
1213
1214 this->get_validity(this, &now, &this_update, NULL);
1215 that->get_validity(that, &now, &that_update, NULL);
1216 new = this_update > that_update;
1217 DBG1(" certificate from %T is %s - existing certificate from %T %s",
1218 &this_update, FALSE, new ? "newer":"not newer",
1219 &that_update, FALSE, new ? "replaced":"retained");
1220 return new;
1221 }
1222
1223 /**
1224 * Implementation of certificate_t.get_encoding.
1225 */
1226 static chunk_t get_encoding(private_x509_cert_t *this)
1227 {
1228 return chunk_clone(this->encoding);
1229 }
1230
1231 /**
1232 * Implementation of certificate_t.equals.
1233 */
1234 static bool equals(private_x509_cert_t *this, certificate_t *other)
1235 {
1236 chunk_t encoding;
1237 bool equal;
1238
1239 if (this == (private_x509_cert_t*)other)
1240 {
1241 return TRUE;
1242 }
1243 if (other->get_type(other) != CERT_X509)
1244 {
1245 return FALSE;
1246 }
1247 if (other->equals == (void*)equals)
1248 { /* skip allocation if we have the same implementation */
1249 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1250 }
1251 encoding = other->get_encoding(other);
1252 equal = chunk_equals(this->encoding, encoding);
1253 free(encoding.ptr);
1254 return equal;
1255 }
1256
1257 /**
1258 * Implementation of x509_t.get_serial.
1259 */
1260 static chunk_t get_serial(private_x509_cert_t *this)
1261 {
1262 return this->serialNumber;
1263 }
1264
1265 /**
1266 * Implementation of x509_t.get_subjectKeyIdentifier.
1267 */
1268 static chunk_t get_subjectKeyIdentifier(private_x509_cert_t *this)
1269 {
1270 if (this->subjectKeyIdentifier.ptr)
1271 {
1272 return this->subjectKeyIdentifier;
1273 }
1274 else
1275 {
1276 chunk_t fingerprint;
1277
1278 if (this->public_key->get_fingerprint(this->public_key,
1279 KEY_ID_PUBKEY_SHA1, &fingerprint))
1280 {
1281 return fingerprint;
1282 }
1283 else
1284 {
1285 return chunk_empty;
1286 }
1287 }
1288 }
1289
1290 /**
1291 * Implementation of x509_t.get_authKeyIdentifier.
1292 */
1293 static chunk_t get_authKeyIdentifier(private_x509_cert_t *this)
1294 {
1295 return this->authKeyIdentifier;
1296 }
1297
1298 /**
1299 * Implementation of x509_t.get_pathLenConstraint.
1300 */
1301 static int get_pathLenConstraint(private_x509_cert_t *this)
1302 {
1303 return this->pathLenConstraint;
1304 }
1305
1306 /**
1307 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1308 */
1309 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1310 {
1311 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1312 }
1313
1314 /**
1315 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1316 */
1317 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1318 {
1319 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1320 }
1321
1322 /**
1323 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1324 */
1325 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1326 {
1327 return this->crl_uris->create_enumerator(this->crl_uris);
1328 }
1329
1330 /**
1331 * Implementation of x509_cert_t.create_ipAddrBlock_enumerator.
1332 */
1333 static enumerator_t* create_ipAddrBlock_enumerator(private_x509_cert_t *this)
1334 {
1335 return this->ipAddrBlocks->create_enumerator(this->ipAddrBlocks);
1336 }
1337
1338 /**
1339 * Implementation of certificate_t.destroy.
1340 */
1341 static void destroy(private_x509_cert_t *this)
1342 {
1343 if (ref_put(&this->ref))
1344 {
1345 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1346 offsetof(identification_t, destroy));
1347 this->crl_uris->destroy_function(this->crl_uris, free);
1348 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1349 this->ipAddrBlocks->destroy_offset(this->ipAddrBlocks, offsetof(traffic_selector_t, destroy));
1350 DESTROY_IF(this->issuer);
1351 DESTROY_IF(this->subject);
1352 DESTROY_IF(this->public_key);
1353 chunk_free(&this->authKeyIdentifier);
1354 chunk_free(&this->encoding);
1355 chunk_free(&this->encoding_hash);
1356 if (!this->parsed)
1357 { /* only parsed certificates point these fields to "encoded" */
1358 chunk_free(&this->signature);
1359 chunk_free(&this->serialNumber);
1360 chunk_free(&this->tbsCertificate);
1361 }
1362 free(this);
1363 }
1364 }
1365
1366 /**
1367 * create an empty but initialized X.509 certificate
1368 */
1369 static private_x509_cert_t* create_empty(void)
1370 {
1371 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1372
1373 this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type;
1374 this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject;
1375 this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer;
1376 this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject;
1377 this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer;
1378 this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by;
1379 this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key;
1380 this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity;
1381 this->public.interface.interface.is_newer = (bool (*) (certificate_t*,certificate_t*))is_newer;
1382 this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding;
1383 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals;
1384 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref;
1385 this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy;
1386 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1387 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1388 this->public.interface.get_subjectKeyIdentifier = (chunk_t (*)(x509_t*))get_subjectKeyIdentifier;
1389 this->public.interface.get_authKeyIdentifier = (chunk_t (*)(x509_t*))get_authKeyIdentifier;
1390 this->public.interface.get_pathLenConstraint = (int (*)(x509_t*))get_pathLenConstraint;
1391 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1392 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1393 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1394 this->public.interface.create_ipAddrBlock_enumerator = (enumerator_t* (*)(x509_t*))create_ipAddrBlock_enumerator;
1395
1396 this->encoding = chunk_empty;
1397 this->encoding_hash = chunk_empty;
1398 this->tbsCertificate = chunk_empty;
1399 this->version = 1;
1400 this->serialNumber = chunk_empty;
1401 this->notBefore = 0;
1402 this->notAfter = 0;
1403 this->public_key = NULL;
1404 this->subject = NULL;
1405 this->issuer = NULL;
1406 this->subjectAltNames = linked_list_create();
1407 this->crl_uris = linked_list_create();
1408 this->ocsp_uris = linked_list_create();
1409 this->ipAddrBlocks = linked_list_create();
1410 this->subjectKeyIdentifier = chunk_empty;
1411 this->authKeyIdentifier = chunk_empty;
1412 this->authKeySerialNumber = chunk_empty;
1413 this->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1414 this->algorithm = 0;
1415 this->signature = chunk_empty;
1416 this->flags = 0;
1417 this->ref = 1;
1418 this->parsed = FALSE;
1419
1420 return this;
1421 }
1422
1423 /**
1424 * Encode a linked list of subjectAltNames
1425 */
1426 chunk_t x509_build_subjectAltNames(linked_list_t *list)
1427 {
1428 chunk_t subjectAltNames = chunk_empty;
1429 enumerator_t *enumerator;
1430 identification_t *id;
1431
1432 if (list->get_count(list) == 0)
1433 {
1434 return chunk_empty;
1435 }
1436
1437 enumerator = list->create_enumerator(list);
1438 while (enumerator->enumerate(enumerator, &id))
1439 {
1440 int context;
1441 chunk_t name;
1442
1443 switch (id->get_type(id))
1444 {
1445 case ID_RFC822_ADDR:
1446 context = ASN1_CONTEXT_S_1;
1447 break;
1448 case ID_FQDN:
1449 context = ASN1_CONTEXT_S_2;
1450 break;
1451 case ID_IPV4_ADDR:
1452 case ID_IPV6_ADDR:
1453 context = ASN1_CONTEXT_S_7;
1454 break;
1455 default:
1456 DBG1("encoding %N as subjectAltName not supported",
1457 id_type_names, id->get_type(id));
1458 enumerator->destroy(enumerator);
1459 free(subjectAltNames.ptr);
1460 return chunk_empty;
1461 }
1462 name = asn1_wrap(context, "c", id->get_encoding(id));
1463 subjectAltNames = chunk_cat("mm", subjectAltNames, name);
1464 }
1465 enumerator->destroy(enumerator);
1466
1467 return asn1_wrap(ASN1_SEQUENCE, "mm",
1468 asn1_build_known_oid(OID_SUBJECT_ALT_NAME),
1469 asn1_wrap(ASN1_OCTET_STRING, "m",
1470 asn1_wrap(ASN1_SEQUENCE, "m", subjectAltNames)
1471 )
1472 );
1473 }
1474
1475 /**
1476 * Generate and sign a new certificate
1477 */
1478 static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
1479 private_key_t *sign_key, int digest_alg)
1480 {
1481 chunk_t extensions = chunk_empty, extendedKeyUsage = chunk_empty;
1482 chunk_t serverAuth = chunk_empty, clientAuth = chunk_empty;
1483 chunk_t ocspSigning = chunk_empty;
1484 chunk_t basicConstraints = chunk_empty, subjectAltNames = chunk_empty;
1485 chunk_t subjectKeyIdentifier = chunk_empty, authKeyIdentifier = chunk_empty;
1486 chunk_t crlDistributionPoints = chunk_empty, authorityInfoAccess = chunk_empty;
1487 identification_t *issuer, *subject;
1488 chunk_t key_info;
1489 signature_scheme_t scheme;
1490 hasher_t *hasher;
1491 enumerator_t *enumerator;
1492 char *uri;
1493
1494 subject = cert->subject;
1495 if (sign_cert)
1496 {
1497 issuer = sign_cert->get_subject(sign_cert);
1498 if (!cert->public_key)
1499 {
1500 return FALSE;
1501 }
1502 }
1503 else
1504 { /* self signed */
1505 issuer = subject;
1506 if (!cert->public_key)
1507 {
1508 cert->public_key = sign_key->get_public_key(sign_key);
1509 }
1510 cert->flags |= X509_SELF_SIGNED;
1511 }
1512 cert->issuer = issuer->clone(issuer);
1513 if (!cert->notBefore)
1514 {
1515 cert->notBefore = time(NULL);
1516 }
1517 if (!cert->notAfter)
1518 { /* defaults to 1 year from now */
1519 cert->notAfter = cert->notBefore + 60 * 60 * 24 * 365;
1520 }
1521
1522 /* select signature scheme */
1523 cert->algorithm = hasher_signature_algorithm_to_oid(digest_alg,
1524 sign_key->get_type(sign_key));
1525 if (cert->algorithm == OID_UNKNOWN)
1526 {
1527 return FALSE;
1528 }
1529 scheme = signature_scheme_from_oid(cert->algorithm);
1530
1531 if (!cert->public_key->get_encoding(cert->public_key,
1532 KEY_PUB_SPKI_ASN1_DER, &key_info))
1533 {
1534 return FALSE;
1535 }
1536
1537 /* encode subjectAltNames */
1538 subjectAltNames = x509_build_subjectAltNames(cert->subjectAltNames);
1539
1540 /* encode CRL distribution points extension */
1541 enumerator = cert->crl_uris->create_enumerator(cert->crl_uris);
1542 while (enumerator->enumerate(enumerator, &uri))
1543 {
1544 chunk_t distributionPoint;
1545
1546 distributionPoint = asn1_wrap(ASN1_SEQUENCE, "m",
1547 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1548 asn1_wrap(ASN1_CONTEXT_C_0, "m",
1549 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1550 chunk_create(uri, strlen(uri))))));
1551
1552 crlDistributionPoints = chunk_cat("mm", crlDistributionPoints,
1553 distributionPoint);
1554 }
1555 enumerator->destroy(enumerator);
1556 if (crlDistributionPoints.ptr)
1557 {
1558 crlDistributionPoints = asn1_wrap(ASN1_SEQUENCE, "mm",
1559 asn1_build_known_oid(OID_CRL_DISTRIBUTION_POINTS),
1560 asn1_wrap(ASN1_OCTET_STRING, "m",
1561 asn1_wrap(ASN1_SEQUENCE, "m", crlDistributionPoints)));
1562 }
1563
1564 /* encode OCSP URIs in authorityInfoAccess extension */
1565 enumerator = cert->ocsp_uris->create_enumerator(cert->ocsp_uris);
1566 while (enumerator->enumerate(enumerator, &uri))
1567 {
1568 chunk_t accessDescription;
1569
1570 accessDescription = asn1_wrap(ASN1_SEQUENCE, "mm",
1571 asn1_build_known_oid(OID_OCSP),
1572 asn1_wrap(ASN1_CONTEXT_S_6, "c",
1573 chunk_create(uri, strlen(uri))));
1574 authorityInfoAccess = chunk_cat("mm", authorityInfoAccess,
1575 accessDescription);
1576 }
1577 enumerator->destroy(enumerator);
1578 if (authorityInfoAccess.ptr)
1579 {
1580 authorityInfoAccess = asn1_wrap(ASN1_SEQUENCE, "mm",
1581 asn1_build_known_oid(OID_AUTHORITY_INFO_ACCESS),
1582 asn1_wrap(ASN1_OCTET_STRING, "m",
1583 asn1_wrap(ASN1_SEQUENCE, "m", authorityInfoAccess)));
1584 }
1585
1586 /* build CA basicConstraint for CA certificates */
1587 if (cert->flags & X509_CA)
1588 {
1589 chunk_t pathLenConstraint = chunk_empty;
1590
1591 if (cert->pathLenConstraint != X509_NO_PATH_LEN_CONSTRAINT)
1592 {
1593 char pathlen = (char)cert->pathLenConstraint;
1594
1595 pathLenConstraint = asn1_integer("c", chunk_from_thing(pathlen));
1596 }
1597 basicConstraints = asn1_wrap(ASN1_SEQUENCE, "mmm",
1598 asn1_build_known_oid(OID_BASIC_CONSTRAINTS),
1599 asn1_wrap(ASN1_BOOLEAN, "c",
1600 chunk_from_chars(0xFF)),
1601 asn1_wrap(ASN1_OCTET_STRING, "m",
1602 asn1_wrap(ASN1_SEQUENCE, "mm",
1603 asn1_wrap(ASN1_BOOLEAN, "c",
1604 chunk_from_chars(0xFF)),
1605 pathLenConstraint)));
1606 }
1607
1608 /* add serverAuth extendedKeyUsage flag */
1609 if (cert->flags & X509_SERVER_AUTH)
1610 {
1611 serverAuth = asn1_build_known_oid(OID_SERVER_AUTH);
1612 }
1613 if (cert->flags & X509_CLIENT_AUTH)
1614 {
1615 clientAuth = asn1_build_known_oid(OID_CLIENT_AUTH);
1616 }
1617
1618 /* add ocspSigning extendedKeyUsage flag */
1619 if (cert->flags & X509_OCSP_SIGNER)
1620 {
1621 ocspSigning = asn1_build_known_oid(OID_OCSP_SIGNING);
1622 }
1623
1624 if (serverAuth.ptr || clientAuth.ptr || ocspSigning.ptr)
1625 {
1626 extendedKeyUsage = asn1_wrap(ASN1_SEQUENCE, "mm",
1627 asn1_build_known_oid(OID_EXTENDED_KEY_USAGE),
1628 asn1_wrap(ASN1_OCTET_STRING, "m",
1629 asn1_wrap(ASN1_SEQUENCE, "mmm",
1630 serverAuth, clientAuth, ocspSigning)));
1631 }
1632
1633 /* add subjectKeyIdentifier to CA and OCSP signer certificates */
1634 if (cert->flags & (X509_CA | X509_OCSP_SIGNER))
1635 {
1636 chunk_t keyid;
1637
1638 if (cert->public_key->get_fingerprint(cert->public_key,
1639 KEY_ID_PUBKEY_SHA1, &keyid))
1640 {
1641 subjectKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1642 asn1_build_known_oid(OID_SUBJECT_KEY_ID),
1643 asn1_wrap(ASN1_OCTET_STRING, "m",
1644 asn1_wrap(ASN1_OCTET_STRING, "c", keyid)));
1645 }
1646 }
1647
1648 /* add the keyid authKeyIdentifier for non self-signed certificates */
1649 if (sign_key)
1650 {
1651 chunk_t keyid;
1652
1653 if (sign_key->get_fingerprint(sign_key, KEY_ID_PUBKEY_SHA1, &keyid))
1654 {
1655 authKeyIdentifier = asn1_wrap(ASN1_SEQUENCE, "mm",
1656 asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
1657 asn1_wrap(ASN1_OCTET_STRING, "m",
1658 asn1_wrap(ASN1_SEQUENCE, "m",
1659 asn1_wrap(ASN1_CONTEXT_S_0, "c", keyid))));
1660 }
1661 }
1662 if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr ||
1663 crlDistributionPoints.ptr)
1664 {
1665 extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m",
1666 asn1_wrap(ASN1_SEQUENCE, "mmmmmmm",
1667 basicConstraints, subjectKeyIdentifier,
1668 authKeyIdentifier, subjectAltNames,
1669 extendedKeyUsage, crlDistributionPoints,
1670 authorityInfoAccess));
1671 }
1672
1673 cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmmcmcmm",
1674 asn1_simple_object(ASN1_CONTEXT_C_0, ASN1_INTEGER_2),
1675 asn1_integer("c", cert->serialNumber),
1676 asn1_algorithmIdentifier(cert->algorithm),
1677 issuer->get_encoding(issuer),
1678 asn1_wrap(ASN1_SEQUENCE, "mm",
1679 asn1_from_time(&cert->notBefore, ASN1_UTCTIME),
1680 asn1_from_time(&cert->notAfter, ASN1_UTCTIME)),
1681 subject->get_encoding(subject),
1682 key_info, extensions);
1683
1684 if (!sign_key->sign(sign_key, scheme, cert->tbsCertificate, &cert->signature))
1685 {
1686 return FALSE;
1687 }
1688 cert->encoding = asn1_wrap(ASN1_SEQUENCE, "cmm", cert->tbsCertificate,
1689 asn1_algorithmIdentifier(cert->algorithm),
1690 asn1_bitstring("c", cert->signature));
1691
1692 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1693 if (!hasher)
1694 {
1695 return FALSE;
1696 }
1697 hasher->allocate_hash(hasher, cert->encoding, &cert->encoding_hash);
1698 hasher->destroy(hasher);
1699 return TRUE;
1700 }
1701
1702 /**
1703 * See header.
1704 */
1705 x509_cert_t *x509_cert_load(certificate_type_t type, va_list args)
1706 {
1707 x509_flag_t flags = 0;
1708 chunk_t blob = chunk_empty;
1709
1710 while (TRUE)
1711 {
1712 switch (va_arg(args, builder_part_t))
1713 {
1714 case BUILD_BLOB_ASN1_DER:
1715 blob = va_arg(args, chunk_t);
1716 continue;
1717 case BUILD_X509_FLAG:
1718 flags |= va_arg(args, x509_flag_t);
1719 continue;
1720 case BUILD_END:
1721 break;
1722 default:
1723 return NULL;
1724 }
1725 break;
1726 }
1727
1728 if (blob.ptr)
1729 {
1730 private_x509_cert_t *cert = create_empty();
1731
1732 cert->encoding = chunk_clone(blob);
1733 cert->parsed = TRUE;
1734 if (parse_certificate(cert))
1735 {
1736 cert->flags |= flags;
1737 return &cert->public;
1738 }
1739 destroy(cert);
1740 }
1741 return NULL;
1742 }
1743
1744 /**
1745 * See header.
1746 */
1747 x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
1748 {
1749 private_x509_cert_t *cert;
1750 certificate_t *sign_cert = NULL;
1751 private_key_t *sign_key = NULL;
1752 hash_algorithm_t digest_alg = HASH_SHA1;
1753
1754 cert = create_empty();
1755 while (TRUE)
1756 {
1757 switch (va_arg(args, builder_part_t))
1758 {
1759 case BUILD_X509_FLAG:
1760 cert->flags |= va_arg(args, x509_flag_t);
1761 continue;
1762 case BUILD_SIGNING_KEY:
1763 sign_key = va_arg(args, private_key_t*);
1764 continue;
1765 case BUILD_SIGNING_CERT:
1766 sign_cert = va_arg(args, certificate_t*);
1767 continue;
1768 case BUILD_PUBLIC_KEY:
1769 cert->public_key = va_arg(args, public_key_t*);
1770 cert->public_key->get_ref(cert->public_key);
1771 continue;
1772 case BUILD_SUBJECT:
1773 cert->subject = va_arg(args, identification_t*);
1774 cert->subject = cert->subject->clone(cert->subject);
1775 continue;
1776 case BUILD_SUBJECT_ALTNAMES:
1777 {
1778 enumerator_t *enumerator;
1779 identification_t *id;
1780 linked_list_t *list;
1781
1782 list = va_arg(args, linked_list_t*);
1783 enumerator = list->create_enumerator(list);
1784 while (enumerator->enumerate(enumerator, &id))
1785 {
1786 cert->subjectAltNames->insert_last(cert->subjectAltNames,
1787 id->clone(id));
1788 }
1789 enumerator->destroy(enumerator);
1790 continue;
1791 }
1792 case BUILD_CRL_DISTRIBUTION_POINTS:
1793 {
1794 enumerator_t *enumerator;
1795 linked_list_t *list;
1796 char *uri;
1797
1798 list = va_arg(args, linked_list_t*);
1799 enumerator = list->create_enumerator(list);
1800 while (enumerator->enumerate(enumerator, &uri))
1801 {
1802 cert->crl_uris->insert_last(cert->crl_uris, strdup(uri));
1803 }
1804 enumerator->destroy(enumerator);
1805 continue;
1806 }
1807 case BUILD_OCSP_ACCESS_LOCATIONS:
1808 {
1809 enumerator_t *enumerator;
1810 linked_list_t *list;
1811 char *uri;
1812
1813 list = va_arg(args, linked_list_t*);
1814 enumerator = list->create_enumerator(list);
1815 while (enumerator->enumerate(enumerator, &uri))
1816 {
1817 cert->ocsp_uris->insert_last(cert->ocsp_uris, strdup(uri));
1818 }
1819 enumerator->destroy(enumerator);
1820 continue;
1821 }
1822 case BUILD_PATHLEN:
1823 cert->pathLenConstraint = va_arg(args, int);
1824 if (cert->pathLenConstraint < 0 || cert->pathLenConstraint > 127)
1825 {
1826 cert->pathLenConstraint = X509_NO_PATH_LEN_CONSTRAINT;
1827 }
1828 continue;
1829 case BUILD_NOT_BEFORE_TIME:
1830 cert->notBefore = va_arg(args, time_t);
1831 continue;
1832 case BUILD_NOT_AFTER_TIME:
1833 cert->notAfter = va_arg(args, time_t);
1834 continue;
1835 case BUILD_SERIAL:
1836 cert->serialNumber = chunk_clone(va_arg(args, chunk_t));
1837 continue;
1838 case BUILD_DIGEST_ALG:
1839 digest_alg = va_arg(args, int);
1840 continue;
1841 case BUILD_END:
1842 break;
1843 default:
1844 destroy(cert);
1845 return NULL;
1846 }
1847 break;
1848 }
1849
1850 if (sign_key && generate(cert, sign_cert, sign_key, digest_alg))
1851 {
1852 return &cert->public;
1853 }
1854 destroy(cert);
1855 return NULL;
1856 }
1857