enforcing x509_flags on certificate construction
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Hochschule fuer Technik Rapperswil
8 *
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the
11 * Free Software Foundation; either version 2 of the License, or (at your
12 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 * for more details.
18 *
19 * $Id$
20 */
21
22 #define _GNU_SOURCE
23
24 #include "x509_cert.h"
25
26 #include <gmp.h>
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <stdio.h>
31
32 #include <crypto/hashers/hasher.h>
33 #include <library.h>
34 #include <debug.h>
35 #include <asn1/oid.h>
36 #include <asn1/asn1.h>
37 #include <asn1/pem.h>
38 #include <utils/linked_list.h>
39 #include <utils/identification.h>
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum {
45 GN_OTHER_NAME = 0,
46 GN_RFC822_NAME = 1,
47 GN_DNS_NAME = 2,
48 GN_X400_ADDRESS = 3,
49 GN_DIRECTORY_NAME = 4,
50 GN_EDI_PARTY_NAME = 5,
51 GN_URI = 6,
52 GN_IP_ADDRESS = 7,
53 GN_REGISTERED_ID = 8,
54 } generalNames_t;
55
56
57 typedef struct private_x509_cert_t private_x509_cert_t;
58
59 /**
60 * Private data of a x509_cert_t object.
61 */
62 struct private_x509_cert_t {
63 /**
64 * Public interface for this certificate.
65 */
66 x509_cert_t public;
67
68 /**
69 * DER encoded X.509 certificate
70 */
71 chunk_t certificate;
72
73 /**
74 * X.509 certificate body over which signature is computed
75 */
76 chunk_t tbsCertificate;
77
78 /**
79 * Version of the X.509 certificate
80 */
81 u_int version;
82
83 /**
84 * Serial number of the X.509 certificate
85 */
86 chunk_t serialNumber;
87
88 /**
89 * ID representing the certificate issuer
90 */
91 identification_t *issuer;
92
93 /**
94 * Start time of certificate validity
95 */
96 time_t notBefore;
97
98 /**
99 * End time of certificate validity
100 */
101 time_t notAfter;
102
103 /**
104 * ID representing the certificate subject
105 */
106 identification_t *subject;
107
108 /**
109 * List of subjectAltNames as identification_t
110 */
111 linked_list_t *subjectAltNames;
112
113 /**
114 * List of crlDistributionPoints as allocated char*
115 */
116 linked_list_t *crl_uris;
117
118 /**
119 * List ocspAccessLocations as identification_t
120 */
121 linked_list_t *ocsp_uris;
122
123 /**
124 * certificates embedded public key
125 */
126 public_key_t *public_key;
127
128 /**
129 * Subject Key Identifier
130 */
131 chunk_t subjectKeyID;
132
133 /**
134 * Authority Key Identifier
135 */
136 identification_t *authKeyIdentifier;
137
138 /**
139 * Authority Key Serial Number
140 */
141 chunk_t authKeySerialNumber;
142
143 /**
144 * x509 constraints and other flags
145 */
146 x509_flag_t flags;
147
148 /**
149 * Signature algorithm
150 */
151 int algorithm;
152
153 /**
154 * Signature
155 */
156 chunk_t signature;
157
158 /**
159 * reference count
160 */
161 refcount_t ref;
162 };
163
164 /**
165 * ASN.1 definition of generalName
166 */
167 static const asn1Object_t generalNameObjects[] = {
168 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
169 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
170 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
171 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
172 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
173 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
174 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
175 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
176 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
177 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
178 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
179 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
180 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
181 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
182 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
183 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
184 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
185 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
186 };
187
188 #define GN_OBJ_OTHER_NAME 0
189 #define GN_OBJ_RFC822_NAME 2
190 #define GN_OBJ_DNS_NAME 4
191 #define GN_OBJ_X400_ADDRESS 6
192 #define GN_OBJ_DIRECTORY_NAME 8
193 #define GN_OBJ_EDI_PARTY_NAME 10
194 #define GN_OBJ_URI 12
195 #define GN_OBJ_IP_ADDRESS 14
196 #define GN_OBJ_REGISTERED_ID 16
197 #define GN_OBJ_ROOF 18
198
199 /**
200 * ASN.1 definition of otherName
201 */
202 static const asn1Object_t otherNameObjects[] = {
203 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
204 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
205 };
206
207 #define ON_OBJ_ID_TYPE 0
208 #define ON_OBJ_VALUE 1
209 #define ON_OBJ_ROOF 2
210
211 /**
212 * ASN.1 definition of a basicConstraints extension
213 */
214 static const asn1Object_t basicConstraintsObjects[] = {
215 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
216 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
217 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
218 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
219 };
220
221 #define BASIC_CONSTRAINTS_CA 1
222 #define BASIC_CONSTRAINTS_ROOF 4
223
224 /**
225 * ASN.1 definition of a keyIdentifier
226 */
227 static const asn1Object_t keyIdentifierObjects[] = {
228 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
229 };
230
231 /**
232 * ASN.1 definition of a authorityKeyIdentifier extension
233 */
234 static const asn1Object_t authorityKeyIdentifierObjects[] = {
235 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
236 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
237 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
238 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
239 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
240 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
241 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
242 };
243
244 #define AUTH_KEY_ID_KEY_ID 1
245 #define AUTH_KEY_ID_CERT_ISSUER 3
246 #define AUTH_KEY_ID_CERT_SERIAL 5
247 #define AUTH_KEY_ID_ROOF 7
248
249 /**
250 * ASN.1 definition of a authorityInfoAccess extension
251 */
252 static const asn1Object_t authorityInfoAccessObjects[] = {
253 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
254 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
255 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
256 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
257 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
258 };
259
260 #define AUTH_INFO_ACCESS_METHOD 2
261 #define AUTH_INFO_ACCESS_LOCATION 3
262 #define AUTH_INFO_ACCESS_ROOF 5
263
264 /**
265 * ASN.1 definition of a extendedKeyUsage extension
266 */
267 static const asn1Object_t extendedKeyUsageObjects[] = {
268 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
269 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
270 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
271 };
272
273 #define EXT_KEY_USAGE_PURPOSE_ID 1
274 #define EXT_KEY_USAGE_ROOF 3
275
276 /**
277 * ASN.1 definition of generalNames
278 */
279 static const asn1Object_t generalNamesObjects[] = {
280 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
281 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
282 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
283 };
284
285 #define GENERAL_NAMES_GN 1
286 #define GENERAL_NAMES_ROOF 3
287
288
289 /**
290 * ASN.1 definition of crlDistributionPoints
291 */
292 static const asn1Object_t crlDistributionPointsObjects[] = {
293 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
294 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
295 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
296 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
297 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
298 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
299 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
300 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
301 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
302 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
303 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
304 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
305 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
306 };
307
308 #define CRL_DIST_POINTS_FULLNAME 3
309 #define CRL_DIST_POINTS_ROOF 13
310
311 /**
312 * ASN.1 definition of an X.509v3 x509_cert
313 */
314 static const asn1Object_t certObjects[] = {
315 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
316 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
317 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
318 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
319 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
320 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
321 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
322 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
323 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
324 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
325 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
326 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
327 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
328 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
329 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
330 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
331 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
332 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
333 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
334 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
335 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
336 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
337 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
338 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
339 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
340 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
341 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
342 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
343 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
344 };
345
346 #define X509_OBJ_TBS_CERTIFICATE 1
347 #define X509_OBJ_VERSION 3
348 #define X509_OBJ_SERIAL_NUMBER 4
349 #define X509_OBJ_SIG_ALG 5
350 #define X509_OBJ_ISSUER 6
351 #define X509_OBJ_NOT_BEFORE 8
352 #define X509_OBJ_NOT_AFTER 9
353 #define X509_OBJ_SUBJECT 10
354 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
355 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
356 #define X509_OBJ_RSA_PUBLIC_KEY 14
357 #define X509_OBJ_EXTN_ID 22
358 #define X509_OBJ_CRITICAL 23
359 #define X509_OBJ_EXTN_VALUE 24
360 #define X509_OBJ_ALGORITHM 27
361 #define X509_OBJ_SIGNATURE 28
362 #define X509_OBJ_ROOF 29
363
364
365 static u_char ASN1_sAN_oid_buf[] = {
366 0x06, 0x03, 0x55, 0x1D, 0x11
367 };
368 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
369
370 /**
371 * extracts the basicConstraints extension
372 */
373 static bool parse_basicConstraints(chunk_t blob, int level0)
374 {
375 asn1_ctx_t ctx;
376 chunk_t object;
377 u_int level;
378 int objectID = 0;
379 bool isCA = FALSE;
380
381 asn1_init(&ctx, blob, level0, FALSE, FALSE);
382 while (objectID < BASIC_CONSTRAINTS_ROOF) {
383
384 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
385 {
386 break;
387 }
388 if (objectID == BASIC_CONSTRAINTS_CA)
389 {
390 isCA = object.len && *object.ptr;
391 DBG2(" %s", isCA ? "TRUE" : "FALSE");
392 }
393 objectID++;
394 }
395 return isCA;
396 }
397
398 /*
399 * extracts an otherName
400 */
401 static bool parse_otherName(chunk_t blob, int level0)
402 {
403 asn1_ctx_t ctx;
404 chunk_t object;
405 u_int level;
406 int objectID = 0;
407 int oid = OID_UNKNOWN;
408
409 asn1_init(&ctx, blob, level0, FALSE, FALSE);
410 while (objectID < ON_OBJ_ROOF)
411 {
412 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
413 {
414 return FALSE;
415 }
416 switch (objectID)
417 {
418 case ON_OBJ_ID_TYPE:
419 oid = known_oid(object);
420 break;
421 case ON_OBJ_VALUE:
422 if (oid == OID_XMPP_ADDR)
423 {
424 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING,
425 level + 1, "xmppAddr"))
426 {
427 return FALSE;
428 }
429 }
430 break;
431 default:
432 break;
433 }
434 objectID++;
435 }
436 return TRUE;
437 }
438
439 /*
440 * extracts a generalName
441 */
442 static identification_t *parse_generalName(chunk_t blob, int level0)
443 {
444 asn1_ctx_t ctx;
445 chunk_t object;
446 int objectID = 0;
447 u_int level;
448
449 asn1_init(&ctx, blob, level0, FALSE, FALSE);
450 while (objectID < GN_OBJ_ROOF)
451 {
452 id_type_t id_type = ID_ANY;
453
454 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
455 {
456 return NULL;
457 }
458 switch (objectID)
459 {
460 case GN_OBJ_RFC822_NAME:
461 id_type = ID_RFC822_ADDR;
462 break;
463 case GN_OBJ_DNS_NAME:
464 id_type = ID_FQDN;
465 break;
466 case GN_OBJ_URI:
467 id_type = ID_DER_ASN1_GN_URI;
468 break;
469 case GN_OBJ_DIRECTORY_NAME:
470 id_type = ID_DER_ASN1_DN;
471 break;
472 case GN_OBJ_IP_ADDRESS:
473 id_type = ID_IPV4_ADDR;
474 break;
475 case GN_OBJ_OTHER_NAME:
476 if (!parse_otherName(object, level + 1))
477 return NULL;
478 break;
479 case GN_OBJ_X400_ADDRESS:
480 case GN_OBJ_EDI_PARTY_NAME:
481 case GN_OBJ_REGISTERED_ID:
482 break;
483 default:
484 break;
485 }
486 if (id_type != ID_ANY)
487 {
488 identification_t *gn = identification_create_from_encoding(id_type, object);
489 DBG2(" '%D'", gn);
490 return gn;
491 }
492 objectID++;
493 }
494 return NULL;
495 }
496
497
498 /**
499 * extracts one or several GNs and puts them into a chained list
500 */
501 void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
502 {
503 asn1_ctx_t ctx;
504 chunk_t object;
505 u_int level;
506 int objectID = 0;
507
508 asn1_init(&ctx, blob, level0, implicit, FALSE);
509 while (objectID < GENERAL_NAMES_ROOF)
510 {
511 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
512 {
513 return;
514 }
515 if (objectID == GENERAL_NAMES_GN)
516 {
517 identification_t *gn = parse_generalName(object, level+1);
518
519 if (gn != NULL)
520 {
521 list->insert_last(list, (void *)gn);
522 }
523 }
524 objectID++;
525 }
526 return;
527 }
528
529 /**
530 * extracts a keyIdentifier
531 */
532 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
533 {
534 asn1_ctx_t ctx;
535 chunk_t object;
536 u_int level;
537 int objectID = 0;
538
539 asn1_init(&ctx, blob, level0, implicit, FALSE);
540 if (!extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx))
541 {
542 return chunk_empty;
543 }
544 return object;
545 }
546
547 /**
548 * extracts an authoritykeyIdentifier
549 */
550 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
551 chunk_t *authKeySerialNumber)
552 {
553 asn1_ctx_t ctx;
554 chunk_t object;
555 u_int level;
556 int objectID = 0;
557 identification_t *authKeyIdentifier = NULL;
558
559 *authKeySerialNumber = chunk_empty;
560
561 asn1_init(&ctx, blob, level0, FALSE, FALSE);
562 while (objectID < AUTH_KEY_ID_ROOF)
563 {
564 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
565 {
566 return NULL;
567 }
568 switch (objectID)
569 {
570 case AUTH_KEY_ID_KEY_ID:
571 {
572 chunk_t authKeyID = parse_keyIdentifier(object, level+1, TRUE);
573
574 if (authKeyID.ptr == NULL)
575 {
576 return NULL;
577 }
578 authKeyIdentifier = identification_create_from_encoding(
579 ID_PUBKEY_SHA1, authKeyID);
580 break;
581 }
582 case AUTH_KEY_ID_CERT_ISSUER:
583 {
584 /* TODO: parse_generalNames(object, level+1, TRUE); */
585 break;
586 }
587 case AUTH_KEY_ID_CERT_SERIAL:
588 *authKeySerialNumber = object;
589 break;
590 default:
591 break;
592 }
593 objectID++;
594 }
595 return authKeyIdentifier;
596 }
597
598 /**
599 * extracts an authorityInfoAcess location
600 */
601 static void parse_authorityInfoAccess(chunk_t blob, int level0,
602 private_x509_cert_t *this)
603 {
604 asn1_ctx_t ctx;
605 chunk_t object;
606 u_int level;
607 int objectID = 0;
608 int accessMethod = OID_UNKNOWN;
609
610 asn1_init(&ctx, blob, level0, FALSE, FALSE);
611 while (objectID < AUTH_INFO_ACCESS_ROOF)
612 {
613 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
614 {
615 return;
616 }
617 switch (objectID)
618 {
619 case AUTH_INFO_ACCESS_METHOD:
620 accessMethod = known_oid(object);
621 break;
622 case AUTH_INFO_ACCESS_LOCATION:
623 {
624 switch (accessMethod)
625 {
626 case OID_OCSP:
627 case OID_CA_ISSUERS:
628 {
629 identification_t *id;
630 char *uri;
631
632 id = parse_generalName(object, level+1);
633 if (id == NULL)
634 { /* parsing went wrong - abort */
635 return;
636 }
637 DBG2(" '%D'", id);
638 if (accessMethod == OID_OCSP &&
639 asprintf(&uri, "%D", id) > 0)
640 {
641 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
642 }
643 id->destroy(id);
644 }
645 break;
646 default:
647 /* unkown accessMethod, ignoring */
648 break;
649 }
650 break;
651 }
652 default:
653 break;
654 }
655 objectID++;
656 }
657 }
658
659 /**
660 * extracts extendedKeyUsage OIDs
661 */
662 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
663 {
664 asn1_ctx_t ctx;
665 chunk_t object;
666 u_int level;
667 int objectID = 0;
668
669 asn1_init(&ctx, blob, level0, FALSE, FALSE);
670 while (objectID < EXT_KEY_USAGE_ROOF)
671 {
672 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
673 {
674 return FALSE;
675 }
676 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
677 known_oid(object) == OID_OCSP_SIGNING)
678 {
679 return TRUE;
680 }
681 objectID++;
682 }
683 return FALSE;
684 }
685
686 /**
687 * extracts one or several crlDistributionPoints into a list
688 */
689 static void parse_crlDistributionPoints(chunk_t blob, int level0,
690 private_x509_cert_t *this)
691 {
692 asn1_ctx_t ctx;
693 chunk_t object;
694 u_int level;
695 int objectID = 0;
696 linked_list_t *list;
697 identification_t *id;
698 char *uri;
699
700 list = linked_list_create();
701 asn1_init(&ctx, blob, level0, FALSE, FALSE);
702 while (objectID < CRL_DIST_POINTS_ROOF)
703 {
704 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
705 {
706 list->destroy_offset(list, offsetof(identification_t, destroy));
707 return;
708 }
709 if (objectID == CRL_DIST_POINTS_FULLNAME)
710 { /* append extracted generalNames to existing chained list */
711 parse_generalNames(object, level+1, TRUE, list);
712
713 while (list->remove_last(list, (void**)&id) == SUCCESS)
714 {
715 if (asprintf(&uri, "%D", id) > 0)
716 {
717 this->crl_uris->insert_last(this->crl_uris, uri);
718 }
719 id->destroy(id);
720 }
721 }
722 objectID++;
723 }
724 list->destroy(list);
725 }
726
727 /**
728 * Parses an X.509v3 certificate
729 */
730 static bool parse_certificate(private_x509_cert_t *this)
731 {
732 asn1_ctx_t ctx;
733 bool critical;
734 chunk_t object;
735 u_int level;
736 int objectID = 0;
737 int extn_oid = OID_UNKNOWN;
738 int key_alg = 0;
739 int sig_alg = 0;
740 chunk_t subjectPublicKey = chunk_empty;
741
742 asn1_init(&ctx, this->certificate, 0, FALSE, FALSE);
743 while (objectID < X509_OBJ_ROOF)
744 {
745 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
746 {
747 return FALSE;
748 }
749 /* those objects which will parsed further need the next higher level */
750 level++;
751 switch (objectID)
752 {
753 case X509_OBJ_TBS_CERTIFICATE:
754 this->tbsCertificate = object;
755 break;
756 case X509_OBJ_VERSION:
757 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
758 DBG2(" v%d", this->version);
759 break;
760 case X509_OBJ_SERIAL_NUMBER:
761 this->serialNumber = object;
762 break;
763 case X509_OBJ_SIG_ALG:
764 sig_alg = parse_algorithmIdentifier(object, level, NULL);
765 break;
766 case X509_OBJ_ISSUER:
767 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
768 DBG2(" '%D'", this->issuer);
769 break;
770 case X509_OBJ_NOT_BEFORE:
771 this->notBefore = parse_time(object, level);
772 break;
773 case X509_OBJ_NOT_AFTER:
774 this->notAfter = parse_time(object, level);
775 break;
776 case X509_OBJ_SUBJECT:
777 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
778 DBG2(" '%D'", this->subject);
779 break;
780 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
781 key_alg = parse_algorithmIdentifier(object, level, NULL);
782 break;
783 case X509_OBJ_SUBJECT_PUBLIC_KEY:
784 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
785 {
786 /* skip initial bit string octet defining 0 unused bits */
787 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
788 }
789 break;
790 case X509_OBJ_RSA_PUBLIC_KEY:
791 subjectPublicKey = object;
792 switch (key_alg)
793 {
794 case OID_RSA_ENCRYPTION:
795 this->public_key = lib->creds->create(lib->creds,
796 CRED_PUBLIC_KEY, KEY_RSA,
797 BUILD_BLOB_ASN1_DER, chunk_clone(subjectPublicKey),
798 BUILD_END);
799 break;
800 default:
801 DBG1("parsing key type %d failed", key_alg);
802 return FALSE;
803 }
804 break;
805 case X509_OBJ_EXTN_ID:
806 extn_oid = known_oid(object);
807 break;
808 case X509_OBJ_CRITICAL:
809 critical = object.len && *object.ptr;
810 DBG2(" %s", critical ? "TRUE" : "FALSE");
811 break;
812 case X509_OBJ_EXTN_VALUE:
813 {
814 switch (extn_oid)
815 {
816 case OID_SUBJECT_KEY_ID:
817 this->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
818 break;
819 case OID_SUBJECT_ALT_NAME:
820 parse_generalNames(object, level, FALSE, this->subjectAltNames);
821 break;
822 case OID_BASIC_CONSTRAINTS:
823 if (parse_basicConstraints(object, level))
824 {
825 this->flags |= X509_CA;
826 }
827 break;
828 case OID_CRL_DISTRIBUTION_POINTS:
829 parse_crlDistributionPoints(object, level, this);
830 break;
831 case OID_AUTHORITY_KEY_ID:
832 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
833 level, &this->authKeySerialNumber);
834 break;
835 case OID_AUTHORITY_INFO_ACCESS:
836 parse_authorityInfoAccess(object, level, this);
837 break;
838 case OID_EXTENDED_KEY_USAGE:
839 if (parse_extendedKeyUsage(object, level))
840 {
841 this->flags |= X509_OCSP_SIGNER;
842 }
843 break;
844 case OID_NS_REVOCATION_URL:
845 case OID_NS_CA_REVOCATION_URL:
846 case OID_NS_CA_POLICY_URL:
847 case OID_NS_COMMENT:
848 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING,
849 level, oid_names[extn_oid].name))
850 return FALSE;
851 break;
852 default:
853 break;
854 }
855 break;
856 }
857 case X509_OBJ_ALGORITHM:
858 this->algorithm = parse_algorithmIdentifier(object, level, NULL);
859 if (this->algorithm != sig_alg)
860 {
861 DBG1(" signature algorithms do not agree");
862 return FALSE;
863 }
864 break;
865 case X509_OBJ_SIGNATURE:
866 this->signature = object;
867 break;
868 default:
869 break;
870 }
871 objectID++;
872 }
873 return TRUE;
874 }
875
876 /**
877 * Implementation of certificate_t.get_type
878 */
879 static certificate_type_t get_type(private_x509_cert_t *this)
880 {
881 return CERT_X509;
882 }
883
884 /**
885 * Implementation of certificate_t.get_subject
886 */
887 static identification_t* get_subject(private_x509_cert_t *this)
888 {
889 return this->subject;
890 }
891
892 /**
893 * Implementation of certificate_t.get_issuer
894 */
895 static identification_t* get_issuer(private_x509_cert_t *this)
896 {
897 return this->issuer;
898 }
899
900 /**
901 * Implementation of certificate_t.has_subject.
902 */
903 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
904 {
905 identification_t *current;
906 enumerator_t *enumerator;
907 id_match_t match, best;
908
909 best = this->subject->matches(this->subject, subject);
910 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
911 while (enumerator->enumerate(enumerator, &current))
912 {
913 match = current->matches(current, subject);
914 if (match > best)
915 {
916 best = match;
917 }
918 }
919 enumerator->destroy(enumerator);
920 return best;
921 }
922
923 /**
924 * Implementation of certificate_t.has_subject.
925 */
926 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
927 {
928 /* issuerAltNames currently not supported */
929 return this->issuer->matches(this->issuer, issuer);
930 }
931
932 /**
933 * Implementation of certificate_t.issued_by
934 */
935 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer,
936 bool sigcheck)
937 {
938 public_key_t *key;
939 signature_scheme_t scheme;
940 bool valid;
941 x509_t *x509 = (x509_t*)issuer;
942
943 if (&this->public.interface.interface == issuer &&
944 (this->flags & X509_SELF_SIGNED))
945 {
946 return TRUE;
947 }
948 if (issuer->get_type(issuer) != CERT_X509)
949 {
950 return FALSE;
951 }
952 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
953 {
954 return FALSE;
955 }
956 if (!(x509->get_flags(x509) & X509_CA))
957 {
958 return FALSE;
959 }
960 if (!sigcheck)
961 {
962 return TRUE;
963 }
964 /* TODO: generic OID to scheme mapper? */
965 switch (this->algorithm)
966 {
967 case OID_MD5_WITH_RSA:
968 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
969 break;
970 case OID_SHA1_WITH_RSA:
971 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
972 break;
973 case OID_SHA256_WITH_RSA:
974 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
975 break;
976 case OID_SHA384_WITH_RSA:
977 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
978 break;
979 case OID_SHA512_WITH_RSA:
980 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
981 break;
982 default:
983 return FALSE;
984 }
985 key = issuer->get_public_key(issuer);
986 if (key == NULL)
987 {
988 return FALSE;
989 }
990 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
991 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
992 key->destroy(key);
993 return valid;
994 }
995
996 /**
997 * Implementation of certificate_t.get_public_key
998 */
999 static public_key_t* get_public_key(private_x509_cert_t *this)
1000 {
1001 this->public_key->get_ref(this->public_key);
1002 return this->public_key;
1003 }
1004
1005 /**
1006 * Implementation of certificate_t.asdf
1007 */
1008 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1009 {
1010 ref_get(&this->ref);
1011 return this;
1012 }
1013
1014 /**
1015 * Implementation of x509_cert_t.get_flags.
1016 */
1017 static x509_flag_t get_flags(private_x509_cert_t *this)
1018 {
1019 return this->flags;
1020 }
1021
1022 /**
1023 * Implementation of x509_cert_t.get_validity.
1024 */
1025 static bool get_validity(private_x509_cert_t *this, time_t *when,
1026 time_t *not_before, time_t *not_after)
1027 {
1028 time_t t;
1029
1030 if (when)
1031 {
1032 t = *when;
1033 }
1034 else
1035 {
1036 t = time(NULL);
1037 }
1038 if (not_after)
1039 {
1040 *not_after = this->notAfter;
1041 }
1042 if (not_before)
1043 {
1044 *not_before = this->notBefore;
1045 }
1046 return (t >= this->notBefore && t <= this->notAfter);
1047 }
1048
1049 /**
1050 * Implementation of certificate_t.get_encoding.
1051 */
1052 static chunk_t get_encoding(private_x509_cert_t *this)
1053 {
1054 return chunk_clone(this->certificate);
1055 }
1056
1057 /**
1058 * Implementation of certificate_t.equals.
1059 */
1060 static bool equals(private_x509_cert_t *this, certificate_t *other)
1061 {
1062 if (this == (private_x509_cert_t*)other)
1063 {
1064 return TRUE;
1065 }
1066 if (other->get_type(other) != CERT_X509)
1067 {
1068 return FALSE;
1069 }
1070 /* check if we have the same X509 implementation */
1071 if (other->equals == (void*)equals)
1072 {
1073 if (this->signature.len == 0)
1074 {
1075 return FALSE;
1076 }
1077 return chunk_equals(this->signature, ((private_x509_cert_t*)other)->signature);
1078 }
1079 /* TODO: compare against other implementation */
1080 return FALSE;
1081 }
1082
1083 /**
1084 * Implementation of x509_t.get_serial.
1085 */
1086 static chunk_t get_serial(private_x509_cert_t *this)
1087 {
1088 return this->serialNumber;
1089 }
1090
1091 /**
1092 * Implementation of x509_t.get_authKeyIdentifier.
1093 */
1094 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1095 {
1096 return this->authKeyIdentifier;
1097 }
1098
1099 /**
1100 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1101 */
1102 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1103 {
1104 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1105 }
1106
1107 /**
1108 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1109 */
1110 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1111 {
1112 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1113 }
1114
1115 /**
1116 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1117 */
1118 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1119 {
1120 return this->crl_uris->create_enumerator(this->crl_uris);
1121 }
1122
1123 /**
1124 * Implementation of certificate_t.asdf
1125 */
1126 static void destroy(private_x509_cert_t *this)
1127 {
1128 if (ref_put(&this->ref))
1129 {
1130 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1131 offsetof(identification_t, destroy));
1132 this->crl_uris->destroy_function(this->crl_uris, free);
1133 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1134 DESTROY_IF(this->issuer);
1135 DESTROY_IF(this->subject);
1136 DESTROY_IF(this->public_key);
1137 DESTROY_IF(this->authKeyIdentifier);
1138 chunk_free(&this->certificate);
1139 free(this);
1140 }
1141 }
1142
1143 /**
1144 * load x509 certificate from a chunk
1145 */
1146 static private_x509_cert_t *load(chunk_t chunk)
1147 {
1148 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1149
1150 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1151 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1152 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1153 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1154 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1155 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer,bool))issued_by;
1156 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1157 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1158 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1159 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1160 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1161 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1162 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1163 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1164 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1165 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1166 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1167 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1168
1169 this->certificate = chunk;
1170 this->public_key = NULL;
1171 this->subject = NULL;
1172 this->issuer = NULL;
1173 this->subjectAltNames = linked_list_create();
1174 this->crl_uris = linked_list_create();
1175 this->ocsp_uris = linked_list_create();
1176 this->subjectKeyID = chunk_empty;
1177 this->authKeyIdentifier = NULL;
1178 this->authKeySerialNumber = chunk_empty;
1179 this->flags = 0;
1180 this->ref = 1;
1181
1182 if (!parse_certificate(this))
1183 {
1184 destroy(this);
1185 return NULL;
1186 }
1187 if (issued_by(this, &this->public.interface.interface, FALSE))
1188 {
1189 this->flags |= X509_SELF_SIGNED;
1190 }
1191 return this;
1192 }
1193
1194 typedef struct private_builder_t private_builder_t;
1195 /**
1196 * Builder implementation for certificate loading
1197 */
1198 struct private_builder_t {
1199 /** implements the builder interface */
1200 builder_t public;
1201 /** loaded certificate */
1202 private_x509_cert_t *cert;
1203 /** additional flags to enforce */
1204 x509_flag_t flags;
1205 };
1206
1207 /**
1208 * Implementation of builder_t.build
1209 */
1210 static x509_cert_t *build(private_builder_t *this)
1211 {
1212 private_x509_cert_t *cert;
1213
1214 cert = this->cert;
1215 cert->flags |= this->flags;
1216 free(this);
1217 return &cert->public;
1218 }
1219
1220 /**
1221 * Implementation of builder_t.add
1222 */
1223 static void add(private_builder_t *this, builder_part_t part, ...)
1224 {
1225 va_list args;
1226
1227 va_start(args, part);
1228 switch (part)
1229 {
1230 case BUILD_BLOB_ASN1_DER:
1231 {
1232 if (this->cert)
1233 {
1234 destroy(this->cert);
1235 }
1236 this->cert = load(va_arg(args, chunk_t));
1237 break;
1238 }
1239 case BUILD_X509_FLAG:
1240 {
1241 this->flags = va_arg(args, x509_flag_t);
1242 break;
1243 }
1244 default:
1245 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1246 break;
1247 }
1248 va_end(args);
1249 }
1250
1251 /**
1252 * Builder construction function
1253 */
1254 builder_t *x509_cert_builder(certificate_type_t type)
1255 {
1256 private_builder_t *this;
1257
1258 if (type != CERT_X509)
1259 {
1260 return NULL;
1261 }
1262
1263 this = malloc_thing(private_builder_t);
1264
1265 this->cert = NULL;
1266 this->flags = 0;
1267 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1268 this->public.build = (void*(*)(builder_t *this))build;
1269
1270 return &this->public;
1271 }
1272