introduced ASN1_EXIT command in ASN.1 object syntax definition
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 *
20 * $Id$
21 */
22
23 #define _GNU_SOURCE
24
25 #include "x509_cert.h"
26
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <stdio.h>
31
32 #include <library.h>
33 #include <debug.h>
34 #include <asn1/oid.h>
35 #include <asn1/asn1.h>
36 #include <asn1/asn1_parser.h>
37 #include <asn1/pem.h>
38 #include <crypto/hashers/hasher.h>
39 #include <utils/linked_list.h>
40 #include <utils/identification.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List ocspAccessLocations as identification_t
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * certificates embedded public key
131 */
132 public_key_t *public_key;
133
134 /**
135 * Subject Key Identifier
136 */
137 chunk_t subjectKeyID;
138
139 /**
140 * Authority Key Identifier
141 */
142 identification_t *authKeyIdentifier;
143
144 /**
145 * Authority Key Serial Number
146 */
147 chunk_t authKeySerialNumber;
148
149 /**
150 * x509 constraints and other flags
151 */
152 x509_flag_t flags;
153
154 /**
155 * Signature algorithm
156 */
157 int algorithm;
158
159 /**
160 * Signature
161 */
162 chunk_t signature;
163
164 /**
165 * reference count
166 */
167 refcount_t ref;
168 };
169
170 static u_char ASN1_sAN_oid_buf[] = {
171 0x06, 0x03, 0x55, 0x1D, 0x11
172 };
173 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
174
175 /**
176 * ASN.1 definition of a basicConstraints extension
177 */
178 static const asn1Object_t basicConstraintsObjects[] = {
179 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
180 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
181 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
182 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
183 { 0, "exit", ASN1_EOC, ASN1_EXIT }
184 };
185 #define BASIC_CONSTRAINTS_CA 1
186
187 /**
188 * Extracts the basicConstraints extension
189 */
190 static bool parse_basicConstraints(chunk_t blob, int level0)
191 {
192 asn1_parser_t *parser;
193 chunk_t object;
194 int objectID;
195 bool isCA = FALSE;
196
197 parser = asn1_parser_create(basicConstraintsObjects, blob);
198 parser->set_top_level(parser, level0);
199
200 while (parser->iterate(parser, &objectID, &object))
201 {
202 if (objectID == BASIC_CONSTRAINTS_CA)
203 {
204 isCA = object.len && *object.ptr;
205 DBG2(" %s", isCA ? "TRUE" : "FALSE");
206 }
207 }
208 parser->destroy(parser);
209
210 return isCA;
211 }
212
213 /**
214 * ASN.1 definition of otherName
215 */
216 static const asn1Object_t otherNameObjects[] = {
217 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
218 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY }, /* 1 */
219 {0, "exit", ASN1_EOC, ASN1_EXIT }
220 };
221 #define ON_OBJ_ID_TYPE 0
222 #define ON_OBJ_VALUE 1
223
224 /**
225 * Extracts an otherName
226 */
227 static bool parse_otherName(chunk_t blob, int level0)
228 {
229 asn1_parser_t *parser;
230 chunk_t object;
231 int objectID;
232 int oid = OID_UNKNOWN;
233 bool success = FALSE;
234
235 parser = asn1_parser_create(otherNameObjects, blob);
236 parser->set_top_level(parser, level0);
237
238 while (parser->iterate(parser, &objectID, &object))
239 {
240 switch (objectID)
241 {
242 case ON_OBJ_ID_TYPE:
243 oid = asn1_known_oid(object);
244 break;
245 case ON_OBJ_VALUE:
246 if (oid == OID_XMPP_ADDR)
247 {
248 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
249 parser->get_level(parser)+1, "xmppAddr"))
250 {
251 goto end;
252 }
253 }
254 break;
255 default:
256 break;
257 }
258 }
259 success = parser->success(parser);
260
261 end:
262 parser->destroy(parser);
263 return success;
264 }
265
266 /**
267 * ASN.1 definition of generalName
268 */
269 static const asn1Object_t generalNameObjects[] = {
270 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
271 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
272 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
273 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
274 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
275 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
276 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
277 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
278 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
279 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
280 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
281 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
282 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
283 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
284 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
285 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
286 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
287 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 17 */
288 { 0, "exit", ASN1_EOC, ASN1_EXIT }
289 };
290 #define GN_OBJ_OTHER_NAME 0
291 #define GN_OBJ_RFC822_NAME 2
292 #define GN_OBJ_DNS_NAME 4
293 #define GN_OBJ_X400_ADDRESS 6
294 #define GN_OBJ_DIRECTORY_NAME 8
295 #define GN_OBJ_EDI_PARTY_NAME 10
296 #define GN_OBJ_URI 12
297 #define GN_OBJ_IP_ADDRESS 14
298 #define GN_OBJ_REGISTERED_ID 16
299
300 /**
301 * Extracts a generalName
302 */
303 static identification_t *parse_generalName(chunk_t blob, int level0)
304 {
305 asn1_parser_t *parser;
306 chunk_t object;
307 int objectID ;
308
309 identification_t *gn = NULL;
310
311 parser = asn1_parser_create(generalNameObjects, blob);
312 parser->set_top_level(parser, level0);
313
314 while (parser->iterate(parser, &objectID, &object))
315 {
316 id_type_t id_type = ID_ANY;
317
318 switch (objectID)
319 {
320 case GN_OBJ_RFC822_NAME:
321 id_type = ID_RFC822_ADDR;
322 break;
323 case GN_OBJ_DNS_NAME:
324 id_type = ID_FQDN;
325 break;
326 case GN_OBJ_URI:
327 id_type = ID_DER_ASN1_GN_URI;
328 break;
329 case GN_OBJ_DIRECTORY_NAME:
330 id_type = ID_DER_ASN1_DN;
331 break;
332 case GN_OBJ_IP_ADDRESS:
333 id_type = ID_IPV4_ADDR;
334 break;
335 case GN_OBJ_OTHER_NAME:
336 if (!parse_otherName(object, parser->get_level(parser)+1))
337 {
338 goto end;
339 }
340 break;
341 case GN_OBJ_X400_ADDRESS:
342 case GN_OBJ_EDI_PARTY_NAME:
343 case GN_OBJ_REGISTERED_ID:
344 default:
345 break;
346 }
347 if (id_type != ID_ANY)
348 {
349 gn = identification_create_from_encoding(id_type, object);
350 DBG2(" '%D'", gn);
351 goto end;
352 }
353 }
354
355 end:
356 parser->destroy(parser);
357 return gn;
358 }
359
360 /**
361 * ASN.1 definition of generalNames
362 */
363 static const asn1Object_t generalNamesObjects[] = {
364 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
365 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
366 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
367 { 0, "exit", ASN1_EOC, ASN1_EXIT }
368 };
369 #define GENERAL_NAMES_GN 1
370
371 /**
372 * Extracts one or several GNs and puts them into a chained list
373 */
374 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
375 {
376 asn1_parser_t *parser;
377 chunk_t object;
378 int objectID;
379
380 parser = asn1_parser_create(generalNamesObjects, blob);
381 parser->set_top_level(parser, level0);
382 parser->set_flags(parser, implicit, FALSE);
383
384 while (parser->iterate(parser, &objectID, &object))
385 {
386 if (objectID == GENERAL_NAMES_GN)
387 {
388 identification_t *gn = parse_generalName(object,
389 parser->get_level(parser)+1);
390
391 if (gn)
392 {
393 list->insert_last(list, (void *)gn);
394 }
395 }
396 }
397 parser->destroy(parser);
398 }
399
400 /**
401 * ASN.1 definition of a authorityKeyIdentifier extension
402 */
403 static const asn1Object_t authKeyIdentifierObjects[] = {
404 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
405 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_BODY }, /* 1 */
406 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
407 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
408 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
409 { 1, "authorityCertSerialNumber", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
410 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
411 { 0, "exit", ASN1_EOC, ASN1_EXIT }
412 };
413 #define AUTH_KEY_ID_KEY_ID 1
414 #define AUTH_KEY_ID_CERT_ISSUER 3
415 #define AUTH_KEY_ID_CERT_SERIAL 5
416
417 /**
418 * Extracts an authoritykeyIdentifier
419 */
420 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
421 chunk_t *authKeySerialNumber)
422 {
423 asn1_parser_t *parser;
424 chunk_t object;
425 int objectID;
426 identification_t *authKeyIdentifier = NULL;
427
428 *authKeySerialNumber = chunk_empty;
429
430 parser = asn1_parser_create(authKeyIdentifierObjects, blob);
431 parser->set_top_level(parser, level0);
432
433 while (parser->iterate(parser, &objectID, &object))
434 {
435 switch (objectID)
436 {
437 case AUTH_KEY_ID_KEY_ID:
438 authKeyIdentifier = identification_create_from_encoding(
439 ID_PUBKEY_SHA1, object);
440 break;
441 case AUTH_KEY_ID_CERT_ISSUER:
442 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
443 break;
444 case AUTH_KEY_ID_CERT_SERIAL:
445 *authKeySerialNumber = object;
446 break;
447 default:
448 break;
449 }
450 }
451 parser->destroy(parser);
452 return authKeyIdentifier;
453 }
454
455 /**
456 * ASN.1 definition of a authorityInfoAccess extension
457 */
458 static const asn1Object_t authInfoAccessObjects[] = {
459 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
460 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
461 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
462 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
463 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
464 { 0, "exit", ASN1_EOC, ASN1_EXIT }
465 };
466 #define AUTH_INFO_ACCESS_METHOD 2
467 #define AUTH_INFO_ACCESS_LOCATION 3
468
469 /**
470 * Extracts an authorityInfoAcess location
471 */
472 static void parse_authorityInfoAccess(chunk_t blob, int level0,
473 private_x509_cert_t *this)
474 {
475 asn1_parser_t *parser;
476 chunk_t object;
477 int objectID;
478 int accessMethod = OID_UNKNOWN;
479
480 parser = asn1_parser_create(authInfoAccessObjects, blob);
481 parser->set_top_level(parser, level0);
482
483 while (parser->iterate(parser, &objectID, &object))
484 {
485 switch (objectID)
486 {
487 case AUTH_INFO_ACCESS_METHOD:
488 accessMethod = asn1_known_oid(object);
489 break;
490 case AUTH_INFO_ACCESS_LOCATION:
491 {
492 switch (accessMethod)
493 {
494 case OID_OCSP:
495 case OID_CA_ISSUERS:
496 {
497 identification_t *id;
498 char *uri;
499
500 id = parse_generalName(object,
501 parser->get_level(parser)+1);
502 if (id == NULL)
503 {
504 /* parsing went wrong - abort */
505 goto end;
506 }
507 DBG2(" '%D'", id);
508 if (accessMethod == OID_OCSP &&
509 asprintf(&uri, "%D", id) > 0)
510 {
511 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
512 }
513 id->destroy(id);
514 }
515 break;
516 default:
517 /* unkown accessMethod, ignoring */
518 break;
519 }
520 break;
521 }
522 default:
523 break;
524 }
525 }
526
527 end:
528 parser->destroy(parser);
529 }
530
531 /**
532 * ASN.1 definition of a extendedKeyUsage extension
533 */
534 static const asn1Object_t extendedKeyUsageObjects[] = {
535 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
536 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
537 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
538 { 0, "exit", ASN1_EOC, ASN1_EXIT }
539 };
540 #define EXT_KEY_USAGE_PURPOSE_ID 1
541
542 /**
543 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
544 */
545 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
546 {
547 asn1_parser_t *parser;
548 chunk_t object;
549 int objectID;
550 bool ocsp_signing = FALSE;
551
552 parser = asn1_parser_create(extendedKeyUsageObjects, blob);
553 parser->set_top_level(parser, level0);
554
555 while (parser->iterate(parser, &objectID, &object))
556 {
557 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
558 asn1_known_oid(object) == OID_OCSP_SIGNING)
559 {
560 ocsp_signing = TRUE;
561 }
562 }
563 parser->destroy(parser);
564 return ocsp_signing;
565 }
566
567 /**
568 * ASN.1 definition of crlDistributionPoints
569 */
570 static const asn1Object_t crlDistributionPointsObjects[] = {
571 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
572 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
573 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
574 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
575 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
576 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
577 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
578 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
579 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
580 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
581 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
582 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
583 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
584 { 0, "exit", ASN1_EOC, ASN1_EXIT }
585 };
586 #define CRL_DIST_POINTS_FULLNAME 3
587
588 /**
589 * Extracts one or several crlDistributionPoints into a list
590 */
591 static void parse_crlDistributionPoints(chunk_t blob, int level0,
592 private_x509_cert_t *this)
593 {
594 asn1_parser_t *parser;
595 chunk_t object;
596 int objectID;
597 linked_list_t *list = linked_list_create();
598
599 parser = asn1_parser_create(crlDistributionPointsObjects, blob);
600 parser->set_top_level(parser, level0);
601
602 while (parser->iterate(parser, &objectID, &object))
603 {
604 if (objectID == CRL_DIST_POINTS_FULLNAME)
605 {
606 identification_t *id;
607
608 /* append extracted generalNames to existing chained list */
609 x509_parse_generalNames(object, parser->get_level(parser)+1,
610 TRUE, list);
611
612 while (list->remove_last(list, (void**)&id) == SUCCESS)
613 {
614 char *uri;
615
616 if (asprintf(&uri, "%D", id) > 0)
617 {
618 this->crl_uris->insert_last(this->crl_uris, uri);
619 }
620 id->destroy(id);
621 }
622 }
623 }
624 parser->destroy(parser);
625 list->destroy(list);
626 }
627
628 /**
629 * ASN.1 definition of an X.509v3 x509_cert
630 */
631 static const asn1Object_t certObjects[] = {
632 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
633 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
634 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
635 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
636 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
637 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
638 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
639 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
640 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
641 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
642 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
643 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
644 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
645 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_BODY }, /* 13 */
646 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 14 */
647 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
648 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 16 */
649 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 17 */
650 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 18 */
651 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 29 */
652 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 20 */
653 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 21 */
654 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 22 */
655 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 23 */
656 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 24 */
657 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 25 */
658 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 26 */
659 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY }, /* 27 */
660 { 0, "exit", ASN1_EOC, ASN1_EXIT }
661 };
662 #define X509_OBJ_TBS_CERTIFICATE 1
663 #define X509_OBJ_VERSION 3
664 #define X509_OBJ_SERIAL_NUMBER 4
665 #define X509_OBJ_SIG_ALG 5
666 #define X509_OBJ_ISSUER 6
667 #define X509_OBJ_NOT_BEFORE 8
668 #define X509_OBJ_NOT_AFTER 9
669 #define X509_OBJ_SUBJECT 10
670 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
671 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
672 #define X509_OBJ_EXTN_ID 21
673 #define X509_OBJ_CRITICAL 22
674 #define X509_OBJ_EXTN_VALUE 23
675 #define X509_OBJ_ALGORITHM 26
676 #define X509_OBJ_SIGNATURE 27
677
678 /**
679 * Parses an X.509v3 certificate
680 */
681 static bool parse_certificate(private_x509_cert_t *this)
682 {
683 asn1_parser_t *parser;
684 chunk_t object;
685 int objectID;
686 int extn_oid = OID_UNKNOWN;
687 int key_alg = OID_UNKNOWN;
688 int sig_alg = OID_UNKNOWN;
689 bool success = FALSE;
690 bool critical;
691
692 parser = asn1_parser_create(certObjects, this->encoding);
693
694 while (parser->iterate(parser, &objectID, &object))
695 {
696 u_int level = parser->get_level(parser)+1;
697
698 switch (objectID)
699 {
700 case X509_OBJ_TBS_CERTIFICATE:
701 this->tbsCertificate = object;
702 break;
703 case X509_OBJ_VERSION:
704 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
705 DBG2(" v%d", this->version);
706 break;
707 case X509_OBJ_SERIAL_NUMBER:
708 this->serialNumber = object;
709 break;
710 case X509_OBJ_SIG_ALG:
711 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
712 break;
713 case X509_OBJ_ISSUER:
714 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
715 DBG2(" '%D'", this->issuer);
716 break;
717 case X509_OBJ_NOT_BEFORE:
718 this->notBefore = asn1_parse_time(object, level);
719 break;
720 case X509_OBJ_NOT_AFTER:
721 this->notAfter = asn1_parse_time(object, level);
722 break;
723 case X509_OBJ_SUBJECT:
724 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
725 DBG2(" '%D'", this->subject);
726 break;
727 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
728 key_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
729 break;
730 case X509_OBJ_SUBJECT_PUBLIC_KEY:
731 if (object.len > 0 && *object.ptr == 0x00)
732 {
733 /* skip initial bit string octet defining 0 unused bits */
734 object.ptr++;
735 object.len--;
736
737 switch (key_alg)
738 {
739 case OID_RSA_ENCRYPTION:
740 this->public_key = lib->creds->create(lib->creds,
741 CRED_PUBLIC_KEY, KEY_RSA,
742 BUILD_BLOB_ASN1_DER,
743 chunk_clone(object),
744 BUILD_END);
745 break;
746 default:
747 DBG1("parsing key type %d failed", key_alg);
748 goto end;
749 }
750 }
751 break;
752 case X509_OBJ_EXTN_ID:
753 extn_oid = asn1_known_oid(object);
754 break;
755 case X509_OBJ_CRITICAL:
756 critical = object.len && *object.ptr;
757 DBG2(" %s", critical ? "TRUE" : "FALSE");
758 break;
759 case X509_OBJ_EXTN_VALUE:
760 {
761 switch (extn_oid)
762 {
763 case OID_SUBJECT_KEY_ID:
764 if (!asn1_parse_simple_object(&object, ASN1_OCTET_STRING,
765 level, "keyIdentifier"))
766 {
767 goto end;
768 }
769 this->subjectKeyID = object;
770 break;
771 case OID_SUBJECT_ALT_NAME:
772 x509_parse_generalNames(object, level, FALSE,
773 this->subjectAltNames);
774 break;
775 case OID_BASIC_CONSTRAINTS:
776 if (parse_basicConstraints(object, level))
777 {
778 this->flags |= X509_CA;
779 }
780 break;
781 case OID_CRL_DISTRIBUTION_POINTS:
782 parse_crlDistributionPoints(object, level, this);
783 break;
784 case OID_AUTHORITY_KEY_ID:
785 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
786 level, &this->authKeySerialNumber);
787 break;
788 case OID_AUTHORITY_INFO_ACCESS:
789 parse_authorityInfoAccess(object, level, this);
790 break;
791 case OID_EXTENDED_KEY_USAGE:
792 if (parse_extendedKeyUsage(object, level))
793 {
794 this->flags |= X509_OCSP_SIGNER;
795 }
796 break;
797 case OID_NS_REVOCATION_URL:
798 case OID_NS_CA_REVOCATION_URL:
799 case OID_NS_CA_POLICY_URL:
800 case OID_NS_COMMENT:
801 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
802 level, oid_names[extn_oid].name))
803 {
804 goto end;
805 }
806 break;
807 default:
808 break;
809 }
810 break;
811 }
812 case X509_OBJ_ALGORITHM:
813 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
814 if (this->algorithm != sig_alg)
815 {
816 DBG1(" signature algorithms do not agree");
817 goto end;
818 }
819 break;
820 case X509_OBJ_SIGNATURE:
821 this->signature = object;
822 break;
823 default:
824 break;
825 }
826 }
827 success = parser->success(parser);
828
829 end:
830 parser->destroy(parser);
831 return success;
832 }
833
834 /**
835 * Implementation of certificate_t.get_type
836 */
837 static certificate_type_t get_type(private_x509_cert_t *this)
838 {
839 return CERT_X509;
840 }
841
842 /**
843 * Implementation of certificate_t.get_subject
844 */
845 static identification_t* get_subject(private_x509_cert_t *this)
846 {
847 return this->subject;
848 }
849
850 /**
851 * Implementation of certificate_t.get_issuer
852 */
853 static identification_t* get_issuer(private_x509_cert_t *this)
854 {
855 return this->issuer;
856 }
857
858 /**
859 * Implementation of certificate_t.has_subject.
860 */
861 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
862 {
863 identification_t *current;
864 enumerator_t *enumerator;
865 id_match_t match, best;
866
867 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_CERT_DER_SHA1 &&
868 chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
869 {
870 return ID_MATCH_PERFECT;
871 }
872
873 best = this->subject->matches(this->subject, subject);
874 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
875 while (enumerator->enumerate(enumerator, &current))
876 {
877 match = current->matches(current, subject);
878 if (match > best)
879 {
880 best = match;
881 }
882 }
883 enumerator->destroy(enumerator);
884 return best;
885 }
886
887 /**
888 * Implementation of certificate_t.has_subject.
889 */
890 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
891 {
892 /* issuerAltNames currently not supported */
893 return this->issuer->matches(this->issuer, issuer);
894 }
895
896 /**
897 * Implementation of certificate_t.issued_by
898 */
899 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
900 {
901 public_key_t *key;
902 signature_scheme_t scheme;
903 bool valid;
904 x509_t *x509 = (x509_t*)issuer;
905
906 if (&this->public.interface.interface == issuer)
907 {
908 if (this->flags & X509_SELF_SIGNED)
909 {
910 return TRUE;
911 }
912 }
913 else
914 {
915 if (issuer->get_type(issuer) != CERT_X509)
916 {
917 return FALSE;
918 }
919 if (!(x509->get_flags(x509) & X509_CA))
920 {
921 return FALSE;
922 }
923 }
924 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
925 {
926 return FALSE;
927 }
928 /* TODO: generic OID to scheme mapper? */
929 switch (this->algorithm)
930 {
931 case OID_MD5_WITH_RSA:
932 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
933 break;
934 case OID_SHA1_WITH_RSA:
935 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
936 break;
937 case OID_SHA256_WITH_RSA:
938 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
939 break;
940 case OID_SHA384_WITH_RSA:
941 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
942 break;
943 case OID_SHA512_WITH_RSA:
944 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
945 break;
946 default:
947 return FALSE;
948 }
949 key = issuer->get_public_key(issuer);
950 if (key == NULL)
951 {
952 return FALSE;
953 }
954 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
955 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
956 key->destroy(key);
957 return valid;
958 }
959
960 /**
961 * Implementation of certificate_t.get_public_key
962 */
963 static public_key_t* get_public_key(private_x509_cert_t *this)
964 {
965 this->public_key->get_ref(this->public_key);
966 return this->public_key;
967 }
968
969 /**
970 * Implementation of certificate_t.asdf
971 */
972 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
973 {
974 ref_get(&this->ref);
975 return this;
976 }
977
978 /**
979 * Implementation of x509_cert_t.get_flags.
980 */
981 static x509_flag_t get_flags(private_x509_cert_t *this)
982 {
983 return this->flags;
984 }
985
986 /**
987 * Implementation of x509_cert_t.get_validity.
988 */
989 static bool get_validity(private_x509_cert_t *this, time_t *when,
990 time_t *not_before, time_t *not_after)
991 {
992 time_t t;
993
994 if (when)
995 {
996 t = *when;
997 }
998 else
999 {
1000 t = time(NULL);
1001 }
1002 if (not_before)
1003 {
1004 *not_before = this->notBefore;
1005 }
1006 if (not_after)
1007 {
1008 *not_after = this->notAfter;
1009 }
1010 return (t >= this->notBefore && t <= this->notAfter);
1011 }
1012
1013 /**
1014 * Implementation of certificate_t.is_newer.
1015 */
1016 static bool is_newer(certificate_t *this, certificate_t *that)
1017 {
1018 time_t this_update, that_update, now = time(NULL);
1019 bool new;
1020
1021 this->get_validity(this, &now, &this_update, NULL);
1022 that->get_validity(that, &now, &that_update, NULL);
1023 new = this_update > that_update;
1024 DBG1(" certificate from %#T is %s - existing certificate from %#T %s",
1025 &this_update, FALSE, new ? "newer":"not newer",
1026 &that_update, FALSE, new ? "replaced":"retained");
1027 return new;
1028 }
1029
1030 /**
1031 * Implementation of certificate_t.get_encoding.
1032 */
1033 static chunk_t get_encoding(private_x509_cert_t *this)
1034 {
1035 return chunk_clone(this->encoding);
1036 }
1037
1038 /**
1039 * Implementation of certificate_t.equals.
1040 */
1041 static bool equals(private_x509_cert_t *this, certificate_t *other)
1042 {
1043 chunk_t encoding;
1044 bool equal;
1045
1046 if (this == (private_x509_cert_t*)other)
1047 {
1048 return TRUE;
1049 }
1050 if (other->get_type(other) != CERT_X509)
1051 {
1052 return FALSE;
1053 }
1054 if (other->equals == (void*)equals)
1055 { /* skip allocation if we have the same implementation */
1056 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1057 }
1058 encoding = other->get_encoding(other);
1059 equal = chunk_equals(this->encoding, encoding);
1060 free(encoding.ptr);
1061 return equal;
1062 }
1063
1064 /**
1065 * Implementation of x509_t.get_serial.
1066 */
1067 static chunk_t get_serial(private_x509_cert_t *this)
1068 {
1069 return this->serialNumber;
1070 }
1071
1072 /**
1073 * Implementation of x509_t.get_authKeyIdentifier.
1074 */
1075 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1076 {
1077 return this->authKeyIdentifier;
1078 }
1079
1080 /**
1081 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1082 */
1083 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1084 {
1085 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1086 }
1087
1088 /**
1089 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1090 */
1091 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1092 {
1093 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1094 }
1095
1096 /**
1097 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1098 */
1099 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1100 {
1101 return this->crl_uris->create_enumerator(this->crl_uris);
1102 }
1103
1104 /**
1105 * Implementation of certificate_t.asdf
1106 */
1107 static void destroy(private_x509_cert_t *this)
1108 {
1109 if (ref_put(&this->ref))
1110 {
1111 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1112 offsetof(identification_t, destroy));
1113 this->crl_uris->destroy_function(this->crl_uris, free);
1114 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1115 DESTROY_IF(this->issuer);
1116 DESTROY_IF(this->subject);
1117 DESTROY_IF(this->public_key);
1118 DESTROY_IF(this->authKeyIdentifier);
1119 chunk_free(&this->encoding);
1120 chunk_free(&this->encoding_hash);
1121 free(this);
1122 }
1123 }
1124
1125 /**
1126 * create an empty but initialized X.509 certificate
1127 */
1128 static private_x509_cert_t* create_empty(void)
1129 {
1130 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1131
1132 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1133 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1134 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1135 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1136 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1137 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
1138 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1139 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1140 this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
1141 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1142 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1143 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1144 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1145 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1146 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1147 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1148 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1149 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1150 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1151
1152 this->encoding = chunk_empty;
1153 this->encoding_hash = chunk_empty;
1154 this->public_key = NULL;
1155 this->subject = NULL;
1156 this->issuer = NULL;
1157 this->subjectAltNames = linked_list_create();
1158 this->crl_uris = linked_list_create();
1159 this->ocsp_uris = linked_list_create();
1160 this->subjectKeyID = chunk_empty;
1161 this->authKeyIdentifier = NULL;
1162 this->authKeySerialNumber = chunk_empty;
1163 this->flags = 0;
1164 this->ref = 1;
1165
1166 return this;
1167 }
1168
1169 /**
1170 * create an X.509 certificate from a chunk
1171 */
1172 static private_x509_cert_t *create_from_chunk(chunk_t chunk)
1173 {
1174 private_x509_cert_t *this = create_empty();
1175
1176 this->encoding = chunk;
1177 if (!parse_certificate(this))
1178 {
1179 destroy(this);
1180 return NULL;
1181 }
1182
1183 /* check if the certificate is self-signed */
1184 if (issued_by(this, &this->public.interface.interface))
1185 {
1186 this->flags |= X509_SELF_SIGNED;
1187 }
1188
1189 hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1190 if (hasher != NULL)
1191 {
1192 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1193 hasher->destroy(hasher);
1194 }
1195 else
1196 {
1197 DBG1(" unable to create hash of certificate, SHA1 not supported");
1198 }
1199
1200 return this;
1201 }
1202
1203 /**
1204 * create an X.509 certificate from a file
1205 */
1206 static private_x509_cert_t *create_from_file(char *path)
1207 {
1208 bool pgp = FALSE;
1209 chunk_t chunk;
1210 private_x509_cert_t *this;
1211
1212 if (!pem_asn1_load_file(path, NULL, &chunk, &pgp))
1213 {
1214 return NULL;
1215 }
1216
1217 this = create_from_chunk(chunk);
1218
1219 if (this == NULL)
1220 {
1221 DBG1(" could not parse loaded certificate file '%s'",path);
1222 return NULL;
1223 }
1224 DBG1(" loaded certificate file '%s'", path);
1225 return this;
1226
1227 }
1228
1229 typedef struct private_builder_t private_builder_t;
1230 /**
1231 * Builder implementation for certificate loading
1232 */
1233 struct private_builder_t {
1234 /** implements the builder interface */
1235 builder_t public;
1236 /** loaded certificate */
1237 private_x509_cert_t *cert;
1238 /** additional flags to enforce */
1239 x509_flag_t flags;
1240 };
1241
1242 /**
1243 * Implementation of builder_t.build
1244 */
1245 static private_x509_cert_t *build(private_builder_t *this)
1246 {
1247 private_x509_cert_t *cert = this->cert;
1248 x509_flag_t flags = this->flags;
1249
1250 free(this);
1251 if (cert == NULL)
1252 {
1253 return NULL;
1254 }
1255 if ((flags & X509_CA) && !(cert->flags & X509_CA))
1256 {
1257 DBG1(" ca certificate must have ca basic constraint set, discarded");
1258 destroy(cert);
1259 return NULL;
1260 }
1261 cert->flags |= flags;
1262 return cert;
1263 }
1264
1265 /**
1266 * Implementation of builder_t.add
1267 */
1268 static void add(private_builder_t *this, builder_part_t part, ...)
1269 {
1270 va_list args;
1271
1272 va_start(args, part);
1273 switch (part)
1274 {
1275 case BUILD_FROM_FILE:
1276 this->cert = create_from_file(va_arg(args, char*));
1277 break;
1278 case BUILD_BLOB_ASN1_DER:
1279 this->cert = create_from_chunk(va_arg(args, chunk_t));
1280 break;
1281 case BUILD_X509_FLAG:
1282 this->flags = va_arg(args, x509_flag_t);
1283 break;
1284 default:
1285 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1286 break;
1287 }
1288 va_end(args);
1289 }
1290
1291 /**
1292 * Builder construction function
1293 */
1294 builder_t *x509_cert_builder(certificate_type_t type)
1295 {
1296 private_builder_t *this;
1297
1298 if (type != CERT_X509)
1299 {
1300 return NULL;
1301 }
1302
1303 this = malloc_thing(private_builder_t);
1304
1305 this->cert = NULL;
1306 this->flags = 0;
1307 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1308 this->public.build = (void*(*)(builder_t *this))build;
1309
1310 return &this->public;
1311 }
1312