check if parsing of the RSA public key in an X.509 certificate was successful
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 *
20 * $Id$
21 */
22
23 #define _GNU_SOURCE
24
25 #include "x509_cert.h"
26
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <stdio.h>
31
32 #include <library.h>
33 #include <debug.h>
34 #include <asn1/oid.h>
35 #include <asn1/asn1.h>
36 #include <asn1/asn1_parser.h>
37 #include <asn1/pem.h>
38 #include <crypto/hashers/hasher.h>
39 #include <utils/linked_list.h>
40 #include <utils/identification.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List ocspAccessLocations as identification_t
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * certificates embedded public key
131 */
132 public_key_t *public_key;
133
134 /**
135 * Subject Key Identifier
136 */
137 chunk_t subjectKeyID;
138
139 /**
140 * Authority Key Identifier
141 */
142 identification_t *authKeyIdentifier;
143
144 /**
145 * Authority Key Serial Number
146 */
147 chunk_t authKeySerialNumber;
148
149 /**
150 * x509 constraints and other flags
151 */
152 x509_flag_t flags;
153
154 /**
155 * Signature algorithm
156 */
157 int algorithm;
158
159 /**
160 * Signature
161 */
162 chunk_t signature;
163
164 /**
165 * reference count
166 */
167 refcount_t ref;
168 };
169
170 static u_char ASN1_sAN_oid_buf[] = {
171 0x06, 0x03, 0x55, 0x1D, 0x11
172 };
173 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
174
175 /**
176 * ASN.1 definition of a basicConstraints extension
177 */
178 static const asn1Object_t basicConstraintsObjects[] = {
179 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
180 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
181 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
182 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 3 */
183 { 0, "exit", ASN1_EOC, ASN1_EXIT }
184 };
185 #define BASIC_CONSTRAINTS_CA 1
186
187 /**
188 * Extracts the basicConstraints extension
189 */
190 static bool parse_basicConstraints(chunk_t blob, int level0)
191 {
192 asn1_parser_t *parser;
193 chunk_t object;
194 int objectID;
195 bool isCA = FALSE;
196
197 parser = asn1_parser_create(basicConstraintsObjects, blob);
198 parser->set_top_level(parser, level0);
199
200 while (parser->iterate(parser, &objectID, &object))
201 {
202 if (objectID == BASIC_CONSTRAINTS_CA)
203 {
204 isCA = object.len && *object.ptr;
205 DBG2(" %s", isCA ? "TRUE" : "FALSE");
206 }
207 }
208 parser->destroy(parser);
209
210 return isCA;
211 }
212
213 /**
214 * ASN.1 definition of otherName
215 */
216 static const asn1Object_t otherNameObjects[] = {
217 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
218 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY }, /* 1 */
219 {0, "exit", ASN1_EOC, ASN1_EXIT }
220 };
221 #define ON_OBJ_ID_TYPE 0
222 #define ON_OBJ_VALUE 1
223
224 /**
225 * Extracts an otherName
226 */
227 static bool parse_otherName(chunk_t blob, int level0)
228 {
229 asn1_parser_t *parser;
230 chunk_t object;
231 int objectID;
232 int oid = OID_UNKNOWN;
233 bool success = FALSE;
234
235 parser = asn1_parser_create(otherNameObjects, blob);
236 parser->set_top_level(parser, level0);
237
238 while (parser->iterate(parser, &objectID, &object))
239 {
240 switch (objectID)
241 {
242 case ON_OBJ_ID_TYPE:
243 oid = asn1_known_oid(object);
244 break;
245 case ON_OBJ_VALUE:
246 if (oid == OID_XMPP_ADDR)
247 {
248 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
249 parser->get_level(parser)+1, "xmppAddr"))
250 {
251 goto end;
252 }
253 }
254 break;
255 default:
256 break;
257 }
258 }
259 success = parser->success(parser);
260
261 end:
262 parser->destroy(parser);
263 return success;
264 }
265
266 /**
267 * ASN.1 definition of generalName
268 */
269 static const asn1Object_t generalNameObjects[] = {
270 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
271 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
272 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
273 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
274 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
275 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
276 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
277 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
278 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
279 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
280 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
281 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
282 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
283 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
284 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
285 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
286 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
287 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 17 */
288 { 0, "exit", ASN1_EOC, ASN1_EXIT }
289 };
290 #define GN_OBJ_OTHER_NAME 0
291 #define GN_OBJ_RFC822_NAME 2
292 #define GN_OBJ_DNS_NAME 4
293 #define GN_OBJ_X400_ADDRESS 6
294 #define GN_OBJ_DIRECTORY_NAME 8
295 #define GN_OBJ_EDI_PARTY_NAME 10
296 #define GN_OBJ_URI 12
297 #define GN_OBJ_IP_ADDRESS 14
298 #define GN_OBJ_REGISTERED_ID 16
299
300 /**
301 * Extracts a generalName
302 */
303 static identification_t *parse_generalName(chunk_t blob, int level0)
304 {
305 asn1_parser_t *parser;
306 chunk_t object;
307 int objectID ;
308
309 identification_t *gn = NULL;
310
311 parser = asn1_parser_create(generalNameObjects, blob);
312 parser->set_top_level(parser, level0);
313
314 while (parser->iterate(parser, &objectID, &object))
315 {
316 id_type_t id_type = ID_ANY;
317
318 switch (objectID)
319 {
320 case GN_OBJ_RFC822_NAME:
321 id_type = ID_RFC822_ADDR;
322 break;
323 case GN_OBJ_DNS_NAME:
324 id_type = ID_FQDN;
325 break;
326 case GN_OBJ_URI:
327 id_type = ID_DER_ASN1_GN_URI;
328 break;
329 case GN_OBJ_DIRECTORY_NAME:
330 id_type = ID_DER_ASN1_DN;
331 break;
332 case GN_OBJ_IP_ADDRESS:
333 id_type = ID_IPV4_ADDR;
334 break;
335 case GN_OBJ_OTHER_NAME:
336 if (!parse_otherName(object, parser->get_level(parser)+1))
337 {
338 goto end;
339 }
340 break;
341 case GN_OBJ_X400_ADDRESS:
342 case GN_OBJ_EDI_PARTY_NAME:
343 case GN_OBJ_REGISTERED_ID:
344 default:
345 break;
346 }
347 if (id_type != ID_ANY)
348 {
349 gn = identification_create_from_encoding(id_type, object);
350 DBG2(" '%D'", gn);
351 goto end;
352 }
353 }
354
355 end:
356 parser->destroy(parser);
357 return gn;
358 }
359
360 /**
361 * ASN.1 definition of generalNames
362 */
363 static const asn1Object_t generalNamesObjects[] = {
364 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
365 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
366 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
367 { 0, "exit", ASN1_EOC, ASN1_EXIT }
368 };
369 #define GENERAL_NAMES_GN 1
370
371 /**
372 * Extracts one or several GNs and puts them into a chained list
373 */
374 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
375 {
376 asn1_parser_t *parser;
377 chunk_t object;
378 int objectID;
379
380 parser = asn1_parser_create(generalNamesObjects, blob);
381 parser->set_top_level(parser, level0);
382 parser->set_flags(parser, implicit, FALSE);
383
384 while (parser->iterate(parser, &objectID, &object))
385 {
386 if (objectID == GENERAL_NAMES_GN)
387 {
388 identification_t *gn = parse_generalName(object,
389 parser->get_level(parser)+1);
390
391 if (gn)
392 {
393 list->insert_last(list, (void *)gn);
394 }
395 }
396 }
397 parser->destroy(parser);
398 }
399
400 /**
401 * ASN.1 definition of a authorityKeyIdentifier extension
402 */
403 static const asn1Object_t authKeyIdentifierObjects[] = {
404 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
405 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_BODY }, /* 1 */
406 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
407 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
408 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
409 { 1, "authorityCertSerialNumber", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
410 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
411 { 0, "exit", ASN1_EOC, ASN1_EXIT }
412 };
413 #define AUTH_KEY_ID_KEY_ID 1
414 #define AUTH_KEY_ID_CERT_ISSUER 3
415 #define AUTH_KEY_ID_CERT_SERIAL 5
416
417 /**
418 * Extracts an authoritykeyIdentifier
419 */
420 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
421 chunk_t *authKeySerialNumber)
422 {
423 asn1_parser_t *parser;
424 chunk_t object;
425 int objectID;
426 identification_t *authKeyIdentifier = NULL;
427
428 *authKeySerialNumber = chunk_empty;
429
430 parser = asn1_parser_create(authKeyIdentifierObjects, blob);
431 parser->set_top_level(parser, level0);
432
433 while (parser->iterate(parser, &objectID, &object))
434 {
435 switch (objectID)
436 {
437 case AUTH_KEY_ID_KEY_ID:
438 authKeyIdentifier = identification_create_from_encoding(
439 ID_PUBKEY_SHA1, object);
440 break;
441 case AUTH_KEY_ID_CERT_ISSUER:
442 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
443 break;
444 case AUTH_KEY_ID_CERT_SERIAL:
445 *authKeySerialNumber = object;
446 break;
447 default:
448 break;
449 }
450 }
451 parser->destroy(parser);
452 return authKeyIdentifier;
453 }
454
455 /**
456 * ASN.1 definition of a authorityInfoAccess extension
457 */
458 static const asn1Object_t authInfoAccessObjects[] = {
459 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
460 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
461 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
462 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
463 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 4 */
464 { 0, "exit", ASN1_EOC, ASN1_EXIT }
465 };
466 #define AUTH_INFO_ACCESS_METHOD 2
467 #define AUTH_INFO_ACCESS_LOCATION 3
468
469 /**
470 * Extracts an authorityInfoAcess location
471 */
472 static void parse_authorityInfoAccess(chunk_t blob, int level0,
473 private_x509_cert_t *this)
474 {
475 asn1_parser_t *parser;
476 chunk_t object;
477 int objectID;
478 int accessMethod = OID_UNKNOWN;
479
480 parser = asn1_parser_create(authInfoAccessObjects, blob);
481 parser->set_top_level(parser, level0);
482
483 while (parser->iterate(parser, &objectID, &object))
484 {
485 switch (objectID)
486 {
487 case AUTH_INFO_ACCESS_METHOD:
488 accessMethod = asn1_known_oid(object);
489 break;
490 case AUTH_INFO_ACCESS_LOCATION:
491 {
492 switch (accessMethod)
493 {
494 case OID_OCSP:
495 case OID_CA_ISSUERS:
496 {
497 identification_t *id;
498 char *uri;
499
500 id = parse_generalName(object,
501 parser->get_level(parser)+1);
502 if (id == NULL)
503 {
504 /* parsing went wrong - abort */
505 goto end;
506 }
507 DBG2(" '%D'", id);
508 if (accessMethod == OID_OCSP &&
509 asprintf(&uri, "%D", id) > 0)
510 {
511 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
512 }
513 id->destroy(id);
514 }
515 break;
516 default:
517 /* unkown accessMethod, ignoring */
518 break;
519 }
520 break;
521 }
522 default:
523 break;
524 }
525 }
526
527 end:
528 parser->destroy(parser);
529 }
530
531 /**
532 * ASN.1 definition of a extendedKeyUsage extension
533 */
534 static const asn1Object_t extendedKeyUsageObjects[] = {
535 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
536 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
537 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
538 { 0, "exit", ASN1_EOC, ASN1_EXIT }
539 };
540 #define EXT_KEY_USAGE_PURPOSE_ID 1
541
542 /**
543 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
544 */
545 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
546 {
547 asn1_parser_t *parser;
548 chunk_t object;
549 int objectID;
550 bool ocsp_signing = FALSE;
551
552 parser = asn1_parser_create(extendedKeyUsageObjects, blob);
553 parser->set_top_level(parser, level0);
554
555 while (parser->iterate(parser, &objectID, &object))
556 {
557 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
558 asn1_known_oid(object) == OID_OCSP_SIGNING)
559 {
560 ocsp_signing = TRUE;
561 }
562 }
563 parser->destroy(parser);
564 return ocsp_signing;
565 }
566
567 /**
568 * ASN.1 definition of crlDistributionPoints
569 */
570 static const asn1Object_t crlDistributionPointsObjects[] = {
571 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
572 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
573 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
574 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
575 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
576 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
577 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
578 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
579 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
580 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
581 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
582 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
583 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
584 { 0, "exit", ASN1_EOC, ASN1_EXIT }
585 };
586 #define CRL_DIST_POINTS_FULLNAME 3
587
588 /**
589 * Extracts one or several crlDistributionPoints into a list
590 */
591 static void parse_crlDistributionPoints(chunk_t blob, int level0,
592 private_x509_cert_t *this)
593 {
594 asn1_parser_t *parser;
595 chunk_t object;
596 int objectID;
597 linked_list_t *list = linked_list_create();
598
599 parser = asn1_parser_create(crlDistributionPointsObjects, blob);
600 parser->set_top_level(parser, level0);
601
602 while (parser->iterate(parser, &objectID, &object))
603 {
604 if (objectID == CRL_DIST_POINTS_FULLNAME)
605 {
606 identification_t *id;
607
608 /* append extracted generalNames to existing chained list */
609 x509_parse_generalNames(object, parser->get_level(parser)+1,
610 TRUE, list);
611
612 while (list->remove_last(list, (void**)&id) == SUCCESS)
613 {
614 char *uri;
615
616 if (asprintf(&uri, "%D", id) > 0)
617 {
618 this->crl_uris->insert_last(this->crl_uris, uri);
619 }
620 id->destroy(id);
621 }
622 }
623 }
624 parser->destroy(parser);
625 list->destroy(list);
626 }
627
628 /**
629 * ASN.1 definition of an X.509v3 x509_cert
630 */
631 static const asn1Object_t certObjects[] = {
632 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
633 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
634 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
635 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
636 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
637 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
638 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
639 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
640 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
641 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
642 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
643 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
644 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
645 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_BODY }, /* 13 */
646 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 14 */
647 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
648 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 16 */
649 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 17 */
650 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 18 */
651 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 29 */
652 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 20 */
653 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 21 */
654 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 22 */
655 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 23 */
656 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 24 */
657 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 25 */
658 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 26 */
659 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY }, /* 27 */
660 { 0, "exit", ASN1_EOC, ASN1_EXIT }
661 };
662 #define X509_OBJ_TBS_CERTIFICATE 1
663 #define X509_OBJ_VERSION 3
664 #define X509_OBJ_SERIAL_NUMBER 4
665 #define X509_OBJ_SIG_ALG 5
666 #define X509_OBJ_ISSUER 6
667 #define X509_OBJ_NOT_BEFORE 8
668 #define X509_OBJ_NOT_AFTER 9
669 #define X509_OBJ_SUBJECT 10
670 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
671 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
672 #define X509_OBJ_EXTN_ID 21
673 #define X509_OBJ_CRITICAL 22
674 #define X509_OBJ_EXTN_VALUE 23
675 #define X509_OBJ_ALGORITHM 26
676 #define X509_OBJ_SIGNATURE 27
677
678 /**
679 * Parses an X.509v3 certificate
680 */
681 static bool parse_certificate(private_x509_cert_t *this)
682 {
683 asn1_parser_t *parser;
684 chunk_t object;
685 int objectID;
686 int extn_oid = OID_UNKNOWN;
687 int key_alg = OID_UNKNOWN;
688 int sig_alg = OID_UNKNOWN;
689 bool success = FALSE;
690 bool critical;
691
692 parser = asn1_parser_create(certObjects, this->encoding);
693
694 while (parser->iterate(parser, &objectID, &object))
695 {
696 u_int level = parser->get_level(parser)+1;
697
698 switch (objectID)
699 {
700 case X509_OBJ_TBS_CERTIFICATE:
701 this->tbsCertificate = object;
702 break;
703 case X509_OBJ_VERSION:
704 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
705 DBG2(" v%d", this->version);
706 break;
707 case X509_OBJ_SERIAL_NUMBER:
708 this->serialNumber = object;
709 break;
710 case X509_OBJ_SIG_ALG:
711 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
712 break;
713 case X509_OBJ_ISSUER:
714 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
715 DBG2(" '%D'", this->issuer);
716 break;
717 case X509_OBJ_NOT_BEFORE:
718 this->notBefore = asn1_parse_time(object, level);
719 break;
720 case X509_OBJ_NOT_AFTER:
721 this->notAfter = asn1_parse_time(object, level);
722 break;
723 case X509_OBJ_SUBJECT:
724 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
725 DBG2(" '%D'", this->subject);
726 break;
727 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
728 key_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
729 break;
730 case X509_OBJ_SUBJECT_PUBLIC_KEY:
731 if (object.len > 0 && *object.ptr == 0x00)
732 {
733 /* skip initial bit string octet defining 0 unused bits */
734 object = chunk_skip(object, 1);
735 }
736 switch (key_alg)
737 {
738 case OID_RSA_ENCRYPTION:
739 this->public_key = lib->creds->create(lib->creds,
740 CRED_PUBLIC_KEY, KEY_RSA,
741 BUILD_BLOB_ASN1_DER, chunk_clone(object),
742 BUILD_END);
743 if (this->public_key == NULL)
744 {
745 DBG1("could not create RSA public key");
746 goto end;
747 }
748 break;
749 default:
750 DBG1("parsing key type %d failed", key_alg);
751 goto end;
752 }
753 break;
754 case X509_OBJ_EXTN_ID:
755 extn_oid = asn1_known_oid(object);
756 break;
757 case X509_OBJ_CRITICAL:
758 critical = object.len && *object.ptr;
759 DBG2(" %s", critical ? "TRUE" : "FALSE");
760 break;
761 case X509_OBJ_EXTN_VALUE:
762 {
763 switch (extn_oid)
764 {
765 case OID_SUBJECT_KEY_ID:
766 if (!asn1_parse_simple_object(&object, ASN1_OCTET_STRING,
767 level, "keyIdentifier"))
768 {
769 goto end;
770 }
771 this->subjectKeyID = object;
772 break;
773 case OID_SUBJECT_ALT_NAME:
774 x509_parse_generalNames(object, level, FALSE,
775 this->subjectAltNames);
776 break;
777 case OID_BASIC_CONSTRAINTS:
778 if (parse_basicConstraints(object, level))
779 {
780 this->flags |= X509_CA;
781 }
782 break;
783 case OID_CRL_DISTRIBUTION_POINTS:
784 parse_crlDistributionPoints(object, level, this);
785 break;
786 case OID_AUTHORITY_KEY_ID:
787 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
788 level, &this->authKeySerialNumber);
789 break;
790 case OID_AUTHORITY_INFO_ACCESS:
791 parse_authorityInfoAccess(object, level, this);
792 break;
793 case OID_EXTENDED_KEY_USAGE:
794 if (parse_extendedKeyUsage(object, level))
795 {
796 this->flags |= X509_OCSP_SIGNER;
797 }
798 break;
799 case OID_NS_REVOCATION_URL:
800 case OID_NS_CA_REVOCATION_URL:
801 case OID_NS_CA_POLICY_URL:
802 case OID_NS_COMMENT:
803 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
804 level, oid_names[extn_oid].name))
805 {
806 goto end;
807 }
808 break;
809 default:
810 break;
811 }
812 break;
813 }
814 case X509_OBJ_ALGORITHM:
815 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
816 if (this->algorithm != sig_alg)
817 {
818 DBG1(" signature algorithms do not agree");
819 goto end;
820 }
821 break;
822 case X509_OBJ_SIGNATURE:
823 this->signature = object;
824 break;
825 default:
826 break;
827 }
828 }
829 success = parser->success(parser);
830
831 end:
832 parser->destroy(parser);
833 return success;
834 }
835
836 /**
837 * Implementation of certificate_t.get_type
838 */
839 static certificate_type_t get_type(private_x509_cert_t *this)
840 {
841 return CERT_X509;
842 }
843
844 /**
845 * Implementation of certificate_t.get_subject
846 */
847 static identification_t* get_subject(private_x509_cert_t *this)
848 {
849 return this->subject;
850 }
851
852 /**
853 * Implementation of certificate_t.get_issuer
854 */
855 static identification_t* get_issuer(private_x509_cert_t *this)
856 {
857 return this->issuer;
858 }
859
860 /**
861 * Implementation of certificate_t.has_subject.
862 */
863 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
864 {
865 identification_t *current;
866 enumerator_t *enumerator;
867 id_match_t match, best;
868
869 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_CERT_DER_SHA1 &&
870 chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
871 {
872 return ID_MATCH_PERFECT;
873 }
874
875 best = this->subject->matches(this->subject, subject);
876 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
877 while (enumerator->enumerate(enumerator, &current))
878 {
879 match = current->matches(current, subject);
880 if (match > best)
881 {
882 best = match;
883 }
884 }
885 enumerator->destroy(enumerator);
886 return best;
887 }
888
889 /**
890 * Implementation of certificate_t.has_subject.
891 */
892 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
893 {
894 /* issuerAltNames currently not supported */
895 return this->issuer->matches(this->issuer, issuer);
896 }
897
898 /**
899 * Implementation of certificate_t.issued_by
900 */
901 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
902 {
903 public_key_t *key;
904 signature_scheme_t scheme;
905 bool valid;
906 x509_t *x509 = (x509_t*)issuer;
907
908 if (&this->public.interface.interface == issuer)
909 {
910 if (this->flags & X509_SELF_SIGNED)
911 {
912 return TRUE;
913 }
914 }
915 else
916 {
917 if (issuer->get_type(issuer) != CERT_X509)
918 {
919 return FALSE;
920 }
921 if (!(x509->get_flags(x509) & X509_CA))
922 {
923 return FALSE;
924 }
925 }
926 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
927 {
928 return FALSE;
929 }
930 /* TODO: generic OID to scheme mapper? */
931 switch (this->algorithm)
932 {
933 case OID_MD5_WITH_RSA:
934 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
935 break;
936 case OID_SHA1_WITH_RSA:
937 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
938 break;
939 case OID_SHA256_WITH_RSA:
940 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
941 break;
942 case OID_SHA384_WITH_RSA:
943 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
944 break;
945 case OID_SHA512_WITH_RSA:
946 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
947 break;
948 default:
949 return FALSE;
950 }
951 key = issuer->get_public_key(issuer);
952 if (key == NULL)
953 {
954 return FALSE;
955 }
956 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
957 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
958 key->destroy(key);
959 return valid;
960 }
961
962 /**
963 * Implementation of certificate_t.get_public_key
964 */
965 static public_key_t* get_public_key(private_x509_cert_t *this)
966 {
967 this->public_key->get_ref(this->public_key);
968 return this->public_key;
969 }
970
971 /**
972 * Implementation of certificate_t.asdf
973 */
974 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
975 {
976 ref_get(&this->ref);
977 return this;
978 }
979
980 /**
981 * Implementation of x509_cert_t.get_flags.
982 */
983 static x509_flag_t get_flags(private_x509_cert_t *this)
984 {
985 return this->flags;
986 }
987
988 /**
989 * Implementation of x509_cert_t.get_validity.
990 */
991 static bool get_validity(private_x509_cert_t *this, time_t *when,
992 time_t *not_before, time_t *not_after)
993 {
994 time_t t;
995
996 if (when)
997 {
998 t = *when;
999 }
1000 else
1001 {
1002 t = time(NULL);
1003 }
1004 if (not_before)
1005 {
1006 *not_before = this->notBefore;
1007 }
1008 if (not_after)
1009 {
1010 *not_after = this->notAfter;
1011 }
1012 return (t >= this->notBefore && t <= this->notAfter);
1013 }
1014
1015 /**
1016 * Implementation of certificate_t.is_newer.
1017 */
1018 static bool is_newer(certificate_t *this, certificate_t *that)
1019 {
1020 time_t this_update, that_update, now = time(NULL);
1021 bool new;
1022
1023 this->get_validity(this, &now, &this_update, NULL);
1024 that->get_validity(that, &now, &that_update, NULL);
1025 new = this_update > that_update;
1026 DBG1(" certificate from %#T is %s - existing certificate from %#T %s",
1027 &this_update, FALSE, new ? "newer":"not newer",
1028 &that_update, FALSE, new ? "replaced":"retained");
1029 return new;
1030 }
1031
1032 /**
1033 * Implementation of certificate_t.get_encoding.
1034 */
1035 static chunk_t get_encoding(private_x509_cert_t *this)
1036 {
1037 return chunk_clone(this->encoding);
1038 }
1039
1040 /**
1041 * Implementation of certificate_t.equals.
1042 */
1043 static bool equals(private_x509_cert_t *this, certificate_t *other)
1044 {
1045 chunk_t encoding;
1046 bool equal;
1047
1048 if (this == (private_x509_cert_t*)other)
1049 {
1050 return TRUE;
1051 }
1052 if (other->get_type(other) != CERT_X509)
1053 {
1054 return FALSE;
1055 }
1056 if (other->equals == (void*)equals)
1057 { /* skip allocation if we have the same implementation */
1058 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1059 }
1060 encoding = other->get_encoding(other);
1061 equal = chunk_equals(this->encoding, encoding);
1062 free(encoding.ptr);
1063 return equal;
1064 }
1065
1066 /**
1067 * Implementation of x509_t.get_serial.
1068 */
1069 static chunk_t get_serial(private_x509_cert_t *this)
1070 {
1071 return this->serialNumber;
1072 }
1073
1074 /**
1075 * Implementation of x509_t.get_authKeyIdentifier.
1076 */
1077 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1078 {
1079 return this->authKeyIdentifier;
1080 }
1081
1082 /**
1083 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1084 */
1085 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1086 {
1087 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1088 }
1089
1090 /**
1091 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1092 */
1093 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1094 {
1095 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1096 }
1097
1098 /**
1099 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1100 */
1101 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1102 {
1103 return this->crl_uris->create_enumerator(this->crl_uris);
1104 }
1105
1106 /**
1107 * Implementation of certificate_t.asdf
1108 */
1109 static void destroy(private_x509_cert_t *this)
1110 {
1111 if (ref_put(&this->ref))
1112 {
1113 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1114 offsetof(identification_t, destroy));
1115 this->crl_uris->destroy_function(this->crl_uris, free);
1116 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1117 DESTROY_IF(this->issuer);
1118 DESTROY_IF(this->subject);
1119 DESTROY_IF(this->public_key);
1120 DESTROY_IF(this->authKeyIdentifier);
1121 chunk_free(&this->encoding);
1122 chunk_free(&this->encoding_hash);
1123 free(this);
1124 }
1125 }
1126
1127 /**
1128 * create an empty but initialized X.509 certificate
1129 */
1130 static private_x509_cert_t* create_empty(void)
1131 {
1132 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1133
1134 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1135 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1136 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1137 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1138 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1139 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
1140 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1141 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1142 this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
1143 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1144 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1145 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1146 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1147 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1148 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1149 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1150 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1151 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1152 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1153
1154 this->encoding = chunk_empty;
1155 this->encoding_hash = chunk_empty;
1156 this->public_key = NULL;
1157 this->subject = NULL;
1158 this->issuer = NULL;
1159 this->subjectAltNames = linked_list_create();
1160 this->crl_uris = linked_list_create();
1161 this->ocsp_uris = linked_list_create();
1162 this->subjectKeyID = chunk_empty;
1163 this->authKeyIdentifier = NULL;
1164 this->authKeySerialNumber = chunk_empty;
1165 this->flags = 0;
1166 this->ref = 1;
1167
1168 return this;
1169 }
1170
1171 /**
1172 * create an X.509 certificate from a chunk
1173 */
1174 static private_x509_cert_t *create_from_chunk(chunk_t chunk)
1175 {
1176 private_x509_cert_t *this = create_empty();
1177
1178 this->encoding = chunk;
1179 if (!parse_certificate(this))
1180 {
1181 destroy(this);
1182 return NULL;
1183 }
1184
1185 /* check if the certificate is self-signed */
1186 if (issued_by(this, &this->public.interface.interface))
1187 {
1188 this->flags |= X509_SELF_SIGNED;
1189 }
1190
1191 hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1192 if (hasher != NULL)
1193 {
1194 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1195 hasher->destroy(hasher);
1196 }
1197 else
1198 {
1199 DBG1(" unable to create hash of certificate, SHA1 not supported");
1200 }
1201
1202 return this;
1203 }
1204
1205 /**
1206 * create an X.509 certificate from a file
1207 */
1208 static private_x509_cert_t *create_from_file(char *path)
1209 {
1210 bool pgp = FALSE;
1211 chunk_t chunk;
1212 private_x509_cert_t *this;
1213
1214 if (!pem_asn1_load_file(path, NULL, &chunk, &pgp))
1215 {
1216 return NULL;
1217 }
1218
1219 this = create_from_chunk(chunk);
1220
1221 if (this == NULL)
1222 {
1223 DBG1(" could not parse loaded certificate file '%s'",path);
1224 return NULL;
1225 }
1226 DBG1(" loaded certificate file '%s'", path);
1227 return this;
1228
1229 }
1230
1231 typedef struct private_builder_t private_builder_t;
1232 /**
1233 * Builder implementation for certificate loading
1234 */
1235 struct private_builder_t {
1236 /** implements the builder interface */
1237 builder_t public;
1238 /** loaded certificate */
1239 private_x509_cert_t *cert;
1240 /** additional flags to enforce */
1241 x509_flag_t flags;
1242 };
1243
1244 /**
1245 * Implementation of builder_t.build
1246 */
1247 static private_x509_cert_t *build(private_builder_t *this)
1248 {
1249 private_x509_cert_t *cert = this->cert;
1250 x509_flag_t flags = this->flags;
1251
1252 free(this);
1253 if (cert == NULL)
1254 {
1255 return NULL;
1256 }
1257 if ((flags & X509_CA) && !(cert->flags & X509_CA))
1258 {
1259 DBG1(" ca certificate must have ca basic constraint set, discarded");
1260 destroy(cert);
1261 return NULL;
1262 }
1263 cert->flags |= flags;
1264 return cert;
1265 }
1266
1267 /**
1268 * Implementation of builder_t.add
1269 */
1270 static void add(private_builder_t *this, builder_part_t part, ...)
1271 {
1272 va_list args;
1273
1274 va_start(args, part);
1275 switch (part)
1276 {
1277 case BUILD_FROM_FILE:
1278 this->cert = create_from_file(va_arg(args, char*));
1279 break;
1280 case BUILD_BLOB_ASN1_DER:
1281 this->cert = create_from_chunk(va_arg(args, chunk_t));
1282 break;
1283 case BUILD_X509_FLAG:
1284 this->flags = va_arg(args, x509_flag_t);
1285 break;
1286 default:
1287 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1288 break;
1289 }
1290 va_end(args);
1291 }
1292
1293 /**
1294 * Builder construction function
1295 */
1296 builder_t *x509_cert_builder(certificate_type_t type)
1297 {
1298 private_builder_t *this;
1299
1300 if (type != CERT_X509)
1301 {
1302 return NULL;
1303 }
1304
1305 this = malloc_thing(private_builder_t);
1306
1307 this->cert = NULL;
1308 this->flags = 0;
1309 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1310 this->public.build = (void*(*)(builder_t *this))build;
1311
1312 return &this->public;
1313 }
1314