support for hash and URL encoded certificate payloads in charon
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 *
20 * $Id$
21 */
22
23 #define _GNU_SOURCE
24
25 #include "x509_cert.h"
26
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <stdio.h>
31
32 #include <crypto/hashers/hasher.h>
33 #include <library.h>
34 #include <debug.h>
35 #include <asn1/oid.h>
36 #include <asn1/asn1.h>
37 #include <asn1/pem.h>
38 #include <utils/linked_list.h>
39 #include <utils/identification.h>
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum {
45 GN_OTHER_NAME = 0,
46 GN_RFC822_NAME = 1,
47 GN_DNS_NAME = 2,
48 GN_X400_ADDRESS = 3,
49 GN_DIRECTORY_NAME = 4,
50 GN_EDI_PARTY_NAME = 5,
51 GN_URI = 6,
52 GN_IP_ADDRESS = 7,
53 GN_REGISTERED_ID = 8,
54 } generalNames_t;
55
56
57 typedef struct private_x509_cert_t private_x509_cert_t;
58
59 /**
60 * Private data of a x509_cert_t object.
61 */
62 struct private_x509_cert_t {
63 /**
64 * Public interface for this certificate.
65 */
66 x509_cert_t public;
67
68 /**
69 * X.509 certificate encoding in ASN.1 DER format
70 */
71 chunk_t encoding;
72
73 /**
74 * SHA1 hash of the DER encoding of this X.509 certificate
75 */
76 chunk_t encoding_hash;
77
78 /**
79 * X.509 certificate body over which signature is computed
80 */
81 chunk_t tbsCertificate;
82
83 /**
84 * Version of the X.509 certificate
85 */
86 u_int version;
87
88 /**
89 * Serial number of the X.509 certificate
90 */
91 chunk_t serialNumber;
92
93 /**
94 * ID representing the certificate issuer
95 */
96 identification_t *issuer;
97
98 /**
99 * Start time of certificate validity
100 */
101 time_t notBefore;
102
103 /**
104 * End time of certificate validity
105 */
106 time_t notAfter;
107
108 /**
109 * ID representing the certificate subject
110 */
111 identification_t *subject;
112
113 /**
114 * List of subjectAltNames as identification_t
115 */
116 linked_list_t *subjectAltNames;
117
118 /**
119 * List of crlDistributionPoints as allocated char*
120 */
121 linked_list_t *crl_uris;
122
123 /**
124 * List ocspAccessLocations as identification_t
125 */
126 linked_list_t *ocsp_uris;
127
128 /**
129 * certificates embedded public key
130 */
131 public_key_t *public_key;
132
133 /**
134 * Subject Key Identifier
135 */
136 chunk_t subjectKeyID;
137
138 /**
139 * Authority Key Identifier
140 */
141 identification_t *authKeyIdentifier;
142
143 /**
144 * Authority Key Serial Number
145 */
146 chunk_t authKeySerialNumber;
147
148 /**
149 * x509 constraints and other flags
150 */
151 x509_flag_t flags;
152
153 /**
154 * Signature algorithm
155 */
156 int algorithm;
157
158 /**
159 * Signature
160 */
161 chunk_t signature;
162
163 /**
164 * reference count
165 */
166 refcount_t ref;
167 };
168
169 /**
170 * ASN.1 definition of generalName
171 */
172 static const asn1Object_t generalNameObjects[] = {
173 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
174 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
175 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
176 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
177 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
178 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
179 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
180 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
181 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
182 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
183 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
184 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
185 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
186 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
187 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
188 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
189 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
190 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
191 };
192
193 #define GN_OBJ_OTHER_NAME 0
194 #define GN_OBJ_RFC822_NAME 2
195 #define GN_OBJ_DNS_NAME 4
196 #define GN_OBJ_X400_ADDRESS 6
197 #define GN_OBJ_DIRECTORY_NAME 8
198 #define GN_OBJ_EDI_PARTY_NAME 10
199 #define GN_OBJ_URI 12
200 #define GN_OBJ_IP_ADDRESS 14
201 #define GN_OBJ_REGISTERED_ID 16
202 #define GN_OBJ_ROOF 18
203
204 /**
205 * ASN.1 definition of otherName
206 */
207 static const asn1Object_t otherNameObjects[] = {
208 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
209 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
210 };
211
212 #define ON_OBJ_ID_TYPE 0
213 #define ON_OBJ_VALUE 1
214 #define ON_OBJ_ROOF 2
215
216 /**
217 * ASN.1 definition of a basicConstraints extension
218 */
219 static const asn1Object_t basicConstraintsObjects[] = {
220 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
221 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
222 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
223 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
224 };
225
226 #define BASIC_CONSTRAINTS_CA 1
227 #define BASIC_CONSTRAINTS_ROOF 4
228
229 /**
230 * ASN.1 definition of a keyIdentifier
231 */
232 static const asn1Object_t keyIdentifierObjects[] = {
233 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
234 };
235
236 /**
237 * ASN.1 definition of a authorityKeyIdentifier extension
238 */
239 static const asn1Object_t authorityKeyIdentifierObjects[] = {
240 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
241 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
242 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
243 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
244 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
245 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
246 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
247 };
248
249 #define AUTH_KEY_ID_KEY_ID 1
250 #define AUTH_KEY_ID_CERT_ISSUER 3
251 #define AUTH_KEY_ID_CERT_SERIAL 5
252 #define AUTH_KEY_ID_ROOF 7
253
254 /**
255 * ASN.1 definition of a authorityInfoAccess extension
256 */
257 static const asn1Object_t authorityInfoAccessObjects[] = {
258 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
259 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
260 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
261 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
262 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
263 };
264
265 #define AUTH_INFO_ACCESS_METHOD 2
266 #define AUTH_INFO_ACCESS_LOCATION 3
267 #define AUTH_INFO_ACCESS_ROOF 5
268
269 /**
270 * ASN.1 definition of a extendedKeyUsage extension
271 */
272 static const asn1Object_t extendedKeyUsageObjects[] = {
273 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
274 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
275 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
276 };
277
278 #define EXT_KEY_USAGE_PURPOSE_ID 1
279 #define EXT_KEY_USAGE_ROOF 3
280
281 /**
282 * ASN.1 definition of generalNames
283 */
284 static const asn1Object_t generalNamesObjects[] = {
285 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
286 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
287 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
288 };
289
290 #define GENERAL_NAMES_GN 1
291 #define GENERAL_NAMES_ROOF 3
292
293
294 /**
295 * ASN.1 definition of crlDistributionPoints
296 */
297 static const asn1Object_t crlDistributionPointsObjects[] = {
298 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
299 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
300 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
301 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
302 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
303 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
304 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
305 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
306 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
307 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
308 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
309 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
310 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
311 };
312
313 #define CRL_DIST_POINTS_FULLNAME 3
314 #define CRL_DIST_POINTS_ROOF 13
315
316 /**
317 * ASN.1 definition of an X.509v3 x509_cert
318 */
319 static const asn1Object_t certObjects[] = {
320 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
321 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
322 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
323 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
324 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
325 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
326 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
327 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
328 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
329 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
330 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
331 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
332 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
333 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
334 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
335 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
336 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
337 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
338 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
339 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
340 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
341 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
342 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
343 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
344 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
345 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
346 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
347 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
348 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
349 };
350
351 #define X509_OBJ_TBS_CERTIFICATE 1
352 #define X509_OBJ_VERSION 3
353 #define X509_OBJ_SERIAL_NUMBER 4
354 #define X509_OBJ_SIG_ALG 5
355 #define X509_OBJ_ISSUER 6
356 #define X509_OBJ_NOT_BEFORE 8
357 #define X509_OBJ_NOT_AFTER 9
358 #define X509_OBJ_SUBJECT 10
359 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
360 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
361 #define X509_OBJ_RSA_PUBLIC_KEY 14
362 #define X509_OBJ_EXTN_ID 22
363 #define X509_OBJ_CRITICAL 23
364 #define X509_OBJ_EXTN_VALUE 24
365 #define X509_OBJ_ALGORITHM 27
366 #define X509_OBJ_SIGNATURE 28
367 #define X509_OBJ_ROOF 29
368
369
370 static u_char ASN1_sAN_oid_buf[] = {
371 0x06, 0x03, 0x55, 0x1D, 0x11
372 };
373 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
374
375 /**
376 * extracts the basicConstraints extension
377 */
378 static bool parse_basicConstraints(chunk_t blob, int level0)
379 {
380 asn1_ctx_t ctx;
381 chunk_t object;
382 u_int level;
383 int objectID = 0;
384 bool isCA = FALSE;
385
386 asn1_init(&ctx, blob, level0, FALSE, FALSE);
387 while (objectID < BASIC_CONSTRAINTS_ROOF) {
388
389 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
390 {
391 break;
392 }
393 if (objectID == BASIC_CONSTRAINTS_CA)
394 {
395 isCA = object.len && *object.ptr;
396 DBG2(" %s", isCA ? "TRUE" : "FALSE");
397 }
398 objectID++;
399 }
400 return isCA;
401 }
402
403 /*
404 * extracts an otherName
405 */
406 static bool parse_otherName(chunk_t blob, int level0)
407 {
408 asn1_ctx_t ctx;
409 chunk_t object;
410 u_int level;
411 int objectID = 0;
412 int oid = OID_UNKNOWN;
413
414 asn1_init(&ctx, blob, level0, FALSE, FALSE);
415 while (objectID < ON_OBJ_ROOF)
416 {
417 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
418 {
419 return FALSE;
420 }
421 switch (objectID)
422 {
423 case ON_OBJ_ID_TYPE:
424 oid = known_oid(object);
425 break;
426 case ON_OBJ_VALUE:
427 if (oid == OID_XMPP_ADDR)
428 {
429 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING,
430 level + 1, "xmppAddr"))
431 {
432 return FALSE;
433 }
434 }
435 break;
436 default:
437 break;
438 }
439 objectID++;
440 }
441 return TRUE;
442 }
443
444 /*
445 * extracts a generalName
446 */
447 static identification_t *parse_generalName(chunk_t blob, int level0)
448 {
449 asn1_ctx_t ctx;
450 chunk_t object;
451 int objectID = 0;
452 u_int level;
453
454 asn1_init(&ctx, blob, level0, FALSE, FALSE);
455 while (objectID < GN_OBJ_ROOF)
456 {
457 id_type_t id_type = ID_ANY;
458
459 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
460 {
461 return NULL;
462 }
463 switch (objectID)
464 {
465 case GN_OBJ_RFC822_NAME:
466 id_type = ID_RFC822_ADDR;
467 break;
468 case GN_OBJ_DNS_NAME:
469 id_type = ID_FQDN;
470 break;
471 case GN_OBJ_URI:
472 id_type = ID_DER_ASN1_GN_URI;
473 break;
474 case GN_OBJ_DIRECTORY_NAME:
475 id_type = ID_DER_ASN1_DN;
476 break;
477 case GN_OBJ_IP_ADDRESS:
478 id_type = ID_IPV4_ADDR;
479 break;
480 case GN_OBJ_OTHER_NAME:
481 if (!parse_otherName(object, level + 1))
482 return NULL;
483 break;
484 case GN_OBJ_X400_ADDRESS:
485 case GN_OBJ_EDI_PARTY_NAME:
486 case GN_OBJ_REGISTERED_ID:
487 break;
488 default:
489 break;
490 }
491 if (id_type != ID_ANY)
492 {
493 identification_t *gn = identification_create_from_encoding(id_type, object);
494 DBG2(" '%D'", gn);
495 return gn;
496 }
497 objectID++;
498 }
499 return NULL;
500 }
501
502
503 /**
504 * extracts one or several GNs and puts them into a chained list
505 */
506 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
507 {
508 asn1_ctx_t ctx;
509 chunk_t object;
510 u_int level;
511 int objectID = 0;
512
513 asn1_init(&ctx, blob, level0, implicit, FALSE);
514 while (objectID < GENERAL_NAMES_ROOF)
515 {
516 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
517 {
518 return;
519 }
520 if (objectID == GENERAL_NAMES_GN)
521 {
522 identification_t *gn = parse_generalName(object, level+1);
523
524 if (gn != NULL)
525 {
526 list->insert_last(list, (void *)gn);
527 }
528 }
529 objectID++;
530 }
531 return;
532 }
533
534 /**
535 * extracts a keyIdentifier
536 */
537 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
538 {
539 asn1_ctx_t ctx;
540 chunk_t object;
541 u_int level;
542 int objectID = 0;
543
544 asn1_init(&ctx, blob, level0, implicit, FALSE);
545 if (!extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx))
546 {
547 return chunk_empty;
548 }
549 return object;
550 }
551
552 /**
553 * extracts an authoritykeyIdentifier
554 */
555 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
556 chunk_t *authKeySerialNumber)
557 {
558 asn1_ctx_t ctx;
559 chunk_t object;
560 u_int level;
561 int objectID = 0;
562 identification_t *authKeyIdentifier = NULL;
563
564 *authKeySerialNumber = chunk_empty;
565
566 asn1_init(&ctx, blob, level0, FALSE, FALSE);
567 while (objectID < AUTH_KEY_ID_ROOF)
568 {
569 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
570 {
571 return NULL;
572 }
573 switch (objectID)
574 {
575 case AUTH_KEY_ID_KEY_ID:
576 {
577 chunk_t authKeyID = parse_keyIdentifier(object, level+1, TRUE);
578
579 if (authKeyID.ptr == NULL)
580 {
581 return NULL;
582 }
583 authKeyIdentifier = identification_create_from_encoding(
584 ID_PUBKEY_SHA1, authKeyID);
585 break;
586 }
587 case AUTH_KEY_ID_CERT_ISSUER:
588 {
589 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
590 break;
591 }
592 case AUTH_KEY_ID_CERT_SERIAL:
593 *authKeySerialNumber = object;
594 break;
595 default:
596 break;
597 }
598 objectID++;
599 }
600 return authKeyIdentifier;
601 }
602
603 /**
604 * extracts an authorityInfoAcess location
605 */
606 static void parse_authorityInfoAccess(chunk_t blob, int level0,
607 private_x509_cert_t *this)
608 {
609 asn1_ctx_t ctx;
610 chunk_t object;
611 u_int level;
612 int objectID = 0;
613 int accessMethod = OID_UNKNOWN;
614
615 asn1_init(&ctx, blob, level0, FALSE, FALSE);
616 while (objectID < AUTH_INFO_ACCESS_ROOF)
617 {
618 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
619 {
620 return;
621 }
622 switch (objectID)
623 {
624 case AUTH_INFO_ACCESS_METHOD:
625 accessMethod = known_oid(object);
626 break;
627 case AUTH_INFO_ACCESS_LOCATION:
628 {
629 switch (accessMethod)
630 {
631 case OID_OCSP:
632 case OID_CA_ISSUERS:
633 {
634 identification_t *id;
635 char *uri;
636
637 id = parse_generalName(object, level+1);
638 if (id == NULL)
639 { /* parsing went wrong - abort */
640 return;
641 }
642 DBG2(" '%D'", id);
643 if (accessMethod == OID_OCSP &&
644 asprintf(&uri, "%D", id) > 0)
645 {
646 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
647 }
648 id->destroy(id);
649 }
650 break;
651 default:
652 /* unkown accessMethod, ignoring */
653 break;
654 }
655 break;
656 }
657 default:
658 break;
659 }
660 objectID++;
661 }
662 }
663
664 /**
665 * extracts extendedKeyUsage OIDs
666 */
667 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
668 {
669 asn1_ctx_t ctx;
670 chunk_t object;
671 u_int level;
672 int objectID = 0;
673
674 asn1_init(&ctx, blob, level0, FALSE, FALSE);
675 while (objectID < EXT_KEY_USAGE_ROOF)
676 {
677 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
678 {
679 return FALSE;
680 }
681 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
682 known_oid(object) == OID_OCSP_SIGNING)
683 {
684 return TRUE;
685 }
686 objectID++;
687 }
688 return FALSE;
689 }
690
691 /**
692 * extracts one or several crlDistributionPoints into a list
693 */
694 static void parse_crlDistributionPoints(chunk_t blob, int level0,
695 private_x509_cert_t *this)
696 {
697 asn1_ctx_t ctx;
698 chunk_t object;
699 u_int level;
700 int objectID = 0;
701 linked_list_t *list;
702 identification_t *id;
703 char *uri;
704
705 list = linked_list_create();
706 asn1_init(&ctx, blob, level0, FALSE, FALSE);
707 while (objectID < CRL_DIST_POINTS_ROOF)
708 {
709 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
710 {
711 list->destroy_offset(list, offsetof(identification_t, destroy));
712 return;
713 }
714 if (objectID == CRL_DIST_POINTS_FULLNAME)
715 { /* append extracted generalNames to existing chained list */
716 x509_parse_generalNames(object, level+1, TRUE, list);
717
718 while (list->remove_last(list, (void**)&id) == SUCCESS)
719 {
720 if (asprintf(&uri, "%D", id) > 0)
721 {
722 this->crl_uris->insert_last(this->crl_uris, uri);
723 }
724 id->destroy(id);
725 }
726 }
727 objectID++;
728 }
729 list->destroy(list);
730 }
731
732 /**
733 * Parses an X.509v3 certificate
734 */
735 static bool parse_certificate(private_x509_cert_t *this)
736 {
737 asn1_ctx_t ctx;
738 bool critical;
739 chunk_t object;
740 u_int level;
741 int objectID = 0;
742 int extn_oid = OID_UNKNOWN;
743 int key_alg = OID_UNKNOWN;
744 int sig_alg = OID_UNKNOWN;
745 chunk_t subjectPublicKey = chunk_empty;
746
747 asn1_init(&ctx, this->encoding, 0, FALSE, FALSE);
748 while (objectID < X509_OBJ_ROOF)
749 {
750 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
751 {
752 return FALSE;
753 }
754 /* those objects which will parsed further need the next higher level */
755 level++;
756 switch (objectID)
757 {
758 case X509_OBJ_TBS_CERTIFICATE:
759 this->tbsCertificate = object;
760 break;
761 case X509_OBJ_VERSION:
762 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
763 DBG2(" v%d", this->version);
764 break;
765 case X509_OBJ_SERIAL_NUMBER:
766 this->serialNumber = object;
767 break;
768 case X509_OBJ_SIG_ALG:
769 sig_alg = parse_algorithmIdentifier(object, level, NULL);
770 break;
771 case X509_OBJ_ISSUER:
772 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
773 DBG2(" '%D'", this->issuer);
774 break;
775 case X509_OBJ_NOT_BEFORE:
776 this->notBefore = parse_time(object, level);
777 break;
778 case X509_OBJ_NOT_AFTER:
779 this->notAfter = parse_time(object, level);
780 break;
781 case X509_OBJ_SUBJECT:
782 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
783 DBG2(" '%D'", this->subject);
784 break;
785 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
786 key_alg = parse_algorithmIdentifier(object, level, NULL);
787 break;
788 case X509_OBJ_SUBJECT_PUBLIC_KEY:
789 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
790 {
791 /* skip initial bit string octet defining 0 unused bits */
792 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
793 }
794 break;
795 case X509_OBJ_RSA_PUBLIC_KEY:
796 subjectPublicKey = object;
797 switch (key_alg)
798 {
799 case OID_RSA_ENCRYPTION:
800 this->public_key = lib->creds->create(lib->creds,
801 CRED_PUBLIC_KEY, KEY_RSA,
802 BUILD_BLOB_ASN1_DER, chunk_clone(subjectPublicKey),
803 BUILD_END);
804 break;
805 default:
806 DBG1("parsing key type %d failed", key_alg);
807 return FALSE;
808 }
809 break;
810 case X509_OBJ_EXTN_ID:
811 extn_oid = known_oid(object);
812 break;
813 case X509_OBJ_CRITICAL:
814 critical = object.len && *object.ptr;
815 DBG2(" %s", critical ? "TRUE" : "FALSE");
816 break;
817 case X509_OBJ_EXTN_VALUE:
818 {
819 switch (extn_oid)
820 {
821 case OID_SUBJECT_KEY_ID:
822 this->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
823 break;
824 case OID_SUBJECT_ALT_NAME:
825 x509_parse_generalNames(object, level, FALSE, this->subjectAltNames);
826 break;
827 case OID_BASIC_CONSTRAINTS:
828 if (parse_basicConstraints(object, level))
829 {
830 this->flags |= X509_CA;
831 }
832 break;
833 case OID_CRL_DISTRIBUTION_POINTS:
834 parse_crlDistributionPoints(object, level, this);
835 break;
836 case OID_AUTHORITY_KEY_ID:
837 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
838 level, &this->authKeySerialNumber);
839 break;
840 case OID_AUTHORITY_INFO_ACCESS:
841 parse_authorityInfoAccess(object, level, this);
842 break;
843 case OID_EXTENDED_KEY_USAGE:
844 if (parse_extendedKeyUsage(object, level))
845 {
846 this->flags |= X509_OCSP_SIGNER;
847 }
848 break;
849 case OID_NS_REVOCATION_URL:
850 case OID_NS_CA_REVOCATION_URL:
851 case OID_NS_CA_POLICY_URL:
852 case OID_NS_COMMENT:
853 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING,
854 level, oid_names[extn_oid].name))
855 return FALSE;
856 break;
857 default:
858 break;
859 }
860 break;
861 }
862 case X509_OBJ_ALGORITHM:
863 this->algorithm = parse_algorithmIdentifier(object, level, NULL);
864 if (this->algorithm != sig_alg)
865 {
866 DBG1(" signature algorithms do not agree");
867 return FALSE;
868 }
869 break;
870 case X509_OBJ_SIGNATURE:
871 this->signature = object;
872 break;
873 default:
874 break;
875 }
876 objectID++;
877 }
878 return TRUE;
879 }
880
881 /**
882 * Implementation of certificate_t.get_type
883 */
884 static certificate_type_t get_type(private_x509_cert_t *this)
885 {
886 return CERT_X509;
887 }
888
889 /**
890 * Implementation of certificate_t.get_subject
891 */
892 static identification_t* get_subject(private_x509_cert_t *this)
893 {
894 return this->subject;
895 }
896
897 /**
898 * Implementation of certificate_t.get_issuer
899 */
900 static identification_t* get_issuer(private_x509_cert_t *this)
901 {
902 return this->issuer;
903 }
904
905 /**
906 * Implementation of certificate_t.has_subject.
907 */
908 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
909 {
910 identification_t *current;
911 enumerator_t *enumerator;
912 id_match_t match, best;
913
914 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_CERT_DER_SHA1 &&
915 chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
916 {
917 return ID_MATCH_PERFECT;
918 }
919
920 best = this->subject->matches(this->subject, subject);
921 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
922 while (enumerator->enumerate(enumerator, &current))
923 {
924 match = current->matches(current, subject);
925 if (match > best)
926 {
927 best = match;
928 }
929 }
930 enumerator->destroy(enumerator);
931 return best;
932 }
933
934 /**
935 * Implementation of certificate_t.has_subject.
936 */
937 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
938 {
939 /* issuerAltNames currently not supported */
940 return this->issuer->matches(this->issuer, issuer);
941 }
942
943 /**
944 * Implementation of certificate_t.issued_by
945 */
946 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
947 {
948 public_key_t *key;
949 signature_scheme_t scheme;
950 bool valid;
951 x509_t *x509 = (x509_t*)issuer;
952
953 if (&this->public.interface.interface == issuer)
954 {
955 if (this->flags & X509_SELF_SIGNED)
956 {
957 return TRUE;
958 }
959 }
960 else
961 {
962 if (issuer->get_type(issuer) != CERT_X509)
963 {
964 return FALSE;
965 }
966 if (!(x509->get_flags(x509) & X509_CA))
967 {
968 return FALSE;
969 }
970 }
971 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
972 {
973 return FALSE;
974 }
975 /* TODO: generic OID to scheme mapper? */
976 switch (this->algorithm)
977 {
978 case OID_MD5_WITH_RSA:
979 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
980 break;
981 case OID_SHA1_WITH_RSA:
982 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
983 break;
984 case OID_SHA256_WITH_RSA:
985 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
986 break;
987 case OID_SHA384_WITH_RSA:
988 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
989 break;
990 case OID_SHA512_WITH_RSA:
991 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
992 break;
993 default:
994 return FALSE;
995 }
996 key = issuer->get_public_key(issuer);
997 if (key == NULL)
998 {
999 return FALSE;
1000 }
1001 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
1002 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
1003 key->destroy(key);
1004 return valid;
1005 }
1006
1007 /**
1008 * Implementation of certificate_t.get_public_key
1009 */
1010 static public_key_t* get_public_key(private_x509_cert_t *this)
1011 {
1012 this->public_key->get_ref(this->public_key);
1013 return this->public_key;
1014 }
1015
1016 /**
1017 * Implementation of certificate_t.asdf
1018 */
1019 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1020 {
1021 ref_get(&this->ref);
1022 return this;
1023 }
1024
1025 /**
1026 * Implementation of x509_cert_t.get_flags.
1027 */
1028 static x509_flag_t get_flags(private_x509_cert_t *this)
1029 {
1030 return this->flags;
1031 }
1032
1033 /**
1034 * Implementation of x509_cert_t.get_validity.
1035 */
1036 static bool get_validity(private_x509_cert_t *this, time_t *when,
1037 time_t *not_before, time_t *not_after)
1038 {
1039 time_t t;
1040
1041 if (when)
1042 {
1043 t = *when;
1044 }
1045 else
1046 {
1047 t = time(NULL);
1048 }
1049 if (not_before)
1050 {
1051 *not_before = this->notBefore;
1052 }
1053 if (not_after)
1054 {
1055 *not_after = this->notAfter;
1056 }
1057 return (t >= this->notBefore && t <= this->notAfter);
1058 }
1059
1060 /**
1061 * Implementation of certificate_t.is_newer.
1062 */
1063 static bool is_newer(certificate_t *this, certificate_t *that)
1064 {
1065 time_t this_update, that_update, now = time(NULL);
1066 bool new;
1067
1068 this->get_validity(this, &now, &this_update, NULL);
1069 that->get_validity(that, &now, &that_update, NULL);
1070 new = this_update > that_update;
1071 DBG1(" certificate from %#T is %s - existing certificate from %#T %s",
1072 &this_update, FALSE, new ? "newer":"not newer",
1073 &that_update, FALSE, new ? "replaced":"retained");
1074 return new;
1075 }
1076
1077 /**
1078 * Implementation of certificate_t.get_encoding.
1079 */
1080 static chunk_t get_encoding(private_x509_cert_t *this)
1081 {
1082 return chunk_clone(this->encoding);
1083 }
1084
1085 /**
1086 * Implementation of certificate_t.equals.
1087 */
1088 static bool equals(private_x509_cert_t *this, certificate_t *other)
1089 {
1090 chunk_t encoding;
1091 bool equal;
1092
1093 if (this == (private_x509_cert_t*)other)
1094 {
1095 return TRUE;
1096 }
1097 if (other->get_type(other) != CERT_X509)
1098 {
1099 return FALSE;
1100 }
1101 if (other->equals == (void*)equals)
1102 { /* skip allocation if we have the same implementation */
1103 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1104 }
1105 encoding = other->get_encoding(other);
1106 equal = chunk_equals(this->encoding, encoding);
1107 free(encoding.ptr);
1108 return equal;
1109 }
1110
1111 /**
1112 * Implementation of x509_t.get_serial.
1113 */
1114 static chunk_t get_serial(private_x509_cert_t *this)
1115 {
1116 return this->serialNumber;
1117 }
1118
1119 /**
1120 * Implementation of x509_t.get_authKeyIdentifier.
1121 */
1122 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1123 {
1124 return this->authKeyIdentifier;
1125 }
1126
1127 /**
1128 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1129 */
1130 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1131 {
1132 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1133 }
1134
1135 /**
1136 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1137 */
1138 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1139 {
1140 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1141 }
1142
1143 /**
1144 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1145 */
1146 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1147 {
1148 return this->crl_uris->create_enumerator(this->crl_uris);
1149 }
1150
1151 /**
1152 * Implementation of certificate_t.asdf
1153 */
1154 static void destroy(private_x509_cert_t *this)
1155 {
1156 if (ref_put(&this->ref))
1157 {
1158 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1159 offsetof(identification_t, destroy));
1160 this->crl_uris->destroy_function(this->crl_uris, free);
1161 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1162 DESTROY_IF(this->issuer);
1163 DESTROY_IF(this->subject);
1164 DESTROY_IF(this->public_key);
1165 DESTROY_IF(this->authKeyIdentifier);
1166 chunk_free(&this->encoding);
1167 chunk_free(&this->encoding_hash);
1168 free(this);
1169 }
1170 }
1171
1172 /**
1173 * create an empty but initialized X.509 certificate
1174 */
1175 static private_x509_cert_t* create_empty(void)
1176 {
1177 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1178
1179 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1180 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1181 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1182 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1183 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1184 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
1185 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1186 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1187 this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
1188 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1189 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1190 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1191 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1192 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1193 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1194 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1195 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1196 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1197 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1198
1199 this->encoding = chunk_empty;
1200 this->encoding_hash = chunk_empty;
1201 this->public_key = NULL;
1202 this->subject = NULL;
1203 this->issuer = NULL;
1204 this->subjectAltNames = linked_list_create();
1205 this->crl_uris = linked_list_create();
1206 this->ocsp_uris = linked_list_create();
1207 this->subjectKeyID = chunk_empty;
1208 this->authKeyIdentifier = NULL;
1209 this->authKeySerialNumber = chunk_empty;
1210 this->flags = 0;
1211 this->ref = 1;
1212
1213 return this;
1214 }
1215
1216 /**
1217 * create an X.509 certificate from a chunk
1218 */
1219 static private_x509_cert_t *create_from_chunk(chunk_t chunk)
1220 {
1221 private_x509_cert_t *this = create_empty();
1222
1223 this->encoding = chunk;
1224 if (!parse_certificate(this))
1225 {
1226 destroy(this);
1227 return NULL;
1228 }
1229
1230 /* check if the certificate is self-signed */
1231 if (issued_by(this, &this->public.interface.interface))
1232 {
1233 this->flags |= X509_SELF_SIGNED;
1234 }
1235
1236 hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1237 if (hasher != NULL)
1238 {
1239 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1240 hasher->destroy(hasher);
1241 }
1242 else
1243 {
1244 DBG1(" unable to create hash of certificate, SHA1 not supported");
1245 }
1246
1247 return this;
1248 }
1249
1250 /**
1251 * create an X.509 certificate from a file
1252 */
1253 static private_x509_cert_t *create_from_file(char *path)
1254 {
1255 bool pgp = FALSE;
1256 chunk_t chunk;
1257 private_x509_cert_t *this;
1258
1259 if (!pem_asn1_load_file(path, NULL, &chunk, &pgp))
1260 {
1261 return NULL;
1262 }
1263
1264 this = create_from_chunk(chunk);
1265
1266 if (this == NULL)
1267 {
1268 DBG1(" could not parse loaded certificate file '%s'",path);
1269 return NULL;
1270 }
1271 DBG1(" loaded certificate file '%s'", path);
1272 return this;
1273
1274 }
1275
1276 typedef struct private_builder_t private_builder_t;
1277 /**
1278 * Builder implementation for certificate loading
1279 */
1280 struct private_builder_t {
1281 /** implements the builder interface */
1282 builder_t public;
1283 /** loaded certificate */
1284 private_x509_cert_t *cert;
1285 /** additional flags to enforce */
1286 x509_flag_t flags;
1287 };
1288
1289 /**
1290 * Implementation of builder_t.build
1291 */
1292 static private_x509_cert_t *build(private_builder_t *this)
1293 {
1294 private_x509_cert_t *cert = this->cert;
1295 x509_flag_t flags = this->flags;
1296
1297 free(this);
1298 if (cert == NULL)
1299 {
1300 return NULL;
1301 }
1302 if ((flags & X509_CA) && !(cert->flags & X509_CA))
1303 {
1304 DBG1(" ca certificate must have ca basic constraint set, discarded");
1305 destroy(cert);
1306 return NULL;
1307 }
1308 cert->flags |= flags;
1309 return cert;
1310 }
1311
1312 /**
1313 * Implementation of builder_t.add
1314 */
1315 static void add(private_builder_t *this, builder_part_t part, ...)
1316 {
1317 va_list args;
1318
1319 va_start(args, part);
1320 switch (part)
1321 {
1322 case BUILD_FROM_FILE:
1323 this->cert = create_from_file(va_arg(args, char*));
1324 break;
1325 case BUILD_BLOB_ASN1_DER:
1326 this->cert = create_from_chunk(va_arg(args, chunk_t));
1327 break;
1328 case BUILD_X509_FLAG:
1329 this->flags = va_arg(args, x509_flag_t);
1330 break;
1331 default:
1332 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1333 break;
1334 }
1335 va_end(args);
1336 }
1337
1338 /**
1339 * Builder construction function
1340 */
1341 builder_t *x509_cert_builder(certificate_type_t type)
1342 {
1343 private_builder_t *this;
1344
1345 if (type != CERT_X509)
1346 {
1347 return NULL;
1348 }
1349
1350 this = malloc_thing(private_builder_t);
1351
1352 this->cert = NULL;
1353 this->flags = 0;
1354 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1355 this->public.build = (void*(*)(builder_t *this))build;
1356
1357 return &this->public;
1358 }
1359