caching of ocsp responses (experimental), no crl caching yet
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Hochschule fuer Technik Rapperswil
8 *
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the
11 * Free Software Foundation; either version 2 of the License, or (at your
12 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 * for more details.
18 *
19 * $Id$
20 */
21
22 #define _GNU_SOURCE
23
24 #include "x509_cert.h"
25
26 #include <gmp.h>
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <stdio.h>
31
32 #include <crypto/hashers/hasher.h>
33 #include <library.h>
34 #include <debug.h>
35 #include <asn1/oid.h>
36 #include <asn1/asn1.h>
37 #include <asn1/pem.h>
38 #include <utils/linked_list.h>
39 #include <utils/identification.h>
40
41 /**
42 * Different kinds of generalNames
43 */
44 typedef enum {
45 GN_OTHER_NAME = 0,
46 GN_RFC822_NAME = 1,
47 GN_DNS_NAME = 2,
48 GN_X400_ADDRESS = 3,
49 GN_DIRECTORY_NAME = 4,
50 GN_EDI_PARTY_NAME = 5,
51 GN_URI = 6,
52 GN_IP_ADDRESS = 7,
53 GN_REGISTERED_ID = 8,
54 } generalNames_t;
55
56
57 typedef struct private_x509_cert_t private_x509_cert_t;
58
59 /**
60 * Private data of a x509_cert_t object.
61 */
62 struct private_x509_cert_t {
63 /**
64 * Public interface for this certificate.
65 */
66 x509_cert_t public;
67
68 /**
69 * X.509 certificate encoding in ASN.1 DER format
70 */
71 chunk_t encoding;
72
73 /**
74 * X.509 certificate body over which signature is computed
75 */
76 chunk_t tbsCertificate;
77
78 /**
79 * Version of the X.509 certificate
80 */
81 u_int version;
82
83 /**
84 * Serial number of the X.509 certificate
85 */
86 chunk_t serialNumber;
87
88 /**
89 * ID representing the certificate issuer
90 */
91 identification_t *issuer;
92
93 /**
94 * Start time of certificate validity
95 */
96 time_t notBefore;
97
98 /**
99 * End time of certificate validity
100 */
101 time_t notAfter;
102
103 /**
104 * ID representing the certificate subject
105 */
106 identification_t *subject;
107
108 /**
109 * List of subjectAltNames as identification_t
110 */
111 linked_list_t *subjectAltNames;
112
113 /**
114 * List of crlDistributionPoints as allocated char*
115 */
116 linked_list_t *crl_uris;
117
118 /**
119 * List ocspAccessLocations as identification_t
120 */
121 linked_list_t *ocsp_uris;
122
123 /**
124 * certificates embedded public key
125 */
126 public_key_t *public_key;
127
128 /**
129 * Subject Key Identifier
130 */
131 chunk_t subjectKeyID;
132
133 /**
134 * Authority Key Identifier
135 */
136 identification_t *authKeyIdentifier;
137
138 /**
139 * Authority Key Serial Number
140 */
141 chunk_t authKeySerialNumber;
142
143 /**
144 * x509 constraints and other flags
145 */
146 x509_flag_t flags;
147
148 /**
149 * Signature algorithm
150 */
151 int algorithm;
152
153 /**
154 * Signature
155 */
156 chunk_t signature;
157
158 /**
159 * reference count
160 */
161 refcount_t ref;
162 };
163
164 /**
165 * ASN.1 definition of generalName
166 */
167 static const asn1Object_t generalNameObjects[] = {
168 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
169 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
170 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
171 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
172 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
173 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
174 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
175 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
176 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
177 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
178 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
179 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
180 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
181 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
182 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
183 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
184 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
185 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
186 };
187
188 #define GN_OBJ_OTHER_NAME 0
189 #define GN_OBJ_RFC822_NAME 2
190 #define GN_OBJ_DNS_NAME 4
191 #define GN_OBJ_X400_ADDRESS 6
192 #define GN_OBJ_DIRECTORY_NAME 8
193 #define GN_OBJ_EDI_PARTY_NAME 10
194 #define GN_OBJ_URI 12
195 #define GN_OBJ_IP_ADDRESS 14
196 #define GN_OBJ_REGISTERED_ID 16
197 #define GN_OBJ_ROOF 18
198
199 /**
200 * ASN.1 definition of otherName
201 */
202 static const asn1Object_t otherNameObjects[] = {
203 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
204 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
205 };
206
207 #define ON_OBJ_ID_TYPE 0
208 #define ON_OBJ_VALUE 1
209 #define ON_OBJ_ROOF 2
210
211 /**
212 * ASN.1 definition of a basicConstraints extension
213 */
214 static const asn1Object_t basicConstraintsObjects[] = {
215 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
216 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
217 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
218 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
219 };
220
221 #define BASIC_CONSTRAINTS_CA 1
222 #define BASIC_CONSTRAINTS_ROOF 4
223
224 /**
225 * ASN.1 definition of a keyIdentifier
226 */
227 static const asn1Object_t keyIdentifierObjects[] = {
228 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
229 };
230
231 /**
232 * ASN.1 definition of a authorityKeyIdentifier extension
233 */
234 static const asn1Object_t authorityKeyIdentifierObjects[] = {
235 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
236 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
237 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
238 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
239 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
240 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
241 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
242 };
243
244 #define AUTH_KEY_ID_KEY_ID 1
245 #define AUTH_KEY_ID_CERT_ISSUER 3
246 #define AUTH_KEY_ID_CERT_SERIAL 5
247 #define AUTH_KEY_ID_ROOF 7
248
249 /**
250 * ASN.1 definition of a authorityInfoAccess extension
251 */
252 static const asn1Object_t authorityInfoAccessObjects[] = {
253 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
254 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
255 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
256 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
257 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
258 };
259
260 #define AUTH_INFO_ACCESS_METHOD 2
261 #define AUTH_INFO_ACCESS_LOCATION 3
262 #define AUTH_INFO_ACCESS_ROOF 5
263
264 /**
265 * ASN.1 definition of a extendedKeyUsage extension
266 */
267 static const asn1Object_t extendedKeyUsageObjects[] = {
268 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
269 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
270 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
271 };
272
273 #define EXT_KEY_USAGE_PURPOSE_ID 1
274 #define EXT_KEY_USAGE_ROOF 3
275
276 /**
277 * ASN.1 definition of generalNames
278 */
279 static const asn1Object_t generalNamesObjects[] = {
280 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
281 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
282 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
283 };
284
285 #define GENERAL_NAMES_GN 1
286 #define GENERAL_NAMES_ROOF 3
287
288
289 /**
290 * ASN.1 definition of crlDistributionPoints
291 */
292 static const asn1Object_t crlDistributionPointsObjects[] = {
293 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
294 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
295 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
296 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
297 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
298 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
299 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
300 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
301 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
302 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
303 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
304 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
305 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
306 };
307
308 #define CRL_DIST_POINTS_FULLNAME 3
309 #define CRL_DIST_POINTS_ROOF 13
310
311 /**
312 * ASN.1 definition of an X.509v3 x509_cert
313 */
314 static const asn1Object_t certObjects[] = {
315 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
316 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
317 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
318 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
319 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
320 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
321 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
322 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
323 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
324 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
325 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
326 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
327 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
328 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
329 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
330 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
331 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
332 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
333 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
334 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
335 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
336 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
337 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
338 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
339 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
340 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
341 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
342 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
343 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
344 };
345
346 #define X509_OBJ_TBS_CERTIFICATE 1
347 #define X509_OBJ_VERSION 3
348 #define X509_OBJ_SERIAL_NUMBER 4
349 #define X509_OBJ_SIG_ALG 5
350 #define X509_OBJ_ISSUER 6
351 #define X509_OBJ_NOT_BEFORE 8
352 #define X509_OBJ_NOT_AFTER 9
353 #define X509_OBJ_SUBJECT 10
354 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
355 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
356 #define X509_OBJ_RSA_PUBLIC_KEY 14
357 #define X509_OBJ_EXTN_ID 22
358 #define X509_OBJ_CRITICAL 23
359 #define X509_OBJ_EXTN_VALUE 24
360 #define X509_OBJ_ALGORITHM 27
361 #define X509_OBJ_SIGNATURE 28
362 #define X509_OBJ_ROOF 29
363
364
365 static u_char ASN1_sAN_oid_buf[] = {
366 0x06, 0x03, 0x55, 0x1D, 0x11
367 };
368 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
369
370 /**
371 * extracts the basicConstraints extension
372 */
373 static bool parse_basicConstraints(chunk_t blob, int level0)
374 {
375 asn1_ctx_t ctx;
376 chunk_t object;
377 u_int level;
378 int objectID = 0;
379 bool isCA = FALSE;
380
381 asn1_init(&ctx, blob, level0, FALSE, FALSE);
382 while (objectID < BASIC_CONSTRAINTS_ROOF) {
383
384 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
385 {
386 break;
387 }
388 if (objectID == BASIC_CONSTRAINTS_CA)
389 {
390 isCA = object.len && *object.ptr;
391 DBG2(" %s", isCA ? "TRUE" : "FALSE");
392 }
393 objectID++;
394 }
395 return isCA;
396 }
397
398 /*
399 * extracts an otherName
400 */
401 static bool parse_otherName(chunk_t blob, int level0)
402 {
403 asn1_ctx_t ctx;
404 chunk_t object;
405 u_int level;
406 int objectID = 0;
407 int oid = OID_UNKNOWN;
408
409 asn1_init(&ctx, blob, level0, FALSE, FALSE);
410 while (objectID < ON_OBJ_ROOF)
411 {
412 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
413 {
414 return FALSE;
415 }
416 switch (objectID)
417 {
418 case ON_OBJ_ID_TYPE:
419 oid = known_oid(object);
420 break;
421 case ON_OBJ_VALUE:
422 if (oid == OID_XMPP_ADDR)
423 {
424 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING,
425 level + 1, "xmppAddr"))
426 {
427 return FALSE;
428 }
429 }
430 break;
431 default:
432 break;
433 }
434 objectID++;
435 }
436 return TRUE;
437 }
438
439 /*
440 * extracts a generalName
441 */
442 static identification_t *parse_generalName(chunk_t blob, int level0)
443 {
444 asn1_ctx_t ctx;
445 chunk_t object;
446 int objectID = 0;
447 u_int level;
448
449 asn1_init(&ctx, blob, level0, FALSE, FALSE);
450 while (objectID < GN_OBJ_ROOF)
451 {
452 id_type_t id_type = ID_ANY;
453
454 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
455 {
456 return NULL;
457 }
458 switch (objectID)
459 {
460 case GN_OBJ_RFC822_NAME:
461 id_type = ID_RFC822_ADDR;
462 break;
463 case GN_OBJ_DNS_NAME:
464 id_type = ID_FQDN;
465 break;
466 case GN_OBJ_URI:
467 id_type = ID_DER_ASN1_GN_URI;
468 break;
469 case GN_OBJ_DIRECTORY_NAME:
470 id_type = ID_DER_ASN1_DN;
471 break;
472 case GN_OBJ_IP_ADDRESS:
473 id_type = ID_IPV4_ADDR;
474 break;
475 case GN_OBJ_OTHER_NAME:
476 if (!parse_otherName(object, level + 1))
477 return NULL;
478 break;
479 case GN_OBJ_X400_ADDRESS:
480 case GN_OBJ_EDI_PARTY_NAME:
481 case GN_OBJ_REGISTERED_ID:
482 break;
483 default:
484 break;
485 }
486 if (id_type != ID_ANY)
487 {
488 identification_t *gn = identification_create_from_encoding(id_type, object);
489 DBG2(" '%D'", gn);
490 return gn;
491 }
492 objectID++;
493 }
494 return NULL;
495 }
496
497
498 /**
499 * extracts one or several GNs and puts them into a chained list
500 */
501 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
502 {
503 asn1_ctx_t ctx;
504 chunk_t object;
505 u_int level;
506 int objectID = 0;
507
508 asn1_init(&ctx, blob, level0, implicit, FALSE);
509 while (objectID < GENERAL_NAMES_ROOF)
510 {
511 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
512 {
513 return;
514 }
515 if (objectID == GENERAL_NAMES_GN)
516 {
517 identification_t *gn = parse_generalName(object, level+1);
518
519 if (gn != NULL)
520 {
521 list->insert_last(list, (void *)gn);
522 }
523 }
524 objectID++;
525 }
526 return;
527 }
528
529 /**
530 * extracts a keyIdentifier
531 */
532 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
533 {
534 asn1_ctx_t ctx;
535 chunk_t object;
536 u_int level;
537 int objectID = 0;
538
539 asn1_init(&ctx, blob, level0, implicit, FALSE);
540 if (!extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx))
541 {
542 return chunk_empty;
543 }
544 return object;
545 }
546
547 /**
548 * extracts an authoritykeyIdentifier
549 */
550 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
551 chunk_t *authKeySerialNumber)
552 {
553 asn1_ctx_t ctx;
554 chunk_t object;
555 u_int level;
556 int objectID = 0;
557 identification_t *authKeyIdentifier = NULL;
558
559 *authKeySerialNumber = chunk_empty;
560
561 asn1_init(&ctx, blob, level0, FALSE, FALSE);
562 while (objectID < AUTH_KEY_ID_ROOF)
563 {
564 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
565 {
566 return NULL;
567 }
568 switch (objectID)
569 {
570 case AUTH_KEY_ID_KEY_ID:
571 {
572 chunk_t authKeyID = parse_keyIdentifier(object, level+1, TRUE);
573
574 if (authKeyID.ptr == NULL)
575 {
576 return NULL;
577 }
578 authKeyIdentifier = identification_create_from_encoding(
579 ID_PUBKEY_SHA1, authKeyID);
580 break;
581 }
582 case AUTH_KEY_ID_CERT_ISSUER:
583 {
584 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
585 break;
586 }
587 case AUTH_KEY_ID_CERT_SERIAL:
588 *authKeySerialNumber = object;
589 break;
590 default:
591 break;
592 }
593 objectID++;
594 }
595 return authKeyIdentifier;
596 }
597
598 /**
599 * extracts an authorityInfoAcess location
600 */
601 static void parse_authorityInfoAccess(chunk_t blob, int level0,
602 private_x509_cert_t *this)
603 {
604 asn1_ctx_t ctx;
605 chunk_t object;
606 u_int level;
607 int objectID = 0;
608 int accessMethod = OID_UNKNOWN;
609
610 asn1_init(&ctx, blob, level0, FALSE, FALSE);
611 while (objectID < AUTH_INFO_ACCESS_ROOF)
612 {
613 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
614 {
615 return;
616 }
617 switch (objectID)
618 {
619 case AUTH_INFO_ACCESS_METHOD:
620 accessMethod = known_oid(object);
621 break;
622 case AUTH_INFO_ACCESS_LOCATION:
623 {
624 switch (accessMethod)
625 {
626 case OID_OCSP:
627 case OID_CA_ISSUERS:
628 {
629 identification_t *id;
630 char *uri;
631
632 id = parse_generalName(object, level+1);
633 if (id == NULL)
634 { /* parsing went wrong - abort */
635 return;
636 }
637 DBG2(" '%D'", id);
638 if (accessMethod == OID_OCSP &&
639 asprintf(&uri, "%D", id) > 0)
640 {
641 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
642 }
643 id->destroy(id);
644 }
645 break;
646 default:
647 /* unkown accessMethod, ignoring */
648 break;
649 }
650 break;
651 }
652 default:
653 break;
654 }
655 objectID++;
656 }
657 }
658
659 /**
660 * extracts extendedKeyUsage OIDs
661 */
662 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
663 {
664 asn1_ctx_t ctx;
665 chunk_t object;
666 u_int level;
667 int objectID = 0;
668
669 asn1_init(&ctx, blob, level0, FALSE, FALSE);
670 while (objectID < EXT_KEY_USAGE_ROOF)
671 {
672 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
673 {
674 return FALSE;
675 }
676 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
677 known_oid(object) == OID_OCSP_SIGNING)
678 {
679 return TRUE;
680 }
681 objectID++;
682 }
683 return FALSE;
684 }
685
686 /**
687 * extracts one or several crlDistributionPoints into a list
688 */
689 static void parse_crlDistributionPoints(chunk_t blob, int level0,
690 private_x509_cert_t *this)
691 {
692 asn1_ctx_t ctx;
693 chunk_t object;
694 u_int level;
695 int objectID = 0;
696 linked_list_t *list;
697 identification_t *id;
698 char *uri;
699
700 list = linked_list_create();
701 asn1_init(&ctx, blob, level0, FALSE, FALSE);
702 while (objectID < CRL_DIST_POINTS_ROOF)
703 {
704 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
705 {
706 list->destroy_offset(list, offsetof(identification_t, destroy));
707 return;
708 }
709 if (objectID == CRL_DIST_POINTS_FULLNAME)
710 { /* append extracted generalNames to existing chained list */
711 x509_parse_generalNames(object, level+1, TRUE, list);
712
713 while (list->remove_last(list, (void**)&id) == SUCCESS)
714 {
715 if (asprintf(&uri, "%D", id) > 0)
716 {
717 this->crl_uris->insert_last(this->crl_uris, uri);
718 }
719 id->destroy(id);
720 }
721 }
722 objectID++;
723 }
724 list->destroy(list);
725 }
726
727 /**
728 * Parses an X.509v3 certificate
729 */
730 static bool parse_certificate(private_x509_cert_t *this)
731 {
732 asn1_ctx_t ctx;
733 bool critical;
734 chunk_t object;
735 u_int level;
736 int objectID = 0;
737 int extn_oid = OID_UNKNOWN;
738 int key_alg = OID_UNKNOWN;
739 int sig_alg = OID_UNKNOWN;
740 chunk_t subjectPublicKey = chunk_empty;
741
742 asn1_init(&ctx, this->encoding, 0, FALSE, FALSE);
743 while (objectID < X509_OBJ_ROOF)
744 {
745 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
746 {
747 return FALSE;
748 }
749 /* those objects which will parsed further need the next higher level */
750 level++;
751 switch (objectID)
752 {
753 case X509_OBJ_TBS_CERTIFICATE:
754 this->tbsCertificate = object;
755 break;
756 case X509_OBJ_VERSION:
757 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
758 DBG2(" v%d", this->version);
759 break;
760 case X509_OBJ_SERIAL_NUMBER:
761 this->serialNumber = object;
762 break;
763 case X509_OBJ_SIG_ALG:
764 sig_alg = parse_algorithmIdentifier(object, level, NULL);
765 break;
766 case X509_OBJ_ISSUER:
767 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
768 DBG2(" '%D'", this->issuer);
769 break;
770 case X509_OBJ_NOT_BEFORE:
771 this->notBefore = parse_time(object, level);
772 break;
773 case X509_OBJ_NOT_AFTER:
774 this->notAfter = parse_time(object, level);
775 break;
776 case X509_OBJ_SUBJECT:
777 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
778 DBG2(" '%D'", this->subject);
779 break;
780 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
781 key_alg = parse_algorithmIdentifier(object, level, NULL);
782 break;
783 case X509_OBJ_SUBJECT_PUBLIC_KEY:
784 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
785 {
786 /* skip initial bit string octet defining 0 unused bits */
787 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
788 }
789 break;
790 case X509_OBJ_RSA_PUBLIC_KEY:
791 subjectPublicKey = object;
792 switch (key_alg)
793 {
794 case OID_RSA_ENCRYPTION:
795 this->public_key = lib->creds->create(lib->creds,
796 CRED_PUBLIC_KEY, KEY_RSA,
797 BUILD_BLOB_ASN1_DER, chunk_clone(subjectPublicKey),
798 BUILD_END);
799 break;
800 default:
801 DBG1("parsing key type %d failed", key_alg);
802 return FALSE;
803 }
804 break;
805 case X509_OBJ_EXTN_ID:
806 extn_oid = known_oid(object);
807 break;
808 case X509_OBJ_CRITICAL:
809 critical = object.len && *object.ptr;
810 DBG2(" %s", critical ? "TRUE" : "FALSE");
811 break;
812 case X509_OBJ_EXTN_VALUE:
813 {
814 switch (extn_oid)
815 {
816 case OID_SUBJECT_KEY_ID:
817 this->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
818 break;
819 case OID_SUBJECT_ALT_NAME:
820 x509_parse_generalNames(object, level, FALSE, this->subjectAltNames);
821 break;
822 case OID_BASIC_CONSTRAINTS:
823 if (parse_basicConstraints(object, level))
824 {
825 this->flags |= X509_CA;
826 }
827 break;
828 case OID_CRL_DISTRIBUTION_POINTS:
829 parse_crlDistributionPoints(object, level, this);
830 break;
831 case OID_AUTHORITY_KEY_ID:
832 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
833 level, &this->authKeySerialNumber);
834 break;
835 case OID_AUTHORITY_INFO_ACCESS:
836 parse_authorityInfoAccess(object, level, this);
837 break;
838 case OID_EXTENDED_KEY_USAGE:
839 if (parse_extendedKeyUsage(object, level))
840 {
841 this->flags |= X509_OCSP_SIGNER;
842 }
843 break;
844 case OID_NS_REVOCATION_URL:
845 case OID_NS_CA_REVOCATION_URL:
846 case OID_NS_CA_POLICY_URL:
847 case OID_NS_COMMENT:
848 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING,
849 level, oid_names[extn_oid].name))
850 return FALSE;
851 break;
852 default:
853 break;
854 }
855 break;
856 }
857 case X509_OBJ_ALGORITHM:
858 this->algorithm = parse_algorithmIdentifier(object, level, NULL);
859 if (this->algorithm != sig_alg)
860 {
861 DBG1(" signature algorithms do not agree");
862 return FALSE;
863 }
864 break;
865 case X509_OBJ_SIGNATURE:
866 this->signature = object;
867 break;
868 default:
869 break;
870 }
871 objectID++;
872 }
873 return TRUE;
874 }
875
876 /**
877 * Implementation of certificate_t.get_type
878 */
879 static certificate_type_t get_type(private_x509_cert_t *this)
880 {
881 return CERT_X509;
882 }
883
884 /**
885 * Implementation of certificate_t.get_subject
886 */
887 static identification_t* get_subject(private_x509_cert_t *this)
888 {
889 return this->subject;
890 }
891
892 /**
893 * Implementation of certificate_t.get_issuer
894 */
895 static identification_t* get_issuer(private_x509_cert_t *this)
896 {
897 return this->issuer;
898 }
899
900 /**
901 * Implementation of certificate_t.has_subject.
902 */
903 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
904 {
905 identification_t *current;
906 enumerator_t *enumerator;
907 id_match_t match, best;
908
909 best = this->subject->matches(this->subject, subject);
910 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
911 while (enumerator->enumerate(enumerator, &current))
912 {
913 match = current->matches(current, subject);
914 if (match > best)
915 {
916 best = match;
917 }
918 }
919 enumerator->destroy(enumerator);
920 return best;
921 }
922
923 /**
924 * Implementation of certificate_t.has_subject.
925 */
926 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
927 {
928 /* issuerAltNames currently not supported */
929 return this->issuer->matches(this->issuer, issuer);
930 }
931
932 /**
933 * Implementation of certificate_t.issued_by
934 */
935 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
936 {
937 public_key_t *key;
938 signature_scheme_t scheme;
939 bool valid;
940 x509_t *x509 = (x509_t*)issuer;
941
942 if (&this->public.interface.interface == issuer)
943 {
944 if (this->flags & X509_SELF_SIGNED)
945 {
946 return TRUE;
947 }
948 }
949 else
950 {
951 if (issuer->get_type(issuer) != CERT_X509)
952 {
953 return FALSE;
954 }
955 if (!(x509->get_flags(x509) & X509_CA))
956 {
957 return FALSE;
958 }
959 }
960 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
961 {
962 return FALSE;
963 }
964 /* TODO: generic OID to scheme mapper? */
965 switch (this->algorithm)
966 {
967 case OID_MD5_WITH_RSA:
968 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
969 break;
970 case OID_SHA1_WITH_RSA:
971 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
972 break;
973 case OID_SHA256_WITH_RSA:
974 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
975 break;
976 case OID_SHA384_WITH_RSA:
977 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
978 break;
979 case OID_SHA512_WITH_RSA:
980 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
981 break;
982 default:
983 return FALSE;
984 }
985 key = issuer->get_public_key(issuer);
986 if (key == NULL)
987 {
988 return FALSE;
989 }
990 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
991 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
992 key->destroy(key);
993 return valid;
994 }
995
996 /**
997 * Implementation of certificate_t.get_public_key
998 */
999 static public_key_t* get_public_key(private_x509_cert_t *this)
1000 {
1001 this->public_key->get_ref(this->public_key);
1002 return this->public_key;
1003 }
1004
1005 /**
1006 * Implementation of certificate_t.asdf
1007 */
1008 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1009 {
1010 ref_get(&this->ref);
1011 return this;
1012 }
1013
1014 /**
1015 * Implementation of x509_cert_t.get_flags.
1016 */
1017 static x509_flag_t get_flags(private_x509_cert_t *this)
1018 {
1019 return this->flags;
1020 }
1021
1022 /**
1023 * Implementation of x509_cert_t.get_validity.
1024 */
1025 static bool get_validity(private_x509_cert_t *this, time_t *when,
1026 time_t *not_before, time_t *not_after)
1027 {
1028 time_t t;
1029
1030 if (when)
1031 {
1032 t = *when;
1033 }
1034 else
1035 {
1036 t = time(NULL);
1037 }
1038 if (not_before)
1039 {
1040 *not_before = this->notBefore;
1041 }
1042 if (not_after)
1043 {
1044 *not_after = this->notAfter;
1045 }
1046 return (t >= this->notBefore && t <= this->notAfter);
1047 }
1048
1049 /**
1050 * Implementation of certificate_t.is_newer.
1051 */
1052 static bool is_newer(certificate_t *this, certificate_t *that)
1053 {
1054 time_t this_update, that_update, now = time(NULL);
1055 bool new;
1056
1057 this->get_validity(this, &now, &this_update, NULL);
1058 that->get_validity(that, &now, &that_update, NULL);
1059 new = this_update > that_update;
1060 DBG1(" certificate from %#T is %s - existing certificate from %#T %s",
1061 &this_update, FALSE, new ? "newer":"not newer",
1062 &that_update, FALSE, new ? "replaced":"retained");
1063 return new;
1064 }
1065
1066 /**
1067 * Implementation of certificate_t.get_encoding.
1068 */
1069 static chunk_t get_encoding(private_x509_cert_t *this)
1070 {
1071 return chunk_clone(this->encoding);
1072 }
1073
1074 /**
1075 * Implementation of certificate_t.equals.
1076 */
1077 static bool equals(private_x509_cert_t *this, certificate_t *other)
1078 {
1079 if (this == (private_x509_cert_t*)other)
1080 {
1081 return TRUE;
1082 }
1083 if (other->get_type(other) != CERT_X509)
1084 {
1085 return FALSE;
1086 }
1087 /* check if we have the same X509 implementation */
1088 if (other->equals == (void*)equals)
1089 {
1090 if (this->signature.len == 0)
1091 {
1092 return FALSE;
1093 }
1094 return chunk_equals(this->signature, ((private_x509_cert_t*)other)->signature);
1095 }
1096 /* TODO: compare against other implementation */
1097 return FALSE;
1098 }
1099
1100 /**
1101 * Implementation of x509_t.get_serial.
1102 */
1103 static chunk_t get_serial(private_x509_cert_t *this)
1104 {
1105 return this->serialNumber;
1106 }
1107
1108 /**
1109 * Implementation of x509_t.get_authKeyIdentifier.
1110 */
1111 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1112 {
1113 return this->authKeyIdentifier;
1114 }
1115
1116 /**
1117 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1118 */
1119 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1120 {
1121 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1122 }
1123
1124 /**
1125 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1126 */
1127 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1128 {
1129 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1130 }
1131
1132 /**
1133 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1134 */
1135 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1136 {
1137 return this->crl_uris->create_enumerator(this->crl_uris);
1138 }
1139
1140 /**
1141 * Implementation of certificate_t.asdf
1142 */
1143 static void destroy(private_x509_cert_t *this)
1144 {
1145 if (ref_put(&this->ref))
1146 {
1147 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1148 offsetof(identification_t, destroy));
1149 this->crl_uris->destroy_function(this->crl_uris, free);
1150 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1151 DESTROY_IF(this->issuer);
1152 DESTROY_IF(this->subject);
1153 DESTROY_IF(this->public_key);
1154 DESTROY_IF(this->authKeyIdentifier);
1155 chunk_free(&this->encoding);
1156 free(this);
1157 }
1158 }
1159
1160 /**
1161 * create an empty but initialized X.509 certificate
1162 */
1163 static private_x509_cert_t* create_empty(void)
1164 {
1165 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1166
1167 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1168 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1169 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1170 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1171 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1172 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
1173 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1174 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1175 this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
1176 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1177 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1178 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1179 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1180 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1181 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1182 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1183 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1184 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1185 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1186
1187 this->encoding = chunk_empty;
1188 this->public_key = NULL;
1189 this->subject = NULL;
1190 this->issuer = NULL;
1191 this->subjectAltNames = linked_list_create();
1192 this->crl_uris = linked_list_create();
1193 this->ocsp_uris = linked_list_create();
1194 this->subjectKeyID = chunk_empty;
1195 this->authKeyIdentifier = NULL;
1196 this->authKeySerialNumber = chunk_empty;
1197 this->flags = 0;
1198 this->ref = 1;
1199
1200 return this;
1201 }
1202
1203 /**
1204 * create an X.509 certificate from a chunk
1205 */
1206 static private_x509_cert_t *create_from_chunk(chunk_t chunk)
1207 {
1208 private_x509_cert_t *this = create_empty();
1209
1210 this->encoding = chunk;
1211 if (!parse_certificate(this))
1212 {
1213 destroy(this);
1214 return NULL;
1215 }
1216
1217 /* check if the certificate is self-signed */
1218 if (issued_by(this, &this->public.interface.interface))
1219 {
1220 this->flags |= X509_SELF_SIGNED;
1221 }
1222 return this;
1223 }
1224
1225 /**
1226 * create an X.509 certificate from a file
1227 */
1228 static private_x509_cert_t *create_from_file(char *path)
1229 {
1230 bool pgp = FALSE;
1231 chunk_t chunk;
1232 private_x509_cert_t *this;
1233
1234 if (!pem_asn1_load_file(path, NULL, &chunk, &pgp))
1235 {
1236 return NULL;
1237 }
1238
1239 this = create_from_chunk(chunk);
1240
1241 if (this == NULL)
1242 {
1243 DBG1(" could not parse loaded certificate file '%s'",path);
1244 return NULL;
1245 }
1246 DBG1(" loaded certificate file '%s'", path);
1247 return this;
1248
1249 }
1250
1251 typedef struct private_builder_t private_builder_t;
1252 /**
1253 * Builder implementation for certificate loading
1254 */
1255 struct private_builder_t {
1256 /** implements the builder interface */
1257 builder_t public;
1258 /** loaded certificate */
1259 private_x509_cert_t *cert;
1260 /** additional flags to enforce */
1261 x509_flag_t flags;
1262 };
1263
1264 /**
1265 * Implementation of builder_t.build
1266 */
1267 static private_x509_cert_t *build(private_builder_t *this)
1268 {
1269 private_x509_cert_t *cert = this->cert;
1270 x509_flag_t flags = this->flags;
1271
1272 free(this);
1273 if (cert == NULL)
1274 {
1275 return NULL;
1276 }
1277 if ((flags & X509_CA) && !(cert->flags & X509_CA))
1278 {
1279 DBG1(" ca certificate must have ca basic constraint set, discarded");
1280 destroy(cert);
1281 return NULL;
1282 }
1283 cert->flags |= flags;
1284 return cert;
1285 }
1286
1287 /**
1288 * Implementation of builder_t.add
1289 */
1290 static void add(private_builder_t *this, builder_part_t part, ...)
1291 {
1292 va_list args;
1293
1294 va_start(args, part);
1295 switch (part)
1296 {
1297 case BUILD_FROM_FILE:
1298 this->cert = create_from_file(va_arg(args, char*));
1299 break;
1300 case BUILD_BLOB_ASN1_DER:
1301 this->cert = create_from_chunk(va_arg(args, chunk_t));
1302 break;
1303 case BUILD_X509_FLAG:
1304 this->flags = va_arg(args, x509_flag_t);
1305 break;
1306 default:
1307 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1308 break;
1309 }
1310 va_end(args);
1311 }
1312
1313 /**
1314 * Builder construction function
1315 */
1316 builder_t *x509_cert_builder(certificate_type_t type)
1317 {
1318 private_builder_t *this;
1319
1320 if (type != CERT_X509)
1321 {
1322 return NULL;
1323 }
1324
1325 this = malloc_thing(private_builder_t);
1326
1327 this->cert = NULL;
1328 this->flags = 0;
1329 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1330 this->public.build = (void*(*)(builder_t *this))build;
1331
1332 return &this->public;
1333 }
1334