compare certificates against full encoding to allow equality check of untrusted certs
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Hochschule fuer Technik Rapperswil
8 *
9 * This program is free software; you can redistribute it and/or modify it
10 * under the terms of the GNU General Public License as published by the
11 * Free Software Foundation; either version 2 of the License, or (at your
12 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
13 *
14 * This program is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
16 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
17 * for more details.
18 *
19 * $Id$
20 */
21
22 #define _GNU_SOURCE
23
24 #include "x509_cert.h"
25
26 #include <sys/stat.h>
27 #include <unistd.h>
28 #include <string.h>
29 #include <stdio.h>
30
31 #include <crypto/hashers/hasher.h>
32 #include <library.h>
33 #include <debug.h>
34 #include <asn1/oid.h>
35 #include <asn1/asn1.h>
36 #include <asn1/pem.h>
37 #include <utils/linked_list.h>
38 #include <utils/identification.h>
39
40 /**
41 * Different kinds of generalNames
42 */
43 typedef enum {
44 GN_OTHER_NAME = 0,
45 GN_RFC822_NAME = 1,
46 GN_DNS_NAME = 2,
47 GN_X400_ADDRESS = 3,
48 GN_DIRECTORY_NAME = 4,
49 GN_EDI_PARTY_NAME = 5,
50 GN_URI = 6,
51 GN_IP_ADDRESS = 7,
52 GN_REGISTERED_ID = 8,
53 } generalNames_t;
54
55
56 typedef struct private_x509_cert_t private_x509_cert_t;
57
58 /**
59 * Private data of a x509_cert_t object.
60 */
61 struct private_x509_cert_t {
62 /**
63 * Public interface for this certificate.
64 */
65 x509_cert_t public;
66
67 /**
68 * X.509 certificate encoding in ASN.1 DER format
69 */
70 chunk_t encoding;
71
72 /**
73 * X.509 certificate body over which signature is computed
74 */
75 chunk_t tbsCertificate;
76
77 /**
78 * Version of the X.509 certificate
79 */
80 u_int version;
81
82 /**
83 * Serial number of the X.509 certificate
84 */
85 chunk_t serialNumber;
86
87 /**
88 * ID representing the certificate issuer
89 */
90 identification_t *issuer;
91
92 /**
93 * Start time of certificate validity
94 */
95 time_t notBefore;
96
97 /**
98 * End time of certificate validity
99 */
100 time_t notAfter;
101
102 /**
103 * ID representing the certificate subject
104 */
105 identification_t *subject;
106
107 /**
108 * List of subjectAltNames as identification_t
109 */
110 linked_list_t *subjectAltNames;
111
112 /**
113 * List of crlDistributionPoints as allocated char*
114 */
115 linked_list_t *crl_uris;
116
117 /**
118 * List ocspAccessLocations as identification_t
119 */
120 linked_list_t *ocsp_uris;
121
122 /**
123 * certificates embedded public key
124 */
125 public_key_t *public_key;
126
127 /**
128 * Subject Key Identifier
129 */
130 chunk_t subjectKeyID;
131
132 /**
133 * Authority Key Identifier
134 */
135 identification_t *authKeyIdentifier;
136
137 /**
138 * Authority Key Serial Number
139 */
140 chunk_t authKeySerialNumber;
141
142 /**
143 * x509 constraints and other flags
144 */
145 x509_flag_t flags;
146
147 /**
148 * Signature algorithm
149 */
150 int algorithm;
151
152 /**
153 * Signature
154 */
155 chunk_t signature;
156
157 /**
158 * reference count
159 */
160 refcount_t ref;
161 };
162
163 /**
164 * ASN.1 definition of generalName
165 */
166 static const asn1Object_t generalNameObjects[] = {
167 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
168 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
169 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
170 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
171 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
172 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
173 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
174 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
175 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
176 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
177 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
178 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
179 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
180 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
181 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
182 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
183 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
184 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
185 };
186
187 #define GN_OBJ_OTHER_NAME 0
188 #define GN_OBJ_RFC822_NAME 2
189 #define GN_OBJ_DNS_NAME 4
190 #define GN_OBJ_X400_ADDRESS 6
191 #define GN_OBJ_DIRECTORY_NAME 8
192 #define GN_OBJ_EDI_PARTY_NAME 10
193 #define GN_OBJ_URI 12
194 #define GN_OBJ_IP_ADDRESS 14
195 #define GN_OBJ_REGISTERED_ID 16
196 #define GN_OBJ_ROOF 18
197
198 /**
199 * ASN.1 definition of otherName
200 */
201 static const asn1Object_t otherNameObjects[] = {
202 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
203 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
204 };
205
206 #define ON_OBJ_ID_TYPE 0
207 #define ON_OBJ_VALUE 1
208 #define ON_OBJ_ROOF 2
209
210 /**
211 * ASN.1 definition of a basicConstraints extension
212 */
213 static const asn1Object_t basicConstraintsObjects[] = {
214 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
215 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
216 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
217 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
218 };
219
220 #define BASIC_CONSTRAINTS_CA 1
221 #define BASIC_CONSTRAINTS_ROOF 4
222
223 /**
224 * ASN.1 definition of a keyIdentifier
225 */
226 static const asn1Object_t keyIdentifierObjects[] = {
227 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
228 };
229
230 /**
231 * ASN.1 definition of a authorityKeyIdentifier extension
232 */
233 static const asn1Object_t authorityKeyIdentifierObjects[] = {
234 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
235 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
236 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
237 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
238 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
239 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
240 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
241 };
242
243 #define AUTH_KEY_ID_KEY_ID 1
244 #define AUTH_KEY_ID_CERT_ISSUER 3
245 #define AUTH_KEY_ID_CERT_SERIAL 5
246 #define AUTH_KEY_ID_ROOF 7
247
248 /**
249 * ASN.1 definition of a authorityInfoAccess extension
250 */
251 static const asn1Object_t authorityInfoAccessObjects[] = {
252 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
253 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
254 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
255 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
256 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
257 };
258
259 #define AUTH_INFO_ACCESS_METHOD 2
260 #define AUTH_INFO_ACCESS_LOCATION 3
261 #define AUTH_INFO_ACCESS_ROOF 5
262
263 /**
264 * ASN.1 definition of a extendedKeyUsage extension
265 */
266 static const asn1Object_t extendedKeyUsageObjects[] = {
267 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
268 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
269 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
270 };
271
272 #define EXT_KEY_USAGE_PURPOSE_ID 1
273 #define EXT_KEY_USAGE_ROOF 3
274
275 /**
276 * ASN.1 definition of generalNames
277 */
278 static const asn1Object_t generalNamesObjects[] = {
279 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
280 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
281 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
282 };
283
284 #define GENERAL_NAMES_GN 1
285 #define GENERAL_NAMES_ROOF 3
286
287
288 /**
289 * ASN.1 definition of crlDistributionPoints
290 */
291 static const asn1Object_t crlDistributionPointsObjects[] = {
292 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
293 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
294 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
295 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
296 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
297 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
298 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
299 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
300 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
301 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
302 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
303 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
304 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
305 };
306
307 #define CRL_DIST_POINTS_FULLNAME 3
308 #define CRL_DIST_POINTS_ROOF 13
309
310 /**
311 * ASN.1 definition of an X.509v3 x509_cert
312 */
313 static const asn1Object_t certObjects[] = {
314 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
315 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
316 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
317 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
318 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
319 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
320 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
321 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
322 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
323 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
324 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
325 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
326 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
327 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
328 { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
329 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
330 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
331 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
332 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
333 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
334 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
335 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
336 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
337 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
338 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
339 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
340 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
341 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
342 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
343 };
344
345 #define X509_OBJ_TBS_CERTIFICATE 1
346 #define X509_OBJ_VERSION 3
347 #define X509_OBJ_SERIAL_NUMBER 4
348 #define X509_OBJ_SIG_ALG 5
349 #define X509_OBJ_ISSUER 6
350 #define X509_OBJ_NOT_BEFORE 8
351 #define X509_OBJ_NOT_AFTER 9
352 #define X509_OBJ_SUBJECT 10
353 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
354 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
355 #define X509_OBJ_RSA_PUBLIC_KEY 14
356 #define X509_OBJ_EXTN_ID 22
357 #define X509_OBJ_CRITICAL 23
358 #define X509_OBJ_EXTN_VALUE 24
359 #define X509_OBJ_ALGORITHM 27
360 #define X509_OBJ_SIGNATURE 28
361 #define X509_OBJ_ROOF 29
362
363
364 static u_char ASN1_sAN_oid_buf[] = {
365 0x06, 0x03, 0x55, 0x1D, 0x11
366 };
367 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
368
369 /**
370 * extracts the basicConstraints extension
371 */
372 static bool parse_basicConstraints(chunk_t blob, int level0)
373 {
374 asn1_ctx_t ctx;
375 chunk_t object;
376 u_int level;
377 int objectID = 0;
378 bool isCA = FALSE;
379
380 asn1_init(&ctx, blob, level0, FALSE, FALSE);
381 while (objectID < BASIC_CONSTRAINTS_ROOF) {
382
383 if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
384 {
385 break;
386 }
387 if (objectID == BASIC_CONSTRAINTS_CA)
388 {
389 isCA = object.len && *object.ptr;
390 DBG2(" %s", isCA ? "TRUE" : "FALSE");
391 }
392 objectID++;
393 }
394 return isCA;
395 }
396
397 /*
398 * extracts an otherName
399 */
400 static bool parse_otherName(chunk_t blob, int level0)
401 {
402 asn1_ctx_t ctx;
403 chunk_t object;
404 u_int level;
405 int objectID = 0;
406 int oid = OID_UNKNOWN;
407
408 asn1_init(&ctx, blob, level0, FALSE, FALSE);
409 while (objectID < ON_OBJ_ROOF)
410 {
411 if (!extract_object(otherNameObjects, &objectID, &object, &level, &ctx))
412 {
413 return FALSE;
414 }
415 switch (objectID)
416 {
417 case ON_OBJ_ID_TYPE:
418 oid = known_oid(object);
419 break;
420 case ON_OBJ_VALUE:
421 if (oid == OID_XMPP_ADDR)
422 {
423 if (!parse_asn1_simple_object(&object, ASN1_UTF8STRING,
424 level + 1, "xmppAddr"))
425 {
426 return FALSE;
427 }
428 }
429 break;
430 default:
431 break;
432 }
433 objectID++;
434 }
435 return TRUE;
436 }
437
438 /*
439 * extracts a generalName
440 */
441 static identification_t *parse_generalName(chunk_t blob, int level0)
442 {
443 asn1_ctx_t ctx;
444 chunk_t object;
445 int objectID = 0;
446 u_int level;
447
448 asn1_init(&ctx, blob, level0, FALSE, FALSE);
449 while (objectID < GN_OBJ_ROOF)
450 {
451 id_type_t id_type = ID_ANY;
452
453 if (!extract_object(generalNameObjects, &objectID, &object, &level, &ctx))
454 {
455 return NULL;
456 }
457 switch (objectID)
458 {
459 case GN_OBJ_RFC822_NAME:
460 id_type = ID_RFC822_ADDR;
461 break;
462 case GN_OBJ_DNS_NAME:
463 id_type = ID_FQDN;
464 break;
465 case GN_OBJ_URI:
466 id_type = ID_DER_ASN1_GN_URI;
467 break;
468 case GN_OBJ_DIRECTORY_NAME:
469 id_type = ID_DER_ASN1_DN;
470 break;
471 case GN_OBJ_IP_ADDRESS:
472 id_type = ID_IPV4_ADDR;
473 break;
474 case GN_OBJ_OTHER_NAME:
475 if (!parse_otherName(object, level + 1))
476 return NULL;
477 break;
478 case GN_OBJ_X400_ADDRESS:
479 case GN_OBJ_EDI_PARTY_NAME:
480 case GN_OBJ_REGISTERED_ID:
481 break;
482 default:
483 break;
484 }
485 if (id_type != ID_ANY)
486 {
487 identification_t *gn = identification_create_from_encoding(id_type, object);
488 DBG2(" '%D'", gn);
489 return gn;
490 }
491 objectID++;
492 }
493 return NULL;
494 }
495
496
497 /**
498 * extracts one or several GNs and puts them into a chained list
499 */
500 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
501 {
502 asn1_ctx_t ctx;
503 chunk_t object;
504 u_int level;
505 int objectID = 0;
506
507 asn1_init(&ctx, blob, level0, implicit, FALSE);
508 while (objectID < GENERAL_NAMES_ROOF)
509 {
510 if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
511 {
512 return;
513 }
514 if (objectID == GENERAL_NAMES_GN)
515 {
516 identification_t *gn = parse_generalName(object, level+1);
517
518 if (gn != NULL)
519 {
520 list->insert_last(list, (void *)gn);
521 }
522 }
523 objectID++;
524 }
525 return;
526 }
527
528 /**
529 * extracts a keyIdentifier
530 */
531 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
532 {
533 asn1_ctx_t ctx;
534 chunk_t object;
535 u_int level;
536 int objectID = 0;
537
538 asn1_init(&ctx, blob, level0, implicit, FALSE);
539 if (!extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx))
540 {
541 return chunk_empty;
542 }
543 return object;
544 }
545
546 /**
547 * extracts an authoritykeyIdentifier
548 */
549 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
550 chunk_t *authKeySerialNumber)
551 {
552 asn1_ctx_t ctx;
553 chunk_t object;
554 u_int level;
555 int objectID = 0;
556 identification_t *authKeyIdentifier = NULL;
557
558 *authKeySerialNumber = chunk_empty;
559
560 asn1_init(&ctx, blob, level0, FALSE, FALSE);
561 while (objectID < AUTH_KEY_ID_ROOF)
562 {
563 if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
564 {
565 return NULL;
566 }
567 switch (objectID)
568 {
569 case AUTH_KEY_ID_KEY_ID:
570 {
571 chunk_t authKeyID = parse_keyIdentifier(object, level+1, TRUE);
572
573 if (authKeyID.ptr == NULL)
574 {
575 return NULL;
576 }
577 authKeyIdentifier = identification_create_from_encoding(
578 ID_PUBKEY_SHA1, authKeyID);
579 break;
580 }
581 case AUTH_KEY_ID_CERT_ISSUER:
582 {
583 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
584 break;
585 }
586 case AUTH_KEY_ID_CERT_SERIAL:
587 *authKeySerialNumber = object;
588 break;
589 default:
590 break;
591 }
592 objectID++;
593 }
594 return authKeyIdentifier;
595 }
596
597 /**
598 * extracts an authorityInfoAcess location
599 */
600 static void parse_authorityInfoAccess(chunk_t blob, int level0,
601 private_x509_cert_t *this)
602 {
603 asn1_ctx_t ctx;
604 chunk_t object;
605 u_int level;
606 int objectID = 0;
607 int accessMethod = OID_UNKNOWN;
608
609 asn1_init(&ctx, blob, level0, FALSE, FALSE);
610 while (objectID < AUTH_INFO_ACCESS_ROOF)
611 {
612 if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
613 {
614 return;
615 }
616 switch (objectID)
617 {
618 case AUTH_INFO_ACCESS_METHOD:
619 accessMethod = known_oid(object);
620 break;
621 case AUTH_INFO_ACCESS_LOCATION:
622 {
623 switch (accessMethod)
624 {
625 case OID_OCSP:
626 case OID_CA_ISSUERS:
627 {
628 identification_t *id;
629 char *uri;
630
631 id = parse_generalName(object, level+1);
632 if (id == NULL)
633 { /* parsing went wrong - abort */
634 return;
635 }
636 DBG2(" '%D'", id);
637 if (accessMethod == OID_OCSP &&
638 asprintf(&uri, "%D", id) > 0)
639 {
640 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
641 }
642 id->destroy(id);
643 }
644 break;
645 default:
646 /* unkown accessMethod, ignoring */
647 break;
648 }
649 break;
650 }
651 default:
652 break;
653 }
654 objectID++;
655 }
656 }
657
658 /**
659 * extracts extendedKeyUsage OIDs
660 */
661 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
662 {
663 asn1_ctx_t ctx;
664 chunk_t object;
665 u_int level;
666 int objectID = 0;
667
668 asn1_init(&ctx, blob, level0, FALSE, FALSE);
669 while (objectID < EXT_KEY_USAGE_ROOF)
670 {
671 if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
672 {
673 return FALSE;
674 }
675 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
676 known_oid(object) == OID_OCSP_SIGNING)
677 {
678 return TRUE;
679 }
680 objectID++;
681 }
682 return FALSE;
683 }
684
685 /**
686 * extracts one or several crlDistributionPoints into a list
687 */
688 static void parse_crlDistributionPoints(chunk_t blob, int level0,
689 private_x509_cert_t *this)
690 {
691 asn1_ctx_t ctx;
692 chunk_t object;
693 u_int level;
694 int objectID = 0;
695 linked_list_t *list;
696 identification_t *id;
697 char *uri;
698
699 list = linked_list_create();
700 asn1_init(&ctx, blob, level0, FALSE, FALSE);
701 while (objectID < CRL_DIST_POINTS_ROOF)
702 {
703 if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
704 {
705 list->destroy_offset(list, offsetof(identification_t, destroy));
706 return;
707 }
708 if (objectID == CRL_DIST_POINTS_FULLNAME)
709 { /* append extracted generalNames to existing chained list */
710 x509_parse_generalNames(object, level+1, TRUE, list);
711
712 while (list->remove_last(list, (void**)&id) == SUCCESS)
713 {
714 if (asprintf(&uri, "%D", id) > 0)
715 {
716 this->crl_uris->insert_last(this->crl_uris, uri);
717 }
718 id->destroy(id);
719 }
720 }
721 objectID++;
722 }
723 list->destroy(list);
724 }
725
726 /**
727 * Parses an X.509v3 certificate
728 */
729 static bool parse_certificate(private_x509_cert_t *this)
730 {
731 asn1_ctx_t ctx;
732 bool critical;
733 chunk_t object;
734 u_int level;
735 int objectID = 0;
736 int extn_oid = OID_UNKNOWN;
737 int key_alg = OID_UNKNOWN;
738 int sig_alg = OID_UNKNOWN;
739 chunk_t subjectPublicKey = chunk_empty;
740
741 asn1_init(&ctx, this->encoding, 0, FALSE, FALSE);
742 while (objectID < X509_OBJ_ROOF)
743 {
744 if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
745 {
746 return FALSE;
747 }
748 /* those objects which will parsed further need the next higher level */
749 level++;
750 switch (objectID)
751 {
752 case X509_OBJ_TBS_CERTIFICATE:
753 this->tbsCertificate = object;
754 break;
755 case X509_OBJ_VERSION:
756 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
757 DBG2(" v%d", this->version);
758 break;
759 case X509_OBJ_SERIAL_NUMBER:
760 this->serialNumber = object;
761 break;
762 case X509_OBJ_SIG_ALG:
763 sig_alg = parse_algorithmIdentifier(object, level, NULL);
764 break;
765 case X509_OBJ_ISSUER:
766 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
767 DBG2(" '%D'", this->issuer);
768 break;
769 case X509_OBJ_NOT_BEFORE:
770 this->notBefore = parse_time(object, level);
771 break;
772 case X509_OBJ_NOT_AFTER:
773 this->notAfter = parse_time(object, level);
774 break;
775 case X509_OBJ_SUBJECT:
776 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
777 DBG2(" '%D'", this->subject);
778 break;
779 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
780 key_alg = parse_algorithmIdentifier(object, level, NULL);
781 break;
782 case X509_OBJ_SUBJECT_PUBLIC_KEY:
783 if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
784 {
785 /* skip initial bit string octet defining 0 unused bits */
786 ctx.blobs[4].ptr++; ctx.blobs[4].len--;
787 }
788 break;
789 case X509_OBJ_RSA_PUBLIC_KEY:
790 subjectPublicKey = object;
791 switch (key_alg)
792 {
793 case OID_RSA_ENCRYPTION:
794 this->public_key = lib->creds->create(lib->creds,
795 CRED_PUBLIC_KEY, KEY_RSA,
796 BUILD_BLOB_ASN1_DER, chunk_clone(subjectPublicKey),
797 BUILD_END);
798 break;
799 default:
800 DBG1("parsing key type %d failed", key_alg);
801 return FALSE;
802 }
803 break;
804 case X509_OBJ_EXTN_ID:
805 extn_oid = known_oid(object);
806 break;
807 case X509_OBJ_CRITICAL:
808 critical = object.len && *object.ptr;
809 DBG2(" %s", critical ? "TRUE" : "FALSE");
810 break;
811 case X509_OBJ_EXTN_VALUE:
812 {
813 switch (extn_oid)
814 {
815 case OID_SUBJECT_KEY_ID:
816 this->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
817 break;
818 case OID_SUBJECT_ALT_NAME:
819 x509_parse_generalNames(object, level, FALSE, this->subjectAltNames);
820 break;
821 case OID_BASIC_CONSTRAINTS:
822 if (parse_basicConstraints(object, level))
823 {
824 this->flags |= X509_CA;
825 }
826 break;
827 case OID_CRL_DISTRIBUTION_POINTS:
828 parse_crlDistributionPoints(object, level, this);
829 break;
830 case OID_AUTHORITY_KEY_ID:
831 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
832 level, &this->authKeySerialNumber);
833 break;
834 case OID_AUTHORITY_INFO_ACCESS:
835 parse_authorityInfoAccess(object, level, this);
836 break;
837 case OID_EXTENDED_KEY_USAGE:
838 if (parse_extendedKeyUsage(object, level))
839 {
840 this->flags |= X509_OCSP_SIGNER;
841 }
842 break;
843 case OID_NS_REVOCATION_URL:
844 case OID_NS_CA_REVOCATION_URL:
845 case OID_NS_CA_POLICY_URL:
846 case OID_NS_COMMENT:
847 if (!parse_asn1_simple_object(&object, ASN1_IA5STRING,
848 level, oid_names[extn_oid].name))
849 return FALSE;
850 break;
851 default:
852 break;
853 }
854 break;
855 }
856 case X509_OBJ_ALGORITHM:
857 this->algorithm = parse_algorithmIdentifier(object, level, NULL);
858 if (this->algorithm != sig_alg)
859 {
860 DBG1(" signature algorithms do not agree");
861 return FALSE;
862 }
863 break;
864 case X509_OBJ_SIGNATURE:
865 this->signature = object;
866 break;
867 default:
868 break;
869 }
870 objectID++;
871 }
872 return TRUE;
873 }
874
875 /**
876 * Implementation of certificate_t.get_type
877 */
878 static certificate_type_t get_type(private_x509_cert_t *this)
879 {
880 return CERT_X509;
881 }
882
883 /**
884 * Implementation of certificate_t.get_subject
885 */
886 static identification_t* get_subject(private_x509_cert_t *this)
887 {
888 return this->subject;
889 }
890
891 /**
892 * Implementation of certificate_t.get_issuer
893 */
894 static identification_t* get_issuer(private_x509_cert_t *this)
895 {
896 return this->issuer;
897 }
898
899 /**
900 * Implementation of certificate_t.has_subject.
901 */
902 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
903 {
904 identification_t *current;
905 enumerator_t *enumerator;
906 id_match_t match, best;
907
908 best = this->subject->matches(this->subject, subject);
909 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
910 while (enumerator->enumerate(enumerator, &current))
911 {
912 match = current->matches(current, subject);
913 if (match > best)
914 {
915 best = match;
916 }
917 }
918 enumerator->destroy(enumerator);
919 return best;
920 }
921
922 /**
923 * Implementation of certificate_t.has_subject.
924 */
925 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
926 {
927 /* issuerAltNames currently not supported */
928 return this->issuer->matches(this->issuer, issuer);
929 }
930
931 /**
932 * Implementation of certificate_t.issued_by
933 */
934 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
935 {
936 public_key_t *key;
937 signature_scheme_t scheme;
938 bool valid;
939 x509_t *x509 = (x509_t*)issuer;
940
941 if (&this->public.interface.interface == issuer)
942 {
943 if (this->flags & X509_SELF_SIGNED)
944 {
945 return TRUE;
946 }
947 }
948 else
949 {
950 if (issuer->get_type(issuer) != CERT_X509)
951 {
952 return FALSE;
953 }
954 if (!(x509->get_flags(x509) & X509_CA))
955 {
956 return FALSE;
957 }
958 }
959 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
960 {
961 return FALSE;
962 }
963 /* TODO: generic OID to scheme mapper? */
964 switch (this->algorithm)
965 {
966 case OID_MD5_WITH_RSA:
967 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
968 break;
969 case OID_SHA1_WITH_RSA:
970 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
971 break;
972 case OID_SHA256_WITH_RSA:
973 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
974 break;
975 case OID_SHA384_WITH_RSA:
976 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
977 break;
978 case OID_SHA512_WITH_RSA:
979 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
980 break;
981 default:
982 return FALSE;
983 }
984 key = issuer->get_public_key(issuer);
985 if (key == NULL)
986 {
987 return FALSE;
988 }
989 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
990 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
991 key->destroy(key);
992 return valid;
993 }
994
995 /**
996 * Implementation of certificate_t.get_public_key
997 */
998 static public_key_t* get_public_key(private_x509_cert_t *this)
999 {
1000 this->public_key->get_ref(this->public_key);
1001 return this->public_key;
1002 }
1003
1004 /**
1005 * Implementation of certificate_t.asdf
1006 */
1007 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1008 {
1009 ref_get(&this->ref);
1010 return this;
1011 }
1012
1013 /**
1014 * Implementation of x509_cert_t.get_flags.
1015 */
1016 static x509_flag_t get_flags(private_x509_cert_t *this)
1017 {
1018 return this->flags;
1019 }
1020
1021 /**
1022 * Implementation of x509_cert_t.get_validity.
1023 */
1024 static bool get_validity(private_x509_cert_t *this, time_t *when,
1025 time_t *not_before, time_t *not_after)
1026 {
1027 time_t t;
1028
1029 if (when)
1030 {
1031 t = *when;
1032 }
1033 else
1034 {
1035 t = time(NULL);
1036 }
1037 if (not_before)
1038 {
1039 *not_before = this->notBefore;
1040 }
1041 if (not_after)
1042 {
1043 *not_after = this->notAfter;
1044 }
1045 return (t >= this->notBefore && t <= this->notAfter);
1046 }
1047
1048 /**
1049 * Implementation of certificate_t.is_newer.
1050 */
1051 static bool is_newer(certificate_t *this, certificate_t *that)
1052 {
1053 time_t this_update, that_update, now = time(NULL);
1054 bool new;
1055
1056 this->get_validity(this, &now, &this_update, NULL);
1057 that->get_validity(that, &now, &that_update, NULL);
1058 new = this_update > that_update;
1059 DBG1(" certificate from %#T is %s - existing certificate from %#T %s",
1060 &this_update, FALSE, new ? "newer":"not newer",
1061 &that_update, FALSE, new ? "replaced":"retained");
1062 return new;
1063 }
1064
1065 /**
1066 * Implementation of certificate_t.get_encoding.
1067 */
1068 static chunk_t get_encoding(private_x509_cert_t *this)
1069 {
1070 return chunk_clone(this->encoding);
1071 }
1072
1073 /**
1074 * Implementation of certificate_t.equals.
1075 */
1076 static bool equals(private_x509_cert_t *this, certificate_t *other)
1077 {
1078 chunk_t encoding;
1079 bool equal;
1080
1081 if (this == (private_x509_cert_t*)other)
1082 {
1083 return TRUE;
1084 }
1085 if (other->get_type(other) != CERT_X509)
1086 {
1087 return FALSE;
1088 }
1089 if (other->equals == (void*)equals)
1090 { /* skip allocation if we have the same implementation */
1091 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1092 }
1093 encoding = other->get_encoding(other);
1094 equal = chunk_equals(this->encoding, encoding);
1095 free(encoding.ptr);
1096 return equal;
1097 }
1098
1099 /**
1100 * Implementation of x509_t.get_serial.
1101 */
1102 static chunk_t get_serial(private_x509_cert_t *this)
1103 {
1104 return this->serialNumber;
1105 }
1106
1107 /**
1108 * Implementation of x509_t.get_authKeyIdentifier.
1109 */
1110 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1111 {
1112 return this->authKeyIdentifier;
1113 }
1114
1115 /**
1116 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1117 */
1118 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1119 {
1120 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1121 }
1122
1123 /**
1124 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1125 */
1126 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1127 {
1128 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1129 }
1130
1131 /**
1132 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1133 */
1134 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1135 {
1136 return this->crl_uris->create_enumerator(this->crl_uris);
1137 }
1138
1139 /**
1140 * Implementation of certificate_t.asdf
1141 */
1142 static void destroy(private_x509_cert_t *this)
1143 {
1144 if (ref_put(&this->ref))
1145 {
1146 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1147 offsetof(identification_t, destroy));
1148 this->crl_uris->destroy_function(this->crl_uris, free);
1149 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1150 DESTROY_IF(this->issuer);
1151 DESTROY_IF(this->subject);
1152 DESTROY_IF(this->public_key);
1153 DESTROY_IF(this->authKeyIdentifier);
1154 chunk_free(&this->encoding);
1155 free(this);
1156 }
1157 }
1158
1159 /**
1160 * create an empty but initialized X.509 certificate
1161 */
1162 static private_x509_cert_t* create_empty(void)
1163 {
1164 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1165
1166 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1167 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1168 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1169 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1170 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1171 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
1172 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1173 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1174 this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
1175 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1176 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1177 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1178 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1179 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1180 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1181 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1182 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1183 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1184 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1185
1186 this->encoding = chunk_empty;
1187 this->public_key = NULL;
1188 this->subject = NULL;
1189 this->issuer = NULL;
1190 this->subjectAltNames = linked_list_create();
1191 this->crl_uris = linked_list_create();
1192 this->ocsp_uris = linked_list_create();
1193 this->subjectKeyID = chunk_empty;
1194 this->authKeyIdentifier = NULL;
1195 this->authKeySerialNumber = chunk_empty;
1196 this->flags = 0;
1197 this->ref = 1;
1198
1199 return this;
1200 }
1201
1202 /**
1203 * create an X.509 certificate from a chunk
1204 */
1205 static private_x509_cert_t *create_from_chunk(chunk_t chunk)
1206 {
1207 private_x509_cert_t *this = create_empty();
1208
1209 this->encoding = chunk;
1210 if (!parse_certificate(this))
1211 {
1212 destroy(this);
1213 return NULL;
1214 }
1215
1216 /* check if the certificate is self-signed */
1217 if (issued_by(this, &this->public.interface.interface))
1218 {
1219 this->flags |= X509_SELF_SIGNED;
1220 }
1221 return this;
1222 }
1223
1224 /**
1225 * create an X.509 certificate from a file
1226 */
1227 static private_x509_cert_t *create_from_file(char *path)
1228 {
1229 bool pgp = FALSE;
1230 chunk_t chunk;
1231 private_x509_cert_t *this;
1232
1233 if (!pem_asn1_load_file(path, NULL, &chunk, &pgp))
1234 {
1235 return NULL;
1236 }
1237
1238 this = create_from_chunk(chunk);
1239
1240 if (this == NULL)
1241 {
1242 DBG1(" could not parse loaded certificate file '%s'",path);
1243 return NULL;
1244 }
1245 DBG1(" loaded certificate file '%s'", path);
1246 return this;
1247
1248 }
1249
1250 typedef struct private_builder_t private_builder_t;
1251 /**
1252 * Builder implementation for certificate loading
1253 */
1254 struct private_builder_t {
1255 /** implements the builder interface */
1256 builder_t public;
1257 /** loaded certificate */
1258 private_x509_cert_t *cert;
1259 /** additional flags to enforce */
1260 x509_flag_t flags;
1261 };
1262
1263 /**
1264 * Implementation of builder_t.build
1265 */
1266 static private_x509_cert_t *build(private_builder_t *this)
1267 {
1268 private_x509_cert_t *cert = this->cert;
1269 x509_flag_t flags = this->flags;
1270
1271 free(this);
1272 if (cert == NULL)
1273 {
1274 return NULL;
1275 }
1276 if ((flags & X509_CA) && !(cert->flags & X509_CA))
1277 {
1278 DBG1(" ca certificate must have ca basic constraint set, discarded");
1279 destroy(cert);
1280 return NULL;
1281 }
1282 cert->flags |= flags;
1283 return cert;
1284 }
1285
1286 /**
1287 * Implementation of builder_t.add
1288 */
1289 static void add(private_builder_t *this, builder_part_t part, ...)
1290 {
1291 va_list args;
1292
1293 va_start(args, part);
1294 switch (part)
1295 {
1296 case BUILD_FROM_FILE:
1297 this->cert = create_from_file(va_arg(args, char*));
1298 break;
1299 case BUILD_BLOB_ASN1_DER:
1300 this->cert = create_from_chunk(va_arg(args, chunk_t));
1301 break;
1302 case BUILD_X509_FLAG:
1303 this->flags = va_arg(args, x509_flag_t);
1304 break;
1305 default:
1306 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1307 break;
1308 }
1309 va_end(args);
1310 }
1311
1312 /**
1313 * Builder construction function
1314 */
1315 builder_t *x509_cert_builder(certificate_type_t type)
1316 {
1317 private_builder_t *this;
1318
1319 if (type != CERT_X509)
1320 {
1321 return NULL;
1322 }
1323
1324 this = malloc_thing(private_builder_t);
1325
1326 this->cert = NULL;
1327 this->flags = 0;
1328 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1329 this->public.build = (void*(*)(builder_t *this))build;
1330
1331 return &this->public;
1332 }
1333