optimized parser->success()
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 *
20 * $Id$
21 */
22
23 #define _GNU_SOURCE
24
25 #include "x509_cert.h"
26
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <stdio.h>
31
32 #include <library.h>
33 #include <debug.h>
34 #include <asn1/oid.h>
35 #include <asn1/asn1.h>
36 #include <asn1/asn1_parser.h>
37 #include <asn1/pem.h>
38 #include <crypto/hashers/hasher.h>
39 #include <utils/linked_list.h>
40 #include <utils/identification.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List ocspAccessLocations as identification_t
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * certificates embedded public key
131 */
132 public_key_t *public_key;
133
134 /**
135 * Subject Key Identifier
136 */
137 chunk_t subjectKeyID;
138
139 /**
140 * Authority Key Identifier
141 */
142 identification_t *authKeyIdentifier;
143
144 /**
145 * Authority Key Serial Number
146 */
147 chunk_t authKeySerialNumber;
148
149 /**
150 * x509 constraints and other flags
151 */
152 x509_flag_t flags;
153
154 /**
155 * Signature algorithm
156 */
157 int algorithm;
158
159 /**
160 * Signature
161 */
162 chunk_t signature;
163
164 /**
165 * reference count
166 */
167 refcount_t ref;
168 };
169
170 static u_char ASN1_sAN_oid_buf[] = {
171 0x06, 0x03, 0x55, 0x1D, 0x11
172 };
173 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
174
175 /**
176 * ASN.1 definition of a basicConstraints extension
177 */
178 static const asn1Object_t basicConstraintsObjects[] = {
179 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
180 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
181 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
182 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
183 };
184 #define BASIC_CONSTRAINTS_CA 1
185 #define BASIC_CONSTRAINTS_ROOF 4
186
187 /**
188 * Extracts the basicConstraints extension
189 */
190 static bool parse_basicConstraints(chunk_t blob, int level0)
191 {
192 asn1_parser_t *parser;
193 chunk_t object;
194 int objectID;
195 bool isCA = FALSE;
196
197 parser = asn1_parser_create(basicConstraintsObjects, BASIC_CONSTRAINTS_ROOF,
198 blob);
199 parser->set_top_level(parser, level0);
200
201 while (parser->iterate(parser, &objectID, &object))
202 {
203 if (objectID == BASIC_CONSTRAINTS_CA)
204 {
205 isCA = object.len && *object.ptr;
206 DBG2(" %s", isCA ? "TRUE" : "FALSE");
207 }
208 }
209 parser->destroy(parser);
210
211 return isCA;
212 }
213
214 /**
215 * ASN.1 definition of otherName
216 */
217 static const asn1Object_t otherNameObjects[] = {
218 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
219 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
220 };
221 #define ON_OBJ_ID_TYPE 0
222 #define ON_OBJ_VALUE 1
223 #define ON_OBJ_ROOF 2
224
225 /**
226 * Extracts an otherName
227 */
228 static bool parse_otherName(chunk_t blob, int level0)
229 {
230 asn1_parser_t *parser;
231 chunk_t object;
232 int objectID;
233 int oid = OID_UNKNOWN;
234 bool success = FALSE;
235
236 parser = asn1_parser_create(otherNameObjects,ON_OBJ_ROOF, blob);
237 parser->set_top_level(parser, level0);
238
239 while (parser->iterate(parser, &objectID, &object))
240 {
241 switch (objectID)
242 {
243 case ON_OBJ_ID_TYPE:
244 oid = asn1_known_oid(object);
245 break;
246 case ON_OBJ_VALUE:
247 if (oid == OID_XMPP_ADDR)
248 {
249 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
250 parser->get_level(parser)+1, "xmppAddr"))
251 {
252 goto end;
253 }
254 }
255 break;
256 default:
257 break;
258 }
259 }
260 success = parser->success(parser);
261
262 end:
263 parser->destroy(parser);
264 return success;
265 }
266
267 /**
268 * ASN.1 definition of generalName
269 */
270 static const asn1Object_t generalNameObjects[] = {
271 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
272 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
273 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
274 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
275 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
276 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
277 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
278 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
279 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
280 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
281 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
282 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
283 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
284 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
285 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
286 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
287 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
288 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
289 };
290 #define GN_OBJ_OTHER_NAME 0
291 #define GN_OBJ_RFC822_NAME 2
292 #define GN_OBJ_DNS_NAME 4
293 #define GN_OBJ_X400_ADDRESS 6
294 #define GN_OBJ_DIRECTORY_NAME 8
295 #define GN_OBJ_EDI_PARTY_NAME 10
296 #define GN_OBJ_URI 12
297 #define GN_OBJ_IP_ADDRESS 14
298 #define GN_OBJ_REGISTERED_ID 16
299 #define GN_OBJ_ROOF 18
300
301 /**
302 * Extracts a generalName
303 */
304 static identification_t *parse_generalName(chunk_t blob, int level0)
305 {
306 asn1_parser_t *parser;
307 chunk_t object;
308 int objectID ;
309
310 identification_t *gn = NULL;
311
312 parser = asn1_parser_create(generalNameObjects, GN_OBJ_ROOF, blob);
313 parser->set_top_level(parser, level0);
314
315 while (parser->iterate(parser, &objectID, &object))
316 {
317 id_type_t id_type = ID_ANY;
318
319 switch (objectID)
320 {
321 case GN_OBJ_RFC822_NAME:
322 id_type = ID_RFC822_ADDR;
323 break;
324 case GN_OBJ_DNS_NAME:
325 id_type = ID_FQDN;
326 break;
327 case GN_OBJ_URI:
328 id_type = ID_DER_ASN1_GN_URI;
329 break;
330 case GN_OBJ_DIRECTORY_NAME:
331 id_type = ID_DER_ASN1_DN;
332 break;
333 case GN_OBJ_IP_ADDRESS:
334 id_type = ID_IPV4_ADDR;
335 break;
336 case GN_OBJ_OTHER_NAME:
337 if (!parse_otherName(object, parser->get_level(parser)+1))
338 {
339 goto end;
340 }
341 break;
342 case GN_OBJ_X400_ADDRESS:
343 case GN_OBJ_EDI_PARTY_NAME:
344 case GN_OBJ_REGISTERED_ID:
345 default:
346 break;
347 }
348 if (id_type != ID_ANY)
349 {
350 gn = identification_create_from_encoding(id_type, object);
351 DBG2(" '%D'", gn);
352 goto end;
353 }
354 }
355
356 end:
357 parser->destroy(parser);
358 return gn;
359 }
360
361 /**
362 * ASN.1 definition of generalNames
363 */
364 static const asn1Object_t generalNamesObjects[] = {
365 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
366 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
367 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
368 };
369 #define GENERAL_NAMES_GN 1
370 #define GENERAL_NAMES_ROOF 3
371
372 /**
373 * Extracts one or several GNs and puts them into a chained list
374 */
375 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
376 {
377 asn1_parser_t *parser;
378 chunk_t object;
379 int objectID;
380
381 parser = asn1_parser_create(generalNamesObjects, GENERAL_NAMES_ROOF, blob);
382 parser->set_top_level(parser, level0);
383 parser->set_flags(parser, implicit, FALSE);
384
385 while (parser->iterate(parser, &objectID, &object))
386 {
387 if (objectID == GENERAL_NAMES_GN)
388 {
389 identification_t *gn = parse_generalName(object,
390 parser->get_level(parser)+1);
391
392 if (gn)
393 {
394 list->insert_last(list, (void *)gn);
395 }
396 }
397 }
398 parser->destroy(parser);
399 }
400
401 /**
402 * ASN.1 definition of a keyIdentifier
403 */
404 static const asn1Object_t keyIdentifierObjects[] = {
405 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
406 };
407 #define KEY_ID_ROOF 1
408
409 /**
410 * Extracts a keyIdentifier
411 */
412 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
413 {
414 asn1_parser_t *parser;
415 chunk_t object;
416 int objectID;
417
418 chunk_t keyIdentifier = chunk_empty;
419
420 parser = asn1_parser_create(keyIdentifierObjects, KEY_ID_ROOF, blob);
421 parser->set_top_level(parser, level0);
422 parser->set_flags(parser, implicit, FALSE);
423
424 if (parser->iterate(parser, &objectID, &object))
425 {
426 keyIdentifier = object;
427 }
428 parser->destroy(parser);
429 return keyIdentifier;
430 }
431
432 /**
433 * ASN.1 definition of a authorityKeyIdentifier extension
434 */
435 static const asn1Object_t authKeyIdentifierObjects[] = {
436 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
437 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
438 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
439 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
440 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
441 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
442 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
443 };
444 #define AUTH_KEY_ID_KEY_ID 1
445 #define AUTH_KEY_ID_CERT_ISSUER 3
446 #define AUTH_KEY_ID_CERT_SERIAL 5
447 #define AUTH_KEY_ID_ROOF 7
448
449 /**
450 * Extracts an authoritykeyIdentifier
451 */
452 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
453 chunk_t *authKeySerialNumber)
454 {
455 asn1_parser_t *parser;
456 chunk_t object;
457 int objectID;
458 identification_t *authKeyIdentifier = NULL;
459
460 *authKeySerialNumber = chunk_empty;
461
462 parser = asn1_parser_create(authKeyIdentifierObjects, AUTH_KEY_ID_ROOF,blob);
463 parser->set_top_level(parser, level0);
464
465 while (parser->iterate(parser, &objectID, &object))
466 {
467 switch (objectID)
468 {
469 case AUTH_KEY_ID_KEY_ID:
470 {
471 chunk_t authKeyID = parse_keyIdentifier(object,
472 parser->get_level(parser)+1, TRUE);
473
474 if (authKeyID.ptr == NULL)
475 {
476 goto end;
477 }
478 authKeyIdentifier = identification_create_from_encoding(
479 ID_PUBKEY_SHA1, authKeyID);
480 break;
481 }
482 case AUTH_KEY_ID_CERT_ISSUER:
483 {
484 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
485 break;
486 }
487 case AUTH_KEY_ID_CERT_SERIAL:
488 *authKeySerialNumber = object;
489 break;
490 default:
491 break;
492 }
493 }
494
495 end:
496 parser->destroy(parser);
497 return authKeyIdentifier;
498 }
499
500 /**
501 * ASN.1 definition of a authorityInfoAccess extension
502 */
503 static const asn1Object_t authInfoAccessObjects[] = {
504 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
505 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
506 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
507 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
508 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
509 };
510 #define AUTH_INFO_ACCESS_METHOD 2
511 #define AUTH_INFO_ACCESS_LOCATION 3
512 #define AUTH_INFO_ACCESS_ROOF 5
513
514 /**
515 * Extracts an authorityInfoAcess location
516 */
517 static void parse_authorityInfoAccess(chunk_t blob, int level0,
518 private_x509_cert_t *this)
519 {
520 asn1_parser_t *parser;
521 chunk_t object;
522 int objectID;
523 int accessMethod = OID_UNKNOWN;
524
525 parser = asn1_parser_create(authInfoAccessObjects, AUTH_INFO_ACCESS_ROOF,
526 blob);
527 parser->set_top_level(parser, level0);
528
529 while (parser->iterate(parser, &objectID, &object))
530 {
531 switch (objectID)
532 {
533 case AUTH_INFO_ACCESS_METHOD:
534 accessMethod = asn1_known_oid(object);
535 break;
536 case AUTH_INFO_ACCESS_LOCATION:
537 {
538 switch (accessMethod)
539 {
540 case OID_OCSP:
541 case OID_CA_ISSUERS:
542 {
543 identification_t *id;
544 char *uri;
545
546 id = parse_generalName(object,
547 parser->get_level(parser)+1);
548 if (id == NULL)
549 {
550 /* parsing went wrong - abort */
551 goto end;
552 }
553 DBG2(" '%D'", id);
554 if (accessMethod == OID_OCSP &&
555 asprintf(&uri, "%D", id) > 0)
556 {
557 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
558 }
559 id->destroy(id);
560 }
561 break;
562 default:
563 /* unkown accessMethod, ignoring */
564 break;
565 }
566 break;
567 }
568 default:
569 break;
570 }
571 }
572
573 end:
574 parser->destroy(parser);
575 }
576
577 /**
578 * ASN.1 definition of a extendedKeyUsage extension
579 */
580 static const asn1Object_t extendedKeyUsageObjects[] = {
581 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
582 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
583 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
584 };
585 #define EXT_KEY_USAGE_PURPOSE_ID 1
586 #define EXT_KEY_USAGE_ROOF 3
587
588 /**
589 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
590 */
591 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
592 {
593 asn1_parser_t *parser;
594 chunk_t object;
595 int objectID;
596 bool ocsp_signing = FALSE;
597
598 parser = asn1_parser_create(extendedKeyUsageObjects, EXT_KEY_USAGE_ROOF,
599 blob);
600 parser->set_top_level(parser, level0);
601
602 while (parser->iterate(parser, &objectID, &object))
603 {
604 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
605 asn1_known_oid(object) == OID_OCSP_SIGNING)
606 {
607 ocsp_signing = TRUE;
608 }
609 }
610 parser->destroy(parser);
611 return ocsp_signing;
612 }
613
614 /**
615 * ASN.1 definition of crlDistributionPoints
616 */
617 static const asn1Object_t crlDistributionPointsObjects[] = {
618 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
619 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
620 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
621 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
622 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
623 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
624 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
625 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
626 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
627 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
628 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
629 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
630 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
631 };
632 #define CRL_DIST_POINTS_FULLNAME 3
633 #define CRL_DIST_POINTS_ROOF 13
634
635
636 /**
637 * Extracts one or several crlDistributionPoints into a list
638 */
639 static void parse_crlDistributionPoints(chunk_t blob, int level0,
640 private_x509_cert_t *this)
641 {
642 asn1_parser_t *parser;
643 chunk_t object;
644 int objectID;
645 linked_list_t *list = linked_list_create();
646
647 parser = asn1_parser_create(crlDistributionPointsObjects,
648 CRL_DIST_POINTS_ROOF, blob);
649 parser->set_top_level(parser, level0);
650
651 while (parser->iterate(parser, &objectID, &object))
652 {
653 if (objectID == CRL_DIST_POINTS_FULLNAME)
654 {
655 identification_t *id;
656
657 /* append extracted generalNames to existing chained list */
658 x509_parse_generalNames(object, parser->get_level(parser)+1,
659 TRUE, list);
660
661 while (list->remove_last(list, (void**)&id) == SUCCESS)
662 {
663 char *uri;
664
665 if (asprintf(&uri, "%D", id) > 0)
666 {
667 this->crl_uris->insert_last(this->crl_uris, uri);
668 }
669 id->destroy(id);
670 }
671 }
672 }
673 parser->destroy(parser);
674 list->destroy(list);
675 }
676
677 /**
678 * ASN.1 definition of an X.509v3 x509_cert
679 */
680 static const asn1Object_t certObjects[] = {
681 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
682 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
683 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
684 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
685 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
686 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
687 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
688 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
689 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
690 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
691 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
692 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
693 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
694 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_BODY }, /* 13 */
695 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 14 */
696 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
697 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 16 */
698 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 17 */
699 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 18 */
700 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 29 */
701 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 20 */
702 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 21 */
703 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 22 */
704 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 23 */
705 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 24 */
706 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 25 */
707 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 26 */
708 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 27 */
709 };
710 #define X509_OBJ_TBS_CERTIFICATE 1
711 #define X509_OBJ_VERSION 3
712 #define X509_OBJ_SERIAL_NUMBER 4
713 #define X509_OBJ_SIG_ALG 5
714 #define X509_OBJ_ISSUER 6
715 #define X509_OBJ_NOT_BEFORE 8
716 #define X509_OBJ_NOT_AFTER 9
717 #define X509_OBJ_SUBJECT 10
718 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
719 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
720 #define X509_OBJ_EXTN_ID 21
721 #define X509_OBJ_CRITICAL 22
722 #define X509_OBJ_EXTN_VALUE 23
723 #define X509_OBJ_ALGORITHM 26
724 #define X509_OBJ_SIGNATURE 27
725 #define X509_OBJ_ROOF 28
726
727 /**
728 * Parses an X.509v3 certificate
729 */
730 static bool parse_certificate(private_x509_cert_t *this)
731 {
732 asn1_parser_t *parser;
733 chunk_t object;
734 int objectID;
735 int extn_oid = OID_UNKNOWN;
736 int key_alg = OID_UNKNOWN;
737 int sig_alg = OID_UNKNOWN;
738 bool success = FALSE;
739 bool critical;
740
741 parser = asn1_parser_create(certObjects, X509_OBJ_ROOF, this->encoding);
742
743 while (parser->iterate(parser, &objectID, &object))
744 {
745 u_int level = parser->get_level(parser)+1;
746
747 switch (objectID)
748 {
749 case X509_OBJ_TBS_CERTIFICATE:
750 this->tbsCertificate = object;
751 break;
752 case X509_OBJ_VERSION:
753 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
754 DBG2(" v%d", this->version);
755 break;
756 case X509_OBJ_SERIAL_NUMBER:
757 this->serialNumber = object;
758 break;
759 case X509_OBJ_SIG_ALG:
760 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
761 break;
762 case X509_OBJ_ISSUER:
763 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
764 DBG2(" '%D'", this->issuer);
765 break;
766 case X509_OBJ_NOT_BEFORE:
767 this->notBefore = asn1_parse_time(object, level);
768 break;
769 case X509_OBJ_NOT_AFTER:
770 this->notAfter = asn1_parse_time(object, level);
771 break;
772 case X509_OBJ_SUBJECT:
773 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
774 DBG2(" '%D'", this->subject);
775 break;
776 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
777 key_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
778 break;
779 case X509_OBJ_SUBJECT_PUBLIC_KEY:
780 if (object.len > 0 && *object.ptr == 0x00)
781 {
782 /* skip initial bit string octet defining 0 unused bits */
783 object.ptr++;
784 object.len--;
785
786 switch (key_alg)
787 {
788 case OID_RSA_ENCRYPTION:
789 this->public_key = lib->creds->create(lib->creds,
790 CRED_PUBLIC_KEY, KEY_RSA,
791 BUILD_BLOB_ASN1_DER,
792 chunk_clone(object),
793 BUILD_END);
794 break;
795 default:
796 DBG1("parsing key type %d failed", key_alg);
797 goto end;
798 }
799 }
800 break;
801 case X509_OBJ_EXTN_ID:
802 extn_oid = asn1_known_oid(object);
803 break;
804 case X509_OBJ_CRITICAL:
805 critical = object.len && *object.ptr;
806 DBG2(" %s", critical ? "TRUE" : "FALSE");
807 break;
808 case X509_OBJ_EXTN_VALUE:
809 {
810 switch (extn_oid)
811 {
812 case OID_SUBJECT_KEY_ID:
813 this->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
814 break;
815 case OID_SUBJECT_ALT_NAME:
816 x509_parse_generalNames(object, level, FALSE, this->subjectAltNames);
817 break;
818 case OID_BASIC_CONSTRAINTS:
819 if (parse_basicConstraints(object, level))
820 {
821 this->flags |= X509_CA;
822 }
823 break;
824 case OID_CRL_DISTRIBUTION_POINTS:
825 parse_crlDistributionPoints(object, level, this);
826 break;
827 case OID_AUTHORITY_KEY_ID:
828 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
829 level, &this->authKeySerialNumber);
830 break;
831 case OID_AUTHORITY_INFO_ACCESS:
832 parse_authorityInfoAccess(object, level, this);
833 break;
834 case OID_EXTENDED_KEY_USAGE:
835 if (parse_extendedKeyUsage(object, level))
836 {
837 this->flags |= X509_OCSP_SIGNER;
838 }
839 break;
840 case OID_NS_REVOCATION_URL:
841 case OID_NS_CA_REVOCATION_URL:
842 case OID_NS_CA_POLICY_URL:
843 case OID_NS_COMMENT:
844 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
845 level, oid_names[extn_oid].name))
846 {
847 goto end;
848 }
849 break;
850 default:
851 break;
852 }
853 break;
854 }
855 case X509_OBJ_ALGORITHM:
856 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
857 if (this->algorithm != sig_alg)
858 {
859 DBG1(" signature algorithms do not agree");
860 goto end;
861 }
862 break;
863 case X509_OBJ_SIGNATURE:
864 this->signature = object;
865 break;
866 default:
867 break;
868 }
869 }
870 success = parser->success(parser);
871
872 end:
873 parser->destroy(parser);
874 return success;
875 }
876
877 /**
878 * Implementation of certificate_t.get_type
879 */
880 static certificate_type_t get_type(private_x509_cert_t *this)
881 {
882 return CERT_X509;
883 }
884
885 /**
886 * Implementation of certificate_t.get_subject
887 */
888 static identification_t* get_subject(private_x509_cert_t *this)
889 {
890 return this->subject;
891 }
892
893 /**
894 * Implementation of certificate_t.get_issuer
895 */
896 static identification_t* get_issuer(private_x509_cert_t *this)
897 {
898 return this->issuer;
899 }
900
901 /**
902 * Implementation of certificate_t.has_subject.
903 */
904 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
905 {
906 identification_t *current;
907 enumerator_t *enumerator;
908 id_match_t match, best;
909
910 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_CERT_DER_SHA1 &&
911 chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
912 {
913 return ID_MATCH_PERFECT;
914 }
915
916 best = this->subject->matches(this->subject, subject);
917 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
918 while (enumerator->enumerate(enumerator, &current))
919 {
920 match = current->matches(current, subject);
921 if (match > best)
922 {
923 best = match;
924 }
925 }
926 enumerator->destroy(enumerator);
927 return best;
928 }
929
930 /**
931 * Implementation of certificate_t.has_subject.
932 */
933 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
934 {
935 /* issuerAltNames currently not supported */
936 return this->issuer->matches(this->issuer, issuer);
937 }
938
939 /**
940 * Implementation of certificate_t.issued_by
941 */
942 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
943 {
944 public_key_t *key;
945 signature_scheme_t scheme;
946 bool valid;
947 x509_t *x509 = (x509_t*)issuer;
948
949 if (&this->public.interface.interface == issuer)
950 {
951 if (this->flags & X509_SELF_SIGNED)
952 {
953 return TRUE;
954 }
955 }
956 else
957 {
958 if (issuer->get_type(issuer) != CERT_X509)
959 {
960 return FALSE;
961 }
962 if (!(x509->get_flags(x509) & X509_CA))
963 {
964 return FALSE;
965 }
966 }
967 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
968 {
969 return FALSE;
970 }
971 /* TODO: generic OID to scheme mapper? */
972 switch (this->algorithm)
973 {
974 case OID_MD5_WITH_RSA:
975 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
976 break;
977 case OID_SHA1_WITH_RSA:
978 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
979 break;
980 case OID_SHA256_WITH_RSA:
981 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
982 break;
983 case OID_SHA384_WITH_RSA:
984 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
985 break;
986 case OID_SHA512_WITH_RSA:
987 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
988 break;
989 default:
990 return FALSE;
991 }
992 key = issuer->get_public_key(issuer);
993 if (key == NULL)
994 {
995 return FALSE;
996 }
997 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
998 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
999 key->destroy(key);
1000 return valid;
1001 }
1002
1003 /**
1004 * Implementation of certificate_t.get_public_key
1005 */
1006 static public_key_t* get_public_key(private_x509_cert_t *this)
1007 {
1008 this->public_key->get_ref(this->public_key);
1009 return this->public_key;
1010 }
1011
1012 /**
1013 * Implementation of certificate_t.asdf
1014 */
1015 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1016 {
1017 ref_get(&this->ref);
1018 return this;
1019 }
1020
1021 /**
1022 * Implementation of x509_cert_t.get_flags.
1023 */
1024 static x509_flag_t get_flags(private_x509_cert_t *this)
1025 {
1026 return this->flags;
1027 }
1028
1029 /**
1030 * Implementation of x509_cert_t.get_validity.
1031 */
1032 static bool get_validity(private_x509_cert_t *this, time_t *when,
1033 time_t *not_before, time_t *not_after)
1034 {
1035 time_t t;
1036
1037 if (when)
1038 {
1039 t = *when;
1040 }
1041 else
1042 {
1043 t = time(NULL);
1044 }
1045 if (not_before)
1046 {
1047 *not_before = this->notBefore;
1048 }
1049 if (not_after)
1050 {
1051 *not_after = this->notAfter;
1052 }
1053 return (t >= this->notBefore && t <= this->notAfter);
1054 }
1055
1056 /**
1057 * Implementation of certificate_t.is_newer.
1058 */
1059 static bool is_newer(certificate_t *this, certificate_t *that)
1060 {
1061 time_t this_update, that_update, now = time(NULL);
1062 bool new;
1063
1064 this->get_validity(this, &now, &this_update, NULL);
1065 that->get_validity(that, &now, &that_update, NULL);
1066 new = this_update > that_update;
1067 DBG1(" certificate from %#T is %s - existing certificate from %#T %s",
1068 &this_update, FALSE, new ? "newer":"not newer",
1069 &that_update, FALSE, new ? "replaced":"retained");
1070 return new;
1071 }
1072
1073 /**
1074 * Implementation of certificate_t.get_encoding.
1075 */
1076 static chunk_t get_encoding(private_x509_cert_t *this)
1077 {
1078 return chunk_clone(this->encoding);
1079 }
1080
1081 /**
1082 * Implementation of certificate_t.equals.
1083 */
1084 static bool equals(private_x509_cert_t *this, certificate_t *other)
1085 {
1086 chunk_t encoding;
1087 bool equal;
1088
1089 if (this == (private_x509_cert_t*)other)
1090 {
1091 return TRUE;
1092 }
1093 if (other->get_type(other) != CERT_X509)
1094 {
1095 return FALSE;
1096 }
1097 if (other->equals == (void*)equals)
1098 { /* skip allocation if we have the same implementation */
1099 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1100 }
1101 encoding = other->get_encoding(other);
1102 equal = chunk_equals(this->encoding, encoding);
1103 free(encoding.ptr);
1104 return equal;
1105 }
1106
1107 /**
1108 * Implementation of x509_t.get_serial.
1109 */
1110 static chunk_t get_serial(private_x509_cert_t *this)
1111 {
1112 return this->serialNumber;
1113 }
1114
1115 /**
1116 * Implementation of x509_t.get_authKeyIdentifier.
1117 */
1118 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1119 {
1120 return this->authKeyIdentifier;
1121 }
1122
1123 /**
1124 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1125 */
1126 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1127 {
1128 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1129 }
1130
1131 /**
1132 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1133 */
1134 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1135 {
1136 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1137 }
1138
1139 /**
1140 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1141 */
1142 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1143 {
1144 return this->crl_uris->create_enumerator(this->crl_uris);
1145 }
1146
1147 /**
1148 * Implementation of certificate_t.asdf
1149 */
1150 static void destroy(private_x509_cert_t *this)
1151 {
1152 if (ref_put(&this->ref))
1153 {
1154 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1155 offsetof(identification_t, destroy));
1156 this->crl_uris->destroy_function(this->crl_uris, free);
1157 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1158 DESTROY_IF(this->issuer);
1159 DESTROY_IF(this->subject);
1160 DESTROY_IF(this->public_key);
1161 DESTROY_IF(this->authKeyIdentifier);
1162 chunk_free(&this->encoding);
1163 chunk_free(&this->encoding_hash);
1164 free(this);
1165 }
1166 }
1167
1168 /**
1169 * create an empty but initialized X.509 certificate
1170 */
1171 static private_x509_cert_t* create_empty(void)
1172 {
1173 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1174
1175 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1176 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1177 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1178 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1179 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1180 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
1181 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1182 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1183 this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
1184 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1185 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1186 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1187 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1188 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1189 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1190 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1191 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1192 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1193 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1194
1195 this->encoding = chunk_empty;
1196 this->encoding_hash = chunk_empty;
1197 this->public_key = NULL;
1198 this->subject = NULL;
1199 this->issuer = NULL;
1200 this->subjectAltNames = linked_list_create();
1201 this->crl_uris = linked_list_create();
1202 this->ocsp_uris = linked_list_create();
1203 this->subjectKeyID = chunk_empty;
1204 this->authKeyIdentifier = NULL;
1205 this->authKeySerialNumber = chunk_empty;
1206 this->flags = 0;
1207 this->ref = 1;
1208
1209 return this;
1210 }
1211
1212 /**
1213 * create an X.509 certificate from a chunk
1214 */
1215 static private_x509_cert_t *create_from_chunk(chunk_t chunk)
1216 {
1217 private_x509_cert_t *this = create_empty();
1218
1219 this->encoding = chunk;
1220 if (!parse_certificate(this))
1221 {
1222 destroy(this);
1223 return NULL;
1224 }
1225
1226 /* check if the certificate is self-signed */
1227 if (issued_by(this, &this->public.interface.interface))
1228 {
1229 this->flags |= X509_SELF_SIGNED;
1230 }
1231
1232 hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1233 if (hasher != NULL)
1234 {
1235 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1236 hasher->destroy(hasher);
1237 }
1238 else
1239 {
1240 DBG1(" unable to create hash of certificate, SHA1 not supported");
1241 }
1242
1243 return this;
1244 }
1245
1246 /**
1247 * create an X.509 certificate from a file
1248 */
1249 static private_x509_cert_t *create_from_file(char *path)
1250 {
1251 bool pgp = FALSE;
1252 chunk_t chunk;
1253 private_x509_cert_t *this;
1254
1255 if (!pem_asn1_load_file(path, NULL, &chunk, &pgp))
1256 {
1257 return NULL;
1258 }
1259
1260 this = create_from_chunk(chunk);
1261
1262 if (this == NULL)
1263 {
1264 DBG1(" could not parse loaded certificate file '%s'",path);
1265 return NULL;
1266 }
1267 DBG1(" loaded certificate file '%s'", path);
1268 return this;
1269
1270 }
1271
1272 typedef struct private_builder_t private_builder_t;
1273 /**
1274 * Builder implementation for certificate loading
1275 */
1276 struct private_builder_t {
1277 /** implements the builder interface */
1278 builder_t public;
1279 /** loaded certificate */
1280 private_x509_cert_t *cert;
1281 /** additional flags to enforce */
1282 x509_flag_t flags;
1283 };
1284
1285 /**
1286 * Implementation of builder_t.build
1287 */
1288 static private_x509_cert_t *build(private_builder_t *this)
1289 {
1290 private_x509_cert_t *cert = this->cert;
1291 x509_flag_t flags = this->flags;
1292
1293 free(this);
1294 if (cert == NULL)
1295 {
1296 return NULL;
1297 }
1298 if ((flags & X509_CA) && !(cert->flags & X509_CA))
1299 {
1300 DBG1(" ca certificate must have ca basic constraint set, discarded");
1301 destroy(cert);
1302 return NULL;
1303 }
1304 cert->flags |= flags;
1305 return cert;
1306 }
1307
1308 /**
1309 * Implementation of builder_t.add
1310 */
1311 static void add(private_builder_t *this, builder_part_t part, ...)
1312 {
1313 va_list args;
1314
1315 va_start(args, part);
1316 switch (part)
1317 {
1318 case BUILD_FROM_FILE:
1319 this->cert = create_from_file(va_arg(args, char*));
1320 break;
1321 case BUILD_BLOB_ASN1_DER:
1322 this->cert = create_from_chunk(va_arg(args, chunk_t));
1323 break;
1324 case BUILD_X509_FLAG:
1325 this->flags = va_arg(args, x509_flag_t);
1326 break;
1327 default:
1328 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1329 break;
1330 }
1331 va_end(args);
1332 }
1333
1334 /**
1335 * Builder construction function
1336 */
1337 builder_t *x509_cert_builder(certificate_type_t type)
1338 {
1339 private_builder_t *this;
1340
1341 if (type != CERT_X509)
1342 {
1343 return NULL;
1344 }
1345
1346 this = malloc_thing(private_builder_t);
1347
1348 this->cert = NULL;
1349 this->flags = 0;
1350 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1351 this->public.build = (void*(*)(builder_t *this))build;
1352
1353 return &this->public;
1354 }
1355