refactoring of the ASN.1 parser
[strongswan.git] / src / libstrongswan / plugins / x509 / x509_cert.c
1 /*
2 * Copyright (C) 2000 Andreas Hess, Patric Lichtsteiner, Roger Wegmann
3 * Copyright (C) 2001 Marco Bertossa, Andreas Schleiss
4 * Copyright (C) 2002 Mario Strasser
5 * Copyright (C) 2000-2006 Andreas Steffen
6 * Copyright (C) 2006-2008 Martin Willi
7 * Copyright (C) 2008 Tobias Brunner
8 * Hochschule fuer Technik Rapperswil
9 *
10 * This program is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by the
12 * Free Software Foundation; either version 2 of the License, or (at your
13 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
14 *
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
17 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 * for more details.
19 *
20 * $Id$
21 */
22
23 #define _GNU_SOURCE
24
25 #include "x509_cert.h"
26
27 #include <sys/stat.h>
28 #include <unistd.h>
29 #include <string.h>
30 #include <stdio.h>
31
32 #include <library.h>
33 #include <debug.h>
34 #include <asn1/oid.h>
35 #include <asn1/asn1.h>
36 #include <asn1/asn1_parser.h>
37 #include <asn1/pem.h>
38 #include <crypto/hashers/hasher.h>
39 #include <utils/linked_list.h>
40 #include <utils/identification.h>
41
42 /**
43 * Different kinds of generalNames
44 */
45 typedef enum {
46 GN_OTHER_NAME = 0,
47 GN_RFC822_NAME = 1,
48 GN_DNS_NAME = 2,
49 GN_X400_ADDRESS = 3,
50 GN_DIRECTORY_NAME = 4,
51 GN_EDI_PARTY_NAME = 5,
52 GN_URI = 6,
53 GN_IP_ADDRESS = 7,
54 GN_REGISTERED_ID = 8,
55 } generalNames_t;
56
57
58 typedef struct private_x509_cert_t private_x509_cert_t;
59
60 /**
61 * Private data of a x509_cert_t object.
62 */
63 struct private_x509_cert_t {
64 /**
65 * Public interface for this certificate.
66 */
67 x509_cert_t public;
68
69 /**
70 * X.509 certificate encoding in ASN.1 DER format
71 */
72 chunk_t encoding;
73
74 /**
75 * SHA1 hash of the DER encoding of this X.509 certificate
76 */
77 chunk_t encoding_hash;
78
79 /**
80 * X.509 certificate body over which signature is computed
81 */
82 chunk_t tbsCertificate;
83
84 /**
85 * Version of the X.509 certificate
86 */
87 u_int version;
88
89 /**
90 * Serial number of the X.509 certificate
91 */
92 chunk_t serialNumber;
93
94 /**
95 * ID representing the certificate issuer
96 */
97 identification_t *issuer;
98
99 /**
100 * Start time of certificate validity
101 */
102 time_t notBefore;
103
104 /**
105 * End time of certificate validity
106 */
107 time_t notAfter;
108
109 /**
110 * ID representing the certificate subject
111 */
112 identification_t *subject;
113
114 /**
115 * List of subjectAltNames as identification_t
116 */
117 linked_list_t *subjectAltNames;
118
119 /**
120 * List of crlDistributionPoints as allocated char*
121 */
122 linked_list_t *crl_uris;
123
124 /**
125 * List ocspAccessLocations as identification_t
126 */
127 linked_list_t *ocsp_uris;
128
129 /**
130 * certificates embedded public key
131 */
132 public_key_t *public_key;
133
134 /**
135 * Subject Key Identifier
136 */
137 chunk_t subjectKeyID;
138
139 /**
140 * Authority Key Identifier
141 */
142 identification_t *authKeyIdentifier;
143
144 /**
145 * Authority Key Serial Number
146 */
147 chunk_t authKeySerialNumber;
148
149 /**
150 * x509 constraints and other flags
151 */
152 x509_flag_t flags;
153
154 /**
155 * Signature algorithm
156 */
157 int algorithm;
158
159 /**
160 * Signature
161 */
162 chunk_t signature;
163
164 /**
165 * reference count
166 */
167 refcount_t ref;
168 };
169
170 static u_char ASN1_sAN_oid_buf[] = {
171 0x06, 0x03, 0x55, 0x1D, 0x11
172 };
173 static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_sAN_oid_buf);
174
175 /**
176 * ASN.1 definition of a basicConstraints extension
177 */
178 static const asn1Object_t basicConstraintsObjects[] = {
179 { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
180 { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
181 { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
182 { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
183 };
184 #define BASIC_CONSTRAINTS_CA 1
185 #define BASIC_CONSTRAINTS_ROOF 4
186
187 /**
188 * Extracts the basicConstraints extension
189 */
190 static bool parse_basicConstraints(chunk_t blob, int level0)
191 {
192 asn1_parser_t *parser;
193 chunk_t object;
194 int objectID;
195 bool isCA = FALSE;
196
197 parser = asn1_parser_create(basicConstraintsObjects, BASIC_CONSTRAINTS_ROOF,
198 blob);
199 parser->set_top_level(parser, level0);
200
201 while (parser->iterate(parser, &objectID, &object))
202 {
203 if (objectID == BASIC_CONSTRAINTS_CA)
204 {
205 isCA = object.len && *object.ptr;
206 DBG2(" %s", isCA ? "TRUE" : "FALSE");
207 }
208 }
209 parser->destroy(parser);
210
211 return isCA;
212 }
213
214 /**
215 * ASN.1 definition of otherName
216 */
217 static const asn1Object_t otherNameObjects[] = {
218 {0, "type-id", ASN1_OID, ASN1_BODY }, /* 0 */
219 {0, "value", ASN1_CONTEXT_C_0, ASN1_BODY } /* 1 */
220 };
221 #define ON_OBJ_ID_TYPE 0
222 #define ON_OBJ_VALUE 1
223 #define ON_OBJ_ROOF 2
224
225 /**
226 * Extracts an otherName
227 */
228 static bool parse_otherName(chunk_t blob, int level0)
229 {
230 asn1_parser_t *parser;
231 chunk_t object;
232 int objectID;
233 int oid = OID_UNKNOWN;
234 bool success = TRUE;
235
236 parser = asn1_parser_create(otherNameObjects,ON_OBJ_ROOF, blob);
237 parser->set_top_level(parser, level0);
238
239 while (parser->iterate(parser, &objectID, &object))
240 {
241 switch (objectID)
242 {
243 case ON_OBJ_ID_TYPE:
244 oid = asn1_known_oid(object);
245 break;
246 case ON_OBJ_VALUE:
247 if (oid == OID_XMPP_ADDR)
248 {
249 if (!asn1_parse_simple_object(&object, ASN1_UTF8STRING,
250 parser->get_level(parser)+1, "xmppAddr"))
251 {
252 success = FALSE;
253 goto end;
254 }
255 }
256 break;
257 default:
258 break;
259 }
260 }
261
262 end:
263 success &= parser->success(parser);
264 parser->destroy(parser);
265 return success;
266 }
267
268 /**
269 * ASN.1 definition of generalName
270 */
271 static const asn1Object_t generalNameObjects[] = {
272 { 0, "otherName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_BODY }, /* 0 */
273 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 1 */
274 { 0, "rfc822Name", ASN1_CONTEXT_S_1, ASN1_OPT|ASN1_BODY }, /* 2 */
275 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 3 */
276 { 0, "dnsName", ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 4 */
277 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 5 */
278 { 0, "x400Address", ASN1_CONTEXT_S_3, ASN1_OPT|ASN1_BODY }, /* 6 */
279 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 7 */
280 { 0, "directoryName", ASN1_CONTEXT_C_4, ASN1_OPT|ASN1_BODY }, /* 8 */
281 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
282 { 0, "ediPartyName", ASN1_CONTEXT_C_5, ASN1_OPT|ASN1_BODY }, /* 10 */
283 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 11 */
284 { 0, "URI", ASN1_CONTEXT_S_6, ASN1_OPT|ASN1_BODY }, /* 12 */
285 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 13 */
286 { 0, "ipAddress", ASN1_CONTEXT_S_7, ASN1_OPT|ASN1_BODY }, /* 14 */
287 { 0, "end choice", ASN1_EOC, ASN1_END }, /* 15 */
288 { 0, "registeredID", ASN1_CONTEXT_S_8, ASN1_OPT|ASN1_BODY }, /* 16 */
289 { 0, "end choice", ASN1_EOC, ASN1_END } /* 17 */
290 };
291 #define GN_OBJ_OTHER_NAME 0
292 #define GN_OBJ_RFC822_NAME 2
293 #define GN_OBJ_DNS_NAME 4
294 #define GN_OBJ_X400_ADDRESS 6
295 #define GN_OBJ_DIRECTORY_NAME 8
296 #define GN_OBJ_EDI_PARTY_NAME 10
297 #define GN_OBJ_URI 12
298 #define GN_OBJ_IP_ADDRESS 14
299 #define GN_OBJ_REGISTERED_ID 16
300 #define GN_OBJ_ROOF 18
301
302 /**
303 * Extracts a generalName
304 */
305 static identification_t *parse_generalName(chunk_t blob, int level0)
306 {
307 asn1_parser_t *parser;
308 chunk_t object;
309 int objectID ;
310
311 identification_t *gn = NULL;
312
313 parser = asn1_parser_create(generalNameObjects, GN_OBJ_ROOF, blob);
314 parser->set_top_level(parser, level0);
315
316 while (parser->iterate(parser, &objectID, &object))
317 {
318 id_type_t id_type = ID_ANY;
319
320 switch (objectID)
321 {
322 case GN_OBJ_RFC822_NAME:
323 id_type = ID_RFC822_ADDR;
324 break;
325 case GN_OBJ_DNS_NAME:
326 id_type = ID_FQDN;
327 break;
328 case GN_OBJ_URI:
329 id_type = ID_DER_ASN1_GN_URI;
330 break;
331 case GN_OBJ_DIRECTORY_NAME:
332 id_type = ID_DER_ASN1_DN;
333 break;
334 case GN_OBJ_IP_ADDRESS:
335 id_type = ID_IPV4_ADDR;
336 break;
337 case GN_OBJ_OTHER_NAME:
338 if (!parse_otherName(object, parser->get_level(parser)+1))
339 {
340 goto end;
341 }
342 break;
343 case GN_OBJ_X400_ADDRESS:
344 case GN_OBJ_EDI_PARTY_NAME:
345 case GN_OBJ_REGISTERED_ID:
346 default:
347 break;
348 }
349 if (id_type != ID_ANY)
350 {
351 gn = identification_create_from_encoding(id_type, object);
352 DBG2(" '%D'", gn);
353 goto end;
354 }
355 }
356
357 end:
358 parser->destroy(parser);
359 return gn;
360 }
361
362 /**
363 * ASN.1 definition of generalNames
364 */
365 static const asn1Object_t generalNamesObjects[] = {
366 { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
367 { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
368 { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
369 };
370 #define GENERAL_NAMES_GN 1
371 #define GENERAL_NAMES_ROOF 3
372
373 /**
374 * Extracts one or several GNs and puts them into a chained list
375 */
376 void x509_parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
377 {
378 asn1_parser_t *parser;
379 chunk_t object;
380 int objectID;
381
382 parser = asn1_parser_create(generalNamesObjects, GENERAL_NAMES_ROOF, blob);
383 parser->set_top_level(parser, level0);
384 parser->set_flags(parser, implicit, FALSE);
385
386 while (parser->iterate(parser, &objectID, &object))
387 {
388 if (objectID == GENERAL_NAMES_GN)
389 {
390 identification_t *gn = parse_generalName(object,
391 parser->get_level(parser)+1);
392
393 if (gn)
394 {
395 list->insert_last(list, (void *)gn);
396 }
397 }
398 }
399 parser->destroy(parser);
400 }
401
402 /**
403 * ASN.1 definition of a keyIdentifier
404 */
405 static const asn1Object_t keyIdentifierObjects[] = {
406 { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
407 };
408 #define KEY_ID_ROOF 1
409
410 /**
411 * Extracts a keyIdentifier
412 */
413 static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
414 {
415 asn1_parser_t *parser;
416 chunk_t object;
417 int objectID;
418
419 chunk_t keyIdentifier = chunk_empty;
420
421 parser = asn1_parser_create(keyIdentifierObjects, KEY_ID_ROOF, blob);
422 parser->set_top_level(parser, level0);
423 parser->set_flags(parser, implicit, FALSE);
424
425 if (parser->iterate(parser, &objectID, &object))
426 {
427 keyIdentifier = object;
428 }
429 parser->destroy(parser);
430 return keyIdentifier;
431 }
432
433 /**
434 * ASN.1 definition of a authorityKeyIdentifier extension
435 */
436 static const asn1Object_t authKeyIdentifierObjects[] = {
437 { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
438 { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
439 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
440 { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
441 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
442 { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
443 { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
444 };
445 #define AUTH_KEY_ID_KEY_ID 1
446 #define AUTH_KEY_ID_CERT_ISSUER 3
447 #define AUTH_KEY_ID_CERT_SERIAL 5
448 #define AUTH_KEY_ID_ROOF 7
449
450 /**
451 * Extracts an authoritykeyIdentifier
452 */
453 identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0,
454 chunk_t *authKeySerialNumber)
455 {
456 asn1_parser_t *parser;
457 chunk_t object;
458 int objectID;
459 identification_t *authKeyIdentifier = NULL;
460
461 *authKeySerialNumber = chunk_empty;
462
463 parser = asn1_parser_create(authKeyIdentifierObjects, AUTH_KEY_ID_ROOF,blob);
464 parser->set_top_level(parser, level0);
465
466 while (parser->iterate(parser, &objectID, &object))
467 {
468 switch (objectID)
469 {
470 case AUTH_KEY_ID_KEY_ID:
471 {
472 chunk_t authKeyID = parse_keyIdentifier(object,
473 parser->get_level(parser)+1, TRUE);
474
475 if (authKeyID.ptr == NULL)
476 {
477 goto end;
478 }
479 authKeyIdentifier = identification_create_from_encoding(
480 ID_PUBKEY_SHA1, authKeyID);
481 break;
482 }
483 case AUTH_KEY_ID_CERT_ISSUER:
484 {
485 /* TODO: x509_parse_generalNames(object, level+1, TRUE); */
486 break;
487 }
488 case AUTH_KEY_ID_CERT_SERIAL:
489 *authKeySerialNumber = object;
490 break;
491 default:
492 break;
493 }
494 }
495
496 end:
497 parser->destroy(parser);
498 return authKeyIdentifier;
499 }
500
501 /**
502 * ASN.1 definition of a authorityInfoAccess extension
503 */
504 static const asn1Object_t authInfoAccessObjects[] = {
505 { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
506 { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
507 { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
508 { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
509 { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
510 };
511 #define AUTH_INFO_ACCESS_METHOD 2
512 #define AUTH_INFO_ACCESS_LOCATION 3
513 #define AUTH_INFO_ACCESS_ROOF 5
514
515 /**
516 * Extracts an authorityInfoAcess location
517 */
518 static void parse_authorityInfoAccess(chunk_t blob, int level0,
519 private_x509_cert_t *this)
520 {
521 asn1_parser_t *parser;
522 chunk_t object;
523 int objectID;
524 int accessMethod = OID_UNKNOWN;
525
526 parser = asn1_parser_create(authInfoAccessObjects, AUTH_INFO_ACCESS_ROOF,
527 blob);
528 parser->set_top_level(parser, level0);
529
530 while (parser->iterate(parser, &objectID, &object))
531 {
532 switch (objectID)
533 {
534 case AUTH_INFO_ACCESS_METHOD:
535 accessMethod = asn1_known_oid(object);
536 break;
537 case AUTH_INFO_ACCESS_LOCATION:
538 {
539 switch (accessMethod)
540 {
541 case OID_OCSP:
542 case OID_CA_ISSUERS:
543 {
544 identification_t *id;
545 char *uri;
546
547 id = parse_generalName(object,
548 parser->get_level(parser)+1);
549 if (id == NULL)
550 {
551 /* parsing went wrong - abort */
552 goto end;
553 }
554 DBG2(" '%D'", id);
555 if (accessMethod == OID_OCSP &&
556 asprintf(&uri, "%D", id) > 0)
557 {
558 this->ocsp_uris->insert_last(this->ocsp_uris, uri);
559 }
560 id->destroy(id);
561 }
562 break;
563 default:
564 /* unkown accessMethod, ignoring */
565 break;
566 }
567 break;
568 }
569 default:
570 break;
571 }
572 }
573
574 end:
575 parser->destroy(parser);
576 }
577
578 /**
579 * ASN.1 definition of a extendedKeyUsage extension
580 */
581 static const asn1Object_t extendedKeyUsageObjects[] = {
582 { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
583 { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
584 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
585 };
586 #define EXT_KEY_USAGE_PURPOSE_ID 1
587 #define EXT_KEY_USAGE_ROOF 3
588
589 /**
590 * Extracts extendedKeyUsage OIDs - currently only OCSP_SIGING is returned
591 */
592 static bool parse_extendedKeyUsage(chunk_t blob, int level0)
593 {
594 asn1_parser_t *parser;
595 chunk_t object;
596 int objectID;
597 bool ocsp_signing = FALSE;
598
599 parser = asn1_parser_create(extendedKeyUsageObjects, EXT_KEY_USAGE_ROOF,
600 blob);
601 parser->set_top_level(parser, level0);
602
603 while (parser->iterate(parser, &objectID, &object))
604 {
605 if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
606 asn1_known_oid(object) == OID_OCSP_SIGNING)
607 {
608 ocsp_signing = TRUE;
609 }
610 }
611 parser->destroy(parser);
612 return ocsp_signing;
613 }
614
615 /**
616 * ASN.1 definition of crlDistributionPoints
617 */
618 static const asn1Object_t crlDistributionPointsObjects[] = {
619 { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
620 { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
621 { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
622 { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
623 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
624 { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
625 { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
626 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
627 { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
628 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
629 { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
630 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
631 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
632 };
633 #define CRL_DIST_POINTS_FULLNAME 3
634 #define CRL_DIST_POINTS_ROOF 13
635
636
637 /**
638 * Extracts one or several crlDistributionPoints into a list
639 */
640 static void parse_crlDistributionPoints(chunk_t blob, int level0,
641 private_x509_cert_t *this)
642 {
643 asn1_parser_t *parser;
644 chunk_t object;
645 int objectID;
646 linked_list_t *list = linked_list_create();
647
648 parser = asn1_parser_create(crlDistributionPointsObjects,
649 CRL_DIST_POINTS_ROOF, blob);
650 parser->set_top_level(parser, level0);
651
652 while (parser->iterate(parser, &objectID, &object))
653 {
654 if (objectID == CRL_DIST_POINTS_FULLNAME)
655 {
656 identification_t *id;
657
658 /* append extracted generalNames to existing chained list */
659 x509_parse_generalNames(object, parser->get_level(parser)+1,
660 TRUE, list);
661
662 while (list->remove_last(list, (void**)&id) == SUCCESS)
663 {
664 char *uri;
665
666 if (asprintf(&uri, "%D", id) > 0)
667 {
668 this->crl_uris->insert_last(this->crl_uris, uri);
669 }
670 id->destroy(id);
671 }
672 }
673 }
674 parser->destroy(parser);
675 list->destroy(list);
676 }
677
678 /**
679 * ASN.1 definition of an X.509v3 x509_cert
680 */
681 static const asn1Object_t certObjects[] = {
682 { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
683 { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
684 { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
685 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
686 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
687 { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
688 { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
689 { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
690 { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
691 { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
692 { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
693 { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
694 { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
695 { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_BODY }, /* 13 */
696 { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 14 */
697 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
698 { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 16 */
699 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 17 */
700 { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 18 */
701 { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 29 */
702 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 20 */
703 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 21 */
704 { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 22 */
705 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 23 */
706 { 3, "end loop", ASN1_EOC, ASN1_END }, /* 24 */
707 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 25 */
708 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 26 */
709 { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 27 */
710 };
711 #define X509_OBJ_TBS_CERTIFICATE 1
712 #define X509_OBJ_VERSION 3
713 #define X509_OBJ_SERIAL_NUMBER 4
714 #define X509_OBJ_SIG_ALG 5
715 #define X509_OBJ_ISSUER 6
716 #define X509_OBJ_NOT_BEFORE 8
717 #define X509_OBJ_NOT_AFTER 9
718 #define X509_OBJ_SUBJECT 10
719 #define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
720 #define X509_OBJ_SUBJECT_PUBLIC_KEY 13
721 #define X509_OBJ_EXTN_ID 21
722 #define X509_OBJ_CRITICAL 22
723 #define X509_OBJ_EXTN_VALUE 23
724 #define X509_OBJ_ALGORITHM 26
725 #define X509_OBJ_SIGNATURE 27
726 #define X509_OBJ_ROOF 28
727
728 /**
729 * Parses an X.509v3 certificate
730 */
731 static bool parse_certificate(private_x509_cert_t *this)
732 {
733 asn1_parser_t *parser;
734 chunk_t object;
735 int objectID;
736 int extn_oid = OID_UNKNOWN;
737 int key_alg = OID_UNKNOWN;
738 int sig_alg = OID_UNKNOWN;
739 bool success = TRUE;
740 bool critical;
741
742 parser = asn1_parser_create(certObjects, X509_OBJ_ROOF, this->encoding);
743
744 while (parser->iterate(parser, &objectID, &object))
745 {
746 u_int level = parser->get_level(parser)+1;
747
748 switch (objectID)
749 {
750 case X509_OBJ_TBS_CERTIFICATE:
751 this->tbsCertificate = object;
752 break;
753 case X509_OBJ_VERSION:
754 this->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
755 DBG2(" v%d", this->version);
756 break;
757 case X509_OBJ_SERIAL_NUMBER:
758 this->serialNumber = object;
759 break;
760 case X509_OBJ_SIG_ALG:
761 sig_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
762 break;
763 case X509_OBJ_ISSUER:
764 this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
765 DBG2(" '%D'", this->issuer);
766 break;
767 case X509_OBJ_NOT_BEFORE:
768 this->notBefore = asn1_parse_time(object, level);
769 break;
770 case X509_OBJ_NOT_AFTER:
771 this->notAfter = asn1_parse_time(object, level);
772 break;
773 case X509_OBJ_SUBJECT:
774 this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
775 DBG2(" '%D'", this->subject);
776 break;
777 case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
778 key_alg = asn1_parse_algorithmIdentifier(object, level, NULL);
779 break;
780 case X509_OBJ_SUBJECT_PUBLIC_KEY:
781 if (object.len > 0 && *object.ptr == 0x00)
782 {
783 /* skip initial bit string octet defining 0 unused bits */
784 object.ptr++;
785 object.len--;
786
787 switch (key_alg)
788 {
789 case OID_RSA_ENCRYPTION:
790 this->public_key = lib->creds->create(lib->creds,
791 CRED_PUBLIC_KEY, KEY_RSA,
792 BUILD_BLOB_ASN1_DER,
793 chunk_clone(object),
794 BUILD_END);
795 break;
796 default:
797 DBG1("parsing key type %d failed", key_alg);
798 success = FALSE;
799 goto end;
800 }
801 }
802 break;
803 case X509_OBJ_EXTN_ID:
804 extn_oid = asn1_known_oid(object);
805 break;
806 case X509_OBJ_CRITICAL:
807 critical = object.len && *object.ptr;
808 DBG2(" %s", critical ? "TRUE" : "FALSE");
809 break;
810 case X509_OBJ_EXTN_VALUE:
811 {
812 switch (extn_oid)
813 {
814 case OID_SUBJECT_KEY_ID:
815 this->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
816 break;
817 case OID_SUBJECT_ALT_NAME:
818 x509_parse_generalNames(object, level, FALSE, this->subjectAltNames);
819 break;
820 case OID_BASIC_CONSTRAINTS:
821 if (parse_basicConstraints(object, level))
822 {
823 this->flags |= X509_CA;
824 }
825 break;
826 case OID_CRL_DISTRIBUTION_POINTS:
827 parse_crlDistributionPoints(object, level, this);
828 break;
829 case OID_AUTHORITY_KEY_ID:
830 this->authKeyIdentifier = x509_parse_authorityKeyIdentifier(object,
831 level, &this->authKeySerialNumber);
832 break;
833 case OID_AUTHORITY_INFO_ACCESS:
834 parse_authorityInfoAccess(object, level, this);
835 break;
836 case OID_EXTENDED_KEY_USAGE:
837 if (parse_extendedKeyUsage(object, level))
838 {
839 this->flags |= X509_OCSP_SIGNER;
840 }
841 break;
842 case OID_NS_REVOCATION_URL:
843 case OID_NS_CA_REVOCATION_URL:
844 case OID_NS_CA_POLICY_URL:
845 case OID_NS_COMMENT:
846 if (!asn1_parse_simple_object(&object, ASN1_IA5STRING,
847 level, oid_names[extn_oid].name))
848 return FALSE;
849 break;
850 default:
851 break;
852 }
853 break;
854 }
855 case X509_OBJ_ALGORITHM:
856 this->algorithm = asn1_parse_algorithmIdentifier(object, level, NULL);
857 if (this->algorithm != sig_alg)
858 {
859 DBG1(" signature algorithms do not agree");
860 success = FALSE;
861 goto end;
862 }
863 break;
864 case X509_OBJ_SIGNATURE:
865 this->signature = object;
866 break;
867 default:
868 break;
869 }
870 }
871
872 end:
873 success &= parser->success(parser);
874 parser->destroy(parser);
875 return success;
876 }
877
878 /**
879 * Implementation of certificate_t.get_type
880 */
881 static certificate_type_t get_type(private_x509_cert_t *this)
882 {
883 return CERT_X509;
884 }
885
886 /**
887 * Implementation of certificate_t.get_subject
888 */
889 static identification_t* get_subject(private_x509_cert_t *this)
890 {
891 return this->subject;
892 }
893
894 /**
895 * Implementation of certificate_t.get_issuer
896 */
897 static identification_t* get_issuer(private_x509_cert_t *this)
898 {
899 return this->issuer;
900 }
901
902 /**
903 * Implementation of certificate_t.has_subject.
904 */
905 static id_match_t has_subject(private_x509_cert_t *this, identification_t *subject)
906 {
907 identification_t *current;
908 enumerator_t *enumerator;
909 id_match_t match, best;
910
911 if (this->encoding_hash.ptr && subject->get_type(subject) == ID_CERT_DER_SHA1 &&
912 chunk_equals(this->encoding_hash, subject->get_encoding(subject)))
913 {
914 return ID_MATCH_PERFECT;
915 }
916
917 best = this->subject->matches(this->subject, subject);
918 enumerator = this->subjectAltNames->create_enumerator(this->subjectAltNames);
919 while (enumerator->enumerate(enumerator, &current))
920 {
921 match = current->matches(current, subject);
922 if (match > best)
923 {
924 best = match;
925 }
926 }
927 enumerator->destroy(enumerator);
928 return best;
929 }
930
931 /**
932 * Implementation of certificate_t.has_subject.
933 */
934 static id_match_t has_issuer(private_x509_cert_t *this, identification_t *issuer)
935 {
936 /* issuerAltNames currently not supported */
937 return this->issuer->matches(this->issuer, issuer);
938 }
939
940 /**
941 * Implementation of certificate_t.issued_by
942 */
943 static bool issued_by(private_x509_cert_t *this, certificate_t *issuer)
944 {
945 public_key_t *key;
946 signature_scheme_t scheme;
947 bool valid;
948 x509_t *x509 = (x509_t*)issuer;
949
950 if (&this->public.interface.interface == issuer)
951 {
952 if (this->flags & X509_SELF_SIGNED)
953 {
954 return TRUE;
955 }
956 }
957 else
958 {
959 if (issuer->get_type(issuer) != CERT_X509)
960 {
961 return FALSE;
962 }
963 if (!(x509->get_flags(x509) & X509_CA))
964 {
965 return FALSE;
966 }
967 }
968 if (!this->issuer->equals(this->issuer, issuer->get_subject(issuer)))
969 {
970 return FALSE;
971 }
972 /* TODO: generic OID to scheme mapper? */
973 switch (this->algorithm)
974 {
975 case OID_MD5_WITH_RSA:
976 scheme = SIGN_RSA_EMSA_PKCS1_MD5;
977 break;
978 case OID_SHA1_WITH_RSA:
979 scheme = SIGN_RSA_EMSA_PKCS1_SHA1;
980 break;
981 case OID_SHA256_WITH_RSA:
982 scheme = SIGN_RSA_EMSA_PKCS1_SHA256;
983 break;
984 case OID_SHA384_WITH_RSA:
985 scheme = SIGN_RSA_EMSA_PKCS1_SHA384;
986 break;
987 case OID_SHA512_WITH_RSA:
988 scheme = SIGN_RSA_EMSA_PKCS1_SHA512;
989 break;
990 default:
991 return FALSE;
992 }
993 key = issuer->get_public_key(issuer);
994 if (key == NULL)
995 {
996 return FALSE;
997 }
998 /* TODO: add a lightweight check option (comparing auth/subject keyids only) */
999 valid = key->verify(key, scheme, this->tbsCertificate, this->signature);
1000 key->destroy(key);
1001 return valid;
1002 }
1003
1004 /**
1005 * Implementation of certificate_t.get_public_key
1006 */
1007 static public_key_t* get_public_key(private_x509_cert_t *this)
1008 {
1009 this->public_key->get_ref(this->public_key);
1010 return this->public_key;
1011 }
1012
1013 /**
1014 * Implementation of certificate_t.asdf
1015 */
1016 static private_x509_cert_t* get_ref(private_x509_cert_t *this)
1017 {
1018 ref_get(&this->ref);
1019 return this;
1020 }
1021
1022 /**
1023 * Implementation of x509_cert_t.get_flags.
1024 */
1025 static x509_flag_t get_flags(private_x509_cert_t *this)
1026 {
1027 return this->flags;
1028 }
1029
1030 /**
1031 * Implementation of x509_cert_t.get_validity.
1032 */
1033 static bool get_validity(private_x509_cert_t *this, time_t *when,
1034 time_t *not_before, time_t *not_after)
1035 {
1036 time_t t;
1037
1038 if (when)
1039 {
1040 t = *when;
1041 }
1042 else
1043 {
1044 t = time(NULL);
1045 }
1046 if (not_before)
1047 {
1048 *not_before = this->notBefore;
1049 }
1050 if (not_after)
1051 {
1052 *not_after = this->notAfter;
1053 }
1054 return (t >= this->notBefore && t <= this->notAfter);
1055 }
1056
1057 /**
1058 * Implementation of certificate_t.is_newer.
1059 */
1060 static bool is_newer(certificate_t *this, certificate_t *that)
1061 {
1062 time_t this_update, that_update, now = time(NULL);
1063 bool new;
1064
1065 this->get_validity(this, &now, &this_update, NULL);
1066 that->get_validity(that, &now, &that_update, NULL);
1067 new = this_update > that_update;
1068 DBG1(" certificate from %#T is %s - existing certificate from %#T %s",
1069 &this_update, FALSE, new ? "newer":"not newer",
1070 &that_update, FALSE, new ? "replaced":"retained");
1071 return new;
1072 }
1073
1074 /**
1075 * Implementation of certificate_t.get_encoding.
1076 */
1077 static chunk_t get_encoding(private_x509_cert_t *this)
1078 {
1079 return chunk_clone(this->encoding);
1080 }
1081
1082 /**
1083 * Implementation of certificate_t.equals.
1084 */
1085 static bool equals(private_x509_cert_t *this, certificate_t *other)
1086 {
1087 chunk_t encoding;
1088 bool equal;
1089
1090 if (this == (private_x509_cert_t*)other)
1091 {
1092 return TRUE;
1093 }
1094 if (other->get_type(other) != CERT_X509)
1095 {
1096 return FALSE;
1097 }
1098 if (other->equals == (void*)equals)
1099 { /* skip allocation if we have the same implementation */
1100 return chunk_equals(this->encoding, ((private_x509_cert_t*)other)->encoding);
1101 }
1102 encoding = other->get_encoding(other);
1103 equal = chunk_equals(this->encoding, encoding);
1104 free(encoding.ptr);
1105 return equal;
1106 }
1107
1108 /**
1109 * Implementation of x509_t.get_serial.
1110 */
1111 static chunk_t get_serial(private_x509_cert_t *this)
1112 {
1113 return this->serialNumber;
1114 }
1115
1116 /**
1117 * Implementation of x509_t.get_authKeyIdentifier.
1118 */
1119 static identification_t *get_authKeyIdentifier(private_x509_cert_t *this)
1120 {
1121 return this->authKeyIdentifier;
1122 }
1123
1124 /**
1125 * Implementation of x509_cert_t.create_subjectAltName_enumerator.
1126 */
1127 static enumerator_t* create_subjectAltName_enumerator(private_x509_cert_t *this)
1128 {
1129 return this->subjectAltNames->create_enumerator(this->subjectAltNames);
1130 }
1131
1132 /**
1133 * Implementation of x509_cert_t.create_ocsp_uri_enumerator.
1134 */
1135 static enumerator_t* create_ocsp_uri_enumerator(private_x509_cert_t *this)
1136 {
1137 return this->ocsp_uris->create_enumerator(this->ocsp_uris);
1138 }
1139
1140 /**
1141 * Implementation of x509_cert_t.create_crl_uri_enumerator.
1142 */
1143 static enumerator_t* create_crl_uri_enumerator(private_x509_cert_t *this)
1144 {
1145 return this->crl_uris->create_enumerator(this->crl_uris);
1146 }
1147
1148 /**
1149 * Implementation of certificate_t.asdf
1150 */
1151 static void destroy(private_x509_cert_t *this)
1152 {
1153 if (ref_put(&this->ref))
1154 {
1155 this->subjectAltNames->destroy_offset(this->subjectAltNames,
1156 offsetof(identification_t, destroy));
1157 this->crl_uris->destroy_function(this->crl_uris, free);
1158 this->ocsp_uris->destroy_function(this->ocsp_uris, free);
1159 DESTROY_IF(this->issuer);
1160 DESTROY_IF(this->subject);
1161 DESTROY_IF(this->public_key);
1162 DESTROY_IF(this->authKeyIdentifier);
1163 chunk_free(&this->encoding);
1164 chunk_free(&this->encoding_hash);
1165 free(this);
1166 }
1167 }
1168
1169 /**
1170 * create an empty but initialized X.509 certificate
1171 */
1172 static private_x509_cert_t* create_empty(void)
1173 {
1174 private_x509_cert_t *this = malloc_thing(private_x509_cert_t);
1175
1176 this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type;
1177 this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject;
1178 this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer;
1179 this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject;
1180 this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer;
1181 this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by;
1182 this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key;
1183 this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity;
1184 this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer;
1185 this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding;
1186 this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals;
1187 this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref;
1188 this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy;
1189 this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags;
1190 this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial;
1191 this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier;
1192 this->public.interface.create_subjectAltName_enumerator = (enumerator_t* (*)(x509_t*))create_subjectAltName_enumerator;
1193 this->public.interface.create_crl_uri_enumerator = (enumerator_t* (*)(x509_t*))create_crl_uri_enumerator;
1194 this->public.interface.create_ocsp_uri_enumerator = (enumerator_t* (*)(x509_t*))create_ocsp_uri_enumerator;
1195
1196 this->encoding = chunk_empty;
1197 this->encoding_hash = chunk_empty;
1198 this->public_key = NULL;
1199 this->subject = NULL;
1200 this->issuer = NULL;
1201 this->subjectAltNames = linked_list_create();
1202 this->crl_uris = linked_list_create();
1203 this->ocsp_uris = linked_list_create();
1204 this->subjectKeyID = chunk_empty;
1205 this->authKeyIdentifier = NULL;
1206 this->authKeySerialNumber = chunk_empty;
1207 this->flags = 0;
1208 this->ref = 1;
1209
1210 return this;
1211 }
1212
1213 /**
1214 * create an X.509 certificate from a chunk
1215 */
1216 static private_x509_cert_t *create_from_chunk(chunk_t chunk)
1217 {
1218 private_x509_cert_t *this = create_empty();
1219
1220 this->encoding = chunk;
1221 if (!parse_certificate(this))
1222 {
1223 destroy(this);
1224 return NULL;
1225 }
1226
1227 /* check if the certificate is self-signed */
1228 if (issued_by(this, &this->public.interface.interface))
1229 {
1230 this->flags |= X509_SELF_SIGNED;
1231 }
1232
1233 hasher_t *hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
1234 if (hasher != NULL)
1235 {
1236 hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash);
1237 hasher->destroy(hasher);
1238 }
1239 else
1240 {
1241 DBG1(" unable to create hash of certificate, SHA1 not supported");
1242 }
1243
1244 return this;
1245 }
1246
1247 /**
1248 * create an X.509 certificate from a file
1249 */
1250 static private_x509_cert_t *create_from_file(char *path)
1251 {
1252 bool pgp = FALSE;
1253 chunk_t chunk;
1254 private_x509_cert_t *this;
1255
1256 if (!pem_asn1_load_file(path, NULL, &chunk, &pgp))
1257 {
1258 return NULL;
1259 }
1260
1261 this = create_from_chunk(chunk);
1262
1263 if (this == NULL)
1264 {
1265 DBG1(" could not parse loaded certificate file '%s'",path);
1266 return NULL;
1267 }
1268 DBG1(" loaded certificate file '%s'", path);
1269 return this;
1270
1271 }
1272
1273 typedef struct private_builder_t private_builder_t;
1274 /**
1275 * Builder implementation for certificate loading
1276 */
1277 struct private_builder_t {
1278 /** implements the builder interface */
1279 builder_t public;
1280 /** loaded certificate */
1281 private_x509_cert_t *cert;
1282 /** additional flags to enforce */
1283 x509_flag_t flags;
1284 };
1285
1286 /**
1287 * Implementation of builder_t.build
1288 */
1289 static private_x509_cert_t *build(private_builder_t *this)
1290 {
1291 private_x509_cert_t *cert = this->cert;
1292 x509_flag_t flags = this->flags;
1293
1294 free(this);
1295 if (cert == NULL)
1296 {
1297 return NULL;
1298 }
1299 if ((flags & X509_CA) && !(cert->flags & X509_CA))
1300 {
1301 DBG1(" ca certificate must have ca basic constraint set, discarded");
1302 destroy(cert);
1303 return NULL;
1304 }
1305 cert->flags |= flags;
1306 return cert;
1307 }
1308
1309 /**
1310 * Implementation of builder_t.add
1311 */
1312 static void add(private_builder_t *this, builder_part_t part, ...)
1313 {
1314 va_list args;
1315
1316 va_start(args, part);
1317 switch (part)
1318 {
1319 case BUILD_FROM_FILE:
1320 this->cert = create_from_file(va_arg(args, char*));
1321 break;
1322 case BUILD_BLOB_ASN1_DER:
1323 this->cert = create_from_chunk(va_arg(args, chunk_t));
1324 break;
1325 case BUILD_X509_FLAG:
1326 this->flags = va_arg(args, x509_flag_t);
1327 break;
1328 default:
1329 DBG1("ignoring unsupported build part %N", builder_part_names, part);
1330 break;
1331 }
1332 va_end(args);
1333 }
1334
1335 /**
1336 * Builder construction function
1337 */
1338 builder_t *x509_cert_builder(certificate_type_t type)
1339 {
1340 private_builder_t *this;
1341
1342 if (type != CERT_X509)
1343 {
1344 return NULL;
1345 }
1346
1347 this = malloc_thing(private_builder_t);
1348
1349 this->cert = NULL;
1350 this->flags = 0;
1351 this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add;
1352 this->public.build = (void*(*)(builder_t *this))build;
1353
1354 return &this->public;
1355 }
1356