1445f4b8e97e18fa1ab7308e0f9c254ba34c5624
[strongswan.git] / src / pluto / ocsp.c
1 /* Support of the Online Certificate Status Protocol (OCSP)
2 * Copyright (C) 2003 Christoph Gysin, Simon Zwahlen
3 * Zuercher Hochschule Winterthur
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include <unistd.h>
17 #include <stdlib.h>
18 #include <string.h>
19 #include <time.h>
20 #include <sys/types.h>
21 #include <sys/stat.h>
22 #include <fcntl.h>
23
24 #include <freeswan.h>
25
26 #include <library.h>
27 #include <asn1/asn1.h>
28 #include <asn1/asn1_parser.h>
29 #include <asn1/oid.h>
30 #include <crypto/rngs/rng.h>
31 #include <crypto/hashers/hasher.h>
32
33 #include "constants.h"
34 #include "defs.h"
35 #include "log.h"
36 #include "x509.h"
37 #include "crl.h"
38 #include "ca.h"
39 #include "certs.h"
40 #include "smartcard.h"
41 #include "whack.h"
42 #include "pkcs1.h"
43 #include "keys.h"
44 #include "fetch.h"
45 #include "ocsp.h"
46
47 #define NONCE_LENGTH 16
48
49 static const char *const cert_status_names[] = {
50 "good",
51 "revoked",
52 "unknown",
53 "undefined"
54 };
55
56
57 static const char *const response_status_names[] = {
58 "successful",
59 "malformed request",
60 "internal error",
61 "try later",
62 "status #4",
63 "signature required",
64 "unauthorized"
65 };
66
67 /* response container */
68 typedef struct response response_t;
69
70 struct response {
71 chunk_t tbs;
72 chunk_t responder_id_name;
73 chunk_t responder_id_key;
74 time_t produced_at;
75 chunk_t responses;
76 chunk_t nonce;
77 int algorithm;
78 chunk_t signature;
79 };
80
81 const response_t empty_response = {
82 { NULL, 0 } , /* tbs */
83 { NULL, 0 } , /* responder_id_name */
84 { NULL, 0 } , /* responder_id_key */
85 UNDEFINED_TIME, /* produced_at */
86 { NULL, 0 } , /* single_response */
87 { NULL, 0 } , /* nonce */
88 OID_UNKNOWN , /* signature_algorithm */
89 { NULL, 0 } /* signature */
90 };
91
92 /* single response container */
93 typedef struct single_response single_response_t;
94
95 struct single_response {
96 single_response_t *next;
97 int hash_algorithm;
98 chunk_t issuer_name_hash;
99 chunk_t issuer_key_hash;
100 chunk_t serialNumber;
101 cert_status_t status;
102 time_t revocationTime;
103 crl_reason_t revocationReason;
104 time_t thisUpdate;
105 time_t nextUpdate;
106 };
107
108 const single_response_t empty_single_response = {
109 NULL , /* *next */
110 OID_UNKNOWN , /* hash_algorithm */
111 { NULL, 0 } , /* issuer_name_hash */
112 { NULL, 0 } , /* issuer_key_hash */
113 { NULL, 0 } , /* serial_number */
114 CERT_UNDEFINED , /* status */
115 UNDEFINED_TIME , /* revocationTime */
116 REASON_UNSPECIFIED, /* revocationReason */
117 UNDEFINED_TIME , /* this_update */
118 UNDEFINED_TIME /* next_update */
119 };
120
121
122 /* list of single requests */
123 typedef struct request_list request_list_t;
124 struct request_list {
125 chunk_t request;
126 request_list_t *next;
127 };
128
129 /* some OCSP specific prefabricated ASN.1 constants */
130
131 static u_char ASN1_nonce_oid_str[] = {
132 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02
133 };
134
135 static const chunk_t ASN1_nonce_oid = chunk_from_buf(ASN1_nonce_oid_str);
136
137 static u_char ASN1_response_oid_str[] = {
138 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04
139 };
140
141 static const chunk_t ASN1_response_oid = chunk_from_buf(ASN1_response_oid_str);
142
143 static u_char ASN1_response_content_str[] = {
144 0x04, 0x0D,
145 0x30, 0x0B,
146 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
147 };
148
149 static const chunk_t ASN1_response_content = chunk_from_buf(ASN1_response_content_str);
150
151 /* default OCSP uri */
152 static chunk_t ocsp_default_uri;
153
154 /* ocsp cache: pointer to first element */
155 static ocsp_location_t *ocsp_cache = NULL;
156
157 /* static temporary storage for ocsp requestor information */
158 static x509cert_t *ocsp_requestor_cert = NULL;
159
160 static smartcard_t *ocsp_requestor_sc = NULL;
161
162 static const struct RSA_private_key *ocsp_requestor_pri = NULL;
163
164 /**
165 * ASN.1 definition of ocspResponse
166 */
167 static const asn1Object_t ocspResponseObjects[] = {
168 { 0, "OCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
169 { 1, "responseStatus", ASN1_ENUMERATED, ASN1_BODY }, /* 1 */
170 { 1, "responseBytesContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 2 */
171 { 2, "responseBytes", ASN1_SEQUENCE, ASN1_NONE }, /* 3 */
172 { 3, "responseType", ASN1_OID, ASN1_BODY }, /* 4 */
173 { 3, "response", ASN1_OCTET_STRING, ASN1_BODY }, /* 5 */
174 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
175 { 0, "exit", ASN1_EOC, ASN1_EXIT }
176 };
177 #define OCSP_RESPONSE_STATUS 1
178 #define OCSP_RESPONSE_TYPE 4
179 #define OCSP_RESPONSE 5
180
181 /**
182 * ASN.1 definition of basicResponse
183 */
184 static const asn1Object_t basicResponseObjects[] = {
185 { 0, "BasicOCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
186 { 1, "tbsResponseData", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
187 { 2, "versionContext", ASN1_CONTEXT_C_0, ASN1_NONE |
188 ASN1_DEF }, /* 2 */
189 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
190 { 2, "responderIdContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 4 */
191 { 3, "responderIdByName", ASN1_SEQUENCE, ASN1_OBJ }, /* 5 */
192 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
193 { 2, "responderIdContext", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 7 */
194 { 3, "responderIdByKey", ASN1_OCTET_STRING, ASN1_BODY }, /* 8 */
195 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
196 { 2, "producedAt", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 10 */
197 { 2, "responses", ASN1_SEQUENCE, ASN1_OBJ }, /* 11 */
198 { 2, "responseExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
199 { 3, "responseExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 13 */
200 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 14 */
201 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 15 */
202 { 5, "critical", ASN1_BOOLEAN, ASN1_BODY |
203 ASN1_DEF }, /* 16 */
204 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 17 */
205 { 4, "end loop", ASN1_EOC, ASN1_END }, /* 18 */
206 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
207 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 20 */
208 { 1, "signature", ASN1_BIT_STRING, ASN1_BODY }, /* 21 */
209 { 1, "certsContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 22 */
210 { 2, "certs", ASN1_SEQUENCE, ASN1_LOOP }, /* 23 */
211 { 3, "certificate", ASN1_SEQUENCE, ASN1_RAW }, /* 24 */
212 { 2, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
213 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
214 { 0, "exit", ASN1_EOC, ASN1_EXIT }
215 };
216 #define BASIC_RESPONSE_TBS_DATA 1
217 #define BASIC_RESPONSE_VERSION 3
218 #define BASIC_RESPONSE_ID_BY_NAME 5
219 #define BASIC_RESPONSE_ID_BY_KEY 8
220 #define BASIC_RESPONSE_PRODUCED_AT 10
221 #define BASIC_RESPONSE_RESPONSES 11
222 #define BASIC_RESPONSE_EXT_ID 15
223 #define BASIC_RESPONSE_CRITICAL 16
224 #define BASIC_RESPONSE_EXT_VALUE 17
225 #define BASIC_RESPONSE_ALGORITHM 20
226 #define BASIC_RESPONSE_SIGNATURE 21
227 #define BASIC_RESPONSE_CERTIFICATE 24
228
229 /**
230 * ASN.1 definition of responses
231 */
232 static const asn1Object_t responsesObjects[] = {
233 { 0, "responses", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
234 { 1, "singleResponse", ASN1_EOC, ASN1_RAW }, /* 1 */
235 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
236 { 0, "exit", ASN1_EOC, ASN1_EXIT }
237 };
238 #define RESPONSES_SINGLE_RESPONSE 1
239
240 /**
241 * ASN.1 definition of singleResponse
242 */
243 static const asn1Object_t singleResponseObjects[] = {
244 { 0, "singleResponse", ASN1_SEQUENCE, ASN1_BODY }, /* 0 */
245 { 1, "certID", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
246 { 2, "algorithm", ASN1_EOC, ASN1_RAW }, /* 2 */
247 { 2, "issuerNameHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 3 */
248 { 2, "issuerKeyHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 4 */
249 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 5 */
250 { 1, "certStatusGood", ASN1_CONTEXT_S_0, ASN1_OPT }, /* 6 */
251 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
252 { 1, "certStatusRevoked", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 8 */
253 { 2, "revocationTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 9 */
254 { 2, "revocationReason", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 10 */
255 { 3, "crlReason", ASN1_ENUMERATED, ASN1_BODY }, /* 11 */
256 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 12 */
257 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
258 { 1, "certStatusUnknown", ASN1_CONTEXT_S_2, ASN1_OPT }, /* 14 */
259 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
260 { 1, "thisUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 16 */
261 { 1, "nextUpdateContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 17 */
262 { 2, "nextUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 18 */
263 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
264 { 1, "singleExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 20 */
265 { 2, "singleExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 21 */
266 { 3, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 22 */
267 { 4, "extnID", ASN1_OID, ASN1_BODY }, /* 23 */
268 { 4, "critical", ASN1_BOOLEAN, ASN1_BODY |
269 ASN1_DEF }, /* 24 */
270 { 4, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 25 */
271 { 2, "end loop", ASN1_EOC, ASN1_END }, /* 26 */
272 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 27 */
273 { 0, "exit", ASN1_EOC, ASN1_EXIT }
274 };
275 #define SINGLE_RESPONSE_ALGORITHM 2
276 #define SINGLE_RESPONSE_ISSUER_NAME_HASH 3
277 #define SINGLE_RESPONSE_ISSUER_KEY_HASH 4
278 #define SINGLE_RESPONSE_SERIAL_NUMBER 5
279 #define SINGLE_RESPONSE_CERT_STATUS_GOOD 6
280 #define SINGLE_RESPONSE_CERT_STATUS_REVOKED 8
281 #define SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME 9
282 #define SINGLE_RESPONSE_CERT_STATUS_CRL_REASON 11
283 #define SINGLE_RESPONSE_CERT_STATUS_UNKNOWN 14
284 #define SINGLE_RESPONSE_THIS_UPDATE 16
285 #define SINGLE_RESPONSE_NEXT_UPDATE 18
286 #define SINGLE_RESPONSE_EXT_ID 23
287 #define SINGLE_RESPONSE_CRITICAL 24
288 #define SINGLE_RESPONSE_EXT_VALUE 25
289
290 /*
291 * Build an ocsp location from certificate information
292 * without unsharing its contents
293 */
294 static bool build_ocsp_location(const x509cert_t *cert, ocsp_location_t *location)
295 {
296 static u_char digest[HASH_SIZE_SHA1]; /* temporary storage */
297
298 location->uri = cert->accessLocation;
299
300 if (location->uri.ptr == NULL)
301 {
302 ca_info_t *ca = get_ca_info(cert->issuer, cert->authKeySerialNumber
303 , cert->authKeyID);
304 if (ca != NULL && ca->ocspuri != NULL)
305 {
306 location->uri = chunk_create(ca->ocspuri, strlen(ca->ocspuri));
307 }
308 else
309 { /* abort if no ocsp location uri is defined */
310 return FALSE;
311 }
312 }
313
314 location->authNameID = chunk_create(digest, HASH_SIZE_SHA1);
315 compute_digest(cert->issuer, OID_SHA1, &location->authNameID);
316
317 location->next = NULL;
318 location->issuer = cert->issuer;
319 location->authKeyID = cert->authKeyID;
320 location->authKeySerialNumber = cert->authKeySerialNumber;
321
322 if (cert->authKeyID.ptr == NULL)
323 {
324 x509cert_t *authcert = get_authcert(cert->issuer
325 , cert->authKeySerialNumber, cert->authKeyID, AUTH_CA);
326
327 if (authcert != NULL)
328 {
329 location->authKeyID = authcert->subjectKeyID;
330 location->authKeySerialNumber = authcert->serialNumber;
331 }
332 }
333
334 location->nonce = chunk_empty;
335 location->certinfo = NULL;
336
337 return TRUE;
338 }
339
340 /**
341 * Compare two ocsp locations for equality
342 */
343 static bool same_ocsp_location(const ocsp_location_t *a, const ocsp_location_t *b)
344 {
345 return ((a->authKeyID.ptr != NULL)
346 ? same_keyid(a->authKeyID, b->authKeyID)
347 : (same_dn(a->issuer, b->issuer)
348 && same_serial(a->authKeySerialNumber, b->authKeySerialNumber)))
349 && chunk_equals(a->uri, b->uri);
350 }
351
352 /**
353 * Find an existing ocsp location in a chained list
354 */
355 ocsp_location_t* get_ocsp_location(const ocsp_location_t * loc, ocsp_location_t *chain)
356 {
357
358 while (chain != NULL)
359 {
360 if (same_ocsp_location(loc, chain))
361 return chain;
362 chain = chain->next;
363 }
364 return NULL;
365 }
366
367 /**
368 * Retrieves the status of a cert from the ocsp cache
369 * returns CERT_UNDEFINED if no status is found
370 */
371 static cert_status_t get_ocsp_status(const ocsp_location_t *loc,
372 chunk_t serialNumber,
373 time_t *nextUpdate, time_t *revocationTime,
374 crl_reason_t *revocationReason)
375 {
376 ocsp_certinfo_t *certinfo, **certinfop;
377 int cmp = -1;
378
379 /* find location */
380 ocsp_location_t *location = get_ocsp_location(loc, ocsp_cache);
381
382 if (location == NULL)
383 return CERT_UNDEFINED;
384
385 /* traverse list of certinfos in increasing order */
386 certinfop = &location->certinfo;
387 certinfo = *certinfop;
388
389 while (certinfo != NULL)
390 {
391 cmp = chunk_compare(serialNumber, certinfo->serialNumber);
392 if (cmp <= 0)
393 break;
394 certinfop = &certinfo->next;
395 certinfo = *certinfop;
396 }
397
398 if (cmp == 0)
399 {
400 *nextUpdate = certinfo->nextUpdate;
401 *revocationTime = certinfo->revocationTime;
402 *revocationReason = certinfo->revocationReason;
403 return certinfo->status;
404 }
405
406 return CERT_UNDEFINED;
407 }
408
409 /**
410 * Verify the ocsp status of a certificate
411 */
412 cert_status_t verify_by_ocsp(const x509cert_t *cert, time_t *until,
413 time_t *revocationDate,
414 crl_reason_t *revocationReason)
415 {
416 cert_status_t status;
417 ocsp_location_t location;
418 time_t nextUpdate = 0;
419
420 *revocationDate = UNDEFINED_TIME;
421 *revocationReason = REASON_UNSPECIFIED;
422
423 /* is an ocsp location defined? */
424 if (!build_ocsp_location(cert, &location))
425 return CERT_UNDEFINED;
426
427 lock_ocsp_cache("verify_by_ocsp");
428 status = get_ocsp_status(&location, cert->serialNumber, &nextUpdate
429 , revocationDate, revocationReason);
430 unlock_ocsp_cache("verify_by_ocsp");
431
432 if (status == CERT_UNDEFINED || nextUpdate < time(NULL))
433 {
434 plog("ocsp status is stale or not in cache");
435 add_ocsp_fetch_request(&location, cert->serialNumber);
436
437 /* inititate fetching of ocsp status */
438 wake_fetch_thread("verify_by_ocsp");
439 }
440 *until = nextUpdate;
441 return status;
442 }
443
444 /**
445 * Check if an ocsp status is about to expire
446 */
447 void check_ocsp(void)
448 {
449 ocsp_location_t *location;
450
451 lock_ocsp_cache("check_ocsp");
452 location = ocsp_cache;
453
454 while (location != NULL)
455 {
456 char buf[BUF_LEN];
457 bool first = TRUE;
458 ocsp_certinfo_t *certinfo = location->certinfo;
459
460 while (certinfo != NULL)
461 {
462 if (!certinfo->once)
463 {
464 time_t time_left = certinfo->nextUpdate - time(NULL);
465
466 DBG(DBG_CONTROL,
467 if (first)
468 {
469 dntoa(buf, BUF_LEN, location->issuer);
470 DBG_log("issuer: '%s'", buf);
471 if (location->authKeyID.ptr != NULL)
472 {
473 datatot(location->authKeyID.ptr, location->authKeyID.len
474 , ':', buf, BUF_LEN);
475 DBG_log("authkey: %s", buf);
476 }
477 first = FALSE;
478 }
479 datatot(certinfo->serialNumber.ptr, certinfo->serialNumber.len
480 , ':', buf, BUF_LEN);
481 DBG_log("serial: %s, %ld seconds left", buf, time_left)
482 )
483
484 if (time_left < 2*crl_check_interval)
485 add_ocsp_fetch_request(location, certinfo->serialNumber);
486 }
487 certinfo = certinfo->next;
488 }
489 location = location->next;
490 }
491 unlock_ocsp_cache("check_ocsp");
492 }
493
494 /**
495 * frees the allocated memory of a certinfo struct
496 */
497 static void free_certinfo(ocsp_certinfo_t *certinfo)
498 {
499 free(certinfo->serialNumber.ptr);
500 free(certinfo);
501 }
502
503 /**
504 * frees all certinfos in a chained list
505 */
506 static void free_certinfos(ocsp_certinfo_t *chain)
507 {
508 ocsp_certinfo_t *certinfo;
509
510 while (chain != NULL)
511 {
512 certinfo = chain;
513 chain = chain->next;
514 free_certinfo(certinfo);
515 }
516 }
517
518 /**
519 * Frees the memory allocated to an ocsp location including all certinfos
520 */
521 static void free_ocsp_location(ocsp_location_t* location)
522 {
523 free(location->issuer.ptr);
524 free(location->authNameID.ptr);
525 free(location->authKeyID.ptr);
526 free(location->authKeySerialNumber.ptr);
527 free(location->uri.ptr);
528 free_certinfos(location->certinfo);
529 free(location);
530 }
531
532 /*
533 * Free a chained list of ocsp locations
534 */
535 void free_ocsp_locations(ocsp_location_t **chain)
536 {
537 while (*chain != NULL)
538 {
539 ocsp_location_t *location = *chain;
540 *chain = location->next;
541 free_ocsp_location(location);
542 }
543 }
544
545 /**
546 * Free the ocsp cache
547 */
548 void free_ocsp_cache(void)
549 {
550 lock_ocsp_cache("free_ocsp_cache");
551 free_ocsp_locations(&ocsp_cache);
552 unlock_ocsp_cache("free_ocsp_cache");
553 }
554
555 /**
556 * Frees the ocsp cache and global variables
557 */
558 void free_ocsp(void)
559 {
560 free(ocsp_default_uri.ptr);
561 free_ocsp_cache();
562 }
563
564 /**
565 * List a chained list of ocsp_locations
566 */
567 void list_ocsp_locations(ocsp_location_t *location, bool requests,
568 bool utc, bool strict)
569 {
570 bool first = TRUE;
571
572 while (location != NULL)
573 {
574 ocsp_certinfo_t *certinfo = location->certinfo;
575
576 if (certinfo != NULL)
577 {
578 u_char buf[BUF_LEN];
579
580 if (first)
581 {
582 whack_log(RC_COMMENT, " ");
583 whack_log(RC_COMMENT, "List of OCSP %s:", requests?
584 "fetch requests":"responses");
585 first = FALSE;
586 }
587 whack_log(RC_COMMENT, " ");
588 if (location->issuer.ptr != NULL)
589 {
590 dntoa(buf, BUF_LEN, location->issuer);
591 whack_log(RC_COMMENT, " issuer: '%s'", buf);
592 }
593 whack_log(RC_COMMENT, " uri: '%.*s'", (int)location->uri.len
594 , location->uri.ptr);
595 if (location->authNameID.ptr != NULL)
596 {
597 datatot(location->authNameID.ptr, location->authNameID.len, ':'
598 , buf, BUF_LEN);
599 whack_log(RC_COMMENT, " authname: %s", buf);
600 }
601 if (location->authKeyID.ptr != NULL)
602 {
603 datatot(location->authKeyID.ptr, location->authKeyID.len, ':'
604 , buf, BUF_LEN);
605 whack_log(RC_COMMENT, " authkey: %s", buf);
606 }
607 if (location->authKeySerialNumber.ptr != NULL)
608 {
609 datatot(location->authKeySerialNumber.ptr
610 , location->authKeySerialNumber.len, ':', buf, BUF_LEN);
611 whack_log(RC_COMMENT, " aserial: %s", buf);
612 }
613 while (certinfo != NULL)
614 {
615 char thisUpdate[BUF_LEN];
616
617 snprintf(thisUpdate, BUF_LEN, "%T", &certinfo->thisUpdate, utc);
618
619 if (requests)
620 {
621 whack_log(RC_COMMENT, "%s, trials: %d", thisUpdate
622 , certinfo->trials);
623 }
624 else if (certinfo->once)
625 {
626 whack_log(RC_COMMENT, "%s, onetime use%s", thisUpdate
627 , (certinfo->nextUpdate < time(NULL))? " (expired)": "");
628 }
629 else
630 {
631 whack_log(RC_COMMENT, "%s, until %T %s", thisUpdate
632 , &certinfo->nextUpdate, utc
633 , check_expiry(certinfo->nextUpdate, OCSP_WARNING_INTERVAL, strict));
634 }
635 datatot(certinfo->serialNumber.ptr, certinfo->serialNumber.len, ':'
636 , buf, BUF_LEN);
637 whack_log(RC_COMMENT, " serial: %s, %s", buf
638 , cert_status_names[certinfo->status]);
639 certinfo = certinfo->next;
640 }
641 }
642 location = location->next;
643 }
644 }
645
646 /**
647 * List the ocsp cache
648 */
649 void list_ocsp_cache(bool utc, bool strict)
650 {
651 lock_ocsp_cache("list_ocsp_cache");
652 list_ocsp_locations(ocsp_cache, FALSE, utc, strict);
653 unlock_ocsp_cache("list_ocsp_cache");
654 }
655
656 static bool get_ocsp_requestor_cert(ocsp_location_t *location)
657 {
658 x509cert_t *cert = NULL;
659
660 /* initialize temporary static storage */
661 ocsp_requestor_cert = NULL;
662 ocsp_requestor_sc = NULL;
663 ocsp_requestor_pri = NULL;
664
665 for (;;)
666 {
667 char buf[BUF_LEN];
668
669 /* looking for a certificate from the same issuer */
670 cert = get_x509cert(location->issuer, location->authKeySerialNumber
671 ,location->authKeyID, cert);
672 if (cert == NULL)
673 break;
674
675 DBG(DBG_CONTROL,
676 dntoa(buf, BUF_LEN, cert->subject);
677 DBG_log("candidate: '%s'", buf);
678 )
679
680 if (cert->smartcard)
681 {
682 /* look for a matching private key on a smartcard */
683 smartcard_t *sc = scx_get(cert);
684
685 if (sc != NULL)
686 {
687 DBG(DBG_CONTROL,
688 DBG_log("matching smartcard found")
689 )
690 if (sc->valid)
691 {
692 ocsp_requestor_cert = cert;
693 ocsp_requestor_sc = sc;
694 return TRUE;
695 }
696 plog("unable to sign ocsp request without PIN");
697 }
698 }
699 else
700 {
701 /* look for a matching private key in the chained list */
702 const struct RSA_private_key *pri = get_x509_private_key(cert);
703
704 if (pri != NULL)
705 {
706 DBG(DBG_CONTROL,
707 DBG_log("matching private key found")
708 )
709 ocsp_requestor_cert = cert;
710 ocsp_requestor_pri = pri;
711 return TRUE;
712 }
713 }
714 }
715 return FALSE;
716 }
717
718 static chunk_t generate_signature(chunk_t digest, smartcard_t *sc,
719 const RSA_private_key_t *pri)
720 {
721 chunk_t sigdata;
722 u_char *pos;
723 size_t siglen = 0;
724
725 if (sc != NULL)
726 {
727 /* RSA signature is done on smartcard */
728
729 if (!scx_establish_context(sc) || !scx_login(sc))
730 {
731 scx_release_context(sc);
732 return chunk_empty;
733 }
734
735 siglen = scx_get_keylength(sc);
736
737 if (siglen == 0)
738 {
739 plog("failed to get keylength from smartcard");
740 scx_release_context(sc);
741 return chunk_empty;
742 }
743
744 DBG(DBG_CONTROL | DBG_CRYPT,
745 DBG_log("signing hash with RSA key from smartcard (slot: %d, id: %s)"
746 , (int)sc->slot, sc->id)
747 )
748
749 pos = asn1_build_object(&sigdata, ASN1_BIT_STRING, 1 + siglen);
750 *pos++ = 0x00;
751 scx_sign_hash(sc, digest.ptr, digest.len, pos, siglen);
752 if (!pkcs11_keep_state)
753 scx_release_context(sc);
754 }
755 else
756 {
757 /* RSA signature is done in software */
758 siglen = pri->pub.k;
759 pos = asn1_build_object(&sigdata, ASN1_BIT_STRING, 1 + siglen);
760 *pos++ = 0x00;
761 sign_hash(pri, digest.ptr, digest.len, pos, siglen);
762 }
763 return sigdata;
764 }
765
766 /**
767 * build signature into ocsp request gets built only if a request cert
768 * with a corresponding private key is found
769 */
770 static chunk_t build_signature(chunk_t tbsRequest)
771 {
772 chunk_t sigdata, certs;
773 chunk_t digest_info;
774
775 u_char digest_buf[MAX_DIGEST_LEN];
776 chunk_t digest_raw = { digest_buf, MAX_DIGEST_LEN };
777
778 if (!compute_digest(tbsRequest, OID_SHA1, &digest_raw))
779 return chunk_empty;
780
781 /* according to PKCS#1 v2.1 digest must be packaged into
782 * an ASN.1 structure for encryption
783 */
784 digest_info = asn1_wrap(ASN1_SEQUENCE, "cm"
785 , asn1_algorithmIdentifier(OID_SHA1)
786 , asn1_simple_object(ASN1_OCTET_STRING, digest_raw));
787
788 /* generate the RSA signature */
789 sigdata = generate_signature(digest_info
790 , ocsp_requestor_sc
791 , ocsp_requestor_pri);
792 free(digest_info.ptr);
793
794 /* has the RSA signature generation been successful? */
795 if (sigdata.ptr == NULL)
796 return chunk_empty;
797
798 /* include our certificate */
799 certs = asn1_wrap(ASN1_CONTEXT_C_0, "m"
800 , asn1_simple_object(ASN1_SEQUENCE
801 , ocsp_requestor_cert->certificate
802 )
803 );
804
805 /* build signature comprising algorithm, signature and cert */
806 return asn1_wrap(ASN1_CONTEXT_C_0, "m"
807 , asn1_wrap(ASN1_SEQUENCE, "cmm"
808 , asn1_algorithmIdentifier(OID_SHA1_WITH_RSA)
809 , sigdata
810 , certs
811 )
812 );
813 }
814
815 /**
816 * Build request (into requestList)
817 * no singleRequestExtensions used
818 */
819 static chunk_t build_request(ocsp_location_t *location, ocsp_certinfo_t *certinfo)
820 {
821 chunk_t reqCert = asn1_wrap(ASN1_SEQUENCE, "cmmm"
822 , asn1_algorithmIdentifier(OID_SHA1)
823 , asn1_simple_object(ASN1_OCTET_STRING, location->authNameID)
824 , asn1_simple_object(ASN1_OCTET_STRING, location->authKeyID)
825 , asn1_simple_object(ASN1_INTEGER, certinfo->serialNumber));
826
827 return asn1_wrap(ASN1_SEQUENCE, "m", reqCert);
828 }
829
830 /**
831 * build requestList (into TBSRequest)
832 */
833 static chunk_t build_request_list(ocsp_location_t *location)
834 {
835 chunk_t requestList;
836 request_list_t *reqs = NULL;
837 ocsp_certinfo_t *certinfo = location->certinfo;
838 u_char *pos;
839
840 size_t datalen = 0;
841
842 /* build content */
843 while (certinfo != NULL)
844 {
845 /* build request for every certificate in list
846 * and store them in a chained list
847 */
848 request_list_t *req = malloc_thing(request_list_t);
849
850 req->request = build_request(location, certinfo);
851 req->next = reqs;
852 reqs = req;
853
854 datalen += req->request.len;
855 certinfo = certinfo->next;
856 }
857
858 pos = asn1_build_object(&requestList, ASN1_SEQUENCE, datalen);
859
860 /* copy all in chained list, free list afterwards */
861 while (reqs != NULL)
862 {
863 request_list_t *req = reqs;
864
865 mv_chunk(&pos, req->request);
866 reqs = reqs->next;
867 free(req);
868 }
869
870 return requestList;
871 }
872
873 /**
874 * Build requestorName (into TBSRequest)
875 */
876 static chunk_t build_requestor_name(void)
877 {
878 return asn1_wrap(ASN1_CONTEXT_C_1, "m"
879 , asn1_simple_object(ASN1_CONTEXT_C_4
880 , ocsp_requestor_cert->subject));
881 }
882
883 /**
884 * build nonce extension (into requestExtensions)
885 */
886 static chunk_t build_nonce_extension(ocsp_location_t *location)
887 {
888 rng_t *rng;
889
890 /* generate a random nonce */
891 location->nonce.ptr = malloc(NONCE_LENGTH),
892 location->nonce.len = NONCE_LENGTH;
893 rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
894 rng->get_bytes(rng, location->nonce.len, location->nonce.ptr);
895 rng->destroy(rng);
896
897 return asn1_wrap(ASN1_SEQUENCE, "cm"
898 , ASN1_nonce_oid
899 , asn1_simple_object(ASN1_OCTET_STRING, location->nonce));
900 }
901
902 /**
903 * Build requestExtensions (into TBSRequest)
904 */
905 static chunk_t build_request_ext(ocsp_location_t *location)
906 {
907 return asn1_wrap(ASN1_CONTEXT_C_2, "m"
908 , asn1_wrap(ASN1_SEQUENCE, "mm"
909 , build_nonce_extension(location)
910 , asn1_wrap(ASN1_SEQUENCE, "cc"
911 , ASN1_response_oid
912 , ASN1_response_content
913 )
914 )
915 );
916 }
917
918 /**
919 * Build TBSRequest (into OCSPRequest)
920 */
921 static chunk_t build_tbs_request(ocsp_location_t *location, bool has_requestor_cert)
922 {
923 /* version is skipped since the default is ok */
924 return asn1_wrap(ASN1_SEQUENCE, "mmm"
925 , (has_requestor_cert)
926 ? build_requestor_name()
927 : chunk_empty
928 , build_request_list(location)
929 , build_request_ext(location));
930 }
931
932 /**
933 * Assembles an ocsp request to given location
934 * and sets nonce field in location to the sent nonce
935 */
936 chunk_t build_ocsp_request(ocsp_location_t *location)
937 {
938 bool has_requestor_cert;
939 chunk_t tbsRequest, signature;
940 char buf[BUF_LEN];
941
942 DBG(DBG_CONTROL,
943 DBG_log("assembling ocsp request");
944 dntoa(buf, BUF_LEN, location->issuer);
945 DBG_log("issuer: '%s'", buf);
946 if (location->authKeyID.ptr != NULL)
947 {
948 datatot(location->authKeyID.ptr, location->authKeyID.len, ':'
949 , buf, BUF_LEN);
950 DBG_log("authkey: %s", buf);
951 }
952 )
953 lock_certs_and_keys("build_ocsp_request");
954
955 /* looks for requestor cert and matching private key */
956 has_requestor_cert = get_ocsp_requestor_cert(location);
957
958 /* build content */
959 tbsRequest = build_tbs_request(location, has_requestor_cert);
960
961 /* sign tbsReuqest */
962 signature = (has_requestor_cert)? build_signature(tbsRequest)
963 : chunk_empty;
964
965 unlock_certs_and_keys("build_ocsp_request");
966
967 return asn1_wrap(ASN1_SEQUENCE, "mm"
968 , tbsRequest
969 , signature);
970 }
971
972 /**
973 * Check if the OCSP response has a valid signature
974 */
975 static bool valid_ocsp_response(response_t *res)
976 {
977 int pathlen;
978 x509cert_t *authcert;
979
980 lock_authcert_list("valid_ocsp_response");
981
982 authcert = get_authcert(res->responder_id_name, chunk_empty
983 , res->responder_id_key, AUTH_OCSP | AUTH_CA);
984
985 if (authcert == NULL)
986 {
987 plog("no matching ocsp signer cert found");
988 unlock_authcert_list("valid_ocsp_response");
989 return FALSE;
990 }
991 DBG(DBG_CONTROL,
992 DBG_log("ocsp signer cert found")
993 )
994
995 if (!check_signature(res->tbs, res->signature, res->algorithm
996 , res->algorithm, authcert))
997 {
998 plog("signature of ocsp response is invalid");
999 unlock_authcert_list("valid_ocsp_response");
1000 return FALSE;
1001 }
1002 DBG(DBG_CONTROL,
1003 DBG_log("signature of ocsp response is valid")
1004 )
1005
1006
1007 for (pathlen = 0; pathlen < MAX_CA_PATH_LEN; pathlen++)
1008 {
1009 u_char buf[BUF_LEN];
1010 err_t ugh = NULL;
1011 time_t until;
1012
1013 x509cert_t *cert = authcert;
1014
1015 DBG(DBG_CONTROL,
1016 dntoa(buf, BUF_LEN, cert->subject);
1017 DBG_log("subject: '%s'",buf);
1018 dntoa(buf, BUF_LEN, cert->issuer);
1019 DBG_log("issuer: '%s'",buf);
1020 if (cert->authKeyID.ptr != NULL)
1021 {
1022 datatot(cert->authKeyID.ptr, cert->authKeyID.len, ':'
1023 , buf, BUF_LEN);
1024 DBG_log("authkey: %s", buf);
1025 }
1026 )
1027
1028 ugh = check_validity(authcert, &until);
1029
1030 if (ugh != NULL)
1031 {
1032 plog("%s", ugh);
1033 unlock_authcert_list("valid_ocsp_response");
1034 return FALSE;
1035 }
1036
1037 DBG(DBG_CONTROL,
1038 DBG_log("certificate is valid")
1039 )
1040
1041 authcert = get_authcert(cert->issuer, cert->authKeySerialNumber
1042 , cert->authKeyID, AUTH_CA);
1043
1044 if (authcert == NULL)
1045 {
1046 plog("issuer cacert not found");
1047 unlock_authcert_list("valid_ocsp_response");
1048 return FALSE;
1049 }
1050 DBG(DBG_CONTROL,
1051 DBG_log("issuer cacert found")
1052 )
1053
1054 if (!check_signature(cert->tbsCertificate, cert->signature
1055 , cert->algorithm, cert->algorithm, authcert))
1056 {
1057 plog("certificate signature is invalid");
1058 unlock_authcert_list("valid_ocsp_response");
1059 return FALSE;
1060 }
1061 DBG(DBG_CONTROL,
1062 DBG_log("certificate signature is valid")
1063 )
1064
1065 /* check if cert is self-signed */
1066 if (same_dn(cert->issuer, cert->subject))
1067 {
1068 DBG(DBG_CONTROL,
1069 DBG_log("reached self-signed root ca")
1070 )
1071 unlock_authcert_list("valid_ocsp_response");
1072 return TRUE;
1073 }
1074 }
1075 plog("maximum ca path length of %d levels exceeded", MAX_CA_PATH_LEN);
1076 unlock_authcert_list("valid_ocsp_response");
1077 return FALSE;
1078 }
1079
1080 /**
1081 * Parse a basic OCSP response
1082 */
1083 static bool parse_basic_ocsp_response(chunk_t blob, int level0, response_t *res)
1084 {
1085 asn1_parser_t *parser;
1086 chunk_t object;
1087 u_int version;
1088 u_char buf[BUF_LEN];
1089 int objectID;
1090 int extn_oid = OID_UNKNOWN;
1091 bool success = FALSE;
1092 bool critical;
1093
1094 parser = asn1_parser_create(basicResponseObjects, blob);
1095 parser->set_top_level(parser, level0);
1096
1097 while (parser->iterate(parser, &objectID, &object))
1098 {
1099 switch (objectID)
1100 {
1101 case BASIC_RESPONSE_TBS_DATA:
1102 res->tbs = object;
1103 break;
1104 case BASIC_RESPONSE_VERSION:
1105 version = (object.len)? (1 + (u_int)*object.ptr) : 1;
1106 if (version != OCSP_BASIC_RESPONSE_VERSION)
1107 {
1108 plog("wrong ocsp basic response version (version= %i)", version);
1109 goto end;
1110 }
1111 break;
1112 case BASIC_RESPONSE_ID_BY_NAME:
1113 res->responder_id_name = object;
1114 DBG(DBG_PARSING,
1115 dntoa(buf, BUF_LEN, object);
1116 DBG_log(" '%s'",buf)
1117 )
1118 break;
1119 case BASIC_RESPONSE_ID_BY_KEY:
1120 res->responder_id_key = object;
1121 break;
1122 case BASIC_RESPONSE_PRODUCED_AT:
1123 res->produced_at = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1124 break;
1125 case BASIC_RESPONSE_RESPONSES:
1126 res->responses = object;
1127 break;
1128 case BASIC_RESPONSE_EXT_ID:
1129 extn_oid = asn1_known_oid(object);
1130 break;
1131 case BASIC_RESPONSE_CRITICAL:
1132 critical = object.len && *object.ptr;
1133 DBG(DBG_PARSING,
1134 DBG_log(" %s",(critical)?"TRUE":"FALSE");
1135 )
1136 break;
1137 case BASIC_RESPONSE_EXT_VALUE:
1138 if (extn_oid == OID_NONCE)
1139 res->nonce = object;
1140 break;
1141 case BASIC_RESPONSE_ALGORITHM:
1142 res->algorithm = asn1_parse_algorithmIdentifier(object,
1143 parser->get_level(parser)+1, NULL);
1144 break;
1145 case BASIC_RESPONSE_SIGNATURE:
1146 res->signature = object;
1147 break;
1148 case BASIC_RESPONSE_CERTIFICATE:
1149 {
1150 chunk_t blob = chunk_clone(object);
1151 x509cert_t *cert = malloc_thing(x509cert_t);
1152
1153 *cert = empty_x509cert;
1154
1155 if (parse_x509cert(blob, parser->get_level(parser)+1, cert)
1156 && cert->isOcspSigner
1157 && trust_authcert_candidate(cert, NULL))
1158 {
1159 add_authcert(cert, AUTH_OCSP);
1160 }
1161 else
1162 {
1163 DBG(DBG_CONTROL | DBG_PARSING,
1164 DBG_log("embedded ocsp certificate rejected")
1165 )
1166 free_x509cert(cert);
1167 }
1168 }
1169 break;
1170 }
1171 }
1172 success = parser->success(parser);
1173
1174 end:
1175 parser->destroy(parser);
1176 return success;
1177
1178 }
1179
1180
1181 /**
1182 * Parse an ocsp response and return the result as a response_t struct
1183 */
1184 static response_status parse_ocsp_response(chunk_t blob, response_t * res)
1185 {
1186 asn1_parser_t *parser;
1187 chunk_t object;
1188 int objectID;
1189 int ocspResponseType = OID_UNKNOWN;
1190 bool success = FALSE;
1191 response_status rStatus = STATUS_INTERNALERROR;
1192
1193 parser = asn1_parser_create(ocspResponseObjects, blob);
1194
1195 while (parser->iterate(parser, &objectID, &object))
1196 {
1197 switch (objectID) {
1198 case OCSP_RESPONSE_STATUS:
1199 rStatus = (response_status) *object.ptr;
1200
1201 switch (rStatus)
1202 {
1203 case STATUS_SUCCESSFUL:
1204 break;
1205 case STATUS_MALFORMEDREQUEST:
1206 case STATUS_INTERNALERROR:
1207 case STATUS_TRYLATER:
1208 case STATUS_SIGREQUIRED:
1209 case STATUS_UNAUTHORIZED:
1210 plog("ocsp response: server said '%s'"
1211 , response_status_names[rStatus]);
1212 goto end;
1213 default:
1214 goto end;
1215 }
1216 break;
1217 case OCSP_RESPONSE_TYPE:
1218 ocspResponseType = asn1_known_oid(object);
1219 break;
1220 case OCSP_RESPONSE:
1221 {
1222 switch (ocspResponseType) {
1223 case OID_BASIC:
1224 success = parse_basic_ocsp_response(object,
1225 parser->get_level(parser)+1, res);
1226 break;
1227 default:
1228 DBG(DBG_CONTROL,
1229 DBG_log("ocsp response is not of type BASIC");
1230 DBG_dump_chunk("ocsp response OID: ", object);
1231 )
1232 goto end;
1233 }
1234 }
1235 break;
1236 }
1237 }
1238 success &= parser->success(parser);
1239
1240 end:
1241 parser->destroy(parser);
1242 return rStatus;
1243 }
1244
1245 /**
1246 * Parse a basic OCSP response
1247 */
1248 static bool parse_ocsp_single_response(chunk_t blob, int level0,
1249 single_response_t *sres)
1250 {
1251 asn1_parser_t *parser;
1252 chunk_t object;
1253 u_int extn_oid;
1254 int objectID;
1255 bool critical;
1256 bool success = FALSE;
1257
1258 parser = asn1_parser_create(singleResponseObjects, blob);
1259 parser->set_top_level(parser, level0);
1260
1261 while (parser->iterate(parser, &objectID, &object))
1262 {
1263 switch (objectID)
1264 {
1265 case SINGLE_RESPONSE_ALGORITHM:
1266 sres->hash_algorithm = asn1_parse_algorithmIdentifier(object,
1267 parser->get_level(parser)+1, NULL);
1268 break;
1269 case SINGLE_RESPONSE_ISSUER_NAME_HASH:
1270 sres->issuer_name_hash = object;
1271 break;
1272 case SINGLE_RESPONSE_ISSUER_KEY_HASH:
1273 sres->issuer_key_hash = object;
1274 break;
1275 case SINGLE_RESPONSE_SERIAL_NUMBER:
1276 sres->serialNumber = object;
1277 break;
1278 case SINGLE_RESPONSE_CERT_STATUS_GOOD:
1279 sres->status = CERT_GOOD;
1280 break;
1281 case SINGLE_RESPONSE_CERT_STATUS_REVOKED:
1282 sres->status = CERT_REVOKED;
1283 break;
1284 case SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME:
1285 sres->revocationTime = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1286 break;
1287 case SINGLE_RESPONSE_CERT_STATUS_CRL_REASON:
1288 sres->revocationReason = (object.len == 1)
1289 ? *object.ptr : REASON_UNSPECIFIED;
1290 break;
1291 case SINGLE_RESPONSE_CERT_STATUS_UNKNOWN:
1292 sres->status = CERT_UNKNOWN;
1293 break;
1294 case SINGLE_RESPONSE_THIS_UPDATE:
1295 sres->thisUpdate = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1296 break;
1297 case SINGLE_RESPONSE_NEXT_UPDATE:
1298 sres->nextUpdate = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1299 break;
1300 case SINGLE_RESPONSE_EXT_ID:
1301 extn_oid = asn1_known_oid(object);
1302 break;
1303 case SINGLE_RESPONSE_CRITICAL:
1304 critical = object.len && *object.ptr;
1305 DBG(DBG_PARSING,
1306 DBG_log(" %s",(critical)?"TRUE":"FALSE");
1307 )
1308 case SINGLE_RESPONSE_EXT_VALUE:
1309 break;
1310 }
1311 }
1312 success = parser->success(parser);
1313 parser->destroy(parser);
1314 return success;
1315 }
1316
1317 /**
1318 * Add an ocsp location to a chained list
1319 */
1320 ocsp_location_t* add_ocsp_location(const ocsp_location_t *loc,
1321 ocsp_location_t **chain)
1322 {
1323 ocsp_location_t *location = malloc_thing(ocsp_location_t);
1324
1325 /* unshare location fields */
1326 location->issuer = chunk_clone(loc->issuer);
1327 location->authNameID = chunk_clone(loc->authNameID);
1328 location->authKeyID = chunk_clone(loc->authKeyID);
1329 location->authKeySerialNumber = chunk_clone(loc->authKeySerialNumber);
1330 location->uri = chunk_clone(loc->uri);
1331 location->certinfo = NULL;
1332
1333 /* insert new ocsp location in front of chain */
1334 location->next = *chain;
1335 *chain = location;
1336
1337 DBG(DBG_CONTROL,
1338 DBG_log("new ocsp location added")
1339 )
1340
1341 return location;
1342 }
1343
1344 /**
1345 * add a certinfo struct to a chained list
1346 */
1347 void add_certinfo(ocsp_location_t *loc, ocsp_certinfo_t *info,
1348 ocsp_location_t **chain, bool request)
1349 {
1350 ocsp_location_t *location;
1351 ocsp_certinfo_t *certinfo, **certinfop;
1352 char buf[BUF_LEN];
1353 time_t now;
1354 int cmp = -1;
1355
1356 location = get_ocsp_location(loc, *chain);
1357 if (location == NULL)
1358 {
1359 location = add_ocsp_location(loc, chain);
1360 }
1361
1362 /* traverse list of certinfos in increasing order */
1363 certinfop = &location->certinfo;
1364 certinfo = *certinfop;
1365
1366 while (certinfo != NULL)
1367 {
1368 cmp = chunk_compare(info->serialNumber, certinfo->serialNumber);
1369 if (cmp <= 0)
1370 break;
1371 certinfop = &certinfo->next;
1372 certinfo = *certinfop;
1373 }
1374
1375 if (cmp != 0)
1376 {
1377 /* add a new certinfo entry */
1378 ocsp_certinfo_t *cnew = malloc_thing(ocsp_certinfo_t);
1379
1380 cnew->serialNumber = chunk_clone(info->serialNumber);
1381 cnew->next = certinfo;
1382 *certinfop = cnew;
1383 certinfo = cnew;
1384 }
1385
1386 DBG(DBG_CONTROL,
1387 datatot(info->serialNumber.ptr, info->serialNumber.len, ':'
1388 , buf, BUF_LEN);
1389 DBG_log("ocsp %s for serial %s %s"
1390 , request?"fetch request":"certinfo"
1391 , buf
1392 , (cmp == 0)? (request?"already exists":"updated"):"added")
1393 )
1394
1395 time(&now);
1396
1397 if (request)
1398 {
1399 certinfo->status = CERT_UNDEFINED;
1400
1401 if (cmp != 0)
1402 {
1403 certinfo->thisUpdate = now;
1404 }
1405 certinfo->nextUpdate = UNDEFINED_TIME;
1406 }
1407 else
1408 {
1409 certinfo->status = info->status;
1410 certinfo->revocationTime = info->revocationTime;
1411 certinfo->revocationReason = info->revocationReason;
1412
1413 certinfo->thisUpdate = (info->thisUpdate != UNDEFINED_TIME)?
1414 info->thisUpdate : now;
1415
1416 certinfo->once = (info->nextUpdate == UNDEFINED_TIME);
1417
1418 certinfo->nextUpdate = (certinfo->once)?
1419 (now + OCSP_DEFAULT_VALID_TIME) : info->nextUpdate;
1420 }
1421 }
1422
1423 /**
1424 * Process received ocsp single response and add it to ocsp cache
1425 */
1426 static void process_single_response(ocsp_location_t *location,
1427 single_response_t *sres)
1428 {
1429 ocsp_certinfo_t *certinfo, **certinfop;
1430 int cmp = -1;
1431
1432 if (sres->hash_algorithm != OID_SHA1)
1433 {
1434 plog("only SHA-1 hash supported in OCSP single response");
1435 return;
1436 }
1437 if (!(chunk_equals(sres->issuer_name_hash, location->authNameID)
1438 && chunk_equals(sres->issuer_key_hash, location->authKeyID)))
1439 {
1440 plog("ocsp single response has wrong issuer");
1441 return;
1442 }
1443
1444 /* traverse list of certinfos in increasing order */
1445 certinfop = &location->certinfo;
1446 certinfo = *certinfop;
1447
1448 while (certinfo != NULL)
1449 {
1450 cmp = chunk_compare(sres->serialNumber, certinfo->serialNumber);
1451 if (cmp <= 0)
1452 break;
1453 certinfop = &certinfo->next;
1454 certinfo = *certinfop;
1455 }
1456
1457 if (cmp != 0)
1458 {
1459 plog("received unrequested cert status from ocsp server");
1460 return;
1461 }
1462
1463 /* unlink cert from ocsp fetch request list */
1464 *certinfop = certinfo->next;
1465
1466 /* update certinfo using the single response information */
1467 certinfo->thisUpdate = sres->thisUpdate;
1468 certinfo->nextUpdate = sres->nextUpdate;
1469 certinfo->status = sres->status;
1470 certinfo->revocationTime = sres->revocationTime;
1471 certinfo->revocationReason = sres->revocationReason;
1472
1473 /* add or update certinfo in ocsp cache */
1474 lock_ocsp_cache("process_single_response");
1475 add_certinfo(location, certinfo, &ocsp_cache, FALSE);
1476 unlock_ocsp_cache("process_single_response");
1477
1478 /* free certinfo unlinked from ocsp fetch request list */
1479 free_certinfo(certinfo);
1480 }
1481
1482 /**
1483 * Parse and verify ocsp response and update the ocsp cache
1484 */
1485 void parse_ocsp(ocsp_location_t *location, chunk_t blob)
1486 {
1487 response_t res = empty_response;
1488
1489 /* parse the ocsp response without looking at the single responses yet */
1490 response_status status = parse_ocsp_response(blob, &res);
1491
1492 if (status != STATUS_SUCCESSFUL)
1493 {
1494 plog("error in ocsp response");
1495 return;
1496 }
1497 /* check if there was a nonce in the request */
1498 if (location->nonce.ptr != NULL && res.nonce.ptr == NULL)
1499 {
1500 plog("ocsp response contains no nonce, replay attack possible");
1501 }
1502 /* check if the nonce is identical */
1503 if (res.nonce.ptr != NULL && !chunk_equals(res.nonce, location->nonce))
1504 {
1505 plog("invalid nonce in ocsp response");
1506 return;
1507 }
1508 /* check if the response is signed by a trusted key */
1509 if (!valid_ocsp_response(&res))
1510 {
1511 plog("invalid ocsp response");
1512 return;
1513 }
1514 DBG(DBG_CONTROL,
1515 DBG_log("valid ocsp response")
1516 )
1517
1518 /* now parse the single responses one at a time */
1519 {
1520 asn1_parser_t *parser;
1521 chunk_t object;
1522 int objectID;
1523
1524 parser = asn1_parser_create(responsesObjects, res.responses);
1525
1526 while (parser->iterate(parser, &objectID, &object))
1527 {
1528 if (objectID == RESPONSES_SINGLE_RESPONSE)
1529 {
1530 single_response_t sres = empty_single_response;
1531
1532 if (!parse_ocsp_single_response(object,
1533 parser->get_level(parser)+1, &sres))
1534 {
1535 goto end;
1536 }
1537 process_single_response(location, &sres);
1538 }
1539 }
1540 end:
1541 parser->destroy(parser);
1542 }
1543 }