issue error message for expired certificates in OCSP trust chain checking
[strongswan.git] / src / pluto / ocsp.c
1 /* Support of the Online Certificate Status Protocol (OCSP)
2 * Copyright (C) 2003 Christoph Gysin, Simon Zwahlen
3 * Copyright (C) 2009 Andreas Steffen - Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include <unistd.h>
17 #include <stdlib.h>
18 #include <string.h>
19 #include <time.h>
20 #include <sys/types.h>
21 #include <sys/stat.h>
22 #include <fcntl.h>
23
24 #include <freeswan.h>
25
26 #include <library.h>
27 #include <asn1/asn1.h>
28 #include <asn1/asn1_parser.h>
29 #include <asn1/oid.h>
30 #include <crypto/rngs/rng.h>
31 #include <crypto/hashers/hasher.h>
32
33 #include "constants.h"
34 #include "defs.h"
35 #include "log.h"
36 #include "x509.h"
37 #include "crl.h"
38 #include "ca.h"
39 #include "certs.h"
40 #include "smartcard.h"
41 #include "whack.h"
42 #include "keys.h"
43 #include "fetch.h"
44 #include "ocsp.h"
45
46 #define NONCE_LENGTH 16
47
48 static const char *const cert_status_names[] = {
49 "good",
50 "revoked",
51 "unknown",
52 "undefined"
53 };
54
55
56 static const char *const response_status_names[] = {
57 "successful",
58 "malformed request",
59 "internal error",
60 "try later",
61 "status #4",
62 "signature required",
63 "unauthorized"
64 };
65
66 /* response container */
67 typedef struct response response_t;
68
69 struct response {
70 chunk_t tbs;
71 identification_t *responder_id_name;
72 chunk_t responder_id_key;
73 time_t produced_at;
74 chunk_t responses;
75 chunk_t nonce;
76 int algorithm;
77 chunk_t signature;
78 };
79
80 const response_t empty_response = {
81 { NULL, 0 } , /* tbs */
82 NULL , /* responder_id_name */
83 { NULL, 0 } , /* responder_id_key */
84 UNDEFINED_TIME, /* produced_at */
85 { NULL, 0 } , /* single_response */
86 { NULL, 0 } , /* nonce */
87 OID_UNKNOWN , /* signature_algorithm */
88 { NULL, 0 } /* signature */
89 };
90
91 /* single response container */
92 typedef struct single_response single_response_t;
93
94 struct single_response {
95 single_response_t *next;
96 int hash_algorithm;
97 chunk_t issuer_name_hash;
98 chunk_t issuer_key_hash;
99 chunk_t serialNumber;
100 cert_status_t status;
101 time_t revocationTime;
102 crl_reason_t revocationReason;
103 time_t thisUpdate;
104 time_t nextUpdate;
105 };
106
107 const single_response_t empty_single_response = {
108 NULL , /* *next */
109 OID_UNKNOWN , /* hash_algorithm */
110 { NULL, 0 } , /* issuer_name_hash */
111 { NULL, 0 } , /* issuer_key_hash */
112 { NULL, 0 } , /* serial_number */
113 CERT_UNDEFINED , /* status */
114 UNDEFINED_TIME , /* revocationTime */
115 CRL_REASON_UNSPECIFIED, /* revocationReason */
116 UNDEFINED_TIME , /* this_update */
117 UNDEFINED_TIME /* next_update */
118 };
119
120
121 /* list of single requests */
122 typedef struct request_list request_list_t;
123 struct request_list {
124 chunk_t request;
125 request_list_t *next;
126 };
127
128 /* some OCSP specific prefabricated ASN.1 constants */
129 static const chunk_t ASN1_nonce_oid = chunk_from_chars(
130 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02
131 );
132 static const chunk_t ASN1_response_oid = chunk_from_chars(
133 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04
134 );
135 static const chunk_t ASN1_response_content = chunk_from_chars(
136 0x04, 0x0D,
137 0x30, 0x0B,
138 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
139 );
140
141 /* default OCSP uri */
142 static chunk_t ocsp_default_uri;
143
144 /* ocsp cache: pointer to first element */
145 static ocsp_location_t *ocsp_cache = NULL;
146
147 /* static temporary storage for ocsp requestor information */
148 static cert_t *ocsp_requestor_cert = NULL;
149
150 static smartcard_t *ocsp_requestor_sc = NULL;
151
152 static private_key_t *ocsp_requestor_key = NULL;
153
154 /**
155 * ASN.1 definition of ocspResponse
156 */
157 static const asn1Object_t ocspResponseObjects[] = {
158 { 0, "OCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
159 { 1, "responseStatus", ASN1_ENUMERATED, ASN1_BODY }, /* 1 */
160 { 1, "responseBytesContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 2 */
161 { 2, "responseBytes", ASN1_SEQUENCE, ASN1_NONE }, /* 3 */
162 { 3, "responseType", ASN1_OID, ASN1_BODY }, /* 4 */
163 { 3, "response", ASN1_OCTET_STRING, ASN1_BODY }, /* 5 */
164 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
165 { 0, "exit", ASN1_EOC, ASN1_EXIT }
166 };
167 #define OCSP_RESPONSE_STATUS 1
168 #define OCSP_RESPONSE_TYPE 4
169 #define OCSP_RESPONSE 5
170
171 /**
172 * ASN.1 definition of basicResponse
173 */
174 static const asn1Object_t basicResponseObjects[] = {
175 { 0, "BasicOCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
176 { 1, "tbsResponseData", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
177 { 2, "versionContext", ASN1_CONTEXT_C_0, ASN1_NONE |
178 ASN1_DEF }, /* 2 */
179 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
180 { 2, "responderIdContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 4 */
181 { 3, "responderIdByName", ASN1_SEQUENCE, ASN1_OBJ }, /* 5 */
182 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
183 { 2, "responderIdContext", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 7 */
184 { 3, "responderIdByKey", ASN1_OCTET_STRING, ASN1_BODY }, /* 8 */
185 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
186 { 2, "producedAt", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 10 */
187 { 2, "responses", ASN1_SEQUENCE, ASN1_OBJ }, /* 11 */
188 { 2, "responseExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
189 { 3, "responseExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 13 */
190 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 14 */
191 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 15 */
192 { 5, "critical", ASN1_BOOLEAN, ASN1_BODY |
193 ASN1_DEF }, /* 16 */
194 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 17 */
195 { 4, "end loop", ASN1_EOC, ASN1_END }, /* 18 */
196 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
197 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 20 */
198 { 1, "signature", ASN1_BIT_STRING, ASN1_BODY }, /* 21 */
199 { 1, "certsContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 22 */
200 { 2, "certs", ASN1_SEQUENCE, ASN1_LOOP }, /* 23 */
201 { 3, "certificate", ASN1_SEQUENCE, ASN1_RAW }, /* 24 */
202 { 2, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
203 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
204 { 0, "exit", ASN1_EOC, ASN1_EXIT }
205 };
206 #define BASIC_RESPONSE_TBS_DATA 1
207 #define BASIC_RESPONSE_VERSION 3
208 #define BASIC_RESPONSE_ID_BY_NAME 5
209 #define BASIC_RESPONSE_ID_BY_KEY 8
210 #define BASIC_RESPONSE_PRODUCED_AT 10
211 #define BASIC_RESPONSE_RESPONSES 11
212 #define BASIC_RESPONSE_EXT_ID 15
213 #define BASIC_RESPONSE_CRITICAL 16
214 #define BASIC_RESPONSE_EXT_VALUE 17
215 #define BASIC_RESPONSE_ALGORITHM 20
216 #define BASIC_RESPONSE_SIGNATURE 21
217 #define BASIC_RESPONSE_CERTIFICATE 24
218
219 /**
220 * ASN.1 definition of responses
221 */
222 static const asn1Object_t responsesObjects[] = {
223 { 0, "responses", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
224 { 1, "singleResponse", ASN1_EOC, ASN1_RAW }, /* 1 */
225 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
226 { 0, "exit", ASN1_EOC, ASN1_EXIT }
227 };
228 #define RESPONSES_SINGLE_RESPONSE 1
229
230 /**
231 * ASN.1 definition of singleResponse
232 */
233 static const asn1Object_t singleResponseObjects[] = {
234 { 0, "singleResponse", ASN1_SEQUENCE, ASN1_BODY }, /* 0 */
235 { 1, "certID", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
236 { 2, "algorithm", ASN1_EOC, ASN1_RAW }, /* 2 */
237 { 2, "issuerNameHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 3 */
238 { 2, "issuerKeyHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 4 */
239 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 5 */
240 { 1, "certStatusGood", ASN1_CONTEXT_S_0, ASN1_OPT }, /* 6 */
241 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
242 { 1, "certStatusRevoked", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 8 */
243 { 2, "revocationTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 9 */
244 { 2, "revocationReason", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 10 */
245 { 3, "crlReason", ASN1_ENUMERATED, ASN1_BODY }, /* 11 */
246 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 12 */
247 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
248 { 1, "certStatusUnknown", ASN1_CONTEXT_S_2, ASN1_OPT }, /* 14 */
249 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
250 { 1, "thisUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 16 */
251 { 1, "nextUpdateContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 17 */
252 { 2, "nextUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 18 */
253 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
254 { 1, "singleExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 20 */
255 { 2, "singleExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 21 */
256 { 3, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 22 */
257 { 4, "extnID", ASN1_OID, ASN1_BODY }, /* 23 */
258 { 4, "critical", ASN1_BOOLEAN, ASN1_BODY |
259 ASN1_DEF }, /* 24 */
260 { 4, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 25 */
261 { 2, "end loop", ASN1_EOC, ASN1_END }, /* 26 */
262 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 27 */
263 { 0, "exit", ASN1_EOC, ASN1_EXIT }
264 };
265 #define SINGLE_RESPONSE_ALGORITHM 2
266 #define SINGLE_RESPONSE_ISSUER_NAME_HASH 3
267 #define SINGLE_RESPONSE_ISSUER_KEY_HASH 4
268 #define SINGLE_RESPONSE_SERIAL_NUMBER 5
269 #define SINGLE_RESPONSE_CERT_STATUS_GOOD 6
270 #define SINGLE_RESPONSE_CERT_STATUS_REVOKED 8
271 #define SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME 9
272 #define SINGLE_RESPONSE_CERT_STATUS_CRL_REASON 11
273 #define SINGLE_RESPONSE_CERT_STATUS_UNKNOWN 14
274 #define SINGLE_RESPONSE_THIS_UPDATE 16
275 #define SINGLE_RESPONSE_NEXT_UPDATE 18
276 #define SINGLE_RESPONSE_EXT_ID 23
277 #define SINGLE_RESPONSE_CRITICAL 24
278 #define SINGLE_RESPONSE_EXT_VALUE 25
279
280 /*
281 * Build an ocsp location from certificate information
282 * without unsharing its contents
283 */
284 static bool build_ocsp_location(const cert_t *cert, ocsp_location_t *location)
285 {
286 certificate_t *certificate = cert->cert;
287 identification_t *issuer = certificate->get_issuer(certificate);
288 x509_t *x509 = (x509_t*)certificate;
289 chunk_t issuer_dn = issuer->get_encoding(issuer);
290 chunk_t authKeyID = x509->get_authKeyIdentifier(x509);
291 hasher_t *hasher;
292 static u_char digest[HASH_SIZE_SHA1]; /* temporary storage */
293
294 enumerator_t *enumerator = x509->create_ocsp_uri_enumerator(x509);
295
296 location->uri = NULL;
297 while (enumerator->enumerate(enumerator, &location->uri))
298 {
299 break;
300 }
301 enumerator->destroy(enumerator);
302
303 if (location->uri == NULL)
304 {
305 ca_info_t *ca = get_ca_info(issuer, authKeyID);
306 if (ca && ca->ocspuri)
307 {
308 location->uri = ca->ocspuri;
309 }
310 else
311 { /* abort if no ocsp location uri is defined */
312 return FALSE;
313 }
314 }
315
316 /* compute authNameID from as SHA-1 hash of issuer DN */
317 location->authNameID = chunk_create(digest, HASH_SIZE_SHA1);
318 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
319 if (hasher == NULL)
320 {
321 return FALSE;
322 }
323 hasher->get_hash(hasher, issuer_dn, digest);
324 hasher->destroy(hasher);
325
326 location->next = NULL;
327 location->issuer = issuer;
328 location->authKeyID = authKeyID;
329
330 if (authKeyID.ptr == NULL)
331 {
332 cert_t *authcert = get_authcert(issuer, authKeyID, X509_CA);
333
334 if (authcert)
335 {
336 x509_t *x509 = (x509_t*)authcert->cert;
337
338 location->authKeyID = x509->get_subjectKeyIdentifier(x509);
339 }
340 }
341
342 location->nonce = chunk_empty;
343 location->certinfo = NULL;
344
345 return TRUE;
346 }
347
348 /**
349 * Compare two ocsp locations for equality
350 */
351 static bool same_ocsp_location(const ocsp_location_t *a, const ocsp_location_t *b)
352 {
353 return ((a->authKeyID.ptr)
354 ? same_keyid(a->authKeyID, b->authKeyID)
355 : a->issuer->equals(a->issuer, b->issuer))
356 && streq(a->uri, b->uri);
357 }
358
359 /**
360 * Find an existing ocsp location in a chained list
361 */
362 ocsp_location_t* get_ocsp_location(const ocsp_location_t * loc, ocsp_location_t *chain)
363 {
364
365 while (chain)
366 {
367 if (same_ocsp_location(loc, chain))
368 return chain;
369 chain = chain->next;
370 }
371 return NULL;
372 }
373
374 /**
375 * Retrieves the status of a cert from the ocsp cache
376 * returns CERT_UNDEFINED if no status is found
377 */
378 static cert_status_t get_ocsp_status(const ocsp_location_t *loc,
379 chunk_t serialNumber,
380 time_t *nextUpdate, time_t *revocationTime,
381 crl_reason_t *revocationReason)
382 {
383 ocsp_certinfo_t *certinfo, **certinfop;
384 int cmp = -1;
385
386 /* find location */
387 ocsp_location_t *location = get_ocsp_location(loc, ocsp_cache);
388
389 if (location == NULL)
390 return CERT_UNDEFINED;
391
392 /* traverse list of certinfos in increasing order */
393 certinfop = &location->certinfo;
394 certinfo = *certinfop;
395
396 while (certinfo)
397 {
398 cmp = chunk_compare(serialNumber, certinfo->serialNumber);
399 if (cmp <= 0)
400 break;
401 certinfop = &certinfo->next;
402 certinfo = *certinfop;
403 }
404
405 if (cmp == 0)
406 {
407 *nextUpdate = certinfo->nextUpdate;
408 *revocationTime = certinfo->revocationTime;
409 *revocationReason = certinfo->revocationReason;
410 return certinfo->status;
411 }
412
413 return CERT_UNDEFINED;
414 }
415
416 /**
417 * Verify the ocsp status of a certificate
418 */
419 cert_status_t verify_by_ocsp(const cert_t *cert, time_t *until,
420 time_t *revocationDate,
421 crl_reason_t *revocationReason)
422 {
423 x509_t *x509 = (x509_t*)cert->cert;
424 chunk_t serialNumber = x509->get_serial(x509);
425 cert_status_t status;
426 ocsp_location_t location;
427 time_t nextUpdate = UNDEFINED_TIME;
428
429 *revocationDate = UNDEFINED_TIME;
430 *revocationReason = CRL_REASON_UNSPECIFIED;
431
432 /* is an ocsp location defined? */
433 if (!build_ocsp_location(cert, &location))
434 {
435 return CERT_UNDEFINED;
436 }
437
438 lock_ocsp_cache("verify_by_ocsp");
439 status = get_ocsp_status(&location, serialNumber, &nextUpdate
440 , revocationDate, revocationReason);
441 unlock_ocsp_cache("verify_by_ocsp");
442
443 if (status == CERT_UNDEFINED || nextUpdate < time(NULL))
444 {
445 plog("ocsp status is stale or not in cache");
446 add_ocsp_fetch_request(&location, serialNumber);
447
448 /* inititate fetching of ocsp status */
449 wake_fetch_thread("verify_by_ocsp");
450 }
451 *until = nextUpdate;
452 return status;
453 }
454
455 /**
456 * Check if an ocsp status is about to expire
457 */
458 void check_ocsp(void)
459 {
460 ocsp_location_t *location;
461
462 lock_ocsp_cache("check_ocsp");
463 location = ocsp_cache;
464
465 while (location)
466 {
467 char buf[BUF_LEN];
468 bool first = TRUE;
469 ocsp_certinfo_t *certinfo = location->certinfo;
470
471 while (certinfo)
472 {
473 if (!certinfo->once)
474 {
475 time_t time_left = certinfo->nextUpdate - time(NULL);
476
477 DBG(DBG_CONTROL,
478 if (first)
479 {
480 DBG_log("issuer: \"%Y\"", location->issuer);
481 if (location->authKeyID.ptr)
482 {
483 datatot(location->authKeyID.ptr, location->authKeyID.len
484 , ':', buf, BUF_LEN);
485 DBG_log("authkey: %s", buf);
486 }
487 first = FALSE;
488 }
489 datatot(certinfo->serialNumber.ptr, certinfo->serialNumber.len
490 , ':', buf, BUF_LEN);
491 DBG_log("serial: %s, %ld seconds left", buf, time_left)
492 )
493
494 if (time_left < 2*crl_check_interval)
495 add_ocsp_fetch_request(location, certinfo->serialNumber);
496 }
497 certinfo = certinfo->next;
498 }
499 location = location->next;
500 }
501 unlock_ocsp_cache("check_ocsp");
502 }
503
504 /**
505 * frees the allocated memory of a certinfo struct
506 */
507 static void free_certinfo(ocsp_certinfo_t *certinfo)
508 {
509 free(certinfo->serialNumber.ptr);
510 free(certinfo);
511 }
512
513 /**
514 * frees all certinfos in a chained list
515 */
516 static void free_certinfos(ocsp_certinfo_t *chain)
517 {
518 ocsp_certinfo_t *certinfo;
519
520 while (chain)
521 {
522 certinfo = chain;
523 chain = chain->next;
524 free_certinfo(certinfo);
525 }
526 }
527
528 /**
529 * Frees the memory allocated to an ocsp location including all certinfos
530 */
531 static void free_ocsp_location(ocsp_location_t* location)
532 {
533 DESTROY_IF(location->issuer);
534 free(location->authNameID.ptr);
535 free(location->authKeyID.ptr);
536 free(location->uri);
537 free_certinfos(location->certinfo);
538 free(location);
539 }
540
541 /*
542 * Free a chained list of ocsp locations
543 */
544 void free_ocsp_locations(ocsp_location_t **chain)
545 {
546 while (*chain)
547 {
548 ocsp_location_t *location = *chain;
549 *chain = location->next;
550 free_ocsp_location(location);
551 }
552 }
553
554 /**
555 * Free the ocsp cache
556 */
557 void free_ocsp_cache(void)
558 {
559 lock_ocsp_cache("free_ocsp_cache");
560 free_ocsp_locations(&ocsp_cache);
561 unlock_ocsp_cache("free_ocsp_cache");
562 }
563
564 /**
565 * Frees the ocsp cache and global variables
566 */
567 void free_ocsp(void)
568 {
569 free(ocsp_default_uri.ptr);
570 free_ocsp_cache();
571 }
572
573 /**
574 * List a chained list of ocsp_locations
575 */
576 void list_ocsp_locations(ocsp_location_t *location, bool requests,
577 bool utc, bool strict)
578 {
579 bool first = TRUE;
580
581 while (location)
582 {
583 ocsp_certinfo_t *certinfo = location->certinfo;
584
585 if (certinfo)
586 {
587 if (first)
588 {
589 whack_log(RC_COMMENT, " ");
590 whack_log(RC_COMMENT, "List of OCSP %s:", requests ?
591 "Fetch Requests" : "Responses");
592 first = FALSE;
593 }
594 whack_log(RC_COMMENT, " ");
595 if (location->issuer)
596 {
597 whack_log(RC_COMMENT, " issuer: \"%Y\"", location->issuer);
598 }
599 whack_log(RC_COMMENT, " uri: '%s'", location->uri);
600 if (location->authNameID.ptr)
601 {
602 whack_log(RC_COMMENT, " authname: %#B", &location->authNameID);
603 }
604 if (location->authKeyID.ptr)
605 {
606 whack_log(RC_COMMENT, " authkey: %#B", &location->authKeyID);
607 }
608 while (certinfo)
609 {
610 if (requests)
611 {
612 whack_log(RC_COMMENT, " serial: %#B, %d trials",
613 &certinfo->serialNumber, certinfo->trials);
614 }
615 else if (certinfo->once)
616 {
617 whack_log(RC_COMMENT, " serial: %#B, %s, once%s",
618 &certinfo->serialNumber,
619 cert_status_names[certinfo->status],
620 (certinfo->nextUpdate < time(NULL))? " (expired)": "");
621 }
622 else
623 {
624 whack_log(RC_COMMENT, " serial: %#B, %s, until %T %s",
625 &certinfo->serialNumber,
626 cert_status_names[certinfo->status],
627 &certinfo->nextUpdate, utc,
628 check_expiry(certinfo->nextUpdate, OCSP_WARNING_INTERVAL, strict));
629 }
630 certinfo = certinfo->next;
631 }
632 }
633 location = location->next;
634 }
635 }
636
637 /**
638 * List the ocsp cache
639 */
640 void list_ocsp_cache(bool utc, bool strict)
641 {
642 lock_ocsp_cache("list_ocsp_cache");
643 list_ocsp_locations(ocsp_cache, FALSE, utc, strict);
644 unlock_ocsp_cache("list_ocsp_cache");
645 }
646
647 static bool get_ocsp_requestor_cert(ocsp_location_t *location)
648 {
649 cert_t *cert = NULL;
650
651 /* initialize temporary static storage */
652 ocsp_requestor_cert = NULL;
653 ocsp_requestor_sc = NULL;
654 ocsp_requestor_key = NULL;
655
656 for (;;)
657 {
658 certificate_t *certificate;
659
660 /* looking for a certificate from the same issuer */
661 cert = get_x509cert(location->issuer, location->authKeyID, cert);
662 if (cert == NULL)
663 {
664 break;
665 }
666 certificate = cert->cert;
667 DBG(DBG_CONTROL,
668 DBG_log("candidate: '%Y'", certificate->get_subject(certificate));
669 )
670
671 if (cert->smartcard)
672 {
673 /* look for a matching private key on a smartcard */
674 smartcard_t *sc = scx_get(cert);
675
676 if (sc)
677 {
678 DBG(DBG_CONTROL,
679 DBG_log("matching smartcard found")
680 )
681 if (sc->valid)
682 {
683 ocsp_requestor_cert = cert;
684 ocsp_requestor_sc = sc;
685 return TRUE;
686 }
687 plog("unable to sign ocsp request without PIN");
688 }
689 }
690 else
691 {
692 /* look for a matching private key in the chained list */
693 private_key_t *private = get_x509_private_key(cert);
694
695 if (private)
696 {
697 DBG(DBG_CONTROL,
698 DBG_log("matching private key found")
699 )
700 ocsp_requestor_cert = cert;
701 ocsp_requestor_key = private;
702 return TRUE;
703 }
704 }
705 }
706 return FALSE;
707 }
708
709 static chunk_t sc_build_sha1_signature(chunk_t tbs, smartcard_t *sc)
710 {
711 hasher_t *hasher;
712 u_char *pos;
713 chunk_t digest;
714 chunk_t digest_info, sigdata;
715 size_t siglen = 0;
716
717 if (!scx_establish_context(sc) || !scx_login(sc))
718 {
719 scx_release_context(sc);
720 return chunk_empty;
721 }
722
723 siglen = scx_get_keylength(sc);
724
725 if (siglen == 0)
726 {
727 plog("failed to get keylength from smartcard");
728 scx_release_context(sc);
729 return chunk_empty;
730 }
731
732 DBG(DBG_CONTROL | DBG_CRYPT,
733 DBG_log("signing hash with RSA key from smartcard (slot: %d, id: %s)"
734 , (int)sc->slot, sc->id)
735 )
736
737 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
738 if (hasher == NULL)
739 {
740 return chunk_empty;
741 }
742 hasher->allocate_hash(hasher, tbs, &digest);
743 hasher->destroy(hasher);
744
745 /* according to PKCS#1 v2.1 digest must be packaged into
746 * an ASN.1 structure for encryption
747 */
748 digest_info = asn1_wrap(ASN1_SEQUENCE, "mm"
749 , asn1_algorithmIdentifier(OID_SHA1)
750 , asn1_wrap(ASN1_OCTET_STRING, "m", digest));
751
752 pos = asn1_build_object(&sigdata, ASN1_BIT_STRING, 1 + siglen);
753 *pos++ = 0x00;
754 scx_sign_hash(sc, digest_info.ptr, digest_info.len, pos, siglen);
755 free(digest_info.ptr);
756
757 if (!pkcs11_keep_state)
758 {
759 scx_release_context(sc);
760 }
761 return sigdata;
762 }
763
764 /**
765 * build signature into ocsp request gets built only if a request cert
766 * with a corresponding private key is found
767 */
768 static chunk_t build_signature(chunk_t tbsRequest)
769 {
770 chunk_t sigdata, cert, certs;
771
772 if (ocsp_requestor_sc)
773 {
774 /* RSA signature is done on smartcard */
775 sigdata = sc_build_sha1_signature(tbsRequest, ocsp_requestor_sc);
776 }
777 else
778 {
779 /* RSA signature is done in software */
780 sigdata = x509_build_signature(tbsRequest, OID_SHA1, ocsp_requestor_key,
781 TRUE);
782 }
783 if (sigdata.ptr == NULL)
784 {
785 return chunk_empty;
786 }
787
788 /* include our certificate */
789 cert = ocsp_requestor_cert->cert->get_encoding(ocsp_requestor_cert->cert);
790 certs = asn1_wrap(ASN1_CONTEXT_C_0, "m",
791 asn1_wrap(ASN1_SEQUENCE, "m", cert));
792
793 /* build signature comprising algorithm, signature and cert */
794 return asn1_wrap(ASN1_CONTEXT_C_0, "m"
795 , asn1_wrap(ASN1_SEQUENCE, "mmm"
796 , asn1_algorithmIdentifier(OID_SHA1_WITH_RSA)
797 , sigdata
798 , certs
799 )
800 );
801 }
802
803 /**
804 * Build request (into requestList)
805 * no singleRequestExtensions used
806 */
807 static chunk_t build_request(ocsp_location_t *location, ocsp_certinfo_t *certinfo)
808 {
809 chunk_t reqCert = asn1_wrap(ASN1_SEQUENCE, "mmmm"
810 , asn1_algorithmIdentifier(OID_SHA1)
811 , asn1_simple_object(ASN1_OCTET_STRING, location->authNameID)
812 , asn1_simple_object(ASN1_OCTET_STRING, location->authKeyID)
813 , asn1_simple_object(ASN1_INTEGER, certinfo->serialNumber));
814
815 return asn1_wrap(ASN1_SEQUENCE, "m", reqCert);
816 }
817
818 /**
819 * build requestList (into TBSRequest)
820 */
821 static chunk_t build_request_list(ocsp_location_t *location)
822 {
823 chunk_t requestList;
824 request_list_t *reqs = NULL;
825 ocsp_certinfo_t *certinfo = location->certinfo;
826 u_char *pos;
827
828 size_t datalen = 0;
829
830 /* build content */
831 while (certinfo)
832 {
833 /* build request for every certificate in list
834 * and store them in a chained list
835 */
836 request_list_t *req = malloc_thing(request_list_t);
837
838 req->request = build_request(location, certinfo);
839 req->next = reqs;
840 reqs = req;
841
842 datalen += req->request.len;
843 certinfo = certinfo->next;
844 }
845
846 pos = asn1_build_object(&requestList, ASN1_SEQUENCE, datalen);
847
848 /* copy all in chained list, free list afterwards */
849 while (reqs)
850 {
851 request_list_t *req = reqs;
852
853 mv_chunk(&pos, req->request);
854 reqs = reqs->next;
855 free(req);
856 }
857
858 return requestList;
859 }
860
861 /**
862 * Build requestorName (into TBSRequest)
863 */
864 static chunk_t build_requestor_name(void)
865 {
866 certificate_t *certificate = ocsp_requestor_cert->cert;
867 identification_t *subject = certificate->get_subject(certificate);
868
869 return asn1_wrap(ASN1_CONTEXT_C_1, "m"
870 , asn1_simple_object(ASN1_CONTEXT_C_4
871 , subject->get_encoding(subject)));
872 }
873
874 /**
875 * build nonce extension (into requestExtensions)
876 */
877 static chunk_t build_nonce_extension(ocsp_location_t *location)
878 {
879 rng_t *rng;
880
881 /* generate a random nonce */
882 location->nonce.ptr = malloc(NONCE_LENGTH),
883 location->nonce.len = NONCE_LENGTH;
884 rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
885 rng->get_bytes(rng, location->nonce.len, location->nonce.ptr);
886 rng->destroy(rng);
887
888 return asn1_wrap(ASN1_SEQUENCE, "cm"
889 , ASN1_nonce_oid
890 , asn1_simple_object(ASN1_OCTET_STRING, location->nonce));
891 }
892
893 /**
894 * Build requestExtensions (into TBSRequest)
895 */
896 static chunk_t build_request_ext(ocsp_location_t *location)
897 {
898 return asn1_wrap(ASN1_CONTEXT_C_2, "m"
899 , asn1_wrap(ASN1_SEQUENCE, "mm"
900 , build_nonce_extension(location)
901 , asn1_wrap(ASN1_SEQUENCE, "cc"
902 , ASN1_response_oid
903 , ASN1_response_content
904 )
905 )
906 );
907 }
908
909 /**
910 * Build TBSRequest (into OCSPRequest)
911 */
912 static chunk_t build_tbs_request(ocsp_location_t *location, bool has_requestor_cert)
913 {
914 /* version is skipped since the default is ok */
915 return asn1_wrap(ASN1_SEQUENCE, "mmm"
916 , (has_requestor_cert)
917 ? build_requestor_name()
918 : chunk_empty
919 , build_request_list(location)
920 , build_request_ext(location));
921 }
922
923 /**
924 * Assembles an ocsp request to given location
925 * and sets nonce field in location to the sent nonce
926 */
927 chunk_t build_ocsp_request(ocsp_location_t *location)
928 {
929 bool has_requestor_cert;
930 chunk_t tbsRequest, signature;
931
932 DBG(DBG_CONTROL,
933 DBG_log("assembling ocsp request");
934 DBG_log("issuer: \"%Y\"", location->issuer);
935 if (location->authKeyID.ptr)
936 {
937 DBG_log("authkey: %#B", &location->authKeyID);
938 }
939 )
940 lock_certs_and_keys("build_ocsp_request");
941
942 /* looks for requestor cert and matching private key */
943 has_requestor_cert = get_ocsp_requestor_cert(location);
944
945 /* build content */
946 tbsRequest = build_tbs_request(location, has_requestor_cert);
947
948 /* sign tbsReuqest */
949 signature = (has_requestor_cert)? build_signature(tbsRequest)
950 : chunk_empty;
951
952 unlock_certs_and_keys("build_ocsp_request");
953
954 return asn1_wrap(ASN1_SEQUENCE, "mm"
955 , tbsRequest
956 , signature);
957 }
958
959 /**
960 * Check if the OCSP response has a valid signature
961 */
962 static bool valid_ocsp_response(response_t *res)
963 {
964 int pathlen, pathlen_constraint;
965 cert_t *authcert;
966
967 lock_authcert_list("valid_ocsp_response");
968
969 authcert = get_authcert(res->responder_id_name, res->responder_id_key,
970 X509_OCSP_SIGNER | X509_CA);
971 if (authcert == NULL)
972 {
973 plog("no matching ocsp signer cert found");
974 unlock_authcert_list("valid_ocsp_response");
975 return FALSE;
976 }
977 DBG(DBG_CONTROL,
978 DBG_log("ocsp signer cert found")
979 )
980
981 if (!x509_check_signature(res->tbs, res->signature, res->algorithm,
982 authcert->cert))
983 {
984 plog("signature of ocsp response is invalid");
985 unlock_authcert_list("valid_ocsp_response");
986 return FALSE;
987 }
988 DBG(DBG_CONTROL,
989 DBG_log("signature of ocsp response is valid")
990 )
991
992
993 for (pathlen = -1; pathlen <= X509_MAX_PATH_LEN; pathlen++)
994 {
995 cert_t *cert = authcert;
996 certificate_t *certificate = cert->cert;
997 x509_t *x509 = (x509_t*)certificate;
998 identification_t *subject = certificate->get_subject(certificate);
999 identification_t *issuer = certificate->get_issuer(certificate);
1000 chunk_t authKeyID = x509->get_authKeyIdentifier(x509);
1001 time_t not_before, not_after;
1002
1003 DBG(DBG_CONTROL,
1004 DBG_log("subject: '%Y'", subject);
1005 DBG_log("issuer: '%Y'", issuer);
1006 if (authKeyID.ptr)
1007 {
1008 DBG_log("authkey: %#B", &authKeyID);
1009 }
1010 )
1011
1012 if (!certificate->get_validity(certificate, NULL, &not_before, &not_after))
1013 {
1014 plog("certificate is invalid (valid from %T to %T)",
1015 &not_before, FALSE, &not_after, FALSE);
1016
1017 unlock_authcert_list("valid_ocsp_response");
1018 return FALSE;
1019 }
1020 DBG(DBG_CONTROL,
1021 DBG_log("certificate is valid")
1022 )
1023
1024 authcert = get_authcert(issuer, authKeyID, X509_CA);
1025 if (authcert == NULL)
1026 {
1027 plog("issuer cacert not found");
1028 unlock_authcert_list("valid_ocsp_response");
1029 return FALSE;
1030 }
1031 DBG(DBG_CONTROL,
1032 DBG_log("issuer cacert found")
1033 )
1034
1035 if (!certificate->issued_by(certificate, authcert->cert))
1036 {
1037 plog("certificate signature is invalid");
1038 unlock_authcert_list("valid_ocsp_response");
1039 return FALSE;
1040 }
1041 DBG(DBG_CONTROL,
1042 DBG_log("certificate signature is valid")
1043 )
1044
1045 /* check path length constraint */
1046 pathlen_constraint = x509->get_pathLenConstraint(x509);
1047 if (pathlen_constraint != X509_NO_PATH_LEN_CONSTRAINT &&
1048 pathlen > pathlen_constraint)
1049 {
1050 plog("path length of %d violates constraint of %d",
1051 pathlen, pathlen_constraint);
1052 return FALSE;
1053 }
1054
1055 /* check if cert is self-signed */
1056 if (x509->get_flags(x509) & X509_SELF_SIGNED)
1057 {
1058 DBG(DBG_CONTROL,
1059 DBG_log("reached self-signed root ca with a path length of %d",
1060 pathlen)
1061 )
1062 unlock_authcert_list("valid_ocsp_response");
1063 return TRUE;
1064 }
1065 }
1066 plog("maximum path length of %d exceeded", X509_MAX_PATH_LEN);
1067 unlock_authcert_list("valid_ocsp_response");
1068 return FALSE;
1069 }
1070
1071 /**
1072 * Parse a basic OCSP response
1073 */
1074 static bool parse_basic_ocsp_response(chunk_t blob, int level0, response_t *res)
1075 {
1076 asn1_parser_t *parser;
1077 chunk_t object;
1078 u_int version;
1079 int objectID;
1080 int extn_oid = OID_UNKNOWN;
1081 bool success = FALSE;
1082 bool critical;
1083
1084 parser = asn1_parser_create(basicResponseObjects, blob);
1085 parser->set_top_level(parser, level0);
1086
1087 while (parser->iterate(parser, &objectID, &object))
1088 {
1089 switch (objectID)
1090 {
1091 case BASIC_RESPONSE_TBS_DATA:
1092 res->tbs = object;
1093 break;
1094 case BASIC_RESPONSE_VERSION:
1095 version = (object.len)? (1 + (u_int)*object.ptr) : 1;
1096 if (version != OCSP_BASIC_RESPONSE_VERSION)
1097 {
1098 plog("wrong ocsp basic response version (version= %i)", version);
1099 goto end;
1100 }
1101 break;
1102 case BASIC_RESPONSE_ID_BY_NAME:
1103 res->responder_id_name = identification_create_from_encoding(
1104 ID_DER_ASN1_DN, object);
1105 DBG(DBG_PARSING,
1106 DBG_log(" '%Y'", res->responder_id_name)
1107 )
1108 break;
1109 case BASIC_RESPONSE_ID_BY_KEY:
1110 res->responder_id_key = object;
1111 break;
1112 case BASIC_RESPONSE_PRODUCED_AT:
1113 res->produced_at = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1114 break;
1115 case BASIC_RESPONSE_RESPONSES:
1116 res->responses = object;
1117 break;
1118 case BASIC_RESPONSE_EXT_ID:
1119 extn_oid = asn1_known_oid(object);
1120 break;
1121 case BASIC_RESPONSE_CRITICAL:
1122 critical = object.len && *object.ptr;
1123 DBG(DBG_PARSING,
1124 DBG_log(" %s",(critical)?"TRUE":"FALSE");
1125 )
1126 break;
1127 case BASIC_RESPONSE_EXT_VALUE:
1128 if (extn_oid == OID_NONCE)
1129 res->nonce = object;
1130 break;
1131 case BASIC_RESPONSE_ALGORITHM:
1132 res->algorithm = asn1_parse_algorithmIdentifier(object,
1133 parser->get_level(parser)+1, NULL);
1134 break;
1135 case BASIC_RESPONSE_SIGNATURE:
1136 res->signature = object;
1137 break;
1138 case BASIC_RESPONSE_CERTIFICATE:
1139 {
1140 cert_t *cert = malloc_thing(cert_t);
1141 x509_t *x509;
1142
1143 *cert = cert_empty;
1144 cert->cert = lib->creds->create(lib->creds,
1145 CRED_CERTIFICATE, CERT_X509,
1146 BUILD_BLOB_ASN1_DER, object,
1147 BUILD_END);
1148 if (cert->cert == NULL)
1149 {
1150 DBG(DBG_CONTROL | DBG_PARSING,
1151 DBG_log("parsing of embedded ocsp certificate failed")
1152 )
1153 cert_free(cert);
1154 break;
1155 }
1156 x509 = (x509_t*)cert->cert;
1157
1158 if ((x509->get_flags(x509) & X509_OCSP_SIGNER) &&
1159 trust_authcert_candidate(cert, NULL))
1160 {
1161 add_authcert(cert, X509_OCSP_SIGNER);
1162 }
1163 else
1164 {
1165 DBG(DBG_CONTROL | DBG_PARSING,
1166 DBG_log("embedded ocsp certificate rejected")
1167 )
1168 cert_free(cert);
1169 }
1170 }
1171 break;
1172 }
1173 }
1174 success = parser->success(parser);
1175
1176 end:
1177 parser->destroy(parser);
1178 return success;
1179
1180 }
1181
1182
1183 /**
1184 * Parse an ocsp response and return the result as a response_t struct
1185 */
1186 static response_status parse_ocsp_response(chunk_t blob, response_t * res)
1187 {
1188 asn1_parser_t *parser;
1189 chunk_t object;
1190 int objectID;
1191 int ocspResponseType = OID_UNKNOWN;
1192 bool success = FALSE;
1193 response_status rStatus = STATUS_INTERNALERROR;
1194
1195 parser = asn1_parser_create(ocspResponseObjects, blob);
1196
1197 while (parser->iterate(parser, &objectID, &object))
1198 {
1199 switch (objectID) {
1200 case OCSP_RESPONSE_STATUS:
1201 rStatus = (response_status) *object.ptr;
1202
1203 switch (rStatus)
1204 {
1205 case STATUS_SUCCESSFUL:
1206 break;
1207 case STATUS_MALFORMEDREQUEST:
1208 case STATUS_INTERNALERROR:
1209 case STATUS_TRYLATER:
1210 case STATUS_SIGREQUIRED:
1211 case STATUS_UNAUTHORIZED:
1212 plog("ocsp response: server said '%s'"
1213 , response_status_names[rStatus]);
1214 goto end;
1215 default:
1216 goto end;
1217 }
1218 break;
1219 case OCSP_RESPONSE_TYPE:
1220 ocspResponseType = asn1_known_oid(object);
1221 break;
1222 case OCSP_RESPONSE:
1223 {
1224 switch (ocspResponseType) {
1225 case OID_BASIC:
1226 success = parse_basic_ocsp_response(object,
1227 parser->get_level(parser)+1, res);
1228 break;
1229 default:
1230 DBG(DBG_CONTROL,
1231 DBG_log("ocsp response is not of type BASIC");
1232 DBG_dump_chunk("ocsp response OID: ", object);
1233 )
1234 goto end;
1235 }
1236 }
1237 break;
1238 }
1239 }
1240 success &= parser->success(parser);
1241
1242 end:
1243 parser->destroy(parser);
1244 return rStatus;
1245 }
1246
1247 /**
1248 * Parse a basic OCSP response
1249 */
1250 static bool parse_ocsp_single_response(chunk_t blob, int level0,
1251 single_response_t *sres)
1252 {
1253 asn1_parser_t *parser;
1254 chunk_t object;
1255 u_int extn_oid;
1256 int objectID;
1257 bool critical;
1258 bool success = FALSE;
1259
1260 parser = asn1_parser_create(singleResponseObjects, blob);
1261 parser->set_top_level(parser, level0);
1262
1263 while (parser->iterate(parser, &objectID, &object))
1264 {
1265 switch (objectID)
1266 {
1267 case SINGLE_RESPONSE_ALGORITHM:
1268 sres->hash_algorithm = asn1_parse_algorithmIdentifier(object,
1269 parser->get_level(parser)+1, NULL);
1270 break;
1271 case SINGLE_RESPONSE_ISSUER_NAME_HASH:
1272 sres->issuer_name_hash = object;
1273 break;
1274 case SINGLE_RESPONSE_ISSUER_KEY_HASH:
1275 sres->issuer_key_hash = object;
1276 break;
1277 case SINGLE_RESPONSE_SERIAL_NUMBER:
1278 sres->serialNumber = object;
1279 break;
1280 case SINGLE_RESPONSE_CERT_STATUS_GOOD:
1281 sres->status = CERT_GOOD;
1282 break;
1283 case SINGLE_RESPONSE_CERT_STATUS_REVOKED:
1284 sres->status = CERT_REVOKED;
1285 break;
1286 case SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME:
1287 sres->revocationTime = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1288 break;
1289 case SINGLE_RESPONSE_CERT_STATUS_CRL_REASON:
1290 sres->revocationReason = (object.len == 1)
1291 ? *object.ptr : CRL_REASON_UNSPECIFIED;
1292 break;
1293 case SINGLE_RESPONSE_CERT_STATUS_UNKNOWN:
1294 sres->status = CERT_UNKNOWN;
1295 break;
1296 case SINGLE_RESPONSE_THIS_UPDATE:
1297 sres->thisUpdate = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1298 break;
1299 case SINGLE_RESPONSE_NEXT_UPDATE:
1300 sres->nextUpdate = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1301 break;
1302 case SINGLE_RESPONSE_EXT_ID:
1303 extn_oid = asn1_known_oid(object);
1304 break;
1305 case SINGLE_RESPONSE_CRITICAL:
1306 critical = object.len && *object.ptr;
1307 DBG(DBG_PARSING,
1308 DBG_log(" %s",(critical)?"TRUE":"FALSE");
1309 )
1310 case SINGLE_RESPONSE_EXT_VALUE:
1311 break;
1312 }
1313 }
1314 success = parser->success(parser);
1315 parser->destroy(parser);
1316 return success;
1317 }
1318
1319 /**
1320 * Add an ocsp location to a chained list
1321 */
1322 ocsp_location_t* add_ocsp_location(const ocsp_location_t *loc,
1323 ocsp_location_t **chain)
1324 {
1325 ocsp_location_t *location = malloc_thing(ocsp_location_t);
1326
1327 /* unshare location fields */
1328 location->issuer = loc->issuer->clone(loc->issuer);
1329 location->authNameID = chunk_clone(loc->authNameID);
1330 location->authKeyID = chunk_clone(loc->authKeyID);
1331 location->uri = strdup(loc->uri);
1332 location->certinfo = NULL;
1333
1334 /* insert new ocsp location in front of chain */
1335 location->next = *chain;
1336 *chain = location;
1337
1338 DBG(DBG_CONTROL,
1339 DBG_log("new ocsp location added")
1340 )
1341
1342 return location;
1343 }
1344
1345 /**
1346 * add a certinfo struct to a chained list
1347 */
1348 void add_certinfo(ocsp_location_t *loc, ocsp_certinfo_t *info,
1349 ocsp_location_t **chain, bool request)
1350 {
1351 ocsp_location_t *location;
1352 ocsp_certinfo_t *certinfo, **certinfop;
1353 char buf[BUF_LEN];
1354 time_t now;
1355 int cmp = -1;
1356
1357 location = get_ocsp_location(loc, *chain);
1358 if (location == NULL)
1359 {
1360 location = add_ocsp_location(loc, chain);
1361 }
1362
1363 /* traverse list of certinfos in increasing order */
1364 certinfop = &location->certinfo;
1365 certinfo = *certinfop;
1366
1367 while (certinfo)
1368 {
1369 cmp = chunk_compare(info->serialNumber, certinfo->serialNumber);
1370 if (cmp <= 0)
1371 break;
1372 certinfop = &certinfo->next;
1373 certinfo = *certinfop;
1374 }
1375
1376 if (cmp != 0)
1377 {
1378 /* add a new certinfo entry */
1379 ocsp_certinfo_t *cnew = malloc_thing(ocsp_certinfo_t);
1380
1381 cnew->serialNumber = chunk_clone(info->serialNumber);
1382 cnew->next = certinfo;
1383 cnew->trials = 0;
1384 *certinfop = cnew;
1385 certinfo = cnew;
1386 }
1387
1388 DBG(DBG_CONTROL,
1389 datatot(info->serialNumber.ptr, info->serialNumber.len, ':'
1390 , buf, BUF_LEN);
1391 DBG_log("ocsp %s for serial %s %s"
1392 , request?"fetch request":"certinfo"
1393 , buf
1394 , (cmp == 0)? (request?"already exists":"updated"):"added")
1395 )
1396
1397 time(&now);
1398
1399 if (request)
1400 {
1401 certinfo->status = CERT_UNDEFINED;
1402
1403 if (cmp != 0)
1404 {
1405 certinfo->thisUpdate = now;
1406 }
1407 certinfo->nextUpdate = UNDEFINED_TIME;
1408 }
1409 else
1410 {
1411 certinfo->status = info->status;
1412 certinfo->revocationTime = info->revocationTime;
1413 certinfo->revocationReason = info->revocationReason;
1414
1415 certinfo->thisUpdate = (info->thisUpdate != UNDEFINED_TIME)?
1416 info->thisUpdate : now;
1417
1418 certinfo->once = (info->nextUpdate == UNDEFINED_TIME);
1419
1420 certinfo->nextUpdate = (certinfo->once)?
1421 (now + OCSP_DEFAULT_VALID_TIME) : info->nextUpdate;
1422 }
1423 }
1424
1425 /**
1426 * Process received ocsp single response and add it to ocsp cache
1427 */
1428 static void process_single_response(ocsp_location_t *location,
1429 single_response_t *sres)
1430 {
1431 ocsp_certinfo_t *certinfo, **certinfop;
1432 int cmp = -1;
1433
1434 if (sres->hash_algorithm != OID_SHA1)
1435 {
1436 plog("only SHA-1 hash supported in OCSP single response");
1437 return;
1438 }
1439 if (!(chunk_equals(sres->issuer_name_hash, location->authNameID)
1440 && chunk_equals(sres->issuer_key_hash, location->authKeyID)))
1441 {
1442 plog("ocsp single response has wrong issuer");
1443 return;
1444 }
1445
1446 /* traverse list of certinfos in increasing order */
1447 certinfop = &location->certinfo;
1448 certinfo = *certinfop;
1449
1450 while (certinfo)
1451 {
1452 cmp = chunk_compare(sres->serialNumber, certinfo->serialNumber);
1453 if (cmp <= 0)
1454 break;
1455 certinfop = &certinfo->next;
1456 certinfo = *certinfop;
1457 }
1458
1459 if (cmp != 0)
1460 {
1461 plog("received unrequested cert status from ocsp server");
1462 return;
1463 }
1464
1465 /* unlink cert from ocsp fetch request list */
1466 *certinfop = certinfo->next;
1467
1468 /* update certinfo using the single response information */
1469 certinfo->thisUpdate = sres->thisUpdate;
1470 certinfo->nextUpdate = sres->nextUpdate;
1471 certinfo->status = sres->status;
1472 certinfo->revocationTime = sres->revocationTime;
1473 certinfo->revocationReason = sres->revocationReason;
1474
1475 /* add or update certinfo in ocsp cache */
1476 lock_ocsp_cache("process_single_response");
1477 add_certinfo(location, certinfo, &ocsp_cache, FALSE);
1478 unlock_ocsp_cache("process_single_response");
1479
1480 /* free certinfo unlinked from ocsp fetch request list */
1481 free_certinfo(certinfo);
1482 }
1483
1484 /**
1485 * Destroy a response_t object
1486 */
1487 static void free_response(response_t *res)
1488 {
1489 DESTROY_IF(res->responder_id_name);
1490 }
1491
1492 /**
1493 * Parse and verify ocsp response and update the ocsp cache
1494 */
1495 void parse_ocsp(ocsp_location_t *location, chunk_t blob)
1496 {
1497 response_t res = empty_response;
1498
1499 /* parse the ocsp response without looking at the single responses yet */
1500 response_status status = parse_ocsp_response(blob, &res);
1501
1502 if (status != STATUS_SUCCESSFUL)
1503 {
1504 plog("error in ocsp response");
1505 goto free;
1506 }
1507 /* check if there was a nonce in the request */
1508 if (location->nonce.ptr && res.nonce.ptr == NULL)
1509 {
1510 plog("ocsp response contains no nonce, replay attack possible");
1511 }
1512 /* check if the nonce is identical */
1513 if (res.nonce.ptr && !chunk_equals(res.nonce, location->nonce))
1514 {
1515 plog("invalid nonce in ocsp response");
1516 goto free;
1517 }
1518 /* check if the response is signed by a trusted key */
1519 if (!valid_ocsp_response(&res))
1520 {
1521 plog("invalid ocsp response");
1522 goto free;
1523 }
1524 DBG(DBG_CONTROL,
1525 DBG_log("valid ocsp response")
1526 )
1527
1528 /* now parse the single responses one at a time */
1529 {
1530 asn1_parser_t *parser;
1531 chunk_t object;
1532 int objectID;
1533
1534 parser = asn1_parser_create(responsesObjects, res.responses);
1535
1536 while (parser->iterate(parser, &objectID, &object))
1537 {
1538 if (objectID == RESPONSES_SINGLE_RESPONSE)
1539 {
1540 single_response_t sres = empty_single_response;
1541
1542 if (!parse_ocsp_single_response(object,
1543 parser->get_level(parser)+1, &sres))
1544 {
1545 goto end;
1546 }
1547 process_single_response(location, &sres);
1548 }
1549 }
1550 end:
1551 parser->destroy(parser);
1552 }
1553
1554 free:
1555 free_response(&res);
1556 }