pluto now uses x509 plugin for attribute certificate handling
[strongswan.git] / src / pluto / ocsp.c
1 /* Support of the Online Certificate Status Protocol (OCSP)
2 * Copyright (C) 2003 Christoph Gysin, Simon Zwahlen
3 * Copyright (C) 2009 Andreas Steffen - Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include <unistd.h>
17 #include <stdlib.h>
18 #include <string.h>
19 #include <time.h>
20 #include <sys/types.h>
21 #include <sys/stat.h>
22 #include <fcntl.h>
23
24 #include <freeswan.h>
25
26 #include <library.h>
27 #include <asn1/asn1.h>
28 #include <asn1/asn1_parser.h>
29 #include <asn1/oid.h>
30 #include <crypto/rngs/rng.h>
31 #include <crypto/hashers/hasher.h>
32
33 #include "constants.h"
34 #include "defs.h"
35 #include "log.h"
36 #include "x509.h"
37 #include "crl.h"
38 #include "ca.h"
39 #include "certs.h"
40 #include "smartcard.h"
41 #include "whack.h"
42 #include "keys.h"
43 #include "fetch.h"
44 #include "ocsp.h"
45
46 #define NONCE_LENGTH 16
47
48 static const char *const cert_status_names[] = {
49 "good",
50 "revoked",
51 "unknown",
52 "undefined"
53 };
54
55
56 static const char *const response_status_names[] = {
57 "successful",
58 "malformed request",
59 "internal error",
60 "try later",
61 "status #4",
62 "signature required",
63 "unauthorized"
64 };
65
66 /* response container */
67 typedef struct response response_t;
68
69 struct response {
70 chunk_t tbs;
71 chunk_t responder_id_name;
72 chunk_t responder_id_key;
73 time_t produced_at;
74 chunk_t responses;
75 chunk_t nonce;
76 int algorithm;
77 chunk_t signature;
78 };
79
80 const response_t empty_response = {
81 { NULL, 0 } , /* tbs */
82 { NULL, 0 } , /* responder_id_name */
83 { NULL, 0 } , /* responder_id_key */
84 UNDEFINED_TIME, /* produced_at */
85 { NULL, 0 } , /* single_response */
86 { NULL, 0 } , /* nonce */
87 OID_UNKNOWN , /* signature_algorithm */
88 { NULL, 0 } /* signature */
89 };
90
91 /* single response container */
92 typedef struct single_response single_response_t;
93
94 struct single_response {
95 single_response_t *next;
96 int hash_algorithm;
97 chunk_t issuer_name_hash;
98 chunk_t issuer_key_hash;
99 chunk_t serialNumber;
100 cert_status_t status;
101 time_t revocationTime;
102 crl_reason_t revocationReason;
103 time_t thisUpdate;
104 time_t nextUpdate;
105 };
106
107 const single_response_t empty_single_response = {
108 NULL , /* *next */
109 OID_UNKNOWN , /* hash_algorithm */
110 { NULL, 0 } , /* issuer_name_hash */
111 { NULL, 0 } , /* issuer_key_hash */
112 { NULL, 0 } , /* serial_number */
113 CERT_UNDEFINED , /* status */
114 UNDEFINED_TIME , /* revocationTime */
115 CRL_REASON_UNSPECIFIED, /* revocationReason */
116 UNDEFINED_TIME , /* this_update */
117 UNDEFINED_TIME /* next_update */
118 };
119
120
121 /* list of single requests */
122 typedef struct request_list request_list_t;
123 struct request_list {
124 chunk_t request;
125 request_list_t *next;
126 };
127
128 /* some OCSP specific prefabricated ASN.1 constants */
129 static const chunk_t ASN1_nonce_oid = chunk_from_chars(
130 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x02
131 );
132 static const chunk_t ASN1_response_oid = chunk_from_chars(
133 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x04
134 );
135 static const chunk_t ASN1_response_content = chunk_from_chars(
136 0x04, 0x0D,
137 0x30, 0x0B,
138 0x06, 0x09, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01
139 );
140
141 /* default OCSP uri */
142 static chunk_t ocsp_default_uri;
143
144 /* ocsp cache: pointer to first element */
145 static ocsp_location_t *ocsp_cache = NULL;
146
147 /* static temporary storage for ocsp requestor information */
148 static x509cert_t *ocsp_requestor_cert = NULL;
149
150 static smartcard_t *ocsp_requestor_sc = NULL;
151
152 static private_key_t *ocsp_requestor_key = NULL;
153
154 /**
155 * ASN.1 definition of ocspResponse
156 */
157 static const asn1Object_t ocspResponseObjects[] = {
158 { 0, "OCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
159 { 1, "responseStatus", ASN1_ENUMERATED, ASN1_BODY }, /* 1 */
160 { 1, "responseBytesContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 2 */
161 { 2, "responseBytes", ASN1_SEQUENCE, ASN1_NONE }, /* 3 */
162 { 3, "responseType", ASN1_OID, ASN1_BODY }, /* 4 */
163 { 3, "response", ASN1_OCTET_STRING, ASN1_BODY }, /* 5 */
164 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 6 */
165 { 0, "exit", ASN1_EOC, ASN1_EXIT }
166 };
167 #define OCSP_RESPONSE_STATUS 1
168 #define OCSP_RESPONSE_TYPE 4
169 #define OCSP_RESPONSE 5
170
171 /**
172 * ASN.1 definition of basicResponse
173 */
174 static const asn1Object_t basicResponseObjects[] = {
175 { 0, "BasicOCSPResponse", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
176 { 1, "tbsResponseData", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
177 { 2, "versionContext", ASN1_CONTEXT_C_0, ASN1_NONE |
178 ASN1_DEF }, /* 2 */
179 { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
180 { 2, "responderIdContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 4 */
181 { 3, "responderIdByName", ASN1_SEQUENCE, ASN1_OBJ }, /* 5 */
182 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
183 { 2, "responderIdContext", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 7 */
184 { 3, "responderIdByKey", ASN1_OCTET_STRING, ASN1_BODY }, /* 8 */
185 { 2, "end choice", ASN1_EOC, ASN1_END }, /* 9 */
186 { 2, "producedAt", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 10 */
187 { 2, "responses", ASN1_SEQUENCE, ASN1_OBJ }, /* 11 */
188 { 2, "responseExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 12 */
189 { 3, "responseExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 13 */
190 { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 14 */
191 { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 15 */
192 { 5, "critical", ASN1_BOOLEAN, ASN1_BODY |
193 ASN1_DEF }, /* 16 */
194 { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 17 */
195 { 4, "end loop", ASN1_EOC, ASN1_END }, /* 18 */
196 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
197 { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 20 */
198 { 1, "signature", ASN1_BIT_STRING, ASN1_BODY }, /* 21 */
199 { 1, "certsContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 22 */
200 { 2, "certs", ASN1_SEQUENCE, ASN1_LOOP }, /* 23 */
201 { 3, "certificate", ASN1_SEQUENCE, ASN1_RAW }, /* 24 */
202 { 2, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
203 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
204 { 0, "exit", ASN1_EOC, ASN1_EXIT }
205 };
206 #define BASIC_RESPONSE_TBS_DATA 1
207 #define BASIC_RESPONSE_VERSION 3
208 #define BASIC_RESPONSE_ID_BY_NAME 5
209 #define BASIC_RESPONSE_ID_BY_KEY 8
210 #define BASIC_RESPONSE_PRODUCED_AT 10
211 #define BASIC_RESPONSE_RESPONSES 11
212 #define BASIC_RESPONSE_EXT_ID 15
213 #define BASIC_RESPONSE_CRITICAL 16
214 #define BASIC_RESPONSE_EXT_VALUE 17
215 #define BASIC_RESPONSE_ALGORITHM 20
216 #define BASIC_RESPONSE_SIGNATURE 21
217 #define BASIC_RESPONSE_CERTIFICATE 24
218
219 /**
220 * ASN.1 definition of responses
221 */
222 static const asn1Object_t responsesObjects[] = {
223 { 0, "responses", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
224 { 1, "singleResponse", ASN1_EOC, ASN1_RAW }, /* 1 */
225 { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
226 { 0, "exit", ASN1_EOC, ASN1_EXIT }
227 };
228 #define RESPONSES_SINGLE_RESPONSE 1
229
230 /**
231 * ASN.1 definition of singleResponse
232 */
233 static const asn1Object_t singleResponseObjects[] = {
234 { 0, "singleResponse", ASN1_SEQUENCE, ASN1_BODY }, /* 0 */
235 { 1, "certID", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
236 { 2, "algorithm", ASN1_EOC, ASN1_RAW }, /* 2 */
237 { 2, "issuerNameHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 3 */
238 { 2, "issuerKeyHash", ASN1_OCTET_STRING, ASN1_BODY }, /* 4 */
239 { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 5 */
240 { 1, "certStatusGood", ASN1_CONTEXT_S_0, ASN1_OPT }, /* 6 */
241 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
242 { 1, "certStatusRevoked", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 8 */
243 { 2, "revocationTime", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 9 */
244 { 2, "revocationReason", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 10 */
245 { 3, "crlReason", ASN1_ENUMERATED, ASN1_BODY }, /* 11 */
246 { 2, "end opt", ASN1_EOC, ASN1_END }, /* 12 */
247 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 13 */
248 { 1, "certStatusUnknown", ASN1_CONTEXT_S_2, ASN1_OPT }, /* 14 */
249 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 15 */
250 { 1, "thisUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 16 */
251 { 1, "nextUpdateContext", ASN1_CONTEXT_C_0, ASN1_OPT }, /* 17 */
252 { 2, "nextUpdate", ASN1_GENERALIZEDTIME, ASN1_BODY }, /* 18 */
253 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 19 */
254 { 1, "singleExtensionsContext", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 20 */
255 { 2, "singleExtensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 21 */
256 { 3, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 22 */
257 { 4, "extnID", ASN1_OID, ASN1_BODY }, /* 23 */
258 { 4, "critical", ASN1_BOOLEAN, ASN1_BODY |
259 ASN1_DEF }, /* 24 */
260 { 4, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 25 */
261 { 2, "end loop", ASN1_EOC, ASN1_END }, /* 26 */
262 { 1, "end opt", ASN1_EOC, ASN1_END }, /* 27 */
263 { 0, "exit", ASN1_EOC, ASN1_EXIT }
264 };
265 #define SINGLE_RESPONSE_ALGORITHM 2
266 #define SINGLE_RESPONSE_ISSUER_NAME_HASH 3
267 #define SINGLE_RESPONSE_ISSUER_KEY_HASH 4
268 #define SINGLE_RESPONSE_SERIAL_NUMBER 5
269 #define SINGLE_RESPONSE_CERT_STATUS_GOOD 6
270 #define SINGLE_RESPONSE_CERT_STATUS_REVOKED 8
271 #define SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME 9
272 #define SINGLE_RESPONSE_CERT_STATUS_CRL_REASON 11
273 #define SINGLE_RESPONSE_CERT_STATUS_UNKNOWN 14
274 #define SINGLE_RESPONSE_THIS_UPDATE 16
275 #define SINGLE_RESPONSE_NEXT_UPDATE 18
276 #define SINGLE_RESPONSE_EXT_ID 23
277 #define SINGLE_RESPONSE_CRITICAL 24
278 #define SINGLE_RESPONSE_EXT_VALUE 25
279
280 /*
281 * Build an ocsp location from certificate information
282 * without unsharing its contents
283 */
284 static bool build_ocsp_location(const x509cert_t *cert, ocsp_location_t *location)
285 {
286 certificate_t *certificate = cert->cert;
287 identification_t *issuer = certificate->get_issuer(certificate);
288 x509_t *x509 = (x509_t*)certificate;
289 chunk_t issuer_dn = issuer->get_encoding(issuer);
290 chunk_t authKeyID = x509->get_authKeyIdentifier(x509);
291 hasher_t *hasher;
292 static u_char digest[HASH_SIZE_SHA1]; /* temporary storage */
293
294 enumerator_t *enumerator = x509->create_ocsp_uri_enumerator(x509);
295
296 location->uri = NULL;
297 while (enumerator->enumerate(enumerator, &location->uri))
298 {
299 break;
300 }
301 enumerator->destroy(enumerator);
302
303 if (location->uri == NULL)
304 {
305 ca_info_t *ca = get_ca_info(issuer_dn, authKeyID);
306 if (ca != NULL && ca->ocspuri != NULL)
307 {
308 location->uri = ca->ocspuri;
309 }
310 else
311 { /* abort if no ocsp location uri is defined */
312 return FALSE;
313 }
314 }
315
316 /* compute authNameID from as SHA-1 hash of issuer DN */
317 location->authNameID = chunk_create(digest, HASH_SIZE_SHA1);
318 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
319 if (hasher == NULL)
320 {
321 return FALSE;
322 }
323 hasher->get_hash(hasher, issuer_dn, digest);
324 hasher->destroy(hasher);
325
326 location->next = NULL;
327 location->issuer = issuer_dn;
328 location->authKeyID = authKeyID;
329
330 if (authKeyID.ptr == NULL)
331 {
332 x509cert_t *authcert = get_authcert(issuer_dn, authKeyID, X509_CA);
333
334 if (authcert != NULL)
335 {
336 x509_t *x509 = (x509_t*)authcert->cert;
337
338 location->authKeyID = x509->get_subjectKeyIdentifier(x509);
339 }
340 }
341
342 location->nonce = chunk_empty;
343 location->certinfo = NULL;
344
345 return TRUE;
346 }
347
348 /**
349 * Compare two ocsp locations for equality
350 */
351 static bool same_ocsp_location(const ocsp_location_t *a, const ocsp_location_t *b)
352 {
353 return ((a->authKeyID.ptr != NULL)
354 ? same_keyid(a->authKeyID, b->authKeyID)
355 : same_dn(a->issuer, b->issuer))
356 && streq(a->uri, b->uri);
357 }
358
359 /**
360 * Find an existing ocsp location in a chained list
361 */
362 ocsp_location_t* get_ocsp_location(const ocsp_location_t * loc, ocsp_location_t *chain)
363 {
364
365 while (chain != NULL)
366 {
367 if (same_ocsp_location(loc, chain))
368 return chain;
369 chain = chain->next;
370 }
371 return NULL;
372 }
373
374 /**
375 * Retrieves the status of a cert from the ocsp cache
376 * returns CERT_UNDEFINED if no status is found
377 */
378 static cert_status_t get_ocsp_status(const ocsp_location_t *loc,
379 chunk_t serialNumber,
380 time_t *nextUpdate, time_t *revocationTime,
381 crl_reason_t *revocationReason)
382 {
383 ocsp_certinfo_t *certinfo, **certinfop;
384 int cmp = -1;
385
386 /* find location */
387 ocsp_location_t *location = get_ocsp_location(loc, ocsp_cache);
388
389 if (location == NULL)
390 return CERT_UNDEFINED;
391
392 /* traverse list of certinfos in increasing order */
393 certinfop = &location->certinfo;
394 certinfo = *certinfop;
395
396 while (certinfo != NULL)
397 {
398 cmp = chunk_compare(serialNumber, certinfo->serialNumber);
399 if (cmp <= 0)
400 break;
401 certinfop = &certinfo->next;
402 certinfo = *certinfop;
403 }
404
405 if (cmp == 0)
406 {
407 *nextUpdate = certinfo->nextUpdate;
408 *revocationTime = certinfo->revocationTime;
409 *revocationReason = certinfo->revocationReason;
410 return certinfo->status;
411 }
412
413 return CERT_UNDEFINED;
414 }
415
416 /**
417 * Verify the ocsp status of a certificate
418 */
419 cert_status_t verify_by_ocsp(const x509cert_t *cert, time_t *until,
420 time_t *revocationDate,
421 crl_reason_t *revocationReason)
422 {
423 x509_t *x509 = (x509_t*)cert->cert;
424 chunk_t serialNumber = x509->get_serial(x509);
425 cert_status_t status;
426 ocsp_location_t location;
427 time_t nextUpdate = 0;
428
429 *revocationDate = UNDEFINED_TIME;
430 *revocationReason = CRL_REASON_UNSPECIFIED;
431
432 /* is an ocsp location defined? */
433 if (!build_ocsp_location(cert, &location))
434 {
435 return CERT_UNDEFINED;
436 }
437
438 lock_ocsp_cache("verify_by_ocsp");
439 status = get_ocsp_status(&location, serialNumber, &nextUpdate
440 , revocationDate, revocationReason);
441 unlock_ocsp_cache("verify_by_ocsp");
442
443 if (status == CERT_UNDEFINED || nextUpdate < time(NULL))
444 {
445 plog("ocsp status is stale or not in cache");
446 add_ocsp_fetch_request(&location, serialNumber);
447
448 /* inititate fetching of ocsp status */
449 wake_fetch_thread("verify_by_ocsp");
450 }
451 *until = nextUpdate;
452 return status;
453 }
454
455 /**
456 * Check if an ocsp status is about to expire
457 */
458 void check_ocsp(void)
459 {
460 ocsp_location_t *location;
461
462 lock_ocsp_cache("check_ocsp");
463 location = ocsp_cache;
464
465 while (location != NULL)
466 {
467 char buf[BUF_LEN];
468 bool first = TRUE;
469 ocsp_certinfo_t *certinfo = location->certinfo;
470
471 while (certinfo != NULL)
472 {
473 if (!certinfo->once)
474 {
475 time_t time_left = certinfo->nextUpdate - time(NULL);
476
477 DBG(DBG_CONTROL,
478 if (first)
479 {
480 dntoa(buf, BUF_LEN, location->issuer);
481 DBG_log("issuer: '%s'", buf);
482 if (location->authKeyID.ptr != NULL)
483 {
484 datatot(location->authKeyID.ptr, location->authKeyID.len
485 , ':', buf, BUF_LEN);
486 DBG_log("authkey: %s", buf);
487 }
488 first = FALSE;
489 }
490 datatot(certinfo->serialNumber.ptr, certinfo->serialNumber.len
491 , ':', buf, BUF_LEN);
492 DBG_log("serial: %s, %ld seconds left", buf, time_left)
493 )
494
495 if (time_left < 2*crl_check_interval)
496 add_ocsp_fetch_request(location, certinfo->serialNumber);
497 }
498 certinfo = certinfo->next;
499 }
500 location = location->next;
501 }
502 unlock_ocsp_cache("check_ocsp");
503 }
504
505 /**
506 * frees the allocated memory of a certinfo struct
507 */
508 static void free_certinfo(ocsp_certinfo_t *certinfo)
509 {
510 free(certinfo->serialNumber.ptr);
511 free(certinfo);
512 }
513
514 /**
515 * frees all certinfos in a chained list
516 */
517 static void free_certinfos(ocsp_certinfo_t *chain)
518 {
519 ocsp_certinfo_t *certinfo;
520
521 while (chain != NULL)
522 {
523 certinfo = chain;
524 chain = chain->next;
525 free_certinfo(certinfo);
526 }
527 }
528
529 /**
530 * Frees the memory allocated to an ocsp location including all certinfos
531 */
532 static void free_ocsp_location(ocsp_location_t* location)
533 {
534 free(location->issuer.ptr);
535 free(location->authNameID.ptr);
536 free(location->authKeyID.ptr);
537 free(location->uri);
538 free_certinfos(location->certinfo);
539 free(location);
540 }
541
542 /*
543 * Free a chained list of ocsp locations
544 */
545 void free_ocsp_locations(ocsp_location_t **chain)
546 {
547 while (*chain != NULL)
548 {
549 ocsp_location_t *location = *chain;
550 *chain = location->next;
551 free_ocsp_location(location);
552 }
553 }
554
555 /**
556 * Free the ocsp cache
557 */
558 void free_ocsp_cache(void)
559 {
560 lock_ocsp_cache("free_ocsp_cache");
561 free_ocsp_locations(&ocsp_cache);
562 unlock_ocsp_cache("free_ocsp_cache");
563 }
564
565 /**
566 * Frees the ocsp cache and global variables
567 */
568 void free_ocsp(void)
569 {
570 free(ocsp_default_uri.ptr);
571 free_ocsp_cache();
572 }
573
574 /**
575 * List a chained list of ocsp_locations
576 */
577 void list_ocsp_locations(ocsp_location_t *location, bool requests,
578 bool utc, bool strict)
579 {
580 bool first = TRUE;
581
582 while (location != NULL)
583 {
584 ocsp_certinfo_t *certinfo = location->certinfo;
585
586 if (certinfo != NULL)
587 {
588 u_char buf[BUF_LEN];
589
590 if (first)
591 {
592 whack_log(RC_COMMENT, " ");
593 whack_log(RC_COMMENT, "List of OCSP %s:", requests?
594 "fetch requests":"responses");
595 first = FALSE;
596 }
597 whack_log(RC_COMMENT, " ");
598 if (location->issuer.ptr != NULL)
599 {
600 dntoa(buf, BUF_LEN, location->issuer);
601 whack_log(RC_COMMENT, " issuer: '%s'", buf);
602 }
603 whack_log(RC_COMMENT, " uri: '%s'", location->uri);
604 if (location->authNameID.ptr != NULL)
605 {
606 datatot(location->authNameID.ptr, location->authNameID.len, ':'
607 , buf, BUF_LEN);
608 whack_log(RC_COMMENT, " authname: %s", buf);
609 }
610 if (location->authKeyID.ptr != NULL)
611 {
612 datatot(location->authKeyID.ptr, location->authKeyID.len, ':'
613 , buf, BUF_LEN);
614 whack_log(RC_COMMENT, " authkey: %s", buf);
615 }
616 while (certinfo != NULL)
617 {
618 char thisUpdate[BUF_LEN];
619
620 snprintf(thisUpdate, BUF_LEN, "%T", &certinfo->thisUpdate, utc);
621
622 if (requests)
623 {
624 whack_log(RC_COMMENT, "%s, trials: %d", thisUpdate
625 , certinfo->trials);
626 }
627 else if (certinfo->once)
628 {
629 whack_log(RC_COMMENT, "%s, onetime use%s", thisUpdate
630 , (certinfo->nextUpdate < time(NULL))? " (expired)": "");
631 }
632 else
633 {
634 whack_log(RC_COMMENT, "%s, until %T %s", thisUpdate
635 , &certinfo->nextUpdate, utc
636 , check_expiry(certinfo->nextUpdate, OCSP_WARNING_INTERVAL, strict));
637 }
638 datatot(certinfo->serialNumber.ptr, certinfo->serialNumber.len, ':'
639 , buf, BUF_LEN);
640 whack_log(RC_COMMENT, " serial: %s, %s", buf
641 , cert_status_names[certinfo->status]);
642 certinfo = certinfo->next;
643 }
644 }
645 location = location->next;
646 }
647 }
648
649 /**
650 * List the ocsp cache
651 */
652 void list_ocsp_cache(bool utc, bool strict)
653 {
654 lock_ocsp_cache("list_ocsp_cache");
655 list_ocsp_locations(ocsp_cache, FALSE, utc, strict);
656 unlock_ocsp_cache("list_ocsp_cache");
657 }
658
659 static bool get_ocsp_requestor_cert(ocsp_location_t *location)
660 {
661 x509cert_t *cert = NULL;
662
663 /* initialize temporary static storage */
664 ocsp_requestor_cert = NULL;
665 ocsp_requestor_sc = NULL;
666 ocsp_requestor_key = NULL;
667
668 for (;;)
669 {
670 certificate_t *certificate;
671
672 /* looking for a certificate from the same issuer */
673 cert = get_x509cert(location->issuer, location->authKeyID, cert);
674 if (cert == NULL)
675 {
676 break;
677 }
678 certificate = cert->cert;
679 DBG(DBG_CONTROL,
680 DBG_log("candidate: '%Y'", certificate->get_subject(certificate));
681 )
682
683 if (cert->smartcard)
684 {
685 /* look for a matching private key on a smartcard */
686 smartcard_t *sc = scx_get(cert);
687
688 if (sc != NULL)
689 {
690 DBG(DBG_CONTROL,
691 DBG_log("matching smartcard found")
692 )
693 if (sc->valid)
694 {
695 ocsp_requestor_cert = cert;
696 ocsp_requestor_sc = sc;
697 return TRUE;
698 }
699 plog("unable to sign ocsp request without PIN");
700 }
701 }
702 else
703 {
704 /* look for a matching private key in the chained list */
705 private_key_t *private = get_x509_private_key(cert);
706
707 if (private != NULL)
708 {
709 DBG(DBG_CONTROL,
710 DBG_log("matching private key found")
711 )
712 ocsp_requestor_cert = cert;
713 ocsp_requestor_key = private;
714 return TRUE;
715 }
716 }
717 }
718 return FALSE;
719 }
720
721 static chunk_t sc_build_sha1_signature(chunk_t tbs, smartcard_t *sc)
722 {
723 hasher_t *hasher;
724 u_char *pos;
725 chunk_t digest;
726 chunk_t digest_info, sigdata;
727 size_t siglen = 0;
728
729 if (!scx_establish_context(sc) || !scx_login(sc))
730 {
731 scx_release_context(sc);
732 return chunk_empty;
733 }
734
735 siglen = scx_get_keylength(sc);
736
737 if (siglen == 0)
738 {
739 plog("failed to get keylength from smartcard");
740 scx_release_context(sc);
741 return chunk_empty;
742 }
743
744 DBG(DBG_CONTROL | DBG_CRYPT,
745 DBG_log("signing hash with RSA key from smartcard (slot: %d, id: %s)"
746 , (int)sc->slot, sc->id)
747 )
748
749 hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
750 if (hasher == NULL)
751 {
752 return chunk_empty;
753 }
754 hasher->allocate_hash(hasher, tbs, &digest);
755 hasher->destroy(hasher);
756
757 /* according to PKCS#1 v2.1 digest must be packaged into
758 * an ASN.1 structure for encryption
759 */
760 digest_info = asn1_wrap(ASN1_SEQUENCE, "mm"
761 , asn1_algorithmIdentifier(OID_SHA1)
762 , asn1_wrap(ASN1_OCTET_STRING, "m", digest));
763
764 pos = asn1_build_object(&sigdata, ASN1_BIT_STRING, 1 + siglen);
765 *pos++ = 0x00;
766 scx_sign_hash(sc, digest_info.ptr, digest_info.len, pos, siglen);
767 free(digest_info.ptr);
768
769 if (!pkcs11_keep_state)
770 {
771 scx_release_context(sc);
772 }
773 return sigdata;
774 }
775
776 /**
777 * build signature into ocsp request gets built only if a request cert
778 * with a corresponding private key is found
779 */
780 static chunk_t build_signature(chunk_t tbsRequest)
781 {
782 chunk_t sigdata, cert, certs;
783
784 if (ocsp_requestor_sc != NULL)
785 {
786 /* RSA signature is done on smartcard */
787 sigdata = sc_build_sha1_signature(tbsRequest, ocsp_requestor_sc);
788 }
789 else
790 {
791 /* RSA signature is done in software */
792 sigdata = x509_build_signature(tbsRequest, OID_SHA1, ocsp_requestor_key,
793 TRUE);
794 }
795 if (sigdata.ptr == NULL)
796 {
797 return chunk_empty;
798 }
799
800 /* include our certificate */
801 cert = ocsp_requestor_cert->cert->get_encoding(ocsp_requestor_cert->cert);
802 certs = asn1_wrap(ASN1_CONTEXT_C_0, "m",
803 asn1_wrap(ASN1_SEQUENCE, "m", cert));
804
805 /* build signature comprising algorithm, signature and cert */
806 return asn1_wrap(ASN1_CONTEXT_C_0, "m"
807 , asn1_wrap(ASN1_SEQUENCE, "mmm"
808 , asn1_algorithmIdentifier(OID_SHA1_WITH_RSA)
809 , sigdata
810 , certs
811 )
812 );
813 }
814
815 /**
816 * Build request (into requestList)
817 * no singleRequestExtensions used
818 */
819 static chunk_t build_request(ocsp_location_t *location, ocsp_certinfo_t *certinfo)
820 {
821 chunk_t reqCert = asn1_wrap(ASN1_SEQUENCE, "mmmm"
822 , asn1_algorithmIdentifier(OID_SHA1)
823 , asn1_simple_object(ASN1_OCTET_STRING, location->authNameID)
824 , asn1_simple_object(ASN1_OCTET_STRING, location->authKeyID)
825 , asn1_simple_object(ASN1_INTEGER, certinfo->serialNumber));
826
827 return asn1_wrap(ASN1_SEQUENCE, "m", reqCert);
828 }
829
830 /**
831 * build requestList (into TBSRequest)
832 */
833 static chunk_t build_request_list(ocsp_location_t *location)
834 {
835 chunk_t requestList;
836 request_list_t *reqs = NULL;
837 ocsp_certinfo_t *certinfo = location->certinfo;
838 u_char *pos;
839
840 size_t datalen = 0;
841
842 /* build content */
843 while (certinfo != NULL)
844 {
845 /* build request for every certificate in list
846 * and store them in a chained list
847 */
848 request_list_t *req = malloc_thing(request_list_t);
849
850 req->request = build_request(location, certinfo);
851 req->next = reqs;
852 reqs = req;
853
854 datalen += req->request.len;
855 certinfo = certinfo->next;
856 }
857
858 pos = asn1_build_object(&requestList, ASN1_SEQUENCE, datalen);
859
860 /* copy all in chained list, free list afterwards */
861 while (reqs != NULL)
862 {
863 request_list_t *req = reqs;
864
865 mv_chunk(&pos, req->request);
866 reqs = reqs->next;
867 free(req);
868 }
869
870 return requestList;
871 }
872
873 /**
874 * Build requestorName (into TBSRequest)
875 */
876 static chunk_t build_requestor_name(void)
877 {
878 certificate_t *certificate = ocsp_requestor_cert->cert;
879 identification_t *subject = certificate->get_subject(certificate);
880
881 return asn1_wrap(ASN1_CONTEXT_C_1, "m"
882 , asn1_simple_object(ASN1_CONTEXT_C_4
883 , subject->get_encoding(subject)));
884 }
885
886 /**
887 * build nonce extension (into requestExtensions)
888 */
889 static chunk_t build_nonce_extension(ocsp_location_t *location)
890 {
891 rng_t *rng;
892
893 /* generate a random nonce */
894 location->nonce.ptr = malloc(NONCE_LENGTH),
895 location->nonce.len = NONCE_LENGTH;
896 rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
897 rng->get_bytes(rng, location->nonce.len, location->nonce.ptr);
898 rng->destroy(rng);
899
900 return asn1_wrap(ASN1_SEQUENCE, "cm"
901 , ASN1_nonce_oid
902 , asn1_simple_object(ASN1_OCTET_STRING, location->nonce));
903 }
904
905 /**
906 * Build requestExtensions (into TBSRequest)
907 */
908 static chunk_t build_request_ext(ocsp_location_t *location)
909 {
910 return asn1_wrap(ASN1_CONTEXT_C_2, "m"
911 , asn1_wrap(ASN1_SEQUENCE, "mm"
912 , build_nonce_extension(location)
913 , asn1_wrap(ASN1_SEQUENCE, "cc"
914 , ASN1_response_oid
915 , ASN1_response_content
916 )
917 )
918 );
919 }
920
921 /**
922 * Build TBSRequest (into OCSPRequest)
923 */
924 static chunk_t build_tbs_request(ocsp_location_t *location, bool has_requestor_cert)
925 {
926 /* version is skipped since the default is ok */
927 return asn1_wrap(ASN1_SEQUENCE, "mmm"
928 , (has_requestor_cert)
929 ? build_requestor_name()
930 : chunk_empty
931 , build_request_list(location)
932 , build_request_ext(location));
933 }
934
935 /**
936 * Assembles an ocsp request to given location
937 * and sets nonce field in location to the sent nonce
938 */
939 chunk_t build_ocsp_request(ocsp_location_t *location)
940 {
941 bool has_requestor_cert;
942 chunk_t tbsRequest, signature;
943 char buf[BUF_LEN];
944
945 DBG(DBG_CONTROL,
946 DBG_log("assembling ocsp request");
947 dntoa(buf, BUF_LEN, location->issuer);
948 DBG_log("issuer: '%s'", buf);
949 if (location->authKeyID.ptr != NULL)
950 {
951 datatot(location->authKeyID.ptr, location->authKeyID.len, ':'
952 , buf, BUF_LEN);
953 DBG_log("authkey: %s", buf);
954 }
955 )
956 lock_certs_and_keys("build_ocsp_request");
957
958 /* looks for requestor cert and matching private key */
959 has_requestor_cert = get_ocsp_requestor_cert(location);
960
961 /* build content */
962 tbsRequest = build_tbs_request(location, has_requestor_cert);
963
964 /* sign tbsReuqest */
965 signature = (has_requestor_cert)? build_signature(tbsRequest)
966 : chunk_empty;
967
968 unlock_certs_and_keys("build_ocsp_request");
969
970 return asn1_wrap(ASN1_SEQUENCE, "mm"
971 , tbsRequest
972 , signature);
973 }
974
975 /**
976 * Check if the OCSP response has a valid signature
977 */
978 static bool valid_ocsp_response(response_t *res)
979 {
980 int pathlen;
981 x509cert_t *authcert;
982
983 lock_authcert_list("valid_ocsp_response");
984
985 authcert = get_authcert(res->responder_id_name, res->responder_id_key,
986 X509_OCSP_SIGNER | X509_CA);
987 if (authcert == NULL)
988 {
989 plog("no matching ocsp signer cert found");
990 unlock_authcert_list("valid_ocsp_response");
991 return FALSE;
992 }
993 DBG(DBG_CONTROL,
994 DBG_log("ocsp signer cert found")
995 )
996
997 if (!x509_check_signature(res->tbs, res->signature, res->algorithm,
998 authcert->cert))
999 {
1000 plog("signature of ocsp response is invalid");
1001 unlock_authcert_list("valid_ocsp_response");
1002 return FALSE;
1003 }
1004 DBG(DBG_CONTROL,
1005 DBG_log("signature of ocsp response is valid")
1006 )
1007
1008
1009 for (pathlen = 0; pathlen < MAX_CA_PATH_LEN; pathlen++)
1010 {
1011 err_t ugh = NULL;
1012 time_t until;
1013
1014 x509cert_t *cert = authcert;
1015 certificate_t *certificate = cert->cert;
1016 x509_t *x509 = (x509_t*)certificate;
1017 identification_t *subject = certificate->get_subject(certificate);
1018 identification_t *issuer = certificate->get_issuer(certificate);
1019 chunk_t authKeyID = x509->get_authKeyIdentifier(x509);
1020
1021 DBG(DBG_CONTROL,
1022 DBG_log("subject: '%Y'", subject);
1023 DBG_log("issuer: '%Y'", issuer);
1024 if (authKeyID.ptr != NULL)
1025 {
1026 DBG_log("authkey: %#B", &authKeyID);
1027 }
1028 )
1029
1030 ugh = check_validity(authcert, &until);
1031
1032 if (ugh != NULL)
1033 {
1034 plog("%s", ugh);
1035 unlock_authcert_list("valid_ocsp_response");
1036 return FALSE;
1037 }
1038
1039 DBG(DBG_CONTROL,
1040 DBG_log("certificate is valid")
1041 )
1042
1043 authcert = get_authcert(issuer->get_encoding(issuer), authKeyID, X509_CA);
1044 if (authcert == NULL)
1045 {
1046 plog("issuer cacert not found");
1047 unlock_authcert_list("valid_ocsp_response");
1048 return FALSE;
1049 }
1050 DBG(DBG_CONTROL,
1051 DBG_log("issuer cacert found")
1052 )
1053
1054 if (!certificate->issued_by(certificate, authcert->cert))
1055 {
1056 plog("certificate signature is invalid");
1057 unlock_authcert_list("valid_ocsp_response");
1058 return FALSE;
1059 }
1060 DBG(DBG_CONTROL,
1061 DBG_log("certificate signature is valid")
1062 )
1063
1064 /* check if cert is self-signed */
1065 if (x509->get_flags(x509) & X509_SELF_SIGNED)
1066 {
1067 DBG(DBG_CONTROL,
1068 DBG_log("reached self-signed root ca")
1069 )
1070 unlock_authcert_list("valid_ocsp_response");
1071 return TRUE;
1072 }
1073 }
1074 plog("maximum ca path length of %d levels exceeded", MAX_CA_PATH_LEN);
1075 unlock_authcert_list("valid_ocsp_response");
1076 return FALSE;
1077 }
1078
1079 /**
1080 * Parse a basic OCSP response
1081 */
1082 static bool parse_basic_ocsp_response(chunk_t blob, int level0, response_t *res)
1083 {
1084 asn1_parser_t *parser;
1085 chunk_t object;
1086 u_int version;
1087 u_char buf[BUF_LEN];
1088 int objectID;
1089 int extn_oid = OID_UNKNOWN;
1090 bool success = FALSE;
1091 bool critical;
1092
1093 parser = asn1_parser_create(basicResponseObjects, blob);
1094 parser->set_top_level(parser, level0);
1095
1096 while (parser->iterate(parser, &objectID, &object))
1097 {
1098 switch (objectID)
1099 {
1100 case BASIC_RESPONSE_TBS_DATA:
1101 res->tbs = object;
1102 break;
1103 case BASIC_RESPONSE_VERSION:
1104 version = (object.len)? (1 + (u_int)*object.ptr) : 1;
1105 if (version != OCSP_BASIC_RESPONSE_VERSION)
1106 {
1107 plog("wrong ocsp basic response version (version= %i)", version);
1108 goto end;
1109 }
1110 break;
1111 case BASIC_RESPONSE_ID_BY_NAME:
1112 res->responder_id_name = object;
1113 DBG(DBG_PARSING,
1114 dntoa(buf, BUF_LEN, object);
1115 DBG_log(" '%s'",buf)
1116 )
1117 break;
1118 case BASIC_RESPONSE_ID_BY_KEY:
1119 res->responder_id_key = object;
1120 break;
1121 case BASIC_RESPONSE_PRODUCED_AT:
1122 res->produced_at = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1123 break;
1124 case BASIC_RESPONSE_RESPONSES:
1125 res->responses = object;
1126 break;
1127 case BASIC_RESPONSE_EXT_ID:
1128 extn_oid = asn1_known_oid(object);
1129 break;
1130 case BASIC_RESPONSE_CRITICAL:
1131 critical = object.len && *object.ptr;
1132 DBG(DBG_PARSING,
1133 DBG_log(" %s",(critical)?"TRUE":"FALSE");
1134 )
1135 break;
1136 case BASIC_RESPONSE_EXT_VALUE:
1137 if (extn_oid == OID_NONCE)
1138 res->nonce = object;
1139 break;
1140 case BASIC_RESPONSE_ALGORITHM:
1141 res->algorithm = asn1_parse_algorithmIdentifier(object,
1142 parser->get_level(parser)+1, NULL);
1143 break;
1144 case BASIC_RESPONSE_SIGNATURE:
1145 res->signature = object;
1146 break;
1147 case BASIC_RESPONSE_CERTIFICATE:
1148 {
1149 x509cert_t *cert = malloc_thing(x509cert_t);
1150 x509_t *x509;
1151
1152 *cert = empty_x509cert;
1153 cert->cert = lib->creds->create(lib->creds,
1154 CRED_CERTIFICATE, CERT_X509,
1155 BUILD_BLOB_ASN1_DER, object,
1156 BUILD_END);
1157 if (cert->cert == NULL)
1158 {
1159 DBG(DBG_CONTROL | DBG_PARSING,
1160 DBG_log("parsing of embedded ocsp certificate failed")
1161 )
1162 free_x509cert(cert);
1163 break;
1164 }
1165 time(&cert->installed);
1166 x509 = (x509_t*)cert->cert;
1167
1168 if ((x509->get_flags(x509) & X509_OCSP_SIGNER) &&
1169 trust_authcert_candidate(cert, NULL))
1170 {
1171 add_authcert(cert, X509_OCSP_SIGNER);
1172 }
1173 else
1174 {
1175 DBG(DBG_CONTROL | DBG_PARSING,
1176 DBG_log("embedded ocsp certificate rejected")
1177 )
1178 free_x509cert(cert);
1179 }
1180 }
1181 break;
1182 }
1183 }
1184 success = parser->success(parser);
1185
1186 end:
1187 parser->destroy(parser);
1188 return success;
1189
1190 }
1191
1192
1193 /**
1194 * Parse an ocsp response and return the result as a response_t struct
1195 */
1196 static response_status parse_ocsp_response(chunk_t blob, response_t * res)
1197 {
1198 asn1_parser_t *parser;
1199 chunk_t object;
1200 int objectID;
1201 int ocspResponseType = OID_UNKNOWN;
1202 bool success = FALSE;
1203 response_status rStatus = STATUS_INTERNALERROR;
1204
1205 parser = asn1_parser_create(ocspResponseObjects, blob);
1206
1207 while (parser->iterate(parser, &objectID, &object))
1208 {
1209 switch (objectID) {
1210 case OCSP_RESPONSE_STATUS:
1211 rStatus = (response_status) *object.ptr;
1212
1213 switch (rStatus)
1214 {
1215 case STATUS_SUCCESSFUL:
1216 break;
1217 case STATUS_MALFORMEDREQUEST:
1218 case STATUS_INTERNALERROR:
1219 case STATUS_TRYLATER:
1220 case STATUS_SIGREQUIRED:
1221 case STATUS_UNAUTHORIZED:
1222 plog("ocsp response: server said '%s'"
1223 , response_status_names[rStatus]);
1224 goto end;
1225 default:
1226 goto end;
1227 }
1228 break;
1229 case OCSP_RESPONSE_TYPE:
1230 ocspResponseType = asn1_known_oid(object);
1231 break;
1232 case OCSP_RESPONSE:
1233 {
1234 switch (ocspResponseType) {
1235 case OID_BASIC:
1236 success = parse_basic_ocsp_response(object,
1237 parser->get_level(parser)+1, res);
1238 break;
1239 default:
1240 DBG(DBG_CONTROL,
1241 DBG_log("ocsp response is not of type BASIC");
1242 DBG_dump_chunk("ocsp response OID: ", object);
1243 )
1244 goto end;
1245 }
1246 }
1247 break;
1248 }
1249 }
1250 success &= parser->success(parser);
1251
1252 end:
1253 parser->destroy(parser);
1254 return rStatus;
1255 }
1256
1257 /**
1258 * Parse a basic OCSP response
1259 */
1260 static bool parse_ocsp_single_response(chunk_t blob, int level0,
1261 single_response_t *sres)
1262 {
1263 asn1_parser_t *parser;
1264 chunk_t object;
1265 u_int extn_oid;
1266 int objectID;
1267 bool critical;
1268 bool success = FALSE;
1269
1270 parser = asn1_parser_create(singleResponseObjects, blob);
1271 parser->set_top_level(parser, level0);
1272
1273 while (parser->iterate(parser, &objectID, &object))
1274 {
1275 switch (objectID)
1276 {
1277 case SINGLE_RESPONSE_ALGORITHM:
1278 sres->hash_algorithm = asn1_parse_algorithmIdentifier(object,
1279 parser->get_level(parser)+1, NULL);
1280 break;
1281 case SINGLE_RESPONSE_ISSUER_NAME_HASH:
1282 sres->issuer_name_hash = object;
1283 break;
1284 case SINGLE_RESPONSE_ISSUER_KEY_HASH:
1285 sres->issuer_key_hash = object;
1286 break;
1287 case SINGLE_RESPONSE_SERIAL_NUMBER:
1288 sres->serialNumber = object;
1289 break;
1290 case SINGLE_RESPONSE_CERT_STATUS_GOOD:
1291 sres->status = CERT_GOOD;
1292 break;
1293 case SINGLE_RESPONSE_CERT_STATUS_REVOKED:
1294 sres->status = CERT_REVOKED;
1295 break;
1296 case SINGLE_RESPONSE_CERT_STATUS_REVOCATION_TIME:
1297 sres->revocationTime = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1298 break;
1299 case SINGLE_RESPONSE_CERT_STATUS_CRL_REASON:
1300 sres->revocationReason = (object.len == 1)
1301 ? *object.ptr : CRL_REASON_UNSPECIFIED;
1302 break;
1303 case SINGLE_RESPONSE_CERT_STATUS_UNKNOWN:
1304 sres->status = CERT_UNKNOWN;
1305 break;
1306 case SINGLE_RESPONSE_THIS_UPDATE:
1307 sres->thisUpdate = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1308 break;
1309 case SINGLE_RESPONSE_NEXT_UPDATE:
1310 sres->nextUpdate = asn1_to_time(&object, ASN1_GENERALIZEDTIME);
1311 break;
1312 case SINGLE_RESPONSE_EXT_ID:
1313 extn_oid = asn1_known_oid(object);
1314 break;
1315 case SINGLE_RESPONSE_CRITICAL:
1316 critical = object.len && *object.ptr;
1317 DBG(DBG_PARSING,
1318 DBG_log(" %s",(critical)?"TRUE":"FALSE");
1319 )
1320 case SINGLE_RESPONSE_EXT_VALUE:
1321 break;
1322 }
1323 }
1324 success = parser->success(parser);
1325 parser->destroy(parser);
1326 return success;
1327 }
1328
1329 /**
1330 * Add an ocsp location to a chained list
1331 */
1332 ocsp_location_t* add_ocsp_location(const ocsp_location_t *loc,
1333 ocsp_location_t **chain)
1334 {
1335 ocsp_location_t *location = malloc_thing(ocsp_location_t);
1336
1337 /* unshare location fields */
1338 location->issuer = chunk_clone(loc->issuer);
1339 location->authNameID = chunk_clone(loc->authNameID);
1340 location->authKeyID = chunk_clone(loc->authKeyID);
1341 location->uri = strdup(loc->uri);
1342 location->certinfo = NULL;
1343
1344 /* insert new ocsp location in front of chain */
1345 location->next = *chain;
1346 *chain = location;
1347
1348 DBG(DBG_CONTROL,
1349 DBG_log("new ocsp location added")
1350 )
1351
1352 return location;
1353 }
1354
1355 /**
1356 * add a certinfo struct to a chained list
1357 */
1358 void add_certinfo(ocsp_location_t *loc, ocsp_certinfo_t *info,
1359 ocsp_location_t **chain, bool request)
1360 {
1361 ocsp_location_t *location;
1362 ocsp_certinfo_t *certinfo, **certinfop;
1363 char buf[BUF_LEN];
1364 time_t now;
1365 int cmp = -1;
1366
1367 location = get_ocsp_location(loc, *chain);
1368 if (location == NULL)
1369 {
1370 location = add_ocsp_location(loc, chain);
1371 }
1372
1373 /* traverse list of certinfos in increasing order */
1374 certinfop = &location->certinfo;
1375 certinfo = *certinfop;
1376
1377 while (certinfo != NULL)
1378 {
1379 cmp = chunk_compare(info->serialNumber, certinfo->serialNumber);
1380 if (cmp <= 0)
1381 break;
1382 certinfop = &certinfo->next;
1383 certinfo = *certinfop;
1384 }
1385
1386 if (cmp != 0)
1387 {
1388 /* add a new certinfo entry */
1389 ocsp_certinfo_t *cnew = malloc_thing(ocsp_certinfo_t);
1390
1391 cnew->serialNumber = chunk_clone(info->serialNumber);
1392 cnew->next = certinfo;
1393 *certinfop = cnew;
1394 certinfo = cnew;
1395 }
1396
1397 DBG(DBG_CONTROL,
1398 datatot(info->serialNumber.ptr, info->serialNumber.len, ':'
1399 , buf, BUF_LEN);
1400 DBG_log("ocsp %s for serial %s %s"
1401 , request?"fetch request":"certinfo"
1402 , buf
1403 , (cmp == 0)? (request?"already exists":"updated"):"added")
1404 )
1405
1406 time(&now);
1407
1408 if (request)
1409 {
1410 certinfo->status = CERT_UNDEFINED;
1411
1412 if (cmp != 0)
1413 {
1414 certinfo->thisUpdate = now;
1415 }
1416 certinfo->nextUpdate = UNDEFINED_TIME;
1417 }
1418 else
1419 {
1420 certinfo->status = info->status;
1421 certinfo->revocationTime = info->revocationTime;
1422 certinfo->revocationReason = info->revocationReason;
1423
1424 certinfo->thisUpdate = (info->thisUpdate != UNDEFINED_TIME)?
1425 info->thisUpdate : now;
1426
1427 certinfo->once = (info->nextUpdate == UNDEFINED_TIME);
1428
1429 certinfo->nextUpdate = (certinfo->once)?
1430 (now + OCSP_DEFAULT_VALID_TIME) : info->nextUpdate;
1431 }
1432 }
1433
1434 /**
1435 * Process received ocsp single response and add it to ocsp cache
1436 */
1437 static void process_single_response(ocsp_location_t *location,
1438 single_response_t *sres)
1439 {
1440 ocsp_certinfo_t *certinfo, **certinfop;
1441 int cmp = -1;
1442
1443 if (sres->hash_algorithm != OID_SHA1)
1444 {
1445 plog("only SHA-1 hash supported in OCSP single response");
1446 return;
1447 }
1448 if (!(chunk_equals(sres->issuer_name_hash, location->authNameID)
1449 && chunk_equals(sres->issuer_key_hash, location->authKeyID)))
1450 {
1451 plog("ocsp single response has wrong issuer");
1452 return;
1453 }
1454
1455 /* traverse list of certinfos in increasing order */
1456 certinfop = &location->certinfo;
1457 certinfo = *certinfop;
1458
1459 while (certinfo != NULL)
1460 {
1461 cmp = chunk_compare(sres->serialNumber, certinfo->serialNumber);
1462 if (cmp <= 0)
1463 break;
1464 certinfop = &certinfo->next;
1465 certinfo = *certinfop;
1466 }
1467
1468 if (cmp != 0)
1469 {
1470 plog("received unrequested cert status from ocsp server");
1471 return;
1472 }
1473
1474 /* unlink cert from ocsp fetch request list */
1475 *certinfop = certinfo->next;
1476
1477 /* update certinfo using the single response information */
1478 certinfo->thisUpdate = sres->thisUpdate;
1479 certinfo->nextUpdate = sres->nextUpdate;
1480 certinfo->status = sres->status;
1481 certinfo->revocationTime = sres->revocationTime;
1482 certinfo->revocationReason = sres->revocationReason;
1483
1484 /* add or update certinfo in ocsp cache */
1485 lock_ocsp_cache("process_single_response");
1486 add_certinfo(location, certinfo, &ocsp_cache, FALSE);
1487 unlock_ocsp_cache("process_single_response");
1488
1489 /* free certinfo unlinked from ocsp fetch request list */
1490 free_certinfo(certinfo);
1491 }
1492
1493 /**
1494 * Parse and verify ocsp response and update the ocsp cache
1495 */
1496 void parse_ocsp(ocsp_location_t *location, chunk_t blob)
1497 {
1498 response_t res = empty_response;
1499
1500 /* parse the ocsp response without looking at the single responses yet */
1501 response_status status = parse_ocsp_response(blob, &res);
1502
1503 if (status != STATUS_SUCCESSFUL)
1504 {
1505 plog("error in ocsp response");
1506 return;
1507 }
1508 /* check if there was a nonce in the request */
1509 if (location->nonce.ptr != NULL && res.nonce.ptr == NULL)
1510 {
1511 plog("ocsp response contains no nonce, replay attack possible");
1512 }
1513 /* check if the nonce is identical */
1514 if (res.nonce.ptr != NULL && !chunk_equals(res.nonce, location->nonce))
1515 {
1516 plog("invalid nonce in ocsp response");
1517 return;
1518 }
1519 /* check if the response is signed by a trusted key */
1520 if (!valid_ocsp_response(&res))
1521 {
1522 plog("invalid ocsp response");
1523 return;
1524 }
1525 DBG(DBG_CONTROL,
1526 DBG_log("valid ocsp response")
1527 )
1528
1529 /* now parse the single responses one at a time */
1530 {
1531 asn1_parser_t *parser;
1532 chunk_t object;
1533 int objectID;
1534
1535 parser = asn1_parser_create(responsesObjects, res.responses);
1536
1537 while (parser->iterate(parser, &objectID, &object))
1538 {
1539 if (objectID == RESPONSES_SINGLE_RESPONSE)
1540 {
1541 single_response_t sres = empty_single_response;
1542
1543 if (!parse_ocsp_single_response(object,
1544 parser->get_level(parser)+1, &sres))
1545 {
1546 goto end;
1547 }
1548 process_single_response(location, &sres);
1549 }
1550 }
1551 end:
1552 parser->destroy(parser);
1553 }
1554 }