TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / f16ac763f631fed2627ad501cf30540e950a154d / . / library / x509parse.c
blob: 72cdf8dbc009e10cfe7f5e87ce7d0636ce48c998 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * X.509 certificate and private key decoding
3 *
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]4 * Copyright (C) 2006-2013, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +0000[diff] [blame]7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]8 *
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]9 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]10 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25/*
Paul Bakkerad8d3542012-02-16 15:28:14 +0000[diff] [blame]26 * The ITU-T X.509 standard defines a certificate format for PKI.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]27 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]28 * http://www.ietf.org/rfc/rfc3279.txt
Paul Bakkerad8d3542012-02-16 15:28:14 +0000[diff] [blame]29 * http://www.ietf.org/rfc/rfc3280.txt
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]30 *
31 * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
32 *
33 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
34 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
35 */
36
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]37#include "polarssl/config.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]38
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]39#if defined(POLARSSL_X509_PARSE_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]40
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]41#include "polarssl/x509.h"
Paul Bakkerefc30292011-11-10 14:43:23 +0000[diff] [blame]42#include "polarssl/asn1.h"
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]43#include "polarssl/oid.h"
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]44#include "polarssl/pem.h"
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]45#include "polarssl/dhm.h"
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]46#if defined(POLARSSL_PKCS5_C)
47#include "polarssl/pkcs5.h"
48#endif
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]49#if defined(POLARSSL_PKCS12_C)
50#include "polarssl/pkcs12.h"
51#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]52
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]53#if defined(POLARSSL_MEMORY_C)
54#include "polarssl/memory.h"
55#else
56#define polarssl_malloc malloc
57#define polarssl_free free
58#endif
59
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]60#include <string.h>
61#include <stdlib.h>
Paul Bakker4f229e52011-12-04 22:11:35 +0000[diff] [blame]62#if defined(_WIN32)
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]63#include <windows.h>
64#else
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]65#include <time.h>
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]66#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]67
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]68#if defined(POLARSSL_FS_IO)
69#include <stdio.h>
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]70#if !defined(_WIN32)
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]71#include <sys/types.h>
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]72#include <sys/stat.h>
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]73#include <dirent.h>
74#endif
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]75#endif
76
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]77/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]78 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
79 */
80static int x509_get_version( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]81 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]82 int *ver )
83{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]84 int ret;
85 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]86
87 if( ( ret = asn1_get_tag( p, end, &len,
88 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 )
89 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]90 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker2a1c5f52011-10-19 14:15:17 +0000[diff] [blame]91 {
92 *ver = 0;
93 return( 0 );
94 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]95
96 return( ret );
97 }
98
99 end = *p + len;
100
101 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]102 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]103
104 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]105 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]106 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]107
108 return( 0 );
109}
110
111/*
Paul Bakkerfae618f2011-10-12 11:53:52 +0000[diff] [blame]112 * Version ::= INTEGER { v1(0), v2(1) }
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]113 */
114static int x509_crl_get_version( unsigned char **p,
115 const unsigned char *end,
116 int *ver )
117{
118 int ret;
119
120 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
121 {
122 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker2a1c5f52011-10-19 14:15:17 +0000[diff] [blame]123 {
124 *ver = 0;
125 return( 0 );
126 }
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]127
128 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
129 }
130
131 return( 0 );
132}
133
134/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]135 * CertificateSerialNumber ::= INTEGER
136 */
137static int x509_get_serial( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]138 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]139 x509_buf *serial )
140{
141 int ret;
142
143 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]144 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]145 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]146
147 if( **p != ( ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2 ) &&
148 **p != ASN1_INTEGER )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]149 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]150 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]151
152 serial->tag = *(*p)++;
153
154 if( ( ret = asn1_get_len( p, end, &serial->len ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]155 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]156
157 serial->p = *p;
158 *p += serial->len;
159
160 return( 0 );
161}
162
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]163/* Get an algorithm identifier and its parameters
164 *
165 * AlgorithmIdentifier ::= SEQUENCE {
166 * algorithm OBJECT IDENTIFIER,
167 * parameters ANY DEFINED BY algorithm OPTIONAL }
168 */
169static int x509_get_algid( unsigned char **p,
170 const unsigned char *end,
171 pk_type_t *pk_alg, x509_buf *params )
172{
173 int ret;
174 x509_buf alg_oid;
175
176 memset( params, 0, sizeof(asn1_buf) );
177
178 if( ( ret = asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
179 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
180
181 if( oid_get_pk_alg( &alg_oid, pk_alg ) != 0 )
182 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
183
184 /*
185 * No parameters with RSA (only for EC)
186 */
187 if( *pk_alg == POLARSSL_PK_RSA &&
188 ( ( params->tag != ASN1_NULL && params->tag != 0 ) ||
189 params->len != 0 ) )
190 {
191 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
192 }
193
194 return( 0 );
195}
196
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]197/*
198 * AlgorithmIdentifier ::= SEQUENCE {
199 * algorithm OBJECT IDENTIFIER,
200 * parameters ANY DEFINED BY algorithm OPTIONAL }
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]201 *
202 * If params_end is NULL, then parameters must be absent or ANS.1 NULL
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]203 */
204static int x509_get_alg( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]205 const unsigned char *end,
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]206 x509_buf *alg, const unsigned char **params_end )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]207{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]208 int ret;
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]209 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]210
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]211 if( params_end == NULL ) {
212 if( ( ret = asn1_get_alg_null( p, end, alg ) ) != 0 )
213 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
214
215 return( 0 );
216 }
217
218 /* TODO: use asn1_get_alg */
219 if( ( ret = asn1_get_tag( p, end, &len,
220 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
221 {
222 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
223 }
224
225 end = *p + len;
226 alg->tag = **p;
227
228 if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]229 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]230
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]231 alg->p = *p;
232 *p += alg->len;
233
234 *params_end = end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]235 return( 0 );
236}
237
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]238/* Get an EC group id from an ECParameters buffer
239 *
240 * ECParameters ::= CHOICE {
241 * namedCurve OBJECT IDENTIFIER
242 * -- implicitCurve NULL
243 * -- specifiedCurve SpecifiedECDomain
244 * }
245 */
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]246static int x509_ecparams_get_grp_id( const x509_buf *params,
247 ecp_group_id *grp_id )
248{
249 if( oid_get_ec_grp( params, grp_id ) != 0 )
250 return( POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE );
251
252 return( 0 );
253}
254
255/* Get an EC group id from an ECParameters buffer
256 *
257 * ECParameters ::= CHOICE {
258 * namedCurve OBJECT IDENTIFIER
259 * -- implicitCurve NULL
260 * -- specifiedCurve SpecifiedECDomain
261 * }
262 */
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]263static int x509_get_ecparams( unsigned char **p, const unsigned char *end,
264 ecp_group_id *grp_id )
265{
266 int ret;
267 x509_buf curve;
268
269 curve.tag = **p;
270
271 if( ( ret = asn1_get_tag( p, end, &curve.len, ASN1_OID ) ) != 0 )
272 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
273
274 curve.p = *p;
275 *p += curve.len;
276
277 if( *p != end )
278 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
279 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
280
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]281 return( x509_ecparams_get_grp_id( &curve, grp_id ) );
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]282}
283
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]284/*
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]285 * subjectPublicKey BIT STRING
286 * -- which, in our case, contains
287 * ECPoint ::= octet string (not ASN.1)
288 */
289static int x509_get_subpubkey_ec( unsigned char **p, const unsigned char *end,
290 const ecp_group *grp, ecp_point *pt )
291{
292 int ret;
293 size_t len;
294
295 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
296 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
297
298 if( *p + len != end )
299 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
300 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
301
302 /*
303 * First byte in the content of BIT STRING is the nummber of padding bit.
304 * Here it is always 0 since ECPoint is an octet string, so skip it.
305 */
306 ++*p;
307 --len;
308
309 if( ( ret = ecp_point_read_binary( grp, pt,
310 (const unsigned char *) *p, len ) ) != 0 )
311 {
312 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
313 }
314
315 return( 0 );
316}
317
318/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]319 * AttributeTypeAndValue ::= SEQUENCE {
320 * type AttributeType,
321 * value AttributeValue }
322 *
323 * AttributeType ::= OBJECT IDENTIFIER
324 *
325 * AttributeValue ::= ANY DEFINED BY AttributeType
326 */
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]327static int x509_get_attr_type_value( unsigned char **p,
328 const unsigned char *end,
329 x509_name *cur )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]330{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]331 int ret;
332 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]333 x509_buf *oid;
334 x509_buf *val;
335
336 if( ( ret = asn1_get_tag( p, end, &len,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]337 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]338 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]339
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]340 oid = &cur->oid;
341 oid->tag = **p;
342
343 if( ( ret = asn1_get_tag( p, end, &oid->len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]344 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]345
346 oid->p = *p;
347 *p += oid->len;
348
349 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]350 return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]351 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]352
353 if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING &&
354 **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING &&
355 **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]356 return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]357 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]358
359 val = &cur->val;
360 val->tag = *(*p)++;
361
362 if( ( ret = asn1_get_len( p, end, &val->len ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]363 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]364
365 val->p = *p;
366 *p += val->len;
367
368 cur->next = NULL;
369
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]370 return( 0 );
371}
372
373/*
374 * RelativeDistinguishedName ::=
375 * SET OF AttributeTypeAndValue
376 *
377 * AttributeTypeAndValue ::= SEQUENCE {
378 * type AttributeType,
379 * value AttributeValue }
380 *
381 * AttributeType ::= OBJECT IDENTIFIER
382 *
383 * AttributeValue ::= ANY DEFINED BY AttributeType
384 */
385static int x509_get_name( unsigned char **p,
386 const unsigned char *end,
387 x509_name *cur )
388{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]389 int ret;
390 size_t len;
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]391 const unsigned char *end2;
392 x509_name *use;
393
394 if( ( ret = asn1_get_tag( p, end, &len,
395 ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]396 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]397
398 end2 = end;
399 end = *p + len;
400 use = cur;
401
402 do
403 {
404 if( ( ret = x509_get_attr_type_value( p, end, use ) ) != 0 )
405 return( ret );
406
407 if( *p != end )
408 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]409 use->next = (x509_name *) polarssl_malloc(
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]410 sizeof( x509_name ) );
411
412 if( use->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]413 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]414
415 memset( use->next, 0, sizeof( x509_name ) );
416
417 use = use->next;
418 }
419 }
420 while( *p != end );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]421
422 /*
423 * recurse until end of SEQUENCE is reached
424 */
425 if( *p == end2 )
426 return( 0 );
427
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]428 cur->next = (x509_name *) polarssl_malloc(
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]429 sizeof( x509_name ) );
430
431 if( cur->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]432 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]433
Paul Bakker430ffbe2012-05-01 08:14:20 +0000[diff] [blame]434 memset( cur->next, 0, sizeof( x509_name ) );
435
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]436 return( x509_get_name( p, end2, cur->next ) );
437}
438
439/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]440 * Time ::= CHOICE {
441 * utcTime UTCTime,
442 * generalTime GeneralizedTime }
443 */
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]444static int x509_get_time( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]445 const unsigned char *end,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]446 x509_time *time )
447{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]448 int ret;
449 size_t len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]450 char date[64];
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]451 unsigned char tag;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]452
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]453 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]454 return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
455 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]456
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]457 tag = **p;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]458
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]459 if ( tag == ASN1_UTC_TIME )
460 {
461 (*p)++;
462 ret = asn1_get_len( p, end, &len );
463
464 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]465 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]466
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]467 memset( date, 0, sizeof( date ) );
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]468 memcpy( date, *p, ( len < sizeof( date ) - 1 ) ?
469 len : sizeof( date ) - 1 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]470
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]471 if( sscanf( date, "%2d%2d%2d%2d%2d%2d",
472 &time->year, &time->mon, &time->day,
473 &time->hour, &time->min, &time->sec ) < 5 )
474 return( POLARSSL_ERR_X509_CERT_INVALID_DATE );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]475
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]476 time->year += 100 * ( time->year < 50 );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]477 time->year += 1900;
478
479 *p += len;
480
481 return( 0 );
482 }
483 else if ( tag == ASN1_GENERALIZED_TIME )
484 {
485 (*p)++;
486 ret = asn1_get_len( p, end, &len );
487
488 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]489 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]490
491 memset( date, 0, sizeof( date ) );
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]492 memcpy( date, *p, ( len < sizeof( date ) - 1 ) ?
493 len : sizeof( date ) - 1 );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]494
495 if( sscanf( date, "%4d%2d%2d%2d%2d%2d",
496 &time->year, &time->mon, &time->day,
497 &time->hour, &time->min, &time->sec ) < 5 )
498 return( POLARSSL_ERR_X509_CERT_INVALID_DATE );
499
500 *p += len;
501
502 return( 0 );
503 }
504 else
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]505 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]506}
507
508
509/*
510 * Validity ::= SEQUENCE {
511 * notBefore Time,
512 * notAfter Time }
513 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]514static int x509_get_dates( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]515 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]516 x509_time *from,
517 x509_time *to )
518{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]519 int ret;
520 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]521
522 if( ( ret = asn1_get_tag( p, end, &len,
523 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]524 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]525
526 end = *p + len;
527
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]528 if( ( ret = x509_get_time( p, end, from ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]529 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]530
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]531 if( ( ret = x509_get_time( p, end, to ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]532 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]533
534 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]535 return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]536 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]537
538 return( 0 );
539}
540
541/*
542 * SubjectPublicKeyInfo ::= SEQUENCE {
543 * algorithm AlgorithmIdentifier,
544 * subjectPublicKey BIT STRING }
545 */
546static int x509_get_pubkey( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]547 const unsigned char *end,
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame]548 rsa_context *rsa )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]549{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]550 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]551 size_t len;
Manuel Pégourié-Gonnard788db112013-07-09 11:26:17 +0200[diff] [blame]552 x509_buf pk_alg_oid;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]553 pk_type_t pk_alg = POLARSSL_PK_NONE;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]554
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame]555 if( ( ret = asn1_get_tag( p, end, &len,
556 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
557 {
558 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
559 }
560
561 end = *p + len;
562
Manuel Pégourié-Gonnard788db112013-07-09 11:26:17 +0200[diff] [blame]563 if( ( ret = asn1_get_alg_null( p, end, &pk_alg_oid ) ) != 0 )
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]564 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]565
566 /*
567 * only RSA public keys handled at this time
568 */
Manuel Pégourié-Gonnard788db112013-07-09 11:26:17 +0200[diff] [blame]569 if( oid_get_pk_alg( &pk_alg_oid, &pk_alg ) != 0 )
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]570 {
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]571 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]572 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]573
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]574 if (pk_alg != POLARSSL_PK_RSA )
575 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
576
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]577 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]578 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]579
580 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]581 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]582 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]583
Manuel Pégourié-Gonnardf16ac762013-07-09 12:26:00 +0200[diff] [blame^]584 if( *p + len != end )
585 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
586 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]587
588 if( *(*p)++ != 0 )
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]589 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]590
591 /*
592 * RSAPublicKey ::= SEQUENCE {
593 * modulus INTEGER, -- n
594 * publicExponent INTEGER -- e
595 * }
596 */
Manuel Pégourié-Gonnardf16ac762013-07-09 12:26:00 +0200[diff] [blame^]597 if( ( ret = asn1_get_tag( p, end, &len,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]598 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]599 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]600
Manuel Pégourié-Gonnardf16ac762013-07-09 12:26:00 +0200[diff] [blame^]601 if( *p + len != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]602 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]603 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]604
Manuel Pégourié-Gonnardf16ac762013-07-09 12:26:00 +0200[diff] [blame^]605 if( ( ret = asn1_get_mpi( p, end, &rsa->N ) ) != 0 ||
606 ( ret = asn1_get_mpi( p, end, &rsa->E ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]607 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]608
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame]609 if( ( ret = rsa_check_pubkey( rsa ) ) != 0 )
610 return( ret );
611
612 rsa->len = mpi_size( &rsa->N );
613
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]614 return( 0 );
615}
616
617static int x509_get_sig( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]618 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]619 x509_buf *sig )
620{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]621 int ret;
622 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]623
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]624 if( ( end - *p ) < 1 )
625 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE +
626 POLARSSL_ERR_ASN1_OUT_OF_DATA );
627
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]628 sig->tag = **p;
629
630 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]631 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]632
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]633
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]634 if( --len < 1 || *(*p)++ != 0 )
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]635 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]636
637 sig->len = len;
638 sig->p = *p;
639
640 *p += len;
641
642 return( 0 );
643}
644
645/*
646 * X.509 v2/v3 unique identifier (not parsed)
647 */
648static int x509_get_uid( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]649 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]650 x509_buf *uid, int n )
651{
652 int ret;
653
654 if( *p == end )
655 return( 0 );
656
657 uid->tag = **p;
658
659 if( ( ret = asn1_get_tag( p, end, &uid->len,
660 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n ) ) != 0 )
661 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]662 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]663 return( 0 );
664
665 return( ret );
666 }
667
668 uid->p = *p;
669 *p += uid->len;
670
671 return( 0 );
672}
673
674/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]675 * X.509 Extensions (No parsing of extensions, pointer should
676 * be either manually updated or extensions should be parsed!
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]677 */
678static int x509_get_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]679 const unsigned char *end,
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]680 x509_buf *ext, int tag )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]681{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]682 int ret;
683 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]684
685 if( *p == end )
686 return( 0 );
687
688 ext->tag = **p;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]689
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]690 if( ( ret = asn1_get_tag( p, end, &ext->len,
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]691 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | tag ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]692 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]693
694 ext->p = *p;
695 end = *p + ext->len;
696
697 /*
698 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
699 *
700 * Extension ::= SEQUENCE {
701 * extnID OBJECT IDENTIFIER,
702 * critical BOOLEAN DEFAULT FALSE,
703 * extnValue OCTET STRING }
704 */
705 if( ( ret = asn1_get_tag( p, end, &len,
706 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]707 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]708
709 if( end != *p + len )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]710 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]711 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]712
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]713 return( 0 );
714}
715
716/*
717 * X.509 CRL v2 extensions (no extensions parsed yet.)
718 */
719static int x509_get_crl_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]720 const unsigned char *end,
721 x509_buf *ext )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]722{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]723 int ret;
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]724 size_t len = 0;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]725
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]726 /* Get explicit tag */
727 if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]728 {
729 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
730 return( 0 );
731
732 return( ret );
733 }
734
735 while( *p < end )
736 {
737 if( ( ret = asn1_get_tag( p, end, &len,
738 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]739 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]740
741 *p += len;
742 }
743
744 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]745 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]746 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
747
748 return( 0 );
749}
750
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]751/*
752 * X.509 CRL v2 entry extensions (no extensions parsed yet.)
753 */
754static int x509_get_crl_entry_ext( unsigned char **p,
755 const unsigned char *end,
756 x509_buf *ext )
757{
758 int ret;
759 size_t len = 0;
760
761 /* OPTIONAL */
762 if (end <= *p)
763 return( 0 );
764
765 ext->tag = **p;
766 ext->p = *p;
767
768 /*
769 * Get CRL-entry extension sequence header
770 * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2
771 */
772 if( ( ret = asn1_get_tag( p, end, &ext->len,
773 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
774 {
775 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
776 {
777 ext->p = NULL;
778 return( 0 );
779 }
780 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
781 }
782
783 end = *p + ext->len;
784
785 if( end != *p + ext->len )
786 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
787 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
788
789 while( *p < end )
790 {
791 if( ( ret = asn1_get_tag( p, end, &len,
792 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
793 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
794
795 *p += len;
796 }
797
798 if( *p != end )
799 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
800 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
801
802 return( 0 );
803}
804
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]805static int x509_get_basic_constraints( unsigned char **p,
806 const unsigned char *end,
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]807 int *ca_istrue,
808 int *max_pathlen )
809{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]810 int ret;
811 size_t len;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]812
813 /*
814 * BasicConstraints ::= SEQUENCE {
815 * cA BOOLEAN DEFAULT FALSE,
816 * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
817 */
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]818 *ca_istrue = 0; /* DEFAULT FALSE */
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]819 *max_pathlen = 0; /* endless */
820
821 if( ( ret = asn1_get_tag( p, end, &len,
822 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]823 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]824
825 if( *p == end )
826 return 0;
827
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]828 if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 )
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]829 {
830 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]831 ret = asn1_get_int( p, end, ca_istrue );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]832
833 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]834 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]835
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]836 if( *ca_istrue != 0 )
837 *ca_istrue = 1;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]838 }
839
840 if( *p == end )
841 return 0;
842
843 if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]844 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]845
846 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]847 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]848 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
849
850 (*max_pathlen)++;
851
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]852 return 0;
853}
854
855static int x509_get_ns_cert_type( unsigned char **p,
856 const unsigned char *end,
857 unsigned char *ns_cert_type)
858{
859 int ret;
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]860 x509_bitstring bs = { 0, 0, NULL };
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]861
862 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]863 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]864
865 if( bs.len != 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]866 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]867 POLARSSL_ERR_ASN1_INVALID_LENGTH );
868
869 /* Get actual bitstring */
870 *ns_cert_type = *bs.p;
871 return 0;
872}
873
874static int x509_get_key_usage( unsigned char **p,
875 const unsigned char *end,
876 unsigned char *key_usage)
877{
878 int ret;
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]879 x509_bitstring bs = { 0, 0, NULL };
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]880
881 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]882 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]883
Paul Bakker94a67962012-08-23 13:03:52 +0000[diff] [blame]884 if( bs.len < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]885 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]886 POLARSSL_ERR_ASN1_INVALID_LENGTH );
887
888 /* Get actual bitstring */
889 *key_usage = *bs.p;
890 return 0;
891}
892
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]893/*
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]894 * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
895 *
896 * KeyPurposeId ::= OBJECT IDENTIFIER
897 */
898static int x509_get_ext_key_usage( unsigned char **p,
899 const unsigned char *end,
900 x509_sequence *ext_key_usage)
901{
902 int ret;
903
904 if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]905 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]906
907 /* Sequence length must be >= 1 */
908 if( ext_key_usage->buf.p == NULL )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]909 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]910 POLARSSL_ERR_ASN1_INVALID_LENGTH );
911
912 return 0;
913}
914
915/*
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]916 * SubjectAltName ::= GeneralNames
917 *
918 * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
919 *
920 * GeneralName ::= CHOICE {
921 * otherName [0] OtherName,
922 * rfc822Name [1] IA5String,
923 * dNSName [2] IA5String,
924 * x400Address [3] ORAddress,
925 * directoryName [4] Name,
926 * ediPartyName [5] EDIPartyName,
927 * uniformResourceIdentifier [6] IA5String,
928 * iPAddress [7] OCTET STRING,
929 * registeredID [8] OBJECT IDENTIFIER }
930 *
931 * OtherName ::= SEQUENCE {
932 * type-id OBJECT IDENTIFIER,
933 * value [0] EXPLICIT ANY DEFINED BY type-id }
934 *
935 * EDIPartyName ::= SEQUENCE {
936 * nameAssigner [0] DirectoryString OPTIONAL,
937 * partyName [1] DirectoryString }
938 *
939 * NOTE: PolarSSL only parses and uses dNSName at this point.
940 */
941static int x509_get_subject_alt_name( unsigned char **p,
942 const unsigned char *end,
943 x509_sequence *subject_alt_name )
944{
945 int ret;
946 size_t len, tag_len;
947 asn1_buf *buf;
948 unsigned char tag;
949 asn1_sequence *cur = subject_alt_name;
950
951 /* Get main sequence tag */
952 if( ( ret = asn1_get_tag( p, end, &len,
953 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
954 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
955
956 if( *p + len != end )
957 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
958 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
959
960 while( *p < end )
961 {
962 if( ( end - *p ) < 1 )
963 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
964 POLARSSL_ERR_ASN1_OUT_OF_DATA );
965
966 tag = **p;
967 (*p)++;
968 if( ( ret = asn1_get_len( p, end, &tag_len ) ) != 0 )
969 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
970
971 if( ( tag & ASN1_CONTEXT_SPECIFIC ) != ASN1_CONTEXT_SPECIFIC )
972 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
973 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
974
975 if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )
976 {
977 *p += tag_len;
978 continue;
979 }
980
981 buf = &(cur->buf);
982 buf->tag = tag;
983 buf->p = *p;
984 buf->len = tag_len;
985 *p += buf->len;
986
987 /* Allocate and assign next pointer */
988 if (*p < end)
989 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]990 cur->next = (asn1_sequence *) polarssl_malloc(
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]991 sizeof( asn1_sequence ) );
992
993 if( cur->next == NULL )
994 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
995 POLARSSL_ERR_ASN1_MALLOC_FAILED );
996
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]997 memset( cur->next, 0, sizeof( asn1_sequence ) );
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]998 cur = cur->next;
999 }
1000 }
1001
1002 /* Set final sequence entry's next pointer to NULL */
1003 cur->next = NULL;
1004
1005 if( *p != end )
1006 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
1007 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1008
1009 return( 0 );
1010}
1011
1012/*
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1013 * X.509 v3 extensions
1014 *
1015 * TODO: Perform all of the basic constraints tests required by the RFC
1016 * TODO: Set values for undetected extensions to a sane default?
1017 *
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1018 */
1019static int x509_get_crt_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1020 const unsigned char *end,
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1021 x509_cert *crt )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1022{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1023 int ret;
1024 size_t len;
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1025 unsigned char *end_ext_data, *end_ext_octet;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1026
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]1027 if( ( ret = x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1028 {
1029 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
1030 return( 0 );
1031
1032 return( ret );
1033 }
1034
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1035 while( *p < end )
1036 {
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1037 /*
1038 * Extension ::= SEQUENCE {
1039 * extnID OBJECT IDENTIFIER,
1040 * critical BOOLEAN DEFAULT FALSE,
1041 * extnValue OCTET STRING }
1042 */
1043 x509_buf extn_oid = {0, 0, NULL};
1044 int is_critical = 0; /* DEFAULT FALSE */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1045 int ext_type = 0;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1046
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1047 if( ( ret = asn1_get_tag( p, end, &len,
1048 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1049 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1050
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1051 end_ext_data = *p + len;
1052
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1053 /* Get extension ID */
1054 extn_oid.tag = **p;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1055
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1056 if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1057 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1058
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1059 extn_oid.p = *p;
1060 *p += extn_oid.len;
1061
1062 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1063 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1064 POLARSSL_ERR_ASN1_OUT_OF_DATA );
1065
1066 /* Get optional critical */
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1067 if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1068 ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1069 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1070
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1071 /* Data should be octet string type */
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1072 if( ( ret = asn1_get_tag( p, end_ext_data, &len,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1073 ASN1_OCTET_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1074 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1075
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1076 end_ext_octet = *p + len;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1077
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1078 if( end_ext_octet != end_ext_data )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1079 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1080 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1081
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1082 /*
1083 * Detect supported extensions
1084 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1085 ret = oid_get_x509_ext_type( &extn_oid, &ext_type );
1086
1087 if( ret != 0 )
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1088 {
1089 /* No parser found, skip extension */
1090 *p = end_ext_octet;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1091
Paul Bakker5c721f92011-07-27 16:51:09 +0000[diff] [blame]1092#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1093 if( is_critical )
1094 {
1095 /* Data is marked as critical: fail */
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1096 return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1097 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
1098 }
Paul Bakker5c721f92011-07-27 16:51:09 +0000[diff] [blame]1099#endif
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1100 continue;
1101 }
1102
1103 crt->ext_types |= ext_type;
1104
1105 switch( ext_type )
1106 {
1107 case EXT_BASIC_CONSTRAINTS:
1108 /* Parse basic constraints */
1109 if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
1110 &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
1111 return ( ret );
1112 break;
1113
1114 case EXT_KEY_USAGE:
1115 /* Parse key usage */
1116 if( ( ret = x509_get_key_usage( p, end_ext_octet,
1117 &crt->key_usage ) ) != 0 )
1118 return ( ret );
1119 break;
1120
1121 case EXT_EXTENDED_KEY_USAGE:
1122 /* Parse extended key usage */
1123 if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
1124 &crt->ext_key_usage ) ) != 0 )
1125 return ( ret );
1126 break;
1127
1128 case EXT_SUBJECT_ALT_NAME:
1129 /* Parse subject alt name */
1130 if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
1131 &crt->subject_alt_names ) ) != 0 )
1132 return ( ret );
1133 break;
1134
1135 case EXT_NS_CERT_TYPE:
1136 /* Parse netscape certificate type */
1137 if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
1138 &crt->ns_cert_type ) ) != 0 )
1139 return ( ret );
1140 break;
1141
1142 default:
1143 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1144 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1145 }
1146
1147 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1148 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1149 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1150
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1151 return( 0 );
1152}
1153
1154/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1155 * X.509 CRL Entries
1156 */
1157static int x509_get_entries( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1158 const unsigned char *end,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1159 x509_crl_entry *entry )
1160{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1161 int ret;
1162 size_t entry_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1163 x509_crl_entry *cur_entry = entry;
1164
1165 if( *p == end )
1166 return( 0 );
1167
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1168 if( ( ret = asn1_get_tag( p, end, &entry_len,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1169 ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
1170 {
1171 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
1172 return( 0 );
1173
1174 return( ret );
1175 }
1176
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1177 end = *p + entry_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1178
1179 while( *p < end )
1180 {
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1181 size_t len2;
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1182 const unsigned char *end2;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1183
1184 if( ( ret = asn1_get_tag( p, end, &len2,
1185 ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
1186 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1187 return( ret );
1188 }
1189
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1190 cur_entry->raw.tag = **p;
1191 cur_entry->raw.p = *p;
1192 cur_entry->raw.len = len2;
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1193 end2 = *p + len2;
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1194
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1195 if( ( ret = x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1196 return( ret );
1197
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1198 if( ( ret = x509_get_time( p, end2, &cur_entry->revocation_date ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1199 return( ret );
1200
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1201 if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->entry_ext ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1202 return( ret );
1203
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1204 if ( *p < end )
1205 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1206 cur_entry->next = polarssl_malloc( sizeof( x509_crl_entry ) );
Paul Bakkerb15b8512012-01-13 13:44:06 +0000[diff] [blame]1207
1208 if( cur_entry->next == NULL )
1209 return( POLARSSL_ERR_X509_MALLOC_FAILED );
1210
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1211 cur_entry = cur_entry->next;
1212 memset( cur_entry, 0, sizeof( x509_crl_entry ) );
1213 }
1214 }
1215
1216 return( 0 );
1217}
1218
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1219static int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
1220 pk_type_t *pk_alg )
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1221{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1222 int ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1223
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1224 if( ret != 0 )
1225 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG + ret );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1226
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1227 return( 0 );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1228}
1229
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1230/*
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1231 * Parse and fill a single X.509 certificate in DER format
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1232 */
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]1233static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
1234 size_t buflen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1235{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1236 int ret;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1237 size_t len;
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1238 unsigned char *p, *end, *crt_end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1239
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1240 /*
1241 * Check for valid input
1242 */
1243 if( crt == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1244 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1245
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1246 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1247
1248 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1249 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1250
1251 memcpy( p, buf, buflen );
1252
1253 buflen = 0;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1254
1255 crt->raw.p = p;
1256 crt->raw.len = len;
1257 end = p + len;
1258
1259 /*
1260 * Certificate ::= SEQUENCE {
1261 * tbsCertificate TBSCertificate,
1262 * signatureAlgorithm AlgorithmIdentifier,
1263 * signatureValue BIT STRING }
1264 */
1265 if( ( ret = asn1_get_tag( &p, end, &len,
1266 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1267 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1268 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1269 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1270 }
1271
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1272 if( len > (size_t) ( end - p ) )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1273 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1274 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1275 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1276 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1277 }
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1278 crt_end = p + len;
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1279
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1280 /*
1281 * TBSCertificate ::= SEQUENCE {
1282 */
1283 crt->tbs.p = p;
1284
1285 if( ( ret = asn1_get_tag( &p, end, &len,
1286 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1287 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1288 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1289 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1290 }
1291
1292 end = p + len;
1293 crt->tbs.len = end - crt->tbs.p;
1294
1295 /*
1296 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
1297 *
1298 * CertificateSerialNumber ::= INTEGER
1299 *
1300 * signature AlgorithmIdentifier
1301 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1302 if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
1303 ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
1304 ( ret = x509_get_alg( &p, end, &crt->sig_oid1, NULL ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1305 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1306 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1307 return( ret );
1308 }
1309
1310 crt->version++;
1311
1312 if( crt->version > 3 )
1313 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1314 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1315 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1316 }
1317
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1318 if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md,
1319 &crt->sig_pk ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1320 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1321 x509_free( crt );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1322 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1323 }
1324
1325 /*
1326 * issuer Name
1327 */
1328 crt->issuer_raw.p = p;
1329
1330 if( ( ret = asn1_get_tag( &p, end, &len,
1331 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1332 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1333 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1334 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1335 }
1336
1337 if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
1338 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1339 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1340 return( ret );
1341 }
1342
1343 crt->issuer_raw.len = p - crt->issuer_raw.p;
1344
1345 /*
1346 * Validity ::= SEQUENCE {
1347 * notBefore Time,
1348 * notAfter Time }
1349 *
1350 */
1351 if( ( ret = x509_get_dates( &p, end, &crt->valid_from,
1352 &crt->valid_to ) ) != 0 )
1353 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1354 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1355 return( ret );
1356 }
1357
1358 /*
1359 * subject Name
1360 */
1361 crt->subject_raw.p = p;
1362
1363 if( ( ret = asn1_get_tag( &p, end, &len,
1364 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1365 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1366 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1367 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1368 }
1369
Paul Bakkercefb3962012-06-27 11:51:09 +0000[diff] [blame]1370 if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1371 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1372 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1373 return( ret );
1374 }
1375
1376 crt->subject_raw.len = p - crt->subject_raw.p;
1377
1378 /*
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame]1379 * SubjectPublicKeyInfo
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1380 */
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame]1381 if( ( ret = x509_get_pubkey( &p, end,
1382 &crt->rsa ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1383 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1384 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1385 return( ret );
1386 }
1387
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1388 /*
1389 * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
1390 * -- If present, version shall be v2 or v3
1391 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
1392 * -- If present, version shall be v2 or v3
1393 * extensions [3] EXPLICIT Extensions OPTIONAL
1394 * -- If present, version shall be v3
1395 */
1396 if( crt->version == 2 || crt->version == 3 )
1397 {
1398 ret = x509_get_uid( &p, end, &crt->issuer_id, 1 );
1399 if( ret != 0 )
1400 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1401 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1402 return( ret );
1403 }
1404 }
1405
1406 if( crt->version == 2 || crt->version == 3 )
1407 {
1408 ret = x509_get_uid( &p, end, &crt->subject_id, 2 );
1409 if( ret != 0 )
1410 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1411 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1412 return( ret );
1413 }
1414 }
1415
1416 if( crt->version == 3 )
1417 {
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1418 ret = x509_get_crt_ext( &p, end, crt);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1419 if( ret != 0 )
1420 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1421 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1422 return( ret );
1423 }
1424 }
1425
1426 if( p != end )
1427 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1428 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1429 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1430 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1431 }
1432
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1433 end = crt_end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1434
1435 /*
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame]1436 * }
1437 * -- end of TBSCertificate
1438 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1439 * signatureAlgorithm AlgorithmIdentifier,
1440 * signatureValue BIT STRING
1441 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1442 if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, NULL ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1443 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1444 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1445 return( ret );
1446 }
1447
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]1448 if( crt->sig_oid1.len != crt->sig_oid2.len ||
1449 memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1450 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1451 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1452 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1453 }
1454
1455 if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 )
1456 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1457 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1458 return( ret );
1459 }
1460
1461 if( p != end )
1462 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1463 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1464 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1465 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1466 }
1467
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1468 return( 0 );
1469}
1470
1471/*
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1472 * Parse one X.509 certificate in DER format from a buffer and add them to a
1473 * chained list
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1474 */
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1475int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1476{
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1477 int ret;
1478 x509_cert *crt = chain, *prev = NULL;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1479
1480 /*
1481 * Check for valid input
1482 */
1483 if( crt == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1484 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1485
1486 while( crt->version != 0 && crt->next != NULL )
1487 {
1488 prev = crt;
1489 crt = crt->next;
1490 }
1491
1492 /*
1493 * Add new certificate on the end of the chain if needed.
1494 */
1495 if ( crt->version != 0 && crt->next == NULL)
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1496 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1497 crt->next = (x509_cert *) polarssl_malloc( sizeof( x509_cert ) );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1498
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1499 if( crt->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1500 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1501
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1502 prev = crt;
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1503 crt = crt->next;
1504 memset( crt, 0, sizeof( x509_cert ) );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1505 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1506
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1507 if( ( ret = x509parse_crt_der_core( crt, buf, buflen ) ) != 0 )
1508 {
1509 if( prev )
1510 prev->next = NULL;
1511
1512 if( crt != chain )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1513 polarssl_free( crt );
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1514
1515 return( ret );
1516 }
1517
1518 return( 0 );
1519}
1520
1521/*
1522 * Parse one or more PEM certificates from a buffer and add them to the chained list
1523 */
1524int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
1525{
1526 int ret, success = 0, first_error = 0, total_failed = 0;
1527 int buf_format = X509_FORMAT_DER;
1528
1529 /*
1530 * Check for valid input
1531 */
1532 if( chain == NULL || buf == NULL )
1533 return( POLARSSL_ERR_X509_INVALID_INPUT );
1534
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1535 /*
1536 * Determine buffer content. Buffer contains either one DER certificate or
1537 * one or more PEM certificates.
1538 */
1539#if defined(POLARSSL_PEM_C)
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]1540 if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1541 buf_format = X509_FORMAT_PEM;
1542#endif
1543
1544 if( buf_format == X509_FORMAT_DER )
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1545 return x509parse_crt_der( chain, buf, buflen );
1546
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1547#if defined(POLARSSL_PEM_C)
1548 if( buf_format == X509_FORMAT_PEM )
1549 {
1550 pem_context pem;
1551
1552 while( buflen > 0 )
1553 {
1554 size_t use_len;
1555 pem_init( &pem );
1556
1557 ret = pem_read_buffer( &pem,
1558 "-----BEGIN CERTIFICATE-----",
1559 "-----END CERTIFICATE-----",
1560 buf, NULL, 0, &use_len );
1561
1562 if( ret == 0 )
1563 {
1564 /*
1565 * Was PEM encoded
1566 */
1567 buflen -= use_len;
1568 buf += use_len;
1569 }
Paul Bakker5ed3b342013-06-24 19:05:46 +0200[diff] [blame]1570 else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
1571 {
1572 return( ret );
1573 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]1574 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1575 {
1576 pem_free( &pem );
1577
Paul Bakker5ed3b342013-06-24 19:05:46 +0200[diff] [blame]1578 /*
1579 * PEM header and footer were found
1580 */
1581 buflen -= use_len;
1582 buf += use_len;
1583
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1584 if( first_error == 0 )
1585 first_error = ret;
1586
1587 continue;
1588 }
1589 else
1590 break;
1591
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1592 ret = x509parse_crt_der( chain, pem.buf, pem.buflen );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1593
1594 pem_free( &pem );
1595
1596 if( ret != 0 )
1597 {
1598 /*
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1599 * Quit parsing on a memory error
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1600 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1601 if( ret == POLARSSL_ERR_X509_MALLOC_FAILED )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1602 return( ret );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1603
1604 if( first_error == 0 )
1605 first_error = ret;
1606
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1607 total_failed++;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1608 continue;
1609 }
1610
1611 success = 1;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1612 }
1613 }
1614#endif
1615
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1616 if( success )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1617 return( total_failed );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1618 else if( first_error )
1619 return( first_error );
1620 else
1621 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1622}
1623
1624/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1625 * Parse one or more CRLs and add them to the chained list
1626 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1627int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1628{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1629 int ret;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1630 size_t len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1631 unsigned char *p, *end;
1632 x509_crl *crl;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1633#if defined(POLARSSL_PEM_C)
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1634 size_t use_len;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1635 pem_context pem;
1636#endif
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1637
1638 crl = chain;
1639
1640 /*
1641 * Check for valid input
1642 */
1643 if( crl == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1644 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1645
1646 while( crl->version != 0 && crl->next != NULL )
1647 crl = crl->next;
1648
1649 /*
1650 * Add new CRL on the end of the chain if needed.
1651 */
1652 if ( crl->version != 0 && crl->next == NULL)
1653 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1654 crl->next = (x509_crl *) polarssl_malloc( sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1655
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1656 if( crl->next == NULL )
1657 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1658 x509_crl_free( crl );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1659 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1660 }
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1661
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1662 crl = crl->next;
1663 memset( crl, 0, sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1664 }
1665
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1666#if defined(POLARSSL_PEM_C)
1667 pem_init( &pem );
1668 ret = pem_read_buffer( &pem,
1669 "-----BEGIN X509 CRL-----",
1670 "-----END X509 CRL-----",
1671 buf, NULL, 0, &use_len );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1672
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1673 if( ret == 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1674 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1675 /*
1676 * Was PEM encoded
1677 */
1678 buflen -= use_len;
1679 buf += use_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1680
1681 /*
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1682 * Steal PEM buffer
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1683 */
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1684 p = pem.buf;
1685 pem.buf = NULL;
1686 len = pem.buflen;
1687 pem_free( &pem );
1688 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]1689 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1690 {
1691 pem_free( &pem );
1692 return( ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1693 }
1694 else
1695 {
1696 /*
1697 * nope, copy the raw DER data
1698 */
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1699 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1700
1701 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1702 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1703
1704 memcpy( p, buf, buflen );
1705
1706 buflen = 0;
1707 }
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1708#else
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1709 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1710
1711 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1712 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1713
1714 memcpy( p, buf, buflen );
1715
1716 buflen = 0;
1717#endif
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1718
1719 crl->raw.p = p;
1720 crl->raw.len = len;
1721 end = p + len;
1722
1723 /*
1724 * CertificateList ::= SEQUENCE {
1725 * tbsCertList TBSCertList,
1726 * signatureAlgorithm AlgorithmIdentifier,
1727 * signatureValue BIT STRING }
1728 */
1729 if( ( ret = asn1_get_tag( &p, end, &len,
1730 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1731 {
1732 x509_crl_free( crl );
1733 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
1734 }
1735
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1736 if( len != (size_t) ( end - p ) )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1737 {
1738 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1739 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1740 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1741 }
1742
1743 /*
1744 * TBSCertList ::= SEQUENCE {
1745 */
1746 crl->tbs.p = p;
1747
1748 if( ( ret = asn1_get_tag( &p, end, &len,
1749 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1750 {
1751 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1752 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1753 }
1754
1755 end = p + len;
1756 crl->tbs.len = end - crl->tbs.p;
1757
1758 /*
1759 * Version ::= INTEGER OPTIONAL { v1(0), v2(1) }
1760 * -- if present, MUST be v2
1761 *
1762 * signature AlgorithmIdentifier
1763 */
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]1764 if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1765 ( ret = x509_get_alg( &p, end, &crl->sig_oid1, NULL ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1766 {
1767 x509_crl_free( crl );
1768 return( ret );
1769 }
1770
1771 crl->version++;
1772
1773 if( crl->version > 2 )
1774 {
1775 x509_crl_free( crl );
1776 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION );
1777 }
1778
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1779 if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_md,
1780 &crl->sig_pk ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1781 {
1782 x509_crl_free( crl );
1783 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG );
1784 }
1785
1786 /*
1787 * issuer Name
1788 */
1789 crl->issuer_raw.p = p;
1790
1791 if( ( ret = asn1_get_tag( &p, end, &len,
1792 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1793 {
1794 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1795 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1796 }
1797
1798 if( ( ret = x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
1799 {
1800 x509_crl_free( crl );
1801 return( ret );
1802 }
1803
1804 crl->issuer_raw.len = p - crl->issuer_raw.p;
1805
1806 /*
1807 * thisUpdate Time
1808 * nextUpdate Time OPTIONAL
1809 */
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]1810 if( ( ret = x509_get_time( &p, end, &crl->this_update ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1811 {
1812 x509_crl_free( crl );
1813 return( ret );
1814 }
1815
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]1816 if( ( ret = x509_get_time( &p, end, &crl->next_update ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1817 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1818 if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1819 POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) &&
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1820 ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1821 POLARSSL_ERR_ASN1_OUT_OF_DATA ) )
Paul Bakker635f4b42009-07-20 20:34:41 +0000[diff] [blame]1822 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1823 x509_crl_free( crl );
1824 return( ret );
1825 }
1826 }
1827
1828 /*
1829 * revokedCertificates SEQUENCE OF SEQUENCE {
1830 * userCertificate CertificateSerialNumber,
1831 * revocationDate Time,
1832 * crlEntryExtensions Extensions OPTIONAL
1833 * -- if present, MUST be v2
1834 * } OPTIONAL
1835 */
1836 if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 )
1837 {
1838 x509_crl_free( crl );
1839 return( ret );
1840 }
1841
1842 /*
1843 * crlExtensions EXPLICIT Extensions OPTIONAL
1844 * -- if present, MUST be v2
1845 */
1846 if( crl->version == 2 )
1847 {
1848 ret = x509_get_crl_ext( &p, end, &crl->crl_ext );
1849
1850 if( ret != 0 )
1851 {
1852 x509_crl_free( crl );
1853 return( ret );
1854 }
1855 }
1856
1857 if( p != end )
1858 {
1859 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1860 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1861 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1862 }
1863
1864 end = crl->raw.p + crl->raw.len;
1865
1866 /*
1867 * signatureAlgorithm AlgorithmIdentifier,
1868 * signatureValue BIT STRING
1869 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1870 if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, NULL ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1871 {
1872 x509_crl_free( crl );
1873 return( ret );
1874 }
1875
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]1876 if( crl->sig_oid1.len != crl->sig_oid2.len ||
1877 memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1878 {
1879 x509_crl_free( crl );
1880 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
1881 }
1882
1883 if( ( ret = x509_get_sig( &p, end, &crl->sig ) ) != 0 )
1884 {
1885 x509_crl_free( crl );
1886 return( ret );
1887 }
1888
1889 if( p != end )
1890 {
1891 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1892 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1893 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1894 }
1895
1896 if( buflen > 0 )
1897 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1898 crl->next = (x509_crl *) polarssl_malloc( sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1899
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1900 if( crl->next == NULL )
1901 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1902 x509_crl_free( crl );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1903 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1904 }
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1905
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1906 crl = crl->next;
1907 memset( crl, 0, sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1908
1909 return( x509parse_crl( crl, buf, buflen ) );
1910 }
1911
1912 return( 0 );
1913}
1914
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]1915#if defined(POLARSSL_FS_IO)
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1916/*
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1917 * Load all data from a file into a given buffer.
1918 */
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]1919static int load_file( const char *path, unsigned char **buf, size_t *n )
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1920{
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1921 FILE *f;
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1922
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1923 if( ( f = fopen( path, "rb" ) ) == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1924 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1925
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1926 fseek( f, 0, SEEK_END );
1927 *n = (size_t) ftell( f );
1928 fseek( f, 0, SEEK_SET );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1929
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1930 if( ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL )
Paul Bakkerf6a19bd2013-05-14 13:26:51 +0200[diff] [blame]1931 {
1932 fclose( f );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1933 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakkerf6a19bd2013-05-14 13:26:51 +0200[diff] [blame]1934 }
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1935
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1936 if( fread( *buf, 1, *n, f ) != *n )
1937 {
1938 fclose( f );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1939 polarssl_free( *buf );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1940 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1941 }
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1942
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1943 fclose( f );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1944
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1945 (*buf)[*n] = '\0';
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1946
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1947 return( 0 );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1948}
1949
1950/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1951 * Load one or more certificates and add them to the chained list
1952 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1953int x509parse_crtfile( x509_cert *chain, const char *path )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1954{
1955 int ret;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1956 size_t n;
1957 unsigned char *buf;
1958
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]1959 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1960 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1961
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1962 ret = x509parse_crt( chain, buf, n );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1963
1964 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1965 polarssl_free( buf );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1966
1967 return( ret );
1968}
1969
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1970int x509parse_crtpath( x509_cert *chain, const char *path )
1971{
1972 int ret = 0;
1973#if defined(_WIN32)
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1974 int w_ret;
1975 WCHAR szDir[MAX_PATH];
1976 char filename[MAX_PATH];
1977 char *p;
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1978 int len = strlen( path );
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1979
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]1980 WIN32_FIND_DATAW file_data;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1981 HANDLE hFind;
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1982
1983 if( len > MAX_PATH - 3 )
1984 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1985
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1986 memset( szDir, 0, sizeof(szDir) );
1987 memset( filename, 0, MAX_PATH );
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1988 memcpy( filename, path, len );
1989 filename[len++] = '\\';
1990 p = filename + len;
1991 filename[len++] = '*';
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1992
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1993 w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1994
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]1995 hFind = FindFirstFileW( szDir, &file_data );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1996 if (hFind == INVALID_HANDLE_VALUE)
1997 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
1998
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1999 len = MAX_PATH - len;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2000 do
2001 {
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2002 memset( p, 0, len );
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2003
Paul Bakkere4791f32012-06-04 21:29:15 +0000[diff] [blame]2004 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2005 continue;
2006
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2007 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
2008 lstrlenW(file_data.cFileName),
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2009 p, len - 1,
2010 NULL, NULL );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2011
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2012 w_ret = x509parse_crtfile( chain, filename );
2013 if( w_ret < 0 )
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2014 ret++;
2015 else
2016 ret += w_ret;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2017 }
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]2018 while( FindNextFileW( hFind, &file_data ) != 0 );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2019
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2020 if (GetLastError() != ERROR_NO_MORE_FILES)
2021 ret = POLARSSL_ERR_X509_FILE_IO_ERROR;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2022
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2023cleanup:
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2024 FindClose( hFind );
2025#else
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2026 int t_ret, i;
2027 struct stat sb;
2028 struct dirent entry, *result = NULL;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2029 char entry_name[255];
2030 DIR *dir = opendir( path );
2031
2032 if( dir == NULL)
2033 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2034
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2035 while( ( t_ret = readdir_r( dir, &entry, &result ) ) == 0 )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2036 {
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2037 if( result == NULL )
2038 break;
2039
2040 snprintf( entry_name, sizeof(entry_name), "%s/%s", path, entry.d_name );
2041
2042 i = stat( entry_name, &sb );
2043
2044 if( i == -1 )
2045 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2046
2047 if( !S_ISREG( sb.st_mode ) )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2048 continue;
2049
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2050 // Ignore parse errors
2051 //
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2052 t_ret = x509parse_crtfile( chain, entry_name );
2053 if( t_ret < 0 )
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2054 ret++;
2055 else
2056 ret += t_ret;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2057 }
2058 closedir( dir );
2059#endif
2060
2061 return( ret );
2062}
2063
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2064/*
2065 * Load one or more CRLs and add them to the chained list
2066 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]2067int x509parse_crlfile( x509_crl *chain, const char *path )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2068{
2069 int ret;
2070 size_t n;
2071 unsigned char *buf;
2072
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2073 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2074 return( ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2075
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]2076 ret = x509parse_crl( chain, buf, n );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2077
2078 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2079 polarssl_free( buf );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2080
2081 return( ret );
2082}
2083
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2084/*
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2085 * Load and parse a private RSA key
2086 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2087int x509parse_keyfile_rsa( rsa_context *rsa, const char *path, const char *pwd )
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2088{
2089 int ret;
2090 size_t n;
2091 unsigned char *buf;
2092
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2093 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2094 return( ret );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2095
2096 if( pwd == NULL )
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2097 ret = x509parse_key_rsa( rsa, buf, n, NULL, 0 );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2098 else
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2099 ret = x509parse_key_rsa( rsa, buf, n,
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]2100 (const unsigned char *) pwd, strlen( pwd ) );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2101
2102 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2103 polarssl_free( buf );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2104
2105 return( ret );
2106}
2107
2108/*
2109 * Load and parse a public RSA key
2110 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2111int x509parse_public_keyfile_rsa( rsa_context *rsa, const char *path )
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2112{
2113 int ret;
2114 size_t n;
2115 unsigned char *buf;
2116
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2117 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2118 return( ret );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2119
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2120 ret = x509parse_public_key_rsa( rsa, buf, n );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2121
2122 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2123 polarssl_free( buf );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2124
2125 return( ret );
2126}
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2127
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2128/*
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2129 * Load and parse a private key
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2130 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2131int x509parse_keyfile( pk_context *ctx,
2132 const char *path, const char *pwd )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2133{
2134 int ret;
2135 size_t n;
2136 unsigned char *buf;
2137
2138 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
2139 return( ret );
2140
2141 if( pwd == NULL )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2142 ret = x509parse_key( ctx, buf, n, NULL, 0 );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2143 else
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2144 ret = x509parse_key( ctx, buf, n,
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2145 (const unsigned char *) pwd, strlen( pwd ) );
2146
2147 memset( buf, 0, n + 1 );
2148 free( buf );
2149
2150 return( ret );
2151}
2152
2153/*
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2154 * Load and parse a public key
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2155 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2156int x509parse_public_keyfile( pk_context *ctx, const char *path )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2157{
2158 int ret;
2159 size_t n;
2160 unsigned char *buf;
2161
2162 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
2163 return( ret );
2164
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2165 ret = x509parse_public_key( ctx, buf, n );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2166
2167 memset( buf, 0, n + 1 );
2168 free( buf );
2169
2170 return( ret );
2171}
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2172
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2173#endif /* POLARSSL_FS_IO */
2174
2175/*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2176 * Parse a PKCS#1 encoded private RSA key
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2177 */
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2178static int x509parse_key_pkcs1_der( rsa_context *rsa,
2179 const unsigned char *key,
2180 size_t keylen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2181{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]2182 int ret;
2183 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2184 unsigned char *p, *end;
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]2185
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2186 p = (unsigned char *) key;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2187 end = p + keylen;
2188
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2189 /*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2190 * This function parses the RSAPrivateKey (PKCS#1)
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]2191 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2192 * RSAPrivateKey ::= SEQUENCE {
2193 * version Version,
2194 * modulus INTEGER, -- n
2195 * publicExponent INTEGER, -- e
2196 * privateExponent INTEGER, -- d
2197 * prime1 INTEGER, -- p
2198 * prime2 INTEGER, -- q
2199 * exponent1 INTEGER, -- d mod (p-1)
2200 * exponent2 INTEGER, -- d mod (q-1)
2201 * coefficient INTEGER, -- (inverse of q) mod p
2202 * otherPrimeInfos OtherPrimeInfos OPTIONAL
2203 * }
2204 */
2205 if( ( ret = asn1_get_tag( &p, end, &len,
2206 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2207 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2208 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2209 }
2210
2211 end = p + len;
2212
2213 if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
2214 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2215 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2216 }
2217
2218 if( rsa->ver != 0 )
2219 {
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2220 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2221 }
2222
2223 if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
2224 ( ret = asn1_get_mpi( &p, end, &rsa->E ) ) != 0 ||
2225 ( ret = asn1_get_mpi( &p, end, &rsa->D ) ) != 0 ||
2226 ( ret = asn1_get_mpi( &p, end, &rsa->P ) ) != 0 ||
2227 ( ret = asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 ||
2228 ( ret = asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 ||
2229 ( ret = asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 ||
2230 ( ret = asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 )
2231 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2232 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2233 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2234 }
2235
2236 rsa->len = mpi_size( &rsa->N );
2237
2238 if( p != end )
2239 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2240 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2241 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]2242 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2243 }
2244
2245 if( ( ret = rsa_check_privkey( rsa ) ) != 0 )
2246 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2247 rsa_free( rsa );
2248 return( ret );
2249 }
2250
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2251 return( 0 );
2252}
2253
2254/*
2255 * Parse an unencrypted PKCS#8 encoded private RSA key
2256 */
2257static int x509parse_key_pkcs8_unencrypted_der(
2258 rsa_context *rsa,
2259 const unsigned char *key,
2260 size_t keylen )
2261{
2262 int ret;
2263 size_t len;
2264 unsigned char *p, *end;
2265 x509_buf pk_alg_oid;
2266 pk_type_t pk_alg = POLARSSL_PK_NONE;
2267
2268 p = (unsigned char *) key;
2269 end = p + keylen;
2270
2271 /*
2272 * This function parses the PrivatKeyInfo object (PKCS#8)
2273 *
2274 * PrivateKeyInfo ::= SEQUENCE {
2275 * version Version,
2276 * algorithm AlgorithmIdentifier,
2277 * PrivateKey BIT STRING
2278 * }
2279 *
2280 * AlgorithmIdentifier ::= SEQUENCE {
2281 * algorithm OBJECT IDENTIFIER,
2282 * parameters ANY DEFINED BY algorithm OPTIONAL
2283 * }
2284 *
2285 * The PrivateKey BIT STRING is a PKCS#1 RSAPrivateKey
2286 */
2287 if( ( ret = asn1_get_tag( &p, end, &len,
2288 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2289 {
2290 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2291 }
2292
2293 end = p + len;
2294
2295 if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
2296 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2297
2298 if( rsa->ver != 0 )
2299 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
2300
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2301 if( ( ret = asn1_get_alg_null( &p, end, &pk_alg_oid ) ) != 0 )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2302 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2303
2304 /*
2305 * only RSA keys handled at this time
2306 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2307 if( oid_get_pk_alg( &pk_alg_oid, &pk_alg ) != 0 )
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]2308 {
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2309 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]2310 }
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2311
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2312 if (pk_alg != POLARSSL_PK_RSA )
2313 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
2314
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2315 /*
2316 * Get the OCTET STRING and parse the PKCS#1 format inside
2317 */
2318 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2319 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2320
2321 if( ( end - p ) < 1 )
2322 {
2323 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
2324 POLARSSL_ERR_ASN1_OUT_OF_DATA );
2325 }
2326
2327 end = p + len;
2328
2329 if( ( ret = x509parse_key_pkcs1_der( rsa, p, end - p ) ) != 0 )
2330 return( ret );
2331
2332 return( 0 );
2333}
2334
2335/*
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2336 * Decrypt the content of a PKCS#8 EncryptedPrivateKeyInfo
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2337 */
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2338static int x509parse_pkcs8_decrypt( unsigned char *buf, size_t buflen,
2339 size_t *used_len,
2340 const unsigned char *key, size_t keylen,
2341 const unsigned char *pwd, size_t pwdlen )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2342{
2343 int ret;
2344 size_t len;
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2345 unsigned char *p, *end;
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2346 x509_buf pbe_alg_oid, pbe_params;
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2347#if defined(POLARSSL_PKCS12_C)
2348 cipher_type_t cipher_alg;
2349 md_type_t md_alg;
2350#endif
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2351
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2352 memset(buf, 0, buflen);
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2353
2354 p = (unsigned char *) key;
2355 end = p + keylen;
2356
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2357 if( pwdlen == 0 )
2358 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
2359
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2360 /*
2361 * This function parses the EncryptedPrivatKeyInfo object (PKCS#8)
2362 *
2363 * EncryptedPrivateKeyInfo ::= SEQUENCE {
2364 * encryptionAlgorithm EncryptionAlgorithmIdentifier,
2365 * encryptedData EncryptedData
2366 * }
2367 *
2368 * EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
2369 *
2370 * EncryptedData ::= OCTET STRING
2371 *
2372 * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
2373 */
2374 if( ( ret = asn1_get_tag( &p, end, &len,
2375 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2376 {
2377 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2378 }
2379
2380 end = p + len;
2381
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2382 if( ( ret = asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2383 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2384
2385 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2386 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2387
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2388 if( len > buflen )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2389 return( POLARSSL_ERR_X509_INVALID_INPUT );
2390
2391 /*
2392 * Decrypt EncryptedData with appropriate PDE
2393 */
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2394#if defined(POLARSSL_PKCS12_C)
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2395 if( oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2396 {
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2397 if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT,
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2398 cipher_alg, md_alg,
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2399 pwd, pwdlen, p, len, buf ) ) != 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2400 {
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2401 if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH )
2402 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2403
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2404 return( ret );
2405 }
2406 }
2407 else if( OID_CMP( OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) )
2408 {
2409 if( ( ret = pkcs12_pbe_sha1_rc4_128( &pbe_params,
2410 PKCS12_PBE_DECRYPT,
2411 pwd, pwdlen,
2412 p, len, buf ) ) != 0 )
2413 {
2414 return( ret );
2415 }
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2416
2417 // Best guess for password mismatch when using RC4. If first tag is
2418 // not ASN1_CONSTRUCTED | ASN1_SEQUENCE
2419 //
2420 if( *buf != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
2421 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2422 }
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2423 else
2424#endif /* POLARSSL_PKCS12_C */
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2425#if defined(POLARSSL_PKCS5_C)
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2426 if( OID_CMP( OID_PKCS5_PBES2, &pbe_alg_oid ) )
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2427 {
2428 if( ( ret = pkcs5_pbes2( &pbe_params, PKCS5_DECRYPT, pwd, pwdlen,
2429 p, len, buf ) ) != 0 )
2430 {
2431 if( ret == POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH )
2432 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2433
2434 return( ret );
2435 }
2436 }
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2437 else
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2438#endif /* POLARSSL_PKCS5_C */
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2439 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
2440
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2441 *used_len = len;
2442 return( 0 );
2443}
2444
2445/*
2446 * Parse an encrypted PKCS#8 encoded private RSA key
2447 */
2448static int x509parse_key_pkcs8_encrypted_der(
2449 rsa_context *rsa,
2450 const unsigned char *key, size_t keylen,
2451 const unsigned char *pwd, size_t pwdlen )
2452{
2453 int ret;
2454 unsigned char buf[2048];
2455 size_t len = 0;
2456
2457 if( ( ret = x509parse_pkcs8_decrypt( buf, sizeof( buf ), &len,
2458 key, keylen, pwd, pwdlen ) ) != 0 )
2459 {
2460 return( ret );
2461 }
2462
2463 return( x509parse_key_pkcs8_unencrypted_der( rsa, buf, len ) );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2464}
2465
2466/*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2467 * Parse a private RSA key
2468 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2469int x509parse_key_rsa( rsa_context *rsa,
2470 const unsigned char *key, size_t keylen,
2471 const unsigned char *pwd, size_t pwdlen )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2472{
2473 int ret;
2474
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2475#if defined(POLARSSL_PEM_C)
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2476 size_t len;
2477 pem_context pem;
2478
2479 pem_init( &pem );
2480 ret = pem_read_buffer( &pem,
2481 "-----BEGIN RSA PRIVATE KEY-----",
2482 "-----END RSA PRIVATE KEY-----",
2483 key, pwd, pwdlen, &len );
2484 if( ret == 0 )
2485 {
2486 if( ( ret = x509parse_key_pkcs1_der( rsa, pem.buf, pem.buflen ) ) != 0 )
2487 {
2488 rsa_free( rsa );
2489 }
2490
2491 pem_free( &pem );
2492 return( ret );
2493 }
Paul Bakkera4232a72013-06-24 19:32:25 +0200[diff] [blame]2494 else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH )
2495 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2496 else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED )
2497 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2498 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2499 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2500
2501 ret = pem_read_buffer( &pem,
2502 "-----BEGIN PRIVATE KEY-----",
2503 "-----END PRIVATE KEY-----",
2504 key, NULL, 0, &len );
2505 if( ret == 0 )
2506 {
2507 if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa,
2508 pem.buf, pem.buflen ) ) != 0 )
2509 {
2510 rsa_free( rsa );
2511 }
2512
2513 pem_free( &pem );
2514 return( ret );
2515 }
2516 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2517 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2518
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2519 ret = pem_read_buffer( &pem,
2520 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
2521 "-----END ENCRYPTED PRIVATE KEY-----",
2522 key, NULL, 0, &len );
2523 if( ret == 0 )
2524 {
2525 if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa,
2526 pem.buf, pem.buflen,
2527 pwd, pwdlen ) ) != 0 )
2528 {
2529 rsa_free( rsa );
2530 }
2531
2532 pem_free( &pem );
2533 return( ret );
2534 }
2535 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2536 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2537#else
2538 ((void) pwd);
2539 ((void) pwdlen);
2540#endif /* POLARSSL_PEM_C */
2541
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2542 /*
2543 * At this point we only know it's not a PEM formatted key. Could be any
2544 * of the known DER encoded private key formats
2545 *
2546 * We try the different DER format parsers to see if one passes without
2547 * error
2548 */
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2549 if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa, key, keylen,
2550 pwd, pwdlen ) ) == 0 )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2551 {
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2552 return( 0 );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2553 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2554
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2555 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2556
2557 if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH )
2558 {
2559 return( ret );
2560 }
2561
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2562 if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa, key, keylen ) ) == 0 )
2563 return( 0 );
2564
2565 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2566
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2567 if( ( ret = x509parse_key_pkcs1_der( rsa, key, keylen ) ) == 0 )
2568 return( 0 );
2569
2570 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2571
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2572 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2573}
2574
2575/*
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2576 * Parse a public RSA key
2577 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2578int x509parse_public_key_rsa( rsa_context *rsa,
2579 const unsigned char *key, size_t keylen )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2580{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]2581 int ret;
2582 size_t len;
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2583 unsigned char *p, *end;
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2584#if defined(POLARSSL_PEM_C)
2585 pem_context pem;
2586
2587 pem_init( &pem );
2588 ret = pem_read_buffer( &pem,
2589 "-----BEGIN PUBLIC KEY-----",
2590 "-----END PUBLIC KEY-----",
2591 key, NULL, 0, &len );
2592
2593 if( ret == 0 )
2594 {
2595 /*
2596 * Was PEM encoded
2597 */
2598 keylen = pem.buflen;
2599 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]2600 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2601 {
2602 pem_free( &pem );
2603 return( ret );
2604 }
2605
2606 p = ( ret == 0 ) ? pem.buf : (unsigned char *) key;
2607#else
2608 p = (unsigned char *) key;
2609#endif
2610 end = p + keylen;
2611
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame]2612 if( ( ret = x509_get_pubkey( &p, end, rsa ) ) != 0 )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2613 {
2614#if defined(POLARSSL_PEM_C)
2615 pem_free( &pem );
2616#endif
2617 rsa_free( rsa );
2618 return( ret );
2619 }
2620
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2621#if defined(POLARSSL_PEM_C)
2622 pem_free( &pem );
2623#endif
2624
2625 return( 0 );
2626}
2627
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2628#if defined(POLARSSL_ECP_C)
2629/*
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2630 * Parse a SEC1 encoded private EC key
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2631 */
2632static int x509parse_key_sec1_der( ecp_keypair *eck,
2633 const unsigned char *key,
2634 size_t keylen )
2635{
2636 int ret;
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2637 int version;
2638 size_t len;
2639 ecp_group_id grp_id;
2640 unsigned char *p = (unsigned char *) key;
2641 unsigned char *end = p + keylen;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2642
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2643 /*
2644 * RFC 5915, orf SEC1 Appendix C.4
2645 *
2646 * ECPrivateKey ::= SEQUENCE {
2647 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
2648 * privateKey OCTET STRING,
2649 * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
2650 * publicKey [1] BIT STRING OPTIONAL
2651 * }
2652 */
2653 if( ( ret = asn1_get_tag( &p, end, &len,
2654 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2655 {
2656 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2657 }
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2658
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2659 end = p + len;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2660
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2661 if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 )
2662 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2663
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2664 if( version != 1 )
2665 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION );
2666
2667 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2668 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2669
2670 if( ( ret = mpi_read_binary( &eck->d, p, len ) ) != 0 )
2671 {
2672 ecp_keypair_free( eck );
2673 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2674 }
2675
2676 p += len;
2677
2678 /*
2679 * Is 'parameters' present?
2680 */
2681 if( ( ret = asn1_get_tag( &p, end, &len,
2682 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 )
2683 {
2684 if( ( ret = x509_get_ecparams( &p, p + len, &grp_id) ) != 0 )
2685 return( ret );
2686
Manuel Pégourié-Gonnardd4ec21d2013-07-04 12:04:57 +0200[diff] [blame]2687 /*
2688 * If we're wrapped in a bigger structure (eg PKCS#8), grp may have been
2689 * defined externally. In this case, make sure both definitions match.
2690 */
2691 if( eck->grp.id != 0 )
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2692 {
Manuel Pégourié-Gonnardd4ec21d2013-07-04 12:04:57 +0200[diff] [blame]2693 if( eck->grp.id != grp_id )
2694 {
2695 ecp_keypair_free( eck );
2696 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2697 }
2698 }
2699 else
2700 {
2701 if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
2702 {
2703 ecp_keypair_free( eck );
2704 return( ret );
2705 }
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2706 }
2707 }
2708 else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
2709 {
2710 ecp_keypair_free( eck );
2711 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2712 }
2713
2714 /*
2715 * Is 'publickey' present?
2716 */
2717 if( ( ret = asn1_get_tag( &p, end, &len,
2718 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 )
2719 {
2720 if( ( ret = x509_get_subpubkey_ec( &p, p + len, &eck->grp, &eck->Q ) )
2721 != 0 )
2722 {
2723 ecp_keypair_free( eck );
2724 return( ret );
2725 }
2726
2727 if( ( ret = ecp_check_pubkey( &eck->grp, &eck->Q ) ) != 0 )
2728 {
2729 ecp_keypair_free( eck );
2730 return( ret );
2731 }
2732 }
2733 else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
2734 {
2735 ecp_keypair_free( eck );
2736 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2737 }
2738
Manuel Pégourié-Gonnardde44a4a2013-07-09 16:05:52 +0200[diff] [blame]2739 if( ( ret = ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2740 {
2741 ecp_keypair_free( eck );
2742 return( ret );
2743 }
2744
2745 return 0;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2746}
2747
2748/*
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2749 * Parse an unencrypted PKCS#8 encoded private EC key
2750 */
2751static int x509parse_key_pkcs8_unencrypted_der_ec(
2752 ecp_keypair *eck,
2753 const unsigned char* key,
2754 size_t keylen )
2755{
2756 int ret, version;
2757 size_t len;
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2758 x509_buf alg_params;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2759 ecp_group_id grp_id;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2760 unsigned char *p = (unsigned char *) key;
2761 unsigned char *end = p + keylen;
2762 pk_type_t pk_alg = POLARSSL_PK_NONE;
2763
2764 /*
2765 * This function parses the PrivatKeyInfo object (PKCS#8 v1.2 = RFC 5208)
2766 *
2767 * PrivateKeyInfo ::= SEQUENCE {
2768 * version Version,
2769 * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
2770 * privateKey PrivateKey,
2771 * attributes [0] IMPLICIT Attributes OPTIONAL }
2772 *
2773 * Version ::= INTEGER
2774 * PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
2775 * PrivateKey ::= OCTET STRING
2776 *
2777 * The PrivateKey OCTET STRING is a SEC1 ECPrivateKey
2778 */
2779
2780 if( ( ret = asn1_get_tag( &p, end, &len,
2781 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2782 {
2783 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2784 }
2785
2786 end = p + len;
2787
2788 if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 )
2789 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2790
2791 if( version != 0 )
2792 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
2793
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2794 if( ( ret = x509_get_algid( &p, end, &pk_alg, &alg_params ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2795 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2796
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2797 if( pk_alg != POLARSSL_PK_ECKEY && pk_alg != POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2798 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2799
2800 if( pk_alg == POLARSSL_PK_ECKEY_DH )
2801 eck->alg = POLARSSL_ECP_KEY_ALG_ECDH;
2802
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2803 if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2804 {
2805 ecp_keypair_free( eck );
2806 return( ret );
2807 }
2808
2809 if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
2810 {
2811 ecp_keypair_free( eck );
2812 return( ret );
2813 }
2814
2815 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2816 {
2817 ecp_keypair_free( eck );
2818 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2819 }
2820
2821 if( ( ret = x509parse_key_sec1_der( eck, p, len ) ) != 0 )
2822 {
2823 ecp_keypair_free( eck );
2824 return( ret );
2825 }
2826
Manuel Pégourié-Gonnardde44a4a2013-07-09 16:05:52 +0200[diff] [blame]2827 if( ( ret = ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2828 {
2829 ecp_keypair_free( eck );
2830 return( ret );
2831 }
2832
2833 return 0;
2834}
2835
2836/*
2837 * Parse an encrypted PKCS#8 encoded private EC key
2838 */
2839static int x509parse_key_pkcs8_encrypted_der_ec(
2840 ecp_keypair *eck,
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2841 const unsigned char *key, size_t keylen,
2842 const unsigned char *pwd, size_t pwdlen )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2843{
2844 int ret;
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2845 unsigned char buf[2048];
2846 size_t len = 0;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2847
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2848 if( ( ret = x509parse_pkcs8_decrypt( buf, sizeof( buf ), &len,
2849 key, keylen, pwd, pwdlen ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2850 {
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2851 return( ret );
2852 }
2853
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2854 return( x509parse_key_pkcs8_unencrypted_der_ec( eck, buf, len ) );
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2855}
2856
2857/*
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2858 * Parse a private EC key
2859 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2860static int x509parse_key_ec( ecp_keypair *eck,
2861 const unsigned char *key, size_t keylen,
2862 const unsigned char *pwd, size_t pwdlen )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2863{
2864 int ret;
2865
2866#if defined(POLARSSL_PEM_C)
2867 size_t len;
2868 pem_context pem;
2869
2870 pem_init( &pem );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2871 ret = pem_read_buffer( &pem,
2872 "-----BEGIN EC PRIVATE KEY-----",
2873 "-----END EC PRIVATE KEY-----",
2874 key, pwd, pwdlen, &len );
2875 if( ret == 0 )
2876 {
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2877 if( ( ret = x509parse_key_sec1_der( eck, pem.buf, pem.buflen ) ) != 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2878 {
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2879 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2880 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2881
2882 pem_free( &pem );
2883 return( ret );
2884 }
2885 else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH )
2886 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2887 else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED )
2888 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
2889 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2890 return( ret );
2891
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2892 ret = pem_read_buffer( &pem,
2893 "-----BEGIN PRIVATE KEY-----",
2894 "-----END PRIVATE KEY-----",
2895 key, NULL, 0, &len );
2896 if( ret == 0 )
2897 {
2898 if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
2899 pem.buf, pem.buflen ) ) != 0 )
2900 {
2901 ecp_keypair_free( eck );
2902 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2903
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2904 pem_free( &pem );
2905 return( ret );
2906 }
2907 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2908 return( ret );
2909
2910 ret = pem_read_buffer( &pem,
2911 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
2912 "-----END ENCRYPTED PRIVATE KEY-----",
2913 key, NULL, 0, &len );
2914 if( ret == 0 )
2915 {
2916 if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck,
2917 pem.buf, pem.buflen,
2918 pwd, pwdlen ) ) != 0 )
2919 {
2920 ecp_keypair_free( eck );
2921 }
2922
2923 pem_free( &pem );
2924 return( ret );
2925 }
2926 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2927 return( ret );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2928#else
2929 ((void) pwd);
2930 ((void) pwdlen);
2931#endif /* POLARSSL_PEM_C */
2932
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2933 /*
2934 * At this point we only know it's not a PEM formatted key. Could be any
2935 * of the known DER encoded private key formats
2936 *
2937 * We try the different DER format parsers to see if one passes without
2938 * error
2939 */
2940 if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck, key, keylen,
2941 pwd, pwdlen ) ) == 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2942 {
2943 return( 0 );
2944 }
2945
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2946 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2947
2948 if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH )
2949 {
2950 return( ret );
2951 }
2952
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2953 if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
2954 key, keylen ) ) == 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2955 return( 0 );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2956
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2957 ecp_keypair_free( eck );
2958
2959 if( ( ret = x509parse_key_sec1_der( eck, key, keylen ) ) == 0 )
2960 return( 0 );
2961
2962 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2963
2964 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
2965}
2966
2967/*
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2968 * Parse a public EC key in RFC 5480 format, der-encoded
2969 */
2970static int x509parse_public_key_ec_der( ecp_keypair *key,
2971 const unsigned char *buf, size_t len )
2972{
2973 int ret;
2974 ecp_group_id grp_id;
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2975 x509_buf alg_params;
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2976 pk_type_t alg = POLARSSL_PK_NONE;
2977 unsigned char *p = (unsigned char *) buf;
2978 unsigned char *end = p + len;
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2979 /*
2980 * SubjectPublicKeyInfo ::= SEQUENCE {
2981 * algorithm AlgorithmIdentifier,
2982 * subjectPublicKey BIT STRING
2983 * }
2984 * -- algorithm parameters are ECParameters
2985 * -- subjectPublicKey is an ECPoint
2986 */
2987 if( ( ret = asn1_get_tag( &p, end, &len,
2988 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2989 {
2990 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
2991 }
2992
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2993 if( ( ret = x509_get_algid( &p, end, &alg, &alg_params ) ) != 0 )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2994 return( ret );
2995
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2996 if( alg != POLARSSL_PK_ECKEY && alg != POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2997 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2998
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2999 if( alg == POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3000 key->alg = POLARSSL_ECP_KEY_ALG_ECDH;
3001
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]3002 if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3003 return( ret );
3004
3005 if( ( ret = ecp_use_known_dp( &key->grp, grp_id ) ) != 0 )
3006 return( ret );
3007
3008 if( ( ret = x509_get_subpubkey_ec( &p, end, &key->grp, &key->Q ) ) != 0 )
3009 {
3010 return( ret );
3011 }
3012
3013 return( 0 );
3014}
3015
3016/*
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3017 * Parse a public EC key
3018 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3019static int x509parse_public_key_ec( ecp_keypair *eckey,
3020 const unsigned char *key, size_t keylen )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3021{
3022 int ret;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3023#if defined(POLARSSL_PEM_C)
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3024 size_t len;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3025 pem_context pem;
3026
3027 pem_init( &pem );
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3028 ret = pem_read_buffer( &pem,
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3029 "-----BEGIN PUBLIC KEY-----",
3030 "-----END PUBLIC KEY-----",
3031 key, NULL, 0, &len );
3032
3033 if( ret == 0 )
3034 {
3035 /*
3036 * Was PEM encoded
3037 */
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3038 key = pem.buf;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3039 keylen = pem.buflen;
3040 }
3041 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
3042 {
3043 pem_free( &pem );
3044 return( ret );
3045 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3046#endif
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3047
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3048 if( ( ret = x509parse_public_key_ec_der ( eckey, key, keylen ) ) != 0 ||
3049 ( ret = ecp_check_pubkey( &eckey->grp, &eckey->Q ) ) != 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3050 {
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3051 ecp_keypair_free( eckey );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3052 }
3053
3054#if defined(POLARSSL_PEM_C)
3055 pem_free( &pem );
3056#endif
3057
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3058 return( ret );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3059}
3060#endif /* defined(POLARSSL_ECP_C) */
3061
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3062/*
3063 * Parse a private key
3064 */
3065int x509parse_key( pk_context *ctx,
3066 const unsigned char *key, size_t keylen,
3067 const unsigned char *pwd, size_t pwdlen )
3068{
3069 int ret;
3070
3071 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_RSA ) ) != 0 )
3072 return( ret );
3073
3074 if( ( ret = x509parse_key_rsa( ctx->data, key, keylen, pwd, pwdlen ) )
3075 == 0 )
3076 {
3077 return( 0 );
3078 }
3079
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3080 pk_free( ctx );
3081
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3082 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
3083 return( ret );
3084
3085 if( ( ret = x509parse_key_ec( ctx->data, key, keylen, pwd, pwdlen ) ) == 0 )
3086 {
3087 return( 0 );
3088 }
3089
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3090 pk_free( ctx );
3091
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3092 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
3093}
3094
3095/*
3096 * Parse a public key
3097 */
3098int x509parse_public_key( pk_context *ctx,
3099 const unsigned char *key, size_t keylen )
3100{
3101 int ret;
3102
3103 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_RSA ) ) != 0 )
3104 return( ret );
3105
3106 if( ( ret = x509parse_public_key_rsa( ctx->data, key, keylen ) ) == 0 )
3107 return( 0 );
3108
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3109 pk_free( ctx );
3110
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3111 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
3112 return( ret );
3113
3114 if( ( ret = x509parse_public_key_ec( ctx->data, key, keylen ) ) == 0 )
3115 return( 0 );
3116
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3117 pk_free( ctx );
3118
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3119 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
3120}
3121
Paul Bakkereaa89f82011-04-04 21:36:15 +0000[diff] [blame]3122#if defined(POLARSSL_DHM_C)
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]3123/*
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3124 * Parse DHM parameters
3125 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3126int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3127{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3128 int ret;
3129 size_t len;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3130 unsigned char *p, *end;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3131#if defined(POLARSSL_PEM_C)
3132 pem_context pem;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3133
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3134 pem_init( &pem );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3135
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3136 ret = pem_read_buffer( &pem,
3137 "-----BEGIN DH PARAMETERS-----",
3138 "-----END DH PARAMETERS-----",
3139 dhmin, NULL, 0, &dhminlen );
3140
3141 if( ret == 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3142 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3143 /*
3144 * Was PEM encoded
3145 */
3146 dhminlen = pem.buflen;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3147 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]3148 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3149 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3150 pem_free( &pem );
3151 return( ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3152 }
3153
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3154 p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
3155#else
3156 p = (unsigned char *) dhmin;
3157#endif
3158 end = p + dhminlen;
3159
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3160 memset( dhm, 0, sizeof( dhm_context ) );
3161
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3162 /*
3163 * DHParams ::= SEQUENCE {
3164 * prime INTEGER, -- P
3165 * generator INTEGER, -- g
3166 * }
3167 */
3168 if( ( ret = asn1_get_tag( &p, end, &len,
3169 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
3170 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3171#if defined(POLARSSL_PEM_C)
3172 pem_free( &pem );
3173#endif
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3174 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3175 }
3176
3177 end = p + len;
3178
3179 if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
3180 ( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
3181 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3182#if defined(POLARSSL_PEM_C)
3183 pem_free( &pem );
3184#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3185 dhm_free( dhm );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3186 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3187 }
3188
3189 if( p != end )
3190 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3191#if defined(POLARSSL_PEM_C)
3192 pem_free( &pem );
3193#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3194 dhm_free( dhm );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3195 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3196 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
3197 }
3198
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3199#if defined(POLARSSL_PEM_C)
3200 pem_free( &pem );
3201#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3202
3203 return( 0 );
3204}
3205
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]3206#if defined(POLARSSL_FS_IO)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3207/*
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]3208 * Load and parse DHM parameters
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3209 */
3210int x509parse_dhmfile( dhm_context *dhm, const char *path )
3211{
3212 int ret;
3213 size_t n;
3214 unsigned char *buf;
3215
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]3216 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
3217 return( ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3218
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]3219 ret = x509parse_dhm( dhm, buf, n );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3220
3221 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]3222 polarssl_free( buf );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3223
3224 return( ret );
3225}
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]3226#endif /* POLARSSL_FS_IO */
Paul Bakkereaa89f82011-04-04 21:36:15 +0000[diff] [blame]3227#endif /* POLARSSL_DHM_C */
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3228
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3229#if defined _MSC_VER && !defined snprintf
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3230#include <stdarg.h>
3231
3232#if !defined vsnprintf
3233#define vsnprintf _vsnprintf
3234#endif // vsnprintf
3235
3236/*
3237 * Windows _snprintf and _vsnprintf are not compatible to linux versions.
3238 * Result value is not size of buffer needed, but -1 if no fit is possible.
3239 *
3240 * This fuction tries to 'fix' this by at least suggesting enlarging the
3241 * size by 20.
3242 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3243static int compat_snprintf(char *str, size_t size, const char *format, ...)
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3244{
3245 va_list ap;
3246 int res = -1;
3247
3248 va_start( ap, format );
3249
3250 res = vsnprintf( str, size, format, ap );
3251
3252 va_end( ap );
3253
3254 // No quick fix possible
3255 if ( res < 0 )
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3256 return( (int) size + 20 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3257
3258 return res;
3259}
3260
3261#define snprintf compat_snprintf
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3262#endif
3263
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3264#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
3265
3266#define SAFE_SNPRINTF() \
3267{ \
3268 if( ret == -1 ) \
3269 return( -1 ); \
3270 \
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3271 if ( (unsigned int) ret > n ) { \
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3272 p[n - 1] = '\0'; \
3273 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
3274 } \
3275 \
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3276 n -= (unsigned int) ret; \
3277 p += (unsigned int) ret; \
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3278}
3279
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3280/*
3281 * Store the name in printable form into buf; no more
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3282 * than size characters will be written
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3283 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3284int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3285{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3286 int ret;
3287 size_t i, n;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3288 unsigned char c;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3289 const x509_name *name;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3290 const char *short_name = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3291 char s[128], *p;
3292
3293 memset( s, 0, sizeof( s ) );
3294
3295 name = dn;
3296 p = buf;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3297 n = size;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3298
3299 while( name != NULL )
3300 {
Paul Bakkercefb3962012-06-27 11:51:09 +0000[diff] [blame]3301 if( !name->oid.p )
3302 {
3303 name = name->next;
3304 continue;
3305 }
3306
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3307 if( name != dn )
3308 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3309 ret = snprintf( p, n, ", " );
3310 SAFE_SNPRINTF();
3311 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3312
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3313 ret = oid_get_attr_short_name( &name->oid, &short_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3314
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3315 if( ret == 0 )
3316 ret = snprintf( p, n, "%s=", short_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3317 else
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3318 ret = snprintf( p, n, "\?\?=" );
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3319 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3320
3321 for( i = 0; i < name->val.len; i++ )
3322 {
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]3323 if( i >= sizeof( s ) - 1 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3324 break;
3325
3326 c = name->val.p[i];
3327 if( c < 32 || c == 127 || ( c > 128 && c < 160 ) )
3328 s[i] = '?';
3329 else s[i] = c;
3330 }
3331 s[i] = '\0';
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3332 ret = snprintf( p, n, "%s", s );
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3333 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3334 name = name->next;
3335 }
3336
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3337 return( (int) ( size - n ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3338}
3339
3340/*
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3341 * Store the serial in printable form into buf; no more
3342 * than size characters will be written
3343 */
3344int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
3345{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3346 int ret;
3347 size_t i, n, nr;
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3348 char *p;
3349
3350 p = buf;
3351 n = size;
3352
3353 nr = ( serial->len <= 32 )
Paul Bakker03c7c252011-11-25 12:37:37 +0000[diff] [blame]3354 ? serial->len : 28;
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3355
3356 for( i = 0; i < nr; i++ )
3357 {
Paul Bakker93048802011-12-05 14:38:06 +0000[diff] [blame]3358 if( i == 0 && nr > 1 && serial->p[i] == 0x0 )
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3359 continue;
3360
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3361 ret = snprintf( p, n, "%02X%s",
3362 serial->p[i], ( i < nr - 1 ) ? ":" : "" );
3363 SAFE_SNPRINTF();
3364 }
3365
Paul Bakker03c7c252011-11-25 12:37:37 +0000[diff] [blame]3366 if( nr != serial->len )
3367 {
3368 ret = snprintf( p, n, "...." );
3369 SAFE_SNPRINTF();
3370 }
3371
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3372 return( (int) ( size - n ) );
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3373}
3374
3375/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3376 * Return an informational string about the certificate.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3377 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3378int x509parse_cert_info( char *buf, size_t size, const char *prefix,
3379 const x509_cert *crt )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3380{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3381 int ret;
3382 size_t n;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3383 char *p;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3384 const char *desc = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3385
3386 p = buf;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3387 n = size;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3388
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3389 ret = snprintf( p, n, "%scert. version : %d\n",
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3390 prefix, crt->version );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3391 SAFE_SNPRINTF();
3392 ret = snprintf( p, n, "%sserial number : ",
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3393 prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3394 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3395
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3396 ret = x509parse_serial_gets( p, n, &crt->serial);
3397 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3398
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3399 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
3400 SAFE_SNPRINTF();
3401 ret = x509parse_dn_gets( p, n, &crt->issuer );
3402 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3403
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3404 ret = snprintf( p, n, "\n%ssubject name : ", prefix );
3405 SAFE_SNPRINTF();
3406 ret = x509parse_dn_gets( p, n, &crt->subject );
3407 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3408
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3409 ret = snprintf( p, n, "\n%sissued on : " \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3410 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3411 crt->valid_from.year, crt->valid_from.mon,
3412 crt->valid_from.day, crt->valid_from.hour,
3413 crt->valid_from.min, crt->valid_from.sec );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3414 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3415
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3416 ret = snprintf( p, n, "\n%sexpires on : " \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3417 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3418 crt->valid_to.year, crt->valid_to.mon,
3419 crt->valid_to.day, crt->valid_to.hour,
3420 crt->valid_to.min, crt->valid_to.sec );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3421 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3422
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3423 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3424 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3425
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3426 ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc );
3427 if( ret != 0 )
3428 ret = snprintf( p, n, "???" );
3429 else
3430 ret = snprintf( p, n, desc );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3431 SAFE_SNPRINTF();
3432
3433 ret = snprintf( p, n, "\n%sRSA key size : %d bits\n", prefix,
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]3434 (int) crt->rsa.N.n * (int) sizeof( t_uint ) * 8 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3435 SAFE_SNPRINTF();
3436
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3437 return( (int) ( size - n ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3438}
3439
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3440/*
3441 * Return an informational string describing the given OID
3442 */
3443const char *x509_oid_get_description( x509_buf *oid )
3444{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3445 const char *desc = NULL;
3446 int ret;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3447
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3448 ret = oid_get_extended_key_usage( oid, &desc );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3449
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3450 if( ret != 0 )
3451 return( NULL );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3452
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3453 return( desc );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3454}
3455
3456/* Return the x.y.z.... style numeric string for the given OID */
3457int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
3458{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3459 return oid_get_numeric_string( buf, size, oid );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3460}
3461
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3462/*
3463 * Return an informational string about the CRL.
3464 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3465int x509parse_crl_info( char *buf, size_t size, const char *prefix,
3466 const x509_crl *crl )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3467{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3468 int ret;
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3469 size_t n;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3470 char *p;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3471 const char *desc;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3472 const x509_crl_entry *entry;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3473
3474 p = buf;
3475 n = size;
3476
3477 ret = snprintf( p, n, "%sCRL version : %d",
3478 prefix, crl->version );
3479 SAFE_SNPRINTF();
3480
3481 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
3482 SAFE_SNPRINTF();
3483 ret = x509parse_dn_gets( p, n, &crl->issuer );
3484 SAFE_SNPRINTF();
3485
3486 ret = snprintf( p, n, "\n%sthis update : " \
3487 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3488 crl->this_update.year, crl->this_update.mon,
3489 crl->this_update.day, crl->this_update.hour,
3490 crl->this_update.min, crl->this_update.sec );
3491 SAFE_SNPRINTF();
3492
3493 ret = snprintf( p, n, "\n%snext update : " \
3494 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3495 crl->next_update.year, crl->next_update.mon,
3496 crl->next_update.day, crl->next_update.hour,
3497 crl->next_update.min, crl->next_update.sec );
3498 SAFE_SNPRINTF();
3499
3500 entry = &crl->entry;
3501
3502 ret = snprintf( p, n, "\n%sRevoked certificates:",
3503 prefix );
3504 SAFE_SNPRINTF();
3505
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]3506 while( entry != NULL && entry->raw.len != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3507 {
3508 ret = snprintf( p, n, "\n%sserial number: ",
3509 prefix );
3510 SAFE_SNPRINTF();
3511
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3512 ret = x509parse_serial_gets( p, n, &entry->serial);
3513 SAFE_SNPRINTF();
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3514
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3515 ret = snprintf( p, n, " revocation date: " \
3516 "%04d-%02d-%02d %02d:%02d:%02d",
3517 entry->revocation_date.year, entry->revocation_date.mon,
3518 entry->revocation_date.day, entry->revocation_date.hour,
3519 entry->revocation_date.min, entry->revocation_date.sec );
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3520 SAFE_SNPRINTF();
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3521
3522 entry = entry->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3523 }
3524
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3525 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3526 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3527
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3528 ret = oid_get_sig_alg_desc( &crl->sig_oid1, &desc );
3529 if( ret != 0 )
3530 ret = snprintf( p, n, "???" );
3531 else
3532 ret = snprintf( p, n, desc );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3533 SAFE_SNPRINTF();
3534
Paul Bakker1e27bb22009-07-19 20:25:25 +0000[diff] [blame]3535 ret = snprintf( p, n, "\n" );
3536 SAFE_SNPRINTF();
3537
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3538 return( (int) ( size - n ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3539}
3540
3541/*
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3542 * Return 0 if the x509_time is still valid, or 1 otherwise.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3543 */
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200[diff] [blame]3544#if defined(POLARSSL_HAVE_TIME)
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3545int x509parse_time_expired( const x509_time *to )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3546{
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3547 int year, mon, day;
3548 int hour, min, sec;
3549
3550#if defined(_WIN32)
3551 SYSTEMTIME st;
3552
3553 GetLocalTime(&st);
3554
3555 year = st.wYear;
3556 mon = st.wMonth;
3557 day = st.wDay;
3558 hour = st.wHour;
3559 min = st.wMinute;
3560 sec = st.wSecond;
3561#else
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3562 struct tm *lt;
3563 time_t tt;
3564
3565 tt = time( NULL );
3566 lt = localtime( &tt );
3567
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3568 year = lt->tm_year + 1900;
3569 mon = lt->tm_mon + 1;
3570 day = lt->tm_mday;
3571 hour = lt->tm_hour;
3572 min = lt->tm_min;
3573 sec = lt->tm_sec;
3574#endif
3575
3576 if( year > to->year )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3577 return( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3578
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3579 if( year == to->year &&
3580 mon > to->mon )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3581 return( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3582
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3583 if( year == to->year &&
3584 mon == to->mon &&
3585 day > to->day )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3586 return( 1 );
3587
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3588 if( year == to->year &&
3589 mon == to->mon &&
3590 day == to->day &&
3591 hour > to->hour )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3592 return( 1 );
3593
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3594 if( year == to->year &&
3595 mon == to->mon &&
3596 day == to->day &&
3597 hour == to->hour &&
3598 min > to->min )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3599 return( 1 );
3600
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3601 if( year == to->year &&
3602 mon == to->mon &&
3603 day == to->day &&
3604 hour == to->hour &&
3605 min == to->min &&
3606 sec > to->sec )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3607 return( 1 );
3608
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3609 return( 0 );
3610}
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200[diff] [blame]3611#else /* POLARSSL_HAVE_TIME */
3612int x509parse_time_expired( const x509_time *to )
3613{
3614 ((void) to);
3615 return( 0 );
3616}
3617#endif /* POLARSSL_HAVE_TIME */
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3618
3619/*
3620 * Return 1 if the certificate is revoked, or 0 otherwise.
3621 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3622int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3623{
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3624 const x509_crl_entry *cur = &crl->entry;
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3625
3626 while( cur != NULL && cur->serial.len != 0 )
3627 {
Paul Bakkera056efc2011-01-16 21:38:35 +0000[diff] [blame]3628 if( crt->serial.len == cur->serial.len &&
3629 memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3630 {
3631 if( x509parse_time_expired( &cur->revocation_date ) )
3632 return( 1 );
3633 }
3634
3635 cur = cur->next;
3636 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3637
3638 return( 0 );
3639}
3640
Paul Bakkerde4d2ea2009-10-03 19:58:52 +0000[diff] [blame]3641/*
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3642 * Check that the given certificate is valid accoring to the CRL.
3643 */
3644static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
3645 x509_crl *crl_list)
3646{
3647 int flags = 0;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3648 unsigned char hash[POLARSSL_MD_MAX_SIZE];
3649 const md_info_t *md_info;
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3650
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3651 if( ca == NULL )
3652 return( flags );
3653
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3654 /*
3655 * TODO: What happens if no CRL is present?
3656 * Suggestion: Revocation state should be unknown if no CRL is present.
3657 * For backwards compatibility this is not yet implemented.
3658 */
3659
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3660 while( crl_list != NULL )
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3661 {
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3662 if( crl_list->version == 0 ||
3663 crl_list->issuer_raw.len != ca->subject_raw.len ||
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3664 memcmp( crl_list->issuer_raw.p, ca->subject_raw.p,
3665 crl_list->issuer_raw.len ) != 0 )
3666 {
3667 crl_list = crl_list->next;
3668 continue;
3669 }
3670
3671 /*
3672 * Check if CRL is correctly signed by the trusted CA
3673 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3674 md_info = md_info_from_type( crl_list->sig_md );
3675 if( md_info == NULL )
3676 {
3677 /*
3678 * Cannot check 'unknown' hash
3679 */
3680 flags |= BADCRL_NOT_TRUSTED;
3681 break;
3682 }
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3683
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3684 md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3685
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3686 if( !rsa_pkcs1_verify( &ca->rsa, RSA_PUBLIC, crl_list->sig_md,
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3687 0, hash, crl_list->sig.p ) == 0 )
3688 {
3689 /*
3690 * CRL is not trusted
3691 */
3692 flags |= BADCRL_NOT_TRUSTED;
3693 break;
3694 }
3695
3696 /*
3697 * Check for validity of CRL (Do not drop out)
3698 */
3699 if( x509parse_time_expired( &crl_list->next_update ) )
3700 flags |= BADCRL_EXPIRED;
3701
3702 /*
3703 * Check if certificate is revoked
3704 */
3705 if( x509parse_revoked(crt, crl_list) )
3706 {
3707 flags |= BADCERT_REVOKED;
3708 break;
3709 }
3710
3711 crl_list = crl_list->next;
3712 }
3713 return flags;
3714}
3715
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]3716static int x509_wildcard_verify( const char *cn, x509_buf *name )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3717{
3718 size_t i;
3719 size_t cn_idx = 0;
3720
Paul Bakker57b12982012-02-11 17:38:38 +0000[diff] [blame]3721 if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3722 return( 0 );
3723
3724 for( i = 0; i < strlen( cn ); ++i )
3725 {
3726 if( cn[i] == '.' )
3727 {
3728 cn_idx = i;
3729 break;
3730 }
3731 }
3732
3733 if( cn_idx == 0 )
3734 return( 0 );
3735
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3736 if( strlen( cn ) - cn_idx == name->len - 1 &&
3737 memcmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3738 {
3739 return( 1 );
3740 }
3741
3742 return( 0 );
3743}
3744
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3745static int x509parse_verify_top(
3746 x509_cert *child, x509_cert *trust_ca,
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3747 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3748 int (*f_vrfy)(void *, x509_cert *, int, int *),
3749 void *p_vrfy )
3750{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3751 int ret;
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3752 int ca_flags = 0, check_path_cnt = path_cnt + 1;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3753 unsigned char hash[POLARSSL_MD_MAX_SIZE];
3754 const md_info_t *md_info;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3755
3756 if( x509parse_time_expired( &child->valid_to ) )
3757 *flags |= BADCERT_EXPIRED;
3758
3759 /*
3760 * Child is the top of the chain. Check against the trust_ca list.
3761 */
3762 *flags |= BADCERT_NOT_TRUSTED;
3763
3764 while( trust_ca != NULL )
3765 {
3766 if( trust_ca->version == 0 ||
3767 child->issuer_raw.len != trust_ca->subject_raw.len ||
3768 memcmp( child->issuer_raw.p, trust_ca->subject_raw.p,
3769 child->issuer_raw.len ) != 0 )
3770 {
3771 trust_ca = trust_ca->next;
3772 continue;
3773 }
3774
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3775 /*
3776 * Reduce path_len to check against if top of the chain is
3777 * the same as the trusted CA
3778 */
3779 if( child->subject_raw.len == trust_ca->subject_raw.len &&
3780 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
3781 child->issuer_raw.len ) == 0 )
3782 {
3783 check_path_cnt--;
3784 }
3785
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3786 if( trust_ca->max_pathlen > 0 &&
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3787 trust_ca->max_pathlen < check_path_cnt )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3788 {
3789 trust_ca = trust_ca->next;
3790 continue;
3791 }
3792
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3793 md_info = md_info_from_type( child->sig_md );
3794 if( md_info == NULL )
3795 {
3796 /*
3797 * Cannot check 'unknown' hash
3798 */
3799 continue;
3800 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3801
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3802 md( md_info, child->tbs.p, child->tbs.len, hash );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3803
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3804 if( rsa_pkcs1_verify( &trust_ca->rsa, RSA_PUBLIC, child->sig_md,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3805 0, hash, child->sig.p ) != 0 )
3806 {
3807 trust_ca = trust_ca->next;
3808 continue;
3809 }
3810
3811 /*
3812 * Top of chain is signed by a trusted CA
3813 */
3814 *flags &= ~BADCERT_NOT_TRUSTED;
3815 break;
3816 }
3817
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3818 /*
Paul Bakker3497d8c2012-11-24 11:53:17 +0100[diff] [blame]3819 * If top of chain is not the same as the trusted CA send a verify request
3820 * to the callback for any issues with validity and CRL presence for the
3821 * trusted CA certificate.
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3822 */
3823 if( trust_ca != NULL &&
3824 ( child->subject_raw.len != trust_ca->subject_raw.len ||
3825 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
3826 child->issuer_raw.len ) != 0 ) )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3827 {
3828 /* Check trusted CA's CRL for then chain's top crt */
3829 *flags |= x509parse_verifycrl( child, trust_ca, ca_crl );
3830
3831 if( x509parse_time_expired( &trust_ca->valid_to ) )
3832 ca_flags |= BADCERT_EXPIRED;
3833
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3834 if( NULL != f_vrfy )
3835 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3836 if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1, &ca_flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3837 return( ret );
3838 }
3839 }
3840
3841 /* Call callback on top cert */
3842 if( NULL != f_vrfy )
3843 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3844 if( ( ret = f_vrfy(p_vrfy, child, path_cnt, flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3845 return( ret );
3846 }
3847
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3848 *flags |= ca_flags;
3849
3850 return( 0 );
3851}
3852
3853static int x509parse_verify_child(
3854 x509_cert *child, x509_cert *parent, x509_cert *trust_ca,
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3855 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3856 int (*f_vrfy)(void *, x509_cert *, int, int *),
3857 void *p_vrfy )
3858{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3859 int ret;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3860 int parent_flags = 0;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3861 unsigned char hash[POLARSSL_MD_MAX_SIZE];
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3862 x509_cert *grandparent;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3863 const md_info_t *md_info;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3864
3865 if( x509parse_time_expired( &child->valid_to ) )
3866 *flags |= BADCERT_EXPIRED;
3867
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3868 md_info = md_info_from_type( child->sig_md );
3869 if( md_info == NULL )
3870 {
3871 /*
3872 * Cannot check 'unknown' hash
3873 */
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3874 *flags |= BADCERT_NOT_TRUSTED;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3875 }
3876 else
3877 {
3878 md( md_info, child->tbs.p, child->tbs.len, hash );
3879
3880 if( rsa_pkcs1_verify( &parent->rsa, RSA_PUBLIC, child->sig_md, 0, hash,
3881 child->sig.p ) != 0 )
3882 *flags |= BADCERT_NOT_TRUSTED;
3883 }
3884
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3885 /* Check trusted CA's CRL for the given crt */
3886 *flags |= x509parse_verifycrl(child, parent, ca_crl);
3887
3888 grandparent = parent->next;
3889
3890 while( grandparent != NULL )
3891 {
3892 if( grandparent->version == 0 ||
3893 grandparent->ca_istrue == 0 ||
3894 parent->issuer_raw.len != grandparent->subject_raw.len ||
3895 memcmp( parent->issuer_raw.p, grandparent->subject_raw.p,
3896 parent->issuer_raw.len ) != 0 )
3897 {
3898 grandparent = grandparent->next;
3899 continue;
3900 }
3901 break;
3902 }
3903
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3904 if( grandparent != NULL )
3905 {
3906 /*
3907 * Part of the chain
3908 */
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3909 ret = x509parse_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3910 if( ret != 0 )
3911 return( ret );
3912 }
3913 else
3914 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3915 ret = x509parse_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3916 if( ret != 0 )
3917 return( ret );
3918 }
3919
3920 /* child is verified to be a child of the parent, call verify callback */
3921 if( NULL != f_vrfy )
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3922 if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3923 return( ret );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3924
3925 *flags |= parent_flags;
3926
3927 return( 0 );
3928}
3929
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3930/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3931 * Verify the certificate validity
3932 */
3933int x509parse_verify( x509_cert *crt,
3934 x509_cert *trust_ca,
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3935 x509_crl *ca_crl,
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]3936 const char *cn, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3937 int (*f_vrfy)(void *, x509_cert *, int, int *),
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]3938 void *p_vrfy )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3939{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3940 size_t cn_len;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3941 int ret;
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3942 int pathlen = 0;
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3943 x509_cert *parent;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3944 x509_name *name;
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3945 x509_sequence *cur = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3946
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3947 *flags = 0;
3948
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3949 if( cn != NULL )
3950 {
3951 name = &crt->subject;
3952 cn_len = strlen( cn );
3953
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3954 if( crt->ext_types & EXT_SUBJECT_ALT_NAME )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3955 {
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3956 cur = &crt->subject_alt_names;
3957
3958 while( cur != NULL )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3959 {
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3960 if( cur->buf.len == cn_len &&
3961 memcmp( cn, cur->buf.p, cn_len ) == 0 )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3962 break;
3963
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3964 if( cur->buf.len > 2 &&
3965 memcmp( cur->buf.p, "*.", 2 ) == 0 &&
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3966 x509_wildcard_verify( cn, &cur->buf ) )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3967 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3968
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3969 cur = cur->next;
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3970 }
3971
3972 if( cur == NULL )
3973 *flags |= BADCERT_CN_MISMATCH;
3974 }
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3975 else
3976 {
3977 while( name != NULL )
3978 {
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3979 if( OID_CMP( OID_AT_CN, &name->oid ) )
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3980 {
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3981 if( name->val.len == cn_len &&
3982 memcmp( name->val.p, cn, cn_len ) == 0 )
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3983 break;
3984
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3985 if( name->val.len > 2 &&
3986 memcmp( name->val.p, "*.", 2 ) == 0 &&
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3987 x509_wildcard_verify( cn, &name->val ) )
3988 break;
3989 }
3990
3991 name = name->next;
3992 }
3993
3994 if( name == NULL )
3995 *flags |= BADCERT_CN_MISMATCH;
3996 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3997 }
3998
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3999 /*
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4000 * Iterate upwards in the given cert chain, to find our crt parent.
4001 * Ignore any upper cert with CA != TRUE.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4002 */
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4003 parent = crt->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4004
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4005 while( parent != NULL && parent->version != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4006 {
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4007 if( parent->ca_istrue == 0 ||
4008 crt->issuer_raw.len != parent->subject_raw.len ||
4009 memcmp( crt->issuer_raw.p, parent->subject_raw.p,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4010 crt->issuer_raw.len ) != 0 )
4011 {
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4012 parent = parent->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4013 continue;
4014 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4015 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4016 }
4017
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4018 if( parent != NULL )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4019 {
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4020 /*
4021 * Part of the chain
4022 */
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]4023 ret = x509parse_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4024 if( ret != 0 )
4025 return( ret );
4026 }
4027 else
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4028 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]4029 ret = x509parse_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4030 if( ret != 0 )
4031 return( ret );
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]4032 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4033
4034 if( *flags != 0 )
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4035 return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED );
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]4036
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4037 return( 0 );
4038}
4039
4040/*
4041 * Unallocate all certificate data
4042 */
4043void x509_free( x509_cert *crt )
4044{
4045 x509_cert *cert_cur = crt;
4046 x509_cert *cert_prv;
4047 x509_name *name_cur;
4048 x509_name *name_prv;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4049 x509_sequence *seq_cur;
4050 x509_sequence *seq_prv;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4051
4052 if( crt == NULL )
4053 return;
4054
4055 do
4056 {
4057 rsa_free( &cert_cur->rsa );
4058
4059 name_cur = cert_cur->issuer.next;
4060 while( name_cur != NULL )
4061 {
4062 name_prv = name_cur;
4063 name_cur = name_cur->next;
4064 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4065 polarssl_free( name_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4066 }
4067
4068 name_cur = cert_cur->subject.next;
4069 while( name_cur != NULL )
4070 {
4071 name_prv = name_cur;
4072 name_cur = name_cur->next;
4073 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4074 polarssl_free( name_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4075 }
4076
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4077 seq_cur = cert_cur->ext_key_usage.next;
4078 while( seq_cur != NULL )
4079 {
4080 seq_prv = seq_cur;
4081 seq_cur = seq_cur->next;
4082 memset( seq_prv, 0, sizeof( x509_sequence ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4083 polarssl_free( seq_prv );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4084 }
4085
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]4086 seq_cur = cert_cur->subject_alt_names.next;
4087 while( seq_cur != NULL )
4088 {
4089 seq_prv = seq_cur;
4090 seq_cur = seq_cur->next;
4091 memset( seq_prv, 0, sizeof( x509_sequence ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4092 polarssl_free( seq_prv );
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]4093 }
4094
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4095 if( cert_cur->raw.p != NULL )
4096 {
4097 memset( cert_cur->raw.p, 0, cert_cur->raw.len );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4098 polarssl_free( cert_cur->raw.p );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4099 }
4100
4101 cert_cur = cert_cur->next;
4102 }
4103 while( cert_cur != NULL );
4104
4105 cert_cur = crt;
4106 do
4107 {
4108 cert_prv = cert_cur;
4109 cert_cur = cert_cur->next;
4110
4111 memset( cert_prv, 0, sizeof( x509_cert ) );
4112 if( cert_prv != crt )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4113 polarssl_free( cert_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4114 }
4115 while( cert_cur != NULL );
4116}
4117
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4118/*
4119 * Unallocate all CRL data
4120 */
4121void x509_crl_free( x509_crl *crl )
4122{
4123 x509_crl *crl_cur = crl;
4124 x509_crl *crl_prv;
4125 x509_name *name_cur;
4126 x509_name *name_prv;
4127 x509_crl_entry *entry_cur;
4128 x509_crl_entry *entry_prv;
4129
4130 if( crl == NULL )
4131 return;
4132
4133 do
4134 {
4135 name_cur = crl_cur->issuer.next;
4136 while( name_cur != NULL )
4137 {
4138 name_prv = name_cur;
4139 name_cur = name_cur->next;
4140 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4141 polarssl_free( name_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4142 }
4143
4144 entry_cur = crl_cur->entry.next;
4145 while( entry_cur != NULL )
4146 {
4147 entry_prv = entry_cur;
4148 entry_cur = entry_cur->next;
4149 memset( entry_prv, 0, sizeof( x509_crl_entry ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4150 polarssl_free( entry_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4151 }
4152
4153 if( crl_cur->raw.p != NULL )
4154 {
4155 memset( crl_cur->raw.p, 0, crl_cur->raw.len );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4156 polarssl_free( crl_cur->raw.p );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4157 }
4158
4159 crl_cur = crl_cur->next;
4160 }
4161 while( crl_cur != NULL );
4162
4163 crl_cur = crl;
4164 do
4165 {
4166 crl_prv = crl_cur;
4167 crl_cur = crl_cur->next;
4168
4169 memset( crl_prv, 0, sizeof( x509_crl ) );
4170 if( crl_prv != crl )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4171 polarssl_free( crl_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4172 }
4173 while( crl_cur != NULL );
4174}
4175
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]4176#if defined(POLARSSL_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4177
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]4178#include "polarssl/certs.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4179
4180/*
4181 * Checkup routine
4182 */
4183int x509_self_test( int verbose )
4184{
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4185#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4186 int ret;
4187 int flags;
4188 size_t i, j;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4189 x509_cert cacert;
4190 x509_cert clicert;
4191 rsa_context rsa;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4192#if defined(POLARSSL_DHM_C)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4193 dhm_context dhm;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4194#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4195
4196 if( verbose != 0 )
4197 printf( " X.509 certificate load: " );
4198
4199 memset( &clicert, 0, sizeof( x509_cert ) );
4200
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4201 ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt,
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]4202 strlen( test_cli_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4203 if( ret != 0 )
4204 {
4205 if( verbose != 0 )
4206 printf( "failed\n" );
4207
4208 return( ret );
4209 }
4210
4211 memset( &cacert, 0, sizeof( x509_cert ) );
4212
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4213 ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]4214 strlen( test_ca_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4215 if( ret != 0 )
4216 {
4217 if( verbose != 0 )
4218 printf( "failed\n" );
4219
4220 return( ret );
4221 }
4222
4223 if( verbose != 0 )
4224 printf( "passed\n X.509 private key load: " );
4225
4226 i = strlen( test_ca_key );
4227 j = strlen( test_ca_pwd );
4228
Paul Bakker66b78b22011-03-25 14:22:50 +0000[diff] [blame]4229 rsa_init( &rsa, RSA_PKCS_V15, 0 );
4230
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]4231 if( ( ret = x509parse_key_rsa( &rsa,
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4232 (const unsigned char *) test_ca_key, i,
4233 (const unsigned char *) test_ca_pwd, j ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4234 {
4235 if( verbose != 0 )
4236 printf( "failed\n" );
4237
4238 return( ret );
4239 }
4240
4241 if( verbose != 0 )
4242 printf( "passed\n X.509 signature verify: ");
4243
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4244 ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4245 if( ret != 0 )
4246 {
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4247 printf("%02x", flags);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4248 if( verbose != 0 )
4249 printf( "failed\n" );
4250
4251 return( ret );
4252 }
4253
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4254#if defined(POLARSSL_DHM_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4255 if( verbose != 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4256 printf( "passed\n X.509 DHM parameter load: " );
4257
4258 i = strlen( test_dhm_params );
4259 j = strlen( test_ca_pwd );
4260
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4261 if( ( ret = x509parse_dhm( &dhm, (const unsigned char *) test_dhm_params, i ) ) != 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4262 {
4263 if( verbose != 0 )
4264 printf( "failed\n" );
4265
4266 return( ret );
4267 }
4268
4269 if( verbose != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4270 printf( "passed\n\n" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4271#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4272
4273 x509_free( &cacert );
4274 x509_free( &clicert );
4275 rsa_free( &rsa );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4276#if defined(POLARSSL_DHM_C)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4277 dhm_free( &dhm );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4278#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4279
4280 return( 0 );
Paul Bakkerde4d2ea2009-10-03 19:58:52 +0000[diff] [blame]4281#else
4282 ((void) verbose);
4283 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
4284#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4285}
4286
4287#endif
4288
4289#endif