TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 0a64e8f1fd82bbd32647e2f5cb9ddd93408a4d4e / . / library / x509parse.c
blob: 12f06ca20c929c2df8925e52d0078683cac710e5 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * X.509 certificate and private key decoding
3 *
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]4 * Copyright (C) 2006-2013, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +0000[diff] [blame]7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]8 *
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]9 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]10 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25/*
Paul Bakkerad8d3542012-02-16 15:28:14 +0000[diff] [blame]26 * The ITU-T X.509 standard defines a certificate format for PKI.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]27 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]28 * http://www.ietf.org/rfc/rfc3279.txt
Paul Bakkerad8d3542012-02-16 15:28:14 +0000[diff] [blame]29 * http://www.ietf.org/rfc/rfc3280.txt
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]30 *
31 * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
32 *
33 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
34 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
35 */
36
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]37#include "polarssl/config.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]38
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]39#if defined(POLARSSL_X509_PARSE_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]40
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]41#include "polarssl/x509.h"
Paul Bakkerefc30292011-11-10 14:43:23 +0000[diff] [blame]42#include "polarssl/asn1.h"
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]43#include "polarssl/oid.h"
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]44#include "polarssl/pem.h"
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]45#include "polarssl/dhm.h"
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]46#if defined(POLARSSL_PKCS5_C)
47#include "polarssl/pkcs5.h"
48#endif
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]49#if defined(POLARSSL_PKCS12_C)
50#include "polarssl/pkcs12.h"
51#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]52
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]53#if defined(POLARSSL_MEMORY_C)
54#include "polarssl/memory.h"
55#else
56#define polarssl_malloc malloc
57#define polarssl_free free
58#endif
59
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]60#include <string.h>
61#include <stdlib.h>
Paul Bakker4f229e52011-12-04 22:11:35 +0000[diff] [blame]62#if defined(_WIN32)
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]63#include <windows.h>
64#else
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]65#include <time.h>
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]66#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]67
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]68#if defined(POLARSSL_FS_IO)
69#include <stdio.h>
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]70#if !defined(_WIN32)
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]71#include <sys/types.h>
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]72#include <sys/stat.h>
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]73#include <dirent.h>
74#endif
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]75#endif
76
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]77/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]78 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
79 */
80static int x509_get_version( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]81 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]82 int *ver )
83{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]84 int ret;
85 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]86
87 if( ( ret = asn1_get_tag( p, end, &len,
88 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 )
89 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]90 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker2a1c5f52011-10-19 14:15:17 +0000[diff] [blame]91 {
92 *ver = 0;
93 return( 0 );
94 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]95
96 return( ret );
97 }
98
99 end = *p + len;
100
101 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]102 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]103
104 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]105 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]106 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]107
108 return( 0 );
109}
110
111/*
Paul Bakkerfae618f2011-10-12 11:53:52 +0000[diff] [blame]112 * Version ::= INTEGER { v1(0), v2(1) }
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]113 */
114static int x509_crl_get_version( unsigned char **p,
115 const unsigned char *end,
116 int *ver )
117{
118 int ret;
119
120 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
121 {
122 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker2a1c5f52011-10-19 14:15:17 +0000[diff] [blame]123 {
124 *ver = 0;
125 return( 0 );
126 }
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]127
128 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
129 }
130
131 return( 0 );
132}
133
134/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]135 * CertificateSerialNumber ::= INTEGER
136 */
137static int x509_get_serial( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]138 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]139 x509_buf *serial )
140{
141 int ret;
142
143 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]144 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]145 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]146
147 if( **p != ( ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2 ) &&
148 **p != ASN1_INTEGER )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]149 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]150 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]151
152 serial->tag = *(*p)++;
153
154 if( ( ret = asn1_get_len( p, end, &serial->len ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]155 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]156
157 serial->p = *p;
158 *p += serial->len;
159
160 return( 0 );
161}
162
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]163/* Get an algorithm identifier and its parameters
164 *
165 * AlgorithmIdentifier ::= SEQUENCE {
166 * algorithm OBJECT IDENTIFIER,
167 * parameters ANY DEFINED BY algorithm OPTIONAL }
168 */
169static int x509_get_algid( unsigned char **p,
170 const unsigned char *end,
171 pk_type_t *pk_alg, x509_buf *params )
172{
173 int ret;
174 x509_buf alg_oid;
175
176 memset( params, 0, sizeof(asn1_buf) );
177
178 if( ( ret = asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
179 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
180
181 if( oid_get_pk_alg( &alg_oid, pk_alg ) != 0 )
182 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
183
184 /*
185 * No parameters with RSA (only for EC)
186 */
187 if( *pk_alg == POLARSSL_PK_RSA &&
188 ( ( params->tag != ASN1_NULL && params->tag != 0 ) ||
189 params->len != 0 ) )
190 {
191 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
192 }
193
194 return( 0 );
195}
196
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]197/*
198 * AlgorithmIdentifier ::= SEQUENCE {
199 * algorithm OBJECT IDENTIFIER,
200 * parameters ANY DEFINED BY algorithm OPTIONAL }
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]201 *
202 * If params_end is NULL, then parameters must be absent or ANS.1 NULL
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]203 */
204static int x509_get_alg( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]205 const unsigned char *end,
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]206 x509_buf *alg, const unsigned char **params_end )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]207{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]208 int ret;
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]209 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]210
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]211 if( params_end == NULL ) {
212 if( ( ret = asn1_get_alg_null( p, end, alg ) ) != 0 )
213 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
214
215 return( 0 );
216 }
217
218 /* TODO: use asn1_get_alg */
219 if( ( ret = asn1_get_tag( p, end, &len,
220 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
221 {
222 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
223 }
224
225 end = *p + len;
226 alg->tag = **p;
227
228 if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]229 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]230
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]231 alg->p = *p;
232 *p += alg->len;
233
234 *params_end = end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]235 return( 0 );
236}
237
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]238/* Get an EC group id from an ECParameters buffer
239 *
240 * ECParameters ::= CHOICE {
241 * namedCurve OBJECT IDENTIFIER
242 * -- implicitCurve NULL
243 * -- specifiedCurve SpecifiedECDomain
244 * }
245 */
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]246static int x509_ecparams_get_grp_id( const x509_buf *params,
247 ecp_group_id *grp_id )
248{
249 if( oid_get_ec_grp( params, grp_id ) != 0 )
250 return( POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE );
251
252 return( 0 );
253}
254
255/* Get an EC group id from an ECParameters buffer
256 *
257 * ECParameters ::= CHOICE {
258 * namedCurve OBJECT IDENTIFIER
259 * -- implicitCurve NULL
260 * -- specifiedCurve SpecifiedECDomain
261 * }
262 */
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]263static int x509_get_ecparams( unsigned char **p, const unsigned char *end,
264 ecp_group_id *grp_id )
265{
266 int ret;
267 x509_buf curve;
268
269 curve.tag = **p;
270
271 if( ( ret = asn1_get_tag( p, end, &curve.len, ASN1_OID ) ) != 0 )
272 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
273
274 curve.p = *p;
275 *p += curve.len;
276
277 if( *p != end )
278 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
279 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
280
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]281 return( x509_ecparams_get_grp_id( &curve, grp_id ) );
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]282}
283
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]284/*
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]285 * subjectPublicKey BIT STRING
286 * -- which, in our case, contains
287 * ECPoint ::= octet string (not ASN.1)
288 */
289static int x509_get_subpubkey_ec( unsigned char **p, const unsigned char *end,
290 const ecp_group *grp, ecp_point *pt )
291{
292 int ret;
293 size_t len;
294
295 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
296 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
297
298 if( *p + len != end )
299 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
300 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
301
302 /*
303 * First byte in the content of BIT STRING is the nummber of padding bit.
304 * Here it is always 0 since ECPoint is an octet string, so skip it.
305 */
306 ++*p;
307 --len;
308
309 if( ( ret = ecp_point_read_binary( grp, pt,
310 (const unsigned char *) *p, len ) ) != 0 )
311 {
312 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
313 }
314
315 return( 0 );
316}
317
318/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]319 * AttributeTypeAndValue ::= SEQUENCE {
320 * type AttributeType,
321 * value AttributeValue }
322 *
323 * AttributeType ::= OBJECT IDENTIFIER
324 *
325 * AttributeValue ::= ANY DEFINED BY AttributeType
326 */
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]327static int x509_get_attr_type_value( unsigned char **p,
328 const unsigned char *end,
329 x509_name *cur )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]330{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]331 int ret;
332 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]333 x509_buf *oid;
334 x509_buf *val;
335
336 if( ( ret = asn1_get_tag( p, end, &len,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]337 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]338 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]339
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]340 oid = &cur->oid;
341 oid->tag = **p;
342
343 if( ( ret = asn1_get_tag( p, end, &oid->len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]344 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]345
346 oid->p = *p;
347 *p += oid->len;
348
349 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]350 return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]351 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]352
353 if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING &&
354 **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING &&
355 **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]356 return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]357 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]358
359 val = &cur->val;
360 val->tag = *(*p)++;
361
362 if( ( ret = asn1_get_len( p, end, &val->len ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]363 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]364
365 val->p = *p;
366 *p += val->len;
367
368 cur->next = NULL;
369
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]370 return( 0 );
371}
372
373/*
374 * RelativeDistinguishedName ::=
375 * SET OF AttributeTypeAndValue
376 *
377 * AttributeTypeAndValue ::= SEQUENCE {
378 * type AttributeType,
379 * value AttributeValue }
380 *
381 * AttributeType ::= OBJECT IDENTIFIER
382 *
383 * AttributeValue ::= ANY DEFINED BY AttributeType
384 */
385static int x509_get_name( unsigned char **p,
386 const unsigned char *end,
387 x509_name *cur )
388{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]389 int ret;
390 size_t len;
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]391 const unsigned char *end2;
392 x509_name *use;
393
394 if( ( ret = asn1_get_tag( p, end, &len,
395 ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]396 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]397
398 end2 = end;
399 end = *p + len;
400 use = cur;
401
402 do
403 {
404 if( ( ret = x509_get_attr_type_value( p, end, use ) ) != 0 )
405 return( ret );
406
407 if( *p != end )
408 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]409 use->next = (x509_name *) polarssl_malloc(
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]410 sizeof( x509_name ) );
411
412 if( use->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]413 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]414
415 memset( use->next, 0, sizeof( x509_name ) );
416
417 use = use->next;
418 }
419 }
420 while( *p != end );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]421
422 /*
423 * recurse until end of SEQUENCE is reached
424 */
425 if( *p == end2 )
426 return( 0 );
427
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]428 cur->next = (x509_name *) polarssl_malloc(
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]429 sizeof( x509_name ) );
430
431 if( cur->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]432 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]433
Paul Bakker430ffbe2012-05-01 08:14:20 +0000[diff] [blame]434 memset( cur->next, 0, sizeof( x509_name ) );
435
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]436 return( x509_get_name( p, end2, cur->next ) );
437}
438
439/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]440 * Time ::= CHOICE {
441 * utcTime UTCTime,
442 * generalTime GeneralizedTime }
443 */
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]444static int x509_get_time( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]445 const unsigned char *end,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]446 x509_time *time )
447{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]448 int ret;
449 size_t len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]450 char date[64];
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]451 unsigned char tag;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]452
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]453 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]454 return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
455 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]456
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]457 tag = **p;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]458
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]459 if ( tag == ASN1_UTC_TIME )
460 {
461 (*p)++;
462 ret = asn1_get_len( p, end, &len );
463
464 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]465 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]466
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]467 memset( date, 0, sizeof( date ) );
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]468 memcpy( date, *p, ( len < sizeof( date ) - 1 ) ?
469 len : sizeof( date ) - 1 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]470
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]471 if( sscanf( date, "%2d%2d%2d%2d%2d%2d",
472 &time->year, &time->mon, &time->day,
473 &time->hour, &time->min, &time->sec ) < 5 )
474 return( POLARSSL_ERR_X509_CERT_INVALID_DATE );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]475
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]476 time->year += 100 * ( time->year < 50 );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]477 time->year += 1900;
478
479 *p += len;
480
481 return( 0 );
482 }
483 else if ( tag == ASN1_GENERALIZED_TIME )
484 {
485 (*p)++;
486 ret = asn1_get_len( p, end, &len );
487
488 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]489 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]490
491 memset( date, 0, sizeof( date ) );
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]492 memcpy( date, *p, ( len < sizeof( date ) - 1 ) ?
493 len : sizeof( date ) - 1 );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]494
495 if( sscanf( date, "%4d%2d%2d%2d%2d%2d",
496 &time->year, &time->mon, &time->day,
497 &time->hour, &time->min, &time->sec ) < 5 )
498 return( POLARSSL_ERR_X509_CERT_INVALID_DATE );
499
500 *p += len;
501
502 return( 0 );
503 }
504 else
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]505 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]506}
507
508
509/*
510 * Validity ::= SEQUENCE {
511 * notBefore Time,
512 * notAfter Time }
513 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]514static int x509_get_dates( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]515 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]516 x509_time *from,
517 x509_time *to )
518{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]519 int ret;
520 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]521
522 if( ( ret = asn1_get_tag( p, end, &len,
523 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]524 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]525
526 end = *p + len;
527
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]528 if( ( ret = x509_get_time( p, end, from ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]529 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]530
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]531 if( ( ret = x509_get_time( p, end, to ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]532 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]533
534 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]535 return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]536 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]537
538 return( 0 );
539}
540
541/*
542 * SubjectPublicKeyInfo ::= SEQUENCE {
543 * algorithm AlgorithmIdentifier,
544 * subjectPublicKey BIT STRING }
545 */
546static int x509_get_pubkey( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]547 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]548 x509_buf *pk_alg_oid,
549 mpi *N, mpi *E )
550{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]551 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]552 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]553 unsigned char *end2;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]554 pk_type_t pk_alg = POLARSSL_PK_NONE;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]555
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]556 if( ( ret = asn1_get_alg_null( p, end, pk_alg_oid ) ) != 0 )
557 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]558
559 /*
560 * only RSA public keys handled at this time
561 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]562 if( oid_get_pk_alg( pk_alg_oid, &pk_alg ) != 0 )
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]563 {
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]564 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]565 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]566
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]567 if (pk_alg != POLARSSL_PK_RSA )
568 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
569
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]570 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]571 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]572
573 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]574 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]575 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]576
577 end2 = *p + len;
578
579 if( *(*p)++ != 0 )
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]580 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]581
582 /*
583 * RSAPublicKey ::= SEQUENCE {
584 * modulus INTEGER, -- n
585 * publicExponent INTEGER -- e
586 * }
587 */
588 if( ( ret = asn1_get_tag( p, end2, &len,
589 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]590 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]591
592 if( *p + len != end2 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]593 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]594 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]595
596 if( ( ret = asn1_get_mpi( p, end2, N ) ) != 0 ||
597 ( ret = asn1_get_mpi( p, end2, E ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]598 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]599
600 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]601 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]602 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]603
604 return( 0 );
605}
606
607static int x509_get_sig( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]608 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]609 x509_buf *sig )
610{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]611 int ret;
612 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]613
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]614 if( ( end - *p ) < 1 )
615 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE +
616 POLARSSL_ERR_ASN1_OUT_OF_DATA );
617
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]618 sig->tag = **p;
619
620 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]621 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]622
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]623
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]624 if( --len < 1 || *(*p)++ != 0 )
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]625 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]626
627 sig->len = len;
628 sig->p = *p;
629
630 *p += len;
631
632 return( 0 );
633}
634
635/*
636 * X.509 v2/v3 unique identifier (not parsed)
637 */
638static int x509_get_uid( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]639 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]640 x509_buf *uid, int n )
641{
642 int ret;
643
644 if( *p == end )
645 return( 0 );
646
647 uid->tag = **p;
648
649 if( ( ret = asn1_get_tag( p, end, &uid->len,
650 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n ) ) != 0 )
651 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]652 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]653 return( 0 );
654
655 return( ret );
656 }
657
658 uid->p = *p;
659 *p += uid->len;
660
661 return( 0 );
662}
663
664/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]665 * X.509 Extensions (No parsing of extensions, pointer should
666 * be either manually updated or extensions should be parsed!
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]667 */
668static int x509_get_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]669 const unsigned char *end,
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]670 x509_buf *ext, int tag )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]671{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]672 int ret;
673 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]674
675 if( *p == end )
676 return( 0 );
677
678 ext->tag = **p;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]679
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]680 if( ( ret = asn1_get_tag( p, end, &ext->len,
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]681 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | tag ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]682 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]683
684 ext->p = *p;
685 end = *p + ext->len;
686
687 /*
688 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
689 *
690 * Extension ::= SEQUENCE {
691 * extnID OBJECT IDENTIFIER,
692 * critical BOOLEAN DEFAULT FALSE,
693 * extnValue OCTET STRING }
694 */
695 if( ( ret = asn1_get_tag( p, end, &len,
696 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]697 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]698
699 if( end != *p + len )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]700 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]701 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]702
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]703 return( 0 );
704}
705
706/*
707 * X.509 CRL v2 extensions (no extensions parsed yet.)
708 */
709static int x509_get_crl_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]710 const unsigned char *end,
711 x509_buf *ext )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]712{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]713 int ret;
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]714 size_t len = 0;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]715
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]716 /* Get explicit tag */
717 if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]718 {
719 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
720 return( 0 );
721
722 return( ret );
723 }
724
725 while( *p < end )
726 {
727 if( ( ret = asn1_get_tag( p, end, &len,
728 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]729 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]730
731 *p += len;
732 }
733
734 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]735 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]736 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
737
738 return( 0 );
739}
740
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]741/*
742 * X.509 CRL v2 entry extensions (no extensions parsed yet.)
743 */
744static int x509_get_crl_entry_ext( unsigned char **p,
745 const unsigned char *end,
746 x509_buf *ext )
747{
748 int ret;
749 size_t len = 0;
750
751 /* OPTIONAL */
752 if (end <= *p)
753 return( 0 );
754
755 ext->tag = **p;
756 ext->p = *p;
757
758 /*
759 * Get CRL-entry extension sequence header
760 * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2
761 */
762 if( ( ret = asn1_get_tag( p, end, &ext->len,
763 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
764 {
765 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
766 {
767 ext->p = NULL;
768 return( 0 );
769 }
770 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
771 }
772
773 end = *p + ext->len;
774
775 if( end != *p + ext->len )
776 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
777 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
778
779 while( *p < end )
780 {
781 if( ( ret = asn1_get_tag( p, end, &len,
782 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
783 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
784
785 *p += len;
786 }
787
788 if( *p != end )
789 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
790 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
791
792 return( 0 );
793}
794
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]795static int x509_get_basic_constraints( unsigned char **p,
796 const unsigned char *end,
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]797 int *ca_istrue,
798 int *max_pathlen )
799{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]800 int ret;
801 size_t len;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]802
803 /*
804 * BasicConstraints ::= SEQUENCE {
805 * cA BOOLEAN DEFAULT FALSE,
806 * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
807 */
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]808 *ca_istrue = 0; /* DEFAULT FALSE */
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]809 *max_pathlen = 0; /* endless */
810
811 if( ( ret = asn1_get_tag( p, end, &len,
812 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]813 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]814
815 if( *p == end )
816 return 0;
817
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]818 if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 )
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]819 {
820 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]821 ret = asn1_get_int( p, end, ca_istrue );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]822
823 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]824 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]825
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]826 if( *ca_istrue != 0 )
827 *ca_istrue = 1;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]828 }
829
830 if( *p == end )
831 return 0;
832
833 if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]834 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]835
836 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]837 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]838 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
839
840 (*max_pathlen)++;
841
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]842 return 0;
843}
844
845static int x509_get_ns_cert_type( unsigned char **p,
846 const unsigned char *end,
847 unsigned char *ns_cert_type)
848{
849 int ret;
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]850 x509_bitstring bs = { 0, 0, NULL };
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]851
852 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]853 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]854
855 if( bs.len != 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]856 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]857 POLARSSL_ERR_ASN1_INVALID_LENGTH );
858
859 /* Get actual bitstring */
860 *ns_cert_type = *bs.p;
861 return 0;
862}
863
864static int x509_get_key_usage( unsigned char **p,
865 const unsigned char *end,
866 unsigned char *key_usage)
867{
868 int ret;
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]869 x509_bitstring bs = { 0, 0, NULL };
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]870
871 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]872 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]873
Paul Bakker94a67962012-08-23 13:03:52 +0000[diff] [blame]874 if( bs.len < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]875 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]876 POLARSSL_ERR_ASN1_INVALID_LENGTH );
877
878 /* Get actual bitstring */
879 *key_usage = *bs.p;
880 return 0;
881}
882
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]883/*
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]884 * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
885 *
886 * KeyPurposeId ::= OBJECT IDENTIFIER
887 */
888static int x509_get_ext_key_usage( unsigned char **p,
889 const unsigned char *end,
890 x509_sequence *ext_key_usage)
891{
892 int ret;
893
894 if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]895 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]896
897 /* Sequence length must be >= 1 */
898 if( ext_key_usage->buf.p == NULL )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]899 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]900 POLARSSL_ERR_ASN1_INVALID_LENGTH );
901
902 return 0;
903}
904
905/*
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]906 * SubjectAltName ::= GeneralNames
907 *
908 * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
909 *
910 * GeneralName ::= CHOICE {
911 * otherName [0] OtherName,
912 * rfc822Name [1] IA5String,
913 * dNSName [2] IA5String,
914 * x400Address [3] ORAddress,
915 * directoryName [4] Name,
916 * ediPartyName [5] EDIPartyName,
917 * uniformResourceIdentifier [6] IA5String,
918 * iPAddress [7] OCTET STRING,
919 * registeredID [8] OBJECT IDENTIFIER }
920 *
921 * OtherName ::= SEQUENCE {
922 * type-id OBJECT IDENTIFIER,
923 * value [0] EXPLICIT ANY DEFINED BY type-id }
924 *
925 * EDIPartyName ::= SEQUENCE {
926 * nameAssigner [0] DirectoryString OPTIONAL,
927 * partyName [1] DirectoryString }
928 *
929 * NOTE: PolarSSL only parses and uses dNSName at this point.
930 */
931static int x509_get_subject_alt_name( unsigned char **p,
932 const unsigned char *end,
933 x509_sequence *subject_alt_name )
934{
935 int ret;
936 size_t len, tag_len;
937 asn1_buf *buf;
938 unsigned char tag;
939 asn1_sequence *cur = subject_alt_name;
940
941 /* Get main sequence tag */
942 if( ( ret = asn1_get_tag( p, end, &len,
943 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
944 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
945
946 if( *p + len != end )
947 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
948 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
949
950 while( *p < end )
951 {
952 if( ( end - *p ) < 1 )
953 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
954 POLARSSL_ERR_ASN1_OUT_OF_DATA );
955
956 tag = **p;
957 (*p)++;
958 if( ( ret = asn1_get_len( p, end, &tag_len ) ) != 0 )
959 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
960
961 if( ( tag & ASN1_CONTEXT_SPECIFIC ) != ASN1_CONTEXT_SPECIFIC )
962 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
963 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
964
965 if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )
966 {
967 *p += tag_len;
968 continue;
969 }
970
971 buf = &(cur->buf);
972 buf->tag = tag;
973 buf->p = *p;
974 buf->len = tag_len;
975 *p += buf->len;
976
977 /* Allocate and assign next pointer */
978 if (*p < end)
979 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]980 cur->next = (asn1_sequence *) polarssl_malloc(
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]981 sizeof( asn1_sequence ) );
982
983 if( cur->next == NULL )
984 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
985 POLARSSL_ERR_ASN1_MALLOC_FAILED );
986
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]987 memset( cur->next, 0, sizeof( asn1_sequence ) );
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]988 cur = cur->next;
989 }
990 }
991
992 /* Set final sequence entry's next pointer to NULL */
993 cur->next = NULL;
994
995 if( *p != end )
996 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
997 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
998
999 return( 0 );
1000}
1001
1002/*
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1003 * X.509 v3 extensions
1004 *
1005 * TODO: Perform all of the basic constraints tests required by the RFC
1006 * TODO: Set values for undetected extensions to a sane default?
1007 *
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1008 */
1009static int x509_get_crt_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1010 const unsigned char *end,
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1011 x509_cert *crt )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1012{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1013 int ret;
1014 size_t len;
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1015 unsigned char *end_ext_data, *end_ext_octet;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1016
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]1017 if( ( ret = x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1018 {
1019 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
1020 return( 0 );
1021
1022 return( ret );
1023 }
1024
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1025 while( *p < end )
1026 {
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1027 /*
1028 * Extension ::= SEQUENCE {
1029 * extnID OBJECT IDENTIFIER,
1030 * critical BOOLEAN DEFAULT FALSE,
1031 * extnValue OCTET STRING }
1032 */
1033 x509_buf extn_oid = {0, 0, NULL};
1034 int is_critical = 0; /* DEFAULT FALSE */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1035 int ext_type = 0;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1036
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1037 if( ( ret = asn1_get_tag( p, end, &len,
1038 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1039 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1040
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1041 end_ext_data = *p + len;
1042
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1043 /* Get extension ID */
1044 extn_oid.tag = **p;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1045
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1046 if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1047 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1048
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1049 extn_oid.p = *p;
1050 *p += extn_oid.len;
1051
1052 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1053 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1054 POLARSSL_ERR_ASN1_OUT_OF_DATA );
1055
1056 /* Get optional critical */
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1057 if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1058 ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1059 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1060
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1061 /* Data should be octet string type */
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1062 if( ( ret = asn1_get_tag( p, end_ext_data, &len,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1063 ASN1_OCTET_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1064 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1065
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1066 end_ext_octet = *p + len;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1067
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1068 if( end_ext_octet != end_ext_data )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1069 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1070 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1071
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1072 /*
1073 * Detect supported extensions
1074 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1075 ret = oid_get_x509_ext_type( &extn_oid, &ext_type );
1076
1077 if( ret != 0 )
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1078 {
1079 /* No parser found, skip extension */
1080 *p = end_ext_octet;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1081
Paul Bakker5c721f92011-07-27 16:51:09 +0000[diff] [blame]1082#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1083 if( is_critical )
1084 {
1085 /* Data is marked as critical: fail */
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1086 return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1087 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
1088 }
Paul Bakker5c721f92011-07-27 16:51:09 +0000[diff] [blame]1089#endif
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1090 continue;
1091 }
1092
1093 crt->ext_types |= ext_type;
1094
1095 switch( ext_type )
1096 {
1097 case EXT_BASIC_CONSTRAINTS:
1098 /* Parse basic constraints */
1099 if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
1100 &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
1101 return ( ret );
1102 break;
1103
1104 case EXT_KEY_USAGE:
1105 /* Parse key usage */
1106 if( ( ret = x509_get_key_usage( p, end_ext_octet,
1107 &crt->key_usage ) ) != 0 )
1108 return ( ret );
1109 break;
1110
1111 case EXT_EXTENDED_KEY_USAGE:
1112 /* Parse extended key usage */
1113 if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
1114 &crt->ext_key_usage ) ) != 0 )
1115 return ( ret );
1116 break;
1117
1118 case EXT_SUBJECT_ALT_NAME:
1119 /* Parse subject alt name */
1120 if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
1121 &crt->subject_alt_names ) ) != 0 )
1122 return ( ret );
1123 break;
1124
1125 case EXT_NS_CERT_TYPE:
1126 /* Parse netscape certificate type */
1127 if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
1128 &crt->ns_cert_type ) ) != 0 )
1129 return ( ret );
1130 break;
1131
1132 default:
1133 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1134 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1135 }
1136
1137 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1138 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1139 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1140
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1141 return( 0 );
1142}
1143
1144/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1145 * X.509 CRL Entries
1146 */
1147static int x509_get_entries( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1148 const unsigned char *end,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1149 x509_crl_entry *entry )
1150{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1151 int ret;
1152 size_t entry_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1153 x509_crl_entry *cur_entry = entry;
1154
1155 if( *p == end )
1156 return( 0 );
1157
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1158 if( ( ret = asn1_get_tag( p, end, &entry_len,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1159 ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
1160 {
1161 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
1162 return( 0 );
1163
1164 return( ret );
1165 }
1166
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1167 end = *p + entry_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1168
1169 while( *p < end )
1170 {
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1171 size_t len2;
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1172 const unsigned char *end2;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1173
1174 if( ( ret = asn1_get_tag( p, end, &len2,
1175 ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
1176 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1177 return( ret );
1178 }
1179
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1180 cur_entry->raw.tag = **p;
1181 cur_entry->raw.p = *p;
1182 cur_entry->raw.len = len2;
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1183 end2 = *p + len2;
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1184
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1185 if( ( ret = x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1186 return( ret );
1187
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1188 if( ( ret = x509_get_time( p, end2, &cur_entry->revocation_date ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1189 return( ret );
1190
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1191 if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->entry_ext ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1192 return( ret );
1193
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1194 if ( *p < end )
1195 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1196 cur_entry->next = polarssl_malloc( sizeof( x509_crl_entry ) );
Paul Bakkerb15b8512012-01-13 13:44:06 +0000[diff] [blame]1197
1198 if( cur_entry->next == NULL )
1199 return( POLARSSL_ERR_X509_MALLOC_FAILED );
1200
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1201 cur_entry = cur_entry->next;
1202 memset( cur_entry, 0, sizeof( x509_crl_entry ) );
1203 }
1204 }
1205
1206 return( 0 );
1207}
1208
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1209static int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
1210 pk_type_t *pk_alg )
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1211{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1212 int ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1213
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1214 if( ret != 0 )
1215 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG + ret );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1216
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1217 return( 0 );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1218}
1219
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1220/*
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1221 * Parse and fill a single X.509 certificate in DER format
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1222 */
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]1223static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
1224 size_t buflen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1225{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1226 int ret;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1227 size_t len;
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1228 unsigned char *p, *end, *crt_end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1229
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1230 /*
1231 * Check for valid input
1232 */
1233 if( crt == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1234 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1235
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1236 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1237
1238 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1239 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1240
1241 memcpy( p, buf, buflen );
1242
1243 buflen = 0;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1244
1245 crt->raw.p = p;
1246 crt->raw.len = len;
1247 end = p + len;
1248
1249 /*
1250 * Certificate ::= SEQUENCE {
1251 * tbsCertificate TBSCertificate,
1252 * signatureAlgorithm AlgorithmIdentifier,
1253 * signatureValue BIT STRING }
1254 */
1255 if( ( ret = asn1_get_tag( &p, end, &len,
1256 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1257 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1258 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1259 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1260 }
1261
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1262 if( len > (size_t) ( end - p ) )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1263 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1264 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1265 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1266 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1267 }
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1268 crt_end = p + len;
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1269
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1270 /*
1271 * TBSCertificate ::= SEQUENCE {
1272 */
1273 crt->tbs.p = p;
1274
1275 if( ( ret = asn1_get_tag( &p, end, &len,
1276 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1277 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1278 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1279 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1280 }
1281
1282 end = p + len;
1283 crt->tbs.len = end - crt->tbs.p;
1284
1285 /*
1286 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
1287 *
1288 * CertificateSerialNumber ::= INTEGER
1289 *
1290 * signature AlgorithmIdentifier
1291 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1292 if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
1293 ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
1294 ( ret = x509_get_alg( &p, end, &crt->sig_oid1, NULL ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1295 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1296 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1297 return( ret );
1298 }
1299
1300 crt->version++;
1301
1302 if( crt->version > 3 )
1303 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1304 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1305 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1306 }
1307
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1308 if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md,
1309 &crt->sig_pk ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1310 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1311 x509_free( crt );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1312 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1313 }
1314
1315 /*
1316 * issuer Name
1317 */
1318 crt->issuer_raw.p = p;
1319
1320 if( ( ret = asn1_get_tag( &p, end, &len,
1321 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1322 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1323 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1324 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1325 }
1326
1327 if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
1328 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1329 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1330 return( ret );
1331 }
1332
1333 crt->issuer_raw.len = p - crt->issuer_raw.p;
1334
1335 /*
1336 * Validity ::= SEQUENCE {
1337 * notBefore Time,
1338 * notAfter Time }
1339 *
1340 */
1341 if( ( ret = x509_get_dates( &p, end, &crt->valid_from,
1342 &crt->valid_to ) ) != 0 )
1343 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1344 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1345 return( ret );
1346 }
1347
1348 /*
1349 * subject Name
1350 */
1351 crt->subject_raw.p = p;
1352
1353 if( ( ret = asn1_get_tag( &p, end, &len,
1354 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1355 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1356 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1357 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1358 }
1359
Paul Bakkercefb3962012-06-27 11:51:09 +0000[diff] [blame]1360 if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1361 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1362 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1363 return( ret );
1364 }
1365
1366 crt->subject_raw.len = p - crt->subject_raw.p;
1367
1368 /*
1369 * SubjectPublicKeyInfo ::= SEQUENCE
1370 * algorithm AlgorithmIdentifier,
1371 * subjectPublicKey BIT STRING }
1372 */
1373 if( ( ret = asn1_get_tag( &p, end, &len,
1374 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1375 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1376 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1377 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1378 }
1379
1380 if( ( ret = x509_get_pubkey( &p, p + len, &crt->pk_oid,
1381 &crt->rsa.N, &crt->rsa.E ) ) != 0 )
1382 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1383 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1384 return( ret );
1385 }
1386
1387 if( ( ret = rsa_check_pubkey( &crt->rsa ) ) != 0 )
1388 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1389 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1390 return( ret );
1391 }
1392
1393 crt->rsa.len = mpi_size( &crt->rsa.N );
1394
1395 /*
1396 * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
1397 * -- If present, version shall be v2 or v3
1398 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
1399 * -- If present, version shall be v2 or v3
1400 * extensions [3] EXPLICIT Extensions OPTIONAL
1401 * -- If present, version shall be v3
1402 */
1403 if( crt->version == 2 || crt->version == 3 )
1404 {
1405 ret = x509_get_uid( &p, end, &crt->issuer_id, 1 );
1406 if( ret != 0 )
1407 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1408 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1409 return( ret );
1410 }
1411 }
1412
1413 if( crt->version == 2 || crt->version == 3 )
1414 {
1415 ret = x509_get_uid( &p, end, &crt->subject_id, 2 );
1416 if( ret != 0 )
1417 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1418 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1419 return( ret );
1420 }
1421 }
1422
1423 if( crt->version == 3 )
1424 {
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1425 ret = x509_get_crt_ext( &p, end, crt);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1426 if( ret != 0 )
1427 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1428 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1429 return( ret );
1430 }
1431 }
1432
1433 if( p != end )
1434 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1435 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1436 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1437 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1438 }
1439
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1440 end = crt_end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1441
1442 /*
1443 * signatureAlgorithm AlgorithmIdentifier,
1444 * signatureValue BIT STRING
1445 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1446 if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, NULL ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1447 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1448 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1449 return( ret );
1450 }
1451
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]1452 if( crt->sig_oid1.len != crt->sig_oid2.len ||
1453 memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1454 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1455 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1456 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1457 }
1458
1459 if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 )
1460 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1461 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1462 return( ret );
1463 }
1464
1465 if( p != end )
1466 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1467 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1468 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1469 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1470 }
1471
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1472 return( 0 );
1473}
1474
1475/*
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1476 * Parse one X.509 certificate in DER format from a buffer and add them to a
1477 * chained list
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1478 */
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1479int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1480{
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1481 int ret;
1482 x509_cert *crt = chain, *prev = NULL;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1483
1484 /*
1485 * Check for valid input
1486 */
1487 if( crt == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1488 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1489
1490 while( crt->version != 0 && crt->next != NULL )
1491 {
1492 prev = crt;
1493 crt = crt->next;
1494 }
1495
1496 /*
1497 * Add new certificate on the end of the chain if needed.
1498 */
1499 if ( crt->version != 0 && crt->next == NULL)
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1500 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1501 crt->next = (x509_cert *) polarssl_malloc( sizeof( x509_cert ) );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1502
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1503 if( crt->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1504 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1505
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1506 prev = crt;
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1507 crt = crt->next;
1508 memset( crt, 0, sizeof( x509_cert ) );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1509 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1510
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1511 if( ( ret = x509parse_crt_der_core( crt, buf, buflen ) ) != 0 )
1512 {
1513 if( prev )
1514 prev->next = NULL;
1515
1516 if( crt != chain )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1517 polarssl_free( crt );
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1518
1519 return( ret );
1520 }
1521
1522 return( 0 );
1523}
1524
1525/*
1526 * Parse one or more PEM certificates from a buffer and add them to the chained list
1527 */
1528int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
1529{
1530 int ret, success = 0, first_error = 0, total_failed = 0;
1531 int buf_format = X509_FORMAT_DER;
1532
1533 /*
1534 * Check for valid input
1535 */
1536 if( chain == NULL || buf == NULL )
1537 return( POLARSSL_ERR_X509_INVALID_INPUT );
1538
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1539 /*
1540 * Determine buffer content. Buffer contains either one DER certificate or
1541 * one or more PEM certificates.
1542 */
1543#if defined(POLARSSL_PEM_C)
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]1544 if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1545 buf_format = X509_FORMAT_PEM;
1546#endif
1547
1548 if( buf_format == X509_FORMAT_DER )
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1549 return x509parse_crt_der( chain, buf, buflen );
1550
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1551#if defined(POLARSSL_PEM_C)
1552 if( buf_format == X509_FORMAT_PEM )
1553 {
1554 pem_context pem;
1555
1556 while( buflen > 0 )
1557 {
1558 size_t use_len;
1559 pem_init( &pem );
1560
1561 ret = pem_read_buffer( &pem,
1562 "-----BEGIN CERTIFICATE-----",
1563 "-----END CERTIFICATE-----",
1564 buf, NULL, 0, &use_len );
1565
1566 if( ret == 0 )
1567 {
1568 /*
1569 * Was PEM encoded
1570 */
1571 buflen -= use_len;
1572 buf += use_len;
1573 }
Paul Bakker5ed3b342013-06-24 19:05:46 +0200[diff] [blame]1574 else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
1575 {
1576 return( ret );
1577 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]1578 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1579 {
1580 pem_free( &pem );
1581
Paul Bakker5ed3b342013-06-24 19:05:46 +0200[diff] [blame]1582 /*
1583 * PEM header and footer were found
1584 */
1585 buflen -= use_len;
1586 buf += use_len;
1587
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1588 if( first_error == 0 )
1589 first_error = ret;
1590
1591 continue;
1592 }
1593 else
1594 break;
1595
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1596 ret = x509parse_crt_der( chain, pem.buf, pem.buflen );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1597
1598 pem_free( &pem );
1599
1600 if( ret != 0 )
1601 {
1602 /*
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1603 * Quit parsing on a memory error
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1604 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1605 if( ret == POLARSSL_ERR_X509_MALLOC_FAILED )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1606 return( ret );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1607
1608 if( first_error == 0 )
1609 first_error = ret;
1610
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1611 total_failed++;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1612 continue;
1613 }
1614
1615 success = 1;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1616 }
1617 }
1618#endif
1619
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1620 if( success )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1621 return( total_failed );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1622 else if( first_error )
1623 return( first_error );
1624 else
1625 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1626}
1627
1628/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1629 * Parse one or more CRLs and add them to the chained list
1630 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1631int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1632{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1633 int ret;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1634 size_t len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1635 unsigned char *p, *end;
1636 x509_crl *crl;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1637#if defined(POLARSSL_PEM_C)
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1638 size_t use_len;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1639 pem_context pem;
1640#endif
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1641
1642 crl = chain;
1643
1644 /*
1645 * Check for valid input
1646 */
1647 if( crl == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1648 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1649
1650 while( crl->version != 0 && crl->next != NULL )
1651 crl = crl->next;
1652
1653 /*
1654 * Add new CRL on the end of the chain if needed.
1655 */
1656 if ( crl->version != 0 && crl->next == NULL)
1657 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1658 crl->next = (x509_crl *) polarssl_malloc( sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1659
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1660 if( crl->next == NULL )
1661 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1662 x509_crl_free( crl );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1663 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1664 }
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1665
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1666 crl = crl->next;
1667 memset( crl, 0, sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1668 }
1669
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1670#if defined(POLARSSL_PEM_C)
1671 pem_init( &pem );
1672 ret = pem_read_buffer( &pem,
1673 "-----BEGIN X509 CRL-----",
1674 "-----END X509 CRL-----",
1675 buf, NULL, 0, &use_len );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1676
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1677 if( ret == 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1678 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1679 /*
1680 * Was PEM encoded
1681 */
1682 buflen -= use_len;
1683 buf += use_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1684
1685 /*
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1686 * Steal PEM buffer
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1687 */
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1688 p = pem.buf;
1689 pem.buf = NULL;
1690 len = pem.buflen;
1691 pem_free( &pem );
1692 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]1693 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1694 {
1695 pem_free( &pem );
1696 return( ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1697 }
1698 else
1699 {
1700 /*
1701 * nope, copy the raw DER data
1702 */
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1703 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1704
1705 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1706 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1707
1708 memcpy( p, buf, buflen );
1709
1710 buflen = 0;
1711 }
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1712#else
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1713 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1714
1715 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1716 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1717
1718 memcpy( p, buf, buflen );
1719
1720 buflen = 0;
1721#endif
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1722
1723 crl->raw.p = p;
1724 crl->raw.len = len;
1725 end = p + len;
1726
1727 /*
1728 * CertificateList ::= SEQUENCE {
1729 * tbsCertList TBSCertList,
1730 * signatureAlgorithm AlgorithmIdentifier,
1731 * signatureValue BIT STRING }
1732 */
1733 if( ( ret = asn1_get_tag( &p, end, &len,
1734 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1735 {
1736 x509_crl_free( crl );
1737 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
1738 }
1739
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1740 if( len != (size_t) ( end - p ) )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1741 {
1742 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1743 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1744 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1745 }
1746
1747 /*
1748 * TBSCertList ::= SEQUENCE {
1749 */
1750 crl->tbs.p = p;
1751
1752 if( ( ret = asn1_get_tag( &p, end, &len,
1753 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1754 {
1755 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1756 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1757 }
1758
1759 end = p + len;
1760 crl->tbs.len = end - crl->tbs.p;
1761
1762 /*
1763 * Version ::= INTEGER OPTIONAL { v1(0), v2(1) }
1764 * -- if present, MUST be v2
1765 *
1766 * signature AlgorithmIdentifier
1767 */
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]1768 if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1769 ( ret = x509_get_alg( &p, end, &crl->sig_oid1, NULL ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1770 {
1771 x509_crl_free( crl );
1772 return( ret );
1773 }
1774
1775 crl->version++;
1776
1777 if( crl->version > 2 )
1778 {
1779 x509_crl_free( crl );
1780 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION );
1781 }
1782
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1783 if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_md,
1784 &crl->sig_pk ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1785 {
1786 x509_crl_free( crl );
1787 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG );
1788 }
1789
1790 /*
1791 * issuer Name
1792 */
1793 crl->issuer_raw.p = p;
1794
1795 if( ( ret = asn1_get_tag( &p, end, &len,
1796 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1797 {
1798 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1799 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1800 }
1801
1802 if( ( ret = x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
1803 {
1804 x509_crl_free( crl );
1805 return( ret );
1806 }
1807
1808 crl->issuer_raw.len = p - crl->issuer_raw.p;
1809
1810 /*
1811 * thisUpdate Time
1812 * nextUpdate Time OPTIONAL
1813 */
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]1814 if( ( ret = x509_get_time( &p, end, &crl->this_update ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1815 {
1816 x509_crl_free( crl );
1817 return( ret );
1818 }
1819
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]1820 if( ( ret = x509_get_time( &p, end, &crl->next_update ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1821 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1822 if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1823 POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) &&
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1824 ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1825 POLARSSL_ERR_ASN1_OUT_OF_DATA ) )
Paul Bakker635f4b42009-07-20 20:34:41 +0000[diff] [blame]1826 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1827 x509_crl_free( crl );
1828 return( ret );
1829 }
1830 }
1831
1832 /*
1833 * revokedCertificates SEQUENCE OF SEQUENCE {
1834 * userCertificate CertificateSerialNumber,
1835 * revocationDate Time,
1836 * crlEntryExtensions Extensions OPTIONAL
1837 * -- if present, MUST be v2
1838 * } OPTIONAL
1839 */
1840 if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 )
1841 {
1842 x509_crl_free( crl );
1843 return( ret );
1844 }
1845
1846 /*
1847 * crlExtensions EXPLICIT Extensions OPTIONAL
1848 * -- if present, MUST be v2
1849 */
1850 if( crl->version == 2 )
1851 {
1852 ret = x509_get_crl_ext( &p, end, &crl->crl_ext );
1853
1854 if( ret != 0 )
1855 {
1856 x509_crl_free( crl );
1857 return( ret );
1858 }
1859 }
1860
1861 if( p != end )
1862 {
1863 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1864 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1865 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1866 }
1867
1868 end = crl->raw.p + crl->raw.len;
1869
1870 /*
1871 * signatureAlgorithm AlgorithmIdentifier,
1872 * signatureValue BIT STRING
1873 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1874 if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, NULL ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1875 {
1876 x509_crl_free( crl );
1877 return( ret );
1878 }
1879
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]1880 if( crl->sig_oid1.len != crl->sig_oid2.len ||
1881 memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1882 {
1883 x509_crl_free( crl );
1884 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
1885 }
1886
1887 if( ( ret = x509_get_sig( &p, end, &crl->sig ) ) != 0 )
1888 {
1889 x509_crl_free( crl );
1890 return( ret );
1891 }
1892
1893 if( p != end )
1894 {
1895 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1896 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1897 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1898 }
1899
1900 if( buflen > 0 )
1901 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1902 crl->next = (x509_crl *) polarssl_malloc( sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1903
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1904 if( crl->next == NULL )
1905 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1906 x509_crl_free( crl );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1907 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1908 }
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1909
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1910 crl = crl->next;
1911 memset( crl, 0, sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1912
1913 return( x509parse_crl( crl, buf, buflen ) );
1914 }
1915
1916 return( 0 );
1917}
1918
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]1919#if defined(POLARSSL_FS_IO)
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1920/*
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1921 * Load all data from a file into a given buffer.
1922 */
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]1923static int load_file( const char *path, unsigned char **buf, size_t *n )
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1924{
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1925 FILE *f;
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1926
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1927 if( ( f = fopen( path, "rb" ) ) == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1928 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1929
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1930 fseek( f, 0, SEEK_END );
1931 *n = (size_t) ftell( f );
1932 fseek( f, 0, SEEK_SET );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1933
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1934 if( ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL )
Paul Bakkerf6a19bd2013-05-14 13:26:51 +0200[diff] [blame]1935 {
1936 fclose( f );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1937 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakkerf6a19bd2013-05-14 13:26:51 +0200[diff] [blame]1938 }
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1939
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1940 if( fread( *buf, 1, *n, f ) != *n )
1941 {
1942 fclose( f );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1943 polarssl_free( *buf );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1944 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1945 }
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1946
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1947 fclose( f );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1948
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1949 (*buf)[*n] = '\0';
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1950
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1951 return( 0 );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1952}
1953
1954/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1955 * Load one or more certificates and add them to the chained list
1956 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1957int x509parse_crtfile( x509_cert *chain, const char *path )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1958{
1959 int ret;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1960 size_t n;
1961 unsigned char *buf;
1962
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]1963 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1964 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1965
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1966 ret = x509parse_crt( chain, buf, n );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1967
1968 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1969 polarssl_free( buf );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1970
1971 return( ret );
1972}
1973
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1974int x509parse_crtpath( x509_cert *chain, const char *path )
1975{
1976 int ret = 0;
1977#if defined(_WIN32)
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1978 int w_ret;
1979 WCHAR szDir[MAX_PATH];
1980 char filename[MAX_PATH];
1981 char *p;
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1982 int len = strlen( path );
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1983
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]1984 WIN32_FIND_DATAW file_data;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1985 HANDLE hFind;
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1986
1987 if( len > MAX_PATH - 3 )
1988 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1989
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1990 memset( szDir, 0, sizeof(szDir) );
1991 memset( filename, 0, MAX_PATH );
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1992 memcpy( filename, path, len );
1993 filename[len++] = '\\';
1994 p = filename + len;
1995 filename[len++] = '*';
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1996
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1997 w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1998
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]1999 hFind = FindFirstFileW( szDir, &file_data );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2000 if (hFind == INVALID_HANDLE_VALUE)
2001 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2002
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2003 len = MAX_PATH - len;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2004 do
2005 {
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2006 memset( p, 0, len );
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2007
Paul Bakkere4791f32012-06-04 21:29:15 +0000[diff] [blame]2008 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2009 continue;
2010
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2011 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
2012 lstrlenW(file_data.cFileName),
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2013 p, len - 1,
2014 NULL, NULL );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2015
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2016 w_ret = x509parse_crtfile( chain, filename );
2017 if( w_ret < 0 )
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2018 ret++;
2019 else
2020 ret += w_ret;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2021 }
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]2022 while( FindNextFileW( hFind, &file_data ) != 0 );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2023
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2024 if (GetLastError() != ERROR_NO_MORE_FILES)
2025 ret = POLARSSL_ERR_X509_FILE_IO_ERROR;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2026
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2027cleanup:
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2028 FindClose( hFind );
2029#else
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2030 int t_ret, i;
2031 struct stat sb;
2032 struct dirent entry, *result = NULL;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2033 char entry_name[255];
2034 DIR *dir = opendir( path );
2035
2036 if( dir == NULL)
2037 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2038
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2039 while( ( t_ret = readdir_r( dir, &entry, &result ) ) == 0 )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2040 {
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2041 if( result == NULL )
2042 break;
2043
2044 snprintf( entry_name, sizeof(entry_name), "%s/%s", path, entry.d_name );
2045
2046 i = stat( entry_name, &sb );
2047
2048 if( i == -1 )
2049 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2050
2051 if( !S_ISREG( sb.st_mode ) )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2052 continue;
2053
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2054 // Ignore parse errors
2055 //
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2056 t_ret = x509parse_crtfile( chain, entry_name );
2057 if( t_ret < 0 )
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2058 ret++;
2059 else
2060 ret += t_ret;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2061 }
2062 closedir( dir );
2063#endif
2064
2065 return( ret );
2066}
2067
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2068/*
2069 * Load one or more CRLs and add them to the chained list
2070 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]2071int x509parse_crlfile( x509_crl *chain, const char *path )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2072{
2073 int ret;
2074 size_t n;
2075 unsigned char *buf;
2076
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2077 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2078 return( ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2079
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]2080 ret = x509parse_crl( chain, buf, n );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2081
2082 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2083 polarssl_free( buf );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2084
2085 return( ret );
2086}
2087
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2088/*
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2089 * Load and parse a private RSA key
2090 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2091int x509parse_keyfile_rsa( rsa_context *rsa, const char *path, const char *pwd )
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2092{
2093 int ret;
2094 size_t n;
2095 unsigned char *buf;
2096
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2097 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2098 return( ret );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2099
2100 if( pwd == NULL )
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2101 ret = x509parse_key_rsa( rsa, buf, n, NULL, 0 );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2102 else
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2103 ret = x509parse_key_rsa( rsa, buf, n,
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]2104 (const unsigned char *) pwd, strlen( pwd ) );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2105
2106 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2107 polarssl_free( buf );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2108
2109 return( ret );
2110}
2111
2112/*
2113 * Load and parse a public RSA key
2114 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2115int x509parse_public_keyfile_rsa( rsa_context *rsa, const char *path )
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2116{
2117 int ret;
2118 size_t n;
2119 unsigned char *buf;
2120
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2121 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2122 return( ret );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2123
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2124 ret = x509parse_public_key_rsa( rsa, buf, n );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2125
2126 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2127 polarssl_free( buf );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2128
2129 return( ret );
2130}
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2131
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2132/*
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2133 * Load and parse a private key
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2134 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2135int x509parse_keyfile( pk_context *ctx,
2136 const char *path, const char *pwd )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2137{
2138 int ret;
2139 size_t n;
2140 unsigned char *buf;
2141
2142 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
2143 return( ret );
2144
2145 if( pwd == NULL )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2146 ret = x509parse_key( ctx, buf, n, NULL, 0 );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2147 else
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2148 ret = x509parse_key( ctx, buf, n,
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2149 (const unsigned char *) pwd, strlen( pwd ) );
2150
2151 memset( buf, 0, n + 1 );
2152 free( buf );
2153
2154 return( ret );
2155}
2156
2157/*
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2158 * Load and parse a public key
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2159 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2160int x509parse_public_keyfile( pk_context *ctx, const char *path )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2161{
2162 int ret;
2163 size_t n;
2164 unsigned char *buf;
2165
2166 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
2167 return( ret );
2168
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2169 ret = x509parse_public_key( ctx, buf, n );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2170
2171 memset( buf, 0, n + 1 );
2172 free( buf );
2173
2174 return( ret );
2175}
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2176
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2177#endif /* POLARSSL_FS_IO */
2178
2179/*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2180 * Parse a PKCS#1 encoded private RSA key
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2181 */
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2182static int x509parse_key_pkcs1_der( rsa_context *rsa,
2183 const unsigned char *key,
2184 size_t keylen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2185{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]2186 int ret;
2187 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2188 unsigned char *p, *end;
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]2189
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2190 p = (unsigned char *) key;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2191 end = p + keylen;
2192
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2193 /*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2194 * This function parses the RSAPrivateKey (PKCS#1)
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]2195 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2196 * RSAPrivateKey ::= SEQUENCE {
2197 * version Version,
2198 * modulus INTEGER, -- n
2199 * publicExponent INTEGER, -- e
2200 * privateExponent INTEGER, -- d
2201 * prime1 INTEGER, -- p
2202 * prime2 INTEGER, -- q
2203 * exponent1 INTEGER, -- d mod (p-1)
2204 * exponent2 INTEGER, -- d mod (q-1)
2205 * coefficient INTEGER, -- (inverse of q) mod p
2206 * otherPrimeInfos OtherPrimeInfos OPTIONAL
2207 * }
2208 */
2209 if( ( ret = asn1_get_tag( &p, end, &len,
2210 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2211 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2212 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2213 }
2214
2215 end = p + len;
2216
2217 if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
2218 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2219 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2220 }
2221
2222 if( rsa->ver != 0 )
2223 {
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2224 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2225 }
2226
2227 if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
2228 ( ret = asn1_get_mpi( &p, end, &rsa->E ) ) != 0 ||
2229 ( ret = asn1_get_mpi( &p, end, &rsa->D ) ) != 0 ||
2230 ( ret = asn1_get_mpi( &p, end, &rsa->P ) ) != 0 ||
2231 ( ret = asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 ||
2232 ( ret = asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 ||
2233 ( ret = asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 ||
2234 ( ret = asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 )
2235 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2236 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2237 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2238 }
2239
2240 rsa->len = mpi_size( &rsa->N );
2241
2242 if( p != end )
2243 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2244 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2245 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]2246 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2247 }
2248
2249 if( ( ret = rsa_check_privkey( rsa ) ) != 0 )
2250 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2251 rsa_free( rsa );
2252 return( ret );
2253 }
2254
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2255 return( 0 );
2256}
2257
2258/*
2259 * Parse an unencrypted PKCS#8 encoded private RSA key
2260 */
2261static int x509parse_key_pkcs8_unencrypted_der(
2262 rsa_context *rsa,
2263 const unsigned char *key,
2264 size_t keylen )
2265{
2266 int ret;
2267 size_t len;
2268 unsigned char *p, *end;
2269 x509_buf pk_alg_oid;
2270 pk_type_t pk_alg = POLARSSL_PK_NONE;
2271
2272 p = (unsigned char *) key;
2273 end = p + keylen;
2274
2275 /*
2276 * This function parses the PrivatKeyInfo object (PKCS#8)
2277 *
2278 * PrivateKeyInfo ::= SEQUENCE {
2279 * version Version,
2280 * algorithm AlgorithmIdentifier,
2281 * PrivateKey BIT STRING
2282 * }
2283 *
2284 * AlgorithmIdentifier ::= SEQUENCE {
2285 * algorithm OBJECT IDENTIFIER,
2286 * parameters ANY DEFINED BY algorithm OPTIONAL
2287 * }
2288 *
2289 * The PrivateKey BIT STRING is a PKCS#1 RSAPrivateKey
2290 */
2291 if( ( ret = asn1_get_tag( &p, end, &len,
2292 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2293 {
2294 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2295 }
2296
2297 end = p + len;
2298
2299 if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
2300 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2301
2302 if( rsa->ver != 0 )
2303 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
2304
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2305 if( ( ret = asn1_get_alg_null( &p, end, &pk_alg_oid ) ) != 0 )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2306 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2307
2308 /*
2309 * only RSA keys handled at this time
2310 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2311 if( oid_get_pk_alg( &pk_alg_oid, &pk_alg ) != 0 )
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]2312 {
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2313 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]2314 }
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2315
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2316 if (pk_alg != POLARSSL_PK_RSA )
2317 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
2318
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2319 /*
2320 * Get the OCTET STRING and parse the PKCS#1 format inside
2321 */
2322 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2323 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2324
2325 if( ( end - p ) < 1 )
2326 {
2327 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
2328 POLARSSL_ERR_ASN1_OUT_OF_DATA );
2329 }
2330
2331 end = p + len;
2332
2333 if( ( ret = x509parse_key_pkcs1_der( rsa, p, end - p ) ) != 0 )
2334 return( ret );
2335
2336 return( 0 );
2337}
2338
2339/*
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2340 * Decrypt the content of a PKCS#8 EncryptedPrivateKeyInfo
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2341 */
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2342static int x509parse_pkcs8_decrypt( unsigned char *buf, size_t buflen,
2343 size_t *used_len,
2344 const unsigned char *key, size_t keylen,
2345 const unsigned char *pwd, size_t pwdlen )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2346{
2347 int ret;
2348 size_t len;
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2349 unsigned char *p, *end;
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2350 x509_buf pbe_alg_oid, pbe_params;
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2351#if defined(POLARSSL_PKCS12_C)
2352 cipher_type_t cipher_alg;
2353 md_type_t md_alg;
2354#endif
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2355
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2356 memset(buf, 0, buflen);
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2357
2358 p = (unsigned char *) key;
2359 end = p + keylen;
2360
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2361 if( pwdlen == 0 )
2362 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
2363
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2364 /*
2365 * This function parses the EncryptedPrivatKeyInfo object (PKCS#8)
2366 *
2367 * EncryptedPrivateKeyInfo ::= SEQUENCE {
2368 * encryptionAlgorithm EncryptionAlgorithmIdentifier,
2369 * encryptedData EncryptedData
2370 * }
2371 *
2372 * EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
2373 *
2374 * EncryptedData ::= OCTET STRING
2375 *
2376 * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
2377 */
2378 if( ( ret = asn1_get_tag( &p, end, &len,
2379 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2380 {
2381 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2382 }
2383
2384 end = p + len;
2385
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2386 if( ( ret = asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2387 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2388
2389 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2390 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2391
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2392 if( len > buflen )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2393 return( POLARSSL_ERR_X509_INVALID_INPUT );
2394
2395 /*
2396 * Decrypt EncryptedData with appropriate PDE
2397 */
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2398#if defined(POLARSSL_PKCS12_C)
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2399 if( oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2400 {
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2401 if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT,
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2402 cipher_alg, md_alg,
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2403 pwd, pwdlen, p, len, buf ) ) != 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2404 {
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2405 if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH )
2406 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2407
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2408 return( ret );
2409 }
2410 }
2411 else if( OID_CMP( OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) )
2412 {
2413 if( ( ret = pkcs12_pbe_sha1_rc4_128( &pbe_params,
2414 PKCS12_PBE_DECRYPT,
2415 pwd, pwdlen,
2416 p, len, buf ) ) != 0 )
2417 {
2418 return( ret );
2419 }
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2420
2421 // Best guess for password mismatch when using RC4. If first tag is
2422 // not ASN1_CONSTRUCTED | ASN1_SEQUENCE
2423 //
2424 if( *buf != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
2425 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2426 }
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2427 else
2428#endif /* POLARSSL_PKCS12_C */
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2429#if defined(POLARSSL_PKCS5_C)
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2430 if( OID_CMP( OID_PKCS5_PBES2, &pbe_alg_oid ) )
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2431 {
2432 if( ( ret = pkcs5_pbes2( &pbe_params, PKCS5_DECRYPT, pwd, pwdlen,
2433 p, len, buf ) ) != 0 )
2434 {
2435 if( ret == POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH )
2436 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2437
2438 return( ret );
2439 }
2440 }
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2441 else
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2442#endif /* POLARSSL_PKCS5_C */
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2443 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
2444
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2445 *used_len = len;
2446 return( 0 );
2447}
2448
2449/*
2450 * Parse an encrypted PKCS#8 encoded private RSA key
2451 */
2452static int x509parse_key_pkcs8_encrypted_der(
2453 rsa_context *rsa,
2454 const unsigned char *key, size_t keylen,
2455 const unsigned char *pwd, size_t pwdlen )
2456{
2457 int ret;
2458 unsigned char buf[2048];
2459 size_t len = 0;
2460
2461 if( ( ret = x509parse_pkcs8_decrypt( buf, sizeof( buf ), &len,
2462 key, keylen, pwd, pwdlen ) ) != 0 )
2463 {
2464 return( ret );
2465 }
2466
2467 return( x509parse_key_pkcs8_unencrypted_der( rsa, buf, len ) );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2468}
2469
2470/*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2471 * Parse a private RSA key
2472 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2473int x509parse_key_rsa( rsa_context *rsa,
2474 const unsigned char *key, size_t keylen,
2475 const unsigned char *pwd, size_t pwdlen )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2476{
2477 int ret;
2478
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2479#if defined(POLARSSL_PEM_C)
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2480 size_t len;
2481 pem_context pem;
2482
2483 pem_init( &pem );
2484 ret = pem_read_buffer( &pem,
2485 "-----BEGIN RSA PRIVATE KEY-----",
2486 "-----END RSA PRIVATE KEY-----",
2487 key, pwd, pwdlen, &len );
2488 if( ret == 0 )
2489 {
2490 if( ( ret = x509parse_key_pkcs1_der( rsa, pem.buf, pem.buflen ) ) != 0 )
2491 {
2492 rsa_free( rsa );
2493 }
2494
2495 pem_free( &pem );
2496 return( ret );
2497 }
Paul Bakkera4232a72013-06-24 19:32:25 +0200[diff] [blame]2498 else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH )
2499 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2500 else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED )
2501 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2502 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2503 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2504
2505 ret = pem_read_buffer( &pem,
2506 "-----BEGIN PRIVATE KEY-----",
2507 "-----END PRIVATE KEY-----",
2508 key, NULL, 0, &len );
2509 if( ret == 0 )
2510 {
2511 if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa,
2512 pem.buf, pem.buflen ) ) != 0 )
2513 {
2514 rsa_free( rsa );
2515 }
2516
2517 pem_free( &pem );
2518 return( ret );
2519 }
2520 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2521 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2522
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2523 ret = pem_read_buffer( &pem,
2524 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
2525 "-----END ENCRYPTED PRIVATE KEY-----",
2526 key, NULL, 0, &len );
2527 if( ret == 0 )
2528 {
2529 if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa,
2530 pem.buf, pem.buflen,
2531 pwd, pwdlen ) ) != 0 )
2532 {
2533 rsa_free( rsa );
2534 }
2535
2536 pem_free( &pem );
2537 return( ret );
2538 }
2539 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2540 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2541#else
2542 ((void) pwd);
2543 ((void) pwdlen);
2544#endif /* POLARSSL_PEM_C */
2545
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2546 /*
2547 * At this point we only know it's not a PEM formatted key. Could be any
2548 * of the known DER encoded private key formats
2549 *
2550 * We try the different DER format parsers to see if one passes without
2551 * error
2552 */
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2553 if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa, key, keylen,
2554 pwd, pwdlen ) ) == 0 )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2555 {
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2556 return( 0 );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2557 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2558
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2559 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2560
2561 if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH )
2562 {
2563 return( ret );
2564 }
2565
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2566 if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa, key, keylen ) ) == 0 )
2567 return( 0 );
2568
2569 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2570
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2571 if( ( ret = x509parse_key_pkcs1_der( rsa, key, keylen ) ) == 0 )
2572 return( 0 );
2573
2574 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2575
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2576 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2577}
2578
2579/*
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2580 * Parse a public RSA key
2581 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2582int x509parse_public_key_rsa( rsa_context *rsa,
2583 const unsigned char *key, size_t keylen )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2584{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]2585 int ret;
2586 size_t len;
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2587 unsigned char *p, *end;
2588 x509_buf alg_oid;
2589#if defined(POLARSSL_PEM_C)
2590 pem_context pem;
2591
2592 pem_init( &pem );
2593 ret = pem_read_buffer( &pem,
2594 "-----BEGIN PUBLIC KEY-----",
2595 "-----END PUBLIC KEY-----",
2596 key, NULL, 0, &len );
2597
2598 if( ret == 0 )
2599 {
2600 /*
2601 * Was PEM encoded
2602 */
2603 keylen = pem.buflen;
2604 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]2605 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2606 {
2607 pem_free( &pem );
2608 return( ret );
2609 }
2610
2611 p = ( ret == 0 ) ? pem.buf : (unsigned char *) key;
2612#else
2613 p = (unsigned char *) key;
2614#endif
2615 end = p + keylen;
2616
2617 /*
2618 * PublicKeyInfo ::= SEQUENCE {
2619 * algorithm AlgorithmIdentifier,
2620 * PublicKey BIT STRING
2621 * }
2622 *
2623 * AlgorithmIdentifier ::= SEQUENCE {
2624 * algorithm OBJECT IDENTIFIER,
2625 * parameters ANY DEFINED BY algorithm OPTIONAL
2626 * }
2627 *
2628 * RSAPublicKey ::= SEQUENCE {
2629 * modulus INTEGER, -- n
2630 * publicExponent INTEGER -- e
2631 * }
2632 */
2633
2634 if( ( ret = asn1_get_tag( &p, end, &len,
2635 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2636 {
2637#if defined(POLARSSL_PEM_C)
2638 pem_free( &pem );
2639#endif
2640 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2641 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2642 }
2643
2644 if( ( ret = x509_get_pubkey( &p, end, &alg_oid, &rsa->N, &rsa->E ) ) != 0 )
2645 {
2646#if defined(POLARSSL_PEM_C)
2647 pem_free( &pem );
2648#endif
2649 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2650 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2651 }
2652
2653 if( ( ret = rsa_check_pubkey( rsa ) ) != 0 )
2654 {
2655#if defined(POLARSSL_PEM_C)
2656 pem_free( &pem );
2657#endif
2658 rsa_free( rsa );
2659 return( ret );
2660 }
2661
2662 rsa->len = mpi_size( &rsa->N );
2663
2664#if defined(POLARSSL_PEM_C)
2665 pem_free( &pem );
2666#endif
2667
2668 return( 0 );
2669}
2670
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2671#if defined(POLARSSL_ECP_C)
2672/*
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2673 * Parse a SEC1 encoded private EC key
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2674 */
2675static int x509parse_key_sec1_der( ecp_keypair *eck,
2676 const unsigned char *key,
2677 size_t keylen )
2678{
2679 int ret;
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2680 int version;
2681 size_t len;
2682 ecp_group_id grp_id;
2683 unsigned char *p = (unsigned char *) key;
2684 unsigned char *end = p + keylen;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2685
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2686 /*
2687 * RFC 5915, orf SEC1 Appendix C.4
2688 *
2689 * ECPrivateKey ::= SEQUENCE {
2690 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
2691 * privateKey OCTET STRING,
2692 * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
2693 * publicKey [1] BIT STRING OPTIONAL
2694 * }
2695 */
2696 if( ( ret = asn1_get_tag( &p, end, &len,
2697 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2698 {
2699 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2700 }
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2701
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2702 end = p + len;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2703
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2704 if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 )
2705 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2706
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2707 if( version != 1 )
2708 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION );
2709
2710 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2711 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2712
2713 if( ( ret = mpi_read_binary( &eck->d, p, len ) ) != 0 )
2714 {
2715 ecp_keypair_free( eck );
2716 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2717 }
2718
2719 p += len;
2720
2721 /*
2722 * Is 'parameters' present?
2723 */
2724 if( ( ret = asn1_get_tag( &p, end, &len,
2725 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 )
2726 {
2727 if( ( ret = x509_get_ecparams( &p, p + len, &grp_id) ) != 0 )
2728 return( ret );
2729
Manuel Pégourié-Gonnardd4ec21d2013-07-04 12:04:57 +0200[diff] [blame]2730 /*
2731 * If we're wrapped in a bigger structure (eg PKCS#8), grp may have been
2732 * defined externally. In this case, make sure both definitions match.
2733 */
2734 if( eck->grp.id != 0 )
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2735 {
Manuel Pégourié-Gonnardd4ec21d2013-07-04 12:04:57 +0200[diff] [blame]2736 if( eck->grp.id != grp_id )
2737 {
2738 ecp_keypair_free( eck );
2739 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2740 }
2741 }
2742 else
2743 {
2744 if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
2745 {
2746 ecp_keypair_free( eck );
2747 return( ret );
2748 }
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2749 }
2750 }
2751 else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
2752 {
2753 ecp_keypair_free( eck );
2754 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2755 }
2756
2757 /*
2758 * Is 'publickey' present?
2759 */
2760 if( ( ret = asn1_get_tag( &p, end, &len,
2761 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 )
2762 {
2763 if( ( ret = x509_get_subpubkey_ec( &p, p + len, &eck->grp, &eck->Q ) )
2764 != 0 )
2765 {
2766 ecp_keypair_free( eck );
2767 return( ret );
2768 }
2769
2770 if( ( ret = ecp_check_pubkey( &eck->grp, &eck->Q ) ) != 0 )
2771 {
2772 ecp_keypair_free( eck );
2773 return( ret );
2774 }
2775 }
2776 else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
2777 {
2778 ecp_keypair_free( eck );
2779 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2780 }
2781
Manuel Pégourié-Gonnardde44a4a2013-07-09 16:05:52 +0200[diff] [blame]2782 if( ( ret = ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2783 {
2784 ecp_keypair_free( eck );
2785 return( ret );
2786 }
2787
2788 return 0;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2789}
2790
2791/*
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2792 * Parse an unencrypted PKCS#8 encoded private EC key
2793 */
2794static int x509parse_key_pkcs8_unencrypted_der_ec(
2795 ecp_keypair *eck,
2796 const unsigned char* key,
2797 size_t keylen )
2798{
2799 int ret, version;
2800 size_t len;
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]2801 x509_buf alg_params;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2802 ecp_group_id grp_id;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2803 unsigned char *p = (unsigned char *) key;
2804 unsigned char *end = p + keylen;
2805 pk_type_t pk_alg = POLARSSL_PK_NONE;
2806
2807 /*
2808 * This function parses the PrivatKeyInfo object (PKCS#8 v1.2 = RFC 5208)
2809 *
2810 * PrivateKeyInfo ::= SEQUENCE {
2811 * version Version,
2812 * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
2813 * privateKey PrivateKey,
2814 * attributes [0] IMPLICIT Attributes OPTIONAL }
2815 *
2816 * Version ::= INTEGER
2817 * PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
2818 * PrivateKey ::= OCTET STRING
2819 *
2820 * The PrivateKey OCTET STRING is a SEC1 ECPrivateKey
2821 */
2822
2823 if( ( ret = asn1_get_tag( &p, end, &len,
2824 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2825 {
2826 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2827 }
2828
2829 end = p + len;
2830
2831 if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 )
2832 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2833
2834 if( version != 0 )
2835 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
2836
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]2837 if( ( ret = x509_get_algid( &p, end, &pk_alg, &alg_params ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2838 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2839
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2840 if( pk_alg != POLARSSL_PK_ECKEY && pk_alg != POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2841 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2842
2843 if( pk_alg == POLARSSL_PK_ECKEY_DH )
2844 eck->alg = POLARSSL_ECP_KEY_ALG_ECDH;
2845
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]2846 if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2847 {
2848 ecp_keypair_free( eck );
2849 return( ret );
2850 }
2851
2852 if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
2853 {
2854 ecp_keypair_free( eck );
2855 return( ret );
2856 }
2857
2858 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2859 {
2860 ecp_keypair_free( eck );
2861 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2862 }
2863
2864 if( ( ret = x509parse_key_sec1_der( eck, p, len ) ) != 0 )
2865 {
2866 ecp_keypair_free( eck );
2867 return( ret );
2868 }
2869
Manuel Pégourié-Gonnardde44a4a2013-07-09 16:05:52 +0200[diff] [blame]2870 if( ( ret = ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2871 {
2872 ecp_keypair_free( eck );
2873 return( ret );
2874 }
2875
2876 return 0;
2877}
2878
2879/*
2880 * Parse an encrypted PKCS#8 encoded private EC key
2881 */
2882static int x509parse_key_pkcs8_encrypted_der_ec(
2883 ecp_keypair *eck,
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2884 const unsigned char *key, size_t keylen,
2885 const unsigned char *pwd, size_t pwdlen )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2886{
2887 int ret;
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2888 unsigned char buf[2048];
2889 size_t len = 0;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2890
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2891 if( ( ret = x509parse_pkcs8_decrypt( buf, sizeof( buf ), &len,
2892 key, keylen, pwd, pwdlen ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2893 {
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2894 return( ret );
2895 }
2896
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2897 return( x509parse_key_pkcs8_unencrypted_der_ec( eck, buf, len ) );
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2898}
2899
2900/*
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2901 * Parse a private EC key
2902 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2903static int x509parse_key_ec( ecp_keypair *eck,
2904 const unsigned char *key, size_t keylen,
2905 const unsigned char *pwd, size_t pwdlen )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2906{
2907 int ret;
2908
2909#if defined(POLARSSL_PEM_C)
2910 size_t len;
2911 pem_context pem;
2912
2913 pem_init( &pem );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2914 ret = pem_read_buffer( &pem,
2915 "-----BEGIN EC PRIVATE KEY-----",
2916 "-----END EC PRIVATE KEY-----",
2917 key, pwd, pwdlen, &len );
2918 if( ret == 0 )
2919 {
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2920 if( ( ret = x509parse_key_sec1_der( eck, pem.buf, pem.buflen ) ) != 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2921 {
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2922 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2923 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2924
2925 pem_free( &pem );
2926 return( ret );
2927 }
2928 else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH )
2929 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2930 else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED )
2931 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
2932 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2933 return( ret );
2934
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2935 ret = pem_read_buffer( &pem,
2936 "-----BEGIN PRIVATE KEY-----",
2937 "-----END PRIVATE KEY-----",
2938 key, NULL, 0, &len );
2939 if( ret == 0 )
2940 {
2941 if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
2942 pem.buf, pem.buflen ) ) != 0 )
2943 {
2944 ecp_keypair_free( eck );
2945 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2946
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2947 pem_free( &pem );
2948 return( ret );
2949 }
2950 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2951 return( ret );
2952
2953 ret = pem_read_buffer( &pem,
2954 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
2955 "-----END ENCRYPTED PRIVATE KEY-----",
2956 key, NULL, 0, &len );
2957 if( ret == 0 )
2958 {
2959 if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck,
2960 pem.buf, pem.buflen,
2961 pwd, pwdlen ) ) != 0 )
2962 {
2963 ecp_keypair_free( eck );
2964 }
2965
2966 pem_free( &pem );
2967 return( ret );
2968 }
2969 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2970 return( ret );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2971#else
2972 ((void) pwd);
2973 ((void) pwdlen);
2974#endif /* POLARSSL_PEM_C */
2975
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2976 /*
2977 * At this point we only know it's not a PEM formatted key. Could be any
2978 * of the known DER encoded private key formats
2979 *
2980 * We try the different DER format parsers to see if one passes without
2981 * error
2982 */
2983 if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck, key, keylen,
2984 pwd, pwdlen ) ) == 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2985 {
2986 return( 0 );
2987 }
2988
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2989 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2990
2991 if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH )
2992 {
2993 return( ret );
2994 }
2995
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2996 if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
2997 key, keylen ) ) == 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2998 return( 0 );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2999
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]3000 ecp_keypair_free( eck );
3001
3002 if( ( ret = x509parse_key_sec1_der( eck, key, keylen ) ) == 0 )
3003 return( 0 );
3004
3005 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3006
3007 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
3008}
3009
3010/*
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3011 * Parse a public EC key in RFC 5480 format, der-encoded
3012 */
3013static int x509parse_public_key_ec_der( ecp_keypair *key,
3014 const unsigned char *buf, size_t len )
3015{
3016 int ret;
3017 ecp_group_id grp_id;
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]3018 x509_buf alg_params;
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3019 pk_type_t alg = POLARSSL_PK_NONE;
3020 unsigned char *p = (unsigned char *) buf;
3021 unsigned char *end = p + len;
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3022 /*
3023 * SubjectPublicKeyInfo ::= SEQUENCE {
3024 * algorithm AlgorithmIdentifier,
3025 * subjectPublicKey BIT STRING
3026 * }
3027 * -- algorithm parameters are ECParameters
3028 * -- subjectPublicKey is an ECPoint
3029 */
3030 if( ( ret = asn1_get_tag( &p, end, &len,
3031 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
3032 {
3033 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
3034 }
3035
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]3036 if( ( ret = x509_get_algid( &p, end, &alg, &alg_params ) ) != 0 )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3037 return( ret );
3038
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3039 if( alg != POLARSSL_PK_ECKEY && alg != POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3040 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3041
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]3042 if( alg == POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3043 key->alg = POLARSSL_ECP_KEY_ALG_ECDH;
3044
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame^]3045 if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3046 return( ret );
3047
3048 if( ( ret = ecp_use_known_dp( &key->grp, grp_id ) ) != 0 )
3049 return( ret );
3050
3051 if( ( ret = x509_get_subpubkey_ec( &p, end, &key->grp, &key->Q ) ) != 0 )
3052 {
3053 return( ret );
3054 }
3055
3056 return( 0 );
3057}
3058
3059/*
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3060 * Parse a public EC key
3061 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3062static int x509parse_public_key_ec( ecp_keypair *eckey,
3063 const unsigned char *key, size_t keylen )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3064{
3065 int ret;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3066#if defined(POLARSSL_PEM_C)
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3067 size_t len;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3068 pem_context pem;
3069
3070 pem_init( &pem );
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3071 ret = pem_read_buffer( &pem,
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3072 "-----BEGIN PUBLIC KEY-----",
3073 "-----END PUBLIC KEY-----",
3074 key, NULL, 0, &len );
3075
3076 if( ret == 0 )
3077 {
3078 /*
3079 * Was PEM encoded
3080 */
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3081 key = pem.buf;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3082 keylen = pem.buflen;
3083 }
3084 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
3085 {
3086 pem_free( &pem );
3087 return( ret );
3088 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3089#endif
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3090
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3091 if( ( ret = x509parse_public_key_ec_der ( eckey, key, keylen ) ) != 0 ||
3092 ( ret = ecp_check_pubkey( &eckey->grp, &eckey->Q ) ) != 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3093 {
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3094 ecp_keypair_free( eckey );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3095 }
3096
3097#if defined(POLARSSL_PEM_C)
3098 pem_free( &pem );
3099#endif
3100
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3101 return( ret );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3102}
3103#endif /* defined(POLARSSL_ECP_C) */
3104
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3105/*
3106 * Parse a private key
3107 */
3108int x509parse_key( pk_context *ctx,
3109 const unsigned char *key, size_t keylen,
3110 const unsigned char *pwd, size_t pwdlen )
3111{
3112 int ret;
3113
3114 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_RSA ) ) != 0 )
3115 return( ret );
3116
3117 if( ( ret = x509parse_key_rsa( ctx->data, key, keylen, pwd, pwdlen ) )
3118 == 0 )
3119 {
3120 return( 0 );
3121 }
3122
3123 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
3124 return( ret );
3125
3126 if( ( ret = x509parse_key_ec( ctx->data, key, keylen, pwd, pwdlen ) ) == 0 )
3127 {
3128 return( 0 );
3129 }
3130
3131 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
3132}
3133
3134/*
3135 * Parse a public key
3136 */
3137int x509parse_public_key( pk_context *ctx,
3138 const unsigned char *key, size_t keylen )
3139{
3140 int ret;
3141
3142 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_RSA ) ) != 0 )
3143 return( ret );
3144
3145 if( ( ret = x509parse_public_key_rsa( ctx->data, key, keylen ) ) == 0 )
3146 return( 0 );
3147
3148 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
3149 return( ret );
3150
3151 if( ( ret = x509parse_public_key_ec( ctx->data, key, keylen ) ) == 0 )
3152 return( 0 );
3153
3154 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
3155}
3156
Paul Bakkereaa89f82011-04-04 21:36:15 +0000[diff] [blame]3157#if defined(POLARSSL_DHM_C)
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]3158/*
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3159 * Parse DHM parameters
3160 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3161int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3162{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3163 int ret;
3164 size_t len;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3165 unsigned char *p, *end;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3166#if defined(POLARSSL_PEM_C)
3167 pem_context pem;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3168
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3169 pem_init( &pem );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3170
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3171 ret = pem_read_buffer( &pem,
3172 "-----BEGIN DH PARAMETERS-----",
3173 "-----END DH PARAMETERS-----",
3174 dhmin, NULL, 0, &dhminlen );
3175
3176 if( ret == 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3177 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3178 /*
3179 * Was PEM encoded
3180 */
3181 dhminlen = pem.buflen;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3182 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]3183 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3184 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3185 pem_free( &pem );
3186 return( ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3187 }
3188
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3189 p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
3190#else
3191 p = (unsigned char *) dhmin;
3192#endif
3193 end = p + dhminlen;
3194
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3195 memset( dhm, 0, sizeof( dhm_context ) );
3196
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3197 /*
3198 * DHParams ::= SEQUENCE {
3199 * prime INTEGER, -- P
3200 * generator INTEGER, -- g
3201 * }
3202 */
3203 if( ( ret = asn1_get_tag( &p, end, &len,
3204 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
3205 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3206#if defined(POLARSSL_PEM_C)
3207 pem_free( &pem );
3208#endif
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3209 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3210 }
3211
3212 end = p + len;
3213
3214 if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
3215 ( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
3216 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3217#if defined(POLARSSL_PEM_C)
3218 pem_free( &pem );
3219#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3220 dhm_free( dhm );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3221 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3222 }
3223
3224 if( p != end )
3225 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3226#if defined(POLARSSL_PEM_C)
3227 pem_free( &pem );
3228#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3229 dhm_free( dhm );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3230 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3231 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
3232 }
3233
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3234#if defined(POLARSSL_PEM_C)
3235 pem_free( &pem );
3236#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3237
3238 return( 0 );
3239}
3240
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]3241#if defined(POLARSSL_FS_IO)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3242/*
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]3243 * Load and parse DHM parameters
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3244 */
3245int x509parse_dhmfile( dhm_context *dhm, const char *path )
3246{
3247 int ret;
3248 size_t n;
3249 unsigned char *buf;
3250
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]3251 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
3252 return( ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3253
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]3254 ret = x509parse_dhm( dhm, buf, n );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3255
3256 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]3257 polarssl_free( buf );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3258
3259 return( ret );
3260}
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]3261#endif /* POLARSSL_FS_IO */
Paul Bakkereaa89f82011-04-04 21:36:15 +0000[diff] [blame]3262#endif /* POLARSSL_DHM_C */
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3263
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3264#if defined _MSC_VER && !defined snprintf
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3265#include <stdarg.h>
3266
3267#if !defined vsnprintf
3268#define vsnprintf _vsnprintf
3269#endif // vsnprintf
3270
3271/*
3272 * Windows _snprintf and _vsnprintf are not compatible to linux versions.
3273 * Result value is not size of buffer needed, but -1 if no fit is possible.
3274 *
3275 * This fuction tries to 'fix' this by at least suggesting enlarging the
3276 * size by 20.
3277 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3278static int compat_snprintf(char *str, size_t size, const char *format, ...)
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3279{
3280 va_list ap;
3281 int res = -1;
3282
3283 va_start( ap, format );
3284
3285 res = vsnprintf( str, size, format, ap );
3286
3287 va_end( ap );
3288
3289 // No quick fix possible
3290 if ( res < 0 )
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3291 return( (int) size + 20 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3292
3293 return res;
3294}
3295
3296#define snprintf compat_snprintf
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3297#endif
3298
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3299#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
3300
3301#define SAFE_SNPRINTF() \
3302{ \
3303 if( ret == -1 ) \
3304 return( -1 ); \
3305 \
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3306 if ( (unsigned int) ret > n ) { \
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3307 p[n - 1] = '\0'; \
3308 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
3309 } \
3310 \
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3311 n -= (unsigned int) ret; \
3312 p += (unsigned int) ret; \
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3313}
3314
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3315/*
3316 * Store the name in printable form into buf; no more
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3317 * than size characters will be written
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3318 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3319int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3320{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3321 int ret;
3322 size_t i, n;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3323 unsigned char c;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3324 const x509_name *name;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3325 const char *short_name = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3326 char s[128], *p;
3327
3328 memset( s, 0, sizeof( s ) );
3329
3330 name = dn;
3331 p = buf;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3332 n = size;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3333
3334 while( name != NULL )
3335 {
Paul Bakkercefb3962012-06-27 11:51:09 +0000[diff] [blame]3336 if( !name->oid.p )
3337 {
3338 name = name->next;
3339 continue;
3340 }
3341
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3342 if( name != dn )
3343 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3344 ret = snprintf( p, n, ", " );
3345 SAFE_SNPRINTF();
3346 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3347
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3348 ret = oid_get_attr_short_name( &name->oid, &short_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3349
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3350 if( ret == 0 )
3351 ret = snprintf( p, n, "%s=", short_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3352 else
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3353 ret = snprintf( p, n, "\?\?=" );
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3354 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3355
3356 for( i = 0; i < name->val.len; i++ )
3357 {
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]3358 if( i >= sizeof( s ) - 1 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3359 break;
3360
3361 c = name->val.p[i];
3362 if( c < 32 || c == 127 || ( c > 128 && c < 160 ) )
3363 s[i] = '?';
3364 else s[i] = c;
3365 }
3366 s[i] = '\0';
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3367 ret = snprintf( p, n, "%s", s );
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3368 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3369 name = name->next;
3370 }
3371
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3372 return( (int) ( size - n ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3373}
3374
3375/*
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3376 * Store the serial in printable form into buf; no more
3377 * than size characters will be written
3378 */
3379int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
3380{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3381 int ret;
3382 size_t i, n, nr;
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3383 char *p;
3384
3385 p = buf;
3386 n = size;
3387
3388 nr = ( serial->len <= 32 )
Paul Bakker03c7c252011-11-25 12:37:37 +0000[diff] [blame]3389 ? serial->len : 28;
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3390
3391 for( i = 0; i < nr; i++ )
3392 {
Paul Bakker93048802011-12-05 14:38:06 +0000[diff] [blame]3393 if( i == 0 && nr > 1 && serial->p[i] == 0x0 )
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3394 continue;
3395
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3396 ret = snprintf( p, n, "%02X%s",
3397 serial->p[i], ( i < nr - 1 ) ? ":" : "" );
3398 SAFE_SNPRINTF();
3399 }
3400
Paul Bakker03c7c252011-11-25 12:37:37 +0000[diff] [blame]3401 if( nr != serial->len )
3402 {
3403 ret = snprintf( p, n, "...." );
3404 SAFE_SNPRINTF();
3405 }
3406
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3407 return( (int) ( size - n ) );
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3408}
3409
3410/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3411 * Return an informational string about the certificate.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3412 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3413int x509parse_cert_info( char *buf, size_t size, const char *prefix,
3414 const x509_cert *crt )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3415{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3416 int ret;
3417 size_t n;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3418 char *p;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3419 const char *desc = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3420
3421 p = buf;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3422 n = size;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3423
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3424 ret = snprintf( p, n, "%scert. version : %d\n",
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3425 prefix, crt->version );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3426 SAFE_SNPRINTF();
3427 ret = snprintf( p, n, "%sserial number : ",
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3428 prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3429 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3430
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3431 ret = x509parse_serial_gets( p, n, &crt->serial);
3432 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3433
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3434 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
3435 SAFE_SNPRINTF();
3436 ret = x509parse_dn_gets( p, n, &crt->issuer );
3437 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3438
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3439 ret = snprintf( p, n, "\n%ssubject name : ", prefix );
3440 SAFE_SNPRINTF();
3441 ret = x509parse_dn_gets( p, n, &crt->subject );
3442 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3443
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3444 ret = snprintf( p, n, "\n%sissued on : " \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3445 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3446 crt->valid_from.year, crt->valid_from.mon,
3447 crt->valid_from.day, crt->valid_from.hour,
3448 crt->valid_from.min, crt->valid_from.sec );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3449 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3450
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3451 ret = snprintf( p, n, "\n%sexpires on : " \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3452 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3453 crt->valid_to.year, crt->valid_to.mon,
3454 crt->valid_to.day, crt->valid_to.hour,
3455 crt->valid_to.min, crt->valid_to.sec );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3456 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3457
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3458 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3459 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3460
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3461 ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc );
3462 if( ret != 0 )
3463 ret = snprintf( p, n, "???" );
3464 else
3465 ret = snprintf( p, n, desc );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3466 SAFE_SNPRINTF();
3467
3468 ret = snprintf( p, n, "\n%sRSA key size : %d bits\n", prefix,
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]3469 (int) crt->rsa.N.n * (int) sizeof( t_uint ) * 8 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3470 SAFE_SNPRINTF();
3471
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3472 return( (int) ( size - n ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3473}
3474
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3475/*
3476 * Return an informational string describing the given OID
3477 */
3478const char *x509_oid_get_description( x509_buf *oid )
3479{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3480 const char *desc = NULL;
3481 int ret;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3482
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3483 ret = oid_get_extended_key_usage( oid, &desc );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3484
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3485 if( ret != 0 )
3486 return( NULL );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3487
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3488 return( desc );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3489}
3490
3491/* Return the x.y.z.... style numeric string for the given OID */
3492int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
3493{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3494 return oid_get_numeric_string( buf, size, oid );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3495}
3496
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3497/*
3498 * Return an informational string about the CRL.
3499 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3500int x509parse_crl_info( char *buf, size_t size, const char *prefix,
3501 const x509_crl *crl )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3502{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3503 int ret;
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3504 size_t n;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3505 char *p;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3506 const char *desc;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3507 const x509_crl_entry *entry;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3508
3509 p = buf;
3510 n = size;
3511
3512 ret = snprintf( p, n, "%sCRL version : %d",
3513 prefix, crl->version );
3514 SAFE_SNPRINTF();
3515
3516 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
3517 SAFE_SNPRINTF();
3518 ret = x509parse_dn_gets( p, n, &crl->issuer );
3519 SAFE_SNPRINTF();
3520
3521 ret = snprintf( p, n, "\n%sthis update : " \
3522 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3523 crl->this_update.year, crl->this_update.mon,
3524 crl->this_update.day, crl->this_update.hour,
3525 crl->this_update.min, crl->this_update.sec );
3526 SAFE_SNPRINTF();
3527
3528 ret = snprintf( p, n, "\n%snext update : " \
3529 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3530 crl->next_update.year, crl->next_update.mon,
3531 crl->next_update.day, crl->next_update.hour,
3532 crl->next_update.min, crl->next_update.sec );
3533 SAFE_SNPRINTF();
3534
3535 entry = &crl->entry;
3536
3537 ret = snprintf( p, n, "\n%sRevoked certificates:",
3538 prefix );
3539 SAFE_SNPRINTF();
3540
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]3541 while( entry != NULL && entry->raw.len != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3542 {
3543 ret = snprintf( p, n, "\n%sserial number: ",
3544 prefix );
3545 SAFE_SNPRINTF();
3546
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3547 ret = x509parse_serial_gets( p, n, &entry->serial);
3548 SAFE_SNPRINTF();
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3549
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3550 ret = snprintf( p, n, " revocation date: " \
3551 "%04d-%02d-%02d %02d:%02d:%02d",
3552 entry->revocation_date.year, entry->revocation_date.mon,
3553 entry->revocation_date.day, entry->revocation_date.hour,
3554 entry->revocation_date.min, entry->revocation_date.sec );
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3555 SAFE_SNPRINTF();
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3556
3557 entry = entry->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3558 }
3559
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3560 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3561 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3562
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3563 ret = oid_get_sig_alg_desc( &crl->sig_oid1, &desc );
3564 if( ret != 0 )
3565 ret = snprintf( p, n, "???" );
3566 else
3567 ret = snprintf( p, n, desc );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3568 SAFE_SNPRINTF();
3569
Paul Bakker1e27bb22009-07-19 20:25:25 +0000[diff] [blame]3570 ret = snprintf( p, n, "\n" );
3571 SAFE_SNPRINTF();
3572
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3573 return( (int) ( size - n ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3574}
3575
3576/*
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3577 * Return 0 if the x509_time is still valid, or 1 otherwise.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3578 */
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200[diff] [blame]3579#if defined(POLARSSL_HAVE_TIME)
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3580int x509parse_time_expired( const x509_time *to )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3581{
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3582 int year, mon, day;
3583 int hour, min, sec;
3584
3585#if defined(_WIN32)
3586 SYSTEMTIME st;
3587
3588 GetLocalTime(&st);
3589
3590 year = st.wYear;
3591 mon = st.wMonth;
3592 day = st.wDay;
3593 hour = st.wHour;
3594 min = st.wMinute;
3595 sec = st.wSecond;
3596#else
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3597 struct tm *lt;
3598 time_t tt;
3599
3600 tt = time( NULL );
3601 lt = localtime( &tt );
3602
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3603 year = lt->tm_year + 1900;
3604 mon = lt->tm_mon + 1;
3605 day = lt->tm_mday;
3606 hour = lt->tm_hour;
3607 min = lt->tm_min;
3608 sec = lt->tm_sec;
3609#endif
3610
3611 if( year > to->year )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3612 return( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3613
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3614 if( year == to->year &&
3615 mon > to->mon )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3616 return( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3617
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3618 if( year == to->year &&
3619 mon == to->mon &&
3620 day > to->day )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3621 return( 1 );
3622
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3623 if( year == to->year &&
3624 mon == to->mon &&
3625 day == to->day &&
3626 hour > to->hour )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3627 return( 1 );
3628
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3629 if( year == to->year &&
3630 mon == to->mon &&
3631 day == to->day &&
3632 hour == to->hour &&
3633 min > to->min )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3634 return( 1 );
3635
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3636 if( year == to->year &&
3637 mon == to->mon &&
3638 day == to->day &&
3639 hour == to->hour &&
3640 min == to->min &&
3641 sec > to->sec )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3642 return( 1 );
3643
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3644 return( 0 );
3645}
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200[diff] [blame]3646#else /* POLARSSL_HAVE_TIME */
3647int x509parse_time_expired( const x509_time *to )
3648{
3649 ((void) to);
3650 return( 0 );
3651}
3652#endif /* POLARSSL_HAVE_TIME */
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3653
3654/*
3655 * Return 1 if the certificate is revoked, or 0 otherwise.
3656 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3657int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3658{
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3659 const x509_crl_entry *cur = &crl->entry;
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3660
3661 while( cur != NULL && cur->serial.len != 0 )
3662 {
Paul Bakkera056efc2011-01-16 21:38:35 +0000[diff] [blame]3663 if( crt->serial.len == cur->serial.len &&
3664 memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3665 {
3666 if( x509parse_time_expired( &cur->revocation_date ) )
3667 return( 1 );
3668 }
3669
3670 cur = cur->next;
3671 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3672
3673 return( 0 );
3674}
3675
Paul Bakkerde4d2ea2009-10-03 19:58:52 +0000[diff] [blame]3676/*
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3677 * Check that the given certificate is valid accoring to the CRL.
3678 */
3679static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
3680 x509_crl *crl_list)
3681{
3682 int flags = 0;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3683 unsigned char hash[POLARSSL_MD_MAX_SIZE];
3684 const md_info_t *md_info;
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3685
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3686 if( ca == NULL )
3687 return( flags );
3688
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3689 /*
3690 * TODO: What happens if no CRL is present?
3691 * Suggestion: Revocation state should be unknown if no CRL is present.
3692 * For backwards compatibility this is not yet implemented.
3693 */
3694
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3695 while( crl_list != NULL )
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3696 {
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3697 if( crl_list->version == 0 ||
3698 crl_list->issuer_raw.len != ca->subject_raw.len ||
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3699 memcmp( crl_list->issuer_raw.p, ca->subject_raw.p,
3700 crl_list->issuer_raw.len ) != 0 )
3701 {
3702 crl_list = crl_list->next;
3703 continue;
3704 }
3705
3706 /*
3707 * Check if CRL is correctly signed by the trusted CA
3708 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3709 md_info = md_info_from_type( crl_list->sig_md );
3710 if( md_info == NULL )
3711 {
3712 /*
3713 * Cannot check 'unknown' hash
3714 */
3715 flags |= BADCRL_NOT_TRUSTED;
3716 break;
3717 }
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3718
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3719 md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3720
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3721 if( !rsa_pkcs1_verify( &ca->rsa, RSA_PUBLIC, crl_list->sig_md,
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3722 0, hash, crl_list->sig.p ) == 0 )
3723 {
3724 /*
3725 * CRL is not trusted
3726 */
3727 flags |= BADCRL_NOT_TRUSTED;
3728 break;
3729 }
3730
3731 /*
3732 * Check for validity of CRL (Do not drop out)
3733 */
3734 if( x509parse_time_expired( &crl_list->next_update ) )
3735 flags |= BADCRL_EXPIRED;
3736
3737 /*
3738 * Check if certificate is revoked
3739 */
3740 if( x509parse_revoked(crt, crl_list) )
3741 {
3742 flags |= BADCERT_REVOKED;
3743 break;
3744 }
3745
3746 crl_list = crl_list->next;
3747 }
3748 return flags;
3749}
3750
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]3751static int x509_wildcard_verify( const char *cn, x509_buf *name )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3752{
3753 size_t i;
3754 size_t cn_idx = 0;
3755
Paul Bakker57b12982012-02-11 17:38:38 +0000[diff] [blame]3756 if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3757 return( 0 );
3758
3759 for( i = 0; i < strlen( cn ); ++i )
3760 {
3761 if( cn[i] == '.' )
3762 {
3763 cn_idx = i;
3764 break;
3765 }
3766 }
3767
3768 if( cn_idx == 0 )
3769 return( 0 );
3770
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3771 if( strlen( cn ) - cn_idx == name->len - 1 &&
3772 memcmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3773 {
3774 return( 1 );
3775 }
3776
3777 return( 0 );
3778}
3779
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3780static int x509parse_verify_top(
3781 x509_cert *child, x509_cert *trust_ca,
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3782 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3783 int (*f_vrfy)(void *, x509_cert *, int, int *),
3784 void *p_vrfy )
3785{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3786 int ret;
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3787 int ca_flags = 0, check_path_cnt = path_cnt + 1;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3788 unsigned char hash[POLARSSL_MD_MAX_SIZE];
3789 const md_info_t *md_info;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3790
3791 if( x509parse_time_expired( &child->valid_to ) )
3792 *flags |= BADCERT_EXPIRED;
3793
3794 /*
3795 * Child is the top of the chain. Check against the trust_ca list.
3796 */
3797 *flags |= BADCERT_NOT_TRUSTED;
3798
3799 while( trust_ca != NULL )
3800 {
3801 if( trust_ca->version == 0 ||
3802 child->issuer_raw.len != trust_ca->subject_raw.len ||
3803 memcmp( child->issuer_raw.p, trust_ca->subject_raw.p,
3804 child->issuer_raw.len ) != 0 )
3805 {
3806 trust_ca = trust_ca->next;
3807 continue;
3808 }
3809
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3810 /*
3811 * Reduce path_len to check against if top of the chain is
3812 * the same as the trusted CA
3813 */
3814 if( child->subject_raw.len == trust_ca->subject_raw.len &&
3815 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
3816 child->issuer_raw.len ) == 0 )
3817 {
3818 check_path_cnt--;
3819 }
3820
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3821 if( trust_ca->max_pathlen > 0 &&
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3822 trust_ca->max_pathlen < check_path_cnt )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3823 {
3824 trust_ca = trust_ca->next;
3825 continue;
3826 }
3827
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3828 md_info = md_info_from_type( child->sig_md );
3829 if( md_info == NULL )
3830 {
3831 /*
3832 * Cannot check 'unknown' hash
3833 */
3834 continue;
3835 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3836
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3837 md( md_info, child->tbs.p, child->tbs.len, hash );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3838
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3839 if( rsa_pkcs1_verify( &trust_ca->rsa, RSA_PUBLIC, child->sig_md,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3840 0, hash, child->sig.p ) != 0 )
3841 {
3842 trust_ca = trust_ca->next;
3843 continue;
3844 }
3845
3846 /*
3847 * Top of chain is signed by a trusted CA
3848 */
3849 *flags &= ~BADCERT_NOT_TRUSTED;
3850 break;
3851 }
3852
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3853 /*
Paul Bakker3497d8c2012-11-24 11:53:17 +0100[diff] [blame]3854 * If top of chain is not the same as the trusted CA send a verify request
3855 * to the callback for any issues with validity and CRL presence for the
3856 * trusted CA certificate.
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3857 */
3858 if( trust_ca != NULL &&
3859 ( child->subject_raw.len != trust_ca->subject_raw.len ||
3860 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
3861 child->issuer_raw.len ) != 0 ) )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3862 {
3863 /* Check trusted CA's CRL for then chain's top crt */
3864 *flags |= x509parse_verifycrl( child, trust_ca, ca_crl );
3865
3866 if( x509parse_time_expired( &trust_ca->valid_to ) )
3867 ca_flags |= BADCERT_EXPIRED;
3868
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3869 if( NULL != f_vrfy )
3870 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3871 if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1, &ca_flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3872 return( ret );
3873 }
3874 }
3875
3876 /* Call callback on top cert */
3877 if( NULL != f_vrfy )
3878 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3879 if( ( ret = f_vrfy(p_vrfy, child, path_cnt, flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3880 return( ret );
3881 }
3882
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3883 *flags |= ca_flags;
3884
3885 return( 0 );
3886}
3887
3888static int x509parse_verify_child(
3889 x509_cert *child, x509_cert *parent, x509_cert *trust_ca,
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3890 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3891 int (*f_vrfy)(void *, x509_cert *, int, int *),
3892 void *p_vrfy )
3893{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3894 int ret;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3895 int parent_flags = 0;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3896 unsigned char hash[POLARSSL_MD_MAX_SIZE];
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3897 x509_cert *grandparent;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3898 const md_info_t *md_info;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3899
3900 if( x509parse_time_expired( &child->valid_to ) )
3901 *flags |= BADCERT_EXPIRED;
3902
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3903 md_info = md_info_from_type( child->sig_md );
3904 if( md_info == NULL )
3905 {
3906 /*
3907 * Cannot check 'unknown' hash
3908 */
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3909 *flags |= BADCERT_NOT_TRUSTED;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3910 }
3911 else
3912 {
3913 md( md_info, child->tbs.p, child->tbs.len, hash );
3914
3915 if( rsa_pkcs1_verify( &parent->rsa, RSA_PUBLIC, child->sig_md, 0, hash,
3916 child->sig.p ) != 0 )
3917 *flags |= BADCERT_NOT_TRUSTED;
3918 }
3919
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3920 /* Check trusted CA's CRL for the given crt */
3921 *flags |= x509parse_verifycrl(child, parent, ca_crl);
3922
3923 grandparent = parent->next;
3924
3925 while( grandparent != NULL )
3926 {
3927 if( grandparent->version == 0 ||
3928 grandparent->ca_istrue == 0 ||
3929 parent->issuer_raw.len != grandparent->subject_raw.len ||
3930 memcmp( parent->issuer_raw.p, grandparent->subject_raw.p,
3931 parent->issuer_raw.len ) != 0 )
3932 {
3933 grandparent = grandparent->next;
3934 continue;
3935 }
3936 break;
3937 }
3938
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3939 if( grandparent != NULL )
3940 {
3941 /*
3942 * Part of the chain
3943 */
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3944 ret = x509parse_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3945 if( ret != 0 )
3946 return( ret );
3947 }
3948 else
3949 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3950 ret = x509parse_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3951 if( ret != 0 )
3952 return( ret );
3953 }
3954
3955 /* child is verified to be a child of the parent, call verify callback */
3956 if( NULL != f_vrfy )
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3957 if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3958 return( ret );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3959
3960 *flags |= parent_flags;
3961
3962 return( 0 );
3963}
3964
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3965/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3966 * Verify the certificate validity
3967 */
3968int x509parse_verify( x509_cert *crt,
3969 x509_cert *trust_ca,
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3970 x509_crl *ca_crl,
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]3971 const char *cn, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3972 int (*f_vrfy)(void *, x509_cert *, int, int *),
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]3973 void *p_vrfy )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3974{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3975 size_t cn_len;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3976 int ret;
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3977 int pathlen = 0;
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3978 x509_cert *parent;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3979 x509_name *name;
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3980 x509_sequence *cur = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3981
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3982 *flags = 0;
3983
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3984 if( cn != NULL )
3985 {
3986 name = &crt->subject;
3987 cn_len = strlen( cn );
3988
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3989 if( crt->ext_types & EXT_SUBJECT_ALT_NAME )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3990 {
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3991 cur = &crt->subject_alt_names;
3992
3993 while( cur != NULL )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3994 {
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3995 if( cur->buf.len == cn_len &&
3996 memcmp( cn, cur->buf.p, cn_len ) == 0 )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3997 break;
3998
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3999 if( cur->buf.len > 2 &&
4000 memcmp( cur->buf.p, "*.", 2 ) == 0 &&
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]4001 x509_wildcard_verify( cn, &cur->buf ) )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]4002 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4003
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]4004 cur = cur->next;
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]4005 }
4006
4007 if( cur == NULL )
4008 *flags |= BADCERT_CN_MISMATCH;
4009 }
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]4010 else
4011 {
4012 while( name != NULL )
4013 {
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]4014 if( OID_CMP( OID_AT_CN, &name->oid ) )
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]4015 {
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]4016 if( name->val.len == cn_len &&
4017 memcmp( name->val.p, cn, cn_len ) == 0 )
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]4018 break;
4019
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]4020 if( name->val.len > 2 &&
4021 memcmp( name->val.p, "*.", 2 ) == 0 &&
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]4022 x509_wildcard_verify( cn, &name->val ) )
4023 break;
4024 }
4025
4026 name = name->next;
4027 }
4028
4029 if( name == NULL )
4030 *flags |= BADCERT_CN_MISMATCH;
4031 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4032 }
4033
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4034 /*
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4035 * Iterate upwards in the given cert chain, to find our crt parent.
4036 * Ignore any upper cert with CA != TRUE.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4037 */
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4038 parent = crt->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4039
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4040 while( parent != NULL && parent->version != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4041 {
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4042 if( parent->ca_istrue == 0 ||
4043 crt->issuer_raw.len != parent->subject_raw.len ||
4044 memcmp( crt->issuer_raw.p, parent->subject_raw.p,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4045 crt->issuer_raw.len ) != 0 )
4046 {
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4047 parent = parent->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4048 continue;
4049 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4050 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4051 }
4052
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4053 if( parent != NULL )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4054 {
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4055 /*
4056 * Part of the chain
4057 */
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]4058 ret = x509parse_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4059 if( ret != 0 )
4060 return( ret );
4061 }
4062 else
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4063 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]4064 ret = x509parse_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4065 if( ret != 0 )
4066 return( ret );
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]4067 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4068
4069 if( *flags != 0 )
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4070 return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED );
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]4071
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4072 return( 0 );
4073}
4074
4075/*
4076 * Unallocate all certificate data
4077 */
4078void x509_free( x509_cert *crt )
4079{
4080 x509_cert *cert_cur = crt;
4081 x509_cert *cert_prv;
4082 x509_name *name_cur;
4083 x509_name *name_prv;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4084 x509_sequence *seq_cur;
4085 x509_sequence *seq_prv;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4086
4087 if( crt == NULL )
4088 return;
4089
4090 do
4091 {
4092 rsa_free( &cert_cur->rsa );
4093
4094 name_cur = cert_cur->issuer.next;
4095 while( name_cur != NULL )
4096 {
4097 name_prv = name_cur;
4098 name_cur = name_cur->next;
4099 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4100 polarssl_free( name_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4101 }
4102
4103 name_cur = cert_cur->subject.next;
4104 while( name_cur != NULL )
4105 {
4106 name_prv = name_cur;
4107 name_cur = name_cur->next;
4108 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4109 polarssl_free( name_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4110 }
4111
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4112 seq_cur = cert_cur->ext_key_usage.next;
4113 while( seq_cur != NULL )
4114 {
4115 seq_prv = seq_cur;
4116 seq_cur = seq_cur->next;
4117 memset( seq_prv, 0, sizeof( x509_sequence ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4118 polarssl_free( seq_prv );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4119 }
4120
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]4121 seq_cur = cert_cur->subject_alt_names.next;
4122 while( seq_cur != NULL )
4123 {
4124 seq_prv = seq_cur;
4125 seq_cur = seq_cur->next;
4126 memset( seq_prv, 0, sizeof( x509_sequence ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4127 polarssl_free( seq_prv );
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]4128 }
4129
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4130 if( cert_cur->raw.p != NULL )
4131 {
4132 memset( cert_cur->raw.p, 0, cert_cur->raw.len );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4133 polarssl_free( cert_cur->raw.p );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4134 }
4135
4136 cert_cur = cert_cur->next;
4137 }
4138 while( cert_cur != NULL );
4139
4140 cert_cur = crt;
4141 do
4142 {
4143 cert_prv = cert_cur;
4144 cert_cur = cert_cur->next;
4145
4146 memset( cert_prv, 0, sizeof( x509_cert ) );
4147 if( cert_prv != crt )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4148 polarssl_free( cert_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4149 }
4150 while( cert_cur != NULL );
4151}
4152
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4153/*
4154 * Unallocate all CRL data
4155 */
4156void x509_crl_free( x509_crl *crl )
4157{
4158 x509_crl *crl_cur = crl;
4159 x509_crl *crl_prv;
4160 x509_name *name_cur;
4161 x509_name *name_prv;
4162 x509_crl_entry *entry_cur;
4163 x509_crl_entry *entry_prv;
4164
4165 if( crl == NULL )
4166 return;
4167
4168 do
4169 {
4170 name_cur = crl_cur->issuer.next;
4171 while( name_cur != NULL )
4172 {
4173 name_prv = name_cur;
4174 name_cur = name_cur->next;
4175 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4176 polarssl_free( name_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4177 }
4178
4179 entry_cur = crl_cur->entry.next;
4180 while( entry_cur != NULL )
4181 {
4182 entry_prv = entry_cur;
4183 entry_cur = entry_cur->next;
4184 memset( entry_prv, 0, sizeof( x509_crl_entry ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4185 polarssl_free( entry_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4186 }
4187
4188 if( crl_cur->raw.p != NULL )
4189 {
4190 memset( crl_cur->raw.p, 0, crl_cur->raw.len );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4191 polarssl_free( crl_cur->raw.p );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4192 }
4193
4194 crl_cur = crl_cur->next;
4195 }
4196 while( crl_cur != NULL );
4197
4198 crl_cur = crl;
4199 do
4200 {
4201 crl_prv = crl_cur;
4202 crl_cur = crl_cur->next;
4203
4204 memset( crl_prv, 0, sizeof( x509_crl ) );
4205 if( crl_prv != crl )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4206 polarssl_free( crl_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4207 }
4208 while( crl_cur != NULL );
4209}
4210
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]4211#if defined(POLARSSL_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4212
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]4213#include "polarssl/certs.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4214
4215/*
4216 * Checkup routine
4217 */
4218int x509_self_test( int verbose )
4219{
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4220#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4221 int ret;
4222 int flags;
4223 size_t i, j;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4224 x509_cert cacert;
4225 x509_cert clicert;
4226 rsa_context rsa;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4227#if defined(POLARSSL_DHM_C)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4228 dhm_context dhm;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4229#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4230
4231 if( verbose != 0 )
4232 printf( " X.509 certificate load: " );
4233
4234 memset( &clicert, 0, sizeof( x509_cert ) );
4235
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4236 ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt,
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]4237 strlen( test_cli_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4238 if( ret != 0 )
4239 {
4240 if( verbose != 0 )
4241 printf( "failed\n" );
4242
4243 return( ret );
4244 }
4245
4246 memset( &cacert, 0, sizeof( x509_cert ) );
4247
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4248 ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]4249 strlen( test_ca_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4250 if( ret != 0 )
4251 {
4252 if( verbose != 0 )
4253 printf( "failed\n" );
4254
4255 return( ret );
4256 }
4257
4258 if( verbose != 0 )
4259 printf( "passed\n X.509 private key load: " );
4260
4261 i = strlen( test_ca_key );
4262 j = strlen( test_ca_pwd );
4263
Paul Bakker66b78b22011-03-25 14:22:50 +0000[diff] [blame]4264 rsa_init( &rsa, RSA_PKCS_V15, 0 );
4265
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]4266 if( ( ret = x509parse_key_rsa( &rsa,
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4267 (const unsigned char *) test_ca_key, i,
4268 (const unsigned char *) test_ca_pwd, j ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4269 {
4270 if( verbose != 0 )
4271 printf( "failed\n" );
4272
4273 return( ret );
4274 }
4275
4276 if( verbose != 0 )
4277 printf( "passed\n X.509 signature verify: ");
4278
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4279 ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4280 if( ret != 0 )
4281 {
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4282 printf("%02x", flags);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4283 if( verbose != 0 )
4284 printf( "failed\n" );
4285
4286 return( ret );
4287 }
4288
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4289#if defined(POLARSSL_DHM_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4290 if( verbose != 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4291 printf( "passed\n X.509 DHM parameter load: " );
4292
4293 i = strlen( test_dhm_params );
4294 j = strlen( test_ca_pwd );
4295
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4296 if( ( ret = x509parse_dhm( &dhm, (const unsigned char *) test_dhm_params, i ) ) != 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4297 {
4298 if( verbose != 0 )
4299 printf( "failed\n" );
4300
4301 return( ret );
4302 }
4303
4304 if( verbose != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4305 printf( "passed\n\n" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4306#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4307
4308 x509_free( &cacert );
4309 x509_free( &clicert );
4310 rsa_free( &rsa );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4311#if defined(POLARSSL_DHM_C)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4312 dhm_free( &dhm );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4313#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4314
4315 return( 0 );
Paul Bakkerde4d2ea2009-10-03 19:58:52 +0000[diff] [blame]4316#else
4317 ((void) verbose);
4318 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
4319#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4320}
4321
4322#endif
4323
4324#endif