TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b887f1119e2209b23b4beff34b4a8b2c78b2cf61 / . / library / x509_crt.c
blob: 91d46264fcc498a9cc71575c70feeed7fbe7746e [file] [log] [blame]
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1/*
2 * X.509 certificate and private key decoding
3 *
4 * Copyright (C) 2006-2013, Brainspark B.V.
5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8 *
9 * All rights reserved.
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25/*
26 * The ITU-T X.509 standard defines a certificate format for PKI.
27 *
28 * http://www.ietf.org/rfc/rfc3279.txt
29 * http://www.ietf.org/rfc/rfc3280.txt
30 *
31 * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
32 *
33 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
34 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
35 */
36
37#include "polarssl/config.h"
38
39#if defined(POLARSSL_X509_CRT_PARSE_C)
40
41#include "polarssl/x509_crt.h"
42#include "polarssl/oid.h"
43#if defined(POLARSSL_PEM_PARSE_C)
44#include "polarssl/pem.h"
45#endif
46
47#if defined(POLARSSL_MEMORY_C)
48#include "polarssl/memory.h"
49#else
50#define polarssl_malloc malloc
51#define polarssl_free free
52#endif
53
54#include <string.h>
55#include <stdlib.h>
56#if defined(_WIN32)
57#include <windows.h>
58#else
59#include <time.h>
60#endif
61
62#if defined(POLARSSL_FS_IO)
63#include <stdio.h>
64#if !defined(_WIN32)
65#include <sys/types.h>
66#include <sys/stat.h>
67#include <dirent.h>
68#endif
69#endif
70
71/*
72 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
73 */
74static int x509_get_version( unsigned char **p,
75 const unsigned char *end,
76 int *ver )
77{
78 int ret;
79 size_t len;
80
81 if( ( ret = asn1_get_tag( p, end, &len,
82 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 )
83 {
84 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
85 {
86 *ver = 0;
87 return( 0 );
88 }
89
90 return( ret );
91 }
92
93 end = *p + len;
94
95 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]96 return( POLARSSL_ERR_X509_INVALID_VERSION + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]97
98 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]99 return( POLARSSL_ERR_X509_INVALID_VERSION +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]100 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
101
102 return( 0 );
103}
104
105/*
106 * Validity ::= SEQUENCE {
107 * notBefore Time,
108 * notAfter Time }
109 */
110static int x509_get_dates( unsigned char **p,
111 const unsigned char *end,
112 x509_time *from,
113 x509_time *to )
114{
115 int ret;
116 size_t len;
117
118 if( ( ret = asn1_get_tag( p, end, &len,
119 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]120 return( POLARSSL_ERR_X509_INVALID_DATE + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]121
122 end = *p + len;
123
124 if( ( ret = x509_get_time( p, end, from ) ) != 0 )
125 return( ret );
126
127 if( ( ret = x509_get_time( p, end, to ) ) != 0 )
128 return( ret );
129
130 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]131 return( POLARSSL_ERR_X509_INVALID_DATE +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]132 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
133
134 return( 0 );
135}
136
137/*
138 * X.509 v2/v3 unique identifier (not parsed)
139 */
140static int x509_get_uid( unsigned char **p,
141 const unsigned char *end,
142 x509_buf *uid, int n )
143{
144 int ret;
145
146 if( *p == end )
147 return( 0 );
148
149 uid->tag = **p;
150
151 if( ( ret = asn1_get_tag( p, end, &uid->len,
152 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n ) ) != 0 )
153 {
154 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
155 return( 0 );
156
157 return( ret );
158 }
159
160 uid->p = *p;
161 *p += uid->len;
162
163 return( 0 );
164}
165
166static int x509_get_basic_constraints( unsigned char **p,
167 const unsigned char *end,
168 int *ca_istrue,
169 int *max_pathlen )
170{
171 int ret;
172 size_t len;
173
174 /*
175 * BasicConstraints ::= SEQUENCE {
176 * cA BOOLEAN DEFAULT FALSE,
177 * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
178 */
179 *ca_istrue = 0; /* DEFAULT FALSE */
180 *max_pathlen = 0; /* endless */
181
182 if( ( ret = asn1_get_tag( p, end, &len,
183 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]184 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]185
186 if( *p == end )
187 return 0;
188
189 if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 )
190 {
191 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
192 ret = asn1_get_int( p, end, ca_istrue );
193
194 if( ret != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]195 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]196
197 if( *ca_istrue != 0 )
198 *ca_istrue = 1;
199 }
200
201 if( *p == end )
202 return 0;
203
204 if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]205 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]206
207 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]208 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]209 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
210
211 (*max_pathlen)++;
212
213 return 0;
214}
215
216static int x509_get_ns_cert_type( unsigned char **p,
217 const unsigned char *end,
218 unsigned char *ns_cert_type)
219{
220 int ret;
221 x509_bitstring bs = { 0, 0, NULL };
222
223 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]224 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]225
226 if( bs.len != 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]227 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]228 POLARSSL_ERR_ASN1_INVALID_LENGTH );
229
230 /* Get actual bitstring */
231 *ns_cert_type = *bs.p;
232 return 0;
233}
234
235static int x509_get_key_usage( unsigned char **p,
236 const unsigned char *end,
237 unsigned char *key_usage)
238{
239 int ret;
240 x509_bitstring bs = { 0, 0, NULL };
241
242 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]243 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]244
245 if( bs.len < 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]246 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]247 POLARSSL_ERR_ASN1_INVALID_LENGTH );
248
249 /* Get actual bitstring */
250 *key_usage = *bs.p;
251 return 0;
252}
253
254/*
255 * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
256 *
257 * KeyPurposeId ::= OBJECT IDENTIFIER
258 */
259static int x509_get_ext_key_usage( unsigned char **p,
260 const unsigned char *end,
261 x509_sequence *ext_key_usage)
262{
263 int ret;
264
265 if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]266 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]267
268 /* Sequence length must be >= 1 */
269 if( ext_key_usage->buf.p == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]270 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]271 POLARSSL_ERR_ASN1_INVALID_LENGTH );
272
273 return 0;
274}
275
276/*
277 * SubjectAltName ::= GeneralNames
278 *
279 * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
280 *
281 * GeneralName ::= CHOICE {
282 * otherName [0] OtherName,
283 * rfc822Name [1] IA5String,
284 * dNSName [2] IA5String,
285 * x400Address [3] ORAddress,
286 * directoryName [4] Name,
287 * ediPartyName [5] EDIPartyName,
288 * uniformResourceIdentifier [6] IA5String,
289 * iPAddress [7] OCTET STRING,
290 * registeredID [8] OBJECT IDENTIFIER }
291 *
292 * OtherName ::= SEQUENCE {
293 * type-id OBJECT IDENTIFIER,
294 * value [0] EXPLICIT ANY DEFINED BY type-id }
295 *
296 * EDIPartyName ::= SEQUENCE {
297 * nameAssigner [0] DirectoryString OPTIONAL,
298 * partyName [1] DirectoryString }
299 *
300 * NOTE: PolarSSL only parses and uses dNSName at this point.
301 */
302static int x509_get_subject_alt_name( unsigned char **p,
303 const unsigned char *end,
304 x509_sequence *subject_alt_name )
305{
306 int ret;
307 size_t len, tag_len;
308 asn1_buf *buf;
309 unsigned char tag;
310 asn1_sequence *cur = subject_alt_name;
311
312 /* Get main sequence tag */
313 if( ( ret = asn1_get_tag( p, end, &len,
314 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]315 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]316
317 if( *p + len != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]318 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]319 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
320
321 while( *p < end )
322 {
323 if( ( end - *p ) < 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]324 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]325 POLARSSL_ERR_ASN1_OUT_OF_DATA );
326
327 tag = **p;
328 (*p)++;
329 if( ( ret = asn1_get_len( p, end, &tag_len ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]330 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]331
332 if( ( tag & ASN1_CONTEXT_SPECIFIC ) != ASN1_CONTEXT_SPECIFIC )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]333 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]334 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
335
336 if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )
337 {
338 *p += tag_len;
339 continue;
340 }
341
342 buf = &(cur->buf);
343 buf->tag = tag;
344 buf->p = *p;
345 buf->len = tag_len;
346 *p += buf->len;
347
348 /* Allocate and assign next pointer */
349 if (*p < end)
350 {
351 cur->next = (asn1_sequence *) polarssl_malloc(
352 sizeof( asn1_sequence ) );
353
354 if( cur->next == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]355 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]356 POLARSSL_ERR_ASN1_MALLOC_FAILED );
357
358 memset( cur->next, 0, sizeof( asn1_sequence ) );
359 cur = cur->next;
360 }
361 }
362
363 /* Set final sequence entry's next pointer to NULL */
364 cur->next = NULL;
365
366 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]367 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]368 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
369
370 return( 0 );
371}
372
373/*
374 * X.509 v3 extensions
375 *
376 * TODO: Perform all of the basic constraints tests required by the RFC
377 * TODO: Set values for undetected extensions to a sane default?
378 *
379 */
380static int x509_get_crt_ext( unsigned char **p,
381 const unsigned char *end,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]382 x509_crt *crt )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]383{
384 int ret;
385 size_t len;
386 unsigned char *end_ext_data, *end_ext_octet;
387
388 if( ( ret = x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
389 {
390 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
391 return( 0 );
392
393 return( ret );
394 }
395
396 while( *p < end )
397 {
398 /*
399 * Extension ::= SEQUENCE {
400 * extnID OBJECT IDENTIFIER,
401 * critical BOOLEAN DEFAULT FALSE,
402 * extnValue OCTET STRING }
403 */
404 x509_buf extn_oid = {0, 0, NULL};
405 int is_critical = 0; /* DEFAULT FALSE */
406 int ext_type = 0;
407
408 if( ( ret = asn1_get_tag( p, end, &len,
409 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]410 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]411
412 end_ext_data = *p + len;
413
414 /* Get extension ID */
415 extn_oid.tag = **p;
416
417 if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]418 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]419
420 extn_oid.p = *p;
421 *p += extn_oid.len;
422
423 if( ( end - *p ) < 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]424 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]425 POLARSSL_ERR_ASN1_OUT_OF_DATA );
426
427 /* Get optional critical */
428 if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
429 ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]430 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]431
432 /* Data should be octet string type */
433 if( ( ret = asn1_get_tag( p, end_ext_data, &len,
434 ASN1_OCTET_STRING ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]435 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]436
437 end_ext_octet = *p + len;
438
439 if( end_ext_octet != end_ext_data )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]440 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]441 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
442
443 /*
444 * Detect supported extensions
445 */
446 ret = oid_get_x509_ext_type( &extn_oid, &ext_type );
447
448 if( ret != 0 )
449 {
450 /* No parser found, skip extension */
451 *p = end_ext_octet;
452
453#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
454 if( is_critical )
455 {
456 /* Data is marked as critical: fail */
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]457 return ( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]458 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
459 }
460#endif
461 continue;
462 }
463
464 crt->ext_types |= ext_type;
465
466 switch( ext_type )
467 {
468 case EXT_BASIC_CONSTRAINTS:
469 /* Parse basic constraints */
470 if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
471 &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
472 return ( ret );
473 break;
474
475 case EXT_KEY_USAGE:
476 /* Parse key usage */
477 if( ( ret = x509_get_key_usage( p, end_ext_octet,
478 &crt->key_usage ) ) != 0 )
479 return ( ret );
480 break;
481
482 case EXT_EXTENDED_KEY_USAGE:
483 /* Parse extended key usage */
484 if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
485 &crt->ext_key_usage ) ) != 0 )
486 return ( ret );
487 break;
488
489 case EXT_SUBJECT_ALT_NAME:
490 /* Parse subject alt name */
491 if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
492 &crt->subject_alt_names ) ) != 0 )
493 return ( ret );
494 break;
495
496 case EXT_NS_CERT_TYPE:
497 /* Parse netscape certificate type */
498 if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
499 &crt->ns_cert_type ) ) != 0 )
500 return ( ret );
501 break;
502
503 default:
504 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
505 }
506 }
507
508 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]509 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]510 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
511
512 return( 0 );
513}
514
515/*
516 * Parse and fill a single X.509 certificate in DER format
517 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]518static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]519 size_t buflen )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]520{
521 int ret;
522 size_t len;
523 unsigned char *p, *end, *crt_end;
524
525 /*
526 * Check for valid input
527 */
528 if( crt == NULL || buf == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]529 return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]530
531 p = (unsigned char *) polarssl_malloc( len = buflen );
532
533 if( p == NULL )
534 return( POLARSSL_ERR_X509_MALLOC_FAILED );
535
536 memcpy( p, buf, buflen );
537
538 buflen = 0;
539
540 crt->raw.p = p;
541 crt->raw.len = len;
542 end = p + len;
543
544 /*
545 * Certificate ::= SEQUENCE {
546 * tbsCertificate TBSCertificate,
547 * signatureAlgorithm AlgorithmIdentifier,
548 * signatureValue BIT STRING }
549 */
550 if( ( ret = asn1_get_tag( &p, end, &len,
551 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
552 {
553 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]554 return( POLARSSL_ERR_X509_INVALID_FORMAT );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]555 }
556
557 if( len > (size_t) ( end - p ) )
558 {
559 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]560 return( POLARSSL_ERR_X509_INVALID_FORMAT +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]561 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
562 }
563 crt_end = p + len;
564
565 /*
566 * TBSCertificate ::= SEQUENCE {
567 */
568 crt->tbs.p = p;
569
570 if( ( ret = asn1_get_tag( &p, end, &len,
571 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
572 {
573 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]574 return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]575 }
576
577 end = p + len;
578 crt->tbs.len = end - crt->tbs.p;
579
580 /*
581 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
582 *
583 * CertificateSerialNumber ::= INTEGER
584 *
585 * signature AlgorithmIdentifier
586 */
587 if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
588 ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
589 ( ret = x509_get_alg_null( &p, end, &crt->sig_oid1 ) ) != 0 )
590 {
591 x509_crt_free( crt );
592 return( ret );
593 }
594
595 crt->version++;
596
597 if( crt->version > 3 )
598 {
599 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]600 return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]601 }
602
603 if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md,
604 &crt->sig_pk ) ) != 0 )
605 {
606 x509_crt_free( crt );
607 return( ret );
608 }
609
610 /*
611 * issuer Name
612 */
613 crt->issuer_raw.p = p;
614
615 if( ( ret = asn1_get_tag( &p, end, &len,
616 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
617 {
618 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]619 return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]620 }
621
622 if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
623 {
624 x509_crt_free( crt );
625 return( ret );
626 }
627
628 crt->issuer_raw.len = p - crt->issuer_raw.p;
629
630 /*
631 * Validity ::= SEQUENCE {
632 * notBefore Time,
633 * notAfter Time }
634 *
635 */
636 if( ( ret = x509_get_dates( &p, end, &crt->valid_from,
637 &crt->valid_to ) ) != 0 )
638 {
639 x509_crt_free( crt );
640 return( ret );
641 }
642
643 /*
644 * subject Name
645 */
646 crt->subject_raw.p = p;
647
648 if( ( ret = asn1_get_tag( &p, end, &len,
649 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
650 {
651 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]652 return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]653 }
654
655 if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
656 {
657 x509_crt_free( crt );
658 return( ret );
659 }
660
661 crt->subject_raw.len = p - crt->subject_raw.p;
662
663 /*
664 * SubjectPublicKeyInfo
665 */
Paul Bakkerda771152013-09-16 22:45:03 +0200[diff] [blame]666 if( ( ret = pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]667 {
668 x509_crt_free( crt );
669 return( ret );
670 }
671
672 /*
673 * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
674 * -- If present, version shall be v2 or v3
675 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
676 * -- If present, version shall be v2 or v3
677 * extensions [3] EXPLICIT Extensions OPTIONAL
678 * -- If present, version shall be v3
679 */
680 if( crt->version == 2 || crt->version == 3 )
681 {
682 ret = x509_get_uid( &p, end, &crt->issuer_id, 1 );
683 if( ret != 0 )
684 {
685 x509_crt_free( crt );
686 return( ret );
687 }
688 }
689
690 if( crt->version == 2 || crt->version == 3 )
691 {
692 ret = x509_get_uid( &p, end, &crt->subject_id, 2 );
693 if( ret != 0 )
694 {
695 x509_crt_free( crt );
696 return( ret );
697 }
698 }
699
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame]700#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]701 if( crt->version == 3 )
702 {
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame]703#endif
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]704 ret = x509_get_crt_ext( &p, end, crt);
705 if( ret != 0 )
706 {
707 x509_crt_free( crt );
708 return( ret );
709 }
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame]710#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]711 }
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame]712#endif
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]713
714 if( p != end )
715 {
716 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]717 return( POLARSSL_ERR_X509_INVALID_FORMAT +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]718 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
719 }
720
721 end = crt_end;
722
723 /*
724 * }
725 * -- end of TBSCertificate
726 *
727 * signatureAlgorithm AlgorithmIdentifier,
728 * signatureValue BIT STRING
729 */
730 if( ( ret = x509_get_alg_null( &p, end, &crt->sig_oid2 ) ) != 0 )
731 {
732 x509_crt_free( crt );
733 return( ret );
734 }
735
736 if( crt->sig_oid1.len != crt->sig_oid2.len ||
737 memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 )
738 {
739 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]740 return( POLARSSL_ERR_X509_SIG_MISMATCH );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]741 }
742
743 if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 )
744 {
745 x509_crt_free( crt );
746 return( ret );
747 }
748
749 if( p != end )
750 {
751 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]752 return( POLARSSL_ERR_X509_INVALID_FORMAT +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]753 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
754 }
755
756 return( 0 );
757}
758
759/*
760 * Parse one X.509 certificate in DER format from a buffer and add them to a
761 * chained list
762 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]763int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]764 size_t buflen )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]765{
766 int ret;
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]767 x509_crt *crt = chain, *prev = NULL;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]768
769 /*
770 * Check for valid input
771 */
772 if( crt == NULL || buf == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]773 return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]774
775 while( crt->version != 0 && crt->next != NULL )
776 {
777 prev = crt;
778 crt = crt->next;
779 }
780
781 /*
782 * Add new certificate on the end of the chain if needed.
783 */
784 if ( crt->version != 0 && crt->next == NULL)
785 {
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]786 crt->next = (x509_crt *) polarssl_malloc( sizeof( x509_crt ) );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]787
788 if( crt->next == NULL )
789 return( POLARSSL_ERR_X509_MALLOC_FAILED );
790
791 prev = crt;
792 crt = crt->next;
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]793 x509_crt_init( crt );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]794 }
795
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]796 if( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]797 {
798 if( prev )
799 prev->next = NULL;
800
801 if( crt != chain )
802 polarssl_free( crt );
803
804 return( ret );
805 }
806
807 return( 0 );
808}
809
810/*
811 * Parse one or more PEM certificates from a buffer and add them to the chained list
812 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]813int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]814{
815 int success = 0, first_error = 0, total_failed = 0;
816 int buf_format = X509_FORMAT_DER;
817
818 /*
819 * Check for valid input
820 */
821 if( chain == NULL || buf == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]822 return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]823
824 /*
825 * Determine buffer content. Buffer contains either one DER certificate or
826 * one or more PEM certificates.
827 */
828#if defined(POLARSSL_PEM_PARSE_C)
829 if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
830 buf_format = X509_FORMAT_PEM;
831#endif
832
833 if( buf_format == X509_FORMAT_DER )
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]834 return x509_crt_parse_der( chain, buf, buflen );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]835
836#if defined(POLARSSL_PEM_PARSE_C)
837 if( buf_format == X509_FORMAT_PEM )
838 {
839 int ret;
840 pem_context pem;
841
842 while( buflen > 0 )
843 {
844 size_t use_len;
845 pem_init( &pem );
846
847 ret = pem_read_buffer( &pem,
848 "-----BEGIN CERTIFICATE-----",
849 "-----END CERTIFICATE-----",
850 buf, NULL, 0, &use_len );
851
852 if( ret == 0 )
853 {
854 /*
855 * Was PEM encoded
856 */
857 buflen -= use_len;
858 buf += use_len;
859 }
860 else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
861 {
862 return( ret );
863 }
864 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
865 {
866 pem_free( &pem );
867
868 /*
869 * PEM header and footer were found
870 */
871 buflen -= use_len;
872 buf += use_len;
873
874 if( first_error == 0 )
875 first_error = ret;
876
877 continue;
878 }
879 else
880 break;
881
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]882 ret = x509_crt_parse_der( chain, pem.buf, pem.buflen );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]883
884 pem_free( &pem );
885
886 if( ret != 0 )
887 {
888 /*
889 * Quit parsing on a memory error
890 */
891 if( ret == POLARSSL_ERR_X509_MALLOC_FAILED )
892 return( ret );
893
894 if( first_error == 0 )
895 first_error = ret;
896
897 total_failed++;
898 continue;
899 }
900
901 success = 1;
902 }
903 }
904#endif
905
906 if( success )
907 return( total_failed );
908 else if( first_error )
909 return( first_error );
910 else
911 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
912}
913
914#if defined(POLARSSL_FS_IO)
915/*
916 * Load one or more certificates and add them to the chained list
917 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]918int x509_crt_parse_file( x509_crt *chain, const char *path )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]919{
920 int ret;
921 size_t n;
922 unsigned char *buf;
923
924 if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
925 return( ret );
926
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]927 ret = x509_crt_parse( chain, buf, n );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]928
929 memset( buf, 0, n + 1 );
930 polarssl_free( buf );
931
932 return( ret );
933}
934
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]935int x509_crt_parse_path( x509_crt *chain, const char *path )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]936{
937 int ret = 0;
938#if defined(_WIN32)
939 int w_ret;
940 WCHAR szDir[MAX_PATH];
941 char filename[MAX_PATH];
942 char *p;
943 int len = strlen( path );
944
945 WIN32_FIND_DATAW file_data;
946 HANDLE hFind;
947
948 if( len > MAX_PATH - 3 )
Paul Bakker3cf63ed2013-09-23 15:10:16 +0200[diff] [blame]949 return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]950
951 memset( szDir, 0, sizeof(szDir) );
952 memset( filename, 0, MAX_PATH );
953 memcpy( filename, path, len );
954 filename[len++] = '\\';
955 p = filename + len;
956 filename[len++] = '*';
957
958 w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 );
959
960 hFind = FindFirstFileW( szDir, &file_data );
Paul Bakker4aa40d42013-10-11 10:49:24 +0200[diff] [blame]961 if (hFind == INVALID_HANDLE_VALUE)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]962 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
963
964 len = MAX_PATH - len;
965 do
966 {
967 memset( p, 0, len );
968
969 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
970 continue;
971
972 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
973 lstrlenW(file_data.cFileName),
974 p, len - 1,
975 NULL, NULL );
976
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]977 w_ret = x509_crt_parse_file( chain, filename );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]978 if( w_ret < 0 )
979 ret++;
980 else
981 ret += w_ret;
982 }
983 while( FindNextFileW( hFind, &file_data ) != 0 );
984
Paul Bakker4aa40d42013-10-11 10:49:24 +0200[diff] [blame]985 if (GetLastError() != ERROR_NO_MORE_FILES)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]986 ret = POLARSSL_ERR_X509_FILE_IO_ERROR;
987
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]988 FindClose( hFind );
989#else
990 int t_ret, i;
991 struct stat sb;
992 struct dirent entry, *result = NULL;
993 char entry_name[255];
994 DIR *dir = opendir( path );
995
996 if( dir == NULL)
997 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
998
999 while( ( t_ret = readdir_r( dir, &entry, &result ) ) == 0 )
1000 {
1001 if( result == NULL )
1002 break;
1003
1004 snprintf( entry_name, sizeof(entry_name), "%s/%s", path, entry.d_name );
1005
1006 i = stat( entry_name, &sb );
1007
1008 if( i == -1 )
1009 {
1010 closedir( dir );
1011 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
1012 }
1013
1014 if( !S_ISREG( sb.st_mode ) )
1015 continue;
1016
1017 // Ignore parse errors
1018 //
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1019 t_ret = x509_crt_parse_file( chain, entry_name );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1020 if( t_ret < 0 )
1021 ret++;
1022 else
1023 ret += t_ret;
1024 }
1025 closedir( dir );
1026#endif
1027
1028 return( ret );
1029}
1030#endif /* POLARSSL_FS_IO */
1031
1032#if defined _MSC_VER && !defined snprintf
1033#include <stdarg.h>
1034
1035#if !defined vsnprintf
1036#define vsnprintf _vsnprintf
1037#endif // vsnprintf
1038
1039/*
1040 * Windows _snprintf and _vsnprintf are not compatible to linux versions.
1041 * Result value is not size of buffer needed, but -1 if no fit is possible.
1042 *
1043 * This fuction tries to 'fix' this by at least suggesting enlarging the
1044 * size by 20.
1045 */
1046static int compat_snprintf(char *str, size_t size, const char *format, ...)
1047{
1048 va_list ap;
1049 int res = -1;
1050
1051 va_start( ap, format );
1052
1053 res = vsnprintf( str, size, format, ap );
1054
1055 va_end( ap );
1056
1057 // No quick fix possible
1058 if ( res < 0 )
1059 return( (int) size + 20 );
1060
1061 return res;
1062}
1063
1064#define snprintf compat_snprintf
1065#endif
1066
1067#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
1068
1069#define SAFE_SNPRINTF() \
1070{ \
1071 if( ret == -1 ) \
1072 return( -1 ); \
1073 \
1074 if ( (unsigned int) ret > n ) { \
1075 p[n - 1] = '\0'; \
1076 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
1077 } \
1078 \
1079 n -= (unsigned int) ret; \
1080 p += (unsigned int) ret; \
1081}
1082
1083/*
1084 * Return an informational string about the certificate.
1085 */
1086#define BEFORE_COLON 14
1087#define BC "14"
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1088int x509_crt_info( char *buf, size_t size, const char *prefix,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1089 const x509_crt *crt )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1090{
1091 int ret;
1092 size_t n;
1093 char *p;
1094 const char *desc = NULL;
1095 char key_size_str[BEFORE_COLON];
1096
1097 p = buf;
1098 n = size;
1099
1100 ret = snprintf( p, n, "%scert. version : %d\n",
1101 prefix, crt->version );
1102 SAFE_SNPRINTF();
1103 ret = snprintf( p, n, "%sserial number : ",
1104 prefix );
1105 SAFE_SNPRINTF();
1106
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1107 ret = x509_serial_gets( p, n, &crt->serial);
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1108 SAFE_SNPRINTF();
1109
1110 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
1111 SAFE_SNPRINTF();
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1112 ret = x509_dn_gets( p, n, &crt->issuer );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1113 SAFE_SNPRINTF();
1114
1115 ret = snprintf( p, n, "\n%ssubject name : ", prefix );
1116 SAFE_SNPRINTF();
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1117 ret = x509_dn_gets( p, n, &crt->subject );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1118 SAFE_SNPRINTF();
1119
1120 ret = snprintf( p, n, "\n%sissued on : " \
1121 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
1122 crt->valid_from.year, crt->valid_from.mon,
1123 crt->valid_from.day, crt->valid_from.hour,
1124 crt->valid_from.min, crt->valid_from.sec );
1125 SAFE_SNPRINTF();
1126
1127 ret = snprintf( p, n, "\n%sexpires on : " \
1128 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
1129 crt->valid_to.year, crt->valid_to.mon,
1130 crt->valid_to.day, crt->valid_to.hour,
1131 crt->valid_to.min, crt->valid_to.sec );
1132 SAFE_SNPRINTF();
1133
1134 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
1135 SAFE_SNPRINTF();
1136
1137 ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc );
1138 if( ret != 0 )
1139 ret = snprintf( p, n, "???" );
1140 else
1141 ret = snprintf( p, n, "%s", desc );
1142 SAFE_SNPRINTF();
1143
1144 if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON,
1145 pk_get_name( &crt->pk ) ) ) != 0 )
1146 {
1147 return( ret );
1148 }
1149
1150 ret = snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
1151 (int) pk_get_size( &crt->pk ) );
1152 SAFE_SNPRINTF();
1153
1154 return( (int) ( size - n ) );
1155}
1156
1157#if defined(POLARSSL_X509_CRL_PARSE_C)
1158/*
1159 * Return 1 if the certificate is revoked, or 0 otherwise.
1160 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1161int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1162{
1163 const x509_crl_entry *cur = &crl->entry;
1164
1165 while( cur != NULL && cur->serial.len != 0 )
1166 {
1167 if( crt->serial.len == cur->serial.len &&
1168 memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
1169 {
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1170 if( x509_time_expired( &cur->revocation_date ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1171 return( 1 );
1172 }
1173
1174 cur = cur->next;
1175 }
1176
1177 return( 0 );
1178}
1179
1180/*
1181 * Check that the given certificate is valid accoring to the CRL.
1182 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1183static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1184 x509_crl *crl_list)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1185{
1186 int flags = 0;
1187 unsigned char hash[POLARSSL_MD_MAX_SIZE];
1188 const md_info_t *md_info;
1189
1190 if( ca == NULL )
1191 return( flags );
1192
1193 /*
1194 * TODO: What happens if no CRL is present?
1195 * Suggestion: Revocation state should be unknown if no CRL is present.
1196 * For backwards compatibility this is not yet implemented.
1197 */
1198
1199 while( crl_list != NULL )
1200 {
1201 if( crl_list->version == 0 ||
1202 crl_list->issuer_raw.len != ca->subject_raw.len ||
1203 memcmp( crl_list->issuer_raw.p, ca->subject_raw.p,
1204 crl_list->issuer_raw.len ) != 0 )
1205 {
1206 crl_list = crl_list->next;
1207 continue;
1208 }
1209
1210 /*
1211 * Check if CRL is correctly signed by the trusted CA
1212 */
1213 md_info = md_info_from_type( crl_list->sig_md );
1214 if( md_info == NULL )
1215 {
1216 /*
1217 * Cannot check 'unknown' hash
1218 */
1219 flags |= BADCRL_NOT_TRUSTED;
1220 break;
1221 }
1222
1223 md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
1224
1225 if( pk_can_do( &ca->pk, crl_list->sig_pk ) == 0 ||
1226 pk_verify( &ca->pk, crl_list->sig_md, hash, md_info->size,
1227 crl_list->sig.p, crl_list->sig.len ) != 0 )
1228 {
1229 flags |= BADCRL_NOT_TRUSTED;
1230 break;
1231 }
1232
1233 /*
1234 * Check for validity of CRL (Do not drop out)
1235 */
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1236 if( x509_time_expired( &crl_list->next_update ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1237 flags |= BADCRL_EXPIRED;
1238
1239 /*
1240 * Check if certificate is revoked
1241 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1242 if( x509_crt_revoked(crt, crl_list) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1243 {
1244 flags |= BADCERT_REVOKED;
1245 break;
1246 }
1247
1248 crl_list = crl_list->next;
1249 }
1250 return flags;
1251}
1252#endif /* POLARSSL_X509_CRL_PARSE_C */
1253
1254// Equal == 0, inequal == 1
1255static int x509_name_cmp( const void *s1, const void *s2, size_t len )
1256{
1257 size_t i;
1258 unsigned char diff;
1259 const unsigned char *n1 = s1, *n2 = s2;
1260
1261 for( i = 0; i < len; i++ )
1262 {
1263 diff = n1[i] ^ n2[i];
1264
1265 if( ( n1[i] >= 'a' || n1[i] <= 'z' ) && ( diff == 0 || diff == 32 ) )
1266 continue;
1267
1268 if( ( n1[i] >= 'A' || n1[i] <= 'Z' ) && ( diff == 0 || diff == 32 ) )
1269 continue;
1270
1271 return( 1 );
1272 }
1273
1274 return( 0 );
1275}
1276
1277static int x509_wildcard_verify( const char *cn, x509_buf *name )
1278{
1279 size_t i;
1280 size_t cn_idx = 0;
1281
1282 if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' )
1283 return( 0 );
1284
1285 for( i = 0; i < strlen( cn ); ++i )
1286 {
1287 if( cn[i] == '.' )
1288 {
1289 cn_idx = i;
1290 break;
1291 }
1292 }
1293
1294 if( cn_idx == 0 )
1295 return( 0 );
1296
1297 if( strlen( cn ) - cn_idx == name->len - 1 &&
1298 x509_name_cmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
1299 {
1300 return( 1 );
1301 }
1302
1303 return( 0 );
1304}
1305
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1306static int x509_crt_verify_top(
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1307 x509_crt *child, x509_crt *trust_ca,
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1308 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1309 int (*f_vrfy)(void *, x509_crt *, int, int *),
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1310 void *p_vrfy )
1311{
1312 int ret;
1313 int ca_flags = 0, check_path_cnt = path_cnt + 1;
1314 unsigned char hash[POLARSSL_MD_MAX_SIZE];
1315 const md_info_t *md_info;
1316
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1317 if( x509_time_expired( &child->valid_to ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1318 *flags |= BADCERT_EXPIRED;
1319
1320 /*
1321 * Child is the top of the chain. Check against the trust_ca list.
1322 */
1323 *flags |= BADCERT_NOT_TRUSTED;
1324
1325 md_info = md_info_from_type( child->sig_md );
1326 if( md_info == NULL )
1327 {
1328 /*
1329 * Cannot check 'unknown', no need to try any CA
1330 */
1331 trust_ca = NULL;
1332 }
1333 else
1334 md( md_info, child->tbs.p, child->tbs.len, hash );
1335
1336 while( trust_ca != NULL )
1337 {
1338 if( trust_ca->version == 0 ||
1339 child->issuer_raw.len != trust_ca->subject_raw.len ||
1340 memcmp( child->issuer_raw.p, trust_ca->subject_raw.p,
1341 child->issuer_raw.len ) != 0 )
1342 {
1343 trust_ca = trust_ca->next;
1344 continue;
1345 }
1346
1347 /*
1348 * Reduce path_len to check against if top of the chain is
1349 * the same as the trusted CA
1350 */
1351 if( child->subject_raw.len == trust_ca->subject_raw.len &&
1352 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
1353 child->issuer_raw.len ) == 0 )
1354 {
1355 check_path_cnt--;
1356 }
1357
1358 if( trust_ca->max_pathlen > 0 &&
1359 trust_ca->max_pathlen < check_path_cnt )
1360 {
1361 trust_ca = trust_ca->next;
1362 continue;
1363 }
1364
1365 if( pk_can_do( &trust_ca->pk, child->sig_pk ) == 0 ||
1366 pk_verify( &trust_ca->pk, child->sig_md, hash, md_info->size,
1367 child->sig.p, child->sig.len ) != 0 )
1368 {
1369 trust_ca = trust_ca->next;
1370 continue;
1371 }
1372
1373 /*
1374 * Top of chain is signed by a trusted CA
1375 */
1376 *flags &= ~BADCERT_NOT_TRUSTED;
1377 break;
1378 }
1379
1380 /*
1381 * If top of chain is not the same as the trusted CA send a verify request
1382 * to the callback for any issues with validity and CRL presence for the
1383 * trusted CA certificate.
1384 */
1385 if( trust_ca != NULL &&
1386 ( child->subject_raw.len != trust_ca->subject_raw.len ||
1387 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
1388 child->issuer_raw.len ) != 0 ) )
1389 {
1390#if defined(POLARSSL_X509_CRL_PARSE_C)
1391 /* Check trusted CA's CRL for the chain's top crt */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1392 *flags |= x509_crt_verifycrl( child, trust_ca, ca_crl );
Manuel Pégourié-Gonnardcbf3ef32013-09-23 12:20:02 +0200[diff] [blame]1393#else
1394 ((void) ca_crl);
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1395#endif
1396
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1397 if( x509_time_expired( &trust_ca->valid_to ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1398 ca_flags |= BADCERT_EXPIRED;
1399
1400 if( NULL != f_vrfy )
1401 {
1402 if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1, &ca_flags ) ) != 0 )
1403 return( ret );
1404 }
1405 }
1406
1407 /* Call callback on top cert */
1408 if( NULL != f_vrfy )
1409 {
1410 if( ( ret = f_vrfy(p_vrfy, child, path_cnt, flags ) ) != 0 )
1411 return( ret );
1412 }
1413
1414 *flags |= ca_flags;
1415
1416 return( 0 );
1417}
1418
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1419static int x509_crt_verify_child(
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1420 x509_crt *child, x509_crt *parent, x509_crt *trust_ca,
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1421 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1422 int (*f_vrfy)(void *, x509_crt *, int, int *),
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1423 void *p_vrfy )
1424{
1425 int ret;
1426 int parent_flags = 0;
1427 unsigned char hash[POLARSSL_MD_MAX_SIZE];
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1428 x509_crt *grandparent;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1429 const md_info_t *md_info;
1430
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1431 if( x509_time_expired( &child->valid_to ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1432 *flags |= BADCERT_EXPIRED;
1433
1434 md_info = md_info_from_type( child->sig_md );
1435 if( md_info == NULL )
1436 {
1437 /*
1438 * Cannot check 'unknown' hash
1439 */
1440 *flags |= BADCERT_NOT_TRUSTED;
1441 }
1442 else
1443 {
1444 md( md_info, child->tbs.p, child->tbs.len, hash );
1445
1446 if( pk_can_do( &parent->pk, child->sig_pk ) == 0 ||
1447 pk_verify( &parent->pk, child->sig_md, hash, md_info->size,
1448 child->sig.p, child->sig.len ) != 0 )
1449 {
1450 *flags |= BADCERT_NOT_TRUSTED;
1451 }
1452 }
1453
1454#if defined(POLARSSL_X509_CRL_PARSE_C)
1455 /* Check trusted CA's CRL for the given crt */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1456 *flags |= x509_crt_verifycrl(child, parent, ca_crl);
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1457#endif
1458
1459 grandparent = parent->next;
1460
1461 while( grandparent != NULL )
1462 {
1463 if( grandparent->version == 0 ||
1464 grandparent->ca_istrue == 0 ||
1465 parent->issuer_raw.len != grandparent->subject_raw.len ||
1466 memcmp( parent->issuer_raw.p, grandparent->subject_raw.p,
1467 parent->issuer_raw.len ) != 0 )
1468 {
1469 grandparent = grandparent->next;
1470 continue;
1471 }
1472 break;
1473 }
1474
1475 if( grandparent != NULL )
1476 {
1477 /*
1478 * Part of the chain
1479 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1480 ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1481 if( ret != 0 )
1482 return( ret );
1483 }
1484 else
1485 {
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1486 ret = x509_crt_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1487 if( ret != 0 )
1488 return( ret );
1489 }
1490
1491 /* child is verified to be a child of the parent, call verify callback */
1492 if( NULL != f_vrfy )
1493 if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
1494 return( ret );
1495
1496 *flags |= parent_flags;
1497
1498 return( 0 );
1499}
1500
1501/*
1502 * Verify the certificate validity
1503 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1504int x509_crt_verify( x509_crt *crt,
1505 x509_crt *trust_ca,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1506 x509_crl *ca_crl,
1507 const char *cn, int *flags,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1508 int (*f_vrfy)(void *, x509_crt *, int, int *),
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1509 void *p_vrfy )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1510{
1511 size_t cn_len;
1512 int ret;
1513 int pathlen = 0;
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1514 x509_crt *parent;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1515 x509_name *name;
1516 x509_sequence *cur = NULL;
1517
1518 *flags = 0;
1519
1520 if( cn != NULL )
1521 {
1522 name = &crt->subject;
1523 cn_len = strlen( cn );
1524
1525 if( crt->ext_types & EXT_SUBJECT_ALT_NAME )
1526 {
1527 cur = &crt->subject_alt_names;
1528
1529 while( cur != NULL )
1530 {
1531 if( cur->buf.len == cn_len &&
1532 x509_name_cmp( cn, cur->buf.p, cn_len ) == 0 )
1533 break;
1534
1535 if( cur->buf.len > 2 &&
1536 memcmp( cur->buf.p, "*.", 2 ) == 0 &&
1537 x509_wildcard_verify( cn, &cur->buf ) )
1538 break;
1539
1540 cur = cur->next;
1541 }
1542
1543 if( cur == NULL )
1544 *flags |= BADCERT_CN_MISMATCH;
1545 }
1546 else
1547 {
1548 while( name != NULL )
1549 {
1550 if( OID_CMP( OID_AT_CN, &name->oid ) )
1551 {
1552 if( name->val.len == cn_len &&
1553 x509_name_cmp( name->val.p, cn, cn_len ) == 0 )
1554 break;
1555
1556 if( name->val.len > 2 &&
1557 memcmp( name->val.p, "*.", 2 ) == 0 &&
1558 x509_wildcard_verify( cn, &name->val ) )
1559 break;
1560 }
1561
1562 name = name->next;
1563 }
1564
1565 if( name == NULL )
1566 *flags |= BADCERT_CN_MISMATCH;
1567 }
1568 }
1569
1570 /*
1571 * Iterate upwards in the given cert chain, to find our crt parent.
1572 * Ignore any upper cert with CA != TRUE.
1573 */
1574 parent = crt->next;
1575
1576 while( parent != NULL && parent->version != 0 )
1577 {
1578 if( parent->ca_istrue == 0 ||
1579 crt->issuer_raw.len != parent->subject_raw.len ||
1580 memcmp( crt->issuer_raw.p, parent->subject_raw.p,
1581 crt->issuer_raw.len ) != 0 )
1582 {
1583 parent = parent->next;
1584 continue;
1585 }
1586 break;
1587 }
1588
1589 if( parent != NULL )
1590 {
1591 /*
1592 * Part of the chain
1593 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1594 ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1595 if( ret != 0 )
1596 return( ret );
1597 }
1598 else
1599 {
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1600 ret = x509_crt_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1601 if( ret != 0 )
1602 return( ret );
1603 }
1604
1605 if( *flags != 0 )
1606 return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED );
1607
1608 return( 0 );
1609}
1610
1611/*
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]1612 * Initialize a certificate chain
1613 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1614void x509_crt_init( x509_crt *crt )
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]1615{
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1616 memset( crt, 0, sizeof(x509_crt) );
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]1617}
1618
1619/*
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1620 * Unallocate all certificate data
1621 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1622void x509_crt_free( x509_crt *crt )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1623{
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1624 x509_crt *cert_cur = crt;
1625 x509_crt *cert_prv;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1626 x509_name *name_cur;
1627 x509_name *name_prv;
1628 x509_sequence *seq_cur;
1629 x509_sequence *seq_prv;
1630
1631 if( crt == NULL )
1632 return;
1633
1634 do
1635 {
1636 pk_free( &cert_cur->pk );
1637
1638 name_cur = cert_cur->issuer.next;
1639 while( name_cur != NULL )
1640 {
1641 name_prv = name_cur;
1642 name_cur = name_cur->next;
1643 memset( name_prv, 0, sizeof( x509_name ) );
1644 polarssl_free( name_prv );
1645 }
1646
1647 name_cur = cert_cur->subject.next;
1648 while( name_cur != NULL )
1649 {
1650 name_prv = name_cur;
1651 name_cur = name_cur->next;
1652 memset( name_prv, 0, sizeof( x509_name ) );
1653 polarssl_free( name_prv );
1654 }
1655
1656 seq_cur = cert_cur->ext_key_usage.next;
1657 while( seq_cur != NULL )
1658 {
1659 seq_prv = seq_cur;
1660 seq_cur = seq_cur->next;
1661 memset( seq_prv, 0, sizeof( x509_sequence ) );
1662 polarssl_free( seq_prv );
1663 }
1664
1665 seq_cur = cert_cur->subject_alt_names.next;
1666 while( seq_cur != NULL )
1667 {
1668 seq_prv = seq_cur;
1669 seq_cur = seq_cur->next;
1670 memset( seq_prv, 0, sizeof( x509_sequence ) );
1671 polarssl_free( seq_prv );
1672 }
1673
1674 if( cert_cur->raw.p != NULL )
1675 {
1676 memset( cert_cur->raw.p, 0, cert_cur->raw.len );
1677 polarssl_free( cert_cur->raw.p );
1678 }
1679
1680 cert_cur = cert_cur->next;
1681 }
1682 while( cert_cur != NULL );
1683
1684 cert_cur = crt;
1685 do
1686 {
1687 cert_prv = cert_cur;
1688 cert_cur = cert_cur->next;
1689
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1690 memset( cert_prv, 0, sizeof( x509_crt ) );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1691 if( cert_prv != crt )
1692 polarssl_free( cert_prv );
1693 }
1694 while( cert_cur != NULL );
1695}
1696
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1697#endif