TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / c27c4e2efb0656e27103a7f59c819a2cdbdc5588 / . / library / x509_crt.c
blob: 1fa779cb9b6718d6b5626e501d2dbcfafbe74c86 [file] [log] [blame]
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1/*
2 * X.509 certificate and private key decoding
3 *
4 * Copyright (C) 2006-2013, Brainspark B.V.
5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
8 *
9 * All rights reserved.
10 *
11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25/*
26 * The ITU-T X.509 standard defines a certificate format for PKI.
27 *
28 * http://www.ietf.org/rfc/rfc3279.txt
29 * http://www.ietf.org/rfc/rfc3280.txt
30 *
31 * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
32 *
33 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
34 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
35 */
36
37#include "polarssl/config.h"
38
39#if defined(POLARSSL_X509_CRT_PARSE_C)
40
41#include "polarssl/x509_crt.h"
42#include "polarssl/oid.h"
43#if defined(POLARSSL_PEM_PARSE_C)
44#include "polarssl/pem.h"
45#endif
46
47#if defined(POLARSSL_MEMORY_C)
48#include "polarssl/memory.h"
49#else
50#define polarssl_malloc malloc
51#define polarssl_free free
52#endif
53
54#include <string.h>
55#include <stdlib.h>
56#if defined(_WIN32)
57#include <windows.h>
58#else
59#include <time.h>
60#endif
61
62#if defined(POLARSSL_FS_IO)
63#include <stdio.h>
64#if !defined(_WIN32)
65#include <sys/types.h>
66#include <sys/stat.h>
67#include <dirent.h>
68#endif
69#endif
70
71/*
72 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
73 */
74static int x509_get_version( unsigned char **p,
75 const unsigned char *end,
76 int *ver )
77{
78 int ret;
79 size_t len;
80
81 if( ( ret = asn1_get_tag( p, end, &len,
82 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 )
83 {
84 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
85 {
86 *ver = 0;
87 return( 0 );
88 }
89
90 return( ret );
91 }
92
93 end = *p + len;
94
95 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]96 return( POLARSSL_ERR_X509_INVALID_VERSION + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]97
98 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]99 return( POLARSSL_ERR_X509_INVALID_VERSION +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]100 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
101
102 return( 0 );
103}
104
105/*
106 * Validity ::= SEQUENCE {
107 * notBefore Time,
108 * notAfter Time }
109 */
110static int x509_get_dates( unsigned char **p,
111 const unsigned char *end,
112 x509_time *from,
113 x509_time *to )
114{
115 int ret;
116 size_t len;
117
118 if( ( ret = asn1_get_tag( p, end, &len,
119 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]120 return( POLARSSL_ERR_X509_INVALID_DATE + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]121
122 end = *p + len;
123
124 if( ( ret = x509_get_time( p, end, from ) ) != 0 )
125 return( ret );
126
127 if( ( ret = x509_get_time( p, end, to ) ) != 0 )
128 return( ret );
129
130 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]131 return( POLARSSL_ERR_X509_INVALID_DATE +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]132 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
133
134 return( 0 );
135}
136
137/*
138 * X.509 v2/v3 unique identifier (not parsed)
139 */
140static int x509_get_uid( unsigned char **p,
141 const unsigned char *end,
142 x509_buf *uid, int n )
143{
144 int ret;
145
146 if( *p == end )
147 return( 0 );
148
149 uid->tag = **p;
150
151 if( ( ret = asn1_get_tag( p, end, &uid->len,
152 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n ) ) != 0 )
153 {
154 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
155 return( 0 );
156
157 return( ret );
158 }
159
160 uid->p = *p;
161 *p += uid->len;
162
163 return( 0 );
164}
165
166static int x509_get_basic_constraints( unsigned char **p,
167 const unsigned char *end,
168 int *ca_istrue,
169 int *max_pathlen )
170{
171 int ret;
172 size_t len;
173
174 /*
175 * BasicConstraints ::= SEQUENCE {
176 * cA BOOLEAN DEFAULT FALSE,
177 * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
178 */
179 *ca_istrue = 0; /* DEFAULT FALSE */
180 *max_pathlen = 0; /* endless */
181
182 if( ( ret = asn1_get_tag( p, end, &len,
183 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]184 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]185
186 if( *p == end )
187 return 0;
188
189 if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 )
190 {
191 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
192 ret = asn1_get_int( p, end, ca_istrue );
193
194 if( ret != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]195 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]196
197 if( *ca_istrue != 0 )
198 *ca_istrue = 1;
199 }
200
201 if( *p == end )
202 return 0;
203
204 if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]205 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]206
207 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]208 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]209 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
210
211 (*max_pathlen)++;
212
213 return 0;
214}
215
216static int x509_get_ns_cert_type( unsigned char **p,
217 const unsigned char *end,
218 unsigned char *ns_cert_type)
219{
220 int ret;
221 x509_bitstring bs = { 0, 0, NULL };
222
223 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]224 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]225
226 if( bs.len != 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]227 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]228 POLARSSL_ERR_ASN1_INVALID_LENGTH );
229
230 /* Get actual bitstring */
231 *ns_cert_type = *bs.p;
232 return 0;
233}
234
235static int x509_get_key_usage( unsigned char **p,
236 const unsigned char *end,
237 unsigned char *key_usage)
238{
239 int ret;
240 x509_bitstring bs = { 0, 0, NULL };
241
242 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]243 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]244
245 if( bs.len < 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]246 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]247 POLARSSL_ERR_ASN1_INVALID_LENGTH );
248
249 /* Get actual bitstring */
250 *key_usage = *bs.p;
251 return 0;
252}
253
254/*
255 * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
256 *
257 * KeyPurposeId ::= OBJECT IDENTIFIER
258 */
259static int x509_get_ext_key_usage( unsigned char **p,
260 const unsigned char *end,
261 x509_sequence *ext_key_usage)
262{
263 int ret;
264
265 if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]266 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]267
268 /* Sequence length must be >= 1 */
269 if( ext_key_usage->buf.p == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]270 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]271 POLARSSL_ERR_ASN1_INVALID_LENGTH );
272
273 return 0;
274}
275
276/*
277 * SubjectAltName ::= GeneralNames
278 *
279 * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
280 *
281 * GeneralName ::= CHOICE {
282 * otherName [0] OtherName,
283 * rfc822Name [1] IA5String,
284 * dNSName [2] IA5String,
285 * x400Address [3] ORAddress,
286 * directoryName [4] Name,
287 * ediPartyName [5] EDIPartyName,
288 * uniformResourceIdentifier [6] IA5String,
289 * iPAddress [7] OCTET STRING,
290 * registeredID [8] OBJECT IDENTIFIER }
291 *
292 * OtherName ::= SEQUENCE {
293 * type-id OBJECT IDENTIFIER,
294 * value [0] EXPLICIT ANY DEFINED BY type-id }
295 *
296 * EDIPartyName ::= SEQUENCE {
297 * nameAssigner [0] DirectoryString OPTIONAL,
298 * partyName [1] DirectoryString }
299 *
300 * NOTE: PolarSSL only parses and uses dNSName at this point.
301 */
302static int x509_get_subject_alt_name( unsigned char **p,
303 const unsigned char *end,
304 x509_sequence *subject_alt_name )
305{
306 int ret;
307 size_t len, tag_len;
308 asn1_buf *buf;
309 unsigned char tag;
310 asn1_sequence *cur = subject_alt_name;
311
312 /* Get main sequence tag */
313 if( ( ret = asn1_get_tag( p, end, &len,
314 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]315 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]316
317 if( *p + len != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]318 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]319 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
320
321 while( *p < end )
322 {
323 if( ( end - *p ) < 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]324 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]325 POLARSSL_ERR_ASN1_OUT_OF_DATA );
326
327 tag = **p;
328 (*p)++;
329 if( ( ret = asn1_get_len( p, end, &tag_len ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]330 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]331
332 if( ( tag & ASN1_CONTEXT_SPECIFIC ) != ASN1_CONTEXT_SPECIFIC )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]333 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]334 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
335
336 if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )
337 {
338 *p += tag_len;
339 continue;
340 }
341
342 buf = &(cur->buf);
343 buf->tag = tag;
344 buf->p = *p;
345 buf->len = tag_len;
346 *p += buf->len;
347
348 /* Allocate and assign next pointer */
349 if (*p < end)
350 {
351 cur->next = (asn1_sequence *) polarssl_malloc(
352 sizeof( asn1_sequence ) );
353
354 if( cur->next == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]355 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]356 POLARSSL_ERR_ASN1_MALLOC_FAILED );
357
358 memset( cur->next, 0, sizeof( asn1_sequence ) );
359 cur = cur->next;
360 }
361 }
362
363 /* Set final sequence entry's next pointer to NULL */
364 cur->next = NULL;
365
366 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]367 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]368 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
369
370 return( 0 );
371}
372
373/*
374 * X.509 v3 extensions
375 *
376 * TODO: Perform all of the basic constraints tests required by the RFC
377 * TODO: Set values for undetected extensions to a sane default?
378 *
379 */
380static int x509_get_crt_ext( unsigned char **p,
381 const unsigned char *end,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]382 x509_crt *crt )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]383{
384 int ret;
385 size_t len;
386 unsigned char *end_ext_data, *end_ext_octet;
387
388 if( ( ret = x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
389 {
390 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
391 return( 0 );
392
393 return( ret );
394 }
395
396 while( *p < end )
397 {
398 /*
399 * Extension ::= SEQUENCE {
400 * extnID OBJECT IDENTIFIER,
401 * critical BOOLEAN DEFAULT FALSE,
402 * extnValue OCTET STRING }
403 */
404 x509_buf extn_oid = {0, 0, NULL};
405 int is_critical = 0; /* DEFAULT FALSE */
406 int ext_type = 0;
407
408 if( ( ret = asn1_get_tag( p, end, &len,
409 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]410 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]411
412 end_ext_data = *p + len;
413
414 /* Get extension ID */
415 extn_oid.tag = **p;
416
417 if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]418 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]419
420 extn_oid.p = *p;
421 *p += extn_oid.len;
422
423 if( ( end - *p ) < 1 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]424 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]425 POLARSSL_ERR_ASN1_OUT_OF_DATA );
426
427 /* Get optional critical */
428 if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
429 ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]430 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]431
432 /* Data should be octet string type */
433 if( ( ret = asn1_get_tag( p, end_ext_data, &len,
434 ASN1_OCTET_STRING ) ) != 0 )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]435 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]436
437 end_ext_octet = *p + len;
438
439 if( end_ext_octet != end_ext_data )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]440 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]441 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
442
443 /*
444 * Detect supported extensions
445 */
446 ret = oid_get_x509_ext_type( &extn_oid, &ext_type );
447
448 if( ret != 0 )
449 {
450 /* No parser found, skip extension */
451 *p = end_ext_octet;
452
453#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
454 if( is_critical )
455 {
456 /* Data is marked as critical: fail */
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]457 return ( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]458 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
459 }
460#endif
461 continue;
462 }
463
464 crt->ext_types |= ext_type;
465
466 switch( ext_type )
467 {
468 case EXT_BASIC_CONSTRAINTS:
469 /* Parse basic constraints */
470 if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
471 &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
472 return ( ret );
473 break;
474
475 case EXT_KEY_USAGE:
476 /* Parse key usage */
477 if( ( ret = x509_get_key_usage( p, end_ext_octet,
478 &crt->key_usage ) ) != 0 )
479 return ( ret );
480 break;
481
482 case EXT_EXTENDED_KEY_USAGE:
483 /* Parse extended key usage */
484 if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
485 &crt->ext_key_usage ) ) != 0 )
486 return ( ret );
487 break;
488
489 case EXT_SUBJECT_ALT_NAME:
490 /* Parse subject alt name */
491 if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
492 &crt->subject_alt_names ) ) != 0 )
493 return ( ret );
494 break;
495
496 case EXT_NS_CERT_TYPE:
497 /* Parse netscape certificate type */
498 if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
499 &crt->ns_cert_type ) ) != 0 )
500 return ( ret );
501 break;
502
503 default:
504 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
505 }
506 }
507
508 if( *p != end )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]509 return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]510 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
511
512 return( 0 );
513}
514
515/*
516 * Parse and fill a single X.509 certificate in DER format
517 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]518static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]519 size_t buflen )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]520{
521 int ret;
522 size_t len;
523 unsigned char *p, *end, *crt_end;
524
525 /*
526 * Check for valid input
527 */
528 if( crt == NULL || buf == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]529 return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]530
531 p = (unsigned char *) polarssl_malloc( len = buflen );
532
533 if( p == NULL )
534 return( POLARSSL_ERR_X509_MALLOC_FAILED );
535
536 memcpy( p, buf, buflen );
537
538 buflen = 0;
539
540 crt->raw.p = p;
541 crt->raw.len = len;
542 end = p + len;
543
544 /*
545 * Certificate ::= SEQUENCE {
546 * tbsCertificate TBSCertificate,
547 * signatureAlgorithm AlgorithmIdentifier,
548 * signatureValue BIT STRING }
549 */
550 if( ( ret = asn1_get_tag( &p, end, &len,
551 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
552 {
553 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]554 return( POLARSSL_ERR_X509_INVALID_FORMAT );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]555 }
556
557 if( len > (size_t) ( end - p ) )
558 {
559 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]560 return( POLARSSL_ERR_X509_INVALID_FORMAT +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]561 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
562 }
563 crt_end = p + len;
564
565 /*
566 * TBSCertificate ::= SEQUENCE {
567 */
568 crt->tbs.p = p;
569
570 if( ( ret = asn1_get_tag( &p, end, &len,
571 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
572 {
573 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]574 return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]575 }
576
577 end = p + len;
578 crt->tbs.len = end - crt->tbs.p;
579
580 /*
581 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
582 *
583 * CertificateSerialNumber ::= INTEGER
584 *
585 * signature AlgorithmIdentifier
586 */
587 if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
588 ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
589 ( ret = x509_get_alg_null( &p, end, &crt->sig_oid1 ) ) != 0 )
590 {
591 x509_crt_free( crt );
592 return( ret );
593 }
594
595 crt->version++;
596
597 if( crt->version > 3 )
598 {
599 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]600 return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]601 }
602
603 if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md,
604 &crt->sig_pk ) ) != 0 )
605 {
606 x509_crt_free( crt );
607 return( ret );
608 }
609
610 /*
611 * issuer Name
612 */
613 crt->issuer_raw.p = p;
614
615 if( ( ret = asn1_get_tag( &p, end, &len,
616 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
617 {
618 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]619 return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]620 }
621
622 if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
623 {
624 x509_crt_free( crt );
625 return( ret );
626 }
627
628 crt->issuer_raw.len = p - crt->issuer_raw.p;
629
630 /*
631 * Validity ::= SEQUENCE {
632 * notBefore Time,
633 * notAfter Time }
634 *
635 */
636 if( ( ret = x509_get_dates( &p, end, &crt->valid_from,
637 &crt->valid_to ) ) != 0 )
638 {
639 x509_crt_free( crt );
640 return( ret );
641 }
642
643 /*
644 * subject Name
645 */
646 crt->subject_raw.p = p;
647
648 if( ( ret = asn1_get_tag( &p, end, &len,
649 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
650 {
651 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]652 return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]653 }
654
655 if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
656 {
657 x509_crt_free( crt );
658 return( ret );
659 }
660
661 crt->subject_raw.len = p - crt->subject_raw.p;
662
663 /*
664 * SubjectPublicKeyInfo
665 */
Paul Bakkerda771152013-09-16 22:45:03 +0200[diff] [blame]666 if( ( ret = pk_parse_subpubkey( &p, end, &crt->pk ) ) != 0 )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]667 {
668 x509_crt_free( crt );
669 return( ret );
670 }
671
672 /*
673 * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
674 * -- If present, version shall be v2 or v3
675 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
676 * -- If present, version shall be v2 or v3
677 * extensions [3] EXPLICIT Extensions OPTIONAL
678 * -- If present, version shall be v3
679 */
680 if( crt->version == 2 || crt->version == 3 )
681 {
682 ret = x509_get_uid( &p, end, &crt->issuer_id, 1 );
683 if( ret != 0 )
684 {
685 x509_crt_free( crt );
686 return( ret );
687 }
688 }
689
690 if( crt->version == 2 || crt->version == 3 )
691 {
692 ret = x509_get_uid( &p, end, &crt->subject_id, 2 );
693 if( ret != 0 )
694 {
695 x509_crt_free( crt );
696 return( ret );
697 }
698 }
699
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame^]700#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]701 if( crt->version == 3 )
702 {
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame^]703#endif
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]704 ret = x509_get_crt_ext( &p, end, crt);
705 if( ret != 0 )
706 {
707 x509_crt_free( crt );
708 return( ret );
709 }
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame^]710#if !defined(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]711 }
Paul Bakkerc27c4e22013-09-23 15:01:36 +0200[diff] [blame^]712#endif
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]713
714 if( p != end )
715 {
716 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]717 return( POLARSSL_ERR_X509_INVALID_FORMAT +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]718 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
719 }
720
721 end = crt_end;
722
723 /*
724 * }
725 * -- end of TBSCertificate
726 *
727 * signatureAlgorithm AlgorithmIdentifier,
728 * signatureValue BIT STRING
729 */
730 if( ( ret = x509_get_alg_null( &p, end, &crt->sig_oid2 ) ) != 0 )
731 {
732 x509_crt_free( crt );
733 return( ret );
734 }
735
736 if( crt->sig_oid1.len != crt->sig_oid2.len ||
737 memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 )
738 {
739 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]740 return( POLARSSL_ERR_X509_SIG_MISMATCH );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]741 }
742
743 if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 )
744 {
745 x509_crt_free( crt );
746 return( ret );
747 }
748
749 if( p != end )
750 {
751 x509_crt_free( crt );
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]752 return( POLARSSL_ERR_X509_INVALID_FORMAT +
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]753 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
754 }
755
756 return( 0 );
757}
758
759/*
760 * Parse one X.509 certificate in DER format from a buffer and add them to a
761 * chained list
762 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]763int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]764 size_t buflen )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]765{
766 int ret;
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]767 x509_crt *crt = chain, *prev = NULL;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]768
769 /*
770 * Check for valid input
771 */
772 if( crt == NULL || buf == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]773 return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]774
775 while( crt->version != 0 && crt->next != NULL )
776 {
777 prev = crt;
778 crt = crt->next;
779 }
780
781 /*
782 * Add new certificate on the end of the chain if needed.
783 */
784 if ( crt->version != 0 && crt->next == NULL)
785 {
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]786 crt->next = (x509_crt *) polarssl_malloc( sizeof( x509_crt ) );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]787
788 if( crt->next == NULL )
789 return( POLARSSL_ERR_X509_MALLOC_FAILED );
790
791 prev = crt;
792 crt = crt->next;
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]793 x509_crt_init( crt );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]794 }
795
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]796 if( ( ret = x509_crt_parse_der_core( crt, buf, buflen ) ) != 0 )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]797 {
798 if( prev )
799 prev->next = NULL;
800
801 if( crt != chain )
802 polarssl_free( crt );
803
804 return( ret );
805 }
806
807 return( 0 );
808}
809
810/*
811 * Parse one or more PEM certificates from a buffer and add them to the chained list
812 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]813int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]814{
815 int success = 0, first_error = 0, total_failed = 0;
816 int buf_format = X509_FORMAT_DER;
817
818 /*
819 * Check for valid input
820 */
821 if( chain == NULL || buf == NULL )
Paul Bakker51876562013-09-17 14:36:05 +0200[diff] [blame]822 return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]823
824 /*
825 * Determine buffer content. Buffer contains either one DER certificate or
826 * one or more PEM certificates.
827 */
828#if defined(POLARSSL_PEM_PARSE_C)
829 if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
830 buf_format = X509_FORMAT_PEM;
831#endif
832
833 if( buf_format == X509_FORMAT_DER )
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]834 return x509_crt_parse_der( chain, buf, buflen );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]835
836#if defined(POLARSSL_PEM_PARSE_C)
837 if( buf_format == X509_FORMAT_PEM )
838 {
839 int ret;
840 pem_context pem;
841
842 while( buflen > 0 )
843 {
844 size_t use_len;
845 pem_init( &pem );
846
847 ret = pem_read_buffer( &pem,
848 "-----BEGIN CERTIFICATE-----",
849 "-----END CERTIFICATE-----",
850 buf, NULL, 0, &use_len );
851
852 if( ret == 0 )
853 {
854 /*
855 * Was PEM encoded
856 */
857 buflen -= use_len;
858 buf += use_len;
859 }
860 else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
861 {
862 return( ret );
863 }
864 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
865 {
866 pem_free( &pem );
867
868 /*
869 * PEM header and footer were found
870 */
871 buflen -= use_len;
872 buf += use_len;
873
874 if( first_error == 0 )
875 first_error = ret;
876
877 continue;
878 }
879 else
880 break;
881
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]882 ret = x509_crt_parse_der( chain, pem.buf, pem.buflen );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]883
884 pem_free( &pem );
885
886 if( ret != 0 )
887 {
888 /*
889 * Quit parsing on a memory error
890 */
891 if( ret == POLARSSL_ERR_X509_MALLOC_FAILED )
892 return( ret );
893
894 if( first_error == 0 )
895 first_error = ret;
896
897 total_failed++;
898 continue;
899 }
900
901 success = 1;
902 }
903 }
904#endif
905
906 if( success )
907 return( total_failed );
908 else if( first_error )
909 return( first_error );
910 else
911 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
912}
913
914#if defined(POLARSSL_FS_IO)
915/*
916 * Load one or more certificates and add them to the chained list
917 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]918int x509_crt_parse_file( x509_crt *chain, const char *path )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]919{
920 int ret;
921 size_t n;
922 unsigned char *buf;
923
924 if ( ( ret = x509_load_file( path, &buf, &n ) ) != 0 )
925 return( ret );
926
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]927 ret = x509_crt_parse( chain, buf, n );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]928
929 memset( buf, 0, n + 1 );
930 polarssl_free( buf );
931
932 return( ret );
933}
934
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]935int x509_crt_parse_path( x509_crt *chain, const char *path )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]936{
937 int ret = 0;
938#if defined(_WIN32)
939 int w_ret;
940 WCHAR szDir[MAX_PATH];
941 char filename[MAX_PATH];
942 char *p;
943 int len = strlen( path );
944
945 WIN32_FIND_DATAW file_data;
946 HANDLE hFind;
947
948 if( len > MAX_PATH - 3 )
949 return( POLARSSL_ERR_X509_INVALID_INPUT );
950
951 memset( szDir, 0, sizeof(szDir) );
952 memset( filename, 0, MAX_PATH );
953 memcpy( filename, path, len );
954 filename[len++] = '\\';
955 p = filename + len;
956 filename[len++] = '*';
957
958 w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 );
959
960 hFind = FindFirstFileW( szDir, &file_data );
961 if (hFind == INVALID_HANDLE_VALUE)
962 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
963
964 len = MAX_PATH - len;
965 do
966 {
967 memset( p, 0, len );
968
969 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
970 continue;
971
972 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
973 lstrlenW(file_data.cFileName),
974 p, len - 1,
975 NULL, NULL );
976
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]977 w_ret = x509_crt_parse_file( chain, filename );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]978 if( w_ret < 0 )
979 ret++;
980 else
981 ret += w_ret;
982 }
983 while( FindNextFileW( hFind, &file_data ) != 0 );
984
985 if (GetLastError() != ERROR_NO_MORE_FILES)
986 ret = POLARSSL_ERR_X509_FILE_IO_ERROR;
987
988cleanup:
989 FindClose( hFind );
990#else
991 int t_ret, i;
992 struct stat sb;
993 struct dirent entry, *result = NULL;
994 char entry_name[255];
995 DIR *dir = opendir( path );
996
997 if( dir == NULL)
998 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
999
1000 while( ( t_ret = readdir_r( dir, &entry, &result ) ) == 0 )
1001 {
1002 if( result == NULL )
1003 break;
1004
1005 snprintf( entry_name, sizeof(entry_name), "%s/%s", path, entry.d_name );
1006
1007 i = stat( entry_name, &sb );
1008
1009 if( i == -1 )
1010 {
1011 closedir( dir );
1012 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
1013 }
1014
1015 if( !S_ISREG( sb.st_mode ) )
1016 continue;
1017
1018 // Ignore parse errors
1019 //
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1020 t_ret = x509_crt_parse_file( chain, entry_name );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1021 if( t_ret < 0 )
1022 ret++;
1023 else
1024 ret += t_ret;
1025 }
1026 closedir( dir );
1027#endif
1028
1029 return( ret );
1030}
1031#endif /* POLARSSL_FS_IO */
1032
1033#if defined _MSC_VER && !defined snprintf
1034#include <stdarg.h>
1035
1036#if !defined vsnprintf
1037#define vsnprintf _vsnprintf
1038#endif // vsnprintf
1039
1040/*
1041 * Windows _snprintf and _vsnprintf are not compatible to linux versions.
1042 * Result value is not size of buffer needed, but -1 if no fit is possible.
1043 *
1044 * This fuction tries to 'fix' this by at least suggesting enlarging the
1045 * size by 20.
1046 */
1047static int compat_snprintf(char *str, size_t size, const char *format, ...)
1048{
1049 va_list ap;
1050 int res = -1;
1051
1052 va_start( ap, format );
1053
1054 res = vsnprintf( str, size, format, ap );
1055
1056 va_end( ap );
1057
1058 // No quick fix possible
1059 if ( res < 0 )
1060 return( (int) size + 20 );
1061
1062 return res;
1063}
1064
1065#define snprintf compat_snprintf
1066#endif
1067
1068#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
1069
1070#define SAFE_SNPRINTF() \
1071{ \
1072 if( ret == -1 ) \
1073 return( -1 ); \
1074 \
1075 if ( (unsigned int) ret > n ) { \
1076 p[n - 1] = '\0'; \
1077 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
1078 } \
1079 \
1080 n -= (unsigned int) ret; \
1081 p += (unsigned int) ret; \
1082}
1083
1084/*
1085 * Return an informational string about the certificate.
1086 */
1087#define BEFORE_COLON 14
1088#define BC "14"
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1089int x509_crt_info( char *buf, size_t size, const char *prefix,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1090 const x509_crt *crt )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1091{
1092 int ret;
1093 size_t n;
1094 char *p;
1095 const char *desc = NULL;
1096 char key_size_str[BEFORE_COLON];
1097
1098 p = buf;
1099 n = size;
1100
1101 ret = snprintf( p, n, "%scert. version : %d\n",
1102 prefix, crt->version );
1103 SAFE_SNPRINTF();
1104 ret = snprintf( p, n, "%sserial number : ",
1105 prefix );
1106 SAFE_SNPRINTF();
1107
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1108 ret = x509_serial_gets( p, n, &crt->serial);
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1109 SAFE_SNPRINTF();
1110
1111 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
1112 SAFE_SNPRINTF();
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1113 ret = x509_dn_gets( p, n, &crt->issuer );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1114 SAFE_SNPRINTF();
1115
1116 ret = snprintf( p, n, "\n%ssubject name : ", prefix );
1117 SAFE_SNPRINTF();
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1118 ret = x509_dn_gets( p, n, &crt->subject );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1119 SAFE_SNPRINTF();
1120
1121 ret = snprintf( p, n, "\n%sissued on : " \
1122 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
1123 crt->valid_from.year, crt->valid_from.mon,
1124 crt->valid_from.day, crt->valid_from.hour,
1125 crt->valid_from.min, crt->valid_from.sec );
1126 SAFE_SNPRINTF();
1127
1128 ret = snprintf( p, n, "\n%sexpires on : " \
1129 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
1130 crt->valid_to.year, crt->valid_to.mon,
1131 crt->valid_to.day, crt->valid_to.hour,
1132 crt->valid_to.min, crt->valid_to.sec );
1133 SAFE_SNPRINTF();
1134
1135 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
1136 SAFE_SNPRINTF();
1137
1138 ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc );
1139 if( ret != 0 )
1140 ret = snprintf( p, n, "???" );
1141 else
1142 ret = snprintf( p, n, "%s", desc );
1143 SAFE_SNPRINTF();
1144
1145 if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON,
1146 pk_get_name( &crt->pk ) ) ) != 0 )
1147 {
1148 return( ret );
1149 }
1150
1151 ret = snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
1152 (int) pk_get_size( &crt->pk ) );
1153 SAFE_SNPRINTF();
1154
1155 return( (int) ( size - n ) );
1156}
1157
1158#if defined(POLARSSL_X509_CRL_PARSE_C)
1159/*
1160 * Return 1 if the certificate is revoked, or 0 otherwise.
1161 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1162int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1163{
1164 const x509_crl_entry *cur = &crl->entry;
1165
1166 while( cur != NULL && cur->serial.len != 0 )
1167 {
1168 if( crt->serial.len == cur->serial.len &&
1169 memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
1170 {
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1171 if( x509_time_expired( &cur->revocation_date ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1172 return( 1 );
1173 }
1174
1175 cur = cur->next;
1176 }
1177
1178 return( 0 );
1179}
1180
1181/*
1182 * Check that the given certificate is valid accoring to the CRL.
1183 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1184static int x509_crt_verifycrl( x509_crt *crt, x509_crt *ca,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1185 x509_crl *crl_list)
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1186{
1187 int flags = 0;
1188 unsigned char hash[POLARSSL_MD_MAX_SIZE];
1189 const md_info_t *md_info;
1190
1191 if( ca == NULL )
1192 return( flags );
1193
1194 /*
1195 * TODO: What happens if no CRL is present?
1196 * Suggestion: Revocation state should be unknown if no CRL is present.
1197 * For backwards compatibility this is not yet implemented.
1198 */
1199
1200 while( crl_list != NULL )
1201 {
1202 if( crl_list->version == 0 ||
1203 crl_list->issuer_raw.len != ca->subject_raw.len ||
1204 memcmp( crl_list->issuer_raw.p, ca->subject_raw.p,
1205 crl_list->issuer_raw.len ) != 0 )
1206 {
1207 crl_list = crl_list->next;
1208 continue;
1209 }
1210
1211 /*
1212 * Check if CRL is correctly signed by the trusted CA
1213 */
1214 md_info = md_info_from_type( crl_list->sig_md );
1215 if( md_info == NULL )
1216 {
1217 /*
1218 * Cannot check 'unknown' hash
1219 */
1220 flags |= BADCRL_NOT_TRUSTED;
1221 break;
1222 }
1223
1224 md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
1225
1226 if( pk_can_do( &ca->pk, crl_list->sig_pk ) == 0 ||
1227 pk_verify( &ca->pk, crl_list->sig_md, hash, md_info->size,
1228 crl_list->sig.p, crl_list->sig.len ) != 0 )
1229 {
1230 flags |= BADCRL_NOT_TRUSTED;
1231 break;
1232 }
1233
1234 /*
1235 * Check for validity of CRL (Do not drop out)
1236 */
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1237 if( x509_time_expired( &crl_list->next_update ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1238 flags |= BADCRL_EXPIRED;
1239
1240 /*
1241 * Check if certificate is revoked
1242 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1243 if( x509_crt_revoked(crt, crl_list) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1244 {
1245 flags |= BADCERT_REVOKED;
1246 break;
1247 }
1248
1249 crl_list = crl_list->next;
1250 }
1251 return flags;
1252}
1253#endif /* POLARSSL_X509_CRL_PARSE_C */
1254
1255// Equal == 0, inequal == 1
1256static int x509_name_cmp( const void *s1, const void *s2, size_t len )
1257{
1258 size_t i;
1259 unsigned char diff;
1260 const unsigned char *n1 = s1, *n2 = s2;
1261
1262 for( i = 0; i < len; i++ )
1263 {
1264 diff = n1[i] ^ n2[i];
1265
1266 if( ( n1[i] >= 'a' || n1[i] <= 'z' ) && ( diff == 0 || diff == 32 ) )
1267 continue;
1268
1269 if( ( n1[i] >= 'A' || n1[i] <= 'Z' ) && ( diff == 0 || diff == 32 ) )
1270 continue;
1271
1272 return( 1 );
1273 }
1274
1275 return( 0 );
1276}
1277
1278static int x509_wildcard_verify( const char *cn, x509_buf *name )
1279{
1280 size_t i;
1281 size_t cn_idx = 0;
1282
1283 if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' )
1284 return( 0 );
1285
1286 for( i = 0; i < strlen( cn ); ++i )
1287 {
1288 if( cn[i] == '.' )
1289 {
1290 cn_idx = i;
1291 break;
1292 }
1293 }
1294
1295 if( cn_idx == 0 )
1296 return( 0 );
1297
1298 if( strlen( cn ) - cn_idx == name->len - 1 &&
1299 x509_name_cmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
1300 {
1301 return( 1 );
1302 }
1303
1304 return( 0 );
1305}
1306
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1307static int x509_crt_verify_top(
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1308 x509_crt *child, x509_crt *trust_ca,
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1309 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1310 int (*f_vrfy)(void *, x509_crt *, int, int *),
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1311 void *p_vrfy )
1312{
1313 int ret;
1314 int ca_flags = 0, check_path_cnt = path_cnt + 1;
1315 unsigned char hash[POLARSSL_MD_MAX_SIZE];
1316 const md_info_t *md_info;
1317
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1318 if( x509_time_expired( &child->valid_to ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1319 *flags |= BADCERT_EXPIRED;
1320
1321 /*
1322 * Child is the top of the chain. Check against the trust_ca list.
1323 */
1324 *flags |= BADCERT_NOT_TRUSTED;
1325
1326 md_info = md_info_from_type( child->sig_md );
1327 if( md_info == NULL )
1328 {
1329 /*
1330 * Cannot check 'unknown', no need to try any CA
1331 */
1332 trust_ca = NULL;
1333 }
1334 else
1335 md( md_info, child->tbs.p, child->tbs.len, hash );
1336
1337 while( trust_ca != NULL )
1338 {
1339 if( trust_ca->version == 0 ||
1340 child->issuer_raw.len != trust_ca->subject_raw.len ||
1341 memcmp( child->issuer_raw.p, trust_ca->subject_raw.p,
1342 child->issuer_raw.len ) != 0 )
1343 {
1344 trust_ca = trust_ca->next;
1345 continue;
1346 }
1347
1348 /*
1349 * Reduce path_len to check against if top of the chain is
1350 * the same as the trusted CA
1351 */
1352 if( child->subject_raw.len == trust_ca->subject_raw.len &&
1353 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
1354 child->issuer_raw.len ) == 0 )
1355 {
1356 check_path_cnt--;
1357 }
1358
1359 if( trust_ca->max_pathlen > 0 &&
1360 trust_ca->max_pathlen < check_path_cnt )
1361 {
1362 trust_ca = trust_ca->next;
1363 continue;
1364 }
1365
1366 if( pk_can_do( &trust_ca->pk, child->sig_pk ) == 0 ||
1367 pk_verify( &trust_ca->pk, child->sig_md, hash, md_info->size,
1368 child->sig.p, child->sig.len ) != 0 )
1369 {
1370 trust_ca = trust_ca->next;
1371 continue;
1372 }
1373
1374 /*
1375 * Top of chain is signed by a trusted CA
1376 */
1377 *flags &= ~BADCERT_NOT_TRUSTED;
1378 break;
1379 }
1380
1381 /*
1382 * If top of chain is not the same as the trusted CA send a verify request
1383 * to the callback for any issues with validity and CRL presence for the
1384 * trusted CA certificate.
1385 */
1386 if( trust_ca != NULL &&
1387 ( child->subject_raw.len != trust_ca->subject_raw.len ||
1388 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
1389 child->issuer_raw.len ) != 0 ) )
1390 {
1391#if defined(POLARSSL_X509_CRL_PARSE_C)
1392 /* Check trusted CA's CRL for the chain's top crt */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1393 *flags |= x509_crt_verifycrl( child, trust_ca, ca_crl );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1394#endif
1395
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1396 if( x509_time_expired( &trust_ca->valid_to ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1397 ca_flags |= BADCERT_EXPIRED;
1398
1399 if( NULL != f_vrfy )
1400 {
1401 if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1, &ca_flags ) ) != 0 )
1402 return( ret );
1403 }
1404 }
1405
1406 /* Call callback on top cert */
1407 if( NULL != f_vrfy )
1408 {
1409 if( ( ret = f_vrfy(p_vrfy, child, path_cnt, flags ) ) != 0 )
1410 return( ret );
1411 }
1412
1413 *flags |= ca_flags;
1414
1415 return( 0 );
1416}
1417
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1418static int x509_crt_verify_child(
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1419 x509_crt *child, x509_crt *parent, x509_crt *trust_ca,
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1420 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1421 int (*f_vrfy)(void *, x509_crt *, int, int *),
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1422 void *p_vrfy )
1423{
1424 int ret;
1425 int parent_flags = 0;
1426 unsigned char hash[POLARSSL_MD_MAX_SIZE];
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1427 x509_crt *grandparent;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1428 const md_info_t *md_info;
1429
Paul Bakker86d0c192013-09-18 11:11:02 +0200[diff] [blame]1430 if( x509_time_expired( &child->valid_to ) )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1431 *flags |= BADCERT_EXPIRED;
1432
1433 md_info = md_info_from_type( child->sig_md );
1434 if( md_info == NULL )
1435 {
1436 /*
1437 * Cannot check 'unknown' hash
1438 */
1439 *flags |= BADCERT_NOT_TRUSTED;
1440 }
1441 else
1442 {
1443 md( md_info, child->tbs.p, child->tbs.len, hash );
1444
1445 if( pk_can_do( &parent->pk, child->sig_pk ) == 0 ||
1446 pk_verify( &parent->pk, child->sig_md, hash, md_info->size,
1447 child->sig.p, child->sig.len ) != 0 )
1448 {
1449 *flags |= BADCERT_NOT_TRUSTED;
1450 }
1451 }
1452
1453#if defined(POLARSSL_X509_CRL_PARSE_C)
1454 /* Check trusted CA's CRL for the given crt */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1455 *flags |= x509_crt_verifycrl(child, parent, ca_crl);
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1456#endif
1457
1458 grandparent = parent->next;
1459
1460 while( grandparent != NULL )
1461 {
1462 if( grandparent->version == 0 ||
1463 grandparent->ca_istrue == 0 ||
1464 parent->issuer_raw.len != grandparent->subject_raw.len ||
1465 memcmp( parent->issuer_raw.p, grandparent->subject_raw.p,
1466 parent->issuer_raw.len ) != 0 )
1467 {
1468 grandparent = grandparent->next;
1469 continue;
1470 }
1471 break;
1472 }
1473
1474 if( grandparent != NULL )
1475 {
1476 /*
1477 * Part of the chain
1478 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1479 ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1480 if( ret != 0 )
1481 return( ret );
1482 }
1483 else
1484 {
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1485 ret = x509_crt_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1486 if( ret != 0 )
1487 return( ret );
1488 }
1489
1490 /* child is verified to be a child of the parent, call verify callback */
1491 if( NULL != f_vrfy )
1492 if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
1493 return( ret );
1494
1495 *flags |= parent_flags;
1496
1497 return( 0 );
1498}
1499
1500/*
1501 * Verify the certificate validity
1502 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1503int x509_crt_verify( x509_crt *crt,
1504 x509_crt *trust_ca,
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1505 x509_crl *ca_crl,
1506 const char *cn, int *flags,
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1507 int (*f_vrfy)(void *, x509_crt *, int, int *),
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1508 void *p_vrfy )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1509{
1510 size_t cn_len;
1511 int ret;
1512 int pathlen = 0;
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1513 x509_crt *parent;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1514 x509_name *name;
1515 x509_sequence *cur = NULL;
1516
1517 *flags = 0;
1518
1519 if( cn != NULL )
1520 {
1521 name = &crt->subject;
1522 cn_len = strlen( cn );
1523
1524 if( crt->ext_types & EXT_SUBJECT_ALT_NAME )
1525 {
1526 cur = &crt->subject_alt_names;
1527
1528 while( cur != NULL )
1529 {
1530 if( cur->buf.len == cn_len &&
1531 x509_name_cmp( cn, cur->buf.p, cn_len ) == 0 )
1532 break;
1533
1534 if( cur->buf.len > 2 &&
1535 memcmp( cur->buf.p, "*.", 2 ) == 0 &&
1536 x509_wildcard_verify( cn, &cur->buf ) )
1537 break;
1538
1539 cur = cur->next;
1540 }
1541
1542 if( cur == NULL )
1543 *flags |= BADCERT_CN_MISMATCH;
1544 }
1545 else
1546 {
1547 while( name != NULL )
1548 {
1549 if( OID_CMP( OID_AT_CN, &name->oid ) )
1550 {
1551 if( name->val.len == cn_len &&
1552 x509_name_cmp( name->val.p, cn, cn_len ) == 0 )
1553 break;
1554
1555 if( name->val.len > 2 &&
1556 memcmp( name->val.p, "*.", 2 ) == 0 &&
1557 x509_wildcard_verify( cn, &name->val ) )
1558 break;
1559 }
1560
1561 name = name->next;
1562 }
1563
1564 if( name == NULL )
1565 *flags |= BADCERT_CN_MISMATCH;
1566 }
1567 }
1568
1569 /*
1570 * Iterate upwards in the given cert chain, to find our crt parent.
1571 * Ignore any upper cert with CA != TRUE.
1572 */
1573 parent = crt->next;
1574
1575 while( parent != NULL && parent->version != 0 )
1576 {
1577 if( parent->ca_istrue == 0 ||
1578 crt->issuer_raw.len != parent->subject_raw.len ||
1579 memcmp( crt->issuer_raw.p, parent->subject_raw.p,
1580 crt->issuer_raw.len ) != 0 )
1581 {
1582 parent = parent->next;
1583 continue;
1584 }
1585 break;
1586 }
1587
1588 if( parent != NULL )
1589 {
1590 /*
1591 * Part of the chain
1592 */
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1593 ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1594 if( ret != 0 )
1595 return( ret );
1596 }
1597 else
1598 {
Paul Bakkerddf26b42013-09-18 13:46:23 +0200[diff] [blame]1599 ret = x509_crt_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1600 if( ret != 0 )
1601 return( ret );
1602 }
1603
1604 if( *flags != 0 )
1605 return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED );
1606
1607 return( 0 );
1608}
1609
1610/*
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]1611 * Initialize a certificate chain
1612 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1613void x509_crt_init( x509_crt *crt )
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]1614{
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1615 memset( crt, 0, sizeof(x509_crt) );
Paul Bakker369d2eb2013-09-18 11:58:25 +0200[diff] [blame]1616}
1617
1618/*
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1619 * Unallocate all certificate data
1620 */
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1621void x509_crt_free( x509_crt *crt )
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1622{
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1623 x509_crt *cert_cur = crt;
1624 x509_crt *cert_prv;
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1625 x509_name *name_cur;
1626 x509_name *name_prv;
1627 x509_sequence *seq_cur;
1628 x509_sequence *seq_prv;
1629
1630 if( crt == NULL )
1631 return;
1632
1633 do
1634 {
1635 pk_free( &cert_cur->pk );
1636
1637 name_cur = cert_cur->issuer.next;
1638 while( name_cur != NULL )
1639 {
1640 name_prv = name_cur;
1641 name_cur = name_cur->next;
1642 memset( name_prv, 0, sizeof( x509_name ) );
1643 polarssl_free( name_prv );
1644 }
1645
1646 name_cur = cert_cur->subject.next;
1647 while( name_cur != NULL )
1648 {
1649 name_prv = name_cur;
1650 name_cur = name_cur->next;
1651 memset( name_prv, 0, sizeof( x509_name ) );
1652 polarssl_free( name_prv );
1653 }
1654
1655 seq_cur = cert_cur->ext_key_usage.next;
1656 while( seq_cur != NULL )
1657 {
1658 seq_prv = seq_cur;
1659 seq_cur = seq_cur->next;
1660 memset( seq_prv, 0, sizeof( x509_sequence ) );
1661 polarssl_free( seq_prv );
1662 }
1663
1664 seq_cur = cert_cur->subject_alt_names.next;
1665 while( seq_cur != NULL )
1666 {
1667 seq_prv = seq_cur;
1668 seq_cur = seq_cur->next;
1669 memset( seq_prv, 0, sizeof( x509_sequence ) );
1670 polarssl_free( seq_prv );
1671 }
1672
1673 if( cert_cur->raw.p != NULL )
1674 {
1675 memset( cert_cur->raw.p, 0, cert_cur->raw.len );
1676 polarssl_free( cert_cur->raw.p );
1677 }
1678
1679 cert_cur = cert_cur->next;
1680 }
1681 while( cert_cur != NULL );
1682
1683 cert_cur = crt;
1684 do
1685 {
1686 cert_prv = cert_cur;
1687 cert_cur = cert_cur->next;
1688
Paul Bakkerc559c7a2013-09-18 14:13:26 +0200[diff] [blame]1689 memset( cert_prv, 0, sizeof( x509_crt ) );
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1690 if( cert_prv != crt )
1691 polarssl_free( cert_prv );
1692 }
1693 while( cert_cur != NULL );
1694}
1695
Paul Bakker7c6b2c32013-09-16 13:49:26 +0200[diff] [blame]1696#endif