TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 20c12f6b5fe4ce73abcf001785056a085f746577 / . / library / x509parse.c
blob: a284fd122ece76db71c648539581e007525d9f82 [file] [log] [blame]
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1/*
2 * X.509 certificate and private key decoding
3 *
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]4 * Copyright (C) 2006-2013, Brainspark B.V.
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]5 *
6 * This file is part of PolarSSL (http://www.polarssl.org)
Paul Bakker84f12b72010-07-18 10:13:04 +0000[diff] [blame]7 * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Paul Bakkerb96f1542010-07-18 20:36:00 +0000[diff] [blame]8 *
Paul Bakker77b385e2009-07-28 17:23:11 +0000[diff] [blame]9 * All rights reserved.
Paul Bakkere0ccd0a2009-01-04 16:27:10 +0000[diff] [blame]10 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]11 * This program is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License along
22 * with this program; if not, write to the Free Software Foundation, Inc.,
23 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
24 */
25/*
Paul Bakkerad8d3542012-02-16 15:28:14 +0000[diff] [blame]26 * The ITU-T X.509 standard defines a certificate format for PKI.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]27 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]28 * http://www.ietf.org/rfc/rfc3279.txt
Paul Bakkerad8d3542012-02-16 15:28:14 +0000[diff] [blame]29 * http://www.ietf.org/rfc/rfc3280.txt
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]30 *
31 * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc
32 *
33 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
34 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
35 */
36
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]37#include "polarssl/config.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]38
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]39#if defined(POLARSSL_X509_PARSE_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]40
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]41#include "polarssl/x509.h"
Paul Bakkerefc30292011-11-10 14:43:23 +0000[diff] [blame]42#include "polarssl/asn1.h"
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]43#include "polarssl/oid.h"
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]44#include "polarssl/pem.h"
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]45#include "polarssl/dhm.h"
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]46#if defined(POLARSSL_PKCS5_C)
47#include "polarssl/pkcs5.h"
48#endif
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]49#if defined(POLARSSL_PKCS12_C)
50#include "polarssl/pkcs12.h"
51#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]52
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]53#if defined(POLARSSL_MEMORY_C)
54#include "polarssl/memory.h"
55#else
56#define polarssl_malloc malloc
57#define polarssl_free free
58#endif
59
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]60#include <string.h>
61#include <stdlib.h>
Paul Bakker4f229e52011-12-04 22:11:35 +0000[diff] [blame]62#if defined(_WIN32)
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]63#include <windows.h>
64#else
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]65#include <time.h>
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]66#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]67
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]68#if defined(POLARSSL_FS_IO)
69#include <stdio.h>
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]70#if !defined(_WIN32)
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]71#include <sys/types.h>
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]72#include <sys/stat.h>
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]73#include <dirent.h>
74#endif
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]75#endif
76
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]77/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]78 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
79 */
80static int x509_get_version( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]81 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]82 int *ver )
83{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]84 int ret;
85 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]86
87 if( ( ret = asn1_get_tag( p, end, &len,
88 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 )
89 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]90 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker2a1c5f52011-10-19 14:15:17 +0000[diff] [blame]91 {
92 *ver = 0;
93 return( 0 );
94 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]95
96 return( ret );
97 }
98
99 end = *p + len;
100
101 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]102 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]103
104 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]105 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]106 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]107
108 return( 0 );
109}
110
111/*
Paul Bakkerfae618f2011-10-12 11:53:52 +0000[diff] [blame]112 * Version ::= INTEGER { v1(0), v2(1) }
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]113 */
114static int x509_crl_get_version( unsigned char **p,
115 const unsigned char *end,
116 int *ver )
117{
118 int ret;
119
120 if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
121 {
122 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker2a1c5f52011-10-19 14:15:17 +0000[diff] [blame]123 {
124 *ver = 0;
125 return( 0 );
126 }
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]127
128 return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret );
129 }
130
131 return( 0 );
132}
133
134/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]135 * CertificateSerialNumber ::= INTEGER
136 */
137static int x509_get_serial( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]138 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]139 x509_buf *serial )
140{
141 int ret;
142
143 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]144 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]145 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]146
147 if( **p != ( ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2 ) &&
148 **p != ASN1_INTEGER )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]149 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]150 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]151
152 serial->tag = *(*p)++;
153
154 if( ( ret = asn1_get_len( p, end, &serial->len ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]155 return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]156
157 serial->p = *p;
158 *p += serial->len;
159
160 return( 0 );
161}
162
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]163/* Get an algorithm identifier and its parameters
164 *
165 * AlgorithmIdentifier ::= SEQUENCE {
166 * algorithm OBJECT IDENTIFIER,
167 * parameters ANY DEFINED BY algorithm OPTIONAL }
168 */
169static int x509_get_algid( unsigned char **p,
170 const unsigned char *end,
171 pk_type_t *pk_alg, x509_buf *params )
172{
173 int ret;
174 x509_buf alg_oid;
175
176 memset( params, 0, sizeof(asn1_buf) );
177
178 if( ( ret = asn1_get_alg( p, end, &alg_oid, params ) ) != 0 )
179 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
180
181 if( oid_get_pk_alg( &alg_oid, pk_alg ) != 0 )
182 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
183
184 /*
185 * No parameters with RSA (only for EC)
186 */
187 if( *pk_alg == POLARSSL_PK_RSA &&
188 ( ( params->tag != ASN1_NULL && params->tag != 0 ) ||
189 params->len != 0 ) )
190 {
191 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
192 }
193
194 return( 0 );
195}
196
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]197/*
198 * AlgorithmIdentifier ::= SEQUENCE {
199 * algorithm OBJECT IDENTIFIER,
200 * parameters ANY DEFINED BY algorithm OPTIONAL }
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]201 *
202 * If params_end is NULL, then parameters must be absent or ANS.1 NULL
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]203 */
204static int x509_get_alg( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]205 const unsigned char *end,
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]206 x509_buf *alg, const unsigned char **params_end )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]207{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]208 int ret;
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]209 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]210
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]211 if( params_end == NULL ) {
212 if( ( ret = asn1_get_alg_null( p, end, alg ) ) != 0 )
213 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
214
215 return( 0 );
216 }
217
218 /* TODO: use asn1_get_alg */
219 if( ( ret = asn1_get_tag( p, end, &len,
220 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
221 {
222 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
223 }
224
225 end = *p + len;
226 alg->tag = **p;
227
228 if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]229 return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]230
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]231 alg->p = *p;
232 *p += alg->len;
233
234 *params_end = end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]235 return( 0 );
236}
237
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]238/* Get an EC group id from an ECParameters buffer
239 *
240 * ECParameters ::= CHOICE {
241 * namedCurve OBJECT IDENTIFIER
242 * -- implicitCurve NULL
243 * -- specifiedCurve SpecifiedECDomain
244 * }
245 */
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]246static int x509_ecparams_get_grp_id( const x509_buf *params,
247 ecp_group_id *grp_id )
248{
249 if( oid_get_ec_grp( params, grp_id ) != 0 )
250 return( POLARSSL_ERR_X509_UNKNOWN_NAMED_CURVE );
251
252 return( 0 );
253}
254
255/* Get an EC group id from an ECParameters buffer
256 *
257 * ECParameters ::= CHOICE {
258 * namedCurve OBJECT IDENTIFIER
259 * -- implicitCurve NULL
260 * -- specifiedCurve SpecifiedECDomain
261 * }
262 */
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]263static int x509_get_ecparams( unsigned char **p, const unsigned char *end,
264 ecp_group_id *grp_id )
265{
266 int ret;
267 x509_buf curve;
268
269 curve.tag = **p;
270
271 if( ( ret = asn1_get_tag( p, end, &curve.len, ASN1_OID ) ) != 0 )
272 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
273
274 curve.p = *p;
275 *p += curve.len;
276
277 if( *p != end )
278 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
279 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
280
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]281 return( x509_ecparams_get_grp_id( &curve, grp_id ) );
Manuel Pégourié-Gonnardf838eed2013-07-02 14:56:43 +0200[diff] [blame]282}
283
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]284/*
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]285 * subjectPublicKey BIT STRING
286 * -- which, in our case, contains
287 * ECPoint ::= octet string (not ASN.1)
288 */
289static int x509_get_subpubkey_ec( unsigned char **p, const unsigned char *end,
290 const ecp_group *grp, ecp_point *pt )
291{
292 int ret;
293 size_t len;
294
295 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
296 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
297
298 if( *p + len != end )
299 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
300 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
301
302 /*
303 * First byte in the content of BIT STRING is the nummber of padding bit.
304 * Here it is always 0 since ECPoint is an octet string, so skip it.
305 */
306 ++*p;
307 --len;
308
309 if( ( ret = ecp_point_read_binary( grp, pt,
310 (const unsigned char *) *p, len ) ) != 0 )
311 {
312 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
313 }
314
315 return( 0 );
316}
317
318/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]319 * AttributeTypeAndValue ::= SEQUENCE {
320 * type AttributeType,
321 * value AttributeValue }
322 *
323 * AttributeType ::= OBJECT IDENTIFIER
324 *
325 * AttributeValue ::= ANY DEFINED BY AttributeType
326 */
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]327static int x509_get_attr_type_value( unsigned char **p,
328 const unsigned char *end,
329 x509_name *cur )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]330{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]331 int ret;
332 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]333 x509_buf *oid;
334 x509_buf *val;
335
336 if( ( ret = asn1_get_tag( p, end, &len,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]337 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]338 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]339
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]340 oid = &cur->oid;
341 oid->tag = **p;
342
343 if( ( ret = asn1_get_tag( p, end, &oid->len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]344 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]345
346 oid->p = *p;
347 *p += oid->len;
348
349 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]350 return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]351 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]352
353 if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING &&
354 **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING &&
355 **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]356 return( POLARSSL_ERR_X509_CERT_INVALID_NAME +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]357 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]358
359 val = &cur->val;
360 val->tag = *(*p)++;
361
362 if( ( ret = asn1_get_len( p, end, &val->len ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]363 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]364
365 val->p = *p;
366 *p += val->len;
367
368 cur->next = NULL;
369
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]370 return( 0 );
371}
372
373/*
374 * RelativeDistinguishedName ::=
375 * SET OF AttributeTypeAndValue
376 *
377 * AttributeTypeAndValue ::= SEQUENCE {
378 * type AttributeType,
379 * value AttributeValue }
380 *
381 * AttributeType ::= OBJECT IDENTIFIER
382 *
383 * AttributeValue ::= ANY DEFINED BY AttributeType
384 */
385static int x509_get_name( unsigned char **p,
386 const unsigned char *end,
387 x509_name *cur )
388{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]389 int ret;
390 size_t len;
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]391 const unsigned char *end2;
392 x509_name *use;
393
394 if( ( ret = asn1_get_tag( p, end, &len,
395 ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]396 return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret );
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]397
398 end2 = end;
399 end = *p + len;
400 use = cur;
401
402 do
403 {
404 if( ( ret = x509_get_attr_type_value( p, end, use ) ) != 0 )
405 return( ret );
406
407 if( *p != end )
408 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]409 use->next = (x509_name *) polarssl_malloc(
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]410 sizeof( x509_name ) );
411
412 if( use->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]413 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]414
415 memset( use->next, 0, sizeof( x509_name ) );
416
417 use = use->next;
418 }
419 }
420 while( *p != end );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]421
422 /*
423 * recurse until end of SEQUENCE is reached
424 */
425 if( *p == end2 )
426 return( 0 );
427
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]428 cur->next = (x509_name *) polarssl_malloc(
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]429 sizeof( x509_name ) );
430
431 if( cur->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]432 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]433
Paul Bakker430ffbe2012-05-01 08:14:20 +0000[diff] [blame]434 memset( cur->next, 0, sizeof( x509_name ) );
435
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]436 return( x509_get_name( p, end2, cur->next ) );
437}
438
439/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]440 * Time ::= CHOICE {
441 * utcTime UTCTime,
442 * generalTime GeneralizedTime }
443 */
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]444static int x509_get_time( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]445 const unsigned char *end,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]446 x509_time *time )
447{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]448 int ret;
449 size_t len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]450 char date[64];
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]451 unsigned char tag;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]452
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]453 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]454 return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
455 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]456
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]457 tag = **p;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]458
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]459 if ( tag == ASN1_UTC_TIME )
460 {
461 (*p)++;
462 ret = asn1_get_len( p, end, &len );
463
464 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]465 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]466
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]467 memset( date, 0, sizeof( date ) );
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]468 memcpy( date, *p, ( len < sizeof( date ) - 1 ) ?
469 len : sizeof( date ) - 1 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]470
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]471 if( sscanf( date, "%2d%2d%2d%2d%2d%2d",
472 &time->year, &time->mon, &time->day,
473 &time->hour, &time->min, &time->sec ) < 5 )
474 return( POLARSSL_ERR_X509_CERT_INVALID_DATE );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]475
Paul Bakker400ff6f2011-02-20 10:40:16 +0000[diff] [blame]476 time->year += 100 * ( time->year < 50 );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]477 time->year += 1900;
478
479 *p += len;
480
481 return( 0 );
482 }
483 else if ( tag == ASN1_GENERALIZED_TIME )
484 {
485 (*p)++;
486 ret = asn1_get_len( p, end, &len );
487
488 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]489 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]490
491 memset( date, 0, sizeof( date ) );
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]492 memcpy( date, *p, ( len < sizeof( date ) - 1 ) ?
493 len : sizeof( date ) - 1 );
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]494
495 if( sscanf( date, "%4d%2d%2d%2d%2d%2d",
496 &time->year, &time->mon, &time->day,
497 &time->hour, &time->min, &time->sec ) < 5 )
498 return( POLARSSL_ERR_X509_CERT_INVALID_DATE );
499
500 *p += len;
501
502 return( 0 );
503 }
504 else
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]505 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]506}
507
508
509/*
510 * Validity ::= SEQUENCE {
511 * notBefore Time,
512 * notAfter Time }
513 */
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]514static int x509_get_dates( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]515 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]516 x509_time *from,
517 x509_time *to )
518{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]519 int ret;
520 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]521
522 if( ( ret = asn1_get_tag( p, end, &len,
523 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]524 return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]525
526 end = *p + len;
527
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]528 if( ( ret = x509_get_time( p, end, from ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]529 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]530
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]531 if( ( ret = x509_get_time( p, end, to ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]532 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]533
534 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]535 return( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]536 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]537
538 return( 0 );
539}
540
541/*
542 * SubjectPublicKeyInfo ::= SEQUENCE {
543 * algorithm AlgorithmIdentifier,
544 * subjectPublicKey BIT STRING }
545 */
546static int x509_get_pubkey( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]547 const unsigned char *end,
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]548 rsa_context *rsa )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]549{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]550 int ret;
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]551 size_t len;
Manuel Pégourié-Gonnard788db112013-07-09 11:26:17 +0200[diff] [blame]552 x509_buf pk_alg_oid;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]553 unsigned char *end2;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]554 pk_type_t pk_alg = POLARSSL_PK_NONE;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]555
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]556 if( ( ret = asn1_get_tag( p, end, &len,
557 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
558 {
559 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
560 }
561
562 end = *p + len;
563
Manuel Pégourié-Gonnard788db112013-07-09 11:26:17 +0200[diff] [blame]564 if( ( ret = asn1_get_alg_null( p, end, &pk_alg_oid ) ) != 0 )
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]565 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]566
567 /*
568 * only RSA public keys handled at this time
569 */
Manuel Pégourié-Gonnard788db112013-07-09 11:26:17 +0200[diff] [blame]570 if( oid_get_pk_alg( &pk_alg_oid, &pk_alg ) != 0 )
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]571 {
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]572 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]573 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]574
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]575 if (pk_alg != POLARSSL_PK_RSA )
576 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
577
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]578 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]579 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]580
581 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]582 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]583 POLARSSL_ERR_ASN1_OUT_OF_DATA );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]584
585 end2 = *p + len;
586
587 if( *(*p)++ != 0 )
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]588 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]589
590 /*
591 * RSAPublicKey ::= SEQUENCE {
592 * modulus INTEGER, -- n
593 * publicExponent INTEGER -- e
594 * }
595 */
596 if( ( ret = asn1_get_tag( p, end2, &len,
597 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]598 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]599
600 if( *p + len != end2 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]601 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]602 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]603
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]604 if( ( ret = asn1_get_mpi( p, end2, &rsa->N ) ) != 0 ||
605 ( ret = asn1_get_mpi( p, end2, &rsa->E ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]606 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]607
608 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]609 return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]610 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]611
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]612 if( ( ret = rsa_check_pubkey( rsa ) ) != 0 )
613 return( ret );
614
615 rsa->len = mpi_size( &rsa->N );
616
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]617 return( 0 );
618}
619
620static int x509_get_sig( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]621 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]622 x509_buf *sig )
623{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]624 int ret;
625 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]626
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]627 if( ( end - *p ) < 1 )
628 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE +
629 POLARSSL_ERR_ASN1_OUT_OF_DATA );
630
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]631 sig->tag = **p;
632
633 if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]634 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]635
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]636
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]637 if( --len < 1 || *(*p)++ != 0 )
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]638 return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]639
640 sig->len = len;
641 sig->p = *p;
642
643 *p += len;
644
645 return( 0 );
646}
647
648/*
649 * X.509 v2/v3 unique identifier (not parsed)
650 */
651static int x509_get_uid( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]652 const unsigned char *end,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]653 x509_buf *uid, int n )
654{
655 int ret;
656
657 if( *p == end )
658 return( 0 );
659
660 uid->tag = **p;
661
662 if( ( ret = asn1_get_tag( p, end, &uid->len,
663 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n ) ) != 0 )
664 {
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]665 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]666 return( 0 );
667
668 return( ret );
669 }
670
671 uid->p = *p;
672 *p += uid->len;
673
674 return( 0 );
675}
676
677/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]678 * X.509 Extensions (No parsing of extensions, pointer should
679 * be either manually updated or extensions should be parsed!
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]680 */
681static int x509_get_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]682 const unsigned char *end,
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]683 x509_buf *ext, int tag )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]684{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]685 int ret;
686 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]687
688 if( *p == end )
689 return( 0 );
690
691 ext->tag = **p;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]692
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]693 if( ( ret = asn1_get_tag( p, end, &ext->len,
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]694 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | tag ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]695 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]696
697 ext->p = *p;
698 end = *p + ext->len;
699
700 /*
701 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
702 *
703 * Extension ::= SEQUENCE {
704 * extnID OBJECT IDENTIFIER,
705 * critical BOOLEAN DEFAULT FALSE,
706 * extnValue OCTET STRING }
707 */
708 if( ( ret = asn1_get_tag( p, end, &len,
709 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]710 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]711
712 if( end != *p + len )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]713 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]714 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]715
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]716 return( 0 );
717}
718
719/*
720 * X.509 CRL v2 extensions (no extensions parsed yet.)
721 */
722static int x509_get_crl_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]723 const unsigned char *end,
724 x509_buf *ext )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]725{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]726 int ret;
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]727 size_t len = 0;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]728
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]729 /* Get explicit tag */
730 if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]731 {
732 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
733 return( 0 );
734
735 return( ret );
736 }
737
738 while( *p < end )
739 {
740 if( ( ret = asn1_get_tag( p, end, &len,
741 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]742 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]743
744 *p += len;
745 }
746
747 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]748 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]749 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
750
751 return( 0 );
752}
753
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]754/*
755 * X.509 CRL v2 entry extensions (no extensions parsed yet.)
756 */
757static int x509_get_crl_entry_ext( unsigned char **p,
758 const unsigned char *end,
759 x509_buf *ext )
760{
761 int ret;
762 size_t len = 0;
763
764 /* OPTIONAL */
765 if (end <= *p)
766 return( 0 );
767
768 ext->tag = **p;
769 ext->p = *p;
770
771 /*
772 * Get CRL-entry extension sequence header
773 * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2
774 */
775 if( ( ret = asn1_get_tag( p, end, &ext->len,
776 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
777 {
778 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
779 {
780 ext->p = NULL;
781 return( 0 );
782 }
783 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
784 }
785
786 end = *p + ext->len;
787
788 if( end != *p + ext->len )
789 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
790 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
791
792 while( *p < end )
793 {
794 if( ( ret = asn1_get_tag( p, end, &len,
795 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
796 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
797
798 *p += len;
799 }
800
801 if( *p != end )
802 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
803 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
804
805 return( 0 );
806}
807
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]808static int x509_get_basic_constraints( unsigned char **p,
809 const unsigned char *end,
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]810 int *ca_istrue,
811 int *max_pathlen )
812{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]813 int ret;
814 size_t len;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]815
816 /*
817 * BasicConstraints ::= SEQUENCE {
818 * cA BOOLEAN DEFAULT FALSE,
819 * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
820 */
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]821 *ca_istrue = 0; /* DEFAULT FALSE */
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]822 *max_pathlen = 0; /* endless */
823
824 if( ( ret = asn1_get_tag( p, end, &len,
825 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]826 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]827
828 if( *p == end )
829 return 0;
830
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]831 if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 )
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]832 {
833 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]834 ret = asn1_get_int( p, end, ca_istrue );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]835
836 if( ret != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]837 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]838
Paul Bakker3cccddb2011-01-16 21:46:31 +0000[diff] [blame]839 if( *ca_istrue != 0 )
840 *ca_istrue = 1;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]841 }
842
843 if( *p == end )
844 return 0;
845
846 if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]847 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]848
849 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]850 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]851 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
852
853 (*max_pathlen)++;
854
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]855 return 0;
856}
857
858static int x509_get_ns_cert_type( unsigned char **p,
859 const unsigned char *end,
860 unsigned char *ns_cert_type)
861{
862 int ret;
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]863 x509_bitstring bs = { 0, 0, NULL };
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]864
865 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]866 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]867
868 if( bs.len != 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]869 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]870 POLARSSL_ERR_ASN1_INVALID_LENGTH );
871
872 /* Get actual bitstring */
873 *ns_cert_type = *bs.p;
874 return 0;
875}
876
877static int x509_get_key_usage( unsigned char **p,
878 const unsigned char *end,
879 unsigned char *key_usage)
880{
881 int ret;
Paul Bakkerd61e7d92011-01-18 16:17:47 +0000[diff] [blame]882 x509_bitstring bs = { 0, 0, NULL };
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]883
884 if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]885 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]886
Paul Bakker94a67962012-08-23 13:03:52 +0000[diff] [blame]887 if( bs.len < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]888 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]889 POLARSSL_ERR_ASN1_INVALID_LENGTH );
890
891 /* Get actual bitstring */
892 *key_usage = *bs.p;
893 return 0;
894}
895
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]896/*
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]897 * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
898 *
899 * KeyPurposeId ::= OBJECT IDENTIFIER
900 */
901static int x509_get_ext_key_usage( unsigned char **p,
902 const unsigned char *end,
903 x509_sequence *ext_key_usage)
904{
905 int ret;
906
907 if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]908 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]909
910 /* Sequence length must be >= 1 */
911 if( ext_key_usage->buf.p == NULL )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]912 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]913 POLARSSL_ERR_ASN1_INVALID_LENGTH );
914
915 return 0;
916}
917
918/*
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]919 * SubjectAltName ::= GeneralNames
920 *
921 * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
922 *
923 * GeneralName ::= CHOICE {
924 * otherName [0] OtherName,
925 * rfc822Name [1] IA5String,
926 * dNSName [2] IA5String,
927 * x400Address [3] ORAddress,
928 * directoryName [4] Name,
929 * ediPartyName [5] EDIPartyName,
930 * uniformResourceIdentifier [6] IA5String,
931 * iPAddress [7] OCTET STRING,
932 * registeredID [8] OBJECT IDENTIFIER }
933 *
934 * OtherName ::= SEQUENCE {
935 * type-id OBJECT IDENTIFIER,
936 * value [0] EXPLICIT ANY DEFINED BY type-id }
937 *
938 * EDIPartyName ::= SEQUENCE {
939 * nameAssigner [0] DirectoryString OPTIONAL,
940 * partyName [1] DirectoryString }
941 *
942 * NOTE: PolarSSL only parses and uses dNSName at this point.
943 */
944static int x509_get_subject_alt_name( unsigned char **p,
945 const unsigned char *end,
946 x509_sequence *subject_alt_name )
947{
948 int ret;
949 size_t len, tag_len;
950 asn1_buf *buf;
951 unsigned char tag;
952 asn1_sequence *cur = subject_alt_name;
953
954 /* Get main sequence tag */
955 if( ( ret = asn1_get_tag( p, end, &len,
956 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
957 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
958
959 if( *p + len != end )
960 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
961 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
962
963 while( *p < end )
964 {
965 if( ( end - *p ) < 1 )
966 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
967 POLARSSL_ERR_ASN1_OUT_OF_DATA );
968
969 tag = **p;
970 (*p)++;
971 if( ( ret = asn1_get_len( p, end, &tag_len ) ) != 0 )
972 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
973
974 if( ( tag & ASN1_CONTEXT_SPECIFIC ) != ASN1_CONTEXT_SPECIFIC )
975 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
976 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
977
978 if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) )
979 {
980 *p += tag_len;
981 continue;
982 }
983
984 buf = &(cur->buf);
985 buf->tag = tag;
986 buf->p = *p;
987 buf->len = tag_len;
988 *p += buf->len;
989
990 /* Allocate and assign next pointer */
991 if (*p < end)
992 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]993 cur->next = (asn1_sequence *) polarssl_malloc(
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]994 sizeof( asn1_sequence ) );
995
996 if( cur->next == NULL )
997 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
998 POLARSSL_ERR_ASN1_MALLOC_FAILED );
999
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]1000 memset( cur->next, 0, sizeof( asn1_sequence ) );
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]1001 cur = cur->next;
1002 }
1003 }
1004
1005 /* Set final sequence entry's next pointer to NULL */
1006 cur->next = NULL;
1007
1008 if( *p != end )
1009 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
1010 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1011
1012 return( 0 );
1013}
1014
1015/*
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1016 * X.509 v3 extensions
1017 *
1018 * TODO: Perform all of the basic constraints tests required by the RFC
1019 * TODO: Set values for undetected extensions to a sane default?
1020 *
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1021 */
1022static int x509_get_crt_ext( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1023 const unsigned char *end,
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1024 x509_cert *crt )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1025{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1026 int ret;
1027 size_t len;
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1028 unsigned char *end_ext_data, *end_ext_octet;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1029
Paul Bakkerfbc09f32011-10-12 09:56:41 +0000[diff] [blame]1030 if( ( ret = x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1031 {
1032 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
1033 return( 0 );
1034
1035 return( ret );
1036 }
1037
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1038 while( *p < end )
1039 {
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1040 /*
1041 * Extension ::= SEQUENCE {
1042 * extnID OBJECT IDENTIFIER,
1043 * critical BOOLEAN DEFAULT FALSE,
1044 * extnValue OCTET STRING }
1045 */
1046 x509_buf extn_oid = {0, 0, NULL};
1047 int is_critical = 0; /* DEFAULT FALSE */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1048 int ext_type = 0;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1049
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1050 if( ( ret = asn1_get_tag( p, end, &len,
1051 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1052 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1053
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1054 end_ext_data = *p + len;
1055
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1056 /* Get extension ID */
1057 extn_oid.tag = **p;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1058
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1059 if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1060 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1061
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1062 extn_oid.p = *p;
1063 *p += extn_oid.len;
1064
1065 if( ( end - *p ) < 1 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1066 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1067 POLARSSL_ERR_ASN1_OUT_OF_DATA );
1068
1069 /* Get optional critical */
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1070 if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 &&
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1071 ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1072 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1073
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1074 /* Data should be octet string type */
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1075 if( ( ret = asn1_get_tag( p, end_ext_data, &len,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1076 ASN1_OCTET_STRING ) ) != 0 )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1077 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1078
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1079 end_ext_octet = *p + len;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1080
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1081 if( end_ext_octet != end_ext_data )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1082 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakkerc6ce8382009-07-27 21:34:45 +0000[diff] [blame]1083 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1084
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1085 /*
1086 * Detect supported extensions
1087 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1088 ret = oid_get_x509_ext_type( &extn_oid, &ext_type );
1089
1090 if( ret != 0 )
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1091 {
1092 /* No parser found, skip extension */
1093 *p = end_ext_octet;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1094
Paul Bakker5c721f92011-07-27 16:51:09 +0000[diff] [blame]1095#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION)
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1096 if( is_critical )
1097 {
1098 /* Data is marked as critical: fail */
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1099 return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1100 POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
1101 }
Paul Bakker5c721f92011-07-27 16:51:09 +0000[diff] [blame]1102#endif
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1103 continue;
1104 }
1105
1106 crt->ext_types |= ext_type;
1107
1108 switch( ext_type )
1109 {
1110 case EXT_BASIC_CONSTRAINTS:
1111 /* Parse basic constraints */
1112 if( ( ret = x509_get_basic_constraints( p, end_ext_octet,
1113 &crt->ca_istrue, &crt->max_pathlen ) ) != 0 )
1114 return ( ret );
1115 break;
1116
1117 case EXT_KEY_USAGE:
1118 /* Parse key usage */
1119 if( ( ret = x509_get_key_usage( p, end_ext_octet,
1120 &crt->key_usage ) ) != 0 )
1121 return ( ret );
1122 break;
1123
1124 case EXT_EXTENDED_KEY_USAGE:
1125 /* Parse extended key usage */
1126 if( ( ret = x509_get_ext_key_usage( p, end_ext_octet,
1127 &crt->ext_key_usage ) ) != 0 )
1128 return ( ret );
1129 break;
1130
1131 case EXT_SUBJECT_ALT_NAME:
1132 /* Parse subject alt name */
1133 if( ( ret = x509_get_subject_alt_name( p, end_ext_octet,
1134 &crt->subject_alt_names ) ) != 0 )
1135 return ( ret );
1136 break;
1137
1138 case EXT_NS_CERT_TYPE:
1139 /* Parse netscape certificate type */
1140 if( ( ret = x509_get_ns_cert_type( p, end_ext_octet,
1141 &crt->ns_cert_type ) ) != 0 )
1142 return ( ret );
1143 break;
1144
1145 default:
1146 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1147 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1148 }
1149
1150 if( *p != end )
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1151 return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1152 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1153
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1154 return( 0 );
1155}
1156
1157/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1158 * X.509 CRL Entries
1159 */
1160static int x509_get_entries( unsigned char **p,
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]1161 const unsigned char *end,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1162 x509_crl_entry *entry )
1163{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1164 int ret;
1165 size_t entry_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1166 x509_crl_entry *cur_entry = entry;
1167
1168 if( *p == end )
1169 return( 0 );
1170
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1171 if( ( ret = asn1_get_tag( p, end, &entry_len,
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1172 ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
1173 {
1174 if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
1175 return( 0 );
1176
1177 return( ret );
1178 }
1179
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1180 end = *p + entry_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1181
1182 while( *p < end )
1183 {
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1184 size_t len2;
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1185 const unsigned char *end2;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1186
1187 if( ( ret = asn1_get_tag( p, end, &len2,
1188 ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
1189 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1190 return( ret );
1191 }
1192
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1193 cur_entry->raw.tag = **p;
1194 cur_entry->raw.p = *p;
1195 cur_entry->raw.len = len2;
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1196 end2 = *p + len2;
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1197
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1198 if( ( ret = x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1199 return( ret );
1200
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1201 if( ( ret = x509_get_time( p, end2, &cur_entry->revocation_date ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1202 return( ret );
1203
Paul Bakkerb5a11ab2011-10-12 09:58:41 +0000[diff] [blame]1204 if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->entry_ext ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1205 return( ret );
1206
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1207 if ( *p < end )
1208 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1209 cur_entry->next = polarssl_malloc( sizeof( x509_crl_entry ) );
Paul Bakkerb15b8512012-01-13 13:44:06 +0000[diff] [blame]1210
1211 if( cur_entry->next == NULL )
1212 return( POLARSSL_ERR_X509_MALLOC_FAILED );
1213
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1214 cur_entry = cur_entry->next;
1215 memset( cur_entry, 0, sizeof( x509_crl_entry ) );
1216 }
1217 }
1218
1219 return( 0 );
1220}
1221
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1222static int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
1223 pk_type_t *pk_alg )
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1224{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1225 int ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1226
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1227 if( ret != 0 )
1228 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG + ret );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1229
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1230 return( 0 );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1231}
1232
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1233/*
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1234 * Parse and fill a single X.509 certificate in DER format
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1235 */
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]1236static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
1237 size_t buflen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1238{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1239 int ret;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1240 size_t len;
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1241 unsigned char *p, *end, *crt_end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1242
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1243 /*
1244 * Check for valid input
1245 */
1246 if( crt == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1247 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1248
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1249 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1250
1251 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1252 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1253
1254 memcpy( p, buf, buflen );
1255
1256 buflen = 0;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1257
1258 crt->raw.p = p;
1259 crt->raw.len = len;
1260 end = p + len;
1261
1262 /*
1263 * Certificate ::= SEQUENCE {
1264 * tbsCertificate TBSCertificate,
1265 * signatureAlgorithm AlgorithmIdentifier,
1266 * signatureValue BIT STRING }
1267 */
1268 if( ( ret = asn1_get_tag( &p, end, &len,
1269 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1270 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1271 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1272 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1273 }
1274
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1275 if( len > (size_t) ( end - p ) )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1276 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1277 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1278 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1279 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1280 }
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1281 crt_end = p + len;
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1282
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1283 /*
1284 * TBSCertificate ::= SEQUENCE {
1285 */
1286 crt->tbs.p = p;
1287
1288 if( ( ret = asn1_get_tag( &p, end, &len,
1289 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1290 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1291 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1292 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1293 }
1294
1295 end = p + len;
1296 crt->tbs.len = end - crt->tbs.p;
1297
1298 /*
1299 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
1300 *
1301 * CertificateSerialNumber ::= INTEGER
1302 *
1303 * signature AlgorithmIdentifier
1304 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1305 if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
1306 ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
1307 ( ret = x509_get_alg( &p, end, &crt->sig_oid1, NULL ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1308 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1309 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1310 return( ret );
1311 }
1312
1313 crt->version++;
1314
1315 if( crt->version > 3 )
1316 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1317 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1318 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1319 }
1320
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1321 if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md,
1322 &crt->sig_pk ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1323 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1324 x509_free( crt );
Paul Bakker27d66162010-03-17 06:56:01 +0000[diff] [blame]1325 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1326 }
1327
1328 /*
1329 * issuer Name
1330 */
1331 crt->issuer_raw.p = p;
1332
1333 if( ( ret = asn1_get_tag( &p, end, &len,
1334 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1335 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1336 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1337 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1338 }
1339
1340 if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 )
1341 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1342 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1343 return( ret );
1344 }
1345
1346 crt->issuer_raw.len = p - crt->issuer_raw.p;
1347
1348 /*
1349 * Validity ::= SEQUENCE {
1350 * notBefore Time,
1351 * notAfter Time }
1352 *
1353 */
1354 if( ( ret = x509_get_dates( &p, end, &crt->valid_from,
1355 &crt->valid_to ) ) != 0 )
1356 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1357 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1358 return( ret );
1359 }
1360
1361 /*
1362 * subject Name
1363 */
1364 crt->subject_raw.p = p;
1365
1366 if( ( ret = asn1_get_tag( &p, end, &len,
1367 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1368 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1369 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1370 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1371 }
1372
Paul Bakkercefb3962012-06-27 11:51:09 +0000[diff] [blame]1373 if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1374 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1375 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1376 return( ret );
1377 }
1378
1379 crt->subject_raw.len = p - crt->subject_raw.p;
1380
1381 /*
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]1382 * SubjectPublicKeyInfo
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1383 */
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]1384 if( ( ret = x509_get_pubkey( &p, end,
1385 &crt->rsa ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1386 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1387 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1388 return( ret );
1389 }
1390
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1391 /*
1392 * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
1393 * -- If present, version shall be v2 or v3
1394 * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
1395 * -- If present, version shall be v2 or v3
1396 * extensions [3] EXPLICIT Extensions OPTIONAL
1397 * -- If present, version shall be v3
1398 */
1399 if( crt->version == 2 || crt->version == 3 )
1400 {
1401 ret = x509_get_uid( &p, end, &crt->issuer_id, 1 );
1402 if( ret != 0 )
1403 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1404 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1405 return( ret );
1406 }
1407 }
1408
1409 if( crt->version == 2 || crt->version == 3 )
1410 {
1411 ret = x509_get_uid( &p, end, &crt->subject_id, 2 );
1412 if( ret != 0 )
1413 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1414 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1415 return( ret );
1416 }
1417 }
1418
1419 if( crt->version == 3 )
1420 {
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]1421 ret = x509_get_crt_ext( &p, end, crt);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1422 if( ret != 0 )
1423 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1424 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1425 return( ret );
1426 }
1427 }
1428
1429 if( p != end )
1430 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1431 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1432 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1433 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1434 }
1435
Paul Bakkerb00ca422012-09-25 12:10:00 +0000[diff] [blame]1436 end = crt_end;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1437
1438 /*
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]1439 * }
1440 * -- end of TBSCertificate
1441 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1442 * signatureAlgorithm AlgorithmIdentifier,
1443 * signatureValue BIT STRING
1444 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1445 if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, NULL ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1446 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1447 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1448 return( ret );
1449 }
1450
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]1451 if( crt->sig_oid1.len != crt->sig_oid2.len ||
1452 memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1453 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1454 x509_free( crt );
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1455 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1456 }
1457
1458 if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 )
1459 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1460 x509_free( crt );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1461 return( ret );
1462 }
1463
1464 if( p != end )
1465 {
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1466 x509_free( crt );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1467 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]1468 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1469 }
1470
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1471 return( 0 );
1472}
1473
1474/*
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1475 * Parse one X.509 certificate in DER format from a buffer and add them to a
1476 * chained list
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1477 */
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1478int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1479{
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1480 int ret;
1481 x509_cert *crt = chain, *prev = NULL;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1482
1483 /*
1484 * Check for valid input
1485 */
1486 if( crt == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1487 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1488
1489 while( crt->version != 0 && crt->next != NULL )
1490 {
1491 prev = crt;
1492 crt = crt->next;
1493 }
1494
1495 /*
1496 * Add new certificate on the end of the chain if needed.
1497 */
1498 if ( crt->version != 0 && crt->next == NULL)
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1499 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1500 crt->next = (x509_cert *) polarssl_malloc( sizeof( x509_cert ) );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1501
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1502 if( crt->next == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1503 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1504
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1505 prev = crt;
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1506 crt = crt->next;
1507 memset( crt, 0, sizeof( x509_cert ) );
Paul Bakker320a4b52009-03-28 18:52:39 +0000[diff] [blame]1508 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1509
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1510 if( ( ret = x509parse_crt_der_core( crt, buf, buflen ) ) != 0 )
1511 {
1512 if( prev )
1513 prev->next = NULL;
1514
1515 if( crt != chain )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1516 polarssl_free( crt );
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1517
1518 return( ret );
1519 }
1520
1521 return( 0 );
1522}
1523
1524/*
1525 * Parse one or more PEM certificates from a buffer and add them to the chained list
1526 */
1527int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen )
1528{
1529 int ret, success = 0, first_error = 0, total_failed = 0;
1530 int buf_format = X509_FORMAT_DER;
1531
1532 /*
1533 * Check for valid input
1534 */
1535 if( chain == NULL || buf == NULL )
1536 return( POLARSSL_ERR_X509_INVALID_INPUT );
1537
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1538 /*
1539 * Determine buffer content. Buffer contains either one DER certificate or
1540 * one or more PEM certificates.
1541 */
1542#if defined(POLARSSL_PEM_C)
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]1543 if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1544 buf_format = X509_FORMAT_PEM;
1545#endif
1546
1547 if( buf_format == X509_FORMAT_DER )
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1548 return x509parse_crt_der( chain, buf, buflen );
1549
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1550#if defined(POLARSSL_PEM_C)
1551 if( buf_format == X509_FORMAT_PEM )
1552 {
1553 pem_context pem;
1554
1555 while( buflen > 0 )
1556 {
1557 size_t use_len;
1558 pem_init( &pem );
1559
1560 ret = pem_read_buffer( &pem,
1561 "-----BEGIN CERTIFICATE-----",
1562 "-----END CERTIFICATE-----",
1563 buf, NULL, 0, &use_len );
1564
1565 if( ret == 0 )
1566 {
1567 /*
1568 * Was PEM encoded
1569 */
1570 buflen -= use_len;
1571 buf += use_len;
1572 }
Paul Bakker5ed3b342013-06-24 19:05:46 +0200[diff] [blame]1573 else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA )
1574 {
1575 return( ret );
1576 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]1577 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1578 {
1579 pem_free( &pem );
1580
Paul Bakker5ed3b342013-06-24 19:05:46 +0200[diff] [blame]1581 /*
1582 * PEM header and footer were found
1583 */
1584 buflen -= use_len;
1585 buf += use_len;
1586
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1587 if( first_error == 0 )
1588 first_error = ret;
1589
1590 continue;
1591 }
1592 else
1593 break;
1594
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1595 ret = x509parse_crt_der( chain, pem.buf, pem.buflen );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1596
1597 pem_free( &pem );
1598
1599 if( ret != 0 )
1600 {
1601 /*
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1602 * Quit parsing on a memory error
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1603 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1604 if( ret == POLARSSL_ERR_X509_MALLOC_FAILED )
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1605 return( ret );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1606
1607 if( first_error == 0 )
1608 first_error = ret;
1609
Paul Bakker42c65812013-06-24 19:21:59 +0200[diff] [blame]1610 total_failed++;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1611 continue;
1612 }
1613
1614 success = 1;
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1615 }
1616 }
1617#endif
1618
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1619 if( success )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1620 return( total_failed );
Paul Bakker6c0ceb32011-12-04 12:24:18 +0000[diff] [blame]1621 else if( first_error )
1622 return( first_error );
1623 else
1624 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1625}
1626
1627/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1628 * Parse one or more CRLs and add them to the chained list
1629 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1630int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1631{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1632 int ret;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1633 size_t len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1634 unsigned char *p, *end;
1635 x509_crl *crl;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1636#if defined(POLARSSL_PEM_C)
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]1637 size_t use_len;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1638 pem_context pem;
1639#endif
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1640
1641 crl = chain;
1642
1643 /*
1644 * Check for valid input
1645 */
1646 if( crl == NULL || buf == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1647 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1648
1649 while( crl->version != 0 && crl->next != NULL )
1650 crl = crl->next;
1651
1652 /*
1653 * Add new CRL on the end of the chain if needed.
1654 */
1655 if ( crl->version != 0 && crl->next == NULL)
1656 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1657 crl->next = (x509_crl *) polarssl_malloc( sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1658
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1659 if( crl->next == NULL )
1660 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1661 x509_crl_free( crl );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1662 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1663 }
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1664
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1665 crl = crl->next;
1666 memset( crl, 0, sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1667 }
1668
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1669#if defined(POLARSSL_PEM_C)
1670 pem_init( &pem );
1671 ret = pem_read_buffer( &pem,
1672 "-----BEGIN X509 CRL-----",
1673 "-----END X509 CRL-----",
1674 buf, NULL, 0, &use_len );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1675
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1676 if( ret == 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1677 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1678 /*
1679 * Was PEM encoded
1680 */
1681 buflen -= use_len;
1682 buf += use_len;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1683
1684 /*
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1685 * Steal PEM buffer
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1686 */
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1687 p = pem.buf;
1688 pem.buf = NULL;
1689 len = pem.buflen;
1690 pem_free( &pem );
1691 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]1692 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1693 {
1694 pem_free( &pem );
1695 return( ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1696 }
1697 else
1698 {
1699 /*
1700 * nope, copy the raw DER data
1701 */
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1702 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1703
1704 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1705 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1706
1707 memcpy( p, buf, buflen );
1708
1709 buflen = 0;
1710 }
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1711#else
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1712 p = (unsigned char *) polarssl_malloc( len = buflen );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1713
1714 if( p == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1715 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]1716
1717 memcpy( p, buf, buflen );
1718
1719 buflen = 0;
1720#endif
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1721
1722 crl->raw.p = p;
1723 crl->raw.len = len;
1724 end = p + len;
1725
1726 /*
1727 * CertificateList ::= SEQUENCE {
1728 * tbsCertList TBSCertList,
1729 * signatureAlgorithm AlgorithmIdentifier,
1730 * signatureValue BIT STRING }
1731 */
1732 if( ( ret = asn1_get_tag( &p, end, &len,
1733 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1734 {
1735 x509_crl_free( crl );
1736 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT );
1737 }
1738
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]1739 if( len != (size_t) ( end - p ) )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1740 {
1741 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1742 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1743 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1744 }
1745
1746 /*
1747 * TBSCertList ::= SEQUENCE {
1748 */
1749 crl->tbs.p = p;
1750
1751 if( ( ret = asn1_get_tag( &p, end, &len,
1752 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1753 {
1754 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1755 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1756 }
1757
1758 end = p + len;
1759 crl->tbs.len = end - crl->tbs.p;
1760
1761 /*
1762 * Version ::= INTEGER OPTIONAL { v1(0), v2(1) }
1763 * -- if present, MUST be v2
1764 *
1765 * signature AlgorithmIdentifier
1766 */
Paul Bakker3329d1f2011-10-12 09:55:01 +0000[diff] [blame]1767 if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1768 ( ret = x509_get_alg( &p, end, &crl->sig_oid1, NULL ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1769 {
1770 x509_crl_free( crl );
1771 return( ret );
1772 }
1773
1774 crl->version++;
1775
1776 if( crl->version > 2 )
1777 {
1778 x509_crl_free( crl );
1779 return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION );
1780 }
1781
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]1782 if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_md,
1783 &crl->sig_pk ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1784 {
1785 x509_crl_free( crl );
1786 return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG );
1787 }
1788
1789 /*
1790 * issuer Name
1791 */
1792 crl->issuer_raw.p = p;
1793
1794 if( ( ret = asn1_get_tag( &p, end, &len,
1795 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
1796 {
1797 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1798 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1799 }
1800
1801 if( ( ret = x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
1802 {
1803 x509_crl_free( crl );
1804 return( ret );
1805 }
1806
1807 crl->issuer_raw.len = p - crl->issuer_raw.p;
1808
1809 /*
1810 * thisUpdate Time
1811 * nextUpdate Time OPTIONAL
1812 */
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]1813 if( ( ret = x509_get_time( &p, end, &crl->this_update ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1814 {
1815 x509_crl_free( crl );
1816 return( ret );
1817 }
1818
Paul Bakker91200182010-02-18 21:26:15 +0000[diff] [blame]1819 if( ( ret = x509_get_time( &p, end, &crl->next_update ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1820 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1821 if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1822 POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) &&
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1823 ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE +
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]1824 POLARSSL_ERR_ASN1_OUT_OF_DATA ) )
Paul Bakker635f4b42009-07-20 20:34:41 +0000[diff] [blame]1825 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1826 x509_crl_free( crl );
1827 return( ret );
1828 }
1829 }
1830
1831 /*
1832 * revokedCertificates SEQUENCE OF SEQUENCE {
1833 * userCertificate CertificateSerialNumber,
1834 * revocationDate Time,
1835 * crlEntryExtensions Extensions OPTIONAL
1836 * -- if present, MUST be v2
1837 * } OPTIONAL
1838 */
1839 if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 )
1840 {
1841 x509_crl_free( crl );
1842 return( ret );
1843 }
1844
1845 /*
1846 * crlExtensions EXPLICIT Extensions OPTIONAL
1847 * -- if present, MUST be v2
1848 */
1849 if( crl->version == 2 )
1850 {
1851 ret = x509_get_crl_ext( &p, end, &crl->crl_ext );
1852
1853 if( ret != 0 )
1854 {
1855 x509_crl_free( crl );
1856 return( ret );
1857 }
1858 }
1859
1860 if( p != end )
1861 {
1862 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1863 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1864 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1865 }
1866
1867 end = crl->raw.p + crl->raw.len;
1868
1869 /*
1870 * signatureAlgorithm AlgorithmIdentifier,
1871 * signatureValue BIT STRING
1872 */
Manuel Pégourié-Gonnard444b4272013-07-01 15:27:48 +0200[diff] [blame]1873 if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, NULL ) ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1874 {
1875 x509_crl_free( crl );
1876 return( ret );
1877 }
1878
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]1879 if( crl->sig_oid1.len != crl->sig_oid2.len ||
1880 memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1881 {
1882 x509_crl_free( crl );
1883 return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH );
1884 }
1885
1886 if( ( ret = x509_get_sig( &p, end, &crl->sig ) ) != 0 )
1887 {
1888 x509_crl_free( crl );
1889 return( ret );
1890 }
1891
1892 if( p != end )
1893 {
1894 x509_crl_free( crl );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]1895 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT +
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1896 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
1897 }
1898
1899 if( buflen > 0 )
1900 {
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1901 crl->next = (x509_crl *) polarssl_malloc( sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1902
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1903 if( crl->next == NULL )
1904 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1905 x509_crl_free( crl );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1906 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1907 }
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1908
Paul Bakker7d06ad22009-05-02 15:53:56 +0000[diff] [blame]1909 crl = crl->next;
1910 memset( crl, 0, sizeof( x509_crl ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1911
1912 return( x509parse_crl( crl, buf, buflen ) );
1913 }
1914
1915 return( 0 );
1916}
1917
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]1918#if defined(POLARSSL_FS_IO)
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1919/*
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1920 * Load all data from a file into a given buffer.
1921 */
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]1922static int load_file( const char *path, unsigned char **buf, size_t *n )
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1923{
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1924 FILE *f;
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1925
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1926 if( ( f = fopen( path, "rb" ) ) == NULL )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1927 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1928
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1929 fseek( f, 0, SEEK_END );
1930 *n = (size_t) ftell( f );
1931 fseek( f, 0, SEEK_SET );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1932
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1933 if( ( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL )
Paul Bakkerf6a19bd2013-05-14 13:26:51 +0200[diff] [blame]1934 {
1935 fclose( f );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1936 return( POLARSSL_ERR_X509_MALLOC_FAILED );
Paul Bakkerf6a19bd2013-05-14 13:26:51 +0200[diff] [blame]1937 }
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1938
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1939 if( fread( *buf, 1, *n, f ) != *n )
1940 {
1941 fclose( f );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1942 polarssl_free( *buf );
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1943 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1944 }
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1945
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1946 fclose( f );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1947
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1948 (*buf)[*n] = '\0';
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1949
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]1950 return( 0 );
Paul Bakker2b245eb2009-04-19 18:44:26 +0000[diff] [blame]1951}
1952
1953/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1954 * Load one or more certificates and add them to the chained list
1955 */
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1956int x509parse_crtfile( x509_cert *chain, const char *path )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1957{
1958 int ret;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1959 size_t n;
1960 unsigned char *buf;
1961
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]1962 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1963 return( ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1964
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]1965 ret = x509parse_crt( chain, buf, n );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1966
1967 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]1968 polarssl_free( buf );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]1969
1970 return( ret );
1971}
1972
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1973int x509parse_crtpath( x509_cert *chain, const char *path )
1974{
1975 int ret = 0;
1976#if defined(_WIN32)
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1977 int w_ret;
1978 WCHAR szDir[MAX_PATH];
1979 char filename[MAX_PATH];
1980 char *p;
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1981 int len = strlen( path );
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1982
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]1983 WIN32_FIND_DATAW file_data;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1984 HANDLE hFind;
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1985
1986 if( len > MAX_PATH - 3 )
1987 return( POLARSSL_ERR_X509_INVALID_INPUT );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1988
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1989 memset( szDir, 0, sizeof(szDir) );
1990 memset( filename, 0, MAX_PATH );
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1991 memcpy( filename, path, len );
1992 filename[len++] = '\\';
1993 p = filename + len;
1994 filename[len++] = '*';
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]1995
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]1996 w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1997
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]1998 hFind = FindFirstFileW( szDir, &file_data );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]1999 if (hFind == INVALID_HANDLE_VALUE)
2000 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2001
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2002 len = MAX_PATH - len;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2003 do
2004 {
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2005 memset( p, 0, len );
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2006
Paul Bakkere4791f32012-06-04 21:29:15 +0000[diff] [blame]2007 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2008 continue;
2009
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2010 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
2011 lstrlenW(file_data.cFileName),
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2012 p, len - 1,
2013 NULL, NULL );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2014
Paul Bakker3338b792012-10-01 21:13:10 +0000[diff] [blame]2015 w_ret = x509parse_crtfile( chain, filename );
2016 if( w_ret < 0 )
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2017 ret++;
2018 else
2019 ret += w_ret;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2020 }
Paul Bakker97872ac2012-11-02 12:53:26 +0000[diff] [blame]2021 while( FindNextFileW( hFind, &file_data ) != 0 );
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2022
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2023 if (GetLastError() != ERROR_NO_MORE_FILES)
2024 ret = POLARSSL_ERR_X509_FILE_IO_ERROR;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2025
Paul Bakker4a2bd0d2012-11-02 11:06:08 +0000[diff] [blame]2026cleanup:
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2027 FindClose( hFind );
2028#else
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2029 int t_ret, i;
2030 struct stat sb;
2031 struct dirent entry, *result = NULL;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2032 char entry_name[255];
2033 DIR *dir = opendir( path );
2034
2035 if( dir == NULL)
2036 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2037
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2038 while( ( t_ret = readdir_r( dir, &entry, &result ) ) == 0 )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2039 {
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2040 if( result == NULL )
2041 break;
2042
2043 snprintf( entry_name, sizeof(entry_name), "%s/%s", path, entry.d_name );
2044
2045 i = stat( entry_name, &sb );
2046
2047 if( i == -1 )
2048 return( POLARSSL_ERR_X509_FILE_IO_ERROR );
2049
2050 if( !S_ISREG( sb.st_mode ) )
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2051 continue;
2052
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2053 // Ignore parse errors
2054 //
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2055 t_ret = x509parse_crtfile( chain, entry_name );
2056 if( t_ret < 0 )
Paul Bakker2c8cdd22013-06-24 19:22:42 +0200[diff] [blame]2057 ret++;
2058 else
2059 ret += t_ret;
Paul Bakker8d914582012-06-04 12:46:42 +0000[diff] [blame]2060 }
2061 closedir( dir );
2062#endif
2063
2064 return( ret );
2065}
2066
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2067/*
2068 * Load one or more CRLs and add them to the chained list
2069 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]2070int x509parse_crlfile( x509_crl *chain, const char *path )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2071{
2072 int ret;
2073 size_t n;
2074 unsigned char *buf;
2075
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2076 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2077 return( ret );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2078
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]2079 ret = x509parse_crl( chain, buf, n );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2080
2081 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2082 polarssl_free( buf );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]2083
2084 return( ret );
2085}
2086
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2087/*
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2088 * Load and parse a private RSA key
2089 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2090int x509parse_keyfile_rsa( rsa_context *rsa, const char *path, const char *pwd )
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2091{
2092 int ret;
2093 size_t n;
2094 unsigned char *buf;
2095
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2096 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2097 return( ret );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2098
2099 if( pwd == NULL )
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2100 ret = x509parse_key_rsa( rsa, buf, n, NULL, 0 );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2101 else
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2102 ret = x509parse_key_rsa( rsa, buf, n,
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]2103 (const unsigned char *) pwd, strlen( pwd ) );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2104
2105 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2106 polarssl_free( buf );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2107
2108 return( ret );
2109}
2110
2111/*
2112 * Load and parse a public RSA key
2113 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2114int x509parse_public_keyfile_rsa( rsa_context *rsa, const char *path )
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2115{
2116 int ret;
2117 size_t n;
2118 unsigned char *buf;
2119
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]2120 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]2121 return( ret );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2122
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2123 ret = x509parse_public_key_rsa( rsa, buf, n );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2124
2125 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]2126 polarssl_free( buf );
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2127
2128 return( ret );
2129}
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2130
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2131/*
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2132 * Load and parse a private key
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2133 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2134int x509parse_keyfile( pk_context *ctx,
2135 const char *path, const char *pwd )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2136{
2137 int ret;
2138 size_t n;
2139 unsigned char *buf;
2140
2141 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
2142 return( ret );
2143
2144 if( pwd == NULL )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2145 ret = x509parse_key( ctx, buf, n, NULL, 0 );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2146 else
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2147 ret = x509parse_key( ctx, buf, n,
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2148 (const unsigned char *) pwd, strlen( pwd ) );
2149
2150 memset( buf, 0, n + 1 );
2151 free( buf );
2152
2153 return( ret );
2154}
2155
2156/*
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2157 * Load and parse a public key
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2158 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2159int x509parse_public_keyfile( pk_context *ctx, const char *path )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2160{
2161 int ret;
2162 size_t n;
2163 unsigned char *buf;
2164
2165 if ( (ret = load_file( path, &buf, &n ) ) != 0 )
2166 return( ret );
2167
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2168 ret = x509parse_public_key( ctx, buf, n );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2169
2170 memset( buf, 0, n + 1 );
2171 free( buf );
2172
2173 return( ret );
2174}
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2175
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]2176#endif /* POLARSSL_FS_IO */
2177
2178/*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2179 * Parse a PKCS#1 encoded private RSA key
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2180 */
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2181static int x509parse_key_pkcs1_der( rsa_context *rsa,
2182 const unsigned char *key,
2183 size_t keylen )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2184{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]2185 int ret;
2186 size_t len;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2187 unsigned char *p, *end;
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]2188
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2189 p = (unsigned char *) key;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2190 end = p + keylen;
2191
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2192 /*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2193 * This function parses the RSAPrivateKey (PKCS#1)
Paul Bakkered56b222011-07-13 11:26:43 +0000[diff] [blame]2194 *
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2195 * RSAPrivateKey ::= SEQUENCE {
2196 * version Version,
2197 * modulus INTEGER, -- n
2198 * publicExponent INTEGER, -- e
2199 * privateExponent INTEGER, -- d
2200 * prime1 INTEGER, -- p
2201 * prime2 INTEGER, -- q
2202 * exponent1 INTEGER, -- d mod (p-1)
2203 * exponent2 INTEGER, -- d mod (q-1)
2204 * coefficient INTEGER, -- (inverse of q) mod p
2205 * otherPrimeInfos OtherPrimeInfos OPTIONAL
2206 * }
2207 */
2208 if( ( ret = asn1_get_tag( &p, end, &len,
2209 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2210 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2211 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2212 }
2213
2214 end = p + len;
2215
2216 if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
2217 {
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2218 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2219 }
2220
2221 if( rsa->ver != 0 )
2222 {
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2223 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2224 }
2225
2226 if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 ||
2227 ( ret = asn1_get_mpi( &p, end, &rsa->E ) ) != 0 ||
2228 ( ret = asn1_get_mpi( &p, end, &rsa->D ) ) != 0 ||
2229 ( ret = asn1_get_mpi( &p, end, &rsa->P ) ) != 0 ||
2230 ( ret = asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 ||
2231 ( ret = asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 ||
2232 ( ret = asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 ||
2233 ( ret = asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 )
2234 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2235 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2236 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2237 }
2238
2239 rsa->len = mpi_size( &rsa->N );
2240
2241 if( p != end )
2242 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2243 rsa_free( rsa );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]2244 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]2245 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2246 }
2247
2248 if( ( ret = rsa_check_privkey( rsa ) ) != 0 )
2249 {
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2250 rsa_free( rsa );
2251 return( ret );
2252 }
2253
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2254 return( 0 );
2255}
2256
2257/*
2258 * Parse an unencrypted PKCS#8 encoded private RSA key
2259 */
2260static int x509parse_key_pkcs8_unencrypted_der(
2261 rsa_context *rsa,
2262 const unsigned char *key,
2263 size_t keylen )
2264{
2265 int ret;
2266 size_t len;
2267 unsigned char *p, *end;
2268 x509_buf pk_alg_oid;
2269 pk_type_t pk_alg = POLARSSL_PK_NONE;
2270
2271 p = (unsigned char *) key;
2272 end = p + keylen;
2273
2274 /*
2275 * This function parses the PrivatKeyInfo object (PKCS#8)
2276 *
2277 * PrivateKeyInfo ::= SEQUENCE {
2278 * version Version,
2279 * algorithm AlgorithmIdentifier,
2280 * PrivateKey BIT STRING
2281 * }
2282 *
2283 * AlgorithmIdentifier ::= SEQUENCE {
2284 * algorithm OBJECT IDENTIFIER,
2285 * parameters ANY DEFINED BY algorithm OPTIONAL
2286 * }
2287 *
2288 * The PrivateKey BIT STRING is a PKCS#1 RSAPrivateKey
2289 */
2290 if( ( ret = asn1_get_tag( &p, end, &len,
2291 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2292 {
2293 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2294 }
2295
2296 end = p + len;
2297
2298 if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 )
2299 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2300
2301 if( rsa->ver != 0 )
2302 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
2303
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2304 if( ( ret = asn1_get_alg_null( &p, end, &pk_alg_oid ) ) != 0 )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2305 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2306
2307 /*
2308 * only RSA keys handled at this time
2309 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2310 if( oid_get_pk_alg( &pk_alg_oid, &pk_alg ) != 0 )
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]2311 {
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2312 return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG );
Manuel Pégourié-Gonnard80300ad2013-07-04 11:57:13 +0200[diff] [blame]2313 }
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2314
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2315 if (pk_alg != POLARSSL_PK_RSA )
2316 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
2317
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2318 /*
2319 * Get the OCTET STRING and parse the PKCS#1 format inside
2320 */
2321 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2322 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2323
2324 if( ( end - p ) < 1 )
2325 {
2326 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
2327 POLARSSL_ERR_ASN1_OUT_OF_DATA );
2328 }
2329
2330 end = p + len;
2331
2332 if( ( ret = x509parse_key_pkcs1_der( rsa, p, end - p ) ) != 0 )
2333 return( ret );
2334
2335 return( 0 );
2336}
2337
2338/*
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2339 * Decrypt the content of a PKCS#8 EncryptedPrivateKeyInfo
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2340 */
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2341static int x509parse_pkcs8_decrypt( unsigned char *buf, size_t buflen,
2342 size_t *used_len,
2343 const unsigned char *key, size_t keylen,
2344 const unsigned char *pwd, size_t pwdlen )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2345{
2346 int ret;
2347 size_t len;
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2348 unsigned char *p, *end;
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2349 x509_buf pbe_alg_oid, pbe_params;
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2350#if defined(POLARSSL_PKCS12_C)
2351 cipher_type_t cipher_alg;
2352 md_type_t md_alg;
2353#endif
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2354
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2355 memset(buf, 0, buflen);
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2356
2357 p = (unsigned char *) key;
2358 end = p + keylen;
2359
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2360 if( pwdlen == 0 )
2361 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
2362
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2363 /*
2364 * This function parses the EncryptedPrivatKeyInfo object (PKCS#8)
2365 *
2366 * EncryptedPrivateKeyInfo ::= SEQUENCE {
2367 * encryptionAlgorithm EncryptionAlgorithmIdentifier,
2368 * encryptedData EncryptedData
2369 * }
2370 *
2371 * EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
2372 *
2373 * EncryptedData ::= OCTET STRING
2374 *
2375 * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
2376 */
2377 if( ( ret = asn1_get_tag( &p, end, &len,
2378 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2379 {
2380 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2381 }
2382
2383 end = p + len;
2384
Paul Bakkerf8d018a2013-06-29 12:16:17 +0200[diff] [blame]2385 if( ( ret = asn1_get_alg( &p, end, &pbe_alg_oid, &pbe_params ) ) != 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2386 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2387
2388 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2389 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2390
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2391 if( len > buflen )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2392 return( POLARSSL_ERR_X509_INVALID_INPUT );
2393
2394 /*
2395 * Decrypt EncryptedData with appropriate PDE
2396 */
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2397#if defined(POLARSSL_PKCS12_C)
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2398 if( oid_get_pkcs12_pbe_alg( &pbe_alg_oid, &md_alg, &cipher_alg ) == 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2399 {
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2400 if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT,
Paul Bakker7749a222013-06-28 17:28:20 +0200[diff] [blame]2401 cipher_alg, md_alg,
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2402 pwd, pwdlen, p, len, buf ) ) != 0 )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2403 {
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2404 if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH )
2405 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2406
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2407 return( ret );
2408 }
2409 }
2410 else if( OID_CMP( OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) )
2411 {
2412 if( ( ret = pkcs12_pbe_sha1_rc4_128( &pbe_params,
2413 PKCS12_PBE_DECRYPT,
2414 pwd, pwdlen,
2415 p, len, buf ) ) != 0 )
2416 {
2417 return( ret );
2418 }
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2419
2420 // Best guess for password mismatch when using RC4. If first tag is
2421 // not ASN1_CONSTRUCTED | ASN1_SEQUENCE
2422 //
2423 if( *buf != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
2424 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2425 }
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2426 else
2427#endif /* POLARSSL_PKCS12_C */
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2428#if defined(POLARSSL_PKCS5_C)
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2429 if( OID_CMP( OID_PKCS5_PBES2, &pbe_alg_oid ) )
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2430 {
2431 if( ( ret = pkcs5_pbes2( &pbe_params, PKCS5_DECRYPT, pwd, pwdlen,
2432 p, len, buf ) ) != 0 )
2433 {
2434 if( ret == POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH )
2435 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2436
2437 return( ret );
2438 }
2439 }
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2440 else
Paul Bakker38b50d72013-06-24 19:33:27 +0200[diff] [blame]2441#endif /* POLARSSL_PKCS5_C */
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2442 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
2443
Manuel Pégourié-Gonnarda5d99742013-07-04 11:08:31 +0200[diff] [blame]2444 *used_len = len;
2445 return( 0 );
2446}
2447
2448/*
2449 * Parse an encrypted PKCS#8 encoded private RSA key
2450 */
2451static int x509parse_key_pkcs8_encrypted_der(
2452 rsa_context *rsa,
2453 const unsigned char *key, size_t keylen,
2454 const unsigned char *pwd, size_t pwdlen )
2455{
2456 int ret;
2457 unsigned char buf[2048];
2458 size_t len = 0;
2459
2460 if( ( ret = x509parse_pkcs8_decrypt( buf, sizeof( buf ), &len,
2461 key, keylen, pwd, pwdlen ) ) != 0 )
2462 {
2463 return( ret );
2464 }
2465
2466 return( x509parse_key_pkcs8_unencrypted_der( rsa, buf, len ) );
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2467}
2468
2469/*
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2470 * Parse a private RSA key
2471 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2472int x509parse_key_rsa( rsa_context *rsa,
2473 const unsigned char *key, size_t keylen,
2474 const unsigned char *pwd, size_t pwdlen )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2475{
2476 int ret;
2477
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]2478#if defined(POLARSSL_PEM_C)
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2479 size_t len;
2480 pem_context pem;
2481
2482 pem_init( &pem );
2483 ret = pem_read_buffer( &pem,
2484 "-----BEGIN RSA PRIVATE KEY-----",
2485 "-----END RSA PRIVATE KEY-----",
2486 key, pwd, pwdlen, &len );
2487 if( ret == 0 )
2488 {
2489 if( ( ret = x509parse_key_pkcs1_der( rsa, pem.buf, pem.buflen ) ) != 0 )
2490 {
2491 rsa_free( rsa );
2492 }
2493
2494 pem_free( &pem );
2495 return( ret );
2496 }
Paul Bakkera4232a72013-06-24 19:32:25 +0200[diff] [blame]2497 else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH )
2498 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2499 else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED )
2500 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2501 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2502 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2503
2504 ret = pem_read_buffer( &pem,
2505 "-----BEGIN PRIVATE KEY-----",
2506 "-----END PRIVATE KEY-----",
2507 key, NULL, 0, &len );
2508 if( ret == 0 )
2509 {
2510 if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa,
2511 pem.buf, pem.buflen ) ) != 0 )
2512 {
2513 rsa_free( rsa );
2514 }
2515
2516 pem_free( &pem );
2517 return( ret );
2518 }
2519 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2520 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2521
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2522 ret = pem_read_buffer( &pem,
2523 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
2524 "-----END ENCRYPTED PRIVATE KEY-----",
2525 key, NULL, 0, &len );
2526 if( ret == 0 )
2527 {
2528 if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa,
2529 pem.buf, pem.buflen,
2530 pwd, pwdlen ) ) != 0 )
2531 {
2532 rsa_free( rsa );
2533 }
2534
2535 pem_free( &pem );
2536 return( ret );
2537 }
2538 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2539 return( ret );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2540#else
2541 ((void) pwd);
2542 ((void) pwdlen);
2543#endif /* POLARSSL_PEM_C */
2544
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2545 /*
2546 * At this point we only know it's not a PEM formatted key. Could be any
2547 * of the known DER encoded private key formats
2548 *
2549 * We try the different DER format parsers to see if one passes without
2550 * error
2551 */
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2552 if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa, key, keylen,
2553 pwd, pwdlen ) ) == 0 )
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2554 {
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2555 return( 0 );
Paul Bakkere2f50402013-06-24 19:00:59 +0200[diff] [blame]2556 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2557
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2558 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2559
2560 if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH )
2561 {
2562 return( ret );
2563 }
2564
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2565 if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa, key, keylen ) ) == 0 )
2566 return( 0 );
2567
2568 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2569
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2570 if( ( ret = x509parse_key_pkcs1_der( rsa, key, keylen ) ) == 0 )
2571 return( 0 );
2572
2573 rsa_free( rsa );
Paul Bakker28144de2013-06-24 19:28:55 +0200[diff] [blame]2574
Paul Bakkerf1f21fe2013-06-24 19:17:19 +0200[diff] [blame]2575 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]2576}
2577
2578/*
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2579 * Parse a public RSA key
2580 */
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]2581int x509parse_public_key_rsa( rsa_context *rsa,
2582 const unsigned char *key, size_t keylen )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2583{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]2584 int ret;
2585 size_t len;
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2586 unsigned char *p, *end;
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2587#if defined(POLARSSL_PEM_C)
2588 pem_context pem;
2589
2590 pem_init( &pem );
2591 ret = pem_read_buffer( &pem,
2592 "-----BEGIN PUBLIC KEY-----",
2593 "-----END PUBLIC KEY-----",
2594 key, NULL, 0, &len );
2595
2596 if( ret == 0 )
2597 {
2598 /*
2599 * Was PEM encoded
2600 */
2601 keylen = pem.buflen;
2602 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]2603 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2604 {
2605 pem_free( &pem );
2606 return( ret );
2607 }
2608
2609 p = ( ret == 0 ) ? pem.buf : (unsigned char *) key;
2610#else
2611 p = (unsigned char *) key;
2612#endif
2613 end = p + keylen;
2614
Manuel Pégourié-Gonnard20c12f62013-07-09 12:13:24 +0200[diff] [blame^]2615 if( ( ret = x509_get_pubkey( &p, end, rsa ) ) != 0 )
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2616 {
2617#if defined(POLARSSL_PEM_C)
2618 pem_free( &pem );
2619#endif
2620 rsa_free( rsa );
2621 return( ret );
2622 }
2623
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]2624#if defined(POLARSSL_PEM_C)
2625 pem_free( &pem );
2626#endif
2627
2628 return( 0 );
2629}
2630
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2631#if defined(POLARSSL_ECP_C)
2632/*
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2633 * Parse a SEC1 encoded private EC key
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2634 */
2635static int x509parse_key_sec1_der( ecp_keypair *eck,
2636 const unsigned char *key,
2637 size_t keylen )
2638{
2639 int ret;
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2640 int version;
2641 size_t len;
2642 ecp_group_id grp_id;
2643 unsigned char *p = (unsigned char *) key;
2644 unsigned char *end = p + keylen;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2645
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2646 /*
2647 * RFC 5915, orf SEC1 Appendix C.4
2648 *
2649 * ECPrivateKey ::= SEQUENCE {
2650 * version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
2651 * privateKey OCTET STRING,
2652 * parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
2653 * publicKey [1] BIT STRING OPTIONAL
2654 * }
2655 */
2656 if( ( ret = asn1_get_tag( &p, end, &len,
2657 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2658 {
2659 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2660 }
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2661
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2662 end = p + len;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2663
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2664 if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 )
2665 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2666
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2667 if( version != 1 )
2668 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION );
2669
2670 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2671 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2672
2673 if( ( ret = mpi_read_binary( &eck->d, p, len ) ) != 0 )
2674 {
2675 ecp_keypair_free( eck );
2676 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2677 }
2678
2679 p += len;
2680
2681 /*
2682 * Is 'parameters' present?
2683 */
2684 if( ( ret = asn1_get_tag( &p, end, &len,
2685 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) == 0 )
2686 {
2687 if( ( ret = x509_get_ecparams( &p, p + len, &grp_id) ) != 0 )
2688 return( ret );
2689
Manuel Pégourié-Gonnardd4ec21d2013-07-04 12:04:57 +0200[diff] [blame]2690 /*
2691 * If we're wrapped in a bigger structure (eg PKCS#8), grp may have been
2692 * defined externally. In this case, make sure both definitions match.
2693 */
2694 if( eck->grp.id != 0 )
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2695 {
Manuel Pégourié-Gonnardd4ec21d2013-07-04 12:04:57 +0200[diff] [blame]2696 if( eck->grp.id != grp_id )
2697 {
2698 ecp_keypair_free( eck );
2699 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2700 }
2701 }
2702 else
2703 {
2704 if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
2705 {
2706 ecp_keypair_free( eck );
2707 return( ret );
2708 }
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2709 }
2710 }
2711 else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
2712 {
2713 ecp_keypair_free( eck );
2714 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2715 }
2716
2717 /*
2718 * Is 'publickey' present?
2719 */
2720 if( ( ret = asn1_get_tag( &p, end, &len,
2721 ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) ) == 0 )
2722 {
2723 if( ( ret = x509_get_subpubkey_ec( &p, p + len, &eck->grp, &eck->Q ) )
2724 != 0 )
2725 {
2726 ecp_keypair_free( eck );
2727 return( ret );
2728 }
2729
2730 if( ( ret = ecp_check_pubkey( &eck->grp, &eck->Q ) ) != 0 )
2731 {
2732 ecp_keypair_free( eck );
2733 return( ret );
2734 }
2735 }
2736 else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
2737 {
2738 ecp_keypair_free( eck );
2739 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2740 }
2741
Manuel Pégourié-Gonnardde44a4a2013-07-09 16:05:52 +0200[diff] [blame]2742 if( ( ret = ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
Manuel Pégourié-Gonnarde3663422013-07-03 18:56:37 +0200[diff] [blame]2743 {
2744 ecp_keypair_free( eck );
2745 return( ret );
2746 }
2747
2748 return 0;
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2749}
2750
2751/*
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2752 * Parse an unencrypted PKCS#8 encoded private EC key
2753 */
2754static int x509parse_key_pkcs8_unencrypted_der_ec(
2755 ecp_keypair *eck,
2756 const unsigned char* key,
2757 size_t keylen )
2758{
2759 int ret, version;
2760 size_t len;
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2761 x509_buf alg_params;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2762 ecp_group_id grp_id;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2763 unsigned char *p = (unsigned char *) key;
2764 unsigned char *end = p + keylen;
2765 pk_type_t pk_alg = POLARSSL_PK_NONE;
2766
2767 /*
2768 * This function parses the PrivatKeyInfo object (PKCS#8 v1.2 = RFC 5208)
2769 *
2770 * PrivateKeyInfo ::= SEQUENCE {
2771 * version Version,
2772 * privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
2773 * privateKey PrivateKey,
2774 * attributes [0] IMPLICIT Attributes OPTIONAL }
2775 *
2776 * Version ::= INTEGER
2777 * PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
2778 * PrivateKey ::= OCTET STRING
2779 *
2780 * The PrivateKey OCTET STRING is a SEC1 ECPrivateKey
2781 */
2782
2783 if( ( ret = asn1_get_tag( &p, end, &len,
2784 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2785 {
2786 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2787 }
2788
2789 end = p + len;
2790
2791 if( ( ret = asn1_get_int( &p, end, &version ) ) != 0 )
2792 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2793
2794 if( version != 0 )
2795 return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret );
2796
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2797 if( ( ret = x509_get_algid( &p, end, &pk_alg, &alg_params ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2798 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2799
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2800 if( pk_alg != POLARSSL_PK_ECKEY && pk_alg != POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2801 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2802
2803 if( pk_alg == POLARSSL_PK_ECKEY_DH )
2804 eck->alg = POLARSSL_ECP_KEY_ALG_ECDH;
2805
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2806 if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2807 {
2808 ecp_keypair_free( eck );
2809 return( ret );
2810 }
2811
2812 if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
2813 {
2814 ecp_keypair_free( eck );
2815 return( ret );
2816 }
2817
2818 if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 )
2819 {
2820 ecp_keypair_free( eck );
2821 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
2822 }
2823
2824 if( ( ret = x509parse_key_sec1_der( eck, p, len ) ) != 0 )
2825 {
2826 ecp_keypair_free( eck );
2827 return( ret );
2828 }
2829
Manuel Pégourié-Gonnardde44a4a2013-07-09 16:05:52 +0200[diff] [blame]2830 if( ( ret = ecp_check_privkey( &eck->grp, &eck->d ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2831 {
2832 ecp_keypair_free( eck );
2833 return( ret );
2834 }
2835
2836 return 0;
2837}
2838
2839/*
2840 * Parse an encrypted PKCS#8 encoded private EC key
2841 */
2842static int x509parse_key_pkcs8_encrypted_der_ec(
2843 ecp_keypair *eck,
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2844 const unsigned char *key, size_t keylen,
2845 const unsigned char *pwd, size_t pwdlen )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2846{
2847 int ret;
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2848 unsigned char buf[2048];
2849 size_t len = 0;
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2850
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2851 if( ( ret = x509parse_pkcs8_decrypt( buf, sizeof( buf ), &len,
2852 key, keylen, pwd, pwdlen ) ) != 0 )
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2853 {
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2854 return( ret );
2855 }
2856
Manuel Pégourié-Gonnard9c1cf452013-07-04 11:20:24 +0200[diff] [blame]2857 return( x509parse_key_pkcs8_unencrypted_der_ec( eck, buf, len ) );
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]2858}
2859
2860/*
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2861 * Parse a private EC key
2862 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]2863static int x509parse_key_ec( ecp_keypair *eck,
2864 const unsigned char *key, size_t keylen,
2865 const unsigned char *pwd, size_t pwdlen )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2866{
2867 int ret;
2868
2869#if defined(POLARSSL_PEM_C)
2870 size_t len;
2871 pem_context pem;
2872
2873 pem_init( &pem );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2874 ret = pem_read_buffer( &pem,
2875 "-----BEGIN EC PRIVATE KEY-----",
2876 "-----END EC PRIVATE KEY-----",
2877 key, pwd, pwdlen, &len );
2878 if( ret == 0 )
2879 {
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2880 if( ( ret = x509parse_key_sec1_der( eck, pem.buf, pem.buflen ) ) != 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2881 {
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2882 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2883 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2884
2885 pem_free( &pem );
2886 return( ret );
2887 }
2888 else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH )
2889 return( POLARSSL_ERR_X509_PASSWORD_MISMATCH );
2890 else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED )
2891 return( POLARSSL_ERR_X509_PASSWORD_REQUIRED );
2892 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2893 return( ret );
2894
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2895 ret = pem_read_buffer( &pem,
2896 "-----BEGIN PRIVATE KEY-----",
2897 "-----END PRIVATE KEY-----",
2898 key, NULL, 0, &len );
2899 if( ret == 0 )
2900 {
2901 if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
2902 pem.buf, pem.buflen ) ) != 0 )
2903 {
2904 ecp_keypair_free( eck );
2905 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2906
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2907 pem_free( &pem );
2908 return( ret );
2909 }
2910 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2911 return( ret );
2912
2913 ret = pem_read_buffer( &pem,
2914 "-----BEGIN ENCRYPTED PRIVATE KEY-----",
2915 "-----END ENCRYPTED PRIVATE KEY-----",
2916 key, NULL, 0, &len );
2917 if( ret == 0 )
2918 {
2919 if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck,
2920 pem.buf, pem.buflen,
2921 pwd, pwdlen ) ) != 0 )
2922 {
2923 ecp_keypair_free( eck );
2924 }
2925
2926 pem_free( &pem );
2927 return( ret );
2928 }
2929 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
2930 return( ret );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2931#else
2932 ((void) pwd);
2933 ((void) pwdlen);
2934#endif /* POLARSSL_PEM_C */
2935
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2936 /*
2937 * At this point we only know it's not a PEM formatted key. Could be any
2938 * of the known DER encoded private key formats
2939 *
2940 * We try the different DER format parsers to see if one passes without
2941 * error
2942 */
2943 if( ( ret = x509parse_key_pkcs8_encrypted_der_ec( eck, key, keylen,
2944 pwd, pwdlen ) ) == 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2945 {
2946 return( 0 );
2947 }
2948
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2949 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2950
2951 if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH )
2952 {
2953 return( ret );
2954 }
2955
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2956 if( ( ret = x509parse_key_pkcs8_unencrypted_der_ec( eck,
2957 key, keylen ) ) == 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2958 return( 0 );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2959
Manuel Pégourié-Gonnard15e8b822013-07-03 11:56:37 +0200[diff] [blame]2960 ecp_keypair_free( eck );
2961
2962 if( ( ret = x509parse_key_sec1_der( eck, key, keylen ) ) == 0 )
2963 return( 0 );
2964
2965 ecp_keypair_free( eck );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]2966
2967 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
2968}
2969
2970/*
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2971 * Parse a public EC key in RFC 5480 format, der-encoded
2972 */
2973static int x509parse_public_key_ec_der( ecp_keypair *key,
2974 const unsigned char *buf, size_t len )
2975{
2976 int ret;
2977 ecp_group_id grp_id;
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2978 x509_buf alg_params;
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2979 pk_type_t alg = POLARSSL_PK_NONE;
2980 unsigned char *p = (unsigned char *) buf;
2981 unsigned char *end = p + len;
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2982 /*
2983 * SubjectPublicKeyInfo ::= SEQUENCE {
2984 * algorithm AlgorithmIdentifier,
2985 * subjectPublicKey BIT STRING
2986 * }
2987 * -- algorithm parameters are ECParameters
2988 * -- subjectPublicKey is an ECPoint
2989 */
2990 if( ( ret = asn1_get_tag( &p, end, &len,
2991 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
2992 {
2993 return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret );
2994 }
2995
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]2996 if( ( ret = x509_get_algid( &p, end, &alg, &alg_params ) ) != 0 )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2997 return( ret );
2998
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]2999 if( alg != POLARSSL_PK_ECKEY && alg != POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3000 return( POLARSSL_ERR_X509_CERT_INVALID_ALG );
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3001
Manuel Pégourié-Gonnard416fa8f2013-07-04 10:46:23 +0200[diff] [blame]3002 if( alg == POLARSSL_PK_ECKEY_DH )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3003 key->alg = POLARSSL_ECP_KEY_ALG_ECDH;
3004
Manuel Pégourié-Gonnard0a64e8f2013-07-08 18:26:18 +0200[diff] [blame]3005 if( ( ret = x509_ecparams_get_grp_id( &alg_params, &grp_id ) ) != 0 )
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3006 return( ret );
3007
3008 if( ( ret = ecp_use_known_dp( &key->grp, grp_id ) ) != 0 )
3009 return( ret );
3010
3011 if( ( ret = x509_get_subpubkey_ec( &p, end, &key->grp, &key->Q ) ) != 0 )
3012 {
3013 return( ret );
3014 }
3015
3016 return( 0 );
3017}
3018
3019/*
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3020 * Parse a public EC key
3021 */
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3022static int x509parse_public_key_ec( ecp_keypair *eckey,
3023 const unsigned char *key, size_t keylen )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3024{
3025 int ret;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3026#if defined(POLARSSL_PEM_C)
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3027 size_t len;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3028 pem_context pem;
3029
3030 pem_init( &pem );
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3031 ret = pem_read_buffer( &pem,
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3032 "-----BEGIN PUBLIC KEY-----",
3033 "-----END PUBLIC KEY-----",
3034 key, NULL, 0, &len );
3035
3036 if( ret == 0 )
3037 {
3038 /*
3039 * Was PEM encoded
3040 */
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3041 key = pem.buf;
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3042 keylen = pem.buflen;
3043 }
3044 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
3045 {
3046 pem_free( &pem );
3047 return( ret );
3048 }
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3049#endif
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3050
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3051 if( ( ret = x509parse_public_key_ec_der ( eckey, key, keylen ) ) != 0 ||
3052 ( ret = ecp_check_pubkey( &eckey->grp, &eckey->Q ) ) != 0 )
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3053 {
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3054 ecp_keypair_free( eckey );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3055 }
3056
3057#if defined(POLARSSL_PEM_C)
3058 pem_free( &pem );
3059#endif
3060
Manuel Pégourié-Gonnard73c0cda2013-07-01 19:45:45 +0200[diff] [blame]3061 return( ret );
Manuel Pégourié-Gonnard26833c22013-06-27 11:27:58 +0200[diff] [blame]3062}
3063#endif /* defined(POLARSSL_ECP_C) */
3064
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3065/*
3066 * Parse a private key
3067 */
3068int x509parse_key( pk_context *ctx,
3069 const unsigned char *key, size_t keylen,
3070 const unsigned char *pwd, size_t pwdlen )
3071{
3072 int ret;
3073
3074 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_RSA ) ) != 0 )
3075 return( ret );
3076
3077 if( ( ret = x509parse_key_rsa( ctx->data, key, keylen, pwd, pwdlen ) )
3078 == 0 )
3079 {
3080 return( 0 );
3081 }
3082
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3083 pk_free( ctx );
3084
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3085 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
3086 return( ret );
3087
3088 if( ( ret = x509parse_key_ec( ctx->data, key, keylen, pwd, pwdlen ) ) == 0 )
3089 {
3090 return( 0 );
3091 }
3092
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3093 pk_free( ctx );
3094
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3095 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
3096}
3097
3098/*
3099 * Parse a public key
3100 */
3101int x509parse_public_key( pk_context *ctx,
3102 const unsigned char *key, size_t keylen )
3103{
3104 int ret;
3105
3106 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_RSA ) ) != 0 )
3107 return( ret );
3108
3109 if( ( ret = x509parse_public_key_rsa( ctx->data, key, keylen ) ) == 0 )
3110 return( 0 );
3111
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3112 pk_free( ctx );
3113
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3114 if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
3115 return( ret );
3116
3117 if( ( ret = x509parse_public_key_ec( ctx->data, key, keylen ) ) == 0 )
3118 return( 0 );
3119
Manuel Pégourié-Gonnard374e4b82013-07-09 10:21:34 +0200[diff] [blame]3120 pk_free( ctx );
3121
Manuel Pégourié-Gonnard88380992013-07-04 14:09:57 +0200[diff] [blame]3122 return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
3123}
3124
Paul Bakkereaa89f82011-04-04 21:36:15 +0000[diff] [blame]3125#if defined(POLARSSL_DHM_C)
Paul Bakker53019ae2011-03-25 13:58:48 +0000[diff] [blame]3126/*
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3127 * Parse DHM parameters
3128 */
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3129int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3130{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3131 int ret;
3132 size_t len;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3133 unsigned char *p, *end;
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3134#if defined(POLARSSL_PEM_C)
3135 pem_context pem;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3136
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3137 pem_init( &pem );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3138
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3139 ret = pem_read_buffer( &pem,
3140 "-----BEGIN DH PARAMETERS-----",
3141 "-----END DH PARAMETERS-----",
3142 dhmin, NULL, 0, &dhminlen );
3143
3144 if( ret == 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3145 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3146 /*
3147 * Was PEM encoded
3148 */
3149 dhminlen = pem.buflen;
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3150 }
Paul Bakker00b28602013-06-24 13:02:41 +0200[diff] [blame]3151 else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3152 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3153 pem_free( &pem );
3154 return( ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3155 }
3156
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3157 p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
3158#else
3159 p = (unsigned char *) dhmin;
3160#endif
3161 end = p + dhminlen;
3162
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3163 memset( dhm, 0, sizeof( dhm_context ) );
3164
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3165 /*
3166 * DHParams ::= SEQUENCE {
3167 * prime INTEGER, -- P
3168 * generator INTEGER, -- g
3169 * }
3170 */
3171 if( ( ret = asn1_get_tag( &p, end, &len,
3172 ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
3173 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3174#if defined(POLARSSL_PEM_C)
3175 pem_free( &pem );
3176#endif
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3177 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3178 }
3179
3180 end = p + len;
3181
3182 if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
3183 ( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
3184 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3185#if defined(POLARSSL_PEM_C)
3186 pem_free( &pem );
3187#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3188 dhm_free( dhm );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3189 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3190 }
3191
3192 if( p != end )
3193 {
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3194#if defined(POLARSSL_PEM_C)
3195 pem_free( &pem );
3196#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3197 dhm_free( dhm );
Paul Bakker9d781402011-05-09 16:17:09 +0000[diff] [blame]3198 return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT +
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3199 POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
3200 }
3201
Paul Bakker96743fc2011-02-12 14:30:57 +0000[diff] [blame]3202#if defined(POLARSSL_PEM_C)
3203 pem_free( &pem );
3204#endif
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3205
3206 return( 0 );
3207}
3208
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]3209#if defined(POLARSSL_FS_IO)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3210/*
Manuel Pégourié-Gonnard4250a1f2013-06-27 13:00:00 +0200[diff] [blame]3211 * Load and parse DHM parameters
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3212 */
3213int x509parse_dhmfile( dhm_context *dhm, const char *path )
3214{
3215 int ret;
3216 size_t n;
3217 unsigned char *buf;
3218
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]3219 if ( ( ret = load_file( path, &buf, &n ) ) != 0 )
3220 return( ret );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3221
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]3222 ret = x509parse_dhm( dhm, buf, n );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3223
3224 memset( buf, 0, n + 1 );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]3225 polarssl_free( buf );
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3226
3227 return( ret );
3228}
Paul Bakker335db3f2011-04-25 15:28:35 +0000[diff] [blame]3229#endif /* POLARSSL_FS_IO */
Paul Bakkereaa89f82011-04-04 21:36:15 +0000[diff] [blame]3230#endif /* POLARSSL_DHM_C */
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]3231
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3232#if defined _MSC_VER && !defined snprintf
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3233#include <stdarg.h>
3234
3235#if !defined vsnprintf
3236#define vsnprintf _vsnprintf
3237#endif // vsnprintf
3238
3239/*
3240 * Windows _snprintf and _vsnprintf are not compatible to linux versions.
3241 * Result value is not size of buffer needed, but -1 if no fit is possible.
3242 *
3243 * This fuction tries to 'fix' this by at least suggesting enlarging the
3244 * size by 20.
3245 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3246static int compat_snprintf(char *str, size_t size, const char *format, ...)
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3247{
3248 va_list ap;
3249 int res = -1;
3250
3251 va_start( ap, format );
3252
3253 res = vsnprintf( str, size, format, ap );
3254
3255 va_end( ap );
3256
3257 // No quick fix possible
3258 if ( res < 0 )
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3259 return( (int) size + 20 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3260
3261 return res;
3262}
3263
3264#define snprintf compat_snprintf
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3265#endif
3266
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3267#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
3268
3269#define SAFE_SNPRINTF() \
3270{ \
3271 if( ret == -1 ) \
3272 return( -1 ); \
3273 \
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3274 if ( (unsigned int) ret > n ) { \
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3275 p[n - 1] = '\0'; \
3276 return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\
3277 } \
3278 \
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3279 n -= (unsigned int) ret; \
3280 p += (unsigned int) ret; \
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3281}
3282
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3283/*
3284 * Store the name in printable form into buf; no more
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3285 * than size characters will be written
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3286 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3287int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3288{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3289 int ret;
3290 size_t i, n;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3291 unsigned char c;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3292 const x509_name *name;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3293 const char *short_name = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3294 char s[128], *p;
3295
3296 memset( s, 0, sizeof( s ) );
3297
3298 name = dn;
3299 p = buf;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3300 n = size;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3301
3302 while( name != NULL )
3303 {
Paul Bakkercefb3962012-06-27 11:51:09 +0000[diff] [blame]3304 if( !name->oid.p )
3305 {
3306 name = name->next;
3307 continue;
3308 }
3309
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3310 if( name != dn )
3311 {
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3312 ret = snprintf( p, n, ", " );
3313 SAFE_SNPRINTF();
3314 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3315
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3316 ret = oid_get_attr_short_name( &name->oid, &short_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3317
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3318 if( ret == 0 )
3319 ret = snprintf( p, n, "%s=", short_name );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3320 else
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3321 ret = snprintf( p, n, "\?\?=" );
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3322 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3323
3324 for( i = 0; i < name->val.len; i++ )
3325 {
Paul Bakker27fdf462011-06-09 13:55:13 +0000[diff] [blame]3326 if( i >= sizeof( s ) - 1 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3327 break;
3328
3329 c = name->val.p[i];
3330 if( c < 32 || c == 127 || ( c > 128 && c < 160 ) )
3331 s[i] = '?';
3332 else s[i] = c;
3333 }
3334 s[i] = '\0';
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3335 ret = snprintf( p, n, "%s", s );
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3336 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3337 name = name->next;
3338 }
3339
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3340 return( (int) ( size - n ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3341}
3342
3343/*
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3344 * Store the serial in printable form into buf; no more
3345 * than size characters will be written
3346 */
3347int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial )
3348{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3349 int ret;
3350 size_t i, n, nr;
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3351 char *p;
3352
3353 p = buf;
3354 n = size;
3355
3356 nr = ( serial->len <= 32 )
Paul Bakker03c7c252011-11-25 12:37:37 +0000[diff] [blame]3357 ? serial->len : 28;
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3358
3359 for( i = 0; i < nr; i++ )
3360 {
Paul Bakker93048802011-12-05 14:38:06 +0000[diff] [blame]3361 if( i == 0 && nr > 1 && serial->p[i] == 0x0 )
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3362 continue;
3363
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3364 ret = snprintf( p, n, "%02X%s",
3365 serial->p[i], ( i < nr - 1 ) ? ":" : "" );
3366 SAFE_SNPRINTF();
3367 }
3368
Paul Bakker03c7c252011-11-25 12:37:37 +0000[diff] [blame]3369 if( nr != serial->len )
3370 {
3371 ret = snprintf( p, n, "...." );
3372 SAFE_SNPRINTF();
3373 }
3374
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3375 return( (int) ( size - n ) );
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3376}
3377
3378/*
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3379 * Return an informational string about the certificate.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3380 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3381int x509parse_cert_info( char *buf, size_t size, const char *prefix,
3382 const x509_cert *crt )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3383{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3384 int ret;
3385 size_t n;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3386 char *p;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3387 const char *desc = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3388
3389 p = buf;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3390 n = size;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3391
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3392 ret = snprintf( p, n, "%scert. version : %d\n",
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3393 prefix, crt->version );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3394 SAFE_SNPRINTF();
3395 ret = snprintf( p, n, "%sserial number : ",
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3396 prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3397 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3398
Paul Bakkerdd476992011-01-16 21:34:59 +0000[diff] [blame]3399 ret = x509parse_serial_gets( p, n, &crt->serial);
3400 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3401
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3402 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
3403 SAFE_SNPRINTF();
3404 ret = x509parse_dn_gets( p, n, &crt->issuer );
3405 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3406
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3407 ret = snprintf( p, n, "\n%ssubject name : ", prefix );
3408 SAFE_SNPRINTF();
3409 ret = x509parse_dn_gets( p, n, &crt->subject );
3410 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3411
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3412 ret = snprintf( p, n, "\n%sissued on : " \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3413 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3414 crt->valid_from.year, crt->valid_from.mon,
3415 crt->valid_from.day, crt->valid_from.hour,
3416 crt->valid_from.min, crt->valid_from.sec );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3417 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3418
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3419 ret = snprintf( p, n, "\n%sexpires on : " \
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3420 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3421 crt->valid_to.year, crt->valid_to.mon,
3422 crt->valid_to.day, crt->valid_to.hour,
3423 crt->valid_to.min, crt->valid_to.sec );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3424 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3425
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3426 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3427 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3428
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3429 ret = oid_get_sig_alg_desc( &crt->sig_oid1, &desc );
3430 if( ret != 0 )
3431 ret = snprintf( p, n, "???" );
3432 else
3433 ret = snprintf( p, n, desc );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3434 SAFE_SNPRINTF();
3435
3436 ret = snprintf( p, n, "\n%sRSA key size : %d bits\n", prefix,
Paul Bakker5c2364c2012-10-01 14:41:15 +0000[diff] [blame]3437 (int) crt->rsa.N.n * (int) sizeof( t_uint ) * 8 );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3438 SAFE_SNPRINTF();
3439
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3440 return( (int) ( size - n ) );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3441}
3442
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3443/*
3444 * Return an informational string describing the given OID
3445 */
3446const char *x509_oid_get_description( x509_buf *oid )
3447{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3448 const char *desc = NULL;
3449 int ret;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3450
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3451 ret = oid_get_extended_key_usage( oid, &desc );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3452
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3453 if( ret != 0 )
3454 return( NULL );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3455
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3456 return( desc );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3457}
3458
3459/* Return the x.y.z.... style numeric string for the given OID */
3460int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid )
3461{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3462 return oid_get_numeric_string( buf, size, oid );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]3463}
3464
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3465/*
3466 * Return an informational string about the CRL.
3467 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3468int x509parse_crl_info( char *buf, size_t size, const char *prefix,
3469 const x509_crl *crl )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3470{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3471 int ret;
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3472 size_t n;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3473 char *p;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3474 const char *desc;
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3475 const x509_crl_entry *entry;
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3476
3477 p = buf;
3478 n = size;
3479
3480 ret = snprintf( p, n, "%sCRL version : %d",
3481 prefix, crl->version );
3482 SAFE_SNPRINTF();
3483
3484 ret = snprintf( p, n, "\n%sissuer name : ", prefix );
3485 SAFE_SNPRINTF();
3486 ret = x509parse_dn_gets( p, n, &crl->issuer );
3487 SAFE_SNPRINTF();
3488
3489 ret = snprintf( p, n, "\n%sthis update : " \
3490 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3491 crl->this_update.year, crl->this_update.mon,
3492 crl->this_update.day, crl->this_update.hour,
3493 crl->this_update.min, crl->this_update.sec );
3494 SAFE_SNPRINTF();
3495
3496 ret = snprintf( p, n, "\n%snext update : " \
3497 "%04d-%02d-%02d %02d:%02d:%02d", prefix,
3498 crl->next_update.year, crl->next_update.mon,
3499 crl->next_update.day, crl->next_update.hour,
3500 crl->next_update.min, crl->next_update.sec );
3501 SAFE_SNPRINTF();
3502
3503 entry = &crl->entry;
3504
3505 ret = snprintf( p, n, "\n%sRevoked certificates:",
3506 prefix );
3507 SAFE_SNPRINTF();
3508
Paul Bakker9be19372009-07-27 20:21:53 +0000[diff] [blame]3509 while( entry != NULL && entry->raw.len != 0 )
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3510 {
3511 ret = snprintf( p, n, "\n%sserial number: ",
3512 prefix );
3513 SAFE_SNPRINTF();
3514
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3515 ret = x509parse_serial_gets( p, n, &entry->serial);
3516 SAFE_SNPRINTF();
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3517
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3518 ret = snprintf( p, n, " revocation date: " \
3519 "%04d-%02d-%02d %02d:%02d:%02d",
3520 entry->revocation_date.year, entry->revocation_date.mon,
3521 entry->revocation_date.day, entry->revocation_date.hour,
3522 entry->revocation_date.min, entry->revocation_date.sec );
Paul Bakkerc8ffbe72011-12-05 14:22:49 +0000[diff] [blame]3523 SAFE_SNPRINTF();
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3524
3525 entry = entry->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3526 }
3527
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3528 ret = snprintf( p, n, "\n%ssigned using : ", prefix );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3529 SAFE_SNPRINTF();
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3530
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3531 ret = oid_get_sig_alg_desc( &crl->sig_oid1, &desc );
3532 if( ret != 0 )
3533 ret = snprintf( p, n, "???" );
3534 else
3535 ret = snprintf( p, n, desc );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]3536 SAFE_SNPRINTF();
3537
Paul Bakker1e27bb22009-07-19 20:25:25 +0000[diff] [blame]3538 ret = snprintf( p, n, "\n" );
3539 SAFE_SNPRINTF();
3540
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3541 return( (int) ( size - n ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3542}
3543
3544/*
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3545 * Return 0 if the x509_time is still valid, or 1 otherwise.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3546 */
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200[diff] [blame]3547#if defined(POLARSSL_HAVE_TIME)
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3548int x509parse_time_expired( const x509_time *to )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3549{
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3550 int year, mon, day;
3551 int hour, min, sec;
3552
3553#if defined(_WIN32)
3554 SYSTEMTIME st;
3555
3556 GetLocalTime(&st);
3557
3558 year = st.wYear;
3559 mon = st.wMonth;
3560 day = st.wDay;
3561 hour = st.wHour;
3562 min = st.wMinute;
3563 sec = st.wSecond;
3564#else
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3565 struct tm *lt;
3566 time_t tt;
3567
3568 tt = time( NULL );
3569 lt = localtime( &tt );
3570
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3571 year = lt->tm_year + 1900;
3572 mon = lt->tm_mon + 1;
3573 day = lt->tm_mday;
3574 hour = lt->tm_hour;
3575 min = lt->tm_min;
3576 sec = lt->tm_sec;
3577#endif
3578
3579 if( year > to->year )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3580 return( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3581
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3582 if( year == to->year &&
3583 mon > to->mon )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3584 return( 1 );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3585
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3586 if( year == to->year &&
3587 mon == to->mon &&
3588 day > to->day )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3589 return( 1 );
3590
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3591 if( year == to->year &&
3592 mon == to->mon &&
3593 day == to->day &&
3594 hour > to->hour )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3595 return( 1 );
3596
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3597 if( year == to->year &&
3598 mon == to->mon &&
3599 day == to->day &&
3600 hour == to->hour &&
3601 min > to->min )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3602 return( 1 );
3603
Paul Bakkercce9d772011-11-18 14:26:47 +0000[diff] [blame]3604 if( year == to->year &&
3605 mon == to->mon &&
3606 day == to->day &&
3607 hour == to->hour &&
3608 min == to->min &&
3609 sec > to->sec )
Paul Bakkerb6194992011-01-16 21:40:22 +0000[diff] [blame]3610 return( 1 );
3611
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3612 return( 0 );
3613}
Paul Bakkerfa9b1002013-07-03 15:31:03 +0200[diff] [blame]3614#else /* POLARSSL_HAVE_TIME */
3615int x509parse_time_expired( const x509_time *to )
3616{
3617 ((void) to);
3618 return( 0 );
3619}
3620#endif /* POLARSSL_HAVE_TIME */
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3621
3622/*
3623 * Return 1 if the certificate is revoked, or 0 otherwise.
3624 */
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3625int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3626{
Paul Bakkerff60ee62010-03-16 21:09:09 +0000[diff] [blame]3627 const x509_crl_entry *cur = &crl->entry;
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3628
3629 while( cur != NULL && cur->serial.len != 0 )
3630 {
Paul Bakkera056efc2011-01-16 21:38:35 +0000[diff] [blame]3631 if( crt->serial.len == cur->serial.len &&
3632 memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 )
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3633 {
3634 if( x509parse_time_expired( &cur->revocation_date ) )
3635 return( 1 );
3636 }
3637
3638 cur = cur->next;
3639 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3640
3641 return( 0 );
3642}
3643
Paul Bakkerde4d2ea2009-10-03 19:58:52 +0000[diff] [blame]3644/*
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3645 * Check that the given certificate is valid accoring to the CRL.
3646 */
3647static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
3648 x509_crl *crl_list)
3649{
3650 int flags = 0;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3651 unsigned char hash[POLARSSL_MD_MAX_SIZE];
3652 const md_info_t *md_info;
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3653
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3654 if( ca == NULL )
3655 return( flags );
3656
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3657 /*
3658 * TODO: What happens if no CRL is present?
3659 * Suggestion: Revocation state should be unknown if no CRL is present.
3660 * For backwards compatibility this is not yet implemented.
3661 */
3662
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3663 while( crl_list != NULL )
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3664 {
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3665 if( crl_list->version == 0 ||
3666 crl_list->issuer_raw.len != ca->subject_raw.len ||
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3667 memcmp( crl_list->issuer_raw.p, ca->subject_raw.p,
3668 crl_list->issuer_raw.len ) != 0 )
3669 {
3670 crl_list = crl_list->next;
3671 continue;
3672 }
3673
3674 /*
3675 * Check if CRL is correctly signed by the trusted CA
3676 */
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3677 md_info = md_info_from_type( crl_list->sig_md );
3678 if( md_info == NULL )
3679 {
3680 /*
3681 * Cannot check 'unknown' hash
3682 */
3683 flags |= BADCRL_NOT_TRUSTED;
3684 break;
3685 }
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3686
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3687 md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3688
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3689 if( !rsa_pkcs1_verify( &ca->rsa, RSA_PUBLIC, crl_list->sig_md,
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3690 0, hash, crl_list->sig.p ) == 0 )
3691 {
3692 /*
3693 * CRL is not trusted
3694 */
3695 flags |= BADCRL_NOT_TRUSTED;
3696 break;
3697 }
3698
3699 /*
3700 * Check for validity of CRL (Do not drop out)
3701 */
3702 if( x509parse_time_expired( &crl_list->next_update ) )
3703 flags |= BADCRL_EXPIRED;
3704
3705 /*
3706 * Check if certificate is revoked
3707 */
3708 if( x509parse_revoked(crt, crl_list) )
3709 {
3710 flags |= BADCERT_REVOKED;
3711 break;
3712 }
3713
3714 crl_list = crl_list->next;
3715 }
3716 return flags;
3717}
3718
Paul Bakkerb6c5d2e2013-06-25 16:25:17 +0200[diff] [blame]3719static int x509_wildcard_verify( const char *cn, x509_buf *name )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3720{
3721 size_t i;
3722 size_t cn_idx = 0;
3723
Paul Bakker57b12982012-02-11 17:38:38 +0000[diff] [blame]3724 if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3725 return( 0 );
3726
3727 for( i = 0; i < strlen( cn ); ++i )
3728 {
3729 if( cn[i] == '.' )
3730 {
3731 cn_idx = i;
3732 break;
3733 }
3734 }
3735
3736 if( cn_idx == 0 )
3737 return( 0 );
3738
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3739 if( strlen( cn ) - cn_idx == name->len - 1 &&
3740 memcmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3741 {
3742 return( 1 );
3743 }
3744
3745 return( 0 );
3746}
3747
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3748static int x509parse_verify_top(
3749 x509_cert *child, x509_cert *trust_ca,
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3750 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3751 int (*f_vrfy)(void *, x509_cert *, int, int *),
3752 void *p_vrfy )
3753{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3754 int ret;
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3755 int ca_flags = 0, check_path_cnt = path_cnt + 1;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3756 unsigned char hash[POLARSSL_MD_MAX_SIZE];
3757 const md_info_t *md_info;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3758
3759 if( x509parse_time_expired( &child->valid_to ) )
3760 *flags |= BADCERT_EXPIRED;
3761
3762 /*
3763 * Child is the top of the chain. Check against the trust_ca list.
3764 */
3765 *flags |= BADCERT_NOT_TRUSTED;
3766
3767 while( trust_ca != NULL )
3768 {
3769 if( trust_ca->version == 0 ||
3770 child->issuer_raw.len != trust_ca->subject_raw.len ||
3771 memcmp( child->issuer_raw.p, trust_ca->subject_raw.p,
3772 child->issuer_raw.len ) != 0 )
3773 {
3774 trust_ca = trust_ca->next;
3775 continue;
3776 }
3777
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3778 /*
3779 * Reduce path_len to check against if top of the chain is
3780 * the same as the trusted CA
3781 */
3782 if( child->subject_raw.len == trust_ca->subject_raw.len &&
3783 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
3784 child->issuer_raw.len ) == 0 )
3785 {
3786 check_path_cnt--;
3787 }
3788
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3789 if( trust_ca->max_pathlen > 0 &&
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3790 trust_ca->max_pathlen < check_path_cnt )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3791 {
3792 trust_ca = trust_ca->next;
3793 continue;
3794 }
3795
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3796 md_info = md_info_from_type( child->sig_md );
3797 if( md_info == NULL )
3798 {
3799 /*
3800 * Cannot check 'unknown' hash
3801 */
3802 continue;
3803 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3804
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3805 md( md_info, child->tbs.p, child->tbs.len, hash );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3806
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3807 if( rsa_pkcs1_verify( &trust_ca->rsa, RSA_PUBLIC, child->sig_md,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3808 0, hash, child->sig.p ) != 0 )
3809 {
3810 trust_ca = trust_ca->next;
3811 continue;
3812 }
3813
3814 /*
3815 * Top of chain is signed by a trusted CA
3816 */
3817 *flags &= ~BADCERT_NOT_TRUSTED;
3818 break;
3819 }
3820
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3821 /*
Paul Bakker3497d8c2012-11-24 11:53:17 +0100[diff] [blame]3822 * If top of chain is not the same as the trusted CA send a verify request
3823 * to the callback for any issues with validity and CRL presence for the
3824 * trusted CA certificate.
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3825 */
3826 if( trust_ca != NULL &&
3827 ( child->subject_raw.len != trust_ca->subject_raw.len ||
3828 memcmp( child->subject_raw.p, trust_ca->subject_raw.p,
3829 child->issuer_raw.len ) != 0 ) )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3830 {
3831 /* Check trusted CA's CRL for then chain's top crt */
3832 *flags |= x509parse_verifycrl( child, trust_ca, ca_crl );
3833
3834 if( x509parse_time_expired( &trust_ca->valid_to ) )
3835 ca_flags |= BADCERT_EXPIRED;
3836
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3837 if( NULL != f_vrfy )
3838 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3839 if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1, &ca_flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3840 return( ret );
3841 }
3842 }
3843
3844 /* Call callback on top cert */
3845 if( NULL != f_vrfy )
3846 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3847 if( ( ret = f_vrfy(p_vrfy, child, path_cnt, flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3848 return( ret );
3849 }
3850
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3851 *flags |= ca_flags;
3852
3853 return( 0 );
3854}
3855
3856static int x509parse_verify_child(
3857 x509_cert *child, x509_cert *parent, x509_cert *trust_ca,
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3858 x509_crl *ca_crl, int path_cnt, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3859 int (*f_vrfy)(void *, x509_cert *, int, int *),
3860 void *p_vrfy )
3861{
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3862 int ret;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3863 int parent_flags = 0;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3864 unsigned char hash[POLARSSL_MD_MAX_SIZE];
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3865 x509_cert *grandparent;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3866 const md_info_t *md_info;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3867
3868 if( x509parse_time_expired( &child->valid_to ) )
3869 *flags |= BADCERT_EXPIRED;
3870
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3871 md_info = md_info_from_type( child->sig_md );
3872 if( md_info == NULL )
3873 {
3874 /*
3875 * Cannot check 'unknown' hash
3876 */
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3877 *flags |= BADCERT_NOT_TRUSTED;
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3878 }
3879 else
3880 {
3881 md( md_info, child->tbs.p, child->tbs.len, hash );
3882
3883 if( rsa_pkcs1_verify( &parent->rsa, RSA_PUBLIC, child->sig_md, 0, hash,
3884 child->sig.p ) != 0 )
3885 *flags |= BADCERT_NOT_TRUSTED;
3886 }
3887
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3888 /* Check trusted CA's CRL for the given crt */
3889 *flags |= x509parse_verifycrl(child, parent, ca_crl);
3890
3891 grandparent = parent->next;
3892
3893 while( grandparent != NULL )
3894 {
3895 if( grandparent->version == 0 ||
3896 grandparent->ca_istrue == 0 ||
3897 parent->issuer_raw.len != grandparent->subject_raw.len ||
3898 memcmp( parent->issuer_raw.p, grandparent->subject_raw.p,
3899 parent->issuer_raw.len ) != 0 )
3900 {
3901 grandparent = grandparent->next;
3902 continue;
3903 }
3904 break;
3905 }
3906
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3907 if( grandparent != NULL )
3908 {
3909 /*
3910 * Part of the chain
3911 */
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3912 ret = x509parse_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3913 if( ret != 0 )
3914 return( ret );
3915 }
3916 else
3917 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3918 ret = x509parse_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3919 if( ret != 0 )
3920 return( ret );
3921 }
3922
3923 /* child is verified to be a child of the parent, call verify callback */
3924 if( NULL != f_vrfy )
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3925 if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 )
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3926 return( ret );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3927
3928 *flags |= parent_flags;
3929
3930 return( 0 );
3931}
3932
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3933/*
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3934 * Verify the certificate validity
3935 */
3936int x509parse_verify( x509_cert *crt,
3937 x509_cert *trust_ca,
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3938 x509_crl *ca_crl,
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]3939 const char *cn, int *flags,
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3940 int (*f_vrfy)(void *, x509_cert *, int, int *),
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]3941 void *p_vrfy )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3942{
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]3943 size_t cn_len;
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]3944 int ret;
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]3945 int pathlen = 0;
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]3946 x509_cert *parent;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3947 x509_name *name;
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3948 x509_sequence *cur = NULL;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3949
Paul Bakker40ea7de2009-05-03 10:18:48 +0000[diff] [blame]3950 *flags = 0;
3951
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3952 if( cn != NULL )
3953 {
3954 name = &crt->subject;
3955 cn_len = strlen( cn );
3956
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3957 if( crt->ext_types & EXT_SUBJECT_ALT_NAME )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3958 {
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3959 cur = &crt->subject_alt_names;
3960
3961 while( cur != NULL )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3962 {
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3963 if( cur->buf.len == cn_len &&
3964 memcmp( cn, cur->buf.p, cn_len ) == 0 )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3965 break;
3966
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3967 if( cur->buf.len > 2 &&
3968 memcmp( cur->buf.p, "*.", 2 ) == 0 &&
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3969 x509_wildcard_verify( cn, &cur->buf ) )
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3970 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]3971
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3972 cur = cur->next;
Paul Bakkera8cd2392012-02-11 16:09:32 +0000[diff] [blame]3973 }
3974
3975 if( cur == NULL )
3976 *flags |= BADCERT_CN_MISMATCH;
3977 }
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3978 else
3979 {
3980 while( name != NULL )
3981 {
Paul Bakkerc70b9822013-04-07 22:00:46 +0200[diff] [blame]3982 if( OID_CMP( OID_AT_CN, &name->oid ) )
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3983 {
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3984 if( name->val.len == cn_len &&
3985 memcmp( name->val.p, cn, cn_len ) == 0 )
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3986 break;
3987
Paul Bakker535e97d2012-08-23 10:49:55 +0000[diff] [blame]3988 if( name->val.len > 2 &&
3989 memcmp( name->val.p, "*.", 2 ) == 0 &&
Paul Bakker4d2c1242012-05-10 14:12:46 +0000[diff] [blame]3990 x509_wildcard_verify( cn, &name->val ) )
3991 break;
3992 }
3993
3994 name = name->next;
3995 }
3996
3997 if( name == NULL )
3998 *flags |= BADCERT_CN_MISMATCH;
3999 }
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4000 }
4001
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4002 /*
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4003 * Iterate upwards in the given cert chain, to find our crt parent.
4004 * Ignore any upper cert with CA != TRUE.
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4005 */
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4006 parent = crt->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4007
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4008 while( parent != NULL && parent->version != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4009 {
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4010 if( parent->ca_istrue == 0 ||
4011 crt->issuer_raw.len != parent->subject_raw.len ||
4012 memcmp( crt->issuer_raw.p, parent->subject_raw.p,
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4013 crt->issuer_raw.len ) != 0 )
4014 {
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4015 parent = parent->next;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4016 continue;
4017 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4018 break;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4019 }
4020
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4021 if( parent != NULL )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4022 {
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4023 /*
4024 * Part of the chain
4025 */
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]4026 ret = x509parse_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4027 if( ret != 0 )
4028 return( ret );
4029 }
4030 else
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4031 {
Paul Bakker9a736322012-11-14 12:39:52 +0000[diff] [blame]4032 ret = x509parse_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy );
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4033 if( ret != 0 )
4034 return( ret );
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]4035 }
Paul Bakker915275b2012-09-28 07:10:55 +0000[diff] [blame]4036
4037 if( *flags != 0 )
Paul Bakker76fd75a2011-01-16 21:12:10 +0000[diff] [blame]4038 return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED );
Paul Bakkerb63b0af2011-01-13 17:54:59 +0000[diff] [blame]4039
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4040 return( 0 );
4041}
4042
4043/*
4044 * Unallocate all certificate data
4045 */
4046void x509_free( x509_cert *crt )
4047{
4048 x509_cert *cert_cur = crt;
4049 x509_cert *cert_prv;
4050 x509_name *name_cur;
4051 x509_name *name_prv;
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4052 x509_sequence *seq_cur;
4053 x509_sequence *seq_prv;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4054
4055 if( crt == NULL )
4056 return;
4057
4058 do
4059 {
4060 rsa_free( &cert_cur->rsa );
4061
4062 name_cur = cert_cur->issuer.next;
4063 while( name_cur != NULL )
4064 {
4065 name_prv = name_cur;
4066 name_cur = name_cur->next;
4067 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4068 polarssl_free( name_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4069 }
4070
4071 name_cur = cert_cur->subject.next;
4072 while( name_cur != NULL )
4073 {
4074 name_prv = name_cur;
4075 name_cur = name_cur->next;
4076 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4077 polarssl_free( name_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4078 }
4079
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4080 seq_cur = cert_cur->ext_key_usage.next;
4081 while( seq_cur != NULL )
4082 {
4083 seq_prv = seq_cur;
4084 seq_cur = seq_cur->next;
4085 memset( seq_prv, 0, sizeof( x509_sequence ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4086 polarssl_free( seq_prv );
Paul Bakker74111d32011-01-15 16:57:55 +0000[diff] [blame]4087 }
4088
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]4089 seq_cur = cert_cur->subject_alt_names.next;
4090 while( seq_cur != NULL )
4091 {
4092 seq_prv = seq_cur;
4093 seq_cur = seq_cur->next;
4094 memset( seq_prv, 0, sizeof( x509_sequence ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4095 polarssl_free( seq_prv );
Paul Bakker8afa70d2012-02-11 18:42:45 +0000[diff] [blame]4096 }
4097
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4098 if( cert_cur->raw.p != NULL )
4099 {
4100 memset( cert_cur->raw.p, 0, cert_cur->raw.len );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4101 polarssl_free( cert_cur->raw.p );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4102 }
4103
4104 cert_cur = cert_cur->next;
4105 }
4106 while( cert_cur != NULL );
4107
4108 cert_cur = crt;
4109 do
4110 {
4111 cert_prv = cert_cur;
4112 cert_cur = cert_cur->next;
4113
4114 memset( cert_prv, 0, sizeof( x509_cert ) );
4115 if( cert_prv != crt )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4116 polarssl_free( cert_prv );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4117 }
4118 while( cert_cur != NULL );
4119}
4120
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4121/*
4122 * Unallocate all CRL data
4123 */
4124void x509_crl_free( x509_crl *crl )
4125{
4126 x509_crl *crl_cur = crl;
4127 x509_crl *crl_prv;
4128 x509_name *name_cur;
4129 x509_name *name_prv;
4130 x509_crl_entry *entry_cur;
4131 x509_crl_entry *entry_prv;
4132
4133 if( crl == NULL )
4134 return;
4135
4136 do
4137 {
4138 name_cur = crl_cur->issuer.next;
4139 while( name_cur != NULL )
4140 {
4141 name_prv = name_cur;
4142 name_cur = name_cur->next;
4143 memset( name_prv, 0, sizeof( x509_name ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4144 polarssl_free( name_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4145 }
4146
4147 entry_cur = crl_cur->entry.next;
4148 while( entry_cur != NULL )
4149 {
4150 entry_prv = entry_cur;
4151 entry_cur = entry_cur->next;
4152 memset( entry_prv, 0, sizeof( x509_crl_entry ) );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4153 polarssl_free( entry_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4154 }
4155
4156 if( crl_cur->raw.p != NULL )
4157 {
4158 memset( crl_cur->raw.p, 0, crl_cur->raw.len );
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4159 polarssl_free( crl_cur->raw.p );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4160 }
4161
4162 crl_cur = crl_cur->next;
4163 }
4164 while( crl_cur != NULL );
4165
4166 crl_cur = crl;
4167 do
4168 {
4169 crl_prv = crl_cur;
4170 crl_cur = crl_cur->next;
4171
4172 memset( crl_prv, 0, sizeof( x509_crl ) );
4173 if( crl_prv != crl )
Paul Bakker6e339b52013-07-03 13:37:05 +0200[diff] [blame]4174 polarssl_free( crl_prv );
Paul Bakkerd98030e2009-05-02 15:13:40 +0000[diff] [blame]4175 }
4176 while( crl_cur != NULL );
4177}
4178
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]4179#if defined(POLARSSL_SELF_TEST)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4180
Paul Bakker40e46942009-01-03 21:51:57 +0000[diff] [blame]4181#include "polarssl/certs.h"
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4182
4183/*
4184 * Checkup routine
4185 */
4186int x509_self_test( int verbose )
4187{
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4188#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C)
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4189 int ret;
4190 int flags;
4191 size_t i, j;
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4192 x509_cert cacert;
4193 x509_cert clicert;
4194 rsa_context rsa;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4195#if defined(POLARSSL_DHM_C)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4196 dhm_context dhm;
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4197#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4198
4199 if( verbose != 0 )
4200 printf( " X.509 certificate load: " );
4201
4202 memset( &clicert, 0, sizeof( x509_cert ) );
4203
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4204 ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt,
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]4205 strlen( test_cli_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4206 if( ret != 0 )
4207 {
4208 if( verbose != 0 )
4209 printf( "failed\n" );
4210
4211 return( ret );
4212 }
4213
4214 memset( &cacert, 0, sizeof( x509_cert ) );
4215
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4216 ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt,
Paul Bakker69e095c2011-12-10 21:55:01 +0000[diff] [blame]4217 strlen( test_ca_crt ) );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4218 if( ret != 0 )
4219 {
4220 if( verbose != 0 )
4221 printf( "failed\n" );
4222
4223 return( ret );
4224 }
4225
4226 if( verbose != 0 )
4227 printf( "passed\n X.509 private key load: " );
4228
4229 i = strlen( test_ca_key );
4230 j = strlen( test_ca_pwd );
4231
Paul Bakker66b78b22011-03-25 14:22:50 +0000[diff] [blame]4232 rsa_init( &rsa, RSA_PKCS_V15, 0 );
4233
Manuel Pégourié-Gonnardba4878a2013-06-27 10:51:01 +0200[diff] [blame]4234 if( ( ret = x509parse_key_rsa( &rsa,
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4235 (const unsigned char *) test_ca_key, i,
4236 (const unsigned char *) test_ca_pwd, j ) ) != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4237 {
4238 if( verbose != 0 )
4239 printf( "failed\n" );
4240
4241 return( ret );
4242 }
4243
4244 if( verbose != 0 )
4245 printf( "passed\n X.509 signature verify: ");
4246
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4247 ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4248 if( ret != 0 )
4249 {
Paul Bakker23986e52011-04-24 08:57:21 +0000[diff] [blame]4250 printf("%02x", flags);
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4251 if( verbose != 0 )
4252 printf( "failed\n" );
4253
4254 return( ret );
4255 }
4256
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4257#if defined(POLARSSL_DHM_C)
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4258 if( verbose != 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4259 printf( "passed\n X.509 DHM parameter load: " );
4260
4261 i = strlen( test_dhm_params );
4262 j = strlen( test_ca_pwd );
4263
Paul Bakker3c2122f2013-06-24 19:03:14 +0200[diff] [blame]4264 if( ( ret = x509parse_dhm( &dhm, (const unsigned char *) test_dhm_params, i ) ) != 0 )
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4265 {
4266 if( verbose != 0 )
4267 printf( "failed\n" );
4268
4269 return( ret );
4270 }
4271
4272 if( verbose != 0 )
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4273 printf( "passed\n\n" );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4274#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4275
4276 x509_free( &cacert );
4277 x509_free( &clicert );
4278 rsa_free( &rsa );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4279#if defined(POLARSSL_DHM_C)
Paul Bakker1b57b062011-01-06 15:48:19 +0000[diff] [blame]4280 dhm_free( &dhm );
Paul Bakker5690efc2011-05-26 13:16:06 +0000[diff] [blame]4281#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4282
4283 return( 0 );
Paul Bakkerde4d2ea2009-10-03 19:58:52 +0000[diff] [blame]4284#else
4285 ((void) verbose);
4286 return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE );
4287#endif
Paul Bakker5121ce52009-01-03 21:22:43 +0000[diff] [blame]4288}
4289
4290#endif
4291
4292#endif