|
1 /* crypto/x509/x509_vfy.c */ |
|
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
|
3 * All rights reserved. |
|
4 * |
|
5 * This package is an SSL implementation written |
|
6 * by Eric Young (eay@cryptsoft.com). |
|
7 * The implementation was written so as to conform with Netscapes SSL. |
|
8 * |
|
9 * This library is free for commercial and non-commercial use as long as |
|
10 * the following conditions are aheared to. The following conditions |
|
11 * apply to all code found in this distribution, be it the RC4, RSA, |
|
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation |
|
13 * included with this distribution is covered by the same copyright terms |
|
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). |
|
15 * |
|
16 * Copyright remains Eric Young's, and as such any Copyright notices in |
|
17 * the code are not to be removed. |
|
18 * If this package is used in a product, Eric Young should be given attribution |
|
19 * as the author of the parts of the library used. |
|
20 * This can be in the form of a textual message at program startup or |
|
21 * in documentation (online or textual) provided with the package. |
|
22 * |
|
23 * Redistribution and use in source and binary forms, with or without |
|
24 * modification, are permitted provided that the following conditions |
|
25 * are met: |
|
26 * 1. Redistributions of source code must retain the copyright |
|
27 * notice, this list of conditions and the following disclaimer. |
|
28 * 2. Redistributions in binary form must reproduce the above copyright |
|
29 * notice, this list of conditions and the following disclaimer in the |
|
30 * documentation and/or other materials provided with the distribution. |
|
31 * 3. All advertising materials mentioning features or use of this software |
|
32 * must display the following acknowledgement: |
|
33 * "This product includes cryptographic software written by |
|
34 * Eric Young (eay@cryptsoft.com)" |
|
35 * The word 'cryptographic' can be left out if the rouines from the library |
|
36 * being used are not cryptographic related :-). |
|
37 * 4. If you include any Windows specific code (or a derivative thereof) from |
|
38 * the apps directory (application code) you must include an acknowledgement: |
|
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
|
40 * |
|
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
|
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
|
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
|
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
|
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
|
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
|
51 * SUCH DAMAGE. |
|
52 * |
|
53 * The licence and distribution terms for any publically available version or |
|
54 * derivative of this code cannot be changed. i.e. this code cannot simply be |
|
55 * copied and put under another distribution licence |
|
56 * [including the GNU Public Licence.] |
|
57 */ |
|
58 |
|
59 #include <stdio.h> |
|
60 #include <time.h> |
|
61 #include <errno.h> |
|
62 |
|
63 #include "cryptlib.h" |
|
64 #include <openssl/crypto.h> |
|
65 #include <openssl/lhash.h> |
|
66 #include <openssl/buffer.h> |
|
67 #include <openssl/evp.h> |
|
68 #include <openssl/asn1.h> |
|
69 #include <openssl/x509.h> |
|
70 #include <openssl/x509v3.h> |
|
71 #include <openssl/objects.h> |
|
72 |
|
73 static int null_callback(int ok,X509_STORE_CTX *e); |
|
74 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); |
|
75 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x); |
|
76 static int check_chain_extensions(X509_STORE_CTX *ctx); |
|
77 static int check_trust(X509_STORE_CTX *ctx); |
|
78 static int check_revocation(X509_STORE_CTX *ctx); |
|
79 static int check_cert(X509_STORE_CTX *ctx); |
|
80 static int check_policy(X509_STORE_CTX *ctx); |
|
81 static int internal_verify(X509_STORE_CTX *ctx); |
|
82 const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT; |
|
83 |
|
84 |
|
85 static int null_callback(int ok, X509_STORE_CTX *e) |
|
86 { |
|
87 return ok; |
|
88 } |
|
89 |
|
90 #if 0 |
|
91 static int x509_subject_cmp(X509 **a, X509 **b) |
|
92 { |
|
93 return X509_subject_name_cmp(*a,*b); |
|
94 } |
|
95 #endif |
|
96 |
|
97 EXPORT_C int X509_verify_cert(X509_STORE_CTX *ctx) |
|
98 { |
|
99 X509 *x,*xtmp,*chain_ss=NULL; |
|
100 X509_NAME *xn; |
|
101 int bad_chain = 0; |
|
102 X509_VERIFY_PARAM *param = ctx->param; |
|
103 int depth,i,ok=0; |
|
104 int num; |
|
105 int (*cb)(int xok,X509_STORE_CTX *xctx); |
|
106 STACK_OF(X509) *sktmp=NULL; |
|
107 if (ctx->cert == NULL) |
|
108 { |
|
109 X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); |
|
110 return -1; |
|
111 } |
|
112 |
|
113 cb=ctx->verify_cb; |
|
114 |
|
115 /* first we make sure the chain we are going to build is |
|
116 * present and that the first entry is in place */ |
|
117 if (ctx->chain == NULL) |
|
118 { |
|
119 if ( ((ctx->chain=sk_X509_new_null()) == NULL) || |
|
120 (!sk_X509_push(ctx->chain,ctx->cert))) |
|
121 { |
|
122 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); |
|
123 goto end; |
|
124 } |
|
125 CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509); |
|
126 ctx->last_untrusted=1; |
|
127 } |
|
128 |
|
129 /* We use a temporary STACK so we can chop and hack at it */ |
|
130 if (ctx->untrusted != NULL |
|
131 && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) |
|
132 { |
|
133 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); |
|
134 goto end; |
|
135 } |
|
136 |
|
137 num=sk_X509_num(ctx->chain); |
|
138 x=sk_X509_value(ctx->chain,num-1); |
|
139 depth=param->depth; |
|
140 |
|
141 |
|
142 for (;;) |
|
143 { |
|
144 /* If we have enough, we break */ |
|
145 if (depth < num) break; /* FIXME: If this happens, we should take |
|
146 * note of it and, if appropriate, use the |
|
147 * X509_V_ERR_CERT_CHAIN_TOO_LONG error |
|
148 * code later. |
|
149 */ |
|
150 |
|
151 /* If we are self signed, we break */ |
|
152 xn=X509_get_issuer_name(x); |
|
153 if (ctx->check_issued(ctx, x,x)) break; |
|
154 |
|
155 /* If we were passed a cert chain, use it first */ |
|
156 if (ctx->untrusted != NULL) |
|
157 { |
|
158 xtmp=find_issuer(ctx, sktmp,x); |
|
159 if (xtmp != NULL) |
|
160 { |
|
161 if (!sk_X509_push(ctx->chain,xtmp)) |
|
162 { |
|
163 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); |
|
164 goto end; |
|
165 } |
|
166 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); |
|
167 (void)sk_X509_delete_ptr(sktmp,xtmp); |
|
168 ctx->last_untrusted++; |
|
169 x=xtmp; |
|
170 num++; |
|
171 /* reparse the full chain for |
|
172 * the next one */ |
|
173 continue; |
|
174 } |
|
175 } |
|
176 break; |
|
177 } |
|
178 |
|
179 /* at this point, chain should contain a list of untrusted |
|
180 * certificates. We now need to add at least one trusted one, |
|
181 * if possible, otherwise we complain. */ |
|
182 |
|
183 /* Examine last certificate in chain and see if it |
|
184 * is self signed. |
|
185 */ |
|
186 |
|
187 i=sk_X509_num(ctx->chain); |
|
188 x=sk_X509_value(ctx->chain,i-1); |
|
189 xn = X509_get_subject_name(x); |
|
190 if (ctx->check_issued(ctx, x, x)) |
|
191 { |
|
192 /* we have a self signed certificate */ |
|
193 if (sk_X509_num(ctx->chain) == 1) |
|
194 { |
|
195 /* We have a single self signed certificate: see if |
|
196 * we can find it in the store. We must have an exact |
|
197 * match to avoid possible impersonation. |
|
198 */ |
|
199 ok = ctx->get_issuer(&xtmp, ctx, x); |
|
200 if ((ok <= 0) || X509_cmp(x, xtmp)) |
|
201 { |
|
202 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; |
|
203 ctx->current_cert=x; |
|
204 ctx->error_depth=i-1; |
|
205 if (ok == 1) X509_free(xtmp); |
|
206 bad_chain = 1; |
|
207 ok=cb(0,ctx); |
|
208 if (!ok) goto end; |
|
209 } |
|
210 else |
|
211 { |
|
212 /* We have a match: replace certificate with store version |
|
213 * so we get any trust settings. |
|
214 */ |
|
215 X509_free(x); |
|
216 x = xtmp; |
|
217 (void)sk_X509_set(ctx->chain, i - 1, x); |
|
218 ctx->last_untrusted=0; |
|
219 } |
|
220 } |
|
221 else |
|
222 { |
|
223 /* extract and save self signed certificate for later use */ |
|
224 chain_ss=sk_X509_pop(ctx->chain); |
|
225 ctx->last_untrusted--; |
|
226 num--; |
|
227 x=sk_X509_value(ctx->chain,num-1); |
|
228 } |
|
229 } |
|
230 |
|
231 /* We now lookup certs from the certificate store */ |
|
232 for (;;) |
|
233 { |
|
234 /* If we have enough, we break */ |
|
235 if (depth < num) break; |
|
236 |
|
237 /* If we are self signed, we break */ |
|
238 xn=X509_get_issuer_name(x); |
|
239 if (ctx->check_issued(ctx,x,x)) break; |
|
240 |
|
241 ok = ctx->get_issuer(&xtmp, ctx, x); |
|
242 |
|
243 if (ok < 0) return ok; |
|
244 if (ok == 0) break; |
|
245 |
|
246 x = xtmp; |
|
247 if (!sk_X509_push(ctx->chain,x)) |
|
248 { |
|
249 X509_free(xtmp); |
|
250 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); |
|
251 return 0; |
|
252 } |
|
253 num++; |
|
254 } |
|
255 |
|
256 /* we now have our chain, lets check it... */ |
|
257 xn=X509_get_issuer_name(x); |
|
258 |
|
259 /* Is last certificate looked up self signed? */ |
|
260 if (!ctx->check_issued(ctx,x,x)) |
|
261 { |
|
262 if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) |
|
263 { |
|
264 if (ctx->last_untrusted >= num) |
|
265 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; |
|
266 else |
|
267 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; |
|
268 ctx->current_cert=x; |
|
269 } |
|
270 else |
|
271 { |
|
272 |
|
273 sk_X509_push(ctx->chain,chain_ss); |
|
274 num++; |
|
275 ctx->last_untrusted=num; |
|
276 ctx->current_cert=chain_ss; |
|
277 ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; |
|
278 chain_ss=NULL; |
|
279 } |
|
280 |
|
281 ctx->error_depth=num-1; |
|
282 bad_chain = 1; |
|
283 ok=cb(0,ctx); |
|
284 if (!ok) goto end; |
|
285 } |
|
286 |
|
287 /* We have the chain complete: now we need to check its purpose */ |
|
288 ok = check_chain_extensions(ctx); |
|
289 |
|
290 if (!ok) goto end; |
|
291 |
|
292 /* The chain extensions are OK: check trust */ |
|
293 |
|
294 if (param->trust > 0) ok = check_trust(ctx); |
|
295 |
|
296 if (!ok) goto end; |
|
297 |
|
298 /* We may as well copy down any DSA parameters that are required */ |
|
299 X509_get_pubkey_parameters(NULL,ctx->chain); |
|
300 |
|
301 /* Check revocation status: we do this after copying parameters |
|
302 * because they may be needed for CRL signature verification. |
|
303 */ |
|
304 |
|
305 ok = ctx->check_revocation(ctx); |
|
306 if(!ok) goto end; |
|
307 |
|
308 /* At this point, we have a chain and need to verify it */ |
|
309 if (ctx->verify != NULL) |
|
310 ok=ctx->verify(ctx); |
|
311 else |
|
312 ok=internal_verify(ctx); |
|
313 if(!ok) goto end; |
|
314 |
|
315 |
|
316 /* If we get this far evaluate policies */ |
|
317 if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK)) |
|
318 ok = ctx->check_policy(ctx); |
|
319 if(!ok) goto end; |
|
320 if (0) |
|
321 { |
|
322 end: |
|
323 X509_get_pubkey_parameters(NULL,ctx->chain); |
|
324 } |
|
325 if (sktmp != NULL) sk_X509_free(sktmp); |
|
326 if (chain_ss != NULL) X509_free(chain_ss); |
|
327 return ok; |
|
328 } |
|
329 |
|
330 |
|
331 /* Given a STACK_OF(X509) find the issuer of cert (if any) |
|
332 */ |
|
333 |
|
334 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) |
|
335 { |
|
336 int i; |
|
337 X509 *issuer; |
|
338 for (i = 0; i < sk_X509_num(sk); i++) |
|
339 { |
|
340 issuer = sk_X509_value(sk, i); |
|
341 if (ctx->check_issued(ctx, x, issuer)) |
|
342 return issuer; |
|
343 } |
|
344 return NULL; |
|
345 } |
|
346 |
|
347 /* Given a possible certificate and issuer check them */ |
|
348 |
|
349 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) |
|
350 { |
|
351 int ret; |
|
352 ret = X509_check_issued(issuer, x); |
|
353 if (ret == X509_V_OK) |
|
354 return 1; |
|
355 /* If we haven't asked for issuer errors don't set ctx */ |
|
356 if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK)) |
|
357 return 0; |
|
358 |
|
359 ctx->error = ret; |
|
360 ctx->current_cert = x; |
|
361 ctx->current_issuer = issuer; |
|
362 return ctx->verify_cb(0, ctx); |
|
363 return 0; |
|
364 } |
|
365 |
|
366 /* Alternative lookup method: look from a STACK stored in other_ctx */ |
|
367 |
|
368 static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) |
|
369 { |
|
370 *issuer = find_issuer(ctx, ctx->other_ctx, x); |
|
371 if (*issuer) |
|
372 { |
|
373 CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509); |
|
374 return 1; |
|
375 } |
|
376 else |
|
377 return 0; |
|
378 } |
|
379 |
|
380 |
|
381 /* Check a certificate chains extensions for consistency |
|
382 * with the supplied purpose |
|
383 */ |
|
384 |
|
385 static int check_chain_extensions(X509_STORE_CTX *ctx) |
|
386 { |
|
387 #ifdef OPENSSL_NO_CHAIN_VERIFY |
|
388 return 1; |
|
389 #else |
|
390 int i, ok=0, must_be_ca; |
|
391 X509 *x; |
|
392 int (*cb)(int xok,X509_STORE_CTX *xctx); |
|
393 int proxy_path_length = 0; |
|
394 int allow_proxy_certs = |
|
395 !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); |
|
396 cb=ctx->verify_cb; |
|
397 |
|
398 /* must_be_ca can have 1 of 3 values: |
|
399 -1: we accept both CA and non-CA certificates, to allow direct |
|
400 use of self-signed certificates (which are marked as CA). |
|
401 0: we only accept non-CA certificates. This is currently not |
|
402 used, but the possibility is present for future extensions. |
|
403 1: we only accept CA certificates. This is currently used for |
|
404 all certificates in the chain except the leaf certificate. |
|
405 */ |
|
406 must_be_ca = -1; |
|
407 |
|
408 /* A hack to keep people who don't want to modify their software |
|
409 happy */ |
|
410 if (getenv("OPENSSL_ALLOW_PROXY_CERTS")) |
|
411 allow_proxy_certs = 1; |
|
412 |
|
413 /* Check all untrusted certificates */ |
|
414 for (i = 0; i < ctx->last_untrusted; i++) |
|
415 { |
|
416 int ret; |
|
417 x = sk_X509_value(ctx->chain, i); |
|
418 if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) |
|
419 && (x->ex_flags & EXFLAG_CRITICAL)) |
|
420 { |
|
421 ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; |
|
422 ctx->error_depth = i; |
|
423 ctx->current_cert = x; |
|
424 ok=cb(0,ctx); |
|
425 if (!ok) goto end; |
|
426 } |
|
427 if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) |
|
428 { |
|
429 ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED; |
|
430 ctx->error_depth = i; |
|
431 ctx->current_cert = x; |
|
432 ok=cb(0,ctx); |
|
433 if (!ok) goto end; |
|
434 } |
|
435 ret = X509_check_ca(x); |
|
436 switch(must_be_ca) |
|
437 { |
|
438 case -1: |
|
439 if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) |
|
440 && (ret != 1) && (ret != 0)) |
|
441 { |
|
442 ret = 0; |
|
443 ctx->error = X509_V_ERR_INVALID_CA; |
|
444 } |
|
445 else |
|
446 ret = 1; |
|
447 break; |
|
448 case 0: |
|
449 if (ret != 0) |
|
450 { |
|
451 ret = 0; |
|
452 ctx->error = X509_V_ERR_INVALID_NON_CA; |
|
453 } |
|
454 else |
|
455 ret = 1; |
|
456 break; |
|
457 default: |
|
458 if ((ret == 0) |
|
459 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) |
|
460 && (ret != 1))) |
|
461 { |
|
462 ret = 0; |
|
463 ctx->error = X509_V_ERR_INVALID_CA; |
|
464 } |
|
465 else |
|
466 ret = 1; |
|
467 break; |
|
468 } |
|
469 if (ret == 0) |
|
470 { |
|
471 ctx->error_depth = i; |
|
472 ctx->current_cert = x; |
|
473 ok=cb(0,ctx); |
|
474 if (!ok) goto end; |
|
475 } |
|
476 if (ctx->param->purpose > 0) |
|
477 { |
|
478 ret = X509_check_purpose(x, ctx->param->purpose, |
|
479 must_be_ca > 0); |
|
480 if ((ret == 0) |
|
481 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) |
|
482 && (ret != 1))) |
|
483 { |
|
484 ctx->error = X509_V_ERR_INVALID_PURPOSE; |
|
485 ctx->error_depth = i; |
|
486 ctx->current_cert = x; |
|
487 ok=cb(0,ctx); |
|
488 if (!ok) goto end; |
|
489 } |
|
490 } |
|
491 /* Check pathlen */ |
|
492 if ((i > 1) && (x->ex_pathlen != -1) |
|
493 && (i > (x->ex_pathlen + proxy_path_length + 1))) |
|
494 { |
|
495 ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; |
|
496 ctx->error_depth = i; |
|
497 ctx->current_cert = x; |
|
498 ok=cb(0,ctx); |
|
499 if (!ok) goto end; |
|
500 } |
|
501 /* If this certificate is a proxy certificate, the next |
|
502 certificate must be another proxy certificate or a EE |
|
503 certificate. If not, the next certificate must be a |
|
504 CA certificate. */ |
|
505 if (x->ex_flags & EXFLAG_PROXY) |
|
506 { |
|
507 if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) |
|
508 { |
|
509 ctx->error = |
|
510 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; |
|
511 ctx->error_depth = i; |
|
512 ctx->current_cert = x; |
|
513 ok=cb(0,ctx); |
|
514 if (!ok) goto end; |
|
515 } |
|
516 proxy_path_length++; |
|
517 must_be_ca = 0; |
|
518 } |
|
519 else |
|
520 must_be_ca = 1; |
|
521 } |
|
522 ok = 1; |
|
523 end: |
|
524 return ok; |
|
525 #endif |
|
526 } |
|
527 |
|
528 static int check_trust(X509_STORE_CTX *ctx) |
|
529 { |
|
530 #ifdef OPENSSL_NO_CHAIN_VERIFY |
|
531 return 1; |
|
532 #else |
|
533 int i, ok; |
|
534 X509 *x; |
|
535 int (*cb)(int xok,X509_STORE_CTX *xctx); |
|
536 cb=ctx->verify_cb; |
|
537 /* For now just check the last certificate in the chain */ |
|
538 i = sk_X509_num(ctx->chain) - 1; |
|
539 x = sk_X509_value(ctx->chain, i); |
|
540 ok = X509_check_trust(x, ctx->param->trust, 0); |
|
541 if (ok == X509_TRUST_TRUSTED) |
|
542 return 1; |
|
543 ctx->error_depth = i; |
|
544 ctx->current_cert = x; |
|
545 if (ok == X509_TRUST_REJECTED) |
|
546 ctx->error = X509_V_ERR_CERT_REJECTED; |
|
547 else |
|
548 ctx->error = X509_V_ERR_CERT_UNTRUSTED; |
|
549 ok = cb(0, ctx); |
|
550 return ok; |
|
551 #endif |
|
552 } |
|
553 |
|
554 static int check_revocation(X509_STORE_CTX *ctx) |
|
555 { |
|
556 int i, last, ok; |
|
557 if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) |
|
558 return 1; |
|
559 if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) |
|
560 last = sk_X509_num(ctx->chain) - 1; |
|
561 else |
|
562 last = 0; |
|
563 for(i = 0; i <= last; i++) |
|
564 { |
|
565 ctx->error_depth = i; |
|
566 ok = check_cert(ctx); |
|
567 if (!ok) return ok; |
|
568 } |
|
569 return 1; |
|
570 } |
|
571 |
|
572 static int check_cert(X509_STORE_CTX *ctx) |
|
573 { |
|
574 X509_CRL *crl = NULL; |
|
575 X509 *x; |
|
576 int ok, cnum; |
|
577 cnum = ctx->error_depth; |
|
578 x = sk_X509_value(ctx->chain, cnum); |
|
579 ctx->current_cert = x; |
|
580 /* Try to retrieve relevant CRL */ |
|
581 ok = ctx->get_crl(ctx, &crl, x); |
|
582 /* If error looking up CRL, nothing we can do except |
|
583 * notify callback |
|
584 */ |
|
585 if(!ok) |
|
586 { |
|
587 ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; |
|
588 ok = ctx->verify_cb(0, ctx); |
|
589 goto err; |
|
590 } |
|
591 ctx->current_crl = crl; |
|
592 ok = ctx->check_crl(ctx, crl); |
|
593 if (!ok) goto err; |
|
594 ok = ctx->cert_crl(ctx, crl, x); |
|
595 err: |
|
596 ctx->current_crl = NULL; |
|
597 X509_CRL_free(crl); |
|
598 return ok; |
|
599 |
|
600 } |
|
601 |
|
602 /* Check CRL times against values in X509_STORE_CTX */ |
|
603 |
|
604 static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) |
|
605 { |
|
606 time_t *ptime; |
|
607 int i; |
|
608 ctx->current_crl = crl; |
|
609 if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) |
|
610 ptime = &ctx->param->check_time; |
|
611 else |
|
612 ptime = NULL; |
|
613 |
|
614 i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); |
|
615 if (i == 0) |
|
616 { |
|
617 ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; |
|
618 if (!notify || !ctx->verify_cb(0, ctx)) |
|
619 return 0; |
|
620 } |
|
621 |
|
622 if (i > 0) |
|
623 { |
|
624 ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; |
|
625 if (!notify || !ctx->verify_cb(0, ctx)) |
|
626 return 0; |
|
627 } |
|
628 |
|
629 if(X509_CRL_get_nextUpdate(crl)) |
|
630 { |
|
631 i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); |
|
632 |
|
633 if (i == 0) |
|
634 { |
|
635 ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; |
|
636 if (!notify || !ctx->verify_cb(0, ctx)) |
|
637 return 0; |
|
638 } |
|
639 |
|
640 if (i < 0) |
|
641 { |
|
642 ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; |
|
643 if (!notify || !ctx->verify_cb(0, ctx)) |
|
644 return 0; |
|
645 } |
|
646 } |
|
647 |
|
648 ctx->current_crl = NULL; |
|
649 |
|
650 return 1; |
|
651 } |
|
652 |
|
653 /* Lookup CRLs from the supplied list. Look for matching isser name |
|
654 * and validity. If we can't find a valid CRL return the last one |
|
655 * with matching name. This gives more meaningful error codes. Otherwise |
|
656 * we'd get a CRL not found error if a CRL existed with matching name but |
|
657 * was invalid. |
|
658 */ |
|
659 |
|
660 static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, |
|
661 X509_NAME *nm, STACK_OF(X509_CRL) *crls) |
|
662 { |
|
663 int i; |
|
664 X509_CRL *crl, *best_crl = NULL; |
|
665 for (i = 0; i < sk_X509_CRL_num(crls); i++) |
|
666 { |
|
667 crl = sk_X509_CRL_value(crls, i); |
|
668 if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) |
|
669 continue; |
|
670 if (check_crl_time(ctx, crl, 0)) |
|
671 { |
|
672 *pcrl = crl; |
|
673 CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509); |
|
674 return 1; |
|
675 } |
|
676 best_crl = crl; |
|
677 } |
|
678 if (best_crl) |
|
679 { |
|
680 *pcrl = best_crl; |
|
681 CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509); |
|
682 } |
|
683 |
|
684 return 0; |
|
685 } |
|
686 |
|
687 /* Retrieve CRL corresponding to certificate: currently just a |
|
688 * subject lookup: maybe use AKID later... |
|
689 */ |
|
690 static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) |
|
691 { |
|
692 int ok; |
|
693 X509_CRL *crl = NULL; |
|
694 X509_OBJECT xobj; |
|
695 X509_NAME *nm; |
|
696 nm = X509_get_issuer_name(x); |
|
697 ok = get_crl_sk(ctx, &crl, nm, ctx->crls); |
|
698 if (ok) |
|
699 { |
|
700 *pcrl = crl; |
|
701 return 1; |
|
702 } |
|
703 |
|
704 ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj); |
|
705 |
|
706 if (!ok) |
|
707 { |
|
708 /* If we got a near match from get_crl_sk use that */ |
|
709 if (crl) |
|
710 { |
|
711 *pcrl = crl; |
|
712 return 1; |
|
713 } |
|
714 return 0; |
|
715 } |
|
716 |
|
717 *pcrl = xobj.data.crl; |
|
718 if (crl) |
|
719 X509_CRL_free(crl); |
|
720 return 1; |
|
721 } |
|
722 |
|
723 /* Check CRL validity */ |
|
724 static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) |
|
725 { |
|
726 X509 *issuer = NULL; |
|
727 EVP_PKEY *ikey = NULL; |
|
728 int ok = 0, chnum, cnum; |
|
729 cnum = ctx->error_depth; |
|
730 chnum = sk_X509_num(ctx->chain) - 1; |
|
731 /* Find CRL issuer: if not last certificate then issuer |
|
732 * is next certificate in chain. |
|
733 */ |
|
734 if(cnum < chnum) |
|
735 issuer = sk_X509_value(ctx->chain, cnum + 1); |
|
736 else |
|
737 { |
|
738 issuer = sk_X509_value(ctx->chain, chnum); |
|
739 /* If not self signed, can't check signature */ |
|
740 if(!ctx->check_issued(ctx, issuer, issuer)) |
|
741 { |
|
742 ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER; |
|
743 ok = ctx->verify_cb(0, ctx); |
|
744 if(!ok) goto err; |
|
745 } |
|
746 } |
|
747 |
|
748 if(issuer) |
|
749 { |
|
750 /* Check for cRLSign bit if keyUsage present */ |
|
751 if ((issuer->ex_flags & EXFLAG_KUSAGE) && |
|
752 !(issuer->ex_kusage & KU_CRL_SIGN)) |
|
753 { |
|
754 ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN; |
|
755 ok = ctx->verify_cb(0, ctx); |
|
756 if(!ok) goto err; |
|
757 } |
|
758 |
|
759 /* Attempt to get issuer certificate public key */ |
|
760 ikey = X509_get_pubkey(issuer); |
|
761 |
|
762 if(!ikey) |
|
763 { |
|
764 ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; |
|
765 ok = ctx->verify_cb(0, ctx); |
|
766 if (!ok) goto err; |
|
767 } |
|
768 else |
|
769 { |
|
770 /* Verify CRL signature */ |
|
771 if(X509_CRL_verify(crl, ikey) <= 0) |
|
772 { |
|
773 ctx->error=X509_V_ERR_CRL_SIGNATURE_FAILURE; |
|
774 ok = ctx->verify_cb(0, ctx); |
|
775 if (!ok) goto err; |
|
776 } |
|
777 } |
|
778 } |
|
779 |
|
780 ok = check_crl_time(ctx, crl, 1); |
|
781 if (!ok) |
|
782 goto err; |
|
783 |
|
784 ok = 1; |
|
785 |
|
786 err: |
|
787 EVP_PKEY_free(ikey); |
|
788 return ok; |
|
789 } |
|
790 |
|
791 /* Check certificate against CRL */ |
|
792 static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) |
|
793 { |
|
794 int idx, ok; |
|
795 X509_REVOKED rtmp; |
|
796 STACK_OF(X509_EXTENSION) *exts; |
|
797 X509_EXTENSION *ext; |
|
798 /* Look for serial number of certificate in CRL */ |
|
799 rtmp.serialNumber = X509_get_serialNumber(x); |
|
800 /* Sort revoked into serial number order if not already sorted. |
|
801 * Do this under a lock to avoid race condition. |
|
802 */ |
|
803 if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) |
|
804 { |
|
805 CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); |
|
806 sk_X509_REVOKED_sort(crl->crl->revoked); |
|
807 CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); |
|
808 } |
|
809 idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp); |
|
810 /* If found assume revoked: want something cleverer than |
|
811 * this to handle entry extensions in V2 CRLs. |
|
812 */ |
|
813 if(idx >= 0) |
|
814 { |
|
815 ctx->error = X509_V_ERR_CERT_REVOKED; |
|
816 ok = ctx->verify_cb(0, ctx); |
|
817 if (!ok) return 0; |
|
818 } |
|
819 |
|
820 if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) |
|
821 return 1; |
|
822 |
|
823 /* See if we have any critical CRL extensions: since we |
|
824 * currently don't handle any CRL extensions the CRL must be |
|
825 * rejected. |
|
826 * This code accesses the X509_CRL structure directly: applications |
|
827 * shouldn't do this. |
|
828 */ |
|
829 |
|
830 exts = crl->crl->extensions; |
|
831 |
|
832 for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) |
|
833 { |
|
834 ext = sk_X509_EXTENSION_value(exts, idx); |
|
835 if (ext->critical > 0) |
|
836 { |
|
837 ctx->error = |
|
838 X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION; |
|
839 ok = ctx->verify_cb(0, ctx); |
|
840 if(!ok) return 0; |
|
841 break; |
|
842 } |
|
843 } |
|
844 return 1; |
|
845 } |
|
846 |
|
847 static int check_policy(X509_STORE_CTX *ctx) |
|
848 { |
|
849 int ret; |
|
850 ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, |
|
851 ctx->param->policies, ctx->param->flags); |
|
852 if (ret == 0) |
|
853 { |
|
854 X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE); |
|
855 return 0; |
|
856 } |
|
857 /* Invalid or inconsistent extensions */ |
|
858 if (ret == -1) |
|
859 { |
|
860 /* Locate certificates with bad extensions and notify |
|
861 * callback. |
|
862 */ |
|
863 X509 *x; |
|
864 int i; |
|
865 for (i = 1; i < sk_X509_num(ctx->chain); i++) |
|
866 { |
|
867 x = sk_X509_value(ctx->chain, i); |
|
868 if (!(x->ex_flags & EXFLAG_INVALID_POLICY)) |
|
869 continue; |
|
870 ctx->current_cert = x; |
|
871 ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION; |
|
872 ret = ctx->verify_cb(0, ctx); |
|
873 } |
|
874 return 1; |
|
875 } |
|
876 if (ret == -2) |
|
877 { |
|
878 ctx->current_cert = NULL; |
|
879 ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY; |
|
880 return ctx->verify_cb(0, ctx); |
|
881 } |
|
882 |
|
883 if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) |
|
884 { |
|
885 ctx->current_cert = NULL; |
|
886 ctx->error = X509_V_OK; |
|
887 if (!ctx->verify_cb(2, ctx)) |
|
888 return 0; |
|
889 } |
|
890 |
|
891 return 1; |
|
892 } |
|
893 |
|
894 static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) |
|
895 { |
|
896 time_t *ptime; |
|
897 int i; |
|
898 |
|
899 if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) |
|
900 ptime = &ctx->param->check_time; |
|
901 else |
|
902 ptime = NULL; |
|
903 |
|
904 i=X509_cmp_time(X509_get_notBefore(x), ptime); |
|
905 if (i == 0) |
|
906 { |
|
907 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; |
|
908 ctx->current_cert=x; |
|
909 if (!ctx->verify_cb(0, ctx)) |
|
910 return 0; |
|
911 } |
|
912 |
|
913 if (i > 0) |
|
914 { |
|
915 ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; |
|
916 ctx->current_cert=x; |
|
917 if (!ctx->verify_cb(0, ctx)) |
|
918 return 0; |
|
919 } |
|
920 |
|
921 i=X509_cmp_time(X509_get_notAfter(x), ptime); |
|
922 if (i == 0) |
|
923 { |
|
924 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; |
|
925 ctx->current_cert=x; |
|
926 if (!ctx->verify_cb(0, ctx)) |
|
927 return 0; |
|
928 } |
|
929 |
|
930 if (i < 0) |
|
931 { |
|
932 ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; |
|
933 ctx->current_cert=x; |
|
934 if (!ctx->verify_cb(0, ctx)) |
|
935 return 0; |
|
936 } |
|
937 |
|
938 return 1; |
|
939 } |
|
940 |
|
941 static int internal_verify(X509_STORE_CTX *ctx) |
|
942 { |
|
943 int ok=0,n; |
|
944 X509 *xs,*xi; |
|
945 EVP_PKEY *pkey=NULL; |
|
946 int (*cb)(int xok,X509_STORE_CTX *xctx); |
|
947 |
|
948 cb=ctx->verify_cb; |
|
949 |
|
950 n=sk_X509_num(ctx->chain); |
|
951 ctx->error_depth=n-1; |
|
952 n--; |
|
953 xi=sk_X509_value(ctx->chain,n); |
|
954 |
|
955 if (ctx->check_issued(ctx, xi, xi)) |
|
956 xs=xi; |
|
957 else |
|
958 { |
|
959 if (n <= 0) |
|
960 { |
|
961 ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; |
|
962 ctx->current_cert=xi; |
|
963 ok=cb(0,ctx); |
|
964 goto end; |
|
965 } |
|
966 else |
|
967 { |
|
968 n--; |
|
969 ctx->error_depth=n; |
|
970 xs=sk_X509_value(ctx->chain,n); |
|
971 } |
|
972 } |
|
973 |
|
974 /* ctx->error=0; not needed */ |
|
975 while (n >= 0) |
|
976 { |
|
977 ctx->error_depth=n; |
|
978 if (!xs->valid) |
|
979 { |
|
980 if ((pkey=X509_get_pubkey(xi)) == NULL) |
|
981 { |
|
982 ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; |
|
983 ctx->current_cert=xi; |
|
984 ok=(*cb)(0,ctx); |
|
985 if (!ok) goto end; |
|
986 } |
|
987 else if (X509_verify(xs,pkey) <= 0) |
|
988 /* XXX For the final trusted self-signed cert, |
|
989 * this is a waste of time. That check should |
|
990 * optional so that e.g. 'openssl x509' can be |
|
991 * used to detect invalid self-signatures, but |
|
992 * we don't verify again and again in SSL |
|
993 * handshakes and the like once the cert has |
|
994 * been declared trusted. */ |
|
995 { |
|
996 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; |
|
997 ctx->current_cert=xs; |
|
998 ok=(*cb)(0,ctx); |
|
999 if (!ok) |
|
1000 { |
|
1001 EVP_PKEY_free(pkey); |
|
1002 goto end; |
|
1003 } |
|
1004 } |
|
1005 EVP_PKEY_free(pkey); |
|
1006 pkey=NULL; |
|
1007 } |
|
1008 |
|
1009 xs->valid = 1; |
|
1010 |
|
1011 ok = check_cert_time(ctx, xs); |
|
1012 if (!ok) |
|
1013 goto end; |
|
1014 |
|
1015 /* The last error (if any) is still in the error value */ |
|
1016 ctx->current_issuer=xi; |
|
1017 ctx->current_cert=xs; |
|
1018 ok=(*cb)(1,ctx); |
|
1019 if (!ok) goto end; |
|
1020 |
|
1021 n--; |
|
1022 if (n >= 0) |
|
1023 { |
|
1024 xi=xs; |
|
1025 xs=sk_X509_value(ctx->chain,n); |
|
1026 } |
|
1027 } |
|
1028 ok=1; |
|
1029 end: |
|
1030 return ok; |
|
1031 } |
|
1032 |
|
1033 EXPORT_C int X509_cmp_current_time(ASN1_TIME *ctm) |
|
1034 { |
|
1035 return X509_cmp_time(ctm, NULL); |
|
1036 } |
|
1037 |
|
1038 EXPORT_C int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) |
|
1039 { |
|
1040 char *str; |
|
1041 ASN1_TIME atm; |
|
1042 long offset; |
|
1043 char buff1[24],buff2[24],*p; |
|
1044 int i,j; |
|
1045 |
|
1046 p=buff1; |
|
1047 i=ctm->length; |
|
1048 str=(char *)ctm->data; |
|
1049 if (ctm->type == V_ASN1_UTCTIME) |
|
1050 { |
|
1051 if ((i < 11) || (i > 17)) return 0; |
|
1052 memcpy(p,str,10); |
|
1053 p+=10; |
|
1054 str+=10; |
|
1055 } |
|
1056 else |
|
1057 { |
|
1058 if (i < 13) return 0; |
|
1059 memcpy(p,str,12); |
|
1060 p+=12; |
|
1061 str+=12; |
|
1062 } |
|
1063 |
|
1064 if ((*str == 'Z') || (*str == '-') || (*str == '+')) |
|
1065 { *(p++)='0'; *(p++)='0'; } |
|
1066 else |
|
1067 { |
|
1068 *(p++)= *(str++); |
|
1069 *(p++)= *(str++); |
|
1070 /* Skip any fractional seconds... */ |
|
1071 if (*str == '.') |
|
1072 { |
|
1073 str++; |
|
1074 while ((*str >= '0') && (*str <= '9')) str++; |
|
1075 } |
|
1076 |
|
1077 } |
|
1078 *(p++)='Z'; |
|
1079 *(p++)='\0'; |
|
1080 |
|
1081 if (*str == 'Z') |
|
1082 offset=0; |
|
1083 else |
|
1084 { |
|
1085 if ((*str != '+') && (*str != '-')) |
|
1086 return 0; |
|
1087 offset=((str[1]-'0')*10+(str[2]-'0'))*60; |
|
1088 offset+=(str[3]-'0')*10+(str[4]-'0'); |
|
1089 if (*str == '-') |
|
1090 offset= -offset; |
|
1091 } |
|
1092 atm.type=ctm->type; |
|
1093 atm.length=sizeof(buff2); |
|
1094 atm.data=(unsigned char *)buff2; |
|
1095 |
|
1096 if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL) |
|
1097 return 0; |
|
1098 |
|
1099 if (ctm->type == V_ASN1_UTCTIME) |
|
1100 { |
|
1101 i=(buff1[0]-'0')*10+(buff1[1]-'0'); |
|
1102 if (i < 50) i+=100; /* cf. RFC 2459 */ |
|
1103 j=(buff2[0]-'0')*10+(buff2[1]-'0'); |
|
1104 if (j < 50) j+=100; |
|
1105 |
|
1106 if (i < j) return -1; |
|
1107 if (i > j) return 1; |
|
1108 } |
|
1109 i=strcmp(buff1,buff2); |
|
1110 if (i == 0) /* wait a second then return younger :-) */ |
|
1111 return -1; |
|
1112 else |
|
1113 return i; |
|
1114 } |
|
1115 |
|
1116 EXPORT_C ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) |
|
1117 { |
|
1118 return X509_time_adj(s, adj, NULL); |
|
1119 } |
|
1120 |
|
1121 EXPORT_C ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm) |
|
1122 { |
|
1123 time_t t; |
|
1124 int type = -1; |
|
1125 |
|
1126 if (in_tm) t = *in_tm; |
|
1127 else time(&t); |
|
1128 |
|
1129 t+=adj; |
|
1130 if (s) type = s->type; |
|
1131 if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t); |
|
1132 if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t); |
|
1133 return ASN1_TIME_set(s, t); |
|
1134 } |
|
1135 |
|
1136 EXPORT_C int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) |
|
1137 { |
|
1138 EVP_PKEY *ktmp=NULL,*ktmp2; |
|
1139 int i,j; |
|
1140 |
|
1141 if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1; |
|
1142 |
|
1143 for (i=0; i<sk_X509_num(chain); i++) |
|
1144 { |
|
1145 ktmp=X509_get_pubkey(sk_X509_value(chain,i)); |
|
1146 if (ktmp == NULL) |
|
1147 { |
|
1148 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); |
|
1149 return 0; |
|
1150 } |
|
1151 if (!EVP_PKEY_missing_parameters(ktmp)) |
|
1152 break; |
|
1153 else |
|
1154 { |
|
1155 EVP_PKEY_free(ktmp); |
|
1156 ktmp=NULL; |
|
1157 } |
|
1158 } |
|
1159 if (ktmp == NULL) |
|
1160 { |
|
1161 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); |
|
1162 return 0; |
|
1163 } |
|
1164 |
|
1165 /* first, populate the other certs */ |
|
1166 for (j=i-1; j >= 0; j--) |
|
1167 { |
|
1168 ktmp2=X509_get_pubkey(sk_X509_value(chain,j)); |
|
1169 EVP_PKEY_copy_parameters(ktmp2,ktmp); |
|
1170 EVP_PKEY_free(ktmp2); |
|
1171 } |
|
1172 |
|
1173 if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp); |
|
1174 EVP_PKEY_free(ktmp); |
|
1175 return 1; |
|
1176 } |
|
1177 |
|
1178 EXPORT_C int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
|
1179 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) |
|
1180 { |
|
1181 /* This function is (usually) called only once, by |
|
1182 * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */ |
|
1183 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp, |
|
1184 new_func, dup_func, free_func); |
|
1185 } |
|
1186 |
|
1187 EXPORT_C int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) |
|
1188 { |
|
1189 return CRYPTO_set_ex_data(&ctx->ex_data,idx,data); |
|
1190 } |
|
1191 |
|
1192 EXPORT_C void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) |
|
1193 { |
|
1194 return CRYPTO_get_ex_data(&ctx->ex_data,idx); |
|
1195 } |
|
1196 |
|
1197 EXPORT_C int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) |
|
1198 { |
|
1199 return ctx->error; |
|
1200 } |
|
1201 |
|
1202 EXPORT_C void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) |
|
1203 { |
|
1204 ctx->error=err; |
|
1205 } |
|
1206 |
|
1207 EXPORT_C int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) |
|
1208 { |
|
1209 return ctx->error_depth; |
|
1210 } |
|
1211 |
|
1212 EXPORT_C X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) |
|
1213 { |
|
1214 return ctx->current_cert; |
|
1215 } |
|
1216 |
|
1217 EXPORT_C STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) |
|
1218 { |
|
1219 return ctx->chain; |
|
1220 } |
|
1221 |
|
1222 EXPORT_C STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) |
|
1223 { |
|
1224 int i; |
|
1225 X509 *x; |
|
1226 STACK_OF(X509) *chain; |
|
1227 if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL; |
|
1228 for (i = 0; i < sk_X509_num(chain); i++) |
|
1229 { |
|
1230 x = sk_X509_value(chain, i); |
|
1231 CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); |
|
1232 } |
|
1233 return chain; |
|
1234 } |
|
1235 |
|
1236 EXPORT_C void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) |
|
1237 { |
|
1238 ctx->cert=x; |
|
1239 } |
|
1240 |
|
1241 EXPORT_C void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) |
|
1242 { |
|
1243 ctx->untrusted=sk; |
|
1244 } |
|
1245 |
|
1246 EXPORT_C void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk) |
|
1247 { |
|
1248 ctx->crls=sk; |
|
1249 } |
|
1250 |
|
1251 EXPORT_C int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) |
|
1252 { |
|
1253 return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); |
|
1254 } |
|
1255 |
|
1256 EXPORT_C int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) |
|
1257 { |
|
1258 return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust); |
|
1259 } |
|
1260 |
|
1261 /* This function is used to set the X509_STORE_CTX purpose and trust |
|
1262 * values. This is intended to be used when another structure has its |
|
1263 * own trust and purpose values which (if set) will be inherited by |
|
1264 * the ctx. If they aren't set then we will usually have a default |
|
1265 * purpose in mind which should then be used to set the trust value. |
|
1266 * An example of this is SSL use: an SSL structure will have its own |
|
1267 * purpose and trust settings which the application can set: if they |
|
1268 * aren't set then we use the default of SSL client/server. |
|
1269 */ |
|
1270 |
|
1271 EXPORT_C int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, |
|
1272 int purpose, int trust) |
|
1273 { |
|
1274 int idx; |
|
1275 /* If purpose not set use default */ |
|
1276 if (!purpose) purpose = def_purpose; |
|
1277 /* If we have a purpose then check it is valid */ |
|
1278 if (purpose) |
|
1279 { |
|
1280 X509_PURPOSE *ptmp; |
|
1281 idx = X509_PURPOSE_get_by_id(purpose); |
|
1282 if (idx == -1) |
|
1283 { |
|
1284 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, |
|
1285 X509_R_UNKNOWN_PURPOSE_ID); |
|
1286 return 0; |
|
1287 } |
|
1288 ptmp = X509_PURPOSE_get0(idx); |
|
1289 if (ptmp->trust == X509_TRUST_DEFAULT) |
|
1290 { |
|
1291 idx = X509_PURPOSE_get_by_id(def_purpose); |
|
1292 if (idx == -1) |
|
1293 { |
|
1294 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, |
|
1295 X509_R_UNKNOWN_PURPOSE_ID); |
|
1296 return 0; |
|
1297 } |
|
1298 ptmp = X509_PURPOSE_get0(idx); |
|
1299 } |
|
1300 /* If trust not set then get from purpose default */ |
|
1301 if (!trust) trust = ptmp->trust; |
|
1302 } |
|
1303 if (trust) |
|
1304 { |
|
1305 idx = X509_TRUST_get_by_id(trust); |
|
1306 if (idx == -1) |
|
1307 { |
|
1308 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, |
|
1309 X509_R_UNKNOWN_TRUST_ID); |
|
1310 return 0; |
|
1311 } |
|
1312 } |
|
1313 |
|
1314 if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose; |
|
1315 if (trust && !ctx->param->trust) ctx->param->trust = trust; |
|
1316 return 1; |
|
1317 } |
|
1318 |
|
1319 EXPORT_C X509_STORE_CTX *X509_STORE_CTX_new(void) |
|
1320 { |
|
1321 X509_STORE_CTX *ctx; |
|
1322 ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); |
|
1323 if (!ctx) |
|
1324 { |
|
1325 X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE); |
|
1326 return NULL; |
|
1327 } |
|
1328 memset(ctx, 0, sizeof(X509_STORE_CTX)); |
|
1329 return ctx; |
|
1330 } |
|
1331 |
|
1332 EXPORT_C void X509_STORE_CTX_free(X509_STORE_CTX *ctx) |
|
1333 { |
|
1334 X509_STORE_CTX_cleanup(ctx); |
|
1335 OPENSSL_free(ctx); |
|
1336 } |
|
1337 |
|
1338 EXPORT_C int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, |
|
1339 STACK_OF(X509) *chain) |
|
1340 { |
|
1341 int ret = 1; |
|
1342 ctx->ctx=store; |
|
1343 ctx->current_method=0; |
|
1344 ctx->cert=x509; |
|
1345 ctx->untrusted=chain; |
|
1346 ctx->crls = NULL; |
|
1347 ctx->last_untrusted=0; |
|
1348 ctx->other_ctx=NULL; |
|
1349 ctx->valid=0; |
|
1350 ctx->chain=NULL; |
|
1351 ctx->error=0; |
|
1352 ctx->explicit_policy=0; |
|
1353 ctx->error_depth=0; |
|
1354 ctx->current_cert=NULL; |
|
1355 ctx->current_issuer=NULL; |
|
1356 ctx->tree = NULL; |
|
1357 |
|
1358 ctx->param = X509_VERIFY_PARAM_new(); |
|
1359 |
|
1360 if (!ctx->param) |
|
1361 { |
|
1362 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); |
|
1363 return 0; |
|
1364 } |
|
1365 |
|
1366 /* Inherit callbacks and flags from X509_STORE if not set |
|
1367 * use defaults. |
|
1368 */ |
|
1369 |
|
1370 |
|
1371 if (store) |
|
1372 ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); |
|
1373 else |
|
1374 ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; |
|
1375 |
|
1376 if (store) |
|
1377 { |
|
1378 ctx->verify_cb = store->verify_cb; |
|
1379 ctx->cleanup = store->cleanup; |
|
1380 } |
|
1381 else |
|
1382 ctx->cleanup = 0; |
|
1383 |
|
1384 if (ret) |
|
1385 ret = X509_VERIFY_PARAM_inherit(ctx->param, |
|
1386 X509_VERIFY_PARAM_lookup("default")); |
|
1387 |
|
1388 if (ret == 0) |
|
1389 { |
|
1390 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); |
|
1391 return 0; |
|
1392 } |
|
1393 |
|
1394 if (store && store->check_issued) |
|
1395 ctx->check_issued = store->check_issued; |
|
1396 else |
|
1397 ctx->check_issued = check_issued; |
|
1398 |
|
1399 if (store && store->get_issuer) |
|
1400 ctx->get_issuer = store->get_issuer; |
|
1401 else |
|
1402 ctx->get_issuer = X509_STORE_CTX_get1_issuer; |
|
1403 |
|
1404 if (store && store->verify_cb) |
|
1405 ctx->verify_cb = store->verify_cb; |
|
1406 else |
|
1407 ctx->verify_cb = null_callback; |
|
1408 |
|
1409 if (store && store->verify) |
|
1410 ctx->verify = store->verify; |
|
1411 else |
|
1412 ctx->verify = internal_verify; |
|
1413 |
|
1414 if (store && store->check_revocation) |
|
1415 ctx->check_revocation = store->check_revocation; |
|
1416 else |
|
1417 ctx->check_revocation = check_revocation; |
|
1418 |
|
1419 if (store && store->get_crl) |
|
1420 ctx->get_crl = store->get_crl; |
|
1421 else |
|
1422 ctx->get_crl = get_crl; |
|
1423 |
|
1424 if (store && store->check_crl) |
|
1425 ctx->check_crl = store->check_crl; |
|
1426 else |
|
1427 ctx->check_crl = check_crl; |
|
1428 |
|
1429 if (store && store->cert_crl) |
|
1430 ctx->cert_crl = store->cert_crl; |
|
1431 else |
|
1432 ctx->cert_crl = cert_crl; |
|
1433 |
|
1434 ctx->check_policy = check_policy; |
|
1435 |
|
1436 |
|
1437 /* This memset() can't make any sense anyway, so it's removed. As |
|
1438 * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a |
|
1439 * corresponding "new" here and remove this bogus initialisation. */ |
|
1440 /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */ |
|
1441 if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, |
|
1442 &(ctx->ex_data))) |
|
1443 { |
|
1444 OPENSSL_free(ctx); |
|
1445 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); |
|
1446 return 0; |
|
1447 } |
|
1448 return 1; |
|
1449 } |
|
1450 |
|
1451 /* Set alternative lookup method: just a STACK of trusted certificates. |
|
1452 * This avoids X509_STORE nastiness where it isn't needed. |
|
1453 */ |
|
1454 |
|
1455 EXPORT_C void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) |
|
1456 { |
|
1457 ctx->other_ctx = sk; |
|
1458 ctx->get_issuer = get_issuer_sk; |
|
1459 } |
|
1460 |
|
1461 EXPORT_C void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) |
|
1462 { |
|
1463 if (ctx->cleanup) ctx->cleanup(ctx); |
|
1464 if (ctx->param != NULL) |
|
1465 { |
|
1466 X509_VERIFY_PARAM_free(ctx->param); |
|
1467 ctx->param=NULL; |
|
1468 } |
|
1469 if (ctx->tree != NULL) |
|
1470 { |
|
1471 X509_policy_tree_free(ctx->tree); |
|
1472 ctx->tree=NULL; |
|
1473 } |
|
1474 if (ctx->chain != NULL) |
|
1475 { |
|
1476 sk_X509_pop_free(ctx->chain,X509_free); |
|
1477 ctx->chain=NULL; |
|
1478 } |
|
1479 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data)); |
|
1480 memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); |
|
1481 } |
|
1482 |
|
1483 EXPORT_C void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) |
|
1484 { |
|
1485 X509_VERIFY_PARAM_set_depth(ctx->param, depth); |
|
1486 } |
|
1487 |
|
1488 EXPORT_C void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) |
|
1489 { |
|
1490 X509_VERIFY_PARAM_set_flags(ctx->param, flags); |
|
1491 } |
|
1492 |
|
1493 EXPORT_C void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t) |
|
1494 { |
|
1495 X509_VERIFY_PARAM_set_time(ctx->param, t); |
|
1496 } |
|
1497 |
|
1498 EXPORT_C void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, |
|
1499 int (*verify_cb)(int, X509_STORE_CTX *)) |
|
1500 { |
|
1501 ctx->verify_cb=verify_cb; |
|
1502 } |
|
1503 |
|
1504 EXPORT_C X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx) |
|
1505 { |
|
1506 return ctx->tree; |
|
1507 } |
|
1508 |
|
1509 EXPORT_C int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx) |
|
1510 { |
|
1511 return ctx->explicit_policy; |
|
1512 } |
|
1513 |
|
1514 EXPORT_C int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) |
|
1515 { |
|
1516 const X509_VERIFY_PARAM *param; |
|
1517 param = X509_VERIFY_PARAM_lookup(name); |
|
1518 if (!param) |
|
1519 return 0; |
|
1520 return X509_VERIFY_PARAM_inherit(ctx->param, param); |
|
1521 } |
|
1522 |
|
1523 EXPORT_C X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) |
|
1524 { |
|
1525 return ctx->param; |
|
1526 } |
|
1527 |
|
1528 EXPORT_C void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) |
|
1529 { |
|
1530 if (ctx->param) |
|
1531 X509_VERIFY_PARAM_free(ctx->param); |
|
1532 ctx->param = param; |
|
1533 } |
|
1534 |
|
1535 IMPLEMENT_STACK_OF(X509) |
|
1536 IMPLEMENT_ASN1_SET_OF(X509) |
|
1537 |
|
1538 IMPLEMENT_STACK_OF(X509_NAME) |
|
1539 |
|
1540 IMPLEMENT_STACK_OF(X509_ATTRIBUTE) |
|
1541 IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE) |