]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* crypto/x509/x509_vfy.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
58 | ||
59 | #include <stdio.h> | |
60 | #include <time.h> | |
61 | #include <errno.h> | |
d02b48c6 RE |
62 | |
63 | #include "cryptlib.h" | |
17f389bb | 64 | #include <openssl/crypto.h> |
ec577822 BM |
65 | #include <openssl/lhash.h> |
66 | #include <openssl/buffer.h> | |
67 | #include <openssl/evp.h> | |
68 | #include <openssl/asn1.h> | |
69 | #include <openssl/x509.h> | |
11262391 | 70 | #include <openssl/x509v3.h> |
ec577822 | 71 | #include <openssl/objects.h> |
d02b48c6 | 72 | |
d02b48c6 | 73 | static int null_callback(int ok,X509_STORE_CTX *e); |
2f043896 DSH |
74 | static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); |
75 | static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x); | |
11262391 | 76 | static int check_chain_purpose(X509_STORE_CTX *ctx); |
51630a37 | 77 | static int check_trust(X509_STORE_CTX *ctx); |
d02b48c6 | 78 | static int internal_verify(X509_STORE_CTX *ctx); |
e778802f | 79 | const char *X509_version="X.509" OPENSSL_VERSION_PTEXT; |
b4cadc6e | 80 | |
dd9d233e | 81 | static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_store_ctx_method=NULL; |
58964a49 | 82 | static int x509_store_ctx_num=0; |
3ac82faa | 83 | |
d02b48c6 | 84 | |
6b691a5c | 85 | static int null_callback(int ok, X509_STORE_CTX *e) |
d02b48c6 | 86 | { |
f684090c | 87 | return ok; |
d02b48c6 RE |
88 | } |
89 | ||
90 | #if 0 | |
6b691a5c | 91 | static int x509_subject_cmp(X509 **a, X509 **b) |
d02b48c6 | 92 | { |
f684090c | 93 | return X509_subject_name_cmp(*a,*b); |
d02b48c6 RE |
94 | } |
95 | #endif | |
96 | ||
6b691a5c | 97 | int X509_verify_cert(X509_STORE_CTX *ctx) |
d02b48c6 RE |
98 | { |
99 | X509 *x,*xtmp,*chain_ss=NULL; | |
100 | X509_NAME *xn; | |
d02b48c6 RE |
101 | int depth,i,ok=0; |
102 | int num; | |
103 | int (*cb)(); | |
f73e07cf | 104 | STACK_OF(X509) *sktmp=NULL; |
d02b48c6 RE |
105 | |
106 | if (ctx->cert == NULL) | |
107 | { | |
108 | X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); | |
f684090c | 109 | return -1; |
d02b48c6 RE |
110 | } |
111 | ||
2f043896 | 112 | cb=ctx->verify_cb; |
d02b48c6 RE |
113 | if (cb == NULL) cb=null_callback; |
114 | ||
115 | /* first we make sure the chain we are going to build is | |
116 | * present and that the first entry is in place */ | |
117 | if (ctx->chain == NULL) | |
118 | { | |
7e258a56 BL |
119 | if ( ((ctx->chain=sk_X509_new_null()) == NULL) || |
120 | (!sk_X509_push(ctx->chain,ctx->cert))) | |
d02b48c6 RE |
121 | { |
122 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); | |
123 | goto end; | |
124 | } | |
125 | CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509); | |
126 | ctx->last_untrusted=1; | |
127 | } | |
128 | ||
f76d8c47 | 129 | /* We use a temporary STACK so we can chop and hack at it */ |
f73e07cf BL |
130 | if (ctx->untrusted != NULL |
131 | && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) | |
d02b48c6 RE |
132 | { |
133 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); | |
134 | goto end; | |
135 | } | |
136 | ||
7e258a56 BL |
137 | num=sk_X509_num(ctx->chain); |
138 | x=sk_X509_value(ctx->chain,num-1); | |
d02b48c6 RE |
139 | depth=ctx->depth; |
140 | ||
141 | ||
142 | for (;;) | |
143 | { | |
144 | /* If we have enough, we break */ | |
d797727b | 145 | if (depth < num) break; /* FIXME: If this happens, we should take |
a9642be6 BM |
146 | * note of it and, if appropriate, use the |
147 | * X509_V_ERR_CERT_CHAIN_TOO_LONG error | |
148 | * code later. | |
149 | */ | |
d02b48c6 RE |
150 | |
151 | /* If we are self signed, we break */ | |
152 | xn=X509_get_issuer_name(x); | |
2f043896 | 153 | if (ctx->check_issued(ctx, x,x)) break; |
d02b48c6 RE |
154 | |
155 | /* If we were passed a cert chain, use it first */ | |
156 | if (ctx->untrusted != NULL) | |
157 | { | |
2f043896 | 158 | xtmp=find_issuer(ctx, sktmp,x); |
d02b48c6 RE |
159 | if (xtmp != NULL) |
160 | { | |
7e258a56 | 161 | if (!sk_X509_push(ctx->chain,xtmp)) |
d02b48c6 RE |
162 | { |
163 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); | |
164 | goto end; | |
165 | } | |
166 | CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); | |
f73e07cf | 167 | sk_X509_delete_ptr(sktmp,xtmp); |
d02b48c6 RE |
168 | ctx->last_untrusted++; |
169 | x=xtmp; | |
170 | num++; | |
171 | /* reparse the full chain for | |
172 | * the next one */ | |
173 | continue; | |
174 | } | |
175 | } | |
176 | break; | |
177 | } | |
178 | ||
179 | /* at this point, chain should contain a list of untrusted | |
180 | * certificates. We now need to add at least one trusted one, | |
181 | * if possible, otherwise we complain. */ | |
182 | ||
2f043896 DSH |
183 | /* Examine last certificate in chain and see if it |
184 | * is self signed. | |
185 | */ | |
186 | ||
7e258a56 BL |
187 | i=sk_X509_num(ctx->chain); |
188 | x=sk_X509_value(ctx->chain,i-1); | |
f76d8c47 | 189 | xn = X509_get_subject_name(x); |
2f043896 | 190 | if (ctx->check_issued(ctx, x, x)) |
d02b48c6 RE |
191 | { |
192 | /* we have a self signed certificate */ | |
7e258a56 | 193 | if (sk_X509_num(ctx->chain) == 1) |
d02b48c6 | 194 | { |
f76d8c47 DSH |
195 | /* We have a single self signed certificate: see if |
196 | * we can find it in the store. We must have an exact | |
197 | * match to avoid possible impersonation. | |
198 | */ | |
2f043896 DSH |
199 | ok = ctx->get_issuer(&xtmp, ctx, x); |
200 | if ((ok <= 0) || X509_cmp(x, xtmp)) | |
f76d8c47 DSH |
201 | { |
202 | ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; | |
203 | ctx->current_cert=x; | |
204 | ctx->error_depth=i-1; | |
b7c190d9 | 205 | if (ok == 1) X509_free(xtmp); |
f76d8c47 DSH |
206 | ok=cb(0,ctx); |
207 | if (!ok) goto end; | |
208 | } | |
209 | else | |
210 | { | |
211 | /* We have a match: replace certificate with store version | |
212 | * so we get any trust settings. | |
213 | */ | |
214 | X509_free(x); | |
2f043896 | 215 | x = xtmp; |
f76d8c47 DSH |
216 | sk_X509_set(ctx->chain, i - 1, x); |
217 | ctx->last_untrusted=0; | |
218 | } | |
d02b48c6 RE |
219 | } |
220 | else | |
221 | { | |
2f043896 | 222 | /* extract and save self signed certificate for later use */ |
7e258a56 | 223 | chain_ss=sk_X509_pop(ctx->chain); |
d02b48c6 RE |
224 | ctx->last_untrusted--; |
225 | num--; | |
7e258a56 | 226 | x=sk_X509_value(ctx->chain,num-1); |
d02b48c6 RE |
227 | } |
228 | } | |
229 | ||
230 | /* We now lookup certs from the certificate store */ | |
231 | for (;;) | |
232 | { | |
233 | /* If we have enough, we break */ | |
7f89714e | 234 | if (depth < num) break; |
d02b48c6 RE |
235 | |
236 | /* If we are self signed, we break */ | |
237 | xn=X509_get_issuer_name(x); | |
2f043896 | 238 | if (ctx->check_issued(ctx,x,x)) break; |
d02b48c6 | 239 | |
2f043896 DSH |
240 | ok = ctx->get_issuer(&xtmp, ctx, x); |
241 | ||
242 | if (ok < 0) return ok; | |
b7c190d9 | 243 | if (ok == 0) break; |
2f043896 DSH |
244 | |
245 | x = xtmp; | |
246 | if (!sk_X509_push(ctx->chain,x)) | |
d02b48c6 | 247 | { |
2f043896 | 248 | X509_free(xtmp); |
d02b48c6 | 249 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); |
f684090c | 250 | return 0; |
d02b48c6 RE |
251 | } |
252 | num++; | |
253 | } | |
254 | ||
255 | /* we now have our chain, lets check it... */ | |
256 | xn=X509_get_issuer_name(x); | |
2f043896 DSH |
257 | |
258 | /* Is last certificate looked up self signed? */ | |
259 | if (!ctx->check_issued(ctx,x,x)) | |
d02b48c6 | 260 | { |
2f043896 | 261 | if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) |
d02b48c6 RE |
262 | { |
263 | if (ctx->last_untrusted >= num) | |
264 | ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; | |
265 | else | |
266 | ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; | |
267 | ctx->current_cert=x; | |
268 | } | |
269 | else | |
270 | { | |
271 | ||
7e258a56 | 272 | sk_X509_push(ctx->chain,chain_ss); |
d02b48c6 RE |
273 | num++; |
274 | ctx->last_untrusted=num; | |
275 | ctx->current_cert=chain_ss; | |
276 | ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; | |
277 | chain_ss=NULL; | |
278 | } | |
279 | ||
280 | ctx->error_depth=num-1; | |
281 | ok=cb(0,ctx); | |
282 | if (!ok) goto end; | |
283 | } | |
284 | ||
11262391 | 285 | /* We have the chain complete: now we need to check its purpose */ |
b7c190d9 | 286 | if (ctx->purpose > 0) ok = check_chain_purpose(ctx); |
11262391 | 287 | |
b7c190d9 | 288 | if (!ok) goto end; |
11262391 | 289 | |
51630a37 DSH |
290 | /* The chain extensions are OK: check trust */ |
291 | ||
b7c190d9 | 292 | if (ctx->trust > 0) ok = check_trust(ctx); |
51630a37 | 293 | |
b7c190d9 | 294 | if (!ok) goto end; |
51630a37 | 295 | |
d02b48c6 RE |
296 | /* We may as well copy down any DSA parameters that are required */ |
297 | X509_get_pubkey_parameters(NULL,ctx->chain); | |
298 | ||
299 | /* At this point, we have a chain and just need to verify it */ | |
2f043896 DSH |
300 | if (ctx->verify != NULL) |
301 | ok=ctx->verify(ctx); | |
d02b48c6 RE |
302 | else |
303 | ok=internal_verify(ctx); | |
dfeab068 RE |
304 | if (0) |
305 | { | |
d02b48c6 | 306 | end: |
dfeab068 RE |
307 | X509_get_pubkey_parameters(NULL,ctx->chain); |
308 | } | |
f73e07cf | 309 | if (sktmp != NULL) sk_X509_free(sktmp); |
d02b48c6 | 310 | if (chain_ss != NULL) X509_free(chain_ss); |
f684090c | 311 | return ok; |
d02b48c6 RE |
312 | } |
313 | ||
2f043896 DSH |
314 | |
315 | /* Given a STACK_OF(X509) find the issuer of cert (if any) | |
316 | */ | |
317 | ||
318 | static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) | |
319 | { | |
320 | int i; | |
321 | X509 *issuer; | |
b7c190d9 | 322 | for (i = 0; i < sk_X509_num(sk); i++) |
82aec1cc | 323 | { |
2f043896 | 324 | issuer = sk_X509_value(sk, i); |
b7c190d9 | 325 | if (ctx->check_issued(ctx, x, issuer)) |
82aec1cc BM |
326 | return issuer; |
327 | } | |
2f043896 DSH |
328 | return NULL; |
329 | } | |
330 | ||
331 | /* Given a possible certificate and issuer check them */ | |
332 | ||
333 | static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) | |
334 | { | |
335 | int ret; | |
336 | ret = X509_check_issued(issuer, x); | |
82aec1cc BM |
337 | if (ret == X509_V_OK) |
338 | return 1; | |
dbba890c DSH |
339 | /* If we haven't asked for issuer errors don't set ctx */ |
340 | if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK)) | |
341 | return 0; | |
342 | ||
343 | ctx->error = ret; | |
344 | ctx->current_cert = x; | |
345 | ctx->current_issuer = issuer; | |
346 | if (ctx->verify_cb) | |
347 | return ctx->verify_cb(0, ctx); | |
2f043896 DSH |
348 | return 0; |
349 | } | |
350 | ||
351 | /* Alternative lookup method: look from a STACK stored in other_ctx */ | |
352 | ||
353 | static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) | |
354 | { | |
355 | *issuer = find_issuer(ctx, ctx->other_ctx, x); | |
82aec1cc BM |
356 | if (*issuer) |
357 | { | |
2f043896 DSH |
358 | CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509); |
359 | return 1; | |
82aec1cc BM |
360 | } |
361 | else | |
362 | return 0; | |
2f043896 DSH |
363 | } |
364 | ||
365 | ||
11262391 DSH |
366 | /* Check a certificate chains extensions for consistency |
367 | * with the supplied purpose | |
368 | */ | |
369 | ||
370 | static int check_chain_purpose(X509_STORE_CTX *ctx) | |
371 | { | |
cf1b7d96 | 372 | #ifdef OPENSSL_NO_CHAIN_VERIFY |
11262391 DSH |
373 | return 1; |
374 | #else | |
375 | int i, ok=0; | |
376 | X509 *x; | |
377 | int (*cb)(); | |
2f043896 | 378 | cb=ctx->verify_cb; |
11262391 DSH |
379 | if (cb == NULL) cb=null_callback; |
380 | /* Check all untrusted certificates */ | |
b7c190d9 | 381 | for (i = 0; i < ctx->last_untrusted; i++) |
82aec1cc | 382 | { |
11262391 | 383 | x = sk_X509_value(ctx->chain, i); |
82aec1cc BM |
384 | if (!X509_check_purpose(x, ctx->purpose, i)) |
385 | { | |
386 | if (i) | |
387 | ctx->error = X509_V_ERR_INVALID_CA; | |
388 | else | |
389 | ctx->error = X509_V_ERR_INVALID_PURPOSE; | |
11262391 DSH |
390 | ctx->error_depth = i; |
391 | ctx->current_cert = x; | |
392 | ok=cb(0,ctx); | |
82aec1cc BM |
393 | if (!ok) goto end; |
394 | } | |
11262391 | 395 | /* Check pathlen */ |
b7c190d9 | 396 | if ((i > 1) && (x->ex_pathlen != -1) |
82aec1cc BM |
397 | && (i > (x->ex_pathlen + 1))) |
398 | { | |
11262391 DSH |
399 | ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; |
400 | ctx->error_depth = i; | |
401 | ctx->current_cert = x; | |
402 | ok=cb(0,ctx); | |
82aec1cc BM |
403 | if (!ok) goto end; |
404 | } | |
11262391 | 405 | } |
11262391 | 406 | ok = 1; |
82aec1cc | 407 | end: |
f684090c | 408 | return ok; |
11262391 DSH |
409 | #endif |
410 | } | |
411 | ||
51630a37 DSH |
412 | static int check_trust(X509_STORE_CTX *ctx) |
413 | { | |
cf1b7d96 | 414 | #ifdef OPENSSL_NO_CHAIN_VERIFY |
51630a37 DSH |
415 | return 1; |
416 | #else | |
417 | int i, ok; | |
418 | X509 *x; | |
419 | int (*cb)(); | |
2f043896 | 420 | cb=ctx->verify_cb; |
51630a37 DSH |
421 | if (cb == NULL) cb=null_callback; |
422 | /* For now just check the last certificate in the chain */ | |
423 | i = sk_X509_num(ctx->chain) - 1; | |
424 | x = sk_X509_value(ctx->chain, i); | |
13938ace | 425 | ok = X509_check_trust(x, ctx->trust, 0); |
82aec1cc BM |
426 | if (ok == X509_TRUST_TRUSTED) |
427 | return 1; | |
51630a37 DSH |
428 | ctx->error_depth = sk_X509_num(ctx->chain) - 1; |
429 | ctx->current_cert = x; | |
82aec1cc BM |
430 | if (ok == X509_TRUST_REJECTED) |
431 | ctx->error = X509_V_ERR_CERT_REJECTED; | |
432 | else | |
433 | ctx->error = X509_V_ERR_CERT_UNTRUSTED; | |
51630a37 | 434 | ok = cb(0, ctx); |
f684090c | 435 | return ok; |
51630a37 DSH |
436 | #endif |
437 | } | |
438 | ||
6b691a5c | 439 | static int internal_verify(X509_STORE_CTX *ctx) |
d02b48c6 RE |
440 | { |
441 | int i,ok=0,n; | |
442 | X509 *xs,*xi; | |
443 | EVP_PKEY *pkey=NULL; | |
bbb72003 | 444 | time_t *ptime; |
d02b48c6 RE |
445 | int (*cb)(); |
446 | ||
2f043896 | 447 | cb=ctx->verify_cb; |
d02b48c6 RE |
448 | if (cb == NULL) cb=null_callback; |
449 | ||
7e258a56 | 450 | n=sk_X509_num(ctx->chain); |
d02b48c6 RE |
451 | ctx->error_depth=n-1; |
452 | n--; | |
7e258a56 | 453 | xi=sk_X509_value(ctx->chain,n); |
82aec1cc BM |
454 | if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) |
455 | ptime = &ctx->check_time; | |
456 | else | |
457 | ptime = NULL; | |
bbb72003 | 458 | if (ctx->check_issued(ctx, xi, xi)) |
d02b48c6 RE |
459 | xs=xi; |
460 | else | |
461 | { | |
462 | if (n <= 0) | |
463 | { | |
464 | ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; | |
465 | ctx->current_cert=xi; | |
466 | ok=cb(0,ctx); | |
467 | goto end; | |
468 | } | |
469 | else | |
470 | { | |
471 | n--; | |
472 | ctx->error_depth=n; | |
7e258a56 | 473 | xs=sk_X509_value(ctx->chain,n); |
d02b48c6 RE |
474 | } |
475 | } | |
476 | ||
477 | /* ctx->error=0; not needed */ | |
478 | while (n >= 0) | |
479 | { | |
480 | ctx->error_depth=n; | |
481 | if (!xs->valid) | |
482 | { | |
483 | if ((pkey=X509_get_pubkey(xi)) == NULL) | |
484 | { | |
485 | ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; | |
486 | ctx->current_cert=xi; | |
487 | ok=(*cb)(0,ctx); | |
488 | if (!ok) goto end; | |
489 | } | |
490 | if (X509_verify(xs,pkey) <= 0) | |
78f3a2aa BM |
491 | /* XXX For the final trusted self-signed cert, |
492 | * this is a waste of time. That check should | |
493 | * optional so that e.g. 'openssl x509' can be | |
494 | * used to detect invalid self-signatures, but | |
495 | * we don't verify again and again in SSL | |
496 | * handshakes and the like once the cert has | |
497 | * been declared trusted. */ | |
d02b48c6 RE |
498 | { |
499 | ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; | |
500 | ctx->current_cert=xs; | |
501 | ok=(*cb)(0,ctx); | |
582e5929 DSH |
502 | if (!ok) |
503 | { | |
504 | EVP_PKEY_free(pkey); | |
505 | goto end; | |
506 | } | |
d02b48c6 | 507 | } |
cfcf6453 | 508 | EVP_PKEY_free(pkey); |
d02b48c6 RE |
509 | pkey=NULL; |
510 | ||
bbb72003 | 511 | i=X509_cmp_time(X509_get_notBefore(xs), ptime); |
d02b48c6 RE |
512 | if (i == 0) |
513 | { | |
514 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; | |
515 | ctx->current_cert=xs; | |
516 | ok=(*cb)(0,ctx); | |
517 | if (!ok) goto end; | |
518 | } | |
519 | if (i > 0) | |
520 | { | |
521 | ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; | |
522 | ctx->current_cert=xs; | |
523 | ok=(*cb)(0,ctx); | |
524 | if (!ok) goto end; | |
525 | } | |
526 | xs->valid=1; | |
527 | } | |
528 | ||
bbb72003 | 529 | i=X509_cmp_time(X509_get_notAfter(xs), ptime); |
d02b48c6 RE |
530 | if (i == 0) |
531 | { | |
532 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; | |
533 | ctx->current_cert=xs; | |
534 | ok=(*cb)(0,ctx); | |
535 | if (!ok) goto end; | |
536 | } | |
537 | ||
538 | if (i < 0) | |
539 | { | |
540 | ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; | |
541 | ctx->current_cert=xs; | |
542 | ok=(*cb)(0,ctx); | |
543 | if (!ok) goto end; | |
544 | } | |
545 | ||
546 | /* CRL CHECK */ | |
547 | ||
548 | /* The last error (if any) is still in the error value */ | |
549 | ctx->current_cert=xs; | |
550 | ok=(*cb)(1,ctx); | |
551 | if (!ok) goto end; | |
552 | ||
553 | n--; | |
554 | if (n >= 0) | |
555 | { | |
556 | xi=xs; | |
7e258a56 | 557 | xs=sk_X509_value(ctx->chain,n); |
d02b48c6 RE |
558 | } |
559 | } | |
560 | ok=1; | |
561 | end: | |
f684090c | 562 | return ok; |
d02b48c6 RE |
563 | } |
564 | ||
284ef5f3 | 565 | int X509_cmp_current_time(ASN1_TIME *ctm) |
bbb72003 DSH |
566 | { |
567 | return X509_cmp_time(ctm, NULL); | |
568 | } | |
569 | ||
570 | int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) | |
d02b48c6 RE |
571 | { |
572 | char *str; | |
284ef5f3 | 573 | ASN1_TIME atm; |
d02b48c6 RE |
574 | time_t offset; |
575 | char buff1[24],buff2[24],*p; | |
576 | int i,j; | |
577 | ||
578 | p=buff1; | |
579 | i=ctm->length; | |
580 | str=(char *)ctm->data; | |
82aec1cc BM |
581 | if (ctm->type == V_ASN1_UTCTIME) |
582 | { | |
f684090c | 583 | if ((i < 11) || (i > 17)) return 0; |
284ef5f3 DSH |
584 | memcpy(p,str,10); |
585 | p+=10; | |
586 | str+=10; | |
82aec1cc BM |
587 | } |
588 | else | |
589 | { | |
590 | if (i < 13) return 0; | |
284ef5f3 DSH |
591 | memcpy(p,str,12); |
592 | p+=12; | |
593 | str+=12; | |
82aec1cc | 594 | } |
d02b48c6 RE |
595 | |
596 | if ((*str == 'Z') || (*str == '-') || (*str == '+')) | |
597 | { *(p++)='0'; *(p++)='0'; } | |
284ef5f3 DSH |
598 | else |
599 | { | |
600 | *(p++)= *(str++); | |
601 | *(p++)= *(str++); | |
602 | /* Skip any fractional seconds... */ | |
82aec1cc | 603 | if (*str == '.') |
284ef5f3 DSH |
604 | { |
605 | str++; | |
b7c190d9 | 606 | while ((*str >= '0') && (*str <= '9')) str++; |
284ef5f3 | 607 | } |
82aec1cc BM |
608 | |
609 | } | |
d02b48c6 RE |
610 | *(p++)='Z'; |
611 | *(p++)='\0'; | |
612 | ||
613 | if (*str == 'Z') | |
614 | offset=0; | |
615 | else | |
616 | { | |
617 | if ((*str != '+') && (str[5] != '-')) | |
f684090c | 618 | return 0; |
d02b48c6 RE |
619 | offset=((str[1]-'0')*10+(str[2]-'0'))*60; |
620 | offset+=(str[3]-'0')*10+(str[4]-'0'); | |
621 | if (*str == '-') | |
dfeab068 | 622 | offset= -offset; |
d02b48c6 | 623 | } |
284ef5f3 | 624 | atm.type=ctm->type; |
d02b48c6 RE |
625 | atm.length=sizeof(buff2); |
626 | atm.data=(unsigned char *)buff2; | |
627 | ||
bbb72003 | 628 | X509_time_adj(&atm,-offset*60, cmp_time); |
d02b48c6 | 629 | |
b7c190d9 | 630 | if (ctm->type == V_ASN1_UTCTIME) |
284ef5f3 DSH |
631 | { |
632 | i=(buff1[0]-'0')*10+(buff1[1]-'0'); | |
633 | if (i < 50) i+=100; /* cf. RFC 2459 */ | |
634 | j=(buff2[0]-'0')*10+(buff2[1]-'0'); | |
635 | if (j < 50) j+=100; | |
d02b48c6 | 636 | |
f684090c BM |
637 | if (i < j) return -1; |
638 | if (i > j) return 1; | |
284ef5f3 | 639 | } |
d02b48c6 RE |
640 | i=strcmp(buff1,buff2); |
641 | if (i == 0) /* wait a second then return younger :-) */ | |
f684090c | 642 | return -1; |
d02b48c6 | 643 | else |
f684090c | 644 | return i; |
d02b48c6 RE |
645 | } |
646 | ||
284ef5f3 | 647 | ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) |
bbb72003 DSH |
648 | { |
649 | return X509_time_adj(s, adj, NULL); | |
650 | } | |
651 | ||
652 | ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm) | |
d02b48c6 RE |
653 | { |
654 | time_t t; | |
ba8e2824 | 655 | int type = -1; |
d02b48c6 | 656 | |
b7c190d9 | 657 | if (in_tm) t = *in_tm; |
bbb72003 DSH |
658 | else time(&t); |
659 | ||
d02b48c6 | 660 | t+=adj; |
ba8e2824 DSH |
661 | if (s) type = s->type; |
662 | if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t); | |
663 | if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t); | |
664 | return ASN1_TIME_set(s, t); | |
d02b48c6 RE |
665 | } |
666 | ||
7e258a56 | 667 | int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) |
d02b48c6 RE |
668 | { |
669 | EVP_PKEY *ktmp=NULL,*ktmp2; | |
670 | int i,j; | |
671 | ||
f684090c | 672 | if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1; |
d02b48c6 | 673 | |
7e258a56 | 674 | for (i=0; i<sk_X509_num(chain); i++) |
d02b48c6 | 675 | { |
7e258a56 | 676 | ktmp=X509_get_pubkey(sk_X509_value(chain,i)); |
d02b48c6 RE |
677 | if (ktmp == NULL) |
678 | { | |
679 | X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); | |
f684090c | 680 | return 0; |
d02b48c6 RE |
681 | } |
682 | if (!EVP_PKEY_missing_parameters(ktmp)) | |
683 | break; | |
684 | else | |
685 | { | |
cfcf6453 | 686 | EVP_PKEY_free(ktmp); |
d02b48c6 RE |
687 | ktmp=NULL; |
688 | } | |
689 | } | |
690 | if (ktmp == NULL) | |
691 | { | |
692 | X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); | |
f684090c | 693 | return 0; |
d02b48c6 RE |
694 | } |
695 | ||
696 | /* first, populate the other certs */ | |
697 | for (j=i-1; j >= 0; j--) | |
698 | { | |
7e258a56 | 699 | ktmp2=X509_get_pubkey(sk_X509_value(chain,j)); |
d02b48c6 | 700 | EVP_PKEY_copy_parameters(ktmp2,ktmp); |
cfcf6453 | 701 | EVP_PKEY_free(ktmp2); |
d02b48c6 RE |
702 | } |
703 | ||
cfcf6453 DSH |
704 | if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp); |
705 | EVP_PKEY_free(ktmp); | |
f684090c | 706 | return 1; |
d02b48c6 RE |
707 | } |
708 | ||
dd9d233e DSH |
709 | int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
710 | CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) | |
3ac82faa BM |
711 | { |
712 | /* This function is (usually) called only once, by | |
713 | * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). | |
714 | * That function uses locking, so we don't (usually) | |
715 | * have to worry about locking here. For the whole cruel | |
716 | * truth, see crypto/ex_data.c */ | |
717 | x509_store_ctx_num++; | |
718 | return CRYPTO_get_ex_new_index(x509_store_ctx_num-1, | |
58964a49 | 719 | &x509_store_ctx_method, |
3ac82faa BM |
720 | argl,argp,new_func,dup_func,free_func); |
721 | } | |
58964a49 | 722 | |
6b691a5c | 723 | int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) |
58964a49 | 724 | { |
f684090c | 725 | return CRYPTO_set_ex_data(&ctx->ex_data,idx,data); |
58964a49 RE |
726 | } |
727 | ||
6b691a5c | 728 | void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) |
58964a49 | 729 | { |
f684090c | 730 | return CRYPTO_get_ex_data(&ctx->ex_data,idx); |
58964a49 RE |
731 | } |
732 | ||
6b691a5c | 733 | int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) |
58964a49 | 734 | { |
f684090c | 735 | return ctx->error; |
58964a49 RE |
736 | } |
737 | ||
6b691a5c | 738 | void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) |
58964a49 RE |
739 | { |
740 | ctx->error=err; | |
741 | } | |
742 | ||
6b691a5c | 743 | int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) |
58964a49 | 744 | { |
f684090c | 745 | return ctx->error_depth; |
58964a49 RE |
746 | } |
747 | ||
6b691a5c | 748 | X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) |
58964a49 | 749 | { |
f684090c | 750 | return ctx->current_cert; |
58964a49 RE |
751 | } |
752 | ||
7e258a56 | 753 | STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) |
58964a49 | 754 | { |
f684090c | 755 | return ctx->chain; |
58964a49 RE |
756 | } |
757 | ||
c7cb16a8 | 758 | STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) |
25f923dd DSH |
759 | { |
760 | int i; | |
761 | X509 *x; | |
762 | STACK_OF(X509) *chain; | |
b7c190d9 BM |
763 | if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL; |
764 | for (i = 0; i < sk_X509_num(chain); i++) | |
82aec1cc | 765 | { |
25f923dd DSH |
766 | x = sk_X509_value(chain, i); |
767 | CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); | |
82aec1cc | 768 | } |
f684090c | 769 | return chain; |
25f923dd DSH |
770 | } |
771 | ||
6b691a5c | 772 | void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) |
58964a49 RE |
773 | { |
774 | ctx->cert=x; | |
775 | } | |
776 | ||
6b691a5c | 777 | void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) |
58964a49 RE |
778 | { |
779 | ctx->untrusted=sk; | |
780 | } | |
781 | ||
13938ace | 782 | int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) |
11262391 | 783 | { |
13938ace | 784 | return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); |
11262391 DSH |
785 | } |
786 | ||
bb7cd4e3 | 787 | int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) |
11262391 | 788 | { |
bb7cd4e3 | 789 | return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust); |
11262391 DSH |
790 | } |
791 | ||
13938ace DSH |
792 | /* This function is used to set the X509_STORE_CTX purpose and trust |
793 | * values. This is intended to be used when another structure has its | |
794 | * own trust and purpose values which (if set) will be inherited by | |
795 | * the ctx. If they aren't set then we will usually have a default | |
796 | * purpose in mind which should then be used to set the trust value. | |
797 | * An example of this is SSL use: an SSL structure will have its own | |
798 | * purpose and trust settings which the application can set: if they | |
799 | * aren't set then we use the default of SSL client/server. | |
800 | */ | |
801 | ||
802 | int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, | |
803 | int purpose, int trust) | |
51630a37 | 804 | { |
51630a37 | 805 | int idx; |
13938ace | 806 | /* If purpose not set use default */ |
82aec1cc | 807 | if (!purpose) purpose = def_purpose; |
13938ace | 808 | /* If we have a purpose then check it is valid */ |
82aec1cc BM |
809 | if (purpose) |
810 | { | |
068fdce8 | 811 | X509_PURPOSE *ptmp; |
13938ace | 812 | idx = X509_PURPOSE_get_by_id(purpose); |
b7c190d9 | 813 | if (idx == -1) |
82aec1cc | 814 | { |
13938ace DSH |
815 | X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, |
816 | X509_R_UNKNOWN_PURPOSE_ID); | |
817 | return 0; | |
82aec1cc | 818 | } |
068fdce8 | 819 | ptmp = X509_PURPOSE_get0(idx); |
b7c190d9 | 820 | if (ptmp->trust == X509_TRUST_DEFAULT) |
82aec1cc | 821 | { |
068fdce8 | 822 | idx = X509_PURPOSE_get_by_id(def_purpose); |
b7c190d9 | 823 | if (idx == -1) |
82aec1cc | 824 | { |
068fdce8 DSH |
825 | X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, |
826 | X509_R_UNKNOWN_PURPOSE_ID); | |
827 | return 0; | |
82aec1cc | 828 | } |
6d0d5431 | 829 | ptmp = X509_PURPOSE_get0(idx); |
82aec1cc | 830 | } |
068fdce8 | 831 | /* If trust not set then get from purpose default */ |
b7c190d9 | 832 | if (!trust) trust = ptmp->trust; |
82aec1cc | 833 | } |
b7c190d9 | 834 | if (trust) |
82aec1cc | 835 | { |
13938ace | 836 | idx = X509_TRUST_get_by_id(trust); |
b7c190d9 | 837 | if (idx == -1) |
82aec1cc | 838 | { |
13938ace DSH |
839 | X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, |
840 | X509_R_UNKNOWN_TRUST_ID); | |
841 | return 0; | |
82aec1cc | 842 | } |
13938ace | 843 | } |
13938ace | 844 | |
b7c190d9 BM |
845 | if (purpose) ctx->purpose = purpose; |
846 | if (trust) ctx->trust = trust; | |
51630a37 DSH |
847 | return 1; |
848 | } | |
849 | ||
2f043896 DSH |
850 | X509_STORE_CTX *X509_STORE_CTX_new(void) |
851 | { | |
852 | X509_STORE_CTX *ctx; | |
853 | ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); | |
82aec1cc | 854 | if (ctx) memset(ctx, 0, sizeof(X509_STORE_CTX)); |
2f043896 DSH |
855 | return ctx; |
856 | } | |
857 | ||
858 | void X509_STORE_CTX_free(X509_STORE_CTX *ctx) | |
859 | { | |
860 | X509_STORE_CTX_cleanup(ctx); | |
861 | OPENSSL_free(ctx); | |
862 | } | |
863 | ||
864 | void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, | |
865 | STACK_OF(X509) *chain) | |
866 | { | |
867 | ctx->ctx=store; | |
868 | ctx->current_method=0; | |
869 | ctx->cert=x509; | |
870 | ctx->untrusted=chain; | |
871 | ctx->last_untrusted=0; | |
872 | ctx->purpose=0; | |
873 | ctx->trust=0; | |
82aec1cc BM |
874 | ctx->check_time=0; |
875 | ctx->flags=0; | |
876 | ctx->other_ctx=NULL; | |
2f043896 DSH |
877 | ctx->valid=0; |
878 | ctx->chain=NULL; | |
879 | ctx->depth=9; | |
880 | ctx->error=0; | |
82aec1cc | 881 | ctx->error_depth=0; |
2f043896 DSH |
882 | ctx->current_cert=NULL; |
883 | ctx->current_issuer=NULL; | |
884 | ctx->check_issued = check_issued; | |
885 | ctx->get_issuer = X509_STORE_CTX_get1_issuer; | |
886 | ctx->verify_cb = store->verify_cb; | |
887 | ctx->verify = store->verify; | |
82aec1cc | 888 | ctx->cleanup = 0; |
2f043896 DSH |
889 | memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); |
890 | } | |
891 | ||
892 | /* Set alternative lookup method: just a STACK of trusted certificates. | |
893 | * This avoids X509_STORE nastiness where it isn't needed. | |
894 | */ | |
895 | ||
896 | void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) | |
897 | { | |
898 | ctx->other_ctx = sk; | |
899 | ctx->get_issuer = get_issuer_sk; | |
900 | } | |
901 | ||
902 | void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) | |
903 | { | |
b7c190d9 | 904 | if (ctx->cleanup) ctx->cleanup(ctx); |
2f043896 DSH |
905 | if (ctx->chain != NULL) |
906 | { | |
907 | sk_X509_pop_free(ctx->chain,X509_free); | |
908 | ctx->chain=NULL; | |
909 | } | |
910 | CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data)); | |
911 | memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); | |
912 | } | |
13938ace | 913 | |
bbb72003 DSH |
914 | void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags) |
915 | { | |
f684090c | 916 | ctx->flags |= flags; |
bbb72003 DSH |
917 | } |
918 | ||
919 | void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t) | |
920 | { | |
f684090c BM |
921 | ctx->check_time = t; |
922 | ctx->flags |= X509_V_FLAG_USE_CHECK_TIME; | |
bbb72003 DSH |
923 | } |
924 | ||
f73e07cf BL |
925 | IMPLEMENT_STACK_OF(X509) |
926 | IMPLEMENT_ASN1_SET_OF(X509) | |
d500de16 | 927 | |
f73e07cf | 928 | IMPLEMENT_STACK_OF(X509_NAME) |
d500de16 | 929 | |
f5fedc04 | 930 | IMPLEMENT_STACK_OF(X509_ATTRIBUTE) |
d500de16 | 931 | IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE) |