1 /* crypto/x509/x509_vfy.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <stdio.h> 60 #include <time.h> 61 #include <errno.h> 62 63 #include "cryptlib.h" 64 #include <openssl/crypto.h> 65 #include <openssl/lhash.h> 66 #include <openssl/buffer.h> 67 #include <openssl/evp.h> 68 #include <openssl/asn1.h> 69 #include <openssl/x509.h> 70 #include <openssl/x509v3.h> 71 #include <openssl/objects.h> 72 73 static int null_callback(int ok,X509_STORE_CTX *e); 74 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); 75 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x); 76 static int check_chain_purpose(X509_STORE_CTX *ctx); 77 static int check_trust(X509_STORE_CTX *ctx); 78 static int check_revocation(X509_STORE_CTX *ctx); 79 static int check_cert(X509_STORE_CTX *ctx); 80 static int internal_verify(X509_STORE_CTX *ctx); 81 const char *X509_version="X.509" OPENSSL_VERSION_PTEXT; 82 83 84 static int null_callback(int ok, X509_STORE_CTX *e) 85 { 86 return ok; 87 } 88 89 #if 0 90 static int x509_subject_cmp(X509 **a, X509 **b) 91 { 92 return X509_subject_name_cmp(*a,*b); 93 } 94 #endif 95 96 int X509_verify_cert(X509_STORE_CTX *ctx) 97 { 98 X509 *x,*xtmp,*chain_ss=NULL; 99 X509_NAME *xn; 100 int depth,i,ok=0; 101 int num; 102 int (*cb)(); 103 STACK_OF(X509) *sktmp=NULL; 104 105 if (ctx->cert == NULL) 106 { 107 X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); 108 return -1; 109 } 110 111 cb=ctx->verify_cb; 112 113 /* first we make sure the chain we are going to build is 114 * present and that the first entry is in place */ 115 if (ctx->chain == NULL) 116 { 117 if ( ((ctx->chain=sk_X509_new_null()) == NULL) || 118 (!sk_X509_push(ctx->chain,ctx->cert))) 119 { 120 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 121 goto end; 122 } 123 CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509); 124 ctx->last_untrusted=1; 125 } 126 127 /* We use a temporary STACK so we can chop and hack at it */ 128 if (ctx->untrusted != NULL 129 && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) 130 { 131 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 132 goto end; 133 } 134 135 num=sk_X509_num(ctx->chain); 136 x=sk_X509_value(ctx->chain,num-1); 137 depth=ctx->depth; 138 139 140 for (;;) 141 { 142 /* If we have enough, we break */ 143 if (depth < num) break; /* FIXME: If this happens, we should take 144 * note of it and, if appropriate, use the 145 * X509_V_ERR_CERT_CHAIN_TOO_LONG error 146 * code later. 147 */ 148 149 /* If we are self signed, we break */ 150 xn=X509_get_issuer_name(x); 151 if (ctx->check_issued(ctx, x,x)) break; 152 153 /* If we were passed a cert chain, use it first */ 154 if (ctx->untrusted != NULL) 155 { 156 xtmp=find_issuer(ctx, sktmp,x); 157 if (xtmp != NULL) 158 { 159 if (!sk_X509_push(ctx->chain,xtmp)) 160 { 161 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 162 goto end; 163 } 164 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); 165 sk_X509_delete_ptr(sktmp,xtmp); 166 ctx->last_untrusted++; 167 x=xtmp; 168 num++; 169 /* reparse the full chain for 170 * the next one */ 171 continue; 172 } 173 } 174 break; 175 } 176 177 /* at this point, chain should contain a list of untrusted 178 * certificates. We now need to add at least one trusted one, 179 * if possible, otherwise we complain. */ 180 181 /* Examine last certificate in chain and see if it 182 * is self signed. 183 */ 184 185 i=sk_X509_num(ctx->chain); 186 x=sk_X509_value(ctx->chain,i-1); 187 xn = X509_get_subject_name(x); 188 if (ctx->check_issued(ctx, x, x)) 189 { 190 /* we have a self signed certificate */ 191 if (sk_X509_num(ctx->chain) == 1) 192 { 193 /* We have a single self signed certificate: see if 194 * we can find it in the store. We must have an exact 195 * match to avoid possible impersonation. 196 */ 197 ok = ctx->get_issuer(&xtmp, ctx, x); 198 if ((ok <= 0) || X509_cmp(x, xtmp)) 199 { 200 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; 201 ctx->current_cert=x; 202 ctx->error_depth=i-1; 203 if (ok == 1) X509_free(xtmp); 204 ok=cb(0,ctx); 205 if (!ok) goto end; 206 } 207 else 208 { 209 /* We have a match: replace certificate with store version 210 * so we get any trust settings. 211 */ 212 X509_free(x); 213 x = xtmp; 214 sk_X509_set(ctx->chain, i - 1, x); 215 ctx->last_untrusted=0; 216 } 217 } 218 else 219 { 220 /* extract and save self signed certificate for later use */ 221 chain_ss=sk_X509_pop(ctx->chain); 222 ctx->last_untrusted--; 223 num--; 224 x=sk_X509_value(ctx->chain,num-1); 225 } 226 } 227 228 /* We now lookup certs from the certificate store */ 229 for (;;) 230 { 231 /* If we have enough, we break */ 232 if (depth < num) break; 233 234 /* If we are self signed, we break */ 235 xn=X509_get_issuer_name(x); 236 if (ctx->check_issued(ctx,x,x)) break; 237 238 ok = ctx->get_issuer(&xtmp, ctx, x); 239 240 if (ok < 0) return ok; 241 if (ok == 0) break; 242 243 x = xtmp; 244 if (!sk_X509_push(ctx->chain,x)) 245 { 246 X509_free(xtmp); 247 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 248 return 0; 249 } 250 num++; 251 } 252 253 /* we now have our chain, lets check it... */ 254 xn=X509_get_issuer_name(x); 255 256 /* Is last certificate looked up self signed? */ 257 if (!ctx->check_issued(ctx,x,x)) 258 { 259 if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) 260 { 261 if (ctx->last_untrusted >= num) 262 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; 263 else 264 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; 265 ctx->current_cert=x; 266 } 267 else 268 { 269 270 sk_X509_push(ctx->chain,chain_ss); 271 num++; 272 ctx->last_untrusted=num; 273 ctx->current_cert=chain_ss; 274 ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; 275 chain_ss=NULL; 276 } 277 278 ctx->error_depth=num-1; 279 ok=cb(0,ctx); 280 if (!ok) goto end; 281 } 282 283 /* We have the chain complete: now we need to check its purpose */ 284 if (ctx->purpose > 0) ok = check_chain_purpose(ctx); 285 286 if (!ok) goto end; 287 288 /* The chain extensions are OK: check trust */ 289 290 if (ctx->trust > 0) ok = check_trust(ctx); 291 292 if (!ok) goto end; 293 294 /* We may as well copy down any DSA parameters that are required */ 295 X509_get_pubkey_parameters(NULL,ctx->chain); 296 297 /* Check revocation status: we do this after copying parameters 298 * because they may be needed for CRL signature verification. 299 */ 300 301 ok = ctx->check_revocation(ctx); 302 if(!ok) goto end; 303 304 /* At this point, we have a chain and just need to verify it */ 305 if (ctx->verify != NULL) 306 ok=ctx->verify(ctx); 307 else 308 ok=internal_verify(ctx); 309 if (0) 310 { 311 end: 312 X509_get_pubkey_parameters(NULL,ctx->chain); 313 } 314 if (sktmp != NULL) sk_X509_free(sktmp); 315 if (chain_ss != NULL) X509_free(chain_ss); 316 return ok; 317 } 318 319 320 /* Given a STACK_OF(X509) find the issuer of cert (if any) 321 */ 322 323 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) 324 { 325 int i; 326 X509 *issuer; 327 for (i = 0; i < sk_X509_num(sk); i++) 328 { 329 issuer = sk_X509_value(sk, i); 330 if (ctx->check_issued(ctx, x, issuer)) 331 return issuer; 332 } 333 return NULL; 334 } 335 336 /* Given a possible certificate and issuer check them */ 337 338 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) 339 { 340 int ret; 341 ret = X509_check_issued(issuer, x); 342 if (ret == X509_V_OK) 343 return 1; 344 /* If we haven't asked for issuer errors don't set ctx */ 345 if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK)) 346 return 0; 347 348 ctx->error = ret; 349 ctx->current_cert = x; 350 ctx->current_issuer = issuer; 351 return ctx->verify_cb(0, ctx); 352 return 0; 353 } 354 355 /* Alternative lookup method: look from a STACK stored in other_ctx */ 356 357 static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) 358 { 359 *issuer = find_issuer(ctx, ctx->other_ctx, x); 360 if (*issuer) 361 { 362 CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509); 363 return 1; 364 } 365 else 366 return 0; 367 } 368 369 370 /* Check a certificate chains extensions for consistency 371 * with the supplied purpose 372 */ 373 374 static int check_chain_purpose(X509_STORE_CTX *ctx) 375 { 376 #ifdef OPENSSL_NO_CHAIN_VERIFY 377 return 1; 378 #else 379 int i, ok=0; 380 X509 *x; 381 int (*cb)(); 382 cb=ctx->verify_cb; 383 /* Check all untrusted certificates */ 384 for (i = 0; i < ctx->last_untrusted; i++) 385 { 386 x = sk_X509_value(ctx->chain, i); 387 if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL) 388 && (x->ex_flags & EXFLAG_CRITICAL)) 389 { 390 ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; 391 ctx->error_depth = i; 392 ctx->current_cert = x; 393 ok=cb(0,ctx); 394 if (!ok) goto end; 395 } 396 if (!X509_check_purpose(x, ctx->purpose, i)) 397 { 398 if (i) 399 ctx->error = X509_V_ERR_INVALID_CA; 400 else 401 ctx->error = X509_V_ERR_INVALID_PURPOSE; 402 ctx->error_depth = i; 403 ctx->current_cert = x; 404 ok=cb(0,ctx); 405 if (!ok) goto end; 406 } 407 /* Check pathlen */ 408 if ((i > 1) && (x->ex_pathlen != -1) 409 && (i > (x->ex_pathlen + 1))) 410 { 411 ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; 412 ctx->error_depth = i; 413 ctx->current_cert = x; 414 ok=cb(0,ctx); 415 if (!ok) goto end; 416 } 417 } 418 ok = 1; 419 end: 420 return ok; 421 #endif 422 } 423 424 static int check_trust(X509_STORE_CTX *ctx) 425 { 426 #ifdef OPENSSL_NO_CHAIN_VERIFY 427 return 1; 428 #else 429 int i, ok; 430 X509 *x; 431 int (*cb)(); 432 cb=ctx->verify_cb; 433 /* For now just check the last certificate in the chain */ 434 i = sk_X509_num(ctx->chain) - 1; 435 x = sk_X509_value(ctx->chain, i); 436 ok = X509_check_trust(x, ctx->trust, 0); 437 if (ok == X509_TRUST_TRUSTED) 438 return 1; 439 ctx->error_depth = i; 440 ctx->current_cert = x; 441 if (ok == X509_TRUST_REJECTED) 442 ctx->error = X509_V_ERR_CERT_REJECTED; 443 else 444 ctx->error = X509_V_ERR_CERT_UNTRUSTED; 445 ok = cb(0, ctx); 446 return ok; 447 #endif 448 } 449 450 static int check_revocation(X509_STORE_CTX *ctx) 451 { 452 int i, last, ok; 453 if (!(ctx->flags & X509_V_FLAG_CRL_CHECK)) 454 return 1; 455 if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL) 456 last = sk_X509_num(ctx->chain) - 1; 457 else 458 last = 0; 459 for(i = 0; i <= last; i++) 460 { 461 ctx->error_depth = i; 462 ok = check_cert(ctx); 463 if (!ok) return ok; 464 } 465 return 1; 466 } 467 468 static int check_cert(X509_STORE_CTX *ctx) 469 { 470 X509_CRL *crl = NULL; 471 X509 *x; 472 int ok, cnum; 473 cnum = ctx->error_depth; 474 x = sk_X509_value(ctx->chain, cnum); 475 ctx->current_cert = x; 476 /* Try to retrieve relevant CRL */ 477 ok = ctx->get_crl(ctx, &crl, x); 478 /* If error looking up CRL, nothing we can do except 479 * notify callback 480 */ 481 if(!ok) 482 { 483 ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; 484 ok = ctx->verify_cb(0, ctx); 485 goto err; 486 } 487 ctx->current_crl = crl; 488 ok = ctx->check_crl(ctx, crl); 489 if (!ok) goto err; 490 ok = ctx->cert_crl(ctx, crl, x); 491 err: 492 ctx->current_crl = NULL; 493 X509_CRL_free(crl); 494 return ok; 495 496 } 497 498 /* Retrieve CRL corresponding to certificate: currently just a 499 * subject lookup: maybe use AKID later... 500 * Also might look up any included CRLs too (e.g PKCS#7 signedData). 501 */ 502 static int get_crl(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x) 503 { 504 int ok; 505 X509_OBJECT xobj; 506 ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, X509_get_issuer_name(x), &xobj); 507 if (!ok) return 0; 508 *crl = xobj.data.crl; 509 return 1; 510 } 511 512 /* Check CRL validity */ 513 static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) 514 { 515 X509 *issuer = NULL; 516 EVP_PKEY *ikey = NULL; 517 int ok = 0, chnum, cnum, i; 518 time_t *ptime; 519 cnum = ctx->error_depth; 520 chnum = sk_X509_num(ctx->chain) - 1; 521 /* Find CRL issuer: if not last certificate then issuer 522 * is next certificate in chain. 523 */ 524 if(cnum < chnum) 525 issuer = sk_X509_value(ctx->chain, cnum + 1); 526 else 527 { 528 issuer = sk_X509_value(ctx->chain, chnum); 529 /* If not self signed, can't check signature */ 530 if(!ctx->check_issued(ctx, issuer, issuer)) 531 { 532 ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER; 533 ok = ctx->verify_cb(0, ctx); 534 if(!ok) goto err; 535 } 536 } 537 538 if(issuer) 539 { 540 541 /* Attempt to get issuer certificate public key */ 542 ikey = X509_get_pubkey(issuer); 543 544 if(!ikey) 545 { 546 ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; 547 ok = ctx->verify_cb(0, ctx); 548 if (!ok) goto err; 549 } 550 else 551 { 552 /* Verify CRL signature */ 553 if(X509_CRL_verify(crl, ikey) <= 0) 554 { 555 ctx->error=X509_V_ERR_CRL_SIGNATURE_FAILURE; 556 ok = ctx->verify_cb(0, ctx); 557 if (!ok) goto err; 558 } 559 } 560 } 561 562 /* OK, CRL signature valid check times */ 563 if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) 564 ptime = &ctx->check_time; 565 else 566 ptime = NULL; 567 568 i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); 569 if (i == 0) 570 { 571 ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; 572 ok = ctx->verify_cb(0, ctx); 573 if (!ok) goto err; 574 } 575 576 if (i > 0) 577 { 578 ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; 579 ok = ctx->verify_cb(0, ctx); 580 if (!ok) goto err; 581 } 582 583 if(X509_CRL_get_nextUpdate(crl)) 584 { 585 i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); 586 587 if (i == 0) 588 { 589 ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; 590 ok = ctx->verify_cb(0, ctx); 591 if (!ok) goto err; 592 } 593 594 if (i < 0) 595 { 596 ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; 597 ok = ctx->verify_cb(0, ctx); 598 if (!ok) goto err; 599 } 600 } 601 602 ok = 1; 603 604 err: 605 EVP_PKEY_free(ikey); 606 return ok; 607 } 608 609 /* Check certificate against CRL */ 610 static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) 611 { 612 int idx, ok; 613 X509_REVOKED rtmp; 614 /* Look for serial number of certificate in CRL */ 615 rtmp.serialNumber = X509_get_serialNumber(x); 616 idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp); 617 /* Not found: OK */ 618 if(idx == -1) return 1; 619 /* Otherwise revoked: want something cleverer than 620 * this to handle entry extensions in V2 CRLs. 621 */ 622 ctx->error = X509_V_ERR_CERT_REVOKED; 623 ok = ctx->verify_cb(0, ctx); 624 return ok; 625 } 626 627 static int internal_verify(X509_STORE_CTX *ctx) 628 { 629 int i,ok=0,n; 630 X509 *xs,*xi; 631 EVP_PKEY *pkey=NULL; 632 time_t *ptime; 633 int (*cb)(); 634 635 cb=ctx->verify_cb; 636 637 n=sk_X509_num(ctx->chain); 638 ctx->error_depth=n-1; 639 n--; 640 xi=sk_X509_value(ctx->chain,n); 641 if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME) 642 ptime = &ctx->check_time; 643 else 644 ptime = NULL; 645 if (ctx->check_issued(ctx, xi, xi)) 646 xs=xi; 647 else 648 { 649 if (n <= 0) 650 { 651 ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; 652 ctx->current_cert=xi; 653 ok=cb(0,ctx); 654 goto end; 655 } 656 else 657 { 658 n--; 659 ctx->error_depth=n; 660 xs=sk_X509_value(ctx->chain,n); 661 } 662 } 663 664 /* ctx->error=0; not needed */ 665 while (n >= 0) 666 { 667 ctx->error_depth=n; 668 if (!xs->valid) 669 { 670 if ((pkey=X509_get_pubkey(xi)) == NULL) 671 { 672 ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; 673 ctx->current_cert=xi; 674 ok=(*cb)(0,ctx); 675 if (!ok) goto end; 676 } 677 else if (X509_verify(xs,pkey) <= 0) 678 /* XXX For the final trusted self-signed cert, 679 * this is a waste of time. That check should 680 * optional so that e.g. 'openssl x509' can be 681 * used to detect invalid self-signatures, but 682 * we don't verify again and again in SSL 683 * handshakes and the like once the cert has 684 * been declared trusted. */ 685 { 686 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; 687 ctx->current_cert=xs; 688 ok=(*cb)(0,ctx); 689 if (!ok) 690 { 691 EVP_PKEY_free(pkey); 692 goto end; 693 } 694 } 695 EVP_PKEY_free(pkey); 696 pkey=NULL; 697 698 i=X509_cmp_time(X509_get_notBefore(xs), ptime); 699 if (i == 0) 700 { 701 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; 702 ctx->current_cert=xs; 703 ok=(*cb)(0,ctx); 704 if (!ok) goto end; 705 } 706 if (i > 0) 707 { 708 ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; 709 ctx->current_cert=xs; 710 ok=(*cb)(0,ctx); 711 if (!ok) goto end; 712 } 713 xs->valid=1; 714 } 715 716 i=X509_cmp_time(X509_get_notAfter(xs), ptime); 717 if (i == 0) 718 { 719 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; 720 ctx->current_cert=xs; 721 ok=(*cb)(0,ctx); 722 if (!ok) goto end; 723 } 724 725 if (i < 0) 726 { 727 ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; 728 ctx->current_cert=xs; 729 ok=(*cb)(0,ctx); 730 if (!ok) goto end; 731 } 732 733 /* The last error (if any) is still in the error value */ 734 ctx->current_cert=xs; 735 ok=(*cb)(1,ctx); 736 if (!ok) goto end; 737 738 n--; 739 if (n >= 0) 740 { 741 xi=xs; 742 xs=sk_X509_value(ctx->chain,n); 743 } 744 } 745 ok=1; 746 end: 747 return ok; 748 } 749 750 int X509_cmp_current_time(ASN1_TIME *ctm) 751 { 752 return X509_cmp_time(ctm, NULL); 753 } 754 755 int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) 756 { 757 char *str; 758 ASN1_TIME atm; 759 long offset; 760 char buff1[24],buff2[24],*p; 761 int i,j; 762 763 p=buff1; 764 i=ctm->length; 765 str=(char *)ctm->data; 766 if (ctm->type == V_ASN1_UTCTIME) 767 { 768 if ((i < 11) || (i > 17)) return 0; 769 memcpy(p,str,10); 770 p+=10; 771 str+=10; 772 } 773 else 774 { 775 if (i < 13) return 0; 776 memcpy(p,str,12); 777 p+=12; 778 str+=12; 779 } 780 781 if ((*str == 'Z') || (*str == '-') || (*str == '+')) 782 { *(p++)='0'; *(p++)='0'; } 783 else 784 { 785 *(p++)= *(str++); 786 *(p++)= *(str++); 787 /* Skip any fractional seconds... */ 788 if (*str == '.') 789 { 790 str++; 791 while ((*str >= '0') && (*str <= '9')) str++; 792 } 793 794 } 795 *(p++)='Z'; 796 *(p++)='\0'; 797 798 if (*str == 'Z') 799 offset=0; 800 else 801 { 802 if ((*str != '+') && (str[5] != '-')) 803 return 0; 804 offset=((str[1]-'0')*10+(str[2]-'0'))*60; 805 offset+=(str[3]-'0')*10+(str[4]-'0'); 806 if (*str == '-') 807 offset= -offset; 808 } 809 atm.type=ctm->type; 810 atm.length=sizeof(buff2); 811 atm.data=(unsigned char *)buff2; 812 813 X509_time_adj(&atm,-offset*60, cmp_time); 814 815 if (ctm->type == V_ASN1_UTCTIME) 816 { 817 i=(buff1[0]-'0')*10+(buff1[1]-'0'); 818 if (i < 50) i+=100; /* cf. RFC 2459 */ 819 j=(buff2[0]-'0')*10+(buff2[1]-'0'); 820 if (j < 50) j+=100; 821 822 if (i < j) return -1; 823 if (i > j) return 1; 824 } 825 i=strcmp(buff1,buff2); 826 if (i == 0) /* wait a second then return younger :-) */ 827 return -1; 828 else 829 return i; 830 } 831 832 ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) 833 { 834 return X509_time_adj(s, adj, NULL); 835 } 836 837 ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm) 838 { 839 time_t t; 840 int type = -1; 841 842 if (in_tm) t = *in_tm; 843 else time(&t); 844 845 t+=adj; 846 if (s) type = s->type; 847 if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t); 848 if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t); 849 return ASN1_TIME_set(s, t); 850 } 851 852 int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) 853 { 854 EVP_PKEY *ktmp=NULL,*ktmp2; 855 int i,j; 856 857 if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1; 858 859 for (i=0; i<sk_X509_num(chain); i++) 860 { 861 ktmp=X509_get_pubkey(sk_X509_value(chain,i)); 862 if (ktmp == NULL) 863 { 864 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); 865 return 0; 866 } 867 if (!EVP_PKEY_missing_parameters(ktmp)) 868 break; 869 else 870 { 871 EVP_PKEY_free(ktmp); 872 ktmp=NULL; 873 } 874 } 875 if (ktmp == NULL) 876 { 877 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); 878 return 0; 879 } 880 881 /* first, populate the other certs */ 882 for (j=i-1; j >= 0; j--) 883 { 884 ktmp2=X509_get_pubkey(sk_X509_value(chain,j)); 885 EVP_PKEY_copy_parameters(ktmp2,ktmp); 886 EVP_PKEY_free(ktmp2); 887 } 888 889 if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp); 890 EVP_PKEY_free(ktmp); 891 return 1; 892 } 893 894 int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 895 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 896 { 897 /* This function is (usually) called only once, by 898 * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */ 899 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp, 900 new_func, dup_func, free_func); 901 } 902 903 int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) 904 { 905 return CRYPTO_set_ex_data(&ctx->ex_data,idx,data); 906 } 907 908 void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) 909 { 910 return CRYPTO_get_ex_data(&ctx->ex_data,idx); 911 } 912 913 int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) 914 { 915 return ctx->error; 916 } 917 918 void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) 919 { 920 ctx->error=err; 921 } 922 923 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) 924 { 925 return ctx->error_depth; 926 } 927 928 X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) 929 { 930 return ctx->current_cert; 931 } 932 933 STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) 934 { 935 return ctx->chain; 936 } 937 938 STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) 939 { 940 int i; 941 X509 *x; 942 STACK_OF(X509) *chain; 943 if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL; 944 for (i = 0; i < sk_X509_num(chain); i++) 945 { 946 x = sk_X509_value(chain, i); 947 CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); 948 } 949 return chain; 950 } 951 952 void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) 953 { 954 ctx->cert=x; 955 } 956 957 void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) 958 { 959 ctx->untrusted=sk; 960 } 961 962 int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) 963 { 964 return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); 965 } 966 967 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) 968 { 969 return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust); 970 } 971 972 /* This function is used to set the X509_STORE_CTX purpose and trust 973 * values. This is intended to be used when another structure has its 974 * own trust and purpose values which (if set) will be inherited by 975 * the ctx. If they aren't set then we will usually have a default 976 * purpose in mind which should then be used to set the trust value. 977 * An example of this is SSL use: an SSL structure will have its own 978 * purpose and trust settings which the application can set: if they 979 * aren't set then we use the default of SSL client/server. 980 */ 981 982 int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, 983 int purpose, int trust) 984 { 985 int idx; 986 /* If purpose not set use default */ 987 if (!purpose) purpose = def_purpose; 988 /* If we have a purpose then check it is valid */ 989 if (purpose) 990 { 991 X509_PURPOSE *ptmp; 992 idx = X509_PURPOSE_get_by_id(purpose); 993 if (idx == -1) 994 { 995 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, 996 X509_R_UNKNOWN_PURPOSE_ID); 997 return 0; 998 } 999 ptmp = X509_PURPOSE_get0(idx); 1000 if (ptmp->trust == X509_TRUST_DEFAULT) 1001 { 1002 idx = X509_PURPOSE_get_by_id(def_purpose); 1003 if (idx == -1) 1004 { 1005 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, 1006 X509_R_UNKNOWN_PURPOSE_ID); 1007 return 0; 1008 } 1009 ptmp = X509_PURPOSE_get0(idx); 1010 } 1011 /* If trust not set then get from purpose default */ 1012 if (!trust) trust = ptmp->trust; 1013 } 1014 if (trust) 1015 { 1016 idx = X509_TRUST_get_by_id(trust); 1017 if (idx == -1) 1018 { 1019 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, 1020 X509_R_UNKNOWN_TRUST_ID); 1021 return 0; 1022 } 1023 } 1024 1025 if (purpose && !ctx->purpose) ctx->purpose = purpose; 1026 if (trust && !ctx->trust) ctx->trust = trust; 1027 return 1; 1028 } 1029 1030 X509_STORE_CTX *X509_STORE_CTX_new(void) 1031 { 1032 X509_STORE_CTX *ctx; 1033 ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); 1034 if (!ctx) 1035 { 1036 X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE); 1037 return NULL; 1038 } 1039 memset(ctx, 0, sizeof(X509_STORE_CTX)); 1040 return ctx; 1041 } 1042 1043 void X509_STORE_CTX_free(X509_STORE_CTX *ctx) 1044 { 1045 X509_STORE_CTX_cleanup(ctx); 1046 OPENSSL_free(ctx); 1047 } 1048 1049 int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, 1050 STACK_OF(X509) *chain) 1051 { 1052 ctx->ctx=store; 1053 ctx->current_method=0; 1054 ctx->cert=x509; 1055 ctx->untrusted=chain; 1056 ctx->last_untrusted=0; 1057 ctx->check_time=0; 1058 ctx->other_ctx=NULL; 1059 ctx->valid=0; 1060 ctx->chain=NULL; 1061 ctx->depth=9; 1062 ctx->error=0; 1063 ctx->error_depth=0; 1064 ctx->current_cert=NULL; 1065 ctx->current_issuer=NULL; 1066 1067 /* Inherit callbacks and flags from X509_STORE if not set 1068 * use defaults. 1069 */ 1070 1071 1072 if (store) 1073 { 1074 ctx->purpose=store->purpose; 1075 ctx->trust=store->trust; 1076 ctx->flags = store->flags; 1077 ctx->cleanup = store->cleanup; 1078 } 1079 else 1080 { 1081 ctx->purpose = 0; 1082 ctx->trust = 0; 1083 ctx->flags = 0; 1084 ctx->cleanup = 0; 1085 } 1086 1087 if (store && store->check_issued) 1088 ctx->check_issued = store->check_issued; 1089 else 1090 ctx->check_issued = check_issued; 1091 1092 if (store && store->get_issuer) 1093 ctx->get_issuer = store->get_issuer; 1094 else 1095 ctx->get_issuer = X509_STORE_CTX_get1_issuer; 1096 1097 if (store && store->verify_cb) 1098 ctx->verify_cb = store->verify_cb; 1099 else 1100 ctx->verify_cb = null_callback; 1101 1102 if (store && store->verify) 1103 ctx->verify = store->verify; 1104 else 1105 ctx->verify = internal_verify; 1106 1107 if (store && store->check_revocation) 1108 ctx->check_revocation = store->check_revocation; 1109 else 1110 ctx->check_revocation = check_revocation; 1111 1112 if (store && store->get_crl) 1113 ctx->get_crl = store->get_crl; 1114 else 1115 ctx->get_crl = get_crl; 1116 1117 if (store && store->check_crl) 1118 ctx->check_crl = store->check_crl; 1119 else 1120 ctx->check_crl = check_crl; 1121 1122 if (store && store->cert_crl) 1123 ctx->cert_crl = store->cert_crl; 1124 else 1125 ctx->cert_crl = cert_crl; 1126 1127 1128 /* This memset() can't make any sense anyway, so it's removed. As 1129 * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a 1130 * corresponding "new" here and remove this bogus initialisation. */ 1131 /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */ 1132 if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, 1133 &(ctx->ex_data))) 1134 { 1135 OPENSSL_free(ctx); 1136 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); 1137 return 0; 1138 } 1139 return 1; 1140 } 1141 1142 /* Set alternative lookup method: just a STACK of trusted certificates. 1143 * This avoids X509_STORE nastiness where it isn't needed. 1144 */ 1145 1146 void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) 1147 { 1148 ctx->other_ctx = sk; 1149 ctx->get_issuer = get_issuer_sk; 1150 } 1151 1152 void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) 1153 { 1154 if (ctx->cleanup) ctx->cleanup(ctx); 1155 if (ctx->chain != NULL) 1156 { 1157 sk_X509_pop_free(ctx->chain,X509_free); 1158 ctx->chain=NULL; 1159 } 1160 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data)); 1161 memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); 1162 } 1163 1164 void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags) 1165 { 1166 ctx->flags |= flags; 1167 } 1168 1169 void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t) 1170 { 1171 ctx->check_time = t; 1172 ctx->flags |= X509_V_FLAG_USE_CHECK_TIME; 1173 } 1174 1175 void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, 1176 int (*verify_cb)(int, X509_STORE_CTX *)) 1177 { 1178 ctx->verify_cb=verify_cb; 1179 } 1180 1181 IMPLEMENT_STACK_OF(X509) 1182 IMPLEMENT_ASN1_SET_OF(X509) 1183 1184 IMPLEMENT_STACK_OF(X509_NAME) 1185 1186 IMPLEMENT_STACK_OF(X509_ATTRIBUTE) 1187 IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE) 1188