Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / fdcde7668253a224034e161446c318b36ee76839 / . / src / tls / x509v3.c
blob: 5c8ac567619682062de39ed8df0e93ec86bfd31a [file] [log] [blame]
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1/*
2 * X.509v3 certificate parsing and processing (RFC 3280 profile)
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]3 * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi>
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]4 *
Dmitry Shmidtc5ec7f52012-03-06 16:33:24 -0800[diff] [blame]5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]7 */
8
9#include "includes.h"
10
11#include "common.h"
12#include "crypto/crypto.h"
13#include "asn1.h"
14#include "x509v3.h"
15
16
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]17void x509_free_name(struct x509_name *name)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]18{
19 size_t i;
20
21 for (i = 0; i < name->num_attr; i++) {
22 os_free(name->attr[i].value);
23 name->attr[i].value = NULL;
24 name->attr[i].type = X509_NAME_ATTR_NOT_USED;
25 }
26 name->num_attr = 0;
27 os_free(name->email);
28 name->email = NULL;
29
30 os_free(name->alt_email);
31 os_free(name->dns);
32 os_free(name->uri);
33 os_free(name->ip);
34 name->alt_email = name->dns = name->uri = NULL;
35 name->ip = NULL;
36 name->ip_len = 0;
37 os_memset(&name->rid, 0, sizeof(name->rid));
38}
39
40
41/**
42 * x509_certificate_free - Free an X.509 certificate
43 * @cert: Certificate to be freed
44 */
45void x509_certificate_free(struct x509_certificate *cert)
46{
47 if (cert == NULL)
48 return;
49 if (cert->next) {
50 wpa_printf(MSG_DEBUG, "X509: x509_certificate_free: cer=%p "
51 "was still on a list (next=%p)\n",
52 cert, cert->next);
53 }
54 x509_free_name(&cert->issuer);
55 x509_free_name(&cert->subject);
56 os_free(cert->public_key);
57 os_free(cert->sign_value);
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]58 os_free(cert->subject_dn);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]59 os_free(cert);
60}
61
62
63/**
64 * x509_certificate_free - Free an X.509 certificate chain
65 * @cert: Pointer to the first certificate in the chain
66 */
67void x509_certificate_chain_free(struct x509_certificate *cert)
68{
69 struct x509_certificate *next;
70
71 while (cert) {
72 next = cert->next;
73 cert->next = NULL;
74 x509_certificate_free(cert);
75 cert = next;
76 }
77}
78
79
80static int x509_whitespace(char c)
81{
82 return c == ' ' || c == '\t';
83}
84
85
86static void x509_str_strip_whitespace(char *a)
87{
88 char *ipos, *opos;
89 int remove_whitespace = 1;
90
91 ipos = opos = a;
92
93 while (*ipos) {
94 if (remove_whitespace && x509_whitespace(*ipos))
95 ipos++;
96 else {
97 remove_whitespace = x509_whitespace(*ipos);
98 *opos++ = *ipos++;
99 }
100 }
101
102 *opos-- = '\0';
103 if (opos > a && x509_whitespace(*opos))
104 *opos = '\0';
105}
106
107
108static int x509_str_compare(const char *a, const char *b)
109{
110 char *aa, *bb;
111 int ret;
112
113 if (!a && b)
114 return -1;
115 if (a && !b)
116 return 1;
117 if (!a && !b)
118 return 0;
119
120 aa = os_strdup(a);
121 bb = os_strdup(b);
122
123 if (aa == NULL || bb == NULL) {
124 os_free(aa);
125 os_free(bb);
126 return os_strcasecmp(a, b);
127 }
128
129 x509_str_strip_whitespace(aa);
130 x509_str_strip_whitespace(bb);
131
132 ret = os_strcasecmp(aa, bb);
133
134 os_free(aa);
135 os_free(bb);
136
137 return ret;
138}
139
140
141/**
142 * x509_name_compare - Compare X.509 certificate names
143 * @a: Certificate name
144 * @b: Certificate name
145 * Returns: <0, 0, or >0 based on whether a is less than, equal to, or
146 * greater than b
147 */
148int x509_name_compare(struct x509_name *a, struct x509_name *b)
149{
150 int res;
151 size_t i;
152
153 if (!a && b)
154 return -1;
155 if (a && !b)
156 return 1;
157 if (!a && !b)
158 return 0;
159 if (a->num_attr < b->num_attr)
160 return -1;
161 if (a->num_attr > b->num_attr)
162 return 1;
163
164 for (i = 0; i < a->num_attr; i++) {
165 if (a->attr[i].type < b->attr[i].type)
166 return -1;
167 if (a->attr[i].type > b->attr[i].type)
168 return -1;
169 res = x509_str_compare(a->attr[i].value, b->attr[i].value);
170 if (res)
171 return res;
172 }
173 res = x509_str_compare(a->email, b->email);
174 if (res)
175 return res;
176
177 return 0;
178}
179
180
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]181int x509_parse_algorithm_identifier(const u8 *buf, size_t len,
182 struct x509_algorithm_identifier *id,
183 const u8 **next)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]184{
185 struct asn1_hdr hdr;
186 const u8 *pos, *end;
187
188 /*
189 * AlgorithmIdentifier ::= SEQUENCE {
190 * algorithm OBJECT IDENTIFIER,
191 * parameters ANY DEFINED BY algorithm OPTIONAL
192 * }
193 */
194
195 if (asn1_get_next(buf, len, &hdr) < 0 ||
196 hdr.class != ASN1_CLASS_UNIVERSAL ||
197 hdr.tag != ASN1_TAG_SEQUENCE) {
198 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
199 "(AlgorithmIdentifier) - found class %d tag 0x%x",
200 hdr.class, hdr.tag);
201 return -1;
202 }
Dmitry Shmidtd80a4012015-11-05 16:35:40 -0800[diff] [blame]203 if (hdr.length > buf + len - hdr.payload)
204 return -1;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]205 pos = hdr.payload;
206 end = pos + hdr.length;
207
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]208 *next = end;
209
210 if (asn1_get_oid(pos, end - pos, &id->oid, &pos))
211 return -1;
212
213 /* TODO: optional parameters */
214
215 return 0;
216}
217
218
219static int x509_parse_public_key(const u8 *buf, size_t len,
220 struct x509_certificate *cert,
221 const u8 **next)
222{
223 struct asn1_hdr hdr;
224 const u8 *pos, *end;
225
226 /*
227 * SubjectPublicKeyInfo ::= SEQUENCE {
228 * algorithm AlgorithmIdentifier,
229 * subjectPublicKey BIT STRING
230 * }
231 */
232
233 pos = buf;
234 end = buf + len;
235
236 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
237 hdr.class != ASN1_CLASS_UNIVERSAL ||
238 hdr.tag != ASN1_TAG_SEQUENCE) {
239 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
240 "(SubjectPublicKeyInfo) - found class %d tag 0x%x",
241 hdr.class, hdr.tag);
242 return -1;
243 }
244 pos = hdr.payload;
245
Dmitry Shmidtd80a4012015-11-05 16:35:40 -0800[diff] [blame]246 if (hdr.length > end - pos)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]247 return -1;
248 end = pos + hdr.length;
249 *next = end;
250
251 if (x509_parse_algorithm_identifier(pos, end - pos,
252 &cert->public_key_alg, &pos))
253 return -1;
254
255 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
256 hdr.class != ASN1_CLASS_UNIVERSAL ||
257 hdr.tag != ASN1_TAG_BITSTRING) {
258 wpa_printf(MSG_DEBUG, "X509: Expected BITSTRING "
259 "(subjectPublicKey) - found class %d tag 0x%x",
260 hdr.class, hdr.tag);
261 return -1;
262 }
263 if (hdr.length < 1)
264 return -1;
265 pos = hdr.payload;
266 if (*pos) {
267 wpa_printf(MSG_DEBUG, "X509: BITSTRING - %d unused bits",
268 *pos);
269 /*
270 * TODO: should this be rejected? X.509 certificates are
271 * unlikely to use such a construction. Now we would end up
272 * including the extra bits in the buffer which may also be
273 * ok.
274 */
275 }
276 os_free(cert->public_key);
Dmitry Shmidtd2986c22017-10-23 14:22:09 -0700[diff] [blame]277 cert->public_key = os_memdup(pos + 1, hdr.length - 1);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]278 if (cert->public_key == NULL) {
279 wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for "
280 "public key");
281 return -1;
282 }
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]283 cert->public_key_len = hdr.length - 1;
284 wpa_hexdump(MSG_MSGDUMP, "X509: subjectPublicKey",
285 cert->public_key, cert->public_key_len);
286
287 return 0;
288}
289
290
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]291int x509_parse_name(const u8 *buf, size_t len, struct x509_name *name,
292 const u8 **next)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]293{
294 struct asn1_hdr hdr;
295 const u8 *pos, *end, *set_pos, *set_end, *seq_pos, *seq_end;
296 struct asn1_oid oid;
297 char *val;
298
299 /*
300 * Name ::= CHOICE { RDNSequence }
301 * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
302 * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
303 * AttributeTypeAndValue ::= SEQUENCE {
304 * type AttributeType,
305 * value AttributeValue
306 * }
307 * AttributeType ::= OBJECT IDENTIFIER
308 * AttributeValue ::= ANY DEFINED BY AttributeType
309 */
310
311 if (asn1_get_next(buf, len, &hdr) < 0 ||
312 hdr.class != ASN1_CLASS_UNIVERSAL ||
313 hdr.tag != ASN1_TAG_SEQUENCE) {
314 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
315 "(Name / RDNSequencer) - found class %d tag 0x%x",
316 hdr.class, hdr.tag);
317 return -1;
318 }
319 pos = hdr.payload;
320
Dmitry Shmidtd80a4012015-11-05 16:35:40 -0800[diff] [blame]321 if (hdr.length > buf + len - pos)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]322 return -1;
323
324 end = *next = pos + hdr.length;
325
326 while (pos < end) {
327 enum x509_name_attr_type type;
328
329 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
330 hdr.class != ASN1_CLASS_UNIVERSAL ||
331 hdr.tag != ASN1_TAG_SET) {
332 wpa_printf(MSG_DEBUG, "X509: Expected SET "
333 "(RelativeDistinguishedName) - found class "
334 "%d tag 0x%x", hdr.class, hdr.tag);
335 x509_free_name(name);
336 return -1;
337 }
338
339 set_pos = hdr.payload;
340 pos = set_end = hdr.payload + hdr.length;
341
342 if (asn1_get_next(set_pos, set_end - set_pos, &hdr) < 0 ||
343 hdr.class != ASN1_CLASS_UNIVERSAL ||
344 hdr.tag != ASN1_TAG_SEQUENCE) {
345 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
346 "(AttributeTypeAndValue) - found class %d "
347 "tag 0x%x", hdr.class, hdr.tag);
348 x509_free_name(name);
349 return -1;
350 }
351
352 seq_pos = hdr.payload;
353 seq_end = hdr.payload + hdr.length;
354
355 if (asn1_get_oid(seq_pos, seq_end - seq_pos, &oid, &seq_pos)) {
356 x509_free_name(name);
357 return -1;
358 }
359
360 if (asn1_get_next(seq_pos, seq_end - seq_pos, &hdr) < 0 ||
361 hdr.class != ASN1_CLASS_UNIVERSAL) {
362 wpa_printf(MSG_DEBUG, "X509: Failed to parse "
363 "AttributeValue");
364 x509_free_name(name);
365 return -1;
366 }
367
368 /* RFC 3280:
369 * MUST: country, organization, organizational-unit,
370 * distinguished name qualifier, state or province name,
371 * common name, serial number.
372 * SHOULD: locality, title, surname, given name, initials,
373 * pseudonym, generation qualifier.
374 * MUST: domainComponent (RFC 2247).
375 */
376 type = X509_NAME_ATTR_NOT_USED;
377 if (oid.len == 4 &&
378 oid.oid[0] == 2 && oid.oid[1] == 5 && oid.oid[2] == 4) {
379 /* id-at ::= 2.5.4 */
380 switch (oid.oid[3]) {
381 case 3:
382 /* commonName */
383 type = X509_NAME_ATTR_CN;
384 break;
385 case 6:
386 /* countryName */
387 type = X509_NAME_ATTR_C;
388 break;
389 case 7:
390 /* localityName */
391 type = X509_NAME_ATTR_L;
392 break;
393 case 8:
394 /* stateOrProvinceName */
395 type = X509_NAME_ATTR_ST;
396 break;
397 case 10:
398 /* organizationName */
399 type = X509_NAME_ATTR_O;
400 break;
401 case 11:
402 /* organizationalUnitName */
403 type = X509_NAME_ATTR_OU;
404 break;
405 }
406 } else if (oid.len == 7 &&
407 oid.oid[0] == 1 && oid.oid[1] == 2 &&
408 oid.oid[2] == 840 && oid.oid[3] == 113549 &&
409 oid.oid[4] == 1 && oid.oid[5] == 9 &&
410 oid.oid[6] == 1) {
411 /* 1.2.840.113549.1.9.1 - e-mailAddress */
412 os_free(name->email);
413 name->email = os_malloc(hdr.length + 1);
414 if (name->email == NULL) {
415 x509_free_name(name);
416 return -1;
417 }
418 os_memcpy(name->email, hdr.payload, hdr.length);
419 name->email[hdr.length] = '\0';
420 continue;
421 } else if (oid.len == 7 &&
422 oid.oid[0] == 0 && oid.oid[1] == 9 &&
423 oid.oid[2] == 2342 && oid.oid[3] == 19200300 &&
424 oid.oid[4] == 100 && oid.oid[5] == 1 &&
425 oid.oid[6] == 25) {
426 /* 0.9.2342.19200300.100.1.25 - domainComponent */
427 type = X509_NAME_ATTR_DC;
428 }
429
430 if (type == X509_NAME_ATTR_NOT_USED) {
431 wpa_hexdump(MSG_DEBUG, "X509: Unrecognized OID",
432 (u8 *) oid.oid,
433 oid.len * sizeof(oid.oid[0]));
434 wpa_hexdump_ascii(MSG_MSGDUMP, "X509: Attribute Data",
435 hdr.payload, hdr.length);
436 continue;
437 }
438
439 if (name->num_attr == X509_MAX_NAME_ATTRIBUTES) {
440 wpa_printf(MSG_INFO, "X509: Too many Name attributes");
441 x509_free_name(name);
442 return -1;
443 }
444
Dmitry Shmidt4b060592013-04-29 16:42:49 -0700[diff] [blame]445 val = dup_binstr(hdr.payload, hdr.length);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]446 if (val == NULL) {
447 x509_free_name(name);
448 return -1;
449 }
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]450 if (os_strlen(val) != hdr.length) {
451 wpa_printf(MSG_INFO, "X509: Reject certificate with "
452 "embedded NUL byte in a string (%s[NUL])",
453 val);
Dmitry Shmidt4b060592013-04-29 16:42:49 -0700[diff] [blame]454 os_free(val);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]455 x509_free_name(name);
456 return -1;
457 }
458
459 name->attr[name->num_attr].type = type;
460 name->attr[name->num_attr].value = val;
461 name->num_attr++;
462 }
463
464 return 0;
465}
466
467
468static char * x509_name_attr_str(enum x509_name_attr_type type)
469{
470 switch (type) {
471 case X509_NAME_ATTR_NOT_USED:
472 return "[N/A]";
473 case X509_NAME_ATTR_DC:
474 return "DC";
475 case X509_NAME_ATTR_CN:
476 return "CN";
477 case X509_NAME_ATTR_C:
478 return "C";
479 case X509_NAME_ATTR_L:
480 return "L";
481 case X509_NAME_ATTR_ST:
482 return "ST";
483 case X509_NAME_ATTR_O:
484 return "O";
485 case X509_NAME_ATTR_OU:
486 return "OU";
487 }
488 return "?";
489}
490
491
492/**
493 * x509_name_string - Convert an X.509 certificate name into a string
494 * @name: Name to convert
495 * @buf: Buffer for the string
496 * @len: Maximum buffer length
497 */
498void x509_name_string(struct x509_name *name, char *buf, size_t len)
499{
500 char *pos, *end;
501 int ret;
502 size_t i;
503
504 if (len == 0)
505 return;
506
507 pos = buf;
508 end = buf + len;
509
510 for (i = 0; i < name->num_attr; i++) {
511 ret = os_snprintf(pos, end - pos, "%s=%s, ",
512 x509_name_attr_str(name->attr[i].type),
513 name->attr[i].value);
Dmitry Shmidtfb45fd52015-01-05 13:08:17 -0800[diff] [blame]514 if (os_snprintf_error(end - pos, ret))
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]515 goto done;
516 pos += ret;
517 }
518
519 if (pos > buf + 1 && pos[-1] == ' ' && pos[-2] == ',') {
520 pos--;
521 *pos = '\0';
522 pos--;
523 *pos = '\0';
524 }
525
526 if (name->email) {
527 ret = os_snprintf(pos, end - pos, "/emailAddress=%s",
528 name->email);
Dmitry Shmidtfb45fd52015-01-05 13:08:17 -0800[diff] [blame]529 if (os_snprintf_error(end - pos, ret))
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]530 goto done;
531 pos += ret;
532 }
533
534done:
Hai Shalom74f70d42019-02-11 14:42:39 -0800[diff] [blame]535 if (pos < end)
536 *pos = '\0';
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]537 end[-1] = '\0';
538}
539
540
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]541static int parse_uint2(const char *pos, size_t len)
542{
543 char buf[3];
544 int ret;
545
546 if (len < 2)
547 return -1;
548 buf[0] = pos[0];
549 buf[1] = pos[1];
550 buf[2] = 0x00;
551 if (sscanf(buf, "%2d", &ret) != 1)
552 return -1;
553 return ret;
554}
555
556
557static int parse_uint4(const char *pos, size_t len)
558{
559 char buf[5];
560 int ret;
561
562 if (len < 4)
563 return -1;
564 buf[0] = pos[0];
565 buf[1] = pos[1];
566 buf[2] = pos[2];
567 buf[3] = pos[3];
568 buf[4] = 0x00;
569 if (sscanf(buf, "%4d", &ret) != 1)
570 return -1;
571 return ret;
572}
573
574
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]575int x509_parse_time(const u8 *buf, size_t len, u8 asn1_tag, os_time_t *val)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]576{
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]577 const char *pos, *end;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]578 int year, month, day, hour, min, sec;
579
580 /*
581 * Time ::= CHOICE {
582 * utcTime UTCTime,
583 * generalTime GeneralizedTime
584 * }
585 *
586 * UTCTime: YYMMDDHHMMSSZ
587 * GeneralizedTime: YYYYMMDDHHMMSSZ
588 */
589
590 pos = (const char *) buf;
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]591 end = pos + len;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]592
593 switch (asn1_tag) {
594 case ASN1_TAG_UTCTIME:
595 if (len != 13 || buf[12] != 'Z') {
596 wpa_hexdump_ascii(MSG_DEBUG, "X509: Unrecognized "
597 "UTCTime format", buf, len);
598 return -1;
599 }
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]600 year = parse_uint2(pos, end - pos);
601 if (year < 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]602 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse "
603 "UTCTime year", buf, len);
604 return -1;
605 }
606 if (year < 50)
607 year += 2000;
608 else
609 year += 1900;
610 pos += 2;
611 break;
612 case ASN1_TAG_GENERALIZEDTIME:
613 if (len != 15 || buf[14] != 'Z') {
614 wpa_hexdump_ascii(MSG_DEBUG, "X509: Unrecognized "
615 "GeneralizedTime format", buf, len);
616 return -1;
617 }
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]618 year = parse_uint4(pos, end - pos);
619 if (year < 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]620 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse "
621 "GeneralizedTime year", buf, len);
622 return -1;
623 }
624 pos += 4;
625 break;
626 default:
627 wpa_printf(MSG_DEBUG, "X509: Expected UTCTime or "
628 "GeneralizedTime - found tag 0x%x", asn1_tag);
629 return -1;
630 }
631
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]632 month = parse_uint2(pos, end - pos);
633 if (month < 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]634 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
635 "(month)", buf, len);
636 return -1;
637 }
638 pos += 2;
639
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]640 day = parse_uint2(pos, end - pos);
641 if (day < 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]642 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
643 "(day)", buf, len);
644 return -1;
645 }
646 pos += 2;
647
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]648 hour = parse_uint2(pos, end - pos);
649 if (hour < 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]650 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
651 "(hour)", buf, len);
652 return -1;
653 }
654 pos += 2;
655
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]656 min = parse_uint2(pos, end - pos);
657 if (min < 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]658 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
659 "(min)", buf, len);
660 return -1;
661 }
662 pos += 2;
663
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]664 sec = parse_uint2(pos, end - pos);
665 if (sec < 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]666 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse Time "
667 "(sec)", buf, len);
668 return -1;
669 }
670
671 if (os_mktime(year, month, day, hour, min, sec, val) < 0) {
672 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to convert Time",
673 buf, len);
674 if (year < 1970) {
675 /*
676 * At least some test certificates have been configured
677 * to use dates prior to 1970. Set the date to
678 * beginning of 1970 to handle these case.
679 */
680 wpa_printf(MSG_DEBUG, "X509: Year=%d before epoch - "
681 "assume epoch as the time", year);
682 *val = 0;
683 return 0;
684 }
685 return -1;
686 }
687
688 return 0;
689}
690
691
692static int x509_parse_validity(const u8 *buf, size_t len,
693 struct x509_certificate *cert, const u8 **next)
694{
695 struct asn1_hdr hdr;
696 const u8 *pos;
697 size_t plen;
698
699 /*
700 * Validity ::= SEQUENCE {
701 * notBefore Time,
702 * notAfter Time
703 * }
704 *
705 * RFC 3280, 4.1.2.5:
706 * CAs conforming to this profile MUST always encode certificate
707 * validity dates through the year 2049 as UTCTime; certificate
708 * validity dates in 2050 or later MUST be encoded as GeneralizedTime.
709 */
710
711 if (asn1_get_next(buf, len, &hdr) < 0 ||
712 hdr.class != ASN1_CLASS_UNIVERSAL ||
713 hdr.tag != ASN1_TAG_SEQUENCE) {
714 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
715 "(Validity) - found class %d tag 0x%x",
716 hdr.class, hdr.tag);
717 return -1;
718 }
719 pos = hdr.payload;
720 plen = hdr.length;
721
Dmitry Shmidtd80a4012015-11-05 16:35:40 -0800[diff] [blame]722 if (plen > (size_t) (buf + len - pos))
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]723 return -1;
724
725 *next = pos + plen;
726
727 if (asn1_get_next(pos, plen, &hdr) < 0 ||
728 hdr.class != ASN1_CLASS_UNIVERSAL ||
729 x509_parse_time(hdr.payload, hdr.length, hdr.tag,
730 &cert->not_before) < 0) {
731 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse notBefore "
732 "Time", hdr.payload, hdr.length);
733 return -1;
734 }
735
736 pos = hdr.payload + hdr.length;
737 plen = *next - pos;
738
739 if (asn1_get_next(pos, plen, &hdr) < 0 ||
740 hdr.class != ASN1_CLASS_UNIVERSAL ||
741 x509_parse_time(hdr.payload, hdr.length, hdr.tag,
742 &cert->not_after) < 0) {
743 wpa_hexdump_ascii(MSG_DEBUG, "X509: Failed to parse notAfter "
744 "Time", hdr.payload, hdr.length);
745 return -1;
746 }
747
748 wpa_printf(MSG_MSGDUMP, "X509: Validity: notBefore: %lu notAfter: %lu",
749 (unsigned long) cert->not_before,
750 (unsigned long) cert->not_after);
751
752 return 0;
753}
754
755
756static int x509_id_ce_oid(struct asn1_oid *oid)
757{
758 /* id-ce arc from X.509 for standard X.509v3 extensions */
759 return oid->len >= 4 &&
760 oid->oid[0] == 2 /* joint-iso-ccitt */ &&
761 oid->oid[1] == 5 /* ds */ &&
762 oid->oid[2] == 29 /* id-ce */;
763}
764
765
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]766static int x509_any_ext_key_usage_oid(struct asn1_oid *oid)
767{
768 return oid->len == 6 &&
769 x509_id_ce_oid(oid) &&
770 oid->oid[3] == 37 /* extKeyUsage */ &&
771 oid->oid[4] == 0 /* anyExtendedKeyUsage */;
772}
773
774
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]775static int x509_parse_ext_key_usage(struct x509_certificate *cert,
776 const u8 *pos, size_t len)
777{
778 struct asn1_hdr hdr;
779
780 /*
781 * KeyUsage ::= BIT STRING {
782 * digitalSignature (0),
783 * nonRepudiation (1),
784 * keyEncipherment (2),
785 * dataEncipherment (3),
786 * keyAgreement (4),
787 * keyCertSign (5),
788 * cRLSign (6),
789 * encipherOnly (7),
790 * decipherOnly (8) }
791 */
792
793 if (asn1_get_next(pos, len, &hdr) < 0 ||
794 hdr.class != ASN1_CLASS_UNIVERSAL ||
795 hdr.tag != ASN1_TAG_BITSTRING ||
796 hdr.length < 1) {
797 wpa_printf(MSG_DEBUG, "X509: Expected BIT STRING in "
798 "KeyUsage; found %d tag 0x%x len %d",
799 hdr.class, hdr.tag, hdr.length);
800 return -1;
801 }
802
803 cert->extensions_present |= X509_EXT_KEY_USAGE;
804 cert->key_usage = asn1_bit_string_to_long(hdr.payload, hdr.length);
805
806 wpa_printf(MSG_DEBUG, "X509: KeyUsage 0x%lx", cert->key_usage);
807
808 return 0;
809}
810
811
812static int x509_parse_ext_basic_constraints(struct x509_certificate *cert,
813 const u8 *pos, size_t len)
814{
815 struct asn1_hdr hdr;
816 unsigned long value;
817 size_t left;
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]818 const u8 *end_seq;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]819
820 /*
821 * BasicConstraints ::= SEQUENCE {
822 * cA BOOLEAN DEFAULT FALSE,
823 * pathLenConstraint INTEGER (0..MAX) OPTIONAL }
824 */
825
826 if (asn1_get_next(pos, len, &hdr) < 0 ||
827 hdr.class != ASN1_CLASS_UNIVERSAL ||
828 hdr.tag != ASN1_TAG_SEQUENCE) {
829 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE in "
830 "BasicConstraints; found %d tag 0x%x",
831 hdr.class, hdr.tag);
832 return -1;
833 }
834
835 cert->extensions_present |= X509_EXT_BASIC_CONSTRAINTS;
836
837 if (hdr.length == 0)
838 return 0;
839
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]840 end_seq = hdr.payload + hdr.length;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]841 if (asn1_get_next(hdr.payload, hdr.length, &hdr) < 0 ||
842 hdr.class != ASN1_CLASS_UNIVERSAL) {
843 wpa_printf(MSG_DEBUG, "X509: Failed to parse "
844 "BasicConstraints");
845 return -1;
846 }
847
848 if (hdr.tag == ASN1_TAG_BOOLEAN) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]849 cert->ca = hdr.payload[0];
850
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]851 pos = hdr.payload + hdr.length;
852 if (pos >= end_seq) {
853 /* No optional pathLenConstraint */
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]854 wpa_printf(MSG_DEBUG, "X509: BasicConstraints - cA=%d",
855 cert->ca);
856 return 0;
857 }
Hai Shalom81f62d82019-07-22 12:10:00 -0700[diff] [blame]858 if (asn1_get_next(pos, end_seq - pos, &hdr) < 0 ||
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]859 hdr.class != ASN1_CLASS_UNIVERSAL) {
860 wpa_printf(MSG_DEBUG, "X509: Failed to parse "
861 "BasicConstraints");
862 return -1;
863 }
864 }
865
866 if (hdr.tag != ASN1_TAG_INTEGER) {
867 wpa_printf(MSG_DEBUG, "X509: Expected INTEGER in "
868 "BasicConstraints; found class %d tag 0x%x",
869 hdr.class, hdr.tag);
870 return -1;
871 }
872
873 pos = hdr.payload;
874 left = hdr.length;
875 value = 0;
876 while (left) {
877 value <<= 8;
878 value |= *pos++;
879 left--;
880 }
881
882 cert->path_len_constraint = value;
883 cert->extensions_present |= X509_EXT_PATH_LEN_CONSTRAINT;
884
885 wpa_printf(MSG_DEBUG, "X509: BasicConstraints - cA=%d "
886 "pathLenConstraint=%lu",
887 cert->ca, cert->path_len_constraint);
888
889 return 0;
890}
891
892
893static int x509_parse_alt_name_rfc8222(struct x509_name *name,
894 const u8 *pos, size_t len)
895{
896 /* rfc822Name IA5String */
897 wpa_hexdump_ascii(MSG_MSGDUMP, "X509: altName - rfc822Name", pos, len);
898 os_free(name->alt_email);
899 name->alt_email = os_zalloc(len + 1);
900 if (name->alt_email == NULL)
901 return -1;
902 os_memcpy(name->alt_email, pos, len);
903 if (os_strlen(name->alt_email) != len) {
904 wpa_printf(MSG_INFO, "X509: Reject certificate with "
905 "embedded NUL byte in rfc822Name (%s[NUL])",
906 name->alt_email);
907 os_free(name->alt_email);
908 name->alt_email = NULL;
909 return -1;
910 }
911 return 0;
912}
913
914
915static int x509_parse_alt_name_dns(struct x509_name *name,
916 const u8 *pos, size_t len)
917{
918 /* dNSName IA5String */
919 wpa_hexdump_ascii(MSG_MSGDUMP, "X509: altName - dNSName", pos, len);
920 os_free(name->dns);
921 name->dns = os_zalloc(len + 1);
922 if (name->dns == NULL)
923 return -1;
924 os_memcpy(name->dns, pos, len);
925 if (os_strlen(name->dns) != len) {
926 wpa_printf(MSG_INFO, "X509: Reject certificate with "
927 "embedded NUL byte in dNSName (%s[NUL])",
928 name->dns);
929 os_free(name->dns);
930 name->dns = NULL;
931 return -1;
932 }
933 return 0;
934}
935
936
937static int x509_parse_alt_name_uri(struct x509_name *name,
938 const u8 *pos, size_t len)
939{
940 /* uniformResourceIdentifier IA5String */
941 wpa_hexdump_ascii(MSG_MSGDUMP,
942 "X509: altName - uniformResourceIdentifier",
943 pos, len);
944 os_free(name->uri);
945 name->uri = os_zalloc(len + 1);
946 if (name->uri == NULL)
947 return -1;
948 os_memcpy(name->uri, pos, len);
949 if (os_strlen(name->uri) != len) {
950 wpa_printf(MSG_INFO, "X509: Reject certificate with "
951 "embedded NUL byte in uniformResourceIdentifier "
952 "(%s[NUL])", name->uri);
953 os_free(name->uri);
954 name->uri = NULL;
955 return -1;
956 }
957 return 0;
958}
959
960
961static int x509_parse_alt_name_ip(struct x509_name *name,
962 const u8 *pos, size_t len)
963{
964 /* iPAddress OCTET STRING */
965 wpa_hexdump(MSG_MSGDUMP, "X509: altName - iPAddress", pos, len);
966 os_free(name->ip);
Dmitry Shmidtd2986c22017-10-23 14:22:09 -0700[diff] [blame]967 name->ip = os_memdup(pos, len);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]968 if (name->ip == NULL)
969 return -1;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]970 name->ip_len = len;
971 return 0;
972}
973
974
975static int x509_parse_alt_name_rid(struct x509_name *name,
976 const u8 *pos, size_t len)
977{
978 char buf[80];
979
980 /* registeredID OBJECT IDENTIFIER */
981 if (asn1_parse_oid(pos, len, &name->rid) < 0)
982 return -1;
983
984 asn1_oid_to_str(&name->rid, buf, sizeof(buf));
985 wpa_printf(MSG_MSGDUMP, "X509: altName - registeredID: %s", buf);
986
987 return 0;
988}
989
990
991static int x509_parse_ext_alt_name(struct x509_name *name,
992 const u8 *pos, size_t len)
993{
994 struct asn1_hdr hdr;
995 const u8 *p, *end;
996
997 /*
998 * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
999 *
1000 * GeneralName ::= CHOICE {
1001 * otherName [0] OtherName,
1002 * rfc822Name [1] IA5String,
1003 * dNSName [2] IA5String,
1004 * x400Address [3] ORAddress,
1005 * directoryName [4] Name,
1006 * ediPartyName [5] EDIPartyName,
1007 * uniformResourceIdentifier [6] IA5String,
1008 * iPAddress [7] OCTET STRING,
1009 * registeredID [8] OBJECT IDENTIFIER }
1010 *
1011 * OtherName ::= SEQUENCE {
1012 * type-id OBJECT IDENTIFIER,
1013 * value [0] EXPLICIT ANY DEFINED BY type-id }
1014 *
1015 * EDIPartyName ::= SEQUENCE {
1016 * nameAssigner [0] DirectoryString OPTIONAL,
1017 * partyName [1] DirectoryString }
1018 */
1019
1020 for (p = pos, end = pos + len; p < end; p = hdr.payload + hdr.length) {
1021 int res;
1022
1023 if (asn1_get_next(p, end - p, &hdr) < 0) {
1024 wpa_printf(MSG_DEBUG, "X509: Failed to parse "
1025 "SubjectAltName item");
1026 return -1;
1027 }
1028
1029 if (hdr.class != ASN1_CLASS_CONTEXT_SPECIFIC)
1030 continue;
1031
1032 switch (hdr.tag) {
1033 case 1:
1034 res = x509_parse_alt_name_rfc8222(name, hdr.payload,
1035 hdr.length);
1036 break;
1037 case 2:
1038 res = x509_parse_alt_name_dns(name, hdr.payload,
1039 hdr.length);
1040 break;
1041 case 6:
1042 res = x509_parse_alt_name_uri(name, hdr.payload,
1043 hdr.length);
1044 break;
1045 case 7:
1046 res = x509_parse_alt_name_ip(name, hdr.payload,
1047 hdr.length);
1048 break;
1049 case 8:
1050 res = x509_parse_alt_name_rid(name, hdr.payload,
1051 hdr.length);
1052 break;
1053 case 0: /* TODO: otherName */
1054 case 3: /* TODO: x500Address */
1055 case 4: /* TODO: directoryName */
1056 case 5: /* TODO: ediPartyName */
1057 default:
1058 res = 0;
1059 break;
1060 }
1061 if (res < 0)
1062 return res;
1063 }
1064
1065 return 0;
1066}
1067
1068
1069static int x509_parse_ext_subject_alt_name(struct x509_certificate *cert,
1070 const u8 *pos, size_t len)
1071{
1072 struct asn1_hdr hdr;
1073
1074 /* SubjectAltName ::= GeneralNames */
1075
1076 if (asn1_get_next(pos, len, &hdr) < 0 ||
1077 hdr.class != ASN1_CLASS_UNIVERSAL ||
1078 hdr.tag != ASN1_TAG_SEQUENCE) {
1079 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE in "
1080 "SubjectAltName; found %d tag 0x%x",
1081 hdr.class, hdr.tag);
1082 return -1;
1083 }
1084
1085 wpa_printf(MSG_DEBUG, "X509: SubjectAltName");
1086 cert->extensions_present |= X509_EXT_SUBJECT_ALT_NAME;
1087
1088 if (hdr.length == 0)
1089 return 0;
1090
1091 return x509_parse_ext_alt_name(&cert->subject, hdr.payload,
1092 hdr.length);
1093}
1094
1095
1096static int x509_parse_ext_issuer_alt_name(struct x509_certificate *cert,
1097 const u8 *pos, size_t len)
1098{
1099 struct asn1_hdr hdr;
1100
1101 /* IssuerAltName ::= GeneralNames */
1102
1103 if (asn1_get_next(pos, len, &hdr) < 0 ||
1104 hdr.class != ASN1_CLASS_UNIVERSAL ||
1105 hdr.tag != ASN1_TAG_SEQUENCE) {
1106 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE in "
1107 "IssuerAltName; found %d tag 0x%x",
1108 hdr.class, hdr.tag);
1109 return -1;
1110 }
1111
1112 wpa_printf(MSG_DEBUG, "X509: IssuerAltName");
1113 cert->extensions_present |= X509_EXT_ISSUER_ALT_NAME;
1114
1115 if (hdr.length == 0)
1116 return 0;
1117
1118 return x509_parse_ext_alt_name(&cert->issuer, hdr.payload,
1119 hdr.length);
1120}
1121
1122
Hai Shalomfdcde762020-04-02 11:19:20 -0700[diff] [blame^]1123static int x509_id_cert_policy_any_oid(struct asn1_oid *oid)
1124{
1125 return oid->len == 5 &&
1126 oid->oid[0] == 2 /* iso/itu-t */ &&
1127 oid->oid[1] == 5 /* X.500 Directory Services */ &&
1128 oid->oid[2] == 29 /* id-ce */ &&
1129 oid->oid[3] == 32 /* id-ce-certificate-policies */ &&
1130 oid->oid[4] == 0 /* anyPolicy */;
1131}
1132
1133
1134static int x509_id_wfa_oid(struct asn1_oid *oid)
1135{
1136 return oid->len >= 7 &&
1137 oid->oid[0] == 1 /* iso */ &&
1138 oid->oid[1] == 3 /* identified-organization */ &&
1139 oid->oid[2] == 6 /* dod */ &&
1140 oid->oid[3] == 1 /* internet */ &&
1141 oid->oid[4] == 4 /* private */ &&
1142 oid->oid[5] == 1 /* enterprise */ &&
1143 oid->oid[6] == 40808 /* WFA */;
1144}
1145
1146
1147static int x509_id_wfa_tod_oid(struct asn1_oid *oid)
1148{
1149 return oid->len >= 9 &&
1150 x509_id_wfa_oid(oid) &&
1151 oid->oid[7] == 1 &&
1152 oid->oid[8] == 3;
1153}
1154
1155
1156static int x509_id_wfa_tod_strict_oid(struct asn1_oid *oid)
1157{
1158 return oid->len == 10 &&
1159 x509_id_wfa_tod_oid(oid) &&
1160 oid->oid[9] == 1;
1161}
1162
1163
1164static int x509_id_wfa_tod_tofu_oid(struct asn1_oid *oid)
1165{
1166 return oid->len == 10 &&
1167 x509_id_wfa_tod_oid(oid) &&
1168 oid->oid[9] == 2;
1169}
1170
1171
1172static int x509_parse_ext_certificate_policies(struct x509_certificate *cert,
1173 const u8 *pos, size_t len)
1174{
1175 struct asn1_hdr hdr;
1176 const u8 *end;
1177
1178 /*
1179 * certificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
1180 *
1181 * PolicyInformation ::= SEQUENCE {
1182 * policyIdentifier CertPolicyId,
1183 * policyQualifiers SEQUENCE SIZE (1..MAX) OF
1184 * PolicyQualifierInfo OPTIONAL }
1185 *
1186 * CertPolicyId ::= OBJECT IDENTIFIER
1187 */
1188
1189 if (asn1_get_next(pos, len, &hdr) < 0 ||
1190 hdr.class != ASN1_CLASS_UNIVERSAL ||
1191 hdr.tag != ASN1_TAG_SEQUENCE) {
1192 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE (certificatePolicies) - found class %d tag 0x%x",
1193 hdr.class, hdr.tag);
1194 return -1;
1195 }
1196 if (hdr.length > pos + len - hdr.payload)
1197 return -1;
1198 pos = hdr.payload;
1199 end = pos + hdr.length;
1200
1201 wpa_hexdump(MSG_MSGDUMP, "X509: certificatePolicies", pos, end - pos);
1202
1203 while (pos < end) {
1204 const u8 *pol_end;
1205 struct asn1_oid oid;
1206 char buf[80];
1207
1208 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1209 hdr.class != ASN1_CLASS_UNIVERSAL ||
1210 hdr.tag != ASN1_TAG_SEQUENCE) {
1211 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE (PolicyInformation) - found class %d tag 0x%x",
1212 hdr.class, hdr.tag);
1213 return -1;
1214 }
1215 if (hdr.length > end - hdr.payload)
1216 return -1;
1217 pos = hdr.payload;
1218 pol_end = pos + hdr.length;
1219 wpa_hexdump(MSG_MSGDUMP, "X509: PolicyInformation",
1220 pos, pol_end - pos);
1221
1222 if (asn1_get_oid(pos, pol_end - pos, &oid, &pos))
1223 return -1;
1224 if (x509_id_cert_policy_any_oid(&oid)) {
1225 os_strlcpy(buf, "anyPolicy-STRICT", sizeof(buf));
1226 cert->certificate_policy |=
1227 X509_EXT_CERT_POLICY_ANY;
1228 } else if (x509_id_wfa_tod_strict_oid(&oid)) {
1229 os_strlcpy(buf, "TOD-STRICT", sizeof(buf));
1230 cert->certificate_policy |=
1231 X509_EXT_CERT_POLICY_TOD_STRICT;
1232 } else if (x509_id_wfa_tod_tofu_oid(&oid)) {
1233 os_strlcpy(buf, "TOD-TOFU", sizeof(buf));
1234 cert->certificate_policy |=
1235 X509_EXT_CERT_POLICY_TOD_TOFU;
1236 } else {
1237 asn1_oid_to_str(&oid, buf, sizeof(buf));
1238 }
1239 wpa_printf(MSG_DEBUG, "policyIdentifier: %s", buf);
1240
1241 pos = pol_end;
1242 }
1243
1244 cert->extensions_present |= X509_EXT_CERTIFICATE_POLICY;
1245
1246 return 0;
1247}
1248
1249
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1250static int x509_id_pkix_oid(struct asn1_oid *oid)
1251{
1252 return oid->len >= 7 &&
1253 oid->oid[0] == 1 /* iso */ &&
1254 oid->oid[1] == 3 /* identified-organization */ &&
1255 oid->oid[2] == 6 /* dod */ &&
1256 oid->oid[3] == 1 /* internet */ &&
1257 oid->oid[4] == 5 /* security */ &&
1258 oid->oid[5] == 5 /* mechanisms */ &&
1259 oid->oid[6] == 7 /* id-pkix */;
1260}
1261
1262
1263static int x509_id_kp_oid(struct asn1_oid *oid)
1264{
1265 /* id-kp */
1266 return oid->len >= 8 &&
1267 x509_id_pkix_oid(oid) &&
1268 oid->oid[7] == 3 /* id-kp */;
1269}
1270
1271
1272static int x509_id_kp_server_auth_oid(struct asn1_oid *oid)
1273{
1274 /* id-kp */
1275 return oid->len == 9 &&
1276 x509_id_kp_oid(oid) &&
1277 oid->oid[8] == 1 /* id-kp-serverAuth */;
1278}
1279
1280
1281static int x509_id_kp_client_auth_oid(struct asn1_oid *oid)
1282{
1283 /* id-kp */
1284 return oid->len == 9 &&
1285 x509_id_kp_oid(oid) &&
1286 oid->oid[8] == 2 /* id-kp-clientAuth */;
1287}
1288
1289
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1290static int x509_id_kp_ocsp_oid(struct asn1_oid *oid)
1291{
1292 /* id-kp */
1293 return oid->len == 9 &&
1294 x509_id_kp_oid(oid) &&
1295 oid->oid[8] == 9 /* id-kp-OCSPSigning */;
1296}
1297
1298
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1299static int x509_parse_ext_ext_key_usage(struct x509_certificate *cert,
1300 const u8 *pos, size_t len)
1301{
1302 struct asn1_hdr hdr;
1303 const u8 *end;
1304 struct asn1_oid oid;
1305
1306 /*
1307 * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
1308 *
1309 * KeyPurposeId ::= OBJECT IDENTIFIER
1310 */
1311
1312 if (asn1_get_next(pos, len, &hdr) < 0 ||
1313 hdr.class != ASN1_CLASS_UNIVERSAL ||
1314 hdr.tag != ASN1_TAG_SEQUENCE) {
1315 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
1316 "(ExtKeyUsageSyntax) - found class %d tag 0x%x",
1317 hdr.class, hdr.tag);
1318 return -1;
1319 }
1320 if (hdr.length > pos + len - hdr.payload)
1321 return -1;
1322 pos = hdr.payload;
1323 end = pos + hdr.length;
1324
1325 wpa_hexdump(MSG_MSGDUMP, "X509: ExtKeyUsageSyntax", pos, end - pos);
1326
1327 while (pos < end) {
1328 char buf[80];
1329
1330 if (asn1_get_oid(pos, end - pos, &oid, &pos))
1331 return -1;
1332 if (x509_any_ext_key_usage_oid(&oid)) {
1333 os_strlcpy(buf, "anyExtendedKeyUsage", sizeof(buf));
1334 cert->ext_key_usage |= X509_EXT_KEY_USAGE_ANY;
1335 } else if (x509_id_kp_server_auth_oid(&oid)) {
1336 os_strlcpy(buf, "id-kp-serverAuth", sizeof(buf));
1337 cert->ext_key_usage |= X509_EXT_KEY_USAGE_SERVER_AUTH;
1338 } else if (x509_id_kp_client_auth_oid(&oid)) {
1339 os_strlcpy(buf, "id-kp-clientAuth", sizeof(buf));
1340 cert->ext_key_usage |= X509_EXT_KEY_USAGE_CLIENT_AUTH;
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1341 } else if (x509_id_kp_ocsp_oid(&oid)) {
1342 os_strlcpy(buf, "id-kp-OCSPSigning", sizeof(buf));
1343 cert->ext_key_usage |= X509_EXT_KEY_USAGE_OCSP;
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1344 } else {
1345 asn1_oid_to_str(&oid, buf, sizeof(buf));
1346 }
1347 wpa_printf(MSG_DEBUG, "ExtKeyUsage KeyPurposeId: %s", buf);
1348 }
1349
1350 cert->extensions_present |= X509_EXT_EXT_KEY_USAGE;
1351
1352 return 0;
1353}
1354
1355
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1356static int x509_parse_extension_data(struct x509_certificate *cert,
1357 struct asn1_oid *oid,
1358 const u8 *pos, size_t len)
1359{
1360 if (!x509_id_ce_oid(oid))
1361 return 1;
1362
1363 /* TODO: add other extensions required by RFC 3280, Ch 4.2:
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1364 * name constraints (section 4.2.1.11)
1365 * policy constraints (section 4.2.1.12)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1366 * inhibit any-policy (section 4.2.1.15)
1367 */
1368 switch (oid->oid[3]) {
1369 case 15: /* id-ce-keyUsage */
1370 return x509_parse_ext_key_usage(cert, pos, len);
1371 case 17: /* id-ce-subjectAltName */
1372 return x509_parse_ext_subject_alt_name(cert, pos, len);
1373 case 18: /* id-ce-issuerAltName */
1374 return x509_parse_ext_issuer_alt_name(cert, pos, len);
1375 case 19: /* id-ce-basicConstraints */
1376 return x509_parse_ext_basic_constraints(cert, pos, len);
Hai Shalomfdcde762020-04-02 11:19:20 -0700[diff] [blame^]1377 case 32: /* id-ce-certificatePolicies */
1378 return x509_parse_ext_certificate_policies(cert, pos, len);
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1379 case 37: /* id-ce-extKeyUsage */
1380 return x509_parse_ext_ext_key_usage(cert, pos, len);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1381 default:
1382 return 1;
1383 }
1384}
1385
1386
1387static int x509_parse_extension(struct x509_certificate *cert,
1388 const u8 *pos, size_t len, const u8 **next)
1389{
1390 const u8 *end;
1391 struct asn1_hdr hdr;
1392 struct asn1_oid oid;
1393 int critical_ext = 0, res;
1394 char buf[80];
1395
1396 /*
1397 * Extension ::= SEQUENCE {
1398 * extnID OBJECT IDENTIFIER,
1399 * critical BOOLEAN DEFAULT FALSE,
1400 * extnValue OCTET STRING
1401 * }
1402 */
1403
1404 if (asn1_get_next(pos, len, &hdr) < 0 ||
1405 hdr.class != ASN1_CLASS_UNIVERSAL ||
1406 hdr.tag != ASN1_TAG_SEQUENCE) {
1407 wpa_printf(MSG_DEBUG, "X509: Unexpected ASN.1 header in "
1408 "Extensions: class %d tag 0x%x; expected SEQUENCE",
1409 hdr.class, hdr.tag);
1410 return -1;
1411 }
1412 pos = hdr.payload;
1413 *next = end = pos + hdr.length;
1414
1415 if (asn1_get_oid(pos, end - pos, &oid, &pos) < 0) {
1416 wpa_printf(MSG_DEBUG, "X509: Unexpected ASN.1 data for "
1417 "Extension (expected OID)");
1418 return -1;
1419 }
1420
1421 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1422 hdr.class != ASN1_CLASS_UNIVERSAL ||
1423 (hdr.tag != ASN1_TAG_BOOLEAN &&
1424 hdr.tag != ASN1_TAG_OCTETSTRING)) {
1425 wpa_printf(MSG_DEBUG, "X509: Unexpected ASN.1 header in "
1426 "Extensions: class %d tag 0x%x; expected BOOLEAN "
1427 "or OCTET STRING", hdr.class, hdr.tag);
1428 return -1;
1429 }
1430
1431 if (hdr.tag == ASN1_TAG_BOOLEAN) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1432 critical_ext = hdr.payload[0];
1433 pos = hdr.payload;
1434 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1435 (hdr.class != ASN1_CLASS_UNIVERSAL &&
1436 hdr.class != ASN1_CLASS_PRIVATE) ||
1437 hdr.tag != ASN1_TAG_OCTETSTRING) {
1438 wpa_printf(MSG_DEBUG, "X509: Unexpected ASN.1 header "
1439 "in Extensions: class %d tag 0x%x; "
1440 "expected OCTET STRING",
1441 hdr.class, hdr.tag);
1442 return -1;
1443 }
1444 }
1445
1446 asn1_oid_to_str(&oid, buf, sizeof(buf));
1447 wpa_printf(MSG_DEBUG, "X509: Extension: extnID=%s critical=%d",
1448 buf, critical_ext);
1449 wpa_hexdump(MSG_MSGDUMP, "X509: extnValue", hdr.payload, hdr.length);
1450
1451 res = x509_parse_extension_data(cert, &oid, hdr.payload, hdr.length);
1452 if (res < 0)
1453 return res;
1454 if (res == 1 && critical_ext) {
1455 wpa_printf(MSG_INFO, "X509: Unknown critical extension %s",
1456 buf);
1457 return -1;
1458 }
1459
1460 return 0;
1461}
1462
1463
1464static int x509_parse_extensions(struct x509_certificate *cert,
1465 const u8 *pos, size_t len)
1466{
1467 const u8 *end;
1468 struct asn1_hdr hdr;
1469
1470 /* Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension */
1471
1472 if (asn1_get_next(pos, len, &hdr) < 0 ||
1473 hdr.class != ASN1_CLASS_UNIVERSAL ||
1474 hdr.tag != ASN1_TAG_SEQUENCE) {
1475 wpa_printf(MSG_DEBUG, "X509: Unexpected ASN.1 data "
1476 "for Extensions: class %d tag 0x%x; "
1477 "expected SEQUENCE", hdr.class, hdr.tag);
1478 return -1;
1479 }
1480
1481 pos = hdr.payload;
1482 end = pos + hdr.length;
1483
1484 while (pos < end) {
1485 if (x509_parse_extension(cert, pos, end - pos, &pos)
1486 < 0)
1487 return -1;
1488 }
1489
1490 return 0;
1491}
1492
1493
1494static int x509_parse_tbs_certificate(const u8 *buf, size_t len,
1495 struct x509_certificate *cert,
1496 const u8 **next)
1497{
1498 struct asn1_hdr hdr;
1499 const u8 *pos, *end;
1500 size_t left;
1501 char sbuf[128];
1502 unsigned long value;
Dmitry Shmidtd97138d2015-12-28 13:27:49 -0800[diff] [blame]1503 const u8 *subject_dn;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1504
1505 /* tbsCertificate TBSCertificate ::= SEQUENCE */
1506 if (asn1_get_next(buf, len, &hdr) < 0 ||
1507 hdr.class != ASN1_CLASS_UNIVERSAL ||
1508 hdr.tag != ASN1_TAG_SEQUENCE) {
1509 wpa_printf(MSG_DEBUG, "X509: tbsCertificate did not start "
1510 "with a valid SEQUENCE - found class %d tag 0x%x",
1511 hdr.class, hdr.tag);
1512 return -1;
1513 }
1514 pos = hdr.payload;
1515 end = *next = pos + hdr.length;
1516
1517 /*
1518 * version [0] EXPLICIT Version DEFAULT v1
1519 * Version ::= INTEGER { v1(0), v2(1), v3(2) }
1520 */
1521 if (asn1_get_next(pos, end - pos, &hdr) < 0)
1522 return -1;
1523 pos = hdr.payload;
1524
1525 if (hdr.class == ASN1_CLASS_CONTEXT_SPECIFIC) {
1526 if (asn1_get_next(pos, end - pos, &hdr) < 0)
1527 return -1;
1528
1529 if (hdr.class != ASN1_CLASS_UNIVERSAL ||
1530 hdr.tag != ASN1_TAG_INTEGER) {
1531 wpa_printf(MSG_DEBUG, "X509: No INTEGER tag found for "
1532 "version field - found class %d tag 0x%x",
1533 hdr.class, hdr.tag);
1534 return -1;
1535 }
1536 if (hdr.length != 1) {
1537 wpa_printf(MSG_DEBUG, "X509: Unexpected version field "
1538 "length %u (expected 1)", hdr.length);
1539 return -1;
1540 }
1541 pos = hdr.payload;
1542 left = hdr.length;
1543 value = 0;
1544 while (left) {
1545 value <<= 8;
1546 value |= *pos++;
1547 left--;
1548 }
1549
1550 cert->version = value;
1551 if (cert->version != X509_CERT_V1 &&
1552 cert->version != X509_CERT_V2 &&
1553 cert->version != X509_CERT_V3) {
1554 wpa_printf(MSG_DEBUG, "X509: Unsupported version %d",
1555 cert->version + 1);
1556 return -1;
1557 }
1558
1559 if (asn1_get_next(pos, end - pos, &hdr) < 0)
1560 return -1;
1561 } else
1562 cert->version = X509_CERT_V1;
1563 wpa_printf(MSG_MSGDUMP, "X509: Version X.509v%d", cert->version + 1);
1564
1565 /* serialNumber CertificateSerialNumber ::= INTEGER */
1566 if (hdr.class != ASN1_CLASS_UNIVERSAL ||
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1567 hdr.tag != ASN1_TAG_INTEGER ||
1568 hdr.length < 1 || hdr.length > X509_MAX_SERIAL_NUM_LEN) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1569 wpa_printf(MSG_DEBUG, "X509: No INTEGER tag found for "
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1570 "serialNumber; class=%d tag=0x%x length=%u",
1571 hdr.class, hdr.tag, hdr.length);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1572 return -1;
1573 }
1574
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1575 pos = hdr.payload + hdr.length;
1576 while (hdr.length > 0 && hdr.payload[0] == 0) {
1577 hdr.payload++;
1578 hdr.length--;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1579 }
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1580 os_memcpy(cert->serial_number, hdr.payload, hdr.length);
1581 cert->serial_number_len = hdr.length;
1582 wpa_hexdump(MSG_MSGDUMP, "X509: serialNumber", cert->serial_number,
1583 cert->serial_number_len);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1584
1585 /* signature AlgorithmIdentifier */
1586 if (x509_parse_algorithm_identifier(pos, end - pos, &cert->signature,
1587 &pos))
1588 return -1;
1589
1590 /* issuer Name */
1591 if (x509_parse_name(pos, end - pos, &cert->issuer, &pos))
1592 return -1;
1593 x509_name_string(&cert->issuer, sbuf, sizeof(sbuf));
1594 wpa_printf(MSG_MSGDUMP, "X509: issuer %s", sbuf);
1595
1596 /* validity Validity */
1597 if (x509_parse_validity(pos, end - pos, cert, &pos))
1598 return -1;
1599
1600 /* subject Name */
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1601 subject_dn = pos;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1602 if (x509_parse_name(pos, end - pos, &cert->subject, &pos))
1603 return -1;
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1604 cert->subject_dn = os_malloc(pos - subject_dn);
1605 if (!cert->subject_dn)
1606 return -1;
1607 cert->subject_dn_len = pos - subject_dn;
1608 os_memcpy(cert->subject_dn, subject_dn, cert->subject_dn_len);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1609 x509_name_string(&cert->subject, sbuf, sizeof(sbuf));
1610 wpa_printf(MSG_MSGDUMP, "X509: subject %s", sbuf);
1611
1612 /* subjectPublicKeyInfo SubjectPublicKeyInfo */
1613 if (x509_parse_public_key(pos, end - pos, cert, &pos))
1614 return -1;
1615
1616 if (pos == end)
1617 return 0;
1618
1619 if (cert->version == X509_CERT_V1)
1620 return 0;
1621
1622 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1623 hdr.class != ASN1_CLASS_CONTEXT_SPECIFIC) {
1624 wpa_printf(MSG_DEBUG, "X509: Expected Context-Specific"
1625 " tag to parse optional tbsCertificate "
1626 "field(s); parsed class %d tag 0x%x",
1627 hdr.class, hdr.tag);
1628 return -1;
1629 }
1630
1631 if (hdr.tag == 1) {
1632 /* issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL */
1633 wpa_printf(MSG_DEBUG, "X509: issuerUniqueID");
1634 /* TODO: parse UniqueIdentifier ::= BIT STRING */
1635
Dmitry Shmidt5a1480c2014-05-12 09:46:02 -0700[diff] [blame]1636 pos = hdr.payload + hdr.length;
1637 if (pos == end)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1638 return 0;
1639
1640 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1641 hdr.class != ASN1_CLASS_CONTEXT_SPECIFIC) {
1642 wpa_printf(MSG_DEBUG, "X509: Expected Context-Specific"
1643 " tag to parse optional tbsCertificate "
1644 "field(s); parsed class %d tag 0x%x",
1645 hdr.class, hdr.tag);
1646 return -1;
1647 }
1648 }
1649
1650 if (hdr.tag == 2) {
1651 /* subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL */
1652 wpa_printf(MSG_DEBUG, "X509: subjectUniqueID");
1653 /* TODO: parse UniqueIdentifier ::= BIT STRING */
1654
Dmitry Shmidt5a1480c2014-05-12 09:46:02 -0700[diff] [blame]1655 pos = hdr.payload + hdr.length;
1656 if (pos == end)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1657 return 0;
1658
1659 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1660 hdr.class != ASN1_CLASS_CONTEXT_SPECIFIC) {
1661 wpa_printf(MSG_DEBUG, "X509: Expected Context-Specific"
1662 " tag to parse optional tbsCertificate "
1663 "field(s); parsed class %d tag 0x%x",
1664 hdr.class, hdr.tag);
1665 return -1;
1666 }
1667 }
1668
1669 if (hdr.tag != 3) {
1670 wpa_printf(MSG_DEBUG, "X509: Ignored unexpected "
1671 "Context-Specific tag %d in optional "
1672 "tbsCertificate fields", hdr.tag);
1673 return 0;
1674 }
1675
1676 /* extensions [3] EXPLICIT Extensions OPTIONAL */
1677
1678 if (cert->version != X509_CERT_V3) {
1679 wpa_printf(MSG_DEBUG, "X509: X.509%d certificate and "
1680 "Extensions data which are only allowed for "
1681 "version 3", cert->version + 1);
1682 return -1;
1683 }
1684
1685 if (x509_parse_extensions(cert, hdr.payload, hdr.length) < 0)
1686 return -1;
1687
1688 pos = hdr.payload + hdr.length;
1689 if (pos < end) {
1690 wpa_hexdump(MSG_DEBUG,
1691 "X509: Ignored extra tbsCertificate data",
1692 pos, end - pos);
1693 }
1694
1695 return 0;
1696}
1697
1698
1699static int x509_rsadsi_oid(struct asn1_oid *oid)
1700{
1701 return oid->len >= 4 &&
1702 oid->oid[0] == 1 /* iso */ &&
1703 oid->oid[1] == 2 /* member-body */ &&
1704 oid->oid[2] == 840 /* us */ &&
1705 oid->oid[3] == 113549 /* rsadsi */;
1706}
1707
1708
1709static int x509_pkcs_oid(struct asn1_oid *oid)
1710{
1711 return oid->len >= 5 &&
1712 x509_rsadsi_oid(oid) &&
1713 oid->oid[4] == 1 /* pkcs */;
1714}
1715
1716
1717static int x509_digest_oid(struct asn1_oid *oid)
1718{
1719 return oid->len >= 5 &&
1720 x509_rsadsi_oid(oid) &&
1721 oid->oid[4] == 2 /* digestAlgorithm */;
1722}
1723
1724
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1725int x509_sha1_oid(struct asn1_oid *oid)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1726{
1727 return oid->len == 6 &&
1728 oid->oid[0] == 1 /* iso */ &&
1729 oid->oid[1] == 3 /* identified-organization */ &&
1730 oid->oid[2] == 14 /* oiw */ &&
1731 oid->oid[3] == 3 /* secsig */ &&
1732 oid->oid[4] == 2 /* algorithms */ &&
1733 oid->oid[5] == 26 /* id-sha1 */;
1734}
1735
1736
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1737static int x509_sha2_oid(struct asn1_oid *oid)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1738{
1739 return oid->len == 9 &&
1740 oid->oid[0] == 2 /* joint-iso-itu-t */ &&
1741 oid->oid[1] == 16 /* country */ &&
1742 oid->oid[2] == 840 /* us */ &&
1743 oid->oid[3] == 1 /* organization */ &&
1744 oid->oid[4] == 101 /* gov */ &&
1745 oid->oid[5] == 3 /* csor */ &&
1746 oid->oid[6] == 4 /* nistAlgorithm */ &&
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1747 oid->oid[7] == 2 /* hashAlgs */;
1748}
1749
1750
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1751int x509_sha256_oid(struct asn1_oid *oid)
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1752{
1753 return x509_sha2_oid(oid) &&
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1754 oid->oid[8] == 1 /* sha256 */;
1755}
1756
1757
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1758int x509_sha384_oid(struct asn1_oid *oid)
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1759{
1760 return x509_sha2_oid(oid) &&
1761 oid->oid[8] == 2 /* sha384 */;
1762}
1763
1764
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1765int x509_sha512_oid(struct asn1_oid *oid)
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1766{
1767 return x509_sha2_oid(oid) &&
1768 oid->oid[8] == 3 /* sha512 */;
1769}
1770
1771
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1772/**
1773 * x509_certificate_parse - Parse a X.509 certificate in DER format
1774 * @buf: Pointer to the X.509 certificate in DER format
1775 * @len: Buffer length
1776 * Returns: Pointer to the parsed certificate or %NULL on failure
1777 *
1778 * Caller is responsible for freeing the returned certificate by calling
1779 * x509_certificate_free().
1780 */
1781struct x509_certificate * x509_certificate_parse(const u8 *buf, size_t len)
1782{
1783 struct asn1_hdr hdr;
1784 const u8 *pos, *end, *hash_start;
1785 struct x509_certificate *cert;
1786
1787 cert = os_zalloc(sizeof(*cert) + len);
1788 if (cert == NULL)
1789 return NULL;
1790 os_memcpy(cert + 1, buf, len);
1791 cert->cert_start = (u8 *) (cert + 1);
1792 cert->cert_len = len;
1793
1794 pos = buf;
1795 end = buf + len;
1796
1797 /* RFC 3280 - X.509 v3 certificate / ASN.1 DER */
1798
1799 /* Certificate ::= SEQUENCE */
1800 if (asn1_get_next(pos, len, &hdr) < 0 ||
1801 hdr.class != ASN1_CLASS_UNIVERSAL ||
1802 hdr.tag != ASN1_TAG_SEQUENCE) {
1803 wpa_printf(MSG_DEBUG, "X509: Certificate did not start with "
1804 "a valid SEQUENCE - found class %d tag 0x%x",
1805 hdr.class, hdr.tag);
1806 x509_certificate_free(cert);
1807 return NULL;
1808 }
1809 pos = hdr.payload;
1810
Dmitry Shmidtd80a4012015-11-05 16:35:40 -0800[diff] [blame]1811 if (hdr.length > end - pos) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1812 x509_certificate_free(cert);
1813 return NULL;
1814 }
1815
Dmitry Shmidtd80a4012015-11-05 16:35:40 -0800[diff] [blame]1816 if (hdr.length < end - pos) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1817 wpa_hexdump(MSG_MSGDUMP, "X509: Ignoring extra data after DER "
1818 "encoded certificate",
Dmitry Shmidtcc00d5d2015-05-04 10:34:12 -0700[diff] [blame]1819 pos + hdr.length, end - (pos + hdr.length));
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1820 end = pos + hdr.length;
1821 }
1822
1823 hash_start = pos;
1824 cert->tbs_cert_start = cert->cert_start + (hash_start - buf);
1825 if (x509_parse_tbs_certificate(pos, end - pos, cert, &pos)) {
1826 x509_certificate_free(cert);
1827 return NULL;
1828 }
1829 cert->tbs_cert_len = pos - hash_start;
1830
1831 /* signatureAlgorithm AlgorithmIdentifier */
1832 if (x509_parse_algorithm_identifier(pos, end - pos,
1833 &cert->signature_alg, &pos)) {
1834 x509_certificate_free(cert);
1835 return NULL;
1836 }
1837
1838 /* signatureValue BIT STRING */
1839 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1840 hdr.class != ASN1_CLASS_UNIVERSAL ||
1841 hdr.tag != ASN1_TAG_BITSTRING) {
1842 wpa_printf(MSG_DEBUG, "X509: Expected BITSTRING "
1843 "(signatureValue) - found class %d tag 0x%x",
1844 hdr.class, hdr.tag);
1845 x509_certificate_free(cert);
1846 return NULL;
1847 }
1848 if (hdr.length < 1) {
1849 x509_certificate_free(cert);
1850 return NULL;
1851 }
1852 pos = hdr.payload;
1853 if (*pos) {
1854 wpa_printf(MSG_DEBUG, "X509: BITSTRING - %d unused bits",
1855 *pos);
1856 /* PKCS #1 v1.5 10.2.1:
1857 * It is an error if the length in bits of the signature S is
1858 * not a multiple of eight.
1859 */
1860 x509_certificate_free(cert);
1861 return NULL;
1862 }
1863 os_free(cert->sign_value);
Dmitry Shmidtd2986c22017-10-23 14:22:09 -0700[diff] [blame]1864 cert->sign_value = os_memdup(pos + 1, hdr.length - 1);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1865 if (cert->sign_value == NULL) {
1866 wpa_printf(MSG_DEBUG, "X509: Failed to allocate memory for "
1867 "signatureValue");
1868 x509_certificate_free(cert);
1869 return NULL;
1870 }
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1871 cert->sign_value_len = hdr.length - 1;
1872 wpa_hexdump(MSG_MSGDUMP, "X509: signature",
1873 cert->sign_value, cert->sign_value_len);
1874
1875 return cert;
1876}
1877
1878
1879/**
1880 * x509_certificate_check_signature - Verify certificate signature
1881 * @issuer: Issuer certificate
1882 * @cert: Certificate to be verified
1883 * Returns: 0 if cert has a valid signature that was signed by the issuer,
1884 * -1 if not
1885 */
1886int x509_certificate_check_signature(struct x509_certificate *issuer,
1887 struct x509_certificate *cert)
1888{
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1889 return x509_check_signature(issuer, &cert->signature,
1890 cert->sign_value, cert->sign_value_len,
1891 cert->tbs_cert_start, cert->tbs_cert_len);
1892}
1893
1894
1895int x509_check_signature(struct x509_certificate *issuer,
1896 struct x509_algorithm_identifier *signature,
1897 const u8 *sign_value, size_t sign_value_len,
1898 const u8 *signed_data, size_t signed_data_len)
1899{
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1900 struct crypto_public_key *pk;
1901 u8 *data;
1902 const u8 *pos, *end, *next, *da_end;
1903 size_t data_len;
1904 struct asn1_hdr hdr;
1905 struct asn1_oid oid;
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]1906 u8 hash[64];
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1907 size_t hash_len;
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1908 const u8 *addr[1] = { signed_data };
1909 size_t len[1] = { signed_data_len };
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1910
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1911 if (!x509_pkcs_oid(&signature->oid) ||
1912 signature->oid.len != 7 ||
1913 signature->oid.oid[5] != 1 /* pkcs-1 */) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1914 wpa_printf(MSG_DEBUG, "X509: Unrecognized signature "
1915 "algorithm");
1916 return -1;
1917 }
1918
1919 pk = crypto_public_key_import(issuer->public_key,
1920 issuer->public_key_len);
1921 if (pk == NULL)
1922 return -1;
1923
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1924 data_len = sign_value_len;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1925 data = os_malloc(data_len);
1926 if (data == NULL) {
1927 crypto_public_key_free(pk);
1928 return -1;
1929 }
1930
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1931 if (crypto_public_key_decrypt_pkcs1(pk, sign_value,
1932 sign_value_len, data,
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1933 &data_len) < 0) {
1934 wpa_printf(MSG_DEBUG, "X509: Failed to decrypt signature");
1935 crypto_public_key_free(pk);
1936 os_free(data);
1937 return -1;
1938 }
1939 crypto_public_key_free(pk);
1940
1941 wpa_hexdump(MSG_MSGDUMP, "X509: Signature data D", data, data_len);
1942
1943 /*
1944 * PKCS #1 v1.5, 10.1.2:
1945 *
1946 * DigestInfo ::= SEQUENCE {
1947 * digestAlgorithm DigestAlgorithmIdentifier,
1948 * digest Digest
1949 * }
1950 *
1951 * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
1952 *
1953 * Digest ::= OCTET STRING
1954 *
1955 */
1956 if (asn1_get_next(data, data_len, &hdr) < 0 ||
1957 hdr.class != ASN1_CLASS_UNIVERSAL ||
1958 hdr.tag != ASN1_TAG_SEQUENCE) {
1959 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
1960 "(DigestInfo) - found class %d tag 0x%x",
1961 hdr.class, hdr.tag);
1962 os_free(data);
1963 return -1;
1964 }
1965
1966 pos = hdr.payload;
1967 end = pos + hdr.length;
1968
1969 /*
1970 * X.509:
1971 * AlgorithmIdentifier ::= SEQUENCE {
1972 * algorithm OBJECT IDENTIFIER,
1973 * parameters ANY DEFINED BY algorithm OPTIONAL
1974 * }
1975 */
1976
1977 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
1978 hdr.class != ASN1_CLASS_UNIVERSAL ||
1979 hdr.tag != ASN1_TAG_SEQUENCE) {
1980 wpa_printf(MSG_DEBUG, "X509: Expected SEQUENCE "
1981 "(AlgorithmIdentifier) - found class %d tag 0x%x",
1982 hdr.class, hdr.tag);
1983 os_free(data);
1984 return -1;
1985 }
1986 da_end = hdr.payload + hdr.length;
1987
1988 if (asn1_get_oid(hdr.payload, hdr.length, &oid, &next)) {
1989 wpa_printf(MSG_DEBUG, "X509: Failed to parse digestAlgorithm");
1990 os_free(data);
1991 return -1;
1992 }
1993
1994 if (x509_sha1_oid(&oid)) {
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1995 if (signature->oid.oid[6] != 5 /* sha-1WithRSAEncryption */) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]1996 wpa_printf(MSG_DEBUG, "X509: digestAlgorithm SHA1 "
1997 "does not match with certificate "
1998 "signatureAlgorithm (%lu)",
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]1999 signature->oid.oid[6]);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2000 os_free(data);
2001 return -1;
2002 }
2003 goto skip_digest_oid;
2004 }
2005
2006 if (x509_sha256_oid(&oid)) {
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2007 if (signature->oid.oid[6] !=
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2008 11 /* sha2561WithRSAEncryption */) {
2009 wpa_printf(MSG_DEBUG, "X509: digestAlgorithm SHA256 "
2010 "does not match with certificate "
2011 "signatureAlgorithm (%lu)",
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2012 signature->oid.oid[6]);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2013 os_free(data);
2014 return -1;
2015 }
2016 goto skip_digest_oid;
2017 }
2018
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]2019 if (x509_sha384_oid(&oid)) {
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2020 if (signature->oid.oid[6] != 12 /* sha384WithRSAEncryption */) {
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]2021 wpa_printf(MSG_DEBUG, "X509: digestAlgorithm SHA384 "
2022 "does not match with certificate "
2023 "signatureAlgorithm (%lu)",
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2024 signature->oid.oid[6]);
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]2025 os_free(data);
2026 return -1;
2027 }
2028 goto skip_digest_oid;
2029 }
2030
2031 if (x509_sha512_oid(&oid)) {
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2032 if (signature->oid.oid[6] != 13 /* sha512WithRSAEncryption */) {
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]2033 wpa_printf(MSG_DEBUG, "X509: digestAlgorithm SHA512 "
2034 "does not match with certificate "
2035 "signatureAlgorithm (%lu)",
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2036 signature->oid.oid[6]);
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]2037 os_free(data);
2038 return -1;
2039 }
2040 goto skip_digest_oid;
2041 }
2042
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2043 if (!x509_digest_oid(&oid)) {
2044 wpa_printf(MSG_DEBUG, "X509: Unrecognized digestAlgorithm");
2045 os_free(data);
2046 return -1;
2047 }
2048 switch (oid.oid[5]) {
2049 case 5: /* md5 */
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2050 if (signature->oid.oid[6] != 4 /* md5WithRSAEncryption */) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2051 wpa_printf(MSG_DEBUG, "X509: digestAlgorithm MD5 does "
2052 "not match with certificate "
2053 "signatureAlgorithm (%lu)",
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2054 signature->oid.oid[6]);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2055 os_free(data);
2056 return -1;
2057 }
2058 break;
2059 case 2: /* md2 */
2060 case 4: /* md4 */
2061 default:
2062 wpa_printf(MSG_DEBUG, "X509: Unsupported digestAlgorithm "
2063 "(%lu)", oid.oid[5]);
2064 os_free(data);
2065 return -1;
2066 }
2067
2068skip_digest_oid:
2069 /* Digest ::= OCTET STRING */
2070 pos = da_end;
2071 end = data + data_len;
2072
2073 if (asn1_get_next(pos, end - pos, &hdr) < 0 ||
2074 hdr.class != ASN1_CLASS_UNIVERSAL ||
2075 hdr.tag != ASN1_TAG_OCTETSTRING) {
2076 wpa_printf(MSG_DEBUG, "X509: Expected OCTETSTRING "
2077 "(Digest) - found class %d tag 0x%x",
2078 hdr.class, hdr.tag);
2079 os_free(data);
2080 return -1;
2081 }
2082 wpa_hexdump(MSG_MSGDUMP, "X509: Decrypted Digest",
2083 hdr.payload, hdr.length);
2084
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2085 switch (signature->oid.oid[6]) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2086 case 4: /* md5WithRSAEncryption */
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2087 md5_vector(1, addr, len, hash);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2088 hash_len = 16;
2089 wpa_hexdump(MSG_MSGDUMP, "X509: Certificate hash (MD5)",
2090 hash, hash_len);
2091 break;
2092 case 5: /* sha-1WithRSAEncryption */
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2093 sha1_vector(1, addr, len, hash);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2094 hash_len = 20;
2095 wpa_hexdump(MSG_MSGDUMP, "X509: Certificate hash (SHA1)",
2096 hash, hash_len);
2097 break;
2098 case 11: /* sha256WithRSAEncryption */
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2099 sha256_vector(1, addr, len, hash);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2100 hash_len = 32;
2101 wpa_hexdump(MSG_MSGDUMP, "X509: Certificate hash (SHA256)",
2102 hash, hash_len);
2103 break;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2104 case 12: /* sha384WithRSAEncryption */
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2105 sha384_vector(1, addr, len, hash);
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]2106 hash_len = 48;
2107 wpa_hexdump(MSG_MSGDUMP, "X509: Certificate hash (SHA384)",
2108 hash, hash_len);
2109 break;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2110 case 13: /* sha512WithRSAEncryption */
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2111 sha512_vector(1, addr, len, hash);
Dmitry Shmidtd7ff03d2015-12-04 14:49:35 -0800[diff] [blame]2112 hash_len = 64;
2113 wpa_hexdump(MSG_MSGDUMP, "X509: Certificate hash (SHA512)",
2114 hash, hash_len);
2115 break;
2116 case 2: /* md2WithRSAEncryption */
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2117 default:
2118 wpa_printf(MSG_INFO, "X509: Unsupported certificate signature "
Dmitry Shmidt0e58d9b2015-12-22 10:59:44 -0800[diff] [blame]2119 "algorithm (%lu)", signature->oid.oid[6]);
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2120 os_free(data);
2121 return -1;
2122 }
2123
2124 if (hdr.length != hash_len ||
Dmitry Shmidtc2817022014-07-02 10:32:10 -0700[diff] [blame]2125 os_memcmp_const(hdr.payload, hash, hdr.length) != 0) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2126 wpa_printf(MSG_INFO, "X509: Certificate Digest does not match "
2127 "with calculated tbsCertificate hash");
2128 os_free(data);
2129 return -1;
2130 }
2131
Dmitry Shmidt50b691d2014-05-21 14:01:45 -0700[diff] [blame]2132 if (hdr.payload + hdr.length < data + data_len) {
2133 wpa_hexdump(MSG_INFO,
2134 "X509: Extra data after certificate signature hash",
2135 hdr.payload + hdr.length,
2136 data + data_len - hdr.payload - hdr.length);
2137 os_free(data);
2138 return -1;
2139 }
2140
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2141 os_free(data);
2142
2143 wpa_printf(MSG_DEBUG, "X509: Certificate Digest matches with "
2144 "calculated tbsCertificate hash");
2145
2146 return 0;
2147}
2148
2149
2150static int x509_valid_issuer(const struct x509_certificate *cert)
2151{
2152 if ((cert->extensions_present & X509_EXT_BASIC_CONSTRAINTS) &&
2153 !cert->ca) {
2154 wpa_printf(MSG_DEBUG, "X509: Non-CA certificate used as an "
2155 "issuer");
2156 return -1;
2157 }
2158
2159 if (cert->version == X509_CERT_V3 &&
2160 !(cert->extensions_present & X509_EXT_BASIC_CONSTRAINTS)) {
2161 wpa_printf(MSG_DEBUG, "X509: v3 CA certificate did not "
2162 "include BasicConstraints extension");
2163 return -1;
2164 }
2165
2166 if ((cert->extensions_present & X509_EXT_KEY_USAGE) &&
2167 !(cert->key_usage & X509_KEY_USAGE_KEY_CERT_SIGN)) {
2168 wpa_printf(MSG_DEBUG, "X509: Issuer certificate did not have "
2169 "keyCertSign bit in Key Usage");
2170 return -1;
2171 }
2172
2173 return 0;
2174}
2175
2176
2177/**
2178 * x509_certificate_chain_validate - Validate X.509 certificate chain
2179 * @trusted: List of trusted certificates
2180 * @chain: Certificate chain to be validated (first chain must be issued by
2181 * signed by the second certificate in the chain and so on)
2182 * @reason: Buffer for returning failure reason (X509_VALIDATE_*)
2183 * Returns: 0 if chain is valid, -1 if not
2184 */
2185int x509_certificate_chain_validate(struct x509_certificate *trusted,
2186 struct x509_certificate *chain,
Dmitry Shmidtc55524a2011-07-07 11:18:38 -0700[diff] [blame]2187 int *reason, int disable_time_checks)
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2188{
2189 long unsigned idx;
2190 int chain_trusted = 0;
2191 struct x509_certificate *cert, *trust;
2192 char buf[128];
2193 struct os_time now;
2194
2195 *reason = X509_VALIDATE_OK;
2196
2197 wpa_printf(MSG_DEBUG, "X509: Validate certificate chain");
2198 os_get_time(&now);
2199
2200 for (cert = chain, idx = 0; cert; cert = cert->next, idx++) {
Dmitry Shmidtd97138d2015-12-28 13:27:49 -0800[diff] [blame]2201 cert->issuer_trusted = 0;
Dmitry Shmidt29333592017-01-09 12:27:11 -0800[diff] [blame]2202 x509_name_string(&cert->subject, buf, sizeof(buf));
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2203 wpa_printf(MSG_DEBUG, "X509: %lu: %s", idx, buf);
2204
2205 if (chain_trusted)
2206 continue;
2207
Dmitry Shmidtc55524a2011-07-07 11:18:38 -0700[diff] [blame]2208 if (!disable_time_checks &&
2209 ((unsigned long) now.sec <
2210 (unsigned long) cert->not_before ||
2211 (unsigned long) now.sec >
2212 (unsigned long) cert->not_after)) {
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2213 wpa_printf(MSG_INFO, "X509: Certificate not valid "
2214 "(now=%lu not_before=%lu not_after=%lu)",
2215 now.sec, cert->not_before, cert->not_after);
2216 *reason = X509_VALIDATE_CERTIFICATE_EXPIRED;
2217 return -1;
2218 }
2219
2220 if (cert->next) {
2221 if (x509_name_compare(&cert->issuer,
2222 &cert->next->subject) != 0) {
2223 wpa_printf(MSG_DEBUG, "X509: Certificate "
2224 "chain issuer name mismatch");
2225 x509_name_string(&cert->issuer, buf,
Dmitry Shmidt29333592017-01-09 12:27:11 -0800[diff] [blame]2226 sizeof(buf));
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2227 wpa_printf(MSG_DEBUG, "X509: cert issuer: %s",
2228 buf);
2229 x509_name_string(&cert->next->subject, buf,
Dmitry Shmidt29333592017-01-09 12:27:11 -0800[diff] [blame]2230 sizeof(buf));
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2231 wpa_printf(MSG_DEBUG, "X509: next cert "
2232 "subject: %s", buf);
2233 *reason = X509_VALIDATE_CERTIFICATE_UNKNOWN;
2234 return -1;
2235 }
2236
2237 if (x509_valid_issuer(cert->next) < 0) {
2238 *reason = X509_VALIDATE_BAD_CERTIFICATE;
2239 return -1;
2240 }
2241
2242 if ((cert->next->extensions_present &
2243 X509_EXT_PATH_LEN_CONSTRAINT) &&
2244 idx > cert->next->path_len_constraint) {
2245 wpa_printf(MSG_DEBUG, "X509: pathLenConstraint"
2246 " not met (idx=%lu issuer "
2247 "pathLenConstraint=%lu)", idx,
2248 cert->next->path_len_constraint);
2249 *reason = X509_VALIDATE_BAD_CERTIFICATE;
2250 return -1;
2251 }
2252
2253 if (x509_certificate_check_signature(cert->next, cert)
2254 < 0) {
2255 wpa_printf(MSG_DEBUG, "X509: Invalid "
2256 "certificate signature within "
2257 "chain");
2258 *reason = X509_VALIDATE_BAD_CERTIFICATE;
2259 return -1;
2260 }
2261 }
2262
2263 for (trust = trusted; trust; trust = trust->next) {
2264 if (x509_name_compare(&cert->issuer, &trust->subject)
2265 == 0)
2266 break;
2267 }
2268
2269 if (trust) {
2270 wpa_printf(MSG_DEBUG, "X509: Found issuer from the "
2271 "list of trusted certificates");
2272 if (x509_valid_issuer(trust) < 0) {
2273 *reason = X509_VALIDATE_BAD_CERTIFICATE;
2274 return -1;
2275 }
2276
2277 if (x509_certificate_check_signature(trust, cert) < 0)
2278 {
2279 wpa_printf(MSG_DEBUG, "X509: Invalid "
2280 "certificate signature");
2281 *reason = X509_VALIDATE_BAD_CERTIFICATE;
2282 return -1;
2283 }
2284
2285 wpa_printf(MSG_DEBUG, "X509: Trusted certificate "
2286 "found to complete the chain");
Dmitry Shmidtd97138d2015-12-28 13:27:49 -0800[diff] [blame]2287 cert->issuer_trusted = 1;
Dmitry Shmidt8d520ff2011-05-09 14:06:53 -0700[diff] [blame]2288 chain_trusted = 1;
2289 }
2290 }
2291
2292 if (!chain_trusted) {
2293 wpa_printf(MSG_DEBUG, "X509: Did not find any of the issuers "
2294 "from the list of trusted certificates");
2295 if (trusted) {
2296 *reason = X509_VALIDATE_UNKNOWN_CA;
2297 return -1;
2298 }
2299 wpa_printf(MSG_DEBUG, "X509: Certificate chain validation "
2300 "disabled - ignore unknown CA issue");
2301 }
2302
2303 wpa_printf(MSG_DEBUG, "X509: Certificate chain valid");
2304
2305 return 0;
2306}
2307
2308
2309/**
2310 * x509_certificate_get_subject - Get a certificate based on Subject name
2311 * @chain: Certificate chain to search through
2312 * @name: Subject name to search for
2313 * Returns: Pointer to the certificate with the given Subject name or
2314 * %NULL on failure
2315 */
2316struct x509_certificate *
2317x509_certificate_get_subject(struct x509_certificate *chain,
2318 struct x509_name *name)
2319{
2320 struct x509_certificate *cert;
2321
2322 for (cert = chain; cert; cert = cert->next) {
2323 if (x509_name_compare(&cert->subject, name) == 0)
2324 return cert;
2325 }
2326 return NULL;
2327}
2328
2329
2330/**
2331 * x509_certificate_self_signed - Is the certificate self-signed?
2332 * @cert: Certificate
2333 * Returns: 1 if certificate is self-signed, 0 if not
2334 */
2335int x509_certificate_self_signed(struct x509_certificate *cert)
2336{
2337 return x509_name_compare(&cert->issuer, &cert->subject) == 0;
2338}