kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5693 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 1908667015
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1908667015'
${ noResults }
boringssl/crypto/x509v3/v3_purp.c

845 lines
26 KiB
Raw Blame History 

  1. /* v3_purp.c */

  2. /*

  3.  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project

  4.  * 2001.

  5.  */

  6. /* ====================================================================

  7.  * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.

  8.  *

  9.  * Redistribution and use in source and binary forms, with or without

  10.  * modification, are permitted provided that the following conditions

  11.  * are met:

  12.  *

  13.  * 1. Redistributions of source code must retain the above copyright

  14.  *    notice, this list of conditions and the following disclaimer.

  15.  *

  16.  * 2. Redistributions in binary form must reproduce the above copyright

  17.  *    notice, this list of conditions and the following disclaimer in

  18.  *    the documentation and/or other materials provided with the

  19.  *    distribution.

  20.  *

  21.  * 3. All advertising materials mentioning features or use of this

  22.  *    software must display the following acknowledgment:

  23.  *    "This product includes software developed by the OpenSSL Project

  24.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  25.  *

  26.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  27.  *    endorse or promote products derived from this software without

  28.  *    prior written permission. For written permission, please contact

  29.  *    licensing@OpenSSL.org.

  30.  *

  31.  * 5. Products derived from this software may not be called "OpenSSL"

  32.  *    nor may "OpenSSL" appear in their names without prior written

  33.  *    permission of the OpenSSL Project.

  34.  *

  35.  * 6. Redistributions of any form whatsoever must retain the following

  36.  *    acknowledgment:

  37.  *    "This product includes software developed by the OpenSSL Project

  38.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  41.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  43.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  44.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  45.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  46.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  47.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  48.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  49.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  50.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  51.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  52.  * ====================================================================

  53.  *

  54.  * This product includes cryptographic software written by Eric Young

  55.  * (eay@cryptsoft.com).  This product includes software written by Tim

  56.  * Hudson (tjh@cryptsoft.com). */

  57. 

  58. #include <stdio.h>

  59. 

  60. #include <string.h>

  61. 

  62. #include <openssl/buf.h>

  63. #include <openssl/err.h>

  64. #include <openssl/digest.h>

  65. #include <openssl/mem.h>

  66. #include <openssl/obj.h>

  67. #include <openssl/thread.h>

  68. #include <openssl/x509_vfy.h>

  69. #include <openssl/x509v3.h>

  70. 

  71. #include "../internal.h"

  72. 

  73. #define V1_ROOT (EXFLAG_V1|EXFLAG_SS)

  74. #define ku_reject(x, usage) \

  75.         (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))

  76. #define xku_reject(x, usage) \

  77.         (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))

  78. #define ns_reject(x, usage) \

  79.         (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))

  80. 

  81. static void x509v3_cache_extensions(X509 *x);

  82. 

  83. static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,

  84.                                     int ca);

  85. static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  86.                                     int ca);

  87. static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  88.                                        int ca);

  89. static int purpose_smime(const X509 *x, int ca);

  90. static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,

  91.                                     int ca);

  92. static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,

  93.                                        int ca);

  94. static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,

  95.                                   int ca);

  96. static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,

  97.                                         int ca);

  98. static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);

  99. static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);

  100. 

  101. static int xp_cmp(const X509_PURPOSE **a, const X509_PURPOSE **b);

  102. static void xptable_free(X509_PURPOSE *p);

  103. 

  104. static X509_PURPOSE xstandard[] = {

  105.     {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0,

  106.      check_purpose_ssl_client, (char *)"SSL client", (char *)"sslclient",

  107.      NULL},

  108.     {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,

  109.      check_purpose_ssl_server, (char *)"SSL server", (char *)"sslserver",

  110.      NULL},

  111.     {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,

  112.      check_purpose_ns_ssl_server, (char *)"Netscape SSL server",

  113.      (char *)"nssslserver", NULL},

  114.     {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign,

  115.      (char *)"S/MIME signing", (char *)"smimesign", NULL},

  116.     {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0,

  117.      check_purpose_smime_encrypt, (char *)"S/MIME encryption",

  118.      (char *)"smimeencrypt", NULL},

  119.     {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign,

  120.      (char *)"CRL signing", (char *)"crlsign", NULL},

  121.     {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, (char *)"Any Purpose",

  122.      (char *)"any", NULL},

  123.     {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper,

  124.      (char *)"OCSP helper", (char *)"ocsphelper", NULL},

  125.     {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0,

  126.      check_purpose_timestamp_sign, (char *)"Time Stamp signing",

  127.      (char *)"timestampsign", NULL},

  128. };

  129. 

  130. #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))

  131. 

  132. static STACK_OF(X509_PURPOSE) *xptable = NULL;

  133. 

  134. static int xp_cmp(const X509_PURPOSE **a, const X509_PURPOSE **b)

  135. {

  136.     return (*a)->purpose - (*b)->purpose;

  137. }

  138. 

  139. /*

  140.  * As much as I'd like to make X509_check_purpose use a "const" X509* I

  141.  * really can't because it does recalculate hashes and do other non-const

  142.  * things.

  143.  */

  144. int X509_check_purpose(X509 *x, int id, int ca)

  145. {

  146.     int idx;

  147.     const X509_PURPOSE *pt;

  148.     x509v3_cache_extensions(x);

  149.     if (id == -1)

  150.         return 1;

  151.     idx = X509_PURPOSE_get_by_id(id);

  152.     if (idx == -1)

  153.         return -1;

  154.     pt = X509_PURPOSE_get0(idx);

  155.     return pt->check_purpose(pt, x, ca);

  156. }

  157. 

  158. int X509_PURPOSE_set(int *p, int purpose)

  159. {

  160.     if (X509_PURPOSE_get_by_id(purpose) == -1) {

  161.         OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PURPOSE);

  162.         return 0;

  163.     }

  164.     *p = purpose;

  165.     return 1;

  166. }

  167. 

  168. int X509_PURPOSE_get_count(void)

  169. {

  170.     if (!xptable)

  171.         return X509_PURPOSE_COUNT;

  172.     return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;

  173. }

  174. 

  175. X509_PURPOSE *X509_PURPOSE_get0(int idx)

  176. {

  177.     if (idx < 0)

  178.         return NULL;

  179.     if (idx < (int)X509_PURPOSE_COUNT)

  180.         return xstandard + idx;

  181.     return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);

  182. }

  183. 

  184. int X509_PURPOSE_get_by_sname(char *sname)

  185. {

  186.     int i;

  187.     X509_PURPOSE *xptmp;

  188.     for (i = 0; i < X509_PURPOSE_get_count(); i++) {

  189.         xptmp = X509_PURPOSE_get0(i);

  190.         if (!strcmp(xptmp->sname, sname))

  191.             return i;

  192.     }

  193.     return -1;

  194. }

  195. 

  196. int X509_PURPOSE_get_by_id(int purpose)

  197. {

  198.     X509_PURPOSE tmp;

  199.     size_t idx;

  200. 

  201.     if ((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))

  202.         return purpose - X509_PURPOSE_MIN;

  203.     tmp.purpose = purpose;

  204.     if (!xptable)

  205.         return -1;

  206. 

  207.     sk_X509_PURPOSE_sort(xptable);

  208.     if (!sk_X509_PURPOSE_find(xptable, &idx, &tmp))

  209.         return -1;

  210.     return idx + X509_PURPOSE_COUNT;

  211. }

  212. 

  213. int X509_PURPOSE_add(int id, int trust, int flags,

  214.                      int (*ck) (const X509_PURPOSE *, const X509 *, int),

  215.                      char *name, char *sname, void *arg)

  216. {

  217.     int idx;

  218.     X509_PURPOSE *ptmp;

  219.     char *name_dup, *sname_dup;

  220. 

  221.     /*

  222.      * This is set according to what we change: application can't set it

  223.      */

  224.     flags &= ~X509_PURPOSE_DYNAMIC;

  225.     /* This will always be set for application modified trust entries */

  226.     flags |= X509_PURPOSE_DYNAMIC_NAME;

  227.     /* Get existing entry if any */

  228.     idx = X509_PURPOSE_get_by_id(id);

  229.     /* Need a new entry */

  230.     if (idx == -1) {

  231.         if (!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {

  232.             OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  233.             return 0;

  234.         }

  235.         ptmp->flags = X509_PURPOSE_DYNAMIC;

  236.     } else

  237.         ptmp = X509_PURPOSE_get0(idx);

  238. 

  239.     /* Duplicate the supplied names. */

  240.     name_dup = BUF_strdup(name);

  241.     sname_dup = BUF_strdup(sname);

  242.     if (name_dup == NULL || sname_dup == NULL) {

  243.         OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  244.         if (name_dup != NULL)

  245.             OPENSSL_free(name_dup);

  246.         if (sname_dup != NULL)

  247.             OPENSSL_free(sname_dup);

  248.         if (idx == -1)

  249.             OPENSSL_free(ptmp);

  250.         return 0;

  251.     }

  252. 

  253.     /* OPENSSL_free existing name if dynamic */

  254.     if (ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {

  255.         OPENSSL_free(ptmp->name);

  256.         OPENSSL_free(ptmp->sname);

  257.     }

  258.     /* dup supplied name */

  259.     ptmp->name = name_dup;

  260.     ptmp->sname = sname_dup;

  261.     /* Keep the dynamic flag of existing entry */

  262.     ptmp->flags &= X509_PURPOSE_DYNAMIC;

  263.     /* Set all other flags */

  264.     ptmp->flags |= flags;

  265. 

  266.     ptmp->purpose = id;

  267.     ptmp->trust = trust;

  268.     ptmp->check_purpose = ck;

  269.     ptmp->usr_data = arg;

  270. 

  271.     /* If its a new entry manage the dynamic table */

  272.     if (idx == -1) {

  273.         if (!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {

  274.             OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  275.             xptable_free(ptmp);

  276.             return 0;

  277.         }

  278.         if (!sk_X509_PURPOSE_push(xptable, ptmp)) {

  279.             OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  280.             xptable_free(ptmp);

  281.             return 0;

  282.         }

  283.     }

  284.     return 1;

  285. }

  286. 

  287. static void xptable_free(X509_PURPOSE *p)

  288. {

  289.     if (!p)

  290.         return;

  291.     if (p->flags & X509_PURPOSE_DYNAMIC) {

  292.         if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {

  293.             OPENSSL_free(p->name);

  294.             OPENSSL_free(p->sname);

  295.         }

  296.         OPENSSL_free(p);

  297.     }

  298. }

  299. 

  300. void X509_PURPOSE_cleanup(void)

  301. {

  302.     unsigned int i;

  303.     sk_X509_PURPOSE_pop_free(xptable, xptable_free);

  304.     for (i = 0; i < X509_PURPOSE_COUNT; i++)

  305.         xptable_free(xstandard + i);

  306.     xptable = NULL;

  307. }

  308. 

  309. int X509_PURPOSE_get_id(X509_PURPOSE *xp)

  310. {

  311.     return xp->purpose;

  312. }

  313. 

  314. char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)

  315. {

  316.     return xp->name;

  317. }

  318. 

  319. char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)

  320. {

  321.     return xp->sname;

  322. }

  323. 

  324. int X509_PURPOSE_get_trust(X509_PURPOSE *xp)

  325. {

  326.     return xp->trust;

  327. }

  328. 

  329. static int nid_cmp(const void *void_a, const void *void_b)

  330. {

  331.     const int *a = void_a, *b = void_b;

  332. 

  333.     return *a - *b;

  334. }

  335. 

  336. int X509_supported_extension(X509_EXTENSION *ex)

  337. {

  338.     /*

  339.      * This table is a list of the NIDs of supported extensions: that is

  340.      * those which are used by the verify process. If an extension is

  341.      * critical and doesn't appear in this list then the verify process will

  342.      * normally reject the certificate. The list must be kept in numerical

  343.      * order because it will be searched using bsearch.

  344.      */

  345. 

  346.     static const int supported_nids[] = {

  347.         NID_netscape_cert_type, /* 71 */

  348.         NID_key_usage,          /* 83 */

  349.         NID_subject_alt_name,   /* 85 */

  350.         NID_basic_constraints,  /* 87 */

  351.         NID_certificate_policies, /* 89 */

  352.         NID_ext_key_usage,      /* 126 */

  353.         NID_policy_constraints, /* 401 */

  354.         NID_proxyCertInfo,      /* 663 */

  355.         NID_name_constraints,   /* 666 */

  356.         NID_policy_mappings,    /* 747 */

  357.         NID_inhibit_any_policy  /* 748 */

  358.     };

  359. 

  360.     int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));

  361. 

  362.     if (ex_nid == NID_undef)

  363.         return 0;

  364. 

  365.     if (bsearch

  366.         (&ex_nid, supported_nids, sizeof(supported_nids) / sizeof(int),

  367.          sizeof(int), nid_cmp) != NULL)

  368.         return 1;

  369.     return 0;

  370. }

  371. 

  372. static void setup_dp(X509 *x, DIST_POINT *dp)

  373. {

  374.     X509_NAME *iname = NULL;

  375.     size_t i;

  376.     if (dp->reasons) {

  377.         if (dp->reasons->length > 0)

  378.             dp->dp_reasons = dp->reasons->data[0];

  379.         if (dp->reasons->length > 1)

  380.             dp->dp_reasons |= (dp->reasons->data[1] << 8);

  381.         dp->dp_reasons &= CRLDP_ALL_REASONS;

  382.     } else

  383.         dp->dp_reasons = CRLDP_ALL_REASONS;

  384.     if (!dp->distpoint || (dp->distpoint->type != 1))

  385.         return;

  386.     for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {

  387.         GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);

  388.         if (gen->type == GEN_DIRNAME) {

  389.             iname = gen->d.directoryName;

  390.             break;

  391.         }

  392.     }

  393.     if (!iname)

  394.         iname = X509_get_issuer_name(x);

  395. 

  396.     DIST_POINT_set_dpname(dp->distpoint, iname);

  397. 

  398. }

  399. 

  400. static void setup_crldp(X509 *x)

  401. {

  402.     size_t i;

  403.     x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);

  404.     for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)

  405.         setup_dp(x, sk_DIST_POINT_value(x->crldp, i));

  406. }

  407. 

  408. static void x509v3_cache_extensions(X509 *x)

  409. {

  410.     BASIC_CONSTRAINTS *bs;

  411.     PROXY_CERT_INFO_EXTENSION *pci;

  412.     ASN1_BIT_STRING *usage;

  413.     ASN1_BIT_STRING *ns;

  414.     EXTENDED_KEY_USAGE *extusage;

  415.     X509_EXTENSION *ex;

  416.     size_t i;

  417.     int j;

  418. 

  419.     CRYPTO_MUTEX_lock_read(&x->lock);

  420.     const int is_set = x->ex_flags & EXFLAG_SET;

  421.     CRYPTO_MUTEX_unlock_read(&x->lock);

  422. 

  423.     if (is_set) {

  424.         return;

  425.     }

  426. 

  427.     CRYPTO_MUTEX_lock_write(&x->lock);

  428.     if (x->ex_flags & EXFLAG_SET) {

  429.         CRYPTO_MUTEX_unlock_write(&x->lock);

  430.         return;

  431.     }

  432. 

  433.     X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);

  434.     /* V1 should mean no extensions ... */

  435.     if (!X509_get_version(x))

  436.         x->ex_flags |= EXFLAG_V1;

  437.     /* Handle basic constraints */

  438.     if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {

  439.         if (bs->ca)

  440.             x->ex_flags |= EXFLAG_CA;

  441.         if (bs->pathlen) {

  442.             if ((bs->pathlen->type == V_ASN1_NEG_INTEGER)

  443.                 || !bs->ca) {

  444.                 x->ex_flags |= EXFLAG_INVALID;

  445.                 x->ex_pathlen = 0;

  446.             } else

  447.                 x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);

  448.         } else

  449.             x->ex_pathlen = -1;

  450.         BASIC_CONSTRAINTS_free(bs);

  451.         x->ex_flags |= EXFLAG_BCONS;

  452.     }

  453.     /* Handle proxy certificates */

  454.     if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {

  455.         if (x->ex_flags & EXFLAG_CA

  456.             || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0

  457.             || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {

  458.             x->ex_flags |= EXFLAG_INVALID;

  459.         }

  460.         if (pci->pcPathLengthConstraint) {

  461.             x->ex_pcpathlen = ASN1_INTEGER_get(pci->pcPathLengthConstraint);

  462.         } else

  463.             x->ex_pcpathlen = -1;

  464.         PROXY_CERT_INFO_EXTENSION_free(pci);

  465.         x->ex_flags |= EXFLAG_PROXY;

  466.     }

  467.     /* Handle key usage */

  468.     if ((usage = X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {

  469.         if (usage->length > 0) {

  470.             x->ex_kusage = usage->data[0];

  471.             if (usage->length > 1)

  472.                 x->ex_kusage |= usage->data[1] << 8;

  473.         } else

  474.             x->ex_kusage = 0;

  475.         x->ex_flags |= EXFLAG_KUSAGE;

  476.         ASN1_BIT_STRING_free(usage);

  477.     }

  478.     x->ex_xkusage = 0;

  479.     if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {

  480.         x->ex_flags |= EXFLAG_XKUSAGE;

  481.         for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {

  482.             switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) {

  483.             case NID_server_auth:

  484.                 x->ex_xkusage |= XKU_SSL_SERVER;

  485.                 break;

  486. 

  487.             case NID_client_auth:

  488.                 x->ex_xkusage |= XKU_SSL_CLIENT;

  489.                 break;

  490. 

  491.             case NID_email_protect:

  492.                 x->ex_xkusage |= XKU_SMIME;

  493.                 break;

  494. 

  495.             case NID_code_sign:

  496.                 x->ex_xkusage |= XKU_CODE_SIGN;

  497.                 break;

  498. 

  499.             case NID_ms_sgc:

  500.             case NID_ns_sgc:

  501.                 x->ex_xkusage |= XKU_SGC;

  502.                 break;

  503. 

  504.             case NID_OCSP_sign:

  505.                 x->ex_xkusage |= XKU_OCSP_SIGN;

  506.                 break;

  507. 

  508.             case NID_time_stamp:

  509.                 x->ex_xkusage |= XKU_TIMESTAMP;

  510.                 break;

  511. 

  512.             case NID_dvcs:

  513.                 x->ex_xkusage |= XKU_DVCS;

  514.                 break;

  515. 

  516.             case NID_anyExtendedKeyUsage:

  517.                 x->ex_xkusage |= XKU_ANYEKU;

  518.                 break;

  519.             }

  520.         }

  521.         sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);

  522.     }

  523. 

  524.     if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {

  525.         if (ns->length > 0)

  526.             x->ex_nscert = ns->data[0];

  527.         else

  528.             x->ex_nscert = 0;

  529.         x->ex_flags |= EXFLAG_NSCERT;

  530.         ASN1_BIT_STRING_free(ns);

  531.     }

  532.     x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);

  533.     x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);

  534.     /* Does subject name match issuer ? */

  535.     if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) {

  536.         x->ex_flags |= EXFLAG_SI;

  537.         /* If SKID matches AKID also indicate self signed */

  538.         if (X509_check_akid(x, x->akid) == X509_V_OK &&

  539.             !ku_reject(x, KU_KEY_CERT_SIGN))

  540.             x->ex_flags |= EXFLAG_SS;

  541.     }

  542.     x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);

  543.     x->nc = X509_get_ext_d2i(x, NID_name_constraints, &j, NULL);

  544.     if (!x->nc && (j != -1))

  545.         x->ex_flags |= EXFLAG_INVALID;

  546.     setup_crldp(x);

  547. 

  548.     for (j = 0; j < X509_get_ext_count(x); j++) {

  549.         ex = X509_get_ext(x, j);

  550.         if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))

  551.             == NID_freshest_crl)

  552.             x->ex_flags |= EXFLAG_FRESHEST;

  553.         if (!X509_EXTENSION_get_critical(ex))

  554.             continue;

  555.         if (!X509_supported_extension(ex)) {

  556.             x->ex_flags |= EXFLAG_CRITICAL;

  557.             break;

  558.         }

  559.     }

  560.     x->ex_flags |= EXFLAG_SET;

  561. 

  562.     CRYPTO_MUTEX_unlock_write(&x->lock);

  563. }

  564. 

  565. /* check_ca returns one if |x| should be considered a CA certificate and zero

  566.  * otherwise. */

  567. static int check_ca(const X509 *x)

  568. {

  569.     /* keyUsage if present should allow cert signing */

  570.     if (ku_reject(x, KU_KEY_CERT_SIGN))

  571.         return 0;

  572.     /* Version 1 certificates are considered CAs and don't have extensions. */

  573.     if ((x->ex_flags & V1_ROOT) == V1_ROOT) {

  574.         return 1;

  575.     }

  576.     /* Otherwise, it's only a CA if basicConstraints says so. */

  577.     return ((x->ex_flags & EXFLAG_BCONS) &&

  578.             (x->ex_flags & EXFLAG_CA));

  579. }

  580. 

  581. int X509_check_ca(X509 *x)

  582. {

  583.     x509v3_cache_extensions(x);

  584.     return check_ca(x);

  585. }

  586. 

  587. static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,

  588.                                     int ca)

  589. {

  590.     if (xku_reject(x, XKU_SSL_CLIENT))

  591.         return 0;

  592.     if (ca)

  593.         return check_ca(x);

  594.     /* We need to do digital signatures or key agreement */

  595.     if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT))

  596.         return 0;

  597.     /* nsCertType if present should allow SSL client use */

  598.     if (ns_reject(x, NS_SSL_CLIENT))

  599.         return 0;

  600.     return 1;

  601. }

  602. 

  603. /*

  604.  * Key usage needed for TLS/SSL server: digital signature, encipherment or

  605.  * key agreement. The ssl code can check this more thoroughly for individual

  606.  * key types.

  607.  */

  608. #define KU_TLS \

  609.         (KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT)

  610. 

  611. static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  612.                                     int ca)

  613. {

  614.     if (xku_reject(x, XKU_SSL_SERVER | XKU_SGC))

  615.         return 0;

  616.     if (ca)

  617.         return check_ca(x);

  618. 

  619.     if (ns_reject(x, NS_SSL_SERVER))

  620.         return 0;

  621.     if (ku_reject(x, KU_TLS))

  622.         return 0;

  623. 

  624.     return 1;

  625. 

  626. }

  627. 

  628. static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  629.                                        int ca)

  630. {

  631.     int ret;

  632.     ret = check_purpose_ssl_server(xp, x, ca);

  633.     if (!ret || ca)

  634.         return ret;

  635.     /* We need to encipher or Netscape complains */

  636.     if (ku_reject(x, KU_KEY_ENCIPHERMENT))

  637.         return 0;

  638.     return ret;

  639. }

  640. 

  641. /* purpose_smime returns one if |x| is a valid S/MIME leaf (|ca| is zero) or CA

  642.  * (|ca| is one) certificate, and zero otherwise. */

  643. static int purpose_smime(const X509 *x, int ca)

  644. {

  645.     if (xku_reject(x, XKU_SMIME))

  646.         return 0;

  647.     if (ca) {

  648.         /* check nsCertType if present */

  649.         if ((x->ex_flags & EXFLAG_NSCERT) &&

  650.             (x->ex_nscert & NS_SMIME_CA) == 0) {

  651.           return 0;

  652.         }

  653. 

  654.         return check_ca(x);

  655.     }

  656.     if (x->ex_flags & EXFLAG_NSCERT) {

  657.         return (x->ex_nscert & NS_SMIME) == NS_SMIME;

  658.     }

  659.     return 1;

  660. }

  661. 

  662. static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,

  663.                                     int ca)

  664. {

  665.     int ret;

  666.     ret = purpose_smime(x, ca);

  667.     if (!ret || ca)

  668.         return ret;

  669.     if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION))

  670.         return 0;

  671.     return ret;

  672. }

  673. 

  674. static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,

  675.                                        int ca)

  676. {

  677.     int ret;

  678.     ret = purpose_smime(x, ca);

  679.     if (!ret || ca)

  680.         return ret;

  681.     if (ku_reject(x, KU_KEY_ENCIPHERMENT))

  682.         return 0;

  683.     return ret;

  684. }

  685. 

  686. static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,

  687.                                   int ca)

  688. {

  689.     if (ca) {

  690.         return check_ca(x);

  691.     }

  692.     if (ku_reject(x, KU_CRL_SIGN))

  693.         return 0;

  694.     return 1;

  695. }

  696. 

  697. /*

  698.  * OCSP helper: this is *not* a full OCSP check. It just checks that each CA

  699.  * is valid. Additional checks must be made on the chain.

  700.  */

  701. 

  702. static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)

  703. {

  704.     if (ca)

  705.         return check_ca(x);

  706.     /* leaf certificate is checked in OCSP_verify() */

  707.     return 1;

  708. }

  709. 

  710. static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,

  711.                                         int ca)

  712. {

  713.     int i_ext;

  714. 

  715.     /* If ca is true we must return if this is a valid CA certificate. */

  716.     if (ca)

  717.         return check_ca(x);

  718. 

  719.     /*

  720.      * Check the optional key usage field:

  721.      * if Key Usage is present, it must be one of digitalSignature

  722.      * and/or nonRepudiation (other values are not consistent and shall

  723.      * be rejected).

  724.      */

  725.     if ((x->ex_flags & EXFLAG_KUSAGE)

  726.         && ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) ||

  727.             !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE))))

  728.         return 0;

  729. 

  730.     /* Only time stamp key usage is permitted and it's required. */

  731.     if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP)

  732.         return 0;

  733. 

  734.     /* Extended Key Usage MUST be critical */

  735.     i_ext = X509_get_ext_by_NID((X509 *)x, NID_ext_key_usage, -1);

  736.     if (i_ext >= 0) {

  737.         X509_EXTENSION *ext = X509_get_ext((X509 *)x, i_ext);

  738.         if (!X509_EXTENSION_get_critical(ext))

  739.             return 0;

  740.     }

  741. 

  742.     return 1;

  743. }

  744. 

  745. static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)

  746. {

  747.     return 1;

  748. }

  749. 

  750. /*

  751.  * Various checks to see if one certificate issued the second. This can be

  752.  * used to prune a set of possible issuer certificates which have been looked

  753.  * up using some simple method such as by subject name. These are: 1. Check

  754.  * issuer_name(subject) == subject_name(issuer) 2. If akid(subject) exists

  755.  * check it matches issuer 3. If key_usage(issuer) exists check it supports

  756.  * certificate signing returns 0 for OK, positive for reason for mismatch,

  757.  * reasons match codes for X509_verify_cert()

  758.  */

  759. 

  760. int X509_check_issued(X509 *issuer, X509 *subject)

  761. {

  762.     if (X509_NAME_cmp(X509_get_subject_name(issuer),

  763.                       X509_get_issuer_name(subject)))

  764.         return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;

  765.     x509v3_cache_extensions(issuer);

  766.     x509v3_cache_extensions(subject);

  767. 

  768.     if (subject->akid) {

  769.         int ret = X509_check_akid(issuer, subject->akid);

  770.         if (ret != X509_V_OK)

  771.             return ret;

  772.     }

  773. 

  774.     if (subject->ex_flags & EXFLAG_PROXY) {

  775.         if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))

  776.             return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;

  777.     } else if (ku_reject(issuer, KU_KEY_CERT_SIGN))

  778.         return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;

  779.     return X509_V_OK;

  780. }

  781. 

  782. int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)

  783. {

  784. 

  785.     if (!akid)

  786.         return X509_V_OK;

  787. 

  788.     /* Check key ids (if present) */

  789.     if (akid->keyid && issuer->skid &&

  790.         ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid))

  791.         return X509_V_ERR_AKID_SKID_MISMATCH;

  792.     /* Check serial number */

  793.     if (akid->serial &&

  794.         ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial))

  795.         return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;

  796.     /* Check issuer name */

  797.     if (akid->issuer) {

  798.         /*

  799.          * Ugh, for some peculiar reason AKID includes SEQUENCE OF

  800.          * GeneralName. So look for a DirName. There may be more than one but

  801.          * we only take any notice of the first.

  802.          */

  803.         GENERAL_NAMES *gens;

  804.         GENERAL_NAME *gen;

  805.         X509_NAME *nm = NULL;

  806.         size_t i;

  807.         gens = akid->issuer;

  808.         for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {

  809.             gen = sk_GENERAL_NAME_value(gens, i);

  810.             if (gen->type == GEN_DIRNAME) {

  811.                 nm = gen->d.dirn;

  812.                 break;

  813.             }

  814.         }

  815.         if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))

  816.             return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;

  817.     }

  818.     return X509_V_OK;

  819. }

  820. 

  821. uint32_t X509_get_extension_flags(X509 *x)

  822. {

  823.     /* Call for side-effect of computing hash and caching extensions */

  824.     X509_check_purpose(x, -1, -1);

  825.     return x->ex_flags;

  826. }

  827. 

  828. uint32_t X509_get_key_usage(X509 *x)

  829. {

  830.     /* Call for side-effect of computing hash and caching extensions */

  831.     X509_check_purpose(x, -1, -1);

  832.     if (x->ex_flags & EXFLAG_KUSAGE)

  833.         return x->ex_kusage;

  834.     return UINT32_MAX;

  835. }

  836. 

  837. uint32_t X509_get_extended_key_usage(X509 *x)

  838. {

  839.     /* Call for side-effect of computing hash and caching extensions */

  840.     X509_check_purpose(x, -1, -1);

  841.     if (x->ex_flags & EXFLAG_XKUSAGE)

  842.         return x->ex_xkusage;

  843.     return UINT32_MAX;

  844. }