kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5314 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 82639e6f53
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '82639e6f53'
${ noResults }
boringssl/crypto/x509v3/v3_purp.c

868 lines
26 KiB
Raw Blame History 

  1. /* v3_purp.c */

  2. /*

  3.  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project

  4.  * 2001.

  5.  */

  6. /* ====================================================================

  7.  * Copyright (c) 1999-2004 The OpenSSL Project.  All rights reserved.

  8.  *

  9.  * Redistribution and use in source and binary forms, with or without

  10.  * modification, are permitted provided that the following conditions

  11.  * are met:

  12.  *

  13.  * 1. Redistributions of source code must retain the above copyright

  14.  *    notice, this list of conditions and the following disclaimer.

  15.  *

  16.  * 2. Redistributions in binary form must reproduce the above copyright

  17.  *    notice, this list of conditions and the following disclaimer in

  18.  *    the documentation and/or other materials provided with the

  19.  *    distribution.

  20.  *

  21.  * 3. All advertising materials mentioning features or use of this

  22.  *    software must display the following acknowledgment:

  23.  *    "This product includes software developed by the OpenSSL Project

  24.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  25.  *

  26.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  27.  *    endorse or promote products derived from this software without

  28.  *    prior written permission. For written permission, please contact

  29.  *    licensing@OpenSSL.org.

  30.  *

  31.  * 5. Products derived from this software may not be called "OpenSSL"

  32.  *    nor may "OpenSSL" appear in their names without prior written

  33.  *    permission of the OpenSSL Project.

  34.  *

  35.  * 6. Redistributions of any form whatsoever must retain the following

  36.  *    acknowledgment:

  37.  *    "This product includes software developed by the OpenSSL Project

  38.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  41.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  43.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  44.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  45.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  46.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  47.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  48.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  49.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  50.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  51.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  52.  * ====================================================================

  53.  *

  54.  * This product includes cryptographic software written by Eric Young

  55.  * (eay@cryptsoft.com).  This product includes software written by Tim

  56.  * Hudson (tjh@cryptsoft.com). */

  57. 

  58. #include <stdio.h>

  59. 

  60. #include <string.h>

  61. 

  62. #include <openssl/buf.h>

  63. #include <openssl/err.h>

  64. #include <openssl/digest.h>

  65. #include <openssl/mem.h>

  66. #include <openssl/obj.h>

  67. #include <openssl/thread.h>

  68. #include <openssl/x509_vfy.h>

  69. #include <openssl/x509v3.h>

  70. 

  71. #include "../internal.h"

  72. 

  73. #define V1_ROOT (EXFLAG_V1|EXFLAG_SS)

  74. #define ku_reject(x, usage) \

  75.         (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))

  76. #define xku_reject(x, usage) \

  77.         (((x)->ex_flags & EXFLAG_XKUSAGE) && !((x)->ex_xkusage & (usage)))

  78. #define ns_reject(x, usage) \

  79.         (((x)->ex_flags & EXFLAG_NSCERT) && !((x)->ex_nscert & (usage)))

  80. 

  81. static void x509v3_cache_extensions(X509 *x);

  82. 

  83. static int check_ssl_ca(const X509 *x);

  84. static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,

  85.                                     int ca);

  86. static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  87.                                     int ca);

  88. static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  89.                                        int ca);

  90. static int purpose_smime(const X509 *x, int ca);

  91. static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,

  92.                                     int ca);

  93. static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,

  94.                                        int ca);

  95. static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,

  96.                                   int ca);

  97. static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,

  98.                                         int ca);

  99. static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca);

  100. static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca);

  101. 

  102. static int xp_cmp(const X509_PURPOSE **a, const X509_PURPOSE **b);

  103. static void xptable_free(X509_PURPOSE *p);

  104. 

  105. static X509_PURPOSE xstandard[] = {

  106.     {X509_PURPOSE_SSL_CLIENT, X509_TRUST_SSL_CLIENT, 0,

  107.      check_purpose_ssl_client, (char *)"SSL client", (char *)"sslclient",

  108.      NULL},

  109.     {X509_PURPOSE_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,

  110.      check_purpose_ssl_server, (char *)"SSL server", (char *)"sslserver",

  111.      NULL},

  112.     {X509_PURPOSE_NS_SSL_SERVER, X509_TRUST_SSL_SERVER, 0,

  113.      check_purpose_ns_ssl_server, (char *)"Netscape SSL server",

  114.      (char *)"nssslserver", NULL},

  115.     {X509_PURPOSE_SMIME_SIGN, X509_TRUST_EMAIL, 0, check_purpose_smime_sign,

  116.      (char *)"S/MIME signing", (char *)"smimesign", NULL},

  117.     {X509_PURPOSE_SMIME_ENCRYPT, X509_TRUST_EMAIL, 0,

  118.      check_purpose_smime_encrypt, (char *)"S/MIME encryption",

  119.      (char *)"smimeencrypt", NULL},

  120.     {X509_PURPOSE_CRL_SIGN, X509_TRUST_COMPAT, 0, check_purpose_crl_sign,

  121.      (char *)"CRL signing", (char *)"crlsign", NULL},

  122.     {X509_PURPOSE_ANY, X509_TRUST_DEFAULT, 0, no_check, (char *)"Any Purpose",

  123.      (char *)"any", NULL},

  124.     {X509_PURPOSE_OCSP_HELPER, X509_TRUST_COMPAT, 0, ocsp_helper,

  125.      (char *)"OCSP helper", (char *)"ocsphelper", NULL},

  126.     {X509_PURPOSE_TIMESTAMP_SIGN, X509_TRUST_TSA, 0,

  127.      check_purpose_timestamp_sign, (char *)"Time Stamp signing",

  128.      (char *)"timestampsign", NULL},

  129. };

  130. 

  131. #define X509_PURPOSE_COUNT (sizeof(xstandard)/sizeof(X509_PURPOSE))

  132. 

  133. static STACK_OF(X509_PURPOSE) *xptable = NULL;

  134. 

  135. static int xp_cmp(const X509_PURPOSE **a, const X509_PURPOSE **b)

  136. {

  137.     return (*a)->purpose - (*b)->purpose;

  138. }

  139. 

  140. /*

  141.  * As much as I'd like to make X509_check_purpose use a "const" X509* I

  142.  * really can't because it does recalculate hashes and do other non-const

  143.  * things.

  144.  */

  145. int X509_check_purpose(X509 *x, int id, int ca)

  146. {

  147.     int idx;

  148.     const X509_PURPOSE *pt;

  149.     x509v3_cache_extensions(x);

  150.     if (id == -1)

  151.         return 1;

  152.     idx = X509_PURPOSE_get_by_id(id);

  153.     if (idx == -1)

  154.         return -1;

  155.     pt = X509_PURPOSE_get0(idx);

  156.     return pt->check_purpose(pt, x, ca);

  157. }

  158. 

  159. int X509_PURPOSE_set(int *p, int purpose)

  160. {

  161.     if (X509_PURPOSE_get_by_id(purpose) == -1) {

  162.         OPENSSL_PUT_ERROR(X509V3, X509V3_R_INVALID_PURPOSE);

  163.         return 0;

  164.     }

  165.     *p = purpose;

  166.     return 1;

  167. }

  168. 

  169. int X509_PURPOSE_get_count(void)

  170. {

  171.     if (!xptable)

  172.         return X509_PURPOSE_COUNT;

  173.     return sk_X509_PURPOSE_num(xptable) + X509_PURPOSE_COUNT;

  174. }

  175. 

  176. X509_PURPOSE *X509_PURPOSE_get0(int idx)

  177. {

  178.     if (idx < 0)

  179.         return NULL;

  180.     if (idx < (int)X509_PURPOSE_COUNT)

  181.         return xstandard + idx;

  182.     return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);

  183. }

  184. 

  185. int X509_PURPOSE_get_by_sname(char *sname)

  186. {

  187.     int i;

  188.     X509_PURPOSE *xptmp;

  189.     for (i = 0; i < X509_PURPOSE_get_count(); i++) {

  190.         xptmp = X509_PURPOSE_get0(i);

  191.         if (!strcmp(xptmp->sname, sname))

  192.             return i;

  193.     }

  194.     return -1;

  195. }

  196. 

  197. int X509_PURPOSE_get_by_id(int purpose)

  198. {

  199.     X509_PURPOSE tmp;

  200.     size_t idx;

  201. 

  202.     if ((purpose >= X509_PURPOSE_MIN) && (purpose <= X509_PURPOSE_MAX))

  203.         return purpose - X509_PURPOSE_MIN;

  204.     tmp.purpose = purpose;

  205.     if (!xptable)

  206.         return -1;

  207. 

  208.     sk_X509_PURPOSE_sort(xptable);

  209.     if (!sk_X509_PURPOSE_find(xptable, &idx, &tmp))

  210.         return -1;

  211.     return idx + X509_PURPOSE_COUNT;

  212. }

  213. 

  214. int X509_PURPOSE_add(int id, int trust, int flags,

  215.                      int (*ck) (const X509_PURPOSE *, const X509 *, int),

  216.                      char *name, char *sname, void *arg)

  217. {

  218.     int idx;

  219.     X509_PURPOSE *ptmp;

  220.     char *name_dup, *sname_dup;

  221. 

  222.     /*

  223.      * This is set according to what we change: application can't set it

  224.      */

  225.     flags &= ~X509_PURPOSE_DYNAMIC;

  226.     /* This will always be set for application modified trust entries */

  227.     flags |= X509_PURPOSE_DYNAMIC_NAME;

  228.     /* Get existing entry if any */

  229.     idx = X509_PURPOSE_get_by_id(id);

  230.     /* Need a new entry */

  231.     if (idx == -1) {

  232.         if (!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {

  233.             OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  234.             return 0;

  235.         }

  236.         ptmp->flags = X509_PURPOSE_DYNAMIC;

  237.     } else

  238.         ptmp = X509_PURPOSE_get0(idx);

  239. 

  240.     /* Duplicate the supplied names. */

  241.     name_dup = BUF_strdup(name);

  242.     sname_dup = BUF_strdup(sname);

  243.     if (name_dup == NULL || sname_dup == NULL) {

  244.         OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  245.         if (name_dup != NULL)

  246.             OPENSSL_free(name_dup);

  247.         if (sname_dup != NULL)

  248.             OPENSSL_free(sname_dup);

  249.         if (idx == -1)

  250.             OPENSSL_free(ptmp);

  251.         return 0;

  252.     }

  253. 

  254.     /* OPENSSL_free existing name if dynamic */

  255.     if (ptmp->flags & X509_PURPOSE_DYNAMIC_NAME) {

  256.         OPENSSL_free(ptmp->name);

  257.         OPENSSL_free(ptmp->sname);

  258.     }

  259.     /* dup supplied name */

  260.     ptmp->name = name_dup;

  261.     ptmp->sname = sname_dup;

  262.     /* Keep the dynamic flag of existing entry */

  263.     ptmp->flags &= X509_PURPOSE_DYNAMIC;

  264.     /* Set all other flags */

  265.     ptmp->flags |= flags;

  266. 

  267.     ptmp->purpose = id;

  268.     ptmp->trust = trust;

  269.     ptmp->check_purpose = ck;

  270.     ptmp->usr_data = arg;

  271. 

  272.     /* If its a new entry manage the dynamic table */

  273.     if (idx == -1) {

  274.         if (!xptable && !(xptable = sk_X509_PURPOSE_new(xp_cmp))) {

  275.             OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  276.             xptable_free(ptmp);

  277.             return 0;

  278.         }

  279.         if (!sk_X509_PURPOSE_push(xptable, ptmp)) {

  280.             OPENSSL_PUT_ERROR(X509V3, ERR_R_MALLOC_FAILURE);

  281.             xptable_free(ptmp);

  282.             return 0;

  283.         }

  284.     }

  285.     return 1;

  286. }

  287. 

  288. static void xptable_free(X509_PURPOSE *p)

  289. {

  290.     if (!p)

  291.         return;

  292.     if (p->flags & X509_PURPOSE_DYNAMIC) {

  293.         if (p->flags & X509_PURPOSE_DYNAMIC_NAME) {

  294.             OPENSSL_free(p->name);

  295.             OPENSSL_free(p->sname);

  296.         }

  297.         OPENSSL_free(p);

  298.     }

  299. }

  300. 

  301. void X509_PURPOSE_cleanup(void)

  302. {

  303.     unsigned int i;

  304.     sk_X509_PURPOSE_pop_free(xptable, xptable_free);

  305.     for (i = 0; i < X509_PURPOSE_COUNT; i++)

  306.         xptable_free(xstandard + i);

  307.     xptable = NULL;

  308. }

  309. 

  310. int X509_PURPOSE_get_id(X509_PURPOSE *xp)

  311. {

  312.     return xp->purpose;

  313. }

  314. 

  315. char *X509_PURPOSE_get0_name(X509_PURPOSE *xp)

  316. {

  317.     return xp->name;

  318. }

  319. 

  320. char *X509_PURPOSE_get0_sname(X509_PURPOSE *xp)

  321. {

  322.     return xp->sname;

  323. }

  324. 

  325. int X509_PURPOSE_get_trust(X509_PURPOSE *xp)

  326. {

  327.     return xp->trust;

  328. }

  329. 

  330. static int nid_cmp(const void *void_a, const void *void_b)

  331. {

  332.     const int *a = void_a, *b = void_b;

  333. 

  334.     return *a - *b;

  335. }

  336. 

  337. int X509_supported_extension(X509_EXTENSION *ex)

  338. {

  339.     /*

  340.      * This table is a list of the NIDs of supported extensions: that is

  341.      * those which are used by the verify process. If an extension is

  342.      * critical and doesn't appear in this list then the verify process will

  343.      * normally reject the certificate. The list must be kept in numerical

  344.      * order because it will be searched using bsearch.

  345.      */

  346. 

  347.     static const int supported_nids[] = {

  348.         NID_netscape_cert_type, /* 71 */

  349.         NID_key_usage,          /* 83 */

  350.         NID_subject_alt_name,   /* 85 */

  351.         NID_basic_constraints,  /* 87 */

  352.         NID_certificate_policies, /* 89 */

  353.         NID_ext_key_usage,      /* 126 */

  354.         NID_policy_constraints, /* 401 */

  355.         NID_proxyCertInfo,      /* 663 */

  356.         NID_name_constraints,   /* 666 */

  357.         NID_policy_mappings,    /* 747 */

  358.         NID_inhibit_any_policy  /* 748 */

  359.     };

  360. 

  361.     int ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));

  362. 

  363.     if (ex_nid == NID_undef)

  364.         return 0;

  365. 

  366.     if (bsearch

  367.         (&ex_nid, supported_nids, sizeof(supported_nids) / sizeof(int),

  368.          sizeof(int), nid_cmp) != NULL)

  369.         return 1;

  370.     return 0;

  371. }

  372. 

  373. static void setup_dp(X509 *x, DIST_POINT *dp)

  374. {

  375.     X509_NAME *iname = NULL;

  376.     size_t i;

  377.     if (dp->reasons) {

  378.         if (dp->reasons->length > 0)

  379.             dp->dp_reasons = dp->reasons->data[0];

  380.         if (dp->reasons->length > 1)

  381.             dp->dp_reasons |= (dp->reasons->data[1] << 8);

  382.         dp->dp_reasons &= CRLDP_ALL_REASONS;

  383.     } else

  384.         dp->dp_reasons = CRLDP_ALL_REASONS;

  385.     if (!dp->distpoint || (dp->distpoint->type != 1))

  386.         return;

  387.     for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) {

  388.         GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);

  389.         if (gen->type == GEN_DIRNAME) {

  390.             iname = gen->d.directoryName;

  391.             break;

  392.         }

  393.     }

  394.     if (!iname)

  395.         iname = X509_get_issuer_name(x);

  396. 

  397.     DIST_POINT_set_dpname(dp->distpoint, iname);

  398. 

  399. }

  400. 

  401. static void setup_crldp(X509 *x)

  402. {

  403.     size_t i;

  404.     x->crldp = X509_get_ext_d2i(x, NID_crl_distribution_points, NULL, NULL);

  405.     for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)

  406.         setup_dp(x, sk_DIST_POINT_value(x->crldp, i));

  407. }

  408. 

  409. static void x509v3_cache_extensions(X509 *x)

  410. {

  411.     BASIC_CONSTRAINTS *bs;

  412.     PROXY_CERT_INFO_EXTENSION *pci;

  413.     ASN1_BIT_STRING *usage;

  414.     ASN1_BIT_STRING *ns;

  415.     EXTENDED_KEY_USAGE *extusage;

  416.     X509_EXTENSION *ex;

  417.     size_t i;

  418.     int j;

  419. 

  420.     CRYPTO_MUTEX_lock_read(&x->lock);

  421.     const int is_set = x->ex_flags & EXFLAG_SET;

  422.     CRYPTO_MUTEX_unlock_read(&x->lock);

  423. 

  424.     if (is_set) {

  425.         return;

  426.     }

  427. 

  428.     CRYPTO_MUTEX_lock_write(&x->lock);

  429.     if (x->ex_flags & EXFLAG_SET) {

  430.         CRYPTO_MUTEX_unlock_write(&x->lock);

  431.         return;

  432.     }

  433. 

  434.     X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);

  435.     /* V1 should mean no extensions ... */

  436.     if (!X509_get_version(x))

  437.         x->ex_flags |= EXFLAG_V1;

  438.     /* Handle basic constraints */

  439.     if ((bs = X509_get_ext_d2i(x, NID_basic_constraints, NULL, NULL))) {

  440.         if (bs->ca)

  441.             x->ex_flags |= EXFLAG_CA;

  442.         if (bs->pathlen) {

  443.             if ((bs->pathlen->type == V_ASN1_NEG_INTEGER)

  444.                 || !bs->ca) {

  445.                 x->ex_flags |= EXFLAG_INVALID;

  446.                 x->ex_pathlen = 0;

  447.             } else

  448.                 x->ex_pathlen = ASN1_INTEGER_get(bs->pathlen);

  449.         } else

  450.             x->ex_pathlen = -1;

  451.         BASIC_CONSTRAINTS_free(bs);

  452.         x->ex_flags |= EXFLAG_BCONS;

  453.     }

  454.     /* Handle proxy certificates */

  455.     if ((pci = X509_get_ext_d2i(x, NID_proxyCertInfo, NULL, NULL))) {

  456.         if (x->ex_flags & EXFLAG_CA

  457.             || X509_get_ext_by_NID(x, NID_subject_alt_name, -1) >= 0

  458.             || X509_get_ext_by_NID(x, NID_issuer_alt_name, -1) >= 0) {

  459.             x->ex_flags |= EXFLAG_INVALID;

  460.         }

  461.         if (pci->pcPathLengthConstraint) {

  462.             x->ex_pcpathlen = ASN1_INTEGER_get(pci->pcPathLengthConstraint);

  463.         } else

  464.             x->ex_pcpathlen = -1;

  465.         PROXY_CERT_INFO_EXTENSION_free(pci);

  466.         x->ex_flags |= EXFLAG_PROXY;

  467.     }

  468.     /* Handle key usage */

  469.     if ((usage = X509_get_ext_d2i(x, NID_key_usage, NULL, NULL))) {

  470.         if (usage->length > 0) {

  471.             x->ex_kusage = usage->data[0];

  472.             if (usage->length > 1)

  473.                 x->ex_kusage |= usage->data[1] << 8;

  474.         } else

  475.             x->ex_kusage = 0;

  476.         x->ex_flags |= EXFLAG_KUSAGE;

  477.         ASN1_BIT_STRING_free(usage);

  478.     }

  479.     x->ex_xkusage = 0;

  480.     if ((extusage = X509_get_ext_d2i(x, NID_ext_key_usage, NULL, NULL))) {

  481.         x->ex_flags |= EXFLAG_XKUSAGE;

  482.         for (i = 0; i < sk_ASN1_OBJECT_num(extusage); i++) {

  483.             switch (OBJ_obj2nid(sk_ASN1_OBJECT_value(extusage, i))) {

  484.             case NID_server_auth:

  485.                 x->ex_xkusage |= XKU_SSL_SERVER;

  486.                 break;

  487. 

  488.             case NID_client_auth:

  489.                 x->ex_xkusage |= XKU_SSL_CLIENT;

  490.                 break;

  491. 

  492.             case NID_email_protect:

  493.                 x->ex_xkusage |= XKU_SMIME;

  494.                 break;

  495. 

  496.             case NID_code_sign:

  497.                 x->ex_xkusage |= XKU_CODE_SIGN;

  498.                 break;

  499. 

  500.             case NID_ms_sgc:

  501.             case NID_ns_sgc:

  502.                 x->ex_xkusage |= XKU_SGC;

  503.                 break;

  504. 

  505.             case NID_OCSP_sign:

  506.                 x->ex_xkusage |= XKU_OCSP_SIGN;

  507.                 break;

  508. 

  509.             case NID_time_stamp:

  510.                 x->ex_xkusage |= XKU_TIMESTAMP;

  511.                 break;

  512. 

  513.             case NID_dvcs:

  514.                 x->ex_xkusage |= XKU_DVCS;

  515.                 break;

  516. 

  517.             case NID_anyExtendedKeyUsage:

  518.                 x->ex_xkusage |= XKU_ANYEKU;

  519.                 break;

  520.             }

  521.         }

  522.         sk_ASN1_OBJECT_pop_free(extusage, ASN1_OBJECT_free);

  523.     }

  524. 

  525.     if ((ns = X509_get_ext_d2i(x, NID_netscape_cert_type, NULL, NULL))) {

  526.         if (ns->length > 0)

  527.             x->ex_nscert = ns->data[0];

  528.         else

  529.             x->ex_nscert = 0;

  530.         x->ex_flags |= EXFLAG_NSCERT;

  531.         ASN1_BIT_STRING_free(ns);

  532.     }

  533.     x->skid = X509_get_ext_d2i(x, NID_subject_key_identifier, NULL, NULL);

  534.     x->akid = X509_get_ext_d2i(x, NID_authority_key_identifier, NULL, NULL);

  535.     /* Does subject name match issuer ? */

  536.     if (!X509_NAME_cmp(X509_get_subject_name(x), X509_get_issuer_name(x))) {

  537.         x->ex_flags |= EXFLAG_SI;

  538.         /* If SKID matches AKID also indicate self signed */

  539.         if (X509_check_akid(x, x->akid) == X509_V_OK &&

  540.             !ku_reject(x, KU_KEY_CERT_SIGN))

  541.             x->ex_flags |= EXFLAG_SS;

  542.     }

  543.     x->altname = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);

  544.     x->nc = X509_get_ext_d2i(x, NID_name_constraints, &j, NULL);

  545.     if (!x->nc && (j != -1))

  546.         x->ex_flags |= EXFLAG_INVALID;

  547.     setup_crldp(x);

  548. 

  549.     for (j = 0; j < X509_get_ext_count(x); j++) {

  550.         ex = X509_get_ext(x, j);

  551.         if (OBJ_obj2nid(X509_EXTENSION_get_object(ex))

  552.             == NID_freshest_crl)

  553.             x->ex_flags |= EXFLAG_FRESHEST;

  554.         if (!X509_EXTENSION_get_critical(ex))

  555.             continue;

  556.         if (!X509_supported_extension(ex)) {

  557.             x->ex_flags |= EXFLAG_CRITICAL;

  558.             break;

  559.         }

  560.     }

  561.     x->ex_flags |= EXFLAG_SET;

  562. 

  563.     CRYPTO_MUTEX_unlock_write(&x->lock);

  564. }

  565. 

  566. /*

  567.  * CA checks common to all purposes return codes: 0 not a CA 1 is a CA 2

  568.  * basicConstraints absent so "maybe" a CA 3 basicConstraints absent but self

  569.  * signed V1. 4 basicConstraints absent but keyUsage present and keyCertSign

  570.  * asserted.

  571.  */

  572. 

  573. static int check_ca(const X509 *x)

  574. {

  575.     /* keyUsage if present should allow cert signing */

  576.     if (ku_reject(x, KU_KEY_CERT_SIGN))

  577.         return 0;

  578.     if (x->ex_flags & EXFLAG_BCONS) {

  579.         if (x->ex_flags & EXFLAG_CA)

  580.             return 1;

  581.         /* If basicConstraints says not a CA then say so */

  582.         else

  583.             return 0;

  584.     } else {

  585.         /* we support V1 roots for...  uh, I don't really know why. */

  586.         if ((x->ex_flags & V1_ROOT) == V1_ROOT)

  587.             return 3;

  588.         /*

  589.          * If key usage present it must have certSign so tolerate it

  590.          */

  591.         else if (x->ex_flags & EXFLAG_KUSAGE)

  592.             return 4;

  593.         /* Older certificates could have Netscape-specific CA types */

  594.         else if (x->ex_flags & EXFLAG_NSCERT && x->ex_nscert & NS_ANY_CA)

  595.             return 5;

  596.         /* can this still be regarded a CA certificate?  I doubt it */

  597.         return 0;

  598.     }

  599. }

  600. 

  601. int X509_check_ca(X509 *x)

  602. {

  603.     x509v3_cache_extensions(x);

  604.     return check_ca(x);

  605. }

  606. 

  607. /* Check SSL CA: common checks for SSL client and server */

  608. static int check_ssl_ca(const X509 *x)

  609. {

  610.     int ca_ret;

  611.     ca_ret = check_ca(x);

  612.     if (!ca_ret)

  613.         return 0;

  614.     /* check nsCertType if present */

  615.     if (ca_ret != 5 || x->ex_nscert & NS_SSL_CA)

  616.         return ca_ret;

  617.     else

  618.         return 0;

  619. }

  620. 

  621. static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,

  622.                                     int ca)

  623. {

  624.     if (xku_reject(x, XKU_SSL_CLIENT))

  625.         return 0;

  626.     if (ca)

  627.         return check_ssl_ca(x);

  628.     /* We need to do digital signatures or key agreement */

  629.     if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_KEY_AGREEMENT))

  630.         return 0;

  631.     /* nsCertType if present should allow SSL client use */

  632.     if (ns_reject(x, NS_SSL_CLIENT))

  633.         return 0;

  634.     return 1;

  635. }

  636. 

  637. /*

  638.  * Key usage needed for TLS/SSL server: digital signature, encipherment or

  639.  * key agreement. The ssl code can check this more thoroughly for individual

  640.  * key types.

  641.  */

  642. #define KU_TLS \

  643.         (KU_DIGITAL_SIGNATURE|KU_KEY_ENCIPHERMENT|KU_KEY_AGREEMENT)

  644. 

  645. static int check_purpose_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  646.                                     int ca)

  647. {

  648.     if (xku_reject(x, XKU_SSL_SERVER | XKU_SGC))

  649.         return 0;

  650.     if (ca)

  651.         return check_ssl_ca(x);

  652. 

  653.     if (ns_reject(x, NS_SSL_SERVER))

  654.         return 0;

  655.     if (ku_reject(x, KU_TLS))

  656.         return 0;

  657. 

  658.     return 1;

  659. 

  660. }

  661. 

  662. static int check_purpose_ns_ssl_server(const X509_PURPOSE *xp, const X509 *x,

  663.                                        int ca)

  664. {

  665.     int ret;

  666.     ret = check_purpose_ssl_server(xp, x, ca);

  667.     if (!ret || ca)

  668.         return ret;

  669.     /* We need to encipher or Netscape complains */

  670.     if (ku_reject(x, KU_KEY_ENCIPHERMENT))

  671.         return 0;

  672.     return ret;

  673. }

  674. 

  675. /* common S/MIME checks */

  676. static int purpose_smime(const X509 *x, int ca)

  677. {

  678.     if (xku_reject(x, XKU_SMIME))

  679.         return 0;

  680.     if (ca) {

  681.         int ca_ret;

  682.         ca_ret = check_ca(x);

  683.         if (!ca_ret)

  684.             return 0;

  685.         /* check nsCertType if present */

  686.         if (ca_ret != 5 || x->ex_nscert & NS_SMIME_CA)

  687.             return ca_ret;

  688.         else

  689.             return 0;

  690.     }

  691.     if (x->ex_flags & EXFLAG_NSCERT) {

  692.         if (x->ex_nscert & NS_SMIME)

  693.             return 1;

  694.         /* Workaround for some buggy certificates */

  695.         if (x->ex_nscert & NS_SSL_CLIENT)

  696.             return 2;

  697.         return 0;

  698.     }

  699.     return 1;

  700. }

  701. 

  702. static int check_purpose_smime_sign(const X509_PURPOSE *xp, const X509 *x,

  703.                                     int ca)

  704. {

  705.     int ret;

  706.     ret = purpose_smime(x, ca);

  707.     if (!ret || ca)

  708.         return ret;

  709.     if (ku_reject(x, KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION))

  710.         return 0;

  711.     return ret;

  712. }

  713. 

  714. static int check_purpose_smime_encrypt(const X509_PURPOSE *xp, const X509 *x,

  715.                                        int ca)

  716. {

  717.     int ret;

  718.     ret = purpose_smime(x, ca);

  719.     if (!ret || ca)

  720.         return ret;

  721.     if (ku_reject(x, KU_KEY_ENCIPHERMENT))

  722.         return 0;

  723.     return ret;

  724. }

  725. 

  726. static int check_purpose_crl_sign(const X509_PURPOSE *xp, const X509 *x,

  727.                                   int ca)

  728. {

  729.     if (ca) {

  730.         int ca_ret;

  731.         if ((ca_ret = check_ca(x)) != 2)

  732.             return ca_ret;

  733.         else

  734.             return 0;

  735.     }

  736.     if (ku_reject(x, KU_CRL_SIGN))

  737.         return 0;

  738.     return 1;

  739. }

  740. 

  741. /*

  742.  * OCSP helper: this is *not* a full OCSP check. It just checks that each CA

  743.  * is valid. Additional checks must be made on the chain.

  744.  */

  745. 

  746. static int ocsp_helper(const X509_PURPOSE *xp, const X509 *x, int ca)

  747. {

  748.     /*

  749.      * Must be a valid CA.  Should we really support the "I don't know" value

  750.      * (2)?

  751.      */

  752.     if (ca)

  753.         return check_ca(x);

  754.     /* leaf certificate is checked in OCSP_verify() */

  755.     return 1;

  756. }

  757. 

  758. static int check_purpose_timestamp_sign(const X509_PURPOSE *xp, const X509 *x,

  759.                                         int ca)

  760. {

  761.     int i_ext;

  762. 

  763.     /* If ca is true we must return if this is a valid CA certificate. */

  764.     if (ca)

  765.         return check_ca(x);

  766. 

  767.     /*

  768.      * Check the optional key usage field:

  769.      * if Key Usage is present, it must be one of digitalSignature

  770.      * and/or nonRepudiation (other values are not consistent and shall

  771.      * be rejected).

  772.      */

  773.     if ((x->ex_flags & EXFLAG_KUSAGE)

  774.         && ((x->ex_kusage & ~(KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE)) ||

  775.             !(x->ex_kusage & (KU_NON_REPUDIATION | KU_DIGITAL_SIGNATURE))))

  776.         return 0;

  777. 

  778.     /* Only time stamp key usage is permitted and it's required. */

  779.     if (!(x->ex_flags & EXFLAG_XKUSAGE) || x->ex_xkusage != XKU_TIMESTAMP)

  780.         return 0;

  781. 

  782.     /* Extended Key Usage MUST be critical */

  783.     i_ext = X509_get_ext_by_NID((X509 *)x, NID_ext_key_usage, -1);

  784.     if (i_ext >= 0) {

  785.         X509_EXTENSION *ext = X509_get_ext((X509 *)x, i_ext);

  786.         if (!X509_EXTENSION_get_critical(ext))

  787.             return 0;

  788.     }

  789. 

  790.     return 1;

  791. }

  792. 

  793. static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca)

  794. {

  795.     return 1;

  796. }

  797. 

  798. /*

  799.  * Various checks to see if one certificate issued the second. This can be

  800.  * used to prune a set of possible issuer certificates which have been looked

  801.  * up using some simple method such as by subject name. These are: 1. Check

  802.  * issuer_name(subject) == subject_name(issuer) 2. If akid(subject) exists

  803.  * check it matches issuer 3. If key_usage(issuer) exists check it supports

  804.  * certificate signing returns 0 for OK, positive for reason for mismatch,

  805.  * reasons match codes for X509_verify_cert()

  806.  */

  807. 

  808. int X509_check_issued(X509 *issuer, X509 *subject)

  809. {

  810.     if (X509_NAME_cmp(X509_get_subject_name(issuer),

  811.                       X509_get_issuer_name(subject)))

  812.         return X509_V_ERR_SUBJECT_ISSUER_MISMATCH;

  813.     x509v3_cache_extensions(issuer);

  814.     x509v3_cache_extensions(subject);

  815. 

  816.     if (subject->akid) {

  817.         int ret = X509_check_akid(issuer, subject->akid);

  818.         if (ret != X509_V_OK)

  819.             return ret;

  820.     }

  821. 

  822.     if (subject->ex_flags & EXFLAG_PROXY) {

  823.         if (ku_reject(issuer, KU_DIGITAL_SIGNATURE))

  824.             return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE;

  825.     } else if (ku_reject(issuer, KU_KEY_CERT_SIGN))

  826.         return X509_V_ERR_KEYUSAGE_NO_CERTSIGN;

  827.     return X509_V_OK;

  828. }

  829. 

  830. int X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)

  831. {

  832. 

  833.     if (!akid)

  834.         return X509_V_OK;

  835. 

  836.     /* Check key ids (if present) */

  837.     if (akid->keyid && issuer->skid &&

  838.         ASN1_OCTET_STRING_cmp(akid->keyid, issuer->skid))

  839.         return X509_V_ERR_AKID_SKID_MISMATCH;

  840.     /* Check serial number */

  841.     if (akid->serial &&

  842.         ASN1_INTEGER_cmp(X509_get_serialNumber(issuer), akid->serial))

  843.         return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;

  844.     /* Check issuer name */

  845.     if (akid->issuer) {

  846.         /*

  847.          * Ugh, for some peculiar reason AKID includes SEQUENCE OF

  848.          * GeneralName. So look for a DirName. There may be more than one but

  849.          * we only take any notice of the first.

  850.          */

  851.         GENERAL_NAMES *gens;

  852.         GENERAL_NAME *gen;

  853.         X509_NAME *nm = NULL;

  854.         size_t i;

  855.         gens = akid->issuer;

  856.         for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) {

  857.             gen = sk_GENERAL_NAME_value(gens, i);

  858.             if (gen->type == GEN_DIRNAME) {

  859.                 nm = gen->d.dirn;

  860.                 break;

  861.             }

  862.         }

  863.         if (nm && X509_NAME_cmp(nm, X509_get_issuer_name(issuer)))

  864.             return X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH;

  865.     }

  866.     return X509_V_OK;

  867. }