[crypto] Add certstat() to display basic certificate information
[ipxe.git] / src / crypto / x509.c
1 /*
2 * Copyright (C) 2007 Michael Brown <mbrown@fensystems.co.uk>.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 * You can also choose to distribute this program under the terms of
20 * the Unmodified Binary Distribution Licence (as given in the file
21 * COPYING.UBDL), provided that you have satisfied its requirements.
22 */
23
24 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25
26 #include <stdlib.h>
27 #include <string.h>
28 #include <errno.h>
29 #include <assert.h>
30 #include <ipxe/list.h>
31 #include <ipxe/base16.h>
32 #include <ipxe/asn1.h>
33 #include <ipxe/crypto.h>
34 #include <ipxe/md5.h>
35 #include <ipxe/sha1.h>
36 #include <ipxe/sha256.h>
37 #include <ipxe/rsa.h>
38 #include <ipxe/rootcert.h>
39 #include <ipxe/certstore.h>
40 #include <ipxe/socket.h>
41 #include <ipxe/in.h>
42 #include <ipxe/image.h>
43 #include <ipxe/x509.h>
44 #include <config/crypto.h>
45
46 /** @file
47 *
48 * X.509 certificates
49 *
50 * The structure of X.509v3 certificates is documented in RFC 5280
51 * section 4.1.
52 */
53
54 /* Disambiguate the various error causes */
55 #define ENOTSUP_ALGORITHM \
56 __einfo_error ( EINFO_ENOTSUP_ALGORITHM )
57 #define EINFO_ENOTSUP_ALGORITHM \
58 __einfo_uniqify ( EINFO_ENOTSUP, 0x01, "Unsupported algorithm" )
59 #define ENOTSUP_EXTENSION \
60 __einfo_error ( EINFO_ENOTSUP_EXTENSION )
61 #define EINFO_ENOTSUP_EXTENSION \
62 __einfo_uniqify ( EINFO_ENOTSUP, 0x02, "Unsupported extension" )
63 #define EINVAL_ALGORITHM \
64 __einfo_error ( EINFO_EINVAL_ALGORITHM )
65 #define EINFO_EINVAL_ALGORITHM \
66 __einfo_uniqify ( EINFO_EINVAL, 0x01, "Invalid algorithm type" )
67 #define EINVAL_ALGORITHM_MISMATCH \
68 __einfo_error ( EINFO_EINVAL_ALGORITHM_MISMATCH )
69 #define EINFO_EINVAL_ALGORITHM_MISMATCH \
70 __einfo_uniqify ( EINFO_EINVAL, 0x04, "Signature algorithm mismatch" )
71 #define EINVAL_PATH_LEN \
72 __einfo_error ( EINFO_EINVAL_PATH_LEN )
73 #define EINFO_EINVAL_PATH_LEN \
74 __einfo_uniqify ( EINFO_EINVAL, 0x05, "Invalid pathLenConstraint" )
75 #define EINVAL_VERSION \
76 __einfo_error ( EINFO_EINVAL_VERSION )
77 #define EINFO_EINVAL_VERSION \
78 __einfo_uniqify ( EINFO_EINVAL, 0x06, "Invalid version" )
79 #define EACCES_WRONG_ISSUER \
80 __einfo_error ( EINFO_EACCES_WRONG_ISSUER )
81 #define EINFO_EACCES_WRONG_ISSUER \
82 __einfo_uniqify ( EINFO_EACCES, 0x01, "Wrong issuer" )
83 #define EACCES_NOT_CA \
84 __einfo_error ( EINFO_EACCES_NOT_CA )
85 #define EINFO_EACCES_NOT_CA \
86 __einfo_uniqify ( EINFO_EACCES, 0x02, "Not a CA certificate" )
87 #define EACCES_KEY_USAGE \
88 __einfo_error ( EINFO_EACCES_KEY_USAGE )
89 #define EINFO_EACCES_KEY_USAGE \
90 __einfo_uniqify ( EINFO_EACCES, 0x03, "Incorrect key usage" )
91 #define EACCES_EXPIRED \
92 __einfo_error ( EINFO_EACCES_EXPIRED )
93 #define EINFO_EACCES_EXPIRED \
94 __einfo_uniqify ( EINFO_EACCES, 0x04, "Expired (or not yet valid)" )
95 #define EACCES_PATH_LEN \
96 __einfo_error ( EINFO_EACCES_PATH_LEN )
97 #define EINFO_EACCES_PATH_LEN \
98 __einfo_uniqify ( EINFO_EACCES, 0x05, "Maximum path length exceeded" )
99 #define EACCES_UNTRUSTED \
100 __einfo_error ( EINFO_EACCES_UNTRUSTED )
101 #define EINFO_EACCES_UNTRUSTED \
102 __einfo_uniqify ( EINFO_EACCES, 0x06, "Untrusted root certificate" )
103 #define EACCES_OUT_OF_ORDER \
104 __einfo_error ( EINFO_EACCES_OUT_OF_ORDER )
105 #define EINFO_EACCES_OUT_OF_ORDER \
106 __einfo_uniqify ( EINFO_EACCES, 0x07, "Validation out of order" )
107 #define EACCES_EMPTY \
108 __einfo_error ( EINFO_EACCES_EMPTY )
109 #define EINFO_EACCES_EMPTY \
110 __einfo_uniqify ( EINFO_EACCES, 0x08, "Empty certificate chain" )
111 #define EACCES_OCSP_REQUIRED \
112 __einfo_error ( EINFO_EACCES_OCSP_REQUIRED )
113 #define EINFO_EACCES_OCSP_REQUIRED \
114 __einfo_uniqify ( EINFO_EACCES, 0x09, "OCSP check required" )
115 #define EACCES_WRONG_NAME \
116 __einfo_error ( EINFO_EACCES_WRONG_NAME )
117 #define EINFO_EACCES_WRONG_NAME \
118 __einfo_uniqify ( EINFO_EACCES, 0x0a, "Incorrect certificate name" )
119 #define EACCES_USELESS \
120 __einfo_error ( EINFO_EACCES_USELESS )
121 #define EINFO_EACCES_USELESS \
122 __einfo_uniqify ( EINFO_EACCES, 0x0b, "No usable certificates" )
123
124 /**
125 * Get X.509 certificate display name
126 *
127 * @v cert X.509 certificate
128 * @ret name Display name
129 */
130 const char * x509_name ( struct x509_certificate *cert ) {
131 struct asn1_cursor *common_name = &cert->subject.common_name;
132 struct digest_algorithm *digest = &sha1_algorithm;
133 static char buf[64];
134 uint8_t fingerprint[ digest->digestsize ];
135 size_t len;
136
137 len = common_name->len;
138 if ( len ) {
139 /* Certificate has a commonName: use that */
140 if ( len > ( sizeof ( buf ) - 1 /* NUL */ ) )
141 len = ( sizeof ( buf ) - 1 /* NUL */ );
142 memcpy ( buf, common_name->data, len );
143 buf[len] = '\0';
144 } else {
145 /* Certificate has no commonName: use SHA-1 fingerprint */
146 x509_fingerprint ( cert, digest, fingerprint );
147 base16_encode ( fingerprint, sizeof ( fingerprint ),
148 buf, sizeof ( buf ) );
149 }
150 return buf;
151 }
152
153 /** "commonName" object identifier */
154 static uint8_t oid_common_name[] = { ASN1_OID_COMMON_NAME };
155
156 /** "commonName" object identifier cursor */
157 static struct asn1_cursor oid_common_name_cursor =
158 ASN1_OID_CURSOR ( oid_common_name );
159
160 /**
161 * Parse X.509 certificate version
162 *
163 * @v cert X.509 certificate
164 * @v raw ASN.1 cursor
165 * @ret rc Return status code
166 */
167 static int x509_parse_version ( struct x509_certificate *cert,
168 const struct asn1_cursor *raw ) {
169 struct asn1_cursor cursor;
170 int version;
171 int rc;
172
173 /* Enter version */
174 memcpy ( &cursor, raw, sizeof ( cursor ) );
175 asn1_enter ( &cursor, ASN1_EXPLICIT_TAG ( 0 ) );
176
177 /* Parse integer */
178 if ( ( rc = asn1_integer ( &cursor, &version ) ) != 0 ) {
179 DBGC ( cert, "X509 %p cannot parse version: %s\n",
180 cert, strerror ( rc ) );
181 DBGC_HDA ( cert, 0, raw->data, raw->len );
182 return rc;
183 }
184
185 /* Sanity check */
186 if ( version < 0 ) {
187 DBGC ( cert, "X509 %p invalid version %d\n", cert, version );
188 DBGC_HDA ( cert, 0, raw->data, raw->len );
189 return -EINVAL_VERSION;
190 }
191
192 /* Record version */
193 cert->version = version;
194 DBGC2 ( cert, "X509 %p is a version %d certificate\n",
195 cert, ( cert->version + 1 ) );
196
197 return 0;
198 }
199
200 /**
201 * Parse X.509 certificate serial number
202 *
203 * @v cert X.509 certificate
204 * @v raw ASN.1 cursor
205 * @ret rc Return status code
206 */
207 static int x509_parse_serial ( struct x509_certificate *cert,
208 const struct asn1_cursor *raw ) {
209 struct x509_serial *serial = &cert->serial;
210 int rc;
211
212 /* Record raw serial number */
213 memcpy ( &serial->raw, raw, sizeof ( serial->raw ) );
214 if ( ( rc = asn1_shrink ( &serial->raw, ASN1_INTEGER ) ) != 0 ) {
215 DBGC ( cert, "X509 %p cannot shrink serialNumber: %s\n",
216 cert, strerror ( rc ) );
217 return rc;
218 }
219 DBGC2 ( cert, "X509 %p issuer is:\n", cert );
220 DBGC2_HDA ( cert, 0, serial->raw.data, serial->raw.len );
221
222 return 0;
223 }
224
225 /**
226 * Parse X.509 certificate issuer
227 *
228 * @v cert X.509 certificate
229 * @v raw ASN.1 cursor
230 * @ret rc Return status code
231 */
232 static int x509_parse_issuer ( struct x509_certificate *cert,
233 const struct asn1_cursor *raw ) {
234 struct x509_issuer *issuer = &cert->issuer;
235 int rc;
236
237 /* Record raw issuer */
238 memcpy ( &issuer->raw, raw, sizeof ( issuer->raw ) );
239 if ( ( rc = asn1_shrink ( &issuer->raw, ASN1_SEQUENCE ) ) != 0 ) {
240 DBGC ( cert, "X509 %p cannot shrink issuer: %s\n",
241 cert, strerror ( rc ) );
242 return rc;
243 }
244 DBGC2 ( cert, "X509 %p issuer is:\n", cert );
245 DBGC2_HDA ( cert, 0, issuer->raw.data, issuer->raw.len );
246
247 return 0;
248 }
249
250 /**
251 * Parse X.509 certificate validity
252 *
253 * @v cert X.509 certificate
254 * @v raw ASN.1 cursor
255 * @ret rc Return status code
256 */
257 static int x509_parse_validity ( struct x509_certificate *cert,
258 const struct asn1_cursor *raw ) {
259 struct x509_validity *validity = &cert->validity;
260 struct x509_time *not_before = &validity->not_before;
261 struct x509_time *not_after = &validity->not_after;
262 struct asn1_cursor cursor;
263 int rc;
264
265 /* Enter validity */
266 memcpy ( &cursor, raw, sizeof ( cursor ) );
267 asn1_enter ( &cursor, ASN1_SEQUENCE );
268
269 /* Parse notBefore */
270 if ( ( rc = asn1_generalized_time ( &cursor,
271 &not_before->time ) ) != 0 ) {
272 DBGC ( cert, "X509 %p cannot parse notBefore: %s\n",
273 cert, strerror ( rc ) );
274 return rc;
275 }
276 DBGC2 ( cert, "X509 %p valid from time %lld\n",
277 cert, not_before->time );
278 asn1_skip_any ( &cursor );
279
280 /* Parse notAfter */
281 if ( ( rc = asn1_generalized_time ( &cursor,
282 &not_after->time ) ) != 0 ) {
283 DBGC ( cert, "X509 %p cannot parse notAfter: %s\n",
284 cert, strerror ( rc ) );
285 return rc;
286 }
287 DBGC2 ( cert, "X509 %p valid until time %lld\n",
288 cert, not_after->time );
289
290 return 0;
291 }
292
293 /**
294 * Parse X.509 certificate common name
295 *
296 * @v cert X.509 certificate
297 * @v raw ASN.1 cursor
298 * @ret rc Return status code
299 */
300 static int x509_parse_common_name ( struct x509_certificate *cert,
301 const struct asn1_cursor *raw ) {
302 struct asn1_cursor cursor;
303 struct asn1_cursor oid_cursor;
304 struct asn1_cursor name_cursor;
305 int rc;
306
307 /* Enter name */
308 memcpy ( &cursor, raw, sizeof ( cursor ) );
309 asn1_enter ( &cursor, ASN1_SEQUENCE );
310
311 /* Scan through name list */
312 for ( ; cursor.len ; asn1_skip_any ( &cursor ) ) {
313
314 /* Check for "commonName" OID */
315 memcpy ( &oid_cursor, &cursor, sizeof ( oid_cursor ) );
316 asn1_enter ( &oid_cursor, ASN1_SET );
317 asn1_enter ( &oid_cursor, ASN1_SEQUENCE );
318 memcpy ( &name_cursor, &oid_cursor, sizeof ( name_cursor ) );
319 asn1_enter ( &oid_cursor, ASN1_OID );
320 if ( asn1_compare ( &oid_common_name_cursor, &oid_cursor ) != 0)
321 continue;
322 asn1_skip_any ( &name_cursor );
323 if ( ( rc = asn1_enter_any ( &name_cursor ) ) != 0 ) {
324 DBGC ( cert, "X509 %p cannot locate name:\n", cert );
325 DBGC_HDA ( cert, 0, raw->data, raw->len );
326 return rc;
327 }
328
329 /* Record common name */
330 memcpy ( &cert->subject.common_name, &name_cursor,
331 sizeof ( cert->subject.common_name ) );
332
333 return 0;
334 }
335
336 /* Certificates may not have a commonName */
337 DBGC2 ( cert, "X509 %p no commonName found:\n", cert );
338 return 0;
339 }
340
341 /**
342 * Parse X.509 certificate subject
343 *
344 * @v cert X.509 certificate
345 * @v raw ASN.1 cursor
346 * @ret rc Return status code
347 */
348 static int x509_parse_subject ( struct x509_certificate *cert,
349 const struct asn1_cursor *raw ) {
350 struct x509_subject *subject = &cert->subject;
351 int rc;
352
353 /* Record raw subject */
354 memcpy ( &subject->raw, raw, sizeof ( subject->raw ) );
355 asn1_shrink_any ( &subject->raw );
356 DBGC2 ( cert, "X509 %p subject is:\n", cert );
357 DBGC2_HDA ( cert, 0, subject->raw.data, subject->raw.len );
358
359 /* Parse common name */
360 if ( ( rc = x509_parse_common_name ( cert, raw ) ) != 0 )
361 return rc;
362 DBGC2 ( cert, "X509 %p common name is \"%s\":\n", cert,
363 x509_name ( cert ) );
364
365 return 0;
366 }
367
368 /**
369 * Parse X.509 certificate public key information
370 *
371 * @v cert X.509 certificate
372 * @v raw ASN.1 cursor
373 * @ret rc Return status code
374 */
375 static int x509_parse_public_key ( struct x509_certificate *cert,
376 const struct asn1_cursor *raw ) {
377 struct x509_public_key *public_key = &cert->subject.public_key;
378 struct asn1_algorithm **algorithm = &public_key->algorithm;
379 struct asn1_bit_string *raw_bits = &public_key->raw_bits;
380 struct asn1_cursor cursor;
381 int rc;
382
383 /* Record raw subjectPublicKeyInfo */
384 memcpy ( &cursor, raw, sizeof ( cursor ) );
385 asn1_shrink_any ( &cursor );
386 memcpy ( &public_key->raw, &cursor, sizeof ( public_key->raw ) );
387 DBGC2 ( cert, "X509 %p public key is:\n", cert );
388 DBGC2_HDA ( cert, 0, public_key->raw.data, public_key->raw.len );
389
390 /* Enter subjectPublicKeyInfo */
391 asn1_enter ( &cursor, ASN1_SEQUENCE );
392
393 /* Parse algorithm */
394 if ( ( rc = asn1_pubkey_algorithm ( &cursor, algorithm ) ) != 0 ) {
395 DBGC ( cert, "X509 %p could not parse public key algorithm: "
396 "%s\n", cert, strerror ( rc ) );
397 return rc;
398 }
399 DBGC2 ( cert, "X509 %p public key algorithm is %s\n",
400 cert, (*algorithm)->name );
401 asn1_skip_any ( &cursor );
402
403 /* Parse bit string */
404 if ( ( rc = asn1_bit_string ( &cursor, raw_bits ) ) != 0 ) {
405 DBGC ( cert, "X509 %p could not parse public key bits: %s\n",
406 cert, strerror ( rc ) );
407 return rc;
408 }
409
410 return 0;
411 }
412
413 /**
414 * Parse X.509 certificate basic constraints
415 *
416 * @v cert X.509 certificate
417 * @v raw ASN.1 cursor
418 * @ret rc Return status code
419 */
420 static int x509_parse_basic_constraints ( struct x509_certificate *cert,
421 const struct asn1_cursor *raw ) {
422 struct x509_basic_constraints *basic = &cert->extensions.basic;
423 struct asn1_cursor cursor;
424 int ca = 0;
425 int path_len;
426 int rc;
427
428 /* Enter basicConstraints */
429 memcpy ( &cursor, raw, sizeof ( cursor ) );
430 asn1_enter ( &cursor, ASN1_SEQUENCE );
431
432 /* Parse "cA", if present */
433 if ( asn1_type ( &cursor ) == ASN1_BOOLEAN ) {
434 ca = asn1_boolean ( &cursor );
435 if ( ca < 0 ) {
436 rc = ca;
437 DBGC ( cert, "X509 %p cannot parse cA: %s\n",
438 cert, strerror ( rc ) );
439 DBGC_HDA ( cert, 0, raw->data, raw->len );
440 return rc;
441 }
442 asn1_skip_any ( &cursor );
443 }
444 basic->ca = ca;
445 DBGC2 ( cert, "X509 %p is %sa CA certificate\n",
446 cert, ( basic->ca ? "" : "not " ) );
447
448 /* Ignore everything else unless "cA" is true */
449 if ( ! ca )
450 return 0;
451
452 /* Parse "pathLenConstraint", if present and applicable */
453 basic->path_len = X509_PATH_LEN_UNLIMITED;
454 if ( asn1_type ( &cursor ) == ASN1_INTEGER ) {
455 if ( ( rc = asn1_integer ( &cursor, &path_len ) ) != 0 ) {
456 DBGC ( cert, "X509 %p cannot parse pathLenConstraint: "
457 "%s\n", cert, strerror ( rc ) );
458 DBGC_HDA ( cert, 0, raw->data, raw->len );
459 return rc;
460 }
461 if ( path_len < 0 ) {
462 DBGC ( cert, "X509 %p invalid pathLenConstraint %d\n",
463 cert, path_len );
464 DBGC_HDA ( cert, 0, raw->data, raw->len );
465 return -EINVAL;
466 }
467 basic->path_len = path_len;
468 DBGC2 ( cert, "X509 %p path length constraint is %d\n",
469 cert, basic->path_len );
470 }
471
472 return 0;
473 }
474
475 /**
476 * Parse X.509 certificate key usage
477 *
478 * @v cert X.509 certificate
479 * @v raw ASN.1 cursor
480 * @ret rc Return status code
481 */
482 static int x509_parse_key_usage ( struct x509_certificate *cert,
483 const struct asn1_cursor *raw ) {
484 struct x509_key_usage *usage = &cert->extensions.usage;
485 struct asn1_bit_string bit_string;
486 const uint8_t *bytes;
487 size_t len;
488 unsigned int i;
489 int rc;
490
491 /* Mark extension as present */
492 usage->present = 1;
493
494 /* Parse bit string */
495 if ( ( rc = asn1_bit_string ( raw, &bit_string ) ) != 0 ) {
496 DBGC ( cert, "X509 %p could not parse key usage: %s\n",
497 cert, strerror ( rc ) );
498 return rc;
499 }
500
501 /* Parse key usage bits */
502 bytes = bit_string.data;
503 len = bit_string.len;
504 if ( len > sizeof ( usage->bits ) )
505 len = sizeof ( usage->bits );
506 for ( i = 0 ; i < len ; i++ ) {
507 usage->bits |= ( *(bytes++) << ( 8 * i ) );
508 }
509 DBGC2 ( cert, "X509 %p key usage is %08x\n", cert, usage->bits );
510
511 return 0;
512 }
513
514 /** "id-kp-codeSigning" object identifier */
515 static uint8_t oid_code_signing[] = { ASN1_OID_CODESIGNING };
516
517 /** "id-kp-OCSPSigning" object identifier */
518 static uint8_t oid_ocsp_signing[] = { ASN1_OID_OCSPSIGNING };
519
520 /** Supported key purposes */
521 static struct x509_key_purpose x509_key_purposes[] = {
522 {
523 .name = "codeSigning",
524 .bits = X509_CODE_SIGNING,
525 .oid = ASN1_OID_CURSOR ( oid_code_signing ),
526 },
527 {
528 .name = "ocspSigning",
529 .bits = X509_OCSP_SIGNING,
530 .oid = ASN1_OID_CURSOR ( oid_ocsp_signing ),
531 },
532 };
533
534 /**
535 * Parse X.509 certificate key purpose identifier
536 *
537 * @v cert X.509 certificate
538 * @v raw ASN.1 cursor
539 * @ret rc Return status code
540 */
541 static int x509_parse_key_purpose ( struct x509_certificate *cert,
542 const struct asn1_cursor *raw ) {
543 struct x509_extended_key_usage *ext_usage = &cert->extensions.ext_usage;
544 struct x509_key_purpose *purpose;
545 struct asn1_cursor cursor;
546 unsigned int i;
547 int rc;
548
549 /* Enter keyPurposeId */
550 memcpy ( &cursor, raw, sizeof ( cursor ) );
551 if ( ( rc = asn1_enter ( &cursor, ASN1_OID ) ) != 0 ) {
552 DBGC ( cert, "X509 %p invalid keyPurposeId:\n", cert );
553 DBGC_HDA ( cert, 0, raw->data, raw->len );
554 return rc;
555 }
556
557 /* Identify key purpose */
558 for ( i = 0 ; i < ( sizeof ( x509_key_purposes ) /
559 sizeof ( x509_key_purposes[0] ) ) ; i++ ) {
560 purpose = &x509_key_purposes[i];
561 if ( asn1_compare ( &cursor, &purpose->oid ) == 0 ) {
562 DBGC2 ( cert, "X509 %p has key purpose %s\n",
563 cert, purpose->name );
564 ext_usage->bits |= purpose->bits;
565 return 0;
566 }
567 }
568
569 /* Ignore unrecognised key purposes */
570 return 0;
571 }
572
573 /**
574 * Parse X.509 certificate extended key usage
575 *
576 * @v cert X.509 certificate
577 * @v raw ASN.1 cursor
578 * @ret rc Return status code
579 */
580 static int x509_parse_extended_key_usage ( struct x509_certificate *cert,
581 const struct asn1_cursor *raw ) {
582 struct asn1_cursor cursor;
583 int rc;
584
585 /* Enter extKeyUsage */
586 memcpy ( &cursor, raw, sizeof ( cursor ) );
587 asn1_enter ( &cursor, ASN1_SEQUENCE );
588
589 /* Parse each extended key usage in turn */
590 while ( cursor.len ) {
591 if ( ( rc = x509_parse_key_purpose ( cert, &cursor ) ) != 0 )
592 return rc;
593 asn1_skip_any ( &cursor );
594 }
595
596 return 0;
597 }
598
599 /**
600 * Parse X.509 certificate OCSP access method
601 *
602 * @v cert X.509 certificate
603 * @v raw ASN.1 cursor
604 * @ret rc Return status code
605 */
606 static int x509_parse_ocsp ( struct x509_certificate *cert,
607 const struct asn1_cursor *raw ) {
608 struct x509_ocsp_responder *ocsp = &cert->extensions.auth_info.ocsp;
609 struct asn1_cursor *uri = &ocsp->uri;
610 int rc;
611
612 /* Enter accessLocation */
613 memcpy ( uri, raw, sizeof ( *uri ) );
614 if ( ( rc = asn1_enter ( uri, X509_GENERAL_NAME_URI ) ) != 0 ) {
615 DBGC ( cert, "X509 %p OCSP does not contain "
616 "uniformResourceIdentifier:\n", cert );
617 DBGC_HDA ( cert, 0, raw->data, raw->len );
618 return rc;
619 }
620 DBGC2 ( cert, "X509 %p OCSP URI is:\n", cert );
621 DBGC2_HDA ( cert, 0, uri->data, uri->len );
622
623 return 0;
624 }
625
626 /** "id-ad-ocsp" object identifier */
627 static uint8_t oid_ad_ocsp[] = { ASN1_OID_OCSP };
628
629 /** Supported access methods */
630 static struct x509_access_method x509_access_methods[] = {
631 {
632 .name = "OCSP",
633 .oid = ASN1_OID_CURSOR ( oid_ad_ocsp ),
634 .parse = x509_parse_ocsp,
635 },
636 };
637
638 /**
639 * Identify X.509 access method by OID
640 *
641 * @v oid OID
642 * @ret method Access method, or NULL
643 */
644 static struct x509_access_method *
645 x509_find_access_method ( const struct asn1_cursor *oid ) {
646 struct x509_access_method *method;
647 unsigned int i;
648
649 for ( i = 0 ; i < ( sizeof ( x509_access_methods ) /
650 sizeof ( x509_access_methods[0] ) ) ; i++ ) {
651 method = &x509_access_methods[i];
652 if ( asn1_compare ( &method->oid, oid ) == 0 )
653 return method;
654 }
655
656 return NULL;
657 }
658
659 /**
660 * Parse X.509 certificate access description
661 *
662 * @v cert X.509 certificate
663 * @v raw ASN.1 cursor
664 * @ret rc Return status code
665 */
666 static int x509_parse_access_description ( struct x509_certificate *cert,
667 const struct asn1_cursor *raw ) {
668 struct asn1_cursor cursor;
669 struct asn1_cursor subcursor;
670 struct x509_access_method *method;
671 int rc;
672
673 /* Enter keyPurposeId */
674 memcpy ( &cursor, raw, sizeof ( cursor ) );
675 asn1_enter ( &cursor, ASN1_SEQUENCE );
676
677 /* Try to identify access method */
678 memcpy ( &subcursor, &cursor, sizeof ( subcursor ) );
679 asn1_enter ( &subcursor, ASN1_OID );
680 method = x509_find_access_method ( &subcursor );
681 asn1_skip_any ( &cursor );
682 DBGC2 ( cert, "X509 %p found access method %s\n",
683 cert, ( method ? method->name : "<unknown>" ) );
684
685 /* Parse access location, if applicable */
686 if ( method && ( ( rc = method->parse ( cert, &cursor ) ) != 0 ) )
687 return rc;
688
689 return 0;
690 }
691
692 /**
693 * Parse X.509 certificate authority information access
694 *
695 * @v cert X.509 certificate
696 * @v raw ASN.1 cursor
697 * @ret rc Return status code
698 */
699 static int x509_parse_authority_info_access ( struct x509_certificate *cert,
700 const struct asn1_cursor *raw ) {
701 struct asn1_cursor cursor;
702 int rc;
703
704 /* Enter authorityInfoAccess */
705 memcpy ( &cursor, raw, sizeof ( cursor ) );
706 asn1_enter ( &cursor, ASN1_SEQUENCE );
707
708 /* Parse each access description in turn */
709 while ( cursor.len ) {
710 if ( ( rc = x509_parse_access_description ( cert,
711 &cursor ) ) != 0 )
712 return rc;
713 asn1_skip_any ( &cursor );
714 }
715
716 return 0;
717 }
718
719 /**
720 * Parse X.509 certificate subject alternative name
721 *
722 * @v cert X.509 certificate
723 * @v raw ASN.1 cursor
724 * @ret rc Return status code
725 */
726 static int x509_parse_subject_alt_name ( struct x509_certificate *cert,
727 const struct asn1_cursor *raw ) {
728 struct x509_subject_alt_name *alt_name = &cert->extensions.alt_name;
729 struct asn1_cursor *names = &alt_name->names;
730 int rc;
731
732 /* Enter subjectAltName */
733 memcpy ( names, raw, sizeof ( *names ) );
734 if ( ( rc = asn1_enter ( names, ASN1_SEQUENCE ) ) != 0 ) {
735 DBGC ( cert, "X509 %p invalid subjectAltName: %s\n",
736 cert, strerror ( rc ) );
737 DBGC_HDA ( cert, 0, raw->data, raw->len );
738 return rc;
739 }
740 DBGC2 ( cert, "X509 %p has subjectAltName:\n", cert );
741 DBGC2_HDA ( cert, 0, names->data, names->len );
742
743 return 0;
744 }
745
746 /** "id-ce-basicConstraints" object identifier */
747 static uint8_t oid_ce_basic_constraints[] =
748 { ASN1_OID_BASICCONSTRAINTS };
749
750 /** "id-ce-keyUsage" object identifier */
751 static uint8_t oid_ce_key_usage[] =
752 { ASN1_OID_KEYUSAGE };
753
754 /** "id-ce-extKeyUsage" object identifier */
755 static uint8_t oid_ce_ext_key_usage[] =
756 { ASN1_OID_EXTKEYUSAGE };
757
758 /** "id-pe-authorityInfoAccess" object identifier */
759 static uint8_t oid_pe_authority_info_access[] =
760 { ASN1_OID_AUTHORITYINFOACCESS };
761
762 /** "id-ce-subjectAltName" object identifier */
763 static uint8_t oid_ce_subject_alt_name[] =
764 { ASN1_OID_SUBJECTALTNAME };
765
766 /** Supported certificate extensions */
767 static struct x509_extension x509_extensions[] = {
768 {
769 .name = "basicConstraints",
770 .oid = ASN1_OID_CURSOR ( oid_ce_basic_constraints ),
771 .parse = x509_parse_basic_constraints,
772 },
773 {
774 .name = "keyUsage",
775 .oid = ASN1_OID_CURSOR ( oid_ce_key_usage ),
776 .parse = x509_parse_key_usage,
777 },
778 {
779 .name = "extKeyUsage",
780 .oid = ASN1_OID_CURSOR ( oid_ce_ext_key_usage ),
781 .parse = x509_parse_extended_key_usage,
782 },
783 {
784 .name = "authorityInfoAccess",
785 .oid = ASN1_OID_CURSOR ( oid_pe_authority_info_access ),
786 .parse = x509_parse_authority_info_access,
787 },
788 {
789 .name = "subjectAltName",
790 .oid = ASN1_OID_CURSOR ( oid_ce_subject_alt_name ),
791 .parse = x509_parse_subject_alt_name,
792 },
793 };
794
795 /**
796 * Identify X.509 extension by OID
797 *
798 * @v oid OID
799 * @ret extension Extension, or NULL
800 */
801 static struct x509_extension *
802 x509_find_extension ( const struct asn1_cursor *oid ) {
803 struct x509_extension *extension;
804 unsigned int i;
805
806 for ( i = 0 ; i < ( sizeof ( x509_extensions ) /
807 sizeof ( x509_extensions[0] ) ) ; i++ ) {
808 extension = &x509_extensions[i];
809 if ( asn1_compare ( &extension->oid, oid ) == 0 )
810 return extension;
811 }
812
813 return NULL;
814 }
815
816 /**
817 * Parse X.509 certificate extension
818 *
819 * @v cert X.509 certificate
820 * @v raw ASN.1 cursor
821 * @ret rc Return status code
822 */
823 static int x509_parse_extension ( struct x509_certificate *cert,
824 const struct asn1_cursor *raw ) {
825 struct asn1_cursor cursor;
826 struct asn1_cursor subcursor;
827 struct x509_extension *extension;
828 int is_critical = 0;
829 int rc;
830
831 /* Enter extension */
832 memcpy ( &cursor, raw, sizeof ( cursor ) );
833 asn1_enter ( &cursor, ASN1_SEQUENCE );
834
835 /* Try to identify extension */
836 memcpy ( &subcursor, &cursor, sizeof ( subcursor ) );
837 asn1_enter ( &subcursor, ASN1_OID );
838 extension = x509_find_extension ( &subcursor );
839 asn1_skip_any ( &cursor );
840 DBGC2 ( cert, "X509 %p found extension %s\n",
841 cert, ( extension ? extension->name : "<unknown>" ) );
842
843 /* Identify criticality */
844 if ( asn1_type ( &cursor ) == ASN1_BOOLEAN ) {
845 is_critical = asn1_boolean ( &cursor );
846 if ( is_critical < 0 ) {
847 rc = is_critical;
848 DBGC ( cert, "X509 %p cannot parse extension "
849 "criticality: %s\n", cert, strerror ( rc ) );
850 DBGC_HDA ( cert, 0, raw->data, raw->len );
851 return rc;
852 }
853 asn1_skip_any ( &cursor );
854 }
855
856 /* Handle unknown extensions */
857 if ( ! extension ) {
858 if ( is_critical ) {
859 /* Fail if we cannot handle a critical extension */
860 DBGC ( cert, "X509 %p cannot handle critical "
861 "extension:\n", cert );
862 DBGC_HDA ( cert, 0, raw->data, raw->len );
863 return -ENOTSUP_EXTENSION;
864 } else {
865 /* Ignore unknown non-critical extensions */
866 return 0;
867 }
868 };
869
870 /* Extract extnValue */
871 if ( ( rc = asn1_enter ( &cursor, ASN1_OCTET_STRING ) ) != 0 ) {
872 DBGC ( cert, "X509 %p extension missing extnValue:\n", cert );
873 DBGC_HDA ( cert, 0, raw->data, raw->len );
874 return rc;
875 }
876
877 /* Parse extension */
878 if ( ( rc = extension->parse ( cert, &cursor ) ) != 0 )
879 return rc;
880
881 return 0;
882 }
883
884 /**
885 * Parse X.509 certificate extensions, if present
886 *
887 * @v cert X.509 certificate
888 * @v raw ASN.1 cursor
889 * @ret rc Return status code
890 */
891 static int x509_parse_extensions ( struct x509_certificate *cert,
892 const struct asn1_cursor *raw ) {
893 struct asn1_cursor cursor;
894 int rc;
895
896 /* Enter extensions, if present */
897 memcpy ( &cursor, raw, sizeof ( cursor ) );
898 asn1_enter ( &cursor, ASN1_EXPLICIT_TAG ( 3 ) );
899 asn1_enter ( &cursor, ASN1_SEQUENCE );
900
901 /* Parse each extension in turn */
902 while ( cursor.len ) {
903 if ( ( rc = x509_parse_extension ( cert, &cursor ) ) != 0 )
904 return rc;
905 asn1_skip_any ( &cursor );
906 }
907
908 return 0;
909 }
910
911 /**
912 * Parse X.509 certificate tbsCertificate
913 *
914 * @v cert X.509 certificate
915 * @v raw ASN.1 cursor
916 * @ret rc Return status code
917 */
918 static int x509_parse_tbscertificate ( struct x509_certificate *cert,
919 const struct asn1_cursor *raw ) {
920 struct asn1_algorithm **algorithm = &cert->signature_algorithm;
921 struct asn1_cursor cursor;
922 int rc;
923
924 /* Record raw tbsCertificate */
925 memcpy ( &cursor, raw, sizeof ( cursor ) );
926 asn1_shrink_any ( &cursor );
927 memcpy ( &cert->tbs, &cursor, sizeof ( cert->tbs ) );
928
929 /* Enter tbsCertificate */
930 asn1_enter ( &cursor, ASN1_SEQUENCE );
931
932 /* Parse version, if present */
933 if ( asn1_type ( &cursor ) == ASN1_EXPLICIT_TAG ( 0 ) ) {
934 if ( ( rc = x509_parse_version ( cert, &cursor ) ) != 0 )
935 return rc;
936 asn1_skip_any ( &cursor );
937 }
938
939 /* Parse serialNumber */
940 if ( ( rc = x509_parse_serial ( cert, &cursor ) ) != 0 )
941 return rc;
942 asn1_skip_any ( &cursor );
943
944 /* Parse signature */
945 if ( ( rc = asn1_signature_algorithm ( &cursor, algorithm ) ) != 0 ) {
946 DBGC ( cert, "X509 %p could not parse signature algorithm: "
947 "%s\n", cert, strerror ( rc ) );
948 return rc;
949 }
950 DBGC2 ( cert, "X509 %p tbsCertificate signature algorithm is %s\n",
951 cert, (*algorithm)->name );
952 asn1_skip_any ( &cursor );
953
954 /* Parse issuer */
955 if ( ( rc = x509_parse_issuer ( cert, &cursor ) ) != 0 )
956 return rc;
957 asn1_skip_any ( &cursor );
958
959 /* Parse validity */
960 if ( ( rc = x509_parse_validity ( cert, &cursor ) ) != 0 )
961 return rc;
962 asn1_skip_any ( &cursor );
963
964 /* Parse subject */
965 if ( ( rc = x509_parse_subject ( cert, &cursor ) ) != 0 )
966 return rc;
967 asn1_skip_any ( &cursor );
968
969 /* Parse subjectPublicKeyInfo */
970 if ( ( rc = x509_parse_public_key ( cert, &cursor ) ) != 0 )
971 return rc;
972 asn1_skip_any ( &cursor );
973
974 /* Parse extensions, if present */
975 if ( ( rc = x509_parse_extensions ( cert, &cursor ) ) != 0 )
976 return rc;
977
978 return 0;
979 }
980
981 /**
982 * Parse X.509 certificate from ASN.1 data
983 *
984 * @v cert X.509 certificate
985 * @v raw ASN.1 cursor
986 * @ret rc Return status code
987 */
988 int x509_parse ( struct x509_certificate *cert,
989 const struct asn1_cursor *raw ) {
990 struct x509_signature *signature = &cert->signature;
991 struct asn1_algorithm **signature_algorithm = &signature->algorithm;
992 struct asn1_bit_string *signature_value = &signature->value;
993 struct asn1_cursor cursor;
994 int rc;
995
996 /* Record raw certificate */
997 memcpy ( &cursor, raw, sizeof ( cursor ) );
998 memcpy ( &cert->raw, &cursor, sizeof ( cert->raw ) );
999
1000 /* Enter certificate */
1001 asn1_enter ( &cursor, ASN1_SEQUENCE );
1002
1003 /* Parse tbsCertificate */
1004 if ( ( rc = x509_parse_tbscertificate ( cert, &cursor ) ) != 0 )
1005 return rc;
1006 asn1_skip_any ( &cursor );
1007
1008 /* Parse signatureAlgorithm */
1009 if ( ( rc = asn1_signature_algorithm ( &cursor,
1010 signature_algorithm ) ) != 0 ) {
1011 DBGC ( cert, "X509 %p could not parse signature algorithm: "
1012 "%s\n", cert, strerror ( rc ) );
1013 return rc;
1014 }
1015 DBGC2 ( cert, "X509 %p signatureAlgorithm is %s\n",
1016 cert, (*signature_algorithm)->name );
1017 asn1_skip_any ( &cursor );
1018
1019 /* Parse signatureValue */
1020 if ( ( rc = asn1_integral_bit_string ( &cursor,
1021 signature_value ) ) != 0 ) {
1022 DBGC ( cert, "X509 %p could not parse signature value: %s\n",
1023 cert, strerror ( rc ) );
1024 return rc;
1025 }
1026 DBGC2 ( cert, "X509 %p signatureValue is:\n", cert );
1027 DBGC2_HDA ( cert, 0, signature_value->data, signature_value->len );
1028
1029 /* Check that algorithm in tbsCertificate matches algorithm in
1030 * signature
1031 */
1032 if ( signature->algorithm != (*signature_algorithm) ) {
1033 DBGC ( cert, "X509 %p signature algorithm %s does not match "
1034 "signatureAlgorithm %s\n",
1035 cert, signature->algorithm->name,
1036 (*signature_algorithm)->name );
1037 return -EINVAL_ALGORITHM_MISMATCH;
1038 }
1039
1040 return 0;
1041 }
1042
1043 /**
1044 * Create X.509 certificate
1045 *
1046 * @v data Raw certificate data
1047 * @v len Length of raw data
1048 * @ret cert X.509 certificate
1049 * @ret rc Return status code
1050 *
1051 * On success, the caller holds a reference to the X.509 certificate,
1052 * and is responsible for ultimately calling x509_put().
1053 */
1054 int x509_certificate ( const void *data, size_t len,
1055 struct x509_certificate **cert ) {
1056 struct asn1_cursor cursor;
1057 void *raw;
1058 int rc;
1059
1060 /* Initialise cursor */
1061 cursor.data = data;
1062 cursor.len = len;
1063 asn1_shrink_any ( &cursor );
1064
1065 /* Return stored certificate, if present */
1066 if ( ( *cert = certstore_find ( &cursor ) ) != NULL ) {
1067
1068 /* Add caller's reference */
1069 x509_get ( *cert );
1070 return 0;
1071 }
1072
1073 /* Allocate and initialise certificate */
1074 *cert = zalloc ( sizeof ( **cert ) + cursor.len );
1075 if ( ! *cert )
1076 return -ENOMEM;
1077 ref_init ( &(*cert)->refcnt, NULL );
1078 raw = ( *cert + 1 );
1079
1080 /* Copy raw data */
1081 memcpy ( raw, cursor.data, cursor.len );
1082 cursor.data = raw;
1083
1084 /* Parse certificate */
1085 if ( ( rc = x509_parse ( *cert, &cursor ) ) != 0 ) {
1086 x509_put ( *cert );
1087 *cert = NULL;
1088 return rc;
1089 }
1090
1091 /* Add certificate to store */
1092 certstore_add ( *cert );
1093
1094 return 0;
1095 }
1096
1097 /**
1098 * Check X.509 certificate signature
1099 *
1100 * @v cert X.509 certificate
1101 * @v public_key X.509 public key
1102 * @ret rc Return status code
1103 */
1104 static int x509_check_signature ( struct x509_certificate *cert,
1105 struct x509_public_key *public_key ) {
1106 struct x509_signature *signature = &cert->signature;
1107 struct asn1_algorithm *algorithm = signature->algorithm;
1108 struct digest_algorithm *digest = algorithm->digest;
1109 struct pubkey_algorithm *pubkey = algorithm->pubkey;
1110 uint8_t digest_ctx[ digest->ctxsize ];
1111 uint8_t digest_out[ digest->digestsize ];
1112 uint8_t pubkey_ctx[ pubkey->ctxsize ];
1113 int rc;
1114
1115 /* Sanity check */
1116 assert ( cert->signature_algorithm == cert->signature.algorithm );
1117
1118 /* Calculate certificate digest */
1119 digest_init ( digest, digest_ctx );
1120 digest_update ( digest, digest_ctx, cert->tbs.data, cert->tbs.len );
1121 digest_final ( digest, digest_ctx, digest_out );
1122 DBGC2 ( cert, "X509 %p \"%s\" digest:\n", cert, x509_name ( cert ) );
1123 DBGC2_HDA ( cert, 0, digest_out, sizeof ( digest_out ) );
1124
1125 /* Check that signature public key algorithm matches signer */
1126 if ( public_key->algorithm->pubkey != pubkey ) {
1127 DBGC ( cert, "X509 %p \"%s\" signature algorithm %s does not "
1128 "match signer's algorithm %s\n",
1129 cert, x509_name ( cert ), algorithm->name,
1130 public_key->algorithm->name );
1131 rc = -EINVAL_ALGORITHM_MISMATCH;
1132 goto err_mismatch;
1133 }
1134
1135 /* Verify signature using signer's public key */
1136 if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, public_key->raw.data,
1137 public_key->raw.len ) ) != 0 ) {
1138 DBGC ( cert, "X509 %p \"%s\" cannot initialise public key: "
1139 "%s\n", cert, x509_name ( cert ), strerror ( rc ) );
1140 goto err_pubkey_init;
1141 }
1142 if ( ( rc = pubkey_verify ( pubkey, pubkey_ctx, digest, digest_out,
1143 signature->value.data,
1144 signature->value.len ) ) != 0 ) {
1145 DBGC ( cert, "X509 %p \"%s\" signature verification failed: "
1146 "%s\n", cert, x509_name ( cert ), strerror ( rc ) );
1147 goto err_pubkey_verify;
1148 }
1149
1150 /* Success */
1151 rc = 0;
1152
1153 err_pubkey_verify:
1154 pubkey_final ( pubkey, pubkey_ctx );
1155 err_pubkey_init:
1156 err_mismatch:
1157 return rc;
1158 }
1159
1160 /**
1161 * Check X.509 certificate against issuer certificate
1162 *
1163 * @v cert X.509 certificate
1164 * @v issuer X.509 issuer certificate
1165 * @ret rc Return status code
1166 */
1167 int x509_check_issuer ( struct x509_certificate *cert,
1168 struct x509_certificate *issuer ) {
1169 struct x509_public_key *public_key = &issuer->subject.public_key;
1170 int rc;
1171
1172 /* Check issuer. In theory, this should be a full X.500 DN
1173 * comparison, which would require support for a plethora of
1174 * abominations such as TeletexString (which allows the
1175 * character set to be changed mid-string using escape codes).
1176 * In practice, we assume that anyone who deliberately changes
1177 * the encoding of the issuer DN is probably a masochist who
1178 * will rather enjoy the process of figuring out exactly why
1179 * their certificate doesn't work.
1180 *
1181 * See http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt
1182 * for some enjoyable ranting on this subject.
1183 */
1184 if ( asn1_compare ( &cert->issuer.raw, &issuer->subject.raw ) != 0 ) {
1185 DBGC ( cert, "X509 %p \"%s\" issuer does not match ",
1186 cert, x509_name ( cert ) );
1187 DBGC ( cert, "X509 %p \"%s\" subject\n",
1188 issuer, x509_name ( issuer ) );
1189 DBGC_HDA ( cert, 0, cert->issuer.raw.data,
1190 cert->issuer.raw.len );
1191 DBGC_HDA ( issuer, 0, issuer->subject.raw.data,
1192 issuer->subject.raw.len );
1193 return -EACCES_WRONG_ISSUER;
1194 }
1195
1196 /* Check that issuer is allowed to sign certificates */
1197 if ( ! issuer->extensions.basic.ca ) {
1198 DBGC ( issuer, "X509 %p \"%s\" cannot sign ",
1199 issuer, x509_name ( issuer ) );
1200 DBGC ( issuer, "X509 %p \"%s\": not a CA certificate\n",
1201 cert, x509_name ( cert ) );
1202 return -EACCES_NOT_CA;
1203 }
1204 if ( issuer->extensions.usage.present &&
1205 ( ! ( issuer->extensions.usage.bits & X509_KEY_CERT_SIGN ) ) ) {
1206 DBGC ( issuer, "X509 %p \"%s\" cannot sign ",
1207 issuer, x509_name ( issuer ) );
1208 DBGC ( issuer, "X509 %p \"%s\": no keyCertSign usage\n",
1209 cert, x509_name ( cert ) );
1210 return -EACCES_KEY_USAGE;
1211 }
1212
1213 /* Check signature */
1214 if ( ( rc = x509_check_signature ( cert, public_key ) ) != 0 )
1215 return rc;
1216
1217 return 0;
1218 }
1219
1220 /**
1221 * Calculate X.509 certificate fingerprint
1222 *
1223 * @v cert X.509 certificate
1224 * @v digest Digest algorithm
1225 * @v fingerprint Fingerprint buffer
1226 */
1227 void x509_fingerprint ( struct x509_certificate *cert,
1228 struct digest_algorithm *digest,
1229 void *fingerprint ) {
1230 uint8_t ctx[ digest->ctxsize ];
1231
1232 /* Calculate fingerprint */
1233 digest_init ( digest, ctx );
1234 digest_update ( digest, ctx, cert->raw.data, cert->raw.len );
1235 digest_final ( digest, ctx, fingerprint );
1236 }
1237
1238 /**
1239 * Check X.509 root certificate
1240 *
1241 * @v cert X.509 certificate
1242 * @v root X.509 root certificate list
1243 * @ret rc Return status code
1244 */
1245 int x509_check_root ( struct x509_certificate *cert, struct x509_root *root ) {
1246 struct digest_algorithm *digest = root->digest;
1247 uint8_t fingerprint[ digest->digestsize ];
1248 const uint8_t *root_fingerprint = root->fingerprints;
1249 unsigned int i;
1250
1251 /* Calculate certificate fingerprint */
1252 x509_fingerprint ( cert, digest, fingerprint );
1253
1254 /* Check fingerprint against all root certificates */
1255 for ( i = 0 ; i < root->count ; i++ ) {
1256 if ( memcmp ( fingerprint, root_fingerprint,
1257 sizeof ( fingerprint ) ) == 0 ) {
1258 DBGC ( cert, "X509 %p \"%s\" is a root certificate\n",
1259 cert, x509_name ( cert ) );
1260 return 0;
1261 }
1262 root_fingerprint += sizeof ( fingerprint );
1263 }
1264
1265 DBGC2 ( cert, "X509 %p \"%s\" is not a root certificate\n",
1266 cert, x509_name ( cert ) );
1267 return -ENOENT;
1268 }
1269
1270 /**
1271 * Check X.509 certificate validity period
1272 *
1273 * @v cert X.509 certificate
1274 * @v time Time at which to check certificate
1275 * @ret rc Return status code
1276 */
1277 int x509_check_time ( struct x509_certificate *cert, time_t time ) {
1278 struct x509_validity *validity = &cert->validity;
1279
1280 /* Check validity period */
1281 if ( validity->not_before.time > ( time + TIMESTAMP_ERROR_MARGIN ) ) {
1282 DBGC ( cert, "X509 %p \"%s\" is not yet valid (at time %lld)\n",
1283 cert, x509_name ( cert ), time );
1284 return -EACCES_EXPIRED;
1285 }
1286 if ( validity->not_after.time < ( time - TIMESTAMP_ERROR_MARGIN ) ) {
1287 DBGC ( cert, "X509 %p \"%s\" has expired (at time %lld)\n",
1288 cert, x509_name ( cert ), time );
1289 return -EACCES_EXPIRED;
1290 }
1291
1292 DBGC2 ( cert, "X509 %p \"%s\" is valid (at time %lld)\n",
1293 cert, x509_name ( cert ), time );
1294 return 0;
1295 }
1296
1297 /**
1298 * Validate X.509 certificate
1299 *
1300 * @v cert X.509 certificate
1301 * @v issuer Issuing X.509 certificate (or NULL)
1302 * @v time Time at which to validate certificate
1303 * @v root Root certificate list, or NULL to use default
1304 * @ret rc Return status code
1305 *
1306 * The issuing certificate must have already been validated.
1307 *
1308 * Validation results are cached: if a certificate has already been
1309 * successfully validated then @c issuer, @c time, and @c root will be
1310 * ignored.
1311 */
1312 int x509_validate ( struct x509_certificate *cert,
1313 struct x509_certificate *issuer,
1314 time_t time, struct x509_root *root ) {
1315 unsigned int max_path_remaining;
1316 int rc;
1317
1318 /* Use default root certificate store if none specified */
1319 if ( ! root )
1320 root = &root_certificates;
1321
1322 /* Return success if certificate has already been validated */
1323 if ( x509_is_valid ( cert ) )
1324 return 0;
1325
1326 /* Fail if certificate is invalid at specified time */
1327 if ( ( rc = x509_check_time ( cert, time ) ) != 0 )
1328 return rc;
1329
1330 /* Succeed if certificate is a trusted root certificate */
1331 if ( x509_check_root ( cert, root ) == 0 ) {
1332 cert->flags |= X509_FL_VALIDATED;
1333 cert->path_remaining = ( cert->extensions.basic.path_len + 1 );
1334 return 0;
1335 }
1336
1337 /* Fail unless we have an issuer */
1338 if ( ! issuer ) {
1339 DBGC2 ( cert, "X509 %p \"%s\" has no issuer\n",
1340 cert, x509_name ( cert ) );
1341 return -EACCES_UNTRUSTED;
1342 }
1343
1344 /* Fail unless issuer has already been validated */
1345 if ( ! x509_is_valid ( issuer ) ) {
1346 DBGC ( cert, "X509 %p \"%s\" ", cert, x509_name ( cert ) );
1347 DBGC ( cert, "issuer %p \"%s\" has not yet been validated\n",
1348 issuer, x509_name ( issuer ) );
1349 return -EACCES_OUT_OF_ORDER;
1350 }
1351
1352 /* Fail if issuing certificate cannot validate this certificate */
1353 if ( ( rc = x509_check_issuer ( cert, issuer ) ) != 0 )
1354 return rc;
1355
1356 /* Fail if path length constraint is violated */
1357 if ( issuer->path_remaining == 0 ) {
1358 DBGC ( cert, "X509 %p \"%s\" ", cert, x509_name ( cert ) );
1359 DBGC ( cert, "issuer %p \"%s\" path length exceeded\n",
1360 issuer, x509_name ( issuer ) );
1361 return -EACCES_PATH_LEN;
1362 }
1363
1364 /* Fail if OCSP is required */
1365 if ( cert->extensions.auth_info.ocsp.uri.len &&
1366 ( ! cert->extensions.auth_info.ocsp.good ) ) {
1367 DBGC ( cert, "X509 %p \"%s\" requires an OCSP check\n",
1368 cert, x509_name ( cert ) );
1369 return -EACCES_OCSP_REQUIRED;
1370 }
1371
1372 /* Calculate effective path length */
1373 cert->path_remaining = ( issuer->path_remaining - 1 );
1374 max_path_remaining = ( cert->extensions.basic.path_len + 1 );
1375 if ( cert->path_remaining > max_path_remaining )
1376 cert->path_remaining = max_path_remaining;
1377
1378 /* Mark certificate as valid */
1379 cert->flags |= X509_FL_VALIDATED;
1380
1381 DBGC ( cert, "X509 %p \"%s\" successfully validated using ",
1382 cert, x509_name ( cert ) );
1383 DBGC ( cert, "issuer %p \"%s\"\n", issuer, x509_name ( issuer ) );
1384 return 0;
1385 }
1386
1387 /**
1388 * Check X.509 certificate alternative dNSName
1389 *
1390 * @v cert X.509 certificate
1391 * @v raw ASN.1 cursor
1392 * @v name Name
1393 * @ret rc Return status code
1394 */
1395 static int x509_check_dnsname ( struct x509_certificate *cert,
1396 const struct asn1_cursor *raw,
1397 const char *name ) {
1398 const char *fullname = name;
1399 const char *dnsname = raw->data;
1400 size_t len = raw->len;
1401
1402 /* Check for wildcards */
1403 if ( ( len >= 2 ) && ( dnsname[0] == '*' ) && ( dnsname[1] == '.' ) ) {
1404
1405 /* Skip initial "*." */
1406 dnsname += 2;
1407 len -= 2;
1408
1409 /* Skip initial portion of name to be tested */
1410 name = strchr ( name, '.' );
1411 if ( ! name )
1412 return -ENOENT;
1413 name++;
1414 }
1415
1416 /* Compare names */
1417 if ( ! ( ( strlen ( name ) == len ) &&
1418 ( memcmp ( name, dnsname, len ) == 0 ) ) )
1419 return -ENOENT;
1420
1421 if ( name != fullname ) {
1422 DBGC2 ( cert, "X509 %p \"%s\" found wildcard match for "
1423 "\"*.%s\"\n", cert, x509_name ( cert ), name );
1424 }
1425 return 0;
1426 }
1427
1428 /**
1429 * Check X.509 certificate alternative iPAddress
1430 *
1431 * @v cert X.509 certificate
1432 * @v raw ASN.1 cursor
1433 * @v name Name
1434 * @ret rc Return status code
1435 */
1436 static int x509_check_ipaddress ( struct x509_certificate *cert,
1437 const struct asn1_cursor *raw,
1438 const char *name ) {
1439 struct sockaddr sa;
1440 sa_family_t family;
1441 const void *address;
1442 int rc;
1443
1444 /* Determine address family */
1445 if ( raw->len == sizeof ( struct in_addr ) ) {
1446 struct sockaddr_in *sin = ( ( struct sockaddr_in * ) &sa );
1447 family = AF_INET;
1448 address = &sin->sin_addr;
1449 } else if ( raw->len == sizeof ( struct in6_addr ) ) {
1450 struct sockaddr_in6 *sin6 = ( ( struct sockaddr_in6 * ) &sa );
1451 family = AF_INET6;
1452 address = &sin6->sin6_addr;
1453 } else {
1454 DBGC ( cert, "X509 %p \"%s\" has iPAddress with unexpected "
1455 "length %zd\n", cert, x509_name ( cert ), raw->len );
1456 DBGC_HDA ( cert, 0, raw->data, raw->len );
1457 return -EINVAL;
1458 }
1459
1460 /* Attempt to convert name to a socket address */
1461 if ( ( rc = sock_aton ( name, &sa ) ) != 0 ) {
1462 DBGC2 ( cert, "X509 %p \"%s\" cannot parse \"%s\" as "
1463 "iPAddress: %s\n", cert, x509_name ( cert ), name,
1464 strerror ( rc ) );
1465 return rc;
1466 }
1467 if ( sa.sa_family != family )
1468 return -ENOENT;
1469
1470 /* Compare addresses */
1471 if ( memcmp ( address, raw->data, raw->len ) != 0 )
1472 return -ENOENT;
1473
1474 DBGC2 ( cert, "X509 %p \"%s\" found iPAddress match for \"%s\"\n",
1475 cert, x509_name ( cert ), sock_ntoa ( &sa ) );
1476 return 0;
1477 }
1478
1479 /**
1480 * Check X.509 certificate alternative name
1481 *
1482 * @v cert X.509 certificate
1483 * @v raw ASN.1 cursor
1484 * @v name Name
1485 * @ret rc Return status code
1486 */
1487 static int x509_check_alt_name ( struct x509_certificate *cert,
1488 const struct asn1_cursor *raw,
1489 const char *name ) {
1490 struct asn1_cursor alt_name;
1491 unsigned int type;
1492
1493 /* Enter generalName */
1494 memcpy ( &alt_name, raw, sizeof ( alt_name ) );
1495 type = asn1_type ( &alt_name );
1496 asn1_enter_any ( &alt_name );
1497
1498 /* Check this name */
1499 switch ( type ) {
1500 case X509_GENERAL_NAME_DNS :
1501 return x509_check_dnsname ( cert, &alt_name, name );
1502 case X509_GENERAL_NAME_IP :
1503 return x509_check_ipaddress ( cert, &alt_name, name );
1504 default:
1505 DBGC2 ( cert, "X509 %p \"%s\" unknown name of type %#02x:\n",
1506 cert, x509_name ( cert ), type );
1507 DBGC2_HDA ( cert, 0, alt_name.data, alt_name.len );
1508 return -ENOTSUP;
1509 }
1510 }
1511
1512 /**
1513 * Check X.509 certificate name
1514 *
1515 * @v cert X.509 certificate
1516 * @v name Name
1517 * @ret rc Return status code
1518 */
1519 int x509_check_name ( struct x509_certificate *cert, const char *name ) {
1520 struct asn1_cursor *common_name = &cert->subject.common_name;
1521 struct asn1_cursor alt_name;
1522 int rc;
1523
1524 /* Check commonName */
1525 if ( x509_check_dnsname ( cert, common_name, name ) == 0 ) {
1526 DBGC2 ( cert, "X509 %p \"%s\" commonName matches \"%s\"\n",
1527 cert, x509_name ( cert ), name );
1528 return 0;
1529 }
1530
1531 /* Check any subjectAlternativeNames */
1532 memcpy ( &alt_name, &cert->extensions.alt_name.names,
1533 sizeof ( alt_name ) );
1534 for ( ; alt_name.len ; asn1_skip_any ( &alt_name ) ) {
1535 if ( ( rc = x509_check_alt_name ( cert, &alt_name,
1536 name ) ) == 0 ) {
1537 DBGC2 ( cert, "X509 %p \"%s\" subjectAltName matches "
1538 "\"%s\"\n", cert, x509_name ( cert ), name );
1539 return 0;
1540 }
1541 }
1542
1543 DBGC ( cert, "X509 %p \"%s\" does not match name \"%s\"\n",
1544 cert, x509_name ( cert ), name );
1545 return -EACCES_WRONG_NAME;
1546 }
1547
1548 /**
1549 * Free X.509 certificate chain
1550 *
1551 * @v refcnt Reference count
1552 */
1553 static void x509_free_chain ( struct refcnt *refcnt ) {
1554 struct x509_chain *chain =
1555 container_of ( refcnt, struct x509_chain, refcnt );
1556 struct x509_link *link;
1557 struct x509_link *tmp;
1558
1559 DBGC2 ( chain, "X509 chain %p freed\n", chain );
1560
1561 /* Free each link in the chain */
1562 list_for_each_entry_safe ( link, tmp, &chain->links, list ) {
1563 x509_put ( link->cert );
1564 list_del ( &link->list );
1565 free ( link );
1566 }
1567
1568 /* Free chain */
1569 free ( chain );
1570 }
1571
1572 /**
1573 * Allocate X.509 certificate chain
1574 *
1575 * @ret chain X.509 certificate chain, or NULL
1576 */
1577 struct x509_chain * x509_alloc_chain ( void ) {
1578 struct x509_chain *chain;
1579
1580 /* Allocate chain */
1581 chain = zalloc ( sizeof ( *chain ) );
1582 if ( ! chain )
1583 return NULL;
1584
1585 /* Initialise chain */
1586 ref_init ( &chain->refcnt, x509_free_chain );
1587 INIT_LIST_HEAD ( &chain->links );
1588
1589 DBGC2 ( chain, "X509 chain %p allocated\n", chain );
1590 return chain;
1591 }
1592
1593 /**
1594 * Append X.509 certificate to X.509 certificate chain
1595 *
1596 * @v chain X.509 certificate chain
1597 * @v cert X.509 certificate
1598 * @ret rc Return status code
1599 */
1600 int x509_append ( struct x509_chain *chain, struct x509_certificate *cert ) {
1601 struct x509_link *link;
1602
1603 /* Allocate link */
1604 link = zalloc ( sizeof ( *link ) );
1605 if ( ! link )
1606 return -ENOMEM;
1607
1608 /* Add link to chain */
1609 link->cert = x509_get ( cert );
1610 list_add_tail ( &link->list, &chain->links );
1611 DBGC ( chain, "X509 chain %p added X509 %p \"%s\"\n",
1612 chain, cert, x509_name ( cert ) );
1613
1614 return 0;
1615 }
1616
1617 /**
1618 * Append X.509 certificate to X.509 certificate chain
1619 *
1620 * @v chain X.509 certificate chain
1621 * @v data Raw certificate data
1622 * @v len Length of raw data
1623 * @ret rc Return status code
1624 */
1625 int x509_append_raw ( struct x509_chain *chain, const void *data,
1626 size_t len ) {
1627 struct x509_certificate *cert;
1628 int rc;
1629
1630 /* Parse certificate */
1631 if ( ( rc = x509_certificate ( data, len, &cert ) ) != 0 )
1632 goto err_parse;
1633
1634 /* Append certificate to chain */
1635 if ( ( rc = x509_append ( chain, cert ) ) != 0 )
1636 goto err_append;
1637
1638 /* Drop reference to certificate */
1639 x509_put ( cert );
1640
1641 return 0;
1642
1643 err_append:
1644 x509_put ( cert );
1645 err_parse:
1646 return rc;
1647 }
1648
1649 /**
1650 * Identify X.509 certificate by subject
1651 *
1652 * @v certs X.509 certificate list
1653 * @v subject Subject
1654 * @ret cert X.509 certificate, or NULL if not found
1655 */
1656 static struct x509_certificate *
1657 x509_find_subject ( struct x509_chain *certs,
1658 const struct asn1_cursor *subject ) {
1659 struct x509_link *link;
1660 struct x509_certificate *cert;
1661
1662 /* Scan through certificate list */
1663 list_for_each_entry ( link, &certs->links, list ) {
1664
1665 /* Check subject */
1666 cert = link->cert;
1667 if ( asn1_compare ( subject, &cert->subject.raw ) == 0 )
1668 return cert;
1669 }
1670
1671 return NULL;
1672 }
1673
1674 /**
1675 * Append X.509 certificates to X.509 certificate chain
1676 *
1677 * @v chain X.509 certificate chain
1678 * @v certs X.509 certificate list
1679 * @ret rc Return status code
1680 *
1681 * Certificates will be automatically appended to the chain based upon
1682 * the subject and issuer names.
1683 */
1684 int x509_auto_append ( struct x509_chain *chain, struct x509_chain *certs ) {
1685 struct x509_certificate *cert;
1686 struct x509_certificate *previous;
1687 int rc;
1688
1689 /* Get current certificate */
1690 cert = x509_last ( chain );
1691 if ( ! cert ) {
1692 DBGC ( chain, "X509 chain %p has no certificates\n", chain );
1693 return -EACCES_EMPTY;
1694 }
1695
1696 /* Append certificates, in order */
1697 while ( 1 ) {
1698
1699 /* Find issuing certificate */
1700 previous = cert;
1701 cert = x509_find_subject ( certs, &cert->issuer.raw );
1702 if ( ! cert )
1703 break;
1704 if ( cert == previous )
1705 break;
1706
1707 /* Append certificate to chain */
1708 if ( ( rc = x509_append ( chain, cert ) ) != 0 )
1709 return rc;
1710 }
1711
1712 return 0;
1713 }
1714
1715 /**
1716 * Validate X.509 certificate chain
1717 *
1718 * @v chain X.509 certificate chain
1719 * @v time Time at which to validate certificates
1720 * @v store Certificate store, or NULL to use default
1721 * @v root Root certificate list, or NULL to use default
1722 * @ret rc Return status code
1723 */
1724 int x509_validate_chain ( struct x509_chain *chain, time_t time,
1725 struct x509_chain *store, struct x509_root *root ) {
1726 struct x509_certificate *issuer = NULL;
1727 struct x509_link *link;
1728 int rc;
1729
1730 /* Use default certificate store if none specified */
1731 if ( ! store )
1732 store = &certstore;
1733
1734 /* Append any applicable certificates from the certificate store */
1735 if ( ( rc = x509_auto_append ( chain, store ) ) != 0 )
1736 return rc;
1737
1738 /* Find first certificate that can be validated as a
1739 * standalone (i.e. is already valid, or can be validated as
1740 * a trusted root certificate).
1741 */
1742 list_for_each_entry ( link, &chain->links, list ) {
1743
1744 /* Try validating this certificate as a standalone */
1745 if ( ( rc = x509_validate ( link->cert, NULL, time,
1746 root ) ) != 0 )
1747 continue;
1748
1749 /* Work back up to start of chain, performing pairwise
1750 * validation.
1751 */
1752 issuer = link->cert;
1753 list_for_each_entry_continue_reverse ( link, &chain->links,
1754 list ) {
1755
1756 /* Validate this certificate against its issuer */
1757 if ( ( rc = x509_validate ( link->cert, issuer, time,
1758 root ) ) != 0 )
1759 return rc;
1760 issuer = link->cert;
1761 }
1762
1763 return 0;
1764 }
1765
1766 DBGC ( chain, "X509 chain %p found no usable certificates\n", chain );
1767 return -EACCES_USELESS;
1768 }
1769
1770 /**
1771 * Extract X.509 certificate object from image
1772 *
1773 * @v image Image
1774 * @v offset Offset within image
1775 * @ret cert X.509 certificate
1776 * @ret next Offset to next image, or negative error
1777 *
1778 * On success, the caller holds a reference to the X.509 certificate,
1779 * and is responsible for ultimately calling x509_put().
1780 */
1781 int image_x509 ( struct image *image, size_t offset,
1782 struct x509_certificate **cert ) {
1783 struct asn1_cursor *cursor;
1784 int next;
1785 int rc;
1786
1787 /* Get ASN.1 object */
1788 next = image_asn1 ( image, offset, &cursor );
1789 if ( next < 0 ) {
1790 rc = next;
1791 goto err_asn1;
1792 }
1793
1794 /* Parse certificate */
1795 if ( ( rc = x509_certificate ( cursor->data, cursor->len,
1796 cert ) ) != 0 )
1797 goto err_certificate;
1798
1799 /* Free ASN.1 object */
1800 free ( cursor );
1801
1802 return next;
1803
1804 x509_put ( *cert );
1805 err_certificate:
1806 free ( cursor );
1807 err_asn1:
1808 return rc;
1809 }
1810
1811 /* Drag in objects via x509_validate() */
1812 REQUIRING_SYMBOL ( x509_validate );
1813
1814 /* Drag in certificate store */
1815 REQUIRE_OBJECT ( certstore );
1816
1817 /* Drag in crypto configuration */
1818 REQUIRE_OBJECT ( config_crypto );