1 |
|
|
/* $OpenBSD: x509_vfy.c,v 1.66 2017/08/27 01:39:26 beck Exp $ */ |
2 |
|
|
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 |
|
|
* All rights reserved. |
4 |
|
|
* |
5 |
|
|
* This package is an SSL implementation written |
6 |
|
|
* by Eric Young (eay@cryptsoft.com). |
7 |
|
|
* The implementation was written so as to conform with Netscapes SSL. |
8 |
|
|
* |
9 |
|
|
* This library is free for commercial and non-commercial use as long as |
10 |
|
|
* the following conditions are aheared to. The following conditions |
11 |
|
|
* apply to all code found in this distribution, be it the RC4, RSA, |
12 |
|
|
* lhash, DES, etc., code; not just the SSL code. The SSL documentation |
13 |
|
|
* included with this distribution is covered by the same copyright terms |
14 |
|
|
* except that the holder is Tim Hudson (tjh@cryptsoft.com). |
15 |
|
|
* |
16 |
|
|
* Copyright remains Eric Young's, and as such any Copyright notices in |
17 |
|
|
* the code are not to be removed. |
18 |
|
|
* If this package is used in a product, Eric Young should be given attribution |
19 |
|
|
* as the author of the parts of the library used. |
20 |
|
|
* This can be in the form of a textual message at program startup or |
21 |
|
|
* in documentation (online or textual) provided with the package. |
22 |
|
|
* |
23 |
|
|
* Redistribution and use in source and binary forms, with or without |
24 |
|
|
* modification, are permitted provided that the following conditions |
25 |
|
|
* are met: |
26 |
|
|
* 1. Redistributions of source code must retain the copyright |
27 |
|
|
* notice, this list of conditions and the following disclaimer. |
28 |
|
|
* 2. Redistributions in binary form must reproduce the above copyright |
29 |
|
|
* notice, this list of conditions and the following disclaimer in the |
30 |
|
|
* documentation and/or other materials provided with the distribution. |
31 |
|
|
* 3. All advertising materials mentioning features or use of this software |
32 |
|
|
* must display the following acknowledgement: |
33 |
|
|
* "This product includes cryptographic software written by |
34 |
|
|
* Eric Young (eay@cryptsoft.com)" |
35 |
|
|
* The word 'cryptographic' can be left out if the rouines from the library |
36 |
|
|
* being used are not cryptographic related :-). |
37 |
|
|
* 4. If you include any Windows specific code (or a derivative thereof) from |
38 |
|
|
* the apps directory (application code) you must include an acknowledgement: |
39 |
|
|
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" |
40 |
|
|
* |
41 |
|
|
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
42 |
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
43 |
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
44 |
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
45 |
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
46 |
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
47 |
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
48 |
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
49 |
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
50 |
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
51 |
|
|
* SUCH DAMAGE. |
52 |
|
|
* |
53 |
|
|
* The licence and distribution terms for any publically available version or |
54 |
|
|
* derivative of this code cannot be changed. i.e. this code cannot simply be |
55 |
|
|
* copied and put under another distribution licence |
56 |
|
|
* [including the GNU Public Licence.] |
57 |
|
|
*/ |
58 |
|
|
|
59 |
|
|
#include <errno.h> |
60 |
|
|
#include <stdio.h> |
61 |
|
|
#include <string.h> |
62 |
|
|
#include <time.h> |
63 |
|
|
#include <unistd.h> |
64 |
|
|
|
65 |
|
|
#include <openssl/opensslconf.h> |
66 |
|
|
|
67 |
|
|
#include <openssl/asn1.h> |
68 |
|
|
#include <openssl/buffer.h> |
69 |
|
|
#include <openssl/crypto.h> |
70 |
|
|
#include <openssl/err.h> |
71 |
|
|
#include <openssl/evp.h> |
72 |
|
|
#include <openssl/lhash.h> |
73 |
|
|
#include <openssl/objects.h> |
74 |
|
|
#include <openssl/x509.h> |
75 |
|
|
#include <openssl/x509v3.h> |
76 |
|
|
#include "asn1_locl.h" |
77 |
|
|
#include "vpm_int.h" |
78 |
|
|
#include "x509_lcl.h" |
79 |
|
|
|
80 |
|
|
/* CRL score values */ |
81 |
|
|
|
82 |
|
|
/* No unhandled critical extensions */ |
83 |
|
|
|
84 |
|
|
#define CRL_SCORE_NOCRITICAL 0x100 |
85 |
|
|
|
86 |
|
|
/* certificate is within CRL scope */ |
87 |
|
|
|
88 |
|
|
#define CRL_SCORE_SCOPE 0x080 |
89 |
|
|
|
90 |
|
|
/* CRL times valid */ |
91 |
|
|
|
92 |
|
|
#define CRL_SCORE_TIME 0x040 |
93 |
|
|
|
94 |
|
|
/* Issuer name matches certificate */ |
95 |
|
|
|
96 |
|
|
#define CRL_SCORE_ISSUER_NAME 0x020 |
97 |
|
|
|
98 |
|
|
/* If this score or above CRL is probably valid */ |
99 |
|
|
|
100 |
|
|
#define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE) |
101 |
|
|
|
102 |
|
|
/* CRL issuer is certificate issuer */ |
103 |
|
|
|
104 |
|
|
#define CRL_SCORE_ISSUER_CERT 0x018 |
105 |
|
|
|
106 |
|
|
/* CRL issuer is on certificate path */ |
107 |
|
|
|
108 |
|
|
#define CRL_SCORE_SAME_PATH 0x008 |
109 |
|
|
|
110 |
|
|
/* CRL issuer matches CRL AKID */ |
111 |
|
|
|
112 |
|
|
#define CRL_SCORE_AKID 0x004 |
113 |
|
|
|
114 |
|
|
/* Have a delta CRL with valid times */ |
115 |
|
|
|
116 |
|
|
#define CRL_SCORE_TIME_DELTA 0x002 |
117 |
|
|
|
118 |
|
|
static int null_callback(int ok, X509_STORE_CTX *e); |
119 |
|
|
static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); |
120 |
|
|
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x); |
121 |
|
|
static int check_chain_extensions(X509_STORE_CTX *ctx); |
122 |
|
|
static int check_name_constraints(X509_STORE_CTX *ctx); |
123 |
|
|
static int check_trust(X509_STORE_CTX *ctx); |
124 |
|
|
static int check_revocation(X509_STORE_CTX *ctx); |
125 |
|
|
static int check_cert(X509_STORE_CTX *ctx); |
126 |
|
|
static int check_policy(X509_STORE_CTX *ctx); |
127 |
|
|
|
128 |
|
|
static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, |
129 |
|
|
unsigned int *preasons, X509_CRL *crl, X509 *x); |
130 |
|
|
static int get_crl_delta(X509_STORE_CTX *ctx, |
131 |
|
|
X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x); |
132 |
|
|
static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pcrl_score, |
133 |
|
|
X509_CRL *base, STACK_OF(X509_CRL) *crls); |
134 |
|
|
static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer, |
135 |
|
|
int *pcrl_score); |
136 |
|
|
static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, |
137 |
|
|
unsigned int *preasons); |
138 |
|
|
static int check_crl_path(X509_STORE_CTX *ctx, X509 *x); |
139 |
|
|
static int check_crl_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *cert_path, |
140 |
|
|
STACK_OF(X509) *crl_path); |
141 |
|
|
static int X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, |
142 |
|
|
int clamp_notafter); |
143 |
|
|
|
144 |
|
|
static int internal_verify(X509_STORE_CTX *ctx); |
145 |
|
|
|
146 |
|
|
int ASN1_time_tm_clamp_notafter(struct tm *tm); |
147 |
|
|
|
148 |
|
|
static int |
149 |
|
|
null_callback(int ok, X509_STORE_CTX *e) |
150 |
|
|
{ |
151 |
|
5396 |
return ok; |
152 |
|
|
} |
153 |
|
|
|
154 |
|
|
#if 0 |
155 |
|
|
static int |
156 |
|
|
x509_subject_cmp(X509 **a, X509 **b) |
157 |
|
|
{ |
158 |
|
|
return X509_subject_name_cmp(*a, *b); |
159 |
|
|
} |
160 |
|
|
#endif |
161 |
|
|
|
162 |
|
|
/* Return 1 is a certificate is self signed */ |
163 |
|
|
static int |
164 |
|
|
cert_self_signed(X509 *x) |
165 |
|
|
{ |
166 |
|
13934 |
X509_check_purpose(x, -1, 0); |
167 |
✓✓ |
6967 |
if (x->ex_flags & EXFLAG_SS) |
168 |
|
3534 |
return 1; |
169 |
|
|
else |
170 |
|
3433 |
return 0; |
171 |
|
6967 |
} |
172 |
|
|
|
173 |
|
|
static int |
174 |
|
|
check_id_error(X509_STORE_CTX *ctx, int errcode) |
175 |
|
|
{ |
176 |
|
|
ctx->error = errcode; |
177 |
|
|
ctx->current_cert = ctx->cert; |
178 |
|
|
ctx->error_depth = 0; |
179 |
|
|
return ctx->verify_cb(0, ctx); |
180 |
|
|
} |
181 |
|
|
|
182 |
|
|
static int |
183 |
|
|
check_hosts(X509 *x, X509_VERIFY_PARAM_ID *id) |
184 |
|
|
{ |
185 |
|
|
size_t i; |
186 |
|
|
size_t n = sk_OPENSSL_STRING_num(id->hosts); |
187 |
|
|
char *name; |
188 |
|
|
|
189 |
|
|
free(id->peername); |
190 |
|
|
id->peername = NULL; |
191 |
|
|
|
192 |
|
|
for (i = 0; i < n; ++i) { |
193 |
|
|
name = sk_OPENSSL_STRING_value(id->hosts, i); |
194 |
|
|
if (X509_check_host(x, name, strlen(name), id->hostflags, |
195 |
|
|
&id->peername) > 0) |
196 |
|
|
return 1; |
197 |
|
|
} |
198 |
|
|
return n == 0; |
199 |
|
|
} |
200 |
|
|
|
201 |
|
|
static int |
202 |
|
|
check_id(X509_STORE_CTX *ctx) |
203 |
|
|
{ |
204 |
|
2464 |
X509_VERIFY_PARAM *vpm = ctx->param; |
205 |
|
1232 |
X509_VERIFY_PARAM_ID *id = vpm->id; |
206 |
|
1232 |
X509 *x = ctx->cert; |
207 |
|
|
|
208 |
✗✓✗✗
|
1232 |
if (id->hosts && check_hosts(x, id) <= 0) { |
209 |
|
|
if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH)) |
210 |
|
|
return 0; |
211 |
|
|
} |
212 |
✗✓✗✗
|
1232 |
if (id->email != NULL && X509_check_email(x, id->email, id->emaillen, 0) |
213 |
|
|
<= 0) { |
214 |
|
|
if (!check_id_error(ctx, X509_V_ERR_EMAIL_MISMATCH)) |
215 |
|
|
return 0; |
216 |
|
|
} |
217 |
✗✓✗✗
|
1232 |
if (id->ip != NULL && X509_check_ip(x, id->ip, id->iplen, 0) <= 0) { |
218 |
|
|
if (!check_id_error(ctx, X509_V_ERR_IP_ADDRESS_MISMATCH)) |
219 |
|
|
return 0; |
220 |
|
|
} |
221 |
|
1232 |
return 1; |
222 |
|
1232 |
} |
223 |
|
|
|
224 |
|
|
int |
225 |
|
|
X509_verify_cert(X509_STORE_CTX *ctx) |
226 |
|
|
{ |
227 |
|
2984 |
X509 *x, *xtmp, *xtmp2, *chain_ss = NULL; |
228 |
|
|
int bad_chain = 0; |
229 |
|
1492 |
X509_VERIFY_PARAM *param = ctx->param; |
230 |
|
|
int depth, i, ok = 0; |
231 |
|
|
int num, j, retry, trust; |
232 |
|
|
int (*cb) (int xok, X509_STORE_CTX *xctx); |
233 |
|
|
STACK_OF(X509) *sktmp = NULL; |
234 |
|
|
|
235 |
✗✓ |
1492 |
if (ctx->cert == NULL) { |
236 |
|
|
X509error(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); |
237 |
|
|
ctx->error = X509_V_ERR_INVALID_CALL; |
238 |
|
|
return -1; |
239 |
|
|
} |
240 |
✗✓ |
1492 |
if (ctx->chain != NULL) { |
241 |
|
|
/* |
242 |
|
|
* This X509_STORE_CTX has already been used to verify |
243 |
|
|
* a cert. We cannot do another one. |
244 |
|
|
*/ |
245 |
|
|
X509error(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
246 |
|
|
ctx->error = X509_V_ERR_INVALID_CALL; |
247 |
|
|
return -1; |
248 |
|
|
} |
249 |
✗✓ |
1492 |
if (ctx->error != X509_V_ERR_INVALID_CALL) { |
250 |
|
|
/* |
251 |
|
|
* This X509_STORE_CTX has not been properly initialized. |
252 |
|
|
*/ |
253 |
|
|
X509error(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
254 |
|
|
ctx->error = X509_V_ERR_INVALID_CALL; |
255 |
|
|
return -1; |
256 |
|
|
} |
257 |
|
1492 |
ctx->error = X509_V_OK; /* Initialize to OK */ |
258 |
|
|
|
259 |
|
1492 |
cb = ctx->verify_cb; |
260 |
|
|
|
261 |
|
|
/* |
262 |
|
|
* First we make sure the chain we are going to build is |
263 |
|
|
* present and that the first entry is in place. |
264 |
|
|
*/ |
265 |
|
1492 |
ctx->chain = sk_X509_new_null(); |
266 |
✓✗✗✓
|
2984 |
if (ctx->chain == NULL || !sk_X509_push(ctx->chain, ctx->cert)) { |
267 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
268 |
|
|
ctx->error = X509_V_ERR_OUT_OF_MEM; |
269 |
|
|
goto end; |
270 |
|
|
} |
271 |
|
1492 |
X509_up_ref(ctx->cert); |
272 |
|
1492 |
ctx->last_untrusted = 1; |
273 |
|
|
|
274 |
|
|
/* We use a temporary STACK so we can chop and hack at it */ |
275 |
✓✓✗✓
|
2791 |
if (ctx->untrusted != NULL && |
276 |
|
1299 |
(sktmp = sk_X509_dup(ctx->untrusted)) == NULL) { |
277 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
278 |
|
|
ctx->error = X509_V_ERR_OUT_OF_MEM; |
279 |
|
|
goto end; |
280 |
|
|
} |
281 |
|
|
|
282 |
|
1492 |
num = sk_X509_num(ctx->chain); |
283 |
|
1492 |
x = sk_X509_value(ctx->chain, num - 1); |
284 |
|
1492 |
depth = param->depth; |
285 |
|
|
|
286 |
|
1492 |
for (;;) { |
287 |
|
|
/* If we have enough, we break */ |
288 |
|
|
/* FIXME: If this happens, we should take |
289 |
|
|
* note of it and, if appropriate, use the |
290 |
|
|
* X509_V_ERR_CERT_CHAIN_TOO_LONG error code |
291 |
|
|
* later. |
292 |
|
|
*/ |
293 |
✓✗ |
2692 |
if (depth < num) |
294 |
|
|
break; |
295 |
|
|
/* If we are self signed, we break */ |
296 |
✓✓ |
2692 |
if (cert_self_signed(x)) |
297 |
|
|
break; |
298 |
|
|
/* |
299 |
|
|
* If asked see if we can find issuer in trusted store first |
300 |
|
|
*/ |
301 |
✗✓ |
1539 |
if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) { |
302 |
|
|
ok = ctx->get_issuer(&xtmp, ctx, x); |
303 |
|
|
if (ok < 0) { |
304 |
|
|
ctx->error = X509_V_ERR_STORE_LOOKUP; |
305 |
|
|
goto end; |
306 |
|
|
} |
307 |
|
|
/* |
308 |
|
|
* If successful for now free up cert so it |
309 |
|
|
* will be picked up again later. |
310 |
|
|
*/ |
311 |
|
|
if (ok > 0) { |
312 |
|
|
X509_free(xtmp); |
313 |
|
|
break; |
314 |
|
|
} |
315 |
|
|
} |
316 |
|
|
/* If we were passed a cert chain, use it first */ |
317 |
✓✓ |
1539 |
if (ctx->untrusted != NULL) { |
318 |
|
1346 |
xtmp = find_issuer(ctx, sktmp, x); |
319 |
✓✓ |
1346 |
if (xtmp != NULL) { |
320 |
✗✓ |
1200 |
if (!sk_X509_push(ctx->chain, xtmp)) { |
321 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
322 |
|
|
ctx->error = X509_V_ERR_OUT_OF_MEM; |
323 |
|
|
ok = 0; |
324 |
|
|
goto end; |
325 |
|
|
} |
326 |
|
1200 |
X509_up_ref(xtmp); |
327 |
|
1200 |
(void)sk_X509_delete_ptr(sktmp, xtmp); |
328 |
|
1200 |
ctx->last_untrusted++; |
329 |
|
1200 |
x = xtmp; |
330 |
|
1200 |
num++; |
331 |
|
|
/* |
332 |
|
|
* reparse the full chain for the next one |
333 |
|
|
*/ |
334 |
|
1200 |
continue; |
335 |
|
|
} |
336 |
|
|
} |
337 |
|
|
break; |
338 |
|
|
} |
339 |
|
|
/* Remember how many untrusted certs we have */ |
340 |
|
|
j = num; |
341 |
|
|
|
342 |
|
|
/* |
343 |
|
|
* At this point, chain should contain a list of untrusted |
344 |
|
|
* certificates. We now need to add at least one trusted one, |
345 |
|
|
* if possible, otherwise we complain. |
346 |
|
|
*/ |
347 |
|
|
|
348 |
|
1492 |
do { |
349 |
|
|
/* |
350 |
|
|
* Examine last certificate in chain and see if it is |
351 |
|
|
* self signed. |
352 |
|
|
*/ |
353 |
|
1492 |
i = sk_X509_num(ctx->chain); |
354 |
|
1492 |
x = sk_X509_value(ctx->chain, i - 1); |
355 |
✓✓ |
1492 |
if (cert_self_signed(x)) { |
356 |
|
|
/* we have a self signed certificate */ |
357 |
✗✓ |
1153 |
if (i == 1) { |
358 |
|
|
/* |
359 |
|
|
* We have a single self signed |
360 |
|
|
* certificate: see if we can find it |
361 |
|
|
* in the store. We must have an exact |
362 |
|
|
* match to avoid possible |
363 |
|
|
* impersonation. |
364 |
|
|
*/ |
365 |
|
|
ok = ctx->get_issuer(&xtmp, ctx, x); |
366 |
|
|
if ((ok <= 0) || X509_cmp(x, xtmp)) { |
367 |
|
|
ctx->error = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; |
368 |
|
|
ctx->current_cert = x; |
369 |
|
|
ctx->error_depth = i - 1; |
370 |
|
|
if (ok == 1) |
371 |
|
|
X509_free(xtmp); |
372 |
|
|
bad_chain = 1; |
373 |
|
|
ok = cb(0, ctx); |
374 |
|
|
if (!ok) |
375 |
|
|
goto end; |
376 |
|
|
} else { |
377 |
|
|
/* |
378 |
|
|
* We have a match: replace |
379 |
|
|
* certificate with store |
380 |
|
|
* version so we get any trust |
381 |
|
|
* settings. |
382 |
|
|
*/ |
383 |
|
|
X509_free(x); |
384 |
|
|
x = xtmp; |
385 |
|
|
(void)sk_X509_set(ctx->chain, i - 1, x); |
386 |
|
|
ctx->last_untrusted = 0; |
387 |
|
|
} |
388 |
|
|
} else { |
389 |
|
|
/* |
390 |
|
|
* extract and save self signed |
391 |
|
|
* certificate for later use |
392 |
|
|
*/ |
393 |
|
1153 |
chain_ss = sk_X509_pop(ctx->chain); |
394 |
|
1153 |
ctx->last_untrusted--; |
395 |
|
1153 |
num--; |
396 |
|
1153 |
j--; |
397 |
|
1153 |
x = sk_X509_value(ctx->chain, num - 1); |
398 |
|
|
} |
399 |
|
|
} |
400 |
|
|
/* We now lookup certs from the certificate store */ |
401 |
|
2783 |
for (;;) { |
402 |
|
|
/* If we have enough, we break */ |
403 |
✓✗ |
2783 |
if (depth < num) |
404 |
|
|
break; |
405 |
|
|
/* If we are self signed, we break */ |
406 |
✓✓ |
2783 |
if (cert_self_signed(x)) |
407 |
|
|
break; |
408 |
|
1555 |
ok = ctx->get_issuer(&xtmp, ctx, x); |
409 |
|
|
|
410 |
✗✓ |
1555 |
if (ok < 0) { |
411 |
|
|
ctx->error = X509_V_ERR_STORE_LOOKUP; |
412 |
|
|
goto end; |
413 |
|
|
} |
414 |
✓✓ |
1555 |
if (ok == 0) |
415 |
|
|
break; |
416 |
|
1291 |
x = xtmp; |
417 |
✗✓ |
1291 |
if (!sk_X509_push(ctx->chain, x)) { |
418 |
|
|
X509_free(xtmp); |
419 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
420 |
|
|
ctx->error = X509_V_ERR_OUT_OF_MEM; |
421 |
|
|
ok = 0; |
422 |
|
|
goto end; |
423 |
|
|
} |
424 |
|
1291 |
num++; |
425 |
|
|
} |
426 |
|
|
|
427 |
|
|
/* we now have our chain, lets check it... */ |
428 |
|
1492 |
trust = check_trust(ctx); |
429 |
|
|
|
430 |
|
|
/* If explicitly rejected error */ |
431 |
✗✓ |
1492 |
if (trust == X509_TRUST_REJECTED) { |
432 |
|
|
ok = 0; |
433 |
|
|
goto end; |
434 |
|
|
} |
435 |
|
|
/* |
436 |
|
|
* If it's not explicitly trusted then check if there |
437 |
|
|
* is an alternative chain that could be used. We only |
438 |
|
|
* do this if we haven't already checked via |
439 |
|
|
* TRUSTED_FIRST and the user hasn't switched off |
440 |
|
|
* alternate chain checking |
441 |
|
|
*/ |
442 |
|
|
retry = 0; |
443 |
✓✓✓✗
|
1756 |
if (trust != X509_TRUST_TRUSTED && |
444 |
✓✗ |
264 |
!(ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST) && |
445 |
|
264 |
!(ctx->param->flags & X509_V_FLAG_NO_ALT_CHAINS)) { |
446 |
✗✓ |
528 |
while (j-- > 1) { |
447 |
|
|
xtmp2 = sk_X509_value(ctx->chain, j - 1); |
448 |
|
|
ok = ctx->get_issuer(&xtmp, ctx, xtmp2); |
449 |
|
|
if (ok < 0) |
450 |
|
|
goto end; |
451 |
|
|
/* Check if we found an alternate chain */ |
452 |
|
|
if (ok > 0) { |
453 |
|
|
/* |
454 |
|
|
* Free up the found cert |
455 |
|
|
* we'll add it again later |
456 |
|
|
*/ |
457 |
|
|
X509_free(xtmp); |
458 |
|
|
/* |
459 |
|
|
* Dump all the certs above |
460 |
|
|
* this point - we've found an |
461 |
|
|
* alternate chain |
462 |
|
|
*/ |
463 |
|
|
while (num > j) { |
464 |
|
|
xtmp = sk_X509_pop(ctx->chain); |
465 |
|
|
X509_free(xtmp); |
466 |
|
|
num--; |
467 |
|
|
} |
468 |
|
|
ctx->last_untrusted = sk_X509_num(ctx->chain); |
469 |
|
|
retry = 1; |
470 |
|
|
break; |
471 |
|
|
} |
472 |
|
|
} |
473 |
|
|
} |
474 |
✗✓ |
1492 |
} while (retry); |
475 |
|
|
|
476 |
|
|
/* |
477 |
|
|
* If not explicitly trusted then indicate error unless it's a single |
478 |
|
|
* self signed certificate in which case we've indicated an error already |
479 |
|
|
* and set bad_chain == 1 |
480 |
|
|
*/ |
481 |
✓✓ |
1492 |
if (trust != X509_TRUST_TRUSTED && !bad_chain) { |
482 |
✗✓✗✗
|
264 |
if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) { |
483 |
|
264 |
if (ctx->last_untrusted >= num) |
484 |
|
|
ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; |
485 |
|
|
else |
486 |
|
|
ctx->error = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; |
487 |
|
264 |
ctx->current_cert = x; |
488 |
|
264 |
} else { |
489 |
|
|
if (!sk_X509_push(ctx->chain, chain_ss)) { |
490 |
|
|
X509_free(chain_ss); |
491 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
492 |
|
|
return 0; |
493 |
|
|
} |
494 |
|
|
num++; |
495 |
|
|
ctx->last_untrusted = num; |
496 |
|
|
ctx->current_cert = chain_ss; |
497 |
|
|
ctx->error = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; |
498 |
|
|
chain_ss = NULL; |
499 |
|
|
} |
500 |
|
|
|
501 |
|
264 |
ctx->error_depth = num - 1; |
502 |
|
|
bad_chain = 1; |
503 |
|
264 |
ok = cb(0, ctx); |
504 |
✓✓ |
264 |
if (!ok) |
505 |
|
|
goto end; |
506 |
|
|
} |
507 |
|
|
|
508 |
|
|
/* We have the chain complete: now we need to check its purpose */ |
509 |
|
1234 |
ok = check_chain_extensions(ctx); |
510 |
✓✓ |
1234 |
if (!ok) |
511 |
|
|
goto end; |
512 |
|
|
|
513 |
|
|
/* Check name constraints */ |
514 |
|
1232 |
ok = check_name_constraints(ctx); |
515 |
✓✗ |
1232 |
if (!ok) |
516 |
|
|
goto end; |
517 |
|
|
|
518 |
|
1232 |
ok = check_id(ctx); |
519 |
✓✗ |
1232 |
if (!ok) |
520 |
|
|
goto end; |
521 |
|
|
/* |
522 |
|
|
* Check revocation status: we do this after copying parameters because |
523 |
|
|
* they may be needed for CRL signature verification. |
524 |
|
|
*/ |
525 |
|
1232 |
ok = ctx->check_revocation(ctx); |
526 |
✓✗ |
1232 |
if (!ok) |
527 |
|
|
goto end; |
528 |
|
|
|
529 |
|
|
/* At this point, we have a chain and need to verify it */ |
530 |
✓✗ |
1232 |
if (ctx->verify != NULL) |
531 |
|
1232 |
ok = ctx->verify(ctx); |
532 |
|
|
else |
533 |
|
|
ok = internal_verify(ctx); |
534 |
✓✓ |
2464 |
if (!ok) |
535 |
|
|
goto end; |
536 |
|
|
|
537 |
|
|
/* If we get this far evaluate policies */ |
538 |
✗✓ |
2458 |
if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK)) |
539 |
|
|
ok = ctx->check_policy(ctx); |
540 |
|
|
|
541 |
|
|
end: |
542 |
✓✓ |
1492 |
if (sktmp != NULL) |
543 |
|
1299 |
sk_X509_free(sktmp); |
544 |
|
1492 |
X509_free(chain_ss); |
545 |
|
|
|
546 |
|
|
/* Safety net, error returns must set ctx->error */ |
547 |
✓✓✗✓
|
1752 |
if (ok <= 0 && ctx->error == X509_V_OK) |
548 |
|
|
ctx->error = X509_V_ERR_UNSPECIFIED; |
549 |
|
1492 |
return ok; |
550 |
|
1492 |
} |
551 |
|
|
|
552 |
|
|
/* Given a STACK_OF(X509) find the issuer of cert (if any) |
553 |
|
|
*/ |
554 |
|
|
|
555 |
|
|
static X509 * |
556 |
|
|
find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) |
557 |
|
|
{ |
558 |
|
|
int i; |
559 |
|
|
X509 *issuer, *rv = NULL; |
560 |
|
|
|
561 |
✓✓ |
6728 |
for (i = 0; i < sk_X509_num(sk); i++) { |
562 |
|
2545 |
issuer = sk_X509_value(sk, i); |
563 |
✓✓ |
2545 |
if (ctx->check_issued(ctx, x, issuer)) { |
564 |
|
|
rv = issuer; |
565 |
✗✓ |
1200 |
if (x509_check_cert_time(ctx, rv, -1)) |
566 |
|
|
break; |
567 |
|
|
} |
568 |
|
|
} |
569 |
|
1346 |
return rv; |
570 |
|
|
} |
571 |
|
|
|
572 |
|
|
/* Given a possible certificate and issuer check them */ |
573 |
|
|
|
574 |
|
|
static int |
575 |
|
|
check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) |
576 |
|
|
{ |
577 |
|
|
int ret; |
578 |
|
|
|
579 |
|
10136 |
ret = X509_check_issued(issuer, x); |
580 |
✓✓ |
5068 |
if (ret == X509_V_OK) |
581 |
|
3715 |
return 1; |
582 |
|
|
/* If we haven't asked for issuer errors don't set ctx */ |
583 |
✓✓ |
1353 |
if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK)) |
584 |
|
1351 |
return 0; |
585 |
|
|
|
586 |
|
2 |
ctx->error = ret; |
587 |
|
2 |
ctx->current_cert = x; |
588 |
|
2 |
ctx->current_issuer = issuer; |
589 |
|
2 |
return ctx->verify_cb(0, ctx); |
590 |
|
5068 |
} |
591 |
|
|
|
592 |
|
|
/* Alternative lookup method: look from a STACK stored in other_ctx */ |
593 |
|
|
|
594 |
|
|
static int |
595 |
|
|
get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) |
596 |
|
|
{ |
597 |
|
|
*issuer = find_issuer(ctx, ctx->other_ctx, x); |
598 |
|
|
if (*issuer) { |
599 |
|
|
CRYPTO_add(&(*issuer)->references, 1, CRYPTO_LOCK_X509); |
600 |
|
|
return 1; |
601 |
|
|
} else |
602 |
|
|
return 0; |
603 |
|
|
} |
604 |
|
|
|
605 |
|
|
/* Check a certificate chains extensions for consistency |
606 |
|
|
* with the supplied purpose |
607 |
|
|
*/ |
608 |
|
|
|
609 |
|
|
static int |
610 |
|
|
check_chain_extensions(X509_STORE_CTX *ctx) |
611 |
|
|
{ |
612 |
|
|
#ifdef OPENSSL_NO_CHAIN_VERIFY |
613 |
|
|
return 1; |
614 |
|
|
#else |
615 |
|
|
int i, ok = 0, must_be_ca, plen = 0; |
616 |
|
|
X509 *x; |
617 |
|
|
int (*cb)(int xok, X509_STORE_CTX *xctx); |
618 |
|
|
int proxy_path_length = 0; |
619 |
|
|
int purpose; |
620 |
|
|
int allow_proxy_certs; |
621 |
|
|
|
622 |
|
2468 |
cb = ctx->verify_cb; |
623 |
|
|
|
624 |
|
|
/* must_be_ca can have 1 of 3 values: |
625 |
|
|
-1: we accept both CA and non-CA certificates, to allow direct |
626 |
|
|
use of self-signed certificates (which are marked as CA). |
627 |
|
|
0: we only accept non-CA certificates. This is currently not |
628 |
|
|
used, but the possibility is present for future extensions. |
629 |
|
|
1: we only accept CA certificates. This is currently used for |
630 |
|
|
all certificates in the chain except the leaf certificate. |
631 |
|
|
*/ |
632 |
|
|
must_be_ca = -1; |
633 |
|
|
|
634 |
|
|
/* CRL path validation */ |
635 |
✗✓ |
1234 |
if (ctx->parent) { |
636 |
|
|
allow_proxy_certs = 0; |
637 |
|
|
purpose = X509_PURPOSE_CRL_SIGN; |
638 |
|
|
} else { |
639 |
|
|
allow_proxy_certs = |
640 |
|
1234 |
!!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); |
641 |
|
1234 |
purpose = ctx->param->purpose; |
642 |
|
|
} |
643 |
|
|
|
644 |
|
|
/* Check all untrusted certificates */ |
645 |
✓✓ |
5026 |
for (i = 0; i < ctx->last_untrusted; i++) { |
646 |
|
|
int ret; |
647 |
|
1281 |
x = sk_X509_value(ctx->chain, i); |
648 |
✓✗✗✓
|
2562 |
if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) && |
649 |
|
1281 |
(x->ex_flags & EXFLAG_CRITICAL)) { |
650 |
|
|
ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; |
651 |
|
|
ctx->error_depth = i; |
652 |
|
|
ctx->current_cert = x; |
653 |
|
|
ok = cb(0, ctx); |
654 |
|
|
if (!ok) |
655 |
|
|
goto end; |
656 |
|
|
} |
657 |
✓✗✗✓
|
2562 |
if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) { |
658 |
|
|
ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED; |
659 |
|
|
ctx->error_depth = i; |
660 |
|
|
ctx->current_cert = x; |
661 |
|
|
ok = cb(0, ctx); |
662 |
|
|
if (!ok) |
663 |
|
|
goto end; |
664 |
|
|
} |
665 |
|
1281 |
ret = X509_check_ca(x); |
666 |
✓✗✓ |
1281 |
switch (must_be_ca) { |
667 |
|
|
case -1: |
668 |
✗✓ |
3702 |
if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) && |
669 |
|
2468 |
(ret != 1) && (ret != 0)) { |
670 |
|
|
ret = 0; |
671 |
|
|
ctx->error = X509_V_ERR_INVALID_CA; |
672 |
|
|
} else |
673 |
|
|
ret = 1; |
674 |
|
|
break; |
675 |
|
|
case 0: |
676 |
|
|
if (ret != 0) { |
677 |
|
|
ret = 0; |
678 |
|
|
ctx->error = X509_V_ERR_INVALID_NON_CA; |
679 |
|
|
} else |
680 |
|
|
ret = 1; |
681 |
|
|
break; |
682 |
|
|
default: |
683 |
✓✓ |
47 |
if ((ret == 0) || |
684 |
✗✓ |
90 |
((ctx->param->flags & X509_V_FLAG_X509_STRICT) && |
685 |
|
45 |
(ret != 1))) { |
686 |
|
|
ret = 0; |
687 |
|
2 |
ctx->error = X509_V_ERR_INVALID_CA; |
688 |
|
2 |
} else |
689 |
|
|
ret = 1; |
690 |
|
|
break; |
691 |
|
|
} |
692 |
✓✓ |
1281 |
if (ret == 0) { |
693 |
|
2 |
ctx->error_depth = i; |
694 |
|
2 |
ctx->current_cert = x; |
695 |
|
2 |
ok = cb(0, ctx); |
696 |
✓✗ |
2 |
if (!ok) |
697 |
|
2 |
goto end; |
698 |
|
|
} |
699 |
✓✓ |
1279 |
if (ctx->param->purpose > 0) { |
700 |
|
1224 |
ret = X509_check_purpose(x, purpose, must_be_ca > 0); |
701 |
✓✗ |
1224 |
if ((ret == 0) || |
702 |
✗✓ |
2448 |
((ctx->param->flags & X509_V_FLAG_X509_STRICT) && |
703 |
|
1224 |
(ret != 1))) { |
704 |
|
|
ctx->error = X509_V_ERR_INVALID_PURPOSE; |
705 |
|
|
ctx->error_depth = i; |
706 |
|
|
ctx->current_cert = x; |
707 |
|
|
ok = cb(0, ctx); |
708 |
|
|
if (!ok) |
709 |
|
|
goto end; |
710 |
|
|
} |
711 |
|
|
} |
712 |
|
|
/* Check pathlen if not self issued */ |
713 |
✗✓✗✗ ✗✗ |
1279 |
if ((i > 1) && !(x->ex_flags & EXFLAG_SI) && |
714 |
|
|
(x->ex_pathlen != -1) && |
715 |
|
|
(plen > (x->ex_pathlen + proxy_path_length + 1))) { |
716 |
|
|
ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; |
717 |
|
|
ctx->error_depth = i; |
718 |
|
|
ctx->current_cert = x; |
719 |
|
|
ok = cb(0, ctx); |
720 |
|
|
if (!ok) |
721 |
|
|
goto end; |
722 |
|
|
} |
723 |
|
|
/* Increment path length if not self issued */ |
724 |
✓✗ |
1279 |
if (!(x->ex_flags & EXFLAG_SI)) |
725 |
|
1279 |
plen++; |
726 |
|
|
/* If this certificate is a proxy certificate, the next |
727 |
|
|
certificate must be another proxy certificate or a EE |
728 |
|
|
certificate. If not, the next certificate must be a |
729 |
|
|
CA certificate. */ |
730 |
✗✓ |
1279 |
if (x->ex_flags & EXFLAG_PROXY) { |
731 |
|
|
if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) { |
732 |
|
|
ctx->error = |
733 |
|
|
X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; |
734 |
|
|
ctx->error_depth = i; |
735 |
|
|
ctx->current_cert = x; |
736 |
|
|
ok = cb(0, ctx); |
737 |
|
|
if (!ok) |
738 |
|
|
goto end; |
739 |
|
|
} |
740 |
|
|
proxy_path_length++; |
741 |
|
|
must_be_ca = 0; |
742 |
|
|
} else |
743 |
|
|
must_be_ca = 1; |
744 |
✓✓✓ |
1279 |
} |
745 |
|
1232 |
ok = 1; |
746 |
|
|
|
747 |
|
|
end: |
748 |
|
1234 |
return ok; |
749 |
|
|
#endif |
750 |
|
1234 |
} |
751 |
|
|
|
752 |
|
|
static int |
753 |
|
|
check_name_constraints(X509_STORE_CTX *ctx) |
754 |
|
|
{ |
755 |
|
|
X509 *x; |
756 |
|
|
int i, j, rv; |
757 |
|
|
|
758 |
|
|
/* Check name constraints for all certificates */ |
759 |
✓✓ |
8828 |
for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--) { |
760 |
|
2566 |
x = sk_X509_value(ctx->chain, i); |
761 |
|
|
/* Ignore self issued certs unless last in chain */ |
762 |
✓✓✓✓
|
3900 |
if (i && (x->ex_flags & EXFLAG_SI)) |
763 |
|
|
continue; |
764 |
|
|
/* Check against constraints for all certificates higher in |
765 |
|
|
* chain including trust anchor. Trust anchor not strictly |
766 |
|
|
* speaking needed but if it includes constraints it is to be |
767 |
|
|
* assumed it expects them to be obeyed. |
768 |
|
|
*/ |
769 |
✓✓ |
5564 |
for (j = sk_X509_num(ctx->chain) - 1; j > i; j--) { |
770 |
|
1442 |
NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc; |
771 |
✗✓ |
1442 |
if (nc) { |
772 |
|
|
rv = NAME_CONSTRAINTS_check(x, nc); |
773 |
|
|
if (rv != X509_V_OK) { |
774 |
|
|
ctx->error = rv; |
775 |
|
|
ctx->error_depth = i; |
776 |
|
|
ctx->current_cert = x; |
777 |
|
|
if (!ctx->verify_cb(0, ctx)) |
778 |
|
|
return 0; |
779 |
|
|
} |
780 |
|
|
} |
781 |
✓✗ |
1442 |
} |
782 |
|
|
} |
783 |
|
1232 |
return 1; |
784 |
|
1232 |
} |
785 |
|
|
|
786 |
|
|
/* Given a certificate try and find an exact match in the store */ |
787 |
|
|
|
788 |
|
|
static X509 *lookup_cert_match(X509_STORE_CTX *ctx, X509 *x) |
789 |
|
|
{ |
790 |
|
|
STACK_OF(X509) *certs; |
791 |
|
|
X509 *xtmp = NULL; |
792 |
|
|
size_t i; |
793 |
|
|
|
794 |
|
|
/* Lookup all certs with matching subject name */ |
795 |
|
|
certs = ctx->lookup_certs(ctx, X509_get_subject_name(x)); |
796 |
|
|
if (certs == NULL) |
797 |
|
|
return NULL; |
798 |
|
|
|
799 |
|
|
/* Look for exact match */ |
800 |
|
|
for (i = 0; i < sk_X509_num(certs); i++) { |
801 |
|
|
xtmp = sk_X509_value(certs, i); |
802 |
|
|
if (!X509_cmp(xtmp, x)) |
803 |
|
|
break; |
804 |
|
|
} |
805 |
|
|
|
806 |
|
|
if (i < sk_X509_num(certs)) |
807 |
|
|
X509_up_ref(xtmp); |
808 |
|
|
else |
809 |
|
|
xtmp = NULL; |
810 |
|
|
|
811 |
|
|
sk_X509_pop_free(certs, X509_free); |
812 |
|
|
return xtmp; |
813 |
|
|
} |
814 |
|
|
|
815 |
|
|
static int check_trust(X509_STORE_CTX *ctx) |
816 |
|
|
{ |
817 |
|
|
size_t i; |
818 |
|
|
int ok; |
819 |
|
|
X509 *x = NULL; |
820 |
|
|
int (*cb) (int xok, X509_STORE_CTX *xctx); |
821 |
|
|
|
822 |
|
2984 |
cb = ctx->verify_cb; |
823 |
|
|
/* Check all trusted certificates in chain */ |
824 |
✓✓ |
3110 |
for (i = ctx->last_untrusted; i < sk_X509_num(ctx->chain); i++) { |
825 |
|
1291 |
x = sk_X509_value(ctx->chain, i); |
826 |
|
1291 |
ok = X509_check_trust(x, ctx->param->trust, 0); |
827 |
|
|
|
828 |
|
|
/* If explicitly trusted return trusted */ |
829 |
✓✓ |
1291 |
if (ok == X509_TRUST_TRUSTED) |
830 |
|
1228 |
return X509_TRUST_TRUSTED; |
831 |
|
|
/* |
832 |
|
|
* If explicitly rejected notify callback and reject if not |
833 |
|
|
* overridden. |
834 |
|
|
*/ |
835 |
✗✓ |
63 |
if (ok == X509_TRUST_REJECTED) { |
836 |
|
|
ctx->error_depth = i; |
837 |
|
|
ctx->current_cert = x; |
838 |
|
|
ctx->error = X509_V_ERR_CERT_REJECTED; |
839 |
|
|
ok = cb(0, ctx); |
840 |
|
|
if (!ok) |
841 |
|
|
return X509_TRUST_REJECTED; |
842 |
|
|
} |
843 |
|
|
} |
844 |
|
|
/* |
845 |
|
|
* If we accept partial chains and have at least one trusted certificate |
846 |
|
|
* return success. |
847 |
|
|
*/ |
848 |
✗✓ |
264 |
if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) { |
849 |
|
|
X509 *mx; |
850 |
|
|
if (ctx->last_untrusted < (int)sk_X509_num(ctx->chain)) |
851 |
|
|
return X509_TRUST_TRUSTED; |
852 |
|
|
x = sk_X509_value(ctx->chain, 0); |
853 |
|
|
mx = lookup_cert_match(ctx, x); |
854 |
|
|
if (mx) { |
855 |
|
|
(void)sk_X509_set(ctx->chain, 0, mx); |
856 |
|
|
X509_free(x); |
857 |
|
|
ctx->last_untrusted = 0; |
858 |
|
|
return X509_TRUST_TRUSTED; |
859 |
|
|
} |
860 |
|
|
} |
861 |
|
|
|
862 |
|
|
/* |
863 |
|
|
* If no trusted certs in chain at all return untrusted and allow |
864 |
|
|
* standard (no issuer cert) etc errors to be indicated. |
865 |
|
|
*/ |
866 |
|
264 |
return X509_TRUST_UNTRUSTED; |
867 |
|
1492 |
} |
868 |
|
|
|
869 |
|
|
static int |
870 |
|
|
check_revocation(X509_STORE_CTX *ctx) |
871 |
|
|
{ |
872 |
|
|
int i, last, ok; |
873 |
|
|
|
874 |
✓✗ |
2464 |
if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) |
875 |
|
1232 |
return 1; |
876 |
|
|
if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) |
877 |
|
|
last = sk_X509_num(ctx->chain) - 1; |
878 |
|
|
else { |
879 |
|
|
/* If checking CRL paths this isn't the EE certificate */ |
880 |
|
|
if (ctx->parent) |
881 |
|
|
return 1; |
882 |
|
|
last = 0; |
883 |
|
|
} |
884 |
|
|
for (i = 0; i <= last; i++) { |
885 |
|
|
ctx->error_depth = i; |
886 |
|
|
ok = check_cert(ctx); |
887 |
|
|
if (!ok) |
888 |
|
|
return ok; |
889 |
|
|
} |
890 |
|
|
return 1; |
891 |
|
1232 |
} |
892 |
|
|
|
893 |
|
|
static int |
894 |
|
|
check_cert(X509_STORE_CTX *ctx) |
895 |
|
|
{ |
896 |
|
|
X509_CRL *crl = NULL, *dcrl = NULL; |
897 |
|
|
X509 *x; |
898 |
|
|
int ok = 0, cnum; |
899 |
|
|
unsigned int last_reasons; |
900 |
|
|
|
901 |
|
|
cnum = ctx->error_depth; |
902 |
|
|
x = sk_X509_value(ctx->chain, cnum); |
903 |
|
|
ctx->current_cert = x; |
904 |
|
|
ctx->current_issuer = NULL; |
905 |
|
|
ctx->current_crl_score = 0; |
906 |
|
|
ctx->current_reasons = 0; |
907 |
|
|
while (ctx->current_reasons != CRLDP_ALL_REASONS) { |
908 |
|
|
last_reasons = ctx->current_reasons; |
909 |
|
|
/* Try to retrieve relevant CRL */ |
910 |
|
|
if (ctx->get_crl) |
911 |
|
|
ok = ctx->get_crl(ctx, &crl, x); |
912 |
|
|
else |
913 |
|
|
ok = get_crl_delta(ctx, &crl, &dcrl, x); |
914 |
|
|
/* If error looking up CRL, nothing we can do except |
915 |
|
|
* notify callback |
916 |
|
|
*/ |
917 |
|
|
if (!ok) { |
918 |
|
|
ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; |
919 |
|
|
ok = ctx->verify_cb(0, ctx); |
920 |
|
|
goto err; |
921 |
|
|
} |
922 |
|
|
ctx->current_crl = crl; |
923 |
|
|
ok = ctx->check_crl(ctx, crl); |
924 |
|
|
if (!ok) |
925 |
|
|
goto err; |
926 |
|
|
|
927 |
|
|
if (dcrl) { |
928 |
|
|
ok = ctx->check_crl(ctx, dcrl); |
929 |
|
|
if (!ok) |
930 |
|
|
goto err; |
931 |
|
|
ok = ctx->cert_crl(ctx, dcrl, x); |
932 |
|
|
if (!ok) |
933 |
|
|
goto err; |
934 |
|
|
} else |
935 |
|
|
ok = 1; |
936 |
|
|
|
937 |
|
|
/* Don't look in full CRL if delta reason is removefromCRL */ |
938 |
|
|
if (ok != 2) { |
939 |
|
|
ok = ctx->cert_crl(ctx, crl, x); |
940 |
|
|
if (!ok) |
941 |
|
|
goto err; |
942 |
|
|
} |
943 |
|
|
|
944 |
|
|
ctx->current_crl = NULL; |
945 |
|
|
X509_CRL_free(crl); |
946 |
|
|
X509_CRL_free(dcrl); |
947 |
|
|
crl = NULL; |
948 |
|
|
dcrl = NULL; |
949 |
|
|
/* If reasons not updated we wont get anywhere by |
950 |
|
|
* another iteration, so exit loop. |
951 |
|
|
*/ |
952 |
|
|
if (last_reasons == ctx->current_reasons) { |
953 |
|
|
ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; |
954 |
|
|
ok = ctx->verify_cb(0, ctx); |
955 |
|
|
goto err; |
956 |
|
|
} |
957 |
|
|
} |
958 |
|
|
|
959 |
|
|
err: |
960 |
|
|
ctx->current_crl = NULL; |
961 |
|
|
X509_CRL_free(crl); |
962 |
|
|
X509_CRL_free(dcrl); |
963 |
|
|
return ok; |
964 |
|
|
} |
965 |
|
|
|
966 |
|
|
/* Check CRL times against values in X509_STORE_CTX */ |
967 |
|
|
|
968 |
|
|
static int |
969 |
|
|
check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) |
970 |
|
|
{ |
971 |
|
|
time_t *ptime = NULL; |
972 |
|
|
int i; |
973 |
|
|
|
974 |
|
|
if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME) |
975 |
|
|
return (1); |
976 |
|
|
|
977 |
|
|
if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) |
978 |
|
|
ptime = &ctx->param->check_time; |
979 |
|
|
|
980 |
|
|
if (notify) |
981 |
|
|
ctx->current_crl = crl; |
982 |
|
|
|
983 |
|
|
i = X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); |
984 |
|
|
if (i == 0) { |
985 |
|
|
if (!notify) |
986 |
|
|
return 0; |
987 |
|
|
ctx->error = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; |
988 |
|
|
if (!ctx->verify_cb(0, ctx)) |
989 |
|
|
return 0; |
990 |
|
|
} |
991 |
|
|
|
992 |
|
|
if (i > 0) { |
993 |
|
|
if (!notify) |
994 |
|
|
return 0; |
995 |
|
|
ctx->error = X509_V_ERR_CRL_NOT_YET_VALID; |
996 |
|
|
if (!ctx->verify_cb(0, ctx)) |
997 |
|
|
return 0; |
998 |
|
|
} |
999 |
|
|
|
1000 |
|
|
if (X509_CRL_get_nextUpdate(crl)) { |
1001 |
|
|
i = X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); |
1002 |
|
|
|
1003 |
|
|
if (i == 0) { |
1004 |
|
|
if (!notify) |
1005 |
|
|
return 0; |
1006 |
|
|
ctx->error = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; |
1007 |
|
|
if (!ctx->verify_cb(0, ctx)) |
1008 |
|
|
return 0; |
1009 |
|
|
} |
1010 |
|
|
/* Ignore expiry of base CRL is delta is valid */ |
1011 |
|
|
if ((i < 0) && |
1012 |
|
|
!(ctx->current_crl_score & CRL_SCORE_TIME_DELTA)) { |
1013 |
|
|
if (!notify) |
1014 |
|
|
return 0; |
1015 |
|
|
ctx->error = X509_V_ERR_CRL_HAS_EXPIRED; |
1016 |
|
|
if (!ctx->verify_cb(0, ctx)) |
1017 |
|
|
return 0; |
1018 |
|
|
} |
1019 |
|
|
} |
1020 |
|
|
|
1021 |
|
|
if (notify) |
1022 |
|
|
ctx->current_crl = NULL; |
1023 |
|
|
|
1024 |
|
|
return 1; |
1025 |
|
|
} |
1026 |
|
|
|
1027 |
|
|
static int |
1028 |
|
|
get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, |
1029 |
|
|
X509 **pissuer, int *pscore, unsigned int *preasons, |
1030 |
|
|
STACK_OF(X509_CRL) *crls) |
1031 |
|
|
{ |
1032 |
|
|
int i, crl_score, best_score = *pscore; |
1033 |
|
|
unsigned int reasons, best_reasons = 0; |
1034 |
|
|
X509 *x = ctx->current_cert; |
1035 |
|
|
X509_CRL *crl, *best_crl = NULL; |
1036 |
|
|
X509 *crl_issuer = NULL, *best_crl_issuer = NULL; |
1037 |
|
|
|
1038 |
|
|
for (i = 0; i < sk_X509_CRL_num(crls); i++) { |
1039 |
|
|
crl = sk_X509_CRL_value(crls, i); |
1040 |
|
|
reasons = *preasons; |
1041 |
|
|
crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x); |
1042 |
|
|
|
1043 |
|
|
if (crl_score > best_score) { |
1044 |
|
|
best_crl = crl; |
1045 |
|
|
best_crl_issuer = crl_issuer; |
1046 |
|
|
best_score = crl_score; |
1047 |
|
|
best_reasons = reasons; |
1048 |
|
|
} |
1049 |
|
|
} |
1050 |
|
|
|
1051 |
|
|
if (best_crl) { |
1052 |
|
|
if (*pcrl) |
1053 |
|
|
X509_CRL_free(*pcrl); |
1054 |
|
|
*pcrl = best_crl; |
1055 |
|
|
*pissuer = best_crl_issuer; |
1056 |
|
|
*pscore = best_score; |
1057 |
|
|
*preasons = best_reasons; |
1058 |
|
|
CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL); |
1059 |
|
|
if (*pdcrl) { |
1060 |
|
|
X509_CRL_free(*pdcrl); |
1061 |
|
|
*pdcrl = NULL; |
1062 |
|
|
} |
1063 |
|
|
get_delta_sk(ctx, pdcrl, pscore, best_crl, crls); |
1064 |
|
|
} |
1065 |
|
|
|
1066 |
|
|
if (best_score >= CRL_SCORE_VALID) |
1067 |
|
|
return 1; |
1068 |
|
|
|
1069 |
|
|
return 0; |
1070 |
|
|
} |
1071 |
|
|
|
1072 |
|
|
/* Compare two CRL extensions for delta checking purposes. They should be |
1073 |
|
|
* both present or both absent. If both present all fields must be identical. |
1074 |
|
|
*/ |
1075 |
|
|
|
1076 |
|
|
static int |
1077 |
|
|
crl_extension_match(X509_CRL *a, X509_CRL *b, int nid) |
1078 |
|
|
{ |
1079 |
|
|
ASN1_OCTET_STRING *exta, *extb; |
1080 |
|
|
int i; |
1081 |
|
|
|
1082 |
|
|
i = X509_CRL_get_ext_by_NID(a, nid, -1); |
1083 |
|
|
if (i >= 0) { |
1084 |
|
|
/* Can't have multiple occurrences */ |
1085 |
|
|
if (X509_CRL_get_ext_by_NID(a, nid, i) != -1) |
1086 |
|
|
return 0; |
1087 |
|
|
exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i)); |
1088 |
|
|
} else |
1089 |
|
|
exta = NULL; |
1090 |
|
|
|
1091 |
|
|
i = X509_CRL_get_ext_by_NID(b, nid, -1); |
1092 |
|
|
|
1093 |
|
|
if (i >= 0) { |
1094 |
|
|
if (X509_CRL_get_ext_by_NID(b, nid, i) != -1) |
1095 |
|
|
return 0; |
1096 |
|
|
extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i)); |
1097 |
|
|
} else |
1098 |
|
|
extb = NULL; |
1099 |
|
|
|
1100 |
|
|
if (!exta && !extb) |
1101 |
|
|
return 1; |
1102 |
|
|
|
1103 |
|
|
if (!exta || !extb) |
1104 |
|
|
return 0; |
1105 |
|
|
|
1106 |
|
|
if (ASN1_OCTET_STRING_cmp(exta, extb)) |
1107 |
|
|
return 0; |
1108 |
|
|
|
1109 |
|
|
return 1; |
1110 |
|
|
} |
1111 |
|
|
|
1112 |
|
|
/* See if a base and delta are compatible */ |
1113 |
|
|
|
1114 |
|
|
static int |
1115 |
|
|
check_delta_base(X509_CRL *delta, X509_CRL *base) |
1116 |
|
|
{ |
1117 |
|
|
/* Delta CRL must be a delta */ |
1118 |
|
|
if (!delta->base_crl_number) |
1119 |
|
|
return 0; |
1120 |
|
|
/* Base must have a CRL number */ |
1121 |
|
|
if (!base->crl_number) |
1122 |
|
|
return 0; |
1123 |
|
|
/* Issuer names must match */ |
1124 |
|
|
if (X509_NAME_cmp(X509_CRL_get_issuer(base), |
1125 |
|
|
X509_CRL_get_issuer(delta))) |
1126 |
|
|
return 0; |
1127 |
|
|
/* AKID and IDP must match */ |
1128 |
|
|
if (!crl_extension_match(delta, base, NID_authority_key_identifier)) |
1129 |
|
|
return 0; |
1130 |
|
|
if (!crl_extension_match(delta, base, NID_issuing_distribution_point)) |
1131 |
|
|
return 0; |
1132 |
|
|
/* Delta CRL base number must not exceed Full CRL number. */ |
1133 |
|
|
if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0) |
1134 |
|
|
return 0; |
1135 |
|
|
/* Delta CRL number must exceed full CRL number */ |
1136 |
|
|
if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0) |
1137 |
|
|
return 1; |
1138 |
|
|
return 0; |
1139 |
|
|
} |
1140 |
|
|
|
1141 |
|
|
/* For a given base CRL find a delta... maybe extend to delta scoring |
1142 |
|
|
* or retrieve a chain of deltas... |
1143 |
|
|
*/ |
1144 |
|
|
|
1145 |
|
|
static void |
1146 |
|
|
get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore, X509_CRL *base, |
1147 |
|
|
STACK_OF(X509_CRL) *crls) |
1148 |
|
|
{ |
1149 |
|
|
X509_CRL *delta; |
1150 |
|
|
int i; |
1151 |
|
|
|
1152 |
|
|
if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS)) |
1153 |
|
|
return; |
1154 |
|
|
if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST)) |
1155 |
|
|
return; |
1156 |
|
|
for (i = 0; i < sk_X509_CRL_num(crls); i++) { |
1157 |
|
|
delta = sk_X509_CRL_value(crls, i); |
1158 |
|
|
if (check_delta_base(delta, base)) { |
1159 |
|
|
if (check_crl_time(ctx, delta, 0)) |
1160 |
|
|
*pscore |= CRL_SCORE_TIME_DELTA; |
1161 |
|
|
CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL); |
1162 |
|
|
*dcrl = delta; |
1163 |
|
|
return; |
1164 |
|
|
} |
1165 |
|
|
} |
1166 |
|
|
*dcrl = NULL; |
1167 |
|
|
} |
1168 |
|
|
|
1169 |
|
|
/* For a given CRL return how suitable it is for the supplied certificate 'x'. |
1170 |
|
|
* The return value is a mask of several criteria. |
1171 |
|
|
* If the issuer is not the certificate issuer this is returned in *pissuer. |
1172 |
|
|
* The reasons mask is also used to determine if the CRL is suitable: if |
1173 |
|
|
* no new reasons the CRL is rejected, otherwise reasons is updated. |
1174 |
|
|
*/ |
1175 |
|
|
|
1176 |
|
|
static int |
1177 |
|
|
get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, unsigned int *preasons, |
1178 |
|
|
X509_CRL *crl, X509 *x) |
1179 |
|
|
{ |
1180 |
|
|
int crl_score = 0; |
1181 |
|
|
unsigned int tmp_reasons = *preasons, crl_reasons; |
1182 |
|
|
|
1183 |
|
|
/* First see if we can reject CRL straight away */ |
1184 |
|
|
|
1185 |
|
|
/* Invalid IDP cannot be processed */ |
1186 |
|
|
if (crl->idp_flags & IDP_INVALID) |
1187 |
|
|
return 0; |
1188 |
|
|
/* Reason codes or indirect CRLs need extended CRL support */ |
1189 |
|
|
if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) { |
1190 |
|
|
if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS)) |
1191 |
|
|
return 0; |
1192 |
|
|
} else if (crl->idp_flags & IDP_REASONS) { |
1193 |
|
|
/* If no new reasons reject */ |
1194 |
|
|
if (!(crl->idp_reasons & ~tmp_reasons)) |
1195 |
|
|
return 0; |
1196 |
|
|
} |
1197 |
|
|
/* Don't process deltas at this stage */ |
1198 |
|
|
else if (crl->base_crl_number) |
1199 |
|
|
return 0; |
1200 |
|
|
/* If issuer name doesn't match certificate need indirect CRL */ |
1201 |
|
|
if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl))) { |
1202 |
|
|
if (!(crl->idp_flags & IDP_INDIRECT)) |
1203 |
|
|
return 0; |
1204 |
|
|
} else |
1205 |
|
|
crl_score |= CRL_SCORE_ISSUER_NAME; |
1206 |
|
|
|
1207 |
|
|
if (!(crl->flags & EXFLAG_CRITICAL)) |
1208 |
|
|
crl_score |= CRL_SCORE_NOCRITICAL; |
1209 |
|
|
|
1210 |
|
|
/* Check expiry */ |
1211 |
|
|
if (check_crl_time(ctx, crl, 0)) |
1212 |
|
|
crl_score |= CRL_SCORE_TIME; |
1213 |
|
|
|
1214 |
|
|
/* Check authority key ID and locate certificate issuer */ |
1215 |
|
|
crl_akid_check(ctx, crl, pissuer, &crl_score); |
1216 |
|
|
|
1217 |
|
|
/* If we can't locate certificate issuer at this point forget it */ |
1218 |
|
|
|
1219 |
|
|
if (!(crl_score & CRL_SCORE_AKID)) |
1220 |
|
|
return 0; |
1221 |
|
|
|
1222 |
|
|
/* Check cert for matching CRL distribution points */ |
1223 |
|
|
|
1224 |
|
|
if (crl_crldp_check(x, crl, crl_score, &crl_reasons)) { |
1225 |
|
|
/* If no new reasons reject */ |
1226 |
|
|
if (!(crl_reasons & ~tmp_reasons)) |
1227 |
|
|
return 0; |
1228 |
|
|
tmp_reasons |= crl_reasons; |
1229 |
|
|
crl_score |= CRL_SCORE_SCOPE; |
1230 |
|
|
} |
1231 |
|
|
|
1232 |
|
|
*preasons = tmp_reasons; |
1233 |
|
|
|
1234 |
|
|
return crl_score; |
1235 |
|
|
} |
1236 |
|
|
|
1237 |
|
|
static void |
1238 |
|
|
crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl, X509 **pissuer, |
1239 |
|
|
int *pcrl_score) |
1240 |
|
|
{ |
1241 |
|
|
X509 *crl_issuer = NULL; |
1242 |
|
|
X509_NAME *cnm = X509_CRL_get_issuer(crl); |
1243 |
|
|
int cidx = ctx->error_depth; |
1244 |
|
|
int i; |
1245 |
|
|
|
1246 |
|
|
if (cidx != sk_X509_num(ctx->chain) - 1) |
1247 |
|
|
cidx++; |
1248 |
|
|
|
1249 |
|
|
crl_issuer = sk_X509_value(ctx->chain, cidx); |
1250 |
|
|
|
1251 |
|
|
if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) { |
1252 |
|
|
if (*pcrl_score & CRL_SCORE_ISSUER_NAME) { |
1253 |
|
|
*pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_ISSUER_CERT; |
1254 |
|
|
*pissuer = crl_issuer; |
1255 |
|
|
return; |
1256 |
|
|
} |
1257 |
|
|
} |
1258 |
|
|
|
1259 |
|
|
for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++) { |
1260 |
|
|
crl_issuer = sk_X509_value(ctx->chain, cidx); |
1261 |
|
|
if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)) |
1262 |
|
|
continue; |
1263 |
|
|
if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) { |
1264 |
|
|
*pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_SAME_PATH; |
1265 |
|
|
*pissuer = crl_issuer; |
1266 |
|
|
return; |
1267 |
|
|
} |
1268 |
|
|
} |
1269 |
|
|
|
1270 |
|
|
/* Anything else needs extended CRL support */ |
1271 |
|
|
|
1272 |
|
|
if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT)) |
1273 |
|
|
return; |
1274 |
|
|
|
1275 |
|
|
/* Otherwise the CRL issuer is not on the path. Look for it in the |
1276 |
|
|
* set of untrusted certificates. |
1277 |
|
|
*/ |
1278 |
|
|
for (i = 0; i < sk_X509_num(ctx->untrusted); i++) { |
1279 |
|
|
crl_issuer = sk_X509_value(ctx->untrusted, i); |
1280 |
|
|
if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm)) |
1281 |
|
|
continue; |
1282 |
|
|
if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK) { |
1283 |
|
|
*pissuer = crl_issuer; |
1284 |
|
|
*pcrl_score |= CRL_SCORE_AKID; |
1285 |
|
|
return; |
1286 |
|
|
} |
1287 |
|
|
} |
1288 |
|
|
} |
1289 |
|
|
|
1290 |
|
|
/* Check the path of a CRL issuer certificate. This creates a new |
1291 |
|
|
* X509_STORE_CTX and populates it with most of the parameters from the |
1292 |
|
|
* parent. This could be optimised somewhat since a lot of path checking |
1293 |
|
|
* will be duplicated by the parent, but this will rarely be used in |
1294 |
|
|
* practice. |
1295 |
|
|
*/ |
1296 |
|
|
|
1297 |
|
|
static int |
1298 |
|
|
check_crl_path(X509_STORE_CTX *ctx, X509 *x) |
1299 |
|
|
{ |
1300 |
|
|
X509_STORE_CTX crl_ctx; |
1301 |
|
|
int ret; |
1302 |
|
|
|
1303 |
|
|
/* Don't allow recursive CRL path validation */ |
1304 |
|
|
if (ctx->parent) |
1305 |
|
|
return 0; |
1306 |
|
|
if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted)) { |
1307 |
|
|
ret = -1; |
1308 |
|
|
goto err; |
1309 |
|
|
} |
1310 |
|
|
|
1311 |
|
|
crl_ctx.crls = ctx->crls; |
1312 |
|
|
/* Copy verify params across */ |
1313 |
|
|
X509_STORE_CTX_set0_param(&crl_ctx, ctx->param); |
1314 |
|
|
|
1315 |
|
|
crl_ctx.parent = ctx; |
1316 |
|
|
crl_ctx.verify_cb = ctx->verify_cb; |
1317 |
|
|
|
1318 |
|
|
/* Verify CRL issuer */ |
1319 |
|
|
ret = X509_verify_cert(&crl_ctx); |
1320 |
|
|
|
1321 |
|
|
if (ret <= 0) |
1322 |
|
|
goto err; |
1323 |
|
|
|
1324 |
|
|
/* Check chain is acceptable */ |
1325 |
|
|
ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain); |
1326 |
|
|
|
1327 |
|
|
err: |
1328 |
|
|
X509_STORE_CTX_cleanup(&crl_ctx); |
1329 |
|
|
return ret; |
1330 |
|
|
} |
1331 |
|
|
|
1332 |
|
|
/* RFC3280 says nothing about the relationship between CRL path |
1333 |
|
|
* and certificate path, which could lead to situations where a |
1334 |
|
|
* certificate could be revoked or validated by a CA not authorised |
1335 |
|
|
* to do so. RFC5280 is more strict and states that the two paths must |
1336 |
|
|
* end in the same trust anchor, though some discussions remain... |
1337 |
|
|
* until this is resolved we use the RFC5280 version |
1338 |
|
|
*/ |
1339 |
|
|
|
1340 |
|
|
static int |
1341 |
|
|
check_crl_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *cert_path, |
1342 |
|
|
STACK_OF(X509) *crl_path) |
1343 |
|
|
{ |
1344 |
|
|
X509 *cert_ta, *crl_ta; |
1345 |
|
|
|
1346 |
|
|
cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1); |
1347 |
|
|
crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1); |
1348 |
|
|
if (!X509_cmp(cert_ta, crl_ta)) |
1349 |
|
|
return 1; |
1350 |
|
|
return 0; |
1351 |
|
|
} |
1352 |
|
|
|
1353 |
|
|
/* Check for match between two dist point names: three separate cases. |
1354 |
|
|
* 1. Both are relative names and compare X509_NAME types. |
1355 |
|
|
* 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES. |
1356 |
|
|
* 3. Both are full names and compare two GENERAL_NAMES. |
1357 |
|
|
* 4. One is NULL: automatic match. |
1358 |
|
|
*/ |
1359 |
|
|
|
1360 |
|
|
static int |
1361 |
|
|
idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b) |
1362 |
|
|
{ |
1363 |
|
|
X509_NAME *nm = NULL; |
1364 |
|
|
GENERAL_NAMES *gens = NULL; |
1365 |
|
|
GENERAL_NAME *gena, *genb; |
1366 |
|
|
int i, j; |
1367 |
|
|
|
1368 |
|
|
if (!a || !b) |
1369 |
|
|
return 1; |
1370 |
|
|
if (a->type == 1) { |
1371 |
|
|
if (!a->dpname) |
1372 |
|
|
return 0; |
1373 |
|
|
/* Case 1: two X509_NAME */ |
1374 |
|
|
if (b->type == 1) { |
1375 |
|
|
if (!b->dpname) |
1376 |
|
|
return 0; |
1377 |
|
|
if (!X509_NAME_cmp(a->dpname, b->dpname)) |
1378 |
|
|
return 1; |
1379 |
|
|
else |
1380 |
|
|
return 0; |
1381 |
|
|
} |
1382 |
|
|
/* Case 2: set name and GENERAL_NAMES appropriately */ |
1383 |
|
|
nm = a->dpname; |
1384 |
|
|
gens = b->name.fullname; |
1385 |
|
|
} else if (b->type == 1) { |
1386 |
|
|
if (!b->dpname) |
1387 |
|
|
return 0; |
1388 |
|
|
/* Case 2: set name and GENERAL_NAMES appropriately */ |
1389 |
|
|
gens = a->name.fullname; |
1390 |
|
|
nm = b->dpname; |
1391 |
|
|
} |
1392 |
|
|
|
1393 |
|
|
/* Handle case 2 with one GENERAL_NAMES and one X509_NAME */ |
1394 |
|
|
if (nm) { |
1395 |
|
|
for (i = 0; i < sk_GENERAL_NAME_num(gens); i++) { |
1396 |
|
|
gena = sk_GENERAL_NAME_value(gens, i); |
1397 |
|
|
if (gena->type != GEN_DIRNAME) |
1398 |
|
|
continue; |
1399 |
|
|
if (!X509_NAME_cmp(nm, gena->d.directoryName)) |
1400 |
|
|
return 1; |
1401 |
|
|
} |
1402 |
|
|
return 0; |
1403 |
|
|
} |
1404 |
|
|
|
1405 |
|
|
/* Else case 3: two GENERAL_NAMES */ |
1406 |
|
|
|
1407 |
|
|
for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++) { |
1408 |
|
|
gena = sk_GENERAL_NAME_value(a->name.fullname, i); |
1409 |
|
|
for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++) { |
1410 |
|
|
genb = sk_GENERAL_NAME_value(b->name.fullname, j); |
1411 |
|
|
if (!GENERAL_NAME_cmp(gena, genb)) |
1412 |
|
|
return 1; |
1413 |
|
|
} |
1414 |
|
|
} |
1415 |
|
|
|
1416 |
|
|
return 0; |
1417 |
|
|
} |
1418 |
|
|
|
1419 |
|
|
static int |
1420 |
|
|
crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score) |
1421 |
|
|
{ |
1422 |
|
|
int i; |
1423 |
|
|
X509_NAME *nm = X509_CRL_get_issuer(crl); |
1424 |
|
|
|
1425 |
|
|
/* If no CRLissuer return is successful iff don't need a match */ |
1426 |
|
|
if (!dp->CRLissuer) |
1427 |
|
|
return !!(crl_score & CRL_SCORE_ISSUER_NAME); |
1428 |
|
|
for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++) { |
1429 |
|
|
GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i); |
1430 |
|
|
if (gen->type != GEN_DIRNAME) |
1431 |
|
|
continue; |
1432 |
|
|
if (!X509_NAME_cmp(gen->d.directoryName, nm)) |
1433 |
|
|
return 1; |
1434 |
|
|
} |
1435 |
|
|
return 0; |
1436 |
|
|
} |
1437 |
|
|
|
1438 |
|
|
/* Check CRLDP and IDP */ |
1439 |
|
|
|
1440 |
|
|
static int |
1441 |
|
|
crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score, unsigned int *preasons) |
1442 |
|
|
{ |
1443 |
|
|
int i; |
1444 |
|
|
|
1445 |
|
|
if (crl->idp_flags & IDP_ONLYATTR) |
1446 |
|
|
return 0; |
1447 |
|
|
if (x->ex_flags & EXFLAG_CA) { |
1448 |
|
|
if (crl->idp_flags & IDP_ONLYUSER) |
1449 |
|
|
return 0; |
1450 |
|
|
} else { |
1451 |
|
|
if (crl->idp_flags & IDP_ONLYCA) |
1452 |
|
|
return 0; |
1453 |
|
|
} |
1454 |
|
|
*preasons = crl->idp_reasons; |
1455 |
|
|
for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++) { |
1456 |
|
|
DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i); |
1457 |
|
|
if (crldp_check_crlissuer(dp, crl, crl_score)) { |
1458 |
|
|
if (!crl->idp || |
1459 |
|
|
idp_check_dp(dp->distpoint, crl->idp->distpoint)) { |
1460 |
|
|
*preasons &= dp->dp_reasons; |
1461 |
|
|
return 1; |
1462 |
|
|
} |
1463 |
|
|
} |
1464 |
|
|
} |
1465 |
|
|
if ((!crl->idp || !crl->idp->distpoint) && |
1466 |
|
|
(crl_score & CRL_SCORE_ISSUER_NAME)) |
1467 |
|
|
return 1; |
1468 |
|
|
return 0; |
1469 |
|
|
} |
1470 |
|
|
|
1471 |
|
|
/* Retrieve CRL corresponding to current certificate. |
1472 |
|
|
* If deltas enabled try to find a delta CRL too |
1473 |
|
|
*/ |
1474 |
|
|
|
1475 |
|
|
static int |
1476 |
|
|
get_crl_delta(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x) |
1477 |
|
|
{ |
1478 |
|
|
int ok; |
1479 |
|
|
X509 *issuer = NULL; |
1480 |
|
|
int crl_score = 0; |
1481 |
|
|
unsigned int reasons; |
1482 |
|
|
X509_CRL *crl = NULL, *dcrl = NULL; |
1483 |
|
|
STACK_OF(X509_CRL) *skcrl; |
1484 |
|
|
X509_NAME *nm = X509_get_issuer_name(x); |
1485 |
|
|
|
1486 |
|
|
reasons = ctx->current_reasons; |
1487 |
|
|
ok = get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, |
1488 |
|
|
ctx->crls); |
1489 |
|
|
if (ok) |
1490 |
|
|
goto done; |
1491 |
|
|
|
1492 |
|
|
/* Lookup CRLs from store */ |
1493 |
|
|
skcrl = ctx->lookup_crls(ctx, nm); |
1494 |
|
|
|
1495 |
|
|
/* If no CRLs found and a near match from get_crl_sk use that */ |
1496 |
|
|
if (!skcrl && crl) |
1497 |
|
|
goto done; |
1498 |
|
|
|
1499 |
|
|
get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl); |
1500 |
|
|
|
1501 |
|
|
sk_X509_CRL_pop_free(skcrl, X509_CRL_free); |
1502 |
|
|
|
1503 |
|
|
done: |
1504 |
|
|
|
1505 |
|
|
/* If we got any kind of CRL use it and return success */ |
1506 |
|
|
if (crl) { |
1507 |
|
|
ctx->current_issuer = issuer; |
1508 |
|
|
ctx->current_crl_score = crl_score; |
1509 |
|
|
ctx->current_reasons = reasons; |
1510 |
|
|
*pcrl = crl; |
1511 |
|
|
*pdcrl = dcrl; |
1512 |
|
|
return 1; |
1513 |
|
|
} |
1514 |
|
|
|
1515 |
|
|
return 0; |
1516 |
|
|
} |
1517 |
|
|
|
1518 |
|
|
/* Check CRL validity */ |
1519 |
|
|
static int |
1520 |
|
|
check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) |
1521 |
|
|
{ |
1522 |
|
|
X509 *issuer = NULL; |
1523 |
|
|
EVP_PKEY *ikey = NULL; |
1524 |
|
|
int ok = 0, chnum, cnum; |
1525 |
|
|
|
1526 |
|
|
cnum = ctx->error_depth; |
1527 |
|
|
chnum = sk_X509_num(ctx->chain) - 1; |
1528 |
|
|
/* if we have an alternative CRL issuer cert use that */ |
1529 |
|
|
if (ctx->current_issuer) { |
1530 |
|
|
issuer = ctx->current_issuer; |
1531 |
|
|
} else if (cnum < chnum) { |
1532 |
|
|
/* Else find CRL issuer: if not last certificate then issuer |
1533 |
|
|
* is next certificate in chain. |
1534 |
|
|
*/ |
1535 |
|
|
issuer = sk_X509_value(ctx->chain, cnum + 1); |
1536 |
|
|
} else { |
1537 |
|
|
issuer = sk_X509_value(ctx->chain, chnum); |
1538 |
|
|
/* If not self signed, can't check signature */ |
1539 |
|
|
if (!ctx->check_issued(ctx, issuer, issuer)) { |
1540 |
|
|
ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER; |
1541 |
|
|
ok = ctx->verify_cb(0, ctx); |
1542 |
|
|
if (!ok) |
1543 |
|
|
goto err; |
1544 |
|
|
} |
1545 |
|
|
} |
1546 |
|
|
|
1547 |
|
|
if (issuer) { |
1548 |
|
|
/* Skip most tests for deltas because they have already |
1549 |
|
|
* been done |
1550 |
|
|
*/ |
1551 |
|
|
if (!crl->base_crl_number) { |
1552 |
|
|
/* Check for cRLSign bit if keyUsage present */ |
1553 |
|
|
if ((issuer->ex_flags & EXFLAG_KUSAGE) && |
1554 |
|
|
!(issuer->ex_kusage & KU_CRL_SIGN)) { |
1555 |
|
|
ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN; |
1556 |
|
|
ok = ctx->verify_cb(0, ctx); |
1557 |
|
|
if (!ok) |
1558 |
|
|
goto err; |
1559 |
|
|
} |
1560 |
|
|
|
1561 |
|
|
if (!(ctx->current_crl_score & CRL_SCORE_SCOPE)) { |
1562 |
|
|
ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE; |
1563 |
|
|
ok = ctx->verify_cb(0, ctx); |
1564 |
|
|
if (!ok) |
1565 |
|
|
goto err; |
1566 |
|
|
} |
1567 |
|
|
|
1568 |
|
|
if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH)) { |
1569 |
|
|
if (check_crl_path(ctx, |
1570 |
|
|
ctx->current_issuer) <= 0) { |
1571 |
|
|
ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR; |
1572 |
|
|
ok = ctx->verify_cb(0, ctx); |
1573 |
|
|
if (!ok) |
1574 |
|
|
goto err; |
1575 |
|
|
} |
1576 |
|
|
} |
1577 |
|
|
|
1578 |
|
|
if (crl->idp_flags & IDP_INVALID) { |
1579 |
|
|
ctx->error = X509_V_ERR_INVALID_EXTENSION; |
1580 |
|
|
ok = ctx->verify_cb(0, ctx); |
1581 |
|
|
if (!ok) |
1582 |
|
|
goto err; |
1583 |
|
|
} |
1584 |
|
|
|
1585 |
|
|
|
1586 |
|
|
} |
1587 |
|
|
|
1588 |
|
|
if (!(ctx->current_crl_score & CRL_SCORE_TIME)) { |
1589 |
|
|
ok = check_crl_time(ctx, crl, 1); |
1590 |
|
|
if (!ok) |
1591 |
|
|
goto err; |
1592 |
|
|
} |
1593 |
|
|
|
1594 |
|
|
/* Attempt to get issuer certificate public key */ |
1595 |
|
|
ikey = X509_get_pubkey(issuer); |
1596 |
|
|
|
1597 |
|
|
if (!ikey) { |
1598 |
|
|
ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; |
1599 |
|
|
ok = ctx->verify_cb(0, ctx); |
1600 |
|
|
if (!ok) |
1601 |
|
|
goto err; |
1602 |
|
|
} else { |
1603 |
|
|
/* Verify CRL signature */ |
1604 |
|
|
if (X509_CRL_verify(crl, ikey) <= 0) { |
1605 |
|
|
ctx->error = X509_V_ERR_CRL_SIGNATURE_FAILURE; |
1606 |
|
|
ok = ctx->verify_cb(0, ctx); |
1607 |
|
|
if (!ok) |
1608 |
|
|
goto err; |
1609 |
|
|
} |
1610 |
|
|
} |
1611 |
|
|
} |
1612 |
|
|
|
1613 |
|
|
ok = 1; |
1614 |
|
|
|
1615 |
|
|
err: |
1616 |
|
|
EVP_PKEY_free(ikey); |
1617 |
|
|
return ok; |
1618 |
|
|
} |
1619 |
|
|
|
1620 |
|
|
/* Check certificate against CRL */ |
1621 |
|
|
static int |
1622 |
|
|
cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) |
1623 |
|
|
{ |
1624 |
|
|
int ok; |
1625 |
|
|
X509_REVOKED *rev; |
1626 |
|
|
|
1627 |
|
|
/* The rules changed for this... previously if a CRL contained |
1628 |
|
|
* unhandled critical extensions it could still be used to indicate |
1629 |
|
|
* a certificate was revoked. This has since been changed since |
1630 |
|
|
* critical extension can change the meaning of CRL entries. |
1631 |
|
|
*/ |
1632 |
|
|
if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) && |
1633 |
|
|
(crl->flags & EXFLAG_CRITICAL)) { |
1634 |
|
|
ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION; |
1635 |
|
|
ok = ctx->verify_cb(0, ctx); |
1636 |
|
|
if (!ok) |
1637 |
|
|
return 0; |
1638 |
|
|
} |
1639 |
|
|
/* Look for serial number of certificate in CRL |
1640 |
|
|
* If found make sure reason is not removeFromCRL. |
1641 |
|
|
*/ |
1642 |
|
|
if (X509_CRL_get0_by_cert(crl, &rev, x)) { |
1643 |
|
|
if (rev->reason == CRL_REASON_REMOVE_FROM_CRL) |
1644 |
|
|
return 2; |
1645 |
|
|
ctx->error = X509_V_ERR_CERT_REVOKED; |
1646 |
|
|
ok = ctx->verify_cb(0, ctx); |
1647 |
|
|
if (!ok) |
1648 |
|
|
return 0; |
1649 |
|
|
} |
1650 |
|
|
|
1651 |
|
|
return 1; |
1652 |
|
|
} |
1653 |
|
|
|
1654 |
|
|
static int |
1655 |
|
|
check_policy(X509_STORE_CTX *ctx) |
1656 |
|
|
{ |
1657 |
|
|
int ret; |
1658 |
|
|
|
1659 |
|
|
if (ctx->parent) |
1660 |
|
|
return 1; |
1661 |
|
|
ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, |
1662 |
|
|
ctx->param->policies, ctx->param->flags); |
1663 |
|
|
if (ret == 0) { |
1664 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
1665 |
|
|
return 0; |
1666 |
|
|
} |
1667 |
|
|
/* Invalid or inconsistent extensions */ |
1668 |
|
|
if (ret == -1) { |
1669 |
|
|
/* Locate certificates with bad extensions and notify |
1670 |
|
|
* callback. |
1671 |
|
|
*/ |
1672 |
|
|
X509 *x; |
1673 |
|
|
int i; |
1674 |
|
|
for (i = 1; i < sk_X509_num(ctx->chain); i++) { |
1675 |
|
|
x = sk_X509_value(ctx->chain, i); |
1676 |
|
|
if (!(x->ex_flags & EXFLAG_INVALID_POLICY)) |
1677 |
|
|
continue; |
1678 |
|
|
ctx->current_cert = x; |
1679 |
|
|
ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION; |
1680 |
|
|
if (!ctx->verify_cb(0, ctx)) |
1681 |
|
|
return 0; |
1682 |
|
|
} |
1683 |
|
|
return 1; |
1684 |
|
|
} |
1685 |
|
|
if (ret == -2) { |
1686 |
|
|
ctx->current_cert = NULL; |
1687 |
|
|
ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY; |
1688 |
|
|
return ctx->verify_cb(0, ctx); |
1689 |
|
|
} |
1690 |
|
|
|
1691 |
|
|
if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) { |
1692 |
|
|
ctx->current_cert = NULL; |
1693 |
|
|
ctx->error = X509_V_OK; |
1694 |
|
|
if (!ctx->verify_cb(2, ctx)) |
1695 |
|
|
return 0; |
1696 |
|
|
} |
1697 |
|
|
|
1698 |
|
|
return 1; |
1699 |
|
|
} |
1700 |
|
|
|
1701 |
|
|
/* |
1702 |
|
|
* Inform the verify callback of an error. |
1703 |
|
|
* |
1704 |
|
|
* If x is not NULL it is the error cert, otherwise use the chain cert |
1705 |
|
|
* at depth. |
1706 |
|
|
* |
1707 |
|
|
* If err is not X509_V_OK, that's the error value, otherwise leave |
1708 |
|
|
* unchanged (presumably set by the caller). |
1709 |
|
|
* |
1710 |
|
|
* Returns 0 to abort verification with an error, non-zero to continue. |
1711 |
|
|
*/ |
1712 |
|
|
static int |
1713 |
|
|
verify_cb_cert(X509_STORE_CTX *ctx, X509 *x, int depth, int err) |
1714 |
|
|
{ |
1715 |
|
12 |
ctx->error_depth = depth; |
1716 |
✓✗ |
18 |
ctx->current_cert = (x != NULL) ? x : sk_X509_value(ctx->chain, depth); |
1717 |
✓✗ |
6 |
if (err != X509_V_OK) |
1718 |
|
6 |
ctx->error = err; |
1719 |
|
6 |
return ctx->verify_cb(0, ctx); |
1720 |
|
|
} |
1721 |
|
|
|
1722 |
|
|
/* |
1723 |
|
|
* Check certificate validity times. |
1724 |
|
|
* |
1725 |
|
|
* If depth >= 0, invoke verification callbacks on error, otherwise just return |
1726 |
|
|
* the validation status. |
1727 |
|
|
* |
1728 |
|
|
* Return 1 on success, 0 otherwise. |
1729 |
|
|
*/ |
1730 |
|
|
int |
1731 |
|
|
x509_check_cert_time(X509_STORE_CTX *ctx, X509 *x, int depth) |
1732 |
|
|
{ |
1733 |
|
|
time_t *ptime; |
1734 |
|
|
int i; |
1735 |
|
|
|
1736 |
✗✓ |
10102 |
if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) |
1737 |
|
|
ptime = &ctx->param->check_time; |
1738 |
✗✓ |
5051 |
else if (ctx->param->flags & X509_V_FLAG_NO_CHECK_TIME) |
1739 |
|
|
return 1; |
1740 |
|
|
else |
1741 |
|
|
ptime = NULL; |
1742 |
|
|
|
1743 |
|
5051 |
i = X509_cmp_time(X509_get_notBefore(x), ptime); |
1744 |
✗✓ |
5051 |
if (i >= 0 && depth < 0) |
1745 |
|
|
return 0; |
1746 |
✗✓✗✗
|
5051 |
if (i == 0 && !verify_cb_cert(ctx, x, depth, |
1747 |
|
|
X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD)) |
1748 |
|
|
return 0; |
1749 |
✗✓✗✗
|
5051 |
if (i > 0 && !verify_cb_cert(ctx, x, depth, |
1750 |
|
|
X509_V_ERR_CERT_NOT_YET_VALID)) |
1751 |
|
|
return 0; |
1752 |
|
|
|
1753 |
|
5051 |
i = X509_cmp_time_internal(X509_get_notAfter(x), ptime, 1); |
1754 |
✗✓ |
5051 |
if (i <= 0 && depth < 0) |
1755 |
|
|
return 0; |
1756 |
✗✓✗✗
|
5051 |
if (i == 0 && !verify_cb_cert(ctx, x, depth, |
1757 |
|
|
X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD)) |
1758 |
|
|
return 0; |
1759 |
✗✓✗✗
|
5051 |
if (i < 0 && !verify_cb_cert(ctx, x, depth, |
1760 |
|
|
X509_V_ERR_CERT_HAS_EXPIRED)) |
1761 |
|
|
return 0; |
1762 |
|
5051 |
return 1; |
1763 |
|
5051 |
} |
1764 |
|
|
|
1765 |
|
|
static int |
1766 |
|
|
internal_verify(X509_STORE_CTX *ctx) |
1767 |
|
|
{ |
1768 |
|
2464 |
int n = sk_X509_num(ctx->chain) - 1; |
1769 |
|
1232 |
X509 *xi = sk_X509_value(ctx->chain, n); |
1770 |
|
|
X509 *xs; |
1771 |
|
|
|
1772 |
✓✓ |
1232 |
if (ctx->check_issued(ctx, xi, xi)) |
1773 |
|
1226 |
xs = xi; |
1774 |
|
|
else { |
1775 |
✗✓ |
6 |
if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN) { |
1776 |
|
|
xs = xi; |
1777 |
|
|
goto check_cert; |
1778 |
|
|
} |
1779 |
✓✗ |
6 |
if (n <= 0) |
1780 |
|
6 |
return verify_cb_cert(ctx, xi, 0, |
1781 |
|
|
X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE); |
1782 |
|
|
n--; |
1783 |
|
|
ctx->error_depth = n; |
1784 |
|
|
xs = sk_X509_value(ctx->chain, n); |
1785 |
|
|
} |
1786 |
|
|
|
1787 |
|
|
/* |
1788 |
|
|
* Do not clear ctx->error=0, it must be "sticky", only the |
1789 |
|
|
* user's callback is allowed to reset errors (at its own |
1790 |
|
|
* peril). |
1791 |
|
|
*/ |
1792 |
✓✓ |
7572 |
while (n >= 0) { |
1793 |
|
|
|
1794 |
|
|
/* |
1795 |
|
|
* Skip signature check for self signed certificates |
1796 |
|
|
* unless explicitly asked for. It doesn't add any |
1797 |
|
|
* security and just wastes time. If the issuer's |
1798 |
|
|
* public key is unusable, report the issuer |
1799 |
|
|
* certificate and its depth (rather than the depth of |
1800 |
|
|
* the subject). |
1801 |
|
|
*/ |
1802 |
✓✓✗✓
|
3786 |
if (xs != xi || (ctx->param->flags & |
1803 |
|
|
X509_V_FLAG_CHECK_SS_SIGNATURE)) { |
1804 |
|
|
EVP_PKEY *pkey; |
1805 |
✗✓ |
1334 |
if ((pkey = X509_get_pubkey(xi)) == NULL) { |
1806 |
|
|
if (!verify_cb_cert(ctx, xi, xi != xs ? n+1 : n, |
1807 |
|
|
X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY)) |
1808 |
|
|
return 0; |
1809 |
✗✓ |
1334 |
} else if (X509_verify(xs, pkey) <= 0) { |
1810 |
|
|
if (!verify_cb_cert(ctx, xs, n, |
1811 |
|
|
X509_V_ERR_CERT_SIGNATURE_FAILURE)) { |
1812 |
|
|
EVP_PKEY_free(pkey); |
1813 |
|
|
return 0; |
1814 |
|
|
} |
1815 |
|
|
} |
1816 |
|
1334 |
EVP_PKEY_free(pkey); |
1817 |
✓✗ |
1334 |
} |
1818 |
|
|
check_cert: |
1819 |
|
|
/* Calls verify callback as needed */ |
1820 |
✗✓ |
2560 |
if (!x509_check_cert_time(ctx, xs, n)) |
1821 |
|
|
return 0; |
1822 |
|
|
|
1823 |
|
|
/* |
1824 |
|
|
* Signal success at this depth. However, the |
1825 |
|
|
* previous error (if any) is retained. |
1826 |
|
|
*/ |
1827 |
|
2560 |
ctx->current_issuer = xi; |
1828 |
|
2560 |
ctx->current_cert = xs; |
1829 |
|
2560 |
ctx->error_depth = n; |
1830 |
✗✓ |
2560 |
if (!ctx->verify_cb(1, ctx)) |
1831 |
|
|
return 0; |
1832 |
|
|
|
1833 |
✓✓ |
2560 |
if (--n >= 0) { |
1834 |
|
|
xi = xs; |
1835 |
|
1334 |
xs = sk_X509_value(ctx->chain, n); |
1836 |
|
1334 |
} |
1837 |
|
|
} |
1838 |
|
1226 |
return 1; |
1839 |
|
1232 |
} |
1840 |
|
|
|
1841 |
|
|
int |
1842 |
|
|
X509_cmp_current_time(const ASN1_TIME *ctm) |
1843 |
|
|
{ |
1844 |
|
|
return X509_cmp_time(ctm, NULL); |
1845 |
|
|
} |
1846 |
|
|
|
1847 |
|
|
/* |
1848 |
|
|
* Compare a possibly unvalidated ASN1_TIME string against a time_t |
1849 |
|
|
* using RFC 5280 rules for the time string. If *cmp_time is NULL |
1850 |
|
|
* the current system time is used. |
1851 |
|
|
* |
1852 |
|
|
* XXX NOTE that unlike what you expect a "cmp" function to do in C, |
1853 |
|
|
* XXX this one is "special", and returns 0 for error. |
1854 |
|
|
* |
1855 |
|
|
* Returns: |
1856 |
|
|
* -1 if the ASN1_time is earlier than OR the same as *cmp_time. |
1857 |
|
|
* 1 if the ASN1_time is later than *cmp_time. |
1858 |
|
|
* 0 on error. |
1859 |
|
|
*/ |
1860 |
|
|
static int |
1861 |
|
|
X509_cmp_time_internal(const ASN1_TIME *ctm, time_t *cmp_time, int clamp_notafter) |
1862 |
|
|
{ |
1863 |
|
20408 |
time_t time1, time2; |
1864 |
|
10204 |
struct tm tm1, tm2; |
1865 |
|
|
int ret = 0; |
1866 |
|
|
int type; |
1867 |
|
|
|
1868 |
✓✓ |
10204 |
if (cmp_time == NULL) |
1869 |
|
10102 |
time2 = time(NULL); |
1870 |
|
|
else |
1871 |
|
102 |
time2 = *cmp_time; |
1872 |
|
|
|
1873 |
|
10204 |
memset(&tm1, 0, sizeof(tm1)); |
1874 |
|
|
|
1875 |
|
10204 |
type = ASN1_time_parse(ctm->data, ctm->length, &tm1, ctm->type); |
1876 |
✓✗ |
10204 |
if (type == -1) |
1877 |
|
|
goto out; /* invalid time */ |
1878 |
|
|
|
1879 |
|
|
/* RFC 5280 section 4.1.2.5 */ |
1880 |
✓✓ |
10204 |
if (tm1.tm_year < 150 && type != V_ASN1_UTCTIME) |
1881 |
|
|
goto out; |
1882 |
✓✗ |
10174 |
if (tm1.tm_year >= 150 && type != V_ASN1_GENERALIZEDTIME) |
1883 |
|
|
goto out; |
1884 |
|
|
|
1885 |
✓✓ |
10174 |
if (clamp_notafter) { |
1886 |
|
|
/* Allow for completely broken operating systems. */ |
1887 |
✓✗ |
5051 |
if (!ASN1_time_tm_clamp_notafter(&tm1)) |
1888 |
|
|
goto out; |
1889 |
|
|
} |
1890 |
|
|
|
1891 |
|
|
/* |
1892 |
|
|
* Defensively fail if the time string is not representable as |
1893 |
|
|
* a time_t. A time_t must be sane if you care about times after |
1894 |
|
|
* Jan 19 2038. |
1895 |
|
|
*/ |
1896 |
✓✗ |
10174 |
if ((time1 = timegm(&tm1)) == -1) |
1897 |
|
|
goto out; |
1898 |
|
|
|
1899 |
✓✗ |
10174 |
if (gmtime_r(&time2, &tm2) == NULL) |
1900 |
|
|
goto out; |
1901 |
|
|
|
1902 |
|
10174 |
ret = ASN1_time_tm_cmp(&tm1, &tm2); |
1903 |
|
10174 |
if (ret == 0) |
1904 |
|
|
ret = -1; /* 0 is used for error, so map same to less than */ |
1905 |
|
|
out: |
1906 |
|
10204 |
return (ret); |
1907 |
|
10204 |
} |
1908 |
|
|
|
1909 |
|
|
int |
1910 |
|
|
X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time) |
1911 |
|
|
{ |
1912 |
|
10306 |
return X509_cmp_time_internal(ctm, cmp_time, 0); |
1913 |
|
|
} |
1914 |
|
|
|
1915 |
|
|
|
1916 |
|
|
ASN1_TIME * |
1917 |
|
|
X509_gmtime_adj(ASN1_TIME *s, long adj) |
1918 |
|
|
{ |
1919 |
|
84 |
return X509_time_adj(s, adj, NULL); |
1920 |
|
|
} |
1921 |
|
|
|
1922 |
|
|
ASN1_TIME * |
1923 |
|
|
X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_time) |
1924 |
|
|
{ |
1925 |
|
84 |
return X509_time_adj_ex(s, 0, offset_sec, in_time); |
1926 |
|
|
} |
1927 |
|
|
|
1928 |
|
|
ASN1_TIME * |
1929 |
|
|
X509_time_adj_ex(ASN1_TIME *s, int offset_day, long offset_sec, time_t *in_time) |
1930 |
|
|
{ |
1931 |
|
|
time_t t; |
1932 |
✓✗ |
128 |
if (in_time == NULL) |
1933 |
|
64 |
t = time(NULL); |
1934 |
|
|
else |
1935 |
|
|
t = *in_time; |
1936 |
|
|
|
1937 |
|
64 |
return ASN1_TIME_adj(s, t, offset_day, offset_sec); |
1938 |
|
|
} |
1939 |
|
|
|
1940 |
|
|
int |
1941 |
|
|
X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) |
1942 |
|
|
{ |
1943 |
|
|
EVP_PKEY *ktmp = NULL, *ktmp2; |
1944 |
|
|
int i, j; |
1945 |
|
|
|
1946 |
|
|
if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) |
1947 |
|
|
return 1; |
1948 |
|
|
|
1949 |
|
|
for (i = 0; i < sk_X509_num(chain); i++) { |
1950 |
|
|
ktmp = X509_get_pubkey(sk_X509_value(chain, i)); |
1951 |
|
|
if (ktmp == NULL) { |
1952 |
|
|
X509error(X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); |
1953 |
|
|
return 0; |
1954 |
|
|
} |
1955 |
|
|
if (!EVP_PKEY_missing_parameters(ktmp)) |
1956 |
|
|
break; |
1957 |
|
|
else { |
1958 |
|
|
EVP_PKEY_free(ktmp); |
1959 |
|
|
ktmp = NULL; |
1960 |
|
|
} |
1961 |
|
|
} |
1962 |
|
|
if (ktmp == NULL) { |
1963 |
|
|
X509error(X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); |
1964 |
|
|
return 0; |
1965 |
|
|
} |
1966 |
|
|
|
1967 |
|
|
/* first, populate the other certs */ |
1968 |
|
|
for (j = i - 1; j >= 0; j--) { |
1969 |
|
|
ktmp2 = X509_get_pubkey(sk_X509_value(chain, j)); |
1970 |
|
|
EVP_PKEY_copy_parameters(ktmp2, ktmp); |
1971 |
|
|
EVP_PKEY_free(ktmp2); |
1972 |
|
|
} |
1973 |
|
|
|
1974 |
|
|
if (pkey != NULL) |
1975 |
|
|
EVP_PKEY_copy_parameters(pkey, ktmp); |
1976 |
|
|
EVP_PKEY_free(ktmp); |
1977 |
|
|
return 1; |
1978 |
|
|
} |
1979 |
|
|
|
1980 |
|
|
int |
1981 |
|
|
X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, |
1982 |
|
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) |
1983 |
|
|
{ |
1984 |
|
|
/* This function is (usually) called only once, by |
1985 |
|
|
* SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */ |
1986 |
|
626 |
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, |
1987 |
|
|
argl, argp, new_func, dup_func, free_func); |
1988 |
|
|
} |
1989 |
|
|
|
1990 |
|
|
int |
1991 |
|
|
X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) |
1992 |
|
|
{ |
1993 |
|
2582 |
return CRYPTO_set_ex_data(&ctx->ex_data, idx, data); |
1994 |
|
|
} |
1995 |
|
|
|
1996 |
|
|
void * |
1997 |
|
|
X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) |
1998 |
|
|
{ |
1999 |
|
|
return CRYPTO_get_ex_data(&ctx->ex_data, idx); |
2000 |
|
|
} |
2001 |
|
|
|
2002 |
|
|
int |
2003 |
|
|
X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) |
2004 |
|
|
{ |
2005 |
|
48 |
return ctx->error; |
2006 |
|
|
} |
2007 |
|
|
|
2008 |
|
|
void |
2009 |
|
|
X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) |
2010 |
|
|
{ |
2011 |
|
|
ctx->error = err; |
2012 |
|
|
} |
2013 |
|
|
|
2014 |
|
|
int |
2015 |
|
|
X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) |
2016 |
|
|
{ |
2017 |
|
8 |
return ctx->error_depth; |
2018 |
|
|
} |
2019 |
|
|
|
2020 |
|
|
X509 * |
2021 |
|
|
X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) |
2022 |
|
|
{ |
2023 |
|
16 |
return ctx->current_cert; |
2024 |
|
|
} |
2025 |
|
|
|
2026 |
|
|
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) |
2027 |
|
|
{ |
2028 |
|
|
return ctx->chain; |
2029 |
|
|
} |
2030 |
|
|
|
2031 |
|
|
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) |
2032 |
|
|
{ |
2033 |
|
|
int i; |
2034 |
|
|
X509 *x; |
2035 |
|
|
STACK_OF(X509) *chain; |
2036 |
|
|
|
2037 |
✓✗✗✓
|
24 |
if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) |
2038 |
|
|
return NULL; |
2039 |
✓✓ |
48 |
for (i = 0; i < sk_X509_num(chain); i++) { |
2040 |
|
16 |
x = sk_X509_value(chain, i); |
2041 |
|
16 |
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); |
2042 |
|
|
} |
2043 |
|
8 |
return chain; |
2044 |
|
8 |
} |
2045 |
|
|
|
2046 |
|
|
X509 * |
2047 |
|
|
X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx) |
2048 |
|
|
{ |
2049 |
|
|
return ctx->current_issuer; |
2050 |
|
|
} |
2051 |
|
|
|
2052 |
|
|
X509_CRL * |
2053 |
|
|
X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx) |
2054 |
|
|
{ |
2055 |
|
|
return ctx->current_crl; |
2056 |
|
|
} |
2057 |
|
|
|
2058 |
|
|
X509_STORE_CTX * |
2059 |
|
|
X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx) |
2060 |
|
|
{ |
2061 |
|
|
return ctx->parent; |
2062 |
|
|
} |
2063 |
|
|
|
2064 |
|
|
void |
2065 |
|
|
X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) |
2066 |
|
|
{ |
2067 |
|
4 |
ctx->cert = x; |
2068 |
|
2 |
} |
2069 |
|
|
|
2070 |
|
|
void |
2071 |
|
|
X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) |
2072 |
|
|
{ |
2073 |
|
|
ctx->untrusted = sk; |
2074 |
|
|
} |
2075 |
|
|
|
2076 |
|
|
void |
2077 |
|
|
X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk) |
2078 |
|
|
{ |
2079 |
|
16 |
ctx->crls = sk; |
2080 |
|
8 |
} |
2081 |
|
|
|
2082 |
|
|
int |
2083 |
|
|
X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) |
2084 |
|
|
{ |
2085 |
|
12 |
return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); |
2086 |
|
|
} |
2087 |
|
|
|
2088 |
|
|
int |
2089 |
|
|
X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) |
2090 |
|
|
{ |
2091 |
|
|
return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust); |
2092 |
|
|
} |
2093 |
|
|
|
2094 |
|
|
/* This function is used to set the X509_STORE_CTX purpose and trust |
2095 |
|
|
* values. This is intended to be used when another structure has its |
2096 |
|
|
* own trust and purpose values which (if set) will be inherited by |
2097 |
|
|
* the ctx. If they aren't set then we will usually have a default |
2098 |
|
|
* purpose in mind which should then be used to set the trust value. |
2099 |
|
|
* An example of this is SSL use: an SSL structure will have its own |
2100 |
|
|
* purpose and trust settings which the application can set: if they |
2101 |
|
|
* aren't set then we use the default of SSL client/server. |
2102 |
|
|
*/ |
2103 |
|
|
|
2104 |
|
|
int |
2105 |
|
|
X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, |
2106 |
|
|
int purpose, int trust) |
2107 |
|
|
{ |
2108 |
|
|
int idx; |
2109 |
|
|
|
2110 |
|
|
/* If purpose not set use default */ |
2111 |
✗✓ |
12 |
if (!purpose) |
2112 |
|
|
purpose = def_purpose; |
2113 |
|
|
/* If we have a purpose then check it is valid */ |
2114 |
✓✗ |
6 |
if (purpose) { |
2115 |
|
|
X509_PURPOSE *ptmp; |
2116 |
|
6 |
idx = X509_PURPOSE_get_by_id(purpose); |
2117 |
✗✓ |
6 |
if (idx == -1) { |
2118 |
|
|
X509error(X509_R_UNKNOWN_PURPOSE_ID); |
2119 |
|
|
return 0; |
2120 |
|
|
} |
2121 |
|
6 |
ptmp = X509_PURPOSE_get0(idx); |
2122 |
✗✓ |
6 |
if (ptmp->trust == X509_TRUST_DEFAULT) { |
2123 |
|
|
idx = X509_PURPOSE_get_by_id(def_purpose); |
2124 |
|
|
if (idx == -1) { |
2125 |
|
|
X509error(X509_R_UNKNOWN_PURPOSE_ID); |
2126 |
|
|
return 0; |
2127 |
|
|
} |
2128 |
|
|
ptmp = X509_PURPOSE_get0(idx); |
2129 |
|
|
} |
2130 |
|
|
/* If trust not set then get from purpose default */ |
2131 |
✓✗ |
6 |
if (!trust) |
2132 |
|
6 |
trust = ptmp->trust; |
2133 |
✓✗ |
6 |
} |
2134 |
✓✗ |
6 |
if (trust) { |
2135 |
|
6 |
idx = X509_TRUST_get_by_id(trust); |
2136 |
✗✓ |
6 |
if (idx == -1) { |
2137 |
|
|
X509error(X509_R_UNKNOWN_TRUST_ID); |
2138 |
|
|
return 0; |
2139 |
|
|
} |
2140 |
|
|
} |
2141 |
|
|
|
2142 |
✓✗✓✗
|
12 |
if (purpose && !ctx->param->purpose) |
2143 |
|
6 |
ctx->param->purpose = purpose; |
2144 |
✓✗✓✗
|
12 |
if (trust && !ctx->param->trust) |
2145 |
|
6 |
ctx->param->trust = trust; |
2146 |
|
6 |
return 1; |
2147 |
|
6 |
} |
2148 |
|
|
|
2149 |
|
|
X509_STORE_CTX * |
2150 |
|
|
X509_STORE_CTX_new(void) |
2151 |
|
|
{ |
2152 |
|
|
X509_STORE_CTX *ctx; |
2153 |
|
|
|
2154 |
|
4 |
ctx = calloc(1, sizeof(X509_STORE_CTX)); |
2155 |
✗✓ |
2 |
if (!ctx) { |
2156 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
2157 |
|
|
return NULL; |
2158 |
|
|
} |
2159 |
|
2 |
return ctx; |
2160 |
|
2 |
} |
2161 |
|
|
|
2162 |
|
|
void |
2163 |
|
|
X509_STORE_CTX_free(X509_STORE_CTX *ctx) |
2164 |
|
|
{ |
2165 |
✓✗ |
4 |
if (ctx == NULL) |
2166 |
|
|
return; |
2167 |
|
|
|
2168 |
|
2 |
X509_STORE_CTX_cleanup(ctx); |
2169 |
|
2 |
free(ctx); |
2170 |
|
4 |
} |
2171 |
|
|
|
2172 |
|
|
int |
2173 |
|
|
X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, |
2174 |
|
|
STACK_OF(X509) *chain) |
2175 |
|
|
{ |
2176 |
|
|
int param_ret = 1; |
2177 |
|
|
|
2178 |
|
|
/* |
2179 |
|
|
* Make sure everything is initialized properly even in case of an |
2180 |
|
|
* early return due to an error. |
2181 |
|
|
* |
2182 |
|
|
* While this 'ctx' can be reused, X509_STORE_CTX_cleanup() will have |
2183 |
|
|
* freed everything and memset ex_data anyway. This also allows us |
2184 |
|
|
* to safely use X509_STORE_CTX variables from the stack which will |
2185 |
|
|
* have uninitialized data. |
2186 |
|
|
*/ |
2187 |
|
3000 |
memset(ctx, 0, sizeof(*ctx)); |
2188 |
|
|
|
2189 |
|
|
/* |
2190 |
|
|
* Start with this set to not valid - it will be set to valid |
2191 |
|
|
* in X509_verify_cert. |
2192 |
|
|
*/ |
2193 |
|
1500 |
ctx->error = X509_V_ERR_INVALID_CALL; |
2194 |
|
|
|
2195 |
|
|
/* |
2196 |
|
|
* Set values other than 0. Keep this in the same order as |
2197 |
|
|
* X509_STORE_CTX except for values that may fail. All fields that |
2198 |
|
|
* may fail should go last to make sure 'ctx' is as consistent as |
2199 |
|
|
* possible even on early exits. |
2200 |
|
|
*/ |
2201 |
|
1500 |
ctx->ctx = store; |
2202 |
|
1500 |
ctx->cert = x509; |
2203 |
|
1500 |
ctx->untrusted = chain; |
2204 |
|
|
|
2205 |
✓✗✗✓
|
3000 |
if (store && store->verify) |
2206 |
|
|
ctx->verify = store->verify; |
2207 |
|
|
else |
2208 |
|
|
ctx->verify = internal_verify; |
2209 |
|
|
|
2210 |
✓✗✓✓
|
3000 |
if (store && store->verify_cb) |
2211 |
|
14 |
ctx->verify_cb = store->verify_cb; |
2212 |
|
|
else |
2213 |
|
|
ctx->verify_cb = null_callback; |
2214 |
|
|
|
2215 |
✓✗✗✓
|
3000 |
if (store && store->get_issuer) |
2216 |
|
|
ctx->get_issuer = store->get_issuer; |
2217 |
|
|
else |
2218 |
|
|
ctx->get_issuer = X509_STORE_CTX_get1_issuer; |
2219 |
|
|
|
2220 |
✓✗✗✓
|
3000 |
if (store && store->check_issued) |
2221 |
|
|
ctx->check_issued = store->check_issued; |
2222 |
|
|
else |
2223 |
|
|
ctx->check_issued = check_issued; |
2224 |
|
|
|
2225 |
✓✗✗✓
|
3000 |
if (store && store->check_revocation) |
2226 |
|
|
ctx->check_revocation = store->check_revocation; |
2227 |
|
|
else |
2228 |
|
|
ctx->check_revocation = check_revocation; |
2229 |
|
|
|
2230 |
✓✗✗✓
|
3000 |
if (store && store->get_crl) |
2231 |
|
|
ctx->get_crl = store->get_crl; |
2232 |
|
|
else |
2233 |
|
|
ctx->get_crl = NULL; |
2234 |
|
|
|
2235 |
✓✗✗✓
|
3000 |
if (store && store->check_crl) |
2236 |
|
|
ctx->check_crl = store->check_crl; |
2237 |
|
|
else |
2238 |
|
|
ctx->check_crl = check_crl; |
2239 |
|
|
|
2240 |
✓✗✗✓
|
3000 |
if (store && store->cert_crl) |
2241 |
|
|
ctx->cert_crl = store->cert_crl; |
2242 |
|
|
else |
2243 |
|
|
ctx->cert_crl = cert_crl; |
2244 |
|
|
|
2245 |
|
1500 |
ctx->check_policy = check_policy; |
2246 |
|
|
|
2247 |
✓✗✗✓
|
3000 |
if (store && store->lookup_certs) |
2248 |
|
|
ctx->lookup_certs = store->lookup_certs; |
2249 |
|
|
else |
2250 |
|
|
ctx->lookup_certs = X509_STORE_get1_certs; |
2251 |
|
|
|
2252 |
✓✗✗✓
|
3000 |
if (store && store->lookup_crls) |
2253 |
|
|
ctx->lookup_crls = store->lookup_crls; |
2254 |
|
|
else |
2255 |
|
|
ctx->lookup_crls = X509_STORE_get1_crls; |
2256 |
|
|
|
2257 |
✓✗✗✓
|
3000 |
if (store && store->cleanup) |
2258 |
|
|
ctx->cleanup = store->cleanup; |
2259 |
|
|
else |
2260 |
|
|
ctx->cleanup = NULL; |
2261 |
|
|
|
2262 |
|
1500 |
ctx->param = X509_VERIFY_PARAM_new(); |
2263 |
✗✓ |
1500 |
if (!ctx->param) { |
2264 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
2265 |
|
|
return 0; |
2266 |
|
|
} |
2267 |
|
|
|
2268 |
|
|
/* Inherit callbacks and flags from X509_STORE if not set |
2269 |
|
|
* use defaults. |
2270 |
|
|
*/ |
2271 |
✓✗ |
1500 |
if (store) |
2272 |
|
1500 |
param_ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); |
2273 |
|
|
else |
2274 |
|
|
ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; |
2275 |
|
|
|
2276 |
✓✗ |
1500 |
if (param_ret) |
2277 |
|
3000 |
param_ret = X509_VERIFY_PARAM_inherit(ctx->param, |
2278 |
|
1500 |
X509_VERIFY_PARAM_lookup("default")); |
2279 |
|
|
|
2280 |
✗✓ |
1500 |
if (param_ret == 0) { |
2281 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
2282 |
|
|
return 0; |
2283 |
|
|
} |
2284 |
|
|
|
2285 |
✗✓ |
3000 |
if (CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, |
2286 |
|
3000 |
&(ctx->ex_data)) == 0) { |
2287 |
|
|
X509error(ERR_R_MALLOC_FAILURE); |
2288 |
|
|
return 0; |
2289 |
|
|
} |
2290 |
|
1500 |
return 1; |
2291 |
|
1500 |
} |
2292 |
|
|
|
2293 |
|
|
/* Set alternative lookup method: just a STACK of trusted certificates. |
2294 |
|
|
* This avoids X509_STORE nastiness where it isn't needed. |
2295 |
|
|
*/ |
2296 |
|
|
|
2297 |
|
|
void |
2298 |
|
|
X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) |
2299 |
|
|
{ |
2300 |
|
|
ctx->other_ctx = sk; |
2301 |
|
|
ctx->get_issuer = get_issuer_sk; |
2302 |
|
|
} |
2303 |
|
|
|
2304 |
|
|
void |
2305 |
|
|
X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) |
2306 |
|
|
{ |
2307 |
✗✓ |
3000 |
if (ctx->cleanup) |
2308 |
|
|
ctx->cleanup(ctx); |
2309 |
✓✗ |
1500 |
if (ctx->param != NULL) { |
2310 |
✓✗ |
1500 |
if (ctx->parent == NULL) |
2311 |
|
1500 |
X509_VERIFY_PARAM_free(ctx->param); |
2312 |
|
1500 |
ctx->param = NULL; |
2313 |
|
1500 |
} |
2314 |
✗✓ |
1500 |
if (ctx->tree != NULL) { |
2315 |
|
|
X509_policy_tree_free(ctx->tree); |
2316 |
|
|
ctx->tree = NULL; |
2317 |
|
|
} |
2318 |
✓✓ |
1500 |
if (ctx->chain != NULL) { |
2319 |
|
1492 |
sk_X509_pop_free(ctx->chain, X509_free); |
2320 |
|
1492 |
ctx->chain = NULL; |
2321 |
|
1492 |
} |
2322 |
|
1500 |
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, |
2323 |
|
1500 |
ctx, &(ctx->ex_data)); |
2324 |
|
1500 |
memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA)); |
2325 |
|
1500 |
} |
2326 |
|
|
|
2327 |
|
|
void |
2328 |
|
|
X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) |
2329 |
|
|
{ |
2330 |
|
|
X509_VERIFY_PARAM_set_depth(ctx->param, depth); |
2331 |
|
|
} |
2332 |
|
|
|
2333 |
|
|
void |
2334 |
|
|
X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) |
2335 |
|
|
{ |
2336 |
|
4 |
X509_VERIFY_PARAM_set_flags(ctx->param, flags); |
2337 |
|
2 |
} |
2338 |
|
|
|
2339 |
|
|
void |
2340 |
|
|
X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t) |
2341 |
|
|
{ |
2342 |
|
|
X509_VERIFY_PARAM_set_time(ctx->param, t); |
2343 |
|
|
} |
2344 |
|
|
|
2345 |
|
|
void |
2346 |
|
|
X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, |
2347 |
|
|
int (*verify_cb)(int, X509_STORE_CTX *)) |
2348 |
|
|
{ |
2349 |
|
88 |
ctx->verify_cb = verify_cb; |
2350 |
|
44 |
} |
2351 |
|
|
|
2352 |
|
|
X509_POLICY_TREE * |
2353 |
|
|
X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx) |
2354 |
|
|
{ |
2355 |
|
|
return ctx->tree; |
2356 |
|
|
} |
2357 |
|
|
|
2358 |
|
|
int |
2359 |
|
|
X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx) |
2360 |
|
|
{ |
2361 |
|
|
return ctx->explicit_policy; |
2362 |
|
|
} |
2363 |
|
|
|
2364 |
|
|
int |
2365 |
|
|
X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) |
2366 |
|
|
{ |
2367 |
|
|
const X509_VERIFY_PARAM *param; |
2368 |
|
2598 |
param = X509_VERIFY_PARAM_lookup(name); |
2369 |
✗✓ |
1299 |
if (!param) |
2370 |
|
|
return 0; |
2371 |
|
1299 |
return X509_VERIFY_PARAM_inherit(ctx->param, param); |
2372 |
|
1299 |
} |
2373 |
|
|
|
2374 |
|
|
X509_VERIFY_PARAM * |
2375 |
|
|
X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) |
2376 |
|
|
{ |
2377 |
|
2582 |
return ctx->param; |
2378 |
|
|
} |
2379 |
|
|
|
2380 |
|
|
void |
2381 |
|
|
X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) |
2382 |
|
|
{ |
2383 |
|
|
if (ctx->param) |
2384 |
|
|
X509_VERIFY_PARAM_free(ctx->param); |
2385 |
|
|
ctx->param = param; |
2386 |
|
|
} |