Annotation of embedaddon/axTLS/ssl/x509.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (c) 2007, Cameron Rich
! 3: *
! 4: * All rights reserved.
! 5: *
! 6: * Redistribution and use in source and binary forms, with or without
! 7: * modification, are permitted provided that the following conditions are met:
! 8: *
! 9: * * Redistributions of source code must retain the above copyright notice,
! 10: * this list of conditions and the following disclaimer.
! 11: * * Redistributions in binary form must reproduce the above copyright notice,
! 12: * this list of conditions and the following disclaimer in the documentation
! 13: * and/or other materials provided with the distribution.
! 14: * * Neither the name of the axTLS project nor the names of its contributors
! 15: * may be used to endorse or promote products derived from this software
! 16: * without specific prior written permission.
! 17: *
! 18: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
! 19: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
! 20: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
! 21: * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
! 22: * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
! 23: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
! 24: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
! 25: * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
! 26: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
! 27: * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
! 28: * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
! 29: */
! 30:
! 31: /**
! 32: * @file x509.c
! 33: *
! 34: * Certificate processing.
! 35: */
! 36:
! 37: #include <stdio.h>
! 38: #include <stdlib.h>
! 39: #include <string.h>
! 40: #include <time.h>
! 41: #include "os_port.h"
! 42: #include "crypto_misc.h"
! 43:
! 44: #ifdef CONFIG_SSL_CERT_VERIFICATION
! 45: /**
! 46: * Retrieve the signature from a certificate.
! 47: */
! 48: static const uint8_t *get_signature(const uint8_t *asn1_sig, int *len)
! 49: {
! 50: int offset = 0;
! 51: const uint8_t *ptr = NULL;
! 52:
! 53: if (asn1_next_obj(asn1_sig, &offset, ASN1_SEQUENCE) < 0 ||
! 54: asn1_skip_obj(asn1_sig, &offset, ASN1_SEQUENCE))
! 55: goto end_get_sig;
! 56:
! 57: if (asn1_sig[offset++] != ASN1_OCTET_STRING)
! 58: goto end_get_sig;
! 59: *len = get_asn1_length(asn1_sig, &offset);
! 60: ptr = &asn1_sig[offset]; /* all ok */
! 61:
! 62: end_get_sig:
! 63: return ptr;
! 64: }
! 65:
! 66: #endif
! 67:
! 68: /**
! 69: * Construct a new x509 object.
! 70: * @return 0 if ok. < 0 if there was a problem.
! 71: */
! 72: int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx)
! 73: {
! 74: int begin_tbs, end_tbs;
! 75: int ret = X509_NOT_OK, offset = 0, cert_size = 0;
! 76: X509_CTX *x509_ctx;
! 77: BI_CTX *bi_ctx;
! 78:
! 79: *ctx = (X509_CTX *)calloc(1, sizeof(X509_CTX));
! 80: x509_ctx = *ctx;
! 81:
! 82: /* get the certificate size */
! 83: asn1_skip_obj(cert, &cert_size, ASN1_SEQUENCE);
! 84:
! 85: if (asn1_next_obj(cert, &offset, ASN1_SEQUENCE) < 0)
! 86: goto end_cert;
! 87:
! 88: begin_tbs = offset; /* start of the tbs */
! 89: end_tbs = begin_tbs; /* work out the end of the tbs */
! 90: asn1_skip_obj(cert, &end_tbs, ASN1_SEQUENCE);
! 91:
! 92: if (asn1_next_obj(cert, &offset, ASN1_SEQUENCE) < 0)
! 93: goto end_cert;
! 94:
! 95: if (cert[offset] == ASN1_EXPLICIT_TAG) /* optional version */
! 96: {
! 97: if (asn1_version(cert, &offset, x509_ctx))
! 98: goto end_cert;
! 99: }
! 100:
! 101: if (asn1_skip_obj(cert, &offset, ASN1_INTEGER) || /* serial number */
! 102: asn1_next_obj(cert, &offset, ASN1_SEQUENCE) < 0)
! 103: goto end_cert;
! 104:
! 105: /* make sure the signature is ok */
! 106: if (asn1_signature_type(cert, &offset, x509_ctx))
! 107: {
! 108: ret = X509_VFY_ERROR_UNSUPPORTED_DIGEST;
! 109: goto end_cert;
! 110: }
! 111:
! 112: if (asn1_name(cert, &offset, x509_ctx->ca_cert_dn) ||
! 113: asn1_validity(cert, &offset, x509_ctx) ||
! 114: asn1_name(cert, &offset, x509_ctx->cert_dn) ||
! 115: asn1_public_key(cert, &offset, x509_ctx))
! 116: {
! 117: goto end_cert;
! 118: }
! 119:
! 120: bi_ctx = x509_ctx->rsa_ctx->bi_ctx;
! 121:
! 122: #ifdef CONFIG_SSL_CERT_VERIFICATION /* only care if doing verification */
! 123: /* use the appropriate signature algorithm (SHA1/MD5/MD2) */
! 124: if (x509_ctx->sig_type == SIG_TYPE_MD5)
! 125: {
! 126: MD5_CTX md5_ctx;
! 127: uint8_t md5_dgst[MD5_SIZE];
! 128: MD5_Init(&md5_ctx);
! 129: MD5_Update(&md5_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
! 130: MD5_Final(md5_dgst, &md5_ctx);
! 131: x509_ctx->digest = bi_import(bi_ctx, md5_dgst, MD5_SIZE);
! 132: }
! 133: else if (x509_ctx->sig_type == SIG_TYPE_SHA1)
! 134: {
! 135: SHA1_CTX sha_ctx;
! 136: uint8_t sha_dgst[SHA1_SIZE];
! 137: SHA1_Init(&sha_ctx);
! 138: SHA1_Update(&sha_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
! 139: SHA1_Final(sha_dgst, &sha_ctx);
! 140: x509_ctx->digest = bi_import(bi_ctx, sha_dgst, SHA1_SIZE);
! 141: }
! 142: else if (x509_ctx->sig_type == SIG_TYPE_MD2)
! 143: {
! 144: MD2_CTX md2_ctx;
! 145: uint8_t md2_dgst[MD2_SIZE];
! 146: MD2_Init(&md2_ctx);
! 147: MD2_Update(&md2_ctx, &cert[begin_tbs], end_tbs-begin_tbs);
! 148: MD2_Final(md2_dgst, &md2_ctx);
! 149: x509_ctx->digest = bi_import(bi_ctx, md2_dgst, MD2_SIZE);
! 150: }
! 151:
! 152: if (cert[offset] == ASN1_V3_DATA)
! 153: {
! 154: int suboffset;
! 155:
! 156: ++offset;
! 157: get_asn1_length(cert, &offset);
! 158:
! 159: if ((suboffset = asn1_find_subjectaltname(cert, offset)) > 0)
! 160: {
! 161: if (asn1_next_obj(cert, &suboffset, ASN1_OCTET_STRING) > 0)
! 162: {
! 163: int altlen;
! 164:
! 165: if ((altlen = asn1_next_obj(cert,
! 166: &suboffset, ASN1_SEQUENCE)) > 0)
! 167: {
! 168: int endalt = suboffset + altlen;
! 169: int totalnames = 0;
! 170:
! 171: while (suboffset < endalt)
! 172: {
! 173: int type = cert[suboffset++];
! 174: int dnslen = get_asn1_length(cert, &suboffset);
! 175:
! 176: if (type == ASN1_CONTEXT_DNSNAME)
! 177: {
! 178: x509_ctx->subject_alt_dnsnames = (char**)
! 179: realloc(x509_ctx->subject_alt_dnsnames,
! 180: (totalnames + 2) * sizeof(char*));
! 181: x509_ctx->subject_alt_dnsnames[totalnames] =
! 182: (char*)malloc(dnslen + 1);
! 183: x509_ctx->subject_alt_dnsnames[totalnames+1] = NULL;
! 184: memcpy(x509_ctx->subject_alt_dnsnames[totalnames],
! 185: cert + suboffset, dnslen);
! 186: x509_ctx->subject_alt_dnsnames[
! 187: totalnames][dnslen] = 0;
! 188: ++totalnames;
! 189: }
! 190:
! 191: suboffset += dnslen;
! 192: }
! 193: }
! 194: }
! 195: }
! 196: }
! 197:
! 198: offset = end_tbs; /* skip the rest of v3 data */
! 199: if (asn1_skip_obj(cert, &offset, ASN1_SEQUENCE) ||
! 200: asn1_signature(cert, &offset, x509_ctx))
! 201: goto end_cert;
! 202: #endif
! 203: ret = X509_OK;
! 204: end_cert:
! 205: if (len)
! 206: {
! 207: *len = cert_size;
! 208: }
! 209:
! 210: if (ret)
! 211: {
! 212: #ifdef CONFIG_SSL_FULL_MODE
! 213: printf("Error: Invalid X509 ASN.1 file (%s)\n",
! 214: x509_display_error(ret));
! 215: #endif
! 216: x509_free(x509_ctx);
! 217: *ctx = NULL;
! 218: }
! 219:
! 220: return ret;
! 221: }
! 222:
! 223: /**
! 224: * Free an X.509 object's resources.
! 225: */
! 226: void x509_free(X509_CTX *x509_ctx)
! 227: {
! 228: X509_CTX *next;
! 229: int i;
! 230:
! 231: if (x509_ctx == NULL) /* if already null, then don't bother */
! 232: return;
! 233:
! 234: for (i = 0; i < X509_NUM_DN_TYPES; i++)
! 235: {
! 236: free(x509_ctx->ca_cert_dn[i]);
! 237: free(x509_ctx->cert_dn[i]);
! 238: }
! 239:
! 240: free(x509_ctx->signature);
! 241:
! 242: #ifdef CONFIG_SSL_CERT_VERIFICATION
! 243: if (x509_ctx->digest)
! 244: {
! 245: bi_free(x509_ctx->rsa_ctx->bi_ctx, x509_ctx->digest);
! 246: }
! 247:
! 248: if (x509_ctx->subject_alt_dnsnames)
! 249: {
! 250: for (i = 0; x509_ctx->subject_alt_dnsnames[i]; ++i)
! 251: free(x509_ctx->subject_alt_dnsnames[i]);
! 252:
! 253: free(x509_ctx->subject_alt_dnsnames);
! 254: }
! 255: #endif
! 256:
! 257: RSA_free(x509_ctx->rsa_ctx);
! 258: next = x509_ctx->next;
! 259: free(x509_ctx);
! 260: x509_free(next); /* clear the chain */
! 261: }
! 262:
! 263: #ifdef CONFIG_SSL_CERT_VERIFICATION
! 264: /**
! 265: * Take a signature and decrypt it.
! 266: */
! 267: static bigint *sig_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
! 268: bigint *modulus, bigint *pub_exp)
! 269: {
! 270: int i, size;
! 271: bigint *decrypted_bi, *dat_bi;
! 272: bigint *bir = NULL;
! 273: uint8_t *block = (uint8_t *)alloca(sig_len);
! 274:
! 275: /* decrypt */
! 276: dat_bi = bi_import(ctx, sig, sig_len);
! 277: ctx->mod_offset = BIGINT_M_OFFSET;
! 278:
! 279: /* convert to a normal block */
! 280: decrypted_bi = bi_mod_power2(ctx, dat_bi, modulus, pub_exp);
! 281:
! 282: bi_export(ctx, decrypted_bi, block, sig_len);
! 283: ctx->mod_offset = BIGINT_M_OFFSET;
! 284:
! 285: i = 10; /* start at the first possible non-padded byte */
! 286: while (block[i++] && i < sig_len);
! 287: size = sig_len - i;
! 288:
! 289: /* get only the bit we want */
! 290: if (size > 0)
! 291: {
! 292: int len;
! 293: const uint8_t *sig_ptr = get_signature(&block[i], &len);
! 294:
! 295: if (sig_ptr)
! 296: {
! 297: bir = bi_import(ctx, sig_ptr, len);
! 298: }
! 299: }
! 300:
! 301: /* save a few bytes of memory */
! 302: bi_clear_cache(ctx);
! 303: return bir;
! 304: }
! 305:
! 306: /**
! 307: * Do some basic checks on the certificate chain.
! 308: *
! 309: * Certificate verification consists of a number of checks:
! 310: * - The date of the certificate is after the start date.
! 311: * - The date of the certificate is before the finish date.
! 312: * - A root certificate exists in the certificate store.
! 313: * - That the certificate(s) are not self-signed.
! 314: * - The certificate chain is valid.
! 315: * - The signature of the certificate is valid.
! 316: */
! 317: int x509_verify(const CA_CERT_CTX *ca_cert_ctx, const X509_CTX *cert)
! 318: {
! 319: int ret = X509_OK, i = 0;
! 320: bigint *cert_sig;
! 321: X509_CTX *next_cert = NULL;
! 322: BI_CTX *ctx = NULL;
! 323: bigint *mod = NULL, *expn = NULL;
! 324: int match_ca_cert = 0;
! 325: struct timeval tv;
! 326: uint8_t is_self_signed = 0;
! 327:
! 328: if (cert == NULL)
! 329: {
! 330: ret = X509_VFY_ERROR_NO_TRUSTED_CERT;
! 331: goto end_verify;
! 332: }
! 333:
! 334: /* a self-signed certificate that is not in the CA store - use this
! 335: to check the signature */
! 336: if (asn1_compare_dn(cert->ca_cert_dn, cert->cert_dn) == 0)
! 337: {
! 338: is_self_signed = 1;
! 339: ctx = cert->rsa_ctx->bi_ctx;
! 340: mod = cert->rsa_ctx->m;
! 341: expn = cert->rsa_ctx->e;
! 342: }
! 343:
! 344: gettimeofday(&tv, NULL);
! 345:
! 346: /* check the not before date */
! 347: if (tv.tv_sec < cert->not_before)
! 348: {
! 349: ret = X509_VFY_ERROR_NOT_YET_VALID;
! 350: goto end_verify;
! 351: }
! 352:
! 353: /* check the not after date */
! 354: if (tv.tv_sec > cert->not_after)
! 355: {
! 356: ret = X509_VFY_ERROR_EXPIRED;
! 357: goto end_verify;
! 358: }
! 359:
! 360: next_cert = cert->next;
! 361:
! 362: /* last cert in the chain - look for a trusted cert */
! 363: if (next_cert == NULL)
! 364: {
! 365: if (ca_cert_ctx != NULL)
! 366: {
! 367: /* go thu the CA store */
! 368: while (i < CONFIG_X509_MAX_CA_CERTS && ca_cert_ctx->cert[i])
! 369: {
! 370: if (asn1_compare_dn(cert->ca_cert_dn,
! 371: ca_cert_ctx->cert[i]->cert_dn) == 0)
! 372: {
! 373: /* use this CA certificate for signature verification */
! 374: match_ca_cert = 1;
! 375: ctx = ca_cert_ctx->cert[i]->rsa_ctx->bi_ctx;
! 376: mod = ca_cert_ctx->cert[i]->rsa_ctx->m;
! 377: expn = ca_cert_ctx->cert[i]->rsa_ctx->e;
! 378: break;
! 379: }
! 380:
! 381: i++;
! 382: }
! 383: }
! 384:
! 385: /* couldn't find a trusted cert (& let self-signed errors
! 386: be returned) */
! 387: if (!match_ca_cert && !is_self_signed)
! 388: {
! 389: ret = X509_VFY_ERROR_NO_TRUSTED_CERT;
! 390: goto end_verify;
! 391: }
! 392: }
! 393: else if (asn1_compare_dn(cert->ca_cert_dn, next_cert->cert_dn) != 0)
! 394: {
! 395: /* check the chain */
! 396: ret = X509_VFY_ERROR_INVALID_CHAIN;
! 397: goto end_verify;
! 398: }
! 399: else /* use the next certificate in the chain for signature verify */
! 400: {
! 401: ctx = next_cert->rsa_ctx->bi_ctx;
! 402: mod = next_cert->rsa_ctx->m;
! 403: expn = next_cert->rsa_ctx->e;
! 404: }
! 405:
! 406: /* cert is self signed */
! 407: if (!match_ca_cert && is_self_signed)
! 408: {
! 409: ret = X509_VFY_ERROR_SELF_SIGNED;
! 410: goto end_verify;
! 411: }
! 412:
! 413: /* check the signature */
! 414: cert_sig = sig_verify(ctx, cert->signature, cert->sig_len,
! 415: bi_clone(ctx, mod), bi_clone(ctx, expn));
! 416:
! 417: if (cert_sig && cert->digest)
! 418: {
! 419: if (bi_compare(cert_sig, cert->digest) != 0)
! 420: ret = X509_VFY_ERROR_BAD_SIGNATURE;
! 421:
! 422:
! 423: bi_free(ctx, cert_sig);
! 424: }
! 425: else
! 426: {
! 427: ret = X509_VFY_ERROR_BAD_SIGNATURE;
! 428: }
! 429:
! 430: if (ret)
! 431: goto end_verify;
! 432:
! 433: /* go down the certificate chain using recursion. */
! 434: if (next_cert != NULL)
! 435: {
! 436: ret = x509_verify(ca_cert_ctx, next_cert);
! 437: }
! 438:
! 439: end_verify:
! 440: return ret;
! 441: }
! 442: #endif
! 443:
! 444: #if defined (CONFIG_SSL_FULL_MODE)
! 445: /**
! 446: * Used for diagnostics.
! 447: */
! 448: static const char *not_part_of_cert = "<Not Part Of Certificate>";
! 449: void x509_print(const X509_CTX *cert, CA_CERT_CTX *ca_cert_ctx)
! 450: {
! 451: if (cert == NULL)
! 452: return;
! 453:
! 454: printf("=== CERTIFICATE ISSUED TO ===\n");
! 455: printf("Common Name (CN):\t\t");
! 456: printf("%s\n", cert->cert_dn[X509_COMMON_NAME] ?
! 457: cert->cert_dn[X509_COMMON_NAME] : not_part_of_cert);
! 458:
! 459: printf("Organization (O):\t\t");
! 460: printf("%s\n", cert->cert_dn[X509_ORGANIZATION] ?
! 461: cert->cert_dn[X509_ORGANIZATION] : not_part_of_cert);
! 462:
! 463: printf("Organizational Unit (OU):\t");
! 464: printf("%s\n", cert->cert_dn[X509_ORGANIZATIONAL_UNIT] ?
! 465: cert->cert_dn[X509_ORGANIZATIONAL_UNIT] : not_part_of_cert);
! 466:
! 467: printf("=== CERTIFICATE ISSUED BY ===\n");
! 468: printf("Common Name (CN):\t\t");
! 469: printf("%s\n", cert->ca_cert_dn[X509_COMMON_NAME] ?
! 470: cert->ca_cert_dn[X509_COMMON_NAME] : not_part_of_cert);
! 471:
! 472: printf("Organization (O):\t\t");
! 473: printf("%s\n", cert->ca_cert_dn[X509_ORGANIZATION] ?
! 474: cert->ca_cert_dn[X509_ORGANIZATION] : not_part_of_cert);
! 475:
! 476: printf("Organizational Unit (OU):\t");
! 477: printf("%s\n", cert->ca_cert_dn[X509_ORGANIZATIONAL_UNIT] ?
! 478: cert->ca_cert_dn[X509_ORGANIZATIONAL_UNIT] : not_part_of_cert);
! 479:
! 480: printf("Not Before:\t\t\t%s", ctime(&cert->not_before));
! 481: printf("Not After:\t\t\t%s", ctime(&cert->not_after));
! 482: printf("RSA bitsize:\t\t\t%d\n", cert->rsa_ctx->num_octets*8);
! 483: printf("Sig Type:\t\t\t");
! 484: switch (cert->sig_type)
! 485: {
! 486: case SIG_TYPE_MD5:
! 487: printf("MD5\n");
! 488: break;
! 489: case SIG_TYPE_SHA1:
! 490: printf("SHA1\n");
! 491: break;
! 492: case SIG_TYPE_MD2:
! 493: printf("MD2\n");
! 494: break;
! 495: default:
! 496: printf("Unrecognized: %d\n", cert->sig_type);
! 497: break;
! 498: }
! 499:
! 500: if (ca_cert_ctx)
! 501: {
! 502: printf("Verify:\t\t\t\t%s\n",
! 503: x509_display_error(x509_verify(ca_cert_ctx, cert)));
! 504: }
! 505:
! 506: #if 0
! 507: print_blob("Signature", cert->signature, cert->sig_len);
! 508: bi_print("Modulus", cert->rsa_ctx->m);
! 509: bi_print("Pub Exp", cert->rsa_ctx->e);
! 510: #endif
! 511:
! 512: if (ca_cert_ctx)
! 513: {
! 514: x509_print(cert->next, ca_cert_ctx);
! 515: }
! 516:
! 517: TTY_FLUSH();
! 518: }
! 519:
! 520: const char * x509_display_error(int error)
! 521: {
! 522: switch (error)
! 523: {
! 524: case X509_OK:
! 525: return "Certificate verify successful";
! 526:
! 527: case X509_NOT_OK:
! 528: return "X509 not ok";
! 529:
! 530: case X509_VFY_ERROR_NO_TRUSTED_CERT:
! 531: return "No trusted cert is available";
! 532:
! 533: case X509_VFY_ERROR_BAD_SIGNATURE:
! 534: return "Bad signature";
! 535:
! 536: case X509_VFY_ERROR_NOT_YET_VALID:
! 537: return "Cert is not yet valid";
! 538:
! 539: case X509_VFY_ERROR_EXPIRED:
! 540: return "Cert has expired";
! 541:
! 542: case X509_VFY_ERROR_SELF_SIGNED:
! 543: return "Cert is self-signed";
! 544:
! 545: case X509_VFY_ERROR_INVALID_CHAIN:
! 546: return "Chain is invalid (check order of certs)";
! 547:
! 548: case X509_VFY_ERROR_UNSUPPORTED_DIGEST:
! 549: return "Unsupported digest";
! 550:
! 551: case X509_INVALID_PRIV_KEY:
! 552: return "Invalid private key";
! 553:
! 554: default:
! 555: return "Unknown";
! 556: }
! 557: }
! 558: #endif /* CONFIG_SSL_FULL_MODE */
! 559:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to x509.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / axTLS / ssl