]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * X.509 common functions for parsing and verification | |
3 | * | |
4 | * Copyright (C) 2006-2015, ARM Limited, All Rights Reserved | |
5 | * SPDX-License-Identifier: GPL-2.0 | |
6 | * | |
7 | * This program is free software; you can redistribute it and/or modify | |
8 | * it under the terms of the GNU General Public License as published by | |
9 | * the Free Software Foundation; either version 2 of the License, or | |
10 | * (at your option) any later version. | |
11 | * | |
12 | * This program is distributed in the hope that it will be useful, | |
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
15 | * GNU General Public License for more details. | |
16 | * | |
17 | * You should have received a copy of the GNU General Public License along | |
18 | * with this program; if not, write to the Free Software Foundation, Inc., | |
19 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | |
20 | * | |
21 | * This file is part of mbed TLS (https://tls.mbed.org) | |
22 | */ | |
23 | /* | |
24 | * The ITU-T X.509 standard defines a certificate format for PKI. | |
25 | * | |
26 | * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs) | |
27 | * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs) | |
28 | * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10) | |
29 | * | |
30 | * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf | |
31 | * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf | |
32 | */ | |
33 | ||
34 | /* Ensure gmtime_r is available even with -std=c99; must be included before | |
35 | * config.h, which pulls in glibc's features.h. Harmless on other platforms. */ | |
36 | #define _POSIX_C_SOURCE 200112L | |
37 | ||
38 | #if !defined(MBEDTLS_CONFIG_FILE) | |
39 | #include "mbedtls/config.h" | |
40 | #else | |
41 | #include MBEDTLS_CONFIG_FILE | |
42 | #endif | |
43 | ||
44 | #if defined(MBEDTLS_X509_USE_C) | |
45 | ||
46 | #include "mbedtls/x509.h" | |
47 | #include "mbedtls/asn1.h" | |
48 | #include "mbedtls/oid.h" | |
49 | ||
50 | #include <stdio.h> | |
51 | #include <string.h> | |
52 | ||
53 | #if defined(MBEDTLS_PEM_PARSE_C) | |
54 | #include "mbedtls/pem.h" | |
55 | #endif | |
56 | ||
57 | #if defined(MBEDTLS_PLATFORM_C) | |
58 | #include "mbedtls/platform.h" | |
59 | #else | |
60 | #include <stdio.h> | |
61 | #include <stdlib.h> | |
62 | #define mbedtls_free free | |
63 | #define mbedtls_calloc calloc | |
64 | #define mbedtls_printf printf | |
65 | #define mbedtls_snprintf snprintf | |
66 | #endif | |
67 | ||
68 | #if defined(MBEDTLS_HAVE_TIME) | |
69 | #include "mbedtls/platform_time.h" | |
70 | #endif | |
71 | #if defined(MBEDTLS_HAVE_TIME_DATE) | |
72 | #include <time.h> | |
73 | #endif | |
74 | ||
75 | #define CHECK(code) if( ( ret = code ) != 0 ){ return( ret ); } | |
76 | #define CHECK_RANGE(min, max, val) if( val < min || val > max ){ return( ret ); } | |
77 | ||
78 | /* | |
79 | * CertificateSerialNumber ::= INTEGER | |
80 | */ | |
81 | int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, | |
82 | mbedtls_x509_buf *serial ) | |
83 | { | |
84 | int ret; | |
85 | ||
86 | if( ( end - *p ) < 1 ) | |
87 | return( MBEDTLS_ERR_X509_INVALID_SERIAL + | |
88 | MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | |
89 | ||
90 | if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) && | |
91 | **p != MBEDTLS_ASN1_INTEGER ) | |
92 | return( MBEDTLS_ERR_X509_INVALID_SERIAL + | |
93 | MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); | |
94 | ||
95 | serial->tag = *(*p)++; | |
96 | ||
97 | if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 ) | |
98 | return( MBEDTLS_ERR_X509_INVALID_SERIAL + ret ); | |
99 | ||
100 | serial->p = *p; | |
101 | *p += serial->len; | |
102 | ||
103 | return( 0 ); | |
104 | } | |
105 | ||
106 | /* Get an algorithm identifier without parameters (eg for signatures) | |
107 | * | |
108 | * AlgorithmIdentifier ::= SEQUENCE { | |
109 | * algorithm OBJECT IDENTIFIER, | |
110 | * parameters ANY DEFINED BY algorithm OPTIONAL } | |
111 | */ | |
112 | int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end, | |
113 | mbedtls_x509_buf *alg ) | |
114 | { | |
115 | int ret; | |
116 | ||
117 | if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 ) | |
118 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
119 | ||
120 | return( 0 ); | |
121 | } | |
122 | ||
123 | /* | |
124 | * Parse an algorithm identifier with (optional) paramaters | |
125 | */ | |
126 | int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end, | |
127 | mbedtls_x509_buf *alg, mbedtls_x509_buf *params ) | |
128 | { | |
129 | int ret; | |
130 | ||
131 | if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 ) | |
132 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
133 | ||
134 | return( 0 ); | |
135 | } | |
136 | ||
137 | #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) | |
138 | /* | |
139 | * HashAlgorithm ::= AlgorithmIdentifier | |
140 | * | |
141 | * AlgorithmIdentifier ::= SEQUENCE { | |
142 | * algorithm OBJECT IDENTIFIER, | |
143 | * parameters ANY DEFINED BY algorithm OPTIONAL } | |
144 | * | |
145 | * For HashAlgorithm, parameters MUST be NULL or absent. | |
146 | */ | |
147 | static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg ) | |
148 | { | |
149 | int ret; | |
150 | unsigned char *p; | |
151 | const unsigned char *end; | |
152 | mbedtls_x509_buf md_oid; | |
153 | size_t len; | |
154 | ||
155 | /* Make sure we got a SEQUENCE and setup bounds */ | |
156 | if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) | |
157 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
158 | MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); | |
159 | ||
160 | p = (unsigned char *) alg->p; | |
161 | end = p + alg->len; | |
162 | ||
163 | if( p >= end ) | |
164 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
165 | MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | |
166 | ||
167 | /* Parse md_oid */ | |
168 | md_oid.tag = *p; | |
169 | ||
170 | if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 ) | |
171 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
172 | ||
173 | md_oid.p = p; | |
174 | p += md_oid.len; | |
175 | ||
176 | /* Get md_alg from md_oid */ | |
177 | if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 ) | |
178 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
179 | ||
180 | /* Make sure params is absent of NULL */ | |
181 | if( p == end ) | |
182 | return( 0 ); | |
183 | ||
184 | if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 ) | |
185 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
186 | ||
187 | if( p != end ) | |
188 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
189 | MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); | |
190 | ||
191 | return( 0 ); | |
192 | } | |
193 | ||
194 | /* | |
195 | * RSASSA-PSS-params ::= SEQUENCE { | |
196 | * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier, | |
197 | * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier, | |
198 | * saltLength [2] INTEGER DEFAULT 20, | |
199 | * trailerField [3] INTEGER DEFAULT 1 } | |
200 | * -- Note that the tags in this Sequence are explicit. | |
201 | * | |
202 | * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value | |
203 | * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other | |
204 | * option. Enfore this at parsing time. | |
205 | */ | |
206 | int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params, | |
207 | mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md, | |
208 | int *salt_len ) | |
209 | { | |
210 | int ret; | |
211 | unsigned char *p; | |
212 | const unsigned char *end, *end2; | |
213 | size_t len; | |
214 | mbedtls_x509_buf alg_id, alg_params; | |
215 | ||
216 | /* First set everything to defaults */ | |
217 | *md_alg = MBEDTLS_MD_SHA1; | |
218 | *mgf_md = MBEDTLS_MD_SHA1; | |
219 | *salt_len = 20; | |
220 | ||
221 | /* Make sure params is a SEQUENCE and setup bounds */ | |
222 | if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) | |
223 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
224 | MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); | |
225 | ||
226 | p = (unsigned char *) params->p; | |
227 | end = p + params->len; | |
228 | ||
229 | if( p == end ) | |
230 | return( 0 ); | |
231 | ||
232 | /* | |
233 | * HashAlgorithm | |
234 | */ | |
235 | if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, | |
236 | MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 ) | |
237 | { | |
238 | end2 = p + len; | |
239 | ||
240 | /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */ | |
241 | if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 ) | |
242 | return( ret ); | |
243 | ||
244 | if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 ) | |
245 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
246 | ||
247 | if( p != end2 ) | |
248 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
249 | MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); | |
250 | } | |
251 | else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) | |
252 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
253 | ||
254 | if( p == end ) | |
255 | return( 0 ); | |
256 | ||
257 | /* | |
258 | * MaskGenAlgorithm | |
259 | */ | |
260 | if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, | |
261 | MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 ) | |
262 | { | |
263 | end2 = p + len; | |
264 | ||
265 | /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */ | |
266 | if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 ) | |
267 | return( ret ); | |
268 | ||
269 | /* Only MFG1 is recognised for now */ | |
270 | if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 ) | |
271 | return( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE + | |
272 | MBEDTLS_ERR_OID_NOT_FOUND ); | |
273 | ||
274 | /* Parse HashAlgorithm */ | |
275 | if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 ) | |
276 | return( ret ); | |
277 | ||
278 | if( p != end2 ) | |
279 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
280 | MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); | |
281 | } | |
282 | else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) | |
283 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
284 | ||
285 | if( p == end ) | |
286 | return( 0 ); | |
287 | ||
288 | /* | |
289 | * salt_len | |
290 | */ | |
291 | if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, | |
292 | MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 ) | |
293 | { | |
294 | end2 = p + len; | |
295 | ||
296 | if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 ) | |
297 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
298 | ||
299 | if( p != end2 ) | |
300 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
301 | MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); | |
302 | } | |
303 | else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) | |
304 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
305 | ||
306 | if( p == end ) | |
307 | return( 0 ); | |
308 | ||
309 | /* | |
310 | * trailer_field (if present, must be 1) | |
311 | */ | |
312 | if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, | |
313 | MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 ) | |
314 | { | |
315 | int trailer_field; | |
316 | ||
317 | end2 = p + len; | |
318 | ||
319 | if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 ) | |
320 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
321 | ||
322 | if( p != end2 ) | |
323 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
324 | MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); | |
325 | ||
326 | if( trailer_field != 1 ) | |
327 | return( MBEDTLS_ERR_X509_INVALID_ALG ); | |
328 | } | |
329 | else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) | |
330 | return( MBEDTLS_ERR_X509_INVALID_ALG + ret ); | |
331 | ||
332 | if( p != end ) | |
333 | return( MBEDTLS_ERR_X509_INVALID_ALG + | |
334 | MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); | |
335 | ||
336 | return( 0 ); | |
337 | } | |
338 | #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ | |
339 | ||
340 | /* | |
341 | * AttributeTypeAndValue ::= SEQUENCE { | |
342 | * type AttributeType, | |
343 | * value AttributeValue } | |
344 | * | |
345 | * AttributeType ::= OBJECT IDENTIFIER | |
346 | * | |
347 | * AttributeValue ::= ANY DEFINED BY AttributeType | |
348 | */ | |
349 | static int x509_get_attr_type_value( unsigned char **p, | |
350 | const unsigned char *end, | |
351 | mbedtls_x509_name *cur ) | |
352 | { | |
353 | int ret; | |
354 | size_t len; | |
355 | mbedtls_x509_buf *oid; | |
356 | mbedtls_x509_buf *val; | |
357 | ||
358 | if( ( ret = mbedtls_asn1_get_tag( p, end, &len, | |
359 | MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) | |
360 | return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); | |
361 | ||
362 | if( ( end - *p ) < 1 ) | |
363 | return( MBEDTLS_ERR_X509_INVALID_NAME + | |
364 | MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | |
365 | ||
366 | oid = &cur->oid; | |
367 | oid->tag = **p; | |
368 | ||
369 | if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 ) | |
370 | return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); | |
371 | ||
372 | oid->p = *p; | |
373 | *p += oid->len; | |
374 | ||
375 | if( ( end - *p ) < 1 ) | |
376 | return( MBEDTLS_ERR_X509_INVALID_NAME + | |
377 | MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | |
378 | ||
379 | if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING && | |
380 | **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING && | |
381 | **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING && | |
382 | **p != MBEDTLS_ASN1_BIT_STRING ) | |
383 | return( MBEDTLS_ERR_X509_INVALID_NAME + | |
384 | MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); | |
385 | ||
386 | val = &cur->val; | |
387 | val->tag = *(*p)++; | |
388 | ||
389 | if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 ) | |
390 | return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); | |
391 | ||
392 | val->p = *p; | |
393 | *p += val->len; | |
394 | ||
395 | cur->next = NULL; | |
396 | ||
397 | return( 0 ); | |
398 | } | |
399 | ||
400 | /* | |
401 | * Name ::= CHOICE { -- only one possibility for now -- | |
402 | * rdnSequence RDNSequence } | |
403 | * | |
404 | * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName | |
405 | * | |
406 | * RelativeDistinguishedName ::= | |
407 | * SET OF AttributeTypeAndValue | |
408 | * | |
409 | * AttributeTypeAndValue ::= SEQUENCE { | |
410 | * type AttributeType, | |
411 | * value AttributeValue } | |
412 | * | |
413 | * AttributeType ::= OBJECT IDENTIFIER | |
414 | * | |
415 | * AttributeValue ::= ANY DEFINED BY AttributeType | |
416 | * | |
417 | * The data structure is optimized for the common case where each RDN has only | |
418 | * one element, which is represented as a list of AttributeTypeAndValue. | |
419 | * For the general case we still use a flat list, but we mark elements of the | |
420 | * same set so that they are "merged" together in the functions that consume | |
421 | * this list, eg mbedtls_x509_dn_gets(). | |
422 | */ | |
423 | int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end, | |
424 | mbedtls_x509_name *cur ) | |
425 | { | |
426 | int ret; | |
427 | size_t set_len; | |
428 | const unsigned char *end_set; | |
429 | ||
430 | /* don't use recursion, we'd risk stack overflow if not optimized */ | |
431 | while( 1 ) | |
432 | { | |
433 | /* | |
434 | * parse SET | |
435 | */ | |
436 | if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len, | |
437 | MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 ) | |
438 | return( MBEDTLS_ERR_X509_INVALID_NAME + ret ); | |
439 | ||
440 | end_set = *p + set_len; | |
441 | ||
442 | while( 1 ) | |
443 | { | |
444 | if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 ) | |
445 | return( ret ); | |
446 | ||
447 | if( *p == end_set ) | |
448 | break; | |
449 | ||
450 | /* Mark this item as being no the only one in a set */ | |
451 | cur->next_merged = 1; | |
452 | ||
453 | cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); | |
454 | ||
455 | if( cur->next == NULL ) | |
456 | return( MBEDTLS_ERR_X509_ALLOC_FAILED ); | |
457 | ||
458 | cur = cur->next; | |
459 | } | |
460 | ||
461 | /* | |
462 | * continue until end of SEQUENCE is reached | |
463 | */ | |
464 | if( *p == end ) | |
465 | return( 0 ); | |
466 | ||
467 | cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) ); | |
468 | ||
469 | if( cur->next == NULL ) | |
470 | return( MBEDTLS_ERR_X509_ALLOC_FAILED ); | |
471 | ||
472 | cur = cur->next; | |
473 | } | |
474 | } | |
475 | ||
476 | static int x509_parse_int( unsigned char **p, size_t n, int *res ) | |
477 | { | |
478 | *res = 0; | |
479 | ||
480 | for( ; n > 0; --n ) | |
481 | { | |
482 | if( ( **p < '0') || ( **p > '9' ) ) | |
483 | return ( MBEDTLS_ERR_X509_INVALID_DATE ); | |
484 | ||
485 | *res *= 10; | |
486 | *res += ( *(*p)++ - '0' ); | |
487 | } | |
488 | ||
489 | return( 0 ); | |
490 | } | |
491 | ||
492 | static int x509_date_is_valid(const mbedtls_x509_time *t ) | |
493 | { | |
494 | int ret = MBEDTLS_ERR_X509_INVALID_DATE; | |
495 | int month_len; | |
496 | ||
497 | CHECK_RANGE( 0, 9999, t->year ); | |
498 | CHECK_RANGE( 0, 23, t->hour ); | |
499 | CHECK_RANGE( 0, 59, t->min ); | |
500 | CHECK_RANGE( 0, 59, t->sec ); | |
501 | ||
502 | switch( t->mon ) | |
503 | { | |
504 | case 1: case 3: case 5: case 7: case 8: case 10: case 12: | |
505 | month_len = 31; | |
506 | break; | |
507 | case 4: case 6: case 9: case 11: | |
508 | month_len = 30; | |
509 | break; | |
510 | case 2: | |
511 | if( ( !( t->year % 4 ) && t->year % 100 ) || | |
512 | !( t->year % 400 ) ) | |
513 | month_len = 29; | |
514 | else | |
515 | month_len = 28; | |
516 | break; | |
517 | default: | |
518 | return( ret ); | |
519 | } | |
520 | CHECK_RANGE( 1, month_len, t->day ); | |
521 | ||
522 | return( 0 ); | |
523 | } | |
524 | ||
525 | /* | |
526 | * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4) | |
527 | * field. | |
528 | */ | |
529 | static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen, | |
530 | mbedtls_x509_time *tm ) | |
531 | { | |
532 | int ret; | |
533 | ||
534 | /* | |
535 | * Minimum length is 10 or 12 depending on yearlen | |
536 | */ | |
537 | if ( len < yearlen + 8 ) | |
538 | return ( MBEDTLS_ERR_X509_INVALID_DATE ); | |
539 | len -= yearlen + 8; | |
540 | ||
541 | /* | |
542 | * Parse year, month, day, hour, minute | |
543 | */ | |
544 | CHECK( x509_parse_int( p, yearlen, &tm->year ) ); | |
545 | if ( 2 == yearlen ) | |
546 | { | |
547 | if ( tm->year < 50 ) | |
548 | tm->year += 100; | |
549 | ||
550 | tm->year += 1900; | |
551 | } | |
552 | ||
553 | CHECK( x509_parse_int( p, 2, &tm->mon ) ); | |
554 | CHECK( x509_parse_int( p, 2, &tm->day ) ); | |
555 | CHECK( x509_parse_int( p, 2, &tm->hour ) ); | |
556 | CHECK( x509_parse_int( p, 2, &tm->min ) ); | |
557 | ||
558 | /* | |
559 | * Parse seconds if present | |
560 | */ | |
561 | if ( len >= 2 ) | |
562 | { | |
563 | CHECK( x509_parse_int( p, 2, &tm->sec ) ); | |
564 | len -= 2; | |
565 | } | |
566 | else | |
567 | return ( MBEDTLS_ERR_X509_INVALID_DATE ); | |
568 | ||
569 | /* | |
570 | * Parse trailing 'Z' if present | |
571 | */ | |
572 | if ( 1 == len && 'Z' == **p ) | |
573 | { | |
574 | (*p)++; | |
575 | len--; | |
576 | } | |
577 | ||
578 | /* | |
579 | * We should have parsed all characters at this point | |
580 | */ | |
581 | if ( 0 != len ) | |
582 | return ( MBEDTLS_ERR_X509_INVALID_DATE ); | |
583 | ||
584 | CHECK( x509_date_is_valid( tm ) ); | |
585 | ||
586 | return ( 0 ); | |
587 | } | |
588 | ||
589 | /* | |
590 | * Time ::= CHOICE { | |
591 | * utcTime UTCTime, | |
592 | * generalTime GeneralizedTime } | |
593 | */ | |
594 | int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end, | |
595 | mbedtls_x509_time *tm ) | |
596 | { | |
597 | int ret; | |
598 | size_t len, year_len; | |
599 | unsigned char tag; | |
600 | ||
601 | if( ( end - *p ) < 1 ) | |
602 | return( MBEDTLS_ERR_X509_INVALID_DATE + | |
603 | MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | |
604 | ||
605 | tag = **p; | |
606 | ||
607 | if( tag == MBEDTLS_ASN1_UTC_TIME ) | |
608 | year_len = 2; | |
609 | else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME ) | |
610 | year_len = 4; | |
611 | else | |
612 | return( MBEDTLS_ERR_X509_INVALID_DATE + | |
613 | MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ); | |
614 | ||
615 | (*p)++; | |
616 | ret = mbedtls_asn1_get_len( p, end, &len ); | |
617 | ||
618 | if( ret != 0 ) | |
619 | return( MBEDTLS_ERR_X509_INVALID_DATE + ret ); | |
620 | ||
621 | return x509_parse_time( p, len, year_len, tm ); | |
622 | } | |
623 | ||
624 | int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig ) | |
625 | { | |
626 | int ret; | |
627 | size_t len; | |
628 | int tag_type; | |
629 | ||
630 | if( ( end - *p ) < 1 ) | |
631 | return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + | |
632 | MBEDTLS_ERR_ASN1_OUT_OF_DATA ); | |
633 | ||
634 | tag_type = **p; | |
635 | ||
636 | if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) | |
637 | return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); | |
638 | ||
639 | sig->tag = tag_type; | |
640 | sig->len = len; | |
641 | sig->p = *p; | |
642 | ||
643 | *p += len; | |
644 | ||
645 | return( 0 ); | |
646 | } | |
647 | ||
648 | /* | |
649 | * Get signature algorithm from alg OID and optional parameters | |
650 | */ | |
651 | int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params, | |
652 | mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg, | |
653 | void **sig_opts ) | |
654 | { | |
655 | int ret; | |
656 | ||
657 | if( *sig_opts != NULL ) | |
658 | return( MBEDTLS_ERR_X509_BAD_INPUT_DATA ); | |
659 | ||
660 | if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 ) | |
661 | return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG + ret ); | |
662 | ||
663 | #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) | |
664 | if( *pk_alg == MBEDTLS_PK_RSASSA_PSS ) | |
665 | { | |
666 | mbedtls_pk_rsassa_pss_options *pss_opts; | |
667 | ||
668 | pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) ); | |
669 | if( pss_opts == NULL ) | |
670 | return( MBEDTLS_ERR_X509_ALLOC_FAILED ); | |
671 | ||
672 | ret = mbedtls_x509_get_rsassa_pss_params( sig_params, | |
673 | md_alg, | |
674 | &pss_opts->mgf1_hash_id, | |
675 | &pss_opts->expected_salt_len ); | |
676 | if( ret != 0 ) | |
677 | { | |
678 | mbedtls_free( pss_opts ); | |
679 | return( ret ); | |
680 | } | |
681 | ||
682 | *sig_opts = (void *) pss_opts; | |
683 | } | |
684 | else | |
685 | #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ | |
686 | { | |
687 | /* Make sure parameters are absent or NULL */ | |
688 | if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) || | |
689 | sig_params->len != 0 ) | |
690 | return( MBEDTLS_ERR_X509_INVALID_ALG ); | |
691 | } | |
692 | ||
693 | return( 0 ); | |
694 | } | |
695 | ||
696 | /* | |
697 | * X.509 Extensions (No parsing of extensions, pointer should | |
698 | * be either manually updated or extensions should be parsed!) | |
699 | */ | |
700 | int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, | |
701 | mbedtls_x509_buf *ext, int tag ) | |
702 | { | |
703 | int ret; | |
704 | size_t len; | |
705 | ||
706 | if( *p == end ) | |
707 | return( 0 ); | |
708 | ||
709 | ext->tag = **p; | |
710 | ||
711 | if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len, | |
712 | MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag ) ) != 0 ) | |
713 | return( ret ); | |
714 | ||
715 | ext->p = *p; | |
716 | end = *p + ext->len; | |
717 | ||
718 | /* | |
719 | * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension | |
720 | * | |
721 | * Extension ::= SEQUENCE { | |
722 | * extnID OBJECT IDENTIFIER, | |
723 | * critical BOOLEAN DEFAULT FALSE, | |
724 | * extnValue OCTET STRING } | |
725 | */ | |
726 | if( ( ret = mbedtls_asn1_get_tag( p, end, &len, | |
727 | MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 ) | |
728 | return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret ); | |
729 | ||
730 | if( end != *p + len ) | |
731 | return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + | |
732 | MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ); | |
733 | ||
734 | return( 0 ); | |
735 | } | |
736 | ||
737 | /* | |
738 | * Store the name in printable form into buf; no more | |
739 | * than size characters will be written | |
740 | */ | |
741 | int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn ) | |
742 | { | |
743 | int ret; | |
744 | size_t i, n; | |
745 | unsigned char c, merge = 0; | |
746 | const mbedtls_x509_name *name; | |
747 | const char *short_name = NULL; | |
748 | char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p; | |
749 | ||
750 | memset( s, 0, sizeof( s ) ); | |
751 | ||
752 | name = dn; | |
753 | p = buf; | |
754 | n = size; | |
755 | ||
756 | while( name != NULL ) | |
757 | { | |
758 | if( !name->oid.p ) | |
759 | { | |
760 | name = name->next; | |
761 | continue; | |
762 | } | |
763 | ||
764 | if( name != dn ) | |
765 | { | |
766 | ret = mbedtls_snprintf( p, n, merge ? " + " : ", " ); | |
767 | MBEDTLS_X509_SAFE_SNPRINTF; | |
768 | } | |
769 | ||
770 | ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name ); | |
771 | ||
772 | if( ret == 0 ) | |
773 | ret = mbedtls_snprintf( p, n, "%s=", short_name ); | |
774 | else | |
775 | ret = mbedtls_snprintf( p, n, "\?\?=" ); | |
776 | MBEDTLS_X509_SAFE_SNPRINTF; | |
777 | ||
778 | for( i = 0; i < name->val.len; i++ ) | |
779 | { | |
780 | if( i >= sizeof( s ) - 1 ) | |
781 | break; | |
782 | ||
783 | c = name->val.p[i]; | |
784 | if( c < 32 || c == 127 || ( c > 128 && c < 160 ) ) | |
785 | s[i] = '?'; | |
786 | else s[i] = c; | |
787 | } | |
788 | s[i] = '\0'; | |
789 | ret = mbedtls_snprintf( p, n, "%s", s ); | |
790 | MBEDTLS_X509_SAFE_SNPRINTF; | |
791 | ||
792 | merge = name->next_merged; | |
793 | name = name->next; | |
794 | } | |
795 | ||
796 | return( (int) ( size - n ) ); | |
797 | } | |
798 | ||
799 | /* | |
800 | * Store the serial in printable form into buf; no more | |
801 | * than size characters will be written | |
802 | */ | |
803 | int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial ) | |
804 | { | |
805 | int ret; | |
806 | size_t i, n, nr; | |
807 | char *p; | |
808 | ||
809 | p = buf; | |
810 | n = size; | |
811 | ||
812 | nr = ( serial->len <= 32 ) | |
813 | ? serial->len : 28; | |
814 | ||
815 | for( i = 0; i < nr; i++ ) | |
816 | { | |
817 | if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) | |
818 | continue; | |
819 | ||
820 | ret = mbedtls_snprintf( p, n, "%02X%s", | |
821 | serial->p[i], ( i < nr - 1 ) ? ":" : "" ); | |
822 | MBEDTLS_X509_SAFE_SNPRINTF; | |
823 | } | |
824 | ||
825 | if( nr != serial->len ) | |
826 | { | |
827 | ret = mbedtls_snprintf( p, n, "...." ); | |
828 | MBEDTLS_X509_SAFE_SNPRINTF; | |
829 | } | |
830 | ||
831 | return( (int) ( size - n ) ); | |
832 | } | |
833 | ||
834 | /* | |
835 | * Helper for writing signature algorithms | |
836 | */ | |
837 | int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, | |
838 | mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, | |
839 | const void *sig_opts ) | |
840 | { | |
841 | int ret; | |
842 | char *p = buf; | |
843 | size_t n = size; | |
844 | const char *desc = NULL; | |
845 | ||
846 | ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); | |
847 | if( ret != 0 ) | |
848 | ret = mbedtls_snprintf( p, n, "???" ); | |
849 | else | |
850 | ret = mbedtls_snprintf( p, n, "%s", desc ); | |
851 | MBEDTLS_X509_SAFE_SNPRINTF; | |
852 | ||
853 | #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) | |
854 | if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) | |
855 | { | |
856 | const mbedtls_pk_rsassa_pss_options *pss_opts; | |
857 | const mbedtls_md_info_t *md_info, *mgf_md_info; | |
858 | ||
859 | pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts; | |
860 | ||
861 | md_info = mbedtls_md_info_from_type( md_alg ); | |
862 | mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id ); | |
863 | ||
864 | ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)", | |
865 | md_info ? mbedtls_md_get_name( md_info ) : "???", | |
866 | mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???", | |
867 | pss_opts->expected_salt_len ); | |
868 | MBEDTLS_X509_SAFE_SNPRINTF; | |
869 | } | |
870 | #else | |
871 | ((void) pk_alg); | |
872 | ((void) md_alg); | |
873 | ((void) sig_opts); | |
874 | #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ | |
875 | ||
876 | return( (int)( size - n ) ); | |
877 | } | |
878 | ||
879 | /* | |
880 | * Helper for writing "RSA key size", "EC key size", etc | |
881 | */ | |
882 | int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name ) | |
883 | { | |
884 | char *p = buf; | |
885 | size_t n = buf_size; | |
886 | int ret; | |
887 | ||
888 | ret = mbedtls_snprintf( p, n, "%s key size", name ); | |
889 | MBEDTLS_X509_SAFE_SNPRINTF; | |
890 | ||
891 | return( 0 ); | |
892 | } | |
893 | ||
894 | #if defined(MBEDTLS_HAVE_TIME_DATE) | |
895 | /* | |
896 | * Set the time structure to the current time. | |
897 | * Return 0 on success, non-zero on failure. | |
898 | */ | |
899 | static int x509_get_current_time( mbedtls_x509_time *now ) | |
900 | { | |
901 | struct tm *lt, tm_buf; | |
902 | mbedtls_time_t tt; | |
903 | int ret = 0; | |
904 | ||
905 | tt = mbedtls_time( NULL ); | |
906 | #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) | |
907 | lt = gmtime_s( &tm_buf, &tt ) == 0 ? &tm_buf : NULL; | |
908 | #else | |
909 | lt = gmtime_r( &tt, &tm_buf ); | |
910 | #endif | |
911 | ||
912 | if( lt == NULL ) | |
913 | ret = -1; | |
914 | else | |
915 | { | |
916 | now->year = lt->tm_year + 1900; | |
917 | now->mon = lt->tm_mon + 1; | |
918 | now->day = lt->tm_mday; | |
919 | now->hour = lt->tm_hour; | |
920 | now->min = lt->tm_min; | |
921 | now->sec = lt->tm_sec; | |
922 | } | |
923 | ||
924 | return( ret ); | |
925 | } | |
926 | ||
927 | /* | |
928 | * Return 0 if before <= after, 1 otherwise | |
929 | */ | |
930 | static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after ) | |
931 | { | |
932 | if( before->year > after->year ) | |
933 | return( 1 ); | |
934 | ||
935 | if( before->year == after->year && | |
936 | before->mon > after->mon ) | |
937 | return( 1 ); | |
938 | ||
939 | if( before->year == after->year && | |
940 | before->mon == after->mon && | |
941 | before->day > after->day ) | |
942 | return( 1 ); | |
943 | ||
944 | if( before->year == after->year && | |
945 | before->mon == after->mon && | |
946 | before->day == after->day && | |
947 | before->hour > after->hour ) | |
948 | return( 1 ); | |
949 | ||
950 | if( before->year == after->year && | |
951 | before->mon == after->mon && | |
952 | before->day == after->day && | |
953 | before->hour == after->hour && | |
954 | before->min > after->min ) | |
955 | return( 1 ); | |
956 | ||
957 | if( before->year == after->year && | |
958 | before->mon == after->mon && | |
959 | before->day == after->day && | |
960 | before->hour == after->hour && | |
961 | before->min == after->min && | |
962 | before->sec > after->sec ) | |
963 | return( 1 ); | |
964 | ||
965 | return( 0 ); | |
966 | } | |
967 | ||
968 | int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) | |
969 | { | |
970 | mbedtls_x509_time now; | |
971 | ||
972 | if( x509_get_current_time( &now ) != 0 ) | |
973 | return( 1 ); | |
974 | ||
975 | return( x509_check_time( &now, to ) ); | |
976 | } | |
977 | ||
978 | int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) | |
979 | { | |
980 | mbedtls_x509_time now; | |
981 | ||
982 | if( x509_get_current_time( &now ) != 0 ) | |
983 | return( 1 ); | |
984 | ||
985 | return( x509_check_time( from, &now ) ); | |
986 | } | |
987 | ||
988 | #else /* MBEDTLS_HAVE_TIME_DATE */ | |
989 | ||
990 | int mbedtls_x509_time_is_past( const mbedtls_x509_time *to ) | |
991 | { | |
992 | ((void) to); | |
993 | return( 0 ); | |
994 | } | |
995 | ||
996 | int mbedtls_x509_time_is_future( const mbedtls_x509_time *from ) | |
997 | { | |
998 | ((void) from); | |
999 | return( 0 ); | |
1000 | } | |
1001 | #endif /* MBEDTLS_HAVE_TIME_DATE */ | |
1002 | ||
1003 | #if defined(MBEDTLS_SELF_TEST) | |
1004 | ||
1005 | #include "mbedtls/x509_crt.h" | |
1006 | #include "mbedtls/certs.h" | |
1007 | ||
1008 | /* | |
1009 | * Checkup routine | |
1010 | */ | |
1011 | int mbedtls_x509_self_test( int verbose ) | |
1012 | { | |
1013 | #if defined(MBEDTLS_CERTS_C) && defined(MBEDTLS_SHA256_C) | |
1014 | int ret; | |
1015 | uint32_t flags; | |
1016 | mbedtls_x509_crt cacert; | |
1017 | mbedtls_x509_crt clicert; | |
1018 | ||
1019 | if( verbose != 0 ) | |
1020 | mbedtls_printf( " X.509 certificate load: " ); | |
1021 | ||
1022 | mbedtls_x509_crt_init( &clicert ); | |
1023 | ||
1024 | ret = mbedtls_x509_crt_parse( &clicert, (const unsigned char *) mbedtls_test_cli_crt, | |
1025 | mbedtls_test_cli_crt_len ); | |
1026 | if( ret != 0 ) | |
1027 | { | |
1028 | if( verbose != 0 ) | |
1029 | mbedtls_printf( "failed\n" ); | |
1030 | ||
1031 | return( ret ); | |
1032 | } | |
1033 | ||
1034 | mbedtls_x509_crt_init( &cacert ); | |
1035 | ||
1036 | ret = mbedtls_x509_crt_parse( &cacert, (const unsigned char *) mbedtls_test_ca_crt, | |
1037 | mbedtls_test_ca_crt_len ); | |
1038 | if( ret != 0 ) | |
1039 | { | |
1040 | if( verbose != 0 ) | |
1041 | mbedtls_printf( "failed\n" ); | |
1042 | ||
1043 | return( ret ); | |
1044 | } | |
1045 | ||
1046 | if( verbose != 0 ) | |
1047 | mbedtls_printf( "passed\n X.509 signature verify: "); | |
1048 | ||
1049 | ret = mbedtls_x509_crt_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL ); | |
1050 | if( ret != 0 ) | |
1051 | { | |
1052 | if( verbose != 0 ) | |
1053 | mbedtls_printf( "failed\n" ); | |
1054 | ||
1055 | return( ret ); | |
1056 | } | |
1057 | ||
1058 | if( verbose != 0 ) | |
1059 | mbedtls_printf( "passed\n\n"); | |
1060 | ||
1061 | mbedtls_x509_crt_free( &cacert ); | |
1062 | mbedtls_x509_crt_free( &clicert ); | |
1063 | ||
1064 | return( 0 ); | |
1065 | #else | |
1066 | ((void) verbose); | |
1067 | return( 0 ); | |
1068 | #endif /* MBEDTLS_CERTS_C && MBEDTLS_SHA1_C */ | |
1069 | } | |
1070 | ||
1071 | #endif /* MBEDTLS_SELF_TEST */ | |
1072 | ||
1073 | #endif /* MBEDTLS_X509_USE_C */ |