sl@0: /* crypto/x509/x509_vfy.c */ sl@0: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) sl@0: * All rights reserved. sl@0: * sl@0: * This package is an SSL implementation written sl@0: * by Eric Young (eay@cryptsoft.com). sl@0: * The implementation was written so as to conform with Netscapes SSL. sl@0: * sl@0: * This library is free for commercial and non-commercial use as long as sl@0: * the following conditions are aheared to. The following conditions sl@0: * apply to all code found in this distribution, be it the RC4, RSA, sl@0: * lhash, DES, etc., code; not just the SSL code. The SSL documentation sl@0: * included with this distribution is covered by the same copyright terms sl@0: * except that the holder is Tim Hudson (tjh@cryptsoft.com). sl@0: * sl@0: * Copyright remains Eric Young's, and as such any Copyright notices in sl@0: * the code are not to be removed. sl@0: * If this package is used in a product, Eric Young should be given attribution sl@0: * as the author of the parts of the library used. sl@0: * This can be in the form of a textual message at program startup or sl@0: * in documentation (online or textual) provided with the package. sl@0: * sl@0: * Redistribution and use in source and binary forms, with or without sl@0: * modification, are permitted provided that the following conditions sl@0: * are met: sl@0: * 1. Redistributions of source code must retain the copyright sl@0: * notice, this list of conditions and the following disclaimer. sl@0: * 2. Redistributions in binary form must reproduce the above copyright sl@0: * notice, this list of conditions and the following disclaimer in the sl@0: * documentation and/or other materials provided with the distribution. sl@0: * 3. All advertising materials mentioning features or use of this software sl@0: * must display the following acknowledgement: sl@0: * "This product includes cryptographic software written by sl@0: * Eric Young (eay@cryptsoft.com)" sl@0: * The word 'cryptographic' can be left out if the rouines from the library sl@0: * being used are not cryptographic related :-). sl@0: * 4. If you include any Windows specific code (or a derivative thereof) from sl@0: * the apps directory (application code) you must include an acknowledgement: sl@0: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" sl@0: * sl@0: * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND sl@0: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE sl@0: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE sl@0: * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE sl@0: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL sl@0: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS sl@0: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) sl@0: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT sl@0: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY sl@0: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF sl@0: * SUCH DAMAGE. sl@0: * sl@0: * The licence and distribution terms for any publically available version or sl@0: * derivative of this code cannot be changed. i.e. this code cannot simply be sl@0: * copied and put under another distribution licence sl@0: * [including the GNU Public Licence.] sl@0: */ sl@0: sl@0: #include sl@0: #include sl@0: #include sl@0: sl@0: #include "cryptlib.h" sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: #include sl@0: sl@0: static int null_callback(int ok,X509_STORE_CTX *e); sl@0: static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); sl@0: static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x); sl@0: static int check_chain_extensions(X509_STORE_CTX *ctx); sl@0: static int check_trust(X509_STORE_CTX *ctx); sl@0: static int check_revocation(X509_STORE_CTX *ctx); sl@0: static int check_cert(X509_STORE_CTX *ctx); sl@0: static int check_policy(X509_STORE_CTX *ctx); sl@0: static int internal_verify(X509_STORE_CTX *ctx); sl@0: const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT; sl@0: sl@0: sl@0: static int null_callback(int ok, X509_STORE_CTX *e) sl@0: { sl@0: return ok; sl@0: } sl@0: sl@0: #if 0 sl@0: static int x509_subject_cmp(X509 **a, X509 **b) sl@0: { sl@0: return X509_subject_name_cmp(*a,*b); sl@0: } sl@0: #endif sl@0: sl@0: EXPORT_C int X509_verify_cert(X509_STORE_CTX *ctx) sl@0: { sl@0: X509 *x,*xtmp,*chain_ss=NULL; sl@0: X509_NAME *xn; sl@0: int bad_chain = 0; sl@0: X509_VERIFY_PARAM *param = ctx->param; sl@0: int depth,i,ok=0; sl@0: int num; sl@0: int (*cb)(int xok,X509_STORE_CTX *xctx); sl@0: STACK_OF(X509) *sktmp=NULL; sl@0: if (ctx->cert == NULL) sl@0: { sl@0: X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); sl@0: return -1; sl@0: } sl@0: sl@0: cb=ctx->verify_cb; sl@0: sl@0: /* first we make sure the chain we are going to build is sl@0: * present and that the first entry is in place */ sl@0: if (ctx->chain == NULL) sl@0: { sl@0: if ( ((ctx->chain=sk_X509_new_null()) == NULL) || sl@0: (!sk_X509_push(ctx->chain,ctx->cert))) sl@0: { sl@0: X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); sl@0: goto end; sl@0: } sl@0: CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509); sl@0: ctx->last_untrusted=1; sl@0: } sl@0: sl@0: /* We use a temporary STACK so we can chop and hack at it */ sl@0: if (ctx->untrusted != NULL sl@0: && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) sl@0: { sl@0: X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); sl@0: goto end; sl@0: } sl@0: sl@0: num=sk_X509_num(ctx->chain); sl@0: x=sk_X509_value(ctx->chain,num-1); sl@0: depth=param->depth; sl@0: sl@0: sl@0: for (;;) sl@0: { sl@0: /* If we have enough, we break */ sl@0: if (depth < num) break; /* FIXME: If this happens, we should take sl@0: * note of it and, if appropriate, use the sl@0: * X509_V_ERR_CERT_CHAIN_TOO_LONG error sl@0: * code later. sl@0: */ sl@0: sl@0: /* If we are self signed, we break */ sl@0: xn=X509_get_issuer_name(x); sl@0: if (ctx->check_issued(ctx, x,x)) break; sl@0: sl@0: /* If we were passed a cert chain, use it first */ sl@0: if (ctx->untrusted != NULL) sl@0: { sl@0: xtmp=find_issuer(ctx, sktmp,x); sl@0: if (xtmp != NULL) sl@0: { sl@0: if (!sk_X509_push(ctx->chain,xtmp)) sl@0: { sl@0: X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); sl@0: goto end; sl@0: } sl@0: CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); sl@0: (void)sk_X509_delete_ptr(sktmp,xtmp); sl@0: ctx->last_untrusted++; sl@0: x=xtmp; sl@0: num++; sl@0: /* reparse the full chain for sl@0: * the next one */ sl@0: continue; sl@0: } sl@0: } sl@0: break; sl@0: } sl@0: sl@0: /* at this point, chain should contain a list of untrusted sl@0: * certificates. We now need to add at least one trusted one, sl@0: * if possible, otherwise we complain. */ sl@0: sl@0: /* Examine last certificate in chain and see if it sl@0: * is self signed. sl@0: */ sl@0: sl@0: i=sk_X509_num(ctx->chain); sl@0: x=sk_X509_value(ctx->chain,i-1); sl@0: xn = X509_get_subject_name(x); sl@0: if (ctx->check_issued(ctx, x, x)) sl@0: { sl@0: /* we have a self signed certificate */ sl@0: if (sk_X509_num(ctx->chain) == 1) sl@0: { sl@0: /* We have a single self signed certificate: see if sl@0: * we can find it in the store. We must have an exact sl@0: * match to avoid possible impersonation. sl@0: */ sl@0: ok = ctx->get_issuer(&xtmp, ctx, x); sl@0: if ((ok <= 0) || X509_cmp(x, xtmp)) sl@0: { sl@0: ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; sl@0: ctx->current_cert=x; sl@0: ctx->error_depth=i-1; sl@0: if (ok == 1) X509_free(xtmp); sl@0: bad_chain = 1; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: else sl@0: { sl@0: /* We have a match: replace certificate with store version sl@0: * so we get any trust settings. sl@0: */ sl@0: X509_free(x); sl@0: x = xtmp; sl@0: (void)sk_X509_set(ctx->chain, i - 1, x); sl@0: ctx->last_untrusted=0; sl@0: } sl@0: } sl@0: else sl@0: { sl@0: /* extract and save self signed certificate for later use */ sl@0: chain_ss=sk_X509_pop(ctx->chain); sl@0: ctx->last_untrusted--; sl@0: num--; sl@0: x=sk_X509_value(ctx->chain,num-1); sl@0: } sl@0: } sl@0: sl@0: /* We now lookup certs from the certificate store */ sl@0: for (;;) sl@0: { sl@0: /* If we have enough, we break */ sl@0: if (depth < num) break; sl@0: sl@0: /* If we are self signed, we break */ sl@0: xn=X509_get_issuer_name(x); sl@0: if (ctx->check_issued(ctx,x,x)) break; sl@0: sl@0: ok = ctx->get_issuer(&xtmp, ctx, x); sl@0: sl@0: if (ok < 0) return ok; sl@0: if (ok == 0) break; sl@0: sl@0: x = xtmp; sl@0: if (!sk_X509_push(ctx->chain,x)) sl@0: { sl@0: X509_free(xtmp); sl@0: X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); sl@0: return 0; sl@0: } sl@0: num++; sl@0: } sl@0: sl@0: /* we now have our chain, lets check it... */ sl@0: xn=X509_get_issuer_name(x); sl@0: sl@0: /* Is last certificate looked up self signed? */ sl@0: if (!ctx->check_issued(ctx,x,x)) sl@0: { sl@0: if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss)) sl@0: { sl@0: if (ctx->last_untrusted >= num) sl@0: ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; sl@0: else sl@0: ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; sl@0: ctx->current_cert=x; sl@0: } sl@0: else sl@0: { sl@0: sl@0: sk_X509_push(ctx->chain,chain_ss); sl@0: num++; sl@0: ctx->last_untrusted=num; sl@0: ctx->current_cert=chain_ss; sl@0: ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; sl@0: chain_ss=NULL; sl@0: } sl@0: sl@0: ctx->error_depth=num-1; sl@0: bad_chain = 1; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: sl@0: /* We have the chain complete: now we need to check its purpose */ sl@0: ok = check_chain_extensions(ctx); sl@0: sl@0: if (!ok) goto end; sl@0: sl@0: /* The chain extensions are OK: check trust */ sl@0: sl@0: if (param->trust > 0) ok = check_trust(ctx); sl@0: sl@0: if (!ok) goto end; sl@0: sl@0: /* We may as well copy down any DSA parameters that are required */ sl@0: X509_get_pubkey_parameters(NULL,ctx->chain); sl@0: sl@0: /* Check revocation status: we do this after copying parameters sl@0: * because they may be needed for CRL signature verification. sl@0: */ sl@0: sl@0: ok = ctx->check_revocation(ctx); sl@0: if(!ok) goto end; sl@0: sl@0: /* At this point, we have a chain and need to verify it */ sl@0: if (ctx->verify != NULL) sl@0: ok=ctx->verify(ctx); sl@0: else sl@0: ok=internal_verify(ctx); sl@0: if(!ok) goto end; sl@0: sl@0: sl@0: /* If we get this far evaluate policies */ sl@0: if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK)) sl@0: ok = ctx->check_policy(ctx); sl@0: if(!ok) goto end; sl@0: if (0) sl@0: { sl@0: end: sl@0: X509_get_pubkey_parameters(NULL,ctx->chain); sl@0: } sl@0: if (sktmp != NULL) sk_X509_free(sktmp); sl@0: if (chain_ss != NULL) X509_free(chain_ss); sl@0: return ok; sl@0: } sl@0: sl@0: sl@0: /* Given a STACK_OF(X509) find the issuer of cert (if any) sl@0: */ sl@0: sl@0: static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x) sl@0: { sl@0: int i; sl@0: X509 *issuer; sl@0: for (i = 0; i < sk_X509_num(sk); i++) sl@0: { sl@0: issuer = sk_X509_value(sk, i); sl@0: if (ctx->check_issued(ctx, x, issuer)) sl@0: return issuer; sl@0: } sl@0: return NULL; sl@0: } sl@0: sl@0: /* Given a possible certificate and issuer check them */ sl@0: sl@0: static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) sl@0: { sl@0: int ret; sl@0: ret = X509_check_issued(issuer, x); sl@0: if (ret == X509_V_OK) sl@0: return 1; sl@0: /* If we haven't asked for issuer errors don't set ctx */ sl@0: if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK)) sl@0: return 0; sl@0: sl@0: ctx->error = ret; sl@0: ctx->current_cert = x; sl@0: ctx->current_issuer = issuer; sl@0: return ctx->verify_cb(0, ctx); sl@0: return 0; sl@0: } sl@0: sl@0: /* Alternative lookup method: look from a STACK stored in other_ctx */ sl@0: sl@0: static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x) sl@0: { sl@0: *issuer = find_issuer(ctx, ctx->other_ctx, x); sl@0: if (*issuer) sl@0: { sl@0: CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509); sl@0: return 1; sl@0: } sl@0: else sl@0: return 0; sl@0: } sl@0: sl@0: sl@0: /* Check a certificate chains extensions for consistency sl@0: * with the supplied purpose sl@0: */ sl@0: sl@0: static int check_chain_extensions(X509_STORE_CTX *ctx) sl@0: { sl@0: #ifdef OPENSSL_NO_CHAIN_VERIFY sl@0: return 1; sl@0: #else sl@0: int i, ok=0, must_be_ca; sl@0: X509 *x; sl@0: int (*cb)(int xok,X509_STORE_CTX *xctx); sl@0: int proxy_path_length = 0; sl@0: int allow_proxy_certs = sl@0: !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS); sl@0: cb=ctx->verify_cb; sl@0: sl@0: /* must_be_ca can have 1 of 3 values: sl@0: -1: we accept both CA and non-CA certificates, to allow direct sl@0: use of self-signed certificates (which are marked as CA). sl@0: 0: we only accept non-CA certificates. This is currently not sl@0: used, but the possibility is present for future extensions. sl@0: 1: we only accept CA certificates. This is currently used for sl@0: all certificates in the chain except the leaf certificate. sl@0: */ sl@0: must_be_ca = -1; sl@0: sl@0: /* A hack to keep people who don't want to modify their software sl@0: happy */ sl@0: if (getenv("OPENSSL_ALLOW_PROXY_CERTS")) sl@0: allow_proxy_certs = 1; sl@0: sl@0: /* Check all untrusted certificates */ sl@0: for (i = 0; i < ctx->last_untrusted; i++) sl@0: { sl@0: int ret; sl@0: x = sk_X509_value(ctx->chain, i); sl@0: if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) sl@0: && (x->ex_flags & EXFLAG_CRITICAL)) sl@0: { sl@0: ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; sl@0: ctx->error_depth = i; sl@0: ctx->current_cert = x; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY)) sl@0: { sl@0: ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED; sl@0: ctx->error_depth = i; sl@0: ctx->current_cert = x; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: ret = X509_check_ca(x); sl@0: switch(must_be_ca) sl@0: { sl@0: case -1: sl@0: if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) sl@0: && (ret != 1) && (ret != 0)) sl@0: { sl@0: ret = 0; sl@0: ctx->error = X509_V_ERR_INVALID_CA; sl@0: } sl@0: else sl@0: ret = 1; sl@0: break; sl@0: case 0: sl@0: if (ret != 0) sl@0: { sl@0: ret = 0; sl@0: ctx->error = X509_V_ERR_INVALID_NON_CA; sl@0: } sl@0: else sl@0: ret = 1; sl@0: break; sl@0: default: sl@0: if ((ret == 0) sl@0: || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) sl@0: && (ret != 1))) sl@0: { sl@0: ret = 0; sl@0: ctx->error = X509_V_ERR_INVALID_CA; sl@0: } sl@0: else sl@0: ret = 1; sl@0: break; sl@0: } sl@0: if (ret == 0) sl@0: { sl@0: ctx->error_depth = i; sl@0: ctx->current_cert = x; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: if (ctx->param->purpose > 0) sl@0: { sl@0: ret = X509_check_purpose(x, ctx->param->purpose, sl@0: must_be_ca > 0); sl@0: if ((ret == 0) sl@0: || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) sl@0: && (ret != 1))) sl@0: { sl@0: ctx->error = X509_V_ERR_INVALID_PURPOSE; sl@0: ctx->error_depth = i; sl@0: ctx->current_cert = x; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: } sl@0: /* Check pathlen */ sl@0: if ((i > 1) && (x->ex_pathlen != -1) sl@0: && (i > (x->ex_pathlen + proxy_path_length + 1))) sl@0: { sl@0: ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED; sl@0: ctx->error_depth = i; sl@0: ctx->current_cert = x; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: /* If this certificate is a proxy certificate, the next sl@0: certificate must be another proxy certificate or a EE sl@0: certificate. If not, the next certificate must be a sl@0: CA certificate. */ sl@0: if (x->ex_flags & EXFLAG_PROXY) sl@0: { sl@0: if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) sl@0: { sl@0: ctx->error = sl@0: X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; sl@0: ctx->error_depth = i; sl@0: ctx->current_cert = x; sl@0: ok=cb(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: proxy_path_length++; sl@0: must_be_ca = 0; sl@0: } sl@0: else sl@0: must_be_ca = 1; sl@0: } sl@0: ok = 1; sl@0: end: sl@0: return ok; sl@0: #endif sl@0: } sl@0: sl@0: static int check_trust(X509_STORE_CTX *ctx) sl@0: { sl@0: #ifdef OPENSSL_NO_CHAIN_VERIFY sl@0: return 1; sl@0: #else sl@0: int i, ok; sl@0: X509 *x; sl@0: int (*cb)(int xok,X509_STORE_CTX *xctx); sl@0: cb=ctx->verify_cb; sl@0: /* For now just check the last certificate in the chain */ sl@0: i = sk_X509_num(ctx->chain) - 1; sl@0: x = sk_X509_value(ctx->chain, i); sl@0: ok = X509_check_trust(x, ctx->param->trust, 0); sl@0: if (ok == X509_TRUST_TRUSTED) sl@0: return 1; sl@0: ctx->error_depth = i; sl@0: ctx->current_cert = x; sl@0: if (ok == X509_TRUST_REJECTED) sl@0: ctx->error = X509_V_ERR_CERT_REJECTED; sl@0: else sl@0: ctx->error = X509_V_ERR_CERT_UNTRUSTED; sl@0: ok = cb(0, ctx); sl@0: return ok; sl@0: #endif sl@0: } sl@0: sl@0: static int check_revocation(X509_STORE_CTX *ctx) sl@0: { sl@0: int i, last, ok; sl@0: if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) sl@0: return 1; sl@0: if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) sl@0: last = sk_X509_num(ctx->chain) - 1; sl@0: else sl@0: last = 0; sl@0: for(i = 0; i <= last; i++) sl@0: { sl@0: ctx->error_depth = i; sl@0: ok = check_cert(ctx); sl@0: if (!ok) return ok; sl@0: } sl@0: return 1; sl@0: } sl@0: sl@0: static int check_cert(X509_STORE_CTX *ctx) sl@0: { sl@0: X509_CRL *crl = NULL; sl@0: X509 *x; sl@0: int ok, cnum; sl@0: cnum = ctx->error_depth; sl@0: x = sk_X509_value(ctx->chain, cnum); sl@0: ctx->current_cert = x; sl@0: /* Try to retrieve relevant CRL */ sl@0: ok = ctx->get_crl(ctx, &crl, x); sl@0: /* If error looking up CRL, nothing we can do except sl@0: * notify callback sl@0: */ sl@0: if(!ok) sl@0: { sl@0: ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; sl@0: ok = ctx->verify_cb(0, ctx); sl@0: goto err; sl@0: } sl@0: ctx->current_crl = crl; sl@0: ok = ctx->check_crl(ctx, crl); sl@0: if (!ok) goto err; sl@0: ok = ctx->cert_crl(ctx, crl, x); sl@0: err: sl@0: ctx->current_crl = NULL; sl@0: X509_CRL_free(crl); sl@0: return ok; sl@0: sl@0: } sl@0: sl@0: /* Check CRL times against values in X509_STORE_CTX */ sl@0: sl@0: static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify) sl@0: { sl@0: time_t *ptime; sl@0: int i; sl@0: ctx->current_crl = crl; sl@0: if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) sl@0: ptime = &ctx->param->check_time; sl@0: else sl@0: ptime = NULL; sl@0: sl@0: i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime); sl@0: if (i == 0) sl@0: { sl@0: ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD; sl@0: if (!notify || !ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: if (i > 0) sl@0: { sl@0: ctx->error=X509_V_ERR_CRL_NOT_YET_VALID; sl@0: if (!notify || !ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: if(X509_CRL_get_nextUpdate(crl)) sl@0: { sl@0: i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime); sl@0: sl@0: if (i == 0) sl@0: { sl@0: ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD; sl@0: if (!notify || !ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: if (i < 0) sl@0: { sl@0: ctx->error=X509_V_ERR_CRL_HAS_EXPIRED; sl@0: if (!notify || !ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: } sl@0: sl@0: ctx->current_crl = NULL; sl@0: sl@0: return 1; sl@0: } sl@0: sl@0: /* Lookup CRLs from the supplied list. Look for matching isser name sl@0: * and validity. If we can't find a valid CRL return the last one sl@0: * with matching name. This gives more meaningful error codes. Otherwise sl@0: * we'd get a CRL not found error if a CRL existed with matching name but sl@0: * was invalid. sl@0: */ sl@0: sl@0: static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, sl@0: X509_NAME *nm, STACK_OF(X509_CRL) *crls) sl@0: { sl@0: int i; sl@0: X509_CRL *crl, *best_crl = NULL; sl@0: for (i = 0; i < sk_X509_CRL_num(crls); i++) sl@0: { sl@0: crl = sk_X509_CRL_value(crls, i); sl@0: if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) sl@0: continue; sl@0: if (check_crl_time(ctx, crl, 0)) sl@0: { sl@0: *pcrl = crl; sl@0: CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509); sl@0: return 1; sl@0: } sl@0: best_crl = crl; sl@0: } sl@0: if (best_crl) sl@0: { sl@0: *pcrl = best_crl; sl@0: CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509); sl@0: } sl@0: sl@0: return 0; sl@0: } sl@0: sl@0: /* Retrieve CRL corresponding to certificate: currently just a sl@0: * subject lookup: maybe use AKID later... sl@0: */ sl@0: static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) sl@0: { sl@0: int ok; sl@0: X509_CRL *crl = NULL; sl@0: X509_OBJECT xobj; sl@0: X509_NAME *nm; sl@0: nm = X509_get_issuer_name(x); sl@0: ok = get_crl_sk(ctx, &crl, nm, ctx->crls); sl@0: if (ok) sl@0: { sl@0: *pcrl = crl; sl@0: return 1; sl@0: } sl@0: sl@0: ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj); sl@0: sl@0: if (!ok) sl@0: { sl@0: /* If we got a near match from get_crl_sk use that */ sl@0: if (crl) sl@0: { sl@0: *pcrl = crl; sl@0: return 1; sl@0: } sl@0: return 0; sl@0: } sl@0: sl@0: *pcrl = xobj.data.crl; sl@0: if (crl) sl@0: X509_CRL_free(crl); sl@0: return 1; sl@0: } sl@0: sl@0: /* Check CRL validity */ sl@0: static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl) sl@0: { sl@0: X509 *issuer = NULL; sl@0: EVP_PKEY *ikey = NULL; sl@0: int ok = 0, chnum, cnum; sl@0: cnum = ctx->error_depth; sl@0: chnum = sk_X509_num(ctx->chain) - 1; sl@0: /* Find CRL issuer: if not last certificate then issuer sl@0: * is next certificate in chain. sl@0: */ sl@0: if(cnum < chnum) sl@0: issuer = sk_X509_value(ctx->chain, cnum + 1); sl@0: else sl@0: { sl@0: issuer = sk_X509_value(ctx->chain, chnum); sl@0: /* If not self signed, can't check signature */ sl@0: if(!ctx->check_issued(ctx, issuer, issuer)) sl@0: { sl@0: ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER; sl@0: ok = ctx->verify_cb(0, ctx); sl@0: if(!ok) goto err; sl@0: } sl@0: } sl@0: sl@0: if(issuer) sl@0: { sl@0: /* Check for cRLSign bit if keyUsage present */ sl@0: if ((issuer->ex_flags & EXFLAG_KUSAGE) && sl@0: !(issuer->ex_kusage & KU_CRL_SIGN)) sl@0: { sl@0: ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN; sl@0: ok = ctx->verify_cb(0, ctx); sl@0: if(!ok) goto err; sl@0: } sl@0: sl@0: /* Attempt to get issuer certificate public key */ sl@0: ikey = X509_get_pubkey(issuer); sl@0: sl@0: if(!ikey) sl@0: { sl@0: ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; sl@0: ok = ctx->verify_cb(0, ctx); sl@0: if (!ok) goto err; sl@0: } sl@0: else sl@0: { sl@0: /* Verify CRL signature */ sl@0: if(X509_CRL_verify(crl, ikey) <= 0) sl@0: { sl@0: ctx->error=X509_V_ERR_CRL_SIGNATURE_FAILURE; sl@0: ok = ctx->verify_cb(0, ctx); sl@0: if (!ok) goto err; sl@0: } sl@0: } sl@0: } sl@0: sl@0: ok = check_crl_time(ctx, crl, 1); sl@0: if (!ok) sl@0: goto err; sl@0: sl@0: ok = 1; sl@0: sl@0: err: sl@0: EVP_PKEY_free(ikey); sl@0: return ok; sl@0: } sl@0: sl@0: /* Check certificate against CRL */ sl@0: static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x) sl@0: { sl@0: int idx, ok; sl@0: X509_REVOKED rtmp; sl@0: STACK_OF(X509_EXTENSION) *exts; sl@0: X509_EXTENSION *ext; sl@0: /* Look for serial number of certificate in CRL */ sl@0: rtmp.serialNumber = X509_get_serialNumber(x); sl@0: /* Sort revoked into serial number order if not already sorted. sl@0: * Do this under a lock to avoid race condition. sl@0: */ sl@0: if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) sl@0: { sl@0: CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); sl@0: sk_X509_REVOKED_sort(crl->crl->revoked); sl@0: CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); sl@0: } sl@0: idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp); sl@0: /* If found assume revoked: want something cleverer than sl@0: * this to handle entry extensions in V2 CRLs. sl@0: */ sl@0: if(idx >= 0) sl@0: { sl@0: ctx->error = X509_V_ERR_CERT_REVOKED; sl@0: ok = ctx->verify_cb(0, ctx); sl@0: if (!ok) return 0; sl@0: } sl@0: sl@0: if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) sl@0: return 1; sl@0: sl@0: /* See if we have any critical CRL extensions: since we sl@0: * currently don't handle any CRL extensions the CRL must be sl@0: * rejected. sl@0: * This code accesses the X509_CRL structure directly: applications sl@0: * shouldn't do this. sl@0: */ sl@0: sl@0: exts = crl->crl->extensions; sl@0: sl@0: for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) sl@0: { sl@0: ext = sk_X509_EXTENSION_value(exts, idx); sl@0: if (ext->critical > 0) sl@0: { sl@0: ctx->error = sl@0: X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION; sl@0: ok = ctx->verify_cb(0, ctx); sl@0: if(!ok) return 0; sl@0: break; sl@0: } sl@0: } sl@0: return 1; sl@0: } sl@0: sl@0: static int check_policy(X509_STORE_CTX *ctx) sl@0: { sl@0: int ret; sl@0: ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain, sl@0: ctx->param->policies, ctx->param->flags); sl@0: if (ret == 0) sl@0: { sl@0: X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE); sl@0: return 0; sl@0: } sl@0: /* Invalid or inconsistent extensions */ sl@0: if (ret == -1) sl@0: { sl@0: /* Locate certificates with bad extensions and notify sl@0: * callback. sl@0: */ sl@0: X509 *x; sl@0: int i; sl@0: for (i = 1; i < sk_X509_num(ctx->chain); i++) sl@0: { sl@0: x = sk_X509_value(ctx->chain, i); sl@0: if (!(x->ex_flags & EXFLAG_INVALID_POLICY)) sl@0: continue; sl@0: ctx->current_cert = x; sl@0: ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION; sl@0: ret = ctx->verify_cb(0, ctx); sl@0: } sl@0: return 1; sl@0: } sl@0: if (ret == -2) sl@0: { sl@0: ctx->current_cert = NULL; sl@0: ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY; sl@0: return ctx->verify_cb(0, ctx); sl@0: } sl@0: sl@0: if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY) sl@0: { sl@0: ctx->current_cert = NULL; sl@0: ctx->error = X509_V_OK; sl@0: if (!ctx->verify_cb(2, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: return 1; sl@0: } sl@0: sl@0: static int check_cert_time(X509_STORE_CTX *ctx, X509 *x) sl@0: { sl@0: time_t *ptime; sl@0: int i; sl@0: sl@0: if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME) sl@0: ptime = &ctx->param->check_time; sl@0: else sl@0: ptime = NULL; sl@0: sl@0: i=X509_cmp_time(X509_get_notBefore(x), ptime); sl@0: if (i == 0) sl@0: { sl@0: ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; sl@0: ctx->current_cert=x; sl@0: if (!ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: if (i > 0) sl@0: { sl@0: ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; sl@0: ctx->current_cert=x; sl@0: if (!ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: i=X509_cmp_time(X509_get_notAfter(x), ptime); sl@0: if (i == 0) sl@0: { sl@0: ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; sl@0: ctx->current_cert=x; sl@0: if (!ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: if (i < 0) sl@0: { sl@0: ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; sl@0: ctx->current_cert=x; sl@0: if (!ctx->verify_cb(0, ctx)) sl@0: return 0; sl@0: } sl@0: sl@0: return 1; sl@0: } sl@0: sl@0: static int internal_verify(X509_STORE_CTX *ctx) sl@0: { sl@0: int ok=0,n; sl@0: X509 *xs,*xi; sl@0: EVP_PKEY *pkey=NULL; sl@0: int (*cb)(int xok,X509_STORE_CTX *xctx); sl@0: sl@0: cb=ctx->verify_cb; sl@0: sl@0: n=sk_X509_num(ctx->chain); sl@0: ctx->error_depth=n-1; sl@0: n--; sl@0: xi=sk_X509_value(ctx->chain,n); sl@0: sl@0: if (ctx->check_issued(ctx, xi, xi)) sl@0: xs=xi; sl@0: else sl@0: { sl@0: if (n <= 0) sl@0: { sl@0: ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; sl@0: ctx->current_cert=xi; sl@0: ok=cb(0,ctx); sl@0: goto end; sl@0: } sl@0: else sl@0: { sl@0: n--; sl@0: ctx->error_depth=n; sl@0: xs=sk_X509_value(ctx->chain,n); sl@0: } sl@0: } sl@0: sl@0: /* ctx->error=0; not needed */ sl@0: while (n >= 0) sl@0: { sl@0: ctx->error_depth=n; sl@0: if (!xs->valid) sl@0: { sl@0: if ((pkey=X509_get_pubkey(xi)) == NULL) sl@0: { sl@0: ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; sl@0: ctx->current_cert=xi; sl@0: ok=(*cb)(0,ctx); sl@0: if (!ok) goto end; sl@0: } sl@0: else if (X509_verify(xs,pkey) <= 0) sl@0: /* XXX For the final trusted self-signed cert, sl@0: * this is a waste of time. That check should sl@0: * optional so that e.g. 'openssl x509' can be sl@0: * used to detect invalid self-signatures, but sl@0: * we don't verify again and again in SSL sl@0: * handshakes and the like once the cert has sl@0: * been declared trusted. */ sl@0: { sl@0: ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; sl@0: ctx->current_cert=xs; sl@0: ok=(*cb)(0,ctx); sl@0: if (!ok) sl@0: { sl@0: EVP_PKEY_free(pkey); sl@0: goto end; sl@0: } sl@0: } sl@0: EVP_PKEY_free(pkey); sl@0: pkey=NULL; sl@0: } sl@0: sl@0: xs->valid = 1; sl@0: sl@0: ok = check_cert_time(ctx, xs); sl@0: if (!ok) sl@0: goto end; sl@0: sl@0: /* The last error (if any) is still in the error value */ sl@0: ctx->current_issuer=xi; sl@0: ctx->current_cert=xs; sl@0: ok=(*cb)(1,ctx); sl@0: if (!ok) goto end; sl@0: sl@0: n--; sl@0: if (n >= 0) sl@0: { sl@0: xi=xs; sl@0: xs=sk_X509_value(ctx->chain,n); sl@0: } sl@0: } sl@0: ok=1; sl@0: end: sl@0: return ok; sl@0: } sl@0: sl@0: EXPORT_C int X509_cmp_current_time(ASN1_TIME *ctm) sl@0: { sl@0: return X509_cmp_time(ctm, NULL); sl@0: } sl@0: sl@0: EXPORT_C int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time) sl@0: { sl@0: char *str; sl@0: ASN1_TIME atm; sl@0: long offset; sl@0: char buff1[24],buff2[24],*p; sl@0: int i,j; sl@0: sl@0: p=buff1; sl@0: i=ctm->length; sl@0: str=(char *)ctm->data; sl@0: if (ctm->type == V_ASN1_UTCTIME) sl@0: { sl@0: if ((i < 11) || (i > 17)) return 0; sl@0: memcpy(p,str,10); sl@0: p+=10; sl@0: str+=10; sl@0: } sl@0: else sl@0: { sl@0: if (i < 13) return 0; sl@0: memcpy(p,str,12); sl@0: p+=12; sl@0: str+=12; sl@0: } sl@0: sl@0: if ((*str == 'Z') || (*str == '-') || (*str == '+')) sl@0: { *(p++)='0'; *(p++)='0'; } sl@0: else sl@0: { sl@0: *(p++)= *(str++); sl@0: *(p++)= *(str++); sl@0: /* Skip any fractional seconds... */ sl@0: if (*str == '.') sl@0: { sl@0: str++; sl@0: while ((*str >= '0') && (*str <= '9')) str++; sl@0: } sl@0: sl@0: } sl@0: *(p++)='Z'; sl@0: *(p++)='\0'; sl@0: sl@0: if (*str == 'Z') sl@0: offset=0; sl@0: else sl@0: { sl@0: if ((*str != '+') && (*str != '-')) sl@0: return 0; sl@0: offset=((str[1]-'0')*10+(str[2]-'0'))*60; sl@0: offset+=(str[3]-'0')*10+(str[4]-'0'); sl@0: if (*str == '-') sl@0: offset= -offset; sl@0: } sl@0: atm.type=ctm->type; sl@0: atm.length=sizeof(buff2); sl@0: atm.data=(unsigned char *)buff2; sl@0: sl@0: if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL) sl@0: return 0; sl@0: sl@0: if (ctm->type == V_ASN1_UTCTIME) sl@0: { sl@0: i=(buff1[0]-'0')*10+(buff1[1]-'0'); sl@0: if (i < 50) i+=100; /* cf. RFC 2459 */ sl@0: j=(buff2[0]-'0')*10+(buff2[1]-'0'); sl@0: if (j < 50) j+=100; sl@0: sl@0: if (i < j) return -1; sl@0: if (i > j) return 1; sl@0: } sl@0: i=strcmp(buff1,buff2); sl@0: if (i == 0) /* wait a second then return younger :-) */ sl@0: return -1; sl@0: else sl@0: return i; sl@0: } sl@0: sl@0: EXPORT_C ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj) sl@0: { sl@0: return X509_time_adj(s, adj, NULL); sl@0: } sl@0: sl@0: EXPORT_C ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm) sl@0: { sl@0: time_t t; sl@0: int type = -1; sl@0: sl@0: if (in_tm) t = *in_tm; sl@0: else time(&t); sl@0: sl@0: t+=adj; sl@0: if (s) type = s->type; sl@0: if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t); sl@0: if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t); sl@0: return ASN1_TIME_set(s, t); sl@0: } sl@0: sl@0: EXPORT_C int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) sl@0: { sl@0: EVP_PKEY *ktmp=NULL,*ktmp2; sl@0: int i,j; sl@0: sl@0: if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1; sl@0: sl@0: for (i=0; i= 0; j--) sl@0: { sl@0: ktmp2=X509_get_pubkey(sk_X509_value(chain,j)); sl@0: EVP_PKEY_copy_parameters(ktmp2,ktmp); sl@0: EVP_PKEY_free(ktmp2); sl@0: } sl@0: sl@0: if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp); sl@0: EVP_PKEY_free(ktmp); sl@0: return 1; sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, sl@0: CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) sl@0: { sl@0: /* This function is (usually) called only once, by sl@0: * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */ sl@0: return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp, sl@0: new_func, dup_func, free_func); sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) sl@0: { sl@0: return CRYPTO_set_ex_data(&ctx->ex_data,idx,data); sl@0: } sl@0: sl@0: EXPORT_C void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) sl@0: { sl@0: return CRYPTO_get_ex_data(&ctx->ex_data,idx); sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) sl@0: { sl@0: return ctx->error; sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) sl@0: { sl@0: ctx->error=err; sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) sl@0: { sl@0: return ctx->error_depth; sl@0: } sl@0: sl@0: EXPORT_C X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) sl@0: { sl@0: return ctx->current_cert; sl@0: } sl@0: sl@0: EXPORT_C STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) sl@0: { sl@0: return ctx->chain; sl@0: } sl@0: sl@0: EXPORT_C STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx) sl@0: { sl@0: int i; sl@0: X509 *x; sl@0: STACK_OF(X509) *chain; sl@0: if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL; sl@0: for (i = 0; i < sk_X509_num(chain); i++) sl@0: { sl@0: x = sk_X509_value(chain, i); sl@0: CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509); sl@0: } sl@0: return chain; sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) sl@0: { sl@0: ctx->cert=x; sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) sl@0: { sl@0: ctx->untrusted=sk; sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk) sl@0: { sl@0: ctx->crls=sk; sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) sl@0: { sl@0: return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust) sl@0: { sl@0: return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust); sl@0: } sl@0: sl@0: /* This function is used to set the X509_STORE_CTX purpose and trust sl@0: * values. This is intended to be used when another structure has its sl@0: * own trust and purpose values which (if set) will be inherited by sl@0: * the ctx. If they aren't set then we will usually have a default sl@0: * purpose in mind which should then be used to set the trust value. sl@0: * An example of this is SSL use: an SSL structure will have its own sl@0: * purpose and trust settings which the application can set: if they sl@0: * aren't set then we use the default of SSL client/server. sl@0: */ sl@0: sl@0: EXPORT_C int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, sl@0: int purpose, int trust) sl@0: { sl@0: int idx; sl@0: /* If purpose not set use default */ sl@0: if (!purpose) purpose = def_purpose; sl@0: /* If we have a purpose then check it is valid */ sl@0: if (purpose) sl@0: { sl@0: X509_PURPOSE *ptmp; sl@0: idx = X509_PURPOSE_get_by_id(purpose); sl@0: if (idx == -1) sl@0: { sl@0: X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, sl@0: X509_R_UNKNOWN_PURPOSE_ID); sl@0: return 0; sl@0: } sl@0: ptmp = X509_PURPOSE_get0(idx); sl@0: if (ptmp->trust == X509_TRUST_DEFAULT) sl@0: { sl@0: idx = X509_PURPOSE_get_by_id(def_purpose); sl@0: if (idx == -1) sl@0: { sl@0: X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, sl@0: X509_R_UNKNOWN_PURPOSE_ID); sl@0: return 0; sl@0: } sl@0: ptmp = X509_PURPOSE_get0(idx); sl@0: } sl@0: /* If trust not set then get from purpose default */ sl@0: if (!trust) trust = ptmp->trust; sl@0: } sl@0: if (trust) sl@0: { sl@0: idx = X509_TRUST_get_by_id(trust); sl@0: if (idx == -1) sl@0: { sl@0: X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT, sl@0: X509_R_UNKNOWN_TRUST_ID); sl@0: return 0; sl@0: } sl@0: } sl@0: sl@0: if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose; sl@0: if (trust && !ctx->param->trust) ctx->param->trust = trust; sl@0: return 1; sl@0: } sl@0: sl@0: EXPORT_C X509_STORE_CTX *X509_STORE_CTX_new(void) sl@0: { sl@0: X509_STORE_CTX *ctx; sl@0: ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX)); sl@0: if (!ctx) sl@0: { sl@0: X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE); sl@0: return NULL; sl@0: } sl@0: memset(ctx, 0, sizeof(X509_STORE_CTX)); sl@0: return ctx; sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_free(X509_STORE_CTX *ctx) sl@0: { sl@0: X509_STORE_CTX_cleanup(ctx); sl@0: OPENSSL_free(ctx); sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, sl@0: STACK_OF(X509) *chain) sl@0: { sl@0: int ret = 1; sl@0: ctx->ctx=store; sl@0: ctx->current_method=0; sl@0: ctx->cert=x509; sl@0: ctx->untrusted=chain; sl@0: ctx->crls = NULL; sl@0: ctx->last_untrusted=0; sl@0: ctx->other_ctx=NULL; sl@0: ctx->valid=0; sl@0: ctx->chain=NULL; sl@0: ctx->error=0; sl@0: ctx->explicit_policy=0; sl@0: ctx->error_depth=0; sl@0: ctx->current_cert=NULL; sl@0: ctx->current_issuer=NULL; sl@0: ctx->tree = NULL; sl@0: sl@0: ctx->param = X509_VERIFY_PARAM_new(); sl@0: sl@0: if (!ctx->param) sl@0: { sl@0: X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); sl@0: return 0; sl@0: } sl@0: sl@0: /* Inherit callbacks and flags from X509_STORE if not set sl@0: * use defaults. sl@0: */ sl@0: sl@0: sl@0: if (store) sl@0: ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param); sl@0: else sl@0: ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE; sl@0: sl@0: if (store) sl@0: { sl@0: ctx->verify_cb = store->verify_cb; sl@0: ctx->cleanup = store->cleanup; sl@0: } sl@0: else sl@0: ctx->cleanup = 0; sl@0: sl@0: if (ret) sl@0: ret = X509_VERIFY_PARAM_inherit(ctx->param, sl@0: X509_VERIFY_PARAM_lookup("default")); sl@0: sl@0: if (ret == 0) sl@0: { sl@0: X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); sl@0: return 0; sl@0: } sl@0: sl@0: if (store && store->check_issued) sl@0: ctx->check_issued = store->check_issued; sl@0: else sl@0: ctx->check_issued = check_issued; sl@0: sl@0: if (store && store->get_issuer) sl@0: ctx->get_issuer = store->get_issuer; sl@0: else sl@0: ctx->get_issuer = X509_STORE_CTX_get1_issuer; sl@0: sl@0: if (store && store->verify_cb) sl@0: ctx->verify_cb = store->verify_cb; sl@0: else sl@0: ctx->verify_cb = null_callback; sl@0: sl@0: if (store && store->verify) sl@0: ctx->verify = store->verify; sl@0: else sl@0: ctx->verify = internal_verify; sl@0: sl@0: if (store && store->check_revocation) sl@0: ctx->check_revocation = store->check_revocation; sl@0: else sl@0: ctx->check_revocation = check_revocation; sl@0: sl@0: if (store && store->get_crl) sl@0: ctx->get_crl = store->get_crl; sl@0: else sl@0: ctx->get_crl = get_crl; sl@0: sl@0: if (store && store->check_crl) sl@0: ctx->check_crl = store->check_crl; sl@0: else sl@0: ctx->check_crl = check_crl; sl@0: sl@0: if (store && store->cert_crl) sl@0: ctx->cert_crl = store->cert_crl; sl@0: else sl@0: ctx->cert_crl = cert_crl; sl@0: sl@0: ctx->check_policy = check_policy; sl@0: sl@0: sl@0: /* This memset() can't make any sense anyway, so it's removed. As sl@0: * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a sl@0: * corresponding "new" here and remove this bogus initialisation. */ sl@0: /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */ sl@0: if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, sl@0: &(ctx->ex_data))) sl@0: { sl@0: OPENSSL_free(ctx); sl@0: X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); sl@0: return 0; sl@0: } sl@0: return 1; sl@0: } sl@0: sl@0: /* Set alternative lookup method: just a STACK of trusted certificates. sl@0: * This avoids X509_STORE nastiness where it isn't needed. sl@0: */ sl@0: sl@0: EXPORT_C void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) sl@0: { sl@0: ctx->other_ctx = sk; sl@0: ctx->get_issuer = get_issuer_sk; sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) sl@0: { sl@0: if (ctx->cleanup) ctx->cleanup(ctx); sl@0: if (ctx->param != NULL) sl@0: { sl@0: X509_VERIFY_PARAM_free(ctx->param); sl@0: ctx->param=NULL; sl@0: } sl@0: if (ctx->tree != NULL) sl@0: { sl@0: X509_policy_tree_free(ctx->tree); sl@0: ctx->tree=NULL; sl@0: } sl@0: if (ctx->chain != NULL) sl@0: { sl@0: sk_X509_pop_free(ctx->chain,X509_free); sl@0: ctx->chain=NULL; sl@0: } sl@0: CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data)); sl@0: memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) sl@0: { sl@0: X509_VERIFY_PARAM_set_depth(ctx->param, depth); sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) sl@0: { sl@0: X509_VERIFY_PARAM_set_flags(ctx->param, flags); sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t) sl@0: { sl@0: X509_VERIFY_PARAM_set_time(ctx->param, t); sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, sl@0: int (*verify_cb)(int, X509_STORE_CTX *)) sl@0: { sl@0: ctx->verify_cb=verify_cb; sl@0: } sl@0: sl@0: EXPORT_C X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx) sl@0: { sl@0: return ctx->tree; sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx) sl@0: { sl@0: return ctx->explicit_policy; sl@0: } sl@0: sl@0: EXPORT_C int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name) sl@0: { sl@0: const X509_VERIFY_PARAM *param; sl@0: param = X509_VERIFY_PARAM_lookup(name); sl@0: if (!param) sl@0: return 0; sl@0: return X509_VERIFY_PARAM_inherit(ctx->param, param); sl@0: } sl@0: sl@0: EXPORT_C X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx) sl@0: { sl@0: return ctx->param; sl@0: } sl@0: sl@0: EXPORT_C void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param) sl@0: { sl@0: if (ctx->param) sl@0: X509_VERIFY_PARAM_free(ctx->param); sl@0: ctx->param = param; sl@0: } sl@0: sl@0: IMPLEMENT_STACK_OF(X509) sl@0: IMPLEMENT_ASN1_SET_OF(X509) sl@0: sl@0: IMPLEMENT_STACK_OF(X509_NAME) sl@0: sl@0: IMPLEMENT_STACK_OF(X509_ATTRIBUTE) sl@0: IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)