x509_vfy.c 38.8 KB
Newer Older
1
/* crypto/x509/x509_vfy.c */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include <time.h>
#include <errno.h>

#include "cryptlib.h"
A
Andy Polyakov 已提交
64
#include <openssl/crypto.h>
65 66 67 68 69
#include <openssl/lhash.h>
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include <openssl/asn1.h>
#include <openssl/x509.h>
70
#include <openssl/x509v3.h>
71
#include <openssl/objects.h>
72 73

static int null_callback(int ok,X509_STORE_CTX *e);
74 75
static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
76
static int check_chain_extensions(X509_STORE_CTX *ctx);
77
static int check_trust(X509_STORE_CTX *ctx);
D
 
Dr. Stephen Henson 已提交
78 79
static int check_revocation(X509_STORE_CTX *ctx);
static int check_cert(X509_STORE_CTX *ctx);
80
static int check_policy(X509_STORE_CTX *ctx);
81 82
static int crl_akid_check(X509_STORE_CTX *ctx, AUTHORITY_KEYID *akid);
static int idp_check_scope(X509 *x, X509_CRL *crl);
83
static int internal_verify(X509_STORE_CTX *ctx);
B
Ben Laurie 已提交
84
const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
B
Ben Laurie 已提交
85

86

U
Ulf Möller 已提交
87
static int null_callback(int ok, X509_STORE_CTX *e)
88
	{
89
	return ok;
90 91 92
	}

#if 0
U
Ulf Möller 已提交
93
static int x509_subject_cmp(X509 **a, X509 **b)
94
	{
95
	return X509_subject_name_cmp(*a,*b);
96 97 98
	}
#endif

U
Ulf Möller 已提交
99
int X509_verify_cert(X509_STORE_CTX *ctx)
100 101 102
	{
	X509 *x,*xtmp,*chain_ss=NULL;
	X509_NAME *xn;
103 104
	int bad_chain = 0;
	X509_VERIFY_PARAM *param = ctx->param;
105 106
	int depth,i,ok=0;
	int num;
107
	int (*cb)(int xok,X509_STORE_CTX *xctx);
B
Ben Laurie 已提交
108
	STACK_OF(X509) *sktmp=NULL;
109 110 111
	if (ctx->cert == NULL)
		{
		X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
112
		return -1;
113 114
		}

115
	cb=ctx->verify_cb;
116 117 118 119 120

	/* first we make sure the chain we are going to build is
	 * present and that the first entry is in place */
	if (ctx->chain == NULL)
		{
B
Ben Laurie 已提交
121 122
		if (	((ctx->chain=sk_X509_new_null()) == NULL) ||
			(!sk_X509_push(ctx->chain,ctx->cert)))
123 124 125 126 127 128 129 130
			{
			X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
			goto end;
			}
		CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
		ctx->last_untrusted=1;
		}

131
	/* We use a temporary STACK so we can chop and hack at it */
B
Ben Laurie 已提交
132 133
	if (ctx->untrusted != NULL
	    && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
134 135 136 137 138
		{
		X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
		goto end;
		}

B
Ben Laurie 已提交
139 140
	num=sk_X509_num(ctx->chain);
	x=sk_X509_value(ctx->chain,num-1);
141
	depth=param->depth;
142 143 144 145 146


	for (;;)
		{
		/* If we have enough, we break */
B
Bodo Möller 已提交
147
		if (depth < num) break; /* FIXME: If this happens, we should take
B
Bodo Möller 已提交
148 149 150 151
		                         * note of it and, if appropriate, use the
		                         * X509_V_ERR_CERT_CHAIN_TOO_LONG error
		                         * code later.
		                         */
152 153 154

		/* If we are self signed, we break */
		xn=X509_get_issuer_name(x);
155
		if (ctx->check_issued(ctx, x,x)) break;
156 157 158 159

		/* If we were passed a cert chain, use it first */
		if (ctx->untrusted != NULL)
			{
160
			xtmp=find_issuer(ctx, sktmp,x);
161 162
			if (xtmp != NULL)
				{
B
Ben Laurie 已提交
163
				if (!sk_X509_push(ctx->chain,xtmp))
164 165 166 167 168
					{
					X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
					goto end;
					}
				CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
B
Ben Laurie 已提交
169
				sk_X509_delete_ptr(sktmp,xtmp);
170 171 172 173 174 175 176 177 178 179 180 181 182 183 184
				ctx->last_untrusted++;
				x=xtmp;
				num++;
				/* reparse the full chain for
				 * the next one */
				continue;
				}
			}
		break;
		}

	/* at this point, chain should contain a list of untrusted
	 * certificates.  We now need to add at least one trusted one,
	 * if possible, otherwise we complain. */

185 186 187 188
	/* Examine last certificate in chain and see if it
 	 * is self signed.
 	 */

B
Ben Laurie 已提交
189 190
	i=sk_X509_num(ctx->chain);
	x=sk_X509_value(ctx->chain,i-1);
191
	xn = X509_get_subject_name(x);
192
	if (ctx->check_issued(ctx, x, x))
193 194
		{
		/* we have a self signed certificate */
B
Ben Laurie 已提交
195
		if (sk_X509_num(ctx->chain) == 1)
196
			{
197 198 199 200
			/* We have a single self signed certificate: see if
			 * we can find it in the store. We must have an exact
			 * match to avoid possible impersonation.
			 */
201 202
			ok = ctx->get_issuer(&xtmp, ctx, x);
			if ((ok <= 0) || X509_cmp(x, xtmp)) 
203 204 205 206
				{
				ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
				ctx->current_cert=x;
				ctx->error_depth=i-1;
207
				if (ok == 1) X509_free(xtmp);
208
				bad_chain = 1;
209 210 211 212 213 214 215 216 217
				ok=cb(0,ctx);
				if (!ok) goto end;
				}
			else 
				{
				/* We have a match: replace certificate with store version
				 * so we get any trust settings.
				 */
				X509_free(x);
218
				x = xtmp;
219 220 221
				sk_X509_set(ctx->chain, i - 1, x);
				ctx->last_untrusted=0;
				}
222 223 224
			}
		else
			{
225
			/* extract and save self signed certificate for later use */
B
Ben Laurie 已提交
226
			chain_ss=sk_X509_pop(ctx->chain);
227 228
			ctx->last_untrusted--;
			num--;
B
Ben Laurie 已提交
229
			x=sk_X509_value(ctx->chain,num-1);
230 231 232 233 234 235 236
			}
		}

	/* We now lookup certs from the certificate store */
	for (;;)
		{
		/* If we have enough, we break */
237
		if (depth < num) break;
238 239 240

		/* If we are self signed, we break */
		xn=X509_get_issuer_name(x);
241
		if (ctx->check_issued(ctx,x,x)) break;
242

243 244 245
		ok = ctx->get_issuer(&xtmp, ctx, x);

		if (ok < 0) return ok;
246
		if (ok == 0) break;
247 248 249

		x = xtmp;
		if (!sk_X509_push(ctx->chain,x))
250
			{
251
			X509_free(xtmp);
252
			X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
253
			return 0;
254 255 256 257 258 259
			}
		num++;
		}

	/* we now have our chain, lets check it... */
	xn=X509_get_issuer_name(x);
260 261 262

	/* Is last certificate looked up self signed? */
	if (!ctx->check_issued(ctx,x,x))
263
		{
264
		if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss))
265 266 267 268 269 270 271 272 273 274
			{
			if (ctx->last_untrusted >= num)
				ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
			else
				ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
			ctx->current_cert=x;
			}
		else
			{

B
Ben Laurie 已提交
275
			sk_X509_push(ctx->chain,chain_ss);
276 277 278 279 280 281 282 283
			num++;
			ctx->last_untrusted=num;
			ctx->current_cert=chain_ss;
			ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
			chain_ss=NULL;
			}

		ctx->error_depth=num-1;
284
		bad_chain = 1;
285 286 287 288
		ok=cb(0,ctx);
		if (!ok) goto end;
		}

289
	/* We have the chain complete: now we need to check its purpose */
290
	ok = check_chain_extensions(ctx);
291

292
	if (!ok) goto end;
293

294 295
	/* The chain extensions are OK: check trust */

296
	if (param->trust > 0) ok = check_trust(ctx);
297

298
	if (!ok) goto end;
299

300 301 302
	/* We may as well copy down any DSA parameters that are required */
	X509_get_pubkey_parameters(NULL,ctx->chain);

D
 
Dr. Stephen Henson 已提交
303 304 305 306 307 308 309
	/* Check revocation status: we do this after copying parameters
	 * because they may be needed for CRL signature verification.
	 */

	ok = ctx->check_revocation(ctx);
	if(!ok) goto end;

310
	/* At this point, we have a chain and need to verify it */
311 312
	if (ctx->verify != NULL)
		ok=ctx->verify(ctx);
313 314
	else
		ok=internal_verify(ctx);
315 316 317 318 319 320
	if(!ok) goto end;

	/* If we get this far evaluate policies */
	if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
		ok = ctx->check_policy(ctx);
	if(!ok) goto end;
321 322
	if (0)
		{
323
end:
324 325
		X509_get_pubkey_parameters(NULL,ctx->chain);
		}
B
Ben Laurie 已提交
326
	if (sktmp != NULL) sk_X509_free(sktmp);
327
	if (chain_ss != NULL) X509_free(chain_ss);
328
	return ok;
329 330
	}

331 332 333 334 335 336 337 338

/* Given a STACK_OF(X509) find the issuer of cert (if any)
 */

static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
{
	int i;
	X509 *issuer;
339
	for (i = 0; i < sk_X509_num(sk); i++)
340
		{
341
		issuer = sk_X509_value(sk, i);
342
		if (ctx->check_issued(ctx, x, issuer))
343 344
			return issuer;
		}
345 346 347 348 349 350 351 352 353
	return NULL;
}

/* Given a possible certificate and issuer check them */

static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
{
	int ret;
	ret = X509_check_issued(issuer, x);
354 355
	if (ret == X509_V_OK)
		return 1;
D
 
Dr. Stephen Henson 已提交
356
	/* If we haven't asked for issuer errors don't set ctx */
357
	if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
D
 
Dr. Stephen Henson 已提交
358 359 360 361 362
		return 0;

	ctx->error = ret;
	ctx->current_cert = x;
	ctx->current_issuer = issuer;
363
	return ctx->verify_cb(0, ctx);
364 365 366 367 368 369 370 371
	return 0;
}

/* Alternative lookup method: look from a STACK stored in other_ctx */

static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
{
	*issuer = find_issuer(ctx, ctx->other_ctx, x);
372 373
	if (*issuer)
		{
374 375
		CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509);
		return 1;
376 377 378
		}
	else
		return 0;
379 380 381
}
	

382 383 384 385
/* Check a certificate chains extensions for consistency
 * with the supplied purpose
 */

386
static int check_chain_extensions(X509_STORE_CTX *ctx)
387
{
388
#ifdef OPENSSL_NO_CHAIN_VERIFY
389 390
	return 1;
#else
391
	int i, ok=0, must_be_ca;
392
	X509 *x;
393
	int (*cb)(int xok,X509_STORE_CTX *xctx);
394
	int proxy_path_length = 0;
395 396
	int allow_proxy_certs =
		!!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
397
	cb=ctx->verify_cb;
398 399 400 401 402 403 404 405 406 407

	/* must_be_ca can have 1 of 3 values:
	   -1: we accept both CA and non-CA certificates, to allow direct
	       use of self-signed certificates (which are marked as CA).
	   0:  we only accept non-CA certificates.  This is currently not
	       used, but the possibility is present for future extensions.
	   1:  we only accept CA certificates.  This is currently used for
	       all certificates in the chain except the leaf certificate.
	*/
	must_be_ca = -1;
408 409 410 411 412 413

	/* A hack to keep people who don't want to modify their software
	   happy */
	if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
		allow_proxy_certs = 1;

414
	/* Check all untrusted certificates */
415
	for (i = 0; i < ctx->last_untrusted; i++)
416
		{
417
		int ret;
418
		x = sk_X509_value(ctx->chain, i);
419
		if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
D
 
Dr. Stephen Henson 已提交
420 421 422 423 424 425 426 427
			&& (x->ex_flags & EXFLAG_CRITICAL))
			{
			ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
			ctx->error_depth = i;
			ctx->current_cert = x;
			ok=cb(0,ctx);
			if (!ok) goto end;
			}
428 429 430 431 432 433 434 435
		if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY))
			{
			ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
			ctx->error_depth = i;
			ctx->current_cert = x;
			ok=cb(0,ctx);
			if (!ok) goto end;
			}
436 437
		ret = X509_check_ca(x);
		switch(must_be_ca)
438
			{
439 440 441 442 443
		case -1:
			if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
				&& (ret != 1) && (ret != 0))
				{
				ret = 0;
444
				ctx->error = X509_V_ERR_INVALID_CA;
445
				}
446
			else
447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471
				ret = 1;
			break;
		case 0:
			if (ret != 0)
				{
				ret = 0;
				ctx->error = X509_V_ERR_INVALID_NON_CA;
				}
			else
				ret = 1;
			break;
		default:
			if ((ret == 0)
				|| ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
					&& (ret != 1)))
				{
				ret = 0;
				ctx->error = X509_V_ERR_INVALID_CA;
				}
			else
				ret = 1;
			break;
			}
		if (ret == 0)
			{
472 473 474
			ctx->error_depth = i;
			ctx->current_cert = x;
			ok=cb(0,ctx);
475 476
			if (!ok) goto end;
			}
477 478 479 480 481 482 483 484 485 486 487 488 489 490 491
		if (ctx->param->purpose > 0)
			{
			ret = X509_check_purpose(x, ctx->param->purpose,
				must_be_ca > 0);
			if ((ret == 0)
				|| ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
					&& (ret != 1)))
				{
				ctx->error = X509_V_ERR_INVALID_PURPOSE;
				ctx->error_depth = i;
				ctx->current_cert = x;
				ok=cb(0,ctx);
				if (!ok) goto end;
				}
			}
492
		/* Check pathlen */
493
		if ((i > 1) && (x->ex_pathlen != -1)
494
			   && (i > (x->ex_pathlen + proxy_path_length + 1)))
495
			{
496 497 498 499
			ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
			ctx->error_depth = i;
			ctx->current_cert = x;
			ok=cb(0,ctx);
500 501
			if (!ok) goto end;
			}
502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521
		/* If this certificate is a proxy certificate, the next
		   certificate must be another proxy certificate or a EE
		   certificate.  If not, the next certificate must be a
		   CA certificate.  */
		if (x->ex_flags & EXFLAG_PROXY)
			{
			if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen)
				{
				ctx->error =
					X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
				ctx->error_depth = i;
				ctx->current_cert = x;
				ok=cb(0,ctx);
				if (!ok) goto end;
				}
			proxy_path_length++;
			must_be_ca = 0;
			}
		else
			must_be_ca = 1;
522 523
		}
	ok = 1;
524
 end:
525
	return ok;
526 527 528
#endif
}

529 530
static int check_trust(X509_STORE_CTX *ctx)
{
531
#ifdef OPENSSL_NO_CHAIN_VERIFY
532 533 534 535
	return 1;
#else
	int i, ok;
	X509 *x;
536
	int (*cb)(int xok,X509_STORE_CTX *xctx);
537
	cb=ctx->verify_cb;
538 539 540
/* For now just check the last certificate in the chain */
	i = sk_X509_num(ctx->chain) - 1;
	x = sk_X509_value(ctx->chain, i);
541
	ok = X509_check_trust(x, ctx->param->trust, 0);
542 543
	if (ok == X509_TRUST_TRUSTED)
		return 1;
D
 
Dr. Stephen Henson 已提交
544
	ctx->error_depth = i;
545
	ctx->current_cert = x;
546 547 548 549
	if (ok == X509_TRUST_REJECTED)
		ctx->error = X509_V_ERR_CERT_REJECTED;
	else
		ctx->error = X509_V_ERR_CERT_UNTRUSTED;
550
	ok = cb(0, ctx);
551
	return ok;
552 553 554
#endif
}

D
 
Dr. Stephen Henson 已提交
555 556 557
static int check_revocation(X509_STORE_CTX *ctx)
	{
	int i, last, ok;
558
	if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
D
 
Dr. Stephen Henson 已提交
559
		return 1;
560
	if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
D
 
Dr. Stephen Henson 已提交
561
		last = sk_X509_num(ctx->chain) - 1;
562 563
	else
		last = 0;
D
 
Dr. Stephen Henson 已提交
564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588
	for(i = 0; i <= last; i++)
		{
		ctx->error_depth = i;
		ok = check_cert(ctx);
		if (!ok) return ok;
		}
	return 1;
	}

static int check_cert(X509_STORE_CTX *ctx)
	{
	X509_CRL *crl = NULL;
	X509 *x;
	int ok, cnum;
	cnum = ctx->error_depth;
	x = sk_X509_value(ctx->chain, cnum);
	ctx->current_cert = x;
	/* Try to retrieve relevant CRL */
	ok = ctx->get_crl(ctx, &crl, x);
	/* If error looking up CRL, nothing we can do except
	 * notify callback
	 */
	if(!ok)
		{
		ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
589
		ok = ctx->verify_cb(0, ctx);
D
 
Dr. Stephen Henson 已提交
590 591 592 593 594 595 596 597 598 599 600 601 602
		goto err;
		}
	ctx->current_crl = crl;
	ok = ctx->check_crl(ctx, crl);
	if (!ok) goto err;
	ok = ctx->cert_crl(ctx, crl, x);
	err:
	ctx->current_crl = NULL;
	X509_CRL_free(crl);
	return ok;

	}

603 604 605 606 607 608 609
/* Check CRL times against values in X509_STORE_CTX */

static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
	{
	time_t *ptime;
	int i;
	ctx->current_crl = crl;
610 611
	if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
		ptime = &ctx->param->check_time;
612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653
	else
		ptime = NULL;

	i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
	if (i == 0)
		{
		ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
		if (!notify || !ctx->verify_cb(0, ctx))
			return 0;
		}

	if (i > 0)
		{
		ctx->error=X509_V_ERR_CRL_NOT_YET_VALID;
		if (!notify || !ctx->verify_cb(0, ctx))
			return 0;
		}

	if(X509_CRL_get_nextUpdate(crl))
		{
		i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);

		if (i == 0)
			{
			ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
			if (!notify || !ctx->verify_cb(0, ctx))
				return 0;
			}

		if (i < 0)
			{
			ctx->error=X509_V_ERR_CRL_HAS_EXPIRED;
			if (!notify || !ctx->verify_cb(0, ctx))
				return 0;
			}
		}

	ctx->current_crl = NULL;

	return 1;
	}

654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669
/* Based on a set of possible CRLs decide which one is best suited
 * to handle the current certificate. This is determined by a number
 * of criteria. If any of the "must" criteria is not satisfied then
 * the candidate CRL is rejected. If all "must" and all "should" are
 * satisfied the CRL is accepted. If no CRL satisfies all criteria then
 * a "best CRL" is used to provide some meaningful error information.
 *
 * CRL issuer name must match "nm" if not NULL.
 * If IDP is present:
 *   a. it must be consistent.
 *   b. onlyuser, onlyCA, onlyAA should match certificate being checked.
 *   c. indirectCRL must be FALSE.
 *   d. onlysomereason must be absent.
 *   e. if name present a DP in certificate CRLDP must match.
 * If AKID present it should match certificate AKID.
 * Check time should fall between lastUpdate and nextUpdate.
670 671
 */

672 673 674 675 676 677 678 679 680 681 682 683 684
/* IDP name field matches CRLDP or IDP name not present */
#define CRL_SCORE_SCOPE		4
/* AKID present and matches cert, or AKID not present */
#define CRL_SCORE_AKID		2
/* times OK */
#define CRL_SCORE_TIME		1

#define CRL_SCORE_ALL		7

/* IDP flags which cause a CRL to be rejected */

#define IDP_REJECT	(IDP_INVALID|IDP_INDIRECT|IDP_REASONS)

685 686 687
static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl,
			X509_NAME *nm, STACK_OF(X509_CRL) *crls)
	{
688
	int i, crl_score, best_score = -1;
689 690 691
	X509_CRL *crl, *best_crl = NULL;
	for (i = 0; i < sk_X509_CRL_num(crls); i++)
		{
692
		crl_score = 0;
693
		crl = sk_X509_CRL_value(crls, i);
694
		if (nm && X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
695 696
			continue;
		if (check_crl_time(ctx, crl, 0))
697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717
			crl_score |= CRL_SCORE_TIME;

		if (crl->idp_flags & IDP_PRESENT)
			{
			if (crl->idp_flags & IDP_REJECT)
				continue;
			if (idp_check_scope(ctx->current_cert, crl))
				crl_score |= CRL_SCORE_SCOPE;
			}
		else
			crl_score |= CRL_SCORE_SCOPE;

		if (crl->akid)
			{
			if (crl_akid_check(ctx, crl->akid))
				crl_score |= CRL_SCORE_AKID;
			}
		else
			crl_score |= CRL_SCORE_AKID;

		if (crl_score == CRL_SCORE_ALL)
718 719
			{
			*pcrl = crl;
720
			CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509_CRL);
721 722
			return 1;
			}
723 724 725 726 727 728

		if (crl_score > best_score)
			{
			best_crl = crl;
			best_score = crl_score;
			}
729 730 731 732 733 734 735 736 737 738
		}
	if (best_crl)
		{
		*pcrl = best_crl;
		CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509);
		}
		
	return 0;
	}

739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801
static int crl_akid_check(X509_STORE_CTX *ctx, AUTHORITY_KEYID *akid)
	{
	int cidx = ctx->error_depth;
	if (cidx != sk_X509_num(ctx->chain) - 1)
		cidx++;
	if (X509_check_akid(sk_X509_value(ctx->chain, cidx), akid) == X509_V_OK)
		return 1;
	return 0;
	}


/* Check IDP name matches at least one CRLDP name */

static int idp_check_scope(X509 *x, X509_CRL *crl)
	{
	int i, j, k;
	GENERAL_NAMES *inames, *dnames;
	if (crl->idp_flags & IDP_ONLYATTR)
		return 0;
	if (x->ex_flags & EXFLAG_CA)
		{
		if (crl->idp_flags & IDP_ONLYUSER)
			return 0;
		}
	else
		{
		if (crl->idp_flags & IDP_ONLYCA)
			return 0;
		}
	if (!crl->idp->distpoint)
		return 1;
	if (crl->idp->distpoint->type != 0)
		return 1;
	if (!x->crldp)
		return 0;
	inames = crl->idp->distpoint->name.fullname;
	for (i = 0; i < sk_GENERAL_NAME_num(inames); i++)
		{
		GENERAL_NAME *igen = sk_GENERAL_NAME_value(inames, i);
		for (j = 0; j < sk_DIST_POINT_num(x->crldp); j++)
			{
			DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, j);
			/* We don't handle these at present */
			if (dp->reasons || dp->CRLissuer)
				continue;
			if (!dp->distpoint || (dp->distpoint->type != 0))
				continue;
			dnames = dp->distpoint->name.fullname;
			for (k = 0; k < sk_GENERAL_NAME_num(dnames); k++)
				{
				GENERAL_NAME *cgen =
					sk_GENERAL_NAME_value(dnames, k);
				if (!GENERAL_NAME_cmp(igen, cgen))
					return 1;
				}
			}
		}
	return 0;
	}

/* Retrieve CRL corresponding to current certificate. Currently only
 * one CRL is retrieved. Multiple CRLs may be needed if we handle
 * CRLs partitioned on reason code later.
D
 
Dr. Stephen Henson 已提交
802
 */
803
	
804
static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x)
D
 
Dr. Stephen Henson 已提交
805 806
	{
	int ok;
807
	X509_CRL *crl = NULL;
808
	STACK_OF(X509_CRL) *skcrl;
809 810 811 812 813 814 815 816 817
	X509_NAME *nm;
	nm = X509_get_issuer_name(x);
	ok = get_crl_sk(ctx, &crl, nm, ctx->crls);
	if (ok)
		{
		*pcrl = crl;
		return 1;
		}

818
	/* Lookup CRLs from store */
819

820 821 822 823
	skcrl = ctx->lookup_crls(ctx, nm);

	/* If no CRLs found and a near match from get_crl_sk use that */
	if (!skcrl)
824 825 826 827 828 829 830 831 832
		{
		if (crl)
			{
			*pcrl = crl;
			return 1;
			}
		return 0;
		}

833 834 835 836 837 838
	get_crl_sk(ctx, &crl, NULL, skcrl);

	sk_X509_CRL_pop_free(skcrl, X509_CRL_free);

	/* If we got any kind of CRL use it and return success */
	if (crl)
839
		{
840 841
		*pcrl = crl;
		return 1;
842
		}
843 844

	return 0;
D
 
Dr. Stephen Henson 已提交
845 846 847 848 849 850 851
	}

/* Check CRL validity */
static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
	{
	X509 *issuer = NULL;
	EVP_PKEY *ikey = NULL;
852
	int ok = 0, chnum, cnum;
D
 
Dr. Stephen Henson 已提交
853 854 855 856 857 858 859 860 861 862 863 864 865 866
	cnum = ctx->error_depth;
	chnum = sk_X509_num(ctx->chain) - 1;
	/* Find CRL issuer: if not last certificate then issuer
	 * is next certificate in chain.
	 */
	if(cnum < chnum)
		issuer = sk_X509_value(ctx->chain, cnum + 1);
	else
		{
		issuer = sk_X509_value(ctx->chain, chnum);
		/* If not self signed, can't check signature */
		if(!ctx->check_issued(ctx, issuer, issuer))
			{
			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
867
			ok = ctx->verify_cb(0, ctx);
D
 
Dr. Stephen Henson 已提交
868 869 870 871 872 873
			if(!ok) goto err;
			}
		}

	if(issuer)
		{
874 875 876 877 878 879 880 881
		/* Check for cRLSign bit if keyUsage present */
		if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
			!(issuer->ex_kusage & KU_CRL_SIGN))
			{
			ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
			ok = ctx->verify_cb(0, ctx);
			if(!ok) goto err;
			}
D
 
Dr. Stephen Henson 已提交
882

883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904
		if (crl->idp_flags & IDP_PRESENT)
			{
			if (crl->idp_flags & IDP_INVALID)
				{
				ctx->error = X509_V_ERR_INVALID_EXTENSION;
				ok = ctx->verify_cb(0, ctx);
				if(!ok) goto err;
				}
			if (crl->idp_flags & (IDP_REASONS|IDP_INDIRECT))
				{
				ctx->error = X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE;
				ok = ctx->verify_cb(0, ctx);
				if(!ok) goto err;
				}
			if (!idp_check_scope(ctx->current_cert, crl))
				{
				ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
				ok = ctx->verify_cb(0, ctx);
				if(!ok) goto err;
				}
			}

D
 
Dr. Stephen Henson 已提交
905 906 907 908 909 910
		/* Attempt to get issuer certificate public key */
		ikey = X509_get_pubkey(issuer);

		if(!ikey)
			{
			ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
911
			ok = ctx->verify_cb(0, ctx);
D
 
Dr. Stephen Henson 已提交
912 913 914 915 916 917 918 919
			if (!ok) goto err;
			}
		else
			{
			/* Verify CRL signature */
			if(X509_CRL_verify(crl, ikey) <= 0)
				{
				ctx->error=X509_V_ERR_CRL_SIGNATURE_FAILURE;
920
				ok = ctx->verify_cb(0, ctx);
D
 
Dr. Stephen Henson 已提交
921 922 923 924 925
				if (!ok) goto err;
				}
			}
		}

926 927
	ok = check_crl_time(ctx, crl, 1);
	if (!ok)
928
		goto err;
D
 
Dr. Stephen Henson 已提交
929 930 931 932 933 934 935 936 937 938 939

	ok = 1;

	err:
	EVP_PKEY_free(ikey);
	return ok;
	}

/* Check certificate against CRL */
static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
	{
940 941 942
	int ok;
	/* Look for serial number of certificate in CRL
	 * If found assume revoked: want something cleverer than
D
 
Dr. Stephen Henson 已提交
943 944
	 * this to handle entry extensions in V2 CRLs.
	 */
945
	if (X509_CRL_get0_by_serial(crl, NULL, X509_get_serialNumber(x)) > 0)
946 947 948
		{
		ctx->error = X509_V_ERR_CERT_REVOKED;
		ok = ctx->verify_cb(0, ctx);
949 950
		if (!ok)
			return 0;
951 952
		}

953
	if (crl->flags & EXFLAG_CRITICAL)
954
		{
955 956 957 958 959 960
		if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
			return 1;
		ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
		ok = ctx->verify_cb(0, ctx);
		if(!ok)
			return 0;
961
		}
962

963
	return 1;
D
 
Dr. Stephen Henson 已提交
964 965
	}

966 967 968
static int check_policy(X509_STORE_CTX *ctx)
	{
	int ret;
969
	ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
970 971 972
				ctx->param->policies, ctx->param->flags);
	if (ret == 0)
		{
B
Bodo Möller 已提交
973
		X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE);
974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012
		return 0;
		}
	/* Invalid or inconsistent extensions */
	if (ret == -1)
		{
		/* Locate certificates with bad extensions and notify
		 * callback.
		 */
		X509 *x;
		int i;
		for (i = 1; i < sk_X509_num(ctx->chain); i++)
			{
			x = sk_X509_value(ctx->chain, i);
			if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
				continue;
			ctx->current_cert = x;
			ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
			ret = ctx->verify_cb(0, ctx);
			}
		return 1;
		}
	if (ret == -2)
		{
		ctx->current_cert = NULL;
		ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
		return ctx->verify_cb(0, ctx);
		}

	if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY)
		{
		ctx->current_cert = NULL;
		ctx->error = X509_V_OK;
		if (!ctx->verify_cb(2, ctx))
			return 0;
		}

	return 1;
	}

1013 1014 1015 1016 1017
static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
	{
	time_t *ptime;
	int i;

1018 1019
	if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
		ptime = &ctx->param->check_time;
1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059
	else
		ptime = NULL;

	i=X509_cmp_time(X509_get_notBefore(x), ptime);
	if (i == 0)
		{
		ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
		ctx->current_cert=x;
		if (!ctx->verify_cb(0, ctx))
			return 0;
		}

	if (i > 0)
		{
		ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
		ctx->current_cert=x;
		if (!ctx->verify_cb(0, ctx))
			return 0;
		}

	i=X509_cmp_time(X509_get_notAfter(x), ptime);
	if (i == 0)
		{
		ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
		ctx->current_cert=x;
		if (!ctx->verify_cb(0, ctx))
			return 0;
		}

	if (i < 0)
		{
		ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
		ctx->current_cert=x;
		if (!ctx->verify_cb(0, ctx))
			return 0;
		}

	return 1;
	}

U
Ulf Möller 已提交
1060
static int internal_verify(X509_STORE_CTX *ctx)
1061
	{
1062
	int ok=0,n;
1063 1064
	X509 *xs,*xi;
	EVP_PKEY *pkey=NULL;
1065
	int (*cb)(int xok,X509_STORE_CTX *xctx);
1066

1067
	cb=ctx->verify_cb;
1068

B
Ben Laurie 已提交
1069
	n=sk_X509_num(ctx->chain);
1070 1071
	ctx->error_depth=n-1;
	n--;
B
Ben Laurie 已提交
1072
	xi=sk_X509_value(ctx->chain,n);
1073

D
Dr. Stephen Henson 已提交
1074
	if (ctx->check_issued(ctx, xi, xi))
1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088
		xs=xi;
	else
		{
		if (n <= 0)
			{
			ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
			ctx->current_cert=xi;
			ok=cb(0,ctx);
			goto end;
			}
		else
			{
			n--;
			ctx->error_depth=n;
B
Ben Laurie 已提交
1089
			xs=sk_X509_value(ctx->chain,n);
1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105
			}
		}

/*	ctx->error=0;  not needed */
	while (n >= 0)
		{
		ctx->error_depth=n;
		if (!xs->valid)
			{
			if ((pkey=X509_get_pubkey(xi)) == NULL)
				{
				ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
				ctx->current_cert=xi;
				ok=(*cb)(0,ctx);
				if (!ok) goto end;
				}
1106
			else if (X509_verify(xs,pkey) <= 0)
B
Bodo Möller 已提交
1107 1108 1109 1110 1111 1112 1113
				/* XXX  For the final trusted self-signed cert,
				 * this is a waste of time.  That check should
				 * optional so that e.g. 'openssl x509' can be
				 * used to detect invalid self-signatures, but
				 * we don't verify again and again in SSL
				 * handshakes and the like once the cert has
				 * been declared trusted. */
1114 1115 1116 1117
				{
				ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
				ctx->current_cert=xs;
				ok=(*cb)(0,ctx);
D
 
Dr. Stephen Henson 已提交
1118 1119 1120 1121 1122
				if (!ok)
					{
					EVP_PKEY_free(pkey);
					goto end;
					}
1123
				}
1124
			EVP_PKEY_free(pkey);
1125 1126 1127
			pkey=NULL;
			}

1128
		xs->valid = 1;
1129

1130 1131
		ok = check_cert_time(ctx, xs);
		if (!ok)
1132
			goto end;
1133 1134

		/* The last error (if any) is still in the error value */
1135
		ctx->current_issuer=xi;
1136 1137 1138 1139 1140 1141 1142 1143
		ctx->current_cert=xs;
		ok=(*cb)(1,ctx);
		if (!ok) goto end;

		n--;
		if (n >= 0)
			{
			xi=xs;
B
Ben Laurie 已提交
1144
			xs=sk_X509_value(ctx->chain,n);
1145 1146 1147 1148
			}
		}
	ok=1;
end:
1149
	return ok;
1150 1151
	}

1152
int X509_cmp_current_time(ASN1_TIME *ctm)
D
Dr. Stephen Henson 已提交
1153 1154 1155 1156 1157
{
	return X509_cmp_time(ctm, NULL);
}

int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
1158 1159
	{
	char *str;
1160
	ASN1_TIME atm;
1161
	long offset;
1162 1163 1164 1165 1166 1167
	char buff1[24],buff2[24],*p;
	int i,j;

	p=buff1;
	i=ctm->length;
	str=(char *)ctm->data;
1168 1169
	if (ctm->type == V_ASN1_UTCTIME)
		{
1170
		if ((i < 11) || (i > 17)) return 0;
1171 1172 1173
		memcpy(p,str,10);
		p+=10;
		str+=10;
1174 1175 1176 1177
		}
	else
		{
		if (i < 13) return 0;
1178 1179 1180
		memcpy(p,str,12);
		p+=12;
		str+=12;
1181
		}
1182 1183 1184

	if ((*str == 'Z') || (*str == '-') || (*str == '+'))
		{ *(p++)='0'; *(p++)='0'; }
1185 1186 1187 1188 1189
	else
		{ 
		*(p++)= *(str++);
		*(p++)= *(str++);
		/* Skip any fractional seconds... */
1190
		if (*str == '.')
1191 1192
			{
			str++;
1193
			while ((*str >= '0') && (*str <= '9')) str++;
1194
			}
1195 1196
		
		}
1197 1198 1199 1200 1201 1202 1203
	*(p++)='Z';
	*(p++)='\0';

	if (*str == 'Z')
		offset=0;
	else
		{
R
Richard Levitte 已提交
1204
		if ((*str != '+') && (*str != '-'))
1205
			return 0;
1206 1207 1208
		offset=((str[1]-'0')*10+(str[2]-'0'))*60;
		offset+=(str[3]-'0')*10+(str[4]-'0');
		if (*str == '-')
1209
			offset= -offset;
1210
		}
1211
	atm.type=ctm->type;
1212 1213 1214
	atm.length=sizeof(buff2);
	atm.data=(unsigned char *)buff2;

1215 1216
	if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL)
		return 0;
1217

1218
	if (ctm->type == V_ASN1_UTCTIME)
1219 1220 1221 1222 1223
		{
		i=(buff1[0]-'0')*10+(buff1[1]-'0');
		if (i < 50) i+=100; /* cf. RFC 2459 */
		j=(buff2[0]-'0')*10+(buff2[1]-'0');
		if (j < 50) j+=100;
1224

1225 1226
		if (i < j) return -1;
		if (i > j) return 1;
1227
		}
1228 1229
	i=strcmp(buff1,buff2);
	if (i == 0) /* wait a second then return younger :-) */
1230
		return -1;
1231
	else
1232
		return i;
1233 1234
	}

1235
ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
D
Dr. Stephen Henson 已提交
1236 1237 1238 1239 1240
{
	return X509_time_adj(s, adj, NULL);
}

ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
1241 1242
	{
	time_t t;
1243
	int type = -1;
1244

1245
	if (in_tm) t = *in_tm;
D
Dr. Stephen Henson 已提交
1246 1247
	else time(&t);

1248
	t+=adj;
1249 1250 1251 1252
	if (s) type = s->type;
	if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
	if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t);
	return ASN1_TIME_set(s, t);
1253 1254
	}

B
Ben Laurie 已提交
1255
int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
1256 1257 1258 1259
	{
	EVP_PKEY *ktmp=NULL,*ktmp2;
	int i,j;

1260
	if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1;
1261

B
Ben Laurie 已提交
1262
	for (i=0; i<sk_X509_num(chain); i++)
1263
		{
B
Ben Laurie 已提交
1264
		ktmp=X509_get_pubkey(sk_X509_value(chain,i));
1265 1266 1267
		if (ktmp == NULL)
			{
			X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
1268
			return 0;
1269 1270 1271 1272 1273
			}
		if (!EVP_PKEY_missing_parameters(ktmp))
			break;
		else
			{
1274
			EVP_PKEY_free(ktmp);
1275 1276 1277 1278 1279 1280
			ktmp=NULL;
			}
		}
	if (ktmp == NULL)
		{
		X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
1281
		return 0;
1282 1283 1284 1285 1286
		}

	/* first, populate the other certs */
	for (j=i-1; j >= 0; j--)
		{
B
Ben Laurie 已提交
1287
		ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
1288
		EVP_PKEY_copy_parameters(ktmp2,ktmp);
1289
		EVP_PKEY_free(ktmp2);
1290 1291
		}
	
1292 1293
	if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
	EVP_PKEY_free(ktmp);
1294
	return 1;
1295 1296
	}

D
 
Dr. Stephen Henson 已提交
1297 1298
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
B
Bodo Möller 已提交
1299 1300
	{
	/* This function is (usually) called only once, by
1301 1302 1303
	 * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */
	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
			new_func, dup_func, free_func);
B
Bodo Möller 已提交
1304
	}
1305

U
Ulf Möller 已提交
1306
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
1307
	{
1308
	return CRYPTO_set_ex_data(&ctx->ex_data,idx,data);
1309 1310
	}

U
Ulf Möller 已提交
1311
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
1312
	{
1313
	return CRYPTO_get_ex_data(&ctx->ex_data,idx);
1314 1315
	}

U
Ulf Möller 已提交
1316
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
1317
	{
1318
	return ctx->error;
1319 1320
	}

U
Ulf Möller 已提交
1321
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
1322 1323 1324 1325
	{
	ctx->error=err;
	}

U
Ulf Möller 已提交
1326
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
1327
	{
1328
	return ctx->error_depth;
1329 1330
	}

U
Ulf Möller 已提交
1331
X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
1332
	{
1333
	return ctx->current_cert;
1334 1335
	}

B
Ben Laurie 已提交
1336
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
1337
	{
1338
	return ctx->chain;
1339 1340
	}

1341
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
1342 1343 1344 1345
	{
	int i;
	X509 *x;
	STACK_OF(X509) *chain;
1346 1347
	if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;
	for (i = 0; i < sk_X509_num(chain); i++)
1348
		{
1349 1350
		x = sk_X509_value(chain, i);
		CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
1351
		}
1352
	return chain;
1353 1354
	}

U
Ulf Möller 已提交
1355
void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
1356 1357 1358 1359
	{
	ctx->cert=x;
	}

U
Ulf Möller 已提交
1360
void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
1361 1362 1363 1364
	{
	ctx->untrusted=sk;
	}

1365 1366 1367 1368 1369
void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
	{
	ctx->crls=sk;
	}

1370
int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
1371
	{
1372
	return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
1373 1374
	}

1375
int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
1376
	{
1377
	return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
1378 1379
	}

1380 1381 1382 1383 1384 1385 1386 1387 1388 1389 1390 1391
/* This function is used to set the X509_STORE_CTX purpose and trust
 * values. This is intended to be used when another structure has its
 * own trust and purpose values which (if set) will be inherited by
 * the ctx. If they aren't set then we will usually have a default
 * purpose in mind which should then be used to set the trust value.
 * An example of this is SSL use: an SSL structure will have its own
 * purpose and trust settings which the application can set: if they
 * aren't set then we use the default of SSL client/server.
 */

int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
				int purpose, int trust)
1392 1393
{
	int idx;
1394
	/* If purpose not set use default */
1395
	if (!purpose) purpose = def_purpose;
1396
	/* If we have a purpose then check it is valid */
1397 1398
	if (purpose)
		{
1399
		X509_PURPOSE *ptmp;
1400
		idx = X509_PURPOSE_get_by_id(purpose);
1401
		if (idx == -1)
1402
			{
1403 1404 1405
			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
						X509_R_UNKNOWN_PURPOSE_ID);
			return 0;
1406
			}
1407
		ptmp = X509_PURPOSE_get0(idx);
1408
		if (ptmp->trust == X509_TRUST_DEFAULT)
1409
			{
1410
			idx = X509_PURPOSE_get_by_id(def_purpose);
1411
			if (idx == -1)
1412
				{
1413 1414 1415
				X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
						X509_R_UNKNOWN_PURPOSE_ID);
				return 0;
1416
				}
1417
			ptmp = X509_PURPOSE_get0(idx);
1418
			}
1419
		/* If trust not set then get from purpose default */
1420
		if (!trust) trust = ptmp->trust;
1421
		}
1422
	if (trust)
1423
		{
1424
		idx = X509_TRUST_get_by_id(trust);
1425
		if (idx == -1)
1426
			{
1427 1428 1429
			X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
						X509_R_UNKNOWN_TRUST_ID);
			return 0;
1430
			}
1431 1432
		}

1433 1434
	if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose;
	if (trust && !ctx->param->trust) ctx->param->trust = trust;
1435 1436 1437
	return 1;
}

1438 1439 1440 1441
X509_STORE_CTX *X509_STORE_CTX_new(void)
{
	X509_STORE_CTX *ctx;
	ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
1442 1443 1444 1445 1446 1447
	if (!ctx)
		{
		X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE);
		return NULL;
		}
	memset(ctx, 0, sizeof(X509_STORE_CTX));
1448 1449 1450 1451 1452 1453 1454 1455 1456
	return ctx;
}

void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
{
	X509_STORE_CTX_cleanup(ctx);
	OPENSSL_free(ctx);
}

1457
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
1458 1459
	     STACK_OF(X509) *chain)
	{
1460
	int ret = 1;
1461 1462 1463 1464
	ctx->ctx=store;
	ctx->current_method=0;
	ctx->cert=x509;
	ctx->untrusted=chain;
1465
	ctx->crls = NULL;
1466
	ctx->last_untrusted=0;
1467
	ctx->other_ctx=NULL;
1468 1469 1470
	ctx->valid=0;
	ctx->chain=NULL;
	ctx->error=0;
1471
	ctx->explicit_policy=0;
1472
	ctx->error_depth=0;
1473 1474
	ctx->current_cert=NULL;
	ctx->current_issuer=NULL;
1475 1476 1477 1478 1479 1480 1481 1482 1483
	ctx->tree = NULL;

	ctx->param = X509_VERIFY_PARAM_new();

	if (!ctx->param)
		{
		X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
		return 0;
		}
1484 1485 1486 1487 1488 1489

	/* Inherit callbacks and flags from X509_STORE if not set
	 * use defaults.
	 */


1490 1491 1492 1493 1494
	if (store)
		ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
	else
		ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE;

D
Dr. Stephen Henson 已提交
1495 1496
	if (store)
		{
1497
		ctx->verify_cb = store->verify_cb;
D
Dr. Stephen Henson 已提交
1498 1499 1500 1501
		ctx->cleanup = store->cleanup;
		}
	else
		ctx->cleanup = 0;
1502 1503 1504 1505 1506 1507 1508 1509 1510

	if (ret)
		ret = X509_VERIFY_PARAM_inherit(ctx->param,
					X509_VERIFY_PARAM_lookup("default"));

	if (ret == 0)
		{
		X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
		return 0;
D
Dr. Stephen Henson 已提交
1511 1512 1513
		}

	if (store && store->check_issued)
1514 1515 1516 1517
		ctx->check_issued = store->check_issued;
	else
		ctx->check_issued = check_issued;

D
Dr. Stephen Henson 已提交
1518
	if (store && store->get_issuer)
1519 1520 1521 1522
		ctx->get_issuer = store->get_issuer;
	else
		ctx->get_issuer = X509_STORE_CTX_get1_issuer;

D
Dr. Stephen Henson 已提交
1523
	if (store && store->verify_cb)
1524 1525 1526 1527
		ctx->verify_cb = store->verify_cb;
	else
		ctx->verify_cb = null_callback;

D
Dr. Stephen Henson 已提交
1528
	if (store && store->verify)
1529 1530 1531 1532
		ctx->verify = store->verify;
	else
		ctx->verify = internal_verify;

D
Dr. Stephen Henson 已提交
1533
	if (store && store->check_revocation)
1534 1535 1536 1537
		ctx->check_revocation = store->check_revocation;
	else
		ctx->check_revocation = check_revocation;

D
Dr. Stephen Henson 已提交
1538
	if (store && store->get_crl)
1539 1540 1541 1542
		ctx->get_crl = store->get_crl;
	else
		ctx->get_crl = get_crl;

D
Dr. Stephen Henson 已提交
1543
	if (store && store->check_crl)
1544 1545 1546 1547
		ctx->check_crl = store->check_crl;
	else
		ctx->check_crl = check_crl;

D
Dr. Stephen Henson 已提交
1548
	if (store && store->cert_crl)
1549 1550 1551 1552
		ctx->cert_crl = store->cert_crl;
	else
		ctx->cert_crl = cert_crl;

1553 1554 1555
	if (store && store->lookup_certs)
		ctx->lookup_certs = store->lookup_certs;
	else
1556
		ctx->lookup_certs = X509_STORE_get1_certs;
1557 1558 1559 1560

	if (store && store->lookup_crls)
		ctx->lookup_crls = store->lookup_crls;
	else
1561
		ctx->lookup_crls = X509_STORE_get1_crls;
1562

1563 1564
	ctx->check_policy = check_policy;

1565

1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577
	/* This memset() can't make any sense anyway, so it's removed. As
	 * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
	 * corresponding "new" here and remove this bogus initialisation. */
	/* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */
	if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
				&(ctx->ex_data)))
		{
		OPENSSL_free(ctx);
		X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
		return 0;
		}
	return 1;
1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591
	}

/* Set alternative lookup method: just a STACK of trusted certificates.
 * This avoids X509_STORE nastiness where it isn't needed.
 */

void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
{
	ctx->other_ctx = sk;
	ctx->get_issuer = get_issuer_sk;
}

void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
	{
1592
	if (ctx->cleanup) ctx->cleanup(ctx);
1593 1594 1595
	X509_VERIFY_PARAM_free(ctx->param);
	if (ctx->tree)
		X509_policy_tree_free(ctx->tree);
1596 1597 1598 1599 1600
	if (ctx->chain != NULL)
		{
		sk_X509_pop_free(ctx->chain,X509_free);
		ctx->chain=NULL;
		}
1601
	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
1602
	memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
1603
	}
1604

1605
void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
D
Dr. Stephen Henson 已提交
1606
	{
1607
	X509_VERIFY_PARAM_set_depth(ctx->param, depth);
D
Dr. Stephen Henson 已提交
1608 1609
	}

1610
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
D
Dr. Stephen Henson 已提交
1611
	{
1612 1613 1614 1615 1616 1617
	X509_VERIFY_PARAM_set_flags(ctx->param, flags);
	}

void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t)
	{
	X509_VERIFY_PARAM_set_time(ctx->param, t);
D
Dr. Stephen Henson 已提交
1618 1619
	}

L
Lutz Jänicke 已提交
1620 1621 1622 1623 1624 1625
void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
				  int (*verify_cb)(int, X509_STORE_CTX *))
	{
	ctx->verify_cb=verify_cb;
	}

1626 1627 1628 1629 1630 1631 1632
X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
	{
	return ctx->tree;
	}

int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
	{
1633
	return ctx->explicit_policy;
1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 1655 1656
	}

int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
	{
	const X509_VERIFY_PARAM *param;
	param = X509_VERIFY_PARAM_lookup(name);
	if (!param)
		return 0;
	return X509_VERIFY_PARAM_inherit(ctx->param, param);
	}

X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
	{
	return ctx->param;
	}

void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
	{
	if (ctx->param)
		X509_VERIFY_PARAM_free(ctx->param);
	ctx->param = param;
	}

B
Ben Laurie 已提交
1657 1658
IMPLEMENT_STACK_OF(X509)
IMPLEMENT_ASN1_SET_OF(X509)
B
Ben Laurie 已提交
1659

B
Ben Laurie 已提交
1660
IMPLEMENT_STACK_OF(X509_NAME)
B
Ben Laurie 已提交
1661

1662
IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
B
Ben Laurie 已提交
1663
IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)