X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fx509%2Fx509_trs.c;h=10718c347dda7ac98078ac1110e99dd24d7969aa;hp=94c64a1bcfb428c1cf831e2cecb12a9679eecb7d;hb=7e06a6758bef584deabc9cb4b0d21b3e664b25c9;hpb=21f775522b83cd0e395b20b4a8bbf6c1c884b0d3 diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index 94c64a1bcf..10718c347d 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c @@ -1,207 +1,300 @@ -/* x509_trs.c */ -/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include -#include "cryptlib.h" +#include "internal/cryptlib.h" #include +#include "crypto/x509.h" - -static int tr_cmp(X509_TRUST **a, X509_TRUST **b); +static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b); static void trtable_free(X509_TRUST *p); -static int trust_1bit(X509_TRUST *trust, X509 *x, int flags); -static int trust_any(X509_TRUST *trust, X509 *x, int flags); +static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags); +static int trust_1oid(X509_TRUST *trust, X509 *x, int flags); +static int trust_compat(X509_TRUST *trust, X509 *x, int flags); + +static int obj_trust(int id, X509 *x, int flags); +static int (*default_trust) (int id, X509 *x, int flags) = obj_trust; + +/* + * WARNING: the following table should be kept in order of trust and without + * any gaps so we can just subtract the minimum trust value to get an index + * into the table + */ static X509_TRUST trstandard[] = { -{X509_TRUST_ANY, 0, trust_any, "Any", 0, NULL}, -{X509_TRUST_SSL_CLIENT, 0, trust_1bit, "SSL Client", X509_TRUST_BIT_SSL_CLIENT, NULL}, -{X509_TRUST_SSL_SERVER, 0, trust_1bit, "SSL Client", X509_TRUST_BIT_SSL_SERVER, NULL}, -{X509_TRUST_EMAIL, 0, trust_1bit, "S/MIME email", X509_TRUST_BIT_EMAIL, NULL}, -{X509_TRUST_OBJECT_SIGN, 0, trust_1bit, "Object Signing", X509_TRUST_BIT_OBJECT_SIGN, NULL}, -{0, 0, NULL, NULL, 0, NULL} + {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL}, + {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth, + NULL}, + {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth, + NULL}, + {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect, + NULL}, + {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign, + NULL}, + {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign, + NULL}, + {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP, + NULL}, + {X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL} }; -IMPLEMENT_STACK_OF(X509_TRUST) +#define X509_TRUST_COUNT OSSL_NELEM(trstandard) static STACK_OF(X509_TRUST) *trtable = NULL; -static int tr_cmp(X509_TRUST **a, X509_TRUST **b) +static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b) { - return (*a)->trust_id - (*b)->trust_id; + return (*a)->trust - (*b)->trust; +} + +int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *, + int) { + int (*oldtrust) (int, X509 *, int); + oldtrust = default_trust; + default_trust = trust; + return oldtrust; } int X509_check_trust(X509 *x, int id, int flags) { - int idx; - X509_TRUST *pt; - if(id == -1) return 1; - idx = X509_TRUST_get_by_id(id); - if(idx == -1) return -1; - pt = sk_X509_TRUST_value(trtable, idx); - return pt->check_trust(pt, x, flags); + X509_TRUST *pt; + int idx; + + /* We get this as a default value */ + if (id == X509_TRUST_DEFAULT) + return obj_trust(NID_anyExtendedKeyUsage, x, + flags | X509_TRUST_DO_SS_COMPAT); + idx = X509_TRUST_get_by_id(id); + if (idx == -1) + return default_trust(id, x, flags); + pt = X509_TRUST_get0(idx); + return pt->check_trust(pt, x, flags); } int X509_TRUST_get_count(void) { - return sk_X509_TRUST_num(trtable); + if (!trtable) + return X509_TRUST_COUNT; + return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT; } -X509_TRUST * X509_TRUST_iget(int idx) +X509_TRUST *X509_TRUST_get0(int idx) { - return sk_X509_TRUST_value(trtable, idx); + if (idx < 0) + return NULL; + if (idx < (int)X509_TRUST_COUNT) + return trstandard + idx; + return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT); } int X509_TRUST_get_by_id(int id) { - X509_TRUST tmp; - tmp.trust_id = id; - if(!trtable) return -1; - return sk_X509_TRUST_find(trtable, &tmp); -} - -int X509_TRUST_add(X509_TRUST *xp) -{ - int idx; - if(!trtable) - { - trtable = sk_X509_TRUST_new(tr_cmp); - if (!trtable) - { - X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - } - - idx = X509_TRUST_get_by_id(xp->trust_id); - if(idx != -1) { - trtable_free(sk_X509_TRUST_value(trtable, idx)); - sk_X509_TRUST_set(trtable, idx, xp); - } else { - if (!sk_X509_TRUST_push(trtable, xp)) { - X509err(X509_F_X509_TRUST_ADD,ERR_R_MALLOC_FAILURE); - return 0; - } - } - return 1; + X509_TRUST tmp; + int idx; + + if ((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX)) + return id - X509_TRUST_MIN; + if (trtable == NULL) + return -1; + tmp.trust = id; + idx = sk_X509_TRUST_find(trtable, &tmp); + if (idx < 0) + return -1; + return idx + X509_TRUST_COUNT; +} + +int X509_TRUST_set(int *t, int trust) +{ + if (X509_TRUST_get_by_id(trust) == -1) { + X509err(X509_F_X509_TRUST_SET, X509_R_INVALID_TRUST); + return 0; + } + *t = trust; + return 1; +} + +int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int), + const char *name, int arg1, void *arg2) +{ + int idx; + X509_TRUST *trtmp; + /* + * This is set according to what we change: application can't set it + */ + flags &= ~X509_TRUST_DYNAMIC; + /* This will always be set for application modified trust entries */ + flags |= X509_TRUST_DYNAMIC_NAME; + /* Get existing entry if any */ + idx = X509_TRUST_get_by_id(id); + /* Need a new entry */ + if (idx == -1) { + if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) { + X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); + return 0; + } + trtmp->flags = X509_TRUST_DYNAMIC; + } else + trtmp = X509_TRUST_get0(idx); + + /* OPENSSL_free existing name if dynamic */ + if (trtmp->flags & X509_TRUST_DYNAMIC_NAME) + OPENSSL_free(trtmp->name); + /* dup supplied name */ + if ((trtmp->name = OPENSSL_strdup(name)) == NULL) { + X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); + goto err; + } + /* Keep the dynamic flag of existing entry */ + trtmp->flags &= X509_TRUST_DYNAMIC; + /* Set all other flags */ + trtmp->flags |= flags; + + trtmp->trust = id; + trtmp->check_trust = ck; + trtmp->arg1 = arg1; + trtmp->arg2 = arg2; + + /* If its a new entry manage the dynamic table */ + if (idx == -1) { + if (trtable == NULL + && (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) { + X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); + goto err;; + } + if (!sk_X509_TRUST_push(trtable, trtmp)) { + X509err(X509_F_X509_TRUST_ADD, ERR_R_MALLOC_FAILURE); + goto err; + } + } + return 1; + err: + if (idx == -1) { + OPENSSL_free(trtmp->name); + OPENSSL_free(trtmp); + } + return 0; } static void trtable_free(X509_TRUST *p) - { - if(!p) return; - if (p->trust_flags & X509_TRUST_DYNAMIC) - { - if (p->trust_flags & X509_TRUST_DYNAMIC_NAME) - Free(p->trust_name); - Free(p); - } - } +{ + if (p == NULL) + return; + if (p->flags & X509_TRUST_DYNAMIC) { + if (p->flags & X509_TRUST_DYNAMIC_NAME) + OPENSSL_free(p->name); + OPENSSL_free(p); + } +} void X509_TRUST_cleanup(void) { - sk_X509_TRUST_pop_free(trtable, trtable_free); - trtable = NULL; + sk_X509_TRUST_pop_free(trtable, trtable_free); + trtable = NULL; } -void X509_TRUST_add_standard(void) +int X509_TRUST_get_flags(const X509_TRUST *xp) { - X509_TRUST *xp; - for(xp = trstandard; xp->trust_name; xp++) - X509_TRUST_add(xp); + return xp->flags; } -int X509_TRUST_get_id(X509_TRUST *xp) +char *X509_TRUST_get0_name(const X509_TRUST *xp) { - return xp->trust_id; + return xp->name; } -char *X509_TRUST_iget_name(X509_TRUST *xp) +int X509_TRUST_get_trust(const X509_TRUST *xp) { - return xp->trust_name; + return xp->trust; } -int X509_TRUST_get_trust(X509_TRUST *xp) +static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags) { - return xp->trust_id; + /* + * Declare the chain verified if the desired trust OID is not rejected in + * any auxiliary trust info for this certificate, and the OID is either + * expressly trusted, or else either "anyEKU" is trusted, or the + * certificate is self-signed. + */ + flags |= X509_TRUST_DO_SS_COMPAT | X509_TRUST_OK_ANY_EKU; + return obj_trust(trust->arg1, x, flags); } -static int trust_1bit(X509_TRUST *trust, X509 *x, int flags) +static int trust_1oid(X509_TRUST *trust, X509 *x, int flags) { - X509_CERT_AUX *ax; - ax = x->aux; - if(ax) { - if(ax->reject - && ( ASN1_BIT_STRING_get_bit(ax->reject, X509_TRUST_BIT_ALL) - || ASN1_BIT_STRING_get_bit(ax->reject, trust->arg1))) - return X509_TRUST_REJECTED; - if(ax->trust && (ASN1_BIT_STRING_get_bit(ax->trust, X509_TRUST_BIT_ALL) - || ASN1_BIT_STRING_get_bit(ax->trust, trust->arg1))) - return X509_TRUST_TRUSTED; - return X509_TRUST_UNTRUSTED; - } - /* we don't have any trust settings: for compatability - * we return trusted if it is self signed - */ - X509_check_purpose(x, -1, 0); - if(x->ex_flags & EXFLAG_SS) return X509_TRUST_TRUSTED; - else return X509_TRUST_UNTRUSTED; + /* + * Declare the chain verified only if the desired trust OID is not + * rejected and is expressly trusted. Neither "anyEKU" nor "compat" + * trust in self-signed certificates apply. + */ + flags &= ~(X509_TRUST_DO_SS_COMPAT | X509_TRUST_OK_ANY_EKU); + return obj_trust(trust->arg1, x, flags); } -static int trust_any(X509_TRUST *trust, X509 *x, int flags) +static int trust_compat(X509_TRUST *trust, X509 *x, int flags) { - return X509_TRUST_TRUSTED; + /* Call for side-effect of computing hash and caching extensions */ + if (X509_check_purpose(x, -1, 0) != 1) + return X509_TRUST_UNTRUSTED; + if ((flags & X509_TRUST_NO_SS_COMPAT) == 0 && (x->ex_flags & EXFLAG_SS)) + return X509_TRUST_TRUSTED; + else + return X509_TRUST_UNTRUSTED; +} + +static int obj_trust(int id, X509 *x, int flags) +{ + X509_CERT_AUX *ax = x->aux; + int i; + + if (ax && ax->reject) { + for (i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) { + ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(ax->reject, i); + int nid = OBJ_obj2nid(obj); + + if (nid == id || (nid == NID_anyExtendedKeyUsage && + (flags & X509_TRUST_OK_ANY_EKU))) + return X509_TRUST_REJECTED; + } + } + + if (ax && ax->trust) { + for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) { + ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(ax->trust, i); + int nid = OBJ_obj2nid(obj); + + if (nid == id || (nid == NID_anyExtendedKeyUsage && + (flags & X509_TRUST_OK_ANY_EKU))) + return X509_TRUST_TRUSTED; + } + /* + * Reject when explicit trust EKU are set and none match. + * + * Returning untrusted is enough for for full chains that end in + * self-signed roots, because when explicit trust is specified it + * suppresses the default blanket trust of self-signed objects. + * + * But for partial chains, this is not enough, because absent a similar + * trust-self-signed policy, non matching EKUs are indistinguishable + * from lack of EKU constraints. + * + * Therefore, failure to match any trusted purpose must trigger an + * explicit reject. + */ + return X509_TRUST_REJECTED; + } + + if ((flags & X509_TRUST_DO_SS_COMPAT) == 0) + return X509_TRUST_UNTRUSTED; + + /* + * Not rejected, and there is no list of accepted uses, try compat. + */ + return trust_compat(NULL, x, flags); }