Add support for CRLs partitioned by reason code.
[openssl.git] / crypto / x509 / x509_vfy.c
1 /* crypto/x509/x509_vfy.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58
59 #include <stdio.h>
60 #include <time.h>
61 #include <errno.h>
62
63 #include "cryptlib.h"
64 #include <openssl/crypto.h>
65 #include <openssl/lhash.h>
66 #include <openssl/buffer.h>
67 #include <openssl/evp.h>
68 #include <openssl/asn1.h>
69 #include <openssl/x509.h>
70 #include <openssl/x509v3.h>
71 #include <openssl/objects.h>
72
73 static int null_callback(int ok,X509_STORE_CTX *e);
74 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
75 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
76 static int check_chain_extensions(X509_STORE_CTX *ctx);
77 static int check_name_constraints(X509_STORE_CTX *ctx);
78 static int check_trust(X509_STORE_CTX *ctx);
79 static int check_revocation(X509_STORE_CTX *ctx);
80 static int check_cert(X509_STORE_CTX *ctx);
81 static int check_policy(X509_STORE_CTX *ctx);
82
83 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
84                         unsigned int *preasons,
85                         X509_CRL *crl, X509 *x);
86 static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
87                                 X509 **pissuer, int *pcrl_score);
88 static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
89                                 unsigned int *preasons);
90 static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
91 static int check_crl_chain(X509_STORE_CTX *ctx,
92                         STACK_OF(X509) *cert_path,
93                         STACK_OF(X509) *crl_path);
94
95 static int internal_verify(X509_STORE_CTX *ctx);
96 const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT;
97
98
99 static int null_callback(int ok, X509_STORE_CTX *e)
100         {
101         return ok;
102         }
103
104 #if 0
105 static int x509_subject_cmp(X509 **a, X509 **b)
106         {
107         return X509_subject_name_cmp(*a,*b);
108         }
109 #endif
110
111 int X509_verify_cert(X509_STORE_CTX *ctx)
112         {
113         X509 *x,*xtmp,*chain_ss=NULL;
114         X509_NAME *xn;
115         int bad_chain = 0;
116         X509_VERIFY_PARAM *param = ctx->param;
117         int depth,i,ok=0;
118         int num;
119         int (*cb)(int xok,X509_STORE_CTX *xctx);
120         STACK_OF(X509) *sktmp=NULL;
121         if (ctx->cert == NULL)
122                 {
123                 X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
124                 return -1;
125                 }
126
127         cb=ctx->verify_cb;
128
129         /* first we make sure the chain we are going to build is
130          * present and that the first entry is in place */
131         if (ctx->chain == NULL)
132                 {
133                 if (    ((ctx->chain=sk_X509_new_null()) == NULL) ||
134                         (!sk_X509_push(ctx->chain,ctx->cert)))
135                         {
136                         X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
137                         goto end;
138                         }
139                 CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
140                 ctx->last_untrusted=1;
141                 }
142
143         /* We use a temporary STACK so we can chop and hack at it */
144         if (ctx->untrusted != NULL
145             && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
146                 {
147                 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
148                 goto end;
149                 }
150
151         num=sk_X509_num(ctx->chain);
152         x=sk_X509_value(ctx->chain,num-1);
153         depth=param->depth;
154
155
156         for (;;)
157                 {
158                 /* If we have enough, we break */
159                 if (depth < num) break; /* FIXME: If this happens, we should take
160                                          * note of it and, if appropriate, use the
161                                          * X509_V_ERR_CERT_CHAIN_TOO_LONG error
162                                          * code later.
163                                          */
164
165                 /* If we are self signed, we break */
166                 xn=X509_get_issuer_name(x);
167                 if (ctx->check_issued(ctx, x,x)) break;
168
169                 /* If we were passed a cert chain, use it first */
170                 if (ctx->untrusted != NULL)
171                         {
172                         xtmp=find_issuer(ctx, sktmp,x);
173                         if (xtmp != NULL)
174                                 {
175                                 if (!sk_X509_push(ctx->chain,xtmp))
176                                         {
177                                         X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
178                                         goto end;
179                                         }
180                                 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
181                                 (void)sk_X509_delete_ptr(sktmp,xtmp);
182                                 ctx->last_untrusted++;
183                                 x=xtmp;
184                                 num++;
185                                 /* reparse the full chain for
186                                  * the next one */
187                                 continue;
188                                 }
189                         }
190                 break;
191                 }
192
193         /* at this point, chain should contain a list of untrusted
194          * certificates.  We now need to add at least one trusted one,
195          * if possible, otherwise we complain. */
196
197         /* Examine last certificate in chain and see if it
198          * is self signed.
199          */
200
201         i=sk_X509_num(ctx->chain);
202         x=sk_X509_value(ctx->chain,i-1);
203         xn = X509_get_subject_name(x);
204         if (ctx->check_issued(ctx, x, x))
205                 {
206                 /* we have a self signed certificate */
207                 if (sk_X509_num(ctx->chain) == 1)
208                         {
209                         /* We have a single self signed certificate: see if
210                          * we can find it in the store. We must have an exact
211                          * match to avoid possible impersonation.
212                          */
213                         ok = ctx->get_issuer(&xtmp, ctx, x);
214                         if ((ok <= 0) || X509_cmp(x, xtmp)) 
215                                 {
216                                 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
217                                 ctx->current_cert=x;
218                                 ctx->error_depth=i-1;
219                                 if (ok == 1) X509_free(xtmp);
220                                 bad_chain = 1;
221                                 ok=cb(0,ctx);
222                                 if (!ok) goto end;
223                                 }
224                         else 
225                                 {
226                                 /* We have a match: replace certificate with store version
227                                  * so we get any trust settings.
228                                  */
229                                 X509_free(x);
230                                 x = xtmp;
231                                 (void)sk_X509_set(ctx->chain, i - 1, x);
232                                 ctx->last_untrusted=0;
233                                 }
234                         }
235                 else
236                         {
237                         /* extract and save self signed certificate for later use */
238                         chain_ss=sk_X509_pop(ctx->chain);
239                         ctx->last_untrusted--;
240                         num--;
241                         x=sk_X509_value(ctx->chain,num-1);
242                         }
243                 }
244
245         /* We now lookup certs from the certificate store */
246         for (;;)
247                 {
248                 /* If we have enough, we break */
249                 if (depth < num) break;
250
251                 /* If we are self signed, we break */
252                 xn=X509_get_issuer_name(x);
253                 if (ctx->check_issued(ctx,x,x)) break;
254
255                 ok = ctx->get_issuer(&xtmp, ctx, x);
256
257                 if (ok < 0) return ok;
258                 if (ok == 0) break;
259
260                 x = xtmp;
261                 if (!sk_X509_push(ctx->chain,x))
262                         {
263                         X509_free(xtmp);
264                         X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
265                         return 0;
266                         }
267                 num++;
268                 }
269
270         /* we now have our chain, lets check it... */
271         xn=X509_get_issuer_name(x);
272
273         /* Is last certificate looked up self signed? */
274         if (!ctx->check_issued(ctx,x,x))
275                 {
276                 if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss))
277                         {
278                         if (ctx->last_untrusted >= num)
279                                 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
280                         else
281                                 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
282                         ctx->current_cert=x;
283                         }
284                 else
285                         {
286
287                         sk_X509_push(ctx->chain,chain_ss);
288                         num++;
289                         ctx->last_untrusted=num;
290                         ctx->current_cert=chain_ss;
291                         ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
292                         chain_ss=NULL;
293                         }
294
295                 ctx->error_depth=num-1;
296                 bad_chain = 1;
297                 ok=cb(0,ctx);
298                 if (!ok) goto end;
299                 }
300
301         /* We have the chain complete: now we need to check its purpose */
302         ok = check_chain_extensions(ctx);
303
304         if (!ok) goto end;
305
306         /* Check name constraints */
307
308         ok = check_name_constraints(ctx);
309         
310         if (!ok) goto end;
311
312         /* The chain extensions are OK: check trust */
313
314         if (param->trust > 0) ok = check_trust(ctx);
315
316         if (!ok) goto end;
317
318         /* We may as well copy down any DSA parameters that are required */
319         X509_get_pubkey_parameters(NULL,ctx->chain);
320
321         /* Check revocation status: we do this after copying parameters
322          * because they may be needed for CRL signature verification.
323          */
324
325         ok = ctx->check_revocation(ctx);
326         if(!ok) goto end;
327
328         /* At this point, we have a chain and need to verify it */
329         if (ctx->verify != NULL)
330                 ok=ctx->verify(ctx);
331         else
332                 ok=internal_verify(ctx);
333         if(!ok) goto end;
334
335 #ifndef OPENSSL_NO_RFC3779
336         /* RFC 3779 path validation, now that CRL check has been done */
337         ok = v3_asid_validate_path(ctx);
338         if (!ok) goto end;
339         ok = v3_addr_validate_path(ctx);
340         if (!ok) goto end;
341 #endif
342
343         /* If we get this far evaluate policies */
344         if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
345                 ok = ctx->check_policy(ctx);
346         if(!ok) goto end;
347         if (0)
348                 {
349 end:
350                 X509_get_pubkey_parameters(NULL,ctx->chain);
351                 }
352         if (sktmp != NULL) sk_X509_free(sktmp);
353         if (chain_ss != NULL) X509_free(chain_ss);
354         return ok;
355         }
356
357
358 /* Given a STACK_OF(X509) find the issuer of cert (if any)
359  */
360
361 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
362 {
363         int i;
364         X509 *issuer;
365         for (i = 0; i < sk_X509_num(sk); i++)
366                 {
367                 issuer = sk_X509_value(sk, i);
368                 if (ctx->check_issued(ctx, x, issuer))
369                         return issuer;
370                 }
371         return NULL;
372 }
373
374 /* Given a possible certificate and issuer check them */
375
376 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
377 {
378         int ret;
379         ret = X509_check_issued(issuer, x);
380         if (ret == X509_V_OK)
381                 return 1;
382         /* If we haven't asked for issuer errors don't set ctx */
383         if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
384                 return 0;
385
386         ctx->error = ret;
387         ctx->current_cert = x;
388         ctx->current_issuer = issuer;
389         return ctx->verify_cb(0, ctx);
390         return 0;
391 }
392
393 /* Alternative lookup method: look from a STACK stored in other_ctx */
394
395 static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
396 {
397         *issuer = find_issuer(ctx, ctx->other_ctx, x);
398         if (*issuer)
399                 {
400                 CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509);
401                 return 1;
402                 }
403         else
404                 return 0;
405 }
406         
407
408 /* Check a certificate chains extensions for consistency
409  * with the supplied purpose
410  */
411
412 static int check_chain_extensions(X509_STORE_CTX *ctx)
413 {
414 #ifdef OPENSSL_NO_CHAIN_VERIFY
415         return 1;
416 #else
417         int i, ok=0, must_be_ca, plen = 0;
418         X509 *x;
419         int (*cb)(int xok,X509_STORE_CTX *xctx);
420         int proxy_path_length = 0;
421         int purpose;
422         int allow_proxy_certs;
423         cb=ctx->verify_cb;
424
425         /* must_be_ca can have 1 of 3 values:
426            -1: we accept both CA and non-CA certificates, to allow direct
427                use of self-signed certificates (which are marked as CA).
428            0:  we only accept non-CA certificates.  This is currently not
429                used, but the possibility is present for future extensions.
430            1:  we only accept CA certificates.  This is currently used for
431                all certificates in the chain except the leaf certificate.
432         */
433         must_be_ca = -1;
434
435         /* CRL path validation */
436         if (ctx->parent)
437                 {
438                 allow_proxy_certs = 0;
439                 purpose = X509_PURPOSE_CRL_SIGN;
440                 }
441         else
442                 {
443                 allow_proxy_certs =
444                         !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
445                 /* A hack to keep people who don't want to modify their
446                    software happy */
447                 if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
448                         allow_proxy_certs = 1;
449                 purpose = ctx->param->purpose;
450                 }
451
452         /* Check all untrusted certificates */
453         for (i = 0; i < ctx->last_untrusted; i++)
454                 {
455                 int ret;
456                 x = sk_X509_value(ctx->chain, i);
457                 if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
458                         && (x->ex_flags & EXFLAG_CRITICAL))
459                         {
460                         ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
461                         ctx->error_depth = i;
462                         ctx->current_cert = x;
463                         ok=cb(0,ctx);
464                         if (!ok) goto end;
465                         }
466                 if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY))
467                         {
468                         ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
469                         ctx->error_depth = i;
470                         ctx->current_cert = x;
471                         ok=cb(0,ctx);
472                         if (!ok) goto end;
473                         }
474                 ret = X509_check_ca(x);
475                 switch(must_be_ca)
476                         {
477                 case -1:
478                         if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
479                                 && (ret != 1) && (ret != 0))
480                                 {
481                                 ret = 0;
482                                 ctx->error = X509_V_ERR_INVALID_CA;
483                                 }
484                         else
485                                 ret = 1;
486                         break;
487                 case 0:
488                         if (ret != 0)
489                                 {
490                                 ret = 0;
491                                 ctx->error = X509_V_ERR_INVALID_NON_CA;
492                                 }
493                         else
494                                 ret = 1;
495                         break;
496                 default:
497                         if ((ret == 0)
498                                 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
499                                         && (ret != 1)))
500                                 {
501                                 ret = 0;
502                                 ctx->error = X509_V_ERR_INVALID_CA;
503                                 }
504                         else
505                                 ret = 1;
506                         break;
507                         }
508                 if (ret == 0)
509                         {
510                         ctx->error_depth = i;
511                         ctx->current_cert = x;
512                         ok=cb(0,ctx);
513                         if (!ok) goto end;
514                         }
515                 if (ctx->param->purpose > 0)
516                         {
517                         ret = X509_check_purpose(x, purpose, must_be_ca > 0);
518                         if ((ret == 0)
519                                 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
520                                         && (ret != 1)))
521                                 {
522                                 ctx->error = X509_V_ERR_INVALID_PURPOSE;
523                                 ctx->error_depth = i;
524                                 ctx->current_cert = x;
525                                 ok=cb(0,ctx);
526                                 if (!ok) goto end;
527                                 }
528                         }
529                 /* Check pathlen if not self issued */
530                 if ((i > 1) && !(x->ex_flags & EXFLAG_SI)
531                            && (x->ex_pathlen != -1)
532                            && (plen > (x->ex_pathlen + proxy_path_length + 1)))
533                         {
534                         ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
535                         ctx->error_depth = i;
536                         ctx->current_cert = x;
537                         ok=cb(0,ctx);
538                         if (!ok) goto end;
539                         }
540                 /* Increment path length if not self issued */
541                 if (!(x->ex_flags & EXFLAG_SI))
542                         plen++;
543                 /* If this certificate is a proxy certificate, the next
544                    certificate must be another proxy certificate or a EE
545                    certificate.  If not, the next certificate must be a
546                    CA certificate.  */
547                 if (x->ex_flags & EXFLAG_PROXY)
548                         {
549                         if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen)
550                                 {
551                                 ctx->error =
552                                         X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
553                                 ctx->error_depth = i;
554                                 ctx->current_cert = x;
555                                 ok=cb(0,ctx);
556                                 if (!ok) goto end;
557                                 }
558                         proxy_path_length++;
559                         must_be_ca = 0;
560                         }
561                 else
562                         must_be_ca = 1;
563                 }
564         ok = 1;
565  end:
566         return ok;
567 #endif
568 }
569
570 static int check_name_constraints(X509_STORE_CTX *ctx)
571         {
572         X509 *x;
573         int i, j, rv;
574         /* Check name constraints for all certificates */
575         for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
576                 {
577                 x = sk_X509_value(ctx->chain, i);
578                 /* Ignore self issued certs unless last in chain */
579                 if (i && (x->ex_flags & EXFLAG_SI))
580                         continue;
581                 /* Check against constraints for all certificates higher in
582                  * chain including trust anchor. Trust anchor not strictly
583                  * speaking needed but if it includes constraints it is to be
584                  * assumed it expects them to be obeyed.
585                  */
586                 for (j = sk_X509_num(ctx->chain) - 1; j > i; j--)
587                         {
588                         NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
589                         if (nc)
590                                 {
591                                 rv = NAME_CONSTRAINTS_check(x, nc);
592                                 if (rv != X509_V_OK)
593                                         {
594                                         ctx->error = rv;
595                                         ctx->error_depth = i;
596                                         ctx->current_cert = x;
597                                         if (!ctx->verify_cb(0,ctx))
598                                                 return 0;
599                                         }
600                                 }
601                         }
602                 }
603         return 1;
604         }
605
606 static int check_trust(X509_STORE_CTX *ctx)
607 {
608 #ifdef OPENSSL_NO_CHAIN_VERIFY
609         return 1;
610 #else
611         int i, ok;
612         X509 *x;
613         int (*cb)(int xok,X509_STORE_CTX *xctx);
614         cb=ctx->verify_cb;
615 /* For now just check the last certificate in the chain */
616         i = sk_X509_num(ctx->chain) - 1;
617         x = sk_X509_value(ctx->chain, i);
618         ok = X509_check_trust(x, ctx->param->trust, 0);
619         if (ok == X509_TRUST_TRUSTED)
620                 return 1;
621         ctx->error_depth = i;
622         ctx->current_cert = x;
623         if (ok == X509_TRUST_REJECTED)
624                 ctx->error = X509_V_ERR_CERT_REJECTED;
625         else
626                 ctx->error = X509_V_ERR_CERT_UNTRUSTED;
627         ok = cb(0, ctx);
628         return ok;
629 #endif
630 }
631
632 static int check_revocation(X509_STORE_CTX *ctx)
633         {
634         int i, last, ok;
635         if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
636                 return 1;
637         if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
638                 last = sk_X509_num(ctx->chain) - 1;
639         else
640                 last = 0;
641         for(i = 0; i <= last; i++)
642                 {
643                 ctx->error_depth = i;
644                 ok = check_cert(ctx);
645                 if (!ok) return ok;
646                 }
647         return 1;
648         }
649
650 static int check_cert(X509_STORE_CTX *ctx)
651         {
652         X509_CRL *crl = NULL;
653         X509 *x;
654         int ok, cnum;
655         cnum = ctx->error_depth;
656         x = sk_X509_value(ctx->chain, cnum);
657         ctx->current_cert = x;
658         ctx->current_issuer = NULL;
659         ctx->current_reasons = 0;
660         while (ctx->current_reasons != CRLDP_ALL_REASONS)
661                 {
662                 /* Try to retrieve relevant CRL */
663                 ok = ctx->get_crl(ctx, &crl, x);
664                 /* If error looking up CRL, nothing we can do except
665                  * notify callback
666                  */
667                 if(!ok)
668                         {
669                         ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
670                         ok = ctx->verify_cb(0, ctx);
671                         goto err;
672                         }
673                 ctx->current_crl = crl;
674                 ok = ctx->check_crl(ctx, crl);
675                 if (!ok)
676                         goto err;
677                 ok = ctx->cert_crl(ctx, crl, x);
678                 if (!ok)
679                         goto err;
680                 X509_CRL_free(crl);
681                 crl = NULL;
682                 }
683         err:
684         X509_CRL_free(crl);
685         ctx->current_crl = NULL;
686         return ok;
687
688         }
689
690 /* Check CRL times against values in X509_STORE_CTX */
691
692 static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
693         {
694         time_t *ptime;
695         int i;
696         if (notify)
697                 ctx->current_crl = crl;
698         if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
699                 ptime = &ctx->param->check_time;
700         else
701                 ptime = NULL;
702
703         i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
704         if (i == 0)
705                 {
706                 if (!notify)
707                         return 0;
708                 ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
709                 if (!ctx->verify_cb(0, ctx))
710                         return 0;
711                 }
712
713         if (i > 0)
714                 {
715                 if (!notify)
716                         return 0;
717                 ctx->error=X509_V_ERR_CRL_NOT_YET_VALID;
718                 if (!ctx->verify_cb(0, ctx))
719                         return 0;
720                 }
721
722         if(X509_CRL_get_nextUpdate(crl))
723                 {
724                 i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
725
726                 if (i == 0)
727                         {
728                         if (!notify)
729                                 return 0;
730                         ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
731                         if (!ctx->verify_cb(0, ctx))
732                                 return 0;
733                         }
734
735                 if (i < 0)
736                         {
737                         if (!notify)
738                                 return 0;
739                         ctx->error=X509_V_ERR_CRL_HAS_EXPIRED;
740                         if (!ctx->verify_cb(0, ctx))
741                                 return 0;
742                         }
743                 }
744
745         if (notify)
746                 ctx->current_crl = NULL;
747
748         return 1;
749         }
750
751 /* CRL score values */
752
753 /* No unhandled critical extensions */
754
755 #define CRL_SCORE_NOCRITICAL    0x100
756
757 /* certificate is within CRL scope */
758
759 #define CRL_SCORE_SCOPE         0x080
760
761 /* CRL times valid */
762
763 #define CRL_SCORE_TIME          0x040
764
765 /* Issuer name matches certificate */
766
767 #define CRL_SCORE_ISSUER_NAME   0x020
768
769 /* If this score or above CRL is probably valid */
770
771 #define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
772
773 /* CRL issuer is certificate issuer */
774
775 #define CRL_SCORE_ISSUER_CERT   0x018
776
777 /* CRL issuer is on certificate path */
778
779 #define CRL_SCORE_SAME_PATH     0x008
780
781 /* CRL issuer matches CRL AKID */
782
783 #define CRL_SCORE_AKID          0x004
784
785 /* CRL is complete, not delta */
786
787 #define CRL_SCORE_COMPLETE      0x002
788
789 static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 **pissuer,
790                         int *pscore, unsigned int *preasons,
791                         STACK_OF(X509_CRL) *crls)
792         {
793         int i, crl_score, best_score = *pscore;
794         unsigned int reasons, best_reasons;
795         X509 *x = ctx->current_cert;
796         X509_CRL *crl, *best_crl = NULL;
797         X509 *crl_issuer, *best_crl_issuer = NULL;
798         for (i = 0; i < sk_X509_CRL_num(crls); i++)
799                 {
800                 crl = sk_X509_CRL_value(crls, i);
801                 reasons = *preasons;
802                 crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
803
804                 if (crl_score > best_score)
805                         {
806                         best_crl = crl;
807                         best_crl_issuer = crl_issuer;
808                         best_score = crl_score;
809                         best_reasons = reasons;
810                         }
811                 }
812
813         if (best_crl)
814                 {
815                 if (*pcrl)
816                         X509_CRL_free(*pcrl);
817                 *pcrl = best_crl;
818                 *pissuer = best_crl_issuer;
819                 *pscore = best_score;
820                 *preasons = best_reasons;
821                 CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509);
822                 }
823
824
825         if (best_score >= CRL_SCORE_VALID)
826                 return 1;
827
828         return 0;
829         }
830
831 /* For a given CRL return how suitable it is for the supplied certificate 'x'.
832  * The return value is a mask of several criteria.
833  * If the issuer is not the certificate issuer this is returned in *pissuer.
834  * The reasons mask is also used to determine if the CRL is suitable: if
835  * no new reasons the CRL is rejected, otherwise reasons is updated.
836  */
837
838 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
839                         unsigned int *preasons,
840                         X509_CRL *crl, X509 *x)
841         {
842
843         int crl_score = 0;
844         unsigned int tmp_reasons = *preasons, crl_reasons;
845
846         /* First see if we can reject CRL straight away */
847
848         /* Invalid IDP cannot be processed */
849         if (crl->idp_flags & IDP_INVALID)
850                 return 0;
851         /* Reason codes or indirect CRLs need extended CRL support */
852         if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
853                 {
854                 if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
855                         return 0;
856                 }
857         else if (crl->idp_flags & IDP_REASONS)
858                 {
859                 /* If no new reasons reject */
860                 if (!(crl->idp_reasons & ~tmp_reasons))
861                         return 0;
862                 }
863         /* If issuer name doesn't match certificate need indirect CRL */
864         if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl)))
865                 {
866                 if (!(crl->idp_flags & IDP_INDIRECT))
867                         return 0;
868                 }
869         else
870                 crl_score |= CRL_SCORE_ISSUER_NAME;
871
872         if (!(crl->flags & EXFLAG_CRITICAL))
873                 crl_score |= CRL_SCORE_NOCRITICAL;
874
875         /* Check expiry */
876         if (check_crl_time(ctx, crl, 0))
877                 crl_score |= CRL_SCORE_TIME;
878
879         /* Check authority key ID and locate certificate issuer */
880         crl_akid_check(ctx, crl, pissuer, &crl_score);
881
882         /* If we can't locate certificate issuer at this point forget it */
883
884         if (!(crl_score & CRL_SCORE_AKID))
885                 return 0;
886
887         /* Check cert for matching CRL distribution points */
888
889         if (crl_crldp_check(x, crl, crl_score, &crl_reasons))
890                 {
891                 /* If no new reasons reject */
892                 if (!(crl_reasons & ~tmp_reasons))
893                         return 0;
894                 tmp_reasons |= crl_reasons;
895                 crl_score |= CRL_SCORE_SCOPE;
896                 }
897
898         *preasons = tmp_reasons;
899
900         return crl_score;
901
902         }
903
904 static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
905                                 X509 **pissuer, int *pcrl_score)
906         {
907         X509 *crl_issuer = NULL;
908         X509_NAME *cnm = X509_CRL_get_issuer(crl);
909         int cidx = ctx->error_depth;
910         int i;
911
912         if (cidx != sk_X509_num(ctx->chain) - 1)
913                 cidx++;
914
915         crl_issuer = sk_X509_value(ctx->chain, cidx);
916
917         if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
918                 {
919                 if (*pcrl_score & CRL_SCORE_ISSUER_NAME)
920                         {
921                         *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_ISSUER_CERT;
922                         *pissuer = crl_issuer;
923                         return;
924                         }
925                 }
926
927         for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++)
928                 {
929                 crl_issuer = sk_X509_value(ctx->chain, cidx);
930                 if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
931                         continue;
932                 if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
933                         {
934                         *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_SAME_PATH;
935                         *pissuer = crl_issuer;
936                         return;
937                         }
938                 }
939
940         /* Anything else needs extended CRL support */
941
942         if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
943                 return;
944
945         /* Otherwise the CRL issuer is not on the path. Look for it in the
946          * set of untrusted certificates.
947          */
948         for (i = 0; i < sk_X509_num(ctx->untrusted); i++)
949                 {
950                 crl_issuer = sk_X509_value(ctx->untrusted, i);
951                 if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
952                         continue;
953                 if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
954                         {
955                         *pissuer = crl_issuer;
956                         *pcrl_score |= CRL_SCORE_AKID;
957                         return;
958                         }
959                 }
960         }
961
962 /* Check the path of a CRL issuer certificate. This creates a new
963  * X509_STORE_CTX and populates it with most of the parameters from the
964  * parent. This could be optimised somewhat since a lot of path checking
965  * will be duplicated by the parent, but this will rarely be used in 
966  * practice.
967  */
968
969 static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
970         {
971         X509_STORE_CTX crl_ctx;
972         int ret;
973         /* Don't allow recursive CRL path validation */
974         if (ctx->parent)
975                 return 0;
976         if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
977                 return -1;
978
979         crl_ctx.crls = ctx->crls;
980         /* Copy verify params across */
981         X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
982
983         crl_ctx.parent = ctx;
984         crl_ctx.verify_cb = ctx->verify_cb;
985
986         /* Verify CRL issuer */
987         ret = X509_verify_cert(&crl_ctx);
988
989         if (!ret)
990                 goto err;
991
992         /* Check chain is acceptable */
993
994         ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
995         err:
996         X509_STORE_CTX_cleanup(&crl_ctx);
997         return ret;
998         }
999
1000 /* RFC3280 says nothing about the relationship between CRL path
1001  * and certificate path, which could lead to situations where a
1002  * certificate could be revoked or validated by a CA not authorised
1003  * to do so. RFC5280 is more strict and states that the two paths must
1004  * end in the same trust anchor, though some discussions remain...
1005  * until this is resolved we use the RFC5280 version
1006  */
1007
1008 static int check_crl_chain(X509_STORE_CTX *ctx,
1009                         STACK_OF(X509) *cert_path,
1010                         STACK_OF(X509) *crl_path)
1011         {
1012         X509 *cert_ta, *crl_ta;
1013         cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
1014         crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
1015         if (!X509_cmp(cert_ta, crl_ta))
1016                 return 1;
1017         return 0;
1018         }
1019
1020 /* Check for match between two dist point names: three separate cases.
1021  * 1. Both are relative names and compare X509_NAME types.
1022  * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
1023  * 3. Both are full names and compare two GENERAL_NAMES.
1024  * 4. One is NULL: automatic match.
1025  */
1026
1027
1028 static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
1029         {
1030         X509_NAME *nm = NULL;
1031         GENERAL_NAMES *gens = NULL;
1032         GENERAL_NAME *gena, *genb;
1033         int i, j;
1034         if (!a || !b)
1035                 return 1;
1036         if (a->type == 1)
1037                 {
1038                 if (!a->dpname)
1039                         return 0;
1040                 /* Case 1: two X509_NAME */
1041                 if (b->type == 1)
1042                         {
1043                         if (!b->dpname)
1044                                 return 0;
1045                         if (!X509_NAME_cmp(a->dpname, b->dpname))
1046                                 return 1;
1047                         else
1048                                 return 0;
1049                         }
1050                 /* Case 2: set name and GENERAL_NAMES appropriately */
1051                 nm = a->dpname;
1052                 gens = b->name.fullname;
1053                 }
1054         else if (b->type == 1)
1055                 {
1056                 if (!b->dpname)
1057                         return 0;
1058                 /* Case 2: set name and GENERAL_NAMES appropriately */
1059                 gens = a->name.fullname;
1060                 nm = b->dpname;
1061                 }
1062
1063         /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
1064         if (nm)
1065                 {
1066                 for (i = 0; i < sk_GENERAL_NAME_num(gens); i++)
1067                         {
1068                         gena = sk_GENERAL_NAME_value(gens, i);  
1069                         if (gena->type != GEN_DIRNAME)
1070                                 continue;
1071                         if (!X509_NAME_cmp(nm, gena->d.directoryName))
1072                                 return 1;
1073                         }
1074                 return 0;
1075                 }
1076
1077         /* Else case 3: two GENERAL_NAMES */
1078
1079         for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++)
1080                 {
1081                 gena = sk_GENERAL_NAME_value(a->name.fullname, i);
1082                 for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++)
1083                         {
1084                         genb = sk_GENERAL_NAME_value(b->name.fullname, j);
1085                         if (!GENERAL_NAME_cmp(gena, genb))
1086                                 return 1;
1087                         }
1088                 }
1089
1090         return 0;
1091
1092         }
1093
1094 static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
1095         {
1096         int i;
1097         X509_NAME *nm = X509_CRL_get_issuer(crl);
1098         /* If no CRLissuer return is successful iff don't need a match */
1099         if (!dp->CRLissuer)
1100                 return !!(crl_score & CRL_SCORE_ISSUER_NAME);
1101         for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++)
1102                 {
1103                 GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
1104                 if (gen->type != GEN_DIRNAME)
1105                         continue;
1106                 if (!X509_NAME_cmp(gen->d.directoryName, nm))
1107                         return 1;
1108                 }
1109         return 0;
1110         }
1111
1112 /* Check CRLDP and IDP */
1113
1114 static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
1115                                 unsigned int *preasons)
1116         {
1117         int i;
1118         if (crl->idp_flags & IDP_ONLYATTR)
1119                 return 0;
1120         if (x->ex_flags & EXFLAG_CA)
1121                 {
1122                 if (crl->idp_flags & IDP_ONLYUSER)
1123                         return 0;
1124                 }
1125         else
1126                 {
1127                 if (crl->idp_flags & IDP_ONLYCA)
1128                         return 0;
1129                 }
1130         *preasons = crl->idp_reasons;
1131         for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
1132                 {
1133                 DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
1134                 if (crldp_check_crlissuer(dp, crl, crl_score))
1135                         {
1136                         if (!crl->idp ||
1137                              idp_check_dp(dp->distpoint, crl->idp->distpoint))
1138                                 {
1139                                 *preasons &= dp->dp_reasons;
1140                                 return 1;
1141                                 }
1142                         }
1143                 }
1144         if ((!crl->idp || !crl->idp->distpoint) && (crl_score & CRL_SCORE_ISSUER_NAME))
1145                 return 1;
1146         return 0;
1147         }
1148
1149 /* Retrieve CRL corresponding to current certificate. Currently only
1150  * one CRL is retrieved. Multiple CRLs may be needed if we handle
1151  * CRLs partitioned on reason code later.
1152  */
1153         
1154 static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x)
1155         {
1156         int ok;
1157         X509 *issuer = NULL;
1158         int crl_score = 0;
1159         unsigned int reasons;
1160         X509_CRL *crl = NULL;
1161         STACK_OF(X509_CRL) *skcrl;
1162         X509_NAME *nm = X509_get_issuer_name(x);
1163         reasons = ctx->current_reasons;
1164         ok = get_crl_sk(ctx, &crl, &issuer, &crl_score, &reasons, ctx->crls);
1165         if (ok)
1166                 goto done;
1167
1168         /* Lookup CRLs from store */
1169
1170         skcrl = ctx->lookup_crls(ctx, nm);
1171
1172         /* If no CRLs found and a near match from get_crl_sk use that */
1173         if (!skcrl && crl)
1174                 goto done;
1175
1176         get_crl_sk(ctx, &crl, &issuer, &crl_score, &reasons, skcrl);
1177
1178         sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
1179
1180         done:
1181
1182         /* If we got any kind of CRL use it and return success */
1183         if (crl)
1184                 {
1185                 ctx->current_issuer = issuer;
1186                 ctx->current_crl_score = crl_score;
1187                 ctx->current_reasons = reasons;
1188                 *pcrl = crl;
1189                 return 1;
1190                 }
1191
1192         return 0;
1193         }
1194
1195 /* Check CRL validity */
1196 static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
1197         {
1198         X509 *issuer = NULL;
1199         EVP_PKEY *ikey = NULL;
1200         int ok = 0, chnum, cnum;
1201         cnum = ctx->error_depth;
1202         chnum = sk_X509_num(ctx->chain) - 1;
1203         /* if we have an alternative CRL issuer cert use that */
1204         if (ctx->current_issuer)
1205                 issuer = ctx->current_issuer;
1206         /* Else find CRL issuer: if not last certificate then issuer
1207          * is next certificate in chain.
1208          */
1209         else if (cnum < chnum)
1210                 issuer = sk_X509_value(ctx->chain, cnum + 1);
1211         else
1212                 {
1213                 issuer = sk_X509_value(ctx->chain, chnum);
1214                 /* If not self signed, can't check signature */
1215                 if(!ctx->check_issued(ctx, issuer, issuer))
1216                         {
1217                         ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
1218                         ok = ctx->verify_cb(0, ctx);
1219                         if(!ok) goto err;
1220                         }
1221                 }
1222
1223         if(issuer)
1224                 {
1225                 /* Check for cRLSign bit if keyUsage present */
1226                 if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
1227                         !(issuer->ex_kusage & KU_CRL_SIGN))
1228                         {
1229                         ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
1230                         ok = ctx->verify_cb(0, ctx);
1231                         if(!ok) goto err;
1232                         }
1233
1234         if (!(ctx->current_crl_score & CRL_SCORE_SCOPE))
1235                 {
1236                 ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
1237                 ok = ctx->verify_cb(0, ctx);
1238                 if(!ok) goto err;
1239                 }
1240
1241         if (!(ctx->current_crl_score & CRL_SCORE_TIME))
1242                 {
1243                 ok = check_crl_time(ctx, crl, 1);
1244                 if (!ok)
1245                         goto err;
1246                 }
1247
1248         if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH))
1249                 {
1250                 if (!check_crl_path(ctx, ctx->current_issuer))
1251                         {
1252                         ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
1253                         ok = ctx->verify_cb(0, ctx);
1254                         if(!ok) goto err;
1255                         }
1256                 }
1257
1258                 if (crl->idp_flags & IDP_INVALID)
1259                         {
1260                         ctx->error = X509_V_ERR_INVALID_EXTENSION;
1261                         ok = ctx->verify_cb(0, ctx);
1262                         if(!ok) goto err;
1263                         }
1264
1265                 /* Attempt to get issuer certificate public key */
1266                 ikey = X509_get_pubkey(issuer);
1267
1268                 if(!ikey)
1269                         {
1270                         ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
1271                         ok = ctx->verify_cb(0, ctx);
1272                         if (!ok) goto err;
1273                         }
1274                 else
1275                         {
1276                         /* Verify CRL signature */
1277                         if(X509_CRL_verify(crl, ikey) <= 0)
1278                                 {
1279                                 ctx->error=X509_V_ERR_CRL_SIGNATURE_FAILURE;
1280                                 ok = ctx->verify_cb(0, ctx);
1281                                 if (!ok) goto err;
1282                                 }
1283                         }
1284                 }
1285
1286         ok = 1;
1287
1288         err:
1289         EVP_PKEY_free(ikey);
1290         return ok;
1291         }
1292
1293 /* Check certificate against CRL */
1294 static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
1295         {
1296         int ok;
1297         /* Look for serial number of certificate in CRL
1298          * If found assume revoked: want something cleverer than
1299          * this to handle entry extensions in V2 CRLs.
1300          */
1301         if (X509_CRL_get0_by_cert(crl, NULL, x) > 0)
1302                 {
1303                 ctx->error = X509_V_ERR_CERT_REVOKED;
1304                 ok = ctx->verify_cb(0, ctx);
1305                 if (!ok)
1306                         return 0;
1307                 }
1308
1309         if (crl->flags & EXFLAG_CRITICAL)
1310                 {
1311                 if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
1312                         return 1;
1313                 ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
1314                 ok = ctx->verify_cb(0, ctx);
1315                 if(!ok)
1316                         return 0;
1317                 }
1318
1319         return 1;
1320         }
1321
1322 static int check_policy(X509_STORE_CTX *ctx)
1323         {
1324         int ret;
1325         if (ctx->parent)
1326                 return 1;
1327         ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
1328                                 ctx->param->policies, ctx->param->flags);
1329         if (ret == 0)
1330                 {
1331                 X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE);
1332                 return 0;
1333                 }
1334         /* Invalid or inconsistent extensions */
1335         if (ret == -1)
1336                 {
1337                 /* Locate certificates with bad extensions and notify
1338                  * callback.
1339                  */
1340                 X509 *x;
1341                 int i;
1342                 for (i = 1; i < sk_X509_num(ctx->chain); i++)
1343                         {
1344                         x = sk_X509_value(ctx->chain, i);
1345                         if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
1346                                 continue;
1347                         ctx->current_cert = x;
1348                         ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
1349                         if(!ctx->verify_cb(0, ctx))
1350                                 return 0;
1351                         }
1352                 return 1;
1353                 }
1354         if (ret == -2)
1355                 {
1356                 ctx->current_cert = NULL;
1357                 ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
1358                 return ctx->verify_cb(0, ctx);
1359                 }
1360
1361         if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY)
1362                 {
1363                 ctx->current_cert = NULL;
1364                 ctx->error = X509_V_OK;
1365                 if (!ctx->verify_cb(2, ctx))
1366                         return 0;
1367                 }
1368
1369         return 1;
1370         }
1371
1372 static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
1373         {
1374         time_t *ptime;
1375         int i;
1376
1377         if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
1378                 ptime = &ctx->param->check_time;
1379         else
1380                 ptime = NULL;
1381
1382         i=X509_cmp_time(X509_get_notBefore(x), ptime);
1383         if (i == 0)
1384                 {
1385                 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
1386                 ctx->current_cert=x;
1387                 if (!ctx->verify_cb(0, ctx))
1388                         return 0;
1389                 }
1390
1391         if (i > 0)
1392                 {
1393                 ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
1394                 ctx->current_cert=x;
1395                 if (!ctx->verify_cb(0, ctx))
1396                         return 0;
1397                 }
1398
1399         i=X509_cmp_time(X509_get_notAfter(x), ptime);
1400         if (i == 0)
1401                 {
1402                 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
1403                 ctx->current_cert=x;
1404                 if (!ctx->verify_cb(0, ctx))
1405                         return 0;
1406                 }
1407
1408         if (i < 0)
1409                 {
1410                 ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
1411                 ctx->current_cert=x;
1412                 if (!ctx->verify_cb(0, ctx))
1413                         return 0;
1414                 }
1415
1416         return 1;
1417         }
1418
1419 static int internal_verify(X509_STORE_CTX *ctx)
1420         {
1421         int ok=0,n;
1422         X509 *xs,*xi;
1423         EVP_PKEY *pkey=NULL;
1424         int (*cb)(int xok,X509_STORE_CTX *xctx);
1425
1426         cb=ctx->verify_cb;
1427
1428         n=sk_X509_num(ctx->chain);
1429         ctx->error_depth=n-1;
1430         n--;
1431         xi=sk_X509_value(ctx->chain,n);
1432
1433         if (ctx->check_issued(ctx, xi, xi))
1434                 xs=xi;
1435         else
1436                 {
1437                 if (n <= 0)
1438                         {
1439                         ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
1440                         ctx->current_cert=xi;
1441                         ok=cb(0,ctx);
1442                         goto end;
1443                         }
1444                 else
1445                         {
1446                         n--;
1447                         ctx->error_depth=n;
1448                         xs=sk_X509_value(ctx->chain,n);
1449                         }
1450                 }
1451
1452 /*      ctx->error=0;  not needed */
1453         while (n >= 0)
1454                 {
1455                 ctx->error_depth=n;
1456                 if (!xs->valid)
1457                         {
1458                         if ((pkey=X509_get_pubkey(xi)) == NULL)
1459                                 {
1460                                 ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
1461                                 ctx->current_cert=xi;
1462                                 ok=(*cb)(0,ctx);
1463                                 if (!ok) goto end;
1464                                 }
1465                         else if (X509_verify(xs,pkey) <= 0)
1466                                 /* XXX  For the final trusted self-signed cert,
1467                                  * this is a waste of time.  That check should
1468                                  * optional so that e.g. 'openssl x509' can be
1469                                  * used to detect invalid self-signatures, but
1470                                  * we don't verify again and again in SSL
1471                                  * handshakes and the like once the cert has
1472                                  * been declared trusted. */
1473                                 {
1474                                 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
1475                                 ctx->current_cert=xs;
1476                                 ok=(*cb)(0,ctx);
1477                                 if (!ok)
1478                                         {
1479                                         EVP_PKEY_free(pkey);
1480                                         goto end;
1481                                         }
1482                                 }
1483                         EVP_PKEY_free(pkey);
1484                         pkey=NULL;
1485                         }
1486
1487                 xs->valid = 1;
1488
1489                 ok = check_cert_time(ctx, xs);
1490                 if (!ok)
1491                         goto end;
1492
1493                 /* The last error (if any) is still in the error value */
1494                 ctx->current_issuer=xi;
1495                 ctx->current_cert=xs;
1496                 ok=(*cb)(1,ctx);
1497                 if (!ok) goto end;
1498
1499                 n--;
1500                 if (n >= 0)
1501                         {
1502                         xi=xs;
1503                         xs=sk_X509_value(ctx->chain,n);
1504                         }
1505                 }
1506         ok=1;
1507 end:
1508         return ok;
1509         }
1510
1511 int X509_cmp_current_time(const ASN1_TIME *ctm)
1512 {
1513         return X509_cmp_time(ctm, NULL);
1514 }
1515
1516 int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
1517         {
1518         char *str;
1519         ASN1_TIME atm;
1520         long offset;
1521         char buff1[24],buff2[24],*p;
1522         int i,j;
1523
1524         p=buff1;
1525         i=ctm->length;
1526         str=(char *)ctm->data;
1527         if (ctm->type == V_ASN1_UTCTIME)
1528                 {
1529                 if ((i < 11) || (i > 17)) return 0;
1530                 memcpy(p,str,10);
1531                 p+=10;
1532                 str+=10;
1533                 }
1534         else
1535                 {
1536                 if (i < 13) return 0;
1537                 memcpy(p,str,12);
1538                 p+=12;
1539                 str+=12;
1540                 }
1541
1542         if ((*str == 'Z') || (*str == '-') || (*str == '+'))
1543                 { *(p++)='0'; *(p++)='0'; }
1544         else
1545                 { 
1546                 *(p++)= *(str++);
1547                 *(p++)= *(str++);
1548                 /* Skip any fractional seconds... */
1549                 if (*str == '.')
1550                         {
1551                         str++;
1552                         while ((*str >= '0') && (*str <= '9')) str++;
1553                         }
1554                 
1555                 }
1556         *(p++)='Z';
1557         *(p++)='\0';
1558
1559         if (*str == 'Z')
1560                 offset=0;
1561         else
1562                 {
1563                 if ((*str != '+') && (*str != '-'))
1564                         return 0;
1565                 offset=((str[1]-'0')*10+(str[2]-'0'))*60;
1566                 offset+=(str[3]-'0')*10+(str[4]-'0');
1567                 if (*str == '-')
1568                         offset= -offset;
1569                 }
1570         atm.type=ctm->type;
1571         atm.length=sizeof(buff2);
1572         atm.data=(unsigned char *)buff2;
1573
1574         if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL)
1575                 return 0;
1576
1577         if (ctm->type == V_ASN1_UTCTIME)
1578                 {
1579                 i=(buff1[0]-'0')*10+(buff1[1]-'0');
1580                 if (i < 50) i+=100; /* cf. RFC 2459 */
1581                 j=(buff2[0]-'0')*10+(buff2[1]-'0');
1582                 if (j < 50) j+=100;
1583
1584                 if (i < j) return -1;
1585                 if (i > j) return 1;
1586                 }
1587         i=strcmp(buff1,buff2);
1588         if (i == 0) /* wait a second then return younger :-) */
1589                 return -1;
1590         else
1591                 return i;
1592         }
1593
1594 ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
1595 {
1596         return X509_time_adj(s, adj, NULL);
1597 }
1598
1599 ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
1600         {
1601         time_t t;
1602         int type = -1;
1603
1604         if (in_tm) t = *in_tm;
1605         else time(&t);
1606
1607         t+=adj;
1608         if (s) type = s->type;
1609         if (type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
1610         if (type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_set(s, t);
1611         return ASN1_TIME_set(s, t);
1612         }
1613
1614 int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
1615         {
1616         EVP_PKEY *ktmp=NULL,*ktmp2;
1617         int i,j;
1618
1619         if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1;
1620
1621         for (i=0; i<sk_X509_num(chain); i++)
1622                 {
1623                 ktmp=X509_get_pubkey(sk_X509_value(chain,i));
1624                 if (ktmp == NULL)
1625                         {
1626                         X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
1627                         return 0;
1628                         }
1629                 if (!EVP_PKEY_missing_parameters(ktmp))
1630                         break;
1631                 else
1632                         {
1633                         EVP_PKEY_free(ktmp);
1634                         ktmp=NULL;
1635                         }
1636                 }
1637         if (ktmp == NULL)
1638                 {
1639                 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
1640                 return 0;
1641                 }
1642
1643         /* first, populate the other certs */
1644         for (j=i-1; j >= 0; j--)
1645                 {
1646                 ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
1647                 EVP_PKEY_copy_parameters(ktmp2,ktmp);
1648                 EVP_PKEY_free(ktmp2);
1649                 }
1650         
1651         if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
1652         EVP_PKEY_free(ktmp);
1653         return 1;
1654         }
1655
1656 int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1657              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
1658         {
1659         /* This function is (usually) called only once, by
1660          * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */
1661         return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
1662                         new_func, dup_func, free_func);
1663         }
1664
1665 int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
1666         {
1667         return CRYPTO_set_ex_data(&ctx->ex_data,idx,data);
1668         }
1669
1670 void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
1671         {
1672         return CRYPTO_get_ex_data(&ctx->ex_data,idx);
1673         }
1674
1675 int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
1676         {
1677         return ctx->error;
1678         }
1679
1680 void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
1681         {
1682         ctx->error=err;
1683         }
1684
1685 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
1686         {
1687         return ctx->error_depth;
1688         }
1689
1690 X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
1691         {
1692         return ctx->current_cert;
1693         }
1694
1695 STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
1696         {
1697         return ctx->chain;
1698         }
1699
1700 STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
1701         {
1702         int i;
1703         X509 *x;
1704         STACK_OF(X509) *chain;
1705         if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;
1706         for (i = 0; i < sk_X509_num(chain); i++)
1707                 {
1708                 x = sk_X509_value(chain, i);
1709                 CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
1710                 }
1711         return chain;
1712         }
1713
1714 void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
1715         {
1716         ctx->cert=x;
1717         }
1718
1719 void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
1720         {
1721         ctx->untrusted=sk;
1722         }
1723
1724 void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
1725         {
1726         ctx->crls=sk;
1727         }
1728
1729 int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
1730         {
1731         return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
1732         }
1733
1734 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
1735         {
1736         return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
1737         }
1738
1739 /* This function is used to set the X509_STORE_CTX purpose and trust
1740  * values. This is intended to be used when another structure has its
1741  * own trust and purpose values which (if set) will be inherited by
1742  * the ctx. If they aren't set then we will usually have a default
1743  * purpose in mind which should then be used to set the trust value.
1744  * An example of this is SSL use: an SSL structure will have its own
1745  * purpose and trust settings which the application can set: if they
1746  * aren't set then we use the default of SSL client/server.
1747  */
1748
1749 int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
1750                                 int purpose, int trust)
1751 {
1752         int idx;
1753         /* If purpose not set use default */
1754         if (!purpose) purpose = def_purpose;
1755         /* If we have a purpose then check it is valid */
1756         if (purpose)
1757                 {
1758                 X509_PURPOSE *ptmp;
1759                 idx = X509_PURPOSE_get_by_id(purpose);
1760                 if (idx == -1)
1761                         {
1762                         X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
1763                                                 X509_R_UNKNOWN_PURPOSE_ID);
1764                         return 0;
1765                         }
1766                 ptmp = X509_PURPOSE_get0(idx);
1767                 if (ptmp->trust == X509_TRUST_DEFAULT)
1768                         {
1769                         idx = X509_PURPOSE_get_by_id(def_purpose);
1770                         if (idx == -1)
1771                                 {
1772                                 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
1773                                                 X509_R_UNKNOWN_PURPOSE_ID);
1774                                 return 0;
1775                                 }
1776                         ptmp = X509_PURPOSE_get0(idx);
1777                         }
1778                 /* If trust not set then get from purpose default */
1779                 if (!trust) trust = ptmp->trust;
1780                 }
1781         if (trust)
1782                 {
1783                 idx = X509_TRUST_get_by_id(trust);
1784                 if (idx == -1)
1785                         {
1786                         X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
1787                                                 X509_R_UNKNOWN_TRUST_ID);
1788                         return 0;
1789                         }
1790                 }
1791
1792         if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose;
1793         if (trust && !ctx->param->trust) ctx->param->trust = trust;
1794         return 1;
1795 }
1796
1797 X509_STORE_CTX *X509_STORE_CTX_new(void)
1798 {
1799         X509_STORE_CTX *ctx;
1800         ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
1801         if (!ctx)
1802                 {
1803                 X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE);
1804                 return NULL;
1805                 }
1806         memset(ctx, 0, sizeof(X509_STORE_CTX));
1807         return ctx;
1808 }
1809
1810 void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
1811 {
1812         X509_STORE_CTX_cleanup(ctx);
1813         OPENSSL_free(ctx);
1814 }
1815
1816 int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
1817              STACK_OF(X509) *chain)
1818         {
1819         int ret = 1;
1820         ctx->ctx=store;
1821         ctx->current_method=0;
1822         ctx->cert=x509;
1823         ctx->untrusted=chain;
1824         ctx->crls = NULL;
1825         ctx->last_untrusted=0;
1826         ctx->other_ctx=NULL;
1827         ctx->valid=0;
1828         ctx->chain=NULL;
1829         ctx->error=0;
1830         ctx->explicit_policy=0;
1831         ctx->error_depth=0;
1832         ctx->current_cert=NULL;
1833         ctx->current_issuer=NULL;
1834         ctx->tree = NULL;
1835         ctx->parent = NULL;
1836
1837         ctx->param = X509_VERIFY_PARAM_new();
1838
1839         if (!ctx->param)
1840                 {
1841                 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
1842                 return 0;
1843                 }
1844
1845         /* Inherit callbacks and flags from X509_STORE if not set
1846          * use defaults.
1847          */
1848
1849
1850         if (store)
1851                 ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
1852         else
1853                 ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE;
1854
1855         if (store)
1856                 {
1857                 ctx->verify_cb = store->verify_cb;
1858                 ctx->cleanup = store->cleanup;
1859                 }
1860         else
1861                 ctx->cleanup = 0;
1862
1863         if (ret)
1864                 ret = X509_VERIFY_PARAM_inherit(ctx->param,
1865                                         X509_VERIFY_PARAM_lookup("default"));
1866
1867         if (ret == 0)
1868                 {
1869                 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
1870                 return 0;
1871                 }
1872
1873         if (store && store->check_issued)
1874                 ctx->check_issued = store->check_issued;
1875         else
1876                 ctx->check_issued = check_issued;
1877
1878         if (store && store->get_issuer)
1879                 ctx->get_issuer = store->get_issuer;
1880         else
1881                 ctx->get_issuer = X509_STORE_CTX_get1_issuer;
1882
1883         if (store && store->verify_cb)
1884                 ctx->verify_cb = store->verify_cb;
1885         else
1886                 ctx->verify_cb = null_callback;
1887
1888         if (store && store->verify)
1889                 ctx->verify = store->verify;
1890         else
1891                 ctx->verify = internal_verify;
1892
1893         if (store && store->check_revocation)
1894                 ctx->check_revocation = store->check_revocation;
1895         else
1896                 ctx->check_revocation = check_revocation;
1897
1898         if (store && store->get_crl)
1899                 ctx->get_crl = store->get_crl;
1900         else
1901                 ctx->get_crl = get_crl;
1902
1903         if (store && store->check_crl)
1904                 ctx->check_crl = store->check_crl;
1905         else
1906                 ctx->check_crl = check_crl;
1907
1908         if (store && store->cert_crl)
1909                 ctx->cert_crl = store->cert_crl;
1910         else
1911                 ctx->cert_crl = cert_crl;
1912
1913         if (store && store->lookup_certs)
1914                 ctx->lookup_certs = store->lookup_certs;
1915         else
1916                 ctx->lookup_certs = X509_STORE_get1_certs;
1917
1918         if (store && store->lookup_crls)
1919                 ctx->lookup_crls = store->lookup_crls;
1920         else
1921                 ctx->lookup_crls = X509_STORE_get1_crls;
1922
1923         ctx->check_policy = check_policy;
1924
1925
1926         /* This memset() can't make any sense anyway, so it's removed. As
1927          * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
1928          * corresponding "new" here and remove this bogus initialisation. */
1929         /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */
1930         if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
1931                                 &(ctx->ex_data)))
1932                 {
1933                 OPENSSL_free(ctx);
1934                 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
1935                 return 0;
1936                 }
1937         return 1;
1938         }
1939
1940 /* Set alternative lookup method: just a STACK of trusted certificates.
1941  * This avoids X509_STORE nastiness where it isn't needed.
1942  */
1943
1944 void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
1945 {
1946         ctx->other_ctx = sk;
1947         ctx->get_issuer = get_issuer_sk;
1948 }
1949
1950 void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
1951         {
1952         if (ctx->cleanup) ctx->cleanup(ctx);
1953         if (ctx->param != NULL)
1954                 {
1955                 if (ctx->parent == NULL)
1956                         X509_VERIFY_PARAM_free(ctx->param);
1957                 ctx->param=NULL;
1958                 }
1959         if (ctx->tree != NULL)
1960                 {
1961                 X509_policy_tree_free(ctx->tree);
1962                 ctx->tree=NULL;
1963                 }
1964         if (ctx->chain != NULL)
1965                 {
1966                 sk_X509_pop_free(ctx->chain,X509_free);
1967                 ctx->chain=NULL;
1968                 }
1969         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
1970         memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
1971         }
1972
1973 void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
1974         {
1975         X509_VERIFY_PARAM_set_depth(ctx->param, depth);
1976         }
1977
1978 void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
1979         {
1980         X509_VERIFY_PARAM_set_flags(ctx->param, flags);
1981         }
1982
1983 void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t)
1984         {
1985         X509_VERIFY_PARAM_set_time(ctx->param, t);
1986         }
1987
1988 void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
1989                                   int (*verify_cb)(int, X509_STORE_CTX *))
1990         {
1991         ctx->verify_cb=verify_cb;
1992         }
1993
1994 X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
1995         {
1996         return ctx->tree;
1997         }
1998
1999 int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
2000         {
2001         return ctx->explicit_policy;
2002         }
2003
2004 int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
2005         {
2006         const X509_VERIFY_PARAM *param;
2007         param = X509_VERIFY_PARAM_lookup(name);
2008         if (!param)
2009                 return 0;
2010         return X509_VERIFY_PARAM_inherit(ctx->param, param);
2011         }
2012
2013 X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
2014         {
2015         return ctx->param;
2016         }
2017
2018 void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
2019         {
2020         if (ctx->param)
2021                 X509_VERIFY_PARAM_free(ctx->param);
2022         ctx->param = param;
2023         }
2024
2025 IMPLEMENT_STACK_OF(X509)
2026 IMPLEMENT_ASN1_SET_OF(X509)
2027
2028 IMPLEMENT_STACK_OF(X509_NAME)
2029
2030 IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
2031 IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)