de075267bc57921993bceb93d261105d760b357d
[openssl.git] / crypto / x509 / x509_vfy.c
1 /* crypto/x509/x509_vfy.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58
59 #include <stdio.h>
60 #include <time.h>
61 #include <errno.h>
62
63 #include "cryptlib.h"
64 #include <openssl/crypto.h>
65 #include <openssl/lhash.h>
66 #include <openssl/buffer.h>
67 #include <openssl/evp.h>
68 #include <openssl/asn1.h>
69 #include <openssl/x509.h>
70 #include <openssl/x509v3.h>
71 #include <openssl/objects.h>
72
73 /* CRL score values */
74
75 /* No unhandled critical extensions */
76
77 #define CRL_SCORE_NOCRITICAL    0x100
78
79 /* certificate is within CRL scope */
80
81 #define CRL_SCORE_SCOPE         0x080
82
83 /* CRL times valid */
84
85 #define CRL_SCORE_TIME          0x040
86
87 /* Issuer name matches certificate */
88
89 #define CRL_SCORE_ISSUER_NAME   0x020
90
91 /* If this score or above CRL is probably valid */
92
93 #define CRL_SCORE_VALID (CRL_SCORE_NOCRITICAL|CRL_SCORE_TIME|CRL_SCORE_SCOPE)
94
95 /* CRL issuer is certificate issuer */
96
97 #define CRL_SCORE_ISSUER_CERT   0x018
98
99 /* CRL issuer is on certificate path */
100
101 #define CRL_SCORE_SAME_PATH     0x008
102
103 /* CRL issuer matches CRL AKID */
104
105 #define CRL_SCORE_AKID          0x004
106
107 /* Have a delta CRL with valid times */
108
109 #define CRL_SCORE_TIME_DELTA    0x002
110
111 static int null_callback(int ok,X509_STORE_CTX *e);
112 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
113 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
114 static int check_chain_extensions(X509_STORE_CTX *ctx);
115 static int check_name_constraints(X509_STORE_CTX *ctx);
116 static int check_id(X509_STORE_CTX *ctx);
117 static int check_trust(X509_STORE_CTX *ctx);
118 static int check_revocation(X509_STORE_CTX *ctx);
119 static int check_cert(X509_STORE_CTX *ctx);
120 static int check_policy(X509_STORE_CTX *ctx);
121
122 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
123                         unsigned int *preasons,
124                         X509_CRL *crl, X509 *x);
125 static int get_crl_delta(X509_STORE_CTX *ctx,
126                                 X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x);
127 static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pcrl_score,
128                         X509_CRL *base, STACK_OF(X509_CRL) *crls);
129 static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
130                                 X509 **pissuer, int *pcrl_score);
131 static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
132                                 unsigned int *preasons);
133 static int check_crl_path(X509_STORE_CTX *ctx, X509 *x);
134 static int check_crl_chain(X509_STORE_CTX *ctx,
135                         STACK_OF(X509) *cert_path,
136                         STACK_OF(X509) *crl_path);
137
138 static int internal_verify(X509_STORE_CTX *ctx);
139 const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT;
140
141
142 static int null_callback(int ok, X509_STORE_CTX *e)
143         {
144         return ok;
145         }
146
147 #if 0
148 static int x509_subject_cmp(X509 **a, X509 **b)
149         {
150         return X509_subject_name_cmp(*a,*b);
151         }
152 #endif
153
154 int X509_verify_cert(X509_STORE_CTX *ctx)
155         {
156         X509 *x,*xtmp,*chain_ss=NULL;
157         int bad_chain = 0;
158         X509_VERIFY_PARAM *param = ctx->param;
159         int depth,i,ok=0;
160         int num;
161         int (*cb)(int xok,X509_STORE_CTX *xctx);
162         STACK_OF(X509) *sktmp=NULL;
163         if (ctx->cert == NULL)
164                 {
165                 X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
166                 return -1;
167                 }
168
169         cb=ctx->verify_cb;
170
171         /* first we make sure the chain we are going to build is
172          * present and that the first entry is in place */
173         if (ctx->chain == NULL)
174                 {
175                 if (    ((ctx->chain=sk_X509_new_null()) == NULL) ||
176                         (!sk_X509_push(ctx->chain,ctx->cert)))
177                         {
178                         X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
179                         goto end;
180                         }
181                 CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
182                 ctx->last_untrusted=1;
183                 }
184
185         /* We use a temporary STACK so we can chop and hack at it */
186         if (ctx->untrusted != NULL
187             && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
188                 {
189                 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
190                 goto end;
191                 }
192
193         num=sk_X509_num(ctx->chain);
194         x=sk_X509_value(ctx->chain,num-1);
195         depth=param->depth;
196
197
198         for (;;)
199                 {
200                 /* If we have enough, we break */
201                 if (depth < num) break; /* FIXME: If this happens, we should take
202                                          * note of it and, if appropriate, use the
203                                          * X509_V_ERR_CERT_CHAIN_TOO_LONG error
204                                          * code later.
205                                          */
206
207                 /* If we are self signed, we break */
208                 if (ctx->check_issued(ctx, x,x)) break;
209
210                 /* If asked see if we can find issuer in trusted store first */
211                 if (ctx->param->flags & X509_V_FLAG_TRUSTED_FIRST)
212                         {
213                         ok = ctx->get_issuer(&xtmp, ctx, x);
214                         if (ok < 0)
215                                 return ok;
216                         /* If successful for now free up cert so it
217                          * will be picked up again later.
218                          */
219                         if (ok > 0)
220                                 {
221                                 X509_free(xtmp);
222                                 break;
223                                 }
224                         }
225
226                 /* If we were passed a cert chain, use it first */
227                 if (ctx->untrusted != NULL)
228                         {
229                         xtmp=find_issuer(ctx, sktmp,x);
230                         if (xtmp != NULL)
231                                 {
232                                 if (!sk_X509_push(ctx->chain,xtmp))
233                                         {
234                                         X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
235                                         goto end;
236                                         }
237                                 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
238                                 (void)sk_X509_delete_ptr(sktmp,xtmp);
239                                 ctx->last_untrusted++;
240                                 x=xtmp;
241                                 num++;
242                                 /* reparse the full chain for
243                                  * the next one */
244                                 continue;
245                                 }
246                         }
247                 break;
248                 }
249
250         /* at this point, chain should contain a list of untrusted
251          * certificates.  We now need to add at least one trusted one,
252          * if possible, otherwise we complain. */
253
254         /* Examine last certificate in chain and see if it
255          * is self signed.
256          */
257
258         i=sk_X509_num(ctx->chain);
259         x=sk_X509_value(ctx->chain,i-1);
260         if (ctx->check_issued(ctx, x, x))
261                 {
262                 /* we have a self signed certificate */
263                 if (sk_X509_num(ctx->chain) == 1)
264                         {
265                         /* We have a single self signed certificate: see if
266                          * we can find it in the store. We must have an exact
267                          * match to avoid possible impersonation.
268                          */
269                         ok = ctx->get_issuer(&xtmp, ctx, x);
270                         if ((ok <= 0) || X509_cmp(x, xtmp)) 
271                                 {
272                                 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
273                                 ctx->current_cert=x;
274                                 ctx->error_depth=i-1;
275                                 if (ok == 1) X509_free(xtmp);
276                                 bad_chain = 1;
277                                 ok=cb(0,ctx);
278                                 if (!ok) goto end;
279                                 }
280                         else 
281                                 {
282                                 /* We have a match: replace certificate with store version
283                                  * so we get any trust settings.
284                                  */
285                                 X509_free(x);
286                                 x = xtmp;
287                                 (void)sk_X509_set(ctx->chain, i - 1, x);
288                                 ctx->last_untrusted=0;
289                                 }
290                         }
291                 else
292                         {
293                         /* extract and save self signed certificate for later use */
294                         chain_ss=sk_X509_pop(ctx->chain);
295                         ctx->last_untrusted--;
296                         num--;
297                         x=sk_X509_value(ctx->chain,num-1);
298                         }
299                 }
300
301         /* We now lookup certs from the certificate store */
302         for (;;)
303                 {
304                 /* If we have enough, we break */
305                 if (depth < num) break;
306
307                 /* If we are self signed, we break */
308                 if (ctx->check_issued(ctx,x,x)) break;
309
310                 ok = ctx->get_issuer(&xtmp, ctx, x);
311
312                 if (ok < 0) return ok;
313                 if (ok == 0) break;
314
315                 x = xtmp;
316                 if (!sk_X509_push(ctx->chain,x))
317                         {
318                         X509_free(xtmp);
319                         X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
320                         return 0;
321                         }
322                 num++;
323                 }
324
325         /* we now have our chain, lets check it... */
326
327         i = check_trust(ctx);
328
329         /* If explicitly rejected error */
330         if (i == X509_TRUST_REJECTED)
331                 goto end;
332         /* If not explicitly trusted then indicate error */
333         if (i != X509_TRUST_TRUSTED)
334                 {
335                 if ((chain_ss == NULL) || !ctx->check_issued(ctx, x, chain_ss))
336                         {
337                         if (ctx->last_untrusted >= num)
338                                 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
339                         else
340                                 ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
341                         ctx->current_cert=x;
342                         }
343                 else
344                         {
345
346                         sk_X509_push(ctx->chain,chain_ss);
347                         num++;
348                         ctx->last_untrusted=num;
349                         ctx->current_cert=chain_ss;
350                         ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
351                         chain_ss=NULL;
352                         }
353
354                 ctx->error_depth=num-1;
355                 bad_chain = 1;
356                 ok=cb(0,ctx);
357                 if (!ok) goto end;
358                 }
359
360         /* We have the chain complete: now we need to check its purpose */
361         ok = check_chain_extensions(ctx);
362
363         if (!ok) goto end;
364
365         /* Check name constraints */
366
367         ok = check_name_constraints(ctx);
368         
369         if (!ok) goto end;
370
371         ok = check_id(ctx);
372
373         if (!ok) goto end;
374
375         /* We may as well copy down any DSA parameters that are required */
376         X509_get_pubkey_parameters(NULL,ctx->chain);
377
378         /* Check revocation status: we do this after copying parameters
379          * because they may be needed for CRL signature verification.
380          */
381
382         ok = ctx->check_revocation(ctx);
383         if(!ok) goto end;
384
385         /* At this point, we have a chain and need to verify it */
386         if (ctx->verify != NULL)
387                 ok=ctx->verify(ctx);
388         else
389                 ok=internal_verify(ctx);
390         if(!ok) goto end;
391
392 #ifndef OPENSSL_NO_RFC3779
393         /* RFC 3779 path validation, now that CRL check has been done */
394         ok = v3_asid_validate_path(ctx);
395         if (!ok) goto end;
396         ok = v3_addr_validate_path(ctx);
397         if (!ok) goto end;
398 #endif
399
400         /* If we get this far evaluate policies */
401         if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
402                 ok = ctx->check_policy(ctx);
403         if(!ok) goto end;
404         if (0)
405                 {
406 end:
407                 X509_get_pubkey_parameters(NULL,ctx->chain);
408                 }
409         if (sktmp != NULL) sk_X509_free(sktmp);
410         if (chain_ss != NULL) X509_free(chain_ss);
411         return ok;
412         }
413
414
415 /* Given a STACK_OF(X509) find the issuer of cert (if any)
416  */
417
418 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x)
419 {
420         int i;
421         X509 *issuer;
422         for (i = 0; i < sk_X509_num(sk); i++)
423                 {
424                 issuer = sk_X509_value(sk, i);
425                 if (ctx->check_issued(ctx, x, issuer))
426                         return issuer;
427                 }
428         return NULL;
429 }
430
431 /* Given a possible certificate and issuer check them */
432
433 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
434 {
435         int ret;
436         ret = X509_check_issued(issuer, x);
437         if (ret == X509_V_OK)
438                 return 1;
439         /* If we haven't asked for issuer errors don't set ctx */
440         if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK))
441                 return 0;
442
443         ctx->error = ret;
444         ctx->current_cert = x;
445         ctx->current_issuer = issuer;
446         return ctx->verify_cb(0, ctx);
447         return 0;
448 }
449
450 /* Alternative lookup method: look from a STACK stored in other_ctx */
451
452 static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
453 {
454         *issuer = find_issuer(ctx, ctx->other_ctx, x);
455         if (*issuer)
456                 {
457                 CRYPTO_add(&(*issuer)->references,1,CRYPTO_LOCK_X509);
458                 return 1;
459                 }
460         else
461                 return 0;
462 }
463         
464
465 /* Check a certificate chains extensions for consistency
466  * with the supplied purpose
467  */
468
469 static int check_chain_extensions(X509_STORE_CTX *ctx)
470 {
471 #ifdef OPENSSL_NO_CHAIN_VERIFY
472         return 1;
473 #else
474         int i, ok=0, must_be_ca, plen = 0;
475         X509 *x;
476         int (*cb)(int xok,X509_STORE_CTX *xctx);
477         int proxy_path_length = 0;
478         int purpose;
479         int allow_proxy_certs;
480         cb=ctx->verify_cb;
481
482         /* must_be_ca can have 1 of 3 values:
483            -1: we accept both CA and non-CA certificates, to allow direct
484                use of self-signed certificates (which are marked as CA).
485            0:  we only accept non-CA certificates.  This is currently not
486                used, but the possibility is present for future extensions.
487            1:  we only accept CA certificates.  This is currently used for
488                all certificates in the chain except the leaf certificate.
489         */
490         must_be_ca = -1;
491
492         /* CRL path validation */
493         if (ctx->parent)
494                 {
495                 allow_proxy_certs = 0;
496                 purpose = X509_PURPOSE_CRL_SIGN;
497                 }
498         else
499                 {
500                 allow_proxy_certs =
501                         !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
502                 /* A hack to keep people who don't want to modify their
503                    software happy */
504                 if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
505                         allow_proxy_certs = 1;
506                 purpose = ctx->param->purpose;
507                 }
508
509         /* Check all untrusted certificates */
510         for (i = 0; i < ctx->last_untrusted; i++)
511                 {
512                 int ret;
513                 x = sk_X509_value(ctx->chain, i);
514                 if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
515                         && (x->ex_flags & EXFLAG_CRITICAL))
516                         {
517                         ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
518                         ctx->error_depth = i;
519                         ctx->current_cert = x;
520                         ok=cb(0,ctx);
521                         if (!ok) goto end;
522                         }
523                 if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY))
524                         {
525                         ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
526                         ctx->error_depth = i;
527                         ctx->current_cert = x;
528                         ok=cb(0,ctx);
529                         if (!ok) goto end;
530                         }
531                 ret = X509_check_ca(x);
532                 switch(must_be_ca)
533                         {
534                 case -1:
535                         if ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
536                                 && (ret != 1) && (ret != 0))
537                                 {
538                                 ret = 0;
539                                 ctx->error = X509_V_ERR_INVALID_CA;
540                                 }
541                         else
542                                 ret = 1;
543                         break;
544                 case 0:
545                         if (ret != 0)
546                                 {
547                                 ret = 0;
548                                 ctx->error = X509_V_ERR_INVALID_NON_CA;
549                                 }
550                         else
551                                 ret = 1;
552                         break;
553                 default:
554                         if ((ret == 0)
555                                 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
556                                         && (ret != 1)))
557                                 {
558                                 ret = 0;
559                                 ctx->error = X509_V_ERR_INVALID_CA;
560                                 }
561                         else
562                                 ret = 1;
563                         break;
564                         }
565                 if (ret == 0)
566                         {
567                         ctx->error_depth = i;
568                         ctx->current_cert = x;
569                         ok=cb(0,ctx);
570                         if (!ok) goto end;
571                         }
572                 if (ctx->param->purpose > 0)
573                         {
574                         ret = X509_check_purpose(x, purpose, must_be_ca > 0);
575                         if ((ret == 0)
576                                 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT)
577                                         && (ret != 1)))
578                                 {
579                                 ctx->error = X509_V_ERR_INVALID_PURPOSE;
580                                 ctx->error_depth = i;
581                                 ctx->current_cert = x;
582                                 ok=cb(0,ctx);
583                                 if (!ok) goto end;
584                                 }
585                         }
586                 /* Check pathlen if not self issued */
587                 if ((i > 1) && !(x->ex_flags & EXFLAG_SI)
588                            && (x->ex_pathlen != -1)
589                            && (plen > (x->ex_pathlen + proxy_path_length + 1)))
590                         {
591                         ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
592                         ctx->error_depth = i;
593                         ctx->current_cert = x;
594                         ok=cb(0,ctx);
595                         if (!ok) goto end;
596                         }
597                 /* Increment path length if not self issued */
598                 if (!(x->ex_flags & EXFLAG_SI))
599                         plen++;
600                 /* If this certificate is a proxy certificate, the next
601                    certificate must be another proxy certificate or a EE
602                    certificate.  If not, the next certificate must be a
603                    CA certificate.  */
604                 if (x->ex_flags & EXFLAG_PROXY)
605                         {
606                         if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen)
607                                 {
608                                 ctx->error =
609                                         X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
610                                 ctx->error_depth = i;
611                                 ctx->current_cert = x;
612                                 ok=cb(0,ctx);
613                                 if (!ok) goto end;
614                                 }
615                         proxy_path_length++;
616                         must_be_ca = 0;
617                         }
618                 else
619                         must_be_ca = 1;
620                 }
621         ok = 1;
622  end:
623         return ok;
624 #endif
625 }
626
627 static int check_name_constraints(X509_STORE_CTX *ctx)
628         {
629         X509 *x;
630         int i, j, rv;
631         /* Check name constraints for all certificates */
632         for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
633                 {
634                 x = sk_X509_value(ctx->chain, i);
635                 /* Ignore self issued certs unless last in chain */
636                 if (i && (x->ex_flags & EXFLAG_SI))
637                         continue;
638                 /* Check against constraints for all certificates higher in
639                  * chain including trust anchor. Trust anchor not strictly
640                  * speaking needed but if it includes constraints it is to be
641                  * assumed it expects them to be obeyed.
642                  */
643                 for (j = sk_X509_num(ctx->chain) - 1; j > i; j--)
644                         {
645                         NAME_CONSTRAINTS *nc = sk_X509_value(ctx->chain, j)->nc;
646                         if (nc)
647                                 {
648                                 rv = NAME_CONSTRAINTS_check(x, nc);
649                                 if (rv != X509_V_OK)
650                                         {
651                                         ctx->error = rv;
652                                         ctx->error_depth = i;
653                                         ctx->current_cert = x;
654                                         if (!ctx->verify_cb(0,ctx))
655                                                 return 0;
656                                         }
657                                 }
658                         }
659                 }
660         return 1;
661         }
662
663 static int check_id_error(X509_STORE_CTX *ctx, int errcode)
664         {
665         ctx->error = errcode;
666         ctx->current_cert = ctx->cert;
667         ctx->error_depth = 0;
668         return ctx->verify_cb(0, ctx);
669         }
670
671 static int check_id(X509_STORE_CTX *ctx)
672         {
673         X509_VERIFY_PARAM *vpm = ctx->param;
674         X509 *x = ctx->cert;
675         if (vpm->host && !X509_check_host(x, vpm->host, vpm->hostlen, 0))
676                 {
677                 if (!check_id_error(ctx, X509_V_ERR_HOSTNAME_MISMATCH))
678                         return 0;
679                 }
680         if (vpm->email && !X509_check_email(x, vpm->email, vpm->emaillen, 0))
681                 {
682                 if (!check_id_error(ctx, X509_V_ERR_EMAIL_MISMATCH))
683                         return 0;
684                 }
685         if (vpm->ip && !X509_check_ip(x, vpm->ip, vpm->iplen, 0))
686                 {
687                 if (!check_id_error(ctx, X509_V_ERR_IP_ADDRESS_MISMATCH))
688                         return 0;
689                 }
690         return 1;
691         }
692
693 static int check_trust(X509_STORE_CTX *ctx)
694 {
695         int i, ok;
696         X509 *x = NULL;
697         int (*cb)(int xok,X509_STORE_CTX *xctx);
698         cb=ctx->verify_cb;
699         /* Check all trusted certificates in chain */
700         for (i = ctx->last_untrusted; i < sk_X509_num(ctx->chain); i++)
701                 {
702                 x = sk_X509_value(ctx->chain, i);
703                 ok = X509_check_trust(x, ctx->param->trust, 0);
704                 /* If explicitly trusted return trusted */
705                 if (ok == X509_TRUST_TRUSTED)
706                         return X509_TRUST_TRUSTED;
707                 /* If explicitly rejected notify callback and reject if
708                  * not overridden.
709                  */
710                 if (ok == X509_TRUST_REJECTED)
711                         {
712                         ctx->error_depth = i;
713                         ctx->current_cert = x;
714                         ctx->error = X509_V_ERR_CERT_REJECTED;
715                         ok = cb(0, ctx);
716                         if (!ok)
717                                 return X509_TRUST_REJECTED;
718                         }
719                 }
720         /* If we accept partial chains and have at least one trusted
721          * certificate return success.
722          */
723         if (ctx->param->flags & X509_V_FLAG_PARTIAL_CHAIN)
724                 {
725                 if (ctx->last_untrusted < sk_X509_num(ctx->chain))
726                         return X509_TRUST_TRUSTED;
727                 }
728
729         /* If no trusted certs in chain at all return untrusted and
730          * allow standard (no issuer cert) etc errors to be indicated.
731          */
732         return X509_TRUST_UNTRUSTED;
733 }
734
735 static int check_revocation(X509_STORE_CTX *ctx)
736         {
737         int i, last, ok;
738         if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK))
739                 return 1;
740         if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL)
741                 last = sk_X509_num(ctx->chain) - 1;
742         else
743                 {
744                 /* If checking CRL paths this isn't the EE certificate */
745                 if (ctx->parent)
746                         return 1;
747                 last = 0;
748                 }
749         for(i = 0; i <= last; i++)
750                 {
751                 ctx->error_depth = i;
752                 ok = check_cert(ctx);
753                 if (!ok) return ok;
754                 }
755         return 1;
756         }
757
758 static int check_cert(X509_STORE_CTX *ctx)
759         {
760         X509_CRL *crl = NULL, *dcrl = NULL;
761         X509 *x;
762         int ok, cnum;
763         cnum = ctx->error_depth;
764         x = sk_X509_value(ctx->chain, cnum);
765         ctx->current_cert = x;
766         ctx->current_issuer = NULL;
767         ctx->current_crl_score = 0;
768         ctx->current_reasons = 0;
769         while (ctx->current_reasons != CRLDP_ALL_REASONS)
770                 {
771                 /* Try to retrieve relevant CRL */
772                 if (ctx->get_crl)
773                         ok = ctx->get_crl(ctx, &crl, x);
774                 else
775                         ok = get_crl_delta(ctx, &crl, &dcrl, x);
776                 /* If error looking up CRL, nothing we can do except
777                  * notify callback
778                  */
779                 if(!ok)
780                         {
781                         ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
782                         ok = ctx->verify_cb(0, ctx);
783                         goto err;
784                         }
785                 ctx->current_crl = crl;
786                 ok = ctx->check_crl(ctx, crl);
787                 if (!ok)
788                         goto err;
789
790                 if (dcrl)
791                         {
792                         ok = ctx->check_crl(ctx, dcrl);
793                         if (!ok)
794                                 goto err;
795                         ok = ctx->cert_crl(ctx, dcrl, x);
796                         if (!ok)
797                                 goto err;
798                         }
799                 else
800                         ok = 1;
801
802                 /* Don't look in full CRL if delta reason is removefromCRL */
803                 if (ok != 2)
804                         {
805                         ok = ctx->cert_crl(ctx, crl, x);
806                         if (!ok)
807                                 goto err;
808                         }
809
810                 X509_CRL_free(crl);
811                 X509_CRL_free(dcrl);
812                 crl = NULL;
813                 dcrl = NULL;
814                 }
815         err:
816         X509_CRL_free(crl);
817         X509_CRL_free(dcrl);
818
819         ctx->current_crl = NULL;
820         return ok;
821
822         }
823
824 /* Check CRL times against values in X509_STORE_CTX */
825
826 static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
827         {
828         time_t *ptime;
829         int i;
830         if (notify)
831                 ctx->current_crl = crl;
832         if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
833                 ptime = &ctx->param->check_time;
834         else
835                 ptime = NULL;
836
837         i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
838         if (i == 0)
839                 {
840                 if (!notify)
841                         return 0;
842                 ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
843                 if (!ctx->verify_cb(0, ctx))
844                         return 0;
845                 }
846
847         if (i > 0)
848                 {
849                 if (!notify)
850                         return 0;
851                 ctx->error=X509_V_ERR_CRL_NOT_YET_VALID;
852                 if (!ctx->verify_cb(0, ctx))
853                         return 0;
854                 }
855
856         if(X509_CRL_get_nextUpdate(crl))
857                 {
858                 i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
859
860                 if (i == 0)
861                         {
862                         if (!notify)
863                                 return 0;
864                         ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
865                         if (!ctx->verify_cb(0, ctx))
866                                 return 0;
867                         }
868                 /* Ignore expiry of base CRL is delta is valid */
869                 if ((i < 0) && !(ctx->current_crl_score & CRL_SCORE_TIME_DELTA))
870                         {
871                         if (!notify)
872                                 return 0;
873                         ctx->error=X509_V_ERR_CRL_HAS_EXPIRED;
874                         if (!ctx->verify_cb(0, ctx))
875                                 return 0;
876                         }
877                 }
878
879         if (notify)
880                 ctx->current_crl = NULL;
881
882         return 1;
883         }
884
885 static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509_CRL **pdcrl,
886                         X509 **pissuer, int *pscore, unsigned int *preasons,
887                         STACK_OF(X509_CRL) *crls)
888         {
889         int i, crl_score, best_score = *pscore;
890         unsigned int reasons, best_reasons = 0;
891         X509 *x = ctx->current_cert;
892         X509_CRL *crl, *best_crl = NULL;
893         X509 *crl_issuer = NULL, *best_crl_issuer = NULL;
894
895         for (i = 0; i < sk_X509_CRL_num(crls); i++)
896                 {
897                 crl = sk_X509_CRL_value(crls, i);
898                 reasons = *preasons;
899                 crl_score = get_crl_score(ctx, &crl_issuer, &reasons, crl, x);
900
901                 if (crl_score > best_score)
902                         {
903                         best_crl = crl;
904                         best_crl_issuer = crl_issuer;
905                         best_score = crl_score;
906                         best_reasons = reasons;
907                         }
908                 }
909
910         if (best_crl)
911                 {
912                 if (*pcrl)
913                         X509_CRL_free(*pcrl);
914                 *pcrl = best_crl;
915                 *pissuer = best_crl_issuer;
916                 *pscore = best_score;
917                 *preasons = best_reasons;
918                 CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509_CRL);
919                 if (*pdcrl)
920                         {
921                         X509_CRL_free(*pdcrl);
922                         *pdcrl = NULL;
923                         }
924                 get_delta_sk(ctx, pdcrl, pscore, best_crl, crls);
925                 }
926
927         if (best_score >= CRL_SCORE_VALID)
928                 return 1;
929
930         return 0;
931         }
932
933 /* Compare two CRL extensions for delta checking purposes. They should be
934  * both present or both absent. If both present all fields must be identical.
935  */
936
937 static int crl_extension_match(X509_CRL *a, X509_CRL *b, int nid)
938         {
939         ASN1_OCTET_STRING *exta, *extb;
940         int i;
941         i = X509_CRL_get_ext_by_NID(a, nid, -1);
942         if (i >= 0)
943                 {
944                 /* Can't have multiple occurrences */
945                 if (X509_CRL_get_ext_by_NID(a, nid, i) != -1)
946                         return 0;
947                 exta = X509_EXTENSION_get_data(X509_CRL_get_ext(a, i));
948                 }
949         else
950                 exta = NULL;
951
952         i = X509_CRL_get_ext_by_NID(b, nid, -1);
953
954         if (i >= 0)
955                 {
956
957                 if (X509_CRL_get_ext_by_NID(b, nid, i) != -1)
958                         return 0;
959                 extb = X509_EXTENSION_get_data(X509_CRL_get_ext(b, i));
960                 }
961         else
962                 extb = NULL;
963
964         if (!exta && !extb)
965                 return 1;
966
967         if (!exta || !extb)
968                 return 0;
969
970
971         if (ASN1_OCTET_STRING_cmp(exta, extb))
972                 return 0;
973
974         return 1;
975         }
976
977 /* See if a base and delta are compatible */
978
979 static int check_delta_base(X509_CRL *delta, X509_CRL *base)
980         {
981         /* Delta CRL must be a delta */
982         if (!delta->base_crl_number)
983                         return 0;
984         /* Base must have a CRL number */
985         if (!base->crl_number)
986                         return 0;
987         /* Issuer names must match */
988         if (X509_NAME_cmp(X509_CRL_get_issuer(base),
989                                 X509_CRL_get_issuer(delta)))
990                 return 0;
991         /* AKID and IDP must match */
992         if (!crl_extension_match(delta, base, NID_authority_key_identifier))
993                         return 0;
994         if (!crl_extension_match(delta, base, NID_issuing_distribution_point))
995                         return 0;
996         /* Delta CRL base number must not exceed Full CRL number. */
997         if (ASN1_INTEGER_cmp(delta->base_crl_number, base->crl_number) > 0)
998                         return 0;
999         /* Delta CRL number must exceed full CRL number */
1000         if (ASN1_INTEGER_cmp(delta->crl_number, base->crl_number) > 0)
1001                         return 1;
1002         return 0;
1003         }
1004
1005 /* For a given base CRL find a delta... maybe extend to delta scoring
1006  * or retrieve a chain of deltas...
1007  */
1008
1009 static void get_delta_sk(X509_STORE_CTX *ctx, X509_CRL **dcrl, int *pscore,
1010                         X509_CRL *base, STACK_OF(X509_CRL) *crls)
1011         {
1012         X509_CRL *delta;
1013         int i;
1014         if (!(ctx->param->flags & X509_V_FLAG_USE_DELTAS))
1015                 return;
1016         if (!((ctx->current_cert->ex_flags | base->flags) & EXFLAG_FRESHEST))
1017                 return;
1018         for (i = 0; i < sk_X509_CRL_num(crls); i++)
1019                 {
1020                 delta = sk_X509_CRL_value(crls, i);
1021                 if (check_delta_base(delta, base))
1022                         {
1023                         if (check_crl_time(ctx, delta, 0))
1024                                 *pscore |= CRL_SCORE_TIME_DELTA;
1025                         CRYPTO_add(&delta->references, 1, CRYPTO_LOCK_X509_CRL);
1026                         *dcrl = delta;
1027                         return;
1028                         }
1029                 }
1030         *dcrl = NULL;
1031         }
1032
1033 /* For a given CRL return how suitable it is for the supplied certificate 'x'.
1034  * The return value is a mask of several criteria.
1035  * If the issuer is not the certificate issuer this is returned in *pissuer.
1036  * The reasons mask is also used to determine if the CRL is suitable: if
1037  * no new reasons the CRL is rejected, otherwise reasons is updated.
1038  */
1039
1040 static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
1041                         unsigned int *preasons,
1042                         X509_CRL *crl, X509 *x)
1043         {
1044
1045         int crl_score = 0;
1046         unsigned int tmp_reasons = *preasons, crl_reasons;
1047
1048         /* First see if we can reject CRL straight away */
1049
1050         /* Invalid IDP cannot be processed */
1051         if (crl->idp_flags & IDP_INVALID)
1052                 return 0;
1053         /* Reason codes or indirect CRLs need extended CRL support */
1054         if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
1055                 {
1056                 if (crl->idp_flags & (IDP_INDIRECT | IDP_REASONS))
1057                         return 0;
1058                 }
1059         else if (crl->idp_flags & IDP_REASONS)
1060                 {
1061                 /* If no new reasons reject */
1062                 if (!(crl->idp_reasons & ~tmp_reasons))
1063                         return 0;
1064                 }
1065         /* Don't process deltas at this stage */
1066         else if (crl->base_crl_number)
1067                 return 0;
1068         /* If issuer name doesn't match certificate need indirect CRL */
1069         if (X509_NAME_cmp(X509_get_issuer_name(x), X509_CRL_get_issuer(crl)))
1070                 {
1071                 if (!(crl->idp_flags & IDP_INDIRECT))
1072                         return 0;
1073                 }
1074         else
1075                 crl_score |= CRL_SCORE_ISSUER_NAME;
1076
1077         if (!(crl->flags & EXFLAG_CRITICAL))
1078                 crl_score |= CRL_SCORE_NOCRITICAL;
1079
1080         /* Check expiry */
1081         if (check_crl_time(ctx, crl, 0))
1082                 crl_score |= CRL_SCORE_TIME;
1083
1084         /* Check authority key ID and locate certificate issuer */
1085         crl_akid_check(ctx, crl, pissuer, &crl_score);
1086
1087         /* If we can't locate certificate issuer at this point forget it */
1088
1089         if (!(crl_score & CRL_SCORE_AKID))
1090                 return 0;
1091
1092         /* Check cert for matching CRL distribution points */
1093
1094         if (crl_crldp_check(x, crl, crl_score, &crl_reasons))
1095                 {
1096                 /* If no new reasons reject */
1097                 if (!(crl_reasons & ~tmp_reasons))
1098                         return 0;
1099                 tmp_reasons |= crl_reasons;
1100                 crl_score |= CRL_SCORE_SCOPE;
1101                 }
1102
1103         *preasons = tmp_reasons;
1104
1105         return crl_score;
1106
1107         }
1108
1109 static void crl_akid_check(X509_STORE_CTX *ctx, X509_CRL *crl,
1110                                 X509 **pissuer, int *pcrl_score)
1111         {
1112         X509 *crl_issuer = NULL;
1113         X509_NAME *cnm = X509_CRL_get_issuer(crl);
1114         int cidx = ctx->error_depth;
1115         int i;
1116
1117         if (cidx != sk_X509_num(ctx->chain) - 1)
1118                 cidx++;
1119
1120         crl_issuer = sk_X509_value(ctx->chain, cidx);
1121
1122         if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
1123                 {
1124                 if (*pcrl_score & CRL_SCORE_ISSUER_NAME)
1125                         {
1126                         *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_ISSUER_CERT;
1127                         *pissuer = crl_issuer;
1128                         return;
1129                         }
1130                 }
1131
1132         for (cidx++; cidx < sk_X509_num(ctx->chain); cidx++)
1133                 {
1134                 crl_issuer = sk_X509_value(ctx->chain, cidx);
1135                 if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
1136                         continue;
1137                 if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
1138                         {
1139                         *pcrl_score |= CRL_SCORE_AKID|CRL_SCORE_SAME_PATH;
1140                         *pissuer = crl_issuer;
1141                         return;
1142                         }
1143                 }
1144
1145         /* Anything else needs extended CRL support */
1146
1147         if (!(ctx->param->flags & X509_V_FLAG_EXTENDED_CRL_SUPPORT))
1148                 return;
1149
1150         /* Otherwise the CRL issuer is not on the path. Look for it in the
1151          * set of untrusted certificates.
1152          */
1153         for (i = 0; i < sk_X509_num(ctx->untrusted); i++)
1154                 {
1155                 crl_issuer = sk_X509_value(ctx->untrusted, i);
1156                 if (X509_NAME_cmp(X509_get_subject_name(crl_issuer), cnm))
1157                         continue;
1158                 if (X509_check_akid(crl_issuer, crl->akid) == X509_V_OK)
1159                         {
1160                         *pissuer = crl_issuer;
1161                         *pcrl_score |= CRL_SCORE_AKID;
1162                         return;
1163                         }
1164                 }
1165         }
1166
1167 /* Check the path of a CRL issuer certificate. This creates a new
1168  * X509_STORE_CTX and populates it with most of the parameters from the
1169  * parent. This could be optimised somewhat since a lot of path checking
1170  * will be duplicated by the parent, but this will rarely be used in 
1171  * practice.
1172  */
1173
1174 static int check_crl_path(X509_STORE_CTX *ctx, X509 *x)
1175         {
1176         X509_STORE_CTX crl_ctx;
1177         int ret;
1178         /* Don't allow recursive CRL path validation */
1179         if (ctx->parent)
1180                 return 0;
1181         if (!X509_STORE_CTX_init(&crl_ctx, ctx->ctx, x, ctx->untrusted))
1182                 return -1;
1183
1184         crl_ctx.crls = ctx->crls;
1185         /* Copy verify params across */
1186         X509_STORE_CTX_set0_param(&crl_ctx, ctx->param);
1187
1188         crl_ctx.parent = ctx;
1189         crl_ctx.verify_cb = ctx->verify_cb;
1190
1191         /* Verify CRL issuer */
1192         ret = X509_verify_cert(&crl_ctx);
1193
1194         if (ret <= 0)
1195                 goto err;
1196
1197         /* Check chain is acceptable */
1198
1199         ret = check_crl_chain(ctx, ctx->chain, crl_ctx.chain);
1200         err:
1201         X509_STORE_CTX_cleanup(&crl_ctx);
1202         return ret;
1203         }
1204
1205 /* RFC3280 says nothing about the relationship between CRL path
1206  * and certificate path, which could lead to situations where a
1207  * certificate could be revoked or validated by a CA not authorised
1208  * to do so. RFC5280 is more strict and states that the two paths must
1209  * end in the same trust anchor, though some discussions remain...
1210  * until this is resolved we use the RFC5280 version
1211  */
1212
1213 static int check_crl_chain(X509_STORE_CTX *ctx,
1214                         STACK_OF(X509) *cert_path,
1215                         STACK_OF(X509) *crl_path)
1216         {
1217         X509 *cert_ta, *crl_ta;
1218         cert_ta = sk_X509_value(cert_path, sk_X509_num(cert_path) - 1);
1219         crl_ta = sk_X509_value(crl_path, sk_X509_num(crl_path) - 1);
1220         if (!X509_cmp(cert_ta, crl_ta))
1221                 return 1;
1222         return 0;
1223         }
1224
1225 /* Check for match between two dist point names: three separate cases.
1226  * 1. Both are relative names and compare X509_NAME types.
1227  * 2. One full, one relative. Compare X509_NAME to GENERAL_NAMES.
1228  * 3. Both are full names and compare two GENERAL_NAMES.
1229  * 4. One is NULL: automatic match.
1230  */
1231
1232
1233 static int idp_check_dp(DIST_POINT_NAME *a, DIST_POINT_NAME *b)
1234         {
1235         X509_NAME *nm = NULL;
1236         GENERAL_NAMES *gens = NULL;
1237         GENERAL_NAME *gena, *genb;
1238         int i, j;
1239         if (!a || !b)
1240                 return 1;
1241         if (a->type == 1)
1242                 {
1243                 if (!a->dpname)
1244                         return 0;
1245                 /* Case 1: two X509_NAME */
1246                 if (b->type == 1)
1247                         {
1248                         if (!b->dpname)
1249                                 return 0;
1250                         if (!X509_NAME_cmp(a->dpname, b->dpname))
1251                                 return 1;
1252                         else
1253                                 return 0;
1254                         }
1255                 /* Case 2: set name and GENERAL_NAMES appropriately */
1256                 nm = a->dpname;
1257                 gens = b->name.fullname;
1258                 }
1259         else if (b->type == 1)
1260                 {
1261                 if (!b->dpname)
1262                         return 0;
1263                 /* Case 2: set name and GENERAL_NAMES appropriately */
1264                 gens = a->name.fullname;
1265                 nm = b->dpname;
1266                 }
1267
1268         /* Handle case 2 with one GENERAL_NAMES and one X509_NAME */
1269         if (nm)
1270                 {
1271                 for (i = 0; i < sk_GENERAL_NAME_num(gens); i++)
1272                         {
1273                         gena = sk_GENERAL_NAME_value(gens, i);  
1274                         if (gena->type != GEN_DIRNAME)
1275                                 continue;
1276                         if (!X509_NAME_cmp(nm, gena->d.directoryName))
1277                                 return 1;
1278                         }
1279                 return 0;
1280                 }
1281
1282         /* Else case 3: two GENERAL_NAMES */
1283
1284         for (i = 0; i < sk_GENERAL_NAME_num(a->name.fullname); i++)
1285                 {
1286                 gena = sk_GENERAL_NAME_value(a->name.fullname, i);
1287                 for (j = 0; j < sk_GENERAL_NAME_num(b->name.fullname); j++)
1288                         {
1289                         genb = sk_GENERAL_NAME_value(b->name.fullname, j);
1290                         if (!GENERAL_NAME_cmp(gena, genb))
1291                                 return 1;
1292                         }
1293                 }
1294
1295         return 0;
1296
1297         }
1298
1299 static int crldp_check_crlissuer(DIST_POINT *dp, X509_CRL *crl, int crl_score)
1300         {
1301         int i;
1302         X509_NAME *nm = X509_CRL_get_issuer(crl);
1303         /* If no CRLissuer return is successful iff don't need a match */
1304         if (!dp->CRLissuer)
1305                 return !!(crl_score & CRL_SCORE_ISSUER_NAME);
1306         for (i = 0; i < sk_GENERAL_NAME_num(dp->CRLissuer); i++)
1307                 {
1308                 GENERAL_NAME *gen = sk_GENERAL_NAME_value(dp->CRLissuer, i);
1309                 if (gen->type != GEN_DIRNAME)
1310                         continue;
1311                 if (!X509_NAME_cmp(gen->d.directoryName, nm))
1312                         return 1;
1313                 }
1314         return 0;
1315         }
1316
1317 /* Check CRLDP and IDP */
1318
1319 static int crl_crldp_check(X509 *x, X509_CRL *crl, int crl_score,
1320                                 unsigned int *preasons)
1321         {
1322         int i;
1323         if (crl->idp_flags & IDP_ONLYATTR)
1324                 return 0;
1325         if (x->ex_flags & EXFLAG_CA)
1326                 {
1327                 if (crl->idp_flags & IDP_ONLYUSER)
1328                         return 0;
1329                 }
1330         else
1331                 {
1332                 if (crl->idp_flags & IDP_ONLYCA)
1333                         return 0;
1334                 }
1335         *preasons = crl->idp_reasons;
1336         for (i = 0; i < sk_DIST_POINT_num(x->crldp); i++)
1337                 {
1338                 DIST_POINT *dp = sk_DIST_POINT_value(x->crldp, i);
1339                 if (crldp_check_crlissuer(dp, crl, crl_score))
1340                         {
1341                         if (!crl->idp ||
1342                              idp_check_dp(dp->distpoint, crl->idp->distpoint))
1343                                 {
1344                                 *preasons &= dp->dp_reasons;
1345                                 return 1;
1346                                 }
1347                         }
1348                 }
1349         if ((!crl->idp || !crl->idp->distpoint) && (crl_score & CRL_SCORE_ISSUER_NAME))
1350                 return 1;
1351         return 0;
1352         }
1353
1354 /* Retrieve CRL corresponding to current certificate.
1355  * If deltas enabled try to find a delta CRL too
1356  */
1357         
1358 static int get_crl_delta(X509_STORE_CTX *ctx,
1359                                 X509_CRL **pcrl, X509_CRL **pdcrl, X509 *x)
1360         {
1361         int ok;
1362         X509 *issuer = NULL;
1363         int crl_score = 0;
1364         unsigned int reasons;
1365         X509_CRL *crl = NULL, *dcrl = NULL;
1366         STACK_OF(X509_CRL) *skcrl;
1367         X509_NAME *nm = X509_get_issuer_name(x);
1368         reasons = ctx->current_reasons;
1369         ok = get_crl_sk(ctx, &crl, &dcrl, 
1370                                 &issuer, &crl_score, &reasons, ctx->crls);
1371
1372         if (ok)
1373                 goto done;
1374
1375         /* Lookup CRLs from store */
1376
1377         skcrl = ctx->lookup_crls(ctx, nm);
1378
1379         /* If no CRLs found and a near match from get_crl_sk use that */
1380         if (!skcrl && crl)
1381                 goto done;
1382
1383         get_crl_sk(ctx, &crl, &dcrl, &issuer, &crl_score, &reasons, skcrl);
1384
1385         sk_X509_CRL_pop_free(skcrl, X509_CRL_free);
1386
1387         done:
1388
1389         /* If we got any kind of CRL use it and return success */
1390         if (crl)
1391                 {
1392                 ctx->current_issuer = issuer;
1393                 ctx->current_crl_score = crl_score;
1394                 ctx->current_reasons = reasons;
1395                 *pcrl = crl;
1396                 *pdcrl = dcrl;
1397                 return 1;
1398                 }
1399
1400         return 0;
1401         }
1402
1403 /* Check CRL validity */
1404 static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
1405         {
1406         X509 *issuer = NULL;
1407         EVP_PKEY *ikey = NULL;
1408         int ok = 0, chnum, cnum;
1409         cnum = ctx->error_depth;
1410         chnum = sk_X509_num(ctx->chain) - 1;
1411         /* if we have an alternative CRL issuer cert use that */
1412         if (ctx->current_issuer)
1413                 issuer = ctx->current_issuer;
1414
1415         /* Else find CRL issuer: if not last certificate then issuer
1416          * is next certificate in chain.
1417          */
1418         else if (cnum < chnum)
1419                 issuer = sk_X509_value(ctx->chain, cnum + 1);
1420         else
1421                 {
1422                 issuer = sk_X509_value(ctx->chain, chnum);
1423                 /* If not self signed, can't check signature */
1424                 if(!ctx->check_issued(ctx, issuer, issuer))
1425                         {
1426                         ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER;
1427                         ok = ctx->verify_cb(0, ctx);
1428                         if(!ok) goto err;
1429                         }
1430                 }
1431
1432         if(issuer)
1433                 {
1434                 /* Skip most tests for deltas because they have already
1435                  * been done
1436                  */
1437                 if (!crl->base_crl_number)
1438                         {
1439                         /* Check for cRLSign bit if keyUsage present */
1440                         if ((issuer->ex_flags & EXFLAG_KUSAGE) &&
1441                                 !(issuer->ex_kusage & KU_CRL_SIGN))
1442                                 {
1443                                 ctx->error = X509_V_ERR_KEYUSAGE_NO_CRL_SIGN;
1444                                 ok = ctx->verify_cb(0, ctx);
1445                                 if(!ok) goto err;
1446                                 }
1447
1448                         if (!(ctx->current_crl_score & CRL_SCORE_SCOPE))
1449                                 {
1450                                 ctx->error = X509_V_ERR_DIFFERENT_CRL_SCOPE;
1451                                 ok = ctx->verify_cb(0, ctx);
1452                                 if(!ok) goto err;
1453                                 }
1454
1455                         if (!(ctx->current_crl_score & CRL_SCORE_SAME_PATH))
1456                                 {
1457                                 if (check_crl_path(ctx, ctx->current_issuer) <= 0)
1458                                         {
1459                                         ctx->error = X509_V_ERR_CRL_PATH_VALIDATION_ERROR;
1460                                         ok = ctx->verify_cb(0, ctx);
1461                                         if(!ok) goto err;
1462                                         }
1463                                 }
1464
1465                         if (crl->idp_flags & IDP_INVALID)
1466                                 {
1467                                 ctx->error = X509_V_ERR_INVALID_EXTENSION;
1468                                 ok = ctx->verify_cb(0, ctx);
1469                                 if(!ok) goto err;
1470                                 }
1471
1472
1473                         }
1474
1475                 if (!(ctx->current_crl_score & CRL_SCORE_TIME))
1476                         {
1477                         ok = check_crl_time(ctx, crl, 1);
1478                         if (!ok)
1479                                 goto err;
1480                         }
1481
1482                 /* Attempt to get issuer certificate public key */
1483                 ikey = X509_get_pubkey(issuer);
1484
1485                 if(!ikey)
1486                         {
1487                         ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
1488                         ok = ctx->verify_cb(0, ctx);
1489                         if (!ok) goto err;
1490                         }
1491                 else
1492                         {
1493                         /* Verify CRL signature */
1494                         if(X509_CRL_verify(crl, ikey) <= 0)
1495                                 {
1496                                 ctx->error=X509_V_ERR_CRL_SIGNATURE_FAILURE;
1497                                 ok = ctx->verify_cb(0, ctx);
1498                                 if (!ok) goto err;
1499                                 }
1500                         }
1501                 }
1502
1503         ok = 1;
1504
1505         err:
1506         EVP_PKEY_free(ikey);
1507         return ok;
1508         }
1509
1510 /* Check certificate against CRL */
1511 static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
1512         {
1513         int ok;
1514         X509_REVOKED *rev;
1515         /* The rules changed for this... previously if a CRL contained
1516          * unhandled critical extensions it could still be used to indicate
1517          * a certificate was revoked. This has since been changed since 
1518          * critical extension can change the meaning of CRL entries.
1519          */
1520         if (crl->flags & EXFLAG_CRITICAL)
1521                 {
1522                 if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
1523                         return 1;
1524                 ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION;
1525                 ok = ctx->verify_cb(0, ctx);
1526                 if(!ok)
1527                         return 0;
1528                 }
1529         /* Look for serial number of certificate in CRL
1530          * If found make sure reason is not removeFromCRL.
1531          */
1532         if (X509_CRL_get0_by_cert(crl, &rev, x))
1533                 {
1534                 if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
1535                         return 2;
1536                 ctx->error = X509_V_ERR_CERT_REVOKED;
1537                 ok = ctx->verify_cb(0, ctx);
1538                 if (!ok)
1539                         return 0;
1540                 }
1541
1542         return 1;
1543         }
1544
1545 static int check_policy(X509_STORE_CTX *ctx)
1546         {
1547         int ret;
1548         if (ctx->parent)
1549                 return 1;
1550         ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
1551                                 ctx->param->policies, ctx->param->flags);
1552         if (ret == 0)
1553                 {
1554                 X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE);
1555                 return 0;
1556                 }
1557         /* Invalid or inconsistent extensions */
1558         if (ret == -1)
1559                 {
1560                 /* Locate certificates with bad extensions and notify
1561                  * callback.
1562                  */
1563                 X509 *x;
1564                 int i;
1565                 for (i = 1; i < sk_X509_num(ctx->chain); i++)
1566                         {
1567                         x = sk_X509_value(ctx->chain, i);
1568                         if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
1569                                 continue;
1570                         ctx->current_cert = x;
1571                         ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
1572                         if(!ctx->verify_cb(0, ctx))
1573                                 return 0;
1574                         }
1575                 return 1;
1576                 }
1577         if (ret == -2)
1578                 {
1579                 ctx->current_cert = NULL;
1580                 ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
1581                 return ctx->verify_cb(0, ctx);
1582                 }
1583
1584         if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY)
1585                 {
1586                 ctx->current_cert = NULL;
1587                 ctx->error = X509_V_OK;
1588                 if (!ctx->verify_cb(2, ctx))
1589                         return 0;
1590                 }
1591
1592         return 1;
1593         }
1594
1595 static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
1596         {
1597         time_t *ptime;
1598         int i;
1599
1600         if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
1601                 ptime = &ctx->param->check_time;
1602         else
1603                 ptime = NULL;
1604
1605         i=X509_cmp_time(X509_get_notBefore(x), ptime);
1606         if (i == 0)
1607                 {
1608                 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
1609                 ctx->current_cert=x;
1610                 if (!ctx->verify_cb(0, ctx))
1611                         return 0;
1612                 }
1613
1614         if (i > 0)
1615                 {
1616                 ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
1617                 ctx->current_cert=x;
1618                 if (!ctx->verify_cb(0, ctx))
1619                         return 0;
1620                 }
1621
1622         i=X509_cmp_time(X509_get_notAfter(x), ptime);
1623         if (i == 0)
1624                 {
1625                 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
1626                 ctx->current_cert=x;
1627                 if (!ctx->verify_cb(0, ctx))
1628                         return 0;
1629                 }
1630
1631         if (i < 0)
1632                 {
1633                 ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
1634                 ctx->current_cert=x;
1635                 if (!ctx->verify_cb(0, ctx))
1636                         return 0;
1637                 }
1638
1639         return 1;
1640         }
1641
1642 static int internal_verify(X509_STORE_CTX *ctx)
1643         {
1644         int ok=0,n;
1645         X509 *xs,*xi;
1646         EVP_PKEY *pkey=NULL;
1647         int (*cb)(int xok,X509_STORE_CTX *xctx);
1648
1649         cb=ctx->verify_cb;
1650
1651         n=sk_X509_num(ctx->chain);
1652         ctx->error_depth=n-1;
1653         n--;
1654         xi=sk_X509_value(ctx->chain,n);
1655
1656         if (ctx->check_issued(ctx, xi, xi))
1657                 xs=xi;
1658         else
1659                 {
1660                 if (n <= 0)
1661                         {
1662                         ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
1663                         ctx->current_cert=xi;
1664                         ok=cb(0,ctx);
1665                         goto end;
1666                         }
1667                 else
1668                         {
1669                         n--;
1670                         ctx->error_depth=n;
1671                         xs=sk_X509_value(ctx->chain,n);
1672                         }
1673                 }
1674
1675 /*      ctx->error=0;  not needed */
1676         while (n >= 0)
1677                 {
1678                 ctx->error_depth=n;
1679
1680                 /* Skip signature check for self signed certificates unless
1681                  * explicitly asked for. It doesn't add any security and
1682                  * just wastes time.
1683                  */
1684                 if (!xs->valid && (xs != xi || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE)))
1685                         {
1686                         if ((pkey=X509_get_pubkey(xi)) == NULL)
1687                                 {
1688                                 ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
1689                                 ctx->current_cert=xi;
1690                                 ok=(*cb)(0,ctx);
1691                                 if (!ok) goto end;
1692                                 }
1693                         else if (X509_verify(xs,pkey) <= 0)
1694                                 {
1695                                 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
1696                                 ctx->current_cert=xs;
1697                                 ok=(*cb)(0,ctx);
1698                                 if (!ok)
1699                                         {
1700                                         EVP_PKEY_free(pkey);
1701                                         goto end;
1702                                         }
1703                                 }
1704                         EVP_PKEY_free(pkey);
1705                         pkey=NULL;
1706                         }
1707
1708                 xs->valid = 1;
1709
1710                 ok = check_cert_time(ctx, xs);
1711                 if (!ok)
1712                         goto end;
1713
1714                 /* The last error (if any) is still in the error value */
1715                 ctx->current_issuer=xi;
1716                 ctx->current_cert=xs;
1717                 ok=(*cb)(1,ctx);
1718                 if (!ok) goto end;
1719
1720                 n--;
1721                 if (n >= 0)
1722                         {
1723                         xi=xs;
1724                         xs=sk_X509_value(ctx->chain,n);
1725                         }
1726                 }
1727         ok=1;
1728 end:
1729         return ok;
1730         }
1731
1732 int X509_cmp_current_time(const ASN1_TIME *ctm)
1733 {
1734         return X509_cmp_time(ctm, NULL);
1735 }
1736
1737 int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
1738         {
1739         char *str;
1740         ASN1_TIME atm;
1741         long offset;
1742         char buff1[24],buff2[24],*p;
1743         int i,j;
1744
1745         p=buff1;
1746         i=ctm->length;
1747         str=(char *)ctm->data;
1748         if (ctm->type == V_ASN1_UTCTIME)
1749                 {
1750                 if ((i < 11) || (i > 17)) return 0;
1751                 memcpy(p,str,10);
1752                 p+=10;
1753                 str+=10;
1754                 }
1755         else
1756                 {
1757                 if (i < 13) return 0;
1758                 memcpy(p,str,12);
1759                 p+=12;
1760                 str+=12;
1761                 }
1762
1763         if ((*str == 'Z') || (*str == '-') || (*str == '+'))
1764                 { *(p++)='0'; *(p++)='0'; }
1765         else
1766                 { 
1767                 *(p++)= *(str++);
1768                 *(p++)= *(str++);
1769                 /* Skip any fractional seconds... */
1770                 if (*str == '.')
1771                         {
1772                         str++;
1773                         while ((*str >= '0') && (*str <= '9')) str++;
1774                         }
1775                 
1776                 }
1777         *(p++)='Z';
1778         *(p++)='\0';
1779
1780         if (*str == 'Z')
1781                 offset=0;
1782         else
1783                 {
1784                 if ((*str != '+') && (*str != '-'))
1785                         return 0;
1786                 offset=((str[1]-'0')*10+(str[2]-'0'))*60;
1787                 offset+=(str[3]-'0')*10+(str[4]-'0');
1788                 if (*str == '-')
1789                         offset= -offset;
1790                 }
1791         atm.type=ctm->type;
1792         atm.flags = 0;
1793         atm.length=sizeof(buff2);
1794         atm.data=(unsigned char *)buff2;
1795
1796         if (X509_time_adj(&atm, offset*60, cmp_time) == NULL)
1797                 return 0;
1798
1799         if (ctm->type == V_ASN1_UTCTIME)
1800                 {
1801                 i=(buff1[0]-'0')*10+(buff1[1]-'0');
1802                 if (i < 50) i+=100; /* cf. RFC 2459 */
1803                 j=(buff2[0]-'0')*10+(buff2[1]-'0');
1804                 if (j < 50) j+=100;
1805
1806                 if (i < j) return -1;
1807                 if (i > j) return 1;
1808                 }
1809         i=strcmp(buff1,buff2);
1810         if (i == 0) /* wait a second then return younger :-) */
1811                 return -1;
1812         else
1813                 return i;
1814         }
1815
1816 ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
1817 {
1818         return X509_time_adj(s, adj, NULL);
1819 }
1820
1821 ASN1_TIME *X509_time_adj(ASN1_TIME *s, long offset_sec, time_t *in_tm)
1822         {
1823         return X509_time_adj_ex(s, 0, offset_sec, in_tm);
1824         }
1825
1826 ASN1_TIME *X509_time_adj_ex(ASN1_TIME *s,
1827                                 int offset_day, long offset_sec, time_t *in_tm)
1828         {
1829         time_t t;
1830
1831         if (in_tm) t = *in_tm;
1832         else time(&t);
1833
1834         if (s && !(s->flags & ASN1_STRING_FLAG_MSTRING))
1835                 {
1836                 if (s->type == V_ASN1_UTCTIME)
1837                         return ASN1_UTCTIME_adj(s,t, offset_day, offset_sec);
1838                 if (s->type == V_ASN1_GENERALIZEDTIME)
1839                         return ASN1_GENERALIZEDTIME_adj(s, t, offset_day,
1840                                                                 offset_sec);
1841                 }
1842         return ASN1_TIME_adj(s, t, offset_day, offset_sec);
1843         }
1844
1845 int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
1846         {
1847         EVP_PKEY *ktmp=NULL,*ktmp2;
1848         int i,j;
1849
1850         if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1;
1851
1852         for (i=0; i<sk_X509_num(chain); i++)
1853                 {
1854                 ktmp=X509_get_pubkey(sk_X509_value(chain,i));
1855                 if (ktmp == NULL)
1856                         {
1857                         X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
1858                         return 0;
1859                         }
1860                 if (!EVP_PKEY_missing_parameters(ktmp))
1861                         break;
1862                 else
1863                         {
1864                         EVP_PKEY_free(ktmp);
1865                         ktmp=NULL;
1866                         }
1867                 }
1868         if (ktmp == NULL)
1869                 {
1870                 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
1871                 return 0;
1872                 }
1873
1874         /* first, populate the other certs */
1875         for (j=i-1; j >= 0; j--)
1876                 {
1877                 ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
1878                 EVP_PKEY_copy_parameters(ktmp2,ktmp);
1879                 EVP_PKEY_free(ktmp2);
1880                 }
1881         
1882         if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
1883         EVP_PKEY_free(ktmp);
1884         return 1;
1885         }
1886
1887 int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
1888              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
1889         {
1890         /* This function is (usually) called only once, by
1891          * SSL_get_ex_data_X509_STORE_CTX_idx (ssl/ssl_cert.c). */
1892         return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, argl, argp,
1893                         new_func, dup_func, free_func);
1894         }
1895
1896 int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
1897         {
1898         return CRYPTO_set_ex_data(&ctx->ex_data,idx,data);
1899         }
1900
1901 void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
1902         {
1903         return CRYPTO_get_ex_data(&ctx->ex_data,idx);
1904         }
1905
1906 int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
1907         {
1908         return ctx->error;
1909         }
1910
1911 void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
1912         {
1913         ctx->error=err;
1914         }
1915
1916 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
1917         {
1918         return ctx->error_depth;
1919         }
1920
1921 X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
1922         {
1923         return ctx->current_cert;
1924         }
1925
1926 STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
1927         {
1928         return ctx->chain;
1929         }
1930
1931 STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
1932         {
1933         int i;
1934         X509 *x;
1935         STACK_OF(X509) *chain;
1936         if (!ctx->chain || !(chain = sk_X509_dup(ctx->chain))) return NULL;
1937         for (i = 0; i < sk_X509_num(chain); i++)
1938                 {
1939                 x = sk_X509_value(chain, i);
1940                 CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
1941                 }
1942         return chain;
1943         }
1944
1945 X509 *X509_STORE_CTX_get0_current_issuer(X509_STORE_CTX *ctx)
1946         {
1947         return ctx->current_issuer;
1948         }
1949
1950 X509_CRL *X509_STORE_CTX_get0_current_crl(X509_STORE_CTX *ctx)
1951         {
1952         return ctx->current_crl;
1953         }
1954
1955 X509_STORE_CTX *X509_STORE_CTX_get0_parent_ctx(X509_STORE_CTX *ctx)
1956         {
1957         return ctx->parent;
1958         }
1959
1960 void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
1961         {
1962         ctx->cert=x;
1963         }
1964
1965 void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
1966         {
1967         ctx->untrusted=sk;
1968         }
1969
1970 void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
1971         {
1972         ctx->crls=sk;
1973         }
1974
1975 int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
1976         {
1977         return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
1978         }
1979
1980 int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust)
1981         {
1982         return X509_STORE_CTX_purpose_inherit(ctx, 0, 0, trust);
1983         }
1984
1985 /* This function is used to set the X509_STORE_CTX purpose and trust
1986  * values. This is intended to be used when another structure has its
1987  * own trust and purpose values which (if set) will be inherited by
1988  * the ctx. If they aren't set then we will usually have a default
1989  * purpose in mind which should then be used to set the trust value.
1990  * An example of this is SSL use: an SSL structure will have its own
1991  * purpose and trust settings which the application can set: if they
1992  * aren't set then we use the default of SSL client/server.
1993  */
1994
1995 int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
1996                                 int purpose, int trust)
1997 {
1998         int idx;
1999         /* If purpose not set use default */
2000         if (!purpose) purpose = def_purpose;
2001         /* If we have a purpose then check it is valid */
2002         if (purpose)
2003                 {
2004                 X509_PURPOSE *ptmp;
2005                 idx = X509_PURPOSE_get_by_id(purpose);
2006                 if (idx == -1)
2007                         {
2008                         X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
2009                                                 X509_R_UNKNOWN_PURPOSE_ID);
2010                         return 0;
2011                         }
2012                 ptmp = X509_PURPOSE_get0(idx);
2013                 if (ptmp->trust == X509_TRUST_DEFAULT)
2014                         {
2015                         idx = X509_PURPOSE_get_by_id(def_purpose);
2016                         if (idx == -1)
2017                                 {
2018                                 X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
2019                                                 X509_R_UNKNOWN_PURPOSE_ID);
2020                                 return 0;
2021                                 }
2022                         ptmp = X509_PURPOSE_get0(idx);
2023                         }
2024                 /* If trust not set then get from purpose default */
2025                 if (!trust) trust = ptmp->trust;
2026                 }
2027         if (trust)
2028                 {
2029                 idx = X509_TRUST_get_by_id(trust);
2030                 if (idx == -1)
2031                         {
2032                         X509err(X509_F_X509_STORE_CTX_PURPOSE_INHERIT,
2033                                                 X509_R_UNKNOWN_TRUST_ID);
2034                         return 0;
2035                         }
2036                 }
2037
2038         if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose;
2039         if (trust && !ctx->param->trust) ctx->param->trust = trust;
2040         return 1;
2041 }
2042
2043 X509_STORE_CTX *X509_STORE_CTX_new(void)
2044 {
2045         X509_STORE_CTX *ctx;
2046         ctx = (X509_STORE_CTX *)OPENSSL_malloc(sizeof(X509_STORE_CTX));
2047         if (!ctx)
2048                 {
2049                 X509err(X509_F_X509_STORE_CTX_NEW,ERR_R_MALLOC_FAILURE);
2050                 return NULL;
2051                 }
2052         memset(ctx, 0, sizeof(X509_STORE_CTX));
2053         return ctx;
2054 }
2055
2056 void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
2057 {
2058         X509_STORE_CTX_cleanup(ctx);
2059         OPENSSL_free(ctx);
2060 }
2061
2062 int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
2063              STACK_OF(X509) *chain)
2064         {
2065         int ret = 1;
2066         ctx->ctx=store;
2067         ctx->current_method=0;
2068         ctx->cert=x509;
2069         ctx->untrusted=chain;
2070         ctx->crls = NULL;
2071         ctx->last_untrusted=0;
2072         ctx->other_ctx=NULL;
2073         ctx->valid=0;
2074         ctx->chain=NULL;
2075         ctx->error=0;
2076         ctx->explicit_policy=0;
2077         ctx->error_depth=0;
2078         ctx->current_cert=NULL;
2079         ctx->current_issuer=NULL;
2080         ctx->current_crl=NULL;
2081         ctx->current_crl_score=0;
2082         ctx->current_reasons=0;
2083         ctx->tree = NULL;
2084         ctx->parent = NULL;
2085
2086         ctx->param = X509_VERIFY_PARAM_new();
2087
2088         if (!ctx->param)
2089                 {
2090                 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
2091                 return 0;
2092                 }
2093
2094         /* Inherit callbacks and flags from X509_STORE if not set
2095          * use defaults.
2096          */
2097
2098
2099         if (store)
2100                 ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
2101         else
2102                 ctx->param->inh_flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE;
2103
2104         if (store)
2105                 {
2106                 ctx->verify_cb = store->verify_cb;
2107                 ctx->cleanup = store->cleanup;
2108                 }
2109         else
2110                 ctx->cleanup = 0;
2111
2112         if (ret)
2113                 ret = X509_VERIFY_PARAM_inherit(ctx->param,
2114                                         X509_VERIFY_PARAM_lookup("default"));
2115
2116         if (ret == 0)
2117                 {
2118                 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
2119                 return 0;
2120                 }
2121
2122         if (store && store->check_issued)
2123                 ctx->check_issued = store->check_issued;
2124         else
2125                 ctx->check_issued = check_issued;
2126
2127         if (store && store->get_issuer)
2128                 ctx->get_issuer = store->get_issuer;
2129         else
2130                 ctx->get_issuer = X509_STORE_CTX_get1_issuer;
2131
2132         if (store && store->verify_cb)
2133                 ctx->verify_cb = store->verify_cb;
2134         else
2135                 ctx->verify_cb = null_callback;
2136
2137         if (store && store->verify)
2138                 ctx->verify = store->verify;
2139         else
2140                 ctx->verify = internal_verify;
2141
2142         if (store && store->check_revocation)
2143                 ctx->check_revocation = store->check_revocation;
2144         else
2145                 ctx->check_revocation = check_revocation;
2146
2147         if (store && store->get_crl)
2148                 ctx->get_crl = store->get_crl;
2149         else
2150                 ctx->get_crl = NULL;
2151
2152         if (store && store->check_crl)
2153                 ctx->check_crl = store->check_crl;
2154         else
2155                 ctx->check_crl = check_crl;
2156
2157         if (store && store->cert_crl)
2158                 ctx->cert_crl = store->cert_crl;
2159         else
2160                 ctx->cert_crl = cert_crl;
2161
2162         if (store && store->lookup_certs)
2163                 ctx->lookup_certs = store->lookup_certs;
2164         else
2165                 ctx->lookup_certs = X509_STORE_get1_certs;
2166
2167         if (store && store->lookup_crls)
2168                 ctx->lookup_crls = store->lookup_crls;
2169         else
2170                 ctx->lookup_crls = X509_STORE_get1_crls;
2171
2172         ctx->check_policy = check_policy;
2173
2174
2175         /* This memset() can't make any sense anyway, so it's removed. As
2176          * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
2177          * corresponding "new" here and remove this bogus initialisation. */
2178         /* memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); */
2179         if(!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx,
2180                                 &(ctx->ex_data)))
2181                 {
2182                 OPENSSL_free(ctx);
2183                 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
2184                 return 0;
2185                 }
2186         return 1;
2187         }
2188
2189 /* Set alternative lookup method: just a STACK of trusted certificates.
2190  * This avoids X509_STORE nastiness where it isn't needed.
2191  */
2192
2193 void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
2194 {
2195         ctx->other_ctx = sk;
2196         ctx->get_issuer = get_issuer_sk;
2197 }
2198
2199 void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
2200         {
2201         if (ctx->cleanup) ctx->cleanup(ctx);
2202         if (ctx->param != NULL)
2203                 {
2204                 if (ctx->parent == NULL)
2205                         X509_VERIFY_PARAM_free(ctx->param);
2206                 ctx->param=NULL;
2207                 }
2208         if (ctx->tree != NULL)
2209                 {
2210                 X509_policy_tree_free(ctx->tree);
2211                 ctx->tree=NULL;
2212                 }
2213         if (ctx->chain != NULL)
2214                 {
2215                 sk_X509_pop_free(ctx->chain,X509_free);
2216                 ctx->chain=NULL;
2217                 }
2218         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
2219         memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
2220         }
2221
2222 void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth)
2223         {
2224         X509_VERIFY_PARAM_set_depth(ctx->param, depth);
2225         }
2226
2227 void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags)
2228         {
2229         X509_VERIFY_PARAM_set_flags(ctx->param, flags);
2230         }
2231
2232 void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t)
2233         {
2234         X509_VERIFY_PARAM_set_time(ctx->param, t);
2235         }
2236
2237 void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
2238                                   int (*verify_cb)(int, X509_STORE_CTX *))
2239         {
2240         ctx->verify_cb=verify_cb;
2241         }
2242
2243 X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
2244         {
2245         return ctx->tree;
2246         }
2247
2248 int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
2249         {
2250         return ctx->explicit_policy;
2251         }
2252
2253 int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
2254         {
2255         const X509_VERIFY_PARAM *param;
2256         param = X509_VERIFY_PARAM_lookup(name);
2257         if (!param)
2258                 return 0;
2259         return X509_VERIFY_PARAM_inherit(ctx->param, param);
2260         }
2261
2262 X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
2263         {
2264         return ctx->param;
2265         }
2266
2267 void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
2268         {
2269         if (ctx->param)
2270                 X509_VERIFY_PARAM_free(ctx->param);
2271         ctx->param = param;
2272         }
2273
2274 IMPLEMENT_STACK_OF(X509)
2275 IMPLEMENT_ASN1_SET_OF(X509)
2276
2277 IMPLEMENT_STACK_OF(X509_NAME)
2278
2279 IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
2280 IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)