#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/objects.h>
+#include <openssl/core_names.h>
#include "internal/dane.h"
#include "crypto/x509.h"
#include "x509_local.h"
else
*result = xtmp;
}
- sk_X509_pop_free(certs, X509_free);
+ OSSL_STACK_OF_X509_free(certs);
return ret;
}
return 0;
}
-/*
- * Alternative lookup method: look from a STACK stored in other_ctx.
+/*-
+ * Alternative get_issuer method: look up from a STACK_OF(X509) in other_ctx.
* Returns -1 on internal error.
*/
static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
return 0;
}
-/* Returns NULL on internal error (such as out of memory) */
+/*-
+ * Alternative lookup method: look from a STACK stored in other_ctx.
+ * Returns NULL on internal error (such as out of memory).
+ */
static STACK_OF(X509) *lookup_certs_sk(X509_STORE_CTX *ctx,
const X509_NAME *nm)
{
x = sk_X509_value(ctx->other_ctx, i);
if (X509_NAME_cmp(nm, X509_get_subject_name(x)) == 0) {
if (!X509_add_cert(sk, x, X509_ADD_FLAG_UP_REF)) {
- sk_X509_pop_free(sk, X509_free);
+ OSSL_STACK_OF_X509_free(sk);
ctx->error = X509_V_ERR_OUT_OF_MEM;
return NULL;
}
CB_FAIL_IF(x->altname != NULL
&& sk_GENERAL_NAME_num(x->altname) <= 0,
ctx, x, i, X509_V_ERR_EMPTY_SUBJECT_ALT_NAME);
- /* TODO add more checks on SAN entries */
/* Check sig alg consistency acc. to RFC 5280 section 4.1.1.2 */
CB_FAIL_IF(X509_ALGOR_cmp(&x->sig_alg, &x->cert_info.signature) != 0,
ctx, x, i, X509_V_ERR_SIGNATURE_ALGORITHM_INCONSISTENCY);
GENERAL_NAMES *gs = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
if (gs == NULL)
- return -1;
+ return 0;
for (i = 0; i < sk_GENERAL_NAME_num(gs); i++) {
GENERAL_NAME *g = sk_GENERAL_NAME_value(gs, i);
for (i = num_untrusted; i < num; i++) {
x = sk_X509_value(ctx->chain, i);
trust = X509_check_trust(x, ctx->param->trust, 0);
- /* If explicitly trusted return trusted */
+ /* If explicitly trusted (so not neutral nor rejected) return trusted */
if (trust == X509_TRUST_TRUSTED)
goto trusted;
if (trust == X509_TRUST_REJECTED)
}
}
- /* in addition to RFC 5280, do also for trusted (root) cert */
+ /* In addition to RFC 5280 requirements do also for trust anchor cert */
/* Calls verify callback as needed */
if (!ossl_x509_check_cert_time(ctx, xs, n))
return 0;
rvn = sk_X509_REVOKED_value(revs, i);
/*
- * Add only if not also in base. TODO: need something cleverer here
- * for some more complex CRLs covering multiple CAs.
+ * Add only if not also in base.
+ * Need something cleverer here for some more complex CRLs covering
+ * multiple CAs.
*/
if (!X509_CRL_get0_by_serial(base, &rvtmp, &rvn->serialNumber)) {
rvtmp = X509_REVOKED_dup(rvn);
}
}
}
- /* TODO: optionally prune deleted entries */
if (skey != NULL && md != NULL && !X509_CRL_sign(crl, skey, md))
goto memerr;
}
/*
- * Set alternative lookup method: just a STACK of trusted certificates. This
- * avoids X509_STORE nastiness where it isn't needed.
+ * Set alternative get_issuer method: just from a STACK of trusted certificates.
+ * This avoids the complexity of X509_STORE where it is not needed.
*/
void X509_STORE_CTX_set0_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
{
}
X509_policy_tree_free(ctx->tree);
ctx->tree = NULL;
- sk_X509_pop_free(ctx->chain, X509_free);
+ OSSL_STACK_OF_X509_free(ctx->chain);
ctx->chain = NULL;
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
memset(&ctx->ex_data, 0, sizeof(ctx->ex_data));
void X509_STORE_CTX_set0_verified_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
{
- sk_X509_pop_free(ctx->chain, X509_free);
+ OSSL_STACK_OF_X509_free(ctx->chain);
ctx->chain = sk;
}
#define S_DOTRUSTED (1 << 1) /* Search trusted store */
#define S_DOALTERNATE (1 << 2) /* Retry with pruned alternate chain */
/*
- * Set up search policy, untrusted if possible, trusted-first if enabled.
+ * Set up search policy, untrusted if possible, trusted-first if enabled,
+ * which is the default.
* If we're doing DANE and not doing PKIX-TA/PKIX-EE, we never look in the
* trust_store, otherwise we might look there first. If not trusted-first,
* and alternate chains are not disabled, try building an alternate chain
may_trusted = 1;
}
- /*
- * Shallow-copy the stack of untrusted certificates (with TLS, this is
- * typically the content of the peer's certificate message) so can make
- * multiple passes over it, while free to remove elements as we go.
- */
- if ((sk_untrusted = sk_X509_dup(ctx->untrusted)) == NULL)
+ /* Initialize empty untrusted stack. */
+ if ((sk_untrusted = sk_X509_new_null()) == NULL)
goto memerr;
/*
- * If we got any "DANE-TA(2) Cert(0) Full(0)" trust anchors from DNS, add
- * them to our working copy of the untrusted certificate stack.
+ * If we got any "Cert(0) Full(0)" trust anchors from DNS, *prepend* them
+ * to our working copy of the untrusted certificate stack.
*/
if (DANETLS_ENABLED(dane) && dane->certs != NULL
&& !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT))
goto memerr;
+ /*
+ * Shallow-copy the stack of untrusted certificates (with TLS, this is
+ * typically the content of the peer's certificate message) so we can make
+ * multiple passes over it, while free to remove elements as we go.
+ */
+ if (!X509_add_certs(sk_untrusted, ctx->untrusted, X509_ADD_FLAG_DEFAULT))
+ goto memerr;
+
/*
* Still absurdly large, but arithmetically safe, a lower hard upper bound
* might be reasonable.
if (!ossl_assert(num == ctx->num_untrusted))
goto int_err;
curr = sk_X509_value(ctx->chain, num - 1);
- issuer = (X509_self_signed(curr, 0) || num > max_depth) ?
+ issuer = (X509_self_signed(curr, 0) > 0 || num > max_depth) ?
NULL : find_issuer(ctx, sk_untrusted, curr);
if (issuer == NULL) {
/*
return 0;
case X509_TRUST_UNTRUSTED:
default:
- switch(ctx->error) {
+ switch (ctx->error) {
case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
case X509_V_ERR_CERT_NOT_YET_VALID:
case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
CB_FAIL_IF(DANETLS_ENABLED(dane)
&& (!DANETLS_HAS_PKIX(dane) || dane->pdpth >= 0),
ctx, NULL, num - 1, X509_V_ERR_DANE_NO_MATCH);
- if (X509_self_signed(sk_X509_value(ctx->chain, num - 1), 0))
+ if (X509_self_signed(sk_X509_value(ctx->chain, num - 1), 0) > 0)
return verify_cb_cert(ctx, NULL, num - 1,
num == 1
? X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
return result;
}
+/*
+ * note that there's a corresponding minbits_table in ssl/ssl_cert.c
+ * in ssl_get_security_level_bits that's used for selection of DH parameters
+ */
static const int minbits_table[] = { 80, 112, 128, 192, 256 };
static const int NUM_AUTH_LEVELS = OSSL_NELEM(minbits_table);
if (level > NUM_AUTH_LEVELS)
level = NUM_AUTH_LEVELS;
- return EVP_PKEY_security_bits(pkey) >= minbits_table[level - 1];
+ return EVP_PKEY_get_security_bits(pkey) >= minbits_table[level - 1];
}
/*-
*/
static int check_curve(X509 *cert)
{
-#ifndef OPENSSL_NO_EC
EVP_PKEY *pkey = X509_get0_pubkey(cert);
/* Unsupported or malformed key */
if (pkey == NULL)
return -1;
- if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
- int ret;
+ if (EVP_PKEY_get_id(pkey) == EVP_PKEY_EC) {
+ int ret, val;
- ret = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
- return ret < 0 ? ret : !ret;
+ ret = EVP_PKEY_get_int_param(pkey,
+ OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS,
+ &val);
+ return ret < 0 ? ret : !val;
}
-#endif
return 1;
}