x509_trust.c 8.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301
  1. /*
  2. * Copyright 1999-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/x509v3.h>
  12. #include "crypto/x509.h"
  13. static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b);
  14. static void trtable_free(X509_TRUST *p);
  15. static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags);
  16. static int trust_1oid(X509_TRUST *trust, X509 *x, int flags);
  17. static int trust_compat(X509_TRUST *trust, X509 *x, int flags);
  18. static int obj_trust(int id, X509 *x, int flags);
  19. static int (*default_trust) (int id, X509 *x, int flags) = obj_trust;
  20. /*
  21. * WARNING: the following table should be kept in order of trust and without
  22. * any gaps so we can just subtract the minimum trust value to get an index
  23. * into the table
  24. */
  25. static X509_TRUST trstandard[] = {
  26. {X509_TRUST_COMPAT, 0, trust_compat, "compatible", 0, NULL},
  27. {X509_TRUST_SSL_CLIENT, 0, trust_1oidany, "SSL Client", NID_client_auth,
  28. NULL},
  29. {X509_TRUST_SSL_SERVER, 0, trust_1oidany, "SSL Server", NID_server_auth,
  30. NULL},
  31. {X509_TRUST_EMAIL, 0, trust_1oidany, "S/MIME email", NID_email_protect,
  32. NULL},
  33. {X509_TRUST_OBJECT_SIGN, 0, trust_1oidany, "Object Signer", NID_code_sign,
  34. NULL},
  35. {X509_TRUST_OCSP_SIGN, 0, trust_1oid, "OCSP responder", NID_OCSP_sign,
  36. NULL},
  37. {X509_TRUST_OCSP_REQUEST, 0, trust_1oid, "OCSP request", NID_ad_OCSP,
  38. NULL},
  39. {X509_TRUST_TSA, 0, trust_1oidany, "TSA server", NID_time_stamp, NULL}
  40. };
  41. #define X509_TRUST_COUNT OSSL_NELEM(trstandard)
  42. static STACK_OF(X509_TRUST) *trtable = NULL;
  43. static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b)
  44. {
  45. return (*a)->trust - (*b)->trust;
  46. }
  47. int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
  48. int) {
  49. int (*oldtrust) (int, X509 *, int);
  50. oldtrust = default_trust;
  51. default_trust = trust;
  52. return oldtrust;
  53. }
  54. /* Returns X509_TRUST_TRUSTED, X509_TRUST_REJECTED, or X509_TRUST_UNTRUSTED */
  55. int X509_check_trust(X509 *x, int id, int flags)
  56. {
  57. X509_TRUST *pt;
  58. int idx;
  59. /* We get this as a default value */
  60. if (id == X509_TRUST_DEFAULT)
  61. return obj_trust(NID_anyExtendedKeyUsage, x,
  62. flags | X509_TRUST_DO_SS_COMPAT);
  63. idx = X509_TRUST_get_by_id(id);
  64. if (idx < 0)
  65. return default_trust(id, x, flags);
  66. pt = X509_TRUST_get0(idx);
  67. return pt->check_trust(pt, x, flags);
  68. }
  69. int X509_TRUST_get_count(void)
  70. {
  71. if (!trtable)
  72. return X509_TRUST_COUNT;
  73. return sk_X509_TRUST_num(trtable) + X509_TRUST_COUNT;
  74. }
  75. X509_TRUST *X509_TRUST_get0(int idx)
  76. {
  77. if (idx < 0)
  78. return NULL;
  79. if (idx < (int)X509_TRUST_COUNT)
  80. return trstandard + idx;
  81. return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
  82. }
  83. int X509_TRUST_get_by_id(int id)
  84. {
  85. X509_TRUST tmp;
  86. int idx;
  87. if ((id >= X509_TRUST_MIN) && (id <= X509_TRUST_MAX))
  88. return id - X509_TRUST_MIN;
  89. if (trtable == NULL)
  90. return -1;
  91. tmp.trust = id;
  92. idx = sk_X509_TRUST_find(trtable, &tmp);
  93. if (idx < 0)
  94. return -1;
  95. return idx + X509_TRUST_COUNT;
  96. }
  97. int X509_TRUST_set(int *t, int trust)
  98. {
  99. if (X509_TRUST_get_by_id(trust) < 0) {
  100. ERR_raise(ERR_LIB_X509, X509_R_INVALID_TRUST);
  101. return 0;
  102. }
  103. *t = trust;
  104. return 1;
  105. }
  106. int X509_TRUST_add(int id, int flags, int (*ck) (X509_TRUST *, X509 *, int),
  107. const char *name, int arg1, void *arg2)
  108. {
  109. int idx;
  110. X509_TRUST *trtmp;
  111. /*
  112. * This is set according to what we change: application can't set it
  113. */
  114. flags &= ~X509_TRUST_DYNAMIC;
  115. /* This will always be set for application modified trust entries */
  116. flags |= X509_TRUST_DYNAMIC_NAME;
  117. /* Get existing entry if any */
  118. idx = X509_TRUST_get_by_id(id);
  119. /* Need a new entry */
  120. if (idx < 0) {
  121. if ((trtmp = OPENSSL_malloc(sizeof(*trtmp))) == NULL) {
  122. ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
  123. return 0;
  124. }
  125. trtmp->flags = X509_TRUST_DYNAMIC;
  126. } else
  127. trtmp = X509_TRUST_get0(idx);
  128. /* OPENSSL_free existing name if dynamic */
  129. if (trtmp->flags & X509_TRUST_DYNAMIC_NAME)
  130. OPENSSL_free(trtmp->name);
  131. /* dup supplied name */
  132. if ((trtmp->name = OPENSSL_strdup(name)) == NULL) {
  133. ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
  134. goto err;
  135. }
  136. /* Keep the dynamic flag of existing entry */
  137. trtmp->flags &= X509_TRUST_DYNAMIC;
  138. /* Set all other flags */
  139. trtmp->flags |= flags;
  140. trtmp->trust = id;
  141. trtmp->check_trust = ck;
  142. trtmp->arg1 = arg1;
  143. trtmp->arg2 = arg2;
  144. /* If its a new entry manage the dynamic table */
  145. if (idx < 0) {
  146. if (trtable == NULL
  147. && (trtable = sk_X509_TRUST_new(tr_cmp)) == NULL) {
  148. ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
  149. goto err;
  150. }
  151. if (!sk_X509_TRUST_push(trtable, trtmp)) {
  152. ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
  153. goto err;
  154. }
  155. }
  156. return 1;
  157. err:
  158. if (idx < 0) {
  159. OPENSSL_free(trtmp->name);
  160. OPENSSL_free(trtmp);
  161. }
  162. return 0;
  163. }
  164. static void trtable_free(X509_TRUST *p)
  165. {
  166. if (p == NULL)
  167. return;
  168. if (p->flags & X509_TRUST_DYNAMIC) {
  169. if (p->flags & X509_TRUST_DYNAMIC_NAME)
  170. OPENSSL_free(p->name);
  171. OPENSSL_free(p);
  172. }
  173. }
  174. void X509_TRUST_cleanup(void)
  175. {
  176. sk_X509_TRUST_pop_free(trtable, trtable_free);
  177. trtable = NULL;
  178. }
  179. int X509_TRUST_get_flags(const X509_TRUST *xp)
  180. {
  181. return xp->flags;
  182. }
  183. char *X509_TRUST_get0_name(const X509_TRUST *xp)
  184. {
  185. return xp->name;
  186. }
  187. int X509_TRUST_get_trust(const X509_TRUST *xp)
  188. {
  189. return xp->trust;
  190. }
  191. static int trust_1oidany(X509_TRUST *trust, X509 *x, int flags)
  192. {
  193. /*
  194. * Declare the chain verified if the desired trust OID is not rejected in
  195. * any auxiliary trust info for this certificate, and the OID is either
  196. * expressly trusted, or else either "anyEKU" is trusted, or the
  197. * certificate is self-signed and X509_TRUST_NO_SS_COMPAT is not set.
  198. */
  199. flags |= X509_TRUST_DO_SS_COMPAT | X509_TRUST_OK_ANY_EKU;
  200. return obj_trust(trust->arg1, x, flags);
  201. }
  202. static int trust_1oid(X509_TRUST *trust, X509 *x, int flags)
  203. {
  204. /*
  205. * Declare the chain verified only if the desired trust OID is not
  206. * rejected and is expressly trusted. Neither "anyEKU" nor "compat"
  207. * trust in self-signed certificates apply.
  208. */
  209. flags &= ~(X509_TRUST_DO_SS_COMPAT | X509_TRUST_OK_ANY_EKU);
  210. return obj_trust(trust->arg1, x, flags);
  211. }
  212. static int trust_compat(X509_TRUST *trust, X509 *x, int flags)
  213. {
  214. /* Call for side-effect of setting EXFLAG_SS for self-signed-certs */
  215. if (X509_check_purpose(x, -1, 0) != 1)
  216. return X509_TRUST_UNTRUSTED;
  217. if ((flags & X509_TRUST_NO_SS_COMPAT) == 0 && (x->ex_flags & EXFLAG_SS))
  218. return X509_TRUST_TRUSTED;
  219. else
  220. return X509_TRUST_UNTRUSTED;
  221. }
  222. static int obj_trust(int id, X509 *x, int flags)
  223. {
  224. X509_CERT_AUX *ax = x->aux;
  225. int i;
  226. if (ax != NULL && ax->reject != NULL) {
  227. for (i = 0; i < sk_ASN1_OBJECT_num(ax->reject); i++) {
  228. ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(ax->reject, i);
  229. int nid = OBJ_obj2nid(obj);
  230. if (nid == id || (nid == NID_anyExtendedKeyUsage &&
  231. (flags & X509_TRUST_OK_ANY_EKU)))
  232. return X509_TRUST_REJECTED;
  233. }
  234. }
  235. if (ax != NULL && ax->trust != NULL) {
  236. for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) {
  237. ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(ax->trust, i);
  238. int nid = OBJ_obj2nid(obj);
  239. if (nid == id || (nid == NID_anyExtendedKeyUsage &&
  240. (flags & X509_TRUST_OK_ANY_EKU)))
  241. return X509_TRUST_TRUSTED;
  242. }
  243. /*
  244. * Reject when explicit trust EKU are set and none match.
  245. *
  246. * Returning untrusted is enough for for full chains that end in
  247. * self-signed roots, because when explicit trust is specified it
  248. * suppresses the default blanket trust of self-signed objects.
  249. *
  250. * But for partial chains, this is not enough, because absent a similar
  251. * trust-self-signed policy, non matching EKUs are indistinguishable
  252. * from lack of EKU constraints.
  253. *
  254. * Therefore, failure to match any trusted purpose must trigger an
  255. * explicit reject.
  256. */
  257. return X509_TRUST_REJECTED;
  258. }
  259. if ((flags & X509_TRUST_DO_SS_COMPAT) == 0)
  260. return X509_TRUST_UNTRUSTED;
  261. /*
  262. * Not rejected, and there is no list of accepted uses, try compat.
  263. */
  264. return trust_compat(NULL, x, flags);
  265. }