search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'tlsprogs'
[unleashed.git] / lib / libtls / tls_verify.c
blob23e58ebef7829316abf054845d5f1a12e4c3a7c3
1 /* $OpenBSD: tls_verify.c,v 1.18 2016/11/04 15:32:40 jsing Exp $ */
2 /*
3 * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18 #include <sys/socket.h>
19
20 #include <arpa/inet.h>
21 #include <netinet/in.h>
22
23 #include <string.h>
24
25 #include <openssl/x509v3.h>
26
27 #include <tls.h>
28 #include "tls_internal.h"
29
30 static int tls_match_name(const char *cert_name, const char *name);
31 static int tls_check_subject_altname(struct tls *ctx, X509 *cert,
32 const char *name);
33 static int tls_check_common_name(struct tls *ctx, X509 *cert, const char *name);
34
35 static int
36 tls_match_name(const char *cert_name, const char *name)
37 {
38 const char *cert_domain, *domain, *next_dot;
39
40 if (strcasecmp(cert_name, name) == 0)
41 return 0;
42
43 /* Wildcard match? */
44 if (cert_name[0] == '*') {
45 /*
46 * Valid wildcards:
47 * - "*.domain.tld"
48 * - "*.sub.domain.tld"
49 * - etc.
50 * Reject "*.tld".
51 * No attempt to prevent the use of eg. "*.co.uk".
52 */
53 cert_domain = &cert_name[1];
54 /* Disallow "*" */
55 if (cert_domain[0] == '\0')
56 return -1;
57 /* Disallow "*foo" */
58 if (cert_domain[0] != '.')
59 return -1;
60 /* Disallow "*.." */
61 if (cert_domain[1] == '.')
62 return -1;
63 next_dot = strchr(&cert_domain[1], '.');
64 /* Disallow "*.bar" */
65 if (next_dot == NULL)
66 return -1;
67 /* Disallow "*.bar.." */
68 if (next_dot[1] == '.')
69 return -1;
70
71 domain = strchr(name, '.');
72
73 /* No wildcard match against a name with no host part. */
74 if (name[0] == '.')
75 return -1;
76 /* No wildcard match against a name with no domain part. */
77 if (domain == NULL || strlen(domain) == 1)
78 return -1;
79
80 if (strcasecmp(cert_domain, domain) == 0)
81 return 0;
82 }
83
84 return -1;
85 }
86
87 /* See RFC 5280 section 4.2.1.6 for SubjectAltName details. */
88 static int
89 tls_check_subject_altname(struct tls *ctx, X509 *cert, const char *name)
90 {
91 STACK_OF(GENERAL_NAME) *altname_stack = NULL;
92 union tls_addr addrbuf;
93 int addrlen, type;
94 int count, i;
95 int rv = -1;
96
97 altname_stack = X509_get_ext_d2i(cert, NID_subject_alt_name,
98 NULL, NULL);
99 if (altname_stack == NULL)
100 return -1;
101
102 if (inet_pton(AF_INET, name, &addrbuf) == 1) {
103 type = GEN_IPADD;
104 addrlen = 4;
105 } else if (inet_pton(AF_INET6, name, &addrbuf) == 1) {
106 type = GEN_IPADD;
107 addrlen = 16;
108 } else {
109 type = GEN_DNS;
110 addrlen = 0;
111 }
112
113 count = sk_GENERAL_NAME_num(altname_stack);
114 for (i = 0; i < count; i++) {
115 GENERAL_NAME *altname;
116
117 altname = sk_GENERAL_NAME_value(altname_stack, i);
118 if (altname->type != type)
119 continue;
120
121 if (type == GEN_DNS) {
122 unsigned char *data;
123 int format, len;
124
125 format = ASN1_STRING_type(altname->d.dNSName);
126 if (format == V_ASN1_IA5STRING) {
127 data = ASN1_STRING_data(altname->d.dNSName);
128 len = ASN1_STRING_length(altname->d.dNSName);
129
130 if (len < 0 || (size_t)len != strlen(data)) {
131 tls_set_errorx(ctx,
132 "error verifying name '%s': "
133 "NUL byte in subjectAltName, "
134 "probably a malicious certificate",
135 name);
136 rv = -2;
137 break;
138 }
139
140 /*
141 * Per RFC 5280 section 4.2.1.6:
142 * " " is a legal domain name, but that
143 * dNSName must be rejected.
144 */
145 if (strcmp(data, " ") == 0) {
146 tls_set_error(ctx,
147 "error verifying name '%s': "
148 "a dNSName of \" \" must not be "
149 "used", name);
150 rv = -2;
151 break;
152 }
153
154 if (tls_match_name(data, name) == 0) {
155 rv = 0;
156 break;
157 }
158 } else {
159 #ifdef DEBUG
160 fprintf(stdout, "%s: unhandled subjectAltName "
161 "dNSName encoding (%d)\n", getprogname(),
162 format);
163 #endif
164 }
165
166 } else if (type == GEN_IPADD) {
167 unsigned char *data;
168 int datalen;
169
170 datalen = ASN1_STRING_length(altname->d.iPAddress);
171 data = ASN1_STRING_data(altname->d.iPAddress);
172
173 if (datalen < 0) {
174 tls_set_errorx(ctx,
175 "Unexpected negative length for an "
176 "IP address: %d", datalen);
177 rv = -2;
178 break;
179 }
180
181 /*
182 * Per RFC 5280 section 4.2.1.6:
183 * IPv4 must use 4 octets and IPv6 must use 16 octets.
184 */
185 if (datalen == addrlen &&
186 memcmp(data, &addrbuf, addrlen) == 0) {
187 rv = 0;
188 break;
189 }
190 }
191 }
192
193 sk_GENERAL_NAME_pop_free(altname_stack, GENERAL_NAME_free);
194 return rv;
195 }
196
197 static int
198 tls_check_common_name(struct tls *ctx, X509 *cert, const char *name)
199 {
200 X509_NAME *subject_name;
201 char *common_name = NULL;
202 union tls_addr addrbuf;
203 int common_name_len;
204 int rv = -1;
205
206 subject_name = X509_get_subject_name(cert);
207 if (subject_name == NULL)
208 goto out;
209
210 common_name_len = X509_NAME_get_text_by_NID(subject_name,
211 NID_commonName, NULL, 0);
212 if (common_name_len < 0)
213 goto out;
214
215 common_name = calloc(common_name_len + 1, 1);
216 if (common_name == NULL)
217 goto out;
218
219 X509_NAME_get_text_by_NID(subject_name, NID_commonName, common_name,
220 common_name_len + 1);
221
222 /* NUL bytes in CN? */
223 if (common_name_len < 0 ||
224 (size_t)common_name_len != strlen(common_name)) {
225 tls_set_errorx(ctx, "error verifying name '%s': "
226 "NUL byte in Common Name field, "
227 "probably a malicious certificate", name);
228 rv = -2;
229 goto out;
230 }
231
232 if (inet_pton(AF_INET, name, &addrbuf) == 1 ||
233 inet_pton(AF_INET6, name, &addrbuf) == 1) {
234 /*
235 * We don't want to attempt wildcard matching against IP
236 * addresses, so perform a simple comparison here.
237 */
238 if (strcmp(common_name, name) == 0)
239 rv = 0;
240 else
241 rv = -1;
242 goto out;
243 }
244
245 if (tls_match_name(common_name, name) == 0)
246 rv = 0;
247 out:
248 free(common_name);
249 return rv;
250 }
251
252 int
253 tls_check_name(struct tls *ctx, X509 *cert, const char *name)
254 {
255 int rv;
256
257 rv = tls_check_subject_altname(ctx, cert, name);
258 if (rv == 0 || rv == -2)
259 return rv;
260
261 return tls_check_common_name(ctx, cert, name);
262 }
Unleashed OS