1 /* $OpenBSD: x509_vpm.c,v 1.18 2018/04/06 07:08:20 beck Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
5 /* ====================================================================
6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
34 * 6. Redistributions of any form whatsoever must retain the following
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
62 #include <openssl/buffer.h>
63 #include <openssl/crypto.h>
64 #include <openssl/lhash.h>
65 #include <openssl/stack.h>
66 #include <openssl/x509.h>
67 #include <openssl/x509v3.h>
71 /* X509_VERIFY_PARAM functions */
73 int X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM
*param
, const char *email
,
75 int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM
*param
, const unsigned char *ip
,
87 #define string_stack_free(sk) sk_OPENSSL_STRING_pop_free(sk, str_free)
91 * Post 1.0.1 sk function "deep_copy". For the moment we simply make
92 * these take void * and use them directly without a glorious blob of
93 * obfuscating macros of dubious value in front of them. All this in
94 * preparation for a rototilling of safestack.h (likely inspired by
98 sk_deep_copy(void *sk_void
, void *copy_func_void
, void *free_func_void
)
100 _STACK
*sk
= sk_void
;
101 void *(*copy_func
)(void *) = copy_func_void
;
102 void (*free_func
)(void *) = free_func_void
;
103 _STACK
*ret
= sk_dup(sk
);
109 for (i
= 0; i
< ret
->num
; i
++) {
110 if (ret
->data
[i
] == NULL
)
112 ret
->data
[i
] = copy_func(ret
->data
[i
]);
113 if (ret
->data
[i
] == NULL
) {
115 for (j
= 0; j
< i
; j
++) {
116 if (ret
->data
[j
] != NULL
)
117 free_func(ret
->data
[j
]);
128 x509_param_set_hosts_internal(X509_VERIFY_PARAM_ID
*id
, int mode
,
129 const char *name
, size_t namelen
)
133 if (name
!= NULL
&& namelen
== 0)
134 namelen
= strlen(name
);
136 * Refuse names with embedded NUL bytes.
138 if (name
&& memchr(name
, '\0', namelen
))
141 if (mode
== SET_HOST
&& id
->hosts
) {
142 string_stack_free(id
->hosts
);
145 if (name
== NULL
|| namelen
== 0)
147 copy
= strndup(name
, namelen
);
151 if (id
->hosts
== NULL
&&
152 (id
->hosts
= sk_OPENSSL_STRING_new_null()) == NULL
) {
157 if (!sk_OPENSSL_STRING_push(id
->hosts
, copy
)) {
159 if (sk_OPENSSL_STRING_num(id
->hosts
) == 0) {
160 sk_OPENSSL_STRING_free(id
->hosts
);
170 x509_verify_param_zero(X509_VERIFY_PARAM
*param
)
172 X509_VERIFY_PARAM_ID
*paramid
;
178 /*param->inh_flags = X509_VP_FLAG_DEFAULT;*/
179 param
->inh_flags
= 0;
182 if (param
->policies
) {
183 sk_ASN1_OBJECT_pop_free(param
->policies
, ASN1_OBJECT_free
);
184 param
->policies
= NULL
;
187 if (paramid
->hosts
) {
188 string_stack_free(paramid
->hosts
);
189 paramid
->hosts
= NULL
;
191 free(paramid
->peername
);
192 paramid
->peername
= NULL
;
193 free(paramid
->email
);
194 paramid
->email
= NULL
;
195 paramid
->emaillen
= 0;
199 paramid
->poisoned
= 0;
203 X509_VERIFY_PARAM_new(void)
205 X509_VERIFY_PARAM
*param
;
206 X509_VERIFY_PARAM_ID
*paramid
;
207 param
= calloc(1, sizeof(X509_VERIFY_PARAM
));
210 paramid
= calloc (1, sizeof(X509_VERIFY_PARAM_ID
));
211 if (paramid
== NULL
) {
216 x509_verify_param_zero(param
);
221 X509_VERIFY_PARAM_free(X509_VERIFY_PARAM
*param
)
225 x509_verify_param_zero(param
);
230 /* This function determines how parameters are "inherited" from one structure
231 * to another. There are several different ways this can happen.
233 * 1. If a child structure needs to have its values initialized from a parent
234 * they are simply copied across. For example SSL_CTX copied to SSL.
235 * 2. If the structure should take on values only if they are currently unset.
236 * For example the values in an SSL structure will take appropriate value
237 * for SSL servers or clients but only if the application has not set new
240 * The "inh_flags" field determines how this function behaves.
242 * Normally any values which are set in the default are not copied from the
243 * destination and verify flags are ORed together.
245 * If X509_VP_FLAG_DEFAULT is set then anything set in the source is copied
246 * to the destination. Effectively the values in "to" become default values
247 * which will be used only if nothing new is set in "from".
249 * If X509_VP_FLAG_OVERWRITE is set then all value are copied across whether
250 * they are set or not. Flags is still Ored though.
252 * If X509_VP_FLAG_RESET_FLAGS is set then the flags value is copied instead
255 * If X509_VP_FLAG_LOCKED is set then no values are copied.
257 * If X509_VP_FLAG_ONCE is set then the current inh_flags setting is zeroed
258 * after the next call.
261 /* Macro to test if a field should be copied from src to dest */
263 #define test_x509_verify_param_copy(field, def) \
265 ((src->field != def) && (to_default || (dest->field == def))))
267 /* As above but for ID fields */
269 #define test_x509_verify_param_copy_id(idf, def) \
270 test_x509_verify_param_copy(id->idf, def)
272 /* Macro to test and copy a field if necessary */
274 #define x509_verify_param_copy(field, def) \
275 if (test_x509_verify_param_copy(field, def)) \
276 dest->field = src->field
279 X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM
*dest
, const X509_VERIFY_PARAM
*src
)
281 unsigned long inh_flags
;
282 int to_default
, to_overwrite
;
283 X509_VERIFY_PARAM_ID
*id
;
288 inh_flags
= dest
->inh_flags
| src
->inh_flags
;
290 if (inh_flags
& X509_VP_FLAG_ONCE
)
293 if (inh_flags
& X509_VP_FLAG_LOCKED
)
296 if (inh_flags
& X509_VP_FLAG_DEFAULT
)
301 if (inh_flags
& X509_VP_FLAG_OVERWRITE
)
306 x509_verify_param_copy(purpose
, 0);
307 x509_verify_param_copy(trust
, 0);
308 x509_verify_param_copy(depth
, -1);
310 /* If overwrite or check time not set, copy across */
312 if (to_overwrite
|| !(dest
->flags
& X509_V_FLAG_USE_CHECK_TIME
)) {
313 dest
->check_time
= src
->check_time
;
314 dest
->flags
&= ~X509_V_FLAG_USE_CHECK_TIME
;
315 /* Don't need to copy flag: that is done below */
318 if (inh_flags
& X509_VP_FLAG_RESET_FLAGS
)
321 dest
->flags
|= src
->flags
;
323 if (test_x509_verify_param_copy(policies
, NULL
)) {
324 if (!X509_VERIFY_PARAM_set1_policies(dest
, src
->policies
))
328 /* Copy the host flags if and only if we're copying the host list */
329 if (test_x509_verify_param_copy_id(hosts
, NULL
)) {
330 if (dest
->id
->hosts
) {
331 string_stack_free(dest
->id
->hosts
);
332 dest
->id
->hosts
= NULL
;
336 sk_deep_copy(id
->hosts
, strdup
, str_free
);
337 if (dest
->id
->hosts
== NULL
)
339 dest
->id
->hostflags
= id
->hostflags
;
343 if (test_x509_verify_param_copy_id(email
, NULL
)) {
344 if (!X509_VERIFY_PARAM_set1_email(dest
, id
->email
,
349 if (test_x509_verify_param_copy_id(ip
, NULL
)) {
350 if (!X509_VERIFY_PARAM_set1_ip(dest
, id
->ip
, id
->iplen
))
358 X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM
*to
, const X509_VERIFY_PARAM
*from
)
360 unsigned long save_flags
= to
->inh_flags
;
363 to
->inh_flags
|= X509_VP_FLAG_DEFAULT
;
364 ret
= X509_VERIFY_PARAM_inherit(to
, from
);
365 to
->inh_flags
= save_flags
;
370 x509_param_set1_internal(char **pdest
, size_t *pdestlen
, const char *src
,
371 size_t srclen
, int nonul
)
379 srclen
= strlen(src
);
382 if ((tmp
= strdup(src
)) == NULL
)
385 if (nonul
&& memchr(src
, '\0', srclen
))
387 if ((tmp
= malloc(srclen
)) == NULL
)
389 memcpy(tmp
, src
, srclen
);
401 X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM
*param
, const char *name
)
407 param
->name
= strdup(name
);
414 X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM
*param
, unsigned long flags
)
416 param
->flags
|= flags
;
417 if (flags
& X509_V_FLAG_POLICY_MASK
)
418 param
->flags
|= X509_V_FLAG_POLICY_CHECK
;
423 X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM
*param
, unsigned long flags
)
425 param
->flags
&= ~flags
;
430 X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM
*param
)
436 X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM
*param
, int purpose
)
438 return X509_PURPOSE_set(¶m
->purpose
, purpose
);
442 X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM
*param
, int trust
)
444 return X509_TRUST_set(¶m
->trust
, trust
);
448 X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM
*param
, int depth
)
450 param
->depth
= depth
;
454 X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM
*param
, time_t t
)
456 param
->check_time
= t
;
457 param
->flags
|= X509_V_FLAG_USE_CHECK_TIME
;
461 X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM
*param
, ASN1_OBJECT
*policy
)
463 if (!param
->policies
) {
464 param
->policies
= sk_ASN1_OBJECT_new_null();
465 if (!param
->policies
)
468 if (!sk_ASN1_OBJECT_push(param
->policies
, policy
))
474 X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM
*param
,
475 STACK_OF(ASN1_OBJECT
) *policies
)
478 ASN1_OBJECT
*oid
, *doid
;
483 sk_ASN1_OBJECT_pop_free(param
->policies
, ASN1_OBJECT_free
);
486 param
->policies
= NULL
;
490 param
->policies
= sk_ASN1_OBJECT_new_null();
491 if (!param
->policies
)
494 for (i
= 0; i
< sk_ASN1_OBJECT_num(policies
); i
++) {
495 oid
= sk_ASN1_OBJECT_value(policies
, i
);
499 if (!sk_ASN1_OBJECT_push(param
->policies
, doid
)) {
500 ASN1_OBJECT_free(doid
);
504 param
->flags
|= X509_V_FLAG_POLICY_CHECK
;
509 X509_VERIFY_PARAM_set1_host(X509_VERIFY_PARAM
*param
,
510 const char *name
, size_t namelen
)
512 if (x509_param_set_hosts_internal(param
->id
, SET_HOST
, name
, namelen
))
514 param
->id
->poisoned
= 1;
519 X509_VERIFY_PARAM_add1_host(X509_VERIFY_PARAM
*param
,
520 const char *name
, size_t namelen
)
522 if (x509_param_set_hosts_internal(param
->id
, ADD_HOST
, name
, namelen
))
524 param
->id
->poisoned
= 1;
529 X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM
*param
, unsigned int flags
)
531 param
->id
->hostflags
= flags
;
535 X509_VERIFY_PARAM_get0_peername(X509_VERIFY_PARAM
*param
)
537 return param
->id
->peername
;
541 X509_VERIFY_PARAM_set1_email(X509_VERIFY_PARAM
*param
, const char *email
,
544 if (x509_param_set1_internal(¶m
->id
->email
, ¶m
->id
->emaillen
,
547 param
->id
->poisoned
= 1;
552 X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM
*param
, const unsigned char *ip
,
555 if (iplen
!= 4 && iplen
!= 16)
557 if (x509_param_set1_internal((char **)¶m
->id
->ip
, ¶m
->id
->iplen
,
558 (char *)ip
, iplen
, 0))
561 param
->id
->poisoned
= 1;
566 X509_VERIFY_PARAM_set1_ip_asc(X509_VERIFY_PARAM
*param
, const char *ipasc
)
568 unsigned char ipout
[16];
571 iplen
= (size_t)a2i_ipadd(ipout
, ipasc
);
572 return X509_VERIFY_PARAM_set1_ip(param
, ipout
, iplen
);
576 X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM
*param
)
582 X509_VERIFY_PARAM_get0_name(const X509_VERIFY_PARAM
*param
)
587 static const X509_VERIFY_PARAM_ID _empty_id
= { NULL
};
589 #define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id
592 * Default verify parameters: these are used for various applications and can
593 * be overridden by the user specified table.
596 static const X509_VERIFY_PARAM default_table
[] = {
600 .trust
= 0, /* XXX This is not the default trust value */
605 .purpose
= X509_PURPOSE_SMIME_SIGN
,
606 .trust
= X509_TRUST_EMAIL
,
611 .name
= "smime_sign",
612 .purpose
= X509_PURPOSE_SMIME_SIGN
,
613 .trust
= X509_TRUST_EMAIL
,
618 .name
= "ssl_client",
619 .purpose
= X509_PURPOSE_SSL_CLIENT
,
620 .trust
= X509_TRUST_SSL_CLIENT
,
625 .name
= "ssl_server",
626 .purpose
= X509_PURPOSE_SSL_SERVER
,
627 .trust
= X509_TRUST_SSL_SERVER
,
633 static STACK_OF(X509_VERIFY_PARAM
) *param_table
= NULL
;
636 param_cmp(const X509_VERIFY_PARAM
* const *a
,
637 const X509_VERIFY_PARAM
* const *b
)
639 return strcmp((*a
)->name
, (*b
)->name
);
643 X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM
*param
)
645 X509_VERIFY_PARAM
*ptmp
;
647 param_table
= sk_X509_VERIFY_PARAM_new(param_cmp
);
653 if ((idx
= sk_X509_VERIFY_PARAM_find(param_table
, param
))
655 ptmp
= sk_X509_VERIFY_PARAM_value(param_table
,
657 X509_VERIFY_PARAM_free(ptmp
);
658 (void)sk_X509_VERIFY_PARAM_delete(param_table
,
662 if (!sk_X509_VERIFY_PARAM_push(param_table
, param
))
668 X509_VERIFY_PARAM_get_count(void)
670 int num
= sizeof(default_table
) / sizeof(X509_VERIFY_PARAM
);
672 num
+= sk_X509_VERIFY_PARAM_num(param_table
);
677 X509_VERIFY_PARAM
*X509_VERIFY_PARAM_get0(int id
)
679 int num
= sizeof(default_table
) / sizeof(X509_VERIFY_PARAM
);
681 return default_table
+ id
;
682 return sk_X509_VERIFY_PARAM_value(param_table
, id
- num
);
686 X509_VERIFY_PARAM
*X509_VERIFY_PARAM_lookup(const char *name
)
688 X509_VERIFY_PARAM pm
;
689 unsigned int i
, limit
;
691 pm
.name
= (char *)name
;
694 if ((idx
= sk_X509_VERIFY_PARAM_find(param_table
, &pm
)) != -1)
695 return sk_X509_VERIFY_PARAM_value(param_table
, idx
);
698 limit
= sizeof(default_table
) / sizeof(X509_VERIFY_PARAM
);
699 for (i
= 0; i
< limit
; i
++) {
700 if (strcmp(default_table
[i
].name
, name
) == 0) {
701 return &default_table
[i
];
708 X509_VERIFY_PARAM_table_cleanup(void)
711 sk_X509_VERIFY_PARAM_pop_free(param_table
,
712 X509_VERIFY_PARAM_free
);