Coverage Report

Created: 2020-05-23 13:54

/src/botan/src/lib/x509/x509cert.cpp
Line
Count
Source (jump to first uncovered line)
1
/*
2
* X.509 Certificates
3
* (C) 1999-2010,2015,2017 Jack Lloyd
4
* (C) 2016 René Korthaus, Rohde & Schwarz Cybersecurity
5
*
6
* Botan is released under the Simplified BSD License (see license.txt)
7
*/
8
9
#include <botan/x509cert.h>
10
#include <botan/datastor.h>
11
#include <botan/pk_keys.h>
12
#include <botan/x509_ext.h>
13
#include <botan/ber_dec.h>
14
#include <botan/parsing.h>
15
#include <botan/bigint.h>
16
#include <botan/oids.h>
17
#include <botan/hash.h>
18
#include <botan/hex.h>
19
#include <algorithm>
20
#include <sstream>
21
22
namespace Botan {
23
24
struct X509_Certificate_Data
25
   {
26
   std::vector<uint8_t> m_serial;
27
   AlgorithmIdentifier m_sig_algo_inner;
28
   X509_DN m_issuer_dn;
29
   X509_DN m_subject_dn;
30
   std::vector<uint8_t> m_issuer_dn_bits;
31
   std::vector<uint8_t> m_subject_dn_bits;
32
   X509_Time m_not_before;
33
   X509_Time m_not_after;
34
   std::vector<uint8_t> m_subject_public_key_bits;
35
   std::vector<uint8_t> m_subject_public_key_bits_seq;
36
   std::vector<uint8_t> m_subject_public_key_bitstring;
37
   std::vector<uint8_t> m_subject_public_key_bitstring_sha1;
38
   AlgorithmIdentifier m_subject_public_key_algid;
39
40
   std::vector<uint8_t> m_v2_issuer_key_id;
41
   std::vector<uint8_t> m_v2_subject_key_id;
42
   Extensions m_v3_extensions;
43
44
   std::vector<OID> m_extended_key_usage;
45
   std::vector<uint8_t> m_authority_key_id;
46
   std::vector<uint8_t> m_subject_key_id;
47
   std::vector<OID> m_cert_policies;
48
49
   std::vector<std::string> m_crl_distribution_points;
50
   std::string m_ocsp_responder;
51
   std::vector<std::string> m_ca_issuers;
52
53
   std::vector<uint8_t> m_issuer_dn_bits_sha256;
54
   std::vector<uint8_t> m_subject_dn_bits_sha256;
55
56
   std::string m_fingerprint_sha1;
57
   std::string m_fingerprint_sha256;
58
59
   AlternativeName m_subject_alt_name;
60
   AlternativeName m_issuer_alt_name;
61
   NameConstraints m_name_constraints;
62
63
   Data_Store m_subject_ds;
64
   Data_Store m_issuer_ds;
65
66
   size_t m_version = 0;
67
   size_t m_path_len_constraint = 0;
68
   Key_Constraints m_key_constraints = NO_CONSTRAINTS;
69
   bool m_self_signed = false;
70
   bool m_is_ca_certificate = false;
71
   bool m_serial_negative = false;
72
   };
73
74
std::string X509_Certificate::PEM_label() const
75
8.91k
   {
76
8.91k
   return "CERTIFICATE";
77
8.91k
   }
78
79
std::vector<std::string> X509_Certificate::alternate_PEM_labels() const
80
111
   {
81
111
   return { "X509 CERTIFICATE" };
82
111
   }
83
84
X509_Certificate::X509_Certificate(DataSource& src)
85
13.2k
   {
86
13.2k
   load_data(src);
87
13.2k
   }
88
89
X509_Certificate::X509_Certificate(const std::vector<uint8_t>& vec)
90
0
   {
91
0
   DataSource_Memory src(vec.data(), vec.size());
92
0
   load_data(src);
93
0
   }
94
95
X509_Certificate::X509_Certificate(const uint8_t data[], size_t len)
96
1.19k
   {
97
1.19k
   DataSource_Memory src(data, len);
98
1.19k
   load_data(src);
99
1.19k
   }
100
101
#if defined(BOTAN_TARGET_OS_HAS_FILESYSTEM)
102
X509_Certificate::X509_Certificate(const std::string& fsname)
103
0
   {
104
0
   DataSource_Stream src(fsname, true);
105
0
   load_data(src);
106
0
   }
107
#endif
108
109
namespace {
110
111
std::unique_ptr<X509_Certificate_Data> parse_x509_cert_body(const X509_Object& obj)
112
12.3k
   {
113
12.3k
   std::unique_ptr<X509_Certificate_Data> data(new X509_Certificate_Data);
114
12.3k
115
12.3k
   BigInt serial_bn;
116
12.3k
   BER_Object public_key;
117
12.3k
   BER_Object v3_exts_data;
118
12.3k
119
12.3k
   BER_Decoder(obj.signed_body())
120
12.3k
      .decode_optional(data->m_version, ASN1_Tag(0), ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC))
121
12.3k
      .decode(serial_bn)
122
12.3k
      .decode(data->m_sig_algo_inner)
123
12.3k
      .decode(data->m_issuer_dn)
124
12.3k
      .start_cons(SEQUENCE)
125
12.3k
         .decode(data->m_not_before)
126
12.3k
         .decode(data->m_not_after)
127
12.3k
      .end_cons()
128
12.3k
      .decode(data->m_subject_dn)
129
12.3k
      .get_next(public_key)
130
12.3k
      .decode_optional_string(data->m_v2_issuer_key_id, BIT_STRING, 1)
131
12.3k
      .decode_optional_string(data->m_v2_subject_key_id, BIT_STRING, 2)
132
12.3k
      .get_next(v3_exts_data)
133
12.3k
      .verify_end("TBSCertificate has extra data after extensions block");
134
12.3k
135
12.3k
   if(data->m_version > 2)
136
7
      throw Decoding_Error("Unknown X.509 cert version " + std::to_string(data->m_version));
137
12.3k
   if(obj.signature_algorithm() != data->m_sig_algo_inner)
138
90
      throw Decoding_Error("X.509 Certificate had differing algorithm identifers in inner and outer ID fields");
139
12.2k
140
12.2k
   public_key.assert_is_a(SEQUENCE, CONSTRUCTED, "X.509 certificate public key");
141
12.2k
142
12.2k
   // crude method to save the serial's sign; will get lost during decoding, otherwise
143
12.2k
   data->m_serial_negative = serial_bn.is_negative();
144
12.2k
145
12.2k
   // for general sanity convert wire version (0 based) to standards version (v1 .. v3)
146
12.2k
   data->m_version += 1;
147
12.2k
148
12.2k
   data->m_serial = BigInt::encode(serial_bn);
149
12.2k
   data->m_subject_dn_bits = ASN1::put_in_sequence(data->m_subject_dn.get_bits());
150
12.2k
   data->m_issuer_dn_bits = ASN1::put_in_sequence(data->m_issuer_dn.get_bits());
151
12.2k
152
12.2k
   // validate_public_key_params(public_key.value);
153
12.2k
   AlgorithmIdentifier public_key_alg_id;
154
12.2k
   BER_Decoder(public_key).decode(public_key_alg_id).discard_remaining();
155
12.2k
156
12.2k
   const std::vector<std::string> public_key_info =
157
12.2k
      split_on(OIDS::oid2str_or_empty(public_key_alg_id.get_oid()), '/');
158
12.2k
159
12.2k
   if(!public_key_info.empty() && public_key_info[0] == "RSA")
160
6.35k
      {
161
6.35k
      // RFC4055: If PublicKeyAlgo = PSS or OAEP: limit the use of the public key exclusively to either RSASSA - PSS or RSAES - OAEP
162
6.35k
      if(public_key_info.size() >= 2)
163
467
         {
164
467
         if(public_key_info[1] == "EMSA4")
165
8
            {
166
8
            /*
167
8
            When the RSA private key owner wishes to limit the use of the public
168
8
            key exclusively to RSASSA-PSS, then the id-RSASSA-PSS object
169
8
            identifier MUST be used in the algorithm field within the subject
170
8
            public key information, and, if present, the parameters field MUST
171
8
            contain RSASSA-PSS-params.
172
8
173
8
            All parameters in the signature structure algorithm identifier MUST
174
8
            match the parameters in the key structure algorithm identifier
175
8
            except the saltLength field. The saltLength field in the signature parameters
176
8
            MUST be greater or equal to that in the key parameters field.
177
8
178
8
            ToDo: Allow salt length to be greater
179
8
            */
180
8
            if(public_key_alg_id != obj.signature_algorithm())
181
3
               {
182
3
               throw Decoding_Error("Algorithm identifier mismatch");
183
3
               }
184
5.89k
            }
185
5.89k
         }
186
5.89k
      else
187
5.89k
         {
188
5.89k
         // oid = rsaEncryption -> parameters field MUST contain NULL
189
5.89k
         if(public_key_alg_id != AlgorithmIdentifier(public_key_alg_id.get_oid(), AlgorithmIdentifier::USE_NULL_PARAM))
190
36
            {
191
36
            throw Decoding_Error("RSA algorithm parameters field MUST contain NULL");
192
36
            }
193
12.2k
         }
194
6.35k
      }
195
12.2k
196
12.2k
   data->m_subject_public_key_bits.assign(public_key.bits(), public_key.bits() + public_key.length());
197
12.2k
198
12.2k
   data->m_subject_public_key_bits_seq = ASN1::put_in_sequence(data->m_subject_public_key_bits);
199
12.2k
200
12.2k
   BER_Decoder(data->m_subject_public_key_bits)
201
12.2k
      .decode(data->m_subject_public_key_algid)
202
12.2k
      .decode(data->m_subject_public_key_bitstring, BIT_STRING);
203
12.2k
204
12.2k
   if(v3_exts_data.is_a(3, ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC)))
205
4.02k
      {
206
4.02k
      // Path validation will reject a v1/v2 cert with v3 extensions
207
4.02k
      BER_Decoder(v3_exts_data).decode(data->m_v3_extensions).verify_end();
208
4.02k
      }
209
8.23k
   else if(v3_exts_data.is_set())
210
8
      {
211
8
      throw BER_Bad_Tag("Unknown tag in X.509 cert", v3_exts_data.tagging());
212
8
      }
213
12.2k
214
12.2k
   // Now cache some fields from the extensions
215
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Key_Usage>())
216
119
      {
217
119
      data->m_key_constraints = ext->get_constraints();
218
119
      }
219
12.1k
   else
220
12.1k
      {
221
12.1k
      data->m_key_constraints = NO_CONSTRAINTS;
222
12.1k
      }
223
12.2k
224
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Subject_Key_ID>())
225
452
      {
226
452
      data->m_subject_key_id = ext->get_key_id();
227
452
      }
228
12.2k
229
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Authority_Key_ID>())
230
489
      {
231
489
      data->m_authority_key_id = ext->get_key_id();
232
489
      }
233
12.2k
234
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Name_Constraints>())
235
65
      {
236
65
      data->m_name_constraints = ext->get_name_constraints();
237
65
      }
238
12.2k
239
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Basic_Constraints>())
240
233
      {
241
233
      if(ext->get_is_ca() == true)
242
83
         {
243
83
         if(data->m_key_constraints == NO_CONSTRAINTS ||
244
83
            (data->m_key_constraints & KEY_CERT_SIGN))
245
67
            {
246
67
            data->m_is_ca_certificate = true;
247
67
            data->m_path_len_constraint = ext->get_path_limit();
248
67
            }
249
83
         }
250
233
      }
251
12.2k
252
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Issuer_Alternative_Name>())
253
171
      {
254
171
      data->m_issuer_alt_name = ext->get_alt_name();
255
171
      }
256
12.2k
257
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Subject_Alternative_Name>())
258
299
      {
259
299
      data->m_subject_alt_name = ext->get_alt_name();
260
299
      }
261
12.2k
262
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Extended_Key_Usage>())
263
149
      {
264
149
      data->m_extended_key_usage = ext->get_oids();
265
149
      }
266
12.2k
267
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Certificate_Policies>())
268
97
      {
269
97
      data->m_cert_policies = ext->get_policy_oids();
270
97
      }
271
12.2k
272
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::Authority_Information_Access>())
273
52
      {
274
52
      data->m_ocsp_responder = ext->ocsp_responder();
275
52
      data->m_ca_issuers = ext->ca_issuers();
276
52
      }
277
12.2k
278
12.2k
   if(auto ext = data->m_v3_extensions.get_extension_object_as<Cert_Extension::CRL_Distribution_Points>())
279
74
      {
280
74
      data->m_crl_distribution_points = ext->crl_distribution_urls();
281
74
      }
282
12.2k
283
12.2k
   // Check for self-signed vs self-issued certificates
284
12.2k
   if(data->m_subject_dn == data->m_issuer_dn)
285
7.99k
      {
286
7.99k
      if(data->m_subject_key_id.empty() == false && data->m_authority_key_id.empty() == false)
287
99
         {
288
99
         data->m_self_signed = (data->m_subject_key_id == data->m_authority_key_id);
289
99
         }
290
7.89k
      else
291
7.89k
         {
292
7.89k
         /*
293
7.89k
         If a parse error or unknown algorithm is encountered, default
294
7.89k
         to assuming it is self signed. We have no way of being certain but
295
7.89k
         that is usually the default case (self-issued is rare in practice).
296
7.89k
         */
297
7.89k
         data->m_self_signed = true;
298
7.89k
299
7.89k
         try
300
7.89k
            {
301
7.89k
            std::unique_ptr<Public_Key> pub_key(X509::load_key(data->m_subject_public_key_bits_seq));
302
7.89k
303
7.89k
            Certificate_Status_Code sig_status = obj.verify_signature(*pub_key);
304
7.89k
305
7.89k
            if(sig_status == Certificate_Status_Code::OK ||
306
7.89k
               sig_status == Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN)
307
4.95k
               {
308
4.95k
               data->m_self_signed = true;
309
4.95k
               }
310
2.93k
            else
311
2.93k
               {
312
2.93k
               data->m_self_signed = false;
313
2.93k
               }
314
7.89k
            }
315
7.89k
         catch(...)
316
7.89k
            {
317
1.10k
            // ignore errors here to allow parsing to continue
318
1.10k
            }
319
7.89k
         }
320
7.99k
      }
321
12.2k
322
12.2k
   const std::vector<uint8_t> full_encoding = obj.BER_encode();
323
12.2k
324
12.2k
   std::unique_ptr<HashFunction> sha1(HashFunction::create("SHA-1"));
325
12.2k
   if(sha1)
326
10.2k
      {
327
10.2k
      sha1->update(data->m_subject_public_key_bitstring);
328
10.2k
      data->m_subject_public_key_bitstring_sha1 = sha1->final_stdvec();
329
10.2k
      // otherwise left as empty, and we will throw if subject_public_key_bitstring_sha1 is called
330
10.2k
331
10.2k
      data->m_fingerprint_sha1 = create_hex_fingerprint(full_encoding, "SHA-1");
332
10.2k
      }
333
12.2k
334
12.2k
   std::unique_ptr<HashFunction> sha256(HashFunction::create("SHA-256"));
335
12.2k
   if(sha256)
336
10.2k
      {
337
10.2k
      sha256->update(data->m_issuer_dn_bits);
338
10.2k
      data->m_issuer_dn_bits_sha256 = sha256->final_stdvec();
339
10.2k
340
10.2k
      sha256->update(data->m_subject_dn_bits);
341
10.2k
      data->m_subject_dn_bits_sha256 = sha256->final_stdvec();
342
10.2k
343
10.2k
      data->m_fingerprint_sha256 = create_hex_fingerprint(full_encoding, "SHA-256");
344
10.2k
      }
345
12.2k
346
12.2k
   data->m_subject_ds.add(data->m_subject_dn.contents());
347
12.2k
   data->m_issuer_ds.add(data->m_issuer_dn.contents());
348
12.2k
   data->m_v3_extensions.contents_to(data->m_subject_ds, data->m_issuer_ds);
349
12.2k
350
12.2k
   return data;
351
12.2k
   }
352
353
}
354
355
/*
356
* Decode the TBSCertificate data
357
*/
358
void X509_Certificate::force_decode()
359
12.3k
   {
360
12.3k
   m_data.reset();
361
12.3k
362
12.3k
   std::unique_ptr<X509_Certificate_Data> data = parse_x509_cert_body(*this);
363
12.3k
364
12.3k
   m_data.reset(data.release());
365
12.3k
   }
366
367
const X509_Certificate_Data& X509_Certificate::data() const
368
38.8k
   {
369
38.8k
   if(m_data == nullptr)
370
0
      {
371
0
      throw Invalid_State("X509_Certificate uninitialized");
372
0
      }
373
38.8k
   return *m_data.get();
374
38.8k
   }
375
376
uint32_t X509_Certificate::x509_version() const
377
0
   {
378
0
   return static_cast<uint32_t>(data().m_version);
379
0
   }
380
381
bool X509_Certificate::is_self_signed() const
382
3.46k
   {
383
3.46k
   return data().m_self_signed;
384
3.46k
   }
385
386
const X509_Time& X509_Certificate::not_before() const
387
0
   {
388
0
   return data().m_not_before;
389
0
   }
390
391
const X509_Time& X509_Certificate::not_after() const
392
0
   {
393
0
   return data().m_not_after;
394
0
   }
395
396
const AlgorithmIdentifier& X509_Certificate::subject_public_key_algo() const
397
0
   {
398
0
   return data().m_subject_public_key_algid;
399
0
   }
400
401
const std::vector<uint8_t>& X509_Certificate::v2_issuer_key_id() const
402
0
   {
403
0
   return data().m_v2_issuer_key_id;
404
0
   }
405
406
const std::vector<uint8_t>& X509_Certificate::v2_subject_key_id() const
407
0
   {
408
0
   return data().m_v2_subject_key_id;
409
0
   }
410
411
const std::vector<uint8_t>& X509_Certificate::subject_public_key_bits() const
412
0
   {
413
0
   return data().m_subject_public_key_bits;
414
0
   }
415
416
const std::vector<uint8_t>& X509_Certificate::subject_public_key_info() const
417
1.38k
   {
418
1.38k
   return data().m_subject_public_key_bits_seq;
419
1.38k
   }
420
421
const std::vector<uint8_t>& X509_Certificate::subject_public_key_bitstring() const
422
0
   {
423
0
   return data().m_subject_public_key_bitstring;
424
0
   }
425
426
const std::vector<uint8_t>& X509_Certificate::subject_public_key_bitstring_sha1() const
427
0
   {
428
0
   if(data().m_subject_public_key_bitstring_sha1.empty())
429
0
      throw Encoding_Error("X509_Certificate::subject_public_key_bitstring_sha1 called but SHA-1 disabled in build");
430
0
431
0
   return data().m_subject_public_key_bitstring_sha1;
432
0
   }
433
434
const std::vector<uint8_t>& X509_Certificate::authority_key_id() const
435
2.73k
   {
436
2.73k
   return data().m_authority_key_id;
437
2.73k
   }
438
439
const std::vector<uint8_t>& X509_Certificate::subject_key_id() const
440
4.46k
   {
441
4.46k
   return data().m_subject_key_id;
442
4.46k
   }
443
444
const std::vector<uint8_t>& X509_Certificate::serial_number() const
445
0
   {
446
0
   return data().m_serial;
447
0
   }
448
449
bool X509_Certificate::is_serial_negative() const
450
0
   {
451
0
   return data().m_serial_negative;
452
0
   }
453
454
455
const X509_DN& X509_Certificate::issuer_dn() const
456
2.73k
   {
457
2.73k
   return data().m_issuer_dn;
458
2.73k
   }
459
460
const X509_DN& X509_Certificate::subject_dn() const
461
7.62k
   {
462
7.62k
   return data().m_subject_dn;
463
7.62k
   }
464
465
const std::vector<uint8_t>& X509_Certificate::raw_issuer_dn() const
466
0
   {
467
0
   return data().m_issuer_dn_bits;
468
0
   }
469
470
const std::vector<uint8_t>& X509_Certificate::raw_subject_dn() const
471
0
   {
472
0
   return data().m_subject_dn_bits;
473
0
   }
474
475
bool X509_Certificate::is_CA_cert() const
476
0
   {
477
0
   if(data().m_version < 3 && data().m_self_signed)
478
0
      return true;
479
0
480
0
   return data().m_is_ca_certificate;
481
0
   }
482
483
uint32_t X509_Certificate::path_limit() const
484
0
   {
485
0
   if(data().m_version < 3 && data().m_self_signed)
486
0
      return 32; // in theory infinite, but this is more than enough
487
0
488
0
   return static_cast<uint32_t>(data().m_path_len_constraint);
489
0
   }
490
491
Key_Constraints X509_Certificate::constraints() const
492
0
   {
493
0
   return data().m_key_constraints;
494
0
   }
495
496
const std::vector<OID>& X509_Certificate::extended_key_usage() const
497
0
   {
498
0
   return data().m_extended_key_usage;
499
0
   }
500
501
const std::vector<OID>& X509_Certificate::certificate_policy_oids() const
502
0
   {
503
0
   return data().m_cert_policies;
504
0
   }
505
506
const NameConstraints& X509_Certificate::name_constraints() const
507
0
   {
508
0
   return data().m_name_constraints;
509
0
   }
510
511
const Extensions& X509_Certificate::v3_extensions() const
512
0
   {
513
0
   return data().m_v3_extensions;
514
0
   }
515
516
bool X509_Certificate::allowed_usage(Key_Constraints usage) const
517
0
   {
518
0
   if(constraints() == NO_CONSTRAINTS)
519
0
      return true;
520
0
   return ((constraints() & usage) == usage);
521
0
   }
522
523
bool X509_Certificate::allowed_extended_usage(const std::string& usage) const
524
0
   {
525
0
   return allowed_extended_usage(OID::from_string(usage));
526
0
   }
527
528
bool X509_Certificate::allowed_extended_usage(const OID& usage) const
529
0
   {
530
0
   const std::vector<OID>& ex = extended_key_usage();
531
0
   if(ex.empty())
532
0
      return true;
533
0
534
0
   if(std::find(ex.begin(), ex.end(), usage) != ex.end())
535
0
      return true;
536
0
537
0
   return false;
538
0
   }
539
540
bool X509_Certificate::allowed_usage(Usage_Type usage) const
541
0
   {
542
0
   // These follow suggestions in RFC 5280 4.2.1.12
543
0
544
0
   switch(usage)
545
0
      {
546
0
      case Usage_Type::UNSPECIFIED:
547
0
         return true;
548
0
549
0
      case Usage_Type::TLS_SERVER_AUTH:
550
0
         return (allowed_usage(KEY_AGREEMENT) || allowed_usage(KEY_ENCIPHERMENT) || allowed_usage(DIGITAL_SIGNATURE)) && allowed_extended_usage("PKIX.ServerAuth");
551
0
552
0
      case Usage_Type::TLS_CLIENT_AUTH:
553
0
         return (allowed_usage(DIGITAL_SIGNATURE) || allowed_usage(KEY_AGREEMENT)) && allowed_extended_usage("PKIX.ClientAuth");
554
0
555
0
      case Usage_Type::OCSP_RESPONDER:
556
0
         return (allowed_usage(DIGITAL_SIGNATURE) || allowed_usage(NON_REPUDIATION)) && allowed_extended_usage("PKIX.OCSPSigning");
557
0
558
0
      case Usage_Type::CERTIFICATE_AUTHORITY:
559
0
         return is_CA_cert();
560
0
561
0
      case Usage_Type::ENCRYPTION:
562
0
         return (allowed_usage(KEY_ENCIPHERMENT) || allowed_usage(DATA_ENCIPHERMENT));
563
0
      }
564
0
565
0
   return false;
566
0
   }
567
568
bool X509_Certificate::has_constraints(Key_Constraints constraints) const
569
0
   {
570
0
   if(this->constraints() == NO_CONSTRAINTS)
571
0
      {
572
0
      return false;
573
0
      }
574
0
575
0
   return ((this->constraints() & constraints) != 0);
576
0
   }
577
578
bool X509_Certificate::has_ex_constraint(const std::string& ex_constraint) const
579
0
   {
580
0
   return has_ex_constraint(OID::from_string(ex_constraint));
581
0
   }
582
583
bool X509_Certificate::has_ex_constraint(const OID& usage) const
584
0
   {
585
0
   const std::vector<OID>& ex = extended_key_usage();
586
0
   return (std::find(ex.begin(), ex.end(), usage) != ex.end());
587
0
   }
588
589
/*
590
* Return if a certificate extension is marked critical
591
*/
592
bool X509_Certificate::is_critical(const std::string& ex_name) const
593
0
   {
594
0
   return v3_extensions().critical_extension_set(OID::from_string(ex_name));
595
0
   }
596
597
std::string X509_Certificate::ocsp_responder() const
598
0
   {
599
0
   return data().m_ocsp_responder;
600
0
   }
601
602
std::vector<std::string> X509_Certificate::ca_issuers() const
603
0
   {
604
0
   return data().m_ca_issuers;
605
0
   }
606
607
std::string X509_Certificate::crl_distribution_point() const
608
0
   {
609
0
   // just returns the first (arbitrarily)
610
0
   if(data().m_crl_distribution_points.size() > 0)
611
0
      return data().m_crl_distribution_points[0];
612
0
   return "";
613
0
   }
614
615
const AlternativeName& X509_Certificate::subject_alt_name() const
616
0
   {
617
0
   return data().m_subject_alt_name;
618
0
   }
619
620
const AlternativeName& X509_Certificate::issuer_alt_name() const
621
0
   {
622
0
   return data().m_issuer_alt_name;
623
0
   }
624
625
/*
626
* Return information about the subject
627
*/
628
std::vector<std::string>
629
X509_Certificate::subject_info(const std::string& req) const
630
0
   {
631
0
   if(req == "Email")
632
0
      return this->subject_info("RFC822");
633
0
634
0
   if(subject_dn().has_field(req))
635
0
      return subject_dn().get_attribute(req);
636
0
637
0
   if(subject_alt_name().has_field(req))
638
0
      return subject_alt_name().get_attribute(req);
639
0
640
0
   // These will be removed later:
641
0
   if(req == "X509.Certificate.v2.key_id")
642
0
      return {hex_encode(this->v2_subject_key_id())};
643
0
   if(req == "X509v3.SubjectKeyIdentifier")
644
0
      return {hex_encode(this->subject_key_id())};
645
0
   if(req == "X509.Certificate.dn_bits")
646
0
      return {hex_encode(this->raw_subject_dn())};
647
0
   if(req == "X509.Certificate.start")
648
0
      return {not_before().to_string()};
649
0
   if(req == "X509.Certificate.end")
650
0
      return {not_after().to_string()};
651
0
652
0
   if(req == "X509.Certificate.version")
653
0
      return {std::to_string(x509_version())};
654
0
   if(req == "X509.Certificate.serial")
655
0
      return {hex_encode(serial_number())};
656
0
657
0
   return data().m_subject_ds.get(req);
658
0
   }
659
660
/*
661
* Return information about the issuer
662
*/
663
std::vector<std::string>
664
X509_Certificate::issuer_info(const std::string& req) const
665
0
   {
666
0
   if(issuer_dn().has_field(req))
667
0
      return issuer_dn().get_attribute(req);
668
0
669
0
   if(issuer_alt_name().has_field(req))
670
0
      return issuer_alt_name().get_attribute(req);
671
0
672
0
   // These will be removed later:
673
0
   if(req == "X509.Certificate.v2.key_id")
674
0
      return {hex_encode(this->v2_issuer_key_id())};
675
0
   if(req == "X509v3.AuthorityKeyIdentifier")
676
0
      return {hex_encode(this->authority_key_id())};
677
0
   if(req == "X509.Certificate.dn_bits")
678
0
      return {hex_encode(this->raw_issuer_dn())};
679
0
680
0
   return data().m_issuer_ds.get(req);
681
0
   }
682
683
/*
684
* Return the public key in this certificate
685
*/
686
std::unique_ptr<Public_Key> X509_Certificate::load_subject_public_key() const
687
1.38k
   {
688
1.38k
   try
689
1.38k
      {
690
1.38k
      return std::unique_ptr<Public_Key>(X509::load_key(subject_public_key_info()));
691
1.38k
      }
692
559
   catch(std::exception& e)
693
559
      {
694
559
      throw Decoding_Error("X509_Certificate::load_subject_public_key", e);
695
559
      }
696
1.38k
   }
697
698
std::vector<uint8_t> X509_Certificate::raw_issuer_dn_sha256() const
699
0
   {
700
0
   if(data().m_issuer_dn_bits_sha256.empty())
701
0
      throw Encoding_Error("X509_Certificate::raw_issuer_dn_sha256 called but SHA-256 disabled in build");
702
0
   return data().m_issuer_dn_bits_sha256;
703
0
   }
704
705
std::vector<uint8_t> X509_Certificate::raw_subject_dn_sha256() const
706
0
   {
707
0
   if(data().m_subject_dn_bits_sha256.empty())
708
0
      throw Encoding_Error("X509_Certificate::raw_subject_dn_sha256 called but SHA-256 disabled in build");
709
0
   return data().m_subject_dn_bits_sha256;
710
0
   }
711
712
namespace {
713
714
/*
715
* Lookup each OID in the vector
716
*/
717
std::vector<std::string> lookup_oids(const std::vector<OID>& oids)
718
0
   {
719
0
   std::vector<std::string> out;
720
0
721
0
   for(const OID& oid : oids)
722
0
      {
723
0
      out.push_back(oid.to_formatted_string());
724
0
      }
725
0
   return out;
726
0
   }
727
728
}
729
730
/*
731
* Return the list of extended key usage OIDs
732
*/
733
std::vector<std::string> X509_Certificate::ex_constraints() const
734
0
   {
735
0
   return lookup_oids(extended_key_usage());
736
0
   }
737
738
/*
739
* Return the list of certificate policies
740
*/
741
std::vector<std::string> X509_Certificate::policies() const
742
0
   {
743
0
   return lookup_oids(certificate_policy_oids());
744
0
   }
745
746
std::string X509_Certificate::fingerprint(const std::string& hash_name) const
747
8.20k
   {
748
8.20k
   /*
749
8.20k
   * The SHA-1 and SHA-256 fingerprints are precomputed since these
750
8.20k
   * are the most commonly used. Especially, SHA-256 fingerprints are
751
8.20k
   * used for cycle detection during path construction.
752
8.20k
   *
753
8.20k
   * If SHA-1 or SHA-256 was missing at parsing time the vectors are
754
8.20k
   * left empty in which case we fall back to create_hex_fingerprint
755
8.20k
   * which will throw if the hash is unavailable.
756
8.20k
   */
757
8.20k
   if(hash_name == "SHA-256" && data().m_fingerprint_sha256.size() > 0)
758
8.20k
      return data().m_fingerprint_sha256;
759
0
   else if(hash_name == "SHA-1" && data().m_fingerprint_sha1.size() > 0)
760
0
      return data().m_fingerprint_sha1;
761
0
   else
762
0
      return create_hex_fingerprint(this->BER_encode(), hash_name);
763
8.20k
   }
764
765
bool X509_Certificate::matches_dns_name(const std::string& name) const
766
0
   {
767
0
   if(name.empty())
768
0
      return false;
769
0
770
0
   std::vector<std::string> issued_names = subject_info("DNS");
771
0
772
0
   // Fall back to CN only if no DNS names are set (RFC 6125 sec 6.4.4)
773
0
   if(issued_names.empty())
774
0
      issued_names = subject_info("Name");
775
0
776
0
   for(size_t i = 0; i != issued_names.size(); ++i)
777
0
      {
778
0
      if(host_wildcard_match(issued_names[i], name))
779
0
         return true;
780
0
      }
781
0
782
0
   return false;
783
0
   }
784
785
/*
786
* Compare two certificates for equality
787
*/
788
bool X509_Certificate::operator==(const X509_Certificate& other) const
789
853
   {
790
853
   return (this->signature() == other.signature() &&
791
853
           this->signature_algorithm() == other.signature_algorithm() &&
792
853
           this->signed_body() == other.signed_body());
793
853
   }
794
795
bool X509_Certificate::operator<(const X509_Certificate& other) const
796
0
   {
797
0
   /* If signature values are not equal, sort by lexicographic ordering of that */
798
0
   if(this->signature() != other.signature())
799
0
      {
800
0
      return (this->signature() < other.signature());
801
0
      }
802
0
803
0
   // Then compare the signed contents
804
0
   return this->signed_body() < other.signed_body();
805
0
   }
806
807
/*
808
* X.509 Certificate Comparison
809
*/
810
bool operator!=(const X509_Certificate& cert1, const X509_Certificate& cert2)
811
0
   {
812
0
   return !(cert1 == cert2);
813
0
   }
814
815
std::string X509_Certificate::to_string() const
816
0
   {
817
0
   std::ostringstream out;
818
0
819
0
   out << "Version: " << this->x509_version() << "\n";
820
0
   out << "Subject: " << subject_dn() << "\n";
821
0
   out << "Issuer: " << issuer_dn() << "\n";
822
0
   out << "Issued: " << this->not_before().readable_string() << "\n";
823
0
   out << "Expires: " << this->not_after().readable_string() << "\n";
824
0
825
0
   out << "Constraints:\n";
826
0
   Key_Constraints constraints = this->constraints();
827
0
   if(constraints == NO_CONSTRAINTS)
828
0
      out << " None\n";
829
0
   else
830
0
      {
831
0
      if(constraints & DIGITAL_SIGNATURE)
832
0
         out << "   Digital Signature\n";
833
0
      if(constraints & NON_REPUDIATION)
834
0
         out << "   Non-Repudiation\n";
835
0
      if(constraints & KEY_ENCIPHERMENT)
836
0
         out << "   Key Encipherment\n";
837
0
      if(constraints & DATA_ENCIPHERMENT)
838
0
         out << "   Data Encipherment\n";
839
0
      if(constraints & KEY_AGREEMENT)
840
0
         out << "   Key Agreement\n";
841
0
      if(constraints & KEY_CERT_SIGN)
842
0
         out << "   Cert Sign\n";
843
0
      if(constraints & CRL_SIGN)
844
0
         out << "   CRL Sign\n";
845
0
      if(constraints & ENCIPHER_ONLY)
846
0
         out << "   Encipher Only\n";
847
0
      if(constraints & DECIPHER_ONLY)
848
0
         out << "   Decipher Only\n";
849
0
      }
850
0
851
0
   const std::vector<OID>& policies = this->certificate_policy_oids();
852
0
   if(!policies.empty())
853
0
      {
854
0
      out << "Policies: " << "\n";
855
0
      for(auto oid : policies)
856
0
         out << "   " << oid.to_string() << "\n";
857
0
      }
858
0
859
0
   const std::vector<OID>& ex_constraints = this->extended_key_usage();
860
0
   if(!ex_constraints.empty())
861
0
      {
862
0
      out << "Extended Constraints:\n";
863
0
      for(auto&& oid : ex_constraints)
864
0
         {
865
0
         out << "   " << oid.to_formatted_string() << "\n";
866
0
         }
867
0
      }
868
0
869
0
   const NameConstraints& name_constraints = this->name_constraints();
870
0
871
0
   if(!name_constraints.permitted().empty() || !name_constraints.excluded().empty())
872
0
      {
873
0
      out << "Name Constraints:\n";
874
0
875
0
      if(!name_constraints.permitted().empty())
876
0
         {
877
0
         out << "   Permit";
878
0
         for(auto st: name_constraints.permitted())
879
0
            {
880
0
            out << " " << st.base();
881
0
            }
882
0
         out << "\n";
883
0
         }
884
0
885
0
      if(!name_constraints.excluded().empty())
886
0
         {
887
0
         out << "   Exclude";
888
0
         for(auto st: name_constraints.excluded())
889
0
            {
890
0
            out << " " << st.base();
891
0
            }
892
0
         out << "\n";
893
0
         }
894
0
      }
895
0
896
0
   if(!ocsp_responder().empty())
897
0
      out << "OCSP responder " << ocsp_responder() << "\n";
898
0
899
0
   const std::vector<std::string> ca_issuers = this->ca_issuers();
900
0
   if(!ca_issuers.empty())
901
0
      {
902
0
      out << "CA Issuers:\n";
903
0
      for(size_t i = 0; i != ca_issuers.size(); i++)
904
0
         out << "   URI: " << ca_issuers[i] << "\n";
905
0
      }
906
0
907
0
   if(!crl_distribution_point().empty())
908
0
      out << "CRL " << crl_distribution_point() << "\n";
909
0
910
0
   out << "Signature algorithm: " << this->signature_algorithm().get_oid().to_formatted_string() << "\n";
911
0
912
0
   out << "Serial number: " << hex_encode(this->serial_number()) << "\n";
913
0
914
0
   if(this->authority_key_id().size())
915
0
     out << "Authority keyid: " << hex_encode(this->authority_key_id()) << "\n";
916
0
917
0
   if(this->subject_key_id().size())
918
0
     out << "Subject keyid: " << hex_encode(this->subject_key_id()) << "\n";
919
0
920
0
   try
921
0
      {
922
0
      std::unique_ptr<Public_Key> pubkey(this->subject_public_key());
923
0
      out << "Public Key [" << pubkey->algo_name() << "-" << pubkey->key_length() << "]\n\n";
924
0
      out << X509::PEM_encode(*pubkey);
925
0
      }
926
0
   catch(Decoding_Error&)
927
0
      {
928
0
      const AlgorithmIdentifier& alg_id = this->subject_public_key_algo();
929
0
      out << "Failed to decode key with oid " << alg_id.get_oid().to_string() << "\n";
930
0
      }
931
0
932
0
   return out.str();
933
0
   }
934
935
}