1 /*
2 * X.509 common functions for parsing and verification
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 */
19 /*
20 * The ITU-T X.509 standard defines a certificate format for PKI.
21 *
22 * http://www.ietf.org/rfc/rfc5280.txt (Certificates and CRLs)
23 * http://www.ietf.org/rfc/rfc3279.txt (Alg IDs for CRLs)
24 * http://www.ietf.org/rfc/rfc2986.txt (CSRs, aka PKCS#10)
25 *
26 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf
27 * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
28 */
29
30 #include "common.h"
31
32 #if defined(MBEDTLS_X509_USE_C)
33
34 #include "mbedtls/x509.h"
35 #include "mbedtls/asn1.h"
36 #include "mbedtls/error.h"
37 #include "mbedtls/oid.h"
38
39 #include <stdio.h>
40 #include <string.h>
41
42 #if defined(MBEDTLS_PEM_PARSE_C)
43 #include "mbedtls/pem.h"
44 #endif
45
46 #if defined(MBEDTLS_PLATFORM_C)
47 #include "mbedtls/platform.h"
48 #else
49 #include <stdio.h>
50 #include <stdlib.h>
51 #define mbedtls_free free
52 #define mbedtls_calloc calloc
53 #define mbedtls_printf printf
54 #define mbedtls_snprintf snprintf
55 #endif
56
57 #if defined(MBEDTLS_HAVE_TIME)
58 #include "mbedtls/platform_time.h"
59 #endif
60 #if defined(MBEDTLS_HAVE_TIME_DATE)
61 #include "mbedtls/platform_util.h"
62 #include <time.h>
63 #endif
64
65 #if defined(VENDOR_CUSTOMISE_CHECK_CERT_DATE_C)
66 #include "mbedtls/hw_polarssl_api.h"
67 #endif
68
69 #define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
70 #define CHECK_RANGE(min, max, val) \
71 do \
72 { \
73 if( ( val ) < ( min ) || ( val ) > ( max ) ) \
74 { \
75 return( ret ); \
76 } \
77 } while( 0 )
78
79 /*
80 * CertificateSerialNumber ::= INTEGER
81 */
mbedtls_x509_get_serial(unsigned char ** p,const unsigned char * end,mbedtls_x509_buf * serial)82 int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
83 mbedtls_x509_buf *serial )
84 {
85 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
86
87 if( ( end - *p ) < 1 )
88 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL,
89 MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
90
91 if( **p != ( MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_PRIMITIVE | 2 ) &&
92 **p != MBEDTLS_ASN1_INTEGER )
93 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL,
94 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
95
96 serial->tag = *(*p)++;
97
98 if( ( ret = mbedtls_asn1_get_len( p, end, &serial->len ) ) != 0 )
99 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SERIAL, ret ) );
100
101 serial->p = *p;
102 *p += serial->len;
103
104 return( 0 );
105 }
106
107 /* Get an algorithm identifier without parameters (eg for signatures)
108 *
109 * AlgorithmIdentifier ::= SEQUENCE {
110 * algorithm OBJECT IDENTIFIER,
111 * parameters ANY DEFINED BY algorithm OPTIONAL }
112 */
mbedtls_x509_get_alg_null(unsigned char ** p,const unsigned char * end,mbedtls_x509_buf * alg)113 int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
114 mbedtls_x509_buf *alg )
115 {
116 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
117
118 if( ( ret = mbedtls_asn1_get_alg_null( p, end, alg ) ) != 0 )
119 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
120
121 return( 0 );
122 }
123
124 /*
125 * Parse an algorithm identifier with (optional) parameters
126 */
mbedtls_x509_get_alg(unsigned char ** p,const unsigned char * end,mbedtls_x509_buf * alg,mbedtls_x509_buf * params)127 int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
128 mbedtls_x509_buf *alg, mbedtls_x509_buf *params )
129 {
130 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
131
132 if( ( ret = mbedtls_asn1_get_alg( p, end, alg, params ) ) != 0 )
133 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
134
135 return( 0 );
136 }
137
138 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
139 /*
140 * HashAlgorithm ::= AlgorithmIdentifier
141 *
142 * AlgorithmIdentifier ::= SEQUENCE {
143 * algorithm OBJECT IDENTIFIER,
144 * parameters ANY DEFINED BY algorithm OPTIONAL }
145 *
146 * For HashAlgorithm, parameters MUST be NULL or absent.
147 */
x509_get_hash_alg(const mbedtls_x509_buf * alg,mbedtls_md_type_t * md_alg)148 static int x509_get_hash_alg( const mbedtls_x509_buf *alg, mbedtls_md_type_t *md_alg )
149 {
150 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
151 unsigned char *p;
152 const unsigned char *end;
153 mbedtls_x509_buf md_oid;
154 size_t len;
155
156 /* Make sure we got a SEQUENCE and setup bounds */
157 if( alg->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
158 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
159 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
160
161 p = alg->p;
162 end = p + alg->len;
163
164 if( p >= end )
165 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
166 MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
167
168 /* Parse md_oid */
169 md_oid.tag = *p;
170
171 if( ( ret = mbedtls_asn1_get_tag( &p, end, &md_oid.len, MBEDTLS_ASN1_OID ) ) != 0 )
172 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
173
174 md_oid.p = p;
175 p += md_oid.len;
176
177 /* Get md_alg from md_oid */
178 if( ( ret = mbedtls_oid_get_md_alg( &md_oid, md_alg ) ) != 0 )
179 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
180
181 /* Make sure params is absent of NULL */
182 if( p == end )
183 return( 0 );
184
185 if( ( ret = mbedtls_asn1_get_tag( &p, end, &len, MBEDTLS_ASN1_NULL ) ) != 0 || len != 0 )
186 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
187
188 if( p != end )
189 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
190 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
191
192 return( 0 );
193 }
194
195 /*
196 * RSASSA-PSS-params ::= SEQUENCE {
197 * hashAlgorithm [0] HashAlgorithm DEFAULT sha1Identifier,
198 * maskGenAlgorithm [1] MaskGenAlgorithm DEFAULT mgf1SHA1Identifier,
199 * saltLength [2] INTEGER DEFAULT 20,
200 * trailerField [3] INTEGER DEFAULT 1 }
201 * -- Note that the tags in this Sequence are explicit.
202 *
203 * RFC 4055 (which defines use of RSASSA-PSS in PKIX) states that the value
204 * of trailerField MUST be 1, and PKCS#1 v2.2 doesn't even define any other
205 * option. Enfore this at parsing time.
206 */
mbedtls_x509_get_rsassa_pss_params(const mbedtls_x509_buf * params,mbedtls_md_type_t * md_alg,mbedtls_md_type_t * mgf_md,int * salt_len)207 int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
208 mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
209 int *salt_len )
210 {
211 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
212 unsigned char *p;
213 const unsigned char *end, *end2;
214 size_t len;
215 mbedtls_x509_buf alg_id, alg_params;
216
217 /* First set everything to defaults */
218 *md_alg = MBEDTLS_MD_SHA1;
219 *mgf_md = MBEDTLS_MD_SHA1;
220 *salt_len = 20;
221
222 /* Make sure params is a SEQUENCE and setup bounds */
223 if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
224 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
225 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
226
227 p = (unsigned char *) params->p;
228 end = p + params->len;
229
230 if( p == end )
231 return( 0 );
232
233 /*
234 * HashAlgorithm
235 */
236 if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
237 MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) ) == 0 )
238 {
239 end2 = p + len;
240
241 /* HashAlgorithm ::= AlgorithmIdentifier (without parameters) */
242 if( ( ret = mbedtls_x509_get_alg_null( &p, end2, &alg_id ) ) != 0 )
243 return( ret );
244
245 if( ( ret = mbedtls_oid_get_md_alg( &alg_id, md_alg ) ) != 0 )
246 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
247
248 if( p != end2 )
249 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
250 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
251 }
252 else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
253 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
254
255 if( p == end )
256 return( 0 );
257
258 /*
259 * MaskGenAlgorithm
260 */
261 if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
262 MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) ) == 0 )
263 {
264 end2 = p + len;
265
266 /* MaskGenAlgorithm ::= AlgorithmIdentifier (params = HashAlgorithm) */
267 if( ( ret = mbedtls_x509_get_alg( &p, end2, &alg_id, &alg_params ) ) != 0 )
268 return( ret );
269
270 /* Only MFG1 is recognised for now */
271 if( MBEDTLS_OID_CMP( MBEDTLS_OID_MGF1, &alg_id ) != 0 )
272 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE,
273 MBEDTLS_ERR_OID_NOT_FOUND ) );
274
275 /* Parse HashAlgorithm */
276 if( ( ret = x509_get_hash_alg( &alg_params, mgf_md ) ) != 0 )
277 return( ret );
278
279 if( p != end2 )
280 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
281 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
282 }
283 else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
284 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
285
286 if( p == end )
287 return( 0 );
288
289 /*
290 * salt_len
291 */
292 if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
293 MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 2 ) ) == 0 )
294 {
295 end2 = p + len;
296
297 if( ( ret = mbedtls_asn1_get_int( &p, end2, salt_len ) ) != 0 )
298 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
299
300 if( p != end2 )
301 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
302 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
303 }
304 else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
305 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
306
307 if( p == end )
308 return( 0 );
309
310 /*
311 * trailer_field (if present, must be 1)
312 */
313 if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
314 MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 3 ) ) == 0 )
315 {
316 int trailer_field;
317
318 end2 = p + len;
319
320 if( ( ret = mbedtls_asn1_get_int( &p, end2, &trailer_field ) ) != 0 )
321 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
322
323 if( p != end2 )
324 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
325 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
326
327 if( trailer_field != 1 )
328 return( MBEDTLS_ERR_X509_INVALID_ALG );
329 }
330 else if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
331 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG, ret ) );
332
333 if( p != end )
334 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_ALG,
335 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
336
337 return( 0 );
338 }
339 #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
340
341 /*
342 * AttributeTypeAndValue ::= SEQUENCE {
343 * type AttributeType,
344 * value AttributeValue }
345 *
346 * AttributeType ::= OBJECT IDENTIFIER
347 *
348 * AttributeValue ::= ANY DEFINED BY AttributeType
349 */
x509_get_attr_type_value(unsigned char ** p,const unsigned char * end,mbedtls_x509_name * cur)350 static int x509_get_attr_type_value( unsigned char **p,
351 const unsigned char *end,
352 mbedtls_x509_name *cur )
353 {
354 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
355 size_t len;
356 mbedtls_x509_buf *oid;
357 mbedtls_x509_buf *val;
358
359 if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
360 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
361 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
362
363 end = *p + len;
364
365 if( ( end - *p ) < 1 )
366 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
367 MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
368
369 oid = &cur->oid;
370 oid->tag = **p;
371
372 if( ( ret = mbedtls_asn1_get_tag( p, end, &oid->len, MBEDTLS_ASN1_OID ) ) != 0 )
373 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
374
375 oid->p = *p;
376 *p += oid->len;
377
378 if( ( end - *p ) < 1 )
379 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
380 MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
381
382 if( **p != MBEDTLS_ASN1_BMP_STRING && **p != MBEDTLS_ASN1_UTF8_STRING &&
383 **p != MBEDTLS_ASN1_T61_STRING && **p != MBEDTLS_ASN1_PRINTABLE_STRING &&
384 **p != MBEDTLS_ASN1_IA5_STRING && **p != MBEDTLS_ASN1_UNIVERSAL_STRING &&
385 **p != MBEDTLS_ASN1_BIT_STRING )
386 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
387 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
388
389 val = &cur->val;
390 val->tag = *(*p)++;
391
392 if( ( ret = mbedtls_asn1_get_len( p, end, &val->len ) ) != 0 )
393 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
394
395 val->p = *p;
396 *p += val->len;
397
398 if( *p != end )
399 {
400 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME,
401 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
402 }
403
404 cur->next = NULL;
405
406 return( 0 );
407 }
408
409 /*
410 * Name ::= CHOICE { -- only one possibility for now --
411 * rdnSequence RDNSequence }
412 *
413 * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
414 *
415 * RelativeDistinguishedName ::=
416 * SET OF AttributeTypeAndValue
417 *
418 * AttributeTypeAndValue ::= SEQUENCE {
419 * type AttributeType,
420 * value AttributeValue }
421 *
422 * AttributeType ::= OBJECT IDENTIFIER
423 *
424 * AttributeValue ::= ANY DEFINED BY AttributeType
425 *
426 * The data structure is optimized for the common case where each RDN has only
427 * one element, which is represented as a list of AttributeTypeAndValue.
428 * For the general case we still use a flat list, but we mark elements of the
429 * same set so that they are "merged" together in the functions that consume
430 * this list, eg mbedtls_x509_dn_gets().
431 */
mbedtls_x509_get_name(unsigned char ** p,const unsigned char * end,mbedtls_x509_name * cur)432 int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
433 mbedtls_x509_name *cur )
434 {
435 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
436 size_t set_len;
437 const unsigned char *end_set;
438
439 /* don't use recursion, we'd risk stack overflow if not optimized */
440 while( 1 )
441 {
442 /*
443 * parse SET
444 */
445 if( ( ret = mbedtls_asn1_get_tag( p, end, &set_len,
446 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SET ) ) != 0 )
447 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_NAME, ret ) );
448
449 end_set = *p + set_len;
450
451 while( 1 )
452 {
453 if( ( ret = x509_get_attr_type_value( p, end_set, cur ) ) != 0 )
454 return( ret );
455
456 if( *p == end_set )
457 break;
458
459 /* Mark this item as being no the only one in a set */
460 cur->next_merged = 1;
461
462 cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) );
463
464 if( cur->next == NULL )
465 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
466
467 cur = cur->next;
468 }
469
470 /*
471 * continue until end of SEQUENCE is reached
472 */
473 if( *p == end )
474 return( 0 );
475
476 cur->next = mbedtls_calloc( 1, sizeof( mbedtls_x509_name ) );
477
478 if( cur->next == NULL )
479 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
480
481 cur = cur->next;
482 }
483 }
484
x509_parse_int(unsigned char ** p,size_t n,int * res)485 static int x509_parse_int( unsigned char **p, size_t n, int *res )
486 {
487 *res = 0;
488
489 for( ; n > 0; --n )
490 {
491 if( ( **p < '0') || ( **p > '9' ) )
492 return ( MBEDTLS_ERR_X509_INVALID_DATE );
493
494 *res *= 10;
495 *res += ( *(*p)++ - '0' );
496 }
497
498 return( 0 );
499 }
500
x509_date_is_valid(const mbedtls_x509_time * t)501 static int x509_date_is_valid(const mbedtls_x509_time *t )
502 {
503 int ret = MBEDTLS_ERR_X509_INVALID_DATE;
504 int month_len;
505
506 CHECK_RANGE( 0, 9999, t->year );
507 CHECK_RANGE( 0, 23, t->hour );
508 CHECK_RANGE( 0, 59, t->min );
509 CHECK_RANGE( 0, 59, t->sec );
510
511 switch( t->mon )
512 {
513 case 1: case 3: case 5: case 7: case 8: case 10: case 12:
514 month_len = 31;
515 break;
516 case 4: case 6: case 9: case 11:
517 month_len = 30;
518 break;
519 case 2:
520 if( ( !( t->year % 4 ) && t->year % 100 ) ||
521 !( t->year % 400 ) )
522 month_len = 29;
523 else
524 month_len = 28;
525 break;
526 default:
527 return( ret );
528 }
529 CHECK_RANGE( 1, month_len, t->day );
530
531 return( 0 );
532 }
533
534 /*
535 * Parse an ASN1_UTC_TIME (yearlen=2) or ASN1_GENERALIZED_TIME (yearlen=4)
536 * field.
537 */
x509_parse_time(unsigned char ** p,size_t len,size_t yearlen,mbedtls_x509_time * tm)538 static int x509_parse_time( unsigned char **p, size_t len, size_t yearlen,
539 mbedtls_x509_time *tm )
540 {
541 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
542
543 /*
544 * Minimum length is 10 or 12 depending on yearlen
545 */
546 if ( len < yearlen + 8 )
547 return ( MBEDTLS_ERR_X509_INVALID_DATE );
548 len -= yearlen + 8;
549
550 /*
551 * Parse year, month, day, hour, minute
552 */
553 CHECK( x509_parse_int( p, yearlen, &tm->year ) );
554 if ( 2 == yearlen )
555 {
556 if ( tm->year < 50 )
557 tm->year += 100;
558
559 tm->year += 1900;
560 }
561
562 CHECK( x509_parse_int( p, 2, &tm->mon ) );
563 CHECK( x509_parse_int( p, 2, &tm->day ) );
564 CHECK( x509_parse_int( p, 2, &tm->hour ) );
565 CHECK( x509_parse_int( p, 2, &tm->min ) );
566
567 /*
568 * Parse seconds if present
569 */
570 if ( len >= 2 )
571 {
572 CHECK( x509_parse_int( p, 2, &tm->sec ) );
573 len -= 2;
574 }
575 else
576 return ( MBEDTLS_ERR_X509_INVALID_DATE );
577
578 /*
579 * Parse trailing 'Z' if present
580 */
581 if ( 1 == len && 'Z' == **p )
582 {
583 (*p)++;
584 len--;
585 }
586
587 /*
588 * We should have parsed all characters at this point
589 */
590 if ( 0 != len )
591 return ( MBEDTLS_ERR_X509_INVALID_DATE );
592
593 CHECK( x509_date_is_valid( tm ) );
594
595 return ( 0 );
596 }
597
598 /*
599 * Time ::= CHOICE {
600 * utcTime UTCTime,
601 * generalTime GeneralizedTime }
602 */
mbedtls_x509_get_time(unsigned char ** p,const unsigned char * end,mbedtls_x509_time * tm)603 int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
604 mbedtls_x509_time *tm )
605 {
606 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
607 size_t len, year_len;
608 unsigned char tag;
609
610 if( ( end - *p ) < 1 )
611 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE,
612 MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
613
614 tag = **p;
615
616 if( tag == MBEDTLS_ASN1_UTC_TIME )
617 year_len = 2;
618 else if( tag == MBEDTLS_ASN1_GENERALIZED_TIME )
619 year_len = 4;
620 else
621 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE,
622 MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) );
623
624 (*p)++;
625 ret = mbedtls_asn1_get_len( p, end, &len );
626
627 if( ret != 0 )
628 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_DATE, ret ) );
629
630 return x509_parse_time( p, len, year_len, tm );
631 }
632
mbedtls_x509_get_sig(unsigned char ** p,const unsigned char * end,mbedtls_x509_buf * sig)633 int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig )
634 {
635 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
636 size_t len;
637 int tag_type;
638
639 if( ( end - *p ) < 1 )
640 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE,
641 MBEDTLS_ERR_ASN1_OUT_OF_DATA ) );
642
643 tag_type = **p;
644
645 if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
646 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_SIGNATURE, ret ) );
647
648 sig->tag = tag_type;
649 sig->len = len;
650 sig->p = *p;
651
652 *p += len;
653
654 return( 0 );
655 }
656
657 /*
658 * Get signature algorithm from alg OID and optional parameters
659 */
mbedtls_x509_get_sig_alg(const mbedtls_x509_buf * sig_oid,const mbedtls_x509_buf * sig_params,mbedtls_md_type_t * md_alg,mbedtls_pk_type_t * pk_alg,void ** sig_opts)660 int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
661 mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
662 void **sig_opts )
663 {
664 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
665
666 if( *sig_opts != NULL )
667 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
668
669 if( ( ret = mbedtls_oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 )
670 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret ) );
671
672 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
673 if( *pk_alg == MBEDTLS_PK_RSASSA_PSS )
674 {
675 mbedtls_pk_rsassa_pss_options *pss_opts;
676
677 pss_opts = mbedtls_calloc( 1, sizeof( mbedtls_pk_rsassa_pss_options ) );
678 if( pss_opts == NULL )
679 return( MBEDTLS_ERR_X509_ALLOC_FAILED );
680
681 ret = mbedtls_x509_get_rsassa_pss_params( sig_params,
682 md_alg,
683 &pss_opts->mgf1_hash_id,
684 &pss_opts->expected_salt_len );
685 if( ret != 0 )
686 {
687 mbedtls_free( pss_opts );
688 return( ret );
689 }
690
691 *sig_opts = (void *) pss_opts;
692 }
693 else
694 #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
695 {
696 /* Make sure parameters are absent or NULL */
697 if( ( sig_params->tag != MBEDTLS_ASN1_NULL && sig_params->tag != 0 ) ||
698 sig_params->len != 0 )
699 return( MBEDTLS_ERR_X509_INVALID_ALG );
700 }
701
702 return( 0 );
703 }
704
705 /*
706 * X.509 Extensions (No parsing of extensions, pointer should
707 * be either manually updated or extensions should be parsed!)
708 */
mbedtls_x509_get_ext(unsigned char ** p,const unsigned char * end,mbedtls_x509_buf * ext,int tag)709 int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
710 mbedtls_x509_buf *ext, int tag )
711 {
712 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
713 size_t len;
714
715 /* Extension structure use EXPLICIT tagging. That is, the actual
716 * `Extensions` structure is wrapped by a tag-length pair using
717 * the respective context-specific tag. */
718 ret = mbedtls_asn1_get_tag( p, end, &ext->len,
719 MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag );
720 if( ret != 0 )
721 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
722
723 ext->tag = MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | tag;
724 ext->p = *p;
725 end = *p + ext->len;
726
727 /*
728 * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
729 */
730 if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
731 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
732 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret ) );
733
734 if( end != *p + len )
735 return( MBEDTLS_ERROR_ADD( MBEDTLS_ERR_X509_INVALID_EXTENSIONS,
736 MBEDTLS_ERR_ASN1_LENGTH_MISMATCH ) );
737
738 return( 0 );
739 }
740
741 /*
742 * Store the name in printable form into buf; no more
743 * than size characters will be written
744 */
mbedtls_x509_dn_gets(char * buf,size_t size,const mbedtls_x509_name * dn)745 int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn )
746 {
747 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
748 size_t i, n;
749 unsigned char c, merge = 0;
750 const mbedtls_x509_name *name;
751 const char *short_name = NULL;
752 char s[MBEDTLS_X509_MAX_DN_NAME_SIZE], *p;
753
754 memset( s, 0, sizeof( s ) );
755
756 name = dn;
757 p = buf;
758 n = size;
759
760 while( name != NULL )
761 {
762 if( !name->oid.p )
763 {
764 name = name->next;
765 continue;
766 }
767
768 if( name != dn )
769 {
770 ret = mbedtls_snprintf( p, n, merge ? " + " : ", " );
771 MBEDTLS_X509_SAFE_SNPRINTF;
772 }
773
774 ret = mbedtls_oid_get_attr_short_name( &name->oid, &short_name );
775
776 if( ret == 0 )
777 ret = mbedtls_snprintf( p, n, "%s=", short_name );
778 else
779 ret = mbedtls_snprintf( p, n, "\?\?=" );
780 MBEDTLS_X509_SAFE_SNPRINTF;
781
782 for( i = 0; i < name->val.len; i++ )
783 {
784 if( i >= sizeof( s ) - 1 )
785 break;
786
787 c = name->val.p[i];
788 if( c < 32 || c >= 127 )
789 s[i] = '?';
790 else s[i] = c;
791 }
792 s[i] = '\0';
793 ret = mbedtls_snprintf( p, n, "%s", s );
794 MBEDTLS_X509_SAFE_SNPRINTF;
795
796 merge = name->next_merged;
797 name = name->next;
798 }
799
800 return( (int) ( size - n ) );
801 }
802
803 /*
804 * Store the serial in printable form into buf; no more
805 * than size characters will be written
806 */
mbedtls_x509_serial_gets(char * buf,size_t size,const mbedtls_x509_buf * serial)807 int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial )
808 {
809 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
810 size_t i, n, nr;
811 char *p;
812
813 p = buf;
814 n = size;
815
816 nr = ( serial->len <= 32 )
817 ? serial->len : 28;
818
819 for( i = 0; i < nr; i++ )
820 {
821 if( i == 0 && nr > 1 && serial->p[i] == 0x0 )
822 continue;
823
824 ret = mbedtls_snprintf( p, n, "%02X%s",
825 serial->p[i], ( i < nr - 1 ) ? ":" : "" );
826 MBEDTLS_X509_SAFE_SNPRINTF;
827 }
828
829 if( nr != serial->len )
830 {
831 ret = mbedtls_snprintf( p, n, "...." );
832 MBEDTLS_X509_SAFE_SNPRINTF;
833 }
834
835 return( (int) ( size - n ) );
836 }
837
838 #if !defined(MBEDTLS_X509_REMOVE_INFO)
839 /*
840 * Helper for writing signature algorithms
841 */
mbedtls_x509_sig_alg_gets(char * buf,size_t size,const mbedtls_x509_buf * sig_oid,mbedtls_pk_type_t pk_alg,mbedtls_md_type_t md_alg,const void * sig_opts)842 int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
843 mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
844 const void *sig_opts )
845 {
846 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
847 char *p = buf;
848 size_t n = size;
849 const char *desc = NULL;
850
851 ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc );
852 if( ret != 0 )
853 ret = mbedtls_snprintf( p, n, "???" );
854 else
855 ret = mbedtls_snprintf( p, n, "%s", desc );
856 MBEDTLS_X509_SAFE_SNPRINTF;
857
858 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
859 if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
860 {
861 const mbedtls_pk_rsassa_pss_options *pss_opts;
862 const mbedtls_md_info_t *md_info, *mgf_md_info;
863
864 pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
865
866 md_info = mbedtls_md_info_from_type( md_alg );
867 mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id );
868
869 ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)",
870 md_info ? mbedtls_md_get_name( md_info ) : "???",
871 mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???",
872 (unsigned int) pss_opts->expected_salt_len );
873 MBEDTLS_X509_SAFE_SNPRINTF;
874 }
875 #else
876 ((void) pk_alg);
877 ((void) md_alg);
878 ((void) sig_opts);
879 #endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
880
881 return( (int)( size - n ) );
882 }
883 #endif /* MBEDTLS_X509_REMOVE_INFO */
884
885 /*
886 * Helper for writing "RSA key size", "EC key size", etc
887 */
mbedtls_x509_key_size_helper(char * buf,size_t buf_size,const char * name)888 int mbedtls_x509_key_size_helper( char *buf, size_t buf_size, const char *name )
889 {
890 char *p = buf;
891 size_t n = buf_size;
892 int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
893
894 ret = mbedtls_snprintf( p, n, "%s key size", name );
895 MBEDTLS_X509_SAFE_SNPRINTF;
896
897 return( 0 );
898 }
899
900 #if defined(MBEDTLS_HAVE_TIME_DATE)
901 /*
902 * Set the time structure to the current time.
903 * Return 0 on success, non-zero on failure.
904 */
x509_get_current_time(mbedtls_x509_time * now)905 static int x509_get_current_time( mbedtls_x509_time *now )
906 {
907 struct tm *lt, tm_buf;
908 mbedtls_time_t tt;
909 int ret = 0;
910
911 tt = mbedtls_time( NULL );
912 lt = mbedtls_platform_gmtime_r( &tt, &tm_buf );
913
914 if( lt == NULL )
915 ret = -1;
916 else
917 {
918 now->year = lt->tm_year + 1900;
919 now->mon = lt->tm_mon + 1;
920 now->day = lt->tm_mday;
921 now->hour = lt->tm_hour;
922 now->min = lt->tm_min;
923 now->sec = lt->tm_sec;
924 }
925
926 return( ret );
927 }
928
929 /*
930 * Return 0 if before <= after, 1 otherwise
931 */
x509_check_time(const mbedtls_x509_time * before,const mbedtls_x509_time * after)932 static int x509_check_time( const mbedtls_x509_time *before, const mbedtls_x509_time *after )
933 {
934 #if defined(VENDOR_CUSTOMISE_CHECK_CERT_DATE_C)
935 if (polarssl_get_checktime() == 0) {
936 return 0;
937 }
938 #endif
939
940 if( before->year > after->year )
941 return( 1 );
942
943 if( before->year == after->year &&
944 before->mon > after->mon )
945 return( 1 );
946
947 if( before->year == after->year &&
948 before->mon == after->mon &&
949 before->day > after->day )
950 return( 1 );
951
952 if( before->year == after->year &&
953 before->mon == after->mon &&
954 before->day == after->day &&
955 before->hour > after->hour )
956 return( 1 );
957
958 if( before->year == after->year &&
959 before->mon == after->mon &&
960 before->day == after->day &&
961 before->hour == after->hour &&
962 before->min > after->min )
963 return( 1 );
964
965 if( before->year == after->year &&
966 before->mon == after->mon &&
967 before->day == after->day &&
968 before->hour == after->hour &&
969 before->min == after->min &&
970 before->sec > after->sec )
971 return( 1 );
972
973 return( 0 );
974 }
975
mbedtls_x509_time_is_past(const mbedtls_x509_time * to)976 int mbedtls_x509_time_is_past( const mbedtls_x509_time *to )
977 {
978 mbedtls_x509_time now;
979
980 if( x509_get_current_time( &now ) != 0 )
981 return( 1 );
982
983 return( x509_check_time( &now, to ) );
984 }
985
mbedtls_x509_time_is_future(const mbedtls_x509_time * from)986 int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
987 {
988 mbedtls_x509_time now;
989
990 if( x509_get_current_time( &now ) != 0 )
991 return( 1 );
992
993 return( x509_check_time( from, &now ) );
994 }
995
996 #else /* MBEDTLS_HAVE_TIME_DATE */
997
mbedtls_x509_time_is_past(const mbedtls_x509_time * to)998 int mbedtls_x509_time_is_past( const mbedtls_x509_time *to )
999 {
1000 ((void) to);
1001 return( 0 );
1002 }
1003
mbedtls_x509_time_is_future(const mbedtls_x509_time * from)1004 int mbedtls_x509_time_is_future( const mbedtls_x509_time *from )
1005 {
1006 ((void) from);
1007 return( 0 );
1008 }
1009 #endif /* MBEDTLS_HAVE_TIME_DATE */
1010 #endif /* MBEDTLS_X509_USE_C */
1011