summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/x509/x509_policy.c434
1 files changed, 264 insertions, 170 deletions
diff --git a/src/lib/libcrypto/x509/x509_policy.c b/src/lib/libcrypto/x509/x509_policy.c
index 6005acd4fb..4a3fb84f53 100644
--- a/src/lib/libcrypto/x509/x509_policy.c
+++ b/src/lib/libcrypto/x509/x509_policy.c
@@ -1,5 +1,6 @@
1/* $OpenBSD: x509_policy.c,v 1.10 2023/04/26 21:07:32 tb Exp $ */ 1/* $OpenBSD: x509_policy.c,v 1.11 2023/04/26 21:35:22 tb Exp $ */
2/* Copyright (c) 2022, Google Inc. 2/*
3 * Copyright (c) 2022, Google Inc.
3 * 4 *
4 * Permission to use, copy, modify, and/or distribute this software for any 5 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above 6 * purpose with or without fee is hereby granted, provided that the above
@@ -11,7 +12,8 @@
11 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
13 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN 14 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
14 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ 15 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
15 17
16#include <openssl/x509.h> 18#include <openssl/x509.h>
17 19
@@ -31,53 +33,64 @@
31/* XXX move to proper place */ 33/* XXX move to proper place */
32#define X509_R_INVALID_POLICY_EXTENSION 201 34#define X509_R_INVALID_POLICY_EXTENSION 201
33 35
34// This file computes the X.509 policy tree, as described in RFC 5280, section 36/*
35// 6.1. It differs in that: 37 * This file computes the X.509 policy tree, as described in RFC 5280, section
36// 38 * 6.1. It differs in that:
37// (1) It does not track "qualifier_set". This is not needed as it is not 39 *
38// output by this implementation. 40 * (1) It does not track "qualifier_set". This is not needed as it is not
39// 41 * output by this implementation.
40// (2) It builds a directed acyclic graph, rather than a tree. When a given 42 *
41// policy matches multiple parents, RFC 5280 makes a separate node for 43 * (2) It builds a directed acyclic graph, rather than a tree. When a given
42// each parent. This representation condenses them into one node with 44 * policy matches multiple parents, RFC 5280 makes a separate node for
43// multiple parents. Thus we refer to this structure as a "policy graph", 45 * each parent. This representation condenses them into one node with
44// rather than a "policy tree". 46 * multiple parents. Thus we refer to this structure as a "policy graph",
45// 47 * rather than a "policy tree".
46// (3) "expected_policy_set" is not tracked explicitly and built temporarily 48 *
47// as part of building the graph. 49 * (3) "expected_policy_set" is not tracked explicitly and built temporarily
48// 50 * as part of building the graph.
49// (4) anyPolicy nodes are not tracked explicitly. 51 *
50// 52 * (4) anyPolicy nodes are not tracked explicitly.
51// (5) Some pruning steps are deferred to when policies are evaluated, as a 53 *
52// reachability pass. 54 * (5) Some pruning steps are deferred to when policies are evaluated, as a
53 55 * reachability pass.
54// An X509_POLICY_NODE is a node in the policy graph. It corresponds to a node 56 */
55// from RFC 5280, section 6.1.2, step (a), but we store some fields differently. 57
58/*
59 * An X509_POLICY_NODE is a node in the policy graph. It corresponds to a node
60 * from RFC 5280, section 6.1.2, step (a), but we store some fields differently.
61 */
56typedef struct x509_policy_node_st { 62typedef struct x509_policy_node_st {
57 // policy is the "valid_policy" field from RFC 5280. 63 /* policy is the "valid_policy" field from RFC 5280. */
58 ASN1_OBJECT *policy; 64 ASN1_OBJECT *policy;
59 65
60 // parent_policies, if non-empty, is the list of "valid_policy" values for all 66 /*
61 // nodes which are a parent of this node. In this case, no entry in this list 67 * parent_policies, if non-empty, is the list of "valid_policy" values
62 // will be anyPolicy. This list is in no particular order and may contain 68 * for all nodes which are a parent of this node. In this case, no entry
63 // duplicates if the corresponding certificate had duplicate mappings. 69 * in this list will be anyPolicy. This list is in no particular order
64 // 70 * and may contain duplicates if the corresponding certificate had
65 // If empty, this node has a single parent, anyPolicy. The node is then a root 71 * duplicate mappings.
66 // policies, and is in authorities-constrained-policy-set if it has a path to 72 *
67 // a leaf node. 73 * If empty, this node has a single parent, anyPolicy. The node is then
68 // 74 * a root policies, and is in authorities-constrained-policy-set if it
69 // Note it is not possible for a policy to have both anyPolicy and a 75 * has a path to a leaf node.
70 // concrete policy as a parent. Section 6.1.3, step (d.1.ii) only runs if 76 *
71 // there was no match in step (d.1.i). We do not need to represent a parent 77 * Note it is not possible for a policy to have both anyPolicy and a
72 // list of, say, {anyPolicy, OID1, OID2}. 78 * concrete policy as a parent. Section 6.1.3, step (d.1.ii) only runs
79 * if there was no match in step (d.1.i). We do not need to represent a
80 * parent list of, say, {anyPolicy, OID1, OID2}.
81 */
73 STACK_OF(ASN1_OBJECT) *parent_policies; 82 STACK_OF(ASN1_OBJECT) *parent_policies;
74 83
75 // mapped is one if this node matches a policy mapping in the certificate and 84 /*
76 // zero otherwise. 85 * mapped is one if this node matches a policy mapping in the
86 * certificate and zero otherwise.
87 */
77 int mapped; 88 int mapped;
78 89
79 // reachable is one if this node is reachable from some valid policy in the 90 /*
80 // end-entity certificate. It is computed during |has_explicit_policy|. 91 * reachable is one if this node is reachable from some valid policy in
92 * the end-entity certificate. It is computed during |has_explicit_policy|.
93 */
81 int reachable; 94 int reachable;
82} X509_POLICY_NODE; 95} X509_POLICY_NODE;
83 96
@@ -105,16 +118,22 @@ DECLARE_STACK_OF(X509_POLICY_NODE)
105#define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st)) 118#define sk_X509_POLICY_NODE_sort(st) SKM_sk_sort(X509_POLICY_NODE, (st))
106#define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st)) 119#define sk_X509_POLICY_NODE_is_sorted(st) SKM_sk_is_sorted(X509_POLICY_NODE, (st))
107 120
108// An X509_POLICY_LEVEL is the collection of nodes at the same depth in the 121/*
109// policy graph. This structure can also be used to represent a level's 122 * An X509_POLICY_LEVEL is the collection of nodes at the same depth in the
110// "expected_policy_set" values. See |process_policy_mappings|. 123 * policy graph. This structure can also be used to represent a level's
124 * "expected_policy_set" values. See |process_policy_mappings|.
125 */
111typedef struct x509_policy_level_st { 126typedef struct x509_policy_level_st {
112 // nodes is the list of nodes at this depth, except for the anyPolicy node, if 127 /*
113 // any. This list is sorted by policy OID for efficient lookup. 128 * nodes is the list of nodes at this depth, except for the anyPolicy
129 * node, if any. This list is sorted by policy OID for efficient lookup.
130 */
114 STACK_OF(X509_POLICY_NODE) *nodes; 131 STACK_OF(X509_POLICY_NODE) *nodes;
115 132
116 // has_any_policy is one if there is an anyPolicy node at this depth, and zero 133 /*
117 // otherwise. 134 * has_any_policy is one if there is an anyPolicy node at this depth,
135 * and zero otherwise.
136 */
118 int has_any_policy; 137 int has_any_policy;
119} X509_POLICY_LEVEL; 138} X509_POLICY_LEVEL;
120 139
@@ -251,8 +270,10 @@ x509_policy_level_clear(X509_POLICY_LEVEL *level)
251 sk_X509_POLICY_NODE_zero(level->nodes); 270 sk_X509_POLICY_NODE_zero(level->nodes);
252} 271}
253 272
254// x509_policy_level_find returns the node in |level| corresponding to |policy|, 273/*
255// or NULL if none exists. 274 * x509_policy_level_find returns the node in |level| corresponding to |policy|,
275 * or NULL if none exists.
276 */
256static X509_POLICY_NODE * 277static X509_POLICY_NODE *
257x509_policy_level_find(X509_POLICY_LEVEL *level, 278x509_policy_level_find(X509_POLICY_LEVEL *level,
258 const ASN1_OBJECT *policy) 279 const ASN1_OBJECT *policy)
@@ -267,13 +288,15 @@ x509_policy_level_find(X509_POLICY_LEVEL *level,
267 return sk_X509_POLICY_NODE_value(level->nodes, idx); 288 return sk_X509_POLICY_NODE_value(level->nodes, idx);
268} 289}
269 290
270// x509_policy_level_add_nodes adds the nodes in |nodes| to |level|. It returns 291/*
271// one on success and zero on error. No policy in |nodes| may already be present 292 * x509_policy_level_add_nodes adds the nodes in |nodes| to |level|. It returns
272// in |level|. This function modifies |nodes| to avoid making a copy, but the 293 * one on success and zero on error. No policy in |nodes| may already be present
273// caller is still responsible for releasing |nodes| itself. 294 * in |level|. This function modifies |nodes| to avoid making a copy, but the
274// 295 * caller is still responsible for releasing |nodes| itself.
275// This function is used to add nodes to |level| in bulk, and avoid resorting 296 *
276// |level| after each addition. 297 * This function is used to add nodes to |level| in bulk, and avoid resorting
298 * |level| after each addition.
299 */
277static int 300static int
278x509_policy_level_add_nodes(X509_POLICY_LEVEL *level, 301x509_policy_level_add_nodes(X509_POLICY_LEVEL *level,
279 STACK_OF(X509_POLICY_NODE) *nodes) 302 STACK_OF(X509_POLICY_NODE) *nodes)
@@ -288,7 +311,7 @@ x509_policy_level_add_nodes(X509_POLICY_LEVEL *level,
288 sk_X509_POLICY_NODE_sort(level->nodes); 311 sk_X509_POLICY_NODE_sort(level->nodes);
289 312
290#if !defined(NDEBUG) 313#if !defined(NDEBUG)
291 // There should be no duplicate nodes. 314 /* There should be no duplicate nodes. */
292 for (size_t i = 1; i < sk_X509_POLICY_NODE_num(level->nodes); i++) { 315 for (size_t i = 1; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
293 assert( 316 assert(
294 OBJ_cmp( 317 OBJ_cmp(
@@ -320,13 +343,15 @@ delete_if_not_in_policies(X509_POLICY_NODE *node, void *data)
320 return 1; 343 return 1;
321} 344}
322 345
323// process_certificate_policies updates |level| to incorporate |x509|'s 346/*
324// certificate policies extension. This implements steps (d) and (e) of RFC 347 * process_certificate_policies updates |level| to incorporate |x509|'s
325// 5280, section 6.1.3. |level| must contain the previous level's 348 * certificate policies extension. This implements steps (d) and (e) of RFC
326// "expected_policy_set" information. For all but the top-most level, this is 349 * 5280, section 6.1.3. |level| must contain the previous level's
327// the output of |process_policy_mappings|. |any_policy_allowed| specifies 350 * "expected_policy_set" information. For all but the top-most level, this is
328// whether anyPolicy is allowed or inhibited, taking into account the exception 351 * the output of |process_policy_mappings|. |any_policy_allowed| specifies
329// for self-issued certificates. 352 * whether anyPolicy is allowed or inhibited, taking into account the exception
353 * for self-issued certificates.
354 */
330static int 355static int
331process_certificate_policies(const X509 *x509, 356process_certificate_policies(const X509 *x509,
332 X509_POLICY_LEVEL *level, 357 X509_POLICY_LEVEL *level,
@@ -339,16 +364,18 @@ process_certificate_policies(const X509 *x509,
339 X509_get_ext_d2i(x509, NID_certificate_policies, &critical, NULL); 364 X509_get_ext_d2i(x509, NID_certificate_policies, &critical, NULL);
340 if (policies == NULL) { 365 if (policies == NULL) {
341 if (critical != -1) { 366 if (critical != -1) {
342 return 0; // Syntax error in the extension. 367 return 0; /* Syntax error in the extension. */
343 } 368 }
344 369
345 // RFC 5280, section 6.1.3, step (e). 370 /* RFC 5280, section 6.1.3, step (e). */
346 x509_policy_level_clear(level); 371 x509_policy_level_clear(level);
347 return 1; 372 return 1;
348 } 373 }
349 374
350 // certificatePolicies may not be empty. See RFC 5280, section 4.2.1.4. 375 /*
351 // TODO(https://crbug.com/boringssl/443): Move this check into the parser. 376 * certificatePolicies may not be empty. See RFC 5280, section 4.2.1.4.
377 * TODO(https://crbug.com/boringssl/443): Move this check into the parser.
378 */
352 if (sk_POLICYINFO_num(policies) == 0) { 379 if (sk_POLICYINFO_num(policies) == 0) {
353 X509error(X509_R_INVALID_POLICY_EXTENSION); 380 X509error(X509_R_INVALID_POLICY_EXTENSION);
354 goto err; 381 goto err;
@@ -365,27 +392,38 @@ process_certificate_policies(const X509 *x509,
365 if (i > 0 && 392 if (i > 0 &&
366 OBJ_cmp(sk_POLICYINFO_value(policies, i - 1)->policyid, 393 OBJ_cmp(sk_POLICYINFO_value(policies, i - 1)->policyid,
367 policy->policyid) == 0) { 394 policy->policyid) == 0) {
368 // Per RFC 5280, section 4.2.1.4, |policies| may not have duplicates. 395 /*
396 * Per RFC 5280, section 4.2.1.4, |policies| may not
397 * have duplicates.
398 */
369 X509error(X509_R_INVALID_POLICY_EXTENSION); 399 X509error(X509_R_INVALID_POLICY_EXTENSION);
370 goto err; 400 goto err;
371 } 401 }
372 } 402 }
373 403
374 // This does the same thing as RFC 5280, section 6.1.3, step (d), though in 404 /*
375 // a slighty different order. |level| currently contains "expected_policy_set" 405 * This does the same thing as RFC 5280, section 6.1.3, step (d),
376 // values of the previous level. See |process_policy_mappings| for details. 406 * though in a slighty different order. |level| currently contains
407 * "expected_policy_set" values of the previous level.
408 * See |process_policy_mappings| for details.
409 */
377 const int previous_level_has_any_policy = level->has_any_policy; 410 const int previous_level_has_any_policy = level->has_any_policy;
378 411
379 // First, we handle steps (d.1.i) and (d.2). The net effect of these two steps 412 /*
380 // is to intersect |level| with |policies|, ignoring anyPolicy if it is 413 * First, we handle steps (d.1.i) and (d.2). The net effect of these
381 // inhibited. 414 * two steps is to intersect |level| with |policies|, ignoring
415 * anyPolicy if it is inhibited.
416 */
382 if (!cert_has_any_policy || !any_policy_allowed) { 417 if (!cert_has_any_policy || !any_policy_allowed) {
383 sk_X509_POLICY_NODE_delete_if(level->nodes, 418 sk_X509_POLICY_NODE_delete_if(level->nodes,
384 delete_if_not_in_policies, policies); 419 delete_if_not_in_policies, policies);
385 level->has_any_policy = 0; 420 level->has_any_policy = 0;
386 } 421 }
387 422
388 // Step (d.1.ii) may attach new nodes to the previous level's anyPolicy node. 423 /*
424 * Step (d.1.ii) may attach new nodes to the previous level's anyPolicy
425 * node.
426 */
389 if (previous_level_has_any_policy) { 427 if (previous_level_has_any_policy) {
390 new_nodes = sk_X509_POLICY_NODE_new_null(); 428 new_nodes = sk_X509_POLICY_NODE_new_null();
391 if (new_nodes == NULL) { 429 if (new_nodes == NULL) {
@@ -394,14 +432,17 @@ process_certificate_policies(const X509 *x509,
394 for (size_t i = 0; i < sk_POLICYINFO_num(policies); i++) { 432 for (size_t i = 0; i < sk_POLICYINFO_num(policies); i++) {
395 const POLICYINFO *policy = sk_POLICYINFO_value(policies, 433 const POLICYINFO *policy = sk_POLICYINFO_value(policies,
396 i); 434 i);
397 // Though we've reordered the steps slightly, |policy| is in |level| if 435 /*
398 // and only if it would have been a match in step (d.1.ii). 436 * Though we've reordered the steps slightly, |policy|
437 * is in |level| if and only if it would have been a
438 * match in step (d.1.ii).
439 */
399 if (!is_any_policy(policy->policyid) && 440 if (!is_any_policy(policy->policyid) &&
400 x509_policy_level_find(level, policy->policyid) == 441 x509_policy_level_find(level, policy->policyid) ==
401 NULL) { 442 NULL) {
402 X509_POLICY_NODE *node = x509_policy_node_new( 443 X509_POLICY_NODE *node = x509_policy_node_new(
403 policy->policyid); 444 policy->policyid);
404 if (node == NULL || // 445 if (node == NULL ||
405 !sk_X509_POLICY_NODE_push(new_nodes, 446 !sk_X509_POLICY_NODE_push(new_nodes,
406 node)) { 447 node)) {
407 x509_policy_node_free(node); 448 x509_policy_node_free(node);
@@ -440,7 +481,7 @@ static int
440delete_if_mapped(X509_POLICY_NODE *node, void *data) 481delete_if_mapped(X509_POLICY_NODE *node, void *data)
441{ 482{
442 const POLICY_MAPPINGS *mappings = data; 483 const POLICY_MAPPINGS *mappings = data;
443 // |mappings| must have been sorted by |compare_issuer_policy|. 484 /* |mappings| must have been sorted by |compare_issuer_policy|. */
444 assert(sk_POLICY_MAPPING_is_sorted(mappings)); 485 assert(sk_POLICY_MAPPING_is_sorted(mappings));
445 POLICY_MAPPING mapping; 486 POLICY_MAPPING mapping;
446 mapping.issuerDomainPolicy = node->policy; 487 mapping.issuerDomainPolicy = node->policy;
@@ -451,22 +492,24 @@ delete_if_mapped(X509_POLICY_NODE *node, void *data)
451 return 1; 492 return 1;
452} 493}
453 494
454// process_policy_mappings processes the policy mappings extension of |cert|, 495/*
455// whose corresponding graph level is |level|. |mapping_allowed| specifies 496 * process_policy_mappings processes the policy mappings extension of |cert|,
456// whether policy mapping is inhibited at this point. On success, it returns an 497 * whose corresponding graph level is |level|. |mapping_allowed| specifies
457// |X509_POLICY_LEVEL| containing the "expected_policy_set" for |level|. On 498 * whether policy mapping is inhibited at this point. On success, it returns an
458// error, it returns NULL. This implements steps (a) and (b) of RFC 5280, 499 * |X509_POLICY_LEVEL| containing the "expected_policy_set" for |level|. On
459// section 6.1.4. 500 * error, it returns NULL. This implements steps (a) and (b) of RFC 5280,
460// 501 * section 6.1.4.
461// We represent the "expected_policy_set" as an |X509_POLICY_LEVEL|. 502 *
462// |has_any_policy| indicates whether there is an anyPolicy node with 503 * We represent the "expected_policy_set" as an |X509_POLICY_LEVEL|.
463// "expected_policy_set" of {anyPolicy}. If a node with policy oid P1 contains 504 * |has_any_policy| indicates whether there is an anyPolicy node with
464// P2 in its "expected_policy_set", the level will contain a node of policy P2 505 * "expected_policy_set" of {anyPolicy}. If a node with policy oid P1 contains
465// with P1 in |parent_policies|. 506 * P2 in its "expected_policy_set", the level will contain a node of policy P2
466// 507 * with P1 in |parent_policies|.
467// This is equivalent to the |X509_POLICY_LEVEL| that would result if the next 508 *
468// certificats contained anyPolicy. |process_certificate_policies| will filter 509 * This is equivalent to the |X509_POLICY_LEVEL| that would result if the next
469// this result down to compute the actual level. 510 * certificats contained anyPolicy. |process_certificate_policies| will filter
511 * this result down to compute the actual level.
512 */
470static X509_POLICY_LEVEL * 513static X509_POLICY_LEVEL *
471process_policy_mappings(const X509 *cert, 514process_policy_mappings(const X509 *cert,
472 X509_POLICY_LEVEL *level, 515 X509_POLICY_LEVEL *level,
@@ -479,35 +522,40 @@ process_policy_mappings(const X509 *cert,
479 POLICY_MAPPINGS *mappings = 522 POLICY_MAPPINGS *mappings =
480 X509_get_ext_d2i(cert, NID_policy_mappings, &critical, NULL); 523 X509_get_ext_d2i(cert, NID_policy_mappings, &critical, NULL);
481 if (mappings == NULL && critical != -1) { 524 if (mappings == NULL && critical != -1) {
482 // Syntax error in the policy mappings extension. 525 /* Syntax error in the policy mappings extension. */
483 goto err; 526 goto err;
484 } 527 }
485 528
486 if (mappings != NULL) { 529 if (mappings != NULL) {
487 // PolicyMappings may not be empty. See RFC 5280, section 4.2.1.5. 530 /*
488 // TODO(https://crbug.com/boringssl/443): Move this check into the parser. 531 * PolicyMappings may not be empty. See RFC 5280, section 4.2.1.5.
532 * TODO(https://crbug.com/boringssl/443): Move this check into
533 * the parser.
534 */
489 if (sk_POLICY_MAPPING_num(mappings) == 0) { 535 if (sk_POLICY_MAPPING_num(mappings) == 0) {
490 X509error(X509_R_INVALID_POLICY_EXTENSION); 536 X509error(X509_R_INVALID_POLICY_EXTENSION);
491 goto err; 537 goto err;
492 } 538 }
493 539
494 // RFC 5280, section 6.1.4, step (a). 540 /* RFC 5280, section 6.1.4, step (a). */
495 for (size_t i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) { 541 for (size_t i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) {
496 POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings, 542 POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings, i);
497 i);
498 if (is_any_policy(mapping->issuerDomainPolicy) || 543 if (is_any_policy(mapping->issuerDomainPolicy) ||
499 is_any_policy(mapping->subjectDomainPolicy)) { 544 is_any_policy(mapping->subjectDomainPolicy)) {
500 goto err; 545 goto err;
501 } 546 }
502 } 547 }
503 548
504 // Sort to group by issuerDomainPolicy. 549 /* Sort to group by issuerDomainPolicy. */
505 sk_POLICY_MAPPING_set_cmp_func(mappings, compare_issuer_policy); 550 sk_POLICY_MAPPING_set_cmp_func(mappings, compare_issuer_policy);
506 sk_POLICY_MAPPING_sort(mappings); 551 sk_POLICY_MAPPING_sort(mappings);
507 552
508 if (mapping_allowed) { 553 if (mapping_allowed) {
509 // Mark nodes as mapped, and add any nodes to |level| which may be needed 554 /*
510 // as part of RFC 5280, section 6.1.4, step (b.1). 555 * Mark nodes as mapped, and add any nodes to |level|
556 * which may be needed as part of RFC 5280,
557 * section 6.1.4, step (b.1).
558 */
511 new_nodes = sk_X509_POLICY_NODE_new_null(); 559 new_nodes = sk_X509_POLICY_NODE_new_null();
512 if (new_nodes == NULL) { 560 if (new_nodes == NULL) {
513 goto err; 561 goto err;
@@ -517,7 +565,10 @@ process_policy_mappings(const X509 *cert,
517 i++) { 565 i++) {
518 const POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings, 566 const POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings,
519 i); 567 i);
520 // There may be multiple mappings with the same |issuerDomainPolicy|. 568 /*
569 * There may be multiple mappings with the same
570 * |issuerDomainPolicy|.
571 */
521 if (last_policy != NULL && 572 if (last_policy != NULL &&
522 OBJ_cmp(mapping->issuerDomainPolicy, 573 OBJ_cmp(mapping->issuerDomainPolicy,
523 last_policy) == 0) { 574 last_policy) == 0) {
@@ -534,7 +585,7 @@ process_policy_mappings(const X509 *cert,
534 } 585 }
535 node = x509_policy_node_new( 586 node = x509_policy_node_new(
536 mapping->issuerDomainPolicy); 587 mapping->issuerDomainPolicy);
537 if (node == NULL || // 588 if (node == NULL ||
538 !sk_X509_POLICY_NODE_push(new_nodes, 589 !sk_X509_POLICY_NODE_push(new_nodes,
539 node)) { 590 node)) {
540 x509_policy_node_free(node); 591 x509_policy_node_free(node);
@@ -547,8 +598,10 @@ process_policy_mappings(const X509 *cert,
547 goto err; 598 goto err;
548 } 599 }
549 } else { 600 } else {
550 // RFC 5280, section 6.1.4, step (b.2). If mapping is inhibited, delete 601 /*
551 // all mapped nodes. 602 * RFC 5280, section 6.1.4, step (b.2). If mapping is
603 * inhibited, delete all mapped nodes.
604 */
552 sk_X509_POLICY_NODE_delete_if(level->nodes, 605 sk_X509_POLICY_NODE_delete_if(level->nodes,
553 delete_if_mapped, mappings); 606 delete_if_mapped, mappings);
554 sk_POLICY_MAPPING_pop_free(mappings, 607 sk_POLICY_MAPPING_pop_free(mappings,
@@ -557,8 +610,10 @@ process_policy_mappings(const X509 *cert,
557 } 610 }
558 } 611 }
559 612
560 // If a node was not mapped, it retains the original "explicit_policy_set" 613 /*
561 // value, itself. Add those to |mappings|. 614 * If a node was not mapped, it retains the original "explicit_policy_set"
615 * value, itself. Add those to |mappings|.
616 */
562 if (mappings == NULL) { 617 if (mappings == NULL) {
563 mappings = sk_POLICY_MAPPING_new_null(); 618 mappings = sk_POLICY_MAPPING_new_null();
564 if (mappings == NULL) { 619 if (mappings == NULL) {
@@ -584,11 +639,11 @@ process_policy_mappings(const X509 *cert,
584 } 639 }
585 } 640 }
586 641
587 // Sort to group by subjectDomainPolicy. 642 /* Sort to group by subjectDomainPolicy. */
588 sk_POLICY_MAPPING_set_cmp_func(mappings, compare_subject_policy); 643 sk_POLICY_MAPPING_set_cmp_func(mappings, compare_subject_policy);
589 sk_POLICY_MAPPING_sort(mappings); 644 sk_POLICY_MAPPING_sort(mappings);
590 645
591 // Convert |mappings| to our "expected_policy_set" representation. 646 /* Convert |mappings| to our "expected_policy_set" representation. */
592 next = x509_policy_level_new(); 647 next = x509_policy_level_new();
593 if (next == NULL) { 648 if (next == NULL) {
594 goto err; 649 goto err;
@@ -598,7 +653,10 @@ process_policy_mappings(const X509 *cert,
598 X509_POLICY_NODE *last_node = NULL; 653 X509_POLICY_NODE *last_node = NULL;
599 for (size_t i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) { 654 for (size_t i = 0; i < sk_POLICY_MAPPING_num(mappings); i++) {
600 POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings, i); 655 POLICY_MAPPING *mapping = sk_POLICY_MAPPING_value(mappings, i);
601 // Skip mappings where |issuerDomainPolicy| does not appear in the graph. 656 /*
657 * Skip mappings where |issuerDomainPolicy| does not appear in
658 * the graph.
659 */
602 if (!level->has_any_policy && 660 if (!level->has_any_policy &&
603 x509_policy_level_find(level, 661 x509_policy_level_find(level,
604 mapping->issuerDomainPolicy) == NULL) { 662 mapping->issuerDomainPolicy) == NULL) {
@@ -638,9 +696,11 @@ err:
638 return next; 696 return next;
639} 697}
640 698
641// apply_skip_certs, if |skip_certs| is non-NULL, sets |*value| to the minimum 699/*
642// of its current value and |skip_certs|. It returns one on success and zero if 700 * apply_skip_certs, if |skip_certs| is non-NULL, sets |*value| to the minimum
643// |skip_certs| is negative. 701 * of its current value and |skip_certs|. It returns one on success and zero if
702 * |skip_certs| is negative.
703 */
644static int 704static int
645apply_skip_certs(const ASN1_INTEGER *skip_certs, size_t *value) 705apply_skip_certs(const ASN1_INTEGER *skip_certs, size_t *value)
646{ 706{
@@ -648,13 +708,13 @@ apply_skip_certs(const ASN1_INTEGER *skip_certs, size_t *value)
648 return 1; 708 return 1;
649 } 709 }
650 710
651 // TODO(https://crbug.com/boringssl/443): Move this check into the parser. 711 /* TODO(https://crbug.com/boringssl/443): Move this check into the parser. */
652 if (skip_certs->type & V_ASN1_NEG) { 712 if (skip_certs->type & V_ASN1_NEG) {
653 X509error(X509_R_INVALID_POLICY_EXTENSION); 713 X509error(X509_R_INVALID_POLICY_EXTENSION);
654 return 0; 714 return 0;
655 } 715 }
656 716
657 // If |skip_certs| does not fit in |uint64_t|, it must exceed |*value|. 717 /* If |skip_certs| does not fit in |uint64_t|, it must exceed |*value|. */
658 uint64_t u64; 718 uint64_t u64;
659 if (ASN1_INTEGER_get_uint64(&u64, skip_certs) && u64 < *value) { 719 if (ASN1_INTEGER_get_uint64(&u64, skip_certs) && u64 < *value) {
660 *value = (size_t)u64; 720 *value = (size_t)u64;
@@ -663,10 +723,12 @@ apply_skip_certs(const ASN1_INTEGER *skip_certs, size_t *value)
663 return 1; 723 return 1;
664} 724}
665 725
666// process_policy_constraints updates |*explicit_policy|, |*policy_mapping|, and 726/*
667// |*inhibit_any_policy| according to |x509|'s policy constraints and inhibit 727 * process_policy_constraints updates |*explicit_policy|, |*policy_mapping|, and
668// anyPolicy extensions. It returns one on success and zero on error. This 728 * |*inhibit_any_policy| according to |x509|'s policy constraints and inhibit
669// implements steps (i) and (j) of RFC 5280, section 6.1.4. 729 * anyPolicy extensions. It returns one on success and zero on error. This
730 * implements steps (i) and (j) of RFC 5280, section 6.1.4.
731 */
670static int 732static int
671process_policy_constraints(const X509 *x509, size_t *explicit_policy, 733process_policy_constraints(const X509 *x509, size_t *explicit_policy,
672 size_t *policy_mapping, 734 size_t *policy_mapping,
@@ -681,8 +743,10 @@ process_policy_constraints(const X509 *x509, size_t *explicit_policy,
681 if (constraints != NULL) { 743 if (constraints != NULL) {
682 if (constraints->requireExplicitPolicy == NULL && 744 if (constraints->requireExplicitPolicy == NULL &&
683 constraints->inhibitPolicyMapping == NULL) { 745 constraints->inhibitPolicyMapping == NULL) {
684 // Per RFC 5280, section 4.2.1.11, at least one of the fields must be 746 /*
685 // present. 747 * Per RFC 5280, section 4.2.1.11, at least one of the
748 * fields must be
749 */
686 X509error(X509_R_INVALID_POLICY_EXTENSION); 750 X509error(X509_R_INVALID_POLICY_EXTENSION);
687 POLICY_CONSTRAINTS_free(constraints); 751 POLICY_CONSTRAINTS_free(constraints);
688 return 0; 752 return 0;
@@ -708,11 +772,13 @@ process_policy_constraints(const X509 *x509, size_t *explicit_policy,
708 return ok; 772 return ok;
709} 773}
710 774
711// has_explicit_policy returns one if the set of authority-space policy OIDs 775/*
712// |levels| has some non-empty intersection with |user_policies|, and zero 776 * has_explicit_policy returns one if the set of authority-space policy OIDs
713// otherwise. This mirrors the logic in RFC 5280, section 6.1.5, step (g). This 777 * |levels| has some non-empty intersection with |user_policies|, and zero
714// function modifies |levels| and should only be called at the end of policy 778 * otherwise. This mirrors the logic in RFC 5280, section 6.1.5, step (g). This
715// evaluation. 779 * function modifies |levels| and should only be called at the end of policy
780 * evaluation.
781 */
716static int 782static int
717has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels, 783has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels,
718 const STACK_OF(ASN1_OBJECT) *user_policies) 784 const STACK_OF(ASN1_OBJECT) *user_policies)
@@ -720,7 +786,7 @@ has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels,
720 assert(user_policies == NULL || 786 assert(user_policies == NULL ||
721 sk_ASN1_OBJECT_is_sorted(user_policies)); 787 sk_ASN1_OBJECT_is_sorted(user_policies));
722 788
723 // Step (g.i). If the policy graph is empty, the intersection is empty. 789 /* Step (g.i). If the policy graph is empty, the intersection is empty. */
724 size_t num_levels = sk_X509_POLICY_LEVEL_num(levels); 790 size_t num_levels = sk_X509_POLICY_LEVEL_num(levels);
725 X509_POLICY_LEVEL *level = sk_X509_POLICY_LEVEL_value(levels, 791 X509_POLICY_LEVEL *level = sk_X509_POLICY_LEVEL_value(levels,
726 num_levels - 1); 792 num_levels - 1);
@@ -728,8 +794,11 @@ has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels,
728 return 0; 794 return 0;
729 } 795 }
730 796
731 // If |user_policies| is empty, we interpret it as having a single anyPolicy 797 /*
732 // value. The caller may also have supplied anyPolicy explicitly. 798 * If |user_policies| is empty, we interpret it as having a single
799 * anyPolicy value. The caller may also have supplied anyPolicy
800 * explicitly.
801 */
733 int user_has_any_policy = sk_ASN1_OBJECT_num(user_policies) == 0; 802 int user_has_any_policy = sk_ASN1_OBJECT_num(user_policies) == 0;
734 for (size_t i = 0; i < sk_ASN1_OBJECT_num(user_policies); i++) { 803 for (size_t i = 0; i < sk_ASN1_OBJECT_num(user_policies); i++) {
735 if (is_any_policy(sk_ASN1_OBJECT_value(user_policies, i))) { 804 if (is_any_policy(sk_ASN1_OBJECT_value(user_policies, i))) {
@@ -738,23 +807,29 @@ has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels,
738 } 807 }
739 } 808 }
740 809
741 // Step (g.ii). If the policy graph is not empty and the user set contains 810 /*
742 // anyPolicy, the intersection is the entire (non-empty) graph. 811 * Step (g.ii). If the policy graph is not empty and the user set
812 * contains anyPolicy, the intersection is the entire (non-empty) graph.
813 */
743 if (user_has_any_policy) { 814 if (user_has_any_policy) {
744 return 1; 815 return 1;
745 } 816 }
746 817
747 // Step (g.iii) does not delete anyPolicy nodes, so if the graph has 818 /*
748 // anyPolicy, some explicit policy will survive. The actual intersection may 819 * Step (g.iii) does not delete anyPolicy nodes, so if the graph has
749 // synthesize some nodes in step (g.iii.3), but we do not return the policy 820 * anyPolicy, some explicit policy will survive. The actual intersection
750 // list itself, so we skip actually computing this. 821 * may synthesize some nodes in step (g.iii.3), but we do not return the
822 * policy list itself, so we skip actually computing this.
823 */
751 if (level->has_any_policy) { 824 if (level->has_any_policy) {
752 return 1; 825 return 1;
753 } 826 }
754 827
755 // We defer pruning the tree, so as we look for nodes with parent anyPolicy, 828 /*
756 // step (g.iii.1), we must limit to nodes reachable from the bottommost level. 829 * We defer pruning the tree, so as we look for nodes with parent
757 // Start by marking each of those nodes as reachable. 830 * anyPolicy, step (g.iii.1), we must limit to nodes reachable from the
831 * bottommost level. Start by marking each of those nodes as reachable.
832 */
758 for (size_t i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) { 833 for (size_t i = 0; i < sk_X509_POLICY_NODE_num(level->nodes); i++) {
759 sk_X509_POLICY_NODE_value(level->nodes, i)->reachable = 1; 834 sk_X509_POLICY_NODE_value(level->nodes, i)->reachable = 1;
760 } 835 }
@@ -769,16 +844,21 @@ has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels,
769 continue; 844 continue;
770 } 845 }
771 if (sk_ASN1_OBJECT_num(node->parent_policies) == 0) { 846 if (sk_ASN1_OBJECT_num(node->parent_policies) == 0) {
772 // |node|'s parent is anyPolicy and is part of "valid_policy_node_set". 847 /*
773 // If it exists in |user_policies|, the intersection is non-empty and we 848 * |node|'s parent is anyPolicy and is part of
774 // can return immediately. 849 * "valid_policy_node_set". If it exists in
850 * |user_policies|, the intersection is
851 * non-empty and we * can return immediately.
852 */
775 if (sk_ASN1_OBJECT_find(user_policies, 853 if (sk_ASN1_OBJECT_find(user_policies,
776 node->policy) >= 0) { 854 node->policy) >= 0) {
777 return 1; 855 return 1;
778 } 856 }
779 } else if (i > 0) { 857 } else if (i > 0) {
780 // |node|'s parents are concrete policies. Mark the parents reachable, 858 /* |node|'s parents are concrete policies. Mark
781 // to be inspected by the next loop iteration. 859 * the parents reachable, to be inspected by the
860 * next loop iteration.
861 */
782 X509_POLICY_LEVEL *prev = sk_X509_POLICY_LEVEL_value(levels, 862 X509_POLICY_LEVEL *prev = sk_X509_POLICY_LEVEL_value(levels,
783 i - 1); 863 i - 1);
784 for (size_t k = 0; k < 864 for (size_t k = 0; k <
@@ -787,8 +867,7 @@ has_explicit_policy(STACK_OF(X509_POLICY_LEVEL) *levels,
787 X509_POLICY_NODE *parent = x509_policy_level_find( 867 X509_POLICY_NODE *parent = x509_policy_level_find(
788 prev, 868 prev,
789 869
790 sk_ASN1_OBJECT_value(node->parent_policies, 870 sk_ASN1_OBJECT_value(node->parent_policies, k));
791 k));
792 if (parent != NULL) { 871 if (parent != NULL) {
793 parent->reachable = 1; 872 parent->reachable = 1;
794 } 873 }
@@ -819,12 +898,12 @@ X509_policy_check(const STACK_OF(X509) *certs,
819 STACK_OF(ASN1_OBJECT) *user_policies_sorted = NULL; 898 STACK_OF(ASN1_OBJECT) *user_policies_sorted = NULL;
820 size_t num_certs = sk_X509_num(certs); 899 size_t num_certs = sk_X509_num(certs);
821 900
822 // Skip policy checking if the chain is just the trust anchor. 901 /* Skip policy checking if the chain is just the trust anchor. */
823 if (num_certs <= 1) { 902 if (num_certs <= 1) {
824 return X509_V_OK; 903 return X509_V_OK;
825 } 904 }
826 905
827 // See RFC 5280, section 6.1.2, steps (d) through (f). 906 /* See RFC 5280, section 6.1.2, steps (d) through (f). */
828 size_t explicit_policy = 907 size_t explicit_policy =
829 (flags & X509_V_FLAG_EXPLICIT_POLICY) ? 0 : num_certs + 1; 908 (flags & X509_V_FLAG_EXPLICIT_POLICY) ? 0 : num_certs + 1;
830 size_t inhibit_any_policy = 909 size_t inhibit_any_policy =
@@ -853,8 +932,10 @@ X509_policy_check(const STACK_OF(X509) *certs,
853 level->has_any_policy = 1; 932 level->has_any_policy = 1;
854 } 933 }
855 934
856 // RFC 5280, section 6.1.3, steps (d) and (e). |any_policy_allowed| is 935 /*
857 // computed as in step (d.2). 936 * RFC 5280, section 6.1.3, steps (d) and (e). |any_policy_allowed|
937 * is computed as in step (d.2).
938 */
858 const int any_policy_allowed = 939 const int any_policy_allowed =
859 inhibit_any_policy > 0 || (i > 0 && is_self_issued); 940 inhibit_any_policy > 0 || (i > 0 && is_self_issued);
860 if (!process_certificate_policies(cert, level, 941 if (!process_certificate_policies(cert, level,
@@ -864,23 +945,25 @@ X509_policy_check(const STACK_OF(X509) *certs,
864 goto err; 945 goto err;
865 } 946 }
866 947
867 // RFC 5280, section 6.1.3, step (f). 948 /* RFC 5280, section 6.1.3, step (f). */
868 if (explicit_policy == 0 && x509_policy_level_is_empty(level)) { 949 if (explicit_policy == 0 && x509_policy_level_is_empty(level)) {
869 ret = X509_V_ERR_NO_EXPLICIT_POLICY; 950 ret = X509_V_ERR_NO_EXPLICIT_POLICY;
870 goto err; 951 goto err;
871 } 952 }
872 953
873 // Insert into the list. 954 /* Insert into the list. */
874 if (!sk_X509_POLICY_LEVEL_push(levels, level)) { 955 if (!sk_X509_POLICY_LEVEL_push(levels, level)) {
875 goto err; 956 goto err;
876 } 957 }
877 X509_POLICY_LEVEL *current_level = level; 958 X509_POLICY_LEVEL *current_level = level;
878 level = NULL; 959 level = NULL;
879 960
880 // If this is not the leaf certificate, we go to section 6.1.4. If it 961 /*
881 // is the leaf certificate, we go to section 6.1.5 instead. 962 * If this is not the leaf certificate, we go to section 6.1.4.
963 * If it is the leaf certificate, we go to section 6.1.5 instead.
964 */
882 if (i != 0) { 965 if (i != 0) {
883 // RFC 5280, section 6.1.4, steps (a) and (b). 966 /* RFC 5280, section 6.1.4, steps (a) and (b). */
884 level = process_policy_mappings(cert, current_level, 967 level = process_policy_mappings(cert, current_level,
885 policy_mapping > 0); 968 policy_mapping > 0);
886 if (level == NULL) { 969 if (level == NULL) {
@@ -890,10 +973,13 @@ X509_policy_check(const STACK_OF(X509) *certs,
890 } 973 }
891 } 974 }
892 975
893 // RFC 5280, section 6.1.4, step (h-j) for non-leaves, and section 6.1.5, 976 /*
894 // step (a-b) for leaves. In the leaf case, RFC 5280 says only to update 977 * RFC 5280, section 6.1.4, step (h-j) for non-leaves, and
895 // |explicit_policy|, but |policy_mapping| and |inhibit_any_policy| are no 978 * section 6.1.5, step (a-b) for leaves. In the leaf case,
896 // longer read at this point, so we use the same process. 979 * RFC 5280 says only to update |explicit_policy|, but
980 * |policy_mapping| and |inhibit_any_policy| are no
981 * longer read at this point, so we use the same process.
982 */
897 if (i == 0 || !is_self_issued) { 983 if (i == 0 || !is_self_issued) {
898 if (explicit_policy > 0) { 984 if (explicit_policy > 0) {
899 explicit_policy--; 985 explicit_policy--;
@@ -913,10 +999,16 @@ X509_policy_check(const STACK_OF(X509) *certs,
913 } 999 }
914 } 1000 }
915 1001
916 // RFC 5280, section 6.1.5, step (g). We do not output the policy set, so it 1002 /*
917 // is only necessary to check if the user-constrained-policy-set is not empty. 1003 * RFC 5280, section 6.1.5, step (g). We do not output the policy set,
1004 * so it is only necessary to check if the user-constrained-policy-set
1005 * is not empty.
1006 */
918 if (explicit_policy == 0) { 1007 if (explicit_policy == 0) {
919 // Build a sorted copy of |user_policies| for more efficient lookup. 1008 /*
1009 * Build a sorted copy of |user_policies| for more efficient
1010 * lookup.
1011 */
920 if (user_policies != NULL) { 1012 if (user_policies != NULL) {
921 user_policies_sorted = sk_ASN1_OBJECT_dup( 1013 user_policies_sorted = sk_ASN1_OBJECT_dup(
922 user_policies); 1014 user_policies);
@@ -938,8 +1030,10 @@ X509_policy_check(const STACK_OF(X509) *certs,
938 1030
939err: 1031err:
940 x509_policy_level_free(level); 1032 x509_policy_level_free(level);
941 // |user_policies_sorted|'s contents are owned by |user_policies|, so we do 1033 /*
942 // not use |sk_ASN1_OBJECT_pop_free|. 1034 * |user_policies_sorted|'s contents are owned by |user_policies|, so
1035 * we do not use |sk_ASN1_OBJECT_pop_free|.
1036 */
943 sk_ASN1_OBJECT_free(user_policies_sorted); 1037 sk_ASN1_OBJECT_free(user_policies_sorted);
944 sk_X509_POLICY_LEVEL_pop_free(levels, x509_policy_level_free); 1038 sk_X509_POLICY_LEVEL_pop_free(levels, x509_policy_level_free);
945 return ret; 1039 return ret;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-08 14:36:01 +0000