1 files changed, 118 insertions, 13 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 2e4d0b823a..e43c861ee7 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -73,7 +73,7 @@
 static int null_callback(int ok,X509_STORE_CTX *e);
 static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer);
 static X509 *find_issuer(X509_STORE_CTX *ctx, STACK_OF(X509) *sk, X509 *x);
-static int check_chain_purpose(X509_STORE_CTX *ctx);
+static int check_chain_extensions(X509_STORE_CTX *ctx);
 static int check_trust(X509_STORE_CTX *ctx);
 static int check_revocation(X509_STORE_CTX *ctx);
 static int check_cert(X509_STORE_CTX *ctx);
@@ -281,7 +281,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
                }
        /* We have the chain complete: now we need to check its purpose */
-        if (ctx->purpose > 0) ok = check_chain_purpose(ctx);
+        ok = check_chain_extensions(ctx);
        if (!ok) goto end;
@@ -365,21 +365,39 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
        else
                return 0;
 }
-        
 /* Check a certificate chains extensions for consistency
 * with the supplied purpose
 */
-static int check_chain_purpose(X509_STORE_CTX *ctx)
+static int check_chain_extensions(X509_STORE_CTX *ctx)
 {
 #ifdef OPENSSL_NO_CHAIN_VERIFY
        return 1;
 #else
-        int i, ok=0;
+        int i, ok=0, must_be_ca;
        X509 *x;
        int (*cb)();
+        int proxy_path_length = 0;
+        int allow_proxy_certs = !!(ctx->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
        cb=ctx->verify_cb;
+        /* must_be_ca can have 1 of 3 values:
+           -1: we accept both CA and non-CA certificates, to allow direct
+               use of self-signed certificates (which are marked as CA).
+           0:  we only accept non-CA certificates.  This is currently not
+               used, but the possibility is present for future extensions.
+           1:  we only accept CA certificates.  This is currently used for
+               all certificates in the chain except the leaf certificate.
+        */
+        must_be_ca = -1;
+        /* A hack to keep people who don't want to modify their software
+           happy */
+        if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
+                allow_proxy_certs = 1;
        /* Check all untrusted certificates */
        for (i = 0; i < ctx->last_untrusted; i++)
                {
@@ -394,23 +412,73 @@ static int check_chain_purpose(X509_STORE_CTX *ctx)
                        ok=cb(0,ctx);
                        if (!ok) goto end;
                        }
-                ret = X509_check_purpose(x, ctx->purpose, i);
+                if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY))
-                if ((ret == 0)
-                         || ((ctx->flags & X509_V_FLAG_X509_STRICT)
-                                && (ret != 1)))
                        {
-                        if (i)
+                        ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
+                        ctx->error_depth = i;
+                        ctx->current_cert = x;
+                        ok=cb(0,ctx);
+                        if (!ok) goto end;
+                        }
+                ret = X509_check_ca(x);
+                switch(must_be_ca)
+                        {
+                case -1:
+                        if ((ctx->flags & X509_V_FLAG_X509_STRICT)
+                                && (ret != 1) && (ret != 0))
+                                {
+                                ret = 0;
                                ctx->error = X509_V_ERR_INVALID_CA;
+                                }
                        else
-                                ctx->error = X509_V_ERR_INVALID_PURPOSE;
+                                ret = 1;
+                        break;
+                case 0:
+                        if (ret != 0)
+                                {
+                                ret = 0;
+                                ctx->error = X509_V_ERR_INVALID_NON_CA;
+                                }
+                        else
+                                ret = 1;
+                        break;
+                default:
+                        if ((ret == 0)
+                                || ((ctx->flags & X509_V_FLAG_X509_STRICT)
+                                        && (ret != 1)))
+                                {
+                                ret = 0;
+                                ctx->error = X509_V_ERR_INVALID_CA;
+                                }
+                        else
+                                ret = 1;
+                        break;
+                        }
+                if (ret == 0)
+                        {
                        ctx->error_depth = i;
                        ctx->current_cert = x;
                        ok=cb(0,ctx);
                        if (!ok) goto end;
                        }
+                if (ctx->purpose > 0)
+                        {
+                        ret = X509_check_purpose(x, ctx->purpose,
+                                must_be_ca > 0);
+                        if ((ret == 0)
+                                || ((ctx->flags & X509_V_FLAG_X509_STRICT)
+                                        && (ret != 1)))
+                                {
+                                ctx->error = X509_V_ERR_INVALID_PURPOSE;
+                                ctx->error_depth = i;
+                                ctx->current_cert = x;
+                                ok=cb(0,ctx);
+                                if (!ok) goto end;
+                                }
+                        }
                /* Check pathlen */
                if ((i > 1) && (x->ex_pathlen != -1)
-                           && (i > (x->ex_pathlen + 1)))
+                           && (i > (x->ex_pathlen + proxy_path_length + 1)))
                        {
                        ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
                        ctx->error_depth = i;
@@ -418,6 +486,32 @@ static int check_chain_purpose(X509_STORE_CTX *ctx)
                        ok=cb(0,ctx);
                        if (!ok) goto end;
                        }
+                /* If this certificate is a proxy certificate, the next
+                   certificate must be another proxy certificate or a EE
+                   certificate.  If not, the next certificate must be a
+                   CA certificate.  */
+                if (x->ex_flags & EXFLAG_PROXY)
+                        {
+                        PROXY_CERT_INFO_EXTENSION *pci =
+                                X509_get_ext_d2i(x, NID_proxyCertInfo,
+                                        NULL, NULL);
+                        if (pci->pcPathLengthConstraint &&
+                                ASN1_INTEGER_get(pci->pcPathLengthConstraint)
+                                < i)
+                                {
+                                PROXY_CERT_INFO_EXTENSION_free(pci);
+                                ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
+                                ctx->error_depth = i;
+                                ctx->current_cert = x;
+                                ok=cb(0,ctx);
+                                if (!ok) goto end;
+                                }
+                        PROXY_CERT_INFO_EXTENSION_free(pci);
+                        proxy_path_length++;
+                        must_be_ca = 0;
+                        }
+                else
+                        must_be_ca = 1;
                }
        ok = 1;
 end:
@@ -627,6 +721,15 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
        X509_EXTENSION *ext;
        /* Look for serial number of certificate in CRL */
        rtmp.serialNumber = X509_get_serialNumber(x);
+        /* Sort revoked into serial number order if not already sorted.
+         * Do this under a lock to avoid race condition.
+         */
+        if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked))
+                {
+                CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
+                sk_X509_REVOKED_sort(crl->crl->revoked);
+                CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
+                }
        idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
        /* If found assume revoked: want something cleverer than
         * this to handle entry extensions in V2 CRLs.
@@ -772,6 +875,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
                        }
                /* The last error (if any) is still in the error value */
+                ctx->current_issuer=xi;
                ctx->current_cert=xs;
                ok=(*cb)(1,ctx);
                if (!ok) goto end;
@@ -851,7 +955,8 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
        atm.length=sizeof(buff2);
        atm.data=(unsigned char *)buff2;
-        X509_time_adj(&atm,-offset*60, cmp_time);
+        if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL)
+                return 0;
        if (ctm->type == V_ASN1_UTCTIME)
                {

diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index 2e4d0b823a..e43c861ee7 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -73,7 +73,7 @@
73	static int null_callback(int ok,X509_STORE_CTX *e);	73	static int null_callback(int ok,X509_STORE_CTX *e);
74	static int check_issued(X509_STORE_CTX ctx, X509 x, X509 *issuer);	74	static int check_issued(X509_STORE_CTX ctx, X509 x, X509 *issuer);
75	static X509 find_issuer(X509_STORE_CTX ctx, STACK_OF(X509) sk, X509 x);	75	static X509 find_issuer(X509_STORE_CTX ctx, STACK_OF(X509) sk, X509 x);
76	static int check_chain_purpose(X509_STORE_CTX *ctx);	76	static int check_chain_extensions(X509_STORE_CTX *ctx);
77	static int check_trust(X509_STORE_CTX *ctx);	77	static int check_trust(X509_STORE_CTX *ctx);
78	static int check_revocation(X509_STORE_CTX *ctx);	78	static int check_revocation(X509_STORE_CTX *ctx);
79	static int check_cert(X509_STORE_CTX *ctx);	79	static int check_cert(X509_STORE_CTX *ctx);
@@ -281,7 +281,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
281	}	281	}
282		282
283	/* We have the chain complete: now we need to check its purpose */	283	/* We have the chain complete: now we need to check its purpose */
284	if (ctx->purpose > 0) ok = check_chain_purpose(ctx);	284	ok = check_chain_extensions(ctx);
285		285
286	if (!ok) goto end;	286	if (!ok) goto end;
287		287
@@ -365,21 +365,39 @@ static int get_issuer_sk(X509 *issuer, X509_STORE_CTX ctx, X509 *x)
365	else	365	else
366	return 0;	366	return 0;
367	}	367	}
368		368
369		369
370	/* Check a certificate chains extensions for consistency	370	/* Check a certificate chains extensions for consistency
371	* with the supplied purpose	371	* with the supplied purpose
372	*/	372	*/
373		373
374	static int check_chain_purpose(X509_STORE_CTX *ctx)	374	static int check_chain_extensions(X509_STORE_CTX *ctx)
375	{	375	{
376	#ifdef OPENSSL_NO_CHAIN_VERIFY	376	#ifdef OPENSSL_NO_CHAIN_VERIFY
377	return 1;	377	return 1;
378	#else	378	#else
379	int i, ok=0;	379	int i, ok=0, must_be_ca;
380	X509 *x;	380	X509 *x;
381	int (*cb)();	381	int (*cb)();
		382	int proxy_path_length = 0;
		383	int allow_proxy_certs = !!(ctx->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
382	cb=ctx->verify_cb;	384	cb=ctx->verify_cb;
		385
		386	/* must_be_ca can have 1 of 3 values:
		387	-1: we accept both CA and non-CA certificates, to allow direct
		388	use of self-signed certificates (which are marked as CA).
		389	0: we only accept non-CA certificates. This is currently not
		390	used, but the possibility is present for future extensions.
		391	1: we only accept CA certificates. This is currently used for
		392	all certificates in the chain except the leaf certificate.
		393	*/
		394	must_be_ca = -1;
		395
		396	/* A hack to keep people who don't want to modify their software
		397	happy */
		398	if (getenv("OPENSSL_ALLOW_PROXY_CERTS"))
		399	allow_proxy_certs = 1;
		400
383	/* Check all untrusted certificates */	401	/* Check all untrusted certificates */
384	for (i = 0; i < ctx->last_untrusted; i++)	402	for (i = 0; i < ctx->last_untrusted; i++)
385	{	403	{
@@ -394,23 +412,73 @@ static int check_chain_purpose(X509_STORE_CTX *ctx)
394	ok=cb(0,ctx);	412	ok=cb(0,ctx);
395	if (!ok) goto end;	413	if (!ok) goto end;
396	}	414	}
397	ret = X509_check_purpose(x, ctx->purpose, i);	415	if (!allow_proxy_certs && (x->ex_flags & EXFLAG_PROXY))
398	if ((ret == 0)
399	\|\| ((ctx->flags & X509_V_FLAG_X509_STRICT)
400	&& (ret != 1)))
401	{	416	{
402	if (i)	417	ctx->error = X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED;
		418	ctx->error_depth = i;
		419	ctx->current_cert = x;
		420	ok=cb(0,ctx);
		421	if (!ok) goto end;
		422	}
		423	ret = X509_check_ca(x);
		424	switch(must_be_ca)
		425	{
		426	case -1:
		427	if ((ctx->flags & X509_V_FLAG_X509_STRICT)
		428	&& (ret != 1) && (ret != 0))
		429	{
		430	ret = 0;
403	ctx->error = X509_V_ERR_INVALID_CA;	431	ctx->error = X509_V_ERR_INVALID_CA;
		432	}
404	else	433	else
405	ctx->error = X509_V_ERR_INVALID_PURPOSE;	434	ret = 1;
		435	break;
		436	case 0:
		437	if (ret != 0)
		438	{
		439	ret = 0;
		440	ctx->error = X509_V_ERR_INVALID_NON_CA;
		441	}
		442	else
		443	ret = 1;
		444	break;
		445	default:
		446	if ((ret == 0)
		447	\|\| ((ctx->flags & X509_V_FLAG_X509_STRICT)
		448	&& (ret != 1)))
		449	{
		450	ret = 0;
		451	ctx->error = X509_V_ERR_INVALID_CA;
		452	}
		453	else
		454	ret = 1;
		455	break;
		456	}
		457	if (ret == 0)
		458	{
406	ctx->error_depth = i;	459	ctx->error_depth = i;
407	ctx->current_cert = x;	460	ctx->current_cert = x;
408	ok=cb(0,ctx);	461	ok=cb(0,ctx);
409	if (!ok) goto end;	462	if (!ok) goto end;
410	}	463	}
		464	if (ctx->purpose > 0)
		465	{
		466	ret = X509_check_purpose(x, ctx->purpose,
		467	must_be_ca > 0);
		468	if ((ret == 0)
		469	\|\| ((ctx->flags & X509_V_FLAG_X509_STRICT)
		470	&& (ret != 1)))
		471	{
		472	ctx->error = X509_V_ERR_INVALID_PURPOSE;
		473	ctx->error_depth = i;
		474	ctx->current_cert = x;
		475	ok=cb(0,ctx);
		476	if (!ok) goto end;
		477	}
		478	}
411	/* Check pathlen */	479	/* Check pathlen */
412	if ((i > 1) && (x->ex_pathlen != -1)	480	if ((i > 1) && (x->ex_pathlen != -1)
413	&& (i > (x->ex_pathlen + 1)))	481	&& (i > (x->ex_pathlen + proxy_path_length + 1)))
414	{	482	{
415	ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;	483	ctx->error = X509_V_ERR_PATH_LENGTH_EXCEEDED;
416	ctx->error_depth = i;	484	ctx->error_depth = i;
@@ -418,6 +486,32 @@ static int check_chain_purpose(X509_STORE_CTX *ctx)
418	ok=cb(0,ctx);	486	ok=cb(0,ctx);
419	if (!ok) goto end;	487	if (!ok) goto end;
420	}	488	}
		489	/* If this certificate is a proxy certificate, the next
		490	certificate must be another proxy certificate or a EE
		491	certificate. If not, the next certificate must be a
		492	CA certificate. */
		493	if (x->ex_flags & EXFLAG_PROXY)
		494	{
		495	PROXY_CERT_INFO_EXTENSION *pci =
		496	X509_get_ext_d2i(x, NID_proxyCertInfo,
		497	NULL, NULL);
		498	if (pci->pcPathLengthConstraint &&
		499	ASN1_INTEGER_get(pci->pcPathLengthConstraint)
		500	< i)
		501	{
		502	PROXY_CERT_INFO_EXTENSION_free(pci);
		503	ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
		504	ctx->error_depth = i;
		505	ctx->current_cert = x;
		506	ok=cb(0,ctx);
		507	if (!ok) goto end;
		508	}
		509	PROXY_CERT_INFO_EXTENSION_free(pci);
		510	proxy_path_length++;
		511	must_be_ca = 0;
		512	}
		513	else
		514	must_be_ca = 1;
421	}	515	}
422	ok = 1;	516	ok = 1;
423	end:	517	end:
@@ -627,6 +721,15 @@ static int cert_crl(X509_STORE_CTX ctx, X509_CRL crl, X509 *x)
627	X509_EXTENSION *ext;	721	X509_EXTENSION *ext;
628	/* Look for serial number of certificate in CRL */	722	/* Look for serial number of certificate in CRL */
629	rtmp.serialNumber = X509_get_serialNumber(x);	723	rtmp.serialNumber = X509_get_serialNumber(x);
		724	/* Sort revoked into serial number order if not already sorted.
		725	* Do this under a lock to avoid race condition.
		726	*/
		727	if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked))
		728	{
		729	CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
		730	sk_X509_REVOKED_sort(crl->crl->revoked);
		731	CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
		732	}
630	idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);	733	idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
631	/* If found assume revoked: want something cleverer than	734	/* If found assume revoked: want something cleverer than
632	* this to handle entry extensions in V2 CRLs.	735	* this to handle entry extensions in V2 CRLs.
@@ -772,6 +875,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
772	}	875	}
773		876
774	/* The last error (if any) is still in the error value */	877	/* The last error (if any) is still in the error value */
		878	ctx->current_issuer=xi;
775	ctx->current_cert=xs;	879	ctx->current_cert=xs;
776	ok=(*cb)(1,ctx);	880	ok=(*cb)(1,ctx);
777	if (!ok) goto end;	881	if (!ok) goto end;
@@ -851,7 +955,8 @@ int X509_cmp_time(ASN1_TIME ctm, time_t cmp_time)
851	atm.length=sizeof(buff2);	955	atm.length=sizeof(buff2);
852	atm.data=(unsigned char *)buff2;	956	atm.data=(unsigned char *)buff2;
853		957
854	X509_time_adj(&atm,-offset*60, cmp_time);	958	if (X509_time_adj(&atm,-offset*60, cmp_time) == NULL)
		959	return 0;
855		960
856	if (ctm->type == V_ASN1_UTCTIME)	961	if (ctm->type == V_ASN1_UTCTIME)
857	{	962	{