2 * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
3 * Free Software Foundation, Inc.
5 * Author: Nikos Mavrogiannopoulos
7 * This file is part of GnuTLS.
9 * The GnuTLS is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public License
11 * as published by the Free Software Foundation; either version 2.1 of
12 * the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
26 #include <gnutls_int.h>
27 #include "gnutls_auth.h"
28 #include "gnutls_errors.h"
29 #include <gnutls_cert.h>
30 #include <auth_cert.h>
31 #include "gnutls_dh.h"
32 #include "gnutls_num.h"
33 #include "gnutls_datum.h"
34 #include <gnutls_pk.h>
35 #include <gnutls_algorithms.h>
36 #include <gnutls_global.h>
37 #include <gnutls_record.h>
38 #include <gnutls_sig.h>
39 #include <gnutls_state.h>
40 #include <gnutls_pk.h>
41 #include <gnutls_str.h>
44 #include <gnutls_x509.h>
45 #include "x509/common.h"
46 #include "x509/x509_int.h"
47 #include "read-file.h"
51 * some x509 certificate parsing functions.
54 /* Check if the number of bits of the key in the certificate
58 check_bits (gnutls_x509_crt_t crt, unsigned int max_bits)
63 ret = gnutls_x509_crt_get_pk_algorithm (crt, &bits);
70 if (bits > max_bits && max_bits > 0)
73 return GNUTLS_E_CONSTRAINT_ERROR;
80 #define CLEAR_CERTS for(x=0;x<peer_certificate_list_size;x++) { \
81 if (peer_certificate_list[x]) \
82 gnutls_x509_crt_deinit(peer_certificate_list[x]); \
84 gnutls_free( peer_certificate_list)
87 * _gnutls_x509_cert_verify_peers - return the peer's certificate status
88 * @session: is a gnutls session
90 * This function will try to verify the peer's certificate and return its status (TRUSTED, REVOKED etc.).
91 * The return value (status) should be one of the gnutls_certificate_status_t enumerated elements.
92 * However you must also check the peer's name in order to check if the verified certificate belongs to the
93 * actual peer. Returns a negative error code in case of an error, or GNUTLS_E_NO_CERTIFICATE_FOUND if no certificate was sent.
96 _gnutls_x509_cert_verify_peers (gnutls_session_t session,
99 cert_auth_info_t info;
100 gnutls_certificate_credentials_t cred;
101 gnutls_x509_crt_t *peer_certificate_list;
102 int peer_certificate_list_size, i, x, ret;
104 CHECK_AUTH (GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
106 info = _gnutls_get_auth_info (session);
110 return GNUTLS_E_INVALID_REQUEST;
113 cred = (gnutls_certificate_credentials_t)
114 _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
118 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
121 if (info->raw_certificate_list == NULL || info->ncerts == 0)
122 return GNUTLS_E_NO_CERTIFICATE_FOUND;
124 if (info->ncerts > cred->verify_depth && cred->verify_depth > 0)
127 return GNUTLS_E_CONSTRAINT_ERROR;
130 /* generate a list of gnutls_certs based on the auth info
133 peer_certificate_list_size = info->ncerts;
134 peer_certificate_list =
135 gnutls_calloc (peer_certificate_list_size, sizeof (gnutls_x509_crt_t));
136 if (peer_certificate_list == NULL)
139 return GNUTLS_E_MEMORY_ERROR;
142 for (i = 0; i < peer_certificate_list_size; i++)
144 ret = gnutls_x509_crt_init (&peer_certificate_list[i]);
153 gnutls_x509_crt_import (peer_certificate_list[i],
154 &info->raw_certificate_list[i],
155 GNUTLS_X509_FMT_DER);
163 ret = check_bits (peer_certificate_list[i], cred->verify_bits);
173 /* Verify certificate
176 ret = gnutls_x509_crt_list_verify (peer_certificate_list,
177 peer_certificate_list_size,
178 cred->x509_ca_list, cred->x509_ncas,
179 cred->x509_crl_list, cred->x509_ncrls,
180 cred->verify_flags | session->internals.
181 priorities.additional_verify_flags,
196 * Read certificates and private keys, from files, memory etc.
199 /* returns error if the certificate has different algorithm than
200 * the given key parameters.
203 _gnutls_check_key_cert_match (gnutls_certificate_credentials_t res)
205 unsigned int pk = res->cert_list[res->ncerts - 1][0].subject_pk_algorithm;
207 if (gnutls_privkey_get_pk_algorithm (res->pkey[res->ncerts - 1], NULL) !=
211 return GNUTLS_E_CERTIFICATE_KEY_MISMATCH;
217 /* Reads a DER encoded certificate list from memory and stores it to a
218 * gnutls_cert structure. Returns the number of certificates parsed.
221 parse_der_cert_mem (gnutls_certificate_credentials_t res,
222 const void *input_cert, int input_cert_size)
225 gnutls_x509_crt_t crt;
229 ccert = gnutls_malloc (sizeof (*ccert));
233 return GNUTLS_E_MEMORY_ERROR;
236 ret = gnutls_x509_crt_init (&crt);
243 tmp.data = (opaque *) input_cert;
244 tmp.size = input_cert_size;
246 ret = gnutls_x509_crt_import (crt, &tmp, GNUTLS_X509_FMT_DER);
250 gnutls_x509_crt_deinit (crt);
254 ret = _gnutls_x509_crt_to_gcert (ccert, crt, 0);
255 gnutls_x509_crt_deinit (crt);
263 ret = certificate_credential_append_crt_list (res, ccert, 1);
277 /* Reads a base64 encoded certificate list from memory and stores it to
278 * a gnutls_cert structure. Returns the number of certificate parsed.
281 parse_pem_cert_mem (gnutls_certificate_credentials_t res,
282 const char *input_cert, int input_cert_size)
289 gnutls_cert *certs = NULL;
291 /* move to the certificate
293 ptr = memmem (input_cert, input_cert_size,
294 PEM_CERT_SEP, sizeof (PEM_CERT_SEP) - 1);
296 ptr = memmem (input_cert, input_cert_size,
297 PEM_CERT_SEP2, sizeof (PEM_CERT_SEP2) - 1);
302 return GNUTLS_E_BASE64_DECODING_ERROR;
304 size = input_cert_size - (ptr - input_cert);
311 siz2 = _gnutls_fbase64_decode (NULL, ptr, size, &ptr2);
315 ret = GNUTLS_E_BASE64_DECODING_ERROR;
319 certs = gnutls_realloc_fast (certs, (count + 1) * sizeof (gnutls_cert));
324 ret = GNUTLS_E_MEMORY_ERROR;
331 ret = _gnutls_x509_raw_cert_to_gcert (&certs[count], &tmp, 0);
338 _gnutls_free_datum (&tmp); /* free ptr2 */
340 /* now we move ptr after the pem header
343 /* find the next certificate (if any)
345 size = input_cert_size - (ptr - input_cert);
351 ptr3 = memmem (ptr, size, PEM_CERT_SEP, sizeof (PEM_CERT_SEP) - 1);
353 ptr3 = memmem (ptr, size, PEM_CERT_SEP2,
354 sizeof (PEM_CERT_SEP2) - 1);
366 ret = certificate_credential_append_crt_list (res, certs, count);
376 for (i=0;i<count;i++)
377 _gnutls_gcert_deinit(&certs[i]);
384 /* Reads a DER or PEM certificate from memory
387 read_cert_mem (gnutls_certificate_credentials_t res, const void *cert,
388 int cert_size, gnutls_x509_crt_fmt_t type)
392 if (type == GNUTLS_X509_FMT_DER)
393 ret = parse_der_cert_mem (res, cert, cert_size);
395 ret = parse_pem_cert_mem (res, cert, cert_size);
407 _gnutls_x509_raw_privkey_to_privkey (gnutls_privkey_t * privkey,
408 const gnutls_datum_t * raw_key,
409 gnutls_x509_crt_fmt_t type)
411 gnutls_x509_privkey_t tmpkey;
414 ret = gnutls_x509_privkey_init (&tmpkey);
421 ret = gnutls_x509_privkey_import (tmpkey, raw_key, type);
425 gnutls_x509_privkey_deinit (tmpkey);
429 ret = gnutls_privkey_init (privkey);
433 gnutls_x509_privkey_deinit (tmpkey);
438 gnutls_privkey_import_x509 (*privkey, tmpkey,
439 GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
443 gnutls_x509_privkey_deinit (tmpkey);
444 gnutls_privkey_deinit (*privkey);
451 /* Reads a PEM encoded PKCS-1 RSA/DSA private key from memory. Type
452 * indicates the certificate format. KEY can be NULL, to indicate
453 * that GnuTLS doesn't know the private key.
456 read_key_mem (gnutls_certificate_credentials_t res,
457 const void *key, int key_size, gnutls_x509_crt_fmt_t type)
461 gnutls_privkey_t privkey;
465 tmp.data = (opaque *) key;
468 ret = _gnutls_x509_raw_privkey_to_privkey (&privkey, &tmp, type);
475 ret = certificate_credentials_append_pkey (res, privkey);
479 gnutls_privkey_deinit (privkey);
487 return GNUTLS_E_INVALID_REQUEST;
496 /* Reads a private key from a token.
499 read_key_url (gnutls_certificate_credentials_t res, const char *url)
502 gnutls_pkcs11_privkey_t key1 = NULL;
503 gnutls_privkey_t pkey = NULL;
505 /* allocate space for the pkey list
508 ret = gnutls_pkcs11_privkey_init (&key1);
515 ret = gnutls_pkcs11_privkey_import_url (key1, url, 0);
522 ret = gnutls_privkey_init (&pkey);
530 gnutls_privkey_import_pkcs11 (pkey, key1,
531 GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE);
538 ret = certificate_credentials_append_pkey (res, pkey);
549 gnutls_privkey_deinit (pkey);
552 gnutls_pkcs11_privkey_deinit (key1);
557 /* Reads a private key from a token.
560 read_cas_url (gnutls_certificate_credentials_t res, const char *url)
563 gnutls_x509_crt_t *xcrt_list = NULL;
564 gnutls_pkcs11_obj_t *pcrt_list = NULL;
565 unsigned int pcrt_list_size = 0;
567 /* FIXME: should we use login? */
569 gnutls_pkcs11_obj_list_import_url (NULL, &pcrt_list_size, url,
570 GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, 0);
571 if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
577 if (pcrt_list_size == 0)
583 pcrt_list = gnutls_malloc (sizeof (*pcrt_list) * pcrt_list_size);
584 if (pcrt_list == NULL)
587 return GNUTLS_E_MEMORY_ERROR;
591 gnutls_pkcs11_obj_list_import_url (pcrt_list, &pcrt_list_size, url,
592 GNUTLS_PKCS11_OBJ_ATTR_CRT_TRUSTED, 0);
599 xcrt_list = gnutls_malloc (sizeof (*xcrt_list) * pcrt_list_size);
600 if (xcrt_list == NULL)
603 ret = GNUTLS_E_MEMORY_ERROR;
608 gnutls_x509_crt_list_import_pkcs11 (xcrt_list, pcrt_list_size, pcrt_list,
610 if (xcrt_list == NULL)
613 ret = GNUTLS_E_MEMORY_ERROR;
617 res->x509_ca_list = xcrt_list;
618 res->x509_ncas = pcrt_list_size;
620 gnutls_free (pcrt_list);
622 return pcrt_list_size;
625 gnutls_free (xcrt_list);
626 gnutls_free (pcrt_list);
633 /* Reads a private key from a token.
636 read_cert_url (gnutls_certificate_credentials_t res, const char *url)
639 gnutls_x509_crt_t crt;
642 ccert = gnutls_malloc (sizeof (*ccert));
646 return GNUTLS_E_MEMORY_ERROR;
649 ret = gnutls_x509_crt_init (&crt);
657 ret = gnutls_x509_crt_import_pkcs11_url (crt, url, 0);
658 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
660 gnutls_x509_crt_import_pkcs11_url (crt, url,
661 GNUTLS_PKCS11_OBJ_FLAG_LOGIN);
667 gnutls_x509_crt_deinit (crt);
671 ret = _gnutls_x509_crt_to_gcert (ccert, crt, 0);
672 gnutls_x509_crt_deinit (crt);
681 ret = certificate_credential_append_crt_list (res, ccert, 1);
693 #endif /* ENABLE_PKCS11 */
695 /* Reads a certificate file
698 read_cert_file (gnutls_certificate_credentials_t res,
699 const char *certfile, gnutls_x509_crt_fmt_t type)
706 if (strncmp (certfile, "pkcs11:", 7) == 0)
708 return read_cert_url (res, certfile);
710 #endif /* ENABLE_PKCS11 */
712 data = read_binary_file (certfile, &size);
717 return GNUTLS_E_FILE_ERROR;
720 ret = read_cert_mem (res, data, size, type);
729 /* Reads PKCS-1 RSA private key file or a DSA file (in the format openssl
733 read_key_file (gnutls_certificate_credentials_t res,
734 const char *keyfile, gnutls_x509_crt_fmt_t type)
741 if (strncmp (keyfile, "pkcs11:", 7) == 0)
743 return read_key_url (res, keyfile);
745 #endif /* ENABLE_PKCS11 */
747 data = read_binary_file (keyfile, &size);
752 return GNUTLS_E_FILE_ERROR;
755 ret = read_key_mem (res, data, size, type);
762 * gnutls_certificate_set_x509_key_mem:
763 * @res: is a #gnutls_certificate_credentials_t structure.
764 * @cert: contains a certificate list (path) for the specified private key
765 * @key: is the private key, or %NULL
766 * @type: is PEM or DER
768 * This function sets a certificate/private key pair in the
769 * gnutls_certificate_credentials_t structure. This function may be called
770 * more than once (in case multiple keys/certificates exist for the
773 * Currently are supported: RSA PKCS-1 encoded private keys,
776 * DSA private keys are encoded the OpenSSL way, which is an ASN.1
777 * DER sequence of 6 INTEGERs - version, p, q, g, pub, priv.
779 * Note that the keyUsage (2.5.29.15) PKIX extension in X.509 certificates
780 * is supported. This means that certificates intended for signing cannot
781 * be used for ciphersuites that require encryption.
783 * If the certificate and the private key are given in PEM encoding
784 * then the strings that hold their values must be null terminated.
786 * The @key may be %NULL if you are using a sign callback, see
787 * gnutls_sign_callback_set().
789 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
792 gnutls_certificate_set_x509_key_mem (gnutls_certificate_credentials_t res,
793 const gnutls_datum_t * cert,
794 const gnutls_datum_t * key,
795 gnutls_x509_crt_fmt_t type)
799 /* this should be first
801 if ((ret = read_key_mem (res, key ? key->data : NULL,
802 key ? key->size : 0, type)) < 0)
805 if ((ret = read_cert_mem (res, cert->data, cert->size, type)) < 0)
810 if (key && (ret = _gnutls_check_key_cert_match (res)) < 0)
819 static int check_if_sorted(gnutls_cert * crt, int nr)
821 gnutls_x509_crt_t x509;
822 char prev_dn[MAX_DN];
824 size_t prev_dn_size, dn_size;
827 /* check if the X.509 list is ordered */
828 if (nr > 1 && crt[0].cert_type == GNUTLS_CRT_X509)
833 ret = gnutls_x509_crt_init(&x509);
835 return gnutls_assert_val(ret);
837 ret = gnutls_x509_crt_import(x509, &crt[i].raw, GNUTLS_X509_FMT_DER);
840 ret = gnutls_assert_val(ret);
846 dn_size = sizeof(dn);
847 ret = gnutls_x509_crt_get_dn(x509, dn, &dn_size);
850 ret = gnutls_assert_val(ret);
854 if (dn_size != prev_dn_size || memcmp(dn, prev_dn, dn_size) != 0)
856 ret = gnutls_assert_val(GNUTLS_E_CERTIFICATE_LIST_UNSORTED);
861 prev_dn_size = sizeof(prev_dn);
862 ret = gnutls_x509_crt_get_issuer_dn(x509, prev_dn, &prev_dn_size);
865 ret = gnutls_assert_val(ret);
869 gnutls_x509_crt_deinit(x509);
876 gnutls_x509_crt_deinit(x509);
881 certificate_credential_append_crt_list (gnutls_certificate_credentials_t res,
882 gnutls_cert * crt, int nr)
886 ret = check_if_sorted(crt, nr);
888 return gnutls_assert_val(ret);
890 res->cert_list = gnutls_realloc_fast (res->cert_list,
893 sizeof (gnutls_cert *));
894 if (res->cert_list == NULL)
897 return GNUTLS_E_MEMORY_ERROR;
900 res->cert_list_length = gnutls_realloc_fast (res->cert_list_length,
902 res->ncerts) * sizeof (int));
903 if (res->cert_list_length == NULL)
906 return GNUTLS_E_MEMORY_ERROR;
909 res->cert_list[res->ncerts] = crt;
910 res->cert_list_length[res->ncerts] = nr;
917 certificate_credentials_append_pkey (gnutls_certificate_credentials_t res,
918 gnutls_privkey_t pkey)
920 res->pkey = gnutls_realloc_fast (res->pkey,
922 sizeof (gnutls_privkey_t));
923 if (res->pkey == NULL)
926 return GNUTLS_E_MEMORY_ERROR;
928 res->pkey[res->ncerts] = pkey;
934 * gnutls_certificate_set_x509_key:
935 * @res: is a #gnutls_certificate_credentials_t structure.
936 * @cert_list: contains a certificate list (path) for the specified private key
937 * @cert_list_size: holds the size of the certificate list
938 * @key: is a gnutls_x509_privkey_t key
940 * This function sets a certificate/private key pair in the
941 * gnutls_certificate_credentials_t structure. This function may be
942 * called more than once (in case multiple keys/certificates exist for
943 * the server). For clients that wants to send more than its own end
944 * entity certificate (e.g., also an intermediate CA cert) then put
945 * the certificate chain in @cert_list.
949 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
954 gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res,
955 gnutls_x509_crt_t * cert_list,
957 gnutls_x509_privkey_t key)
960 gnutls_privkey_t pkey;
961 gnutls_cert *pcerts = NULL;
963 /* this should be first
965 ret = gnutls_privkey_init (&pkey);
972 ret = gnutls_privkey_import_x509 (pkey, key, GNUTLS_PRIVKEY_IMPORT_COPY);
979 ret = certificate_credentials_append_pkey (res, pkey);
986 /* load certificates */
987 pcerts = gnutls_malloc (sizeof (gnutls_cert) * cert_list_size);
991 return GNUTLS_E_MEMORY_ERROR;
994 for (i = 0; i < cert_list_size; i++)
996 ret = _gnutls_x509_crt_to_gcert (&pcerts[i], cert_list[i], 0);
1004 ret = certificate_credential_append_crt_list (res, pcerts, cert_list_size);
1013 if ((ret = _gnutls_check_key_cert_match (res)) < 0)
1023 * gnutls_certificate_set_x509_key_file:
1024 * @res: is a #gnutls_certificate_credentials_t structure.
1025 * @certfile: is a file that containing the certificate list (path) for
1026 * the specified private key, in PKCS7 format, or a list of certificates
1027 * @keyfile: is a file that contains the private key
1028 * @type: is PEM or DER
1030 * This function sets a certificate/private key pair in the
1031 * gnutls_certificate_credentials_t structure. This function may be
1032 * called more than once (in case multiple keys/certificates exist for
1033 * the server). For clients that wants to send more than its own end
1034 * entity certificate (e.g., also an intermediate CA cert) then put
1035 * the certificate chain in @certfile.
1037 * Currently only PKCS-1 encoded RSA and DSA private keys are accepted by
1040 * This function can also accept PKCS #11 URLs. In that case it
1041 * will import the private key and certificate indicated by the urls.
1043 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
1046 gnutls_certificate_set_x509_key_file (gnutls_certificate_credentials_t res,
1047 const char *certfile,
1048 const char *keyfile,
1049 gnutls_x509_crt_fmt_t type)
1053 /* this should be first
1055 if ((ret = read_key_file (res, keyfile, type)) < 0)
1058 if ((ret = read_cert_file (res, certfile, type)) < 0)
1063 if ((ret = _gnutls_check_key_cert_match (res)) < 0)
1073 add_new_crt_to_rdn_seq (gnutls_certificate_credentials_t res, int new)
1078 unsigned char *newdata;
1081 /* Add DN of the last added CAs to the RDN sequence
1082 * This will be sent to clients when a certificate
1083 * request message is sent.
1086 /* FIXME: in case of a client it is not needed
1087 * to do that. This would save time and memory.
1088 * However we don't have that information available
1090 * Further, this function is now much more efficient,
1091 * so optimizing that is less important.
1094 for (i = res->x509_ncas - new; i < res->x509_ncas; i++)
1096 if ((ret = gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0)
1102 newsize = res->x509_rdn_sequence.size + 2 + tmp.size;
1103 if (newsize < res->x509_rdn_sequence.size)
1106 _gnutls_free_datum (&tmp);
1107 return GNUTLS_E_SHORT_MEMORY_BUFFER;
1110 newdata = gnutls_realloc (res->x509_rdn_sequence.data, newsize);
1111 if (newdata == NULL)
1114 _gnutls_free_datum (&tmp);
1115 return GNUTLS_E_MEMORY_ERROR;
1118 _gnutls_write_datum16 (newdata + res->x509_rdn_sequence.size, tmp);
1119 _gnutls_free_datum (&tmp);
1121 res->x509_rdn_sequence.size = newsize;
1122 res->x509_rdn_sequence.data = newdata;
1128 /* Returns 0 if it's ok to use the gnutls_kx_algorithm_t with this
1129 * certificate (uses the KeyUsage field).
1132 _gnutls_check_key_usage (const gnutls_cert * cert, gnutls_kx_algorithm_t alg)
1134 unsigned int key_usage = 0;
1140 return GNUTLS_E_INTERNAL_ERROR;
1143 if (_gnutls_map_kx_get_cred (alg, 1) == GNUTLS_CRD_CERTIFICATE ||
1144 _gnutls_map_kx_get_cred (alg, 0) == GNUTLS_CRD_CERTIFICATE)
1147 key_usage = cert->key_usage;
1149 encipher_type = _gnutls_kx_encipher_type (alg);
1151 if (key_usage != 0 && encipher_type != CIPHER_IGN)
1153 /* If key_usage has been set in the certificate
1156 if (encipher_type == CIPHER_ENCRYPT)
1158 /* If the key exchange method requires an encipher
1159 * type algorithm, and key's usage does not permit
1160 * encipherment, then fail.
1162 if (!(key_usage & GNUTLS_KEY_KEY_ENCIPHERMENT))
1165 return GNUTLS_E_KEY_USAGE_VIOLATION;
1169 if (encipher_type == CIPHER_SIGN)
1171 /* The same as above, but for sign only keys
1173 if (!(key_usage & GNUTLS_KEY_DIGITAL_SIGNATURE))
1176 return GNUTLS_E_KEY_USAGE_VIOLATION;
1187 parse_pem_ca_mem (gnutls_x509_crt_t ** cert_list, unsigned *ncerts,
1188 const opaque * input_cert, int input_cert_size)
1195 /* move to the certificate
1197 ptr = memmem (input_cert, input_cert_size,
1198 PEM_CERT_SEP, sizeof (PEM_CERT_SEP) - 1);
1200 ptr = memmem (input_cert, input_cert_size,
1201 PEM_CERT_SEP2, sizeof (PEM_CERT_SEP2) - 1);
1204 return gnutls_assert_val(GNUTLS_E_NO_CERTIFICATE_FOUND);
1206 size = input_cert_size - (ptr - input_cert);
1215 (gnutls_x509_crt_t *) gnutls_realloc_fast (*cert_list,
1218 (gnutls_x509_crt_t));
1220 if (*cert_list == NULL)
1223 return GNUTLS_E_MEMORY_ERROR;
1226 ret = gnutls_x509_crt_init (&cert_list[0][i - 1]);
1233 tmp.data = (opaque *) ptr;
1237 gnutls_x509_crt_import (cert_list[0][i - 1],
1238 &tmp, GNUTLS_X509_FMT_PEM);
1245 /* now we move ptr after the pem header
1249 /* find the next certificate (if any)
1256 ptr3 = memmem (ptr, size, PEM_CERT_SEP, sizeof (PEM_CERT_SEP) - 1);
1258 ptr3 = memmem (ptr, size,
1259 PEM_CERT_SEP2, sizeof (PEM_CERT_SEP2) - 1);
1262 size = input_cert_size - (ptr - input_cert);
1271 while (ptr != NULL);
1278 /* Reads a DER encoded certificate list from memory and stores it to a
1279 * gnutls_cert structure. Returns the number of certificates parsed.
1282 parse_der_ca_mem (gnutls_x509_crt_t ** cert_list, unsigned *ncerts,
1283 const void *input_cert, int input_cert_size)
1292 (gnutls_x509_crt_t *) gnutls_realloc_fast (*cert_list,
1294 sizeof (gnutls_x509_crt_t));
1296 if (*cert_list == NULL)
1299 return GNUTLS_E_MEMORY_ERROR;
1302 tmp.data = (opaque *) input_cert;
1303 tmp.size = input_cert_size;
1305 ret = gnutls_x509_crt_init (&cert_list[0][i - 1]);
1313 gnutls_x509_crt_import (cert_list[0][i - 1], &tmp, GNUTLS_X509_FMT_DER);
1322 return 1; /* one certificate parsed */
1326 * gnutls_certificate_set_x509_trust_mem:
1327 * @res: is a #gnutls_certificate_credentials_t structure.
1328 * @ca: is a list of trusted CAs or a DER certificate
1329 * @type: is DER or PEM
1331 * This function adds the trusted CAs in order to verify client or
1332 * server certificates. In case of a client this is not required to be
1333 * called if the certificates are not verified using
1334 * gnutls_certificate_verify_peers2(). This function may be called
1337 * In case of a server the CAs set here will be sent to the client if
1338 * a certificate request is sent. This can be disabled using
1339 * gnutls_certificate_send_x509_rdn_sequence().
1341 * Returns: the number of certificates processed or a negative value
1345 gnutls_certificate_set_x509_trust_mem (gnutls_certificate_credentials_t res,
1346 const gnutls_datum_t * ca,
1347 gnutls_x509_crt_fmt_t type)
1351 if (type == GNUTLS_X509_FMT_DER)
1352 ret = parse_der_ca_mem (&res->x509_ca_list, &res->x509_ncas,
1353 ca->data, ca->size);
1355 ret = parse_pem_ca_mem (&res->x509_ca_list, &res->x509_ncas,
1356 ca->data, ca->size);
1358 if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND)
1361 if ((ret2 = add_new_crt_to_rdn_seq (res, ret)) < 0)
1368 * gnutls_certificate_set_x509_trust:
1369 * @res: is a #gnutls_certificate_credentials_t structure.
1370 * @ca_list: is a list of trusted CAs
1371 * @ca_list_size: holds the size of the CA list
1373 * This function adds the trusted CAs in order to verify client
1374 * or server certificates. In case of a client this is not required
1375 * to be called if the certificates are not verified using
1376 * gnutls_certificate_verify_peers2().
1377 * This function may be called multiple times.
1379 * In case of a server the CAs set here will be sent to the client if
1380 * a certificate request is sent. This can be disabled using
1381 * gnutls_certificate_send_x509_rdn_sequence().
1383 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
1388 gnutls_certificate_set_x509_trust (gnutls_certificate_credentials_t res,
1389 gnutls_x509_crt_t * ca_list,
1394 res->x509_ca_list = gnutls_realloc_fast (res->x509_ca_list,
1397 sizeof (gnutls_x509_crt_t));
1398 if (res->x509_ca_list == NULL)
1401 return GNUTLS_E_MEMORY_ERROR;
1404 for (i = 0; i < ca_list_size; i++)
1406 ret = gnutls_x509_crt_init (&res->x509_ca_list[res->x509_ncas]);
1413 ret = _gnutls_x509_crt_cpy (res->x509_ca_list[res->x509_ncas],
1418 gnutls_x509_crt_deinit (res->x509_ca_list[res->x509_ncas]);
1424 if ((ret2 = add_new_crt_to_rdn_seq (res, ca_list_size)) < 0)
1431 * gnutls_certificate_set_x509_trust_file:
1432 * @res: is a #gnutls_certificate_credentials_t structure.
1433 * @cafile: is a file containing the list of trusted CAs (DER or PEM list)
1434 * @type: is PEM or DER
1436 * This function adds the trusted CAs in order to verify client or
1437 * server certificates. In case of a client this is not required to
1438 * be called if the certificates are not verified using
1439 * gnutls_certificate_verify_peers2(). This function may be called
1442 * In case of a server the names of the CAs set here will be sent to
1443 * the client if a certificate request is sent. This can be disabled
1444 * using gnutls_certificate_send_x509_rdn_sequence().
1446 * This function can also accept PKCS #11 URLs. In that case it
1447 * will import all certificates that are marked as trusted.
1449 * Returns: number of certificates processed, or a negative value on
1453 gnutls_certificate_set_x509_trust_file (gnutls_certificate_credentials_t res,
1455 gnutls_x509_crt_fmt_t type)
1461 #ifdef ENABLE_PKCS11
1462 if (strncmp (cafile, "pkcs11:", 7) == 0)
1464 return read_cas_url (res, cafile);
1468 cas.data = read_binary_file (cafile, &size);
1469 if (cas.data == NULL)
1472 return GNUTLS_E_FILE_ERROR;
1476 ret = gnutls_certificate_set_x509_trust_mem (res, &cas, type);
1486 if ((ret2 = add_new_crt_to_rdn_seq (res, ret)) < 0)
1495 parse_pem_crl_mem (gnutls_x509_crl_t ** crl_list, unsigned *ncrls,
1496 const opaque * input_crl, int input_crl_size)
1503 /* move to the certificate
1505 ptr = memmem (input_crl, input_crl_size,
1506 PEM_CRL_SEP, sizeof (PEM_CRL_SEP) - 1);
1510 return GNUTLS_E_BASE64_DECODING_ERROR;
1513 size = input_crl_size - (ptr - input_crl);
1522 (gnutls_x509_crl_t *) gnutls_realloc_fast (*crl_list,
1525 (gnutls_x509_crl_t));
1527 if (*crl_list == NULL)
1530 return GNUTLS_E_MEMORY_ERROR;
1533 ret = gnutls_x509_crl_init (&crl_list[0][i - 1]);
1540 tmp.data = (char *) ptr;
1544 gnutls_x509_crl_import (crl_list[0][i - 1],
1545 &tmp, GNUTLS_X509_FMT_PEM);
1552 /* now we move ptr after the pem header
1555 /* find the next certificate (if any)
1558 size = input_crl_size - (ptr - input_crl);
1561 ptr = memmem (ptr, size, PEM_CRL_SEP, sizeof (PEM_CRL_SEP) - 1);
1568 while (ptr != NULL);
1575 /* Reads a DER encoded certificate list from memory and stores it to a
1576 * gnutls_cert structure. Returns the number of certificates parsed.
1579 parse_der_crl_mem (gnutls_x509_crl_t ** crl_list, unsigned *ncrls,
1580 const void *input_crl, int input_crl_size)
1589 (gnutls_x509_crl_t *) gnutls_realloc_fast (*crl_list,
1591 sizeof (gnutls_x509_crl_t));
1593 if (*crl_list == NULL)
1596 return GNUTLS_E_MEMORY_ERROR;
1599 tmp.data = (opaque *) input_crl;
1600 tmp.size = input_crl_size;
1602 ret = gnutls_x509_crl_init (&crl_list[0][i - 1]);
1610 gnutls_x509_crl_import (crl_list[0][i - 1], &tmp, GNUTLS_X509_FMT_DER);
1619 return 1; /* one certificate parsed */
1623 /* Reads a DER or PEM CRL from memory
1626 read_crl_mem (gnutls_certificate_credentials_t res, const void *crl,
1627 int crl_size, gnutls_x509_crt_fmt_t type)
1631 /* allocate space for the certificate to add
1633 res->x509_crl_list = gnutls_realloc_fast (res->x509_crl_list,
1636 sizeof (gnutls_x509_crl_t));
1637 if (res->x509_crl_list == NULL)
1640 return GNUTLS_E_MEMORY_ERROR;
1643 if (type == GNUTLS_X509_FMT_DER)
1644 ret = parse_der_crl_mem (&res->x509_crl_list,
1645 &res->x509_ncrls, crl, crl_size);
1647 ret = parse_pem_crl_mem (&res->x509_crl_list,
1648 &res->x509_ncrls, crl, crl_size);
1660 * gnutls_certificate_set_x509_crl_mem:
1661 * @res: is a #gnutls_certificate_credentials_t structure.
1662 * @CRL: is a list of trusted CRLs. They should have been verified before.
1663 * @type: is DER or PEM
1665 * This function adds the trusted CRLs in order to verify client or
1666 * server certificates. In case of a client this is not required to
1667 * be called if the certificates are not verified using
1668 * gnutls_certificate_verify_peers2(). This function may be called
1671 * Returns: number of CRLs processed, or a negative value on error.
1674 gnutls_certificate_set_x509_crl_mem (gnutls_certificate_credentials_t res,
1675 const gnutls_datum_t * CRL,
1676 gnutls_x509_crt_fmt_t type)
1680 if ((ret = read_crl_mem (res, CRL->data, CRL->size, type)) < 0)
1687 * gnutls_certificate_set_x509_crl:
1688 * @res: is a #gnutls_certificate_credentials_t structure.
1689 * @crl_list: is a list of trusted CRLs. They should have been verified before.
1690 * @crl_list_size: holds the size of the crl_list
1692 * This function adds the trusted CRLs in order to verify client or
1693 * server certificates. In case of a client this is not required to
1694 * be called if the certificates are not verified using
1695 * gnutls_certificate_verify_peers2(). This function may be called
1698 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
1703 gnutls_certificate_set_x509_crl (gnutls_certificate_credentials_t res,
1704 gnutls_x509_crl_t * crl_list,
1709 res->x509_crl_list = gnutls_realloc_fast (res->x509_crl_list,
1712 sizeof (gnutls_x509_crl_t));
1713 if (res->x509_crl_list == NULL)
1716 return GNUTLS_E_MEMORY_ERROR;
1719 for (i = 0; i < crl_list_size; i++)
1721 ret = gnutls_x509_crl_init (&res->x509_crl_list[res->x509_ncrls]);
1728 ret = _gnutls_x509_crl_cpy (res->x509_crl_list[res->x509_ncrls],
1742 * gnutls_certificate_set_x509_crl_file:
1743 * @res: is a #gnutls_certificate_credentials_t structure.
1744 * @crlfile: is a file containing the list of verified CRLs (DER or PEM list)
1745 * @type: is PEM or DER
1747 * This function adds the trusted CRLs in order to verify client or server
1748 * certificates. In case of a client this is not required
1749 * to be called if the certificates are not verified using
1750 * gnutls_certificate_verify_peers2().
1751 * This function may be called multiple times.
1753 * Returns: number of CRLs processed or a negative value on error.
1756 gnutls_certificate_set_x509_crl_file (gnutls_certificate_credentials_t res,
1757 const char *crlfile,
1758 gnutls_x509_crt_fmt_t type)
1762 char *data = read_binary_file (crlfile, &size);
1767 return GNUTLS_E_FILE_ERROR;
1770 if (type == GNUTLS_X509_FMT_DER)
1771 ret = parse_der_crl_mem (&res->x509_crl_list, &res->x509_ncrls,
1774 ret = parse_pem_crl_mem (&res->x509_crl_list, &res->x509_ncrls,
1788 #include <gnutls/pkcs12.h>
1791 parse_pkcs12 (gnutls_certificate_credentials_t res,
1792 gnutls_pkcs12_t p12,
1793 const char *password,
1794 gnutls_x509_privkey_t * key,
1795 gnutls_x509_crt_t * cert, gnutls_x509_crl_t * crl)
1797 gnutls_pkcs12_bag_t bag = NULL;
1800 size_t cert_id_size = 0;
1801 size_t key_id_size = 0;
1810 /* find the first private key */
1813 int elements_in_bag;
1816 ret = gnutls_pkcs12_bag_init (&bag);
1824 ret = gnutls_pkcs12_get_bag (p12, idx, bag);
1825 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1833 ret = gnutls_pkcs12_bag_get_type (bag, 0);
1840 if (ret == GNUTLS_BAG_ENCRYPTED)
1842 ret = gnutls_pkcs12_bag_decrypt (bag, password);
1850 elements_in_bag = gnutls_pkcs12_bag_get_count (bag);
1851 if (elements_in_bag < 0)
1857 for (i = 0; i < elements_in_bag; i++)
1860 gnutls_datum_t data;
1862 type = gnutls_pkcs12_bag_get_type (bag, i);
1869 ret = gnutls_pkcs12_bag_get_data (bag, i, &data);
1878 case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
1879 case GNUTLS_BAG_PKCS8_KEY:
1880 if (*key != NULL) /* too simple to continue */
1886 ret = gnutls_x509_privkey_init (key);
1893 ret = gnutls_x509_privkey_import_pkcs8
1894 (*key, &data, GNUTLS_X509_FMT_DER, password,
1895 type == GNUTLS_BAG_PKCS8_KEY ? GNUTLS_PKCS_PLAIN : 0);
1899 gnutls_x509_privkey_deinit (*key);
1903 key_id_size = sizeof (key_id);
1905 gnutls_x509_privkey_get_key_id (*key, 0, key_id,
1910 gnutls_x509_privkey_deinit (*key);
1914 privkey_ok = 1; /* break */
1922 gnutls_pkcs12_bag_deinit (bag);
1924 if (privkey_ok != 0) /* private key was found */
1928 if (privkey_ok == 0) /* no private key */
1931 return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
1934 /* now find the corresponding certificate
1940 int elements_in_bag;
1943 ret = gnutls_pkcs12_bag_init (&bag);
1951 ret = gnutls_pkcs12_get_bag (p12, idx, bag);
1952 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1960 ret = gnutls_pkcs12_bag_get_type (bag, 0);
1967 if (ret == GNUTLS_BAG_ENCRYPTED)
1969 ret = gnutls_pkcs12_bag_decrypt (bag, password);
1977 elements_in_bag = gnutls_pkcs12_bag_get_count (bag);
1978 if (elements_in_bag < 0)
1984 for (i = 0; i < elements_in_bag; i++)
1987 gnutls_datum_t data;
1989 type = gnutls_pkcs12_bag_get_type (bag, i);
1996 ret = gnutls_pkcs12_bag_get_data (bag, i, &data);
2005 case GNUTLS_BAG_CERTIFICATE:
2006 if (*cert != NULL) /* no need to set it again */
2012 ret = gnutls_x509_crt_init (cert);
2020 gnutls_x509_crt_import (*cert, &data, GNUTLS_X509_FMT_DER);
2024 gnutls_x509_crt_deinit (*cert);
2028 /* check if the key id match */
2029 cert_id_size = sizeof (cert_id);
2031 gnutls_x509_crt_get_key_id (*cert, 0, cert_id, &cert_id_size);
2035 gnutls_x509_crt_deinit (*cert);
2039 if (memcmp (cert_id, key_id, cert_id_size) != 0)
2040 { /* they don't match - skip the certificate */
2041 gnutls_x509_crt_deinit (*cert);
2046 case GNUTLS_BAG_CRL:
2053 ret = gnutls_x509_crl_init (crl);
2060 ret = gnutls_x509_crl_import (*crl, &data, GNUTLS_X509_FMT_DER);
2064 gnutls_x509_crl_deinit (*crl);
2069 case GNUTLS_BAG_ENCRYPTED:
2070 /* XXX Bother to recurse one level down? Unlikely to
2071 use the same password anyway. */
2072 case GNUTLS_BAG_EMPTY:
2079 gnutls_pkcs12_bag_deinit (bag);
2086 gnutls_pkcs12_bag_deinit (bag);
2092 * gnutls_certificate_set_x509_simple_pkcs12_file:
2093 * @res: is a #gnutls_certificate_credentials_t structure.
2094 * @pkcs12file: filename of file containing PKCS#12 blob.
2095 * @type: is PEM or DER of the @pkcs12file.
2096 * @password: optional password used to decrypt PKCS#12 file, bags and keys.
2098 * This function sets a certificate/private key pair and/or a CRL in
2099 * the gnutls_certificate_credentials_t structure. This function may
2100 * be called more than once (in case multiple keys/certificates exist
2103 * MAC:ed PKCS#12 files are supported. Encrypted PKCS#12 bags are
2104 * supported. Encrypted PKCS#8 private keys are supported. However,
2105 * only password based security, and the same password for all
2106 * operations, are supported.
2108 * The private keys may be RSA PKCS#1 or DSA private keys encoded in
2111 * PKCS#12 file may contain many keys and/or certificates, and there
2112 * is no way to identify which key/certificate pair you want. You
2113 * should make sure the PKCS#12 file only contain one key/certificate
2114 * pair and/or one CRL.
2116 * It is believed that the limitations of this function is acceptable
2117 * for most usage, and that any more flexibility would introduce
2118 * complexity that would make it harder to use this functionality at
2121 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
2124 gnutls_certificate_set_x509_simple_pkcs12_file
2125 (gnutls_certificate_credentials_t res, const char *pkcs12file,
2126 gnutls_x509_crt_fmt_t type, const char *password)
2128 gnutls_datum_t p12blob;
2132 p12blob.data = read_binary_file (pkcs12file, &size);
2133 p12blob.size = (unsigned int) size;
2134 if (p12blob.data == NULL)
2137 return GNUTLS_E_FILE_ERROR;
2141 gnutls_certificate_set_x509_simple_pkcs12_mem (res, &p12blob, type,
2143 free (p12blob.data);
2149 * gnutls_certificate_set_x509_simple_pkcs12_mem:
2150 * @res: is a #gnutls_certificate_credentials_t structure.
2151 * @p12blob: the PKCS#12 blob.
2152 * @type: is PEM or DER of the @pkcs12file.
2153 * @password: optional password used to decrypt PKCS#12 file, bags and keys.
2155 * This function sets a certificate/private key pair and/or a CRL in
2156 * the gnutls_certificate_credentials_t structure. This function may
2157 * be called more than once (in case multiple keys/certificates exist
2160 * MAC:ed PKCS#12 files are supported. Encrypted PKCS#12 bags are
2161 * supported. Encrypted PKCS#8 private keys are supported. However,
2162 * only password based security, and the same password for all
2163 * operations, are supported.
2165 * The private keys may be RSA PKCS#1 or DSA private keys encoded in
2168 * PKCS#12 file may contain many keys and/or certificates, and there
2169 * is no way to identify which key/certificate pair you want. You
2170 * should make sure the PKCS#12 file only contain one key/certificate
2171 * pair and/or one CRL.
2173 * It is believed that the limitations of this function is acceptable
2174 * for most usage, and that any more flexibility would introduce
2175 * complexity that would make it harder to use this functionality at
2178 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
2183 gnutls_certificate_set_x509_simple_pkcs12_mem
2184 (gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob,
2185 gnutls_x509_crt_fmt_t type, const char *password)
2187 gnutls_pkcs12_t p12;
2188 gnutls_x509_privkey_t key = NULL;
2189 gnutls_x509_crt_t cert = NULL;
2190 gnutls_x509_crl_t crl = NULL;
2193 ret = gnutls_pkcs12_init (&p12);
2200 ret = gnutls_pkcs12_import (p12, p12blob, type, 0);
2204 gnutls_pkcs12_deinit (p12);
2210 ret = gnutls_pkcs12_verify_mac (p12, password);
2214 gnutls_pkcs12_deinit (p12);
2219 ret = parse_pkcs12 (res, p12, password, &key, &cert, &crl);
2220 gnutls_pkcs12_deinit (p12);
2229 ret = gnutls_certificate_set_x509_key (res, &cert, 1, key);
2239 ret = gnutls_certificate_set_x509_crl (res, &crl, 1);
2251 gnutls_x509_crt_deinit (cert);
2253 gnutls_x509_privkey_deinit (key);
2255 gnutls_x509_crl_deinit (crl);
2263 * gnutls_certificate_free_crls:
2264 * @sc: is a #gnutls_certificate_credentials_t structure.
2266 * This function will delete all the CRLs associated
2267 * with the given credentials.
2270 gnutls_certificate_free_crls (gnutls_certificate_credentials_t sc)
2274 for (j = 0; j < sc->x509_ncrls; j++)
2276 gnutls_x509_crl_deinit (sc->x509_crl_list[j]);
2281 gnutls_free (sc->x509_crl_list);
2282 sc->x509_crl_list = NULL;