VirtualBox

source: vbox/trunk/src/VBox/Runtime/common/crypto/x509-sanity.cpp@ 66299

Last change on this file since 66299 was 64883, checked in by vboxsync, 8 years ago

IPRT/ASN.1: Refactored array handling (SET OF, SEQUENCE OF) to use a pointer array instead of an object instance array. The old approach would move objects around in memory after they'd be initialized/decoded, making certain core optimziations involving pointers to object members impossible, as well as causing potentially causing trouble when modifying structures that takes down pointers after decoding. Fixed validation bug in rtCrX509Name_CheckSanityExtra where it didn't check that the RDNs had subitems but instead checked the parent twice (slight risk).

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 7.2 KB
Line 
1/* $Id: x509-sanity.cpp 64883 2016-12-15 15:26:20Z vboxsync $ */
2/** @file
3 * IPRT - Crypto - X.509, Sanity Checkers.
4 */
5
6/*
7 * Copyright (C) 2006-2016 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27
28/*********************************************************************************************************************************
29* Header Files *
30*********************************************************************************************************************************/
31#include "internal/iprt.h"
32#include <iprt/crypto/x509.h>
33
34#include <iprt/err.h>
35#include <iprt/string.h>
36
37#include "x509-internal.h"
38
39
40
41static int rtCrX509Validity_CheckSanityExtra(PCRTCRX509VALIDITY pThis, uint32_t fFlags, PRTERRINFO pErrInfo, const char *pszErrorTag)
42{
43 RT_NOREF_PV(fFlags);
44
45 if (RTAsn1Time_Compare(&pThis->NotBefore, &pThis->NotAfter) > 0)
46 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_VALIDITY_SWAPPED, "%s: NotBefore is after NotAfter", pszErrorTag);
47 /** @todo check tag constraints? */
48 return VINF_SUCCESS;
49}
50
51
52static int rtCrX509Name_CheckSanityExtra(PCRTCRX509NAME pThis, uint32_t fFlags, PRTERRINFO pErrInfo, const char *pszErrorTag)
53{
54 RT_NOREF_PV(fFlags);
55
56 if (pThis->cItems == 0)
57 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_NAME_EMPTY_SET, "%s: Has no components.", pszErrorTag);
58
59 for (uint32_t i = 0; i < pThis->cItems; i++)
60 {
61 PCRTCRX509RELATIVEDISTINGUISHEDNAME const pRdn = pThis->papItems[i];
62 if (pRdn->cItems == 0)
63 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_NAME_EMPTY_SUB_SET,
64 "%s: Items[%u] has no sub components.", pszErrorTag, i);
65
66 for (uint32_t j = 0; j < pRdn->cItems; j++)
67 {
68 PCRTCRX509ATTRIBUTETYPEANDVALUE const pAttr = pRdn->papItems[j];
69
70 if (pAttr->Value.enmType != RTASN1TYPE_STRING)
71 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_NAME_NOT_STRING,
72 "%s: Items[%u].paItems[%u].enmType is %d instead of string (%d).",
73 pszErrorTag, i, j, pAttr->Value.enmType, RTASN1TYPE_STRING);
74 if (pAttr->Value.u.String.Asn1Core.cb == 0)
75 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_NAME_EMPTY_STRING,
76 "%s: Items[%u].paItems[%u] is an empty string", pszErrorTag, i, j);
77 switch (pAttr->Value.u.String.Asn1Core.uTag)
78 {
79 case ASN1_TAG_PRINTABLE_STRING:
80 case ASN1_TAG_UTF8_STRING:
81 break;
82 case ASN1_TAG_T61_STRING:
83 case ASN1_TAG_UNIVERSAL_STRING:
84 case ASN1_TAG_BMP_STRING:
85 break;
86 case ASN1_TAG_IA5_STRING: /* Used by "Microsoft Root Certificate Authority" in the "com" part of the Issuer. */
87 break;
88 default:
89 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_INVALID_NAME_STRING_TAG,
90 "%s: Items[%u].paItems[%u] invalid string type: %u", pszErrorTag, i, j,
91 pAttr->Value.u.String.Asn1Core.uTag);
92 }
93 }
94 }
95
96 return VINF_SUCCESS;
97}
98
99
100static int rtCrX509SubjectPublicKeyInfo_CheckSanityExtra(PCRTCRX509SUBJECTPUBLICKEYINFO pThis, uint32_t fFlags,
101 PRTERRINFO pErrInfo, const char *pszErrorTag)
102{
103 RT_NOREF_PV(fFlags);
104 if (pThis->SubjectPublicKey.cBits <= 32)
105 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_PUBLIC_KEY_TOO_SMALL,
106 "%s: SubjectPublicKey is too small, only %u bits", pszErrorTag, pThis->SubjectPublicKey.cBits);
107 return VINF_SUCCESS;
108}
109
110
111static int rtCrX509TbsCertificate_CheckSanityExtra(PCRTCRX509TBSCERTIFICATE pThis, uint32_t fFlags,
112 PRTERRINFO pErrInfo, const char *pszErrorTag)
113{
114 RT_NOREF_PV(fFlags);
115
116 if ( RTAsn1Integer_IsPresent(&pThis->T0.Version)
117 && RTAsn1Integer_UnsignedCompareWithU32(&pThis->T0.Version, RTCRX509TBSCERTIFICATE_V1) != 0
118 && RTAsn1Integer_UnsignedCompareWithU32(&pThis->T0.Version, RTCRX509TBSCERTIFICATE_V2) != 0
119 && RTAsn1Integer_UnsignedCompareWithU32(&pThis->T0.Version, RTCRX509TBSCERTIFICATE_V3) != 0)
120 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_TBSCERT_UNSUPPORTED_VERSION,
121 "%s: Unknown Version number: %llu",
122 pszErrorTag, pThis->T0.Version.uValue.u);
123
124 if ( pThis->SerialNumber.Asn1Core.cb < 1
125 || pThis->SerialNumber.Asn1Core.cb > 1024)
126 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_TBSCERT_SERIAL_NUMBER_OUT_OF_BOUNDS,
127 "%s: Bad SerialNumber length: %u", pszErrorTag, pThis->SerialNumber.Asn1Core.cb);
128
129 if ( ( RTAsn1BitString_IsPresent(&pThis->T1.IssuerUniqueId)
130 || RTAsn1BitString_IsPresent(&pThis->T2.SubjectUniqueId))
131 && RTAsn1Integer_UnsignedCompareWithU32(&pThis->T0.Version, RTCRX509TBSCERTIFICATE_V2) < 0)
132 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_TBSCERT_UNIQUE_IDS_REQ_V2,
133 "%s: IssuerUniqueId and SubjectUniqueId requires version 2", pszErrorTag);
134
135 if ( RTCrX509Extensions_IsPresent(&pThis->T3.Extensions)
136 && RTAsn1Integer_UnsignedCompareWithU32(&pThis->T0.Version, RTCRX509TBSCERTIFICATE_V3) < 0)
137 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_TBSCERT_EXTS_REQ_V3, "%s: Extensions requires version 3", pszErrorTag);
138
139 return VINF_SUCCESS;
140}
141
142
143static int rtCrX509Certificate_CheckSanityExtra(PCRTCRX509CERTIFICATE pThis, uint32_t fFlags,
144 PRTERRINFO pErrInfo, const char *pszErrorTag)
145{
146 RT_NOREF_PV(fFlags);
147
148 if (RTCrX509AlgorithmIdentifier_Compare(&pThis->SignatureAlgorithm, &pThis->TbsCertificate.Signature) != 0)
149 return RTErrInfoSetF(pErrInfo, VERR_CR_X509_CERT_TBS_SIGN_ALGO_MISMATCH,
150 "%s: SignatureAlgorithm (%s) does not match TbsCertificate.Signature (%s).", pszErrorTag,
151 pThis->SignatureAlgorithm.Algorithm.szObjId,
152 pThis->TbsCertificate.Signature.Algorithm.szObjId);
153 return VINF_SUCCESS;
154}
155
156
157/*
158 * Generate the code.
159 */
160#include <iprt/asn1-generator-sanity.h>
161
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette