OpenCores
URL https://opencores.org/ocsvn/openrisc/openrisc/trunk

Subversion Repositories openrisc

[/] [openrisc/] [trunk/] [gnu-dev/] [or1k-gcc/] [libgo/] [go/] [crypto/] [x509/] [x509.go] - Blame information for rev 801

Go to most recent revision | Details | Compare with Previous | View Log

Line No. Rev Author Line
1 747 jeremybenn
// Copyright 2009 The Go Authors. All rights reserved.
2
// Use of this source code is governed by a BSD-style
3
// license that can be found in the LICENSE file.
4
 
5
// Package x509 parses X.509-encoded keys and certificates.
6
package x509
7
 
8
import (
9
        "bytes"
10
        "crypto"
11
        "crypto/dsa"
12
        "crypto/rsa"
13
        "crypto/sha1"
14
        "crypto/x509/pkix"
15
        "encoding/asn1"
16
        "encoding/pem"
17
        "errors"
18
        "io"
19
        "math/big"
20
        "time"
21
)
22
 
23
// pkixPublicKey reflects a PKIX public key structure. See SubjectPublicKeyInfo
24
// in RFC 3280.
25
type pkixPublicKey struct {
26
        Algo      pkix.AlgorithmIdentifier
27
        BitString asn1.BitString
28
}
29
 
30
// ParsePKIXPublicKey parses a DER encoded public key. These values are
31
// typically found in PEM blocks with "BEGIN PUBLIC KEY".
32
func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error) {
33
        var pki publicKeyInfo
34
        if _, err = asn1.Unmarshal(derBytes, &pki); err != nil {
35
                return
36
        }
37
        algo := getPublicKeyAlgorithmFromOID(pki.Algorithm.Algorithm)
38
        if algo == UnknownPublicKeyAlgorithm {
39
                return nil, errors.New("ParsePKIXPublicKey: unknown public key algorithm")
40
        }
41
        return parsePublicKey(algo, &pki)
42
}
43
 
44
// MarshalPKIXPublicKey serialises a public key to DER-encoded PKIX format.
45
func MarshalPKIXPublicKey(pub interface{}) ([]byte, error) {
46
        var pubBytes []byte
47
 
48
        switch pub := pub.(type) {
49
        case *rsa.PublicKey:
50
                pubBytes, _ = asn1.Marshal(rsaPublicKey{
51
                        N: pub.N,
52
                        E: pub.E,
53
                })
54
        default:
55
                return nil, errors.New("MarshalPKIXPublicKey: unknown public key type")
56
        }
57
 
58
        pkix := pkixPublicKey{
59
                Algo: pkix.AlgorithmIdentifier{
60
                        Algorithm: []int{1, 2, 840, 113549, 1, 1, 1},
61
                        // This is a NULL parameters value which is technically
62
                        // superfluous, but most other code includes it and, by
63
                        // doing this, we match their public key hashes.
64
                        Parameters: asn1.RawValue{
65
                                Tag: 5,
66
                        },
67
                },
68
                BitString: asn1.BitString{
69
                        Bytes:     pubBytes,
70
                        BitLength: 8 * len(pubBytes),
71
                },
72
        }
73
 
74
        ret, _ := asn1.Marshal(pkix)
75
        return ret, nil
76
}
77
 
78
// These structures reflect the ASN.1 structure of X.509 certificates.:
79
 
80
type certificate struct {
81
        Raw                asn1.RawContent
82
        TBSCertificate     tbsCertificate
83
        SignatureAlgorithm pkix.AlgorithmIdentifier
84
        SignatureValue     asn1.BitString
85
}
86
 
87
type tbsCertificate struct {
88
        Raw                asn1.RawContent
89
        Version            int `asn1:"optional,explicit,default:1,tag:0"`
90
        SerialNumber       *big.Int
91
        SignatureAlgorithm pkix.AlgorithmIdentifier
92
        Issuer             asn1.RawValue
93
        Validity           validity
94
        Subject            asn1.RawValue
95
        PublicKey          publicKeyInfo
96
        UniqueId           asn1.BitString   `asn1:"optional,tag:1"`
97
        SubjectUniqueId    asn1.BitString   `asn1:"optional,tag:2"`
98
        Extensions         []pkix.Extension `asn1:"optional,explicit,tag:3"`
99
}
100
 
101
type dsaAlgorithmParameters struct {
102
        P, Q, G *big.Int
103
}
104
 
105
type dsaSignature struct {
106
        R, S *big.Int
107
}
108
 
109
type validity struct {
110
        NotBefore, NotAfter time.Time
111
}
112
 
113
type publicKeyInfo struct {
114
        Raw       asn1.RawContent
115
        Algorithm pkix.AlgorithmIdentifier
116
        PublicKey asn1.BitString
117
}
118
 
119
// RFC 5280,  4.2.1.1
120
type authKeyId struct {
121
        Id []byte `asn1:"optional,tag:0"`
122
}
123
 
124
type SignatureAlgorithm int
125
 
126
const (
127
        UnknownSignatureAlgorithm SignatureAlgorithm = iota
128
        MD2WithRSA
129
        MD5WithRSA
130
        SHA1WithRSA
131
        SHA256WithRSA
132
        SHA384WithRSA
133
        SHA512WithRSA
134
        DSAWithSHA1
135
        DSAWithSHA256
136
)
137
 
138
type PublicKeyAlgorithm int
139
 
140
const (
141
        UnknownPublicKeyAlgorithm PublicKeyAlgorithm = iota
142
        RSA
143
        DSA
144
)
145
 
146
// OIDs for signature algorithms
147
//
148
// pkcs-1 OBJECT IDENTIFIER ::= {
149
//    iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
150
//
151
//
152
// RFC 3279 2.2.1 RSA Signature Algorithms
153
//
154
// md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 }
155
//
156
// md5WithRSAEncryption OBJECT IDENTIFER ::= { pkcs-1 4 }
157
//
158
// sha-1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 }
159
//
160
// dsaWithSha1 OBJECT IDENTIFIER ::= {
161
//    iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 3 }
162
//
163
//
164
// RFC 4055 5 PKCS #1 Version 1.5
165
//
166
// sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 }
167
//
168
// sha384WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 12 }
169
//
170
// sha512WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 13 }
171
//
172
//
173
// RFC 5758 3.1 DSA Signature Algorithms
174
//
175
// dsaWithSha356 OBJECT IDENTIFER ::= {
176
//    joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101)
177
//    algorithms(4) id-dsa-with-sha2(3) 2}
178
//
179
var (
180
        oidSignatureMD2WithRSA    = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 2}
181
        oidSignatureMD5WithRSA    = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 4}
182
        oidSignatureSHA1WithRSA   = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 5}
183
        oidSignatureSHA256WithRSA = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 11}
184
        oidSignatureSHA384WithRSA = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 12}
185
        oidSignatureSHA512WithRSA = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 13}
186
        oidSignatureDSAWithSHA1   = asn1.ObjectIdentifier{1, 2, 840, 10040, 4, 3}
187
        oidSignatureDSAWithSHA256 = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 4, 3, 2}
188
)
189
 
190
func getSignatureAlgorithmFromOID(oid asn1.ObjectIdentifier) SignatureAlgorithm {
191
        switch {
192
        case oid.Equal(oidSignatureMD2WithRSA):
193
                return MD2WithRSA
194
        case oid.Equal(oidSignatureMD5WithRSA):
195
                return MD5WithRSA
196
        case oid.Equal(oidSignatureSHA1WithRSA):
197
                return SHA1WithRSA
198
        case oid.Equal(oidSignatureSHA256WithRSA):
199
                return SHA256WithRSA
200
        case oid.Equal(oidSignatureSHA384WithRSA):
201
                return SHA384WithRSA
202
        case oid.Equal(oidSignatureSHA512WithRSA):
203
                return SHA512WithRSA
204
        case oid.Equal(oidSignatureDSAWithSHA1):
205
                return DSAWithSHA1
206
        case oid.Equal(oidSignatureDSAWithSHA256):
207
                return DSAWithSHA256
208
        }
209
        return UnknownSignatureAlgorithm
210
}
211
 
212
// RFC 3279, 2.3 Public Key Algorithms
213
//
214
// pkcs-1 OBJECT IDENTIFIER ::== { iso(1) member-body(2) us(840)
215
//    rsadsi(113549) pkcs(1) 1 }
216
//
217
// rsaEncryption OBJECT IDENTIFIER ::== { pkcs1-1 1 }
218
//
219
// id-dsa OBJECT IDENTIFIER ::== { iso(1) member-body(2) us(840)
220
//    x9-57(10040) x9cm(4) 1 }
221
var (
222
        oidPublicKeyRsa = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1}
223
        oidPublicKeyDsa = asn1.ObjectIdentifier{1, 2, 840, 10040, 4, 1}
224
)
225
 
226
func getPublicKeyAlgorithmFromOID(oid asn1.ObjectIdentifier) PublicKeyAlgorithm {
227
        switch {
228
        case oid.Equal(oidPublicKeyRsa):
229
                return RSA
230
        case oid.Equal(oidPublicKeyDsa):
231
                return DSA
232
        }
233
        return UnknownPublicKeyAlgorithm
234
}
235
 
236
// KeyUsage represents the set of actions that are valid for a given key. It's
237
// a bitmap of the KeyUsage* constants.
238
type KeyUsage int
239
 
240
const (
241
        KeyUsageDigitalSignature KeyUsage = 1 << iota
242
        KeyUsageContentCommitment
243
        KeyUsageKeyEncipherment
244
        KeyUsageDataEncipherment
245
        KeyUsageKeyAgreement
246
        KeyUsageCertSign
247
        KeyUsageCRLSign
248
        KeyUsageEncipherOnly
249
        KeyUsageDecipherOnly
250
)
251
 
252
// RFC 5280, 4.2.1.12  Extended Key Usage
253
//
254
// anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 }
255
//
256
// id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
257
//
258
// id-kp-serverAuth             OBJECT IDENTIFIER ::= { id-kp 1 }
259
// id-kp-clientAuth             OBJECT IDENTIFIER ::= { id-kp 2 }
260
// id-kp-codeSigning            OBJECT IDENTIFIER ::= { id-kp 3 }
261
// id-kp-emailProtection        OBJECT IDENTIFIER ::= { id-kp 4 }
262
// id-kp-timeStamping           OBJECT IDENTIFIER ::= { id-kp 8 }
263
// id-kp-OCSPSigning            OBJECT IDENTIFIER ::= { id-kp 9 }
264
var (
265
        oidExtKeyUsageAny             = asn1.ObjectIdentifier{2, 5, 29, 37, 0}
266
        oidExtKeyUsageServerAuth      = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 3, 1}
267
        oidExtKeyUsageClientAuth      = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 3, 2}
268
        oidExtKeyUsageCodeSigning     = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 3, 3}
269
        oidExtKeyUsageEmailProtection = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 3, 4}
270
        oidExtKeyUsageTimeStamping    = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 3, 8}
271
        oidExtKeyUsageOCSPSigning     = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 3, 9}
272
)
273
 
274
// ExtKeyUsage represents an extended set of actions that are valid for a given key.
275
// Each of the ExtKeyUsage* constants define a unique action.
276
type ExtKeyUsage int
277
 
278
const (
279
        ExtKeyUsageAny ExtKeyUsage = iota
280
        ExtKeyUsageServerAuth
281
        ExtKeyUsageClientAuth
282
        ExtKeyUsageCodeSigning
283
        ExtKeyUsageEmailProtection
284
        ExtKeyUsageTimeStamping
285
        ExtKeyUsageOCSPSigning
286
)
287
 
288
// A Certificate represents an X.509 certificate.
289
type Certificate struct {
290
        Raw                     []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature).
291
        RawTBSCertificate       []byte // Certificate part of raw ASN.1 DER content.
292
        RawSubjectPublicKeyInfo []byte // DER encoded SubjectPublicKeyInfo.
293
        RawSubject              []byte // DER encoded Subject
294
        RawIssuer               []byte // DER encoded Issuer
295
 
296
        Signature          []byte
297
        SignatureAlgorithm SignatureAlgorithm
298
 
299
        PublicKeyAlgorithm PublicKeyAlgorithm
300
        PublicKey          interface{}
301
 
302
        Version             int
303
        SerialNumber        *big.Int
304
        Issuer              pkix.Name
305
        Subject             pkix.Name
306
        NotBefore, NotAfter time.Time // Validity bounds.
307
        KeyUsage            KeyUsage
308
 
309
        ExtKeyUsage        []ExtKeyUsage           // Sequence of extended key usages.
310
        UnknownExtKeyUsage []asn1.ObjectIdentifier // Encountered extended key usages unknown to this package.
311
 
312
        BasicConstraintsValid bool // if true then the next two fields are valid.
313
        IsCA                  bool
314
        MaxPathLen            int
315
 
316
        SubjectKeyId   []byte
317
        AuthorityKeyId []byte
318
 
319
        // Subject Alternate Name values
320
        DNSNames       []string
321
        EmailAddresses []string
322
 
323
        // Name constraints
324
        PermittedDNSDomainsCritical bool // if true then the name constraints are marked critical.
325
        PermittedDNSDomains         []string
326
 
327
        PolicyIdentifiers []asn1.ObjectIdentifier
328
}
329
 
330
// UnsupportedAlgorithmError results from attempting to perform an operation
331
// that involves algorithms that are not currently implemented.
332
type UnsupportedAlgorithmError struct{}
333
 
334
func (UnsupportedAlgorithmError) Error() string {
335
        return "cannot verify signature: algorithm unimplemented"
336
}
337
 
338
// ConstraintViolationError results when a requested usage is not permitted by
339
// a certificate. For example: checking a signature when the public key isn't a
340
// certificate signing key.
341
type ConstraintViolationError struct{}
342
 
343
func (ConstraintViolationError) Error() string {
344
        return "invalid signature: parent certificate cannot sign this kind of certificate"
345
}
346
 
347
func (c *Certificate) Equal(other *Certificate) bool {
348
        return bytes.Equal(c.Raw, other.Raw)
349
}
350
 
351
// CheckSignatureFrom verifies that the signature on c is a valid signature
352
// from parent.
353
func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err error) {
354
        // RFC 5280, 4.2.1.9:
355
        // "If the basic constraints extension is not present in a version 3
356
        // certificate, or the extension is present but the cA boolean is not
357
        // asserted, then the certified public key MUST NOT be used to verify
358
        // certificate signatures."
359
        if parent.Version == 3 && !parent.BasicConstraintsValid ||
360
                parent.BasicConstraintsValid && !parent.IsCA {
361
                return ConstraintViolationError{}
362
        }
363
 
364
        if parent.KeyUsage != 0 && parent.KeyUsage&KeyUsageCertSign == 0 {
365
                return ConstraintViolationError{}
366
        }
367
 
368
        if parent.PublicKeyAlgorithm == UnknownPublicKeyAlgorithm {
369
                return UnsupportedAlgorithmError{}
370
        }
371
 
372
        // TODO(agl): don't ignore the path length constraint.
373
 
374
        return parent.CheckSignature(c.SignatureAlgorithm, c.RawTBSCertificate, c.Signature)
375
}
376
 
377
// CheckSignature verifies that signature is a valid signature over signed from
378
// c's public key.
379
func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) (err error) {
380
        var hashType crypto.Hash
381
 
382
        switch algo {
383
        case SHA1WithRSA, DSAWithSHA1:
384
                hashType = crypto.SHA1
385
        case SHA256WithRSA, DSAWithSHA256:
386
                hashType = crypto.SHA256
387
        case SHA384WithRSA:
388
                hashType = crypto.SHA384
389
        case SHA512WithRSA:
390
                hashType = crypto.SHA512
391
        default:
392
                return UnsupportedAlgorithmError{}
393
        }
394
 
395
        h := hashType.New()
396
        if h == nil {
397
                return UnsupportedAlgorithmError{}
398
        }
399
 
400
        h.Write(signed)
401
        digest := h.Sum(nil)
402
 
403
        switch pub := c.PublicKey.(type) {
404
        case *rsa.PublicKey:
405
                return rsa.VerifyPKCS1v15(pub, hashType, digest, signature)
406
        case *dsa.PublicKey:
407
                dsaSig := new(dsaSignature)
408
                if _, err := asn1.Unmarshal(signature, dsaSig); err != nil {
409
                        return err
410
                }
411
                if dsaSig.R.Sign() <= 0 || dsaSig.S.Sign() <= 0 {
412
                        return errors.New("DSA signature contained zero or negative values")
413
                }
414
                if !dsa.Verify(pub, digest, dsaSig.R, dsaSig.S) {
415
                        return errors.New("DSA verification failure")
416
                }
417
                return
418
        }
419
        return UnsupportedAlgorithmError{}
420
}
421
 
422
// CheckCRLSignature checks that the signature in crl is from c.
423
func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) (err error) {
424
        algo := getSignatureAlgorithmFromOID(crl.SignatureAlgorithm.Algorithm)
425
        return c.CheckSignature(algo, crl.TBSCertList.Raw, crl.SignatureValue.RightAlign())
426
}
427
 
428
type UnhandledCriticalExtension struct{}
429
 
430
func (h UnhandledCriticalExtension) Error() string {
431
        return "unhandled critical extension"
432
}
433
 
434
type basicConstraints struct {
435
        IsCA       bool `asn1:"optional"`
436
        MaxPathLen int  `asn1:"optional"`
437
}
438
 
439
// RFC 5280 4.2.1.4
440
type policyInformation struct {
441
        Policy asn1.ObjectIdentifier
442
        // policyQualifiers omitted
443
}
444
 
445
// RFC 5280, 4.2.1.10
446
type nameConstraints struct {
447
        Permitted []generalSubtree `asn1:"optional,tag:0"`
448
        Excluded  []generalSubtree `asn1:"optional,tag:1"`
449
}
450
 
451
type generalSubtree struct {
452
        Name string `asn1:"tag:2,optional,ia5"`
453
        Min  int    `asn1:"optional,tag:0"`
454
        Max  int    `asn1:"optional,tag:1"`
455
}
456
 
457
func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{}, error) {
458
        asn1Data := keyData.PublicKey.RightAlign()
459
        switch algo {
460
        case RSA:
461
                p := new(rsaPublicKey)
462
                _, err := asn1.Unmarshal(asn1Data, p)
463
                if err != nil {
464
                        return nil, err
465
                }
466
 
467
                pub := &rsa.PublicKey{
468
                        E: p.E,
469
                        N: p.N,
470
                }
471
                return pub, nil
472
        case DSA:
473
                var p *big.Int
474
                _, err := asn1.Unmarshal(asn1Data, &p)
475
                if err != nil {
476
                        return nil, err
477
                }
478
                paramsData := keyData.Algorithm.Parameters.FullBytes
479
                params := new(dsaAlgorithmParameters)
480
                _, err = asn1.Unmarshal(paramsData, params)
481
                if err != nil {
482
                        return nil, err
483
                }
484
                if p.Sign() <= 0 || params.P.Sign() <= 0 || params.Q.Sign() <= 0 || params.G.Sign() <= 0 {
485
                        return nil, errors.New("zero or negative DSA parameter")
486
                }
487
                pub := &dsa.PublicKey{
488
                        Parameters: dsa.Parameters{
489
                                P: params.P,
490
                                Q: params.Q,
491
                                G: params.G,
492
                        },
493
                        Y: p,
494
                }
495
                return pub, nil
496
        default:
497
                return nil, nil
498
        }
499
        panic("unreachable")
500
}
501
 
502
func parseCertificate(in *certificate) (*Certificate, error) {
503
        out := new(Certificate)
504
        out.Raw = in.Raw
505
        out.RawTBSCertificate = in.TBSCertificate.Raw
506
        out.RawSubjectPublicKeyInfo = in.TBSCertificate.PublicKey.Raw
507
        out.RawSubject = in.TBSCertificate.Subject.FullBytes
508
        out.RawIssuer = in.TBSCertificate.Issuer.FullBytes
509
 
510
        out.Signature = in.SignatureValue.RightAlign()
511
        out.SignatureAlgorithm =
512
                getSignatureAlgorithmFromOID(in.TBSCertificate.SignatureAlgorithm.Algorithm)
513
 
514
        out.PublicKeyAlgorithm =
515
                getPublicKeyAlgorithmFromOID(in.TBSCertificate.PublicKey.Algorithm.Algorithm)
516
        var err error
517
        out.PublicKey, err = parsePublicKey(out.PublicKeyAlgorithm, &in.TBSCertificate.PublicKey)
518
        if err != nil {
519
                return nil, err
520
        }
521
 
522
        if in.TBSCertificate.SerialNumber.Sign() < 0 {
523
                return nil, errors.New("negative serial number")
524
        }
525
 
526
        out.Version = in.TBSCertificate.Version + 1
527
        out.SerialNumber = in.TBSCertificate.SerialNumber
528
 
529
        var issuer, subject pkix.RDNSequence
530
        if _, err := asn1.Unmarshal(in.TBSCertificate.Subject.FullBytes, &subject); err != nil {
531
                return nil, err
532
        }
533
        if _, err := asn1.Unmarshal(in.TBSCertificate.Issuer.FullBytes, &issuer); err != nil {
534
                return nil, err
535
        }
536
 
537
        out.Issuer.FillFromRDNSequence(&issuer)
538
        out.Subject.FillFromRDNSequence(&subject)
539
 
540
        out.NotBefore = in.TBSCertificate.Validity.NotBefore
541
        out.NotAfter = in.TBSCertificate.Validity.NotAfter
542
 
543
        for _, e := range in.TBSCertificate.Extensions {
544
                if len(e.Id) == 4 && e.Id[0] == 2 && e.Id[1] == 5 && e.Id[2] == 29 {
545
                        switch e.Id[3] {
546
                        case 15:
547
                                // RFC 5280, 4.2.1.3
548
                                var usageBits asn1.BitString
549
                                _, err := asn1.Unmarshal(e.Value, &usageBits)
550
 
551
                                if err == nil {
552
                                        var usage int
553
                                        for i := 0; i < 9; i++ {
554
                                                if usageBits.At(i) != 0 {
555
                                                        usage |= 1 << uint(i)
556
                                                }
557
                                        }
558
                                        out.KeyUsage = KeyUsage(usage)
559
                                        continue
560
                                }
561
                        case 19:
562
                                // RFC 5280, 4.2.1.9
563
                                var constraints basicConstraints
564
                                _, err := asn1.Unmarshal(e.Value, &constraints)
565
 
566
                                if err == nil {
567
                                        out.BasicConstraintsValid = true
568
                                        out.IsCA = constraints.IsCA
569
                                        out.MaxPathLen = constraints.MaxPathLen
570
                                        continue
571
                                }
572
                        case 17:
573
                                // RFC 5280, 4.2.1.6
574
 
575
                                // SubjectAltName ::= GeneralNames
576
                                //
577
                                // GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
578
                                //
579
                                // GeneralName ::= CHOICE {
580
                                //      otherName                       [0]     OtherName,
581
                                //      rfc822Name                      [1]     IA5String,
582
                                //      dNSName                         [2]     IA5String,
583
                                //      x400Address                     [3]     ORAddress,
584
                                //      directoryName                   [4]     Name,
585
                                //      ediPartyName                    [5]     EDIPartyName,
586
                                //      uniformResourceIdentifier       [6]     IA5String,
587
                                //      iPAddress                       [7]     OCTET STRING,
588
                                //      registeredID                    [8]     OBJECT IDENTIFIER }
589
                                var seq asn1.RawValue
590
                                _, err := asn1.Unmarshal(e.Value, &seq)
591
                                if err != nil {
592
                                        return nil, err
593
                                }
594
                                if !seq.IsCompound || seq.Tag != 16 || seq.Class != 0 {
595
                                        return nil, asn1.StructuralError{Msg: "bad SAN sequence"}
596
                                }
597
 
598
                                parsedName := false
599
 
600
                                rest := seq.Bytes
601
                                for len(rest) > 0 {
602
                                        var v asn1.RawValue
603
                                        rest, err = asn1.Unmarshal(rest, &v)
604
                                        if err != nil {
605
                                                return nil, err
606
                                        }
607
                                        switch v.Tag {
608
                                        case 1:
609
                                                out.EmailAddresses = append(out.EmailAddresses, string(v.Bytes))
610
                                                parsedName = true
611
                                        case 2:
612
                                                out.DNSNames = append(out.DNSNames, string(v.Bytes))
613
                                                parsedName = true
614
                                        }
615
                                }
616
 
617
                                if parsedName {
618
                                        continue
619
                                }
620
                                // If we didn't parse any of the names then we
621
                                // fall through to the critical check below.
622
 
623
                        case 30:
624
                                // RFC 5280, 4.2.1.10
625
 
626
                                // NameConstraints ::= SEQUENCE {
627
                                //      permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
628
                                //      excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
629
                                //
630
                                // GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
631
                                //
632
                                // GeneralSubtree ::= SEQUENCE {
633
                                //      base                    GeneralName,
634
                                //      minimum         [0]     BaseDistance DEFAULT 0,
635
                                //      maximum         [1]     BaseDistance OPTIONAL }
636
                                //
637
                                // BaseDistance ::= INTEGER (0..MAX)
638
 
639
                                var constraints nameConstraints
640
                                _, err := asn1.Unmarshal(e.Value, &constraints)
641
                                if err != nil {
642
                                        return nil, err
643
                                }
644
 
645
                                if len(constraints.Excluded) > 0 && e.Critical {
646
                                        return out, UnhandledCriticalExtension{}
647
                                }
648
 
649
                                for _, subtree := range constraints.Permitted {
650
                                        if subtree.Min > 0 || subtree.Max > 0 || len(subtree.Name) == 0 {
651
                                                if e.Critical {
652
                                                        return out, UnhandledCriticalExtension{}
653
                                                }
654
                                                continue
655
                                        }
656
                                        out.PermittedDNSDomains = append(out.PermittedDNSDomains, subtree.Name)
657
                                }
658
                                continue
659
 
660
                        case 35:
661
                                // RFC 5280, 4.2.1.1
662
                                var a authKeyId
663
                                _, err = asn1.Unmarshal(e.Value, &a)
664
                                if err != nil {
665
                                        return nil, err
666
                                }
667
                                out.AuthorityKeyId = a.Id
668
                                continue
669
 
670
                        case 37:
671
                                // RFC 5280, 4.2.1.12.  Extended Key Usage
672
 
673
                                // id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 }
674
                                //
675
                                // ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
676
                                //
677
                                // KeyPurposeId ::= OBJECT IDENTIFIER
678
 
679
                                var keyUsage []asn1.ObjectIdentifier
680
                                _, err = asn1.Unmarshal(e.Value, &keyUsage)
681
                                if err != nil {
682
                                        return nil, err
683
                                }
684
 
685
                                for _, u := range keyUsage {
686
                                        switch {
687
                                        case u.Equal(oidExtKeyUsageAny):
688
                                                out.ExtKeyUsage = append(out.ExtKeyUsage, ExtKeyUsageAny)
689
                                        case u.Equal(oidExtKeyUsageServerAuth):
690
                                                out.ExtKeyUsage = append(out.ExtKeyUsage, ExtKeyUsageServerAuth)
691
                                        case u.Equal(oidExtKeyUsageClientAuth):
692
                                                out.ExtKeyUsage = append(out.ExtKeyUsage, ExtKeyUsageClientAuth)
693
                                        case u.Equal(oidExtKeyUsageCodeSigning):
694
                                                out.ExtKeyUsage = append(out.ExtKeyUsage, ExtKeyUsageCodeSigning)
695
                                        case u.Equal(oidExtKeyUsageEmailProtection):
696
                                                out.ExtKeyUsage = append(out.ExtKeyUsage, ExtKeyUsageEmailProtection)
697
                                        case u.Equal(oidExtKeyUsageTimeStamping):
698
                                                out.ExtKeyUsage = append(out.ExtKeyUsage, ExtKeyUsageTimeStamping)
699
                                        case u.Equal(oidExtKeyUsageOCSPSigning):
700
                                                out.ExtKeyUsage = append(out.ExtKeyUsage, ExtKeyUsageOCSPSigning)
701
                                        default:
702
                                                out.UnknownExtKeyUsage = append(out.UnknownExtKeyUsage, u)
703
                                        }
704
                                }
705
 
706
                                continue
707
 
708
                        case 14:
709
                                // RFC 5280, 4.2.1.2
710
                                var keyid []byte
711
                                _, err = asn1.Unmarshal(e.Value, &keyid)
712
                                if err != nil {
713
                                        return nil, err
714
                                }
715
                                out.SubjectKeyId = keyid
716
                                continue
717
 
718
                        case 32:
719
                                // RFC 5280 4.2.1.4: Certificate Policies
720
                                var policies []policyInformation
721
                                if _, err = asn1.Unmarshal(e.Value, &policies); err != nil {
722
                                        return nil, err
723
                                }
724
                                out.PolicyIdentifiers = make([]asn1.ObjectIdentifier, len(policies))
725
                                for i, policy := range policies {
726
                                        out.PolicyIdentifiers[i] = policy.Policy
727
                                }
728
                        }
729
                }
730
 
731
                if e.Critical {
732
                        return out, UnhandledCriticalExtension{}
733
                }
734
        }
735
 
736
        return out, nil
737
}
738
 
739
// ParseCertificate parses a single certificate from the given ASN.1 DER data.
740
func ParseCertificate(asn1Data []byte) (*Certificate, error) {
741
        var cert certificate
742
        rest, err := asn1.Unmarshal(asn1Data, &cert)
743
        if err != nil {
744
                return nil, err
745
        }
746
        if len(rest) > 0 {
747
                return nil, asn1.SyntaxError{Msg: "trailing data"}
748
        }
749
 
750
        return parseCertificate(&cert)
751
}
752
 
753
// ParseCertificates parses one or more certificates from the given ASN.1 DER
754
// data. The certificates must be concatenated with no intermediate padding.
755
func ParseCertificates(asn1Data []byte) ([]*Certificate, error) {
756
        var v []*certificate
757
 
758
        for len(asn1Data) > 0 {
759
                cert := new(certificate)
760
                var err error
761
                asn1Data, err = asn1.Unmarshal(asn1Data, cert)
762
                if err != nil {
763
                        return nil, err
764
                }
765
                v = append(v, cert)
766
        }
767
 
768
        ret := make([]*Certificate, len(v))
769
        for i, ci := range v {
770
                cert, err := parseCertificate(ci)
771
                if err != nil {
772
                        return nil, err
773
                }
774
                ret[i] = cert
775
        }
776
 
777
        return ret, nil
778
}
779
 
780
func reverseBitsInAByte(in byte) byte {
781
        b1 := in>>4 | in<<4
782
        b2 := b1>>2&0x33 | b1<<2&0xcc
783
        b3 := b2>>1&0x55 | b2<<1&0xaa
784
        return b3
785
}
786
 
787
var (
788
        oidExtensionSubjectKeyId        = []int{2, 5, 29, 14}
789
        oidExtensionKeyUsage            = []int{2, 5, 29, 15}
790
        oidExtensionAuthorityKeyId      = []int{2, 5, 29, 35}
791
        oidExtensionBasicConstraints    = []int{2, 5, 29, 19}
792
        oidExtensionSubjectAltName      = []int{2, 5, 29, 17}
793
        oidExtensionCertificatePolicies = []int{2, 5, 29, 32}
794
        oidExtensionNameConstraints     = []int{2, 5, 29, 30}
795
)
796
 
797
func buildExtensions(template *Certificate) (ret []pkix.Extension, err error) {
798
        ret = make([]pkix.Extension, 7 /* maximum number of elements. */ )
799
        n := 0
800
 
801
        if template.KeyUsage != 0 {
802
                ret[n].Id = oidExtensionKeyUsage
803
                ret[n].Critical = true
804
 
805
                var a [2]byte
806
                a[0] = reverseBitsInAByte(byte(template.KeyUsage))
807
                a[1] = reverseBitsInAByte(byte(template.KeyUsage >> 8))
808
 
809
                l := 1
810
                if a[1] != 0 {
811
                        l = 2
812
                }
813
 
814
                ret[n].Value, err = asn1.Marshal(asn1.BitString{Bytes: a[0:l], BitLength: l * 8})
815
                if err != nil {
816
                        return
817
                }
818
                n++
819
        }
820
 
821
        if template.BasicConstraintsValid {
822
                ret[n].Id = oidExtensionBasicConstraints
823
                ret[n].Value, err = asn1.Marshal(basicConstraints{template.IsCA, template.MaxPathLen})
824
                ret[n].Critical = true
825
                if err != nil {
826
                        return
827
                }
828
                n++
829
        }
830
 
831
        if len(template.SubjectKeyId) > 0 {
832
                ret[n].Id = oidExtensionSubjectKeyId
833
                ret[n].Value, err = asn1.Marshal(template.SubjectKeyId)
834
                if err != nil {
835
                        return
836
                }
837
                n++
838
        }
839
 
840
        if len(template.AuthorityKeyId) > 0 {
841
                ret[n].Id = oidExtensionAuthorityKeyId
842
                ret[n].Value, err = asn1.Marshal(authKeyId{template.AuthorityKeyId})
843
                if err != nil {
844
                        return
845
                }
846
                n++
847
        }
848
 
849
        if len(template.DNSNames) > 0 {
850
                ret[n].Id = oidExtensionSubjectAltName
851
                rawValues := make([]asn1.RawValue, len(template.DNSNames))
852
                for i, name := range template.DNSNames {
853
                        rawValues[i] = asn1.RawValue{Tag: 2, Class: 2, Bytes: []byte(name)}
854
                }
855
                ret[n].Value, err = asn1.Marshal(rawValues)
856
                if err != nil {
857
                        return
858
                }
859
                n++
860
        }
861
 
862
        if len(template.PolicyIdentifiers) > 0 {
863
                ret[n].Id = oidExtensionCertificatePolicies
864
                policies := make([]policyInformation, len(template.PolicyIdentifiers))
865
                for i, policy := range template.PolicyIdentifiers {
866
                        policies[i].Policy = policy
867
                }
868
                ret[n].Value, err = asn1.Marshal(policies)
869
                if err != nil {
870
                        return
871
                }
872
                n++
873
        }
874
 
875
        if len(template.PermittedDNSDomains) > 0 {
876
                ret[n].Id = oidExtensionNameConstraints
877
                ret[n].Critical = template.PermittedDNSDomainsCritical
878
 
879
                var out nameConstraints
880
                out.Permitted = make([]generalSubtree, len(template.PermittedDNSDomains))
881
                for i, permitted := range template.PermittedDNSDomains {
882
                        out.Permitted[i] = generalSubtree{Name: permitted}
883
                }
884
                ret[n].Value, err = asn1.Marshal(out)
885
                if err != nil {
886
                        return
887
                }
888
                n++
889
        }
890
 
891
        // Adding another extension here? Remember to update the maximum number
892
        // of elements in the make() at the top of the function.
893
 
894
        return ret[0:n], nil
895
}
896
 
897
var (
898
        oidSHA1WithRSA = []int{1, 2, 840, 113549, 1, 1, 5}
899
        oidRSA         = []int{1, 2, 840, 113549, 1, 1, 1}
900
)
901
 
902
func subjectBytes(cert *Certificate) ([]byte, error) {
903
        if len(cert.RawSubject) > 0 {
904
                return cert.RawSubject, nil
905
        }
906
 
907
        return asn1.Marshal(cert.Subject.ToRDNSequence())
908
}
909
 
910
// CreateCertificate creates a new certificate based on a template. The
911
// following members of template are used: SerialNumber, Subject, NotBefore,
912
// NotAfter, KeyUsage, BasicConstraintsValid, IsCA, MaxPathLen, SubjectKeyId,
913
// DNSNames, PermittedDNSDomainsCritical, PermittedDNSDomains.
914
//
915
// The certificate is signed by parent. If parent is equal to template then the
916
// certificate is self-signed. The parameter pub is the public key of the
917
// signee and priv is the private key of the signer.
918
//
919
// The returned slice is the certificate in DER encoding.
920
//
921
// The only supported key type is RSA (*rsa.PublicKey for pub, *rsa.PrivateKey
922
// for priv).
923
func CreateCertificate(rand io.Reader, template, parent *Certificate, pub interface{}, priv interface{}) (cert []byte, err error) {
924
        rsaPub, ok := pub.(*rsa.PublicKey)
925
        if !ok {
926
                return nil, errors.New("x509: non-RSA public keys not supported")
927
        }
928
 
929
        rsaPriv, ok := priv.(*rsa.PrivateKey)
930
        if !ok {
931
                return nil, errors.New("x509: non-RSA private keys not supported")
932
        }
933
 
934
        asn1PublicKey, err := asn1.Marshal(rsaPublicKey{
935
                N: rsaPub.N,
936
                E: rsaPub.E,
937
        })
938
        if err != nil {
939
                return
940
        }
941
 
942
        if len(parent.SubjectKeyId) > 0 {
943
                template.AuthorityKeyId = parent.SubjectKeyId
944
        }
945
 
946
        extensions, err := buildExtensions(template)
947
        if err != nil {
948
                return
949
        }
950
 
951
        asn1Issuer, err := subjectBytes(parent)
952
        if err != nil {
953
                return
954
        }
955
 
956
        asn1Subject, err := subjectBytes(template)
957
        if err != nil {
958
                return
959
        }
960
 
961
        encodedPublicKey := asn1.BitString{BitLength: len(asn1PublicKey) * 8, Bytes: asn1PublicKey}
962
        c := tbsCertificate{
963
                Version:            2,
964
                SerialNumber:       template.SerialNumber,
965
                SignatureAlgorithm: pkix.AlgorithmIdentifier{Algorithm: oidSHA1WithRSA},
966
                Issuer:             asn1.RawValue{FullBytes: asn1Issuer},
967
                Validity:           validity{template.NotBefore, template.NotAfter},
968
                Subject:            asn1.RawValue{FullBytes: asn1Subject},
969
                PublicKey:          publicKeyInfo{nil, pkix.AlgorithmIdentifier{Algorithm: oidRSA}, encodedPublicKey},
970
                Extensions:         extensions,
971
        }
972
 
973
        tbsCertContents, err := asn1.Marshal(c)
974
        if err != nil {
975
                return
976
        }
977
 
978
        c.Raw = tbsCertContents
979
 
980
        h := sha1.New()
981
        h.Write(tbsCertContents)
982
        digest := h.Sum(nil)
983
 
984
        signature, err := rsa.SignPKCS1v15(rand, rsaPriv, crypto.SHA1, digest)
985
        if err != nil {
986
                return
987
        }
988
 
989
        cert, err = asn1.Marshal(certificate{
990
                nil,
991
                c,
992
                pkix.AlgorithmIdentifier{Algorithm: oidSHA1WithRSA},
993
                asn1.BitString{Bytes: signature, BitLength: len(signature) * 8},
994
        })
995
        return
996
}
997
 
998
// pemCRLPrefix is the magic string that indicates that we have a PEM encoded
999
// CRL.
1000
var pemCRLPrefix = []byte("-----BEGIN X509 CRL")
1001
 
1002
// pemType is the type of a PEM encoded CRL.
1003
var pemType = "X509 CRL"
1004
 
1005
// ParseCRL parses a CRL from the given bytes. It's often the case that PEM
1006
// encoded CRLs will appear where they should be DER encoded, so this function
1007
// will transparently handle PEM encoding as long as there isn't any leading
1008
// garbage.
1009
func ParseCRL(crlBytes []byte) (certList *pkix.CertificateList, err error) {
1010
        if bytes.HasPrefix(crlBytes, pemCRLPrefix) {
1011
                block, _ := pem.Decode(crlBytes)
1012
                if block != nil && block.Type == pemType {
1013
                        crlBytes = block.Bytes
1014
                }
1015
        }
1016
        return ParseDERCRL(crlBytes)
1017
}
1018
 
1019
// ParseDERCRL parses a DER encoded CRL from the given bytes.
1020
func ParseDERCRL(derBytes []byte) (certList *pkix.CertificateList, err error) {
1021
        certList = new(pkix.CertificateList)
1022
        _, err = asn1.Unmarshal(derBytes, certList)
1023
        if err != nil {
1024
                certList = nil
1025
        }
1026
        return
1027
}
1028
 
1029
// CreateCRL returns a DER encoded CRL, signed by this Certificate, that
1030
// contains the given list of revoked certificates.
1031
//
1032
// The only supported key type is RSA (*rsa.PrivateKey for priv).
1033
func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts []pkix.RevokedCertificate, now, expiry time.Time) (crlBytes []byte, err error) {
1034
        rsaPriv, ok := priv.(*rsa.PrivateKey)
1035
        if !ok {
1036
                return nil, errors.New("x509: non-RSA private keys not supported")
1037
        }
1038
        tbsCertList := pkix.TBSCertificateList{
1039
                Version: 2,
1040
                Signature: pkix.AlgorithmIdentifier{
1041
                        Algorithm: oidSignatureSHA1WithRSA,
1042
                },
1043
                Issuer:              c.Subject.ToRDNSequence(),
1044
                ThisUpdate:          now,
1045
                NextUpdate:          expiry,
1046
                RevokedCertificates: revokedCerts,
1047
        }
1048
 
1049
        tbsCertListContents, err := asn1.Marshal(tbsCertList)
1050
        if err != nil {
1051
                return
1052
        }
1053
 
1054
        h := sha1.New()
1055
        h.Write(tbsCertListContents)
1056
        digest := h.Sum(nil)
1057
 
1058
        signature, err := rsa.SignPKCS1v15(rand, rsaPriv, crypto.SHA1, digest)
1059
        if err != nil {
1060
                return
1061
        }
1062
 
1063
        return asn1.Marshal(pkix.CertificateList{
1064
                TBSCertList: tbsCertList,
1065
                SignatureAlgorithm: pkix.AlgorithmIdentifier{
1066
                        Algorithm: oidSignatureSHA1WithRSA,
1067
                },
1068
                SignatureValue: asn1.BitString{Bytes: signature, BitLength: len(signature) * 8},
1069
        })
1070
}

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.