Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(736)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss/lib/certhigh/ocsp.c

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « nss/lib/certhigh/ocsp.h ('k') | nss/lib/certhigh/ocspi.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5 /*
6 * Implementation of OCSP services, for both client and server.
7 * (XXX, really, mostly just for client right now, but intended to do both.)
8 */
9
10 #include "prerror.h"
11 #include "prprf.h"
12 #include "plarena.h"
13 #include "prnetdb.h"
14
15 #include "seccomon.h"
16 #include "secitem.h"
17 #include "secoidt.h"
18 #include "secasn1.h"
19 #include "secder.h"
20 #include "cert.h"
21 #include "certi.h"
22 #include "xconst.h"
23 #include "secerr.h"
24 #include "secoid.h"
25 #include "hasht.h"
26 #include "sechash.h"
27 #include "secasn1.h"
28 #include "plbase64.h"
29 #include "keyhi.h"
30 #include "cryptohi.h"
31 #include "ocsp.h"
32 #include "ocspti.h"
33 #include "ocspi.h"
34 #include "genname.h"
35 #include "certxutl.h"
36 #include "pk11func.h" /* for PK11_HashBuf */
37 #include <stdarg.h>
38 #include <plhash.h>
39
40 #define DEFAULT_OCSP_CACHE_SIZE 1000
41 #define DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 1 * 60 * 60L
42 #define DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT 24 * 60 * 60L
43 #define DEFAULT_OSCP_TIMEOUT_SECONDS 60
44 #define MICROSECONDS_PER_SECOND 1000000L
45
46 typedef struct OCSPCacheItemStr OCSPCacheItem;
47 typedef struct OCSPCacheDataStr OCSPCacheData;
48
49 struct OCSPCacheItemStr {
50 /* LRU linking */
51 OCSPCacheItem *moreRecent;
52 OCSPCacheItem *lessRecent;
53
54 /* key */
55 CERTOCSPCertID *certID;
56 /* CertID's arena also used to allocate "this" cache item */
57
58 /* cache control information */
59 PRTime nextFetchAttemptTime;
60
61 /* Cached contents. Use a separate arena, because lifetime is different */
62 PLArenaPool *certStatusArena; /* NULL means: no cert status cached */
63 ocspCertStatus certStatus;
64
65 /* This may contain an error code when no OCSP response is available. */
66 SECErrorCodes missingResponseError;
67
68 PRPackedBool haveThisUpdate;
69 PRPackedBool haveNextUpdate;
70 PRTime thisUpdate;
71 PRTime nextUpdate;
72 };
73
74 struct OCSPCacheDataStr {
75 PLHashTable *entries;
76 PRUint32 numberOfEntries;
77 OCSPCacheItem *MRUitem; /* most recently used cache item */
78 OCSPCacheItem *LRUitem; /* least recently used cache item */
79 };
80
81 static struct OCSPGlobalStruct {
82 PRMonitor *monitor;
83 const SEC_HttpClientFcn *defaultHttpClientFcn;
84 PRInt32 maxCacheEntries;
85 PRUint32 minimumSecondsToNextFetchAttempt;
86 PRUint32 maximumSecondsToNextFetchAttempt;
87 PRUint32 timeoutSeconds;
88 OCSPCacheData cache;
89 SEC_OcspFailureMode ocspFailureMode;
90 CERT_StringFromCertFcn alternateOCSPAIAFcn;
91 PRBool forcePost;
92 } OCSP_Global = { NULL,
93 NULL,
94 DEFAULT_OCSP_CACHE_SIZE,
95 DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
96 DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT,
97 DEFAULT_OSCP_TIMEOUT_SECONDS,
98 { NULL, 0, NULL, NULL },
99 ocspMode_FailureIsVerificationFailure,
100 NULL,
101 PR_FALSE };
102
103 /* Forward declarations */
104 static SECItem *
105 ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
106 CERTOCSPRequest *request,
107 const char *location,
108 const char *method,
109 PRTime time,
110 PRBool addServiceLocator,
111 void *pwArg,
112 CERTOCSPRequest **pRequest);
113 static SECStatus
114 ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
115 CERTOCSPCertID *certID,
116 CERTCertificate *cert,
117 PRTime time,
118 void *pwArg,
119 PRBool *certIDWasConsumed,
120 SECStatus *rv_ocsp);
121
122 static SECStatus
123 ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
124 CERTOCSPCertID *certID,
125 CERTCertificate *cert,
126 PRTime time,
127 void *pwArg,
128 const SECItem *encodedResponse,
129 CERTOCSPResponse **pDecodedResponse,
130 CERTOCSPSingleResponse **pSingle);
131
132 static SECStatus
133 ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time);
134
135 static CERTOCSPCertID *
136 cert_DupOCSPCertID(const CERTOCSPCertID *src);
137
138 #ifndef DEBUG
139 #define OCSP_TRACE(msg)
140 #define OCSP_TRACE_TIME(msg, time)
141 #define OCSP_TRACE_CERT(cert)
142 #define OCSP_TRACE_CERTID(certid)
143 #else
144 #define OCSP_TRACE(msg) ocsp_Trace msg
145 #define OCSP_TRACE_TIME(msg, time) ocsp_dumpStringWithTime(msg, time)
146 #define OCSP_TRACE_CERT(cert) dumpCertificate(cert)
147 #define OCSP_TRACE_CERTID(certid) dumpCertID(certid)
148
149 #if defined(XP_UNIX) || defined(XP_WIN32) || defined(XP_BEOS) || \
150 defined(XP_MACOSX)
151 #define NSS_HAVE_GETENV 1
152 #endif
153
154 static PRBool
155 wantOcspTrace(void)
156 {
157 static PRBool firstTime = PR_TRUE;
158 static PRBool wantTrace = PR_FALSE;
159
160 #ifdef NSS_HAVE_GETENV
161 if (firstTime) {
162 char *ev = PR_GetEnvSecure("NSS_TRACE_OCSP");
163 if (ev && ev[0]) {
164 wantTrace = PR_TRUE;
165 }
166 firstTime = PR_FALSE;
167 }
168 #endif
169 return wantTrace;
170 }
171
172 static void
173 ocsp_Trace(const char *format, ...)
174 {
175 char buf[2000];
176 va_list args;
177
178 if (!wantOcspTrace())
179 return;
180 va_start(args, format);
181 PR_vsnprintf(buf, sizeof(buf), format, args);
182 va_end(args);
183 PR_LogPrint("%s", buf);
184 }
185
186 static void
187 ocsp_dumpStringWithTime(const char *str, PRTime time)
188 {
189 PRExplodedTime timePrintable;
190 char timestr[256];
191
192 if (!wantOcspTrace())
193 return;
194 PR_ExplodeTime(time, PR_GMTParameters, &timePrintable);
195 if (PR_FormatTime(timestr, 256, "%a %b %d %H:%M:%S %Y", &timePrintable)) {
196 ocsp_Trace("OCSP %s %s\n", str, timestr);
197 }
198 }
199
200 static void
201 printHexString(const char *prefix, SECItem *hexval)
202 {
203 unsigned int i;
204 char *hexbuf = NULL;
205
206 for (i = 0; i < hexval->len; i++) {
207 if (i != hexval->len - 1) {
208 hexbuf = PR_sprintf_append(hexbuf, "%02x:", hexval->data[i]);
209 } else {
210 hexbuf = PR_sprintf_append(hexbuf, "%02x", hexval->data[i]);
211 }
212 }
213 if (hexbuf) {
214 ocsp_Trace("%s %s\n", prefix, hexbuf);
215 PR_smprintf_free(hexbuf);
216 }
217 }
218
219 static void
220 dumpCertificate(CERTCertificate *cert)
221 {
222 if (!wantOcspTrace())
223 return;
224
225 ocsp_Trace("OCSP ----------------\n");
226 ocsp_Trace("OCSP ## SUBJECT: %s\n", cert->subjectName);
227 {
228 PRTime timeBefore, timeAfter;
229 PRExplodedTime beforePrintable, afterPrintable;
230 char beforestr[256], afterstr[256];
231 PRStatus rv1, rv2;
232 DER_DecodeTimeChoice(&timeBefore, &cert->validity.notBefore);
233 DER_DecodeTimeChoice(&timeAfter, &cert->validity.notAfter);
234 PR_ExplodeTime(timeBefore, PR_GMTParameters, &beforePrintable);
235 PR_ExplodeTime(timeAfter, PR_GMTParameters, &afterPrintable);
236 rv1 = PR_FormatTime(beforestr, 256, "%a %b %d %H:%M:%S %Y",
237 &beforePrintable);
238 rv2 = PR_FormatTime(afterstr, 256, "%a %b %d %H:%M:%S %Y",
239 &afterPrintable);
240 ocsp_Trace("OCSP ## VALIDITY: %s to %s\n", rv1 ? beforestr : "",
241 rv2 ? afterstr : "");
242 }
243 ocsp_Trace("OCSP ## ISSUER: %s\n", cert->issuerName);
244 printHexString("OCSP ## SERIAL NUMBER:", &cert->serialNumber);
245 }
246
247 static void
248 dumpCertID(CERTOCSPCertID *certID)
249 {
250 if (!wantOcspTrace())
251 return;
252
253 printHexString("OCSP certID issuer", &certID->issuerNameHash);
254 printHexString("OCSP certID serial", &certID->serialNumber);
255 }
256 #endif
257
258 SECStatus
259 SEC_RegisterDefaultHttpClient(const SEC_HttpClientFcn *fcnTable)
260 {
261 if (!OCSP_Global.monitor) {
262 PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
263 return SECFailure;
264 }
265
266 PR_EnterMonitor(OCSP_Global.monitor);
267 OCSP_Global.defaultHttpClientFcn = fcnTable;
268 PR_ExitMonitor(OCSP_Global.monitor);
269
270 return SECSuccess;
271 }
272
273 SECStatus
274 CERT_RegisterAlternateOCSPAIAInfoCallBack(
275 CERT_StringFromCertFcn newCallback,
276 CERT_StringFromCertFcn *oldCallback)
277 {
278 CERT_StringFromCertFcn old;
279
280 if (!OCSP_Global.monitor) {
281 PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
282 return SECFailure;
283 }
284
285 PR_EnterMonitor(OCSP_Global.monitor);
286 old = OCSP_Global.alternateOCSPAIAFcn;
287 OCSP_Global.alternateOCSPAIAFcn = newCallback;
288 PR_ExitMonitor(OCSP_Global.monitor);
289 if (oldCallback)
290 *oldCallback = old;
291 return SECSuccess;
292 }
293
294 static PLHashNumber PR_CALLBACK
295 ocsp_CacheKeyHashFunction(const void *key)
296 {
297 CERTOCSPCertID *cid = (CERTOCSPCertID *)key;
298 PLHashNumber hash = 0;
299 unsigned int i;
300 unsigned char *walk;
301
302 /* a very simple hash calculation for the initial coding phase */
303 walk = (unsigned char *)cid->issuerNameHash.data;
304 for (i = 0; i < cid->issuerNameHash.len; ++i, ++walk) {
305 hash += *walk;
306 }
307 walk = (unsigned char *)cid->issuerKeyHash.data;
308 for (i = 0; i < cid->issuerKeyHash.len; ++i, ++walk) {
309 hash += *walk;
310 }
311 walk = (unsigned char *)cid->serialNumber.data;
312 for (i = 0; i < cid->serialNumber.len; ++i, ++walk) {
313 hash += *walk;
314 }
315 return hash;
316 }
317
318 static PRIntn PR_CALLBACK
319 ocsp_CacheKeyCompareFunction(const void *v1, const void *v2)
320 {
321 CERTOCSPCertID *cid1 = (CERTOCSPCertID *)v1;
322 CERTOCSPCertID *cid2 = (CERTOCSPCertID *)v2;
323
324 return (SECEqual == SECITEM_CompareItem(&cid1->issuerNameHash,
325 &cid2->issuerNameHash) &&
326 SECEqual == SECITEM_CompareItem(&cid1->issuerKeyHash,
327 &cid2->issuerKeyHash) &&
328 SECEqual == SECITEM_CompareItem(&cid1->serialNumber,
329 &cid2->serialNumber));
330 }
331
332 static SECStatus
333 ocsp_CopyRevokedInfo(PLArenaPool *arena, ocspCertStatus *dest,
334 ocspRevokedInfo *src)
335 {
336 SECStatus rv = SECFailure;
337 void *mark;
338
339 mark = PORT_ArenaMark(arena);
340
341 dest->certStatusInfo.revokedInfo =
342 (ocspRevokedInfo *)PORT_ArenaZAlloc(arena, sizeof(ocspRevokedInfo));
343 if (!dest->certStatusInfo.revokedInfo) {
344 goto loser;
345 }
346
347 rv = SECITEM_CopyItem(arena,
348 &dest->certStatusInfo.revokedInfo->revocationTime,
349 &src->revocationTime);
350 if (rv != SECSuccess) {
351 goto loser;
352 }
353
354 if (src->revocationReason) {
355 dest->certStatusInfo.revokedInfo->revocationReason =
356 SECITEM_ArenaDupItem(arena, src->revocationReason);
357 if (!dest->certStatusInfo.revokedInfo->revocationReason) {
358 goto loser;
359 }
360 } else {
361 dest->certStatusInfo.revokedInfo->revocationReason = NULL;
362 }
363
364 PORT_ArenaUnmark(arena, mark);
365 return SECSuccess;
366
367 loser:
368 PORT_ArenaRelease(arena, mark);
369 return SECFailure;
370 }
371
372 static SECStatus
373 ocsp_CopyCertStatus(PLArenaPool *arena, ocspCertStatus *dest,
374 ocspCertStatus *src)
375 {
376 SECStatus rv = SECFailure;
377 dest->certStatusType = src->certStatusType;
378
379 switch (src->certStatusType) {
380 case ocspCertStatus_good:
381 dest->certStatusInfo.goodInfo =
382 SECITEM_ArenaDupItem(arena, src->certStatusInfo.goodInfo);
383 if (dest->certStatusInfo.goodInfo != NULL) {
384 rv = SECSuccess;
385 }
386 break;
387 case ocspCertStatus_revoked:
388 rv = ocsp_CopyRevokedInfo(arena, dest,
389 src->certStatusInfo.revokedInfo);
390 break;
391 case ocspCertStatus_unknown:
392 dest->certStatusInfo.unknownInfo =
393 SECITEM_ArenaDupItem(arena, src->certStatusInfo.unknownInfo);
394 if (dest->certStatusInfo.unknownInfo != NULL) {
395 rv = SECSuccess;
396 }
397 break;
398 case ocspCertStatus_other:
399 default:
400 PORT_Assert(src->certStatusType == ocspCertStatus_other);
401 dest->certStatusInfo.otherInfo =
402 SECITEM_ArenaDupItem(arena, src->certStatusInfo.otherInfo);
403 if (dest->certStatusInfo.otherInfo != NULL) {
404 rv = SECSuccess;
405 }
406 break;
407 }
408 return rv;
409 }
410
411 static void
412 ocsp_AddCacheItemToLinkedList(OCSPCacheData *cache, OCSPCacheItem *new_most_rece nt)
413 {
414 PR_EnterMonitor(OCSP_Global.monitor);
415
416 if (!cache->LRUitem) {
417 cache->LRUitem = new_most_recent;
418 }
419 new_most_recent->lessRecent = cache->MRUitem;
420 new_most_recent->moreRecent = NULL;
421
422 if (cache->MRUitem) {
423 cache->MRUitem->moreRecent = new_most_recent;
424 }
425 cache->MRUitem = new_most_recent;
426
427 PR_ExitMonitor(OCSP_Global.monitor);
428 }
429
430 static void
431 ocsp_RemoveCacheItemFromLinkedList(OCSPCacheData *cache, OCSPCacheItem *item)
432 {
433 PR_EnterMonitor(OCSP_Global.monitor);
434
435 if (!item->lessRecent && !item->moreRecent) {
436 /*
437 * Fail gracefully on attempts to remove an item from the list,
438 * which is currently not part of the list.
439 * But check for the edge case it is the single entry in the list.
440 */
441 if (item == cache->LRUitem &&
442 item == cache->MRUitem) {
443 /* remove the single entry */
444 PORT_Assert(cache->numberOfEntries == 1);
445 PORT_Assert(item->moreRecent == NULL);
446 cache->MRUitem = NULL;
447 cache->LRUitem = NULL;
448 }
449 PR_ExitMonitor(OCSP_Global.monitor);
450 return;
451 }
452
453 PORT_Assert(cache->numberOfEntries > 1);
454
455 if (item == cache->LRUitem) {
456 PORT_Assert(item != cache->MRUitem);
457 PORT_Assert(item->lessRecent == NULL);
458 PORT_Assert(item->moreRecent != NULL);
459 PORT_Assert(item->moreRecent->lessRecent == item);
460 cache->LRUitem = item->moreRecent;
461 cache->LRUitem->lessRecent = NULL;
462 } else if (item == cache->MRUitem) {
463 PORT_Assert(item->moreRecent == NULL);
464 PORT_Assert(item->lessRecent != NULL);
465 PORT_Assert(item->lessRecent->moreRecent == item);
466 cache->MRUitem = item->lessRecent;
467 cache->MRUitem->moreRecent = NULL;
468 } else {
469 /* remove an entry in the middle of the list */
470 PORT_Assert(item->moreRecent != NULL);
471 PORT_Assert(item->lessRecent != NULL);
472 PORT_Assert(item->lessRecent->moreRecent == item);
473 PORT_Assert(item->moreRecent->lessRecent == item);
474 item->moreRecent->lessRecent = item->lessRecent;
475 item->lessRecent->moreRecent = item->moreRecent;
476 }
477
478 item->lessRecent = NULL;
479 item->moreRecent = NULL;
480
481 PR_ExitMonitor(OCSP_Global.monitor);
482 }
483
484 static void
485 ocsp_MakeCacheEntryMostRecent(OCSPCacheData *cache, OCSPCacheItem *new_most_rece nt)
486 {
487 OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent THREADID %p\n",
488 PR_GetCurrentThread()));
489 PR_EnterMonitor(OCSP_Global.monitor);
490 if (cache->MRUitem == new_most_recent) {
491 OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent ALREADY MOST\n"));
492 PR_ExitMonitor(OCSP_Global.monitor);
493 return;
494 }
495 OCSP_TRACE(("OCSP ocsp_MakeCacheEntryMostRecent NEW entry\n"));
496 ocsp_RemoveCacheItemFromLinkedList(cache, new_most_recent);
497 ocsp_AddCacheItemToLinkedList(cache, new_most_recent);
498 PR_ExitMonitor(OCSP_Global.monitor);
499 }
500
501 static PRBool
502 ocsp_IsCacheDisabled(void)
503 {
504 /*
505 * maxCacheEntries == 0 means unlimited cache entries
506 * maxCacheEntries < 0 means cache is disabled
507 */
508 PRBool retval;
509 PR_EnterMonitor(OCSP_Global.monitor);
510 retval = (OCSP_Global.maxCacheEntries < 0);
511 PR_ExitMonitor(OCSP_Global.monitor);
512 return retval;
513 }
514
515 static OCSPCacheItem *
516 ocsp_FindCacheEntry(OCSPCacheData *cache, CERTOCSPCertID *certID)
517 {
518 OCSPCacheItem *found_ocsp_item = NULL;
519 OCSP_TRACE(("OCSP ocsp_FindCacheEntry\n"));
520 OCSP_TRACE_CERTID(certID);
521 PR_EnterMonitor(OCSP_Global.monitor);
522 if (ocsp_IsCacheDisabled())
523 goto loser;
524
525 found_ocsp_item = (OCSPCacheItem *)PL_HashTableLookup(
526 cache->entries, certID);
527 if (!found_ocsp_item)
528 goto loser;
529
530 OCSP_TRACE(("OCSP ocsp_FindCacheEntry FOUND!\n"));
531 ocsp_MakeCacheEntryMostRecent(cache, found_ocsp_item);
532
533 loser:
534 PR_ExitMonitor(OCSP_Global.monitor);
535 return found_ocsp_item;
536 }
537
538 static void
539 ocsp_FreeCacheItem(OCSPCacheItem *item)
540 {
541 OCSP_TRACE(("OCSP ocsp_FreeCacheItem\n"));
542 if (item->certStatusArena) {
543 PORT_FreeArena(item->certStatusArena, PR_FALSE);
544 }
545 if (item->certID->poolp) {
546 /* freeing this poolp arena will also free item */
547 PORT_FreeArena(item->certID->poolp, PR_FALSE);
548 }
549 }
550
551 static void
552 ocsp_RemoveCacheItem(OCSPCacheData *cache, OCSPCacheItem *item)
553 {
554 /* The item we're removing could be either the least recently used item,
555 * or it could be an item that couldn't get updated with newer status info
556 * because of an allocation failure, or it could get removed because we're
557 * cleaning up.
558 */
559 OCSP_TRACE(("OCSP ocsp_RemoveCacheItem, THREADID %p\n", PR_GetCurrentThread( )));
560 PR_EnterMonitor(OCSP_Global.monitor);
561
562 ocsp_RemoveCacheItemFromLinkedList(cache, item);
563 #ifdef DEBUG
564 {
565 PRBool couldRemoveFromHashTable = PL_HashTableRemove(cache->entries,
566 item->certID);
567 PORT_Assert(couldRemoveFromHashTable);
568 }
569 #else
570 PL_HashTableRemove(cache->entries, item->certID);
571 #endif
572 --cache->numberOfEntries;
573 ocsp_FreeCacheItem(item);
574 PR_ExitMonitor(OCSP_Global.monitor);
575 }
576
577 static void
578 ocsp_CheckCacheSize(OCSPCacheData *cache)
579 {
580 OCSP_TRACE(("OCSP ocsp_CheckCacheSize\n"));
581 PR_EnterMonitor(OCSP_Global.monitor);
582 if (OCSP_Global.maxCacheEntries > 0) {
583 /* Cache is not disabled. Number of cache entries is limited.
584 * The monitor ensures that maxCacheEntries remains positive.
585 */
586 while (cache->numberOfEntries >
587 (PRUint32)OCSP_Global.maxCacheEntries) {
588 ocsp_RemoveCacheItem(cache, cache->LRUitem);
589 }
590 }
591 PR_ExitMonitor(OCSP_Global.monitor);
592 }
593
594 SECStatus
595 CERT_ClearOCSPCache(void)
596 {
597 OCSP_TRACE(("OCSP CERT_ClearOCSPCache\n"));
598 PR_EnterMonitor(OCSP_Global.monitor);
599 while (OCSP_Global.cache.numberOfEntries > 0) {
600 ocsp_RemoveCacheItem(&OCSP_Global.cache,
601 OCSP_Global.cache.LRUitem);
602 }
603 PR_ExitMonitor(OCSP_Global.monitor);
604 return SECSuccess;
605 }
606
607 static SECStatus
608 ocsp_CreateCacheItemAndConsumeCertID(OCSPCacheData *cache,
609 CERTOCSPCertID *certID,
610 OCSPCacheItem **pCacheItem)
611 {
612 PLArenaPool *arena;
613 void *mark;
614 PLHashEntry *new_hash_entry;
615 OCSPCacheItem *item;
616
617 PORT_Assert(pCacheItem != NULL);
618 *pCacheItem = NULL;
619
620 PR_EnterMonitor(OCSP_Global.monitor);
621 arena = certID->poolp;
622 mark = PORT_ArenaMark(arena);
623
624 /* ZAlloc will init all Bools to False and all Pointers to NULL
625 and all error codes to zero/good. */
626 item = (OCSPCacheItem *)PORT_ArenaZAlloc(certID->poolp,
627 sizeof(OCSPCacheItem));
628 if (!item) {
629 goto loser;
630 }
631 item->certID = certID;
632 new_hash_entry = PL_HashTableAdd(cache->entries, item->certID,
633 item);
634 if (!new_hash_entry) {
635 goto loser;
636 }
637 ++cache->numberOfEntries;
638 PORT_ArenaUnmark(arena, mark);
639 ocsp_AddCacheItemToLinkedList(cache, item);
640 *pCacheItem = item;
641
642 PR_ExitMonitor(OCSP_Global.monitor);
643 return SECSuccess;
644
645 loser:
646 PORT_ArenaRelease(arena, mark);
647 PR_ExitMonitor(OCSP_Global.monitor);
648 return SECFailure;
649 }
650
651 static SECStatus
652 ocsp_SetCacheItemResponse(OCSPCacheItem *item,
653 const CERTOCSPSingleResponse *response)
654 {
655 if (item->certStatusArena) {
656 PORT_FreeArena(item->certStatusArena, PR_FALSE);
657 item->certStatusArena = NULL;
658 }
659 item->haveThisUpdate = item->haveNextUpdate = PR_FALSE;
660 if (response) {
661 SECStatus rv;
662 item->certStatusArena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
663 if (item->certStatusArena == NULL) {
664 return SECFailure;
665 }
666 rv = ocsp_CopyCertStatus(item->certStatusArena, &item->certStatus,
667 response->certStatus);
668 if (rv != SECSuccess) {
669 PORT_FreeArena(item->certStatusArena, PR_FALSE);
670 item->certStatusArena = NULL;
671 return rv;
672 }
673 item->missingResponseError = 0;
674 rv = DER_GeneralizedTimeToTime(&item->thisUpdate,
675 &response->thisUpdate);
676 item->haveThisUpdate = (rv == SECSuccess);
677 if (response->nextUpdate) {
678 rv = DER_GeneralizedTimeToTime(&item->nextUpdate,
679 response->nextUpdate);
680 item->haveNextUpdate = (rv == SECSuccess);
681 } else {
682 item->haveNextUpdate = PR_FALSE;
683 }
684 }
685 return SECSuccess;
686 }
687
688 static void
689 ocsp_FreshenCacheItemNextFetchAttemptTime(OCSPCacheItem *cacheItem)
690 {
691 PRTime now;
692 PRTime earliestAllowedNextFetchAttemptTime;
693 PRTime latestTimeWhenResponseIsConsideredFresh;
694
695 OCSP_TRACE(("OCSP ocsp_FreshenCacheItemNextFetchAttemptTime\n"));
696
697 PR_EnterMonitor(OCSP_Global.monitor);
698
699 now = PR_Now();
700 OCSP_TRACE_TIME("now:", now);
701
702 if (cacheItem->haveThisUpdate) {
703 OCSP_TRACE_TIME("thisUpdate:", cacheItem->thisUpdate);
704 latestTimeWhenResponseIsConsideredFresh = cacheItem->thisUpdate +
705 OCSP_Global.maximumSecondsToNe xtFetchAttempt *
706 MICROSECONDS_PER_SECOND;
707 OCSP_TRACE_TIME("latestTimeWhenResponseIsConsideredFresh:",
708 latestTimeWhenResponseIsConsideredFresh);
709 } else {
710 latestTimeWhenResponseIsConsideredFresh = now +
711 OCSP_Global.minimumSecondsToNe xtFetchAttempt *
712 MICROSECONDS_PER_SECOND;
713 OCSP_TRACE_TIME("no thisUpdate, "
714 "latestTimeWhenResponseIsConsideredFresh:",
715 latestTimeWhenResponseIsConsideredFresh);
716 }
717
718 if (cacheItem->haveNextUpdate) {
719 OCSP_TRACE_TIME("have nextUpdate:", cacheItem->nextUpdate);
720 }
721
722 if (cacheItem->haveNextUpdate &&
723 cacheItem->nextUpdate < latestTimeWhenResponseIsConsideredFresh) {
724 latestTimeWhenResponseIsConsideredFresh = cacheItem->nextUpdate;
725 OCSP_TRACE_TIME("nextUpdate is smaller than latestFresh, setting "
726 "latestTimeWhenResponseIsConsideredFresh:",
727 latestTimeWhenResponseIsConsideredFresh);
728 }
729
730 earliestAllowedNextFetchAttemptTime = now +
731 OCSP_Global.minimumSecondsToNextFetchA ttempt *
732 MICROSECONDS_PER_SECOND;
733 OCSP_TRACE_TIME("earliestAllowedNextFetchAttemptTime:",
734 earliestAllowedNextFetchAttemptTime);
735
736 if (latestTimeWhenResponseIsConsideredFresh <
737 earliestAllowedNextFetchAttemptTime) {
738 latestTimeWhenResponseIsConsideredFresh =
739 earliestAllowedNextFetchAttemptTime;
740 OCSP_TRACE_TIME("latest < earliest, setting latest to:",
741 latestTimeWhenResponseIsConsideredFresh);
742 }
743
744 cacheItem->nextFetchAttemptTime =
745 latestTimeWhenResponseIsConsideredFresh;
746 OCSP_TRACE_TIME("nextFetchAttemptTime",
747 latestTimeWhenResponseIsConsideredFresh);
748
749 PR_ExitMonitor(OCSP_Global.monitor);
750 }
751
752 static PRBool
753 ocsp_IsCacheItemFresh(OCSPCacheItem *cacheItem)
754 {
755 PRTime now;
756 PRBool fresh;
757
758 now = PR_Now();
759
760 fresh = cacheItem->nextFetchAttemptTime > now;
761
762 /* Work around broken OCSP responders that return unknown responses for
763 * certificates, especially certificates that were just recently issued.
764 */
765 if (fresh && cacheItem->certStatusArena &&
766 cacheItem->certStatus.certStatusType == ocspCertStatus_unknown) {
767 fresh = PR_FALSE;
768 }
769
770 OCSP_TRACE(("OCSP ocsp_IsCacheItemFresh: %d\n", fresh));
771
772 return fresh;
773 }
774
775 /*
776 * Status in *certIDWasConsumed will always be correct, regardless of
777 * return value.
778 * If the caller is unable to transfer ownership of certID,
779 * then the caller must set certIDWasConsumed to NULL,
780 * and this function will potentially duplicate the certID object.
781 */
782 static SECStatus
783 ocsp_CreateOrUpdateCacheEntry(OCSPCacheData *cache,
784 CERTOCSPCertID *certID,
785 CERTOCSPSingleResponse *single,
786 PRBool *certIDWasConsumed)
787 {
788 SECStatus rv;
789 OCSPCacheItem *cacheItem;
790 OCSP_TRACE(("OCSP ocsp_CreateOrUpdateCacheEntry\n"));
791
792 if (certIDWasConsumed)
793 *certIDWasConsumed = PR_FALSE;
794
795 PR_EnterMonitor(OCSP_Global.monitor);
796 PORT_Assert(OCSP_Global.maxCacheEntries >= 0);
797
798 cacheItem = ocsp_FindCacheEntry(cache, certID);
799
800 /* Don't replace an unknown or revoked entry with an error entry, even if
801 * the existing entry is expired. Instead, we'll continue to use the
802 * existing (possibly expired) cache entry until we receive a valid signed
803 * response to replace it.
804 */
805 if (!single && cacheItem && cacheItem->certStatusArena &&
806 (cacheItem->certStatus.certStatusType == ocspCertStatus_revoked ||
807 cacheItem->certStatus.certStatusType == ocspCertStatus_unknown)) {
808 PR_ExitMonitor(OCSP_Global.monitor);
809 return SECSuccess;
810 }
811
812 if (!cacheItem) {
813 CERTOCSPCertID *myCertID;
814 if (certIDWasConsumed) {
815 myCertID = certID;
816 *certIDWasConsumed = PR_TRUE;
817 } else {
818 myCertID = cert_DupOCSPCertID(certID);
819 if (!myCertID) {
820 PR_ExitMonitor(OCSP_Global.monitor);
821 PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
822 return SECFailure;
823 }
824 }
825
826 rv = ocsp_CreateCacheItemAndConsumeCertID(cache, myCertID,
827 &cacheItem);
828 if (rv != SECSuccess) {
829 PR_ExitMonitor(OCSP_Global.monitor);
830 return rv;
831 }
832 }
833 if (single) {
834 PRTime thisUpdate;
835 rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
836
837 if (!cacheItem->haveThisUpdate ||
838 (rv == SECSuccess && cacheItem->thisUpdate < thisUpdate)) {
839 rv = ocsp_SetCacheItemResponse(cacheItem, single);
840 if (rv != SECSuccess) {
841 ocsp_RemoveCacheItem(cache, cacheItem);
842 PR_ExitMonitor(OCSP_Global.monitor);
843 return rv;
844 }
845 } else {
846 OCSP_TRACE(("Not caching response because the response is not "
847 "newer than the cache"));
848 }
849 } else {
850 cacheItem->missingResponseError = PORT_GetError();
851 if (cacheItem->certStatusArena) {
852 PORT_FreeArena(cacheItem->certStatusArena, PR_FALSE);
853 cacheItem->certStatusArena = NULL;
854 }
855 }
856 ocsp_FreshenCacheItemNextFetchAttemptTime(cacheItem);
857 ocsp_CheckCacheSize(cache);
858
859 PR_ExitMonitor(OCSP_Global.monitor);
860 return SECSuccess;
861 }
862
863 extern SECStatus
864 CERT_SetOCSPFailureMode(SEC_OcspFailureMode ocspFailureMode)
865 {
866 switch (ocspFailureMode) {
867 case ocspMode_FailureIsVerificationFailure:
868 case ocspMode_FailureIsNotAVerificationFailure:
869 break;
870 default:
871 PORT_SetError(SEC_ERROR_INVALID_ARGS);
872 return SECFailure;
873 }
874
875 PR_EnterMonitor(OCSP_Global.monitor);
876 OCSP_Global.ocspFailureMode = ocspFailureMode;
877 PR_ExitMonitor(OCSP_Global.monitor);
878 return SECSuccess;
879 }
880
881 SECStatus
882 CERT_OCSPCacheSettings(PRInt32 maxCacheEntries,
883 PRUint32 minimumSecondsToNextFetchAttempt,
884 PRUint32 maximumSecondsToNextFetchAttempt)
885 {
886 if (minimumSecondsToNextFetchAttempt > maximumSecondsToNextFetchAttempt ||
887 maxCacheEntries < -1) {
888 PORT_SetError(SEC_ERROR_INVALID_ARGS);
889 return SECFailure;
890 }
891
892 PR_EnterMonitor(OCSP_Global.monitor);
893
894 if (maxCacheEntries < 0) {
895 OCSP_Global.maxCacheEntries = -1; /* disable cache */
896 } else if (maxCacheEntries == 0) {
897 OCSP_Global.maxCacheEntries = 0; /* unlimited cache entries */
898 } else {
899 OCSP_Global.maxCacheEntries = maxCacheEntries;
900 }
901
902 if (minimumSecondsToNextFetchAttempt <
903 OCSP_Global.minimumSecondsToNextFetchAttempt ||
904 maximumSecondsToNextFetchAttempt <
905 OCSP_Global.maximumSecondsToNextFetchAttempt) {
906 /*
907 * Ensure our existing cache entries are not used longer than the
908 * new settings allow, we're lazy and just clear the cache
909 */
910 CERT_ClearOCSPCache();
911 }
912
913 OCSP_Global.minimumSecondsToNextFetchAttempt =
914 minimumSecondsToNextFetchAttempt;
915 OCSP_Global.maximumSecondsToNextFetchAttempt =
916 maximumSecondsToNextFetchAttempt;
917 ocsp_CheckCacheSize(&OCSP_Global.cache);
918
919 PR_ExitMonitor(OCSP_Global.monitor);
920 return SECSuccess;
921 }
922
923 SECStatus
924 CERT_SetOCSPTimeout(PRUint32 seconds)
925 {
926 /* no locking, see bug 406120 */
927 OCSP_Global.timeoutSeconds = seconds;
928 return SECSuccess;
929 }
930
931 /* this function is called at NSS initialization time */
932 SECStatus
933 OCSP_InitGlobal(void)
934 {
935 SECStatus rv = SECFailure;
936
937 if (OCSP_Global.monitor == NULL) {
938 OCSP_Global.monitor = PR_NewMonitor();
939 }
940 if (!OCSP_Global.monitor)
941 return SECFailure;
942
943 PR_EnterMonitor(OCSP_Global.monitor);
944 if (!OCSP_Global.cache.entries) {
945 OCSP_Global.cache.entries =
946 PL_NewHashTable(0,
947 ocsp_CacheKeyHashFunction,
948 ocsp_CacheKeyCompareFunction,
949 PL_CompareValues,
950 NULL,
951 NULL);
952 OCSP_Global.ocspFailureMode = ocspMode_FailureIsVerificationFailure;
953 OCSP_Global.cache.numberOfEntries = 0;
954 OCSP_Global.cache.MRUitem = NULL;
955 OCSP_Global.cache.LRUitem = NULL;
956 } else {
957 /*
958 * NSS might call this function twice while attempting to init.
959 * But it's not allowed to call this again after any activity.
960 */
961 PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
962 PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
963 }
964 if (OCSP_Global.cache.entries)
965 rv = SECSuccess;
966 PR_ExitMonitor(OCSP_Global.monitor);
967 return rv;
968 }
969
970 SECStatus
971 OCSP_ShutdownGlobal(void)
972 {
973 if (!OCSP_Global.monitor)
974 return SECSuccess;
975
976 PR_EnterMonitor(OCSP_Global.monitor);
977 if (OCSP_Global.cache.entries) {
978 CERT_ClearOCSPCache();
979 PL_HashTableDestroy(OCSP_Global.cache.entries);
980 OCSP_Global.cache.entries = NULL;
981 }
982 PORT_Assert(OCSP_Global.cache.numberOfEntries == 0);
983 OCSP_Global.cache.MRUitem = NULL;
984 OCSP_Global.cache.LRUitem = NULL;
985
986 OCSP_Global.defaultHttpClientFcn = NULL;
987 OCSP_Global.maxCacheEntries = DEFAULT_OCSP_CACHE_SIZE;
988 OCSP_Global.minimumSecondsToNextFetchAttempt =
989 DEFAULT_MINIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
990 OCSP_Global.maximumSecondsToNextFetchAttempt =
991 DEFAULT_MAXIMUM_SECONDS_TO_NEXT_OCSP_FETCH_ATTEMPT;
992 OCSP_Global.ocspFailureMode =
993 ocspMode_FailureIsVerificationFailure;
994 PR_ExitMonitor(OCSP_Global.monitor);
995
996 PR_DestroyMonitor(OCSP_Global.monitor);
997 OCSP_Global.monitor = NULL;
998 return SECSuccess;
999 }
1000
1001 /*
1002 * A return value of NULL means:
1003 * The application did not register it's own HTTP client.
1004 */
1005 const SEC_HttpClientFcn *
1006 SEC_GetRegisteredHttpClient(void)
1007 {
1008 const SEC_HttpClientFcn *retval;
1009
1010 if (!OCSP_Global.monitor) {
1011 PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
1012 return NULL;
1013 }
1014
1015 PR_EnterMonitor(OCSP_Global.monitor);
1016 retval = OCSP_Global.defaultHttpClientFcn;
1017 PR_ExitMonitor(OCSP_Global.monitor);
1018
1019 return retval;
1020 }
1021
1022 /*
1023 * The following structure is only used internally. It is allocated when
1024 * someone turns on OCSP checking, and hangs off of the status-configuration
1025 * structure in the certdb structure. We use it to keep configuration
1026 * information specific to OCSP checking.
1027 */
1028 typedef struct ocspCheckingContextStr {
1029 PRBool useDefaultResponder;
1030 char *defaultResponderURI;
1031 char *defaultResponderNickname;
1032 CERTCertificate *defaultResponderCert;
1033 } ocspCheckingContext;
1034
1035 SEC_ASN1_MKSUB(SEC_AnyTemplate)
1036 SEC_ASN1_MKSUB(SEC_IntegerTemplate)
1037 SEC_ASN1_MKSUB(SEC_NullTemplate)
1038 SEC_ASN1_MKSUB(SEC_OctetStringTemplate)
1039 SEC_ASN1_MKSUB(SEC_PointerToAnyTemplate)
1040 SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
1041 SEC_ASN1_MKSUB(SEC_SequenceOfAnyTemplate)
1042 SEC_ASN1_MKSUB(SEC_PointerToGeneralizedTimeTemplate)
1043 SEC_ASN1_MKSUB(SEC_PointerToEnumeratedTemplate)
1044
1045 /*
1046 * Forward declarations of sub-types, so I can lay out the types in the
1047 * same order as the ASN.1 is laid out in the OCSP spec itself.
1048 *
1049 * These are in alphabetical order (case-insensitive); please keep it that way!
1050 */
1051 extern const SEC_ASN1Template ocsp_CertIDTemplate[];
1052 extern const SEC_ASN1Template ocsp_PointerToSignatureTemplate[];
1053 extern const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[];
1054 extern const SEC_ASN1Template ocsp_ResponseDataTemplate[];
1055 extern const SEC_ASN1Template ocsp_RevokedInfoTemplate[];
1056 extern const SEC_ASN1Template ocsp_SingleRequestTemplate[];
1057 extern const SEC_ASN1Template ocsp_SingleResponseTemplate[];
1058 extern const SEC_ASN1Template ocsp_TBSRequestTemplate[];
1059
1060 /*
1061 * Request-related templates...
1062 */
1063
1064 /*
1065 * OCSPRequest ::= SEQUENCE {
1066 * tbsRequest TBSRequest,
1067 * optionalSignature [0] EXPLICIT Signature OPTIONAL }
1068 */
1069 static const SEC_ASN1Template ocsp_OCSPRequestTemplate[] = {
1070 { SEC_ASN1_SEQUENCE,
1071 0, NULL, sizeof(CERTOCSPRequest) },
1072 { SEC_ASN1_POINTER,
1073 offsetof(CERTOCSPRequest, tbsRequest),
1074 ocsp_TBSRequestTemplate },
1075 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1076 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
1077 offsetof(CERTOCSPRequest, optionalSignature),
1078 ocsp_PointerToSignatureTemplate },
1079 { 0 }
1080 };
1081
1082 /*
1083 * TBSRequest ::= SEQUENCE {
1084 * version [0] EXPLICIT Version DEFAULT v1,
1085 * requestorName [1] EXPLICIT GeneralName OPTIONAL,
1086 * requestList SEQUENCE OF Request,
1087 * requestExtensions [2] EXPLICIT Extensions OPTIONAL }
1088 *
1089 * Version ::= INTEGER { v1(0) }
1090 *
1091 * Note: this should be static but the AIX compiler doesn't like it (because it
1092 * was forward-declared above); it is not meant to be exported, but this
1093 * is the only way it will compile.
1094 */
1095 const SEC_ASN1Template ocsp_TBSRequestTemplate[] = {
1096 { SEC_ASN1_SEQUENCE,
1097 0, NULL, sizeof(ocspTBSRequest) },
1098 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
1099 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1100 offsetof(ocspTBSRequest, version),
1101 SEC_ASN1_SUB(SEC_IntegerTemplate) },
1102 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1103 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 1,
1104 offsetof(ocspTBSRequest, derRequestorName),
1105 SEC_ASN1_SUB(SEC_PointerToAnyTemplate) },
1106 { SEC_ASN1_SEQUENCE_OF,
1107 offsetof(ocspTBSRequest, requestList),
1108 ocsp_SingleRequestTemplate },
1109 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1110 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 2,
1111 offsetof(ocspTBSRequest, requestExtensions),
1112 CERT_SequenceOfCertExtensionTemplate },
1113 { 0 }
1114 };
1115
1116 /*
1117 * Signature ::= SEQUENCE {
1118 * signatureAlgorithm AlgorithmIdentifier,
1119 * signature BIT STRING,
1120 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
1121 */
1122 static const SEC_ASN1Template ocsp_SignatureTemplate[] = {
1123 { SEC_ASN1_SEQUENCE,
1124 0, NULL, sizeof(ocspSignature) },
1125 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
1126 offsetof(ocspSignature, signatureAlgorithm),
1127 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1128 { SEC_ASN1_BIT_STRING,
1129 offsetof(ocspSignature, signature) },
1130 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1131 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1132 offsetof(ocspSignature, derCerts),
1133 SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
1134 { 0 }
1135 };
1136
1137 /*
1138 * This template is just an extra level to use in an explicitly-tagged
1139 * reference to a Signature.
1140 *
1141 * Note: this should be static but the AIX compiler doesn't like it (because it
1142 * was forward-declared above); it is not meant to be exported, but this
1143 * is the only way it will compile.
1144 */
1145 const SEC_ASN1Template ocsp_PointerToSignatureTemplate[] = {
1146 { SEC_ASN1_POINTER, 0, ocsp_SignatureTemplate }
1147 };
1148
1149 /*
1150 * Request ::= SEQUENCE {
1151 * reqCert CertID,
1152 * singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
1153 *
1154 * Note: this should be static but the AIX compiler doesn't like it (because it
1155 * was forward-declared above); it is not meant to be exported, but this
1156 * is the only way it will compile.
1157 */
1158 const SEC_ASN1Template ocsp_SingleRequestTemplate[] = {
1159 { SEC_ASN1_SEQUENCE,
1160 0, NULL, sizeof(ocspSingleRequest) },
1161 { SEC_ASN1_POINTER,
1162 offsetof(ocspSingleRequest, reqCert),
1163 ocsp_CertIDTemplate },
1164 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1165 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
1166 offsetof(ocspSingleRequest, singleRequestExtensions),
1167 CERT_SequenceOfCertExtensionTemplate },
1168 { 0 }
1169 };
1170
1171 /*
1172 * This data structure and template (CertID) is used by both OCSP
1173 * requests and responses. It is the only one that is shared.
1174 *
1175 * CertID ::= SEQUENCE {
1176 * hashAlgorithm AlgorithmIdentifier,
1177 * issuerNameHash OCTET STRING, -- Hash of Issuer DN
1178 * issuerKeyHash OCTET STRING, -- Hash of Issuer public key
1179 * serialNumber CertificateSerialNumber }
1180 *
1181 * CertificateSerialNumber ::= INTEGER
1182 *
1183 * Note: this should be static but the AIX compiler doesn't like it (because it
1184 * was forward-declared above); it is not meant to be exported, but this
1185 * is the only way it will compile.
1186 */
1187 const SEC_ASN1Template ocsp_CertIDTemplate[] = {
1188 { SEC_ASN1_SEQUENCE,
1189 0, NULL, sizeof(CERTOCSPCertID) },
1190 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
1191 offsetof(CERTOCSPCertID, hashAlgorithm),
1192 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1193 { SEC_ASN1_OCTET_STRING,
1194 offsetof(CERTOCSPCertID, issuerNameHash) },
1195 { SEC_ASN1_OCTET_STRING,
1196 offsetof(CERTOCSPCertID, issuerKeyHash) },
1197 { SEC_ASN1_INTEGER,
1198 offsetof(CERTOCSPCertID, serialNumber) },
1199 { 0 }
1200 };
1201
1202 /*
1203 * Response-related templates...
1204 */
1205
1206 /*
1207 * OCSPResponse ::= SEQUENCE {
1208 * responseStatus OCSPResponseStatus,
1209 * responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
1210 */
1211 const SEC_ASN1Template ocsp_OCSPResponseTemplate[] = {
1212 { SEC_ASN1_SEQUENCE,
1213 0, NULL, sizeof(CERTOCSPResponse) },
1214 { SEC_ASN1_ENUMERATED,
1215 offsetof(CERTOCSPResponse, responseStatus) },
1216 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1217 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0,
1218 offsetof(CERTOCSPResponse, responseBytes),
1219 ocsp_PointerToResponseBytesTemplate },
1220 { 0 }
1221 };
1222
1223 /*
1224 * ResponseBytes ::= SEQUENCE {
1225 * responseType OBJECT IDENTIFIER,
1226 * response OCTET STRING }
1227 */
1228 const SEC_ASN1Template ocsp_ResponseBytesTemplate[] = {
1229 { SEC_ASN1_SEQUENCE,
1230 0, NULL, sizeof(ocspResponseBytes) },
1231 { SEC_ASN1_OBJECT_ID,
1232 offsetof(ocspResponseBytes, responseType) },
1233 { SEC_ASN1_OCTET_STRING,
1234 offsetof(ocspResponseBytes, response) },
1235 { 0 }
1236 };
1237
1238 /*
1239 * This template is just an extra level to use in an explicitly-tagged
1240 * reference to a ResponseBytes.
1241 *
1242 * Note: this should be static but the AIX compiler doesn't like it (because it
1243 * was forward-declared above); it is not meant to be exported, but this
1244 * is the only way it will compile.
1245 */
1246 const SEC_ASN1Template ocsp_PointerToResponseBytesTemplate[] = {
1247 { SEC_ASN1_POINTER, 0, ocsp_ResponseBytesTemplate }
1248 };
1249
1250 /*
1251 * BasicOCSPResponse ::= SEQUENCE {
1252 * tbsResponseData ResponseData,
1253 * signatureAlgorithm AlgorithmIdentifier,
1254 * signature BIT STRING,
1255 * certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
1256 */
1257 static const SEC_ASN1Template ocsp_BasicOCSPResponseTemplate[] = {
1258 { SEC_ASN1_SEQUENCE,
1259 0, NULL, sizeof(ocspBasicOCSPResponse) },
1260 { SEC_ASN1_ANY | SEC_ASN1_SAVE,
1261 offsetof(ocspBasicOCSPResponse, tbsResponseDataDER) },
1262 { SEC_ASN1_POINTER,
1263 offsetof(ocspBasicOCSPResponse, tbsResponseData),
1264 ocsp_ResponseDataTemplate },
1265 { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
1266 offsetof(ocspBasicOCSPResponse, responseSignature.signatureAlgorithm),
1267 SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
1268 { SEC_ASN1_BIT_STRING,
1269 offsetof(ocspBasicOCSPResponse, responseSignature.signature) },
1270 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1271 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1272 offsetof(ocspBasicOCSPResponse, responseSignature.derCerts),
1273 SEC_ASN1_SUB(SEC_SequenceOfAnyTemplate) },
1274 { 0 }
1275 };
1276
1277 /*
1278 * ResponseData ::= SEQUENCE {
1279 * version [0] EXPLICIT Version DEFAULT v1,
1280 * responderID ResponderID,
1281 * producedAt GeneralizedTime,
1282 * responses SEQUENCE OF SingleResponse,
1283 * responseExtensions [1] EXPLICIT Extensions OPTIONAL }
1284 *
1285 * Note: this should be static but the AIX compiler doesn't like it (because it
1286 * was forward-declared above); it is not meant to be exported, but this
1287 * is the only way it will compile.
1288 */
1289 const SEC_ASN1Template ocsp_ResponseDataTemplate[] = {
1290 { SEC_ASN1_SEQUENCE,
1291 0, NULL, sizeof(ocspResponseData) },
1292 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT | /* XXX DER_DEFAULT */
1293 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1294 offsetof(ocspResponseData, version),
1295 SEC_ASN1_SUB(SEC_IntegerTemplate) },
1296 { SEC_ASN1_ANY,
1297 offsetof(ocspResponseData, derResponderID) },
1298 { SEC_ASN1_GENERALIZED_TIME,
1299 offsetof(ocspResponseData, producedAt) },
1300 { SEC_ASN1_SEQUENCE_OF,
1301 offsetof(ocspResponseData, responses),
1302 ocsp_SingleResponseTemplate },
1303 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1304 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
1305 offsetof(ocspResponseData, responseExtensions),
1306 CERT_SequenceOfCertExtensionTemplate },
1307 { 0 }
1308 };
1309
1310 /*
1311 * ResponderID ::= CHOICE {
1312 * byName [1] EXPLICIT Name,
1313 * byKey [2] EXPLICIT KeyHash }
1314 *
1315 * KeyHash ::= OCTET STRING -- SHA-1 hash of responder's public key
1316 * (excluding the tag and length fields)
1317 *
1318 * XXX Because the ASN.1 encoder and decoder currently do not provide
1319 * a way to automatically handle a CHOICE, we need to do it in two
1320 * steps, looking at the type tag and feeding the exact choice back
1321 * to the ASN.1 code. Hopefully that will change someday and this
1322 * can all be simplified down into a single template. Anyway, for
1323 * now we list each choice as its own template:
1324 */
1325 const SEC_ASN1Template ocsp_ResponderIDByNameTemplate[] = {
1326 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
1327 offsetof(ocspResponderID, responderIDValue.name),
1328 CERT_NameTemplate }
1329 };
1330 const SEC_ASN1Template ocsp_ResponderIDByKeyTemplate[] = {
1331 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
1332 SEC_ASN1_XTRN | 2,
1333 offsetof(ocspResponderID, responderIDValue.keyHash),
1334 SEC_ASN1_SUB(SEC_OctetStringTemplate) }
1335 };
1336 static const SEC_ASN1Template ocsp_ResponderIDOtherTemplate[] = {
1337 { SEC_ASN1_ANY,
1338 offsetof(ocspResponderID, responderIDValue.other) }
1339 };
1340
1341 /* Decode choice container, but leave x509 name object encoded */
1342 static const SEC_ASN1Template ocsp_ResponderIDDerNameTemplate[] = {
1343 { SEC_ASN1_EXPLICIT | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
1344 SEC_ASN1_XTRN | 1,
1345 0, SEC_ASN1_SUB(SEC_AnyTemplate) }
1346 };
1347
1348 /*
1349 * SingleResponse ::= SEQUENCE {
1350 * certID CertID,
1351 * certStatus CertStatus,
1352 * thisUpdate GeneralizedTime,
1353 * nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
1354 * singleExtensions [1] EXPLICIT Extensions OPTIONAL }
1355 *
1356 * Note: this should be static but the AIX compiler doesn't like it (because it
1357 * was forward-declared above); it is not meant to be exported, but this
1358 * is the only way it will compile.
1359 */
1360 const SEC_ASN1Template ocsp_SingleResponseTemplate[] = {
1361 { SEC_ASN1_SEQUENCE,
1362 0, NULL, sizeof(CERTOCSPSingleResponse) },
1363 { SEC_ASN1_POINTER,
1364 offsetof(CERTOCSPSingleResponse, certID),
1365 ocsp_CertIDTemplate },
1366 { SEC_ASN1_ANY,
1367 offsetof(CERTOCSPSingleResponse, derCertStatus) },
1368 { SEC_ASN1_GENERALIZED_TIME,
1369 offsetof(CERTOCSPSingleResponse, thisUpdate) },
1370 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1371 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1372 offsetof(CERTOCSPSingleResponse, nextUpdate),
1373 SEC_ASN1_SUB(SEC_PointerToGeneralizedTimeTemplate) },
1374 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1375 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
1376 offsetof(CERTOCSPSingleResponse, singleExtensions),
1377 CERT_SequenceOfCertExtensionTemplate },
1378 { 0 }
1379 };
1380
1381 /*
1382 * CertStatus ::= CHOICE {
1383 * good [0] IMPLICIT NULL,
1384 * revoked [1] IMPLICIT RevokedInfo,
1385 * unknown [2] IMPLICIT UnknownInfo }
1386 *
1387 * Because the ASN.1 encoder and decoder currently do not provide
1388 * a way to automatically handle a CHOICE, we need to do it in two
1389 * steps, looking at the type tag and feeding the exact choice back
1390 * to the ASN.1 code. Hopefully that will change someday and this
1391 * can all be simplified down into a single template. Anyway, for
1392 * now we list each choice as its own template:
1393 */
1394 static const SEC_ASN1Template ocsp_CertStatusGoodTemplate[] = {
1395 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 0,
1396 offsetof(ocspCertStatus, certStatusInfo.goodInfo),
1397 SEC_ASN1_SUB(SEC_NullTemplate) }
1398 };
1399 static const SEC_ASN1Template ocsp_CertStatusRevokedTemplate[] = {
1400 { SEC_ASN1_POINTER | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 1,
1401 offsetof(ocspCertStatus, certStatusInfo.revokedInfo),
1402 ocsp_RevokedInfoTemplate }
1403 };
1404 static const SEC_ASN1Template ocsp_CertStatusUnknownTemplate[] = {
1405 { SEC_ASN1_POINTER | SEC_ASN1_CONTEXT_SPECIFIC | SEC_ASN1_XTRN | 2,
1406 offsetof(ocspCertStatus, certStatusInfo.unknownInfo),
1407 SEC_ASN1_SUB(SEC_NullTemplate) }
1408 };
1409 static const SEC_ASN1Template ocsp_CertStatusOtherTemplate[] = {
1410 { SEC_ASN1_POINTER | SEC_ASN1_XTRN,
1411 offsetof(ocspCertStatus, certStatusInfo.otherInfo),
1412 SEC_ASN1_SUB(SEC_AnyTemplate) }
1413 };
1414
1415 /*
1416 * RevokedInfo ::= SEQUENCE {
1417 * revocationTime GeneralizedTime,
1418 * revocationReason [0] EXPLICIT CRLReason OPTIONAL }
1419 *
1420 * Note: this should be static but the AIX compiler doesn't like it (because it
1421 * was forward-declared above); it is not meant to be exported, but this
1422 * is the only way it will compile.
1423 */
1424 const SEC_ASN1Template ocsp_RevokedInfoTemplate[] = {
1425 { SEC_ASN1_SEQUENCE,
1426 0, NULL, sizeof(ocspRevokedInfo) },
1427 { SEC_ASN1_GENERALIZED_TIME,
1428 offsetof(ocspRevokedInfo, revocationTime) },
1429 { SEC_ASN1_OPTIONAL | SEC_ASN1_EXPLICIT |
1430 SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC |
1431 SEC_ASN1_XTRN | 0,
1432 offsetof(ocspRevokedInfo, revocationReason),
1433 SEC_ASN1_SUB(SEC_PointerToEnumeratedTemplate) },
1434 { 0 }
1435 };
1436
1437 /*
1438 * OCSP-specific extension templates:
1439 */
1440
1441 /*
1442 * ServiceLocator ::= SEQUENCE {
1443 * issuer Name,
1444 * locator AuthorityInfoAccessSyntax OPTIONAL }
1445 */
1446 static const SEC_ASN1Template ocsp_ServiceLocatorTemplate[] = {
1447 { SEC_ASN1_SEQUENCE,
1448 0, NULL, sizeof(ocspServiceLocator) },
1449 { SEC_ASN1_POINTER,
1450 offsetof(ocspServiceLocator, issuer),
1451 CERT_NameTemplate },
1452 { SEC_ASN1_OPTIONAL | SEC_ASN1_ANY,
1453 offsetof(ocspServiceLocator, locator) },
1454 { 0 }
1455 };
1456
1457 /*
1458 * REQUEST SUPPORT FUNCTIONS (encode/create/decode/destroy):
1459 */
1460
1461 /*
1462 * FUNCTION: CERT_EncodeOCSPRequest
1463 * DER encodes an OCSP Request, possibly adding a signature as well.
1464 * XXX Signing is not yet supported, however; see comments in code.
1465 * INPUTS:
1466 * PLArenaPool *arena
1467 * The return value is allocated from here.
1468 * If a NULL is passed in, allocation is done from the heap instead.
1469 * CERTOCSPRequest *request
1470 * The request to be encoded.
1471 * void *pwArg
1472 * Pointer to argument for password prompting, if needed. (Definitely
1473 * not needed if not signing.)
1474 * RETURN:
1475 * Returns a NULL on error and a pointer to the SECItem with the
1476 * encoded value otherwise. Any error is likely to be low-level
1477 * (e.g. no memory).
1478 */
1479 SECItem *
1480 CERT_EncodeOCSPRequest(PLArenaPool *arena, CERTOCSPRequest *request,
1481 void *pwArg)
1482 {
1483 SECStatus rv;
1484
1485 /* XXX All of these should generate errors if they fail. */
1486 PORT_Assert(request);
1487 PORT_Assert(request->tbsRequest);
1488
1489 if (request->tbsRequest->extensionHandle != NULL) {
1490 rv = CERT_FinishExtensions(request->tbsRequest->extensionHandle);
1491 request->tbsRequest->extensionHandle = NULL;
1492 if (rv != SECSuccess)
1493 return NULL;
1494 }
1495
1496 /*
1497 * XXX When signed requests are supported and request->optionalSignature
1498 * is not NULL:
1499 * - need to encode tbsRequest->requestorName
1500 * - need to encode tbsRequest
1501 * - need to sign that encoded result (using cert in sig), filling in the
1502 * request->optionalSignature structure with the result, the signing
1503 * algorithm and (perhaps?) the cert (and its chain?) in derCerts
1504 */
1505
1506 return SEC_ASN1EncodeItem(arena, NULL, request, ocsp_OCSPRequestTemplate);
1507 }
1508
1509 /*
1510 * FUNCTION: CERT_DecodeOCSPRequest
1511 * Decode a DER encoded OCSP Request.
1512 * INPUTS:
1513 * SECItem *src
1514 * Pointer to a SECItem holding DER encoded OCSP Request.
1515 * RETURN:
1516 * Returns a pointer to a CERTOCSPRequest containing the decoded request.
1517 * On error, returns NULL. Most likely error is trouble decoding
1518 * (SEC_ERROR_OCSP_MALFORMED_REQUEST), or low-level problem (no memory).
1519 */
1520 CERTOCSPRequest *
1521 CERT_DecodeOCSPRequest(const SECItem *src)
1522 {
1523 PLArenaPool *arena = NULL;
1524 SECStatus rv = SECFailure;
1525 CERTOCSPRequest *dest = NULL;
1526 int i;
1527 SECItem newSrc;
1528
1529 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
1530 if (arena == NULL) {
1531 goto loser;
1532 }
1533 dest = (CERTOCSPRequest *)PORT_ArenaZAlloc(arena,
1534 sizeof(CERTOCSPRequest));
1535 if (dest == NULL) {
1536 goto loser;
1537 }
1538 dest->arena = arena;
1539
1540 /* copy the DER into the arena, since Quick DER returns data that points
1541 into the DER input, which may get freed by the caller */
1542 rv = SECITEM_CopyItem(arena, &newSrc, src);
1543 if (rv != SECSuccess) {
1544 goto loser;
1545 }
1546
1547 rv = SEC_QuickDERDecodeItem(arena, dest, ocsp_OCSPRequestTemplate, &newSrc);
1548 if (rv != SECSuccess) {
1549 if (PORT_GetError() == SEC_ERROR_BAD_DER)
1550 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
1551 goto loser;
1552 }
1553
1554 /*
1555 * XXX I would like to find a way to get rid of the necessity
1556 * of doing this copying of the arena pointer.
1557 */
1558 for (i = 0; dest->tbsRequest->requestList[i] != NULL; i++) {
1559 dest->tbsRequest->requestList[i]->arena = arena;
1560 }
1561
1562 return dest;
1563
1564 loser:
1565 if (arena != NULL) {
1566 PORT_FreeArena(arena, PR_FALSE);
1567 }
1568 return NULL;
1569 }
1570
1571 SECStatus
1572 CERT_DestroyOCSPCertID(CERTOCSPCertID *certID)
1573 {
1574 if (certID && certID->poolp) {
1575 PORT_FreeArena(certID->poolp, PR_FALSE);
1576 return SECSuccess;
1577 }
1578 PORT_SetError(SEC_ERROR_INVALID_ARGS);
1579 return SECFailure;
1580 }
1581
1582 /*
1583 * Digest data using the specified algorithm.
1584 * The necessary storage for the digest data is allocated. If "fill" is
1585 * non-null, the data is put there, otherwise a SECItem is allocated.
1586 * Allocation from "arena" if it is non-null, heap otherwise. Any problem
1587 * results in a NULL being returned (and an appropriate error set).
1588 */
1589
1590 SECItem *
1591 ocsp_DigestValue(PLArenaPool *arena, SECOidTag digestAlg,
1592 SECItem *fill, const SECItem *src)
1593 {
1594 const SECHashObject *digestObject;
1595 SECItem *result = NULL;
1596 void *mark = NULL;
1597 void *digestBuff = NULL;
1598
1599 if (arena != NULL) {
1600 mark = PORT_ArenaMark(arena);
1601 }
1602
1603 digestObject = HASH_GetHashObjectByOidTag(digestAlg);
1604 if (digestObject == NULL) {
1605 goto loser;
1606 }
1607
1608 if (fill == NULL || fill->data == NULL) {
1609 result = SECITEM_AllocItem(arena, fill, digestObject->length);
1610 if (result == NULL) {
1611 goto loser;
1612 }
1613 digestBuff = result->data;
1614 } else {
1615 if (fill->len < digestObject->length) {
1616 PORT_SetError(SEC_ERROR_INVALID_ARGS);
1617 goto loser;
1618 }
1619 digestBuff = fill->data;
1620 }
1621
1622 if (PK11_HashBuf(digestAlg, digestBuff,
1623 src->data, src->len) != SECSuccess) {
1624 goto loser;
1625 }
1626
1627 if (arena != NULL) {
1628 PORT_ArenaUnmark(arena, mark);
1629 }
1630
1631 if (result == NULL) {
1632 result = fill;
1633 }
1634 return result;
1635
1636 loser:
1637 if (arena != NULL) {
1638 PORT_ArenaRelease(arena, mark);
1639 } else {
1640 if (result != NULL) {
1641 SECITEM_FreeItem(result, (fill == NULL) ? PR_TRUE : PR_FALSE);
1642 }
1643 }
1644 return (NULL);
1645 }
1646
1647 /*
1648 * Digest the cert's subject public key using the specified algorithm.
1649 * The necessary storage for the digest data is allocated. If "fill" is
1650 * non-null, the data is put there, otherwise a SECItem is allocated.
1651 * Allocation from "arena" if it is non-null, heap otherwise. Any problem
1652 * results in a NULL being returned (and an appropriate error set).
1653 */
1654 SECItem *
1655 CERT_GetSubjectPublicKeyDigest(PLArenaPool *arena, const CERTCertificate *cert,
1656 SECOidTag digestAlg, SECItem *fill)
1657 {
1658 SECItem spk;
1659
1660 /*
1661 * Copy just the length and data pointer (nothing needs to be freed)
1662 * of the subject public key so we can convert the length from bits
1663 * to bytes, which is what the digest function expects.
1664 */
1665 spk = cert->subjectPublicKeyInfo.subjectPublicKey;
1666 DER_ConvertBitString(&spk);
1667
1668 return ocsp_DigestValue(arena, digestAlg, fill, &spk);
1669 }
1670
1671 /*
1672 * Digest the cert's subject name using the specified algorithm.
1673 */
1674 SECItem *
1675 CERT_GetSubjectNameDigest(PLArenaPool *arena, const CERTCertificate *cert,
1676 SECOidTag digestAlg, SECItem *fill)
1677 {
1678 SECItem name;
1679
1680 /*
1681 * Copy just the length and data pointer (nothing needs to be freed)
1682 * of the subject name
1683 */
1684 name = cert->derSubject;
1685
1686 return ocsp_DigestValue(arena, digestAlg, fill, &name);
1687 }
1688
1689 /*
1690 * Create and fill-in a CertID. This function fills in the hash values
1691 * (issuerNameHash and issuerKeyHash), and is hardwired to use SHA1.
1692 * Someday it might need to be more flexible about hash algorithm, but
1693 * for now we have no intention/need to create anything else.
1694 *
1695 * Error causes a null to be returned; most likely cause is trouble
1696 * finding the certificate issuer (SEC_ERROR_UNKNOWN_ISSUER).
1697 * Other errors are low-level problems (no memory, bad database, etc.).
1698 */
1699 static CERTOCSPCertID *
1700 ocsp_CreateCertID(PLArenaPool *arena, CERTCertificate *cert, PRTime time)
1701 {
1702 CERTOCSPCertID *certID;
1703 CERTCertificate *issuerCert = NULL;
1704 void *mark = PORT_ArenaMark(arena);
1705 SECStatus rv;
1706
1707 PORT_Assert(arena != NULL);
1708
1709 certID = PORT_ArenaZNew(arena, CERTOCSPCertID);
1710 if (certID == NULL) {
1711 goto loser;
1712 }
1713
1714 rv = SECOID_SetAlgorithmID(arena, &certID->hashAlgorithm, SEC_OID_SHA1,
1715 NULL);
1716 if (rv != SECSuccess) {
1717 goto loser;
1718 }
1719
1720 issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
1721 if (issuerCert == NULL) {
1722 goto loser;
1723 }
1724
1725 if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_SHA1,
1726 &(certID->issuerNameHash)) == NULL) {
1727 goto loser;
1728 }
1729 certID->issuerSHA1NameHash.data = certID->issuerNameHash.data;
1730 certID->issuerSHA1NameHash.len = certID->issuerNameHash.len;
1731
1732 if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD5,
1733 &(certID->issuerMD5NameHash)) == NULL) {
1734 goto loser;
1735 }
1736
1737 if (CERT_GetSubjectNameDigest(arena, issuerCert, SEC_OID_MD2,
1738 &(certID->issuerMD2NameHash)) == NULL) {
1739 goto loser;
1740 }
1741
1742 if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_SHA1,
1743 &certID->issuerKeyHash) == NULL) {
1744 goto loser;
1745 }
1746 certID->issuerSHA1KeyHash.data = certID->issuerKeyHash.data;
1747 certID->issuerSHA1KeyHash.len = certID->issuerKeyHash.len;
1748 /* cache the other two hash algorithms as well */
1749 if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD5,
1750 &certID->issuerMD5KeyHash) == NULL) {
1751 goto loser;
1752 }
1753 if (CERT_GetSubjectPublicKeyDigest(arena, issuerCert, SEC_OID_MD2,
1754 &certID->issuerMD2KeyHash) == NULL) {
1755 goto loser;
1756 }
1757
1758 /* now we are done with issuerCert */
1759 CERT_DestroyCertificate(issuerCert);
1760 issuerCert = NULL;
1761
1762 rv = SECITEM_CopyItem(arena, &certID->serialNumber, &cert->serialNumber);
1763 if (rv != SECSuccess) {
1764 goto loser;
1765 }
1766
1767 PORT_ArenaUnmark(arena, mark);
1768 return certID;
1769
1770 loser:
1771 if (issuerCert != NULL) {
1772 CERT_DestroyCertificate(issuerCert);
1773 }
1774 PORT_ArenaRelease(arena, mark);
1775 return NULL;
1776 }
1777
1778 CERTOCSPCertID *
1779 CERT_CreateOCSPCertID(CERTCertificate *cert, PRTime time)
1780 {
1781 PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
1782 CERTOCSPCertID *certID;
1783 PORT_Assert(arena != NULL);
1784 if (!arena)
1785 return NULL;
1786
1787 certID = ocsp_CreateCertID(arena, cert, time);
1788 if (!certID) {
1789 PORT_FreeArena(arena, PR_FALSE);
1790 return NULL;
1791 }
1792 certID->poolp = arena;
1793 return certID;
1794 }
1795
1796 static CERTOCSPCertID *
1797 cert_DupOCSPCertID(const CERTOCSPCertID *src)
1798 {
1799 CERTOCSPCertID *dest;
1800 PLArenaPool *arena = NULL;
1801
1802 if (!src) {
1803 PORT_SetError(SEC_ERROR_INVALID_ARGS);
1804 return NULL;
1805 }
1806
1807 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
1808 if (!arena)
1809 goto loser;
1810
1811 dest = PORT_ArenaZNew(arena, CERTOCSPCertID);
1812 if (!dest)
1813 goto loser;
1814
1815 #define DUPHELP(element) \
1816 if (src->element.data && \
1817 SECITEM_CopyItem(arena, &dest->element, &src->element) != \
1818 SECSuccess) { \
1819 goto loser; \
1820 }
1821
1822 DUPHELP(hashAlgorithm.algorithm)
1823 DUPHELP(hashAlgorithm.parameters)
1824 DUPHELP(issuerNameHash)
1825 DUPHELP(issuerKeyHash)
1826 DUPHELP(serialNumber)
1827 DUPHELP(issuerSHA1NameHash)
1828 DUPHELP(issuerMD5NameHash)
1829 DUPHELP(issuerMD2NameHash)
1830 DUPHELP(issuerSHA1KeyHash)
1831 DUPHELP(issuerMD5KeyHash)
1832 DUPHELP(issuerMD2KeyHash)
1833
1834 dest->poolp = arena;
1835 return dest;
1836
1837 loser:
1838 if (arena)
1839 PORT_FreeArena(arena, PR_FALSE);
1840 PORT_SetError(PR_OUT_OF_MEMORY_ERROR);
1841 return NULL;
1842 }
1843
1844 /*
1845 * Callback to set Extensions in request object
1846 */
1847 void
1848 SetSingleReqExts(void *object, CERTCertExtension **exts)
1849 {
1850 ocspSingleRequest *singleRequest =
1851 (ocspSingleRequest *)object;
1852
1853 singleRequest->singleRequestExtensions = exts;
1854 }
1855
1856 /*
1857 * Add the Service Locator extension to the singleRequestExtensions
1858 * for the given singleRequest.
1859 *
1860 * All errors are internal or low-level problems (e.g. no memory).
1861 */
1862 static SECStatus
1863 ocsp_AddServiceLocatorExtension(ocspSingleRequest *singleRequest,
1864 CERTCertificate *cert)
1865 {
1866 ocspServiceLocator *serviceLocator = NULL;
1867 void *extensionHandle = NULL;
1868 SECStatus rv = SECFailure;
1869
1870 serviceLocator = PORT_ZNew(ocspServiceLocator);
1871 if (serviceLocator == NULL)
1872 goto loser;
1873
1874 /*
1875 * Normally it would be a bad idea to do a direct reference like
1876 * this rather than allocate and copy the name *or* at least dup
1877 * a reference of the cert. But all we need is to be able to read
1878 * the issuer name during the encoding we are about to do, so a
1879 * copy is just a waste of time.
1880 */
1881 serviceLocator->issuer = &cert->issuer;
1882
1883 rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
1884 &serviceLocator->locator);
1885 if (rv != SECSuccess) {
1886 if (PORT_GetError() != SEC_ERROR_EXTENSION_NOT_FOUND)
1887 goto loser;
1888 }
1889
1890 /* prepare for following loser gotos */
1891 rv = SECFailure;
1892 PORT_SetError(0);
1893
1894 extensionHandle = cert_StartExtensions(singleRequest,
1895 singleRequest->arena, SetSingleReqExt s);
1896 if (extensionHandle == NULL)
1897 goto loser;
1898
1899 rv = CERT_EncodeAndAddExtension(extensionHandle,
1900 SEC_OID_PKIX_OCSP_SERVICE_LOCATOR,
1901 serviceLocator, PR_FALSE,
1902 ocsp_ServiceLocatorTemplate);
1903
1904 loser:
1905 if (extensionHandle != NULL) {
1906 /*
1907 * Either way we have to finish out the extension context (so it gets
1908 * freed). But careful not to override any already-set bad status.
1909 */
1910 SECStatus tmprv = CERT_FinishExtensions(extensionHandle);
1911 if (rv == SECSuccess)
1912 rv = tmprv;
1913 }
1914
1915 /*
1916 * Finally, free the serviceLocator structure itself and we are done.
1917 */
1918 if (serviceLocator != NULL) {
1919 if (serviceLocator->locator.data != NULL)
1920 SECITEM_FreeItem(&serviceLocator->locator, PR_FALSE);
1921 PORT_Free(serviceLocator);
1922 }
1923
1924 return rv;
1925 }
1926
1927 /*
1928 * Creates an array of ocspSingleRequest based on a list of certs.
1929 * Note that the code which later compares the request list with the
1930 * response expects this array to be in the exact same order as the
1931 * certs are found in the list. It would be harder to change that
1932 * order than preserve it, but since the requirement is not obvious,
1933 * it deserves to be mentioned.
1934 *
1935 * Any problem causes a null return and error set:
1936 * SEC_ERROR_UNKNOWN_ISSUER
1937 * Other errors are low-level problems (no memory, bad database, etc.).
1938 */
1939 static ocspSingleRequest **
1940 ocsp_CreateSingleRequestList(PLArenaPool *arena, CERTCertList *certList,
1941 PRTime time, PRBool includeLocator)
1942 {
1943 ocspSingleRequest **requestList = NULL;
1944 CERTCertListNode *node = NULL;
1945 int i, count;
1946 void *mark = PORT_ArenaMark(arena);
1947
1948 node = CERT_LIST_HEAD(certList);
1949 for (count = 0; !CERT_LIST_END(node, certList); count++) {
1950 node = CERT_LIST_NEXT(node);
1951 }
1952
1953 if (count == 0)
1954 goto loser;
1955
1956 requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, count + 1);
1957 if (requestList == NULL)
1958 goto loser;
1959
1960 node = CERT_LIST_HEAD(certList);
1961 for (i = 0; !CERT_LIST_END(node, certList); i++) {
1962 requestList[i] = PORT_ArenaZNew(arena, ocspSingleRequest);
1963 if (requestList[i] == NULL)
1964 goto loser;
1965
1966 OCSP_TRACE(("OCSP CERT_CreateOCSPRequest %s\n", node->cert->subjectName) );
1967 requestList[i]->arena = arena;
1968 requestList[i]->reqCert = ocsp_CreateCertID(arena, node->cert, time);
1969 if (requestList[i]->reqCert == NULL)
1970 goto loser;
1971
1972 if (includeLocator == PR_TRUE) {
1973 SECStatus rv;
1974
1975 rv = ocsp_AddServiceLocatorExtension(requestList[i], node->cert);
1976 if (rv != SECSuccess)
1977 goto loser;
1978 }
1979
1980 node = CERT_LIST_NEXT(node);
1981 }
1982
1983 PORT_Assert(i == count);
1984
1985 PORT_ArenaUnmark(arena, mark);
1986 requestList[i] = NULL;
1987 return requestList;
1988
1989 loser:
1990 PORT_ArenaRelease(arena, mark);
1991 return NULL;
1992 }
1993
1994 static ocspSingleRequest **
1995 ocsp_CreateRequestFromCert(PLArenaPool *arena,
1996 CERTOCSPCertID *certID,
1997 CERTCertificate *singleCert,
1998 PRTime time,
1999 PRBool includeLocator)
2000 {
2001 ocspSingleRequest **requestList = NULL;
2002 void *mark = PORT_ArenaMark(arena);
2003 PORT_Assert(certID != NULL && singleCert != NULL);
2004
2005 /* meaning of value 2: one entry + one end marker */
2006 requestList = PORT_ArenaNewArray(arena, ocspSingleRequest *, 2);
2007 if (requestList == NULL)
2008 goto loser;
2009 requestList[0] = PORT_ArenaZNew(arena, ocspSingleRequest);
2010 if (requestList[0] == NULL)
2011 goto loser;
2012 requestList[0]->arena = arena;
2013 /* certID will live longer than the request */
2014 requestList[0]->reqCert = certID;
2015
2016 if (includeLocator == PR_TRUE) {
2017 SECStatus rv;
2018 rv = ocsp_AddServiceLocatorExtension(requestList[0], singleCert);
2019 if (rv != SECSuccess)
2020 goto loser;
2021 }
2022
2023 PORT_ArenaUnmark(arena, mark);
2024 requestList[1] = NULL;
2025 return requestList;
2026
2027 loser:
2028 PORT_ArenaRelease(arena, mark);
2029 return NULL;
2030 }
2031
2032 static CERTOCSPRequest *
2033 ocsp_prepareEmptyOCSPRequest(void)
2034 {
2035 PLArenaPool *arena = NULL;
2036 CERTOCSPRequest *request = NULL;
2037 ocspTBSRequest *tbsRequest = NULL;
2038
2039 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
2040 if (arena == NULL) {
2041 goto loser;
2042 }
2043 request = PORT_ArenaZNew(arena, CERTOCSPRequest);
2044 if (request == NULL) {
2045 goto loser;
2046 }
2047 request->arena = arena;
2048
2049 tbsRequest = PORT_ArenaZNew(arena, ocspTBSRequest);
2050 if (tbsRequest == NULL) {
2051 goto loser;
2052 }
2053 request->tbsRequest = tbsRequest;
2054 /* version 1 is the default, so we need not fill in a version number */
2055 return request;
2056
2057 loser:
2058 if (arena != NULL) {
2059 PORT_FreeArena(arena, PR_FALSE);
2060 }
2061 return NULL;
2062 }
2063
2064 CERTOCSPRequest *
2065 cert_CreateSingleCertOCSPRequest(CERTOCSPCertID *certID,
2066 CERTCertificate *singleCert,
2067 PRTime time,
2068 PRBool addServiceLocator,
2069 CERTCertificate *signerCert)
2070 {
2071 CERTOCSPRequest *request;
2072 OCSP_TRACE(("OCSP cert_CreateSingleCertOCSPRequest %s\n", singleCert->subjec tName));
2073
2074 /* XXX Support for signerCert may be implemented later,
2075 * see also the comment in CERT_CreateOCSPRequest.
2076 */
2077 if (signerCert != NULL) {
2078 PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
2079 return NULL;
2080 }
2081
2082 request = ocsp_prepareEmptyOCSPRequest();
2083 if (!request)
2084 return NULL;
2085 /*
2086 * Version 1 is the default, so we need not fill in a version number.
2087 * Now create the list of single requests, one for each cert.
2088 */
2089 request->tbsRequest->requestList =
2090 ocsp_CreateRequestFromCert(request->arena,
2091 certID,
2092 singleCert,
2093 time,
2094 addServiceLocator);
2095 if (request->tbsRequest->requestList == NULL) {
2096 PORT_FreeArena(request->arena, PR_FALSE);
2097 return NULL;
2098 }
2099 return request;
2100 }
2101
2102 /*
2103 * FUNCTION: CERT_CreateOCSPRequest
2104 * Creates a CERTOCSPRequest, requesting the status of the certs in
2105 * the given list.
2106 * INPUTS:
2107 * CERTCertList *certList
2108 * A list of certs for which status will be requested.
2109 * Note that all of these certificates should have the same issuer,
2110 * or it's expected the response will be signed by a trusted responder.
2111 * If the certs need to be broken up into multiple requests, that
2112 * must be handled by the caller (and thus by having multiple calls
2113 * to this routine), who knows about where the request(s) are being
2114 * sent and whether there are any trusted responders in place.
2115 * PRTime time
2116 * Indicates the time for which the certificate status is to be
2117 * determined -- this may be used in the search for the cert's issuer
2118 * but has no effect on the request itself.
2119 * PRBool addServiceLocator
2120 * If true, the Service Locator extension should be added to the
2121 * single request(s) for each cert.
2122 * CERTCertificate *signerCert
2123 * If non-NULL, means sign the request using this cert. Otherwise,
2124 * do not sign.
2125 * XXX note that request signing is not yet supported; see comment in code
2126 * RETURN:
2127 * A pointer to a CERTOCSPRequest structure containing an OCSP request
2128 * for the cert list. On error, null is returned, with an error set
2129 * indicating the reason. This is likely SEC_ERROR_UNKNOWN_ISSUER.
2130 * (The issuer is needed to create a request for the certificate.)
2131 * Other errors are low-level problems (no memory, bad database, etc.).
2132 */
2133 CERTOCSPRequest *
2134 CERT_CreateOCSPRequest(CERTCertList *certList, PRTime time,
2135 PRBool addServiceLocator,
2136 CERTCertificate *signerCert)
2137 {
2138 CERTOCSPRequest *request = NULL;
2139
2140 if (!certList) {
2141 PORT_SetError(SEC_ERROR_INVALID_ARGS);
2142 return NULL;
2143 }
2144 /*
2145 * XXX When we are prepared to put signing of requests back in,
2146 * we will need to allocate a signature
2147 * structure for the request, fill in the "derCerts" field in it,
2148 * save the signerCert there, as well as fill in the "requestorName"
2149 * field of the tbsRequest.
2150 */
2151 if (signerCert != NULL) {
2152 PORT_SetError(PR_NOT_IMPLEMENTED_ERROR);
2153 return NULL;
2154 }
2155 request = ocsp_prepareEmptyOCSPRequest();
2156 if (!request)
2157 return NULL;
2158 /*
2159 * Now create the list of single requests, one for each cert.
2160 */
2161 request->tbsRequest->requestList =
2162 ocsp_CreateSingleRequestList(request->arena,
2163 certList,
2164 time,
2165 addServiceLocator);
2166 if (request->tbsRequest->requestList == NULL) {
2167 PORT_FreeArena(request->arena, PR_FALSE);
2168 return NULL;
2169 }
2170 return request;
2171 }
2172
2173 /*
2174 * FUNCTION: CERT_AddOCSPAcceptableResponses
2175 * Add the AcceptableResponses extension to an OCSP Request.
2176 * INPUTS:
2177 * CERTOCSPRequest *request
2178 * The request to which the extension should be added.
2179 * ...
2180 * A list (of one or more) of SECOidTag -- each of the response types
2181 * to be added. The last OID *must* be SEC_OID_PKIX_OCSP_BASIC_RESPONSE.
2182 * (This marks the end of the list, and it must be specified because a
2183 * client conforming to the OCSP standard is required to handle the basic
2184 * response type.) The OIDs are not checked in any way.
2185 * RETURN:
2186 * SECSuccess if the extension is added; SECFailure if anything goes wrong.
2187 * All errors are internal or low-level problems (e.g. no memory).
2188 */
2189
2190 void
2191 SetRequestExts(void *object, CERTCertExtension **exts)
2192 {
2193 CERTOCSPRequest *request = (CERTOCSPRequest *)object;
2194
2195 request->tbsRequest->requestExtensions = exts;
2196 }
2197
2198 SECStatus
2199 CERT_AddOCSPAcceptableResponses(CERTOCSPRequest *request,
2200 SECOidTag responseType0, ...)
2201 {
2202 void *extHandle;
2203 va_list ap;
2204 int i, count;
2205 SECOidTag responseType;
2206 SECOidData *responseOid;
2207 SECItem **acceptableResponses = NULL;
2208 SECStatus rv = SECFailure;
2209
2210 extHandle = request->tbsRequest->extensionHandle;
2211 if (extHandle == NULL) {
2212 extHandle = cert_StartExtensions(request, request->arena, SetRequestExts );
2213 if (extHandle == NULL)
2214 goto loser;
2215 }
2216
2217 /* Count number of OIDS going into the extension value. */
2218 count = 1;
2219 if (responseType0 != SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
2220 va_start(ap, responseType0);
2221 do {
2222 count++;
2223 responseType = va_arg(ap, SECOidTag);
2224 } while (responseType != SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
2225 va_end(ap);
2226 }
2227
2228 acceptableResponses = PORT_NewArray(SECItem *, count + 1);
2229 if (acceptableResponses == NULL)
2230 goto loser;
2231
2232 i = 0;
2233 responseOid = SECOID_FindOIDByTag(responseType0);
2234 acceptableResponses[i++] = &(responseOid->oid);
2235 if (count > 1) {
2236 va_start(ap, responseType0);
2237 for (; i < count; i++) {
2238 responseType = va_arg(ap, SECOidTag);
2239 responseOid = SECOID_FindOIDByTag(responseType);
2240 acceptableResponses[i] = &(responseOid->oid);
2241 }
2242 va_end(ap);
2243 }
2244 acceptableResponses[i] = NULL;
2245
2246 rv = CERT_EncodeAndAddExtension(extHandle, SEC_OID_PKIX_OCSP_RESPONSE,
2247 &acceptableResponses, PR_FALSE,
2248 SEC_ASN1_GET(SEC_SequenceOfObjectIDTemplate) );
2249 if (rv != SECSuccess)
2250 goto loser;
2251
2252 PORT_Free(acceptableResponses);
2253 if (request->tbsRequest->extensionHandle == NULL)
2254 request->tbsRequest->extensionHandle = extHandle;
2255 return SECSuccess;
2256
2257 loser:
2258 if (acceptableResponses != NULL)
2259 PORT_Free(acceptableResponses);
2260 if (extHandle != NULL)
2261 (void)CERT_FinishExtensions(extHandle);
2262 return rv;
2263 }
2264
2265 /*
2266 * FUNCTION: CERT_DestroyOCSPRequest
2267 * Frees an OCSP Request structure.
2268 * INPUTS:
2269 * CERTOCSPRequest *request
2270 * Pointer to CERTOCSPRequest to be freed.
2271 * RETURN:
2272 * No return value; no errors.
2273 */
2274 void
2275 CERT_DestroyOCSPRequest(CERTOCSPRequest *request)
2276 {
2277 if (request == NULL)
2278 return;
2279
2280 if (request->tbsRequest != NULL) {
2281 if (request->tbsRequest->requestorName != NULL)
2282 CERT_DestroyGeneralNameList(request->tbsRequest->requestorName);
2283 if (request->tbsRequest->extensionHandle != NULL)
2284 (void)CERT_FinishExtensions(request->tbsRequest->extensionHandle);
2285 }
2286
2287 if (request->optionalSignature != NULL) {
2288 if (request->optionalSignature->cert != NULL)
2289 CERT_DestroyCertificate(request->optionalSignature->cert);
2290
2291 /*
2292 * XXX Need to free derCerts? Or do they come out of arena?
2293 * (Currently we never fill in derCerts, which is why the
2294 * answer is not obvious. Once we do, add any necessary code
2295 * here and remove this comment.)
2296 */
2297 }
2298
2299 /*
2300 * We should actually never have a request without an arena,
2301 * but check just in case. (If there isn't one, there is not
2302 * much we can do about it...)
2303 */
2304 PORT_Assert(request->arena != NULL);
2305 if (request->arena != NULL)
2306 PORT_FreeArena(request->arena, PR_FALSE);
2307 }
2308
2309 /*
2310 * RESPONSE SUPPORT FUNCTIONS (encode/create/decode/destroy):
2311 */
2312
2313 /*
2314 * Helper function for encoding or decoding a ResponderID -- based on the
2315 * given type, return the associated template for that choice.
2316 */
2317 static const SEC_ASN1Template *
2318 ocsp_ResponderIDTemplateByType(CERTOCSPResponderIDType responderIDType)
2319 {
2320 const SEC_ASN1Template *responderIDTemplate;
2321
2322 switch (responderIDType) {
2323 case ocspResponderID_byName:
2324 responderIDTemplate = ocsp_ResponderIDByNameTemplate;
2325 break;
2326 case ocspResponderID_byKey:
2327 responderIDTemplate = ocsp_ResponderIDByKeyTemplate;
2328 break;
2329 case ocspResponderID_other:
2330 default:
2331 PORT_Assert(responderIDType == ocspResponderID_other);
2332 responderIDTemplate = ocsp_ResponderIDOtherTemplate;
2333 break;
2334 }
2335
2336 return responderIDTemplate;
2337 }
2338
2339 /*
2340 * Helper function for encoding or decoding a CertStatus -- based on the
2341 * given type, return the associated template for that choice.
2342 */
2343 static const SEC_ASN1Template *
2344 ocsp_CertStatusTemplateByType(ocspCertStatusType certStatusType)
2345 {
2346 const SEC_ASN1Template *certStatusTemplate;
2347
2348 switch (certStatusType) {
2349 case ocspCertStatus_good:
2350 certStatusTemplate = ocsp_CertStatusGoodTemplate;
2351 break;
2352 case ocspCertStatus_revoked:
2353 certStatusTemplate = ocsp_CertStatusRevokedTemplate;
2354 break;
2355 case ocspCertStatus_unknown:
2356 certStatusTemplate = ocsp_CertStatusUnknownTemplate;
2357 break;
2358 case ocspCertStatus_other:
2359 default:
2360 PORT_Assert(certStatusType == ocspCertStatus_other);
2361 certStatusTemplate = ocsp_CertStatusOtherTemplate;
2362 break;
2363 }
2364
2365 return certStatusTemplate;
2366 }
2367
2368 /*
2369 * Helper function for decoding a certStatus -- turn the actual DER tag
2370 * into our local translation.
2371 */
2372 static ocspCertStatusType
2373 ocsp_CertStatusTypeByTag(int derTag)
2374 {
2375 ocspCertStatusType certStatusType;
2376
2377 switch (derTag) {
2378 case 0:
2379 certStatusType = ocspCertStatus_good;
2380 break;
2381 case 1:
2382 certStatusType = ocspCertStatus_revoked;
2383 break;
2384 case 2:
2385 certStatusType = ocspCertStatus_unknown;
2386 break;
2387 default:
2388 certStatusType = ocspCertStatus_other;
2389 break;
2390 }
2391
2392 return certStatusType;
2393 }
2394
2395 /*
2396 * Helper function for decoding SingleResponses -- they each contain
2397 * a status which is encoded as CHOICE, which needs to be decoded "by hand".
2398 *
2399 * Note -- on error, this routine does not release the memory it may
2400 * have allocated; it expects its caller to do that.
2401 */
2402 static SECStatus
2403 ocsp_FinishDecodingSingleResponses(PLArenaPool *reqArena,
2404 CERTOCSPSingleResponse **responses)
2405 {
2406 ocspCertStatus *certStatus;
2407 ocspCertStatusType certStatusType;
2408 const SEC_ASN1Template *certStatusTemplate;
2409 int derTag;
2410 int i;
2411 SECStatus rv = SECFailure;
2412
2413 if (!reqArena) {
2414 PORT_SetError(SEC_ERROR_INVALID_ARGS);
2415 return SECFailure;
2416 }
2417
2418 if (responses == NULL) /* nothing to do */
2419 return SECSuccess;
2420
2421 for (i = 0; responses[i] != NULL; i++) {
2422 SECItem *newStatus;
2423 /*
2424 * The following assert points out internal errors (problems in
2425 * the template definitions or in the ASN.1 decoder itself, etc.).
2426 */
2427 PORT_Assert(responses[i]->derCertStatus.data != NULL);
2428
2429 derTag = responses[i]->derCertStatus.data[0] & SEC_ASN1_TAGNUM_MASK;
2430 certStatusType = ocsp_CertStatusTypeByTag(derTag);
2431 certStatusTemplate = ocsp_CertStatusTemplateByType(certStatusType);
2432
2433 certStatus = PORT_ArenaZAlloc(reqArena, sizeof(ocspCertStatus));
2434 if (certStatus == NULL) {
2435 goto loser;
2436 }
2437 newStatus = SECITEM_ArenaDupItem(reqArena, &responses[i]->derCertStatus) ;
2438 if (!newStatus) {
2439 goto loser;
2440 }
2441 rv = SEC_QuickDERDecodeItem(reqArena, certStatus, certStatusTemplate,
2442 newStatus);
2443 if (rv != SECSuccess) {
2444 if (PORT_GetError() == SEC_ERROR_BAD_DER)
2445 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
2446 goto loser;
2447 }
2448
2449 certStatus->certStatusType = certStatusType;
2450 responses[i]->certStatus = certStatus;
2451 }
2452
2453 return SECSuccess;
2454
2455 loser:
2456 return rv;
2457 }
2458
2459 /*
2460 * Helper function for decoding a responderID -- turn the actual DER tag
2461 * into our local translation.
2462 */
2463 static CERTOCSPResponderIDType
2464 ocsp_ResponderIDTypeByTag(int derTag)
2465 {
2466 CERTOCSPResponderIDType responderIDType;
2467
2468 switch (derTag) {
2469 case 1:
2470 responderIDType = ocspResponderID_byName;
2471 break;
2472 case 2:
2473 responderIDType = ocspResponderID_byKey;
2474 break;
2475 default:
2476 responderIDType = ocspResponderID_other;
2477 break;
2478 }
2479
2480 return responderIDType;
2481 }
2482
2483 /*
2484 * Decode "src" as a BasicOCSPResponse, returning the result.
2485 */
2486 static ocspBasicOCSPResponse *
2487 ocsp_DecodeBasicOCSPResponse(PLArenaPool *arena, SECItem *src)
2488 {
2489 void *mark;
2490 ocspBasicOCSPResponse *basicResponse;
2491 ocspResponseData *responseData;
2492 ocspResponderID *responderID;
2493 CERTOCSPResponderIDType responderIDType;
2494 const SEC_ASN1Template *responderIDTemplate;
2495 int derTag;
2496 SECStatus rv;
2497 SECItem newsrc;
2498
2499 mark = PORT_ArenaMark(arena);
2500
2501 basicResponse = PORT_ArenaZAlloc(arena, sizeof(ocspBasicOCSPResponse));
2502 if (basicResponse == NULL) {
2503 goto loser;
2504 }
2505
2506 /* copy the DER into the arena, since Quick DER returns data that points
2507 into the DER input, which may get freed by the caller */
2508 rv = SECITEM_CopyItem(arena, &newsrc, src);
2509 if (rv != SECSuccess) {
2510 goto loser;
2511 }
2512
2513 rv = SEC_QuickDERDecodeItem(arena, basicResponse,
2514 ocsp_BasicOCSPResponseTemplate, &newsrc);
2515 if (rv != SECSuccess) {
2516 if (PORT_GetError() == SEC_ERROR_BAD_DER)
2517 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
2518 goto loser;
2519 }
2520
2521 responseData = basicResponse->tbsResponseData;
2522
2523 /*
2524 * The following asserts point out internal errors (problems in
2525 * the template definitions or in the ASN.1 decoder itself, etc.).
2526 */
2527 PORT_Assert(responseData != NULL);
2528 PORT_Assert(responseData->derResponderID.data != NULL);
2529
2530 /*
2531 * XXX Because responderID is a CHOICE, which is not currently handled
2532 * by our ASN.1 decoder, we have to decode it "by hand".
2533 */
2534 derTag = responseData->derResponderID.data[0] & SEC_ASN1_TAGNUM_MASK;
2535 responderIDType = ocsp_ResponderIDTypeByTag(derTag);
2536 responderIDTemplate = ocsp_ResponderIDTemplateByType(responderIDType);
2537
2538 responderID = PORT_ArenaZAlloc(arena, sizeof(ocspResponderID));
2539 if (responderID == NULL) {
2540 goto loser;
2541 }
2542
2543 rv = SEC_QuickDERDecodeItem(arena, responderID, responderIDTemplate,
2544 &responseData->derResponderID);
2545 if (rv != SECSuccess) {
2546 if (PORT_GetError() == SEC_ERROR_BAD_DER)
2547 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
2548 goto loser;
2549 }
2550
2551 responderID->responderIDType = responderIDType;
2552 responseData->responderID = responderID;
2553
2554 /*
2555 * XXX Each SingleResponse also contains a CHOICE, which has to be
2556 * fixed up by hand.
2557 */
2558 rv = ocsp_FinishDecodingSingleResponses(arena, responseData->responses);
2559 if (rv != SECSuccess) {
2560 goto loser;
2561 }
2562
2563 PORT_ArenaUnmark(arena, mark);
2564 return basicResponse;
2565
2566 loser:
2567 PORT_ArenaRelease(arena, mark);
2568 return NULL;
2569 }
2570
2571 /*
2572 * Decode the responseBytes based on the responseType found in "rbytes",
2573 * leaving the resulting translated/decoded information in there as well.
2574 */
2575 static SECStatus
2576 ocsp_DecodeResponseBytes(PLArenaPool *arena, ocspResponseBytes *rbytes)
2577 {
2578 if (rbytes == NULL) {
2579 PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
2580 return SECFailure;
2581 }
2582
2583 rbytes->responseTypeTag = SECOID_FindOIDTag(&rbytes->responseType);
2584 switch (rbytes->responseTypeTag) {
2585 case SEC_OID_PKIX_OCSP_BASIC_RESPONSE: {
2586 ocspBasicOCSPResponse *basicResponse;
2587
2588 basicResponse = ocsp_DecodeBasicOCSPResponse(arena,
2589 &rbytes->response);
2590 if (basicResponse == NULL)
2591 return SECFailure;
2592
2593 rbytes->decodedResponse.basic = basicResponse;
2594 } break;
2595
2596 /*
2597 * Add new/future response types here.
2598 */
2599
2600 default:
2601 PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE);
2602 return SECFailure;
2603 }
2604
2605 return SECSuccess;
2606 }
2607
2608 /*
2609 * FUNCTION: CERT_DecodeOCSPResponse
2610 * Decode a DER encoded OCSP Response.
2611 * INPUTS:
2612 * SECItem *src
2613 * Pointer to a SECItem holding DER encoded OCSP Response.
2614 * RETURN:
2615 * Returns a pointer to a CERTOCSPResponse (the decoded OCSP Response);
2616 * the caller is responsible for destroying it. Or NULL if error (either
2617 * response could not be decoded (SEC_ERROR_OCSP_MALFORMED_RESPONSE),
2618 * it was of an unexpected type (SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE),
2619 * or a low-level or internal error occurred).
2620 */
2621 CERTOCSPResponse *
2622 CERT_DecodeOCSPResponse(const SECItem *src)
2623 {
2624 PLArenaPool *arena = NULL;
2625 CERTOCSPResponse *response = NULL;
2626 SECStatus rv = SECFailure;
2627 ocspResponseStatus sv;
2628 SECItem newSrc;
2629
2630 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
2631 if (arena == NULL) {
2632 goto loser;
2633 }
2634 response = (CERTOCSPResponse *)PORT_ArenaZAlloc(arena,
2635 sizeof(CERTOCSPResponse));
2636 if (response == NULL) {
2637 goto loser;
2638 }
2639 response->arena = arena;
2640
2641 /* copy the DER into the arena, since Quick DER returns data that points
2642 into the DER input, which may get freed by the caller */
2643 rv = SECITEM_CopyItem(arena, &newSrc, src);
2644 if (rv != SECSuccess) {
2645 goto loser;
2646 }
2647
2648 rv = SEC_QuickDERDecodeItem(arena, response, ocsp_OCSPResponseTemplate, &new Src);
2649 if (rv != SECSuccess) {
2650 if (PORT_GetError() == SEC_ERROR_BAD_DER)
2651 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
2652 goto loser;
2653 }
2654
2655 sv = (ocspResponseStatus)DER_GetInteger(&response->responseStatus);
2656 response->statusValue = sv;
2657 if (sv != ocspResponse_successful) {
2658 /*
2659 * If the response status is anything but successful, then we
2660 * are all done with decoding; the status is all there is.
2661 */
2662 return response;
2663 }
2664
2665 /*
2666 * A successful response contains much more information, still encoded.
2667 * Now we need to decode that.
2668 */
2669 rv = ocsp_DecodeResponseBytes(arena, response->responseBytes);
2670 if (rv != SECSuccess) {
2671 goto loser;
2672 }
2673
2674 return response;
2675
2676 loser:
2677 if (arena != NULL) {
2678 PORT_FreeArena(arena, PR_FALSE);
2679 }
2680 return NULL;
2681 }
2682
2683 /*
2684 * The way an OCSPResponse is defined, there are many levels to descend
2685 * before getting to the actual response information. And along the way
2686 * we need to check that the response *type* is recognizable, which for
2687 * now means that it is a BasicOCSPResponse, because that is the only
2688 * type currently defined. Rather than force all routines to perform
2689 * a bunch of sanity checking every time they want to work on a response,
2690 * this function isolates that and gives back the interesting part.
2691 * Note that no copying is done, this just returns a pointer into the
2692 * substructure of the response which is passed in.
2693 *
2694 * XXX This routine only works when a valid response structure is passed
2695 * into it; this is checked with many assertions. Assuming the response
2696 * was creating by decoding, it wouldn't make it this far without being
2697 * okay. That is a sufficient assumption since the entire OCSP interface
2698 * is only used internally. When this interface is officially exported,
2699 * each assertion below will need to be followed-up with setting an error
2700 * and returning (null).
2701 *
2702 * FUNCTION: ocsp_GetResponseData
2703 * Returns ocspResponseData structure and a pointer to tbs response
2704 * data DER from a valid ocsp response.
2705 * INPUTS:
2706 * CERTOCSPResponse *response
2707 * structure of a valid ocsp response
2708 * RETURN:
2709 * Returns a pointer to ocspResponseData structure: decoded OCSP response
2710 * data, and a pointer(tbsResponseDataDER) to its undecoded data DER.
2711 */
2712 ocspResponseData *
2713 ocsp_GetResponseData(CERTOCSPResponse *response, SECItem **tbsResponseDataDER)
2714 {
2715 ocspBasicOCSPResponse *basic;
2716 ocspResponseData *responseData;
2717
2718 PORT_Assert(response != NULL);
2719
2720 PORT_Assert(response->responseBytes != NULL);
2721
2722 PORT_Assert(response->responseBytes->responseTypeTag ==
2723 SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
2724
2725 basic = response->responseBytes->decodedResponse.basic;
2726 PORT_Assert(basic != NULL);
2727
2728 responseData = basic->tbsResponseData;
2729 PORT_Assert(responseData != NULL);
2730
2731 if (tbsResponseDataDER) {
2732 *tbsResponseDataDER = &basic->tbsResponseDataDER;
2733
2734 PORT_Assert((*tbsResponseDataDER)->data != NULL);
2735 PORT_Assert((*tbsResponseDataDER)->len != 0);
2736 }
2737
2738 return responseData;
2739 }
2740
2741 /*
2742 * Much like the routine above, except it returns the response signature.
2743 * Again, no copy is done.
2744 */
2745 ocspSignature *
2746 ocsp_GetResponseSignature(CERTOCSPResponse *response)
2747 {
2748 ocspBasicOCSPResponse *basic;
2749
2750 PORT_Assert(response != NULL);
2751 if (NULL == response->responseBytes) {
2752 return NULL;
2753 }
2754 if (response->responseBytes->responseTypeTag !=
2755 SEC_OID_PKIX_OCSP_BASIC_RESPONSE) {
2756 return NULL;
2757 }
2758 basic = response->responseBytes->decodedResponse.basic;
2759 PORT_Assert(basic != NULL);
2760
2761 return &(basic->responseSignature);
2762 }
2763
2764 /*
2765 * FUNCTION: CERT_DestroyOCSPResponse
2766 * Frees an OCSP Response structure.
2767 * INPUTS:
2768 * CERTOCSPResponse *request
2769 * Pointer to CERTOCSPResponse to be freed.
2770 * RETURN:
2771 * No return value; no errors.
2772 */
2773 void
2774 CERT_DestroyOCSPResponse(CERTOCSPResponse *response)
2775 {
2776 if (response != NULL) {
2777 ocspSignature *signature = ocsp_GetResponseSignature(response);
2778 if (signature && signature->cert != NULL)
2779 CERT_DestroyCertificate(signature->cert);
2780
2781 /*
2782 * We should actually never have a response without an arena,
2783 * but check just in case. (If there isn't one, there is not
2784 * much we can do about it...)
2785 */
2786 PORT_Assert(response->arena != NULL);
2787 if (response->arena != NULL) {
2788 PORT_FreeArena(response->arena, PR_FALSE);
2789 }
2790 }
2791 }
2792
2793 /*
2794 * OVERALL OCSP CLIENT SUPPORT (make and send a request, verify a response):
2795 */
2796
2797 /*
2798 * Pick apart a URL, saving the important things in the passed-in pointers.
2799 *
2800 * We expect to find "http://<hostname>[:<port>]/[path]", though we will
2801 * tolerate that final slash character missing, as well as beginning and
2802 * trailing whitespace, and any-case-characters for "http". All of that
2803 * tolerance is what complicates this routine. What we want is just to
2804 * pick out the hostname, the port, and the path.
2805 *
2806 * On a successful return, the caller will need to free the output pieces
2807 * of hostname and path, which are copies of the values found in the url.
2808 */
2809 static SECStatus
2810 ocsp_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
2811 {
2812 unsigned short port = 80; /* default, in case not in url */
2813 char *hostname = NULL;
2814 char *path = NULL;
2815 const char *save;
2816 char c;
2817 int len;
2818
2819 if (url == NULL)
2820 goto loser;
2821
2822 /*
2823 * Skip beginning whitespace.
2824 */
2825 c = *url;
2826 while ((c == ' ' || c == '\t') && c != '\0') {
2827 url++;
2828 c = *url;
2829 }
2830 if (c == '\0')
2831 goto loser;
2832
2833 /*
2834 * Confirm, then skip, protocol. (Since we only know how to do http,
2835 * that is all we will accept).
2836 */
2837 if (PORT_Strncasecmp(url, "http://", 7) != 0)
2838 goto loser;
2839 url += 7;
2840
2841 /*
2842 * Whatever comes next is the hostname (or host IP address). We just
2843 * save it aside and then search for its end so we can determine its
2844 * length and copy it.
2845 *
2846 * XXX Note that because we treat a ':' as a terminator character
2847 * (and below, we expect that to mean there is a port specification
2848 * immediately following), we will not handle IPv6 addresses. That is
2849 * apparently an acceptable limitation, for the time being. Some day,
2850 * when there is a clear way to specify a URL with an IPv6 address that
2851 * can be parsed unambiguously, this code should be made to do that.
2852 */
2853 save = url;
2854 c = *url;
2855 while (c != '/' && c != ':' && c != '\0' && c != ' ' && c != '\t') {
2856 url++;
2857 c = *url;
2858 }
2859 len = url - save;
2860 hostname = PORT_Alloc(len + 1);
2861 if (hostname == NULL)
2862 goto loser;
2863 PORT_Memcpy(hostname, save, len);
2864 hostname[len] = '\0';
2865
2866 /*
2867 * Now we figure out if there was a port specified or not.
2868 * If so, we need to parse it (as a number) and skip it.
2869 */
2870 if (c == ':') {
2871 url++;
2872 port = (unsigned short)PORT_Atoi(url);
2873 c = *url;
2874 while (c != '/' && c != '\0' && c != ' ' && c != '\t') {
2875 if (c < '0' || c > '9')
2876 goto loser;
2877 url++;
2878 c = *url;
2879 }
2880 }
2881
2882 /*
2883 * Last thing to find is a path. There *should* be a slash,
2884 * if nothing else -- but if there is not we provide one.
2885 */
2886 if (c == '/') {
2887 save = url;
2888 while (c != '\0' && c != ' ' && c != '\t') {
2889 url++;
2890 c = *url;
2891 }
2892 len = url - save;
2893 path = PORT_Alloc(len + 1);
2894 if (path == NULL)
2895 goto loser;
2896 PORT_Memcpy(path, save, len);
2897 path[len] = '\0';
2898 } else {
2899 path = PORT_Strdup("/");
2900 if (path == NULL)
2901 goto loser;
2902 }
2903
2904 *pHostname = hostname;
2905 *pPort = port;
2906 *pPath = path;
2907 return SECSuccess;
2908
2909 loser:
2910 if (hostname != NULL)
2911 PORT_Free(hostname);
2912 PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
2913 return SECFailure;
2914 }
2915
2916 /*
2917 * Open a socket to the specified host on the specified port, and return it.
2918 * The host is either a hostname or an IP address.
2919 */
2920 static PRFileDesc *
2921 ocsp_ConnectToHost(const char *host, PRUint16 port)
2922 {
2923 PRFileDesc *sock = NULL;
2924 PRIntervalTime timeout;
2925 PRNetAddr addr;
2926 char *netdbbuf = NULL;
2927
2928 sock = PR_NewTCPSocket();
2929 if (sock == NULL)
2930 goto loser;
2931
2932 /* XXX Some day need a way to set (and get?) the following value */
2933 timeout = PR_SecondsToInterval(30);
2934
2935 /*
2936 * If the following converts an IP address string in "dot notation"
2937 * into a PRNetAddr. If it fails, we assume that is because we do not
2938 * have such an address, but instead a host *name*. In that case we
2939 * then lookup the host by name. Using the NSPR function this way
2940 * means we do not have to have our own logic for distinguishing a
2941 * valid numerical IP address from a hostname.
2942 */
2943 if (PR_StringToNetAddr(host, &addr) != PR_SUCCESS) {
2944 PRIntn hostIndex;
2945 PRHostEnt hostEntry;
2946
2947 netdbbuf = PORT_Alloc(PR_NETDB_BUF_SIZE);
2948 if (netdbbuf == NULL)
2949 goto loser;
2950
2951 if (PR_GetHostByName(host, netdbbuf, PR_NETDB_BUF_SIZE,
2952 &hostEntry) != PR_SUCCESS)
2953 goto loser;
2954
2955 hostIndex = 0;
2956 do {
2957 hostIndex = PR_EnumerateHostEnt(hostIndex, &hostEntry, port, &addr);
2958 if (hostIndex <= 0)
2959 goto loser;
2960 } while (PR_Connect(sock, &addr, timeout) != PR_SUCCESS);
2961
2962 PORT_Free(netdbbuf);
2963 } else {
2964 /*
2965 * First put the port into the address, then connect.
2966 */
2967 if (PR_InitializeNetAddr(PR_IpAddrNull, port, &addr) != PR_SUCCESS)
2968 goto loser;
2969 if (PR_Connect(sock, &addr, timeout) != PR_SUCCESS)
2970 goto loser;
2971 }
2972
2973 return sock;
2974
2975 loser:
2976 if (sock != NULL)
2977 PR_Close(sock);
2978 if (netdbbuf != NULL)
2979 PORT_Free(netdbbuf);
2980 return NULL;
2981 }
2982
2983 /*
2984 * Sends an encoded OCSP request to the server identified by "location",
2985 * and returns the socket on which it was sent (so can listen for the reply).
2986 * "location" is expected to be a valid URL -- an error parsing it produces
2987 * SEC_ERROR_CERT_BAD_ACCESS_LOCATION. Other errors are likely problems
2988 * connecting to it, or writing to it, or allocating memory, and the low-level
2989 * errors appropriate to the problem will be set.
2990 * if (encodedRequest == NULL)
2991 * then location MUST already include the full request,
2992 * including base64 and urlencode,
2993 * and the request will be sent with GET
2994 * if (encodedRequest != NULL)
2995 * then the request will be sent with POST
2996 */
2997 static PRFileDesc *
2998 ocsp_SendEncodedRequest(const char *location, const SECItem *encodedRequest)
2999 {
3000 char *hostname = NULL;
3001 char *path = NULL;
3002 PRUint16 port;
3003 SECStatus rv;
3004 PRFileDesc *sock = NULL;
3005 PRFileDesc *returnSock = NULL;
3006 char *header = NULL;
3007 char portstr[16];
3008
3009 /*
3010 * Take apart the location, getting the hostname, port, and path.
3011 */
3012 rv = ocsp_ParseURL(location, &hostname, &port, &path);
3013 if (rv != SECSuccess)
3014 goto loser;
3015
3016 PORT_Assert(hostname != NULL);
3017 PORT_Assert(path != NULL);
3018
3019 sock = ocsp_ConnectToHost(hostname, port);
3020 if (sock == NULL)
3021 goto loser;
3022
3023 portstr[0] = '\0';
3024 if (port != 80) {
3025 PR_snprintf(portstr, sizeof(portstr), ":%d", port);
3026 }
3027
3028 if (!encodedRequest) {
3029 header = PR_smprintf("GET %s HTTP/1.0\r\n"
3030 "Host: %s%s\r\n\r\n",
3031 path, hostname, portstr);
3032 if (header == NULL)
3033 goto loser;
3034
3035 /*
3036 * The NSPR documentation promises that if it can, it will write the ful l
3037 * amount; this will not return a partial value expecting us to loop.
3038 */
3039 if (PR_Write(sock, header, (PRInt32)PORT_Strlen(header)) < 0)
3040 goto loser;
3041 } else {
3042 header = PR_smprintf("POST %s HTTP/1.0\r\n"
3043 "Host: %s%s\r\n"
3044 "Content-Type: application/ocsp-request\r\n"
3045 "Content-Length: %u\r\n\r\n",
3046 path, hostname, portstr, encodedRequest->len);
3047 if (header == NULL)
3048 goto loser;
3049
3050 /*
3051 * The NSPR documentation promises that if it can, it will write the ful l
3052 * amount; this will not return a partial value expecting us to loop.
3053 */
3054 if (PR_Write(sock, header, (PRInt32)PORT_Strlen(header)) < 0)
3055 goto loser;
3056
3057 if (PR_Write(sock, encodedRequest->data,
3058 (PRInt32)encodedRequest->len) < 0)
3059 goto loser;
3060 }
3061
3062 returnSock = sock;
3063 sock = NULL;
3064
3065 loser:
3066 if (header != NULL)
3067 PORT_Free(header);
3068 if (sock != NULL)
3069 PR_Close(sock);
3070 if (path != NULL)
3071 PORT_Free(path);
3072 if (hostname != NULL)
3073 PORT_Free(hostname);
3074
3075 return returnSock;
3076 }
3077
3078 /*
3079 * Read from "fd" into "buf" -- expect/attempt to read a given number of bytes
3080 * Obviously, stop if hit end-of-stream. Timeout is passed in.
3081 */
3082
3083 static int
3084 ocsp_read(PRFileDesc *fd, char *buf, int toread, PRIntervalTime timeout)
3085 {
3086 int total = 0;
3087
3088 while (total < toread) {
3089 PRInt32 got;
3090
3091 got = PR_Recv(fd, buf + total, (PRInt32)(toread - total), 0, timeout);
3092 if (got < 0) {
3093 if (0 == total) {
3094 total = -1; /* report the error if we didn't read anything yet * /
3095 }
3096 break;
3097 } else if (got == 0) { /* EOS */
3098 break;
3099 }
3100
3101 total += got;
3102 }
3103
3104 return total;
3105 }
3106
3107 #define OCSP_BUFSIZE 1024
3108
3109 #define AbortHttpDecode(error) \
3110 { \
3111 if (inBuffer) \
3112 PORT_Free(inBuffer); \
3113 PORT_SetError(error); \
3114 return NULL; \
3115 }
3116
3117 /*
3118 * Reads on the given socket and returns an encoded response when received.
3119 * Properly formatted HTTP/1.0 response headers are expected to be read
3120 * from the socket, preceding a binary-encoded OCSP response. Problems
3121 * with parsing cause the error SEC_ERROR_OCSP_BAD_HTTP_RESPONSE to be
3122 * set; any other problems are likely low-level i/o or memory allocation
3123 * errors.
3124 */
3125 static SECItem *
3126 ocsp_GetEncodedResponse(PLArenaPool *arena, PRFileDesc *sock)
3127 {
3128 /* first read HTTP status line and headers */
3129
3130 char *inBuffer = NULL;
3131 PRInt32 offset = 0;
3132 PRInt32 inBufsize = 0;
3133 const PRInt32 bufSizeIncrement = OCSP_BUFSIZE; /* 1 KB at a time */
3134 const PRInt32 maxBufSize = 8 * bufSizeIncrement; /* 8 KB max */
3135 const char *CRLF = "\r\n";
3136 const PRInt32 CRLFlen = strlen(CRLF);
3137 const char *headerEndMark = "\r\n\r\n";
3138 const PRInt32 markLen = strlen(headerEndMark);
3139 const PRIntervalTime ocsptimeout =
3140 PR_SecondsToInterval(30); /* hardcoded to 30s for now */
3141 char *headerEnd = NULL;
3142 PRBool EOS = PR_FALSE;
3143 const char *httpprotocol = "HTTP/";
3144 const PRInt32 httplen = strlen(httpprotocol);
3145 const char *httpcode = NULL;
3146 const char *contenttype = NULL;
3147 PRInt32 contentlength = 0;
3148 PRInt32 bytesRead = 0;
3149 char *statusLineEnd = NULL;
3150 char *space = NULL;
3151 char *nextHeader = NULL;
3152 SECItem *result = NULL;
3153
3154 /* read up to at least the end of the HTTP headers */
3155 do {
3156 inBufsize += bufSizeIncrement;
3157 inBuffer = PORT_Realloc(inBuffer, inBufsize + 1);
3158 if (NULL == inBuffer) {
3159 AbortHttpDecode(SEC_ERROR_NO_MEMORY);
3160 }
3161 bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
3162 ocsptimeout);
3163 if (bytesRead > 0) {
3164 PRInt32 searchOffset = (offset - markLen) > 0 ? offset - markLen : 0 ;
3165 offset += bytesRead;
3166 *(inBuffer + offset) = '\0'; /* NULL termination */
3167 headerEnd = strstr((const char *)inBuffer + searchOffset, headerEndM ark);
3168 if (bytesRead < bufSizeIncrement) {
3169 /* we read less data than requested, therefore we are at
3170 EOS or there was a read error */
3171 EOS = PR_TRUE;
3172 }
3173 } else {
3174 /* recv error or EOS */
3175 EOS = PR_TRUE;
3176 }
3177 } while ((!headerEnd) && (PR_FALSE == EOS) &&
3178 (inBufsize < maxBufSize));
3179
3180 if (!headerEnd) {
3181 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3182 }
3183
3184 /* parse the HTTP status line */
3185 statusLineEnd = strstr((const char *)inBuffer, CRLF);
3186 if (!statusLineEnd) {
3187 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3188 }
3189 *statusLineEnd = '\0';
3190
3191 /* check for HTTP/ response */
3192 space = strchr((const char *)inBuffer, ' ');
3193 if (!space || PORT_Strncasecmp((const char *)inBuffer, httpprotocol, httplen ) != 0) {
3194 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3195 }
3196
3197 /* check the HTTP status code of 200 */
3198 httpcode = space + 1;
3199 space = strchr(httpcode, ' ');
3200 if (!space) {
3201 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3202 }
3203 *space = 0;
3204 if (0 != strcmp(httpcode, "200")) {
3205 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3206 }
3207
3208 /* parse the HTTP headers in the buffer . We only care about
3209 content-type and content-length
3210 */
3211
3212 nextHeader = statusLineEnd + CRLFlen;
3213 *headerEnd = '\0'; /* terminate */
3214 do {
3215 char *thisHeaderEnd = NULL;
3216 char *value = NULL;
3217 char *colon = strchr(nextHeader, ':');
3218
3219 if (!colon) {
3220 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3221 }
3222
3223 *colon = '\0';
3224 value = colon + 1;
3225
3226 /* jpierre - note : the following code will only handle the basic form
3227 of HTTP/1.0 response headers, of the form "name: value" . Headers
3228 split among multiple lines are not supported. This is not common
3229 and should not be an issue, but it could become one in the
3230 future */
3231
3232 if (*value != ' ') {
3233 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3234 }
3235
3236 value++;
3237 thisHeaderEnd = strstr(value, CRLF);
3238 if (thisHeaderEnd) {
3239 *thisHeaderEnd = '\0';
3240 }
3241
3242 if (0 == PORT_Strcasecmp(nextHeader, "content-type")) {
3243 contenttype = value;
3244 } else if (0 == PORT_Strcasecmp(nextHeader, "content-length")) {
3245 contentlength = atoi(value);
3246 }
3247
3248 if (thisHeaderEnd) {
3249 nextHeader = thisHeaderEnd + CRLFlen;
3250 } else {
3251 nextHeader = NULL;
3252 }
3253
3254 } while (nextHeader && (nextHeader < (headerEnd + CRLFlen)));
3255
3256 /* check content-type */
3257 if (!contenttype ||
3258 (0 != PORT_Strcasecmp(contenttype, "application/ocsp-response"))) {
3259 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3260 }
3261
3262 /* read the body of the OCSP response */
3263 offset = offset - (PRInt32)(headerEnd - (const char *)inBuffer) - markLen;
3264 if (offset) {
3265 /* move all data to the beginning of the buffer */
3266 PORT_Memmove(inBuffer, headerEnd + markLen, offset);
3267 }
3268
3269 /* resize buffer to only what's needed to hold the current response */
3270 inBufsize = (1 + (offset - 1) / bufSizeIncrement) * bufSizeIncrement;
3271
3272 while ((PR_FALSE == EOS) &&
3273 ((contentlength == 0) || (offset < contentlength)) &&
3274 (inBufsize < maxBufSize)) {
3275 /* we still need to receive more body data */
3276 inBufsize += bufSizeIncrement;
3277 inBuffer = PORT_Realloc(inBuffer, inBufsize + 1);
3278 if (NULL == inBuffer) {
3279 AbortHttpDecode(SEC_ERROR_NO_MEMORY);
3280 }
3281 bytesRead = ocsp_read(sock, inBuffer + offset, bufSizeIncrement,
3282 ocsptimeout);
3283 if (bytesRead > 0) {
3284 offset += bytesRead;
3285 if (bytesRead < bufSizeIncrement) {
3286 /* we read less data than requested, therefore we are at
3287 EOS or there was a read error */
3288 EOS = PR_TRUE;
3289 }
3290 } else {
3291 /* recv error or EOS */
3292 EOS = PR_TRUE;
3293 }
3294 }
3295
3296 if (0 == offset) {
3297 AbortHttpDecode(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3298 }
3299
3300 /*
3301 * Now allocate the item to hold the data.
3302 */
3303 result = SECITEM_AllocItem(arena, NULL, offset);
3304 if (NULL == result) {
3305 AbortHttpDecode(SEC_ERROR_NO_MEMORY);
3306 }
3307
3308 /*
3309 * And copy the data left in the buffer.
3310 */
3311 PORT_Memcpy(result->data, inBuffer, offset);
3312
3313 /* and free the temporary buffer */
3314 PORT_Free(inBuffer);
3315 return result;
3316 }
3317
3318 SECStatus
3319 CERT_ParseURL(const char *url, char **pHostname, PRUint16 *pPort, char **pPath)
3320 {
3321 return ocsp_ParseURL(url, pHostname, pPort, pPath);
3322 }
3323
3324 /*
3325 * Limit the size of http responses we are willing to accept.
3326 */
3327 #define MAX_WANTED_OCSP_RESPONSE_LEN 64 * 1024
3328
3329 /* if (encodedRequest == NULL)
3330 * then location MUST already include the full request,
3331 * including base64 and urlencode,
3332 * and the request will be sent with GET
3333 * if (encodedRequest != NULL)
3334 * then the request will be sent with POST
3335 */
3336 static SECItem *
3337 fetchOcspHttpClientV1(PLArenaPool *arena,
3338 const SEC_HttpClientFcnV1 *hcv1,
3339 const char *location,
3340 const SECItem *encodedRequest)
3341 {
3342 char *hostname = NULL;
3343 char *path = NULL;
3344 PRUint16 port;
3345 SECItem *encodedResponse = NULL;
3346 SEC_HTTP_SERVER_SESSION pServerSession = NULL;
3347 SEC_HTTP_REQUEST_SESSION pRequestSession = NULL;
3348 PRUint16 myHttpResponseCode;
3349 const char *myHttpResponseData;
3350 PRUint32 myHttpResponseDataLen;
3351
3352 if (ocsp_ParseURL(location, &hostname, &port, &path) == SECFailure) {
3353 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
3354 goto loser;
3355 }
3356
3357 PORT_Assert(hostname != NULL);
3358 PORT_Assert(path != NULL);
3359
3360 if ((*hcv1->createSessionFcn)(
3361 hostname,
3362 port,
3363 &pServerSession) != SECSuccess) {
3364 PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
3365 goto loser;
3366 }
3367
3368 /* We use a non-zero timeout, which means:
3369 - the client will use blocking I/O
3370 - TryFcn will not return WOULD_BLOCK nor a poll descriptor
3371 - it's sufficient to call TryFcn once
3372 No lock for accessing OCSP_Global.timeoutSeconds, bug 406120
3373 */
3374
3375 if ((*hcv1->createFcn)(
3376 pServerSession,
3377 "http",
3378 path,
3379 encodedRequest ? "POST" : "GET",
3380 PR_TicksPerSecond() * OCSP_Global.timeoutSeconds,
3381 &pRequestSession) != SECSuccess) {
3382 PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
3383 goto loser;
3384 }
3385
3386 if (encodedRequest &&
3387 (*hcv1->setPostDataFcn)(
3388 pRequestSession,
3389 (char *)encodedRequest->data,
3390 encodedRequest->len,
3391 "application/ocsp-request") != SECSuccess) {
3392 PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
3393 goto loser;
3394 }
3395
3396 /* we don't want result objects larger than this: */
3397 myHttpResponseDataLen = MAX_WANTED_OCSP_RESPONSE_LEN;
3398
3399 OCSP_TRACE(("OCSP trySendAndReceive %s\n", location));
3400
3401 if ((*hcv1->trySendAndReceiveFcn)(
3402 pRequestSession,
3403 NULL,
3404 &myHttpResponseCode,
3405 NULL,
3406 NULL,
3407 &myHttpResponseData,
3408 &myHttpResponseDataLen) != SECSuccess) {
3409 PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
3410 goto loser;
3411 }
3412
3413 OCSP_TRACE(("OCSP trySendAndReceive result http %d\n", myHttpResponseCode));
3414
3415 if (myHttpResponseCode != 200) {
3416 PORT_SetError(SEC_ERROR_OCSP_BAD_HTTP_RESPONSE);
3417 goto loser;
3418 }
3419
3420 encodedResponse = SECITEM_AllocItem(arena, NULL, myHttpResponseDataLen);
3421
3422 if (!encodedResponse) {
3423 PORT_SetError(SEC_ERROR_NO_MEMORY);
3424 goto loser;
3425 }
3426
3427 PORT_Memcpy(encodedResponse->data, myHttpResponseData, myHttpResponseDataLen );
3428
3429 loser:
3430 if (pRequestSession != NULL)
3431 (*hcv1->freeFcn)(pRequestSession);
3432 if (pServerSession != NULL)
3433 (*hcv1->freeSessionFcn)(pServerSession);
3434 if (path != NULL)
3435 PORT_Free(path);
3436 if (hostname != NULL)
3437 PORT_Free(hostname);
3438
3439 return encodedResponse;
3440 }
3441
3442 /*
3443 * FUNCTION: CERT_GetEncodedOCSPResponseByMethod
3444 * Creates and sends a request to an OCSP responder, then reads and
3445 * returns the (encoded) response.
3446 * INPUTS:
3447 * PLArenaPool *arena
3448 * Pointer to arena from which return value will be allocated.
3449 * If NULL, result will be allocated from the heap (and thus should
3450 * be freed via SECITEM_FreeItem).
3451 * CERTCertList *certList
3452 * A list of certs for which status will be requested.
3453 * Note that all of these certificates should have the same issuer,
3454 * or it's expected the response will be signed by a trusted responder.
3455 * If the certs need to be broken up into multiple requests, that
3456 * must be handled by the caller (and thus by having multiple calls
3457 * to this routine), who knows about where the request(s) are being
3458 * sent and whether there are any trusted responders in place.
3459 * const char *location
3460 * The location of the OCSP responder (a URL).
3461 * const char *method
3462 * The protocol method used when retrieving the OCSP response.
3463 * Currently support: "GET" (http GET) and "POST" (http POST).
3464 * Additionals methods for http or other protocols might be added
3465 * in the future.
3466 * PRTime time
3467 * Indicates the time for which the certificate status is to be
3468 * determined -- this may be used in the search for the cert's issuer
3469 * but has no other bearing on the operation.
3470 * PRBool addServiceLocator
3471 * If true, the Service Locator extension should be added to the
3472 * single request(s) for each cert.
3473 * CERTCertificate *signerCert
3474 * If non-NULL, means sign the request using this cert. Otherwise,
3475 * do not sign.
3476 * void *pwArg
3477 * Pointer to argument for password prompting, if needed. (Definitely
3478 * not needed if not signing.)
3479 * OUTPUTS:
3480 * CERTOCSPRequest **pRequest
3481 * Pointer in which to store the OCSP request created for the given
3482 * list of certificates. It is only filled in if the entire operation
3483 * is successful and the pointer is not null -- and in that case the
3484 * caller is then reponsible for destroying it.
3485 * RETURN:
3486 * Returns a pointer to the SECItem holding the response.
3487 * On error, returns null with error set describing the reason:
3488 * SEC_ERROR_UNKNOWN_ISSUER
3489 * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
3490 * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
3491 * Other errors are low-level problems (no memory, bad database, etc.).
3492 */
3493 SECItem *
3494 CERT_GetEncodedOCSPResponseByMethod(PLArenaPool *arena, CERTCertList *certList,
3495 const char *location, const char *method,
3496 PRTime time, PRBool addServiceLocator,
3497 CERTCertificate *signerCert, void *pwArg,
3498 CERTOCSPRequest **pRequest)
3499 {
3500 CERTOCSPRequest *request;
3501 request = CERT_CreateOCSPRequest(certList, time, addServiceLocator,
3502 signerCert);
3503 if (!request)
3504 return NULL;
3505 return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
3506 method, time, addServiceLocato r,
3507 pwArg, pRequest);
3508 }
3509
3510 /*
3511 * FUNCTION: CERT_GetEncodedOCSPResponse
3512 * Creates and sends a request to an OCSP responder, then reads and
3513 * returns the (encoded) response.
3514 *
3515 * This is a legacy API that behaves identically to
3516 * CERT_GetEncodedOCSPResponseByMethod using the "POST" method.
3517 */
3518 SECItem *
3519 CERT_GetEncodedOCSPResponse(PLArenaPool *arena, CERTCertList *certList,
3520 const char *location, PRTime time,
3521 PRBool addServiceLocator,
3522 CERTCertificate *signerCert, void *pwArg,
3523 CERTOCSPRequest **pRequest)
3524 {
3525 return CERT_GetEncodedOCSPResponseByMethod(arena, certList, location,
3526 "POST", time, addServiceLocator,
3527 signerCert, pwArg, pRequest);
3528 }
3529
3530 /* URL encode a buffer that consists of base64-characters, only,
3531 * which means we can use a simple encoding logic.
3532 *
3533 * No output buffer size checking is performed.
3534 * You should call the function twice, to calculate the required buffer size.
3535 *
3536 * If the outpufBuf parameter is NULL, the function will calculate the
3537 * required size, including the trailing zero termination char.
3538 *
3539 * The function returns the number of bytes calculated or produced.
3540 */
3541 size_t
3542 ocsp_UrlEncodeBase64Buf(const char *base64Buf, char *outputBuf)
3543 {
3544 const char *walkInput = NULL;
3545 char *walkOutput = outputBuf;
3546 size_t count = 0;
3547
3548 for (walkInput = base64Buf; *walkInput; ++walkInput) {
3549 char c = *walkInput;
3550 if (isspace(c))
3551 continue;
3552 switch (c) {
3553 case '+':
3554 if (outputBuf) {
3555 strcpy(walkOutput, "%2B");
3556 walkOutput += 3;
3557 }
3558 count += 3;
3559 break;
3560 case '/':
3561 if (outputBuf) {
3562 strcpy(walkOutput, "%2F");
3563 walkOutput += 3;
3564 }
3565 count += 3;
3566 break;
3567 case '=':
3568 if (outputBuf) {
3569 strcpy(walkOutput, "%3D");
3570 walkOutput += 3;
3571 }
3572 count += 3;
3573 break;
3574 default:
3575 if (outputBuf) {
3576 *walkOutput = *walkInput;
3577 ++walkOutput;
3578 }
3579 ++count;
3580 break;
3581 }
3582 }
3583 if (outputBuf) {
3584 *walkOutput = 0;
3585 }
3586 ++count;
3587 return count;
3588 }
3589
3590 enum { max_get_request_size = 255 }; /* defined by RFC2560 */
3591
3592 static SECItem *
3593 cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
3594 const SECItem *encodedRequest);
3595
3596 static SECItem *
3597 ocsp_GetEncodedOCSPResponseFromRequest(PLArenaPool *arena,
3598 CERTOCSPRequest *request,
3599 const char *location,
3600 const char *method,
3601 PRTime time,
3602 PRBool addServiceLocator,
3603 void *pwArg,
3604 CERTOCSPRequest **pRequest)
3605 {
3606 SECItem *encodedRequest = NULL;
3607 SECItem *encodedResponse = NULL;
3608 SECStatus rv;
3609
3610 if (!location || !*location) /* location should be at least one byte */
3611 goto loser;
3612
3613 rv = CERT_AddOCSPAcceptableResponses(request,
3614 SEC_OID_PKIX_OCSP_BASIC_RESPONSE);
3615 if (rv != SECSuccess)
3616 goto loser;
3617
3618 encodedRequest = CERT_EncodeOCSPRequest(NULL, request, pwArg);
3619 if (encodedRequest == NULL)
3620 goto loser;
3621
3622 if (!strcmp(method, "GET")) {
3623 encodedResponse = cert_GetOCSPResponse(arena, location, encodedRequest);
3624 } else if (!strcmp(method, "POST")) {
3625 encodedResponse = CERT_PostOCSPRequest(arena, location, encodedRequest);
3626 } else {
3627 goto loser;
3628 }
3629
3630 if (encodedResponse != NULL && pRequest != NULL) {
3631 *pRequest = request;
3632 request = NULL; /* avoid destroying below */
3633 }
3634
3635 loser:
3636 if (request != NULL)
3637 CERT_DestroyOCSPRequest(request);
3638 if (encodedRequest != NULL)
3639 SECITEM_FreeItem(encodedRequest, PR_TRUE);
3640 return encodedResponse;
3641 }
3642
3643 static SECItem *
3644 cert_FetchOCSPResponse(PLArenaPool *arena, const char *location,
3645 const SECItem *encodedRequest);
3646
3647 /* using HTTP GET method */
3648 static SECItem *
3649 cert_GetOCSPResponse(PLArenaPool *arena, const char *location,
3650 const SECItem *encodedRequest)
3651 {
3652 char *walkOutput = NULL;
3653 char *fullGetPath = NULL;
3654 size_t pathLength;
3655 PRInt32 urlEncodedBufLength;
3656 size_t base64size;
3657 char b64ReqBuf[max_get_request_size + 1];
3658 size_t slashLengthIfNeeded = 0;
3659 size_t getURLLength;
3660 SECItem *item;
3661
3662 if (!location || !*location) {
3663 return NULL;
3664 }
3665
3666 pathLength = strlen(location);
3667 if (location[pathLength - 1] != '/') {
3668 slashLengthIfNeeded = 1;
3669 }
3670
3671 /* Calculation as documented by PL_Base64Encode function.
3672 * Use integer conversion to avoid having to use function ceil().
3673 */
3674 base64size = (((encodedRequest->len + 2) / 3) * 4);
3675 if (base64size > max_get_request_size) {
3676 return NULL;
3677 }
3678 memset(b64ReqBuf, 0, sizeof(b64ReqBuf));
3679 PL_Base64Encode((const char *)encodedRequest->data, encodedRequest->len,
3680 b64ReqBuf);
3681
3682 urlEncodedBufLength = ocsp_UrlEncodeBase64Buf(b64ReqBuf, NULL);
3683 getURLLength = pathLength + urlEncodedBufLength + slashLengthIfNeeded;
3684
3685 /* urlEncodedBufLength already contains room for the zero terminator.
3686 * Add another if we must add the '/' char.
3687 */
3688 if (arena) {
3689 fullGetPath = (char *)PORT_ArenaAlloc(arena, getURLLength);
3690 } else {
3691 fullGetPath = (char *)PORT_Alloc(getURLLength);
3692 }
3693 if (!fullGetPath) {
3694 return NULL;
3695 }
3696
3697 strcpy(fullGetPath, location);
3698 walkOutput = fullGetPath + pathLength;
3699
3700 if (walkOutput > fullGetPath && slashLengthIfNeeded) {
3701 strcpy(walkOutput, "/");
3702 ++walkOutput;
3703 }
3704 ocsp_UrlEncodeBase64Buf(b64ReqBuf, walkOutput);
3705
3706 item = cert_FetchOCSPResponse(arena, fullGetPath, NULL);
3707 if (!arena) {
3708 PORT_Free(fullGetPath);
3709 }
3710 return item;
3711 }
3712
3713 SECItem *
3714 CERT_PostOCSPRequest(PLArenaPool *arena, const char *location,
3715 const SECItem *encodedRequest)
3716 {
3717 return cert_FetchOCSPResponse(arena, location, encodedRequest);
3718 }
3719
3720 SECItem *
3721 cert_FetchOCSPResponse(PLArenaPool *arena, const char *location,
3722 const SECItem *encodedRequest)
3723 {
3724 const SEC_HttpClientFcn *registeredHttpClient;
3725 SECItem *encodedResponse = NULL;
3726
3727 registeredHttpClient = SEC_GetRegisteredHttpClient();
3728
3729 if (registeredHttpClient && registeredHttpClient->version == 1) {
3730 encodedResponse = fetchOcspHttpClientV1(
3731 arena,
3732 &registeredHttpClient->fcnTable.ftable1,
3733 location,
3734 encodedRequest);
3735 } else {
3736 /* use internal http client */
3737 PRFileDesc *sock = ocsp_SendEncodedRequest(location, encodedRequest);
3738 if (sock) {
3739 encodedResponse = ocsp_GetEncodedResponse(arena, sock);
3740 PR_Close(sock);
3741 }
3742 }
3743
3744 return encodedResponse;
3745 }
3746
3747 static SECItem *
3748 ocsp_GetEncodedOCSPResponseForSingleCert(PLArenaPool *arena,
3749 CERTOCSPCertID *certID,
3750 CERTCertificate *singleCert,
3751 const char *location,
3752 const char *method,
3753 PRTime time,
3754 PRBool addServiceLocator,
3755 void *pwArg,
3756 CERTOCSPRequest **pRequest)
3757 {
3758 CERTOCSPRequest *request;
3759 request = cert_CreateSingleCertOCSPRequest(certID, singleCert, time,
3760 addServiceLocator, NULL);
3761 if (!request)
3762 return NULL;
3763 return ocsp_GetEncodedOCSPResponseFromRequest(arena, request, location,
3764 method, time, addServiceLocato r,
3765 pwArg, pRequest);
3766 }
3767
3768 /* Checks a certificate for the key usage extension of OCSP signer. */
3769 static PRBool
3770 ocsp_CertIsOCSPDesignatedResponder(CERTCertificate *cert)
3771 {
3772 SECStatus rv;
3773 SECItem extItem;
3774 SECItem **oids;
3775 SECItem *oid;
3776 SECOidTag oidTag;
3777 PRBool retval;
3778 CERTOidSequence *oidSeq = NULL;
3779
3780 extItem.data = NULL;
3781 rv = CERT_FindCertExtension(cert, SEC_OID_X509_EXT_KEY_USAGE, &extItem);
3782 if (rv != SECSuccess) {
3783 goto loser;
3784 }
3785
3786 oidSeq = CERT_DecodeOidSequence(&extItem);
3787 if (oidSeq == NULL) {
3788 goto loser;
3789 }
3790
3791 oids = oidSeq->oids;
3792 while (*oids != NULL) {
3793 oid = *oids;
3794
3795 oidTag = SECOID_FindOIDTag(oid);
3796
3797 if (oidTag == SEC_OID_OCSP_RESPONDER) {
3798 goto success;
3799 }
3800
3801 oids++;
3802 }
3803
3804 loser:
3805 retval = PR_FALSE;
3806 PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
3807 goto done;
3808 success:
3809 retval = PR_TRUE;
3810 done:
3811 if (extItem.data != NULL) {
3812 PORT_Free(extItem.data);
3813 }
3814 if (oidSeq != NULL) {
3815 CERT_DestroyOidSequence(oidSeq);
3816 }
3817
3818 return (retval);
3819 }
3820
3821 #ifdef LATER /*
3822 * XXX This function is not currently used, but will
3823 * be needed later when we do revocation checking of
3824 * the responder certificate. Of course, it may need
3825 * revising then, if the cert extension interface has
3826 * changed. (Hopefully it will!)
3827 */
3828
3829 /* Checks a certificate to see if it has the OCSP no check extension. */
3830 static PRBool
3831 ocsp_CertHasNoCheckExtension(CERTCertificate *cert)
3832 {
3833 SECStatus rv;
3834
3835 rv = CERT_FindCertExtension(cert, SEC_OID_PKIX_OCSP_NO_CHECK,
3836 NULL);
3837 if (rv == SECSuccess) {
3838 return PR_TRUE;
3839 }
3840 return PR_FALSE;
3841 }
3842 #endif /* LATER */
3843
3844 static PRBool
3845 ocsp_matchcert(SECItem *certIndex, CERTCertificate *testCert)
3846 {
3847 SECItem item;
3848 unsigned char buf[HASH_LENGTH_MAX];
3849
3850 item.data = buf;
3851 item.len = SHA1_LENGTH;
3852
3853 if (CERT_GetSubjectPublicKeyDigest(NULL, testCert, SEC_OID_SHA1,
3854 &item) == NULL) {
3855 return PR_FALSE;
3856 }
3857 if (SECITEM_ItemsAreEqual(certIndex, &item)) {
3858 return PR_TRUE;
3859 }
3860 if (CERT_GetSubjectPublicKeyDigest(NULL, testCert, SEC_OID_MD5,
3861 &item) == NULL) {
3862 return PR_FALSE;
3863 }
3864 if (SECITEM_ItemsAreEqual(certIndex, &item)) {
3865 return PR_TRUE;
3866 }
3867 if (CERT_GetSubjectPublicKeyDigest(NULL, testCert, SEC_OID_MD2,
3868 &item) == NULL) {
3869 return PR_FALSE;
3870 }
3871 if (SECITEM_ItemsAreEqual(certIndex, &item)) {
3872 return PR_TRUE;
3873 }
3874
3875 return PR_FALSE;
3876 }
3877
3878 static CERTCertificate *
3879 ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle, CERTOCSPCertID *certID);
3880
3881 CERTCertificate *
3882 ocsp_GetSignerCertificate(CERTCertDBHandle *handle, ocspResponseData *tbsData,
3883 ocspSignature *signature, CERTCertificate *issuer)
3884 {
3885 CERTCertificate **certs = NULL;
3886 CERTCertificate *signerCert = NULL;
3887 SECStatus rv = SECFailure;
3888 PRBool lookupByName = PR_TRUE;
3889 void *certIndex = NULL;
3890 int certCount = 0;
3891
3892 PORT_Assert(tbsData->responderID != NULL);
3893 switch (tbsData->responderID->responderIDType) {
3894 case ocspResponderID_byName:
3895 lookupByName = PR_TRUE;
3896 certIndex = &tbsData->derResponderID;
3897 break;
3898 case ocspResponderID_byKey:
3899 lookupByName = PR_FALSE;
3900 certIndex = &tbsData->responderID->responderIDValue.keyHash;
3901 break;
3902 case ocspResponderID_other:
3903 default:
3904 PORT_Assert(0);
3905 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
3906 return NULL;
3907 }
3908
3909 /*
3910 * If the signature contains some certificates as well, temporarily
3911 * import them in case they are needed for verification.
3912 *
3913 * Note that the result of this is that each cert in "certs" needs
3914 * to be destroyed.
3915 */
3916 if (signature->derCerts != NULL) {
3917 for (; signature->derCerts[certCount] != NULL; certCount++) {
3918 /* just counting */
3919 }
3920 rv = CERT_ImportCerts(handle, certUsageStatusResponder, certCount,
3921 signature->derCerts, &certs,
3922 PR_FALSE, PR_FALSE, NULL);
3923 if (rv != SECSuccess)
3924 goto finish;
3925 }
3926
3927 /*
3928 * Now look up the certificate that did the signing.
3929 * The signer can be specified either by name or by key hash.
3930 */
3931 if (lookupByName) {
3932 SECItem *crIndex = (SECItem *)certIndex;
3933 SECItem encodedName;
3934 PLArenaPool *arena;
3935
3936 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
3937 if (arena != NULL) {
3938
3939 rv = SEC_QuickDERDecodeItem(arena, &encodedName,
3940 ocsp_ResponderIDDerNameTemplate,
3941 crIndex);
3942 if (rv != SECSuccess) {
3943 if (PORT_GetError() == SEC_ERROR_BAD_DER)
3944 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
3945 } else {
3946 signerCert = CERT_FindCertByName(handle, &encodedName);
3947 }
3948 PORT_FreeArena(arena, PR_FALSE);
3949 }
3950 } else {
3951 /*
3952 * The signer is either 1) a known issuer CA we passed in,
3953 * 2) the default OCSP responder, or 3) an intermediate CA
3954 * passed in the cert list to use. Figure out which it is.
3955 */
3956 int i;
3957 CERTCertificate *responder =
3958 ocsp_CertGetDefaultResponder(handle, NULL);
3959 if (responder && ocsp_matchcert(certIndex, responder)) {
3960 signerCert = CERT_DupCertificate(responder);
3961 } else if (issuer && ocsp_matchcert(certIndex, issuer)) {
3962 signerCert = CERT_DupCertificate(issuer);
3963 }
3964 for (i = 0; (signerCert == NULL) && (i < certCount); i++) {
3965 if (ocsp_matchcert(certIndex, certs[i])) {
3966 signerCert = CERT_DupCertificate(certs[i]);
3967 }
3968 }
3969 if (signerCert == NULL) {
3970 PORT_SetError(SEC_ERROR_UNKNOWN_CERT);
3971 }
3972 }
3973
3974 finish:
3975 if (certs != NULL) {
3976 CERT_DestroyCertArray(certs, certCount);
3977 }
3978
3979 return signerCert;
3980 }
3981
3982 SECStatus
3983 ocsp_VerifyResponseSignature(CERTCertificate *signerCert,
3984 ocspSignature *signature,
3985 SECItem *tbsResponseDataDER,
3986 void *pwArg)
3987 {
3988 SECKEYPublicKey *signerKey = NULL;
3989 SECStatus rv = SECFailure;
3990 CERTSignedData signedData;
3991
3992 /*
3993 * Now get the public key from the signer's certificate; we need
3994 * it to perform the verification.
3995 */
3996 signerKey = CERT_ExtractPublicKey(signerCert);
3997 if (signerKey == NULL) {
3998 return SECFailure;
3999 }
4000
4001 /*
4002 * We copy the signature data *pointer* and length, so that we can
4003 * modify the length without damaging the original copy. This is a
4004 * simple copy, not a dup, so no destroy/free is necessary.
4005 */
4006 signedData.signature = signature->signature;
4007 signedData.signatureAlgorithm = signature->signatureAlgorithm;
4008 signedData.data = *tbsResponseDataDER;
4009
4010 rv = CERT_VerifySignedDataWithPublicKey(&signedData, signerKey, pwArg);
4011 if (rv != SECSuccess &&
4012 (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE ||
4013 PORT_GetError() == SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED)) {
4014 PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
4015 }
4016
4017 if (signerKey != NULL) {
4018 SECKEY_DestroyPublicKey(signerKey);
4019 }
4020
4021 return rv;
4022 }
4023
4024 /*
4025 * FUNCTION: CERT_VerifyOCSPResponseSignature
4026 * Check the signature on an OCSP Response. Will also perform a
4027 * verification of the signer's certificate. Note, however, that a
4028 * successful verification does not make any statement about the
4029 * signer's *authority* to provide status for the certificate(s),
4030 * that must be checked individually for each certificate.
4031 * INPUTS:
4032 * CERTOCSPResponse *response
4033 * Pointer to response structure with signature to be checked.
4034 * CERTCertDBHandle *handle
4035 * Pointer to CERTCertDBHandle for certificate DB to use for verification.
4036 * void *pwArg
4037 * Pointer to argument for password prompting, if needed.
4038 * OUTPUTS:
4039 * CERTCertificate **pSignerCert
4040 * Pointer in which to store signer's certificate; only filled-in if
4041 * non-null.
4042 * RETURN:
4043 * Returns SECSuccess when signature is valid, anything else means invalid.
4044 * Possible errors set:
4045 * SEC_ERROR_OCSP_MALFORMED_RESPONSE - unknown type of ResponderID
4046 * SEC_ERROR_INVALID_TIME - bad format of "ProducedAt" time
4047 * SEC_ERROR_UNKNOWN_SIGNER - signer's cert could not be found
4048 * SEC_ERROR_BAD_SIGNATURE - the signature did not verify
4049 * Other errors are any of the many possible failures in cert verification
4050 * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
4051 * verifying the signer's cert, or low-level problems (no memory, etc.)
4052 */
4053 SECStatus
4054 CERT_VerifyOCSPResponseSignature(CERTOCSPResponse *response,
4055 CERTCertDBHandle *handle, void *pwArg,
4056 CERTCertificate **pSignerCert,
4057 CERTCertificate *issuer)
4058 {
4059 SECItem *tbsResponseDataDER;
4060 CERTCertificate *signerCert = NULL;
4061 SECStatus rv = SECFailure;
4062 PRTime producedAt;
4063
4064 /* ocsp_DecodeBasicOCSPResponse will fail if asn1 decoder is unable
4065 * to properly decode tbsData (see the function and
4066 * ocsp_BasicOCSPResponseTemplate). Thus, tbsData can not be
4067 * equal to null */
4068 ocspResponseData *tbsData = ocsp_GetResponseData(response,
4069 &tbsResponseDataDER);
4070 ocspSignature *signature = ocsp_GetResponseSignature(response);
4071
4072 if (!signature) {
4073 PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
4074 return SECFailure;
4075 }
4076
4077 /*
4078 * If this signature has already gone through verification, just
4079 * return the cached result.
4080 */
4081 if (signature->wasChecked) {
4082 if (signature->status == SECSuccess) {
4083 if (pSignerCert != NULL)
4084 *pSignerCert = CERT_DupCertificate(signature->cert);
4085 } else {
4086 PORT_SetError(signature->failureReason);
4087 }
4088 return signature->status;
4089 }
4090
4091 signerCert = ocsp_GetSignerCertificate(handle, tbsData,
4092 signature, issuer);
4093 if (signerCert == NULL) {
4094 rv = SECFailure;
4095 if (PORT_GetError() == SEC_ERROR_UNKNOWN_CERT) {
4096 /* Make the error a little more specific. */
4097 PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
4098 }
4099 goto finish;
4100 }
4101
4102 /*
4103 * We could mark this true at the top of this function, or always
4104 * below at "finish", but if the problem was just that we could not
4105 * find the signer's cert, leave that as if the signature hasn't
4106 * been checked in case a subsequent call might have better luck.
4107 */
4108 signature->wasChecked = PR_TRUE;
4109
4110 /*
4111 * The function will also verify the signer certificate; we
4112 * need to tell it *when* that certificate must be valid -- for our
4113 * purposes we expect it to be valid when the response was signed.
4114 * The value of "producedAt" is the signing time.
4115 */
4116 rv = DER_GeneralizedTimeToTime(&producedAt, &tbsData->producedAt);
4117 if (rv != SECSuccess)
4118 goto finish;
4119
4120 /*
4121 * Just because we have a cert does not mean it is any good; check
4122 * it for validity, trust and usage.
4123 */
4124 if (ocsp_CertIsOCSPDefaultResponder(handle, signerCert)) {
4125 rv = SECSuccess;
4126 } else {
4127 SECCertUsage certUsage;
4128 if (CERT_IsCACert(signerCert, NULL)) {
4129 certUsage = certUsageAnyCA;
4130 } else {
4131 certUsage = certUsageStatusResponder;
4132 }
4133 rv = cert_VerifyCertWithFlags(handle, signerCert, PR_TRUE, certUsage,
4134 producedAt, CERT_VERIFYCERT_SKIP_OCSP,
4135 pwArg, NULL);
4136 if (rv != SECSuccess) {
4137 PORT_SetError(SEC_ERROR_OCSP_INVALID_SIGNING_CERT);
4138 goto finish;
4139 }
4140 }
4141
4142 rv = ocsp_VerifyResponseSignature(signerCert, signature,
4143 tbsResponseDataDER,
4144 pwArg);
4145
4146 finish:
4147 if (signature->wasChecked)
4148 signature->status = rv;
4149
4150 if (rv != SECSuccess) {
4151 signature->failureReason = PORT_GetError();
4152 if (signerCert != NULL)
4153 CERT_DestroyCertificate(signerCert);
4154 } else {
4155 /*
4156 * Save signer's certificate in signature.
4157 */
4158 signature->cert = signerCert;
4159 if (pSignerCert != NULL) {
4160 /*
4161 * Pass pointer to signer's certificate back to our caller,
4162 * who is also now responsible for destroying it.
4163 */
4164 *pSignerCert = CERT_DupCertificate(signerCert);
4165 }
4166 }
4167
4168 return rv;
4169 }
4170
4171 /*
4172 * See if the request's certID and the single response's certID match.
4173 * This can be easy or difficult, depending on whether the same hash
4174 * algorithm was used.
4175 */
4176 static PRBool
4177 ocsp_CertIDsMatch(CERTOCSPCertID *requestCertID,
4178 CERTOCSPCertID *responseCertID)
4179 {
4180 PRBool match = PR_FALSE;
4181 SECOidTag hashAlg;
4182 SECItem *keyHash = NULL;
4183 SECItem *nameHash = NULL;
4184
4185 /*
4186 * In order to match, they must have the same issuer and the same
4187 * serial number.
4188 *
4189 * We just compare the easier things first.
4190 */
4191 if (SECITEM_CompareItem(&requestCertID->serialNumber,
4192 &responseCertID->serialNumber) != SECEqual) {
4193 goto done;
4194 }
4195
4196 /*
4197 * Make sure the "parameters" are not too bogus. Since we encoded
4198 * requestCertID->hashAlgorithm, we don't need to check it.
4199 */
4200 if (responseCertID->hashAlgorithm.parameters.len > 2) {
4201 goto done;
4202 }
4203 if (SECITEM_CompareItem(&requestCertID->hashAlgorithm.algorithm,
4204 &responseCertID->hashAlgorithm.algorithm) ==
4205 SECEqual) {
4206 /*
4207 * If the hash algorithms match then we can do a simple compare
4208 * of the hash values themselves.
4209 */
4210 if ((SECITEM_CompareItem(&requestCertID->issuerNameHash,
4211 &responseCertID->issuerNameHash) == SECEqual) & &
4212 (SECITEM_CompareItem(&requestCertID->issuerKeyHash,
4213 &responseCertID->issuerKeyHash) == SECEqual)) {
4214 match = PR_TRUE;
4215 }
4216 goto done;
4217 }
4218
4219 hashAlg = SECOID_FindOIDTag(&responseCertID->hashAlgorithm.algorithm);
4220 switch (hashAlg) {
4221 case SEC_OID_SHA1:
4222 keyHash = &requestCertID->issuerSHA1KeyHash;
4223 nameHash = &requestCertID->issuerSHA1NameHash;
4224 break;
4225 case SEC_OID_MD5:
4226 keyHash = &requestCertID->issuerMD5KeyHash;
4227 nameHash = &requestCertID->issuerMD5NameHash;
4228 break;
4229 case SEC_OID_MD2:
4230 keyHash = &requestCertID->issuerMD2KeyHash;
4231 nameHash = &requestCertID->issuerMD2NameHash;
4232 break;
4233 default:
4234 PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
4235 return PR_FALSE;
4236 }
4237
4238 if ((keyHash != NULL) &&
4239 (SECITEM_CompareItem(nameHash,
4240 &responseCertID->issuerNameHash) == SECEqual) &&
4241 (SECITEM_CompareItem(keyHash,
4242 &responseCertID->issuerKeyHash) == SECEqual)) {
4243 match = PR_TRUE;
4244 }
4245
4246 done:
4247 return match;
4248 }
4249
4250 /*
4251 * Find the single response for the cert specified by certID.
4252 * No copying is done; this just returns a pointer to the appropriate
4253 * response within responses, if it is found (and null otherwise).
4254 * This is fine, of course, since this function is internal-use only.
4255 */
4256 static CERTOCSPSingleResponse *
4257 ocsp_GetSingleResponseForCertID(CERTOCSPSingleResponse **responses,
4258 CERTCertDBHandle *handle,
4259 CERTOCSPCertID *certID)
4260 {
4261 CERTOCSPSingleResponse *single;
4262 int i;
4263
4264 if (responses == NULL)
4265 return NULL;
4266
4267 for (i = 0; responses[i] != NULL; i++) {
4268 single = responses[i];
4269 if (ocsp_CertIDsMatch(certID, single->certID)) {
4270 return single;
4271 }
4272 }
4273
4274 /*
4275 * The OCSP server should have included a response even if it knew
4276 * nothing about the certificate in question. Since it did not,
4277 * this will make it look as if it had.
4278 *
4279 * XXX Should we make this a separate error to notice the server's
4280 * bad behavior?
4281 */
4282 PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
4283 return NULL;
4284 }
4285
4286 static ocspCheckingContext *
4287 ocsp_GetCheckingContext(CERTCertDBHandle *handle)
4288 {
4289 CERTStatusConfig *statusConfig;
4290 ocspCheckingContext *ocspcx = NULL;
4291
4292 statusConfig = CERT_GetStatusConfig(handle);
4293 if (statusConfig != NULL) {
4294 ocspcx = statusConfig->statusContext;
4295
4296 /*
4297 * This is actually an internal error, because we should never
4298 * have a good statusConfig without a good statusContext, too.
4299 * For lack of anything better, though, we just assert and use
4300 * the same error as if there were no statusConfig (set below).
4301 */
4302 PORT_Assert(ocspcx != NULL);
4303 }
4304
4305 if (ocspcx == NULL)
4306 PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
4307
4308 return ocspcx;
4309 }
4310
4311 /*
4312 * Return cert reference if the given signerCert is the default responder for
4313 * the given certID. If not, or if any error, return NULL.
4314 */
4315 static CERTCertificate *
4316 ocsp_CertGetDefaultResponder(CERTCertDBHandle *handle, CERTOCSPCertID *certID)
4317 {
4318 ocspCheckingContext *ocspcx;
4319
4320 ocspcx = ocsp_GetCheckingContext(handle);
4321 if (ocspcx == NULL)
4322 goto loser;
4323
4324 /*
4325 * Right now we have only one default responder. It applies to
4326 * all certs when it is used, so the check is simple and certID
4327 * has no bearing on the answer. Someday in the future we may
4328 * allow configuration of different responders for different
4329 * issuers, and then we would have to use the issuer specified
4330 * in certID to determine if signerCert is the right one.
4331 */
4332 if (ocspcx->useDefaultResponder) {
4333 PORT_Assert(ocspcx->defaultResponderCert != NULL);
4334 return ocspcx->defaultResponderCert;
4335 }
4336
4337 loser:
4338 return NULL;
4339 }
4340
4341 /*
4342 * Return true if the cert is one of the default responders configured for
4343 * ocsp context. If not, or if any error, return false.
4344 */
4345 PRBool
4346 ocsp_CertIsOCSPDefaultResponder(CERTCertDBHandle *handle, CERTCertificate *cert)
4347 {
4348 ocspCheckingContext *ocspcx;
4349
4350 ocspcx = ocsp_GetCheckingContext(handle);
4351 if (ocspcx == NULL)
4352 return PR_FALSE;
4353
4354 /*
4355 * Right now we have only one default responder. It applies to
4356 * all certs when it is used, so the check is simple and certID
4357 * has no bearing on the answer. Someday in the future we may
4358 * allow configuration of different responders for different
4359 * issuers, and then we would have to use the issuer specified
4360 * in certID to determine if signerCert is the right one.
4361 */
4362 if (ocspcx->useDefaultResponder &&
4363 CERT_CompareCerts(ocspcx->defaultResponderCert, cert)) {
4364 return PR_TRUE;
4365 }
4366
4367 return PR_FALSE;
4368 }
4369
4370 /*
4371 * Check that the given signer certificate is authorized to sign status
4372 * information for the given certID. Return true if it is, false if not
4373 * (or if there is any error along the way). If false is returned because
4374 * the signer is not authorized, the following error will be set:
4375 * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
4376 * Other errors are low-level problems (no memory, bad database, etc.).
4377 *
4378 * There are three ways to be authorized. In the order in which we check,
4379 * using the terms used in the OCSP spec, the signer must be one of:
4380 * 1. A "trusted responder" -- it matches a local configuration
4381 * of OCSP signing authority for the certificate in question.
4382 * 2. The CA who issued the certificate in question.
4383 * 3. A "CA designated responder", aka an "authorized responder" -- it
4384 * must be represented by a special cert issued by the CA who issued
4385 * the certificate in question.
4386 */
4387 static PRBool
4388 ocsp_AuthorizedResponderForCertID(CERTCertDBHandle *handle,
4389 CERTCertificate *signerCert,
4390 CERTOCSPCertID *certID,
4391 PRTime thisUpdate)
4392 {
4393 CERTCertificate *issuerCert = NULL, *defRespCert;
4394 SECItem *keyHash = NULL;
4395 SECItem *nameHash = NULL;
4396 SECOidTag hashAlg;
4397 PRBool keyHashEQ = PR_FALSE, nameHashEQ = PR_FALSE;
4398
4399 /*
4400 * Check first for a trusted responder, which overrides everything else.
4401 */
4402 if ((defRespCert = ocsp_CertGetDefaultResponder(handle, certID)) &&
4403 CERT_CompareCerts(defRespCert, signerCert)) {
4404 return PR_TRUE;
4405 }
4406
4407 /*
4408 * In the other two cases, we need to do an issuer comparison.
4409 * How we do it depends on whether the signer certificate has the
4410 * special extension (for a designated responder) or not.
4411 *
4412 * First, lets check if signer of the response is the actual issuer
4413 * of the cert. For that we will use signer cert key hash and cert subj
4414 * name hash and will compare them with already calculated issuer key
4415 * hash and issuer name hash. The hash algorithm is picked from response
4416 * certID hash to avoid second hash calculation.
4417 */
4418
4419 hashAlg = SECOID_FindOIDTag(&certID->hashAlgorithm.algorithm);
4420
4421 keyHash = CERT_GetSubjectPublicKeyDigest(NULL, signerCert, hashAlg, NULL);
4422 if (keyHash != NULL) {
4423
4424 keyHashEQ =
4425 (SECITEM_CompareItem(keyHash,
4426 &certID->issuerKeyHash) == SECEqual);
4427 SECITEM_FreeItem(keyHash, PR_TRUE);
4428 }
4429 if (keyHashEQ &&
4430 (nameHash = CERT_GetSubjectNameDigest(NULL, signerCert,
4431 hashAlg, NULL))) {
4432 nameHashEQ =
4433 (SECITEM_CompareItem(nameHash,
4434 &certID->issuerNameHash) == SECEqual);
4435
4436 SECITEM_FreeItem(nameHash, PR_TRUE);
4437 if (nameHashEQ) {
4438 /* The issuer of the cert is the the signer of the response */
4439 return PR_TRUE;
4440 }
4441 }
4442
4443 keyHashEQ = PR_FALSE;
4444 nameHashEQ = PR_FALSE;
4445
4446 if (!ocsp_CertIsOCSPDesignatedResponder(signerCert)) {
4447 PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
4448 return PR_FALSE;
4449 }
4450
4451 /*
4452 * The signer is a designated responder. Its issuer must match
4453 * the issuer of the cert being checked.
4454 */
4455 issuerCert = CERT_FindCertIssuer(signerCert, thisUpdate,
4456 certUsageAnyCA);
4457 if (issuerCert == NULL) {
4458 /*
4459 * We could leave the SEC_ERROR_UNKNOWN_ISSUER error alone,
4460 * but the following will give slightly more information.
4461 * Once we have an error stack, things will be much better.
4462 */
4463 PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
4464 return PR_FALSE;
4465 }
4466
4467 keyHash = CERT_GetSubjectPublicKeyDigest(NULL, issuerCert, hashAlg, NULL);
4468 nameHash = CERT_GetSubjectNameDigest(NULL, issuerCert, hashAlg, NULL);
4469
4470 CERT_DestroyCertificate(issuerCert);
4471
4472 if (keyHash != NULL && nameHash != NULL) {
4473 keyHashEQ =
4474 (SECITEM_CompareItem(keyHash,
4475 &certID->issuerKeyHash) == SECEqual);
4476
4477 nameHashEQ =
4478 (SECITEM_CompareItem(nameHash,
4479 &certID->issuerNameHash) == SECEqual);
4480 }
4481
4482 if (keyHash) {
4483 SECITEM_FreeItem(keyHash, PR_TRUE);
4484 }
4485 if (nameHash) {
4486 SECITEM_FreeItem(nameHash, PR_TRUE);
4487 }
4488
4489 if (keyHashEQ && nameHashEQ) {
4490 return PR_TRUE;
4491 }
4492
4493 PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE);
4494 return PR_FALSE;
4495 }
4496
4497 /*
4498 * We need to check that a responder gives us "recent" information.
4499 * Since a responder can pre-package responses, we need to pick an amount
4500 * of time that is acceptable to us, and reject any response that is
4501 * older than that.
4502 *
4503 * XXX This *should* be based on some configuration parameter, so that
4504 * different usages could specify exactly what constitutes "sufficiently
4505 * recent". But that is not going to happen right away. For now, we
4506 * want something from within the last 24 hours. This macro defines that
4507 * number in seconds.
4508 */
4509 #define OCSP_ALLOWABLE_LAPSE_SECONDS (24L * 60L * 60L)
4510
4511 static PRBool
4512 ocsp_TimeIsRecent(PRTime checkTime)
4513 {
4514 PRTime now = PR_Now();
4515 PRTime lapse, tmp;
4516
4517 LL_I2L(lapse, OCSP_ALLOWABLE_LAPSE_SECONDS);
4518 LL_I2L(tmp, PR_USEC_PER_SEC);
4519 LL_MUL(lapse, lapse, tmp); /* allowable lapse in microseconds */
4520
4521 LL_ADD(checkTime, checkTime, lapse);
4522 if (LL_CMP(now, >, checkTime))
4523 return PR_FALSE;
4524
4525 return PR_TRUE;
4526 }
4527
4528 #define OCSP_SLOP (5L * 60L) /* OCSP responses are allowed to be 5 minutes \
4529 in the future by default */
4530
4531 static PRUint32 ocspsloptime = OCSP_SLOP; /* seconds */
4532
4533 /*
4534 * If an old response contains the revoked certificate status, we want
4535 * to return SECSuccess so the response will be used.
4536 */
4537 static SECStatus
4538 ocsp_HandleOldSingleResponse(CERTOCSPSingleResponse *single, PRTime time)
4539 {
4540 SECStatus rv;
4541 ocspCertStatus *status = single->certStatus;
4542 if (status->certStatusType == ocspCertStatus_revoked) {
4543 rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time);
4544 if (rv != SECSuccess &&
4545 PORT_GetError() == SEC_ERROR_REVOKED_CERTIFICATE) {
4546 /*
4547 * Return SECSuccess now. The subsequent ocsp_CertRevokedAfter
4548 * call in ocsp_CertHasGoodStatus will cause
4549 * ocsp_CertHasGoodStatus to fail with
4550 * SEC_ERROR_REVOKED_CERTIFICATE.
4551 */
4552 return SECSuccess;
4553 }
4554 }
4555 PORT_SetError(SEC_ERROR_OCSP_OLD_RESPONSE);
4556 return SECFailure;
4557 }
4558
4559 /*
4560 * Check that this single response is okay. A return of SECSuccess means:
4561 * 1. The signer (represented by "signerCert") is authorized to give status
4562 * for the cert represented by the individual response in "single".
4563 * 2. The value of thisUpdate is earlier than now.
4564 * 3. The value of producedAt is later than or the same as thisUpdate.
4565 * 4. If nextUpdate is given:
4566 * - The value of nextUpdate is later than now.
4567 * - The value of producedAt is earlier than nextUpdate.
4568 * Else if no nextUpdate:
4569 * - The value of thisUpdate is fairly recent.
4570 * - The value of producedAt is fairly recent.
4571 * However we do not need to perform an explicit check for this last
4572 * constraint because it is already guaranteed by checking that
4573 * producedAt is later than thisUpdate and thisUpdate is recent.
4574 * Oh, and any responder is "authorized" to say that a cert is unknown to it.
4575 *
4576 * If any of those checks fail, SECFailure is returned and an error is set:
4577 * SEC_ERROR_OCSP_FUTURE_RESPONSE
4578 * SEC_ERROR_OCSP_OLD_RESPONSE
4579 * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
4580 * Other errors are low-level problems (no memory, bad database, etc.).
4581 */
4582 static SECStatus
4583 ocsp_VerifySingleResponse(CERTOCSPSingleResponse *single,
4584 CERTCertDBHandle *handle,
4585 CERTCertificate *signerCert,
4586 PRTime producedAt)
4587 {
4588 CERTOCSPCertID *certID = single->certID;
4589 PRTime now, thisUpdate, nextUpdate, tmstamp, tmp;
4590 SECStatus rv;
4591
4592 OCSP_TRACE(("OCSP ocsp_VerifySingleResponse, nextUpdate: %d\n",
4593 ((single->nextUpdate) != 0)));
4594 /*
4595 * If all the responder said was that the given cert was unknown to it,
4596 * that is a valid response. Not very interesting to us, of course,
4597 * but all this function is concerned with is validity of the response,
4598 * not the status of the cert.
4599 */
4600 PORT_Assert(single->certStatus != NULL);
4601 if (single->certStatus->certStatusType == ocspCertStatus_unknown)
4602 return SECSuccess;
4603
4604 /*
4605 * We need to extract "thisUpdate" for use below and to pass along
4606 * to AuthorizedResponderForCertID in case it needs it for doing an
4607 * issuer look-up.
4608 */
4609 rv = DER_GeneralizedTimeToTime(&thisUpdate, &single->thisUpdate);
4610 if (rv != SECSuccess)
4611 return rv;
4612
4613 /*
4614 * First confirm that signerCert is authorized to give this status.
4615 */
4616 if (ocsp_AuthorizedResponderForCertID(handle, signerCert, certID,
4617 thisUpdate) != PR_TRUE)
4618 return SECFailure;
4619
4620 /*
4621 * Now check the time stuff, as described above.
4622 */
4623 now = PR_Now();
4624 /* allow slop time for future response */
4625 LL_UI2L(tmstamp, ocspsloptime); /* get slop time in seconds */
4626 LL_UI2L(tmp, PR_USEC_PER_SEC);
4627 LL_MUL(tmp, tmstamp, tmp); /* convert the slop time to PRTime */
4628 LL_ADD(tmstamp, tmp, now); /* add current time to it */
4629
4630 if (LL_CMP(thisUpdate, >, tmstamp) || LL_CMP(producedAt, <, thisUpdate)) {
4631 PORT_SetError(SEC_ERROR_OCSP_FUTURE_RESPONSE);
4632 return SECFailure;
4633 }
4634 if (single->nextUpdate != NULL) {
4635 rv = DER_GeneralizedTimeToTime(&nextUpdate, single->nextUpdate);
4636 if (rv != SECSuccess)
4637 return rv;
4638
4639 LL_ADD(tmp, tmp, nextUpdate);
4640 if (LL_CMP(tmp, <, now) || LL_CMP(producedAt, >, nextUpdate))
4641 return ocsp_HandleOldSingleResponse(single, now);
4642 } else if (ocsp_TimeIsRecent(thisUpdate) != PR_TRUE) {
4643 return ocsp_HandleOldSingleResponse(single, now);
4644 }
4645
4646 return SECSuccess;
4647 }
4648
4649 /*
4650 * FUNCTION: CERT_GetOCSPAuthorityInfoAccessLocation
4651 * Get the value of the URI of the OCSP responder for the given cert.
4652 * This is found in the (optional) Authority Information Access extension
4653 * in the cert.
4654 * INPUTS:
4655 * CERTCertificate *cert
4656 * The certificate being examined.
4657 * RETURN:
4658 * char *
4659 * A copy of the URI for the OCSP method, if found. If either the
4660 * extension is not present or it does not contain an entry for OCSP,
4661 * SEC_ERROR_CERT_BAD_ACCESS_LOCATION will be set and a NULL returned.
4662 * Any other error will also result in a NULL being returned.
4663 *
4664 * This result should be freed (via PORT_Free) when no longer in use.
4665 */
4666 char *
4667 CERT_GetOCSPAuthorityInfoAccessLocation(const CERTCertificate *cert)
4668 {
4669 CERTGeneralName *locname = NULL;
4670 SECItem *location = NULL;
4671 SECItem *encodedAuthInfoAccess = NULL;
4672 CERTAuthInfoAccess **authInfoAccess = NULL;
4673 char *locURI = NULL;
4674 PLArenaPool *arena = NULL;
4675 SECStatus rv;
4676 int i;
4677
4678 /*
4679 * Allocate this one from the heap because it will get filled in
4680 * by CERT_FindCertExtension which will also allocate from the heap,
4681 * and we can free the entire thing on our way out.
4682 */
4683 encodedAuthInfoAccess = SECITEM_AllocItem(NULL, NULL, 0);
4684 if (encodedAuthInfoAccess == NULL)
4685 goto loser;
4686
4687 rv = CERT_FindCertExtension(cert, SEC_OID_X509_AUTH_INFO_ACCESS,
4688 encodedAuthInfoAccess);
4689 if (rv == SECFailure) {
4690 PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
4691 goto loser;
4692 }
4693
4694 /*
4695 * The rest of the things allocated in the routine will come out of
4696 * this arena, which is temporary just for us to decode and get at the
4697 * AIA extension. The whole thing will be destroyed on our way out,
4698 * after we have copied the location string (url) itself (if found).
4699 */
4700 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
4701 if (arena == NULL)
4702 goto loser;
4703
4704 authInfoAccess = CERT_DecodeAuthInfoAccessExtension(arena,
4705 encodedAuthInfoAccess);
4706 if (authInfoAccess == NULL)
4707 goto loser;
4708
4709 for (i = 0; authInfoAccess[i] != NULL; i++) {
4710 if (SECOID_FindOIDTag(&authInfoAccess[i]->method) == SEC_OID_PKIX_OCSP)
4711 locname = authInfoAccess[i]->location;
4712 }
4713
4714 /*
4715 * If we found an AIA extension, but it did not include an OCSP method,
4716 * that should look to our caller as if we did not find the extension
4717 * at all, because it is only an OCSP method that we care about.
4718 * So set the same error that would be set if the AIA extension was
4719 * not there at all.
4720 */
4721 if (locname == NULL) {
4722 PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
4723 goto loser;
4724 }
4725
4726 /*
4727 * The following is just a pointer back into locname (i.e. not a copy);
4728 * thus it should not be freed.
4729 */
4730 location = CERT_GetGeneralNameByType(locname, certURI, PR_FALSE);
4731 if (location == NULL) {
4732 /*
4733 * XXX Appears that CERT_GetGeneralNameByType does not set an
4734 * error if there is no name by that type. For lack of anything
4735 * better, act as if the extension was not found. In the future
4736 * this should probably be something more like the extension was
4737 * badly formed.
4738 */
4739 PORT_SetError(SEC_ERROR_CERT_BAD_ACCESS_LOCATION);
4740 goto loser;
4741 }
4742
4743 /*
4744 * That location is really a string, but it has a specified length
4745 * without a null-terminator. We need a real string that does have
4746 * a null-terminator, and we need a copy of it anyway to return to
4747 * our caller -- so allocate and copy.
4748 */
4749 locURI = PORT_Alloc(location->len + 1);
4750 if (locURI == NULL) {
4751 goto loser;
4752 }
4753 PORT_Memcpy(locURI, location->data, location->len);
4754 locURI[location->len] = '\0';
4755
4756 loser:
4757 if (arena != NULL)
4758 PORT_FreeArena(arena, PR_FALSE);
4759
4760 if (encodedAuthInfoAccess != NULL)
4761 SECITEM_FreeItem(encodedAuthInfoAccess, PR_TRUE);
4762
4763 return locURI;
4764 }
4765
4766 /*
4767 * Figure out where we should go to find out the status of the given cert
4768 * via OCSP. If allowed to use a default responder uri and a default
4769 * responder is set up, then that is our answer.
4770 * If not, see if the certificate has an Authority Information Access (AIA)
4771 * extension for OCSP, and return the value of that. Otherwise return NULL.
4772 * We also let our caller know whether or not the responder chosen was
4773 * a default responder or not through the output variable isDefault;
4774 * its value has no meaning unless a good (non-null) value is returned
4775 * for the location.
4776 *
4777 * The result needs to be freed (PORT_Free) when no longer in use.
4778 */
4779 char *
4780 ocsp_GetResponderLocation(CERTCertDBHandle *handle, CERTCertificate *cert,
4781 PRBool canUseDefault, PRBool *isDefault)
4782 {
4783 ocspCheckingContext *ocspcx = NULL;
4784 char *ocspUrl = NULL;
4785
4786 if (canUseDefault) {
4787 ocspcx = ocsp_GetCheckingContext(handle);
4788 }
4789 if (ocspcx != NULL && ocspcx->useDefaultResponder) {
4790 /*
4791 * A default responder wins out, if specified.
4792 * XXX Someday this may be a more complicated determination based
4793 * on the cert's issuer. (That is, we could have different default
4794 * responders configured for different issuers.)
4795 */
4796 PORT_Assert(ocspcx->defaultResponderURI != NULL);
4797 *isDefault = PR_TRUE;
4798 return (PORT_Strdup(ocspcx->defaultResponderURI));
4799 }
4800
4801 /*
4802 * No default responder set up, so go see if we can find an AIA
4803 * extension that has a value for OCSP, and get the url from that.
4804 */
4805 *isDefault = PR_FALSE;
4806 ocspUrl = CERT_GetOCSPAuthorityInfoAccessLocation(cert);
4807 if (!ocspUrl) {
4808 CERT_StringFromCertFcn altFcn;
4809
4810 PR_EnterMonitor(OCSP_Global.monitor);
4811 altFcn = OCSP_Global.alternateOCSPAIAFcn;
4812 PR_ExitMonitor(OCSP_Global.monitor);
4813 if (altFcn) {
4814 ocspUrl = (*altFcn)(cert);
4815 if (ocspUrl)
4816 *isDefault = PR_TRUE;
4817 }
4818 }
4819 return ocspUrl;
4820 }
4821
4822 /*
4823 * Return SECSuccess if the cert was revoked *after* "time",
4824 * SECFailure otherwise.
4825 */
4826 static SECStatus
4827 ocsp_CertRevokedAfter(ocspRevokedInfo *revokedInfo, PRTime time)
4828 {
4829 PRTime revokedTime;
4830 SECStatus rv;
4831
4832 rv = DER_GeneralizedTimeToTime(&revokedTime, &revokedInfo->revocationTime);
4833 if (rv != SECSuccess)
4834 return rv;
4835
4836 /*
4837 * Set the error even if we will return success; someone might care.
4838 */
4839 PORT_SetError(SEC_ERROR_REVOKED_CERTIFICATE);
4840
4841 if (LL_CMP(revokedTime, >, time))
4842 return SECSuccess;
4843
4844 return SECFailure;
4845 }
4846
4847 /*
4848 * See if the cert represented in the single response had a good status
4849 * at the specified time.
4850 */
4851 SECStatus
4852 ocsp_CertHasGoodStatus(ocspCertStatus *status, PRTime time)
4853 {
4854 SECStatus rv;
4855 switch (status->certStatusType) {
4856 case ocspCertStatus_good:
4857 rv = SECSuccess;
4858 break;
4859 case ocspCertStatus_revoked:
4860 rv = ocsp_CertRevokedAfter(status->certStatusInfo.revokedInfo, time) ;
4861 break;
4862 case ocspCertStatus_unknown:
4863 PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_CERT);
4864 rv = SECFailure;
4865 break;
4866 case ocspCertStatus_other:
4867 default:
4868 PORT_Assert(0);
4869 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_RESPONSE);
4870 rv = SECFailure;
4871 break;
4872 }
4873 return rv;
4874 }
4875
4876 static SECStatus
4877 ocsp_SingleResponseCertHasGoodStatus(CERTOCSPSingleResponse *single,
4878 PRTime time)
4879 {
4880 return ocsp_CertHasGoodStatus(single->certStatus, time);
4881 }
4882
4883 /* SECFailure means the arguments were invalid.
4884 * On SECSuccess, the out parameters contain the OCSP status.
4885 * rvOcsp contains the overall result of the OCSP operation.
4886 * Depending on input parameter ignoreGlobalOcspFailureSetting,
4887 * a soft failure might be converted into *rvOcsp=SECSuccess.
4888 * If the cached attempt to obtain OCSP information had resulted
4889 * in a failure, missingResponseError shows the error code of
4890 * that failure.
4891 * cacheFreshness is ocspMissing if no entry was found,
4892 * ocspFresh if a fresh entry was found, or
4893 * ocspStale if a stale entry was found.
4894 */
4895 SECStatus
4896 ocsp_GetCachedOCSPResponseStatus(CERTOCSPCertID *certID,
4897 PRTime time,
4898 PRBool ignoreGlobalOcspFailureSetting,
4899 SECStatus *rvOcsp,
4900 SECErrorCodes *missingResponseError,
4901 OCSPFreshness *cacheFreshness)
4902 {
4903 OCSPCacheItem *cacheItem = NULL;
4904
4905 if (!certID || !missingResponseError || !rvOcsp || !cacheFreshness) {
4906 PORT_SetError(SEC_ERROR_INVALID_ARGS);
4907 return SECFailure;
4908 }
4909 *rvOcsp = SECFailure;
4910 *missingResponseError = 0;
4911 *cacheFreshness = ocspMissing;
4912
4913 PR_EnterMonitor(OCSP_Global.monitor);
4914 cacheItem = ocsp_FindCacheEntry(&OCSP_Global.cache, certID);
4915 if (cacheItem) {
4916 *cacheFreshness = ocsp_IsCacheItemFresh(cacheItem) ? ocspFresh
4917 : ocspStale;
4918 /* having an arena means, we have a cached certStatus */
4919 if (cacheItem->certStatusArena) {
4920 *rvOcsp = ocsp_CertHasGoodStatus(&cacheItem->certStatus, time);
4921 if (*rvOcsp != SECSuccess) {
4922 *missingResponseError = PORT_GetError();
4923 }
4924 } else {
4925 /*
4926 * No status cached, the previous attempt failed.
4927 * If OCSP is required, we never decide based on a failed attempt
4928 * However, if OCSP is optional, a recent OCSP failure is
4929 * an allowed good state.
4930 */
4931 if (*cacheFreshness == ocspFresh &&
4932 !ignoreGlobalOcspFailureSetting &&
4933 OCSP_Global.ocspFailureMode ==
4934 ocspMode_FailureIsNotAVerificationFailure) {
4935 *rvOcsp = SECSuccess;
4936 }
4937 *missingResponseError = cacheItem->missingResponseError;
4938 }
4939 }
4940 PR_ExitMonitor(OCSP_Global.monitor);
4941 return SECSuccess;
4942 }
4943
4944 PRBool
4945 ocsp_FetchingFailureIsVerificationFailure(void)
4946 {
4947 PRBool isFailure;
4948
4949 PR_EnterMonitor(OCSP_Global.monitor);
4950 isFailure =
4951 OCSP_Global.ocspFailureMode == ocspMode_FailureIsVerificationFailure;
4952 PR_ExitMonitor(OCSP_Global.monitor);
4953 return isFailure;
4954 }
4955
4956 /*
4957 * FUNCTION: CERT_CheckOCSPStatus
4958 * Checks the status of a certificate via OCSP. Will only check status for
4959 * a certificate that has an AIA (Authority Information Access) extension
4960 * for OCSP *or* when a "default responder" is specified and enabled.
4961 * (If no AIA extension for OCSP and no default responder in place, the
4962 * cert is considered to have a good status and SECSuccess is returned.)
4963 * INPUTS:
4964 * CERTCertDBHandle *handle
4965 * certificate DB of the cert that is being checked
4966 * CERTCertificate *cert
4967 * the certificate being checked
4968 * XXX in the long term also need a boolean parameter that specifies
4969 * whether to check the cert chain, as well; for now we check only
4970 * the leaf (the specified certificate)
4971 * PRTime time
4972 * time for which status is to be determined
4973 * void *pwArg
4974 * argument for password prompting, if needed
4975 * RETURN:
4976 * Returns SECSuccess if an approved OCSP responder "knows" the cert
4977 * *and* returns a non-revoked status for it; SECFailure otherwise,
4978 * with an error set describing the reason:
4979 *
4980 * SEC_ERROR_OCSP_BAD_HTTP_RESPONSE
4981 * SEC_ERROR_OCSP_FUTURE_RESPONSE
4982 * SEC_ERROR_OCSP_MALFORMED_REQUEST
4983 * SEC_ERROR_OCSP_MALFORMED_RESPONSE
4984 * SEC_ERROR_OCSP_OLD_RESPONSE
4985 * SEC_ERROR_OCSP_REQUEST_NEEDS_SIG
4986 * SEC_ERROR_OCSP_SERVER_ERROR
4987 * SEC_ERROR_OCSP_TRY_SERVER_LATER
4988 * SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST
4989 * SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE
4990 * SEC_ERROR_OCSP_UNKNOWN_CERT
4991 * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS
4992 * SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE
4993 *
4994 * SEC_ERROR_BAD_SIGNATURE
4995 * SEC_ERROR_CERT_BAD_ACCESS_LOCATION
4996 * SEC_ERROR_INVALID_TIME
4997 * SEC_ERROR_REVOKED_CERTIFICATE
4998 * SEC_ERROR_UNKNOWN_ISSUER
4999 * SEC_ERROR_UNKNOWN_SIGNER
5000 *
5001 * Other errors are any of the many possible failures in cert verification
5002 * (e.g. SEC_ERROR_REVOKED_CERTIFICATE, SEC_ERROR_UNTRUSTED_ISSUER) when
5003 * verifying the signer's cert, or low-level problems (error allocating
5004 * memory, error performing ASN.1 decoding, etc.).
5005 */
5006 SECStatus
5007 CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
5008 PRTime time, void *pwArg)
5009 {
5010 CERTOCSPCertID *certID;
5011 PRBool certIDWasConsumed = PR_FALSE;
5012 SECStatus rv;
5013 SECStatus rvOcsp;
5014 SECErrorCodes cachedErrorCode;
5015 OCSPFreshness cachedResponseFreshness;
5016
5017 OCSP_TRACE_CERT(cert);
5018 OCSP_TRACE_TIME("## requested validity time:", time);
5019
5020 certID = CERT_CreateOCSPCertID(cert, time);
5021 if (!certID)
5022 return SECFailure;
5023 rv = ocsp_GetCachedOCSPResponseStatus(
5024 certID, time, PR_FALSE, /* ignoreGlobalOcspFailureSetting */
5025 &rvOcsp, &cachedErrorCode, &cachedResponseFreshness);
5026 if (rv != SECSuccess) {
5027 CERT_DestroyOCSPCertID(certID);
5028 return SECFailure;
5029 }
5030 if (cachedResponseFreshness == ocspFresh) {
5031 CERT_DestroyOCSPCertID(certID);
5032 if (rvOcsp != SECSuccess) {
5033 PORT_SetError(cachedErrorCode);
5034 }
5035 return rvOcsp;
5036 }
5037
5038 rv = ocsp_GetOCSPStatusFromNetwork(handle, certID, cert, time, pwArg,
5039 &certIDWasConsumed,
5040 &rvOcsp);
5041 if (rv != SECSuccess) {
5042 PRErrorCode err = PORT_GetError();
5043 if (ocsp_FetchingFailureIsVerificationFailure()) {
5044 PORT_SetError(err);
5045 rvOcsp = SECFailure;
5046 } else if (cachedResponseFreshness == ocspStale &&
5047 (cachedErrorCode == SEC_ERROR_OCSP_UNKNOWN_CERT ||
5048 cachedErrorCode == SEC_ERROR_REVOKED_CERTIFICATE)) {
5049 /* If we couldn't get a response for a certificate that the OCSP
5050 * responder previously told us was bad, then assume it is still
5051 * bad until we hear otherwise, as it is very unlikely that the
5052 * certificate status has changed from "revoked" to "good" and it
5053 * is also unlikely that the certificate status has changed from
5054 * "unknown" to "good", except for some buggy OCSP responders.
5055 */
5056 PORT_SetError(cachedErrorCode);
5057 rvOcsp = SECFailure;
5058 } else {
5059 rvOcsp = SECSuccess;
5060 }
5061 }
5062 if (!certIDWasConsumed) {
5063 CERT_DestroyOCSPCertID(certID);
5064 }
5065 return rvOcsp;
5066 }
5067
5068 /*
5069 * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
5070 * First, this function checks the OCSP cache to see if a good response
5071 * for the given certificate already exists. If it does, then the function
5072 * returns successfully.
5073 *
5074 * If not, then it validates that the given OCSP response is a valid,
5075 * good response for the given certificate and inserts it into the
5076 * cache.
5077 *
5078 * This function is intended for use when OCSP responses are provided via a
5079 * side-channel, i.e. TLS OCSP stapling (a.k.a. the status_request extension).
5080 *
5081 * INPUTS:
5082 * CERTCertDBHandle *handle
5083 * certificate DB of the cert that is being checked
5084 * CERTCertificate *cert
5085 * the certificate being checked
5086 * PRTime time
5087 * time for which status is to be determined
5088 * SECItem *encodedResponse
5089 * the DER encoded bytes of the OCSP response
5090 * void *pwArg
5091 * argument for password prompting, if needed
5092 * RETURN:
5093 * SECSuccess if the cert was found in the cache, or if the OCSP response was
5094 * found to be valid and inserted into the cache. SECFailure otherwise.
5095 */
5096 SECStatus
5097 CERT_CacheOCSPResponseFromSideChannel(CERTCertDBHandle *handle,
5098 CERTCertificate *cert,
5099 PRTime time,
5100 const SECItem *encodedResponse,
5101 void *pwArg)
5102 {
5103 CERTOCSPCertID *certID = NULL;
5104 PRBool certIDWasConsumed = PR_FALSE;
5105 SECStatus rv = SECFailure;
5106 SECStatus rvOcsp = SECFailure;
5107 SECErrorCodes dummy_error_code; /* we ignore this */
5108 CERTOCSPResponse *decodedResponse = NULL;
5109 CERTOCSPSingleResponse *singleResponse = NULL;
5110 OCSPFreshness freshness;
5111
5112 /* The OCSP cache can be in three states regarding this certificate:
5113 * + Good (cached, timely, 'good' response, or revoked in the future)
5114 * + Revoked (cached, timely, but doesn't fit in the last category)
5115 * + Miss (no knowledge)
5116 *
5117 * Likewise, the side-channel information can be
5118 * + Good (timely, 'good' response, or revoked in the future)
5119 * + Revoked (timely, but doesn't fit in the last category)
5120 * + Invalid (bad syntax, bad signature, not timely etc)
5121 *
5122 * The common case is that the cache result is Good and so is the
5123 * side-channel information. We want to save processing time in this case
5124 * so we say that any time we see a Good result from the cache we return
5125 * early.
5126 *
5127 * Cache result
5128 * | Good Revoked Miss
5129 * ---+--------------------------------------------
5130 * G | noop Cache more Cache it
5131 * S | recent result
5132 * i |
5133 * d |
5134 * e |
5135 * R | noop Cache more Cache it
5136 * C | recent result
5137 * h |
5138 * a |
5139 * n |
5140 * n I | noop Noop Noop
5141 * e |
5142 * l |
5143 *
5144 * When we fetch from the network we might choose to cache a negative
5145 * result when the response is invalid. This saves us hammering, uselessly,
5146 * at a broken responder. However, side channels are commonly attacker
5147 * controlled and so we must not cache a negative result for an Invalid
5148 * side channel.
5149 */
5150
5151 if (!cert || !encodedResponse) {
5152 PORT_SetError(SEC_ERROR_INVALID_ARGS);
5153 return SECFailure;
5154 }
5155 certID = CERT_CreateOCSPCertID(cert, time);
5156 if (!certID)
5157 return SECFailure;
5158
5159 /* We pass PR_TRUE for ignoreGlobalOcspFailureSetting so that a cached
5160 * error entry is not interpreted as being a 'Good' entry here.
5161 */
5162 rv = ocsp_GetCachedOCSPResponseStatus(
5163 certID, time, PR_TRUE, /* ignoreGlobalOcspFailureSetting */
5164 &rvOcsp, &dummy_error_code, &freshness);
5165 if (rv == SECSuccess && rvOcsp == SECSuccess && freshness == ocspFresh) {
5166 /* The cached value is good. We don't want to waste time validating
5167 * this OCSP response. This is the first column in the table above. */
5168 CERT_DestroyOCSPCertID(certID);
5169 return rv;
5170 }
5171
5172 /* The logic for caching the more recent response is handled in
5173 * ocsp_CacheSingleResponse. */
5174
5175 rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert,
5176 time, pwArg,
5177 encodedResponse,
5178 &decodedResponse,
5179 &singleResponse);
5180 if (rv == SECSuccess) {
5181 rvOcsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
5182 /* Cache any valid singleResponse, regardless of status. */
5183 ocsp_CacheSingleResponse(certID, singleResponse, &certIDWasConsumed);
5184 }
5185 if (decodedResponse) {
5186 CERT_DestroyOCSPResponse(decodedResponse);
5187 }
5188 if (!certIDWasConsumed) {
5189 CERT_DestroyOCSPCertID(certID);
5190 }
5191 return rv == SECSuccess ? rvOcsp : rv;
5192 }
5193
5194 /*
5195 * Status in *certIDWasConsumed will always be correct, regardless of
5196 * return value.
5197 */
5198 static SECStatus
5199 ocsp_GetOCSPStatusFromNetwork(CERTCertDBHandle *handle,
5200 CERTOCSPCertID *certID,
5201 CERTCertificate *cert,
5202 PRTime time,
5203 void *pwArg,
5204 PRBool *certIDWasConsumed,
5205 SECStatus *rv_ocsp)
5206 {
5207 char *location = NULL;
5208 PRBool locationIsDefault;
5209 SECItem *encodedResponse = NULL;
5210 CERTOCSPRequest *request = NULL;
5211 SECStatus rv = SECFailure;
5212
5213 CERTOCSPResponse *decodedResponse = NULL;
5214 CERTOCSPSingleResponse *singleResponse = NULL;
5215 enum { stageGET,
5216 stagePOST } currentStage;
5217 PRBool retry = PR_FALSE;
5218
5219 if (!certIDWasConsumed || !rv_ocsp) {
5220 PORT_SetError(SEC_ERROR_INVALID_ARGS);
5221 return SECFailure;
5222 }
5223 *certIDWasConsumed = PR_FALSE;
5224 *rv_ocsp = SECFailure;
5225
5226 if (!OCSP_Global.monitor) {
5227 PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
5228 return SECFailure;
5229 }
5230 PR_EnterMonitor(OCSP_Global.monitor);
5231 if (OCSP_Global.forcePost) {
5232 currentStage = stagePOST;
5233 } else {
5234 currentStage = stageGET;
5235 }
5236 PR_ExitMonitor(OCSP_Global.monitor);
5237
5238 /*
5239 * The first thing we need to do is find the location of the responder.
5240 * This will be the value of the default responder (if enabled), else
5241 * it will come out of the AIA extension in the cert (if present).
5242 * If we have no such location, then this cert does not "deserve" to
5243 * be checked -- that is, we consider it a success and just return.
5244 * The way we tell that is by looking at the error number to see if
5245 * the problem was no AIA extension was found; any other error was
5246 * a true failure that we unfortunately have to treat as an overall
5247 * failure here.
5248 */
5249 location = ocsp_GetResponderLocation(handle, cert, PR_TRUE,
5250 &locationIsDefault);
5251 if (location == NULL) {
5252 int err = PORT_GetError();
5253 if (err == SEC_ERROR_EXTENSION_NOT_FOUND ||
5254 err == SEC_ERROR_CERT_BAD_ACCESS_LOCATION) {
5255 PORT_SetError(0);
5256 *rv_ocsp = SECSuccess;
5257 return SECSuccess;
5258 }
5259 return SECFailure;
5260 }
5261
5262 /*
5263 * XXX In the fullness of time, we will want/need to handle a
5264 * certificate chain. This will be done either when a new parameter
5265 * tells us to, or some configuration variable tells us to. In any
5266 * case, handling it is complicated because we may need to send as
5267 * many requests (and receive as many responses) as we have certs
5268 * in the chain. If we are going to talk to a default responder,
5269 * and we only support one default responder, we can put all of the
5270 * certs together into one request. Otherwise, we must break them up
5271 * into multiple requests. (Even if all of the requests will go to
5272 * the same location, the signature on each response will be different,
5273 * because each issuer is different. Carefully read the OCSP spec
5274 * if you do not understand this.)
5275 */
5276
5277 /*
5278 * XXX If/when signing of requests is supported, that second NULL
5279 * should be changed to be the signer certificate. Not sure if that
5280 * should be passed into this function or retrieved via some operation
5281 * on the handle/context.
5282 */
5283
5284 do {
5285 const char *method;
5286 PRBool validResponseWithAccurateInfo = PR_FALSE;
5287 retry = PR_FALSE;
5288 *rv_ocsp = SECFailure;
5289
5290 if (currentStage == stageGET) {
5291 method = "GET";
5292 } else {
5293 PORT_Assert(currentStage == stagePOST);
5294 method = "POST";
5295 }
5296
5297 encodedResponse =
5298 ocsp_GetEncodedOCSPResponseForSingleCert(NULL, certID, cert,
5299 location, method,
5300 time, locationIsDefault,
5301 pwArg, &request);
5302
5303 if (encodedResponse) {
5304 rv = ocsp_GetDecodedVerifiedSingleResponseForID(handle, certID, cert ,
5305 time, pwArg,
5306 encodedResponse,
5307 &decodedResponse,
5308 &singleResponse);
5309 if (rv == SECSuccess) {
5310 switch (singleResponse->certStatus->certStatusType) {
5311 case ocspCertStatus_good:
5312 case ocspCertStatus_revoked:
5313 validResponseWithAccurateInfo = PR_TRUE;
5314 break;
5315 default:
5316 break;
5317 }
5318 *rv_ocsp = ocsp_SingleResponseCertHasGoodStatus(singleResponse, time);
5319 }
5320 }
5321
5322 if (currentStage == stageGET) {
5323 /* only accept GET response if good or revoked */
5324 if (validResponseWithAccurateInfo) {
5325 ocsp_CacheSingleResponse(certID, singleResponse,
5326 certIDWasConsumed);
5327 } else {
5328 retry = PR_TRUE;
5329 currentStage = stagePOST;
5330 }
5331 } else {
5332 /* cache the POST respone, regardless of status */
5333 if (!singleResponse) {
5334 cert_RememberOCSPProcessingFailure(certID, certIDWasConsumed);
5335 } else {
5336 ocsp_CacheSingleResponse(certID, singleResponse,
5337 certIDWasConsumed);
5338 }
5339 }
5340
5341 if (encodedResponse) {
5342 SECITEM_FreeItem(encodedResponse, PR_TRUE);
5343 encodedResponse = NULL;
5344 }
5345 if (request) {
5346 CERT_DestroyOCSPRequest(request);
5347 request = NULL;
5348 }
5349 if (decodedResponse) {
5350 CERT_DestroyOCSPResponse(decodedResponse);
5351 decodedResponse = NULL;
5352 }
5353 singleResponse = NULL;
5354
5355 } while (retry);
5356
5357 PORT_Free(location);
5358 return rv;
5359 }
5360
5361 /*
5362 * FUNCTION: ocsp_GetDecodedVerifiedSingleResponseForID
5363 * This function decodes an OCSP response and checks for a valid response
5364 * concerning the given certificate.
5365 *
5366 * Note: a 'valid' response is one that parses successfully, is not an OCSP
5367 * exception (see RFC 2560 Section 2.3), is correctly signed and is current.
5368 * A 'good' response is a valid response that attests that the certificate
5369 * is not currently revoked (see RFC 2560 Section 2.2).
5370 *
5371 * INPUTS:
5372 * CERTCertDBHandle *handle
5373 * certificate DB of the cert that is being checked
5374 * CERTOCSPCertID *certID
5375 * the cert ID corresponding to |cert|
5376 * CERTCertificate *cert
5377 * the certificate being checked
5378 * PRTime time
5379 * time for which status is to be determined
5380 * void *pwArg
5381 * the opaque argument to the password prompting function.
5382 * SECItem *encodedResponse
5383 * the DER encoded bytes of the OCSP response
5384 * CERTOCSPResponse **pDecodedResponse
5385 * (output) The caller must ALWAYS check for this output parameter,
5386 * and if it's non-null, must destroy it using CERT_DestroyOCSPResponse.
5387 * CERTOCSPSingleResponse **pSingle
5388 * (output) on success, this points to the single response that corresponds
5389 * to the certID parameter. Points to the inside of pDecodedResponse.
5390 * It isn't a copy, don't free it.
5391 * RETURN:
5392 * SECSuccess iff the response is valid.
5393 */
5394 static SECStatus
5395 ocsp_GetDecodedVerifiedSingleResponseForID(CERTCertDBHandle *handle,
5396 CERTOCSPCertID *certID,
5397 CERTCertificate *cert,
5398 PRTime time,
5399 void *pwArg,
5400 const SECItem *encodedResponse,
5401 CERTOCSPResponse **pDecodedResponse,
5402 CERTOCSPSingleResponse **pSingle)
5403 {
5404 CERTCertificate *signerCert = NULL;
5405 CERTCertificate *issuerCert = NULL;
5406 SECStatus rv = SECFailure;
5407
5408 if (!pSingle || !pDecodedResponse) {
5409 return SECFailure;
5410 }
5411 *pSingle = NULL;
5412 *pDecodedResponse = CERT_DecodeOCSPResponse(encodedResponse);
5413 if (!*pDecodedResponse) {
5414 return SECFailure;
5415 }
5416
5417 /*
5418 * Okay, we at least have a response that *looks* like a response!
5419 * Now see if the overall response status value is good or not.
5420 * If not, we set an error and give up. (It means that either the
5421 * server had a problem, or it didn't like something about our
5422 * request. Either way there is nothing to do but give up.)
5423 * Otherwise, we continue to find the actual per-cert status
5424 * in the response.
5425 */
5426 if (CERT_GetOCSPResponseStatus(*pDecodedResponse) != SECSuccess) {
5427 goto loser;
5428 }
5429
5430 /*
5431 * If we've made it this far, we expect a response with a good signature.
5432 * So, check for that.
5433 */
5434 issuerCert = CERT_FindCertIssuer(cert, time, certUsageAnyCA);
5435 rv = CERT_VerifyOCSPResponseSignature(*pDecodedResponse, handle, pwArg,
5436 &signerCert, issuerCert);
5437 if (rv != SECSuccess) {
5438 goto loser;
5439 }
5440
5441 PORT_Assert(signerCert != NULL); /* internal consistency check */
5442 /* XXX probably should set error, return failure if signerCert is null */
5443
5444 /*
5445 * Again, we are only doing one request for one cert.
5446 * XXX When we handle cert chains, the following code will obviously
5447 * have to be modified, in coordation with the code above that will
5448 * have to determine how to make multiple requests, etc.
5449 */
5450 rv = ocsp_GetVerifiedSingleResponseForCertID(handle, *pDecodedResponse, cert ID,
5451 signerCert, time, pSingle);
5452 loser:
5453 if (issuerCert != NULL)
5454 CERT_DestroyCertificate(issuerCert);
5455 if (signerCert != NULL)
5456 CERT_DestroyCertificate(signerCert);
5457 return rv;
5458 }
5459
5460 /*
5461 * FUNCTION: ocsp_CacheSingleResponse
5462 * This function requires that the caller has checked that the response
5463 * is valid and verified.
5464 * The (positive or negative) valid response will be used to update the cache.
5465 * INPUTS:
5466 * CERTOCSPCertID *certID
5467 * the cert ID corresponding to |cert|
5468 * PRBool *certIDWasConsumed
5469 * (output) on return, this is true iff |certID| was consumed by this
5470 * function.
5471 */
5472 void
5473 ocsp_CacheSingleResponse(CERTOCSPCertID *certID,
5474 CERTOCSPSingleResponse *single,
5475 PRBool *certIDWasConsumed)
5476 {
5477 if (single != NULL) {
5478 PR_EnterMonitor(OCSP_Global.monitor);
5479 if (OCSP_Global.maxCacheEntries >= 0) {
5480 ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, single,
5481 certIDWasConsumed);
5482 /* ignore cache update failures */
5483 }
5484 PR_ExitMonitor(OCSP_Global.monitor);
5485 }
5486 }
5487
5488 SECStatus
5489 ocsp_GetVerifiedSingleResponseForCertID(CERTCertDBHandle *handle,
5490 CERTOCSPResponse *response,
5491 CERTOCSPCertID *certID,
5492 CERTCertificate *signerCert,
5493 PRTime time,
5494 CERTOCSPSingleResponse
5495 **pSingleResponse)
5496 {
5497 SECStatus rv;
5498 ocspResponseData *responseData;
5499 PRTime producedAt;
5500 CERTOCSPSingleResponse *single;
5501
5502 /*
5503 * The ResponseData part is the real guts of the response.
5504 */
5505 responseData = ocsp_GetResponseData(response, NULL);
5506 if (responseData == NULL) {
5507 rv = SECFailure;
5508 goto loser;
5509 }
5510
5511 /*
5512 * There is one producedAt time for the entire response (and a separate
5513 * thisUpdate time for each individual single response). We need to
5514 * compare them, so get the overall time to pass into the check of each
5515 * single response.
5516 */
5517 rv = DER_GeneralizedTimeToTime(&producedAt, &responseData->producedAt);
5518 if (rv != SECSuccess)
5519 goto loser;
5520
5521 single = ocsp_GetSingleResponseForCertID(responseData->responses,
5522 handle, certID);
5523 if (single == NULL) {
5524 rv = SECFailure;
5525 goto loser;
5526 }
5527
5528 rv = ocsp_VerifySingleResponse(single, handle, signerCert, producedAt);
5529 if (rv != SECSuccess)
5530 goto loser;
5531 *pSingleResponse = single;
5532
5533 loser:
5534 return rv;
5535 }
5536
5537 SECStatus
5538 CERT_GetOCSPStatusForCertID(CERTCertDBHandle *handle,
5539 CERTOCSPResponse *response,
5540 CERTOCSPCertID *certID,
5541 CERTCertificate *signerCert,
5542 PRTime time)
5543 {
5544 /*
5545 * We do not update the cache, because:
5546 *
5547 * CERT_GetOCSPStatusForCertID is an old exported API that was introduced
5548 * before the OCSP cache got implemented.
5549 *
5550 * The implementation of helper function cert_ProcessOCSPResponse
5551 * requires the ability to transfer ownership of the the given certID to
5552 * the cache. The external API doesn't allow us to prevent the caller from
5553 * destroying the certID. We don't have the original certificate available,
5554 * therefore we are unable to produce another certID object (that could
5555 * be stored in the cache).
5556 *
5557 * Should we ever implement code to produce a deep copy of certID,
5558 * then this could be changed to allow updating the cache.
5559 * The duplication would have to be done in
5560 * cert_ProcessOCSPResponse, if the out parameter to indicate
5561 * a transfer of ownership is NULL.
5562 */
5563 return cert_ProcessOCSPResponse(handle, response, certID,
5564 signerCert, time,
5565 NULL, NULL);
5566 }
5567
5568 /*
5569 * The first 5 parameters match the definition of CERT_GetOCSPStatusForCertID.
5570 */
5571 SECStatus
5572 cert_ProcessOCSPResponse(CERTCertDBHandle *handle,
5573 CERTOCSPResponse *response,
5574 CERTOCSPCertID *certID,
5575 CERTCertificate *signerCert,
5576 PRTime time,
5577 PRBool *certIDWasConsumed,
5578 SECStatus *cacheUpdateStatus)
5579 {
5580 SECStatus rv;
5581 SECStatus rv_cache = SECSuccess;
5582 CERTOCSPSingleResponse *single = NULL;
5583
5584 rv = ocsp_GetVerifiedSingleResponseForCertID(handle, response, certID,
5585 signerCert, time, &single);
5586 if (rv == SECSuccess) {
5587 /*
5588 * Check whether the status says revoked, and if so
5589 * how that compares to the time value passed into this routine.
5590 */
5591 rv = ocsp_SingleResponseCertHasGoodStatus(single, time);
5592 }
5593
5594 if (certIDWasConsumed) {
5595 /*
5596 * We don't have copy-of-certid implemented. In order to update
5597 * the cache, the caller must supply an out variable
5598 * certIDWasConsumed, allowing us to return ownership status.
5599 */
5600
5601 PR_EnterMonitor(OCSP_Global.monitor);
5602 if (OCSP_Global.maxCacheEntries >= 0) {
5603 /* single == NULL means: remember response failure */
5604 rv_cache =
5605 ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID,
5606 single, certIDWasConsumed);
5607 }
5608 PR_ExitMonitor(OCSP_Global.monitor);
5609 if (cacheUpdateStatus) {
5610 *cacheUpdateStatus = rv_cache;
5611 }
5612 }
5613
5614 return rv;
5615 }
5616
5617 SECStatus
5618 cert_RememberOCSPProcessingFailure(CERTOCSPCertID *certID,
5619 PRBool *certIDWasConsumed)
5620 {
5621 SECStatus rv = SECSuccess;
5622 PR_EnterMonitor(OCSP_Global.monitor);
5623 if (OCSP_Global.maxCacheEntries >= 0) {
5624 rv = ocsp_CreateOrUpdateCacheEntry(&OCSP_Global.cache, certID, NULL,
5625 certIDWasConsumed);
5626 }
5627 PR_ExitMonitor(OCSP_Global.monitor);
5628 return rv;
5629 }
5630
5631 /*
5632 * Disable status checking and destroy related structures/data.
5633 */
5634 static SECStatus
5635 ocsp_DestroyStatusChecking(CERTStatusConfig *statusConfig)
5636 {
5637 ocspCheckingContext *statusContext;
5638
5639 /*
5640 * Disable OCSP checking
5641 */
5642 statusConfig->statusChecker = NULL;
5643
5644 statusContext = statusConfig->statusContext;
5645 PORT_Assert(statusContext != NULL);
5646 if (statusContext == NULL)
5647 return SECFailure;
5648
5649 if (statusContext->defaultResponderURI != NULL)
5650 PORT_Free(statusContext->defaultResponderURI);
5651 if (statusContext->defaultResponderNickname != NULL)
5652 PORT_Free(statusContext->defaultResponderNickname);
5653
5654 PORT_Free(statusContext);
5655 statusConfig->statusContext = NULL;
5656
5657 PORT_Free(statusConfig);
5658
5659 return SECSuccess;
5660 }
5661
5662 /*
5663 * FUNCTION: CERT_DisableOCSPChecking
5664 * Turns off OCSP checking for the given certificate database.
5665 * This routine disables OCSP checking. Though it will return
5666 * SECFailure if OCSP checking is not enabled, it is "safe" to
5667 * call it that way and just ignore the return value, if it is
5668 * easier to just call it than to "remember" whether it is enabled.
5669 * INPUTS:
5670 * CERTCertDBHandle *handle
5671 * Certificate database for which OCSP checking will be disabled.
5672 * RETURN:
5673 * Returns SECFailure if an error occurred (usually means that OCSP
5674 * checking was not enabled or status contexts were not initialized --
5675 * error set will be SEC_ERROR_OCSP_NOT_ENABLED); SECSuccess otherwise.
5676 */
5677 SECStatus
5678 CERT_DisableOCSPChecking(CERTCertDBHandle *handle)
5679 {
5680 CERTStatusConfig *statusConfig;
5681 ocspCheckingContext *statusContext;
5682
5683 if (handle == NULL) {
5684 PORT_SetError(SEC_ERROR_INVALID_ARGS);
5685 return SECFailure;
5686 }
5687
5688 statusConfig = CERT_GetStatusConfig(handle);
5689 statusContext = ocsp_GetCheckingContext(handle);
5690 if (statusContext == NULL)
5691 return SECFailure;
5692
5693 if (statusConfig->statusChecker != CERT_CheckOCSPStatus) {
5694 /*
5695 * Status configuration is present, but either not currently
5696 * enabled or not for OCSP.
5697 */
5698 PORT_SetError(SEC_ERROR_OCSP_NOT_ENABLED);
5699 return SECFailure;
5700 }
5701
5702 /* cache no longer necessary */
5703 CERT_ClearOCSPCache();
5704
5705 /*
5706 * This is how we disable status checking. Everything else remains
5707 * in place in case we are enabled again.
5708 */
5709 statusConfig->statusChecker = NULL;
5710
5711 return SECSuccess;
5712 }
5713
5714 /*
5715 * Allocate and initialize the informational structures for status checking.
5716 * This is done when some configuration of OCSP is being done or when OCSP
5717 * checking is being turned on, whichever comes first.
5718 */
5719 static SECStatus
5720 ocsp_InitStatusChecking(CERTCertDBHandle *handle)
5721 {
5722 CERTStatusConfig *statusConfig = NULL;
5723 ocspCheckingContext *statusContext = NULL;
5724
5725 PORT_Assert(CERT_GetStatusConfig(handle) == NULL);
5726 if (CERT_GetStatusConfig(handle) != NULL) {
5727 /* XXX or call statusConfig->statusDestroy and continue? */
5728 return SECFailure;
5729 }
5730
5731 statusConfig = PORT_ZNew(CERTStatusConfig);
5732 if (statusConfig == NULL)
5733 goto loser;
5734
5735 statusContext = PORT_ZNew(ocspCheckingContext);
5736 if (statusContext == NULL)
5737 goto loser;
5738
5739 statusConfig->statusDestroy = ocsp_DestroyStatusChecking;
5740 statusConfig->statusContext = statusContext;
5741
5742 CERT_SetStatusConfig(handle, statusConfig);
5743
5744 return SECSuccess;
5745
5746 loser:
5747 if (statusConfig != NULL)
5748 PORT_Free(statusConfig);
5749 return SECFailure;
5750 }
5751
5752 /*
5753 * FUNCTION: CERT_EnableOCSPChecking
5754 * Turns on OCSP checking for the given certificate database.
5755 * INPUTS:
5756 * CERTCertDBHandle *handle
5757 * Certificate database for which OCSP checking will be enabled.
5758 * RETURN:
5759 * Returns SECFailure if an error occurred (likely only problem
5760 * allocating memory); SECSuccess otherwise.
5761 */
5762 SECStatus
5763 CERT_EnableOCSPChecking(CERTCertDBHandle *handle)
5764 {
5765 CERTStatusConfig *statusConfig;
5766
5767 SECStatus rv;
5768
5769 if (handle == NULL) {
5770 PORT_SetError(SEC_ERROR_INVALID_ARGS);
5771 return SECFailure;
5772 }
5773
5774 statusConfig = CERT_GetStatusConfig(handle);
5775 if (statusConfig == NULL) {
5776 rv = ocsp_InitStatusChecking(handle);
5777 if (rv != SECSuccess)
5778 return rv;
5779
5780 /* Get newly established value */
5781 statusConfig = CERT_GetStatusConfig(handle);
5782 PORT_Assert(statusConfig != NULL);
5783 }
5784
5785 /*
5786 * Setting the checker function is what really enables the checking
5787 * when each cert verification is done.
5788 */
5789 statusConfig->statusChecker = CERT_CheckOCSPStatus;
5790
5791 return SECSuccess;
5792 }
5793
5794 /*
5795 * FUNCTION: CERT_SetOCSPDefaultResponder
5796 * Specify the location and cert of the default responder.
5797 * If OCSP checking is already enabled *and* use of a default responder
5798 * is also already enabled, all OCSP checking from now on will go directly
5799 * to the specified responder. If OCSP checking is not enabled, or if
5800 * it is but use of a default responder is not enabled, the information
5801 * will be recorded and take effect whenever both are enabled.
5802 * INPUTS:
5803 * CERTCertDBHandle *handle
5804 * Cert database on which OCSP checking should use the default responder.
5805 * char *url
5806 * The location of the default responder (e.g. "http://foo.com:80/ocsp")
5807 * Note that the location will not be tested until the first attempt
5808 * to send a request there.
5809 * char *name
5810 * The nickname of the cert to trust (expected) to sign the OCSP responses.
5811 * If the corresponding cert cannot be found, SECFailure is returned.
5812 * RETURN:
5813 * Returns SECFailure if an error occurred; SECSuccess otherwise.
5814 * The most likely error is that the cert for "name" could not be found
5815 * (probably SEC_ERROR_UNKNOWN_CERT). Other errors are low-level (no memory,
5816 * bad database, etc.).
5817 */
5818 SECStatus
5819 CERT_SetOCSPDefaultResponder(CERTCertDBHandle *handle,
5820 const char *url, const char *name)
5821 {
5822 CERTCertificate *cert;
5823 ocspCheckingContext *statusContext;
5824 char *url_copy = NULL;
5825 char *name_copy = NULL;
5826 SECStatus rv;
5827
5828 if (handle == NULL || url == NULL || name == NULL) {
5829 /*
5830 * XXX When interface is exported, probably want better errors;
5831 * perhaps different one for each parameter.
5832 */
5833 PORT_SetError(SEC_ERROR_INVALID_ARGS);
5834 return SECFailure;
5835 }
5836
5837 /*
5838 * Find the certificate for the specified nickname. Do this first
5839 * because it seems the most likely to fail.
5840 *
5841 * XXX Shouldn't need that cast if the FindCertByNickname interface
5842 * used const to convey that it does not modify the name. Maybe someday.
5843 */
5844 cert = CERT_FindCertByNickname(handle, (char *)name);
5845 if (cert == NULL) {
5846 /*
5847 * look for the cert on an external token.
5848 */
5849 cert = PK11_FindCertFromNickname((char *)name, NULL);
5850 }
5851 if (cert == NULL)
5852 return SECFailure;
5853
5854 /*
5855 * Make a copy of the url and nickname.
5856 */
5857 url_copy = PORT_Strdup(url);
5858 name_copy = PORT_Strdup(name);
5859 if (url_copy == NULL || name_copy == NULL) {
5860 rv = SECFailure;
5861 goto loser;
5862 }
5863
5864 statusContext = ocsp_GetCheckingContext(handle);
5865
5866 /*
5867 * Allocate and init the context if it doesn't already exist.
5868 */
5869 if (statusContext == NULL) {
5870 rv = ocsp_InitStatusChecking(handle);
5871 if (rv != SECSuccess)
5872 goto loser;
5873
5874 statusContext = ocsp_GetCheckingContext(handle);
5875 PORT_Assert(statusContext != NULL); /* extreme paranoia */
5876 }
5877
5878 /*
5879 * Note -- we do not touch the status context until after all of
5880 * the steps which could cause errors. If something goes wrong,
5881 * we want to leave things as they were.
5882 */
5883
5884 /*
5885 * Get rid of old url and name if there.
5886 */
5887 if (statusContext->defaultResponderNickname != NULL)
5888 PORT_Free(statusContext->defaultResponderNickname);
5889 if (statusContext->defaultResponderURI != NULL)
5890 PORT_Free(statusContext->defaultResponderURI);
5891
5892 /*
5893 * And replace them with the new ones.
5894 */
5895 statusContext->defaultResponderURI = url_copy;
5896 statusContext->defaultResponderNickname = name_copy;
5897
5898 /*
5899 * If there was already a cert in place, get rid of it and replace it.
5900 * Otherwise, we are not currently enabled, so we don't want to save it;
5901 * it will get re-found and set whenever use of a default responder is
5902 * enabled.
5903 */
5904 if (statusContext->defaultResponderCert != NULL) {
5905 CERT_DestroyCertificate(statusContext->defaultResponderCert);
5906 statusContext->defaultResponderCert = cert;
5907 /*OCSP enabled, switching responder: clear cache*/
5908 CERT_ClearOCSPCache();
5909 } else {
5910 PORT_Assert(statusContext->useDefaultResponder == PR_FALSE);
5911 CERT_DestroyCertificate(cert);
5912 /*OCSP currently not enabled, no need to clear cache*/
5913 }
5914
5915 return SECSuccess;
5916
5917 loser:
5918 CERT_DestroyCertificate(cert);
5919 if (url_copy != NULL)
5920 PORT_Free(url_copy);
5921 if (name_copy != NULL)
5922 PORT_Free(name_copy);
5923 return rv;
5924 }
5925
5926 /*
5927 * FUNCTION: CERT_EnableOCSPDefaultResponder
5928 * Turns on use of a default responder when OCSP checking.
5929 * If OCSP checking is already enabled, this will make subsequent checks
5930 * go directly to the default responder. (The location of the responder
5931 * and the nickname of the responder cert must already be specified.)
5932 * If OCSP checking is not enabled, this will be recorded and take effect
5933 * whenever it is enabled.
5934 * INPUTS:
5935 * CERTCertDBHandle *handle
5936 * Cert database on which OCSP checking should use the default responder.
5937 * RETURN:
5938 * Returns SECFailure if an error occurred; SECSuccess otherwise.
5939 * No errors are especially likely unless the caller did not previously
5940 * perform a successful call to SetOCSPDefaultResponder (in which case
5941 * the error set will be SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER).
5942 */
5943 SECStatus
5944 CERT_EnableOCSPDefaultResponder(CERTCertDBHandle *handle)
5945 {
5946 ocspCheckingContext *statusContext;
5947 CERTCertificate *cert;
5948 SECStatus rv;
5949 SECCertificateUsage usage;
5950
5951 if (handle == NULL) {
5952 PORT_SetError(SEC_ERROR_INVALID_ARGS);
5953 return SECFailure;
5954 }
5955
5956 statusContext = ocsp_GetCheckingContext(handle);
5957
5958 if (statusContext == NULL) {
5959 /*
5960 * Strictly speaking, the error already set is "correct",
5961 * but cover over it with one more helpful in this context.
5962 */
5963 PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
5964 return SECFailure;
5965 }
5966
5967 if (statusContext->defaultResponderURI == NULL) {
5968 PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
5969 return SECFailure;
5970 }
5971
5972 if (statusContext->defaultResponderNickname == NULL) {
5973 PORT_SetError(SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER);
5974 return SECFailure;
5975 }
5976
5977 /*
5978 * Find the cert for the nickname.
5979 */
5980 cert = CERT_FindCertByNickname(handle,
5981 statusContext->defaultResponderNickname);
5982 if (cert == NULL) {
5983 cert = PK11_FindCertFromNickname(statusContext->defaultResponderNickname ,
5984 NULL);
5985 }
5986 /*
5987 * We should never have trouble finding the cert, because its
5988 * existence should have been proven by SetOCSPDefaultResponder.
5989 */
5990 PORT_Assert(cert != NULL);
5991 if (cert == NULL)
5992 return SECFailure;
5993
5994 /*
5995 * Supplied cert should at least have a signing capability in order for us
5996 * to use it as a trusted responder cert. Ability to sign is guaranteed if
5997 * cert is validated to have any set of the usages below.
5998 */
5999 rv = CERT_VerifyCertificateNow(handle, cert, PR_TRUE,
6000 certificateUsageCheckAllUsages,
6001 NULL, &usage);
6002 if (rv != SECSuccess || (usage & (certificateUsageSSLClient |
6003 certificateUsageSSLServer |
6004 certificateUsageSSLServerWithStepUp |
6005 certificateUsageEmailSigner |
6006 certificateUsageObjectSigner |
6007 certificateUsageStatusResponder |
6008 certificateUsageSSLCA)) == 0) {
6009 PORT_SetError(SEC_ERROR_OCSP_RESPONDER_CERT_INVALID);
6010 return SECFailure;
6011 }
6012
6013 /*
6014 * And hang onto it.
6015 */
6016 statusContext->defaultResponderCert = cert;
6017
6018 /* we don't allow a mix of cache entries from different responders */
6019 CERT_ClearOCSPCache();
6020
6021 /*
6022 * Finally, record the fact that we now have a default responder enabled.
6023 */
6024 statusContext->useDefaultResponder = PR_TRUE;
6025 return SECSuccess;
6026 }
6027
6028 /*
6029 * FUNCTION: CERT_DisableOCSPDefaultResponder
6030 * Turns off use of a default responder when OCSP checking.
6031 * (Does nothing if use of a default responder is not enabled.)
6032 * INPUTS:
6033 * CERTCertDBHandle *handle
6034 * Cert database on which OCSP checking should stop using a default
6035 * responder.
6036 * RETURN:
6037 * Returns SECFailure if an error occurred; SECSuccess otherwise.
6038 * Errors very unlikely (like random memory corruption...).
6039 */
6040 SECStatus
6041 CERT_DisableOCSPDefaultResponder(CERTCertDBHandle *handle)
6042 {
6043 CERTStatusConfig *statusConfig;
6044 ocspCheckingContext *statusContext;
6045 CERTCertificate *tmpCert;
6046
6047 if (handle == NULL) {
6048 PORT_SetError(SEC_ERROR_INVALID_ARGS);
6049 return SECFailure;
6050 }
6051
6052 statusConfig = CERT_GetStatusConfig(handle);
6053 if (statusConfig == NULL)
6054 return SECSuccess;
6055
6056 statusContext = ocsp_GetCheckingContext(handle);
6057 PORT_Assert(statusContext != NULL);
6058 if (statusContext == NULL)
6059 return SECFailure;
6060
6061 tmpCert = statusContext->defaultResponderCert;
6062 if (tmpCert) {
6063 statusContext->defaultResponderCert = NULL;
6064 CERT_DestroyCertificate(tmpCert);
6065 /* we don't allow a mix of cache entries from different responders */
6066 CERT_ClearOCSPCache();
6067 }
6068
6069 /*
6070 * Finally, record the fact.
6071 */
6072 statusContext->useDefaultResponder = PR_FALSE;
6073 return SECSuccess;
6074 }
6075
6076 SECStatus
6077 CERT_ForcePostMethodForOCSP(PRBool forcePost)
6078 {
6079 if (!OCSP_Global.monitor) {
6080 PORT_SetError(SEC_ERROR_NOT_INITIALIZED);
6081 return SECFailure;
6082 }
6083
6084 PR_EnterMonitor(OCSP_Global.monitor);
6085 OCSP_Global.forcePost = forcePost;
6086 PR_ExitMonitor(OCSP_Global.monitor);
6087
6088 return SECSuccess;
6089 }
6090
6091 SECStatus
6092 CERT_GetOCSPResponseStatus(CERTOCSPResponse *response)
6093 {
6094 PORT_Assert(response);
6095 if (response->statusValue == ocspResponse_successful)
6096 return SECSuccess;
6097
6098 switch (response->statusValue) {
6099 case ocspResponse_malformedRequest:
6100 PORT_SetError(SEC_ERROR_OCSP_MALFORMED_REQUEST);
6101 break;
6102 case ocspResponse_internalError:
6103 PORT_SetError(SEC_ERROR_OCSP_SERVER_ERROR);
6104 break;
6105 case ocspResponse_tryLater:
6106 PORT_SetError(SEC_ERROR_OCSP_TRY_SERVER_LATER);
6107 break;
6108 case ocspResponse_sigRequired:
6109 /* XXX We *should* retry with a signature, if possible. */
6110 PORT_SetError(SEC_ERROR_OCSP_REQUEST_NEEDS_SIG);
6111 break;
6112 case ocspResponse_unauthorized:
6113 PORT_SetError(SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST);
6114 break;
6115 case ocspResponse_unused:
6116 default:
6117 PORT_SetError(SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS);
6118 break;
6119 }
6120 return SECFailure;
6121 }
OLDNEW
« no previous file with comments | « nss/lib/certhigh/ocsp.h ('k') | nss/lib/certhigh/ocspi.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698