2003-08-05 19:11:04 +02:00
|
|
|
|
/* certlist.c - build list of certificates
|
2008-03-20 16:31:43 +01:00
|
|
|
|
* Copyright (C) 2001, 2003, 2004, 2005, 2007,
|
2011-12-07 16:15:15 +01:00
|
|
|
|
* 2008, 2011 Free Software Foundation, Inc.
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*
|
|
|
|
|
|
* This file is part of GnuPG.
|
|
|
|
|
|
*
|
|
|
|
|
|
* GnuPG is free software; you can redistribute it and/or modify
|
|
|
|
|
|
* it under the terms of the GNU General Public License as published by
|
2007-07-04 21:49:40 +02:00
|
|
|
|
* the Free Software Foundation; either version 3 of the License, or
|
2003-08-05 19:11:04 +02:00
|
|
|
|
* (at your option) any later version.
|
|
|
|
|
|
*
|
|
|
|
|
|
* GnuPG is distributed in the hope that it will be useful,
|
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
|
|
*
|
|
|
|
|
|
* You should have received a copy of the GNU General Public License
|
2016-11-05 12:02:19 +01:00
|
|
|
|
* along with this program; if not, see <https://www.gnu.org/licenses/>.
|
2003-08-05 19:11:04 +02:00
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
|
#include <stdio.h>
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
#include <errno.h>
|
2011-02-04 12:57:53 +01:00
|
|
|
|
#include <unistd.h>
|
2003-08-05 19:11:04 +02:00
|
|
|
|
#include <time.h>
|
|
|
|
|
|
#include <assert.h>
|
|
|
|
|
|
|
|
|
|
|
|
#include "gpgsm.h"
|
|
|
|
|
|
#include <gcrypt.h>
|
|
|
|
|
|
#include <ksba.h>
|
|
|
|
|
|
|
|
|
|
|
|
#include "keydb.h"
|
2017-03-07 12:21:23 +01:00
|
|
|
|
#include "../common/i18n.h"
|
2004-02-20 14:46:21 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static const char oid_kp_serverAuth[] = "1.3.6.1.5.5.7.3.1";
|
|
|
|
|
|
static const char oid_kp_clientAuth[] = "1.3.6.1.5.5.7.3.2";
|
|
|
|
|
|
static const char oid_kp_codeSigning[] = "1.3.6.1.5.5.7.3.3";
|
|
|
|
|
|
static const char oid_kp_emailProtection[]= "1.3.6.1.5.5.7.3.4";
|
|
|
|
|
|
static const char oid_kp_timeStamping[] = "1.3.6.1.5.5.7.3.8";
|
2004-08-24 20:13:15 +02:00
|
|
|
|
static const char oid_kp_ocspSigning[] = "1.3.6.1.5.5.7.3.9";
|
2004-02-20 14:46:21 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
/* Return 0 if the cert is usable for encryption. A MODE of 0 checks
|
|
|
|
|
|
for signing a MODE of 1 checks for encryption, a MODE of 2 checks
|
|
|
|
|
|
for verification and a MODE of 3 for decryption (just for
|
2004-08-18 16:38:47 +02:00
|
|
|
|
debugging). MODE 4 is for certificate signing, MODE for COSP
|
|
|
|
|
|
response signing. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
static int
|
2003-12-17 13:28:24 +01:00
|
|
|
|
cert_usage_p (ksba_cert_t cert, int mode)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2003-12-17 13:28:24 +01:00
|
|
|
|
gpg_error_t err;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
unsigned int use;
|
2004-02-20 14:46:21 +01:00
|
|
|
|
char *extkeyusages;
|
2004-08-18 16:38:47 +02:00
|
|
|
|
int have_ocsp_signing = 0;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2004-02-20 14:46:21 +01:00
|
|
|
|
err = ksba_cert_get_ext_key_usages (cert, &extkeyusages);
|
2007-07-04 21:49:40 +02:00
|
|
|
|
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
|
2004-02-20 14:46:21 +01:00
|
|
|
|
err = 0; /* no policy given */
|
|
|
|
|
|
if (!err)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2004-02-20 14:46:21 +01:00
|
|
|
|
unsigned int extusemask = ~0; /* Allow all. */
|
|
|
|
|
|
|
|
|
|
|
|
if (extkeyusages)
|
|
|
|
|
|
{
|
|
|
|
|
|
char *p, *pend;
|
|
|
|
|
|
int any_critical = 0;
|
|
|
|
|
|
|
|
|
|
|
|
extusemask = 0;
|
|
|
|
|
|
|
|
|
|
|
|
p = extkeyusages;
|
|
|
|
|
|
while (p && (pend=strchr (p, ':')))
|
|
|
|
|
|
{
|
|
|
|
|
|
*pend++ = 0;
|
|
|
|
|
|
/* Only care about critical flagged usages. */
|
|
|
|
|
|
if ( *pend == 'C' )
|
|
|
|
|
|
{
|
|
|
|
|
|
any_critical = 1;
|
|
|
|
|
|
if ( !strcmp (p, oid_kp_serverAuth))
|
|
|
|
|
|
extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE
|
|
|
|
|
|
| KSBA_KEYUSAGE_KEY_ENCIPHERMENT
|
|
|
|
|
|
| KSBA_KEYUSAGE_KEY_AGREEMENT);
|
|
|
|
|
|
else if ( !strcmp (p, oid_kp_clientAuth))
|
|
|
|
|
|
extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE
|
|
|
|
|
|
| KSBA_KEYUSAGE_KEY_AGREEMENT);
|
|
|
|
|
|
else if ( !strcmp (p, oid_kp_codeSigning))
|
|
|
|
|
|
extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE);
|
|
|
|
|
|
else if ( !strcmp (p, oid_kp_emailProtection))
|
|
|
|
|
|
extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE
|
|
|
|
|
|
| KSBA_KEYUSAGE_NON_REPUDIATION
|
|
|
|
|
|
| KSBA_KEYUSAGE_KEY_ENCIPHERMENT
|
|
|
|
|
|
| KSBA_KEYUSAGE_KEY_AGREEMENT);
|
|
|
|
|
|
else if ( !strcmp (p, oid_kp_timeStamping))
|
|
|
|
|
|
extusemask |= (KSBA_KEYUSAGE_DIGITAL_SIGNATURE
|
|
|
|
|
|
| KSBA_KEYUSAGE_NON_REPUDIATION);
|
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-08-18 16:38:47 +02:00
|
|
|
|
/* This is a hack to cope with OCSP. Note that we do
|
|
|
|
|
|
not yet fully comply with the requirements and that
|
|
|
|
|
|
the entire CRL/OCSP checking thing should undergo a
|
|
|
|
|
|
thorough review and probably redesign. */
|
|
|
|
|
|
if ( !strcmp (p, oid_kp_ocspSigning))
|
|
|
|
|
|
have_ocsp_signing = 1;
|
|
|
|
|
|
|
2004-02-20 14:46:21 +01:00
|
|
|
|
if ((p = strchr (pend, '\n')))
|
|
|
|
|
|
p++;
|
|
|
|
|
|
}
|
|
|
|
|
|
xfree (extkeyusages);
|
|
|
|
|
|
extkeyusages = NULL;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2004-02-20 14:46:21 +01:00
|
|
|
|
if (!any_critical)
|
|
|
|
|
|
extusemask = ~0; /* Reset to the don't care mask. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
err = ksba_cert_get_key_usage (cert, &use);
|
2007-07-04 21:49:40 +02:00
|
|
|
|
if (gpg_err_code (err) == GPG_ERR_NO_DATA)
|
2004-02-20 14:46:21 +01:00
|
|
|
|
{
|
|
|
|
|
|
err = 0;
|
|
|
|
|
|
if (opt.verbose && mode < 2)
|
|
|
|
|
|
log_info (_("no key usage specified - assuming all usages\n"));
|
|
|
|
|
|
use = ~0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* Apply extKeyUsage. */
|
|
|
|
|
|
use &= extusemask;
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
if (err)
|
2011-02-04 12:57:53 +01:00
|
|
|
|
{
|
2003-08-05 19:11:04 +02:00
|
|
|
|
log_error (_("error getting key usage information: %s\n"),
|
2003-11-12 16:17:44 +01:00
|
|
|
|
gpg_strerror (err));
|
2004-02-20 14:46:21 +01:00
|
|
|
|
xfree (extkeyusages);
|
2003-11-12 16:17:44 +01:00
|
|
|
|
return err;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
if (mode == 4)
|
|
|
|
|
|
{
|
|
|
|
|
|
if ((use & (KSBA_KEYUSAGE_KEY_CERT_SIGN)))
|
|
|
|
|
|
return 0;
|
2012-08-22 18:54:38 +02:00
|
|
|
|
log_info (_("certificate should not have "
|
2004-04-05 19:25:21 +02:00
|
|
|
|
"been used for certification\n"));
|
2003-08-05 19:11:04 +02:00
|
|
|
|
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2004-08-18 16:38:47 +02:00
|
|
|
|
if (mode == 5)
|
|
|
|
|
|
{
|
2011-02-04 12:57:53 +01:00
|
|
|
|
if (use != ~0
|
2004-08-18 16:38:47 +02:00
|
|
|
|
&& (have_ocsp_signing
|
|
|
|
|
|
|| (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
|
|
|
|
|
|
|KSBA_KEYUSAGE_CRL_SIGN))))
|
|
|
|
|
|
return 0;
|
2012-08-22 18:54:38 +02:00
|
|
|
|
log_info (_("certificate should not have "
|
2004-08-18 16:38:47 +02:00
|
|
|
|
"been used for OCSP response signing\n"));
|
|
|
|
|
|
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if ((use & ((mode&1)?
|
|
|
|
|
|
(KSBA_KEYUSAGE_KEY_ENCIPHERMENT|KSBA_KEYUSAGE_DATA_ENCIPHERMENT):
|
|
|
|
|
|
(KSBA_KEYUSAGE_DIGITAL_SIGNATURE|KSBA_KEYUSAGE_NON_REPUDIATION)))
|
|
|
|
|
|
)
|
|
|
|
|
|
return 0;
|
2004-02-20 14:46:21 +01:00
|
|
|
|
|
2012-08-22 18:54:38 +02:00
|
|
|
|
log_info (mode==3? _("certificate should not have been used for encryption\n"):
|
|
|
|
|
|
mode==2? _("certificate should not have been used for signing\n"):
|
2003-08-05 19:11:04 +02:00
|
|
|
|
mode==1? _("certificate is not usable for encryption\n"):
|
|
|
|
|
|
_("certificate is not usable for signing\n"));
|
|
|
|
|
|
return gpg_error (GPG_ERR_WRONG_KEY_USAGE);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Return 0 if the cert is usable for signing */
|
|
|
|
|
|
int
|
2003-12-17 13:28:24 +01:00
|
|
|
|
gpgsm_cert_use_sign_p (ksba_cert_t cert)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
return cert_usage_p (cert, 0);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Return 0 if the cert is usable for encryption */
|
|
|
|
|
|
int
|
2003-12-17 13:28:24 +01:00
|
|
|
|
gpgsm_cert_use_encrypt_p (ksba_cert_t cert)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
return cert_usage_p (cert, 1);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int
|
2003-12-17 13:28:24 +01:00
|
|
|
|
gpgsm_cert_use_verify_p (ksba_cert_t cert)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
return cert_usage_p (cert, 2);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int
|
2003-12-17 13:28:24 +01:00
|
|
|
|
gpgsm_cert_use_decrypt_p (ksba_cert_t cert)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
return cert_usage_p (cert, 3);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
int
|
2003-12-17 13:28:24 +01:00
|
|
|
|
gpgsm_cert_use_cert_p (ksba_cert_t cert)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
return cert_usage_p (cert, 4);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2004-08-18 16:38:47 +02:00
|
|
|
|
int
|
|
|
|
|
|
gpgsm_cert_use_ocsp_p (ksba_cert_t cert)
|
|
|
|
|
|
{
|
|
|
|
|
|
return cert_usage_p (cert, 5);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2011-12-07 16:15:15 +01:00
|
|
|
|
/* Return true if CERT has the well known private key extension. */
|
|
|
|
|
|
int
|
|
|
|
|
|
gpgsm_cert_has_well_known_private_key (ksba_cert_t cert)
|
|
|
|
|
|
{
|
|
|
|
|
|
int idx;
|
|
|
|
|
|
const char *oid;
|
|
|
|
|
|
|
|
|
|
|
|
for (idx=0; !ksba_cert_get_extension (cert, idx,
|
|
|
|
|
|
&oid, NULL, NULL, NULL);idx++)
|
|
|
|
|
|
if (!strcmp (oid, "1.3.6.1.4.1.11591.2.2.2") )
|
|
|
|
|
|
return 1; /* Yes. */
|
|
|
|
|
|
return 0; /* No. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
static int
|
2003-12-17 13:28:24 +01:00
|
|
|
|
same_subject_issuer (const char *subject, const char *issuer, ksba_cert_t cert)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
char *subject2 = ksba_cert_get_subject (cert, 0);
|
2008-03-20 16:31:43 +01:00
|
|
|
|
char *issuer2 = ksba_cert_get_issuer (cert, 0);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
int tmp;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
tmp = (subject && subject2
|
|
|
|
|
|
&& !strcmp (subject, subject2)
|
|
|
|
|
|
&& issuer && issuer2
|
|
|
|
|
|
&& !strcmp (issuer, issuer2));
|
|
|
|
|
|
xfree (subject2);
|
|
|
|
|
|
xfree (issuer2);
|
|
|
|
|
|
return tmp;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2007-08-23 19:41:22 +02:00
|
|
|
|
|
|
|
|
|
|
/* Return true if CERT_A is the same as CERT_B. */
|
|
|
|
|
|
int
|
|
|
|
|
|
gpgsm_certs_identical_p (ksba_cert_t cert_a, ksba_cert_t cert_b)
|
|
|
|
|
|
{
|
|
|
|
|
|
const unsigned char *img_a, *img_b;
|
|
|
|
|
|
size_t len_a, len_b;
|
|
|
|
|
|
|
|
|
|
|
|
img_a = ksba_cert_get_image (cert_a, &len_a);
|
|
|
|
|
|
if (img_a)
|
|
|
|
|
|
{
|
|
|
|
|
|
img_b = ksba_cert_get_image (cert_b, &len_b);
|
|
|
|
|
|
if (img_b && len_a == len_b && !memcmp (img_a, img_b, len_a))
|
|
|
|
|
|
return 1; /* Identical. */
|
|
|
|
|
|
}
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
2003-12-17 18:12:14 +01:00
|
|
|
|
/* Return true if CERT is already contained in CERTLIST. */
|
|
|
|
|
|
static int
|
|
|
|
|
|
is_cert_in_certlist (ksba_cert_t cert, certlist_t certlist)
|
|
|
|
|
|
{
|
|
|
|
|
|
const unsigned char *img_a, *img_b;
|
|
|
|
|
|
size_t len_a, len_b;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2003-12-17 18:12:14 +01:00
|
|
|
|
img_a = ksba_cert_get_image (cert, &len_a);
|
|
|
|
|
|
if (img_a)
|
|
|
|
|
|
{
|
|
|
|
|
|
for ( ; certlist; certlist = certlist->next)
|
|
|
|
|
|
{
|
|
|
|
|
|
img_b = ksba_cert_get_image (certlist->cert, &len_b);
|
|
|
|
|
|
if (img_b && len_a == len_b && !memcmp (img_a, img_b, len_a))
|
|
|
|
|
|
return 1; /* Already contained. */
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* Add CERT to the list of certificates at CERTADDR but avoid
|
|
|
|
|
|
duplicates. */
|
2011-02-04 12:57:53 +01:00
|
|
|
|
int
|
2003-12-17 18:12:14 +01:00
|
|
|
|
gpgsm_add_cert_to_certlist (ctrl_t ctrl, ksba_cert_t cert,
|
|
|
|
|
|
certlist_t *listaddr, int is_encrypt_to)
|
|
|
|
|
|
{
|
2008-10-20 15:53:23 +02:00
|
|
|
|
(void)ctrl;
|
|
|
|
|
|
|
2003-12-17 18:12:14 +01:00
|
|
|
|
if (!is_cert_in_certlist (cert, *listaddr))
|
|
|
|
|
|
{
|
|
|
|
|
|
certlist_t cl = xtrycalloc (1, sizeof *cl);
|
|
|
|
|
|
if (!cl)
|
2006-09-06 18:35:52 +02:00
|
|
|
|
return out_of_core ();
|
2003-12-17 18:12:14 +01:00
|
|
|
|
cl->cert = cert;
|
|
|
|
|
|
ksba_cert_ref (cert);
|
|
|
|
|
|
cl->next = *listaddr;
|
|
|
|
|
|
cl->is_encrypt_to = is_encrypt_to;
|
|
|
|
|
|
*listaddr = cl;
|
|
|
|
|
|
}
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
/* Add a certificate to a list of certificate and make sure that it is
|
|
|
|
|
|
a valid certificate. With SECRET set to true a secret key must be
|
2003-12-17 18:12:14 +01:00
|
|
|
|
available for the certificate. IS_ENCRYPT_TO sets the corresponding
|
|
|
|
|
|
flag in the new create LISTADDR item. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
int
|
2004-04-26 15:29:09 +02:00
|
|
|
|
gpgsm_add_to_certlist (ctrl_t ctrl, const char *name, int secret,
|
2006-09-06 18:35:52 +02:00
|
|
|
|
certlist_t *listaddr, int is_encrypt_to)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
int rc;
|
|
|
|
|
|
KEYDB_SEARCH_DESC desc;
|
|
|
|
|
|
KEYDB_HANDLE kh = NULL;
|
2003-12-17 13:28:24 +01:00
|
|
|
|
ksba_cert_t cert = NULL;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2011-04-25 23:56:47 +02:00
|
|
|
|
rc = classify_user_id (name, &desc, 0);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!rc)
|
|
|
|
|
|
{
|
2016-11-10 15:38:14 +01:00
|
|
|
|
kh = keydb_new ();
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!kh)
|
|
|
|
|
|
rc = gpg_error (GPG_ERR_ENOMEM);
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
int wrong_usage = 0;
|
2008-03-20 16:31:43 +01:00
|
|
|
|
char *first_subject = NULL;
|
|
|
|
|
|
char *first_issuer = NULL;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
|
|
|
|
|
get_next:
|
2016-11-10 17:01:19 +01:00
|
|
|
|
rc = keydb_search (ctrl, kh, &desc, 1);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!rc)
|
|
|
|
|
|
rc = keydb_get_cert (kh, &cert);
|
|
|
|
|
|
if (!rc)
|
|
|
|
|
|
{
|
2008-03-20 16:31:43 +01:00
|
|
|
|
if (!first_subject)
|
|
|
|
|
|
{
|
2017-02-20 22:19:50 +01:00
|
|
|
|
/* Save the subject and the issuer for key usage
|
2008-03-20 16:31:43 +01:00
|
|
|
|
and ambiguous name tests. */
|
|
|
|
|
|
first_subject = ksba_cert_get_subject (cert, 0);
|
|
|
|
|
|
first_issuer = ksba_cert_get_issuer (cert, 0);
|
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
rc = secret? gpgsm_cert_use_sign_p (cert)
|
|
|
|
|
|
: gpgsm_cert_use_encrypt_p (cert);
|
|
|
|
|
|
if (gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* There might be another certificate with the
|
|
|
|
|
|
correct usage, so we try again */
|
|
|
|
|
|
if (!wrong_usage)
|
|
|
|
|
|
{ /* save the first match */
|
|
|
|
|
|
wrong_usage = rc;
|
|
|
|
|
|
ksba_cert_release (cert);
|
|
|
|
|
|
cert = NULL;
|
|
|
|
|
|
goto get_next;
|
|
|
|
|
|
}
|
2008-03-20 16:31:43 +01:00
|
|
|
|
else if (same_subject_issuer (first_subject, first_issuer,
|
|
|
|
|
|
cert))
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
wrong_usage = rc;
|
|
|
|
|
|
ksba_cert_release (cert);
|
|
|
|
|
|
cert = NULL;
|
|
|
|
|
|
goto get_next;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
wrong_usage = rc;
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2003-12-16 17:31:16 +01:00
|
|
|
|
/* We want the error code from the first match in this case. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (rc && wrong_usage)
|
|
|
|
|
|
rc = wrong_usage;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!rc)
|
|
|
|
|
|
{
|
2007-08-23 19:41:22 +02:00
|
|
|
|
certlist_t dup_certs = NULL;
|
|
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
next_ambigious:
|
2016-11-10 17:01:19 +01:00
|
|
|
|
rc = keydb_search (ctrl, kh, &desc, 1);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (rc == -1)
|
|
|
|
|
|
rc = 0;
|
|
|
|
|
|
else if (!rc)
|
|
|
|
|
|
{
|
2003-12-17 13:28:24 +01:00
|
|
|
|
ksba_cert_t cert2 = NULL;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
|
|
|
|
|
/* If this is the first possible duplicate, add the original
|
2007-08-23 19:41:22 +02:00
|
|
|
|
certificate to our list of duplicates. */
|
|
|
|
|
|
if (!dup_certs)
|
|
|
|
|
|
gpgsm_add_cert_to_certlist (ctrl, cert, &dup_certs, 0);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2017-04-28 03:06:33 +02:00
|
|
|
|
/* We have to ignore ambiguous names as long as
|
2007-08-23 19:41:22 +02:00
|
|
|
|
there only fault is a bad key usage. This is
|
|
|
|
|
|
required to support encryption and signing
|
2008-01-29 17:04:57 +01:00
|
|
|
|
certificates of the same subject.
|
2007-08-23 19:41:22 +02:00
|
|
|
|
|
|
|
|
|
|
Further we ignore them if they are due to an
|
|
|
|
|
|
identical certificate (which may happen if a
|
2018-10-24 21:56:18 +02:00
|
|
|
|
certificate is accidentally duplicated in the
|
2007-08-23 19:41:22 +02:00
|
|
|
|
keybox). */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!keydb_get_cert (kh, &cert2))
|
|
|
|
|
|
{
|
2011-02-04 12:57:53 +01:00
|
|
|
|
int tmp = (same_subject_issuer (first_subject,
|
|
|
|
|
|
first_issuer,
|
2008-03-20 16:31:43 +01:00
|
|
|
|
cert2)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
&& ((gpg_err_code (
|
|
|
|
|
|
secret? gpgsm_cert_use_sign_p (cert2)
|
2007-08-23 19:41:22 +02:00
|
|
|
|
: gpgsm_cert_use_encrypt_p (cert2)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
)
|
|
|
|
|
|
) == GPG_ERR_WRONG_KEY_USAGE));
|
2007-08-23 19:41:22 +02:00
|
|
|
|
if (tmp)
|
|
|
|
|
|
gpgsm_add_cert_to_certlist (ctrl, cert2,
|
|
|
|
|
|
&dup_certs, 0);
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
|
|
|
|
|
if (is_cert_in_certlist (cert2, dup_certs))
|
|
|
|
|
|
tmp = 1;
|
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
ksba_cert_release (cert2);
|
|
|
|
|
|
if (tmp)
|
|
|
|
|
|
goto next_ambigious;
|
|
|
|
|
|
}
|
|
|
|
|
|
rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
|
|
|
|
|
|
}
|
2007-08-23 19:41:22 +02:00
|
|
|
|
gpgsm_release_certlist (dup_certs);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
2008-03-20 16:31:43 +01:00
|
|
|
|
xfree (first_subject);
|
|
|
|
|
|
xfree (first_issuer);
|
|
|
|
|
|
first_subject = NULL;
|
|
|
|
|
|
first_issuer = NULL;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
|
2003-12-17 18:12:14 +01:00
|
|
|
|
if (!rc && !is_cert_in_certlist (cert, *listaddr))
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2011-02-04 12:57:53 +01:00
|
|
|
|
if (!rc && secret)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2003-12-17 18:12:14 +01:00
|
|
|
|
char *p;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-12-17 18:12:14 +01:00
|
|
|
|
rc = gpg_error (GPG_ERR_NO_SECKEY);
|
|
|
|
|
|
p = gpgsm_get_keygrip_hexstring (cert);
|
|
|
|
|
|
if (p)
|
|
|
|
|
|
{
|
2004-04-26 15:29:09 +02:00
|
|
|
|
if (!gpgsm_agent_havekey (ctrl, p))
|
2003-12-17 18:12:14 +01:00
|
|
|
|
rc = 0;
|
|
|
|
|
|
xfree (p);
|
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
2003-12-17 18:12:14 +01:00
|
|
|
|
if (!rc)
|
2007-08-10 18:52:05 +02:00
|
|
|
|
rc = gpgsm_validate_chain (ctrl, cert, "", NULL,
|
|
|
|
|
|
0, NULL, 0, NULL);
|
2003-12-17 18:12:14 +01:00
|
|
|
|
if (!rc)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2006-09-06 18:35:52 +02:00
|
|
|
|
certlist_t cl = xtrycalloc (1, sizeof *cl);
|
2003-12-17 18:12:14 +01:00
|
|
|
|
if (!cl)
|
2006-09-06 18:35:52 +02:00
|
|
|
|
rc = out_of_core ();
|
2011-02-04 12:57:53 +01:00
|
|
|
|
else
|
2003-12-17 18:12:14 +01:00
|
|
|
|
{
|
|
|
|
|
|
cl->cert = cert; cert = NULL;
|
|
|
|
|
|
cl->next = *listaddr;
|
|
|
|
|
|
cl->is_encrypt_to = is_encrypt_to;
|
|
|
|
|
|
*listaddr = cl;
|
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
keydb_release (kh);
|
|
|
|
|
|
ksba_cert_release (cert);
|
|
|
|
|
|
return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2008-03-20 16:31:43 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
void
|
2006-09-06 18:35:52 +02:00
|
|
|
|
gpgsm_release_certlist (certlist_t list)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
while (list)
|
|
|
|
|
|
{
|
2006-09-06 18:35:52 +02:00
|
|
|
|
certlist_t cl = list->next;
|
2003-08-05 19:11:04 +02:00
|
|
|
|
ksba_cert_release (list->cert);
|
|
|
|
|
|
xfree (list);
|
|
|
|
|
|
list = cl;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
�
|
|
|
|
|
|
/* Like gpgsm_add_to_certlist, but look only for one certificate. No
|
2008-02-13 17:47:14 +01:00
|
|
|
|
chain validation is done. If KEYID is not NULL it is taken as an
|
2005-04-18 12:44:46 +02:00
|
|
|
|
additional filter value which must match the
|
|
|
|
|
|
subjectKeyIdentifier. */
|
2003-08-05 19:11:04 +02:00
|
|
|
|
int
|
2016-11-10 17:01:19 +01:00
|
|
|
|
gpgsm_find_cert (ctrl_t ctrl,
|
2017-10-24 17:29:04 +02:00
|
|
|
|
const char *name, ksba_sexp_t keyid, ksba_cert_t *r_cert,
|
|
|
|
|
|
int allow_ambiguous)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
int rc;
|
|
|
|
|
|
KEYDB_SEARCH_DESC desc;
|
|
|
|
|
|
KEYDB_HANDLE kh = NULL;
|
|
|
|
|
|
|
|
|
|
|
|
*r_cert = NULL;
|
2011-04-25 23:56:47 +02:00
|
|
|
|
rc = classify_user_id (name, &desc, 0);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!rc)
|
|
|
|
|
|
{
|
2016-11-10 15:38:14 +01:00
|
|
|
|
kh = keydb_new ();
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!kh)
|
|
|
|
|
|
rc = gpg_error (GPG_ERR_ENOMEM);
|
|
|
|
|
|
else
|
|
|
|
|
|
{
|
2005-04-18 12:44:46 +02:00
|
|
|
|
nextone:
|
2016-11-10 17:01:19 +01:00
|
|
|
|
rc = keydb_search (ctrl, kh, &desc, 1);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (!rc)
|
2005-04-18 12:44:46 +02:00
|
|
|
|
{
|
|
|
|
|
|
rc = keydb_get_cert (kh, r_cert);
|
|
|
|
|
|
if (!rc && keyid)
|
|
|
|
|
|
{
|
|
|
|
|
|
ksba_sexp_t subj;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2005-04-18 12:44:46 +02:00
|
|
|
|
rc = ksba_cert_get_subj_key_id (*r_cert, NULL, &subj);
|
|
|
|
|
|
if (!rc)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (cmp_simple_canon_sexp (keyid, subj))
|
|
|
|
|
|
{
|
|
|
|
|
|
xfree (subj);
|
|
|
|
|
|
goto nextone;
|
|
|
|
|
|
}
|
|
|
|
|
|
xfree (subj);
|
|
|
|
|
|
/* Okay: Here we know that the certificate's
|
|
|
|
|
|
subjectKeyIdentifier matches the requested
|
|
|
|
|
|
one. */
|
|
|
|
|
|
}
|
2007-07-04 21:49:40 +02:00
|
|
|
|
else if (gpg_err_code (rc) == GPG_ERR_NO_DATA)
|
2005-04-18 12:44:46 +02:00
|
|
|
|
goto nextone;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* If we don't have the KEYID filter we need to check for
|
2018-10-24 21:56:18 +02:00
|
|
|
|
ambiguous search results. Note, that it is somewhat
|
2005-04-18 12:44:46 +02:00
|
|
|
|
reasonable to assume that a specification of a KEYID
|
|
|
|
|
|
won't lead to ambiguous names. */
|
|
|
|
|
|
if (!rc && !keyid)
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
2017-10-24 17:29:04 +02:00
|
|
|
|
ksba_isotime_t notbefore = "";
|
|
|
|
|
|
const unsigned char *image = NULL;
|
|
|
|
|
|
size_t length = 0;
|
|
|
|
|
|
if (allow_ambiguous)
|
|
|
|
|
|
{
|
|
|
|
|
|
/* We want to return the newest certificate */
|
|
|
|
|
|
if (ksba_cert_get_validity (*r_cert, 0, notbefore))
|
|
|
|
|
|
*notbefore = '\0';
|
|
|
|
|
|
image = ksba_cert_get_image (*r_cert, &length);
|
|
|
|
|
|
}
|
2007-08-23 19:41:22 +02:00
|
|
|
|
next_ambiguous:
|
2016-11-10 17:01:19 +01:00
|
|
|
|
rc = keydb_search (ctrl, kh, &desc, 1);
|
2003-08-05 19:11:04 +02:00
|
|
|
|
if (rc == -1)
|
|
|
|
|
|
rc = 0;
|
2011-02-04 12:57:53 +01:00
|
|
|
|
else
|
2003-08-05 19:11:04 +02:00
|
|
|
|
{
|
|
|
|
|
|
if (!rc)
|
2007-08-23 19:41:22 +02:00
|
|
|
|
{
|
|
|
|
|
|
ksba_cert_t cert2 = NULL;
|
2017-10-24 17:29:04 +02:00
|
|
|
|
ksba_isotime_t notbefore2 = "";
|
|
|
|
|
|
const unsigned char *image2 = NULL;
|
|
|
|
|
|
size_t length2 = 0;
|
|
|
|
|
|
int cmp = 0;
|
2007-08-23 19:41:22 +02:00
|
|
|
|
|
|
|
|
|
|
if (!keydb_get_cert (kh, &cert2))
|
|
|
|
|
|
{
|
|
|
|
|
|
if (gpgsm_certs_identical_p (*r_cert, cert2))
|
|
|
|
|
|
{
|
|
|
|
|
|
ksba_cert_release (cert2);
|
|
|
|
|
|
goto next_ambiguous;
|
|
|
|
|
|
}
|
2017-10-24 17:29:04 +02:00
|
|
|
|
if (allow_ambiguous)
|
|
|
|
|
|
{
|
|
|
|
|
|
if (ksba_cert_get_validity (cert2, 0, notbefore2))
|
|
|
|
|
|
*notbefore2 = '\0';
|
|
|
|
|
|
image2 = ksba_cert_get_image (cert2, &length2);
|
|
|
|
|
|
cmp = strcmp (notbefore, notbefore2);
|
|
|
|
|
|
/* use certificate image bits as last resort for stable ordering */
|
|
|
|
|
|
if (!cmp)
|
|
|
|
|
|
cmp = memcmp (image, image2, length < length2 ? length : length2);
|
|
|
|
|
|
if (!cmp)
|
|
|
|
|
|
cmp = length < length2 ? -1 : length > length2 ? 1 : 0;
|
|
|
|
|
|
if (cmp < 0)
|
|
|
|
|
|
{
|
|
|
|
|
|
ksba_cert_release (*r_cert);
|
|
|
|
|
|
*r_cert = cert2;
|
|
|
|
|
|
strcpy (notbefore, notbefore2);
|
|
|
|
|
|
image = image2;
|
|
|
|
|
|
length = length2;
|
|
|
|
|
|
}
|
|
|
|
|
|
else
|
|
|
|
|
|
ksba_cert_release (cert2);
|
|
|
|
|
|
goto next_ambiguous;
|
|
|
|
|
|
}
|
2007-08-23 19:41:22 +02:00
|
|
|
|
ksba_cert_release (cert2);
|
|
|
|
|
|
}
|
|
|
|
|
|
rc = gpg_error (GPG_ERR_AMBIGUOUS_NAME);
|
|
|
|
|
|
}
|
2003-08-05 19:11:04 +02:00
|
|
|
|
ksba_cert_release (*r_cert);
|
|
|
|
|
|
*r_cert = NULL;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2011-02-04 12:57:53 +01:00
|
|
|
|
|
2003-08-05 19:11:04 +02:00
|
|
|
|
keydb_release (kh);
|
|
|
|
|
|
return rc == -1? gpg_error (GPG_ERR_NO_PUBKEY): rc;
|
|
|
|
|
|
}
|
