xref: /openbsd/usr.bin/openssl/verify.c (revision d89ec533) 
1 /* $OpenBSD: verify.c,v 1.14 2021/02/15 17:57:58 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include <string.h>
62 
63 #include "apps.h"
64 
65 #include <openssl/bio.h>
66 #include <openssl/err.h>
67 #include <openssl/pem.h>
68 #include <openssl/x509.h>
69 #include <openssl/x509v3.h>
70 
71 static int cb(int ok, X509_STORE_CTX *ctx);
72 static int check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain,
73     STACK_OF(X509) *tchain, STACK_OF(X509_CRL) *crls);
74 static int vflags = 0;
75 
76 static struct {
77 	char *CAfile;
78 	char *CApath;
79 	char *crlfile;
80 	char *trustfile;
81 	char *untfile;
82 	int verbose;
83 	X509_VERIFY_PARAM *vpm;
84 } verify_config;
85 
86 static int
87 verify_opt_args(int argc, char **argv, int *argsused)
88 {
89 	int oargc = argc;
90 	int badarg = 0;
91 
92 	if (!args_verify(&argv, &argc, &badarg, bio_err, &verify_config.vpm))
93 		return (1);
94 	if (badarg)
95 		return (1);
96 
97 	*argsused = oargc - argc;
98 
99 	return (0);
100 }
101 
102 static const struct option verify_options[] = {
103 	{
104 		.name = "CAfile",
105 		.argname = "file",
106 		.desc = "Certificate Authority file",
107 		.type = OPTION_ARG,
108 		.opt.arg = &verify_config.CAfile,
109 	},
110 	{
111 		.name = "CApath",
112 		.argname = "path",
113 		.desc = "Certificate Authority path",
114 		.type = OPTION_ARG,
115 		.opt.arg = &verify_config.CApath,
116 	},
117 	{
118 		.name = "CRLfile",
119 		.argname = "file",
120 		.desc = "Certificate Revocation List file",
121 		.type = OPTION_ARG,
122 		.opt.arg = &verify_config.crlfile,
123 	},
124 	{
125 		.name = "trusted",
126 		.argname = "file",
127 		.desc = "Trusted certificates file",
128 		.type = OPTION_ARG,
129 		.opt.arg = &verify_config.trustfile,
130 	},
131 	{
132 		.name = "untrusted",
133 		.argname = "file",
134 		.desc = "Untrusted certificates file",
135 		.type = OPTION_ARG,
136 		.opt.arg = &verify_config.untfile,
137 	},
138 	{
139 		.name = "verbose",
140 		.desc = "Verbose",
141 		.type = OPTION_FLAG,
142 		.opt.flag = &verify_config.verbose,
143 	},
144 	{
145 		.name = NULL,
146 		.desc = "",
147 		.type = OPTION_ARGV_FUNC,
148 		.opt.argvfunc = verify_opt_args,
149 	},
150 	{ NULL },
151 };
152 
153 static const struct option verify_shared_options[] = {
154 	{
155 		.name = "attime",
156 		.argname = "epoch",
157 		.desc = "Use epoch as the verification time",
158 	},
159 	{
160 		.name = "check_ss_sig",
161 		.desc = "Check the root CA self-signed certificate signature",
162 	},
163 	{
164 		.name = "crl_check",
165 		.desc = "Enable CRL checking for the leaf certificate",
166 	},
167 	{
168 		.name = "crl_check_all",
169 		.desc = "Enable CRL checking for the entire certificate chain",
170 	},
171 	{
172 		.name = "explicit_policy",
173 		.desc = "Require explicit policy (per RFC 3280)",
174 	},
175 	{
176 		.name = "extended_crl",
177 		.desc = "Enable extended CRL support",
178 	},
179 	{
180 		.name = "ignore_critical",
181 		.desc = "Disable critical extension checking",
182 	},
183 	{
184 		.name = "inhibit_any",
185 		.desc = "Inhibit any policy (per RFC 3280)",
186 	},
187 	{
188 		.name = "inhibit_map",
189 		.desc = "Inhibit policy mapping (per RFC 3280)",
190 	},
191 	{
192 		.name = "issuer_checks",
193 		.desc = "Enable debugging of certificate issuer checks",
194 	},
195 	{
196 		.name = "legacy_verify",
197 		.desc = "Use legacy certificate chain verification",
198 	},
199 	{
200 		.name = "policy",
201 		.argname = "name",
202 		.desc = "Add given policy to the acceptable set",
203 	},
204 	{
205 		.name = "policy_check",
206 		.desc = "Enable certificate policy checking",
207 	},
208 	{
209 		.name = "policy_print",
210 		.desc = "Print policy",
211 	},
212 	{
213 		.name = "purpose",
214 		.argname = "name",
215 		.desc = "Verify for the given purpose",
216 	},
217 	{
218 		.name = "use_deltas",
219 		.desc = "Use delta CRLS (if present)",
220 	},
221 	{
222 		.name = "verify_depth",
223 		.argname = "num",
224 		.desc = "Limit verification to the given depth",
225 	},
226 	{
227 		.name = "x509_strict",
228 		.desc = "Use strict X.509 rules (disables workarounds)",
229 	},
230 	{ NULL },
231 };
232 
233 static void
234 verify_usage(void)
235 {
236 	int i;
237 
238 	fprintf(stderr,
239 	    "usage: verify [-CAfile file] [-CApath directory] [-check_ss_sig]\n"
240 	    "    [-CRLfile file] [-crl_check] [-crl_check_all]\n"
241 	    "    [-explicit_policy] [-extended_crl]\n"
242 	    "    [-ignore_critical] [-inhibit_any] [-inhibit_map]\n"
243 	    "    [-issuer_checks] [-policy_check] [-purpose purpose]\n"
244 	    "    [-trusted file] [-untrusted file] [-verbose]\n"
245 	    "    [-x509_strict] [certificates]\n\n");
246 
247 	options_usage(verify_options);
248 
249 	fprintf(stderr, "\nVerification options:\n\n");
250 	options_usage(verify_shared_options);
251 
252 	fprintf(stderr, "\nValid purposes:\n\n");
253 	for (i = 0; i < X509_PURPOSE_get_count(); i++) {
254 		X509_PURPOSE *ptmp = X509_PURPOSE_get0(i);
255 		fprintf(stderr, "  %-18s%s\n", X509_PURPOSE_get0_sname(ptmp),
256 		    X509_PURPOSE_get0_name(ptmp));
257 	}
258 }
259 
260 int
261 verify_main(int argc, char **argv)
262 {
263 	STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
264 	STACK_OF(X509_CRL) *crls = NULL;
265 	X509_STORE *cert_ctx = NULL;
266 	X509_LOOKUP *lookup = NULL;
267 	char **cert_files = NULL;
268 	int argsused;
269 	int ret = 1;
270 
271 	if (single_execution) {
272 		if (pledge("stdio rpath", NULL) == -1) {
273 			perror("pledge");
274 			exit(1);
275 		}
276 	}
277 
278 	memset(&verify_config, 0, sizeof(verify_config));
279 
280 	if (options_parse(argc, argv, verify_options, NULL, &argsused) != 0) {
281 		verify_usage();
282 		goto end;
283 	}
284 
285 	if (argsused < argc)
286 		cert_files = &argv[argsused];
287 
288 	cert_ctx = X509_STORE_new();
289 	if (cert_ctx == NULL)
290 		goto end;
291 	X509_STORE_set_verify_cb(cert_ctx, cb);
292 
293 	if (verify_config.vpm)
294 		X509_STORE_set1_param(cert_ctx, verify_config.vpm);
295 
296 	lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_file());
297 	if (lookup == NULL)
298 		abort(); /* XXX */
299 	if (verify_config.CAfile) {
300 		if (!X509_LOOKUP_load_file(lookup, verify_config.CAfile,
301 		    X509_FILETYPE_PEM)) {
302 			BIO_printf(bio_err, "Error loading file %s\n",
303 			    verify_config.CAfile);
304 			ERR_print_errors(bio_err);
305 			goto end;
306 		}
307 	} else
308 		X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
309 
310 	lookup = X509_STORE_add_lookup(cert_ctx, X509_LOOKUP_hash_dir());
311 	if (lookup == NULL)
312 		abort(); /* XXX */
313 	if (verify_config.CApath) {
314 		if (!X509_LOOKUP_add_dir(lookup, verify_config.CApath,
315 		    X509_FILETYPE_PEM)) {
316 			BIO_printf(bio_err, "Error loading directory %s\n",
317 			    verify_config.CApath);
318 			ERR_print_errors(bio_err);
319 			goto end;
320 		}
321 	} else
322 		X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT);
323 
324 	ERR_clear_error();
325 
326 	if (verify_config.untfile) {
327 		untrusted = load_certs(bio_err, verify_config.untfile,
328 		    FORMAT_PEM, NULL, "untrusted certificates");
329 		if (!untrusted)
330 			goto end;
331 	}
332 	if (verify_config.trustfile) {
333 		trusted = load_certs(bio_err, verify_config.trustfile,
334 		    FORMAT_PEM, NULL, "trusted certificates");
335 		if (!trusted)
336 			goto end;
337 	}
338 	if (verify_config.crlfile) {
339 		crls = load_crls(bio_err, verify_config.crlfile, FORMAT_PEM,
340 		    NULL, "other CRLs");
341 		if (!crls)
342 			goto end;
343 	}
344 	ret = 0;
345 	if (cert_files == NULL) {
346 		if (1 != check(cert_ctx, NULL, untrusted, trusted, crls))
347 			ret = -1;
348 	} else {
349 		do {
350 			if (1 != check(cert_ctx, *cert_files++, untrusted,
351 			    trusted, crls))
352 				ret = -1;
353 		} while (*cert_files != NULL);
354 	}
355 
356  end:
357 	if (verify_config.vpm)
358 		X509_VERIFY_PARAM_free(verify_config.vpm);
359 	if (cert_ctx != NULL)
360 		X509_STORE_free(cert_ctx);
361 	sk_X509_pop_free(untrusted, X509_free);
362 	sk_X509_pop_free(trusted, X509_free);
363 	sk_X509_CRL_pop_free(crls, X509_CRL_free);
364 
365 	return (ret < 0 ? 2 : ret);
366 }
367 
368 static int
369 check(X509_STORE *ctx, char *file, STACK_OF(X509) *uchain,
370     STACK_OF(X509) *tchain, STACK_OF(X509_CRL) *crls)
371 {
372 	X509 *x = NULL;
373 	X509_STORE_CTX *csc = NULL;
374 	const char *certfile = (file == NULL) ? "stdin" : file;
375 	int verify_err;
376 	int i = 0, ret = 0;
377 
378 	x = load_cert(bio_err, file, FORMAT_PEM, NULL, "certificate file");
379 	if (x == NULL)
380 		goto end;
381 
382 	if ((csc = X509_STORE_CTX_new()) == NULL)
383 		goto end;
384 	X509_STORE_set_flags(ctx, vflags);
385 	if (!X509_STORE_CTX_init(csc, ctx, x, uchain))
386 		goto end;
387 	if (tchain)
388 		X509_STORE_CTX_trusted_stack(csc, tchain);
389 	if (crls)
390 		X509_STORE_CTX_set0_crls(csc, crls);
391 
392 	i = X509_verify_cert(csc);
393 	verify_err = X509_STORE_CTX_get_error(csc);
394 
395 	if (i > 0 && verify_err == X509_V_OK) {
396 		fprintf(stdout, "%s: OK\n", certfile);
397 		ret = 1;
398 	} else {
399 		fprintf(stdout, "%s: verification failed: %d (%s)\n", certfile,
400 		    verify_err, X509_verify_cert_error_string(verify_err));
401 	}
402 
403  end:
404 	if (i <= 0)
405 		ERR_print_errors(bio_err);
406 	X509_free(x);
407 	X509_STORE_CTX_free(csc);
408 
409 	return (ret);
410 }
411 
412 static int
413 cb(int ok, X509_STORE_CTX *ctx)
414 {
415 	int cert_error = X509_STORE_CTX_get_error(ctx);
416 	X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx);
417 
418 	if (!ok) {
419 		if (current_cert) {
420 			X509_NAME_print_ex_fp(stdout,
421 			    X509_get_subject_name(current_cert),
422 			    0, XN_FLAG_ONELINE);
423 			printf("\n");
424 		}
425 		printf("%serror %d at %d depth lookup:%s\n",
426 		    X509_STORE_CTX_get0_parent_ctx(ctx) ? "[CRL path]" : "",
427 		    cert_error,
428 		    X509_STORE_CTX_get_error_depth(ctx),
429 		    X509_verify_cert_error_string(cert_error));
430 		switch (cert_error) {
431 		case X509_V_ERR_NO_EXPLICIT_POLICY:
432 			policies_print(NULL, ctx);
433 		case X509_V_ERR_CERT_HAS_EXPIRED:
434 
435 			/*
436 			 * since we are just checking the certificates, it is
437 			 * ok if they are self signed. But we should still
438 			 * warn the user.
439 			 */
440 
441 		case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
442 			/* Continue after extension errors too */
443 		case X509_V_ERR_INVALID_CA:
444 		case X509_V_ERR_INVALID_NON_CA:
445 		case X509_V_ERR_PATH_LENGTH_EXCEEDED:
446 		case X509_V_ERR_INVALID_PURPOSE:
447 		case X509_V_ERR_CRL_HAS_EXPIRED:
448 		case X509_V_ERR_CRL_NOT_YET_VALID:
449 		case X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION:
450 			ok = 1;
451 
452 		}
453 
454 		return ok;
455 
456 	}
457 	if (cert_error == X509_V_OK && ok == 2)
458 		policies_print(NULL, ctx);
459 	if (!verify_config.verbose)
460 		ERR_clear_error();
461 	return (ok);
462 }
463