[apple/security.git] / AppleX509TP / certGroupUtils.cpp

/*
 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
 * 
 * The contents of this file constitute Original Code as defined in and are
 * subject to the Apple Public Source License Version 1.2 (the 'License').
 * You may not use this file except in compliance with the License. Please obtain
 * a copy of the License at http://www.apple.com/publicsource and read it before
 * using this file.
 * 
 * This Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
 * specific language governing rights and limitations under the License.
 */


/*
	certGroupUtils.cpp

	Created 10/9/2000 by Doug Mitchell. 
*/

#include <Security/cssmtype.h>
#include <Security/cssmapi.h>
#include <Security/x509defs.h>
#include <Security/oidscert.h>
#include <Security/oidsalg.h>
#include <Security/cssmapple.h>

#include "certGroupUtils.h" 
#include "tpdebugging.h"
#include "tpTime.h"

#include <string.h>				/* for memcmp */


/*
 * Copy one CSSM_DATA to another, mallocing destination. 
 */
void tpCopyCssmData(
	CssmAllocator	&alloc,
	const CSSM_DATA	*src,
	CSSM_DATA_PTR	dst)
{
	dst->Data = (uint8 *)alloc.malloc(src->Length);
	dst->Length = src->Length;
	memmove(dst->Data, src->Data, src->Length);
}

/*
 * Malloc a CSSM_DATA, copy another one to it.
 */
CSSM_DATA_PTR tpMallocCopyCssmData(
	CssmAllocator	&alloc,
	const CSSM_DATA	*src)
{
	CSSM_DATA_PTR dst = (CSSM_DATA_PTR)alloc.malloc(sizeof(CSSM_DATA));
	tpCopyCssmData(alloc, src, dst);
	return dst;
}

/*
 * Free the data referenced by a CSSM data, and optionally, the struct itself.
 */
void tpFreeCssmData(
	CssmAllocator	&alloc,
	CSSM_DATA_PTR 	data,
	CSSM_BOOL 		freeStruct)
{
	if(data == NULL) {
		return;
	}
	if(data->Length != 0) {
		tpFree(alloc, data->Data);
	}
	if(freeStruct) {
		tpFree(alloc, data);
	}
	else {
		data->Length = 0;
		data->Data = NULL;
	}
}

/*
 * Compare two CSSM_DATAs, return CSSM_TRUE if identical.
 */
CSSM_BOOL tpCompareCssmData(
	const CSSM_DATA *data1,
	const CSSM_DATA *data2)
{	
	if((data1 == NULL) || (data1->Data == NULL) || 
	   (data2 == NULL) || (data2->Data == NULL) ||
	   (data1->Length != data2->Length)) {
		return CSSM_FALSE;
	}
	if(data1->Length != data2->Length) {
		return CSSM_FALSE;
	}
	if(memcmp(data1->Data, data2->Data, data1->Length) == 0) {
		return CSSM_TRUE;
	}
	else {
		return CSSM_FALSE;
	}
}

/*
 * Free memory via specified plugin's app-level allocator
 */
void tpFreePluginMemory(
	CSSM_HANDLE	hand,
	void 		*p)
{
	CSSM_API_MEMORY_FUNCS memFuncs;
	CSSM_RETURN crtn = CSSM_GetAPIMemoryFunctions(hand, &memFuncs);
	if(crtn) {
		tpErrorLog("CSSM_GetAPIMemoryFunctions failure\n");
		/* oh well, leak and continue */
		return;
	}
	memFuncs.free_func(p, memFuncs.AllocRef);
}

/*
 * Obtain the public key blob from a cert.
 */
CSSM_DATA_PTR tp_CertGetPublicKey( 
    TPCertInfo *cert,
	CSSM_DATA_PTR *valueToFree)			// used in tp_CertFreePublicKey
{
	CSSM_RETURN crtn;
	CSSM_DATA_PTR val;
	CSSM_X509_SUBJECT_PUBLIC_KEY_INFO *keyInfo;
	
	*valueToFree = NULL;
	crtn = cert->fetchField(&CSSMOID_X509V1SubjectPublicKeyCStruct, &val);
	if(crtn) {
		tpErrorLog("Error on CSSM_CL_CertGetFirstFieldValue(PublicKeyCStruct)\n");
		return NULL;
	}
	*valueToFree = val;
	keyInfo = (CSSM_X509_SUBJECT_PUBLIC_KEY_INFO *)val->Data;
	return &keyInfo->subjectPublicKey;
}

void tp_CertFreePublicKey(
	CSSM_CL_HANDLE	clHand,
	CSSM_DATA_PTR	value)
{
  	CSSM_CL_FreeFieldValue(clHand, &CSSMOID_X509V1SubjectPublicKeyCStruct, value);
}

/*
 * Obtain signature algorithm info from a cert.
 */
CSSM_X509_ALGORITHM_IDENTIFIER_PTR tp_CertGetAlgId( 
    TPCertInfo	 	*cert,
	CSSM_DATA_PTR 	*valueToFree)			// used in tp_CertFreeAlgId
{
	CSSM_RETURN crtn;
	CSSM_DATA_PTR val;
	
	*valueToFree = NULL;
	crtn = cert->fetchField(&CSSMOID_X509V1SignatureAlgorithm, &val);
	if(crtn) {
		tpErrorLog("Error on fetchField(CSSMOID_X509V1SignatureAlgorithm)\n");
		return NULL;
	}
	*valueToFree = val;
	return (CSSM_X509_ALGORITHM_IDENTIFIER_PTR)val->Data;
}

void tp_CertFreeAlgId(
	CSSM_CL_HANDLE	clHand,
	CSSM_DATA_PTR	value)
{
  	CSSM_CL_FreeFieldValue(clHand, &CSSMOID_X509V1SignatureAlgorithm, value);
}

/*
 * Determine if two certs - passed in encoded form - are equivalent. 
 */
CSSM_BOOL tp_CompareCerts(
	const CSSM_DATA			*cert1,
	const CSSM_DATA			*cert2)
{
	return tpCompareCssmData(cert1, cert2);
}


/*
 * Given a aignature OID, return the corresponding CSSM_ALGID for the 
 * signature the required key.
 */
CSSM_ALGORITHMS tpOidToAldId(
	const CSSM_OID *oid,
	CSSM_ALGORITHMS *keyAlg)			// RETURNED
{
	*keyAlg = CSSM_ALGID_RSA;			// default
	if(tpCompareOids(oid, &CSSMOID_MD2WithRSA)) {
		return CSSM_ALGID_MD2WithRSA;
	}
	else if(tpCompareOids(oid, &CSSMOID_MD5WithRSA)) {
		return CSSM_ALGID_MD5WithRSA;
	}
	else if(tpCompareOids(oid, &CSSMOID_SHA1WithRSA)) {
		return CSSM_ALGID_SHA1WithRSA;
	}
	else if(tpCompareOids(oid, &CSSMOID_SHA1WithRSA_OIW)) {
		return CSSM_ALGID_SHA1WithRSA;
	}
	else if(tpCompareOids(oid, &CSSMOID_SHA1WithDSA)) {
		*keyAlg = CSSM_ALGID_DSA;
		return CSSM_ALGID_SHA1WithDSA;
	}
	else if(tpCompareOids(oid, &CSSMOID_APPLE_FEE_MD5)) {
		*keyAlg = CSSM_ALGID_FEE;
		return CSSM_ALGID_FEE_MD5;
	}
	else if(tpCompareOids(oid, &CSSMOID_APPLE_FEE_SHA1)) {
		*keyAlg = CSSM_ALGID_FEE;
		return CSSM_ALGID_FEE_SHA1;
	}
	else if(tpCompareOids(oid, &CSSMOID_APPLE_ECDSA)) {
		*keyAlg = CSSM_ALGID_FEE;
		return CSSM_ALGID_SHA1WithECDSA;
	}
	else {
		*keyAlg = CSSM_ALGID_NONE;
		return CSSM_ALGID_NONE;
	}
}

/*
 * Convert a C string to lower case in place. NULL terminator not needed.
 */
void tpToLower(
	char *str,
	unsigned strLen)
{
	for(unsigned i=0; i<strLen; i++) {
		*str = tolower(*str);
		str++;
	}
}

/*
 * Normalize an RFC822 addr-spec. This consists of converting
 * all characters following the '@' character to lower case.
 */
void tpNormalizeAddrSpec(
	char		*addr,
	unsigned	addrLen)
{
	while((*addr != '@') && (addrLen != 0)) {
		addr++;
		addrLen--;
	}
	if(addrLen == 0) {
		tpPolicyError("tpNormalizeAddrSpec: bad addr-spec");
		return;
	}
	tpToLower(addr, addrLen);
}

/***
 *** dnsName compare support.
 *** Please do not make any changes to this code without talking to 
 *** dmitch about updating (if necessary) and running (always)
 *** regression tests which specifically test this logic.
 ***/
 
/*
 * Max length of a distinguished name component (label) we handle.
 * Various RFCs spec this out at 63 bytes; we're just allocating space
 * for these on the stack, so why not cut some slack. 
 */
#define MAX_DNS_COMP_LEN	128

/*
 * Obtain the next component from a DNS Name.
 * Caller mallocs outBuf, size >= MAX_DNS_COMP_LEN.
 * Returns true if a component was found.
 */
static bool tpNextDnsComp(
	const char 	*inBuf,
	uint32		&inBufLen,		// IN/OUT
	char		*outBuf,		// component RETURNED here
	uint32		&outBufLen)		// RETURNED length of component
{
	outBufLen = 0;
	if(inBufLen == 0) {
		return false;
	}
	
	/* skip over leading '.' */
	if(*inBuf == '.') {
		inBuf++;
		if(--inBufLen == 0) {
			return false;
		}
	}
	
	/* copy chars until out of data or next '.' found */
	do {
		if(*inBuf == '.') {
			break;
		}
		*outBuf++ = *inBuf++;
		inBufLen--;
		outBufLen++;
		if(outBufLen >= MAX_DNS_COMP_LEN) {
			/* abort */
			break;
		}
	} while(inBufLen != 0);
	if(outBufLen) {
		return true;
	}
	else {
		return false;
	}
}

/*
 * Find location of specified substring in given bigstring. Returns
 * pointer to start of substring in bigstring, else returns NULL.
 */
static const char *tpSubStr(
	const char 	*bigstr,
	uint32 		bigstrLen,
	const char 	*substr,
	uint32		substrLen)
{
	/* stop searching substrLen chars before end of bigstr */
	const char *endBigStr = bigstr + bigstrLen - substrLen;
	for( ; bigstr <= endBigStr; ) {
		if(*bigstr == *substr) {
			/* first char match - remainder? */
			if(substrLen == 1) {
				/* don't count on memcmp(a,b,0) */
				return bigstr;
			}
			if(!memcmp(bigstr+1, substr+1, substrLen - 1)) {
				return bigstr;
			} 
		}
		bigstr++;
	} 
	return NULL;
}

/*
 * Compare two DNS components, with full wildcard check. We assume
 * that no '.' chars exist (per the processing performed in 
 * tpNextDnsComp()). Returns CSSM_TRUE on match, else CSSM_FALSE.
 */
static CSSM_BOOL tpCompareComps(
	const char 	*hostComp, 			// no wildcards
	uint32 		hostCompLen, 
	const char 	*certComp, 			// wildcards OK here
	uint32		certCompLen)
{
	const char *endCertComp = certComp + certCompLen;
	const char *endHostComp = hostComp + hostCompLen;
	do {
		/* wild card in cert name? */
		const char *wildCard = tpSubStr(certComp, certCompLen,
			"*", 1);
		if(wildCard == NULL) {
			/* no, require perfect literal match right now */
			if((hostCompLen == certCompLen) &&
					!memcmp(hostComp, certComp, certCompLen)) {
				return CSSM_TRUE;
			}
			else {
				return CSSM_FALSE;
			}
		}
		
		if(wildCard != certComp) {
			/* 
			 * Require literal match of hostComp with certComp
			 * up until (but not including) the wildcard
			 */
			uint32 subStrLen = wildCard - certComp;
			if(subStrLen > hostCompLen) {
				/* out of host name chars */
				return CSSM_FALSE;
			}
			if(memcmp(certComp, hostComp, subStrLen)) {
				return CSSM_FALSE;
			}
			/* OK, skip over substring */
			hostComp    += subStrLen;
			hostCompLen -= subStrLen;
			/* start parsing at the wildcard itself */
			certComp     = wildCard;
			certCompLen -= subStrLen;
			continue;
		}
		
		/*
		 * Currently looking at a wildcard.
		 *
		 * Find substring in hostComp which matches from the char after
		 * the wildcard up to whichever of these comes next:
		 *
		 *  -- end of certComp 
		 *  -- another wildcard
		 */
		wildCard++;		
		if(wildCard == endCertComp) {
			/* 
			 * -- Wild card at end of cert's DNS
			 * -- nothing else to match - rest of hostComp is the wildcard
			 *    match
			 * -- done, success 
			 */
			return CSSM_TRUE;
		}
		
		const char *afterSubStr;		// in certComp
		afterSubStr = tpSubStr(wildCard, endCertComp - wildCard,
			"*", 1);
		if(afterSubStr == NULL) {
			/* no more wildcards - use end of certComp */
			afterSubStr = endCertComp;
		}
		uint32 subStrLen = afterSubStr - wildCard;
		const char *foundSub = tpSubStr(hostComp, hostCompLen,
			wildCard, subStrLen);
		if(foundSub == NULL) {
			/* No match of explicit chars */
			return CSSM_FALSE;
		}
		
		/* found it - skip past this substring */
		hostComp    = foundSub + subStrLen;
		hostCompLen = endHostComp - hostComp;
		certComp    = afterSubStr;
		certCompLen = endCertComp - afterSubStr;
		
	} while((hostCompLen != 0) || (certCompLen != 0));
	if((hostCompLen == 0) && (certCompLen == 0)) {
		return CSSM_TRUE;
	}
	else {
		/* end of one but not the other */
		return CSSM_FALSE;
	}
}

/*
 * Compare hostname, is presented to the TP in 
 * CSSM_APPLE_TP_SSL_OPTIONS.ServerName, to a server name obtained
 * from the server's cert (i.e., from subjectAltName or commonName).
 * Limited wildcard checking is performed here. 
 *
 * The incoming hostname is assumed to have been processed by tpToLower();
 * we'll perform that processing on certName here. 
 *
 * Returns CSSM_TRUE on match, else CSSM_FALSE.
 */
CSSM_BOOL tpCompareHostNames(
	const char	 	*hostName,		// spec'd by app, tpToLower'd
	uint32			hostNameLen,
	char			*certName,		// from cert, we tpToLower
	uint32			certNameLen)
{
	tpToLower(certName, certNameLen);

	/* tolerate optional NULL terminators for both */
	if(hostName[hostNameLen - 1] == '\0') {
		hostNameLen--;
	}
	if(certName[certNameLen - 1] == '\0') {
		certNameLen--;
	}
	
	/* case 1: exact match */
	if((certNameLen == hostNameLen) &&
	    !memcmp(certName, hostName, certNameLen)) {
		return CSSM_TRUE;
	}
	
	/* 
	 * Case 2: Compare one component at a time, handling wildcards in
	 * cert's server name. The characters implicitly matched by a 
	 * wildcard span only one component of a dnsName.
	 */
	do {
		/* get next component from each dnsName */
		char hostComp[MAX_DNS_COMP_LEN];
		char certComp[MAX_DNS_COMP_LEN];
		uint32 hostCompLen;
		uint32 certCompLen;
		
		bool foundHost = tpNextDnsComp(hostName, hostNameLen,
				hostComp, hostCompLen);
		bool foundCert = tpNextDnsComp(certName, certNameLen,
				certComp, certCompLen);
		if(foundHost != foundCert) {
			/* unequal number of components */
			tpPolicyError("tpCompareHostNames: wildcard  mismatch (1)");
			return CSSM_FALSE;
		}
		if(!foundHost) {
			/* normal successful termination */
			return CSSM_TRUE;
		}
		
		/* compare individual components */
		if(!tpCompareComps(hostComp, hostCompLen, 
				certComp, certCompLen)) {
			tpPolicyError("tpCompareHostNames: wildcard  mismatch (2)");
			return CSSM_FALSE;
		}
		
		/* skip over this component */
		hostName    += hostCompLen;
		certName    += certCompLen;
	} while(1);
	/* NOT REACHED */
	//assert(0):
	return CSSM_FALSE;
}

/*
 * Compare email address, is presented to the TP in 
 * CSSM_APPLE_TP_SMIME_OPTIONS.SenderEmail, to a string obtained
 * from the sender's cert (i.e., from subjectAltName or Subject DN).
 *
 * Returns CSSM_TRUE on match, else CSSM_FALSE.
 *
 * Incomiong appEmail string has already been tpNormalizeAddrSpec'd.
 * We do that for certEmail string here. 
 */
CSSM_BOOL tpCompareEmailAddr(
	const char	 	*appEmail,		// spec'd by app, normalized
	uint32			appEmailLen,
	char			*certEmail,		// from cert, we normalize
	uint32			certEmailLen)
{
	tpNormalizeAddrSpec(certEmail, certEmailLen);

	/* tolerate optional NULL terminators for both */
	if(appEmail[appEmailLen - 1] == '\0') {
		appEmailLen--;
	}
	if(certEmail[certEmailLen - 1] == '\0') {
		certEmailLen--;
	}
	if((certEmailLen == appEmailLen) &&
	    !memcmp(certEmail, appEmail, certEmailLen)) {
		return CSSM_TRUE;
	}
	else {
		/* mismatch */
		tpPolicyError("tpCompareEmailAddr: app/cert email addrs mismatch");
		return CSSM_FALSE;
	}
}
Commit	Line	Data
bac41a7b A	1	/*
	2	* Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
	3	*
	4	* The contents of this file constitute Original Code as defined in and are
	5	* subject to the Apple Public Source License Version 1.2 (the 'License').
	6	* You may not use this file except in compliance with the License. Please obtain
	7	* a copy of the License at http://www.apple.com/publicsource and read it before
	8	* using this file.
	9	*
	10	* This Original Code and all software distributed under the License are
	11	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
	12	* OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
	13	* LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
	14	* PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
	15	* specific language governing rights and limitations under the License.
	16	*/
	17
	18
	19	/*
	20	certGroupUtils.cpp
	21
	22	Created 10/9/2000 by Doug Mitchell.
	23	*/
	24
	25	#include <Security/cssmtype.h>
	26	#include <Security/cssmapi.h>
	27	#include <Security/x509defs.h>
	28	#include <Security/oidscert.h>
	29	#include <Security/oidsalg.h>
	30	#include <Security/cssmapple.h>
	31
	32	#include "certGroupUtils.h"
df0e469f	33	#include "tpdebugging.h"
bac41a7b A	34	#include "tpTime.h"
	35
	36	#include <string.h> /* for memcmp */
	37
bac41a7b A	38
	39	/*
	40	* Copy one CSSM_DATA to another, mallocing destination.
	41	*/
	42	void tpCopyCssmData(
	43	CssmAllocator &alloc,
	44	const CSSM_DATA *src,
	45	CSSM_DATA_PTR dst)
	46	{
	47	dst->Data = (uint8 *)alloc.malloc(src->Length);
	48	dst->Length = src->Length;
	49	memmove(dst->Data, src->Data, src->Length);
	50	}
	51
	52	/*
	53	* Malloc a CSSM_DATA, copy another one to it.
	54	*/
	55	CSSM_DATA_PTR tpMallocCopyCssmData(
	56	CssmAllocator &alloc,
	57	const CSSM_DATA *src)
	58	{
	59	CSSM_DATA_PTR dst = (CSSM_DATA_PTR)alloc.malloc(sizeof(CSSM_DATA));
	60	tpCopyCssmData(alloc, src, dst);
	61	return dst;
	62	}
	63
	64	/*
	65	* Free the data referenced by a CSSM data, and optionally, the struct itself.
	66	*/
	67	void tpFreeCssmData(
	68	CssmAllocator &alloc,
	69	CSSM_DATA_PTR data,
	70	CSSM_BOOL freeStruct)
	71	{
	72	if(data == NULL) {
	73	return;
	74	}
	75	if(data->Length != 0) {
	76	tpFree(alloc, data->Data);
	77	}
	78	if(freeStruct) {
	79	tpFree(alloc, data);
	80	}
	81	else {
	82	data->Length = 0;
	83	data->Data = NULL;
	84	}
	85	}
	86
	87	/*
	88	* Compare two CSSM_DATAs, return CSSM_TRUE if identical.
	89	*/
	90	CSSM_BOOL tpCompareCssmData(
	91	const CSSM_DATA *data1,
	92	const CSSM_DATA *data2)
	93	{
	94	if((data1 == NULL) \|\| (data1->Data == NULL) \|\|
	95	(data2 == NULL) \|\| (data2->Data == NULL) \|\|
	96	(data1->Length != data2->Length)) {
	97	return CSSM_FALSE;
	98	}
	99	if(data1->Length != data2->Length) {
	100	return CSSM_FALSE;
	101	}
102	if(memcmp(data1->Data, data2->Data, data1->Length) == 0) {
103	return CSSM_TRUE;
104	}
105	else {
106	return CSSM_FALSE;
107	}
108	}
109
110	/*
df0e469f	111	* Free memory via specified plugin's app-level allocator
bac41a7b	112	*/
df0e469f A	113	void tpFreePluginMemory(
	114	CSSM_HANDLE hand,
	115	void *p)
	116	{
	117	CSSM_API_MEMORY_FUNCS memFuncs;
	118	CSSM_RETURN crtn = CSSM_GetAPIMemoryFunctions(hand, &memFuncs);
	119	if(crtn) {
	120	tpErrorLog("CSSM_GetAPIMemoryFunctions failure\n");
	121	/* oh well, leak and continue */
	122	return;
	123	}
	124	memFuncs.free_func(p, memFuncs.AllocRef);
bac41a7b A	125	}
	126
	127	/*
	128	* Obtain the public key blob from a cert.
	129	*/
	130	CSSM_DATA_PTR tp_CertGetPublicKey(
	131	TPCertInfo *cert,
	132	CSSM_DATA_PTR *valueToFree) // used in tp_CertFreePublicKey
	133	{
	134	CSSM_RETURN crtn;
	135	CSSM_DATA_PTR val;
	136	CSSM_X509_SUBJECT_PUBLIC_KEY_INFO *keyInfo;
	137
	138	*valueToFree = NULL;
	139	crtn = cert->fetchField(&CSSMOID_X509V1SubjectPublicKeyCStruct, &val);
	140	if(crtn) {
df0e469f	141	tpErrorLog("Error on CSSM_CL_CertGetFirstFieldValue(PublicKeyCStruct)\n");
bac41a7b A	142	return NULL;
	143	}
	144	*valueToFree = val;
	145	keyInfo = (CSSM_X509_SUBJECT_PUBLIC_KEY_INFO *)val->Data;
	146	return &keyInfo->subjectPublicKey;
	147	}
	148
	149	void tp_CertFreePublicKey(
	150	CSSM_CL_HANDLE clHand,
	151	CSSM_DATA_PTR value)
	152	{
	153	CSSM_CL_FreeFieldValue(clHand, &CSSMOID_X509V1SubjectPublicKeyCStruct, value);
	154	}
	155
	156	/*
	157	* Obtain signature algorithm info from a cert.
	158	*/
	159	CSSM_X509_ALGORITHM_IDENTIFIER_PTR tp_CertGetAlgId(
	160	TPCertInfo *cert,
	161	CSSM_DATA_PTR *valueToFree) // used in tp_CertFreeAlgId
	162	{
	163	CSSM_RETURN crtn;
	164	CSSM_DATA_PTR val;
	165
	166	*valueToFree = NULL;
	167	crtn = cert->fetchField(&CSSMOID_X509V1SignatureAlgorithm, &val);
	168	if(crtn) {
df0e469f	169	tpErrorLog("Error on fetchField(CSSMOID_X509V1SignatureAlgorithm)\n");
bac41a7b A	170	return NULL;
	171	}
	172	*valueToFree = val;
	173	return (CSSM_X509_ALGORITHM_IDENTIFIER_PTR)val->Data;
	174	}
	175
	176	void tp_CertFreeAlgId(
	177	CSSM_CL_HANDLE clHand,
	178	CSSM_DATA_PTR value)
	179	{
	180	CSSM_CL_FreeFieldValue(clHand, &CSSMOID_X509V1SignatureAlgorithm, value);
	181	}
	182
bac41a7b A	183	/*
	184	* Determine if two certs - passed in encoded form - are equivalent.
	185	*/
	186	CSSM_BOOL tp_CompareCerts(
	187	const CSSM_DATA *cert1,
	188	const CSSM_DATA *cert2)
	189	{
	190	return tpCompareCssmData(cert1, cert2);
	191	}
	192
bac41a7b A	193
	194	/*
	195	* Given a aignature OID, return the corresponding CSSM_ALGID for the
	196	* signature the required key.
	197	*/
	198	CSSM_ALGORITHMS tpOidToAldId(
	199	const CSSM_OID *oid,
	200	CSSM_ALGORITHMS *keyAlg) // RETURNED
	201	{
	202	*keyAlg = CSSM_ALGID_RSA; // default
	203	if(tpCompareOids(oid, &CSSMOID_MD2WithRSA)) {
	204	return CSSM_ALGID_MD2WithRSA;
	205	}
	206	else if(tpCompareOids(oid, &CSSMOID_MD5WithRSA)) {
	207	return CSSM_ALGID_MD5WithRSA;
	208	}
	209	else if(tpCompareOids(oid, &CSSMOID_SHA1WithRSA)) {
	210	return CSSM_ALGID_SHA1WithRSA;
	211	}
df0e469f A	212	else if(tpCompareOids(oid, &CSSMOID_SHA1WithRSA_OIW)) {
	213	return CSSM_ALGID_SHA1WithRSA;
	214	}
bac41a7b A	215	else if(tpCompareOids(oid, &CSSMOID_SHA1WithDSA)) {
	216	*keyAlg = CSSM_ALGID_DSA;
	217	return CSSM_ALGID_SHA1WithDSA;
	218	}
	219	else if(tpCompareOids(oid, &CSSMOID_APPLE_FEE_MD5)) {
	220	*keyAlg = CSSM_ALGID_FEE;
	221	return CSSM_ALGID_FEE_MD5;
	222	}
	223	else if(tpCompareOids(oid, &CSSMOID_APPLE_FEE_SHA1)) {
	224	*keyAlg = CSSM_ALGID_FEE;
	225	return CSSM_ALGID_FEE_SHA1;
	226	}
	227	else if(tpCompareOids(oid, &CSSMOID_APPLE_ECDSA)) {
	228	*keyAlg = CSSM_ALGID_FEE;
	229	return CSSM_ALGID_SHA1WithECDSA;
	230	}
	231	else {
	232	*keyAlg = CSSM_ALGID_NONE;
	233	return CSSM_ALGID_NONE;
	234	}
	235	}
5a719ac8 A	236
	237	/*
	238	* Convert a C string to lower case in place. NULL terminator not needed.
	239	*/
	240	void tpToLower(
	241	char *str,
	242	unsigned strLen)
	243	{
	244	for(unsigned i=0; i<strLen; i++) {
df0e469f A	245	str = tolower(str);
	246	str++;
	247	}
	248	}
	249
	250	/*
	251	* Normalize an RFC822 addr-spec. This consists of converting
	252	* all characters following the '@' character to lower case.
	253	*/
	254	void tpNormalizeAddrSpec(
	255	char *addr,
	256	unsigned addrLen)
	257	{
	258	while((*addr != '@') && (addrLen != 0)) {
	259	addr++;
	260	addrLen--;
	261	}
	262	if(addrLen == 0) {
	263	tpPolicyError("tpNormalizeAddrSpec: bad addr-spec");
	264	return;
	265	}
	266	tpToLower(addr, addrLen);
	267	}
	268
	269	/***
	270	*** dnsName compare support.
	271	*** Please do not make any changes to this code without talking to
	272	*** dmitch about updating (if necessary) and running (always)
	273	*** regression tests which specifically test this logic.
	274	***/
	275
	276	/*
	277	* Max length of a distinguished name component (label) we handle.
	278	* Various RFCs spec this out at 63 bytes; we're just allocating space
	279	* for these on the stack, so why not cut some slack.
	280	*/
	281	#define MAX_DNS_COMP_LEN 128
	282
	283	/*
	284	* Obtain the next component from a DNS Name.
	285	* Caller mallocs outBuf, size >= MAX_DNS_COMP_LEN.
	286	* Returns true if a component was found.
	287	*/
	288	static bool tpNextDnsComp(
	289	const char *inBuf,
	290	uint32 &inBufLen, // IN/OUT
	291	char *outBuf, // component RETURNED here
	292	uint32 &outBufLen) // RETURNED length of component
	293	{
	294	outBufLen = 0;
	295	if(inBufLen == 0) {
	296	return false;
	297	}
	298
	299	/* skip over leading '.' */
	300	if(*inBuf == '.') {
	301	inBuf++;
	302	if(--inBufLen == 0) {
	303	return false;
	304	}
	305	}
	306
	307	/* copy chars until out of data or next '.' found */
	308	do {
309	if(*inBuf == '.') {
310	break;
311	}
312	outBuf++ = inBuf++;
313	inBufLen--;
314	outBufLen++;
315	if(outBufLen >= MAX_DNS_COMP_LEN) {
316	/* abort */
317	break;
318	}
319	} while(inBufLen != 0);
320	if(outBufLen) {
321	return true;
322	}
323	else {
324	return false;
5a719ac8 A	325	}
	326	}
	327
df0e469f A	328	/*
	329	* Find location of specified substring in given bigstring. Returns
	330	* pointer to start of substring in bigstring, else returns NULL.
	331	*/
	332	static const char *tpSubStr(
	333	const char *bigstr,
	334	uint32 bigstrLen,
	335	const char *substr,
	336	uint32 substrLen)
	337	{
	338	/* stop searching substrLen chars before end of bigstr */
	339	const char *endBigStr = bigstr + bigstrLen - substrLen;
	340	for( ; bigstr <= endBigStr; ) {
	341	if(bigstr == substr) {
	342	/* first char match - remainder? */
	343	if(substrLen == 1) {
	344	/* don't count on memcmp(a,b,0) */
	345	return bigstr;
	346	}
	347	if(!memcmp(bigstr+1, substr+1, substrLen - 1)) {
	348	return bigstr;
	349	}
	350	}
	351	bigstr++;
	352	}
	353	return NULL;
	354	}
	355
	356	/*
	357	* Compare two DNS components, with full wildcard check. We assume
	358	* that no '.' chars exist (per the processing performed in
	359	* tpNextDnsComp()). Returns CSSM_TRUE on match, else CSSM_FALSE.
	360	*/
	361	static CSSM_BOOL tpCompareComps(
	362	const char *hostComp, // no wildcards
	363	uint32 hostCompLen,
	364	const char *certComp, // wildcards OK here
	365	uint32 certCompLen)
	366	{
	367	const char *endCertComp = certComp + certCompLen;
	368	const char *endHostComp = hostComp + hostCompLen;
	369	do {
	370	/* wild card in cert name? */
	371	const char *wildCard = tpSubStr(certComp, certCompLen,
	372	"*", 1);
	373	if(wildCard == NULL) {
	374	/* no, require perfect literal match right now */
	375	if((hostCompLen == certCompLen) &&
	376	!memcmp(hostComp, certComp, certCompLen)) {
	377	return CSSM_TRUE;
	378	}
	379	else {
	380	return CSSM_FALSE;
	381	}
	382	}
	383
	384	if(wildCard != certComp) {
	385	/*
	386	* Require literal match of hostComp with certComp
	387	* up until (but not including) the wildcard
	388	*/
	389	uint32 subStrLen = wildCard - certComp;
	390	if(subStrLen > hostCompLen) {
	391	/* out of host name chars */
392	return CSSM_FALSE;
393	}
394	if(memcmp(certComp, hostComp, subStrLen)) {
395	return CSSM_FALSE;
396	}
397	/* OK, skip over substring */
398	hostComp += subStrLen;
399	hostCompLen -= subStrLen;
400	/* start parsing at the wildcard itself */
401	certComp = wildCard;
402	certCompLen -= subStrLen;
403	continue;
404	}
405
406	/*
407	* Currently looking at a wildcard.
408	*
409	* Find substring in hostComp which matches from the char after
410	* the wildcard up to whichever of these comes next:
411	*
412	* -- end of certComp
413	* -- another wildcard
414	*/
415	wildCard++;
416	if(wildCard == endCertComp) {
417	/*
418	* -- Wild card at end of cert's DNS
419	* -- nothing else to match - rest of hostComp is the wildcard
420	* match
421	* -- done, success
422	*/
423	return CSSM_TRUE;
424	}
425
426	const char *afterSubStr; // in certComp
427	afterSubStr = tpSubStr(wildCard, endCertComp - wildCard,
428	"*", 1);
429	if(afterSubStr == NULL) {
430	/* no more wildcards - use end of certComp */
431	afterSubStr = endCertComp;
432	}
433	uint32 subStrLen = afterSubStr - wildCard;
434	const char *foundSub = tpSubStr(hostComp, hostCompLen,
435	wildCard, subStrLen);
436	if(foundSub == NULL) {
437	/* No match of explicit chars */
438	return CSSM_FALSE;
439	}
440
441	/* found it - skip past this substring */
442	hostComp = foundSub + subStrLen;
443	hostCompLen = endHostComp - hostComp;
444	certComp = afterSubStr;
445	certCompLen = endCertComp - afterSubStr;
446
447	} while((hostCompLen != 0) \|\| (certCompLen != 0));
448	if((hostCompLen == 0) && (certCompLen == 0)) {
449	return CSSM_TRUE;
450	}
451	else {
452	/* end of one but not the other */
453	return CSSM_FALSE;
454	}
455	}
5a719ac8 A	456
	457	/*
	458	* Compare hostname, is presented to the TP in
	459	* CSSM_APPLE_TP_SSL_OPTIONS.ServerName, to a server name obtained
	460	* from the server's cert (i.e., from subjectAltName or commonName).
	461	* Limited wildcard checking is performed here.
	462	*
	463	* The incoming hostname is assumed to have been processed by tpToLower();
df0e469f	464	* we'll perform that processing on certName here.
5a719ac8 A	465	*
	466	* Returns CSSM_TRUE on match, else CSSM_FALSE.
	467	*/
	468	CSSM_BOOL tpCompareHostNames(
	469	const char *hostName, // spec'd by app, tpToLower'd
	470	uint32 hostNameLen,
df0e469f A	471	char *certName, // from cert, we tpToLower
df0e469f A	472	uint32 certNameLen)
5a719ac8	473	{
df0e469f	474	tpToLower(certName, certNameLen);
5a719ac8 A	475
	476	/* tolerate optional NULL terminators for both */
	477	if(hostName[hostNameLen - 1] == '\0') {
	478	hostNameLen--;
	479	}
df0e469f A	480	if(certName[certNameLen - 1] == '\0') {
df0e469f A	481	certNameLen--;
5a719ac8 A	482	}
	483
	484	/* case 1: exact match */
df0e469f A	485	if((certNameLen == hostNameLen) &&
df0e469f A	486	!memcmp(certName, hostName, certNameLen)) {
5a719ac8 A	487	return CSSM_TRUE;
	488	}
	489
df0e469f A	490	/*
	491	* Case 2: Compare one component at a time, handling wildcards in
	492	* cert's server name. The characters implicitly matched by a
	493	* wildcard span only one component of a dnsName.
	494	*/
	495	do {
	496	/* get next component from each dnsName */
	497	char hostComp[MAX_DNS_COMP_LEN];
	498	char certComp[MAX_DNS_COMP_LEN];
	499	uint32 hostCompLen;
	500	uint32 certCompLen;
	501
	502	bool foundHost = tpNextDnsComp(hostName, hostNameLen,
	503	hostComp, hostCompLen);
	504	bool foundCert = tpNextDnsComp(certName, certNameLen,
	505	certComp, certCompLen);
	506	if(foundHost != foundCert) {
	507	/* unequal number of components */
	508	tpPolicyError("tpCompareHostNames: wildcard mismatch (1)");
5a719ac8 A	509	return CSSM_FALSE;
5a719ac8 A	510	}
df0e469f A	511	if(!foundHost) {
df0e469f A	512	/* normal successful termination */
5a719ac8 A	513	return CSSM_TRUE;
5a719ac8 A	514	}
df0e469f A	515
	516	/* compare individual components */
	517	if(!tpCompareComps(hostComp, hostCompLen,
	518	certComp, certCompLen)) {
	519	tpPolicyError("tpCompareHostNames: wildcard mismatch (2)");
	520	return CSSM_FALSE;
	521	}
	522
	523	/* skip over this component */
	524	hostName += hostCompLen;
	525	certName += certCompLen;
	526	} while(1);
	527	/* NOT REACHED */
	528	//assert(0):
	529	return CSSM_FALSE;
	530	}
	531
	532	/*
	533	* Compare email address, is presented to the TP in
	534	* CSSM_APPLE_TP_SMIME_OPTIONS.SenderEmail, to a string obtained
	535	* from the sender's cert (i.e., from subjectAltName or Subject DN).
	536	*
	537	* Returns CSSM_TRUE on match, else CSSM_FALSE.
	538	*
	539	* Incomiong appEmail string has already been tpNormalizeAddrSpec'd.
	540	* We do that for certEmail string here.
	541	*/
	542	CSSM_BOOL tpCompareEmailAddr(
	543	const char *appEmail, // spec'd by app, normalized
	544	uint32 appEmailLen,
	545	char *certEmail, // from cert, we normalize
	546	uint32 certEmailLen)
	547	{
	548	tpNormalizeAddrSpec(certEmail, certEmailLen);
	549
	550	/* tolerate optional NULL terminators for both */
	551	if(appEmail[appEmailLen - 1] == '\0') {
	552	appEmailLen--;
	553	}
	554	if(certEmail[certEmailLen - 1] == '\0') {
	555	certEmailLen--;
	556	}
	557	if((certEmailLen == appEmailLen) &&
	558	!memcmp(certEmail, appEmail, certEmailLen)) {
	559	return CSSM_TRUE;
5a719ac8 A	560	}
	561	else {
	562	/* mismatch */
df0e469f	563	tpPolicyError("tpCompareEmailAddr: app/cert email addrs mismatch");
5a719ac8 A	564	return CSSM_FALSE;
	565	}
	566	}