2 * The Shibboleth License, Version 1.
4 * University Corporation for Advanced Internet Development, Inc.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
11 * Redistributions of source code must retain the above copyright notice, this
12 * list of conditions and the following disclaimer.
14 * Redistributions in binary form must reproduce the above copyright notice,
15 * this list of conditions and the following disclaimer in the documentation
16 * and/or other materials provided with the distribution, if any, must include
17 * the following acknowledgment: "This product includes software developed by
18 * the University Corporation for Advanced Internet Development
19 * <http://www.ucaid.edu>Internet2 Project. Alternately, this acknowledegement
20 * may appear in the software itself, if and wherever such third-party
21 * acknowledgments normally appear.
23 * Neither the name of Shibboleth nor the names of its contributors, nor
24 * Internet2, nor the University Corporation for Advanced Internet Development,
25 * Inc., nor UCAID may be used to endorse or promote products derived from this
26 * software without specific prior written permission. For written permission,
27 * please contact shibboleth@shibboleth.org
29 * Products derived from this software may not be called Shibboleth, Internet2,
30 * UCAID, or the University Corporation for Advanced Internet Development, nor
31 * may Shibboleth appear in their name, without prior written permission of the
32 * University Corporation for Advanced Internet Development.
35 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
36 * AND WITH ALL FAULTS. ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
37 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
38 * PARTICULAR PURPOSE, AND NON-INFRINGEMENT ARE DISCLAIMED AND THE ENTIRE RISK
39 * OF SATISFACTORY QUALITY, PERFORMANCE, ACCURACY, AND EFFORT IS WITH LICENSEE.
40 * IN NO EVENT SHALL THE COPYRIGHT OWNER, CONTRIBUTORS OR THE UNIVERSITY
41 * CORPORATION FOR ADVANCED INTERNET DEVELOPMENT, INC. BE LIABLE FOR ANY DIRECT,
42 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
43 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
44 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
45 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
46 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
47 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
50 /* XMLTrust.cpp - a trust implementation that uses an XML file
60 #include <sys/types.h>
63 #include <openssl/err.h>
64 #include <openssl/x509v3.h>
65 #include <openssl/x509_vfy.h>
67 #include <log4cpp/Category.hh>
68 #include <xercesc/framework/URLInputSource.hpp>
69 #include <xercesc/util/regx/RegularExpression.hpp>
70 #include <xsec/enc/XSECKeyInfoResolverDefault.hpp>
72 using namespace shibboleth;
74 using namespace log4cpp;
79 int logging_callback(int ok, X509_STORE_CTX* store)
82 Category::getInstance("OpenSSL").error(X509_verify_cert_error_string(store->error));
86 int verify_callback(X509_STORE_CTX* ctx, void* arg)
88 Category::getInstance("OpenSSL").debug("invoking default X509 verify callback");
89 return X509_verify_cert(ctx);
92 class XMLTrustImpl : public ReloadableXMLFileImpl
95 XMLTrustImpl(const char* pathname) : ReloadableXMLFileImpl(pathname), m_wildcard(NULL) { init(); }
96 XMLTrustImpl(const DOMElement* e) : ReloadableXMLFileImpl(e), m_wildcard(NULL) { init(); }
102 KeyAuthority() : m_depth(1) {}
104 X509_STORE* getX509Store();
106 #ifndef HAVE_GOOD_STL
107 vector<const XMLCh*> m_subjects;
109 vector<X509*> m_certs;
110 unsigned short m_depth;
113 vector<DSIGKeyInfoList*> m_keybinds;
114 vector<KeyAuthority*> m_keyauths;
115 KeyAuthority* m_wildcard;
117 typedef map<xstring,KeyAuthority*> AuthMap;
118 typedef map<xstring,DSIGKeyInfoList*> BindMap;
124 class XMLTrust : public ITrust, public ReloadableXMLFile
127 XMLTrust(const DOMElement* e) : ReloadableXMLFile(e) {}
131 const saml::Iterator<IRevocation*>& revocations,
132 const IProviderRole* role, const saml::SAMLSignedObject& token,
133 const saml::Iterator<IMetadata*>& metadatas=EMPTY(IMetadata*)
135 bool attach(const Iterator<IRevocation*>& revocations, const IProviderRole* role, void* ctx);
138 virtual ReloadableXMLFileImpl* newImplementation(const char* pathname, bool first=true) const;
139 virtual ReloadableXMLFileImpl* newImplementation(const DOMElement* e, bool first=true) const;
144 IPlugIn* XMLTrustFactory(const DOMElement* e)
146 XMLTrust* t=new XMLTrust(e);
148 t->getImplementation();
158 ReloadableXMLFileImpl* XMLTrust::newImplementation(const char* pathname, bool first) const
160 return new XMLTrustImpl(pathname);
163 ReloadableXMLFileImpl* XMLTrust::newImplementation(const DOMElement* e, bool first) const
165 return new XMLTrustImpl(e);
168 X509_STORE* XMLTrustImpl::KeyAuthority::getX509Store()
170 NDC ndc("getX509Store");
171 Category& log=Category::getInstance(XMLPROVIDERS_LOGCAT".XMLTrust");
173 // Load the cert vector into a store.
174 X509_STORE* store=X509_STORE_new();
180 for (vector<X509*>::iterator j=m_certs.begin(); j!=m_certs.end(); j++) {
181 if (!X509_STORE_add_cert(store,X509_dup(*j))) {
183 log.warn("failed to add cert: %s", (*j)->name);
191 XMLTrustImpl::KeyAuthority::~KeyAuthority()
193 for (vector<X509*>::iterator i=m_certs.begin(); i!=m_certs.end(); i++)
197 class KeyInfoNodeFilter : public DOMNodeFilter
200 short acceptNode(const DOMNode* node) const
202 // Our filter just skips any trees not rooted by ds:KeyInfo.
203 if (node->getNodeType()==DOMNode::ELEMENT_NODE) {
204 if (saml::XML::isElementNamed(static_cast<const DOMElement*>(node),saml::XML::XMLSIG_NS,L(KeyInfo)))
205 return FILTER_ACCEPT;
207 return FILTER_REJECT;
211 void XMLTrustImpl::init()
213 NDC ndc("XMLTrustImpl");
214 Category& log=Category::getInstance(XMLPROVIDERS_LOGCAT".XMLTrustImpl");
217 if (!saml::XML::isElementNamed(m_root,::XML::TRUST_NS,SHIB_L(Trust))) {
218 log.error("Construction requires a valid trust file: (trust:Trust as root element)");
219 throw TrustException("Construction requires a valid trust file: (trust:Trust as root element)");
222 // Loop over the KeyAuthority elements.
223 DOMNodeList* nlist=m_root->getElementsByTagNameNS(::XML::TRUST_NS,SHIB_L(KeyAuthority));
224 for (int i=0; nlist && i<nlist->getLength(); i++) {
225 KeyAuthority* ka=new KeyAuthority();
226 m_keyauths.push_back(ka);
228 DOMElement* e=static_cast<DOMElement*>(nlist->item(i));
229 const XMLCh* depth=e->getAttributeNS(NULL,SHIB_L(VerifyDepth));
231 ka->m_depth=XMLString::parseInt(depth);
233 // Very rudimentary, grab up all the in-band X509Certificate elements, and flatten into one list.
234 DOMNodeList* certlist=e->getElementsByTagNameNS(saml::XML::XMLSIG_NS,L(X509Certificate));
235 for (int j=0; certlist && j<certlist->getLength(); j++) {
236 auto_ptr_char blob(certlist->item(j)->getFirstChild()->getNodeValue());
237 X509* x=B64_to_X509(blob.get());
239 ka->m_certs.push_back(x);
241 log.warn("unable to create certificate from inline X509Certificate data");
244 // Now look for externally referenced objects.
245 certlist=e->getElementsByTagNameNS(saml::XML::XMLSIG_NS,SHIB_L(RetrievalMethod));
246 for (int k=0; certlist && k<certlist->getLength(); k++) {
247 DOMElement* cert=static_cast<DOMElement*>(certlist->item(k));
248 if (!XMLString::compareString(cert->getAttributeNS(NULL,SHIB_L(Type)),::XML::XMLSIG_RETMETHOD_RAWX509)) {
250 auto_ptr_char fname(cert->getAttributeNS(NULL,SHIB_L(URI)));
251 FILE* f=fopen(fname.get(),"r");
256 ka->m_certs.push_back(x);
262 log.warn("unable to create certificate from externally referenced file");
264 else if (!XMLString::compareString(cert->getAttributeNS(NULL,SHIB_L(Type)),::XML::SHIB_RETMETHOD_PEMX509)) {
267 auto_ptr_char fname(cert->getAttributeNS(NULL,SHIB_L(URI)));
268 FILE* f=fopen(fname.get(),"r");
271 while (x=PEM_read_X509(f,NULL,NULL,NULL)) {
272 ka->m_certs.push_back(x);
277 log.warn("unable to create certificate from externally referenced file");
281 // Now map the ds:KeyName values to the list of certs.
283 DOMElement* sub=saml::XML::getFirstChildElement(e,saml::XML::XMLSIG_NS,SHIB_L(KeyName));
285 const XMLCh* name=sub->getFirstChild()->getNodeValue();
291 ka->m_subjects.push_back(name);
294 sub=saml::XML::getNextSiblingElement(sub,saml::XML::XMLSIG_NS,SHIB_L(KeyName));
297 // If no Subjects, this is a catch-all binding.
300 log.warn("found a wildcard KeyAuthority element, make sure this is what you intend");
304 log.warn("found multiple wildcard KeyAuthority elements, ignoring all but the first");
308 // Now traverse the outer ds:KeyInfo elements. Supposedly this cast just works...
310 KeyInfoNodeFilter filter;
311 XSECKeyInfoResolverDefault resolver;
312 DOMTreeWalker* walker=
313 static_cast<DOMDocumentTraversal*>(m_doc)->createTreeWalker(const_cast<DOMElement*>(m_root),DOMNodeFilter::SHOW_ELEMENT,&filter,false);
314 DOMElement* kidom=static_cast<DOMElement*>(walker->firstChild());
317 DSIGKeyInfoList* KIL = new DSIGKeyInfoList(NULL);
318 // We let XMLSec hack through anything it can. This should evolve over time, or we can
319 // plug in our own KeyResolver later...
320 DOMElement* child=saml::XML::getFirstChildElement(kidom);
323 if (!KIL->addXMLKeyInfo(child))
324 log.warn("skipped unsupported ds:KeyInfo child element (%d)",count2);
325 child=saml::XML::getNextSiblingElement(child);
329 // Dry run...can we resolve to a key?
330 XSECCryptoKey* key=resolver.resolveKey(KIL);
332 // So far so good, now look for the name binding(s).
335 for (size_t index=0; index<KIL->getSize(); index++) {
336 DSIGKeyInfo* info=KIL->item(index);
337 const XMLCh* name=info->getKeyName();
340 m_keybinds.push_back(KIL);
348 log.warn("skipping ds:KeyInfo binding (%d) that does not contain a usable key name",count);
353 log.warn("skipping ds:KeyInfo binding (%d) that does not resolve to a key",count);
356 kidom=static_cast<DOMElement*>(walker->nextSibling());
358 walker->release(); // This just cleans up aggressively, but there's no leak if we don't.
360 catch (SAMLException& e) {
361 log.errorStream() << "Error while parsing trust configuration: " << e.what() << CategoryStream::ENDLINE;
362 for (vector<KeyAuthority*>::iterator i=m_keyauths.begin(); i!=m_keyauths.end(); i++)
364 for (vector<DSIGKeyInfoList*>::iterator j=m_keybinds.begin(); j!=m_keybinds.end(); j++)
369 log.error("Unexpected error while parsing trust configuration");
370 for (vector<KeyAuthority*>::iterator i=m_keyauths.begin(); i!=m_keyauths.end(); i++)
372 for (vector<DSIGKeyInfoList*>::iterator j=m_keybinds.begin(); j!=m_keybinds.end(); j++)
378 XMLTrustImpl::~XMLTrustImpl()
380 for (vector<KeyAuthority*>::iterator i=m_keyauths.begin(); i!=m_keyauths.end(); i++)
382 for (vector<DSIGKeyInfoList*>::iterator j=m_keybinds.begin(); j!=m_keybinds.end(); j++)
386 bool XMLTrust::attach(const Iterator<IRevocation*>& revocations, const IProviderRole* role, void* ctx)
390 saml::NDC ndc("attach");
391 Category& log=Category::getInstance(XMLPROVIDERS_LOGCAT".XMLTrust");
392 XMLTrustImpl* impl=dynamic_cast<XMLTrustImpl*>(getImplementation());
394 // Build a list of the names to match. We include any named KeyDescriptors, and the provider ID and its groups.
395 vector<const XMLCh*> names;
396 Iterator<const IKeyDescriptor*> kdlist=role->getKeyDescriptors();
397 while (kdlist.hasNext()) {
398 const IKeyDescriptor* kd=kdlist.next();
399 if (kd->getUse()!=IKeyDescriptor::signing)
401 DSIGKeyInfoList* kilist=kd->getKeyInfo();
402 for (size_t s=0; kilist && s<kilist->getSize(); s++) {
403 const XMLCh* n=kilist->item(s)->getKeyName();
408 names.push_back(role->getProvider()->getId());
409 Iterator<const XMLCh*> groups=role->getProvider()->getGroups();
410 while (groups.hasNext())
411 names.push_back(groups.next());
413 // Now check each name.
414 XMLTrustImpl::KeyAuthority* kauth=NULL;
415 for (vector<const XMLCh*>::const_iterator name=names.begin(); !kauth && name!=names.end(); name++) {
417 XMLTrustImpl::AuthMap::const_iterator c=impl->m_authMap.find(*name);
418 if (c!=impl->m_authMap.end()) {
420 if (log.isDebugEnabled()) {
421 auto_ptr_char temp(*name);
422 log.debug("KeyAuthority match on %s",temp.get());
426 // Without a decent STL, we trade-off the transcoding by doing a linear search.
427 for (vector<XMLTrustImpl::KeyAuthority*>::const_iterator keyauths=impl->m_keyauths.begin(); !kauth && keyauths!=impl->m_keyauths.end(); keyauths++) {
428 for (vector<const XMLCh*>::const_iterator subs=(*keyauths)->m_subjects.begin(); !kauth && subs!=(*keyauths)->m_subjects.end(); subs++) {
429 if (!XMLString::compareString(*name,*subs)) {
431 if (log.isDebugEnabled()) {
432 auto_ptr_char temp(*name);
433 log.debug("KeyAuthority match on %s",temp.get());
442 if (impl->m_wildcard) {
443 log.warn("applying wildcard KeyAuthority, use with caution!");
444 kauth=impl->m_wildcard;
448 log.warn("no KeyAuthority found to validate SSL connection, leaving it alone");
453 // If we have a match, use the associated keyauth unless we already did...
454 X509_STORE* store=kauth->getX509Store();
457 // Add any relevant CRLs.
458 log.debug("obtaining CRLs for this provider/role");
459 Revocation rev(revocations);
460 Iterator<void*> crls=rev.getRevocationLists(role->getProvider(),role);
461 while (crls.hasNext()) {
462 if (!X509_STORE_add_crl(store,X509_CRL_dup(reinterpret_cast<X509_CRL*>(crls.next())))) {
464 log.warn("failed to add CRL");
468 // Apply store to this context.
469 SSL_CTX_set_verify(reinterpret_cast<SSL_CTX*>(ctx),SSL_VERIFY_PEER,logging_callback);
470 #if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
471 SSL_CTX_set_cert_verify_callback(reinterpret_cast<SSL_CTX*>(ctx),verify_callback,NULL);
473 SSL_CTX_set_cert_verify_callback(reinterpret_cast<SSL_CTX*>(ctx),reinterpret_cast<int (*)()>(verify_callback),NULL);
475 SSL_CTX_set_cert_store(reinterpret_cast<SSL_CTX*>(ctx),store);
476 SSL_CTX_set_verify_depth(reinterpret_cast<SSL_CTX*>(ctx),kauth->m_depth);
487 bool XMLTrust::validate(
488 const saml::Iterator<IRevocation*>& revocations,
489 const IProviderRole* role, const saml::SAMLSignedObject& token,
490 const saml::Iterator<IMetadata*>& metadatas
496 Category& log=Category::getInstance(XMLPROVIDERS_LOGCAT".XMLTrust");
497 XMLTrustImpl* impl=dynamic_cast<XMLTrustImpl*>(getImplementation());
499 // This is where we're going to hide all the juicy SAML trust bits. If we botch it
500 // we can just plug in a new version, hopefully.
502 Metadata metadata(metadatas); // With luck we won't need this.
504 // Did the caller tell us about the signer?
505 const IProvider* provider=(role ? role->getProvider() : NULL);
507 log.debug("no role descriptor passed in, trying to map token to provider");
509 // The first step is to identify the provider responsible for signing the token.
510 // We can't narrow it down to role, because we don't know why the token is being validated.
512 // If it's an assertion, this isn't terribly hard, but we need to hack in support for both
513 // Issuer and NameQualifier as a provider ID. Issuer will be the main one going forward.
514 // 1.0/1.1 origins will be sending a hostname as Issuer, but this won't hit the metadata lookup
515 // and we'll fall back to NameQualifier. Non-Shib SAML origins generally would be based on Issuer.
517 // Responses allow us to try and locate a provider by checking the assertion(s) inside.
518 // Technically somebody could enclose somebody else's assertions, but if the use case is
519 // that advanced, we're probably into SAML 2.0 and we'll have Issuer up top.
521 // Requests...umm, pretty much out of luck. We'll apply our own hack if there's an
522 // attribute query, and use Resource.
524 if (typeid(token)==typeid(SAMLResponse)) {
525 Iterator<SAMLAssertion*> assertions=dynamic_cast<const SAMLResponse&>(token).getAssertions();
526 while (!provider && assertions.hasNext()) {
527 SAMLAssertion* assertion=assertions.next();
528 provider=metadata.lookup(assertion->getIssuer());
530 Iterator<SAMLStatement*> statements=assertion->getStatements();
531 while (!provider && statements.hasNext()) {
532 SAMLSubjectStatement* statement=dynamic_cast<SAMLSubjectStatement*>(statements.next());
533 if (statement && statement->getSubject()->getNameIdentifier()->getNameQualifier())
534 provider=metadata.lookup(statement->getSubject()->getNameIdentifier()->getNameQualifier());
539 else if (typeid(token)==typeid(SAMLAssertion)) {
540 provider=metadata.lookup(dynamic_cast<const SAMLAssertion&>(token).getIssuer());
542 Iterator<SAMLStatement*> statements=dynamic_cast<const SAMLAssertion&>(token).getStatements();
543 while (!provider && statements.hasNext()) {
544 SAMLSubjectStatement* statement=dynamic_cast<SAMLSubjectStatement*>(statements.next());
545 if (statement && statement->getSubject()->getNameIdentifier()->getNameQualifier())
546 provider=metadata.lookup(statement->getSubject()->getNameIdentifier()->getNameQualifier());
550 else if (typeid(token)==typeid(SAMLRequest)) {
551 const SAMLQuery* q=dynamic_cast<const SAMLRequest&>(token).getQuery();
552 if (q && dynamic_cast<const SAMLAttributeQuery*>(q))
553 provider=metadata.lookup(dynamic_cast<const SAMLAttributeQuery*>(q)->getResource());
556 // If we still don't have a provider, there's no likely basis for trust,
557 // but a wildcard KeyAuthority might apply.
558 if (log.isInfoEnabled() && provider) {
559 auto_ptr_char temp(provider->getId());
560 log.info("mapped signed token to provider: %s", temp.get());
563 log.warn("unable to map signed token to provider, only wildcarded trust will apply");
566 vector<const XMLCh*> names;
567 XSECKeyInfoResolverDefault keyResolver;
569 // First, try to resolve a KeyDescriptor from the role into an actual key.
570 // That's the simplest case. Failing that, remember any key names we run across.
573 log.debug("checking for key descriptors that resolve directly");
574 Iterator<const IKeyDescriptor*> kd_i=role->getKeyDescriptors();
575 while (kd_i.hasNext()) {
576 const IKeyDescriptor* kd=kd_i.next();
577 if (kd->getUse()!=IKeyDescriptor::signing)
579 DSIGKeyInfoList* KIL=kd->getKeyInfo();
582 XSECCryptoKey* key=keyResolver.resolveKey(KIL);
584 log.debug("found an inline key, trying it...");
588 log.info("token verified with inline key, nothing more to verify");
591 catch (SAMLException& e) {
592 log.debug("inline key failed: %s", e.what());
596 for (size_t s=0; s<KIL->getSize(); s++) {
597 const XMLCh* n=KIL->item(s)->getKeyName();
605 // Push the provider ID on the key name list. We don't push provider groups in, since
606 // matching groups to a key makes no sense.
608 names.push_back(provider->getId());
610 // No keys inline in metadata. Now we try and find a key inline in trust.
611 log.debug("checking for keys in trust file");
612 DSIGKeyInfoList* KIL=NULL;
613 for (vector<const XMLCh*>::const_iterator name=names.begin(); !KIL && name!=names.end(); name++) {
615 XMLTrustImpl::BindMap::const_iterator c=impl->m_bindMap.find(*name);
616 if (c!=impl->m_bindMap.end()) {
618 if (log.isDebugEnabled()) {
619 auto_ptr_char temp(*name);
620 log.debug("KeyInfo match on %s",temp.get());
624 // Without a decent STL, we trade-off the transcoding by doing a linear search.
625 for (vector<DSIGKeyInfoList*>::const_iterator keybinds=impl->m_keybinds.begin(); !KIL && keybinds!=impl->m_keybinds.end(); keybinds++) {
626 for (size_t s=0; !KIL && s<(*keybinds)->getSize(); s++) {
627 if (!XMLString::compareString(*name,(*keybinds)->item(s)->getKeyName())) {
629 if (log.isDebugEnabled()) {
630 auto_ptr_char temp(*name);
631 log.debug("KeyInfo match on %s",temp.get());
640 // Any inline KeyInfo should ostensible resolve to a key we can try.
641 XSECCryptoKey* key=keyResolver.resolveKey(KIL);
643 log.debug("resolved key, trying it...");
647 log.info("token verified with KeyInfo, nothing more to verify");
650 catch (SAMLException& e) {
651 log.debug("inline key failed: %s", e.what());
655 log.warn("KeyInfo in trust provider did not resolve to a key");
658 // Direct key verification hasn't worked. Now we have to switch over to KeyAuthority-based
659 // validation. The actual verification key has to be inside the token.
660 log.debug("verifying signature using key inside token...");
663 log.info("verified with key inside token, entering validation stage");
665 catch (SAMLException& e) {
667 log.debug("verification using key inside token failed: %s", e.what());
671 // Before we do the cryptogprahy, check that the EE certificate "name" matches
672 // one of the acceptable key "names" for the signer. Without this, we have a gaping
673 // hole in the validation.
674 log.debug("matching token's certificate subject against valid key names...");
675 vector<const XMLCh*> certs;
676 for (unsigned int i=0; i<token.getX509CertificateCount(); i++)
677 certs.push_back(token.getX509Certificate(i));
679 // Decode the EE cert.
680 auto_ptr_char EE(certs[0]);
681 X509* x=B64_to_X509(EE.get());
684 log.error("unable to decode X.509 signing certificate");
688 // Transcode the possible key "names" to UTF-8. For some simple cases, this should
689 // handle UTF-8 encoded DNs in certificates.
690 vector<string> keynames;
691 Iterator<const XMLCh*> iname(names);
692 while (iname.hasNext()) {
693 auto_ptr<char> kn(toUTF8(iname.next()));
694 keynames.push_back(kn.get());
699 X509_NAME* subject=X509_get_subject_name(x);
701 // One way is a direct match to the subject DN.
702 // Seems that the way to do the compare is to write the X509_NAME into a BIO.
703 BIO* b = BIO_new(BIO_s_mem());
704 BIO* b2 = BIO_new(BIO_s_mem());
705 BIO_set_mem_eof_return(b, 0);
706 BIO_set_mem_eof_return(b2, 0);
707 // The flags give us LDAP order instead of X.500, with a comma/space separator.
708 int len=X509_NAME_print_ex(b,subject,0,XN_FLAG_RFC2253|XN_FLAG_SEP_CPLUS_SPC);
709 string subjectstr,subjectstr2;
711 while ((len = BIO_read(b, buf, 255)) > 0) {
715 log.infoStream() << "certificate subject: " << subjectstr << CategoryStream::ENDLINE;
716 len=X509_NAME_print_ex(b2,subject,0,XN_FLAG_RFC2253);
718 while ((len = BIO_read(b2, buf, 255)) > 0) {
723 // Check each keyname.
724 for (vector<string>::const_iterator n=keynames.begin(); n!=keynames.end(); n++) {
725 #ifdef HAVE_STRCASECMP
726 if (!strcasecmp(n->c_str(),subjectstr.c_str()) || !strcasecmp(n->c_str(),subjectstr2.c_str())) {
728 if (!stricmp(n->c_str(),subjectstr.c_str()) || !stricmp(n->c_str(),subjectstr2.c_str())) {
730 log.info("matched full subject DN to a key name");
739 log.debug("unable to match DN, trying TLS-style hostname match");
740 memset(buf,0,sizeof(buf));
741 if (X509_NAME_get_text_by_NID(subject,NID_commonName,buf,255)>0) {
742 for (vector<string>::const_iterator n=keynames.begin(); n!=keynames.end(); n++) {
743 #ifdef HAVE_STRCASECMP
744 if (!strcasecmp(buf,n->c_str())) {
746 if (!stricmp(buf,n->c_str())) {
748 log.info("matched subject CN to a key name");
755 log.warn("no common name in certificate subject");
758 log.debug("unable to match CN, trying DNS subjectAltName"); // I seriously doubt this works.
759 int extcount=X509_get_ext_count(x);
760 for (int c=0; c<extcount; c++) {
761 X509_EXTENSION* ext=X509_get_ext(x,c);
762 const char* extstr=OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(ext)));
763 if (!strcmp(extstr,"subjectAltName")) {
764 X509V3_EXT_METHOD* meth=X509V3_EXT_get(ext);
765 if (!meth || !meth->d2i || !meth->i2v || !ext->value->data) // had to add all these to prevent crashing
767 unsigned char* data=ext->value->data;
768 STACK_OF(CONF_VALUE)* val=meth->i2v(meth,meth->d2i(NULL,&data,ext->value->length),NULL);
769 for (int j=0; j<sk_CONF_VALUE_num(val); j++) {
770 CONF_VALUE* nval=sk_CONF_VALUE_value(val,j);
771 if (!strcmp(nval->name,"DNS") || !strcmp(nval->name,"URI")) {
772 for (vector<string>::const_iterator n=keynames.begin(); n!=keynames.end(); n++) {
773 #ifdef HAVE_STRCASECMP
774 if (!strcasecmp(nval->value,n->c_str())) {
776 if (!stricmp(nval->value,n->c_str())) {
778 log.info("matched DNS subjectAltName to a key name");
791 log.error("certificate has no subject?!");
797 log.error("cannot match certificate subject against provider's key names");
801 // We're ready for the final stage.
802 log.debug("final step, certificate path validation...");
804 // Push any provider groups on the name match list.
806 Iterator<const XMLCh*> groups=provider->getGroups();
807 while (groups.hasNext())
808 names.push_back(groups.next());
811 // Now we hunt the list for a KeyAuthority that matches one of the names.
812 XMLTrustImpl::KeyAuthority* kauth=NULL;
813 for (vector<const XMLCh*>::const_iterator name2=names.begin(); !kauth && name2!=names.end(); name2++) {
815 XMLTrustImpl::AuthMap::const_iterator c=impl->m_authMap.find(*name2);
816 if (c!=impl->m_authMap.end()) {
818 if (log.isDebugEnabled()) {
819 auto_ptr_char temp(*name2);
820 log.debug("KeyAuthority match on %s",temp.get());
824 // Without a decent STL, we trade-off the transcoding by doing a linear search.
825 for (vector<XMLTrustImpl::KeyAuthority*>::const_iterator keyauths=impl->m_keyauths.begin(); !kauth && keyauths!=impl->m_keyauths.end(); keyauths++) {
826 for (vector<const XMLCh*>::const_iterator subs=(*keyauths)->m_subjects.begin(); !kauth && subs!=(*keyauths)->m_subjects.end(); subs++) {
827 if (!XMLString::compareString(*name2,*subs)) {
829 if (log.isDebugEnabled()) {
830 auto_ptr_char temp(*name2);
831 log.debug("KeyAuthority match on %s",temp.get());
840 if (impl->m_wildcard) {
841 log.warn("applying wildcard KeyAuthority, use with caution!");
842 kauth=impl->m_wildcard;
846 log.warn("no KeyAuthority found to validate the token, leaving untrusted");
851 log.debug("building untrusted certificate chain from signature");
852 STACK_OF(X509)* chain=sk_X509_new_null();
853 Iterator<const XMLCh*> icerts(certs);
854 while (icerts.hasNext()) {
855 auto_ptr_char xbuf(icerts.next());
856 X509* x=B64_to_X509(xbuf.get());
859 log.error("unable to parse certificate in signature");
860 sk_X509_pop_free(chain,X509_free);
863 sk_X509_push(chain,x);
866 X509_STORE* store=kauth->getX509Store();
869 log.error("unable to load X509_STORE from KeyAuthority object");
870 sk_X509_pop_free(chain,X509_free);
874 X509_STORE_CTX* ctx=X509_STORE_CTX_new();
878 log.error("unable to create X509_STORE_CTX");
879 X509_STORE_free(store);
880 sk_X509_pop_free(chain,X509_free);
884 #if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
885 if (X509_STORE_CTX_init(ctx,store,sk_X509_value(chain,0),chain)!=1) {
888 log.error("unable to initialize X509_STORE_CTX");
889 X509_STORE_CTX_free(ctx);
890 X509_STORE_free(store);
891 sk_X509_pop_free(chain,X509_free);
895 X509_STORE_CTX_init(ctx,store,sk_X509_value(chain,0),chain);
898 X509_STORE_CTX_set_depth(ctx,kauth->m_depth);
900 // Add any relevant CRLs.
901 log.debug("obtaining CRLs for this provider/role");
902 Revocation rev(revocations);
903 Iterator<void*> crls=rev.getRevocationLists(provider,role);
904 while (crls.hasNext()) {
905 if (!X509_STORE_add_crl(store,X509_CRL_dup(reinterpret_cast<X509_CRL*>(crls.next())))) {
907 log.warn("failed to add CRL");
911 int result=X509_verify_cert(ctx);
912 sk_X509_pop_free(chain,X509_free);
913 X509_STORE_CTX_free(ctx);
914 X509_STORE_free(store);
918 log.info("successfully validated certificate chain, token signature trusted");
922 log.error("failed to validate certificate chain, token signature untrusted");