Botan  2.6.0
Crypto and TLS for C++11
ocsp.cpp
Go to the documentation of this file.
1 /*
2 * OCSP
3 * (C) 2012,2013 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/ocsp.h>
9 #include <botan/certstor.h>
10 #include <botan/der_enc.h>
11 #include <botan/ber_dec.h>
12 #include <botan/x509_ext.h>
13 #include <botan/oids.h>
14 #include <botan/base64.h>
15 #include <botan/pubkey.h>
16 #include <botan/parsing.h>
17 
18 #if defined(BOTAN_HAS_HTTP_UTIL)
19  #include <botan/http_util.h>
20 #endif
21 
22 namespace Botan {
23 
24 namespace OCSP {
25 
26 namespace {
27 
28 // TODO: should this be in a header somewhere?
29 void decode_optional_list(BER_Decoder& ber,
30  ASN1_Tag tag,
31  std::vector<X509_Certificate>& output)
32  {
33  BER_Object obj = ber.get_next_object();
34 
35  if(obj.is_a(tag, ASN1_Tag(CONTEXT_SPECIFIC | CONSTRUCTED)) == false)
36  {
37  ber.push_back(obj);
38  return;
39  }
40 
41  BER_Decoder list(obj);
42 
43  while(list.more_items())
44  {
45  BER_Object certbits = list.get_next_object();
46  X509_Certificate cert(certbits.bits(), certbits.length());
47  output.push_back(std::move(cert));
48  }
49  }
50 
51 }
52 
53 Request::Request(const X509_Certificate& issuer_cert,
54  const X509_Certificate& subject_cert) :
55  m_issuer(issuer_cert),
56  m_certid(m_issuer, BigInt::decode(subject_cert.serial_number()))
57  {
58  if(subject_cert.issuer_dn() != issuer_cert.subject_dn())
59  throw Invalid_Argument("Invalid cert pair to OCSP::Request (mismatched issuer,subject args?)");
60  }
61 
62 Request::Request(const X509_Certificate& issuer_cert,
63  const BigInt& subject_serial) :
64  m_issuer(issuer_cert),
65  m_certid(m_issuer, subject_serial)
66  {
67  }
68 
69 std::vector<uint8_t> Request::BER_encode() const
70  {
71  return DER_Encoder().start_cons(SEQUENCE)
72  .start_cons(SEQUENCE)
73  .start_explicit(0)
74  .encode(static_cast<size_t>(0)) // version #
75  .end_explicit()
76  .start_cons(SEQUENCE)
77  .start_cons(SEQUENCE)
78  .encode(m_certid)
79  .end_cons()
80  .end_cons()
81  .end_cons()
82  .end_cons().get_contents_unlocked();
83  }
84 
85 std::string Request::base64_encode() const
86  {
87  return Botan::base64_encode(BER_encode());
88  }
89 
90 Response::Response(Certificate_Status_Code status)
91  {
92  m_dummy_response_status = status;
93  }
94 
95 Response::Response(const uint8_t response_bits[], size_t response_bits_len) :
96  m_response_bits(response_bits, response_bits + response_bits_len)
97  {
98  m_dummy_response_status = Certificate_Status_Code::OCSP_RESPONSE_INVALID;
99 
100  BER_Decoder response_outer = BER_Decoder(m_response_bits).start_cons(SEQUENCE);
101 
102  size_t resp_status = 0;
103 
104  response_outer.decode(resp_status, ENUMERATED, UNIVERSAL);
105 
106  if(resp_status != 0)
107  throw Exception("OCSP response status " + std::to_string(resp_status));
108 
109  if(response_outer.more_items())
110  {
111  BER_Decoder response_bytes =
112  response_outer.start_cons(ASN1_Tag(0), CONTEXT_SPECIFIC).start_cons(SEQUENCE);
113 
114  response_bytes.decode_and_check(OID("1.3.6.1.5.5.7.48.1.1"),
115  "Unknown response type in OCSP response");
116 
117  BER_Decoder basicresponse =
118  BER_Decoder(response_bytes.get_next_octet_string()).start_cons(SEQUENCE);
119 
120  basicresponse.start_cons(SEQUENCE)
121  .raw_bytes(m_tbs_bits)
122  .end_cons()
123  .decode(m_sig_algo)
124  .decode(m_signature, BIT_STRING);
125  decode_optional_list(basicresponse, ASN1_Tag(0), m_certs);
126 
127  size_t responsedata_version = 0;
128  Extensions extensions;
129 
130  BER_Decoder(m_tbs_bits)
131  .decode_optional(responsedata_version, ASN1_Tag(0),
132  ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC))
133 
134  .decode_optional(m_signer_name, ASN1_Tag(1),
135  ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC))
136 
137  .decode_optional_string(m_key_hash, OCTET_STRING, 2,
138  ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC))
139 
140  .decode(m_produced_at)
141 
142  .decode_list(m_responses)
143 
144  .decode_optional(extensions, ASN1_Tag(1),
145  ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC));
146  }
147 
148  response_outer.end_cons();
149  }
150 
151 Certificate_Status_Code Response::verify_signature(const X509_Certificate& issuer) const
152  {
153  if (m_responses.empty())
154  return m_dummy_response_status;
155 
156  try
157  {
158  std::unique_ptr<Public_Key> pub_key(issuer.subject_public_key());
159 
160  const std::vector<std::string> sig_info =
161  split_on(OIDS::lookup(m_sig_algo.get_oid()), '/');
162 
163  if(sig_info.size() != 2 || sig_info[0] != pub_key->algo_name())
164  return Certificate_Status_Code::OCSP_RESPONSE_INVALID;
165 
166  std::string padding = sig_info[1];
167  Signature_Format format = (pub_key->message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
168 
169  PK_Verifier verifier(*pub_key, padding, format);
170 
171  if(verifier.verify_message(ASN1::put_in_sequence(m_tbs_bits), m_signature))
172  return Certificate_Status_Code::OCSP_SIGNATURE_OK;
173  else
174  return Certificate_Status_Code::OCSP_SIGNATURE_ERROR;
175  }
176  catch(Exception&)
177  {
178  return Certificate_Status_Code::OCSP_SIGNATURE_ERROR;
179  }
180  }
181 
182 Certificate_Status_Code Response::check_signature(const std::vector<Certificate_Store*>& trusted_roots,
183  const std::vector<std::shared_ptr<const X509_Certificate>>& ee_cert_path) const
184  {
185  if (m_responses.empty())
186  return m_dummy_response_status;
187 
188  std::shared_ptr<const X509_Certificate> signing_cert;
189 
190  for(size_t i = 0; i != trusted_roots.size(); ++i)
191  {
192  if(m_signer_name.empty() && m_key_hash.empty())
193  return Certificate_Status_Code::OCSP_RESPONSE_INVALID;
194 
195  if(!m_signer_name.empty())
196  {
197  signing_cert = trusted_roots[i]->find_cert(m_signer_name, std::vector<uint8_t>());
198  if(signing_cert)
199  {
200  break;
201  }
202  }
203 
204  if(m_key_hash.size() > 0)
205  {
206  signing_cert = trusted_roots[i]->find_cert_by_pubkey_sha1(m_key_hash);
207  if(signing_cert)
208  {
209  break;
210  }
211  }
212  }
213 
214  if(!signing_cert && ee_cert_path.size() > 1)
215  {
216  // End entity cert is not allowed to sign their own OCSP request :)
217  for(size_t i = 1; i < ee_cert_path.size(); ++i)
218  {
219  // Check all CA certificates in the (assumed validated) EE cert path
220  if(!m_signer_name.empty() && ee_cert_path[i]->subject_dn() == m_signer_name)
221  {
222  signing_cert = ee_cert_path[i];
223  break;
224  }
225 
226  if(m_key_hash.size() > 0 && ee_cert_path[i]->subject_public_key_bitstring_sha1() == m_key_hash)
227  {
228  signing_cert = ee_cert_path[i];
229  break;
230  }
231  }
232  }
233 
234  if(!signing_cert && m_certs.size() > 0)
235  {
236  for(size_t i = 0; i < m_certs.size(); ++i)
237  {
238  // Check all CA certificates in the (assumed validated) EE cert path
239  if(!m_signer_name.empty() && m_certs[i].subject_dn() == m_signer_name)
240  {
241  signing_cert = std::make_shared<const X509_Certificate>(m_certs[i]);
242  break;
243  }
244 
245  if(m_key_hash.size() > 0 && m_certs[i].subject_public_key_bitstring_sha1() == m_key_hash)
246  {
247  signing_cert = std::make_shared<const X509_Certificate>(m_certs[i]);
248  break;
249  }
250  }
251  }
252 
253  if(!signing_cert)
254  return Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND;
255 
256  if(!signing_cert->allowed_usage(CRL_SIGN) &&
257  !signing_cert->allowed_extended_usage("PKIX.OCSPSigning"))
258  {
259  return Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE;
260  }
261 
262  return this->verify_signature(*signing_cert);
263  }
264 
265 Certificate_Status_Code Response::status_for(const X509_Certificate& issuer,
266  const X509_Certificate& subject,
267  std::chrono::system_clock::time_point ref_time) const
268  {
269  if (m_responses.empty())
270  return m_dummy_response_status;
271 
272  for(const auto& response : m_responses)
273  {
274  if(response.certid().is_id_for(issuer, subject))
275  {
276  X509_Time x509_ref_time(ref_time);
277 
278  if(response.cert_status() == 1)
279  return Certificate_Status_Code::CERT_IS_REVOKED;
280 
281  if(response.this_update() > x509_ref_time)
282  return Certificate_Status_Code::OCSP_NOT_YET_VALID;
283 
284  if(response.next_update().time_is_set() && x509_ref_time > response.next_update())
285  return Certificate_Status_Code::OCSP_HAS_EXPIRED;
286 
287  if(response.cert_status() == 0)
288  return Certificate_Status_Code::OCSP_RESPONSE_GOOD;
289  else
290  return Certificate_Status_Code::OCSP_BAD_STATUS;
291  }
292  }
293 
294  return Certificate_Status_Code::OCSP_CERT_NOT_LISTED;
295  }
296 
297 #if defined(BOTAN_HAS_HTTP_UTIL)
298 
299 Response online_check(const X509_Certificate& issuer,
300  const BigInt& subject_serial,
301  const std::string& ocsp_responder,
302  Certificate_Store* trusted_roots,
303  std::chrono::milliseconds timeout)
304  {
305  if(ocsp_responder.empty())
306  throw Invalid_Argument("No OCSP responder specified");
307 
308  OCSP::Request req(issuer, subject_serial);
309 
310  auto http = HTTP::POST_sync(ocsp_responder,
311  "application/ocsp-request",
312  req.BER_encode(),
313  1,
314  timeout);
315 
316  http.throw_unless_ok();
317 
318  // Check the MIME type?
319 
320  OCSP::Response response(http.body());
321 
322  std::vector<Certificate_Store*> trusted_roots_vec;
323  trusted_roots_vec.push_back(trusted_roots);
324 
325  if(trusted_roots)
326  response.check_signature(trusted_roots_vec);
327 
328  return response;
329  }
330 
331 
332 Response online_check(const X509_Certificate& issuer,
333  const X509_Certificate& subject,
334  Certificate_Store* trusted_roots,
335  std::chrono::milliseconds timeout)
336  {
337  if(subject.issuer_dn() != issuer.subject_dn())
338  throw Invalid_Argument("Invalid cert pair to OCSP::online_check (mismatched issuer,subject args?)");
339 
340  return online_check(issuer,
341  BigInt::decode(subject.serial_number()),
342  subject.ocsp_responder(),
343  trusted_roots,
344  timeout);
345  }
346 
347 #endif
348 
349 }
350 
351 }
Botan::Invalid_Argument
Definition: exceptn.h:33
Botan::DER_Encoder::get_contents_unlocked
std::vector< uint8_t > get_contents_unlocked()
Definition: der_enc.h:27
Botan::PK_Verifier::verify_message
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
Definition: pubkey.cpp:281
Botan::X509_DN::empty
bool empty() const
Definition: x509_dn.h:52
Botan::split_on
std::vector< std::string > split_on(const std::string &str, char delim)
Definition: parsing.cpp:144
Botan::HTTP::POST_sync
Response POST_sync(const std::string &url, const std::string &content_type, const std::vector< uint8_t > &body, size_t allowable_redirects, std::chrono::milliseconds timeout)
Definition: http_util.cpp:242
Botan::BER_Decoder::decode_optional_string
BER_Decoder & decode_optional_string(std::vector< uint8_t, Alloc > &out, ASN1_Tag real_type, uint16_t type_no, ASN1_Tag class_tag=CONTEXT_SPECIFIC)
Definition: ber_dec.h:179
Botan::BER_Decoder::decode_and_check
BER_Decoder & decode_and_check(const T &expected, const std::string &error_msg)
Definition: ber_dec.h:163
Botan::Signature_Format
Signature_Format
Definition: pubkey.h:27
Botan::X509_Certificate::subject_public_key
Public_Key * subject_public_key() const
Definition: x509cert.h:49
Botan::BER_Decoder::decode
BER_Decoder & decode(bool &v)
Definition: ber_dec.cpp:338
Botan::DER_Encoder::end_explicit
DER_Encoder & end_explicit()
Definition: der_enc.cpp:173
Botan::ASN1::to_string
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:145
Botan::ASN1_Tag
ASN1_Tag
Definition: asn1_obj.h:22
Botan::BER_Decoder::raw_bytes
BER_Decoder & raw_bytes(std::vector< uint8_t, Alloc > &out)
Definition: ber_dec.h:73
Botan::DER_Encoder::end_cons
DER_Encoder & end_cons()
Definition: der_enc.cpp:146
Botan::X509_Certificate::ocsp_responder
std::string ocsp_responder() const
Definition: x509cert.cpp:557
Botan::DER_Encoder::encode
DER_Encoder & encode(bool b)
Definition: der_enc.cpp:202
Botan::BER_Decoder::decode_optional
BER_Decoder & decode_optional(T &out, ASN1_Tag type_tag, ASN1_Tag class_tag, const T &default_value=T())
Definition: ber_dec.h:232
Botan::OCSP::Request::base64_encode
std::string base64_encode() const
Definition: ocsp.cpp:85
Botan::DER_Encoder
Definition: der_enc.h:22
Botan::X509_Certificate
Definition: x509cert.h:39
Botan::OCSP::Response::status_for
Certificate_Status_Code status_for(const X509_Certificate &issuer, const X509_Certificate &subject, std::chrono::system_clock::time_point ref_time=std::chrono::system_clock::now()) const
Definition: ocsp.cpp:265
Botan::X509_Certificate::subject_dn
const X509_DN & subject_dn() const
Definition: x509cert.cpp:429
Botan::base64_encode
size_t base64_encode(char out[], const uint8_t in[], size_t input_length, size_t &input_consumed, bool final_inputs)
Definition: base64.cpp:35
Botan::BER_Decoder::end_cons
BER_Decoder & end_cons()
Definition: ber_dec.cpp:253
Botan::OCSP::Response::verify_signature
Certificate_Status_Code verify_signature(const X509_Certificate &issuer) const
Definition: ocsp.cpp:151
Botan::PEM_Code::decode
secure_vector< uint8_t > decode(DataSource &source, std::string &label)
Definition: pem.cpp:68
Botan::X509_Certificate::issuer_dn
const X509_DN & issuer_dn() const
Definition: x509cert.cpp:424
Botan::BER_Decoder::start_cons
BER_Decoder start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
Definition: ber_dec.cpp:239
Botan
Definition: alg_id.cpp:13
Botan::PK_Verifier
Definition: pubkey.h:286
Botan::ASN1::put_in_sequence
std::vector< uint8_t > put_in_sequence(const std::vector< uint8_t > &contents)
Definition: asn1_obj.cpp:128
Botan::OCSP::Request::Request
Request(const X509_Certificate &issuer_cert, const X509_Certificate &subject_cert)
Definition: ocsp.cpp:53
Botan::AlgorithmIdentifier::get_oid
const OID & get_oid() const
Definition: alg_id.h:37
Botan::OCSP::Request::BER_encode
std::vector< uint8_t > BER_encode() const
Definition: ocsp.cpp:69
Botan::DER_Encoder::start_cons
DER_Encoder & start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag=UNIVERSAL)
Definition: der_enc.cpp:136
Botan::BER_Decoder::decode_list
BER_Decoder & decode_list(std::vector< T > &out, ASN1_Tag type_tag=SEQUENCE, ASN1_Tag class_tag=UNIVERSAL)
Definition: ber_dec.h:290
Botan::X509_Certificate::serial_number
const std::vector< uint8_t > & serial_number() const
Definition: x509cert.cpp:413
Botan::Certificate_Store
Definition: certstor.h:19
Botan::Certificate_Status_Code
Certificate_Status_Code
Definition: cert_status.h:18
Botan::BER_Decoder::get_next_octet_string
std::vector< uint8_t > get_next_octet_string()
Definition: ber_dec.cpp:367
Botan::BER_Decoder::more_items
bool more_items() const
Definition: ber_dec.cpp:153
Botan::BER_Decoder
Definition: ber_dec.h:19
Botan::OIDS::lookup
std::string lookup(const OID &oid)
Definition: oids.cpp:113
Botan::X509_Time
Definition: asn1_time.h:19
Botan::BigInt::decode
static BigInt decode(const uint8_t buf[], size_t length, Base base=Binary)
Definition: big_code.cpp:114
Botan::DER_Encoder::start_explicit
DER_Encoder & start_explicit(uint16_t type_tag)
Definition: der_enc.cpp:160
Botan::OCSP::Response::check_signature
Certificate_Status_Code check_signature(const std::vector< Certificate_Store *> &trust_roots, const std::vector< std::shared_ptr< const X509_Certificate >> &cert_path={}) const
Definition: ocsp.cpp:182
Generated by   doxygen 1.8.14