Botan 3.9.0
Crypto and TLS for C&
ocsp.cpp
Go to the documentation of this file.
1/*
2* OCSP
3* (C) 2012,2013 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/ocsp.h>
9
10#include <botan/base64.h>
11#include <botan/ber_dec.h>
12#include <botan/certstor.h>
13#include <botan/der_enc.h>
14#include <botan/pubkey.h>
15#include <botan/x509_ext.h>
16#include <botan/internal/parsing.h>
17
18#include <functional>
19
20#if defined(BOTAN_HAS_HTTP_UTIL)
21 #include <botan/internal/http_util.h>
22#endif
23
24namespace Botan::OCSP {
25
26namespace {
27
28// TODO: should this be in a header somewhere?
29void decode_optional_list(BER_Decoder& ber, ASN1_Type tag, std::vector<X509_Certificate>& output) {
30 BER_Object obj = ber.get_next_object();
31
33 ber.push_back(obj);
34 return;
35 }
36
37 BER_Decoder list(obj);
38 auto seq = list.start_sequence();
39 while(seq.more_items()) {
40 output.push_back([&] {
41 X509_Certificate cert;
42 cert.decode_from(seq);
43 return cert;
44 }());
45 }
46 seq.end_cons();
47}
48
49} // namespace
50
51Request::Request(const X509_Certificate& issuer_cert, const X509_Certificate& subject_cert) :
52 m_issuer(issuer_cert), m_certid(m_issuer, BigInt::from_bytes(subject_cert.serial_number())) {
53 if(subject_cert.issuer_dn() != issuer_cert.subject_dn()) {
54 throw Invalid_Argument("Invalid cert pair to OCSP::Request (mismatched issuer,subject args?)");
55 }
56}
57
58Request::Request(const X509_Certificate& issuer_cert, const BigInt& subject_serial) :
59 m_issuer(issuer_cert), m_certid(m_issuer, subject_serial) {}
60
61std::vector<uint8_t> Request::BER_encode() const {
62 std::vector<uint8_t> output;
63 DER_Encoder(output)
67 .encode(static_cast<size_t>(0)) // version #
71 .encode(m_certid)
72 .end_cons()
73 .end_cons()
74 .end_cons()
75 .end_cons();
76
77 return output;
78}
79
80std::string Request::base64_encode() const {
82}
83
86
87Response::Response(const uint8_t response_bits[], size_t response_bits_len) :
88 m_response_bits(response_bits, response_bits + response_bits_len) {
89 BER_Decoder response_outer = BER_Decoder(m_response_bits).start_sequence();
90
91 size_t resp_status = 0;
92
93 response_outer.decode(resp_status, ASN1_Type::Enumerated, ASN1_Class::Universal);
94
95 m_status = static_cast<Response_Status_Code>(resp_status);
96
97 if(m_status != Response_Status_Code::Successful) {
98 return;
99 }
100
101 if(response_outer.more_items()) {
102 BER_Decoder response_bytes = response_outer.start_context_specific(0).start_sequence();
103
104 response_bytes.decode_and_check(OID({1, 3, 6, 1, 5, 5, 7, 48, 1, 1}), "Unknown response type in OCSP response");
105
106 BER_Decoder basicresponse = BER_Decoder(response_bytes.get_next_octet_string()).start_sequence();
107
108 basicresponse.start_sequence()
109 .raw_bytes(m_tbs_bits)
110 .end_cons()
111 .decode(m_sig_algo)
112 .decode(m_signature, ASN1_Type::BitString);
113 decode_optional_list(basicresponse, ASN1_Type(0), m_certs);
114
115 size_t responsedata_version = 0;
116 Extensions extensions;
117
118 BER_Decoder(m_tbs_bits)
120
122
125
126 .decode(m_produced_at)
127
128 .decode_list(m_responses)
129
131
132 const bool has_signer = !m_signer_name.empty();
133 const bool has_key_hash = !m_key_hash.empty();
134
135 if(has_signer && has_key_hash) {
136 throw Decoding_Error("OCSP response includes both byName and byKey in responderID field");
137 }
138 if(!has_signer && !has_key_hash) {
139 throw Decoding_Error("OCSP response contains neither byName nor byKey in responderID field");
140 }
141 }
142
143 response_outer.end_cons();
144}
145
146bool Response::is_issued_by(const X509_Certificate& candidate) const {
147 if(!m_signer_name.empty()) {
148 return (candidate.subject_dn() == m_signer_name);
149 }
150
151 if(!m_key_hash.empty()) {
152 return (candidate.subject_public_key_bitstring_sha1() == m_key_hash);
153 }
154
155 return false;
156}
157
159 if(m_dummy_response_status) {
160 return m_dummy_response_status.value();
161 }
162
163 if(m_signer_name.empty() && m_key_hash.empty()) {
165 }
166
167 if(!is_issued_by(issuer)) {
169 }
170
171 try {
172 auto pub_key = issuer.subject_public_key();
173
174 PK_Verifier verifier(*pub_key, m_sig_algo);
175
176 if(verifier.verify_message(ASN1::put_in_sequence(m_tbs_bits), m_signature)) {
178 } else {
180 }
181 } catch(Exception&) {
183 }
184}
185
186std::optional<X509_Certificate> Response::find_signing_certificate(
187 const X509_Certificate& issuer_certificate, const Certificate_Store* trusted_ocsp_responders) const {
188 using namespace std::placeholders;
189
190 // Check whether the CA issuing the certificate in question also signed this
191 if(is_issued_by(issuer_certificate)) {
192 return issuer_certificate;
193 }
194
195 // Then try to find a delegated responder certificate in the stapled certs
196 for(const auto& cert : m_certs) {
197 if(this->is_issued_by(cert)) {
198 return cert;
199 }
200 }
201
202 // Last resort: check the additionally provides trusted OCSP responders
203 if(trusted_ocsp_responders != nullptr) {
204 if(!m_key_hash.empty()) {
205 auto signing_cert = trusted_ocsp_responders->find_cert_by_pubkey_sha1(m_key_hash);
206 if(signing_cert) {
207 return signing_cert;
208 }
209 }
210
211 if(!m_signer_name.empty()) {
212 auto signing_cert = trusted_ocsp_responders->find_cert(m_signer_name, {});
213 if(signing_cert) {
214 return signing_cert;
215 }
216 }
217 }
218
219 return std::nullopt;
220}
221
223 const X509_Certificate& subject,
224 std::chrono::system_clock::time_point ref_time,
225 std::chrono::seconds max_age) const {
226 if(m_dummy_response_status) {
227 return m_dummy_response_status.value();
228 }
229
230 for(const auto& response : m_responses) {
231 if(response.certid().is_id_for(issuer, subject)) {
232 X509_Time x509_ref_time(ref_time);
233
234 if(response.cert_status() == 1) {
236 }
237
238 if(response.this_update() > x509_ref_time) {
240 }
241
242 if(response.next_update().time_is_set()) {
243 if(x509_ref_time > response.next_update()) {
245 }
246 } else if(max_age > std::chrono::seconds::zero() &&
247 ref_time - response.this_update().to_std_timepoint() > max_age) {
249 }
250
251 if(response.cert_status() == 0) {
253 } else {
255 }
256 }
257 }
258
260}
261
262#if defined(BOTAN_HAS_HTTP_UTIL)
263
264Response online_check(const X509_Certificate& issuer,
265 const BigInt& subject_serial,
266 std::string_view ocsp_responder,
267 std::chrono::milliseconds timeout) {
268 if(ocsp_responder.empty()) {
269 throw Invalid_Argument("No OCSP responder specified");
270 }
271
272 OCSP::Request req(issuer, subject_serial);
273
274 auto http = HTTP::POST_sync(ocsp_responder, "application/ocsp-request", req.BER_encode(), 1, timeout);
275
276 http.throw_unless_ok();
277
278 // Check the MIME type?
279
280 return OCSP::Response(http.body());
281}
282
283Response online_check(const X509_Certificate& issuer,
284 const X509_Certificate& subject,
285 std::chrono::milliseconds timeout) {
286 if(subject.issuer_dn() != issuer.subject_dn()) {
287 throw Invalid_Argument("Invalid cert pair to OCSP::online_check (mismatched issuer,subject args?)");
288 }
289
290 return online_check(issuer, BigInt::from_bytes(subject.serial_number()), subject.ocsp_responder(), timeout);
291}
292
293#endif
294
295} // namespace Botan::OCSP
BER_Decoder & decode(bool &out)
Definition ber_dec.h:188
bool more_items() const
Definition ber_dec.cpp:204
BER_Decoder & raw_bytes(std::vector< uint8_t, Alloc > &out)
Definition ber_dec.h:174
std::vector< uint8_t > get_next_octet_string()
Definition ber_dec.h:200
BER_Decoder & end_cons()
Definition ber_dec.cpp:312
BER_Decoder & decode_list(std::vector< T > &out, ASN1_Type type_tag=ASN1_Type::Sequence, ASN1_Class class_tag=ASN1_Class::Universal)
Definition ber_dec.h:393
BER_Decoder start_sequence()
Definition ber_dec.h:125
BER_Decoder start_context_specific(uint32_t tag)
Definition ber_dec.h:129
BER_Decoder & decode_optional(T &out, ASN1_Type type_tag, ASN1_Class class_tag, const T &default_value=T())
Definition ber_dec.h:253
BER_Decoder & decode_and_check(const T &expected, std::string_view error_msg)
Definition ber_dec.h:282
BER_Decoder & decode_optional_string(std::vector< uint8_t, Alloc > &out, ASN1_Type real_type, uint32_t expected_tag, ASN1_Class class_tag=ASN1_Class::ContextSpecific)
Definition ber_dec.h:297
static BigInt from_bytes(std::span< const uint8_t > bytes)
Definition bigint.cpp:87
virtual std::optional< X509_Certificate > find_cert_by_pubkey_sha1(const std::vector< uint8_t > &key_hash) const =0
virtual std::optional< X509_Certificate > find_cert(const X509_DN &subject_dn, const std::vector< uint8_t > &key_id) const
Definition certstor.cpp:20
DER_Encoder & end_explicit()
Definition der_enc.cpp:202
DER_Encoder & start_explicit(uint16_t type_tag)
Definition der_enc.cpp:188
DER_Encoder & start_sequence()
Definition der_enc.h:65
DER_Encoder & end_cons()
Definition der_enc.cpp:173
DER_Encoder & encode(bool b)
Definition der_enc.cpp:252
std::string base64_encode() const
Definition ocsp.cpp:80
Request(const X509_Certificate &issuer_cert, const X509_Certificate &subject_cert)
Definition ocsp.cpp:51
std::vector< uint8_t > BER_encode() const
Definition ocsp.cpp:61
BOTAN_FUTURE_EXPLICIT Response(Certificate_Status_Code status)
Definition ocsp.cpp:84
Certificate_Status_Code status_for(const X509_Certificate &issuer, const X509_Certificate &subject, std::chrono::system_clock::time_point ref_time=std::chrono::system_clock::now(), std::chrono::seconds max_age=std::chrono::seconds::zero()) const
Definition ocsp.cpp:222
Response_Status_Code status() const
Definition ocsp.h:181
std::optional< X509_Certificate > find_signing_certificate(const X509_Certificate &issuer_certificate, const Certificate_Store *trusted_ocsp_responders=nullptr) const
Definition ocsp.cpp:186
Certificate_Status_Code verify_signature(const X509_Certificate &signing_certificate) const
Definition ocsp.cpp:158
bool verify_message(const uint8_t msg[], size_t msg_length, const uint8_t sig[], size_t sig_length)
Definition pubkey.cpp:413
const X509_DN & subject_dn() const
Definition x509cert.cpp:411
const std::vector< uint8_t > & subject_public_key_bitstring_sha1() const
Definition x509cert.cpp:383
const X509_DN & issuer_dn() const
Definition x509cert.cpp:407
std::unique_ptr< Public_Key > subject_public_key() const
Definition x509cert.cpp:609
bool empty() const
Definition pkix_types.h:76
std::vector< uint8_t > put_in_sequence(const std::vector< uint8_t > &contents)
Definition asn1_obj.cpp:172
Response POST_sync(std::string_view url, std::string_view content_type, const std::vector< uint8_t > &body, size_t allowable_redirects, std::chrono::milliseconds timeout)
Response_Status_Code
Definition ocsp.h:116
ASN1_Time X509_Time
Definition asn1_obj.h:424
ASN1_Type
Definition asn1_obj.h:43
Certificate_Status_Code
Definition pkix_enums.h:20
size_t base64_encode(char out[], const uint8_t in[], size_t input_length, size_t &input_consumed, bool final_inputs)
Definition base64.cpp:160