9#include <botan/x509path.h>
11#include <botan/ocsp.h>
12#include <botan/pk_keys.h>
13#include <botan/x509_ext.h>
14#include <botan/internal/stl_util.h>
22#if defined(BOTAN_HAS_ONLINE_REVOCATION_CHECKS)
23 #include <botan/internal/http_util.h>
27#if defined(BOTAN_HAS_ECC_KEY)
28 #include <botan/ecc_key.h>
37 std::chrono::system_clock::time_point ref_time,
38 std::string_view hostname,
41 if(cert_path.empty()) {
45 const bool self_signed_ee_cert = (cert_path.size() == 1);
51 if(!hostname.empty() && !cert_path[0].matches_dns_name(hostname)) {
55 if(!cert_path[0].allowed_usage(usage)) {
74 for(
size_t i = 0; i != cert_path.size(); ++i) {
75 std::set<Certificate_Status_Code>& status = cert_status.at(i);
77 const bool at_self_signed_root = (i == cert_path.size() - 1);
80 const X509_Certificate& issuer = cert_path[at_self_signed_root ? (i) : (i + 1)];
100 if(dn_ub > 0 && dn_pair.second.size() > dn_ub) {
106 const bool is_trusted_root_and_time_ignored =
110 if(is_trusted_root_and_time_ignored) {
117 if(validation_time > subject.
not_after()) {
118 if(is_trusted_root_and_time_ignored) {
126 if(!issuer.
is_CA_cert() && !self_signed_ee_cert) {
143 const std::string hash_used_for_signature = sig_status.second;
148 if(!trusted_hashes.empty() && !at_self_signed_root) {
149 if(!trusted_hashes.contains(hash_used_for_signature)) {
154 status.insert(sig_status.first);
172 const auto& extensions_vec = extensions.
extensions();
173 if(subject.
x509_version() < 3 && !extensions_vec.empty()) {
176 for(
auto& extension : extensions_vec) {
177 extension.first->validate(subject, issuer, cert_path, cert_status, i);
185 size_t max_path_length = cert_path.size();
186 for(
size_t i = cert_path.size() - 1; i > 0; --i) {
187 std::set<Certificate_Status_Code>& status = cert_status.at(i);
195 if(max_path_length > 0) {
206 if(subject.
path_limit() != Cert_Extension::NO_CERT_PATH_LIMIT && subject.
path_limit() < max_path_length) {
218 const std::vector<X509_Certificate>& extra_certs,
219 const std::vector<Certificate_Store*>& certstores,
220 std::chrono::system_clock::time_point ref_time,
237 if(signing_cert == ca) {
257 const auto ocsp_timeout = std::chrono::milliseconds::zero();
258 const auto relaxed_restrictions =
259 Path_Validation_Restrictions(
false ,
265 relaxed_restrictions,
272 return validation_result.
result();
278 const std::vector<std::optional<OCSP::Response>>& ocsp_responses,
279 const std::vector<Certificate_Store*>& certstores,
280 std::chrono::system_clock::time_point ref_time,
282 if(cert_path.empty()) {
288 for(
size_t i = 0; i != cert_path.size() - 1; ++i) {
289 std::set<Certificate_Status_Code>& status = cert_status.at(i);
294 if(i < ocsp_responses.size() && (ocsp_responses.at(i) != std::nullopt) &&
297 const auto& ocsp_response = ocsp_responses.at(i);
299 if(
auto dummy_status = ocsp_response->dummy_status()) {
301 status.insert(dummy_status.value());
302 }
else if(
auto signing_cert =
306 }
else if(
auto ocsp_signing_cert_status =
307 verify_ocsp_signing_cert(signing_cert.value(),
309 concat(ocsp_response->certificates(), cert_path),
314 status.insert(ocsp_signing_cert_status);
317 status.insert(ocsp_response->status_for(ca, subject, ref_time, restrictions.
max_ocsp_age()));
325 while(!cert_status.empty() && cert_status.back().empty()) {
326 cert_status.pop_back();
333 const std::vector<std::optional<X509_CRL>>& crls,
334 std::chrono::system_clock::time_point ref_time) {
335 if(cert_path.empty()) {
340 const X509_Time validation_time(ref_time);
342 for(
size_t i = 0; i != cert_path.size() - 1; ++i) {
343 std::set<Certificate_Status_Code>& status = cert_status.at(i);
345 if(i < crls.size() && crls[i].has_value()) {
353 if(validation_time < crls[i]->this_update()) {
357 if(validation_time > crls[i]->next_update()) {
362 if(crls[i]->check_signature(*ca_key) ==
false) {
368 if(crls[i]->is_revoked(subject)) {
374 if(dp != crls[i]->crl_issuing_distribution_point()) {
379 for(
const auto& extension : crls[i]->extensions().extensions()) {
384 if(extension.second && !extension.first->oid_of().registered_oid()) {
394 while(!cert_status.empty() && cert_status.back().empty()) {
395 cert_status.pop_back();
402 const std::vector<Certificate_Store*>& certstores,
403 std::chrono::system_clock::time_point ref_time) {
404 if(cert_path.empty()) {
408 if(certstores.empty()) {
412 std::vector<std::optional<X509_CRL>> crls(cert_path.size());
414 for(
size_t i = 0; i != cert_path.size(); ++i) {
415 for(
auto certstore : certstores) {
416 crls[i] = certstore->find_crl_for(cert_path[i]);
426#if defined(BOTAN_HAS_ONLINE_REVOCATION_CHECKS)
429 const std::vector<Certificate_Store*>& trusted_certstores,
430 std::chrono::system_clock::time_point ref_time,
431 std::chrono::milliseconds timeout,
433 if(cert_path.empty()) {
437 std::vector<std::future<std::optional<OCSP::Response>>> ocsp_response_futures;
442 to_ocsp = cert_path.size() - 1;
444 if(cert_path.size() == 1) {
448 for(
size_t i = 0; i < to_ocsp; ++i) {
449 const X509_Certificate& subject = cert_path.at(i);
450 const X509_Certificate& issuer = cert_path.at(i + 1);
452 if(subject.ocsp_responder().empty()) {
453 ocsp_response_futures.emplace_back(std::async(std::launch::deferred, [&]() -> std::optional<OCSP::Response> {
457 ocsp_response_futures.emplace_back(std::async(std::launch::async, [&]() -> std::optional<OCSP::Response> {
458 OCSP::Request req(issuer,
BigInt::decode(subject.serial_number()));
463 "application/ocsp-request",
467 }
catch(std::exception&) {
470 if(http.status_code() != 200) {
475 return OCSP::Response(http.body());
480 std::vector<std::optional<OCSP::Response>> ocsp_responses;
481 ocsp_responses.reserve(ocsp_response_futures.size());
483 for(
auto& ocsp_response_future : ocsp_response_futures) {
484 ocsp_responses.push_back(ocsp_response_future.get());
487 return PKIX::check_ocsp(cert_path, ocsp_responses, trusted_certstores, ref_time, restrictions);
491 const std::vector<Certificate_Store*>& certstores,
492 Certificate_Store_In_Memory* crl_store,
493 std::chrono::system_clock::time_point ref_time,
494 std::chrono::milliseconds timeout) {
495 if(cert_path.empty()) {
496 throw Invalid_Argument(
"PKIX::check_crl_online cert_path empty");
498 if(certstores.empty()) {
499 throw Invalid_Argument(
"PKIX::check_crl_online certstores empty");
502 std::vector<std::future<std::optional<X509_CRL>>> future_crls;
503 std::vector<std::optional<X509_CRL>> crls(cert_path.size());
505 for(
size_t i = 0; i != cert_path.size(); ++i) {
506 const std::optional<X509_Certificate>& cert = cert_path.at(i);
507 for(
auto certstore : certstores) {
508 crls[i] = certstore->find_crl_for(*cert);
509 if(crls[i].has_value()) {
522 future_crls.emplace_back(std::future<std::optional<X509_CRL>>());
523 }
else if(cert->crl_distribution_point().empty()) {
525 future_crls.emplace_back(std::async(std::launch::deferred, [&]() -> std::optional<X509_CRL> {
526 throw Not_Implemented(
"No CRL distribution point for this certificate");
529 future_crls.emplace_back(std::async(std::launch::async, [&]() -> std::optional<X509_CRL> {
534 http.throw_unless_ok();
536 return X509_CRL(http.body());
541 for(
size_t i = 0; i != future_crls.size(); ++i) {
542 if(future_crls[i].valid()) {
544 crls[i] = future_crls[i].get();
545 }
catch(std::exception&) {
555 for(
size_t i = 0; i != crl_status.size(); ++i) {
559 crl_store->add_crl(*crls[i]);
570 const std::vector<Certificate_Store*>& trusted_certstores,
572 const std::vector<X509_Certificate>& end_entity_extra) {
583 std::set<std::string> certs_seen;
585 cert_path.push_back(end_entity);
586 certs_seen.insert(end_entity.
fingerprint(
"SHA-256"));
589 for(
const auto& cert : end_entity_extra) {
599 std::optional<X509_Certificate> issuer;
600 bool trusted_issuer =
false;
603 issuer = store->find_cert(issuer_dn, auth_key_id);
605 trusted_issuer =
true;
612 issuer = ee_extras.
find_cert(issuer_dn, auth_key_id);
619 const std::string fprint = issuer->fingerprint(
"SHA-256");
621 if(certs_seen.contains(fprint))
626 certs_seen.insert(fprint);
627 cert_path.push_back(*issuer);
629 if(issuer->is_self_signed()) {
644using cert_maybe_trusted = std::pair<std::optional<X509_Certificate>,
bool>;
665 const std::vector<Certificate_Store*>& trusted_certstores,
666 const std::optional<X509_Certificate>& end_entity,
667 const std::vector<X509_Certificate>& end_entity_extra) {
668 if(!cert_paths_out.empty()) {
669 throw Invalid_Argument(
"PKIX::build_all_certificate_paths: cert_paths_out must be empty");
672 if(end_entity->is_self_signed()) {
679 std::vector<Certificate_Status_Code> stats;
682 for(
const auto& cert : end_entity_extra) {
692 std::set<std::string> certs_seen;
696 std::vector<X509_Certificate> path_so_far;
699 std::vector<cert_maybe_trusted> stack = {{end_entity,
false}};
701 while(!stack.empty()) {
702 std::optional<X509_Certificate> last = stack.back().first;
704 if(last == std::nullopt) {
706 std::string fprint = path_so_far.back().fingerprint(
"SHA-256");
707 certs_seen.erase(fprint);
708 path_so_far.pop_back();
712 const bool trusted = stack.back().second;
716 const std::string fprint = last->fingerprint(
"SHA-256");
717 if(certs_seen.count(fprint) == 1) {
724 if(last->is_self_signed()) {
727 cert_paths_out.push_back(path_so_far);
728 cert_paths_out.back().push_back(*last);
739 const X509_DN issuer_dn = last->issuer_dn();
740 const std::vector<uint8_t> auth_key_id = last->authority_key_id();
743 std::vector<X509_Certificate> trusted_issuers;
745 auto new_issuers = store->find_all_certs(issuer_dn, auth_key_id);
746 trusted_issuers.insert(trusted_issuers.end(), new_issuers.begin(), new_issuers.end());
750 std::vector<X509_Certificate> misc_issuers = ee_extras.
find_all_certs(issuer_dn, auth_key_id);
753 if(trusted_issuers.empty() && misc_issuers.empty()) {
759 path_so_far.push_back(*last);
760 certs_seen.emplace(fprint);
763 stack.push_back({std::optional<X509_Certificate>(),
false});
765 for(
const auto& trusted_cert : trusted_issuers) {
766 stack.push_back({trusted_cert,
true});
769 for(
const auto& misc : misc_issuers) {
770 stack.push_back({misc,
false});
776 if(cert_paths_out.empty()) {
778 throw Internal_Error(
"X509 path building failed for unknown reasons");
792 if(chain_status.empty()) {
793 throw Invalid_Argument(
"PKIX::merge_revocation_status chain_status was empty");
796 for(
size_t i = 0; i != chain_status.size() - 1; ++i) {
797 bool had_crl =
false, had_ocsp =
false;
799 if(i < crl.size() && !crl[i].empty()) {
800 for(
auto&& code : crl[i]) {
804 chain_status[i].insert(code);
808 if(i < ocsp.size() && !ocsp[i].empty()) {
809 for(
auto&& code : ocsp[i]) {
817 chain_status[i].insert(code);
821 if(had_crl ==
false && had_ocsp ==
false) {
831 if(cert_status.empty()) {
838 for(
const std::set<Certificate_Status_Code>& s : cert_status) {
840 auto worst = *s.rbegin();
852 const std::vector<Certificate_Store*>& trusted_roots,
853 std::string_view hostname,
855 std::chrono::system_clock::time_point ref_time,
856 std::chrono::milliseconds ocsp_timeout,
857 const std::vector<std::optional<OCSP::Response>>& ocsp_resp) {
858 if(end_certs.empty()) {
863 std::vector<X509_Certificate> end_entity_extra;
864 for(
size_t i = 1; i < end_certs.size(); ++i) {
865 end_entity_extra.push_back(end_certs[i]);
868 std::vector<std::vector<X509_Certificate>> cert_paths;
877 std::vector<Path_Validation_Result> error_results;
879 for(
auto cert_path : cert_paths) {
886 if(!ocsp_resp.empty()) {
887 ocsp_status =
PKIX::check_ocsp(cert_path, ocsp_resp, trusted_roots, ref_time, restrictions);
890 if(ocsp_status.empty() && ocsp_timeout != std::chrono::milliseconds(0)) {
891#if defined(BOTAN_TARGET_OS_HAS_THREADS) && defined(BOTAN_HAS_HTTP_UTIL)
892 ocsp_status = PKIX::check_ocsp_online(cert_path, trusted_roots, ref_time, ocsp_timeout, restrictions);
894 ocsp_status.resize(1);
905 error_results.push_back(std::move(pvd));
908 return error_results[0];
913 const std::vector<Certificate_Store*>& trusted_roots,
914 std::string_view hostname,
916 std::chrono::system_clock::time_point when,
917 std::chrono::milliseconds ocsp_timeout,
918 const std::vector<std::optional<OCSP::Response>>& ocsp_resp) {
919 std::vector<X509_Certificate> certs;
920 certs.push_back(end_cert);
921 return x509_path_validate(certs, restrictions, trusted_roots, hostname, usage, when, ocsp_timeout, ocsp_resp);
927 std::string_view hostname,
929 std::chrono::system_clock::time_point when,
930 std::chrono::milliseconds ocsp_timeout,
931 const std::vector<std::optional<OCSP::Response>>& ocsp_resp) {
932 std::vector<Certificate_Store*> trusted_roots;
935 return x509_path_validate(end_certs, restrictions, trusted_roots, hostname, usage, when, ocsp_timeout, ocsp_resp);
941 std::string_view hostname,
943 std::chrono::system_clock::time_point when,
944 std::chrono::milliseconds ocsp_timeout,
945 const std::vector<std::optional<OCSP::Response>>& ocsp_resp) {
946 std::vector<X509_Certificate> certs;
947 certs.push_back(end_cert);
949 std::vector<Certificate_Store*> trusted_roots;
952 return x509_path_validate(certs, restrictions, trusted_roots, hostname, usage, when, ocsp_timeout, ocsp_resp);
957 bool ocsp_intermediates,
958 std::chrono::seconds max_ocsp_age,
959 std::unique_ptr<Certificate_Store> trusted_ocsp_responders,
960 bool ignore_trusted_root_time_range) :
961 m_require_revocation_information(require_rev),
962 m_ocsp_all_intermediates(ocsp_intermediates),
963 m_minimum_key_strength(key_strength),
964 m_max_ocsp_age(max_ocsp_age),
965 m_trusted_ocsp_responders(std::move(trusted_ocsp_responders)),
966 m_ignore_trusted_root_time_range(ignore_trusted_root_time_range) {
967 if(key_strength <= 80) {
968 m_trusted_hashes.insert(
"SHA-1");
971 m_trusted_hashes.insert(
"SHA-224");
972 m_trusted_hashes.insert(
"SHA-256");
973 m_trusted_hashes.insert(
"SHA-384");
974 m_trusted_hashes.insert(
"SHA-512");
975 m_trusted_hashes.insert(
"SHAKE-256(512)");
976 m_trusted_hashes.insert(
"SHAKE-256(912)");
982 for(
const auto& status_set_i : all_statuses) {
983 std::set<Certificate_Status_Code> warning_set_i;
984 for(
const auto& code : status_set_i) {
987 warning_set_i.insert(code);
990 warnings.push_back(warning_set_i);
997 std::vector<X509_Certificate>&& cert_chain) :
998 m_all_status(std::move(status)),
999 m_warnings(find_warnings(m_all_status)),
1000 m_cert_path(cert_chain),
1001 m_overall(PKIX::overall_status(m_all_status)) {}
1004 if(m_cert_path.empty()) {
1005 throw Invalid_State(
"Path_Validation_Result::trust_root no path set");
1008 throw Invalid_State(
"Path_Validation_Result::trust_root meaningless with invalid status");
1011 return m_cert_path[m_cert_path.size() - 1];
1020 for(
const auto& status_set_i : m_warnings) {
1021 if(!status_set_i.empty()) {
1041 return "Unknown error";
1045 const std::string sep(
", ");
1046 std::ostringstream oss;
1047 for(
size_t i = 0; i < m_warnings.size(); i++) {
1048 for(
auto code : m_warnings[i]) {
1049 oss <<
"[" << std::to_string(i) <<
"] " <<
status_string(code) << sep;
1053 std::string res = oss.str();
1055 if(res.size() >= sep.size()) {
1056 res = res.substr(0, res.size() - sep.size());
#define BOTAN_ASSERT_NOMSG(expr)
static BigInt decode(const uint8_t buf[], size_t length)
std::vector< X509_Certificate > find_all_certs(const X509_DN &subject_dn, const std::vector< uint8_t > &key_id) const override
std::optional< X509_Certificate > find_cert(const X509_DN &subject_dn, const std::vector< uint8_t > &key_id) const override
void add_certificate(const X509_Certificate &cert)
bool certificate_known(const X509_Certificate &cert) const
const std::vector< OID > & get_extension_oids() const
std::vector< std::pair< std::unique_ptr< Certificate_Extension >, bool > > extensions() const
bool registered_oid() const
bool require_revocation_information() const
bool ocsp_all_intermediates() const
const std::set< std::string > & trusted_hashes() const
Path_Validation_Restrictions(bool require_rev=false, size_t minimum_key_strength=110, bool ocsp_all_intermediates=false, std::chrono::seconds max_ocsp_age=std::chrono::seconds::zero(), std::unique_ptr< Certificate_Store > trusted_ocsp_responders=std::make_unique< Certificate_Store_In_Memory >(), bool ignore_trusted_root_time_range=false)
std::chrono::seconds max_ocsp_age() const
bool ignore_trusted_root_time_range() const
size_t minimum_key_strength() const
const Certificate_Store * trusted_ocsp_responders() const
Certificate_Status_Code result() const
Path_Validation_Result(CertificatePathStatusCodes status, std::vector< X509_Certificate > &&cert_chain)
bool successful_validation() const
static const char * status_string(Certificate_Status_Code code)
const X509_Certificate & trust_root() const
std::string result_string() const
std::string warnings_string() const
CertificatePathStatusCodes warnings() const
std::string fingerprint(std::string_view hash_name="SHA-1") const
const X509_DN & subject_dn() const
uint32_t path_limit() const
const X509_Time & not_after() const
const std::vector< uint8_t > & authority_key_id() const
const Extensions & v3_extensions() const
bool allowed_usage(Key_Constraints usage) const
const X509_DN & issuer_dn() const
const std::vector< uint8_t > & v2_issuer_key_id() const
uint32_t x509_version() const
std::string crl_distribution_point() const
bool is_self_signed() const
bool is_serial_negative() const
std::unique_ptr< Public_Key > subject_public_key() const
const std::vector< uint8_t > & v2_subject_key_id() const
const X509_Time & not_before() const
static size_t lookup_ub(const OID &oid)
const std::vector< std::pair< OID, ASN1_String > > & dn_info() const
const AlgorithmIdentifier & signature_algorithm() const
std::pair< Certificate_Status_Code, std::string > verify_signature(const Public_Key &key) const
Response POST_sync(std::string_view url, std::string_view content_type, const std::vector< uint8_t > &body, size_t allowable_redirects, std::chrono::milliseconds timeout)
Response GET_sync(std::string_view url, size_t allowable_redirects, std::chrono::milliseconds timeout)
void merge_revocation_status(CertificatePathStatusCodes &chain_status, const CertificatePathStatusCodes &crl_status, const CertificatePathStatusCodes &ocsp_status, const Path_Validation_Restrictions &restrictions)
Certificate_Status_Code build_certificate_path(std::vector< X509_Certificate > &cert_path_out, const std::vector< Certificate_Store * > &trusted_certstores, const X509_Certificate &end_entity, const std::vector< X509_Certificate > &end_entity_extra)
Certificate_Status_Code overall_status(const CertificatePathStatusCodes &cert_status)
CertificatePathStatusCodes check_ocsp(const std::vector< X509_Certificate > &cert_path, const std::vector< std::optional< OCSP::Response > > &ocsp_responses, const std::vector< Certificate_Store * > &certstores, std::chrono::system_clock::time_point ref_time, const Path_Validation_Restrictions &restrictions)
Certificate_Status_Code build_all_certificate_paths(std::vector< std::vector< X509_Certificate > > &cert_paths, const std::vector< Certificate_Store * > &trusted_certstores, const std::optional< X509_Certificate > &end_entity, const std::vector< X509_Certificate > &end_entity_extra)
CertificatePathStatusCodes check_chain(const std::vector< X509_Certificate > &cert_path, std::chrono::system_clock::time_point ref_time, std::string_view hostname, Usage_Type usage, const Path_Validation_Restrictions &restrictions)
CertificatePathStatusCodes check_crl(const std::vector< X509_Certificate > &cert_path, const std::vector< std::optional< X509_CRL > > &crls, std::chrono::system_clock::time_point ref_time)
std::vector< std::set< Certificate_Status_Code > > CertificatePathStatusCodes
Path_Validation_Result x509_path_validate(const std::vector< X509_Certificate > &end_certs, const Path_Validation_Restrictions &restrictions, const std::vector< Certificate_Store * > &trusted_roots, std::string_view hostname, Usage_Type usage, std::chrono::system_clock::time_point ref_time, std::chrono::milliseconds ocsp_timeout, const std::vector< std::optional< OCSP::Response > > &ocsp_resp)
std::string to_string(ErrorType type)
Convert an ErrorType to string.
decltype(auto) concat(Ts &&... buffers)
@ TRUSTED_CERT_NOT_YET_VALID
@ DUPLICATE_CERT_EXTENSION
@ OCSP_RESPONSE_MISSING_KEYUSAGE
@ TRUSTED_CERT_HAS_EXPIRED
@ OCSP_ISSUER_NOT_TRUSTED
@ CA_CERT_NOT_FOR_CRL_ISSUER
@ CA_CERT_NOT_FOR_CERT_ISSUER
@ OCSP_SERVER_NOT_AVAILABLE
@ V2_IDENTIFIERS_IN_V1_CERT
@ SIGNATURE_METHOD_TOO_WEAK