1 // Copyright 2016 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "path_builder.h" 6 7 #include <cstdint> 8 9 #include "fillins/log.h" 10 #include "fillins/net_errors.h" 11 12 #include "cert_issuer_source_static.h" 13 #include "common_cert_errors.h" 14 #include "crl.h" 15 #include "parse_certificate.h" 16 #include "parsed_certificate.h" 17 #include "simple_path_builder_delegate.h" 18 #include "trust_store_in_memory.h" 19 #include "verify_certificate_chain.h" 20 #include "encode_values.h" 21 #include "input.h" 22 #include <openssl/pool.h> 23 24 #include "nist_pkits_unittest.h" 25 26 constexpr int64_t kOneYear = 60 * 60 * 24 * 365; 27 28 namespace bssl { 29 30 namespace { 31 32 class CrlCheckingPathBuilderDelegate : public SimplePathBuilderDelegate { 33 public: CrlCheckingPathBuilderDelegate(const std::vector<std::string> & der_crls,int64_t verify_time,int64_t max_age,size_t min_rsa_modulus_length_bits,DigestPolicy digest_policy)34 CrlCheckingPathBuilderDelegate(const std::vector<std::string>& der_crls, 35 int64_t verify_time, 36 int64_t max_age, 37 size_t min_rsa_modulus_length_bits, 38 DigestPolicy digest_policy) 39 : SimplePathBuilderDelegate(min_rsa_modulus_length_bits, digest_policy), 40 der_crls_(der_crls), 41 verify_time_(verify_time), 42 max_age_(max_age) {} 43 CheckPathAfterVerification(const CertPathBuilder & path_builder,CertPathBuilderResultPath * path)44 void CheckPathAfterVerification(const CertPathBuilder& path_builder, 45 CertPathBuilderResultPath* path) override { 46 SimplePathBuilderDelegate::CheckPathAfterVerification(path_builder, path); 47 48 if (!path->IsValid()) 49 return; 50 51 // It would be preferable if this test could use 52 // CheckValidatedChainRevocation somehow, but that only supports getting 53 // CRLs by http distributionPoints. So this just settles for writing a 54 // little bit of wrapper code to test CheckCRL directly. 55 const ParsedCertificateList& certs = path->certs; 56 for (size_t reverse_i = 0; reverse_i < certs.size(); ++reverse_i) { 57 size_t i = certs.size() - reverse_i - 1; 58 59 // Trust anchors bypass OCSP/CRL revocation checks. (The only way to 60 // revoke trust anchors is via CRLSet or the built-in SPKI block list). 61 if (reverse_i == 0 && path->last_cert_trust.IsTrustAnchor()) 62 continue; 63 64 // RFC 5280 6.3.3. [If the CRL was not specified in a distribution 65 // point], assume a DP with both the reasons and the 66 // cRLIssuer fields omitted and a distribution point 67 // name of the certificate issuer. 68 // Since this implementation only supports URI names in distribution 69 // points, this means a default-initialized ParsedDistributionPoint is 70 // sufficient. 71 ParsedDistributionPoint fake_cert_dp; 72 const ParsedDistributionPoint* cert_dp = &fake_cert_dp; 73 74 // If the target cert does have a distribution point, use it. 75 std::vector<ParsedDistributionPoint> distribution_points; 76 ParsedExtension crl_dp_extension; 77 if (certs[i]->GetExtension(der::Input(kCrlDistributionPointsOid), 78 &crl_dp_extension)) { 79 ASSERT_TRUE(ParseCrlDistributionPoints(crl_dp_extension.value, 80 &distribution_points)); 81 // TODO(mattm): some test cases (some of the 4.14.* onlySomeReasons 82 // tests)) have two CRLs and two distribution points, one point 83 // corresponding to each CRL. Should select the matching point for 84 // each CRL. (Doesn't matter currently since we don't support 85 // reasons.) 86 87 // Look for a DistributionPoint without reasons. 88 for (const auto& dp : distribution_points) { 89 if (!dp.reasons) { 90 cert_dp = &dp; 91 break; 92 } 93 } 94 // If there were only DistributionPoints with reasons, just use the 95 // first one. 96 if (cert_dp == &fake_cert_dp && !distribution_points.empty()) 97 cert_dp = &distribution_points[0]; 98 } 99 100 bool cert_good = false; 101 102 for (const auto& der_crl : der_crls_) { 103 CRLRevocationStatus crl_status = 104 CheckCRL(der_crl, certs, i, *cert_dp, verify_time_, max_age_); 105 if (crl_status == CRLRevocationStatus::REVOKED) { 106 path->errors.GetErrorsForCert(i)->AddError( 107 cert_errors::kCertificateRevoked); 108 return; 109 } 110 if (crl_status == CRLRevocationStatus::GOOD) { 111 cert_good = true; 112 break; 113 } 114 } 115 if (!cert_good) { 116 // PKITS tests assume hard-fail revocation checking. 117 // From PKITS 4.4: "When running the tests in this section, the 118 // application should be configured in such a way that the 119 // certification path is not accepted unless valid, up-to-date 120 // revocation data is available for every certificate in the path." 121 path->errors.GetErrorsForCert(i)->AddError( 122 cert_errors::kUnableToCheckRevocation); 123 } 124 } 125 } 126 127 private: 128 std::vector<std::string> der_crls_; 129 int64_t verify_time_; 130 int64_t max_age_; 131 }; 132 133 class PathBuilderPkitsTestDelegate { 134 public: RunTest(std::vector<std::string> cert_ders,std::vector<std::string> crl_ders,const PkitsTestInfo & orig_info)135 static void RunTest(std::vector<std::string> cert_ders, 136 std::vector<std::string> crl_ders, 137 const PkitsTestInfo& orig_info) { 138 PkitsTestInfo info = orig_info; 139 140 ASSERT_FALSE(cert_ders.empty()); 141 ParsedCertificateList certs; 142 for (const std::string& der : cert_ders) { 143 CertErrors errors; 144 ASSERT_TRUE(ParsedCertificate::CreateAndAddToVector( 145 bssl::UniquePtr<CRYPTO_BUFFER>( 146 CRYPTO_BUFFER_new(reinterpret_cast<const uint8_t*>(der.data()), 147 der.size(), nullptr)), 148 {}, &certs, &errors)) 149 << errors.ToDebugString(); 150 } 151 // First entry in the PKITS chain is the trust anchor. 152 // TODO(mattm): test with all possible trust anchors in the trust store? 153 TrustStoreInMemory trust_store; 154 155 trust_store.AddTrustAnchor(certs[0]); 156 157 // TODO(mattm): test with other irrelevant certs in cert_issuer_sources? 158 CertIssuerSourceStatic cert_issuer_source; 159 for (size_t i = 1; i < cert_ders.size() - 1; ++i) 160 cert_issuer_source.AddCert(certs[i]); 161 162 std::shared_ptr<const ParsedCertificate> target_cert(certs.back()); 163 164 int64_t verify_time; 165 ASSERT_TRUE(der::GeneralizedTimeToPosixTime(info.time, &verify_time)); 166 CrlCheckingPathBuilderDelegate path_builder_delegate( 167 crl_ders, verify_time, /*max_age=*/kOneYear * 2, 1024, 168 SimplePathBuilderDelegate::DigestPolicy::kWeakAllowSha1); 169 170 std::string_view test_number = info.test_number; 171 if (test_number == "4.4.19" || test_number == "4.5.3" || 172 test_number == "4.5.4" || test_number == "4.5.6") { 173 // 4.4.19 - fails since CRL is signed by a certificate that is not part 174 // of the verified chain, which is not supported. 175 // 4.5.3 - fails since non-URI distribution point names are not supported 176 // 4.5.4, 4.5.6 - fails since CRL is signed by a certificate that is not 177 // part of verified chain, and also non-URI distribution 178 // point names not supported 179 info.should_validate = false; 180 } else if (test_number == "4.14.1" || test_number == "4.14.4" || 181 test_number == "4.14.5" || test_number == "4.14.7" || 182 test_number == "4.14.18" || test_number == "4.14.19" || 183 test_number == "4.14.22" || test_number == "4.14.24" || 184 test_number == "4.14.25" || test_number == "4.14.28" || 185 test_number == "4.14.29" || test_number == "4.14.30" || 186 test_number == "4.14.33") { 187 // 4.14 tests: 188 // .1 - fails since non-URI distribution point names not supported 189 // .2, .3 - fails since non-URI distribution point names not supported 190 // (but test is expected to fail for other reason) 191 // .4, .5 - fails since non-URI distribution point names not supported, 192 // also uses nameRelativeToCRLIssuer which is not supported 193 // .6 - fails since non-URI distribution point names not supported, also 194 // uses nameRelativeToCRLIssuer which is not supported (but test is 195 // expected to fail for other reason) 196 // .7 - fails since relative distributionPointName not supported 197 // .8, .9 - fails since relative distributionPointName not supported (but 198 // test is expected to fail for other reason) 199 // .10, .11, .12, .13, .14, .27, .35 - PASS 200 // .15, .16, .17, .20, .21 - fails since onlySomeReasons is not supported 201 // (but test is expected to fail for other 202 // reason) 203 // .18, .19 - fails since onlySomeReasons is not supported 204 // .22, .24, .25, .28, .29, .30, .33 - fails since indirect CRLs are not 205 // supported 206 // .23, .26, .31, .32, .34 - fails since indirect CRLs are not supported 207 // (but test is expected to fail for other 208 // reason) 209 info.should_validate = false; 210 } else if (test_number == "4.15.1" || test_number == "4.15.5") { 211 // 4.15 tests: 212 // .1 - fails due to unhandled critical deltaCRLIndicator extension 213 // .2, .3, .6, .7, .8, .9, .10 - PASS since expected cert status is 214 // reflected in base CRL and delta CRL is 215 // ignored 216 // .5 - fails, cert status is "on hold" in base CRL but the delta CRL 217 // which removes the cert from CRL is ignored 218 info.should_validate = false; 219 } else if (test_number == "4.15.4") { 220 // 4.15.4 - Invalid delta-CRL Test4 has the target cert marked revoked in 221 // a delta-CRL. Since delta-CRLs are not supported, the chain validates 222 // successfully. 223 info.should_validate = true; 224 } 225 226 CertPathBuilder path_builder( 227 std::move(target_cert), &trust_store, &path_builder_delegate, info.time, 228 KeyPurpose::ANY_EKU, info.initial_explicit_policy, 229 info.initial_policy_set, info.initial_policy_mapping_inhibit, 230 info.initial_inhibit_any_policy); 231 path_builder.AddCertIssuerSource(&cert_issuer_source); 232 233 CertPathBuilder::Result result = path_builder.Run(); 234 235 if (info.should_validate != result.HasValidPath()) { 236 for (size_t i = 0; i < result.paths.size(); ++i) { 237 const bssl::CertPathBuilderResultPath* result_path = 238 result.paths[i].get(); 239 LOG(ERROR) << "path " << i << " errors:\n" 240 << result_path->errors.ToDebugString(result_path->certs); 241 } 242 } 243 244 ASSERT_EQ(info.should_validate, result.HasValidPath()); 245 246 if (result.HasValidPath()) { 247 EXPECT_EQ(info.user_constrained_policy_set, 248 result.GetBestValidPath()->user_constrained_policy_set); 249 } 250 } 251 }; 252 253 } // namespace 254 255 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 256 PkitsTest01SignatureVerification, 257 PathBuilderPkitsTestDelegate); 258 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 259 PkitsTest02ValidityPeriods, 260 PathBuilderPkitsTestDelegate); 261 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 262 PkitsTest03VerifyingNameChaining, 263 PathBuilderPkitsTestDelegate); 264 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 265 PkitsTest04BasicCertificateRevocationTests, 266 PathBuilderPkitsTestDelegate); 267 INSTANTIATE_TYPED_TEST_SUITE_P( 268 PathBuilder, 269 PkitsTest05VerifyingPathswithSelfIssuedCertificates, 270 PathBuilderPkitsTestDelegate); 271 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 272 PkitsTest06VerifyingBasicConstraints, 273 PathBuilderPkitsTestDelegate); 274 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 275 PkitsTest07KeyUsage, 276 PathBuilderPkitsTestDelegate); 277 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 278 PkitsTest08CertificatePolicies, 279 PathBuilderPkitsTestDelegate); 280 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 281 PkitsTest09RequireExplicitPolicy, 282 PathBuilderPkitsTestDelegate); 283 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 284 PkitsTest10PolicyMappings, 285 PathBuilderPkitsTestDelegate); 286 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 287 PkitsTest11InhibitPolicyMapping, 288 PathBuilderPkitsTestDelegate); 289 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 290 PkitsTest12InhibitAnyPolicy, 291 PathBuilderPkitsTestDelegate); 292 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 293 PkitsTest13NameConstraints, 294 PathBuilderPkitsTestDelegate); 295 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 296 PkitsTest14DistributionPoints, 297 PathBuilderPkitsTestDelegate); 298 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 299 PkitsTest15DeltaCRLs, 300 PathBuilderPkitsTestDelegate); 301 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, 302 PkitsTest16PrivateCertificateExtensions, 303 PathBuilderPkitsTestDelegate); 304 305 } // namespace net 306