Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rust: add crate skeleton for X.509 path validation #8873

Merged
merged 193 commits into from
Dec 22, 2023
Merged
Changes from 1 commit
Commits
Show all changes
193 commits
Select commit Hold shift + click to select a range
69eb9a1
src, tests: flatten all changes
woodruffw Sep 7, 2023
cb8a316
Merge remote-tracking branch 'origin/main' into tob-x509-cv-skeleton
woodruffw Oct 2, 2023
7e1f72a
make `cargo doc` happy
woodruffw Oct 3, 2023
ade49a1
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 5, 2023
30509a8
verify: move API to ServerVerifier.verify
woodruffw Oct 5, 2023
4658f70
fix tests
woodruffw Oct 5, 2023
1420533
extensions: derive Eq
woodruffw Oct 5, 2023
43999ac
policy: another Eq derive
woodruffw Oct 5, 2023
c220117
[DEMO] declarative extension policies
woodruffw Oct 5, 2023
25655ad
more extension policy refactoring
woodruffw Oct 5, 2023
7c77155
fixup tests
woodruffw Oct 6, 2023
352d9cf
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 6, 2023
b7205be
rust: support name constraints (#4)
tetsuo-cpp Oct 6, 2023
d663c07
types: clippage
woodruffw Oct 6, 2023
0af2218
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Oct 7, 2023
5285a9a
rust: check for malformed `AuthorityInformationAccess` extension (#5)
tetsuo-cpp Oct 16, 2023
9713022
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 16, 2023
4de63fc
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 18, 2023
2adf177
validation: refactor maybe_present extn handling
woodruffw Oct 19, 2023
7f550db
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 19, 2023
71bd69d
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Oct 22, 2023
625fa41
tests: Add `x509-limbo` test (#1)
tetsuo-cpp Oct 24, 2023
4745642
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 24, 2023
ba37c80
rust: Use extension policy mechanism to check for unaccounted critica…
tetsuo-cpp Oct 24, 2023
21b8026
clippy fixes
woodruffw Oct 24, 2023
2232868
derive Eq
woodruffw Oct 24, 2023
d91f976
policy: clippage
woodruffw Oct 24, 2023
9e04a6a
remove double negative
woodruffw Oct 24, 2023
0f21360
test_verification: move asserts
woodruffw Oct 24, 2023
9ff4070
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 26, 2023
8d9d223
drop unused From impl
woodruffw Oct 26, 2023
5ef5ecb
Revert "drop unused From impl"
woodruffw Oct 26, 2023
9d46d04
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Oct 28, 2023
f02458e
fixup AKI handling, update limbo
woodruffw Oct 28, 2023
95ac2e7
bump limbo
woodruffw Oct 28, 2023
5153a69
bump limbo suite
woodruffw Oct 29, 2023
f54ce64
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Oct 30, 2023
8a702a9
validation/policy: clean up TODOs and NOTEs a bit
woodruffw Oct 30, 2023
f59cbed
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 30, 2023
a356e05
validation/policy: drop unreachable check
woodruffw Oct 30, 2023
9d5a313
vectors: bump limbo
woodruffw Oct 31, 2023
457df90
policy: check for 0 SN explicitly
woodruffw Oct 31, 2023
c54bced
vectors: bump limbo
woodruffw Oct 31, 2023
5e72f8b
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Oct 31, 2023
c91e13f
WIP docs
woodruffw Oct 31, 2023
7b8f5a3
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Oct 31, 2023
e8b4fbc
verification: fixup docs
woodruffw Oct 31, 2023
7aefd2a
validation: make subject non-optional (#7)
woodruffw Nov 2, 2023
504dd59
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 2, 2023
34202c4
vectors: bump limbo
woodruffw Nov 2, 2023
fb362bd
vectors: bump limbo
woodruffw Nov 2, 2023
ce4e907
validation/policies: turn permits_san into an extension validator (#8)
woodruffw Nov 2, 2023
daa512d
vectors: bump limbo
woodruffw Nov 2, 2023
53e6761
validation: move v3 check to permits_basic
woodruffw Nov 2, 2023
0259030
vectors: bump limbo
woodruffw Nov 2, 2023
a9a380f
validation: put EKU handling under ext handling
woodruffw Nov 2, 2023
a9d8dc9
tests, vectors: bump limbo
woodruffw Nov 2, 2023
199ba0d
fixup isort
woodruffw Nov 2, 2023
956c1b8
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 3, 2023
52977bd
vectors: bump limbo
woodruffw Nov 3, 2023
a163676
validation: refactor depth checks
woodruffw Nov 3, 2023
b0d8477
mod: comment
woodruffw Nov 3, 2023
a4f4ea9
vectors: bump limbo
woodruffw Nov 3, 2023
58261a2
vectors: bump limbo
woodruffw Nov 3, 2023
0282239
[WIP] vectors: bump limbo
woodruffw Nov 3, 2023
c086393
vectors: bump limbo
woodruffw Nov 3, 2023
107c082
lib: Convert duplicate extension errors explicitly (#10)
facutuesca Nov 3, 2023
be6d3d8
vectors: bump limbo
woodruffw Nov 3, 2023
36654c1
lib: remove another From impl
woodruffw Nov 3, 2023
6bed9db
vectors: bump limbo
woodruffw Nov 3, 2023
6d3714c
vectors: bump limbo
facutuesca Nov 6, 2023
5afa0a7
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 6, 2023
7546674
validation: Add `max_chain_depth` parameter to `ServerVerifier` (#9)
tetsuo-cpp Nov 9, 2023
af0d43b
test_verification: add already-set test for max_chain_depth
woodruffw Nov 9, 2023
acdf068
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 9, 2023
e5d62a3
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 9, 2023
06e1be5
verification: fix bad merge
woodruffw Nov 9, 2023
fe39fb9
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 9, 2023
329eed5
remove commented code, redundant tests
woodruffw Nov 9, 2023
4017871
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 9, 2023
c0ec72f
actions: add a fetch-limbo action
woodruffw Nov 9, 2023
c270e4a
tests: prep limbo a la wycheproof
woodruffw Nov 9, 2023
7434373
tests: migrate limbo
woodruffw Nov 9, 2023
363dee3
Merge branch 'tob-generic-fetch-vectors' into tob-x509-cv-skeleton
woodruffw Nov 9, 2023
efc8f29
ci: use fetch-limbo
woodruffw Nov 9, 2023
3e838c7
remove hardcopied limbo
woodruffw Nov 9, 2023
79fe0b4
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 10, 2023
f7fdeaf
tests: remove test_verify_basic
woodruffw Nov 10, 2023
913f723
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 10, 2023
ab7de49
validation/certificate: remove dead_code attrs
woodruffw Nov 10, 2023
421594a
validation/extension: remove more dead_code attrs
woodruffw Nov 10, 2023
8fd2684
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 13, 2023
ef9061f
verify: simplify types
woodruffw Nov 13, 2023
bf3b3cb
document, enforce chain order
woodruffw Nov 13, 2023
ea88d53
lib: simplify is_match
woodruffw Nov 13, 2023
7bfab59
Update src/rust/cryptography-x509-validation/src/lib.rs
woodruffw Nov 13, 2023
97c551f
validation/lib: return impl iterator
woodruffw Nov 13, 2023
db05265
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 13, 2023
669bb22
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 13, 2023
af14ec4
validation/ops: remove old coverage stub
woodruffw Nov 13, 2023
eac3a07
test_limbo: remove assert messages
woodruffw Nov 13, 2023
af29fec
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 13, 2023
4168322
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 13, 2023
062a64b
drastically simplify lifetimes
woodruffw Nov 13, 2023
ace8142
test_verification: remove unused import
woodruffw Nov 13, 2023
9793bb2
validation/lib: Remove unnecessary `AccumulatedNameConstraints` type
tetsuo-cpp Nov 14, 2023
d498f67
validation/lib: Use `cert_is_self_issued` for potential issuers
tetsuo-cpp Nov 14, 2023
2f52dd0
validation/lib: Flip condition
tetsuo-cpp Nov 14, 2023
c40761f
validation/lib: Use `cert_is_self_signed`
tetsuo-cpp Nov 14, 2023
e0c377d
validation/lib: Reduce calls to `Certificate::extensions`
tetsuo-cpp Nov 14, 2023
269ef79
validation/lib: Remove more calls to `extensions`
tetsuo-cpp Nov 14, 2023
90162e4
validation/policy: Check for overflow of current depth
tetsuo-cpp Nov 14, 2023
adc7333
validation/policy: Check validity dates for generalized date cutoff
tetsuo-cpp Nov 14, 2023
0c5ff83
validation/policy: Check for negative serial numbers
tetsuo-cpp Nov 14, 2023
2ce7a34
validation: only check spki and signature_alg when verifying sigs
woodruffw Nov 14, 2023
0f6214f
validation: add API TODO
woodruffw Nov 15, 2023
55e82f7
test_limbo: more features
woodruffw Nov 15, 2023
bf12b48
policy/extension: allow missing AKI on CAs
woodruffw Nov 15, 2023
e665d3b
tests/limbo: skip webpki::aki::root-with-aki-ski-mismatch
woodruffw Nov 15, 2023
a14634d
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 16, 2023
ba7dbf3
tests: Remove `pedantic-webpki` from unsupported list
tetsuo-cpp Nov 17, 2023
8d06d26
validation/policy: Remove unused conversion
tetsuo-cpp Nov 17, 2023
0d98eaf
validation/policy: Add unit tests for validity dates
tetsuo-cpp Nov 17, 2023
6be1f50
ci: remove a line
woodruffw Nov 17, 2023
76abe1f
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 17, 2023
09377a5
validation: flatten error types
woodruffw Nov 17, 2023
1a4cf74
validation: remove unnecessary From impls
woodruffw Nov 17, 2023
e93bc07
validation: render OIDs in a few errors
woodruffw Nov 17, 2023
0cf2e52
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 17, 2023
c9642e9
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 17, 2023
6c577be
validation/policy: free coverage
woodruffw Nov 17, 2023
a860232
validation/policy: ok_or_else (no escaping the coverage gods)
woodruffw Nov 18, 2023
d231e1e
validation/policy: remove no-op branch
woodruffw Nov 20, 2023
7b4c2c0
validation: add EKU note
woodruffw Nov 20, 2023
5ee09e5
validation: add invariant-preserving Intermediates type
woodruffw Nov 20, 2023
bd1553f
validation: better error message
woodruffw Nov 20, 2023
89067e2
invert conditions
woodruffw Nov 20, 2023
adeb62d
validation: rewrite error handling
woodruffw Nov 20, 2023
518da01
lib: misleading comment
woodruffw Nov 20, 2023
f964ce7
test_limbo: handle IPv6 addresses correctly
woodruffw Nov 21, 2023
48af1c5
test_limbo: add another feature flag
woodruffw Nov 22, 2023
c79f40b
validation/extensions: add some NC checks
woodruffw Nov 22, 2023
a29c73e
lintage
woodruffw Nov 22, 2023
bab3d2a
validation/extension: fix subtree check
woodruffw Nov 22, 2023
8135121
validation/extension: remove pedantic check
woodruffw Nov 22, 2023
b3ae108
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 23, 2023
31d7d81
validation: avoid an intermediate vector
woodruffw Nov 23, 2023
d294958
validation: `&Vec<_>` -> `&[_]`
woodruffw Nov 23, 2023
d1b0a33
validation: search the store first
woodruffw Nov 23, 2023
6c2eafe
validation: simplify match
woodruffw Nov 23, 2023
f591c12
validation: rename IntermediateChain -> PartialChainState
woodruffw Nov 23, 2023
1adf14f
policy/extension: add a NOTE about pathLength validation
woodruffw Nov 23, 2023
9ce06d0
tests/x509: restructure verification tests
woodruffw Nov 23, 2023
030b79f
test_limbo: update ID
woodruffw Nov 24, 2023
b6de1f9
validation: expand NC skip comment
woodruffw Nov 24, 2023
6e6d7c7
validation: fixup NC handling, expose NC errors
woodruffw Nov 24, 2023
120daf5
Merge branch 'main' into tob-x509-cv-skeleton
woodruffw Nov 24, 2023
6607e75
validation: remove unreachable error case
woodruffw Nov 24, 2023
24ecf76
validation: remove unnecessary clone
woodruffw Nov 24, 2023
3060a70
validation: handle malformed SANs in NC checking
woodruffw Nov 25, 2023
e1ee967
validation: allow SN==0
woodruffw Nov 25, 2023
642e72e
validation: remove redundant branch
woodruffw Nov 26, 2023
c6d502e
validation: relax SKI check on CA certs
woodruffw Nov 26, 2023
e26feb8
validation: document BC handling
woodruffw Nov 26, 2023
b1e8d2a
validation: document precondition on valid_issuer
woodruffw Nov 26, 2023
91c30d5
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Nov 30, 2023
dcc7069
validation: make EKU in EEs optional
woodruffw Nov 30, 2023
1ed7c2b
validation: make EKU handling common
woodruffw Dec 1, 2023
e4c33bb
[WIP] validation: refactor name constraints handling
woodruffw Dec 1, 2023
98d5502
Merge remote-tracking branch 'upstream/main' into tob-x509-cv-skeleton
woodruffw Dec 18, 2023
baaeeb2
src, tests: remove self-issued special-casing
woodruffw Dec 18, 2023
6c886b5
lintage
woodruffw Dec 18, 2023
a167fd2
validation: remove NullOps
woodruffw Dec 19, 2023
9926b98
validation: feedback
woodruffw Dec 19, 2023
d4a876f
validation: remove unnecessary second loop
woodruffw Dec 19, 2023
474a925
tests/limbo: fixup schema assertions
woodruffw Dec 20, 2023
8152578
validation: remove no-op match
woodruffw Dec 20, 2023
5244884
Update src/rust/cryptography-x509-validation/src/policy/mod.rs
woodruffw Dec 20, 2023
be84030
policy: u64::from
woodruffw Dec 20, 2023
27b2b0d
test_limbo: assert that intermediates come from untrusted_intermediates
woodruffw Dec 20, 2023
0220e93
validation: simplify match exprs
woodruffw Dec 20, 2023
35de5fd
lib: apply_inner -> apply_single_constraint
woodruffw Dec 20, 2023
07f2445
test_limbo: open limbo.json in binary mode
woodruffw Dec 20, 2023
d5b8a45
validation: simplify, fix NC validation
woodruffw Dec 21, 2023
c52b597
lib: remove unused default derive
woodruffw Dec 21, 2023
6e7379a
policy: add NOTE, relax EKU check
woodruffw Dec 21, 2023
7830bad
validation: move SAN matching to permits_leaf
woodruffw Dec 21, 2023
e16a347
break apart EKU handling by EE/CA
woodruffw Dec 21, 2023
1e00199
validation: reorder permits_leaf for coverage
woodruffw Dec 21, 2023
fee2aa3
src, tests: remove CA-in-leaf-position support
woodruffw Dec 21, 2023
b65d12f
validation: unwrap and explain why
woodruffw Dec 21, 2023
6aa642c
validation: remove permits_leaf entirely
woodruffw Dec 22, 2023
0fc7327
validation/policy: fix validity_date GeneralizedTime check
woodruffw Dec 22, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
validation/policy: Check validity dates for generalized date cutoff
tetsuo-cpp committed Nov 14, 2023
commit adc7333ec9e0022d819c75e12fe25af70f722fce
40 changes: 30 additions & 10 deletions src/rust/cryptography-x509-validation/src/policy/mod.rs
Original file line number Diff line number Diff line change
@@ -6,14 +6,14 @@ mod extension;

use std::collections::HashSet;

use asn1::ObjectIdentifier;
use asn1::{DateTime, ObjectIdentifier};
use cryptography_x509::certificate::Certificate;
use once_cell::sync::Lazy;

use cryptography_x509::common::{
AlgorithmIdentifier, AlgorithmParameters, EcParameters, RsaPssParameters, PSS_SHA256_HASH_ALG,
PSS_SHA256_MASK_GEN_ALG, PSS_SHA384_HASH_ALG, PSS_SHA384_MASK_GEN_ALG, PSS_SHA512_HASH_ALG,
PSS_SHA512_MASK_GEN_ALG,
AlgorithmIdentifier, AlgorithmParameters, EcParameters, RsaPssParameters, Time,
PSS_SHA256_HASH_ALG, PSS_SHA256_MASK_GEN_ALG, PSS_SHA384_HASH_ALG, PSS_SHA384_MASK_GEN_ALG,
PSS_SHA512_HASH_ALG, PSS_SHA512_MASK_GEN_ALG,
};
use cryptography_x509::extensions::{
BasicConstraints, DuplicateExtensionsError, Extensions, KeyUsage, SubjectAlternativeName,
@@ -397,12 +397,11 @@ impl<'a, B: CryptoOps> Policy<'a, B> {
// 5280 4.1.2.5: Validity
// Validity dates before 2050 MUST be encoded as UTCTime;
// dates in or after 2050 MUST be encoded as GeneralizedTime.
// TODO: The existing `tbs_cert.validity` types don't expose this
// underlying detail. This check has no practical effect on the
// correctness of the certificate, so it's pretty low priority.
if &self.validation_time < cert.tbs_cert.validity.not_before.as_datetime()
|| &self.validation_time > cert.tbs_cert.validity.not_after.as_datetime()
{
let not_before = cert.tbs_cert.validity.not_before.as_datetime();
let not_after = cert.tbs_cert.validity.not_after.as_datetime();
self.valid_validity_date(&cert.tbs_cert.validity.not_before, not_before)?;
self.valid_validity_date(&cert.tbs_cert.validity.not_after, not_after)?;
if &self.validation_time < not_before || &self.validation_time > not_after {
return Err(PolicyError::Other("cert is not valid at validation time"));
}

@@ -566,6 +565,27 @@ impl<'a, B: CryptoOps> Policy<'a, B> {
.ok_or(PolicyError::Other("current depth calculation overflowed"))?),
}
}

fn valid_validity_date(&self, validity_date: &Time, dt: &DateTime) -> Result<(), PolicyError> {
const GENERALIZED_DATE_CUTOFF_YEAR: u16 = 2050;
match validity_date {
Time::UtcTime(_) => {
if dt.year() >= GENERALIZED_DATE_CUTOFF_YEAR {
return Err(PolicyError::Other(
"validity dates after generalized date cutoff must be GeneralizedTime",
));
}
}
Time::GeneralizedTime(_) => {
if dt.year() < GENERALIZED_DATE_CUTOFF_YEAR {
return Err(PolicyError::Other(
"validity dates before generalized date cutoff must be UtcTime",
));
}
}
}
Ok(())
}
}

#[cfg(test)]