diff options
author | Theo Buehler <tb@cvs.openbsd.org> | 2022-02-08 14:53:04 +0000 |
---|---|---|
committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-02-08 14:53:04 +0000 |
commit | b8e1c324c130552dca25614edf156605e4b30ec5 (patch) | |
tree | a92b55e3f7bb08a21a9187c27e876e425f29e165 | |
parent | 509b19f8bbbfb93f512ad04e79a10b349f3a9f3c (diff) |
Check CRLs also for manifests
There is a chicken-egg here since manifests reference the CRL themselves.
We may also have two CRLs available, in which case we check against the
one with the newer thisUpdate time.
The RFC situation is a bit of a mess with abundant complexity, unclear
recommendations and requirements and draft specs that also need to be
considered. This is a first version that works with future improvements
to be landed later.
Joint work with claudio, prompted by a question by job
ok claudio job
-rw-r--r-- | usr.sbin/rpki-client/crl.c | 17 | ||||
-rw-r--r-- | usr.sbin/rpki-client/extern.h | 5 | ||||
-rw-r--r-- | usr.sbin/rpki-client/parser.c | 111 |
3 files changed, 101 insertions, 32 deletions
diff --git a/usr.sbin/rpki-client/crl.c b/usr.sbin/rpki-client/crl.c index 52324e03ac8..b50aff63ad0 100644 --- a/usr.sbin/rpki-client/crl.c +++ b/usr.sbin/rpki-client/crl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crl.c,v 1.12 2022/02/08 11:51:51 tb Exp $ */ +/* $OpenBSD: crl.c,v 1.13 2022/02/08 14:53:03 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -33,7 +33,7 @@ crl_parse(const char *fn, const unsigned char *der, size_t len) { struct crl *crl; const ASN1_TIME *at; - struct tm expires_tm; + struct tm issued_tm, expires_tm; int rc = 0; /* just fail for empty buffers, the warning was printed elsewhere */ @@ -53,6 +53,19 @@ crl_parse(const char *fn, const unsigned char *der, size_t len) goto out; } + at = X509_CRL_get0_lastUpdate(crl->x509_crl); + if (at == NULL) { + warnx("%s: X509_CRL_get0_lastUpdate failed", fn); + goto out; + } + memset(&issued_tm, 0, sizeof(issued_tm)); + if (ASN1_time_parse(at->data, at->length, &issued_tm, 0) == -1) { + warnx("%s: ASN1_time_parse failed", fn); + goto out; + } + if ((crl->issued = mktime(&issued_tm)) == -1) + errx(1, "%s: mktime failed", fn); + /* extract expire time for later use */ at = X509_CRL_get0_nextUpdate(crl->x509_crl); if (at == NULL) { diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index 079c4e92336..a9b4429b83a 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.117 2022/02/08 11:51:51 tb Exp $ */ +/* $OpenBSD: extern.h,v 1.118 2022/02/08 14:53:03 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -280,7 +280,8 @@ struct crl { RB_ENTRY(crl) entry; char *aki; X509_CRL *x509_crl; - time_t expires; /* do not use after */ + time_t issued; /* do not use before */ + time_t expires; /* do not use after */ }; /* * Tree of CRLs sorted by uri diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c index ed8040716b4..f32a77dbb39 100644 --- a/usr.sbin/rpki-client/parser.c +++ b/usr.sbin/rpki-client/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.62 2022/02/08 12:35:14 claudio Exp $ */ +/* $OpenBSD: parser.c,v 1.63 2022/02/08 14:53:03 tb Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -42,6 +42,7 @@ static void build_chain(const struct auth *, STACK_OF(X509) **); static struct crl *get_crl(const struct auth *); static void build_crls(const struct crl *, STACK_OF(X509_CRL) **); +static struct crl *parse_load_crl_from_mft(struct entity *, const char *); static X509_STORE_CTX *ctx; static struct auth_tree auths = RB_INITIALIZER(&auths); @@ -205,13 +206,13 @@ verify_cb(int ok, X509_STORE_CTX *store_ctx) * Returns 1 for valid certificates, returns 0 if there is a verify error */ static int -valid_x509(char *file, X509 *x509, struct auth *a, struct crl *crl, - unsigned long flags, int nowarn) +valid_x509(char *file, X509 *x509, struct auth *a, struct crl *crl, int nowarn) { X509_VERIFY_PARAM *params; ASN1_OBJECT *cp_oid; STACK_OF(X509) *chain; STACK_OF(X509_CRL) *crls = NULL; + unsigned long flags; int c; build_chain(a, &chain); @@ -231,6 +232,7 @@ valid_x509(char *file, X509 *x509, struct auth *a, struct crl *crl, X509_STORE_CTX_set_verify_cb(ctx, verify_cb); if (!X509_STORE_CTX_set_app_data(ctx, file)) cryptoerrx("X509_STORE_CTX_set_app_data"); + flags = X509_V_FLAG_CRL_CHECK; flags |= X509_V_FLAG_EXPLICIT_POLICY; flags |= X509_V_FLAG_INHIBIT_MAP; X509_STORE_CTX_set_flags(ctx, flags); @@ -263,8 +265,8 @@ static struct roa * proc_parser_roa(char *file, const unsigned char *der, size_t len) { struct roa *roa; - struct crl *crl; struct auth *a; + struct crl *crl; X509 *x509; if ((roa = roa_parse(&x509, file, der, len)) == NULL) @@ -273,7 +275,7 @@ proc_parser_roa(char *file, const unsigned char *der, size_t len) a = valid_ski_aki(file, &auths, roa->ski, roa->aki); crl = get_crl(a); - if (!valid_x509(file, x509, a, crl, X509_V_FLAG_CRL_CHECK, 0)) { + if (!valid_x509(file, x509, a, crl, 0)) { X509_free(x509); roa_free(roa); return NULL; @@ -354,32 +356,39 @@ proc_parser_mft_check(const char *fn, struct mft *p) * Parse and validate a manifest file. Skip checking the fileandhash * this is done in the post check. After this step we know the mft is * valid and can be compared. - * Here we *don't* validate against the list of CRLs, because the - * certificate used to sign the manifest may specify a CRL that the root - * certificate didn't, and we haven't scanned for it yet. - * This chicken-and-egg isn't important, however, because we'll catch - * the revocation list by the time we scan for any contained resources - * (ROA, CER) and will see it then. * Return the mft on success or NULL on failure. */ static struct mft * -proc_parser_mft_pre(char *file, const unsigned char *der, size_t len) +proc_parser_mft_pre(char *file, const unsigned char *der, size_t len, + struct entity *entp) { - struct mft *mft; - X509 *x509; - struct auth *a; + struct mft *mft; + X509 *x509; + struct crl *crl; + struct auth *a; + char *c, *crlfile; if ((mft = mft_parse(&x509, file, der, len)) == NULL) return NULL; a = valid_ski_aki(file, &auths, mft->ski, mft->aki); + /* load CRL by hand, since it is referenced by the MFT itself */ + c = x509_get_crl(x509, file); + crlfile = strrchr(c, '/'); + if (crlfile != NULL) + crlfile++; + else + crlfile = c; + crl = parse_load_crl_from_mft(entp, crlfile); + free(c); - /* CRL checks disabled here because CRL is referenced from mft */ - if (!valid_x509(file, x509, a, NULL, 0, 1)) { + if (!valid_x509(file, x509, a, crl, 1)) { mft_free(mft); + crl_free(crl); X509_free(x509); return NULL; } + crl_free(crl); X509_free(x509); return mft; @@ -440,7 +449,7 @@ proc_parser_cert_validate(char *file, struct cert *cert) a = valid_ski_aki(file, &auths, cert->ski, cert->aki); crl = get_crl(a); - if (!valid_x509(file, cert->x509, a, crl, X509_V_FLAG_CRL_CHECK, 0)) { + if (!valid_x509(file, cert->x509, a, crl, 0)) { cert_free(cert); return NULL; } @@ -550,8 +559,8 @@ proc_parser_gbr(char *file, const unsigned char *der, size_t len) { struct gbr *gbr; X509 *x509; - struct auth *a; struct crl *crl; + struct auth *a; if ((gbr = gbr_parse(&x509, file, der, len)) == NULL) return; @@ -560,7 +569,7 @@ proc_parser_gbr(char *file, const unsigned char *der, size_t len) crl = get_crl(a); /* return value can be ignored since nothing happens here */ - valid_x509(file, x509, a, crl, X509_V_FLAG_CRL_CHECK, 0); + valid_x509(file, x509, a, crl, 0); X509_free(x509); gbr_free(gbr); @@ -598,7 +607,6 @@ get_crl(const struct auth *a) if (a == NULL) return NULL; - find.aki = a->cert->ski; return RB_FIND(crl_tree, &crlt, &find); } @@ -614,10 +622,8 @@ build_crls(const struct crl *crl, STACK_OF(X509_CRL) **crls) if (crl == NULL) return; - if ((*crls = sk_X509_CRL_new_null()) == NULL) errx(1, "sk_X509_CRL_new_null"); - if (!sk_X509_CRL_push(*crls, crl->x509_crl)) err(1, "sk_X509_CRL_push"); } @@ -642,6 +648,9 @@ parse_load_file(struct entity *entp, unsigned char **f, size_t *flen) return file; } +/* + * Load the most recent MFT by opening both options and comparing the two. + */ static char * parse_load_mft(struct entity *entp, struct mft **mft) { @@ -656,7 +665,7 @@ parse_load_mft(struct entity *entp, struct mft **mft) f = load_file(file1, &flen); if (f == NULL && errno != ENOENT) warn("parse file %s", file1); - mft1 = proc_parser_mft_pre(file1, f, flen); + mft1 = proc_parser_mft_pre(file1, f, flen, entp); free(f); } @@ -664,7 +673,7 @@ parse_load_mft(struct entity *entp, struct mft **mft) f = load_file(file2, &flen); if (f == NULL && errno != ENOENT) warn("parse file %s", file2); - mft2 = proc_parser_mft_pre(file2, f, flen); + mft2 = proc_parser_mft_pre(file2, f, flen, entp); free(f); } @@ -682,6 +691,54 @@ parse_load_mft(struct entity *entp, struct mft **mft) } /* + * Load the most recent CRL by opening both options and comparing the two. + */ +static struct crl * +parse_load_crl_from_mft(struct entity *entp, const char *file) +{ + struct crl *crl1 = NULL, *crl2 = NULL; + char *file1, *file2; + unsigned char *f; + size_t flen; + + if (file == NULL) + return NULL; + + file1 = parse_filepath(entp->repoid, entp->path, file, DIR_VALID); + file2 = parse_filepath(entp->repoid, entp->path, file, DIR_TEMP); + + if (file1 != NULL) { + f = load_file(file1, &flen); + if (f == NULL && errno != ENOENT) + warn("parse file %s", file1); + crl1 = crl_parse(file1, f, flen); + free(f); + } + + if (file2 != NULL) { + f = load_file(file2, &flen); + if (f == NULL && errno != ENOENT) + warn("parse file %s", file2); + crl2 = crl_parse(file2, f, flen); + free(f); + } + + free(file1); + free(file2); + + if (crl1 == NULL || crl2 == NULL) + return crl2 == NULL ? crl1 : crl2; + + if (crl1->issued >= crl2->issued) { + crl_free(crl2); + return crl1; + } else { + crl_free(crl1); + return crl2; + } +} + +/* * Process an entity and responing to parent process. */ static void @@ -958,7 +1015,6 @@ proc_parser_file(char *file, unsigned char *buf, size_t len) struct tal *tal = NULL; enum rtype type; char *aia = NULL, *aki = NULL; - unsigned long verify_flags = X509_V_FLAG_CRL_CHECK; if (num++ > 0) printf("--\n"); @@ -995,7 +1051,6 @@ proc_parser_file(char *file, unsigned char *buf, size_t len) mft_print(mft); aia = mft->aia; aki = mft->aki; - verify_flags = 0; break; case RTYPE_ROA: roa = roa_parse(&x509, file, buf, len); @@ -1038,7 +1093,7 @@ proc_parser_file(char *file, unsigned char *buf, size_t len) a = auth_find(&auths, aki); crl = get_crl(a); - if (valid_x509(file, x509, a, crl, verify_flags, 0)) + if (valid_x509(file, x509, a, crl, 0)) printf("Validation: OK\n"); else printf("Validation: Failed\n"); |