1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
|
import base64
import datetime
import ssl
from urllib.parse import urljoin, urlparse
import cryptography.hazmat.primitives.hashes
import requests
from cryptography import hazmat, x509
from cryptography.exceptions import InvalidSignature
from cryptography.hazmat import backends
from cryptography.hazmat.primitives.asymmetric.dsa import DSAPublicKey
from cryptography.hazmat.primitives.asymmetric.ec import ECDSA, EllipticCurvePublicKey
from cryptography.hazmat.primitives.asymmetric.padding import PKCS1v15
from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey
from cryptography.hazmat.primitives.hashes import SHA1, Hash
from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
from cryptography.x509 import ocsp
from redis.exceptions import AuthorizationError, ConnectionError
def _verify_response(issuer_cert, ocsp_response):
pubkey = issuer_cert.public_key()
try:
if isinstance(pubkey, RSAPublicKey):
pubkey.verify(
ocsp_response.signature,
ocsp_response.tbs_response_bytes,
PKCS1v15(),
ocsp_response.signature_hash_algorithm,
)
elif isinstance(pubkey, DSAPublicKey):
pubkey.verify(
ocsp_response.signature,
ocsp_response.tbs_response_bytes,
ocsp_response.signature_hash_algorithm,
)
elif isinstance(pubkey, EllipticCurvePublicKey):
pubkey.verify(
ocsp_response.signature,
ocsp_response.tbs_response_bytes,
ECDSA(ocsp_response.signature_hash_algorithm),
)
else:
pubkey.verify(ocsp_response.signature, ocsp_response.tbs_response_bytes)
except InvalidSignature:
raise ConnectionError("failed to valid ocsp response")
def _check_certificate(issuer_cert, ocsp_bytes, validate=True):
"""A wrapper the return the validity of a known ocsp certificate"""
ocsp_response = ocsp.load_der_ocsp_response(ocsp_bytes)
if ocsp_response.response_status == ocsp.OCSPResponseStatus.UNAUTHORIZED:
raise AuthorizationError("you are not authorized to view this ocsp certificate")
if ocsp_response.response_status == ocsp.OCSPResponseStatus.SUCCESSFUL:
if ocsp_response.certificate_status != ocsp.OCSPCertStatus.GOOD:
raise ConnectionError(
f"Received an {str(ocsp_response.certificate_status).split('.')[1]} "
"ocsp certificate status"
)
else:
raise ConnectionError(
"failed to retrieve a successful response from the ocsp responder"
)
if ocsp_response.this_update >= datetime.datetime.now():
raise ConnectionError("ocsp certificate was issued in the future")
if (
ocsp_response.next_update
and ocsp_response.next_update < datetime.datetime.now()
):
raise ConnectionError("ocsp certificate has invalid update - in the past")
responder_name = ocsp_response.responder_name
issuer_hash = ocsp_response.issuer_key_hash
responder_hash = ocsp_response.responder_key_hash
cert_to_validate = issuer_cert
if (
responder_name is not None
and responder_name == issuer_cert.subject
or responder_hash == issuer_hash
):
cert_to_validate = issuer_cert
else:
certs = ocsp_response.certificates
responder_certs = _get_certificates(
certs, issuer_cert, responder_name, responder_hash
)
try:
responder_cert = responder_certs[0]
except IndexError:
raise ConnectionError("no certificates found for the responder")
ext = responder_cert.extensions.get_extension_for_class(x509.ExtendedKeyUsage)
if ext is None or x509.oid.ExtendedKeyUsageOID.OCSP_SIGNING not in ext.value:
raise ConnectionError("delegate not autorized for ocsp signing")
cert_to_validate = responder_cert
if validate:
_verify_response(cert_to_validate, ocsp_response)
return True
def _get_certificates(certs, issuer_cert, responder_name, responder_hash):
if responder_name is None:
certificates = [
c
for c in certs
if _get_pubkey_hash(c) == responder_hash and c.issuer == issuer_cert.subject
]
else:
certificates = [
c
for c in certs
if c.subject == responder_name and c.issuer == issuer_cert.subject
]
return certificates
def _get_pubkey_hash(certificate):
pubkey = certificate.public_key()
# https://stackoverflow.com/a/46309453/600498
if isinstance(pubkey, RSAPublicKey):
h = pubkey.public_bytes(Encoding.DER, PublicFormat.PKCS1)
elif isinstance(pubkey, EllipticCurvePublicKey):
h = pubkey.public_bytes(Encoding.X962, PublicFormat.UncompressedPoint)
else:
h = pubkey.public_bytes(Encoding.DER, PublicFormat.SubjectPublicKeyInfo)
sha1 = Hash(SHA1(), backend=backends.default_backend())
sha1.update(h)
return sha1.finalize()
def ocsp_staple_verifier(con, ocsp_bytes, expected=None):
"""An implementation of a function for set_ocsp_client_callback in PyOpenSSL.
This function validates that the provide ocsp_bytes response is valid,
and matches the expected, stapled responses.
"""
if ocsp_bytes in [b"", None]:
raise ConnectionError("no ocsp response present")
issuer_cert = None
peer_cert = con.get_peer_certificate().to_cryptography()
for c in con.get_peer_cert_chain():
cert = c.to_cryptography()
if cert.subject == peer_cert.issuer:
issuer_cert = cert
break
if issuer_cert is None:
raise ConnectionError("no matching issuer cert found in certificate chain")
if expected is not None:
e = x509.load_pem_x509_certificate(expected)
if peer_cert != e:
raise ConnectionError("received and expected certificates do not match")
return _check_certificate(issuer_cert, ocsp_bytes)
class OCSPVerifier:
"""A class to verify ssl sockets for RFC6960/RFC6961. This can be used
when using direct validation of OCSP responses and certificate revocations.
@see https://datatracker.ietf.org/doc/html/rfc6960
@see https://datatracker.ietf.org/doc/html/rfc6961
"""
def __init__(self, sock, host, port, ca_certs=None):
self.SOCK = sock
self.HOST = host
self.PORT = port
self.CA_CERTS = ca_certs
def _bin2ascii(self, der):
"""Convert SSL certificates in a binary (DER) format to ASCII PEM."""
pem = ssl.DER_cert_to_PEM_cert(der)
cert = x509.load_pem_x509_certificate(pem.encode(), backends.default_backend())
return cert
def components_from_socket(self):
"""This function returns the certificate, primary issuer, and primary ocsp
server in the chain for a socket already wrapped with ssl.
"""
# convert the binary certifcate to text
der = self.SOCK.getpeercert(True)
if der is False:
raise ConnectionError("no certificate found for ssl peer")
cert = self._bin2ascii(der)
return self._certificate_components(cert)
def _certificate_components(self, cert):
"""Given an SSL certificate, retract the useful components for
validating the certificate status with an OCSP server.
Args:
cert ([bytes]): A PEM encoded ssl certificate
"""
try:
aia = cert.extensions.get_extension_for_oid(
x509.oid.ExtensionOID.AUTHORITY_INFORMATION_ACCESS
).value
except cryptography.x509.extensions.ExtensionNotFound:
raise ConnectionError("No AIA information present in ssl certificate")
# fetch certificate issuers
issuers = [
i
for i in aia
if i.access_method == x509.oid.AuthorityInformationAccessOID.CA_ISSUERS
]
try:
issuer = issuers[0].access_location.value
except IndexError:
issuer = None
# now, the series of ocsp server entries
ocsps = [
i
for i in aia
if i.access_method == x509.oid.AuthorityInformationAccessOID.OCSP
]
try:
ocsp = ocsps[0].access_location.value
except IndexError:
raise ConnectionError("no ocsp servers in certificate")
return cert, issuer, ocsp
def components_from_direct_connection(self):
"""Return the certificate, primary issuer, and primary ocsp server
from the host defined by the socket. This is useful in cases where
different certificates are occasionally presented.
"""
pem = ssl.get_server_certificate((self.HOST, self.PORT), ca_certs=self.CA_CERTS)
cert = x509.load_pem_x509_certificate(pem.encode(), backends.default_backend())
return self._certificate_components(cert)
def build_certificate_url(self, server, cert, issuer_cert):
"""Return the complete url to the ocsp"""
orb = ocsp.OCSPRequestBuilder()
# add_certificate returns an initialized OCSPRequestBuilder
orb = orb.add_certificate(
cert, issuer_cert, cryptography.hazmat.primitives.hashes.SHA256()
)
request = orb.build()
path = base64.b64encode(
request.public_bytes(hazmat.primitives.serialization.Encoding.DER)
)
url = urljoin(server, path.decode("ascii"))
return url
def check_certificate(self, server, cert, issuer_url):
"""Checks the validity of an ocsp server for an issuer"""
r = requests.get(issuer_url)
if not r.ok:
raise ConnectionError("failed to fetch issuer certificate")
der = r.content
issuer_cert = self._bin2ascii(der)
ocsp_url = self.build_certificate_url(server, cert, issuer_cert)
# HTTP 1.1 mandates the addition of the Host header in ocsp responses
header = {
"Host": urlparse(ocsp_url).netloc,
"Content-Type": "application/ocsp-request",
}
r = requests.get(ocsp_url, headers=header)
if not r.ok:
raise ConnectionError("failed to fetch ocsp certificate")
return _check_certificate(issuer_cert, r.content, True)
def is_valid(self):
"""Returns the validity of the certificate wrapping our socket.
This first retrieves for validate the certificate, issuer_url,
and ocsp_server for certificate validate. Then retrieves the
issuer certificate from the issuer_url, and finally checks
the validity of OCSP revocation status.
"""
# validate the certificate
try:
cert, issuer_url, ocsp_server = self.components_from_socket()
if issuer_url is None:
raise ConnectionError("no issuers found in certificate chain")
return self.check_certificate(ocsp_server, cert, issuer_url)
except AuthorizationError:
cert, issuer_url, ocsp_server = self.components_from_direct_connection()
if issuer_url is None:
raise ConnectionError("no issuers found in certificate chain")
return self.check_certificate(ocsp_server, cert, issuer_url)
|
