J. Duke | 319a3b9 | 2007-12-01 00:00:00 +0000 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2002-2006 Sun Microsystems, Inc. All Rights Reserved. |
| 3 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
| 4 | * |
| 5 | * This code is free software; you can redistribute it and/or modify it |
| 6 | * under the terms of the GNU General Public License version 2 only, as |
| 7 | * published by the Free Software Foundation. Sun designates this |
| 8 | * particular file as subject to the "Classpath" exception as provided |
| 9 | * by Sun in the LICENSE file that accompanied this code. |
| 10 | * |
| 11 | * This code is distributed in the hope that it will be useful, but WITHOUT |
| 12 | * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
| 13 | * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
| 14 | * version 2 for more details (a copy is included in the LICENSE file that |
| 15 | * accompanied this code). |
| 16 | * |
| 17 | * You should have received a copy of the GNU General Public License version |
| 18 | * 2 along with this work; if not, write to the Free Software Foundation, |
| 19 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
| 20 | * |
| 21 | * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, |
| 22 | * CA 95054 USA or visit www.sun.com if you need additional information or |
| 23 | * have any questions. |
| 24 | */ |
| 25 | |
| 26 | package sun.security.validator; |
| 27 | |
| 28 | import java.util.*; |
| 29 | |
| 30 | import java.security.cert.*; |
| 31 | |
| 32 | import sun.security.x509.NetscapeCertTypeExtension; |
| 33 | |
| 34 | /** |
| 35 | * Class to check if an end entity cert is suitable for use in some |
| 36 | * context.<p> |
| 37 | * |
| 38 | * This class is used internally by the validator. Currently, seven variants |
| 39 | * are supported defined as VAR_XXX constants in the Validator class: |
| 40 | * <ul> |
| 41 | * <li>Generic. No additional requirements, all certificates are ok. |
| 42 | * |
| 43 | * <li>TLS server. Requires that a String parameter is passed to |
| 44 | * validate that specifies the name of the TLS key exchange algorithm |
| 45 | * in use. See the JSSE X509TrustManager spec for details. |
| 46 | * |
| 47 | * <li>TLS client. |
| 48 | * |
| 49 | * <li>Code signing. |
| 50 | * |
| 51 | * <li>JCE code signing. Some early JCE code signing certs issued to |
| 52 | * providers had incorrect extensions. In this mode the checks |
| 53 | * are relaxed compared to standard code signing checks in order to |
| 54 | * allow these certificates to pass. |
| 55 | * |
| 56 | * <li>Plugin code signing. WebStart and Plugin require their own variant |
| 57 | * which is equivalent to VAR_CODE_SIGNING with additional checks for |
| 58 | * compatibility/special cases. See also PKIXValidator. |
| 59 | * |
| 60 | * <li>TSA Server (see RFC 3161, section 2.3). |
| 61 | * |
| 62 | * </ul> |
| 63 | * |
| 64 | * @author Andreas Sterbenz |
| 65 | */ |
| 66 | class EndEntityChecker { |
| 67 | |
| 68 | // extended key usage OIDs for TLS server, TLS client, code signing |
| 69 | // and any usage |
| 70 | |
| 71 | private final static String OID_EXTENDED_KEY_USAGE = |
| 72 | SimpleValidator.OID_EXTENDED_KEY_USAGE; |
| 73 | |
| 74 | private final static String OID_EKU_TLS_SERVER = "1.3.6.1.5.5.7.3.1"; |
| 75 | |
| 76 | private final static String OID_EKU_TLS_CLIENT = "1.3.6.1.5.5.7.3.2"; |
| 77 | |
| 78 | private final static String OID_EKU_CODE_SIGNING = "1.3.6.1.5.5.7.3.3"; |
| 79 | |
| 80 | private final static String OID_EKU_TIME_STAMPING = "1.3.6.1.5.5.7.3.8"; |
| 81 | |
| 82 | private final static String OID_EKU_ANY_USAGE = "2.5.29.37.0"; |
| 83 | |
| 84 | // the Netscape Server-Gated-Cryptography EKU extension OID |
| 85 | private final static String OID_EKU_NS_SGC = "2.16.840.1.113730.4.1"; |
| 86 | |
| 87 | // the Microsoft Server-Gated-Cryptography EKU extension OID |
| 88 | private final static String OID_EKU_MS_SGC = "1.3.6.1.4.1.311.10.3.3"; |
| 89 | |
| 90 | private final static String NSCT_SSL_CLIENT = |
| 91 | NetscapeCertTypeExtension.SSL_CLIENT; |
| 92 | |
| 93 | private final static String NSCT_SSL_SERVER = |
| 94 | NetscapeCertTypeExtension.SSL_SERVER; |
| 95 | |
| 96 | private final static String NSCT_CODE_SIGNING = |
| 97 | NetscapeCertTypeExtension.OBJECT_SIGNING; |
| 98 | |
| 99 | // bit numbers in the key usage extension |
| 100 | private final static int KU_SIGNATURE = 0; |
| 101 | private final static int KU_KEY_ENCIPHERMENT = 2; |
| 102 | private final static int KU_KEY_AGREEMENT = 4; |
| 103 | |
| 104 | // TLS key exchange algorithms requiring digitalSignature key usage |
| 105 | private final static Collection<String> KU_SERVER_SIGNATURE = |
| 106 | Arrays.asList("DHE_DSS", "DHE_RSA", "ECDHE_ECDSA", "ECDHE_RSA", |
| 107 | "RSA_EXPORT", "UNKNOWN"); |
| 108 | |
| 109 | // TLS key exchange algorithms requiring keyEncipherment key usage |
| 110 | private final static Collection<String> KU_SERVER_ENCRYPTION = |
| 111 | Arrays.asList("RSA"); |
| 112 | |
| 113 | // TLS key exchange algorithms requiring keyAgreement key usage |
| 114 | private final static Collection<String> KU_SERVER_KEY_AGREEMENT = |
| 115 | Arrays.asList("DH_DSS", "DH_RSA", "ECDH_ECDSA", "ECDH_RSA"); |
| 116 | |
| 117 | // variant of this end entity cert checker |
| 118 | private final String variant; |
| 119 | |
| 120 | // type of the validator this checker belongs to |
| 121 | private final String type; |
| 122 | |
| 123 | private EndEntityChecker(String type, String variant) { |
| 124 | this.type = type; |
| 125 | this.variant = variant; |
| 126 | } |
| 127 | |
| 128 | static EndEntityChecker getInstance(String type, String variant) { |
| 129 | return new EndEntityChecker(type, variant); |
| 130 | } |
| 131 | |
| 132 | void check(X509Certificate cert, Object parameter) |
| 133 | throws CertificateException { |
| 134 | if (variant.equals(Validator.VAR_GENERIC)) { |
| 135 | // no checks |
| 136 | return; |
| 137 | } else if (variant.equals(Validator.VAR_TLS_SERVER)) { |
| 138 | checkTLSServer(cert, (String)parameter); |
| 139 | } else if (variant.equals(Validator.VAR_TLS_CLIENT)) { |
| 140 | checkTLSClient(cert); |
| 141 | } else if (variant.equals(Validator.VAR_CODE_SIGNING)) { |
| 142 | checkCodeSigning(cert); |
| 143 | } else if (variant.equals(Validator.VAR_JCE_SIGNING)) { |
| 144 | checkCodeSigning(cert); |
| 145 | } else if (variant.equals(Validator.VAR_PLUGIN_CODE_SIGNING)) { |
| 146 | checkCodeSigning(cert); |
| 147 | } else if (variant.equals(Validator.VAR_TSA_SERVER)) { |
| 148 | checkTSAServer(cert); |
| 149 | } else { |
| 150 | throw new CertificateException("Unknown variant: " + variant); |
| 151 | } |
| 152 | } |
| 153 | |
| 154 | /** |
| 155 | * Utility method returning the Set of critical extensions for |
| 156 | * certificate cert (never null). |
| 157 | */ |
| 158 | private Set<String> getCriticalExtensions(X509Certificate cert) { |
| 159 | Set<String> exts = cert.getCriticalExtensionOIDs(); |
| 160 | if (exts == null) { |
| 161 | exts = Collections.emptySet(); |
| 162 | } |
| 163 | return exts; |
| 164 | } |
| 165 | |
| 166 | /** |
| 167 | * Utility method checking if there are any unresolved critical extensions. |
| 168 | * @throws CertificateException if so. |
| 169 | */ |
| 170 | private void checkRemainingExtensions(Set<String> exts) |
| 171 | throws CertificateException { |
| 172 | // basic constraints irrelevant in EE certs |
| 173 | exts.remove(SimpleValidator.OID_BASIC_CONSTRAINTS); |
| 174 | if (!exts.isEmpty()) { |
| 175 | throw new CertificateException("Certificate contains unsupported " |
| 176 | + "critical extensions: " + exts); |
| 177 | } |
| 178 | } |
| 179 | |
| 180 | /** |
| 181 | * Utility method checking if the extended key usage extension in |
| 182 | * certificate cert allows use for expectedEKU. |
| 183 | */ |
| 184 | private boolean checkEKU(X509Certificate cert, Set<String> exts, |
| 185 | String expectedEKU) throws CertificateException { |
| 186 | List<String> eku = cert.getExtendedKeyUsage(); |
| 187 | if (eku == null) { |
| 188 | return true; |
| 189 | } |
| 190 | return eku.contains(expectedEKU) || eku.contains(OID_EKU_ANY_USAGE); |
| 191 | } |
| 192 | |
| 193 | /** |
| 194 | * Utility method checking if bit 'bit' is set in this certificates |
| 195 | * key usage extension. |
| 196 | * @throws CertificateException if not |
| 197 | */ |
| 198 | private boolean checkKeyUsage(X509Certificate cert, int bit) |
| 199 | throws CertificateException { |
| 200 | boolean[] keyUsage = cert.getKeyUsage(); |
| 201 | if (keyUsage == null) { |
| 202 | return true; |
| 203 | } |
| 204 | return (keyUsage.length > bit) && keyUsage[bit]; |
| 205 | } |
| 206 | |
| 207 | /** |
| 208 | * Check whether this certificate can be used for TLS client |
| 209 | * authentication. |
| 210 | * @throws CertificateException if not. |
| 211 | */ |
| 212 | private void checkTLSClient(X509Certificate cert) |
| 213 | throws CertificateException { |
| 214 | Set<String> exts = getCriticalExtensions(cert); |
| 215 | |
| 216 | if (checkKeyUsage(cert, KU_SIGNATURE) == false) { |
| 217 | throw new ValidatorException |
| 218 | ("KeyUsage does not allow digital signatures", |
| 219 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 220 | } |
| 221 | |
| 222 | if (checkEKU(cert, exts, OID_EKU_TLS_CLIENT) == false) { |
| 223 | throw new ValidatorException("Extended key usage does not " |
| 224 | + "permit use for TLS client authentication", |
| 225 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 226 | } |
| 227 | |
| 228 | if (!SimpleValidator.getNetscapeCertTypeBit(cert, NSCT_SSL_CLIENT)) { |
| 229 | throw new ValidatorException |
| 230 | ("Netscape cert type does not permit use for SSL client", |
| 231 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 232 | } |
| 233 | |
| 234 | // remove extensions we checked |
| 235 | exts.remove(SimpleValidator.OID_KEY_USAGE); |
| 236 | exts.remove(SimpleValidator.OID_EXTENDED_KEY_USAGE); |
| 237 | exts.remove(SimpleValidator.OID_NETSCAPE_CERT_TYPE); |
| 238 | |
| 239 | checkRemainingExtensions(exts); |
| 240 | } |
| 241 | |
| 242 | /** |
| 243 | * Check whether this certificate can be used for TLS server authentication |
| 244 | * using the specified authentication type parameter. See X509TrustManager |
| 245 | * specification for details. |
| 246 | * @throws CertificateException if not. |
| 247 | */ |
| 248 | private void checkTLSServer(X509Certificate cert, String parameter) |
| 249 | throws CertificateException { |
| 250 | Set<String> exts = getCriticalExtensions(cert); |
| 251 | |
| 252 | if (KU_SERVER_ENCRYPTION.contains(parameter)) { |
| 253 | if (checkKeyUsage(cert, KU_KEY_ENCIPHERMENT) == false) { |
| 254 | throw new ValidatorException |
| 255 | ("KeyUsage does not allow key encipherment", |
| 256 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 257 | } |
| 258 | } else if (KU_SERVER_SIGNATURE.contains(parameter)) { |
| 259 | if (checkKeyUsage(cert, KU_SIGNATURE) == false) { |
| 260 | throw new ValidatorException |
| 261 | ("KeyUsage does not allow digital signatures", |
| 262 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 263 | } |
| 264 | } else if (KU_SERVER_KEY_AGREEMENT.contains(parameter)) { |
| 265 | if (checkKeyUsage(cert, KU_KEY_AGREEMENT) == false) { |
| 266 | throw new ValidatorException |
| 267 | ("KeyUsage does not allow key agreement", |
| 268 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 269 | } |
| 270 | } else { |
| 271 | throw new CertificateException("Unknown authType: " + parameter); |
| 272 | } |
| 273 | |
| 274 | if (checkEKU(cert, exts, OID_EKU_TLS_SERVER) == false) { |
| 275 | // check for equivalent but now obsolete Server-Gated-Cryptography |
| 276 | // (aka Step-Up, 128 bit) EKU OIDs |
| 277 | if ((checkEKU(cert, exts, OID_EKU_MS_SGC) == false) && |
| 278 | (checkEKU(cert, exts, OID_EKU_NS_SGC) == false)) { |
| 279 | throw new ValidatorException |
| 280 | ("Extended key usage does not permit use for TLS " |
| 281 | + "server authentication", |
| 282 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 283 | } |
| 284 | } |
| 285 | |
| 286 | if (!SimpleValidator.getNetscapeCertTypeBit(cert, NSCT_SSL_SERVER)) { |
| 287 | throw new ValidatorException |
| 288 | ("Netscape cert type does not permit use for SSL server", |
| 289 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 290 | } |
| 291 | |
| 292 | // remove extensions we checked |
| 293 | exts.remove(SimpleValidator.OID_KEY_USAGE); |
| 294 | exts.remove(SimpleValidator.OID_EXTENDED_KEY_USAGE); |
| 295 | exts.remove(SimpleValidator.OID_NETSCAPE_CERT_TYPE); |
| 296 | |
| 297 | checkRemainingExtensions(exts); |
| 298 | } |
| 299 | |
| 300 | /** |
| 301 | * Check whether this certificate can be used for code signing. |
| 302 | * @throws CertificateException if not. |
| 303 | */ |
| 304 | private void checkCodeSigning(X509Certificate cert) |
| 305 | throws CertificateException { |
| 306 | Set<String> exts = getCriticalExtensions(cert); |
| 307 | |
| 308 | if (checkKeyUsage(cert, KU_SIGNATURE) == false) { |
| 309 | throw new ValidatorException |
| 310 | ("KeyUsage does not allow digital signatures", |
| 311 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 312 | } |
| 313 | |
| 314 | if (checkEKU(cert, exts, OID_EKU_CODE_SIGNING) == false) { |
| 315 | throw new ValidatorException |
| 316 | ("Extended key usage does not permit use for code signing", |
| 317 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 318 | } |
| 319 | |
| 320 | // do not check Netscape cert type for JCE code signing checks |
| 321 | // (some certs were issued with incorrect extensions) |
| 322 | if (variant.equals(Validator.VAR_JCE_SIGNING) == false) { |
| 323 | if (!SimpleValidator.getNetscapeCertTypeBit(cert, NSCT_CODE_SIGNING)) { |
| 324 | throw new ValidatorException |
| 325 | ("Netscape cert type does not permit use for code signing", |
| 326 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 327 | } |
| 328 | exts.remove(SimpleValidator.OID_NETSCAPE_CERT_TYPE); |
| 329 | } |
| 330 | |
| 331 | // remove extensions we checked |
| 332 | exts.remove(SimpleValidator.OID_KEY_USAGE); |
| 333 | exts.remove(SimpleValidator.OID_EXTENDED_KEY_USAGE); |
| 334 | |
| 335 | checkRemainingExtensions(exts); |
| 336 | } |
| 337 | |
| 338 | /** |
| 339 | * Check whether this certificate can be used by a time stamping authority |
| 340 | * server (see RFC 3161, section 2.3). |
| 341 | * @throws CertificateException if not. |
| 342 | */ |
| 343 | private void checkTSAServer(X509Certificate cert) |
| 344 | throws CertificateException { |
| 345 | Set<String> exts = getCriticalExtensions(cert); |
| 346 | |
| 347 | if (checkKeyUsage(cert, KU_SIGNATURE) == false) { |
| 348 | throw new ValidatorException |
| 349 | ("KeyUsage does not allow digital signatures", |
| 350 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 351 | } |
| 352 | |
| 353 | if (cert.getExtendedKeyUsage() == null) { |
| 354 | throw new ValidatorException |
| 355 | ("Certificate does not contain an extended key usage " + |
| 356 | "extension required for a TSA server", |
| 357 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 358 | } |
| 359 | |
| 360 | if (checkEKU(cert, exts, OID_EKU_TIME_STAMPING) == false) { |
| 361 | throw new ValidatorException |
| 362 | ("Extended key usage does not permit use for TSA server", |
| 363 | ValidatorException.T_EE_EXTENSIONS, cert); |
| 364 | } |
| 365 | |
| 366 | // remove extensions we checked |
| 367 | exts.remove(SimpleValidator.OID_KEY_USAGE); |
| 368 | exts.remove(SimpleValidator.OID_EXTENDED_KEY_USAGE); |
| 369 | |
| 370 | checkRemainingExtensions(exts); |
| 371 | } |
| 372 | } |