-
Notifications
You must be signed in to change notification settings - Fork 1
/
v1.go
86 lines (79 loc) · 2.8 KB
/
v1.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
/*
This file implements the checking of root key commitments for the Certificate
Transparency API in v1.
*/
package roots
import (
"context"
"errors"
"fmt"
"log"
"net/url"
"time"
"github.com/adem-wg/adem-proto/pkg/tokens"
"github.com/adem-wg/adem-proto/pkg/util"
"github.com/google/certificate-transparency-go/client"
"github.com/google/certificate-transparency-go/x509"
"github.com/lestrrat-go/jwx/v2/jwk"
"github.com/transparency-dev/merkle/proof"
"github.com/transparency-dev/merkle/rfc6962"
)
var ErrIssNoHostName = errors.New("issuer has no hostname")
var ErrCertNotForIss = errors.New("certificate is not valid for issuer OI")
var ErrCertNotForKey = errors.New("certificate is not valid for key")
var ErrWrongEntryType = errors.New("do not recognize entry type")
// Verify that the rootKey is correctly bound to the issuer OI in the
// certificate's subjects referenced by the CT query.
func VerifyBinding(q CTQueryResult, issuer string, rootKey jwk.Key) error {
kid, err := tokens.CalcKID(rootKey)
if err != nil {
log.Print("could not calculate KID")
return err
}
issuerUrl, err := url.Parse(issuer)
if err != nil {
log.Print("could not parse issuer")
return err
} else if issuerUrl.Hostname() == "" {
return ErrIssNoHostName
}
if !util.Contains(q.subjects, issuerUrl.Hostname()) {
return ErrCertNotForIss
} else if !util.Contains(q.subjects, fmt.Sprintf("%s.adem-configuration.%s", kid, issuerUrl.Hostname())) {
return ErrCertNotForKey
}
return nil
}
// Verify that the given certificate hash is included in the log identified by
// the respective client.
func VerifyInclusion(cl *client.LogClient, hash []byte) ([]string, error) {
ctx, cancel := context.WithTimeout(context.Background(), time.Duration(time.Minute))
defer cancel()
if sth, err := cl.GetSTH(ctx); err != nil {
log.Print("could not fetch STH")
return nil, err
} else if err := cl.VerifySTHSignature(*sth); err != nil {
log.Print("STH not valid")
return nil, err
} else if respH, err := cl.GetProofByHash(ctx, hash, sth.TreeSize); err != nil {
log.Print("could not fetch proof by hash")
return nil, err
} else if err := proof.VerifyInclusion(rfc6962.DefaultHasher, uint64(respH.LeafIndex), sth.TreeSize, hash, respH.AuditPath, sth.SHA256RootHash[:]); err != nil {
log.Print("could not verify inclusion proof")
return nil, err
} else if respE, err := cl.GetEntries(ctx, respH.LeafIndex, respH.LeafIndex); err != nil || len(respE) != 1 {
log.Print("could not fetch entry")
return nil, err
} else {
var cert *x509.Certificate
if respE[0].Precert != nil {
cert = respE[0].Precert.TBSCertificate
} else if respE[0].X509Cert != nil {
cert = respE[0].X509Cert
} else {
log.Print("could not parse certificate")
return nil, ErrWrongEntryType
}
return append(cert.DNSNames, cert.Subject.CommonName), nil
}
}