Permalink
Browse files

Disable certificate chaining for now.

This feature is not used by any servers in the wild, and the spec
for it is going to change soon.
  • Loading branch information...
1 parent f19ca6d commit c474a3d8604d6dc581333516157a2a5f1b2e147f @rfk rfk committed Jul 2, 2012
Showing with 22 additions and 6 deletions.
  1. +5 −0 browserid/errors.py
  2. +13 −5 browserid/tests/test_verifiers.py
  3. +4 −1 browserid/verifiers/local.py
View
@@ -41,3 +41,8 @@ class ExpiredSignatureError(TrustError):
class AudienceMismatchError(TrustError):
"""Error raised when the audience does not match."""
pass
+
+
+class UnsupportedCertChainError(TrustError):
+ """The spec for multi-cert chains is in flux; we don't support them yet."""
+ pass
@@ -16,7 +16,9 @@
from browserid import RemoteVerifier, LocalVerifier
from browserid.certificates import FIFOCache, CertificatesManager
from browserid.verifiers.workerpool import WorkerPoolVerifier
-from browserid.utils import encode_json_bytes, decode_json_bytes
+from browserid.utils import (encode_json_bytes,
+ decode_json_bytes,
+ bundle_certs_and_assertion)
from browserid.errors import (TrustError,
ConnectionError,
ExpiredSignatureError,
@@ -103,10 +105,16 @@ def test_malformed_assertions(self):
self.assertRaises(errors, self.verifier.verify, assertion)
# This one has no certificates
pub, priv = get_keypair("TEST")
- assertion = encode_json_bytes({
- "assertion": jwt.generate({"aud": "TEST"}, priv),
- "certificates": []
- })
+ assertion = bundle_certs_and_assertion(
+ [],
+ jwt.generate({"aud": "TEST"}, priv),
+ )
+ self.assertRaises(errors, self.verifier.verify, assertion)
+ # This one has too many certificates in the chain.
+ assertion = bundle_certs_and_assertion(
+ [jwt.generate({}, priv), jwt.generate({}, priv)],
+ jwt.generate({"aud": "TEST"}, priv),
+ )
self.assertRaises(errors, self.verifier.verify, assertion)
@@ -10,7 +10,8 @@
from browserid.certificates import CertificatesManager
from browserid.utils import unbundle_certs_and_assertion
from browserid.errors import (InvalidSignatureError,
- ExpiredSignatureError)
+ ExpiredSignatureError,
+ UnsupportedCertChainError)
DEFAULT_TRUSTED_SECONDARIES = ("browserid.org", "diresworb.org",
@@ -73,6 +74,8 @@ def verify(self, assertion, audience=None, now=None):
# Grab the assertion, check that it has not expired.
# No point doing all that crypto if we're going to fail out anyway.
certificates, assertion = unbundle_certs_and_assertion(assertion)
+ if len(certificates) > 1:
+ raise UnsupportedCertChainError("too many certs")
assertion = self.parse_jwt(assertion)
if assertion.payload["exp"] < now:
raise ExpiredSignatureError(assertion.payload["exp"])

0 comments on commit c474a3d

Please sign in to comment.