X509 Certificate Interface Discussion

[reaperhulk]

Let's talk about what an X509 certificate looks like. Here's a strawman I built in 10 minutes. It does not attempt to define what a distinguished name object or the extensions objects would look like at this time.

@six.add_metaclass(abc.ABCMeta)
class X509Certificate(object):
    @abc.abstractproperty
    def extensions(self):
        """
        Returns a list of extension objects
        """

    @abc.abstractproperty
    def fingerprint(algorithm):
        """
        Returns bytes using digest passed.
        """

    @abc.abstractproperty
    def serial(self):
        """
        Returns certificate serial number
        """

    @abc.abstractproperty
    def version(self):
        """
        Returns certificate version
        """

    @abc.abstractmethod
    def subject(self):
        """
        Returns the subject distinguished name object
        """

    @abc.abstractmethod
    def issuer(self):
        """
        Returns the issuer distinguished name object
        """

    @abc.abstractproperty
    def signature_algorithm(self):
        """
        Returns signature algorithm data. This will be some mapping of the OID.
        """

    @abc.abstractmethod
    def public_key(self):
        """
        Returns the public key
        """

    @abc.abstractproperty
    def not_before(self):
        """
        Not before time (represented as UTC time object)
        """

    @abc.abstractproperty
    def not_after(self):
        """
        Not after time (represented as UTC time object)
        """

[glyph]

Hah. "time", you say, like that's a type. datetime.datetime instance, perhaps you meant?

[reaperhulk]

I didn't want to even think about what the type really was. You can think of it as unix epoch seconds if you'd like!

[reaperhulk]

Less facetiously, not_before and not_after are stored as GeneralizedTime or UTCTime ASN.1 types.

[glyph]

It is with a heavy heart that I must suggest the actual time here be represented as epoch seconds. Timezones, man.

[eevee]

Would a UTC datetime not work just as well, seeing as it's unambiguous? Interested parties can then localize using tzlocal or whatnot.

[glyph]

@eevee A fixed offset timezone would be OK, but the problem is you have to provide your own fixed offset object, and then you have to convert between that and everybody else's fixed offset. An optional dependency on pytz might alleviate the pain there. Also, are you referring to tzlocal? I don't think I've heard of that before; interesting link.

[public]

@reaperhulk How do you even determine the appropriate "local time" for a GeneralizedTime in a certificate? Is the CAs? The subjects? The clients? The servers?

[reaperhulk]

@public in my years in the CA world I'm not sure I ever saw a certificate that didn't use UTCTime, but it seems like there are two scenarios we'd need to handle.

• No time zone offset is provided and you therefore must treat the time as local time
• A time zone offset is provided and you can correct to UTC.

The first sucks but if we don't have the data that's what is required. This is another case where building up some certificate fuzzing tests (where the fuzzing is just playing around INSIDE the spec) becomes interesting.

[glyph]

@reaperhulk Why do you have to treat the provided time as local time? How could the issuer possibly know your timezone? Why not just always assume UTC?

[acv]

RFC 5280 states that GMT MUST be used when using GeneralizedTime (4.1.2.5.2):

For the purposes of this profile, GeneralizedTime values MUST be
expressed in Greenwich Mean Time (Zulu) and MUST include seconds
(i.e., times are YYYYMMDDHHMMSSZ), even where the number of seconds
is zero.  GeneralizedTime values MUST NOT include fractional seconds.

This would seem to support defaulting to GMT in any case.

[glyph]

@acv thanks for the spec reference.

[public]

    def extensions(self):
        """
        Returns a list of extension objects
        """

This seems pretty vague. What kind of extensions for certificates have, which ones do we need to support in practice for this to actually be useful?

    @abc.abstractproperty
    def fingerprint(algorithm):
        """
        Returns bytes using digest passed.
        """

IIRC the certificate actually contains this precomputed too? Do we need some kind of verify method to work with this?

    @abc.abstractproperty
    def signature_algorithm(self):
        """
        Returns signature algorithm (this is an OID)
        """

Should return a Hash instance not an OID?

    @abc.abstractproperty
    def serial(self):
        """
        Returns certificate serial number
        """

Is this a byte string?

[reaperhulk]

@public, we need to support every extension defined in RFC 3280/5280 (5280 obsoletes 3280 so you don't have to look at both) to be useful.

Certificates should (but do not always) contain subject key identifier and authority key identifier extensions, which are used for path building and are based on a hash of sub-components of the complete certificate. This is different than the certificate fingerprint, which is a hash of the DER bytes of the entire cert.

The reason signature_algorithm returns an OID in the current proposal is because it contains more than just the hash. For instance, "sha256withRSAEncryption" or "sha384withECDSA". These OIDs are well-defined for the common case so it's possible we could map them to something else, but ultimately it's just an OID.

Serial is typically represented as hex or decimal (most commonly hex) by other x509 parsing libraries. I'd prefer it to be hex (I've done decimal in the past with r509 and regretted it since it's unusual and confusing to people).

[public]

I definitely think we should map the OID to something useful, or at the very least provide an easy way for people to do that themselves.