--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.base/share/classes/sun/security/provider/certpath/AlgorithmChecker.java Tue Sep 12 19:03:39 2017 +0200
@@ -0,0 +1,461 @@
+/*
+ * Copyright (c) 2009, 2017, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+package sun.security.provider.certpath;
+
+import java.security.AlgorithmConstraints;
+import java.security.CryptoPrimitive;
+import java.security.Timestamp;
+import java.security.cert.CertPathValidator;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Set;
+import java.util.EnumSet;
+import java.math.BigInteger;
+import java.security.PublicKey;
+import java.security.KeyFactory;
+import java.security.AlgorithmParameters;
+import java.security.GeneralSecurityException;
+import java.security.cert.Certificate;
+import java.security.cert.X509CRL;
+import java.security.cert.X509Certificate;
+import java.security.cert.PKIXCertPathChecker;
+import java.security.cert.TrustAnchor;
+import java.security.cert.CRLException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertPathValidatorException.BasicReason;
+import java.security.cert.PKIXReason;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPublicKey;
+import java.security.spec.DSAPublicKeySpec;
+
+import sun.security.util.AnchorCertificates;
+import sun.security.util.ConstraintsParameters;
+import sun.security.util.Debug;
+import sun.security.util.DisabledAlgorithmConstraints;
+import sun.security.validator.Validator;
+import sun.security.x509.X509CertImpl;
+import sun.security.x509.X509CRLImpl;
+import sun.security.x509.AlgorithmId;
+
+/**
+ * A {@code PKIXCertPathChecker} implementation to check whether a
+ * specified certificate contains the required algorithm constraints.
+ * <p>
+ * Certificate fields such as the subject public key, the signature
+ * algorithm, key usage, extended key usage, etc. need to conform to
+ * the specified algorithm constraints.
+ *
+ * @see PKIXCertPathChecker
+ * @see PKIXParameters
+ */
+public final class AlgorithmChecker extends PKIXCertPathChecker {
+ private static final Debug debug = Debug.getInstance("certpath");
+
+ private final AlgorithmConstraints constraints;
+ private final PublicKey trustedPubKey;
+ private final Date pkixdate;
+ private PublicKey prevPubKey;
+ private final Timestamp jarTimestamp;
+ private final String variant;
+
+ private static final Set<CryptoPrimitive> SIGNATURE_PRIMITIVE_SET =
+ Collections.unmodifiableSet(EnumSet.of(CryptoPrimitive.SIGNATURE));
+
+ private static final Set<CryptoPrimitive> KU_PRIMITIVE_SET =
+ Collections.unmodifiableSet(EnumSet.of(
+ CryptoPrimitive.SIGNATURE,
+ CryptoPrimitive.KEY_ENCAPSULATION,
+ CryptoPrimitive.PUBLIC_KEY_ENCRYPTION,
+ CryptoPrimitive.KEY_AGREEMENT));
+
+ private static final DisabledAlgorithmConstraints
+ certPathDefaultConstraints = new DisabledAlgorithmConstraints(
+ DisabledAlgorithmConstraints.PROPERTY_CERTPATH_DISABLED_ALGS);
+
+ // If there is no "cacerts" keyword, then disable anchor checking
+ private static final boolean publicCALimits =
+ certPathDefaultConstraints.checkProperty("jdkCA");
+
+ // If anchor checking enabled, this will be true if the trust anchor
+ // has a match in the cacerts file
+ private boolean trustedMatch = false;
+
+ /**
+ * Create a new {@code AlgorithmChecker} with the given algorithm
+ * given {@code TrustAnchor} and {@code String} variant.
+ *
+ * @param anchor the trust anchor selected to validate the target
+ * certificate
+ * @param variant is the Validator variants of the operation. A null value
+ * passed will set it to Validator.GENERIC.
+ */
+ public AlgorithmChecker(TrustAnchor anchor, String variant) {
+ this(anchor, certPathDefaultConstraints, null, null, variant);
+ }
+
+ /**
+ * Create a new {@code AlgorithmChecker} with the given
+ * {@code AlgorithmConstraints}, {@code Timestamp}, and {@code String}
+ * variant.
+ *
+ * Note that this constructor can initialize a variation of situations where
+ * the AlgorithmConstraints, Timestamp, or Variant maybe known.
+ *
+ * @param constraints the algorithm constraints (or null)
+ * @param jarTimestamp Timestamp passed for JAR timestamp constraint
+ * checking. Set to null if not applicable.
+ * @param variant is the Validator variants of the operation. A null value
+ * passed will set it to Validator.GENERIC.
+ */
+ public AlgorithmChecker(AlgorithmConstraints constraints,
+ Timestamp jarTimestamp, String variant) {
+ this(null, constraints, null, jarTimestamp, variant);
+ }
+
+ /**
+ * Create a new {@code AlgorithmChecker} with the
+ * given {@code TrustAnchor}, {@code AlgorithmConstraints},
+ * {@code Timestamp}, and {@code String} variant.
+ *
+ * @param anchor the trust anchor selected to validate the target
+ * certificate
+ * @param constraints the algorithm constraints (or null)
+ * @param pkixdate The date specified by the PKIXParameters date. If the
+ * PKIXParameters is null, the current date is used. This
+ * should be null when jar files are being checked.
+ * @param jarTimestamp Timestamp passed for JAR timestamp constraint
+ * checking. Set to null if not applicable.
+ * @param variant is the Validator variants of the operation. A null value
+ * passed will set it to Validator.GENERIC.
+ */
+ public AlgorithmChecker(TrustAnchor anchor,
+ AlgorithmConstraints constraints, Date pkixdate,
+ Timestamp jarTimestamp, String variant) {
+
+ if (anchor != null) {
+ if (anchor.getTrustedCert() != null) {
+ this.trustedPubKey = anchor.getTrustedCert().getPublicKey();
+ // Check for anchor certificate restrictions
+ trustedMatch = checkFingerprint(anchor.getTrustedCert());
+ if (trustedMatch && debug != null) {
+ debug.println("trustedMatch = true");
+ }
+ } else {
+ this.trustedPubKey = anchor.getCAPublicKey();
+ }
+ } else {
+ this.trustedPubKey = null;
+ if (debug != null) {
+ debug.println("TrustAnchor is null, trustedMatch is false.");
+ }
+ }
+
+ this.prevPubKey = this.trustedPubKey;
+ this.constraints = (constraints == null ? certPathDefaultConstraints :
+ constraints);
+ // If we are checking jar files, set pkixdate the same as the timestamp
+ // for certificate checking
+ this.pkixdate = (jarTimestamp != null ? jarTimestamp.getTimestamp() :
+ pkixdate);
+ this.jarTimestamp = jarTimestamp;
+ this.variant = (variant == null ? Validator.VAR_GENERIC : variant);
+ }
+
+ /**
+ * Create a new {@code AlgorithmChecker} with the given {@code TrustAnchor},
+ * {@code PKIXParameter} date, and {@code varient}
+ *
+ * @param anchor the trust anchor selected to validate the target
+ * certificate
+ * @param pkixdate Date the constraints are checked against. The value is
+ * either the PKIXParameters date or null for the current date.
+ * @param variant is the Validator variants of the operation. A null value
+ * passed will set it to Validator.GENERIC.
+ */
+ public AlgorithmChecker(TrustAnchor anchor, Date pkixdate, String variant) {
+ this(anchor, certPathDefaultConstraints, pkixdate, null, variant);
+ }
+
+ // Check this 'cert' for restrictions in the AnchorCertificates
+ // trusted certificates list
+ private static boolean checkFingerprint(X509Certificate cert) {
+ if (!publicCALimits) {
+ return false;
+ }
+
+ if (debug != null) {
+ debug.println("AlgorithmChecker.contains: " + cert.getSigAlgName());
+ }
+ return AnchorCertificates.contains(cert);
+ }
+
+ @Override
+ public void init(boolean forward) throws CertPathValidatorException {
+ // Note that this class does not support forward mode.
+ if (!forward) {
+ if (trustedPubKey != null) {
+ prevPubKey = trustedPubKey;
+ } else {
+ prevPubKey = null;
+ }
+ } else {
+ throw new
+ CertPathValidatorException("forward checking not supported");
+ }
+ }
+
+ @Override
+ public boolean isForwardCheckingSupported() {
+ // Note that as this class does not support forward mode, the method
+ // will always returns false.
+ return false;
+ }
+
+ @Override
+ public Set<String> getSupportedExtensions() {
+ return null;
+ }
+
+ @Override
+ public void check(Certificate cert,
+ Collection<String> unresolvedCritExts)
+ throws CertPathValidatorException {
+
+ if (!(cert instanceof X509Certificate) || constraints == null) {
+ // ignore the check for non-x.509 certificate or null constraints
+ return;
+ }
+
+ // check the key usage and key size
+ boolean[] keyUsage = ((X509Certificate) cert).getKeyUsage();
+ if (keyUsage != null && keyUsage.length < 9) {
+ throw new CertPathValidatorException(
+ "incorrect KeyUsage extension",
+ null, null, -1, PKIXReason.INVALID_KEY_USAGE);
+ }
+
+ X509CertImpl x509Cert;
+ AlgorithmId algorithmId;
+ try {
+ x509Cert = X509CertImpl.toImpl((X509Certificate)cert);
+ algorithmId = (AlgorithmId)x509Cert.get(X509CertImpl.SIG_ALG);
+ } catch (CertificateException ce) {
+ throw new CertPathValidatorException(ce);
+ }
+
+ AlgorithmParameters currSigAlgParams = algorithmId.getParameters();
+ PublicKey currPubKey = cert.getPublicKey();
+ String currSigAlg = x509Cert.getSigAlgName();
+
+ // Check the signature algorithm and parameters against constraints.
+ if (!constraints.permits(SIGNATURE_PRIMITIVE_SET, currSigAlg,
+ currSigAlgParams)) {
+ throw new CertPathValidatorException(
+ "Algorithm constraints check failed on signature " +
+ "algorithm: " + currSigAlg, null, null, -1,
+ BasicReason.ALGORITHM_CONSTRAINED);
+ }
+
+ // Assume all key usage bits are set if key usage is not present
+ Set<CryptoPrimitive> primitives = KU_PRIMITIVE_SET;
+
+ if (keyUsage != null) {
+ primitives = EnumSet.noneOf(CryptoPrimitive.class);
+
+ if (keyUsage[0] || keyUsage[1] || keyUsage[5] || keyUsage[6]) {
+ // keyUsage[0]: KeyUsage.digitalSignature
+ // keyUsage[1]: KeyUsage.nonRepudiation
+ // keyUsage[5]: KeyUsage.keyCertSign
+ // keyUsage[6]: KeyUsage.cRLSign
+ primitives.add(CryptoPrimitive.SIGNATURE);
+ }
+
+ if (keyUsage[2]) { // KeyUsage.keyEncipherment
+ primitives.add(CryptoPrimitive.KEY_ENCAPSULATION);
+ }
+
+ if (keyUsage[3]) { // KeyUsage.dataEncipherment
+ primitives.add(CryptoPrimitive.PUBLIC_KEY_ENCRYPTION);
+ }
+
+ if (keyUsage[4]) { // KeyUsage.keyAgreement
+ primitives.add(CryptoPrimitive.KEY_AGREEMENT);
+ }
+
+ // KeyUsage.encipherOnly and KeyUsage.decipherOnly are
+ // undefined in the absence of the keyAgreement bit.
+
+ if (primitives.isEmpty()) {
+ throw new CertPathValidatorException(
+ "incorrect KeyUsage extension bits",
+ null, null, -1, PKIXReason.INVALID_KEY_USAGE);
+ }
+ }
+
+ ConstraintsParameters cp =
+ new ConstraintsParameters((X509Certificate)cert,
+ trustedMatch, pkixdate, jarTimestamp, variant);
+
+ // Check against local constraints if it is DisabledAlgorithmConstraints
+ if (constraints instanceof DisabledAlgorithmConstraints) {
+ ((DisabledAlgorithmConstraints)constraints).permits(currSigAlg, cp);
+ // DisabledAlgorithmsConstraints does not check primitives, so key
+ // additional key check.
+
+ } else {
+ // Perform the default constraints checking anyway.
+ certPathDefaultConstraints.permits(currSigAlg, cp);
+ // Call locally set constraints to check key with primitives.
+ if (!constraints.permits(primitives, currPubKey)) {
+ throw new CertPathValidatorException(
+ "Algorithm constraints check failed on key " +
+ currPubKey.getAlgorithm() + " with size of " +
+ sun.security.util.KeyUtil.getKeySize(currPubKey) +
+ "bits",
+ null, null, -1, BasicReason.ALGORITHM_CONSTRAINED);
+ }
+ }
+
+ // If there is no previous key, set one and exit
+ if (prevPubKey == null) {
+ prevPubKey = currPubKey;
+ return;
+ }
+
+ // Check with previous cert for signature algorithm and public key
+ if (!constraints.permits(
+ SIGNATURE_PRIMITIVE_SET,
+ currSigAlg, prevPubKey, currSigAlgParams)) {
+ throw new CertPathValidatorException(
+ "Algorithm constraints check failed on " +
+ "signature algorithm: " + currSigAlg,
+ null, null, -1, BasicReason.ALGORITHM_CONSTRAINED);
+ }
+
+ // Inherit key parameters from previous key
+ if (PKIX.isDSAPublicKeyWithoutParams(currPubKey)) {
+ // Inherit DSA parameters from previous key
+ if (!(prevPubKey instanceof DSAPublicKey)) {
+ throw new CertPathValidatorException("Input key is not " +
+ "of a appropriate type for inheriting parameters");
+ }
+
+ DSAParams params = ((DSAPublicKey)prevPubKey).getParams();
+ if (params == null) {
+ throw new CertPathValidatorException(
+ "Key parameters missing from public key.");
+ }
+
+ try {
+ BigInteger y = ((DSAPublicKey)currPubKey).getY();
+ KeyFactory kf = KeyFactory.getInstance("DSA");
+ DSAPublicKeySpec ks = new DSAPublicKeySpec(y, params.getP(),
+ params.getQ(), params.getG());
+ currPubKey = kf.generatePublic(ks);
+ } catch (GeneralSecurityException e) {
+ throw new CertPathValidatorException("Unable to generate " +
+ "key with inherited parameters: " + e.getMessage(), e);
+ }
+ }
+
+ // reset the previous public key
+ prevPubKey = currPubKey;
+ }
+
+ /**
+ * Try to set the trust anchor of the checker.
+ * <p>
+ * If there is no trust anchor specified and the checker has not started,
+ * set the trust anchor.
+ *
+ * @param anchor the trust anchor selected to validate the target
+ * certificate
+ */
+ void trySetTrustAnchor(TrustAnchor anchor) {
+ // Don't bother if the check has started or trust anchor has already
+ // specified.
+ if (prevPubKey == null) {
+ if (anchor == null) {
+ throw new IllegalArgumentException(
+ "The trust anchor cannot be null");
+ }
+
+ // Don't bother to change the trustedPubKey.
+ if (anchor.getTrustedCert() != null) {
+ prevPubKey = anchor.getTrustedCert().getPublicKey();
+ // Check for anchor certificate restrictions
+ trustedMatch = checkFingerprint(anchor.getTrustedCert());
+ if (trustedMatch && debug != null) {
+ debug.println("trustedMatch = true");
+ }
+ } else {
+ prevPubKey = anchor.getCAPublicKey();
+ }
+ }
+ }
+
+ /**
+ * Check the signature algorithm with the specified public key.
+ *
+ * @param key the public key to verify the CRL signature
+ * @param crl the target CRL
+ * @param variant is the Validator variants of the operation. A null value
+ * passed will set it to Validator.GENERIC.
+ */
+ static void check(PublicKey key, X509CRL crl, String variant)
+ throws CertPathValidatorException {
+
+ X509CRLImpl x509CRLImpl = null;
+ try {
+ x509CRLImpl = X509CRLImpl.toImpl(crl);
+ } catch (CRLException ce) {
+ throw new CertPathValidatorException(ce);
+ }
+
+ AlgorithmId algorithmId = x509CRLImpl.getSigAlgId();
+ check(key, algorithmId, variant);
+ }
+
+ /**
+ * Check the signature algorithm with the specified public key.
+ *
+ * @param key the public key to verify the CRL signature
+ * @param algorithmId signature algorithm Algorithm ID
+ * @param variant is the Validator variants of the operation. A null value
+ * passed will set it to Validator.GENERIC.
+ */
+ static void check(PublicKey key, AlgorithmId algorithmId, String variant)
+ throws CertPathValidatorException {
+ String sigAlgName = algorithmId.getName();
+ AlgorithmParameters sigAlgParams = algorithmId.getParameters();
+
+ certPathDefaultConstraints.permits(new ConstraintsParameters(
+ sigAlgName, sigAlgParams, key, variant));
+ }
+}
+