[svn] ksba - r252 - in trunk: . doc m4 src tests tests/samples
svn author wk
cvs at cvs.gnupg.org
Wed Aug 30 12:19:16 CEST 2006
Author: wk
Date: 2006-08-30 12:19:14 +0200 (Wed, 30 Aug 2006)
New Revision: 252
Added:
trunk/m4/autobuild.m4
trunk/tests/samples/ov2-ocsp-server.crt
trunk/tests/samples/ov2-root-ca-cert.crt
trunk/tests/samples/ov2-user.crt
trunk/tests/samples/ov2-userrev.crt
Modified:
trunk/Makefile.am
trunk/NEWS
trunk/README
trunk/TODO
trunk/configure.ac
trunk/doc/gpl.texi
trunk/doc/ksba.texi
trunk/src/ChangeLog
trunk/src/cert.c
trunk/src/cms.c
trunk/src/ocsp.c
trunk/src/ocsp.h
trunk/src/util.c
trunk/tests/ChangeLog
trunk/tests/Makefile.am
trunk/tests/samples/README
trunk/tests/t-ocsp.c
Log:
implememted ocsp once checking
Modified: trunk/Makefile.am
===================================================================
--- trunk/Makefile.am 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/Makefile.am 2006-08-30 10:19:14 UTC (rev 252)
@@ -23,7 +23,7 @@
ACLOCAL_AMFLAGS = -I m4 -I gl/m4
AUTOMAKE_OPTIONS = dist-bzip2
-EXTRA_DIST = README-alpha autogen.sh
+EXTRA_DIST = autogen.sh
if CROSS_COMPILING
Modified: trunk/NEWS
===================================================================
--- trunk/NEWS 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/NEWS 2006-08-30 10:19:14 UTC (rev 252)
@@ -1,7 +1,9 @@
-Noteworthy changes in version 0.9.16
+Noteworthy changes in version 0.9.17
-------------------------------------------------
+ * OCSP nonces are now checked to detact replay attacks.
+
Noteworthy changes in version 0.9.16 (2006-08-01)
-------------------------------------------------
@@ -299,7 +301,7 @@
* Nearly all stuff needed for the Aegypten project is now in place.
- Copyright 2002, 2003, 2004, 2005 g10 Code GmbH
+ Copyright 2002, 2003, 2004, 2005, 2006 g10 Code GmbH
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
Modified: trunk/README
===================================================================
--- trunk/README 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/README 2006-08-30 10:19:14 UTC (rev 252)
@@ -41,56 +41,8 @@
A standard info format reference manual is included. However the OCSP
feature has not yet been documented. See the comments in src/ocsp.c
-and the example tests/t-ocsp.c
+and the example tests/t-ocsp.c. The program dirmngr uses the ocsp
+feature and may be used as another example.
-
- Old Information which might not be correct anymore:
- ---------------------------------------------------
-
-KSBA provides these subsystems:
-
-
-* ASN.1 Parser (ksba_asn_*)
-
- KSBA provides a simple ASN.1 parser which can be used to read
- definitions directly from an ASN.1 module without the need of
- generating extra tables. For ease of maintenance it also comes with
- a tool to create static data structures to avoid that overhead and
- the need to include ASN.1 modules.
-
- The primary goal of this parser is to provide the ASN.1 syntax tree
- to be used by other library modules.
-
-* BER Decoder (ksba_ber_decoder_*)
-
- This is a decoder for the ASN.1 Basic Encoding Rules with a facility
- to detect valid DER encoding (DER is a subset of BER). By using
- thresholds and pre-registered callout function it is possible to
- work on indefinite length data stream and limiting the memory usage
- to a fixed upper bound.
-
-* BER Encoder (ksba_ber_encoder_*)
-
- This is the counterpart to the DER Decoder with the ability to
- restrict the encoding to DER.
-
-* Certificate Handling (ksba_cert_*)
-
- The main bulk of the provided functions are used to give a clean
- interface to X.509 certificates by translating X.509 data types to
- more standard data types.
-
-* CMS Handling (ksba_cms_*)
-
- The Cryptographic Message Syntax is the core data type for S/MIME
- and therefore KSBA provides an interface to parse and create these
- objects without the need to cope with ASN.1.
-
-* Reader and Writer (ksba_reader_*, ksba_writer_*)
-
- Abstraction objects to access memory areas, files or file
- descriptor.
-
-
Modified: trunk/TODO
===================================================================
--- trunk/TODO 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/TODO 2006-08-30 10:19:14 UTC (rev 252)
@@ -51,5 +51,3 @@
** The ASN.1 parse tree is not released in all places
** Some memory is not released in case of errors.
-* src/ocsp.c
-** Implement nonce checking.
Modified: trunk/configure.ac
===================================================================
--- trunk/configure.ac 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/configure.ac 2006-08-30 10:19:14 UTC (rev 252)
@@ -55,6 +55,7 @@
AC_CONFIG_SRCDIR([src/ksba.h])
AM_INIT_AUTOMAKE($PACKAGE, $VERSION)
AM_CONFIG_HEADER(config.h)
+AB_INIT
AC_GNU_SOURCE
Modified: trunk/doc/gpl.texi
===================================================================
--- trunk/doc/gpl.texi 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/doc/gpl.texi 2006-08-30 10:19:14 UTC (rev 252)
@@ -6,7 +6,7 @@
@display
Copyright @copyright{} 1989, 1991 Free Software Foundation, Inc.
-59 Temple Place -- Suite 330, Boston, MA 02111-1307, USA
+51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
@@ -352,7 +352,7 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
-59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
+51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
@end smallexample
Also add information on how to contact you by electronic and paper mail.
Modified: trunk/doc/ksba.texi
===================================================================
--- trunk/doc/ksba.texi 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/doc/ksba.texi 2006-08-30 10:19:14 UTC (rev 252)
@@ -1097,3 +1097,53 @@
@unnumbered Function and Data Index
@printindex fn
@bye
+
+
+
+ Old Information which might not be correct anymore:
+ ---------------------------------------------------
+
+KSBA provides these subsystems:
+
+
+* ASN.1 Parser (ksba_asn_*)
+
+ KSBA provides a simple ASN.1 parser which can be used to read
+ definitions directly from an ASN.1 module without the need of
+ generating extra tables. For ease of maintenance it also comes with
+ a tool to create static data structures to avoid that overhead and
+ the need to include ASN.1 modules.
+
+ The primary goal of this parser is to provide the ASN.1 syntax tree
+ to be used by other library modules.
+
+* BER Decoder (ksba_ber_decoder_*)
+
+ This is a decoder for the ASN.1 Basic Encoding Rules with a facility
+ to detect valid DER encoding (DER is a subset of BER). By using
+ thresholds and pre-registered callout function it is possible to
+ work on indefinite length data stream and limiting the memory usage
+ to a fixed upper bound.
+
+* BER Encoder (ksba_ber_encoder_*)
+
+ This is the counterpart to the DER Decoder with the ability to
+ restrict the encoding to DER.
+
+* Certificate Handling (ksba_cert_*)
+
+ The main bulk of the provided functions are used to give a clean
+ interface to X.509 certificates by translating X.509 data types to
+ more standard data types.
+
+* CMS Handling (ksba_cms_*)
+
+ The Cryptographic Message Syntax is the core data type for S/MIME
+ and therefore KSBA provides an interface to parse and create these
+ objects without the need to cope with ASN.1.
+
+* Reader and Writer (ksba_reader_*, ksba_writer_*)
+
+ Abstraction objects to access memory areas, files or file
+ descriptor.
+
Added: trunk/m4/autobuild.m4
===================================================================
--- trunk/m4/autobuild.m4 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/m4/autobuild.m4 2006-08-30 10:19:14 UTC (rev 252)
@@ -0,0 +1,34 @@
+# autobuild.m4 serial 2 (autobuild-3.3)
+# Copyright (C) 2004 Simon Josefsson
+#
+# This file is free software, distributed under the terms of the GNU
+# General Public License. As a special exception to the GNU General
+# Public License, this file may be distributed as part of a program
+# that contains a configuration script generated by Autoconf, under
+# the same distribution terms as the rest of that program.
+#
+# This file can can be used in projects which are not available under
+# the GNU General Public License or the GNU Library General Public
+# License but which still want to provide support for Autobuild.
+
+# Usage: AB_INIT([MODE]).
+AC_DEFUN([AB_INIT],
+[
+ AC_REQUIRE([AC_CANONICAL_BUILD])
+ AC_REQUIRE([AC_CANONICAL_HOST])
+
+ AC_MSG_NOTICE([autobuild project... ${PACKAGE_NAME:-$PACKAGE}])
+ AC_MSG_NOTICE([autobuild revision... ${PACKAGE_VERSION:-$VERSION}])
+ hostname=`hostname`
+ if test "$hostname"; then
+ AC_MSG_NOTICE([autobuild hostname... $hostname])
+ fi
+ ifelse([$1],[],,[AC_MSG_NOTICE([autobuild mode... $1])])
+ date=`date +%Y%m%d-%H%M%S`
+ if test "$?" != 0; then
+ date=`date`
+ fi
+ if test "$date"; then
+ AC_MSG_NOTICE([autobuild timestamp... $date])
+ fi
+])
Modified: trunk/src/ChangeLog
===================================================================
--- trunk/src/ChangeLog 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/src/ChangeLog 2006-08-30 10:19:14 UTC (rev 252)
@@ -1,3 +1,10 @@
+2006-08-30 Werner Koch <wk at g10code.com>
+
+ * ocsp.c (extract_nonce): New.
+ (ksba_ocsp_parse_response): Set status to replay on bad nonce.
+
+ * util.c (ksba_calloc): Protect against integer overflow.
+
2006-08-01 Werner Koch <wk at g10code.com>
* dn.c (ksba_dn_teststr): Bump nparts to actually allow returning
Modified: trunk/src/cert.c
===================================================================
--- trunk/src/cert.c 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/src/cert.c 2006-08-30 10:19:14 UTC (rev 252)
@@ -456,7 +456,7 @@
* @cert: certificate object
*
* This function returnes the serial number of the certificate. The
- * serial number is an integer returned as an cancnical encoded
+ * serial number is an integer returned as an canonical encoded
* S-expression with just one element.
*
* Return value: An allocated S-Exp or NULL for no value.
Modified: trunk/src/cms.c
===================================================================
--- trunk/src/cms.c 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/src/cms.c 2006-08-30 10:19:14 UTC (rev 252)
@@ -1170,7 +1170,7 @@
* @idx: index of recipient info
*
* Return the encrypted value (the session key) of recipient @idx in a
- * format suitable to be used as input to Libgcrypt's verification
+ * format suitable to be used as input to Libgcrypt's decryption
* function. The caller must free the returned string.
*
* Return value: NULL or a string with a S-Exp.
Modified: trunk/src/ocsp.c
===================================================================
--- trunk/src/ocsp.c 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/src/ocsp.c 2006-08-30 10:19:14 UTC (rev 252)
@@ -1,5 +1,5 @@
/* ocsp.c - OCSP (rfc2560)
- * Copyright (C) 2003, 2004, 2005 g10 Code GmbH
+ * Copyright (C) 2003, 2004, 2005, 2006 g10 Code GmbH
*
* This file is part of KSBA.
*
@@ -50,7 +50,7 @@
else
{
for (; n; n--, p++)
- fprintf (stderr, "%02X", *p);
+ fprintf (stderr, " %02X", *p);
}
}
#endif
@@ -421,7 +421,7 @@
err = ksba_writer_write (w1, buf, buflen);
xfree (buf); buf = NULL;
/* We known that the nonce is short enough to put the tag into 2 bytes, thus
- we write the encasulating octet string directly with a fixed length. */
+ we write the encapsulating octet string directly with a fixed length. */
if (!err)
err = _ksba_ber_write_tl (w1, TYPE_OCTET_STRING, CLASS_UNIVERSAL, 0,
2+ocsp->noncelen);
@@ -775,6 +775,71 @@
�
+/* Extract the nonce from the extension sequence. A typical data
+ ASN.1 blob passed to this function is:
+
+ SEQUENCE {
+ SEQUENCE {
+ OBJECT IDENTIFIER ocspNonce (1 3 6 1 5 5 7 48 1 2)
+ OCTET STRING, encapsulates {
+ INTEGER
+ 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50
+ }
+ }
+ }
+*/
+
+static int
+extract_nonce (ksba_ocsp_t ocsp, const unsigned char *data, size_t datalen)
+{
+ gpg_error_t err;
+ struct tag_info ti;
+ size_t length;
+ char *oid = NULL;
+
+ err = parse_sequence (&data, &datalen, &ti);
+ if (err)
+ goto leave;
+ length = ti.length;
+ while (length)
+ {
+ err = parse_sequence (&data, &datalen, &ti);
+ if (err)
+ goto leave;
+ if (length < ti.nhdr + ti.length)
+ {
+ err = gpg_error (GPG_ERR_BAD_BER);
+ goto leave;
+ }
+ length -= ti.nhdr + ti.length;
+
+ xfree (oid);
+ err = parse_object_id_into_str (&data, &datalen, &oid);
+ if (err)
+ goto leave;
+ err = parse_octet_string (&data, &datalen, &ti);
+ if (err)
+ goto leave;
+ if (!strcmp (oid, oidstr_ocsp_nonce))
+ {
+ err = parse_integer (&data, &datalen, &ti);
+ if (err)
+ goto leave;
+ if (ocsp->noncelen != ti.length
+ || memcmp (ocsp->nonce, data, ti.length))
+ ocsp->bad_nonce = 1;
+ else
+ ocsp->good_nonce = 1;
+ }
+ parse_skip (&data, &datalen, &ti); /* Skip the octet string / integer. */
+ }
+
+ leave:
+ xfree (oid);
+ return err;
+}
+
+
/* Parse the first part of a response:
OCSPResponse ::= SEQUENCE {
@@ -1209,10 +1274,9 @@
err = parse_context_tag (data, datalen, &ti, 1);
if (!err)
{
-
-
-
- /* FIXME: parse responseExtensions. */
+ err = extract_nonce (ocsp, *data, ti.length);
+ if (err)
+ return err;
parse_skip (data, datalen, &ti);
}
else if (gpg_err_code (err) == GPG_ERR_INV_OBJ)
@@ -1359,7 +1423,7 @@
/* Given the OCSP context and a binary reponse message of MSGLEN bytes
in MSG, this fucntion parses the response and prepares it for
signature verification. The status from the server is returned in
- RESPONSE_STATUS and must be checked even if the fucntion returns
+ RESPONSE_STATUS and must be checked even if the function returns
without an error. */
gpg_error_t
ksba_ocsp_parse_response (ksba_ocsp_t ocsp,
@@ -1379,6 +1443,8 @@
release_ocsp_certlist (ocsp->received_certs);
ocsp->received_certs = NULL;
ocsp->hash_length = 0;
+ ocsp->bad_nonce = 0;
+ ocsp->good_nonce = 0;
/* Reset the fields used to track the response. This is so that we
can use the parse function a second time for the same
@@ -1398,14 +1464,10 @@
/* FIXME: find duplicates in the request list and set them to the
same status. */
- if (*response_status == KSBA_OCSP_RSPSTATUS_SUCCESS
- && ocsp->noncelen)
- {
- /* FIXME: Check that there is a received nonce and that it matches. */
- /* If not status to KSBA_OCSP_RSPSTATUS_REPLAYED */
- }
+ if (*response_status == KSBA_OCSP_RSPSTATUS_SUCCESS)
+ if (ocsp->bad_nonce || (ocsp->noncelen && !ocsp->good_nonce))
+ *response_status = KSBA_OCSP_RSPSTATUS_REPLAYED;
-
return err;
}
Modified: trunk/src/ocsp.h
===================================================================
--- trunk/src/ocsp.h 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/src/ocsp.h 2006-08-30 10:19:14 UTC (rev 252)
@@ -68,6 +68,8 @@
increased, check that the created
request will still be valid as we use a
hacked implementation. */
+ int bad_nonce; /* The nonce does not match the request. */
+ int good_nonce; /* The nonce does match the request. */
unsigned char *request_buffer; /* Internal buffer to build the request. */
size_t request_buflen;
Modified: trunk/src/util.c
===================================================================
--- trunk/src/util.c 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/src/util.c 2006-08-30 10:19:14 UTC (rev 252)
@@ -24,6 +24,7 @@
#include <stdlib.h>
#include <string.h>
#include <assert.h>
+#include <errno.h>
#include "util.h"
@@ -123,9 +124,19 @@
void *
ksba_calloc (size_t n, size_t m )
{
- void *p = ksba_malloc (n*m);
+ size_t nbytes;
+ void *p;
+
+ nbytes = n * m;
+ if ( m && nbytes / m != n)
+ {
+ errno = ENOMEM;
+ p = NULL;
+ }
+ else
+ p = ksba_malloc (nbytes);
if (p)
- memset (p, 0, n*m);
+ memset (p, 0, nbytes);
return p;
}
Modified: trunk/tests/ChangeLog
===================================================================
--- trunk/tests/ChangeLog 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/tests/ChangeLog 2006-08-30 10:19:14 UTC (rev 252)
@@ -1,3 +1,7 @@
+2006-08-30 Werner Koch <wk at g10code.com>
+
+ * t-ocsp.c (one_response): Build the test request with the same nonce.
+
2006-08-01 Werner Koch <wk at g10code.com>
* Makefile.am (TESTS): Add t-dnparser.
Modified: trunk/tests/Makefile.am
===================================================================
--- trunk/tests/Makefile.am 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/tests/Makefile.am 2006-08-30 10:19:14 UTC (rev 252)
@@ -27,7 +27,9 @@
samples/authority.crt samples/betsy.crt samples/bull.crt \
samples/ov-ocsp-server.crt samples/ov-userrev.crt \
samples/ov-root-ca-cert.crt samples/ov-serverrev.crt \
- samples/ov-user.crt samples/ov-server.crt
+ samples/ov-user.crt samples/ov-server.crt \
+ samples/ov2-root-ca-cert.crt samples/ov2-ocsp-server.crt \
+ samples/ov2-user.crt samples/ov2-userrev.crt
test_crls = samples/ov-test-crl.crl
Modified: trunk/tests/samples/README
===================================================================
--- trunk/tests/samples/README 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/tests/samples/README 2006-08-30 10:19:14 UTC (rev 252)
@@ -30,4 +30,13 @@
The responder adress is http://ocsp.openvalidation.org
+Certificates downloaded from http://www.openvalidation.org/en/test/ca2.html
+on 2006-08-30 and prefixed with "ov2-":
+ ov2-root-ca-cert.crt Root certificate
+ ov2-ocsp-server.crt The certificate of the OCSP responder
+ ov2-user.crt User certificate
+ ov2-userrev.crt A user certificate revoked by OCSP
+
+
+
Added: trunk/tests/samples/ov2-ocsp-server.crt
===================================================================
(Binary files differ)
Property changes on: trunk/tests/samples/ov2-ocsp-server.crt
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/tests/samples/ov2-root-ca-cert.crt
===================================================================
(Binary files differ)
Property changes on: trunk/tests/samples/ov2-root-ca-cert.crt
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/tests/samples/ov2-user.crt
===================================================================
(Binary files differ)
Property changes on: trunk/tests/samples/ov2-user.crt
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/tests/samples/ov2-userrev.crt
===================================================================
(Binary files differ)
Property changes on: trunk/tests/samples/ov2-userrev.crt
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: trunk/tests/t-ocsp.c
===================================================================
--- trunk/tests/t-ocsp.c 2006-08-01 11:00:53 UTC (rev 251)
+++ trunk/tests/t-ocsp.c 2006-08-30 10:19:14 UTC (rev 252)
@@ -173,6 +173,9 @@
fail_if_err (err);
ksba_cert_release (issuer_cert);
+ if (!no_nonce)
+ ksba_ocsp_set_nonce (ocsp, "ABCDEFGHIJKLMNOP", 16);
+
err = ksba_ocsp_build_request (ocsp, &request, &requestlen);
fail_if_err (err);
xfree (request);
@@ -192,7 +195,7 @@
case KSBA_OCSP_RSPSTATUS_INTERNAL: t = "internal error"; break;
case KSBA_OCSP_RSPSTATUS_TRYLATER: t = "try later"; break;
case KSBA_OCSP_RSPSTATUS_SIGREQUIRED: t = "must sign request"; break;
- case KSBA_OCSP_RSPSTATUS_UNAUTHORIZED: t = "unautorized"; break;
+ case KSBA_OCSP_RSPSTATUS_UNAUTHORIZED: t = "unauthorized"; break;
case KSBA_OCSP_RSPSTATUS_REPLAYED: t = "replay detected"; break;
case KSBA_OCSP_RSPSTATUS_OTHER: t = "other (unknown)"; break;
case KSBA_OCSP_RSPSTATUS_NONE: t = "no status"; break;
@@ -275,9 +278,30 @@
-/* ( printf "POST / HTTP/1.0\r\nContent-Type: application/ocsp-request\r\nContent-Length: `wc -c <a.req | tr -d ' '`\r\n\r\n"; cat a.req ) | nc -v ocsp.openvalidation.org 8088 | sed '1,/^\r$/d' >a.rsp */
+/* ( printf "POST / HTTP/1.0\r\nContent-Type: application/ocsp-request\r\nContent-Length: `wc -c <a.req | tr -d ' '`\r\n\r\n"; cat a.req ) | nc -v ocsp.openvalidation.org 8088 | sed '1,/^\r$/d' >a.rsp
+ Openvalidation test reponders:
+ Port: 80 Standard configuration. OCSP Responder will accept
+ all proper requests and send a signed response.
+ Port: 8080 Response does not contain any attached certificates.
+ Client must accept this response
+ Port: 8081 Never replies nonce. Insecure but standard conform mode.
+ Client application should warn in case of replay-attacks.
+ Port: 8082 The OCSP Responder will sign the response with randomized
+ bytecode. Client should NOT accept this response.
+ Port: 8083 OCSP response will always be revoked.
+ Port: 8084 OCSP response will always be unknown.
+ Port: 8085 OCSP response will always be malformed.
+ Port: 8086 OCSP response will always be internal error.
+ Port: 8087 OCSP response will always be try later.
+ Port: 8088 OCSP response will always be signature required.
+ Port: 8089 OCSP response will always be unauth.
+ Port: 8090 Standard configuration with full Debuglogs. Access the
+ logs at http://www.openvalidation.org/en/test/logs.html
+
+*/
+
int
main (int argc, char **argv)
{
More information about the Gnupg-commits
mailing list