#!/usr/bin/env python # # Electrum - lightweight Bitcoin client # Copyright (C) 2014 Thomas Voegtlin # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . from datetime import datetime import sys import util from util import profiler, print_error from asn1tinydecoder import * import ecdsa import hashlib # algo OIDs ALGO_RSA_SHA1 = '1.2.840.113549.1.1.5' ALGO_RSA_SHA256 = '1.2.840.113549.1.1.11' ALGO_RSA_SHA384 = '1.2.840.113549.1.1.12' ALGO_RSA_SHA512 = '1.2.840.113549.1.1.13' ALGO_ECDSA_SHA256 = '1.2.840.10045.4.3.2' # prefixes, see http://stackoverflow.com/questions/3713774/c-sharp-how-to-calculate-asn-1-der-encoding-of-a-particular-hash-algorithm PREFIX_RSA_SHA256 = bytearray([0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20]) PREFIX_RSA_SHA384 = bytearray([0x30,0x41,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x02,0x05,0x00,0x04,0x30]) PREFIX_RSA_SHA512 = bytearray([0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40]) class CertificateError(Exception): pass class X509(object): def __init__(self, b): self.bytes = bytearray(b) der = str(b) root = asn1_node_root(der) cert = asn1_node_first_child(der, root) # data for signature self.data = asn1_get_all(der, cert) # optional version field if asn1_get_value(der, cert)[0] == chr(0xa0): version = asn1_node_first_child(der, cert) serial_number = asn1_node_next(der, version) else: serial_number = asn1_node_first_child(der, cert) self.serial_number = bytestr_to_int(asn1_get_value_of_type(der, serial_number, 'INTEGER')) # signature algorithm sig_algo = asn1_node_next(der, serial_number) ii = asn1_node_first_child(der, sig_algo) self.sig_algo = decode_OID(asn1_get_value_of_type(der, ii, 'OBJECT IDENTIFIER')) # issuer issuer = asn1_node_next(der, sig_algo) self.issuer = asn1_get_dict(der, issuer) # validity validity = asn1_node_next(der, issuer) ii = asn1_node_first_child(der, validity) self.notBefore = asn1_get_value_of_type(der, ii, 'UTCTime') ii = asn1_node_next(der,ii) self.notAfter = asn1_get_value_of_type(der, ii, 'UTCTime') # subject subject = asn1_node_next(der, validity) self.subject = asn1_get_dict(der, subject) subject_pki = asn1_node_next(der, subject) public_key_algo = asn1_node_first_child(der, subject_pki) ii = asn1_node_first_child(der, public_key_algo) self.public_key_algo = decode_OID(asn1_get_value_of_type(der, ii, 'OBJECT IDENTIFIER')) # pubkey modulus and exponent subject_public_key = asn1_node_next(der, public_key_algo) spk = asn1_get_value_of_type(der, subject_public_key, 'BIT STRING') spk = bitstr_to_bytestr(spk) r = asn1_node_root(spk) modulus = asn1_node_first_child(spk, r) exponent = asn1_node_next(spk, modulus) rsa_n = asn1_get_value_of_type(spk, modulus, 'INTEGER') rsa_e = asn1_get_value_of_type(spk, exponent, 'INTEGER') self.modulus = ecdsa.util.string_to_number(rsa_n) self.exponent = ecdsa.util.string_to_number(rsa_e) # extensions self.CA = False self.AKI = None self.SKI = None i = subject_pki while i[2] < cert[2]: i = asn1_node_next(der, i) d = asn1_get_dict(der, i) for oid, value in d.items(): if oid == '2.5.29.19': # Basic Constraints self.CA = bool(value) elif oid == '2.5.29.14': # Subject Key Identifier r = asn1_node_root(value) value = asn1_get_value_of_type(value, r, 'OCTET STRING') self.SKI = value.encode('hex') elif oid == '2.5.29.35': # Authority Key Identifier self.AKI = asn1_get_sequence(value)[0].encode('hex') else: pass # cert signature cert_sig_algo = asn1_node_next(der, cert) ii = asn1_node_first_child(der, cert_sig_algo) self.cert_sig_algo = decode_OID(asn1_get_value_of_type(der, ii, 'OBJECT IDENTIFIER')) cert_sig = asn1_node_next(der, cert_sig_algo) self.signature = asn1_get_value(der, cert_sig)[1:] def get_keyID(self): # http://security.stackexchange.com/questions/72077/validating-an-ssl-certificate-chain-according-to-rfc-5280-am-i-understanding-th return self.SKI if self.SKI else repr(self.subject) def get_issuer_keyID(self): return self.AKI if self.AKI else repr(self.issuer) def get_common_name(self): return self.subject.get('2.5.4.3', 'unknown') def get_signature(self): return self.cert_sig_algo, self.signature, self.data def check_ca(self): return self.CA def check_date(self): import time now = time.time() TIMESTAMP_FMT = '%y%m%d%H%M%SZ' not_before = time.mktime(time.strptime(self.notBefore, TIMESTAMP_FMT)) not_after = time.mktime(time.strptime(self.notAfter, TIMESTAMP_FMT)) if not_before > now: raise CertificateError('Certificate has not entered its valid date range.') if not_after <= now: raise CertificateError('Certificate has expired.') def getFingerprint(self): return hashlib.sha1(self.bytes).digest() @profiler def load_certificates(ca_path): import pem ca_list = {} ca_keyID = {} with open(ca_path, 'r') as f: s = f.read() bList = pem.dePemList(s, "CERTIFICATE") for b in bList: try: x = X509(b) x.check_date() except BaseException as e: util.print_error("cert error:", e) continue fp = x.getFingerprint() ca_list[fp] = x ca_keyID[x.get_keyID()] = fp return ca_list, ca_keyID