Esempio n. 1
0
        public string GetSigningCertificateFingerprint(HashAlgorithmName algorithm)
        {
            if (!Enum.IsDefined(typeof(HashAlgorithmName), algorithm))
            {
                throw new ArgumentException(
                          string.Format(
                              CultureInfo.CurrentCulture,
                              Strings.UnrecognizedEnumValue,
                              algorithm),
                          nameof(algorithm));
            }

            var certificate = SignerInfo.Certificate;

            if (certificate == null)
            {
                throw new InvalidOperationException(string.Format(CultureInfo.CurrentCulture, Strings.Verify_ErrorNoCertificate, FriendlyName));
            }

            if (_signingCertificateFingerprintLookup == null)
            {
                _signingCertificateFingerprintLookup = new Dictionary <HashAlgorithmName, string>();
            }

            if (_signingCertificateFingerprintLookup.TryGetValue(algorithm, out var fingerprint))
            {
                return(fingerprint);
            }

            fingerprint = CertificateUtility.GetHashString(certificate, algorithm);

            _signingCertificateFingerprintLookup.Add(algorithm, fingerprint);

            return(fingerprint);
        }
Esempio n. 2
0
        /// <summary>
        /// Get a valid timestamp from the unsigned attributes if present
        /// </summary>
        /// <param name="settings">Specify what is allowed in the validation for timestamp</param>
        /// <param name="fingerprintAlgorithm">fingerprint algorithm for displaying timestamp's certificate information</param>
        /// <param name="issues">List of log messages.</param>
        /// <param name="verificationFlags">Flags that specify the status of the verification</param>
        /// <param name="validTimestamp">TTimestamp found in the signature that passes validation with the given <see cref="settings"/></param>
        /// <remarks>If <see cref="SignedPackageVerifierSettings.AllowNoTimestamp" /> is set to true this method return true with a <see cref="validTimestamp" /> set to null.</remarks>
        /// <returns>true if a valid timestamp was found</returns>
        internal bool TryGetValidTimestamp(
            SignedPackageVerifierSettings settings,
            HashAlgorithmName fingerprintAlgorithm,
            List <SignatureLog> issues,
            out SignatureVerificationStatusFlags verificationFlags,
            out Timestamp validTimestamp)
        {
            if (issues == null)
            {
                throw new ArgumentNullException(nameof(issues));
            }

            if (settings == null)
            {
                throw new ArgumentNullException(nameof(settings));
            }

            verificationFlags = SignatureVerificationStatusFlags.NoErrors;
            validTimestamp    = null;

            var timestamps = Timestamps;

            if (timestamps.Count == 0)
            {
                issues.Add(SignatureLog.Issue(!settings.AllowNoTimestamp, NuGetLogCode.NU3027, Strings.ErrorNoTimestamp));
                if (!settings.AllowNoTimestamp)
                {
                    verificationFlags |= SignatureVerificationStatusFlags.NoValidTimestamp;
                    return(false);
                }
            }

            if (timestamps.Count > 1 && !settings.AllowMultipleTimestamps)
            {
                issues.Add(SignatureLog.Error(NuGetLogCode.NU3000, Strings.ErrorMultipleTimestamps));
                verificationFlags |= SignatureVerificationStatusFlags.MultipleTimestamps;
                return(false);
            }

            var timestamp = timestamps.FirstOrDefault();

            if (timestamp != null)
            {
                verificationFlags |= timestamp.Verify(this, settings, fingerprintAlgorithm, issues);

                if (verificationFlags != SignatureVerificationStatusFlags.NoErrors &&
                    verificationFlags != SignatureVerificationStatusFlags.UnknownRevocation)
                {
                    return(false);
                }

                validTimestamp = timestamp;
            }

            return(true);
        }
Esempio n. 3
0
        public static X509CertificateWithKeyInfo GenerateCertificateWithKeyInfo(
            string subjectName,
            Action <TestCertificateGenerator> modifyGenerator,
            NuGet.Common.HashAlgorithmName hashAlgorithm = NuGet.Common.HashAlgorithmName.SHA256,
            RSASignaturePaddingMode paddingMode          = RSASignaturePaddingMode.Pkcs1,
            int publicKeyLength = 2048,
            ChainCertificateRequest chainCertificateRequest = null)
        {
            var rsa  = RSA.Create(publicKeyLength);
            var cert = GenerateCertificate(subjectName, modifyGenerator, rsa, hashAlgorithm, paddingMode, chainCertificateRequest);

            return(new X509CertificateWithKeyInfo(cert, rsa));
        }
Esempio n. 4
0
        static string HashAlgorithmToBouncyCastle(NuGet.Common.HashAlgorithmName algorithmName)
        {
            switch (algorithmName)
            {
            case NuGet.Common.HashAlgorithmName.SHA256:
                return("SHA256WITHRSA");

            case NuGet.Common.HashAlgorithmName.SHA384:
                return("SHA384WITHRSA");

            case NuGet.Common.HashAlgorithmName.SHA512:
                return("SHA512WITHRSA");

            default:
                throw new ArgumentOutOfRangeException(nameof(algorithmName));
            }
        }
Esempio n. 5
0
        /// <summary>
        /// Create a self signed certificate with bouncy castle.
        /// </summary>
        public static X509Certificate2 GenerateCertificate(
            string subjectName,
            Action <TestCertificateGenerator> modifyGenerator,
            NuGet.Common.HashAlgorithmName hashAlgorithm = NuGet.Common.HashAlgorithmName.SHA256,
            RSASignaturePaddingMode paddingMode          = RSASignaturePaddingMode.Pkcs1,
            int publicKeyLength = 2048,
            ChainCertificateRequest chainCertificateRequest = null)
        {
            chainCertificateRequest = chainCertificateRequest ?? new ChainCertificateRequest()
            {
                IsCA = true
            };

            using (var rsa = RSA.Create(publicKeyLength))
            {
                return(GenerateCertificate(subjectName, modifyGenerator, rsa, hashAlgorithm, paddingMode, chainCertificateRequest));
            }
        }
Esempio n. 6
0
 public static byte[] GetHash(X509Certificate2 certificate, NuGet.Common.HashAlgorithmName hashAlgorithm)
 {
     return(hashAlgorithm.ComputeHash(certificate.RawData));
 }
Esempio n. 7
0
        private static X509Certificate2 GenerateCertificate(
            string subjectName,
            Action <TestCertificateGenerator> modifyGenerator,
            RSA rsa,
            NuGet.Common.HashAlgorithmName hashAlgorithm,
            RSASignaturePaddingMode paddingMode,
            ChainCertificateRequest chainCertificateRequest)
        {
            if (string.IsNullOrEmpty(subjectName))
            {
                subjectName = "NuGetTest";
            }

            // Create cert
            var subjectDN = $"CN={subjectName}";
            var certGen   = new TestCertificateGenerator();

            var isSelfSigned          = true;
            X509Certificate2 issuer   = null;
            DateTimeOffset?  notAfter = null;

            var keyUsage = X509KeyUsageFlags.DigitalSignature;

            if (chainCertificateRequest == null)
            {
                // Self-signed certificates should have this flag set.
                keyUsage |= X509KeyUsageFlags.KeyCertSign;
            }
            else
            {
                if (chainCertificateRequest.Issuer != null)
                {
                    isSelfSigned = false;
                    // for a certificate with an issuer assign Authority Key Identifier
                    issuer = chainCertificateRequest?.Issuer;

                    notAfter = issuer.NotAfter.Subtract(TimeSpan.FromMinutes(5));
                    var publicKey = DotNetUtilities.GetRsaPublicKey(issuer.GetRSAPublicKey());

                    certGen.Extensions.Add(
                        new X509Extension(
                            Oids.AuthorityKeyIdentifier,
                            new AuthorityKeyIdentifierStructure(publicKey).GetEncoded(),
                            critical: false));
                }

                if (chainCertificateRequest.ConfigureCrl)
                {
                    // for a certificate in a chain create CRL distribution point extension
                    var issuerDN      = chainCertificateRequest?.Issuer?.Subject ?? subjectDN;
                    var crlServerUri  = $"{chainCertificateRequest.CrlServerBaseUri}{issuerDN}.crl";
                    var generalName   = new Org.BouncyCastle.Asn1.X509.GeneralName(Org.BouncyCastle.Asn1.X509.GeneralName.UniformResourceIdentifier, new DerIA5String(crlServerUri));
                    var distPointName = new DistributionPointName(new GeneralNames(generalName));
                    var distPoint     = new DistributionPoint(distPointName, null, null);

                    certGen.Extensions.Add(
                        new X509Extension(
                            TestOids.CrlDistributionPoints,
                            new DerSequence(distPoint).GetDerEncoded(),
                            critical: false));
                }

                if (chainCertificateRequest.IsCA)
                {
                    // update key usage with CA cert sign and crl sign attributes
                    keyUsage |= X509KeyUsageFlags.CrlSign | X509KeyUsageFlags.KeyCertSign;
                }
            }

            var  padding = paddingMode.ToPadding();
            var  request = new CertificateRequest(subjectDN, rsa, hashAlgorithm.ConvertToSystemSecurityHashAlgorithmName(), padding);
            bool isCa    = isSelfSigned ? true : (chainCertificateRequest?.IsCA ?? false);

            certGen.NotAfter  = notAfter ?? DateTime.UtcNow.Add(TimeSpan.FromMinutes(30));
            certGen.NotBefore = DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(30));

            var random       = new Random();
            var serial       = random.Next();
            var serialNumber = BitConverter.GetBytes(serial);

            Array.Reverse(serialNumber);
            certGen.SetSerialNumber(serialNumber);

            certGen.Extensions.Add(
                new X509SubjectKeyIdentifierExtension(request.PublicKey, critical: false));
            certGen.Extensions.Add(
                new X509KeyUsageExtension(keyUsage, critical: false));
            certGen.Extensions.Add(
                new X509BasicConstraintsExtension(certificateAuthority: isCa, hasPathLengthConstraint: false, pathLengthConstraint: 0, critical: true));

            // Allow changes
            modifyGenerator?.Invoke(certGen);

            foreach (var extension in certGen.Extensions)
            {
                request.CertificateExtensions.Add(extension);
            }

            X509Certificate2 certResult;

            if (isSelfSigned)
            {
                certResult = request.CreateSelfSigned(certGen.NotBefore, certGen.NotAfter);
            }
            else
            {
                using (var temp = request.Create(issuer, certGen.NotBefore, certGen.NotAfter, certGen.SerialNumber))
                {
                    certResult = temp.CopyWithPrivateKey(rsa);
                }
            }

            return(new X509Certificate2(certResult.Export(X509ContentType.Pkcs12), password: (string)null, keyStorageFlags: X509KeyStorageFlags.Exportable));
        }
Esempio n. 8
0
        /// <summary>
        /// Verify if the signature object meets the specification trust and validity requirements.
        /// </summary>
        /// <param name="timestamp">Timestamp for this signature, if signature is not timestamped it can be null.</param>
        /// <param name="allowUntrusted">Setting that tells if a signature that does not meet any soft failure requirements can still be allowed. Used to know if warnings or errors should be logged for an issue.</param>
        /// <param name="allowUnknownRevocation">Setting that tells if unkown revocation is valid when building the chain.</param>
        /// <param name="allowUntrustedSelfSignedCertificate">Setting that tells if an untrusted self-signed certificate should be allowed as the signing certificate.</param>
        /// <param name="fingerprintAlgorithm">Algorithm used to calculate and display the certificate's fingerprint.</param>
        /// <param name="certificateExtraStore">Collection of certificates to help the chain building engine as an extra store.</param>
        /// <param name="issues">List of log messages.</param>
        /// <remarks>This is only public for ease of testing</remarks>
        /// <returns>Status of trust for signature.</returns>
        public virtual SignatureVerificationSummary Verify(
            Timestamp timestamp,
            SignatureVerifySettings settings,
            HashAlgorithmName fingerprintAlgorithm,
            X509Certificate2Collection certificateExtraStore)
        {
            settings = settings ?? SignatureVerifySettings.Default;
            var flags  = SignatureVerificationStatusFlags.NoErrors;
            var issues = new List <SignatureLog>();
            SignatureVerificationStatus status;

            var certificate = SignerInfo.Certificate;

            if (certificate == null)
            {
                issues.Add(SignatureLog.Issue(!settings.AllowIllegal, NuGetLogCode.NU3010, string.Format(CultureInfo.CurrentCulture, Strings.Verify_ErrorNoCertificate, FriendlyName)));

                flags |= SignatureVerificationStatusFlags.NoCertificate;
                status = settings.AllowIllegal ? SignatureVerificationStatus.Valid : SignatureVerificationStatus.Disallowed;

                return(new SignatureVerificationSummary(Type, status, flags, issues));
            }

            issues.Add(SignatureLog.InformationLog(string.Format(CultureInfo.CurrentCulture,
                                                                 Strings.VerificationCertDisplay,
                                                                 FriendlyName,
                                                                 $"{Environment.NewLine}{CertificateUtility.X509Certificate2ToString(certificate, fingerprintAlgorithm)}")));

            try
            {
                SignerInfo.CheckSignature(verifySignatureOnly: true);
            }
            catch (Exception e)
            {
                issues.Add(SignatureLog.Issue(!settings.AllowIllegal, NuGetLogCode.NU3012, string.Format(CultureInfo.CurrentCulture, Strings.VerifyError_SignatureVerificationFailed, FriendlyName)));
                issues.Add(SignatureLog.DebugLog(e.ToString()));
                flags |= SignatureVerificationStatusFlags.SignatureCheckFailed;
                status = settings.AllowIllegal ? SignatureVerificationStatus.Valid : SignatureVerificationStatus.Disallowed;

                return(new SignatureVerificationSummary(Type, status, flags, issues));
            }

            DateTimeOffset?expirationTime   = null;
            var            certificateFlags = VerificationUtility.ValidateSigningCertificate(certificate, !settings.AllowIllegal, FriendlyName, issues);

            if (certificateFlags != SignatureVerificationStatusFlags.NoErrors)
            {
                flags |= certificateFlags;
            }
            else
            {
                timestamp = timestamp ?? new Timestamp();
                using (var chainHolder = new X509ChainHolder())
                {
                    var chain = chainHolder.Chain;

                    // This flag should only be set for verification scenarios, not signing.
                    chain.ChainPolicy.VerificationFlags = X509VerificationFlags.IgnoreNotTimeValid;

                    CertificateChainUtility.SetCertBuildChainPolicy(chain.ChainPolicy, certificateExtraStore, timestamp.UpperLimit.LocalDateTime, CertificateType.Signature);

                    if (settings.RevocationMode == RevocationMode.Offline)
                    {
                        chain.ChainPolicy.RevocationMode = X509RevocationMode.Offline;
                    }
                    else
                    {
                        chain.ChainPolicy.RevocationMode = X509RevocationMode.Online;
                    }

                    var chainBuildingSucceeded = CertificateChainUtility.BuildCertificateChain(chain, certificate, out var chainStatuses);
                    var x509ChainString        = CertificateUtility.X509ChainToString(chain, fingerprintAlgorithm);

                    if (!string.IsNullOrWhiteSpace(x509ChainString))
                    {
                        issues.Add(SignatureLog.DetailedLog(x509ChainString));
                    }

                    var chainBuildingHasIssues = false;

                    if (!chainBuildingSucceeded)
                    {
                        var statusFlags = CertificateChainUtility.DefaultObservedStatusFlags;

                        IEnumerable <string> messages;
                        if (CertificateChainUtility.TryGetStatusAndMessage(chainStatuses, statusFlags, out messages))
                        {
                            foreach (var message in messages)
                            {
                                issues.Add(SignatureLog.Issue(!settings.AllowIllegal, NuGetLogCode.NU3012, string.Format(CultureInfo.CurrentCulture, Strings.VerifyChainBuildingIssue, FriendlyName, message)));
                            }

                            chainBuildingHasIssues = true;
                            flags |= SignatureVerificationStatusFlags.ChainBuildingFailure;
                        }

                        // For all the special cases, chain status list only has unique elements for each chain status flag present
                        // therefore if we are checking for one specific chain status we can use the first of the returned list
                        // if we are combining checks for more than one, then we have to use the whole list.
                        if (CertificateChainUtility.TryGetStatusAndMessage(chainStatuses, X509ChainStatusFlags.Revoked, out messages))
                        {
                            issues.Add(SignatureLog.Error(NuGetLogCode.NU3012, string.Format(CultureInfo.CurrentCulture, Strings.VerifyChainBuildingIssue, FriendlyName, messages.First())));
                            flags |= SignatureVerificationStatusFlags.CertificateRevoked;

                            return(new SignatureVerificationSummary(Type, SignatureVerificationStatus.Suspect, flags, timestamp, issues));
                        }

                        if (CertificateChainUtility.TryGetStatusAndMessage(chainStatuses, X509ChainStatusFlags.UntrustedRoot, out messages))
                        {
                            if (settings.ReportUntrustedRoot)
                            {
                                issues.Add(SignatureLog.Issue(!settings.AllowUntrusted, NuGetLogCode.NU3018, string.Format(CultureInfo.CurrentCulture, Strings.VerifyChainBuildingIssue, FriendlyName, messages.First())));
                            }

                            if (!settings.AllowUntrusted)
                            {
                                chainBuildingHasIssues = true;
                                flags |= SignatureVerificationStatusFlags.UntrustedRoot;
                            }
                        }

                        var offlineRevocationErrors = CertificateChainUtility.TryGetStatusAndMessage(chainStatuses, X509ChainStatusFlags.OfflineRevocation, out var _);
                        var unknownRevocationErrors = CertificateChainUtility.TryGetStatusAndMessage(chainStatuses, X509ChainStatusFlags.RevocationStatusUnknown, out var unknownRevocationStatusMessages);
                        if (offlineRevocationErrors || unknownRevocationErrors)
                        {
                            if (settings.ReportUnknownRevocation)
                            {
                                string unknownRevocationMessage = null;

                                if (unknownRevocationErrors)
                                {
                                    unknownRevocationMessage = string.Format(CultureInfo.CurrentCulture, Strings.VerifyChainBuildingIssue, FriendlyName, unknownRevocationStatusMessages.First());
                                }

                                if (settings.RevocationMode == RevocationMode.Offline)
                                {
                                    if (offlineRevocationErrors)
                                    {
                                        issues.Add(SignatureLog.InformationLog(string.Format(CultureInfo.CurrentCulture, Strings.VerifyChainBuildingIssue, FriendlyName, Strings.VerifyCertTrustOfflineWhileRevocationModeOffline)));
                                    }

                                    if (unknownRevocationMessage != null)
                                    {
                                        issues.Add(SignatureLog.InformationLog(unknownRevocationMessage));
                                    }
                                }
                                else
                                {
                                    if (offlineRevocationErrors)
                                    {
                                        issues.Add(SignatureLog.Issue(!settings.AllowUnknownRevocation, NuGetLogCode.NU3018, string.Format(CultureInfo.CurrentCulture, Strings.VerifyChainBuildingIssue, FriendlyName, Strings.VerifyCertTrustOfflineWhileRevocationModeOnline)));
                                    }

                                    if (unknownRevocationMessage != null)
                                    {
                                        issues.Add(SignatureLog.Issue(!settings.AllowUnknownRevocation, NuGetLogCode.NU3018, unknownRevocationMessage));
                                    }
                                }
                            }

                            if (!settings.AllowUnknownRevocation)
                            {
                                chainBuildingHasIssues = true;
                                flags |= SignatureVerificationStatusFlags.UnknownRevocation;
                            }
                        }

                        // Debug log any errors
                        issues.Add(SignatureLog.DebugLog(
                                       string.Format(
                                           CultureInfo.CurrentCulture,
                                           Strings.VerifyError_InvalidCertificateChain,
                                           FriendlyName,
                                           string.Join(", ", chainStatuses.Select(x => x.Status.ToString())))));
                    }

                    var isSignatureTimeValid = Rfc3161TimestampVerificationUtility.ValidateSignerCertificateAgainstTimestamp(certificate, timestamp);
                    if (isSignatureTimeValid && !chainBuildingHasIssues)
                    {
                        return(new SignatureVerificationSummary(Type, SignatureVerificationStatus.Valid, flags, timestamp, issues));
                    }
                    else if (!isSignatureTimeValid)
                    {
                        issues.Add(
                            SignatureLog.Issue(
                                !settings.AllowUntrusted,
                                NuGetLogCode.NU3037,
                                string.Format(CultureInfo.CurrentCulture, Strings.VerifyError_SignatureNotTimeValid, FriendlyName)));

                        if (!settings.AllowUntrusted)
                        {
                            flags |= SignatureVerificationStatusFlags.CertificateExpired;
                        }

                        expirationTime = DateTime.SpecifyKind(certificate.NotAfter, DateTimeKind.Local);
                    }
                }
            }

            status = VerificationUtility.GetSignatureVerificationStatus(flags);

            return(new SignatureVerificationSummary(Type, status, flags, timestamp, expirationTime, issues));
        }