1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
|
/*-
* ============LICENSE_START=======================================================
* Copyright (C) 2020 Nordix Foundation.
* Copyright (C) 2021 Nokia.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
package org.onap.oom.certservice.cmpv2client.validation;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.Objects;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.ASN1BitString;
import org.bouncycastle.asn1.cmp.CMPObjectIdentifiers;
import org.bouncycastle.asn1.cmp.InfoTypeAndValue;
import org.bouncycastle.asn1.cmp.PBMParameter;
import org.bouncycastle.asn1.cmp.PKIHeader;
import org.bouncycastle.asn1.cmp.PKIMessage;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.onap.oom.certservice.cmpv2client.exceptions.CmpClientException;
import org.onap.oom.certservice.cmpv2client.impl.CmpUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public final class CmpResponseValidationHelper {
private static final Logger LOG = LoggerFactory.getLogger(CmpResponseValidationHelper.class);
private CmpResponseValidationHelper() {
}
/**
* Verifies the signature of the response message using our public key
*
* @param respPkiMessage PKIMessage we wish to verify signature for
* @param pk public key used to verify signature.
* @throws CmpClientException
*/
static void verifySignature(PKIMessage respPkiMessage, PublicKey pk)
throws CmpClientException {
final byte[] protBytes = getProtectedBytes(respPkiMessage);
final DERBitString derBitString = (DERBitString) respPkiMessage.getProtection();
try {
final Signature signature =
Signature.getInstance(
PKCSObjectIdentifiers.sha256WithRSAEncryption.getId(),
BouncyCastleProvider.PROVIDER_NAME);
signature.initVerify(pk);
signature.update(protBytes);
signature.verify(derBitString.getBytes());
} catch (NoSuchAlgorithmException
| NoSuchProviderException
| InvalidKeyException
| SignatureException e) {
CmpClientException clientException =
new CmpClientException("Signature Verification failed", e);
LOG.error("Signature Verification failed", e);
throw clientException;
}
}
/**
* verify the password based protection within the response message
*
* @param respPkiMessage PKIMessage we want to verify password based protection for
* @param initAuthPassword password used to decrypt protection
* @param protectionAlgo protection algorithm we can use to decrypt protection
* @throws CmpClientException
*/
static void verifyPasswordBasedProtection(
PKIMessage respPkiMessage, String initAuthPassword, AlgorithmIdentifier protectionAlgo)
throws CmpClientException {
final byte[] protectedBytes = getProtectedBytes(respPkiMessage);
final PBMParameter pbmParamSeq = PBMParameter.getInstance(protectionAlgo.getParameters());
if (Objects.nonNull(pbmParamSeq)) {
try {
byte[] basekey = getBaseKeyFromPbmParameters(pbmParamSeq, initAuthPassword);
final Mac mac = getMac(protectedBytes, pbmParamSeq, basekey);
final byte[] outBytes = mac.doFinal();
final byte[] protectionBytes = respPkiMessage.getProtection().getBytes();
if (!Arrays.equals(outBytes, protectionBytes)) {
LOG.error("protectionBytes don't match passwordBasedProtection, authentication failed");
throw new CmpClientException(
"protectionBytes don't match passwordBasedProtection, authentication failed");
}
} catch (NoSuchProviderException | NoSuchAlgorithmException | InvalidKeyException ex) {
CmpClientException cmpClientException =
new CmpClientException("Error while validating CMP response ", ex);
LOG.error("Error while validating CMP response ", ex);
throw cmpClientException;
}
}
}
static void checkImplicitConfirm(PKIHeader header) {
InfoTypeAndValue[] infos = header.getGeneralInfo();
if (Objects.nonNull(infos)) {
if (CMPObjectIdentifiers.it_implicitConfirm.equals(getImplicitConfirm(infos))) {
LOG.info("Implicit Confirm on certificate from server.");
} else {
LOG.debug("No Implicit confirm in Response");
}
} else {
LOG.debug("No general Info in header of response, cannot verify implicit confirm");
}
}
/**
* Create a base key to use for verifying the PasswordBasedMac on a PKIMessage
*
* @param pbmParamSeq parameters recieved in PKIMessage used with password
* @param initAuthPassword password used to decrypt the basekey
* @return bytes representing the basekey
* @throws CmpClientException thrown if algorithem exceptions occur for the message digest
*/
private static byte[] getBaseKeyFromPbmParameters(
PBMParameter pbmParamSeq, String initAuthPassword) throws CmpClientException {
final int iterationCount = pbmParamSeq.getIterationCount().getPositiveValue().intValue();
LOG.info("Iteration count is: {}", iterationCount);
final AlgorithmIdentifier owfAlg = pbmParamSeq.getOwf();
LOG.info("One Way Function type is: {}", owfAlg.getAlgorithm().getId());
final byte[] salt = pbmParamSeq.getSalt().getOctets();
final byte[] raSecret = initAuthPassword != null ? initAuthPassword.getBytes() : new byte[0];
byte[] basekey = new byte[raSecret.length + salt.length];
System.arraycopy(raSecret, 0, basekey, 0, raSecret.length);
System.arraycopy(salt, 0, basekey, raSecret.length, salt.length);
try {
final MessageDigest messageDigest =
MessageDigest.getInstance(
owfAlg.getAlgorithm().getId(), BouncyCastleProvider.PROVIDER_NAME);
for (int i = 0; i < iterationCount; i++) {
basekey = messageDigest.digest(basekey);
messageDigest.reset();
}
} catch (NoSuchAlgorithmException | NoSuchProviderException ex) {
LOG.error("ProtectionBytes don't match passwordBasedProtection, authentication failed");
throw new CmpClientException(
"ProtectionBytes don't match passwordBasedProtection, authentication failed", ex);
}
return basekey;
}
private static ASN1ObjectIdentifier getImplicitConfirm(InfoTypeAndValue[] info) {
return info[0].getInfoType();
}
/**
* Get cryptographical Mac we can use to decrypt our PKIMessage
*
* @param protectedBytes Protected bytes representing the PKIMessage
* @param pbmParamSeq Parameters used to decrypt PKIMessage, including mac algorithm used
* @param basekey Key used alongside mac Oid to create secret key for decrypting PKIMessage
* @return Mac that's ready to return decrypted bytes
* @throws NoSuchAlgorithmException Possibly thrown trying to get mac instance
* @throws NoSuchProviderException Possibly thrown trying to get mac instance
* @throws InvalidKeyException Possibly thrown trying to initialize mac using secretkey
*/
private static Mac getMac(byte[] protectedBytes, PBMParameter pbmParamSeq, byte[] basekey)
throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException {
final AlgorithmIdentifier macAlg = pbmParamSeq.getMac();
LOG.info("Mac type is: {}", macAlg.getAlgorithm().getId());
final String macOid = macAlg.getAlgorithm().getId();
final Mac mac = Mac.getInstance(macOid, BouncyCastleProvider.PROVIDER_NAME);
final SecretKey key = new SecretKeySpec(basekey, macOid);
mac.init(key);
mac.reset();
mac.update(protectedBytes, 0, protectedBytes.length);
return mac;
}
/**
* Converts the header and the body of a PKIMessage to an ASN1Encodable and returns the as a byte
* array
*
* @param msg PKIMessage to get protected bytes from
* @return the PKIMessage's header and body in byte array
*/
private static byte[] getProtectedBytes(PKIMessage msg) throws CmpClientException {
return CmpUtil.generateProtectedBytes(msg.getHeader(), msg.getBody());
}
}
|
