Up to [local] / src / usr.sbin / rpki-client
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.97 / (download) - annotate - [select for diffs], Sat Jun 8 13:32:30 2024 UTC (43 hours, 47 minutes ago) by tb
Branch: MAIN
CVS Tags: HEAD
Changes since 1.96: +8 -1 lines
Diff to previous 1.96 (colored)
Add a TODO item for BGPsec router certs It is currently assumed that there is only one extended key usage OID. RFC 8209 allows others. For example, it may well make sense for operators to include the anyExtendedKeyUsage OID to be able to use validators that don't recognize the BGPsec Router purpose. ok job
Revision 1.96 / (download) - annotate - [select for diffs], Sat Jun 8 13:31:38 2024 UTC (43 hours, 48 minutes ago) by tb
Branch: MAIN
Changes since 1.95: +40 -9 lines
Diff to previous 1.95 (colored)
Improve x509_get_purpose() Instead of only differentiating between CA and BGPsec Router certs, make it recognize TA and EE certs as well. TAs and CAs have the cA boolean in the basic constraints, while EE and BGPsec router certs do not. TAs are self-signed, CAs not self-issued, all other certs with the cA boolean are invalid. EE certs do not have an extended key usage and BGPsec certs contain the id-kp-bgpsec-router OID. Handle the new purposes where needed. ok job
Revision 1.95 / (download) - annotate - [select for diffs], Sat Jun 8 13:28:35 2024 UTC (43 hours, 51 minutes ago) by tb
Branch: MAIN
Changes since 1.94: +21 -1 lines
Diff to previous 1.94 (colored)
Add a x509_cache_extensions() helper This is a simple wrapper around X509_check_policy(cert, -1, 0) that doesn't need an explanatory comment in the caller. The reason for having to do this is that various OpenSSL API calls rely on having extension information cached. As an unsurprising consequence of OpenSSL's characteristic API misdesign these calls can't report errors, so they call the extension caching without error checking and the result is that they may report nonsense. To work around this, cache the extensions up front so a second call can't fail and thus API calls such as X509_check_ca(), X509_get_key_usage() and X509_cmp() work reliably. ok job
Revision 1.94 / (download) - annotate - [select for diffs], Fri Jun 7 08:36:54 2024 UTC (3 days ago) by tb
Branch: MAIN
Changes since 1.93: +2 -1 lines
Diff to previous 1.93 (colored)
Add two related todo items for purpose handling BGPsec certs are a bit weird and checks for them are all over the place, some of them in the TA handling, which makes very little sense. We'd be better off adding another purpose for trust anchors and use that instead. ok claudio job
Revision 1.93 / (download) - annotate - [select for diffs], Tue Jun 4 14:17:24 2024 UTC (5 days, 19 hours ago) by tb
Branch: MAIN
Changes since 1.92: +54 -45 lines
Diff to previous 1.92 (colored)
rpki-client: rework AIA, SIA, and CRL handling Assert that the out parameter is NULL rather than blindly NULL-ing it, and follow the approach in sbgp_sia() more closely: use a local variable and warn on any ignored accessMethod/distributionPoint in verbose mode. AIA is slightly different because there's only a single accessMethod. Drop the now useless (and previously wrong) warning on *out != NULL in x509_location(). Instead, assert that the out parameter is NULL. This way things are a bit less clever, but more explicit, more correct, more robust, and the code grew only very slightly. ok claudio
Revision 1.92 / (download) - annotate - [select for diffs], Tue Jun 4 04:17:18 2024 UTC (6 days, 5 hours ago) by tb
Branch: MAIN
Changes since 1.91: +7 -11 lines
Diff to previous 1.91 (colored)
rpki-client: remove proto argument from x509_location() After recent changes, the rpkiNotify access description became the last user of it, so this is now a pointless complication. ok claudio
Revision 1.91 / (download) - annotate - [select for diffs], Mon Jun 3 12:58:39 2024 UTC (6 days, 20 hours ago) by tb
Branch: MAIN
Changes since 1.90: +3 -3 lines
Diff to previous 1.90 (colored)
Rework SIA handling to be less incorrect Currently we would only accept rsync URIs in caRepository and rpkiManifest. This is wrong. The specification requires at least one rsync URI to be resent, but allows for other URI types, ordered by descending CA preference. With this diff we will still only respect the first rsync address, but we will no longer reject certificates listing other URIs. Make the warning conditional on verbose mode. Also make it clearer that sbgp_sia() (which is poorly named) is for CA certs while x509_get_sia() is for EE certs. input/ok claudio
Revision 1.90 / (download) - annotate - [select for diffs], Fri May 31 11:27:34 2024 UTC (9 days, 21 hours ago) by tb
Branch: MAIN
Changes since 1.89: +5 -1 lines
Diff to previous 1.89 (colored)
Document a weird decision in RFC 8209 The subject commonName of a BGPsec Router Certificate is RECOMMENDED to be "CN=ROUTER-%08x", asn. It thus made perfect sense to deviate from RFC 6487 and support encoding this as a UTF8String... We have three such certs in the wild, so punt on complicating the logic at least until the point where we need more than the fingers of one hand to count them. ok claudio
Revision 1.89 / (download) - annotate - [select for diffs], Fri May 31 02:45:15 2024 UTC (10 days, 6 hours ago) by tb
Branch: MAIN
Changes since 1.88: +10 -16 lines
Diff to previous 1.88 (colored)
rpki-client: check issuer for certs and CRLs Per RFC 6487, the subject and issuer fields of a certificate and the issuer field of a CRL are subject to the same restrictions: only a commonName and an optional serialNumber may be present and the commonName must be an ASN.1 printable string. So far we've only checked the subject of certificates, which covers almost everything by relying on the verifier to check that the issuer's subject is identical to the subject's issuer, also for CRLs per X509_V_FLAG_CRL_CHECK. The only thing missing this way is the TA's issuer. Since the check is cheap and simple, we're better off doing it ourselves: Refactor the x509_vaild_subject() helper to take an X509_NAME (which is of course the appropriate name for a type representing an X.501 distinguished name). This checks the details of RFC 6487, section 4.4, except that we still can't check for a printable string since afrinic has ~3000 EE certs that don't follow the spec, which would knock out ~45% of their ROAs. We're told that this is going to be fixed this year. looks good to claudio ok job
Revision 1.88 / (download) - annotate - [select for diffs], Wed May 29 13:26:24 2024 UTC (11 days, 19 hours ago) by tb
Branch: MAIN
Changes since 1.87: +3 -88 lines
Diff to previous 1.87 (colored)
rpki-client: rework CRL handling There is no benefit in parsing the CRLNumber in the RPKI. It is redundant with other mechanisms, notably the requirements on manifests. rpki-client never did anything with the CRL number anyway so stop parsing it in the main process. Move CRL AKI and CRL number handling from x509.c to crl.c, slightly improve error checking for X509_CRL_get_ext_d2i() and only check well-formedness of the CRL number: check it's there and non-critical. Avoid double warnings. Add some checks for the well-formedness of the list of revoked certs. Due to bugs in rpki-rs and Krill we can't reject empty lists (because ~15% of CRL's have this). And some people still use CRLs revoking certs at the time they expire. This latter point might change mid-2025. Add a hook for printing CRL numbers in file mode and warn about ill-formed numbers (negative and overlong ones). ok claudio job
Revision 1.87 / (download) - annotate - [select for diffs], Sun Apr 21 09:03:22 2024 UTC (7 weeks, 1 day ago) by job
Branch: MAIN
Changes since 1.86: +1 -6 lines
Diff to previous 1.86 (colored)
Mandate presence of CMS signing-time and disallow binary-signing-time RFC-to-be draft-ietf-sidrops-cms-signing-time updates RFC 6488 by mandating the presence of the CMS signing-time attribute and disallowing the use of the CMS binary-signing-time attribute in RPKI Signed Objects. The ecosystem has behaved this way for a number of years now. Flip from warning to erroring for non-compliant objects. OK tb@
Revision 1.86 / (download) - annotate - [select for diffs], Wed Apr 3 04:20:13 2024 UTC (2 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.85: +4 -3 lines
Diff to previous 1.85 (colored)
Fix warning about DistributionPointName type The warning incorrectly mentioned GEN_OTHERNAME, while this is about fullName vs nameRelativeToCRLIssuer. Also add a comment to indicate that there's no enum or macros obviate the meaning of the magic 0. ok claudio job
Revision 1.85 / (download) - annotate - [select for diffs], Sun Mar 24 00:38:58 2024 UTC (2 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.84: +7 -7 lines
Diff to previous 1.84 (colored)
Clamp the manifestNumber to 20 octets value The standards contain somewhat ambiguous language as to what the largest acceptable value for a crlNumber or manifestNumber could be, due to a limitation to 20 octets. The question is what 20 octets specifically are meant... Consensus seems to have emerged that the largest value is 2^159-1 since 2^160-1 would encode to 21 octets due to a padding octet to disambiguate ff .. ff from -7f ff .. ff (iow the top bit of the first octet is a sign bit). Thus, switch from 2^160 - 1 to 2^159 - 1 as an upper bound by checking the length of the value portion of the DER encoded ASN.1 integer to be at most 20 octets. Thanks to Martin Hoffmann, Tom Harrison, and Ben Maddison for raising and discussing the issue. Thanks also to the spec authors for making me waste a few hours of my life on a single bit. ok job
Revision 1.84 / (download) - annotate - [select for diffs], Fri Mar 22 03:38:12 2024 UTC (2 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.83: +4 -4 lines
Diff to previous 1.83 (colored)
Replace protocol literal strings and strlen() calls with defined constants OK tb@ claudio@
Revision 1.83 / (download) - annotate - [select for diffs], Wed Mar 20 04:36:30 2024 UTC (2 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.82: +17 -1 lines
Diff to previous 1.82 (colored)
Check whether filename and SIA match Verify whether the filename as presented by the publication point (which is unsigned information) matches the filename in the SIA attribute (which is signed information). Based on RFC 6487 section 4.8.8. with and OK tb@
Revision 1.82 / (download) - annotate - [select for diffs], Tue Mar 19 05:04:13 2024 UTC (2 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)
Rename parent to issuer in struct auth Parent is confusing and issuer is the appropriate terminology. This is a mechanical diff. The only remaining uses of 'parent' in this code base now mean 'parent process'. discussed with beck and job ok job
Revision 1.81 / (download) - annotate - [select for diffs], Thu Feb 22 12:49:42 2024 UTC (3 months, 2 weeks ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.80: +6 -1 lines
Diff to previous 1.80 (colored)
Add support for RPKI Signed Prefix Lists Signed Prefix List are a CMS protected content type for use with the RPKI to carry the complete list of prefixes which an Autonomous System may originate to all or any of its routing peers. The validation of a Signed Prefix List confirms that the holder of the listed ASN produced the object, and that this list is a current, accurate and complete description of address prefixes that may be announced into the routing system originated by this AS. https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-prefixlist with and OK claudio@ tb@
Revision 1.80 / (download) - annotate - [select for diffs], Fri Feb 16 05:18:29 2024 UTC (3 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.79: +33 -1 lines
Diff to previous 1.79 (colored)
Factor SKI calculation into a helper This is a straightforward deduplication and simplification made more obvious by prior refactoring by job. "sure" claudio
Revision 1.79 / (download) - annotate - [select for diffs], Wed Feb 14 10:49:00 2024 UTC (3 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.78: +13 -26 lines
Diff to previous 1.78 (colored)
rpki-client: simplify x509_get_ski() Use X509_public_digest() to calculate the SKI to get rid of a few dances and weirdly named variables. ok claudio
Revision 1.78 / (download) - annotate - [select for diffs], Tue Feb 13 20:37:15 2024 UTC (3 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.77: +4 -3 lines
Diff to previous 1.77 (colored)
Improve a comment about what exactly the SKI is OK tb@
Revision 1.77 / (download) - annotate - [select for diffs], Thu Feb 1 15:11:38 2024 UTC (4 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.76: +4 -4 lines
Diff to previous 1.76 (colored)
Normalize the nid printing OBJ_nid2* can return NULL if the gloriously consistent objects.txt database doesn't specify a long or a short name. So try the long name first, fall back to the short name, and if both fail, use "unknown". Always include the nid as a decimal. ok claudio
Revision 1.76 / (download) - annotate - [select for diffs], Wed Jan 31 15:01:13 2024 UTC (4 months, 1 week ago) by job
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)
Make the error a bit easier to read OK tb@
Revision 1.75 / (download) - annotate - [select for diffs], Thu Nov 16 11:10:59 2023 UTC (6 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.74: +31 -1 lines
Diff to previous 1.74 (colored)
Add a helper to extrct the CRL Number from a crl ok claudio
Revision 1.74 / (download) - annotate - [select for diffs], Tue Sep 12 09:33:30 2023 UTC (8 months, 4 weeks ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.73: +81 -1 lines
Diff to previous 1.73 (colored)
Ensure the X.509 Subject only contains commonName and optionally serialNumber OK tb@
Revision 1.73 / (download) - annotate - [select for diffs], Fri Jun 23 15:32:15 2023 UTC (11 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.72: +75 -19 lines
Diff to previous 1.72 (colored)
Use consistent idiom for X509_get_ext_d2i() X509_get_ext_d2i() is special. A NULL return value can be either a success or a failure scenario: an extension may legitimately be absent. However, to find out whether it was absent or an error ocurred, you need to pass in &crit, a pointer to an int. Its purpose is to indicate whether the extension was marked critical or not. If the return value was NULL, crit becomes an error indicator: crit == -1 means the extension was not found. This can be an error or fine depending on the extension. Handle this accordingly. In particular for basic constraints, if they are missing or non-critical, this is an error. If crit == -2 then multiple extensions with the same OID as the nid requested are present. this means the cert is non-conformant to RFC 5280. If crit >= 0, then something weird happened. Either memory allocation failed or the extension could not be parsed. It is not easily possible to tell which. In short, if crit != -1, drop the cert on the floor like a hot potato. Add warnings where possible. For x509_any_inherits() this needs some more work, but that will be done in a different diff another day. ok job
Revision 1.72 / (download) - annotate - [select for diffs], Tue Jun 20 11:06:47 2023 UTC (11 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.71: +5 -2 lines
Diff to previous 1.71 (colored)
Be explicit when SIA is without rsync accessLocation OK tb@
Revision 1.71 / (download) - annotate - [select for diffs], Mon May 22 15:07:02 2023 UTC (12 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.70: +7 -4 lines
Diff to previous 1.70 (colored)
Convert x509_get_time() to ASN1_TIME_to_tm() Instead of using the LibreSSL-specific ASN1_time_parse(), we can use OpenSSL's ASN1_TIME_to_tm() which LibreSSL provides since 3.6.0. The latter has a few API quirks such as silently falling back to being a timegm() replacement if called with a NULL ASN1_TIME. We don't want that, so just return an error instead. rpki-client portable now needs LibreSSL >= 3.6. This is a small price to pay for rather significant smiplifications in regress and portable (which will be possible after the next commit). Also adjust a couple of error strings. ok claudio job
Revision 1.70 / (download) - annotate - [select for diffs], Tue Mar 14 07:09:11 2023 UTC (14 months, 4 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.69: +8 -1 lines
Diff to previous 1.69 (colored)
rpki-client: disallow AIA in self-signed certs Per RFC 6487, 4.8.7, self-signed certificates must not have an Authority Info Access extension. In normal operation this is ensured by ta_parse() and cert_parse(), respectively. In filemode, only partial checks are performed, so this is not guaranteed. Issue flagged by and ok job
Revision 1.69 / (download) - annotate - [select for diffs], Sun Mar 12 11:54:56 2023 UTC (14 months, 4 weeks ago) by job
Branch: MAIN
Changes since 1.68: +23 -1 lines
Diff to previous 1.68 (colored)
Refactor expiration calculation Unify common code paths which find the exact expiry moment into a new helper function. Additionally, the new helper offers more accuracy by checking more applicable CRLs whether their 'nextupdate' is 'sooner'. tb@ noted: The helper adds a multiplier of log(#crls), but that's certainly acceptable as it is still very cheap. OK tb@
Revision 1.68 / (download) - annotate - [select for diffs], Fri Mar 10 12:44:56 2023 UTC (15 months ago) by job
Branch: MAIN
Changes since 1.67: +3 -3 lines
Diff to previous 1.67 (colored)
mechanical change, rename struct members to match the original X509 names OK tb@
Revision 1.67 / (download) - annotate - [select for diffs], Fri Mar 10 12:02:11 2023 UTC (15 months ago) by job
Branch: MAIN
Changes since 1.66: +21 -1 lines
Diff to previous 1.66 (colored)
Show the X.509 notBefore in filemode OK tb@
Revision 1.66 / (download) - annotate - [select for diffs], Mon Mar 6 21:00:41 2023 UTC (15 months ago) by job
Branch: MAIN
Changes since 1.65: +27 -6 lines
Diff to previous 1.65 (colored)
Enforce X509v3 SKIs to be the SHA-1 hash of the Subject Public Key In the RPKI-context (RFC 6487 section 4.8.2), SKIs are not at all arbitary identifiers: they must be the SHA-1 hash of the 'Subject Public Key'. Add a SPK digest calculation and comparison to the X509v3 extension containing the SKI. OK tb@
Revision 1.65 / (download) - annotate - [select for diffs], Thu Feb 16 14:34:34 2023 UTC (15 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)
Revert r1.63. GEN_OTHERNAME is the type of a GENERAL_NAMES, not of a DIST_POINT_NAME, which needs naked numbers as there is no enum nor defines describing it. claudio agrees
Revision 1.64 / (download) - annotate - [select for diffs], Thu Feb 16 14:25:27 2023 UTC (15 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.63: +16 -1 lines
Diff to previous 1.63 (colored)
Add missing RFC 6487 section 4.8.6 CRLDP compliance checks OK tb@ claudio@
Revision 1.63 / (download) - annotate - [select for diffs], Thu Feb 9 22:50:07 2023 UTC (15 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
Use GEN_OTHERNAME instead of hardcoding 0 discussed with job
Revision 1.62 / (download) - annotate - [select for diffs], Wed Nov 30 08:17:21 2022 UTC (18 months, 1 week ago) by job
Branch: MAIN
Changes since 1.61: +1 -3 lines
Diff to previous 1.61 (colored)
Remove unused sys/socket.h include OK claudio@
Revision 1.61 / (download) - annotate - [select for diffs], Tue Nov 29 20:41:32 2022 UTC (18 months, 1 week ago) by job
Branch: MAIN
Changes since 1.60: +1 -2 lines
Diff to previous 1.60 (colored)
Only include stdarg.h, if we call any of va_{start,end}() OK tb@
Revision 1.60 / (download) - annotate - [select for diffs], Tue Nov 29 20:26:22 2022 UTC (18 months, 1 week ago) by job
Branch: MAIN
Changes since 1.59: +1 -2 lines
Diff to previous 1.59 (colored)
Only include assert.h if we call assert() OK tb@
Revision 1.59 / (download) - annotate - [select for diffs], Sat Nov 26 12:02:37 2022 UTC (18 months, 2 weeks ago) by job
Branch: MAIN
Changes since 1.58: +6 -1 lines
Diff to previous 1.58 (colored)
Add support for authenticating geofeed data CSV files in filemode RFC 9092 describes a scheme in which an authenticator is appended to a geofeed (RFC 8805) file. It is a digest of the main body of the file signed by the private key of the relevant RPKI certificate for a covering address range. The authenticator is a detached CMS signature. with and OK tb@
Revision 1.58 / (download) - annotate - [select for diffs], Mon Nov 7 09:18:14 2022 UTC (19 months ago) by job
Branch: MAIN
Changes since 1.57: +9 -1 lines
Diff to previous 1.57 (colored)
Confirm Path Length is absent in the Basic Constraints extension OK tb@
Revision 1.57 / (download) - annotate - [select for diffs], Sun Nov 6 14:50:51 2022 UTC (19 months ago) by tb
Branch: MAIN
Changes since 1.56: +24 -11 lines
Diff to previous 1.56 (colored)
Next to signedObject only allow rpkiNotify accessMethods Instead of ignoring all non-signedObject accessMethods, we can be stricter and only allow rpkiNotify (for now) and error on anything else. Also make sure we properly clean up behind ourselves on error. With and ok job
Revision 1.56 / (download) - annotate - [select for diffs], Fri Nov 4 23:52:59 2022 UTC (19 months ago) by tb
Branch: MAIN
Changes since 1.55: +23 -10 lines
Diff to previous 1.55 (colored)
Do not fail on non-rsync URIs in EE cert SIA extensions The spec allows multiple accessMethod entries, ordered by preference. While an rsync URI must be present, others are allowed. Do not fail in that situation and pick the first rsync URI encountered. The logic is very similar to the one in x509_get_crl(). ok job
Revision 1.55 / (download) - annotate - [select for diffs], Fri Nov 4 23:42:56 2022 UTC (19 months ago) by tb
Branch: MAIN
Changes since 1.54: +15 -6 lines
Diff to previous 1.54 (colored)
In very verbose mode, log unexpected accessMethods While RFC 6487, 4.8.2.2 is very explicit about allowing id-ad-signedObject as the only accessMethod, the clear language was lost during the RFC 8182 editing process. APNIC, TWNIC and JPNIC and a few others are currently known to have an id-ad-rpkiNotify. The verbose logging allows us to check the ecosystem while waiting for the point in time where we can turn this into an error. See also https://www.rfc-editor.org/errata/eid7239. ok job
Revision 1.54 / (download) - annotate - [select for diffs], Fri Nov 4 09:43:13 2022 UTC (19 months ago) by job
Branch: MAIN
Changes since 1.53: +55 -1 lines
Diff to previous 1.53 (colored)
Check the SIA signedObject in ROA/MFT/ASPA/TAK/GBR EE certificates Unfortunately we can't yet error out when accessMethods other than signedObject are encountered in the SubjectInformationAccess extension because there is pollution in the ecosystem. OK tb@
Revision 1.53 / (download) - annotate - [select for diffs], Wed Nov 2 12:43:02 2022 UTC (19 months, 1 week ago) by job
Branch: MAIN
Changes since 1.52: +6 -1 lines
Diff to previous 1.52 (colored)
Add support for draft-ietf-sidrops-signed-tal-12 Add support validation of Signed Objects containing Trust Anchor Keys (TAKs - aka 'Signed TALs'). Signed TALs provide a mechanism for RIRs to distribute and sign the next Trust Anchor with the current Trust Anchor. This might be an improvement over visiting RIR websites and copy+pasting TAL data by hand. OK tb@
Revision 1.52 / (download) - annotate - [select for diffs], Wed Nov 2 10:04:41 2022 UTC (19 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)
Fix x509_get_time() error checks Like most x509_* functions, x509_get_time() returns 0/1 on error/success, not -1/0. ok claudio job
Revision 1.51 / (download) - annotate - [select for diffs], Mon Oct 24 10:26:59 2022 UTC (19 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.50: +69 -36 lines
Diff to previous 1.50 (colored)
Make x509_init_oid() table based Reduces the amount of copy-paste and makes things easier on the eye. ok claudio job
Revision 1.50 / (download) - annotate - [select for diffs], Sat Sep 3 14:40:09 2022 UTC (21 months, 1 week ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.49: +28 -2 lines
Diff to previous 1.49 (colored)
Introduce x509_any_inherit() for objects which may not have inherit elements Unify conformance checking of Trust Anchors, ROAs, ASPAs, RSCs - none of which may have any 'inherit' elements in the RFC 3779 IP/AS Resources extension of the X509 certificate. OK tb@
Revision 1.49 / (download) - annotate - [select for diffs], Sat Sep 3 13:06:15 2022 UTC (21 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.48: +7 -7 lines
Diff to previous 1.48 (colored)
Allow multiple X.509 locations While currently everyone only uses a single location, the spec allows for multiple locations ordered by preference. While rpki-client does not support more than one location this should not be a fatal error. Instead, pick the first location and warn if there are more than one. ok job
Revision 1.48 / (download) - annotate - [select for diffs], Tue Aug 30 18:56:49 2022 UTC (21 months, 1 week ago) by job
Branch: MAIN
Changes since 1.47: +5 -1 lines
Diff to previous 1.47 (colored)
Add support for ASPA objects (draft-ietf-sidrops-aspa-profile-10) ASPA objects are published in the RPKI and can be used to detect and mitigate BGP route leaks. Validated ASPA Payloads are visible through filemode (-f) and the JSON output format (-j). With feedback from tb@ OK claudio@ tb@
Revision 1.47 / (download) - annotate - [select for diffs], Thu Jul 28 16:03:19 2022 UTC (22 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
Fix RFC number in comment
Revision 1.46 / (download) - annotate - [select for diffs], Tue May 31 18:51:35 2022 UTC (2 years ago) by tb
Branch: MAIN
Changes since 1.45: +3 -2 lines
Diff to previous 1.45 (colored)
I made non-trivial contributions to these files.
Revision 1.45 / (download) - annotate - [select for diffs], Sun May 15 16:43:35 2022 UTC (2 years ago) by tb
Branch: MAIN
Changes since 1.44: +1 -3 lines
Diff to previous 1.44 (colored)
More KNF and whitespace fixes.
Revision 1.44 / (download) - annotate - [select for diffs], Wed May 11 21:19:06 2022 UTC (2 years, 1 month ago) by job
Branch: MAIN
Changes since 1.43: +46 -1 lines
Diff to previous 1.43 (colored)
Verify MFT and GBR objects only carry RFC 3779 extensions set to 'inherit' OK claudio@ tb@
Revision 1.43 / (download) - annotate - [select for diffs], Tue May 10 10:52:09 2022 UTC (2 years, 1 month ago) by job
Branch: MAIN
Changes since 1.42: +7 -2 lines
Diff to previous 1.42 (colored)
Confirm the absense of the Basic Constraints extension in non-CA certs with and OK tb@
Revision 1.42 / (download) - annotate - [select for diffs], Mon May 9 17:13:06 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.41: +6 -1 lines
Diff to previous 1.41 (colored)
Commit file missed in previous.
Revision 1.41 / (download) - annotate - [select for diffs], Fri Apr 15 12:59:44 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.40: +19 -13 lines
Diff to previous 1.40 (colored)
Allow more than one CRL URI in certificates The spec (RFC 6487, 4.8.6) expresses a preference for a single rsync URI but allows for other URIs in the CRL distributionPoint. This doesn't currently happen in practice but could come at some point. So look for the rsync URI and skip over others, which is more correct and might help in the future. Pointed out by & ok claudio
Revision 1.40 / (download) - annotate - [select for diffs], Tue Apr 12 08:45:34 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.39: +37 -31 lines
Diff to previous 1.39 (colored)
Generalize sbgp_sia_location() to x509_location() AIA and CRL URIs can reuse the code in sbgp_sia_location and thus get the same checks as the SIA locations. This eliminates some more duplication and makes the checks more stringent in that embedded NULs and "./" are no longer allowed. ok claudio
Revision 1.21.2.2 / (download) - annotate - [select for diffs], Sun Apr 10 07:37:52 2022 UTC (2 years, 2 months ago) by tb
Branch: OPENBSD_6_9
Changes since 1.21.2.1: +3 -3 lines
Diff to previous 1.21.2.1 (colored) to branchpoint 1.21 (colored) next main 1.22 (colored)
All times in the x509 are UTC so use timegm() and not mktime(). The latter will apply the timezone offset and so the further west the more probable you are to have problems with valid_from times. Fix from tb@ OK job@, benno@ and claudio@ this is errata/6.9/036_rpki.patch.sig
Revision 1.21.6.2 / (download) - annotate - [select for diffs], Sun Apr 10 07:37:27 2022 UTC (2 years, 2 months ago) by tb
Branch: OPENBSD_7_0
Changes since 1.21.6.1: +3 -3 lines
Diff to previous 1.21.6.1 (colored) to branchpoint 1.21 (colored) next main 1.22 (colored)
All times in the x509 are UTC so use timegm() and not mktime(). The latter will apply the timezone offset and so the further west the more probable you are to have problems with valid_from times. Fix from tb@ OK job@, benno@ and claudio@ this is errata/7.0/020_rpki.patch.sig
Revision 1.39 / (download) - annotate - [select for diffs], Fri Apr 8 15:29:59 2022 UTC (2 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.38: +3 -3 lines
Diff to previous 1.38 (colored)
All times in the x509 are UTC so use timegm() and not mktime(). The latter will apply the timezone offset and so the further west the more probable you are to have problems with valid_from times. Fix from tb@ OK job@, benno@ and me
Revision 1.38 / (download) - annotate - [select for diffs], Fri Apr 1 17:22:07 2022 UTC (2 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.37: +41 -47 lines
Diff to previous 1.37 (colored)
Change x509_get_aki(), x509_get_ski(), x509_get_aia(), and x509_get_crl() to work more like x509_get_expire(). They will return an error if the extension extraction failed but not if it was not present. The callers must now do that check but most did already. With this cert_parse_inner() no longer cares about TA vs non-TA certs. Feedback and OK tb@
Revision 1.37 / (download) - annotate - [select for diffs], Fri Mar 25 08:19:04 2022 UTC (2 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.36: +15 -1 lines
Diff to previous 1.36 (colored)
Implement most of the CMS related checks required by RFC 6488 section 3 Verify that SignerInfo and Signed Attributes are set according to the RFC. Especially enforce that the right attributes are signed. Check that there are no unsigned attributes, no CRL and that the correct content-type, digest and signature algorithm are used. The OpenSSL API makes it impossible to verify the versions and some other more suttle differences like detecting signle attributes vs a SET OF one. Similarly OpenSSL accepts both DER and BER encoding in the payload. These smaller differences to the RFC are not optimal but not a risk. Lots of feedback and OK tb@
Revision 1.36 / (download) - annotate - [select for diffs], Thu Feb 10 17:33:28 2022 UTC (2 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.35: +41 -1 lines
Diff to previous 1.35 (colored)
Fix serial number printing in crl_print() for large serials. Create a common x509_convert_seqnum() function to convert the various ASN1_INTEGERs into hexnumbers and use this for mft and crl handling. With and OK tb@, also OK job@
Revision 1.35 / (download) - annotate - [select for diffs], Thu Feb 10 15:33:47 2022 UTC (2 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.34: +20 -9 lines
Diff to previous 1.34 (colored)
Implement some code to print crls with -f. For this introduce x509_get_time() that converts a ASN1_TIME to time_t. Also move time2str() to print.c where it makes more sense. This needs more work but that will happen in tree. OK tb@
Revision 1.34 / (download) - annotate - [select for diffs], Fri Feb 4 16:08:53 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.33: +4 -1 lines
Diff to previous 1.33 (colored)
Add id-cp-ipAddr-asNumber OID to x509_init_oid() Unfortunately, NID_ipAddr_asNumber is not available in LibreSSL < 3.3 and OpenSSL, so load its OID by hand to help -portable. This will be used for certificate policy checks. ok claudio
Revision 1.33 / (download) - annotate - [select for diffs], Wed Feb 2 12:10:40 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
typo
Revision 1.32 / (download) - annotate - [select for diffs], Tue Jan 18 16:18:22 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.31: +1 -2 lines
Diff to previous 1.31 (colored)
Kill extra newline
Revision 1.31 / (download) - annotate - [select for diffs], Tue Jan 18 16:09:51 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
Fix function name in warn message.
Revision 1.30 / (download) - annotate - [select for diffs], Tue Jan 18 13:06:43 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.29: +27 -7 lines
Diff to previous 1.29 (colored)
Cleanup the scattered OBJ_txt2obj() calls and move them into x509_init_oid() to initalize all necessary OID objects at start. OK tb@
Revision 1.21.2.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:41:19 2021 UTC (2 years, 7 months ago) by benno
Branch: OPENBSD_6_9
Changes since 1.21: +158 -1 lines
Diff to previous 1.21 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/6.9/common/021_rpki.patch.sig
Revision 1.21.6.1 / (download) - annotate - [select for diffs], Tue Nov 9 13:40:32 2021 UTC (2 years, 7 months ago) by benno
Branch: OPENBSD_7_0
Changes since 1.21: +158 -1 lines
Diff to previous 1.21 (colored)
rpki-client(8) should handle CA misbehaviours as soft-errors. This is a merge of usr.sbin/rpki-client and usr.bin/rsync from current and includes all commits in rpki-client 7.5 up to Tue Nov 9 11:03:40 2021 and to openrsync up to Wed Nov 3 14:42:13 2021, including: * Make rpki-client more resilient regarding untrusted input: - fail repository synchronisation after 15min runtime - limit the number of publication points per TAL - don't allow DOCTYPE definitions in RRDP XML files - fix detection of HTTP redirect loops. * limit the number of concurrent rsync processes. * fix CRLF in tal files. This is patches/7.0/common/004_rpki.patch.sig
Revision 1.29 / (download) - annotate - [select for diffs], Thu Oct 28 09:02:19 2021 UTC (2 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.28: +16 -11 lines
Diff to previous 1.28 (colored)
Don't exit in certain cases on failures to parse x509 objects. In most cases we already warn and continue if someone sends us malformed x509 objects. This makes this consistent behaviour in all places so that if someone passes in bogus X509, We end up failing their entry and continuing rather than exiting. We still exit on memory/system failures so that a future run of rpki client can simply do better when the machine is perhaps less hammered on ok job@ claudio@
Revision 1.28 / (download) - annotate - [select for diffs], Wed Oct 27 21:56:58 2021 UTC (2 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.27: +17 -3 lines
Diff to previous 1.27 (colored)
Add limits on size of certain untrusted inputs ok job@
Revision 1.27 / (download) - annotate - [select for diffs], Sun Oct 24 16:59:14 2021 UTC (2 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.26: +2 -1 lines
Diff to previous 1.26 (colored)
Add my copyright to some files OK job@
Revision 1.26 / (download) - annotate - [select for diffs], Sun Oct 24 13:45:19 2021 UTC (2 years, 7 months ago) by job
Branch: MAIN
Changes since 1.25: +12 -12 lines
Diff to previous 1.25 (colored)
Improve variable naming OK tb@ claudio@
Revision 1.25 / (download) - annotate - [select for diffs], Tue Oct 12 15:16:45 2021 UTC (2 years, 7 months ago) by job
Branch: MAIN
Changes since 1.24: +17 -17 lines
Diff to previous 1.24 (colored)
Emit SKI in the JSON output and improve flow in x509_get_pubkey() OK claudio@
Revision 1.24 / (download) - annotate - [select for diffs], Mon Oct 11 16:50:04 2021 UTC (2 years, 7 months ago) by job
Branch: MAIN
Changes since 1.23: +61 -1 lines
Diff to previous 1.23 (colored)
Add support for BGPsec Router Certificates (RFC 8209) BGPsec router keys are extracted from RPKI certificates and emitted via the JSON output in base64 encoded form. OK tb@ claudio@
Revision 1.23 / (download) - annotate - [select for diffs], Thu Oct 7 08:30:39 2021 UTC (2 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.22: +24 -1 lines
Diff to previous 1.22 (colored)
Add x509_get_expire() to extract the not-after time from a certificate as a epoch time_t. Store the expire time for certs, crls will follow after. OK tb@
Revision 1.22 / (download) - annotate - [select for diffs], Tue Oct 5 11:20:46 2021 UTC (2 years, 8 months ago) by job
Branch: MAIN
Changes since 1.21: +55 -1 lines
Diff to previous 1.21 (colored)
Add rudimentary support for BGPsec router certificates OK claudio@
Revision 1.21 / (download) - annotate - [select for diffs], Thu Apr 1 06:43:23 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_6_9_BASE
Branch point for: OPENBSD_7_0,
OPENBSD_6_9
Changes since 1.20: +1 -25 lines
Diff to previous 1.20 (colored)
Move base64 and hex encoding functions into their own place. OK tb@
Revision 1.20 / (download) - annotate - [select for diffs], Mon Mar 29 12:41:35 2021 UTC (3 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.19: +38 -39 lines
Diff to previous 1.19 (colored)
Introduce hex_encode() to transform the aki/ski values to a string. OK tb@
Revision 1.19 / (download) - annotate - [select for diffs], Mon Mar 29 06:50:44 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.18: +0 -27 lines
Diff to previous 1.18 (colored)
Inline x509_get_extensions() and remove it Since aia, aki and ski are all represented by char *, this is an error-prone interface - as found by job. The function doesn't do much anyway. ok claudio
Revision 1.18 / (download) - annotate - [select for diffs], Mon Mar 29 04:00:38 2021 UTC (3 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.17: +1 -4 lines
Diff to previous 1.17 (colored)
Remove accidental but justified annotation
Revision 1.17 / (download) - annotate - [select for diffs], Mon Mar 29 03:45:35 2021 UTC (3 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.16: +4 -1 lines
Diff to previous 1.16 (colored)
minor KNF and consistancy (rpki-client is pretty good code, couple hours of audit and I can only find a few minor things)
Revision 1.16 / (download) - annotate - [select for diffs], Thu Feb 18 16:23:17 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.15: +130 -119 lines
Diff to previous 1.15 (colored)
Use X509_get_ext_d2i() also for x509_get_aki() and x509_get_ski(). Now x509_get_extensions() is no longer required to loop over all extensions and the code becomes a lot simpler. While there cleanup x509_get_crl(), as explained by tb@ X509_get_ext_d2i() allocates memory so one needs to free the pointer at the end. For x509_crl_get_aki() use X509_CRL_get_ext_d2i() and more or less copy the rest over from x509_get_aki(). Warn if extensions are missing or present when not expected and also check the the extensions are marked non-critical as required. OK job@ tb@
Revision 1.15 / (download) - annotate - [select for diffs], Tue Feb 16 07:58:30 2021 UTC (3 years, 3 months ago) by job
Branch: MAIN
Changes since 1.14: +62 -15 lines
Diff to previous 1.14 (colored)
get Authority Information Access (AIA) from CA & EE certs In the context of the RPKI, the AIA extension identifies the publication point of the certificate of the issuer of the certificate in which the extension appears. A single reference to the publication point of the immediate superior certificate MUST be present, except for a "self-signed" certificate. Thanks tb@ for review OK claudio@
Revision 1.14 / (download) - annotate - [select for diffs], Sat Sep 12 15:46:48 2020 UTC (3 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.13: +1 -2 lines
Diff to previous 1.13 (colored)
Include openssl/x509.h in extern.h since it uses a few of the typedefs from there in structs and prototypes. Remove the openssl/ssl.h and other strange openssl includes in the .c files that don't use openssl specific functions. OK beck@ and tb@
Revision 1.13 / (download) - annotate - [select for diffs], Fri Nov 29 05:00:24 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.12: +4 -4 lines
Diff to previous 1.12 (colored)
s/EXIT_FAILURE/1/ ok claudio@
Revision 1.12 / (download) - annotate - [select for diffs], Fri Nov 29 04:40:04 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.11: +17 -1 lines
Diff to previous 1.11 (colored)
Use the AKI embedded in the CRL to store the crls. This way the AKI from the cert can be used to load the correct CRL. This simplifies the code even further. OK benno@, beck@ agrees that this is the right way to do it
Revision 1.11 / (download) - annotate - [select for diffs], Thu Nov 28 16:43:24 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.10: +6 -1 lines
Diff to previous 1.10 (colored)
Check for failure of X509_get_ext_d2i() in x509_get_crl()
Revision 1.10 / (download) - annotate - [select for diffs], Thu Nov 28 16:31:42 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.9: +8 -1 lines
Diff to previous 1.9 (colored)
Document x509_get_crl()
Revision 1.9 / (download) - annotate - [select for diffs], Thu Nov 28 03:25:17 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.8: +3 -3 lines
Diff to previous 1.8 (colored)
some whitespace invaded this island, and deraadt@ demanded its removal.
Revision 1.8 / (download) - annotate - [select for diffs], Thu Nov 28 03:22:59 2019 UTC (4 years, 6 months ago) by benno
Branch: MAIN
Changes since 1.7: +53 -1 lines
Diff to previous 1.7 (colored)
To verify a manifest, a roa, or a certificate, we check its signature against the CA one layer above it. This check just needs to use the certificate revocation list published by that CA. Instead of loading all CRLs we find into the trust store, we create a STACK_OF(X509_CRL), push the onto it and use it with X509_STORE_CTX_set0_crls(ctx, crls); The x509_get_crl() function to retrieve a crl path from an X509 object is written by claudio@. ok claudio@
Revision 1.7 / (download) - annotate - [select for diffs], Thu Jun 20 16:09:15 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.6: +7 -4 lines
Diff to previous 1.6 (colored)
If x509_get_ski_aki() fails because one of the ski or aki objects are missing, free the other object but also set the pointer back to NULL so that the caller does not do a double free(). Found with afl by jsg@
Revision 1.6 / (download) - annotate - [select for diffs], Thu Jun 20 15:29:01 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
Those changes should not have been in last commit. Revert them for now.
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jun 20 15:26:49 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.4: +3 -3 lines
Diff to previous 1.4 (colored)
Don't use assert to validate user input. assert() is not for that, instead check and error out like it is done one other parsing issues. Agreed by deraadt@ Fixes another afl "crash" found by jsg@
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jun 19 16:30:37 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 (colored)
use $OpenBSD$ headers
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jun 19 04:21:43 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +18 -18 lines
Diff to previous 1.2 (colored)
indentation adjustments, in particular near warn statements ok claudio
Revision 1.2 / (download) - annotate - [select for diffs], Mon Jun 17 15:04:59 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +1 -2 lines
Diff to previous 1.1 (colored)
Don't do -portable in base. It is better done outside the tree. Imagine if we did it throughout the tree, how many copies of strlcpy would we have, and how much time would all the configure shell scripts and includes take? It would be ludicrous.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Mon Jun 17 14:31:31 2019 UTC (4 years, 11 months ago) by job
Branch: job
CVS Tags: job_20190617
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)
Import Kristaps Dzonsons' RPKI validator into the tree rpki-client(1) is an implementation of the Resource Public Key Infrastructure (RPKI), specified by RFC 6480. The client is responsible for downloading, validating and converting Route Origin Authorisations (ROAs) into Validated ROA Payloads (VRPs). The client's output (VRPs) can be used by bgpd(8) to perform BGP Origin Validation (RFC 6811). The current rpki-client(1) version depends on the CMS functions in OpenSSL, this of course needs to be addressed urgently. Thanks to NetNod, IIS.SE, SUNET & 6connect for supporting this effort! OK deraadt@
Revision 1.1 / (download) - annotate - [select for diffs], Mon Jun 17 14:31:31 2019 UTC (4 years, 11 months ago) by job
Branch: MAIN
Initial revision