From e1ec31c0edfc63e3c0b53a533bb8fbe28f7a4afb Mon Sep 17 00:00:00 2001 From: Brandon Weeks Date: Fri, 8 Apr 2022 20:49:11 +0000 Subject: [PATCH] Implement TPM attestation statement verification --- acme/challenge.go | 85 +++++++++++++++++++++++++++++++++++++++++++++-- go.mod | 1 + go.sum | 11 ++++++ 3 files changed, 95 insertions(+), 2 deletions(-) diff --git a/acme/challenge.go b/acme/challenge.go index 4a143544..1bbeb576 100644 --- a/acme/challenge.go +++ b/acme/challenge.go @@ -6,6 +6,8 @@ import ( "crypto/sha256" "crypto/subtle" "crypto/tls" + "crypto/x509" + "crypto/x509/pkix" "encoding/asn1" "encoding/base64" "encoding/hex" @@ -19,6 +21,10 @@ import ( "strings" "time" + "github.com/fxamacker/cbor/v2" + "github.com/google/go-attestation/attest" + "github.com/google/go-attestation/oid" + x509ext "github.com/google/go-attestation/x509" "go.step.sm/crypto/jose" ) @@ -301,9 +307,84 @@ func dns01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSONWebK return nil } +type Payload struct { + AttStmt []byte `json:"attStmt"` +} + +type AttestationObject struct { + Format string `json:"fmt"` + AttStatement map[string]interface{} `json:"attStmt,omitempty"` +} + +// TODO(bweeks): move attestation verification to a shared package. +// TODO(bweeks): define new error type for failed attestation validation. func deviceAttest01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSONWebKey, payload []byte) error { - if string(payload) != "\"fake_device_attestation_statement\"" { - return errors.New("string(payload) != \"fake_device_attestation_statement\"") + var p Payload + if err := json.Unmarshal(payload, &p); err != nil { + return WrapErrorISE(err, "error unmarshalling JSON") + } + + att := AttestationObject{} + if err := cbor.Unmarshal(p.AttStmt, &att); err != nil { + return WrapErrorISE(err, "error unmarshalling CBOR") + } + + // TODO(bweeks): move verification code to a shared package. + // begin TPM key certification verification + params := &attest.CertificationParameters{ + Public: att.AttStatement["pubArea"].([]byte), + CreateAttestation: att.AttStatement["certInfo"].([]byte), + CreateSignature: att.AttStatement["sig"].([]byte), + } + // end TPM key certification verification + + x5c, x509present := att.AttStatement["x5c"].([]interface{}) + if !x509present { + return errors.New("x5c not present") + } + + akCertBytes, valid := x5c[0].([]byte) + if !valid { + return storeError(ctx, db, ch, true, NewError(ErrorRejectedIdentifierType, + "error getting certificate from x5c cert chain")) + } + + akCert, err := x509.ParseCertificate(akCertBytes) + if err != nil { + return WrapErrorISE(err, "error parsing AK certificate") + } + + if err := params.Verify(attest.VerifyOpts{Public: akCert.PublicKey, Hash: crypto.SHA256}); err != nil { + return storeError(ctx, db, ch, true, NewError(ErrorRejectedIdentifierType, + "params.Verify failed: %v", err)) + } + + var sanExt pkix.Extension + for _, ext := range akCert.Extensions { + if ext.Id.Equal(oid.SubjectAltName) { + sanExt = ext + } + } + if sanExt.Value == nil { + return storeError(ctx, db, ch, true, NewError(ErrorRejectedIdentifierType, + "akCert missing subjectAltName")) + } + + san, err := x509ext.ParseSubjectAltName(sanExt) + if err != nil { + return storeError(ctx, db, ch, true, NewError(ErrorRejectedIdentifierType, + "failed to parse subjectAltName")) + } + + if len(san.PermanentIdentifiers) != 1 { + return storeError(ctx, db, ch, true, NewError(ErrorRejectedIdentifierType, + "subjectAltName doesn't contain a PermanentIdentifier")) + } + + wantPermID := san.PermanentIdentifiers[0] + if wantPermID.IdentifierValue != ch.Value { + return storeError(ctx, db, ch, true, NewError(ErrorRejectedIdentifierType, + "identifier from certificate and challenge do not match")) } // Update and store the challenge. diff --git a/go.mod b/go.mod index 7767c046..12ace8a6 100644 --- a/go.mod +++ b/go.mod @@ -16,6 +16,7 @@ require ( github.com/ThalesIgnite/crypto11 v1.2.4 github.com/aws/aws-sdk-go v1.37.0 github.com/dgraph-io/ristretto v0.0.4-0.20200906165740-41ebdbffecfd // indirect + github.com/fxamacker/cbor/v2 v2.4.0 github.com/go-chi/chi v4.0.2+incompatible github.com/go-piv/piv-go v1.7.0 github.com/golang/mock v1.6.0 diff --git a/go.sum b/go.sum index c19dcd69..deb39bbd 100644 --- a/go.sum +++ b/go.sum @@ -339,6 +339,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo github.com/fullstorydev/grpcurl v1.8.0/go.mod h1:Mn2jWbdMrQGJQ8UD62uNyMumT2acsZUCkZIqFxsQf1o= github.com/fullstorydev/grpcurl v1.8.1/go.mod h1:3BWhvHZwNO7iLXaQlojdg5NA6SxUDePli4ecpK1N7gw= github.com/fullstorydev/grpcurl v1.8.2/go.mod h1:YvWNT3xRp2KIRuvCphFodG0fKkMXwaxA9CJgKCcyzUQ= +github.com/fxamacker/cbor/v2 v2.4.0 h1:ri0ArlOR+5XunOP8CRUowT0pSJOwhW098ZCUyskZD88= +github.com/fxamacker/cbor/v2 v2.4.0/go.mod h1:TA1xS00nchWmaBnEIxPSE5oHLuJBAVvqrtAnWBwBCVo= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= @@ -434,6 +436,7 @@ github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9 github.com/google/certificate-transparency-go v1.0.21/go.mod h1:QeJfpSbVSfYc7RgB3gJFj9cbuQMMchQxrWXz8Ruopmg= github.com/google/certificate-transparency-go v1.1.2-0.20210422104406-9f33727a7a18/go.mod h1:6CKh9dscIRoqc2kC6YUFICHZMT9NrClyPrRVFrdw1QQ= github.com/google/certificate-transparency-go v1.1.2-0.20210512142713-bed466244fa6/go.mod h1:aF2dp7Dh81mY8Y/zpzyXps4fQW5zQbDu2CxfpJB6NkI= +github.com/google/certificate-transparency-go v1.1.2 h1:4hE0GEId6NAW28dFpC+LrRGwQX5dtmXQGDbg8+/MZOM= github.com/google/certificate-transparency-go v1.1.2/go.mod h1:3OL+HKDqHPUfdKrHVQxO6T8nDLO0HF7LRTlkIWXaWvQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -457,10 +460,16 @@ github.com/google/go-replayers/grpcreplay v0.1.0/go.mod h1:8Ig2Idjpr6gifRd6pNVgg github.com/google/go-replayers/httpreplay v0.1.0/go.mod h1:YKZViNhiGgqdBlUbI2MwGpq4pXxNmhJLPHQ7cv2b5no= github.com/google/go-tpm v0.1.2-0.20190725015402-ae6dd98980d4/go.mod h1:H9HbmUG2YgV/PHITkO7p6wxEEj/v5nlsVWIwumwH2NI= github.com/google/go-tpm v0.3.0/go.mod h1:iVLWvrPp/bHeEkxTFi9WG6K9w0iy2yIszHwZGHPbzAw= +github.com/google/go-tpm v0.3.3 h1:P/ZFNBZYXRxc+z7i5uyd8VP7MaDteuLZInzrH2idRGo= github.com/google/go-tpm v0.3.3/go.mod h1:9Hyn3rgnzWF9XBWVk6ml6A6hNkbWjNFlDQL51BeghL4= +github.com/google/go-tpm v0.3.3/go.mod h1:9Hyn3rgnzWF9XBWVk6ml6A6hNkbWjNFlDQL51BeghL4= +github.com/google/go-tpm-tools v0.0.0-20190906225433-1614c142f845/go.mod h1:AVfHadzbdzHo54inR2x1v640jdi1YSi3NauM2DUsxk0= github.com/google/go-tpm-tools v0.0.0-20190906225433-1614c142f845/go.mod h1:AVfHadzbdzHo54inR2x1v640jdi1YSi3NauM2DUsxk0= github.com/google/go-tpm-tools v0.2.0/go.mod h1:npUd03rQ60lxN7tzeBJreG38RvWwme2N1reF/eeiBk4= +github.com/google/go-tpm-tools v0.2.0/go.mod h1:npUd03rQ60lxN7tzeBJreG38RvWwme2N1reF/eeiBk4= +github.com/google/go-tpm-tools v0.3.8 h1:ecZgxez5lyKWjnkK8lP3ru4rkgLyIM7pPY36FOFnAx4= github.com/google/go-tpm-tools v0.3.8/go.mod h1:rp+rDmmDCnWiMmxOTF3ypWxpChEQ4vwA6wtAIq09Qtc= +github.com/google/go-tspi v0.2.1-0.20190423175329-115dea689aad h1:LnpS22S8V1HqbxjveESGAazHhi6BX9SwI2Rij7qZcXQ= github.com/google/go-tspi v0.2.1-0.20190423175329-115dea689aad/go.mod h1:xfMGI3G0PhxCdNVcYr1C4C+EizojDg/TXuX5by8CiHI= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo= @@ -1026,6 +1035,8 @@ github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtX github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU= github.com/vishvananda/netns v0.0.0-20211101163701-50045581ed74/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xanzy/go-gitlab v0.31.0/go.mod h1:sPLojNBn68fMUWSxIJtdVVIP8uSBYqesTfDUseX11Ug= github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4= github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=