1 /* 2 * Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 package sun.security.validator; 26 27 import java.security.cert.X509Certificate; 28 import java.time.LocalDate; 29 import java.time.Month; 30 import java.time.ZoneOffset; 31 import java.util.Date; 32 import java.util.Map; 33 import java.util.Set; 34 35 import sun.security.x509.X509CertImpl; 36 37 /** 38 * This class checks if Symantec issued TLS Server certificates should be 39 * restricted. 40 */ 41 final class SymantecTLSPolicy { 42 43 // SHA-256 certificate fingerprints of distrusted roots 44 private static final Set<String> FINGERPRINTS = Set.of( 45 // cacerts alias: geotrustglobalca 46 // DN: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US 47 "FF856A2D251DCD88D36656F450126798CFABAADE40799C722DE4D2B5DB36A73A", 48 // cacerts alias: geotrustprimaryca 49 // DN: CN=GeoTrust Primary Certification Authority, 50 // O=GeoTrust Inc., C=US 51 "37D51006C512EAAB626421F1EC8C92013FC5F82AE98EE533EB4619B8DEB4D06C", 52 // cacerts alias: geotrustprimarycag2 53 // DN: CN=GeoTrust Primary Certification Authority - G2, 54 // OU=(c) 2007 GeoTrust Inc. - For authorized use only, 55 // O=GeoTrust Inc., C=US 56 "5EDB7AC43B82A06A8761E8D7BE4979EBF2611F7DD79BF91C1C6B566A219ED766", 57 // cacerts alias: geotrustprimarycag3 58 // DN: CN=GeoTrust Primary Certification Authority - G3, 59 // OU=(c) 2008 GeoTrust Inc. - For authorized use only, 60 // O=GeoTrust Inc., C=US 61 "B478B812250DF878635C2AA7EC7D155EAA625EE82916E2CD294361886CD1FBD4", 62 // cacerts alias: geotrustuniversalca 63 // DN: CN=GeoTrust Universal CA, O=GeoTrust Inc., C=US 64 "A0459B9F63B22559F5FA5D4C6DB3F9F72FF19342033578F073BF1D1B46CBB912", 65 // cacerts alias: thawteprimaryrootca 66 // DN: CN=thawte Primary Root CA, 67 // OU="(c) 2006 thawte, Inc. - For authorized use only", 68 // OU=Certification Services Division, O="thawte, Inc.", C=US 69 "8D722F81A9C113C0791DF136A2966DB26C950A971DB46B4199F4EA54B78BFB9F", 70 // cacerts alias: thawteprimaryrootcag2 71 // DN: CN=thawte Primary Root CA - G2, 72 // OU="(c) 2007 thawte, Inc. - For authorized use only", 73 // O="thawte, Inc.", C=US 74 "A4310D50AF18A6447190372A86AFAF8B951FFB431D837F1E5688B45971ED1557", 75 // cacerts alias: thawteprimaryrootcag3 76 // DN: CN=thawte Primary Root CA - G3, 77 // OU="(c) 2008 thawte, Inc. - For authorized use only", 78 // OU=Certification Services Division, O="thawte, Inc.", C=US 79 "4B03F45807AD70F21BFC2CAE71C9FDE4604C064CF5FFB686BAE5DBAAD7FDD34C", 80 // cacerts alias: thawtepremiumserverca 81 // DN: EMAILADDRESS=premium-server@thawte.com, 82 // CN=Thawte Premium Server CA, OU=Certification Services Division, 83 // O=Thawte Consulting cc, L=Cape Town, ST=Western Cape, C=ZA 84 "3F9F27D583204B9E09C8A3D2066C4B57D3A2479C3693650880505698105DBCE9", 85 // cacerts alias: verisignclass2g2ca 86 // DN: OU=VeriSign Trust Network, 87 // OU="(c) 1998 VeriSign, Inc. - For authorized use only", 88 // OU=Class 2 Public Primary Certification Authority - G2, 89 // O="VeriSign, Inc.", C=US 90 "3A43E220FE7F3EA9653D1E21742EAC2B75C20FD8980305BC502CAF8C2D9B41A1", 91 // cacerts alias: verisignclass3ca 92 // DN: OU=Class 3 Public Primary Certification Authority, 93 // O="VeriSign, Inc.", C=US 94 "A4B6B3996FC2F306B3FD8681BD63413D8C5009CC4FA329C2CCF0E2FA1B140305", 95 // cacerts alias: verisignclass3g2ca 96 // DN: OU=VeriSign Trust Network, 97 // OU="(c) 1998 VeriSign, Inc. - For authorized use only", 98 // OU=Class 3 Public Primary Certification Authority - G2, 99 // O="VeriSign, Inc.", C=US 100 "83CE3C1229688A593D485F81973C0F9195431EDA37CC5E36430E79C7A888638B", 101 // cacerts alias: verisignclass3g3ca 102 // DN: CN=VeriSign Class 3 Public Primary Certification Authority - G3, 103 // OU="(c) 1999 VeriSign, Inc. - For authorized use only", 104 // OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US 105 "EB04CF5EB1F39AFA762F2BB120F296CBA520C1B97DB1589565B81CB9A17B7244", 106 // cacerts alias: verisignclass3g4ca 107 // DN: CN=VeriSign Class 3 Public Primary Certification Authority - G4, 108 // OU="(c) 2007 VeriSign, Inc. - For authorized use only", 109 // OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US 110 "69DDD7EA90BB57C93E135DC85EA6FCD5480B603239BDC454FC758B2A26CF7F79", 111 // cacerts alias: verisignclass3g5ca 112 // DN: CN=VeriSign Class 3 Public Primary Certification Authority - G5, 113 // OU="(c) 2006 VeriSign, Inc. - For authorized use only", 114 // OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US 115 "9ACFAB7E43C8D880D06B262A94DEEEE4B4659989C3D0CAF19BAF6405E41AB7DF", 116 // cacerts alias: verisignuniversalrootca 117 // DN: CN=VeriSign Universal Root Certification Authority, 118 // OU="(c) 2008 VeriSign, Inc. - For authorized use only", 119 // OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US 120 "2399561127A57125DE8CEFEA610DDF2FA078B5C8067F4E828290BFB860E84B3C" 121 ); 122 123 private static final LocalDate DECEMBER_31_2019 = 124 LocalDate.of(2019, Month.DECEMBER, 31); 125 // SHA-256 certificate fingerprints of subCAs with later distrust dates 126 private static final Map<String, LocalDate> EXEMPT_SUBCAS = Map.of( 127 // Subject DN: C=US, O=Apple Inc., OU=Certification Authority, 128 // CN=Apple IST CA 2 - G1 129 // Issuer DN: CN=GeoTrust Global CA, O=GeoTrust Inc., C=US 130 "AC2B922ECFD5E01711772FEA8ED372DE9D1E2245FCE3F57A9CDBEC77296A424B", 131 DECEMBER_31_2019, 132 // Subject DN: C=US, O=Apple Inc., OU=Certification Authority, 133 // CN=Apple IST CA 8 - G1 134 // Issuer DN: CN=GeoTrust Primary Certification Authority - G2, 135 // OU=(c) 2007 GeoTrust Inc. - For authorized use only, 136 // O=GeoTrust Inc., C=US 137 "A4FE7C7F15155F3F0AEF7AAA83CF6E06DEB97CA3F909DF920AC1490882D488ED", 138 DECEMBER_31_2019 139 ); 140 141 // Any TLS Server certificate that is anchored by one of the Symantec 142 // roots above and is issued after this date will be distrusted. 143 private static final LocalDate APRIL_16_2019 = 144 LocalDate.of(2019, Month.APRIL, 16); 145 146 /** 147 * This method assumes the eeCert is a TLS Server Cert and chains back to 148 * the anchor. 149 * 150 * @param chain the end-entity's certificate chain. The end entity cert 151 * is at index 0, the trust anchor at index n-1. 152 * @throws ValidatorException if the certificate is distrusted 153 */ checkDistrust(X509Certificate[] chain)154 static void checkDistrust(X509Certificate[] chain) 155 throws ValidatorException { 156 X509Certificate anchor = chain[chain.length-1]; 157 if (FINGERPRINTS.contains(fingerprint(anchor))) { 158 Date notBefore = chain[0].getNotBefore(); 159 LocalDate ldNotBefore = LocalDate.ofInstant(notBefore.toInstant(), 160 ZoneOffset.UTC); 161 // check if chain goes through one of the subCAs 162 if (chain.length > 2) { 163 X509Certificate subCA = chain[chain.length-2]; 164 LocalDate distrustDate = EXEMPT_SUBCAS.get(fingerprint(subCA)); 165 if (distrustDate != null) { 166 // reject if certificate is issued after specified date 167 checkNotBefore(ldNotBefore, distrustDate, anchor); 168 return; // success 169 } 170 } 171 // reject if certificate is issued after April 16, 2019 172 checkNotBefore(ldNotBefore, APRIL_16_2019, anchor); 173 } 174 } 175 fingerprint(X509Certificate cert)176 private static String fingerprint(X509Certificate cert) { 177 return (cert instanceof X509CertImpl) 178 ? ((X509CertImpl)cert).getFingerprint("SHA-256") 179 : X509CertImpl.getFingerprint("SHA-256", cert); 180 } 181 checkNotBefore(LocalDate notBeforeDate, LocalDate distrustDate, X509Certificate anchor)182 private static void checkNotBefore(LocalDate notBeforeDate, 183 LocalDate distrustDate, X509Certificate anchor) 184 throws ValidatorException { 185 if (notBeforeDate.isAfter(distrustDate)) { 186 throw new ValidatorException 187 ("TLS Server certificate issued after " + distrustDate + 188 " and anchored by a distrusted legacy Symantec root CA: " 189 + anchor.getSubjectX500Principal(), 190 ValidatorException.T_UNTRUSTED_CERT, anchor); 191 } 192 } 193 SymantecTLSPolicy()194 private SymantecTLSPolicy() {} 195 } 196