ansaurus

Question

How can I verify that a certificate is an EV certificate with Java?

Answer 1

+2 A:

erickson 2009-11-07 22:55:43

There's no library for this!?

jrockway 2009-11-07 22:59:20

Not that I know of. It's not a very common requirement; EV certificates are most useful in browsers, and there aren't many of those.

erickson 2009-11-08 00:38:53

I don't get that `CertPathValidator` to work. My code is above. Please help me how to initialize it so that it works and does not throw exceptions...

mihi 2009-11-09 13:24:11

Although I did not get it to work; I'm just accepting your answer since it was the most useful one :)

mihi 2009-11-11 18:34:52

Your example works fine for me for www.paypal.com, but not for banking.dkb.de :( I guess something is wrong in my JDK/security settings/cacert file... I just give up now, thank you very much for your help :-)

mihi 2009-11-14 18:56:38

Hey, I got it to work! After a lot of googling I found how to pass a certificate array to my own CertPathBuilder and validating the built cert path works now! See my own answer for code. Thank you very much for your help. :-) :-) :-)

mihi 2009-11-15 20:29:55

Answer 2

+1 A:

EDIT: Posted addtional code.

If you use Sun's X509 implementation, you can do something like this,

  CertificatePoliciesExtension ext = ((X509CertImpl)cert).getCertificatePoliciesExtension();
  List<PolicyInformation> policies = (List<PolicyInformation>)ext.get(CertificatePoliciesExtension.POLICIES);
  boolean evCert = false;
  for (PolicyInformation info : policies) {
      CertificatePolicyId id = info.getPolicyIdentifier();
      if (isEVPolicy(id)) {
         evCert = true;
         break;              
      }             
  }

  ......

  public static ObjectIdentifier[] EV_POLICIES;

  static {
      try {
          EV_POLICIES = new ObjectIdentifier[] {
       new ObjectIdentifier("2.16.840.1.113733.1.7.23.6"), // Verisign
       new ObjectIdentifier("1.3.6.1.4.1.14370.1.6"), // Geo-Trust of Verisign
       new ObjectIdentifier("2.16.840.1.113733.1.7.48.1") // Thawte
          };
      } catch (IOException e) {
  throw new IllegalStateException("Invalid OIDs");
      }
  }

  private boolean isEVPolicy(CertificatePolicyId id) {
 for (ObjectIdentifier oid : EV_POLICIES) {
  if (oid.equals((Object)id.getIdentifier())) 
   return true;
 }
 return false;
 }

We only allow EV cert from 3 CAs. You can add more EV OIDs in that array. You can get a full list of the OIDs from

http://hg.mozilla.org/mozilla-central/file/05ab1cbc361f/security/manager/ssl/src/nsIdentityChecking.cpp

ZZ Coder 2009-11-07 23:58:52

No you can't. This will give you all policy extensions and not just the ones indicating that the certificate fulfills the "extended validation" requirements.

jarnbjo 2009-11-08 00:46:25

This is just part of the code that checks for EV. However, this is enough if you just want to know if the cert has EV. Cert Policies Extension is added for EV cert and no CA uses for other purposes so far. Show me a real cert with other policies.

ZZ Coder 2009-11-08 00:51:38

My bank is e.g. using a regular class 3 Verisign certificate with policy 2.16.840.1.113733.1.7.23.3 (non-EV).

jarnbjo 2009-11-08 01:02:00

Can you tell me the name of the bank so I can check it out? I was told this extension is exclusively used for EV. In any case, I posted more code which includes the part to check for policies.

ZZ Coder 2009-11-08 03:00:09

Policies are commonly used for other purposes besides EV. For example, many CAs use policies to indicate whether the private key resides on a hardware token (higher security) or is a lower-grade software key pair.

erickson 2009-11-08 04:50:11

Also, your code is helpful, but its still not complete. For example, you need to make sure the policy is valid, given the policies higher up the cert path. Also, at a minimum, make sure that the policy ID matches the issuer.

erickson 2009-11-08 04:52:00

The process to validate EV cert is indeed complex. Unfortunately, I can't post the whole class (800 lines long). We copied our logic from Firefox. Please refer to the C++ code mentioned in my answer for complete logic.

ZZ Coder 2009-11-08 06:47:03

Answer 3

A:

I finally got it to work... A running minimal example that shows all the logic and checks is below. And yes, it works for banking.dkb.de :-)

Thanks to all of you who helped me. Any comments about blatant security holes or anything else (except the code style or missing error handling; I tried hard to condense my code to the absolute minimum of runnable code) are welcome, so feel free to comment :)

import java.io.*;
import java.security.*;
import java.security.cert.*;
import java.util.*;

import javax.net.ssl.*;
import javax.security.auth.x500.X500Principal;

public class CertChecker implements X509TrustManager {

    private final X509TrustManager defaultTM;

    public CertChecker() throws GeneralSecurityException {
        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        tmf.init((KeyStore)null);
        defaultTM = (X509TrustManager) tmf.getTrustManagers()[0];
    }

    public void checkServerTrusted(X509Certificate[] certs, String authType) {
        if (defaultTM != null) {
            try {
                defaultTM.checkServerTrusted(certs, authType);
                if (isEVCertificate(certs))
                    System.out.println("EV Certificate: "+ certs[0].getSubjectX500Principal().getName() + " issued by " + certs[0].getIssuerX500Principal().getName());                    
                System.out.println("Certificate valid");
            } catch (CertificateException ex) {
                System.out.println("Certificate invalid: " + ex.getMessage());
            }
        }
    }

    private boolean isEVCertificate(X509Certificate[] certs) {
        try {
            // load keystore with trusted CA certificates
            KeyStore cacerts = KeyStore.getInstance("JKS");
            cacerts.load(new FileInputStream(new File(System.getProperty("java.home"), "lib/security/cacerts")), null);

            // build a cert selector that selects the first certificate of the certificate chain
            // TODO we should verify this against the hostname...
            X509CertSelector targetConstraints = new X509CertSelector();
            targetConstraints.setSubject(certs[0].getSubjectX500Principal());

            // build a cert path from our selected cert to a CA cert
            PKIXBuilderParameters params = new PKIXBuilderParameters(cacerts, targetConstraints);        
            params.addCertStore(CertStore.getInstance("Collection", new CollectionCertStoreParameters(Arrays.asList(certs))));
            params.setRevocationEnabled(false);
            CertPath cp = CertPathBuilder.getInstance("PKIX").build(params).getCertPath();

            // validate the cert path
            PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult) CertPathValidator.getInstance("PKIX").validate(cp, params);
            return isEV(result);
        } catch (Exception ex) {
            ex.printStackTrace();
            return false;
        }
    }

    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {}
    public X509Certificate[] getAcceptedIssuers() { return null;}

    public static void main(String[] args) throws Exception {
        SSLContext sc = SSLContext.getInstance("SSL");
        sc.init(null, new TrustManager[] {new CertChecker()}, new SecureRandom());
        SSLSocketFactory ssf = (SSLSocketFactory) sc.getSocketFactory();
        ((SSLSocket)ssf.createSocket(args[0], 443)).startHandshake();
    }

    private static final Map<X500Principal, String> policies = new HashMap<X500Principal, String>();

    static {
        // It would make sense to populate this map from Properties loaded through 
        // Class.getResourceAsStream().
        policies.put(
                new X500Principal("OU=Class 3 Public Primary Certification Authority,O=VeriSign\\, Inc.,C=US"), 
                "2.16.840.1.113733.1.7.23.6"
        );
        // TODO add more certificates here
    }

    // based on http://stackoverflow.com/questions/1694466/1694720#1694720
    static boolean isEV(PKIXCertPathValidatorResult result)
    {
        // Determine the policy to look for.
        X500Principal root = result.getTrustAnchor().getTrustedCert().getSubjectX500Principal();
        System.out.println("[Debug] Found root DN: "+root.getName());
        String policy = policies.get(root);
        if (policy != null)
            System.out.println("[Debug] EV Policy should be: "+policy);

        // Traverse the tree, looking at its "leaves" to see if the end-entity 
        // certificate was issued under the corresponding EV policy.
        PolicyNode tree = result.getPolicyTree();
        if (tree == null)
            return false;
        Deque<PolicyNode> stack = new ArrayDeque<PolicyNode>();
        stack.push(tree);
        while (!stack.isEmpty()) {
            PolicyNode current = stack.pop();
            Iterator<? extends PolicyNode> children = current.getChildren();
            int leaf = stack.size();
            while (children.hasNext())
                stack.push(children.next());
            if (stack.size() == leaf) {
                System.out.println("[Debug] Found policy: " + current.getValidPolicy());
                // If the stack didn't grow, there were no "children". I.e., the 
                // current node is a "leaf" node of the policy tree.
                if (current.getValidPolicy().equals(policy))
                    return true;
            }
        }
        // The certificate wasn't issued under the authority's EV policy.
        return false;
    }
}

mihi 2009-11-15 20:27:13

ansaurus

tags:

views:

answers:

How can I verify that a certificate is an EV certificate with Java?

related questions