Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend certcheck to cope with Android attestation extension #865

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

Extend certcheck to cope with Android attestation extension #865

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
0aa5759
certcheck: read from stdin if -- specified
daviddrysdale Nov 3, 2021
ba17b65
certcheck: parse Android attestation extension
daviddrysdale Nov 3, 2021
92c2bec
x509util: support Ed25519 public keys
daviddrysdale Nov 5, 2021
694a1d4
x509{,util}: support X25519 public key parsing
daviddrysdale Nov 5, 2021
1208747
certcheck: new field in Android attestation ext
daviddrysdale Nov 22, 2022
a92f8c7
certcheck: show Android ID text
daviddrysdale Jun 7, 2023
b556f7a
x509util: calculate subject key ID for comparison
daviddrysdale Aug 8, 2023
62c46d6
x509util: spot Android RKP info
daviddrysdale Aug 15, 2023
ad3a7ee
x509util: parse Android application ID
daviddrysdale Aug 15, 2023
d26443d
certcheck: check self-signature on roots
daviddrysdale Feb 7, 2024
ea16c15
x509util: support VM attestation info
daviddrysdale Mar 26, 2024
ef5db9e
[WIP] x509util: parse inner RKP extension
daviddrysdale Mar 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ require (
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
github.com/form3tech-oss/jwt-go v3.2.5+incompatible // indirect
github.com/fullstorydev/grpcurl v1.8.6
github.com/fxamacker/cbor/v2 v2.6.0 // indirect
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
github.com/golang/mock v1.6.0
github.com/golang/protobuf v1.5.2
Expand Down
4 changes: 4 additions & 0 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,8 @@ github.com/fullstorydev/grpcurl v1.8.1/go.mod h1:3BWhvHZwNO7iLXaQlojdg5NA6SxUDeP
github.com/fullstorydev/grpcurl v1.8.2/go.mod h1:YvWNT3xRp2KIRuvCphFodG0fKkMXwaxA9CJgKCcyzUQ=
github.com/fullstorydev/grpcurl v1.8.6 h1:WylAwnPauJIofYSHqqMTC1eEfUIzqzevXyogBxnQquo=
github.com/fullstorydev/grpcurl v1.8.6/go.mod h1:WhP7fRQdhxz2TkL97u+TCb505sxfH78W1usyoB3tepw=
github.com/fxamacker/cbor/v2 v2.6.0 h1:sU6J2usfADwWlYDAFhZBQ6TnLFBHxgesMrQfQgk1tWA=
github.com/fxamacker/cbor/v2 v2.6.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
github.com/getsentry/raven-go v0.2.0 h1:no+xWJRb5ZI7eE8TWgIq1jLulQiIoLG0IfYxv5JYMGs=
github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
Expand Down Expand Up @@ -761,6 +763,8 @@ github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtX
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli v1.22.7 h1:aXiFAgRugfJ27UFDsGJ9DB2FvTC73hlVXFSqq5bo9eU=
github.com/urfave/cli v1.22.7/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
github.com/xanzy/go-gitlab v0.31.0/go.mod h1:sPLojNBn68fMUWSxIJtdVVIP8uSBYqesTfDUseX11Ug=
github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4=
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=
Expand Down
9 changes: 9 additions & 0 deletions x509/x509.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,8 @@
// - Support for parsing RSASES-OAEP public keys from certificates
// - Ed25519 support:
// - Support for parsing and marshaling Ed25519 keys
// - X25519 support:
// - Support for parsing X25519 keys
// - General improvements:
// - Export and use OID values throughout.
// - Export OIDFromNamedCurve().
Expand Down Expand Up @@ -321,6 +323,7 @@ const (
ECDSA
Ed25519
RSAESOAEP
X25519
)

var publicKeyAlgoName = [...]string{
Expand All @@ -329,6 +332,7 @@ var publicKeyAlgoName = [...]string{
ECDSA: "ECDSA",
Ed25519: "Ed25519",
RSAESOAEP: "RSAESOAEP",
X25519: "X25519",
}

func (algo PublicKeyAlgorithm) String() string {
Expand Down Expand Up @@ -584,6 +588,7 @@ var (
OIDPublicKeyECDSA = asn1.ObjectIdentifier{1, 2, 840, 10045, 2, 1}
OIDPublicKeyRSAObsolete = asn1.ObjectIdentifier{2, 5, 8, 1, 1}
OIDPublicKeyEd25519 = oidSignatureEd25519
OIDPublicKeyX25519 = asn1.ObjectIdentifier{1, 3, 101, 110}
)

func getPublicKeyAlgorithmFromOID(oid asn1.ObjectIdentifier) PublicKeyAlgorithm {
Expand All @@ -598,6 +603,8 @@ func getPublicKeyAlgorithmFromOID(oid asn1.ObjectIdentifier) PublicKeyAlgorithm
return RSAESOAEP
case oid.Equal(OIDPublicKeyEd25519):
return Ed25519
case oid.Equal(OIDPublicKeyX25519):
return X25519
}
return UnknownPublicKeyAlgorithm
}
Expand Down Expand Up @@ -1451,6 +1458,8 @@ func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo, nfe *NonFat
return pub, nil
case Ed25519:
return ed25519.PublicKey(asn1Data), nil
case X25519:
return asn1Data, nil
default:
return nil, nil
}
Expand Down
Loading