|
1
|
|
|
<?php |
|
2
|
|
|
/* |
|
3
|
|
|
* ***************************************************************************** |
|
4
|
|
|
* Contributions to this work were made on behalf of the GÉANT project, a |
|
5
|
|
|
* project that has received funding from the European Union’s Framework |
|
6
|
|
|
* Programme 7 under Grant Agreements No. 238875 (GN3) and No. 605243 (GN3plus), |
|
7
|
|
|
* Horizon 2020 research and innovation programme under Grant Agreements No. |
|
8
|
|
|
* 691567 (GN4-1) and No. 731122 (GN4-2). |
|
9
|
|
|
* On behalf of the aforementioned projects, GEANT Association is the sole owner |
|
10
|
|
|
* of the copyright in all material which was developed by a member of the GÉANT |
|
11
|
|
|
* project. GÉANT Vereniging (Association) is registered with the Chamber of |
|
12
|
|
|
* Commerce in Amsterdam with registration number 40535155 and operates in the |
|
13
|
|
|
* UK as a branch of GÉANT Vereniging. |
|
14
|
|
|
* |
|
15
|
|
|
* Registered office: Hoekenrode 3, 1102BR Amsterdam, The Netherlands. |
|
16
|
|
|
* UK branch address: City House, 126-130 Hills Road, Cambridge CB2 1PQ, UK |
|
17
|
|
|
* |
|
18
|
|
|
* License: see the web/copyright.inc.php file in the file structure or |
|
19
|
|
|
* <base_url>/copyright.php after deploying the software |
|
20
|
|
|
*/ |
|
21
|
|
|
|
|
22
|
|
|
/** |
|
23
|
|
|
* this file is meant to be deployed on the web server that serves OCSP |
|
24
|
|
|
* statements |
|
25
|
|
|
* (a cron-style script fetches the pre-computed OCSP statements from the CAT |
|
26
|
|
|
* database and stores them in the subdir /statements/) |
|
27
|
|
|
* |
|
28
|
|
|
* The job of the PHP script here is to receive OCSP requests via HTTP (both GET |
|
29
|
|
|
* and POST are to be supported), decode them, verify that they are pertinent to |
|
30
|
|
|
* the CA (compare issuer hash), extract the serial number, and return the OCSP |
|
31
|
|
|
* statement for that serial number by fetching it from statements/ |
|
32
|
|
|
*/ |
|
33
|
|
|
/** |
|
34
|
|
|
* The following constants define for which issuer and key hash we respond. You |
|
35
|
|
|
* can find out those values by executing: |
|
36
|
|
|
* |
|
37
|
|
|
* openssl ocsp -issuer cacert.pem -serial 1234 -req_text |
|
38
|
|
|
* |
|
39
|
|
|
* (where serial is arbitrary, and cacert.pem is the CA file of the issuing CA) |
|
40
|
|
|
*/ |
|
41
|
|
|
error_reporting(E_ALL); |
|
42
|
|
|
|
|
43
|
|
|
const OUR_NAME_HASH = "DCEB2C72264239201A4A5DF547C78268A1CB33A2"; |
|
44
|
|
|
const OUR_KEY_HASH = "BC8DDD42F7B3B458E8ECEE403D21D404CEB9F2D0"; |
|
45
|
|
|
|
|
46
|
|
|
/** |
|
47
|
|
|
* We also need to do some string magic for GET requests and need to know how |
|
48
|
|
|
* far down in the URL the OCSP statement starts. |
|
49
|
|
|
* |
|
50
|
|
|
* The following constant tells us the number of slashes before the base64 of |
|
51
|
|
|
* the actual request starts |
|
52
|
|
|
* |
|
53
|
|
|
* [http://hostname]/whatever/index.php/OCSP_REQ_DATA -> three slashes |
|
54
|
|
|
* [http://hostname]/something/else/entirely/ocsp/REQ_DATA -> five slashes |
|
55
|
|
|
*/ |
|
56
|
|
|
const SLASHES_IN_URL_INCL_LEADING = 2; |
|
57
|
|
|
|
|
58
|
|
|
$ocspRequestDer = ""; |
|
59
|
|
|
|
|
60
|
|
|
switch ($_SERVER['REQUEST_METHOD']) { |
|
61
|
|
|
case 'GET': |
|
62
|
|
|
// the GET URL *is* the request. |
|
63
|
|
|
// don't just cut off at last slash; base64 data may have embedded slashes |
|
64
|
|
|
// so remove the leading slash first: |
|
65
|
|
|
$rawStream = filter_input(INPUT_SERVER, $_SERVER['PHP_SELF'], FILTER_SANITIZE_STRING); |
|
66
|
|
|
// and now find and cut at every slash until SLASHES_IN_URL is reached |
|
67
|
|
|
for ($iterator = 0; $iterator < SLASHES_IN_URL_INCL_LEADING; $iterator++) { |
|
68
|
|
|
$nextSlash = strpos($rawStream, '/'); |
|
69
|
|
|
if ($nextSlash === FALSE) { |
|
70
|
|
|
throw new Exception("We were supposed to find and strip a slash in the base URL, but it doesn't exist!"); |
|
71
|
|
|
} |
|
72
|
|
|
$rawStream = substr($rawStream, $nextSlash + 1); |
|
73
|
|
|
} |
|
74
|
|
|
$ocspRequestDer = base64_decode(urldecode($rawStream), TRUE); |
|
75
|
|
|
if ($ocspRequestDer === FALSE) { |
|
76
|
|
|
throw new Exception("The input data was not cleanly base64-encoded data!"); |
|
77
|
|
|
} |
|
78
|
|
|
break; |
|
79
|
|
|
case 'POST': |
|
80
|
|
|
if ($_SERVER['CONTENT_TYPE'] != 'application/ocsp-request') { |
|
81
|
|
|
throw new Exception("For request method POST, the Content-Type must be application/ocsp-request."); |
|
82
|
|
|
} |
|
83
|
|
|
$ocspRequestDer = file_get_contents("php://input"); |
|
84
|
|
|
break; |
|
85
|
|
|
default: |
|
86
|
|
|
throw new Exception("Request method is not suitable for OCSP, see RFC6960 Appendix A."); |
|
87
|
|
|
} |
|
88
|
|
|
|
|
89
|
|
|
/* here it is. Now we need to get issuer hash, key hash and requested serial out of it. |
|
90
|
|
|
* PHP's openssl extension does not seem to help with that. Good old cmdline to |
|
91
|
|
|
* the rescue. |
|
92
|
|
|
*/ |
|
93
|
|
|
$output = []; |
|
94
|
|
|
$retval = 999; |
|
95
|
|
|
$derFilePath = tempnam(realpath(sys_get_temp_dir()), "ocsp_"); |
|
96
|
|
|
file_put_contents($derFilePath, $ocspRequestDer); |
|
97
|
|
|
exec("openssl ocsp -reqin $derFilePath -req_text", $output, $retval); |
|
98
|
|
|
|
|
99
|
|
|
if ($retval !== 0) { |
|
100
|
|
|
throw new Exception("openssl ocsp returned a non-zero return code. The DER data is probably bogus. B64 representation of DER data is: " . base64_encode($ocspRequestDer)); |
|
101
|
|
|
} |
|
102
|
|
|
if ($output === NULL) { // this can't really happen, but makes Scrutinizer happier |
|
103
|
|
|
$output = []; |
|
104
|
|
|
} |
|
105
|
|
|
|
|
106
|
|
|
$nameHash = ""; |
|
107
|
|
|
$keyHash = ""; |
|
108
|
|
|
$serialHex = ""; |
|
109
|
|
|
foreach ($output as $oneLine) { |
|
110
|
|
|
$matchBuffer = []; |
|
111
|
|
|
if (preg_match('/Issuer Name Hash: (.*)$/', $oneLine, $matchBuffer)) { |
|
112
|
|
|
$nameHash = $matchBuffer[1]; |
|
113
|
|
|
} |
|
114
|
|
|
if (preg_match('/Issuer Key Hash: (.*)$/', $oneLine, $matchBuffer)) { |
|
115
|
|
|
$keyHash = $matchBuffer[1]; |
|
116
|
|
|
} |
|
117
|
|
|
if (preg_match('/Serial Number: (.*)$/', $oneLine, $matchBuffer)) { |
|
118
|
|
|
$serialHex = $matchBuffer[1]; |
|
119
|
|
|
} |
|
120
|
|
|
} |
|
121
|
|
|
if (strlen($serialHex) == 0 || strlen($keyHash) == 0 || strlen($serialHex) == 0) { |
|
122
|
|
|
throw new Exception("Unable to extract all of issuer hash, key hash, serial number from the request."); |
|
123
|
|
|
} |
|
124
|
|
|
/* |
|
125
|
|
|
* We respond only if this is about our own CA of course. Once that is checked, |
|
126
|
|
|
* get the canned response for the requested serial from filesystem and send it |
|
127
|
|
|
* back (if we have it). |
|
128
|
|
|
*/ |
|
129
|
|
|
if (strcasecmp($nameHash, OUR_NAME_HASH) != 0 || strcasecmp($keyHash, OUR_KEY_HASH) != 0) { |
|
130
|
|
|
throw new Exception("The request is about a different Issuer name / public key. Expected vs. actual name hash: " . OUR_NAME_HASH . " / $nameHash, " . OUR_KEY_HASH . " / $keyHash"); |
|
131
|
|
|
} |
|
132
|
|
|
error_log("base64-encoded request: " . base64_encode($ocspRequestDer)); |
|
133
|
|
|
|
|
134
|
|
|
$response = fopen(__DIR__ . "/statements/" . $serialHex . ".der", "r"); |
|
135
|
|
|
if ($response === FALSE) { // not found |
|
136
|
|
|
// first lets load the unauthorised response, which is the default reply |
|
137
|
|
|
$unauthResponse = fopen(__DIR__ . "/statements/UNAUTHORIZED.der", "r"); |
|
138
|
|
|
if ($unauthResponse === FALSE) { |
|
139
|
|
|
throw new Exception("Unable to open our canned UNAUTHORIZED response!"); |
|
140
|
|
|
} |
|
141
|
|
|
// this might be a very young certificate, just issued, OCSP statement is |
|
142
|
|
|
// not on the server yet. Apply some amount of grace for a while... |
|
143
|
|
|
$graceRaw = file_get_contents("gracelist.serialised"); |
|
144
|
|
|
if ($graceRaw !== FALSE) { |
|
145
|
|
|
$grace = unserialize($graceRaw); |
|
146
|
|
|
if (array_key_exists($serialHex, $grace)) { |
|
147
|
|
|
// we applied grace earlier. Check if we are still in the window. |
|
148
|
|
|
$now = new DateTime(); |
|
149
|
|
|
$first = $grace[$serialHex]; // this is a DateTime object |
|
150
|
|
|
$diff = $now->diff($first); |
|
151
|
|
|
if ($diff->y == 0 && $diff->m == 0 && $diff->d == 0 && $diff->h == 0) { |
|
152
|
|
|
// this certificate gets a small dose of amazing grace. |
|
153
|
|
|
error_log("Not sending any reply for serial $serialHex because we've applied grace (subsequently)."); |
|
154
|
|
|
exit(1); |
|
155
|
|
|
} else { |
|
156
|
|
|
$response = $unauthResponse; |
|
157
|
|
|
} |
|
158
|
|
|
} else { |
|
159
|
|
|
// this certificate gets a small dose of amazing grace. Do not reply |
|
160
|
|
|
// but remember when this happened. |
|
161
|
|
|
$grace[$serialHex] = new DateTime(); |
|
162
|
|
|
file_put_contents("gracelist.serialised", serialize($grace)); |
|
163
|
|
|
error_log("Not sending any reply for serial $serialHex because we've applied grace (first time)."); |
|
164
|
|
|
exit(1); |
|
165
|
|
|
} |
|
166
|
|
|
} |
|
167
|
|
|
// if we are outside the grace window, send back a negative reply |
|
168
|
|
|
$response = $unauthResponse; |
|
169
|
|
|
error_log("Serving OCSP response for serial number $serialHex! (we ran out of grace)"); |
|
170
|
|
|
} else { |
|
171
|
|
|
error_log("Serving OCSP response for serial number $serialHex!"); |
|
172
|
|
|
} |
|
173
|
|
|
/* |
|
174
|
|
|
* Finally! Send stuff back. |
|
175
|
|
|
*/ |
|
176
|
|
|
|
|
177
|
|
|
$responseContent = fread($response, 1000000); |
|
178
|
|
|
fclose($response); |
|
179
|
|
|
error_log("base64-encoded response: " . base64_encode($responseContent)); |
|
180
|
|
|
header('Content-Type: application/ocsp-response'); |
|
181
|
|
|
header('Content-Length: ' . strlen($responseContent)); |
|
182
|
|
|
echo $responseContent; |
|
183
|
|
|
|
GEANT /
CAT
